From: Sasha Levin Date: Sat, 9 Nov 2024 11:37:21 +0000 (-0500) Subject: Fixes for 6.6 X-Git-Tag: v5.15.172~75 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=af1b33e7bd314d94131350de25a0e74da8fa1cb5;p=thirdparty%2Fkernel%2Fstable-queue.git Fixes for 6.6 Signed-off-by: Sasha Levin --- diff --git a/queue-6.6/alsa-firewire-lib-fix-return-value-on-fail-in-amdtp_.patch b/queue-6.6/alsa-firewire-lib-fix-return-value-on-fail-in-amdtp_.patch new file mode 100644 index 00000000000..80d3790a29a --- /dev/null +++ b/queue-6.6/alsa-firewire-lib-fix-return-value-on-fail-in-amdtp_.patch @@ -0,0 +1,41 @@ +From 967e04fc4ce868f04a261d6b8f8fc7447305b6d2 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 1 Nov 2024 21:55:13 +0300 +Subject: ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() + +From: Murad Masimov + +[ Upstream commit 8abbf1f01d6a2ef9f911f793e30f7382154b5a3a ] + +If amdtp_stream_init() fails in amdtp_tscm_init(), the latter returns zero, +though it's supposed to return error code, which is checked inside +init_stream() in file tascam-stream.c. + +Found by Linux Verification Center (linuxtesting.org) with SVACE. + +Fixes: 47faeea25ef3 ("ALSA: firewire-tascam: add data block processing layer") +Signed-off-by: Murad Masimov +Reviewed-by: Takashi Sakamoto +Signed-off-by: Takashi Iwai +Link: https://patch.msgid.link/20241101185517.1819-1-m.masimov@maxima.ru +Signed-off-by: Sasha Levin +--- + sound/firewire/tascam/amdtp-tascam.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sound/firewire/tascam/amdtp-tascam.c b/sound/firewire/tascam/amdtp-tascam.c +index 0b42d65590081..079afa4bd3811 100644 +--- a/sound/firewire/tascam/amdtp-tascam.c ++++ b/sound/firewire/tascam/amdtp-tascam.c +@@ -238,7 +238,7 @@ int amdtp_tscm_init(struct amdtp_stream *s, struct fw_unit *unit, + err = amdtp_stream_init(s, unit, dir, flags, fmt, + process_ctx_payloads, sizeof(struct amdtp_tscm)); + if (err < 0) +- return 0; ++ return err; + + if (dir == AMDTP_OUT_STREAM) { + // Use fixed value for FDF field. +-- +2.43.0 + diff --git a/queue-6.6/asoc-sof-sof-client-probes-ipc4-set-param_size-exten.patch b/queue-6.6/asoc-sof-sof-client-probes-ipc4-set-param_size-exten.patch new file mode 100644 index 00000000000..0f7efc4bb73 --- /dev/null +++ b/queue-6.6/asoc-sof-sof-client-probes-ipc4-set-param_size-exten.patch @@ -0,0 +1,46 @@ +From 994c30498091b0b5dfb7704e506118408ea2a1e2 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Thu, 7 Nov 2024 15:28:40 +0200 +Subject: ASoC: SOF: sof-client-probes-ipc4: Set param_size extension bits + +From: Jyri Sarha + +[ Upstream commit 48b86532c10128cf50c854a90c2d5b1410f4012d ] + +Write the size of the optional payload of SOF_IPC4_MOD_INIT_INSTANCE +message to extension param_size-bits. + +The previous IPC4 version does not set these bits that should indicate +the size of the optional payload (struct sof_ipc4_probe_cfg). The old +firmware side component code works well without these bits, but when +the probes are converted to use the generic module API, this does not +work anymore. + +Fixes: f5623593060f ("ASoC: SOF: IPC4: probes: Implement IPC4 ops for probes client device") +Signed-off-by: Jyri Sarha +Reviewed-by: Ranjani Sridharan +Reviewed-by: Liam Girdwood +Reviewed-by: Bard Liao +Signed-off-by: Peter Ujfalusi +Link: https://patch.msgid.link/20241107132840.17386-1-peter.ujfalusi@linux.intel.com +Signed-off-by: Mark Brown +Signed-off-by: Sasha Levin +--- + sound/soc/sof/sof-client-probes-ipc4.