smb - OpenGrok history log for /linux-6.15/fs/smb/

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
10379171	20-May-2025	Namjae Jeon <[email protected]>	ksmbd: use list_first_entry_or_null for opinfo_get_list() The list_first_entry() macro never returns NULL. If the list is empty then it returns an invalid pointer. Use list_first_entry_or_null() t ksmbd: use list_first_entry_or_null for opinfo_get_list() The list_first_entry() macro never returns NULL. If the list is empty then it returns an invalid pointer. Use list_first_entry_or_null() to check if the list is empty. Reported-by: kernel test robot <[email protected]> Reported-by: Dan Carpenter <[email protected]> Closes: https://lore.kernel.org/r/[email protected]/ Signed-off-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/oplock.c
68477b5d	21-May-2025	Namjae Jeon <[email protected]>	ksmbd: fix rename failure I found that rename fails after cifs mount due to update of lookup_one_qstr_excl(). mv a/c b/ mv: cannot move 'a/c' to 'b/c': No such file or directory In order to renam ksmbd: fix rename failure I found that rename fails after cifs mount due to update of lookup_one_qstr_excl(). mv a/c b/ mv: cannot move 'a/c' to 'b/c': No such file or directory In order to rename to a new name regardless of whether the dentry is negative, we need to get the dentry through lookup_one_qstr_excl(). So It will not return error if the name doesn't exist. Fixes: 204a575e91f3 ("VFS: add common error checks to lookup_one_qstr_excl()") Signed-off-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/vfs.c
1f4bbedd	08-May-2025	Namjae Jeon <[email protected]>	ksmbd: fix stream write failure If there is no stream data in file, v_len is zero. So, If position(pos) is zero, stream write will fail due to stream write position validation check. This patch reo ksmbd: fix stream write failure If there is no stream data in file, v_len is zero. So, If position(pos) is zero, stream write will fail due to stream write position validation check. This patch reorganize stream write position validation. Fixes: 0ca6df4f40cf ("ksmbd: prevent out-of-bounds stream writes by validating *pos") Signed-off-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... /linux-6.15/.mailmap /linux-6.15/Documentation/ABI/testing/sysfs-devices-system-cpu /linux-6.15/Documentation/ABI/testing/sysfs-driver-hid-appletb-kbd /linux-6.15/Documentation/admin-guide/hw-vuln/index.rst /linux-6.15/Documentation/admin-guide/hw-vuln/indirect-target-selection.rst /linux-6.15/Documentation/admin-guide/kernel-parameters.txt /linux-6.15/Documentation/kbuild/reproducible-builds.rst /linux-6.15/Documentation/netlink/specs/tc.yaml /linux-6.15/Documentation/networking/timestamping.rst /linux-6.15/MAINTAINERS /linux-6.15/Makefile /linux-6.15/arch/arm/boot/dts/amlogic/meson8.dtsi /linux-6.15/arch/arm/boot/dts/amlogic/meson8b.dtsi /linux-6.15/arch/arm64/boot/dts/amazon/alpine-v2.dtsi /linux-6.15/arch/arm64/boot/dts/amazon/alpine-v3.dtsi /linux-6.15/arch/arm64/boot/dts/amlogic/meson-g12-common.dtsi /linux-6.15/arch/arm64/boot/dts/amlogic/meson-g12b-dreambox.dtsi /linux-6.15/arch/arm64/boot/dts/amlogic/meson-gxbb.dtsi /linux-6.15/arch/arm64/boot/dts/amlogic/meson-gxl.dtsi /linux-6.15/arch/arm64/boot/dts/apple/t8103-j293.dts /linux-6.15/arch/arm64/boot/dts/apple/t8112-j493.dts /linux-6.15/arch/arm64/boot/dts/freescale/imx8mp-nominal.dtsi /linux-6.15/arch/arm64/boot/dts/freescale/imx8mp-var-som.dtsi /linux-6.15/arch/arm64/boot/dts/freescale/imx8mp.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/px30-engicam-common.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/px30-engicam-ctouch2.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/px30-engicam-px30-core-edimm2.2.dts /linux-6.15/arch/arm64/boot/dts/rockchip/rk3399-rock-pi-4.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/rk3566-bigtreetech-cb2.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/rk3568-qnap-ts433.dts /linux-6.15/arch/arm64/boot/dts/rockchip/rk3576-armsom-sige5.dts /linux-6.15/arch/arm64/boot/dts/rockchip/rk3588-friendlyelec-cm3588.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/rk3588-turing-rk1.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/rk3588j.dtsi /linux-6.15/arch/arm64/include/asm/cputype.h /linux-6.15/arch/arm64/include/asm/insn.h /linux-6.15/arch/arm64/include/asm/spectre.h /linux-6.15/arch/arm64/kernel/proton-pack.c /linux-6.15/arch/arm64/lib/insn.c /linux-6.15/arch/arm64/net/bpf_jit_comp.c /linux-6.15/arch/loongarch/include/asm/ptrace.h /linux-6.15/arch/loongarch/include/asm/uprobes.h /linux-6.15/arch/loongarch/kernel/genex.S /linux-6.15/arch/loongarch/kernel/kfpu.c /linux-6.15/arch/loongarch/kernel/time.c /linux-6.15/arch/loongarch/kernel/uprobes.c /linux-6.15/arch/loongarch/power/hibernate.c /linux-6.15/arch/riscv/boot/dts/sophgo/cv18xx.dtsi /linux-6.15/arch/um/Makefile /linux-6.15/arch/x86/Kconfig /linux-6.15/arch/x86/coco/sev/core.c /linux-6.15/arch/x86/entry/entry_64.S /linux-6.15/arch/x86/events/intel/ds.c /linux-6.15/arch/x86/include/asm/alternative.h /linux-6.15/arch/x86/include/asm/cpufeatures.h /linux-6.15/arch/x86/include/asm/msr-index.h /linux-6.15/arch/x86/include/asm/nospec-branch.h /linux-6.15/arch/x86/include/asm/sev-common.h /linux-6.15/arch/x86/kernel/alternative.c /linux-6.15/arch/x86/kernel/cpu/amd.c /linux-6.15/arch/x86/kernel/cpu/bugs.c /linux-6.15/arch/x86/kernel/cpu/common.c /linux-6.15/arch/x86/kernel/ftrace.c /linux-6.15/arch/x86/kernel/module.c /linux-6.15/arch/x86/kernel/static_call.c /linux-6.15/arch/x86/kernel/vmlinux.lds.S /linux-6.15/arch/x86/kvm/x86.c /linux-6.15/arch/x86/lib/retpoline.S /linux-6.15/arch/x86/mm/init_32.c /linux-6.15/arch/x86/mm/init_64.c /linux-6.15/arch/x86/net/bpf_jit_comp.c /linux-6.15/block/bio-integrity-auto.c /linux-6.15/block/bio.c /linux-6.15/drivers/accel/ivpu/ivpu_debugfs.c /linux-6.15/drivers/acpi/pptt.c /linux-6.15/drivers/base/cpu.c /linux-6.15/drivers/block/ublk_drv.c /linux-6.15/drivers/char/tpm/tpm-buf.c /linux-6.15/drivers/char/tpm/tpm2-sessions.c /linux-6.15/drivers/char/tpm/tpm_tis_core.h /linux-6.15/drivers/dma-buf/dma-resv.c /linux-6.15/drivers/dma/amd/ptdma/ptdma-dmaengine.c /linux-6.15/drivers/dma/dmatest.c /linux-6.15/drivers/dma/fsl-edma-main.c /linux-6.15/drivers/dma/idxd/cdev.c /linux-6.15/drivers/dma/idxd/init.c /linux-6.15/drivers/dma/mediatek/mtk-cqdma.c /linux-6.15/drivers/dma/ti/k3-udma.c /linux-6.15/drivers/gpio/gpio-pca953x.c /linux-6.15/drivers/gpio/gpio-virtuser.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c /linux-6.15/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c /linux-6.15/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c /linux-6.15/drivers/gpu/drm/amd/display/dc/core/dc.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dml/dcn35/dcn35_fpu.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dml2/dml21/dml21_translation_helper.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dpp/dcn401/dcn401_dpp_cm.c /linux-6.15/drivers/gpu/drm/amd/display/dc/hwss/dcn401/dcn401_hwseq.c /linux-6.15/drivers/gpu/drm/amd/display/dc/link/link_dpms.c /linux-6.15/drivers/gpu/drm/drm_gpusvm.c /linux-6.15/drivers/gpu/drm/meson/meson_encoder_hdmi.c /linux-6.15/drivers/gpu/drm/tiny/panel-mipi-dbi.c /linux-6.15/drivers/gpu/drm/xe/instructions/xe_mi_commands.h /linux-6.15/drivers/gpu/drm/xe/regs/xe_engine_regs.h /linux-6.15/drivers/gpu/drm/xe/regs/xe_gt_regs.h /linux-6.15/drivers/gpu/drm/xe/regs/xe_lrc_layout.h /linux-6.15/drivers/gpu/drm/xe/xe_device_types.h /linux-6.15/drivers/gpu/drm/xe/xe_exec_queue.c /linux-6.15/drivers/gpu/drm/xe/xe_guc_submit.c /linux-6.15/drivers/gpu/drm/xe/xe_lrc.c /linux-6.15/drivers/gpu/drm/xe/xe_lrc.h /linux-6.15/drivers/gpu/drm/xe/xe_lrc_types.h /linux-6.15/drivers/gpu/drm/xe/xe_module.c /linux-6.15/drivers/gpu/drm/xe/xe_module.h /linux-6.15/drivers/gpu/drm/xe/xe_pci.c /linux-6.15/drivers/gpu/drm/xe/xe_pci_types.h /linux-6.15/drivers/gpu/drm/xe/xe_pt.c /linux-6.15/drivers/gpu/drm/xe/xe_ring_ops.c /linux-6.15/drivers/gpu/drm/xe/xe_shrinker.c /linux-6.15/drivers/gpu/drm/xe/xe_svm.c /linux-6.15/drivers/gpu/drm/xe/xe_svm.h /linux-6.15/drivers/gpu/drm/xe/xe_trace_lrc.h /linux-6.15/drivers/gpu/drm/xe/xe_wa.c /linux-6.15/drivers/hid/amd-sfh-hid/sfh1_1/amd_sfh_init.c /linux-6.15/drivers/hid/bpf/hid_bpf_dispatch.c /linux-6.15/drivers/hid/bpf/progs/XPPen__ACK05.bpf.c /linux-6.15/drivers/hid/hid-ids.h /linux-6.15/drivers/hid/hid-quirks.c /linux-6.15/drivers/hid/hid-steam.c /linux-6.15/drivers/hid/hid-thrustmaster.c /linux-6.15/drivers/hid/hid-uclogic-core.c /linux-6.15/drivers/hid/wacom_sys.c /linux-6.15/drivers/hv/channel.c /linux-6.15/drivers/i2c/busses/i2c-designware-pcidrv.c /linux-6.15/drivers/infiniband/core/device.c /linux-6.15/drivers/infiniband/hw/irdma/main.c /linux-6.15/drivers/infiniband/hw/irdma/verbs.c /linux-6.15/drivers/infiniband/sw/rxe/rxe_cq.c /linux-6.15/drivers/irqchip/irq-gic-v2m.c /linux-6.15/drivers/irqchip/irq-gic-v3-its-msi-parent.c /linux-6.15/drivers/irqchip/irq-gic-v3-mbi.c /linux-6.15/drivers/irqchip/irq-mvebu-gicp.c /linux-6.15/drivers/irqchip/irq-mvebu-odmi.c /linux-6.15/drivers/irqchip/irq-riscv-imsic-state.c /linux-6.15/drivers/net/dsa/b53/b53_common.c /linux-6.15/drivers/net/dsa/b53/b53_regs.h /linux-6.15/drivers/net/dsa/microchip/ksz_common.c /linux-6.15/drivers/net/dsa/sja1105/sja1105_main.c /linux-6.15/drivers/net/ethernet/broadcom/bnxt/bnxt.c /linux-6.15/drivers/net/ethernet/cadence/macb_main.c /linux-6.15/drivers/net/ethernet/engleder/tsnep_main.c /linux-6.15/drivers/net/ethernet/marvell/octeontx2/af/cgx.c /linux-6.15/drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c /linux-6.15/drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.h /linux-6.15/drivers/net/ethernet/marvell/octeontx2/nic/otx2_devlink.c /linux-6.15/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c /linux-6.15/drivers/net/ethernet/marvell/octeontx2/nic/otx2_flows.c /linux-6.15/drivers/net/ethernet/mediatek/mtk_eth_soc.c /linux-6.15/drivers/net/ethernet/mellanox/mlx5/core/en_main.c /linux-6.15/drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c /linux-6.15/drivers/net/ethernet/qlogic/qede/qede_main.c /linux-6.15/drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c /linux-6.15/drivers/net/ethernet/wangxun/libwx/wx_hw.c /linux-6.15/drivers/net/ethernet/wangxun/txgbe/txgbe_hw.c /linux-6.15/drivers/net/ethernet/wangxun/txgbe/txgbe_type.h /linux-6.15/drivers/net/hyperv/hyperv_net.h /linux-6.15/drivers/net/hyperv/netvsc.c /linux-6.15/drivers/net/hyperv/netvsc_drv.c /linux-6.15/drivers/net/hyperv/rndis_filter.c /linux-6.15/drivers/net/phy/micrel.c /linux-6.15/drivers/net/wireless/mediatek/mt76/dma.c /linux-6.15/drivers/net/wireless/mediatek/mt76/mt7925/mcu.c /linux-6.15/drivers/nvme/host/core.c /linux-6.15/drivers/nvme/host/multipath.c /linux-6.15/drivers/nvme/host/nvme.h /linux-6.15/drivers/nvme/host/pci.c /linux-6.15/drivers/nvme/target/pci-epf.c /linux-6.15/drivers/phy/phy-can-transceiver.c /linux-6.15/drivers/phy/qualcomm/phy-qcom-qmp-ufs.c /linux-6.15/drivers/phy/renesas/phy-rcar-gen3-usb2.c /linux-6.15/drivers/phy/rockchip/phy-rockchip-samsung-dcphy.c /linux-6.15/drivers/phy/rockchip/phy-rockchip-samsung-hdptx.c /linux-6.15/drivers/phy/starfive/phy-jh7110-usb.c /linux-6.15/drivers/phy/tegra/xusb-tegra186.c /linux-6.15/drivers/phy/tegra/xusb.c /linux-6.15/drivers/platform/x86/amd/hsmp/acpi.c /linux-6.15/drivers/platform/x86/amd/hsmp/hsmp.h /linux-6.15/drivers/platform/x86/amd/hsmp/plat.c /linux-6.15/drivers/platform/x86/amd/pmc/pmc-quirks.c /linux-6.15/drivers/platform/x86/amd/pmf/tee-if.c /linux-6.15/drivers/platform/x86/asus-wmi.c /linux-6.15/drivers/platform/x86/thinkpad_acpi.c /linux-6.15/drivers/regulator/max20086-regulator.c /linux-6.15/drivers/scsi/sd_zbc.c /linux-6.15/drivers/scsi/storvsc_drv.c /linux-6.15/drivers/soundwire/bus.c /linux-6.15/drivers/spi/spi-loopback-test.c /linux-6.15/drivers/spi/spi-sun4i.c /linux-6.15/drivers/spi/spi-tegra114.c /linux-6.15/drivers/usb/gadget/function/f_midi2.c /linux-6.15/fs/bcachefs/backpointers.c /linux-6.15/fs/bcachefs/btree_cache.c /linux-6.15/fs/bcachefs/btree_iter.c /linux-6.15/fs/bcachefs/disk_accounting.c /linux-6.15/fs/bcachefs/disk_accounting.h /linux-6.15/fs/bcachefs/fs.c /linux-6.15/fs/bcachefs/fsck.c /linux-6.15/fs/bcachefs/journal_reclaim.c /linux-6.15/fs/bcachefs/rebalance.c /linux-6.15/fs/binfmt_elf.c /linux-6.15/fs/btrfs/discard.c /linux-6.15/fs/btrfs/fs.h /linux-6.15/fs/btrfs/inode.c /linux-6.15/fs/btrfs/super.c /linux-6.15/fs/buffer.c /linux-6.15/fs/eventpoll.c /linux-6.15/fs/nfs/client.c /linux-6.15/fs/nfs/dir.c /linux-6.15/fs/nfs/direct.c /linux-6.15/fs/nfs/filelayout/filelayoutdev.c /linux-6.15/fs/nfs/flexfilelayout/flexfilelayout.c /linux-6.15/fs/nfs/flexfilelayout/flexfilelayoutdev.c /linux-6.15/fs/nfs/localio.c /linux-6.15/fs/nfs/netns.h /linux-6.15/fs/nfs/nfs3acl.c /linux-6.15/fs/nfs/nfs4proc.c /linux-6.15/fs/nfs/nfs4trace.h /linux-6.15/fs/nfs/pnfs.c /linux-6.15/fs/nfs/pnfs.h /linux-6.15/fs/nfs/pnfs_nfs.c server/vfs.c /linux-6.15/fs/udf/truncate.c /linux-6.15/fs/xattr.c /linux-6.15/fs/xfs/xfs_super.c /linux-6.15/fs/xfs/xfs_trans_ail.c /linux-6.15/fs/xfs/xfs_zone_gc.c /linux-6.15/include/drm/drm_gpusvm.h /linux-6.15/include/linux/bio.h /linux-6.15/include/linux/cpu.h /linux-6.15/include/linux/execmem.h /linux-6.15/include/linux/hyperv.h /linux-6.15/include/linux/micrel_phy.h /linux-6.15/include/linux/module.h /linux-6.15/include/linux/nfs_fs_sb.h /linux-6.15/include/linux/pgalloc_tag.h /linux-6.15/include/linux/soundwire/sdw_intel.h /linux-6.15/include/linux/tpm.h /linux-6.15/include/net/bluetooth/hci_core.h /linux-6.15/include/net/sch_generic.h /linux-6.15/include/sound/ump_msg.h /linux-6.15/init/Kconfig /linux-6.15/io_uring/fdinfo.c /linux-6.15/io_uring/memmap.c /linux-6.15/io_uring/uring_cmd.c /linux-6.15/kernel/cgroup/cpuset.c /linux-6.15/kernel/fork.c /linux-6.15/kernel/module/Kconfig /linux-6.15/kernel/sched/ext.c /linux-6.15/kernel/sched/ext_idle.c /linux-6.15/kernel/trace/fprobe.c /linux-6.15/kernel/trace/ring_buffer.c /linux-6.15/kernel/trace/trace_dynevent.c /linux-6.15/kernel/trace/trace_dynevent.h /linux-6.15/kernel/trace/trace_eprobe.c /linux-6.15/kernel/trace/trace_events_trigger.c /linux-6.15/kernel/trace/trace_functions.c /linux-6.15/kernel/trace/trace_kprobe.c /linux-6.15/kernel/trace/trace_probe.c /linux-6.15/kernel/trace/trace_uprobe.c /linux-6.15/mm/execmem.c /linux-6.15/mm/hugetlb.c /linux-6.15/mm/internal.h /linux-6.15/mm/memory.c /linux-6.15/mm/mm_init.c /linux-6.15/mm/page_alloc.c /linux-6.15/mm/swapfile.c /linux-6.15/mm/userfaultfd.c /linux-6.15/mm/zsmalloc.c /linux-6.15/net/batman-adv/hard-interface.c /linux-6.15/net/bluetooth/hci_conn.c /linux-6.15/net/bluetooth/hci_event.c /linux-6.15/net/bluetooth/mgmt.c /linux-6.15/net/core/dev.c /linux-6.15/net/core/devmem.c /linux-6.15/net/core/devmem.h /linux-6.15/net/core/netdev-genl.c /linux-6.15/net/mac80211/main.c /linux-6.15/net/mctp/device.c /linux-6.15/net/mctp/route.c /linux-6.15/net/sched/sch_codel.c /linux-6.15/net/sched/sch_fq.c /linux-6.15/net/sched/sch_fq_codel.c /linux-6.15/net/sched/sch_fq_pie.c /linux-6.15/net/sched/sch_hhf.c /linux-6.15/net/sched/sch_pie.c /linux-6.15/net/tls/tls_strp.c /linux-6.15/samples/ftrace/sample-trace-array.c /linux-6.15/scripts/Makefile.extrawarn /linux-6.15/scripts/Makefile.vmlinux /linux-6.15/scripts/Makefile.vmlinux_o /linux-6.15/scripts/package/kernel.spec /linux-6.15/scripts/package/mkdebian /linux-6.15/security/landlock/audit.c /linux-6.15/security/landlock/id.c /linux-6.15/security/landlock/syscalls.c /linux-6.15/sound/core/seq/seq_clientmgr.c /linux-6.15/sound/core/seq/seq_ump_convert.c /linux-6.15/sound/core/seq/seq_ump_convert.h /linux-6.15/sound/hda/intel-sdw-acpi.c /linux-6.15/sound/pci/es1968.c /linux-6.15/sound/sh/Kconfig /linux-6.15/sound/usb/quirks.c /linux-6.15/tools/net/ynl/pyynl/ethtool.py /linux-6.15/tools/net/ynl/pyynl/ynl_gen_c.py /linux-6.15/tools/objtool/arch/x86/decode.c /linux-6.15/tools/testing/selftests/Makefile /linux-6.15/tools/testing/selftests/drivers/net/hw/ncdevmem.c /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/codel.json /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq.json /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_pie.json /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/hhf.json /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/pie.json /linux-6.15/tools/testing/selftests/x86/bugs/Makefile /linux-6.15/tools/testing/selftests/x86/bugs/common.py /linux-6.15/tools/testing/selftests/x86/bugs/its_indirect_alignment.py /linux-6.15/tools/testing/selftests/x86/bugs/its_permutations.py /linux-6.15/tools/testing/selftests/x86/bugs/its_ret_alignment.py /linux-6.15/tools/testing/selftests/x86/bugs/its_sysfs.py /linux-6.15/tools/testing/vsock/vsock_test.c /linux-6.15/usr/include/Makefile
e48f9d84	16-May-2025	Wang Zhaolong <[email protected]>	smb: client: Reset all search buffer pointers when releasing buffer Multiple pointers in struct cifs_search_info (ntwrk_buf_start, srch_entries_start, and last_entry) point to the same allocated buf smb: client: Reset all search buffer pointers when releasing buffer Multiple pointers in struct cifs_search_info (ntwrk_buf_start, srch_entries_start, and last_entry) point to the same allocated buffer. However, when freeing this buffer, only ntwrk_buf_start was set to NULL, while the other pointers remained pointing to freed memory. This is defensive programming to prevent potential issues with stale pointers. While the active UAF vulnerability is fixed by the previous patch, this change ensures consistent pointer state and more robust error handling. Signed-off-by: Wang Zhaolong <[email protected]> Cc: [email protected] Reviewed-by: Paulo Alcantara (Red Hat) <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... client/readdir.c
a7a8fe56	16-May-2025	Wang Zhaolong <[email protected]>	smb: client: Fix use-after-free in cifs_fill_dirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following smb: client: Fix use-after-free in cifs_fill_dirent There is a race condition in the readdir concurrency process, which may access the rsp buffer after it has been released, triggering the following KASAN warning. ================================================================== BUG: KASAN: slab-use-after-free in cifs_fill_dirent+0xb03/0xb60 [cifs] Read of size 4 at addr ffff8880099b819c by task a.out/342975 CPU: 2 UID: 0 PID: 342975 Comm: a.out Not tainted 6.15.0-rc6+ #240 PREEMPT(full) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014 Call Trace: <TASK> dump_stack_lvl+0x53/0x70 print_report+0xce/0x640 kasan_report+0xb8/0xf0 cifs_fill_dirent+0xb03/0xb60 [cifs] cifs_readdir+0x12cb/0x3190 [cifs] iterate_dir+0x1a1/0x520 __x64_sys_getdents+0x134/0x220 do_syscall_64+0x4b/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f996f64b9f9 Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0d f7 c3 0c 00 f7 d8 64 89 8 RSP: 002b:00007f996f53de78 EFLAGS: 00000207 ORIG_RAX: 000000000000004e RAX: ffffffffffffffda RBX: 00007f996f53ecdc RCX: 00007f996f64b9f9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007f996f53dea0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000207 R12: ffffffffffffff88 R13: 0000000000000000 R14: 00007ffc8cd9a500 R15: 00007f996f51e000 </TASK> Allocated by task 408: kasan_save_stack+0x20/0x40 kasan_save_track+0x14/0x30 __kasan_slab_alloc+0x6e/0x70 kmem_cache_alloc_noprof+0x117/0x3d0 mempool_alloc_noprof+0xf2/0x2c0 cifs_buf_get+0x36/0x80 [cifs] allocate_buffers+0x1d2/0x330 [cifs] cifs_demultiplex_thread+0x22b/0x2690 [cifs] kthread+0x394/0x720 ret_from_fork+0x34/0x70 ret_from_fork_asm+0x1a/0x30 Freed by task 342979: kasan_save_stack+0x20/0x40 kasan_save_track+0x14/0x30 kasan_save_free_info+0x3b/0x60 __kasan_slab_free+0x37/0x50 kmem_cache_free+0x2b8/0x500 cifs_buf_release+0x3c/0x70 [cifs] cifs_readdir+0x1c97/0x3190 [cifs] iterate_dir+0x1a1/0x520 __x64_sys_getdents64+0x134/0x220 do_syscall_64+0x4b/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e The buggy address belongs to the object at ffff8880099b8000 which belongs to the cache cifs_request of size 16588 The buggy address is located 412 bytes inside of freed 16588-byte region [ffff8880099b8000, ffff8880099bc0cc) The buggy address belongs to the physical page: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x99b8 head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 anon flags: 0x80000000000040(head\|node=0\|zone=1) page_type: f5(slab) raw: 0080000000000040 ffff888001e03400 0000000000000000 dead000000000001 raw: 0000000000000000 0000000000010001 00000000f5000000 0000000000000000 head: 0080000000000040 ffff888001e03400 0000000000000000 dead000000000001 head: 0000000000000000 0000000000010001 00000000f5000000 0000000000000000 head: 0080000000000003 ffffea0000266e01 00000000ffffffff 00000000ffffffff head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff8880099b8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff8880099b8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb >ffff8880099b8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff8880099b8200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff8880099b8280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ================================================================== POC is available in the link [1]. The problem triggering process is as follows: Process 1 Process 2 ----------------------------------------------------------------- cifs_readdir /* file->private_data == NULL / initiate_cifs_search cifsFile = kzalloc(sizeof(struct cifsFileInfo), GFP_KERNEL); smb2_query_dir_first ->query_dir_first() SMB2_query_directory SMB2_query_directory_init cifs_send_recv smb2_parse_query_directory srch_inf->ntwrk_buf_start = (char )rsp; srch_inf->srch_entries_start = (char )rsp + ... srch_inf->last_entry = (char )rsp + ... srch_inf->smallBuf = true; find_cifs_entry /* if (cfile->srch_inf.ntwrk_buf_start) / cifs_small_buf_release(cfile->srch_inf // free cifs_readdir ->iterate_shared() / file->private_data != NULL / find_cifs_entry / in while (...) loop / smb2_query_dir_next ->query_dir_next() SMB2_query_directory SMB2_query_directory_init cifs_send_recv compound_send_recv smb_send_rqst __smb_send_rqst rc = -ERESTARTSYS; / if (fatal_signal_pending()) / goto out; return rc / if (cfile->srch_inf.last_entry) / cifs_save_resume_key() cifs_fill_dirent // UAF / if (rc) */ return -ENOENT; Fix this by ensuring the return code is checked before using pointers from the srch_inf. Link: https://bugzilla.kernel.org/show_bug.cgi?id=220131 [1] Fixes: a364bc0b37f1 ("[CIFS] fix saving of resume key before CIFSFindNext") Cc: [email protected] Reviewed-by: Paulo Alcantara (Red Hat) <[email protected]> Signed-off-by: Wang Zhaolong <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... /linux-6.15/.mailmap /linux-6.15/Documentation/ABI/testing/sysfs-devices-system-cpu /linux-6.15/Documentation/ABI/testing/sysfs-driver-hid-appletb-kbd /linux-6.15/Documentation/admin-guide/hw-vuln/index.rst /linux-6.15/Documentation/admin-guide/hw-vuln/indirect-target-selection.rst /linux-6.15/Documentation/admin-guide/kernel-parameters.txt /linux-6.15/Documentation/kbuild/reproducible-builds.rst /linux-6.15/Documentation/netlink/specs/tc.yaml /linux-6.15/Documentation/networking/timestamping.rst /linux-6.15/MAINTAINERS /linux-6.15/Makefile /linux-6.15/arch/arm/boot/dts/amlogic/meson8.dtsi /linux-6.15/arch/arm/boot/dts/amlogic/meson8b.dtsi /linux-6.15/arch/arm64/boot/dts/amazon/alpine-v2.dtsi /linux-6.15/arch/arm64/boot/dts/amazon/alpine-v3.dtsi /linux-6.15/arch/arm64/boot/dts/amlogic/meson-g12-common.dtsi /linux-6.15/arch/arm64/boot/dts/amlogic/meson-g12b-dreambox.dtsi /linux-6.15/arch/arm64/boot/dts/amlogic/meson-gxbb.dtsi /linux-6.15/arch/arm64/boot/dts/amlogic/meson-gxl.dtsi /linux-6.15/arch/arm64/boot/dts/apple/t8103-j293.dts /linux-6.15/arch/arm64/boot/dts/apple/t8112-j493.dts /linux-6.15/arch/arm64/boot/dts/freescale/imx8mp-nominal.dtsi /linux-6.15/arch/arm64/boot/dts/freescale/imx8mp-var-som.dtsi /linux-6.15/arch/arm64/boot/dts/freescale/imx8mp.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/px30-engicam-common.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/px30-engicam-ctouch2.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/px30-engicam-px30-core-edimm2.2.dts /linux-6.15/arch/arm64/boot/dts/rockchip/rk3399-rock-pi-4.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/rk3566-bigtreetech-cb2.