--- /dev/null
+From 61d2b3998722a2643520abe94a3ccc9c0a27076f Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 9 Sep 2024 15:39:10 +0300
+Subject: fs/ntfs3: Additional check in ni_clear()
+
+From: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
+
+[ Upstream commit d178944db36b3369b78a08ba520de109b89bf2a9 ]
+
+Checking of NTFS_FLAGS_LOG_REPLAYING added to prevent access to
+uninitialized bitmap during replay process.
+
+Reported-by: syzbot+3bfd2cc059ab93efcdb4@syzkaller.appspotmail.com
+Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/ntfs3/frecord.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/fs/ntfs3/frecord.c b/fs/ntfs3/frecord.c
+index 7a1f57dc58dfc..a74bbfec8e3ac 100644
+--- a/fs/ntfs3/frecord.c
++++ b/fs/ntfs3/frecord.c
+@@ -101,7 +101,9 @@ void ni_clear(struct ntfs_inode *ni)
+ {
+ struct rb_node *node;
+
+- if (!ni->vfs_inode.i_nlink && ni->mi.mrec && is_rec_inuse(ni->mi.mrec))
++ if (!ni->vfs_inode.i_nlink && ni->mi.mrec &&
++ is_rec_inuse(ni->mi.mrec) &&
++ !(ni->mi.sbi->flags & NTFS_FLAGS_LOG_REPLAYING))
+ ni_delete_all(ni);
+
+ al_destroy(ni);
+--
+2.43.0
+
--- /dev/null
+From 4ff115175d705c8835a33c4fd7199b9323d1c42d Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 15 May 2024 07:38:33 -0500
+Subject: fs/ntfs3: Check if more than chunk-size bytes are written
+
+From: Andrew Ballance <andrewjballance@gmail.com>
+
+[ Upstream commit 9931122d04c6d431b2c11b5bb7b10f28584067f0 ]
+
+A incorrectly formatted chunk may decompress into
+more than LZNT_CHUNK_SIZE bytes and a index out of bounds
+will occur in s_max_off.
+
+Signed-off-by: Andrew Ballance <andrewjballance@gmail.com>
+Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/ntfs3/lznt.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/fs/ntfs3/lznt.c b/fs/ntfs3/lznt.c
+index 28f654561f279..09db01c1098cd 100644
+--- a/fs/ntfs3/lznt.c
++++ b/fs/ntfs3/lznt.c
+@@ -236,6 +236,9 @@ static inline ssize_t decompress_chunk(u8 *unc, u8 *unc_end, const u8 *cmpr,
+
+ /* Do decompression until pointers are inside range. */
+ while (up < unc_end && cmpr < cmpr_end) {
++ // return err if more than LZNT_CHUNK_SIZE bytes are written
++ if (up - unc > LZNT_CHUNK_SIZE)
++ return -EINVAL;
+ /* Correct index */
+ while (unc + s_max_off[index] < up)
+ index += 1;
+--
+2.43.0
+
--- /dev/null
+From 304e92ea88963c46be392c9650ebdaa278d28311 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 28 Aug 2024 11:55:53 +0300
+Subject: fs/ntfs3: Fix possible deadlock in mi_read
+
+From: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
+
+[ Upstream commit 03b097099eef255fbf85ea6a786ae3c91b11f041 ]
+
+Mutex lock with another subclass used in ni_lock_dir().
+
+Reported-by: syzbot+bc7ca0ae4591cb2550f9@syzkaller.appspotmail.com
+Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/ntfs3/namei.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/fs/ntfs3/namei.c b/fs/ntfs3/namei.c
+index bff1934e044e5..c1bce9d656cff 100644
+--- a/fs/ntfs3/namei.c
++++ b/fs/ntfs3/namei.c
+@@ -79,7 +79,7 @@ static struct dentry *ntfs_lookup(struct inode *dir, struct dentry *dentry,
+ if (err < 0)
+ inode = ERR_PTR(err);
+ else {
+- ni_lock(ni);
++ ni_lock_dir(ni);
+ inode = dir_search_u(dir, uni, NULL);
+ ni_unlock(ni);
+ }
+--
+2.43.0
+
--- /dev/null
+From 3a91905b094df7d41f22201f9fde246f479cf6ef Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 19 Aug 2024 16:26:22 +0300
+Subject: fs/ntfs3: Fix warning possible deadlock in ntfs_set_state
+
+From: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
+
+[ Upstream commit 5b2db723455a89dc96743d34d8bdaa23a402db2f ]
+
+Use non-zero subkey to skip analyzer warnings.