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/sound/soc/sof/sof-client-probes-ipc4.c b/sound/soc/sof/sof-client-probes-ipc4.c +index c56a85854d92c..07bb143823d77 100644 +--- a/sound/soc/sof/sof-client-probes-ipc4.c ++++ b/sound/soc/sof/sof-client-probes-ipc4.c +@@ -125,6 +125,7 @@ static int ipc4_probes_init(struct sof_client_dev *cdev, u32 stream_tag, + msg.primary |= SOF_IPC4_MSG_TARGET(SOF_IPC4_MODULE_MSG); + msg.extension = SOF_IPC4_MOD_EXT_DST_MOD_INSTANCE(INVALID_PIPELINE_ID); + msg.extension |= SOF_IPC4_MOD_EXT_CORE_ID(0); ++ msg.extension |= SOF_IPC4_MOD_EXT_PARAM_SIZE(sizeof(cfg) / sizeof(uint32_t)); + + msg.data_size = sizeof(cfg); + msg.data_ptr = &cfg; +-- +2.43.0 + diff --git a/queue-6.6/asoc-stm32-spdifrx-fix-dma-channel-release-in-stm32_.patch b/queue-6.6/asoc-stm32-spdifrx-fix-dma-channel-release-in-stm32_.patch new file mode 100644 index 00000000000..ba603381480 --- /dev/null +++ b/queue-6.6/asoc-stm32-spdifrx-fix-dma-channel-release-in-stm32_.patch @@ -0,0 +1,49 @@ +From 1e7fdcc1dc38156ee1c7df75edf1157f3afe750a Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 5 Nov 2024 15:02:42 +0100 +Subject: ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove + +From: Amelie Delaunay + +[ Upstream commit 9bb4af400c386374ab1047df44c508512c08c31f ] + +In case of error when requesting ctrl_chan DMA channel, ctrl_chan is not +null. So the release of the dma channel leads to the following issue: +[ 4.879000] st,stm32-spdifrx 500d0000.audio-controller: +dma_request_slave_channel error -19 +[ 4.888975] Unable to handle kernel NULL pointer dereference +at virtual address 000000000000003d +[...] +[ 5.096577] Call trace: +[ 5.099099] dma_release_channel+0x24/0x100 +[ 5.103235] stm32_spdifrx_remove+0x24/0x60 [snd_soc_stm32_spdifrx] +[ 5.109494] stm32_spdifrx_probe+0x320/0x4c4 [snd_soc_stm32_spdifrx] + +To avoid this issue, release channel only if the pointer is valid. + +Fixes: 794df9448edb ("ASoC: stm32: spdifrx: manage rebind issue") +Signed-off-by: Amelie Delaunay +Signed-off-by: Olivier Moysan +Link: https://patch.msgid.link/20241105140242.527279-1-olivier.moysan@foss.st.com +Signed-off-by: Mark Brown +Signed-off-by: Sasha Levin +--- + sound/soc/stm/stm32_spdifrx.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sound/soc/stm/stm32_spdifrx.c b/sound/soc/stm/stm32_spdifrx.c +index a359b528b26b7..4e17909d21267 100644 +--- a/sound/soc/stm/stm32_spdifrx.c ++++ b/sound/soc/stm/stm32_spdifrx.c +@@ -943,7 +943,7 @@ static void stm32_spdifrx_remove(struct platform_device *pdev) + { + struct stm32_spdifrx_data *spdifrx = platform_get_drvdata(pdev); + +- if (spdifrx->ctrl_chan) ++ if (!IS_ERR(spdifrx->ctrl_chan)) + dma_release_channel(spdifrx->ctrl_chan); + + if (spdifrx->dmab) +-- +2.43.0 + diff --git a/queue-6.6/media-adv7604-prevent-underflow-condition-when-repor.patch b/queue-6.6/media-adv7604-prevent-underflow-condition-when-repor.patch