From: Sasha Levin Date: Mon, 3 Feb 2025 16:25:49 +0000 (-0500) Subject: Fixes for 6.6 X-Git-Tag: v6.6.76~56 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1694afd319268e1768a6620e6f63a87379c87e0d;p=thirdparty%2Fkernel%2Fstable-queue.git Fixes for 6.6 Signed-off-by: Sasha Levin --- diff --git a/queue-6.6/asoc-rockchip-i2s_tdm-re-add-the-set_sysclk-callback.patch b/queue-6.6/asoc-rockchip-i2s_tdm-re-add-the-set_sysclk-callback.patch new file mode 100644 index 0000000000..495668ba5f --- /dev/null +++ b/queue-6.6/asoc-rockchip-i2s_tdm-re-add-the-set_sysclk-callback.patch @@ -0,0 +1,121 @@ +From e6e13d72fdbc084cfaf81e5c9035e0fac08174e6 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 17 Jan 2025 11:31:02 -0500 +Subject: ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback + +From: Detlev Casanova + +[ Upstream commit 5323186e2e8d33c073fad51e24f18e2d6dbae2da ] + +In commit +9e2ab4b18ebd ("ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates"), +the set_sysclk callback was removed as considered unused as the mclk rate +can be set in the hw_params callback. +The difference between hw_params and set_sysclk is that the former is +called with the audio sampling rate set in the params (e.g.: 48000 Hz) +while the latter is called with a clock rate already computed with + sampling_rate * mclk-fs (e.g.: 48000 * 256) + +For HDMI audio using the Rockchip I2S TDM driver, the mclk-fs value must +be set to 128 instead of the default 256, and that value is set in the +device tree at the machine driver level (like a simple-audio-card +compatible node). +Therefore, the i2s_tdm driver has no idea that another mclk-fs value can +be configured and simply computes the mclk rate in the hw_params callback +with DEFAULT_MCLK_FS * params_rate(params), which is wrong for HDMI +audio. + +Re-add the set_sysclk callback so that the mclk rate is computed by the +machine driver which has the correct mclk-fs value set in its device tree +node. + +Fixes: 9e2ab4b18ebd ("ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates") +Signed-off-by: Detlev Casanova +Link: https://patch.msgid.link/20250117163102.65807-1-detlev.casanova@collabora.com +Signed-off-by: Mark Brown +Signed-off-by: Sasha Levin +--- + sound/soc/rockchip/rockchip_i2s_tdm.c | 31 +++++++++++++++++++++++++-- + 1 file changed, 29 insertions(+), 2 deletions(-) + +diff --git a/sound/soc/rockchip/rockchip_i2s_tdm.c b/sound/soc/rockchip/rockchip_i2s_tdm.c +index e6a6eabc47e5b..14e5c53e697b0 100644 +--- a/sound/soc/rockchip/rockchip_i2s_tdm.c ++++ b/sound/soc/rockchip/rockchip_i2s_tdm.c +@@ -24,7 +24,6 @@ + + #define DRV_NAME "rockchip-i2s-tdm" + +-#define DEFAULT_MCLK_FS 256 + #define CH_GRP_MAX 4 /* The max channel 8 / 2 */ + #define MULTIPLEX_CH_MAX 10 + +@@ -72,6 +71,8 @@ struct rk_i2s_tdm_dev { + bool has_playback; + bool has_capture; + struct snd_soc_dai_driver *dai; ++ unsigned int mclk_rx_freq; ++ unsigned int mclk_tx_freq; + }; + + static int to_ch_num(unsigned int val) +@@ -647,6 +648,27 @@ static int rockchip_i2s_trcm_mode(struct snd_pcm_substream *substream, + return 0; + } + ++static int rockchip_i2s_tdm_set_sysclk(struct snd_soc_dai *cpu_dai, int stream, ++ unsigned int freq, int dir) ++{ ++ struct rk_i2s_tdm_dev *i2s_tdm = to_info(cpu_dai); ++ ++ if (i2s_tdm->clk_trcm) { ++ i2s_tdm->mclk_tx_freq = freq; ++ i2s_tdm->mclk_rx_freq = freq; ++ } else { ++ if (stream == SNDRV_PCM_STREAM_PLAYBACK) ++ i2s_tdm->mclk_tx_freq = freq; ++ else ++ i2s_tdm->mclk_rx_freq = freq; ++ } ++ ++ dev_dbg(i2s_tdm->dev, "The target mclk_%s freq is: %d\n", ++ stream ? "rx" : "tx", freq); ++ ++ return 0; ++} ++ + static int rockchip_i2s_tdm_hw_params(struct snd_pcm_substream *substream, + struct snd_pcm_hw_params *params, + struct snd_soc_dai *dai) +@@ -661,15 +683,19 @@ static int rockchip_i2s_tdm_hw_params(struct snd_pcm_substream *substream, + + if (i2s_tdm->clk_trcm == TRCM_TX) { + mclk = i2s_tdm->mclk_tx; ++ mclk_rate = i2s_tdm->mclk_tx_freq; + } else if (i2s_tdm->clk_trcm == TRCM_RX) { + mclk = i2s_tdm->mclk_rx; ++ mclk_rate = i2s_tdm->mclk_rx_freq; + } else if (substream->stream == SNDRV_PCM_STREAM_PLAYBACK) { + mclk = i2s_tdm->mclk_tx; ++ mclk_rate = i2s_tdm->mclk_tx_freq; + } else { + mclk = i2s_tdm->mclk_rx; ++ mclk_rate = i2s_tdm->mclk_rx_freq; + } + +- err = clk_set_rate(mclk, DEFAULT_MCLK_FS * params_rate(params)); ++ err = clk_set_rate(mclk, mclk_rate); + if (err) + return err; + +@@ -829,6 +855,7 @@ static const struct snd_soc_dai_ops rockchip_i2s_tdm_dai_ops = { + .hw_params = rockchip_i2s_tdm_hw_params, + .set_bclk_ratio = rockchip_i2s_tdm_set_bclk_ratio, + .set_fmt = rockchip_i2s_tdm_set_fmt, ++ .set_sysclk = rockchip_i2s_tdm_set_sysclk, + .set_tdm_slot = rockchip_dai_tdm_slot, + .trigger = rockchip_i2s_tdm_trigger, + }; +-- +2.39.5 + diff --git a/queue-6.6/cifs-fix-getting-and-setting-sacls-over-smb1.patch b/queue-6.6/cifs-fix-getting-and-setting-sacls-over-smb1.patch new file mode 100644 index 0000000000..804ce77874 --- /dev/null +++ b/queue-6.6/cifs-fix-getting-and-setting-sacls-over-smb1.patch @@ -0,0 +1,154 @@ +From 1b0524cdeb31df5f5efd765d34b32b776e6a3b85 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 14 Oct 2024 13:43:23 +0200 +Subject: cifs: Fix getting and setting SACLs over SMB1 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Pali Rohár + +[ Upstream commit 8b19dfb34d17e77a0809d433cc128b779282131b ] + +SMB1 callback get_cifs_acl_by_fid() currently ignores its last argument and +therefore ignores request for SACL_SECINFO. Fix this issue by correctly +propagating info argument from get_cifs_acl() and get_cifs_acl_by_fid() to +CIFSSMBGetCIFSACL() function and pass SACL_SECINFO when requested. + +For accessing SACLs it is needed to open object with SYSTEM_SECURITY +access. Pass this flag when trying to get or set SACLs. + +Same logic is in the SMB2+ code path. + +This change fixes getting and setting of "system.cifs_ntsd_full" and +"system.smb3_ntsd_full" xattrs over SMB1 as currently it silentely ignored +SACL part of passed xattr buffer. + +Fixes: 3970acf7ddb9 ("SMB3: Add support for getting and setting SACLs") +Signed-off-by: Pali Rohár +Signed-off-by: Steve French +Signed-off-by: Sasha Levin +--- + fs/smb/client/cifsacl.c | 25 +++++++++++++++---------- + fs/smb/client/cifsproto.h | 2 +- + fs/smb/client/cifssmb.c | 4 ++-- + 3 files changed, 18 insertions(+), 13 deletions(-) + +diff --git a/fs/smb/client/cifsacl.c b/fs/smb/client/cifsacl.c +index bff8d0dd74fe7..1fc1683b15bd8 100644 +--- a/fs/smb/client/cifsacl.c ++++ b/fs/smb/client/cifsacl.c +@@ -1395,7 +1395,7 @@ static int build_sec_desc(struct smb_ntsd *pntsd, struct smb_ntsd *pnntsd, + #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY + struct smb_ntsd *get_cifs_acl_by_fid(struct cifs_sb_info *cifs_sb, + const struct cifs_fid *cifsfid, u32 *pacllen, +- u32 __maybe_unused