Linux Kernel 6.17.3 released
Linux Kernel 6.17.3 is out now, and it comes with a number of important patches and fixes for problems with different parts of the operating system. One of the most important changes is to the VCN dump buffer. A patch series that fixed the CDNSP-PCI driver, the QCM2290 driver, and other parts added a double-free bug.
The problem with the CDNSP-PCI driver is that it uses pcim_enable_device() to turn on a PCI device, which causes it to be turned off automatically when the driver is detached through the managed device framework. Because of this, the manual call to pci_disable_device() in the error path is no longer needed. The QCM2290 driver, which is used for long and high-bandwidth workloads that could crash the controller, has also been updated with this change.
Linux 6.17.3 not only fixes problems with the VCN dump buffer, but it also improves performance and stability by fixing a data race in the CDNSP-PCI driver's handling of CPU latency PM QoS requests and fixing warnings related to this driver.
Another big change is that the USB network defaults have been changed to turn off runtime PM (autosuspend) for AX88772*. This could cause problems with power saving, like deadlocks or PM lock vs MDIO wake issues. To avoid these issues, ax88772_bind() should take a usage reference, and unbind() should drop it. This method makes sure that the device stays active by blocking runtime suspend, no matter what the userspace policy says.
There is also a buffer overflow vulnerability in the USB 9pfs transport layer. This inconsistency in size validation between parsing the packet header and copying the data allows a faulty USB host to overflow heap buffers. To fix this, the function usb9pfs_rx_complete() should check that req->actual does not go over the buffer capacity before copying data.
Furthermore, Linux 6.17.3 added ACPI support for FSL-MC and fixed problems with platform_get_resource() that caused it to return the wrong value. It has also added similar checks to pinmux_func_name_to_selector() to stop dereferencing NULL pointers.
In other parts of the kernel, code has been changed to fix use-after-free in tb_dp_dprx_work by using the right way to count references. This change stops memory leaks and makes sure that the system keeps valid tb_tunnels while work items are running. Also, bugs have been fixed in handling DisplayPort tunnel activation asynchronously, adding NULL checks for DMA channels before release, and fixing possible NULL pointer dereferences in pru_rproc_set_ctable().
There have also been updates to the kernel driver to fix problems with the evdev 32-bit compat and fastrpc_map_lookup operations. Some of the changes include enabling evdev 32-bit compatibility with uinput, allowing reset GPIO to enter sleep mode, fixing potential map leaks in fastrpc_put_args, adding support for context invoke methods, saving the actual DMA size in the fastrpc_map structure, and verifying the presence of a dma_buf object when looking up the map.
The kernel driver now needs to put calls for maps to be made as many times as there are fd buffers that need to be freed. The DSP only updates the fd list once, though, when the DSP refcount reaches zero. This can cause SMMU fault problems because the same fd may be used again in future calls.
Linux kernel 6.17.3 released
Linux kernel version 6.17.3 is now available:
Full source: https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.17.3.tar.xz
Patch: https://cdn.kernel.org/pub/linux/kernel/v6.x/patch-6.17.3.xz
PGP Signature: https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.17.3.tar.sign
You can view the summary of the changes at the following URL:
https://git.kernel.org/stable/ds/v6.17.3/v6.17.2
