--- /dev/null
+From ec60f6791fc89ffce3d4b9431eb2de2bbee7d907 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 1 Nov 2021 19:36:30 -0500
+Subject: ARM: socfpga: dts: fix qspi node compatible
+
+From: Dinh Nguyen <dinguyen@kernel.org>
+
+[ Upstream commit cb25b11943cbcc5a34531129952870420f8be858 ]
+
+The QSPI flash node needs to have the required "jedec,spi-nor" in the
+compatible string.
+
+Fixes: 1df99da8953 ("ARM: dts: socfpga: Enable QSPI in Arria10 devkit")
+Signed-off-by: Dinh Nguyen <dinguyen@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm/boot/dts/socfpga_arria10_socdk_qspi.dts | 2 +-
+ arch/arm/boot/dts/socfpga_arria5_socdk.dts | 2 +-
+ arch/arm/boot/dts/socfpga_cyclone5_socdk.dts | 2 +-
+ arch/arm/boot/dts/socfpga_cyclone5_sockit.dts | 2 +-
+ arch/arm/boot/dts/socfpga_cyclone5_socrates.dts | 2 +-
+ arch/arm/boot/dts/socfpga_cyclone5_sodia.dts | 2 +-
+ arch/arm/boot/dts/socfpga_cyclone5_vining_fpga.dts | 4 ++--
+ 7 files changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/arch/arm/boot/dts/socfpga_arria10_socdk_qspi.dts b/arch/arm/boot/dts/socfpga_arria10_socdk_qspi.dts
+index beb2fc6b9eb63..adfdc43ac052f 100644
+--- a/arch/arm/boot/dts/socfpga_arria10_socdk_qspi.dts
++++ b/arch/arm/boot/dts/socfpga_arria10_socdk_qspi.dts
+@@ -23,7 +23,7 @@ &qspi {
+ flash0: n25q00@0 {
+ #address-cells = <1>;
+ #size-cells = <1>;
+- compatible = "n25q00aa";
++ compatible = "micron,mt25qu02g", "jedec,spi-nor";
+ reg = <0>;
+ spi-max-frequency = <100000000>;
+
+diff --git a/arch/arm/boot/dts/socfpga_arria5_socdk.dts b/arch/arm/boot/dts/socfpga_arria5_socdk.dts
+index aac4feea86f38..09ffa79240c84 100644
+--- a/arch/arm/boot/dts/socfpga_arria5_socdk.dts
++++ b/arch/arm/boot/dts/socfpga_arria5_socdk.dts
+@@ -131,7 +131,7 @@ &qspi {
+ flash: flash@0 {
+ #address-cells = <1>;
+ #size-cells = <1>;
+- compatible = "n25q256a";
++ compatible = "micron,n25q256a", "jedec,spi-nor";
+ reg = <0>;
+ spi-max-frequency = <100000000>;
+
+diff --git a/arch/arm/boot/dts/socfpga_cyclone5_socdk.dts b/arch/arm/boot/dts/socfpga_cyclone5_socdk.dts
+index 155829f9eba16..907d8aa6d9fc8 100644
+--- a/arch/arm/boot/dts/socfpga_cyclone5_socdk.dts
++++ b/arch/arm/boot/dts/socfpga_cyclone5_socdk.dts
+@@ -136,7 +136,7 @@ &qspi {
+ flash0: n25q00@0 {
+ #address-cells = <1>;
+ #size-cells = <1>;
+- compatible = "n25q00";
++ compatible = "micron,mt25qu02g", "jedec,spi-nor";
+ reg = <0>; /* chip select */
+ spi-max-frequency = <100000000>;
+
+diff --git a/arch/arm/boot/dts/socfpga_cyclone5_sockit.dts b/arch/arm/boot/dts/socfpga_cyclone5_sockit.dts
+index a4a555c19d943..fe5fe4559969d 100644
+--- a/arch/arm/boot/dts/socfpga_cyclone5_sockit.dts
++++ b/arch/arm/boot/dts/socfpga_cyclone5_sockit.dts
+@@ -181,7 +181,7 @@ &qspi {
+ flash: flash@0 {
+ #address-cells = <1>;
+ #size-cells = <1>;
+- compatible = "n25q00";
++ compatible = "micron,mt25qu02g", "jedec,spi-nor";
+ reg = <0>;
+ spi-max-frequency = <100000000>;
+
+diff --git a/arch/arm/boot/dts/socfpga_cyclone5_socrates.dts b/arch/arm/boot/dts/socfpga_cyclone5_socrates.dts
+index 53bf99eef66de..0992cae3e60ef 100644
+--- a/arch/arm/boot/dts/socfpga_cyclone5_socrates.dts
++++ b/arch/arm/boot/dts/socfpga_cyclone5_socrates.dts
+@@ -87,7 +87,7 @@ &qspi {
+ flash: flash@0 {
+ #address-cells = <1>;
+ #size-cells = <1>;
+- compatible = "n25q256a";
++ compatible = "micron,n25q256a", "jedec,spi-nor";
+ reg = <0>;
+ spi-max-frequency = <100000000>;
+ m25p,fast-read;
+diff --git a/arch/arm/boot/dts/socfpga_cyclone5_sodia.dts b/arch/arm/boot/dts/socfpga_cyclone5_sodia.dts
+index 8860dd2e242c4..22bfef024913a 100644
+--- a/arch/arm/boot/dts/socfpga_cyclone5_sodia.dts
++++ b/arch/arm/boot/dts/socfpga_cyclone5_sodia.dts
+@@ -128,7 +128,7 @@ &qspi {
+ flash0: n25q512a@0 {
+ #address-cells = <1>;
+ #size-cells = <1>;
+- compatible = "n25q512a";
++ compatible = "micron,n25q512a", "jedec,spi-nor";
+ reg = <0>;
+ spi-max-frequency = <100000000>;
+
