Andi Kleen [Thu, 21 Jan 2010 22:17:12 +0000 (23:17 +0100)]
x86, mce: Xeon75xx specific interface to get corrected memory error information
commit
c773f70fd6b53ee646727f871833e53649907264 upstream (linux-2.6-tip)
Xeon 75xx doesn't log physical addresses on corrected machine check
events in the standard architectural MSRs. Instead the address has to
be retrieved in a model specific way. This makes it impossible to do
predictive failure analysis.
Implement cpu model specific code to do this in mce-xeon75xx.c using a
new hook that is called from the generic poll code. The code retrieves
the physical address/DIMM of the last corrected error from the
platform and makes the address look like a standard architectural MCA
address for further processing.
In addition the DIMM information is retrieved and put into two new
aux0/aux1 fields in struct mce. These fields are specific to a given
CPU. These fields can then be decoded by mcelog into specific DIMM
information. The latest mcelog version has support for this.
Longer term this will be likely in a different output format, but
short term that seemed like the least intrusive solution. Older mcelog
can deal with an extended record.
There's no code to print this information on a panic because this only
works for corrected errors, and corrected errors do not usually result
in panics.
The act of retrieving the DIMM/PA information can take some time, so
this code has a rate limit to avoid taking too much CPU time on a
error flood.
The whole thing can be loaded as a module and has suitable PCI-IDs so
that it can be auto-loaded by a distribution. The code also checks
explicitely for the expected CPU model number to make sure this code
doesn't run anywhere else.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
LKML-Reference: <
20100121221711.GA8242@basil.fritz.box>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Eric Miao [Mon, 25 Jan 2010 13:52:37 +0000 (21:52 +0800)]
UBUNTU: (no-up) arm -- enable ubuntu/ directory
Signed-off-by: Eric Miao <eric.miao@canonical.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Eric Miao [Wed, 27 Jan 2010 04:02:24 +0000 (04:02 +0000)]
UBUNTU: SAUCE: (no-up) Make CONFIG_{OMNIBOOK, AVERATEC_5100P, PACKARDBELL_E5} depend on X86
There options are really X86 specific, and the source won't compile on
ARM platforms. Make them depend on X86 and less confusing when syncing
config options to ARM.
Signed-off-by: Eric Miao <eric.miao@canonical.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Andy Whitcroft [Thu, 24 Dec 2009 02:09:03 +0000 (02:09 +0000)]
UBUNTU: SAUCE: acpi battery -- move first lookup asynchronous
BugLink: http://bugs.launchpad.net/bugs/507211
When instantiating the battery object on to the acpi bus in the kernel
we talk to the BIOS to get the current battery state. This can take
a long time and holds the acpi bus object locked for the duration.
This leads to any other object wishing to add itself that bus blocking.
This leads to unpredicatable delays of up to .3s when initialising the
hpet during boot depending on execution order. Make the first update of
the battery asynchronous. Move the acpi bus handling back synchronous.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Andy Whitcroft [Wed, 23 Dec 2009 16:43:07 +0000 (16:43 +0000)]
UBUNTU: SAUCE: async_populate_rootfs: move rootfs init earlier
Check to see if the machine has more than one active CPU, if it does
then it is worth starting the decode of the rootfs earlier.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Manoj Iyer [Thu, 10 Dec 2009 18:13:15 +0000 (12:13 -0600)]
UBUNTU: ubuntu: omnibook -- Added missing BOM file
Forgot to add BOM file when I added omnibook module to ubuntu/
this patch adds it.
Signed-off-by: Manoj Iyer <manoj.iyer@canonical.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Tim Gardner [Mon, 14 Dec 2009 23:17:34 +0000 (16:17 -0700)]
UBUNTU: ubuntu: fsam7400 -- Cleanup Makefile
Ripped out the cruft from this Makefile so as not
to confuse folks.
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Manoj Iyer [Tue, 8 Dec 2009 03:20:32 +0000 (21:20 -0600)]
UBUNTU: ubuntu: omnibook -- support Toshiba (HP) netbooks
ExternalDriver: omnibook
Description: driver for HP & Toshiba laptops
Url: https://omnibook.svn.sourceforge.net/svnroot/omnibook/omnibook/trunk
Mask:
Version: 2.
20070211
Signed-off-by: Manoj Iyer <manoj.iyer@canonical.com>
Manoj Iyer [Wed, 9 Dec 2009 17:54:32 +0000 (17:54 +0000)]
UBUNTU: UBUNTU: ubuntu: fsam7400 -- kill switch for Fujitsu Siemens Amilo M 7400
ExternalDriver: fsam7400
Description: SW RF kill switch for Fujitsu Siemens Amilo M7400/Maxdata
7000DX and compatible hardware.
Url: http://www.iragan.com/linux/fsam7400/
Mask:
Version: 0.5.2
Signed-off-by: Manoj Iyer <manoj.iyer@canonical.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Andy Whitcroft [Wed, 2 Dec 2009 14:41:53 +0000 (14:41 +0000)]
UBUNTU: SAUCE: isapnp_init: make isa PNP scans occur async
The results of scanning for devices is to trigger udev events therefore
we can push this processing async.
This reduces kernel initialisation time (the time from bootloader to
starting userspace) by several 10ths of a second x86 32bit systems.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Surbhi Palande [Tue, 8 Dec 2009 09:44:34 +0000 (11:44 +0200)]
UBUNTU: SAUCE: Make populate_rootfs asynchronous
The expansion of the initramfs is completely independant of other
boot activities. The original data is already present at boot and the
filesystem is not required until we are ready to start init. It is
therefore reasonable to populate the rootfs asynchronously. Move this
processing to an async call.
This reduces kernel initialisation time (the time from bootloader to
starting userspace) by several 10ths of a second on a selection of test
hardware particularly SMP systems, although UP system also benefit.
Signed-off-by: Surbhi Palande <surbhi.palande@canonical.com>
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Andy Whitcroft [Mon, 9 Nov 2009 17:30:29 +0000 (17:30 +0000)]
UBUNTU: SAUCE: (no-up) set /proc/acpi/video/*/DOS to 4 by default
BugLink: http://bugs.launchpad.net/bugs/458982
acpi_video_bus_start_devices() in drivers/acpi/video.c sets the default
ACPI DOS value to 0, which lets the OS handle toggling of display output
but still leaves the BIOS handling brightness levels automatically when
connecting/disconnecting AC.
We want the OS to handle both where possible, so a better default would
be to set this to 4.
This likely will regress systems using proprietary video drivers which
will need to change this setting back using the sysfs interfaces.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Scott James Remnant [Tue, 27 Oct 2009 10:05:32 +0000 (10:05 +0000)]
UBUNTU: SAUCE: (no-up) trace: add trace events for open(), exec() and uselib()
BugLink: http://bugs.launchpad.net/bugs/462111
This patch uses TRACE_EVENT to add tracepoints for the open(),
exec() and uselib() syscalls so that ureadahead can cheaply trace
the boot sequence to determine what to read to speed up the next.
It's not upstream because it will need to be rebased onto the syscall
trace events whenever that gets merged, and is a stop-gap.
Signed-off-by: Scott James Remnant <scott@ubuntu.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Andy Whitcroft <andy.whitcroft@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Tim Gardner [Thu, 8 Oct 2009 17:42:36 +0000 (11:42 -0600)]
UBUNTU: SAUCE: (no-up) raise the default console 'quiet' level to 2
In the interests of providing a clean boot experience, i.e., a blank screen
before X starts, supress noisy driver messages.
See https://lists.ubuntu.com/archives/kernel-team/2009-October/007476.html
for the original diatribe.
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Andy Whitcroft [Tue, 6 Oct 2009 08:33:30 +0000 (09:33 +0100)]
UBUNTU: ubuntu: dm-raid-45 -- update to compile with 2.6.32
This commit changed bio_barrier() to direct flag accessors,
convert dm-raid-4-5 to match:
commit
1f98a13f623e0ef666690a18c1250335fc6d7ef1
Author: Jens Axboe <jens.axboe@oracle.com>
Date: Fri Sep 11 14:32:04 2009 +0200
bio: first step in sanitizing the bio->bi_rw flag testing
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Andy Whitcroft [Fri, 26 Jun 2009 09:59:30 +0000 (10:59 +0100)]
UBUNTU: SAUCE: (no-up) disable adding scsi headers to linux-libc-dev
Currently scsi headers are generated by the kernel and by libc6-dev.
We need to coordinate any switch over to the kernel. Temporarily disabled
these headers in the kernel package.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Tim Gardner [Tue, 21 Apr 2009 17:09:10 +0000 (11:09 -0600)]
UBUNTU: SAUCE: (no-up) Sony laptop: Some Sony Vaia laptops do not enable wwan power by default.
Bug: https://bugs.launchpad.net/bugs/364678
Added quirk to enable wwan power based on DMI information already present in the module.
Ity appears that Vaio's do not enable power to wwan from a cold boot.
We'll carry this patch indefinitely.
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Andy Whitcroft [Mon, 23 Feb 2009 18:23:53 +0000 (18:23 +0000)]
UBUNTU: SAUCE: hotkey quirks for various Zeptro Znote and Fujitsu Amilo laptops
OriginalAuthor: Marius Wenderoth <scale87>
Bug: #330259
Add model specific quirks for the hotkeys for the laptops below:
Zepto Znote 6615WD
Zepto Znote 6625WD
FUJITSU SIEMENS AMILO Xi 2428
In each case the volume keys and the mute key do not correctly produce
key release events. Quirk these to force a key release. (Patch modified
to compile with 2.6.30)
[apw@canonical.com: Track the consolidation of release quirks in the
commit below:
commit
000c2a35b8b0485f5a872c24c4f2d0d6579951c1
Author: Herton Ronaldo Krzesinski <herton@mandriva.com.br>
Date: Fri Oct 16 16:13:59 2009 -0700
Input: atkbd - consolidate force release quirks for volume keys
]
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Scott James Remnant [Mon, 16 Mar 2009 15:03:07 +0000 (15:03 +0000)]
UBUNTU: SAUCE: (no-up) nbd: Change default partitions per device to 15
This was previously changed by using an "options" line in a modprobe.d
file, however that practice is now deprecated. This is because module
names, option names, their values and even their current defaults can
all change inside the kernel and module-init-tools has never been kept
in sync.
