Commit Graph

327 Commits

Author SHA1 Message Date
Nikhil V c9198633ac ANDROID: gunyah: Fix the issue with gunyah_cma_release
Currently, gunyah_cma_release() unconditionally releases the entire
CMA memory region of the VM, regardless of how much was actually mapped.
This can lead to issues if AVF clients lauches VM wherein the memory
mapped is less than the size of the VM's CMA region(max size).

To address this:
- A new mapped_size field is added to struct gunyah_cma to track the
actual size mapped.
- gunyah_cma_alloc() sets this field and logs a debug message if the
mapped size is less than the max size.
- gunyah_cma_release() now uses mapped_size to determine how much memory
to release.

Bug: 440480668
Change-Id: I6408c91eedb4cfe911a52c8a8a8734892e49e209
Signed-off-by: Nikhil V <nikhil.v@oss.qualcomm.com>
2025-08-22 16:56:31 -07:00
Prakruthi Deepak Heragu c46482c03a ANDROID: gunyah: Check for the validity of the file
Check if the file pointer of the guest_mem_fd is valid or not.
Otherwise, there can be a NULL pointer dereference.

Bug: 436896297
Change-Id: Ib2590ba6326cb3b263bc92211b677f4306708d45
Signed-off-by: Prakruthi Deepak Heragu <prakruthi.heragu@oss.qualcomm.com>
2025-08-10 18:18:01 -07:00
Mukesh Pilaniya e5a17398e4 ANDROID: gunyah: Fix use-after-free in gunyah_vm_clean_resources()
The gunyah_vm_clean_resources() function was freeing resources without
removing them from the ghvm->resources list, leaving dangling pointers
that could lead to use-after-free.

Fix this by removing each resource from the list before freeing it to
ensure lists are empty after cleanup.

Bug: 436769530
Change-Id: I16bb2a73dae66cdef9e62f65b93d1487e32a92ce
Signed-off-by: Mukesh Pilaniya <quic_mpilaniy@quicinc.com>
2025-08-07 03:38:52 -07:00
Greg Kroah-Hartman 21fbbe6cf8 Merge tag 'android16-6.12.38_r00' into android16-6.12
This merges the android16-6.12.38_r00 tag into the android16-6.12 branch,
catching it up with the latest LTS releases.

It contains the following commits:

