Yang Bai [Fri, 10 Feb 2012 09:55:33 +0000 (17:55 +0800)]
kvm tools: Stop init if check_extensions failed
If kvm__check_extensions found that some of the required
KVM extention is not supported by OS, we should stop the
init and free all allocated resources.
Signed-off-by: Yang Bai <hamo.by@gmail.com> Signed-off-by: Pekka Enberg <penberg@kernel.org>
kvm-tool: Don't try to cleanup ioeventfd if we never initialised it
Since 44287dd (Repair running on non ioeventfd-capable platforms)
it's possible that ioeventfd__init() fails, but the VM still runs.
This means we end up calling ioeventfd__exit(), which writes()
and then reads() epoll_stop_fd. Because we failed the init,
epoll_stop_fd is 0, so we end up writing/reading stdin, which
exhibits as kvm-tool blocking until something is entered on the
console.
Once we break out of the read we close epoll_fd and epoll_stop_fd,
both 0, and so term_exit() fails to cleanup the terminal properly.
The fix is simply to check ioeventfd_avail in ioevetfd__exit() and
do nothing if it is false.
Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Cyrill Gorcunov [Sun, 5 Feb 2012 20:19:02 +0000 (00:19 +0400)]
kvm tool: Don't close not yet opened files and SIGSEV fix
In case if there error happened in kvm__init and we have
no files opened -- we should not try to close them.
Also once kvm failed to init the caller should not try
to dereference a pointer obtained, otherwise we might get
SIGSEV
| [cyrill@moon kvm]$ ./lkvm run ...
| Error: '/dev/kvm' not found. Please make sure your kernel has CONFIG_KVM
| enabled and that the KVM modules are loaded.
| Segmentation fault (core dumped)
| [cyrill@moon kvm]$
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Matt Evans [Sat, 4 Feb 2012 08:07:25 +0000 (19:07 +1100)]
kvm tools: Add PPC64 kvm_cpu__emulate_io()
This is the final piece of the puzzle for PPC SPAPR PCI; this
function splits MMIO accesses into the two PHB windows & directs
things to MMIO/IO emulation as appropriate.
Signed-off-by: Matt Evans <matt@ozlabs.org> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Matt Evans [Sat, 4 Feb 2012 08:07:24 +0000 (19:07 +1100)]
kvm tools: Add PPC64 PCI Host Bridge
This provides the PCI bridge, definitions for the address layout of the windows
and wires in IRQs. Once PCI devices are all registered, they are enumerated and
DT nodes generated for each.
Signed-off-by: Matt Evans <matt@ozlabs.org> Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Matt Evans [Sat, 4 Feb 2012 08:07:23 +0000 (19:07 +1100)]
kvm tools: Add PPC64 XICS interrupt controller support
This patch adds XICS emulation code (heavily borrowed from QEMU), and wires
this into kvm_cpu__irq() to fire a CPU IRQ via KVM. A device tree entry is
also added. IPIs work, xics_alloc_irqnum() is added to allocate an external
IRQ (which will later be used by the PHB PCI code) and finally, kvm__irq_line()
can be called to raise an IRQ on XICS.
Signed-off-by: Matt Evans <matt@ozlabs.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Pekka Enberg <penberg@kernel.org>
This patch adds the basic structure for HV calls, their registration and some of
the simpler calls. A similar layout for RTAS calls is also added, again with
some of the simpler RTAS calls used by the guest. The SPAPR RTAS stub is
generated inline. Also, nodes for RTAS are added to the device tree.
Signed-off-by: Matt Evans <matt@ozlabs.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Matt Evans [Sat, 4 Feb 2012 08:07:20 +0000 (19:07 +1100)]
kvm tools: Generate SPAPR PPC64 guest device tree
The generated DT is the bare minimum structure required for SPAPR (on which
subsequent patches for VIO, XICS, PCI etc. will build); root node, cpus, memory.