In addition, changing the kernel means that the option change will apply
if the module is built in by users or the OEM team.
Bug: #342563
Signed-off-by: Scott James Remnant <scott@canonical.com>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Tim Gardner [Sun, 15 Mar 2009 19:38:17 +0000 (13:38 -0600)]
UBUNTU: SAUCE: (no-up) swap: Add notify_swap_entry_free callback for compcache
Code is required for ubuntu/compcache
Signed-off-by: Ben Collins <ben.collins@canonical.com>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Scott James Remnant [Tue, 3 Mar 2009 14:24:52 +0000 (14:24 +0000)]
UBUNTU: SAUCE: (no-up) hostap: Change initial operation mode to managed (infra)
This was previously changed by using an "options" line in a modprobe.d
file, however that practice is now deprecated. This is because module
names, option names, their values and even their current defaults can
all change inside the kernel and module-init-tools has never been kept
in sync.
In addition, changing the kernel means that the option change will apply
if the module is built in by users or the OEM team.
Signed-off-by: Scott James Remnant <scott@canonical.com>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Andy Whitcroft [Thu, 27 Nov 2008 19:12:07 +0000 (19:12 +0000)]
UBUNTU: SAUCE: (no-up) version: Implement version_signature proc file.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Acked-by: Tim Gardener <tim.gardner@canonical.com>
Ben Collins [Tue, 14 Oct 2008 15:30:10 +0000 (11:30 -0400)]
UBUNTU: SAUCE: (no-up) Modularize vesafb
Signed-off-by: Ben Collins <ben.collins@canonical.com>
Ben Collins [Fri, 18 Jul 2008 15:42:11 +0000 (11:42 -0400)]
UBUNTU: ubuntu: rfkill drivers -- version 1.3
Version: 1.3
Signed-off-by: Ben Collins <ben.collins@canonical.com>
Andy Whitcroft [Mon, 29 Jun 2009 10:36:42 +0000 (11:36 +0100)]
UBUNTU: ubuntu: ndiswrapper -- version 1.55
ExternalDriver: ndiswrapper
Description: Windows network driver wrapper
Url: http://sourceforge.net/project/showfiles.php?group_id=93482
Version: 1.55
Update ndiswrapper to the latest version (v1.55) from sourceforge,
and renable.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Manoj Iyer [Wed, 1 Jul 2009 22:51:07 +0000 (17:51 -0500)]
UBUNTU: ubuntu: dm-raid45 -- version 2009.04.24 (2.6.30-rc3)
ExternalDriver: dm-raid45
Description: This software extends device-mapper by RAID4 and RAID5 mappings.
Url: http://people.redhat.com/~heinzm/sw/dm/dm-raid45/
Version: 2009.04.24 (2.6.30-rc3)
Signed-off-by: Manoj Iyer <manoj.iyer@canonical.com>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Stefan Bader [Thu, 14 Feb 2008 14:55:49 +0000 (09:55 -0500)]
UBUNTU: ubuntu: dm-raid4-5 -- (no-up) Export dm_disk function of device-mapper
This function is externally used by the dm-raid4-5 module.
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Ben Collins <ben.collins@canonical.com>
Leann Ogasawara [Sat, 13 Mar 2010 01:13:25 +0000 (17:13 -0800)]
UBUNTU: (no-up) fold down debian for ubuntu-oneiric v3.1-rc1 rebase
Ignore: yes
Signed-off-by: Leann Ogasawara <leann.ogasawara@canonical.com>
Leann Ogasawara [Thu, 1 Mar 2012 16:12:10 +0000 (08:12 -0800)]
Revert "ALSA: hda - Fix redundant jack creations for cx5051"
This reverts commit
2a8e5e8a2df18812c60720fa0534c29c9f1c17b6.
We're carrying the re-designed jack layer from v3.3, so this patch is
not needed.
Signed-off-by: Leann Ogasawara <leann.ogasawara@canonical.com>
Greg Kroah-Hartman [Mon, 2 Apr 2012 16:53:31 +0000 (09:53 -0700)]
Linux 3.2.14
Matthew Garrett [Tue, 27 Mar 2012 14:17:41 +0000 (10:17 -0400)]
ASPM: Fix pcie devices with non-pcie children
commit
c9651e70ad0aa499814817cbf3cc1d0b806ed3a1 upstream.
Since 3.2.12 and 3.3, some systems are failing to boot with a BUG_ON.
Some other systems using the pata_jmicron driver fail to boot because no
disks are detected. Passing pcie_aspm=force on the kernel command line
works around it.
The cause: commit
4949be16822e ("PCI: ignore pre-1.1 ASPM quirking when
ASPM is disabled") changed the behaviour of pcie_aspm_sanity_check() to
always return 0 if aspm is disabled, in order to avoid cases where we
changed ASPM state on pre-PCIe 1.1 devices.
This skipped the secondary function of pcie_aspm_sanity_check which was
to avoid us enabling ASPM on devices that had non-PCIe children, causing
trouble later on. Move the aspm_disabled check so we continue to honour
that scenario.
Addresses https://bugzilla.kernel.org/show_bug.cgi?id=42979 and
http://bugs.debian.org/665420
Reported-by: Romain Francoise <romain@orebokech.com> # kernel panic
Reported-by: Chris Holland <bandidoirlandes@gmail.com> # disk detection trouble
Signed-off-by: Matthew Garrett <mjg@redhat.com>
Tested-by: Hatem Masmoudi <hatem.masmoudi@gmail.com> # Dell Latitude E5520
Tested-by: janek <jan0x6c@gmail.com> # pata_jmicron with JMB362/JMB363
[jn: with more symptoms in log message]
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Yoshii Takashi [Wed, 14 Mar 2012 07:14:43 +0000 (16:14 +0900)]
serial: sh-sci: fix a race of DMA submit_tx on transfer
commit
49d4bcaddca977fffdea8b0b71f6e5da96dac78e upstream.
When DMA is enabled, sh-sci transfer begins with
uart_start()
sci_start_tx()
if (cookie_tx < 0) schedule_work()
Then, starts DMA when wq scheduled, -- (A)
process_one_work()
work_fn_rx()
cookie_tx = desc->submit_tx()
And finishes when DMA transfer ends, -- (B)
sci_dma_tx_complete()
async_tx_ack()
cookie_tx = -EINVAL
(possible another schedule_work())
This A to B sequence is not reentrant, since controlling variables
(for example, cookie_tx above) are not queues nor lists. So, they
must be invoked as A B A B..., otherwise results in kernel crash.
To ensure the sequence, sci_start_tx() seems to test if cookie_tx < 0
(represents "not used") to call schedule_work().
But cookie_tx will not be set (to a cookie, also means "used") until
in the middle of work queue scheduled function work_fn_tx().
This gap between the test and set allows the breakage of the sequence
under the very frequently call of uart_start().
Another gap between async_tx_ack() and another schedule_work() results
in the same issue, too.
This patch introduces a new condition "cookie_tx == 0" just to mark
it is "busy" and assign it within spin-locked region to fill the gaps.
Signed-off-by: Takashi Yoshii <takashi.yoshii.zj@renesas.com>
Reviewed-by: Guennadi Liakhovetski <g.liakhovetski@gmx.de>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Dan Carpenter [Wed, 18 Jan 2012 09:56:02 +0000 (12:56 +0300)]
nfsd: don't allow zero length strings in cache_parse()
commit
6d8d17499810479eabd10731179c04b2ca22152f upstream.
There is no point in passing a zero length string here and quite a
few of that cache_parse() implementations will Oops if count is
zero.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
John Stultz [Wed, 7 Mar 2012 01:16:09 +0000 (17:16 -0800)]
rtc: Provide flag for rtc devices that don't support UIE
commit
4a649903f91232d02284d53724b0a45728111767 upstream.
Richard Weinberger noticed that on some RTC hardware that
doesn't support UIE mode, due to coarse granular alarms
(like 1minute resolution), the current virtualized RTC
support doesn't properly error out when UIE is enabled.
Instead the current code queues an alarm for the next second,
but it won't fire until up to a miniute later.
This patch provides a generic way to flag this sort of hardware
and fixes the issue on the mpc5121 where Richard noticed the
problem.
Reported-by: Richard Weinberger <richard@nod.at>
Tested-by: Richard Weinberger <richard@nod.at>
Signed-off-by: John Stultz <john.stultz@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Chris Metcalf [Mon, 26 Mar 2012 20:26:12 +0000 (16:26 -0400)]
compat: use sys_sendfile64() implementation for sendfile syscall
commit
1631fcea8399da5e80a80084b3b8c5bfd99d21e7 upstream.
<asm-generic/unistd.h> was set up to use sys_sendfile() for the 32-bit
compat API instead of sys_sendfile64(), but in fact the right thing to
do is to use sys_sendfile64() in all cases. The 32-bit sendfile64() API
in glibc uses the sendfile64 syscall, so it has to be capable of doing
full 64-bit operations. But the sys_sendfile() kernel implementation
has a MAX_NON_LFS test in it which explicitly limits the offset to 2^32.
So, we need to use the sys_sendfile64() implementation in the kernel
for this case.
Acked-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Dan Carpenter [Sat, 24 Mar 2012 07:52:50 +0000 (10:52 +0300)]
x86, tls: Off by one limit check
commit
8f0750f19789cf352d7e24a6cc50f2ab1b4f1372 upstream.
These are used as offsets into an array of GDT_ENTRY_TLS_ENTRIES members
so GDT_ENTRY_TLS_ENTRIES is one past the end of the array.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Link: http://lkml.kernel.org/r/
20120324075250.GA28258@elgon.mountain
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Alok Kataria [Wed, 22 Feb 2012 02:19:55 +0000 (18:19 -0800)]
x86, tsc: Skip refined tsc calibration on systems with reliable TSC
commit
57779dc2b3b75bee05ef5d1ada47f615f7a13932 upstream.
