Merge tag 'strncpy-removal-v7.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull strncpy removal from Kees Cook:
- Remove the per-arch strncpy implementations in alpha, m68k, powerpc,
x86, and xtensa
- Remove strncpy API
Over the last 6 years working on strncpy removal there were 362
commits by 70 contributors. Folks with more than 1 commit were:
211 Justin Stitt <justinstitt at google.com>
22 Xu Panda <xu.panda at zte.com.cn>
21 Kees Cook <kees at kernel.org>
17 Thorsten Blum <thorsten.blum at linux.dev>
12 Arnd Bergmann <arnd at arndb.de>
4 Pranav Tyagi <pranav.tyagi03 at gmail.com>
4 Lee Jones <lee at kernel.org>
[16 lines not shown]
Merge tag 'exfat-for-7.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/exfat
Pull exfat updates from Namjae Jeon:
- Convert exfat buffered and direct I/O to the iomap infrastructure
- Add the supporting block mapping changes needed for that conversion,
including multi-cluster allocation, byte-based cluster mapping
helpers
- Support SEEK_HOLE/SEEK_DATA and swapfile activation through iomap
- Fix damaged upcase-table handling so a zero-sized table does not lead
to an infinite loop
- Fix a potential use-after-free in exfat_find_dir_entry()
- Bound filename-entry advancement in exfat_find_dir_entry()
[25 lines not shown]
Merge tag 'ntfs-for-7.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/ntfs
Pull ntfs updates from Namjae Jeon:
- Harden handling of malformed on-disk metadata.
This adds stricter validation for attributes, attribute lists, index
roots and entries, EA entries, mapping pairs, and $LogFile restart
areas. These changes fix several out-of-bounds access, integer
overflow, and inconsistent metadata handling issues.
- Prevent a writeback deadlock involving extent MFT records
- Fix resource leaks in fill_super() failure paths and the name cache
- Serialize volume label access and improving its error handling
- Fix mapping-pairs decoding bounds and LCN overflow checks
[37 lines not shown]
Merge tag 'landlock-7.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux
Pull landlock updates from Mickaël Salaün:
"This adds new Landlock access rights to control UDP bind and
connect/send operations, and a new "quiet" feature to mute specific
specific audit logs (and other future observability events).
A few commits also fix Landlock issues"
* tag 'landlock-7.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux: (24 commits)
selftests/landlock: Add tests for invalid use of quiet flag
selftests/landlock: Add tests for quiet flag with scope
selftests/landlock: Add tests for quiet flag with net rules
selftests/landlock: Add tests for quiet flag with fs rules
selftests/landlock: Replace hard-coded 16 with a constant
samples/landlock: Add quiet flag support to sandboxer
landlock: Suppress logging when quiet flag is present
landlock: Add API support and docs for the quiet flags
landlock: Add a place for flags to layer rules
[12 lines not shown]
Merge tag 'for-next-keys-7.2-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd
Pull keys update from Jarkko Sakkinen:
"This contains only bug fixes"
* tag 'for-next-keys-7.2-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd:
keys: keyctl_pkey: replace BUG with return -EOPNOTSUPP
keys: request_key: replace BUG with return -EINVAL
keys: Pin request_key_auth payload in instantiate paths
keys: prevent slab cache merging for key_jar
keys: Replace strcpy(derived_buf, "AUTH_KEY") with strscpy(..., HASH_SIZE)
KEYS: Use acquire when reading state in keyring search
keys/trusted_keys: mark 'migratable' as __ro_after_init
keys: use kmalloc_flex in user_preparse
KEYS: trusted: Debugging as a feature
KEYS: encrypted: Remove unnecessary selection of CRYPTO_RNG
KEYS: fix overflow in keyctl_pkey_params_get_2()
Merge tag 'integrity-v7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull IMA updates from Mimi Zohar:
- Introduce IMA and EVM post-quantum ML-DSA signature support
ML-DSA signature support for IMA and EVM is limited to sigv3
signatures, which calculates and verifies a hash of a compact
structure containing the file data/metadata hash, hash type, and hash
algorithm. IMA and EVM still calculate the file data/metadata hashes
respectively.
