--- /dev/null
+From 146a15b873353f8ac28dc281c139ff611a3c4848 Mon Sep 17 00:00:00 2001
+From: Nathan Chancellor <nathan@kernel.org>
+Date: Wed, 25 Oct 2023 10:21:28 -0700
+Subject: arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer
+
+From: Nathan Chancellor <nathan@kernel.org>
+
+commit 146a15b873353f8ac28dc281c139ff611a3c4848 upstream.
+
+Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly
+byte-swap NOP when compiling for big-endian, and the resulting series of
+bytes happened to match the encoding of FNMADD S21, S30, S0, S0.
+
+This went unnoticed until commit:
+
+ 34f66c4c4d5518c1 ("arm64: Use a positive cpucap for FP/SIMD")
+
+Prior to that commit, the kernel would always enable the use of FPSIMD
+early in boot when __cpu_setup() initialized CPACR_EL1, and so usage of
+FNMADD within the kernel was not detected, but could result in the
+corruption of user or kernel FPSIMD state.
+
+After that commit, the instructions happen to trap during boot prior to
+FPSIMD being detected and enabled, e.g.
+
+| Unhandled 64-bit el1h sync exception on CPU0, ESR 0x000000001fe00000 -- ASIMD
+| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1
+| Hardware name: linux,dummy-virt (DT)
+| pstate: 400000c9 (nZcv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
+| pc : __pi_strcmp+0x1c/0x150
+| lr : populate_properties+0xe4/0x254
+| sp : ffffd014173d3ad0
+| x29: ffffd014173d3af0 x28: fffffbfffddffcb8 x27: 0000000000000000
+| x26: 0000000000000058 x25: fffffbfffddfe054 x24: 0000000000000008
+| x23: fffffbfffddfe000 x22: fffffbfffddfe000 x21: fffffbfffddfe044
+| x20: ffffd014173d3b70 x19: 0000000000000001 x18: 0000000000000005
+| x17: 0000000000000010 x16: 0000000000000000 x15: 00000000413e7000
+| x14: 0000000000000000 x13: 0000000000001bcc x12: 0000000000000000
+| x11: 00000000d00dfeed x10: ffffd414193f2cd0 x9 : 0000000000000000
+| x8 : 0101010101010101 x7 : ffffffffffffffc0 x6 : 0000000000000000
+| x5 : 0000000000000000 x4 : 0101010101010101 x3 : 000000000000002a
+| x2 : 0000000000000001 x1 : ffffd014171f2988 x0 : fffffbfffddffcb8
+| Kernel panic - not syncing: Unhandled exception
+| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1
+| Hardware name: linux,dummy-virt (DT)
+| Call trace:
+| dump_backtrace+0xec/0x108
+| show_stack+0x18/0x2c
+| dump_stack_lvl+0x50/0x68
+| dump_stack+0x18/0x24
+| panic+0x13c/0x340
+| el1t_64_irq_handler+0x0/0x1c
+| el1_abort+0x0/0x5c
+| el1h_64_sync+0x64/0x68
+| __pi_strcmp+0x1c/0x150
+| unflatten_dt_nodes+0x1e8/0x2d8
+| __unflatten_device_tree+0x5c/0x15c
+| unflatten_device_tree+0x38/0x50
+| setup_arch+0x164/0x1e0
+| start_kernel+0x64/0x38c
+| __primary_switched+0xbc/0xc4
+
+Restrict CONFIG_CPU_BIG_ENDIAN to a known good assembler, which is
+either GNU as or LLVM's IAS 15.0.0 and newer, which contains the linked
+commit.
