29 May, 2012
2 commits
-
On systems based on chip select rows, all channels need to use memories
with the same properties, otherwise the memories on channels A and B
won't be recognized.However, such assumption is not true for all types of memory
controllers.Controllers for FB-DIMM's don't have such requirements.
Also, modern Intel controllers seem to be capable of handling such
differences.So, we need to get rid of storing the DIMM information into a per-csrow
data, storing it, instead at the right place.The first step is to move grain, mtype, dtype and edac_mode to the
per-dimm struct.Reviewed-by: Aristeu Rozanski
Reviewed-by: Borislav Petkov
Acked-by: Chris Metcalf
Cc: Doug Thompson
Cc: Borislav Petkov
Cc: Mark Gross
Cc: Jason Uhlenkott
Cc: Tim Small
Cc: Ranganathan Desikan
Cc: "Arvind R."
Cc: Olof Johansson
Cc: Egor Martovetsky
Cc: Michal Marek
Cc: Jiri Kosina
Cc: Joe Perches
Cc: Dmitry Eremin-Solenikov
Cc: Benjamin Herrenschmidt
Cc: Hitoshi Mitake
Cc: Andrew Morton
Cc: James Bottomley
Cc: "Niklas Söderlund"
Cc: Shaohui Xie
Cc: Josh Boyer
Cc: Mike Williams
Cc: linuxppc-dev@lists.ozlabs.org
Signed-off-by: Mauro Carvalho Chehab -
The way a DIMM is currently represented implies that they're
linked into a per-csrow struct. However, some drivers don't see
csrows, as they're ridden behind some chip like the AMB's
on FBDIMM's, for example.This forced drivers to fake^Wvirtualize a csrow struct, and to create
a mess under csrow/channel original's concept.Move the DIMM labels into a per-DIMM struct, and add there
the real location of the socket, in terms of csrow/channel.
Latter patches will modify the location to properly represent the
memory architecture.All other drivers will use a per-csrow type of location.
Some of those drivers will require a latter conversion, as
they also fake the csrows internally.TODO: While this patch doesn't change the existing behavior, on
csrows-based memory controllers, a csrow/channel pair points to a memory
rank. There's a known bug at the EDAC core that allows having different
labels for the same DIMM, if it has more than one rank. A latter patch
is need to merge the several ranks for a DIMM into the same dimm_info
struct, in order to avoid having different labels for the same DIMM.The edac_mc_alloc() will now contain a per-dimm initialization loop that
will be changed by latter patches in order to match other types of
memory architectures.Reviewed-by: Aristeu Rozanski
Reviewed-by: Borislav Petkov
Cc: Doug Thompson
Cc: Ranganathan Desikan
Cc: "Arvind R."
Cc: "Niklas Söderlund"
Signed-off-by: Mauro Carvalho Chehab
20 May, 2012
1 commit
-
Pull block layer fixes from Jens Axboe:
"A few small, but important fixes. Most of them are marked for stable
as well- Fix failure to release a semaphore on error path in mtip32xx.
- Fix crashable condition in bio_get_nr_vecs().
- Don't mark end-of-disk buffers as mapped, limit it to i_size.
- Fix for build problem with CONFIG_BLOCK=n on arm at least.
- Fix for a buffer overlow on UUID partition printing.
- Trivial removal of unused variables in dac960."* 'for-linus' of git://git.kernel.dk/linux-block:
block: fix buffer overflow when printing partition UUIDs
Fix blkdev.h build errors when BLOCK=n
bio allocation failure due to bio_get_nr_vecs()
block: don't mark buffers beyond end of disk as mapped
mtip32xx: release the semaphore on an error path
dac960: Remove unused variables from DAC960_CreateProcEntries()
18 May, 2012
1 commit
-
…-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull perf, x86 and scheduler updates from Ingo Molnar.
* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
tracing: Do not enable function event with enable
perf stat: handle ENXIO error for perf_event_open
perf: Turn off compiler warnings for flex and bison generated files
perf stat: Fix case where guest/host monitoring is not supported by kernel
perf build-id: Fix filename size calculation* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86, kvm: KVM paravirt kernels don't check for CPUID being unavailable
x86: Fix section annotation of acpi_map_cpu2node()
x86/microcode: Ensure that module is only loaded on supported Intel CPUs* 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
sched: Fix KVM and ia64 boot crash due to sched_groups circular linked list assumption
17 May, 2012
2 commits
-
Pull networking tree from David Miller:
1) ptp_pch driver build broke during this merge window due to missing
slab.h header, fix from Geery Uytterhoeven.2) If ipset passes in a bogus hash table size we crash because the size
is not validated properly. Compounding this, gcc-4.7 can miscompile
ipset such that even when the user specifies legitimate parameters
the tool passes in an out-of-range size to the kernel.Fix from Jozsef Kadlecsik.
3) Users have reported that the netdev watchdog can trigger with pch_gbe
devices, and it turns out this is happening because of races in the
TX path of the driver leading to the transmitter hanging. Fix from
Eric Dumazet, reported and tested by Andy Cress.4) Novatel USB551L devices match the generic class entries for the cdc
ethernet USB driver, but they don't work because they have generic
descriptors and thus need FLAG_WWAN to function properly.Add the necessary ID table entry to fix this, from Dan Williams.
