aboutsummaryrefslogtreecommitdiff
path: root/init
AgeCommit message (Collapse)AuthorFilesLines
2026-06-21Merge tag 'mm-nonmm-stable-2026-06-21-10-22' of ↵Linus Torvalds1-12/+12
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull non-MM updates from Andrew Morton: - "taskstats: fix TGID dead-thread stat retention" (Yiyang Chen) Fix a taskstats TGID aggregation bug where fields added in the TGID query path were not preserved after thread exit, and adds a kselftest covering the regression. - "lib/tests: string_helpers: Slight improvements" (Andy Shevchenko) Improve lib/tests/string_helpers_kunit.c a little - "lib/base64: decode fixes" (Josh Law) Address minor issues in lib/base64.c - "selftests/filelock: Make output more kselftestish" (Mark Brown) Make the output from the ofdlocks test a bit easier for tooling to work with. Also ignore the generated file - "uaccess: unify inline vs outline copy_{from,to}_user() selection" (Yury Norov) Simplify the usercopy code by removing the selectability of inlining copy_{from,to}_user(). - "ocfs2: validate inline xattr header consumers" (ZhengYuan Huang) Fix a number of possible issues in the ocfs2 xattr code - "lib and lib/cmdline enhancements" (Dmitry Antipov) Provide additional robustness checking in the cmdline handling code and its in-kernel testing and selftests - "cleanup the RAID6 P/Q library" (Christoph Hellwig) Clean up the RAID6 P/Q library to match the recent updates to the RAID 5 XOR library and other CRC/crypto libraries - "ocfs2: harden inode validators against forged metadata" (Michael Bommarito) Add three structural checks to OCFS2 dinode validation so malformed on-disk fields are rejected before ocfs2_populate_inode() copies them into the in-core inode - "lib/raid: replace __get_free_pages() call with kmalloc()" (Mike Rapoport) Clean up the lib/raid code by using kmalloc() in more places * tag 'mm-nonmm-stable-2026-06-21-10-22' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: (108 commits) ocfs2: fix circular locking dependency in ocfs2_dio_end_io_write ocfs2: fix NULL h_transaction deref in ocfs2_assure_trans_credits lib: interval_tree_test: validate benchmark parameters ocfs2: avoid moving extents to occupied clusters treewide: fix transposed "sign" typos and update spelling.txt ocfs2: fix UBSAN array-index-out-of-bounds in ocfs2_sum_rightmost_rec fat: reject BPB volumes whose data area starts beyond total sectors selftests/uevent: increase __UEVENT_BUFFER_SIZE to avoid ENOBUFS on busy systems lib/test_firmware: allocate the configured into_buf size fs: efs: remove unneeded debug prints checkpatch: cuppress warnings when Reported-by: is followed by Link: MAINTAINERS: add Alexander as a kcov reviewer mailmap: update Alexander Sverdlin's Email addresses fs: fat: inode: replace sprintf() with scnprintf() ocfs2: fix out-of-bounds write in ocfs2_remove_refcount_extent ocfs2: fix race between ocfs2_control_install_private() and ocfs2_control_release() ocfs2/dlm: require a ref for locking_state debugfs open ocfs2: reject FITRIM ranges shorter than a cluster ocfs2: validate fast symlink target during inode read ocfs2: add journal NULL check in ocfs2_checkpoint_inode() ...
2026-06-16Merge tag 'bootconfig-v7.2' of ↵Linus Torvalds1-45/+0
git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull bootconfig updates from Masami Hiramatsu: - bootconfig: move xbc_snprint_cmdline() to lib/bootconfig.c Move the xbc_snprint_cmdline() function and its buffer from main.c to the shared lib/bootconfig.c parser library so it can be reused by userspace tools. - render kernel.* subtree as cmdline string with -C Add a new -C option to print the kernel.* subtree as a flat command-line string at build time, allowing early parameter injection without runtime parsing. * tag 'bootconfig-v7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: tools/bootconfig: render kernel.* subtree as cmdline string with -C bootconfig: move xbc_snprint_cmdline() to lib/bootconfig.c
2026-06-16Merge tag 'slab-for-7.2' of ↵Linus Torvalds1-0/+3
git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab Pull slab updates from Vlastimil Babka: - Support for "allocation tokens" (currently available in Clang 22+) for smarter partitioning of kmalloc caches based on the allocated object type, which can be enabled instead of the "random" per-caller-address-hash partitioning. It should be able to deterministically separate types containing a pointer from those that do not (Marco Elver) - Improvements and simplification of the kmem_cache_alloc_bulk() and mempool_alloc_bulk() API. This includes adaptation of callers (Christoph Hellwig) - Performance improvements and cleanups related mostly to sheaves refill (Hao Li, Shengming Hu, Vlastimil Babka) - Several fixups for the slabinfo tool (Xuewen Wang) * tag 'slab-for-7.2' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab: mm/slab: do not limit zeroing to orig_size when only red zoning is enabled mm/slub: preserve original size in _kmalloc_nolock_noprof retry path mm: simplify the mempool_alloc_bulk API mm/slab: improve kmem_cache_alloc_bulk mm/slub: detach and reattach partial slabs in batch mm/slub: introduce helpers for node partial slab state mm/slub: use empty sheaf helpers for oversized sheaves tools/mm/slabinfo: remove redundant slab->partial assignment tools/mm/slabinfo: remove dead assignment in get_obj_and_str() tools/mm/slabinfo: Fix trace disable logic inversion MAINTAINERS: add slab-related scripts and tools to SLAB ALLOCATOR mm/slub: fix typo in sheaves comment mm, slab: simplify returning slab in __refill_objects_node() mm, slab: add an optimistic __slab_try_return_freelist() slab: fix kernel-docs for mm-api slab: improve KMALLOC_PARTITION_RANDOM randomness slab: support for compiler-assisted type-based slab cache partitioning mm/slub: defer freelist construction until after bulk allocation from a new slab
2026-06-15Merge tag 'sched-core-2026-06-14' of ↵Linus Torvalds2-0/+16
gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip Pull scheduler updates from Ingo Molnar: "SMP load-balancing updates: - A large series to introduce infrastructure for cache-aware load balancing, with the goal of co-locating tasks that share data within the same Last Level Cache (LLC) domain. By improving cache locality, the scheduler can reduce cache bouncing and cache misses, ultimately improving data access efficiency. Implemented by Chen Yu and Tim Chen, based on early prototype work by Peter Zijlstra, with fixes by Jianyong Wu, Peter Zijlstra and Shrikanth Hegde. - A series to simplify CONFIG_SCHED_SMT ifdef usage (Shrikanth Hegde) Fair scheduler updates: - A series to improve SD_ASYM_CPUCAPACITY scheduling by introducing SMT awareness (Andrea Righi, K Prateek Nayak) - A series to optimize cfs_rq and sched_entity allocation for better data locality (Zecheng Li) - A preparatory series to change fair/cgroup scheduling to a single runqueue, without the final change (Peter Zijlstra) - Auto-manage ext/fair dl_server bandwidth (Andrea Righi) - Fix cpu_util runnable_avg arithmetic (Hongyan Xia) - Optimize update_tg_load_avg()'s rate-limiting code (Rik van Riel) - Allow account_cfs_rq_runtime() to throttle current hierarchy (K Prateek Nayak) - Update util_est after updating util_avg during dequeue, to fix the util signal update logic, which reduces signal noise (Vincent Guittot) Scheduler topology updates: - Allow multiple domains to claim sched_domain_shared (K Prateek Nayak) - Add parameter to split LLC (Peter Zijlstra) Core scheduler updates: - Use trace_call__<tp>() to save a static branch (Gabriele Monaco) Scheduler statistics updates: - Drop now-stale mul_u64_u64_div_u64() cputime over-approximation guard (Nicolas Pitre) Deadline scheduler updates: - Reject debugfs dl_server writes for offline CPUs (Andrea Righi) - Fix replenishment logic for non-deferred servers (Yuri Andriaccio) RT scheduling updates: - Turn RT_PUSH_IPI default off for non PREEMPT_RT (Steven Rostedt) - Update default bandwidth for real-time tasks to 1.0 (Yuri Andriaccio) Proxy scheduling updates: - A series to implement Optimized Donor Migration for Proxy Execution (John Stultz, Peter Zijlstra) - Various proxy scheduling cleanups and fixes (Peter Zijlstra, K Prateek Nayak) Misc fixes, improvements and cleanups by Aaron Lu, Andrea Righi, Zenghui Yu, Chen Yu, Guanyou.Chen, John Stultz, Shrikanth Hegde, Peter Zijlstra, Liang Luo and Yiyang Chen" * tag 'sched-core-2026-06-14' of gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip: (91 commits) sched/fair: Fix newidle vs core-sched sched/deadline: Use task_on_rq_migrating() helper sched/core: Combine separate 'else' and 'if' statements sched/fair: Fix cpu_util runnable_avg arithmetic sched/fair: Unify cfs_rq throttling via account_cfs_rq_runtime() sched/fair: Move the throttled tasks to a local list in tg_unthrottle_up() sched/fair: Call update_curr() before unthrottling the hierarchy sched/fair: Use throttled_csd_list for local unthrottle sched/fair: Convert cfs bandwidth throttling to use guards sched/fair: Allocate cfs_tg_state with percpu allocator sched/fair: Remove task_group->se pointer array sched/fair: Co-locate cfs_rq and sched_entity in cfs_tg_state sched: restore timer_slack_ns when resetting RT policy on fork MAINTAINERS: Fix spelling mistake in Peter's name sched: Simplify ttwu_runnable() sched/proxy: Remove superfluous clear_task_blocked_in() sched/proxy: Remove PROXY_WAKING sched/proxy: Switch proxy to use p->is_blocked sched/proxy: Only return migrate when needed sched: Be more strict about p->is_blocked ...
2026-06-15Merge tag 'locking-core-2026-06-14' of ↵Linus Torvalds1-0/+6
gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip Pull locking updates from Ingo Molnar: "Futex updates: - Optimize futex hash bucket access patterns (Peter Zijlstra) - Large series to address the robust futex unlock race for real, by Thomas Gleixner: "The robust futex unlock mechanism is racy in respect to the clearing of the robust_list_head::list_op_pending pointer because unlock and clearing the pointer are not atomic. The race window is between the unlock and clearing the pending op pointer. If the task is forced to exit in this window, exit will access a potentially invalid pending op pointer when cleaning up the robust list. That happens if another task manages to unmap the object containing the lock before the cleanup, which results in an UAF. In the worst case this UAF can lead to memory corruption when unrelated content has been mapped to the same address by the time the access happens. User space can't solve this problem without help from the kernel. This series provides the kernel side infrastructure to help it along: 1) Combined unlock, pointer clearing, wake-up for the contended case 2) VDSO based unlock and pointer clearing helpers with a fix-up function in the kernel when user space was interrupted within the critical section. ... with help by André Almeida: - Add a note about robust list race condition (André Almeida) - Add self-tests for robust release operations (André Almeida) Context analysis updates: - Implement context analysis for 'struct rt_mutex'. (Bart Van Assche) - Bump required Clang version to 23 (Marco Elver) Guard infrastructure updates: - Series to remove NULL check from unconditional guards (Dmitry Ilvokhin) Lockdep updates: - Restore self-test migrate_disable() and sched_rt_mutex state on PREEMPT_RT (Karl Mehltretter) Membarriers updates: - Use per-CPU mutexes for targeted commands (Aniket Gattani) - Modernize membarrier_global_expedited with cleanup guards (Aniket Gattani) - Add rseq stress test for CFS throttle interactions (Aniket Gattani) percpu-rwsems updates: - Extract __percpu_up_read() to optimize inlining overhead (Dmitry Ilvokhin) Seqlocks updates: - Allow UBSAN_ALIGNMENT to fail optimizing (Heiko Carstens) Lock tracing: - Add contended_release tracepoint to sleepable locks such as mutexes, percpu-rwsems, rtmutexes, rwsems and semaphores (Dmitry Ilvokhin) MAINTAINERS updates: - MAINTAINERS: Add RUST [SYNC] entry (Boqun Feng) Misc updates and fixes by Randy Dunlap, YE WEI-HONG, Fabricio Parra, Dmitry Ilvokhin and Peter Zijlstra" * tag 'locking-core-2026-06-14' of gitolite.kernel.org:pub/scm/linux/kernel/git/tip/tip: (36 commits) locking: Add contended_release tracepoint to sleepable locks locking/percpu-rwsem: Extract __percpu_up_read() tracing/lock: Remove unnecessary linux/sched.h include futex: Optimize futex hash bucket access patterns rust: sync: completion: Mark inline complete_all and wait_for_completion MAINTAINERS: Add RUST [SYNC] entry cleanup: Specify nonnull argument index selftests: futex: Add tests for robust release operations Documentation: futex: Add a note about robust list race condition x86/vdso: Implement __vdso_futex_robust_try_unlock() x86/vdso: Prepare for robust futex unlock support futex: Provide infrastructure to plug the non contended robust futex unlock race futex: Add robust futex unlock IP range futex: Add support for unlocking robust futexes futex: Cleanup UAPI defines x86: Select ARCH_MEMORY_ORDER_TSO uaccess: Provide unsafe_atomic_store_release_user() futex: Provide UABI defines for robust list entry modifiers futex: Move futex related mm_struct data into a struct futex: Make futex_mm_init() void ...