+diff --git a/arch/arm/boot/dts/socfpga_cyclone5_vining_fpga.dts b/arch/arm/boot/dts/socfpga_cyclone5_vining_fpga.dts
+index f50b19447de69..3412eb17a1587 100644
+--- a/arch/arm/boot/dts/socfpga_cyclone5_vining_fpga.dts
++++ b/arch/arm/boot/dts/socfpga_cyclone5_vining_fpga.dts
+@@ -249,7 +249,7 @@ &qspi {
+ n25q128@0 {
+ #address-cells = <1>;
+ #size-cells = <1>;
+- compatible = "n25q128";
++ compatible = "micron,n25q128", "jedec,spi-nor";
+ reg = <0>; /* chip select */
+ spi-max-frequency = <100000000>;
+ m25p,fast-read;
+@@ -266,7 +266,7 @@ n25q128@0 {
+ n25q00@1 {
+ #address-cells = <1>;
+ #size-cells = <1>;
+- compatible = "n25q00";
++ compatible = "micron,mt25qu02g", "jedec,spi-nor";
+ reg = <1>; /* chip select */
+ spi-max-frequency = <100000000>;
+ m25p,fast-read;
+--
+2.33.0
+
--- /dev/null
+From f298b6be5a00cf9b4e12fa213ca6d80da3a3a5c1 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 25 Nov 2021 15:44:38 +0000
+Subject: dmaengine: st_fdma: fix MODULE_ALIAS
+
+From: Alyssa Ross <hi@alyssa.is>
+
+[ Upstream commit 822c9f2b833c53fc67e8adf6f63ecc3ea24d502c ]
+
+modprobe can't handle spaces in aliases.
+
+Fixes: 6b4cd727eaf1 ("dmaengine: st_fdma: Add STMicroelectronics FDMA engine driver support")
+Signed-off-by: Alyssa Ross <hi@alyssa.is>
+Link: https://lore.kernel.org/r/20211125154441.2626214-1-hi@alyssa.is
+Signed-off-by: Vinod Koul <vkoul@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/dma/st_fdma.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/dma/st_fdma.c b/drivers/dma/st_fdma.c
+index bfb79bd0c6de5..087d22ba8a2f6 100644
+--- a/drivers/dma/st_fdma.c
++++ b/drivers/dma/st_fdma.c
+@@ -886,4 +886,4 @@ MODULE_LICENSE("GPL v2");
+ MODULE_DESCRIPTION("STMicroelectronics FDMA engine driver");
+ MODULE_AUTHOR("Ludovic.barre <Ludovic.barre@st.com>");
+ MODULE_AUTHOR("Peter Griffin <peter.griffin@linaro.org>");
+-MODULE_ALIAS("platform: " DRIVER_NAME);
++MODULE_ALIAS("platform:" DRIVER_NAME);
+--
+2.33.0
+
--- /dev/null
+From 8f6ccf5edd6ba7ba7d68cf818ede46fde49a0752 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 25 Nov 2021 18:33:16 -0800
+Subject: hv: utils: add PTP_1588_CLOCK to Kconfig to fix build
+
+From: Randy Dunlap <rdunlap@infradead.org>
+
+[ Upstream commit 1dc2f2b81a6a9895da59f3915760f6c0c3074492 ]
+
+The hyperv utilities use PTP clock interfaces and should depend a
+a kconfig symbol such that they will be built as a loadable module or
+builtin so that linker errors do not happen.
+
+Prevents these build errors:
+
+ld: drivers/hv/hv_util.o: in function `hv_timesync_deinit':
+hv_util.c:(.text+0x37d): undefined reference to `ptp_clock_unregister'
+ld: drivers/hv/hv_util.o: in function `hv_timesync_init':
+hv_util.c:(.text+0x738): undefined reference to `ptp_clock_register'
+
+Fixes: 3716a49a81ba ("hv_utils: implement Hyper-V PTP source")
+Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
+Reported-by: kernel test robot <lkp@intel.com>
+Cc: Arnd Bergmann <arnd@arndb.de>
+Cc: "K. Y. Srinivasan" <kys@microsoft.com>
+Cc: Haiyang Zhang <haiyangz@microsoft.com>
+Cc: Stephen Hemminger <sthemmin@microsoft.com>
+Cc: Wei Liu <wei.liu@kernel.org>
+Cc: Dexuan Cui <decui@microsoft.com>
+Cc: linux-hyperv@vger.kernel.org
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Reviewed-by: Michael Kelley <mikelley@microsoft.com>
+Link: https://lore.kernel.org/r/20211126023316.25184-1-rdunlap@infradead.org
+Signed-off-by: Wei Liu <wei.liu@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/hv/Kconfig | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/hv/Kconfig b/drivers/hv/Kconfig
+index 1c1a2514d6f31..b1c93441900ad 100644
+--- a/drivers/hv/Kconfig
++++ b/drivers/hv/Kconfig
+@@ -16,6 +16,7 @@ config HYPERV_TSCPAGE
+ config HYPERV_UTILS
+ tristate "Microsoft Hyper-V Utilities driver"
+ depends on HYPERV && CONNECTOR && NLS
++ depends on PTP_1588_CLOCK_OPTIONAL
+ help
+ Select this option to enable the Hyper-V Utilities.
