Alex Elder [Tue, 19 Feb 2013 18:25:56 +0000 (12:25 -0600)]
rbd: eliminate sparse warnings
Fengguang Wu reminded me that there were outstanding sparse reports
in the ceph and rbd code. This patch fixes these problems in rbd
that lead to those reports:
- Convert functions that are never referenced externally to have
static scope.
- Add a lockdep annotation to rbd_request_fn(), because it
releases a lock before acquiring it again.
This partially resolves:
http://tracker.ceph.com/issues/4184
Alex Elder [Wed, 20 Feb 2013 23:32:08 +0000 (17:32 -0600)]
rbd: normalize dout() calls
Add dout() calls to facilitate tracing of image and object requests.
Change a few existing calls so they use __func__ rather than the
hard-coded function name. Have calls always add ":" after the name
of the function, and prefix pointer values with a consistent tag
indicating what it represents. (Note that there remain some older
dout() calls that are left untouched by this patch.)
Issue a warning if rbd_osd_write_callback() ever gets a short write.
This resolves:
http://tracker.ceph.com/issues/4235
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Thu, 21 Feb 2013 16:10:06 +0000 (10:10 -0600)]
rbd: barriers are hard
Let's go shopping!
I'm afraid this may not have gotten it right: 07741308 rbd: add barriers near done flag operations
The smp_wmb() should have been done *before* setting the done flag,
to ensure all other data was valid before marking the object request
done.
Switch to use atomic_inc_return() here to set the done flag, which
allows us to verify we don't mark something done more than once.
Doing this also implies general barriers before and after the call.
And although a read memory barrier might have been sufficient before
reading the done flag, convert this to a full memory barrier just
to put this issue to bed.
This resolves:
http://tracker.ceph.com/issues/4238
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Thu, 21 Feb 2013 03:59:33 +0000 (21:59 -0600)]
rbd: ignore zero-length requests
The old request code simply ignored zero-length requests. We should
still operate that same way to avoid any changes in behavior. We
can implement handling for special zero-length requests separately
(see http://tracker.ceph.com/issues/4236).
Add some assertions based on this new constraint.
This resolves:
http://tracker.ceph.com/issues/4237
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Sage Weil [Fri, 22 Feb 2013 23:31:00 +0000 (15:31 -0800)]
ceph: fix statvfs fr_size
Different versions of glibc are broken in different ways, but the short of
it is that for the time being, frsize should == bsize, and be used as the
multiple for the blocks, free, and available fields. This mirrors what is
done for NFS. The previous reporting of the page size for frsize meant
that newer glibc and df would report a very small value for the fs size.
Fixes http://tracker.ceph.com/issues/3793.
Signed-off-by: Sage Weil <sage@inktank.com> Reviewed-by: Greg Farnum <greg@inktank.com>
Alex Elder [Wed, 6 Feb 2013 19:11:38 +0000 (13:11 -0600)]
rbd: ignore result of ceph_copy_from_page_vector()
The result of ceph_copy_from_page_vector() is simply the length
argument it is provided.
This is called by rbd_obj_method_sync(), which returns the result if
it's non-negative. But we always either ignore or overwrite that
return value. So explicitly ignore what's returned by the copy
function, and have rbd_obj_method_sync() always return either a
negative errno or 0.
We also return the result of ceph_copy_from_page_vector() in
rbd_obj_read_sync(). There we still want to return the number of
bytes transferred, but we can use the value we already have in hand
rather than what ceph_copy_from_page_vector() provides.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Wed, 6 Feb 2013 19:11:38 +0000 (13:11 -0600)]
rbd: prevent bytes transferred overflow
In rbd_obj_read_sync(), verify the number of bytes transferred won't
exceed what can be represented by a size_t before using it to
indicate the number of bytes to copy to the result buffer.
(The real motivation for this is to prepare for the next patch.)
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Wed, 6 Feb 2013 19:11:38 +0000 (13:11 -0600)]
libceph: use void pointers in page vector functions
The functions used for working with ceph page vectors are defined
with char pointers, but they're really intended to operate on
untyped data. Change the types of these function parameters
to (void *) to reflect this.
(Note that the functions now assume void pointer arithmetic works
like arithmetic on char pointers.)
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Wed, 6 Feb 2013 19:11:38 +0000 (13:11 -0600)]
ceph: remove a few bogus declarations
There are three ceph page vector functions declared in
"fs/ceph/super.h" that don't belong there. They're
probably left over from some long-ago code reorganization.
They're properly declared in "include/linux/ceph/libceph.h"
so just delete the ones in "super.h".
This and the next few commits resolve:
http://tracker.ceph.com/issues/4053
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 8 Feb 2013 15:55:48 +0000 (09:55 -0600)]
libceph: allow STAT osd operations
Add support for CEPH_OSD_OP_STAT operations in the osd client
and in rbd.
This operation sends no data to the osd; everything required is
encoded in identity of the target object.
