From 013094b267193d34d884b70a728893b35fb2da7d Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Mon, 18 Aug 2025 13:38:45 +0200 Subject: [PATCH] 6.15-stable patches added patches: hid-magicmouse-avoid-setting-up-battery-timer-when-not-needed.patch kvm-x86-convert-vcpu_run-s-immediate-exit-param-into-a-generic-bitmap.patch wifi-ath12k-install-pairwise-key-first.patch --- ...ing-up-battery-timer-when-not-needed.patch | 127 +++++++++++++ ...ate-exit-param-into-a-generic-bitmap.patch | 139 ++++++++++++++ queue-6.15/series | 3 + ...fi-ath12k-install-pairwise-key-first.patch | 173 ++++++++++++++++++ 4 files changed, 442 insertions(+) create mode 100644 queue-6.15/hid-magicmouse-avoid-setting-up-battery-timer-when-not-needed.patch create mode 100644 queue-6.15/kvm-x86-convert-vcpu_run-s-immediate-exit-param-into-a-generic-bitmap.patch create mode 100644 queue-6.15/wifi-ath12k-install-pairwise-key-first.patch diff --git a/queue-6.15/hid-magicmouse-avoid-setting-up-battery-timer-when-not-needed.patch b/queue-6.15/hid-magicmouse-avoid-setting-up-battery-timer-when-not-needed.patch new file mode 100644 index 0000000000..14b451c9ab --- /dev/null +++ b/queue-6.15/hid-magicmouse-avoid-setting-up-battery-timer-when-not-needed.patch @@ -0,0 +1,127 @@ +From 9bdc30e35cbc1aa78ccf01040354209f1e11ca22 Mon Sep 17 00:00:00 2001 +From: Aditya Garg +Date: Mon, 30 Jun 2025 12:37:13 +0000 +Subject: HID: magicmouse: avoid setting up battery timer when not needed + +From: Aditya Garg + +commit 9bdc30e35cbc1aa78ccf01040354209f1e11ca22 upstream. + +Currently, the battery timer is set up for all devices using +hid-magicmouse, irrespective of whether they actually need it or not. + +The current implementation requires the battery timer for Magic Mouse 2 +and Magic Trackpad 2 when connected via USB only. Add checks to ensure +that the battery timer is only set up when they are connected via USB. + +Fixes: 0b91b4e4dae6 ("HID: magicmouse: Report battery level over USB") +Cc: stable@vger.kernel.org +Signed-off-by: Aditya Garg +Signed-off-by: Jiri Kosina +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/hid/hid-magicmouse.c | 58 ++++++++++++++++++++++++++++--------------- + 1 file changed, 38 insertions(+), 20 deletions(-) + +--- a/drivers/hid/hid-magicmouse.c ++++ b/drivers/hid/hid-magicmouse.c +@@ -779,16 +779,30 @@ static void magicmouse_enable_mt_work(st + hid_err(msc->hdev, "unable to request touch data (%d)\n", ret); + } + ++static bool is_usb_magicmouse2(__u32 vendor, __u32 product) ++{ ++ if (vendor != USB_VENDOR_ID_APPLE) ++ return false; ++ return product == USB_DEVICE_ID_APPLE_MAGICMOUSE2; ++} ++ ++static bool is_usb_magictrackpad2(__u32 vendor, __u32 product) ++{ ++ if (vendor != USB_VENDOR_ID_APPLE) ++ return false; ++ return product == USB_DEVICE_ID_APPLE_MAGICTRACKPAD2 || ++ product == USB_DEVICE_ID_APPLE_MAGICTRACKPAD2_USBC; ++} ++ + static int magicmouse_fetch_battery(struct hid_device *hdev) + { + #ifdef CONFIG_HID_BATTERY_STRENGTH + struct hid_report_enum *report_enum; + struct hid_report *report; + +- if (!hdev->battery || hdev->vendor != USB_VENDOR_ID_APPLE || +- (hdev->product != USB_DEVICE_ID_APPLE_MAGICMOUSE2 && +- hdev->product != USB_DEVICE_ID_APPLE_MAGICTRACKPAD2 && +- hdev->product != USB_DEVICE_ID_APPLE_MAGICTRACKPAD2_USBC)) ++ if (!hdev->battery || ++ (!is_usb_magicmouse2(hdev->vendor, hdev->product) && ++ !is_usb_magictrackpad2(hdev->vendor, hdev->product))) + return -1; + + report_enum = &hdev->report_enum[hdev->battery_report_type]; +@@ -850,16 +864,17 @@ static int magicmouse_probe(struct hid_d + return ret; + } + +- timer_setup(&msc->battery_timer, magicmouse_battery_timer_tick, 0); +- mod_timer(&msc->battery_timer, +- jiffies + msecs_to_jiffies(USB_BATTERY_TIMEOUT_MS)); +- magicmouse_fetch_battery(hdev); +- +- if (id->vendor == USB_VENDOR_ID_APPLE && +- (id->product == USB_DEVICE_ID_APPLE_MAGICMOUSE2 || +- ((id->product == USB_DEVICE_ID_APPLE_MAGICTRACKPAD2 || +- id->product == USB_DEVICE_ID_APPLE_MAGICTRACKPAD2_USBC) && +- hdev->type != HID_TYPE_USBMOUSE))) ++ if (is_usb_magicmouse2(id->vendor, id->product) || ++ is_usb_magictrackpad2(id->vendor, id->product)) { ++ timer_setup(&msc->battery_timer, magicmouse_battery_timer_tick, 0); ++ mod_timer(&msc->battery_timer, ++ jiffies + msecs_to_jiffies(USB_BATTERY_TIMEOUT_MS)); ++ magicmouse_fetch_battery(hdev); ++ } ++ ++ if (is_usb_magicmouse2(id->vendor, id->product) || ++ (is_usb_magictrackpad2(id->vendor, id->product) && ++ hdev->type != HID_TYPE_USBMOUSE)) + return 0; + + if (!msc->input) { +@@ -915,7 +930,10 @@ static int magicmouse_probe(struct hid_d + + return 0; + err_stop_hw: +- timer_delete_sync(&msc->battery_timer); ++ if (is_usb_magicmouse2(id->vendor, id->product) || ++ is_usb_magictrackpad2(id->vendor, id->product)) ++ timer_delete_sync(&msc->battery_timer); ++ + hid_hw_stop(hdev); + return ret; + } +@@ -926,7 +944,9 @@ static void magicmouse_remove(struct hid + + if (msc) { + cancel_delayed_work_sync(&msc->work); +- timer_delete_sync(&msc->battery_timer); ++ if (is_usb_magicmouse2(hdev->vendor, hdev->product) || ++ is_usb_magictrackpad2(hdev->vendor, hdev->product)) ++ timer_delete_sync(&msc->battery_timer); + } + + hid_hw_stop(hdev); +@@ -943,10 +963,8 @@ static const __u8 *magicmouse_report_fix + * 0x05, 0x01, // Usage Page (Generic Desktop) 0 + * 0x09, 0x02, // Usage (Mouse) 2 + */ +- if (hdev->vendor == USB_VENDOR_ID_APPLE && +- (hdev->product == USB_DEVICE_ID_APPLE_MAGICMOUSE2 || +- hdev->product == USB_DEVICE_ID_APPLE_MAGICTRACKPAD2 || +- hdev->product == USB_DEVICE_ID_APPLE_MAGICTRACKPAD2_USBC) && ++ if ((is_usb_magicmouse2(hdev->vendor, hdev->product) || ++ is_usb_magictrackpad2(hdev->vendor, hdev->product)) && + *rsize == 83 && rdesc[46] == 0x84 && rdesc[58] == 0x85) { + hid_info(hdev, + "fixing up magicmouse battery report descriptor\n"); diff --git a/queue-6.15/kvm-x86-convert-vcpu_run-s-immediate-exit-param-into-a-generic-bitmap.patch b/queue-6.15/kvm-x86-convert-vcpu_run-s-immediate-exit-param-into-a-generic-bitmap.patch new file mode 100644 index 0000000000..95a3edabf2 --- /dev/null +++ b/queue-6.15/kvm-x86-convert-vcpu_run-s-immediate-exit-param-into-a-generic-bitmap.patch @@ -0,0 +1,139 @@ +From 2478b1b220c49d25cb1c3f061ec4f9b351d9a131 Mon Sep 17 00:00:00 2001 +From: Sean Christopherson +Date: Tue, 10 Jun 2025 16:20:04 -0700 +Subject: KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap + +From: Sean Christopherson + +commit 2478b1b220c49d25cb1c3f061ec4f9b351d9a131 upstream. + +Convert kvm_x86_ops.vcpu_run()'s "force_immediate_exit" boolean parameter +into an a generic bitmap so that similar "take action" information can be +passed to vendor code without creating a pile of boolean parameters. + +This will allow dropping kvm_x86_ops.set_dr6() in favor of a new flag, and +will also allow for adding similar functionality for re-loading debugctl +in the active VMCS. + +Opportunistically massage the TDX WARN