+
+Closes: https://github.com/ClangBuiltLinux/linux/issues/1948
+Link: https://github.com/llvm/llvm-project/commit/1379b150991f70a5782e9a143c2ba5308da1161c
+Signed-off-by: Nathan Chancellor <nathan@kernel.org>
+Cc: stable@vger.kernel.org
+Acked-by: Mark Rutland <mark.rutland@arm.com>
+Link: https://lore.kernel.org/r/20231025-disable-arm64-be-ias-b4-llvm-15-v1-1-b25263ed8b23@kernel.org
+Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/arm64/Kconfig | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/arch/arm64/Kconfig
++++ b/arch/arm64/Kconfig
+@@ -1304,6 +1304,8 @@ choice
+ config CPU_BIG_ENDIAN
+ bool "Build big-endian kernel"
+ depends on !LD_IS_LLD || LLD_VERSION >= 130000
++ # https://github.com/llvm/llvm-project/commit/1379b150991f70a5782e9a143c2ba5308da1161c
++ depends on AS_IS_GNU || AS_VERSION >= 150000
+ help
+ Say Y if you plan on running a kernel with a big-endian userspace.
+
--- /dev/null
+From 99cd4935cb972d0aafb16838bb2aeadbcaf196ce Mon Sep 17 00:00:00 2001
+From: Kathiravan Thirumoorthy <quic_kathirav@quicinc.com>
+Date: Thu, 14 Sep 2023 12:29:52 +0530
+Subject: clk: qcom: ipq6018: drop the CLK_SET_RATE_PARENT flag from PLL clocks
+
+From: Kathiravan Thirumoorthy <quic_kathirav@quicinc.com>
+
+commit 99cd4935cb972d0aafb16838bb2aeadbcaf196ce upstream.
+
+GPLL, NSS crypto PLL clock rates are fixed and shouldn't be scaled based
+on the request from dependent clocks. Doing so will result in the
+unexpected behaviour. So drop the CLK_SET_RATE_PARENT flag from the PLL
+clocks.
+
+Cc: stable@vger.kernel.org
+Fixes: d9db07f088af ("clk: qcom: Add ipq6018 Global Clock Controller support")
+Signed-off-by: Kathiravan Thirumoorthy <quic_kathirav@quicinc.com>
+Reviewed-by: Konrad Dybcio <konrad.dybcio@linaro.org>
+Link: https://lore.kernel.org/r/20230913-gpll_cleanup-v2-2-c8ceb1a37680@quicinc.com
+Signed-off-by: Bjorn Andersson <andersson@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/clk/qcom/gcc-ipq6018.c | 6 ------
+ 1 file changed, 6 deletions(-)
+
+--- a/drivers/clk/qcom/gcc-ipq6018.c
++++ b/drivers/clk/qcom/gcc-ipq6018.c
+@@ -75,7 +75,6 @@ static struct clk_fixed_factor gpll0_out
+ &gpll0_main.clkr.hw },
+ .num_parents = 1,
+ .ops = &clk_fixed_factor_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
+@@ -89,7 +88,6 @@ static struct clk_alpha_pll_postdiv gpll
+ &gpll0_main.clkr.hw },
+ .num_parents = 1,
+ .ops = &clk_alpha_pll_postdiv_ro_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
+@@ -164,7 +162,6 @@ static struct clk_alpha_pll_postdiv gpll
+ &gpll6_main.clkr.hw },
+ .num_parents = 1,
+ .ops = &clk_alpha_pll_postdiv_ro_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
+@@ -195,7 +192,6 @@ static struct clk_alpha_pll_postdiv gpll
+ &gpll4_main.clkr.hw },
+ .num_parents = 1,
+ .ops = &clk_alpha_pll_postdiv_ro_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
+@@ -246,7 +242,6 @@ static struct clk_alpha_pll_postdiv gpll
+ &gpll2_main.clkr.hw },
+ .num_parents = 1,
+ .ops = &clk_alpha_pll_postdiv_ro_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
+@@ -277,7 +272,6 @@ static struct clk_alpha_pll_postdiv nss_
+ &nss_crypto_pll_main.clkr.hw },
+ .num_parents = 1,
+ .ops = &clk_alpha_pll_postdiv_ro_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
--- /dev/null
+From e641a070137dd959932c7c222e000d9d941167a2 Mon Sep 17 00:00:00 2001
+From: Kathiravan Thirumoorthy <quic_kathirav@quicinc.com>
+Date: Thu, 14 Sep 2023 12:29:51 +0530
+Subject: clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Kathiravan Thirumoorthy <quic_kathirav@quicinc.com>
+
+commit e641a070137dd959932c7c222e000d9d941167a2 upstream.