5) A recursive locking fix in the USBNET driver added a new problem, in
that packet list traversal is now racy and we can thus access
unlinked SKBs and crash.Avoid this situation by adding some extra state tracking, from Ming
Lei.6) The rtlwifi conversion to asynchronous firmware loading is racy, fix
by reordering the probe procedure. From Larry Finger.Fixes: https://bugzilla.kernel.org/show_bug.cgi?id=43187
7) Fix regressions with bluetooth keyboards by notifying userland
properly when the security level changes, from Gustavo Padovan.8) Bluetooth needs to make sure device connected events are emitted
before other kinds of events, otherwise userspace will think there is
no baseband link yet and therefore abort the sockets associated with
that connection.* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
netfilter: ipset: fix hash size checking in kernel
ptp_pch: Add missing #include
pch_gbe: fix transmit races
cdc_ether: add Novatel USB551L device IDs for FLAG_WWAN
usbnet: fix skb traversing races during unlink(v2)
Bluetooth: mgmt: Fix device_connected sending order
Bluetooth: notify userspace of security level change
rtlwifi: fix for race condition when firmware is cached -
The hash size must fit both into u32 (jhash) and the max value of
size_t. The missing checking could lead to kernel crash, bug reported
by Seblu.Signed-off-by: Jozsef Kadlecsik
Signed-off-by: Pablo Neira Ayuso
Signed-off-by: David S. Miller
16 May, 2012
3 commits
-
John Linville says:
Here are three more fixes that some of my developers are desperate to
see included in 3.4...Johan Hedberg went to some length justifyng the inclusion of these two
Bluetooth fixes:"The device_connected fix should be quite self-explanatory, but it's
actually a wider issue than just for keyboards. All profiles that do
incoming connection authorization (e.g. headsets) will break without it
with specific hardware. The reason it wasn't caught earlier is that it
only occurs with specific Bluetooth adapters.As for the security level patch, this fixes L2CAP socket based security
level elevation during a connection. The HID profile needs this (for
keyboards) and it is the only way to achieve the security level
elevation when using the management interface to talk to the kernel
(hence the management enabling patch being the one that exposes this"The rtlwifi fix addresses a regression related to firmware loading,
as described in kernel.org bug 43187. It basically just moves a hunk
of code to a more appropriate place.Signed-off-by: David S. Miller
-
…wireless into for-davem
-
Commit 4231d47e6fe69f061f96c98c30eaf9fb4c14b96d(net/usbnet: avoid
recursive locking in usbnet_stop()) fixes the recursive locking
problem by releasing the skb queue lock before unlink, but may
cause skb traversing races:
- after URB is unlinked and the queue lock is released,
the refered skb and skb->next may be moved to done queue,
even be released
- in skb_queue_walk_safe, the next skb is still obtained
by next pointer of the last skb
- so maybe trigger oops or other problemsThis patch extends the usage of entry->state to describe 'start_unlink'
state, so always holding the queue(rx/tx) lock to change the state if
the referd skb is in rx or tx queue because we need to know if the
refered urb has been started unlinking in unlink_urbs.The other part of this patch is based on Huajun's patch:
always traverse from head of the tx/rx queue to get skb which is
to be unlinked but not been started unlinking.Signed-off-by: Huajun Li
Signed-off-by: Ming Lei
Cc: Oliver Neukum
Cc: stable@kernel.org
Signed-off-by: David S. Miller
15 May, 2012
3 commits
-
6d1d8050b4bc8 "block, partition: add partition_meta_info to hd_struct"
added part_unpack_uuid() which assumes that the passed in buffer has
enough space for sprintfing "%pU" - 37 characters including '\0'.Unfortunately, b5af921ec0233 "init: add support for root devices
specified by partition UUID" supplied 33 bytes buffer to the function
leading to the following panic with stackprotector enabled.Kernel panic - not syncing: stack-protector: Kernel stack corrupted in: ffffffff81b14c7e
[] panic+0xba/0x1c6
[] ? printk_all_partitions+0x259/0x26xb
[] __stack_chk_fail+0x1b/0x20
[] printk_all_paritions+0x259/0x26xb
[] mount_block_root+0x1bc/0x27f
[] mount_root+0x57/0x5b
[] prepare_namespace+0x13d/0x176
[] ? release_tgcred.isra.4+0x330/0x30
[] kernel_init+0x155/0x15a
[] ? schedule_tail+0x27/0xb0
[] kernel_thread_helper+0x5/0x10
[] ? start_kernel+0x3c5/0x3c5
[] ? gs_change+0x13/0x13Increase the buffer size, remove the dangerous part_unpack_uuid() and
use snprintf() directly from printk_all_partitions().Signed-off-by: Tejun Heo
Reported-by: Szymon Gruszczynski
Cc: Will Drewry
Cc: stable@vger.kernel.org
Signed-off-by: Jens Axboe -
Pull media fixes from Mauro Carvalho Chehab:
"For a some fix patches for v3.4, including a regression fix at DVB core"Fix up trivial conflicts in Documentation/feature-removal-schedule.txt
* 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media:
[media] gspca - sonixj: Fix a zero divide in isoc interrupt
[media] media: videobuf2-dma-contig: include header for exported symbols
[media] media: videobuf2-dma-contig: quiet sparse noise about plain integer as NULL pointer
[media] media: vb2-memops: Export vb2_get_vma symbol
[media] s5p-fimc: Correct memory allocation for VIDIOC_CREATE_BUFS
[media] s5p-fimc: Fix locking in subdev set_crop op
[media] dvb_frontend: fix a regression with DVB-S zig-zag
[media] fintek-cir: change || to &&
[media] V4L: Schedule V4L2_CID_HCENTER, V4L2_CID_VCENTER controls for removal
[media] rc: Postpone ISR registration
[media] marvell-cam: fix an ARM build error
[media] V4L: soc-camera: protect hosts during probing from overzealous user-space -
It fixes L2CAP socket based security level elevation during a
connection. The HID profile needs this (for keyboards) and it is the only
way to achieve the security level elevation when using the management
interface to talk to the kernel (hence the management enabling patch
being the one that exposes this issue).It enables the userspace a security level change when the socket is
already connected and create a way to notify the socket the result of the
request. At the moment of the request the socket is made non writable, if
the request fails the connections closes, otherwise the socket is made
writable again, POLL_OUT is emmited.Signed-off-by: Gustavo Padovan
Acked-by: Marcel Holtmann
Signed-off-by: Johan Hedberg
Signed-off-by: John W. Linville
14 May, 2012
1 commit
-
I see builds failing with:
CC [M] drivers/mmc/host/dw_mmc.o
In file included from drivers/mmc/host/dw_mmc.c:15:
include/linux/blkdev.h:1404: warning: 'struct task_struct' declared inside parameter list
include/linux/blkdev.h:1404: warning: its scope is only this definition or declaration, which is probably not what you want
include/linux/blkdev.h:1408: warning: 'struct task_struct' declared inside parameter list
include/linux/blkdev.h:1413: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'blk_needs_flush_plug'
make[4]: *** [drivers/mmc/host/dw_mmc.o] Error 1This is because dw_mmc.c includes linux/blkdev.h as the very first file,
and when CONFIG_BLOCK=n, blkdev.h omits all includes.As it requires linux/sched.h even when CONFIG_BLOCK=n, move this out of
the #ifdef.Signed-off-by: Russell King
Signed-off-by: Jens Axboe
13 May, 2012
1 commit
-
Pull networking fixes from David S. Miller:
1) Since we do RCU lookups on ipv4 FIB entries, we have to test if the
entry is dead before returning it to our caller.2) openvswitch locking and packet validation fixes from Ansis Atteka,
Jesse Gross, and Pravin B Shelar.3) Fix PM resume locking in IGB driver, from Benjamin Poirier.
4) Fix VLAN header handling in vhost-net and macvtap, from Basil Gor.
5) Revert a bogus network namespace isolation change that was causing
regressions on S390 networking devices.6) If bonding decides to process and handle a LACPDU frame, we
shouldn't bump the rx_dropped counter. From Jiri Bohac.7) Fix mis-calculation of available TX space in r8169 driver when doing
TSO, which can lead to crashes and/or hung device. From Julien
Ducourthial.8) SCTP does not validate cached routes properly in all cases, from
Nicolas Dichtel.9) Link status interrupt needs to be handled in ks8851 driver, from
Stephen Boyd.10) Use capable(), not cap_raised(), in connector/userns netlink code.
From Eric W. Biederman via Andrew Morton.11) Fix pktgen OOPS on module unload, from Eric Dumazet.
12) iwlwifi under-estimates SKB truesizes, also from Eric Dumazet.
13) Cure division by zero in SFC driver, from Ben Hutchings.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (26 commits)
ks8851: Update link status during link change interrupt
macvtap: restore vlan header on user read
vhost-net: fix handle_rx buffer size
bonding: don't increase rx_dropped after processing LACPDUs
connector/userns: replace netlink uses of cap_raised() with capable()
sctp: check cached dst before using it
pktgen: fix crash at module unload
Revert "net: maintain namespace isolation between vlan and real device"
ehea: fix losing of NEQ events when one event occurred early
igb: fix rtnl race in PM resume path
ipv4: Do not use dead fib_info entries.
r8169: fix unsigned int wraparound with TSO
sfc: Fix division by zero when using one RX channel and no SR-IOV
openvswitch: Validation of IPv6 set port action uses IPv4 header
net: compare_ether_addr[_64bits]() has no ordering
cdc_ether: Ignore bogus union descriptor for RNDIS devices
bnx2x: bug fix when loading after SAN boot
e1000: Silence sparse warnings by correcting type
igb, ixgbe: netdev_tx_reset_queue incorrectly called from tx init path
openvswitch: Release rtnl_lock if ovs_vport_cmd_build_info() failed.
...