2026-06-15Merge tag 'rust-7.2' of gitolite.kernel.org:pub/scm/linux/kernel/git/ojeda/linuxLinus Torvalds1-1/+4
Pull Rust updates from Miguel Ojeda: "This one is big due to the vendoring of the `zerocopy` library, which allows us to replace a bunch of `unsafe` code dealing with conversions between byte sequences and other types with safe alternatives. More details on that below (and in its merge commit). Toolchain and infrastructure: - Introduce support for the 'zerocopy' library [1][2]: Fast, safe, compile error. Pick two. Zerocopy makes zero-cost memory manipulation effortless. We write `unsafe` so you don't have to. It essentially provides derivable traits (e.g. 'FromBytes') and macros (e.g. 'transmute!') for safely converting between byte sequences and other types. Having such support allows us to remove some 'unsafe' code. It is among the most downloaded Rust crates and it is also used by the Rust compiler itself. It is licensed under "BSD-2-Clause OR Apache-2.0 OR MIT". The crates are imported essentially as-is (only +2/-3 lines needed to be adapted), plus SPDX identifiers. Upstream has since added the SPDX identifiers as well as one of the tweaks at my request, thus reducing our future diffs on updates -- I keep the details in one of our usual live lists [3]. In total, it is about ~39k lines added, ~32k without counting 'benches/' which are just for documentation purposes. The series includes a few Kbuild and rust-analyzer improvements and an example patch using it in Nova, removing one 'unsafe impl'. I checked that the codegen of an isolated example function (similar to the Nova patch on top) is essentially identical. It also turns out that (for that particular case) the 'zerocopy' version, even with 'debug-assertions' enabled, has no remaining panics, unlike a few in the current code (since the compiler can prove the remaining 'ub_checks' statically). So their "fast, safe" does indeed check out -- at least in that case. - Support AutoFDO. This allows Rust code to be profiled and optimized based on the profile. Tested with Rust Binder: ~13% slower without AutoFDO in the binderAddInts benchmark (using an app-launch benchmark for the profile). - Support Software Tag-Based KASAN. In addition, fix KASAN Kconfig by requiring Clang. - Add Kconfig options for each existing Rust KUnit test suite, such as 'CONFIG_RUST_BITMAP_KUNIT_TEST'. They are placed within a new menu, 'CONFIG_RUST_KUNIT_TESTS', in the new 'rust/kernel/Kconfig.test' file. - Support the upcoming Rust 1.98.0 release (expected 2026-08-20): lint cleanups and an unstable flag rename. - Disable 'rustdoc' documentation inlining for all prelude items, which bloats the generated documentation. - Ignore (in Git) and clean (in Kbuild) the (rarely) 'rustc'-generated '*.long-type-*.txt' files. 'kernel' crate: - Add new 'bitfield' module with the 'bitfield!' macro (extracted from the existing 'register!' one), which declares integer types that are split into distinct bit fields of arbitrary length. Each field is a 'Bounded' of the appropriate bit width (ensuring values are properly validated and avoiding implicit data loss) and gets several generated getters and setters (infallible, 'const' and fallible) as well as associated constants ('_MASK', '_SHIFT' and '_RANGE'). It also supports fields that can be converted from/to custom types, either fallibly ('?=>') or infallibly ('=>'). For instance: bitfield! { struct Rgb(u16) { 15:11 blue; 10:5 green; 4:0 red; } } // Compile-time checks. let color = Rgb::zeroed().with_const_green::<0x1f>(); assert_eq!(color.green(), 0x1f); assert_eq!(color.into_raw(), 0x1f << Rgb::GREEN_SHIFT); Add as well documentation and a test suite for it, as usual; and update the 'register!' macro to use it. It will be maintained by Alexandre Courbot (with Yury Norov as reviewer) under a new 'MAINTAINERS' entry: 'RUST [BITFIELD]'. - 'ptr' module: rework index projection syntax into keyworded syntax and introduce panicking variant. The keyword syntax ('build:', 'try:', 'panic:') is more explicit and paves the way of perhaps adding more flavors in the future, e.g. an 'unsafe' index projection. For instance, projections now look like this: fn f(p: *const [u8; 32]) -> Result { // Ok, within bounds, checked at build time. project!(p, [build: 1]); // Build error. project!(p, [build: 128]); // `OutOfBound` runtime error (convertible to `ERANGE`). project!(p, [try: 128]); // Runtime panic. project!(p, [panic: 128]); Ok(()) } Update as well the users, which now look like e.g. // Pointer to the first entry of the GSP message queue. let data = project!(self.0.as_ptr(), .gspq.msgq.data[build: 0]); - 'build_assert' module: make the module the home of its macros instead of rendering them twice. - 'sync' module: add 'UniqueArc::as_ptr()' associated function. - 'alloc' module: - Fix the 'Vec::reserve()' doctest to properly account for the existing vector length in the capacity assertion. - Fix an incorrect operator in the 'Vec::extend_with()' 'SAFETY' comment; add a doc test demonstrating basic usage and the zero-length case. - Clean imports across several modules to follow the "kernel vertical" import style in order to minimize conflicts. 