Linux/linux 155a3c0drivers/md dm-bufio.c

Merge tag 'for-6.16/dm-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm

Pull device mapper fix from Mikulas Patocka:

 - dm-bufio: fix scheduling in atomic

* tag 'for-6.16/dm-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm:
  dm-bufio: fix sched in atomic context
DeltaFile
+5-1drivers/md/dm-bufio.c
+5-11 files

Linux/linux 347e9f5. Makefile

Linux 6.16-rc6
DeltaFile
+1-1Makefile
+1-11 files

Linux/linux 3cd7521Documentation/devicetree/bindings/clock mediatek,mt8188-clock.yaml, drivers/clk clk-scmi.c

Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux

Fixes for a few clk drivers and bindings:

 - Add a missing property to the Mediatek MT8188 clk binding to
   keep binding checks happy

 - Avoid an OOB by setting the correct number of parents in
   dispmix_csr_clk_dev_data

 - Allocate clk_hw structs early in probe to avoid an ordering
   issue where clk_parent_data points to an unallocated clk_hw
   when the child clk is registered before the parent clk in the
   SCMI clk driver

* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
  dt-bindings: clock: mediatek: Add #reset-cells property for MT8188
  clk: imx: Fix an out-of-bounds access in dispmix_csr_clk_dev_data
  clk: scmi: Handle case where child clocks are initialized before their parents
DeltaFile
+11-9drivers/clk/clk-scmi.c
+8-4drivers/clk/imx/clk-imx95-blk-ctl.c
+3-0Documentation/devicetree/bindings/clock/mediatek,mt8188-clock.yaml
+22-133 files

Linux/linux 5d5d622. MAINTAINERS .mailmap, arch/x86 Kconfig

Merge tag 'x86_urgent_for_v6.16_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 fixes from Borislav Petkov:

 - Update Kirill's email address

 - Allow hugetlb PMD sharing only on 64-bit as it doesn't make a whole
   lotta sense on 32-bit

 - Add fixes for a misconfigured AMD Zen2 client which wasn't even
   supposed to run Linux

* tag 'x86_urgent_for_v6.16_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  MAINTAINERS: Update Kirill Shutemov's email address for TDX
  x86/mm: Disable hugetlb page table sharing on 32-bit
  x86/CPU/AMD: Disable INVLPGB on Zen2
  x86/rdrand: Disable RDSEED on AMD Cyan Skillfish
DeltaFile
+10-0arch/x86/kernel/cpu/amd.c
+1-1arch/x86/Kconfig
+1-1MAINTAINERS
+1-0arch/x86/include/asm/msr-index.h
+1-0.mailmap
+1-0tools/arch/x86/include/asm/msr-index.h
+15-26 files

Linux/linux 41998eedrivers/pci/msi msi.c, include/linux/irqchip irq-msi-lib.h

Merge tag 'irq_urgent_for_v6.16_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull irq fixes from Borislav Petkov:

 - Fix a case of recursive locking in the MSI code

 - Fix a randconfig build failure in armada-370-xp irqchip

* tag 'irq_urgent_for_v6.16_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  irqchip/irq-msi-lib: Fix build with PCI disabled
  PCI/MSI: Prevent recursive locking in pci_msix_write_tph_tag()
DeltaFile
+3-1drivers/pci/msi/msi.c
+1-0include/linux/irqchip/irq-msi-lib.h
+4-12 files

Linux/linux 0a197b7kernel/events core.c

Merge tag 'perf_urgent_for_v6.16_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull perf fix from Borislav Petkov:

 - Prevent perf_sigtrap() from observing an exiting task and warning
   about it

* tag 'perf_urgent_for_v6.16_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  perf/core: Fix WARN in perf_sigtrap()
DeltaFile
+7-7kernel/events/core.c
+7-71 files

Linux/linux 3f31a80mm rmap.c vmalloc.c, mm/kasan report.c

Merge tag 'mm-hotfixes-stable-2025-07-11-16-16' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm

Pull misc fixes from Andrew Morton:
 "19 hotfixes. A whopping 16 are cc:stable and the remainder address
  post-6.15 issues or aren't considered necessary for -stable kernels.