While running the latest Linux as guest under VMware in highly
over-committed situations, we have seen cases when the refined TSC
algorithm fails to get a valid tsc_start value in
tsc_refine_calibration_work from multiple attempts. As a result the
kernel keeps on scheduling the tsc_irqwork task for later. Subsequently
after several attempts when it gets a valid start value it goes through
the refined calibration and either bails out or uses the new results.
Given that the kernel originally read the TSC frequency from the
platform, which is the best it can get, I don't think there is much
value in refining it.
So for systems which get the TSC frequency from the platform we
should skip the refined tsc algorithm.
We can use the TSC_RELIABLE cpu cap flag to detect this, right now it is
set only on VMware and for Moorestown Penwell both of which have there
own TSC calibration methods.
Signed-off-by: Alok N Kataria <akataria@vmware.com>
Cc: John Stultz <johnstul@us.ibm.com>
Cc: Dirk Brandewie <dirk.brandewie@gmail.com>
Cc: Alan Cox <alan@linux.intel.com>
[jstultz: Reworked to simply not schedule the refining work,
rather then scheduling the work and bombing out later]
Signed-off-by: John Stultz <john.stultz@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
NeilBrown [Tue, 7 Feb 2012 04:35:42 +0000 (15:35 +1100)]
lockd: fix arg parsing for grace_period and timeout.
commit
de5b8e8e047534aac6bc9803f96e7257436aef9c upstream.
If you try to set grace_period or timeout via a module parameter
to lockd, and do this on a big-endian machine where
sizeof(int) != sizeof(unsigned long)
it won't work. This number given will be effectively shifted right
by the difference in those two sizes.
So cast kp->arg properly to get correct result.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Steffen Klassert [Wed, 21 Mar 2012 23:36:13 +0000 (23:36 +0000)]
xfrm: Access the replay notify functions via the registered callbacks
[ Upstream commit
1265fd616782ef03b98fd19f65c2b47fcd4ea11f ]
We call the wrong replay notify function when we use ESN replay
handling. This leads to the fact that we don't send notifications
if we use ESN. Fix this by calling the registered callbacks instead
of xfrm_replay_notify().
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
stephen hemminger [Wed, 21 Mar 2012 05:32:05 +0000 (05:32 +0000)]
sky2: override for PCI legacy power management
[ Upstream commit
5676cc7bfe1e388e87843f71daa229610385b41e ]
Some BIOS's don't setup power management correctly (what else is
new) and don't allow use of PCI Express power control. Add a special
exception module parameter to allow working around this issue.
Based on slightly different patch by Knut Petersen.
Reported-by: Arkadiusz Miskiewicz <arekm@maven.pl>
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Dave Jones [Mon, 19 Mar 2012 13:01:07 +0000 (13:01 +0000)]
Remove printk from rds_sendmsg
[ Upstream commit
a6506e1486181975d318344143aca722b2b91621 ]
no socket layer outputs a message for this error and neither should rds.
Signed-off-by: Dave Jones <davej@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Eric Dumazet [Wed, 21 Mar 2012 06:58:03 +0000 (06:58 +0000)]
net: fix napi_reuse_skb() skb reserve
[ Upstream commit
2a2a459eeeff48640dc557548ce576d666ab06ed ]
napi->skb is allocated in napi_get_frags() using
netdev_alloc_skb_ip_align(), with a reserve of NET_SKB_PAD +
NET_IP_ALIGN bytes.
However, when such skb is recycled in napi_reuse_skb(), it ends with a
reserve of NET_IP_ALIGN which is suboptimal.
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Eric Dumazet [Tue, 27 Mar 2012 09:53:52 +0000 (09:53 +0000)]
net: fix a potential rcu_read_lock() imbalance in rt6_fill_node()
[ Upstream commit
94f826b8076e2cb92242061e92f21b5baa3eccc2 ]
Commit
f2c31e32b378 (net: fix NULL dereferences in check_peer_redir() )
added a regression in rt6_fill_node(), leading to rcu_read_lock()
imbalance.
Thats because NLA_PUT() can make a jump to nla_put_failure label.
Fix this by using nla_put()
Many thanks to Ben Greear for his help
Reported-by: Ben Greear <greearb@candelatech.com>
Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Tested-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Eric Dumazet [Sun, 18 Mar 2012 02:40:48 +0000 (02:40 +0000)]
net: bpf_jit: fix BPF_S_LDX_B_MSH compilation
[ Upstream commit
dc72d99dabb870ca5bd6d9fff674be853bb4a88d ]
Matt Evans spotted that x86 bpf_jit was incorrectly handling negative
constant offsets in BPF_S_LDX_B_MSH instruction.
We need to abort JIT compilation like we do in common_load so that
filter uses the interpreter code and can call __load_pointer()
Reference: http://lists.openwall.net/netdev/2011/07/19/11
Thanks to Indan Zupancic to bring back this issue.
Reported-by: Matt Evans <matt@ozlabs.org>
Reported-by: Indan Zupancic <indan@nul.nu>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Gao feng [Mon, 19 Mar 2012 22:36:10 +0000 (22:36 +0000)]
ipv6: fix incorrent ipv6 ipsec packet fragment
[ Upstream commit
1f85851e17b64cabd089a8a8839dddebc627948c ]
Since commit
299b0767(ipv6: Fix IPsec slowpath fragmentation problem)
In func ip6_append_data,after call skb_put(skb, fraglen + dst_exthdrlen)
the skb->len contains dst_exthdrlen,and we don't reduce dst_exthdrlen at last
This will make fraggap>0 in next "while cycle",and cause the size of skb incorrent
Fix this by reserve headroom for dst_exthdrlen.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Benjamin LaHaise [Tue, 20 Mar 2012 03:57:54 +0000 (03:57 +0000)]
Fix pppol2tp getsockname()
[ Upstream commit
bbdb32cb5b73597386913d052165423b9d736145 ]
While testing L2TP functionality, I came across a bug in getsockname(). The
IP address returned within the pppol2tp_addr's addr memember was not being
set to the IP address in use. This bug is caused by using inet_sk() on the
wrong socket (the L2TP socket rather than the underlying UDP socket), and was
likely introduced during the addition of L2TPv3 support.
Signed-off-by: Benjamin LaHaise <bcrl@kvack.org>
Signed-off-by: James Chapman <jchapman@katalix.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Dave Airlie [Wed, 28 Mar 2012 09:48:49 +0000 (10:48 +0100)]
drm/i915: suspend fbdev device around suspend/hibernate
commit
3fa016a0b5c5237e9c387fc3249592b2cb5391c6 upstream.
Looking at hibernate overwriting I though it looked like a cursor,
so I tracked down this missing piece to stop the cursor blink
timer. I've no idea if this is sufficient to fix the hibernate
problems people are seeing, but please test it.
Both radeon and nouveau have done this for a long time.
I've run this personally all night hib/resume cycles with no fails.
Reviewed-by: Keith Packard <keithp@keithp.com>
Reported-by: Petr Tesarik <kernel@tesarici.cz>
Reported-by: Stanislaw Gruszka <sgruszka@redhat.com>
Reported-by: Lots of misc segfaults after hibernate across the world.
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=37142
Tested-by: Dave Airlie <airlied@redhat.com>
Tested-by: Bojan Smojver <bojan@rexursive.com>
Tested-by: Andreas Hartmann <andihartmann@01019freenet.de>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bing Zhao [Wed, 21 Dec 2011 02:19:00 +0000 (18:19 -0800)]
Bluetooth: btusb: fix bInterval for high/super speed isochronous endpoints
commit
fa0fb93f2ac308a76fa64eb57c18511dadf97089 upstream.
For high-speed/super-speed isochronous endpoints, the bInterval
value is used as exponent, 2^(bInterval-1). Luckily we have
usb_fill_int_urb() function that handles it correctly. So we just
call this function to fill in the RX URB.
Cc: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Bing Zhao <bzhao@marvell.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Sasha Levin [Tue, 31 Jan 2012 04:07:22 +0000 (23:07 -0500)]
module: Remove module size limit
commit
f946eeb9313ff1470758e171a60fe7438a2ded3f upstream.
Module size was limited to 64MB, this was legacy limitation due to vmalloc()
which was removed a while ago.
Limiting module size to 64MB is both pointless and affects real world use
cases.
Cc: Tim Abbott <tim.abbott@oracle.com>
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Trond Myklebust [Tue, 27 Mar 2012 22:22:19 +0000 (18:22 -0400)]
NFSv4.1: Fix layoutcommit error handling
commit
e59d27e05a6435f8c04d5ad843f37fa795f2eaaa upstream.
Firstly, task->tk_status will always return negative error values,
so the current tests for 'NFS4ERR_DELEG_REVOKED' etc. are all being
ignored.
Secondly, clean up the code so that we only need to test
task->tk_status once!
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Trond Myklebust [Tue, 27 Mar 2012 22:13:02 +0000 (18:13 -0400)]
NFSv4: Fix two infinite loops in the mount code
commit
05e9cfb408b24debb3a85fd98edbfd09dd148881 upstream.
We can currently loop forever in nfs4_lookup_root() and in
nfs41_proc_secinfo_no_name(), if the first iteration returns a
NFS4ERR_DELAY or something else that causes exception.retry to get
set.
Reported-by: Weston Andros Adamson <dros@netapp.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Christoph Lameter [Tue, 17 Jan 2012 15:27:31 +0000 (09:27 -0600)]
slub: Do not hold slub_lock when calling sysfs_slab_add()
commit
66c4c35c6bc5a1a452b024cf0364635b28fd94e4 upstream.
sysfs_slab_add() calls various sysfs functions that actually may
end up in userspace doing all sorts of things.
Release the slub_lock after adding the kmem_cache structure to the list.
At that point the address of the kmem_cache is not known so we are
guaranteed exlusive access to the following modifications to the
kmem_cache structure.
If the sysfs_slab_add fails then reacquire the slub_lock to
remove the kmem_cache structure from the list.