The DT contains CPU-specific configuration; a very simple 'cpu info' mechanism
is added to recognise/differentiate DT entries for POWER7 and PPC970 host CPUs.
Future support of more CPUs is possible.
libfdt is included from scripts/dtc/libfdt.
Signed-off-by: Matt Evans <matt@ozlabs.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Matt Evans [Sat, 4 Feb 2012 08:07:19 +0000 (19:07 +1100)]
kvm tools: PPC64, add HPT/SDR1 for -PR KVM
Allocate a page table and point SDR1 to it in order to support the -PR
PPC64 KVM mode. (The alternative, -HV mode, is available only on a small
set of machines.)
This patch also removes the previous dependency on mapping guest RAM with
huge pages; PR KVM doesn't require them so the user isn't forced to use them.
A new option, '--hugetlbfs default', uses a default path for 16M pages for
HV mode, if required.
Signed-off-by: Matt Evans <matt@ozlabs.org> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Pekka Enberg [Sat, 4 Feb 2012 09:04:24 +0000 (11:04 +0200)]
kvm tools, x86: Fix munmap() size in kvm__arch_delete_ram()
Sasha noticed during code review that commit e106906 ("kvm tool: Change
kvm->ram_size to real mapped size.") changed kvm->ram_size accounting to
include 32-bit memory hole but forgot to update munmap in
kvm__arch_delete_ram().
Reported-by: Sasha Levin <levinsasha928@gmail.com> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Pekka Enberg [Sat, 4 Feb 2012 08:32:41 +0000 (10:32 +0200)]
kvm tools: Fix another use-after-free in shutdown sequence
Valgrind spotted another issue:
==2343== Invalid read of size 8
==2343== at 0x408EAD: kvm__pause (kvm.c:529)
==2343== by 0x407E07: ioport__unregister (ioport.c:100)
==2343== by 0x409537: pci__exit (pci.c:210)
==2343== by 0x406303: kvm_cmd_run (builtin-run.c:1314)
==2343== by 0x410670: handle_command (kvm-cmd.c:84)
==2343== by 0x3DE682139C: (below main) (in /lib64/libc-2.14.so)
==2343== Address 0x4c30ca0 is 0 bytes inside a block of size 520 free'd
==2343== at 0x4A055FE: free (vg_replace_malloc.c:366)
==2343== by 0x406293: kvm_cmd_run (builtin-run.c:1292)
==2343== by 0x410670: handle_command (kvm-cmd.c:84)
==2343== by 0x3DE682139C: (below main) (in /lib64/libc-2.14.so)
Pekka Enberg [Sat, 4 Feb 2012 08:30:42 +0000 (10:30 +0200)]
kvm tools, x86: Fix use after free in irq__exit()
Valgrind spotted this issue with KVM tool shutdown:
==1823== Invalid read of size 8
==1823== at 0x410DD0: rb_next (rbtree.c:390)
==1823== by 0x417376: irq__exit (irq.c:182)
==1823== by 0x406230: kvm_cmd_run (builtin-run.c:1275)
==1823== by 0x410670: handle_command (kvm-cmd.c:84)
==1823== by 0x3DE682139C: (below main) (in /lib64/libc-2.14.so)
==1823== Address 0x4f7cca0 is 0 bytes inside a block of size 48 free'd
==1823== at 0x4A055FE: free (vg_replace_malloc.c:366)
==1823== by 0x41736E: irq__exit (irq.c:192)
==1823== by 0x406230: kvm_cmd_run (builtin-run.c:1275)
==1823== by 0x410670: handle_command (kvm-cmd.c:84)
==1823== by 0x3DE682139C: (below main) (in /lib64/libc-2.14.so)
Matt Evans [Thu, 2 Feb 2012 02:47:34 +0000 (13:47 +1100)]
kvm tools: Add build target for statically-linked binary
This commit adds a target for 'lkvm-static' which is linked -static.
(This can be useful to construct kvmtool binaries for minimalist
auto-test host filesystems.)
