Block size in f2fs is 4096 bytes, so theoretically, f2fs can support 4096 bytes
sector device at maximum. But now f2fs only support 512 bytes size sector, so
block device such as zRAM which uses page cache as its block storage space will
not be mounted successfully as mismatch between sector size of zRAM and sector
size of f2fs supported.
In this patch we support large sector size in f2fs, so block device with sector
size of 512/1024/2048/4096 bytes can be supported in f2fs.
Signed-off-by: Chao Yu <chao2.yu@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
f2fs: fix to truncate blocks past EOF in ->setattr
By using FALLOC_FL_KEEP_SIZE in ->fallocate of f2fs, we can fallocate block past
EOF without changing i_size of inode. These blocks past EOF will not be
truncated in ->setattr as we truncate them only when change the file size.
We should give a chance to truncate blocks out of filesize in setattr().
Signed-off-by: Chao Yu <chao2.yu@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Jaegeuk Kim [Tue, 16 Sep 2014 02:32:16 +0000 (19:32 -0700)]
f2fs: update i_size when __allocate_data_block
The f2fs_direct_IO uses __allocate_data_block, but inside the allocation path,
we should update i_size at the changed time to update its inode page.
Otherwise, we can get wrong i_size after roll-forward recovery.
Jaegeuk Kim [Wed, 10 Sep 2014 22:04:03 +0000 (15:04 -0700)]
f2fs: do not skip latest inode information
In f2fs_sync_file, if there is no written appended writes, it skips
to write its node blocks.
But, if there is up-to-date inode page, we should write it to update
its metadata during the roll-forward recovery.
Jaegeuk Kim [Mon, 15 Sep 2014 21:50:48 +0000 (14:50 -0700)]
f2fs: fix conditions to remain recovery information in f2fs_sync_file
This patch revisited whole the recovery information during the f2fs_sync_file.
In this patch, there are three information to make a decision.
a) IS_CHECKPOINTED, /* is it checkpointed before? */
b) HAS_FSYNCED_INODE, /* is the inode fsynced before? */
c) HAS_LAST_FSYNC, /* has the latest node fsync mark? */
Jaegeuk Kim [Thu, 11 Sep 2014 20:49:55 +0000 (13:49 -0700)]
f2fs: use meta_inode cache to improve roll-forward speed
Previously, all the dnode pages should be read during the roll-forward recovery.
Even worsely, whole the chain was traversed twice.
This patch removes that redundant and costly read operations by using page cache
of meta_inode and readahead function as well.
Reviewed-by: Chao Yu <chao2.yu@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Jaegeuk Kim [Fri, 12 Sep 2014 15:35:58 +0000 (00:35 +0900)]
f2fs: fix double lock for inode page during roll-foward recovery
If the inode is same and its data index are needed to truncate, we can fall into
double lock for its inode page via get_dnode_of_data.
Error case is like this.
1. write data 1, 2, 3, 4, 5 in inode #4.
2. write data 100, 102, 103, 104, 105 in dnode #6 of inode #4.
3. sync
4. update data 100->106 in dnode #6.
5. fsync inode #4.
6. power-cut
-> Then,
1. go back to #3's checkpoint
2. in do_recover_data, get_dnode_of_data() gets inode #4.
3. detect 100->106 in dnode #6.
4. check_index_in_prev_nodes tries to truncate 100 in dnode #6.
5. to trigger truncate_hole, get_dnode_of_data should grab inode #4.
6. detect *kernel hang*
The nm_i->fcnt checking is executed before spin_lock, so if another
thread delete the last free_nid from the list, the wrong nid may be
gotten. So fix the race condition by moving the nm_i->fnct checking
into spin_lock.
Signed-off-by: Huang, Ying <ying.huang@intel.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
f2fs: use nm_i->next_scan_nid as default for next_free_nid
Now, if there is no free nid in nm_i->free_nid_list, 0 may be saved
into next_free_nid of checkpoint, this may cause useless scanning for
next mount. nm_i->next_scan_nid should be a better default value than
0.
Signed-off-by: Huang, Ying <ying.huang@intel.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Jaegeuk Kim [Wed, 10 Sep 2014 23:53:02 +0000 (16:53 -0700)]
f2fs: give an option to enable in-place-updates during fsync to users
If user wrote F2FS_IPU_FSYNC:4 in /sys/fs/f2fs/ipu_policy, f2fs_sync_file
only starts to try in-place-updates.
And, if the number of dirty pages is over /sys/fs/f2fs/min_fsync_blocks, it
keeps out-of-order manner. Otherwise, it triggers in-place-updates.
This may be used by storage showing very high random write performance.
Jaegeuk Kim [Mon, 8 Sep 2014 17:59:43 +0000 (10:59 -0700)]
f2fs: fix negative value for lseek offset
If application throws negative value of lseek with SEEK_DATA|SEEK_HOLE,
previous f2fs went into BUG_ON in get_dnode_of_data, which was reported
by Tommi Rantala.
He could make a simple code to detect this having:
lseek(fd, -17595150933902LL, SEEK_DATA);
This patch should resolve that bug.
Reported-by: Tommi Rentala <tt.rantala@gmail.com>
[Jaegeuk Kim: relocate the condition as suggested by Chao] Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
f2fs: avoid node page to be written twice in gc_node_segment
In gc_node_segment, if node page gc is run concurrently with node page
writeback, and check_valid_map and get_node_page run after page locked
and before cur_valid_map is updated as below, it is possible for the
page to be written twice unnecessarily.
f2fs: use lock-less list(llist) to simplify the flush cmd management
We use flush cmd control to collect many flush cmds, and flush them
together. In this case, we use two list to manage the flush cmds
(collect and dispatch), and one spin lock is used to protect this.
In fact, the lock-less list(llist) is very suitable to this case,
and we use simplify this routine.
-
v2:
-use llist_for_each_entry_safe to fix possible use-after-free issue.
-remove the unused field from struct flush_cmd.
Thanks for Yu's suggestion.
-
Signed-off-by: Gu Zheng <guz.fnst@cn.fujitsu.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
f2fs: refactor flush_sit_entries codes for reducing SIT writes
In commit aec71382c681 ("f2fs: refactor flush_nat_entries codes for reducing NAT
writes"), we descripte the issue as below:
"Although building NAT journal in cursum reduce the read/write work for NAT
block, but previous design leave us lower performance when write checkpoint
frequently for these cases:
1. if journal in cursum has already full, it's a bit of waste that we flush all
nat entries to page for persistence, but not to cache any entries.
2. if journal in cursum is not full, we fill nat entries to journal util
journal is full, then flush the left dirty entries to disk without merge
journaled entries, so these journaled entries may be flushed to disk at next
checkpoint but lost chance to flushed last time."
Actually, we have the same problem in using SIT journal area.
In this patch, firstly we will update sit journal with dirty entries as many as
possible. Secondly if there is no space in sit journal, we will remove all
entries in journal and walk through the whole dirty entry bitmap of sit,
accounting dirty sit entries located in same SIT block to sit entry set. All
entry sets are linked to list sit_entry_set in sm_info, sorted ascending order
by count of entries in set. Later we flush entries in set which have fewest
entries into journal as many as we can, and then flush dense set with merged
entries to disk.
