Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Only ser #62

Open
wants to merge 10,000 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 250 commits
Commits
Show all changes
10000 commits
Select commit Hold shift + click to select a range
5aa89a1
USB: serial: option: add Fibocom to DELL custom modem FM101R-GL
LuPuliang Oct 16, 2023
71d224a
perf: Disallow mis-matched inherited group reads
Oct 18, 2023
3ad81e6
s390/pci: fix iommu bitmap allocation
niklas88 Oct 17, 2023
c8b6c2d
selftests/ftrace: Add new test case which checks non unique symbol
eiffel-fl Oct 20, 2023
a73c8d7
s390/cio: fix a memleak in css_alloc_subchannel
dinghaoliu Sep 21, 2023
c6bbe51
platform/surface: platform_profile: Propagate error if profile regist…
Wer-Wolf Oct 14, 2023
e1a058c
platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e
jwrdegoede Oct 17, 2023
4b129e3
platform/x86: asus-wmi: Map 0x2a code, Ignore 0x2b and 0x2c events
jwrdegoede Oct 17, 2023
76d04c3
gpio: vf610: set value before the direction to avoid a glitch
Oct 18, 2023
67f29cd
ASoC: pxa: fix a memory leak in probe()
Oct 5, 2023
b618062
serial: 8250: omap: Move uart_write() inside PM section
geertu May 15, 2023
59f1095
phy: mapphone-mdm6600: Fix runtime disable on probe
tmlind Sep 13, 2023
e1b030b
phy: mapphone-mdm6600: Fix runtime PM for remove
tmlind Sep 13, 2023
c08d609
phy: mapphone-mdm6600: Fix pinctrl_pm handling for sleep pins
tmlind Sep 13, 2023
a6df96e
Bluetooth: hci_sock: fix slab oob read in create_monitor_event
Oct 10, 2023
5a9d05a
Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX…
kees Oct 11, 2023
dff3388
xfrm6: fix inet6_dev refcount underflow problem
Sep 15, 2023
12952a2
Linux 5.15.137
gregkh Oct 25, 2023
39de8e2
Merge 5.15.135 into android13-5.15-lts
gregkh Oct 23, 2023
d7644c8
ANDROID: mm: allow hooks into __alloc_pages()
Oct 24, 2023
d0a5b5f
ANDROID: GKI: Update symbol list for Amlogic
Oct 24, 2023
1ce1d97
Revert "netfilter: handle the connecting collision properly in nf_con…
gregkh Oct 24, 2023
317c6c3
Revert "spi: zynqmp-gqspi: Convert to platform remove callback return…
gregkh Oct 26, 2023
e472d47
Merge 5.15.136 into android13-5.15-lts
gregkh Oct 23, 2023
33c153d
Revert "net: phy: mscc: macsec: reject PN update requests"
gregkh Oct 24, 2023
90ec783
Revert "net: macsec: indicate next pn update when offloading"
gregkh Oct 24, 2023
53a5492
Revert "RDMA/srp: Do not call scsi_done() from srp_abort()"
gregkh Oct 24, 2023
aa17a5f
Revert "scsi: ib_srp: Call scsi_done() directly"
gregkh Oct 24, 2023
5448f20
Revert "scsi: core: Rename scsi_mq_done() into scsi_done() and export…
gregkh Oct 24, 2023
987f2b7
Revert "scsi: core: Use a structure member to track the SCSI command …
gregkh Oct 24, 2023
88545de
Revert "net: release reference to inet6_dev pointer"
gregkh Oct 24, 2023
042c8b7
Revert "net: change accept_ra_min_rtr_lft to affect all RA lifetimes"
gregkh Oct 24, 2023
558a246
Revert "net: add sysctl accept_ra_min_rtr_lft"
gregkh Oct 24, 2023
a7c5fe8
Merge 5.15.137 into android13-5.15-lts
gregkh Oct 25, 2023
ea135f6
ANDROID: GKI: arm64: drop CONFIG_DEBUG_PREEMPT forced disable
gregkh Oct 26, 2023
ca21a66
Revert "xfrm: interface: use DEV_STATS_INC()"
gregkh Oct 26, 2023
1706e8a
Revert "Bluetooth: hci_core: Fix build warnings"
gregkh Oct 26, 2023
0e202e5
Revert "xfrm: fix a data-race in xfrm_gen_index()"
gregkh Oct 26, 2023
96e78d1
Revert "perf: Disallow mis-matched inherited group reads"
gregkh Oct 26, 2023
1027701
ANDROID: GKI: Update symbol list for Tuxera
Oct 25, 2023
61cfd26
Revert "ipv4/fib: send notify when delete source address routes"
gregkh Oct 26, 2023
a82ccd7
UPSTREAM: ravb: Fix up dma_free_coherent() call in ravb_remove()
shimoday Oct 5, 2023
ff64284
UPSTREAM: ravb: Fix use-after-free issue in ravb_tx_timeout_work()
shimoday Oct 5, 2023
0f24a9e
UPSTREAM: usb: gadget: uvc: clean up comments and styling in video_pump
Jun 2, 2023
b153f0c
UPSTREAM: usb: gadget: function: Remove unused declarations
Aug 18, 2023
85156cf
UPSTREAM: usb: gadget: f_uvc: change endpoint allocation in uvc_funct…
Aug 3, 2023
df15bb1
BACKPORT: usb: gadget: unconditionally allocate hs/ss descriptor in b…
Aug 3, 2023
373d867
BACKPORT: usb: gadget: uvc: Add missing initialization of ssp config …
shuzhenwang Oct 27, 2023
c85178c
UPSTREAM: netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 mac…
Kyle-Kyle Sep 5, 2023
85ccc4a
ANDROID: ABI: Update symbols to unisoc whitelist
Nov 2, 2023
f0033a7
ANDROID: abi_gki_aarch64_qcom: Update QCOM symbol list
Nov 6, 2023
e4cb5ea
FROMGIT: ufs: core: wlun send SSU timeout recovery
ptr324 Sep 27, 2023
46b8053
UPSTREAM: vringh: don't use vringh_kiov_advance() in vringh_iov_xfer()
stefano-garzarella Sep 25, 2023
30e0cb0
BACKPORT: serial: 8250_pci: add support for ASIX AX99100
jiaqingz-intel Jul 24, 2023
0a4c109
BACKPORT: x86/mm: Do not shuffle CPU entry areas without KASLR
Werkov Mar 6, 2023
fb24bcd
FROMLIST: ALSA: virtio: add support for audio controls
xinxin-wan Jul 21, 2023
75f4c36
Add i2s_boards in avs driver for RPL
haochuan1982 Oct 24, 2023
ade97d8
BACKPORT:ACPI: fan: Fix error reporting to user space
spandruvada Feb 11, 2022
2beec6e
BACKPORT:ACPI: fan: Separate file for attributes creation
spandruvada Feb 11, 2022
1e55b89
BACKPORT: ACPI: fan: Optimize struct acpi_fan_fif
spandruvada Feb 11, 2022
6daface
BACKPORT: ACPI: fan: Properly handle fine grain control
