Merge tag 'vfio-v6.18-rc1-pt2' of https://github.com/awilliam/linux-vfio
Pull more VFIO updates from Alex Williamson:
- Optimizations for DMA map and unmap opertions through the type1 vfio
IOMMU backend.
This uses various means of batching and hints from the mm structures
to improve efficiency and therefore performance, resulting in a
significant speedup for huge page use cases (Li Zhe)
- Expose supported device migration features through debugfs (Cédric Le
Goater)
* tag 'vfio-v6.18-rc1-pt2' of https://github.com/awilliam/linux-vfio:
vfio: Dump migration features under debugfs
vfio/type1: optimize vfio_unpin_pages_remote()
vfio/type1: introduce a new member has_rsvd for struct vfio_dma
vfio/type1: batch vfio_find_vpfn() in function vfio_unpin_pages_remote()
[2 lines not shown]
Merge tag 'input-for-v6.18-rc0' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
Pull input updates from Dmitry Torokhov:
- Conversions to yaml/json schema and fixes for input-related device
tree bindings
- New drivers:
- Awinic AW86927 haptic chip
- Hynitron CST816x series controller
- Himax HX852x(ES) touchscreen controller
- Fix uinput to not leak kernel memory via a gap in
uinput_ff_upload_compat structure
- Prevent overflow in pressure calculation in tsc2007 driver causing
phantom touches
- Make the Atmel maxTouch driver support generic touchscreen
[30 lines not shown]
Merge tag 'v6.18-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
- Fix zstd regression
- Ensure ti driver algorithm are set as async
- Revert patch disabling SHA1 in FIPS mode
- Fix RNG set_ent null-pointer dereference
* tag 'v6.18-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: rng - Ensure set_ent is always present
Revert "crypto: testmgr - desupport SHA-1 for FIPS 140"
crypto: ti - Add CRYPTO_ALG_ASYNC flag to DTHEv2 AES algos
crypto: zstd - Fix compression bug caused by truncation
Input: atmel_mxt_ts - allow reset GPIO to sleep
The reset GPIO is not toggled in any critical section where it couldn't
sleep, allow the reset GPIO to sleep. This allows the driver to operate
reset GPIOs connected to I2C GPIO expanders.
Signed-off-by: Marek Vasut <marek.vasut at mailbox.org>
Link: https://lore.kernel.org/r/20251005023335.166483-1-marek.vasut@mailbox.org
Cc: stable at vger.kernel.org
Signed-off-by: Dmitry Torokhov <dmitry.torokhov at gmail.com>
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux
Pull ARM development updates from Russell King:
- Use string choices helpers
- Add support for HAVE_FUNCTION_GRAPH_FREGS
* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux:
ARM: 9457/1: ftrace: Implement HAVE_FUNCTION_GRAPH_FREGS
ARM: 9456/1: mm: fault: use string choices helper
ARM: 9454/1: kernel: bios32: use string choices helper
ARM: 9451/1: mm: l2x0: use string choices helper
Merge tag 'dma-mapping-6.18-2025-10-07' of git://git.kernel.org/pub/scm/linux/kernel/git/mszyprowski/linux
Pull dma-mapping fixes from Marek Szyprowski:
"Two small fixes for the recently performed code refactoring (Shigeru
Yoshida) and missing handling of direction parameter in DMA debug code
(Petr Tesarik)"
* tag 'dma-mapping-6.18-2025-10-07' of git://git.kernel.org/pub/scm/linux/kernel/git/mszyprowski/linux:
dma-mapping: fix direction in dma_alloc direction traces
kmsan: fix kmsan_handle_dma() to avoid false positives
Merge tag 'char-misc-6.18-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
Pull char/misc fixes from Greg KH:
"Here are some small nvmem and fastrpc fixes that missed the cut-off to
get into 6.17-final, due to me being slow in getting them out, my
fault, not the maintainers of these subsystems :(
Anyway, better late than never. Changes included in here are:
- nvmem fix for automatic module loading
- fastrpc driver fixes for reported issues
All of these have been in linux-next for weeks (4?) with no reported
issues"
* tag 'char-misc-6.18-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
misc: fastrpc: Skip reference for DMA handles
misc: fastrpc: fix possible map leak in fastrpc_put_args
[3 lines not shown]
Merge tag 'staging-6.18-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging
Pull staging driver fixes from Greg KH:
"Here are some staging driver fixes that missed 6.17-final due to my
travel schedule. They fix a number of reported issues in the axis-fifo
driver, one of which was just independently discovered by someone else
today so someone is looking at this code.