11 May, 2012
4 commits
-
Hi,
We have a bug report open where a squashfs image mounted on ppc64 would
exhibit errors due to trying to read beyond the end of the disk. It can
easily be reproduced by doing the following:[root@ibm-p750e-02-lp3 ~]# ls -l install.img
-rw-r--r-- 1 root root 142032896 Apr 30 16:46 install.img
[root@ibm-p750e-02-lp3 ~]# mount -o loop ./install.img /mnt/test
[root@ibm-p750e-02-lp3 ~]# dd if=/dev/loop0 of=/dev/null
dd: reading `/dev/loop0': Input/output error
277376+0 records in
277376+0 records out
142016512 bytes (142 MB) copied, 0.9465 s, 150 MB/sIn dmesg, you'll find the following:
squashfs: version 4.0 (2009/01/31) Phillip Lougher
[ 43.106012] attempt to access beyond end of device
[ 43.106029] loop0: rw=0, want=277410, limit=277408
[ 43.106039] Buffer I/O error on device loop0, logical block 138704
[ 43.106053] attempt to access beyond end of device
[ 43.106057] loop0: rw=0, want=277412, limit=277408
[ 43.106061] Buffer I/O error on device loop0, logical block 138705
[ 43.106066] attempt to access beyond end of device
[ 43.106070] loop0: rw=0, want=277414, limit=277408
[ 43.106073] Buffer I/O error on device loop0, logical block 138706
[ 43.106078] attempt to access beyond end of device
[ 43.106081] loop0: rw=0, want=277416, limit=277408
[ 43.106085] Buffer I/O error on device loop0, logical block 138707
[ 43.106089] attempt to access beyond end of device
[ 43.106093] loop0: rw=0, want=277418, limit=277408
[ 43.106096] Buffer I/O error on device loop0, logical block 138708
[ 43.106101] attempt to access beyond end of device
[ 43.106104] loop0: rw=0, want=277420, limit=277408
[ 43.106108] Buffer I/O error on device loop0, logical block 138709
[ 43.106112] attempt to access beyond end of device
[ 43.106116] loop0: rw=0, want=277422, limit=277408
[ 43.106120] Buffer I/O error on device loop0, logical block 138710
[ 43.106124] attempt to access beyond end of device
[ 43.106128] loop0: rw=0, want=277424, limit=277408
[ 43.106131] Buffer I/O error on device loop0, logical block 138711
[ 43.106135] attempt to access beyond end of device
[ 43.106139] loop0: rw=0, want=277426, limit=277408
[ 43.106143] Buffer I/O error on device loop0, logical block 138712
[ 43.106147] attempt to access beyond end of device
[ 43.106151] loop0: rw=0, want=277428, limit=277408
[ 43.106154] Buffer I/O error on device loop0, logical block 138713
[ 43.106158] attempt to access beyond end of device
[ 43.106162] loop0: rw=0, want=277430, limit=277408
[ 43.106166] attempt to access beyond end of device
[ 43.106169] loop0: rw=0, want=277432, limit=277408
...
[ 43.106307] attempt to access beyond end of device
[ 43.106311] loop0: rw=0, want=277470, limit=2774Squashfs manages to read in the end block(s) of the disk during the
mount operation. Then, when dd reads the block device, it leads to
block_read_full_page being called with buffers that are beyond end of
disk, but are marked as mapped. Thus, it would end up submitting read
I/O against them, resulting in the errors mentioned above. I fixed the
problem by modifying init_page_buffers to only set the buffer mapped if
it fell inside of i_size.Cheers,
JeffSigned-off-by: Jeff Moyer
Acked-by: Nick Piggin--
Changes from v1->v2: re-used max_block, as suggested by Nick Piggin.
Signed-off-by: Jens Axboe -
dst_check() will take care of SA (and obsolete field), hence
IPsec rekeying scenario is taken into account.Signed-off-by: Nicolas Dichtel
Acked-by: Vlad Yaseivch
Signed-off-by: David S. Miller -
This reverts commit 8a83a00b0735190384a348156837918271034144.
It causes regressions for S390 devices, because it does an
unconditional DST drop on SKBs for vlans and the QETH device
needs the neighbour entry hung off the DST for certain things
on transmit.Arnd can't remember exactly why he even needed this change.
Conflicts:
drivers/net/macvlan.c
net/8021q/vlan_dev.c
net/core/dev.cSigned-off-by: David S. Miller
-
With the adding of function tracing event to perf, it caused a
side effect that produces the following warning when enabling all
events in ftrace:# echo 1 > /sys/kernel/debug/tracing/events/enable
[console]
event trace: Could not enable event functionThis is because when enabling all events via the debugfs system
it ignores events that do not have a ->reg() function assigned.
This was to skip over the ftrace internal events (as they are
not TRACE_EVENTs). But as the ftrace function event now has
a ->reg() function attached to it for use with perf, it is no
longer ignored.Worse yet, this ->reg() function is being called when it should
not be. It returns an error and causes the above warning to
be printed.By adding a new event_call flag (TRACE_EVENT_FL_IGNORE_ENABLE)
and have all ftrace internel event structures have it set,
setting the events/enable will no longe try to incorrectly enable
the function event and does not warn.Signed-off-by: Steven Rostedt
08 May, 2012
1 commit
-
Neither compare_ether_addr() nor compare_ether_addr_64bits()
(as it can fall back to the former) have comparison semantics
like memcmp() where the sign of the return value indicates sort
order. We had a bug in the wireless code due to a blind memcmp
replacement because of this.A cursory look suggests that the wireless bug was the only one
due to this semantic difference.Signed-off-by: Johannes Berg
Signed-off-by: David S. Miller
07 May, 2012
1 commit
-
Pull x86 fixes form Peter Anvin
* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
intel_mid_powerbtn: mark irq as IRQF_NO_SUSPEND
arch/x86/platform/geode/net5501.c: change active_low to 0 for LED driver
x86, relocs: Remove an unused variable
asm-generic: Use __BITS_PER_LONG in statfs.h
x86/amd: Re-enable CPU topology extensions in case BIOS has disabled it
06 May, 2012
1 commit
-
Pull an ACPI patch from Len Brown:
"It fixes a D3 issue new in 3.4-rc1."By Lin Ming via Len Brown:
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux:
ACPI: Fix D3hot v D3cold confusion
05 May, 2012
3 commits
-
Before this patch, ACPI_STATE_D3 incorrectly referenced D3hot
in some places, but D3cold in other places.After this patch, ACPI_STATE_D3 always means ACPI_STATE_D3_COLD;
and all references to D3hot use ACPI_STATE_D3_HOT.ACPI's _PR3 method is used to enter both D3hot and D3cold states.