Since extra features (SDL, AIO, VNC etc.) are auto-detected in the makefile
AND some features may only work when linked one way (but not both), the
feature detection now checks for both dynamic & static success. Intermediate
objects build with correct flags (e.g. CONFIG_HAS_AIO) for the end target.
Signed-off-by: Matt Evans <matt@ozlabs.org> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Matt Evans [Tue, 31 Jan 2012 06:30:41 +0000 (17:30 +1100)]
kvm tools: Repair running on non ioeventfd-capable platforms
Commit d3923126a24212f1e746a84a575dadbd9f259418 added a bunch of
nice error checking around ioevent__init() but the init may gracefully
fail if ioevents simply aren't supported (PPC64 KVM).
This commit adds a new return code for the init -- positive, but
identifiable as 'not success 0'.
Signed-off-by: Matt Evans <matt@ozlabs.org> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Commit b50cac5 ("PCI/sysfs: add per pci device msi[x] irq listing (v5)") added
"struct kobject" dependency to <linux/msi.h> which breaks KVM tool build. As
the header file is no longer about MSI hardware, make a new header file for
"struct msi_ms".
Reported-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Ingo Molnar [Wed, 18 Jan 2012 09:04:48 +0000 (10:04 +0100)]
kvm tools: Fix build breakage with GCC 4.7
* Pekka Enberg <penberg@kernel.org> wrote:
> >In file included from virtio/net.c:3:0:
> >include/kvm/virtio.h: In function ‘virt_queue__available’:
> >include/kvm/virtio.h:42:2: error: dereferencing type-punned pointer will break strict-aliasing rules [-Werror=strict-aliasing]
i suspect the contrast might be from casting a 'struct
vring_used_elem's 'id' field to type '__u16 *' and dereferencing
it might break GCC alias optimizations, as it makes two uses of
the 'num' field - one the regular 32-bit usage, the other this
weird 16-bit usage.
I think the only sane way to solve this is to do what the kernel
does, to turn off strict aliasing. The patch below does this and
resolves the build bug. Note: i also switched optimization from
-Os to -O2 - the latter is generally the better option for
performance critical code. -Os sometimes produces really weird
code.
The other build problem is that it appears the default GCC
regparm model changed, which highlighted this prototype bug:
x86/bios/e820.c:32:15: error: conflicting types for ‘e820_query_map’
In file included from x86/bios/e820.c:1:0:
include/kvm/e820.h:10:6: note: previous declaration of ‘e820_query_map’ was here
and there are similar problems with other BIOS prototypes.
Resolved via the other bits in the patch below.
Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Asias He [Mon, 9 Jan 2012 09:18:01 +0000 (17:18 +0800)]
kvm tools: Fix kvm-ipc.c build breakage
CC kvm-ipc.o
kvm-ipc.c: In function ???kvm_ipc__send_msg???:
kvm-ipc.c:53:34: error: comparison between signed and unsigned integer
expressions [-Werror=sign-compare]
cc1: all warnings being treated as errors
Reported-by: Jean-Philippe Menil <jean-philippe.menil@univ-nantes.fr> Signed-off-by: Asias He <asias.hejun@gmail.com> Signed-off-by: Pekka Enberg <penberg@kernel.org>
Hongyong Zang [Fri, 6 Jan 2012 02:06:26 +0000 (10:06 +0800)]
kvm tool: Change kvm->ram_size to real mapped size.
If a guest's ram_size exceeds KVM_32BIT_GAP_START, the corresponding kvm tool's
virtual address size should be (ram_size + KVM_32BIT_GAP_SIZE), rather than ram_size.
Use macro define KVM_32BIT_MAX_MEM_SIZE instead of magic number "0x100000000ULL".
