]> git.karo-electronics.de Git - karo-tx-linux.git/log
karo-tx-linux.git
13 years agodp83640: increase receive time stamp buffer size
Richard Cochran [Sat, 6 Aug 2011 21:03:04 +0000 (21:03 +0000)]
dp83640: increase receive time stamp buffer size

commit 8028837d71ba9904b17281b40f94b93e947fbe38 upstream.

The dp83640 buffers receive time stamps from special PHY status frames,
matching them to received PTP packets in a work queue. Because the timeout
for orphaned time stamps is so long and the buffer is so small, the driver
can drop time stamps under moderate PTP traffic.

This commit fixes the issue by decreasing the timeout to (at least) one
timer tick and increasing the buffer size.

Signed-off-by: Richard Cochran <richard.cochran@omicron.at>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agogianfar: fix fiper alignment after resetting the time
Richard Cochran [Sat, 6 Aug 2011 21:03:03 +0000 (21:03 +0000)]
gianfar: fix fiper alignment after resetting the time

commit cbc056602c7c63620c86904c431ff6b61e029dcc upstream.

After resetting the time, the PPS signals on the FIPER output channels
are incorrectly offset from the clock time, as can be readily verified
by a looping back the FIPER to the external time stamp input.

Despite its name, setting the "Fiper Realignment Disable" bit seems to
fix the problem, at least on the P2020.

Also, following the example code from the Freescale BSP, it is not really
necessary to disable and re-enable the timer in order to reprogram the
FIPER. (The documentation is rather unclear on this point. It seems that
writing to the alarm register also disables the FIPER.)

Signed-off-by: Richard Cochran <richard.cochran@omicron.at>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoe1000e: alternate MAC address does not work on device id 0x1060
Bruce Allan [Fri, 22 Jul 2011 06:21:51 +0000 (06:21 +0000)]
e1000e: alternate MAC address does not work on device id 0x1060

commit c407bee8a56d874b91f3e4ee790660959ff1a25e upstream.

This issue is present all the way back to 2.6.34 kernels.

Signed-off-by: Bruce Allan <bruce.w.allan@intel.com>
Tested-by: Jeffrey Pieper <jeffrey.e.pieper@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoext4: Properly count journal credits for long symlinks
Eric Sandeen [Thu, 11 Aug 2011 14:54:31 +0000 (09:54 -0500)]
ext4: Properly count journal credits for long symlinks

commit 8c20871998c082f6fbc963f1449a5ba5140ee39a upstream.

Commit df5e6223407e ("ext4: fix deadlock in ext4_symlink() in ENOSPC
conditions") recalculated the number of credits needed for a long
symlink, in the process of splitting it into two transactions.  However,
the first credit calculation under-counted because if selinux is
enabled, credits are needed to create the selinux xattr as well.

Overrunning the reservation will result in an OOPS in
jbd2_journal_dirty_metadata() due to this assert:

  J_ASSERT_JH(jh, handle->h_buffer_credits > 0);

Fix this by increasing the reservation size.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Acked-by: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoext3: Properly count journal credits for long symlinks
Eric Sandeen [Thu, 11 Aug 2011 14:51:46 +0000 (09:51 -0500)]
ext3: Properly count journal credits for long symlinks

commit d2db60df1e7eb39cf0f378dfc4dd8813666d46ef upstream.

Commit ae54870a1dc9 ("ext3: Fix lock inversion in ext3_symlink()")
recalculated the number of credits needed for a long symlink, in the
process of splitting it into two transactions.  However, the first
credit calculation under-counted because if selinux is enabled, credits
are needed to create the selinux xattr as well.

Overrunning the reservation will result in an OOPS in
journal_dirty_metadata() due to this assert:

  J_ASSERT_JH(jh, handle->h_buffer_credits > 0);

Fix this by increasing the reservation size.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Acked-by: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agopowerpc: pseries: Fix kexec on machines with more than 4TB of RAM
Anton Blanchard [Tue, 26 Jul 2011 18:15:03 +0000 (18:15 +0000)]
powerpc: pseries: Fix kexec on machines with more than 4TB of RAM

commit bed9a31527af8ff3dfbad62a1a42815cef4baab7 upstream.

On a box with 8TB of RAM the MMU hashtable is 64GB in size. That
means we have 4G PTEs. pSeries_lpar_hptab_clear was using a signed
int to store the index which will overflow at 2G.

Signed-off-by: Anton Blanchard <anton@samba.org>
Acked-by: Michael Neuling <mikey@neuling.org>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agopowerpc: Fix device tree claim code
Anton Blanchard [Mon, 25 Jul 2011 20:47:07 +0000 (20:47 +0000)]
powerpc: Fix device tree claim code

commit 966728dd88b4026ec58fee169ccceaeaf56ef120 upstream.

I have a box that fails in OF during boot with:

DEFAULT CATCH!, exception-handler=fff00400
at   %SRR0: 49424d2c4c6f6768   %SRR1: 800000004000b002

ie "IBM,Logh". OF got corrupted with a device tree string.

Looking at make_room and alloc_up, we claim the first chunk (1 MB)
but we never claim any more. mem_end is always set to alloc_top
which is the top of our available address space, guaranteeing we will
never call alloc_up and claim more memory.

Also alloc_up wasn't setting alloc_bottom to the bottom of the
available address space.

This doesn't help the box to boot, but we at least fail with
an obvious error. We could relocate the device tree in a future
patch.

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agopowerpc/pseries: Fix kexec on recent firmware versions
Anton Blanchard [Mon, 25 Jul 2011 01:46:32 +0000 (01:46 +0000)]
powerpc/pseries: Fix kexec on recent firmware versions

commit b1301797f30370c430244979671978fc232f4533 upstream.

Recent versions of firmware will fail to unmap the virtual processor
area if we have a dispatch trace log registered. This causes kexec
to fail.

If a trace log is registered this patch unregisters it before the
SLB shadow and virtual processor areas, fixing the problem.

The address argument is ignored by firmware on unregister so we
may as well remove it.

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoeCryptfs: Return error when lower file pointer is NULL
Tyler Hicks [Fri, 5 Aug 2011 03:58:51 +0000 (22:58 -0500)]
eCryptfs: Return error when lower file pointer is NULL

commit f61500e000eedc0c7a0201200a7f00ba5529c002 upstream.

When an eCryptfs inode's lower file has been closed, and the pointer has
been set to NULL, return an error when trying to do a lower read or
write rather than calling BUG().

https://bugzilla.kernel.org/show_bug.cgi?id=37292

Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoEcryptfs: Add mount option to check uid of device being mounted = expect uid
John Johansen [Fri, 22 Jul 2011 15:14:15 +0000 (08:14 -0700)]
Ecryptfs: Add mount option to check uid of device being mounted = expect uid

commit 764355487ea220fdc2faf128d577d7f679b91f97 upstream.

Close a TOCTOU race for mounts done via ecryptfs-mount-private.  The mount
source (device) can be raced when the ownership test is done in userspace.
Provide Ecryptfs a means to force the uid check at mount time.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Fix build with DEBUG_PAGEALLOC enabled.
David S. Miller [Sat, 6 Aug 2011 12:26:35 +0000 (05:26 -0700)]
sparc: Fix build with DEBUG_PAGEALLOC enabled.

[ Upstream commit 0785a8e87be0202744d8681363aecbd4ffbb5f5a ]

arch/sparc/mm/init_64.c:1622:22: error: unused variable '__swapper_4m_tsb_phys_patch_end' [-Werror=unused-variable]
arch/sparc/mm/init_64.c:1621:22: error: unused variable '__swapper_4m_tsb_phys_patch' [-Werror=unused-variable]

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Size mondo queues more sanely.
David S. Miller [Fri, 5 Aug 2011 09:38:27 +0000 (02:38 -0700)]
sparc: Size mondo queues more sanely.

[ Upstream commit 961f65fc41cdc1f9099a6075258816c0db98e390 ]

There is currently no upper limit on the mondo queue sizes we'll use,
which guarentees that we'll eventually his page allocation limits, and
thus allocation failures, due to MAX_ORDER.

Cap the sizes sanely, current limits are:

CPU  MONDO 2 * max_possible_cpus
DEV  MONDO 256 (basically NR_IRQS)
RES  MONDO 128
NRES MONDO 4

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Access kernel TSB using physical addressing when possible.
David S. Miller [Fri, 5 Aug 2011 07:53:57 +0000 (00:53 -0700)]
sparc: Access kernel TSB using physical addressing when possible.

[ Upstream commit 9076d0e7e02b98f7a65df10d1956326c8d8ba61a ]

On sun4v this is basically required since we point the hypervisor and
the TSB walking hardware at these tables using physical addressing
too.