unused) ++ u32 info) + { + struct smb_ntsd *pntsd = NULL; + unsigned int xid; +@@ -1407,7 +1407,7 @@ struct smb_ntsd *get_cifs_acl_by_fid(struct cifs_sb_info *cifs_sb, + + xid = get_xid(); + rc = CIFSSMBGetCIFSACL(xid, tlink_tcon(tlink), cifsfid->netfid, &pntsd, +- pacllen); ++ pacllen, info); + free_xid(xid); + + cifs_put_tlink(tlink); +@@ -1419,7 +1419,7 @@ struct smb_ntsd *get_cifs_acl_by_fid(struct cifs_sb_info *cifs_sb, + } + + static struct smb_ntsd *get_cifs_acl_by_path(struct cifs_sb_info *cifs_sb, +- const char *path, u32 *pacllen) ++ const char *path, u32 *pacllen, u32 info) + { + struct smb_ntsd *pntsd = NULL; + int oplock = 0; +@@ -1446,9 +1446,12 @@ static struct smb_ntsd *get_cifs_acl_by_path(struct cifs_sb_info *cifs_sb, + .fid = &fid, + }; + ++ if (info & SACL_SECINFO) ++ oparms.desired_access |= SYSTEM_SECURITY; ++ + rc = CIFS_open(xid, &oparms, &oplock, NULL); + if (!rc) { +- rc = CIFSSMBGetCIFSACL(xid, tcon, fid.netfid, &pntsd, pacllen); ++ rc = CIFSSMBGetCIFSACL(xid, tcon, fid.netfid, &pntsd, pacllen, info); + CIFSSMBClose(xid, tcon, fid.netfid); + } + +@@ -1472,7 +1475,7 @@ struct smb_ntsd *get_cifs_acl(struct cifs_sb_info *cifs_sb, + if (inode) + open_file = find_readable_file(CIFS_I(inode), true); + if (!open_file) +- return get_cifs_acl_by_path(cifs_sb, path, pacllen); ++ return get_cifs_acl_by_path(cifs_sb, path, pacllen, info); + + pntsd = get_cifs_acl_by_fid(cifs_sb, &open_file->fid, pacllen, info); + cifsFileInfo_put(open_file); +@@ -1485,7 +1488,7 @@ int set_cifs_acl(struct smb_ntsd *pnntsd, __u32 acllen, + { + int oplock = 0; + unsigned int xid; +- int rc, access_flags; ++ int rc, access_flags = 0; + struct cifs_tcon *tcon; + struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb); + struct tcon_link *tlink = cifs_sb_tlink(cifs_sb); +@@ -1498,10 +1501,12 @@ int set_cifs_acl(struct smb_ntsd *pnntsd, __u32 acllen, + tcon = tlink_tcon(tlink); + xid = get_xid(); + +- if (aclflag == CIFS_ACL_OWNER || aclflag == CIFS_ACL_GROUP) +- access_flags = WRITE_OWNER; +- else +- access_flags = WRITE_DAC; ++ if (aclflag & CIFS_ACL_OWNER || aclflag & CIFS_ACL_GROUP) ++ access_flags |= WRITE_OWNER; ++ if (aclflag & CIFS_ACL_SACL) ++ access_flags |= SYSTEM_SECURITY; ++ if (aclflag & CIFS_ACL_DACL) ++ access_flags |= WRITE_DAC; + + oparms = (struct cifs_open_parms) { + .tcon = tcon, +diff --git a/fs/smb/client/cifsproto.h b/fs/smb/client/cifsproto.h +index a151ffffc6f38..85b0a30493a63 100644 +--- a/fs/smb/client/cifsproto.h ++++ b/fs/smb/client/cifsproto.h +@@ -570,7 +570,7 @@ extern int CIFSSMBSetEA(const unsigned int xid, struct cifs_tcon *tcon, + const struct nls_table *nls_codepage, + struct cifs_sb_info *cifs_sb); + extern int CIFSSMBGetCIFSACL(const unsigned int xid, struct cifs_tcon *tcon, +- __u16 fid, struct smb_ntsd **acl_inf, __u32 *buflen); ++ __u16 fid, struct smb_ntsd **acl_inf, __u32 *buflen, __u32 info); + extern int CIFSSMBSetCIFSACL(const unsigned int, struct cifs_tcon *, __u16, + struct smb_ntsd *pntsd, __u32 len, int aclflag); + extern int cifs_do_get_acl(const unsigned int xid, struct cifs_tcon *tcon, +diff --git a/fs/smb/client/cifssmb.c b/fs/smb/client/cifssmb.c +index 2f8745736dbb0..769950adb7763 100644 +--- a/fs/smb/client/cifssmb.c ++++ b/fs/smb/client/cifssmb.c +@@ -3385,7 +3385,7 @@ validate_ntransact(char *buf, char **ppparm, char **ppdata, + /* Get Security Descriptor (by handle) from remote server for a file or dir */ + int + CIFSSMBGetCIFSACL(const unsigned int xid, struct cifs_tcon *tcon, __u16 fid, +- struct smb_ntsd **acl_inf, __u32 *pbuflen) ++ struct smb_ntsd **acl_inf, __u32 *pbuflen, __u32 info) + { + int rc = 0; + int buf_type = 0; +@@ -3408,7 +3408,7 @@ CIFSSMBGetCIFSACL(const unsigned int xid, struct cifs_tcon *tcon, __u16 fid, + pSMB->MaxSetupCount = 0; + pSMB->Fid = fid; /* file handle always le */ + pSMB->AclFlags = cpu_to_le32(CIFS_ACL_OWNER | CIFS_ACL_GROUP | +- CIFS_ACL_DACL); ++ CIFS_ACL_DACL | info); + pSMB->ByteCount = cpu_to_le16(11); /* 3 bytes pad + 8 bytes parm */ + inc_rfc1001_len(pSMB, 11); + iov[0].iov_base = (char *)pSMB; +-- +2.39.5 + diff --git a/queue-6.6/cifs-validate-eas-for-wsl-reparse-points.patch b/queue-6.6/cifs-validate-eas-for-wsl-reparse-points.patch new file mode 100644 index 0000000000..53d1fae762 --- /dev/null +++ b/queue-6.6/cifs-validate-eas-for-wsl-reparse-points.patch @@ -0,0 +1,86 @@ +From 6d78369de8c6b1e128547f1c60b1162f6af7b25a Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 26 Dec 2024 15:20:39 +0100 +Subject: cifs: Validate EAs for WSL reparse points +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Pali Rohár + +[ Upstream commit ef201e8759d20bf82b5943101147072de12bc524 ] + +Major and minor numbers for char and block devices are mandatory for stat. +So check that the WSL EA $LXDEV is present for WSL CHR and BLK reparse +points. + +WSL reparse point tag determinate type of the file. But file type is +present also in the WSL EA $LXMOD. So check that both file types are same. + +Fixes: 78e26bec4d6d ("smb: client: parse uid, gid, mode and dev from WSL reparse points") +Signed-off-by: Pali Rohár +Signed-off-by: Steve French +Signed-off-by: Sasha Levin +--- + fs/smb/client/reparse.c | 22 ++++++++++++++++++---- + 1 file changed, 18 insertions(+), 4 deletions(-) + +diff --git a/fs/smb/client/reparse.c b/fs/smb/client/reparse.c +index d3abb99cc9909..e56a8df23fec9 100644 +--- a/fs/smb/client/reparse.c ++++ b/fs/smb/client/reparse.c +@@ -674,11 +674,12 @@ int smb2_parse_reparse_point(struct cifs_sb_info *cifs_sb, + return parse_reparse_point(buf, plen, cifs_sb, full_path, true, data); + } + +-static void wsl_to_fattr(struct cifs_open_info_data *data, ++static bool wsl_to_fattr(struct cifs_open_info_data *data, + struct cifs_sb_info *cifs_sb, + u32 tag, struct cifs_fattr *fattr) + { + struct smb2_file_full_ea_info *ea; ++ bool have_xattr_dev = false; + u32 next = 0; + + switch (tag) { +@@ -721,13 +722,24 @@ static void wsl_to_fattr(struct cifs_open_info_data *data, + fattr->cf_uid = wsl_make_kuid(cifs_sb, v); + else if (!strncmp(name, SMB2_WSL_XATTR_GID, nlen)) + fattr->cf_gid = wsl_make_kgid(cifs_sb, v); +- else if (!strncmp(name, SMB2_WSL_XATTR_MODE, nlen)) ++ else if (!strncmp(name, SMB2_WSL_XATTR_MODE, nlen)) { ++ /* File type in reparse point tag and in xattr mode must match. */ ++ if (S_DT(fattr->cf_mode) != S_DT(le32_to_cpu(*(__le32 *)v))) ++ return false; + fattr->cf_mode = (umode_t)le32_to_cpu(*(__le32 *)v); +- else if (!strncmp(name, SMB2_WSL_XATTR_DEV, nlen)) ++ } else if (!strncmp(name, SMB2_WSL_XATTR_DEV, nlen)) { + fattr->cf_rdev = reparse_mkdev(v); ++ have_xattr_dev = true; ++ } + } while (next); + out: ++ ++ /* Major and minor numbers for char and block devices are mandatory. */ ++ if (!have_xattr_dev && (tag == IO_REPARSE_TAG_LX_CHR || tag == IO_REPARSE_TAG_LX_BLK)) ++ return false; ++ + fattr->cf_dtype = S_DT(fattr->cf_mode); ++ return true; + } + + static bool posix_reparse_to_fattr(struct cifs_sb_info *cifs_sb, +@@ -801,7 +813,9 @@ bool cifs_reparse_point_to_fattr(struct cifs_sb_info *cifs_sb, + case IO_REPARSE_TAG_AF_UNIX: + case IO_REPARSE_TAG_LX_CHR: + case IO_REPARSE_TAG_LX_BLK: +- wsl_to_fattr(data, cifs_sb, tag, fattr); ++ ok = wsl_to_fattr(data, cifs_sb, tag, fattr); ++ if (!ok) ++ return false; + break; + case IO_REPARSE_TAG_NFS: + ok = posix_reparse_to_fattr(cifs_sb, fattr, data); +-- +2.39.5 + diff --git a/queue-6.6/genksyms-fix-memory-leak-when-the-same-symbol-is-add.patch b/queue-6.6/genksyms-fix-memory-leak-when-the-same-symbol-is-add.patch new file mode 100644 index 0000000000..3eb4d849e0 --- /dev/null +++ b/queue-6.6/genksyms-fix-memory-leak-when-the-same-symbol-is-add.patch @@ -0,0 +1,149 @@ +From 77782d41567193555b7c92215db4797c803d1ea4 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 3 Jan 2025 16:30:38 +0900 +Subject: genksyms: fix memory leak when the same symbol is added from source + +From: Masahiro Yamada + +[ Upstream commit 45c9c4101d3d2fdfa00852274bbebba65fcc3cf2 ] + +When a symbol that is already registered is added again, __add_symbol() +returns without freeing the symbol definition, making it unreachable. + +The following test cases demonstrate different memory leak points. + +[Test Case 1] + +Forward declaration with exactly the same definition + + $ cat foo.c + #include + void foo(void); + void foo(void) {} + EXPORT_SYMBOL(foo); + +[Test Case 2] + +Forward declaration with a different definition (e.g. attribute) + + $ cat foo.c + #include + void foo(void); + __attribute__((__section__(".ref.text"))) void foo(void) {} + EXPORT_SYMBOL(foo); + +[Test Case 3] + +Preserving an overridden symbol (compile with KBUILD_PRESERVE=1) + + $ cat foo.c + #include + void foo(void); + void foo(void) { } + EXPORT_SYMBOL(foo); + + $ cat foo.symref + override foo void foo ( int ) + +The memory leaks in Test Case 1 and 2 have existed since the introduction +of genksyms into the kernel tree. [1] + +The memory leak in Test Case 3 was introduced by commit 5dae9a550a74 +("genksyms: allow to ignore symbol checksum changes"). + +When multiple init_declarators are reduced to an init_declarator_list, +the decl_spec must be duplicated. Otherwise, the following Test Case 4 +would result in a double-free bug. + +[Test Case 4] + + $ cat foo.c + #include + + extern int foo, bar; + + int foo, bar; + EXPORT_SYMBOL(foo); + +In this case, 'foo' and 'bar' share the same decl_spec, 'int'. It must +be unshared before being passed to add_symbol(). + +[1]: https://git.kernel.org/pub/scm/linux/kernel/git/history/history.git/commit/?id=46bd1da672d66ccd8a639d3c1f8a166048cca608 + +Fixes: 5dae9a550a74 ("genksyms: allow to ignore symbol checksum changes") +Signed-off-by: Masahiro Yamada +Signed-off-by: Sasha Levin +--- + scripts/genksyms/genksyms.c | 3 +++ + scripts/genksyms/parse.y | 14 ++++++++++++-- + 2 files changed, 15 insertions(+), 2 deletions(-) + +diff --git a/scripts/genksyms/genksyms.c b/scripts/genksyms/genksyms.c +index f5dfdb9d80e9d..6ddc8f406c75f 100644 +--- a/scripts/genksyms/genksyms.c ++++ b/scripts/genksyms/genksyms.c +@@ -241,6 +241,7 @@ static struct symbol *__add_symbol(const char *name, enum symbol_type type, + "unchanged\n"); + } + sym->is_declared = 1; ++ free_list(defn, NULL); + return sym; + } else if (!sym->is_declared) { + if (sym->is_override && flag_preserve) { +@@ -249,6 +250,7 @@ static struct symbol *__add_symbol(const char *name, enum symbol_type type, + print_type_name(type, name); + fprintf(stderr, " modversion change\n"); + sym->is_declared = 1; ++ free_list(defn, NULL); + return sym; + } else { + status = is_unknown_symbol(sym) ? +@@ -256,6 +258,7 @@ static struct symbol *__add_symbol(const char *name, enum symbol_type type, + } + } else { + error_with_pos("redefinition of %s", name); ++ free_list(defn, NULL); + return sym; + } + break; +diff --git a/scripts/genksyms/parse.y b/scripts/genksyms/parse.y +index 8e9b5e69e8f01..840371d01bf48 100644 +--- a/scripts/genksyms/parse.y ++++ b/scripts/genksyms/parse.y +@@ -152,14 +152,19 @@ simple_declaration: + ; + + init_declarator_list_opt: +- /* empty */ { $$ = NULL; } +- | init_declarator_list ++ /* empty */ { $$ = NULL; } ++ | init_declarator_list { free_list(decl_spec, NULL); $$ = $1; } + ; + + init_declarator_list: + init_declarator + { struct string_list *decl = *$1; + *$1 = NULL; ++ ++ /* avoid sharing among multiple init_declarators */ ++ if (decl_spec) ++ decl_spec = copy_list_range(decl_spec, NULL); ++ + add_symbol(current_name, + is_typedef ? SYM_TYPEDEF : SYM_NORMAL, decl, is_extern); + current_name = NULL; +@@ -170,6 +175,11 @@ init_declarator_list: + *$3 = NULL; + free_list(*$2, NULL); + *$2 = decl_spec; ++ ++ /* avoid sharing among multiple init_declarators */ ++ if (decl_spec) ++ decl_spec = copy_list_range(decl_spec, NULL); ++ + add_symbol(current_name, + is_typedef ? SYM_TYPEDEF : SYM_NORMAL, decl, is_extern); + current_name = NULL; +-- +2.39.5 + diff --git a/queue-6.6/genksyms-fix-memory-leak-when-the-same-symbol-is-rea.patch b/queue-6.6/genksyms-fix-memory-leak-when-the-same-symbol-is-rea.patch new file mode 100644 index 0000000000..a7a9eb92d8 --- /dev/null +++ b/queue-6.6/genksyms-fix-memory-leak-when-the-same-symbol-is-rea.patch @@ -0,0 +1,108 @@ +From 01577821f0fbff4f701e6647b49a6884d930711c Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 3 Jan 2025 16:30:39 +0900 +Subject: genksyms: fix memory leak when the same symbol is read from *.symref + file + +From: Masahiro Yamada + +[ Upstream commit be2fa44b5180a1f021efb40c55fdf63c249c3209 ] + +When a symbol that is already registered is read again from *.symref +file, __add_symbol() removes the previous one from the hash table without +freeing it. + +[Test Case] + + $ cat foo.c + #include + void foo(void); + void foo(void) {} + EXPORT_SYMBOL(foo); + + $ cat foo.symref + foo void foo ( void ) + foo void foo ( void ) + +When a symbol is removed from the hash table, it must be freed along +with its ->name and ->defn members. However, sym->name cannot be freed +because it is sometimes shared with node->string, but not always. If +sym->name and node->string share the same memory, free(sym->name) could +lead to a double-free bug. + +To resolve this issue, always assign a strdup'ed string to sym->name. + +Fixes: 64e6c1e12372 ("genksyms: track symbol checksum changes") +Signed-off-by: Masahiro Yamada +Signed-off-by: Sasha Levin +--- + scripts/genksyms/genksyms.c | 8 ++++++-- + scripts/genksyms/genksyms.h | 2 +- + scripts/genksyms/parse.y | 4 ++-- + 3 files changed, 9 insertions(+), 5 deletions(-) + +diff --git a/scripts/genksyms/genksyms.c b/scripts/genksyms/genksyms.c +index 6ddc8f406c75f..6b0eb3898e4ec 100644 +--- a/scripts/genksyms/genksyms.c ++++ b/scripts/genksyms/genksyms.c +@@ -274,11 +274,15 @@ static struct symbol *__add_symbol(const char *name, enum symbol_type type, + break; + } + } ++ ++ free_list(sym->defn, NULL); ++ free(sym->name); ++ free(sym); + --nsyms; + } + + sym = xmalloc(sizeof(*sym)); +- sym->name = name; ++ sym->name = xstrdup(name); + sym->type = type; + sym->defn = defn; + sym->expansion_trail = NULL; +@@ -485,7 +489,7 @@ static void read_reference(FILE *f) + defn = def; + def = read_node(f); + } +- subsym = add_reference_symbol(xstrdup(sym->string), sym->tag, ++ subsym = add_reference_symbol(sym->string, sym->tag, + defn, is_extern); + subsym->is_override = is_override; + free_node(sym); +diff --git a/scripts/genksyms/genksyms.h b/scripts/genksyms/genksyms.h +index 21ed2ec2d98ca..5621533dcb8e4 100644 +--- a/scripts/genksyms/genksyms.h ++++ b/scripts/genksyms/genksyms.h +@@ -32,7 +32,7 @@ struct string_list { + + struct symbol { + struct symbol *hash_next; +- const char *name; ++ char *name; + enum symbol_type type; + struct string_list *defn; + struct symbol *expansion_trail; +diff --git a/scripts/genksyms/parse.y b/scripts/genksyms/parse.y +index 840371d01bf48..689cb6bb40b65 100644 +--- a/scripts/genksyms/parse.y ++++ b/scripts/genksyms/parse.y +@@ -482,12 +482,12 @@ enumerator_list: + enumerator: + IDENT + { +- const char *name = strdup((*$1)->string); ++ const char *name = (*$1)->string; + add_symbol(name, SYM_ENUM_CONST, NULL, 0); + } + | IDENT '=' EXPRESSION_PHRASE + { +- const char *name = strdup((*$1)->string); ++ const char *name = (*$1)->string; + struct string_list *expr = copy_list_range(*$3, *$2); + add_symbol(name, SYM_ENUM_CONST, expr, 0); + } +-- +2.39.5 + diff --git a/queue-6.6/hexagon-fix-unbalanced-spinlock-in-die.patch b/queue-6.6/hexagon-fix-unbalanced-spinlock-in-die.patch new file mode 100644 index 0000000000..3a2790efad --- /dev/null +++ b/queue-6.6/hexagon-fix-unbalanced-spinlock-in-die.patch @@ -0,0 +1,45 @@ +From 2b3cb45a4d21913971a29d160cb1d4bc4ff11cf4 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 22 May 2023 02:56:08 +0000 +Subject: hexagon: Fix unbalanced spinlock in die() + +From: Lin Yujun + +[ Upstream commit 03410e87563a122075c3721acc7d5510e41d8332 ] + +die executes holding the spinlock of &die.lock and unlock +it after printing the oops message. +However in the code if the notify_die() returns NOTIFY_STOP +, die() exit with returning 1 but never unlocked the spinlock. + +Fix this by adding spin_unlock_irq(&die.lock) before returning. + +Fixes: cf9750bae262 ("Hexagon: Provide basic debugging and system trap support.") +Signed-off-by: Lin Yujun +Link: https://lore.kernel.org/r/20230522025608.2515558-1-linyujun809@huawei.com +Signed-off-by: Brian Cain +Signed-off-by: Brian Cain +Signed-off-by: Sasha Levin +--- + arch/hexagon/kernel/traps.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/arch/hexagon/kernel/traps.c b/arch/hexagon/kernel/traps.c +index 6447763ce5a94..b7e394cebe20d 100644 +--- a/arch/hexagon/kernel/traps.c ++++ b/arch/hexagon/kernel/traps.c +@@ -195,8 +195,10 @@ int die(const char *str, struct pt_regs *regs, long err) + printk(KERN_EMERG "Oops: %s[#%d]:\n", str, ++die.counter); + + if (notify_die(DIE_OOPS, str, regs, err, pt_cause(regs), SIGSEGV) == +- NOTIFY_STOP) ++ NOTIFY_STOP) { ++ spin_unlock_irq(&die.lock); + return 1; ++ } + + print_modules(); + show_regs(regs); +-- +2.39.5 + diff --git a/queue-6.6/hexagon-fix-using-plain-integer-as-null-pointer-warn.patch b/queue-6.6/hexagon-fix-using-plain-integer-as-null-pointer-warn.patch new file mode 100644 index 0000000000..13e44ccfea --- /dev/null +++ b/queue-6.6/hexagon-fix-using-plain-integer-as-null-pointer-warn.patch @@ -0,0 +1,61 @@ +From 228845db4f3f6284719caee200f22c046a46cd8f Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 3 Dec 2024 17:17:34 -0500 +Subject: hexagon: fix using plain integer as NULL pointer warning in cmpxchg + +From: Willem de Bruijn + +[ Upstream commit 8a20030038742b9915c6d811a4e6c14b126cafb4 ] + +Sparse reports + + net/ipv4/inet_diag.c:1511:17: sparse: sparse: Using plain integer as NULL pointer + +Due to this code calling cmpxchg on a non-integer type +struct inet_diag_handler * + + return !cmpxchg((const struct inet_diag_handler**)&inet_diag_table[type], + NULL, h) ? 0 : -EEXIST; + +While hexagon's cmpxchg assigns an integer value to a variable of this +type. + + __typeof__(*(ptr)) __oldval = 0; + +Update this assignment to cast 0 to the correct type. + +The original issue is easily reproduced at head with the below block, +and is absent after this change. + + make LLVM=1 ARCH=hexagon defconfig + make C=1 LLVM=1 ARCH=hexagon net/ipv4/inet_diag.o + +Fixes: 99a70aa051d2 ("Hexagon: Add processor and system headers") +Reported-by: kernel test robot +Closes: https://lore.kernel.org/oe-kbuild-all/202411091538.PGSTqUBi-lkp@intel.com/ +Signed-off-by: Willem de Bruijn +Tested-by: Christian Gmeiner +Link: https://lore.kernel.org/r/20241203221736.282020-1-willemdebruijn.kernel@gmail.com +Signed-off-by: Brian Cain +Signed-off-by: Brian Cain +Signed-off-by: Sasha Levin +--- + arch/hexagon/include/asm/cmpxchg.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/arch/hexagon/include/asm/cmpxchg.h b/arch/hexagon/include/asm/cmpxchg.h +index bf6cf5579cf45..9c58fb81f7fd6 100644 +--- a/arch/hexagon/include/asm/cmpxchg.h ++++ b/arch/hexagon/include/asm/cmpxchg.h +@@ -56,7 +56,7 @@ __arch_xchg(unsigned long x, volatile void *ptr, int size) + __typeof__(ptr) __ptr = (ptr); \ + __typeof__(*(ptr)) __old = (old); \ + __typeof__(*(ptr)) __new = (new); \ +- __typeof__(*(ptr)) __oldval = 0; \ ++ __typeof__(*(ptr)) __oldval = (__typeof__(*(ptr))) 0; \ + \ + asm volatile( \ + "1: %0 = memw_locked(%1);\n" \ +-- +2.39.5 + diff --git a/queue-6.6/hostfs-convert-hostfs-to-use-the-new-mount-api.patch b/queue-6.6/hostfs-convert-hostfs-to-use-the-new-mount-api.patch new file mode 100644 index 0000000000..f1e4c6ca0a --- /dev/null +++ b/queue-6.6/hostfs-convert-hostfs-to-use-the-new-mount-api.patch @@ -0,0 +1,191 @@ +From 6f2433956e6ade80d59bd673d4062ec2c1bacc3e Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 30 May 2024 20:01:11 +0800 +Subject: hostfs: convert hostfs to use the new mount API + +From: Hongbo Li + +[ Upstream commit cd140ce9f611a5e9d2a5989a282b75e55c71dab3 ] + +Convert the hostfs filesystem to the new internal mount API as the old +one will be obsoleted and removed. This allows greater flexibility in +communication of mount parameters between userspace, the VFS and the +filesystem. + +See Documentation/filesystems/mount_api.txt for more information. + +Signed-off-by: Hongbo Li +Link: https://lore.kernel.org/r/20240530120111.3794664-1-lihongbo22@huawei.com +Signed-off-by: Christian Brauner +Stable-dep-of: 60a600243244 ("hostfs: fix string handling in __dentry_name()") +Signed-off-by: Sasha