The result will be ENOENT if the object doesn't exist. If it does
exist and no other error occurs the server returns the size and last
modification time of the target object as output data (in little
endian format). The size is a 64 bit unsigned and the time is
ceph_timespec structure (two unsigned 32-bit integers, representing
a seconds and nanoseconds value).
This resolves:
http://tracker.ceph.com/issues/4007
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 15 Feb 2013 17:42:30 +0000 (11:42 -0600)]
libceph: update ceph_mds_state_name() and ceph_mds_op_name()
Update ceph_mds_state_name() and ceph_mds_op_name() to include the
newly-added definitions in "ceph_fs.h", and to match its counterpart
in the user space code.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 15 Feb 2013 17:42:30 +0000 (11:42 -0600)]
libceph: update ceph_fs.h
Update most of "include/linux/ceph/ceph_fs.h" to match its user
space counterpart in "src/include/ceph_fs.h" in the ceph tree.
Everything that has changed is either:
- added definitions (therefore no real effect on existing code)
- deleting unused symbols
- added or revised comments
There were some differences between the struct definitions for
ceph_mon_subscribe_item and the open field of ceph_mds_request_args;
those differences remain.
This and the next commit resolve:
http://tracker.ceph.com/issues/4165
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 15 Feb 2013 17:42:30 +0000 (11:42 -0600)]
libceph: remove dead code in osd_req_encode_op()
In osd_req_encode_op() there are a few cases that handle osd
opcodes that are never used in the kernel. The presence of
this code gives the impression it's correct (which really can't
be assumed), and may impose some unnecessary restrictions on
some upcoming refactoring of this code.
So delete this effectively dead code, and report uses of the
previously handled cases as unsupported.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 15 Feb 2013 17:42:30 +0000 (11:42 -0600)]
libceph: update rados.h
Update most of "include/linux/ceph/rados.h" to match its user space
counterpart in "src/include/rados.h" in the ceph tree.
Almost everything that has changed is either:
- added or revised comments
- added definitions (therefore no real effect on existing code)
- defining the same value a different way (e.g., "1 << 0" vs "1")
The only exceptions are:
- The declaration of ceph_osd_state_name() was excluded; that
will be inserted in the next patch.
- ceph_osd_op_mode_read() and ceph_osd_op_mode_modify() are
defined differently, but they were never used in the kernel
- CEPH_OSD_FLAG_PEERSTAT is now CEPH_OSD_FLAG_PEERSTAT_OLD, but
that was never used in the kernel
Anything that was present in this file but not in its user space
counterpart was left intact here. I left the definitions of
EOLDSNAPC and EBLACKLISTED using numerical values here; I'm
not sure the right way to go with those.
This and the next two commits resolve:
http://tracker.ceph.com/issues/4164
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 15 Feb 2013 17:42:30 +0000 (11:42 -0600)]
libceph: kill ceph_osdc_wait_event()
There are no actual users of ceph_osdc_wait_event(). This would
have been one-shot events, but we no longer support those so just
get rid of this function.
Since this leaves nothing else that waits for the completion of an
event, we can get rid of the completion in a struct ceph_osd_event.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
There is only one caller of ceph_osdc_create_event(), and it
provides 0 as its "one_shot" argument. Get rid of that argument and
just use 0 in its place.
Replace the code in handle_watch_notify() that executes if one_shot
is nonzero in the event with a BUG_ON() call.
While modifying "osd_client.c", give handle_watch_notify() static
scope.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 15 Feb 2013 17:42:29 +0000 (11:42 -0600)]
libdeph: don't export ceph_osdc_init() or ceph_osdc_stop()
The only callers of ceph_osdc_init() and ceph_osdc_stop()
ceph_create_client() and ceph_destroy_client() (respectively)
and they are in the same kernel module as those two functions.
There's therefore no need to export those interfaces, so don't.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 15 Feb 2013 17:42:29 +0000 (11:42 -0600)]
libceph: lock outside send_queued()
Two of the three callers of the osd client's send_queued() function
already hold the osd client mutex and drop it before the call.
Change send_queued() so it assumes the caller holds the mutex, and
update all callers accordingly. Rename it __send_queued() to match
the convention used elsewhere in the file with respect to the lock.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
The "num_reply" parameter to ceph_osdc_new_request() is never
used inside that function, so get rid of it.
Note that ceph_sync_write() passes 2 for that argument, while all
other callers pass 1. It doesn't matter, but perhaps someone should
verify this doesn't indicate a problem.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
There is only one caller of ceph_osdc_writepages(), and it always
passes 0 as its "flags" argument. Get rid of that argument and
replace its use in ceph_osdc_writepages() with 0.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
There is only one caller of ceph_osdc_writepages(), and it always
passes 0 as its "dosync" argument. Get rid of that argument and
replace its use in ceph_osdc_writepages() with 0.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
There is only one caller of ceph_osdc_writepages(), and it always
passes the value true as its "nofail" argument. Get rid of that
argument and replace its use in ceph_osdc_writepages() with the
constant value true.