spandruvada Feb 11, 2022
dc6a754
BACKPORT: ACPI: fan: Add additional attributes for fine grain control
spandruvada Feb 11, 2022
4323712
ALSA: hda: Allow for 16 channels configuration
crojewsk-intel Aug 18, 2023
e195dff
ASoC: Intel: avs: Allow for 16 channels configuration
crojewsk-intel Aug 18, 2023
717d21e
Disabling USB2 LPM mode
vilasrk Oct 4, 2023
7d7fb5d
BACKPORT: USB: core: Unite old scheme and new scheme descriptor reads
AlanStern Aug 4, 2023
da0894e
BACKPORT: USB: core: Change usb_get_device_descriptor() API
AlanStern Aug 4, 2023
2d870d0
BACKPORT: USB: core: Fix race by not overwriting udev->descriptor in …
AlanStern Aug 4, 2023
31bc1ce
BACKPORT: USB: Remove remnants of Wireless USB and UWB
AlanStern Aug 9, 2023
66eade7
BACKPORT: USB: core: Fix oversight in SuperSpeed initialization
AlanStern Aug 11, 2023
50832b5
BACKPORT: af_unix: Fix null-ptr-deref in unix_stream_sendpage().
q2ven Aug 21, 2023
632b0d1
BACKPORT: net/sched: cls_u32: No longer copy tcf_result on update to …
Jul 29, 2023
13c25e8
BACKPORT: net: tun_chr_open(): set sk_uid from current_fsuid()
lersek Jul 31, 2023
20090f4
BACKPORT: net: tap_open(): set sk_uid from current_fsuid()
lersek Jul 31, 2023
29ee427
UPSTREAM: firmware_loader: Refactor kill_pending_fw_fallback_reqs()
Oct 26, 2023
e3eb2bb
BACKPORT: firmware_loader: Abort all upcoming firmware load request o…
Oct 26, 2023
6dcfedc
UPSTREAM: kthread: dynamically allocate memory to store kthread's ful…
laoar Jan 20, 2022
cb34f4e
ASoC: codecs: wcd938x: fix resource leaks on bind errors
jhovold Oct 3, 2023
51b054f
ASoC: codecs: wcd938x: fix runtime PM imbalance on remove
jhovold Oct 3, 2023
0f482ad
pinctrl: qcom: lpass-lpi: fix concurrent register updates
krzk Oct 13, 2023
6834275
tcp: remove dead code from tcp_sendmsg_locked()
Oct 27, 2021
fd2b2da
tcp: cleanup tcp_remove_empty_skb() use
Oct 27, 2021
90918ef
mptcp: more conservative check for zero probes
Oct 18, 2023
f2ac8b2
mcb: Return actual parsed size when reading chameleon table
mad-jrodriguez Apr 11, 2023
41bb770
mcb-lpc: Reallocate memory region to avoid memory overlapping
mad-jrodriguez Apr 11, 2023
862a356
virtio_balloon: Fix endless deflation and inflation on arm64
Aug 31, 2023
fbc9a87
virtio-mmio: fix memory leak of vm_dev
heynemax Sep 11, 2023
3a6cee2
vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE
eauger Sep 27, 2023
c4071c6
mm/page_alloc: correct start page when guard page debug is enabled
Sep 27, 2023
556b68d
mm/migrate: fix do_pages_move for compat pointers
Oct 3, 2023
43bd431
nfsd: lock_rename() needs both directories to live on the same fs
Oct 15, 2023
15a8cac
drm/i915/pmu: Check if pmu is closed before stopping event
unerlige Oct 20, 2023
1e02df6
vsock/virtio: factor our the code to initialize and delete VQs
stefano-garzarella Apr 28, 2022
762c251
vsock/virtio: add support for device suspend/resume
stefano-garzarella Apr 28, 2022
8860f01
vsock/virtio: initialize the_virtio_vsock before using VQs
alex-matei Oct 24, 2023
0d587b8
drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper()
semihalf-majczak-lukasz Sep 22, 2023
04dbfa4
firmware/imx-dsp: Fix use_after_free in imx_dsp_setup_channels()
GeHao01994 Oct 8, 2023
9d7b383
r8169: fix the KCSAN reported data-race in rtl_tx() while reading tp-…
Oct 18, 2023
6afb294
r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDes…
Oct 18, 2023
c532c5d
r8169: fix the KCSAN reported data race in rtl_rx while reading desc-…
Oct 18, 2023
bc0c4bc
i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value
Oct 19, 2023
2634219
treewide: Spelling fix in comment
KunWuChan Oct 20, 2023
6675549
igb: Fix potential memory leak in igb_add_ethtool_nfc_entry
mpalczew96 Oct 19, 2023
4952941
neighbour: fix various data-races
Oct 19, 2023
46cd35e
igc: Fix ambiguity in the ethtool advertising
aneftin Oct 19, 2023
6afd112
net: ieee802154: adf7242: Fix some potential buffer overflow in adf72…
tititiou36 Oct 21, 2023
76873f2
net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg
Oct 20, 2023
6fa3b9f
r8152: Increase USB control msg timeout to 5000ms as per spec
dianders Oct 20, 2023
ff42b0a
r8152: Run the unload routine if we have errors during probe
dianders Oct 20, 2023
e0f9231
r8152: Cancel hw_phy_work if we have an error in probe
dianders Oct 20, 2023
83cfa3b
r8152: Release firmware if we have an error in probe
dianders Oct 20, 2023
852fb4c
tcp: fix wrong RTO timeout when received SACK reneging
Oct 21, 2023
c0dad0c
gtp: uapi: fix GTPA_MAX
ummakynes Oct 22, 2023
d5c175f
gtp: fix fragmentation needed check with gso
ummakynes Oct 22, 2023
bdfa4fa
i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR
Oct 23, 2023
4e14f2d
kasan: print the original fault addr when access invalid shadow
Oct 9, 2023
3c1312b
iio: exynos-adc: request second interupt only when touchscreen mode i…
mszyprow Oct 9, 2023
70322a4
iio: adc: xilinx-xadc: Don't clobber preset voltage/temperature thres…
robhancocksed Sep 15, 2023
eace761
iio: adc: xilinx-xadc: Correct temperature offset/scale for UltraScale
robhancocksed Sep 15, 2023
cb65e69
i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node()
hcodina Oct 20, 2023
48b58f7
i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node()
hcodina Oct 20, 2023
2766a87
i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node()
hcodina Oct 20, 2023
e97d374