In this way we can use sit journal area more effectively, also we will reduce
SIT update, result in gaining in performance and saving lifetime of flash
device.
In my testing environment, it shows this patch can help to reduce SIT block
update obviously.
virtual machine + hard disk:
fsstress -p 20 -n 400 -l 5
sit page num cp count sit pages/cp
based 2006.50 1349.75 1.486
patched 1566.25 1463.25 1.070
Our latency of merging op is small when handling a great number of dirty SIT
entries in flush_sit_entries:
latency(ns) dirty sit count
36038 2151
49168 2123
37174 2232
Signed-off-by: Chao Yu <chao2.yu@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Merge tag 'for-f2fs-3.17-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs
Pull f2fs bug fixes from Jaegeuk Kim:
"This series includes patches to:
- fix recovery routines
- fix bugs related to inline_data/xattr
- fix when casting the dentry names
- handle EIO or ENOMEM correctly
- fix memory leak
- fix lock coverage"
* tag 'for-f2fs-3.17-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs: (28 commits)
f2fs: reposition unlock_new_inode to prevent accessing invalid inode
f2fs: fix wrong casting for dentry name
f2fs: simplify by using a literal
f2fs: truncate stale block for inline_data
f2fs: use macro for code readability
f2fs: introduce need_do_checkpoint for readability
f2fs: fix incorrect calculation with total/free inode num
f2fs: remove rename and use rename2
f2fs: skip if inline_data was converted already
f2fs: remove rewrite_node_page
f2fs: avoid double lock in truncate_blocks
f2fs: prevent checkpoint during roll-forward
f2fs: add WARN_ON in f2fs_bug_on
f2fs: handle EIO not to break fs consistency
f2fs: check s_dirty under cp_mutex
f2fs: unlock_page when node page is redirtied out
f2fs: introduce f2fs_cp_error for readability
f2fs: give a chance to mount again when encountering errors
f2fs: trigger release_dirty_inode in f2fs_put_super
f2fs: don't skip checkpoint if there is no dirty node pages
...
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull key subsystem fixes from James Morris:
"Fixes for the keys subsystem, one of which addresses a use-after-free
bug"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
PEFILE: Relax the check on the length of the PKCS#7 cert
KEYS: Fix use-after-free in assoc_array_gc()
KEYS: Fix public_key asymmetric key subtype name
KEYS: Increase root_maxkeys and root_maxbytes sizes
Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Pull more arm64 fixes from Will Deacon:
"Another handful of arm64 fixes here. They address some issues found
by running smatch on the arch code (ignoring the false positives) and
also stop 32-bit Android from losing track of its stack.
There's one additional irq migration fix in the pipeline, but it came
in after I'd tagged and tested this set.
- a few fixes for real issues found by smatch (after Dan's talk at KS)
- revert the /proc/cpuinfo changes merged during the merge window.
We've opened a can of worms here, so we need to find out where we
stand before we change this interface.
- implement KSTK_ESP for compat tasks, otherwise 32-bit Android gets
confused wondering where its [stack] has gone
* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
Revert "arm64: cpuinfo: print info for all CPUs"
arm64: fix bug for reloading FPSIMD state after cpu power off
arm64: report correct stack pointer in KSTK_ESP for compat tasks
arm64: Add brackets around user_stack_pointer()
arm64: perf: don't rely on layout of pt_regs when grabbing sp or pc
arm64: ptrace: fix compat reg getter/setter return values
arm64: ptrace: fix compat hardware watchpoint reporting
arm64: Remove unused variable in head.S
arm64/crypto: remove redundant update of data
Merge branch 'leds-fixes-for-3.17' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/linux-leds
Pull LED fix from Bryan Wu:
"Hugh, Jiri and many other people found a kernel oops due to a LED
change merged recently. Now the right fix might just revert it and
avoid the kernel oops"
* 'leds-fixes-for-3.17' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/linux-leds:
Revert "leds: convert blink timer to workqueue"
The wrapper is the first 8 bytes of the hex dump inside []. This indicates a
length of 0x968 bytes, including the wrapper header - so 0x960 bytes of
payload.
The ASN.1 wrapper begins [ ... 30 82 09 56 ]. That indicates an object of size
0x956 - a four byte discrepency, presumably just padding for alignment
purposes.
So we just check that the ASN.1 container is no bigger than the payload and
reduce the recorded size appropriately.
Whilst we're at it, allow shorter PKCS#7 objects that manage to squeeze within
127 or 255 bytes. It's just about conceivable if no X.509 certs are included
in the PKCS#7 message.
Reported-by: Vivek Goyal <vgoyal@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com> Acked-by: Peter Jones <pjones@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
David Howells [Tue, 2 Sep 2014 12:52:10 +0000 (13:52 +0100)]
KEYS: Fix public_key asymmetric key subtype name
The length of the name of an asymmetric key subtype must be stored in struct
asymmetric_key_subtype::name_len so that it can be matched by a search for
"<subkey_name>:<partial_fingerprint>". Fix the public_key subtype to have
name_len set.
Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
Steve Dickson [Tue, 2 Sep 2014 12:52:05 +0000 (13:52 +0100)]
KEYS: Increase root_maxkeys and root_maxbytes sizes
Now that NFS client uses the kernel key ring facility to store the NFSv4
id/gid mappings, the defaults for root_maxkeys and root_maxbytes need to be
substantially increased.
Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
It's broken as it changes led_blink_set() in a way that it can now sleep
(while synchronously waiting for workqueue to be cancelled). That's a
problem, because it's possible that this function gets called from atomic
context (tpt_trig_timer() takes a readlock and thus disables preemption).
This has been brought up 3 weeks ago already [1] but no proper fix has
materialized, and I keep seeing the problem since 3.17-rc1.
Chao Yu [Sat, 30 Aug 2014 01:52:34 +0000 (09:52 +0800)]
f2fs: reposition unlock_new_inode to prevent accessing invalid inode
As the race condition on the inode cache, following scenario can appear:
[Thread a] [Thread b]
->f2fs_mkdir
->f2fs_add_link
->__f2fs_add_link
->init_inode_metadata failed here
->gc_thread_func
->f2fs_gc
->do_garbage_collect
->gc_data_segment
->f2fs_iget
->iget_locked
->wait_on_inode
->unlock_new_inode
->move_data_page
->make_bad_inode
->iput
When we fail in create/symlink/mkdir/mknod/tmpfile, the new allocated inode
should be set as bad to avoid being accessed by other thread. But in above
scenario, it allows f2fs to access the invalid inode before this inode was set
as bad.
This patch fix the potential problem, and this issue was found by code review.
change log from v1:
o Add condition judgment in gc_data_segment() suggested by Changman Lee.
o use iget_failed to simplify code.
Signed-off-by: Chao Yu <chao2.yu@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Will Deacon [Mon, 1 Sep 2014 14:47:19 +0000 (15:47 +0100)]
Revert "arm64: cpuinfo: print info for all CPUs"
It turns out that vendors are relying on the format of /proc/cpuinfo,
and we've even spotted out-of-tree hacks attempting to make it look
identical to the format used by arch/arm/. That means we can't afford to
churn this interface in mainline, so revert the recent reformatting of
the file for arm64 pending discussions on the list to find out what
people actually want.
