GitHub/LineageOS/android_kernel_motorola_exynos9610.git
15 years agoMerge branch 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied...
Linus Torvalds [Tue, 4 Aug 2009 22:34:30 +0000 (15:34 -0700)]
Merge branch 'drm-fixes' of git://git./linux/kernel/git/airlied/drm-2.6

* 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6:
  drm/ttm: Read buffer overflow
  drm/radeon: Read buffer overflow
  drm/ttm: Fix a sync object leak.
  drm/radeon/kms: fix memory leak in radeon_driver_load_kms
  drm/radeon/kms: fix nomodeset.
  drm/ttm: Fix a potential comparison of structs.
  drm/radeon/kms: fix rv515 VRAM initialisation.
  drm/radeon: add some new r7xx pci ids
  drm: Catch stop possible NULL pointer reference
  drm: Small logic fix in drm_mode_setcrtc

15 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/deller...
Linus Torvalds [Tue, 4 Aug 2009 22:34:09 +0000 (15:34 -0700)]
Merge branch 'for-linus' of git://git./linux/kernel/git/deller/parisc-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-2.6:
  parisc: hppb.c - fix printk format strings
  parisc: parisc-agp.c - use correct page_mask function
  parisc: sticore.c - check return values
  parisc: dino.c - check return value of pci_assign_resource()
  parisc: hp_sdc_mlc.c - check return value of down_trylock()
  parisc: includecheck fix for ccio-dma.c
  parisc: Set correct bit in protection flags
  parisc: isa-eeprom - Fix loff_t usage
  parisc: fixed faulty check in lba_pci
  parisc: Fix read buffer overflow in pdc_stable driver
  parisc: Fix GOT overflow during module load on 64bit kernel

15 years agoflex_array: remove unneeded index calculation
Jonathan Corbet [Tue, 4 Aug 2009 19:35:17 +0000 (13:35 -0600)]
flex_array: remove unneeded index calculation

flex_array_get() calculates an index value, then drops it on the floor;
simply remove it.

Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Acked-by: Dave Hansen <dave@linux.vnet.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
15 years agoMerge branch 'perfcounters-fixes-for-linus' of git://git.kernel.org/pub/scm/linux...
Linus Torvalds [Tue, 4 Aug 2009 22:32:40 +0000 (15:32 -0700)]
Merge branch 'perfcounters-fixes-for-linus' of git://git./linux/kernel/git/tip/linux-2.6-tip

* 'perfcounters-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  perf_counter: Set the CONFIG_PERF_COUNTERS default to y if CONFIG_PROFILING=y
  perf: Fix read buffer overflow
  perf top: Add mwait_idle_with_hints to skip_symbols[]
  perf tools: Fix faulty check
  perf report: Update for the new FORK/EXIT events
  perf_counter: Full task tracing
  perf_counter: Collapse inherit on read()
  tracing, perf_counter: Add help text to CONFIG_EVENT_PROFILE
  perf_counter tools: Fix link errors with older toolchains

15 years agoMerge branch 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel...
Linus Torvalds [Tue, 4 Aug 2009 22:32:22 +0000 (15:32 -0700)]
Merge branch 'sched-fixes-for-linus' of git://git./linux/kernel/git/tip/linux-2.6-tip

* 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  sched: Fix race in cpupri introduced by cpumask_var changes
  sched: Fix latencytop and sleep profiling vs group scheduling

15 years agoMerge branch 'timers-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel...
Linus Torvalds [Tue, 4 Aug 2009 22:32:08 +0000 (15:32 -0700)]
Merge branch 'timers-fixes-for-linus' of git://git./linux/kernel/git/tip/linux-2.6-tip

* 'timers-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  posix-timers: Fix oops in clock_nanosleep() with CLOCK_MONOTONIC_RAW

15 years agoMerge branch 'tracing-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel...
Linus Torvalds [Tue, 4 Aug 2009 22:31:51 +0000 (15:31 -0700)]
Merge branch 'tracing-fixes-for-linus' of git://git./linux/kernel/git/tip/linux-2.6-tip

* 'tracing-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  tracing: Fix missing function_graph events when we splice_read from trace_pipe
  tracing: Fix invalid function_graph entry
  trace: stop tracer in oops_enter()
  ftrace: Only update $offset when we update $ref_func
  ftrace: Fix the conditional that updates $ref_func
  tracing: only truncate ftrace files when O_TRUNC is set
  tracing: show proper address for trace-printk format

15 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sameo/mfd-2.6
Linus Torvalds [Tue, 4 Aug 2009 22:29:25 +0000 (15:29 -0700)]
Merge branch 'for-linus' of git://git./linux/kernel/git/sameo/mfd-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sameo/mfd-2.6:
  mfd: twl4030 irq fixes

15 years agoMerge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git...
Linus Torvalds [Tue, 4 Aug 2009 22:28:59 +0000 (15:28 -0700)]
Merge branch 'x86-fixes-for-linus' of git://git./linux/kernel/git/tip/linux-2.6-tip

* 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  x86: Work around compilation warning in arch/x86/kernel/apm_32.c
  x86, UV: Complete IRQ interrupt migration in arch_enable_uv_irq()
  x86, 32-bit: Fix double accounting in reserve_top_address()
  x86: Don't use current_cpu_data in x2apic phys_pkg_id
  x86, UV: Fix UV apic mode
  x86, UV: Fix macros for accessing large node numbers
  x86, UV: Delete mapping of MMR rangs mapped by BIOS
  x86, UV: Handle missing blade-local memory correctly
  x86: fix assembly constraints in native_save_fl()
  x86, msr: execute on the correct CPU subset
  x86: Fix assert syntax in vmlinux.lds.S
  x86: Make 64-bit efi_ioremap use ioremap on MMIO regions
  x86: Add quirk to make Apple MacBook5,2 use reboot=pci
  x86: Fix CPA memtype reserving in the set_pages_array*() cases
  x86, pat: Fix set_memory_wc related corruption
  x86: fix section mismatch for i386 init code

15 years agoMerge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/davej/cpufreq
Linus Torvalds [Tue, 4 Aug 2009 22:28:46 +0000 (15:28 -0700)]
Merge branch 'fixes' of git://git./linux/kernel/git/davej/cpufreq

* 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/davej/cpufreq:
  [CPUFREQ] Make cpufreq suspend code conditional on powerpc.
  [CPUFREQ] Fix a kobject reference bug related to managed CPUs
  [CPUFREQ] Do not set policy for offline cpus
  [CPUFREQ] Fix NULL pointer dereference regression in conservative governor

15 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ryusuke...
Linus Torvalds [Tue, 4 Aug 2009 22:28:23 +0000 (15:28 -0700)]
Merge branch 'for-linus' of git://git./linux/kernel/git/ryusuke/nilfs2

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ryusuke/nilfs2:
  nilfs2: fix missing unlock in error path of nilfs_mdt_write_page
  nilfs2: fix oops due to inconsistent state in page with discrete b-tree nodes

15 years agoMerge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6
Linus Torvalds [Tue, 4 Aug 2009 22:27:56 +0000 (15:27 -0700)]
Merge git://git./linux/kernel/git/sfrench/cifs-2.6

* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6:
  [CIFS] Update readme to reflect forceuid mount parms
  cifs: Read buffer overflow
  cifs: show noforceuid/noforcegid mount options (try #2)
  cifs: reinstate original behavior when uid=/gid= options are specified
  [CIFS] Updates fs/cifs/CHANGES
  cifs: fix error handling in mount-time DFS referral chasing code

15 years ago[CPUFREQ] Make cpufreq suspend code conditional on powerpc.
Dave Jones [Tue, 4 Aug 2009 18:03:25 +0000 (14:03 -0400)]
[CPUFREQ] Make cpufreq suspend code conditional on powerpc.

The suspend code runs with interrupts disabled, and the powerpc workaround we
do in the cpufreq suspend hook calls the drivers ->get method.

powernow-k8's ->get does an smp_call_function_single
which needs interrupts enabled

cpufreq's suspend/resume code was added in 42d4dc3f4e1e to work around
a hardware problem on ppc powerbooks.  If we make all this code
conditional on powerpc, we avoid the issue above.