Reported-by: Sasha Levin <levinsasha928@gmail.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Christoph Lameter <cl@linux.com>
Signed-off-by: Pekka Enberg <penberg@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Jan Kara [Thu, 15 Mar 2012 09:34:02 +0000 (09:34 +0000)]
xfs: Fix oops on IO error during xlog_recover_process_iunlinks()
commit
d97d32edcd732110758799ae60af725e5110b3dc upstream.
When an IO error happens during inode deletion run from
xlog_recover_process_iunlinks() filesystem gets shutdown. Thus any subsequent
attempt to read buffers fails. Code in xlog_recover_process_iunlinks() does not
count with the fact that read of a buffer which was read a while ago can
really fail which results in the oops on
agi = XFS_BUF_TO_AGI(agibp);
Fix the problem by cleaning up the buffer handling in
xlog_recover_process_iunlinks() as suggested by Dave Chinner. We release buffer
lock but keep buffer reference to AG buffer. That is enough for buffer to stay
pinned in memory and we don't have to call xfs_read_agi() all the time.
Signed-off-by: Jan Kara <jack@suse.cz>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Ben Myers <bpm@sgi.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Masanari Iida [Wed, 28 Mar 2012 21:42:56 +0000 (14:42 -0700)]
backlight: fix typo in tosa_lcd.c
commit
8da00edc1069f01c34510fa405dc15d96c090a3f upstream.
Fix typo in drivers/video/backlight/tosa_lcd.c
"tosa_lcd_reume" should be "tosa_lcd_resume".
Signed-off-by: Masanari Iida <standby24x7@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Joe Thornber [Wed, 28 Mar 2012 17:41:23 +0000 (18:41 +0100)]
dm thin: fix stacked bi_next usage
commit
6f94a4c45a6f744383f9f695dde019998db3df55 upstream.
Avoid using the bi_next field for the holder of a cell when deferring
bios because a stacked device below might change it. Store the
holder in a new field in struct cell instead.
When a cell is created, the bio that triggered creation (the holder) was
added to the same bio list as subsequent bios. In some cases we pass
this holder bio directly to devices underneath. If those devices use
the bi_next field there will be trouble...
This also simplifies some code that had to work out which bio was the
holder.
Signed-off-by: Joe Thornber <ejt@redhat.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Joe Thornber [Wed, 28 Mar 2012 17:41:23 +0000 (18:41 +0100)]
dm persistent data: fix btree rebalancing after remove
commit
b0988900bae9ecf968a8a8d086a9eec671a9517a upstream.
When we remove an entry from a node we sometimes rebalance with it's
two neighbours. This wasn't being done correctly; in some cases
entries have to move all the way from the right neighbour to the left
neighbour, or vice versa. This patch pretty much re-writes the
balancing code to fix it.
This code is barely used currently; only when you delete a thin
device, and then only if you have hundreds of them in the same pool.
Once we have discard support, which removes mappings, this will be used
much more heavily.
Signed-off-by: Joe Thornber <ejt@redhat.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Andrei Warkentin [Wed, 28 Mar 2012 17:41:22 +0000 (18:41 +0100)]
dm exception store: fix init error path
commit
aadbe266f2f89ccc68b52f4effc7b3a8b29521ef upstream.
Call the correct exit function on failure in dm_exception_store_init.
Signed-off-by: Andrei Warkentin <andrey.warkentin@gmail.com>
Acked-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Mikulas Patocka [Wed, 28 Mar 2012 17:41:22 +0000 (18:41 +0100)]
dm crypt: add missing error handling
commit
72c6e7afc43e19f68a31dea204fc366624d6eee9 upstream.
Always set io->error to -EIO when an error is detected in dm-crypt.
There were cases where an error code would be set only if we finish
processing the last sector. If there were other encryption operations in
flight, the error would be ignored and bio would be returned with
success as if no error happened.
This bug is present in kcryptd_crypt_write_convert, kcryptd_crypt_read_convert
and kcryptd_async_done.
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Reviewed-by: Milan Broz <mbroz@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Mikulas Patocka [Wed, 28 Mar 2012 17:41:22 +0000 (18:41 +0100)]
dm crypt: fix mempool deadlock
commit
aeb2deae2660a1773c83d3c6e9e6575daa3855d6 upstream.
This patch fixes a possible deadlock in dm-crypt's mempool use.
Currently, dm-crypt reserves a mempool of MIN_BIO_PAGES reserved pages.
It allocates first MIN_BIO_PAGES with non-failing allocation (the allocation
cannot fail and waits until the mempool is refilled). Further pages are
allocated with different gfp flags that allow failing.
Because allocations may be done in parallel, this code can deadlock. Example:
There are two processes, each tries to allocate MIN_BIO_PAGES and the processes
run simultaneously.
It may end up in a situation where each process allocates (MIN_BIO_PAGES / 2)
pages. The mempool is exhausted. Each process waits for more pages to be freed
to the mempool, which never happens.
To avoid this deadlock scenario, this patch changes the code so that only
the first page is allocated with non-failing gfp mask. Allocation of further
pages may fail.
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: Milan Broz <mbroz@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Sekhar Nori [Sun, 11 Mar 2012 12:46:12 +0000 (18:16 +0530)]
gpio/davinci: fix enabling unbanked GPIO IRQs
commit
81b279d80a63628e580c71a31d30a8c3b3047ad4 upstream.
Unbanked GPIO IRQ handling code made a copy of just
the irq_chip structure for GPIO IRQ lines which caused
problems after the generic IRQ chip conversion because
there was no valid irq_chip_type structure with the
right "regs" populated. irq_gc_mask_set_bit() was
therefore accessing random addresses.
Fix it by making a copy of irq_chip_type structure
instead. This will ensure sane register offsets.
Reported-by: Jon Povey <Jon.Povey@racelogic.co.uk>
Tested-by: Jon Povey <Jon.Povey@racelogic.co.uk>
Signed-off-by: Sekhar Nori <nsekhar@ti.com>
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Sekhar Nori [Sun, 11 Mar 2012 12:46:11 +0000 (18:16 +0530)]
gpio/davinci: fix oops on unbanked gpio irq request
commit
ab2dde9924dd1ddb791fa8b14aa52e1df681e20c upstream.
Unbanked GPIO irq setup code was overwriting chip_data leading
to the following oops on request_irq()
Unable to handle kernel paging request at virtual address
febfffff
pgd =
c22dc000
[
febfffff] *pgd=
00000000
Internal error: Oops: 801 [#1] PREEMPT
Modules linked in: mcu(+) edmak irqk cmemk
CPU: 0 Not tainted (3.0.0-rc7+ #93)
PC is at irq_gc_mask_set_bit+0x68/0x7c
LR is at vprintk+0x22c/0x484
pc : [<
c0080c0c>] lr : [<
c00457e0>] psr:
60000093
sp :
c33e3ba0 ip :
c33e3af0 fp :
c33e3bc4
r10:
c04555bc r9 :
c33d4340 r8 :
60000013
r7 :
0000002d r6 :
c04555bc r5 :
fec67010 r4 :
00000000
r3 :
c04734c8 r2 :
fec00000 r1 :
ffffffff r0 :
00000026
Flags: nZCv IRQs off FIQs on Mode SVC_32 ISA ARM Segment user
Control:
0005317f Table:
822dc000 DAC:
00000015
Process modprobe (pid: 526, stack limit = 0xc33e2270)
Stack: (0xc33e3ba0 to 0xc33e4000)
3ba0:
00000000 c007d3d4 c33e3bcc c04555bc c04555bc c33d4340 c33e3bdc c33e3bc8
3bc0:
c007f5f8 c0080bb4 00000000 c04555bc c33e3bf4 c33e3be0 c007f654 c007f5c0
3be0:
00000000 c04555bc c33e3c24 c33e3bf8 c007e6e8 c007f618 c01f2284 c0350af8
3c00:
c0405214 bf016c98 00000001 00000000 c33dc008 0000002d c33e3c54 c33e3c28
3c20:
c007e888 c007e408 00000001 c23ef880 c33dc000 00000000 c33dc080 c25caa00
3c40:
c0487498 bf017078 c33e3c94 c33e3c58 bf016b44 c007e7d4 bf017078 c33dc008
3c60:
c25caa08 c33dc008 c33e3c84 bf017484 c25caa00 c25caa00 c01f5f48 c25caa08
3c80:
c0496d60 bf017484 c33e3ca4 c33e3c98 c022a698 bf01692c c33e3cd4 c33e3ca8
3ca0:
c01f5d88 c022a688 00000000 bf017484 c25caa00 c25caa00 c01f5f48 c25caa08
3cc0:
c0496d60 00000000 c33e3cec c33e3cd8 c01f5f8c c01f5d10 00000000 c33e3cf0
3ce0:
c33e3d14 c33e3cf0 c01f5210 c01f5f58 c303cb48 c25ecf94 c25caa00 c25caa00
3d00:
c25caa34 c33e3dd8 c33e3d34 c33e3d18 c01f6044 c01f51b8 c0496d3c c25caa00
3d20:
c044e918 c33e3dd8 c33e3d44 c33e3d38 c01f4ff4 c01f5fcc c33e3d94 c33e3d48
3d40:
c01f3d10 c01f4fd8 00000000 c044e918 00000000 00000000 c01f52c0 c034d570
3d60:
c33e3d84 c33e3d70 c022bf84 c25caa00 00000000 c044e918 c33e3dd8 c25c2e00
3d80:
c0496d60 bf01763c c33e3db4 c33e3d98 c022b1a0 c01f384c c25caa00 c33e3dd8
3da0:
00000000 c33e3dd8 c33e3dd4 c33e3db8 c022b27c c022b0e8 00000000 bf01763c
3dc0:
c0451c80 c33e3dd8 c33e3e34 c33e3dd8 bf016f60 c022b210 5f75636d 746e6f63
3de0:
006c6f72 00000000 00000000 00000000 00000000 00000000 00000000 bf0174bc
3e00:
00000000 00989680 00000000 00000020 c0451c80 c0451c80 bf0174dc c01f5eb0
3e20:
c33f0f00 bf0174dc c33e3e44 c33e3e38 c01f72f4 bf016e2c c33e3e74 c33e3e48
3e40:
c01f5d88 c01f72e4 00000000 c0451c80 c0451cb4 bf0174dc c01f5eb0 c33f0f00
3e60:
c0473100 00000000 c33e3e94 c33e3e78 c01f5f44 c01f5d10 00000000 c33e3e98
3e80:
bf0174dc c01f5eb0 c33e3ebc c33e3e98 c01f5534 c01f5ec0 c303c038 c3061c30
3ea0:
00003cd8 00098258 bf0174dc c0462ac8 c33e3ecc c33e3ec0 c01f5bec c01f54dc
3ec0:
c33e3efc c33e3ed0 c01f4d30 c01f5bdc bf0173a0 c33e2000 00003cd8 00098258
3ee0:
bf0174dc c33e2000 c00301a4 bf019000 c33e3f1c c33e3f00 c01f6588 c01f4c8c
3f00:
00003cd8 00098258 00000000 c33e2000 c33e3f2c c33e3f20 c01f777c c01f6524
3f20:
c33e3f3c c33e3f30 bf019014 c01f7740 c33e3f7c c33e3f40 c002f3ec bf019010
3f40:
00000000 00003cd8 00098258 bf017518 00000000 00003cd8 00098258 bf017518
3f60:
00000000 c00301a4 c33e2000 00000000 c33e3fa4 c33e3f80 c007b934 c002f3c4
3f80:
c00b307c c00b2f48 00003cd8 00000000 00000003 00000080 00000000 c33e3fa8
3fa0:
c0030020 c007b8b8 00003cd8 00000000 00098288 00003cd8 00098258 00098240
3fc0:
00003cd8 00000000 00000003 00000080 00098008 00098028 00098288 00000001
3fe0:
be892998 be892988 00013d7c 40178740 60000010 00098288 09089041 00200845
Backtrace:
[<
c0080ba4>] (irq_gc_mask_set_bit+0x0/0x7c) from [<
c007f5f8>] (irq_enable+0x48/0x58)
r6:
c33d4340 r5:
c04555bc r4:
c04555bc
[<
c007f5b0>] (irq_enable+0x0/0x58) from [<
c007f654>] (irq_startup+0x4c/0x54)
r5:
c04555bc r4:
00000000
[<
c007f608>] (irq_startup+0x0/0x54) from [<
c007e6e8>] (__setup_irq+0x2f0/0x3cc)
r5:
c04555bc r4:
00000000
[<
c007e3f8>] (__setup_irq+0x0/0x3cc) from [<
c007e888>] (request_threaded_irq+0xc4/0x110)
r8:
0000002d r7:
c33dc008 r6:
00000000 r5:
00000001 r4:
bf016c98
[<
c007e7c4>] (request_threaded_irq+0x0/0x110) from [<
bf016b44>] (mcu_spi_probe+0x228/0x37c [mcu])
[<
bf01691c>] (mcu_spi_probe+0x0/0x37c [mcu]) from [<
c022a698>] (spi_drv_probe+0x20/0x24)
[<
c022a678>] (spi_drv_probe+0x0/0x24) from [<
c01f5d88>] (driver_probe_device+0x88/0x1b0)
[<
c01f5d00>] (driver_probe_device+0x0/0x1b0) from [<
c01f5f8c>] (__device_attach+0x44/0x48)
[<
c01f5f48>] (__device_attach+0x0/0x48) from [<
c01f5210>] (bus_for_each_drv+0x68/0x94)
r5:
c33e3cf0 r4:
00000000
[<
c01f51a8>] (bus_for_each_drv+0x0/0x94) from [<
c01f6044>] (device_attach+0x88/0xa0)
r7:
c33e3dd8 r6:
c25caa34 r5:
c25caa00 r4:
c25caa00
[<
c01f5fbc>] (device_attach+0x0/0xa0) from [<
c01f4ff4>] (bus_probe_device+0x2c/0x4c)
r7:
c33e3dd8 r6:
c044e918 r5:
c25caa00 r4:
c0496d3c
[<
c01f4fc8>] (bus_probe_device+0x0/0x4c) from [<
c01f3d10>] (device_add+0x4d4/0x648)
[<
c01f383c>] (device_add+0x0/0x648) from [<
c022b1a0>] (spi_add_device+0xc8/0x128)
[<
c022b0d8>] (spi_add_device+0x0/0x128) from [<
c022b27c>] (spi_new_device+0x7c/0xb4)
r7:
c33e3dd8 r6:
00000000 r5:
c33e3dd8 r4:
c25caa00
[<
c022b200>] (spi_new_device+0x0/0xb4) from [<
bf016f60>] (mcu_probe+0x144/0x224 [mcu])
r7:
c33e3dd8 r6:
c0451c80 r5:
bf01763c r4:
00000000
[<
bf016e1c>] (mcu_probe+0x0/0x224 [mcu]) from [<
c01f72f4>] (platform_drv_probe+0x20/0x24)
[<
c01f72d4>] (platform_drv_probe+0x0/0x24) from [<
c01f5d88>] (driver_probe_device+0x88/0x1b0)
[<
c01f5d00>] (driver_probe_device+0x0/0x1b0) from [<
c01f5f44>] (__driver_attach+0x94/0x98)
[<
c01f5eb0>] (__driver_attach+0x0/0x98) from [<
c01f5534>] (bus_for_each_dev+0x68/0x94)
r7:
c01f5eb0 r6:
bf0174dc r5:
c33e3e98 r4:
00000000
[<
c01f54cc>] (bus_for_each_dev+0x0/0x94) from [<
c01f5bec>] (driver_attach+0x20/0x28)
r7:
c0462ac8 r6:
bf0174dc r5:
00098258 r4:
00003cd8
[<
c01f5bcc>] (driver_attach+0x0/0x28) from [<
c01f4d30>] (bus_add_driver+0xb4/0x258)
[<
c01f4c7c>] (bus_add_driver+0x0/0x258) from [<
c01f6588>] (driver_register+0x74/0x158)
[<
c01f6514>] (driver_register+0x0/0x158) from [<
c01f777c>] (platform_driver_register+0x4c/0x60)
r7:
c33e2000 r6:
00000000 r5:
00098258 r4:
00003cd8
[<
c01f7730>] (platform_driver_register+0x0/0x60) from [<
bf019014>] (mcu_init+0x14/0x20 [mcu])
[<
bf019000>] (mcu_init+0x0/0x20 [mcu]) from [<
c002f3ec>] (do_one_initcall+0x38/0x170)
[<
c002f3b4>] (do_one_initcall+0x0/0x170) from [<
c007b934>] (sys_init_module+0x8c/0x1a4)
[<
c007b8a8>] (sys_init_module+0x0/0x1a4) from [<
c0030020>] (ret_fast_syscall+0x0/0x2c)
r7:
00000080 r6:
00000003 r5:
00000000 r4:
00003cd8
Code:
e1844003 e585400c e596300c e5932064 (
e7814002)
Fix the issue.
Reported-by: Jon Povey <Jon.Povey@racelogic.co.uk>
Signed-off-by: Sekhar Nori <nsekhar@ti.com>
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Tarun Kanti DebBarma [Fri, 25 Nov 2011 09:57:37 +0000 (15:27 +0530)]
gpio/omap: fix _set_gpio_irqenable implementation
commit
8276536cec38bc6bde30d0aa67716f22b9b9705a upstream.
This function should be capable of both enabling and disabling interrupts
based upon the *enable* parameter. Right now the function only enables
the interrupt and *enable* is not used at all. So add the interrupt
disable capability also using the parameter.
Signed-off-by: Tarun Kanti DebBarma <tarun.kanti@ti.com>
Reviewed-by: Santosh Shilimkar <santosh.shilimkar@ti.com>
Acked-by: Felipe Balbi <balbi@ti.com>
Reviewed-by: Kevin Hilman <khilman@ti.com>
Signed-off-by: Kevin Hilman <khilman@ti.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Jan Kara [Mon, 20 Feb 2012 16:49:56 +0000 (17:49 +0100)]
udf: Fix deadlock in udf_release_file()
commit
a0391a3ae91d301c0e59368531a4de5f0b122bcf upstream.
udf_release_file() can be called from munmap() path with mmap_sem held. Thus
we cannot take i_mutex there because that ranks above mmap_sem. Luckily,
i_mutex is not needed in udf_release_file() anymore since protection by
i_data_sem is enough to protect from races with write and truncate.
Reported-by: Al Viro <viro@ZenIV.linux.org.uk>
Reviewed-by: Namjae Jeon <linkinjeon@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Stephen Warren [Tue, 14 Feb 2012 20:39:39 +0000 (13:39 -0700)]
ARM: tegra: select required CPU and L2 errata options
commit
f35b431dde39fb40944d1024f08d88fbf04a3193 upstream.
The ARM IP revisions in Tegra are:
Tegra20: CPU r1p1, PL310 r2p0
Tegra30: CPU A01=r2p7/>=A02=r2p9, NEON r2p3-50, PL310 r3p1-50
Based on work by Olof Johansson, although the actual list of errata is
somewhat different here, since I added a bunch more and removed one PL310
erratum that doesn't seem applicable.
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: Olof Johansson <olof@lixom.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Michel Lespinasse [Tue, 27 Mar 2012 00:32:44 +0000 (17:32 -0700)]
vfs: fix d_ancestor() case in d_materialize_unique
commit
b18dafc86bb879d2f38a1743985d7ceb283c2f4d upstream.
In d_materialise_unique() there are 3 subcases to the 'aliased dentry'
case; in two subcases the inode i_lock is properly released but this
does not occur in the -ELOOP subcase.
This seems to have been introduced by commit
1836750115f2 ("fix loop
checks in d_materialise_unique()").
Signed-off-by: Michel Lespinasse <walken@google.com>
[ Added a comment, and moved the unlock to where we generate the -ELOOP,
which seems to be more natural.
You probably can't actually trigger this without a buggy network file
server - d_materialize_unique() is for finding aliases on non-local
filesystems, and the d_ancestor() case is for a hardlinked directory
loop.
But we should be robust in the case of such buggy servers anyway. ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Theodore Ts'o [Mon, 12 Mar 2012 03:30:16 +0000 (23:30 -0400)]
ext4: check for zero length extent
commit
31d4f3a2f3c73f279ff96a7135d7202ef6833f12 upstream.