+
+Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
+Reported-by: syzbot+c2ada45c23d98d646118@syzkaller.appspotmail.com
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/ntfs3/ntfs_fs.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/fs/ntfs3/ntfs_fs.h b/fs/ntfs3/ntfs_fs.h
+index b4c09b99edd1d..7b46926e920c6 100644
+--- a/fs/ntfs3/ntfs_fs.h
++++ b/fs/ntfs3/ntfs_fs.h
+@@ -328,7 +328,7 @@ struct mft_inode {
+
+ /* Nested class for ntfs_inode::ni_lock. */
+ enum ntfs_inode_mutex_lock_class {
+- NTFS_INODE_MUTEX_DIRTY,
++ NTFS_INODE_MUTEX_DIRTY = 1,
+ NTFS_INODE_MUTEX_SECURITY,
+ NTFS_INODE_MUTEX_OBJID,
+ NTFS_INODE_MUTEX_REPARSE,
+--
+2.43.0
+
--- /dev/null
+From 08cd72616474f49e05b48dedee5fdf63ca6d8b14 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 19 Sep 2024 07:34:50 -0500
+Subject: misc: sgi-gru: Don't disable preemption in GRU driver
+
+From: Dimitri Sivanich <sivanich@hpe.com>
+
+[ Upstream commit b983b271662bd6104d429b0fd97af3333ba760bf ]
+
+Disabling preemption in the GRU driver is unnecessary, and clashes with
+sleeping locks in several code paths. Remove preempt_disable and
+preempt_enable from the GRU driver.
+
+Signed-off-by: Dimitri Sivanich <sivanich@hpe.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/misc/sgi-gru/grukservices.c | 2 --
+ drivers/misc/sgi-gru/grumain.c | 4 ----
+ drivers/misc/sgi-gru/grutlbpurge.c | 2 --
+ 3 files changed, 8 deletions(-)
+
+diff --git a/drivers/misc/sgi-gru/grukservices.c b/drivers/misc/sgi-gru/grukservices.c
+index 0ea923fe6371b..e2bdba4742930 100644
+--- a/drivers/misc/sgi-gru/grukservices.c
++++ b/drivers/misc/sgi-gru/grukservices.c
+@@ -258,7 +258,6 @@ static int gru_get_cpu_resources(int dsr_bytes, void **cb, void **dsr)
+ int lcpu;
+
+ BUG_ON(dsr_bytes > GRU_NUM_KERNEL_DSR_BYTES);
+- preempt_disable();
+ bs = gru_lock_kernel_context(-1);
+ lcpu = uv_blade_processor_id();
+ *cb = bs->kernel_cb + lcpu * GRU_HANDLE_STRIDE;
+@@ -272,7 +271,6 @@ static int gru_get_cpu_resources(int dsr_bytes, void **cb, void **dsr)
+ static void gru_free_cpu_resources(void *cb, void *dsr)
+ {
+ gru_unlock_kernel_context(uv_numa_blade_id());
+- preempt_enable();
+ }
+
+ /*
+diff --git a/drivers/misc/sgi-gru/grumain.c b/drivers/misc/sgi-gru/grumain.c
+index 3a16eb8e03f73..9b8bdd57ec854 100644
+--- a/drivers/misc/sgi-gru/grumain.c
++++ b/drivers/misc/sgi-gru/grumain.c
+@@ -941,10 +941,8 @@ vm_fault_t gru_fault(struct vm_fault *vmf)
+
+ again:
+ mutex_lock(>s->ts_ctxlock);
+- preempt_disable();
+
+ if (gru_check_context_placement(gts)) {
+- preempt_enable();
+ mutex_unlock(>s->ts_ctxlock);
+ gru_unload_context(gts, 1);
+ return VM_FAULT_NOPAGE;
+@@ -953,7 +951,6 @@ vm_fault_t gru_fault(struct vm_fault *vmf)
+ if (!gts->ts_gru) {
+ STAT(load_user_context);
+ if (!gru_assign_gru_context(gts)) {
+- preempt_enable();
+ mutex_unlock(>s->ts_ctxlock);
+ set_current_state(TASK_INTERRUPTIBLE);
+ schedule_timeout(GRU_ASSIGN_DELAY); /* true hack ZZZ */
+@@ -969,7 +966,6 @@ vm_fault_t gru_fault(struct vm_fault *vmf)
+ vma->vm_page_prot);
+ }
+
+- preempt_enable();
+ mutex_unlock(>s->ts_ctxlock);
+
+ return VM_FAULT_NOPAGE;