Signed-off-by: Hongyong Zang <zanghongyong@huawei.com> Signed-off-by: Pekka Enberg <penberg@kernel.org>
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
fix CAN MAINTAINERS SCM tree type
mwifiex: fix crash during simultaneous scan and connect
b43: fix regression in PIO case
ath9k: Fix kernel panic in AR2427 in AP mode
CAN MAINTAINERS update
net: fsl: fec: fix build for mx23-only kernel
sch_qfq: fix overflow in qfq_update_start()
Revert "Bluetooth: Increase HCI reset timeout in hci_dev_do_close"
Al Viro [Wed, 4 Jan 2012 10:51:03 +0000 (10:51 +0000)]
minixfs: misplaced checks lead to dentry leak
bitmap size sanity checks should be done *before* allocating ->s_root;
there their cleanup on failure would be correct. As it is, we do iput()
on root inode, but leak the root dentry...
Oleg Nesterov [Wed, 4 Jan 2012 16:29:20 +0000 (17:29 +0100)]
ptrace: ensure JOBCTL_STOP_SIGMASK is not zero after detach
This is the temporary simple fix for 3.2, we need more changes in this
area.
1. do_signal_stop() assumes that the running untraced thread in the
stopped thread group is not possible. This was our goal but it is
not yet achieved: a stopped-but-resumed tracee can clone the running
thread which can initiate another group-stop.
Remove WARN_ON_ONCE(!current->ptrace).
2. A new thread always starts with ->jobctl = 0. If it is auto-attached
and this group is stopped, __ptrace_unlink() sets JOBCTL_STOP_PENDING
but JOBCTL_STOP_SIGMASK part is zero, this triggers WANR_ON(!signr)
in do_jobctl_trap() if another debugger attaches.
Change __ptrace_unlink() to set the artificial SIGSTOP for report.
Alternatively we could change ptrace_init_task() to copy signr from
current, but this means we can copy it for no reason and hide the
possible similar problems.
do {
ptrace(PTRACE_CONT, pid, 0, 0);
pid = waitpid(-1, NULL, 0);
} while (pid > 0);
return 1;
}
It fails because ->real_parent sees its child in EXIT_DEAD state
while the tracer is going to change the state back to EXIT_ZOMBIE
in wait_task_zombie().
The offending commit is 823b018e which moved the EXIT_DEAD check,
but in fact we should not blame it. The original code was not
correct as well because it didn't take ptrace_reparented() into
account and because we can't really trust ->ptrace.
This patch adds the additional check to close this particular
race but it doesn't solve the whole problem. We simply can't
rely on ->ptrace in this case, it can be cleared if the tracer
is multithreaded by the exiting ->parent.
I think we should kill EXIT_DEAD altogether, we should always
remove the soon-to-be-reaped child from ->children or at least
we should never do the DEAD->ZOMBIE transition. But this is too
complex for 3.2.
The call to "schedule_work()" in rtc_initialize_alarm() happens too
early, and can cause oopses at bootup
Neil Brown explains why we do it:
"If you set an alarm in the future, then shutdown and boot again after
that time, then you will end up with a timer_queue node which is in
the past.
When this happens the queue gets stuck. That entry-in-the-past won't
get removed until and interrupt happens and an interrupt won't happen
because the RTC only triggers an interrupt when the alarm is "now".
So you'll find that e.g. "hwclock" will always tell you that
'select' timed out.
So we force the interrupt work to happen at the start just in case."
and has a patch that convert it to do things in-process rather than with
the worker thread, but right now it's too late to play around with this,
so we just revert the patch that caused problems for now.
Reported-by: Sander Eikelenboom <linux@eikelenboom.it> Requested-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Requested-by: John Stultz <john.stultz@linaro.org> Cc: Neil Brown <neilb@suse.de> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Steve French [Wed, 4 Jan 2012 05:08:24 +0000 (23:08 -0600)]
[CIFS] default ntlmv2 for cifs mount delayed to 3.3
Turned out the ntlmv2 (default security authentication)
upgrade was harder to test than expected, and we ran
out of time to test against Apple and a few other servers
that we wanted to. Delay upgrade of default security
from ntlm to ntlmv2 (on mount) to 3.3. Still works
fine to specify it explicitly via "sec=ntlmv2" so this
should be fine.