+
+--
+2.33.0
+
--- /dev/null
+From 7810a6606853feb4abe2e711366fcacdc9830436 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 31 Aug 2021 13:16:35 +0200
+Subject: igb: Fix removal of unicast MAC filters of VFs
+
+From: Karen Sornek <karen.sornek@intel.com>
+
+[ Upstream commit 584af82154f56e6b2740160fcc84a2966d969e15 ]
+
+Move checking condition of VF MAC filter before clearing
+or adding MAC filter to VF to prevent potential blackout caused
+by removal of necessary and working VF's MAC filter.
+
+Fixes: 1b8b062a99dc ("igb: add VF trust infrastructure")
+Signed-off-by: Karen Sornek <karen.sornek@intel.com>
+Tested-by: Konrad Jankowski <konrad0.jankowski@intel.com>
+Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/ethernet/intel/igb/igb_main.c | 28 +++++++++++------------
+ 1 file changed, 14 insertions(+), 14 deletions(-)
+
+diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c
+index 6221dafc76b95..74b50f17832d1 100644
+--- a/drivers/net/ethernet/intel/igb/igb_main.c
++++ b/drivers/net/ethernet/intel/igb/igb_main.c
+@@ -7406,6 +7406,20 @@ static int igb_set_vf_mac_filter(struct igb_adapter *adapter, const int vf,
+ struct vf_mac_filter *entry = NULL;
+ int ret = 0;
+
++ if ((vf_data->flags & IGB_VF_FLAG_PF_SET_MAC) &&
++ !vf_data->trusted) {
++ dev_warn(&pdev->dev,
++ "VF %d requested MAC filter but is administratively denied\n",
++ vf);
++ return -EINVAL;
++ }
++ if (!is_valid_ether_addr(addr)) {
++ dev_warn(&pdev->dev,
++ "VF %d attempted to set invalid MAC filter\n",
++ vf);
++ return -EINVAL;
++ }
++
+ switch (info) {
+ case E1000_VF_MAC_FILTER_CLR:
+ /* remove all unicast MAC filters related to the current VF */
+@@ -7419,20 +7433,6 @@ static int igb_set_vf_mac_filter(struct igb_adapter *adapter, const int vf,
+ }
+ break;
+ case E1000_VF_MAC_FILTER_ADD:
+- if ((vf_data->flags & IGB_VF_FLAG_PF_SET_MAC) &&
+- !vf_data->trusted) {
+- dev_warn(&pdev->dev,
+- "VF %d requested MAC filter but is administratively denied\n",
+- vf);
+- return -EINVAL;
+- }
+- if (!is_valid_ether_addr(addr)) {
+- dev_warn(&pdev->dev,
+- "VF %d attempted to set invalid MAC filter\n",
+- vf);
+- return -EINVAL;
+- }
+-
+ /* try to find empty slot in the list */
+ list_for_each(pos, &adapter->vf_macs.l) {
+ entry = list_entry(pos, struct vf_mac_filter, l);
+--
+2.33.0
+
--- /dev/null
+From a880db39e25c4b8ea8847637a0d999bccc792f94 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Sat, 13 Nov 2021 11:42:34 +0800
+Subject: igbvf: fix double free in `igbvf_probe`
+
+From: Letu Ren <fantasquex@gmail.com>
+
+[ Upstream commit b6d335a60dc624c0d279333b22c737faa765b028 ]
+
+In `igbvf_probe`, if register_netdev() fails, the program will go to
+label err_hw_init, and then to label err_ioremap. In free_netdev() which
+is just below label err_ioremap, there is `list_for_each_entry_safe` and
+`netif_napi_del` which aims to delete all entries in `dev->napi_list`.
+The program has added an entry `adapter->rx_ring->napi` which is added by
+`netif_napi_add` in igbvf_alloc_queues(). However, adapter->rx_ring has
+been freed below label err_hw_init. So this a UAF.
+
+In terms of how to patch the problem, we can refer to igbvf_remove() and
+delete the entry before `adapter->rx_ring`.
