29 Aug, 2005
5 commits
-
Implement 4-level pagetables for ppc64
This patch implements full four-level page tables for ppc64, thereby
extending the usable user address range to 44 bits (16T).The patch uses a full page for the tables at the bottom and top level,
and a quarter page for the intermediate levels. It uses full 64-bit
pointers at every level, thus also increasing the addressable range of
physical memory. This patch also tweaks the VSID allocation to allow
matching range for user addresses (this halves the number of available
contexts) and adds some #if and BUILD_BUG sanity checks.Signed-off-by: David Gibson
Signed-off-by: Paul Mackerras -
Make the bootheader for ppc64 independent from kernel and libc headers.
* add -nostdinc -isystem $gccincludes to not include libc headers
* declare all functions in header files, also the stuff from string.S
* declare some functions static
* use stddef.h to get size_t (hopefully ok)
* remove ppc32-types.h, only elf.h used the __NN typesWith further modifications by Paul Mackerras and Stephen Rothwell.
Signed-off-by: Olaf Hering
Signed-off-by: Paul Mackerras -
Bugfix (usage of uninitialized pointer in zfcp_port_dequeue) and compile
fixes for the zfcp device driver.Signed-off-by: Heiko Carstens
Acked-by: James Bottomley
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
struct zfcp_port::scsi_id was removed by commit
3859f6a248cbdfbe7b41663f3a2b51f48e30b281Signed-off-by: Alexey Dobriyan
Signed-off-by: Linus Torvalds
28 Aug, 2005
8 commits
-
[ Same race and same patch also by Steven Rostedt ]
I have a laptop (G3 powerbook) which will pretty reliably hit a race
between con_open and con_close late in the boot process and oops in
vt_ioctl due to tty->driver_data being NULL.What happens is this: process A opens /dev/tty6; it comes into
con_open() (drivers/char/vt.c) and assign a non-NULL value to
tty->driver_data. Then process A closes that and concurrently process
B opens /dev/tty6. Process A gets through con_close() and clears
tty->driver_data, since tty->count == 1. However, before process A
can decrement tty->count, we switch to process B (e.g. at the
down(&tty_sem) call at drivers/char/tty_io.c line 1626).So process B gets to run and comes into con_open with tty->count == 2,
as tty->count is incremented (in init_dev) before con_open is called.
Because tty->count != 1, we don't set tty->driver_data. Then when the
process tries to do anything with that fd, it oopses.The simple and effective fix for this is to test tty->driver_data
rather than tty->count in con_open. The testing and setting of
tty->driver_data is serialized with respect to the clearing of
tty->driver_data in con_close by the console_sem. We can't get a
situation where con_open sees tty->driver_data != NULL and then
con_close on a different fd clears tty->driver_data, because
tty->count is incremented before con_open is called. Thus this patch
eliminates the race, and in fact with this patch my laptop doesn't
oops.Signed-off-by: Paul Mackerras
[ Same patch
Signed-off-by: Steven Rostedt
in http://marc.theaimsgroup.com/?l=linux-kernel&m=112450820432121&w=2 ]
Signed-off-by: Linus Torvalds -
This patch fixes a severe problem with 2.6.13-rc7.
Due to recent SCSI changes it is not possible to add any LUNs to the zfcp
device driver anymore. With registration of remote ports this is fixed.Signed-off-by: Andreas Herrmann
Acked-by: James Bottomley
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
I know that scsi procfs is legacy code but this is a fix for a memory leak.
