Linus Torvalds [Mon, 20 May 2013 21:25:19 +0000 (14:25 -0700)]
Merge tag 'stable/for-linus-3.10-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen
Pull Xen fixes from Konrad Rzeszutek Wilk:
- Regression fix in xen privcmd fixing a memory leak.
- Add Documentation for tmem driver.
- Simplify and remove code in the tmem driver.
- Cleanups.
* tag 'stable/for-linus-3.10-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
xen: Fixed assignment error in if statement
xen/xenbus: Fixed over 80 character limit issue
xen/xenbus: Fixed indentation error in switch case
xen/tmem: Don't use self[ballooning|shrinking] if frontswap is off.
xen/tmem: Remove the usage of '[no|]selfballoon' and use 'tmem.selfballooning' bool instead.
xen/tmem: Remove the usage of 'noselfshrink' and use 'tmem.selfshrink' bool instead.
xen/tmem: Remove the boot options and fold them in the tmem.X parameters.
xen/tmem: s/disable_// and change the logic.
xen/tmem: Fix compile warning.
xen/tmem: Split out the different module/boot options.
xen/tmem: Move all of the boot and module parameters to the top of the file.
xen/tmem: Cleanup. Remove the parts that say temporary.
xen/privcmd: fix condition in privcmd_close()
David S. Miller [Mon, 20 May 2013 21:05:22 +0000 (14:05 -0700)]
Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
John W. Linville says:
====================
This pull request is intended for the 3.10 series. It contains a
variety of fixes for problems discovered during the merge window and
after 3.10-rc1.
For the mac80211 bits, Johannes says the following:
"This is what I have:
* a patch from Felix to fix RCU usage in his rate table code
* a patch from Ilan to add the wdev id to some notifications so they can
actually be used by userspace
* Sasha Levin found an issue in how hwsim handles devices
* a fix for a bug in the wiphy_register() error path that's been there forever
* three fixes for WoWLAN
* AP mode frame matching was erroneously giving frames to all virtual AP
interfaces (reported by Jouni)
* a fix for HT handling in my CSA changes, found by Sujith
* a fix for some locking simplifications gone wrong
* Ben Greear found more cfg80211/mac80211 state confusion
* and a fix for another bug found by Jouni: local state changes need to be
reported by mac80211 to cfg80211 so it disconnects properly."
And for the iwlwifi bits, he says:
"I have fixes for a firmware crash during resume, multicast RX,
aggregation and a workaround for a firmware scanning bug."
Along with those...
Albert Pool adds a USB ID to the rtl8192cu driver.
Arend van Spriel restores a driver option support flag that had been
removed from 3.9 due to a bug in that version of the driver.
Felix Fietkau fixes a trio of ath9k issues with a series of small
patches.
Geert Uytterhoeven provides a Kconfig fix for ath9k (which you also
merged, so it isn't in the diff here).
Larry Finger gives us a fix for a build warning on big-endian systems
for rtlwifi.
Rafał Miłecki adds some core IDs to the bcma driver.
Sujith Manoharan fixes a module unloading crash in ath9k, and corrects
some calibration settings for AR9485.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch cures transmit timeout's with DHCP observed
while running under KVM. When the transmit ring is cleaned out,
the Byte Queue Limit values need to be reset.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Petko Manolov [Sun, 19 May 2013 23:08:47 +0000 (23:08 +0000)]
drivers: net: usb: rtl8150: concurrent URB bugfix
This patch fixes a potential race with concurrently running asynchronous
write requests. The values for device's RX control register are now
stored in dynamically allocated buffers so each URB submission has it's
own copy. Doing it the old way is data clobbering prone.
This patch is against latest 'net' tree.
Signed-off-by: Petko Manolov <petkan@nucleusys.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Dan Carpenter [Sun, 19 May 2013 08:36:36 +0000 (08:36 +0000)]
isdn/kcapi: fix a small underflow
In get_capi_ctr_by_nr() and get_capi_appl_by_nr() the parameter comes
from skb->data. The current code can underflow to one space before the
start of the array.