- Introduce support for removing IMA measurement list records stored in
kernel memory
The IMA measurement list can grow large depending on policy, but
removing records breaks remote attestation, unless they are safely
preserved and made available for attestation requests. Until
environments are prepared to preserve the measurement records, a new
[36 lines not shown]
Merge tag 'mm-stable-2026-06-18-09-26' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Pull MM updates from Andrew Morton:
- "selftests/mm: clean up build output and verbosity" (Li Wang)
Remove some noise from the MM selftests build
- "mm: Free contiguous order-0 pages efficiently" (Ryan Roberts)
Speed up the freeing of a batch of 0-order pages by first scanning
them for coalescing opportunities. This is applicable to vfree() and
to the releasing of frozen pages
- "mm/damon: introduce DAMOS failed region quota charge ratio"
(SeongJae Park)
Address a DAMOS usability issue: The DAMOS quota often exhausts
prematurely because it charges for all memory attempted, causing slow
[242 lines not shown]
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull kvm updates from Paolo Bonzini:
"arm64:
This is a bit of an odd merge window on the KVM/arm64 front. There
is absolutely no new feature in the pull request. It is purely
fixes, because it is simply becoming too hard to review new stuff
when so many AI-fuelled fixes hit the list.
- Significant cleanup of the vgic-v5 PPI support which was merged in
7.1. This makes the code more maintainable, and squashes a couple
of bugs in the meantime
- Set of fixes for the handling of the MMU in an NV context,
particularly VNCR-triggered faults. S1POE support is fixed as well
- Large set of pKVM fixes, mostly addressing recurring issues around
hypervisor tracking of donated pages in obscure cases where the
[236 lines not shown]
Merge tag 'mips_7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux
Pull MIPS updates from Thomas Bogendoerfer:
- use software nodes for GPIO code
- cleanups and fixes
* tag 'mips_7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux: (41 commits)
mips: select legacy gpiolib interfaces where used
MIPS: lib: Remove '.hidden' for local symbols
MIPS: VDSO: Avoid including .got in dynamic segment
MIPS: smp: report dying CPU to RCU in stop_this_cpu()
MIPS: kernel: proc: Delete unnecessary braces in show_cpuinfo()
MIPS: kernel: proc: Use seq_putc() calls in show_cpuinfo()
mips: sched: Fix CPUMASK_OFFSTACK memory corruption
MIPS: mm: Fix out-of-bounds write in maar_res_walk()
MIPS: ath79: reduce ARCH_DMA_MINALIGN
mips: dts: ar9132: fix wdt node name
[11 lines not shown]
Merge tag 'powerpc-7.2-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux
Pull powerpc updates from Madhavan Srinivasan:
- Enable GENERIC_ENTRY feature
- Add missing property in DTS for mpc83xx platform
- Enable building of DTB based on platfrom Kconfig
- Add powerpc64 JIT support for timed may_goto
- Add timeout to RTAS busy-wait loops
- Simplify cpumask api usage for cpuinfo display
- implement get_direction() in cpm1 (8xx platform)
- MAINTAINERS file update for power VMX AES entries
[38 lines not shown]
Merge tag 'riscv-for-linus-7.2-mw1' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux
Pull RISC-V updates from Paul Walmsley:
- Prevent get_free_mem_region() from returning regions that are
unmappable in certain circumstances by defining
DIRECT_MAP_PHYSMEM_END for RISC-V
- Fix an early boot problem with kexec_file when the amount of
installed physical memory installed on the system exceeds the direct
map size, which is possible in certain RISC-V virtual memory modes
- Unconditionally sfence.vma in the new vmalloc area handling code in
the page fault handler, since even the presence of Svvptc doesn't
guarantee that the CPU won't immediately fault again after the
exception handler completes and subsequently crash
- Fix ftrace_graph_ret_addr() to use the correct task pointer (aligning
with what other architectures do)
[81 lines not shown]
Merge tag 'trace-ring-buffer-v7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace
Pull ring-buffer updates from Steven Rostedt
- Do not invalidate entire buffer for invalid sub-buffers
For the persistent ring buffer, if one sub-buffer is found to be
invalid, it invalidates the entire per CPU ring buffer. This can lose
a lot of valuable data if there's some corruption with the writes to
the buffer not syncing properly on a hard crash. Instead, if a
sub-buffer is found to be invalid, simply zero it out and mark it for
"missed events".