*   842eca537f Merge 6.12.38 into android16-6.12-lts
|\
| * 259f497740 Linux 6.12.38
| * faac2abe89 x86/CPU/AMD: Properly check the TSA microcode
* | 5a080cbd01 Merge android16-6.12 into android16-6.12-lts
* | 8776085e78 ANDROID: GKI: add fput() to db854c symbol list
* | 9647bfd68f Revert "bpf: use common instruction history across all states"
* | 2e1a9faec5 Revert "bpf: Do not include stack ptr register in precision backtracking bookkeeping"
* | e9c183823c Revert "sched/fair: Rename h_nr_running into h_nr_queued"
* | 05101597e0 Revert "sched/fair: Add new cfs_rq.h_nr_runnable"
* | 797d4c3533 Revert "sched/fair: Fixup wake_up_sync() vs DELAYED_DEQUEUE"
* | 50d296188b Revert "usb: acpi: fix device link removal"
* | 9222a6a6c0 Merge 6.12.37 into android16-6.12-lts
|\|
| * fbad404f04 Linux 6.12.37
| * 0029b3c132 x86/process: Move the buffer clearing before MONITOR
| * 331cfdd274 x86/microcode/AMD: Add TSA microcode SHAs
| * d5d66e31fd KVM: SVM: Advertise TSA CPUID bits to guests
| * 7a0395f660 x86/bugs: Add a Transient Scheduler Attacks mitigation
| * 0720e436e5 x86/bugs: Rename MDS machinery to something more generic
| * 4c443046d8 mm: userfaultfd: fix race of userfaultfd_move and swap cache
| * ead91de35d mm/vmalloc: fix data race in show_numa_info()
| * 679bf9a0cc powerpc/kernel: Fix ppc_save_regs inclusion in build
| * c782f98eef usb: typec: displayport: Fix potential deadlock
| * f65ad436e4 platform/x86: think-lmi: Fix sysfs group cleanup
| * 5805edbea5 platform/x86: think-lmi: Fix kobject cleanup
| * b11397bf9a platform/x86: think-lmi: Create ksets consecutively
| * f5fe094f35 riscv: cpu_ops_sbi: Use static array for boot_data
| * d8ca2036f3 powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed
| * 53892dc686 iommu/rockchip: prevent iommus dead loop when two masters share one IOMMU
| * 5f28563f0c optee: ffa: fix sleep in atomic context
| * ccdc472b4d Logitech C-270 even more broken
| * 4c37963d67 i2c/designware: Fix an initialization issue
| * c745744a82 dma-buf: fix timeout handling in dma_resv_wait_timeout v2
| * 631f9de9a7 cifs: all initializations for tcon should happen in tcon_info_alloc
| * 7b02e09fc0 smb: client: fix readdir returning wrong type with POSIX extensions
| * 7cb8750160 usb: acpi: fix device link removal
| * c68a27bbeb usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume
| * 3b1407caac usb: dwc3: Abort suspend on soft disconnect failure
| * 27199ab790 usb: cdnsp: Fix issue with CV Bad Descriptor test
| * b68e355a61 usb: cdnsp: do not disable slot for disabled slot
| * 46f7589281 Input: iqs7222 - explicitly define number of external channels
| * dbdd2a2320 Input: xpad - support Acer NGR 200 Controller
| * 195597e0be xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS
| * 8bfd11dae3 xhci: dbc: Flush queued requests before stopping dbc
| * 9f3b2e497d xhci: dbctty: disable ECHO flag by default
| * fbebc2254a usb: xhci: quirk for data loss in ISOC transfers
| * 9f75893189 Revert "usb: xhci: Implement xhci_handshake_check_state() helper"
| * 8caccd2eac usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed
| * 1a81dfc9d1 NFSv4/flexfiles: Fix handling of NFS level errors in I/O
| * 5e110e8679 drm/xe: Allow dropping kunit dependency as built-in
| * 994b0bc2a0 drm/xe/bmg: Update Wa_22019338487
| * beb89ada57 IB/mlx5: Fix potential deadlock in MR deregistration
| * f658855702 RDMA/mlx5: Fix cache entry update on dereg error
| * f94c422157 fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass
| * cdd9862252 module: Provide EXPORT_SYMBOL_GPL_FOR_MODULES() helper
| * e036efbe58 add a string-to-qstr constructor
| * 42c5a4b47d rcu: Return early if callback is not specified
| * c40b207caf mtd: spinand: fix memory leak of ECC engine conf
| * 18ff4ed6a3 ACPICA: Refuse to evaluate a method if arguments are missing
| * 327997afbb wifi: ath6kl: remove WARN on bad firmware input
| * 1b10265639 wifi: mac80211: drop invalid source address OCB frames
| * 3e554f1153 aoe: defer rexmit timer downdev work to workqueue
| * 7296c938df scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()
| * 3d546c8b10 regulator: fan53555: add enable_time support and soft-start times
| * 2ec1cc322a ASoC: amd: yc: update quirk data for HP Victus
| * 39e36a744e powerpc: Fix struct termio related ioctl macros
| * 19bd759785 genirq/irq_sim: Initialize work context pointers properly
| * c584b9b62c platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list
| * f8155ee19d ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic
| * c24c06bd14 ata: pata_cs5536: fix build on 32-bit UML
| * 3ce57d493d ata: libata-acpi: Do not assume 40 wire cable if no devices are enabled
| * f42b8e5753 ALSA: sb: Force to disable DMAs once when DMA mode is changed
| * c5e0af68c8 ALSA: sb: Don't allow changing the DMA mode during operations
| * 3f6ce8433a drm/msm: Fix another leak in the submit error path
| * 0eaa495b3d drm/msm: Fix a fence leak in submit error path
| * c0527f7534 scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag
| * 790ce73721 sched_ext: Make scx_group_set_weight() always update tg->scx.weight
| * 7ccaa5fa5d drm/amdgpu/mes: add missing locking in helper functions
| * 238a218d42 arm64: dts: qcom: x1e80100-crd: mark l12b and l15b always-on
| * 6464427589 drm/amd/display: Add more checks for DSC / HUBP ONO guarantees
| * 81ebb8d755 drm/amdgpu: add kicker fws loading for gfx11/smu13/psp13
| * 710deaff6a drm/i915/dp_mst: Work around Thunderbolt sink disconnect after SINK_COUNT_ESI read
| * b47a1f9323 drm/amdgpu: VCN v5_0_1 to prevent FW checking RB during DPG pause
| * 4f77d8f8a9 drm/simpledrm: Do not upcast in release helpers
| * acf9ab15ec selinux: change security_compute_sid to return the ssid or tsid on match
| * 6d0b588614 drm/xe/guc: Explicitly exit CT safe mode on unwind
| * ff6482fb45 drm/xe/guc: Dead CT helper
| * e595433c63 drm/xe: Replace double space with single space after comma
| * 0dadcd17e2 drm/xe: move DPT l2 flush to a more sensible place
| * 1883a83695 drm/xe: Allow bo mapping on multiple ggtts
| * ce1ef3b64e drm/xe: add interface to request physical alignment for buffer objects
| * 98e5c71e7e drm/xe: Move DSB l2 flush to a more sensible place
| * e5f01b2b67 drm/xe: Fix DSB buffer coherency
| * 61628111e7 mfd: exynos-lpass: Fix another error handling path in exynos_lpass_probe()
| * e0fefe9bc0 netfs: Fix oops in write-retry from mis-resetting the subreq iterator
| * c2a952fb41 remoteproc: k3-r5: Refactor sequential core power up/down operations
| * b14a64c1a9 remoteproc: k3-r5: Use devm_rproc_add() helper
| * 0ea3572c15 remoteproc: k3-r5: Use devm_ioremap_wc() helper
| * e392148f7f remoteproc: k3-r5: Use devm_kcalloc() helper
| * f802fb717d remoteproc: k3-r5: Add devm action to release reserved memory
| * 5eec92eb4f remoteproc: k3: Call of_node_put(rmem_np) only once in three functions
| * 5b6eb04c05 ubsan: integer-overflow: depend on BROKEN to keep this out of CI
| * f3a472b914 arm64: dts: qcom: sm8650: add the missing l2 cache node
| * 5a867d09f5 arm64: dts: renesas: white-hawk-single: Improve Ethernet TSN description
| * 7f0e933241 arm64: dts: renesas: Factor out White Hawk Single board support
| * b9baad894b arm64: dts: renesas: Use interrupts-extended for Ethernet PHYs
| * d8b92a122a arm64: dts: qcom: sm8650: Fix domain-idle-state for CPU2
| * 67b3bb57fa arm64: dts: qcom: sm8650: change labels to lower-case
| * 4265682c29 bpf: Do not include stack ptr register in precision backtracking bookkeeping
| * c5474a7b04 bpf: use common instruction history across all states
| * be1e0287ac hisi_acc_vfio_pci: bugfix the problem of uninstalling driver
| * bac4641756 hisi_acc_vfio_pci: bugfix cache write-back issue
| * ea405fb414 scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk
| * 6857cbf0e4 scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask
| * ae082dbcef scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure
| * 8912b139a8 f2fs: zone: fix to calculate first_zoned_segno correctly
| * ffbbe11577 f2fs: zone: introduce first_zoned_segno in f2fs_sb_info
| * 5833026221 f2fs: decrease spare area for pinned files for zoned devices
| * 81fdecac3f iommu: ipmmu-vmsa: avoid Wformat-security warning
| * 7d151bf9bd RDMA/rxe: Fix "trying to register non-static key in rxe_qp_do_cleanup" bug
| * 7e48e3ddf9 wifi: ath12k: fix wrong handling of CCMP256 and GCMP ciphers
| * 3fffbb8d33 wifi: ath12k: Handle error cases during extended skb allocation
| * 316060297e wifi: ath12k: fix skb_ext_desc leak in ath12k_dp_tx() error path
| * b77a5ecb3d bonding: Mark active offloaded xfrm_states
| * b24c3c5b42 ACPI: thermal: Execute _SCP before reading trip points
| * 0c44a40958 ACPI: thermal: Fix stale comment regarding trip points
| * da45b381aa ASoC: tas2764: Reinit cache on part reset
| * d1f8358c5d ASoC: tas2764: Extend driver to SN012776
| * 9468bcd92d gfs2: Don't start unnecessary transactions during log flush
| * 519aed5bda gfs2: Move gfs2_trans_add_databufs
| * a2562bdd35 sched/fair: Fixup wake_up_sync() vs DELAYED_DEQUEUE
| * 3edcabcfc2 sched/fair: Add new cfs_rq.h_nr_runnable
| * 0cc4721a71 sched/fair: Rename h_nr_running into h_nr_queued
| * 2dc82f0d78 btrfs: fix wrong start offset for delalloc space release during mmap write
| * 5ff2ed0f0a btrfs: prepare btrfs_page_mkwrite() for large folios
| * cde7f94078 gfs2: deallocate inodes in gfs2_create_inode
| * 8e753fc3d5 gfs2: Move GIF_ALLOC_FAILED check out of gfs2_ea_dealloc
| * 24ae2de15b gfs2: Move gfs2_dinode_dealloc
| * 4f66983aeb gfs2: Replace GIF_DEFER_DELETE with GLF_DEFER_DELETE
| * 7df46e6f88 gfs2: Add GLF_PENDING_REPLY flag
| * fbb2d296d4 gfs2: Decode missing glock flags in tracepoints
| * 9649fec0f9 gfs2: Prevent inode creation race
| * af2ce45c28 gfs2: Rename dinode_demise to evict_behavior
| * 862ca0b49f gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE
| * 170af4314e gfs2: Initialize gl_no_formal_ino earlier
| * 33b65fcec7 kunit: qemu_configs: Disable faulting tests on 32-bit SPARC
| * b70cda9156 kunit: qemu_configs: sparc: Explicitly enable CONFIG_SPARC32=y
| * a55f301e60 kunit: qemu_configs: sparc: use Zilog console
| * 8a039506c0 crypto: zynqmp-sha - Add locking
| * d78f79a2c1 spinlock: extend guard with spinlock_bh variants
| * 9a0b8ef2a9 crypto: iaa - Do not clobber req->base.data
| * e23ac00266 crypto: iaa - Remove dst_null support
| * 3f4adfc587 arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma
| * 2ba9db22d7 smb: client: fix race condition in negotiate timeout by using more precise timing
| * 4db893a9bf amd-xgbe: do not double read link status
| * a553afd91f net/sched: Always pass notifications when child class becomes empty
| * 56aebaaa3a nui: Fix dma_mapping_error() check
| * 446ac00b86 rose: fix dangling neighbour pointers in rose_rt_device_down()
| * 16858ab7fd enic: fix incorrect MTU comparison in enic_change_mtu()
| * 6074bff08a amd-xgbe: align CL37 AN sequence as per databook
| * f358d949ce lib: test_objagg: Set error message in check_expect_hints_stats()
| * 50c86c0945 netfs: Fix i_size updating
| * 9b55b7bdb0 smb: client: set missing retry flag in cifs_writev_callback()
| * 590eb25749 smb: client: set missing retry flag in cifs_readv_callback()
| * cd8c8c20de smb: client: set missing retry flag in smb2_writev_callback()
| * 3eb39038dc igc: disable L1.2 PCI-E link substate to avoid performance issue
| * 9a36715cd6 idpf: convert control queue mutex to a spinlock
| * 018ff57fd7 idpf: return 0 size for RSS key if not supported
| * 6a17e0d27f drm/i915/gsc: mei interrupt top half should be in irq disabled context
| * 5a7ae7bebd drm/i915/gt: Fix timeline left held on VMA alloc error
| * 510a6095d7 net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect
| * 3f6932ef25 smb: client: fix warning when reconnecting channel
| * 6a5348dbd7 drm/bridge: aux-hpd-bridge: fix assignment of the of_node
| * 800a6bde38 platform/mellanox: mlxreg-lc: Fix logic error in power state check
| * 206e2dca0e platform/x86: dell-wmi-sysman: Fix class device unregistration
| * 8d6b2f704f platform/x86: dell-sysman: Directly use firmware_attributes_class
| * 48edcece52 platform/x86: think-lmi: Fix class device unregistration
| * 1cef9e9e00 platform/x86: think-lmi: Directly use firmware_attributes_class
| * b36faa8328 platform/x86: firmware_attributes_class: Simplify API
| * b5c180ec1f platform/x86: firmware_attributes_class: Move include linux/device/class.h
| * 1958bccfa4 platform/x86: hp-bioscfg: Fix class device unregistration
| * 0386a68f95 platform/x86: hp-bioscfg: Directly use firmware_attributes_class
| * 5df3b870bc platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks
| * 431e58d56f nvmet: fix memory leak of bio integrity
| * f0fee863a7 nvme: Fix incorrect cdw15 value in passthru error logging
| * 9d4064787d drm/i915/selftests: Change mock_request() to return error pointers
| * 3832ddc2fa spi: spi-fsl-dspi: Clear completion counter before initiating transfer
| * 0a38b18368 drm/exynos: fimd: Guard display clock control with runtime PM calls
| * dbd187e8c1 dpaa2-eth: fix xdp_rxq_info leak
| * 91a6b86d58 ethernet: atl1: Add missing DMA mapping error checks and count errors
| * 735ac80fa9 btrfs: use btrfs_record_snapshot_destroy() during rmdir
| * bfd5c9e83d btrfs: propagate last_unlink_trans earlier when doing a rmdir
| * 1728fef7ca btrfs: record new subvolume in parent dir earlier to avoid dir logging races
| * d6d8060046 btrfs: fix inode lookup error handling during log replay
| * 401d098f92 btrfs: fix invalid inode pointer dereferences during log replay
| * 0502d11274 btrfs: return a btrfs_inode from read_one_inode()
| * 56e9882ba2 btrfs: return a btrfs_inode from btrfs_iget_logging()
| * 7ac790dc2b btrfs: fix iteration of extrefs during log replay
| * e4c3176ace btrfs: fix missing error handling when searching for inode refs during log replay
| * 381c1c1219 Bluetooth: Prevent unintended pause by checking if advertising is active
| * b611a5bf44 platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message
| * 4bbdb8dd35 platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1
| * bd69049f98 RDMA/mlx5: Fix vport loopback for MPV device
| * 3d8d401d33 RDMA/mlx5: Fix CC counters query for MPV
| * a33a0c15b7 RDMA/mlx5: Fix HW counters query for non-representor devices
| * e4ff9dedeb scsi: ufs: core: Fix spelling of a sysfs attribute name
| * b1abc5ab47 scsi: sd: Fix VPD page 0xb7 length check
| * 218ae6bfe2 scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu()
| * 350dae778b scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database()
| * 864a54c124 NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN
| * 3c94212b57 nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.
| * 93fccfa71c RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert
| * 9d2ef890e4 RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling
| * f5fe78cfcb platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment
| * 896e0d9337 arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename
| * 31405510a4 firmware: arm_ffa: Replace mutex with rwlock to avoid sleep in atomic context
| * 2c07fd0ead firmware: arm_ffa: Move memory allocation outside the mutex locking
| * 076fa20b4f firmware: arm_ffa: Fix memory leak by freeing notifier callback node
| * 9ff95ed037 drm/v3d: Disable interrupts before resetting the GPU
| * ca40e57b22 mtk-sd: reset host->mrq on prepare_data() error
| * 3419bc6a7b mtk-sd: Prevent memory corruption from DMA map failure
| * cfbdcabab2 mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data
| * 5581e694d3 usb: typec: altmodes/displayport: do not index invalid pin_assignments
| * ea20568895 Input: cs40l50-vibra - fix potential NULL dereference in cs40l50_upload_owt()
| * e4d19e5d71 regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods
| * dae12bc688 iommufd/selftest: Fix iommufd_dirty_tracking with large hugepage sizes
| * a99f80c88a Bluetooth: MGMT: mesh_send: check instances prior disabling advertising
| * 44bb1e13b4 Bluetooth: MGMT: set_mesh: update LE scan interval and window
| * 3672fe9d1e Bluetooth: hci_sync: revert some mesh modifications
| * 0698a2eb7d Bluetooth: HCI: Set extended advertising data synchronously
| * 50345c9369 mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier
| * ec9be081c5 Revert "mmc: sdhci: Disable SD card clock before changing parameters"
| * cf7235914d mmc: sdhci: Add a helper function for dump register in dynamic debug mode
| * 9546118ba7 net: libwx: fix the incorrect display of the queue number
| * 75705b44e0 vsock/vmci: Clear the vmci transport packet properly when initializing it
| * e036b72d6a net: txgbe: request MISC IRQ in ndo_open
| * a54280b0eb s390/pci: Do not try re-enabling load/store if device is disabled
| * 2640c230aa s390/pci: Fix stale function handles in error handling
| * bc68bc3563 virtio-net: ensure the received length does not exceed allocated size
| * 892f6ed9a4 virtio-net: xsk: rx: fix the frame's length check
| * bd6c1932ac rtc: cmos: use spin_lock_irqsave in cmos_interrupt
| * ee61aec852 rtc: pcf2127: fix SPI command byte for PCF2131
| * 669e6c723b rtc: pcf2127: add missing semicolon after statement
* | 1741b1e583 Merge android16-6.12 into android16-6.12-lts
* | b0291e9ade ANDROID: GKI: add devm_regulator_bulk_get_enable to db845c symbol list
* | 67767146c7 Revert "Bluetooth: hci_core: Fix use-after-free in vhci_flush()"
* | a778622fe4 Merge 6.12.36 into android16-6.12-lts
|\|
| * df64e51d4a Linux 6.12.36
| * 2701654671 spi: fsl-qspi: Fix double cleanup in probe error path
| * 07836bc18f btrfs: fix use-after-free on inode when scanning root during em shrinking
| * 5f4863cfb2 btrfs: zoned: fix extent range end unlock in cow_file_range()
| * f68b27d82a spi: fsl-qspi: use devm function instead of driver remove
| * 442312c2a9 net: stmmac: Fix accessing freed irq affinity_hint
| * 725a59d29a drm/amdkfd: Fix instruction hazard in gfx12 trap handler
| * 6c7dc7ad86 drm/amdkfd: remove gfx 12 trap handler page size cap
| * 37d28309ee ALSA: hda/realtek: Bass speaker fixup for ASUS UM5606KA
| * 4ea0883b5a arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi
| * 1fc00e1451 riscv/atomic: Do proper sign extension also for unsigned in arch_cmpxchg
| * fbbb0e0de9 btrfs: do regular iput instead of delayed iput during extent map shrinking
| * fef55c4d9c btrfs: make the extent map shrinker run asynchronously as a work queue job
| * c223f378b6 btrfs: skip inodes without loaded extent maps when shrinking extent maps
| * 0d087de947 drm/fbdev-dma: Add shadow buffering for deferred I/O
| * 8e2dcdf22c drm/msm/dp: account for widebus and yuv420 during mode validation
| * 287b9cec2e usb: typec: tcpm: PSSourceOffTimer timeout in PR_Swap enters ERROR_RECOVERY
| * ab64e42864 drm/xe: Carve out wopcm portion from the stolen memory
| * b2d2be772d iio: dac: ad3552r-common: fix ad3541/2r ranges
| * c890a5b80d iio: dac: ad3552r: extract common code (no changes in behavior intended)
| * 0a8ac8f843 iio: dac: ad3552r: changes to use FIELD_PREP
| * 10b3772292 btrfs: do proper folio cleanup when cow_file_range() failed
| * 5d479182d4 net: phy: realtek: add RTL8125D-internal PHY
| * 5eb0b10eea net: phy: realtek: merge the drivers for internal NBase-T PHY's
| * 37cb5967bd r8169: add support for RTL8125D
| * 1f4b030e08 mm/vma: reset VMA iterator on commit_merge() OOM failure
| * 560c3b51c7 io_uring/kbuf: flag partial buffer mappings
| * c8d152b8c1 io_uring/net: mark iov as dynamically allocated even for single segments
| * b8be3ae062 io_uring/net: always use current transfer count for buffer put
| * 725fcba8bd io_uring/net: only consider msg_inq if larger than 1
| * 0c07f2bf49 io_uring/net: only retry recv bundle for a full transfer
| * 399214d703 io_uring/net: improve recv bundles
| * 50998b0ae7 io_uring/rsrc: don't rely on user vaddr alignment
| * 53fd75f25b io_uring/rsrc: fix folio unpinning
| * 8b8a366e8c io_uring: fix potential page leak in io_sqe_buffer_register()
| * 6d56ea133a net: libwx: fix Tx L4 checksum
| * c216c235ac x86/pkeys: Simplify PKRU update in signal frame
| * f609cebca1 x86/fpu: Refactor xfeature bitmask update code for sigframe XSAVE
| * 0519b61075 media: uvcvideo: Rollback non processed entities on error
| * 8cd7ee9cd7 drm/amd/display: Fix mpv playback corruption on weston
| * 5f2e040f19 drm/amdgpu: switch job hw_fence to amdgpu_fence
| * 9cfa2fea25 drm/amdgpu: Fix SDMA UTC_L1 handling during start/stop sequences
| * cc0a3fd781 drm/i915/dsi: Fix off by one in BXT_MIPI_TRANS_VTOTAL
| * e5e1996780 drm/xe: Fix early wedge on GuC load failure
| * a6d81b2d70 drm/xe: Fix taking invalid lock on wedge
| * 57e044005e drm/xe: Fix memset on iomem
| * e881b82f5d drm/amd/display: Check dce_hwseq before dereferencing it
| * 593517e556 drm/amdgpu: Add kicker device detection
| * ba1ffc32bd drm/amd/display: Fix RMCM programming seq errors
| * 57f1ed963c drm/xe/guc_submit: add back fix
| * f684192fca drm/xe/sched: stop re-submitting signalled jobs
| * 0bc8ad50f0 drm/xe/vm: move rebind_work init earlier
| * ca8efc6a89 drm/amd/display: Correct non-OLED pre_T11_delay.
| * e2c3133ff4 drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram
| * 4ce9f2dc9f drm/amd/display: Add null pointer check for get_first_active_display()
| * b7e273ebb3 drm/bridge: cdns-dsi: Wait for Clk and Data Lanes to be ready
| * 88189662ad drm/bridge: cdns-dsi: Check return value when getting default PHY config
| * 40261f0447 drm/bridge: cdns-dsi: Fix connecting to next bridge
| * 750442b99e drm/bridge: cdns-dsi: Fix phy de-init and flag it so
| * 0d11689681 drm/bridge: cdns-dsi: Fix the clock variable for mode_valid()
| * b681e2a8a7 drm/amdkfd: Fix race in GWS queue scheduling
| * 1847ea44e3 drm/msm/gpu: Fix crash when throttling GPU immediately during boot
| * 4da83f06c3 drm/udl: Unregister device before cleaning up on disconnect
| * 31ac2c680a drm/tegra: Fix a possible null pointer dereference
| * 7271a32074 drm/tegra: Assign plane type before registration
| * b464edc12d drm/etnaviv: Protect the scheduler's pending list with its lock
| * 2dae4a71a1 drm/cirrus-qemu: Fix pitch programming
| * 3d379b2a73 drm/ast: Fix comment on modeset lock
| * 6a87e79404 scsi: ufs: core: Fix clk scaling to be conditional in reset and restore
| * 19a47c966d scsi: megaraid_sas: Fix invalid node index
| * 70017f56b1 HID: wacom: fix kobject reference count leak
| * 2746d02066 HID: wacom: fix memory leak on sysfs attribute creation failure
| * a85999b987 HID: wacom: fix memory leak on kobject creation failure
| * 4b4b639cc5 HID: lenovo: Restrict F7/9/11 mode to compact keyboards only
| * c465f52333 f2fs: fix to zero post-eof page
| * 7b4ac8433c mm/gup: revert "mm: gup: fix infinite loop within __get_longterm_locked"
| * cf95f8426f maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate()
| * db0035ec7a net: libwx: fix the creation of page_pool
| * 74b0b4cf13 spi: spi-cadence-quadspi: Fix pm runtime unbalance
| * 6c59782898 btrfs: update superblock's device bytes_used when dropping chunk
| * 2088895d59 btrfs: fix a race between renames and directory logging
| * b9f78c36c0 dm-raid: fix variable in journal device check
| * 5a8400ebc2 Bluetooth: L2CAP: Fix L2CAP MTU negotiation
| * 765af23196 serial: imx: Restore original RXTL for console to fix data loss
| * 2b8788496f serial: core: restore of_node information in sysfs
| * 1f6e759907 dt-bindings: serial: 8250: Make clocks and clock-frequency exclusive
| * 379cca2ad9 staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher()
| * 2b9052d88d x86/traps: Initialize DR6 by writing its architectural reset value
| * 8ed96d8e05 EDAC/amd64: Fix size calculation for Non-Power-of-Two DIMMs
| * bced02aca3 cifs: Fix reading into an ITER_FOLIOQ from the smbdirect code
| * 87dcc7e33f cifs: Fix the smbd_response slab to allow usercopy
| * b8ddcca439 smb: client: make use of common smbdirect_socket_parameters
| * 69cafc413c smb: smbdirect: introduce smbdirect_socket_parameters
| * c39639bc77 smb: client: make use of common smbdirect_socket
| * f4b05342c2 smb: smbdirect: add smbdirect_socket.h
| * a6ec1fcafd smb: smbdirect: add smbdirect.h with public structures
| * 6509de31b1 smb: client: make use of common smbdirect_pdu.h
| * a9bb4006c4 smb: smbdirect: add smbdirect_pdu.h with protocol definitions
| * 7f3ead8ebc smb: client: fix potential deadlock when reconnecting channels
| * 1b12f8dabb drm/xe: Process deferred GGTT node removals on device unwind
| * 3549ad85aa drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type
| * 29a7c0b653 drm/bridge: ti-sn65dsi86: make use of debugfs_init callback
| * 18ec560e3e drm/i915: fix build error some more
| * 23116bf9a3 drm/amd: Adjust output for discovery error handling
| * 840fe792a1 drm/amdgpu/discovery: optionally use fw based ip discovery
| * 104048a4a4 net: selftests: fix TCP packet checksum
| * 3b6a9d35de ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR
| * ae539d963a atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().
| * 12bcb7eb0f netlink: specs: tc: replace underscores with dashes in names
| * a493e780b5 net: enetc: Correct endianness handling in _enetc_rd_reg64
| * 11b3e07e7d libbpf: Fix possible use-after-free for externs
| * e1f6654f22 um: ubd: Add missing error check in start_io_thread()
| * c6665b8f0f bnxt: properly flush XDP redirect lists
| * dbcd546400 vsock/uapi: fix linux/vm_sockets.h userspace compilation errors
| * 353739da69 wifi: mac80211: finish link init before RCU publish
| * d383657857 wifi: mac80211: Create separate links for VLAN interfaces
| * a4afc3d522 wifi: mac80211: Add link iteration macro for link data
| * 949060a623 af_unix: Don't set -ECONNRESET for consumed OOB skb.
| * 8d049443f7 wifi: mac80211: fix beacon interval calculation overflow
| * 715f6dbe9b ethernet: ionic: Fix DMA mapping tests
| * 5b7d9b26a1 libbpf: Fix null pointer dereference in btf_dump__free on allocation failure
| * b10a795364 attach_recursive_mnt(): do not lock the covering tree when sliding something under it
| * 0ee87c2814 ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()
| * ce23b73f0f Bluetooth: hci_core: Fix use-after-free in vhci_flush()
| * a07005a77b atm: clip: prevent NULL deref in clip_push()
| * a4f182ffa3 HID: wacom: fix crash in wacom_aes_battery_handler()
| * ac758d4596 drm/xe/display: Add check for alloc_ordered_workqueue()
| * 874b5818ca Revert "riscv: misaligned: fix sleeping function called during misaligned access handling"
| * fe30c30bf3 Revert "riscv: Define TASK_SIZE_MAX for __access_ok()"
| * 29d39e0d5f lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly()
| * 93abf5e0d5 fs/proc/task_mmu: fix PAGE_IS_PFNZERO detection for the huge zero folio
| * f855b119e6 s390/pkey: Prevent overflow in size calculation for memdup_user()
| * 13e23872a9 ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15
| * c5d5b0047b mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write
| * f85c7138f7 smb: client: remove \t from TP_printk statements
| * 59e31c92b3 ata: ahci: Use correct DMI identifier for ASUSPRO-D840SA LPM quirk
| * 28f0c4c93a i2c: robotfuzz-osif: disable zero-length read messages
| * a4dae6cbd2 i2c: tiny-usb: disable zero-length read messages
| * 61a9ad7b69 af_unix: Don't leave consecutive consumed OOB skbs.
| * 6420a8d27e accel/ivpu: Trigger device recovery on engine reset/resume failure
| * 397f3a7402 accel/ivpu: Add debugfs interface for setting HWS priority bands
| * d80302350c accel/ivpu: Separate DB ID and CMDQ ID allocations from CMDQ allocation
| * fbc93866b0 accel/ivpu: Make command queue ID allocated on XArray
| * 0c3fa6e844 accel/ivpu: Remove copy engine support
| * 341de32ea4 accel/ivpu: Do not fail on cmdq if failed to allocate preemption buffers
| * fe82323201 PCI: apple: Set only available ports up
| * b5939ac403 PCI: apple: Use helper function for_each_child_of_node_scoped()
| * 4149f0ee5e f2fs: don't over-report free space or inodes in statvfs
| * a8795f3cd2 ASoC: codecs: wcd9335: Fix missing free of regulator supplies
| * 2dc8ebfb69 ASoC: codec: wcd9335: Convert to GPIO descriptors
| * 8b69608c6b jfs: validate AG parameters in dbMount() to prevent crashes
| * 4b58be1bc4 fs/jfs: consolidate sanity checking in dbMount
| * f51efc4606 btrfs: fix qgroup reservation leak on failure to allocate ordered extent
| * 4cce1b05eb btrfs: use unsigned types for constants defined as bit shifts
| * 1fe766ddb9 btrfs: factor out nocow ordered extent and extent map generation into a helper
| * 7952c4bb50 Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1"
| * 5b930e72aa drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1
| * bbe9231fe6 btrfs: handle csum tree error with rescue=ibadroots correctly
| * 0437390086 ovl: Check for NULL d_inode() in ovl_dentry_upper()
| * ae2353d862 scsi: ufs: core: Don't perform UFS clkscaling during host async scan
| * a52f78bc8b ceph: fix possible integer overflow in ceph_zero_objects()
| * 7d468ca41a ASoC: rt1320: fix speaker noise when volume bar is 100%
| * 1818fc3602 ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock
| * 2b331e7b6c ALSA: hda: Add new pci id for AMD GPU display HD audio controller
| * c863f7e08f ALSA: hda: Ignore unsol events for cards being shut down
| * 1346d12e46 riscv: add a data fence for CMODX in the kernel mode
| * 1ef2737432 usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set
| * 10cc2cfd3e usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode
| * cf69fedbb1 usb: gadget: f_hid: wake up readers on disable/unbind
| * 43ea23645b usb: cdc-wdm: avoid setting WDM_READ for ZLP-s
| * 53809d38ec usb: Add checks for snprintf() calls in usb_alloc_dev()
| * 4fb6703824 usb: common: usb-conn-gpio: use a unique name for usb connector device
| * 685d29f2c5 tty: serial: uartlite: register uart driver in init
| * 358d5ba08f usb: potential integer overflow in usbg_make_tpg()
| * a10c8bff45 misc: tps6594-pfsm: Add NULL pointer check in tps6594_pfsm_probe()
| * 71f79ec25a iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos
| * ba78c2b325 usb: dwc2: also exit clock_gating when stopping udc while suspended
| * c7bfbba30f coresight: Only check bottom two claim bits
| * a0baf4d78b 8250: microchip: pci1xxxx: Add PCIe Hot reset disable support for Rev C0 and later devices
| * cf6d532de4 um: use proper care when taking mmap lock during segfault
| * 4f95f49d2b um: Add cmpxchg8b_emu and checksum functions to asm-prototypes.h
| * 6795442e6a iio: pressure: zpa2326: Use aligned_s64 for the timestamp
| * aefd0a9356 drm/scheduler: signal scheduled fence when kill job
| * 777580609d drm/amdgpu: seq64 memory unmap uses uninterruptible lock
| * 667c3f5237 bcache: fix NULL pointer in cache_set_flush()
| * 861204dce6 amd/amdkfd: fix a kfd_process ref leak
| * 3b611834b9 md/md-bitmap: fix dm-raid max_write_behind setting
| * 78a4adcd3f nvme-tcp: sanitize request list handling
| * 7b86ce1670 nvme-tcp: fix I/O stalls on congested sockets
| * 519ab9c725 PCI: imx6: Add workaround for errata ERR051624
| * 1d34f7fb7a PCI: apple: Fix missing OF node reference in apple_pcie_setup_port
| * 9f0fa01811 PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane
| * 80fb5c71ae dmaengine: xilinx_dma: Set dma_device directions
| * 98fd66c8ba dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using
| * 6298a28a2c rust: arm: fix unknown (to Clang) argument '-mno-fdpic'
| * 58364e7407 rust: module: place cleanup_module() in .exit.text section
| * 229aa5b810 ksmbd: provide zero as a unique ID to the Mac client
| * 0fce0027a5 ksmbd: allow a filename to contain special characters on SMB3.1.1 posix extension
| * 2414d3452a hwmon: (pmbus/max34440) Fix support for max34451
| * 9453ce2dd6 NFSv4: xattr handlers should check for absent nfs filehandles
| * b3dc5c735a cxl/region: Add a dev_err() on missing target list entries
| * 3a0f33c420 fuse: fix race between concurrent setattrs from multiple nodes
| * dcd5b32139 leds: multicolor: Fix intensity setting while SW blinking
| * 77da618098 dm vdo indexer: don't read request structure after enqueuing
| * 5fc29fb747 sunrpc: don't immediately retransmit on seqno miss
| * b9c7bc45ea mfd: max14577: Fix wakeup source leaks on device unbind
| * 8a997e1ab5 mailbox: Not protect module_put with spin_lock_irqsave
| * 7dd032d124 NFSv4.2: fix setattr caching of TIME_[MODIFY|ACCESS]_SET when timestamps are delegated
| * 871d1d7f37 NFSv4.2: fix listxattr to return selinux security label
| * 605daf6ae6 NFSv4: Always set NLINK even if the server doesn't support it
| * 61dd1dcf05 cifs: Fix encoding of SMB1 Session Setup NTLMSSP Request in non-UNICODE mode
| * ef4b3a7bf9 cifs: Fix cifs_query_path_info() for Windows NT servers
| * f80fdf48b8 cifs: Correctly set SMB1 SessionKey field in Session Setup Request
* | 1105189aca Revert "tcp: add receive queue awareness in tcp_rcv_space_adjust()"
* | 8cb2595f93 Merge 6.12.35 into android16-6.12-lts
|\|
| * 783cd2c3dc Linux 6.12.35
| * da70cb95b8 bpftool: Fix cgroup command to only show cgroup bpf programs
| * f4d483852a cifs: Remove duplicate fattr->cf_dtype assignment from wsl_to_fattr() function
| * fddf20b334 gpio: mlxbf3: only get IRQ for device instance 0
| * b99cf44daa perf test: Directory file descriptor leak
| * e6386adcb4 perf evsel: Missed close() when probing hybrid core PMUs
| * 1afda9f2bd gpio: pca953x: fix wrong error probe return value
| * ca1f9cc89c RISC-V: KVM: Don't treat SBI HFENCE calls as NOPs
| * ee85e957f6 RISC-V: KVM: Fix the size parameter check in SBI SFENCE calls
| * 38cd106282 scsi: elx: efct: Fix memory leak in efct_hw_parse_filter()
| * 22f935bc86 arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()
| * fd199366bf perf/core: Fix WARN in perf_cgroup_switch()
| * 7335c33d62 perf: Fix cgroup state vs ERROR
| * 456019adaa perf: Fix sample vs do_exit()
| * 989c77a3de s390/pci: Fix __pcilg_mio_inuser() inline assembly
| * 8ae7814589 smb: client: fix max_sge overflow in smb_extract_folioq_to_rdma()
| * e27cb3ac5a smb: client: fix first command failure during re-negotiation
| * 977b7cc778 serial: sh-sci: Increment the runtime usage counter for the earlycon device
| * 966dbf35e3 serial: sh-sci: Clean sci_ports[0] after at earlycon exit
| * 43f26094d6 smb: Log an error when close_all_cached_dirs fails
| * a5b7c237ea dt-bindings: i2c: nvidia,tegra20-i2c: Specify the required properties
| * 031d274c7b EDAC/amd64: Correct number of UMCs for family 19h models 70h-7fh
| * 5fe1b23a2f net: atm: fix /proc/net/atm/lec handling
| * f4d80b16ec net: atm: add lec_mutex
| * b4603bf956 mlxbf_gige: return EPROBE_DEFER if PHY IRQ is not available
| * 988edde4d5 calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().
| * 929544ba3c drm/xe/bmg: Update Wa_16023588340
| * d42b44736e drm/xe/gt: Update handling of xe_force_wake_get return
| * abf32d8fa1 drm/xe: Wire up device shutdown handler
| * 0f8df5d6f2 ublk: santizize the arguments from userspace when adding a device
| * 41017bd66c net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get()
| * 670179265a eth: fbnic: avoid double free when failing to DMA-map FW msg
| * 31d50dfe9c tcp: fix passive TFO socket having invalid NAPI ID
| * 0d3d91c350 tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer
| * 397c1faf8f tcp: fix tcp_packet_delayed() for tcp_is_non_sack_preventing_reopen() behavior
| * e996507f59 atm: atmtcp: Free invalid length skb in atmtcp_c_send().
| * 517bc6836e mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().
| * 301268dbaa wifi: carl9170: do not ping device which has failed to load firmware
| * 61b39e189d ptp: allow reading of currently dialed frequency to succeed on free-running clocks
| * 11e25a2b5d ptp: fix breakage after ptp_vclock_in_use() rework
| * 1f755ba8ab bnxt_en: Update MRU and RSS table of RSS contexts on queue reset
| * 672b9d85bd bnxt_en: Add a helper function to configure MRU and RSS
| * e1724f0769 eth: bnxt: fix out-of-range access of vnic_info array
| * 6f2cd30949 bnxt_en: Fix double invocation of bnxt_ulp_stop()/bnxt_ulp_start()
| * ac462a75fd net: netmem: fix skb_ensure_writable with unreadable skbs
| * 3890da762a ksmbd: add free_transport ops in ksmbd connection
| * 8873080b88 workqueue: Initialize wq_isolated_cpumask in workqueue_init_early()
| * b268e43012 e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13
| * d6715193de ice: fix eswitch code memory leak in reset scenario
| * cbea0cace6 net: ice: Perform accurate aRFS flow match
| * 6b358b3adf io_uring/sqpoll: don't put task_struct on tctx setup failure
| * fa2a79f0da aoe: clean device rq_list in aoedev_downdev()
| * 35d78d9eb5 pldmfw: Select CRC32 when PLDMFW is selected
| * fddf0d0d6c hwmon: (ltc4282) avoid repeated register write
| * 6869a79da2 hwmon: (occ) fix unaligned accesses
| * bf41b962bd hwmon: (occ) Rework attribute registration for stack usage
| * fcc95344aa drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled
| * 8809026752 drm/nouveau/bl: increase buffer size to avoid truncate warning
| * 114370b271 ionic: Prevent driver/fw getting out of sync on devcmd(s)
| * 9216ca340b drm/ssd130x: fix ssd132x_clear_screen() columns
| * 8a1f52651d drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE
| * 0c76d70fc3 drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names
| * 64fe4cd995 drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate
| * 1bb894c160 drm/msm/disp: Correct porch timing for SDM845
| * 9411a9909e smb: fix secondary channel creation issue with kerberos by populating hostname when adding channels
| * 3c44ebad5a ipv6: replace ipcm6_init calls with ipcm6_init_sk
| * 348e541fef ipv6: remove leftover ip6 cookie initializer
| * c426f8c4ac x86/tools: Drop duplicate unlikely() definition in insn_decoder_test.c
| * b8abcba6e4 Kunit to check the longest symbol length
| * c886784000 drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()`
| * 353e75b55e sunrpc: handle SVC_GARBAGE during svc auth processing as auth error
| * 0174154faf nfsd: use threads array as-is in netlink interface
| * 50189d9c5e erofs: remove unused trace event erofs_destroy_inode
| * 2516299184 bpf: Fix L4 csum update on IPv6 in CHECKSUM_COMPLETE
| * dc5f0aef9e net: Fix checksum update for ILA adj-transport
| * 60d8db49ef rust: compile libcore with edition 2024 for 1.87+
| * 1814e71a4e kbuild: rust: add rustc-min-version support function
| * cef081c823 drm/amdgpu: read back register after written for VCN v4.0.5