While reading through sg.c I realized that the implementation of
/proc/scsi/sg/devices with seq_file is leaking memory due to freeing the
pointer returned by the next() iterator method. Since next() might return
NULL or an error this is wrong. This patch fixes it through using the
seq_files private field for holding the reference to the iterator object.Here is a small bash script to trigger the leak. Use slabtop to watch
the size-32 usage grow and grow.#!/bin/sh
while true; do
cat /proc/scsi/sg/devices > /dev/null
doneSigned-off-by: Jan Blunck
Acked-by: James Bottomley
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Fixed race between submitting streaming URBs in the driver and starting
the actual transfer in hardware (demodulator and USB controller) which
sometimes lead to garbled data transfers. URBs are now submitted first,
then the transfer is enabled. Dibusb devices and clones are now fully
functional again.Signed-off-by: Patrick Boettcher
Signed-off-by: Linus Torvalds -
This fixes a bug in the capifs initialization code, where the
filesystem is not unregistered if kern_mount() fails.Signed-off-by: James Morris
Signed-off-by: Karsten Keil
Signed-off-by: Linus Torvalds -
When acpi_sleep_prepare was moved into a shutdown method we
started calling it for all shutdowns.It appears this triggers some systems to power off on reboot.
Avoid this by only calling acpi_sleep_prepare if we are going to power
off the system.Signed-off-by: Eric W. Biederman
Signed-off-by: Linus Torvalds -
- copy_from_user() can fail; ->write() must check its return value.
- severe buffer overruns both in ->read() and ->write() - lseek to the
end (i.e. to mmapper_size) andif (count + *ppos > mmapper_size)
count = count + *ppos - mmapper_size;will do absolutely nothing. Then it will call
copy_to_user(buf,&v_buf[*ppos],count);
with obvious results (similar for ->write()).
Fixed by turning read to simple_read_from_buffer() and by doing
normal limiting of count in ->write().- gratitious lock_kernel() in ->mmap() - it's useless there.
- lots of gratuitous includes.
Signed-off-by: Al Viro
Signed-off-by: Linus Torvalds
27 Aug, 2005
25 commits
-
Don't check type of sax25_family; dev_set_mac_address has already done
that before and anyway, the type to check against would have been
ARPHRD_AX25. We only got away because AF_AX25 and ARPHRD_AX25 both happen
to be defined to the same value.Don't check sax25_ndigis either; it's value is insignificant for the
purpose of setting the MAC address and the check has shown to break
some application software for no good reason.Signed-off-by: Ralf Baechle DL5RB
Signed-off-by: Jeff Garzik -
I dropped the timer initialization bits by accident when sending the
p-persistence fix. This patch gets the driver to work again on halfduplex
links.Signed-off-by: Ralf Baechle DL5RB
Signed-off-by: Jeff Garzik -
The problem arises if an entity in sysfs is created and removed without
ever having been made completely visible. In SCSI this is triggered by
removing a device while it's initialising.The problem appears to be that because it was never made visible in sysfs,
the sysfs dentry has a null d_inode which oopses when a reference is made
to it. The solution is simply to check d_inode and assume the object was
never made visible (and thus doesn't need deleting) if it's NULL.(akpm: possibly a stopgap for 2.6.13 scsi problems. May not be the
long-term fix)Signed-off-by: James Bottomley
Cc: Greg KH
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
It's possible for this to still have flags in it and a previous instance
has been stopped, and that confused the new array using the same mddev.Signed-off-by: Neil Brown
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
I just discovered this is needed for module auto-loading.
Signed-off-by: Neil Brown
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Fix a use-after-free bug in userspace verbs cleanup: we can't touch
mr->device after we free mr by calling ib_dereg_mr().Signed-off-by: Roland Dreier
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
We are currently reserving one byte more than actually needed by the flash
device and overlapping into the next I/O expansion bus window. This a)
causes us to allocate an extra page of VM due to ARM ioremap() alignment
code and b) could cause problems if another driver tries to request the
next expansion bus window.Signed-off-by: Deepak Saxena
Cc: Russell King
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Some nodes can have large holes on x86-64.