+diff --git a/drivers/misc/sgi-gru/grutlbpurge.c b/drivers/misc/sgi-gru/grutlbpurge.c
+index 10921cd2608df..1107dd3e2e9fa 100644
+--- a/drivers/misc/sgi-gru/grutlbpurge.c
++++ b/drivers/misc/sgi-gru/grutlbpurge.c
+@@ -65,7 +65,6 @@ static struct gru_tlb_global_handle *get_lock_tgh_handle(struct gru_state
+ struct gru_tlb_global_handle *tgh;
+ int n;
+
+- preempt_disable();
+ if (uv_numa_blade_id() == gru->gs_blade_id)
+ n = get_on_blade_tgh(gru);
+ else
+@@ -79,7 +78,6 @@ static struct gru_tlb_global_handle *get_lock_tgh_handle(struct gru_state
+ static void get_unlock_tgh_handle(struct gru_tlb_global_handle *tgh)
+ {
+ unlock_tgh_handle(tgh);
+- preempt_enable();
+ }
+
+ /*
+--
+2.43.0
+
--- /dev/null
+From 39b4ea78a4e89f47bc62c3196fb94087e3dc056c Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 7 Oct 2024 19:43:17 +0900
+Subject: net: amd: mvme147: Fix probe banner message
+
+From: Daniel Palmer <daniel@0x0f.com>
+
+[ Upstream commit 82c5b53140faf89c31ea2b3a0985a2f291694169 ]
+
+Currently this driver prints this line with what looks like
+a rogue format specifier when the device is probed:
+[ 2.840000] eth%d: MVME147 at 0xfffe1800, irq 12, Hardware Address xx:xx:xx:xx:xx:xx
+
+Change the printk() for netdev_info() and move it after the
+registration has completed so it prints out the name of the
+interface properly.
+
+Signed-off-by: Daniel Palmer <daniel@0x0f.com>
+Reviewed-by: Simon Horman <horms@kernel.org>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/net/ethernet/amd/mvme147.c | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/drivers/net/ethernet/amd/mvme147.c b/drivers/net/ethernet/amd/mvme147.c
+index da97fccea9ea6..769355824b7e1 100644
+--- a/drivers/net/ethernet/amd/mvme147.c
++++ b/drivers/net/ethernet/amd/mvme147.c
+@@ -103,10 +103,6 @@ static struct net_device * __init mvme147lance_probe(void)
+ address = address >> 8;
+ dev->dev_addr[3] = address&0xff;
+
+- printk("%s: MVME147 at 0x%08lx, irq %d, Hardware Address %pM\n",
+- dev->name, dev->base_addr, MVME147_LANCE_IRQ,
+- dev->dev_addr);
+-
+ lp = netdev_priv(dev);
+ lp->ram = __get_dma_pages(GFP_ATOMIC, 3); /* 32K */
+ if (!lp->ram) {
+@@ -136,6 +132,9 @@ static struct net_device * __init mvme147lance_probe(void)
+ return ERR_PTR(err);
+ }
+
++ netdev_info(dev, "MVME147 at 0x%08lx, irq %d, Hardware Address %pM\n",
++ dev->base_addr, MVME147_LANCE_IRQ, dev->dev_addr);
++
+ return dev;
+ }
+
+--
+2.43.0
+
--- /dev/null
+From bcda1e77cdb6c8ccb2be861e974c3862def5f392 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 8 Oct 2024 15:58:07 -0700
+Subject: NFS: remove revoked delegation from server's delegation list
+
+From: Dai Ngo <dai.ngo@oracle.com>
+
+[ Upstream commit 7ef60108069b7e3cc66432304e1dd197d5c0a9b5 ]
+
+After the delegation is returned to the NFS server remove it
+from the server's delegations list to reduce the time it takes
+to scan this list.
+
+Network trace captured while running the below script shows the
+time taken to service the CB_RECALL increases gradually due to
+the overhead of traversing the delegation list in
+nfs_delegation_find_inode_server.