+
+GPLL, NSS crypto PLL clock rates are fixed and shouldn't be scaled based
+on the request from dependent clocks. Doing so will result in the
+unexpected behaviour. So drop the CLK_SET_RATE_PARENT flag from the PLL
+clocks.
+
+Cc: stable@vger.kernel.org
+Fixes: b8e7e519625f ("clk: qcom: ipq8074: add remaining PLL’s")
+Signed-off-by: Kathiravan Thirumoorthy <quic_kathirav@quicinc.com>
+Link: https://lore.kernel.org/r/20230913-gpll_cleanup-v2-1-c8ceb1a37680@quicinc.com
+Signed-off-by: Bjorn Andersson <andersson@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/clk/qcom/gcc-ipq8074.c | 6 ------
+ 1 file changed, 6 deletions(-)
+
+--- a/drivers/clk/qcom/gcc-ipq8074.c
++++ b/drivers/clk/qcom/gcc-ipq8074.c
+@@ -419,7 +419,6 @@ static struct clk_fixed_factor gpll0_out
+ },
+ .num_parents = 1,
+ .ops = &clk_fixed_factor_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
+@@ -466,7 +465,6 @@ static struct clk_alpha_pll_postdiv gpll
+ },
+ .num_parents = 1,
+ .ops = &clk_alpha_pll_postdiv_ro_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
+@@ -499,7 +497,6 @@ static struct clk_alpha_pll_postdiv gpll
+ },
+ .num_parents = 1,
+ .ops = &clk_alpha_pll_postdiv_ro_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
+@@ -533,7 +530,6 @@ static struct clk_alpha_pll_postdiv gpll
+ },
+ .num_parents = 1,
+ .ops = &clk_alpha_pll_postdiv_ro_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
+@@ -547,7 +543,6 @@ static struct clk_fixed_factor gpll6_out
+ },
+ .num_parents = 1,
+ .ops = &clk_fixed_factor_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
+@@ -612,7 +607,6 @@ static struct clk_alpha_pll_postdiv nss_
+ },
+ .num_parents = 1,
+ .ops = &clk_alpha_pll_postdiv_ro_ops,
+- .flags = CLK_SET_RATE_PARENT,
+ },
+ };
+
--- /dev/null
+From d761bb01c85b22d5b44abe283eb89019693f6595 Mon Sep 17 00:00:00 2001
+From: "Gustavo A. R. Silva" <gustavoars@kernel.org>
+Date: Mon, 23 Oct 2023 21:30:52 -0600
+Subject: clk: socfpga: Fix undefined behavior bug in struct stratix10_clock_data
+
+From: Gustavo A. R. Silva <gustavoars@kernel.org>
+
+commit d761bb01c85b22d5b44abe283eb89019693f6595 upstream.
+
+`struct clk_hw_onecell_data` is a flexible structure, which means that
+it contains flexible-array member at the bottom, in this case array
+`hws`:
+
+include/linux/clk-provider.h:
+1380 struct clk_hw_onecell_data {
+1381 unsigned int num;
+1382 struct clk_hw *hws[] __counted_by(num);
+1383 };
+
+This could potentially lead to an overwrite of the objects following
+`clk_data` in `struct stratix10_clock_data`, in this case
+`void __iomem *base;` at run-time:
+
+drivers/clk/socfpga/stratix10-clk.h:
+ 9 struct stratix10_clock_data {
+ 10 struct clk_hw_onecell_data clk_data;
+ 11 void __iomem *base;
+ 12 };
+
+There are currently three different places where memory is allocated for
+`struct stratix10_clock_data`, including the flex-array `hws` in
+`struct clk_hw_onecell_data`:
+
+drivers/clk/socfpga/clk-agilex.c:
+469 clk_data = devm_kzalloc(dev, struct_size(clk_data, clk_data.hws,
+470 num_clks), GFP_KERNEL);
+
+drivers/clk/socfpga/clk-agilex.c:
+509 clk_data = devm_kzalloc(dev, struct_size(clk_data, clk_data.hws,
+510 num_clks), GFP_KERNEL);
+
+drivers/clk/socfpga/clk-s10.c:
+400 clk_data = devm_kzalloc(dev, struct_size(clk_data, clk_data.hws,
+401 num_clks), GFP_KERNEL);
+
+I'll use just one of them to describe the issue. See below.