This and a number of cleanup patches that follow resolve:
http://tracker.ceph.com/issues/4126
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Linus Torvalds [Mon, 18 Feb 2013 17:58:02 +0000 (09:58 -0800)]
mm: fix pageblock bitmap allocation
Commit c060f943d092 ("mm: use aligned zone start for pfn_to_bitidx
calculation") fixed out calculation of the index into the pageblock
bitmap when a !SPARSEMEM zome was not aligned to pageblock_nr_pages.
However, the _allocation_ of that bitmap had never taken this alignment
requirement into accout, so depending on the exact size and alignment of
the zone, the use of that index could then access past the allocation,
resulting in some very subtle memory corruption.
This was reported (and bisected) by Ingo Molnar: one of his random
config builds would hang with certain very specific kernel command line
options.
In the meantime, commit c060f943d092 has been marked for stable, so this
fix needs to be back-ported to the stable kernels that backported the
commit to use the right alignment.
Linus Torvalds [Fri, 15 Feb 2013 20:12:55 +0000 (12:12 -0800)]
Merge tag 'stable/for-linus-3.8-rc7-tag-two' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen
Pull xen fixes from Konrad Rzeszutek Wilk:
"Two fixes:
- A simple bug-fix for redundant NULL check.
- CVE-2013-0228/XSA-42: x86/xen: don't assume %ds is usable in
xen_iret for 32-bit PVOPS
and two reverts:
- Revert the PVonHVM kexec. The patch introduces a regression with
older hypervisor stacks, such as Xen 4.1."
* tag 'stable/for-linus-3.8-rc7-tag-two' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
Revert "xen PVonHVM: use E820_Reserved area for shared_info"
Revert "xen/PVonHVM: fix compile warning in init_hvm_pv_info"
xen: remove redundant NULL check before unregister_and_remove_pcpu().
x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS.
Revert "[media] dvb_frontend: return -ENOTTY for unimplement IOCTL"
As reported by Klaus Schmidinger:
"In VDR I use an ioctl() call with FE_READ_UNCORRECTED_BLOCKS on a
device (using stb0899). After this call I check 'errno' for
EOPNOTSUPP to determine whether this device supports this call. This
used to work just fine, until a few months ago I noticed that my
devices using stb0899 didn't display their signal quality in VDR's OSD
any more. After further investigation I found that
ioctl(FE_READ_UNCORRECTED_BLOCKS) no longer returns EOPNOTSUPP, but
rather ENOTTY. And since I stop getting the signal quality in case
any unknown errno value appears, this broke my signal quality query
function."
Linus Torvalds [Fri, 15 Feb 2013 20:04:57 +0000 (12:04 -0800)]
Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull one more x86 fix from Peter Anvin:
"Sigh. One more patch in the "please don't brick my Samsung" series"
* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
efi: Clear EFI_RUNTIME_SERVICES rather than EFI_BOOT by "noefi" boot parameter
Linus Torvalds [Fri, 15 Feb 2013 20:04:08 +0000 (12:04 -0800)]
Merge tag '3.8-pci-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci
Pull PCI fix from Bjorn Helgaas:
"This is another fix for v3.8. It fixes an oops that happens when a
Thunderbolt adapter is unplugged (remove device, poll for PME events
on no-longer-existing device, oops)."
* tag '3.8-pci-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
PCI/PM: Clean up PME state when removing a device
Linus Torvalds [Fri, 15 Feb 2013 20:03:09 +0000 (12:03 -0800)]
Merge tag 'omapdss-for-3.8-rc8' of git://gitorious.org/linux-omap-dss2/linux
Pull omapdss fixes from Tomi Valkeinen:
"It'd be great if these two late fixes would still make it into 3.8.
The other one fixes ARM kernel compilation when using 'allyesconfig',
and the other makes DPI displays function again on OMAP3630 boards:
- Fix ARM compilation with "allyesconfig" (omapdrm: fix the
dependency to omapdss)
- fix DPI displays on OMAP3630 (OMAPDSS: add FEAT_DPI_USES_VDDS_DSI
to omap3630_dss_feat_list)"
* tag 'omapdss-for-3.8-rc8' of git://gitorious.org/linux-omap-dss2/linux:
omapdrm: fix the dependency to omapdss
OMAPDSS: add FEAT_DPI_USES_VDDS_DSI to omap3630_dss_feat_list
Linus Torvalds [Fri, 15 Feb 2013 19:59:27 +0000 (11:59 -0800)]
Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux
Pull i2c maintainer info update from Wolfram Sang:
"Since my old email and repos are not working anymore, and this already
caused some confusion, I think a MAINTAINERS update for 3.8 is
helpful. So, people trying I2C with the new kernel can properly reach
me and find my repos."
* 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
MAINTAINERS: change my email and repos
We are doing this b/c on 32-bit PVonHVM with older hypervisors
(Xen 4.1) it ends up bothing up the start_info. This is bad b/c
we use it for the time keeping, and the timekeeping code loops
forever - as the version field never changes. Olaf says to
revert it, so lets do that.
