This is the start of the stable review cycle for the 6.6.47 release. There are 67 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat, 17 Aug 2024 13:18:17 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.6.47-rc1.gz or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.6.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> Linux 6.6.47-rc1 Will Deacon <will@xxxxxxxxxx> KVM: arm64: Don't pass a TLBI level hint when zapping table entries Will Deacon <will@xxxxxxxxxx> KVM: arm64: Don't defer TLB invalidation when zapping table entries Waiman Long <longman@xxxxxxxxxx> cgroup: Move rcu_head up near the top of cgroup_root Peter Xu <peterx@xxxxxxxxxx> mm/debug_vm_pgtable: drop RANDOM_ORVALUE trick Javier Carrasco <javier.carrasco.cruz@xxxxxxxxx> Revert "Input: bcm5974 - check endpoint type before starting traffic" Dave Kleikamp <dave.kleikamp@xxxxxxxxxx> Revert "jfs: fix shift-out-of-bounds in dbJoin" Kees Cook <kees@xxxxxxxxxx> binfmt_flat: Fix corruption when not offsetting data start Takashi Iwai <tiwai@xxxxxxx> ALSA: usb: Fix UBSAN warning in parse_audio_unit() Konstantin Komarov <almaz.alexandrovich@xxxxxxxxxxxxxxxxxxxx> fs/ntfs3: Do copy_to_user out of run_lock Pei Li <peili.dev@xxxxxxxxx> jfs: Fix shift-out-of-bounds in dbDiscardAG Edward Adam Davis <eadavis@xxxxxx> jfs: fix null ptr deref in dtInsertEntry Willem de Bruijn <willemb@xxxxxxxxxx> fou: remove warn in gue_gro_receive on unsupported protocol Chao Yu <chao@xxxxxxxxxx> f2fs: fix to cover read extent cache access with lock Chao Yu <chao@xxxxxxxxxx> f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC yunshui <jiangyunshui@xxxxxxxxxx> bpf, net: Use DEV_STAT_INC() Wojciech Gładysz <wojciech.gladysz@xxxxxxxxxxxx> ext4: sanity check for NULL pointer after ext4_force_shutdown Matthew Wilcox (Oracle) <willy@xxxxxxxxxxxxx> ext4: convert ext4_da_do_write_end() to take a folio Eric Dumazet <edumazet@xxxxxxxxxx> wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values Peter Xu <peterx@xxxxxxxxxx> mm/page_table_check: support userfault wr-protect entries Jan Kara <jack@xxxxxxx> ext4: do not create EA inode under buffer lock Jan Kara <jack@xxxxxxx> ext4: fold quota accounting into ext4_xattr_inode_lookup_create() Luiz Augusto von Dentz <luiz.von.dentz@xxxxxxxxx> Bluetooth: RFCOMM: Fix not validating setsockopt user input Eric Dumazet <edumazet@xxxxxxxxxx> nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies Eric Dumazet <edumazet@xxxxxxxxxx> net: add copy_safe_from_sockptr() helper Eric Dumazet <edumazet@xxxxxxxxxx> mISDN: fix MISDN_TIME_STAMP handling Gustavo A. R. Silva <gustavoars@xxxxxxxxxx> fs: Annotate struct file_handle with __counted_by() and use struct_size() Alexei Starovoitov <ast@xxxxxxxxxx> bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie. Kees Cook <keescook@xxxxxxxxxxxx> bpf: Replace bpf_lpm_trie_key 0-length array with flexible array Gavrilov Ilia <Ilia.Gavrilov@xxxxxxxxxxx> pppoe: Fix memory leak in pppoe_sendmsg() Dmitry