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Use popc when possible for ffs/__ffs/ffz.
David S. Miller [Wed, 3 Aug 2011 03:23:34 +0000 (20:23 -0700)]
sparc: Use popc when possible for ffs/__ffs/ffz.

[ Upstream commit 56d205cc5c0a3032a605121d4253e111193bf923 ]

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Set reboot-cmd using reboot data hypervisor call if available.
David S. Miller [Tue, 2 Aug 2011 06:27:17 +0000 (23:27 -0700)]
sparc: Set reboot-cmd using reboot data hypervisor call if available.

[ Upstream commit ea5e7447ea9d555558e0f13798f5143dd51a915a ]

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Add some missing hypervisor API groups.
David S. Miller [Tue, 2 Aug 2011 05:45:18 +0000 (22:45 -0700)]
sparc: Add some missing hypervisor API groups.

[ Upstream commit e2eb9f8158ead43a88c0f0b4d74257b1be938a18 ]

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Use hweight64() in popc emulation.
David S. Miller [Tue, 2 Aug 2011 02:41:12 +0000 (19:41 -0700)]
sparc: Use hweight64() in popc emulation.

[ Upstream commit d600cbed0fe8fceec04500824f638dfe4996c653 ]

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Use popc if possible for hweight routines.
David S. Miller [Fri, 29 Jul 2011 16:42:07 +0000 (09:42 -0700)]
sparc: Use popc if possible for hweight routines.

[ Upstream commit ef7c4d4675d2a9206f913f26ca1a5cd41bff9d41 ]

Just like powerpc, we code patch at boot time.

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Minor tweaks to Niagara page copy/clear.
David S. Miller [Tue, 2 Aug 2011 01:18:57 +0000 (18:18 -0700)]
sparc: Minor tweaks to Niagara page copy/clear.

[ Upstream commit e95ade083939dcb4b0c51c1a2c8504ea9ef3d6ef ]

Don't use floating point on Niagara2, use the traditional
plain Niagara code instead.

Unroll Niagara loops to 128 bytes for copy, and 256 bytes
for clear.

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Sanitize cpu feature detection and reporting.
David S. Miller [Fri, 29 Jul 2011 06:31:26 +0000 (23:31 -0700)]
sparc: Sanitize cpu feature detection and reporting.

[ Upstream commit ac85fe8b21248054851e05bfaa352562e5b06dd3 ]

Instead of evaluating the cpu features for ELF_HWCAP every exec,
calculate it once at boot time.

Add AV_SPARC_* capability flag bits, compatible with what Solaris
reports to applications.

Report these capabilities once in the kernel log, and also via
/proc/cpuinfo in a new "cpucaps" entry.

If available, fetch the cpu features from the machine description
'hwcap-list' property of the 'cpu' node.

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Detect and handle UltraSPARC-T3 cpu types.
David S. Miller [Thu, 28 Jul 2011 04:06:16 +0000 (21:06 -0700)]
sparc: Detect and handle UltraSPARC-T3 cpu types.

[ Upstream commit 4ba991d3eb379fbaa22049e7002341e97a673685 ]

The cpu compatible string we look for is "SPARC-T3".

As far as memset/memcpy optimizations go, we treat this chip the same
as Niagara-T2/T2+.  Use cache initializing stores for memset, and use
perfetch, FPU block loads, cache initializing stores, and block stores
for copies.

We use the Niagara-T2 perf support, since T3 is a close relative in
this regard.  Later we'll add support for the new events T3 can
report, plus enable T3's new "sample" mode.

For now I haven't added any new ELF hwcap flags.  We probably need
to add a couple, for example:

T2 and T3 both support the population count instruction in hardware.

T3 supports VIS3 instructions, including support (finally) for
partitioned shift.  One can also now move directly between float
and integer registers.

T3 supports instructions meant to help with Galois Field and other HPC
calculations, such as XOR multiply.  Also there are "OP and negate"
instructions, for example "fnmul" which is multiply-and-negate.

T3 recognizes the transactional memory opcodes, however since
transactional memory isn't supported: 1) 'commit' behaves as a NOP and
2) 'chkpt' always branches 3) 'rdcps' returns all zeros and 4) 'wrcps'
behaves as a NOP.

So we'll need about 3 new elf capability flags in the end to represent
all of these things.

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Don't do expensive hypervisor PCR write unless necessary.
David S. Miller [Thu, 28 Jul 2011 03:46:25 +0000 (20:46 -0700)]
sparc: Don't do expensive hypervisor PCR write unless necessary.

[ Upstream commit 314ff52727fe94dfbe07f3a9a489ab3ca8d8df5a ]

The hypervisor call is only necessary if hypervisor events are
being requested.

So if we're not tracking hypervisor events, simply do a direct
register write.

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Add T3 sun4v cpu type and hypervisor group defines.
David S. Miller [Thu, 28 Jul 2011 03:42:51 +0000 (20:42 -0700)]
sparc: Add T3 sun4v cpu type and hypervisor group defines.

[ Upstream commit 15e3608d7c273947dbf2eadbcaa66e51143928fb ]

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosparc: Don't leave sparc_pmu_type NULL on sun4v.
David S. Miller [Thu, 28 Jul 2011 03:25:57 +0000 (20:25 -0700)]
sparc: Don't leave sparc_pmu_type NULL on sun4v.

[ Upstream commit facfddef2c76110b8e321921f7e54518c3dd1579 ]

Otherwise we'll crash in the sparc perf init code.

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agompt2sas: Fixed Big Indian Issues on 32 bit PPC
Kashyap, Desai [Tue, 14 Jun 2011 05:24:56 +0000 (10:54 +0530)]
mpt2sas: Fixed Big Indian Issues on 32 bit PPC

commit c97951ec46d4b076c2236b77db34eeed6dddb8eb upstream.

This patch addresses many endian issues solved by runing sparse with the
option __CHECK_ENDIAN__ turned on.

Signed-off-by: Kashyap Desai <kashyap.desai@lsi.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Cc: David Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoiwlagn: 5000 do not support idle mode
Wey-Yi Guy [Tue, 9 Aug 2011 02:53:58 +0000 (20:53 -0600)]
iwlagn: 5000 do not support idle mode

commit f35291082294ca6737953bbe4e9491ede04ab822 upstream.

5000 series has issue supporting power save idle mode:
commit 9dc2153315650eae220898668b6aa56a25c130be

iwlwifi: always support idle mode for agn devices

For agn devices, always support idle mode which help power
consumption in idle unassociated state.

the above changes cause 5000 become not stable when power management is "on"

http://bugzilla.intellinuxwireless.org/show_bug.cgi?id=2312

Reported-by: Devin J. Pohly <djpohly+iwl@gmail.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Devin J. Pohly <djpohly+iwl@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agogre: fix improper error handling
xeb@mail.ru [Fri, 22 Jul 2011 20:49:40 +0000 (20:49 +0000)]
gre: fix improper error handling

[ Upstream commit 559fafb94ad9e4cd8774f39241917c57396f9fc5 ]

Fix improper protocol err_handler, current implementation is fully
unapplicable and may cause kernel crash due to double kfree_skb.

Signed-off-by: Dmitry Kozlov <xeb@mail.ru>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoipv4: use RT_TOS after some rt_tos conversions
Julian Anastasov [Sat, 23 Jul 2011 02:00:41 +0000 (02:00 +0000)]
ipv4: use RT_TOS after some rt_tos conversions

[ Upstream commit b0fe4a31849063fcac0bdc93716ca92615e93f57 ]

rt_tos was changed to iph->tos but it must be filtered by RT_TOS

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agonet: allow netif_carrier to be called safely from IRQ
stephen hemminger [Fri, 22 Jul 2011 12:53:56 +0000 (12:53 +0000)]
net: allow netif_carrier to be called safely from IRQ

[ Upstream commit 1821f7cd65ad9ea56580b830ac79bf4c4fef59cb ]

As reported by Ben Greer and Froncois Romieu. The code path in
the netif_carrier code leads it to try and disable
a late workqueue to reenable it immediately
netif_carrier_on
-> linkwatch_fire_event
   -> linkwatch_schedule_work
      -> cancel_delayed_work
         -> del_timer_sync

If __cancel_delayed_work is used instead then there is no
problem of waiting for running linkwatch_event.

There is a race between linkwatch_event running re-scheduling
but it is harmless to schedule an extra scan of the linkwatch queue.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agor8169: Add support for D-Link 530T rev C1 (Kernel Bug 38862)
Lennart Sorensen [Thu, 28 Jul 2011 13:18:11 +0000 (13:18 +0000)]
r8169: Add support for D-Link 530T rev C1 (Kernel Bug 38862)

[ Upstream commit 93a3aa25933461d76141179fc94aa32d5f9d954a ]

The D-Link DGE-530T rev C1 is a re-badged Realtek 8169 named DLG10028C,
unlike the previous revisions which were skge based.  It is probably
the same as the discontinued DGE-528T (0x4300) other than the PCI ID.