When the persistent ring buffer is read and a sub-buffer that was
cleared due to being invalid on boot up is discovered, the output
will show "[LOST EVENTS]" to let the user know that events were
missing at that location. Displaying the events from valid buffers
can still be useful.
[29 lines not shown]
Merge tag 'trace-v7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace
Pull tracing updates from Steven Rostedt:
- Remove a redundant IS_ERR() check
trace_pipe_open() already checks for IS_ERR() and does it again in
the return path. Remove the return check.
- Export seq_buf_putmem_hex() to allow kunit tests against them
To add Kunit tests on seq_buf_putmem_hex(), it needs to be exported.
- Replace strcat() and strcpy() with seq_buf() logic
The code for synthetic events uses a series of strcat() and strcpy()
which can be error prone. Replace them with seq_buf() logic that does
all the necessary bound checking.
[91 lines not shown]
string: Remove strncpy() from the kernel
strncpy() has been a persistent source of bugs due to its ambiguous
intended usage and frequently counter-intuitive semantics: it may not
NUL-terminate the destination, and it unconditionally zero-pads to the
full length, which isn't always needed. All former callers have been
migrated[1] to:
- strscpy() for NUL-terminated destinations
- strscpy_pad() for NUL-terminated destinations needing zero-padding
- strtomem_pad() for non-NUL-terminated fixed-width fields
- memcpy_and_pad() for bounded copies with explicit padding
- memcpy() for known-length copies
Remove the generic implementation, its declaration, the FORTIFY_SOURCE
wrapper, and associated tests.
Link: https://github.com/KSPP/linux/issues/90 [1]
Signed-off-by: Kees Cook <kees at kernel.org>
Merge tag 'cxl-for-7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/cxl/cxl
Pull CXL updates from Dave Jiang:
"A collection of CXL fixes and changes, including an update to
MAINTAINERS to add Ming Li as a CXL subsystem reviewer.
There's also a series to introduce devm_cxl_probe_mem() core API in
order to pave the way for CXL type2 device drivers to setup and
retrieve CXL region resource during probe"
* tag 'cxl-for-7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/cxl/cxl: (26 commits)
cxl: Add dummy function for cxl_memdev_attach_region for !CONFIG_CXL_REGION
cxl/region: Introduce devm_cxl_probe_mem()
cxl/memdev: Introduce cxl_class_memdev_type
cxl/memdev: Pin parents for entire memdev lifetime
cxl/region: Resolve region deletion races
cxl/region: Block region delete during region creation
cxl/region: Fill first free targets[] slot during auto-discovery
cxl/region: Fix out-of-bounds access in cxl_cancel_auto_attach()
[13 lines not shown]
xtensa: Remove arch-specific strncpy() implementation
strncpy() has no remaining callers in the kernel[1]. Remove the
xtensa-specific inline assembly implementation and __HAVE_ARCH_STRNCPY
define, falling back to the generic version in lib/string.c.
Link: https://github.com/KSPP/linux/issues/90 [1]
Signed-off-by: Kees Cook <kees at kernel.org>
powerpc: Remove arch-specific strncpy() implementation
strncpy() has no remaining callers in the kernel[1]. Remove the
powerpc-specific assembly implementation from both the kernel
(arch/powerpc/lib/string.S) and the boot wrapper
(arch/powerpc/boot/string.S), along with the __HAVE_ARCH_STRNCPY
define and declaration, falling back to the generic version in
lib/string.c.