  14 are for MM.  Three gdb-script fixes and a kallsyms build fix"

* tag 'mm-hotfixes-stable-2025-07-11-16-16' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm:
  Revert "sched/numa: add statistics of numa balance task"
  mm: fix the inaccurate memory statistics issue for users
  mm/damon: fix divide by zero in damon_get_intervals_score()
  samples/damon: fix damon sample mtier for start failure
  samples/damon: fix damon sample wsse for start failure
  samples/damon: fix damon sample prcl for start failure
  kasan: remove kasan_find_vm_area() to prevent possible deadlock
  scripts: gdb: vfs: support external dentry names
  mm/migrate: fix do_pages_stat in compat mode
  mm/damon/core: handle damon_call_control as normal under kdmond deactivation

    [9 lines not shown]
DeltaFile
+252-0scripts/gdb/linux/mapletree.py
+28-18mm/rmap.c
+2-43mm/kasan/report.c
+28-0scripts/gdb/linux/xarray.py
+15-7mm/vmalloc.c
+8-8scripts/gdb/linux/interrupts.py
+333-7620 files not shown
+399-13026 files

Linux/linux 3b428e1fs/erofs data.c fileio.c

Merge tag 'erofs-for-6.16-rc6-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs

Pull erofs fixes from Gao Xiang:
 "Fix for a cache aliasing issue by adding missing flush_dcache_folio(),
  which causes execution failures on some arm32 setups.

  Fix for large compressed fragments, which could be generated by
  -Eall-fragments option (but should be rare) and was rejected by
  mistake due to an on-disk hardening commit.

  The remaining ones are small fixes. Summary:

   - Address cache aliasing for mappable page cache folios

   - Allow readdir() to be interrupted

   - Fix large fragment handling which was errored out by mistake

   - Add missing tracepoints

    [10 lines not shown]
DeltaFile
+16-5fs/erofs/data.c
+3-11fs/erofs/fileio.c
+4-8fs/erofs/decompressor.c
+4-5fs/erofs/zmap.c
+4-4fs/erofs/zdata.c
+4-2fs/erofs/internal.h
+35-351 files not shown
+41-357 files

Linux/linux 4412b8bfs/bcachefs btree_node_scan.c fsck.c

Merge tag 'bcachefs-2025-07-11' of git://evilpiepirate.org/bcachefs

Pull bcachefs fixes from Kent Overstreet.

* tag 'bcachefs-2025-07-11' of git://evilpiepirate.org/bcachefs:
  bcachefs: Don't set BCH_FS_error on transaction restart
  bcachefs: Fix additional misalignment in journal space calculations
  bcachefs: Don't schedule non persistent passes persistently
  bcachefs: Fix bch2_btree_transactions_read() synchronization
  bcachefs: btree read retry fixes
  bcachefs: btree node scan no longer uses btree cache
  bcachefs: Tweak btree cache helpers for use by btree node scan
  bcachefs: Fix btree for nonexistent tree depth
  bcachefs: Fix bch2_io_failures_to_text()
  bcachefs: bch2_fpunch_snapshot()
DeltaFile
+41-43fs/bcachefs/btree_node_scan.c
+6-27fs/bcachefs/fsck.c
+27-0fs/bcachefs/io_misc.c
+13-13fs/bcachefs/btree_cache.c
+17-6fs/bcachefs/recovery.c
+8-8fs/bcachefs/extents.c
+112-978 files not shown
+138-10814 files

Linux/linux 2632d81fs/smb/server smb2pdu.c transport_rdma.c

Merge tag 'v6.16-rc5-ksmbd-server-fixes' of git://git.samba.org/ksmbd

Pull smb server fixes from Steve French:

 - fix use after free in lease break

 - small fix for freeing rdma transport (fixes missing logging of
   cm_qp_destroy)

 - fix write count leak

* tag 'v6.16-rc5-ksmbd-server-fixes' of git://git.samba.org/ksmbd:
  ksmbd: fix potential use-after-free in oplock/lease break ack
  ksmbd: fix a mount write count leak in ksmbd_vfs_kern_path_locked()
  smb: server: make use of rdma_destroy_qp()
DeltaFile
+9-20fs/smb/server/smb2pdu.c
+3-2fs/smb/server/transport_rdma.c
+1-0fs/smb/server/vfs.c
+13-223 files