i2c: stm32f7: Fix PEC handling in case of SMBUS transfers
Oct 10, 2023
cdc5709
i2c: aspeed: Fix i2c bus hang in slave read
zhangjian3032 Oct 6, 2023
c4957f0
tracing/kprobes: Fix the description of variable length arguments
Yujie-Liu Oct 27, 2023
e0f95b8
misc: fastrpc: Clean buffers on remote invocation failures
quic-ekangupt Oct 13, 2023
6e22bf6
nvmem: imx: correct nregs for i.MX6ULL
MrVan Oct 13, 2023
0c29481
nvmem: imx: correct nregs for i.MX6SLL
MrVan Oct 13, 2023
6efd498
nvmem: imx: correct nregs for i.MX6UL
MrVan Oct 13, 2023
21b07a2
perf/core: Fix potential NULL deref
Oct 24, 2023
c27ca4a
sparc32: fix a braino in fault handling in csum_and_copy_..._user()
Oct 22, 2023
27dd09f
clk: Sanitize possible_parent_show to Handle Return Value of of_clk_g…
alessandrocarminati Sep 21, 2023
c606715
iio: afe: rescale: reorder includes
liambeguin Jan 8, 2022
7c76b7d
iio: afe: rescale: expose scale processing function
liambeguin Feb 13, 2022
c1eeb49
iio: afe: rescale: add offset support
liambeguin Feb 13, 2022
8b424bd
iio: afe: rescale: Accept only offset channels
linusw Sep 2, 2023
77db87c
gve: Fix GFP flags when allocing pages
shailend-g Sep 13, 2022
897b56a
x86/i8259: Skip probing when ACPI/MADT advertises PCAT compatibility
KAGA-KOKO Oct 25, 2023
d3201c7
x86/mm: Simplify RESERVE_BRK()
jpoimboe May 6, 2022
9e78e77
x86/mm: Fix RESERVE_BRK() for older binutils
jpoimboe Jun 9, 2022
7a99272
ext4: add two helper functions extent_logical_end() and pa_logical_end()
LiBaokun96 Oct 28, 2023
f2c3a3a
ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow
LiBaokun96 Oct 28, 2023
f031e15
ext4: avoid overlapping preallocations due to overflow
LiBaokun96 Oct 28, 2023
37ffa42
objtool/x86: add missing embedded_insn check
Oct 28, 2023
389190b
driver: platform: Add helper for safer setting of driver_override
krzk Oct 31, 2023
5c0da71
rpmsg: Constify local variable in field store macro
krzk Oct 31, 2023
2e76b4f
rpmsg: Fix kfree() of static memory on setting driver_override
krzk Oct 31, 2023
bfd4a66
rpmsg: Fix calling device_lock() on non-initialized device
krzk Oct 31, 2023
a82e0fd
rpmsg: glink: Release driver_override
quic-bjorande Oct 31, 2023
d4c8bf5
rpmsg: Fix possible refcount leak in rpmsg_register_device_override()
HBh25Y Oct 31, 2023
65fd21a
x86: Fix .brk attribute in linker script
jgross1 Jun 30, 2022
5e78ebe
ASoC: simple-card: fixup asoc_simple_probe() error handling
morimoto Sep 19, 2023
eb99b6e
net: sched: cls_u32: Fix allocation size in u32_init()
GustavoARSilva Oct 4, 2023
c57aef9
irqchip/riscv-intc: Mark all INTC nodes as initialized
avpatel Oct 3, 2023
39d2c10
irqchip/stm32-exti: add missing DT IRQ flag translation
lopsided98 Oct 3, 2023
4bdde4d
dmaengine: ste_dma40: Fix PM disable depth imbalance in d40_probe
ZhangShurong Oct 5, 2023
abc62fc
powerpc/85xx: Fix math emulation exception
chleroy Sep 25, 2023
afef8af
Input: synaptics-rmi4 - handle reset delay when using SMBus trsnsport
dtor Oct 14, 2023
738a3ad
fbdev: atyfb: only use ioremap_uc() on i386 and ia64
arndb Sep 21, 2023
59e629f
fs/ntfs3: Add ckeck in ni_update_parent()
aalexandrovich Jun 30, 2023
393966e
fs/ntfs3: Write immediately updated ntfs state
aalexandrovich Jun 30, 2023
962a3d3
fs/ntfs3: Use kvmalloc instead of kmalloc(... __GFP_NOWARN)
aalexandrovich Jun 30, 2023
2de3283
fs/ntfs3: Fix possible NULL-ptr-deref in ni_readpage_cmpr()
aalexandrovich Sep 26, 2023
9452498
fs/ntfs3: Fix NULL pointer dereference on error in attr_allocate_frame()
aalexandrovich Sep 26, 2023
27a0bed
fs/ntfs3: Fix directory element type detection
gemarcano Sep 13, 2023
64ae128
fs/ntfs3: Avoid possible memory leak
Sep 25, 2023
dfcbb98
spi: npcm-fiu: Fix UMA reads when dummy.nbytes == 0
wkennington Sep 22, 2023
fa32e21
netfilter: nfnetlink_log: silence bogus compiler warning
Oct 5, 2023
aade33d
ASoC: rt5650: fix the wrong result of key button
shumingfan Oct 13, 2023
e39440c
drm/ttm: Reorder sys manager cleanup step
drobnik Oct 16, 2023
d48b2e8
fbdev: uvesafb: Call cn_del_callback() at the end of uvesafb_exit()
jorgem-dev Oct 6, 2023
db4416e
scsi: mpt3sas: Fix in error path
thenzl Oct 15, 2023
bbc9261
platform/mellanox: mlxbf-tmfifo: Fix a warning message
lsun100 Oct 12, 2023
51cc28c
net: chelsio: cxgb4: add an error code check in t4_load_phy_fw
Oct 20, 2023
78c939a
r8152: Check for unplug in rtl_phy_patch_request()
dianders Oct 20, 2023
f0f9986
r8152: Check for unplug in r8153b_ups_en() / r8153c_ups_en()
dianders Oct 20, 2023
6627b96
powerpc/mm: Fix boot crash with FLATMEM
mpe Oct 23, 2023
615c4dd
can: isotp: set max PDU size to 64 kByte
hartkopp Oct 31, 2023
f8c3bd2
can: isotp: isotp_bind(): return -EINVAL on incorrect CAN ID formatting
hartkopp Oct 31, 2023
2fc6f33
can: isotp: check CAN address family in isotp_bind()
hartkopp Oct 31, 2023
b4e78ea
can: isotp: handle wait_event_interruptible() return values
hartkopp Oct 31, 2023
e163ad6
can: isotp: add local echo tx processing and tx without FC
hartkopp Oct 31, 2023
d72ff64
can: isotp: isotp_bind(): do not validate unused address information
hartkopp Oct 31, 2023
9015169
can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior
hartkopp Oct 31, 2023
b6c3c77
drm/amd: Move helper for dynamic speed switch check out of smu13
superm1 Jul 8, 2023
6628c36
drm/amd: Disable ASPM for VI w/ all Intel systems
superm1 Oct 20, 2023
c48aae5
PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device
endrift Sep 27, 2023
7c4855b
usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" c…
Oct 27, 2023
e5f53a6
usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()
Oct 20, 2023
e251977
usb: raw-gadget: properly handle interrupted requests
xairy Oct 26, 2023
81a4dd5
tty: n_gsm: fix race condition in status line change on dead connections
dstarke-siemens Oct 26, 2023
ff6059c
tty: 8250: Remove UC-257 and UC-431
Oct 20, 2023
738fe41
tty: 8250: Add support for additional Brainboxes UC cards
Oct 20, 2023
a5b6390
tty: 8250: Add support for Brainboxes UP cards
Oct 20, 2023
3fe3cc6
tty: 8250: Add support for Intashield IS-100
Oct 20, 2023
1f5649a
tty: 8250: Fix port count of PX-257
Oct 20, 2023
60debc0
tty: 8250: Fix up PX-803/PX-857
Oct 20, 2023
d541ccb
tty: 8250: Add support for additional Brainboxes PX cards
Oct 20, 2023
44c4dfa
tty: 8250: Add support for Intashield IX cards
Oct 20, 2023
28b8ad8
tty: 8250: Add Brainboxes Oxford Semiconductor-based quirks
Oct 20, 2023
f049c0c
misc: pci_endpoint_test: Add deviceID for J721S2 PCIe EP device support
Siddharth-Vadapalli-at-TI Oct 20, 2023
3d8344a
ALSA: hda: intel-dsp-config: Fix JSL Chromebook quirk detection
Oct 18, 2023
80529b4
Linux 5.15.138
gregkh Nov 8, 2023
cd7989c
ANDROID: mm: add vendor hook in isolate_freepages()
Nov 6, 2023
690e148
ANDROID: GKI: Update symbol list for Amlogic
Nov 6, 2023
d815634
ANDROID: GKI: Add symbol list for Transsion
Nov 9, 2023
0468dbf
ANDROID: KVM: arm64: Fix error path in pkvm_mem_abort()
Nov 10, 2023
b029b53
BACKPORT: blk-ioprio: Convert from rqos policy to direct call
jankara Jun 23, 2022
739e44e
BACKPORT: block: Initialize bio priority earlier
jankara Jun 23, 2022
a0c7043
BACKPORT: block: Always initialize bio IO priority on submit
jankara Jun 23, 2022
a2a56bf
BACKPORT: blk-ioprio: Introduce promote-to-rt policy
Apr 28, 2023
20b2d56
UPSTREAM: dma-buf: add dma_fence_chain_contained helper
ChristianKoenigAMD Jan 20, 2022
67e5ffd
UPSTREAM: dma-buf: Add dma_fence_array_for_each (v2)
Jan 24, 2022
1696301
BACKPORT: dma-buf: add dma_fence_unwrap v2
ChristianKoenigAMD Mar 11, 2022
0eb66ec
ANDROID: vendor_hooks: Add hooks for binder
lfc2012 Sep 21, 2023
e039fca
ANDROID: ABI: Update oplus symbol list
lfc2012 Nov 15, 2023
18865db
FROMGIT: Input: uinput - allow injecting event times
May 2, 2023
60f7a6c
Merge 5.15.138 into android13-5.15-lts
gregkh Nov 26, 2023
4ba2bb2
Revert "kasan: print the original fault addr when access invalid shadow"
gregkh Nov 3, 2023
858ee7d
ANDROID: fix up platform_device ABI break
gregkh Nov 25, 2023
30b8daf
ANDROID: fix up rpmsg_device ABI break
gregkh Nov 26, 2023
b2017f5
ANDROID: fuse-bpf: Add NULL pointer check in fuse_release_in
Oct 25, 2023
e7ed9e4
FROMGIT: usb: gadget: uvc: prevent use of disabled endpoint
Nov 9, 2023
17f7b06
FROMGIT: usb: gadget: uvc: Allocate uvc_requests one at a time
Nov 9, 2023
d102805
FROMGIT: usb: gadget: uvc: move video disable logic to its own function
Nov 9, 2023
19914a1
FROMGIT: usb: gadget: uvc: Fix use-after-free for inflight usb_requests
Nov 9, 2023
d6f794b
FROMGIT: usb:gadget:uvc Do not use worker thread to pump isoc usb req…
Nov 20, 2023
2550d09
UPSTREAM: drm/qxl: fix UAF on handle creation
walac Aug 14, 2023
a0f42ba
UPSTREAM: USB: core: Unite old scheme and new scheme descriptor reads
AlanStern Aug 4, 2023
f4fd913
UPSTREAM: USB: core: Change usb_get_device_descriptor() API
AlanStern Aug 4, 2023
d2d389f
UPSTREAM: USB: core: Fix race by not overwriting udev->descriptor in …
AlanStern Aug 4, 2023
c43b797
Merge tag 'android13-5.15.137_r00' into android13-5.15
gregkh Nov 29, 2023
eff6178
ANDROID: ABI: Update pixel symbol list
Oct 31, 2023
eb99a64
Merge branch 'android13-5.15' into branch 'android13-5.15-lts'
gregkh Nov 29, 2023
a30f5de
Merge commit 'eb99a642b7e6b94282662389ff05737cb8285db9' into dev
JeevakaPrabu Dec 5, 2023
e42d1bd
Fix build error due to dma_buf not imported in tee module
JeevakaPrabu Dec 4, 2023
bbae401
Revert "i915/pmu: Wire GuC backend to per-client busyness"
JeevakaPrabu Dec 5, 2023
6e10c3c
extend uio driver to supports msix
yonghuah Nov 8, 2022
d700cea
extend function prototype in uio_info structure
yonghuah Aug 16, 2023
236a132
enable per-application notification with ivshemem
yonghuah Aug 18, 2023
8f5f88c
FROMLIST: ALSA: pcm: fix wait_time calculations
ossilator Apr 5, 2023
7902cc0
ASoC: Intel: avs: Fix module lookup
May 19, 2023
ba4fb03
ASoC: Intel: avs: Support volume control with GAIN module
Nov 9, 2023
b0f94b1
Initialize optee SMC arguments memory as zero
jingdlu Dec 19, 2023
e23e64d
Fix OOM issue for request not freed
xiechao79 Dec 29, 2023
61185da
Fix function prototype mismatch with uio_info release function
JeevakaPrabu Jan 22, 2024
0b7c1a5
drm/bridge: Add ti serdes/deserdes driver
kanlihu Sep 21, 2023
10b65cb
i915: Skip one specific resolution for EF1E-A1 panel
feijiang1 Dec 8, 2023
9315522
2880x1620 dp panel mcu backlight adjust
ljia5 Dec 12, 2023
a8cf3d9
drm/bridge: Add 984 serdes driver
ljia5 Feb 1, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
13 changes: 7 additions & 6 deletions Documentation/ABI/testing/sysfs-devices-system-cpu
Original file line number Diff line number Diff line change
Expand Up @@ -511,17 +511,18 @@ Description: information about CPUs heterogeneity.
cpu_capacity: capacity of cpu#.