This fixes problems with the VM allowing too many dirty pages because it
overestimates the number of available RAM in a node. In extreme cases you
can end up with all RAM filled with dirty pages which can lead to deadlocks
and other nasty behaviour.This patch just tells the VM about the known holes from e820. Reserved
(like the kernel text or mem_map) is still not taken into account, but that
should be only a few percent error now.Small detail is that the flat setup uses the NUMA free_area_init_node() now
too because it offers more flexibility.(akpm: lotsa thanks to Martin for working this problem out)
Cc: Martin Bligh
Signed-off-by: Andi Kleen
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
This patch fixes several instances of hwmon drivers kfree'ing the "wrong"
pointer; the existing code works somewhat by accident.(akpm: plucked from Greg's queue based on lkml discussion. Finishes off the
patch from Jon Corbet)Signed-off-by: Mark M. Hoffman
Signed-off-by: Jean Delvare
Signed-off-by: Greg Kroah-Hartman
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
I recently had a BUG_ON() go off spuriously on a gcc 4.0 compiled kernel.
It turns out gcc-4.0 was removing a sign extension while earlier gcc
versions would not. Thinking this to be a compiler bug, I submitted a
report:http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23422
It turns out we need to cast the input in order to tell gcc to sign extend
it.Thanks to Andrew Pinski for his help on this bug.
Signed-off-by: Anton Blanchard
Cc: Paul Mackerras
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
At the suggestion of Nick Piggin and Dinakar, totally disable
the facility to allow cpu_exclusive cpusets to define dynamic
sched domains in Linux 2.6.13, in order to avoid problems
first reported by John Hawkes (corrupt sched data structures
and kernel oops).This has been built for ppc64, i386, ia64, x86_64, sparc, alpha.
It has been built, booted and tested for cpuset functionality
on an SN2 (ia64).Dinakar or Nick - could you verify that it for sure does avoid
the problems Hawkes reported. Hawkes is out of town, and I don't
have the recipe to reproduce what he found.Signed-off-by: Paul Jackson
Acked-by: Nick Piggin
Signed-off-by: Linus Torvalds -
The partial disabling of Dinakar's new facility to allow
cpu_exclusive cpusets to define dynamic sched domains
doesn't go far enough. At the suggestion of Nick Piggin
and Dinakar, let us instead totally disable this facility
for 2.6.13, in order to avoid problems first reported
by John Hawkes (corrupt sched data structures and kernel oops).This patch removes the partial disabling code in 2.6.13-rc7,
in anticipation of the next patch, which will totally disable
it instead.Signed-off-by: Paul Jackson
Signed-off-by: Linus Torvalds -
Coverity uncovered an off-by-one error in the fscpos driver, in function
set_temp_reset(). Writing to the temp3_reset sysfs file will lead to an
array overrun, in turn causing an I2C write to a random register of the
FSC Poseidon chip. Additionally, writing to temp1_reset and temp2_reset
will not work as expected. The fix is straightforward.Signed-off-by: Jean Delvare
Signed-off-by: Linus Torvalds -
Be more precise on deciding whether to call m8xx_ide_init() at
m8xx_setup.c:platform_init().Compilation fails if CONFIG_BLK_DEV_IDE is defined but
CONFIG_BLK_DEV_MPC8xx_IDE isnt.Signed-off-by: Marcelo Tosatti
Signed-off-by: Linus Torvalds -
spinlock used in irq handler should be initialized before registering
irq, even if we know that our device has interrupts disabled; handler
is registered shared and taking spinlock is done unconditionally. As
it is, we can and do get oopsen on boot for some configuration, depending
on irq routing - I've got a reproducer.Signed-off-by: Al Viro
Signed-off-by: Ben Collins
Signed-off-by: Linus Torvalds -
In qdio_get_micros() volatile in return type is plain noise (even with old
gccisms it would make no sense - noreturn function returning __u64 is a
bit odd ;-)Signed-off-by: Al Viro
Signed-off-by: Linus Torvalds -
Dumb typo: iounmap(&local_pointer_variable).