Linux/linux 379f604drivers/pci ecam.c, drivers/pci/controller pcie-apple.c pci-host-common.c

Merge tag 'pci-v6.16-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci

Pull PCI fixes from Bjorn Helgaas:

 - Track apple Root Ports explicitly and look up the driver data from
   the struct device instead of using dev->driver_data, which is used by
   pci_host_common_init() for the generic host bridge pointer (Marc
   Zyngier)

 - Set dev->driver_data before pci_host_common_init() calls
   gen_pci_init() because some drivers need it to set up ECAM mappings;
   this fixes a regression on MicroChip MPFS Icicle (Geert Uytterhoeven)

 - Revert the now-unnecessary use of ECAM pci_config_window.priv to
   store a copy of dev->driver_data (Marc Zyngier)

* tag 'pci-v6.16-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci:
  Revert "PCI: ecam: Allow cfg->priv to be pre-populated from the root port device"
  PCI: host-generic: Set driver_data before calling gen_pci_init()
  PCI: apple: Add tracking of probed root ports
DeltaFile
+49-4drivers/pci/controller/pcie-apple.c
+2-2drivers/pci/controller/pci-host-common.c
+0-2drivers/pci/ecam.c
+51-83 files

Linux/linux 3c2fe27drivers/char/agp amd64-agp.c, drivers/gpu/drm drm_gem.c drm_framebuffer.c

Merge tag 'drm-fixes-2025-07-12' of https://gitlab.freedesktop.org/drm/kernel

Pull drm fixes from Simona Vetter:
 "Cross-subsystem Changes:
   - agp/amd64 binding dmesg noise regression fix

  Core Changes:
   - fix race in gem_handle_create_tail
   - fixup handle_count fb refcount regression from -rc5, popular with
     reports ...
   - call rust dtor for drm_device release

  Driver Changes:
   - nouveau: magic 50ms suspend fix, acpi leak fix
   - tegra: dma api error in nvdec
   - pvr: fix device reset
   - habanalbs maintainer update
   - intel display: fix some dsi mipi sequences
   - xe fixes: SRIOV fixes, small GuC fixes, disable indirect ring due

    [24 lines not shown]
DeltaFile
+33-15drivers/gpu/drm/drm_gem.c
+28-10drivers/gpu/drm/xe/xe_devcoredump.c
+29-2drivers/gpu/drm/drm_framebuffer.c
+21-6drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/gsp.c
+7-9drivers/gpu/drm/drm_gem_framebuffer_helper.c
+8-8drivers/char/agp/amd64-agp.c
+126-5021 files not shown
+187-8927 files

Linux/linux 5f02b80fs eventpoll.c

Revert "eventpoll: Fix priority inversion problem"

This reverts commit 8c44dac8add7503c345c0f6c7962e4863b88ba42.

I haven't figured out what the actual bug in this commit is, but I did
spend a lot of time chasing it down and eventually succeeded in
bisecting it down to this.

For some reason, this eventpoll commit ends up causing delays and stuck
user space processes, but it only happens on one of my machines, and
only during early boot or during the flurry of initial activity when
logging in.

I must be triggering some very subtle timing issue, but once I figured
out the behavior pattern that made it reasonably reliable to trigger, it
did bisect right to this, and reverting the commit fixes the problem.

Of course, that was only after I had failed at bisecting it several
times, and had flailed around blaming both the drm people and the

    [11 lines not shown]
DeltaFile
+324-134fs/eventpoll.c
+324-1341 files

Linux/linux b44686cfs/erofs zmap.c internal.h

erofs: fix large fragment handling

Fragments aren't limited by Z_EROFS_PCLUSTER_MAX_DSIZE. However, if
a fragment's logical length is larger than Z_EROFS_PCLUSTER_MAX_DSIZE
but the fragment is not the whole inode, it currently returns
-EOPNOTSUPP because m_flags has the wrong EROFS_MAP_ENCODED flag set.
It is not intended by design but should be rare, as it can only be
reproduced by mkfs with `-Eall-fragments` in a specific case.

Let's normalize fragment m_flags using the new EROFS_MAP_FRAGMENT.