and comment to prepare for adding +more run_flags, all of which are expected to be mutually exclusive with +TDX, i.e. should be WARNed on. + +No functional change intended. + +Cc: stable@vger.kernel.org +Link: https://lore.kernel.org/r/20250610232010.162191-3-seanjc@google.com +Signed-off-by: Sean Christopherson +[ Removed TDX-specific changes ] +Signed-off-by: Sasha Levin +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/include/asm/kvm_host.h | 6 +++++- + arch/x86/kvm/svm/svm.c | 4 ++-- + arch/x86/kvm/vmx/vmx.c | 3 ++- + arch/x86/kvm/vmx/x86_ops.h | 2 +- + arch/x86/kvm/x86.c | 11 ++++++++--- + 5 files changed, 18 insertions(+), 8 deletions(-) + +--- a/arch/x86/include/asm/kvm_host.h ++++ b/arch/x86/include/asm/kvm_host.h +@@ -1658,6 +1658,10 @@ static inline u16 kvm_lapic_irq_dest_mod + return dest_mode_logical ? APIC_DEST_LOGICAL : APIC_DEST_PHYSICAL; + } + ++enum kvm_x86_run_flags { ++ KVM_RUN_FORCE_IMMEDIATE_EXIT = BIT(0), ++}; ++ + struct kvm_x86_ops { + const char *name; + +@@ -1738,7 +1742,7 @@ struct kvm_x86_ops { + + int (*vcpu_pre_run)(struct kvm_vcpu *vcpu); + enum exit_fastpath_completion (*vcpu_run)(struct kvm_vcpu *vcpu, +- bool force_immediate_exit); ++ u64 run_flags); + int (*handle_exit)(struct kvm_vcpu *vcpu, + enum exit_fastpath_completion exit_fastpath); + int (*skip_emulated_instruction)(struct kvm_vcpu *vcpu); +--- a/arch/x86/kvm/svm/svm.c ++++ b/arch/x86/kvm/svm/svm.c +@@ -4319,9 +4319,9 @@ static noinstr void svm_vcpu_enter_exit( + guest_state_exit_irqoff(); + } + +-static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu, +- bool force_immediate_exit) ++static __no_kcsan fastpath_t svm_vcpu_run(struct kvm_vcpu *vcpu, u64 run_flags) + { ++ bool force_immediate_exit = run_flags & KVM_RUN_FORCE_IMMEDIATE_EXIT; + struct vcpu_svm *svm = to_svm(vcpu); + bool spec_ctrl_intercepted = msr_write_intercepted(vcpu, MSR_IA32_SPEC_CTRL); + +--- a/arch/x86/kvm/vmx/vmx.c ++++ b/arch/x86/kvm/vmx/vmx.c +@@ -7416,8 +7416,9 @@ out: + guest_state_exit_irqoff(); + } + +-fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, bool force_immediate_exit) ++fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, u64 run_flags) + { ++ bool force_immediate_exit = run_flags & KVM_RUN_FORCE_IMMEDIATE_EXIT; + struct vcpu_vmx *vmx = to_vmx(vcpu); + unsigned long cr3, cr4; + +--- a/arch/x86/kvm/vmx/x86_ops.h ++++ b/arch/x86/kvm/vmx/x86_ops.h +@@ -21,7 +21,7 @@ void vmx_vm_destroy(struct kvm *kvm); + int vmx_vcpu_precreate(struct kvm *kvm); + int vmx_vcpu_create(struct kvm_vcpu *vcpu); + int vmx_vcpu_pre_run(struct kvm_vcpu *vcpu); +-fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, bool force_immediate_exit); ++fastpath_t vmx_vcpu_run(struct kvm_vcpu *vcpu, u64 run_flags); + void vmx_vcpu_free(struct kvm_vcpu *vcpu); + void vmx_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event); + void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu); +--- a/arch/x86/kvm/x86.c ++++ b/arch/x86/kvm/x86.c +@@ -10724,6 +10724,7 @@ static int vcpu_enter_guest(struct kvm_v + dm_request_for_irq_injection(vcpu) && + kvm_cpu_accept_dm_intr(vcpu); + fastpath_t exit_fastpath; ++ u64 run_flags; + + bool req_immediate_exit = false; + +@@ -10968,8 +10969,11 @@ static int vcpu_enter_guest(struct kvm_v + goto cancel_injection; + } + +- if (req_immediate_exit) ++ run_flags = 0; ++ if (req_immediate_exit) { ++ run_flags |= KVM_RUN_FORCE_IMMEDIATE_EXIT; + kvm_make_request(KVM_REQ_EVENT, vcpu); ++ } + + fpregs_assert_state_consistent(); + if (test_thread_flag(TIF_NEED_FPU_LOAD)) +@@ -11005,8 +11009,7 @@ static int vcpu_enter_guest(struct kvm_v + WARN_ON_ONCE((kvm_vcpu_apicv_activated(vcpu) != kvm_vcpu_apicv_active(vcpu)) && + (kvm_get_apic_mode(vcpu) != LAPIC_MODE_DISABLED)); + +- exit_fastpath = kvm_x86_call(vcpu_run)(vcpu, +- req_immediate_exit); ++ exit_fastpath = kvm_x86_call(vcpu_run)(vcpu, run_flags); + if (likely(exit_fastpath != EXIT_FASTPATH_REENTER_GUEST)) + break; + +@@ -11018,6 +11021,8 @@ static int vcpu_enter_guest(struct kvm_v + break; + } + ++ run_flags = 0; ++ + /* Note, VM-Exits that go down the "slow" path are accounted below. */ + ++vcpu->stat.exits; + } diff --git a/queue-6.15/series b/queue-6.15/series index 39ff9ee7b6..44129157cc 100644 --- a/queue-6.15/series +++ b/queue-6.15/series @@ -503,3 +503,6 @@ rdma-siw-fix-the-sendmsg-byte-count-in-siw_tcp_sendpages.patch kvm-vmx-extract-checking-of-guest-s-debugctl-into-helper.patch kvm-nvmx-check-vmcs12-guest_ia32_debugctl-on-nested-vm-enter.patch kvm-vmx-wrap-all-accesses-to-ia32_debugctl-with-getter-setter-apis.patch +kvm-x86-convert-vcpu_run-s-immediate-exit-param-into-a-generic-bitmap.patch +hid-magicmouse-avoid-setting-up-battery-timer-when-not-needed.patch +wifi-ath12k-install-pairwise-key-first.patch diff --git a/queue-6.15/wifi-ath12k-install-pairwise-key-first.patch b/queue-6.15/wifi-ath12k-install-pairwise-key-first.patch new file mode 100644 index 0000000000..3ab79841e4 --- /dev/null +++ b/queue-6.15/wifi-ath12k-install-pairwise-key-first.patch @@ -0,0 +1,173 @@ +From 66e865f9dc78d00e6d1c8c6624cb0c9004e5aafb Mon Sep 17 00:00:00 2001 +From: Baochen Qiang +Date: Fri, 23 May 2025 11:49:02 +0800 +Subject: wifi: ath12k: install pairwise key first + +From: Baochen Qiang + +commit 66e865f9dc78d00e6d1c8c6624cb0c9004e5aafb upstream. + +As station, WCN7850 firmware requires pairwise key to be installed before +group key. Currently host does not care about this, so it is up to kernel +or userspace to decide which one will be installed first. In case above +requirement is not met, WCN7850 firmware's EAPOL station machine is messed +up, and finally connection fails [1]. + +Reorder key install for station interface in that case: this is done by +caching group key first; Later when pairwise key arrives, both can be +installed in required order. + +Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0-03427-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1.15378.4 +Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00217-QCAHKSWPL_SILICONZ-1 + +Closes: https://bugzilla.kernel.org/show_bug.cgi?id=218733 +Link: https://lore.kernel.org/all/AS8P190MB12051DDBD84CD88E71C40AD7873F2@AS8P190MB1205.EURP190.PROD.OUTLOOK.COM # [1] +Signed-off-by: Baochen Qiang +Reviewed-by: Vasanthakumar Thiagarajan +Link: https://patch.msgid.link/20250523-ath12k-unicast-key-first-v1-2-f53c3880e6d8@quicinc.com +Signed-off-by: Jeff Johnson +Signed-off-by: Baochen Qiang +Signed-off-by: Greg Kroah-Hartman +--- + drivers/net/wireless/ath/ath12k/core.h | 4 + + drivers/net/wireless/ath/ath12k/mac.c | 76 +++++++++++++++++++++++++++++---- + drivers/net/wireless/ath/ath12k/wmi.h | 1 + 3 files changed, 74 insertions(+), 7 deletions(-) + +--- a/drivers/net/wireless/ath/ath12k/core.h ++++ b/drivers/net/wireless/ath/ath12k/core.h +@@ -303,6 +303,10 @@ struct ath12k_link_vif { + struct ath12k_rekey_data rekey_data; + + u8 current_cntdown_counter; ++ ++ bool group_key_valid; ++ struct wmi_vdev_install_key_arg group_key; ++ bool pairwise_key_done; + }; + + struct ath12k_vif { +--- a/drivers/net/wireless/ath/ath12k/mac.c ++++ b/drivers/net/wireless/ath/ath12k/mac.c +@@ -4645,14 +4645,13 @@ static int ath12k_install_key(struct ath + .key_len = key->keylen, + .key_data = key->key, + .key_flags = flags, ++ .ieee80211_key_cipher = key->cipher, + .macaddr = macaddr, + }; + struct ath12k_vif *ahvif = arvif->ahvif; + + lockdep_assert_wiphy(ath12k_ar_to_hw(ar)->wiphy); + +- reinit_completion(&ar->install_key_done); +- + if (test_bit(ATH12K_FLAG_HW_CRYPTO_DISABLED, &ar->ab->dev_flags)) + return 0; + +@@ -4661,7 +4660,7 @@ static int ath12k_install_key(struct ath + /* arg.key_cipher = WMI_CIPHER_NONE; */ + arg.key_len = 0; + arg.key_data = NULL; +- goto install; ++ goto check_order; + } + + switch (key->cipher) { +@@ -4689,19 +4688,82 @@ static int ath12k_install_key(struct ath + key->flags |= IEEE80211_KEY_FLAG_GENERATE_IV | + IEEE80211_KEY_FLAG_RESERVE_TAILROOM; + ++check_order: ++ if (ahvif->vdev_type == WMI_VDEV_TYPE_STA && ++ arg.key_flags == WMI_KEY_GROUP) { ++ if (cmd == SET_KEY) { ++ if (arvif->pairwise_key_done) { ++ ath12k_dbg(ar->ab, ATH12K_DBG_MAC, ++ "vdev %u pairwise key done, go install group key\n", ++ arg.vdev_id); ++ goto install; ++ } else { ++ /* WCN7850 firmware requires pairwise key to be installed ++ * before group key. In case group key comes first, cache ++ * it and return. Will revisit it once pairwise key gets ++ * installed. ++ */ ++ arvif->group_key = arg; ++ arvif->group_key_valid = true; ++ ath12k_dbg(ar->ab, ATH12K_DBG_MAC, ++ "vdev %u group key before pairwise key, cache and skip\n", ++ arg.vdev_id); ++ ++ ret = 0; ++ goto out; ++ } ++ } else { ++ arvif->group_key_valid = false; ++ } ++ } ++ + install: +- ret = ath12k_wmi_vdev_install_key(arvif->ar, &arg); ++ reinit_completion(&ar->install_key_done); + ++ ret = ath12k_wmi_vdev_install_key(arvif->ar, &arg); + if (ret) + return ret; + + if (!wait_for_completion_timeout(&ar->install_key_done, 1 * HZ)) + return -ETIMEDOUT; + +- if (ether_addr_equal(macaddr, arvif->bssid)) +- ahvif->key_cipher = key->cipher; ++ if (ether_addr_equal(arg.macaddr, arvif->bssid)) ++ ahvif->key_cipher = arg.ieee80211_key_cipher; ++ ++ if (ar->install_key_status) { ++ ret = -EINVAL; ++ goto out; ++ } ++ ++ if (ahvif->vdev_type == WMI_VDEV_TYPE_STA && ++ arg.key_flags == WMI_KEY_PAIRWISE) { ++ if (cmd == SET_KEY) { ++ arvif->pairwise_key_done = true; ++ if (arvif->group_key_valid) { ++ /* Install cached GTK */ ++ arvif->group_key_valid = false; ++ arg = arvif->group_key; ++ ath12k_dbg(ar->ab, ATH12K_DBG_MAC, ++ "vdev %u pairwise key done, group key ready, go install\n", ++ arg.vdev_id); ++ goto install; ++ } ++ } else { ++ arvif->pairwise_key_done = false; ++ } ++ } ++ ++out: ++ if (ret) { ++ /* In case of failure userspace may not do DISABLE_KEY ++ * but triggers re-connection directly, so manually reset ++ * status here. ++ */ ++ arvif->group_key_valid = false; ++ arvif->pairwise_key_done = false; ++ } + +- return ar->install_key_status ? -EINVAL : 0; ++ return ret; + } + + static int ath12k_clear_peer_keys(struct ath12k_link_vif *arvif, +--- a/drivers/net/wireless/ath/ath12k/wmi.h ++++ b/drivers/net/wireless/ath/ath12k/wmi.h +@@ -3725,6 +3725,7 @@ struct wmi_vdev_install_key_arg { + u32 key_idx; + u32 key_flags; + u32 key_cipher; ++ u32 ieee80211_key_cipher; + u32 key_len; + u32 key_txmic_len; + u32 key_rxmic_len; -- 2.47.3