Leo Yan [Mon, 1 Sep 2014 03:09:51 +0000 (11:09 +0800)]
arm64: fix bug for reloading FPSIMD state after cpu power off
Now arm64 defers reloading FPSIMD state, but this optimization also
introduces the bug after cpu resume back from low power mode.
The reason is after the cpu has been powered off, s/w need set the
cpu's fpsimd_last_state to NULL so that it will force to reload
FPSIMD state for the thread, otherwise there has the chance to meet
the condition for both the task's fpsimd_state.cpu field contains the
id of the current cpu, and the cpu's fpsimd_last_state per-cpu variable
points to the task's fpsimd_state, so finally kernel will skip to reload
the context during it return back to userland.
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Leo Yan <leoy@marvell.com> Signed-off-by: Will Deacon <will.deacon@arm.com>
Merge tag 'xtensa-20140830' of git://github.com/czankel/xtensa-linux
Pull Xtensa updates from Chris Zankel:
"Xtensa improvements for 3.17:
- support highmem on cores with aliasing data cache. Enable highmem
on kc705 by default
- simplify addition of new core variants (no need to modify Kconfig /
Makefiles)
- improve robustness of unaligned access handler and its interaction
with window overflow/underflow exception handlers
- deprecate atomic and spill registers syscalls
- clean up Kconfig: remove orphan MATH_EMULATION, sort 'select'
statements
- wire up renameat2 syscall.
Various fixes:
- fix address checks in dma_{alloc,free}_coherent (runtime BUG)
- fix access to THREAD_RA/THREAD_SP/THREAD_DS (debug build breakage)
- fix TLBTEMP_BASE_2 region handling in fast_second_level_miss
(runtime unrecoverable exception)
- fix a6 and a7 handling in fast_syscall_xtensa (runtime userspace
register clobbering)
- fix kernel/user jump out of fast_unaligned (potential runtime
unrecoverabl exception)
- replace termios IOCTL code definitions with constants (userspace
build breakage)"
* tag 'xtensa-20140830' of git://github.com/czankel/xtensa-linux: (25 commits)
xtensa: deprecate fast_xtensa and fast_spill_registers syscalls
xtensa: don't allow overflow/underflow on unaligned stack
xtensa: fix a6 and a7 handling in fast_syscall_xtensa
xtensa: allow single-stepping through unaligned load/store
xtensa: move invalid unaligned instruction handler closer to its users
xtensa: make fast_unaligned store restartable
xtensa: add double exception fixup handler for fast_unaligned
xtensa: fix kernel/user jump out of fast_unaligned
xtensa: configure kc705 for highmem
xtensa: support highmem in aliasing cache flushing code
xtensa: support aliasing cache in kmap
xtensa: support aliasing cache in k[un]map_atomic
xtensa: implement clear_user_highpage and copy_user_highpage
xtensa: fix TLBTEMP_BASE_2 region handling in fast_second_level_miss
xtensa: allow fixmap and kmap span more than one page table
xtensa: make fixmap region addressing grow with index
xtensa: fix access to THREAD_RA/THREAD_SP/THREAD_DS
xtensa: add renameat2 syscall
xtensa: fix address checks in dma_{alloc,free}_coherent
xtensa: replace IOCTL code definitions with constants
...
Guenter Roeck [Sun, 31 Aug 2014 18:14:26 +0000 (11:14 -0700)]
unicore32: Fix build error
unicore32 builds fail with
arch/unicore32/kernel/signal.c: In function ‘setup_frame’:
arch/unicore32/kernel/signal.c:257: error: ‘usig’ undeclared (first use in this function)
arch/unicore32/kernel/signal.c:279: error: ‘usig’ undeclared (first use in this function)
arch/unicore32/kernel/signal.c: In function ‘handle_signal’:
arch/unicore32/kernel/signal.c:306: warning: unused variable ‘tsk’
arch/unicore32/kernel/signal.c: In function ‘do_signal’:
arch/unicore32/kernel/signal.c:376: error: implicit declaration of function ‘get_signsl’
make[1]: *** [arch/unicore32/kernel/signal.o] Error 1
make: *** [arch/unicore32/kernel/signal.o] Error 2
Bisect points to commit 649671c90eaf ("unicore32: Use get_signal()
signal_setup_done()").
This code never even compiled. Reverting the patch does not work, since
previously used functions no longer exist, so try to fix it up. Compile
tested only.
Fixes: 649671c90eaf ("unicore32: Use get_signal() signal_setup_done()") Cc: Richard Weinberger <richard@nod.at> Signed-off-by: Guenter Roeck <linux@roeck-us.net> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Merge branch 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm
Pull ARM fixes from Russell King:
"Various assorted fixes:
- a couple of patches from Mark Rutland to resolve an errata with
Cortex-A15 CPUs.
- fix cpuidle for the CPU part ID changes in the last merge window
- add support for a relocation which ARM binutils is generating in
some circumstances"
* 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
ARM: 8130/1: cpuidle/cpuidle-big_little: fix reading cpu id part number
ARM: 8129/1: errata: work around Cortex-A15 erratum 830321 using dummy strex
ARM: 8128/1: abort: don't clear the exclusive monitors
ARM: 8127/1: module: add support for R_ARM_TARGET1 relocations
Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
Pull ARM SoC fixes from Olof Johansson:
"Here's the weekly batch of fixes from arm-soc.
The delta is a largeish negative delta, due to revert of SMP support
for Broadcom's STB SoC -- it was accidentally merged before some
issues had been addressed, so they will make a new attempt for 3.18.
I didn't see a need for a full revert of the whole platform due to
this, we're keeping the rest enabled.
The rest is mostly:
- a handful of DT fixes for i.MX (Hummingboard/Cubox-i in particular)
- some MTD/NAND fixes for OMAP
- minor DT fixes for shmobile
- warning fix for UP builds on vexpress/spc
There's also a couple of patches that wires up hwmod on TI's DRA7 SoC
so it can boot. Drivers and the rest had landed for 3.17, and it's
small and isolated so it made sense to pick up now even if it's not a
bugfix"
* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (23 commits)
vexpress/spc: fix a build warning on array bounds
ARM: DRA7: hwmod: Add dra74x and dra72x specific ocp interface lists
ARM: DRA7: Add support for soc_is_dra74x() and soc_is_dra72x() variants
MAINTAINERS: catch special Rockchip code locations
ARM: dts: microsom-ar8035: MDIO pad must be set open drain
ARM: dts: omap54xx-clocks: Fix the l3 and l4 clock rates
ARM: brcmstb: revert SMP support
ARM: OMAP2+: hwmod: Rearm wake-up interrupts for DT when MUSB is idled
ARM: dts: Enable UART wake-up events for beagleboard
ARM: dts: Remove twl6030 clk32g "regulator"
ARM: OMAP2+: omap_device: remove warning that clk alias already exists
ARM: OMAP: fix %d confusingly prefixed with 0x in format string
ARM: dts: DRA7: fix interrupt-cells for GPIO
mtd: nand: omap: Fix 1-bit Hamming code scheme, omap_calculate_ecc()
ARM: dts: omap3430-sdp: Revert to using software ECC for NAND
ARM: OMAP2+: GPMC: Support Software ECC scheme via DT
mtd: nand: omap: Revert to using software ECC by default
ARM: dts: hummingboard/cubox-i: change SPDIF output to be more descriptive
ARM: dts: hummingboard/cubox-i: add USB OC pinctrl configuration
ARM: shmobile: r8a7791: add missing 0x0100 for SDCKCR
...