Signed-off-by: Dave Jones <davej@redhat.com>
15 years ago[CPUFREQ] Fix a kobject reference bug related to managed CPUs
Thomas Renninger [Wed, 29 Jul 2009 09:26:20 +0000 (11:26 +0200)]
[CPUFREQ] Fix a kobject reference bug related to managed CPUs

The first offline/online cycle is successful, the second not.
Doing:
echo 0 >cpu1/online
echo 1 >cpu1/online
echo 0 >cpu1/online

The last command will trigger:
Jul 22 14:39:50 linux kernel: [  593.210125] ------------[ cut here ]------------
Jul 22 14:39:50 linux kernel: [  593.210139] WARNING: at lib/kref.c:43 kref_get+0x23/0x2b()
Jul 22 14:39:50 linux kernel: [  593.210144] Hardware name: To Be Filled By O.E.M.
Jul 22 14:39:50 linux kernel: [  593.210148] Modules linked in: powernow_k8
Jul 22 14:39:50 linux kernel: [  593.210158] Pid: 378, comm: kondemand/2 Tainted: G        W  2.6.31-rc2 #38
Jul 22 14:39:50 linux kernel: [  593.210163] Call Trace:
Jul 22 14:39:50 linux kernel: [  593.210171]  [<ffffffff812008e8>] ? kref_get+0x23/0x2b
Jul 22 14:39:50 linux kernel: [  593.210181]  [<ffffffff81041926>] warn_slowpath_common+0x77/0xa4
Jul 22 14:39:50 linux kernel: [  593.210190]  [<ffffffff81041962>] warn_slowpath_null+0xf/0x11
Jul 22 14:39:50 linux kernel: [  593.210198]  [<ffffffff812008e8>] kref_get+0x23/0x2b
Jul 22 14:39:50 linux kernel: [  593.210206]  [<ffffffff811ffa19>] kobject_get+0x1a/0x22
Jul 22 14:39:50 linux kernel: [  593.210214]  [<ffffffff813e815d>] cpufreq_cpu_get+0x8a/0xcb
Jul 22 14:39:50 linux kernel: [  593.210222]  [<ffffffff813e87d1>] __cpufreq_driver_getavg+0x1d/0x67
Jul 22 14:39:50 linux kernel: [  593.210231]  [<ffffffff813ea18f>] do_dbs_timer+0x158/0x27f
Jul 22 14:39:50 linux kernel: [  593.210240]  [<ffffffff810529ea>] worker_thread+0x200/0x313
...

The output continues on every do_dbs_timer ondemand freq checking poll.
This regression was introduced by git commit:
3f4a782b5ce2698b1870b5a7b573cd721d4fce33

The policy is released when the cpufreq device is removed in:
__cpufreq_remove_dev():
/* if this isn't the CPU which is the parent of the kobj, we
 * only need to unlink, put and exit
 */

Not creating the symlink is not sever at all.
As long as:
sysfs_remove_link(&sys_dev->kobj, "cpufreq");
handles it gracefully that the symlink did not exist.
Possibly no error should be returned at all, because ondemand
governor would still provide the same functionality.
Userspace in userspace gov case might be confused if the link
is missing.

Resolves http://bugzilla.kernel.org/show_bug.cgi?id=13903

CC: Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca>
CC: Venkatesh Pallipadi <venkatesh.pallipadi@intel.com>
Signed-off-by: Thomas Renninger <trenn@suse.de>
Signed-off-by: Dave Jones <davej@redhat.com>
15 years ago[CPUFREQ] Do not set policy for offline cpus
Prarit Bhargava [Mon, 3 Aug 2009 14:58:11 +0000 (10:58 -0400)]
[CPUFREQ] Do not set policy for offline cpus

Suspend/Resume fails on multi socket, multi core systems because the cpufreq
code erroneously sets the per_cpu policy_cpu value when a logical cpu is
offline.

This most notably results in missing sysfs files that are used to set the
cpu frequencies of the various cpus.

Signed-off-by: Prarit Bhargava <prarit@redhat.com>
Signed-off-by: Dave Jones <davej@redhat.com>
15 years ago[CPUFREQ] Fix NULL pointer dereference regression in conservative governor
Pallipadi, Venkatesh [Wed, 29 Jul 2009 20:36:10 +0000 (13:36 -0700)]
[CPUFREQ] Fix NULL pointer dereference regression in conservative governor

Commit ee88415caf736b89500f16e0a545614541a45005
introduced this regression when it removed enable bit in cpu_dbs_info_s.
That added a possibility of dbs_cpufreq_notifier getting called for a
CPU that is not yet managed by conservative governor. That will happen
as the transition notifier is set as soon as one CPU switches to
conservative governor and other CPUs can get a NULL pointer dereference
without the enable bit check. Add the enable bit back again.

Reported-by: Lermytte Christophe <Christophe.Lermytte@thomson.net>
Signed-off-by: Venkatesh Pallipadi <venkatesh.pallipadi@intel.com>
Signed-off-by: Dave Jones <davej@redhat.com>
15 years agomfd: twl4030 irq fixes
Russell King [Mon, 27 Jul 2009 06:00:48 +0000 (11:30 +0530)]
mfd: twl4030 irq fixes

The TWL4030 IRQ handler has a bug which leads to spinlock lock-up. It is
calling the 'unmask' function in a process context. :The mask/unmask/ack
functions are only designed to be called from the IRQ handler code,
or the proper API interfaces found in linux/interrupt.h.

Also there is no need to have IRQ chaining mechanism. The right way to
handle this is to claim the parent interrupt as a standard interrupt
and arrange for handle_twl4030_pih to take care of the rest of the devices.

Mail thread on this issue can be found at:
http://marc.info/?l=linux-arm-kernel&m=124629940123396&w=2

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Tested-by: Santosh Shilimkar <santosh.shilimkar@ti.com>
Acked-by: Tony Lindgren <tony@atomide.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
15 years agoperf_counter: Set the CONFIG_PERF_COUNTERS default to y if CONFIG_PROFILING=y
Ingo Molnar [Mon, 29 Jun 2009 08:40:20 +0000 (10:40 +0200)]
perf_counter: Set the CONFIG_PERF_COUNTERS default to y if CONFIG_PROFILING=y

If user has already enabled profiling support in the kernel
(for oprofile, old-style profiling of ftrace) then offer up
perfcounters with a y default in interactive kconfig sessions.

Still keep it off by default otherwise.

Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agox86: Work around compilation warning in arch/x86/kernel/apm_32.c
Subrata Modak [Tue, 21 Jul 2009 02:32:27 +0000 (08:02 +0530)]
x86: Work around compilation warning in arch/x86/kernel/apm_32.c

The following fix was initially inspired by David Howells fix
few days back:

  http://lkml.org/lkml/2009/7/9/109

However, Ingo disapproves such fixes as it's dangerous (it can
hide future, relevant warnings) - in something as
performance-uncritical.

So, initialize 'err' to '0' to work around a GCC false positive
warning:

  http://lkml.org/lkml/2009/7/18/89

Signed-off-by: Subrata Modak<subrata@linux.vnet.ibm.com>
Cc: Sachin P Sant <sachinp@linux.vnet.ibm.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Balbir Singh <balbir@linux.vnet.ibm.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
LKML-Reference: <20090721023226.31855.67236.sendpatchset@subratamodak.linux.ibm.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agox86, UV: Complete IRQ interrupt migration in arch_enable_uv_irq()
Jack Steiner [Mon, 20 Jul 2009 14:28:41 +0000 (09:28 -0500)]
x86, UV: Complete IRQ interrupt migration in arch_enable_uv_irq()

In uv_setup_irq(), the call to create_irq() initially assigns
IRQ vectors to cpu 0. The subsequent call to
assign_irq_vector() in arch_enable_uv_irq() migrates the IRQ to
another cpu and frees the cpu 0 vector - at least it will be
freed as soon as the "IRQ move" completes.

arch_enable_uv_irq() needs to send a cleanup IPI to complete
the IRQ move. Otherwise, assignment of GRU interrupts on large
systems (>200 cpus) will exhaust the cpu 0 interrupt vectors
and initialization of the GRU driver will fail.

Signed-off-by: Jack Steiner <steiner@sgi.com>
LKML-Reference: <20090720142840.GA8885@sgi.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agox86, 32-bit: Fix double accounting in reserve_top_address()
Jan Beulich [Thu, 30 Jul 2009 15:49:30 +0000 (16:49 +0100)]
x86, 32-bit: Fix double accounting in reserve_top_address()

With VMALLOC_END included in the calculation of MAXMEM (as of
2.6.28) it is no longer correct to also bump __VMALLOC_RESERVE
in reserve_top_address(). Doing so results in needlessly small
lowmem.