The boot wrapper's strncpy had no callers in arch/powerpc/boot/.
Link: https://github.com/KSPP/linux/issues/90 [1]
Signed-off-by: Kees Cook <kees at kernel.org>
x86: Remove arch-specific strncpy() implementation
strncpy() has no remaining callers in the kernel[1]. Remove the
x86-32-specific inline assembly implementation and __HAVE_ARCH_STRNCPY
define, falling back to the generic version in lib/string.c.
Link: https://github.com/KSPP/linux/issues/90 [1]
Signed-off-by: Kees Cook <kees at kernel.org>
m68k: Remove arch-specific strncpy() implementation
strncpy() has no remaining callers in the kernel[1]. Remove the
m68k-specific inline assembly implementation and __HAVE_ARCH_STRNCPY
define, falling back to the generic version in lib/string.c.
Link: https://github.com/KSPP/linux/issues/90 [1]
Signed-off-by: Kees Cook <kees at kernel.org>
alpha: Remove arch-specific strncpy() implementation
strncpy() has no remaining callers in the kernel[1]. Remove the
alpha-specific assembly implementation and __HAVE_ARCH_STRNCPY define,
falling back to the generic version in lib/string.c.
The __stxncpy helper (stxncpy.S/ev6-stxncpy.S) is retained as it is
still used by strncat.
Link: https://github.com/KSPP/linux/issues/90 [1]
Signed-off-by: Kees Cook <kees at kernel.org>
Merge tag 'libnvdimm-for-7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm
Pull nvdimm/dax updates from Alison Schofield:
- Fix a race condition and a couple of static analysis issues in BTT
- Use sysfs_emit() in preparation for removal of cpumap_print_to_pagebuf()
- Escalate a dev_dbg to dev_err in a resource conflict message
- MAINTAINER file updates
* tag 'libnvdimm-for-7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm:
MAINTAINERS: nvdimm: Include maintainer profile
MAINTAINERS: Update address for Ira Weiny
MAINTAINERS: Add maintainer info for libnvdimm and DAX
nvdimm: Use sysfs_emit() for cpumask show callback
dax/bus: Upgrade resource conflict message to dev_err() in alloc_dax_region()
nvdimm/btt: Free arenas on btt_init() error paths
[2 lines not shown]
Merge tag 'pmdomain-v7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm
Pull pmdomain updates from Ulf Hansson:
"pmdomain core:
- Add OF helpers for parsing the power-domains-child-ids property
- Extend the power domain DT binding with power-domains-child-ids
- Switch to use the dynamic root device
pmdomain providers:
- arm: Add support for domain hierarchies to SCMI power domains
- qcom: Add power domains for the Shikra and Nord SoCs
- sunxi: Fix GPU support on Radxa Cubie A7Z by keeping power domain on"
* tag 'pmdomain-v7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm:
pmdomain: core: fix unused variable warning with !PM_GENERIC_DOMAINS_OF
pmdomain: core: fix early domain registration
pmdomain: mediatek: mfg: move __packed after struct name to fix kernel-doc
pmdomain: qcom: rpmpd: Add Shikra RPM Power Domains
pmdomain: qcom: rpmhpd: Add power domains for Nord SoC
[9 lines not shown]
Merge tag 'pinctrl-v7.2-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl
Pull pin control updates from Linus Walleij:
"Core changes:
- Add new generic callbacks to populate per-pin pin controllers
creating groups and functions from the device tree building out
pinctrl_generic_to_map() and move the Spacemit driver over to use
this
- Generic board-level pin control driver using the mux framework
New pin controller drivers:
- Amlogic (meson) A9 SoC
- Aspeed AST2700 SoC0 and SoC1
- nVidia Tegra264 and Tegra238
[54 lines not shown]
Merge tag 'backlight-next-7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/backlight
Pull backlight updates from Lee Jones:
"New Support & Features:
- Maxim MAX25014: Add support for the Maxim MAX25014 4-channel
automotive grade backlight driver IC
Improvements & Fixes:
- Maintainers: Add the Congatec Board Controller backlight driver to