Alex Shi [Wed, 16 Jul 2014 11:21:56 +0000 (19:21 +0800)]
vexpress/spc: fix a build warning on array bounds
With ARCH_VEXPRESS_SPC option, kernel build has the following
warning:
arch/arm/mach-vexpress/spc.c: In function ‘ve_spc_clk_init’:
arch/arm/mach-vexpress/spc.c:431:38: warning: array subscript is below array bounds [-Warray-bounds]
struct ve_spc_opp *opps = info->opps[cluster];
^
since 'cluster' maybe '-1' in UP system. This patch does a active
checking to fix this issue.
Signed-off-by: Alex Shi <alex.shi@linaro.org> Acked-by: Pawel Moll <pawel.moll@arm.com> Acked-by: Sudeep Holla <sudeep.holla@arm.com> Signed-off-by: Olof Johansson <olof@lixom.net>
* tag 'for-v3.17-rc/omap-dra72x-d74x-support-a' of git://git.kernel.org/pub/scm/linux/kernel/git/pjw/omap-pending:
ARM: DRA7: hwmod: Add dra74x and dra72x specific ocp interface lists
ARM: DRA7: Add support for soc_is_dra74x() and soc_is_dra72x() variants
Linus Torvalds [Sun, 31 Aug 2014 17:09:07 +0000 (10:09 -0700)]
Merge tag 'spi-v3.17-rc3-2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi
Pull spi bugfixes from Mark Brown:
"A smattering of bug fixes for the SPI subsystem, all in driver code
which has seen active work recently and none of them with any great
global impact.
There's also a new ACPI ID for the pxa2xx driver which required no
code changes and the addition of kerneldoc for some structure fields
that were missing it and generating warnings during documentation
builds as a result"
* tag 'spi-v3.17-rc3-2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi:
spi: sh-msiof: Fix transmit-only DMA transfers
spi/rockchip: Avoid accidentally turning off the clock
spi: dw: fix kernel crash due to NULL pointer dereference
spi: dw-pci: fix bug when regs left uninitialized
spi: davinci: fix SPI_NO_CS functionality
spi/rockchip: fixup incorrect dma direction setting
spi/pxa2xx: Add ACPI ID for Intel Braswell
spi: spi-au1550: fix build failure
spi: rspi: Fix leaking of unused DMA descriptors
spi: sh-msiof: Fix leaking of unused DMA descriptors
spi: Add missing kerneldoc bits
spi/omap-mcspi: Fix the spi task hangs waiting dma_rx
Mark Brown [Sun, 31 Aug 2014 12:46:19 +0000 (13:46 +0100)]
Merge tag 'spi-v3.17-rc3' into spi-linus
spi: Bug fixes for v3.17
A smattering of bug fixes for the SPI subsystem, all in driver code
which has seen active work recently and none of them with any great
global impact.
There's also a new ACPI ID for the pxa2xx driver which required no code
changes and the addition of kerneldoc for some structure fields that
were missing it and generating warnings during documentation builds as a
result.
# gpg: Signature made Sun 31 Aug 2014 13:19:12 BST using RSA key ID 7EA229BD
# gpg: Good signature from "Mark Brown <broonie@sirena.org.uk>"
# gpg: aka "Mark Brown <broonie@debian.org>"
# gpg: aka "Mark Brown <broonie@kernel.org>"
# gpg: aka "Mark Brown <broonie@tardis.ed.ac.uk>"
# gpg: aka "Mark Brown <broonie@linaro.org>"
# gpg: aka "Mark Brown <Mark.Brown@linaro.org>"
Linus Torvalds [Sun, 31 Aug 2014 04:04:37 +0000 (21:04 -0700)]
Merge tag 'locks-v3.17-3' of git://git.samba.org/jlayton/linux
Pull file locking bugfx from Jeff Layton:
"Just a bugfix for a bug that crept in to v3.15. It's in a rather rare
error path, and I'm not aware of anyone having hit it, but it's worth
fixing for v3.17"
* tag 'locks-v3.17-3' of git://git.samba.org/jlayton/linux:
locks: pass correct "before" pointer to locks_unlink_lock in generic_add_lease
Linus Torvalds [Sat, 30 Aug 2014 00:22:27 +0000 (17:22 -0700)]
Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fixes from Peter Anvin:
"One patch to avoid assigning interrupts we don't actually have on
non-PC platforms, and two patches that addresses bugs in the new
IOAPIC assignment code"
* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86, irq, PCI: Keep IRQ assignment for runtime power management
x86: irq: Fix bug in setting IOAPIC pin attributes
x86: Fix non-PC platform kernel crash on boot due to NULL dereference
Linus Torvalds [Sat, 30 Aug 2014 00:18:48 +0000 (17:18 -0700)]
Merge tag 'pm+acpi-3.17-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull ACPI and power management fixes from Rafael Wysocki:
- Fix for an ACPI regression related to the handling of fixed events
that caused netlink routines to be (incorrectly) run in interrupt
context from Lan Tianyu
- Fix for an ACPI EC driver regression on Acer Aspire V5-573G that
caused AC/battery plug/unplug and video brightness change
notifications to be delayed on that machine from Lv Zheng
- Fix for an ACPI device enumeration regression that caused ACPI driver
probe to fail for some devices where it succeeded before (Rafael J
Wysocki)
- intel_pstate driver fix to prevent it from printing an information
message for every CPU in the system on every boot from Andi Kleen
- s5pv210 cpufreq driver fix to remove an __init annotation from a
routine that in fact can be called at any time after init too from
Mark Brown
- New Intel Braswell device ID for the ACPI LPSS (Low-Power Subsystem)
driver from Alan Cox
- New Intel Braswell CPU ID for intel_pstate from Mika Westerberg
* tag 'pm+acpi-3.17-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
cpufreq: s5pv210: Remove spurious __init annotation
cpufreq: intel_pstate: Add CPU ID for Braswell processor
intel_pstate: Turn per cpu printk into pr_debug
ACPI / LPSS: Add ACPI IDs for Intel Braswell
ACPI / EC: Add support to disallow QR_EC to be issued before completing previous QR_EC
ACPI / EC: Add support to disallow QR_EC to be issued when SCI_EVT isn't set
ACPI: Run fixed event device notifications in process context
ACPI / scan: Allow ACPI drivers to bind to PNP device objects
Linus Torvalds [Fri, 29 Aug 2014 23:28:29 +0000 (16:28 -0700)]
Merge branch 'akpm' (fixes from Andrew Morton)
Merge patches from Andrew Morton:
"22 fixes"
* emailed patches from Andrew Morton <akpm@linux-foundation.org>: (22 commits)
kexec: purgatory: add clean-up for purgatory directory
Documentation/kdump/kdump.txt: add ARM description
flush_icache_range: export symbol to fix build errors
tools: selftests: fix build issue with make kselftests target
ocfs2: quorum: add a log for node not fenced
ocfs2: o2net: set tcp user timeout to max value
ocfs2: o2net: don't shutdown connection when idle timeout
ocfs2: do not write error flag to user structure we cannot copy from/to
x86/purgatory: use approprate -m64/-32 build flag for arch/x86/purgatory
drivers/rtc/rtc-s5m.c: re-add support for devices without irq specified
xattr: fix check for simultaneous glibc header inclusion
kexec: remove CONFIG_KEXEC dependency on crypto
kexec: create a new config option CONFIG_KEXEC_FILE for new syscall
x86,mm: fix pte_special versus pte_numa
hugetlb_cgroup: use lockdep_assert_held rather than spin_is_locked
mm/zpool: use prefixed module loading
zram: fix incorrect stat with failed_reads
lib: turn CONFIG_STACKTRACE into an actual option.