Explicitly test for an extent whose length is zero, and flag that as a
corrupted extent.
This avoids a kernel BUG_ON assertion failure.
Tested: Without this patch, the file system image found in
tests/f_ext_zero_len/image.gz in the latest e2fsprogs sources causes a
kernel panic. With this patch, an ext4 file system error is noted
instead, and the file system is marked as being corrupted.
https://bugzilla.kernel.org/show_bug.cgi?id=42859
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Jeff Moyer [Mon, 5 Mar 2012 15:29:52 +0000 (10:29 -0500)]
ext4: fix race between sync and completed io work
commit
491caa43639abcffaa645fbab372a7ef4ce2975c upstream.
The following command line will leave the aio-stress process unkillable
on an ext4 file system (in my case, mounted on /mnt/test):
aio-stress -t 20 -s 10 -O -S -o 2 -I 1000 /mnt/test/aiostress.3561.4 /mnt/test/aiostress.3561.4.20 /mnt/test/aiostress.3561.4.19 /mnt/test/aiostress.3561.4.18 /mnt/test/aiostress.3561.4.17 /mnt/test/aiostress.3561.4.16 /mnt/test/aiostress.3561.4.15 /mnt/test/aiostress.3561.4.14 /mnt/test/aiostress.3561.4.13 /mnt/test/aiostress.3561.4.12 /mnt/test/aiostress.3561.4.11 /mnt/test/aiostress.3561.4.10 /mnt/test/aiostress.3561.4.9 /mnt/test/aiostress.3561.4.8 /mnt/test/aiostress.3561.4.7 /mnt/test/aiostress.3561.4.6 /mnt/test/aiostress.3561.4.5 /mnt/test/aiostress.3561.4.4 /mnt/test/aiostress.3561.4.3 /mnt/test/aiostress.3561.4.2
This is using the aio-stress program from the xfstests test suite.
That particular command line tells aio-stress to do random writes to
20 files from 20 threads (one thread per file). The files are NOT
preallocated, so you will get writes to random offsets within the
file, thus creating holes and extending i_size. It also opens the
file with O_DIRECT and O_SYNC.
On to the problem. When an I/O requires unwritten extent conversion,
it is queued onto the completed_io_list for the ext4 inode. Two code
paths will pull work items from this list. The first is the
ext4_end_io_work routine, and the second is ext4_flush_completed_IO,
which is called via the fsync path (and O_SYNC handling, as well).
There are two issues I've found in these code paths. First, if the
fsync path beats the work routine to a particular I/O, the work
routine will free the io_end structure! It does not take into account
the fact that the io_end may still be in use by the fsync path. I've
fixed this issue by adding yet another IO_END flag, indicating that
the io_end is being processed by the fsync path.
The second problem is that the work routine will make an assignment to
io->flag outside of the lock. I have witnessed this result in a hang
at umount. Moving the flag setting inside the lock resolved that
problem.
The problem was introduced by commit
b82e384c7b ("ext4: optimize
locking for end_io extent conversion"), which first appeared in 3.2.
As such, the fix should be backported to that release (probably along
with the unwritten extent conversion race fix).
Signed-off-by: Jeff Moyer <jmoyer@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Jeff Moyer [Mon, 20 Feb 2012 22:59:24 +0000 (17:59 -0500)]
ext4: fix race between unwritten extent conversion and truncate
commit
266991b13890049ee1a6bb95b9817f06339ee3d7 upstream.
The following comment in ext4_end_io_dio caught my attention:
/* XXX: probably should move into the real I/O completion handler */
inode_dio_done(inode);
The truncate code takes i_mutex, then calls inode_dio_wait. Because the
ext4 code path above will end up dropping the mutex before it is
reacquired by the worker thread that does the extent conversion, it
seems to me that the truncate can happen out of order. Jan Kara
mentioned that this might result in error messages in the system logs,
but that should be the extent of the "damage."
The fix is pretty straight-forward: don't call inode_dio_done until the
extent conversion is complete.
Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Jeff Moyer <jmoyer@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Lukas Czerner [Mon, 20 Feb 2012 22:53:00 +0000 (17:53 -0500)]
ext4: ignore EXT4_INODE_JOURNAL_DATA flag with delalloc
commit
3d2b158262826e8b75bbbfb7b97010838dd92ac7 upstream.
Ext4 does not support data journalling with delayed allocation enabled.
We even do not allow to mount the file system with delayed allocation
and data journalling enabled, however it can be set via FS_IOC_SETFLAGS
so we can hit the inode with EXT4_INODE_JOURNAL_DATA set even on file
system mounted with delayed allocation (default) and that's where
problem arises. The easies way to reproduce this problem is with the
following set of commands:
mkfs.ext4 /dev/sdd
mount /dev/sdd /mnt/test1
dd if=/dev/zero of=/mnt/test1/file bs=1M count=4
chattr +j /mnt/test1/file
dd if=/dev/zero of=/mnt/test1/file bs=1M count=4 conv=notrunc
chattr -j /mnt/test1/file
Additionally it can be reproduced quite reliably with xfstests 272 and
269. In fact the above reproducer is a part of test 272.
To fix this we should ignore the EXT4_INODE_JOURNAL_DATA inode flag if
the file system is mounted with delayed allocation. This can be easily
done by fixing ext4_should_*_data() functions do ignore data journal
flag when delalloc is set (suggested by Ted). We also have to set the
appropriate address space operations for the inode (again, ignoring data
journal flag if delalloc enabled).
Additionally this commit introduces ext4_inode_journal_mode() function
because ext4_should_*_data() has already had a lot of common code and
this change is putting it all into one function so it is easier to
read.
Successfully tested with xfstests in following configurations:
delalloc + data=ordered
delalloc + data=writeback
data=journal
nodelalloc + data=ordered
nodelalloc + data=writeback
nodelalloc + data=journal
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Eric Sandeen [Mon, 20 Feb 2012 22:53:01 +0000 (17:53 -0500)]
jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer
commit
15291164b22a357cb211b618adfef4fa82fc0de3 upstream.
journal_unmap_buffer()'s zap_buffer: code clears a lot of buffer head
state ala discard_buffer(), but does not touch _Delay or _Unwritten as
discard_buffer() does.
This can be problematic in some areas of the ext4 code which assume
that if they have found a buffer marked unwritten or delay, then it's
a live one. Perhaps those spots should check whether it is mapped
as well, but if jbd2 is going to tear down a buffer, let's really
tear it down completely.
Without this I get some fsx failures on sub-page-block filesystems
up until v3.2, at which point
4e96b2dbbf1d7e81f22047a50f862555a6cb87cb
and
189e868fa8fdca702eb9db9d8afc46b5cb9144c9 make the failures go
away, because buried within that large change is some more flag
clearing. I still think it's worth doing in jbd2, since
->invalidatepage leads here directly, and it's the right place
to clear away these flags.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Srivatsa S. Bhat [Fri, 17 Feb 2012 22:39:51 +0000 (23:39 +0100)]
PM / Hibernate: Enable usermodehelpers in hibernate() error path
commit
05b4877f6a4f1ba4952d1222213d262bf8c132b7 upstream.
If create_basic_memory_bitmaps() fails, usermodehelpers are not re-enabled
before returning. Fix this. And while at it, reword the goto labels so that
they look more meaningful.
Signed-off-by: Srivatsa S. Bhat <srivatsa.bhat@linux.vnet.ibm.com>
Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Trond Myklebust [Mon, 12 Mar 2012 22:01:48 +0000 (18:01 -0400)]
NFSv4: Rate limit the state manager warning messages
commit
9a3ba432330e504ac61ff0043dbdaba7cea0e35a upstream.
Prevent the state manager from filling up system logs when recovery
fails on the server.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Michael Krufky [Sun, 18 Mar 2012 17:35:57 +0000 (14:35 -0300)]
mxl111sf: fix error on stream stop in mxl111sf_ep6_streaming_ctrl()
commit
3be5bb71fbf18f83cb88b54a62a78e03e5a4f30a upstream.
Remove unnecessary register access in mxl111sf_ep6_streaming_ctrl()
This code breaks driver operation in kernel 3.3 and later, although
it works properly in 3.2 Disable register access to 0x12 for now.
Signed-off-by: Michael Krufky <mkrufky@linuxtv.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Michael Krufky [Tue, 7 Feb 2012 16:28:33 +0000 (13:28 -0300)]
pvrusb2: fix 7MHz & 8MHz DVB-T tuner support for HVR1900 rev D1F5
commit
9ab2393fc3e460cd2040de1483918eb17abb822f upstream.
The D1F5 revision of the WinTV HVR-1900 uses a tda18271c2 tuner
instead of a tda18271c1 tuner as used in revision D1E9. To
account for this, we must hardcode the frontend configuration
to use the same IF frequency configuration for both revisions
of the device.
6MHz DVB-T is unaffected by this issue, as the recommended
IF Frequency configuration for 6MHz DVB-T is the same on both
c1 and c2 revisions of the tda18271 tuner.
Signed-off-by: Michael Krufky <mkrufky@linuxtv.org>
Cc: Mike Isely <isely@pobox.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Xi Wang [Tue, 14 Feb 2012 17:32:41 +0000 (14:32 -0300)]
lgdt330x: fix signedness error in i2c_read_demod_bytes()
commit
34817174fca0c5512c2d5b6ea0fc37a0337ce1d8 upstream.
The error handling in lgdt3303_read_status() and lgdt330x_read_ucblocks()
doesn't work, because i2c_read_demod_bytes() returns a u8 and (err < 0)
is always false.
err = i2c_read_demod_bytes(state, 0x58, buf, 1);
if (err < 0)
return err;
Change the return type of i2c_read_demod_bytes() to int. Also change
the return value on error to -EIO to make (err < 0) work.
Signed-off-by: Xi Wang <xi.wang@gmail.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Andreas Herrmann [Fri, 23 Mar 2012 09:02:17 +0000 (10:02 +0100)]
hwmon: (fam15h_power) Correct sign extension of running_avg_capture
commit
fc0900cbda9243957d812cd6b4cc87965f9fe75f upstream.