What distinguishes D3hot from D3cold is the presence _PR3
(Power Resources for D3hot) If these resources are all ON,
then the state is D3hot. If _PR3 is not present,
or all _PR0 resources for the devices are OFF,
then the state is D3cold.This patch applies after Linux-3.4-rc1.
A future syntax cleanup may remove ACPI_STATE_D3
to emphasize that it always means ACPI_STATE_D3_COLD.Signed-off-by: Lin Ming
Acked-by: Rafael J. Wysocki
Reviewed-by: Aaron Lu
Signed-off-by: Len Brown -
The normal read_seqcount_begin() function will wait for any current
writers to exit their critical region by looping until the sequence
count is even.That "wait for sequence count to stabilize" is the right thing to do if
the read-locker will just retry the whole operation on contention: no
point in doing a potentially expensive reader sequence if we know at the
beginning that we'll just end up re-doing it all.HOWEVER. Some users don't actually retry the operation, but instead
will abort and do the operation with proper locking. So the sequence
count case may be the optimistic quick case, but in the presense of
writers you may want to do full locking in order to guarantee forward
progress. The prime example of this would be the RCU name lookup.And in that case, you may well be better off without the "retry early",
and are in a rush to instead get to the failure handling. Thus this
"raw" interface that just returns the sequence number without testing it
- it just forces the low bit to zero so that read_seqcount_retry() will
always fail such a "active concurrent writer" scenario.Signed-off-by: Linus Torvalds
-
We really need to use a ACCESS_ONCE() on the sequence value read in
__read_seqcount_begin(), because otherwise the compiler might end up
reloading the value in between the test and the return of it. As a
result, it might end up returning an odd value (which means that a write
is in progress).If the reader is then fast enough that that odd value is still the
current one when the read_seqcount_retry() is done, we might end up with
a "successful" read sequence, even despite the concurrent write being
active.In practice this probably never really happens - there just isn't
anything else going on around the read of the sequence count, and the
common case is that we end up having a read barrier immediately
afterwards.So the code sequence in which gcc might decide to reaload from memory is
small, and there's no reason to believe it would ever actually do the
reload. But if the compiler ever were to decide to do so, it would be
incredibly annoying to debug. Let's just make sure.Cc: stable@kernel.org
Signed-off-by: Linus Torvalds
04 May, 2012
1 commit
-
Pull networking fixes from David Miller:
1) Transfer padding was wrong for full-speed USB in ASIX driver, fix
from Ingo van Lil.2) Propagate the negative packet offset fix into the PowerPC BPF JIT.
From Jan Seiffert.3) dl2k driver's private ioctls were letting unprivileged tasks make
MII writes and other ugly bits like that. Fix from Jeff Mahoney.4) Fix TX VLAN and RX packet drops in ucc_geth, from Joakim Tjernlund.
5) OOPS and network namespace fixes in IPVS from Hans Schillstrom and
Julian Anastasov.6) Fix races and sleeping in locked context bugs in drop_monitor, from
Neil Horman.7) Fix link status indication in smsc95xx driver, from Paolo Pisati.
8) Fix bridge netfilter OOPS, from Peter Huang.
9) L2TP sendmsg can return on error conditions with the socket lock
held, oops. Fix from Sasha Levin.10) udp_diag should return meaningful values for socket memory usage,
from Shan Wei.11) Eric Dumazet is so awesome he gets his own section:
Socket memory cgroup code (I never should have applied those
patches, grumble...) made erroneous changes to
sk_sockets_allocated_read_positive(). It was changed to
use percpu_counter_sum_positive (which requires BH disabling)
instead of percpu_counter_read_positive (which does not).
Revert back to avoid crashes and lockdep warnings.Adjust the default tcp_adv_win_scale and tcp_rmem[2] values
to fix throughput regressions. This is necessary as a result
of our more precise skb->truesize tracking.Fix SKB leak in netem packet scheduler.
12) New device IDs for various bluetooth devices, from Manoj Iyer,
AceLan Kao, and Steven Harms.13) Fix command completion race in ipw2200, from Stanislav Yakovlev.
14) Fix rtlwifi oops on unload, from Larry Finger.
15) Fix hard_mtu when adjusting hard_header_len in smsc95xx driver.
From Stephane Fillod.16) ehea driver registers it's IRQ before all the necessary state is
setup, resulting in crashes. Fix from Thadeu Lima de Souza
Cascardo.17) Fix PHY connection failures in davinci_emac driver, from Anatolij
Gustschin.18) Missing break; in switch statement in bluetooth's
hci_cmd_complete_evt(). Fix from Szymon Janc.19) Fix queue programming in iwlwifi, from Johannes Berg.