+
+Notice that a total of 440 bytes are allocated for flexible-array member
+`hws` at line 469:
+
+include/dt-bindings/clock/agilex-clock.h:
+ 70 #define AGILEX_NUM_CLKS 55
+
+drivers/clk/socfpga/clk-agilex.c:
+459 struct stratix10_clock_data *clk_data;
+460 void __iomem *base;
+...
+466
+467 num_clks = AGILEX_NUM_CLKS;
+468
+469 clk_data = devm_kzalloc(dev, struct_size(clk_data, clk_data.hws,
+470 num_clks), GFP_KERNEL);
+
+`struct_size(clk_data, clk_data.hws, num_clks)` above translates to
+sizeof(struct stratix10_clock_data) + sizeof(struct clk_hw *) * 55 ==
+16 + 8 * 55 == 16 + 440
+ ^^^
+ |
+ allocated bytes for flex-array `hws`
+
+474 for (i = 0; i < num_clks; i++)
+475 clk_data->clk_data.hws[i] = ERR_PTR(-ENOENT);
+476
+477 clk_data->base = base;
+
+and then some data is written into both `hws` and `base` objects.
+
+Fix this by placing the declaration of object `clk_data` at the end of
+`struct stratix10_clock_data`. Also, add a comment to make it clear
+that this object must always be last in the structure.
+
+-Wflex-array-member-not-at-end is coming in GCC-14, and we are getting
+ready to enable it globally.
+
+Fixes: ba7e258425ac ("clk: socfpga: Convert to s10/agilex/n5x to use clk_hw")
+Cc: stable@vger.kernel.org
+Reviewed-by: Kees Cook <keescook@chromium.org>
+Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
+Link: https://lore.kernel.org/r/1da736106d8e0806aeafa6e471a13ced490eae22.1698117815.git.gustavoars@kernel.org
+Signed-off-by: Stephen Boyd <sboyd@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/clk/socfpga/stratix10-clk.h | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/drivers/clk/socfpga/stratix10-clk.h
++++ b/drivers/clk/socfpga/stratix10-clk.h
+@@ -7,8 +7,10 @@
+ #define __STRATIX10_CLK_H
+
+ struct stratix10_clock_data {
+- struct clk_hw_onecell_data clk_data;
+ void __iomem *base;
++
++ /* Must be last */
++ struct clk_hw_onecell_data clk_data;
+ };
+
+ struct stratix10_pll_clock {
--- /dev/null
+From eebff19acaa35820cb09ce2ccb3d21bee2156ffb Mon Sep 17 00:00:00 2001
+From: Namjae Jeon <linkinjeon@kernel.org>
+Date: Sun, 5 Nov 2023 12:46:24 +0900
+Subject: ksmbd: fix slab out of bounds write in smb_inherit_dacl()
+
+From: Namjae Jeon <linkinjeon@kernel.org>
+
+commit eebff19acaa35820cb09ce2ccb3d21bee2156ffb upstream.
+
+slab out-of-bounds write is caused by that offsets is bigger than pntsd
+allocation size. This patch add the check to validate 3 offsets using
+allocation size.