Signed-off-by: Jan Beulich <jbeulich@novell.com>
LKML-Reference: <4A71DD2A020000780000D482@vpn.id2.novell.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agox86: Don't use current_cpu_data in x2apic phys_pkg_id
Yinghai Lu [Sat, 25 Jul 2009 10:23:09 +0000 (03:23 -0700)]
x86: Don't use current_cpu_data in x2apic phys_pkg_id

One system has socket 1 come up as BSP.

kexeced kernel reports BSP as:

[    1.524550] Initializing cgroup subsys cpuacct
[    1.536064] initial_apicid:20
[    1.537135] ht_mask_width:1
[    1.538128] core_select_mask:f
[    1.539126] core_plus_mask_width:5
[    1.558479] CPU: Physical Processor ID: 0
[    1.559501] CPU: Processor Core ID: 0
[    1.560539] CPU: L1 I cache: 32K, L1 D cache: 32K
[    1.579098] CPU: L2 cache: 256K
[    1.580085] CPU: L3 cache: 24576K
[    1.581108] CPU 0/0x20 -> Node 0
[    1.596193] CPU 0 microcode level: 0xffff0008

It doesn't have correct physical processor id and will get an
error:

[   38.840859] CPU0 attaching sched-domain:
[   38.848287]  domain 0: span 0,8,72 level SIBLING
[   38.851151]   groups: 0 8 72
[   38.858137]   domain 1: span 0,8-15,72-79 level MC
[   38.868944]    groups: 0,8,72 9,73 10,74 11,75 12,76 13,77 14,78 15,79
[   38.881383] ERROR: parent span is not a superset of domain->span
[   38.890724]    domain 2: span 0-7,64-71 level CPU
[   38.899237] ERROR: domain->groups does not contain CPU0
[   38.909229]     groups: 8-15,72-79
[   38.912547] ERROR: groups don't span domain->span
[   38.919665]     domain 3: span 0-127 level NODE
[   38.930739]      groups: 0-7,64-71 8-15,72-79 16-23,80-87 24-31,88-95 32-39,96-103 40-47,104-111 48-55,112-119 56-63,120-127

it turns out: we can not use current_cpu_data in phys_pgd_id
for x2apic.

identify_boot_cpu() is called by check_bugs() before
smp_prepare_cpus() and till smp_prepare_cpus() current_cpu_data
for bsp is assigned with boot_cpu_data.

Just make phys_pkg_id for x2apic is aligned to xapic.

Signed-off-by: Yinghai Lu <yinghai@kernel.org>
Acked-by: Suresh Siddha <suresh.b.siddha@intel.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
LKML-Reference: <4A6ADD0D.10002@kernel.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agox86, UV: Fix UV apic mode
Jack Steiner [Mon, 27 Jul 2009 14:38:56 +0000 (09:38 -0500)]
x86, UV: Fix UV apic mode

Change SGI UV default apicid mode to "physical". This is
required to match settings in the UV hub chip.

Signed-off-by: Jack Steiner <steiner@sgi.com>
LKML-Reference: <20090727143856.GA8905@sgi.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agox86, UV: Fix macros for accessing large node numbers
Jack Steiner [Mon, 27 Jul 2009 14:38:08 +0000 (09:38 -0500)]
x86, UV: Fix macros for accessing large node numbers

The UV chipset automatically supplies the upper bits on nodes
being referenced by MMR accesses. These bit can be deleted from
the hub addressing macros.

Signed-off-by: Jack Steiner <steiner@sgi.com>
LKML-Reference: <20090727143808.GA8076@sgi.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agox86, UV: Delete mapping of MMR rangs mapped by BIOS
Jack Steiner [Mon, 27 Jul 2009 14:36:56 +0000 (09:36 -0500)]
x86, UV: Delete mapping of MMR rangs mapped by BIOS

The UV BIOS has added additional MMR ranges that are mapped via
EFI virtual mode mappings. These ranges should be deleted from
ranges mapped by uv_system_init().

Signed-off-by: Jack Steiner <steiner@sgi.com>
Cc: linux-mm@kvack.org
LKML-Reference: <20090727143656.GA7698@sgi.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agox86, UV: Handle missing blade-local memory correctly
Jack Steiner [Mon, 27 Jul 2009 14:35:07 +0000 (09:35 -0500)]
x86, UV: Handle missing blade-local memory correctly

UV blades may not have any blade-local memory. Add a field
(nid) to the UV blade structure to indicates whether the node
has local memory. This is needed by the GRU driver (pushed
separately).

Signed-off-by: Jack Steiner <steiner@sgi.com>
Cc: linux-mm@kvack.org
LKML-Reference: <20090727143507.GA7006@sgi.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agoMerge branch 'tracing/fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/frederi...
Ingo Molnar [Tue, 4 Aug 2009 11:58:28 +0000 (13:58 +0200)]
Merge branch 'tracing/fixes' of git://git./linux/kernel/git/frederic/random-tracing into tracing/urgent

15 years agoperf: Fix read buffer overflow
Roel Kluin [Sun, 2 Aug 2009 11:43:11 +0000 (13:43 +0200)]
perf: Fix read buffer overflow

Check whether index is within bounds before testing the element.

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Cc: a.p.zijlstra@chello.nl
Cc: Andrew Morton <akpm@linux-foundation.org>
LKML-Reference: <4A757BCF.40101@gmail.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agoposix-timers: Fix oops in clock_nanosleep() with CLOCK_MONOTONIC_RAW
Hiroshi Shimamoto [Mon, 3 Aug 2009 02:48:19 +0000 (11:48 +0900)]
posix-timers: Fix oops in clock_nanosleep() with CLOCK_MONOTONIC_RAW

Prevent calling do_nanosleep() with clockid
CLOCK_MONOTONIC_RAW, it may cause oops, such as NULL pointer
dereference.

Signed-off-by: Hiroshi Shimamoto <h-shimamoto@ct.jp.nec.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: John Stultz <johnstul@us.ibm.com>
Cc: <stable@kernel.org>
LKML-Reference: <4A764FF3.50607@ct.jp.nec.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years ago[CIFS] Update readme to reflect forceuid mount parms
Steve French [Tue, 4 Aug 2009 03:53:28 +0000 (03:53 +0000)]
[CIFS] Update readme to reflect forceuid mount parms

Signed-off-by: Steve French <sfrench@us.ibm.com>
15 years agodrm/ttm: Read buffer overflow
Roel Kluin [Mon, 3 Aug 2009 12:22:53 +0000 (14:22 +0200)]
drm/ttm: Read buffer overflow

Check whether index is within bounds before grabbing the element.

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
15 years agodrm/radeon: Read buffer overflow
Roel Kluin [Mon, 3 Aug 2009 12:20:32 +0000 (14:20 +0200)]
drm/radeon: Read buffer overflow

Check whether index is within bounds before grabbing the element.

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
15 years agodrm/ttm: Fix a sync object leak.
Thomas Hellstrom [Mon, 3 Aug 2009 10:39:06 +0000 (12:39 +0200)]
drm/ttm: Fix a sync object leak.

If there are multiple simultaneous waiters for the same buffer object,
a temporary reference to its sync object may be leaked.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
15 years agodrm/radeon/kms: fix memory leak in radeon_driver_load_kms
Xiaotian Feng [Wed, 29 Jul 2009 13:28:24 +0000 (21:28 +0800)]
drm/radeon/kms: fix memory leak in radeon_driver_load_kms

This patch fixes following kmemleak report:
unreferenced object 0xffff88022cb53000 (size 4096):
  comm "work_for_cpu", pid 97, jiffies 4294672345
  backtrace:
    [<ffffffff810eb222>] create_object+0x19f/0x2a0
    [<ffffffff810eb422>] kmemleak_alloc+0x26/0x4c
    [<ffffffff810e363f>] __kmalloc+0x187/0x1b0
    [<ffffffffa005f3db>] kzalloc.clone.0+0x13/0x15 [radeon]
    [<ffffffffa005f403>] radeon_driver_load_kms+0x26/0xe1 [radeon]
    [<ffffffffa0017432>] drm_get_dev+0x37f/0x480 [drm]
    [<ffffffffa007f424>] radeon_pci_probe+0x15/0x269 [radeon]
    [<ffffffff811f8779>] local_pci_probe+0x17/0x1b
    [<ffffffff8105ffbb>] do_work_for_cpu+0x18/0x2a
    [<ffffffff81063c38>] kthread+0x8a/0x92
    [<ffffffff81012cba>] child_rip+0xa/0x20
    [<ffffffffffffffff>] 0xffffffffffffffff

Signed-off-by: Xiaotian Feng <dfeng@redhat.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
15 years agodrm/radeon/kms: fix nomodeset.
Dave Airlie [Mon, 3 Aug 2009 02:05:34 +0000 (12:05 +1000)]
drm/radeon/kms: fix nomodeset.