Levin +--- + fs/hostfs/hostfs_kern.c | 83 ++++++++++++++++++++++++++++++----------- + 1 file changed, 62 insertions(+), 21 deletions(-) + +diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c +index ff201753fd181..1fb8eacb9817f 100644 +--- a/fs/hostfs/hostfs_kern.c ++++ b/fs/hostfs/hostfs_kern.c +@@ -16,11 +16,16 @@ + #include + #include + #include ++#include + #include + #include "hostfs.h" + #include + #include + ++struct hostfs_fs_info { ++ char *host_root_path; ++}; ++ + struct hostfs_inode_info { + int fd; + fmode_t mode; +@@ -90,8 +95,10 @@ static char *__dentry_name(struct dentry *dentry, char *name) + char *p = dentry_path_raw(dentry, name, PATH_MAX); + char *root; + size_t len; ++ struct hostfs_fs_info *fsi; + +- root = dentry->d_sb->s_fs_info; ++ fsi = dentry->d_sb->s_fs_info; ++ root = fsi->host_root_path; + len = strlen(root); + if (IS_ERR(p)) { + __putname(name); +@@ -196,8 +203,10 @@ static int hostfs_statfs(struct dentry *dentry, struct kstatfs *sf) + long long f_bavail; + long long f_files; + long long f_ffree; ++ struct hostfs_fs_info *fsi; + +- err = do_statfs(dentry->d_sb->s_fs_info, ++ fsi = dentry->d_sb->s_fs_info; ++ err = do_statfs(fsi->host_root_path, + &sf->f_bsize, &f_blocks, &f_bfree, &f_bavail, &f_files, + &f_ffree, &sf->f_fsid, sizeof(sf->f_fsid), + &sf->f_namelen); +@@ -245,7 +254,11 @@ static void hostfs_free_inode(struct inode *inode) + + static int hostfs_show_options(struct seq_file *seq, struct dentry *root) + { +- const char *root_path = root->d_sb->s_fs_info; ++ struct hostfs_fs_info *fsi; ++ const char *root_path; ++ ++ fsi = root->d_sb->s_fs_info; ++ root_path = fsi->host_root_path; + size_t offset = strlen(root_ino) + 1; + + if (strlen(root_path) > offset) +@@ -924,10 +937,11 @@ static const struct inode_operations hostfs_link_iops = { + .get_link = hostfs_get_link, + }; + +-static int hostfs_fill_sb_common(struct super_block *sb, void *d, int silent) ++static int hostfs_fill_super(struct super_block *sb, struct fs_context *fc) + { ++ struct hostfs_fs_info *fsi = sb->s_fs_info; + struct inode *root_inode; +- char *host_root_path, *req_root = d; ++ char *host_root = fc->source; + int err; + + sb->s_blocksize = 1024; +@@ -941,15 +955,15 @@ static int hostfs_fill_sb_common(struct super_block *sb, void *d, int silent) + return err; + + /* NULL is printed as '(null)' by printf(): avoid that. */ +- if (req_root == NULL) +- req_root = ""; ++ if (fc->source == NULL) ++ host_root = ""; + +- sb->s_fs_info = host_root_path = +- kasprintf(GFP_KERNEL, "%s/%s", root_ino, req_root); +- if (host_root_path == NULL) ++ fsi->host_root_path = ++ kasprintf(GFP_KERNEL, "%s/%s", root_ino, host_root); ++ if (fsi->host_root_path == NULL) + return -ENOMEM; + +- root_inode = hostfs_iget(sb, host_root_path); ++ root_inode = hostfs_iget(sb, fsi->host_root_path); + if (IS_ERR(root_inode)) + return PTR_ERR(root_inode); + +@@ -957,7 +971,7 @@ static int hostfs_fill_sb_common(struct super_block *sb, void *d, int silent) + char *name; + + iput(root_inode); +- name = follow_link(host_root_path); ++ name = follow_link(fsi->host_root_path); + if (IS_ERR(name)) + return PTR_ERR(name); + +@@ -974,11 +988,38 @@ static int hostfs_fill_sb_common(struct super_block *sb, void *d, int silent) + return 0; + } + +-static struct dentry *hostfs_read_sb(struct file_system_type *type, +- int flags, const char *dev_name, +- void *data) ++static int hostfs_fc_get_tree(struct fs_context *fc) + { +- return mount_nodev(type, flags, data, hostfs_fill_sb_common); ++ return get_tree_nodev(fc, hostfs_fill_super); ++} ++ ++static void hostfs_fc_free(struct fs_context *fc) ++{ ++ struct hostfs_fs_info *fsi = fc->s_fs_info; ++ ++ if (!fsi) ++ return; ++ ++ kfree(fsi->host_root_path); ++ kfree(fsi); ++} ++ ++static const struct fs_context_operations hostfs_context_ops = { ++ .get_tree = hostfs_fc_get_tree, ++ .free = hostfs_fc_free, ++}; ++ ++static int hostfs_init_fs_context(struct fs_context *fc) ++{ ++ struct hostfs_fs_info *fsi; ++ ++ fsi = kzalloc(sizeof(*fsi), GFP_KERNEL); ++ if (!fsi) ++ return -ENOMEM; ++ ++ fc->s_fs_info = fsi; ++ fc->ops = &hostfs_context_ops; ++ return 0; + } + + static void hostfs_kill_sb(struct super_block *s) +@@ -988,11 +1029,11 @@ static void hostfs_kill_sb(struct super_block *s) + } + + static struct file_system_type hostfs_type = { +- .owner = THIS_MODULE, +- .name = "hostfs", +- .mount = hostfs_read_sb, +- .kill_sb = hostfs_kill_sb, +- .fs_flags = 0, ++ .owner = THIS_MODULE, ++ .name = "hostfs", ++ .init_fs_context = hostfs_init_fs_context, ++ .kill_sb = hostfs_kill_sb, ++ .fs_flags = 0, + }; + MODULE_ALIAS_FS("hostfs"); + +-- +2.39.5 + diff --git a/queue-6.6/hostfs-fix-string-handling-in-__dentry_name.patch b/queue-6.6/hostfs-fix-string-handling-in-__dentry_name.patch new file mode 100644 index 0000000000..c02145bab9 --- /dev/null +++ b/queue-6.6/hostfs-fix-string-handling-in-__dentry_name.patch @@ -0,0 +1,66 @@ +From 1e18f15bf61275644d405ffd49688ee561f6b8ac Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sat, 11 Jan 2025 01:37:44 -0500 +Subject: hostfs: fix string handling in __dentry_name() + +From: Al Viro + +[ Upstream commit 60a6002432448bb3f291d80768ae98d62efc9c77 ] + +strcpy() should not be used with destination potentially overlapping +the source; what's more, strscpy() in there is pointless - we already +know the amount we want to copy; might as well use memcpy(). + +Fixes: c278e81b8a02 "hostfs: Remove open coded strcpy()" +Signed-off-by: Al Viro +Signed-off-by: Sasha Levin +--- + fs/hostfs/hostfs_kern.c | 27 ++++++--------------------- + 1 file changed, 6 insertions(+), 21 deletions(-) + +diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c +index 1fb8eacb9817f..1efbcfa1f1f88 100644 +--- a/fs/hostfs/hostfs_kern.c ++++ b/fs/hostfs/hostfs_kern.c +@@ -93,32 +93,17 @@ __uml_setup("hostfs=", hostfs_args, + static char *__dentry_name(struct dentry *dentry, char *name) + { + char *p = dentry_path_raw(dentry, name, PATH_MAX); +- char *root; +- size_t len; +- struct hostfs_fs_info *fsi; +- +- fsi = dentry->d_sb->s_fs_info; +- root = fsi->host_root_path; +- len = strlen(root); +- if (IS_ERR(p)) { +- __putname(name); +- return NULL; +- } +- +- /* +- * This function relies on the fact that dentry_path_raw() will place +- * the path name at the end of the provided buffer. +- */ +- BUG_ON(p + strlen(p) + 1 != name + PATH_MAX); ++ struct hostfs_fs_info *fsi = dentry->d_sb->s_fs_info; ++ char *root = fsi->host_root_path; ++ size_t len = strlen(root); + +- strscpy(name, root, PATH_MAX); +- if (len > p - name) { ++ if (IS_ERR(p) || len > p - name) { + __putname(name); + return NULL; + } + +- if (p > name + len) +- strcpy(name + len, p); ++ memcpy(name, root, len); ++ memmove(name + len, p, name + PATH_MAX - p); + + return name; + } +-- +2.39.5 + diff --git