+
+Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-22271
+Cc: stable@vger.kernel.org
+Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/smb/server/smbacl.c | 29 ++++++++++++++++++++++++++---
+ 1 file changed, 26 insertions(+), 3 deletions(-)
+
+--- a/fs/smb/server/smbacl.c
++++ b/fs/smb/server/smbacl.c
+@@ -1107,6 +1107,7 @@ pass:
+ struct smb_acl *pdacl;
+ struct smb_sid *powner_sid = NULL, *pgroup_sid = NULL;
+ int powner_sid_size = 0, pgroup_sid_size = 0, pntsd_size;
++ int pntsd_alloc_size;
+
+ if (parent_pntsd->osidoffset) {
+ powner_sid = (struct smb_sid *)((char *)parent_pntsd +
+@@ -1119,9 +1120,10 @@ pass:
+ pgroup_sid_size = 1 + 1 + 6 + (pgroup_sid->num_subauth * 4);
+ }
+
+- pntsd = kzalloc(sizeof(struct smb_ntsd) + powner_sid_size +
+- pgroup_sid_size + sizeof(struct smb_acl) +
+- nt_size, GFP_KERNEL);
++ pntsd_alloc_size = sizeof(struct smb_ntsd) + powner_sid_size +
++ pgroup_sid_size + sizeof(struct smb_acl) + nt_size;
++
++ pntsd = kzalloc(pntsd_alloc_size, GFP_KERNEL);
+ if (!pntsd) {
+ rc = -ENOMEM;
+ goto free_aces_base;
+@@ -1136,6 +1138,27 @@ pass:
+ pntsd->gsidoffset = parent_pntsd->gsidoffset;
+ pntsd->dacloffset = parent_pntsd->dacloffset;
+
++ if ((u64)le32_to_cpu(pntsd->osidoffset) + powner_sid_size >
++ pntsd_alloc_size) {
++ rc = -EINVAL;
++ kfree(pntsd);
++ goto free_aces_base;
++ }
++
++ if ((u64)le32_to_cpu(pntsd->gsidoffset) + pgroup_sid_size >
++ pntsd_alloc_size) {
++ rc = -EINVAL;
++ kfree(pntsd);
++ goto free_aces_base;
++ }
++
++ if ((u64)le32_to_cpu(pntsd->dacloffset) + sizeof(struct smb_acl) + nt_size >
++ pntsd_alloc_size) {
++ rc = -EINVAL;
++ kfree(pntsd);
++ goto free_aces_base;
++ }
++
+ if (pntsd->osidoffset) {
+ struct smb_sid *owner_sid = (struct smb_sid *)((char *)pntsd +
+ le32_to_cpu(pntsd->osidoffset));
--- /dev/null
+From 5a5409d90bd05f87fe5623a749ccfbf3f7c7d400 Mon Sep 17 00:00:00 2001
+From: Namjae Jeon <linkinjeon@kernel.org>
+Date: Tue, 7 Nov 2023 21:04:31 +0900
+Subject: ksmbd: handle malformed smb1 message
+
+From: Namjae Jeon <linkinjeon@kernel.org>
+
+commit 5a5409d90bd05f87fe5623a749ccfbf3f7c7d400 upstream.
+
+If set_smb1_rsp_status() is not implemented, It will cause NULL pointer
+dereferece error when client send malformed smb1 message.
+This patch add set_smb1_rsp_status() to ignore malformed smb1 message.
+
+Cc: stable@vger.kernel.org
+Reported-by: Robert Morris <rtm@csail.mit.edu>
+Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/smb/server/smb_common.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+--- a/fs/smb/server/smb_common.c
++++ b/fs/smb/server/smb_common.c
+@@ -372,11 +372,22 @@ static int smb1_allocate_rsp_buf(struct
+ return 0;
+ }
+
++/**
++ * set_smb1_rsp_status() - set error type in smb response header
++ * @work: smb work containing smb response header
++ * @err: error code to set in response
++ */
++static void set_smb1_rsp_status(struct ksmbd_work *work, __le32 err)
++{
++ work->send_no_response = 1;
++}
++
+ static struct smb_version_ops smb1_server_ops = {
+ .get_cmd_val = get_smb1_cmd_val,
+ .init_rsp_hdr = init_smb1_rsp_hdr,
+ .allocate_rsp_buf = smb1_allocate_rsp_buf,
+ .check_user_session = smb1_check_user_session,
++ .set_rsp_status = set_smb1_rsp_status,
+ };
+
+ static int smb1_negotiate(struct ksmbd_work *work)
--- /dev/null
+From ed9009ad300c0f15a3ecfe9613547b1962bde02c Mon Sep 17 00:00:00 2001
+From: Bean Huo <beanhuo@micron.com>
+Date: Mon, 30 Oct 2023 23:48:09 +0100
+Subject: mmc: Add quirk MMC_QUIRK_BROKEN_CACHE_FLUSH for Micron eMMC Q2J54A
+
+From: Bean Huo <beanhuo@micron.com>
+
+commit ed9009ad300c0f15a3ecfe9613547b1962bde02c upstream.