Reported-by: Axel Fontaine <axel at axelfontaine.com>
Closes: https://github.com/erofs/erofs-utils/issues/23
Fixes: 7c3ca1838a78 ("erofs: restrict pcluster size limitations")
Signed-off-by: Gao Xiang <hsiangkao at linux.alibaba.com>
Link: https://lore.kernel.org/r/20250711195826.3601157-1-hsiangkao@linux.alibaba.com
DeltaFile
+4-5fs/erofs/zmap.c
+3-1fs/erofs/internal.h
+1-1fs/erofs/zdata.c
+8-73 files

Linux/linux 40f92e7drivers/block nbd.c, drivers/md raid10.c raid1.c

Merge tag 'block-6.16-20250710' of git://git.kernel.dk/linux

Pull block fixes from Jens Axboe:

 - MD changes via Yu:
     - fix UAF due to stack memory used for bio mempool (Jinchao)
     - fix raid10/raid1 nowait IO error path (Nigel and Qixing)
     - fix kernel crash from reading bitmap sysfs entry (Håkon)

 - Fix for a UAF in the nbd connect error path

 - Fix for blocksize being bigger than pagesize, if THP isn't enabled

* tag 'block-6.16-20250710' of git://git.kernel.dk/linux:
  block: reject bs > ps block devices when THP is disabled
  nbd: fix uaf in nbd_genl_connect() error path
  md/md-bitmap: fix GPF in bitmap_get_stats()
  md/raid1,raid10: strip REQ_NOWAIT from member bios
  raid10: cleanup memleak at raid10_make_request
  md/raid1: Fix stack memory use after return in raid1_reshape
DeltaFile
+10-2drivers/md/raid10.c
+3-3drivers/block/nbd.c
+5-0include/linux/blkdev.h
+3-1drivers/md/raid1.c
+1-2drivers/md/md-bitmap.c
+22-85 files

Linux/linux cb3002einclude/linux io_uring_types.h, io_uring msg_ring.c io_uring.c

Merge tag 'io_uring-6.16-20250710' of git://git.kernel.dk/linux

Pull io_uring fixes from Jens Axboe:

 - Remove a pointless warning in the zcrx code

 - Fix for MSG_RING commands, where the allocated io_kiocb
   needs to be freed under RCU as well

 - Revert the work-around we had in place for the anon inodes
   pretending to be regular files. Since that got reworked
   upstream, the work-around is no longer needed

* tag 'io_uring-6.16-20250710' of git://git.kernel.dk/linux:
  Revert "io_uring: gate REQ_F_ISREG on !S_ANON_INODE as well"
  io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU
  io_uring/zcrx: fix pp destruction warnings
DeltaFile
+2-2io_uring/msg_ring.c
+1-2io_uring/io_uring.c
+0-3io_uring/zcrx.c
+2-0include/linux/io_uring_types.h
+5-74 files

Linux/linux c7979c3drivers/net/wireless/mediatek/mt76 mt792x_core.c, drivers/net/wireless/mediatek/mt76/mt7925 mcu.c

Merge tag 'net-6.16-rc6-2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

Pull more networking fixes from Jakub Kicinski
 "Big chunk of fixes for WiFi, Johannes says probably the last for the
  release.

  The Netlink fixes (on top of the tree) restore operation of iw (WiFi
  CLI) which uses sillily small recv buffer, and is the reason for this
  'emergency PR'.

  The GRE multicast fix also stands out among the user-visible
  regressions.

  Current release - fix to a fix:

   - netlink: make sure we always allow at least one skb to be queued,
     even if the recvbuf is (mis)configured to be tiny

  Previous releases - regressions:

    [50 lines not shown]
DeltaFile
+141-58drivers/net/wireless/mediatek/mt76/mt7996/mcu.c
+61-18drivers/net/wireless/mediatek/mt76/mt7925/mcu.c
+50-2net/wireless/util.c
+10-42drivers/net/wireless/mediatek/mt76/mt7996/mac.c
+33-12include/linux/ieee80211.h
+27-5drivers/net/wireless/mediatek/mt76/mt792x_core.c
+322-13751 files not shown
+500-27757 files

Linux/linux 5265593. MAINTAINERS, drivers/gpio gpiolib.c gpiolib-of.c

Merge tag 'gpio-fixes-for-v6.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux

Pull gpio fixes from Bartosz Golaszewski:

 - fix performance regression when setting values of multiple GPIO lines
   at once

 - make sure the GPIO OF xlate code doesn't end up passing an
   uninitialized local variable to GPIO core

 - update MAINTAINERS

* tag 'gpio-fixes-for-v6.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux:
  MAINTAINERS: remove bouncing address for Nandor Han
  gpio: of: initialize local variable passed to the .of_xlate() callback
  gpiolib: fix performance regression when using gpio_chip_get_multiple()
DeltaFile
+0-7MAINTAINERS
+3-2drivers/gpio/gpiolib.c
+1-1drivers/gpio/gpiolib-of.c
+4-103 files

Linux/linux 87cf461drivers/base/power main.c

Merge tag 'pm-6.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm

Pull power management fix from Rafael Wysocki:
 "Fix a coding mistake in a previous fix related to system suspend and
  hibernation merged recently"

* tag 'pm-6.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
  PM: sleep: Call pm_restore_gfp_mask() after dpm_resume()
DeltaFile
+1-1drivers/base/power/main.c
+1-11 files

Linux/linux a0f8361kernel/dma contiguous.c

Merge tag 'dma-mapping-6.16-2025-07-11' of git://git.kernel.org/pub/scm/linux/kernel/git/mszyprowski/linux

Pull dma-mapping fix from Marek Szyprowski:

 - small fix relevant to arm64 server and custom CMA configuration (Feng
   Tang)

* tag 'dma-mapping-6.16-2025-07-11' of git://git.kernel.org/pub/scm/linux/kernel/git/mszyprowski/linux:
  dma-contiguous: hornor the cma address limit setup by user
DeltaFile
+4-1kernel/dma/contiguous.c
+4-11 files

Linux/linux a215b57net/netlink af_netlink.c

netlink: make sure we allow at least one dump skb

Commit under Fixes tightened up the memory accounting for Netlink
sockets. Looks like the accounting is too strict for some existing
use cases, Marek reported issues with nl80211 / WiFi iw CLI.

To reduce number of iterations Netlink dumps try to allocate
messages based on the size of the buffer passed to previous
recvmsg() calls. If user space uses a larger buffer in recvmsg()
than sk_rcvbuf we will allocate an skb we won't be able to queue.

Make sure we always allow at least one skb to be queued.
Same workaround is already present in netlink_attachskb().
Alternative would be to cap the allocation size to
  rcvbuf - rmem_alloc
but as I said, the workaround is already present in other places.

Reported-by: Marek Szyprowski <m.szyprowski at samsung.com>
Link: https://lore.kernel.org/9794af18-4905-46c6-b12c-365ea2f05858@samsung.com

    [5 lines not shown]
DeltaFile
+3-2net/netlink/af_netlink.c
+3-21 files

Linux/linux a3c4a12net/netlink af_netlink.c

netlink: Fix rmem check in netlink_broadcast_deliver().

We need to allow queuing at least one skb even when skb is
larger than sk->sk_rcvbuf.

The cited commit made a mistake while converting a condition
in netlink_broadcast_deliver().

Let's correct the rmem check for the allow-one-skb rule.

Fixes: ae8f160e7eb24 ("netlink: Fix wraparounds of sk->sk_rmem_alloc.")
Signed-off-by: Kuniyuki Iwashima <kuniyu at google.com>
Link: https://patch.msgid.link/20250711053208.2965945-1-kuniyu@google.com
Signed-off-by: Jakub Kicinski <kuba at kernel.org>
DeltaFile
+1-1net/netlink/af_netlink.c
+1-11 files

Linux/linux 52c14eadrivers/net/ethernet/broadcom/bnxt bnxt_coredump.c bnxt_dcb.c

Merge branch 'bnxt_en-3-bug-fixes'

Michael Chan says:

====================
bnxt_en: 3 bug fixes

The first one fixes a possible failure when setting DCB ETS.
The second one fixes the ethtool coredump (-W 2) not containing
all the FW traces.  The third one fixes the DMA unmap length when
transmitting XDP_REDIRECT packets.
====================