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/rk3568-qnap-ts433.dts /linux-6.15/arch/arm64/boot/dts/rockchip/rk3576-armsom-sige5.dts /linux-6.15/arch/arm64/boot/dts/rockchip/rk3588-friendlyelec-cm3588.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/rk3588-turing-rk1.dtsi /linux-6.15/arch/arm64/boot/dts/rockchip/rk3588j.dtsi /linux-6.15/arch/arm64/include/asm/cputype.h /linux-6.15/arch/arm64/include/asm/insn.h /linux-6.15/arch/arm64/include/asm/spectre.h /linux-6.15/arch/arm64/kernel/proton-pack.c /linux-6.15/arch/arm64/lib/insn.c /linux-6.15/arch/arm64/net/bpf_jit_comp.c /linux-6.15/arch/loongarch/include/asm/ptrace.h /linux-6.15/arch/loongarch/include/asm/uprobes.h /linux-6.15/arch/loongarch/kernel/genex.S /linux-6.15/arch/loongarch/kernel/kfpu.c /linux-6.15/arch/loongarch/kernel/time.c /linux-6.15/arch/loongarch/kernel/uprobes.c /linux-6.15/arch/loongarch/power/hibernate.c /linux-6.15/arch/riscv/boot/dts/sophgo/cv18xx.dtsi /linux-6.15/arch/um/Makefile /linux-6.15/arch/x86/Kconfig /linux-6.15/arch/x86/coco/sev/core.c /linux-6.15/arch/x86/entry/entry_64.S /linux-6.15/arch/x86/events/intel/ds.c /linux-6.15/arch/x86/include/asm/alternative.h /linux-6.15/arch/x86/include/asm/cpufeatures.h /linux-6.15/arch/x86/include/asm/msr-index.h /linux-6.15/arch/x86/include/asm/nospec-branch.h /linux-6.15/arch/x86/include/asm/sev-common.h /linux-6.15/arch/x86/kernel/alternative.c /linux-6.15/arch/x86/kernel/cpu/amd.c /linux-6.15/arch/x86/kernel/cpu/bugs.c /linux-6.15/arch/x86/kernel/cpu/common.c /linux-6.15/arch/x86/kernel/ftrace.c /linux-6.15/arch/x86/kernel/module.c /linux-6.15/arch/x86/kernel/static_call.c /linux-6.15/arch/x86/kernel/vmlinux.lds.S /linux-6.15/arch/x86/kvm/x86.c /linux-6.15/arch/x86/lib/retpoline.S /linux-6.15/arch/x86/mm/init_32.c /linux-6.15/arch/x86/mm/init_64.c /linux-6.15/arch/x86/net/bpf_jit_comp.c /linux-6.15/block/bio-integrity-auto.c /linux-6.15/block/bio.c /linux-6.15/drivers/accel/ivpu/ivpu_debugfs.c /linux-6.15/drivers/acpi/pptt.c /linux-6.15/drivers/base/cpu.c /linux-6.15/drivers/block/ublk_drv.c /linux-6.15/drivers/char/tpm/tpm-buf.c /linux-6.15/drivers/char/tpm/tpm2-sessions.c /linux-6.15/drivers/char/tpm/tpm_tis_core.h /linux-6.15/drivers/dma-buf/dma-resv.c /linux-6.15/drivers/dma/amd/ptdma/ptdma-dmaengine.c /linux-6.15/drivers/dma/dmatest.c /linux-6.15/drivers/dma/fsl-edma-main.c /linux-6.15/drivers/dma/idxd/cdev.c /linux-6.15/drivers/dma/idxd/init.c /linux-6.15/drivers/dma/mediatek/mtk-cqdma.c /linux-6.15/drivers/dma/ti/k3-udma.c /linux-6.15/drivers/gpio/gpio-pca953x.c /linux-6.15/drivers/gpio/gpio-virtuser.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu_csa.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/vcn_v4_0_5.c /linux-6.15/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c /linux-6.15/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c /linux-6.15/drivers/gpu/drm/amd/display/dc/core/dc.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dml/dcn35/dcn35_fpu.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dml2/dml21/dml21_translation_helper.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dpp/dcn401/dcn401_dpp_cm.c /linux-6.15/drivers/gpu/drm/amd/display/dc/hwss/dcn401/dcn401_hwseq.c /linux-6.15/drivers/gpu/drm/amd/display/dc/link/link_dpms.c /linux-6.15/drivers/gpu/drm/drm_gpusvm.c /linux-6.15/drivers/gpu/drm/meson/meson_encoder_hdmi.c /linux-6.15/drivers/gpu/drm/tiny/panel-mipi-dbi.c /linux-6.15/drivers/gpu/drm/xe/instructions/xe_mi_commands.h /linux-6.15/drivers/gpu/drm/xe/regs/xe_engine_regs.h /linux-6.15/drivers/gpu/drm/xe/regs/xe_gt_regs.h /linux-6.15/drivers/gpu/drm/xe/regs/xe_lrc_layout.h /linux-6.15/drivers/gpu/drm/xe/xe_device_types.h /linux-6.15/drivers/gpu/drm/xe/xe_exec_queue.c /linux-6.15/drivers/gpu/drm/xe/xe_guc_submit.c /linux-6.15/drivers/gpu/drm/xe/xe_lrc.c /linux-6.15/drivers/gpu/drm/xe/xe_lrc.h /linux-6.15/drivers/gpu/drm/xe/xe_lrc_types.h /linux-6.15/drivers/gpu/drm/xe/xe_module.c /linux-6.15/drivers/gpu/drm/xe/xe_module.h /linux-6.15/drivers/gpu/drm/xe/xe_pci.c /linux-6.15/drivers/gpu/drm/xe/xe_pci_types.h /linux-6.15/drivers/gpu/drm/xe/xe_pt.c /linux-6.15/drivers/gpu/drm/xe/xe_ring_ops.c /linux-6.15/drivers/gpu/drm/xe/xe_shrinker.c /linux-6.15/drivers/gpu/drm/xe/xe_svm.c /linux-6.15/drivers/gpu/drm/xe/xe_svm.h /linux-6.15/drivers/gpu/drm/xe/xe_trace_lrc.h /linux-6.15/drivers/gpu/drm/xe/xe_wa.c /linux-6.15/drivers/hid/amd-sfh-hid/sfh1_1/amd_sfh_init.c /linux-6.15/drivers/hid/bpf/hid_bpf_dispatch.c /linux-6.15/drivers/hid/bpf/progs/XPPen__ACK05.bpf.c /linux-6.15/drivers/hid/hid-ids.h /linux-6.15/drivers/hid/hid-quirks.c /linux-6.15/drivers/hid/hid-steam.c /linux-6.15/drivers/hid/hid-thrustmaster.c /linux-6.15/drivers/hid/hid-uclogic-core.c /linux-6.15/drivers/hid/wacom_sys.c /linux-6.15/drivers/hv/channel.c /linux-6.15/drivers/i2c/busses/i2c-designware-pcidrv.c /linux-6.15/drivers/infiniband/core/device.c /linux-6.15/drivers/infiniband/hw/irdma/main.c /linux-6.15/drivers/infiniband/hw/irdma/verbs.c /linux-6.15/drivers/infiniband/sw/rxe/rxe_cq.c /linux-6.15/drivers/irqchip/irq-gic-v2m.c /linux-6.15/drivers/irqchip/irq-gic-v3-its-msi-parent.c /linux-6.15/drivers/irqchip/irq-gic-v3-mbi.c /linux-6.15/drivers/irqchip/irq-mvebu-gicp.c /linux-6.15/drivers/irqchip/irq-mvebu-odmi.c /linux-6.15/drivers/irqchip/irq-riscv-imsic-state.c /linux-6.15/drivers/net/dsa/b53/b53_common.c /linux-6.15/drivers/net/dsa/b53/b53_regs.h /linux-6.15/drivers/net/dsa/microchip/ksz_common.c /linux-6.15/drivers/net/dsa/sja1105/sja1105_main.c /linux-6.15/drivers/net/ethernet/broadcom/bnxt/bnxt.c /linux-6.15/drivers/net/ethernet/cadence/macb_main.c /linux-6.15/drivers/net/ethernet/engleder/tsnep_main.c /linux-6.15/drivers/net/ethernet/marvell/octeontx2/af/cgx.c /linux-6.15/drivers/net/ethernet/marvell/octeontx2/nic/cn10k_macsec.c /linux-6.15/drivers/net/ethernet/marvell/octeontx2/nic/otx2_common.h /linux-6.15/drivers/net/ethernet/marvell/octeontx2/nic/otx2_devlink.c /linux-6.15/drivers/net/ethernet/marvell/octeontx2/nic/otx2_ethtool.c /linux-6.15/drivers/net/ethernet/marvell/octeontx2/nic/otx2_flows.c /linux-6.15/drivers/net/ethernet/mediatek/mtk_eth_soc.c /linux-6.15/drivers/net/ethernet/mellanox/mlx5/core/en_main.c /linux-6.15/drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c /linux-6.15/drivers/net/ethernet/qlogic/qede/qede_main.c /linux-6.15/drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c /linux-6.15/drivers/net/ethernet/wangxun/libwx/wx_hw.c /linux-6.15/drivers/net/ethernet/wangxun/txgbe/txgbe_hw.c /linux-6.15/drivers/net/ethernet/wangxun/txgbe/txgbe_type.h /linux-6.15/drivers/net/hyperv/hyperv_net.h /linux-6.15/drivers/net/hyperv/netvsc.c /linux-6.15/drivers/net/hyperv/netvsc_drv.c /linux-6.15/drivers/net/hyperv/rndis_filter.c /linux-6.15/drivers/net/phy/micrel.c /linux-6.15/drivers/net/wireless/mediatek/mt76/dma.c /linux-6.15/drivers/net/wireless/mediatek/mt76/mt7925/mcu.c /linux-6.15/drivers/nvme/host/core.c /linux-6.15/drivers/nvme/host/multipath.c /linux-6.15/drivers/nvme/host/nvme.h /linux-6.15/drivers/nvme/host/pci.c /linux-6.15/drivers/nvme/target/pci-epf.c /linux-6.15/drivers/phy/phy-can-transceiver.c /linux-6.15/drivers/phy/qualcomm/phy-qcom-qmp-ufs.c /linux-6.15/drivers/phy/renesas/phy-rcar-gen3-usb2.c /linux-6.15/drivers/phy/rockchip/phy-rockchip-samsung-dcphy.c /linux-6.15/drivers/phy/rockchip/phy-rockchip-samsung-hdptx.c /linux-6.15/drivers/phy/starfive/phy-jh7110-usb.c /linux-6.15/drivers/phy/tegra/xusb-tegra186.c /linux-6.15/drivers/phy/tegra/xusb.c /linux-6.15/drivers/platform/x86/amd/hsmp/acpi.c /linux-6.15/drivers/platform/x86/amd/hsmp/hsmp.h /linux-6.15/drivers/platform/x86/amd/hsmp/plat.c /linux-6.15/drivers/platform/x86/amd/pmc/pmc-quirks.c /linux-6.15/drivers/platform/x86/amd/pmf/tee-if.c /linux-6.15/drivers/platform/x86/asus-wmi.c /linux-6.15/drivers/platform/x86/thinkpad_acpi.c /linux-6.15/drivers/regulator/max20086-regulator.c /linux-6.15/drivers/scsi/sd_zbc.c /linux-6.15/drivers/scsi/storvsc_drv.c /linux-6.15/drivers/soundwire/bus.c /linux-6.15/drivers/spi/spi-loopback-test.c /linux-6.15/drivers/spi/spi-sun4i.c /linux-6.15/drivers/spi/spi-tegra114.c /linux-6.15/drivers/usb/gadget/function/f_midi2.c /linux-6.15/fs/bcachefs/backpointers.c /linux-6.15/fs/bcachefs/btree_cache.c /linux-6.15/fs/bcachefs/btree_iter.c /linux-6.15/fs/bcachefs/disk_accounting.c /linux-6.15/fs/bcachefs/disk_accounting.h /linux-6.15/fs/bcachefs/fs.c /linux-6.15/fs/bcachefs/fsck.c /linux-6.15/fs/bcachefs/journal_reclaim.c /linux-6.15/fs/bcachefs/rebalance.c /linux-6.15/fs/binfmt_elf.c /linux-6.15/fs/btrfs/discard.c /linux-6.15/fs/btrfs/fs.h /linux-6.15/fs/btrfs/inode.c /linux-6.15/fs/btrfs/super.c /linux-6.15/fs/buffer.c /linux-6.15/fs/eventpoll.c /linux-6.15/fs/nfs/client.c /linux-6.15/fs/nfs/dir.c /linux-6.15/fs/nfs/direct.c /linux-6.15/fs/nfs/filelayout/filelayoutdev.c /linux-6.15/fs/nfs/flexfilelayout/flexfilelayout.c /linux-6.15/fs/nfs/flexfilelayout/flexfilelayoutdev.c /linux-6.15/fs/nfs/localio.c /linux-6.15/fs/nfs/netns.h /linux-6.15/fs/nfs/nfs3acl.c /linux-6.15/fs/nfs/nfs4proc.c /linux-6.15/fs/nfs/nfs4trace.h /linux-6.15/fs/nfs/pnfs.c /linux-6.15/fs/nfs/pnfs.h /linux-6.15/fs/nfs/pnfs_nfs.c client/readdir.c /linux-6.15/fs/udf/truncate.c /linux-6.15/fs/xattr.c /linux-6.15/fs/xfs/xfs_super.c /linux-6.15/fs/xfs/xfs_trans_ail.c /linux-6.15/fs/xfs/xfs_zone_gc.c /linux-6.15/include/drm/drm_gpusvm.h /linux-6.15/include/linux/bio.h /linux-6.15/include/linux/cpu.h /linux-6.15/include/linux/execmem.h /linux-6.15/include/linux/hyperv.h /linux-6.15/include/linux/micrel_phy.h /linux-6.15/include/linux/module.h /linux-6.15/include/linux/nfs_fs_sb.h /linux-6.15/include/linux/pgalloc_tag.h /linux-6.15/include/linux/soundwire/sdw_intel.h /linux-6.15/include/linux/tpm.h /linux-6.15/include/net/bluetooth/hci_core.h /linux-6.15/include/net/sch_generic.h /linux-6.15/include/sound/ump_msg.h /linux-6.15/init/Kconfig /linux-6.15/io_uring/fdinfo.c /linux-6.15/io_uring/memmap.c /linux-6.15/io_uring/uring_cmd.c /linux-6.15/kernel/cgroup/cpuset.c /linux-6.15/kernel/fork.c /linux-6.15/kernel/module/Kconfig /linux-6.15/kernel/sched/ext.c /linux-6.15/kernel/sched/ext_idle.c /linux-6.15/kernel/trace/fprobe.c /linux-6.15/kernel/trace/ring_buffer.c /linux-6.15/kernel/trace/trace_dynevent.c /linux-6.15/kernel/trace/trace_dynevent.h /linux-6.15/kernel/trace/trace_eprobe.c /linux-6.15/kernel/trace/trace_events_trigger.c /linux-6.15/kernel/trace/trace_functions.c /linux-6.15/kernel/trace/trace_kprobe.c /linux-6.15/kernel/trace/trace_probe.c /linux-6.15/kernel/trace/trace_uprobe.c /linux-6.15/mm/execmem.c /linux-6.15/mm/hugetlb.c /linux-6.15/mm/internal.h /linux-6.15/mm/memory.c /linux-6.15/mm/mm_init.c /linux-6.15/mm/page_alloc.c /linux-6.15/mm/swapfile.c /linux-6.15/mm/userfaultfd.c /linux-6.15/mm/zsmalloc.c /linux-6.15/net/batman-adv/hard-interface.c /linux-6.15/net/bluetooth/hci_conn.c /linux-6.15/net/bluetooth/hci_event.c /linux-6.15/net/bluetooth/mgmt.c /linux-6.15/net/core/dev.c /linux-6.15/net/core/devmem.c /linux-6.15/net/core/devmem.h /linux-6.15/net/core/netdev-genl.c /linux-6.15/net/mac80211/main.c /linux-6.15/net/mctp/device.c /linux-6.15/net/mctp/route.c /linux-6.15/net/sched/sch_codel.c /linux-6.15/net/sched/sch_fq.c /linux-6.15/net/sched/sch_fq_codel.c /linux-6.15/net/sched/sch_fq_pie.c /linux-6.15/net/sched/sch_hhf.c /linux-6.15/net/sched/sch_pie.c /linux-6.15/net/tls/tls_strp.c /linux-6.15/samples/ftrace/sample-trace-array.c /linux-6.15/scripts/Makefile.extrawarn /linux-6.15/scripts/Makefile.vmlinux /linux-6.15/scripts/Makefile.vmlinux_o /linux-6.15/scripts/package/kernel.spec /linux-6.15/scripts/package/mkdebian /linux-6.15/security/landlock/audit.c /linux-6.15/security/landlock/id.c /linux-6.15/security/landlock/syscalls.c /linux-6.15/sound/core/seq/seq_clientmgr.c /linux-6.15/sound/core/seq/seq_ump_convert.c /linux-6.15/sound/core/seq/seq_ump_convert.h /linux-6.15/sound/hda/intel-sdw-acpi.c /linux-6.15/sound/pci/es1968.c /linux-6.15/sound/sh/Kconfig /linux-6.15/sound/usb/quirks.c /linux-6.15/tools/net/ynl/pyynl/ethtool.py /linux-6.15/tools/net/ynl/pyynl/ynl_gen_c.py /linux-6.15/tools/objtool/arch/x86/decode.c /linux-6.15/tools/testing/selftests/Makefile /linux-6.15/tools/testing/selftests/drivers/net/hw/ncdevmem.c /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/codel.json /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq.json /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_codel.json /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/fq_pie.json /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/hhf.json /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/qdiscs/pie.json /linux-6.15/tools/testing/selftests/x86/bugs/Makefile /linux-6.15/tools/testing/selftests/x86/bugs/common.py /linux-6.15/tools/testing/selftests/x86/bugs/its_indirect_alignment.py /linux-6.15/tools/testing/selftests/x86/bugs/its_permutations.py /linux-6.15/tools/testing/selftests/x86/bugs/its_ret_alignment.py /linux-6.15/tools/testing/selftests/x86/bugs/its_sysfs.py /linux-6.15/tools/testing/vsock/vsock_test.c /linux-6.15/usr/include/Makefile