+
+Micron MTFC4GACAJCN eMMC supports cache but requires that flush cache
+operation be allowed only after a write has occurred. Otherwise, the
+cache flush command or subsequent commands will time out.
+
+Signed-off-by: Bean Huo <beanhuo@micron.com>
+Signed-off-by: Rafael Beims <rafael.beims@toradex.com>
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20231030224809.59245-1-beanhuo@iokpp.de
+Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/mmc/core/block.c | 4 +++-
+ drivers/mmc/core/card.h | 4 ++++
+ drivers/mmc/core/mmc.c | 8 ++++++--
+ drivers/mmc/core/quirks.h | 7 ++++---
+ include/linux/mmc/card.h | 2 ++
+ 5 files changed, 19 insertions(+), 6 deletions(-)
+
+--- a/drivers/mmc/core/block.c
++++ b/drivers/mmc/core/block.c
+@@ -2404,8 +2404,10 @@ enum mmc_issued mmc_blk_mq_issue_rq(stru
+ }
+ ret = mmc_blk_cqe_issue_flush(mq, req);
+ break;
+- case REQ_OP_READ:
+ case REQ_OP_WRITE:
++ card->written_flag = true;
++ fallthrough;
++ case REQ_OP_READ:
+ if (host->cqe_enabled)
+ ret = mmc_blk_cqe_issue_rw_rq(mq, req);
+ else
+--- a/drivers/mmc/core/card.h
++++ b/drivers/mmc/core/card.h
+@@ -280,4 +280,8 @@ static inline int mmc_card_broken_sd_cac
+ return c->quirks & MMC_QUIRK_BROKEN_SD_CACHE;
+ }
+
++static inline int mmc_card_broken_cache_flush(const struct mmc_card *c)
++{
++ return c->quirks & MMC_QUIRK_BROKEN_CACHE_FLUSH;
++}
+ #endif
+--- a/drivers/mmc/core/mmc.c
++++ b/drivers/mmc/core/mmc.c
+@@ -2081,13 +2081,17 @@ static int _mmc_flush_cache(struct mmc_h
+ {
+ int err = 0;
+
++ if (mmc_card_broken_cache_flush(host->card) && !host->card->written_flag)
++ return 0;
++
+ if (_mmc_cache_enabled(host)) {
+ err = mmc_switch(host->card, EXT_CSD_CMD_SET_NORMAL,
+ EXT_CSD_FLUSH_CACHE, 1,
+ CACHE_FLUSH_TIMEOUT_MS);
+ if (err)
+- pr_err("%s: cache flush error %d\n",
+- mmc_hostname(host), err);
++ pr_err("%s: cache flush error %d\n", mmc_hostname(host), err);
++ else
++ host->card->written_flag = false;
+ }
+
+ return err;
+--- a/drivers/mmc/core/quirks.h
++++ b/drivers/mmc/core/quirks.h
+@@ -117,11 +117,12 @@ static const struct mmc_fixup __maybe_un
+ MMC_QUIRK_TRIM_BROKEN),
+
+ /*
+- * Micron MTFC4GACAJCN-1M advertises TRIM but it does not seems to
+- * support being used to offload WRITE_ZEROES.
++ * Micron MTFC4GACAJCN-1M supports TRIM but does not appear to support
++ * WRITE_ZEROES offloading. It also supports caching, but the cache can
++ * only be flushed after a write has occurred.