The PCI ID is 0x1186:0x4302.

Adding it to r8169.c where 0x1186:0x4300 is already found makes the card
be detected and work.

This fixes https://bugzilla.kernel.org/show_bug.cgi?id=38862

Signed-off-by: Len Sorensen <lsorense@csclub.uwaterloo.ca>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosis190: Rx filter init is needed for MAC address change.
Klement Fish [Thu, 28 Jul 2011 06:03:22 +0000 (06:03 +0000)]
sis190: Rx filter init is needed for MAC address change.

[ Upstream commit fe66101f14813b77d84f6450d51772a2af2b81a1 ]

Addresses https://bugzilla.kernel.org/show_bug.cgi?id=34552

Signed-off-by: Klement Fish <klement2@azet.sk>
Acked-by: Francois Romieu <romieu@fr.zoreil.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoxfrm: Fix key lengths for rfc3686(ctr(aes))
Tushar Gohad [Thu, 28 Jul 2011 10:36:20 +0000 (10:36 +0000)]
xfrm: Fix key lengths for rfc3686(ctr(aes))

[ Upstream commit 4203223a1aed862b4445fdcd260d6139603a51d9 ]

Fix the min and max bit lengths for AES-CTR (RFC3686) keys.
The number of bits in key spec is the key length (128/256)
plus 32 bits of nonce.

This change takes care of the "Invalid key length" errors
reported by setkey when specifying 288 bit keys for aes-ctr.

Signed-off-by: Tushar Gohad <tgohad@mvista.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoFix cdc-phonet build
Chris Clayton [Tue, 26 Jul 2011 12:20:22 +0000 (12:20 +0000)]
Fix cdc-phonet build

[ Upstream commit a0295a3b6775ab88f5883684e14bbda8d287822d ]

Try to send to correct address this time!

----------  Forwarded Message  ----------

Subject: [PATCH] Fix cdc-phonet build
Date: Saturday 23 Jul 2011
From: Chris Clayton <chris2553@googlemail.com>
To: linux-net@vger.kernel.org

cdc-phonet does not presently build on linux-3.0 because there is no entry for it in
drivers/net/Makefile. This patch adds that entry.

Signed-off-by: Chris Clayton <chris2553@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agobonding: fix string comparison errors
Andy Gospodarek [Tue, 26 Jul 2011 11:12:27 +0000 (11:12 +0000)]
bonding: fix string comparison errors

[ Upstream commit f4bb2e9c4fa9e5fdddf90589703613fd1a9c519f ]

When a bond contains a device where one name is the subset of another
(eth1 and eth10, for example), one cannot properly set the primary
device or the currently active device.

This was reported and based on work by Takuma Umeya.  I also verified
the problem and tested that this fix resolves it.

V2: A few did not like the the current code or my changes, so I
refactored bonding_store_primary and bonding_store_active_slave to be a
bit cleaner, dropped the use of strnicmp since we did not really need
the comparison to be case insensitive, and formatted the input string
from sysfs so a comparison to IFNAMSIZ could be used.

I also discovered an error in bonding_store_active_slave that would
modify bond->primary_slave rather than bond->curr_active_slave before
forcing the bonding driver to choose a new active slave.

V3: Actually sending the proper patch....

Signed-off-by: Andy Gospodarek <andy@greyhouse.net>
Reported-by: Takuma Umeya <tumeya@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agonet: Audit drivers to identify those needing IFF_TX_SKB_SHARING cleared
Neil Horman [Tue, 26 Jul 2011 06:05:38 +0000 (06:05 +0000)]
net: Audit drivers to identify those needing IFF_TX_SKB_SHARING cleared

[ Upstream commit 550fd08c2cebad61c548def135f67aba284c6162 ]

After the last patch, We are left in a state in which only drivers calling
ether_setup have IFF_TX_SKB_SHARING set (we assume that drivers touching real
hardware call ether_setup for their net_devices and don't hold any state in
their skbs.  There are a handful of drivers that violate this assumption of
course, and need to be fixed up.  This patch identifies those drivers, and marks
them as not being able to support the safe transmission of skbs by clearning the
IFF_TX_SKB_SHARING flag in priv_flags

Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
CC: Karsten Keil <isdn@linux-pingi.de>
CC: "David S. Miller" <davem@davemloft.net>
CC: Jay Vosburgh <fubar@us.ibm.com>
CC: Andy Gospodarek <andy@greyhouse.net>
CC: Patrick McHardy <kaber@trash.net>
CC: Krzysztof Halasa <khc@pm.waw.pl>
CC: "John W. Linville" <linville@tuxdriver.com>
CC: Greg Kroah-Hartman <gregkh@suse.de>
CC: Marcel Holtmann <marcel@holtmann.org>
CC: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agonet: add IFF_SKB_TX_SHARED flag to priv_flags
Neil Horman [Tue, 26 Jul 2011 06:05:37 +0000 (06:05 +0000)]
net: add IFF_SKB_TX_SHARED flag to priv_flags

[ Upstream commit d8873315065f1f527c7c380402cf59b1e1d0ae36 ]

Pktgen attempts to transmit shared skbs to net devices, which can't be used by
some drivers as they keep state information in skbs.  This patch adds a flag
marking drivers as being able to handle shared skbs in their tx path.  Drivers
are defaulted to being unable to do so, but calling ether_setup enables this
flag, as 90% of the drivers calling ether_setup touch real hardware and can
handle shared skbs.  A subsequent patch will audit drivers to ensure that the
flag is set properly

Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Reported-by: Jiri Pirko <jpirko@redhat.com>
CC: Robert Olsson <robert.olsson@its.uu.se>
CC: Eric Dumazet <eric.dumazet@gmail.com>
CC: Alexey Dobriyan <adobriyan@gmail.com>
CC: David S. Miller <davem@davemloft.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoIPv4: Send gratuitous ARP for secondary IP addresses also
Zoltan Kiss [Sun, 24 Jul 2011 13:09:30 +0000 (13:09 +0000)]
IPv4: Send gratuitous ARP for secondary IP addresses also

[ Upstream commit b76d0789c92a816a5539dc14232a700b8d62a53a ]

If a device event generates gratuitous ARP messages, only primary
address is used for sending. This patch iterates through the whole
list. Tested with 2 IP addresses configuration on bonding interface.

Signed-off-by: Zoltan Kiss <schaman@sch.bme.hu>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agosch_sfq: fix sfq_enqueue()
Eric Dumazet [Fri, 29 Jul 2011 19:22:42 +0000 (19:22 +0000)]
sch_sfq: fix sfq_enqueue()

[ Upstream commit e1738bd9cecc5c867b0e2996470c1ff20f66ba79 ]

commit 8efa88540635 (sch_sfq: avoid giving spurious NET_XMIT_CN signals)
forgot to call qdisc_tree_decrease_qlen() to signal upper levels that a
packet (from another flow) was dropped, leading to various problems.

With help from Michal Soltys and Michal Pokrywka, who did a bisection.

Bugzilla ref: https://bugzilla.kernel.org/show_bug.cgi?id=39372
Debian ref: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631945

Reported-by: Lucas Bocchi <lucas.bocchi@gmail.com>
Reported-and-bisected-by: Michal Pokrywka <wolfmoon@o2.pl>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
CC: Michal Soltys <soltys@ziu.info>
Acked-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodrivers/net/niu.c: adjust array index
Julia Lawall [Thu, 28 Jul 2011 02:46:03 +0000 (02:46 +0000)]
drivers/net/niu.c: adjust array index

[ Upstream commit 956837f7c954443f426a82ba6f17b33488cf9a0c ]

Convert array index from the loop bound to the loop index.

A simplified version of the semantic patch that fixes this problem is as
follows: (http://coccinelle.lip6.fr/)

// <smpl>
@@
expression e1,e2,ar;
@@

for(e1 = 0; e1 < e2; e1++) { <...
  ar[
- e2
+ e1
  ]
  ...> }
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agonet: adjust array index
Julia Lawall [Thu, 28 Jul 2011 02:46:01 +0000 (02:46 +0000)]
net: adjust array index

[ Upstream commit a1889c0d2039a53ae04abb9f20c62500bd312bf3 ]

Convert array index from the loop bound to the loop index.

A simplified version of the semantic patch that fixes this problem is as
follows: (http://coccinelle.lip6.fr/)

// <smpl>
@@
expression e1,e2,ar;
@@

for(e1 = 0; e1 < e2; e1++) { <...
  ar[
- e2
+ e1
  ]
  ...> }
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoIPVS: Free resources on module removal
Simon Horman [Thu, 19 May 2011 12:32:57 +0000 (21:32 +0900)]
IPVS: Free resources on module removal

[ Upstream commit 7676e345824f162191b1fe2058ad948a6cf91c20 ]

This resolves a panic on module removal.