mm: actually clear pmd_numa before invalidating
memblock, memhotplug: fix wrong type in memblock_find_in_range_node().
...
Junxiao Bi [Fri, 29 Aug 2014 22:19:02 +0000 (15:19 -0700)]
ocfs2: o2net: set tcp user timeout to max value
When tcp retransmit timeout(15mins), the connection will be closed.
Pending messages may be lost during this time. So we set tcp user
timeout to override the retransmit timeout to the max value. This is OK
for ocfs2 since we have disk heartbeat, if peer crash, the disk
heartbeat will timeout and it will be evicted, if disk heartbeat not
timeout and connection idle for a long time, then this means the cluster
enters split-brain state, since fence can't happen, we'd better keep the
connection and wait network recover.
Signed-off-by: Junxiao Bi <junxiao.bi@oracle.com> Reviewed-by: Srinivas Eeda <srinivas.eeda@oracle.com> Reviewed-by: Mark Fasheh <mfasheh@suse.de> Cc: Joel Becker <jlbec@evilplan.org> Cc: Joseph Qi <joseph.qi@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Junxiao Bi [Fri, 29 Aug 2014 22:19:00 +0000 (15:19 -0700)]
ocfs2: o2net: don't shutdown connection when idle timeout
This patch series is to fix a possible message lost bug in ocfs2 when
network go bad. This bug will cause ocfs2 hung forever even network
become good again.
The messages may lost in this case. After the tcp connection is
established between two nodes, an idle timer will be set to check its
state periodically, if no messages are received during this time, idle
timer will timeout, it will shutdown the connection and try to
reconnect, so pending messages in tcp queues will be lost. This
messages may be from dlm. Dlm may get hung in this case. This may
cause the whole ocfs2 cluster hung.
This is very possible to happen when network state goes bad. Do the
reconnect is useless, it will fail if network state is still bad. Just
waiting there for network recovering may be a good idea, it will not
lost messages and some node will be fenced until cluster goes into
split-brain state, for this case, Tcp user timeout is used to override
the tcp retransmit timeout. It will timeout after 25 days, user should
have notice this through the provided log and fix the network, if they
don't, ocfs2 will fall back to original reconnect way.
This patch (of 3):
Some messages in the tcp queue maybe lost if we shutdown the connection
and reconnect when idle timeout. If packets lost and reconnect success,
then the ocfs2 cluster maybe hung.
To fix this, we can leave the connection there and do the fence decision
when idle timeout, if network recover before fence dicision is made, the
connection survive without lost any messages.
This bug can be saw when network state go bad. It may cause ocfs2 hung
forever if some packets lost. With this fix, ocfs2 will recover from
hung if network becomes good again.
Signed-off-by: Junxiao Bi <junxiao.bi@oracle.com> Reviewed-by: Srinivas Eeda <srinivas.eeda@oracle.com> Reviewed-by: Mark Fasheh <mfasheh@suse.de> Cc: Joel Becker <jlbec@evilplan.org> Cc: Joseph Qi <joseph.qi@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Ben Hutchings [Fri, 29 Aug 2014 22:18:58 +0000 (15:18 -0700)]
ocfs2: do not write error flag to user structure we cannot copy from/to
If we failed to copy from the structure, writing back the flags leaks 31
bits of kernel memory (the rest of the ir_flags field).
In any case, if we cannot copy from/to the structure, why should we
expect putting just the flags to work?
Also make sure ocfs2_info_handle_freeinode() returns the right error
code if the copy_to_user() fails.
Fixes: ddee5cdb70e6 ('Ocfs2: Add new OCFS2_IOC_INFO ioctl for ocfs2 v8.') Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Cc: Joel Becker <jlbec@evilplan.org> Acked-by: Mark Fasheh <mfasheh@suse.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Vivek Goyal [Fri, 29 Aug 2014 22:18:55 +0000 (15:18 -0700)]
x86/purgatory: use approprate -m64/-32 build flag for arch/x86/purgatory
Thomas reported that build of x86_64 kernel was failing for him. He is
using 32bit tool chain.
Problem is that while compiling purgatory, I have not specified -m64
flag. And 32bit tool chain must be assuming -m32 by default.
Following is error message.
(mini) [~/work/linux-2.6] make
scripts/kconfig/conf --silentoldconfig Kconfig
CHK include/config/kernel.release
UPD include/config/kernel.release
CHK include/generated/uapi/linux/version.h
CHK include/generated/utsrelease.h
UPD include/generated/utsrelease.h
CC arch/x86/purgatory/purgatory.o
arch/x86/purgatory/purgatory.c:1:0: error: code model 'large' not supported in
the 32 bit mode
Fix it by explicitly passing appropriate -m64/-m32 build flag for
purgatory.
Reported-by: Thomas Glanzmann <thomas@glanzmann.de> Tested-by: Thomas Glanzmann <thomas@glanzmann.de> Suggested-by: H. Peter Anvin <hpa@zytor.com> Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
xattr: fix check for simultaneous glibc header inclusion
The guard was introduced in commit ea1a8217b06b ("xattr: guard against
simultaneous glibc header inclusion") but it is using #ifdef to check
for a define that is either set to 1 or 0. Fix it to use #if instead.
* Without this patch:
$ { echo "#include <sys/xattr.h>"; echo "#include <linux/xattr.h>"; } | gcc -E -Iinclude/uapi - >/dev/null
include/uapi/linux/xattr.h:19:0: warning: "XATTR_CREATE" redefined [enabled by default]
#define XATTR_CREATE 0x1 /* set value, fail if attr already exists */
^
/usr/include/x86_64-linux-gnu/sys/xattr.h:32:0: note: this is the location of the previous definition
#define XATTR_CREATE XATTR_CREATE
^
Vivek Goyal [Fri, 29 Aug 2014 22:18:46 +0000 (15:18 -0700)]
kexec: create a new config option CONFIG_KEXEC_FILE for new syscall
Currently new system call kexec_file_load() and all the associated code
compiles if CONFIG_KEXEC=y. But new syscall also compiles purgatory
code which currently uses gcc option -mcmodel=large. This option seems
to be available only gcc 4.4 onwards.