a/queue-6.6/io_uring-uring_cmd-use-cached-cmd_op-in-io_uring_cmd.patch b/queue-6.6/io_uring-uring_cmd-use-cached-cmd_op-in-io_uring_cmd.patch new file mode 100644 index 0000000000..b026dcf29f --- /dev/null +++ b/queue-6.6/io_uring-uring_cmd-use-cached-cmd_op-in-io_uring_cmd.patch @@ -0,0 +1,38 @@ +From 0ecbb22c465f38820c8669be57b818064cd26243 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 22 Jan 2025 17:29:31 -0700 +Subject: io_uring/uring_cmd: use cached cmd_op in io_uring_cmd_sock() + +From: Jens Axboe + +[ Upstream commit d58d82bd0efd6c8edd452fc2f6c6dd052ec57cb2 ] + +io_uring_cmd_sock() does a normal read of cmd->sqe->cmd_op, where it +really should be using a READ_ONCE() as ->sqe may still be pointing to +the original SQE. Since the prep side already does this READ_ONCE() and +stores it locally, use that value rather than re-read it. + +Fixes: 8e9fad0e70b7b ("io_uring: Add io_uring command support for sockets") +Link: https://lore.kernel.org/r/20250121-uring-sockcmd-fix-v1-1-add742802a29@google.com +Signed-off-by: Jens Axboe +Signed-off-by: Sasha Levin +--- + io_uring/uring_cmd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/io_uring/uring_cmd.c b/io_uring/uring_cmd.c +index 5fa19861cda54..2cbd1c24414c6 100644 +--- a/io_uring/uring_cmd.c ++++ b/io_uring/uring_cmd.c +@@ -175,7 +175,7 @@ int io_uring_cmd_sock(struct io_uring_cmd *cmd, unsigned int issue_flags) + if (!prot || !prot->ioctl) + return -EOPNOTSUPP; + +- switch (cmd->sqe->cmd_op) { ++ switch (cmd->cmd_op) { + case SOCKET_URING_OP_SIOCINQ: + ret = prot->ioctl(sk, SIOCINQ, &arg); + if (ret) +-- +2.39.5 + diff --git a/queue-6.6/kconfig-deduplicate-code-in-conf_read_simple.patch b/queue-6.6/kconfig-deduplicate-code-in-conf_read_simple.patch new file mode 100644 index 0000000000..b6fe6d2301 --- /dev/null +++ b/queue-6.6/kconfig-deduplicate-code-in-conf_read_simple.patch @@ -0,0 +1,159 @@ +From d61680ed85b20701f5d0f61c189764c2be32e8c2 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sat, 18 Nov 2023 16:59:09 +0900 +Subject: kconfig: deduplicate code in conf_read_simple() + +From: Masahiro Yamada + +[ Upstream commit d854b4b21de684a16a7d6163c7b0e9c5ff8a09d3 ] + +Kconfig accepts both "# CONFIG_FOO is not set" and "CONFIG_FOO=n" as +a valid input, but conf_read_simple() duplicates similar code to handle +them. Factor out the common code. + +Signed-off-by: Masahiro Yamada +Stable-dep-of: a409fc1463d6 ("kconfig: fix memory leak in sym_warn_unmet_dep()") +Signed-off-by: Sasha Levin +--- + scripts/kconfig/confdata.c | 89 +++++++++++++++----------------------- + 1 file changed, 35 insertions(+), 54 deletions(-) + +diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c +index 21a65ffe7c3db..7e799060b6fe2 100644 +--- a/scripts/kconfig/confdata.c ++++ b/scripts/kconfig/confdata.c +@@ -346,11 +346,10 @@ int conf_read_simple(const char *name, int def) + FILE *in = NULL; + char *line = NULL; + size_t line_asize = 0; +- char *p, *p2; ++ char *p, *p2, *val; + struct symbol *sym; + int i, def_flags; +- const char *warn_unknown; +- const char *werror; ++ const char *warn_unknown, *werror, *sym_name; + + warn_unknown = getenv("KCONFIG_WARN_UNKNOWN_SYMBOLS"); + werror = getenv("KCONFIG_WERROR"); +@@ -430,77 +429,34 @@ int conf_read_simple(const char *name, int def) + + while (compat_getline(&line, &line_asize, in) != -1) { + conf_lineno++; +- sym = NULL; + if (line[0] == '#') { + if (line[1] != ' ') + continue; +- if (memcmp(line + 2, CONFIG_, strlen(CONFIG_))) ++ p = line + 2; ++ if (memcmp(p, CONFIG_, strlen(CONFIG_))) + continue; +- p = strchr(line + 2 + strlen(CONFIG_), ' '); ++ sym_name = p + strlen(CONFIG_); ++ p = strchr(sym_name, ' '); + if (!p) + continue; + *p++ = 0; + if (strncmp(p, "is not set", 10)) + continue; + +- sym = sym_find(line + 2 + strlen(CONFIG_)); +- if (!sym) { +- if (warn_unknown) +- conf_warning("unknown symbol: %s", +- line + 2 + strlen(CONFIG_)); +- +- conf_set_changed(true); +- continue; +- } +- if (sym->flags & def_flags) { +- conf_warning("override: reassigning to symbol %s", sym->name); +- } +- switch (sym->type) { +- case S_BOOLEAN: +- case S_TRISTATE: +- sym->def[def].tri = no; +- sym->flags |= def_flags; +- break; +- default: +- ; +- } ++ val = "n"; + } else if (memcmp(line, CONFIG_, strlen(CONFIG_)) == 0) { +- p = strchr(line + strlen(CONFIG_), '='); ++ sym_name = line + strlen(CONFIG_); ++ p = strchr(sym_name, '='); + if (!p) + continue; + *p++ = 0; ++ val = p; + p2 = strchr(p, '\n'); + if (p2) { + *p2-- = 0; + if (*p2 == '\r') + *p2 = 0; + } +- +- sym = sym_find(line + strlen(CONFIG_)); +- if (!sym) { +- if (def == S_DEF_AUTO) { +- /* +- * Reading from include/config/auto.conf +- * If CONFIG_FOO previously existed in +- * auto.conf but it is missing now, +- * include/config/FOO must be touched. +- */ +- conf_touch_dep(line + strlen(CONFIG_)); +- } else { +- if (warn_unknown) +- conf_warning("unknown symbol: %s", +- line + strlen(CONFIG_)); +- +- conf_set_changed(true); +- } +- continue; +- } +- +- if (sym->flags & def_flags) { +- conf_warning("override: reassigning to symbol %s", sym->name); +- } +- if (conf_set_sym_val(sym, def, def_flags, p)) +- continue; + } else { + if (line[0] != '\r' && line[0] != '\n') + conf_warning("unexpected data: %.*s", +@@ -509,6 +465,31 @@ int conf_read_simple(const char *name, int def) + continue; + } + ++ sym = sym_find(sym_name); ++ if (!sym) { ++ if (def == S_DEF_AUTO) { ++ /* ++ * Reading from include/config/auto.conf. ++ * If CONFIG_FOO previously existed in auto.conf ++ * but it is missing now, include/config/FOO ++ * must be touched. ++ */ ++ conf_touch_dep(sym_name); ++ } else { ++ if (warn_unknown) ++ conf_warning("unknown symbol: %s", sym_name); ++ ++ conf_set_changed(true); ++ } ++ continue; ++ } ++ ++ if (sym->flags & def_flags) ++ conf_warning("override: reassigning to symbol %s", sym->name); ++ ++ if (conf_set_sym_val(sym, def, def_flags, val)) ++ continue; ++ + if (sym && sym_is_choice_value(sym)) { + struct symbol *cs = prop_get_symbol(sym_get_choice_prop(sym)); + switch (sym->def[def].tri) { +-- +2.39.5 + diff --git a/queue-6.6/kconfig-fix-file-name-in-warnings-when-loading-kconf.patch b/queue-6.6/kconfig-fix-file-name-in-warnings-when-loading-kconf.patch new file mode 100644 index 0000000000..779c70c644 --- /dev/null +++ b/queue-6.6/kconfig-fix-file-name-in-warnings-when-loading-kconf.patch @@ -0,0 +1,74 @@ +From 6a77b8555b6947c40da00a8fb5a45a57f4c847c7 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 20 Jan 2025 16:59:14 +0900 +Subject: kconfig: fix file name in warnings when loading + KCONFIG_DEFCONFIG_LIST + +From: Masahiro Yamada + +[ Upstream commit a314f52a0210730d0d556de76bb7388e76d4597d ] + +Most 'make *config' commands use .config as the base configuration file. + +When .config does not exist, Kconfig tries to load a file listed in +KCONFIG_DEFCONFIG_LIST