What: /sys/devices/system/cpu/vulnerabilities
/sys/devices/system/cpu/vulnerabilities/gather_data_sampling
/sys/devices/system/cpu/vulnerabilities/itlb_multihit
/sys/devices/system/cpu/vulnerabilities/l1tf
/sys/devices/system/cpu/vulnerabilities/mds
/sys/devices/system/cpu/vulnerabilities/meltdown
/sys/devices/system/cpu/vulnerabilities/mmio_stale_data
/sys/devices/system/cpu/vulnerabilities/retbleed
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass
/sys/devices/system/cpu/vulnerabilities/spectre_v1
/sys/devices/system/cpu/vulnerabilities/spectre_v2
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass
/sys/devices/system/cpu/vulnerabilities/l1tf
/sys/devices/system/cpu/vulnerabilities/mds
/sys/devices/system/cpu/vulnerabilities/srbds
/sys/devices/system/cpu/vulnerabilities/tsx_async_abort
/sys/devices/system/cpu/vulnerabilities/itlb_multihit
/sys/devices/system/cpu/vulnerabilities/mmio_stale_data
/sys/devices/system/cpu/vulnerabilities/retbleed
Date: January 2018
Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org>
Description: Information about CPU vulnerabilities
Expand Down
109 changes: 109 additions & 0 deletions Documentation/admin-guide/hw-vuln/gather_data_sampling.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
.. SPDX-License-Identifier: GPL-2.0