Hiding new functionality behind a new config option will not break
existing users of old gcc. Those who wish to enable new functionality
will require new gcc. Having said that, I am trying to figure out how
can I move away from using -mcmodel=large but that can take a while.
I think there are other advantages of introducing this new config
option. As this option will be enabled only on x86_64, other arches
don't have to compile generic kexec code which will never be used. This
new code selects CRYPTO=y and CRYPTO_SHA256=y. And all other arches had
to do this for CONFIG_KEXEC. Now with introduction of new config
option, we can remove crypto dependency from other arches.
Now CONFIG_KEXEC_FILE is available only on x86_64. So whereever I had
CONFIG_X86_64 defined, I got rid of that.
For CONFIG_KEXEC_FILE, instead of doing select CRYPTO=y, I changed it to
"depends on CRYPTO=y". This should be safer as "select" is not
recursive.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Cc: Eric Biederman <ebiederm@xmission.com> Cc: H. Peter Anvin <hpa@zytor.com> Tested-by: Shaun Ruffell <sruffell@digium.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Hugh Dickins [Fri, 29 Aug 2014 22:18:44 +0000 (15:18 -0700)]
x86,mm: fix pte_special versus pte_numa
Sasha Levin has shown oopses on ffffea0003480048 and ffffea0003480008 at
mm/memory.c:1132, running Trinity on different 3.16-rc-next kernels:
where zap_pte_range() checks page->mapping to see if PageAnon(page).
Those addresses fit struct pages for pfns d2001 and d2000, and in each
dump a register or a stack slot showed d2001730 or d2000730: pte flags
0x730 are PCD ACCESSED PROTNONE SPECIAL IOMAP; and Sasha's e820 map has
a hole between cfffffff and 100000000, which would need special access.
Commit c46a7c817e66 ("x86: define _PAGE_NUMA by reusing software bits on
the PMD and PTE levels") has broken vm_normal_page(): a PROTNONE SPECIAL
pte no longer passes the pte_special() test, so zap_pte_range() goes on
to try to access a non-existent struct page.
Fix this by refining pte_special() (SPECIAL with PRESENT or PROTNONE) to
complement pte_numa() (SPECIAL with neither PRESENT nor PROTNONE). A
hint that this was a problem was that c46a7c817e66 added pte_numa() test
to vm_normal_page(), and moved its is_zero_pfn() test from slow to fast
path: This was papering over a pte_special() snag when the zero page was
encountered during zap. This patch reverts vm_normal_page() to how it
was before, relying on pte_special().
It still appears that this patch may be incomplete: aren't there other
places which need to be handling PROTNONE along with PRESENT? For
example, pte_mknuma() clears _PAGE_PRESENT and sets _PAGE_NUMA, but on a
PROT_NONE area, that would make it pte_special(). This is side-stepped
by the fact that NUMA hinting faults skipped PROT_NONE VMAs and there
are no grounds where a NUMA hinting fault on a PROT_NONE VMA would be
interesting.
Fixes: c46a7c817e66 ("x86: define _PAGE_NUMA by reusing software bits on the PMD and PTE levels") Reported-by: Sasha Levin <sasha.levin@oracle.com> Tested-by: Sasha Levin <sasha.levin@oracle.com> Signed-off-by: Hugh Dickins <hughd@google.com> Signed-off-by: Mel Gorman <mgorman@suse.de> Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Rik van Riel <riel@redhat.com> Cc: Johannes Weiner <hannes@cmpxchg.org> Cc: Cyrill Gorcunov <gorcunov@gmail.com> Cc: Matthew Wilcox <matthew.r.wilcox@intel.com> Cc: <stable@vger.kernel.org> [3.16] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Michal Hocko [Fri, 29 Aug 2014 22:18:42 +0000 (15:18 -0700)]
hugetlb_cgroup: use lockdep_assert_held rather than spin_is_locked
spin_lock may be an empty struct for !SMP configurations and so
arch_spin_is_locked may return unconditional 0 and trigger the VM_BUG_ON
even when the lock is held.
Replace spin_is_locked by lockdep_assert_held. We will not BUG anymore
but it is questionable whether crashing makes a lot of sense in the
uncharge path. Uncharge happens after the last page reference was
released so nobody should touch the page and the function doesn't update
any shared state except for res counter which uses synchronization of
its own.
Signed-off-by: Michal Hocko <mhocko@suse.cz> Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Kees Cook [Fri, 29 Aug 2014 22:18:40 +0000 (15:18 -0700)]
mm/zpool: use prefixed module loading
To avoid potential format string expansion via module parameters, do not
use the zpool type directly in request_module() without a format string.
Additionally, to avoid arbitrary modules being loaded via zpool API
(e.g. via the zswap_zpool_type module parameter) add a "zpool-" prefix
to the requested module, as well as module aliases for the existing
zpool types (zbud and zsmalloc).
Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Seth Jennings <sjennings@variantweb.net> Cc: Minchan Kim <minchan@kernel.org> Cc: Nitin Gupta <ngupta@vflare.org> Acked-by: Dan Streetman <ddstreet@ieee.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Chao Yu [Fri, 29 Aug 2014 22:18:37 +0000 (15:18 -0700)]
zram: fix incorrect stat with failed_reads
Since we allocate a temporary buffer in zram_bvec_read to handle partial
page operations in commit 924bd88d703e ("Staging: zram: allow partial
page operations"), our ->failed_reads value may be incorrect as we do
not increase its value when failing to allocate the temporary buffer.
Let's fix this issue and correct the annotation of failed_reads.
Dave Jones [Fri, 29 Aug 2014 22:18:35 +0000 (15:18 -0700)]
lib: turn CONFIG_STACKTRACE into an actual option.
I was puzzled why /proc/$$/stack had disappeared, until I figured out I
had disabled the last debug option that did a 'select STACKTRACE'. This
patch makes the option show up at config time, so it can be enabled
without enabling any of the more heavyweight debug options.
Signed-off-by: Dave Jones <davej@redhat.com> Acked-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Tang Chen [Fri, 29 Aug 2014 22:18:31 +0000 (15:18 -0700)]
memblock, memhotplug: fix wrong type in memblock_find_in_range_node().
In memblock_find_in_range_node(), we defined ret as int. But it should
be phys_addr_t because it is used to store the return value from
__memblock_find_range_bottom_up().
The bug has not been triggered because when allocating low memory near
the kernel end, the "int ret" won't turn out to be negative. When we
started to allocate memory on other nodes, and the "int ret" could be
minus. Then the kernel will panic.
A simple way to reproduce this: comment out the following code in
numa_init(),
Vivek Goyal [Fri, 29 Aug 2014 22:18:29 +0000 (15:18 -0700)]
resource: fix the case of null pointer access
Richard and Daniel reported that UML is broken due to changes to
resource traversal functions. Problem is that iomem_resource.child can
be null and new code does not consider that possibility. Old code used
a for loop and that loop will not even execute if p was null.
Revert back to for() loop logic and bail out if p is null.
I also moved sibling_only check out of resource_lock. There is no
reason to keep it inside the lock.