+
+The KASAN logs are as follows:
+
+[ 35.126075] BUG: KASAN: use-after-free in free_netdev+0x1fd/0x450
+[ 35.127170] Read of size 8 at addr ffff88810126d990 by task modprobe/366
+[ 35.128360]
+[ 35.128643] CPU: 1 PID: 366 Comm: modprobe Not tainted 5.15.0-rc2+ #14
+[ 35.129789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
+[ 35.131749] Call Trace:
+[ 35.132199] dump_stack_lvl+0x59/0x7b
+[ 35.132865] print_address_description+0x7c/0x3b0
+[ 35.133707] ? free_netdev+0x1fd/0x450
+[ 35.134378] __kasan_report+0x160/0x1c0
+[ 35.135063] ? free_netdev+0x1fd/0x450
+[ 35.135738] kasan_report+0x4b/0x70
+[ 35.136367] free_netdev+0x1fd/0x450
+[ 35.137006] igbvf_probe+0x121d/0x1a10 [igbvf]
+[ 35.137808] ? igbvf_vlan_rx_add_vid+0x100/0x100 [igbvf]
+[ 35.138751] local_pci_probe+0x13c/0x1f0
+[ 35.139461] pci_device_probe+0x37e/0x6c0
+[ 35.165526]
+[ 35.165806] Allocated by task 366:
+[ 35.166414] ____kasan_kmalloc+0xc4/0xf0
+[ 35.167117] foo_kmem_cache_alloc_trace+0x3c/0x50 [igbvf]
+[ 35.168078] igbvf_probe+0x9c5/0x1a10 [igbvf]
+[ 35.168866] local_pci_probe+0x13c/0x1f0
+[ 35.169565] pci_device_probe+0x37e/0x6c0
+[ 35.179713]
+[ 35.179993] Freed by task 366:
+[ 35.180539] kasan_set_track+0x4c/0x80
+[ 35.181211] kasan_set_free_info+0x1f/0x40
+[ 35.181942] ____kasan_slab_free+0x103/0x140
+[ 35.182703] kfree+0xe3/0x250
+[ 35.183239] igbvf_probe+0x1173/0x1a10 [igbvf]
+[ 35.184040] local_pci_probe+0x13c/0x1f0
+
+Fixes: d4e0fe01a38a0 (igbvf: add new driver to support 82576 virtual functions)
+Reported-by: Zheyu Ma <zheyuma97@gmail.com>
+Signed-off-by: Letu Ren <fantasquex@gmail.com>
+Tested-by: Konrad Jankowski <konrad0.jankowski@intel.com>
+Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/ethernet/intel/igbvf/netdev.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/net/ethernet/intel/igbvf/netdev.c b/drivers/net/ethernet/intel/igbvf/netdev.c
+index e0c989ffb2b3e..df827c2541628 100644
+--- a/drivers/net/ethernet/intel/igbvf/netdev.c
++++ b/drivers/net/ethernet/intel/igbvf/netdev.c
+@@ -2888,6 +2888,7 @@ static int igbvf_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
+ return 0;
+
+ err_hw_init:
++ netif_napi_del(&adapter->rx_ring->napi);
+ kfree(adapter->tx_ring);
+ kfree(adapter->rx_ring);
+ err_sw_init:
+--
+2.33.0
+
--- /dev/null
+From aafafb20b5f3e2ef483edc3ddfc9303653c5a088 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 1 Nov 2021 18:39:36 -0700
+Subject: ixgbe: set X550 MDIO speed before talking to PHY
+
+From: Cyril Novikov <cnovikov@lynx.com>
+
+[ Upstream commit bf0a375055bd1afbbf02a0ef45f7655da7b71317 ]
+
+The MDIO bus speed must be initialized before talking to the PHY the first
+time in order to avoid talking to it using a speed that the PHY doesn't
+support.
+
+This fixes HW initialization error -17 (IXGBE_ERR_PHY_ADDR_INVALID) on
+Denverton CPUs (a.k.a. the Atom C3000 family) on ports with a 10Gb network
+plugged in. On those devices, HLREG0[MDCSPD] resets to 1, which combined
+with the 10Gb network results in a 24MHz MDIO speed, which is apparently
+too fast for the connected PHY. PHY register reads over MDIO bus return
+garbage, leading to initialization failure.
+
+Reproduced with Linux kernel 4.19 and 5.15-rc7. Can be reproduced using
+the following setup:
+
+* Use an Atom C3000 family system with at least one X552 LAN on the SoC
+* Disable PXE or other BIOS network initialization if possible
+ (the interface must not be initialized before Linux boots)
+* Connect a live 10Gb Ethernet cable to an X550 port
+* Power cycle (not reset, doesn't always work) the system and boot Linux
+* Observe: ixgbe interfaces w/ 10GbE cables plugged in fail with error -17
+
+Fixes: e84db7272798 ("ixgbe: Introduce function to control MDIO speed")
+Signed-off-by: Cyril Novikov <cnovikov@lynx.com>
+Reviewed-by: Andrew Lunn <andrew@lunn.ch>
+Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c
+index 9772016222c30..9277d57c4a70b 100644
+--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c
++++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c
+@@ -3391,6 +3391,9 @@ static s32 ixgbe_reset_hw_X550em(struct ixgbe_hw *hw)
+ /* flush pending Tx transactions */
+ ixgbe_clear_tx_pending(hw);
+
++ /* set MDIO speed before talking to the PHY in case it's the 1st time */
++ ixgbe_set_mdio_speed(hw);
++
+ /* PHY ops must be identified and initialized prior to reset */
+ status = hw->phy.ops.init(hw);
+ if (status == IXGBE_ERR_SFP_NOT_SUPPORTED ||
+--
+2.33.0
+
--- /dev/null
+From 0cd76e0a2da4d4039f4bcefd574e524572f5a20b Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 22 Nov 2021 12:47:40 +0100
+Subject: mac80211: track only QoS data frames for admission control
+
+From: Johannes Berg <johannes.berg@intel.com>
+
+[ Upstream commit d5e568c3a4ec2ddd23e7dc5ad5b0c64e4f22981a ]
+
+For admission control, obviously all of that only works for
+QoS data frames, otherwise we cannot even access the QoS
+field in the header.