The sanity check isn't needed in __get_capi_appl_by_nr() but I changed
it to match the others.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Wang YanQing [Thu, 9 May 2013 06:16:47 +0000 (14:16 +0800)]
TTY: Fix tty miss restart after we turn off flow-control
I meet emacs hang in start if I do the operation below:
1: echo 3 > /proc/sys/vm/drop_caches
2: emacs BigFile
3: Press CTRL-S follow 2 immediately
Then emacs hang on, CTRL-Q can't resume, the terminal
hang on, you can do nothing with this terminal except
close it.
The reason is before emacs takeover control the tty,
we use CTRL-S to XOFF it. Then when emacs takeover the
control, it may don't use the flow-control, so emacs hang.
This patch fix it.
This patch will fix a kind of strange tty relation hang problem,
I believe I meet it with vim in ssh, and also see below bug report:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=465823
Peter Hurley [Fri, 17 May 2013 16:41:03 +0000 (12:41 -0400)]
tty/vt: Fix vc_deallocate() lock order
Now that the tty port owns the flip buffers and i/o is allowed
from the driver even when no tty is attached, the destruction
of the tty port (and the flip buffers) must ensure that no
outstanding work is pending.
Unfortunately, this creates a lock order problem with the
console_lock (see attached lockdep report [1] below).
For single console deallocation, drop the console_lock prior
to port destruction. When multiple console deallocation,
defer port destruction until the consoles have been
deallocated.
tty_port_destroy() is not required if the port has not
been used; remove from vc_allocate() failure path.
[1] lockdep report from Dave Jones <davej@redhat.com>
======================================================
[ INFO: possible circular locking dependency detected ]
3.9.0+ #16 Not tainted
-------------------------------------------------------
(agetty)/26163 is trying to acquire lock:
blocked: ((&buf->work)){+.+...}, instance: ffff88011c8b0020, at: [<ffffffff81062065>] flush_work+0x5/0x2e0
but task is already holding lock:
blocked: (console_lock){+.+.+.}, instance: ffffffff81c2fde0, at: [<ffffffff813bc201>] vt_ioctl+0xb61/0x1230
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
Cc: Dave Jones <davej@redhat.com> Signed-off-by: Peter Hurley <peter@hurleysoftware.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Commit "TTY: rocket, fix compilation warning" fixed a compilation
warning, but there was still a problem with !CONFIG_PCI configs. So
fix them for good by coupling the PCI functions together and moving
them inside a common #ifdef.
Lee Jones [Thu, 9 May 2013 12:50:55 +0000 (13:50 +0100)]
serial: pl011: protect attribute read from NULL platform data struct
It's completely feasible that platform data will be empty i.e. when
booting with Device Tree with no device AUXDATA. So we must protect
it's use in these use-cases, or risk a kernel Oops.
Cc: Russell King <linux@arm.linux.org.uk> Cc: Jiri Slaby <jslaby@suse.cz> Cc: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Lee Jones <lee.jones@linaro.org> Reviewed-by: Linus Walleij <linus.walleij@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Ezequiel Garcia [Tue, 7 May 2013 11:27:16 +0000 (08:27 -0300)]
serial: 8250_dw: Add valid clk pointer check
Commit ffc3ae6dd "serial: 8250_dw: Enable runtime PM" introduced runtime
PM management, which enables/disables the clk without checking if the clk
is valid. However, this driver allows to be probed without a defined clk,
using clock-frequency, as a fallback.
Therefore, on platforms that are device tree probed using clock-frequency
instead of clk, we get an ugly NULL pointer dereference.
This patch fixes it by simply adding a check before accessing the clk api.
Max Filippov [Sat, 18 May 2013 19:34:30 +0000 (23:34 +0400)]
xtensa: fix fast_store_prohibited _PAGE_WRITABLE_BIT test
Before _PAGE_WRITABLE_BIT test fast_store_prohibited must make sure that
PTE is present. Otherwise 'writable' bit is undefined and may be reused
in the 'file offset' or 'swap type' PTE fields.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com> Signed-off-by: Chris Zankel <chris@zankel.net>
Linus Torvalds [Mon, 20 May 2013 18:36:52 +0000 (11:36 -0700)]
Merge tag 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging
Pull hwmon fixes from Guenter Roeck:
- Error path fixes for abituguru and iio_hwmon drivers.
- Drop erroneously created attributes from nct6775 driver.
- Drop redundant safety on cache lifetime for tmp401 driver.
- Add explicit maintainer for LM95234 and TMP401 drivers.