The ordering was wrong to get the nomodeset parameter to work.

Signed-off-by: Dave Airlie <airlied@redhat.com>
15 years agodrm/ttm: Fix a potential comparison of structs.
Thomas Hellstrom [Fri, 31 Jul 2009 08:47:51 +0000 (10:47 +0200)]
drm/ttm: Fix a potential comparison of structs.

On some architectures the comparison may cause a compilation failure.

Original partial fix Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>

Signed-off-by: Pekka Paalanen <pq@iki.fi>
Signed-off-by: Dave Airlie <airlied@redhat.com>
15 years agodrm/radeon/kms: fix rv515 VRAM initialisation.
Dave Airlie [Mon, 3 Aug 2009 02:03:03 +0000 (12:03 +1000)]
drm/radeon/kms: fix rv515 VRAM initialisation.

This got missed in the VRAM init re-workings.

Signed-of-by: Dave Airlie <airlied@redhat.com>
15 years agodrm/radeon: add some new r7xx pci ids
Alex Deucher [Mon, 3 Aug 2009 21:01:53 +0000 (17:01 -0400)]
drm/radeon: add some new r7xx pci ids

Signed-off-by: Alex Deucher <alexdeucher@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
15 years agodrm: Catch stop possible NULL pointer reference
Jakob Bornecrantz [Mon, 3 Aug 2009 12:43:59 +0000 (13:43 +0100)]
drm: Catch stop possible NULL pointer reference

This was caught by Weiss. Also added some comments to the
fb_changed and mode_changed variables to explain what they do.

Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Tested-by: Thomas White <taw@bitwiz.org.uk>
Signed-off-by: Dave Airlie <airlied@redhat.com>
15 years agodrm: Small logic fix in drm_mode_setcrtc
Jakob Bornecrantz [Mon, 3 Aug 2009 12:43:58 +0000 (13:43 +0100)]
drm: Small logic fix in drm_mode_setcrtc

Match the logic to the comments in the debug message

Signed-off-by: Jakob Bornecrantz <jakob@vmware.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
15 years agox86: fix assembly constraints in native_save_fl()
H. Peter Anvin [Mon, 3 Aug 2009 23:33:40 +0000 (16:33 -0700)]
x86: fix assembly constraints in native_save_fl()

From Gabe Black in bugzilla 13888:

native_save_fl is implemented as follows:

  11static inline unsigned long native_save_fl(void)
  12{
  13        unsigned long flags;
  14
  15        asm volatile("# __raw_save_flags\n\t"
  16                     "pushf ; pop %0"
  17                     : "=g" (flags)
  18                     : /* no input */
  19                     : "memory");
  20
  21        return flags;
  22}

If gcc chooses to put flags on the stack, for instance because this is
inlined into a larger function with more register pressure, the offset
of the flags variable from the stack pointer will change when the
pushf is performed. gcc doesn't attempt to understand that fact, and
address used for pop will still be the same. It will write to
somewhere near flags on the stack but not actually into it and
overwrite some other value.

I saw this happen in the ide_device_add_all function when running in a
simulator I work on. I'm assuming that some quirk of how the simulated
hardware is set up caused the code path this is on to be executed when
it normally wouldn't.

A simple fix might be to change "=g" to "=r".

Reported-by: Gabe Black <spamforgabe@umich.edu>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Cc: Stable Team <stable@kernel.org>
15 years agox86, msr: execute on the correct CPU subset
Borislav Petkov [Thu, 30 Jul 2009 09:10:01 +0000 (11:10 +0200)]
x86, msr: execute on the correct CPU subset

Make rdmsr_on_cpus/wrmsr_on_cpus execute on the current CPU only if it
is in the supplied bitmask.

Signed-off-by: Borislav Petkov <borislav.petkov@amd.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
15 years agox86: Fix assert syntax in vmlinux.lds.S
H. Peter Anvin [Mon, 3 Aug 2009 21:44:54 +0000 (14:44 -0700)]
x86: Fix assert syntax in vmlinux.lds.S

Older versions of binutils did not accept the naked "ASSERT" syntax;
it is considered an expression whose value needs to be assigned to
something.

Reported-tested-and-fixed-by: Jean Delvare <khali@linux-fr.org>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
15 years agocifs: Read buffer overflow
Roel Kluin [Sun, 2 Aug 2009 11:00:18 +0000 (13:00 +0200)]
cifs: Read buffer overflow

Check whether index is within bounds before testing the element.

Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
15 years agocifs: show noforceuid/noforcegid mount options (try #2)
Jeff Layton [Mon, 3 Aug 2009 16:45:10 +0000 (12:45 -0400)]
cifs: show noforceuid/noforcegid mount options (try #2)

Since forceuid is the default, we now need to show when it's disabled.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
15 years agox86: Make 64-bit efi_ioremap use ioremap on MMIO regions
Paul Mackerras [Mon, 3 Aug 2009 12:38:10 +0000 (22:38 +1000)]
x86: Make 64-bit efi_ioremap use ioremap on MMIO regions

Booting current 64-bit x86 kernels on the latest Apple MacBook
(MacBook5,2) via EFI gives the following warning:

[    0.182209] ------------[ cut here ]------------
[    0.182222] WARNING: at arch/x86/mm/pageattr.c:581 __cpa_process_fault+0x44/0xa0()
[    0.182227] Hardware name: MacBook5,2
[    0.182231] CPA: called for zero pte. vaddr = ffff8800ffe00000 cpa->vaddr = ffff8800ffe00000
[    0.182236] Modules linked in:
[    0.182242] Pid: 0, comm: swapper Not tainted 2.6.31-rc4 #6
[    0.182246] Call Trace:
[    0.182254]  [<ffffffff8102c754>] ? __cpa_process_fault+0x44/0xa0
[    0.182261]  [<ffffffff81048668>] warn_slowpath_common+0x78/0xd0
[    0.182266]  [<ffffffff81048744>] warn_slowpath_fmt+0x64/0x70
[    0.182272]  [<ffffffff8102c7ec>] ? update_page_count+0x3c/0x50
[    0.182280]  [<ffffffff818d25c5>] ? phys_pmd_init+0x140/0x22e
[    0.182286]  [<ffffffff8102c754>] __cpa_process_fault+0x44/0xa0
[    0.182292]  [<ffffffff8102ce60>] __change_page_attr_set_clr+0x5f0/0xb40
[    0.182301]  [<ffffffff810d1035>] ? vm_unmap_aliases+0x175/0x190
[    0.182307]  [<ffffffff8102d4ae>] change_page_attr_set_clr+0xfe/0x3d0
[    0.182314]  [<ffffffff8102dcca>] _set_memory_uc+0x2a/0x30
[    0.182319]  [<ffffffff8102dd4b>] set_memory_uc+0x7b/0xb0
[    0.182327]  [<ffffffff818afe31>] efi_enter_virtual_mode+0x2ad/0x2c9
[    0.182334]  [<ffffffff818a1c66>] start_kernel+0x2db/0x3f4
[    0.182340]  [<ffffffff818a1289>] x86_64_start_reservations+0x99/0xb9
[    0.182345]  [<ffffffff818a1389>] x86_64_start_kernel+0xe0/0xf2
[    0.182357] ---[ end trace 4eaa2a86a8e2da22 ]---
[    0.182982] init_memory_mapping: 00000000ffffc000-0000000100000000
[    0.182993]  00ffffc000 - 0100000000 page 4k

This happens because the 64-bit version of efi_ioremap calls
init_memory_mapping for all addresses, regardless of whether they are
RAM or MMIO.  The EFI tables on this machine ask for runtime access to
some MMIO regions:

[    0.000000] EFI: mem195: type=11, attr=0x8000000000000000, range=[0x0000000093400000-0x0000000093401000) (0MB)
[    0.000000] EFI: mem196: type=11, attr=0x8000000000000000, range=[0x00000000ffc00000-0x00000000ffc40000) (0MB)
[    0.000000] EFI: mem197: type=11, attr=0x8000000000000000, range=[0x00000000ffc40000-0x00000000ffc80000) (0MB)
[    0.000000] EFI: mem198: type=11, attr=0x8000000000000000, range=[0x00000000ffc80000-0x00000000ffca4000) (0MB)
[    0.000000] EFI: mem199: type=11, attr=0x8000000000000000, range=[0x00000000ffca4000-0x00000000ffcb4000) (0MB)
[    0.000000] EFI: mem200: type=11, attr=0x8000000000000000, range=[0x00000000ffcb4000-0x00000000ffffc000) (3MB)
[    0.000000] EFI: mem201: type=11, attr=0x8000000000000000, range=[0x00000000ffffc000-0x0000000100000000) (0MB)

This arranges to pass the EFI memory type through to efi_ioremap, and
makes efi_ioremap use ioremap rather than init_memory_mapping if the
type is EFI_MEMORY_MAPPED_IO.  With this, the above warning goes away.