Acked-by: Olaf Hering <olaf@aepfle.de> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Tomi Valkeinen [Thu, 7 Feb 2013 14:35:52 +0000 (16:35 +0200)]
omapdrm: fix the dependency to omapdss
omapdrm uses "select" in Kconfig to enable omapdss. This doesn't work
correctly, as "select" forces omapdss to be enabled in the config even
if it normally could not be enabled because of missing Kconfig
dependencies.
This causes a build break on ARM, when using allyesconfig:
drivers/video/omap2/dss/dss.c: In function 'dss_calc_clock_div':
drivers/video/omap2/dss/dss.c:572:20: error: 'CONFIG_OMAP2_DSS_MIN_FCK_PER_PCK' undeclared (first use in this function)
drivers/video/omap2/dss/dss.c:572:20: note: each undeclared identifier is reported only once for each function it appears in
Instead of using select, this patch changes omapdrm to use "depend
on".
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
Alex Elder [Tue, 5 Feb 2013 19:23:12 +0000 (13:23 -0600)]
rbd: turn off interrupts for open/remove locking
This commit: bc7a62ee5 rbd: prevent open for image being removed
added checking for removing rbd before allowing an open, and used
the same request spinlock for protecting that and updating the open
count as is used for the request queue.
However it used the non-irq protected version of the spinlocks.
Fix that.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Thu, 31 Jan 2013 22:02:00 +0000 (16:02 -0600)]
libceph: don't require r_num_pages for bio requests
There is a check in the completion path for osd requests that
ensures the number of pages allocated is enough to hold the amount
of incoming data expected.
For bio requests coming from rbd the "number of pages" is not really
meaningful (although total length would be). So stop requiring that
nr_pages be supplied for bio requests. This is done by checking
whether the pages pointer is null before checking the value of
nr_pages.
Note that this value is passed on to the messenger, but there it's
only used for debugging--it's never used for validation.
While here, change another spot that used r_pages in a debug message
inappropriately, and also invalidate the r_con_filling_msg pointer
after dropping a reference to it.
This resolves:
http://tracker.ceph.com/issues/3875
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Wed, 30 Jan 2013 17:13:33 +0000 (11:13 -0600)]
rbd: don't take extra bio reference for osd client
Currently, if the OSD client finds an osd request has had a bio list
attached to it, it drops a reference to it (or rather, to the first
entry on that list) when the request is released.
The code that added that reference (i.e., the rbd client) is
therefore required to take an extra reference to that first bio
structure.
The osd client doesn't really do anything with the bio pointer other
than transfer it from the osd request structure to outgoing (for
writes) and ingoing (for reads) messages. So it really isn't the
right place to be taking or dropping references.
Furthermore, the rbd client already holds references to all bio
structures it passes to the osd client, and holds them until the
request is completed. So there's no need for this extra reference
whatsoever.
So remove the bio_put() call in ceph_osdc_release_request(), as
well as its matching bio_get() call in rbd_osd_req_create().
This change could lead to a crash if old libceph.ko was used with
new rbd.ko. Add a compatibility check at rbd initialization time to
avoid this possibilty.
This resolves:
http://tracker.ceph.com/issues/3798 and
http://tracker.ceph.com/issues/3799
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Wed, 30 Jan 2013 17:13:33 +0000 (11:13 -0600)]
libceph: add a compatibility check interface
An upcoming change implements semantic change that could lead to
a crash if an old version of the libceph kernel module is used with
a new version of the rbd kernel module.
In order to preclude that possibility, this adds a compatibilty
check interface. If this interface doesn't exist, the modules are
obviously not compatible. But if it does exist, this provides a way
of letting the caller know whether it will operate properly with
this libceph module.
Perhaps confusingly, it returns false right now. The semantic
change mentioned above will make it return true.
This resolves:
http://tracker.ceph.com/issues/3800
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Mon, 14 Jan 2013 18:43:31 +0000 (12:43 -0600)]
rbd: prevent open for image being removed
An open request for a mapped rbd image can arrive while removal of
that mapping is underway. We need to prevent such an open request
from succeeding. (It appears that Maciej Galkiewicz ran into this
problem.)
Define and use a "removing" flag to indicate a mapping is getting
removed. Set it in the remove path after verifying nothing holds
the device open. And check it in the open path before allowing the
open to proceed. Acquire the rbd device's lock around each of these
spots to avoid any races accessing the flags and open_count fields.
This addresses:
http://tracker.newdream.net/issues/3427
Reported-by: Maciej Galkiewicz <maciejgalkiewicz@ragnarson.com> Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Mon, 14 Jan 2013 18:43:31 +0000 (12:43 -0600)]
rbd: define flags field, use it for exists flag
Define a new rbd device flags field, manipulated using bit
operations. Replace the use of the current "exists" flag with a bit
in this new "flags" field. Add a little commentary about the
"exists" flag, which does not need to be manipulated atomically.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 25 Jan 2013 23:08:55 +0000 (17:08 -0600)]
rbd: don't drop watch requests on completion
When we register an osd request to linger, it means that request
will stay around (under control of the osd client) until we've
unregistered it. We do that for an rbd image's header object, and
we keep a pointer to the object request associated with it.