20) Interrupt throttling defaults not being actually programmed into the
hardware, fix from Jeff Kirsher and Ying Cai.21) TLAN driver SKB encoding in descriptor busted on 64-bit, fix from
Benjamin Poirier.22) Fix blind status block RX producer pointer deref in TG3 driver, from
Matt Carlson.23) Promisc and multicast are busted on ehea, fixes from Thadeu Lima de
Souza Cascardo.24) Fix crashes in 6lowpan, from Alexander Smirnov.
25) tcp_complete_cwr() needs to be careful to not rewind the CWND to
ssthresh if ssthresh has the "infinite" value. Fix from Yuchung
Cheng.* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (81 commits)
sungem: Fix WakeOnLan
tcp: change tcp_adv_win_scale and tcp_rmem[2]
net: l2tp: unlock socket lock before returning from l2tp_ip_sendmsg
drop_monitor: prevent init path from scheduling on the wrong cpu
usbnet: fix failure handling in usbnet_probe
usbnet: fix leak of transfer buffer of dev->interrupt
ucc_geth: Add 16 bytes to max TX frame for VLANs
net: ucc_geth, increase no. of HW RX descriptors
netem: fix possible skb leak
sky2: fix receive length error in mixed non-VLAN/VLAN traffic
sky2: propogate rx hash when packet is copied
net: fix two typos in skbuff.h
cxgb3: Don't call cxgb_vlan_mode until q locks are initialized
ixgbe: fix calling skb_put on nonlinear skb assertion bug
ixgbe: Fix a memory leak in IEEE DCB
igbvf: fix the bug when initializing the igbvf
smsc75xx: enable mac to detect speed/duplex from phy
smsc75xx: declare smsc75xx's MII as GMII capable
smsc75xx: fix phy interrupt acknowledge
smsc75xx: fix phy init reset loop
...
02 May, 2012
1 commit
-
…wireless into for-davem
01 May, 2012
6 commits
-
fix kernel doc typos in function names
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller -
Pull SCSI fixes from James Bottomley:
"This is a set of SAS and SATA fixes; there are one or two longstanding
bug fixes, but most of this is regression fixes."* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
[SCSI] libfc: update mfs boundry checking
[SCSI] Revert "[SCSI] libsas: fix sas port naming"
[SCSI] libsas: fix false positive 'device attached' conditions
[SCSI] libsas, libata: fix start of life for a sas ata_port
[SCSI] libsas: fix ata_eh clobbering ex_phys via smp_ata_check_ready
[SCSI] libsas: unify domain_device sas_rphy lifetimes
[SCSI] libsas: fix sas_get_port_device regression
[SCSI] libsas: fix sas_find_bcast_phy() in the presence of 'vacant' phys
[SCSI] libsas: introduce sas_work to fix sas_drain_work vs sas_queue_work
[SCSI] libata: Pass correct DMA device to scsi host
[SCSI] scsi_lib: use correct DMA device in __scsi_alloc_queue -
More recent versions of the UEFI spec have added new attributes for
variables. Add them.Signed-off-by: Matthew Garrett
Cc: stable@vger.kernel.org
Signed-off-by: Linus Torvalds -
is exported to userspace, so using
BITS_PER_LONG is invalid. We need to use __BITS_PER_LONG instead.This is kernel bugzilla 43165.
Reported-by: H.J. Lu
Signed-off-by: H. Peter Anvin
Link: http://lkml.kernel.org/r/1335465916-16965-1-git-send-email-hpa@linux.intel.com
Acked-by: Arnd Bergmann
Cc: -
Denys Fedoryshchenko reported frequent crashes on a proxy server and kindly
provided a lockdep report that explains it all :[ 762.903868]
[ 762.903880] =================================
[ 762.903890] [ INFO: inconsistent lock state ]
[ 762.903903] 3.3.4-build-0061 #8 Not tainted
[ 762.904133] ---------------------------------
[ 762.904344] inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.
[ 762.904542] squid/1603 [HC0[0]:SC0[0]:HE1:SE1] takes:
[ 762.904542] (key#3){+.?...}, at: []
__percpu_counter_sum+0xd/0x58
[ 762.904542] {IN-SOFTIRQ-W} state was registered at:
[ 762.904542] [] __lock_acquire+0x284/0xc26
[ 762.904542] [] lock_acquire+0x71/0x85
[ 762.904542] [] _raw_spin_lock+0x33/0x40
[ 762.904542] [] __percpu_counter_add+0x58/0x7c
[ 762.904542] [] sk_clone_lock+0x1e5/0x200
[ 762.904542] [] inet_csk_clone_lock+0xe/0x78
[ 762.904542] [] tcp_create_openreq_child+0x1b/0x404
[ 762.904542] [] tcp_v4_syn_recv_sock+0x32/0x1c1
[ 762.904542] [] tcp_check_req+0x1fd/0x2d7
[ 762.904542] [] tcp_v4_do_rcv+0xab/0x194
[ 762.904542] [] tcp_v4_rcv+0x3b3/0x5cc
[ 762.904542] [] ip_local_deliver_finish+0x13a/0x1e9
[ 762.904542] [] NF_HOOK.clone.11+0x46/0x4d
[ 762.904542] [] ip_local_deliver+0x41/0x45
[ 762.904542] [] ip_rcv_finish+0x31a/0x33c
[ 762.904542] [] NF_HOOK.clone.11+0x46/0x4d
[ 762.904542] [] ip_rcv+0x201/0x23e
[ 762.904542] [] __netif_receive_skb+0x319/0x368
[ 762.904542] [] netif_receive_skb+0x4e/0x7d
[ 762.904542] [] napi_skb_finish+0x1e/0x34
[ 762.904542] [] napi_gro_receive+0x20/0x24
[ 762.904542] [] e1000_receive_skb+0x3f/0x45 [e1000e]
[ 762.904542] [] e1000_clean_rx_irq+0x1f9/0x284 [e1000e]