Signed-off-by: Paul Mackerras <paulus@samba.org>
LKML-Reference: <19062.55858.533494.471153@cargo.ozlabs.ibm.com>
Cc: Huang Ying <ying.huang@intel.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
15 years agox86: Add quirk to make Apple MacBook5,2 use reboot=pci
Paul Mackerras [Mon, 3 Aug 2009 12:47:32 +0000 (22:47 +1000)]
x86: Add quirk to make Apple MacBook5,2 use reboot=pci

The latest Apple MacBook (MacBook5,2) doesn't reboot successfully
under Linux; neither the EFI reboot method nor the default method
using the keyboard controller works (the system just hangs and doesn't
reset).  However, the method using the "PCI reset register" at 0xcf9
does work.

This adds a quirk to detect this machine via DMI and force the
reboot_type to BOOT_CF9.  With this it reboots successfully without
requiring a command-line option.  Note that the EFI code forces
reboot_type to BOOT_EFI when the machine is booted via EFI, but this
overrides that since the core_initcall runs after the EFI
initialization code.

Signed-off-by: Paul Mackerras <paulus@samba.org>
LKML-Reference: <19062.56420.501516.316181@cargo.ozlabs.ibm.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
15 years agox86: Fix CPA memtype reserving in the set_pages_array*() cases
Thomas Hellstrom [Mon, 3 Aug 2009 07:25:45 +0000 (09:25 +0200)]
x86: Fix CPA memtype reserving in the set_pages_array*() cases

The code was incorrectly reserving memtypes using the page
virtual address instead of the physical address. Furthermore,
the code was not ignoring highmem pages as it ought to.

( upstream does not pass in highmem pages yet - but upcoming
  graphics code will do it and there's no reason to not handle
  this properly in the CPA APIs.)

Fixes: http://bugzilla.kernel.org/show_bug.cgi?id=13884

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Acked-by: Suresh Siddha <suresh.b.siddha@intel.com>
Cc: <stable@kernel.org>
Cc: dri-devel@lists.sourceforge.net
Cc: venkatesh.pallipadi@intel.com
LKML-Reference: <1249284345-7654-1-git-send-email-thellstrom@vmware.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agoMerge branch 'for-linus' of git://neil.brown.name/md
Linus Torvalds [Mon, 3 Aug 2009 04:31:40 +0000 (21:31 -0700)]
Merge branch 'for-linus' of git://neil.brown.name/md

* 'for-linus' of git://neil.brown.name/md:
  md: Use revalidate_disk to effect changes in size of device.
  md: allow raid5_quiesce to work properly when reshape is happening.
  md/raid5: set reshape_position correctly when reshape starts.
  md: Handle growth of v1.x metadata correctly.
  md: avoid array overflow with bad v1.x metadata
  md: when a level change reduces the number of devices, remove the excess.
  md: Push down data integrity code to personalities.
  md/raid6: release spare page at ->stop()

15 years agomd: Use revalidate_disk to effect changes in size of device.
NeilBrown [Mon, 3 Aug 2009 00:59:58 +0000 (10:59 +1000)]
md: Use revalidate_disk to effect changes in size of device.

As revalidate_disk calls check_disk_size_change, it will cause
any capacity change of a gendisk to be propagated to the blockdev
inode.  So use that instead of mucking about with locks and
i_size_write.

Also add a call to revalidate_disk in do_md_run and a few other places
where the gendisk capacity is changed.

Signed-off-by: NeilBrown <neilb@suse.de>
15 years agomd: allow raid5_quiesce to work properly when reshape is happening.
NeilBrown [Mon, 3 Aug 2009 00:59:58 +0000 (10:59 +1000)]
md: allow raid5_quiesce to work properly when reshape is happening.

The ->quiesce method is not supposed to stop resync/recovery/reshape,
just normal IO.
But in raid5 we don't have a way to know which stripes are being
used for normal IO and which for resync etc, so we need to wait for
all stripes to be idle to be sure that all writes have completed.

However reshape keeps at least some stripe busy for an extended period
of time, so a call to raid5_quiesce can block for several seconds
needlessly.
So arrange for reshape etc to pause briefly while raid5_quiesce is
trying to quiesce the array so that the active_stripes count can
drop to zero.

Signed-off-by: NeilBrown <neilb@suse.de>
15 years agomd/raid5: set reshape_position correctly when reshape starts.
NeilBrown [Mon, 3 Aug 2009 00:59:57 +0000 (10:59 +1000)]
md/raid5: set reshape_position correctly when reshape starts.

As the internal reshape_progress counter is the main driver
for reshape, the fact that reshape_position sometimes starts with the
wrong value has minimal effect.  It is visible in sysfs and that
is all.

Signed-off-by: NeilBrown <neilb@suse.de>
15 years agomd: Handle growth of v1.x metadata correctly.
NeilBrown [Mon, 3 Aug 2009 00:59:57 +0000 (10:59 +1000)]
md: Handle growth of v1.x metadata correctly.

The v1.x metadata does not have a fixed size and can grow
when devices are added.
If it grows enough to require an extra sector of storage,
we need to update the 'sb_size' to match.

Without this, md can write out an incomplete superblock with a
bad checksum, which will be rejected when trying to re-assemble
the array.

Cc: stable@kernel.org
Signed-off-by: NeilBrown <neilb@suse.de>
15 years agomd: avoid array overflow with bad v1.x metadata
NeilBrown [Mon, 3 Aug 2009 00:59:56 +0000 (10:59 +1000)]
md: avoid array overflow with bad v1.x metadata

We trust the 'desc_nr' field in v1.x metadata enough to use it
as an index in an array.  This isn't really safe.
So range-check the value first.

Signed-off-by: NeilBrown <neilb@suse.de>
15 years agomd: when a level change reduces the number of devices, remove the excess.
NeilBrown [Mon, 3 Aug 2009 00:59:55 +0000 (10:59 +1000)]
md: when a level change reduces the number of devices, remove the excess.

When an array is changed from RAID6 to RAID5, fewer drives are
needed.  So any device that is made superfluous by the level
conversion must be marked as not-active.
For the RAID6->RAID5 conversion, this will be a drive which only
has 'Q' blocks on it.

Cc: stable@kernel.org
Signed-off-by: NeilBrown <neilb@suse.de>
15 years agomd: Push down data integrity code to personalities.
Andre Noll [Mon, 3 Aug 2009 00:59:47 +0000 (10:59 +1000)]
md: Push down data integrity code to personalities.

This patch replaces md_integrity_check() by two new public functions:
md_integrity_register() and md_integrity_add_rdev() which are both
personality-independent.

md_integrity_register() is called from the ->run and ->hot_remove
methods of all personalities that support data integrity.  The
function iterates over the component devices of the array and
determines if all active devices are integrity capable and if their
profiles match. If this is the case, the common profile is registered
for the mddev via blk_integrity_register().

The second new function, md_integrity_add_rdev() is called from the
->hot_add_disk methods, i.e. whenever a new device is being added
to a raid array. If the new device does not support data integrity,
or has a profile different from the one already registered, data
integrity for the mddev is disabled.

For raid0 and linear, only the call to md_integrity_register() from
the ->run method is necessary.

Signed-off-by: Andre Noll <maan@systemlinux.org>
Signed-off-by: NeilBrown <neilb@suse.de>
15 years agoMerge git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog
Linus Torvalds [Sun, 2 Aug 2009 21:15:46 +0000 (14:15 -0700)]
Merge git://git./linux/kernel/git/wim/linux-2.6-watchdog

* git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog:
  [WATCHDOG] Fix COH 901 327 watchdog enablement

15 years agoMerge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux...
Linus Torvalds [Sun, 2 Aug 2009 21:15:27 +0000 (14:15 -0700)]
Merge branch 'release' of git://git./linux/kernel/git/lenb/linux-acpi-2.6

* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux-acpi-2.6:
  eeepc-laptop: fix hot-unplug on resume
  ACPI: Ingore the memory block with zero block size in course of memory hotplug
  ACPI: Don't treat generic error as ACPI error code in acpi memory hotplug driver
  ACPI: bind workqueues to CPU 0 to avoid SMI corruption
  ACPI: root-only read protection on /sys/firmware/acpi/tables/*
  thinkpad-acpi: fix incorrect use of TPACPI_BRGHT_MODE_ECNVRAM
  thinkpad-acpi: restrict procfs count value to sane upper limit
  thinkpad-acpi: remove dock and bay subdrivers
  thinkpad-acpi: disable broken bay and dock subdrivers
  hp-wmi: check that an input device exists in resume handler
  Revert "ACPICA: Remove obsolete acpi_os_validate_address interface"

15 years agoTTY: Maintainer change
Greg Kroah-Hartman [Sat, 1 Aug 2009 04:28:16 +0000 (21:28 -0700)]
TTY: Maintainer change

Clearly, I am a glutton for punishment.  I'll see if I can see Alan's
changes through to the end, otherwise I'll be fending off a lot of bug
reports for usb-serial devices.

Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
15 years agoMake pci_claim_resource() use request_resource() rather than insert_resource()
Linus Torvalds [Sun, 2 Aug 2009 21:04:19 +0000 (14:04 -0700)]
Make pci_claim_resource() use request_resource() rather than insert_resource()

This function has traditionally used "insert_resource()", because before
commit cebd78a8c5 ("Fix pci_claim_resource") it used to just insert the
resource into whatever root resource tree that was indicated by
"pcibios_select_root()".

So there Matthew fixed it to actually look up the proper parent
resource, which means that now it's actively wrong to then traverse the
resource tree any more: we already know exactly where the new resource
should go.

And when we then did commit a76117dfd6 ("x86: Use pci_claim_resource"),
which changed the x86 PCI code from the open-coded

pr = pci_find_parent_resource(dev, r);
if (!pr || request_resource(pr, r) < 0) {

to using

if (pci_claim_resource(dev, idx) < 0) {

that "insert_resource()" now suddenly became a problem, and causes a
regression covered by

http://bugzilla.kernel.org/show_bug.cgi?id=13891

which this fixes.

Reported-and-tested-by: Rafael J. Wysocki <rjw@sisk.pl>
Cc: Matthew Wilcox <willy@linux.intel.com>
Cc: Andrew Patterson <andrew.patterson@hp.com>
Cc: Linux PCI <linux-pci@vger.kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
15 years ago[WATCHDOG] Fix COH 901 327 watchdog enablement
Linus Walleij [Mon, 20 Jul 2009 22:40:46 +0000 (00:40 +0200)]
[WATCHDOG] Fix COH 901 327 watchdog enablement

Since the COH 901 327 found in U300 is clocked at 32 kHz we need
to wait for the interrupt clearing flag to propagate through
hardware in order not to accidentally fire off any interrupts
when we enable them.

Signed-off-by: Linus Walleij <linus.walleij@stericsson.com>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
15 years agoMerge branch 'misc-2.6.31' into release
Len Brown [Sun, 2 Aug 2009 16:55:51 +0000 (12:55 -0400)]
Merge branch 'misc-2.6.31' into release

15 years agoMerge branch 'bugzilla-13825' into release
Len Brown [Sun, 2 Aug 2009 16:36:01 +0000 (12:36 -0400)]
Merge branch 'bugzilla-13825' into release

15 years agoeeepc-laptop: fix hot-unplug on resume
Alan Jenkins [Mon, 29 Jun 2009 08:40:07 +0000 (09:40 +0100)]
eeepc-laptop: fix hot-unplug on resume

OOPS on resume when the wireless adaptor is disabled during suspend was
introduced by "eeepc-laptop: read rfkill soft-blocked state on resume".

Unable to handle kernel NULL pointer dereference

Process s2disk
Tainted: G W
IP: klist_put

Call trace:
? klist_del
? device_del
? device_unregister
? pci_stop_dev
? pci_stop_bus
? pci_remove_device
? eeepc_rfkill_hotplug [eeepc_laptop]
? eeepc_hotk_resume [eeepc_laptop]
? acpi_device_resume
? device_resume
? hibernation_snapshot

It appears the PCI device is removed twice.  The eeepc_rfkill_hotplug()
call from the resume handler is racing against the call from the ACPI
notifier callback.  The ACPI notification is triggered by the resume
handler when it refreshes the value of CM_ASL_WLAN.

The fix is to serialize hotplug calls using a workqueue.

http://bugzilla.kernel.org/show_bug.cgi?id=13825

Signed-off-by: Alan Jenkins <alan-jenkins@tuffmail.co.uk>
Acked-by: Corentin Chary <corentin.chary@gmail.com>
Signed-off-by: Len Brown <len.brown@intel.com>
15 years agoMerge branch 'memhotplug-crash' into release
Len Brown [Sun, 2 Aug 2009 16:27:26 +0000 (12:27 -0400)]
Merge branch 'memhotplug-crash' into release

15 years agoACPI: Ingore the memory block with zero block size in course of memory hotplug
Zhao Yakui [Tue, 7 Jul 2009 02:56:11 +0000 (10:56 +0800)]
ACPI: Ingore the memory block with zero block size in course of memory hotplug

If the memory block size is zero, ignore it and don't do the memory hotplug
flowchart. Otherwise it will complain the following warning message:
  >System RAM resource 0 - ffffffffffffffff cannot be added

Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Signed-off-by: Len Brown <len.brown@intel.com>
15 years agoACPI: Don't treat generic error as ACPI error code in acpi memory hotplug driver
Zhao Yakui [Fri, 3 Jul 2009 02:49:03 +0000 (10:49 +0800)]
ACPI: Don't treat generic error as ACPI error code in acpi memory hotplug driver

Don't treat the generic error as ACPI error code. Otherwise when the generic
code is returned, it will complain the following warning messag:
   >ACPI Exception (acpi_memhotplug-0171): UNKNOWN_STATUS_CODE,
Cannot get acpi bus device [20080609]
   >ACPI: Cannot find driver data
   > ACPI Error (utglobal-0127): Unknown exception code: 0xFFFFFFED [20080609]
   > Pid: 85, comm: kacpi_notify Not tainted 2.6.27.19-5-default #1
     Call Trace:
     [<ffffffff8020da29>] show_trace_log_lvl+0x41/0x58
     [<ffffffff8049a3da>] dump_stack+0x69/0x6f
    .....

At the same time when the generic error code is returned, the ACPI_EXCEPTION
is replaced by the printk.

Signed-off-by: Zhao Yakui <yakui.zhao@intel.com>
Signed-off-by: Len Brown <len.brown@intel.com>
15 years agoMerge branch 'bugzilla-13751' into release
Len Brown [Sun, 2 Aug 2009 16:10:02 +0000 (12:10 -0400)]
Merge branch 'bugzilla-13751' into release

15 years agoACPI: bind workqueues to CPU 0 to avoid SMI corruption
Bjorn Helgaas [Wed, 29 Jul 2009 21:54:25 +0000 (15:54 -0600)]
ACPI: bind workqueues to CPU 0 to avoid SMI corruption

On some machines, a software-initiated SMI causes corruption unless the
SMI runs on CPU 0.  An SMI can be initiated by any AML, but typically it's
done in GPE-related methods that are run via workqueues, so we can avoid
the known corruption cases by binding the workqueues to CPU 0.

References:
    http://bugzilla.kernel.org/show_bug.cgi?id=13751
    https://bugs.launchpad.net/bugs/157171
    https://bugs.launchpad.net/bugs/157691

Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com>
Signed-off-by: Len Brown <len.brown@intel.com>
15 years agoMerge branch 'thinkpad' into release
Len Brown [Sun, 2 Aug 2009 15:34:24 +0000 (11:34 -0400)]
Merge branch 'thinkpad' into release

15 years agoMerge branch 'bugzilla-13865' into release
Len Brown [Sun, 2 Aug 2009 15:33:01 +0000 (11:33 -0400)]
Merge branch 'bugzilla-13865' into release

15 years agoMerge branch 'bugzilla-13620-revert' into release
Len Brown [Sun, 2 Aug 2009 15:31:32 +0000 (11:31 -0400)]
Merge branch 'bugzilla-13620-revert' into release

15 years agoACPI: root-only read protection on /sys/firmware/acpi/tables/*
Len Brown [Thu, 30 Jul 2009 20:00:53 +0000 (16:00 -0400)]
ACPI: root-only read protection on /sys/firmware/acpi/tables/*

they were world readable.