+
+Syzbot reported (see below) an uninitialized value here due
+to a status of a non-QoS nullfunc packet, which isn't even
+long enough to contain the QoS header.
+
+Fix this to only do anything for QoS data packets.
+
+Reported-by: syzbot+614e82b88a1a4973e534@syzkaller.appspotmail.com
+Fixes: 02219b3abca5 ("mac80211: add WMM admission control support")
+Link: https://lore.kernel.org/r/20211122124737.dad29e65902a.Ieb04587afacb27c14e0de93ec1bfbefb238cc2a0@changeid
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/mac80211/mlme.c | 13 ++++++++++---
+ 1 file changed, 10 insertions(+), 3 deletions(-)
+
+diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c
+index cbcb60face2c5..e5c4a72f8e571 100644
+--- a/net/mac80211/mlme.c
++++ b/net/mac80211/mlme.c
+@@ -2351,11 +2351,18 @@ static void ieee80211_sta_tx_wmm_ac_notify(struct ieee80211_sub_if_data *sdata,
+ u16 tx_time)
+ {
+ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
+- u16 tid = ieee80211_get_tid(hdr);
+- int ac = ieee80211_ac_from_tid(tid);
+- struct ieee80211_sta_tx_tspec *tx_tspec = &ifmgd->tx_tspec[ac];
++ u16 tid;
++ int ac;
++ struct ieee80211_sta_tx_tspec *tx_tspec;
+ unsigned long now = jiffies;
+
++ if (!ieee80211_is_data_qos(hdr->frame_control))
++ return;
++
++ tid = ieee80211_get_tid(hdr);
++ ac = ieee80211_ac_from_tid(tid);
++ tx_tspec = &ifmgd->tx_tspec[ac];
++
+ if (likely(!tx_tspec->admitted_time))
+ return;
+
+--
+2.33.0
+
--- /dev/null
+From bcb93e99006d493d2737714ef0f8f7f5a790c315 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 15 Dec 2021 09:39:37 -0500
+Subject: net/packet: rx_owner_map depends on pg_vec
+
+From: Willem de Bruijn <willemb@google.com>
+
+[ Upstream commit ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 ]
+
+Packet sockets may switch ring versions. Avoid misinterpreting state
+between versions, whose fields share a union. rx_owner_map is only
+allocated with a packet ring (pg_vec) and both are swapped together.
+If pg_vec is NULL, meaning no packet ring was allocated, then neither
+was rx_owner_map. And the field may be old state from a tpacket_v3.
+
+Fixes: 61fad6816fc1 ("net/packet: tpacket_rcv: avoid a producer race condition")
+Reported-by: Syzbot <syzbot+1ac0994a0a0c55151121@syzkaller.appspotmail.com>
+Signed-off-by: Willem de Bruijn <willemb@google.com>
+Reviewed-by: Eric Dumazet <edumazet@google.com>
+Link: https://lore.kernel.org/r/20211215143937.106178-1-willemdebruijn.kernel@gmail.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/packet/af_packet.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
+index 8d9005019ef78..1309161032d50 100644
+--- a/net/packet/af_packet.c
++++ b/net/packet/af_packet.c
+@@ -4439,9 +4439,10 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
+ }
+
+ out_free_pg_vec:
+- bitmap_free(rx_owner_map);
+- if (pg_vec)
++ if (pg_vec) {
++ bitmap_free(rx_owner_map);
+ free_pg_vec(pg_vec, order, req->tp_block_nr);
++ }
+ out:
+ return err;
+ }
+--
+2.33.0
+
--- /dev/null
+From 4e062a9a29de531f009ce291d163c592f8eeb08b Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 15 Dec 2021 19:15:30 +0800
+Subject: netdevsim: Zero-initialize memory for new map's value in function
+ nsim_bpf_map_alloc
+
+From: Haimin Zhang <tcs.kernel@gmail.com>
+
+[ Upstream commit 481221775d53d6215a6e5e9ce1cce6d2b4ab9a46 ]
+
+Zero-initialize memory for new map's value in function nsim_bpf_map_alloc
+since it may cause a potential kernel information leak issue, as follows:
+1. nsim_bpf_map_alloc calls nsim_map_alloc_elem to allocate elements for
+a new map.
+2. nsim_map_alloc_elem uses kmalloc to allocate map's value, but doesn't
+zero it.
+3. A user application can use IOCTL BPF_MAP_LOOKUP_ELEM to get specific
+element's information in the map.
+4. The kernel function map_lookup_elem will call bpf_map_copy_value to get
+the information allocated at step-2, then use copy_to_user to copy to the
+user buffer.
+This can only leak information for an array map.