| * 9cf5b2a3b7 mm/hugetlb: unshare page tables during VMA split, not before
| * 5cfc95dc2f iio: accel: fxls8962af: Fix temperature calculation
| * d488691a4a ALSA: hda/realtek: Add quirk for Asus GU605C
| * b09323c6e8 ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA
| * 9ef0b695a9 ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged
| * 96fe253552 ALSA: hda/realtek - Add mute LED support for HP Victus 16-s1xxx and HP Victus 15-fa1xxx
| * cb078e2380 ALSA: hda/intel: Add Thinkpad E15 to PM deny list
| * c4f7e90e66 ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card
| * 47f34289d1 arm64: Restrict pagetable teardown to avoid false warning
| * 60606efbf5 wifi: cfg80211: init wiphy_work before allocating rfkill fails
| * a69a594794 wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path
| * f6ac7d68bb Input: sparcspkr - avoid unannotated fall-through
| * 82b6dfff0d cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update
| * 44b25cc825 wifi: rtw89: phy: add dummy C2H event handler for report of TAS power
| * 3d828519bd atm: Revert atm_account_tx() if copy_from_iter_full() fails.
| * 57ec081869 sched_ext, sched/core: Don't call scx_group_set_weight() prematurely from sched_create_group()
| * 6e7a2d3881 platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL
| * 870dd7e784 selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len
| * ff67d178c6 platform/x86: ideapad-laptop: use usleep_range() for EC polling
| * 1193486dff ksmbd: fix null pointer dereference in destroy_previous_session
| * 2cb89aef98 selftests/x86: Add a test to detect infinite SIGTRAP handler loop
| * 47bf9d03a9 x86/virt/tdx: Avoid indirect calls to TDX assembly functions
| * 5ec6148cb8 udmabuf: use sgtable-based scatterlist wrappers
| * 510a29d776 mm: close theoretical race where stale TLB entries could linger
| * 2a3ad42a57 net: clear the dst when changing skb protocol
| * f9b97d466e net_sched: sch_sfq: reject invalid perturb period
| * 4220cc0b98 nvme: always punt polled uring_cmd end_io work to task_work
| * c455ae2ce0 scsi: s390: zfcp: Ensure synchronous unit_add
| * dba20f6418 scsi: storvsc: Increase the timeouts to storvsc_timeout
| * 3a83a904bf smb: improve directory cache reuse for readdir operations
| * 2c34f1e095 cifs: do not disable interface polling on failure
| * 3b2bec886f cifs: serialize other channels when query server interfaces is pending
| * b735c8dfbf cifs: deal with the channel loading lag while picking channels
| * d1b81776f3 jffs2: check jffs2_prealloc_raw_node_refs() result in few other places
| * da12ef7e19 jffs2: check that raw node were preallocated before writing summary
| * 985f086f28 LoongArch: Fix panic caused by NULL-PMD in huge_pte_offset()
| * d46f8f1ede LoongArch: Avoid using $r0/$r1 as "mask" for csrxchg
| * c7a6bd2019 LoongArch: vDSO: Correctly use asm parameters in syscall wrappers
| * ec401f84e7 platform/loongarch: laptop: Add backlight power control support
| * 141523e6fd platform/loongarch: laptop: Unregister generic_sub_drivers on exit
| * 30cfeebdad platform/loongarch: laptop: Get brightness setting from EC on probe
| * 1cce6ac47f drivers/rapidio/rio_cm.c: prevent possible heap overwrite
| * 1a4254ab06 io_uring: fix task leak issue in io_wq_create()
| * 2e10dc9c2a io_uring/kbuf: don't truncate end buffer for multiple buffer peeks
| * 50452fe7ca powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery
| * 7518ef0f79 powerpc/vdso: Fix build of VDSO32 with pcrel
| * 5807588a54 platform/x86: dell_rbu: Stop overwriting data buffer
| * 4d71f2c1e5 platform/x86: dell_rbu: Fix list usage
| * 78f8e25442 platform/x86/amd: pmf: Prevent amd_pmf_tee_deinit() from running twice
| * c4972e7723 platform/x86/amd: pmc: Clear metrics table at start of cycle
| * 7c41f73b64 fs/xattr.c: fix simple_xattr_list()
| * 311389a799 Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first"
| * 7109ae53f9 tee: Prevent size calculation wraparound on 32-bit kernels
| * 69e888cbae ARM: OMAP2+: Fix l4ls clk domain handling in STANDBY
| * d9ab5bad38 bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value
| * a1a63a270e watchdog: da9052_wdt: respect TWDMIN
| * f28f1f578c fbcon: Make sure modelist not set on unregistered console
| * 4930ac3bc0 net/mlx5: HWS, Harden IP version definer checks
| * 4752355037 wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz
| * 11127b0821 wifi: ath12k: fix incorrect CE addresses
| * edbfb9752e wifi: ath12k: fix link valid field initialization in the monitor Rx
| * f9eee822b4 wifi: ath11k: determine PM policy based on machine model
| * 21b5d9a2b6 octeontx2-pf: Add error log forcn10k_map_unmap_rq_policer()
| * 2bd434bb0e net: ethernet: cortina: Use TOE/TSO on all TCP
| * b8b4b8bb34 bpf, sockmap: Fix data lost during EAGAIN retries
| * a58f0a0e99 f2fs: fix to set atomic write status more clear
| * 3d2fdb77ce usbnet: asix AX88772: leave the carrier control to phylink
| * 7a08a9d6f5 ice: fix check for existing switch rule
| * 94bf4146af RDMA/hns: initialize db in update_srq_db()
| * 098983de3f ixgbe: Fix unreachable retry logic in combined and byte I2C write functions
| * 3502dd42f1 i40e: fix MMIO write access to an invalid page in i40e_clear_hw
| * b7129ef57d sock: Correct error checking condition for (assign|release)_proto_idx()
| * 2f63bf0d2b scsi: lpfc: Use memcpy() for BIOS version
| * 41afa1abc1 wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping
| * d728dfafc1 pinctrl: mcp23s08: Reset all pins to input at probe
| * 7e73f517ca isofs: fix Y2038 and Y2156 issues in Rock Ridge TF entry
| * 4b3383110b software node: Correct a OOB check in software_node_get_reference_args()
| * d589b45b7c net: ethernet: ti: am65-cpsw: handle -EPROBE_DEFER
| * f66971c608 wifi: ath12k: using msdu end descriptor to check for rx multicast packets
| * 9f20f96511 bnxt_en: Remove unused field "ref_count" in struct bnxt_ulp
| * 1baee1365c vxlan: Do not treat dst cache initialization errors as fatal
| * 78f768e36c net: bridge: mcast: re-implement br_multicast_{enable, disable}_port functions
| * 23d336e8a2 net: bridge: mcast: update multicast contex when vlan state is changed
| * 0388a85971 wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0
| * 2112fba7b7 Revert "mac80211: Dynamically set CoDel parameters per station"
| * e0e8f580d5 wifi: mac80211: VLAN traffic in multicast path
| * 448dc45eea bpf: Use proper type to calculate bpf_raw_tp_null_args.mask index
| * b562ceee43 net/mlx5: HWS, Fix IP version decision
| * 4e42f355c5 netdevsim: Mark NAPI ID on skb in nsim_rcv
| * 606b577368 wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled
| * f92312f6dd wifi: rtw89: 8922a: fix TX fail with wrong VCO setting
| * aa3e56caf6 wifi: iwlwifi: pcie: make sure to lock rxq->read
| * 91ef6a1527 iommu/amd: Ensure GA log notifier callbacks finish running before module unload
| * 57a85eb125 scsi: smartpqi: Add new PCI IDs
| * ab3f6cf370 scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands
| * d003ff1f0a libbpf: Add identical pointer detection to btf_dedup_is_equiv()
| * 0ab3de0478 netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
| * f0023d7a2a f2fs: fix to bail out in get_new_segment()
| * 85d6986da0 wifi: iwlwifi: mvm: fix beacon CCK flag
| * ff38cf0bd8 hid-asus: check ROG Ally MCU version and warn
| * 6f84ec0a5a clk: rockchip: rk3036: mark ddrphy as critical
| * 4c43d2c649 wifi: mac80211: do not offer a mesh path if forwarding is disabled
| * bc4abf1f2f wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn()
| * 07693edecf net: vertexcom: mse102x: Return code for mse102x_rx_pkt_spi
| * 4d19bf2674 net: mlx4: add SOF_TIMESTAMPING_TX_SOFTWARE flag when getting ts info
| * 2cd2022c38 pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get()
| * ddead1832f libbpf: Check bpf_map_skeleton link for NULL
| * 133f17922b pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction()
| * b241b5fde0 net: stmmac: generate software timestamp just before the doorbell
| * 8fdf2f79eb bpf: Pass the same orig_call value to trampoline functions
| * aefe45843e pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction()
| * 461d5a73ae pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name()
| * 01ed9a06e5 net: atlantic: generate software timestamp just before the doorbell
| * 8b0741b167 xfrm: validate assignment of maximal possible SEQ number
| * 5eb9c50e0c net: page_pool: Don't recycle into cache on PREEMPT_RT
| * 3a9e74d158 ipv4/route: Use this_cpu_inc() for stats on PREEMPT_RT
| * dc5de5bd6d x86/sgx: Prevent attempts to reclaim poisoned pages
| * 84c156a351 tcp: add receive queue awareness in tcp_rcv_space_adjust()
| * 89b20c406e tcp: fix initial tp->rcvq_space.space value for passive TS enabled flows
| * f97085d365 tcp: remove zero TCP TS samples for autotuning
| * 0a8446058c tcp: always seek for minimal rtt in tcp_rcv_rtt_update()
| * 72b03d8abc wifi: rtw89: leave idle mode when setting WEP encryption for AP mode
| * 3cb5d934e0 iommu/amd: Allow matching ACPI HID devices without matching UIDs
| * 847f414bf9 wifi: ath11k: Fix QMI memory reuse logic
| * 4585e37d08 wifi: ath12k: fix a possible dead lock caused by ab->base_lock
| * fd1bf3985d wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET
| * 7c6b9f6a53 net: dlink: add synchronization for stats update
| * a856d71fbb clk: qcom: gcc-x1e80100: Set FORCE MEM CORE for UFS clocks
| * cb8484d1ba i2c: npcm: Add clock toggle recovery
| * 75a864f21c i2c: tegra: check msg length in SMBUS block read
| * 77ff6aec7c cpufreq: scmi: Skip SCMI devices that aren't used by the CPUs
| * 45251bcfe0 libbpf/btf: Fix string handling to support multi-split BTF
| * ec7d08ad9a sctp: Do not wake readers in __sctp_write_space()
| * cba1b82bdc wifi: mac80211: validate SCAN_FLAG_AP in scan request during MLO
| * 84feb629fc wifi: mt76: mt7925: introduce thermal protection
| * 7f622bb3b5 wifi: mt76: mt7921: add 160 MHz AP for mt7922 device
| * e7a1865056 wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R
| * b5e792c206 Bluetooth: btusb: Add new VID/PID 13d3/3630 for MT7925
| * 57cfe4a06d emulex/benet: correct command version selection in be_cmd_get_stats()
| * d4b93f9c2f wifi: mt76: mt7996: drop fragments with multicast or broadcast RA
| * 4d56803464 i2c: designware: Invoke runtime suspend on quick slave re-registration
| * 0cc5c7c14f Bluetooth: btusb: Add new VID/PID 13d3/3584 for MT7922
| * 2d834477bb bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()
| * b0e647442c f2fs: use vmalloc instead of kvmalloc in .init_{,de}compress_ctx
| * 6c1151d53c tipc: use kfree_sensitive() for aead cleanup
| * 51318d644c net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices
| * 2d15f5e448 net: macb: Check return value of dma_set_mask_and_coherent()
| * e8cd4a8d5b ACPI: battery: negate current when discharging
| * 05713a9fc2 power: supply: max17040: adjust thermal channel scaling
| * 1f152ae557 PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn()
| * c519f81e9c gpiolib: of: Add polarity quirk for s5m8767
| * 8975b40c07 Make 'cc-option' work correctly for the -Wno-xyzzy pattern
| * bf6a433b88 ASoC: tegra210_ahub: Add check to of_device_get_match_data()
| * f34e0c1556 platform-msi: Add msi_remove_device_irq_domain() in platform_device_msi_free_irqs_all()
| * 9281360d1c ACPICA: utilities: Fix overflow check in vsnprintf()
| * 33cd650d38 pmdomain: core: Reset genpd->states to avoid freeing invalid data
| * 02de16babe power: supply: bq27xxx: Retrieve again when busy
| * bc51712997 ALSA: hda: cs35l41: Fix swapped l/r audio channels for Acer Helios laptops
| * 7efa7856f4 ACPICA: Apply pack(1) to union aml_resource
| * 198c2dab02 ACPICA: fix acpi parse and parseext cache leaks
| * 66613b13cd ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case
| * b01a29a80c ACPI: bus: Bail out if acpi_kobj registration fails
| * 7fe1b9381b ASoC: intel/sdw_utils: Assign initial value in asoc_sdw_rt_amp_spk_rtd_init()
| * c0a6053f90 ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change
| * c05aba32a9 ACPICA: Avoid sequence overread in call to strncmp()
| * ddec63e2dd mmc: Add quirk to disable DDR50 tuning
| * 0cd0ef0a0a power: supply: collie: Fix wakeup source leaks on device unbind
| * 7b45d2401d clocksource: Fix the CPUs' choice in the watchdog per CPU verification
| * 6cd75d8f0b ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9
| * 76d3716815 ACPICA: fix acpi operand cache leak in dswstate.c
| * 0c81bcc14b iio: adc: ad7606_spi: fix reg write value mask
| * 399e325f3f iio: adc: ti-ads1298: Kconfig: add kfifo dependency to fix module build
| * aaa25db0b8 iio: adc: ad7944: mask high bits on direct read
| * ea66a9effa iio: imu: inv_icm42600: Fix temperature calculation
| * 034a52b5ef mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
| * acbe1597e3 dummycon: Trigger redraw when switching consoles with deferred takeover
| * de72e0a13e accel/ivpu: Fix warning in ivpu_gem_bo_free()
| * d2551a6178 accel/ivpu: Use dma_resv_lock() instead of a custom mutex
| * 954b190106 accel/ivpu: Use firmware names from upstream repo
| * 648f1d5446 accel/ivpu: Improve buffer object logging
| * 2facd42665 iio: accel: fxls8962af: Fix temperature scan element sign
| * ae3c418764 PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit()
| * 0835fbe0d1 PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up()
| * be0cf75cbd PCI: Fix lock symmetry in pci_slot_unlock()
| * b20701d594 PCI: Add ACS quirk for Loongson PCIe
| * 68e58f5791 PCI: dwc: ep: Correct PBA offset in .set_msix() callback
| * 523815857b PCI: cadence-ep: Correct PBA offset in .set_msix() callback
| * bf1299797c uio_hv_generic: Align ring size to system page
| * 157b0827d7 uio_hv_generic: Use correct size for interrupt and monitor pages
| * 704cd2f207 Drivers: hv: Allocate interrupt and monitor pages aligned to system page boundary
| * a9e916fa5c smb: client: add NULL check in automount_fullpath
| * dba032110b cifs: dns resolution is needed only for primary channel
| * e2328267d0 cifs: update dstaddr whenever channel iface is updated
| * 180079e4da cifs: reset connections for all channels when reconnect requested
| * 30b031c0bd remoteproc: k3-m4: Don't assert reset in detach routine
| * f4ef928ca5 remoteproc: core: Release rproc->clean_table after rproc_attach() fails
| * 92776ca0cc remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach()
| * 20462b6111 regulator: max14577: Add error check for max14577_read_reg()
| * ec5f0b4412 ovl: Fix nested backing file paths
| * 6dbda47fe8 mips: Add -std= flag specified in KBUILD_CFLAGS to vdso CFLAGS
| * bf1605e2ea staging: iio: ad5933: Correct settling cycles encoding per datasheet
| * 4df6f2a167 pwm: axi-pwmgen: fix missing separate external clock
| * 5c70e3ad85 video: screen_info: Relocate framebuffers behind PCI bridges
| * 337bf0bbb0 sysfb: Fix screen_info type check for VGA
| * ce4ef0274c KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY
| * 4da7fcc098 net: ch9200: fix uninitialised access during mii_nway_restart
| * 5572d21a72 phy: fsl-imx8mq-usb: fix phy_tx_vboost_level_from_property()
| * f2986bccf2 dm: lock limits when reading them
| * 8e89c17dc8 ftrace: Fix UAF when lookup kallsym after ftrace disabled
| * d6bf5ad1a5 mtd: rawnand: qcom: Fix read len for onfi param page
| * e3cf1ef571 dm-verity: fix a memory leak if some arguments are specified multiple times
| * e93624e645 dm-mirror: fix a tiny race condition
| * a9a76d58ba KVM: VMX: Flush shadow VMCS on emergency reboot
| * 264edbfc3b KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs
| * 850931ba01 mtd: nand: sunxi: Add randomizer configuration before randomizer enable
| * bb2c7c5e30 mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk
| * 462eee6d42 firmware: arm_scmi: Ensure that the message-id supports fastchannel
| * 015f04ac88 configfs-tsm-report: Fix NULL dereference of tsm_ops
| * a8ec526969 soc: qcom: pmic_glink_altmode: fix spurious DP hotplug events
| * 02137179ff mm: fix ratelimit_pages update error in dirty_ratio_handler()
| * 764c9f69be RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction
| * f16a797dce watchdog: fix watchdog may detect false positive of softlockup
| * 68c173ea13 ipc: fix to protect IPCS lookups using RCU
| * 9f019fcb73 clk: meson-g12a: add missing fclk_div2 to spicc
| * 1aa41444c5 parisc: fix building with gcc-15
| * f20fd54af4 vgacon: Add check for vc_origin address range in vgacon_scroll()
| * 8d0645b59b parisc/unaligned: Fix hex output to show 8 hex chars
| * b3071bb463 fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var
| * 4904bd8267 EDAC/altera: Use correct write width with the INTTEST register
| * 3f2098f4fb fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var
| * fb5873b779 iommu/vt-d: Restore context entry setup order for aliased devices
| * 81c64c2f84 net: ftgmac100: select FIXED_PHY
| * 8a008c89e5 net/sched: fix use-after-free in taprio_dev_notifier
| * 55c3dbd838 NFC: nci: uart: Set tty->disc_data only in success path
| * 83e2ba8971 hwmon: (ftsteutates) Fix TOCTOU race in fts_read()
| * ee1b421c46 f2fs: fix to do sanity check on sit_bitmap_size
| * aaa644e7ff f2fs: prevent kernel warning due to negative i_nlink from corrupted image
| * fed611bd8c f2fs: fix to do sanity check on ino and xnid
| * a0b1c91ada Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer()
| * 5a8cd6ae83 Input: ims-pcu - check record size in ims_pcu_flash_firmware()
| * be5f3061a6 ext4: only dirty folios when data journaling regular files
| * 4b36399711 ext4: ensure i_size is smaller than maxbytes
| * b841ca8c8f ext4: factor out ext4_get_maxbytes()
| * 796632e6f8 ext4: fix calculation of credits for extent tree modification
| * 5766da2237 ext4: inline: fix len overflow in ext4_prepare_inline_data
| * 63e50525b5 bus: fsl-mc: fix GET/SET_TAILDROP command ids
| * 2de74c25e7 bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device
| * 4d0686b53c ata: ahci: Disallow LPM for Asus B550-F motherboard
| * cf4f7511f8 ata: ahci: Disallow LPM for ASUSPRO-D840SA motherboard
| * 947f9304d3 ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
| * a0890b7805 bus: firewall: Fix missing static inline annotations for stubs
| * 1c71f3cf5f cgroup,freezer: fix incomplete freezing when attaching tasks
| * 5d555f17d1 ceph: set superblock s_magic for IMA fsmagic matching
| * 75583606ae ceph: avoid kernel BUG for encrypted inode with unaligned file size
| * 04e93f75b1 can: tcan4x5x: fix power regulator retrieval during probe
| * d8a054b6e6 can: kvaser_pciefd: refine error prone echo_skb_max handling logic
| * 896bbceebf bus: mhi: host: Fix conflict between power_up and SYSERR
| * f704a80d9f bus: mhi: ep: Update read pointer only after buffer is written
| * 943801c380 block: Clear BIO_EMULATES_ZONE_APPEND flag on BIO completion
| * 5538af3843 block: use plug request list tail for one-shot backmerge attempt
| * 6e1276195f ASoC: codecs: wcd937x: Drop unused buck_supply
| * c8228b5f3d ASoC: codecs: wcd9375: Fix double free of regulator supplies
| * 5626fefb46 ARM: omap: pmic-cpcap: do not mess around without CPCAP or OMAP4
| * 1c40263443 ARM: 9447/1: arm/memremap: fix arch_memremap_can_ram_remap()
| * 86d9837e46 arm64/mm: Close theoretical race where stale TLB entry remains valid
| * aac91ae06c media: uvcvideo: Fix deferred probing error
| * 6d2b12e7c5 media: uvcvideo: Send control events for partial succeeds
| * b52dc88361 media: uvcvideo: Return the number of processed controls
| * 0ee9469f81 media: imx-jpeg: Cleanup after an allocation error
| * 9df9d45365 media: imx-jpeg: Reset slot data pointers when freed
| * c8332e6a0b media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead
| * 314893d15a media: imx-jpeg: Drop the first error frames
| * 00da1c767a media: vivid: Change the siize of the composing
| * 72541cae73 media: vidtv: Terminating the subsequent process of initialization failure
| * 5d8b057ed7 media: videobuf2: use sgtable-based scatterlist wrappers
| * 742c60333b media: venus: Fix probe error handling
| * 2429bb9fad media: v4l2-dev: fix error handling in __video_register_device()
| * 63ea94aa72 media: omap3isp: use sgtable-based scatterlist wrappers
| * f3033169d1 media: mediatek: vcodec: Correct vsi_core framebuffer size
| * 831b460e92 media: ipu6: Remove workaround for Meteor Lake ES2
| * a2d4fdef06 media: intel/ipu6: Fix dma mask for non-secure mode
| * 2a2bd7df40 media: imagination: fix a potential memory leak in e5010_probe()
| * 1f78790d98 media: i2c: imx335: Fix frame size enumeration
| * 5ae9ff1ee2 media: gspca: Add error handling for stv06xx_read_sensor()
| * ca43a9386c media: davinci: vpif: Fix memory leak in probe error path
| * 9bff888c92 media: cxusb: no longer judge rbuf when the write fails
| * c89339591b media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case
| * dc723f6c8d media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div
| * e251f4fe65 media: ccs-pll: Start OP pre-PLL multiplier search from correct value
| * 6216c67c90 media: ov2740: Move pm-runtime cleanup on probe-errors to proper place
| * d0e6032ee0 media: ccs-pll: Start VT pre-PLL multiplier search from correct value
| * eda32d4432 media: i2c: ds90ub913: Fix returned fmt from .set_fmt()
| * fb50ee19aa media: nxp: imx8-isi: better handle the m2m usage_count
| * b93864e086 media: imx335: Use correct register width for HNUM
| * 2f4c2c6bde media: ov5675: suppress probe deferral errors
| * ceb901f795 media: ov8856: suppress probe deferral errors
| * ac93035040 wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723
| * b88447ce11 wifi: rtw88: usb: Reduce control message timeout to 500 ms
| * cb3cba0ec3 svcrdma: Unregister the device if svc_rdma_accept() fails
| * f78b38af35 jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()
| * d35e6c3616 wifi: ath12k: fix ring-buffer corruption
| * 5bf0b9eeb0 fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio()
| * 95c4322c2a NFSv4: Don't check for OPEN feature support in v4.1
| * c08e00a416 SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls
| * d622c2ee6c nfsd: Initialize ssc before laundromat_work to prevent NULL dereference
| * 7a75a95669 nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request
| * 07862d4f7c NFSD: Implement FATTR4_CLONE_BLKSIZE attribute
| * 2029ca75cd NFSD: fix race between nfsd registration and exports_proc
| * 3f3eb3c342 NFSD: unregister filesystem in case genl_register_family() fails
| * 763d1789c0 wifi: ath11k: fix ring-buffer corruption
| * 09f7616cb5 wifi: rtw88: usb: Upload the firmware in bigger chunks
| * 314053de3a wifi: ath11k: fix rx completion meta data corruption
| * 7a20cdb55c wifi: mt76: mt7925: fix host interrupt register initialization
| * 6d05390d20 wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()
| * c3afa81f2e net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid()
| * 5297c5cf26 net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr()
| * b96ba2d1fb regulator: max20086: Change enable gpio to optional
| * 028bb7b658 regulator: max20086: Fix MAX200086 chip id
| * f2e8a863fd s390/pci: Serialize device addition and removal
| * 31a7dc5a24 s390/pci: Allow re-add of a reserved but not yet removed device
| * f86ca2b553 s390/pci: Prevent self deletion in disable_slot()
| * 94c0731dbf s390/pci: Remove redundant bus removal and disable from zpci_release_device()
| * 0b42b68cec powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states
| * c58b577cf7 io_uring/kbuf: account ring io_buffer_list memory
| * ba789be63d io_uring: account drain memory to cgroup
| * 082b0ca9a7 ASoC: amd: sof_amd_sdw: Fix unlikely uninitialized variable use in create_sdw_dailinks()
| * 2864c19ae9 ASoC: meson: meson-card-utils: use of_property_present() for DT parsing
| * 98640457c0 ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params()
| * d765505bca crypto: qat - add shutdown handler to qat_dh895xcc
| * eb94a34c27 crypto: qat - add shutdown handler to qat_c62x
| * 59fd1b2909 crypto: qat - add shutdown handler to qat_4xxx
| * 5e4e6d0cae crypto: qat - add shutdown handler to qat_420xx
| * 261f2a655b crypto: qat - add shutdown handler to qat_c3xxx
| * f2cc87bf3e gfs2: move msleep to sleepable context
| * ea3c81acb0 crypto: marvell/cesa - Do not chain submitted requests
| * bdb71ee651 configfs: Do not override creating attribute file failure in populate_attrs()
* | 5f92e5fdd1 Revert "Bluetooth: MGMT: Protect mgmt_pending list with its own lock"
* | a0b4b5586d Revert "PCI: endpoint: Retain fixed-size BAR size as well as aligned size"
* | 036a0d8df2 Merge 6.12.34 into android16-6.12-lts
|\|
| * 23fdf46589 Linux 6.12.34
| * fe794d1f9b thermal/drivers/mediatek/lvts: Remove unused lvts_debugfs_exit
| * 6695a1fa98 drm/meson: Use 1000ULL when operating with mode->clock
| * da728507b0 gfs2: Don't clear sb->s_fs_info in gfs2_sys_fs_add
| * ab20b0bdb0 overflow: Introduce __DEFINE_FLEX for having no initializer
| * 5ed1d7a700 net: usb: aqc111: debug info before sanitation
| * b4a86d64e4 usb: misc: onboard_usb_dev: fix build warning for CONFIG_USB_ONBOARD_DEV_USB5744=n
| * d4724213c8 regulator: dt-bindings: mt6357: Drop fixed compatible requirement
| * 77e1bf9dad calipso: unlock rcu before returning -EAFNOSUPPORT
| * ea50a9c348 x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler
| * b3b3b6366d x86/iopl: Cure TIF_IO_BITMAP inconsistencies
| * dbbad9a016 xen/arm: call uaccess_ttbr0_enable for dm_op hypercall
| * 9332b7a836 xfs: don't assume perags are initialised when trimming AGs
| * 2d6a6cfe96 ring-buffer: Move cpus_read_lock() outside of buffer->mutex
| * e09c0600be ring-buffer: Fix buffer locking in ring_buffer_subbuf_order_set()
| * b8df8cb8f7 ring-buffer: Do not trigger WARN_ON() due to a commit_overrun
| * 6a6ce20657 9p: Add a migrate_folio method
| * 7bdd712abe usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work
| * 9f907ee83f usb: typec: tcpm/tcpci_maxim: Fix bounds check in process_rx()
| * 657003ced7 usb: Flush altsetting 0 endpoints before reinitializating them after reset.
| * 921b3c8050 usb: cdnsp: Fix issue with detecting USB 3.2 speed
| * c7862978b4 usb: cdnsp: Fix issue with detecting command completion event
| * 3cce173477 usb: misc: onboard_usb_dev: Fix usb5744 initialization sequence
| * 393abb68b9 tty: serial: 8250_omap: fix TX with DMA for am33xx
| * 00ddc7dad5 VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify
| * 6327884fba usb: usbtmc: Fix read_stb function and get_stb ioctl
| * c8bb1bcea8 nvmem: zynqmp_nvmem: unbreak driver after cleanup
| * c29d531870 posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
| * 7438836892 HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()
| * 84e9f0a2c2 ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1
| * 81515a4479 Revert "wifi: mwifiex: Fix HT40 bandwidth issue."
| * 1ed18c90f6 tools/resolve_btfids: Fix build when cross compiling kernel with clang.
| * 403bbbe2fa objtool/rust: relax slice condition to cover more `noreturn` Rust functions
| * 4b1ef15ffd block: Fix bvec_set_folio() for very large folios
| * a9022c8631 bio: Fix bio_first_folio() for SPARSEMEM without VMEMMAP
| * 48f33ec141 io_uring: consistently use rcu semantics with sqpoll thread
| * 0fccb6773b block: don't use submit_bio_noacct_nocheck in blk_zone_wplug_bio_work
| * af8c13f9ee io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo()
| * a5c7b61eed block: use q->elevator with ->elevator_lock held in elv_iosched_show()
| * f351bb3085 perf: Ensure bpf_perf_link path is properly serialized
| * 1c09795ece nvmet-fcloop: access fcpreq only when holding reqlock
| * 3c04fafeb3 btrfs: exit after state split error at set_extent_bit()
| * 7b4bf4d896 gfs2: pass through holder from the VFS for freeze/thaw
| * 0a2500782f fs/filesystems: Fix potential unsigned integer underflow in fs_name()
| * 58c50f45e1 btrfs: exit after state insertion failure at btrfs_convert_extent_bit()
| * a8ff2e362d net: drv: netdevsim: don't napi_complete() from netpoll
| * 073f64c035 net_sched: ets: fix a race in ets_qdisc_change()
| * 180b12eafa net_sched: tbf: fix a race in tbf_change()
| * 4b755305b2 net_sched: red: fix a race in __red_change()
| * e3f6745006 net_sched: prio: fix a race in prio_tune()
| * 62ef4761bb net/mlx5e: Fix leak of Geneve TLV option object
| * eb4b59491f net/mlx5: HWS, fix missing ip_version handling in definer
| * 5932b1972d net/mlx5: Fix return value when searching for existing flow group
| * da15ca0553 net/mlx5: Fix ECVF vports unload on shutdown flow
| * adb56e5a71 net/mlx5: Ensure fw pages are always allocated on same NUMA
| * 7a41744e38 Bluetooth: MGMT: Fix sparse errors
| * 2af40d795d Bluetooth: eir: Fix possible crashes on eir_create_adv_data
| * 907ef6e12f Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance
| * 842f7c3154 Bluetooth: Fix NULL pointer deference on eir_get_service_data
| * 31bf7b2b92 net/mdiobus: Fix potential out-of-bounds clause 45 read/write access
| * b02d9d2732 net/mdiobus: Fix potential out-of-bounds read/write access
| * 78fa7b723e macsec: MACsec SCI assignment for ES = 0
| * 1e0de7582c net: Fix TOCTOU issue in sk_is_readable()
| * 32a48db4cf ACPI: CPPC: Fix NULL pointer dereference when nosmp is used
| * c3892f1ba0 i40e: retry VFLR handling if there is ongoing VF reset
| * 60592d381f i40e: return false from i40e_reset_vf if reset is in progress
| * 0440186a9c drm/meson: fix more rounding issues with 59.94Hz modes
| * e44408a317 drm/meson: use vclk_freq instead of pixel_freq in debug print
| * dd8d64e910 drm/meson: fix debug log statement when setting the HDMI clocks
| * d7aa2e4b80 drm/meson: use unsigned long long / Hz for frequency types
| * c79a1ac2a0 powerpc/vas: Return -EINVAL if the offset is non-zero in mmap()
| * 9c340b56d6 powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap
| * d1bc80da75 net_sched: sch_sfq: fix a potential crash on gso_skb handling
| * 98e46d77cd scsi: iscsi: Fix incorrect error path labels for flashnode operations
| * 8a8380773f pinctrl: qcom: pinctrl-qcm2290: Add missing pins
| * cce3ea5f48 spi: omap2-mcspi: Disable multi-mode when the previous message kept CS asserted
| * 01a968b1c4 spi: omap2-mcspi: Disable multi mode when CS should be kept asserted after message
| * f74abf2cdd regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt()
| * 569972c5bd wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850
| * 4c0153d7a1 wifi: ath12k: refactor ath12k_hw_regs structure
| * 6dabf9e054 wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready
| * 7b1a7d35ee wifi: ath11k: move some firmware stats related functions outside of debugfs
| * d849e671ff wifi: ath11k: don't wait when there is no vdev started
| * b18918782e wifi: ath11k: don't use static variables in ath11k_debugfs_fw_stats_process()
| * 784cb1c1b8 wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request()
| * b208c674f5 wifi: ath11k: convert timeouts to secs_to_jiffies()
| * ef8e4aeab3 ath10k: snoc: fix unbalanced IRQ enable in crash recovery
| * b93e6fef4e ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use()
| * 6c8d3d7c36 net: dsa: b53: fix untagged traffic sent via cpu tagged with VID 0
| * 4e83f2dbb2 Bluetooth: MGMT: Protect mgmt_pending list with its own lock
| * 84ab1283eb Bluetooth: MGMT: Remove unused mgmt_pending_find_data
| * 9df3e5e7f7 Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
| * fbf95f446b Bluetooth: btintel_pcie: Reduce driver buffer posting to prevent race condition
| * b104a6f5d5 Bluetooth: btintel_pcie: Increase the tx and rx descriptor count
| * a075e10cfb Bluetooth: btintel_pcie: Fix driver not posting maximum rx buffers
| * 99e3d69853 Bluetooth: hci_core: fix list_for_each_entry_rcu usage
| * 3464a707d1 scsi: core: ufs: Fix a hang in the error handler
| * 21b2bca88e serial: sh-sci: Move runtime PM enable to sci_probe_single()
| * e5250b8619 dt-bindings: pwm: adi,axi-pwmgen: Fix clocks
| * df4f4cdb06 dt-bindings: pwm: Correct indentation and style in DTS example
| * 3e81a8c732 dt-bindings: pwm: adi,axi-pwmgen: Increase #pwm-cells to 3
| * 595f83730b pinctrl: samsung: add gs101 specific eint suspend/resume callbacks
| * f33266ec35 pinctrl: samsung: add dedicated SoC eint suspend/resume callbacks
| * d5d5193dde pinctrl: samsung: refactor drvdata suspend & resume callbacks
| * cd9d354bdd arm64: dts: qcom: x1e80100: Add GPU cooling
| * 9cd06b2ebe arm64: dts: qcom: x1e80100: Apply consistent critical thermal shutdown
| * b8de1a5029 mmc: sdhci-of-dwcmshc: add PD workaround on RK3576
| * 80f7c5be4f pmdomain: core: Introduce dev_pm_genpd_rpm_always_on()
| * eccd1fc1b0 Input: synaptics-rmi - fix crash with unsupported versions of F34
| * 59cb05c804 ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA
| * 0da3314630 ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup
| * c4cc8f6c31 ALSA: hda/realtek - Support mute led function for HP platform
| * 410156098b ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA
| * 95e01b950c ALSA: hda/realtek: fix micmute LEDs on HP Laptops with ALC3247
| * 8b8b33ae37 ALSA: hda/realtek: fix micmute LEDs on HP Laptops with ALC3315
| * 0ce600d717 tools/power turbostat: Fix AMD package-energy reporting
| * 9c1ddfeb66 do_change_type(): refuse to operate on unmounted/not ours mounts
| * e1d02fe504 fix propagation graph breakage by MOVE_MOUNT_SET_GROUP move_mount(2)
| * 1d79230719 path_overmount(): avoid false negatives
| * 1be1f3b848 iov_iter: use iov_offset for length calculation in iov_iter_aligned_bvec
| * 569fb8c122 ASoC: ti: omap-hdmi: Re-add dai_link->platform to fix card init
| * 18ff538aac ASoC: Intel: avs: Verify content returned by parse_int_array()
| * cabc3dc410 ASoC: Intel: avs: Fix deadlock when the failing IPC is SET_D0IX
| * 3668296690 ASoC: codecs: hda: Fix RPM usage count underflow
| * 1cda72119b scsi: ufs: qcom: Prevent calling phy_exit() before phy_init()
| * e019873540 riscv: misaligned: fix sleeping function called during misaligned access handling
| * d5d9fd13bc seg6: Fix validation of nexthop addresses
| * 933466fc50 wireguard: device: enable threaded NAPI
| * 031f5c5ca0 net: wwan: mhi_wwan_mbim: use correct mux_id for multiplexing
| * 4f0fcdb835 wifi: cfg80211/mac80211: correctly parse S1G beacon optional elements
| * b2fc08d276 net: dsa: b53: do not touch DLL_IQQD on bcm53115
| * 1aa31695bf net: dsa: b53: allow RGMII for bcm63xx RGMII ports
| * 6d1c93a5c6 net: dsa: b53: do not enable RGMII delay on bcm63xx
| * 6c2e062002 net: ti: icssg-prueth: Fix swapped TX stats for MII interfaces.
| * f34dc858e6 netfilter: nf_nat: also check reverse tuple to obtain clashing entry
| * 251496ce17 netfilter: nf_set_pipapo_avx2: fix initial map fill
| * f33277cda6 drm/panel-simple: fix the warnings for the Evervision VGG644804
| * a0319c9b16 gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO
| * 8cb645117a nvme: fix command limits status code
| * 0cffc6e40d PM: sleep: Fix power.is_suspended cleanup for direct-complete devices
| * 1184f7df1d selftests: net: build net/lib dependency in all target
| * 6d300675dc vmxnet3: correctly report gso type for UDP tunnels
| * e2df04e69c net: wwan: t7xx: Fix napi rx poll issue
| * 4399f59a94 net: fix udp gso skb_segment after pull from frag_list
| * 798fd944fb drm/i915/guc: Handle race condition where wakeref count drops below 0
| * ba282cfba3 drm/i915/psr: Fix using wrong mask in REG_FIELD_PREP
| * 2679bb2f69 drm/i915/guc: Check if expecting reply before decrementing outstanding_submission_g2h
| * 451ee661d0 net: stmmac: make sure that ptp_rate is not 0 before configuring EST
| * bb033c6781 net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping
| * 2c32fc56c0 net: dsa: tag_brcm: legacy: fix pskb_may_pull length
| * e653c298c5 idpf: avoid mailbox timeout delays during reset
| * 12e40d01d6 idpf: fix a race in txq wakeup
| * 635fd9cead ice: fix rebuilding the Tx scheduler tree for large queue counts
| * f9c3e8573b ice: create new Tx scheduler nodes for new queues only
| * 276849954d ice: fix Tx scheduler error handling in XDP callback
| * b788cebf72 Bluetooth: L2CAP: Fix not responding with L2CAP_CR_LE_ENCRYPTION
| * 2a98786e25 spi: bcm63xx-hsspi: fix shared reset
| * 408ca1d180 spi: bcm63xx-spi: fix shared reset
| * df376638df net: lan966x: Make sure to insert the vlan tags also in host mode
| * 095fe646f8 net/mlx4_en: Prevent potential integer overflow calculating Hz
| * 4c597fb290 driver: net: ethernet: mtk_star_emac: fix suspend/resume issue
| * c762fc79d7 net: tipc: fix refcount warning in tipc_aead_encrypt
| * 5910cbbfad gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt
| * 74882beda3 net: stmmac: platform: guarantee uniqueness of bus_id
| * e869a85acc page_pool: Fix use-after-free in page_pool_recycle_in_ring
| * 90891eadb8 Fix sock_exceed_buf_limit not being triggered in __sk_mem_raise_allocated
| * 35f116a465 drm/xe: Make xe_gt_freq part of the Documentation
| * 3091d4c0d0 loop: add file_start_write() and file_end_write()
| * 4bd30962f3 USB: typec: fix const issue in typec_match()
| * 9f40ae8310 USB: gadget: udc: fix const issue in gadget_match_driver()
| * ad2fc59a67 iio: adc: mcp3911: fix device dependent mappings for conversion result registers
| * 9d6c8f5612 iio: adc: PAC1934: fix typo in documentation link
| * 03eb283523 mei: vsc: Cast tx_buf to (__be32 *) when passed to cpu_to_be32_array()
| * 130e134f6e vt: remove VT_RESIZE and VT_RESIZEX from vt_compat_ioctl()
| * 3102881272 coresight: prevent deactivate active config while enabling the config
| * 8b2230ac7f fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt()
| * 8d47a03544 counter: interrupt-cnt: Protect enable/disable OPs with mutex
| * b9c6d66810 coresight: catu: Introduce refcount and spinlock for enabling/disabling
| * 1183a72221 coresight: Fixes device's owner field for registered using coresight_init_driver()
| * 677da45548 MIPS: Loongson64: Add missing '#interrupt-cells' for loongson64c_ls7a
| * 8fa544bff8 usb: acpi: Prevent null pointer dereference in usb_acpi_add_usb4_devlink()
| * 122bbc57cb iio: adc: ad7124: Fix 3dB filter frequency reading
| * 46dd5892ea iio: filter: admv8818: Support frequencies >= 2^32
| * 5bd5808b36 iio: filter: admv8818: fix range calculation
| * c065694b8d iio: filter: admv8818: fix integer overflow
| * ba9a3d356b iio: filter: admv8818: fix band 4, state 15
| * 74aca5ca34 thunderbolt: Fix a logic error in wake on connect
| * c23d87b43f serial: Fix potential null-ptr-deref in mlb_usio_probe()
