23 Sep, 2010
11 commits
-
Otherwise, calling platform_get_drvdata() in ab3100_rtc_remove() returns
NULL.Signed-off-by: Axel Lin
Acked-by:Wan ZongShun
Acked-by: Linus Walleij
Cc: Alessandro Zummo
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Alter the maintainer of the AVR32 architecture and the AVR32/AT32AP
machine support to me. Haavard is moving on to new challenges, and we've
found it better to transfer the maintainer part to me. I will have good
contact with Haavard anyway.Signed-off-by: Hans-Christian Egtvedt
Acked-by: Haavard Skinnemoen
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
In an effort to minimize customer confusion we want to unify naming
convention for VMware-provided kernel modules. This change renames the
balloon driver from vmware_ballon to vmw_balloon.We expect to follow this naming convention (vmw_) for all
modules that are part of mainline kernel and/or being distributed by
VMware, with the sole exception of vmxnet3 driver (since the name of
mainline driver happens to match with the name used in VMware Tools).Signed-off-by: Dmitry Torokhov
Acked-by: Bhavesh Davda
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
This fixes the regression caused by the commit 6fee48cd330c68
("dma-mapping: arm: use generic pci_set_dma_mask and
pci_set_consistent_dma_mask").ARM needs to clip the dma coherent mask for dmabounce devices. This
restores the old trick.Note that strictly speaking, the DMA API doesn't allow architectures to do
such but I'm not sure it's worth adding the new API to set the dma mask
that allows architectures to clip it.Reported-by: Krzysztof Halasa
Signed-off-by: FUJITA Tomonori
Acked-by: Russell King
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Commit 73296bc611 ("procfs: Use generic_file_llseek in /proc/vmcore")
broke seeking on /proc/vmcore. This changes it back to use default_llseek
in order to restore the original behaviour.The problem with generic_file_llseek is that it only allows seeks up to
inode->i_sb->s_maxbytes, which is zero on procfs and some other virtual
file systems. We should merge generic_file_llseek and default_llseek some
day and clean this up in a proper way, but for 2.6.35/36, reverting vmcore
is the safer solution.Signed-off-by: Arnd Bergmann
Cc: Frederic Weisbecker
Reported-by: CAI Qian
Tested-by: CAI Qian
Cc:
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
After d9e1b6c45059ccf ("ipmi: fix ACPI detection with regspacing") we get
[ 11.026326] ipmi_si: probing via ACPI
[ 11.030019] ipmi_si 00:09: (null) regsize 1 spacing 1 irq 0
[ 11.035594] ipmi_si: Adding ACPI-specified kcs state machineon an old system with only one range for ipmi kcs range.
Try to fix it by adding another res pointer.
Signed-off-by: Yinghai Lu
Signed-off-by: Corey Minyard
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
A task's badness score is roughly a proportion of its rss and swap
compared to the system's capacity. The scale ranges from 0 to 1000 with
the highest score chosen for kill. Thus, this scale operates on a
resolution of 0.1% of RAM + swap. Admin tasks are also given a 3% bonus,
so the badness score of an admin task using 3% of memory, for example,
would still be 0.It's possible that an exceptionally large number of tasks will combine to
exhaust all resources but never have a single task that uses more than
0.1% of RAM and swap (or 3.0% for admin tasks).This patch ensures that the badness score of any eligible task is never 0
so the machine doesn't unnecessarily panic because it cannot find a task
to kill.Signed-off-by: David Rientjes
Cc: Dave Hansen
Cc: Nitin Gupta
Cc: Pekka Enberg
Cc: Minchan Kim
Cc: KAMEZAWA Hiroyuki
Cc: KOSAKI Motohiro
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
In 32-bit compatibility mode, the error handling for
compat_do_readv_writev() may free an uninitialized pointer, potentially
leading to all sorts of ugly memory corruption. This is reliably
triggerable by unprivileged users by invoking the readv()/writev()
syscalls with an invalid iovec pointer. The below patch fixes this to
emulate the non-compat version.Introduced by commit b83733639a49 ("compat: factor out
compat_rw_copy_check_uvector from compat_do_readv_writev")Signed-off-by: Dan Rosenberg
Cc: stable@kernel.org (2.6.35)
Cc: Al Viro
Signed-off-by: Linus Torvalds -
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6:
sparc: Prevent no-handler signal syscall restart recursion.
sparc: Don't mask signal when we can't setup signal frame.
sparc64: Fix race in signal instruction flushing.