Acked-by: Jeff Layton <jlayton@samba.org> Signed-off-by: Steve French <smfrench@gmail.com>
Jeff Layton [Sun, 1 Jan 2012 15:34:39 +0000 (10:34 -0500)]
cifs: fix bad buffer length check in coalesce_t2
The current check looks to see if the RFC1002 length is larger than
CIFSMaxBufSize, and fails if it is. The buffer is actually larger than
that by MAX_CIFS_HDR_SIZE.
This bug has been around for a long time, but the fact that we used to
cap the clients MaxBufferSize at the same level as the server tended
to paper over it. Commit c974befa changed that however and caused this
bug to bite in more cases.
Reported-and-Tested-by: Konstantinos Skarlatos <k.skarlatos@gmail.com> Tested-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <smfrench@gmail.com>
It causes failures on Toshiba laptops - instead of disabling the alarm,
it actually seems to enable it on the affected laptops, resulting in
(for example) the laptop powering on automatically five minutes after
shutdown.
There's a patch for it that appears to work for at least some people,
but it's too late to play around with this, so revert for now and try
again in the next merge window.
See for example
http://bugs.debian.org/652869
Reported-and-bisected-by: Andreas Friedrich <afrie@gmx.net> (Toshiba Tecra) Reported-by: Antonio-M. Corbi Bellot <antonio.corbi@ua.es> (Toshiba Portege R500) Reported-by: Marco Santos <marco.santos@waynext.com> (Toshiba Portege Z830) Reported-by: Christophe Vu-Brugier <cvubrugier@yahoo.fr> (Toshiba Portege R830) Cc: Jonathan Nieder <jrnieder@gmail.com> Requested-by: John Stultz <john.stultz@linaro.org> Cc: stable@kernel.org # for the versions that applied this Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
vfork parent uninterruptibly and unkillably waits for its child to
exec/exit. This wait is of unbounded length. Ignore such waits
in the hung_task detector.
Jan Kara [Tue, 3 Jan 2012 12:14:29 +0000 (13:14 +0100)]
security: Fix security_old_inode_init_security() when CONFIG_SECURITY is not set
Commit 1e39f384bb01 ("evm: fix build problems") makes the stub version
of security_old_inode_init_security() return 0 when CONFIG_SECURITY is
not set.
But that makes callers such as reiserfs_security_init() assume that
security_old_inode_init_security() has set name, value, and len
arguments properly - but security_old_inode_init_security() left them
uninitialized which then results in interesting failures.
Revert security_old_inode_init_security() to the old behavior of
returning EOPNOTSUPP since both callers (reiserfs and ocfs2) handle this
just fine.
[ Also fixed the S_PRIVATE(inode) case of the actual non-stub
security_old_inode_init_security() function to return EOPNOTSUPP
for the same reason, as pointed out by Mimi Zohar.
It got incorrectly changed to match the new function in commit fb88c2b6cbb1: "evm: fix security/security_old_init_security return
code". - Linus ]
Reported-by: Jorge Bastos <mysql.jorge@decimal.pt> Acked-by: James Morris <jmorris@namei.org> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
mwifiex: fix crash during simultaneous scan and connect
If 'iw connect' command is fired when driver is already busy in
serving 'iw scan' command, ssid specific scan operation for connect
is skipped. In this case cmd wait queue handler gets called with no
command in queue (i.e. adapter->cmd_queued = NULL).
This patch adds a NULL check in mwifiex_wait_queue_complete()
routine to fix crash observed during simultaneous scan and assoc
operations.
Signed-off-by: Amitkumar Karwar <akarwar@marvell.com> Signed-off-by: Bing Zhao <bzhao@marvell.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
commit 17030f48e31adde5b043741c91ba143f5f7db0fd
From: Rafał Miłecki <zajec5@gmail.com>
Date: Thu, 11 Aug 2011 17:16:27 +0200
Subject: [PATCH] b43: support new RX header, noticed to be used in 598.314+ fw
in PIO case.