Wrong bit was used for sign extension which caused wrong end results.
Thanks to Andre for spotting this bug.
Reported-by: Andre Przywara <andre.przywara@amd.com>
Signed-off-by: Andreas Herrmann <andreas.herrmann3@amd.com>
Acked-by: Guenter Roeck <guenter.roeck@ericsson.com>
Signed-off-by: Jean Delvare <khali@linux-fr.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Lucas De Marchi [Thu, 22 Mar 2012 21:42:22 +0000 (14:42 -0700)]
sysctl: protect poll() in entries that may go away
commit
4e474a00d7ff746ed177ddae14fa8b2d4bad7a00 upstream.
Protect code accessing ctl_table by grabbing the header with grab_header()
and after releasing with sysctl_head_finish(). This is needed if poll()
is called in entries created by modules: currently only hostname and
domainname support poll(), but this bug may be triggered when/if modules
use it and if user called poll() in a file that doesn't support it.
Dave Jones reported the following when using a syscall fuzzer while
hibernating/resuming:
RIP: 0010:[<
ffffffff81233e3e>] [<
ffffffff81233e3e>] proc_sys_poll+0x4e/0x90
RAX:
0000000000000145 RBX:
ffff88020cab6940 RCX:
0000000000000000
RDX:
ffffffff81233df0 RSI:
6b6b6b6b6b6b6b6b RDI:
ffff88020cab6940
[ ... ]
Code: 00 48 89 fb 48 89 f1 48 8b 40 30 4c 8b 60 e8 b8 45 01 00 00 49 83
7c 24 28 00 74 2e 49 8b 74 24 30 48 85 f6 74 24 48 85 c9 75 32 <8b> 16
b8 45 01 00 00 48 63 d2 49 39 d5 74 10 8b 06 48 98 48 89
If an entry goes away while we are polling() it, ctl_table may not exist
anymore.
Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: Lucas De Marchi <lucas.demarchi@profusion.mobi>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Steffen Persvold [Thu, 15 Mar 2012 14:20:29 +0000 (15:20 +0100)]
iommu/amd: Fix section warning for prealloc_protection_domains
commit
cebd5fa4d3046d5b43ce1836a0120612822a7fb0 upstream.
Fix the following section warning in drivers/iommu/amd_iommu.c :
WARNING: vmlinux.o(.text+0x526e77): Section mismatch in reference from the function prealloc_protection_domains() to the function .init.text:alloc_passthrough_domain()
The function prealloc_protection_domains() references
the function __init alloc_passthrough_domain().
This is often because prealloc_protection_domains lacks a __init
annotation or the annotation of alloc_passthrough_domain is wrong.
Signed-off-by: Steffen Persvold <sp@numascale.com>
Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Pravin B Shelar [Fri, 23 Mar 2012 22:02:55 +0000 (15:02 -0700)]
proc-ns: use d_set_d_op() API to set dentry ops in proc_ns_instantiate().
commit
1b26c9b334044cff6d1d2698f2be41bc7d9a0864 upstream.
The namespace cleanup path leaks a dentry which holds a reference count
on a network namespace. Keeping that network namespace from being freed
when the last user goes away. Leaving things like vlan devices in the
leaked network namespace.
If you use ip netns add for much real work this problem becomes apparent
pretty quickly. It light testing the problem hides because frequently
you simply don't notice the leak.
Use d_set_d_op() so that DCACHE_OP_* flags are set correctly.
This issue exists back to 3.0.
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Cc: David Miller <davem@davemloft.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Dmitry Adamushko [Thu, 22 Mar 2012 20:39:25 +0000 (21:39 +0100)]
x86-32: Fix endless loop when processing signals for kernel tasks
commit
29a2e2836ff9ea65a603c89df217f4198973a74f upstream.
The problem occurs on !CONFIG_VM86 kernels [1] when a kernel-mode task
returns from a system call with a pending signal.
A real-life scenario is a child of 'khelper' returning from a failed
kernel_execve() in ____call_usermodehelper() [ kernel/kmod.c ].
kernel_execve() fails due to a pending SIGKILL, which is the result of
"kill -9 -1" (at least, busybox's init does it upon reboot).
The loop is as follows:
* syscall_exit_work:
- work_pending: // start_of_the_loop
- work_notify_sig:
- do_notify_resume()
- do_signal()
- if (!user_mode(regs)) return;
- resume_userspace // TIF_SIGPENDING is still set
- work_pending // so we call work_pending => goto
// start_of_the_loop
More information can be found in another LKML thread:
http://www.serverphorums.com/read.php?12,457826
[1] the problem was also seen on MIPS.
Signed-off-by: Dmitry Adamushko <dmitry.adamushko@gmail.com>
Link: http://lkml.kernel.org/r/
1332448765.2299.68.camel@dimm
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Roland McGrath <roland@hack.frob.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Jeff Kirsher [Fri, 18 Nov 2011 14:25:00 +0000 (14:25 +0000)]
e1000e: Avoid wrong check on TX hang
commit
09357b00255c233705b1cf6d76a8d147340545b8 upstream.
Based on the original patch submitted my Michael Wang
<wangyun@linux.vnet.ibm.com>.
Descriptors may not be write-back while checking TX hang with flag
FLAG2_DMA_BURST on.
So when we detect hang, we just flush the descriptor and detect
again for once.
-v2 change 1 to true and 0 to false and remove extra ()
CC: Michael Wang <wangyun@linux.vnet.ibm.com>
CC: Flavio Leitner <fbl@redhat.com>
Acked-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
tom.leiming@gmail.com [Thu, 22 Mar 2012 03:22:38 +0000 (03:22 +0000)]
usbnet: don't clear urb->dev in tx_complete
commit
5d5440a835710d09f0ef18da5000541ec98b537a upstream.
URB unlinking is always racing with its completion and tx_complete
may be called before or during running usb_unlink_urb, so tx_complete
must not clear urb->dev since it will be used in unlink path,
otherwise invalid memory accesses or usb device leak may be caused
inside usb_unlink_urb.
Cc: Alan Stern <stern@rowland.harvard.edu>
Cc: Oliver Neukum <oliver@neukum.org>
Signed-off-by: Ming Lei <tom.leiming@gmail.com>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
tom.leiming@gmail.com [Thu, 22 Mar 2012 03:22:18 +0000 (03:22 +0000)]
usbnet: increase URB reference count before usb_unlink_urb
commit
0956a8c20b23d429e79ff86d4325583fc06f9eb4 upstream.
Commit
4231d47e6fe69f061f96c98c30eaf9fb4c14b96d(net/usbnet: avoid
recursive locking in usbnet_stop()) fixes the recursive locking
problem by releasing the skb queue lock, but it makes usb_unlink_urb
racing with defer_bh, and the URB to being unlinked may be freed before
or during calling usb_unlink_urb, so use-after-free problem may be
triggerd inside usb_unlink_urb.
The patch fixes the use-after-free problem by increasing URB
reference count with skb queue lock held before calling
usb_unlink_urb, so the URB won't be freed until return from
usb_unlink_urb.
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: Alan Stern <stern@rowland.harvard.edu>
Cc: Oliver Neukum <oliver@neukum.org>
Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: Ming Lei <tom.leiming@gmail.com>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Trond Myklebust [Mon, 19 Mar 2012 17:39:35 +0000 (13:39 -0400)]
SUNRPC: We must not use list_for_each_entry_safe() in rpc_wake_up()
commit
540a0f7584169651f485e8ab67461fcb06934e38 upstream.
The problem is that for the case of priority queues, we
have to assume that __rpc_remove_wait_queue_priority will move new
elements from the tk_wait.links lists into the queue->tasks[] list.
We therefore cannot use list_for_each_entry_safe() on queue->tasks[],
since that will skip these new tasks that __rpc_remove_wait_queue_priority
is adding.
Without this fix, rpc_wake_up and rpc_wake_up_status will both fail
to wake up all functions on priority wait queues, which can result
in some nasty hangs.
Reported-by: Andy Adamson <andros@netapp.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Artem Bityutskiy [Wed, 7 Mar 2012 17:08:36 +0000 (19:08 +0200)]
UBI: fix eraseblock picking criteria
commit
7eb3aa65853e1b223bfc786b023b702018cb76c0 upstream.
The 'find_wl_entry()' function expects the maximum difference as the second
argument, not the maximum absolute value. So the "unknown" eraseblock picking
was incorrect, as Shmulik Ladkani spotted. This patch fixes the issue.
Reported-by: Shmulik Ladkani <shmulik.ladkani@gmail.com>
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Reviewed-by: Shmulik Ladkani <shmulik.ladkani@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Richard Weinberger [Mon, 30 Jan 2012 17:20:13 +0000 (18:20 +0100)]
UBI: fix error handling in ubi_scan()
commit
a29852be492d61001d86c6ebf5fff9b93d7b4be9 upstream.
Two bad things can happen in ubi_scan():
1. If kmem_cache_create() fails we jump to out_si and call
ubi_scan_destroy_si() which calls kmem_cache_destroy().
But si->scan_leb_slab is NULL.
2. If process_eb() fails we jump to out_vidh, call
kmem_cache_destroy() and ubi_scan_destroy_si() which calls
again kmem_cache_destroy().
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Pavel Shilovsky [Sat, 17 Mar 2012 06:46:55 +0000 (09:46 +0300)]
CIFS: Fix a spurious error in cifs_push_posix_locks
commit
ce85852b90a214cf577fc1b4f49d99fd7e98784a upstream.
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Reported-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Jeff Layton [Wed, 21 Mar 2012 10:30:40 +0000 (06:30 -0400)]
cifs: fix issue mounting of DFS ROOT when redirecting from one domain controller to the next
commit
1daaae8fa4afe3df78ca34e724ed7e8187e4eb32 upstream.
This patch fixes an issue when cifs_mount receives a
STATUS_BAD_NETWORK_NAME error during cifs_get_tcon but is able to
continue after an DFS ROOT referral. In this case, the return code
variable is not reset prior to trying to mount from the system referred
to. Thus, is_path_accessible is not executed and the final DFS referral
is not performed causing a mount error.