Signed-off-by: Len Brown <len.brown@intel.com>
15 years agoparisc: hppb.c - fix printk format strings
Helge Deller [Sun, 2 Aug 2009 13:42:39 +0000 (15:42 +0200)]
parisc: hppb.c - fix printk format strings

Fix those warnings:
drivers/parisc/hppb.c: In function 'hppb_probe':
drivers/parisc/hppb.c:65: warning: format '%x' expects type 'unsigned int', but argument 2 has type 'resource_size_t'
drivers/parisc/hppb.c:77: warning: format '%08x' expects type 'unsigned int', but argument 3 has type 'resource_size_t'
drivers/parisc/hppb.c:77: warning: format '%08x' expects type 'unsigned int', but argument 4 has type 'resource_size_t'

Signed-off-by: Helge Deller <deller@gmx.de>
15 years agoparisc: parisc-agp.c - use correct page_mask function
Helge Deller [Sun, 2 Aug 2009 13:35:43 +0000 (15:35 +0200)]
parisc: parisc-agp.c - use correct page_mask function

Fix those compiler warnings, which indeed point to a bug:
drivers/char/agp/parisc-agp.c:228: warning: initialization from incompatible pointer type
drivers/char/agp/parisc-agp.c:201: warning: 'parisc_agp_page_mask_memory' defined but not used

Signed-off-by: Helge Deller <deller@gmx.de>
15 years agoparisc: sticore.c - check return values
Helge Deller [Sun, 2 Aug 2009 13:26:51 +0000 (15:26 +0200)]
parisc: sticore.c - check return values

Signed-off-by: Helge Deller <deller@gmx.de>
15 years agonilfs2: fix missing unlock in error path of nilfs_mdt_write_page
Ryusuke Konishi [Sun, 2 Aug 2009 08:45:55 +0000 (17:45 +0900)]
nilfs2: fix missing unlock in error path of nilfs_mdt_write_page

This adds a missing unlock of nilfs->ns_writer_mutex in
nilfs_mdt_write_page() function.

Signed-off-by: Ryusuke Konishi <konishi.ryusuke@lab.ntt.co.jp>
15 years agoparisc: dino.c - check return value of pci_assign_resource()
Helge Deller [Sun, 2 Aug 2009 13:17:37 +0000 (15:17 +0200)]
parisc: dino.c - check return value of pci_assign_resource()

Signed-off-by: Helge Deller <deller@gmx.de>
15 years agoparisc: hp_sdc_mlc.c - check return value of down_trylock()
Helge Deller [Sun, 2 Aug 2009 13:13:29 +0000 (15:13 +0200)]
parisc: hp_sdc_mlc.c - check return value of down_trylock()

Signed-off-by: Helge Deller <deller@gmx.de>
15 years agosched: Fix race in cpupri introduced by cpumask_var changes
Gregory Haskins [Thu, 30 Jul 2009 14:57:28 +0000 (10:57 -0400)]
sched: Fix race in cpupri introduced by cpumask_var changes

Background:

Several race conditions in the scheduler have cropped up
recently, which Steven and I have tracked down using ftrace.
The most recent one turns out to be a race in how the scheduler
determines a suitable migration target for RT tasks, introduced
recently with commit:

    commit 68e74568fbe5854952355e942acca51f138096d9
    Date:   Tue Nov 25 02:35:13 2008 +1030

        sched: convert struct cpupri_vec cpumask_var_t.

The original design of cpupri allowed lockless readers to
quickly determine a best-estimate target.  Races between the
pri_active bitmap and the vec->mask were handled in the
original code because we would detect and return "0" when this
occured.  The design was predicated on the *effective*
atomicity (*) of caching the result of cpus_and() between the
cpus_allowed and the vec->mask.

Commit 68e74568 changed the behavior such that vec->mask is
accessed multiple times.  This introduces a subtle race, the
result of which means we can have a result that returns "1",
but with an empty bitmap.

*) yes, we know cpus_and() is not a locked operator across the
   entire composite array, but it is implicitly atomic on a
   per-word basis which is all the design required to work.

Implementation:

Rather than forgoing the lockless design, or reverting to a
stack-based cpumask_t, we simply check for when the race has
been encountered and continue processing in the event that the
race is hit.  This renders the removal race as if the priority
bit had been atomically cleared as well, and allows the
algorithm to execute correctly.

Signed-off-by: Gregory Haskins <ghaskins@novell.com>
CC: Rusty Russell <rusty@rustcorp.com.au>
CC: Steven Rostedt <srostedt@redhat.com>
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
LKML-Reference: <20090730145728.25226.92769.stgit@dev.haskins.net>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agosched: Fix latencytop and sleep profiling vs group scheduling
Peter Zijlstra [Thu, 23 Jul 2009 18:13:26 +0000 (20:13 +0200)]
sched: Fix latencytop and sleep profiling vs group scheduling

The latencytop and sleep accounting code assumes that any
scheduler entity represents a task, this is not so.

Cc: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agoperf top: Add mwait_idle_with_hints to skip_symbols[]
Arnaldo Carvalho de Melo [Sun, 26 Jul 2009 22:06:19 +0000 (19:06 -0300)]
perf top: Add mwait_idle_with_hints to skip_symbols[]

We skip the display of idle routine related symbols because
they are typically rather erratic and confusing: they depend
on the IRQ rate or sometimes they dominate the profile if
they are polling based.

Add mwait_idle_with_hints too, this is one of the idle
routines on x86.

Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agoperf tools: Fix faulty check
Stoyan Gaydarov [Thu, 30 Jul 2009 10:25:29 +0000 (05:25 -0500)]
perf tools: Fix faulty check

This patch fixes a spelling error that has resulted from copy
and pasting. The location of the error was found using a
semantic patch but the semantic patch was not trying to find
these errors. After looking things over it seemed logical that
this change was needed. Please review it and then include the
patch if it is in fact the correct change.

Signed-off-by: Stoyan Gaydarov <sgayda2@uiuc.edu>
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
LKML-Reference: <1248949529-20891-1-git-send-email-sgayda2@uiuc.edu>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agoperf report: Update for the new FORK/EXIT events
Peter Zijlstra [Thu, 23 Jul 2009 14:52:41 +0000 (16:52 +0200)]
perf report: Update for the new FORK/EXIT events

Since FORK is now also issued for threads, detect those by
comparing the parent and child PID.

Teach it about EXIT events and ignore them.

Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Paul Mackerras <paulus@samba.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agoperf_counter: Full task tracing
Peter Zijlstra [Thu, 23 Jul 2009 12:46:33 +0000 (14:46 +0200)]
perf_counter: Full task tracing

In order to be able to distinguish between no samples due to
inactivity and no samples due to task ended, Arjan asked for
PERF_EVENT_EXIT events. This is useful to the boot delay
instrumentation (bootchart) app.

This patch changes the PERF_EVENT_FORK to be emitted on every
clone, and adds PERF_EVENT_EXIT to be emitted on task exit,
after the task's counters have been closed.

This task tracing is controlled through: attr.comm || attr.mmap
and through the new attr.task field.

Suggested-by: Arjan van de Ven <arjan@linux.intel.com>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Anton Blanchard <anton@samba.org>
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
[ cleaned up perf_counter.h a bit ]
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agoperf_counter: Collapse inherit on read()
Peter Zijlstra [Fri, 24 Jul 2009 12:42:10 +0000 (14:42 +0200)]
perf_counter: Collapse inherit on read()

Currently the counter value returned by read() is the value of
the parent counter, to which child counters are only fed back
on child exit.

Thus read() can return rather erratic (and meaningless) numbers
depending on the state of the child processes.

Change this by always iterating the full child hierarchy on
read() and sum all counters.

Suggested-by: Corey Ashford <cjashfor@linux.vnet.ibm.com>
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
LKML-Reference: <new-submission>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agotracing, perf_counter: Add help text to CONFIG_EVENT_PROFILE
Peter Zijlstra [Wed, 29 Jul 2009 08:50:09 +0000 (10:50 +0200)]
tracing, perf_counter: Add help text to CONFIG_EVENT_PROFILE

Explain what tracepoint profiling sources are about.

Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Acked-by: Jeff Garzik <jeff@garzik.org>
LKML-Reference: <1248856508.6987.3041.camel@twins>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
15 years agoparisc: includecheck fix for ccio-dma.c
Jaswinder Singh Rajput [Wed, 8 Jul 2009 15:27:20 +0000 (15:27 +0000)]
parisc: includecheck fix for ccio-dma.c

fix the following 'make includecheck' warning:

  drivers/parisc/ccio-dma.c: linux/proc_fs.h is included more than once.