Link: https://patch.msgid.link/20250710213938.1959625-1-michael.chan@broadcom.com
Signed-off-by: Jakub Kicinski <kuba at kernel.org>
DeltaFile
+11-7drivers/net/ethernet/broadcom/bnxt/bnxt_coredump.c
+2-0drivers/net/ethernet/broadcom/bnxt/bnxt_dcb.c
+1-1drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c
+14-83 files

Linux/linux 3cdf199drivers/net/ethernet/broadcom/bnxt bnxt_xdp.c

bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT

When transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()
with the proper length instead of 0.  This bug triggers this warning
on a system with IOMMU enabled:

WARNING: CPU: 36 PID: 0 at drivers/iommu/dma-iommu.c:842 __iommu_dma_unmap+0x159/0x170
RIP: 0010:__iommu_dma_unmap+0x159/0x170
Code: a8 00 00 00 00 48 c7 45 b0 00 00 00 00 48 c7 45 c8 00 00 00 00 48 c7 45 a0 ff ff ff ff 4c 89 45
b8 4c 89 45 c0 e9 77 ff ff ff <0f> 0b e9 60 ff ff ff e8 8b bf 6a 00 66 66 2e 0f 1f 84 00 00 00 00
RSP: 0018:ff22d31181150c88 EFLAGS: 00010206
RAX: 0000000000002000 RBX: 00000000e13a0000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ff22d31181150cf0 R08: ff22d31181150ca8 R09: 0000000000000000
R10: 0000000000000000 R11: ff22d311d36c9d80 R12: 0000000000001000
R13: ff13544d10645010 R14: ff22d31181150c90 R15: ff13544d0b2bac00
FS: 0000000000000000(0000) GS:ff13550908a00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005be909dacff8 CR3: 0008000173408003 CR4: 0000000000f71ef0

    [25 lines not shown]
DeltaFile
+1-1drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c
+1-11 files

Linux/linux 100c08cdrivers/net/ethernet/broadcom/bnxt bnxt_coredump.c

bnxt_en: Flush FW trace before copying to the coredump

bnxt_fill_drv_seg_record() calls bnxt_dbg_hwrm_log_buffer_flush()
to flush the FW trace buffer.  This needs to be done before we
call bnxt_copy_ctx_mem() to copy the trace data.

Without this fix, the coredump may not contain all the FW
traces.

Fixes: 3c2179e66355 ("bnxt_en: Add FW trace coredump segments to the coredump")
Reviewed-by: Kalesh AP <kalesh-anakkur.purayil at broadcom.com>
Signed-off-by: Shruti Parab <shruti.parab at broadcom.com>
Signed-off-by: Michael Chan <michael.chan at broadcom.com>
Link: https://patch.msgid.link/20250710213938.1959625-3-michael.chan@broadcom.com
Signed-off-by: Jakub Kicinski <kuba at kernel.org>
DeltaFile
+11-7drivers/net/ethernet/broadcom/bnxt/bnxt_coredump.c
+11-71 files

Linux/linux b74c2a2drivers/net/ethernet/broadcom/bnxt bnxt_dcb.c

bnxt_en: Fix DCB ETS validation

In bnxt_ets_validate(), the code incorrectly loops over all possible
traffic classes to check and add the ETS settings.  Fix it to loop
over the configured traffic classes only.

The unconfigured traffic classes will default to TSA_ETS with 0
bandwidth.  Looping over these unconfigured traffic classes may
cause the validation to fail and trigger this error message:

"rejecting ETS config starving a TC\n"

The .ieee_setets() will then fail.

Fixes: 7df4ae9fe855 ("bnxt_en: Implement DCBNL to support host-based DCBX.")
Reviewed-by: Sreekanth Reddy <sreekanth.reddy at broadcom.com>
Signed-off-by: Shravya KN <shravya.k-n at broadcom.com>
Signed-off-by: Michael Chan <michael.chan at broadcom.com>
Link: https://patch.msgid.link/20250710213938.1959625-2-michael.chan@broadcom.com
Signed-off-by: Jakub Kicinski <kuba at kernel.org>
DeltaFile
+2-0drivers/net/ethernet/broadcom/bnxt/bnxt_dcb.c
+2-01 files

Linux/linux e81750bdrivers/net/ethernet/xilinx ll_temac_main.c

net: ll_temac: Fix missing tx_pending check in ethtools_set_ringparam()

The function ll_temac_ethtools_set_ringparam() incorrectly checked
rx_pending twice, once correctly for RX and once mistakenly in place
of tx_pending. This caused tx_pending to be left unchecked against
TX_BD_NUM_MAX.
As a result, invalid TX ring sizes may have been accepted or valid
ones wrongly rejected based on the RX limit, leading to potential
misconfiguration or unexpected results.