All of these fixes have been in linux-next for many weeks with no
reported issues"
* tag 'staging-6.18-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
staging: axis-fifo: flush RX FIFO on read errors
staging: axis-fifo: fix TX handling on copy_from_user() failure
staging: axis-fifo: fix maximum TX packet length check
Merge tag 'tty-6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
Pull tty driver fix from Greg KH:
"Here is a single driver fix for the qcom_geni_serial driver. It has
been in my tree for weeks, but missed being sent to you for 6.17-final
due to travel on my side.
This fixes a reported regression for this driver that prevents 6.17
from working properly on this platform.
It has been in linux-next for many weeks with no reported issues"
* tag 'tty-6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
serial: qcom-geni: Fix blocked task
Merge tag 'thermal-6.18-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull more thermal control updates from Rafael Wysocki:
"Fix RZ/G3E driver introduction fall-out (Geert Uytterhoeven) and
improve the compilation and installation of the thermal library for
user space (Emil Dahl Juhl and Sascha Hauer)"
* tag 'thermal-6.18-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
tools: lib: thermal: expose thermal_exit symbols
tools: lib: thermal: don't preserve owner in install
tools: lib: thermal: use pkg-config to locate libnl3
thermal: renesas: Fix RZ/G3E fall-out
Merge tag 'acpi-6.18-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull more ACPI updates from Rafael Wysocki:
"These fix a driver bug, clean up two pieces of code and improve the
fwnode API consistency:
- Add missing synchronization between interface updates in the ACPI
battery driver (Rafael Wysocki)
- Remove open coded check for cpu_feature_enabled() from
acpi_processor_power_init_bm_check() (Mario Limonciello)
- Remove redundant rcu_read_lock/unlock() under spinlock from
ghes_notify_hed() in the ACPI APEI support code (pengdonglin)
- Make the .get_next_child_node() callback in the ACPI fwnode backend
skip ACPI devices that are not present for consistency with the
analogous callback in the OF fwnode backend (Sakari Ailus)"
[5 lines not shown]
Merge tag 'pm-6.18-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull more power management updates from Rafael Wysocki:
"These are cpufreq fixes and cleanups on top of the material merged
previously, a power management core code fix and updates of the
runtime PM framework including unit tests, documentation updates and
introduction of auto-cleanup macros for runtime PM "resume and get"
and "get without resuming" operations.
Specifics:
- Make cpufreq drivers setting the default CPU transition latency to
CPUFREQ_ETERNAL specify a proper default transition latency value
instead which addresses a regression introduced during the 6.6
cycle that broke CPUFREQ_ETERNAL handling (Rafael Wysocki)
- Make the cpufreq CPPC driver use a proper transition delay value
when CPUFREQ_ETERNAL is returned by cppc_get_transition_latency()
to indicate an error condition (Rafael Wysocki)
[51 lines not shown]
Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux
Pull clk updates from Stephen Boyd:
"There's a bunch of patches here across drivers/clk/ to migrate drivers
to use struct clk_ops::determine_rate() instead of the round_rate()
one so that we can remove the round_rate clk_op entirely. Brian has
taken up that task which nobody else has wanted to do for close to a
decade. Thanks Brian!
This is all prerequisite work to get to the real task of improving the
clk rate setting process. Once we have determine_rate() used
everywhere, we'll be able to do things like chain the rate request
structs in linked lists to order the rate setting operations or add
more parameters without having to change every clk driver in
existence. It's also nice to not have multiple ways to do something
which just causes confusion for clk driver authors. Overall I'm glad
this is getting done.
Beyond this change we also have a tweak to the clk_lookup() function
[42 lines not shown]
Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Pull arm64 fixes from Will Deacon:
- Preserve old 'tt_core' UAPI for Hisilicon L3C PMU driver
- Ensure linear alias of kprobes instruction page is not writable
- Fix kernel stack unwinding from BPF
- Fix build warnings from the Fujitsu uncore PMU documentation
- Fix hang with deferred 'struct page' initialisation and MTE
- Consolidate KPTI page-table re-writing code
* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
arm64: mte: Do not flag the zero page as PG_mte_tagged
docs: perf: Fujitsu: Fix htmldocs build warnings and errors
[4 lines not shown]
Merge tag 'hyperv-next-signed-20251006' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux
Pull hyperv updates from Wei Liu:
- Unify guest entry code for KVM and MSHV (Sean Christopherson)
- Switch Hyper-V MSI domain to use msi_create_parent_irq_domain()
(Nam Cao)
- Add CONFIG_HYPERV_VMBUS and limit the semantics of CONFIG_HYPERV
(Mukesh Rathor)
- Add kexec/kdump support on Azure CVMs (Vitaly Kuznetsov)
- Deprecate hyperv_fb in favor of Hyper-V DRM driver (Prasanna
Kumar T S M)
- Miscellaneous enhancements, fixes and cleanups (Abhishek Tiwari,
Alok Tiwari, Nuno Das Neves, Wei Liu, Roman Kisel, Michael Kelley)
[21 lines not shown]
mailbox: mtk-cmdq: Remove pm_runtime APIs from cmdq_mbox_send_data()
pm_runtime_get_sync() and pm_runtime_put_autosuspend() were previously
called in cmdq_mbox_send_data(), which is under a spinlock in msg_submit()
(mailbox.c). This caused lockdep warnings such as "sleeping function
called from invalid context" when running with lockdebug enabled.