GDS - Gather Data Sampling
==========================

Gather Data Sampling is a hardware vulnerability which allows unprivileged
speculative access to data which was previously stored in vector registers.

Problem
-------
When a gather instruction performs loads from memory, different data elements
are merged into the destination vector register. However, when a gather
instruction that is transiently executed encounters a fault, stale data from
architectural or internal vector registers may get transiently forwarded to the
destination vector register instead. This will allow a malicious attacker to
infer stale data using typical side channel techniques like cache timing
attacks. GDS is a purely sampling-based attack.

The attacker uses gather instructions to infer the stale vector register data.
The victim does not need to do anything special other than use the vector
registers. The victim does not need to use gather instructions to be
vulnerable.

Because the buffers are shared between Hyper-Threads cross Hyper-Thread attacks
are possible.

Attack scenarios
----------------
Without mitigation, GDS can infer stale data across virtually all
permission boundaries:

Non-enclaves can infer SGX enclave data
Userspace can infer kernel data
Guests can infer data from hosts
Guest can infer guest from other guests
Users can infer data from other users

Because of this, it is important to ensure that the mitigation stays enabled in
lower-privilege contexts like guests and when running outside SGX enclaves.

The hardware enforces the mitigation for SGX. Likewise, VMMs should ensure
that guests are not allowed to disable the GDS mitigation. If a host erred and
allowed this, a guest could theoretically disable GDS mitigation, mount an
attack, and re-enable it.

Mitigation mechanism
--------------------
This issue is mitigated in microcode. The microcode defines the following new
bits:

================================ === ============================
IA32_ARCH_CAPABILITIES[GDS_CTRL] R/O Enumerates GDS vulnerability
and mitigation support.
IA32_ARCH_CAPABILITIES[GDS_NO] R/O Processor is not vulnerable.
IA32_MCU_OPT_CTRL[GDS_MITG_DIS] R/W Disables the mitigation
0 by default.
IA32_MCU_OPT_CTRL[GDS_MITG_LOCK] R/W Locks GDS_MITG_DIS=0. Writes
to GDS_MITG_DIS are ignored
Can't be cleared once set.
================================ === ============================

GDS can also be mitigated on systems that don't have updated microcode by
disabling AVX. This can be done by setting gather_data_sampling="force" or
"clearcpuid=avx" on the kernel command-line.