'pin-init' crate: - User visible changes: - Do not generate 'non_snake_case' warnings for identifiers that are syntactically just users of a field name. This would allow all '#[allow(non_snake_case)]' in nova-core to be removed, which Gary will send to the nova tree next cycle. - Filter non-cfg attributes out properly in derived structs. This improves pin-init compatibility with other derive macros. - Insert projection types' where clause properly. - Other changes: - Bump MSRV to 1.82, plus associated cleanups. - Overhaul how init slots are projected. The new approach is easier to justify with safety comments. - Mark more functions as inline, which should help mitigate the super-long symbol name issue due to lack of inlining. rust-analyzer: - Support '--envs' for passing env vars for crates like 'zerocopy'. 'MAINTAINERS': - Add the following reviewers to the 'RUST' entry: - Daniel Almeida - Tamir Duberstein - Alexandre Courbot - Onur Özkan They have been involved in the Rust for Linux project for about 7 collective years and bring expertise across several domains, which will be very useful to have around in the future. Thanks everyone for stepping up! And some other fixes, cleanups and improvements" Link: https://github.com/google/zerocopy [1] Link: https://docs.rs/zerocopy [2] Link: https://github.com/Rust-for-Linux/linux/issues/1239 [3] * tag 'rust-7.2' of gitolite.kernel.org:pub/scm/linux/kernel/git/ojeda/linux: (86 commits) MAINTAINERS: add Onur Özkan as Rust reviewer MAINTAINERS: add Alexandre Courbot as Rust reviewer MAINTAINERS: add Tamir Duberstein as Rust reviewer MAINTAINERS: add Daniel Almeida as Rust reviewer kbuild: rust: clean `zerocopy-derive` in `mrproper` rust: make `build_assert` module the home of related macros rust: str: clean unused import for Rust >= 1.98 rust: str: use the "kernel vertical" imports style rust: aref: use the "kernel vertical" imports style rust: page: use the "kernel vertical" imports style gpu: nova-core: firmware: parse `FalconUCodeDescV2` via `zerocopy` rust: prelude: add `zerocopy{,_derive}::FromBytes` rust: zerocopy-derive: enable support in kbuild rust: zerocopy-derive: add `README.md` rust: zerocopy-derive: avoid generating non-ASCII identifiers rust: zerocopy-derive: add SPDX License Identifiers rust: zerocopy-derive: import crate rust: zerocopy: enable support in kbuild rust: zerocopy: add `README.md` rust: zerocopy: remove float `Display` support ...
2026-06-15Merge tag 'kbuild-7.2-1' of ↵Linus Torvalds1-3/+0
git://git.kernel.org/pub/scm/linux/kernel/git/kbuild/linux Pull Kbuild / Kconfig updates from Nathan Chancellor: "Kbuild: - Remove broken module linking exclusion for BTF - Add documentation around how offset header files work - Include unstripped vDSO libraries in pacman packages - Bump minimum version of LLVM for building the kernel to 17.0.1 and clean up unnecessary workarounds - Use a context manager in run-clang-tools - Add dist macro value if present to release tag for RPM packages - Detect and report truncated buf_printf() output in modpost - Add __llvm_covfun and __llvm_covmap to section whitelist in modpost - Support Clang's distributed ThinLTO mode - Remove architecture specific configurations for AutoFDO and Propeller to ease individual architecture maintenance Kconfig: - Add kconfig-sym-check target to look for dangling Kconfig symbol references and invalid tristate literal values - Harden against potential NULL pointer dereference - Fix typo in Kconfig test comment" * tag 'kbuild-7.2-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kbuild/linux: (31 commits) kconfig: tests: fix typo in comment kconfig: Remove the architecture specific config for Propeller kconfig: Remove the architecture specific config for AutoFDO modpost: Add __llvm_covfun and __llvm_covmap to section_white_list kconfig: add kconfig-sym-check static checker kbuild: Remove unnecessary 'T' modifier in cmd_ar_builtin_fixup kbuild: distributed build support for Clang ThinLTO kbuild: move vmlinux.a build rule to scripts/Makefile.vmlinux_a scripts: modpost: detect and report truncated buf_printf() output kbuild: rpm-pkg: append %{?dist} macro to Release tag run-clang-tools: run multiprocessing.Pool as context manager compiler-clang.h: Drop explicit version number from "all" diagnostic macro compiler-clang.h: Remove __cleanup -Wunused-variable workaround kbuild: Remove check for broken scoping with clang < 17 in CC_HAS_ASM_GOTO_OUTPUT x86/entry/vdso32: Remove conditional omission of '.cfi_offset eflags' x86/module: Revert "Deal with GOT based stack cookie load on Clang < 17" x86/build: Drop unnecessary '-ffreestanding' addition to KBUILD_CFLAGS scripts/Makefile.warn: Drop -Wformat handling for clang < 16 riscv: Drop tautological condition from TOOLCHAIN_NEEDS_OLD_ISA_SPEC riscv: Remove tautological condition from selection of ARCH_SUPPORTS_CFI ...