* tag 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
MAINTAINERS: Add myself as maintainer for LM95234 and TMP401 drivers
hwmon: (tmp401) Drop redundant safety on cache lifetime
hwmon: fix error return code in abituguru_probe()
hwmon: (iio_hwmon) Fix null pointer dereference
hwmon: (nct6775) Do not create non-existing attributes
hwmon: (iio_hwmon) Fix missing iio_channel_release_all call if devm_kzalloc fail
Linus Torvalds [Mon, 20 May 2013 18:36:03 +0000 (11:36 -0700)]
x86: Fix bit corruption at CPU resume time
In commit 78d77df71510 ("x86-64, init: Do not set NX bits on non-NX
capable hardware") we added the early_pmd_flags that gets the NX bit set
when a CPU supports NX. However, the new variable was marked __initdata,
because the main _use_ of this is in an __init routine.
However, the bit setting happens from secondary_startup_64(), which is
called not only at bootup, but on every secondary CPU start. Including
resuming from STR and at CPU hotplug time. So the value cannot be
__initdata.
Reported-bisected-and-tested-by: Michal Hocko <mhocko@suse.cz> Cc: stable@vger.kernel.org # v3.9 Acked-by: Peter Anvin <hpa@linux.intel.com> Cc: Fernando Luis Vázquez Cao <fernando@oss.ntt.co.jp> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Dan Carpenter [Sun, 19 May 2013 18:52:20 +0000 (21:52 +0300)]
USB: cxacru: potential underflow in cxacru_cm_get_array()
The value of "offd" comes off the instance->rcv_buf[] and we used it as
the offset into an array. The problem is that we check the upper bound
but not for negative values.
Trond Myklebust [Mon, 20 May 2013 16:24:03 +0000 (12:24 -0400)]
NFSv4.1: Enable state protection
Use the EXCHGID4_FLAG_BIND_PRINC_STATEID exchange_id flag to enable
stateid protection. This means that if we create a stateid using a
particular principal, then we must use the same principal if we
want to change that state.
IOW: if we OPEN a file using a particular credential, then we have
to use the same credential in subsequent OPEN_DOWNGRADE, CLOSE,
or DELEGRETURN operations that use that stateid.
Trond Myklebust [Mon, 20 May 2013 15:42:54 +0000 (11:42 -0400)]
NFSv4.1: Use layout credentials for get_deviceinfo calls
This is not strictly needed, since get_deviceinfo is not allowed to
return NFS4ERR_ACCESS or NFS4ERR_WRONG_CRED, but lets do it anyway
for consistency with other pNFS operations.
Andy Adamson [Mon, 20 May 2013 18:13:50 +0000 (14:13 -0400)]
NFSv4.1 Fix a pNFS session draining deadlock
On a CB_RECALL the callback service thread flushes the inode using
filemap_flush prior to scheduling the state manager thread to return the
delegation. When pNFS is used and I/O has not yet gone to the data server
servicing the inode, a LAYOUTGET can preceed the I/O. Unlike the async
filemap_flush call, the LAYOUTGET must proceed to completion.
If the state manager starts to recover data while the inode flush is sending
the LAYOUTGET, a deadlock occurs as the callback service thread holds the
single callback session slot until the flushing is done which blocks the state
manager thread, and the state manager thread has set the session draining bit
which puts the inode flush LAYOUTGET RPC to sleep on the forechannel slot
table waitq.
Separate the draining of the back channel from the draining of the fore channel
by moving the NFS4_SESSION_DRAINING bit from session scope into the fore
and back slot tables. Drain the back channel first allowing the LAYOUTGET
call to proceed (and fail) so the callback service thread frees the callback
slot. Then proceed with draining the forechannel.
Signed-off-by: Andy Adamson <andros@netapp.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Chris Zankel [Mon, 20 May 2013 18:09:13 +0000 (11:09 -0700)]
xtensa: fix TLB multihit exceptions
- set _PAGE_USER in the pte_clear to avoid having TLB multihit exceptions
(see following threads for more details);
http://lists.linux-xtensa.org/pipermail/linux-xtensa/Week-of-Mon-20130401/
http://lists.linux-xtensa.org/pipermail/linux-xtensa/Week-of-Mon-20130408/
- improved documentation of the PTE layout
- fix PTE mapping for present and 'prot_none' pages for T1050 hw and earlier
- fix pte_file offset and size
- add check for the correct number of bits for swap type
CC: piet.delaney@gmail.com CC: jcmvbkbc@gmail.com Signed-off-by: Chris Zankel <chris@zankel.net>
Linus Torvalds [Mon, 20 May 2013 14:59:46 +0000 (07:59 -0700)]
Merge tag 'pinctrl-fixes-v3.10-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl
Pull pinctrl fixes from Linus Walleij:
- Three fixes to make the boot path for device tree work properly on
the Nomadik pin controller.