Signed-off-by: Jaswinder Singh Rajput <jaswinderrajput@gmail.com>
Signed-off-by: Helge Deller <deller@gmx.de>
15 years agoparisc: Set correct bit in protection flags
John David Anglin [Mon, 13 Jul 2009 01:44:37 +0000 (01:44 +0000)]
parisc: Set correct bit in protection flags

Signed-off-by: John David Anglin <dave@hiauly1.hia.nrc.ca>
Signed-off-by: Helge Deller <deller@gmx.de>
15 years agoparisc: isa-eeprom - Fix loff_t usage
Michael Buesch [Mon, 20 Jul 2009 22:58:44 +0000 (22:58 +0000)]
parisc: isa-eeprom - Fix loff_t usage

loff_t is a signed type. If userspace passes a negative ppos, the "count"
range check is weakened. "count"s bigger than HPEE_MAX_LENGTH will pass the check.
Also, if ppos is negative, the readb(eisa_eeprom_addr + *ppos) will poke in random
memory.

Signed-off-by: Michael Buesch <mb@bu3sch.de>
Cc: stable@kernel.org
Signed-off-by: Helge Deller <deller@gmx.de>
15 years agoparisc: fixed faulty check in lba_pci
Stoyan Gaydarov [Thu, 30 Jul 2009 10:25:19 +0000 (10:25 +0000)]
parisc: fixed faulty check in lba_pci

This patche fixes a spelling error that has resulted from copy and pasting.
The location of the error was found using a semantic patch but the semantic
patch was not trying to find these errors. After looking things over it
seemed logical that this change was needed.

Signed-off-by: Stoyan Gaydarov <sgayda2@uiuc.edu>
Signed-off-by: Helge Deller <deller@gmx.de>
15 years agoparisc: Fix read buffer overflow in pdc_stable driver
Roel Kluin [Sun, 2 Aug 2009 08:02:28 +0000 (08:02 +0000)]
parisc: Fix read buffer overflow in pdc_stable driver

Check whether index is within bounds before testing the element.

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Helge Deller <deller@gmx.de>
15 years agoparisc: Fix GOT overflow during module load on 64bit kernel
John David Anglin [Sun, 2 Aug 2009 10:34:08 +0000 (12:34 +0200)]
parisc: Fix GOT overflow during module load on 64bit kernel

Signed-off-by: John David Anglin <dave.anglin@nrc-cnrc.gc.ca>
Signed-off-by: Helge Deller <deller@gmx.de>
15 years agothinkpad-acpi: fix incorrect use of TPACPI_BRGHT_MODE_ECNVRAM
Henrique de Moraes Holschuh [Sat, 1 Aug 2009 15:04:20 +0000 (12:04 -0300)]
thinkpad-acpi: fix incorrect use of TPACPI_BRGHT_MODE_ECNVRAM

HBRV-based default selection of backlight control strategy didn't work
well, at least the X41 defines it but doesn't use it and I don't think
it will stop there.

Switch to a white/blacklist.  All models that have HBRV defined have
been included in the list, and initially all ATI GPUs will get
ECNVRAM, and the Intel GPUs will get UCMS_STEP.

Symptoms of incorrect backlight mode selection are:

1. Non-working backlight control through sysfs;

2. Backlight gets reset to the lowest level at every shutdown, reboot
   and when thinkpad-acpi gets unloaded;

This fixes a regression in 2.6.30, bugzilla #13826

Signed-off-by: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
Reported-by: Tobias Diedrich <ranma+kernel@tdiedrich.de>
Cc: stable@kernel.org
Signed-off-by: Len Brown <len.brown@intel.com>
15 years agothinkpad-acpi: restrict procfs count value to sane upper limit
Michael Buesch [Sat, 1 Aug 2009 15:04:19 +0000 (12:04 -0300)]
thinkpad-acpi: restrict procfs count value to sane upper limit

Signed-off-by: Michael Buesch <mb@bu3sch.de>
Acked-by: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
Signed-off-by: Len Brown <len.brown@intel.com>
15 years agocifs: reinstate original behavior when uid=/gid= options are specified
Jeff Layton [Fri, 31 Jul 2009 10:56:09 +0000 (06:56 -0400)]
cifs: reinstate original behavior when uid=/gid= options are specified

This patch fixes the regression reported here:

http://bugzilla.kernel.org/show_bug.cgi?id=13861

commit 4ae1507f6d266d0cc3dd36e474d83aad70fec9e4 changed the default
behavior when the uid= or gid= option was specified for a mount. The
existing behavior was to always clobber the ownership information
provided by the server when these options were specified. The above
commit changed this behavior so that these options simply provided
defaults when the server did not provide this information (unless
"forceuid" or "forcegid" were specified)

This patch reverts this change so that the default behavior is restored.
It also adds "noforceuid" and "noforcegid" options to make it so that
ownership information from the server is preserved, even when the mount
has uid= or gid= options specified.

It also adds a couple of printk notices that pop up when forceuid or
forcegid options are specified without a uid= or gid= option.

Reported-by: Tom Chiverton <bugzilla.kernel.org@falkensweb.com>
Reviewed-by: Shirish Pargaonkar <shirishp@us.ibm.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
15 years agothinkpad-acpi: remove dock and bay subdrivers
Henrique de Moraes Holschuh [Sat, 1 Aug 2009 15:04:18 +0000 (12:04 -0300)]
thinkpad-acpi: remove dock and bay subdrivers

The standard ACPI dock driver can handle the hotplug bays and docks of
the ThinkPads just fine (including batteries) as of 2.6.27, and the
code in thinkpad-acpi for the dock and bay subdrivers is currently
broken anyway...

Userspace needs some love to support the two-stage ejection nicely,
but it is simple enough to do through udev rules (you don't even need
HAL) so this wouldn't justify fixing the dock and bay subdrivers,
either.

That leaves warm-swap bays (_EJ3) support for thinkpad-acpi, as well
as support for the weird dock of the model 570, but since such support
has never left the "experimental" stage, it is also not a strong
enough reason to find a way to fix this code.

Users of ThinkPads with warm-swap bays are urged to request that _EJ3
support be added to the regular ACPI dock driver, if such feature is
indeed useful for them.

Signed-off-by: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
Signed-off-by: Len Brown <len.brown@intel.com>
15 years agothinkpad-acpi: disable broken bay and dock subdrivers
Henrique de Moraes Holschuh [Sat, 1 Aug 2009 15:04:17 +0000 (12:04 -0300)]
thinkpad-acpi: disable broken bay and dock subdrivers

Currently, the ThinkPad-ACPI bay and dock drivers are completely
broken, and cause a NULL pointer derreference in kernel mode (and,
therefore, an OOPS) when they try to issue events (i.e. on dock,
undock, bay ejection, etc).

OTOH, the standard ACPI dock driver can handle the hotplug bays and
docks of the ThinkPads just fine (including batteries) as of 2.6.27.
In fact, it does a much better job of it than thinkpad-acpi ever did.

It is just not worth the hassle to find a way to fix this crap without
breaking the (deprecated) thinkpad-acpi dock/bay ABI.  This is old,
deprecated code that sees little testing or use.

As a quick fix suitable for -stable backports, mark the thinkpad-acpi
bay and dock subdrivers as BROKEN in Kconfig.  The dead code will be
removed by a later patch.

This fixes bugzilla #13669, and should be applied to 2.6.27 and later.

Signed-off-by: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
Reported-by: Joerg Platte <jplatte@naasa.net>
Cc: stable@kernel.org
Signed-off-by: Len Brown <len.brown@intel.com>
15 years agodo_sigaltstack: small cleanups
Linus Torvalds [Sat, 1 Aug 2009 18:18:56 +0000 (11:18 -0700)]
do_sigaltstack: small cleanups

The previous commit ("do_sigaltstack: avoid copying 'stack_t' as a
structure to user space") fixed a real bug.  This one just cleans up the
copy from user space to that gcc can generate better code for it (and so
that it looks the same as the later copy back to user space).

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
15 years agodo_sigaltstack: avoid copying 'stack_t' as a structure to user space
Linus Torvalds [Sat, 1 Aug 2009 17:34:56 +0000 (10:34 -0700)]
do_sigaltstack: avoid copying 'stack_t' as a structure to user space

Ulrich Drepper correctly points out that there is generally padding in
the structure on 64-bit hosts, and that copying the structure from
kernel to user space can leak information from the kernel stack in those
padding bytes.

Avoid the whole issue by just copying the three members one by one
instead, which also means that the function also can avoid the need for
a stack frame.  This also happens to match how we copy the new structure
from user space, so it all even makes sense.

[ The obvious solution of adding a memset() generates horrid code, gcc
  does really stupid things. ]

Reported-by: Ulrich Drepper <drepper@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>