Reported-by: Dave Jones <davej@redhat.com>
Acked-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoipv4: fix the reusing of routing cache entries
Julian Anastasov [Mon, 8 Aug 2011 05:20:20 +0000 (22:20 -0700)]
ipv4: fix the reusing of routing cache entries

[ Upstream commit d547f727df86059104af2234804fdd538e112015 ]

compare_keys and ip_route_input_common rely on
rt_oif for distinguishing of input and output routes
with same keys values. But sometimes the input route has
also same hash chain (keyed by iif != 0) with the output
routes (keyed by orig_oif=0). Problem visible if running
with small number of rhash_entries.

Fix them to use rt_route_iif instead. By this way
input route can not be returned to users that request
output route.

The patch fixes the ip_rt_bug errors that were
reported in ip_local_out context, mostly for 255.255.255.255
destinations.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoipv4: Constrain UFO fragment sizes to multiples of 8 bytes
Bill Sommerfeld [Tue, 19 Jul 2011 15:22:33 +0000 (15:22 +0000)]
ipv4: Constrain UFO fragment sizes to multiples of 8 bytes

[ Upstream commit d9be4f7a6f5a8da3133b832eca41c3591420b1ca ]

Because the ip fragment offset field counts 8-byte chunks, ip
fragments other than the last must contain a multiple of 8 bytes of
payload.  ip_ufo_append_data wasn't respecting this constraint and,
depending on the MTU and ip option sizes, could create malformed
non-final fragments.

Google-Bug-Id: 5009328
Signed-off-by: Bill Sommerfeld <wsommerfeld@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoicmp: Fix regression in nexthop resolution during replies.
David S. Miller [Fri, 22 Jul 2011 13:22:10 +0000 (06:22 -0700)]
icmp: Fix regression in nexthop resolution during replies.

[ Upstream commit 415b3334a21aa67806c52d1acf4e72e14f7f402f ]

icmp_route_lookup() uses the wrong flow parameters if the reverse
session route lookup isn't used.

So do not commit to the re-decoded flow until we actually make a
final decision to use a real route saved in 'rt2'.

Reported-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoipv6: make fragment identifications less predictable
Eric Dumazet [Tue, 9 Aug 2011 06:44:00 +0000 (23:44 -0700)]
ipv6: make fragment identifications less predictable

[ Backport of upstream commit 87c48fa3b4630905f98268dde838ee43626a060c ]

Fernando Gont reported current IPv6 fragment identification generation
was not secure, because using a very predictable system-wide generator,
allowing various attacks.

IPv4 uses inetpeer cache to address this problem and to get good
performance. We'll use this mechanism when IPv6 inetpeer is stable
enough in linux-3.1

For the time being, we use jhash on destination address to provide less
predictable identifications. Also remove a spinlock and use cmpxchg() to
get better SMP performance.

Reported-by: Fernando Gont <fernando@gont.com.ar>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoALSA: snd-usb: Accept UAC2 FORMAT_TYPE descriptors with bLength > 6
Clemens Ladisch [Thu, 4 Aug 2011 14:17:42 +0000 (16:17 +0200)]
ALSA: snd-usb: Accept UAC2 FORMAT_TYPE descriptors with bLength > 6

commit 824818b148db42173446707df4cbd61cd7133272 upstream.

The Focusrite Scarlett 18i6 USB has them that way, which is probably a
bug. Anyway, the driver should simply ignore this fact.

Signed-off-by: Daniel Mack <zonque@gmail.com>
Reported-by: Nicolai Krakowiak <nicolai.krakowiak@gmail.com>
Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoALSA: snd-usb: operate on given mixer interface only
Daniel Mack [Thu, 4 Aug 2011 13:56:28 +0000 (15:56 +0200)]
ALSA: snd-usb: operate on given mixer interface only

commit 1faa5d07a93fc5b0a4a5254fc940a79e20b55540 upstream.

When creating the mixers for an USB audio device, the current code looks
at the host interface stored in mixer->chip->ctrl_if. Change this and
rather keep a local pointer to the interface that was given when
snd_usb_create_mixer() was called.

Signed-off-by: Daniel Mack <zonque@gmail.com>
Reported-by: Nicolai Krakowiak <nicolai.krakowiak@gmail.com>
Reported-by: Lean-Yves LENHOF <jean-yves@lenhof.eu.org>
Acked-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoALSA: snd-usb: avoid dividing by zero on invalid input
Nicolai Krakowiak [Thu, 4 Aug 2011 13:56:27 +0000 (15:56 +0200)]
ALSA: snd-usb: avoid dividing by zero on invalid input

commit 60c961a9e1ed879a4d151df6076bf1203f595f73 upstream.

Signed-off-by: Nicolai Krakowiak <nicolai.krakowiak@gmail.com>
Acked-by: Daniel Mack <zonque@gmail.com>
Acked-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoALSA: snd-usb-caiaq: Fix keymap for RigKontrol3
Daniel Mack [Sat, 6 Aug 2011 07:13:08 +0000 (09:13 +0200)]
ALSA: snd-usb-caiaq: Fix keymap for RigKontrol3

commit f4389489b5cbe60b3441869c68bb4afe760969c4 upstream.

Signed-off-by: Daniel Mack <zonque@gmail.com>
Reported-by: Renato <naretobh@gmail.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoALSA: timer - Fix Oops at closing slave timer
Takashi Iwai [Mon, 8 Aug 2011 10:24:46 +0000 (12:24 +0200)]
ALSA: timer - Fix Oops at closing slave timer

commit 0584ffa548b6e59aceb027112f23a55f0133400e upstream.

A slave-timer instance has no timer reference, and this results in
NULL-dereference at stopping the timer, typically called at closing
the device.

Reference: https://bugzilla.kernel.org/show_bug.cgi?id=40682

Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoASoC: sgtl5000: fix cache handling
Wolfram Sang [Tue, 2 Aug 2011 17:42:19 +0000 (19:42 +0200)]
ASoC: sgtl5000: fix cache handling

commit 151798f872d6b386d82cd1707ad703e981fef8f2 upstream.

Cache handling in this driver is broken. The chip has 16-bit registers, yet the
register numbers also increase by 2 per register, i.e.  there are only
even-numbered registers. The cache in this driver, though, simply increments
register numbers, so it does need some mapping as seen in
sgtl5000_restore_regs(), note the '>> 1':

snd_soc_write(codec, SGTL5000_CHIP_LINREG_CTRL,
                        cache[SGTL5000_CHIP_LINREG_CTRL >> 1]);

That, of course, won't work with snd_soc_update_bits(). (Thus, we won't even
notice the missing register 0x1c in the default regs which shifted all follwing
registers to wrong values.) Noticed on the MX28EVK where enabling the regulators
simply locked up the chip.

Refactor the routines and use a properly sized default_regs array which matches
the register layout of the underlying chip, i.e. create a truly flat cache.
This also saves some code which should make up for the bigger array a little.
When soc-core will somewhen have another cache type which handles a step size,
this conversion will also ease the transition.

Signed-off-by: Wolfram Sang <w.sang@pengutronix.de>
Tested-by: Dong Aisheng <b29396@freescale.com>
Tested-by: Shawn Guo <shawn.guo@linaro.org>
Acked-by: Liam Girdwood <lrg@ti.com>
Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agocifs: convert prefixpath delimiters in cifs_build_path_to_root
Jeff Layton [Fri, 5 Aug 2011 14:28:01 +0000 (10:28 -0400)]
cifs: convert prefixpath delimiters in cifs_build_path_to_root

commit f9e8c45002cacad536b338dfa9e910e341a49c31 upstream.

Regression from 2.6.39...

The delimiters in the prefixpath are not being converted based on
whether posix paths are in effect. Fixes:

    https://bugzilla.redhat.com/show_bug.cgi?id=727834

Reported-and-Tested-by: Iain Arnell <iarnell@gmail.com>
Reported-by: Patrick Oltmann <patrick.oltmann@gmx.net>
Cc: Pavel Shilovsky <piastryyy@gmail.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agocifs: cope with negative dentries in cifs_get_root
Jeff Layton [Fri, 5 Aug 2011 13:02:40 +0000 (09:02 -0400)]
cifs: cope with negative dentries in cifs_get_root

commit 80975d21aae2136ccae1ce914a1602dc1d8b0795 upstream.

The loop around lookup_one_len doesn't handle the case where it might
return a negative dentry, which can cause an oops on the next pass
through the loop. Check for that and break out of the loop with an
error of -ENOENT if there is one.