- Compile warning fix for the vt8500 driver.
- Fix error path in pinctrl-single.
- Free mappings in error path of the Lantiq controller.
- Documentation fixes.
* tag 'pinctrl-fixes-v3.10-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
pinctrl/lantiq: Free mapping configs for both pin and groups
pinctrl: single: fix error return code in pcs_parse_one_pinctrl_entry()
pinctrl: generic: Fix typos and clarify comments
pinctrl: vt8500: Fix incorrect data in WM8750 pinctrl table
pinctrl: abx500: Rejiggle platform data and DT initialisation
pinctrl: abx500: Specify failed sub-driver by ID instead of driver_data
Brian Foster [Fri, 17 May 2013 13:30:32 +0000 (09:30 -0400)]
fuse: truncate pagecache range on hole punch
fuse supports hole punch via the fallocate() FALLOC_FL_PUNCH_HOLE
interface. When a hole punch is passed through, the page cache
is not cleared and thus allows reading stale data from the cache.
This is easily demonstrable (using FOPEN_KEEP_CACHE) by reading a
smallish random data file into cache, punching a hole and creating
a copy of the file. Drop caches or remount and observe that the
original file no longer matches the file copied after the hole
punch. The original file contains a zeroed range and the latter
file contains stale data.
Protect against writepage requests in progress and punch out the
associated page cache range after a successful client fs hole
punch.
Signed-off-by: Brian Foster <bfoster@redhat.com> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Guenter Roeck [Mon, 20 May 2013 03:44:27 +0000 (20:44 -0700)]
MAINTAINERS: Add myself as maintainer for LM95234 and TMP401 drivers
I wrote the LM95234 driver and extended the TMP401 driver substantially,
and I have hardware to test both, so it makes sense to explicitly
maintain them.
Signed-off-by: Guenter Roeck <linux@roeck-us.net> Acked-by: Jean Delvare <khali@linux-fr.org>
Yuval Mintz [Sun, 19 May 2013 04:41:01 +0000 (04:41 +0000)]
bnx2x: Fix GSO for 57710/57711 chips
Starting with commit 91226790bbe2dbfbba48dd79d49f2b38ef10eb97
`bnx2x: use FW 7.8.17', the bnx2x driver no longer requests the FW to perform
IP checksums for IPv4 packets.
This behaviour needs to be revised for 57710/57711 chips -
when using GSO, if the driver will not set the IP checksum flag then packets
will be transmitted by the chip without a valid IP checksum, resulting in
a drop of all such packets on the receiver-side.
Signed-off-by: Yuval Mintz <yuvalmin@broadcom.com> Signed-off-by: Dmitry Kravkov <dmitry@broadcom.com> Signed-off-by: Eilon Greenstein <eilong@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Jaegeuk Kim [Mon, 20 May 2013 05:48:49 +0000 (14:48 +0900)]
f2fs: don't do checkpoint if error is occurred
If we met an error during the dentry recovery, we should not conduct checkpoint.
Otherwise, some errorneous dentry blocks overwrites the existing blocks that
contain the remaining recovery information.
Signed-off-by: Jaegeuk Kim <jaegeuk.kim@samsung.com>
Few things can be changed in the default mkwrite function
1) Make file_update_time at the start before acquiring any lock
2) the condition page_offset(page) >= i_size_read(inode) should be
changed to page_offset(page) > i_size_read
3) Move wait_on_page_writeback.
Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com> Signed-off-by: Amit Sahrawat <a.sahrawat@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk.kim@samsung.com>
Peter Zijlstra [Thu, 16 May 2013 18:03:12 +0000 (20:03 +0200)]
f2fs, lockdep: annotate mutex_lock_all()
Majianpeng reported a lockdep splat for f2fs. It turns out mutex_lock_all()
acquires an array of locks (in global/local lock style).