sparc64: Support RAW perf events. -
Make sigreturn zero regs->trap, make do_signal() do the same on all
paths. As it is, signal interrupting e.g. read() from fd 512 (==
ERESTARTSYS) with another signal getting unblocked when the first
handler finishes will lead to restart one insn earlier than it ought
to. Same for multiple signals with in-kernel handlers interrupting
that sucker at the same time. Same for multiple signals of any kind
interrupting that sucker on 64bit...Signed-off-by: Al Viro
Acked-by: Paul Mackerras
Signed-off-by: Linus Torvalds -
* 'for-linus' of git://git.kernel.dk/linux-2.6-block:
bdi: Fix warnings in __mark_inode_dirty for /dev/zero and friends
char: Mark /dev/zero and /dev/kmem as not capable of writeback
bdi: Initialize noop_backing_dev_info properly
cfq-iosched: fix a kernel OOPs when usb key is inserted
block: fix blk_rq_map_kern bio direction flag
cciss: freeing uninitialized data on error path
22 Sep, 2010
13 commits
-
Inodes of devices such as /dev/zero can get dirty for example via
utime(2) syscall or due to atime update. Backing device of such inodes
(zero_bdi, etc.) is however unable to handle dirty inodes and thus
__mark_inode_dirty complains. In fact, inode should be rather dirtied
against backing device of the filesystem holding it. This is generally a
good rule except for filesystems such as 'bdev' or 'mtd_inodefs'. Inodes
in these pseudofilesystems are referenced from ordinary filesystem
inodes and carry mapping with real data of the device. Thus for these
inodes we have to use inode->i_mapping->backing_dev_info as we did so
far. We distinguish these filesystems by checking whether sb->s_bdi
points to a non-trivial backing device or not.Example: Assume we have an ext3 filesystem on /dev/sda1 mounted on /.
There's a device inode A described by a path "/dev/sdb" on this
filesystem. This inode will be dirtied against backing device "8:0"
after this patch. bdev filesystem contains block device inode B coupled
with our inode A. When someone modifies a page of /dev/sdb, it's B that
gets dirtied and the dirtying happens against the backing device "8:16".
Thus both inodes get filed to a correct bdi list.Cc: stable@kernel.org
Signed-off-by: Jan Kara
Signed-off-by: Jens Axboe -
These devices don't do any writeback but their device inodes still can get
dirty so mark bdi appropriately so that bdi code does the right thing and files
inodes to lists of bdi carrying the device inodes.Cc: stable@kernel.org
Signed-off-by: Jan Kara
Signed-off-by: Jens Axboe -
Properly initialize this backing dev info so that writeback code does not
barf when getting to it e.g. via sb->s_bdi.Cc: stable@kernel.org
Signed-off-by: Jan Kara
Signed-off-by: Jens Axboe -
Explicitly clear the "in-syscall" bit when we have no signal
handler and back up the program counters to back up the system
call.Reported-by: Al Viro
Signed-off-by: David S. Miller -
Don't invoke the signal handler tracehook in that situation
either.Reported-by: Al Viro
Signed-off-by: David S. Miller -
* 'for-linus/i2c/2636-rc5' of git://git.fluff.org/bjdooks/linux:
i2c-omap: Make sure i2c bus is free before setting it to idle -
The lock structs are currently protected by the BKL, but are accessed by
code in fs/locks.c and misc file system and DLM code. These stubs will
allow all users to switch to the new interface before the implementation
is changed to a spinlock.Acked-by: Arnd Bergmann
Signed-off-by: Sage Weil
Signed-off-by: Linus Torvalds -
If the i2c bus receives an interrupt with both BB (bus busy) and
ARDY (register access ready) statuses set during the tranfer of the last message
the bus was put to idle while still busy.This caused bus to timeout.
Signed-off-by: Mathias Nyman
Acked-by: Tony Lindgren
Signed-off-by: Ben Dooks -
…l/git/tip/linux-2.6-tip
* 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
sched: Fix nohz balance kick
sched: Fix user time incorrectly accounted as system time on 32-bit -
…/git/tip/linux-2.6-tip
* 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
hw breakpoints: Fix pid namespace bug
x86: Fix instruction breakpoint encoding
oprofile: Add Support for Intel CPU Family 6 / Model 22 (Intel Celeron 540)
kprobes: Fix Kconfig dependency -
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client:
ceph: select CRYPTO
ceph: check mapping to determine if FILE_CACHE cap is used
ceph: only send one flushsnap per cap_snap per mds session
ceph: fix cap_snap and realm split
ceph: stop sending FLUSHSNAPs when we hit a dirty capsnap
ceph: correctly set 'follows' in flushsnap messages
ceph: fix dn offset during readdir_prepopulate
ceph: fix file offset wrapping at 4GB on 32-bit archs
ceph: fix reconnect encoding for old servers
ceph: fix pagelist kunmap tail
ceph: fix null pointer deref on anon root dentry release -
* 'drm-intel-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ickle/drm-intel:
drm/i915: Hold a reference to the object whilst unbinding the eviction list
drm/i915,agp/intel: Add second set of PCI-IDs for B43
drm/i915: Fix Sandybridge fence registers
drm/i915/crt: Downgrade warnings for hotplug failures
drm/i915: Ensure that the crtcinfo is populated during mode_fixup() -
* git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus:
lguest: update comments to reflect LHCALL_LOAD_GDT_ENTRY.