| * d4c368e4a6 usb: renesas_usbhs: Reorder clock handling and power management in probe
| * 0a3e2ec508 PCI: endpoint: Retain fixed-size BAR size as well as aligned size
| * 9137bd312b rtc: loongson: Add missing alarm notifications for ACPI RTC events
| * 7b26470070 PCI/DPC: Log Error Source ID only when valid
| * 642962fe3f PCI/DPC: Initialize aer_err_info before using it
| * 3d159ffc16 PCI/ACPI: Fix allocated memory release on error in pci_acpi_scan_root()
| * bc6ddff798 dmaengine: ti: Add NULL check in udma_probe()
| * 5072c17491 phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug
| * 8da884ec36 PCI: apple: Use gpiod_set_value_cansleep in probe flow
| * 8c839e71c4 PCI: cadence: Fix runtime atomic count underflow
| * d9342fced7 PCI: rcar-gen4: set ep BAR4 fixed size
| * 17e4b0fcd2 PCI: Print the actual delay time in pci_bridge_wait_for_secondary_bus()
| * 5aac41632f phy: rockchip: samsung-hdptx: Do no set rk_hdptx_phy->rate in case of errors
| * e3f71127c6 phy: rockchip: samsung-hdptx: Fix clock ratio setup
| * 1dfeafe585 rtc: sh: assign correct interrupts with DT
| * 6635bb78eb rust: alloc: add missing invariant in Vec::set_len()
* | 1d7d3adfa4 Revert "dm: fix dm_blk_report_zones"
* | 7a5c39c156 Revert "page_pool: Track DMA-mapped pages and unmap them when destroying the pool"
* | e5ead1ec40 Merge 48ca7139ab ("cifs: Fix validation of SMB1 query reparse point response") into android16-6.12-lts
|\|
| * 48ca7139ab cifs: Fix validation of SMB1 query reparse point response
| * f7d9f4fa53 perf callchain: Always populate the addr_location map when adding IP
| * da9addeabd perf trace: Set errpid to false for rseq and set_robust_list
| * afa06f2605 nfs: ignore SB_RDONLY when remounting nfs
| * 877a3f1be3 nfs: clear SB_RDONLY before getting superblock
| * aaea7a783d perf trace: Always print return value for syscalls returning a pid
| * 8d313634e6 perf record: Fix incorrect --user-regs comments
| * 20eafb4e59 perf symbol: Fix use-after-free in filename__read_build_id
| * 3196b6c708 mailbox: mtk-cmdq: Refine GCE_GCTL_VALUE setting
| * 0acd44a8d7 mailbox: imx: Fix TXDB_V2 sending
| * 28f3b29e74 perf tests switch-tracking: Fix timestamp comparison
| * 9970210eb1 mfd: stmpe-spi: Correct the name used in MODULE_DEVICE_TABLE
| * fc66342db7 mfd: exynos-lpass: Avoid calling exynos_lpass_disable() twice in exynos_lpass_remove()
| * d374cd56df mfd: exynos-lpass: Fix an error handling path in exynos_lpass_probe()
| * 1fbee9f185 rpmsg: qcom_smd: Fix uninitialized return variable in __qcom_smd_send()
| * 4ce341e639 remoteproc: k3-dsp: Drop check performed in k3_dsp_rproc_{mbox_callback/kick}
| * 3a4afda6fd remoteproc: k3-r5: Drop check performed in k3_r5_rproc_{mbox_callback/kick}
| * 9b15fcdba9 remoteproc: qcom_wcnss_iris: Add missing put_device() on error in probe
| * 6a6070d943 perf scripts python: exported-sql-viewer.py: Fix pattern matching with Python 3
| * 3b7d37c49f perf intel-pt: Fix PEBS-via-PT data_src
| * 5c37bd2650 perf tests: Fix 'perf report' tests installation
| * 47eee86e45 perf trace: Fix leaks of 'struct thread' in set_filter_loop_pids()
| * f481bf3e02 dm-flakey: make corrupting read bios work
| * 9091c9e039 dm-flakey: error all IOs when num_features is absent
| * f9c1bdf246 dm: fix dm_blk_report_zones
| * dc16583d21 perf symbol-minimal: Fix double free in filename__read_build_id
| * 19bd9cde38 hwmon: (asus-ec-sensors) check sensor index in read_string()
| * 7a23cc510e mtd: nand: ecc-mxic: Fix use of uninitialized variable ret
| * 2967178d30 x86/irq: Ensure initial PIR loads are performed exactly once
| * 1be2000b70 backlight: pm8941: Add NULL check in wled_configure()
| * 48e0b54be4 dm: free table mempools if not used in __bind
| * 2eeb181e76 dm: don't change md if dm_table_set_restrictions() fails
| * baf8a7fed0 perf ui browser hists: Set actions->thread before calling do_zoom_thread()
| * a951f9a3d9 perf build: Warn when libdebuginfod devel files are not available
| * 5934a8fab3 randstruct: gcc-plugin: Fix attribute addition
| * ab6db95940 randstruct: gcc-plugin: Remove bogus void member
| * b235393b9f fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()
| * f697ef117e soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop()
| * 7ce3063fd8 soc: aspeed: lpc: Fix impossible judgment condition
| * ffbfe7b0ce ARM: aspeed: Don't select SRAM
| * 0007761ff5 arm64: dts: mt6359: Rename RTC node to match binding expectations
| * 0e00819914 arm64: dts: renesas: white-hawk-ard-audio: Fix TPU0 groups
| * 81f52f39ed arm64: dts: qcom: qcm2290: fix (some) of QUP interconnects
| * 16f35dcfe3 arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou
| * 318d0f2adc arm64: defconfig: mediatek: enable PHY drivers
| * 8333880133 ARM: dts: qcom: apq8064: move replicator out of soc node
| * 99f2ee48e9 ARM: dts: qcom: apq8064 merge hw splinlock into corresponding syscon device
| * 36a1fdd5d5 ARM: dts: qcom: apq8064: add missing clocks to the timer node
| * 2a8d4567aa dt-bindings: vendor-prefixes: Add Liontron name
| * 1d5baab39e bus: fsl-mc: fix double-free on mc_dev
| * 9abbace400 nilfs2: do not propagate ENOENT error from nilfs_btree_propagate()
| * ecfc9dfae9 nilfs2: add pointer check for nilfs_direct_propagate()
| * f6fae70f83 ocfs2: fix possible memory leak in ocfs2_finish_quota_recovery
| * 0aff95d9bc Squashfs: check return result of sb_min_blocksize
| * e318a7bd2d soc: qcom: smp2p: Fix fallback to qcom,ipc parse
| * 14f2820a5d arm64: dts: ti: k3-j721e-common-proc-board: Enable OSPI1 on J721E
| * 2e39a12c45 arm64: tegra: Add uartd serial alias for Jetson TX1 module
| * 39ecf2ad20 arm64: tegra: Drop remaining serial clock-names and reset-names
| * 827746ce8b arm64: dts: rockchip: Update eMMC for NanoPi R5 series
| * 4fd50f6980 arm64: dts: rockchip: Add vcc-supply to SPI flash on rk3566-rock3c
| * f924280cf4 arm64: dts: qcom: sda660-ifc6560: Fix dt-validate warning
| * 2533efb0d6 arm64: dts: qcom: sdm660-lavender: Add missing USB phy supply
| * 3c8f511a65 arm64: dts: mt6359: Add missing 'compatible' property to regulators node
| * e2df43c942 arm64: dts: mediatek: mt6357: Drop regulator-fixed compatibles
| * 66a6daa0ef arm64: dts: imx8mn-beacon: Set SAI5 MCLK direction to output for HDMI audio
| * b9c7c4e6c8 arm64: dts: imx8mm-beacon: Set SAI5 MCLK direction to output for HDMI audio
| * c48fe69e17 arm64: dts: imx8mp-beacon: Fix RTC capacitive load
| * 69120f3767 arm64: dts: imx8mn-beacon: Fix RTC capacitive load
| * 33ff1f1329 arm64: dts: imx8mm-beacon: Fix RTC capacitive load
| * e1c84dd136 arm64: dts: mt8183: Add port node to mt8183.dtsi
| * a39ba524fb arm64: dts: qcom: sdm660-xiaomi-lavender: Add missing SD card detect GPIO
| * 269df4263e arm64: dts: mediatek: mt8195: Reparent vdec1/2 and venc1 power domains
| * 5b5a538aad ARM: dts: at91: at91sam9263: fix NAND chip selects
| * 037a3a2567 ARM: dts: at91: usb_a9263: fix GPIO for Dataflash chip select
| * 3682d4dd0e arm64: dts: rockchip: Move SHMEM memory to reserved memory on rk3588
| * 3d36b1baf0 arm64: dts: qcom: ipq9574: Fix USB vdd info
| * 79c8378070 arm64: dts: qcom: sc8280xp-x13s: Drop duplicate DMIC supplies
| * 6e65650cee arm64: dts: qcom: sm8250: Fix CPU7 opp table
| * 3c4aaf3e76 arm64: dts: qcom: sm8350: Reenable crypto & cryptobam
| * 9164f9ae3f arm64: dts: qcom: sdm845-starqltechn: remove excess reserved gpios
| * d997703f9d arm64: dts: qcom: sdm845-starqltechn: refactor node order
| * 83f1b473bb arm64: dts: qcom: sdm845-starqltechn: fix usb regulator mistake
| * caecebc6b9 arm64: dts: qcom: sdm845-starqltechn: remove wifi
| * bdf8915dad arm64: dts: qcom: x1e80100-romulus: Keep L12B and L15B always on
| * 5c721b58d3 arm64: dts: qcom: sm8650: add missing cpu-cfg interconnect path in the mdss node
| * a999df6f45 arm64: dts: qcom: sm8650: setup gpu thermal with higher temperatures
| * 4e95465ab9 arm64: dts: qcom: x1e80100: Mark usb_2 as dma-coherent
| * 0befc3005d f2fs: fix to correct check conditions in f2fs_cross_rename
| * 532601e783 f2fs: use d_inode(dentry) cleanup dentry->d_inode
| * a3eeaea04e net: phy: mscc: Stop clearing the the UDPv4 checksum for L2 frames
| * 69541e5832 net: openvswitch: Fix the dead loop of MPLS parse
| * dd89288975 calipso: Don't call calipso functions for AF_INET sk.
| * ec62c99914 octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback
| * 91bed4ccae octeontx2-pf: QOS: Perform cache sync on send queue teardown
| * 66abe22017 net: phy: mscc: Fix memory leak when using one step timestamping
| * 4b073a575b net: lan743x: Fix PHY reset handling during initialization and WOL
| * 0e5c90c2ae net: lan743x: rename lan743x_reset_phy to lan743x_hw_reset_phy
| * f15ed37dd3 net: phy: fix up const issues in to_mdio_device() and to_phy_device()
| * ddc654e89a net: phy: clear phydev->devlink when the link is deleted
| * 2bc6dffb4b bpf: Avoid __bpf_prog_ret0_warn when jit fails
| * 3a92988a76 net: xilinx: axienet: Fix Tx skb circular buffer occupancy check in dmaengine xmit
| * f066d85170 net: lan966x: Fix 1-step timestamping over ipv4 or ipv6
| * 02e45168e0 RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work
| * 7893a41dea vsock/virtio: fix `rx_bytes` accounting for stream sockets
| * 30a9e834c7 net: usb: aqc111: fix error handling of usbnet read calls
| * 82fe7fbc21 RISC-V: KVM: lock the correct mp_state during reset
| * 9d04742f3e netfilter: nft_tunnel: fix geneve_opt dump
| * 09ecfdff49 netfilter: nf_tables: nft_fib: consistent l3mdev handling
| * 15c0250dae bpf, sockmap: Avoid using sk_socket after free when sending
| * 9427f6081f Bluetooth: btintel: Check dsbr size from EFI variable
| * 1750c3f1d9 Bluetooth: MGMT: iterate over mesh commands in mgmt_mesh_foreach()
| * 46e6822489 vfio/type1: Fix error unwind in migration dirty bitmap allocation
| * fd125f1eef netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy
| * c4c18cf589 netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds
| * 1d249cc92d bpf: Revert "bpf: remove unnecessary rcu_read_{lock,unlock}() in multi-uprobe attach logic"
| * 7e48358639 wifi: mt76: mt7996: fix RX buffer size of MCU event
| * 3fc2021984 wifi: mt76: mt7996: set EHT max ampdu length capability
| * ba9bf458fa wifi: mt76: mt7925: ensure all MCU commands wait for response
| * 52ffee9fea wifi: mt76: mt7925: refine the sniffer commnad
| * 17e939897e wifi: mt76: mt7925: prevent multiple scan commands
| * 790d05cde3 wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init()
| * 1072fc0ca1 wifi: mt76: mt7996: Fix null-ptr-deref in mt7996_mmio_wed_init()
| * df00f9147e Bluetooth: ISO: Fix not using SID from adv report
| * 6bfb154f95 kernfs: Relax constraint in draining guard
| * e0657136ae scsi: ufs: mcq: Delete ufshcd_release_scsi_cmd() in ufshcd_mcq_abort()
| * ee5ee64638 wifi: ath9k_htc: Abort software beacon handling if disabled
| * 59a834592d hisi_acc_vfio_pci: bugfix live migration function without VF device driver
| * 89729b8152 hisi_acc_vfio_pci: add eq and aeq interruption restore
| * 884a76e813 hisi_acc_vfio_pci: fix XQE dma address error
| * 3a392f874a wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event
| * b4f6605dc2 iommu: remove duplicate selection of DMAR_TABLE
| * e966a3c01c wifi: rtw89: fix firmware scan delay unit for WiFi 6 chips
| * c132553894 wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds
| * 8ffad7be09 wifi: rtw89: pci: enlarge retry times of RX tag to 1000
| * 78a327ef0a s390/bpf: Store backchain even for leaf progs
| * d32f9927f4 clk: qcom: gcc-msm8939: Fix mclk0 & mclk1 for 24 MHz
| * e660e75f84 dt-bindings: soc: fsl,qman-fqd: Fix reserved-memory.yaml reference
| * c98cdf6795 bpf: Fix WARN() in get_bpf_raw_tp_regs
| * e02e12d6a7 pinctrl: at91: Fix possible out-of-boundary access
| * b7384eab87 libbpf: Use proper errno value in nlattr
| * c13e317499 ktls, sockmap: Fix missing uncharge operation
| * 64f8f2a933 of: unittest: Unlock on error in unittest_data_add()
| * 709412b92a tracing: Fix error handling in event_trigger_parse()
| * 4839a4a6ab tracing: Rename event_trigger_alloc() to trigger_data_alloc()
| * ec913bc18b selftests/bpf: Fix caps for __xlated/jited_unpriv
| * 69a995644a efi/libstub: Describe missing 'out' parameter in efi_load_initrd
| * a82f49df6b wifi: iwlfiwi: mvm: Fix the rate reporting
| * 0a2712cd24 clk: bcm: rpi: Add NULL check in raspberrypi_clk_register()
| * d969194bda bpftool: Fix regression of "bpftool cgroup tree" EINVAL on older kernels
| * 41c5158d36 clk: qcom: gpucc-sm6350: Add *_wait_val values for GDSCs
| * 45e1ff1284 clk: qcom: gcc-sm6350: Add *_wait_val values for GDSCs
| * a2874b73fd clk: qcom: dispcc-sm6350: Add *_wait_val values for GDSCs
| * dcdce64095 clk: qcom: camcc-sm6350: Add *_wait_val values for GDSCs
| * e53a8dcd36 tracing: Move histogram trigger variables from stack to per CPU structure
| * 94068a664a bpf: Fix uninitialized values in BPF_{CORE,PROBE}_READ
| * 50ac361ff8 RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction
| * c1360ac815 netfilter: nft_set_pipapo: prevent overflow in lookup table allocation
| * c7b7d63a33 netfilter: nft_quota: match correctly when the quota just depleted
| * de6edd3237 netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it
| * c1f418cc27 bpf: Allow XDP dev-bound programs to perform XDP_REDIRECT into maps
| * 277f9ffe87 libbpf: Use proper errno value in linker
| * 6589bc3699 scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels
| * 4248ba53e4 f2fs: fix to detect gcing page in f2fs_is_cp_guaranteed()
| * 04daca6012 f2fs: clean up w/ fscrypt_is_bounce_page()
| * 83563a166c bonding: assign random address if device address is same as bond
| * 88f65bb66d iommu: Protect against overflow in iommu_pgsize()
| * cc26bc26be Use thread-safe function pointer in libbpf_print
| * 30d80c636e libbpf: Remove sample_period init in perf_buffer
| * 3587bee963 libbpf: Fix event name too long error
| * 034c1796f1 scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk
| * 0e7792a300 RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h
| * 6285516170 wifi: ath12k: fix node corruption in ar->arvifs list
| * 6a6307f866 wifi: ath12k: Fix the QoS control field offset to build QoS header
| * 0c2de959f1 wifi: ath12k: Add MSDU length validation for TKIP MIC error
| * 371b340aff wifi: ath12k: fix invalid access to memory
| * bba24336b9 wifi: rtw88: do not ignore hardware read error during DPK
| * c5b738a1d9 wifi: rtw88: sdio: call rtw_sdio_indicate_tx_status unconditionally
| * 308ba450ea wifi: rtw88: sdio: map mgmt frames to queue TX_DESC_QSEL_MGMT
| * 5063fe8789 xfrm: Use xdo.dev instead of xdo.real_dev
| * 08784c7345 net/mlx5: Avoid using xso.real_dev unnecessarily
| * 9d57de88d9 libbpf: Fix buffer overflow in bpf_object__init_prog
| * cf11bd435f net: ncsi: Fix GCPS 64-bit member variables
| * 4f51fb0d25 page_pool: Track DMA-mapped pages and unmap them when destroying the pool
| * 25a912b3e0 page_pool: Move pp_magic check into helper functions
| * 65b3f76592 f2fs: fix to do sanity check on sbi->total_valid_block_count
| * a4d8052135 f2fs: prevent the current section from being selected as a victim during GC
| * 2fa8d128ec f2fs: clean up unnecessary indentation
| * 0c57aa8ef9 wifi: ath12k: Fix buffer overflow in debugfs
| * 827ff610af wifi: ath12k: Fix WMI tag for EHT rate in peer assoc
| * 553c265cd6 wifi: ath12k: fix cleanup path after mhi init
| * 44a51592ac f2fs: zone: fix to avoid inconsistence in between SIT and SSA
| * 3d25fa2d7f bpf, sockmap: Fix panic when calling skb_linearize
| * 3a8e680f7d bpf, sockmap: fix duplicated data transmission
| * 57fbbe29e8 bpf: fix ktls panic with sockmap
| * f1b0b9b712 selftests/bpf: Fix bpf_nf selftest failure
| * 671dd1fb87 bpf: Check link_create.flags parameter for multi_kprobe
| * fa5977d89d IB/cm: use rwlock for MAD agent lock
| * a284820a1c wifi: ath12k: Fix invalid memory access while forming 802.11 header
| * 5a1210a69c wifi: ath12k: Fix memory leak during vdev_id mismatch
| * f5d77d0d41 wifi: ath11k: fix node corruption in ar->arvifs list
| * 80a81375ef xen/x86: fix initial memory balloon target
| * 7051a80916 svcrdma: Reduce the number of rdma_rw contexts per-QP
| * 9e710dc96f media: verisilicon: Free post processor buffers on error
| * 7b6050a9ef drm/mediatek: mtk_drm_drv: Unbind secondary mmsys components on err
| * 62df1ba668 drm/mediatek: Fix kobject put for component sub-drivers
| * ad426a7c3d drm/mediatek: mtk_drm_drv: Fix kobject put for mtk_mutex device ptr
| * 5c2efbb372 drm/msm/a6xx: Disable rgb565_predicator on Adreno 7c3
| * 295f1b128c selftests/seccomp: fix negative_ENOSYS tracer tests on arm32
| * b038ffbd49 perf/amlogic: Replace smp_processor_id() with raw_smp_processor_id() in meson_ddr_pmu_create()
| * c79bee3456 scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops
| * e55f46a11b overflow: Fix direct struct member initialization in _DEFINE_FLEX()
| * b3cfc1f9f5 arm64/fpsimd: Do not discard modified SVE state
| * 7e16ba331e firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES
| * 451335c867 drm/tegra: rgb: Fix the unbound reference count
| * c4487e35d3 drm/vkms: Adjust vkms_state->active_planes allocation type
| * 7de22bbc58 drm: rcar-du: Fix memory leak in rcar_du_vsps_init()
| * 3d0ae6b511 drm/msm/dpu: enable SmartDMA on SC8180X
| * 5301f110b9 drm/msm/dpu: enable SmartDMA on SM8150
| * ebf467c0ba selftests/seccomp: fix syscall_restart test for arm compat
| * 64a9ee6e11 arm64/fpsimd: Avoid warning when sve_to_fpsimd() is unused
| * a4ea740862 arm64: Support ARM64_VA_BITS=52 when setting ARCH_MMAP_RND_BITS_MAX
| * 0860d48b70 firmware: psci: Fix refcount leak in psci_dt_init
| * 7ccf0c4070 m68k: mac: Fix macintosh_config for Mac II
| * 214307d69b watchdog: exar: Shorten identity name to fit correctly
| * 980b0895a0 kunit/usercopy: Disable u64 test on 32-bit SPARC
| * e2bbe6336d fs/ntfs3: Add missing direct_IO in ntfs_aops_cmpr
| * 2d5879f645 fs/ntfs3: handle hdr_first_de() return value
| * 33c9956b46 drm/bridge: lt9611uxc: Fix an error handling path in lt9611uxc_probe()
| * 8a88840699 drm/panel: samsung-sofef00: Drop s6e3fc2x01 support
| * 8e43fa9c71 perf: arm-ni: Fix missing platform_set_drvdata()
| * 7e958e116e perf: arm-ni: Unregister PMUs on probe failure
| * 8e6a63acc4 drm/panthor: Update panthor_mmu::irq::mask when needed
| * d94b25ac50 drm/panthor: Fix GPU_COHERENCY_ACE[_LITE] definitions
| * f5ffc750db arm64/fpsimd: Fix merging of FPSIMD state during signal return
| * 2756dac036 arm64/fpsimd: Reset FPMR upon exec()
| * 55d52af498 arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP
| * 945d247d1c arm64/fpsimd: Don't corrupt FPMR when streaming mode changes
| * 6103f9ba51 arm64/fpsimd: Discard stale CPU state when handling SME traps
| * fa65c89f3f arm64/fpsimd: Avoid RES0 bits in the SME trap handler
| * 9d6e355a26 media: rkvdec: Fix frame size enumeration
| * 64f3acc8c7 drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table
| * aba86d49e5 drm/vc4: tests: Use return instead of assert
| * bf694844da drm/xe/d3cold: Set power state to D3Cold during s2idle/s3
| * 67ea6af426 drm/vmwgfx: Fix dumb buffer leak
| * af713f6af6 drm/vmwgfx: Add error path for xa_store in vmw_bo_add_detached_resource
| * aa02817f7a drm/vmwgfx: Add seqno waiter for sync_files
| * 45844a9403 ALSA: core: fix up bus match const issues.
| * 9bad55fc4a ASoC: apple: mca: Constrain channels according to TDM mask
| * 5787ff1ace spi: sh-msiof: Fix maximum DMA transfer size
| * c9c8cb0f28 ACPI: OSI: Stop advertising support for "3.0 _SCP Extensions"
| * 0440baa4d4 thermal/drivers/mediatek/lvts: Fix debugfs unregister on failure
| * 77d45ba1be PM: sleep: Print PM debug messages during hibernation
| * d3cc08bad4 x86/mtrr: Check if fixed-range MTRRs exist in mtrr_save_fixed_ranges()
| * f551f0e630 ACPI: resource: fix a typo for MECHREVO in irq1_edge_low_force_override[]
| * 0426e92970 PM: wakeup: Delete space in the end of string shown by pm_show_wakelocks()
| * 06c74bd587 ASoC: SOF: amd: add missing acp descriptor field
| * be0dc3e919 ASoC: SOF: ipc4-pcm: Adjust pipeline_list->pipelines allocation type
| * 81d72f9241 PM: EM: Fix potential division-by-zero error in em_compute_costs()
| * d05c33c14f power: reset: at91-reset: Optimize at91_reset()
| * 109d6bc579 spi: tegra210-quad: modify chip select (CS) deactivation
| * 688d0b0d94 spi: tegra210-quad: remove redundant error handling code
| * 6accf99a2e spi: tegra210-quad: Fix X1_X2_X4 encoding and support x4 transfers
| * 29ce9e71e9 EDAC/{skx_common,i10nm}: Fix the loss of saved RRL for HBM pseudo channel 0
| * a13e8343ff EDAC/skx_common: Fix general protection fault
| * 87dbfe2b39 ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY()
| * b49ff1c5e9 ASoC: tas2764: Enable main IRQs
| * 594380c4b5 ACPICA: exserial: don't forget to handle FFixedHW opregions for reading
| * 9c094deb6b crypto: api - Redo lookup on EEXIST
| * e9ecaeaf41 kunit: Fix wrong parameter to kunit_deactivate_static_stub()
| * 53bedcd2d2 crypto: sun8i-ce - move fallback ahash_request to the end of the struct
| * 5ed92ad1b7 crypto: xts - Only add ecb if it is not already there
| * b7c09d2131 crypto: lrw - Only add ecb if it is not already there
| * 58beaa1aee rcu/cpu_stall_cputime: fix the hardirq count for x86 architecture
| * 60f9545815 btrfs: fix invalid data space release when truncating block in NOCOW mode
| * 7f45183cea btrfs: scrub: fix a wrong error type when metadata bytenr mismatches
| * 5bd799d2ac btrfs: scrub: update device stats when an error is detected
| * 5539216f73 powerpc/pseries/iommu: Fix kmemleak in TCE table userspace view
| * 65115472f7 erofs: avoid using multiple devices with different type
| * 9cfca45aec erofs: fix file handle encoding for 64-bit NIDs
| * 47810c6147 crypto: marvell/cesa - Avoid empty transfer descriptor
| * 7894694b5d crypto: marvell/cesa - Handle zero-length skcipher requests
| * bf3cbf2805 kselftest: cpufreq: Get rid of double suspend in rtcwake case
| * 48e11bcee9 brd: fix discard end sector
| * 5b814cde62 brd: fix aligned_sector from brd_do_discard()
| * 7778a67678 x86/insn: Fix opcode map (!REX2) superscript tags
| * a18f8b1092 x86/cpu: Sanitize CPUID(0x80000000) output
| * c93930857f crypto: sun8i-ce - undo runtime PM changes during driver removal
| * 57a52d7449 x86/microcode/AMD: Do not return error when microcode update is not necessary
| * 451a18d71b sched/core: Tweak wait_task_inactive() to force dequeue sched_delayed tasks
| * f54d2b7ac4 powerpc/crash: Fix non-smp kexec preparation
| * 4de0bb505f powerpc: do not build ppc_save_regs.o always
| * 50de02375f crypto: sun8i-ss - do not use sg_dma_len before calling DMA functions
| * 19d267d9fa crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()
| * 781bbc8252 perf/core: Fix broken throttling when max_samples_per_tick=1
| * 5cd98656bc gfs2: gfs2_create_inode error handling fix
| * 271e6bf41a gfs2: replace sd_aspace with sd_inode
| * 88ab25d718 perf/x86/amd/uncore: Prevent UMC counters from saturating
| * 18807198d5 perf/x86/amd/uncore: Remove unused 'struct amd_uncore_ctx::node' member
| * 623074162b sched: Fix trace_sched_switch(.prev_state)
| * e8d0d9ae99 crypto: sun8i-ce-hash - fix error handling in sun8i_ce_hash_run()
| * 41f76e9891 x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt()
| * 25027501e6 tools/x86/kcpuid: Fix error handling
* | 6da4371380 Revert "usb: typec: ucsi: fix Clang -Wsign-conversion warning"
* | 580b0fa739 Merge 6.12.33 into android16-6.12-lts
|\|
| * e03ced99c4 Linux 6.12.33
| * 80fe1ebc1f Revert "drm/amd/display: more liberal vmin/vmax update for freesync"
| * d452b168da dt-bindings: phy: imx8mq-usb: fix fsl,phy-tx-vboost-level-microvolt property
| * 1ed84b17fa dt-bindings: usb: cypress,hx3: Add support for all variants
| * eb2d5e794f thunderbolt: Do not double dequeue a configuration request
| * b4fac3f172 usb: usbtmc: Fix timeout value in get_stb
| * 985961dd26 serial: jsm: fix NPE during jsm_uart_port_init
| * e428b7e205 Bluetooth: hci_qca: move the SoC type check to the right place
| * 4490c79518 usb: typec: ucsi: fix Clang -Wsign-conversion warning
| * 1a51004aa0 USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB
| * 393ad97838 usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device
| * 23179d009c usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE
| * a347664312 Revert "cpufreq: tegra186: Share policy per cluster"
| * 0c60158ff1 block: fix adding folio to bio
| * 3c4fed940d PCI/ASPM: Disable L1 before disabling L1 PM Substates
| * 4685153b12 accel/ivpu: Update power island delays
| * f4deea4184 accel/ivpu: Add initial Panther Lake support
| * 6b482b16f3 rtc: Fix offset calculation for .start_secs < 0
| * a6a55fe660 rtc: Make rtc_time64_to_tm() support dates before 1970
| * f28fae36ba Documentation: ACPI: Use all-string data node references
| * 32b7c46c4d acpi-cpufreq: Fix nominal_freq units to KHz in get_max_boost_ratio()
| * 614456f1a0 pinctrl: armada-37xx: set GPIO output value before setting direction
| * f49c751d60 pinctrl: armada-37xx: use correct OUTPUT_VAL register for GPIOs > 31
| * bf49527089 f2fs: fix to avoid accessing uninitialized curseg
| * db758487f3 tracing: Fix compilation warning on arm32
* | b914826a45 Revert "coredump: hand a pidfd to the usermode coredump helper"
* | 26aed9f970 Merge 6.12.32 into android16-6.12-lts
|\|
| * ba9210b8c9 Linux 6.12.32
| * 334da674b2 ksmbd: use list_first_entry_or_null for opinfo_get_list()
| * 4a72fa2f59 net: ethernet: ti: am65-cpsw: Lower random mac address error print to info
| * b4b163b0e7 platform/x86: thinkpad_acpi: Ignore battery threshold change event notification
| * f9adb4a162 ALSA: hda/realtek - restore auto-mute mode for Dell Chrome platform
| * 5277bc961c platform/x86: fujitsu-laptop: Support Lifebook S2110 hotkeys
| * c7ce21b85a NFS: Avoid flushing data while holding directory locks in nfs_rename()
| * 87129b9342 char: tpm: tpm-buf: Add sanity check fallback in read helpers
| * fe7879e5eb drm/xe: Save the gt pointer in lrc and drop the tile
| * 089e980525 drm/xe/xe2hpg: Add Wa_22021007897
| * 3b3d3174d1 nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro
| * 8c7ecba772 spi: spi-sun4i: fix early activation
| * 44a4a01e91 phy: phy-rockchip-samsung-hdptx: Fix PHY PLL output 50.25MHz error
| * 2c09a5cbc0 phy: starfive: jh7110-usb: Fix USB 2.0 host occasional detection failure
| * 6f47d74081 drm/amd/display: check stream id dml21 wrapper to get plane_id
| * 02ed7c617f drm/amd/display: fix link_set_dpms_off multi-display MST corner case
| * afe090366f gpio: virtuser: fix potential out-of-bound write
| * cef4f57980 um: let 'make clean' properly clean underlying SUBARCH as well
| * cb5d7e7a6f platform/x86: thinkpad_acpi: Support also NEC Lavie X1475JAS
| * 16ed9db158 nfs: don't share pNFS DS connections between net namespaces
| * f7cbb7035c HID: quirks: Add ADATA XPG alpha wireless mouse support
| * 141054adba dmaengine: idxd: cdev: Fix uninitialized use of sva in idxd_cdev_open
| * 510cf09f2d coredump: hand a pidfd to the usermode coredump helper
| * 8fdca436d8 coredump: fix error handling for replace_fd()
| * a6d87cce78 perf/arm-cmn: Add CMN S3 ACPI binding
| * d96289fcac perf/arm-cmn: Initialise cmn->cpu earlier
| * c6d2c0d461 perf/arm-cmn: Fix REQ2/SNP2 mixup
| * 2f2190ce4c net_sched: hfsc: Address reentrant enqueue adding class to eltree twice
| * b7550a2584 arm64: dts: ti: k3-j784s4-j742s2-main-common: Fix length of serdes_ln_ctrl
| * 2ee377336c arm64: dts: ti: k3-j722s-main: Disable "serdes_wiz0" and "serdes_wiz1"
| * 07f51c8f01 arm64: dts: ti: k3-j722s-evm: Enable "serdes_wiz0" and "serdes_wiz1"
| * 5b9e29e74d arm64: dts: ti: k3-j721e-sk: Add requiried voltage supplies for IMX219
| * 110875e707 arm64: dts: ti: k3-j721e-sk: Remove clock-names property from IMX219 overlay
| * 8a26672180 arm64: dts: ti: k3-j721e-sk: Add DT nodes for power regulators
| * 7d6fd34220 arm64: dts: ti: k3-am68-sk: Fix regulator hierarchy
| * a15e563013 arm64: dts: ti: k3-am65-main: Add missing taps to sdhci0
| * e539e3e611 arm64: dts: ti: k3-am62x: Rename I2C switch to I2C mux in OV5640 overlay
| * 0451eef436 arm64: dts: ti: k3-am62x: Rename I2C switch to I2C mux in IMX219 overlay
| * 8c32e3ca0e arm64: dts: ti: k3-am62x: Remove clock-names property from IMX219 overlay
| * 8cc39fa7dd arm64: dts: ti: k3-am62p-j722s-common-main: Set eMMC clock parent to default
| * b605a449b6 arm64: dts: ti: k3-am62a-main: Set eMMC clock parent to default
| * ef60b9ba0d arm64: dts: ti: k3-am62-main: Set eMMC clock parent to default
| * 1e5144b53c arm64: dts: qcom: x1e80100: Fix video thermal zone
| * fc54ce9d78 arm64: dts: qcom: x1e80100-yoga-slim7x: mark l12b and l15b always-on
| * 660baafc99 arm64: dts: qcom: x1e80100-qcp: mark l12b and l15b always-on
| * fa8939991b arm64: dts: qcom: x1e80100-qcp: Fix vreg_l2j_1p2 voltage
| * b2f571e0ba arm64: dts: qcom: x1e80100-lenovo-yoga-slim7x: Fix vreg_l2j_1p2 voltage
| * a5c10cc63d arm64: dts: qcom: x1e80100-asus-vivobook-s15: Fix vreg_l2j_1p2 voltage
| * d3400824e0 arm64: dts: qcom: sm8650: Add missing properties for cryptobam
| * 2a53950532 arm64: dts: qcom: sm8550: Add missing properties for cryptobam
| * b4412e8553 arm64: dts: qcom: sm8450: Add missing properties for cryptobam
| * 87ec68b7e9 arm64: dts: qcom: sm8350: Fix typo in pil_camera_mem node
| * c96762b683 arm64: dts: qcom: sa8775p: Remove cdsp compute-cb@10
| * 920c14a377 arm64: dts: qcom: sa8775p: Remove extra entries from the iommus property
| * 61ffb2e73d arm64: dts: qcom: ipq9574: Add missing properties for cryptobam
| * e3dfd77a7f can: kvaser_pciefd: Force IRQ edge in case of nested IRQ
* | 7689df00e1 ANDROID: GKI: add devm_register_sys_off_handler to db845c symbol list.
* | 614334d6e9 Revert "perf: Avoid the read if the count is already updated"
* | 6de79a4718 Revert "espintcp: remove encap socket caching to avoid reference leak"
* | 69f799168c Merge 6.12.31 into android16-6.12-lts
|\|
| * df3f6d10f3 Linux 6.12.31
| * 85fb1edd05 drm/gem: Internally test import_attach for imported objects
| * ee2a06bbbb x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers bounce buffers
| * ae0d63ec39 i3c: master: svc: Fix implicit fallthrough in svc_i3c_master_ibi_work()
| * 73c4707510 pinctrl: tegra: Fix off by one in tegra_pinctrl_get_group()
| * ecb9d3123b watchdog: aspeed: fix 64-bit division
| * c3e1091eb0 drm/amdkfd: Correct F8_MODE for gfx950
| * a8a34fbf91 serial: sh-sci: Save and restore more registers
| * 80eb73778d bpf: abort verification if env->cur_state->loop_entry != NULL
| * fdee1dc816 drm/amd/display: Exit idle optimizations before accessing PHY
| * dd8a734155 kbuild: Properly disable -Wunterminated-string-initialization for clang
| * 3f856d5d84 Fix mis-uses of 'cc-option' for warning disablement
| * d66cf772be gcc-15: disable '-Wunterminated-string-initialization' entirely for now
| * 9f58537e9b gcc-15: make 'unterminated string initialization' just a warning
| * d28b0305f7 err.h: move IOMEM_ERR_PTR() to err.h
| * 96537d8c67 spi: spi-fsl-dspi: Reset SR flags before sending a new message
| * b1781bd47e spi: spi-fsl-dspi: Halt the module after a new message transfer
| * b9fbbcf61e spi: spi-fsl-dspi: restrict register range for regmap access
| * 1d45e0170c spi: use container_of_cont() for to_spi_device()
| * 92f077ff52 platform/x86: think-lmi: Fix attribute name usage for non-compliant items
| * 5c54a557bd ksmbd: fix stream write failure
| * 544ff7fb19 Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC connection"
| * 111a892a23 Bluetooth: btmtksdio: Do close if SDIO card removed without close
| * 3e0dc2b4f6 Bluetooth: btmtksdio: Check function enabled before doing close
| * fedd2a1443 nilfs2: fix deadlock warnings caused by lock dependency in init_nilfs()
| * 483ac74183 mm: vmalloc: only zero-init on vrealloc shrink
| * 94efb0d656 mm: vmalloc: actually use the in-place vrealloc region
| * 9f9517f156 mm: mmap: map MAP_STACK to VM_NOHUGEPAGE only if THP is enabled
| * 9da33ce114 mm/page_alloc.c: avoid infinite retries caused by cpuset race
| * 314bf771cb memcg: always call cond_resched() after fn()
| * 9b8263cae6 highmem: add folio_test_partial_kmap()
| * cb9a1019a6 Input: xpad - add more controllers
| * 7c220f89ad Revert "drm/amd: Keep display off while going into S4"
| * b4f801e8cf smb: client: Reset all search buffer pointers when releasing buffer
| * 56b06539b6 arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs
| * 9bea368648 smb: client: Fix use-after-free in cifs_fill_dirent
| * dc9bdfb9b0 drm/edid: fixed the bug that hdr metadata was not reset
| * 56081f5d14 thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature
| * 8594a123cf platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()
| * e78908caf1 pmdomain: core: Fix error checking in genpd_dev_pm_attach_by_id()
| * 0ae82a7abf pmdomain: renesas: rcar: Remove obsolete nullify checks
| * a6ddbf9ae7 vmxnet3: update MTU after device quiesce
| * ba689e0893 net: dsa: microchip: linearize skb for tail-tagging switches
| * 352fbde141 can: kvaser_pciefd: Fix echo_skb race
| * 8654c8a052 can: kvaser_pciefd: Continue parsing DMA buf after dropped RX
| * 80702f002b llc: fix data loss when reading from a socket in llc_ui_recvmsg()
| * 4e22325b98 ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ASP10
| * bf85e49aaf ALSA: pcm: Fix race of buffer access at PCM OSS layer
| * 799d48c95f ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction
| * 20e3fa3b7d ASoc: SOF: topology: connect DAI to a single DAI link
| * 6a62b917fb ASoC: SOF: Intel: hda-bus: Use PIO mode on ACE2+ platforms
| * 964d355832 ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext
| * 63567ecd99 can: bcm: add missing rcu read protection for procfs content
| * cc55dd28c2 can: bcm: add locking for bcm_op runtime updates
| * adb05149a9 can: slcan: allow reception of short error messages
| * 5300e48748 padata: do not leak refcount in reorder_work
| * 2f45a8d64f crypto: algif_hash - fix double free in hash_accept
| * bcb1c946c7 clk: s2mps11: initialise clk_hw_onecell_data::num before accessing ::hws[] in probe()
| * 4a7261089d octeontx2-af: Fix APR entry mapping based on APR_LMT_CFG
| * 92b04bac36 octeontx2-af: Set LMT_ENA bit for APR table entries
| * 689a205cd9 net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done
| * 41678d7222 octeontx2-pf: Add AF_XDP non-zero copy support
| * 49b21795b8 sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()
| * 0a2422f976 idpf: fix idpf_vport_splitq_napi_poll()
| * 873ebaf3c1 io_uring: fix overflow resched cqe reordering
| * 845ef0462a net: lan743x: Restore SGMII CTRL register on resume
| * 8e4fd8e76d net: dwmac-sun8i: Use parsed internal PHY address instead of 1
| * 3e79182c82 pinctrl: qcom: switch to devm_register_sys_off_handler()
| * cd7f022296 loop: don't require ->write_iter for writable files in loop_configure
| * f6f5e9c8cb idpf: fix null-ptr-deref in idpf_features_check
| * 8c3b8ace9c ice: Fix LACP bonds without SRIOV environment
| * 7191b69eae ice: fix vf->num_mac count with port representors
| * 233a227a31 bridge: netfilter: Fix forwarding of fragmented packets
| * 0b7d3e7820 ptp: ocp: Limit signal/freq counts in summary output functions
| * 6a1f9a709a Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling
| * 1e8b7e96f7 Bluetooth: L2CAP: Fix not checking l2cap_chan security level
| * ca51db2316 perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq
| * 1c1fb885e5 irqchip/riscv-imsic: Start local sync timer on correct CPU
| * 2b49e68360 ASoC: SOF: Intel: hda: Fix UAF when reloading module
| * 4a39fbffad devres: Introduce devm_kmemdup_array()
| * 7207effe47 driver core: Split devres APIs to device/devres.h
| * ae344b9f84 dmaengine: fsl-edma: Fix return code for unhandled interrupts
| * d31daa83ef dmaengine: idxd: Fix ->poll() return value
| * 252f78a931 xfrm: Sanitize marks before insert
| * ae5e975a46 clk: sunxi-ng: d1: Add missing divider for MMC mod clocks
| * 090aa8d51e remoteproc: qcom_wcnss: Fix on platforms without fallback regulators
| * 447c8f0c06 kernel/fork: only call untrack_pfn_clear() on VMAs duplicated for fork()
| * 7f5dc43b46 x86/sev: Fix operator precedence in GHCB_MSR_VMPL_REQ_LEVEL macro
| * d91576a232 dmaengine: idxd: Fix allowing write() from different address spaces
| * b1a687eb15 xfrm: Fix UDP GRO handling for some corner cases
| * 9cbca30102 espintcp: remove encap socket caching to avoid reference leak
| * 28756f22de espintcp: fix skb leaks
| * 153bc79b5d soundwire: bus: Fix race on the creation of the IRQ domain
| * 8cafd7266f __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock
| * a0c50c9f9c drm/amd/display: Call FP Protect Before Mode Programming/Mode Support
| * 211f589206 xenbus: Allow PVH dom0 a non-local xenstore
| * 5a8d073d87 x86/Kconfig: make CFI_AUTO_DEFAULT depend on !RUST or Rust >= 1.88
| * b8581b4e4d wifi: iwlwifi: add support for Killer on MTL
| * 1645fc1849 block: only update request sector if needed
| * 511ea82e34 tools: ynl-gen: validate 0 len strings from kernel
| * 6e9770de02 btrfs: avoid NULL pointer dereference if no valid csum tree
| * 230c94ca35 btrfs: handle empty eb->folios in num_extent_folios()
| * 7f7c8c03fe btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref
| * 92dff981dd btrfs: compression: adjust cb->compressed_folios allocation type
| * 5926bc887d ASoC: intel/sdw_utils: Add volume limit to cs42l43 speakers
| * 6b1a9a7647 cifs: Fix changing times and read-only attr over SMB1 smb_set_file_info() function
| * 0a9920e1ff cifs: Fix and improve cifs_query_path_info() and cifs_query_file_info()
| * ad3e83a6c8 io_uring/fdinfo: annotate racy sq/cq head/tail reads
| * ec462449f4 nvmet-tcp: don't restore null sk_state_change
| * 6a09b6bad0 ALSA: usb-audio: Fix duplicated name in MIDI substream names
| * 6d196cae4b nvme-pci: add quirks for WDC Blue SN550 15b7:5009
| * ff214b079d nvme-pci: add quirks for device 126f:1001
| * 35ec11b385 ALSA: hda/realtek: Add quirk for HP Spectre x360 15-df1xxx
| * 8f76431c00 ASoC: Intel: bytcr_rt5640: Add DMI quirk for Acer Aspire SW3-013
| * 63affdae7f ASoC: cs42l43: Disable headphone clamps during type detection
| * 4c7a0425fb platform/x86: ideapad-laptop: add support for some new buttons
| * 2418bf5d38 platform/x86: asus-wmi: Disable OOBE state after resume from hibernation
| * 00fe4c0e46 platform/x86/intel: hid: Add Pantherlake support
