WireGuard for the Linux kernel https://git.zx2c4.com/wireguard-linux/atom/fs?h=stable 2026-05-26T20:49:13Z 2026-05-26T20:49:13Z Linus Torvalds torvalds@linux-foundation.org 2026-05-26T20:49:13Z urn:sha1:eb3f4b7426cfd2b79d65b7d37155480b32259a11 Pull nfsd fixes from Chuck Lever: "Regressions: - Tighten bounds checking for sunrpc cache hash tables - Don't report key material in the ftrace log Stable fix: - Fix lockd's implementation of the NLM TEST procedure" * tag 'nfsd-7.1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux: lockd: fix TEST handling when not all permissions are available. NFSD: Report whether fh_key was actually updated sunrpc: prevent out-of-bounds read in __cache_seq_start() 2026-05-26T15:23:19Z Linus Torvalds torvalds@linux-foundation.org 2026-05-26T15:23:19Z urn:sha1:d60ec36cab338dfe2ae40d73e9c8d6c4af70d2b8 Pull misc fixes from Andrew Morton: "13 hotfixes. 9 are for MM. 9 are cc:stable and the remaining 4 address post-7.1 issues or aren't considered suitable for backporting. All patches are singletons - please see the individual changelogs for details" * tag 'mm-hotfixes-stable-2026-05-25-16-22' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: Revert "mm: introduce a new page type for page pool in page type" mm/vmalloc: do not trigger BUG() on BH disabled context MAINTAINERS, mailmap: change email for Eugen Hristev mm/migrate_device: fix pgtable leak in migrate_vma_insert_huge_pmd_page kernel/fork: validate exit_signal in kernel_clone() mm: memcontrol: propagate NMI slab stats to memcg vmstats mm/damon/sysfs-schemes: delete tried region in regions_rmdirs() mm/rmap: initialize nr_pages to 1 at loop start in try_to_unmap_one zram: fix use-after-free in zram_writeback_endio memfd: deny writeable mappings when implying SEAL_WRITE ipc: limit next_id allocation to the valid ID range Revert "mm/hugetlbfs: update hugetlbfs to use mmap_prepare" MAINTAINERS: .mailmap: update after GEHC spin-off 2026-05-25T12:48:58Z Mikulas Patocka mpatocka@redhat.com 2026-05-25T12:48:58Z urn:sha1:974820a59efde7c1a7e1260bcfe9bb81f833cc9f If hpfs_map_dnode_bitmap fails, the code would call hpfs_brelse4 on uninitialized quad buffer head, causing a crash. Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> Reported-by: Farhad Alemi <farhad.alemi@berkeley.edu> Cc: stable@vger.kernel.org 2026-05-23T23:59:02Z Linus Torvalds torvalds@linux-foundation.org 2026-05-23T23:59:02Z urn:sha1:4cbfe4502e3d4bda48eb4b83dfad8d7da3b22e90 Pull smb server fixes from Steve French: - fix for creating tmpfiles - fix durable reconnect error path - validate SID in security descriptor when inheriting DACL * tag 'v7.1-rc5-ksmbd-server-fixes' of git://git.samba.org/ksmbd: smb/server: promote S_DEL_ON_CLS to S_DEL_PENDING when close ksmbd: validate SID in parent security descriptor during ACL inheritance ksmbd: fix durable reconnect error path file lifetime 2026-05-23T23:54:48Z Linus Torvalds torvalds@linux-foundation.org 2026-05-23T23:54:48Z urn:sha1:400544639d2a11a9c1e276a912a9dff8fe4107dc Pull btrfs fixes from David Sterba: "A batch of fixes to simple quotas: - add conditional rescheduling point not dependent on the lock during inode iterations to avoid delays with PREEMPT_NONE enabled - fix subvolume deletion so it does not break the squota invariants - properly handle enabling squota, tracking extents in the initial transaction - catch and warn about underflows, clamp to zero to avoid further problems And one fix to inode size handling: - fix handling of preallocated extents beyond i_size when not using the no-holes feature" * tag 'for-7.1-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: btrfs: swallow btrfs_record_squota_delta() ENOENT btrfs: clamp to avoid squota underflow btrfs: fix squota accounting during enable generation btrfs: check for subvolume before deleting squota qgroup btrfs: always drop root->inodes lock before cond_resched() btrfs: mark file extent range dirty after converting prealloc extents 2026-05-23T23:51:22Z Linus Torvalds torvalds@linux-foundation.org 2026-05-23T23:51:22Z urn:sha1:f83ef5bca211a1bdc1ea661c11543712f96a6cea Pull xfs fix from Carlos Maiolino: "A single fix for a race in xfs buffer cache which may lead to filesystem shutdown due to inconsistent metadata if the buffer lookup happens to find an old dead buffer still in the cache" * tag 'xfs-fixes-7.1-rc5' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: xfs: fix a buffer lookup against removal race 2026-05-23T14:49:05Z Linus Torvalds torvalds@linux-foundation.org 2026-05-23T14:49:05Z urn:sha1:c8561c73b4a8669bb13c57a5853318cd02655f9b Pull driver core fixes from Danilo Krummrich: - Remove the software node on platform device release(); without this, the software node remains registered after the device is gone and a subsequent platform_device_register_full() reusing the same node fails with -EBUSY - In sysfs_update_group(), do not remove a pre-existing directory when create_files() fails; the previous code would silently destroy a sysfs group that the caller did not create - Set fwnode->secondary to NULL in fwnode_init() to avoid dereferencing uninitialized memory (e.g. in dev_to_swnode()) when the firmware node is allocated on the stack or via a non-zeroing allocator * tag 'driver-core-7.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/driver-core/driver-core: device property: set fwnode->secondary to NULL in fwnode_init() sysfs: don't remove existing directory on update failure driver core: platform: remove software node on release() 2026-05-23T14:15:18Z Carlos Maiolino cem@kernel.org 2026-05-23T14:15:18Z urn:sha1:8339dd0e5090f092c525c5e04b2a75ec5e5305a6 xfs: fixes for v7.1-rc5 Signed-off-by: Carlos Maiolino <cem@kernel.org> Lines starting with '#' will be ignored. 2026-05-22T17:52:26Z Linus Torvalds torvalds@linux-foundation.org 2026-05-22T17:52:26Z urn:sha1:558c3eca715ea0110fe6fce38b063a6f9936188c Pull smb client fixes from Steve French: - Fix missing lock - Fix dentry in use after unmounting - cifs.upcall security fix - require CAP_NET_ADMIN for swn netlink - change allocation in DUP_CTX_STR to GFP_KERNEL - minor smbdirect debug fix - handle_read_data() folio fix * tag 'v7.1-rc5-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6: smb: client: change allocation requirements in DUP_CTX_STR macro smb: client: require net admin for CIFS SWN netlink smb: smbdirect: divide, not multiply, milliseconds by 1000 cifs: Fix busy dentry used after unmounting smb: client: use data_len for SMB2 READ encrypted folioq copy smb: client: reject userspace cifs.spnego descriptions smb: client: protect tc_count increment in smb2_find_smb_sess_tcon_unlocked() 2026-05-22T17:44:18Z Linus Torvalds torvalds@linux-foundation.org 2026-05-22T17:44:18Z urn:sha1:632360e8f5fce2eee720e952fd84e8cefb5749b6 Pull zonefs fix from Damien Le Moal: - Avoid potential overflow when converting a zonefs file number string to an inode number (from Johannes) * tag 'zonefs-7.1-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs: zonefs: handle integer overflow in zonefs_fname_to_fno