virtio: console: Prevent userspace from submitting NULL buffers
virtio: console: Fix poll blocking even though there is data to read
21 Sep, 2010
16 commits
-
There's a situation where the nohz balancer will try to wake itself:
cpu-x is idle which is also ilb_cpu
got a scheduler tick during idle
and the nohz_kick_needed() in trigger_load_balance() checks for
rq_x->nr_running which might not be zero (because of someone waking a
task on this rq etc) and this leads to the situation of the cpu-x
sending a kick to itself.And this can cause a lockup.
Avoid this by not marking ourself eligible for kicking.
Signed-off-by: Suresh Siddha
Signed-off-by: Peter Zijlstra
LKML-Reference:
Signed-off-by: Ingo Molnar -
Mike reported a kernel crash when a usb key hotplug is performed while all
kernel thrads are not in a root cgroup and are running in one of the child
cgroups of blkio controller.BUG: unable to handle kernel NULL pointer dereference at 0000002c
IP: [] cfq_get_queue+0x232/0x412
*pde = 00000000
Oops: 0000 [#1] PREEMPT
last sysfs file: /sys/devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/host3/scsi_host/host3/uevent[..]
Pid: 30039, comm: scsi_scan_3 Not tainted 2.6.35.2-fg.roam #1 Volvi2 /Aspire 4315
EIP: 0060:[] EFLAGS: 00010086 CPU: 0
EIP is at cfq_get_queue+0x232/0x412
EAX: f705f9c0 EBX: e977abac ECX: 00000000 EDX: 00000000
ESI: f00da400 EDI: f00da4ec EBP: e977a800 ESP: dff8fd00
DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068
Process scsi_scan_3 (pid: 30039, ti=dff8e000 task=f6b6c9a0 task.ti=dff8e000)
Stack:
00000000 00000000 00000001 01ff0000 f00da508 00000000 f00da524 f00da540
e7994940 dd631750 f705f9c0 e977a820 e977ac44 f00da4d0 00000001 f6b6c9a0
00000010 00008010 0000000b 00000000 00000001 e977a800 dd76fac0 00000246
Call Trace:
[] ? cfq_set_request+0x228/0x34c
[] ? cfq_set_request+0x0/0x34c
[] ? elv_set_request+0xf/0x1c
[] ? get_request+0x1ad/0x22f
[] ? get_request_wait+0x1f/0x11a
[] ? kvasprintf+0x33/0x3b
[] ? scsi_execute+0x1d/0x103
[] ? scsi_execute_req+0x58/0x83
[] ? scsi_probe_and_add_lun+0x188/0x7c2
[] ? attribute_container_add_device+0x15/0xfa
[] ? kobject_get+0xf/0x13
[] ? get_device+0x10/0x14
[] ? scsi_alloc_target+0x217/0x24d
[] ? __scsi_scan_target+0x95/0x480
[] ? dequeue_entity+0x14/0x1fe
[] ? update_curr+0x165/0x1ab
[] ? update_curr+0x165/0x1ab
[] ? scsi_scan_channel+0x4a/0x76
[] ? scsi_scan_host_selected+0x77/0xad
[] ? do_scan_async+0x0/0x11a
[] ? do_scsi_scan_host+0x51/0x56
[] ? do_scan_async+0x0/0x11a
[] ? do_scan_async+0xe/0x11a
[] ? do_scan_async+0x0/0x11a
[] ? kthread+0x5e/0x63
[] ? kthread+0x0/0x63
[] ? kernel_thread_helper+0x6/0x10
Code: 44 24 1c 54 83 44 24 18 54 83 fa 03 75 94 8b 06 c7 86 64 02 00 00 01 00 00 00 83 e0 03 09 f0 89 06 8b 44 24 28 8b 90 58 01 00 00 42 2c 85 c0 75 03 8b 42 08 8d 54 24 48 52 8d 4c 24 50 51 68
EIP: [] cfq_get_queue+0x232/0x412 SS:ESP 0068:dff8fd00
CR2: 000000000000002c
---[ end trace 9a88306573f69b12 ]---The problem here is that we don't have bdi->dev information available when
thread does some IO. Hence when dev_name() tries to access bdi->dev, it
crashes.This problem does not happen if kernel threads are in root group as root
group is statically allocated at device initialization time and we don't
hit this piece of code.Fix it by delaying the filling of major and minor number information of
device in blk_group. Initially a blk_group is created with 0 as device
information and this information is filled later once some more IO comes
in from same group.Reported-by: Mike Kazantsev
Signed-off-by: Vivek Goyal
Signed-off-by: Jens Axboe -
This bug was introduced in 7b6d91daee5cac6402186ff224c3af39d79f4a0e
"block: unify flags for struct bio and struct request"Cc: Boaz Harrosh
Signed-off-by: Benny Halevy
Signed-off-by: Jens Axboe -
The "h->scatter_list" is allocated inside a for loop. If any of those
allocations fail, then the rest of the list is uninitialized data. When