The BUG report:
BUG: sleeping function called from invalid context at drivers/base/power/runtime.c:1164
in_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 3616, name: kworker/u17:3
preempt_count: 1, expected: 0
RCU nest depth: 0, expected: 0
INFO: lockdep is turned off.
irq event stamp: 0
CPU: 1 PID: 3616 Comm: kworker/u17:3 Not tainted 6.1.87-lockdep-14133-g26e933aca785 #1
Hardware name: Google Ciri sku0/unprovisioned board (DT)
Workqueue: imgsys_runner imgsys_runner_func
Call trace:
dump_backtrace+0x100/0x120
[26 lines not shown]
tools headers: kcfi: rename missed CONFIG_CFI_CLANG
Commit 23ef9d439769 ("kcfi: Rename CONFIG_CFI_CLANG to CONFIG_CFI")
missed one instance of CONFIG_CFI_CLANG. Rename it to match the original
kernel header. This addresses the following build warning:
Warning: Kernel ABI header differences:
diff -u tools/include/linux/cfi_types.h include/linux/cfi_types.h
Cc: Kees Cook <kees at kernel.org>
Fixes: a5ba183bdeee ("Merge tag 'hardening-v6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux")
Reviewed-by: Nathan Chancellor <nathan at kernel.org>
Signed-off-by: Carlos Llamas <cmllamas at google.com>
Link: https://lore.kernel.org/r/20251006225148.1636486-1-cmllamas@google.com
Signed-off-by: Kees Cook <kees at kernel.org>
kconfig: Avoid prompting for transitional symbols
The "transitional" symbol keyword, while working with the "olddefconfig"
target, was prompting during "oldconfig". This occurred because these
symbols were not being marked as user-defined when they received values
from transitional symbols that had user values. The "olddefconfig" target
explicitly doesn't prompt for anything, so this deficiency wasn't noticed.
The issue manifested when a symbol's value came from a transitional
symbol's user value but the receiving symbol wasn't marked with
SYMBOL_DEF_USER. Thus the "oldconfig" logic would then prompt for these
symbols unnecessarily.
Check after value calculation whether a symbol without a user value
gets its value from a single transitional symbol that does have a user
value. In such cases, mark the receiving symbol as user-defined to
prevent prompting.
Update regression tests to verify that symbols with transitional defaults
[11 lines not shown]
Merge branches 'acpi-x86', 'acpi-battery', 'acpi-apei' and 'acpi-property'
Merge an x86 cleanup related to ACPI, an ACPI battery driver fix, an
ACPI APEI cleanup, and an ACPI device properties handling update for
6.18-rc1:
- Remove open coded check for cpu_feature_enabled() from
acpi_processor_power_init_bm_check() (Mario Limonciello)
- Add missing synchronization between interface updates in the ACPI
battery driver (Rafael Wysocki)
- Remove redundant rcu_read_lock/unlock() under spinlock from
ghes_notify_hed() in the ACPI APEI support code (pengdonglin)
- Make the .get_next_child_node() callback in the ACPI fwnode backend
skip ACPI devices that are not present for consistency with the
analogous callback in the OF fwnode backend (Sakari Ailus)
[11 lines not shown]
Merge branch 'pm-cpufreq'
Merge cpufreq fixes and cleanups, mostly on top of those fixes, for
6.18-rc1:
- Make cpufreq drivers setting the default CPU transition latency to
CPUFREQ_ETERNAL specify a proper default transition latency value
instead which addresses a regression introduced during the 6.6 cycle
that broke CPUFREQ_ETERNAL handling (Rafael Wysocki)
- Make the cpufreq CPPC driver use a proper transition delay value
when CPUFREQ_ETERNAL is returned by cppc_get_transition_latency() to
indicate an error condition (Rafael Wysocki)
- Make cppc_get_transition_latency() return a negative error code to
indicate error conditions instead of using CPUFREQ_ETERNAL for this
purpose and drop CPUFREQ_ETERNAL that has no other users (Rafael
Wysocki, Gopi Krishna Menon)
[19 lines not shown]
Merge branches 'pm-core' and 'pm-runtime'
Merge runtime PM framework updates and a core power management code fix
for 6.18-rc1:
- Make pm_runtime_put*() family of functions return 1 when the
given device is already suspended which is consistent with the
documentation (Brian Norris)
- Add basic kunit tests for runtime PM API contracts and update return
values in kerneldoc coments for the runtime PM API (Brian Norris,
Dan Carpenter)
- Add auto-cleanup macros for runtime PM "resume and get" and "get
without resume" operations, use one of them in the PCI core and
drop the existing "free" macro introduced for similar purpose, but
somewhat cumbersome to use (Rafael Wysocki)
- Make the core power management code avoid waiting on device links
[15 lines not shown]
mailbox: zynqmp-ipi: Fix SGI cleanup on unbind
The driver incorrectly determines SGI vs SPI interrupts by checking IRQ
number < 16, which fails with dynamic IRQ allocation. During unbind,
this causes improper SGI cleanup leading to kernel crash.