Keep a reference to the watch object request for as long as it is
registered to linger. Drop it again after we've removed the linger
registration.
This resolves:
http://tracker.ceph.com/issues/3937
(Note: this originally came about because the osd client was
issuing a callback more than once. But that behavior will be
changing soon, documented in tracker issue 3967.)
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 25 Jan 2013 23:08:55 +0000 (17:08 -0600)]
rbd: unregister linger in watch sync routine
Move the code that unregisters an rbd device's lingering header
object watch request into rbd_dev_header_watch_sync(), so it
occurs in the same function that originally sets up that request.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Sun, 20 Jan 2013 20:44:42 +0000 (14:44 -0600)]
rbd: get rid of rbd_req_sync_exec()
Get rid rbd_req_sync_exec() because it is no longer used. That
eliminates the last use of rbd_req_sync_op(), so get rid of that
too. And finally, that leaves rbd_do_request() unreferenced, so get
rid of that.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Thu, 17 Jan 2013 18:18:46 +0000 (12:18 -0600)]
rbd: send notify ack asynchronously
When we receive notification of a change to an rbd image's header
object we need to refresh our information about the image (its
size and snapshot context). Once we have refreshed our rbd image
we need to acknowledge the notification.
This acknowledgement was previously done synchronously, but there's
really no need to wait for it to complete.
Change it so the caller doesn't wait for the notify acknowledgement
request to complete. And change the name to reflect it's no longer
synchronous.
This resolves:
http://tracker.newdream.net/issues/3877
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Thu, 17 Jan 2013 18:25:27 +0000 (12:25 -0600)]
rbd: implement sync object read with new code
Reimplement the synchronous read operation used for reading a
version 1 header using the new request tracking code. Name the
resulting function rbd_obj_read_sync() to better reflect that
it's a full object operation, not an object request. To do this,
implement a new OBJ_REQUEST_PAGES object request type.
This implements a new mechanism to allow the caller to wait for
completion for an rbd_obj_request by calling rbd_obj_request_wait().
This partially resolves:
http://tracker.newdream.net/issues/3755
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 30 Nov 2012 23:53:04 +0000 (17:53 -0600)]
rbd: kill rbd_req_coll and rbd_request
The two remaining callers of rbd_do_request() always pass a null
collection pointer, so the "coll" and "coll_index" parameters are
not needed. There is no other use of that data structure, so it
can be eliminated.
Deleting them means there is no need to allocate a rbd_request
structure for the callback function. And since that's the only use
of *that* structure, it too can be eliminated.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Fri, 30 Nov 2012 23:53:04 +0000 (17:53 -0600)]
rbd: kill rbd_rq_fn() and all other related code
Now that the request function has been replaced by one using the new
request management data structures the old one can go away.
Deleting it makes rbd_dev_do_request() no longer needed, and
deleting that makes other functions unneeded, and so on.
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Thu, 22 Nov 2012 06:00:08 +0000 (00:00 -0600)]
rbd: new request tracking code
This patch fully implements the new request tracking code for rbd
I/O requests.
Each I/O request to an rbd image will get an rbd_image_request
structure allocated to track it. This provides access to all
information about the original request, as well as access to the
set of one or more object requests that are initiated as a result
of the image request.
An rbd_obj_request structure defines a request sent to a single osd
object (possibly) as part of an rbd image request. An rbd object
request refers to a ceph_osd_request structure built up to represent
the request; for now it will contain a single osd operation. It
also provides space to hold the result status and the version of the
object when the osd request completes.
An rbd_obj_request structure can also stand on its own. This will
be used for reading the version 1 header object, for issuing
acknowledgements to event notifications, and for making object
method calls.
All rbd object requests now complete asynchronously with respect
to the osd client--they supply a common callback routine.
This resolves:
http://tracker.newdream.net/issues/3741
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Alex Elder [Thu, 31 Jan 2013 22:02:01 +0000 (16:02 -0600)]
libceph: fix messenger CONFIG_BLOCK dependencies
The ceph messenger has a few spots that are only used when
bio messages are supported, and that's only when CONFIG_BLOCK
is defined. This surrounds a couple of spots with #ifdef's
that would cause a problem if CONFIG_BLOCK were not present
in the kernel configuration.
This resolves:
http://tracker.ceph.com/issues/3976
Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
Allow individual fields of the layout to be fetched via getxattr.
The ceph.dir.layout.* vxattr with "disappear" if the exists_cb
indicates there no dir layout set.
Signed-off-by: Sage Weil <sage@inktank.com> Reviewed-by: Sam Lang <sam.lang@inktank.com>
Sage Weil [Mon, 21 Jan 2013 06:07:12 +0000 (22:07 -0800)]
ceph: add ceph.dir.layout vxattr
This virtual xattr will only appear when there is a dir layout policy
set on the directory. It can be set via setxattr and removed via
removexattr (implemented by the MDS).