Fixes the panic reported here:

    https://bugzilla.redhat.com/show_bug.cgi?id=727927

Reported-by: TR Bentley <home@trarbentley.net>
Reported-by: Iain Arnell <iarnell@gmail.com>
Cc: Al Viro <viro@ZenIV.linux.org.uk>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoCIFS: Fix missing a decrement of inFlight value
Pavel Shilovsky [Wed, 3 Aug 2011 19:12:18 +0000 (23:12 +0400)]
CIFS: Fix missing a decrement of inFlight value

commit 0193e072268fe62c4b19ad4b05cd0d4b23c43bb9 upstream.

if we failed on getting mid entry in cifs_call_async.

Signed-off-by: Pavel Shilovsky <piastryyy@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoasus-wmi: return proper value in store_cpufv()
Corentin Chary [Fri, 1 Jul 2011 09:34:38 +0000 (11:34 +0200)]
asus-wmi: return proper value in store_cpufv()

commit 3df5fdadf6400373a696bb14e27d4771e5f6afb3 upstream.

Signed-off-by: Corentin Chary <corentin.chary@gmail.com>
Signed-off-by: Matthew Garrett <mjg@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoasus-wmi: fix hwmon/pwm1
Corentin Chary [Fri, 1 Jul 2011 09:34:26 +0000 (11:34 +0200)]
asus-wmi: fix hwmon/pwm1

commit 49979d091d1847823c064301da1ec173619ddd92 upstream.

The code was completly broken, and should never had been sent
to the kernel. That's what happens when you write code without
hardware to test it.

Signed-off-by: Corentin Chary <corentin.chary@gmail.com>
Signed-off-by: Matthew Garrett <mjg@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agonet: Compute protocol sequence numbers and fragment IDs using MD5.
David S. Miller [Thu, 4 Aug 2011 03:50:44 +0000 (20:50 -0700)]
net: Compute protocol sequence numbers and fragment IDs using MD5.

Computers have become a lot faster since we compromised on the
partial MD4 hash which we use currently for performance reasons.

MD5 is a much safer choice, and is inline with both RFC1948 and
other ISS generators (OpenBSD, Solaris, etc.)

Furthermore, only having 24-bits of the sequence number be truly
unpredictable is a very serious limitation.  So the periodic
regeneration and 8-bit counter have been removed.  We compute and
use a full 32-bit sequence number.

For ipv6, DCCP was found to use a 32-bit truncated initial sequence
number (it needs 43-bits) and that is fixed here as well.

Reported-by: Dan Kaminsky <dan@doxpara.com>
Tested-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agocrypto: Move md5_transform to lib/md5.c
David S. Miller [Thu, 4 Aug 2011 02:45:10 +0000 (19:45 -0700)]
crypto: Move md5_transform to lib/md5.c

We are going to use this for TCP/IP sequence number and fragment ID
generation.

Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodrm/i915: Fixup for 'Hold mode_config->mutex during hotplug'
Keith Packard [Thu, 28 Jul 2011 22:31:19 +0000 (15:31 -0700)]
drm/i915: Fixup for 'Hold mode_config->mutex during hotplug'

commit 40ee3381dd1010432acc13e907329029096c5bfc upstream.

drm_helper_hpd_irq_event queues another work proc to go and deliver
the user-space event, and that function also wants to hold the config
mutex, so we shouldn't hold the mutex across the
drm_helper_hpd_irq_event call.

Signed-off-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodrm/i915: Hold mode_config->mutex during hotplug processing
Keith Packard [Mon, 25 Jul 2011 17:04:56 +0000 (10:04 -0700)]
drm/i915: Hold mode_config->mutex during hotplug processing

commit a65e34c79c88895766ab1f8a5afa451eed26622b upstream.

Hotplug detection is a mode setting operation and must hold the
struct_mutex or risk colliding with other mode setting operations.

In particular, the display port hotplug function attempts to re-train
the link if the monitor is supposed to be running when plugged back
in. If that happens while mode setting is underway, the link will get
scrambled, leaving it in an inconsistent state.

This is a special case -- usually the driver mode setting entry points
are covered by the upper level DRM code, but in this case the function
is invoked as a work function not under the control of DRM.

Signed-off-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Jesse Barnes <jbarnes@virtuousgeek.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodrm/i915: Initialize RCS ring status page address in intel_render_ring_init_dri
Keith Packard [Fri, 22 Jul 2011 17:44:39 +0000 (10:44 -0700)]
drm/i915: Initialize RCS ring status page address in intel_render_ring_init_dri

commit f3234706a77bd6e1592ae71fb3268e04cb030dba upstream.

Physically-addressed hardware status pages are initialized early in
the driver load process by i915_init_phys_hws. For UMS environments,
the ring structure is not initialized until the X server starts. At
that point, the entire ring structure is re-initialized with all new
values. Any values set in the ring structure (including
ring->status_page.page_addr) will be lost when the ring is
re-initialized.

This patch moves the initialization of the status_page.page_addr value
to intel_render_ring_init_dri.

Signed-off-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodrm/i915: Fix typo in DRM_I915_OVERLAY_PUT_IMAGE ioctl define
Ole Henrik Jahren [Fri, 22 Jul 2011 13:56:01 +0000 (15:56 +0200)]
drm/i915: Fix typo in DRM_I915_OVERLAY_PUT_IMAGE ioctl define

commit 842d452985300f4ec14c68cb86046e8a1a3b7251 upstream.

Because of a typo, calling ioctl with DRM_IOCTL_I915_OVERLAY_PUT_IMAGE
is broken if the macro is used directly. When using libdrm the bug is
not hit, since libdrm handles the ioctl encoding internally.

The typo also leads to the .cmd and .cmd_drv fields of the drm_ioctl
structure for DRM_I915_OVERLAY_PUT_IMAGE having inconsistent content.

Signed-off-by: Ole Henrik Jahren <olehenja@alumni.ntnu.no>
Acked-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Signed-off-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodrm/i915: load the LUT before pipe enable on ILK+
Jesse Barnes [Wed, 15 Jun 2011 21:32:33 +0000 (23:32 +0200)]
drm/i915: load the LUT before pipe enable on ILK+

commit 9c54c0dd948d715ccfd79e97d852f80eeb53254a upstream.

Per the specs and to address
https://bugs.freedesktop.org/show_bug.cgi?id=36888.

Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
Signed-off-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodrm/i915/pch: Fix integer math bugs in panel fitting
Adam Jackson [Wed, 13 Jul 2011 20:32:32 +0000 (16:32 -0400)]
drm/i915/pch: Fix integer math bugs in panel fitting

commit 302983e9059e9ef5de3ca7671918eeb237c5971e upstream.

Consider a 1600x900 panel, upscaling a 1360x768 mode, full-aspect.  The
old math would give you:

    scaled_width  = 1600 * 768;         /* 1228800 */
    scaled_height = 1360 * 900;         /* 1224000 */
    if (scaled_width > scaled_height) { /* pillarbox, and true */
        width  = 1224000 / 768;         /* int(1593.75) = 1593 */
        x      = (1600 - 1593 + 1) / 2; /* 4 */
        y      = 0;
        height = 768;
    } /* ... */

This is broken.  The total width of scanout would then be 1593 + 4 + 4,
or 1601, which is wider than the panel itself.  The hardware very
dutifully implements this, and you end up with a black 45° diagonal from
the top-left corner to the bottom edge of the screen.  It's a cool
effect and all, but not what you wanted.  Similar things happen for the
letterbox case.

The problem is that you have an integer number of pixels, which means
it's usually impossible to upscale equally on both axes.  1360/768 is
1.7708, 1600/900 is 1.7777.  Since we're constrained on the one axis,
the other one wants to come out as an even number of pixels (the panel
is almost certainly even on both axes, and the x/y offsets will be
applied on both sides).  In the math above, if 'width' comes out even,
rounding down is correct; if it's odd, you'd rather round up.  So just
increment width/height in those cases.

Tested on a Lenovo T500 (Ironlake).

Signed-off-by: Adam Jackson <ajax@redhat.com>
Tested-By: Daniel Manrique <daniel.manrique@canonical.com>
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=38851
Reviewed-by: Chris Wilson <chris@chris-wilson.co.uk>
Signed-off-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodrm/radeon: Log Subsystem Vendor and Device Information
Thomas Reim [Fri, 29 Jul 2011 14:28:59 +0000 (14:28 +0000)]
drm/radeon: Log Subsystem Vendor and Device Information

commit d522d9cc5bdd41214084383fc3e6d882f6916a78 upstream.

    Log PCI subsystem vendor and subsystem device ID in addition to
    PCI vendor and device ID during kernel mode initialisation. This helps
    to better identify radeon devices of third-party vendors, e. g. for
    bug analysis.