+ */
+ MMC_FIXUP("Q2J54A", CID_MANFID_MICRON, 0x014e, add_quirk_mmc,
+- MMC_QUIRK_TRIM_BROKEN),
++ MMC_QUIRK_TRIM_BROKEN | MMC_QUIRK_BROKEN_CACHE_FLUSH),
+
+ /*
+ * Some SD cards reports discard support while they don't
+--- a/include/linux/mmc/card.h
++++ b/include/linux/mmc/card.h
+@@ -295,7 +295,9 @@ struct mmc_card {
+ #define MMC_QUIRK_BROKEN_HPI (1<<13) /* Disable broken HPI support */
+ #define MMC_QUIRK_BROKEN_SD_DISCARD (1<<14) /* Disable broken SD discard support */
+ #define MMC_QUIRK_BROKEN_SD_CACHE (1<<15) /* Disable broken SD cache support */
++#define MMC_QUIRK_BROKEN_CACHE_FLUSH (1<<16) /* Don't flush cache until the write has occurred */
+
++ bool written_flag; /* Indicates eMMC has been written since power on */
+ bool reenable_cmdq; /* Re-enable Command Queue */
+
+ unsigned int erase_size; /* erase size in sectors */
--- /dev/null
+From 71956d0cb56c1e5f9feeb4819db87a076418e930 Mon Sep 17 00:00:00 2001
+From: Nitin Yadav <n-yadav@ti.com>
+Date: Thu, 26 Oct 2023 11:44:58 +0530
+Subject: mmc: sdhci_am654: fix start loop index for TAP value parsing
+
+From: Nitin Yadav <n-yadav@ti.com>
+
+commit 71956d0cb56c1e5f9feeb4819db87a076418e930 upstream.
+
+ti,otap-del-sel-legacy/ti,itap-del-sel-legacy passed from DT
+are currently ignored for all SD/MMC and eMMC modes. Fix this
+by making start loop index to MMC_TIMING_LEGACY.
+
+Fixes: 8ee5fc0e0b3b ("mmc: sdhci_am654: Update OTAPDLY writes")
+Signed-off-by: Nitin Yadav <n-yadav@ti.com>
+Acked-by: Adrian Hunter <adrian.hunter@intel.com>
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20231026061458.1116276-1-n-yadav@ti.com
+Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/mmc/host/sdhci_am654.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/mmc/host/sdhci_am654.c
++++ b/drivers/mmc/host/sdhci_am654.c
+@@ -597,7 +597,7 @@ static int sdhci_am654_get_otap_delay(st
+ return 0;
+ }
+
+- for (i = MMC_TIMING_MMC_HS; i <= MMC_TIMING_MMC_HS400; i++) {
++ for (i = MMC_TIMING_LEGACY; i <= MMC_TIMING_MMC_HS400; i++) {
+
+ ret = device_property_read_u32(dev, td[i].otap_binding,
+ &sdhci_am654->otap_del_sel[i]);
--- /dev/null
+From b44f9da81783fda72632ef9b0d05ea3f3ca447a5 Mon Sep 17 00:00:00 2001
+From: Dan Carpenter <dan.carpenter@linaro.org>
+Date: Thu, 2 Nov 2023 10:51:06 +0300
+Subject: mmc: vub300: fix an error code
+
+From: Dan Carpenter <dan.carpenter@linaro.org>
+
+commit b44f9da81783fda72632ef9b0d05ea3f3ca447a5 upstream.
+
+This error path should return -EINVAL instead of success.
+
+Fixes: 88095e7b473a ("mmc: Add new VUB300 USB-to-SD/SDIO/MMC driver")
+Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/0769d30c-ad80-421b-bf5d-7d6f5d85604e@moroto.mountain
+Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/mmc/host/vub300.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/drivers/mmc/host/vub300.c
++++ b/drivers/mmc/host/vub300.c
+@@ -2311,6 +2311,7 @@ static int vub300_probe(struct usb_inter
+ vub300->read_only =
+ (0x0010 & vub300->system_port_status.port_flags) ? 1 : 0;
+ } else {
++ retval = -EINVAL;
+ goto error5;
+ }
+ usb_set_intfdata(interface, vub300);
--- /dev/null
+From 6240553b52c475d9fc9674de0521b77e692f3764 Mon Sep 17 00:00:00 2001
+From: Helge Deller <deller@gmx.de>
+Date: Sun, 22 Oct 2023 11:48:11 +0200
+Subject: parisc/pdc: Add width field to struct pdc_model
+
+From: Helge Deller <deller@gmx.de>
+
+commit 6240553b52c475d9fc9674de0521b77e692f3764 upstream.