Any such operation is always serialized using cp_mutex, therefore there is no
fs_lock[] lock-order issue; tell lockdep about this using the
mutex_lock_nest_lock() primitive.
Reported-by: majianpeng <majianpeng@gmail.com> Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Signed-off-by: Jaegeuk Kim <jaegeuk.kim@samsung.com>
Jaegeuk Kim [Mon, 20 May 2013 01:10:29 +0000 (10:10 +0900)]
f2fs: update inode page after creation
I found a bug when testing power-off-recovery as follows.
[Bug Scenario]
1. create a file
2. fsync the file
3. reboot w/o any sync
4. try to recover the file
- found its fsync mark
- found its dentry mark
: try to recover its dentry
- get its file name
- get its parent inode number
: here we got zero value
The reason why we get the wrong parent inode number is that we didn't
synchronize the inode page with its newly created inode information perfectly.
Especially, previous f2fs stores fi->i_pino and writes it to the cached
node page in a wrong order, which incurs the zero-valued i_pino during the
recovery.
So, this patch modifies the creation flow to fix the synchronization order of
inode page with its inode.
Signed-off-by: Jaegeuk Kim <jaegeuk.kim@samsung.com>
Jaegeuk Kim [Wed, 15 May 2013 07:40:02 +0000 (16:40 +0900)]
f2fs: fix BUG_ON during f2fs_evict_inode(dir)
During the dentry recovery routine, recover_inode() triggers __f2fs_add_link
with its directory inode.
In the following scenario, a bug is captured.
1. dir = f2fs_iget(pino)
2. __f2fs_add_link(dir, name)
3. iput(dir)
-> f2fs_evict_inode() faces with BUG_ON(atomic_read(fi->dirty_dents))
This means that we should flush all the dentry pages between iget and iput().
But, during the recovery routine, it is unallowed due to consistency, so we
have to wait the whole recovery process.
And then, write_checkpoint flushes all the dirty dentry blocks, and nicely we
can put the stale dir inodes from the dirty_dir_inode_list.
Signed-off-by: Jaegeuk Kim <jaegeuk.kim@samsung.com>
Jaegeuk Kim [Wed, 15 May 2013 07:12:18 +0000 (16:12 +0900)]
f2fs: fix por_doing variable coverage
The reason of using sbi->por_doing is to alleviate data writes during the
recovery.
The find_fsync_dnodes() produces some dirty dentry pages, so we should
cover it too with sbi->por_doing.
Signed-off-by: Jaegeuk Kim <jaegeuk.kim@samsung.com>
françois romieu [Sat, 18 May 2013 01:24:46 +0000 (01:24 +0000)]
r8169: fix offloaded tx checksum for small packets.
8168evl offloaded checksums are wrong since commit e5195c1f31f399289347e043d6abf3ffa80f0005 ("r8169: fix 8168evl frame padding.")
pads small packets to 60 bytes (without ethernet checksum). Typical symptoms
appear as UDP checksums which are wrong by the count of added bytes.
It isn't worth compensating. Let the driver checksum.
Due to the skb length changes, TSO code is moved before the Tx descriptor gets
written.
Signed-off-by: Francois Romieu <romieu@fr.zoreil.com> Tested-by: Holger Hoffstätte <holger.hoffstaette@googlemail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
When bond_3ad_get_active_agg_info() is used in all show_ad_ functions
it is not protected against slave manipulation and since it walks over
the slaves and uses them, this can easily result in NULL pointer
dereference or use of freed memory. Both the new wrapper and the
internal function are exported to the bonding as they're needed in
different places.
Signed-off-by: Nikolay Aleksandrov <nikolay@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
bonding: arp_ip_count and arp_targets can be wrong
When getting arp_ip_targets if we encounter a bad IP, arp_ip_count still
gets increased and all the targets after the wrong one will not be probed
if arp_interval is enabled after that (unless a new IP target is added
through sysfs) because of the zero entry, in this case reading
arp_ip_target through sysfs will show valid targets even if there's a
zero entry.
Example: 1.2.3.4,4.5.6.7,blah,5.6.7.8
When retrieving the list from arp_ip_target the output would be:
1.2.3.4,4.5.6.7,5.6.7.8
but there will be a 0 entry between 4.5.6.7 and 5.6.7.8. If arp_interval
is enabled after that 5.6.7.8 will never be checked because of that.