2026-06-15Merge tag 'vfs-7.2-rc1.misc' of ↵Linus Torvalds3-57/+129
git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull misc vfs updates from Christian Brauner: "Features: - Reduce pipe->mutex contention by pre-allocating pages outside the lock in anon_pipe_write(). anon_pipe_write() called alloc_page() once per page while holding pipe->mutex. The allocation can sleep doing direct reclaim and runs memcg charging, which extends the critical section and stalls any concurrent reader on the same mutex. Now up to 8 pages are pre-allocated before the mutex is taken, leftovers are recycled into the per-pipe tmp_page[] cache before unlock, and any remainder is released after unlock, keeping the allocator out of the critical section on both sides. On a writers x readers sweep with 64KB writes against a 1 MB pipe throughput improves 6-28% and average write latency drops 5-22%; under memory pressure - when the cost of holding the mutex across reclaim is highest - throughput improves 21-48% and latency drops 17-33%. The microbenchmark is added to selftests. - uaccess/sockptr: fix the ignored_trailing logic in copy_struct_to_user() to behave as documented and the usize check in copy_struct_from_sockptr() for user pointers, and add copy_struct_{from,to}_bounce_buffer() and copy_struct_to_sockptr() helpers for upcoming users (IPPROTO_SMBDIRECT, IPPROTO_QUIC). - bpf: add a sleepable bpf_real_inode() kfunc that resolves the real inode backing a dentry via d_real_inode(). On overlayfs the inode attached to the dentry doesn't carry the underlying device information; this is used by the filesystem restriction BPF program that was merged into systemd. - docs: add guidelines for submitting new filesystems, motivated by the maintenance burden abandoned and untestable filesystems impose on VFS developers, blocking infrastructure work like folio conversions and iomap migration. Fixes: - libfs: set SB_I_NOEXEC and SB_I_NODEV by default in init_pseudo() and drop the now-redundant assignments in callers. This began as a one-line dma-buf fix for a path_noexec() warning; a pseudo filesystem has no reason not to set SB_I_NOEXEC. All init_pseudo() callers were audited: the only visible effect is on dma-buf where SB_I_NOEXEC silences the warning. - Handle set_blocksize() failures in legacy filesystems (bfs, hpfs, qnx4, jfs, befs, affs, isofs, minix, ntfs3, omfs). Mounting a device with a sector size > PAGE_SIZE crashed roughly half of them; the rest had the same missing error handling pattern. Plus a follow-up releasing the superblock buffer_head when setting the minix v3 block size fails. - mount: honour SB_NOUSER in the new mount API. - fs/fcntl: fix a SOFTIRQ-unsafe lock order in fasync signaling by switching the process-group paths of send_sigio() and send_sigurg() from read_lock(&tasklist_lock) to RCU, matching the single-PID path. - vfs: add an FS_USERNS_DELEGATABLE flag and set it for NFS, fixing delegated NFS mounts (fsopen() in a container with the mount performed by a privileged daemon) that broke when non-init s_user_ns was tied to FS_USERNS_MOUNT. - selftests/namespaces: fix a hang in nsid_test where an unreaped grandchild kept the TAP pipe write-end open, a waitpid(-1) race in listns_efault_test, and a false FAIL on kernels without listns() where the tests should SKIP. - filelock: fix the break_lease() stub signature for CONFIG_FILE_LOCKING=n. - init/initramfs_test: wait for the async initramfs unpacking before running; the test and do_populate_rootfs() share the parser state. - fs/coredump: reduce redundant log noise in validate_coredump_safety(). - iomap: pass the correct length to fserror_report_io() in __iomap_write_begin(). - backing-file: fix the backing_file_open() kerneldoc. Cleanups: - initramfs: refactor the cpio hex header parsing to use hex2bin() instead of the hand-rolled simple_strntoul() which is reverted, and extend the initramfs KUnit tests to cover header fields with 0x prefixes. - Replace __get_free_pages() and friends with kmalloc()/kzalloc() across quota, proc, ocfs2/dlm, nilfs2, nfs, nfsd, libfs, jfs, jbd2, isofs, fuse, select, namespace, configfs, binfmt_misc, bfs, and the do_mounts init code - part of the larger work of replacing page allocator calls with kmalloc(). - Use clear_and_wake_up_bit() in unlock_buffer() and journal_end_buffer_io_sync() instead of open-coding the sequence. - Drop unused VFS exports: unexport drop_super_exclusive(), remove start_removing_user_path_at(), and fold __start_removing_path() into start_removing_path(). - fs/read_write: narrow the __kernel_write() export with EXPORT_SYMBOL_FOR_MODULES(). - vfs: uapi: retire octal and hex constants in favor of (1 << n) for the O_ flags. Finding a free bit for a new flag across the architectures was needlessly hard with the mixed bases. - dcache: add extra sanity checks of dead dentries in dentry_free() via a new DENTRY_WARN_ONCE() that also prints d_flags. - iov_iter: use kmemdup_array() in dup_iter() to harden the allocation against multiplication overflow. - fs/pipe: write to ->poll_usage only once. - vfs: remove an always-taken if-branch in find_next_fd(). - dcache: use kmalloc_flex() for struct external_name in __d_alloc(). - namei: use QSTR() instead of QSTR_INIT() in path_pts(). - sync_file_range: delete dead S_ISLNK code. - Comment fixes: retire a stale comment in fget_task_next() and fix assorted spelling mistakes" * tag 'vfs-7.2-rc1.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: (73 commits) backing-file: fix backing_file_open() kerneldoc parameter iomap: pass the correct len to fserror_report_io in __iomap_write_begin vfs: add FS_USERNS_DELEGATABLE flag and set it for NFS filelock: fix break_lease() stub signature for CONFIG_FILE_LOCKING=n vfs: uapi: retire octal and hex numbers in favor of (1 << n) for O_ flags bpf: add bpf_real_inode() kfunc fs/read_write: Do not export __kernel_write() to the entire world libfs: drop redundant SB_I_NOEXEC/SB_I_NODEV in init_pseudo() callers libfs: set SB_I_NOEXEC and SB_I_NODEV by default in init_pseudo() mount: honour SB_NOUSER in the new mount API fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling selftests/pipe: add pipe_bench microbenchmark fs/pipe: pre-allocate pages outside pipe->mutex in anon_pipe_write fs: retire stale comment in fget_task_next() fs: fix spelling mistakes in comment bfs: replace get_zeroed_page() with kzalloc() binfmt_misc: replace __get_free_page() with kmalloc() configfs: replace __get_free_pages() with kzalloc() fs/namespace: use __getname() to allocate mntpath buffer fs/select: replace __get_free_page() with kmalloc() ...