If used, these options will disable AVX use by turning off XSAVE YMM support.
However, the processor will still enumerate AVX support. Userspace that
does not follow proper AVX enumeration to check both AVX *and* XSAVE YMM
support will break.

Mitigation control on the kernel command line
---------------------------------------------
The mitigation can be disabled by setting "gather_data_sampling=off" or
"mitigations=off" on the kernel command line. Not specifying either will default
to the mitigation being enabled. Specifying "gather_data_sampling=force" will
use the microcode mitigation when available or disable AVX on affected systems
where the microcode hasn't been updated to include the mitigation.

GDS System Information
------------------------
The kernel provides vulnerability status information through sysfs. For
GDS this can be accessed by the following sysfs file:

/sys/devices/system/cpu/vulnerabilities/gather_data_sampling

The possible values contained in this file are:

============================== =============================================
Not affected Processor not vulnerable.
Vulnerable Processor vulnerable and mitigation disabled.
Vulnerable: No microcode Processor vulnerable and microcode is missing
mitigation.
Mitigation: AVX disabled,
no microcode Processor is vulnerable and microcode is missing
mitigation. AVX disabled as mitigation.
Mitigation: Microcode Processor is vulnerable and mitigation is in
effect.
Mitigation: Microcode (locked) Processor is vulnerable and mitigation is in
effect and cannot be disabled.
Unknown: Dependent on
hypervisor status Running on a virtual guest processor that is
affected but with no way to know if host
processor is mitigated or vulnerable.
============================== =============================================

GDS Default mitigation
----------------------
The updated microcode will enable the mitigation by default. The kernel's
default action is to leave the mitigation enabled.
2 changes: 2 additions & 0 deletions Documentation/admin-guide/hw-vuln/index.rst
Original file line number Diff line number Diff line change
Expand Up @@ -19,3 +19,5 @@ are configurable at compile, boot or run time.
l1d_flush.rst
processor_mmio_stale_data.rst
cross-thread-rsb.rst
gather_data_sampling.rst
srso
133 changes: 133 additions & 0 deletions Documentation/admin-guide/hw-vuln/srso.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,133 @@
.. SPDX-License-Identifier: GPL-2.0

Speculative Return Stack Overflow (SRSO)
========================================

This is a mitigation for the speculative return stack overflow (SRSO)
vulnerability found on AMD processors. The mechanism is by now the well
known scenario of poisoning CPU functional units - the Branch Target
Buffer (BTB) and Return Address Predictor (RAP) in this case - and then
tricking the elevated privilege domain (the kernel) into leaking
sensitive data.

AMD CPUs predict RET instructions using a Return Address Predictor (aka
Return Address Stack/Return Stack Buffer). In some cases, a non-architectural
CALL instruction (i.e., an instruction predicted to be a CALL but is
not actually a CALL) can create an entry in the RAP which may be used
to predict the target of a subsequent RET instruction.

The specific circumstances that lead to this varies by microarchitecture
but the concern is that an attacker can mis-train the CPU BTB to predict
non-architectural CALL instructions in kernel space and use this to
control the speculative target of a subsequent kernel RET, potentially
leading to information disclosure via a speculative side-channel.

The issue is tracked under CVE-2023-20569.

Affected processors
-------------------

AMD Zen, generations 1-4. That is, all families 0x17 and 0x19. Older
processors have not been investigated.

System information and options
------------------------------

First of all, it is required that the latest microcode be loaded for
mitigations to be effective.

The sysfs file showing SRSO mitigation status is:

/sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow

The possible values in this file are:

- 'Not affected' The processor is not vulnerable

- 'Vulnerable: no microcode' The processor is vulnerable, no
microcode extending IBPB functionality
to address the vulnerability has been
applied.

- 'Mitigation: microcode' Extended IBPB functionality microcode
patch has been applied. It does not
address User->Kernel and Guest->Host
transitions protection but it does
address User->User and VM->VM attack
vectors.

(spec_rstack_overflow=microcode)

- 'Mitigation: safe RET' Software-only mitigation. It complements
the extended IBPB microcode patch
functionality by addressing User->Kernel
and Guest->Host transitions protection.

Selected by default or by
spec_rstack_overflow=safe-ret

- 'Mitigation: IBPB' Similar protection as "safe RET" above
but employs an IBPB barrier on privilege
domain crossings (User->Kernel,
Guest->Host).

(spec_rstack_overflow=ibpb)

- 'Mitigation: IBPB on VMEXIT' Mitigation addressing the cloud provider
scenario - the Guest->Host transitions
only.

(spec_rstack_overflow=ibpb-vmexit)

In order to exploit vulnerability, an attacker needs to:

- gain local access on the machine

- break kASLR

- find gadgets in the running kernel in order to use them in the exploit

- potentially create and pin an additional workload on the sibling
thread, depending on the microarchitecture (not necessary on fam 0x19)

- run the exploit

Considering the performance implications of each mitigation type, the
default one is 'Mitigation: safe RET' which should take care of most
attack vectors, including the local User->Kernel one.