Signed-off-by: Nikolay Aleksandrov <nikolay@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Changing the mode without any locking can result in multiple races (e.g.
upping a bond, enslaving/releasing). Depending on which race is hit the
impact can vary from incosistent bond state to kernel crash.
Use RTNL to synchronize the mode setting with the dangerous races.
Signed-off-by: Nikolay Aleksandrov <nikolay@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
That function is only present with CONFIG_NET. Turns out that
crypto/algif_skcipher.c also uses that outside net, but it actually
needs sockets anyway.
In addition, commit 6d4f0139d642c45411a47879325891ce2a7c164a added
CONFIG_NET dependency to CONFIG_VMCI for memcpy_toiovec, so hoist
that function and revert that commit too.
socket.h already includes uio.h, so no callers need updating; trying
only broke things fo x86_64 randconfig (thanks Fengguang!).
Reported-by: Randy Dunlap <rdunlap@infradead.org> Acked-by: David S. Miller <davem@davemloft.net> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Chen Gang [Thu, 16 May 2013 23:13:04 +0000 (23:13 +0000)]
net: irda: using kzalloc() instead of kmalloc() to avoid strncpy() issue.
'discovery->data.info' length is 22, NICKNAME_MAX_LEN is 21, so the
strncpy() will always left the last byte of 'discovery->data.info'
uninitialized.
When 'text' length is longer than 21 (NICKNAME_MAX_LEN), if still left
the last byte of 'discovery->data.info' uninitialized, the next
strlen() will cause issue.
Also 'discovery->data' is 'struct irda_device_info' which defined in
"include/uapi/...", it may copy to user mode, so need whole initialized.
All together, need use kzalloc() instead of kmalloc() to initialize all
members firstly.
Signed-off-by: Chen Gang <gang.chen@asianux.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Paul Moore [Fri, 17 May 2013 09:08:50 +0000 (09:08 +0000)]
netlabel: improve domain mapping validation
The net/netlabel/netlabel_domainhash.c:netlbl_domhsh_add() function
does not properly validate new domain hash entries resulting in
potential problems when an administrator attempts to add an invalid
entry. One such problem, as reported by Vlad Halilov, is a kernel
BUG (found in netlabel_domainhash.c:netlbl_domhsh_audit_add()) when
adding an IPv6 outbound mapping with a CIPSO configuration.
This patch corrects this problem by adding the necessary validation
code to netlbl_domhsh_add() via the newly created
netlbl_domhsh_validate() function.
Ideally this patch should also be pushed to the currently active
-stable trees.
Reported-by: Vlad Halilov <vlad.halilov@gmail.com> Signed-off-by: Paul Moore <pmoore@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Fix detection of the need to resize the dm thin metadata device.
The code incorrectly tried to extend the metadata device when it
didn't need to due to a merging error with patch 24347e9 ("dm thin:
detect metadata device resizing").
device-mapper: transaction manager: couldn't open metadata space map
device-mapper: thin metadata: tm_open_with_sm failed
device-mapper: thin: aborting transaction failed
device-mapper: thin: switching pool to failure mode
Jean Delvare [Sun, 19 May 2013 14:57:30 +0000 (16:57 +0200)]
hwmon: (tmp401) Drop redundant safety on cache lifetime
time_after (as opposed to time_after_equal) already ensures that the
cache lifetime is at least as much as requested. There is no point in
manually adding another jiffy to that value, and this can confuse the
reader into wrong interpretation.
Signed-off-by: Jean Delvare <khali@linux-fr.org> Cc: Imre Deak <imre.deak@intel.com> Cc: Guenter Roeck <linux@roeck-us.net> Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Helge Deller [Sat, 18 May 2013 22:21:13 +0000 (22:21 +0000)]
parisc: use arch_spinlock_t instead of raw_spinlock_t in irqstacks
We need to use arch_spinlock_t spinlocks instead of raw_spinlock_t
spinlocks for irqstack protection else we will hit the "trylock failure
on UP" error message with CONFIG_SMP=n and CONFIG_DEBUG_SPINLOCK=y.
Since we can be called recursive here even on UP (we are in the irq
handler which handles even irq bh) this spinlock error message is just
wrong.
projects / karo-tx-linux.git / log