instead. + +However, since commit b75b0a819af9 ("kconfig: change defconfig_list +option to environment variable"), warning messages have displayed an +incorrect file name in such cases. + +Below is a demonstration using Debian Trixie. While loading +/boot/config-6.12.9-amd64, the warning messages incorrectly show .config +as the file name. + +With this commit, the correct file name is displayed in warnings. + +[Before] + + $ rm -f .config + $ make config + # + # using defaults found in /boot/config-6.12.9-amd64 + # + .config:6804:warning: symbol value 'm' invalid for FB_BACKLIGHT + .config:9895:warning: symbol value 'm' invalid for ANDROID_BINDER_IPC + +[After] + + $ rm -f .config + $ make config + # + # using defaults found in /boot/config-6.12.9-amd64 + # + /boot/config-6.12.9-amd64:6804:warning: symbol value 'm' invalid for FB_BACKLIGHT + /boot/config-6.12.9-amd64:9895:warning: symbol value 'm' invalid for ANDROID_BINDER_IPC + +Fixes: b75b0a819af9 ("kconfig: change defconfig_list option to environment variable") +Signed-off-by: Masahiro Yamada +Signed-off-by: Sasha Levin +--- + scripts/kconfig/confdata.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c +index 4a6811d77d182..02ac250b8fe9e 100644 +--- a/scripts/kconfig/confdata.c ++++ b/scripts/kconfig/confdata.c +@@ -386,10 +386,12 @@ int conf_read_simple(const char *name, int def) + + *p = '\0'; + +- in = zconf_fopen(env); ++ name = env; ++ ++ in = zconf_fopen(name); + if (in) { + conf_message("using defaults found in %s", +- env); ++ name); + goto load; + } + +-- +2.39.5 + diff --git a/queue-6.6/kconfig-fix-memory-leak-in-sym_warn_unmet_dep.patch b/queue-6.6/kconfig-fix-memory-leak-in-sym_warn_unmet_dep.patch new file mode 100644 index 0000000000..dc387eaf77 --- /dev/null +++ b/queue-6.6/kconfig-fix-memory-leak-in-sym_warn_unmet_dep.patch @@ -0,0 +1,35 @@ +From 96e47934a3ed93426e4510aae7f99ff4e3f141d7 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Mon, 20 Jan 2025 17:10:31 +0900 +Subject: kconfig: fix memory leak in sym_warn_unmet_dep() + +From: Masahiro Yamada + +[ Upstream commit a409fc1463d664002ea9bf700ae4674df03de111 ] + +The string allocated in sym_warn_unmet_dep() is never freed, leading +to a memory leak when an unmet dependency is detected. + +Fixes: f8f69dc0b4e0 ("kconfig: make unmet dependency warnings readable") +Signed-off-by: Masahiro Yamada +Reviewed-by: Petr Vorel +Signed-off-by: Sasha Levin +--- + scripts/kconfig/symbol.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/scripts/kconfig/symbol.c b/scripts/kconfig/symbol.c +index 758c42621f7a1..1c0306c9d74e2 100644 +--- a/scripts/kconfig/symbol.c ++++ b/scripts/kconfig/symbol.c +@@ -321,6 +321,7 @@ static void sym_warn_unmet_dep(struct symbol *sym) + " Selected by [m]:\n"); + + fputs(str_get(&gs), stderr); ++ str_free(&gs); + sym_warnings++; + } + +-- +2.39.5 + diff --git a/queue-6.6/kconfig-remove-unused-code-for-s_def_auto-in-conf_re.patch b/queue-6.6/kconfig-remove-unused-code-for-s_def_auto-in-conf_re.patch new file mode 100644 index 0000000000..8638f27750 --- /dev/null +++ b/queue-6.6/kconfig-remove-unused-code-for-s_def_auto-in-conf_re.patch @@ -0,0 +1,57 @@ +From be927836f1f0d1279185721b7ed7910cbe3df017 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sat, 18 Nov 2023 16:59:08 +0900 +Subject: kconfig: remove unused code for S_DEF_AUTO in conf_read_simple() + +From: Masahiro Yamada + +[ Upstream commit 92d4fe0a48f1ab6cf20143dd0b376f4fe842854b ] + +The 'else' arm here is unreachable in practical use cases. + +include/config/auto.conf does not include "# CONFIG_... is not set" +line unless it is manually hacked. + +Signed-off-by: Masahiro Yamada +Stable-dep-of: a409fc1463d6 ("kconfig: fix memory leak in sym_warn_unmet_dep()") +Signed-off-by: Sasha Levin +--- + scripts/kconfig/confdata.c | 21 ++++++++------------- + 1 file changed, 8 insertions(+), 13 deletions(-) + +diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c +index 8694ab1e04067..21a65ffe7c3db 100644 +--- a/scripts/kconfig/confdata.c ++++ b/scripts/kconfig/confdata.c +@@ -442,20 +442,15 @@ int conf_read_simple(const char *name, int def) + *p++ = 0; + if (strncmp(p, "is not set", 10)) + continue; +- if (def == S_DEF_USER) { +- sym = sym_find(line + 2 + strlen(CONFIG_)); +- if (!sym) { +- if (warn_unknown) +- conf_warning("unknown symbol: %s", +- line + 2 + strlen(CONFIG_)); + +- conf_set_changed(true); +- continue; +- } +- } else { +- sym = sym_lookup(line + 2 + strlen(CONFIG_), 0); +- if (sym->type == S_UNKNOWN) +- sym->type = S_BOOLEAN; ++ sym = sym_find(line + 2 + strlen(CONFIG_)); ++ if (!sym) { ++ if (warn_unknown) ++ conf_warning("unknown symbol: %s", ++ line + 2 + strlen(CONFIG_)); ++ ++ conf_set_changed(true); ++ continue; + } + if (sym->flags & def_flags) { + conf_warning("override: reassigning to symbol %s", sym->name); +-- +2.39.5 + diff --git a/queue-6.6/kconfig-require-a-space-after-for-valid-input.patch b/queue-6.6/kconfig-require-a-space-after-for-valid-input.patch new file mode 100644 index 0000000000..6440e41b56 --- /dev/null +++ b/queue-6.6/kconfig-require-a-space-after-for-valid-input.patch @@ -0,0 +1,45 @@ +From c3dd1cb5b9cd695edcdd44bc8bd529799b482f87 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sat, 18 Nov 2023 16:59:07 +0900 +Subject: kconfig: require a space after '#' for valid input + +From: Masahiro Yamada + +[ Upstream commit 4d137ab0107ead0f2590fc0314e627431e3b9e3f ] + +Currently, when an input line starts with '#', (line + 2) is passed to +memcmp() without checking line[1]. + +It means that line[1] can be any arbitrary character. For example, +"#KCONFIG_FOO is not set" is accepted as valid input, functioning the +same as "# CONFIG_FOO is not set". + +More importantly, this can potentially lead to a buffer overrun if +line[1] == '\0'. It occurs if the input only contains '#', as +(line + 2) points to an uninitialized buffer. + +Check line[1], and skip the line if it is not a space. + +Signed-off-by: Masahiro Yamada +Stable-dep-of: a409fc1463d6 ("kconfig: fix memory leak in sym_warn_unmet_dep()") +Signed-off-by: Sasha Levin +--- + scripts/kconfig/confdata.