Signed-off-by: Guennadi Liakhovetski <g.liakhovetski@gmx.de> Signed-off-by: John W. Linville <linville@tuxdriver.com>
don't do aggregation related stuff for 'AP mode client power save
handling' if aggregation is not enabled in the driver, otherwise it
will lead to panic because those data structures won't be never
intialized in 'ath_tx_node_init' if aggregation is disabled
Oliver Hartkopp [Tue, 3 Jan 2012 08:40:28 +0000 (08:40 +0000)]
CAN MAINTAINERS update
Update the CAN MAINTAINERS section:
- point out active maintainers
- pull the CAN driver discussion away from netdev ML
- point to the new CAN web site on gitorious.org
- add CAN development git repository URL to submit patches
Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net> CC: Oliver Hartkopp <oliver.hartkopp@volkswagen.de> CC: Urs Thuermann <urs.thuermann@volkswagen.de> CC: Wolfgang Grandegger <wg@grandegger.com> CC: Marc Kleine-Budde <mkl@pengutronix.de> CC: linux-can@vger.kernel.org Signed-off-by: David S. Miller <davem@davemloft.net>
Wolfram Sang [Tue, 3 Jan 2012 03:46:47 +0000 (03:46 +0000)]
net: fsl: fec: fix build for mx23-only kernel
If one only selects mx23-based boards, compile fails:
drivers/net/ethernet/freescale/fec.c:410:2: error: 'FEC_HASH_TABLE_HIGH' undeclared (first use in this function)
drivers/net/ethernet/freescale/fec.c:411:2: error: 'FEC_HASH_TABLE_LOW' undeclared (first use in this function)
This is because fec.h uses CONFIG_SOC_IMX28 to determine the register
layout of the core which makes sense since the MX23 does not have a fec.
However, Kconfig uses the broader ARCH_MXS symbol and this way even
makes the fec-driver default for MX23. Adapt Kconfig to use the more
precise SOC_IMX28 as well.
Signed-off-by: Wolfram Sang <w.sang@pengutronix.de> Cc: Fabio Estevam <fabio.estevam@freescale.com> Cc: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Cc: Shawn Guo <shawn.guo@linaro.org> Cc: David S. Miller <davem@davemloft.net> Acked-by: Fabio Estevam <fabio.estevam@freescale.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Eric Dumazet [Mon, 2 Jan 2012 05:47:57 +0000 (05:47 +0000)]
sch_qfq: fix overflow in qfq_update_start()
grp->slot_shift is between 22 and 41, so using 32bit wide variables is
probably a typo.
This could explain QFQ hangs Dave reported to me, after 2^23 packets ?
(23 = 64 - 41)
Reported-by: Dave Taht <dave.taht@gmail.com> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> CC: Stephen Hemminger <shemminger@vyatta.com> CC: Dave Taht <dave.taht@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Pekka Enberg [Tue, 3 Jan 2012 17:49:49 +0000 (19:49 +0200)]
kvm tools, 9p: Fix memory leak in virtio_9p_attach()
This patch fixes the following valgrind reported memory leak:
==7684== 20 bytes in 8 blocks are definitely lost in loss record 3 of 46
==7684== at 0x4A0649D: malloc (vg_replace_malloc.c:236)
==7684== by 0x4116B5: virtio_p9_pdu_readf (9p-pdu.c:110)
==7684== by 0x40FD8C: virtio_p9_attach (9p.c:354)
==7684== by 0x410E80: virtio_p9_do_io (9p.c:1154)
==7684== by 0x40DB45: thread_pool__threadfunc (threadpool.c:56)
==7684== by 0x3DE7007B30: start_thread (in /lib64/libpthread-2.14.so)