This patch corrects the condition to properly validate tx_pending.

Fixes: f7b261bfc35e ("net: ll_temac: Make RX/TX ring sizes configurable")
Signed-off-by: Alok Tiwari <alok.a.tiwari at oracle.com>
Link: https://patch.msgid.link/20250710180621.2383000-1-alok.a.tiwari@oracle.com
Signed-off-by: Jakub Kicinski <kuba at kernel.org>
DeltaFile
+1-1drivers/net/ethernet/xilinx/ll_temac_main.c
+1-11 files

Linux/linux 5b81d59drivers/net/ethernet/mellanox/mlx5/core fs_core.c en_dim.c, drivers/net/ethernet/mellanox/mlx5/core/en fs.h

Merge branch 'mlx5-misc-fixes-2025-07-10'

Tariq Toukan says:

====================
mlx5 misc fixes 2025-07-10

This small patchset provides misc bug fixes from the team to the mlx5
core and EN drivers.
====================

Link: https://patch.msgid.link/1752155624-24095-1-git-send-email-tariqt@nvidia.com
Signed-off-by: Jakub Kicinski <kuba at kernel.org>
DeltaFile
+9-4drivers/net/ethernet/mellanox/mlx5/core/fs_core.c
+7-2drivers/net/ethernet/mellanox/mlx5/core/en/fs.h
+2-2drivers/net/ethernet/mellanox/mlx5/core/en_dim.c
+1-1drivers/net/ethernet/mellanox/mlx5/core/en_fs.c
+1-0drivers/net/ethernet/mellanox/mlx5/core/esw/qos.c
+20-95 files

Linux/linux eb41a26drivers/net/ethernet/mellanox/mlx5/core en_dim.c

net/mlx5e: Fix race between DIM disable and net_dim()

There's a race between disabling DIM and NAPI callbacks using the dim
pointer on the RQ or SQ.

If NAPI checks the DIM state bit and sees it still set, it assumes
`rq->dim` or `sq->dim` is valid. But if DIM gets disabled right after
that check, the pointer might already be set to NULL, leading to a NULL
pointer dereference in net_dim().

Fix this by calling `synchronize_net()` before freeing the DIM context.
This ensures all in-progress NAPI callbacks are finished before the
pointer is cleared.

Kernel log:

BUG: kernel NULL pointer dereference, address: 0000000000000000
...
RIP: 0010:net_dim+0x23/0x190

    [43 lines not shown]
DeltaFile
+2-2drivers/net/ethernet/mellanox/mlx5/core/en_dim.c
+2-21 files

Linux/linux f7b7646drivers/net/ethernet/mellanox/mlx5/core/esw qos.c

net/mlx5: Reset bw_share field when changing a node's parent

When changing a node's parent, its scheduling element is destroyed and
re-created with bw_share 0. However, the node's bw_share field was not
updated accordingly.

Set the node's bw_share to 0 after re-creation to keep the software
state in sync with the firmware configuration.

Fixes: 9c7bbf4c3304 ("net/mlx5: Add support for setting parent of nodes")
Signed-off-by: Carolina Jubran <cjubran at nvidia.com>
Reviewed-by: Cosmin Ratiu <cratiu at nvidia.com>
Reviewed-by: Dragos Tatulea <dtatulea at nvidia.com>
Signed-off-by: Tariq Toukan <tariqt at nvidia.com>
Reviewed-by: Jacob Keller <jacob.e.keller at intel.com>
Link: https://patch.msgid.link/1752155624-24095-2-git-send-email-tariqt@nvidia.com
Signed-off-by: Jakub Kicinski <kuba at kernel.org>
DeltaFile
+1-0drivers/net/ethernet/mellanox/mlx5/core/esw/qos.c
+1-01 files