[ 762.904542] [] e1000_clean+0x62/0x1f4 [e1000e]
[ 762.904542] [] net_rx_action+0x90/0x160
[ 762.904542] [] __do_softirq+0x7b/0x118
[ 762.904542] irq event stamp: 156915469
[ 762.904542] hardirqs last enabled at (156915469): []
__slab_alloc.clone.58.clone.63+0xc4/0x2de
[ 762.904542] hardirqs last disabled at (156915468): []
__slab_alloc.clone.58.clone.63+0x22/0x2de
[ 762.904542] softirqs last enabled at (156915466): []
lock_sock_nested+0x64/0x6c
[ 762.904542] softirqs last disabled at (156915464): []
_raw_spin_lock_bh+0xe/0x45
[ 762.904542]
[ 762.904542] other info that might help us debug this:
[ 762.904542] Possible unsafe locking scenario:
[ 762.904542]
[ 762.904542] CPU0
[ 762.904542] ----
[ 762.904542] lock(key#3);
[ 762.904542]
[ 762.904542] lock(key#3);
[ 762.904542]
[ 762.904542] *** DEADLOCK ***
[ 762.904542]
[ 762.904542] 1 lock held by squid/1603:
[ 762.904542] #0: (sk_lock-AF_INET){+.+.+.}, at: []
lock_sock+0xa/0xc
[ 762.904542]
[ 762.904542] stack backtrace:
[ 762.904542] Pid: 1603, comm: squid Not tainted 3.3.4-build-0061 #8
[ 762.904542] Call Trace:
[ 762.904542] [] ? printk+0x18/0x1d
[ 762.904542] [] valid_state+0x1f6/0x201
[ 762.904542] [] mark_lock+0xd1/0x1bb
[ 762.904542] [] ? mark_lock+0x26/0x1bb
[ 762.904542] [] ? check_usage_forwards+0x77/0x77
[ 762.904542] [] __lock_acquire+0x2f8/0xc26
[ 762.904542] [] ? mark_held_locks+0x5d/0x7b
[ 762.904542] [] ? trace_hardirqs_on+0xb/0xd
[ 762.904542] [] ? __lock_acquire+0x4d4/0xc26
[ 762.904542] [] lock_acquire+0x71/0x85
[ 762.904542] [] ? __percpu_counter_sum+0xd/0x58
[ 762.904542] [] _raw_spin_lock+0x33/0x40
[ 762.904542] [] ? __percpu_counter_sum+0xd/0x58
[ 762.904542] [] __percpu_counter_sum+0xd/0x58
[ 762.904542] [] __sk_mem_schedule+0xdd/0x1c7
[ 762.904542] [] ? __alloc_skb+0x76/0x100
[ 762.904542] [] sk_wmem_schedule+0x21/0x2d
[ 762.904542] [] sk_stream_alloc_skb+0x42/0xaa
[ 762.904542] [] tcp_sendmsg+0x18f/0x68b
[ 762.904542] [] ? ip_fast_csum+0x30/0x30
[ 762.904542] [] inet_sendmsg+0x53/0x5a
[ 762.904542] [] sock_aio_write+0xd2/0xda
[ 762.904542] [] ? mark_lock+0x26/0x1bb
[ 762.904542] [] do_sync_write+0x9f/0xd9
[ 762.904542] [] ? file_free_rcu+0x2f/0x2f
[ 762.904542] [] vfs_write+0x8f/0xab
[ 762.904542] [] ? fget_light+0x75/0x7c
[ 762.904542] [] sys_write+0x3d/0x5e
[ 762.904542] [] syscall_call+0x7/0xb
[ 762.904542] [] ? rp_sidt+0x41/0x83Bug is that sk_sockets_allocated_read_positive() calls
percpu_counter_sum_positive() without BH being disabled.This bug was added in commit 180d8cd942ce33
(foundations of per-cgroup memory pressure controlling.), since previous
code was using percpu_counter_read_positive() which is IRQ safe.In __sk_mem_schedule() we dont need the precise count of allocated
sockets and can revert to previous behavior.Reported-by: Denys Fedoryshchenko
Sined-off-by: Eric Dumazet
Cc: Glauber Costa
Acked-by: Neal CardwellSigned-off-by: David S. Miller
30 Apr, 2012
4 commits
-
Change order of init so netns init is ready
when register ioctl and netlink.Ver2
Whitespace fixes and __init added.Reported-by: "Ryan O'Hara"
Signed-off-by: Hans Schillstrom
Acked-by: Julian Anastasov
Signed-off-by: Jesper Dangaard Brouer
Signed-off-by: Simon Horman -
ip_vs_create_timeout_table() can return NULL
All functions protocol init_netns is affected of this patch.Signed-off-by: Hans Schillstrom
Acked-by: Julian Anastasov
Signed-off-by: Simon Horman -
The actual internal pipe implementation is already really about
individual packets (called "pipe buffers"), and this simply exposes that
as a special packetized mode.When we are in the packetized mode (marked by O_DIRECT as suggested by
Alan Cox), a write() on a pipe will not merge the new data with previous
writes, so each write will get a pipe buffer of its own. The pipe
buffer is then marked with the PIPE_BUF_FLAG_PACKET flag, which in turn
will tell the reader side to break the read at that boundary (and throw
away any partial packet contents that do not fit in the read buffer).End result: as long as you do writes less than PIPE_BUF in size (so that
the pipe doesn't have to split them up), you can now treat the pipe as a
packet interface, where each read() system call will read one packet at
a time. You can just use a sufficiently big read buffer (PIPE_BUF is
sufficient, since bigger than that doesn't guarantee atomicity anyway),
and the return value of the read() will naturally give you the size of
the packet.NOTE! We do not support zero-sized packets, and zero-sized reads and
writes to a pipe continue to be no-ops. Also note that big packets will
currently be split at write time, but that the size at which that
happens is not really specified (except that it's bigger than PIPE_BUF).