+
+Fixes: 395cacb5f1a0 ("netdevsim: bpf: support fake map offload")
+Suggested-by: Jakub Kicinski <kuba@kernel.org>
+Acked-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Haimin Zhang <tcs.kernel@gmail.com>
+Link: https://lore.kernel.org/r/20211215111530.72103-1-tcs.kernel@gmail.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/netdevsim/bpf.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/net/netdevsim/bpf.c b/drivers/net/netdevsim/bpf.c
+index 81444208b2162..12f100392ed11 100644
+--- a/drivers/net/netdevsim/bpf.c
++++ b/drivers/net/netdevsim/bpf.c
+@@ -493,6 +493,7 @@ nsim_bpf_map_alloc(struct netdevsim *ns, struct bpf_offloaded_map *offmap)
+ goto err_free;
+ key = nmap->entry[i].key;
+ *key = i;
++ memset(nmap->entry[i].value, 0, offmap->map.value_size);
+ }
+ }
+
+--
+2.33.0
+
--- /dev/null
+From 00ec2163156ce2b16bab8cc433dd01bca20d8e38 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 14 Dec 2021 18:46:59 +0800
+Subject: rds: memory leak in __rds_conn_create()
+
+From: Hangyu Hua <hbh25y@gmail.com>
+
+[ Upstream commit 5f9562ebe710c307adc5f666bf1a2162ee7977c0 ]
+
+__rds_conn_create() did not release conn->c_path when loop_trans != 0 and
+trans->t_prefer_loopback != 0 and is_outgoing == 0.
+
+Fixes: aced3ce57cd3 ("RDS tcp loopback connection can hang")
+Signed-off-by: Hangyu Hua <hbh25y@gmail.com>
+Reviewed-by: Sharath Srinivasan <sharath.srinivasan@oracle.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/rds/connection.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/net/rds/connection.c b/net/rds/connection.c
+index ac3300b204a6f..af9f7d1840037 100644
+--- a/net/rds/connection.c
++++ b/net/rds/connection.c
+@@ -250,6 +250,7 @@ static struct rds_connection *__rds_conn_create(struct net *net,
+ * should end up here, but if it
+ * does, reset/destroy the connection.
+ */
++ kfree(conn->c_path);
+ kmem_cache_free(rds_conn_slab, conn);
+ conn = ERR_PTR(-EOPNOTSUPP);
+ goto out;
+--
+2.33.0
+
--- /dev/null
+From ff9f251b3de9b5aca131ab4eda18da029959e955 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 10 Dec 2021 06:20:46 -0800
+Subject: sch_cake: do not call cake_destroy() from cake_init()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Eric Dumazet <edumazet@google.com>
+
+[ Upstream commit ab443c53916730862cec202078d36fd4008bea79 ]
+
+qdiscs are not supposed to call their own destroy() method
+from init(), because core stack already does that.
+
+syzbot was able to trigger use after free:
+
+DEBUG_LOCKS_WARN_ON(lock->magic != lock)
+WARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]
+WARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740
+Modules linked in:
+CPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
+RIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]
+RIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740
+Code: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff <0f> 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8
+RSP: 0018:ffffc9000627f290 EFLAGS: 00010282
+RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
+RDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44
+RBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000
+R10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000
+R13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000
+FS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
+CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+CR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0
+Call Trace:
+ <TASK>
+ tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810
+ tcf_block_put_ext net/sched/cls_api.c:1381 [inline]
+ tcf_block_put_ext net/sched/cls_api.c:1376 [inline]
+ tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394
+ cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695
+ qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293
+ tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660
+ rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571
+ netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496
+ netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
+ netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345
+ netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921
+ sock_sendmsg_nosec net/socket.c:704 [inline]
+ sock_sendmsg+0xcf/0x120 net/socket.c:724
+ ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409
+ ___sys_sendmsg+0xf3/0x170 net/socket.c:2463
+ __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492
+ do_syscall_x64 arch/x86/entry/common.c:50 [inline]
+ do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
+ entry_SYSCALL_64_after_hwframe+0x44/0xae
+RIP: 0033:0x7f1bb06badb9
+Code: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.
+RSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
+RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9
+RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003
+RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003
+R10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688
+R13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2
+ </TASK>
+
+Fixes: 046f6fd5daef ("sched: Add Common Applications Kept Enhanced (cake) qdisc")
+Signed-off-by: Eric Dumazet <edumazet@google.com>
+Reported-by: syzbot <syzkaller@googlegroups.com>
+Acked-by: Toke Høiland-Jørgensen <toke@toke.dk>
+Link: https://lore.kernel.org/r/20211210142046.698336-1-eric.dumazet@gmail.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/sched/sch_cake.c | 6 +-----
+ 1 file changed, 1 insertion(+), 5 deletions(-)
+
+diff --git a/net/sched/sch_cake.c b/net/sched/sch_cake.c
+index 2025f0f559deb..18c207b85d513 100644
+--- a/net/sched/sch_cake.c
++++ b/net/sched/sch_cake.c
+@@ -2675,7 +2675,7 @@ static int cake_init(struct Qdisc *sch, struct nlattr *opt,
+ q->tins = kvcalloc(CAKE_MAX_TINS, sizeof(struct cake_tin_data),
+ GFP_KERNEL);
+ if (!q->tins)
+- goto nomem;
++ return -ENOMEM;
+
+ for (i = 0; i < CAKE_MAX_TINS; i++) {
+ struct cake_tin_data *b = q->tins + i;
+@@ -2705,10 +2705,6 @@ static int cake_init(struct Qdisc *sch, struct nlattr *opt,
+ q->min_netlen = ~0;
+ q->min_adjlen = ~0;
+ return 0;
+-
+-nomem:
+- cake_destroy(sch);
+- return -ENOMEM;
+ }
+
+ static int cake_dump(struct Qdisc *sch, struct sk_buff *skb)
+--
+2.33.0
+
nfsd-fix-use-after-free-due-to-delegation-race.patch
x86-make-arch_use_memremap_prot-a-generic-kconfig-symbol.patch
x86-sme-explicitly-map-new-efi-memmap-table-as-encrypted.patch
+mac80211-track-only-qos-data-frames-for-admission-co.patch
+hv-utils-add-ptp_1588_clock-to-kconfig-to-fix-build.patch
+arm-socfpga-dts-fix-qspi-node-compatible.patch
+sch_cake-do-not-call-cake_destroy-from-cake_init.patch
+dmaengine-st_fdma-fix-module_alias.patch
+rds-memory-leak-in-__rds_conn_create.patch
+soc-tegra-fuse-fix-bitwise-vs.-logical-or-warning.patch
+igb-fix-removal-of-unicast-mac-filters-of-vfs.patch
+igbvf-fix-double-free-in-igbvf_probe.patch
+ixgbe-set-x550-mdio-speed-before-talking-to-phy.patch
+netdevsim-zero-initialize-memory-for-new-map-s-value.patch
+net-packet-rx_owner_map-depends-on-pg_vec.patch
+sit-do-not-call-ipip6_dev_free-from-sit_init_net.patch
--- /dev/null
+From b8e03c39046d36b16c74843050f6adf9f18ac4c1 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 16 Dec 2021 03:17:41 -0800
+Subject: sit: do not call ipip6_dev_free() from sit_init_net()
+
+From: Eric Dumazet <edumazet@google.com>
+
+[ Upstream commit e28587cc491ef0f3c51258fdc87fbc386b1d4c59 ]
+
+ipip6_dev_free is sit dev->priv_destructor, already called
+by register_netdevice() if something goes wrong.
+
+Alternative would be to make ipip6_dev_free() robust against
+multiple invocations, but other drivers do not implement this
+strategy.
+
+syzbot reported:
+
+dst_release underflow
+WARNING: CPU: 0 PID: 5059 at net/core/dst.c:173 dst_release+0xd8/0xe0 net/core/dst.c:173
+Modules linked in:
+CPU: 1 PID: 5059 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
+RIP: 0010:dst_release+0xd8/0xe0 net/core/dst.c:173
+Code: 4c 89 f2 89 d9 31 c0 5b 41 5e 5d e9 da d5 44 f9 e8 1d 90 5f f9 c6 05 87 48 c6 05 01 48 c7 c7 80 44 99 8b 31 c0 e8 e8 67 29 f9 <0f> 0b eb 85 0f 1f 40 00 53 48 89 fb e8 f7 8f 5f f9 48 83 c3 a8 48
+RSP: 0018:ffffc9000aa5faa0 EFLAGS: 00010246
+RAX: d6894a925dd15a00 RBX: 00000000ffffffff RCX: 0000000000040000
+RDX: ffffc90005e19000 RSI: 000000000003ffff RDI: 0000000000040000
+RBP: 0000000000000000 R08: ffffffff816a1f42 R09: ffffed1017344f2c
+R10: ffffed1017344f2c R11: 0000000000000000 R12: 0000607f462b1358
+R13: 1ffffffff1bfd305 R14: ffffe8ffffcb1358 R15: dffffc0000000000
+FS: 00007f66c71a2700(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
+CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+CR2: 00007f88aaed5058 CR3: 0000000023e0f000 CR4: 00000000003506f0
+DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
+DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
+Call Trace:
+ <TASK>
+ dst_cache_destroy+0x107/0x1e0 net/core/dst_cache.c:160
+ ipip6_dev_free net/ipv6/sit.c:1414 [inline]
+ sit_init_net+0x229/0x550 net/ipv6/sit.c:1936
+ ops_init+0x313/0x430 net/core/net_namespace.c:140
+ setup_net+0x35b/0x9d0 net/core/net_namespace.c:326
+ copy_net_ns+0x359/0x5c0 net/core/net_namespace.c:470
+ create_new_namespaces+0x4ce/0xa00 kernel/nsproxy.c:110
+ unshare_nsproxy_namespaces+0x11e/0x180 kernel/nsproxy.c:226
+ ksys_unshare+0x57d/0xb50 kernel/fork.c:3075
+ __do_sys_unshare kernel/fork.c:3146 [inline]
+ __se_sys_unshare kernel/fork.c:3144 [inline]
+ __x64_sys_unshare+0x34/0x40 kernel/fork.c:3144
+ do_syscall_x64 arch/x86/entry/common.c:50 [inline]
+ do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
+ entry_SYSCALL_64_after_hwframe+0x44/0xae
+RIP: 0033:0x7f66c882ce99
+Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
+RSP: 002b:00007f66c71a2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
+RAX: ffffffffffffffda RBX: 00007f66c893ff60 RCX: 00007f66c882ce99
+RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000048040200
+RBP: 00007f66c8886ff1 R08: 0000000000000000 R09: 0000000000000000
+R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
+R13: 00007fff6634832f R14: 00007f66c71a2300 R15: 0000000000022000
+ </TASK>
+
+Fixes: cf124db566e6 ("net: Fix inconsistent teardown and release of private netdev state.")