we free it we should start from the top and free backwards so that we
don't call kfree() on uninitialized pointers.Also if the allocation for "h->scatter_list" fails then we would get an
Oops here. I should have noticed this when I send: 4ee69851c "cciss:
handle allocation failure." but I didn't. Sorry about that.Signed-off-by: Dan Carpenter
Signed-off-by: Jens Axboe -
If another cpu does a very wide munmap() on the signal frame area,
it can tear down the page table hierarchy from underneath us.Borrow an idea from the 64-bit fault path's get_user_insn(), and
disable cross call interrupts during the page table traversal
to lock them in place while we operate.Reported-by: Al Viro
Signed-off-by: David S. Miller -
We used to have a hypercall which reloaded the entire GDT, then we
switched to one which loaded a single entry (to match the IDT code).Some comments were not updated, so fix them.
Signed-off-by: Rusty Russell
Reported by: Eviatar Khen -
A userspace could submit a buffer with 0 length to be written to the
host. Prevent such a situation.This was not needed previously, but recent changes in the way write()
works exposed this condition to trigger a virtqueue event to the host,
causing a NULL buffer to be sent across.Signed-off-by: Amit Shah
Signed-off-by: Rusty Russell
CC: stable@kernel.org -
I found this while working on a Linux agent for spice, the symptom I was
seeing was select blocking on the spice vdagent virtio serial port even
though there were messages queued up there.virtio_console's port_fops_poll checks port->inbuf != NULL to determine
if read won't block. However if an application reads enough bytes from
inbuf through port_fops_read, to empty the current port->inbuf,
port->inbuf will be NULL even though there may be buffers left in the
virtqueue.This causes poll() to block even though there is data to be read,
this patch fixes this by using will_read_block(port) instead of the
port->inbuf != NULL check.Signed-off-By: Hans de Goede
Signed-off-by: Amit Shah
Signed-off-by: Rusty Russell
Cc: stable@kernel.org -
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-2.6:
Staging: vt6655: fix buffer overflow
Revert: "Staging: batman-adv: Adding netfilter-bridge hooks" -
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6:
USB: musb: MAINTAINERS: Fix my mail address
USB: serial/mos*: prevent reading uninitialized stack memory
USB: otg: twl4030: fix phy initialization(v1)
USB: EHCI: Disable langwell/penwell LPM capability
usb: musb_debugfs: don't use the struct file private_data field with seq_files -
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty-2.6:
serial: mfd: fix bug in serial_hsu_remove()
serial: amba-pl010: fix set_ldisc -
"param->u.wpa_associate.wpa_ie_len" comes from the user. We should
check it so that the copy_from_user() doesn't overflow the buffer.Also further down in the function, we assume that if
"param->u.wpa_associate.wpa_ie_len" is set then "abyWPAIE[0]" is
initialized. To make that work, I changed the test here to say that if
"wpa_ie_len" is set then "wpa_ie" has to be a valid pointer or we return
-EINVAL.Oddly, we only use the first element of the abyWPAIE[] array. So I
suspect there may be some other issues in this function.Signed-off-by: Dan Carpenter
Cc: stable
Signed-off-by: Greg Kroah-Hartman -
This reverts commit 96d592ed599434d2d5f339a1d282871bc6377d2c.
The netfilter hook seems to be misused and may leak skbs in situations
when NF_HOOK returns NF_STOLEN. It may not filter everything as
expected. Also the ethernet bridge tables are not yet capable to
understand batman-adv packet correctly.It was only added for testing purposes and can be removed again.
Reported-by: Vasiliy Kulikov
Signed-off-by: Sven Eckelmann
Signed-off-by: Greg Kroah-Hartman -
Medfield HSU driver deal with 4 pci devices(3 uart ports + 1 dma controller),
so in pci remove func, we need handle them differentlySigned-off-by: Feng Tang
Signed-off-by: Alan Cox
Signed-off-by: Greg Kroah-Hartman