3965c237	12-May-2025	Paulo Alcantara <[email protected]>	smb: client: fix zero rsize error messages cifs_prepare_read() might be called with a disconnected channel, where TCP_Server_Info::max_read is set to zero due to reconnect, so calling ->negotiate_ri smb: client: fix zero rsize error messages cifs_prepare_read() might be called with a disconnected channel, where TCP_Server_Info::max_read is set to zero due to reconnect, so calling ->negotiate_rize() will set @rsize to default min IO size (64KiB) and then logging CIFS: VFS: SMB: Zero rsize calculated, using minimum value 65536 If the reconnect happens in cifsd thread, cifs_renegotiate_iosize() will end up being called and then @rsize set to the expected value. Since we can't rely on the value of @server->max_read by the time we call cifs_prepare_read(), try to ->negotiate_rize() only if @cifs_sb->ctx->rsize is zero. Reported-by: Steve French <[email protected]> Fixes: c59f7c9661b9 ("smb: client: ensure aligned IO sizes") Signed-off-by: Paulo Alcantara (Red Hat) <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... client/file.c
1fe4a44b	14-May-2025	Jethro Donaldson <[email protected]>	smb: client: fix memory leak during error handling for POSIX mkdir The response buffer for the CREATE request handled by smb311_posix_mkdir() is leaked on the error path (goto err_free_rsp_buf) beca smb: client: fix memory leak during error handling for POSIX mkdir The response buffer for the CREATE request handled by smb311_posix_mkdir() is leaked on the error path (goto err_free_rsp_buf) because the structure pointer rsp passed to free_rsp_buf() is not assigned until after* the error condition is checked. As rsp is initialised to NULL, free_rsp_buf() becomes a no-op and the leak is instead reported by __kmem_cache_shutdown() upon subsequent rmmod of cifs.ko if (and only if) the error path has been hit. Pass rsp_iov.iov_base to free_rsp_buf() instead, similar to the code in other functions in smb2pdu.c for which rsp is assigned late. Cc: [email protected] Signed-off-by: Jethro Donaldson <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... /linux-6.15/.mailmap /linux-6.15/Documentation/devicetree/bindings/input/mediatek,mt6779-keypad.yaml /linux-6.15/MAINTAINERS /linux-6.15/Makefile /linux-6.15/arch/arm64/include/asm/el2_setup.h /linux-6.15/arch/arm64/include/asm/kvm_arm.h /linux-6.15/arch/arm64/include/asm/vdso/gettimeofday.h /linux-6.15/arch/arm64/kvm/hyp/include/hyp/switch.h /linux-6.15/arch/arm64/kvm/hyp/nvhe/mem_protect.c /linux-6.15/arch/arm64/kvm/hyp/vgic-v3-sr.c /linux-6.15/arch/arm64/kvm/mmu.c /linux-6.15/arch/arm64/kvm/sys_regs.c /linux-6.15/arch/mips/include/asm/idle.h /linux-6.15/arch/mips/include/asm/ptrace.h /linux-6.15/arch/mips/kernel/genex.S /linux-6.15/arch/mips/kernel/idle.c /linux-6.15/arch/mips/kernel/smp-cps.c /linux-6.15/arch/mips/kernel/traps.c /linux-6.15/arch/riscv/kvm/vcpu.c /linux-6.15/arch/x86/include/asm/microcode.h /linux-6.15/arch/x86/kernel/cpu/microcode/amd.c /linux-6.15/arch/x86/kernel/cpu/microcode/core.c /linux-6.15/arch/x86/kernel/cpu/microcode/intel.c /linux-6.15/arch/x86/kernel/cpu/microcode/internal.h /linux-6.15/arch/x86/kernel/head32.c /linux-6.15/arch/x86/kernel/vmlinux.lds.S /linux-6.15/arch/x86/kvm/mmu.h /linux-6.15/arch/x86/kvm/mmu/mmu.c /linux-6.15/arch/x86/kvm/smm.c /linux-6.15/arch/x86/kvm/svm/sev.c /linux-6.15/arch/x86/kvm/svm/svm.c /linux-6.15/arch/x86/kvm/svm/svm.h /linux-6.15/arch/x86/kvm/x86.c /linux-6.15/drivers/base/platform.c /linux-6.15/drivers/clocksource/i8253.c /linux-6.15/drivers/hv/hyperv_vmbus.h /linux-6.15/drivers/hv/vmbus_drv.c /linux-6.15/drivers/i2c/busses/i2c-omap.c /linux-6.15/drivers/iio/accel/adis16201.c /linux-6.15/drivers/iio/accel/adxl355_core.c /linux-6.15/drivers/iio/accel/adxl367.c /linux-6.15/drivers/iio/accel/fxls8962af-core.c /linux-6.15/drivers/iio/adc/ad7266.c /linux-6.15/drivers/iio/adc/ad7380.c /linux-6.15/drivers/iio/adc/ad7606.c /linux-6.15/drivers/iio/adc/ad7606_spi.c /linux-6.15/drivers/iio/adc/ad7768-1.c /linux-6.15/drivers/iio/adc/dln2-adc.c /linux-6.15/drivers/iio/adc/qcom-spmi-iadc.c /linux-6.15/drivers/iio/adc/rockchip_saradc.c /linux-6.15/drivers/iio/chemical/pms7003.c /linux-6.15/drivers/iio/chemical/sps30.c /linux-6.15/drivers/iio/common/hid-sensors/hid-sensor-attributes.c /linux-6.15/drivers/iio/imu/adis16550.c /linux-6.15/drivers/iio/imu/bmi270/bmi270_core.c /linux-6.15/drivers/iio/imu/inv_mpu6050/inv_mpu_ring.c /linux-6.15/drivers/iio/imu/st_lsm6dsx/st_lsm6dsx_buffer.c /linux-6.15/drivers/iio/imu/st_lsm6dsx/st_lsm6dsx_core.c /linux-6.15/drivers/iio/light/hid-sensor-prox.c /linux-6.15/drivers/iio/light/opt3001.c /linux-6.15/drivers/iio/pressure/mprls0025pa.h /linux-6.15/drivers/iio/temperature/maxim_thermocouple.c /linux-6.15/drivers/input/joystick/magellan.c /linux-6.15/drivers/input/joystick/xpad.c /linux-6.15/drivers/input/keyboard/mtk-pmic-keys.c /linux-6.15/drivers/input/misc/hisi_powerkey.c /linux-6.15/drivers/input/misc/sparcspkr.c /linux-6.15/drivers/input/mouse/synaptics.c /linux-6.15/drivers/input/touchscreen/cyttsp5.c /linux-6.15/drivers/input/touchscreen/stmpe-ts.c /linux-6.15/drivers/staging/axis-fifo/axis-fifo.c /linux-6.15/drivers/staging/iio/adc/ad7816.c /linux-6.15/drivers/staging/vc04_services/bcm2835-camera/bcm2835-camera.c /linux-6.15/drivers/uio/uio_hv_generic.c /linux-6.15/drivers/usb/cdns3/cdnsp-gadget.c /linux-6.15/drivers/usb/cdns3/cdnsp-gadget.h /linux-6.15/drivers/usb/cdns3/cdnsp-pci.c /linux-6.15/drivers/usb/cdns3/cdnsp-ring.c /linux-6.15/drivers/usb/cdns3/core.h /linux-6.15/drivers/usb/class/usbtmc.c /linux-6.15/drivers/usb/dwc3/core.h /linux-6.15/drivers/usb/dwc3/gadget.c /linux-6.15/drivers/usb/gadget/composite.c /linux-6.15/drivers/usb/gadget/function/f_ecm.c /linux-6.15/drivers/usb/gadget/udc/tegra-xudc.c /linux-6.15/drivers/usb/host/uhci-platform.c /linux-6.15/drivers/usb/host/xhci-dbgcap.c /linux-6.15/drivers/usb/host/xhci-dbgcap.h /linux-6.15/drivers/usb/host/xhci-ring.c /linux-6.15/drivers/usb/host/xhci-tegra.c /linux-6.15/drivers/usb/misc/onboard_usb_dev.c /linux-6.15/drivers/usb/typec/tcpm/tcpm.c /linux-6.15/drivers/usb/typec/ucsi/displayport.c /linux-6.15/drivers/usb/typec/ucsi/ucsi.c /linux-6.15/drivers/usb/typec/ucsi/ucsi.h /linux-6.15/drivers/xen/swiotlb-xen.c /linux-6.15/drivers/xen/xenbus/xenbus.h /linux-6.15/drivers/xen/xenbus/xenbus_comms.c /linux-6.15/drivers/xen/xenbus/xenbus_dev_frontend.c /linux-6.15/drivers/xen/xenbus/xenbus_probe.c /linux-6.15/drivers/xen/xenbus/xenbus_xs.c /linux-6.15/fs/namespace.c /linux-6.15/fs/nilfs2/the_nilfs.c /linux-6.15/fs/ocfs2/alloc.c /linux-6.15/fs/ocfs2/journal.c /linux-6.15/fs/ocfs2/journal.h /linux-6.15/fs/ocfs2/ocfs2.h /linux-6.15/fs/ocfs2/quota_local.c /linux-6.15/fs/ocfs2/suballoc.c /linux-6.15/fs/ocfs2/suballoc.h /linux-6.15/fs/ocfs2/super.c /linux-6.15/fs/pnode.c /linux-6.15/fs/pnode.h client/smb2pdu.c /linux-6.15/fs/userfaultfd.c /linux-6.15/include/linux/hyperv.h /linux-6.15/include/linux/timekeeper_internal.h /linux-6.15/include/linux/vmalloc.h /linux-6.15/kernel/time/timekeeping.c /linux-6.15/kernel/time/vsyscall.c /linux-6.15/mm/huge_memory.c /linux-6.15/mm/hugetlb.c /linux-6.15/mm/internal.h /linux-6.15/mm/memblock.c /linux-6.15/mm/mm_init.c /linux-6.15/mm/swapfile.c /linux-6.15/mm/vmalloc.c /linux-6.15/tools/testing/selftests/kvm/arm64/set_id_regs.c /linux-6.15/tools/testing/selftests/mm/compaction_test.c /linux-6.15/tools/testing/selftests/mm/guard-regions.c /linux-6.15/tools/testing/selftests/mm/pkey-powerpc.h /linux-6.15/tools/testing/selftests/mm/pkey_util.c
3ca02e63	07-May-2025	Paul Aurich <[email protected]>	smb: client: Avoid race in open_cached_dir with lease breaks A pre-existing valid cfid returned from find_or_create_cached_dir might race with a lease break, meaning open_cached_dir doesn't consider smb: client: Avoid race in open_cached_dir with lease breaks A pre-existing valid cfid returned from find_or_create_cached_dir might race with a lease break, meaning open_cached_dir doesn't consider it valid, and thinks it's newly-constructed. This leaks a dentry reference if the allocation occurs before the queued lease break work runs. Avoid the race by extending holding the cfid_list_lock across find_or_create_cached_dir and when the result is checked. Cc: [email protected] Reviewed-by: Henrique Carvalho <[email protected]> Signed-off-by: Paul Aurich <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... client/cached_dir.c
d90b0237	04-May-2025	Steve French <[email protected]>	smb3 client: warn when parse contexts returns error on compounded operation Coverity noticed that the rc on smb2_parse_contexts() was not being checked in the case of compounded operations. Since w smb3 client: warn when parse contexts returns error on compounded operation Coverity noticed that the rc on smb2_parse_contexts() was not being checked in the case of compounded operations. Since we don't want to stop parsing the following compounded responses which are likely valid, we can't easily error out here, but at least print a warning message if server has a bug causing us to skip parsing the open response contexts. Addresses-Coverity: 1639191 Acked-by: Paulo Alcantara (Red Hat) <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... /linux-6.15/Documentation/devicetree/bindings/spi/snps,dw-apb-ssi.yaml /linux-6.15/MAINTAINERS /linux-6.15/Makefile /linux-6.15/arch/arm64/kernel/proton-pack.c /linux-6.15/arch/parisc/math-emu/driver.c /linux-6.15/arch/x86/boot/compressed/mem.c /linux-6.15/arch/x86/boot/compressed/sev.c /linux-6.15/arch/x86/boot/compressed/sev.h /linux-6.15/arch/x86/events/core.c /linux-6.15/arch/x86/events/intel/core.c /linux-6.15/arch/x86/events/intel/ds.c /linux-6.15/arch/x86/events/perf_event.h /linux-6.15/drivers/cpufreq/acpi-cpufreq.c /linux-6.15/drivers/cpufreq/cpufreq.c /linux-6.15/drivers/cpufreq/cpufreq_ondemand.c /linux-6.15/drivers/cpufreq/freq_table.c /linux-6.15/drivers/cpufreq/intel_pstate.c /linux-6.15/drivers/edac/altera_edac.c /linux-6.15/drivers/edac/altera_edac.h /linux-6.15/drivers/firmware/cirrus/Kconfig /linux-6.15/drivers/i2c/busses/i2c-imx-lpi2c.c /linux-6.15/drivers/irqchip/irq-qcom-mpm.c /linux-6.15/drivers/soundwire/intel_auxdevice.c /linux-6.15/drivers/spi/spi-mem.c /linux-6.15/drivers/spi/spi-qpic-snand.c /linux-6.15/drivers/spi/spi-stm32-ospi.c /linux-6.15/drivers/spi/spi-tegra114.c client/smb2inode.c /linux-6.15/include/linux/cpufreq.h /linux-6.15/include/sound/soc_sdw_utils.h /linux-6.15/include/sound/ump_convert.h /linux-6.15/kernel/irq/msi.c /linux-6.15/kernel/trace/ftrace.c /linux-6.15/kernel/trace/trace.c /linux-6.15/kernel/trace/trace_output.c /linux-6.15/sound/pci/hda/patch_realtek.c /linux-6.15/sound/soc/amd/acp/acp-i2s.c /linux-6.15/sound/soc/amd/acp/acp-legacy-common.c /linux-6.15/sound/soc/amd/acp/acp-rembrandt.c /linux-6.15/sound/soc/amd/acp/acp-renoir.c /linux-6.15/sound/soc/amd/acp/acp63.c /linux-6.15/sound/soc/amd/acp/acp70.c /linux-6.15/sound/soc/amd/ps/pci-ps.c /linux-6.15/sound/soc/codecs/Kconfig /linux-6.15/sound/soc/codecs/cs42l43-jack.c /linux-6.15/sound/soc/fsl/imx-card.c /linux-6.15/sound/soc/generic/simple-card-utils.c /linux-6.15/sound/soc/intel/boards/bytcr_rt5640.c /linux-6.15/sound/soc/intel/catpt/dsp.c /linux-6.15/sound/soc/intel/common/soc-acpi-intel-ptl-match.c /linux-6.15/sound/soc/renesas/rz-ssi.c /linux-6.15/sound/soc/sdw_utils/soc_sdw_bridge_cs35l56.c /linux-6.15/sound/soc/sdw_utils/soc_sdw_cs42l43.c /linux-6.15/sound/soc/sdw_utils/soc_sdw_cs_amp.c /linux-6.15/sound/soc/sdw_utils/soc_sdw_rt_dmic.c /linux-6.15/sound/soc/soc-pcm.c /linux-6.15/sound/soc/stm/stm32_sai_sub.c /linux-6.15/sound/usb/endpoint.c /linux-6.15/sound/usb/format.c /linux-6.15/sound/usb/midi.c /linux-6.15/tools/lib/perf/Makefile /linux-6.15/tools/perf/Makefile.config /linux-6.15/tools/testing/kunit/configs/all_tests.config