new file mode 100644 index 00000000000..27e1550fe85 --- /dev/null +++ b/queue-6.6/media-adv7604-prevent-underflow-condition-when-repor.patch @@ -0,0 +1,74 @@ +From 60393a775f66510ae55d81c048e33f5a7354b49c Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 15 Oct 2024 12:25:09 +0200 +Subject: media: adv7604: prevent underflow condition when reporting colorspace + +From: Mauro Carvalho Chehab + +[ Upstream commit 50b9fa751d1aef5d262bde871c70a7f44262f0bc ] + +Currently, adv76xx_log_status() reads some date using +io_read() which may return negative values. The current logic +doesn't check such errors, causing colorspace to be reported +on a wrong way at adv76xx_log_status(), as reported by Coverity. + +If I/O error happens there, print a different message, instead +of reporting bogus messages to userspace. + +Fixes: 54450f591c99 ("[media] adv7604: driver for the Analog Devices ADV7604 video decoder") +Signed-off-by: Mauro Carvalho Chehab +Reviewed-by: Hans Verkuil +Signed-off-by: Sasha Levin +--- + drivers/media/i2c/adv7604.c | 26 +++++++++++++++++--------- + 1 file changed, 17 insertions(+), 9 deletions(-) + +diff --git a/drivers/media/i2c/adv7604.c b/drivers/media/i2c/adv7604.c +index b202a85fbeaa0..d1609bd8f0485 100644 +--- a/drivers/media/i2c/adv7604.c ++++ b/drivers/media/i2c/adv7604.c +@@ -2519,10 +2519,10 @@ static int adv76xx_log_status(struct v4l2_subdev *sd) + const struct adv76xx_chip_info *info = state->info; + struct v4l2_dv_timings timings; + struct stdi_readback stdi; +- u8 reg_io_0x02 = io_read(sd, 0x02); ++ int ret; ++ u8 reg_io_0x02; + u8 edid_enabled; + u8 cable_det; +- + static const char * const csc_coeff_sel_rb[16] = { + "bypassed", "YPbPr601 -> RGB", "reserved", "YPbPr709 -> RGB", + "reserved", "RGB -> YPbPr601", "reserved", "RGB -> YPbPr709", +@@ -2621,13 +2621,21 @@ static int adv76xx_log_status(struct v4l2_subdev *sd) + v4l2_info(sd, "-----Color space-----\n"); + v4l2_info(sd, "RGB quantization range ctrl: %s\n", + rgb_quantization_range_txt[state->rgb_quantization_range]); +- v4l2_info(sd, "Input color space: %s\n", +- input_color_space_txt[reg_io_0x02 >> 4]); +- v4l2_info(sd, "Output color space: %s %s, alt-gamma %s\n", +- (reg_io_0x02 & 0x02) ? "RGB" : "YCbCr", +- (((reg_io_0x02 >> 2) & 0x01) ^ (reg_io_0x02 & 0x01)) ? +- "(16-235)" : "(0-255)", +- (reg_io_0x02 & 0x08) ? "enabled" : "disabled"); ++ ++ ret = io_read(sd, 0x02); ++ if (ret < 0) { ++ v4l2_info(sd, "Can't read Input/Output color space\n"); ++ } else { ++ reg_io_0x02 = ret; ++ ++ v4l2_info(sd, "Input color space: %s\n", ++ input_color_space_txt[reg_io_0x02 >> 4]); ++ v4l2_info(sd, "Output color space: %s %s, alt-gamma %s\n", ++ (reg_io_0x02 & 0x02) ? "RGB" : "YCbCr", ++ (((reg_io_0x02 >> 2) & 0x01) ^ (reg_io_0x02 & 0x01)) ? ++ "(16-235)" : "(0-255)", ++ (reg_io_0x02 & 0x08) ? "enabled" : "disabled"); ++ } + v4l2_info(sd, "Color space conversion: %s\n", + csc_coeff_sel_rb[cp_read(sd, info->cp_csc) >> 4]); + +-- +2.43.0 + diff --git a/queue-6.6/media-dvb_frontend-don-t-play-tricks-with-underflow-.patch b/queue-6.6/media-dvb_frontend-don-t-play-tricks-with-underflow-.patch new file mode 100644 index 00000000000..c0cdb4a4f63 --- /dev/null +++ b/queue-6.6/media-dvb_frontend-don-t-play-tricks-with-underflow-.patch @@ -0,0 +1,44 @@ +From 971596dcc45873cd92018e461e0ba401ddc0ca45 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 15 Oct 2024 16:05:16 +0200 +Subject: media: dvb_frontend: don't play tricks with underflow values + +From: Mauro Carvalho Chehab + +[ Upstream commit 9883a4d41aba7612644e9bb807b971247cea9b9d ] + +fepriv->auto_sub_step is unsigned. Setting it to -1 is just a +trick to avoid calling continue, as reported by Coverity. + +It relies to have this code just afterwards: + + if (!ready) fepriv->auto_sub_step++; + +Simplify the code by simply setting it to zero and use +continue to return to the while loop. + +Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") +Signed-off-by: Mauro Carvalho Chehab +Signed-off-by: Sasha Levin +--- + drivers/media/dvb-core/dvb_frontend.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/drivers/media/dvb-core/dvb_frontend.c b/drivers/media/dvb-core/dvb_frontend.c +index 93d3378a0df4b..344dc9dc6613f 100644 +--- a/drivers/media/dvb-core/dvb_frontend.c ++++ b/drivers/media/dvb-core/dvb_frontend.c +@@ -443,8 +443,8 @@ static int dvb_frontend_swzigzag_autotune(struct dvb_frontend *fe, int check_wra + + default: + fepriv->auto_step++; +- fepriv->auto_sub_step = -1; /* it'll be incremented to 0 in a moment */ +- break; ++ fepriv->auto_sub_step = 0; ++ continue; + } + + if (!ready) fepriv->auto_sub_step++; +-- +2.43.0 + diff --git a/queue-6.6/media-dvbdev-prevent-the-risk-of-out-of-memory-acces.patch b/queue-6.6/media-dvbdev-prevent-the-risk-of-out-of-memory-acces.patch new file mode 100644 index 00000000000..afbd19db870 --- /dev/null +++ b/queue-6.6/media-dvbdev-prevent-the-risk-of-out-of-memory-acces.patch @@ -0,0 +1,80 @@ +From ba083e45126eb3498a5a6e41611cf24390a9ef92 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 15 Oct 2024 15:23:01 +0200 +Subject: media: dvbdev: prevent the risk of out of memory access + +From: Mauro Carvalho Chehab + +[ Upstream commit 972e63e895abbe8aa1ccbdbb4e6362abda7cd457 ] + +The dvbdev contains a static variable used to store dvb minors. + +The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set +or not. When not set, dvb_register_device() won't check for +boundaries, as it will rely that a previous call to +dvb_register_adapter() would already be enforcing it. + +On a similar way, dvb_device_open() uses the assumption +that the register functions already did the needed checks. + +This can be fragile if some device ends using different +calls. This also generate warnings on static check analysers +like Coverity. + +So, add explicit guards to prevent potential risk of OOM issues. + +Fixes: 5dd3f3071070 ("V4L/DVB (9361): Dynamic DVB minor allocation") +Signed-off-by: Mauro Carvalho Chehab +Signed-off-by: Sasha Levin +--- + drivers/media/dvb-core/dvbdev.c | 17 +++++++++++++++-- + 1 file changed, 15 insertions(+), 2 deletions(-) + +diff --git a/drivers/media/dvb-core/dvbdev.c b/drivers/media/dvb-core/dvbdev.c +index b43695bc51e75..14f323fbada71 100644 +--- a/drivers/media/dvb-core/dvbdev.c ++++ b/drivers/media/dvb-core/dvbdev.c +@@ -86,10 +86,15 @@ static