Signed-off-by: Al Viro
Signed-off-by: Linus Torvalds -
The adm9240 driver, in adm9240_detect(), allocates a structure. The
error path attempts to kfree() ->client field of it (second one),
resulting in an oops (or slab corruption) if the hardware is not present.->client field in adm1026, adm1031, smsc47b397 and smsc47m1 is the first in
${HWMON}_data structure, but fix them too.Signed-off-by: Jonathan Corbet
Signed-off-by: Linus Torvalds -
The recent change to locks_remove_flock code in fs/locks.c changes how
byte range locks are removed from closing files, which shows up a bug in
cifs.The assumption in the cifs code was that the close call sent to the
server would remove any pending locks on the server on this file, but
that is no longer safe as the fs/locks.c code on the client wants unlock
of 0 to PATH_MAX to remove all locks (at least from this client, it is
not possible AFAIK to remove all locks from other clients made to the
server copy of the file).Note that cifs locks are different from posix locks - and it is not
possible to map posix locks perfectly on the wire yet, due to
restrictions of the cifs network protocol, even to Samba without adding
a new request type to the network protocol (which we plan to do for
Samba 3.0.21 within a few months), but the local client will have the
correct, posix view, of the lock in most cases.The correct fix for cifs for this would involve a bigger change than I
would like to do this late in the 2.6.13-rc cycle - and would involve
cifs keeping track of all unmerged (uncoalesced) byte range locks for
each remote inode and scanning that list to remove locks that intersect
or fall wholly within the range - locks that intersect may have to be
reaquired with the smaller, remaining range.Signed-off-by: Steve French
Signed-off-by: Dave Kleikamp
Signed-off-by: Linus Torvalds -
While touching this code I noticed the error handling is bogus, so I
fixed it up.I've removed the IS_ERR(proc_dentry) check, which will never trigger and
is clearly a typo: we must check proc_file instead.Signed-off-by: Paolo 'Blaisorblade' Giarrusso
Signed-off-by: Linus Torvalds -
Update hppfs for the symlink functions prototype change.
Yes, I know the code I leave there is still _bogus_, see next patch for
this.Signed-off-by: Paolo 'Blaisorblade' Giarrusso
Signed-off-by: Linus Torvalds -
There is an off by one problem with idr_get_new_above.
The comment and function name suggest that it will return an id >
starting_id, but it actually returned an id >= starting_id, and kernel
callers other than inotify treated it as such.The patch below fixes the comment, and fixes inotifys usage. The
function name still doesn't match the behaviour, but it never did.Signed-off-by: John McCutchan
Signed-off-by: Linus Torvalds -
Writing even a disabled value seems to mess up some matrox graphics
cards. It may be a card-related issue, but we may also be writing
reserved low bits in the result.This was a fall-out of switching x86 over to the generic PCI resource
allocation code, and needs more debugging. In particular, the old x86
code defaulted to not doing any resource allocations at all for ROM
resources.In the meantime, this has been reported to make X happier by Helge
Hafting .Signed-off-by: Linus Torvalds
-
It may seem small, but most cards need much less, if any, and this not
only makes the code adhere to the comment, it seems to fix a boot-time
lockup on a ThinkPad 380XD laptop reported by Tero RoponenSigned-off-by: Linus Torvalds
26 Aug, 2005
1 commit
-
The tg3_abort_hw() call in tg3_test_loopback() is causing lockups on
some devices. tg3_abort_hw() disables the memory arbiter, causing
tg3_reset_hw() to hang when it tries to write the pre-reset signature.
tg3_abort_hw() should only be called after the pre-reset signature has
been written. This is all done in tg3_reset_hw() so the tg3_abort_hw()
call is unnecessary and can be removed.[ Also bump driver version and release date. -DaveM ]
Signed-off-by: Michael Chan
Signed-off-by: David S. Miller
25 Aug, 2005
1 commit
-
One critical fix and two minor fixes for 2.6.13-rc7:
- Max depth must currently be 2 to allow barriers to function on SCSI
- Prefer sync request over async in choosing the next request
- Never allow async request to preempt or disturb the "anticipation" for
a single cfq process context. This is as-designed, the code right now
is buggy in that area.Signed-off-by: Jens Axboe
Signed-off-by: Linus Torvalds