==7684== by 0x3DE68DFD2C: clone (in /lib64/libc-2.14.so)
Pekka Enberg [Tue, 3 Jan 2012 17:39:14 +0000 (19:39 +0200)]
kvm tools, 9p: Fix memory leak in virtio_p9_walk()
This patch fixes the following valgrind reported memory leak in
virtio_9p_walk():
==6689== 1,058 bytes in 134 blocks are definitely lost in loss record 39 of 47
==6689== at 0x4A0649D: malloc (vg_replace_malloc.c:236)
==6689== by 0x4116A9: virtio_p9_pdu_readf (9p-pdu.c:110)
==6689== by 0x40FB9F: virtio_p9_walk (9p.c:305)
==6689== by 0x410E73: virtio_p9_do_io (9p.c:1151)
==6689== by 0x40DB45: thread_pool__threadfunc (threadpool.c:56)
==6689== by 0x3DE7007B30: start_thread (in /lib64/libpthread-2.14.so)
==6689== by 0x3DE68DFD2C: clone (in /lib64/libc-2.14.so)
Pekka Enberg [Tue, 3 Jan 2012 17:25:28 +0000 (19:25 +0200)]
kvm tools: Free vcpu array on shutdown
This patch silences the following harmless warning to reduce valgrind noise:
==5529== 864 bytes in 3 blocks are possibly lost in loss record 39 of 48
==5529== at 0x4A04B84: calloc (vg_replace_malloc.c:467)
==5529== by 0x3DE6410D44: _dl_allocate_tls (in /lib64/ld-2.14.so)
==5529== by 0x3DE70082F5: pthread_create@@GLIBC_2.2.5 (in /lib64/libpthread-2.14.so)
==5529== by 0x405755: kvm_cmd_run (builtin-run.c:1169)
==5529== by 0x40D47D: handle_command (kvm-cmd.c:84)
==5529== by 0x3DE682139C: (below main) (in /lib64/libc-2.14.so)
Pekka Enberg [Tue, 3 Jan 2012 17:20:23 +0000 (19:20 +0200)]
kvm tools: Fix use after free during shutdown
Valgrind reports the following use after free error, when shutting down a
guest:
[penberg@tux kvm]$ valgrind ./vm run
[ snip ]
Mounting...
Starting '/bin/sh'...
sh-4.2# exit
[ snip ]
==4726== Thread 11:
==4726== Invalid read of size 8
==4726== at 0x407818: kvm__continue (kvm.c:518)
==4726== by 0x3DE683534F: ??? (in /lib64/libc-2.14.so)
==4726== by 0x3DE68D8AF6: ioctl (in /lib64/libc-2.14.so)
==4726== by 0x406C95: kvm_cpu__run (kvm-cpu.c:35)
==4726== by 0x406D95: kvm_cpu__start (kvm-cpu.c:109)
==4726== by 0x4046D5: kvm_cpu_thread (builtin-run.c:603)
==4726== by 0x3DE7007B30: start_thread (in /lib64/libpthread-2.14.so)
==4726== by 0x3DE68DFD2C: clone (in /lib64/libc-2.14.so)
==4726== Address 0x4c2e040 is 0 bytes inside a block of size 936 free'd
==4726== at 0x4A055FE: free (vg_replace_malloc.c:366)
==4726== by 0x4046E7: kvm_cpu_thread (builtin-run.c:606)
==4726== by 0x3DE7007B30: start_thread (in /lib64/libpthread-2.14.so)
==4726== by 0x3DE68DFD2C: clone (in /lib64/libc-2.14.so)
==4726==
==4726== Thread 1:
==4726== Invalid read of size 1
==4726== at 0x4057BC: kvm_cmd_run (builtin-run.c:1182)
==4726== by 0x40D46D: handle_command (kvm-cmd.c:84)
==4726== by 0x3DE682139C: (below main) (in /lib64/libc-2.14.so)
==4726== Address 0x4e36f58 is 920 bytes inside a block of size 936 free'd
==4726== at 0x4A055FE: free (vg_replace_malloc.c:366)
==4726== by 0x4046E7: kvm_cpu_thread (builtin-run.c:606)
==4726== by 0x3DE7007B30: start_thread (in /lib64/libpthread-2.14.so)
==4726== by 0x3DE68DFD2C: clone (in /lib64/libc-2.14.so)
This patch fixes the problem by moving the kvm_cpu__delete() call from
kvm_cpu_thread() to kvm_cmd_run() after we've made sure the VCPU thread is
stopped.