DECLARE_RWSEM(minor_rwsem); + static int dvb_device_open(struct inode *inode, struct file *file) + { + struct dvb_device *dvbdev; ++ unsigned int minor = iminor(inode); ++ ++ if (minor >= MAX_DVB_MINORS) ++ return -ENODEV; + + mutex_lock(&dvbdev_mutex); + down_read(&minor_rwsem); +- dvbdev = dvb_minors[iminor(inode)]; ++ ++ dvbdev = dvb_minors[minor]; + + if (dvbdev && dvbdev->fops) { + int err = 0; +@@ -525,7 +530,7 @@ int dvb_register_device(struct dvb_adapter *adap, struct dvb_device **pdvbdev, + for (minor = 0; minor < MAX_DVB_MINORS; minor++) + if (!dvb_minors[minor]) + break; +- if (minor == MAX_DVB_MINORS) { ++ if (minor >= MAX_DVB_MINORS) { + if (new_node) { + list_del(&new_node->list_head); + kfree(dvbdevfops); +@@ -540,6 +545,14 @@ int dvb_register_device(struct dvb_adapter *adap, struct dvb_device **pdvbdev, + } + #else + minor = nums2minor(adap->num, type, id); ++ if (minor >= MAX_DVB_MINORS) { ++ dvb_media_device_free(dvbdev); ++ list_del(&dvbdev->list_head); ++ kfree(dvbdev); ++ *pdvbdev = NULL; ++ mutex_unlock(&dvbdev_register_lock); ++ return ret; ++ } + #endif + dvbdev->minor = minor; + dvb_minors[minor] = dvb_device_get(dvbdev); +-- +2.43.0 + diff --git a/queue-6.6/scsi-sd_zbc-use-kvzalloc-to-allocate-report-zones-bu.patch b/queue-6.6/scsi-sd_zbc-use-kvzalloc-to-allocate-report-zones-bu.patch new file mode 100644 index 00000000000..66c3d298cb3 --- /dev/null +++ b/queue-6.6/scsi-sd_zbc-use-kvzalloc-to-allocate-report-zones-bu.patch @@ -0,0 +1,58 @@ +From 1c556f641272d0d993393caa0d1ce88eb4bc5da5 Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Wed, 30 Oct 2024 12:02:53 +0100 +Subject: scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer + +From: Johannes Thumshirn + +[ Upstream commit 7ce3e6107103214d354a16729a472f588be60572 ] + +We have two reports of failed memory allocation in btrfs' code which is +calling into report zones. + +Both of these reports have the following signature coming from +__vmalloc_area_node(): + + kworker/u17:5: vmalloc error: size 0, failed to allocate pages, mode:0x10dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NORETRY|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 + +Further debugging showed these where allocations of one sector (512 +bytes) and at least one of the reporter's systems where low on memory, +so going through the overhead of allocating a vm area failed. + +Switching the allocation from __vmalloc() to kvzalloc() avoids the +overhead of vmalloc() on small allocations and succeeds. + +Note: the buffer is already freed using kvfree() so there's no need to +adjust the free path. + +Cc: Qu Wenru +Cc: Naohiro Aota +Link: https://github.com/kdave/btrfs-progs/issues/779 +Link: https://github.com/kdave/btrfs-progs/issues/915 +Fixes: 23a50861adda ("scsi: sd_zbc: Cleanup sd_zbc_alloc_report_buffer()") +Signed-off-by: Johannes Thumshirn +Link: https://lore.kernel.org/r/20241030110253.11718-1-jth@kernel.org +Reviewed-by: Damien Le Moal +Signed-off-by: Martin K. Petersen +Signed-off-by: Sasha Levin +--- + drivers/scsi/sd_zbc.