2026-06-08rust: tests: add Kconfig for KUnit testYury Norov1-0/+2
There are 6 individual Rust KUnit test suites (plus the doctests one). All the tests are compiled unconditionally now, which adds ~200 kB to the kernel image for me on x86_64. As Rust matures, this bloating will inevitably grow. Add Kconfig.test which includes a RUST_KUNIT_TESTS menu, and all individual tests under it. As usual, new tests are all enabled if KUNIT_ALL_TESTS=y. Suggested-by: Alice Ryhl <aliceryhl@google.com> Signed-off-by: Yury Norov <ynorov@nvidia.com> Reviewed-by: David Gow <david@davidgow.net> Acked-by: Gary Guo <gary@garyguo.net> Link: https://patch.msgid.link/20260417031531.315281-3-ynorov@nvidia.com [ Fixed capitalization. Used singular for "API" for consistency. Reworded to clarify these are suites and that there exists the doctests one (which is the biggest at the moment by far). - Miguel ] Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
2026-06-03futex: Add robust futex unlock IP rangeThomas Gleixner1-0/+6
There will be a VDSO function to unlock robust futexes in user space. The unlock sequence is racy vs. clearing the list_pending_op pointer in the tasks robust list head. To plug this race the kernel needs to know the instruction window. As the VDSO is per MM the addresses are stored in mm_struct::futex. Architectures which implement support for this have to update these addresses when the VDSO is (re)mapped and indicate the pending op pointer size which is matching the IP. Arguably this could be resolved by chasing mm->context->vdso->image, but that's architecture specific and requires to touch quite some cache lines. Having it in mm::futex reduces the cache line impact and avoids having yet another set of architecture specific functionality. To support multi size robust list applications (gaming) this provides two ranges when COMPAT is enabled. Signed-off-by: Thomas Gleixner <tglx@kernel.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Reviewed-by: André Almeida <andrealmeid@igalia.com> Link: https://patch.msgid.link/20260602090535.718926819@kernel.org
2026-06-02sched: Add blocked_donor link to task for smarter mutex handoffsPeter Zijlstra1-0/+1
Add link to the task this task is proxying for, and use it so the mutex owner can do an intelligent hand-off of the mutex to the task that the owner is running on behalf. [jstultz: This patch was split out from larger proxy patch] Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by: Juri Lelli <juri.lelli@redhat.com> Signed-off-by: Valentin Schneider <valentin.schneider@arm.com> Signed-off-by: Connor O'Brien <connoro@google.com> Signed-off-by: John Stultz <jstultz@google.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Link: https://patch.msgid.link/20260512025635.2840817-8-jstultz@google.com
2026-05-28treewide: fix indentation and whitespace in Kconfig filesAnand Moon1-12/+12
Clean up inconsistent indentation (mixing tabs and spaces) and remove extraneous whitespace in several Kconfig files across the tree. This is a purely cosmetic change to improve readability. Adjust indentation from spaces to tab (+optional two spaces) as in coding style with command like: $ sed -e 's/^ /\t/' -i */Kconfig Link: https://lore.kernel.org/20260407053945.14116-1-linux.amoon@gmail.com Signed-off-by: Anand Moon <linux.amoon@gmail.com> Reviewed-by: Jan Kara <jack@suse.cz> [fs] Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com> [mm] Reviewed-by: Lorenzo Stoakes <ljs@kernel.org> [mm] Reviewed-by: Christian Brauner <brauner@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2026-05-27kbuild: Remove check for broken scoping with clang < 17 in ↵Nathan Chancellor1-3/+0
CC_HAS_ASM_GOTO_OUTPUT Now that the minimum supported version of LLVM for building the kernel has been raised to 17.0.1, the check added to CC_HAS_ASM_GOTO_OUTPUT by commit e2ffa15b9baa ("kbuild: Disable CC_HAS_ASM_GOTO_OUTPUT on clang < 17") can be removed, as the issue it detects is guaranteed to be fixed. Acked-by: Nicolas Schier <nsc@kernel.org> Link: https://patch.msgid.link/20260517-bump-minimum-supported-llvm-version-to-17-v2-14-b3b8cda46bdd@kernel.org Signed-off-by: Nathan Chancellor <nathan@kernel.org>
2026-05-27init/initramfs_test: wait_for_initramfs() before runningJia He1-1/+16
initramfs_test_extract() and friends call unpack_to_rootfs() from a kunit kthread while do_populate_rootfs() may still be running asynchronously from rootfs_initcall. unpack_to_rootfs() keeps its parser state in module-static variables (victim, byte_count, state, this_header, header_buf, name_buf, ...), so the two writers corrupt each other. On arm64 v7.0-rc5+ this oopses early in boot: Unable to handle kernel paging request at virtual address ffff80018f9f0ffc pc : do_reset+0x3c/0x98 Call trace: do_reset initramfs_test_extract kunit_try_run_case Initramfs unpacking failed: junk within compressed archive do_reset() faults because 'victim' was overwritten by the boot-time unpacker; the boot unpacker meanwhile logs the bogus "junk within compressed archive" on the real initrd because the test wrecked its state machine. Add a .suite_init callback that calls wait_for_initramfs() so the async unpack is quiescent before the first case runs. suite_init runs once per suite rather than before every individual test case. Fixes: 83c0b27266ec ("initramfs_test: kunit tests for initramfs unpacking") Signed-off-by: Jia He <justin.he@arm.com> Link: https://patch.msgid.link/20260519093937.1064628-1-justin.he@arm.com Reviewed-by: David Disseldorp <ddiss@suse.de> Signed-off-by: Christian Brauner (Amutable) <brauner@kernel.org>
2026-05-27rust: kasan: add support for Software Tag-Based KASANAlice Ryhl1-1/+1
This adds support for Software Tag-Based KASAN (KASAN_SW_TAGS) when CONFIG_RUST is enabled. This requires that rustc includes support for the kernel-hwaddress sanitizer, which is available since 1.96.0 [1]. Unlike with clang, we need to pass -Zsanitizer-recover in addition to -Zsanitizer because the option is not implied automatically. The kasan makefile uses different names for the flags depending on whether CC is clang or gcc, but as we require that CC is clang when using KASAN, we do not need to try to handle mixed gcc/llvm builds when Rust is enabled. Link: https://github.com/rust-lang/rust/pull/153049 [1] Reviewed-by: Danilo Krummrich <dakr@kernel.org> Signed-off-by: Alice Ryhl <aliceryhl@google.com> Reviewed-by: Gary Guo <gary@garyguo.net> Link: https://patch.msgid.link/20260408-kasan-rust-sw-tags-v3-2-e07964d14363@google.com Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