Fixes 8c86e70acead629aacb4a ("resource: provide new functions to walk
through resources").
Reported-by: Daniel Walter <sahne@0x90.at> Tested-by: Richard Weinberger <richard@nod.at> Tested-by: Toralf Förster <toralf.foerster@gmx.de> Tested-by: Daniel Walter <sahne@0x90.at> Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Joe Perches [Fri, 29 Aug 2014 22:18:26 +0000 (15:18 -0700)]
checkpatch: relax check for length of git commit IDs
Checkpatch currently warns if a git commit ID (in the changelog,
usually) is less than 12 characters or more than 16. The "more than 16"
is excessive. Change the check so we accept IDs from 12 to 40 chars in
length.
Linus Torvalds [Fri, 29 Aug 2014 20:04:13 +0000 (13:04 -0700)]
Merge tag 'nfs-for-3.17-3' of git://git.linux-nfs.org/projects/trondmy/linux-nfs
Pull NFS client fixes from Trond Myklebust:
"Highlights:
- NFSv3 stable fix for another POSIX ACL regression
- NFSv4 stable fix for a regression with OPEN_DOWNGRADE
- NFSv4 stable fix for bad close() behaviour when holding a delegation"
* tag 'nfs-for-3.17-3' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
NFSv3: Fix another acl regression
NFSv4: Don't clear the open state when we just did an OPEN_DOWNGRADE
NFSv4: Fix problems with close in the presence of a delegation
Linus Torvalds [Fri, 29 Aug 2014 19:10:03 +0000 (12:10 -0700)]
Merge tag 'usb-3.17-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
Pull USB fixes from Greg KH:
"Here are a bunch of fixes for the USB drivers for 3.17-rc3.
Also in here is the movement of the usbip driver out of staging, into
the "real" part of the kernel, it had to wait until after -rc1 to
handle the merge issues involved between the USB and staging trees.
The code is identical, just file movements there.
The USB fixes are all over the place, new device ids, xhci fixes for
reported issues and the usual gadget driver fixes as well. All have
been in linux-next for a while now"
* tag 'usb-3.17-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (46 commits)
USB: fix build error with CONFIG_PM_RUNTIME disabled
Revert "usb: ehci/ohci-exynos: Fix PHY getting sequence"
xhci: Disable streams on Via XHCI with device-id 0x3432
USB: serial: fix potential heap buffer overflow
USB: serial: fix potential stack buffer overflow
usb: ehci/ohci-exynos: Fix PHY getting sequence
usb: hub: Prevent hub autosuspend if usbcore.autosuspend is -1
USB: sisusb: add device id for Magic Control USB video
usb: dwc2: gadget: Set the default EP max packet value as 8 bytes
usb: ehci: using wIndex + 1 for hub port
USB: storage: add quirk for Newer Technology uSCSI SCSI-USB converter
MAINTAINERS: Add an entry for USB/IP driver
usbip: remove struct usb_device_id table
usbip: move usbip kernel code out of staging
usbip: move usbip userspace code out of staging
USB: whiteheat: Added bounds checking for bulk command response
usb: gadget: remove $(PWD) in ccflags-y
usb: pch_udc: usb gadget device support for Intel Quark X1000
usb: gadget: uvc: fix possible lockup in uvc gadget
usb: wusbcore: fix below build warning
...
Linus Torvalds [Fri, 29 Aug 2014 19:04:10 +0000 (12:04 -0700)]
Merge tag 'staging-3.17-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging
Pull staging driver fixes from Greg KH:
"Here are some staging driver fixes for your tree. Nothing huge, just
some fixes for issues that have been reported and a few new device ids
added.
All have been in linux-next for a while"
* tag 'staging-3.17-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
staging: r8188eu: Add new USB ID
staging/rtl8188eu: add 0df6:0076 Sitecom Europe B.V.
staging: android: fix a possible memory leak
staging: lustre: lustre: libcfs: workitem.c: Cleaning up missing null-terminate after strncpy call
staging: et131x: Fix errors caused by phydev->addr accesses before initialisation
staging: lustre: Remove circular dependency on header
Linus Torvalds [Fri, 29 Aug 2014 19:01:22 +0000 (12:01 -0700)]
Merge tag 'char-misc-3.17-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
Pull char/misc driver fixes from Greg KH:
"Here are 3 fixes for the mei and thunderbolt drivers that resolve some
reported issues.
All have been in linux-next for a while"
* tag 'char-misc-3.17-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
thunderbolt: Clear hops before overwriting
mei: nfc: fix memory leak in error path
mei: reset client state on queued connect request
Linus Torvalds [Fri, 29 Aug 2014 18:52:46 +0000 (11:52 -0700)]
Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
Pull ext4 bugfixes from Ted Ts'o:
"Ext4 bug fixes for 3.17, to provide better handling of memory
allocation failures, and to fix some journaling bugs involving
journal checksums and FALLOC_FL_ZERO_RANGE"
* tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
ext4: fix same-dir rename when inline data directory overflows
jbd2: fix descriptor block size handling errors with journal_csum
jbd2: fix infinite loop when recovering corrupt journal blocks
ext4: update i_disksize coherently with block allocation on error path
ext4: fix transaction issues for ext4_fallocate and ext_zero_range
ext4: fix incorect journal credits reservation in ext4_zero_range
ext4: move i_size,i_disksize update routines to helper function
ext4: fix BUG_ON in mb_free_blocks()
ext4: propagate errors up to ext4_find_entry()'s callers
Linus Torvalds [Fri, 29 Aug 2014 18:21:48 +0000 (11:21 -0700)]
Merge branch 'for-linus' of git://git.kernel.dk/linux-block
Pull block layer fixes from Jens Axboe:
"A smaller collection of fixes that have come up since the initial
merge window pull request. This contains:
- error handling cleanup and support for larger than 16 byte cdbs in
sg_io() from Christoph. The latter just matches what bsg and
friends support, sg_io() got left out in the merge.
- an option for brd to expose partitions in /proc/partitions. They
are hidden by default for compat reasons. From Dmitry Monakhov.
- a few blk-mq fixes from me - killing a dead/unused flag, fix for
merging happening even if turned off, and correction of a few
comments.
- removal of unnecessary ->owner setting in systemace. From Michal
Simek.
- two related fixes for a problem with nesting freezing of queues in
blk-mq. One from Ming Lei removing an unecessary freeze operation,
and another from Tejun fixing the nesting regression introduced in
the merge window.
- fix for a BUG_ON() at bio_endio time when protection info is
attached and the IO has an error. From Sagi Grimberg.
- two scsi_ioctl bug fixes for regressions with scsi-mq from Tony
Battersby.
- a cfq weight update fix and subsequent comment update from Toshiaki
Makita"
* 'for-linus' of git://git.kernel.dk/linux-block:
cfq-iosched: Add comments on update timing of weight
cfq-iosched: Fix wrong children_weight calculation
block: fix error handling in sg_io
fix regression in SCSI_IOCTL_SEND_COMMAND
scsi-mq: fix requests that use a separate CDB buffer
block: support > 16 byte CDBs for SG_IO
block: cleanup error handling in sg_io
brd: add ram disk visibility option
block: systemace: Remove .owner field for driver
blk-mq: blk_mq_freeze_queue() should allow nesting
blk-mq: correct a few wrong/bad comments
block: Fix BUG_ON when pi errors occur
blk-mq: don't allow merges if turned off for the queue
blk-mq: get rid of unused BLK_MQ_F_SHOULD_SORT flag
blk-mq: fix WARNING "percpu_ref_kill() called more than once!"