    Tested for kernel 2.6.35, 2.6.38 and 3.0 on Asus M2A-VM HDMI board

Signed-off-by: Thomas Reim <reimth@gmail.com>
Reviewed-by: Alex Deucher <alexdeucher@gmail.com>
Acked-by: Stephen Michaels <Stephen.Micheals@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodrm/radeon: Extended DDC Probing for ECS A740GM-M DVI-D Connector
Thomas Reim [Fri, 29 Jul 2011 14:29:00 +0000 (14:29 +0000)]
drm/radeon: Extended DDC Probing for ECS A740GM-M DVI-D Connector

commit a81b31e9fc98e067b7e7f1244861c97e44268e2d upstream.

   ECS A740GM-M with ATI RADEON 2100 sends data to i2c bus
   for a DVI connector that is not implemented/existent on the board.

   Fix by applying extented DDC probing for this connector.

   Requires [PATCH] drm/radeon: Extended DDC Probing for Connectors
   with Improperly Wired DDC Lines

   Tested for kernel 2.6.38 on Asus ECS A740GM-M board

BugLink: http://bugs.launchpad.net/bugs/810926
Signed-off-by: Thomas Reim <reimth@gmail.com>
Reviewed-by: Alex Deucher <alexdeucher@gmail.com>
Acked-by: Stephen Michaels <Stephen.Micheals@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodrm/radeon: Extended DDC Probing for Connectors with Improperly Wired DDC Lines ...
Thomas Reim [Fri, 29 Jul 2011 14:28:58 +0000 (14:28 +0000)]
drm/radeon: Extended DDC Probing for Connectors with Improperly Wired DDC Lines (here: Asus M2A-VM HDMI)

commit e384fab8c6f3ca88600bcb2ebdf0eb2f90864fab upstream.

    Some integrated ATI Radeon chipset implementations with add-on HDMI card
    (e. g. Asus M2A-VM HDMI) indicate the availability of a DDC even
    when the add-on card is not plugged in or HDMI is disabled in BIOS setup.
    In this case, drm_get_edid() and drm_edid_block_valid() periodically
    dump data and kernel errors into system log files and onto terminals.
    For these connectors DDC probing is extended by a check for a correct
    EDID header. Only in case a valid EDID header is also found, the
    (HDMI or DVI) connector will be used by the Radeon driver. This prevents
    the kernel driver from useless flooding of logs and terminal sessions with
    EDID dumps and error messages.
    This patch adds a flag 'requires_extended_probe' to the radeon_connector
    structure. In function radeon_connector_needs_extended_probe() this flag
    can be set on a chipset family/vendor/connector type specific basis.
    In addition, function radeon_ddc_probe() has been adapted to perform
    extended DDC probing if required by the connector's flag.
    Requires function drm_edid_header_is_valid() in DRM module provided by
    [PATCH] drm: Separate EDID Header Check from EDID Block Check.

    Tested for kernel 2.6.35, 2.6.38 and 3.0 on Asus M2A-VM HDMI board

BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=668196
BugLink: http://bugs.launchpad.net/bugs/7228066
Signed-off-by: Thomas Reim <reimth@gmail.com>
Reviewed-by: Alex Deucher <alexdeucher@gmail.com>
Acked-by: Stephen Michaels <Stephen.Micheals@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodrm: Separate EDID Header Check from EDID Block Check
Thomas Reim [Fri, 29 Jul 2011 14:28:57 +0000 (14:28 +0000)]
drm: Separate EDID Header Check from EDID Block Check

commit 051963d4832ed61e5ae74f5330b0a94489e101b9 upstream.

    Provides function drm_edid_header_is_valid() for EDID header check
    and replaces EDID header check part of function drm_edid_block_valid()
    by a call of drm_edid_header_is_valid().
    This is a prerequisite to extend DDC probing, e. g. in function
    radeon_ddc_probe() for Radeon devices, by a central EDID header check.

    Tested for kernel 2.6.35, 2.6.38 and 3.0

Signed-off-by: Thomas Reim <reimth@gmail.com>
Reviewed-by: Alex Deucher <alexdeucher@gmail.com>
Acked-by: Stephen Michaels <Stephen.Micheals@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoxen: allow enable use of VGA console on dom0
Jeremy Fitzhardinge [Tue, 31 May 2011 14:50:10 +0000 (10:50 -0400)]
xen: allow enable use of VGA console on dom0

commit c2419b4a4727f67af2fc2cd68b0d878b75e781bb upstream.

Get the information about the VGA console hardware from Xen, and put
it into the form the bootloader normally generates, so that the rest
of the kernel can deal with VGA as usual.

[ Impact: make VGA console work in dom0 ]

Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
[v1: Rebased on 2.6.39]
[v2: Removed incorrect comments and fixed compile warnings]
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agonet: Fix security_socket_sendmsg() bypass problem.
Tetsuo Handa [Thu, 4 Aug 2011 14:07:40 +0000 (14:07 +0000)]
net: Fix security_socket_sendmsg() bypass problem.

commit c71d8ebe7a4496fb7231151cb70a6baa0cb56f9a upstream.

The sendmmsg() introduced by commit 228e548e "net: Add sendmmsg socket system
call" is capable of sending to multiple different destination addresses.

SMACK is using destination's address for checking sendmsg() permission.
However, security_socket_sendmsg() is called for only once even if multiple
different destination addresses are passed to sendmmsg().

Therefore, we need to call security_socket_sendmsg() for each destination
address rather than only the first destination address.

Since calling security_socket_sendmsg() every time when only single destination
address was passed to sendmmsg() is a waste of time, omit calling
security_socket_sendmsg() unless destination address of previous datagram and
that of current datagram differs.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Acked-by: Anton Blanchard <anton@samba.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agonet: Cap number of elements for sendmmsg
Anton Blanchard [Thu, 4 Aug 2011 14:07:39 +0000 (14:07 +0000)]
net: Cap number of elements for sendmmsg

commit 98382f419f32d2c12d021943b87dea555677144b upstream.

To limit the amount of time we can spend in sendmmsg, cap the
number of elements to UIO_MAXIOV (currently 1024).

For error handling an application using sendmmsg needs to retry at
the first unsent message, so capping is simpler and requires less
application logic than returning EINVAL.

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agonet: sendmmsg should only return an error if no messages were sent
Anton Blanchard [Thu, 4 Aug 2011 14:07:38 +0000 (14:07 +0000)]
net: sendmmsg should only return an error if no messages were sent

commit 728ffb86f10873aaf4abd26dde691ee40ae731fe upstream.

sendmmsg uses a similar error return strategy as recvmmsg but it
turns out to be a confusing way to communicate errors.

The current code stores the error code away and returns it on the next
sendmmsg call. This means a call with completely valid arguments could
get an error from a previous call.

Change things so we only return an error if no datagrams could be sent.
If less than the requested number of messages were sent, the application
must retry starting at the first failed one and if the problem is
persistent the error will be returned.

This matches the behaviour of other syscalls like read/write - it
is not an error if less than the requested number of elements are sent.

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoath9k: skip ->config_pci_powersave() if PCIe port has ASPM disabled
Stanislaw Gruszka [Fri, 29 Jul 2011 13:59:08 +0000 (15:59 +0200)]
ath9k: skip ->config_pci_powersave() if PCIe port has ASPM disabled

commit d4930086bdd0c08a8b3a4d66a9c702297cb74a99 upstream.

We receive many bug reports about system hang during suspend/resume
when ath9k driver is in use. Adrian Chadd remarked that this problem
happens on systems that have ASPM disabled.

To do not hit the bug, skip doing ->config_pci_powersave magic if PCIe
downstream port device, which ath9k device is connected to, has ASPM
disabled.

Bug was introduced by:

commit 53bc7aa08b48e5cd745f986731cc7dc24eef2a9f
Author: Vivek Natarajan <vnatarajan@atheros.com>
Date:   Mon Apr 5 14:48:04 2010 +0530

    ath9k: Add support for newer AR9285 chipsets.

Patch should address:
https://bugzilla.kernel.org/show_bug.cgi?id=37462
https://bugzilla.kernel.org/show_bug.cgi?id=37082
https://bugzilla.redhat.com/show_bug.cgi?id=697157

however I did not receive confirmation about that, except from Camilo
Mesias, whose system stops hang regularly with this patch (but still
hangs from time to time, but this is probably some other bug).

Tested-by: Camilo Mesias <camilo@mesias.co.uk>
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoath9k: initialize tx chainmask before testing channel tx power values
Felix Fietkau [Wed, 27 Jul 2011 13:01:02 +0000 (15:01 +0200)]
ath9k: initialize tx chainmask before testing channel tx power values

commit c1227340ca65c2069222a956a68b6842d460c4f4 upstream.

With an uninitialized chainmask, the per-channel power will only contain
the power limits for a single chain instead of the combined tx power.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoiwlegacy: set tx power after rxon_assoc
Stanislaw Gruszka [Wed, 27 Jul 2011 13:37:43 +0000 (15:37 +0200)]
iwlegacy: set tx power after rxon_assoc

commit 17e859a899712d16c3e70b045d61ad9e02c53f8a upstream.