| * aa000a4ee9 smb: server: smb2pdu: check return value of xa_store()
| * c134c62b9e pinctrl: meson: define the pull up/down resistor value as 60 kOhm
| * 5863bd44ed book3s64/radix: Fix compile errors when CONFIG_ARCH_WANT_OPTIMIZE_DAX_VMEMMAP=n
| * b5aa85b9b0 ASoC: imx-card: Adjust over allocation of memory in imx_card_parse_of()
| * 9fddd1f154 drm: Add valid clones check
| * 08150a6c83 drm/panel-edp: Add Starry 116KHD024006
| * aa52c70ae1 drm/buddy: fix issue that force_merge cannot free all roots
| * 1351052877 drm/atomic: clarify the rules around drm_atomic_state->allow_modeset
| * 6ceef704e2 drm/xe: Reject BO eviction if BO is bound to current VM
| * 650c1769cf drm/xe/sa: Always call drm_suballoc_manager_fini()
| * 1cc3716373 wifi: rtw89: coex: Separated Wi-Fi connecting event from Wi-Fi scan event
| * c9db43696e drm/xe: Do not attempt to bootstrap VF in execlists mode
| * 274ae1044b drm/xe: Move suballocator init to after display init
| * 115360031b wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation
| * e1fffcd1d7 drm/nouveau: fix the broken marco GSP_MSG_MAX_SIZE
| * 878ccaf79c drm: bridge: adv7511: fill stream capabilities
| * fb0d82562c wifi: ath12k: Fix end offset bit definition in monitor ring descriptor
| * bb2d55681e wifi: ath12k: Fetch regdb.bin file from board-2.bin
| * a3f6e4682f wifi: ath9k: return by of_get_mac_address
| * 331c0af96c drm/xe/pf: Reset GuC VF config when unprovisioning critical resource
| * 63780d7352 accel/qaic: Mask out SR-IOV PCI resources
| * a1e3f2ea66 wifi: ath12k: fix ath12k_hal_tx_cmd_ext_desc_setup() info1 override
| * ff56fbf50e regulator: ad5398: Add device tree support
| * 697a6f8a91 spi: zynqmp-gqspi: Always acknowledge interrupts
| * c533839e0a wifi: rtw89: add wiphy_lock() to work that isn't held wiphy_lock() yet
| * 9e9e974915 wifi: rtw88: Don't use static local variable in rtw8822b_set_tx_power_index_by_rate
| * 0b63d24624 wifi: rtl8xxxu: retry firmware download on error
| * ff5c6e3d25 clk: renesas: rzg2l-cpg: Refactor Runtime PM clock validation
| * 3a95341c65 perf/amd/ibs: Fix ->config to sample period calculation for OP PMU
| * e225dbb03a perf/amd/ibs: Fix perf_ibs_op.cnt_mask for CurCnt
| * 46f1c2b508 firmware: arm_scmi: Relax duplicate name constraint across protocol ids
| * ff84436446 bpftool: Fix readlink usage in get_fd_type
| * c80b2d159c bpf: Use kallsyms to find the function name of a struct_ops's stub function
| * c3fd672e66 drm/ast: Find VBIOS mode from regular display size
| * 538a82168e dm vdo: use a short static string for thread name prefix
| * f8b4edbcf3 dm vdo indexer: prevent unterminated string warning
| * 0cc2aa7472 irqchip/riscv-aplic: Add support for hart indexes
| * a3300021d4 ASoC: rt722-sdca: Add some missing readable registers
| * 67f7080cb3 ASoC: codecs: pcm3168a: Allow for 24-bit in provider mode
| * b99c2faf40 arm64: zynqmp: add clock-output-names property in clock nodes
| * 9e3eaf7f75 HID: usbkbd: Fix the bit shift number for LED_KANA
| * b5a1ef646c wifi: ath12k: Avoid napi_sync() before napi_enable()
| * dbb6efb3d8 scsi: st: Restore some drive settings after reset
| * 1be28b37a6 scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails
| * 609bc6e9c1 scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk
| * c670902775 scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine
| * f5ce562857 net/mana: fix warning in the writer of client oob
| * 7cc781374e drm/xe/relay: Don't use GFP_KERNEL for new transactions
| * e2017f44c6 ice: count combined queues using Rx/Tx count
| * 887e39ac47 perf: Avoid the read if the count is already updated
| * d402437cde rcu: fix header guard for rcu_all_qs()
| * fcabb69674 rcu: handle unstable rdp in rcu_read_unlock_strict()
| * 5cdaa970d7 rcu: handle quiescent states for PREEMPT_RCU=n, PREEMPT_COUNT=y
| * 65daba41f9 ice: treat dyn_allowed only as suggestion
| * 3c8b4657a6 ice: init flow director before RDMA
| * 58cdd1ee65 bridge: mdb: Allow replace of a host-joined group
| * 76e56dbe50 net: flush_backlog() small changes
| * ba59747562 r8169: don't scan PHY addresses > 0
| * ded26f9e4c ipv4: ip_gre: Fix set but not used warning in ipgre_err() if IPv4-only
| * a6644aeb8d vxlan: Annotate FDB data races
| * 61e931ee14 cpufreq: amd-pstate: Remove unnecessary driver_lock in set_boost
| * b82e496531 net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled
| * 9152627936 tools: ynl-gen: don't output external constants
| * 37c07516ac eth: fbnic: set IFF_UNICAST_FLT to avoid enabling promiscuous mode when adding unicast addrs
| * d2b58a1022 drm/rockchip: vop2: Improve display modes handling on RK3588 HDMI0
| * 91c53b8cd8 media: qcom: camss: Add default case in vfe_src_pad_code
| * 85e0e03303 media: qcom: camss: csid: Only add TPG v4l2 ctrl if TPG hardware is available
* | 6c6b68a1ea Merge 1d15319323 ("f2fs: introduce f2fs_base_attr for global sysfs entries") into android16-6.12-lts
|\|
| * 1d15319323 f2fs: introduce f2fs_base_attr for global sysfs entries
* | 2b9efc3752 Revert "net: page_pool: avoid false positive warning if NAPI was never added"
* | 59d0e96ab0 Merge 7781848346 ("hwmon: (xgene-hwmon) use appropriate type for the latency value") into android16-6.12-lts
|\|
| * 7781848346 hwmon: (xgene-hwmon) use appropriate type for the latency value
| * c4092cb063 tools/power turbostat: Clustered Uncore MHz counters should honor show/hide options
| * 247b420fea net: page_pool: avoid false positive warning if NAPI was never added
| * b063f36a92 clk: qcom: camcc-sm8250: Use clk_rcg2_shared_ops for some RCGs
| * 2368794c0c wifi: rtw89: call power_on ahead before selecting firmware
| * 01edf9255f wifi: rtw89: fw: validate multi-firmware header before accessing
| * f4c99c7b71 wifi: rtw89: fw: validate multi-firmware header before getting its size
| * 2eb2cfca35 wifi: rtw89: coex: Assign value over than 0 to avoid firmware timer hang
| * 50f78100b9 wifi: rtw88: Fix __rtw_download_firmware() for RTL8814AU
| * 1c56486443 wifi: rtw88: Fix download_firmware_validate() for RTL8814AU
| * 2a25d61107 ext4: remove writable userspace mappings before truncating page cache
| * 73733c2fdb ext4: don't write back data before punch hole in nojournal mode
| * 39255ab2ed leds: trigger: netdev: Configure LED blink interval for HW offload
| * 16ddd67bb5 pstore: Change kmsg_bytes storage size to u32
| * 556f53a8ec iio: adc: ad7944: don't use storagebits for sizing
| * 7fea5a9140 r8152: add vendor/device ID pair for Dell Alienware AW1022z
| * 9f2911868a ip: fib_rules: Fetch net from fib_rule in fib[46]_rule_configure().
| * f9ab6efdee arch/powerpc/perf: Check the instruction type before creating sample with perf_mem_data_src
| * c2e02e2b21 powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits
| * 9aeaf1956e powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory
| * 701118e6f6 net: fec: Refactor MAC reset to function
| * 641ad8d64a wifi: mac80211: set ieee80211_prep_tx_info::link_id upon Auth Rx
| * 8315b79220 wifi: mac80211: remove misplaced drv_mgd_complete_tx() call
| * 26e384fafd wifi: mac80211: don't unconditionally call drv_mgd_complete_tx()
| * 8e1800f1db wifi: iwlwifi: don't warn during reprobe
| * 15d8ceef92 wifi: iwlwifi: use correct IMR dump variable
| * 4d8fd111e0 mptcp: pm: userspace: flags: clearer msg if no remote addr
| * 6a0997d78f wifi: ath12k: fix the ampdu id fetch in the HAL_RX_MPDU_START TLV
| * 06daedb443 xfrm: prevent high SEQ input in non-ESN mode
| * bbd6dc1fb6 drm/v3d: Add clock handling
| * e5a69d1696 net/mlx5e: reduce the max log mpwrq sz for ECPF and reps
| * 74d153d8ec net/mlx5e: reduce rep rxq depth to 256 for ECPF
| * af94d4f46c net/mlx5e: set the tx_queue_len for pfifo_fast
| * a3a845ebc8 net/mlx5: Extend Ethtool loopback selftest to support non-linear SKB
| * 4a94ccac49 net/mlx5: XDP, Enable TX side XDP multi-buffer support
| * d4df87dae1 scsi: target: spc: Fix loop traversal in spc_rsoc_get_descr()
| * 9acae6e987 drm/amd/display/dm: drop hw_support check in amdgpu_dm_i2c_xfer()
| * f5e9d0d206 drm/amdgpu: enlarge the VBIOS binary size limit
| * 7ef18e2ffd drm/amdgpu: Use active umc info from discovery
| * 1bb46b5433 drm/amd/display: Populate register address for dentist for dcn401
| * af3d57ea9e drm/amd/display: Use Nominal vBlank If Provided Instead Of Capping It
| * e55c5704b1 drm/amd/display: Increase block_sequence array size
| * 17e40a52a1 drm/amd/display: Initial psr_version with correct setting
| * 563adeeeb0 drm/amd/display: Update CR AUX RD interval interpretation
| * 47bfc7a027 Revert "drm/amd/display: Exit idle optimizations before attempt to access PHY"
| * 45068cc170 drm/amd/display: Support multiple options during psr entry.
| * 4f4cb81def drm/amd/pm: Skip P2S load for SMU v13.0.12
| * a25d045ebf drm/amdgpu: reset psp->cmd to NULL after releasing the buffer
| * ed2039d840 drm/amd/display: Don't try AUX transactions on disconnected link
| * a8726bee70 drm/amd/display: pass calculated dram_speed_mts to dml2
| * 452807a863 drm/amdgpu: Set snoop bit for SDMA for MI series
| * 5ca70518bc drm/amdkfd: fix missing L2 cache info in topology
| * 365d302ac7 drm/amdgpu/mes11: fix set_hw_resources_1 calculation
* | 70c9466818 Revert "crypto: ahash - Set default reqsize from ahash_alg"
* | 5035b6dea6 Revert "genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie"
* | dd2cdf31a0 Revert "serial: mctrl_gpio: split disable_ms into sync and no_sync APIs"
* | fcc21a6112 Merge 11c7fa11fa ("net: stmmac: dwmac-loongson: Set correct {tx,rx}_fifo_size") into android16-6.12-lts
|\|
| * 11c7fa11fa net: stmmac: dwmac-loongson: Set correct {tx,rx}_fifo_size
| * 97dba4472e soundwire: cadence_master: set frame shape and divider based on actual clk freq
| * c043867b65 soundwire: amd: change the soundwire wake enable/disable sequence
| * 164c9f5edf phy: exynos5-usbdrd: fix EDS distribution tuning (gs101)
| * ef31dc41cf phy: core: don't require set_mode() callback for phy_get_mode() to work
| * afb512502f phy: phy-rockchip-samsung-hdptx: Swap the definitions of LCPLL_REF and ROPLL_REF
| * a507a213e8 pinctrl: renesas: rzg2l: Add suspend/resume support for pull up/down
| * 5de11f82cb serial: sh-sci: Update the suspend/resume support
| * e6e31b0182 sched: Reduce the default slice to avoid tasks getting an extra tick
| * 9c5f85b72f x86/traps: Cleanup and robustify decode_bug()
| * eb6fd16b4f x86/ibt: Handle FineIBT in handle_cfi_failure()
| * b870651021 drm/xe/debugfs: Add missing xe_pm_runtime_put in wedge_mode_set
| * cf126a1458 drm/xe/debugfs: fixed the return value of wedged_mode_set
| * 6469a2b114 clk: qcom: clk-alpha-pll: Do not use random stack value for recalc rate
| * 328a2ec198 clk: qcom: ipq5018: allow it to be bulid on arm32
| * 01d28e67f5 drm/xe: Fix xe_tile_init_noalloc() error propagation
| * 884d64e8e4 drm/xe: Stop ignoring errors from xe_ttm_stolen_mgr_init()
| * 50c5bbb45c net/mlx4_core: Avoid impossible mlx4_db_alloc() order value
| * 69689d1138 media: v4l: Memset argument to 0 before calling get_mbus_config pad op
| * 9a98107909 media: i2c: imx219: Correct the minimum vblanking value
| * 12aeff4944 kunit: tool: Use qboot on QEMU x86_64
| * 8f5ce688c8 smack: Revert "smackfs: Added check catlen"
| * 316f2911fb smack: recognize ipv4 CIPSO w/o categories
| * 5b1b4cb46d pinctrl: devicetree: do not goto err when probing hogs in pinctrl_dt_to_map
| * c4260bf83b ASoC: soc-dai: check return value at snd_soc_dai_set_tdm_slot()
| * 2ea0427796 ASoC: tas2764: Power up/down amp on mute ops
| * 409c12ce79 ASoC: tas2764: Mark SW_RESET as volatile
| * 8d8083881e ASoC: tas2764: Add reg defaults for TAS2764_INT_CLK_CFG
| * 000dd6e344 ASoC: ops: Enforce platform maximum on initial value
| * 83ea947238 firmware: xilinx: Dont send linux address to get fpga config get status
| * e1c4bb3774 firmware: arm_ffa: Handle the presence of host partition in the partition info
| * 3a3fab1be5 firmware: arm_ffa: Reject higher major version as incompatible
| * 587386c56f net/mlx5: Apply rate-limiting to high temperature warning
| * c4e1ce22b9 net/mlx5: Modify LSB bitmask in temperature event to include only the first bit
| * 3770acff31 media: test-drivers: vivid: don't call schedule in loop
| * 2fe6284364 irqchip/riscv-imsic: Set irq_set_affinity() for IMSIC base
| * dc5f5c9d2b hrtimers: Replace hrtimer_clock_to_base_table with switch-case
| * 7f131fda26 vxlan: Join / leave MC group after remote changes
| * 1fb8106316 ACPI: HED: Always initialize before evged
| * 82b54455b6 PCI: Fix old_size lower bound in calculate_iosize() too
| * 161cc12504 eth: mlx4: don't try to complete XDP frames in netpoll
| * 46ba5757a7 bpf: copy_verifier_state() should copy 'loop_entry' field
| * 2b129e89b8 bpf: don't do clean_live_states when state->loop_entry->branches > 0
| * eaeb67bd85 can: c_can: Use of_property_present() to test existence of DT property
| * a89326d35b pmdomain: imx: gpcv2: use proper helper for property detection
| * 3ccfdd5b33 RDMA/core: Fix best page size finding when it can cross SG entries
| * e6a46719a2 serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
| * b14e726d57 drm/amd/display: Don't treat wb connector as physical in create_validate_stream_for_sink
| * cee5d56fa7 Revert "drm/amd/display: Request HW cursor on DCN3.2 with SubVP"
| * 775f3afa6a drm/amd/display: Read LTTPR ALPM caps during link cap retrieval
| * 1e826acee1 drm/amd/display: Fix BT2020 YCbCr limited/full range input
| * 2bba67f030 drm/amd/display: Guard against setting dispclk low when active
| * b02b561bf7 drm/amd/display: Add support for disconnected eDP streams
| * 94e6687ced drm/amd/pm: Fetch current power limit from PMFW
| * 098788e118 irqchip/riscv-imsic: Separate next and previous pointers in IMSIC vector
| * d85004266a eeprom: ee1004: Check chip before probing
| * 011a62d2d7 mfd: axp20x: AXP717: Add AXP717_TS_PIN_CFG to writeable regs
| * a82c0c3996 i3c: master: svc: Flush FIFO before sending Dynamic Address Assignment(DAA)
| * 7d0c92af8d EDAC/ie31200: work around false positive build warning
| * 4593aaf48f power: supply: axp20x_battery: Update temp sensor for AXP717 from device tree
| * 6b1d3e9db8 net: pktgen: fix access outside of user given buffer in pktgen_thread_write()
| * d37783f25a wifi: rtw89: 8922a: fix incorrect STA-ID in EHT MU PPDU
| * 7dafba4e85 wifi: rtw89: fw: add blacklist to avoid obsolete secure firmware
| * 6ffcf25e63 wifi: rtw89: fw: get sb_sel_ver via get_unaligned_le32()
| * 1cbef396c5 wifi: rtw89: fw: propagate error code from rtw89_h2c_tx()
| * a4523765fa wifi: rtw88: Fix rtw_desc_to_mcsrate() to handle MCS16-31
| * adcc65afaa wifi: rtw88: Fix rtw_init_ht_cap() for RTL8814AU
| * 9a3f80a727 wifi: rtw88: Fix rtw_init_vht_cap() for RTL8814AU
| * 1653c72dab scsi: mpt3sas: Send a diag reset if target reset fails
| * b5038d313a PCI: epf-mhi: Update device ID for SA8775P
| * 0b21e99cf6 clocksource: mips-gic-timer: Enable counter when CPUs start
| * 1a3529f36f MIPS: pm-cps: Use per-CPU variables as per-CPU, not per-core
| * 53f42776e4 genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie
| * 5111c2e0cf x86/locking: Use ALT_OUTPUT_SP() for percpu_{,try_}cmpxchg{64,128}_op()
| * 95b8f2b7d9 drm/amdgpu: remove all KFD fences from the BO on release
| * af706d0e27 MIPS: Use arch specific syscall name match function
| * 9058b48578 drm/xe/oa: Ensure that polled read returns latest data
| * 4d9fa2ebc0 net: ipv6: Init tunnel link-netns before registering dev
| * 897c98fb32 crypto: skcipher - Zap type in crypto_alloc_sync_skcipher
| * 9f27b38771 crypto: ahash - Set default reqsize from ahash_alg
| * 562e512f6b x86/kaslr: Reduce KASLR entropy on most x86 systems
| * 0bdaab17a2 net/mlx5: Change POOL_NEXT_SIZE define value and make it global
| * d2d76fc025 scsi: scsi_debug: First fixes for tapes
| * b55a97d1bd dm: fix unconditional IO throttle caused by REQ_PREFLUSH
| * 2c600cbe33 libbpf: Fix out-of-bound read
| * 20a53c3689 loop: check in LO_FLAGS_DIRECT_IO in loop_default_blocksize
| * 5b62f941ea scsi: mpi3mr: Update timestamp only for supervisor IOCs
| * a68686c08b net/mlx5e: Add correct match to check IPSec syndromes for switchdev mode
| * c2aa6567a6 media: tc358746: improve calculation of the D-PHY timing registers
| * bb8fb041cb media: adv7180: Disable test-pattern control on adv7180
| * 083383aba0 cpuidle: menu: Avoid discarding useful information
* | 05cc417ff3 Merge 0d508cefcd ("vdpa/mlx5: Fix mlx5_vdpa_get_config() endianness on big-endian machines") into android16-6.12-lts
|\|
| * 0d508cefcd vdpa/mlx5: Fix mlx5_vdpa_get_config() endianness on big-endian machines
| * 6398dd09d5 vhost-scsi: Return queue full for page alloc failures during copy
| * 7eb29d704d x86/nmi: Add an emergency handler in nmi_desc & use it in nmi_shootdown_cpus()
| * 7bbfaa24c0 ASoC: mediatek: mt8188: Add reference for dmic clocks
| * 4a21b57d83 ASoC: mediatek: mt8188: Treat DMIC_GAINx_CUR as non-volatile
| * 6e5935b755 drm/amd/display: Fix mismatch type comparison
| * 990e4fb37b drm/amd/display: fix dcn4x init failed
| * 54dd746ed8 drm/amd/display: handle max_downscale_src_width fail check
| * 5cab1de0ce x86/build: Fix broken copy command in genimage.sh when making isoimage
| * de48b82dcf Octeontx2-af: RPM: Register driver with PCI subsys IDs
| * 673dde8d3c bpf: Search and add kfuncs in struct_ops prologue and epilogue
| * 06100e642f soc: ti: k3-socinfo: Do not use syscon helper to build regmap
| * 54ef1a89e2 wifi: ath12k: Improve BSS discovery with hidden SSID in 6 GHz band
| * e39fd41117 bonding: report duplicate MAC address in all situations
| * f872f7aaa4 net: xgene-v2: remove incorrect ACPI_PTR annotation
| * 459b3f7cf0 net: ethernet: mtk_ppe_offload: Allow QinQ, double ETH_P_8021Q only
| * 562b4f70bf leds: pwm-multicolor: Add check for fwnode_property_read_u32
| * b8fcb1cdbf drm/xe: xe_gen_wa_oob: replace program_invocation_short_name
| * 0d8562e358 drm/amdkfd: KFD release_work possible circular locking
| * 1dd943dfb5 pinctrl: sophgo: avoid to modify untouched bit when setting cv1800 pinconf
| * baaf3084c2 selftests/net: have `gro.sh -t` return a correct exit code
| * 11e721443c net/mlx5: Avoid report two health errors on same syndrome
| * 1f512005f4 drm/xe/pf: Create a link between PF and VF devices
| * df888ad55f drm/xe/vf: Retry sending MMIO request to GUC on timeout error
| * 3a3efeef64 firmware: arm_ffa: Set dma_mask for ffa devices
| * 12153e3948 PCI: brcmstb: Add a softdep to MIP MSI-X driver
| * 3ffaa2e999 PCI: brcmstb: Expand inbound window size up to 64GB
| * 7add9c10ca wifi: ath12k: Report proper tx completion status to mac80211
| * 1c2c538bbd soc: apple: rtkit: Implement OSLog buffers properly
| * 92c6687ba9 soc: apple: rtkit: Use high prio work queue
| * e359d62886 perf: arm_pmuv3: Call kvm_vcpu_pmu_resync_el0() before enabling counters
| * b38fbf9864 fpga: altera-cvp: Increase credit timeout
| * 7857d8977e drm/mediatek: mtk_dpi: Add checks for reg_h_fre_con existence
| * 89800836bf ARM: at91: pm: fix at91_suspend_finish for ZQ calibration
| * cd62e9d42f hwmon: (gpio-fan) Add missing mutex locks
| * e7e30a4a37 x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2
| * 0d232fa3b0 clk: imx8mp: inform CCF of maximum frequency of clocks
| * 2d6231d5ce media: uvcvideo: Handle uvc menu translation inside uvc_get_le_value
| * b98aad5e5e media: uvcvideo: Add sanity check to uvc_ioctl_xu_ctrl_map
| * 82209faa87 ublk: complete command synchronously on error
| * 564f03a797 block: mark bounce buffering as incompatible with integrity
| * f7226dedac drm/rockchip: vop2: Add uv swap for cluster window
| * f33b310eac ipv4: fib: Move fib_valid_key_len() to rtm_to_fib_config().
| * 3de322a98b scsi: logging: Fix scsi_logging_level bounds
| * 500d22dbd9 ALSA: hda/realtek: Enable PC beep passthrough for HP EliteBook 855 G7
| * 592ba27580 perf/hw_breakpoint: Return EOPNOTSUPP for unsupported breakpoint type
| * f9d15ef2e0 net: pktgen: fix mpls maximum labels list parsing
| * 8d7e13c31c media: imx335: Set vblank immediately
| * 4176d6f2a6 iommufd: Disallow allocating nested parent domain with fault ID
| * af73c8fd73 ublk: enforce ublks_max only for unprivileged devices
| * c4f025a58e dpll: Add an assertion to check freq_supported_num
| * ebaed867bf net: phy: nxp-c45-tja11xx: add match_phy_device to TJA1103/TJA1104
| * 94df9fd015 net: ethernet: ti: cpsw_new: populate netdev of_node
| * 1a4a834f2a rcu: Fix get_state_synchronize_rcu_full() GP-start detection
| * 5aba8ac434 pinctrl: bcm281xx: Use "unsigned int" instead of bare "unsigned"
| * 4731d5328f media: cx231xx: set device_caps for 417
| * f29c876d72 perf/core: Clean up perf_try_init_event()
| * cc714c89ef drm/amd/display: Request HW cursor on DCN3.2 with SubVP
| * 1f2b3ea007 drm/amd/display: Fix p-state type when p-state is unsupported
| * e015cef8b7 drm/amd/display: Fix DMUB reset sequence for DCN401
| * 682c4226f3 drm/amd/display: Skip checking FRL_MODE bit for PCON BW determination
| * 5bf0fd2bd5 drm/amd/display: Ensure DMCUB idle before reset on DCN31/DCN35
| * a23f391012 drm/amdgpu: Do not program AGP BAR regs under SRIOV in gfxhub_v1_0.c
| * 69bb5b3ae3 remoteproc: qcom_wcnss: Handle platforms with only single power domain
| * 95080412e9 blk-throttle: don't take carryover for prioritized processing of metadata
| * c4525b513d net: phylink: use pl->link_interface in phylink_expects_phy()
* | 3aa4e29eea ANDROID: GKI: fix up CRC issue with struct drm_atomic_state
* | 1b3f86d6f7 Merge 93f581d763 ("drm/gem: Test for imported GEM buffers with helper") into android16-6.12-lts
|\|
| * 93f581d763 drm/gem: Test for imported GEM buffers with helper
* | 10f8ffb85b Merge android16-6.12 into android16-6.12-lts
* | ff7f30c2c6 Revert "usb: xhci: set page size to the xHCI-supported size"
* | 1142d4db49 Revert "ipv6: save dontfrag in cork"
* | 2bd2d17852 ANDROID: GKI: x86: remove CFI_AUTO_DEFAULT=N from gki_defconfig
* | 108d81d25c Merge cd918ec241 ("orangefs: Do not truncate file size") into android16-6.12-lts
|\|
| * cd918ec241 orangefs: Do not truncate file size
| * 6ad0673ab2 soc: mediatek: mtk-mutex: Add DPI1 SOF/EOF to MT8188 mutex tables
| * cc80a5cc52 dm cache: prevent BUG_ON by blocking retries on failed device resumes
| * 1c17190880 usb: xhci: set page size to the xHCI-supported size
| * 5520fed18d media: c8sectpfe: Call of_node_put(i2c_bus) only once in c8sectpfe_probe()
| * 25056d1fe5 ARM: tegra: Switch DSI-B clock parent to PLLD on Tegra114
| * 8fc16414c3 soc: samsung: include linux/array_size.h where needed
| * 4943c0bae1 drm/xe: Retry BO allocation
| * 623669ae7a drm/xe: Nuke VM's mapping upon close
| * a3642d2d73 ieee802154: ca8210: Use proper setters and getters for bitwise types
| * 3afa1610e5 rtc: ds1307: stop disabling alarms on probe
| * 73d01bcbf2 tcp: bring back NUMA dispersion in inet_ehash_locks_alloc()
| * a068612985 ALSA: seq: Improve data consistency at polling
| * 515a21a5e1 powerpc/prom_init: Fixup missing #size-cells on PowerBook6,7
| * 09193145d1 arm64: tegra: Resize aperture for the IGX PCIe C5 slot
| * 2f0044e20f arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator
| * ecaa856227 drm/amdgpu: Fix missing drain retry fault the last entry
| * c700730d81 drm/amdkfd: Set per-process flags only once cik/vi
| * e1901e8e6b drm/amdkfd: Set per-process flags only once for gfx9/10/11/12
| * 6a1706dfe0 crypto: mxs-dcp - Only set OTP_KEY bit for OTP key
| * 7caad075ac crypto: lzo - Fix compression buffer overrun
| * f615e8d2de misc: pci_endpoint_test: Give disabled BARs a distinct error code
| * fe2329eff5 PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops
| * 1e0398a349 watchdog: aspeed: Update bootstatus handling
| * d95fdee225 cpufreq: tegra186: Share policy per cluster
| * 11be3d3f95 iommu/amd/pgtbl_v2: Improve error handling
| * 9032252905 coresight-etb10: change etb_drvdata spinlock's type to raw_spinlock_t
| * 75ae2a3553 badblocks: Fix a nonsense WARN_ON() which checks whether a u64 variable < 0
| * 7bd6061b0a ASoC: qcom: sm8250: explicitly set format in sm8250_be_hw_params_fixup()
| * 84c069dc5f auxdisplay: charlcd: Partially revert "Move hwidth and bwidth to struct hd44780_common"
| * 53ce754286 gfs2: Check for empty queue in run_queue
| * ff11cd673e drm/amd/display: Fix incorrect DPCD configs while Replay/PSR switch
| * ed7eda66b2 drm/amd/display: not abort link train when bw is low
| * 83e4f1de08 drm/amd/display: calculate the remain segments for all pipes
| * 65e51bc280 drm/amd/display: remove minimum Dispclk and apply oem panel timing.
| * c1502fc84d ipv6: save dontfrag in cork
| * faba68a86a wifi: cfg80211: allow IR in 20 MHz configurations
| * 22d8cc7f5d wifi: mac80211_hwsim: Fix MLD address translation
| * 07709d3182 wifi: mac80211: fix warning on disconnect during failed ML reconf
| * a791a6bf02 wifi: iwlwifi: fix the ECKV UEFI variable name
| * 7ce37a3ca0 wifi: iwlwifi: mark Br device not integrated
| * 181e8b56b7 wifi: iwlwifi: fix debug actions order
| * 1c55feb638 wifi: iwlwifi: w/a FW SMPS mode selection
| * 0446d34a85 wifi: iwlwifi: don't warn when if there is a FW error
| * 101a3b9920 printk: Check CON_SUSPEND when unblanking a console
| * 063ad8885c iommu: Keep dev->iommu state consistent
| * a21f1607d0 hwmon: (dell-smm) Increment the number of fans
| * aef1b639ae wifi: iwlwifi: mvm: fix setting the TK when associated
| * 3a75fe58a1 usb: xhci: Don't change the status of stalled TDs on failed Stop EP
| * 28306c58da mmc: sdhci: Disable SD card clock before changing parameters
| * 38828e0dc7 mmc: dw_mmc: add exynos7870 DW MMC support
| * 8ad58a7eba arm64/mm: Check PUD_TYPE_TABLE in pud_bad()
| * 6215143ad3 arm64/mm: Check pmd_table() in pmd_trans_huge()
| * 4f89f257f3 phy: rockchip: usbdp: Only verify link rates/lanes/voltage when the corresponding set flags are set
| * 236a87e9d2 PNP: Expand length of fixup id string
| * 21153e0974 netfilter: conntrack: Bound nf_conntrack sysctl writes
| * 4210174827 wifi: rtw89: set force HE TB mode when connecting to 11ax AP
| * 3fb9ee05ec timer_list: Don't use %pK through printk()
| * 6e816a97fa net: hsr: Fix PRP duplicate detection
| * f933879c5b net: stmmac: dwmac-rk: Validate GRF and peripheral GRF during probe
| * ae22452d15 posix-timers: Ensure that timer initialization is fully visible
| * d0dc233fe2 posix-timers: Add cond_resched() to posix_timer_add() search loop
| * 135dde13b9 RDMA/uverbs: Propagate errors from rdma_lookup_get_uobject()
| * 785ac69911 ext4: do not convert the unwritten extents if data writeback fails
| * 2f5f326214 ext4: reject the 'data_err=abort' option in nojournal mode
| * 3039f0c9c7 clk: qcom: lpassaudiocc-sc7280: Add support for LPASS resets for QCM6490
| * 3673382803 ASoC: sun4i-codec: support hp-det-gpios property
| * de3c09de74 drm/amdgpu: Update SRIOV video codec caps
| * 858425dc2d drm/amdgpu/gfx11: don't read registers in mqd init
| * 73d437ae63 drm/amdgpu/gfx12: don't read registers in mqd init
| * 580750a317 mfd: tps65219: Remove TPS65219_REG_TI_DEV_ID check
| * 27b19f29c9 pinctrl-tegra: Restore SFSEL bit when freeing pins
| * f5363ffdab xen: Add support for XenServer 6.1 platform device
| * 8ef935698f net/smc: use the correct ndev to find pnetid by pnetid table
| * 174dedce64 dm: restrict dm device size to 2^63-512 bytes
| * ee87fc3a12 crypto: octeontx2 - suppress auth failure screaming due to negative tests
| * 572ed3fb99 kconfig: do not clear SYMBOL_VALID when reading include/config/auto.conf
| * 61d7c8a753 kbuild: fix argument parsing in scripts/config
| * 555c0b713c bpf: Allow pre-ordering for bpf cgroup progs
| * 6c303960b1 ASoC: mediatek: mt6359: Add stub for mt6359_accdet_enable_jack_detect
| * e8358aa00e ASoC: pcm6240: Drop bogus code handling IRQ as GPIO
| * 0076b0423b spi: spi-mux: Fix coverity issue, unchecked return value
| * b35ccfdc85 erofs: initialize decompression early
| * c8c643809f thunderbolt: Do not add non-active NVM if NVM upgrade is disabled for retimer
| * 2585e6cbd9 objtool: Fix error handling inconsistencies in check()
| * a0d34b9be2 rtc: rv3032: fix EERD location
| * dab35f4921 tcp: reorganize tcp_in_ack_event() and tcp_count_delivered()
| * 50452704ec jbd2: do not try to recover wiped journal
| * e2520cc19b PCI: dwc: Use resource start as ioremap() input in dw_pcie_pme_turn_off()
| * e658f2d94a bpf: Return prog btf_id without capable check
| * 66e8f1d64b vfio/pci: Handle INTx IRQ_NOTCONNECTED
| * 0268f485aa scsi: st: ERASE does not change tape location
| * c6d366f8d2 scsi: st: Tighten the page format heuristics with MODE SELECT
| * 853a4e7439 hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure
| * 94c3cbc69a ext4: reorder capability check last
| * a55ebe30f1 riscv: Call secondary mmu notifier when flushing the tlb
| * 5cdd304662 bnxt_en: Query FW parameters when the CAPS_CHANGE bit is set
| * 3425308429 wifi: mwifiex: Fix HT40 bandwidth issue.
| * 728945c962 um: Update min_low_pfn to match changes in uml_reserved
| * d6d2f664cb um: Store full CSGSFS and SS register from mcontext
| * 7790a9449c clocksource/drivers/timer-riscv: Stop stimecmp when cpu hotplug
| * 39ff190324 dlm: make tcp still work in multi-link env
| * f3ea633a11 s390/tlb: Use mm_has_pgste() instead of mm_alloc_pgste()
| * 1ea4653cff i3c: master: svc: Fix missing STOP for master request
| * 94206e0d72 drm/amdgpu: adjust drm_firmware_drivers_only() handling
| * 85bda883a6 drm/amd/display: Guard against setting dispclk low for dcn31x
| * ca8fcb8bce drm/amdgpu: release xcp_mgr on exit
| * a5a507fa5f blk-cgroup: improve policy registration error handling
| * c60f8684a8 btrfs: send: return -ENAMETOOLONG when attempting a path that is too long
| * c4845a09a1 btrfs: get zone unusable bytes while holding lock at btrfs_reclaim_bgs_work()
| * 0058c61d47 btrfs: fix non-empty delayed iputs list on unmount due to async workers
| * 8629f9d9a9 btrfs: run btrfs_error_commit_super() early
| * a4840945f5 btrfs: avoid linker error in btrfs_find_create_tree_block()
| * 1144874b41 btrfs: make btrfs_discard_workfn() block_group ref explicit
| * 477a412a2f i2c: pxa: fix call balance of i2c->clk handling routines
| * 3b9cf1c0fa i2c: qup: Vote for interconnect bandwidth to DRAM
| * c6f2694c58 x86/mm: Check return value from memblock_phys_alloc_range()
| * d0f9875257 x86/microcode: Update the Intel processor flag scan check
| * 8973fb71c9 x86/smpboot: Fix INIT delay assignment for extended Intel Families
| * 44e0416753 x86/stackprotector/64: Only export __ref_stack_chk_guard on CONFIG_SMP
| * 63b7dade89 x86/headers: Replace __ASSEMBLY__ with __ASSEMBLER__ in UAPI headers
| * ac3af695c4 wifi: mt76: mt7925: fix fails to enter low power mode in suspend state
| * 8b526e4d94 wifi: mt76: mt7925: load the appropriate CLC data based on hardware type
| * c9c64da88e wifi: mt76: mt7996: revise TXS size
| * 1d58321192 wifi: mt76: mt7996: fix SER reset trigger on WED reset
| * fa6c05122f wifi: mt76: only mark tx-status-failed frames as ACKed on mt76x0/2
| * 8f82cf305e cgroup/rstat: avoid disabling irqs for O(num_cpu)
| * dca76ee1f0 drm/amdgpu: Skip pcie_replay_count sysfs creation for VF
| * 67bb217509 mmc: host: Wait for Vdd to settle on card power off
| * 4005036642 staging: vchiq_arm: Create keep-alive thread during probe
| * 123bcd8f42 pidfs: improve multi-threaded exec and premature thread-group leader exit polling
| * 1d1e1efad1 libnvdimm/labels: Fix divide error in nd_label_data_init()
| * 37ac2434aa ext4: on a remount, only log the ro or r/w state when it has changed
| * 3e10592b47 xen/pci: Do not register devices with segments >= 0x10000
| * 2a8bedeb96 PCI: vmd: Disable MSI remapping bypass under Xen
| * 8b80fd3f76 drm/amdkfd: set precise mem ops caps to disabled for gfx 11 and 12
| * 98e38fe7d3 drm/amdgpu/discovery: check ip_discovery fw file available
| * 1630224189 pNFS/flexfiles: Report ENETDOWN as a connection error
| * a1596965a7 tools/build: Don't pass test log files to linker
| * 2780aa8394 r8169: disable RTL8126 ZRX-DC timeout
| * e63b634806 PCI: dwc: ep: Ensure proper iteration over outbound map windows
| * c0c59a1f77 objtool: Properly disable uaccess validation
| * ac30595154 lockdep: Fix wait context check on softirq for PREEMPT_RT
| * 44b79041c4 dql: Fix dql->limit value when reset.
| * f48ee562c0 Bluetooth: Disable SCO support if READ_VOICE_SETTING is unsupported/broken
| * 7ec409ee15 Bluetooth: btmtksdio: Prevent enabling interrupts after IRQ handler removal
| * 7cfde2a482 thermal/drivers/qoriq: Power down TMU on system suspend
| * c347928320 thermal/drivers/mediatek/lvts: Start sensor interrupts disabled
| * 7b32d4e62c net: tn40xx: create swnode for mdio and aqr105 phy and add to mdiobus
| * b07ba838ad net: tn40xx: add pci-id of the aqr105-based Tehuti TN4010 cards
| * 9e542640c2 mctp: Fix incorrect tx flow invalidation condition in mctp-i2c
| * c0d63ee0dd ASoC: codecs: wsa883x: Correct VI sense channel mask
| * 780699001b ASoC: codecs: wsa884x: Correct VI sense channel mask
| * ace57bd1fb spi-rockchip: Fix register out of bounds access
| * dac9e6af53 SUNRPC: rpcbind should never reset the port to the value '0'
| * 984d8a392f SUNRPC: rpc_clnt_set_transport() must not change the autobind setting
| * 71e07bb155 NFSv4: Treat ENETUNREACH errors as fatal for state recovery
| * 1e317f5781 cifs: Fix establishing NetBIOS session for SMB2+ connection
| * 51d44dba94 cifs: add validation check for the fields in smb_aces
| * 15c961d7a9 cifs: Set default Netbios RFC1001 server name to hostname in UNC
| * ff968e486e fbdev: core: tileblit: Implement missing margin clearing for tileblit
| * 8c912c0a68 fbcon: Use correct erase colour for clearing in fbcon
| * 230abe5d3f fbdev: fsl-diu-fb: add missing device_remove_file()
| * 6427b5c0f0 riscv: Allow NOMMU kernels to access all of RAM
| * 15787ab82a mailbox: use error ret code of of_parse_phandle_with_args()
| * 2c80f975e9 mailbox: pcc: Use acpi_os_ioremap() instead of ioremap()
| * 2d21895e77 tpm: Convert warn to dbg in tpm2_start_auth_session()
| * 2eb8f47019 ACPI: PNP: Add Intel OC Watchdog IDs to non-PNP device list
| * 4f427ca9ed tracing: Mark binary printing functions with __printf() attribute
| * b4c11dd41c iommufd: Extend IOMMU_GET_HW_INFO to report PASID capability
| * e506751b7d arm64: Add support for HIP09 Spectre-BHB mitigation
| * 1a9b696a00 SUNRPC: Don't allow waiting for exiting tasks
| * ac83bf58f6 NFS: Don't allow waiting for exiting tasks
| * 46a47dc10f NFSv4: Check for delegation validity in nfs_start_delegation_return_locked()
| * 01677e7ee1 io_uring/msg: initialise msg request opcode
| * bab0bd1389 exfat: call bh_read in get_block only when necessary
| * d40ca27602 fuse: Return EPERM rather than ENOSYS from link()
| * c9a508b6bb smb: client: Store original IO parameters and prevent zero IO sizes
| * 150f38edde cifs: Fix negotiate retry functionality
| * 0705b6d5bc cifs: Fix querying and creating MF symlinks over SMB1
| * 6ebb9d54ec cifs: Add fallback for SMB2 CREATE without FILE_READ_ATTRIBUTES
| * 100b452e0e s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log
| * c42f740a07 x86/fred: Fix system hang during S4 resume with FRED enabled
| * 192b02f8c7 kconfig: merge_config: use an empty file as initfile
| * dac9d6ad5e samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora
| * 8014d3e56e bpf: fix possible endless loop in BPF map iteration
| * 218c838d03 io_uring: don't duplicate flushing in io_req_post_cqe
| * 64f505b08e block: fix race between set_blocksize and read paths
| * e9f646f089 selftests/bpf: Mitigate sockmap_ktls disconnect_after_delete failure
| * cd39fae34f drm/amdgpu: Allow P2P access through XGMI
| * 36cb568f55 drm/amd/display: Enable urgent latency adjustment on DCN35
| * 9ece099e95 fs/ext4: use sleeping version of sb_find_get_block()
| * f1c5aa614b fs/jbd2: use sleeping version of __find_get_block()
| * aafc270531 fs/ocfs2: use sleeping version of __find_get_block()
| * a49a4a87ce fs/buffer: use sleeping version of __find_get_block()
| * e138fc2316 fs/buffer: introduce sleeping flavors for pagecache lookups
| * 4f5553a08f fs/buffer: split locking for pagecache lookups
| * 836917e7a6 ima: process_measurement() needlessly takes inode_lock() on MAY_READ
| * e22034cbee dma-mapping: Fix warning reported for missing prototype
| * 7f7f70c316 net: enetc: refactor bulk flipping of RX buffers to separate function
| * 523c08f630 scsi: mpi3mr: Add level check to control event logging
| * bd8c9404e4 vhost-scsi: protect vq->log_used with vq->mutex
| * f93675793b vhost_task: fix vhost_task_create() documentation
| * 97edaa0ec6 cgroup: Fix compilation issue due to cgroup_mutex not being exported
| * 3eec42a17a dma-mapping: avoid potential unused data compilation warning
| * a8dd6b7b39 mei: vsc: Use struct vsc_tp_packet as vsc-tp tx_buf and rx_buf type
| * de8c0b93a6 intel_th: avoid using deprecated page->mapping, index fields
| * 2998813177 dma/mapping.c: dev_dbg support for dma_addressing_limited
| * b730cb1096 virtio_ring: Fix data race by tagging event_triggered as racy for KCSAN
| * 7aea1517fb scsi: ufs: Introduce quirk to extend PA_HIBERN8TIME for UFS devices
| * 87389bff74 scsi: target: iscsi: Fix timeout on deleted connection
| * 1603a34b80 nvmem: qfprom: switch to 4-byte aligned reads
| * 410f8b72e0 nvmem: core: update raw_len if the bit reading is required
| * 4327479e55 nvmem: core: verify cell's raw_len
| * a4f865ecdb nvmem: core: fix bit offsets of more than one byte
| * d6abe0f6ad nvmem: rockchip-otp: add rk3576 variant data
| * 49b4e88b55 nvmem: rockchip-otp: Move read-offset into variant-data
| * 3fc6095227 cpufreq: Add SM8650 to cpufreq-dt-platdev blocklist
| * c000fc26c4 phy: renesas: rcar-gen3-usb2: Assert PLL reset on PHY power off
| * 918d436862 phy: renesas: rcar-gen3-usb2: Lock around hardware registers and driver data
| * 64cf5b896f phy: renesas: rcar-gen3-usb2: Move IRQ request in probe
| * 0abae7dc42 i2c: designware: Fix an error handling path in i2c_dw_pci_probe()
| * 0d1002c60c i2c: designware: Use temporary variable for struct device
| * 4fa55c5230 drm/amd/display: Defer BW-optimization-blocked DRR adjustments
| * 5f05863810 drm/amd/display: Correct timing_adjust_pending flag setting.
| * 839b2350b8 drm/amd/display: Do not enable replay when vtotal update is pending.
| * 892f054b3f drm/amd/display: Configure DTBCLK_P with OPTC only for dcn401
* ed9bdb1db3 Merge android16-6.12 into android16-6.12-lts
* 578a5a2331 FROMGIT: mm: add CONFIG_PAGE_BLOCK_ORDER to select page block order