Signed-off-by: Sage Weil <sage@inktank.com> Reviewed-by: Sam Lang <sam.lang@inktank.com>
Sage Weil [Mon, 21 Jan 2013 06:00:58 +0000 (22:00 -0800)]
ceph: fix getxattr vxattr handling
Change the vxattr handling for getxattr so that vxattrs are checked
prior to any xattr content, and never after. Enforce vxattr existence
via the exists_cb callback.
Signed-off-by: Sage Weil <sage@inktank.com> Reviewed-by: Sam Lang <sam.lang@inktank.com>
Sage Weil [Thu, 31 Jan 2013 19:53:41 +0000 (11:53 -0800)]
ceph: pass unhandled ceph.* setxattrs through to MDS
If we do not specifically understand a setxattr on a ceph.* virtual
xattr, send it through to the MDS. This allows us to implement new
functionality via the MDS without direct support on the client side.
Signed-off-by: Sage Weil <sage@inktank.com> Reviewed-by: Sam Lang <sam.lang@inktank.com>
Satoru Takeuchi [Thu, 14 Feb 2013 00:12:52 +0000 (09:12 +0900)]
efi: Clear EFI_RUNTIME_SERVICES rather than EFI_BOOT by "noefi" boot parameter
There was a serious problem in samsung-laptop that its platform driver is
designed to run under BIOS and running under EFI can cause the machine to
become bricked or can cause Machine Check Exceptions.
Discussion about this problem:
https://bugs.launchpad.net/ubuntu-cdimage/+bug/1040557
https://bugzilla.kernel.org/show_bug.cgi?id=47121
Unfortunately this problem comes back again if users specify "noefi" option.
This parameter clears EFI_BOOT and that driver continues to run even if running
under EFI. Refer to the document, this parameter should clear
EFI_RUNTIME_SERVICES instead.
Documentation/x86/x86_64/uefi.txt:
===============================================================================
...
- If some or all EFI runtime services don't work, you can try following
kernel command line parameters to turn off some or all EFI runtime
services.
noefi turn off all EFI runtime services
...
===============================================================================
Signed-off-by: Satoru Takeuchi <takeuchi_satoru@jp.fujitsu.com> Link: http://lkml.kernel.org/r/511C2C04.2070108@jp.fujitsu.com Cc: Matt Fleming <matt.fleming@intel.com> Cc: <stable@vger.kernel.org> Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Jan Beulich [Thu, 24 Jan 2013 13:11:10 +0000 (13:11 +0000)]
x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS.
This fixes CVE-2013-0228 / XSA-42
Drew Jones while working on CVE-2013-0190 found that that unprivileged guest user
in 32bit PV guest can use to crash the > guest with the panic like this:
Petr says: "
I've analysed the bug and I think that xen_iret() cannot cope with
mangled DS, in this case zeroed out (null selector/descriptor) by either
xen_failsafe_callback() or RESTORE_REGS because the corresponding LDT
entry was invalidated by the reproducer. "
Jan took a look at the preliminary patch and came up a fix that solves
this problem:
"This code gets called after all registers other than those handled by
IRET got already restored, hence a null selector in %ds or a non-null
one that got loaded from a code or read-only data descriptor would
cause a kernel mode fault (with the potential of crashing the kernel
as a whole, if panic_on_oops is set)."
The way to fix this is to realize that the we can only relay on the
registers that IRET restores. The two that are guaranteed are the
%cs and %ss as they are always fixed GDT selectors. Also they are
inaccessible from user mode - so they cannot be altered. This is
the approach taken in this patch.
Another alternative option suggested by Jan would be to relay on
the subtle realization that using the %ebp or %esp relative references uses
the %ss segment. In which case we could switch from using %eax to %ebp and
would not need the %ss over-rides. That would also require one extra
instruction to compensate for the one place where the register is used
as scaled index. However Andrew pointed out that is too subtle and if
further work was to be done in this code-path it could escape folks attention
and lead to accidents.
Reviewed-by: Petr Matousek <pmatouse@redhat.com> Reported-by: Petr Matousek <pmatouse@redhat.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Signed-off-by: Jan Beulich <jbeulich@suse.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
David S. Miller [Wed, 13 Feb 2013 20:21:06 +0000 (12:21 -0800)]
sparc64: Fix get_user_pages_fast() wrt. THP.
Mostly mirrors the s390 logic, as unlike x86 we don't need the
SetPageReferenced() bits.
On sparc64 we also lack a user/privileged bit in the huge PMDs.
In order to make this work for THP and non-THP builds, some header
file adjustments were necessary. Namely, provide the PMD_HUGE_* bit
defines and the pmd_large() inline unconditionally rather than
protected by TRANSPARENT_HUGEPAGE.
Reported-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Pull networking fixes from David Miller:
"This is primarily to get those r8169 reverts sorted, but other fixes
have accumulated meanwhile.
1) Revert two r8169 changes to fix suspend/resume for some users,
from Francois Romieu.
2) PCI dma mapping errors in atl1c are not checked for and this cause
hard crashes for some users, from Xiong Huang.
3) In 3.8.x we merged the removal of the EXPERIMENTAL dependency for
'dlm' but the same patch for 'sctp' got lost somewhere, resulting
in the potential for build errors since there are cross
dependencies. From Kees Cook.