If settings of tx power was deferred during scan or changing channel we
have to setup them during commit rxon. Fix problem on 3945 (4965 already
has this fix).

Optimize code to apply tx settings only when tx power was actually
changed.

Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agortlwifi: Fix kernel oops on ARM SOC
Larry Finger [Fri, 29 Jul 2011 15:53:12 +0000 (10:53 -0500)]
rtlwifi: Fix kernel oops on ARM SOC

commit b6b67df3f24c45af0012ee3c8af2f62ca083ae18 upstream.

This driver uses information from the self member of the pci_bus struct to
get information regarding the bridge to which the PCIe device is attached.
Unfortunately, this member is not established on all architectures, which
leads to a kernel oops.

Skipping the entire block that uses the self member to determine the bridge
vendor will only affect RTL8192DE devices as that driver sets the ASPM support
flag differently when the bridge vendor is Intel. If the self member is
available, there is no functional change.

This patch fixes Bugzilla No. 40212.

Reported-by: Hubert Liao <liao.hubertt@gmail.com>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agort2x00: fix usage of NULL queue
Stanislaw Gruszka [Tue, 2 Aug 2011 11:29:02 +0000 (13:29 +0200)]
rt2x00: fix usage of NULL queue

commit 00898a47269ae5e6dda04defad00234b96692d95 upstream.

We may call rt2x00queue_pause_queue(queue) with queue == NULL. Bug
was introduced by commit 62fe778412b36791b7897cfa139342906fbbf07b
"rt2x00: Fix stuck queue in tx failure case" .

Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Acked-by: Ivo van Doorn <IvDoorn@gmail.com>
Acked-by: Gertjan van Wingerde <gwingerde@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agort2x00: rt2800: fix zeroing skb structure
Stanislaw Gruszka [Sat, 30 Jul 2011 11:32:56 +0000 (13:32 +0200)]
rt2x00: rt2800: fix zeroing skb structure

commit b52398b6e4522176dd125722c72c301015d24520 upstream.

We should clear skb->data not skb itself. Bug was introduced by:
commit 0b8004aa12d13ec750d102ba4082a95f0107c649 "rt2x00: Properly
reserve room for descriptors in skbs".

Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
Acked-by: Gertjan van Wingerde <gwingerde@gmail.com>
Acked-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agofix return type of __atomic64_add_return
John David Anglin [Sat, 11 Jun 2011 18:42:06 +0000 (14:42 -0400)]
fix return type of __atomic64_add_return

commit 548c210fbffdb008a80fa41ff0cb3965f185583d upstream.

The return type of __atomic64_add_return of should be s64 or long, not
int.  This fixes the atomic64 test failure that I previously reported.

Signed-off-by: John David Anglin <dave.anglin@nrc-cnrc.gc.ca>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoFix futex support
Carlos O'Donell [Fri, 8 Jul 2011 21:27:00 +0000 (17:27 -0400)]
Fix futex support

commit d9ba5fe76d604514444b1ea0a19f38c6196a46e3 upstream.

Implements futex op support and makes futex cmpxchg atomic.
Tested on 64-bit SMP kernel running on 2 x PA8700s.

[jejb: checkpatch fixes]
Signed-off-by: Carlos O'Donell <carlos@systemhalted.org>
Tested-by: John David Anglin <dave.anglin@bell.net>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agowire up sendmmsg syscall
James Bottomley [Fri, 29 Jul 2011 14:37:02 +0000 (18:37 +0400)]
wire up sendmmsg syscall

commit 205e9a2106b934ea39049bab28f0896c17a2cb30 upstream.

Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agofutex: Fix regression with read only mappings
Shawn Bohrer [Thu, 30 Jun 2011 16:21:32 +0000 (11:21 -0500)]
futex: Fix regression with read only mappings

commit 9ea71503a8ed9184d2d0b8ccc4d269d05f7940ae upstream.

commit 7485d0d3758e8e6491a5c9468114e74dc050785d (futexes: Remove rw
parameter from get_futex_key()) in 2.6.33 fixed two problems:  First, It
prevented a loop when encountering a ZERO_PAGE. Second, it fixed RW
MAP_PRIVATE futex operations by forcing the COW to occur by
unconditionally performing a write access get_user_pages_fast() to get
the page.  The commit also introduced a user-mode regression in that it
broke futex operations on read-only memory maps.  For example, this
breaks workloads that have one or more reader processes doing a
FUTEX_WAIT on a futex within a read only shared file mapping, and a
writer processes that has a writable mapping issuing the FUTEX_WAKE.

This fixes the regression for valid futex operations on RO mappings by
trying a RO get_user_pages_fast() when the RW get_user_pages_fast()
fails. This change makes it necessary to also check for invalid use
cases, such as anonymous RO mappings (which can never change) and the
ZERO_PAGE which the commit referenced above was written to address.

This patch does restore the original behavior with RO MAP_PRIVATE
mappings, which have inherent user-mode usage problems and don't really
make sense.  With this patch performing a FUTEX_WAIT within a RO
MAP_PRIVATE mapping will be successfully woken provided another process
updates the region of the underlying mapped file.  However, the mmap()
man page states that for a MAP_PRIVATE mapping:

  It is unspecified whether changes made to the file after
  the mmap() call are visible in the mapped region.

So user-mode users attempting to use futex operations on RO MAP_PRIVATE
mappings are depending on unspecified behavior.  Additionally a
RO MAP_PRIVATE mapping could fail to wake up in the following case.

  Thread-A: call futex(FUTEX_WAIT, memory-region-A).
            get_futex_key() return inode based key.
            sleep on the key
  Thread-B: call mprotect(PROT_READ|PROT_WRITE, memory-region-A)
  Thread-B: write memory-region-A.
            COW happen. This process's memory-region-A become related
            to new COWed private (ie PageAnon=1) page.
  Thread-B: call futex(FUETX_WAKE, memory-region-A).
            get_futex_key() return mm based key.
            IOW, we fail to wake up Thread-A.

Once again doing something like this is just silly and users who do
something like this get what they deserve.

While RO MAP_PRIVATE mappings are nonsensical, checking for a private
mapping requires walking the vmas and was deemed too costly to avoid a
userspace hang.

This Patch is based on Peter Zijlstra's initial patch with modifications to
only allow RO mappings for futex operations that need VERIFY_READ access.

Reported-by: David Oliver <david@rgmadvisors.com>
Signed-off-by: Shawn Bohrer <sbohrer@rgmadvisors.com>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Darren Hart <dvhart@linux.intel.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: peterz@infradead.org
Cc: eric.dumazet@gmail.com
Cc: zvonler@rgmadvisors.com
Cc: hughd@google.com
Link: http://lkml.kernel.org/r/1309450892-30676-1-git-send-email-sbohrer@rgmadvisors.com
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agocris: add missing declaration of kgdb_init() and breakpoint()
WANG Cong [Wed, 3 Aug 2011 23:21:15 +0000 (16:21 -0700)]
cris: add missing declaration of kgdb_init() and breakpoint()

commit 1646ec9db75e151b0479dbfaf972f741d0476ec7 upstream.

Fix:

  arch/cris/arch-v10/kernel/irq.c:239: error: implicit declaration of function 'kgdb_init'
  arch/cris/arch-v10/kernel/irq.c:240: error: implicit declaration of function 'breakpoint'

Declare these two functions.

Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agocris: fix the prototype of sync_serial_ioctl()
WANG Cong [Wed, 3 Aug 2011 23:21:14 +0000 (16:21 -0700)]
cris: fix the prototype of sync_serial_ioctl()

commit b4bc281266e84e9a432b588ebdcef5fb94dc8ecb upstream.

Fix:

  arch/cris/arch-v10/drivers/sync_serial.c:961: error: conflicting types for 'sync_serial_ioctl'

Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agocris: fix a build error in sync_serial_open()
WANG Cong [Wed, 3 Aug 2011 23:21:14 +0000 (16:21 -0700)]
cris: fix a build error in sync_serial_open()

commit 4b851d88192c22cf77418a0b4c45b5c789276837 upstream.

Fix:

  arch/cris/arch-v10/drivers/sync_serial.c:628: error: 'ret' undeclared (first use in this function)

'ret' should be 'err'.

Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agocris: fix a build error in kernel/fork.c
WANG Cong [Wed, 3 Aug 2011 23:21:12 +0000 (16:21 -0700)]
cris: fix a build error in kernel/fork.c

commit d4969213f9e75ec1bfa6ea65c279c64cab7d1bd6 upstream.

Fix this error:

  kernel/fork.c:267: error: implicit declaration of function 'alloc_thread_info_node'

This is due to renaming alloc_thread_info() to alloc_thread_info_node().