Change-Id: Ibd8719f90f3b6144370c8a6951364f44ac0e27f6
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
2025-07-26 00:22:30 -07:00
Peng Yang 354fa5d5bf ANDROID: gunyah: GKI: Avoid release the CMA memory when it's in use
One process boots up SVM, the CMA memory is allocated and used by SVM.
If another process try to boot up VM again, will allocate fail and
release this CMA memory region. It will cause kernel panic when one
process allocates memory from this CMA memory region due to not do
relciam parcel for this memory. Fix this issue by return a error in
gunyah_cma_create_mem_fd to avoid gunyah_cma_release is called when
the CMA memory region is already allocated by other process.

Bug: 432359620
Change-Id: Iee2d20d455e80d992db45c875488fd9cb631f8fd
Signed-off-by: Peng Yang <quic_penyan@quicinc.com>
2025-07-18 10:15:06 -07:00
Greg Kroah-Hartman 5a080cbd01 Merge android16-6.12 into android16-6.12-lts
This merges the android16-6.12 branch into the -lts branch, catching
it up with the latest changes in there.

Resolves merge conflicts in:
	kernel/sched/core.c

It contains the following commits:

* 2bd1f36314 ANDROID: gunyah: Add new VM status to handle reset failure
* e740e8d9ea ANDROID: Sync proxy-exec logic to v19 (from v18)
* 7d6f7afb0d UPSTREAM: perf/core: Clean up perf_try_init_event()
* 3f5de81785 ANDROID: GKI: Update xiaomi symbol list.
* 5d3d6f75d5 BACKPORT: hung_task: show the blocker task if the task is hung on mutex
* 6b4fffd5b2 FROMGIT: pinmux: fix race causing mux_owner NULL with active mux_usecount
* 9f514cf3d9 ANDROID: GKI: add GKI symbol list for Exynosauto SoC

Change-Id: I26e0399d7c0a55ff40ea1e915b41ce8320bff30b
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
2025-07-15 07:43:17 +00:00
Cong Zhang 2bd1f36314 ANDROID: gunyah: Add new VM status to handle reset failure
Add new VM status GUNYAH_RM_VM_STATUS_RESET_FAILED to indicate that VM
reset is failed.

Bug: 430214928
Change-Id: If9664bf64a6a14c577fb2b29e1ad0775c0e9d140
Signed-off-by: Cong Zhang <quic_congzhan@quicinc.com>
2025-07-14 16:46:40 -07:00
Greg Kroah-Hartman 1741b1e583 Merge android16-6.12 into android16-6.12-lts
This merges the android16-6.12 branch into the -lts branch, catching
it up with the latest changes in there.

It contains the following commits:

* 21ed84930c UPSTREAM: Revert "usb: xhci: Implement xhci_handshake_check_state() helper"
* 5b3ae3bcbe BACKPORT: usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed
* 5c72e9faba ANDROID: rust_binder: adjust errors from death notifications
* 9e02edea7f ANDROID: rust_binder: use u64 for death cookie
* 4317f0aeff ANDROID: f2fs: fixup ABI break due to reserved_pin_section
* 25bdb4a624 Revert "ANDROID: ABI: update symbol list for honor"
* a76eb2b67b ANDROID: GKI: Update oplus symbol list
* 6222007a04 ANDROID: mm/readahead: add for bypass high order allocation
* 659d7bb454 ANDROID: ABI: Update symbol list for exynos
* 26937a37f5 ANDROID: MODVERSIONS: hide type definition in drivers/usb/core/driver.c
* 8760b6e4f5 ANDROID: usb: Add vendor hook for usb suspend and resume
* da662aecc8 FROMLIST: KVM: Avoid synchronize_srcu() in kvm_io_bus_register_dev()
* 4be05c6524 FROMLIST: KVM: arm64: vgic: Explicitly implement vgic_dist::ready ordering
* d6045efc66 FROMLIST: KVM: arm64: vgic-init: Remove vgic_ready() macro
* f06dd0cd35 ANDROID: rust_binder: release threads before refs
* 5bbd30a60b ANDROID: ABI: Update pixel symbol list
* bafbebf2ab ANDROID: GKI: Update symbol list for xiaomi
* b7b130b7cc ANDROID: export folio_deactivate() for GKI purpose.
* 41f730f9c4 ANDROID: GKI: update exynos symbol list
* 766ecae19f UPSTREAM: xhci: dbctty: disable ECHO flag by default
* 8ea40f5243 ANDROID: GKI: Update xiaomi symbol list.
* 5594b4731d ANDROID: vendor_hooks: export tracepoint symbols
* 0d4cc1daff ANDROID: KVM: arm64: Don't update IOMMU under memory pressure
* 672185e575 ANDROID: iommu/iommu: Handle multi-page deferred sg mappings
* 740d42d181 ANDROID: vendor_hooks: Add vendor_hook in futex to fix the OEM scheduling priority bug
* 6eb6f346ac ANDROID: ABI: Update symbol list for mtk
* c302079179 ANDROID: vendor_hooks: Add vendor hook for GenieZone demand paging
* 5c1cddc983 ANDROID: vendor_hooks: Add vendor hook for GenieZone para-virtualization
* d893caf112 ANDROID: ashmem_rust: Add support for retrieving an ashmem area's vmfile
* 0be74214c0 ANDROID: ashmem_rust: Add support for querying the size of an ashmem region
* eb50f663c4 ANDROID: ashmem_rust: Add support for providing an ashmem region's name
* 6bdbae6ea9 ANDROID: ashmem_rust: Add is_ashmem_file()
* 0d890f867e ANDROID: ABI: update symbol list for honor
* 12727f8a4b FROMGIT: f2fs: introduce reserved_pin_section sysfs entry
* 286cd9d628 ANDROID: GKI: Update RTK STB KMI symbol list
* 7b4f7682b5 ANDROID: GKI: Update symbol list for Amlogic
* 862ce4b2c4 ANDROID: KVM: arm64: iommu: Fix power tracking
* 61184996a8 ANDROID: drivers/iommu: Fix return value in iommu_map_sg
* acad0cd51d ANDROID: ABI: update symbol list for galaxy
* 393dbad32c ANDROID: vendor_hook: add condition to call for freezing fail
* b62fe47ba2 ANDROID: fix ashmem_rust return EINVAL bug in ashmem_rust.rs
* a7e1300b95 ANDROID: Revert "cpufreq: Avoid using inconsistent policy->min and policy->max"
* 15d2fe0544 ANDROID: qcom: Update the ABI symbol list
* f6ca783ba2 UPSTREAM: scsi: ufs: qcom: Check gear against max gear in vop freq_to_gear()
* 237708e9d3 ANDROID: GKI: Update symbols list file for honor White list the vm_normal_folio_pmd
* f18e354aa9 ANDROID: mm: export vm_normal_folio_pmd to allow vendors to implement simplified smaps
* c181c478b0 ANDROID: vendor_hooks: add hook to record slab free
* d2e452e197 ANDROID: Build fixups with PROXY_EXEC v18 + !CONFIG_SMP
* 4f9e4406e4 ANDROID: Update proxy-exec logic from v14 to v18
* 3fa8dabe1a ANDROID: GKI: update asr symbols list
* 94310b3f77 ANDROID: Add the dma header to aarch64 allowlist
* 880d6538c5 UPSTREAM: usb: gadget: u_serial: Fix race condition in TTY wakeup
* b115bf2302 ANDROID: ABI: Update symbol list for mtk
* e87018c5f9 FROMGIT: sched/deadline: Fix dl_server runtime calculation formula
* e2bf362ee2 FROMGIT: sched/core: Fix migrate_swap() vs. hotplug
* 06ca12d7d2 ANDROID: GKI: update the ABI symbol list
* 55972ed83a ANDROID: Fixup init_user_ns CRC change
* 4e873ad607 ANDROID: user: Add vendor hook to user for GKI purpose
* a097cd9c30 ANDROID: export find_user() for GKI purpose.
* 85b8233f7e ANDROID: rust_binder: use euid from the task
* 969c904869 ANDROID: ashmem: rename VmAreaNew->VmaNew
* 2ab3e5f283 ANDROID: rust_binder: rename VmAreaNew->VmaNew
* 2ef75ab83a ANDROID: rust_binder: use tgid_nr_ns for getting pid
* 6a2be11026 UPSTREAM: task: rust: rework how current is accessed
* 602e2300de UPSTREAM: rust: add PidNamespace
* 12dfc1d9cb UPSTREAM: rust: miscdevice: add mmap support
* 8e67cb756f UPSTREAM: mm: rust: add VmaNew for f_ops->mmap()
* bd140ddf75 UPSTREAM: mm: rust: add mmput_async support
* 0c50773076 UPSTREAM: mm: rust: add lock_vma_under_rcu
* 0b5465bb31 UPSTREAM: mm: rust: add vm_insert_page
* d7f52612c5 UPSTREAM: mm: rust: add vm_area_struct methods that require read access
* f03d4f7490 UPSTREAM: mm: rust: add abstraction for struct mm_struct
* 2ef6dbc73e BACKPORT: rust: miscdevice: change how f_ops vtable is constructed
* 1acd3b312f Revert "FROMLIST: mm: rust: add abstraction for struct mm_struct"
* a012c15566 Revert "FROMLIST: mm: rust: add vm_area_struct methods that require read access"
* 3be00a9bf8 Revert "FROMLIST: mm: rust: add vm_insert_page"
* 3aed88205e Revert "FROMLIST: mm: rust: add lock_vma_under_rcu"
* a121b6e72f Revert "FROMLIST: mm: rust: add mmput_async support"
* 9248564a81 Revert "FROMLIST: mm: rust: add VmAreaNew for f_ops->mmap()"
* 6de3ace5b5 Revert "FROMLIST: rust: miscdevice: add mmap support"
* b7f54dd23b Revert "BACKPORT: FROMLIST: task: rust: rework how current is accessed"
* 5913c80b22 ANDROID: iommu/arm-smmu-v3-kvm: Fix idmap free_leaf
* c40c54e669 UPSTREAM: erofs: impersonate the opener's credentials when accessing backing file
* 4d0200d0a9 BACKPORT: erofs: add 'fsoffset' mount option to specify filesystem offset
* 399deda7b5 ANDROID: scsi: ufs: add UFSHCD_ANDROID_QUIRK_NO_IS_READ_ON_H8
* f6b1ab83f6 ANDROID: rust_binder: remove binder_logs/procs/pid immediately
* dd35623c83 ANDROID: ABI: update symbol list for mtktv
* 58beebb30f FROMLIST: fuse: give wakeup hints to the scheduler
* 0f917e4066 ANDROID: virt: gunyah: Replace arm_smccc_1_1_smc with arm_smccc_1_1_invoke
* 33429dd323 UPSTREAM: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
* 6483832947 ANDROID: GKI: Update symbol list file for xiaomi
* 668635cd34 UPSTREAM: usb: gadget: uvc: dont call usb_composite_setup_continue when not streaming

Change-Id: I64074144d1a6da9fdd3b4dd5f8314ccea4f9d9e8
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
2025-07-13 12:17:44 +00:00
Greg Kroah-Hartman 8cb2595f93 Merge 6.12.35 into android16-6.12-lts
GKI (arm64) relevant 87 out of 414 changes, affecting 112 files +738/-352
  bdb71ee651 configfs: Do not override creating attribute file failure in populate_attrs() [1 file, +1/-1]
  ba789be63d io_uring: account drain memory to cgroup [1 file, +1/-1]
  c58b577cf7 io_uring/kbuf: account ring io_buffer_list memory [1 file, +1/-1]
  f78b38af35 jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() [1 file, +3/-2]
  2429bb9fad media: v4l2-dev: fix error handling in __video_register_device() [1 file, +7/-7]
  5d8b057ed7 media: videobuf2: use sgtable-based scatterlist wrappers [1 file, +2/-2]
  b52dc88361 media: uvcvideo: Return the number of processed controls [1 file, +10/-1]
  6d2b12e7c5 media: uvcvideo: Send control events for partial succeeds [1 file, +9/-3]
  aac91ae06c media: uvcvideo: Fix deferred probing error [1 file, +19/-8]
  86d9837e46 arm64/mm: Close theoretical race where stale TLB entry remains valid [1 file, +5/-4]
  5538af3843 block: use plug request list tail for one-shot backmerge attempt [1 file, +13/-13]
  943801c380 block: Clear BIO_EMULATES_ZONE_APPEND flag on BIO completion [1 file, +1/-0]
  1c71f3cf5f cgroup,freezer: fix incomplete freezing when attaching tasks [1 file, +1/-2]
  a0890b7805 bus: firewall: Fix missing static inline annotations for stubs [1 file, +9/-6]
  5766da2237 ext4: inline: fix len overflow in ext4_prepare_inline_data [1 file, +1/-1]
  796632e6f8 ext4: fix calculation of credits for extent tree modification [1 file, +6/-5]
  4b36399711 ext4: ensure i_size is smaller than maxbytes [1 file, +2/-1]
  be5f3061a6 ext4: only dirty folios when data journaling regular files [1 file, +6/-1]
  a0b1c91ada Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer() [1 file, +2/-0]
  fed611bd8c f2fs: fix to do sanity check on ino and xnid [1 file, +6/-0]
  aaa644e7ff f2fs: prevent kernel warning due to negative i_nlink from corrupted image [1 file, +9/-0]
  ee1b421c46 f2fs: fix to do sanity check on sit_bitmap_size [1 file, +8/-0]
  f16a797dce watchdog: fix watchdog may detect false positive of softlockup [1 file, +27/-14]
  02137179ff mm: fix ratelimit_pages update error in dirty_ratio_handler() [1 file, +1/-1]
  462eee6d42 firmware: arm_scmi: Ensure that the message-id supports fastchannel [2 files, +45/-33]
  e3cf1ef571 dm-verity: fix a memory leak if some arguments are specified multiple times [3 files, +24/-5]
  f2986bccf2 dm: lock limits when reading them [1 file, +7/-1]
  ec5f0b4412 ovl: Fix nested backing file paths [1 file, +2/-2]
  92776ca0cc remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() [1 file, +2/-3]
  f4ef928ca5 remoteproc: core: Release rproc->clean_table after rproc_attach() fails [1 file, +1/-0]
  68e58f5791 PCI: dwc: ep: Correct PBA offset in .set_msix() callback [1 file, +3/-2]
  b20701d594 PCI: Add ACS quirk for Loongson PCIe [1 file, +23/-0]
  be0cf75cbd PCI: Fix lock symmetry in pci_slot_unlock() [1 file, +2/-1]
  7b45d2401d clocksource: Fix the CPUs' choice in the watchdog per CPU verification [1 file, +1/-1]
  c05aba32a9 ACPICA: Avoid sequence overread in call to strncmp() [1 file, +1/-1]
  66613b13cd ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case [1 file, +8/-1]
  33cd650d38 pmdomain: core: Reset genpd->states to avoid freeing invalid data [1 file, +3/-1]
  f34e0c1556 platform-msi: Add msi_remove_device_irq_domain() in platform_device_msi_free_irqs_all() [1 file, +1/-0]
  c519f81e9c gpiolib: of: Add polarity quirk for s5m8767 [1 file, +9/-0]
  1f152ae557 PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() [1 file, +1/-1]
  6c1151d53c tipc: use kfree_sensitive() for aead cleanup [1 file, +1/-1]
  b0e647442c f2fs: use vmalloc instead of kvmalloc in .init_{,de}compress_ctx [2 files, +15/-13]
  2d834477bb bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() [1 file, +2/-1]
  77ff6aec7c cpufreq: scmi: Skip SCMI devices that aren't used by the CPUs [1 file, +35/-1]
  0a8446058c tcp: always seek for minimal rtt in tcp_rcv_rtt_update() [1 file, +8/-14]
  f97085d365 tcp: remove zero TCP TS samples for autotuning [1 file, +5/-5]
  89b20c406e tcp: fix initial tp->rcvq_space.space value for passive TS enabled flows [1 file, +3/-3]
  84c156a351 tcp: add receive queue awareness in tcp_rcv_space_adjust() [2 files, +5/-3]
  3a9e74d158 ipv4/route: Use this_cpu_inc() for stats on PREEMPT_RT [1 file, +4/-0]
  5eb9c50e0c net: page_pool: Don't recycle into cache on PREEMPT_RT [1 file, +4/-0]
  8b0741b167 xfrm: validate assignment of maximal possible SEQ number [1 file, +42/-10]
  8fdf2f79eb bpf: Pass the same orig_call value to trampoline functions [1 file, +1/-1]
  f0023d7a2a f2fs: fix to bail out in get_new_segment() [2 files, +6/-1]
  448dc45eea bpf: Use proper type to calculate bpf_raw_tp_null_args.mask index [1 file, +2/-2]
  78f768e36c net: bridge: mcast: re-implement br_multicast_{enable, disable}_port functions [1 file, +69/-8]
  4b3383110b software node: Correct a OOB check in software_node_get_reference_args() [1 file, +1/-1]
  b7129ef57d sock: Correct error checking condition for (assign|release)_proto_idx() [1 file, +2/-2]
  a58f0a0e99 f2fs: fix to set atomic write status more clear [3 files, +12/-2]
  b8b4b8bb34 bpf, sockmap: Fix data lost during EAGAIN retries [1 file, +2/-1]
  7c41f73b64 fs/xattr.c: fix simple_xattr_list() [1 file, +1/-0]
  2e10dc9c2a io_uring/kbuf: don't truncate end buffer for multiple buffer peeks [1 file, +4/-1]
  1a4254ab06 io_uring: fix task leak issue in io_wq_create() [1 file, +3/-1]
  4220cc0b98 nvme: always punt polled uring_cmd end_io work to task_work [1 file, +7/-14]
  f9b97d466e net_sched: sch_sfq: reject invalid perturb period [1 file, +8/-2]
  2a3ad42a57 net: clear the dst when changing skb protocol [1 file, +13/-6]
  510a29d776 mm: close theoretical race where stale TLB entries could linger [1 file, +2/-0]
  57ec081869 sched_ext, sched/core: Don't call scx_group_set_weight() prematurely from sched_create_group() [3 files, +9/-2]
  3d828519bd atm: Revert atm_account_tx() if copy_from_iter_full() fails. [3 files, +8/-1]
  47f34289d1 arm64: Restrict pagetable teardown to avoid false warning [1 file, +2/-1]
  9cf5b2a3b7 mm/hugetlb: unshare page tables during VMA split, not before [5 files, +57/-16]
  dc5f0aef9e net: Fix checksum update for ILA adj-transport [4 files, +7/-7]
  2516299184 bpf: Fix L4 csum update on IPv6 in CHECKSUM_COMPLETE [3 files, +7/-2]
  50189d9c5e erofs: remove unused trace event erofs_destroy_inode [1 file, +0/-18]
  348e541fef ipv6: remove leftover ip6 cookie initializer [1 file, +0/-2]
  3c44ebad5a ipv6: replace ipcm6_init calls with ipcm6_init_sk [4 files, +3/-29]
  6b358b3adf io_uring/sqpoll: don't put task_struct on tctx setup failure [1 file, +1/-4]
  8873080b88 workqueue: Initialize wq_isolated_cpumask in workqueue_init_early() [1 file, +2/-1]
  ac462a75fd net: netmem: fix skb_ensure_writable with unreadable skbs [1 file, +0/-3]
  61b39e189d ptp: allow reading of currently dialed frequency to succeed on free-running clocks [1 file, +2/-1]
  397c1faf8f tcp: fix tcp_packet_delayed() for tcp_is_non_sack_preventing_reopen() behavior [1 file, +25/-12]
  0d3d91c350 tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer [1 file, +2/-2]
  31d50dfe9c tcp: fix passive TFO socket having invalid NAPI ID [1 file, +3/-0]
  0f8df5d6f2 ublk: santizize the arguments from userspace when adding a device [1 file, +3/-0]
  456019adaa perf: Fix sample vs do_exit() [2 files, +16/-8]
  7335c33d62 perf: Fix cgroup state vs ERROR [1 file, +30/-21]
  fd199366bf perf/core: Fix WARN in perf_cgroup_switch() [1 file, +20/-2]
  22f935bc86 arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth() [1 file, +1/-1]