36991c1c	06-May-2025	Sean Heelan <[email protected]>	ksmbd: Fix UAF in __close_file_table_ids A use-after-free is possible if one thread destroys the file via __ksmbd_close_fd while another thread holds a reference to it. The existing checks on fp->re ksmbd: Fix UAF in __close_file_table_ids A use-after-free is possible if one thread destroys the file via __ksmbd_close_fd while another thread holds a reference to it. The existing checks on fp->refcount are not sufficient to prevent this. The fix takes ft->lock around the section which removes the file from the file table. This prevents two threads acquiring the same file pointer via __close_file_table_ids, as well as the other functions which retrieve a file from the IDR and which already use this same lock. Cc: [email protected] Signed-off-by: Sean Heelan <[email protected]> Acked-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/vfs_cache.c
0ca6df4f	01-May-2025	Norbert Szetei <[email protected]>	ksmbd: prevent out-of-bounds stream writes by validating pos ksmbd_vfs_stream_write() did not validate whether the write offset (pos) was within the bounds of the existing stream data length (v_le ksmbd: prevent out-of-bounds stream writes by validating pos ksmbd_vfs_stream_write() did not validate whether the write offset (pos) was within the bounds of the existing stream data length (v_len). If pos was greater than or equal to v_len, this could lead to an out-of-bounds memory write. This patch adds a check to ensure pos is less than v_len before proceeding. If the condition fails, -EINVAL is returned. Cc: [email protected] Signed-off-by: Norbert Szetei <[email protected]> Acked-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/vfs.c
eb4447bc	30-Apr-2025	Wang Zhaolong <[email protected]>	ksmbd: fix memory leak in parse_lease_state() The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the function returns NULL wit ksmbd: fix memory leak in parse_lease_state() The previous patch that added bounds check for create lease context introduced a memory leak. When the bounds check fails, the function returns NULL without freeing the previously allocated lease_ctx_info structure. This patch fixes the issue by adding kfree(lreq) before returning NULL in both boundary check cases. Fixes: bab703ed8472 ("ksmbd: add bounds check for create lease context") Signed-off-by: Wang Zhaolong <[email protected]> Acked-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/oplock.c
53e3e5ba	30-Apr-2025	Namjae Jeon <[email protected]>	ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from d_alloc. This patch return the error when attempting to rename a file o ksmbd: prevent rename with empty string Client can send empty newname string to ksmbd server. It will cause a kernel oops from d_alloc. This patch return the error when attempting to rename a file or directory with an empty new name string. Cc: [email protected] Reported-by: Norbert Szetei <[email protected]> Tested-by: Norbert Szetei <[email protected]> Signed-off-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... /linux-6.15/Documentation/admin-guide/xfs.rst /linux-6.15/Documentation/arch/openrisc/openrisc_port.rst /linux-6.15/Documentation/bpf/bpf_devel_QA.rst /linux-6.15/Documentation/devicetree/bindings/nvmem/layouts/fixed-cell.yaml /linux-6.15/Documentation/devicetree/bindings/nvmem/qcom,qfprom.yaml /linux-6.15/Documentation/devicetree/bindings/nvmem/rockchip,otp.yaml /linux-6.15/Documentation/translations/zh_CN/arch/openrisc/openrisc_port.rst /linux-6.15/Documentation/translations/zh_TW/arch/openrisc/openrisc_port.rst /linux-6.15/MAINTAINERS /linux-6.15/Makefile /linux-6.15/arch/arm64/include/asm/kvm_host.h /linux-6.15/arch/arm64/include/asm/mmu.h /linux-6.15/arch/arm64/kernel/cpu_errata.c /linux-6.15/arch/arm64/kernel/image-vars.h /linux-6.15/arch/arm64/kernel/pi/map_kernel.c /linux-6.15/arch/arm64/kvm/arm.c /linux-6.15/arch/loongarch/Kconfig /linux-6.15/arch/loongarch/include/asm/fpu.h /linux-6.15/arch/loongarch/include/asm/lbt.h /linux-6.15/arch/loongarch/include/asm/ptrace.h /linux-6.15/arch/loongarch/kernel/Makefile /linux-6.15/arch/loongarch/kernel/fpu.S /linux-6.15/arch/loongarch/kernel/lbt.S /linux-6.15/arch/loongarch/kernel/signal.c /linux-6.15/arch/loongarch/kernel/traps.c /linux-6.15/arch/loongarch/kvm/Makefile /linux-6.15/arch/loongarch/kvm/intc/ipi.c /linux-6.15/arch/loongarch/kvm/main.c /linux-6.15/arch/loongarch/kvm/vcpu.c /linux-6.15/arch/loongarch/mm/hugetlbpage.c /linux-6.15/arch/loongarch/mm/init.c /linux-6.15/arch/openrisc/include/asm/cacheflush.h /linux-6.15/arch/openrisc/include/asm/cpuinfo.h /linux-6.15/arch/openrisc/kernel/Makefile /linux-6.15/arch/openrisc/kernel/cacheinfo.c /linux-6.15/arch/openrisc/kernel/dma.c /linux-6.15/arch/openrisc/kernel/setup.c /linux-6.15/arch/openrisc/mm/cache.c /linux-6.15/arch/openrisc/mm/init.c /linux-6.15/arch/powerpc/boot/wrapper /linux-6.15/arch/powerpc/kernel/module_64.c /linux-6.15/arch/powerpc/mm/book3s64/radix_pgtable.c /linux-6.15/arch/powerpc/platforms/powernv/Kconfig /linux-6.15/arch/powerpc/platforms/pseries/Kconfig /linux-6.15/arch/riscv/include/asm/cacheflush.h /linux-6.15/arch/riscv/kernel/Makefile /linux-6.15/arch/riscv/kernel/probes/uprobes.c /linux-6.15/arch/x86/boot/Makefile /linux-6.15/arch/x86/events/core.c /linux-6.15/arch/x86/include/asm/kvm_host.h /linux-6.15/arch/x86/include/asm/pgalloc.h /linux-6.15/arch/x86/kernel/e820.c /linux-6.15/arch/x86/kernel/machine_kexec_32.c /linux-6.15/arch/x86/kvm/svm/avic.c /linux-6.15/arch/x86/kvm/trace.h /linux-6.15/arch/x86/kvm/vmx/posted_intr.c /linux-6.15/arch/x86/kvm/x86.c /linux-6.15/arch/x86/lib/x86-opcode-map.txt /linux-6.15/arch/x86/mm/pgtable.c /linux-6.15/arch/x86/platform/efi/efi_64.c /linux-6.15/block/bdev.c /linux-6.15/block/blk-cgroup.c /linux-6.15/block/blk-settings.c /linux-6.15/block/blk-zoned.c /linux-6.15/block/blk.h /linux-6.15/block/fops.c /linux-6.15/block/ioctl.c /linux-6.15/crypto/scompress.c /linux-6.15/crypto/testmgr.c /linux-6.15/drivers/acpi/tables.c /linux-6.15/drivers/android/binder.c /linux-6.15/drivers/ata/libata-scsi.c /linux-6.15/drivers/base/auxiliary.c /linux-6.15/drivers/base/base.h /linux-6.15/drivers/base/bus.c /linux-6.15/drivers/base/core.c /linux-6.15/drivers/base/dd.c /linux-6.15/drivers/base/devtmpfs.c /linux-6.15/drivers/base/memory.c /linux-6.15/drivers/base/swnode.c /linux-6.15/drivers/block/ublk_drv.c /linux-6.15/drivers/char/misc.c /linux-6.15/drivers/char/virtio_console.c /linux-6.15/drivers/comedi/drivers/jr3_pci.c /linux-6.15/drivers/cpufreq/Kconfig.arm /linux-6.15/drivers/cpufreq/apple-soc-cpufreq.c /linux-6.15/drivers/cpufreq/cppc_cpufreq.c /linux-6.15/drivers/cpufreq/cpufreq-dt-platdev.c /linux-6.15/drivers/cpufreq/scmi-cpufreq.c /linux-6.15/drivers/cpufreq/scpi-cpufreq.c /linux-6.15/drivers/cpufreq/sun50i-cpufreq-nvmem.c /linux-6.15/drivers/crypto/atmel-sha204a.c /linux-6.15/drivers/cxl/core/core.h /linux-6.15/drivers/cxl/core/features.c /linux-6.15/drivers/cxl/core/pci.c /linux-6.15/drivers/cxl/core/port.c /linux-6.15/drivers/cxl/core/regs.c /linux-6.15/drivers/cxl/cxl.h /linux-6.15/drivers/cxl/pci.c /linux-6.15/drivers/cxl/pmem.c /linux-6.15/drivers/firmware/stratix10-svc.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c /linux-6.15/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c /linux-6.15/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dml/dcn35/dcn35_fpu.c /linux-6.15/drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training_8b_10b.c /linux-6.15/drivers/gpu/drm/exynos/exynos7_drm_decon.c /linux-6.15/drivers/gpu/drm/exynos/exynos_drm_drv.c /linux-6.15/drivers/gpu/drm/exynos/exynos_drm_fimc.c /linux-6.15/drivers/gpu/drm/exynos/exynos_drm_fimd.c /linux-6.15/drivers/gpu/drm/exynos/exynos_drm_vidi.c /linux-6.15/drivers/gpu/drm/meson/meson_drv.c /linux-6.15/drivers/gpu/drm/meson/meson_drv.h /linux-6.15/drivers/gpu/drm/meson/meson_encoder_hdmi.c /linux-6.15/drivers/gpu/drm/meson/meson_vclk.c /linux-6.15/drivers/gpu/drm/meson/meson_vclk.h /linux-6.15/drivers/gpu/drm/panel/panel-jadard-jd9365da-h3.c /linux-6.15/drivers/gpu/drm/virtio/virtgpu_drv.c /linux-6.15/drivers/hv/hv_common.c /linux-6.15/drivers/hwtracing/intel_th/Kconfig /linux-6.15/drivers/hwtracing/intel_th/msu.c /linux-6.15/drivers/iommu/amd/iommu.c /linux-6.15/drivers/irqchip/irq-gic-v2m.c /linux-6.15/drivers/mcb/mcb-parse.c /linux-6.15/drivers/md/dm-bufio.c /linux-6.15/drivers/md/dm-integrity.c /linux-6.15/drivers/md/dm-table.c /linux-6.15/drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gpio.c /linux-6.15/drivers/misc/mei/hw-me-regs.h /linux-6.15/drivers/misc/mei/pci-me.c /linux-6.15/drivers/misc/mei/vsc-tp.c /linux-6.15/drivers/misc/pci_endpoint_test.c /linux-6.15/drivers/net/dsa/mt7530.c /linux-6.15/drivers/net/ethernet/amd/pds_core/adminq.c /linux-6.15/drivers/net/ethernet/amd/pds_core/auxbus.c /linux-6.15/drivers/net/ethernet/amd/pds_core/core.c /linux-6.15/drivers/net/ethernet/amd/pds_core/core.h /linux-6.15/drivers/net/ethernet/amd/pds_core/devlink.c /linux-6.15/drivers/net/ethernet/freescale/enetc/enetc.c /linux-6.15/drivers/net/ethernet/mediatek/mtk_eth_soc.c /linux-6.15/drivers/net/ethernet/mediatek/mtk_eth_soc.h /linux-6.15/drivers/net/ethernet/mellanox/mlx5/core/lib/fs_ttc.c /linux-6.15/drivers/net/ethernet/stmicro/stmmac/dwmac1000.h /linux-6.15/drivers/net/ethernet/stmicro/stmmac/dwmac1000_core.c /linux-6.15/drivers/net/ethernet/stmicro/stmmac/stmmac_hwtstamp.c /linux-6.15/drivers/net/phy/dp83822.c /linux-6.15/drivers/net/phy/microchip.c /linux-6.15/drivers/net/phy/phy_led_triggers.c /linux-6.15/drivers/net/phy/phylink.c /linux-6.15/drivers/net/virtio_net.c /linux-6.15/drivers/net/xen-netfront.c /linux-6.15/drivers/nvme/target/core.c /linux-6.15/drivers/nvmem/core.c /linux-6.15/drivers/nvmem/qfprom.c /linux-6.15/drivers/nvmem/rockchip-otp.c /linux-6.15/drivers/pci/setup-bus.c /linux-6.15/drivers/pps/generators/pps_gen_tio.c /linux-6.15/drivers/scsi/mpi3mr/mpi3mr_fw.c /linux-6.15/drivers/scsi/scsi.c /linux-6.15/drivers/scsi/scsi_lib.c /linux-6.15/drivers/target/iscsi/iscsi_target.c /linux-6.15/drivers/tty/serial/msm_serial.c /linux-6.15/drivers/tty/serial/sifive.c /linux-6.15/drivers/tty/vt/selection.c /linux-6.15/drivers/ufs/core/ufs-mcq.c /linux-6.15/drivers/ufs/core/ufshcd.c /linux-6.15/drivers/ufs/host/ufs-qcom.c /linux-6.15/drivers/ufs/host/ufs-qcom.h /linux-6.15/drivers/usb/cdns3/cdns3-gadget.c /linux-6.15/drivers/usb/chipidea/ci_hdrc_imx.c /linux-6.15/drivers/usb/class/cdc-wdm.c /linux-6.15/drivers/usb/core/quirks.c /linux-6.15/drivers/usb/dwc3/dwc3-xilinx.c /linux-6.15/drivers/usb/dwc3/gadget.c /linux-6.15/drivers/usb/host/ohci-pci.c /linux-6.15/drivers/usb/host/xhci-hub.c /linux-6.15/drivers/usb/host/xhci-ring.c /linux-6.15/drivers/usb/host/xhci.c /linux-6.15/drivers/usb/host/xhci.h /linux-6.15/drivers/usb/serial/ftdi_sio.c /linux-6.15/drivers/usb/serial/ftdi_sio_ids.h /linux-6.15/drivers/usb/serial/option.c /linux-6.15/drivers/usb/serial/usb-serial-simple.c /linux-6.15/drivers/usb/storage/unusual_uas.h /linux-6.15/drivers/usb/typec/class.c /linux-6.15/drivers/usb/typec/class.h /linux-6.15/drivers/vhost/scsi.c /linux-6.15/drivers/virtio/virtio.c /linux-6.15/drivers/virtio/virtio_pci_modern.c /linux-6.15/drivers/virtio/virtio_ring.c /linux-6.15/fs/bcachefs/alloc_foreground.c /linux-6.15/fs/bcachefs/alloc_foreground.h /linux-6.15/fs/bcachefs/bcachefs_format.h /linux-6.15/fs/bcachefs/bkey_methods.c /linux-6.15/fs/bcachefs/btree_iter.c /linux-6.15/fs/bcachefs/dirent.c /linux-6.15/fs/bcachefs/dirent.h /linux-6.15/fs/bcachefs/error.c /linux-6.15/fs/bcachefs/error.h /linux-6.15/fs/bcachefs/fs-ioctl.c /linux-6.15/fs/bcachefs/fs-ioctl.h /linux-6.15/fs/bcachefs/fs.c /linux-6.15/fs/bcachefs/inode.h /linux-6.15/fs/bcachefs/inode_format.h /linux-6.15/fs/bcachefs/journal.c /linux-6.15/fs/bcachefs/journal.h /linux-6.15/fs/bcachefs/journal_reclaim.c /linux-6.15/fs/bcachefs/movinggc.c /linux-6.15/fs/bcachefs/movinggc.h /linux-6.15/fs/bcachefs/namei.c /linux-6.15/fs/bcachefs/opts.h /linux-6.15/fs/bcachefs/rebalance.c /linux-6.15/fs/bcachefs/rebalance.h /linux-6.15/fs/bcachefs/recovery.c /linux-6.15/fs/bcachefs/recovery_passes.c /linux-6.15/fs/bcachefs/snapshot.c /linux-6.15/fs/bcachefs/str_hash.h /linux-6.15/fs/bcachefs/super-io.c /linux-6.15/fs/bcachefs/super.c /linux-6.15/fs/bcachefs/sysfs.c /linux-6.15/fs/bcachefs/tests.c /linux-6.15/fs/bcachefs/util.h /linux-6.15/fs/btrfs/file.c /linux-6.15/fs/btrfs/relocation.c /linux-6.15/fs/btrfs/subpage.c /linux-6.15/fs/btrfs/tree-checker.c /linux-6.15/fs/btrfs/zoned.c /linux-6.15/fs/buffer.c /linux-6.15/fs/ceph/inode.c /linux-6.15/fs/ext4/ialloc.c /linux-6.15/fs/ext4/mballoc.c /linux-6.15/fs/file.c /linux-6.15/fs/jbd2/revoke.c /linux-6.15/fs/namespace.c /linux-6.15/fs/ocfs2/journal.c server/smb2pdu.c /linux-6.15/fs/splice.c /linux-6.15/fs/xattr.c /linux-6.15/fs/xfs/xfs_zone_gc.c /linux-6.15/include/cxl/features.h /linux-6.15/include/linux/blkdev.h /linux-6.15/include/linux/buffer_head.h /linux-6.15/include/linux/ceph/osd_client.h /linux-6.15/include/linux/dma-mapping.h /linux-6.15/include/linux/file_ref.h /linux-6.15/include/linux/fwnode.h /linux-6.15/include/linux/local_lock_internal.h /linux-6.15/include/linux/phylink.h /linux-6.15/include/linux/virtio.h /linux-6.15/include/uapi/linux/landlock.h /linux-6.15/include/uapi/linux/vhost.h /linux-6.15/include/uapi/linux/virtio_pci.h /linux-6.15/include/ufs/ufs_quirks.h /linux-6.15/io_uring/io_uring.c /linux-6.15/kernel/bpf/hashtab.c /linux-6.15/kernel/bpf/preload/bpf_preload_kern.c /linux-6.15/kernel/bpf/syscall.c /linux-6.15/kernel/cgroup/cgroup.c /linux-6.15/kernel/dma/coherent.c /linux-6.15/kernel/dma/contiguous.c /linux-6.15/kernel/dma/mapping.c /linux-6.15/kernel/events/core.c /linux-6.15/kernel/sched/ext.c /linux-6.15/kernel/sched/fair.c /linux-6.15/kernel/vhost_task.c /linux-6.15/mm/migrate.c /linux-6.15/net/ceph/osd_client.c /linux-6.15/net/core/lwtunnel.c /linux-6.15/net/core/netdev-genl.c /linux-6.15/net/core/selftests.c /linux-6.15/net/mptcp/pm_userspace.c /linux-6.15/net/sched/sch_hfsc.c /linux-6.15/net/sunrpc/cache.c /linux-6.15/net/tipc/monitor.c /linux-6.15/rust/kernel/firmware.rs /linux-6.15/samples/bpf/Makefile /linux-6.15/scripts/Makefile.extrawarn /linux-6.15/security/integrity/ima/ima_main.c /linux-6.15/security/landlock/domain.c /linux-6.15/security/landlock/domain.h /linux-6.15/security/landlock/syscalls.c /linux-6.15/tools/arch/x86/lib/x86-opcode-map.txt /linux-6.15/tools/hv/hv_kvp_daemon.c /linux-6.15/tools/sched_ext/scx_flatcg.bpf.c /linux-6.15/tools/testing/cxl/test/mem.c /linux-6.15/tools/testing/kunit/configs/all_tests.config /linux-6.15/tools/testing/selftests/bpf/prog_tests/for_each.c /linux-6.15/tools/testing/selftests/bpf/prog_tests/sockmap_ktls.c /linux-6.15/tools/testing/selftests/bpf/progs/bpf_misc.h /linux-6.15/tools/testing/selftests/bpf/progs/for_each_hash_modify.c /linux-6.15/tools/testing/selftests/landlock/audit.h /linux-6.15/tools/testing/selftests/landlock/audit_test.c /linux-6.15/tools/testing/selftests/landlock/fs_test.c /linux-6.15/tools/testing/selftests/net/mptcp/diag.sh /linux-6.15/tools/testing/selftests/pcie_bwctrl/Makefile /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/infra/qdiscs.json /linux-6.15/tools/testing/selftests/ublk/kublk.c /linux-6.15/tools/testing/selftests/ublk/kublk.h /linux-6.15/tools/testing/selftests/ublk/test_common.sh /linux-6.15/tools/testing/selftests/ublk/test_generic_05.sh
c59f7c96	30-Apr-2025	Paulo Alcantara <[email protected]>	smb: client: ensure aligned IO sizes Make all IO sizes multiple of PAGE_SIZE, either negotiated by the server or passed through rsize, wsize and bsize mount options, to prevent from breaking DIO rea smb: client: ensure aligned IO sizes Make all IO sizes multiple of PAGE_SIZE, either negotiated by the server or passed through rsize, wsize and bsize mount options, to prevent from breaking DIO reads and writes against servers that enforce alignment as specified in MS-FSA 2.1.5.3 and 2.1.5.4. Cc: [email protected] Reviewed-by: David Howells <[email protected]> Signed-off-by: Paulo Alcantara (Red Hat) <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... client/connect.c client/file.c client/fs_context.c client/fs_context.h client/smb1ops.c client/smb2pdu.c
f1221217	30-Dec-2024	Pali Rohár <[email protected]>	cifs: Fix changing times and read-only attr over SMB1 smb_set_file_info() function Function CIFSSMBSetPathInfo() is not supported by non-NT servers and returns error. Fallback code via open filehand cifs: Fix changing times and read-only attr over SMB1 smb_set_file_info() function Function CIFSSMBSetPathInfo() is not supported by non-NT servers and returns error. Fallback code via open filehandle and CIFSSMBSetFileInfo() does not work neither because CIFS_open() works also only on NT server. Therefore currently the whole smb_set_file_info() function as a SMB1 callback for the ->set_file_info() does not work with older non-NT SMB servers, like Win9x and others. This change implements fallback code in smb_set_file_info() which will works with any server and allows to change time values and also to set or clear read-only attributes. To make existing fallback code via CIFSSMBSetFileInfo() working with also non-NT servers, it is needed to change open function from CIFS_open() (which is NT specific) to cifs_open_file() which works with any server (this is just a open wrapper function which choose the correct open function supported by the server). CIFSSMBSetFileInfo() is working also on non-NT servers, but zero time values are not treated specially. So first it is needed to fill all time values if some of them are missing, via cifs_query_path_info() call. There is another issue, opening file in write-mode (needed for changing attributes) is not possible when the file has read-only attribute set. The only option how to clear read-only attribute is via SMB_COM_SETATTR command. And opening directory is not possible neither and here the SMB_COM_SETATTR command is the only option how to change attributes. And CIFSSMBSetFileInfo() does not honor setting read-only attribute, so for setting is also needed to use SMB_COM_SETATTR command. Existing code in cifs_query_path_info() is already using SMB_COM_GETATTR as a fallback code path (function SMBQueryInformation()), so introduce a new function SMBSetInformation which will implement SMB_COM_SETATTR command. My testing showed that Windows XP SMB1 client is also using SMB_COM_SETATTR command for setting or clearing read-only attribute against non-NT server. So this can prove that this is the correct way how to do it. With this change it is possible set all 4 time values and all attributes, including clearing and setting read-only bit on non-NT SMB servers. Tested against Win98 SMB1 server. This change fixes "touch" command which was failing when called on existing file. And fixes also "chmod +w" and "chmod -w" commands which were also failing (as they are changing read-only attribute). Note that this change depends on following change "cifs: Improve cifs_query_path_info() and cifs_query_file_info()" as it require to query all 4 time attribute values. Signed-off-by: Pali Rohár <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... client/cifspdu.h client/cifsproto.h client/cifssmb.c client/smb1ops.c
1041c117	30-Dec-2024	Pali Rohár <[email protected]>	cifs: Fix and improve cifs_query_path_info() and cifs_query_file_info() When CAP_NT_SMBS was not negotiated then do not issue CIFSSMBQPathInfo() and CIFSSMBQFileInfo() commands. CIFSSMBQPathInfo() i cifs: Fix and improve cifs_query_path_info() and cifs_query_file_info() When CAP_NT_SMBS was not negotiated then do not issue CIFSSMBQPathInfo() and CIFSSMBQFileInfo() commands. CIFSSMBQPathInfo() is not supported by non-NT Win9x SMB server and CIFSSMBQFileInfo() returns from Win9x SMB server bogus data in Attributes field (for example lot of files are marked as reparse points, even Win9x does not support them and read-only bit is not marked for read-only files). Correct information is returned by CIFSFindFirst() or SMBQueryInformation() command. So as a fallback in cifs_query_path_info() function use CIFSFindFirst() with SMB_FIND_FILE_FULL_DIRECTORY_INFO level which is supported by both NT and non-NT servers and as a last option use SMBQueryInformation() as it was before. And in function cifs_query_file_info() immediately returns -EOPNOTSUPP when not communicating with NT server. Client then revalidate inode entry by the cifs_query_path_info() call, which is working fine. So fstat() syscall on already opened file will receive correct information. Note that both fallback functions in non-UNICODE mode expands wildcards. Therefore those fallback functions cannot be used on paths which contain SMB wildcard characters (* ? " > <). CIFSFindFirst() returns all 4 time attributes as opposite of SMBQueryInformation() which returns only one. With this change it is possible to query all 4 times attributes from Win9x server and at the same time, client minimize sending of unsupported commands to server. Signed-off-by: Pali Rohár <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... client/smb1ops.c
74c72419	29-Apr-2025	Jethro Donaldson <[email protected]>	smb: client: fix zero length for mkdir POSIX create context SMB create requests issued via smb311_posix_mkdir() have an incorrect length of zero bytes for the POSIX create context data. ksmbd server smb: client: fix zero length for mkdir POSIX create context SMB create requests issued via smb311_posix_mkdir() have an incorrect length of zero bytes for the POSIX create context data. ksmbd server rejects such requests and logs "cli req too short" causing mkdir to fail with "invalid argument" on the client side. It also causes subsequent rmmod to crash in cifs_destroy_request_bufs() Inspection of packets sent by cifs.ko using wireshark show valid data for the SMB2_POSIX_CREATE_CONTEXT is appended with the correct offset, but with an incorrect length of zero bytes. Fails with ksmbd+cifs.ko only as Windows server/client does not use POSIX extensions. Fix smb311_posix_mkdir() to set req->CreateContextsLength as part of appending the POSIX creation context to the request. Signed-off-by: Jethro Donaldson <[email protected]> Acked-by: Paulo Alcantara (Red Hat) <[email protected]> Reviewed-by: Namjae Jeon <[email protected]> Cc: [email protected] Signed-off-by: Steve French <[email protected]> show more ... /linux-6.15/CREDITS /linux-6.15/Documentation/ABI/stable/sysfs-block /linux-6.15/Documentation/ABI/testing/sysfs-kernel-reboot /linux-6.15/Documentation/admin-guide/xfs.rst /linux-6.15/Documentation/arch/openrisc/openrisc_port.rst /linux-6.15/Documentation/bpf/bpf_devel_QA.rst /linux-6.15/Documentation/devicetree/bindings/nvmem/layouts/fixed-cell.yaml /linux-6.15/Documentation/devicetree/bindings/nvmem/qcom,qfprom.yaml /linux-6.15/Documentation/devicetree/bindings/nvmem/rockchip,otp.yaml /linux-6.15/Documentation/translations/zh_CN/arch/openrisc/openrisc_port.rst /linux-6.15/Documentation/translations/zh_TW/arch/openrisc/openrisc_port.rst /linux-6.15/MAINTAINERS /linux-6.15/Makefile /linux-6.15/arch/arm64/include/asm/kvm_host.h /linux-6.15/arch/arm64/include/asm/mmu.h /linux-6.15/arch/arm64/kernel/cpu_errata.c /linux-6.15/arch/arm64/kernel/image-vars.h /linux-6.15/arch/arm64/kernel/pi/map_kernel.c /linux-6.15/arch/arm64/kvm/arm.c /linux-6.15/arch/loongarch/Kconfig /linux-6.15/arch/loongarch/include/asm/fpu.h /linux-6.15/arch/loongarch/include/asm/lbt.h /linux-6.15/arch/loongarch/include/asm/ptrace.h /linux-6.15/arch/loongarch/kernel/Makefile /linux-6.15/arch/loongarch/kernel/fpu.S /linux-6.15/arch/loongarch/kernel/lbt.S /linux-6.15/arch/loongarch/kernel/signal.c /linux-6.15/arch/loongarch/kernel/traps.c /linux-6.15/arch/loongarch/kvm/Makefile /linux-6.15/arch/loongarch/kvm/intc/ipi.c /linux-6.15/arch/loongarch/kvm/main.c /linux-6.15/arch/loongarch/kvm/vcpu.c /linux-6.15/arch/loongarch/mm/hugetlbpage.c /linux-6.15/arch/loongarch/mm/init.c /linux-6.15/arch/openrisc/include/asm/cacheflush.h /linux-6.15/arch/openrisc/include/asm/cpuinfo.h /linux-6.15/arch/openrisc/kernel/Makefile /linux-6.15/arch/openrisc/kernel/cacheinfo.c /linux-6.15/arch/openrisc/kernel/dma.c /linux-6.15/arch/openrisc/kernel/setup.c /linux-6.15/arch/openrisc/mm/cache.c /linux-6.15/arch/openrisc/mm/init.c /linux-6.15/arch/riscv/include/asm/cacheflush.h /linux-6.15/arch/riscv/kernel/Makefile /linux-6.15/arch/riscv/kernel/probes/uprobes.c /linux-6.15/arch/x86/boot/Makefile /linux-6.15/arch/x86/events/core.c /linux-6.15/arch/x86/include/asm/kvm_host.h /linux-6.15/arch/x86/include/asm/pgalloc.h /linux-6.15/arch/x86/kernel/e820.c /linux-6.15/arch/x86/kernel/machine_kexec_32.c /linux-6.15/arch/x86/kvm/svm/avic.c /linux-6.15/arch/x86/kvm/trace.h /linux-6.15/arch/x86/kvm/vmx/posted_intr.c /linux-6.15/arch/x86/kvm/x86.c /linux-6.15/arch/x86/lib/x86-opcode-map.txt /linux-6.15/arch/x86/mm/pgtable.c /linux-6.15/arch/x86/platform/efi/efi_64.c /linux-6.15/block/bdev.c /linux-6.15/block/blk-cgroup.c /linux-6.15/block/blk-settings.c /linux-6.15/block/blk-zoned.c /linux-6.15/block/blk.h /linux-6.15/block/fops.c /linux-6.15/block/ioctl.c /linux-6.15/crypto/scompress.c /linux-6.15/crypto/testmgr.c /linux-6.15/drivers/accel/ivpu/ivpu_drv.c /linux-6.15/drivers/accel/ivpu/ivpu_fw.c /linux-6.15/drivers/accel/ivpu/ivpu_hw.h /linux-6.15/drivers/accel/ivpu/ivpu_hw_btrs.c /linux-6.15/drivers/accel/ivpu/ivpu_hw_btrs.h /linux-6.15/drivers/accel/ivpu/ivpu_job.c /linux-6.15/drivers/accel/ivpu/ivpu_sysfs.c /linux-6.15/drivers/accel/ivpu/vpu_boot_api.h /linux-6.15/drivers/accel/ivpu/vpu_jsm_api.h /linux-6.15/drivers/acpi/acpica/aclocal.h /linux-6.15/drivers/acpi/acpica/nsrepair2.c /linux-6.15/drivers/android/binder.c /linux-6.15/drivers/ata/libata-scsi.c /linux-6.15/drivers/base/auxiliary.c /linux-6.15/drivers/base/base.h /linux-6.15/drivers/base/bus.c /linux-6.15/drivers/base/core.c /linux-6.15/drivers/base/dd.c /linux-6.15/drivers/base/devtmpfs.c /linux-6.15/drivers/base/memory.c /linux-6.15/drivers/base/swnode.c /linux-6.15/drivers/block/ublk_drv.c /linux-6.15/drivers/char/misc.c /linux-6.15/drivers/char/virtio_console.c /linux-6.15/drivers/comedi/drivers/jr3_pci.c /linux-6.15/drivers/cpufreq/Kconfig.arm /linux-6.15/drivers/cpufreq/apple-soc-cpufreq.c /linux-6.15/drivers/cpufreq/cppc_cpufreq.c /linux-6.15/drivers/cpufreq/cpufreq-dt-platdev.c /linux-6.15/drivers/cpufreq/scmi-cpufreq.c /linux-6.15/drivers/cpufreq/scpi-cpufreq.c /linux-6.15/drivers/cpufreq/sun50i-cpufreq-nvmem.c /linux-6.15/drivers/crypto/atmel-sha204a.c /linux-6.15/drivers/cxl/core/core.h /linux-6.15/drivers/cxl/core/features.c /linux-6.15/drivers/cxl/core/pci.c /linux-6.15/drivers/cxl/core/port.c /linux-6.15/drivers/cxl/core/regs.c /linux-6.15/drivers/cxl/cxl.h /linux-6.15/drivers/cxl/pci.c /linux-6.15/drivers/cxl/pmem.c /linux-6.15/drivers/dma-buf/sw_sync.c /linux-6.15/drivers/firmware/stratix10-svc.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu.h /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gfx_v12_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gmc_v12_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/psp_v11_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/psp_v13_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/psp_v14_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/vi.c /linux-6.15/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c /linux-6.15/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dml/dcn35/dcn35_fpu.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dml2/dml21/dml21_wrapper.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dml2/dml2_wrapper.c /linux-6.15/drivers/gpu/drm/amd/display/dc/link/protocols/link_dp_training_8b_10b.c /linux-6.15/drivers/gpu/drm/exynos/exynos7_drm_decon.c /linux-6.15/drivers/gpu/drm/exynos/exynos_drm_drv.c /linux-6.15/drivers/gpu/drm/exynos/exynos_drm_fimc.c /linux-6.15/drivers/gpu/drm/exynos/exynos_drm_fimd.c /linux-6.15/drivers/gpu/drm/exynos/exynos_drm_vidi.c /linux-6.15/drivers/gpu/drm/i915/display/intel_display_device.h /linux-6.15/drivers/gpu/drm/i915/display/intel_dp.c /linux-6.15/drivers/gpu/drm/meson/meson_drv.c /linux-6.15/drivers/gpu/drm/meson/meson_drv.h /linux-6.15/drivers/gpu/drm/meson/meson_encoder_hdmi.c /linux-6.15/drivers/gpu/drm/meson/meson_vclk.c /linux-6.15/drivers/gpu/drm/meson/meson_vclk.h /linux-6.15/drivers/gpu/drm/mgag200/mgag200_mode.c /linux-6.15/drivers/gpu/drm/msm/adreno/a6xx_gpu.c /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_1_14_msm8937.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_1_15_msm8917.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_1_16_msm8953.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_1_7_msm8996.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_3_2_sdm660.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_3_3_sdm630.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/dpu_plane.c /linux-6.15/drivers/gpu/drm/msm/registers/adreno/adreno_pm4.xml /linux-6.15/drivers/gpu/drm/panel/panel-jadard-jd9365da-h3.c /linux-6.15/drivers/gpu/drm/v3d/v3d_sched.c /linux-6.15/drivers/gpu/drm/virtio/virtgpu_drv.c /linux-6.15/drivers/gpu/drm/xe/xe_dma_buf.c /linux-6.15/drivers/gpu/drm/xe/xe_guc_ads.c /linux-6.15/drivers/gpu/drm/xe/xe_hmm.c /linux-6.15/drivers/gpu/drm/xe/xe_pxp_debugfs.c /linux-6.15/drivers/hwtracing/intel_th/Kconfig /linux-6.15/drivers/hwtracing/intel_th/msu.c /linux-6.15/drivers/i2c/busses/i2c-cros-ec-tunnel.c /linux-6.15/drivers/i2c/i2c-atr.c /linux-6.15/drivers/iio/magnetometer/ak8974.c /linux-6.15/drivers/input/joystick/magellan.c /linux-6.15/drivers/iommu/amd/iommu.c /linux-6.15/drivers/irqchip/irq-gic-v2m.c /linux-6.15/drivers/mcb/mcb-parse.c /linux-6.15/drivers/md/bcache/super.c /linux-6.15/drivers/misc/mchp_pci1xxxx/mchp_pci1xxxx_gpio.c /linux-6.15/drivers/misc/mei/hw-me-regs.h /linux-6.15/drivers/misc/mei/pci-me.c /linux-6.15/drivers/misc/mei/vsc-tp.c /linux-6.15/drivers/misc/pci_endpoint_test.c /linux-6.15/drivers/net/dsa/mt7530.c /linux-6.15/drivers/net/ethernet/amd/pds_core/adminq.c /linux-6.15/drivers/net/ethernet/amd/pds_core/auxbus.c /linux-6.15/drivers/net/ethernet/amd/pds_core/core.c /linux-6.15/drivers/net/ethernet/amd/pds_core/core.h /linux-6.15/drivers/net/ethernet/amd/pds_core/devlink.c /linux-6.15/drivers/net/ethernet/freescale/enetc/enetc.c /linux-6.15/drivers/net/ethernet/mediatek/mtk_eth_soc.c /linux-6.15/drivers/net/ethernet/mediatek/mtk_eth_soc.h /linux-6.15/drivers/net/ethernet/mellanox/mlx5/core/lib/fs_ttc.c /linux-6.15/drivers/net/ethernet/stmicro/stmmac/dwmac1000.h /linux-6.15/drivers/net/ethernet/stmicro/stmmac/dwmac1000_core.c /linux-6.15/drivers/net/ethernet/stmicro/stmmac/stmmac_hwtstamp.c /linux-6.15/drivers/net/phy/dp83822.c /linux-6.15/drivers/net/phy/microchip.c /linux-6.15/drivers/net/phy/phy_led_triggers.c /linux-6.15/drivers/net/phy/phylink.c /linux-6.15/drivers/net/virtio_net.c /linux-6.15/drivers/net/wireless/ath/carl9170/fw.c /linux-6.15/drivers/net/wireless/intel/iwlwifi/mld/d3.c /linux-6.15/drivers/net/xen-netfront.c /linux-6.15/drivers/nvme/target/core.c /linux-6.15/drivers/nvmem/core.c /linux-6.15/drivers/nvmem/qfprom.c /linux-6.15/drivers/nvmem/rockchip-otp.c /linux-6.15/drivers/pci/setup-bus.c /linux-6.15/drivers/power/supply/power_supply_sysfs.c /linux-6.15/drivers/pps/generators/pps_gen_tio.c /linux-6.15/drivers/scsi/mpi3mr/mpi3mr_fw.c /linux-6.15/drivers/scsi/scsi.c /linux-6.15/drivers/scsi/scsi_lib.c /linux-6.15/drivers/target/iscsi/iscsi_target.c /linux-6.15/drivers/tty/serial/msm_serial.c /linux-6.15/drivers/tty/serial/sifive.c /linux-6.15/drivers/tty/vt/selection.c /linux-6.15/drivers/ufs/core/ufs-mcq.c /linux-6.15/drivers/ufs/core/ufshcd.c /linux-6.15/drivers/ufs/host/ufs-qcom.c /linux-6.15/drivers/ufs/host/ufs-qcom.h /linux-6.15/drivers/usb/cdns3/cdns3-gadget.c /linux-6.15/drivers/usb/chipidea/ci_hdrc_imx.c /linux-6.15/drivers/usb/class/cdc-wdm.c /linux-6.15/drivers/usb/core/quirks.c /linux-6.15/drivers/usb/dwc3/dwc3-xilinx.c /linux-6.15/drivers/usb/dwc3/gadget.c /linux-6.15/drivers/usb/host/ohci-pci.c /linux-6.15/drivers/usb/host/xhci-hub.c /linux-6.15/drivers/usb/host/xhci-ring.c /linux-6.15/drivers/usb/host/xhci.c /linux-6.15/drivers/usb/host/xhci.h /linux-6.15/drivers/usb/serial/ftdi_sio.c /linux-6.15/drivers/usb/serial/ftdi_sio_ids.h /linux-6.15/drivers/usb/serial/option.c /linux-6.15/drivers/usb/serial/usb-serial-simple.c /linux-6.15/drivers/usb/storage/unusual_uas.h /linux-6.15/drivers/usb/typec/class.c /linux-6.15/drivers/usb/typec/class.h /linux-6.15/drivers/vhost/scsi.c /linux-6.15/drivers/virtio/virtio.c /linux-6.15/drivers/virtio/virtio_pci_modern.c /linux-6.15/drivers/virtio/virtio_ring.c /linux-6.15/fs/Kconfig /linux-6.15/fs/bcachefs/alloc_foreground.c /linux-6.15/fs/bcachefs/alloc_foreground.h /linux-6.15/fs/bcachefs/bcachefs_format.h /linux-6.15/fs/bcachefs/bkey_methods.c /linux-6.15/fs/bcachefs/btree_iter.c /linux-6.15/fs/bcachefs/dirent.c /linux-6.15/fs/bcachefs/dirent.h /linux-6.15/fs/bcachefs/error.c /linux-6.15/fs/bcachefs/error.h /linux-6.15/fs/bcachefs/fs-ioctl.c /linux-6.15/fs/bcachefs/fs-ioctl.h /linux-6.15/fs/bcachefs/fs.c /linux-6.15/fs/bcachefs/inode.h /linux-6.15/fs/bcachefs/inode_format.h /linux-6.15/fs/bcachefs/journal.c /linux-6.15/fs/bcachefs/journal.h /linux-6.15/fs/bcachefs/journal_reclaim.c /linux-6.15/fs/bcachefs/movinggc.c /linux-6.15/fs/bcachefs/movinggc.h /linux-6.15/fs/bcachefs/namei.c /linux-6.15/fs/bcachefs/opts.h /linux-6.15/fs/bcachefs/rebalance.c /linux-6.15/fs/bcachefs/rebalance.h /linux-6.15/fs/bcachefs/recovery.c /linux-6.15/fs/bcachefs/recovery_passes.c /linux-6.15/fs/bcachefs/snapshot.c /linux-6.15/fs/bcachefs/str_hash.h /linux-6.15/fs/bcachefs/super-io.c /linux-6.15/fs/bcachefs/super.c /linux-6.15/fs/bcachefs/sysfs.c /linux-6.15/fs/bcachefs/tests.c /linux-6.15/fs/bcachefs/util.h /linux-6.15/fs/btrfs/file.c /linux-6.15/fs/btrfs/relocation.c /linux-6.15/fs/btrfs/subpage.c /linux-6.15/fs/btrfs/tree-checker.c /linux-6.15/fs/btrfs/zoned.c /linux-6.15/fs/buffer.c /linux-6.15/fs/cachefiles/key.c /linux-6.15/fs/ceph/inode.c /linux-6.15/fs/dax.c /linux-6.15/fs/eventpoll.c /linux-6.15/fs/ext4/ialloc.c /linux-6.15/fs/ext4/mballoc.c /linux-6.15/fs/file.c /linux-6.15/fs/jbd2/revoke.c /linux-6.15/fs/namei.c /linux-6.15/fs/namespace.c /linux-6.15/fs/netfs/fscache_cache.c /linux-6.15/fs/netfs/fscache_cookie.c /linux-6.15/fs/nfs/Kconfig /linux-6.15/fs/nfs/internal.h /linux-6.15/fs/nfs/nfs4session.h /linux-6.15/fs/nfsd/Kconfig /linux-6.15/fs/nfsd/nfs4state.c /linux-6.15/fs/nfsd/nfsfh.h /linux-6.15/fs/ocfs2/journal.c client/smb2pdu.c /linux-6.15/fs/splice.c /linux-6.15/fs/stat.c /linux-6.15/fs/xattr.c /linux-6.15/fs/xfs/xfs_zone_gc.c /linux-6.15/include/acpi/actbl.h /linux-6.15/include/cxl/features.h /linux-6.15/include/drm/drm_gem.h /linux-6.15/include/linux/backing-dev.h /linux-6.15/include/linux/blkdev.h /linux-6.15/include/linux/buffer_head.h /linux-6.15/include/linux/ceph/osd_client.h /linux-6.15/include/linux/dma-mapping.h /linux-6.15/include/linux/file_ref.h /linux-6.15/include/linux/fwnode.h /linux-6.15/include/linux/local_lock_internal.h /linux-6.15/include/linux/mm.h /linux-6.15/include/linux/mmzone.h /linux-6.15/include/linux/namei.h /linux-6.15/include/linux/nfs.h /linux-6.15/include/linux/phylink.h /linux-6.15/include/linux/virtio.h /linux-6.15/include/uapi/drm/ivpu_accel.h /linux-6.15/include/uapi/linux/landlock.h /linux-6.15/include/uapi/linux/vhost.h /linux-6.15/include/uapi/linux/virtio_pci.h /linux-6.15/include/ufs/ufs_quirks.h /linux-6.15/init/Kconfig /linux-6.15/io_uring/io_uring.c /linux-6.15/kernel/audit_watch.c /linux-6.15/kernel/bpf/hashtab.c /linux-6.15/kernel/bpf/preload/bpf_preload_kern.c /linux-6.15/kernel/bpf/syscall.c /linux-6.15/kernel/cgroup/cgroup.c /linux-6.15/kernel/dma/coherent.c /linux-6.15/kernel/dma/contiguous.c /linux-6.15/kernel/dma/mapping.c /linux-6.15/kernel/events/core.c /linux-6.15/kernel/sched/ext.c /linux-6.15/kernel/sched/fair.c /linux-6.15/kernel/trace/ftrace.c /linux-6.15/kernel/trace/trace_entries.h /linux-6.15/kernel/trace/trace_events_filter.c /linux-6.15/kernel/vhost_task.c /linux-6.15/mm/gup.c /linux-6.15/mm/hugetlb_vmemmap.c /linux-6.15/mm/internal.h /linux-6.15/mm/memcontrol-v1.c /linux-6.15/mm/memory.c /linux-6.15/mm/migrate.c /linux-6.15/mm/mm_init.c /linux-6.15/mm/page_alloc.c /linux-6.15/mm/vmscan.c /linux-6.15/net/ceph/osd_client.c /linux-6.15/net/core/lwtunnel.c /linux-6.15/net/core/netdev-genl.c /linux-6.15/net/core/selftests.c /linux-6.15/net/mptcp/pm_userspace.c /linux-6.15/net/sched/sch_hfsc.c /linux-6.15/net/sunrpc/cache.c /linux-6.15/net/tipc/monitor.c /linux-6.15/rust/Makefile /linux-6.15/rust/helpers/dma.c /linux-6.15/rust/helpers/helpers.c /linux-6.15/rust/helpers/io.c /linux-6.15/rust/kernel/firmware.rs /linux-6.15/rust/pin-init/examples/pthread_mutex.rs /linux-6.15/rust/pin-init/src/alloc.rs /linux-6.15/rust/pin-init/src/lib.rs /linux-6.15/samples/bpf/Makefile /linux-6.15/scripts/Makefile.compiler /linux-6.15/scripts/Makefile.extrawarn /linux-6.15/scripts/generate_rust_analyzer.py /linux-6.15/security/integrity/ima/ima_main.c /linux-6.15/security/landlock/domain.c /linux-6.15/security/landlock/domain.h /linux-6.15/security/landlock/syscalls.c /linux-6.15/tools/arch/x86/lib/x86-opcode-map.txt /linux-6.15/tools/objtool/check.c /linux-6.15/tools/sched_ext/scx_flatcg.bpf.c /linux-6.15/tools/testing/cxl/test/mem.c /linux-6.15/tools/testing/kunit/configs/all_tests.config /linux-6.15/tools/testing/selftests/bpf/prog_tests/for_each.c /linux-6.15/tools/testing/selftests/bpf/prog_tests/sockmap_ktls.c /linux-6.15/tools/testing/selftests/bpf/progs/bpf_misc.h /linux-6.15/tools/testing/selftests/bpf/progs/for_each_hash_modify.c /linux-6.15/tools/testing/selftests/ftrace/test.d/filter/event-filter-function.tc /linux-6.15/tools/testing/selftests/landlock/audit.h /linux-6.15/tools/testing/selftests/landlock/audit_test.c /linux-6.15/tools/testing/selftests/landlock/fs_test.c /linux-6.15/tools/testing/selftests/net/mptcp/diag.sh /linux-6.15/tools/testing/selftests/pcie_bwctrl/Makefile /linux-6.15/tools/testing/selftests/tc-testing/tc-tests/infra/qdiscs.json /linux-6.15/tools/testing/selftests/ublk/kublk.c /linux-6.15/tools/testing/selftests/ublk/kublk.h /linux-6.15/tools/testing/selftests/ublk/test_common.sh /linux-6.15/tools/testing/selftests/ublk/test_generic_05.sh
2fc9feff	21-Apr-2025	Sean Heelan <[email protected]>	ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for that connection could be in the smb2_sess_setup function which makes use of sess->user. Cc: [email protected] Signed-off-by: Sean Heelan <[email protected]> Acked-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/smb2pdu.c
e86e9134	19-Apr-2025	Sean Heelan <[email protected]>	ksmbd: fix use-after-free in kerberos authentication Setting sess->user = NULL was introduced to fix the dangling pointer created by ksmbd_free_user. However, it is possible another thread could be ksmbd: fix use-after-free in kerberos authentication Setting sess->user = NULL was introduced to fix the dangling pointer created by ksmbd_free_user. However, it is possible another thread could be operating on the session and make use of sess->user after it has been passed to ksmbd_free_user but before sess->user is set to NULL. Cc: [email protected] Signed-off-by: Sean Heelan <[email protected]> Acked-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/auth.c server/smb2pdu.c
a1f46c99	17-Apr-2025	Namjae Jeon <[email protected]>	ksmbd: fix use-after-free in ksmbd_session_rpc_open A UAF issue can occur due to a race condition between ksmbd_session_rpc_open() and __session_rpc_close(). Add rpc_lock to the session to protect i ksmbd: fix use-after-free in ksmbd_session_rpc_open A UAF issue can occur due to a race condition between ksmbd_session_rpc_open() and __session_rpc_close(). Add rpc_lock to the session to protect it. Cc: [email protected] Reported-by: Norbert Szetei <[email protected]> Tested-by: Norbert Szetei <[email protected]> Signed-off-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/mgmt/user_session.c server/mgmt/user_session.h
af5226ab	16-Apr-2025	Salah Triki <[email protected]>	smb: server: smb2pdu: check return value of xa_store() xa_store() may fail so check its return value and return error code if error occurred. Signed-off-by: Salah Triki <[email protected]> Acke smb: server: smb2pdu: check return value of xa_store() xa_store() may fail so check its return value and return error code if error occurred. Signed-off-by: Salah Triki <[email protected]> Acked-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... /linux-6.15/CREDITS /linux-6.15/Documentation/ABI/stable/sysfs-block /linux-6.15/Documentation/ABI/testing/sysfs-kernel-reboot /linux-6.15/MAINTAINERS /linux-6.15/Makefile /linux-6.15/block/bdev.c /linux-6.15/drivers/accel/ivpu/ivpu_drv.c /linux-6.15/drivers/accel/ivpu/ivpu_fw.c /linux-6.15/drivers/accel/ivpu/ivpu_hw.h /linux-6.15/drivers/accel/ivpu/ivpu_hw_btrs.c /linux-6.15/drivers/accel/ivpu/ivpu_hw_btrs.h /linux-6.15/drivers/accel/ivpu/ivpu_job.c /linux-6.15/drivers/accel/ivpu/ivpu_sysfs.c /linux-6.15/drivers/accel/ivpu/vpu_boot_api.h /linux-6.15/drivers/accel/ivpu/vpu_jsm_api.h /linux-6.15/drivers/acpi/acpica/aclocal.h /linux-6.15/drivers/acpi/acpica/nsrepair2.c /linux-6.15/drivers/acpi/tables.c /linux-6.15/drivers/dma-buf/sw_sync.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu.h /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu_device.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/amdgpu_gfx.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gfx_v11_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gfx_v12_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gmc_v10_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gmc_v11_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gmc_v12_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/gmc_v9_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/psp_v11_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/psp_v13_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/psp_v14_0.c /linux-6.15/drivers/gpu/drm/amd/amdgpu/vi.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dml2/dml21/dml21_wrapper.c /linux-6.15/drivers/gpu/drm/amd/display/dc/dml2/dml2_wrapper.c /linux-6.15/drivers/gpu/drm/i915/display/intel_display_device.h /linux-6.15/drivers/gpu/drm/i915/display/intel_dp.c /linux-6.15/drivers/gpu/drm/mgag200/mgag200_mode.c /linux-6.15/drivers/gpu/drm/msm/adreno/a6xx_gpu.c /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_1_14_msm8937.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_1_15_msm8917.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_1_16_msm8953.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_1_7_msm8996.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_3_2_sdm660.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/catalog/dpu_3_3_sdm630.h /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c /linux-6.15/drivers/gpu/drm/msm/disp/dpu1/dpu_plane.c /linux-6.15/drivers/gpu/drm/msm/registers/adreno/adreno_pm4.xml /linux-6.15/drivers/gpu/drm/v3d/v3d_sched.c /linux-6.15/drivers/gpu/drm/xe/xe_dma_buf.c /linux-6.15/drivers/gpu/drm/xe/xe_guc_ads.c /linux-6.15/drivers/gpu/drm/xe/xe_hmm.c /linux-6.15/drivers/gpu/drm/xe/xe_pxp_debugfs.c /linux-6.15/drivers/i2c/busses/i2c-cros-ec-tunnel.c /linux-6.15/drivers/i2c/i2c-atr.c /linux-6.15/drivers/iio/magnetometer/ak8974.c /linux-6.15/drivers/input/joystick/magellan.c /linux-6.15/drivers/md/bcache/super.c /linux-6.15/drivers/net/wireless/ath/carl9170/fw.c /linux-6.15/drivers/net/wireless/intel/iwlwifi/mld/d3.c /linux-6.15/drivers/power/supply/power_supply_sysfs.c /linux-6.15/fs/Kconfig /linux-6.15/fs/cachefiles/key.c /linux-6.15/fs/dax.c /linux-6.15/fs/eventpoll.c /linux-6.15/fs/namei.c /linux-6.15/fs/netfs/fscache_cache.c /linux-6.15/fs/netfs/fscache_cookie.c /linux-6.15/fs/nfs/Kconfig /linux-6.15/fs/nfs/internal.h /linux-6.15/fs/nfs/nfs4session.h /linux-6.15/fs/nfsd/Kconfig /linux-6.15/fs/nfsd/nfs4state.c /linux-6.15/fs/nfsd/nfsfh.h server/smb2pdu.c /linux-6.15/fs/stat.c /linux-6.15/include/acpi/actbl.h /linux-6.15/include/drm/drm_gem.h /linux-6.15/include/linux/backing-dev.h /linux-6.15/include/linux/blkdev.h /linux-6.15/include/linux/mm.h /linux-6.15/include/linux/mmzone.h /linux-6.15/include/linux/namei.h /linux-6.15/include/linux/nfs.h /linux-6.15/include/uapi/drm/ivpu_accel.h /linux-6.15/init/Kconfig /linux-6.15/kernel/audit_watch.c /linux-6.15/kernel/trace/ftrace.c /linux-6.15/kernel/trace/trace_entries.h /linux-6.15/kernel/trace/trace_events_filter.c /linux-6.15/mm/gup.c /linux-6.15/mm/hugetlb_vmemmap.c /linux-6.15/mm/internal.h /linux-6.15/mm/memcontrol-v1.c /linux-6.15/mm/memory.c /linux-6.15/mm/mm_init.c /linux-6.15/mm/page_alloc.c /linux-6.15/mm/vmscan.c /linux-6.15/rust/Makefile /linux-6.15/rust/helpers/dma.c /linux-6.15/rust/helpers/helpers.c /linux-6.15/rust/helpers/io.c /linux-6.15/rust/pin-init/examples/pthread_mutex.rs /linux-6.15/rust/pin-init/src/alloc.rs /linux-6.15/rust/pin-init/src/lib.rs /linux-6.15/scripts/Makefile.compiler /linux-6.15/scripts/generate_rust_analyzer.py /linux-6.15/tools/objtool/check.c /linux-6.15/tools/testing/selftests/ftrace/test.d/filter/event-filter-function.tc
a93ff742	09-Apr-2025	Denis Arefev <[email protected]>	ksmbd: Prevent integer overflow in calculation of deadtime The user can set any value for 'deadtime'. This affects the arithmetic expression 'req->deadtime * SMB_ECHO_INTERVAL', which is subject to ksmbd: Prevent integer overflow in calculation of deadtime The user can set any value for 'deadtime'. This affects the arithmetic expression 'req->deadtime * SMB_ECHO_INTERVAL', which is subject to overflow. The added check makes the server behavior more predictable. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 0626e6641f6b ("cifsd: add server handler for central processing and tranport layers") Cc: [email protected] Signed-off-by: Denis Arefev <[email protected]> Acked-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/transport_ipc.c
b37f2f33	15-Apr-2025	Namjae Jeon <[email protected]>	ksmbd: fix the warning from __kernel_write_iter [ 2110.972290] ------------[ cut here ]------------ [ 2110.972301] WARNING: CPU: 3 PID: 735 at fs/read_write.c:599 __kernel_write_iter+0x21b/0x280 Th ksmbd: fix the warning from __kernel_write_iter [ 2110.972290] ------------[ cut here ]------------ [ 2110.972301] WARNING: CPU: 3 PID: 735 at fs/read_write.c:599 __kernel_write_iter+0x21b/0x280 This patch doesn't allow writing to directory. Cc: [email protected] Reported-by: Norbert Szetei <[email protected]> Tested-by: Norbert Szetei <[email protected]> Signed-off-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/vfs.c
18b4fac5	15-Apr-2025	Namjae Jeon <[email protected]>	ksmbd: fix use-after-free in smb_break_all_levII_oplock() There is a room in smb_break_all_levII_oplock that can cause racy issues when unlocking in the middle of the loop. This patch use read lock ksmbd: fix use-after-free in smb_break_all_levII_oplock() There is a room in smb_break_all_levII_oplock that can cause racy issues when unlocking in the middle of the loop. This patch use read lock to protect whole loop. Cc: [email protected] Reported-by: Norbert Szetei <[email protected]> Tested-by: Norbert Szetei <[email protected]> Signed-off-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/oplock.c server/oplock.h
21a4e475	11-Apr-2025	Namjae Jeon <[email protected]>	ksmbd: fix use-after-free in __smb2_lease_break_noti() Move tcp_transport free to ksmbd_conn_free. If ksmbd connection is referenced when ksmbd server thread terminates, It will not be freed, but co ksmbd: fix use-after-free in __smb2_lease_break_noti() Move tcp_transport free to ksmbd_conn_free. If ksmbd connection is referenced when ksmbd server thread terminates, It will not be freed, but conn->tcp_transport is freed. __smb2_lease_break_noti can be performed asynchronously when the connection is disconnected. __smb2_lease_break_noti calls ksmbd_conn_write, which can cause use-after-free when conn->ksmbd_transport is already freed. Cc: [email protected] Reported-by: Norbert Szetei <[email protected]> Tested-by: Norbert Szetei <[email protected]> Signed-off-by: Namjae Jeon <[email protected]> Signed-off-by: Steve French <[email protected]> show more ... server/connection.c server/transport_tcp.c server/transport_tcp.h
12 3 4 5 6 7 8 9 10 >>...36