[akpm@linux-foundation.org: coding-style fixes]
Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoLinux 3.0.1 v3.0.1
Greg Kroah-Hartman [Fri, 5 Aug 2011 04:59:21 +0000 (21:59 -0700)]
Linux 3.0.1

13 years agodm: fix idr leak on module removal
Alasdair G Kergon [Tue, 2 Aug 2011 11:32:01 +0000 (12:32 +0100)]
dm: fix idr leak on module removal

commit d15b774c2920d55e3d58275c97fbe3adc3afde38 upstream.

Destroy _minor_idr when unloading the core dm module.  (Found by kmemleak.)

Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodm mpath: fix potential NULL pointer in feature arg processing
Mike Snitzer [Tue, 2 Aug 2011 11:32:00 +0000 (12:32 +0100)]
dm mpath: fix potential NULL pointer in feature arg processing

commit 286f367dad40beb3234a18c17391d03ba939a7f3 upstream.

Avoid dereferencing a NULL pointer if the number of feature arguments
supplied is fewer than indicated.

Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodm snapshot: flush disk cache when merging
Mikulas Patocka [Tue, 2 Aug 2011 11:32:00 +0000 (12:32 +0100)]
dm snapshot: flush disk cache when merging

commit 762a80d9fc9f690a3a35983f3b4619a220650808 upstream.

This patch makes dm-snapshot flush disk cache when writing metadata for
merging snapshot.

Without cache flushing the disk may reorder metadata write and other
data writes and there is a possibility of data corruption in case of
power fault.

Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agodm io: flush cpu cache with vmapped io
Mikulas Patocka [Tue, 2 Aug 2011 11:32:01 +0000 (12:32 +0100)]
dm io: flush cpu cache with vmapped io

commit bb91bc7bacb906c9f3a9b22744c53fa7564b51ba upstream.

For normal kernel pages, CPU cache is synchronized by the dma layer.
However, this is not done for pages allocated with vmalloc. If we do I/O
to/from vmallocated pages, we must synchronize CPU cache explicitly.

Prior to doing I/O on vmallocated page we must call
flush_kernel_vmap_range to flush dirty cache on the virtual address.
After finished read we must call invalidate_kernel_vmap_range to
invalidate cache on the virtual address, so that accesses to the virtual
address return newly read data and not stale data from CPU cache.

This patch fixes metadata corruption on dm-snapshots on PA-RISC and
possibly other architectures with caches indexed by virtual address.

Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoALSA: sound/core/pcm_compat.c: adjust array index
Julia Lawall [Thu, 28 Jul 2011 12:46:05 +0000 (14:46 +0200)]
ALSA: sound/core/pcm_compat.c: adjust array index

commit ca9380fd68514c7bc952282c1b4fc70607e9fe43 upstream.

Convert array index from the loop bound to the loop index.

A simplified version of the semantic patch that fixes this problem is as
follows: (http://coccinelle.lip6.fr/)

// <smpl>
@@
expression e1,e2,ar;
@@

for(e1 = 0; e1 < e2; e1++) { <...
  ar[
- e2
+ e1
  ]
  ...> }
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agowatchdog: shwdt: fix usage of mod_timer
David Engraf [Wed, 20 Jul 2011 13:03:39 +0000 (15:03 +0200)]
watchdog: shwdt: fix usage of mod_timer

commit bea1906620ce72b63f83735c4cc2642b25ec54ae upstream.

Fix the usage of mod_timer() and make the driver usable. mod_timer() must
be called with an absolute timeout in jiffies. The old implementation
used a relative timeout thus the hardware watchdog was never triggered.

Signed-off-by: David Engraf <david.engraf@sysgo.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Signed-off-by: Wim Van sebroeck <wim@iguana.be>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoGFS2: Fix mount hang caused by certain access pattern to sysfs files
Steven Whitehouse [Tue, 26 Jul 2011 08:15:45 +0000 (09:15 +0100)]
GFS2: Fix mount hang caused by certain access pattern to sysfs files

commit 19237039919088781b4191a00bdc1284d8fea1dd upstream.

Depending upon the order of userspace/kernel during the
mount process, this can result in a hang without the
_all version of the completion.

Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agort2x00: Add device ID for RT539F device.
Gertjan van Wingerde [Wed, 6 Jul 2011 20:58:55 +0000 (22:58 +0200)]
rt2x00: Add device ID for RT539F device.

commit 71e0b38c2914018b01f3f08b43ee9e3328197699 upstream.

Reported-by: Wim Vander Schelden <wim@fixnum.org>
Signed-off-by: Gertjan van Wingerde <gwingerde@gmail.com>
Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agooom: task->mm == NULL doesn't mean the memory was freed
Oleg Nesterov [Sat, 30 Jul 2011 14:35:02 +0000 (16:35 +0200)]
oom: task->mm == NULL doesn't mean the memory was freed

commit c027a474a68065391c8773f6e83ed5412657e369 upstream.

exit_mm() sets ->mm == NULL then it does mmput()->exit_mmap() which
frees the memory.

However select_bad_process() checks ->mm != NULL before TIF_MEMDIE,
so it continues to kill other tasks even if we have the oom-killed
task freeing its memory.

Change select_bad_process() to check ->mm after TIF_MEMDIE, but skip
the tasks which have already passed exit_notify() to ensure a zombie
with TIF_MEMDIE set can't block oom-killer. Alternatively we could
probably clear TIF_MEMDIE after exit_mmap().

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoAppArmor: Fix masking of capabilities in complain mode
John Johansen [Sat, 25 Jun 2011 15:57:07 +0000 (16:57 +0100)]
AppArmor: Fix masking of capabilities in complain mode

commit 25e75dff519bcce2cb35023105e7df51d7b9e691 upstream.

AppArmor is masking the capabilities returned by capget against the
capabilities mask in the profile.  This is wrong, in complain mode the
profile has effectively all capabilities, as the profile restrictions are
not being enforced, merely tested against to determine if an access is
known by the profile.

This can result in the wrong behavior of security conscience applications
like sshd which examine their capability set, and change their behavior
accordingly.  In this case because of the masked capability set being
returned sshd fails due to DAC checks, even when the profile is in complain
mode.

Kernels affected: 2.6.36 - 3.0.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoAppArmor: Fix reference to rcu protected pointer outside of rcu_read_lock
John Johansen [Tue, 28 Jun 2011 14:06:38 +0000 (15:06 +0100)]
AppArmor: Fix reference to rcu protected pointer outside of rcu_read_lock

commit 04fdc099f9c80c7775dbac388fc97e156d4d47e7 upstream.

The pointer returned from tracehook_tracer_task() is only valid inside
the rcu_read_lock.  However the tracer pointer obtained is being passed
to aa_may_ptrace outside of the rcu_read_lock critical section.

Mover the aa_may_ptrace test into the rcu_read_lock critical section, to
fix this.

Kernels affected: 2.6.36 - 3.0

Reported-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agoipc/sem.c: fix race with concurrent semtimedop() timeouts and IPC_RMID
Manfred Spraul [Tue, 26 Jul 2011 00:11:47 +0000 (17:11 -0700)]
ipc/sem.c: fix race with concurrent semtimedop() timeouts and IPC_RMID

commit d694ad62bf539dbb20a0899ac2a954555f9e4a83 upstream.

If a semaphore array is removed and in parallel a sleeping task is woken
up (signal or timeout, does not matter), then the woken up task does not
wait until wake_up_sem_queue_do() is completed.  This will cause crashes,
because wake_up_sem_queue_do() will read from a stale pointer.

The fix is simple: Regardless of anything, always call get_queue_result().
This function waits until wake_up_sem_queue_do() has finished it's task.

Addresses https://bugzilla.kernel.org/show_bug.cgi?id=27142

Reported-by: Yuriy Yevtukhov <yuriy@ucoz.com>
Reported-by: Harald Laabs <kernel@dasr.de>
Signed-off-by: Manfred Spraul <manfred@colorfullife.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 years agohvc_console: Improve tty/console put_chars handling
Hendrik Brueckner [Tue, 5 Jul 2011 21:50:18 +0000 (21:50 +0000)]
hvc_console: Improve tty/console put_chars handling

commit 8c2381af0d3ef62a681dac5a141b6dabb27bf2e1 upstream.

Currently, the hvc_console_print() function drops console output if the
hvc backend's put_chars() returns 0.  This patch changes this behavior
to allow a retry through returning -EAGAIN.

This change also affects the hvc_push() function.  Both functions are
changed to handle -EAGAIN and to retry the put_chars() operation.

If a hvc backend returns -EAGAIN, the retry handling differs:

  - hvc_console_print() spins to write the complete console output.
  - hvc_push() behaves the same way as for returning 0.

Now hvc backends can indirectly control the way how console output is
handled through the hvc console layer.

Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com>
Acked-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>