Antipov <dmantipov@xxxxxxxxx> net: sctp: fix skb leak in sctp_inq_free() Allison Henderson <allison.henderson@xxxxxxxxxx> net:rds: Fix possible deadlock in rds_message_put Jan Kara <jack@xxxxxxx> quota: Detect loops in quota tree Javier Carrasco <javier.carrasco.cruz@xxxxxxxxx> Input: bcm5974 - check endpoint type before starting traffic John Fastabend <john.fastabend@xxxxxxxxx> net: tls, add test to capture error on large splice Gao Xiang <xiang@xxxxxxxxxx> erofs: avoid debugging output for (de)compressed data Edward Adam Davis <eadavis@xxxxxx> reiserfs: fix uninit-value in comp_keys Phillip Lougher <phillip@xxxxxxxxxxxxxxx> Squashfs: fix variable overflow triggered by sysbot Lizhi Xu <lizhi.xu@xxxxxxxxxxxxx> squashfs: squashfs_read_data need to check if the length is 0 Manas Ghandat <ghandatmanas@xxxxxxxxx> jfs: fix shift-out-of-bounds in dbJoin Jakub Kicinski <kuba@xxxxxxxxxx> net: don't dump stack on queue timeout Lizhi Xu <lizhi.xu@xxxxxxxxxxxxx> jfs: fix log->bdev_handle null ptr deref in lbmStartIO Jan Kara <jack@xxxxxxx> jfs: Convert to bdev_open_by_dev() Jan Kara <jack@xxxxxxx> fs: Convert to bdev_open_by_dev() Johannes Berg <johannes.berg@xxxxxxxxx> wifi: mac80211: fix change_address deadlock during unregister Johannes Berg <johannes.berg@xxxxxxxxx> wifi: mac80211: take wiphy lock for MAC addr change Eric Dumazet <edumazet@xxxxxxxxxx> tcp_metrics: optimize tcp_metrics_flush_all() Yafang Shao <laoar.shao@xxxxxxxxx> cgroup: Make operations on the cgroup root_list RCU safe Dongli Zhang <dongli.zhang@xxxxxxxxxx> genirq/cpuhotplug: Retry with cpu_online_mask when migration fails David Stevens <stevensd@xxxxxxxxxxxx> genirq/cpuhotplug: Skip suspended interrupts when restoring affinity WangYuli <wangyuli@xxxxxxxxxxxxx> nvme/pci: Add APST quirk for Lenovo N60z laptop Yang Shi <yang@xxxxxxxxxxxxxxxxxxxxxx> mm: gup: stop abusing try_grab_folio Josef Bacik <josef@xxxxxxxxxxxxxx> nfsd: make svc_stat per-network namespace instead of global Josef Bacik <josef@xxxxxxxxxxxxxx> nfsd: remove nfsd_stats, make th_cnt a global counter Josef Bacik <josef@xxxxxxxxxxxxxx> nfsd: make all of the nfsd stats per-network namespace Josef Bacik <josef@xxxxxxxxxxxxxx> nfsd: expose /proc/net/sunrpc/nfsd in net namespaces Josef Bacik <josef@xxxxxxxxxxxxxx> nfsd: rename NFSD_NET_* to NFSD_STATS_* Josef Bacik <josef@xxxxxxxxxxxxxx> sunrpc: use the struct net as the svc proc private Josef Bacik <josef@xxxxxxxxxxxxxx> sunrpc: remove ->pg_stats from svc_program Josef Bacik <josef@xxxxxxxxxxxxxx> sunrpc: pass in the sv_stats struct through svc_create_pooled Josef Bacik <josef@xxxxxxxxxxxxxx> nfsd: stop setting ->pg_stats for unused stats Josef Bacik <josef@xxxxxxxxxxxxxx> sunrpc: don't change ->sv_stats if it doesn't exist Chuck Lever <chuck.lever@xxxxxxxxxx> NFSD: Fix frame size warning in svc_export_parse() Chuck Lever <chuck.lever@xxxxxxxxxx> NFSD: Rewrite synopsis of nfsd_percpu_counters_init() Huacai Chen <chenhuacai@xxxxxxxxxx> LoongArch: Define __ARCH_WANT_NEW_STAT in unistd.h Amadeusz Sławiński <amadeuszx.slawinski@xxxxxxxxxxxxxxx> ASoC: topology: Fix route memory corruption Amadeusz Sławiński <amadeuszx.slawinski@xxxxxxxxxxxxxxx> ASoC: topology: Clean up route loading Kees Cook <kees@xxxxxxxxxx> exec: Fix ToCToU between perm check and set-uid/gid usage ------------- Diffstat: Documentation/bpf/map_lpm_trie.rst | 2 +- Documentation/mm/page_table_check.rst | 9 +- Makefile | 4 +- arch/arm64/kvm/hyp/pgtable.c | 12 +- arch/loongarch/include/uapi/asm/unistd.h | 1 + arch/x86/include/asm/pgtable.h | 18 +- drivers/isdn/mISDN/socket.c | 10 +- drivers/net/ppp/pppoe.c | 23 +-- drivers/nvme/host/pci.c | 7 + fs/binfmt_flat.c | 4 +- fs/buffer.c | 2 + fs/cramfs/inode.c | 2 +- fs/erofs/decompressor.c | 8 +- fs/exec.c | 8 +- fs/ext4/inode.c | 24 ++- fs/ext4/xattr.c | 155 +++++++------- fs/f2fs/extent_cache.c | 50 ++--- fs/f2fs/f2fs.h | 2 +- fs/f2fs/gc.c | 10 + fs/f2fs/inode.c | 10 +- fs/fhandle.c | 6 +- fs/jfs/jfs_dmap.c | 2 + fs/jfs/jfs_dtree.c | 2 + fs/jfs/jfs_logmgr.c | 33 +-- fs/jfs/jfs_logmgr.h | 2 +- fs/jfs/jfs_mount.c | 3 +- fs/lockd/svc.c | 3 - fs/nfs/callback.c | 3 - fs/nfsd/cache.h | 2 - fs/nfsd/export.c | 32 ++- fs/nfsd/export.h | 4 +- fs/nfsd/netns.h | 25 ++- fs/nfsd/nfs4proc.c | 6 +- fs/nfsd/nfs4state.c | 3 +- fs/nfsd/nfscache.c | 40 +--- fs/nfsd/nfsctl.c | 16 +- fs/nfsd/nfsd.h | 1 + fs/nfsd/nfsfh.c | 3 +- fs/nfsd/nfssvc.c | 14 +- fs/nfsd/stats.c | 54 ++--- fs/nfsd/stats.h | 88 +++----- fs/nfsd/vfs.c | 6 +- fs/ntfs3/frecord.c | 75 ++++++- fs/quota/quota_tree.c | 128 +++++++++--- fs/quota/quota_v2.c | 15 +- fs/reiserfs/stree.c | 2 +- fs/romfs/super.c | 2 +- fs/squashfs/block.c | 2 +- fs/squashfs/file.c | 3 +- fs/squashfs/file_direct.c | 6 +- fs/super.c | 15 +- include/linux/cgroup-defs.h | 7 +- include/linux/fs.h | 3 +- include/linux/sockptr.h | 25 +++ include/linux/sunrpc/svc.h | 5 +- include/uapi/linux/bpf.h | 19 +- kernel/bpf/lpm_trie.c | 33 +-- kernel/cgroup/cgroup-internal.h | 3 +- kernel/cgroup/cgroup.c | 23 ++- kernel/irq/cpuhotplug.c | 27 ++- kernel/irq/manage.c | 12 +- mm/debug_vm_pgtable.c | 31 +-- mm/gup.c | 251 ++++++++++++----------- mm/huge_memory.c | 6 +- mm/hugetlb.c | 2 +- mm/internal.h | 4 +- mm/page_table_check.c | 30 +++ net/bluetooth/rfcomm/sock.c | 14 +- net/core/filter.c | 8 +- net/ipv4/fou_core.c | 2 +- net/ipv4/tcp_metrics.c | 7 +- net/mac80211/iface.c | 27 ++- net/nfc/llcp_sock.c | 12 +- net/rds/recv.c | 13 +- net/sched/sch_generic.c | 5 +- net/sctp/inqueue.c | 14 +- net/sunrpc/stats.c | 2 +- net/sunrpc/svc.c | 39 ++-- net/wireless/nl80211.c | 6 +- samples/bpf/map_perf_test_user.c | 2 +- samples/bpf/xdp_router_ipv4_user.c | 2 +- sound/soc/soc-topology.c | 32 +-- sound/usb/mixer.c | 7 + tools/include/uapi/linux/bpf.h | 19 +- tools/testing/selftests/bpf/progs/map_ptr_kern.c | 2 +- tools/testing/selftests/bpf/test_lpm_map.c | 18 +- tools/testing/selftests/net/tls.c | 14 ++ 87 files changed, 987 insertions(+), 696 deletions(-)