Changes in 6.12.35
	configfs: Do not override creating attribute file failure in populate_attrs()
	crypto: marvell/cesa - Do not chain submitted requests
	gfs2: move msleep to sleepable context
	crypto: qat - add shutdown handler to qat_c3xxx
	crypto: qat - add shutdown handler to qat_420xx
	crypto: qat - add shutdown handler to qat_4xxx
	crypto: qat - add shutdown handler to qat_c62x
	crypto: qat - add shutdown handler to qat_dh895xcc
	ASoC: qcom: sdm845: Add error handling in sdm845_slim_snd_hw_params()
	ASoC: meson: meson-card-utils: use of_property_present() for DT parsing
	ASoC: amd: sof_amd_sdw: Fix unlikely uninitialized variable use in create_sdw_dailinks()
	io_uring: account drain memory to cgroup
	io_uring/kbuf: account ring io_buffer_list memory
	powerpc/pseries/msi: Avoid reading PCI device registers in reduced power states
	s390/pci: Remove redundant bus removal and disable from zpci_release_device()
	s390/pci: Prevent self deletion in disable_slot()
	s390/pci: Allow re-add of a reserved but not yet removed device
	s390/pci: Serialize device addition and removal
	regulator: max20086: Fix MAX200086 chip id
	regulator: max20086: Change enable gpio to optional
	net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr()
	net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid()
	wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()
	wifi: mt76: mt7925: fix host interrupt register initialization
	wifi: ath11k: fix rx completion meta data corruption
	wifi: rtw88: usb: Upload the firmware in bigger chunks
	wifi: ath11k: fix ring-buffer corruption
	NFSD: unregister filesystem in case genl_register_family() fails
	NFSD: fix race between nfsd registration and exports_proc
	NFSD: Implement FATTR4_CLONE_BLKSIZE attribute
	nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request
	nfsd: Initialize ssc before laundromat_work to prevent NULL dereference
	SUNRPC: Prevent hang on NFS mount with xprtsec=[m]tls
	NFSv4: Don't check for OPEN feature support in v4.1
	fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio()
	wifi: ath12k: fix ring-buffer corruption
	jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()
	svcrdma: Unregister the device if svc_rdma_accept() fails
	wifi: rtw88: usb: Reduce control message timeout to 500 ms
	wifi: rtlwifi: disable ASPM for RTL8723BE with subsystem ID 11ad:1723
	media: ov8856: suppress probe deferral errors
	media: ov5675: suppress probe deferral errors
	media: imx335: Use correct register width for HNUM
	media: nxp: imx8-isi: better handle the m2m usage_count
	media: i2c: ds90ub913: Fix returned fmt from .set_fmt()
	media: ccs-pll: Start VT pre-PLL multiplier search from correct value
	media: ov2740: Move pm-runtime cleanup on probe-errors to proper place
	media: ccs-pll: Start OP pre-PLL multiplier search from correct value
	media: ccs-pll: Correct the upper limit of maximum op_pre_pll_clk_div
	media: ccs-pll: Check for too high VT PLL multiplier in dual PLL case
	media: cxusb: no longer judge rbuf when the write fails
	media: davinci: vpif: Fix memory leak in probe error path
	media: gspca: Add error handling for stv06xx_read_sensor()
	media: i2c: imx335: Fix frame size enumeration
	media: imagination: fix a potential memory leak in e5010_probe()
	media: intel/ipu6: Fix dma mask for non-secure mode
	media: ipu6: Remove workaround for Meteor Lake ES2
	media: mediatek: vcodec: Correct vsi_core framebuffer size
	media: omap3isp: use sgtable-based scatterlist wrappers
	media: v4l2-dev: fix error handling in __video_register_device()
	media: venus: Fix probe error handling
	media: videobuf2: use sgtable-based scatterlist wrappers
	media: vidtv: Terminating the subsequent process of initialization failure
	media: vivid: Change the siize of the composing
	media: imx-jpeg: Drop the first error frames
	media: imx-jpeg: Move mxc_jpeg_free_slot_data() ahead
	media: imx-jpeg: Reset slot data pointers when freed
	media: imx-jpeg: Cleanup after an allocation error
	media: uvcvideo: Return the number of processed controls
	media: uvcvideo: Send control events for partial succeeds
	media: uvcvideo: Fix deferred probing error
	arm64/mm: Close theoretical race where stale TLB entry remains valid
	ARM: 9447/1: arm/memremap: fix arch_memremap_can_ram_remap()
	ARM: omap: pmic-cpcap: do not mess around without CPCAP or OMAP4
	ASoC: codecs: wcd9375: Fix double free of regulator supplies
	ASoC: codecs: wcd937x: Drop unused buck_supply
	block: use plug request list tail for one-shot backmerge attempt
	block: Clear BIO_EMULATES_ZONE_APPEND flag on BIO completion
	bus: mhi: ep: Update read pointer only after buffer is written
	bus: mhi: host: Fix conflict between power_up and SYSERR
	can: kvaser_pciefd: refine error prone echo_skb_max handling logic
	can: tcan4x5x: fix power regulator retrieval during probe
	ceph: avoid kernel BUG for encrypted inode with unaligned file size
	ceph: set superblock s_magic for IMA fsmagic matching
	cgroup,freezer: fix incomplete freezing when attaching tasks
	bus: firewall: Fix missing static inline annotations for stubs
	ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
	ata: ahci: Disallow LPM for ASUSPRO-D840SA motherboard
	ata: ahci: Disallow LPM for Asus B550-F motherboard
	bus: fsl-mc: do not add a device-link for the UAPI used DPMCP device
	bus: fsl-mc: fix GET/SET_TAILDROP command ids
	ext4: inline: fix len overflow in ext4_prepare_inline_data
	ext4: fix calculation of credits for extent tree modification
	ext4: factor out ext4_get_maxbytes()
	ext4: ensure i_size is smaller than maxbytes
	ext4: only dirty folios when data journaling regular files
	Input: ims-pcu - check record size in ims_pcu_flash_firmware()
	Input: gpio-keys - fix possible concurrent access in gpio_keys_irq_timer()
	f2fs: fix to do sanity check on ino and xnid
	f2fs: prevent kernel warning due to negative i_nlink from corrupted image
	f2fs: fix to do sanity check on sit_bitmap_size
	hwmon: (ftsteutates) Fix TOCTOU race in fts_read()
	NFC: nci: uart: Set tty->disc_data only in success path
	net/sched: fix use-after-free in taprio_dev_notifier
	net: ftgmac100: select FIXED_PHY
	iommu/vt-d: Restore context entry setup order for aliased devices
	fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var
	EDAC/altera: Use correct write width with the INTTEST register
	fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var
	parisc/unaligned: Fix hex output to show 8 hex chars
	vgacon: Add check for vc_origin address range in vgacon_scroll()
	parisc: fix building with gcc-15
	clk: meson-g12a: add missing fclk_div2 to spicc
	ipc: fix to protect IPCS lookups using RCU
	watchdog: fix watchdog may detect false positive of softlockup
	RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction
	mm: fix ratelimit_pages update error in dirty_ratio_handler()
	soc: qcom: pmic_glink_altmode: fix spurious DP hotplug events
	configfs-tsm-report: Fix NULL dereference of tsm_ops
	firmware: arm_scmi: Ensure that the message-id supports fastchannel
	mtd: rawnand: sunxi: Add randomizer configuration in sunxi_nfc_hw_ecc_write_chunk
	mtd: nand: sunxi: Add randomizer configuration before randomizer enable
	KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs
	KVM: VMX: Flush shadow VMCS on emergency reboot
	dm-mirror: fix a tiny race condition
	dm-verity: fix a memory leak if some arguments are specified multiple times
	mtd: rawnand: qcom: Fix read len for onfi param page
	ftrace: Fix UAF when lookup kallsym after ftrace disabled
	dm: lock limits when reading them
	phy: fsl-imx8mq-usb: fix phy_tx_vboost_level_from_property()
	net: ch9200: fix uninitialised access during mii_nway_restart
	KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY
	sysfb: Fix screen_info type check for VGA
	video: screen_info: Relocate framebuffers behind PCI bridges
	pwm: axi-pwmgen: fix missing separate external clock
	staging: iio: ad5933: Correct settling cycles encoding per datasheet
	mips: Add -std= flag specified in KBUILD_CFLAGS to vdso CFLAGS
	ovl: Fix nested backing file paths
	regulator: max14577: Add error check for max14577_read_reg()
	remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach()
	remoteproc: core: Release rproc->clean_table after rproc_attach() fails
	remoteproc: k3-m4: Don't assert reset in detach routine
	cifs: reset connections for all channels when reconnect requested
	cifs: update dstaddr whenever channel iface is updated
	cifs: dns resolution is needed only for primary channel
	smb: client: add NULL check in automount_fullpath
	Drivers: hv: Allocate interrupt and monitor pages aligned to system page boundary
	uio_hv_generic: Use correct size for interrupt and monitor pages
	uio_hv_generic: Align ring size to system page
	PCI: cadence-ep: Correct PBA offset in .set_msix() callback
	PCI: dwc: ep: Correct PBA offset in .set_msix() callback
	PCI: Add ACS quirk for Loongson PCIe
	PCI: Fix lock symmetry in pci_slot_unlock()
	PCI: dw-rockchip: Remove PCIE_L0S_ENTRY check from rockchip_pcie_link_up()
	PCI: dw-rockchip: Fix PHY function call sequence in rockchip_pcie_phy_deinit()
	iio: accel: fxls8962af: Fix temperature scan element sign
	accel/ivpu: Improve buffer object logging
	accel/ivpu: Use firmware names from upstream repo
	accel/ivpu: Use dma_resv_lock() instead of a custom mutex
	accel/ivpu: Fix warning in ivpu_gem_bo_free()
	dummycon: Trigger redraw when switching consoles with deferred takeover
	mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
	iio: imu: inv_icm42600: Fix temperature calculation
	iio: adc: ad7944: mask high bits on direct read
	iio: adc: ti-ads1298: Kconfig: add kfifo dependency to fix module build
	iio: adc: ad7606_spi: fix reg write value mask
	ACPICA: fix acpi operand cache leak in dswstate.c
	ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9
	clocksource: Fix the CPUs' choice in the watchdog per CPU verification
	power: supply: collie: Fix wakeup source leaks on device unbind
	mmc: Add quirk to disable DDR50 tuning
	ACPICA: Avoid sequence overread in call to strncmp()
	ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change
	ASoC: intel/sdw_utils: Assign initial value in asoc_sdw_rt_amp_spk_rtd_init()
	ACPI: bus: Bail out if acpi_kobj registration fails
	ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case
	ACPICA: fix acpi parse and parseext cache leaks
	ACPICA: Apply pack(1) to union aml_resource
	ALSA: hda: cs35l41: Fix swapped l/r audio channels for Acer Helios laptops
	power: supply: bq27xxx: Retrieve again when busy
	pmdomain: core: Reset genpd->states to avoid freeing invalid data
	ACPICA: utilities: Fix overflow check in vsnprintf()
	platform-msi: Add msi_remove_device_irq_domain() in platform_device_msi_free_irqs_all()
	ASoC: tegra210_ahub: Add check to of_device_get_match_data()
	Make 'cc-option' work correctly for the -Wno-xyzzy pattern
	gpiolib: of: Add polarity quirk for s5m8767
	PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn()
	power: supply: max17040: adjust thermal channel scaling
	ACPI: battery: negate current when discharging
	net: macb: Check return value of dma_set_mask_and_coherent()
	net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices
	tipc: use kfree_sensitive() for aead cleanup
	f2fs: use vmalloc instead of kvmalloc in .init_{,de}compress_ctx
	bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem()
	Bluetooth: btusb: Add new VID/PID 13d3/3584 for MT7922
	i2c: designware: Invoke runtime suspend on quick slave re-registration
	wifi: mt76: mt7996: drop fragments with multicast or broadcast RA
	emulex/benet: correct command version selection in be_cmd_get_stats()
	Bluetooth: btusb: Add new VID/PID 13d3/3630 for MT7925
	wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R
	wifi: mt76: mt7921: add 160 MHz AP for mt7922 device
	wifi: mt76: mt7925: introduce thermal protection
	wifi: mac80211: validate SCAN_FLAG_AP in scan request during MLO
	sctp: Do not wake readers in __sctp_write_space()
	libbpf/btf: Fix string handling to support multi-split BTF
	cpufreq: scmi: Skip SCMI devices that aren't used by the CPUs
	i2c: tegra: check msg length in SMBUS block read
	i2c: npcm: Add clock toggle recovery
	clk: qcom: gcc-x1e80100: Set FORCE MEM CORE for UFS clocks
	net: dlink: add synchronization for stats update
	wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET
	wifi: ath12k: fix a possible dead lock caused by ab->base_lock
	wifi: ath11k: Fix QMI memory reuse logic
	iommu/amd: Allow matching ACPI HID devices without matching UIDs
	wifi: rtw89: leave idle mode when setting WEP encryption for AP mode
	tcp: always seek for minimal rtt in tcp_rcv_rtt_update()
	tcp: remove zero TCP TS samples for autotuning
	tcp: fix initial tp->rcvq_space.space value for passive TS enabled flows
	tcp: add receive queue awareness in tcp_rcv_space_adjust()
	x86/sgx: Prevent attempts to reclaim poisoned pages
	ipv4/route: Use this_cpu_inc() for stats on PREEMPT_RT
	net: page_pool: Don't recycle into cache on PREEMPT_RT
	xfrm: validate assignment of maximal possible SEQ number
	net: atlantic: generate software timestamp just before the doorbell
	pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name()
	pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction()
	bpf: Pass the same orig_call value to trampoline functions
	net: stmmac: generate software timestamp just before the doorbell
	pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction()
	libbpf: Check bpf_map_skeleton link for NULL
	pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get()
	net: mlx4: add SOF_TIMESTAMPING_TX_SOFTWARE flag when getting ts info
	net: vertexcom: mse102x: Return code for mse102x_rx_pkt_spi
	wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn()
	wifi: mac80211: do not offer a mesh path if forwarding is disabled
	clk: rockchip: rk3036: mark ddrphy as critical
	hid-asus: check ROG Ally MCU version and warn
	wifi: iwlwifi: mvm: fix beacon CCK flag
	f2fs: fix to bail out in get_new_segment()
	netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
	libbpf: Add identical pointer detection to btf_dedup_is_equiv()
	scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands
	scsi: smartpqi: Add new PCI IDs
	iommu/amd: Ensure GA log notifier callbacks finish running before module unload
	wifi: iwlwifi: pcie: make sure to lock rxq->read
	wifi: rtw89: 8922a: fix TX fail with wrong VCO setting
	wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled
	netdevsim: Mark NAPI ID on skb in nsim_rcv
	net/mlx5: HWS, Fix IP version decision
	bpf: Use proper type to calculate bpf_raw_tp_null_args.mask index
	wifi: mac80211: VLAN traffic in multicast path
	Revert "mac80211: Dynamically set CoDel parameters per station"
	wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0
	net: bridge: mcast: update multicast contex when vlan state is changed
	net: bridge: mcast: re-implement br_multicast_{enable, disable}_port functions
	vxlan: Do not treat dst cache initialization errors as fatal
	bnxt_en: Remove unused field "ref_count" in struct bnxt_ulp
	wifi: ath12k: using msdu end descriptor to check for rx multicast packets
	net: ethernet: ti: am65-cpsw: handle -EPROBE_DEFER
	software node: Correct a OOB check in software_node_get_reference_args()
	isofs: fix Y2038 and Y2156 issues in Rock Ridge TF entry
	pinctrl: mcp23s08: Reset all pins to input at probe
	wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping
	scsi: lpfc: Use memcpy() for BIOS version
	sock: Correct error checking condition for (assign|release)_proto_idx()
	i40e: fix MMIO write access to an invalid page in i40e_clear_hw
	ixgbe: Fix unreachable retry logic in combined and byte I2C write functions
	RDMA/hns: initialize db in update_srq_db()
	ice: fix check for existing switch rule
	usbnet: asix AX88772: leave the carrier control to phylink
	f2fs: fix to set atomic write status more clear
	bpf, sockmap: Fix data lost during EAGAIN retries
	net: ethernet: cortina: Use TOE/TSO on all TCP
	octeontx2-pf: Add error log forcn10k_map_unmap_rq_policer()
	wifi: ath11k: determine PM policy based on machine model
	wifi: ath12k: fix link valid field initialization in the monitor Rx
	wifi: ath12k: fix incorrect CE addresses
	wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz
	net/mlx5: HWS, Harden IP version definer checks
	fbcon: Make sure modelist not set on unregistered console
	watchdog: da9052_wdt: respect TWDMIN
	bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value
	ARM: OMAP2+: Fix l4ls clk domain handling in STANDBY
	tee: Prevent size calculation wraparound on 32-bit kernels
	Revert "bus: ti-sysc: Probe for l4_wkup and l4_cfg interconnect devices first"
	fs/xattr.c: fix simple_xattr_list()
	platform/x86/amd: pmc: Clear metrics table at start of cycle
	platform/x86/amd: pmf: Prevent amd_pmf_tee_deinit() from running twice
	platform/x86: dell_rbu: Fix list usage
	platform/x86: dell_rbu: Stop overwriting data buffer
	powerpc/vdso: Fix build of VDSO32 with pcrel
	powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery
	io_uring/kbuf: don't truncate end buffer for multiple buffer peeks
	io_uring: fix task leak issue in io_wq_create()
	drivers/rapidio/rio_cm.c: prevent possible heap overwrite
	platform/loongarch: laptop: Get brightness setting from EC on probe
	platform/loongarch: laptop: Unregister generic_sub_drivers on exit
	platform/loongarch: laptop: Add backlight power control support
	LoongArch: vDSO: Correctly use asm parameters in syscall wrappers
	LoongArch: Avoid using $r0/$r1 as "mask" for csrxchg
	LoongArch: Fix panic caused by NULL-PMD in huge_pte_offset()
	jffs2: check that raw node were preallocated before writing summary
	jffs2: check jffs2_prealloc_raw_node_refs() result in few other places
	cifs: deal with the channel loading lag while picking channels
	cifs: serialize other channels when query server interfaces is pending
	cifs: do not disable interface polling on failure
	smb: improve directory cache reuse for readdir operations
	scsi: storvsc: Increase the timeouts to storvsc_timeout
	scsi: s390: zfcp: Ensure synchronous unit_add
	nvme: always punt polled uring_cmd end_io work to task_work
	net_sched: sch_sfq: reject invalid perturb period
	net: clear the dst when changing skb protocol
	mm: close theoretical race where stale TLB entries could linger
	udmabuf: use sgtable-based scatterlist wrappers
	x86/virt/tdx: Avoid indirect calls to TDX assembly functions
	selftests/x86: Add a test to detect infinite SIGTRAP handler loop
	ksmbd: fix null pointer dereference in destroy_previous_session
	platform/x86: ideapad-laptop: use usleep_range() for EC polling
	selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len
	platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL
	sched_ext, sched/core: Don't call scx_group_set_weight() prematurely from sched_create_group()
	atm: Revert atm_account_tx() if copy_from_iter_full() fails.
	wifi: rtw89: phy: add dummy C2H event handler for report of TAS power
	cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update
	Input: sparcspkr - avoid unannotated fall-through
	wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path
	wifi: cfg80211: init wiphy_work before allocating rfkill fails
	arm64: Restrict pagetable teardown to avoid false warning
	ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card
	ALSA: hda/intel: Add Thinkpad E15 to PM deny list
	ALSA: hda/realtek - Add mute LED support for HP Victus 16-s1xxx and HP Victus 15-fa1xxx
	ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged
	ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA
	ALSA: hda/realtek: Add quirk for Asus GU605C
	iio: accel: fxls8962af: Fix temperature calculation
	mm/hugetlb: unshare page tables during VMA split, not before
	drm/amdgpu: read back register after written for VCN v4.0.5
	kbuild: rust: add rustc-min-version support function
	rust: compile libcore with edition 2024 for 1.87+
	net: Fix checksum update for ILA adj-transport
	bpf: Fix L4 csum update on IPv6 in CHECKSUM_COMPLETE
	erofs: remove unused trace event erofs_destroy_inode
	nfsd: use threads array as-is in netlink interface
	sunrpc: handle SVC_GARBAGE during svc auth processing as auth error
	drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()`
	Kunit to check the longest symbol length
	x86/tools: Drop duplicate unlikely() definition in insn_decoder_test.c
	ipv6: remove leftover ip6 cookie initializer
	ipv6: replace ipcm6_init calls with ipcm6_init_sk
	smb: fix secondary channel creation issue with kerberos by populating hostname when adding channels
	drm/msm/disp: Correct porch timing for SDM845
	drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate
	drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names
	drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE
	drm/ssd130x: fix ssd132x_clear_screen() columns
	ionic: Prevent driver/fw getting out of sync on devcmd(s)
	drm/nouveau/bl: increase buffer size to avoid truncate warning
	drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled
	hwmon: (occ) Rework attribute registration for stack usage
	hwmon: (occ) fix unaligned accesses
	hwmon: (ltc4282) avoid repeated register write
	pldmfw: Select CRC32 when PLDMFW is selected
	aoe: clean device rq_list in aoedev_downdev()
	io_uring/sqpoll: don't put task_struct on tctx setup failure
	net: ice: Perform accurate aRFS flow match
	ice: fix eswitch code memory leak in reset scenario
	e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13
	workqueue: Initialize wq_isolated_cpumask in workqueue_init_early()
	ksmbd: add free_transport ops in ksmbd connection
	net: netmem: fix skb_ensure_writable with unreadable skbs
	bnxt_en: Fix double invocation of bnxt_ulp_stop()/bnxt_ulp_start()
	eth: bnxt: fix out-of-range access of vnic_info array
	bnxt_en: Add a helper function to configure MRU and RSS
	bnxt_en: Update MRU and RSS table of RSS contexts on queue reset
	ptp: fix breakage after ptp_vclock_in_use() rework
	ptp: allow reading of currently dialed frequency to succeed on free-running clocks
	wifi: carl9170: do not ping device which has failed to load firmware
	mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().
	atm: atmtcp: Free invalid length skb in atmtcp_c_send().
	tcp: fix tcp_packet_delayed() for tcp_is_non_sack_preventing_reopen() behavior
	tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer
	tcp: fix passive TFO socket having invalid NAPI ID
	eth: fbnic: avoid double free when failing to DMA-map FW msg
	net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get()
	ublk: santizize the arguments from userspace when adding a device
	drm/xe: Wire up device shutdown handler
	drm/xe/gt: Update handling of xe_force_wake_get return
	drm/xe/bmg: Update Wa_16023588340
	calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().
	mlxbf_gige: return EPROBE_DEFER if PHY IRQ is not available
	net: atm: add lec_mutex
	net: atm: fix /proc/net/atm/lec handling
	EDAC/amd64: Correct number of UMCs for family 19h models 70h-7fh
	dt-bindings: i2c: nvidia,tegra20-i2c: Specify the required properties
	smb: Log an error when close_all_cached_dirs fails
	serial: sh-sci: Clean sci_ports[0] after at earlycon exit
	serial: sh-sci: Increment the runtime usage counter for the earlycon device
	smb: client: fix first command failure during re-negotiation
	smb: client: fix max_sge overflow in smb_extract_folioq_to_rdma()
	s390/pci: Fix __pcilg_mio_inuser() inline assembly
	perf: Fix sample vs do_exit()
	perf: Fix cgroup state vs ERROR
	perf/core: Fix WARN in perf_cgroup_switch()
	arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()
	scsi: elx: efct: Fix memory leak in efct_hw_parse_filter()
	RISC-V: KVM: Fix the size parameter check in SBI SFENCE calls
	RISC-V: KVM: Don't treat SBI HFENCE calls as NOPs
	gpio: pca953x: fix wrong error probe return value
	perf evsel: Missed close() when probing hybrid core PMUs
	perf test: Directory file descriptor leak
	gpio: mlxbf3: only get IRQ for device instance 0
	cifs: Remove duplicate fattr->cf_dtype assignment from wsl_to_fattr() function
	bpftool: Fix cgroup command to only show cgroup bpf programs
	Linux 6.12.35

Change-Id: Ida57d269272a624bedb979bfad0b3c5e7df7e846
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
2025-07-10 16:01:38 +00:00
Liju-clr Chen c302079179 ANDROID: vendor_hooks: Add vendor hook for GenieZone demand paging
Add Android kernel vendor hooks before and after VM demand paging to
enable calls to vendor modules for memory protection. This enhancement
ensures that memory protection mechanisms are properly invoked during
the demand paging process, improving the overall security and
stability of the system.

This feature is particularly important for systems that rely on
multiple IOMMU components to manage memory protection, ensuring that
all necessary preparation are properly applied during the demand
paging process.

Bug: 430175928
Signed-off-by: Willix Yeh <chi-shen.yeh@mediatek.com>
Signed-off-by: Liju Chen <liju-clr.chen@mediatek.com>
Change-Id: Iff019cc82d4bda852a7b72405ebe6026c893b26d
2025-07-09 19:13:52 -07:00
Yi-De Wu 5c1cddc983 ANDROID: vendor_hooks: Add vendor hook for GenieZone para-virtualization
Add interface for MTK GenieZone hypervisor not-yet upstreamed
para-virtualization.

Bug: 430175928
Signed-off-by: Yi-De Wu <yi-de.wu@mediatek.com>
Signed-off-by: Liju Chen <liju-clr.chen@mediatek.com>
Change-Id: I5341f7aa2d77fa27966689f5b3e1919461f056c1
2025-07-09 19:13:52 -07:00
Mukesh Pilaniya 0f917e4066 ANDROID: virt: gunyah: Replace arm_smccc_1_1_smc with arm_smccc_1_1_invoke
Replace arm_smccc_1_1_smc with arm_smccc_1_1_invoke because
arm_smccc_1_1_invoke() determines the conduit (hvc/smc/none) before
making an SMC, which may not be supported on some virtual platforms.

Bug: 428106948
Change-Id: Ib21c7790b03996e73caa0874dc826d78e7b1c3d8
Signed-off-by: Mukesh Pilaniya <quic_mpilaniy@quicinc.com>
2025-07-01 04:58:38 -07:00
Mukesh Pilaniya 68f4f0b069 ANDROID: virt: gunyah: Fix ADDRSPACE_VMMIO_CONFIGURE hypercall handling
The ADDRSPACE_VMMIO_CONFIGURE hypercall might be implemented but does
not allow the guest to nominate VMMIO regions. The current
implementation bails out only if the hypercall is not implemented.
If the firmware implements the hypercall but returns an insufficient
permission error, it could cause ioremap() to fail on the guest.
Fix this by checking against GUNYAH_ERROR_CSPACE_INSUF_RIGHTS error
code.

Bug: 427643547
Change-Id: I79faf8db580dca12a46d29f870b73a2af5e4cde6
Signed-off-by: Mukesh Pilaniya <quic_mpilaniy@quicinc.com>
2025-06-27 12:33:27 -07:00
Dan Williams 015f04ac88 configfs-tsm-report: Fix NULL dereference of tsm_ops
commit fba4ceaa242d2bdf4c04b77bda41d32d02d3925d upstream.

Unlike sysfs, the lifetime of configfs objects is controlled by
userspace. There is no mechanism for the kernel to find and delete all
created config-items. Instead, the configfs-tsm-report mechanism has an
expectation that tsm_unregister() can happen at any time and cause
established config-item access to start failing.

That expectation is not fully satisfied. While tsm_report_read(),
tsm_report_{is,is_bin}_visible(), and tsm_report_make_item() safely fail
if tsm_ops have been unregistered, tsm_report_privlevel_store()
tsm_report_provider_show() fail to check for ops registration. Add the
missing checks for tsm_ops having been removed.

Now, in supporting the ability for tsm_unregister() to always succeed,
it leaves the problem of what to do with lingering config-items. The
expectation is that the admin that arranges for the ->remove() (unbind)
of the ${tsm_arch}-guest driver is also responsible for deletion of all
open config-items. Until that deletion happens, ->probe() (reload /
bind) of the ${tsm_arch}-guest driver fails.

This allows for emergency shutdown / revocation of attestation
interfaces, and requires coordinated restart.

Fixes: 70e6f7e2b9 ("configfs-tsm: Introduce a shared ABI for attestation reports")
Cc: stable@vger.kernel.org
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: Steven Price <steven.price@arm.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Borislav Petkov (AMD) <bp@alien8.de>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Reported-by: Cedric Xing <cedric.xing@intel.com>
Reviewed-by: Kai Huang <kai.huang@intel.com>
Link: https://patch.msgid.link/20250430203331.1177062-1-dan.j.williams@intel.com
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2025-06-27 11:11:22 +01:00
Prakruthi Deepak Heragu 52cc64794a ANDROID: virt: gunyah: Add a gunyah hcall for ioremap
Add a gunyah hook for ioremap to let the hypervisor know what
iomem regions are being used by the guest.

Bug: 424772814
Change-Id: I46b25f704fcd2c35d16558718e36eef560f56bb9
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-06-13 12:08:48 -07:00
Peng Yang 22cf53077b ANDROID: gunyah: GKI: Fix the wrong return value in gunyah driver
When function gunyah_qtvm_attach call successfully,
it should return value 0 and not -EINVAL.

Bug: 421780599
Change-Id: I549f38a6e7e0d0fd814e475f157d63332031cc94
Signed-off-by: Peng Yang <quic_penyan@quicinc.com>
2025-06-02 01:35:43 -07:00
Peng Yang 85856ec8b2 ANDROID: gunyah: Fix potential use-after-free in gunyah_rm_notifier_register
If call gunyah_vm_pre_vm_configure or gunyah_share_parcel fail
in gunyah_vm_start, and will kfree struct ghvm in _gunyah_vm_put.
But this doesn't remove the ghvm->nb in rm notifier chain before
free ghvm. If call gunyah_rm_notifier_register, will traversing
rm notifier chain and access the memory of ghvm->nb which has
been freed. So call gunyah_rm_notifier_unregister when do error
handle to fix this issue.

Bug: 417898849
Change-Id: Ica8e5f019b42c6cf8b9b50aba04db3050dd3b5aa
Signed-off-by: Peng Yang <quic_penyan@quicinc.com>
2025-05-15 07:42:29 -07:00
Prakruthi Deepak Heragu 8ffa03307c ANDROID: gunyah: Handle platform specific return value of vcpu_run
PSCI_SYSTEM_RESET is a valid return value of the vcpu_run
hypercall. As kernel doesn't have any special handling of this
case, treat it as a generic SYSTEM_OFF and let the VMM take the
appropriate action as the vcpu_run structure will have the
necessary details for this exit.

Bug: 409998900
Change-Id: I0275e887f869964cb2a27e74f2f55b8ec3febf3c
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-04-30 13:43:32 +00:00
Cong Zhang 855c35c72d ANDROID: gunyah: Add trace_hooks in gunyah_vcpu and vm_mgr driver
Provide vendor hooks for VM and VCPU ioctl release for vendor usage.

Bug: 413283378
Change-Id: I6320313687a20b7f619d27d5f0723225da302672
Signed-off-by: Cong Zhang <quic_congzhan@quicinc.com>
2025-04-25 14:11:45 -07:00
Cong Zhang fed767b09e ANDROID: gunyah: Move gunyah_vcpu define to header file
Move gunyah_vcpu define to header file so that other modules can access
this struct.