4) SCTP's ipv6 socket route validation makes boolean tests
incorrectly, fix from Daniel Borkmann.
5) mac80211 does sizeof(ptr) instead of (sizeof(ptr) * nelem), from
Cong Ding.
6) arp_rcv() can crash on shared non-linear packets, from Eric
Dumazet.
7) Avoid crashes in macvtap by setting ->gso_type consistently in
ixgbe, qlcnic, and bnx2x drivers. From Michael S Tsirkin and
Alexander Duyck.
8) Trinity fuzzer spots infinite loop in __skb_recv_datagram(), fix
from Eric Dumazet.
9) STP protocol frames should use high packet priority, otherwise an
overloaded bridge can get stuck. From Stephen Hemminger.
10) The HTB packet scheduler was converted some time ago to store
internal timestamps in nanoseconds, but we don't convert back into
psched ticks for the user during dumps. Fix from Jiri Pirko.
11) mwl8k channel table doesn't set the .band field properly,
resulting in NULL pointer derefs. Fix from Jonas Gorski.
12) mac80211 doesn't accumulate channels properly during a scan so we
can downgrade heavily to a much less desirable connection speed.
Fix from Johannes Berg.
13) PHY probe failure in stmmac can result in resource leaks and
double MDIO registery later, from Giuseppe CAVALLARO.
14) Correct ipv6 checksumming in ip6t_NPT netfilter module, also fix
address prefix mangling, from YOSHIFUJI Hideaki."
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (27 commits)
net, sctp: remove CONFIG_EXPERIMENTAL
net: sctp: sctp_v6_get_dst: fix boolean test in dst cache
batman-adv: Fix NULL pointer dereference in DAT hash collision avoidance
net/macb: fix race with RX interrupt while doing NAPI
atl1c: add error checking for pci_map_single functions
htb: fix values in opt dump
ixgbe: Only set gso_type to SKB_GSO_TCPV4 as RSC does not support IPv6
net: fix infinite loop in __skb_recv_datagram()
net: qmi_wwan: add Yota / Megafon M100-1 4g modem
mwl8k: fix band for supported channels
bridge: set priority of STP packets
mac80211: fix channel selection bug
arp: fix possible crash in arp_rcv()
bnx2x: set gso_type
qlcnic: set gso_type
ixgbe: fix gso type
stmmac: mdio register has to fail if the phy is not found
stmmac: fix macro used for debugging the xmit
Revert "r8169: enable internal ASPM and clock request settings".
Revert "r8169: enable ALDPS for power saving".
...
Linus Torvalds [Wed, 13 Feb 2013 20:19:49 +0000 (12:19 -0800)]
Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fixes from Peter Anvin:
"One (hopefully) last batch of x86 fixes. You asked for the patch by
patch justifications, so here they are:
x86, MCE: Retract most UAPI exports
This one unexports from userspace a bunch of definitions which should
never have been exported. We really don't want to create an
accidental legacy here.
x86, doc: Add a bootloader ID for OVMF
This is a documentation-only patch, just recording the official
assignment of a boot loader ID.
x86: Do not leak kernel page mapping locations
Security: avoid making it needlessly easy for user space to probe the
kernel memory layout.
x86/mm: Check if PUD is large when validating a kernel address
Prevent failures using /proc/kcore when using 1G pages.
x86/apic: Work around boot failure on HP ProLiant DL980 G7 Server systems
Works around a BIOS problem causing boot failures on affected hardware."
* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/mm: Check if PUD is large when validating a kernel address
x86/apic: Work around boot failure on HP ProLiant DL980 G7 Server systems
x86, doc: Add a bootloader ID for OVMF
x86: Do not leak kernel page mapping locations
x86, MCE: Retract most UAPI exports
Wolfram Sang [Fri, 8 Feb 2013 19:54:40 +0000 (20:54 +0100)]
MAINTAINERS: change my email and repos
Change to my private email, change to my shiny new kernel.org repos,
and drop outdated entry from the former maintainer. Drop my PCA entry,
too, since it belongs to the I2C realm anyhow.
Signed-off-by: Wolfram Sang <wolfram@the-dreams.de>
Devices are added to pci_pme_list when drivers use pci_enable_wake()
or pci_wake_from_d3(), but they aren't removed from the list unless
the driver explicitly disables wakeup. Many drivers never disable
wakeup, so their devices remain on the list even after they are
removed, e.g., via hotplug. A subsequent PME poll will oops when
it tries to touch the device.
This patch disables PME# on a device before removing it, which removes
the device from pci_pme_list. This is safe even if the device never
had PME# enabled.
This oops can be triggered by unplugging a Thunderbolt ethernet adapter
on a Macbook Pro, as reported by Daniel below.