+
+The NFS server in this test is a Solaris server which issues
+CB_RECALL when receiving the all-zero stateid in the SETATTR.
+
+mount=/mnt/data
+for i in $(seq 1 20)
+do
+ echo $i
+ mkdir $mount/testtarfile$i
+ time tar -C $mount/testtarfile$i -xf 5000_files.tar
+done
+
+Signed-off-by: Dai Ngo <dai.ngo@oracle.com>
+Reviewed-by: Trond Myklebust <trond.myklebust@hammerspace.com>
+Signed-off-by: Anna Schumaker <anna.schumaker@oracle.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/nfs/delegation.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/fs/nfs/delegation.c b/fs/nfs/delegation.c
+index 8124d4f8b29a6..ac79ef0d43a73 100644
+--- a/fs/nfs/delegation.c
++++ b/fs/nfs/delegation.c
+@@ -981,6 +981,11 @@ void nfs_delegation_mark_returned(struct inode *inode,
+ }
+
+ nfs_mark_delegation_revoked(delegation);
++ clear_bit(NFS_DELEGATION_RETURNING, &delegation->flags);
++ spin_unlock(&delegation->lock);
++ if (nfs_detach_delegation(NFS_I(inode), delegation, NFS_SERVER(inode)))
++ nfs_put_delegation(delegation);
++ goto out_rcu_unlock;
+
+ out_clear_returning:
+ clear_bit(NFS_DELEGATION_RETURNING, &delegation->flags);
+--
+2.43.0
+
--- /dev/null
+From 5e6ba183a013225e1fc67893499819850a95a8f3 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Tue, 17 Sep 2024 19:06:43 -0400
+Subject: scsi: scsi_transport_fc: Allow setting rport state to current state
+
+From: Benjamin Marzinski <bmarzins@redhat.com>
+
+[ Upstream commit d539a871ae47a1f27a609a62e06093fa69d7ce99 ]
+
+The only input fc_rport_set_marginal_state() currently accepts is
+"Marginal" when port_state is "Online", and "Online" when the port_state
+is "Marginal". It should also allow setting port_state to its current
+state, either "Marginal or "Online".
+
+Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
+Link: https://lore.kernel.org/r/20240917230643.966768-1-bmarzins@redhat.com
+Reviewed-by: Ewan D. Milne <emilne@redhat.com>
+Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/scsi/scsi_transport_fc.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/drivers/scsi/scsi_transport_fc.c b/drivers/scsi/scsi_transport_fc.c
+index a2524106206db..fbe2036ca6196 100644
+--- a/drivers/scsi/scsi_transport_fc.c
++++ b/drivers/scsi/scsi_transport_fc.c
+@@ -1250,7 +1250,7 @@ static ssize_t fc_rport_set_marginal_state(struct device *dev,
+ */
+ if (rport->port_state == FC_PORTSTATE_ONLINE)
+ rport->port_state = port_state;
+- else
++ else if (port_state != rport->port_state)
+ return -EINVAL;
+ } else if (port_state == FC_PORTSTATE_ONLINE) {
+ /*
+@@ -1260,7 +1260,7 @@ static ssize_t fc_rport_set_marginal_state(struct device *dev,
+ */
+ if (rport->port_state == FC_PORTSTATE_MARGINAL)
+ rport->port_state = port_state;
+- else
++ else if (port_state != rport->port_state)
+ return -EINVAL;
+ } else
+ return -EINVAL;
+--
+2.43.0
+
net-hns3-fix-kernel-crash-when-1588-is-sent-on-hip08.patch
firmware-arm_sdei-fix-the-input-parameter-of-cpuhp_r.patch
acpi-cppc-make-rmw_lock-a-raw_spin_lock.patch
+fs-ntfs3-check-if-more-than-chunk-size-bytes-are-wri.patch
+fs-ntfs3-fix-warning-possible-deadlock-in-ntfs_set_s.patch
+fs-ntfs3-fix-possible-deadlock-in-mi_read.patch
+fs-ntfs3-additional-check-in-ni_clear.patch
+scsi-scsi_transport_fc-allow-setting-rport-state-to-.patch
+net-amd-mvme147-fix-probe-banner-message.patch
+nfs-remove-revoked-delegation-from-server-s-delegati.patch
+misc-sgi-gru-don-t-disable-preemption-in-gru-driver.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