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c +index 02ac250b8fe9e..8694ab1e04067 100644 +--- a/scripts/kconfig/confdata.c ++++ b/scripts/kconfig/confdata.c +@@ -432,6 +432,8 @@ int conf_read_simple(const char *name, int def) + conf_lineno++; + sym = NULL; + if (line[0] == '#') { ++ if (line[1] != ' ') ++ continue; + if (memcmp(line + 2, CONFIG_, strlen(CONFIG_))) + continue; + p = strchr(line + 2 + strlen(CONFIG_), ' '); +-- +2.39.5 + diff --git a/queue-6.6/kconfig-werror-unmet-symbol-dependency.patch b/queue-6.6/kconfig-werror-unmet-symbol-dependency.patch new file mode 100644 index 0000000000..85655ac70b --- /dev/null +++ b/queue-6.6/kconfig-werror-unmet-symbol-dependency.patch @@ -0,0 +1,138 @@ +From e29a400a9b98350da19fb645895fd153185a5cdc Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 22 Nov 2023 12:47:45 +0900 +Subject: kconfig: WERROR unmet symbol dependency + +From: Sergey Senozhatsky + +[ Upstream commit 15d3f7664d2776c086f813f1efbfe2ae20a85e89 ] + +When KCONFIG_WERROR env variable is set treat unmet direct +symbol dependency as a terminal condition (error). + +Suggested-by: Stefan Reinauer +Signed-off-by: Sergey Senozhatsky +Signed-off-by: Masahiro Yamada +Stable-dep-of: a409fc1463d6 ("kconfig: fix memory leak in sym_warn_unmet_dep()") +Signed-off-by: Sasha Levin +--- + scripts/kconfig/conf.c | 6 ++++++ + scripts/kconfig/confdata.c | 13 ++++++++----- + scripts/kconfig/lkc_proto.h | 2 ++ + scripts/kconfig/symbol.c | 9 +++++++++ + 4 files changed, 25 insertions(+), 5 deletions(-) + +diff --git a/scripts/kconfig/conf.c b/scripts/kconfig/conf.c +index 33d19e419908b..662a5e7c37c28 100644 +--- a/scripts/kconfig/conf.c ++++ b/scripts/kconfig/conf.c +@@ -827,6 +827,9 @@ int main(int ac, char **av) + break; + } + ++ if (conf_errors()) ++ exit(1); ++ + if (sync_kconfig) { + name = getenv("KCONFIG_NOSILENTUPDATE"); + if (name && *name) { +@@ -890,6 +893,9 @@ int main(int ac, char **av) + break; + } + ++ if (sym_dep_errors()) ++ exit(1); ++ + if (input_mode == savedefconfig) { + if (conf_write_defconfig(defconfig_file)) { + fprintf(stderr, "n*** Error while saving defconfig to: %s\n\n", +diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c +index 7e799060b6fe2..f214e8d3762e0 100644 +--- a/scripts/kconfig/confdata.c ++++ b/scripts/kconfig/confdata.c +@@ -155,6 +155,13 @@ static void conf_message(const char *fmt, ...) + static const char *conf_filename; + static int conf_lineno, conf_warnings; + ++bool conf_errors(void) ++{ ++ if (conf_warnings) ++ return getenv("KCONFIG_WERROR"); ++ return false; ++} ++ + static void conf_warning(const char *fmt, ...) + { + va_list ap; +@@ -349,10 +356,9 @@ int conf_read_simple(const char *name, int def) + char *p, *p2, *val; + struct symbol *sym; + int i, def_flags; +- const char *warn_unknown, *werror, *sym_name; ++ const char *warn_unknown, *sym_name; + + warn_unknown = getenv("KCONFIG_WARN_UNKNOWN_SYMBOLS"); +- werror = getenv("KCONFIG_WERROR"); + if (name) { + in = zconf_fopen(name); + } else { +@@ -513,9 +519,6 @@ int conf_read_simple(const char *name, int def) + free(line); + fclose(in); + +- if (conf_warnings && werror) +- exit(1); +- + return 0; + } + +diff --git a/scripts/kconfig/lkc_proto.h b/scripts/kconfig/lkc_proto.h +index edd1e617b25c5..e4931bde7ca76 100644 +--- a/scripts/kconfig/lkc_proto.h ++++ b/scripts/kconfig/lkc_proto.h +@@ -12,6 +12,7 @@ void conf_set_changed(bool val); + bool conf_get_changed(void); + void conf_set_changed_callback(void (*fn)(void)); + void conf_set_message_callback(void (*fn)(const char *s)); ++bool conf_errors(void); + + /* symbol.c */ + extern struct symbol * symbol_hash[SYMBOL_HASHSIZE]; +@@ -22,6 +23,7 @@ void print_symbol_for_listconfig(struct symbol *sym); + struct symbol ** sym_re_search(const char *pattern); + const char * sym_type_name(enum symbol_type type); + void sym_calc_value(struct symbol *sym); ++bool sym_dep_errors(void); + enum symbol_type sym_get_type(struct symbol *sym); + bool sym_tristate_within_range(struct symbol *sym,tristate tri); + bool sym_set_tristate_value(struct symbol *sym,tristate tri); +diff --git a/scripts/kconfig/symbol.c b/scripts/kconfig/symbol.c +index 7b1df55b01767..758c42621f7a1 100644 +--- a/scripts/kconfig/symbol.c ++++ b/scripts/kconfig/symbol.c +@@ -40,6 +40,7 @@ static struct symbol symbol_empty = { + + struct symbol *modules_sym; + static tristate modules_val; ++static int sym_warnings; + + enum symbol_type sym_get_type(struct symbol *sym) + { +@@ -320,6 +321,14 @@ static void sym_warn_unmet_dep(struct symbol *sym) + " Selected by [m]:\n"); + + fputs(str_get(&gs), stderr); ++ sym_warnings++; ++} ++ ++bool sym_dep_errors(void) ++{ ++ if (sym_warnings) ++ return getenv("KCONFIG_WERROR"); ++ return false; + } + + void sym_calc_value(struct symbol *sym) +-- +2.39.5 + diff --git a/queue-6.6/risc-v-mark-riscv_v_init-as-__init.patch b/queue-6.6/risc-v-mark-riscv_v_init-as-__init.patch new file mode 100644 index 0000000000..0b79cd105b --- /dev/null +++ b/queue-6.6/risc-v-mark-riscv_v_init-as-__init.patch @@ -0,0 +1,38 @@ +From 4b1c2a60afdc9c122dc95adcfd755d37e7a90914 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 15 Jan 2025 10:02:51 -0800 +Subject: RISC-V: Mark riscv_v_init() as __init + +From: Palmer Dabbelt + +[ Upstream commit 9d87cf525fd2e1a5fcbbb40ee3df216d1d266c88 ] + +This trips up with Xtheadvector enabled, but as far as I can tell it's +just been an issue since the original patchset. + +Fixes: 7ca7a7b9b635 ("riscv: Add sysctl to set the default vector rule for new processes") +Reviewed-by: Charlie Jenkins +Tested-by: Charlie Jenkins +Link: https://lore.kernel.org/r/20250115180251.31444-1-palmer@rivosinc.com +Signed-off-by: Palmer Dabbelt +Signed-off-by: Sasha Levin +--- + arch/riscv/kernel/vector.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/arch/riscv/kernel/vector.c b/arch/riscv/kernel/vector.c +index 8d92fb6c522cc..81886fc36ed6a 100644 +--- a/arch/riscv/kernel/vector.c ++++ b/arch/riscv/kernel/vector.c +@@ -270,7 +270,7 @@ static int __init riscv_v_sysctl_init(void) + static int __init riscv_v_sysctl_init(void) { return 0; } + #endif /* ! CONFIG_SYSCTL */ + +-static int riscv_v_init(void) ++static int __init riscv_v_init(void) + { + return riscv_v_sysctl_init(); + } +-- +2.39.5 + diff --git a/queue-6.6/series b/queue-6.6/series index 68c31489b5..bcc076d9b7 100644 --- a/queue-6.6/series +++ b/queue-6.6/series @@ -353,3 +353,20 @@ tcp-correct-handling-of-extreme-memory-squeeze.patch net-xdp-disallow-attaching-device-bound-programs-in-.patch net-sh_eth-fix-missing-rtnl-lock-in-suspend-resume-p.patch net-hsr-fix-fill_frame_info-regression-vs-vlan-packe.patch +genksyms-fix-memory-leak-when-the-same-symbol-is-add.patch +genksyms-fix-memory-leak-when-the-same-symbol-is-rea.patch +hostfs-convert-hostfs-to-use-the-new-mount-api.patch +hostfs-fix-string-handling-in-__dentry_name.patch +risc-v-mark-riscv_v_init-as-__init.patch +asoc-rockchip-i2s_tdm-re-add-the-set_sysclk-callback.patch +io_uring-uring_cmd-use-cached-cmd_op-in-io_uring_cmd.patch +cifs-validate-eas-for-wsl-reparse-points.patch +cifs-fix-getting-and-setting-sacls-over-smb1.patch +kconfig-fix-file-name-in-warnings-when-loading-kconf.patch +kconfig-require-a-space-after-for-valid-input.patch +kconfig-remove-unused-code-for-s_def_auto-in-conf_re.patch +kconfig-deduplicate-code-in-conf_read_simple.patch +kconfig-werror-unmet-symbol-dependency.patch +kconfig-fix-memory-leak-in-sym_warn_unmet_dep.patch +hexagon-fix-using-plain-integer-as-null-pointer-warn.patch +hexagon-fix-unbalanced-spinlock-in-die.patch