2026-05-27rust: kasan: KASAN+RUST requires clangAlice Ryhl1-0/+1
Kernel KASAN involves passing various llvm/gcc specific arguments to the C and Rust compiler. Since these arguments differ between llvm and gcc, it's not safe to mix an llvm-based rustc with a gcc build when kasan is enabled. Signed-off-by: Alice Ryhl <aliceryhl@google.com> Reviewed-by: Gary Guo <gary@garyguo.net> Cc: stable@vger.kernel.org Fixes: e3117404b411 ("kbuild: rust: Enable KASAN support") Link: https://patch.msgid.link/20260408-kasan-rust-sw-tags-v3-1-e07964d14363@google.com Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
2026-05-26exec_state: relocate dumpable informationChristian Brauner (Amutable)1-0/+10
The dumpable flag captured at execve() is consulted by __ptrace_may_access() and several /proc owner / visibility checks. It lives on mm_struct today, which exit_mm() clears from the task long before the task itself is reaped. exec_state is anchored to the execve() that established the current privilege domain. CLONE_VM siblings refcount-share the parent's exec_state via copy_exec_state(); non-CLONE_VM clones allocate a fresh exec_state inheriting the parent's dumpable mode and user_ns reference via task_exec_state_copy(). execve() allocates a fresh instance (via alloc_task_exec_state() in begin_new_exec()) and installs it under task_lock + exec_update_lock with task_exec_state_replace(). init_task uses a static instance. The dumpable mode now lives on task->exec_state->dumpable. task->mm->flags no longer carries dumpability; MMF_DUMPABLE_MASK is removed, but MMF_DUMPABLE_BITS is reserved so MMF_DUMP_FILTER_* bit positions remain stable for the /proc/<pid>/coredump_filter ABI. The task->user_dumpable cache bit and its assignment in exit_mm() are removed; readers go through get_dumpable(task) directly. coredump_params gains a snapshot field cprm.dumpable, populated from get_dumpable(current) at vfs_coredump() entry, replacing the previous __get_dumpable(cprm->mm_flags) consumers in fs/coredump.c and fs/pidfs.c. The user namespace recorded at execve() is consulted by __ptrace_may_access() and by /proc/PID/* owner derivation. Move the captured user_ns onto task_exec_state, which stays attached to the task past exit_mm() and across exit_files(). bprm grows a user_ns field staged in bprm_mm_init() with the caller's user_ns, narrowed by would_dump() to the closest privileged ancestor, and consumed by exec_mmap() via alloc_task_exec_state(bprm->user_ns). free_bprm() releases the staging reference. mm_struct loses ->user_ns entirely. Initializers in init-mm, efi_mm, and the implicit one in mm_init()/dup_mm()/mm_alloc() are removed; __mmdrop() drops the matching put_user_ns(). The kthread_use_mm() WARN_ON_ONCE(!mm->user_ns) is no longer meaningful and goes too. Reviewed-by: Jann Horn <jannh@google.com> Link: https://patch.msgid.link/20260520-work-task_exec_state-v3-4-69f895bc1385@kernel.org Signed-off-by: Christian Brauner (Amutable) <brauner@kernel.org>
2026-05-22init: do_mounts: use kmalloc() for allocations of temporary buffersMike Rapoport (Microsoft)1-11/+10
Several places in init/do_mounts.c allocate temporary buffers for filesystem names or options using __get_free_page() or alloc_page(). Usage of alloc_page() APIs is not required there and only creates unnecessary noise with castings or conversion from struct page to void *. kmalloc() is a better API for these uses and it also provides better scalability and more debugging possibilities. Replace use of __get_free_page() and alloc_page() with kmalloc(). While on it, add a check for -ENOMEM condition in mount_root_generic(). Link: https://lore.kernel.org/all/635405e4-9423-4a25-a6e7-e03c8ea0bcbe@redhat.com Signed-off-by: Mike Rapoport (Microsoft) <rppt@kernel.org> Link: https://patch.msgid.link/20260520-init-v1-1-aaf2ebac5ad9@kernel.org Reviewed-by: David Disseldorp <ddiss@suse.de> Reviewed-by: SeongJae Park <sj@kernel.org> Signed-off-by: Christian Brauner (Amutable) <brauner@kernel.org>
2026-05-21initramfs: Refactor to use hex2bin() instead of custom approachAndy Shevchenko2-38/+30
There is a simple_strntoul() function used solely as a shortcut for hex2bin() with proper endianess conversions. Replace that and drop the unneeded function in the next changes. This implementation will abort if we fail to parse the cpio header, instead of using potentially bogus header values. Co-developed-by: David Disseldorp <ddiss@suse.de> Signed-off-by: David Disseldorp <ddiss@suse.de> Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Link: https://patch.msgid.link/20260331070519.5974-5-ddiss@suse.de Reviewed-by: Petr Mladek <pmladek@suse.com> Signed-off-by: Christian Brauner <brauner@kernel.org>
2026-05-21initramfs: Sort headers alphabeticallyAndy Shevchenko1-12/+12
Sorting headers alphabetically helps locating duplicates, and makes it easier to figure out where to insert new headers. Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Link: https://patch.msgid.link/20260331070519.5974-4-ddiss@suse.de Reviewed-by: David Disseldorp <ddiss@suse.de> Reviewed-by: Petr Mladek <pmladek@suse.com> Signed-off-by: Christian Brauner <brauner@kernel.org>
2026-05-21initramfs_test: test header fields with 0x hex prefixDavid Disseldorp1-2/+58
cpio header fields are 8-byte hex strings, but one "interesting" side-effect of our historic simple_str[n]toul() use means that a "0x" (or "0X") prefixed header field will be successfully processed when coupled alongside a 6-byte hex remainder string. "0x" prefix support is contrary to the initramfs specification at Documentation/driver-api/early-userspace/buffer-format.rst which states: The structure of the cpio_header is as follows (all fields contain hexadecimal ASCII numbers fully padded with '0' on the left to the full width of the field, for example, the integer 4780 is represented by the ASCII string "000012ac"): Test for this corner case by injecting "0x" prefixes into the uid, gid and namesize cpio header fields. Confirm that init_stat() returns matching uid and gid values. This test can be modified in future to expect unpack_to_rootfs() failure when header validation is changed to properly follow the specification. Add some missing struct kstat initializations to account for possible init_stat() failures. Signed-off-by: David Disseldorp <ddiss@suse.de> Link: https://patch.msgid.link/20260331070519.5974-3-ddiss@suse.de Reviewed-by: Petr Mladek <pmladek@suse.com> Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by: Christian Brauner <brauner@kernel.org>