its corresponding entry
- Congatec Board Controller: Remove redundant X86 dependency from the
backlight driver
- Kinetic KTD2801: Enable BL_CORE_SUSPENDRESUME to ensure the chip is
powered off during suspend
Cleanups & Refactoring:
- Core: Use named initializers for i2c_device_id arrays to improve
readability and robustness
[11 lines not shown]
Merge tag 'leds-next-7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/leds
Pull LED updates from Lee Jones:
"New Support & Features:
- Samsung S2MU005: Add support for the Samsung S2MU005 PMIC which
includes flash and RGB LED controllers
- Texas Instruments:
- LP5812: Add support for the TI LP5812 LED driver
- LP5860: Add support for the Texas Instruments LP5860 LED matrix
driver via SPI
Improvements & Fixes:
- Core:
- Adjust the brightness sysfs node documentation to clarify that
only decimal values are accepted
- Fix a race condition in the software blink logic when stopping
blinking and setting brightness simultaneously
- Introduce the `multi_max_intensity` sysfs attribute for
multicolor LEDs to support hardware-based global brightness
[81 lines not shown]
Merge tag 'mfd-next-7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd
Pull MFD updates from Lee Jones:
"New Support & Features:
- Renesas RSMU: Add support for the IDT 8a34002 Clock Matrix
- Samsung S2MU005: Add support for the Samsung S2MU005 PMIC which
includes charger, MUIC, flash and RGB LED controllers
- SpacemiT P1: Add a reboot cell for the SpacemiT P1 chip
- Texas Instruments BQ25792: Add support for the TI BQ25792 charger
manager
Improvements & Fixes:
- Core: Unify the user-visible company name to "Qualcomm" across
various config options
- ChromeOS EC:
- Delay `dev_set_drvdata()` until the probe process has
successfully completed to avoid use-after-free issues
- Prevent adding `cros_ec_ucsi` as an MFD sub-device if it is
already defined in Device Tree or ACPI
[97 lines not shown]
Merge tag 'hid-for-linus-2026061601' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid
Pull HID updates from Jiri Kosina:
"Core:
- semantic cleanup fixes for 'hid_device_id::driver_data' (Pawel
Zalewski)
Multitouch:
- UX improvement fixes for Yoga Book 9 (Dave Carey)
Logitech:
- fix for high resolution scrolling for Logitech HID++ 2.0 devices
(Lauri Saurus)
CP2112:
- fix for cp2112 firmware-based speed configuration, if available
(Danny Kaehn)
Wacom:
[32 lines not shown]
Merge tag 'ext4_for_linus-7.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
Pull ext4 updates from Ted Ts'o:
- A major rework of the fast commit mechanism to avoid lock contention
and deadlocks. We also export snapshot statistics in
/proc/fs/ext4/*/fc_info
- Performance optimization for directory hash computation by processing
input in 4-byte chunks and removing function pointers, along with new
KUnit tests for directory hash
- Cleanups in JBD2 to remove special slabs and use kmalloc() instead
- Various bug fixes, including:
- Early validation of donor superblock in EXT4_IOC_MOVE_EXT to
avoid cross-fs deadlock
- Fix for a kernel BUG in ext4_write_inline_data_end under
data=journal
[30 lines not shown]
Merge tag 'v7.2-rc-part1-ksmbd-fixes' of git://git.samba.org/ksmbd
Pull smb server updates from Steve French:
- Use after free fixes
- Out of bounds read fix
- Add SMB compression support both at rest and over the wire: support
decompression of compressed SMB2 requests, initially allow compressed
SMB2 READ responses, and implement get/set compression operations for
per-file compression state.
- Credentials fixes: for various FSCTLs, setinfo, delete on close and
for alternate data streams
- Fix access checks and permission checks in DUPLICAT_EXTENTS and
SET_ZERO_DATA fsctls, find_file_posix_info, FILE_LINK_INFORMATION and
smb2_set_info_sec
[33 lines not shown]