+Signed-off-by: Eric Dumazet <edumazet@google.com>
+Reported-by: syzbot <syzkaller@googlegroups.com>
+Link: https://lore.kernel.org/r/20211216111741.1387540-1-eric.dumazet@gmail.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/ipv6/sit.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
+index 4a49200d0d11c..55c999cbe6e96 100644
+--- a/net/ipv6/sit.c
++++ b/net/ipv6/sit.c
+@@ -1875,7 +1875,6 @@ static int __net_init sit_init_net(struct net *net)
+ return 0;
+
+ err_reg_dev:
+- ipip6_dev_free(sitn->fb_tunnel_dev);
+ free_netdev(sitn->fb_tunnel_dev);
+ err_alloc_dev:
+ return err;
+--
+2.33.0
+
--- /dev/null
+From 5292971ddc650d0c0ad2adadbf1e28ca3ad7c107 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 10 Dec 2021 09:55:29 -0700
+Subject: soc/tegra: fuse: Fix bitwise vs. logical OR warning
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Nathan Chancellor <nathan@kernel.org>
+
+[ Upstream commit a7083763619f7485ccdade160deb81737cf2732f ]
+
+A new warning in clang points out two instances where boolean
+expressions are being used with a bitwise OR instead of logical OR:
+
+drivers/soc/tegra/fuse/speedo-tegra20.c:72:9: warning: use of bitwise '|' with boolean operands [-Wbitwise-instead-of-logical]
+ reg = tegra_fuse_read_spare(i) |
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~
+ ||
+drivers/soc/tegra/fuse/speedo-tegra20.c:72:9: note: cast one or both operands to int to silence this warning
+drivers/soc/tegra/fuse/speedo-tegra20.c:87:9: warning: use of bitwise '|' with boolean operands [-Wbitwise-instead-of-logical]
+ reg = tegra_fuse_read_spare(i) |
+ ^~~~~~~~~~~~~~~~~~~~~~~~~~
+ ||
+drivers/soc/tegra/fuse/speedo-tegra20.c:87:9: note: cast one or both operands to int to silence this warning
+2 warnings generated.
+
+The motivation for the warning is that logical operations short circuit
+while bitwise operations do not.
+
+In this instance, tegra_fuse_read_spare() is not semantically returning
+a boolean, it is returning a bit value. Use u32 for its return type so
+that it can be used with either bitwise or boolean operators without any
+warnings.
+
+Fixes: 25cd5a391478 ("ARM: tegra: Add speedo-based process identification")
+Link: https://github.com/ClangBuiltLinux/linux/issues/1488
+Suggested-by: Michał Mirosław <mirq-linux@rere.qmqm.pl>
+Signed-off-by: Nathan Chancellor <nathan@kernel.org>
+Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
+Signed-off-by: Thierry Reding <treding@nvidia.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/soc/tegra/fuse/fuse-tegra.c | 2 +-
+ drivers/soc/tegra/fuse/fuse.h | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/drivers/soc/tegra/fuse/fuse-tegra.c b/drivers/soc/tegra/fuse/fuse-tegra.c
+index 51625703399e4..52130ec8c9049 100644
+--- a/drivers/soc/tegra/fuse/fuse-tegra.c
++++ b/drivers/soc/tegra/fuse/fuse-tegra.c
+@@ -182,7 +182,7 @@ static struct platform_driver tegra_fuse_driver = {
+ };
+ builtin_platform_driver(tegra_fuse_driver);
+
+-bool __init tegra_fuse_read_spare(unsigned int spare)
++u32 __init tegra_fuse_read_spare(unsigned int spare)
+ {
+ unsigned int offset = fuse->soc->info->spare + spare * 4;
+
+diff --git a/drivers/soc/tegra/fuse/fuse.h b/drivers/soc/tegra/fuse/fuse.h
+index f355b9d549151..bf489d50e6687 100644
+--- a/drivers/soc/tegra/fuse/fuse.h
++++ b/drivers/soc/tegra/fuse/fuse.h
+@@ -62,7 +62,7 @@ struct tegra_fuse {
+ void tegra_init_revision(void);
+ void tegra_init_apbmisc(void);
+
+-bool __init tegra_fuse_read_spare(unsigned int spare);
++u32 __init tegra_fuse_read_spare(unsigned int spare);
+ u32 __init tegra_fuse_read_early(unsigned int offset);
+
+ #ifdef CONFIG_ARCH_TEGRA_2x_SOC
+--
+2.33.0
+
projects / thirdparty / kernel / stable-queue.git / commitdiff