2026-05-21initramfs_test: add fill_cpio() inject_ox parameterDavid Disseldorp1-13/+23
fill_cpio() uses sprintf() to write out the in-memory cpio archive from an array of struct initramfs_test_cpio. This change allows callers to modify the cpio sprintf() format string so that future tests can intentionally corrupt the header with "0x" and "0X" prefixed fields. Signed-off-by: David Disseldorp <ddiss@suse.de> Link: https://patch.msgid.link/20260331070519.5974-2-ddiss@suse.de Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Reviewed-by: Petr Mladek <pmladek@suse.com> Signed-off-by: Christian Brauner <brauner@kernel.org>
2026-05-19Merge branch 'sched/cache'Peter Zijlstra2-0/+15
Merge the cache aware balancer topic branch. # Conflicts: # kernel/sched/topology.c
2026-05-18sched/cache: Fix unpaired account_llc_enqueue/dequeueChen Yu1-0/+1
There is a race condition that, after a task is enqueued on a runqueue, task_llc(p) may change due to CPU hotplug, because the llc_id is dynamically allocated and adjusted at runtime. Therefore, checking task_llc(p) to determine whether the task is being dequeued from its preferred LLC is unreliable and can cause inconsistent values. To fix this problem, record whether p is enqueued on its preferred LLC, in order to pair with account_llc_dequeue() to maintain a consistent nr_pref_llc_running per runqueue. This bug was reported by sashiko, and the solution was once suggested by Prateek. Fixes: 46afe3af7ead ("sched/cache: Track LLC-preferred tasks per runqueue") Suggested-by: K Prateek Nayak <kprateek.nayak@amd.com> Signed-off-by: Chen Yu <yu.c.chen@intel.com> Co-developed-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Link: https://patch.msgid.link/0c8c6a1571d66792a4d2ff0103ba3cc13e059046.1778703694.git.tim.c.chen@linux.intel.com
2026-05-14slab: support for compiler-assisted type-based slab cache partitioningMarco Elver1-0/+3
Rework the general infrastructure around RANDOM_KMALLOC_CACHES into more flexible KMALLOC_PARTITION_CACHES, with the former being a partitioning mode of the latter. Introduce a new mode, KMALLOC_PARTITION_TYPED, which leverages a feature available in Clang 22 and later, called "allocation tokens" via __builtin_infer_alloc_token() [1]. Unlike KMALLOC_PARTITION_RANDOM (formerly RANDOM_KMALLOC_CACHES), this mode deterministically assigns a slab cache to an allocation of type T, regardless of allocation site. The builtin __builtin_infer_alloc_token(<malloc-args>, ...) instructs the compiler to infer an allocation type from arguments commonly passed to memory-allocating functions and returns a type-derived token ID. The implementation passes kmalloc-args to the builtin: the compiler performs best-effort type inference, and then recognizes common patterns such as `kmalloc(sizeof(T), ...)`, `kmalloc(sizeof(T) * n, ...)`, but also `(T *)kmalloc(...)`. Where the compiler fails to infer a type the fallback token (default: 0) is chosen. Note: kmalloc_obj(..) APIs fix the pattern how size and result type are expressed, and therefore ensures there's not much drift in which patterns the compiler needs to recognize. Specifically, kmalloc_obj() and friends expand to `(TYPE *)KMALLOC(__obj_size, GFP)`, which the compiler recognizes via the cast to TYPE*. Clang's default token ID calculation is described as [1]: typehashpointersplit: This mode assigns a token ID based on the hash of the allocated type's name, where the top half ID-space is reserved for types that contain pointers and the bottom half for types that do not contain pointers. Separating pointer-containing objects from pointerless objects and data allocations can help mitigate certain classes of memory corruption exploits [2]: attackers who gains a buffer overflow on a primitive buffer cannot use it to directly corrupt pointers or other critical metadata in an object residing in a different, isolated heap region. It is important to note that heap isolation strategies offer a best-effort approach, and do not provide a 100% security guarantee, albeit achievable at relatively low performance cost. Note that this also does not prevent cross-cache attacks: while waiting for future features like SLAB_VIRTUAL [3] to provide physical page isolation, this feature should be deployed alongside SHUFFLE_PAGE_ALLOCATOR and init_on_free=1 to mitigate cross-cache attacks and page-reuse attacks as much as possible today. With all that, my kernel (x86 defconfig) shows me a histogram of slab cache object distribution per /proc/slabinfo (after boot): <slab cache> <objs> <hist> kmalloc-part-15 1465 ++++++++++++++ kmalloc-part-14 2988 +++++++++++++++++++++++++++++ kmalloc-part-13 1656 ++++++++++++++++ kmalloc-part-12 1045 ++++++++++ kmalloc-part-11 1697 ++++++++++++++++ kmalloc-part-10 1489 ++++++++++++++ kmalloc-part-09 965 +++++++++ kmalloc-part-08 710 +++++++ kmalloc-part-07 100 + kmalloc-part-06 217 ++ kmalloc-part-05 105 + kmalloc-part-04 4047 ++++++++++++++++++++++++++++++++++++++++ kmalloc-part-03 183 + kmalloc-part-02 283 ++ kmalloc-part-01 316 +++ kmalloc 1422 ++++++++++++++ The above /proc/slabinfo snapshot shows me there are 6673 allocated objects (slabs 00 - 07) that the compiler claims contain no pointers or it was unable to infer the type of, and 12015 objects that contain pointers (slabs 08 - 15). On a whole, this looks relatively sane. Additionally, when I compile my kernel with -Rpass=alloc-token, which provides diagnostics where (after dead-code elimination) type inference failed, I see 186 allocation sites where the compiler failed to identify a type (down from 966 when I sent the RFC [4]). Some initial review confirms these a