Bug: 413283378
Change-Id: I6401143d18216895668739bd5bea931f2d86e84e
Signed-off-by: Cong Zhang <quic_congzhan@quicinc.com>
2025-04-25 14:11:45 -07:00
Greg Kroah-Hartman b3fb80bdc6 Merge 6.12.19 into android16-6.12
GKI (arm64) relevant 48 out of 271 changes, affecting 92 files +576/-223
  5b414ed3bb Revert "of: reserved-memory: Fix using wrong number of cells to get property 'alignment'" [1 file, +2/-2]
  48a934fc47 Revert "mm/page_alloc.c: don't show protection in zone's ->lowmem_reserve[] for empty zone" [1 file, +1/-2]
  88310caff6 Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() [1 file, +2/-0]
  7841180342 Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() [1 file, +3/-0]
  2d448dbd47 userfaultfd: do not block on locking a large folio with raised refcount [1 file, +16/-1]
  f57e89c1cb block: fix conversion of GPT partition name to 7-bit [1 file, +1/-1]
  9426f38372 mm/page_alloc: fix uninitialized variable [1 file, +1/-0]
  79636d2981 mm: abort vma_modify() on merge out of memory failure [1 file, +8/-4]
  605f53f13b mm: don't skip arch_sync_kernel_mappings() in error paths [2 files, +6/-4]
  9ed33c7bac mm: fix finish_fault() handling for large folios [1 file, +10/-5]
  576a2f4c43 hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio [1 file, +4/-1]
  2e66d69941 mm: memory-hotplug: check folio ref count first in do_migrate_range [1 file, +7/-13]
  3c63fb6ef7 nvme-pci: use sgls for all user requests if possible [2 files, +13/-4]
  9dedafd86e nvme-ioctl: fix leaked requests on mapping error [1 file, +8/-4]
  084819b0d8 net: gso: fix ownership in __udp_gso_segment [1 file, +6/-2]
  1688acf477 perf/core: Fix pmus_lock vs. pmus_srcu ordering [1 file, +2/-2]
  a899adf706 HID: hid-steam: Fix use-after-free when detaching device [1 file, +1/-1]
  8aa8a40c76 ppp: Fix KMSAN uninit-value warning with bpf [1 file, +19/-9]
  b71cd95764 ethtool: linkstate: migrate linkstate functions to support multi-PHY setups [1 file, +15/-8]
  9c1d09cdbc net: ethtool: plumb PHY stats to PHY drivers [7 files, +167/-2]
  639c703529 net: ethtool: netlink: Allow NULL nlattrs when getting a phy_device [9 files, +19/-18]
  30e8aee778 vlan: enforce underlying device type [1 file, +2/-1]
  5d609f0d2f exfat: fix just enough dentries but allocate a new cluster to dir [1 file, +1/-1]
  c897b8ec46 exfat: fix soft lockup in exfat_clear_bitmap [3 files, +16/-7]
  611015122d exfat: short-circuit zero-byte writes in exfat_file_write_iter [1 file, +1/-1]
  2b484789e9 net-timestamp: support TCP GSO case for a few missing flags [1 file, +7/-4]
  b08e290324 ublk: set_params: properly check if parameters can be applied [1 file, +5/-2]
  b5741e4b9e sched/fair: Fix potential memory corruption in child_cfs_rq_on_list [1 file, +4/-2]
  39c2b2767e xhci: Restrict USB4 tunnel detection for USB3 devices to Intel hosts [1 file, +8/-0]
  4ea3319f3e usb: hub: lack of clearing xHC resources [1 file, +33/-0]
  0cab185c73 usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader [1 file, +4/-0]
  079a3e52f3 usb: typec: ucsi: Fix NULL pointer access [1 file, +7/-6]
  840afbea3f usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails [1 file, +2/-2]
  ced69d88eb usb: dwc3: Set SUSPENDENABLE soon after phy init [3 files, +45/-30]
  35db1f1829 usb: dwc3: gadget: Prevent irq storm when TH re-executes [2 files, +13/-13]
  b387312527 usb: typec: ucsi: increase timeout for PPM reset operations [1 file, +1/-1]
  4bf6c57a89 usb: gadget: Set self-powered based on MaxPower and bmAttributes [1 file, +11/-5]
  dcd7ffdefb usb: gadget: Fix setting self-powered state on suspend [1 file, +2/-1]
  395011ee82 usb: gadget: Check bmAttributes only if configuration is valid [1 file, +1/-1]
  012b98cdb5 acpi: typec: ucsi: Introduce a ->poll_cci method [7 files, +25/-12]
  d7015bb3c5 xhci: pci: Fix indentation in the PCI device ID definitions [1 file, +4/-4]
  ea39f99864 usb: xhci: Enable the TRB overfetch quirk on VIA VL805 [3 files, +10/-5]
  4e8df56636 char: misc: deallocate static minor in error path [1 file, +1/-1]
  b50e18791f drivers: core: fix device leak in __fw_devlink_relax_cycles() [1 file, +1/-0]
  a684bad77e mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() [16 files, +46/-28]
  6ad9643aa5 fs/netfs/read_pgpriv2: skip folio queues without `marks3` [1 file, +3/-2]
  5bc6e5b10f fs/netfs/read_collect: fix crash due to uninitialized `prev` variable [1 file, +11/-10]
  86b7ebddab uprobes: Fix race in uprobe_free_utask [1 file, +1/-1]

Changes in 6.12.19
        x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()
        rust: block: fix formatting in GenDisk doc
        drm/i915/dsi: convert to struct intel_display
        drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro
        gpio: vf610: use generic device_get_match_data()
        gpio: vf610: add locking to gpio direction functions
        cifs: Remove symlink member from cifs_open_info_data union
        smb311: failure to open files of length 1040 when mounting with SMB3.1.1 POSIX extensions
        btrfs: fix data overwriting bug during buffered write when block size < page size
        x86/microcode/AMD: Add some forgotten models to the SHA check
        loongarch: Use ASM_REACHABLE
        rust: workqueue: remove unneeded ``#[allow(clippy::new_ret_no_self)]`
        rust: sort global Rust flags
        rust: types: avoid repetition in `{As,From}Bytes` impls
        rust: enable `clippy::undocumented_unsafe_blocks` lint
        rust: enable `clippy::unnecessary_safety_comment` lint
        rust: enable `clippy::unnecessary_safety_doc` lint
        rust: enable `clippy::ignored_unit_patterns` lint
        rust: enable `rustdoc::unescaped_backticks` lint
        rust: init: remove unneeded `#[allow(clippy::disallowed_names)]`
        rust: sync: remove unneeded `#[allow(clippy::non_send_fields_in_send_ty)]`
        rust: introduce `.clippy.toml`
        rust: replace `clippy::dbg_macro` with `disallowed_macros`
        rust: provide proper code documentation titles
        rust: enable Clippy's `check-private-items`
        Documentation: rust: add coding guidelines on lints
        rust: start using the `#[expect(...)]` attribute
        Documentation: rust: discuss `#[expect(...)]` in the guidelines
        rust: error: make conversion functions public
        rust: error: optimize error type to use nonzero
        rust: alloc: add `Allocator` trait
        rust: alloc: separate `aligned_size` from `krealloc_aligned`
        rust: alloc: rename `KernelAllocator` to `Kmalloc`
        rust: alloc: implement `ReallocFunc`
        rust: alloc: make `allocator` module public
        rust: alloc: implement `Allocator` for `Kmalloc`
        rust: alloc: add module `allocator_test`
        rust: alloc: implement `Vmalloc` allocator
        rust: alloc: implement `KVmalloc` allocator
        rust: alloc: add __GFP_NOWARN to `Flags`
        rust: alloc: implement kernel `Box`
        rust: treewide: switch to our kernel `Box` type
        rust: alloc: remove extension of std's `Box`
        rust: alloc: add `Box` to prelude
        rust: alloc: introduce `ArrayLayout`
        rust: alloc: implement kernel `Vec` type
        rust: alloc: implement `IntoIterator` for `Vec`
        rust: alloc: implement `collect` for `IntoIter`
        rust: treewide: switch to the kernel `Vec` type
        rust: alloc: remove `VecExt` extension
        rust: alloc: add `Vec` to prelude
        rust: error: use `core::alloc::LayoutError`
        rust: error: check for config `test` in `Error::name`
        rust: alloc: implement `contains` for `Flags`
        rust: alloc: implement `Cmalloc` in module allocator_test
        rust: str: test: replace `alloc::format`
        rust: alloc: update module comment of alloc.rs
        kbuild: rust: remove the `alloc` crate and `GlobalAlloc`
        MAINTAINERS: add entry for the Rust `alloc` module
        drm/panic: avoid reimplementing Iterator::find
        drm/panic: remove unnecessary borrow in alignment_pattern
        drm/panic: prefer eliding lifetimes
        drm/panic: remove redundant field when assigning value
        drm/panic: correctly indent continuation of line in list item
        drm/panic: allow verbose boolean for clarity
        drm/panic: allow verbose version check
        rust: kbuild: expand rusttest target for macros
        rust: fix size_t in bindgen prototypes of C builtins
        rust: map `__kernel_size_t` and friends also to usize/isize
        rust: use custom FFI integer types
        rust: alloc: Fix `ArrayLayout` allocations
        Revert "of: reserved-memory: Fix using wrong number of cells to get property 'alignment'"
        tracing: tprobe-events: Fix a memory leak when tprobe with $retval
        tracing: tprobe-events: Reject invalid tracepoint name
        stmmac: loongson: Pass correct arg to PCI function
        LoongArch: Convert unreachable() to BUG()
        LoongArch: Use polling play_dead() when resuming from hibernation
        LoongArch: Set max_pfn with the PFN of the last page
        LoongArch: KVM: Add interrupt checking for AVEC
        LoongArch: KVM: Reload guest CSR registers after sleep
        LoongArch: KVM: Fix GPA size issue about VM
        HID: appleir: Fix potential NULL dereference at raw event handle
        ksmbd: fix type confusion via race condition when using ipc_msg_send_request
        ksmbd: fix out-of-bounds in parse_sec_desc()
        ksmbd: fix use-after-free in smb2_lock
        ksmbd: fix bug on trap in smb2_lock
        gpio: rcar: Use raw_spinlock to protect register access
        gpio: aggregator: protect driver attr handlers against module unload
        ALSA: seq: Avoid module auto-load handling at event delivery
        ALSA: hda: intel: Add Dell ALC3271 to power_save denylist
        ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform
        ALSA: hda/realtek: update ALC222 depop optimize
        btrfs: fix a leaked chunk map issue in read_one_chunk()
        hwmon: (peci/dimmtemp) Do not provide fake thresholds data
        drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params
        drm/amdkfd: Fix NULL Pointer Dereference in KFD queue
        drm/amd/pm: always allow ih interrupt from fw
        drm/imagination: avoid deadlock on fence release
        drm/imagination: Hold drm_gem_gpuva lock for unmap
        drm/imagination: only init job done fences once
        drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M
        Revert "mm/page_alloc.c: don't show protection in zone's ->lowmem_reserve[] for empty zone"
        Revert "selftests/mm: remove local __NR_* definitions"
        platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e
        x86/boot: Sanitize boot params before parsing command line
        x86/cacheinfo: Validate CPUID leaf 0x2 EDX output
        x86/cpu: Validate CPUID leaf 0x2 EDX output
        x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63
        drm/xe: Add staging tree for VM binds
        drm/xe/hmm: Style- and include fixes
        drm/xe/hmm: Don't dereference struct page pointers without notifier lock
        drm/xe/vm: Fix a misplaced #endif
        drm/xe/vm: Validate userptr during gpu vma prefetching
        mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr
        drm/xe: Fix GT "for each engine" workarounds
        drm/xe: Fix fault mode invalidation with unbind
        drm/xe/userptr: properly setup pfn_flags_mask
        drm/xe/userptr: Unmap userptrs in the mmu notifier
        Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()
        Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()
        wifi: cfg80211: regulatory: improve invalid hints checking
        wifi: nl80211: reject cooked mode if it is set along with other flags
        selftests/damon/damos_quota_goal: handle minimum quota that cannot be further reduced
        selftests/damon/damos_quota: make real expectation of quota exceeds
        selftests/damon/damon_nr_regions: set ops update for merge results check to 100ms
        selftests/damon/damon_nr_regions: sort collected regiosn before checking with min/max boundaries
        rapidio: add check for rio_add_net() in rio_scan_alloc_net()
        rapidio: fix an API misues when rio_add_net() fails
        dma: kmsan: export kmsan_handle_dma() for modules
        s390/traps: Fix test_monitor_call() inline assembly
        NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback
        userfaultfd: do not block on locking a large folio with raised refcount
        block: fix conversion of GPT partition name to 7-bit
        mm/page_alloc: fix uninitialized variable
        mm: abort vma_modify() on merge out of memory failure
        mm: memory-failure: update ttu flag inside unmap_poisoned_folio
        mm: don't skip arch_sync_kernel_mappings() in error paths
        mm: fix finish_fault() handling for large folios
        hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio
        mm: memory-hotplug: check folio ref count first in do_migrate_range
        wifi: iwlwifi: mvm: clean up ROC on failure
        wifi: iwlwifi: mvm: don't try to talk to a dead firmware
        wifi: iwlwifi: limit printed string from FW file
        wifi: iwlwifi: Free pages allocated when failing to build A-MSDU
        wifi: iwlwifi: Fix A-MSDU TSO preparation
        HID: google: fix unused variable warning under !CONFIG_ACPI
        HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove()
        HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()
        coredump: Only sort VMAs when core_sort_vma sysctl is set
        nvme-pci: add support for sgl metadata
        nvme-pci: use sgls for all user requests if possible
        nvme-ioctl: fix leaked requests on mapping error
        wifi: mac80211: Support parsing EPCS ML element
        wifi: mac80211: fix MLE non-inheritance parsing
        wifi: mac80211: fix vendor-specific inheritance
        drm/fbdev-helper: Move color-mode lookup into 4CC format helper
        drm/fbdev: Add memory-agnostic fbdev client
        drm: Add client-agnostic setup helper
        drm/fbdev-ttm: Support struct drm_driver.fbdev_probe
        drm/nouveau: Run DRM default client setup
        drm/nouveau: select FW caching
        bluetooth: btusb: Initialize .owner field of force_poll_sync_fops
        nvme-tcp: add basic support for the C2HTermReq PDU
        nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
        nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch
        ALSA: hda/realtek: Remove (revert) duplicate Ally X config
        net: gso: fix ownership in __udp_gso_segment
        caif_virtio: fix wrong pointer check in cfv_probe()
        perf/core: Fix pmus_lock vs. pmus_srcu ordering
        hwmon: (pmbus) Initialise page count in pmbus_identify()
        hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table
        hwmon: (ad7314) Validate leading zero bits and return error
        tracing: probe-events: Remove unused MAX_ARG_BUF_LEN macro
        drm/imagination: Fix timestamps in firmware traces
        ALSA: usx2y: validate nrpacks module parameter on probe
        llc: do not use skb_get() before dev_queue_xmit()
        hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe()
        drm/sched: Fix preprocessor guard
        be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink
        net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error
        drm/i915/color: Extract intel_color_modeset()
        drm/i915: Plumb 'dsb' all way to the plane hooks
        drm/xe: Remove double pageflip
        HID: hid-steam: Fix use-after-free when detaching device
        net: ipa: Fix v4.7 resource group names
        net: ipa: Fix QSB data for v4.7
        net: ipa: Enable checksum for IPA_ENDPOINT_AP_MODEM_{RX,TX} for v4.7
        ppp: Fix KMSAN uninit-value warning with bpf
        ethtool: linkstate: migrate linkstate functions to support multi-PHY setups
        net: ethtool: plumb PHY stats to PHY drivers
        net: ethtool: netlink: Allow NULL nlattrs when getting a phy_device
        vlan: enforce underlying device type
        x86/sgx: Fix size overflows in sgx_encl_create()
        exfat: fix just enough dentries but allocate a new cluster to dir
        exfat: fix soft lockup in exfat_clear_bitmap
        exfat: short-circuit zero-byte writes in exfat_file_write_iter
        net-timestamp: support TCP GSO case for a few missing flags
        ublk: set_params: properly check if parameters can be applied
        sched/fair: Fix potential memory corruption in child_cfs_rq_on_list
        nvme-tcp: fix signedness bug in nvme_tcp_init_connection()
        net: dsa: mt7530: Fix traffic flooding for MMIO devices
        mctp i3c: handle NULL header address
        net: ipv6: fix dst ref loop in ila lwtunnel
        net: ipv6: fix missing dst ref drop in ila lwtunnel
        gpio: rcar: Fix missing of_node_put() call
        Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection"
        usb: renesas_usbhs: Call clk_put()
        xhci: Restrict USB4 tunnel detection for USB3 devices to Intel hosts
        usb: renesas_usbhs: Use devm_usb_get_phy()
        usb: hub: lack of clearing xHC resources
        usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader
        usb: typec: ucsi: Fix NULL pointer access
        usb: renesas_usbhs: Flush the notify_hotplug_work
        usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails
        usb: atm: cxacru: fix a flaw in existing endpoint checks
        usb: dwc3: Set SUSPENDENABLE soon after phy init
        usb: dwc3: gadget: Prevent irq storm when TH re-executes
        usb: typec: ucsi: increase timeout for PPM reset operations
        usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality
        usb: gadget: Set self-powered based on MaxPower and bmAttributes
        usb: gadget: Fix setting self-powered state on suspend
        usb: gadget: Check bmAttributes only if configuration is valid
        kbuild: userprogs: use correct lld when linking through clang
        acpi: typec: ucsi: Introduce a ->poll_cci method
        rust: finish using custom FFI integer types
        rust: map `long` to `isize` and `char` to `u8`
        xhci: pci: Fix indentation in the PCI device ID definitions
        usb: xhci: Enable the TRB overfetch quirk on VIA VL805
        KVM: SVM: Set RFLAGS.IF=1 in C code, to get VMRUN out of the STI shadow
        KVM: SVM: Save host DR masks on CPUs with DebugSwap
        KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value
        KVM: SVM: Suppress DEBUGCTL.BTF on AMD
        KVM: x86: Snapshot the host's DEBUGCTL in common x86
        KVM: SVM: Manually context switch DEBUGCTL if LBR virtualization is disabled
        KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs
        KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM
        cdx: Fix possible UAF error in driver_override_show()
        mei: me: add panther lake P DID
        mei: vsc: Use "wakeuphostint" when getting the host wakeup GPIO
        intel_th: pci: Add Arrow Lake support
        intel_th: pci: Add Panther Lake-H support
        intel_th: pci: Add Panther Lake-P/U support
        char: misc: deallocate static minor in error path
        drivers: core: fix device leak in __fw_devlink_relax_cycles()
        slimbus: messaging: Free transaction ID in delayed interrupt scenario
        bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock
        eeprom: digsy_mtc: Make GPIO lookup table match the device
        drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl
        iio: filter: admv8818: Force initialization of SDO
        iio: light: apds9306: fix max_scale_nano values
        iio: dac: ad3552r: clear reset status flag
        iio: adc: ad7192: fix channel select
        iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value
        mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear()
        arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes
        fs/netfs/read_pgpriv2: skip folio queues without `marks3`
        fs/netfs/read_collect: fix crash due to uninitialized `prev` variable
        kbuild: hdrcheck: fix cross build with clang
        ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage
        nvme-tcp: Fix a C2HTermReq error message
        docs: rust: remove spurious item in `expect` list
        Revert "KVM: e500: always restore irqs"
        Revert "KVM: PPC: e500: Use __kvm_faultin_pfn() to handle page faults"
        Revert "KVM: PPC: e500: Mark "struct page" pfn accessed before dropping mmu_lock"
        Revert "KVM: PPC: e500: Mark "struct page" dirty in kvmppc_e500_shadow_map()"
        KVM: e500: always restore irqs
        uprobes: Fix race in uprobe_free_utask
        selftests/bpf: Clean up open-coded gettid syscall invocations
        x86/mm: Don't disable PCID when INVLPG has been fixed by microcode
        wifi: iwlwifi: pcie: Fix TSO preparation
        Linux 6.12.19

Change-Id: Ia0c2b2c6a95b53a66e21505ed6ba756c6b0a2388
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
2025-04-17 03:02:04 -07:00
Prakruthi Deepak Heragu 138c9f1dec ANDROID: gunyah: qtvm: Check if VMM has provided the device-tree
Operate on the device-tree config only if a device-tree has been
provided by the VMM. The offsets won't make sense to RM otherwise.

Bug: 410870784
Change-Id: Ia2ccd3ebe8cce5400a5ff0f023f3262a340fab08
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-04-16 05:49:46 -07:00
Prakruthi Deepak Heragu b582c89569 ANDROID: gunyah: qtvm: Add status notifier chain for QTVMs
QTVMs' Gunyah resources are handled partially by the VMM. The remaining
resources are handled by the kernel clients. By providing this notifier,
we allow the client drivers to add their operations for setting up the
resources they own.

Bug: 399219478
Change-Id: I2a5377358aa669dcebd6307ba5bc78ac117886f0
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Prakruthi Deepak Heragu ca44b02c02 ANDROID: gunyah: qtvm: Support for Qualcomm Trusted Virtual Machines
Qualcomm Trusted Virtual Machine (QTVM) are VMs that are authenticated by
Qualcomm firmware before the VM starts. The firmware also defines the
VM's image layout. Additionally, each QTVM comes with a reserved VM ID.
Introduce an IOCTL to allow VMMs to configure a QTVM and this driver will
handle the setup for QTVMs.

Bug: 399219478
Change-Id: Ia3fe74a46c0e53134b9b4b10fa59bcaa8f376c87
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Prakruthi Deepak Heragu b41a7537a4 ANDROID: gunyah: vcpu_mgr: Add trace_hooks in the gunyah_vcpu driver
As QTVMs use Gunyah emulated watchdog instead of vcpu_stall detector,
provide trace_hooks to manage the watchdog of the QTVM.

Bug: 399219478
Change-Id: I6ec8a0236835dcc20c66681a747eae09c0c1a32d
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Prakruthi Deepak Heragu 8f5870302b ANDROID: gunyah: Add an RM API to authenticate a VM
RM supports authentication of VMs with the assistance of the firmware.
Add an API for auth_mgr to use if the VM it manages uses the firmare for
authentication.

Bug: 399219478
Change-Id: Ib550c642146586434d8328bb53de08690e2527ad
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Prakruthi Deepak Heragu e8c909db03 ANDROID: gunyah: auth_mgr: Introduce auth_mgr within vm_mgr
Add an IOCTL to choose the authentication mechanism for a Virtual Machine.
vm_mgr can setup differently authenticated VMs based on the ops setup by
the auth_mgr chosen by the VMM.

Bug: 399219478
Change-Id: Ibb6bb30e3f422e606500c04714cda27b2276baf6
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Prakruthi Deepak Heragu ef92f3ef0c ANDROID: gunyah: vm_mgr: Add uevents for VM state change
Introduce CREATE_VM and DESTROY_VM notifications for the VMM.

Bug: 399219478
Change-Id: I584ea0c6d088cc93b1b42f19dc36ed177bcdb05a
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Prakruthi Deepak Heragu 67d7d75278 ANDROID: gunyah: vm_mgr: Use auth_mgr_ops for a generic VM setup
Gunyah supports Virtual Machines (VMs) with various authentication
mechanisms. Since different authentication mechanisms require distinct
operations to be performed to set up a VM, it is necessary to add ops
that can support these mechanisms.

Bug: 399219478
Change-Id: Ia0a6d9b71edfc59a059ddd94919a9f5b7f137855
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Prakruthi Deepak Heragu 8e3a62bf00 ANDROID: gunyah: Add CMA bindings support
Allow VMMs to add a binding backed by CMA. Extend the generic Gunyah
mem APIs to handle bindings backed by CMA.

Bug: 399219478
Change-Id: I1f71641420c8c30f4dfad021d92f70ef6ffdfb29
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Prakruthi Deepak Heragu 1aec1ec259 ANDROID: gunyah: vm_mgr: Bindings can now be CMA backed or GUP backed
Make the bindings generic so that the APIs can now handle the binding's
memory backed either by CMA memory or GUP.

Bug: 399219478
Change-Id: I889fe1fbe5664c7c40938db78f350d62bfe33431
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Prakruthi Deepak Heragu 9df09aac90 ANDROID: gunyah: vm_mgr: Coalesce folios being shared with the VM
To reduce the number of mem entries to be tracked by the firmware, try
and coalesce the folios when they are adjacent.

Bug: 399219478
Change-Id: Iff8ab581264b0041587953b025fbbf2f90085b6c
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Prakruthi Deepak Heragu f9d64cf7d6 ANDROID: gunyah: cma_mem: Add gunyah CMA mem driver
This is a CMA allocator for VMs which need their memory to be backed by
contiguous memory. The driver creates /dev/<qtvm_name_cma> to represent
the qtvm's DMA pool. Once opened, VMM can make an IOCTL CREATE_CMA_MEM to
obtain an fd to the file created which represents the VM's memory backed
by the specific DMA pool.

Bug: 399219478
Change-Id: I63f092ed15ef209a8723de8c2b51df19115d1ecb
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Elliot Berman 216adf28ee ANDROID: virt: gunyah: Allow host to reclaim memory provided to the guest
Introduce an ioctl, GH_VM_RECLAIM_REGION which attempts to reclaim guest
memory. If the guest hasn't relinquished the memory, an error is
returned.

Bug: 395833312
Change-Id: I005c947435f0256f6200c0d7d86eea145e1daa0a
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-03-20 23:38:59 -07:00
Elliot Berman 29fc73bbf2 ANDROID: virt: gunyah-guest: Add gunyah-guest
Add a Gunyah protected guest driver. A Gunyah protected guest needs to
be hypervisor-aware to relinquish pages to the host/owner for
virtio-balloon. In the Android Virtualization Framework model, the
host/owner VM, not the hypervisor, owns the virtio devices. The
hypervisor is unaware about the virtio device and thus the guest needs
to inform the hypervisor that the host can access guest-private memory.

Bug: 395833312
Change-Id: I082dff22d12453005728d229b87ef11a8dce9c6b
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
Signed-off-by: Prakruthi Deepak Heragu <quic_pheragu@quicinc.com>
2025-03-20 23:38:59 -07:00
Elliot Berman b78d94afb6 ANDROID: virt: gunyah: Add RM info struct as alternative to devicetree
Gunyah (the hypervisor) currently requires a guest to use devicetree to
provide capability IDs and interrupts to communincation with the
resource manager. A new mechanism, address space info area, is
introduced to discover the same information without using devicetree.

Now that we have no devicetree, we don't have a platform device, so the
RM "driver" is converted to a pure kernel module.

Backwards compatability with older Gunyah without the address space info
area is maintained by probing the devicetree directly without using the
platform device.

Bug: 395833312
Change-Id: I6ebfa23dc7ff2fa734327ee3d02002536be3e4ae
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-03-20 23:38:59 -07:00
Elliot Berman 47657548ae ANDROID: virt: gunyah: Convert core gunyah driver to pure module
Now that Gunyah modules can be probed without devicetree, there is no
reason to bind/populate the gunyah-hypervisor node, even if it exists.
Convert the probe function, which checked if we were running under
Gunyah and tested for the info_area, into a regular initcall.

core_initcall() used because Gunyah-aware protected guest needs to
initialize early for virtio-balloon/free page reporting.

Bug: 395833312
Change-Id: I7e2787d814c45d44d8868e249a512c66f90a725c
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-03-20 23:38:59 -07:00
Elliot Berman f996a1b3d0 ANDROID: virt: gunyah: Make core gunyah driver compile separately
In preparation for Gunyah-aware protected guests, make the core gunyah
driver which probes the info_area page compile separately.

Bug: 395833312
Change-Id: Ibea70a89dfa66fbc08491acb1a78fa6e57d6943a
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-03-20 23:38:59 -07:00
Elliot Berman 0df02d448a ANDROID: virt: gunyah: Probe for the info_area page
The Gunyah info_area page contains a series of descriptors of
"information". Probe the info_area page during probe and expose a
function to fetch information by its identifier.

Bug: 395833312
Change-Id: I380fa59259f487f1ca9b48c12eb07957603ea099
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-03-20 23:38:59 -07:00
Elliot Berman aecad32996 ANDROID: virt: gunyah: Separate the gunyah_hypercall config symbol
Gunyah-aware confidential compute guest virtual machines don't need the
code to launch virtual machines, but still need to make hypercalls.
Split the gunyah_hypercall module into a separate Kconfig symbol which
can be selected by the guest module.

Bug: 395833312
Change-Id: Ic2ec7248bd7a85d09a4769b8d74090426b2f56b7
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-03-20 23:38:59 -07:00
Keir Fraser 9d6f55bedc ANDROID: virtio_balloon: Replace generic mem_relinquish api with a driver-specific alternative
The old API was used only by virtio_balloon, and this way we end up
less scattered around the kernel tree.

Bug: 381400679
Bug: 357781595
Change-Id: Ic896d1da83565cc260567b5a1183e94a4d13daab
Signed-off-by: Keir Fraser <keirf@google.com>
2025-03-17 10:06:53 +00:00
Haoyu Li 1b8f7a2caa drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl
commit 819cec1dc47cdeac8f5dd6ba81c1dbee2a68c3bb upstream.

In the "pmcmd_ioctl" function, three memory objects allocated by
kmalloc are initialized by "hcall_get_cpu_state", which are then
copied to user space. The initializer is indeed implemented in
"acrn_hypercall2" (arch/x86/include/asm/acrn.h). There is a risk of
information leakage due to uninitialized bytes.

Fixes: 3d679d5aec ("virt: acrn: Introduce interfaces to query C-states and P-states allowed by hypervisor")
Signed-off-by: Haoyu Li <lihaoyu499@gmail.com>
Cc: stable <stable@kernel.org>
Acked-by: Fei Li <fei1.li@intel.com>
Link: https://lore.kernel.org/r/20250130115811.92424-1-lihaoyu499@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2025-03-13 13:02:16 +01:00
Vincent Donnefort 4e27d44ab9 ANDROID: KVM: arm64: Fix MMIO guard alignment for guests
Currently pkvm_granule alignment is enforced for the start address of
the ioremap hook. This is a problem as this address doesn't have to be
aligned at all. At the same time, the size of the ioremap isn't verified
and we can simply overshoot the MMIO guard original request.

MMIO guard is solely here to indicate to the hypervisor where are the
MMIO regions. If we validate the RAM is aligned with the pkvm_granule,
we can safely overshoot the MMIO guard.

Bug: 381400679
Bug: 357781595
Fixes: 13c871aec2 ("ANDROID: KVM: arm64: Allow the pVM guest to boot with different granule")
Tested-by: Mostafa Saleh <smostafa@google.com>
Change-Id: I0ae27c1626fab17a3b58a6004b6b4f31c23c61a3
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
2025-02-03 05:05:16 -08:00
Elliot Berman 1f2b2e3455 ANDROID: virt: gunyah: Sync on last folio in reclaim
When reclaiming multiple folios, Gunyah allows the host to skip sync
operation to speed up the reclaim. The sync can occur on the last folio
to be reclaimed. The logic was flipped, correct it.

Fixes: 162a44744e7e ("FROMLIST: virt: gunyah: Add interfaces to map memory into guest address space")
Change-Id: I7848754bba92cf6e9ed6525141955a9626b20228
Signed-off-by: Elliot Berman <quic_eberman@quicinc.com>
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-01-22 15:16:42 -08:00
Elliot Berman 324fcc6bc0 ANDROID: virt: gunyah: Support boot context register values up to ULONG_MAX
Values from (LONG_MAX, ULONG_MAX] aren't supported values by xarray.
Allocate a container to store the value instead and insert the container
to the xarray.

Change-Id: Iaf6a50cc4d56ab2108e3e21f2dfc493cd518cb22
Bug: 373872273
Fixes: ed8ebd8c80c5 ("FROMLIST: virt: gunyah: Allow userspace to initialize context of primary vCPU")
Signed-off-by: Elliot Berman <quic_eberman@quicinc.com>
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-01-22 15:16:42 -08:00
Elliot Berman 86fff7cab3 ANDROID: virt: gunyah: Check GUNYAH_VM_SET_BOOT_CONTEXT reg upper bits
Test that the boot_context->reg provided by userspace has upper bits
cleared.

Change-Id: If96f7980b026336def24f8ff88d303d0bfa7b598
Bug: 373872273
Fixes: ed8ebd8c80c5 ("FROMLIST: virt: gunyah: Allow userspace to initialize context of primary vCPU")
Signed-off-by: Elliot Berman <quic_eberman@quicinc.com>
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-01-22 15:16:42 -08:00
Elliot Berman 1a2d547525 ANDROID: virt: gunyah: Correct the nr outval in gunyah_gup_share_parcel
gunyah_gup_share_parcel() has an in/out parameter which indicates the
number of pages requested to be shared in the mem parcel. We were not
returning the number of pages actually shared in the mem parcel and this
caused THPs to be undercounted. Later, when converting the parcel to
demand paged (gunyah_vm_parcel_to_paged), we hit the BUG_ON on line 55
due to the undercount. Fix the BUG_ON by correctly counting the *nr
return value.

Fixes: due to the undercount. Fix the BUG_ON by correctly counting the
*nr return value due to the undercount. Fix the BUG_ON by correctly
counting the *nr return value.

Fixes: 296cceed0844 ("ANDROID: virt: gunyah: Add gup based demand paging support")
Change-Id: I6492b02d075d903ab68d6c89c4bb1cd78af25c28
Signed-off-by: Elliot Berman <quic_eberman@quicinc.com>
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-01-22 15:16:42 -08:00
Elliot Berman a24b717f84 ANDROID: virt: gunyah: Unpin, not folio_put, in gunyah_gup_reclaim_parcel
gunyah_gup_reclaim_parcel incorrectly used folio_put() to drop the
refcount for the pinned page. This leaves the folio pincount elevated.
If the VM initialization fails in Gunyah and Linux needs to reclaim the
mem parcel, mm will complain that the pincount was higher than refcount.

This reclaim path is not normally used, as memory backed by parcels is
reclaimed in the demand paging path if the VM starts successfully.

Bug: 358605784
Fixes: 296cceed0844 ("ANDROID: virt: gunyah: Add gup based demand paging support")
Change-Id: I88454e1f0527632f1f78345e3833d16cbc098467
Signed-off-by: Elliot Berman <quic_eberman@quicinc.com>
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-01-22 15:16:42 -08:00
Elliot Berman 3b4904d52f ANDROID: virt: gunyah: Correct n_mem_entries calculation in gunyah_gup_share_parcel
gunyah_gup_share_parcel incorrectly calculates n_mem_entries and places
items into the mem_entries array. To save number of bytes sent to RM, we
describe only folios -- not individual pages. We incorrectly filled the
mem_entries array with some entries as 0's. Track insertion into the
mem_entries array with new indexer: entries.

Bug: 358605784
Fixes: 296cceed0844 ("ANDROID: virt: gunyah: Add gup based demand paging support")
Change-Id: I4738874579136a834bed86daba6d70e469512656
Signed-off-by: Elliot Berman <quic_eberman@quicinc.com>
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-01-22 15:16:42 -08:00
Elliot Berman 84703ee7ec ANDROID: virt: gunyah: Remove unbalanced folio_get
Page/folio pinning is handled directly by GUP. A lingering folio_get()
from guest_memfd upstream implementation was incorrectly preserved.
Remove it and fix the corresponding page leak.

Fixes: 296cceed0844 ("ANDROID: virt: gunyah: Add gup based demand paging support")
Change-Id: I874cf9e07cf7bad20931071b0fc33e3b9c55ad8d
Signed-off-by: Elliot Berman <quic_eberman@quicinc.com>
Signed-off-by: Elliot Berman <elliot.berman@oss.qualcomm.com>
2025-01-22 15:16:42 -08:00