+
+PDC2.0 specifies the additional PSW-bit field.
+
+Signed-off-by: Helge Deller <deller@gmx.de>
+Cc: stable@vger.kernel.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/parisc/include/uapi/asm/pdc.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/arch/parisc/include/uapi/asm/pdc.h
++++ b/arch/parisc/include/uapi/asm/pdc.h
+@@ -472,6 +472,7 @@ struct pdc_model { /* for PDC_MODEL */
+ unsigned long arch_rev;
+ unsigned long pot_key;
+ unsigned long curr_key;
++ unsigned long width; /* default of PSW_W bit (1=enabled) */
+ };
+
+ struct pdc_cache_cf { /* for PDC_CACHE (I/D-caches) */
--- /dev/null
+From d0c219472980d15f5cbc5c8aec736848bda3f235 Mon Sep 17 00:00:00 2001
+From: Helge Deller <deller@gmx.de>
+Date: Tue, 17 Oct 2023 22:19:53 +0200
+Subject: parisc/power: Add power soft-off when running on qemu
+
+From: Helge Deller <deller@gmx.de>
+
+commit d0c219472980d15f5cbc5c8aec736848bda3f235 upstream.
+
+Signed-off-by: Helge Deller <deller@gmx.de>
+Cc: stable@vger.kernel.org # v6.0+
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/parisc/power.c | 16 +++++++++++++++-
+ 1 file changed, 15 insertions(+), 1 deletion(-)
+
+--- a/drivers/parisc/power.c
++++ b/drivers/parisc/power.c
+@@ -197,6 +197,14 @@ static struct notifier_block parisc_pani
+ .priority = INT_MAX,
+ };
+
++/* qemu soft power-off function */
++static int qemu_power_off(struct sys_off_data *data)
++{
++ /* this turns the system off via SeaBIOS */
++ *(int *)data->cb_data = 0;
++ pdc_soft_power_button(1);
++ return NOTIFY_DONE;
++}
+
+ static int __init power_init(void)
+ {
+@@ -226,7 +234,13 @@ static int __init power_init(void)
+ soft_power_reg);
+ }
+
+- power_task = kthread_run(kpowerswd, (void*)soft_power_reg, KTHREAD_NAME);
++ power_task = NULL;
++ if (running_on_qemu && soft_power_reg)
++ register_sys_off_handler(SYS_OFF_MODE_POWER_OFF, SYS_OFF_PRIO_DEFAULT,
++ qemu_power_off, (void *)soft_power_reg);
++ else
++ power_task = kthread_run(kpowerswd, (void*)soft_power_reg,
++ KTHREAD_NAME);
+ if (IS_ERR(power_task)) {
+ printk(KERN_ERR DRIVER_NAME ": thread creation failed. Driver not loaded.\n");
+ pdc_soft_power_button(0);
keys-trusted-rollback-init_trusted-consistently.patch
pci-keystone-don-t-discard-.remove-callback.patch
pci-keystone-don-t-discard-.probe-callback.patch
+arm64-restrict-cpu_big_endian-to-gnu-as-or-llvm-ias-15.x-or-newer.patch
+parisc-pdc-add-width-field-to-struct-pdc_model.patch
+parisc-power-add-power-soft-off-when-running-on-qemu.patch
+clk-socfpga-fix-undefined-behavior-bug-in-struct-stratix10_clock_data.patch
+clk-qcom-ipq8074-drop-the-clk_set_rate_parent-flag-from-pll-clocks.patch
+clk-qcom-ipq6018-drop-the-clk_set_rate_parent-flag-from-pll-clocks.patch
+ksmbd-handle-malformed-smb1-message.patch
+ksmbd-fix-slab-out-of-bounds-write-in-smb_inherit_dacl.patch
+mmc-vub300-fix-an-error-code.patch
+mmc-sdhci_am654-fix-start-loop-index-for-tap-value-parsing.patch
+mmc-add-quirk-mmc_quirk_broken_cache_flush-for-micron-emmc-q2j54a.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