Add explicit irq_type field to pdata for reliable identification of SGI
interrupts (type-2) and only clean up SGI resources when appropriate.
Fixes: 6ffb1635341b ("mailbox: zynqmp: handle SGI for shared IPI")
Signed-off-by: Harini T <harini.t at amd.com>
Reviewed-by: Peng Fan <peng.fan at nxp.com>
Signed-off-by: Jassi Brar <jassisinghbrar at gmail.com>
dt-bindings: mailbox: Add MT8196 GPUEB Mailbox
The MediaTek MT8196 SoC includes an embedded MCU referred to as "GPUEB",
acting as glue logic to control power and frequency of the Mali GPU.
This MCU runs special-purpose firmware for this use, and the main
application processor communicates with it through a mailbox.
Add a binding that describes this mailbox.
Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno at collabora.com>
Acked-by: Conor Dooley <conor.dooley at microchip.com>
Reviewed-by: Rob Herring (Arm) <robh at kernel.org>
Signed-off-by: Nicolas Frattaroli <nicolas.frattaroli at collabora.com>
Signed-off-by: Jassi Brar <jassisinghbrar at gmail.com>
mailbox: add MediaTek GPUEB IPI mailbox
The MT8196 SoC uses an embedded MCU to control frequencies and power of
the GPU. This controller is referred to as "GPUEB".
It communicates to the application processor, among other ways, through
a mailbox.
The mailbox exposes one interrupt, which appears to only be fired when a
response is received, rather than a transaction is completed. For us,
this means we unfortunately need to poll for txdone.
The mailbox also requires the EB clock to be on when touching any of the
mailbox registers.
Add a simple driver for it based on the common mailbox framework.
Reviewed-by: Chia-I Wu <olvaffe at gmail.com>
Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno at collabora.com>
[2 lines not shown]
mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call
The controller is registered using the device-managed function
'devm_mbox_controller_register()'. As documented in mailbox.c, this
ensures the devres framework automatically calls
mbox_controller_unregister() when device_unregister() is invoked, making
the explicit call unnecessary.
Remove redundant mbox_controller_unregister() call as
device_unregister() handles controller cleanup.
Fixes: 4981b82ba2ff ("mailbox: ZynqMP IPI mailbox controller")
Signed-off-by: Harini T <harini.t at amd.com>
Reviewed-by: Peng Fan <peng.fan at nxp.com>
Signed-off-by: Jassi Brar <jassisinghbrar at gmail.com>
mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop
The cleanup loop was starting at the wrong array index, causing
out-of-bounds access.
Start the loop at the correct index for zero-indexed arrays to prevent
accessing memory beyond the allocated array bounds.
Fixes: 4981b82ba2ff ("mailbox: ZynqMP IPI mailbox controller")
Signed-off-by: Harini T <harini.t at amd.com>
Reviewed-by: Peng Fan <peng.fan at nxp.com>
Signed-off-by: Jassi Brar <jassisinghbrar at gmail.com>
mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes
The ipi_mbox->dev.parent check is unreliable proxy for registration
status as it fails to protect against probe failures that occur after
the parent is assigned but before device_register() completes.
device_is_registered() is the canonical and robust method to verify the
registration status.
Remove ipi_mbox->dev.parent check in zynqmp_ipi_free_mboxes().
Fixes: 4981b82ba2ff ("mailbox: ZynqMP IPI mailbox controller")
Signed-off-by: Harini T <harini.t at amd.com>
Reviewed-by: Peng Fan <peng.fan at nxp.com>
Signed-off-by: Jassi Brar <jassisinghbrar at gmail.com>