Lai Jiangshan [Tue, 27 Dec 2011 07:36:38 +0000 (15:36 +0800)]
kvm tools: Don't remove any file which is not created by itself
It is user's or other program's reponsibility, not the current program.
Just try best to let the user know what happen.
Also make print_guest() keep the same behavior as do_debug()
do_pause() ...etc. when it failed.
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com> Signed-off-by: Pekka Enberg <penberg@kernel.org>
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
netfilter: ctnetlink: fix timeout calculation
ipvs: try also real server with port 0 in backup server
skge: restore rx multicast filter on resume and after config changes
mlx4_en: nullify cq->vector field when closing completion queue
Hugh Dickins [Sat, 31 Dec 2011 19:44:01 +0000 (11:44 -0800)]
futex: Fix uninterruptible loop due to gate_area
It was found (by Sasha) that if you use a futex located in the gate
area we get stuck in an uninterruptible infinite loop, much like the
ZERO_PAGE issue.
While looking at this problem, PeterZ realized you'll get into similar
trouble when hitting any install_special_pages() mapping. And are there
still drivers setting up their own special mmaps without page->mapping,
and without special VM or pte flags to make get_user_pages fail?
In most cases, if page->mapping is NULL, we do not need to retry at all:
Linus points out that even /proc/sys/vm/drop_caches poses no problem,
because it ends up using remove_mapping(), which takes care not to
interfere when the page reference count is raised.
But there is still one case which does need a retry: if memory pressure
called shmem_writepage in between get_user_pages_fast dropping page
table lock and our acquiring page lock, then the page gets switched from
filecache to swapcache (and ->mapping set to NULL) whatever the refcount.
Fault it back in to get the page->mapping needed for key->shared.inode.
Julian Anastasov [Fri, 30 Dec 2011 05:19:02 +0000 (14:19 +0900)]
ipvs: try also real server with port 0 in backup server
We should not forget to try for real server with port 0
in the backup server when processing the sync message. We should
do it in all cases because the backup server can use different
forwarding method.
Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Florian Zumbiehl [Fri, 30 Dec 2011 17:30:09 +0000 (17:30 +0000)]
skge: restore rx multicast filter on resume and after config changes
Restore skge hardware registers for multicast filtering to their
appropriate values after system resume and after hardware restarts
that are done when changing certain settings.
Signed-off-by: Florian Zumbiehl <florz@florz.de> Acked-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
which got bisected down to the stable version of this commit.
Reported-by: Jonathan Nieder <jrnieder@gmail.com> Reported-by: Phil Miller <mille121@illinois.edu> Reported-by: Philip Langdale <philipl@overt.org> Reported-by: Tim Gardner <tim.gardner@canonical.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Greg KH <gregkh@suse.de> Cc: stable@kernel.org # for stable kernels that applied the original Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Linus Torvalds [Fri, 30 Dec 2011 20:13:03 +0000 (12:13 -0800)]
Merge git://www.linux-watchdog.org/linux-watchdog
* git://www.linux-watchdog.org/linux-watchdog:
watchdog: iTCO_wdt.c - problems with newer hardware due to SMI clearing (part 2)
watchdog: hpwdt: Changes to handle NX secure bit in 32bit path
watchdog: sp805: Fix section mismatch in ID table.
watchdog: move coh901327 state holders
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
packet: fix possible dev refcnt leak when bind fail
netem: dont call vfree() under spinlock and BH disabled
netfilter: ctnetlink: fix scheduling while atomic if helper is autoloaded
netfilter: ctnetlink: fix return value of ctnetlink_get_expect()
projects / karo-tx-linux.git / log