[bhelgaas: changelog]
Reference: http://lkml.kernel.org/r/CAMVG2svG21yiM1wkH4_2pen2n+cr2-Zv7TbH3Gj+8MwevZjDbw@mail.gmail.com Reported-and-tested-by: Daniel J Blueman <daniel@quora.org> Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com> Signed-off-by: Bjorn Helgaas <bhelgaas@google.com> CC: stable@vger.kernel.org
Kees Cook [Wed, 13 Feb 2013 00:24:56 +0000 (16:24 -0800)]
net, sctp: remove CONFIG_EXPERIMENTAL
This config item has not carried much meaning for a while now and is
almost always enabled by default. As agreed during the Linux kernel
summit, remove it.
Acked-by: Vlad Yasevich <vyasevich@gmail.com> Acked-by: Steven Whitehouse <swhiteho@redhat.com> Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: David Rientjes <rientjes@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Daniel Borkmann [Tue, 12 Feb 2013 13:30:16 +0000 (13:30 +0000)]
net: sctp: sctp_v6_get_dst: fix boolean test in dst cache
We walk through the bind address list and try to get the best source
address for a given destination. However, currently, we take the
'continue' path of the loop when an entry is invalid (!laddr->valid)
*and* the entry state does not equal SCTP_ADDR_SRC (laddr->state !=
SCTP_ADDR_SRC).
Thus, still, invalid entries with SCTP_ADDR_SRC might not 'continue'
as well as valid entries with SCTP_ADDR_{NEW, SRC, DEL}, with a possible
false baddr and matchlen as a result, causing in worst case dst route
to be false or possibly NULL.
This test should actually be a '||' instead of '&&'. But lets fix it
and make this a bit easier to read by having the condition the same way
as similarly done in sctp_v4_get_dst.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Acked-by: Vlad Yasevich <vyasevich@gmail.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Pau Koning [Tue, 12 Feb 2013 00:18:45 +0000 (00:18 +0000)]
batman-adv: Fix NULL pointer dereference in DAT hash collision avoidance
An entry in DAT with the hashed position of 0 can cause a NULL pointer
dereference when the first entry is checked by batadv_choose_next_candidate.
This first candidate automatically has the max value of 0 and the max_orig_node
of NULL. Not checking max_orig_node for NULL in batadv_is_orig_node_eligible
will lead to a NULL pointer dereference when checking for the lowest address.
Nicolas Ferre [Tue, 12 Feb 2013 10:08:48 +0000 (11:08 +0100)]
net/macb: fix race with RX interrupt while doing NAPI
When interrupts are disabled, an RX condition can occur but
it is not reported when enabling interrupts again. We need to check
RSR and use napi_reschedule() if condition is met.
Signed-off-by: Nicolas Ferre <nicolas.ferre@atmel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Huang, Xiong [Mon, 11 Feb 2013 14:44:40 +0000 (14:44 +0000)]
atl1c: add error checking for pci_map_single functions
it is reported that code hit DMA-API errors on 3.8-rc6+,
(see https://bugzilla.redhat.com/show_bug.cgi?id=908436, and
https://bugzilla.redhat.com/show_bug.cgi?id=908550)
this patch just adds error handler for
pci_map_single and skb_frag_dma_map.
Signed-off-by: xiong <xiong@qca.qualcomm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Investigation determined that the bug triggered when reading
system RAM at the 4G mark. On this system, that was the first
address using 1G pages for the virt->phys direct mapping so the
PUD is pointing to a physical address, not a PMD page.
The problem is that the page table walker in kern_addr_valid() is
not checking pud_large() and treats the physical address as if
it was a PMD. If it happens to look like pmd_none then it'll
silently fail, probably returning zeros instead of real data. If
the data happens to look like a present PMD though, it will be
walked resulting in the oops above.
This patch adds the necessary pud_large() check.
Unfortunately the problem was not readily reproducible and now
they are running the backup program without accessing
/proc/kcore so the patch has not been validated but I think it
makes sense.
Signed-off-by: Mel Gorman <mgorman@suse.de> Reviewed-by: Rik van Riel <riel@redhat.coM> Reviewed-by: Michal Hocko <mhocko@suse.cz> Acked-by: Johannes Weiner <hannes@cmpxchg.org> Cc: stable@vger.kernel.org Cc: linux-mm@kvack.org Link: http://lkml.kernel.org/r/20130211145236.GX21389@suse.de Signed-off-by: Ingo Molnar <mingo@kernel.org>
Linus Torvalds [Wed, 13 Feb 2013 00:20:07 +0000 (16:20 -0800)]
Merge branch 'autofs-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux into akpm
Pull hp parisc automounter fix from Helge Deller:
"This unbreaks automounter support for the parisc architecture (and
probably aarch64 as well).""
* 'autofs-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux:
unbreak automounter support on 64-bit kernel with 32-bit userspace (v2)
Linus Torvalds [Wed, 13 Feb 2013 00:16:29 +0000 (16:16 -0800)]
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux into akpm
Pull s390 regression fix from Martin Schwidefsky:
"The recent fix for the s390 sched_clock() function uncovered yet
another bug in s390_next_ktime which causes an endless loop in KVM.
This regression should be fixed before v3.8.
I keep the fingers crossed that this is the last one for v3.8."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
s390/timer: avoid overflow when programming clock comparator
projects / linux-beck.git / log