Use case: In DNS, example.com resolves to the secondary AD server
ad2.example.com Our primary domain controller is ad1.example.com and has
a DFS redirection set up from \\ad1\share\Users to \\files\share\Users.
Mounting \\example.com\share\Users fails.
Regression introduced by commit 724d9f1.
Reviewed-by: Pavel Shilovsky <piastry@etersoft.ru
Signed-off-by: Thomas Hadig <thomas@intapp.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Pavel Shilovsky [Tue, 20 Mar 2012 09:55:09 +0000 (12:55 +0300)]
CIFS: Respect negotiated MaxMpxCount
commit
10b9b98e41ba248a899f6175ce96ee91431b6194 upstream.
Some servers sets this value less than 50 that was hardcoded and
we lost the connection if when we exceed this limit. Fix this by
respecting this value - not sending more than the server allows.
Reviewed-by: Jeff Layton <jlayton@samba.org>
Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Dave Chinner [Wed, 7 Mar 2012 04:50:25 +0000 (04:50 +0000)]
xfs: fix inode lookup race
commit
f30d500f809eca67a21704347ab14bb35877b5ee upstream.
When we get concurrent lookups of the same inode that is not in the
per-AG inode cache, there is a race condition that triggers warnings
in unlock_new_inode() indicating that we are initialising an inode
that isn't in a the correct state for a new inode.
When we do an inode lookup via a file handle or a bulkstat, we don't
serialise lookups at a higher level through the dentry cache (i.e.
pathless lookup), and so we can get concurrent lookups of the same
inode.
The race condition is between the insertion of the inode into the
cache in the case of a cache miss and a concurrently lookup:
Thread 1 Thread 2
xfs_iget()
xfs_iget_cache_miss()
xfs_iread()
lock radix tree
radix_tree_insert()
rcu_read_lock
radix_tree_lookup
lock inode flags
XFS_INEW not set
igrab()
unlock inode flags
rcu_read_unlock
use uninitialised inode
.....
lock inode flags
set XFS_INEW
unlock inode flags
unlock radix tree
xfs_setup_inode()
inode flags = I_NEW
unlock_new_inode()
WARNING as inode flags != I_NEW
This can lead to inode corruption, inode list corruption, etc, and
is generally a bad thing to occur.
Fix this by setting XFS_INEW before inserting the inode into the
radix tree. This will ensure any concurrent lookup will find the new
inode with XFS_INEW set and that forces the lookup to wait until the
XFS_INEW flag is removed before allowing the lookup to succeed.
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Ben Myers <bpm@sgi.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Trond Myklebust [Wed, 7 Mar 2012 21:39:06 +0000 (16:39 -0500)]
NFSv4: Return the delegation if the server returns NFS4ERR_OPENMODE
commit
3114ea7a24d3264c090556a2444fc6d2c06176d4 upstream.
If a setattr() fails because of an NFS4ERR_OPENMODE error, it is
probably due to us holding a read delegation. Ensure that the
recovery routines return that delegation in this case.
Reported-by: Miklos Szeredi <miklos@szeredi.hu>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Trond Myklebust [Tue, 6 Mar 2012 00:56:44 +0000 (19:56 -0500)]
NFS: Properly handle the case where the delegation is revoked
commit
a1d0b5eebc4fd6e0edb02688b35f17f67f42aea5 upstream.
If we know that the delegation stateid is bad or revoked, we need to
remove that delegation as soon as possible, and then mark all the
stateids that relied on that delegation for recovery. We cannot use
the delegation as part of the recovery process.
Also note that NFSv4.1 uses a different error code (NFS4ERR_DELEG_REVOKED)
to indicate that the delegation was revoked.
Finally, ensure that setlk() and setattr() can both recover safely from
a revoked delegation.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Stephan Bärwolf [Thu, 12 Jan 2012 15:43:04 +0000 (16:43 +0100)]
KVM: x86: fix missing checks in syscall emulation
commit
c2226fc9e87ba3da060e47333657cd6616652b84 upstream.
On hosts without this patch, 32bit guests will crash (and 64bit guests
may behave in a wrong way) for example by simply executing following
nasm-demo-application:
[bits 32]
global _start
SECTION .text
_start: syscall
(I tested it with winxp and linux - both always crashed)
Disassembly of section .text:
00000000 <_start>:
0: 0f 05 syscall
The reason seems a missing "invalid opcode"-trap (int6) for the
syscall opcode "0f05", which is not available on Intel CPUs
within non-longmodes, as also on some AMD CPUs within legacy-mode.
(depending on CPU vendor, MSR_EFER and cpuid)
Because previous mentioned OSs may not engage corresponding
syscall target-registers (STAR, LSTAR, CSTAR), they remain
NULL and (non trapping) syscalls are leading to multiple
faults and finally crashs.
Depending on the architecture (AMD or Intel) pretended by
guests, various checks according to vendor's documentation
are implemented to overcome the current issue and behave
like the CPUs physical counterparts.
[mtosatti: cleanup/beautify code]
Signed-off-by: Stephan Baerwolf <stephan.baerwolf@tu-ilmenau.de>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Stephan Bärwolf [Thu, 12 Jan 2012 15:43:03 +0000 (16:43 +0100)]
KVM: x86: extend "struct x86_emulate_ops" with "get_cpuid"
commit
bdb42f5afebe208eae90406959383856ae2caf2b upstream.
In order to be able to proceed checks on CPU-specific properties
within the emulator, function "get_cpuid" is introduced.
With "get_cpuid" it is possible to virtually call the guests
"cpuid"-opcode without changing the VM's context.
[mtosatti: cleanup/beautify code]
Signed-off-by: Stephan Baerwolf <stephan.baerwolf@tu-ilmenau.de>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Clemens Ladisch [Mon, 12 Mar 2012 20:45:47 +0000 (21:45 +0100)]
firewire: ohci: fix too-early completion of IR multichannel buffers
commit
0c0efbacab8d70700d13301e0ae7975783c0cb0a upstream.
handle_ir_buffer_fill() assumed that a completed descriptor would be
indicated by a non-zero transfer_status (as in most other descriptors).
However, this field is written by the controller as soon as (the end of)
the first packet has been written into the buffer. As a consequence, if
we happen to run into such a descriptor when the interrupt handler is
executed after such a packet has completed, the descriptor would be
taken out of the list of active descriptors as soon as the buffer had
been partially filled, so the event for the buffer being completely
filled would never be sent.
To fix this, handle descriptors only when they have been completely
filled, i.e., when res_count == 0. (This also matches the condition
that is reported by the controller with an interrupt.)
Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Sergei Shtylyov [Thu, 19 Jan 2012 16:09:56 +0000 (19:09 +0300)]
pata_legacy: correctly mask recovery field for HT6560B
commit
9716387311c790de381214c03e7f1b72b91a8189 upstream.
According to the HT6560H datasheet, the recovery timing field is 4-bit wide,
with a value of 0 meaning 16 cycles. Correct obvious thinko in the recovery
field mask.
Signed-off-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Keng-Yu Lin [Mon, 30 Jan 2012 06:25:45 +0000 (14:25 +0800)]
HID: add more hotkeys in Asus AIO keyboards
commit
6c30d5a53229aad22bb675e0bd6eb518ecaa4316 upstream.
Add support for the camera key. The hotkey for
Asus S.H.E(Super Hybrid Engine) mode is mapped to KEY_KEY_PROG1
just for notifying the userspace.
Signed-off-by: Keng-Yu Lin <kengyu@canonical.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Keng-Yu Lin [Thu, 2 Feb 2012 09:31:26 +0000 (10:31 +0100)]
HID: add extra hotkeys in Asus AIO keyboards
commit
3596bb929f2abd3433c2eaa5755fad48ac207af1 upstream.
The Asus All-In-One PC has a wireless keyboard with wifi toggle,
brightness up, brightness down and display off hotkeys.
This patch adds suppoort for these hotkeys.
Signed-off-by: Keng-Yu Lin <kengyu@canonical.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Keng-Yu Lin [Wed, 30 Nov 2011 10:32:37 +0000 (18:32 +0800)]
Bluetooth: Add AR30XX device ID on Asus laptops
commit
6b6ba88b5bb8779156b21bb957520a448c3642e2 upstream.
The ID is found on Asus K54HR and K53U.
Blacklist the AR3011-based device ID [0489:e03d]
and add to ath3k.c for firmware loading.
Below is the output of usb-devices script:
Before the fiwmware loading:
T: Bus=01 Lev=02 Prnt=02 Port=00 Cnt=01 Dev#= 3 Spd=12 MxCh= 0
D: Ver= 1.10 Cls=e0(wlcon) Sub=01 Prot=01 MxPS=64 #Cfgs= 1
P: Vendor=0489 ProdID=e03d Rev=00.01
C: #Ifs= 2 Cfg#= 1 Atr=e0 MxPwr=100mA
I: If#= 0 Alt= 0 #EPs= 3 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb
I: If#= 1 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb
After the fiwmware loading:
T: Bus=01 Lev=02 Prnt=02 Port=00 Cnt=01 Dev#= 5 Spd=12 MxCh= 0
D: Ver= 1.10 Cls=e0(wlcon) Sub=01 Prot=01 MxPS=64 #Cfgs= 1
P: Vendor=0cf3 ProdID=3005 Rev=00.01
C: #Ifs= 2 Cfg#= 1 Atr=e0 MxPwr=100mA
I: If#= 0 Alt= 0 #EPs= 3 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb
I: If#= 1 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb
Signed-off-by: Keng-Yu Lin <kengyu@canonical.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Roland Dreier [Fri, 24 Feb 2012 01:22:12 +0000 (17:22 -0800)]
target: Fix 16-bit target ports for SET TARGET PORT GROUPS emulation
commit
33395fb8a13731c7ef7b175dbf5a4d8a6738fe6c upstream.
The old code did (MSB << 8) & 0xff, which always evaluates to 0. Just use
get_unaligned_be16() so we don't have to worry about whether our open-coded
version is correct or not.
Signed-off-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
projects / linux-flexiantxendom0.git / log