Currently that limit is the system page size, but we might want to
explicitly support bigger packets some day.The main user for this is going to be the autofs packet interface,
allowing us to stop having to care so deeply about exact packet sizes
(which have had bugs with 32/64-bit compatibility modes). But user
space can create packetized pipes with "pipe2(fd, O_DIRECT)", which will
fail with an EINVAL on kernels that do not support this interface.Tested-by: Michael Tokarev
Cc: Alan Cox
Cc: David Miller
Cc: Ian Kent
Cc: Thomas Meyer
Cc: stable@kernel.org # needed for systemd/autofs interaction fix
Signed-off-by: Linus Torvalds -
Pull USB fixes from Greg Kroah-Hartman:
"Here are a number of small USB fixes for 3.4-rc5.Nothing major, as before, some USB gadget fixes. There's a crash fix
for a number of ASUS laptops on resume that had been reported by a
number of different people. We think the fix might also pertain to
other machines, as this was a BIOS bug, and they seem to travel to
different models and manufacturers quite easily. Other than that,
some other reported problems fixed as well."* tag 'usb-3.4-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
usb: gadget: udc-core: fix incompatibility with dummy-hcd
usb: gadget: udc-core: fix wrong call order
USB: cdc-wdm: fix race leading leading to memory corruption
USB: EHCI: fix crash during suspend on ASUS computers
usb gadget: uvc: uvc_request_data::length field must be signed
usb: gadget: dummy: do not call pullup() on udc_stop()
usb: musb: davinci.c: add missing unregister
usb: musb: drop __deprecated flag
USB: gadget: storage gadgets send wrong error code for unknown commands
usb: otg: gpio_vbus: Add otg transceiver events and notifiers
29 Apr, 2012
1 commit
-
Pull ARM SoC fixes from Olof Johansson:
"Nothing controversial, just another batch of fixes:- Samsung/exynos fixes for more merge window fallout: build errors
and warnings mostly, but also some clock/device setup issues on
exynos4/5
- PXA bug and warning fixes related to gpio and pinmux
- IRQ domain conversion bugfixes for U300 and MSM
- A regulator setup fix for U300"* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
ARM: PXA2xx: MFP: fix potential direction bug
ARM: PXA2xx: MFP: fix bug with MFP_LPM_KEEP_OUTPUT
arm/sa1100: fix sa1100-rtc memory resource
ARM: pxa: fix gpio wakeup setting
ARM: SAMSUNG: add missing MMC_CAP2_BROKEN_VOLTAGE capability
ARM: EXYNOS: Fix compilation error when CONFIG_OF is not defined
ARM: EXYNOS: Fix resource on dev-dwmci.c
ARM: S3C24XX: Fix build warning for S3C2410_PM
ARM: mini2440_defconfig: Fix build error
ARM: msm: Fix gic irqdomain support
ARM: EXYNOS: Fix incorrect initialization of GIC
ARM: EXYNOS: use 'exynos4-sdhci' as device name for sdhci controllers
ARM: u300: bump all IRQ numbers by one
ARM: ux300: Fix unimplementable regulation constraints
28 Apr, 2012
3 commits
-
Pull misc SPI device driver bug fixes from Grant Likely.
* tag 'spi-for-linus' of git://git.secretlab.ca/git/linux-2.6:
spi/spi-bfin5xx: Fix flush of last bit after each spi transfer
spi/spi-bfin5xx: fix reversed if condition in interrupt mode
spi/spi_bfin_sport: drop bits_per_word from client data
spi/bfin_spi: drop bits_per_word from client data
spi/spi-bfin-sport: move word length setup to transfer handler
spi/bfin5xx: rename config macro name for bfin5xx spi controller driver
spi/pl022: Allow request for higher frequency than maximum possible
spi/bcm63xx: set master driver mode_bits.
spi/bcm63xx: don't use the stopping state
spi/bcm63xx: convert to the pump message infrastructure
spi/spi-ep93xx.c: use dma_transfer_direction instead of dma_data_direction
spi: fix spi.h kernel-doc warning
spi/pl022: Fix calculate_effective_freq()
spi/pl022: Fix range checking for bits per word -
Fix kernel-doc warning in spi.h (copy/paste):
Warning(include/linux/spi/spi.h:365): No description found for parameter 'unprepare_transfer_hardware'
Signed-off-by: Randy Dunlap
Signed-off-by: Grant Likely