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/drivers/scsi/sd_zbc.c b/drivers/scsi/sd_zbc.c +index a25215507668d..203df5e53b1a8 100644 +--- a/drivers/scsi/sd_zbc.c ++++ b/drivers/scsi/sd_zbc.c +@@ -221,8 +221,7 @@ static void *sd_zbc_alloc_report_buffer(struct scsi_disk *sdkp, + bufsize = min_t(size_t, bufsize, queue_max_segments(q) << PAGE_SHIFT); + + while (bufsize >= SECTOR_SIZE) { +- buf = __vmalloc(bufsize, +- GFP_KERNEL | __GFP_ZERO | __GFP_NORETRY); ++ buf = kvzalloc(bufsize, GFP_KERNEL | __GFP_NORETRY); + if (buf) { + *buflen = bufsize; + return buf; +-- +2.43.0 + diff --git a/queue-6.6/series b/queue-6.6/series index 6f1b9e37b95..8932ca7a761 100644 --- a/queue-6.6/series +++ b/queue-6.6/series @@ -49,3 +49,12 @@ rxrpc-fix-missing-locking-causing-hanging-calls.patch drivers-net-ionic-add-missed-debugfs-cleanup-to-ioni.patch revert-alsa-hda-conexant-mute-speakers-at-suspend-shutdown.patch media-stb0899_algo-initialize-cfr-before-using-it.patch +media-dvbdev-prevent-the-risk-of-out-of-memory-acces.patch +media-dvb_frontend-don-t-play-tricks-with-underflow-.patch +media-adv7604-prevent-underflow-condition-when-repor.patch +scsi-sd_zbc-use-kvzalloc-to-allocate-report-zones-bu.patch +alsa-firewire-lib-fix-return-value-on-fail-in-amdtp_.patch +tools-lib-thermal-fix-sampling-handler-context-ptr.patch +thermal-of-support-thermal-zones-w-o-trips-subnode.patch +asoc-stm32-spdifrx-fix-dma-channel-release-in-stm32_.patch +asoc-sof-sof-client-probes-ipc4-set-param_size-exten.patch diff --git a/queue-6.6/thermal-of-support-thermal-zones-w-o-trips-subnode.patch b/queue-6.6/thermal-of-support-thermal-zones-w-o-trips-subnode.patch new file mode 100644 index 00000000000..72865371fde --- /dev/null +++ b/queue-6.6/thermal-of-support-thermal-zones-w-o-trips-subnode.patch @@ -0,0 +1,90 @@ +From 0e6e6eddab03d3b4802a626b65dd36fcc1453f4f Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 18 Oct 2024 15:31:36 +0800 +Subject: thermal/of: support thermal zones w/o trips subnode + +From: Icenowy Zheng + +[ Upstream commit 725f31f300e300a9d94976bd8f1db6e746f95f63 ] + +Although the current device tree binding of thermal zones require the +trips subnode, the binding in kernel v5.15 does not require it, and many +device trees shipped with the kernel, for example, +allwinner/sun50i-a64.dtsi and mediatek/mt8183-kukui.dtsi in ARM64, still +comply to the old binding and contain no trips subnode. + +Allow the code to successfully register thermal zones w/o trips subnode +for DT binding compatibility now. + +Furtherly, the inconsistency between DTs and bindings should be resolved +by either adding empty trips subnode or dropping the trips subnode +requirement. + +Fixes: d0c75fa2c17f ("thermal/of: Initialize trip points separately") +Signed-off-by: Icenowy Zheng +[wenst@chromium.org: Reworked logic and kernel log messages] +Signed-off-by: Chen-Yu Tsai +Reviewed-by: Rafael J. Wysocki +Link: https://lore.kernel.org/r/20241018073139.1268995-1-wenst@chromium.org +Signed-off-by: Daniel Lezcano +Signed-off-by: Sasha Levin +--- + drivers/thermal/thermal_of.c | 21 ++++++++++----------- + 1 file changed, 10 insertions(+), 11 deletions(-) + +diff --git a/drivers/thermal/thermal_of.c b/drivers/thermal/thermal_of.c +index d8dfcd49695d3..4e5f86c214561 100644 +--- a/drivers/thermal/thermal_of.c ++++ b/drivers/thermal/thermal_of.c +@@ -126,18 +126,15 @@ static struct thermal_trip *thermal_of_trips_init(struct device_node *np, int *n + struct device_node *trips; + int ret, count; + ++ *ntrips = 0; ++ + trips = of_get_child_by_name(np, "trips"); +- if (!trips) { +- pr_err("Failed to find 'trips' node\n"); +- return ERR_PTR(-EINVAL); +- } ++ if (!trips) ++ return NULL; + + count = of_get_child_count(trips); +- if (!count) { +- pr_err("No trip point defined\n"); +- ret = -EINVAL; +- goto out_of_node_put; +- } ++ if (!count) ++ return NULL; + + tt = kzalloc(sizeof(*tt) * count, GFP_KERNEL); + if (!tt) { +@@ -160,7 +157,6 @@ static struct thermal_trip *thermal_of_trips_init(struct device_node *np, int *n + + out_kfree: + kfree(tt); +- *ntrips = 0; + out_of_node_put: + of_node_put(trips); + +@@ -498,11 +494,14 @@ static struct thermal_zone_device *thermal_of_zone_register(struct device_node * + + trips = thermal_of_trips_init(np, &ntrips); + if (IS_ERR(trips)) { +- pr_err("Failed to find trip points for %pOFn id=%d\n", sensor, id); ++ pr_err("Failed to parse trip points for %pOFn id=%d\n", sensor, id); + ret = PTR_ERR(trips); + goto out_kfree_of_ops; + } + ++ if (!trips) ++ pr_info("No trip points found for %pOFn id=%d\n", sensor, id); ++ + ret = thermal_of_monitor_init(np, &delay, &pdelay); + if (ret) { + pr_err("Failed to initialize monitoring delays from %pOFn\n", np); +-- +2.43.0 + diff --git a/queue-6.6/tools-lib-thermal-fix-sampling-handler-context-ptr.patch b/queue-6.6/tools-lib-thermal-fix-sampling-handler-context-ptr.patch new file mode 100644 index 00000000000..c386d683f56 --- /dev/null +++ b/queue-6.6/tools-lib-thermal-fix-sampling-handler-context-ptr.patch @@ -0,0 +1,44 @@ +From bee3f53d3b499fbd1f61c48720fefbac68877f0f Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Tue, 15 Oct 2024 19:18:26 +0200 +Subject: tools/lib/thermal: Fix sampling handler context ptr + +From: Emil Dahl Juhl + +[ Upstream commit fcd54cf480c87b96313a97dbf898c644b7bb3a2e ] + +The sampling handler, provided by the user alongside a void* context, +was invoked with an internal structure instead of the user context. + +Correct the invocation of the sampling handler to pass the user context +pointer instead. + +Note that the approach taken is similar to that in events.c, and will +reduce the chances of this mistake happening if additional sampling +callbacks are added. + +Fixes: 47c4b0de080a ("tools/lib/thermal: Add a thermal library") +Signed-off-by: Emil Dahl Juhl +Link: https://lore.kernel.org/r/20241015171826.170154-1-emdj@bang-olufsen.dk +Signed-off-by: Daniel Lezcano +Signed-off-by: Sasha Levin +--- + tools/lib/thermal/sampling.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/tools/lib/thermal/sampling.c b/tools/lib/thermal/sampling.c +index 70577423a9f0c..f67c1f9ea1d78 100644 +--- a/tools/lib/thermal/sampling.c ++++ b/tools/lib/thermal/sampling.c +@@ -16,6 +16,8 @@ static int handle_thermal_sample(struct nl_msg *n, void *arg) + struct thermal_handler_param *thp = arg; + struct thermal_handler *th = thp->th; + ++ arg = thp->arg; ++ + genlmsg_parse(nlh, 0, attrs, THERMAL_GENL_ATTR_MAX, NULL); + + switch (genlhdr->cmd) { +-- +2.43.0 +