As always, the user is advised to keep her/his system up-to-date by
applying software updates regularly.

The default setting will be reevaluated when needed and especially when
new attack vectors appear.

As one can surmise, 'Mitigation: safe RET' does come at the cost of some
performance depending on the workload. If one trusts her/his userspace
and does not want to suffer the performance impact, one can always
disable the mitigation with spec_rstack_overflow=off.

Similarly, 'Mitigation: IBPB' is another full mitigation type employing
an indrect branch prediction barrier after having applied the required
microcode patch for one's system. This mitigation comes also at
a performance cost.

Mitigation: safe RET
--------------------

The mitigation works by ensuring all RET instructions speculate to
a controlled location, similar to how speculation is controlled in the
retpoline sequence. To accomplish this, the __x86_return_thunk forces
the CPU to mispredict every function return using a 'safe return'
sequence.

To ensure the safety of this mitigation, the kernel must ensure that the
safe return sequence is itself free from attacker interference. In Zen3
and Zen4, this is accomplished by creating a BTB alias between the
untraining function srso_alias_untrain_ret() and the safe return
function srso_alias_safe_ret() which results in evicting a potentially
poisoned BTB entry and using that safe one for all function returns.

In older Zen1 and Zen2, this is accomplished using a reinterpretation
technique similar to Retbleed one: srso_untrain_ret() and
srso_safe_ret().
66 changes: 52 additions & 14 deletions Documentation/admin-guide/kernel-parameters.txt
Original file line number Diff line number Diff line change
Expand Up @@ -1509,6 +1509,26 @@
Format: off | on
default: on

gather_data_sampling=
[X86,INTEL] Control the Gather Data Sampling (GDS)
mitigation.

Gather Data Sampling is a hardware vulnerability which
allows unprivileged speculative access to data which was
previously stored in vector registers.

This issue is mitigated by default in updated microcode.
The mitigation may have a performance impact but can be
disabled. On systems without the microcode mitigation
disabling AVX serves as a mitigation.

force: Disable AVX to mitigate systems without
microcode mitigation. No effect if the microcode
mitigation is present. Known to cause crashes in
userspace with buggy AVX enumeration.

off: Disable GDS mitigation.

gcov_persist= [GCOV] When non-zero (default), profiling data for
kernel modules is saved and remains accessible via
debugfs, even when the module is unloaded/reloaded.
Expand Down Expand Up @@ -3060,22 +3080,23 @@
Disable all optional CPU mitigations. This
improves system performance, but it may also
expose users to several CPU vulnerabilities.
Equivalent to: nopti [X86,PPC]
Equivalent to: gather_data_sampling=off [X86]
kpti=0 [ARM64]
nospectre_v1 [X86,PPC]
nobp=0 [S390]
nospectre_v2 [X86,PPC,S390,ARM64]
spectre_v2_user=off [X86]
spec_store_bypass_disable=off [X86,PPC]
ssbd=force-off [ARM64]
kvm.nx_huge_pages=off [X86]
l1tf=off [X86]
mds=off [X86]
tsx_async_abort=off [X86]
kvm.nx_huge_pages=off [X86]
mmio_stale_data=off [X86]
no_entry_flush [PPC]
no_uaccess_flush [PPC]
mmio_stale_data=off [X86]
nobp=0 [S390]
nopti [X86,PPC]
nospectre_v1 [X86,PPC]
nospectre_v2 [X86,PPC,S390,ARM64]
retbleed=off [X86]
spec_store_bypass_disable=off [X86,PPC]
spectre_v2_user=off [X86]
ssbd=force-off [ARM64]
tsx_async_abort=off [X86]

Exceptions:
This does not have any effect on
Expand Down Expand Up @@ -5455,6 +5476,17 @@
Not specifying this option is equivalent to
spectre_v2_user=auto.

spec_rstack_overflow=
[X86] Control RAS overflow mitigation on AMD Zen CPUs

off - Disable mitigation
microcode - Enable microcode mitigation only
safe-ret - Enable sw-only safe RET mitigation (default)
ibpb - Enable mitigation by issuing IBPB on
kernel entry
ibpb-vmexit - Issue IBPB only on VMEXIT
(cloud-specific mitigation)

spec_store_bypass_disable=
[HW] Control Speculative Store Bypass (SSB) Disable mitigation
(Speculative Store Bypass vulnerability)
Expand Down Expand Up @@ -5764,10 +5796,6 @@
-1: disable all critical trip points in all thermal zones
<degrees C>: override all critical trip points

thermal.nocrt= [HW,ACPI]
Set to disable actions on ACPI thermal zone
critical and hot trip points.

thermal.off= [HW,ACPI]
1: disable ACPI thermal control

Expand Down Expand Up @@ -5918,6 +5946,16 @@
first trust source as a backend which is initialized
successfully during iteration.

trusted.rng= [KEYS]
Format: <string>
The RNG used to generate key material for trusted keys.
Can be one of:
- "kernel"
- the same value as trusted.source: "tpm" or "tee"
- "default"
If not specified, "default" is used. In this case,
the RNG's choice is left to each individual trust source.

tsc= Disable clocksource stability checks for TSC.
Format: <string>
[x86] reliable: mark tsc clocksource as reliable, this
Expand Down
Loading