Will Deacon [Fri, 25 Jul 2014 00:53:54 +0000 (17:53 -0700)]
alpha: io: implement relaxed accessor macros for writes
write{b,w,l,q}_relaxed are implemented by some architectures in order to
permit memory-mapped I/O writes with weaker barrier semantics than the
non-relaxed variants.
This patch implements these write macros for Alpha, in the same vein as
the relaxed read macros, which are already implemented.
Acked-by: Richard Henderson <rth@twiddle.net> Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru> Signed-off-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Matt Turner <mattst88@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Will Deacon [Fri, 29 Aug 2014 15:11:10 +0000 (16:11 +0100)]
arm64: report correct stack pointer in KSTK_ESP for compat tasks
The KSTK_ESP macro is used to determine the user stack pointer for a
given task. In particular, this is used to to report the '[stack]' VMA
in /proc/self/maps, which is used by Android to determine the stack
location for children of the main thread.
This patch fixes the macro to use user_stack_pointer instead of directly
returning sp. This means that we report w13 instead of sp, since the
former is used as the stack pointer when executing in AArch32 state.
Cc: <stable@vger.kernel.org> Reported-by: Serban Constantinescu <Serban.Constantinescu@arm.com> Signed-off-by: Will Deacon <will.deacon@arm.com>
Catalin Marinas [Fri, 29 Aug 2014 15:08:02 +0000 (16:08 +0100)]
arm64: Add brackets around user_stack_pointer()
Commit 5f888a1d33 (ARM64: perf: support dwarf unwinding in compat mode)
changes user_stack_pointer() to return the compat SP for 32-bit tasks
but without brackets around the whole definition, with possible issues
on the call sites (noticed with a subsequent fix for KSTK_ESP).
Fixes: 5f888a1d33c4 (ARM64: perf: support dwarf unwinding in compat mode) Reported-by: Sudeep Holla <sudeep.holla@arm.com> Cc: <stable@vger.kernel.org> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Will Deacon <will.deacon@arm.com>
Jiang Liu [Fri, 29 Aug 2014 09:26:23 +0000 (17:26 +0800)]
x86, irq, PCI: Keep IRQ assignment for runtime power management
Now IOAPIC driver dynamically allocates IRQ numbers for IOAPIC pins.
We need to keep IRQ assignment for PCI devices during runtime power
management, otherwise it may cause failure of device wakeups.
Commit 3eec595235c17a7 "x86, irq, PCI: Keep IRQ assignment for PCI
devices during suspend/hibernation" has fixed the issue for suspend/
hibernation, we also need the same fix for runtime device sleep too.
Fix: https://bugzilla.kernel.org/show_bug.cgi?id=83271 Reported-and-Tested-by: EmanueL Czirai <amanual@openmailbox.org> Signed-off-by: Jiang Liu <jiang.liu@linux.intel.com> Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Cc: Tony Luck <tony.luck@intel.com> Cc: Joerg Roedel <joro@8bytes.org> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: EmanueL Czirai <amanual@openmailbox.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Rafael J. Wysocki <rjw@rjwysocki.net> Cc: Bjorn Helgaas <bhelgaas@google.com> Cc: Randy Dunlap <rdunlap@infradead.org> Cc: Yinghai Lu <yinghai@kernel.org> Cc: Borislav Petkov <bp@alien8.de> Cc: Grant Likely <grant.likely@linaro.org> Link: http://lkml.kernel.org/r/1409304383-18806-1-git-send-email-jiang.liu@linux.intel.com Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Darrick J. Wong [Wed, 27 Aug 2014 22:40:09 +0000 (18:40 -0400)]
ext4: fix same-dir rename when inline data directory overflows
When performing a same-directory rename, it's possible that adding or
setting the new directory entry will cause the directory to overflow
the inline data area, which causes the directory to be converted to an
extent-based directory. Under this circumstance it is necessary to
re-read the directory when deleting the old dirent because the "old
directory" context still points to i_block in the inode table, which
is now an extent tree root! The delete fails with an FS error, and
the subsequent fsck complains about incorrect link counts and
hardlinked directories.
Test case (originally found with flat_dir_test in the metadata_csum
test program):
# mkfs.ext4 -O inline_data /dev/sda
# mount /dev/sda /mnt
# mkdir /mnt/x
# touch /mnt/x/changelog.gz /mnt/x/copyright /mnt/x/README.Debian
# sync
# for i in /mnt/x/*; do mv $i $i.longer; done
# ls -la /mnt/x/
total 0
-rw-r--r-- 1 root root 0 Aug 25 12:03 changelog.gz.longer
-rw-r--r-- 1 root root 0 Aug 25 12:03 copyright
-rw-r--r-- 1 root root 0 Aug 25 12:03 copyright.longer
-rw-r--r-- 1 root root 0 Aug 25 12:03 README.Debian.longer
(Hey! Why are there four files now??)
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Cc: stable@vger.kernel.org
Darrick J. Wong [Wed, 27 Aug 2014 22:40:07 +0000 (18:40 -0400)]
jbd2: fix descriptor block size handling errors with journal_csum
It turns out that there are some serious problems with the on-disk
format of journal checksum v2. The foremost is that the function to
calculate descriptor tag size returns sizes that are too big. This
causes alignment issues on some architectures and is compounded by the
fact that some parts of jbd2 use the structure size (incorrectly) to
determine the presence of a 64bit journal instead of checking the
feature flags.
Therefore, introduce journal checksum v3, which enlarges the
descriptor block tag format to allow for full 32-bit checksums of
journal blocks, fix the journal tag function to return the correct
sizes, and fix the jbd2 recovery code to use feature flags to
determine 64bitness.
Add a few function helpers so we don't have to open-code quite so
many pieces.
Switching to a 16-byte block size was found to increase journal size
overhead by a maximum of 0.1%, to convert a 32-bit journal with no
checksumming to a 32-bit journal with checksum v3 enabled.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> Reported-by: TR Reardon <thomas_reardon@hotmail.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Cc: stable@vger.kernel.org
Darrick J. Wong [Wed, 27 Aug 2014 22:40:05 +0000 (18:40 -0400)]
jbd2: fix infinite loop when recovering corrupt journal blocks
When recovering the journal, don't fall into an infinite loop if we
encounter a corrupt journal block. Instead, just skip the block and
return an error, which fails the mount and thus forces the user to run
a full filesystem fsck.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Cc: stable@vger.kernel.org
Dmitry Monakhov [Wed, 27 Aug 2014 22:40:03 +0000 (18:40 -0400)]
ext4: update i_disksize coherently with block allocation on error path
In case of delalloc block i_disksize may be less than i_size. So we
have to update i_disksize each time we allocated and submitted some
blocks beyond i_disksize. We weren't doing this on the error paths,
so fix this.