GitHub/LineageOS/G12/android_kernel_amlogic_linux-4.9.git
13 years agoMerge branch 'signals-review' into ptrace
Oleg Nesterov [Wed, 18 May 2011 13:09:07 +0000 (15:09 +0200)]
Merge branch 'signals-review' into ptrace

13 years agosignal: trivial, fix the "timespec declared inside parameter list" warning
Oleg Nesterov [Wed, 18 May 2011 13:08:03 +0000 (15:08 +0200)]
signal: trivial, fix the "timespec declared inside parameter list" warning

Fix the compile warning, do_sigtimedwait(struct timespec *) in signal.h
needs the forward declaration of timespec.

Reported-and-acked-by: Mike Frysinger <vapier.adi@gmail.com>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
13 years agojob control: reorganize wait_task_stopped()
Tejun Heo [Thu, 12 May 2011 08:47:23 +0000 (10:47 +0200)]
job control: reorganize wait_task_stopped()

wait_task_stopped() tested task_stopped_code() without acquiring
siglock and, if stop condition existed, called wait_task_stopped() and
directly returned the result.  This patch moves the initial
task_stopped_code() testing into wait_task_stopped() and make
wait_consider_task() fall through to wait_task_continue() on 0 return.

This is for the following two reasons.

* Because the initial task_stopped_code() test is done without
  acquiring siglock, it may race against SIGCONT generation.  The
  stopped condition might have been replaced by continued state by the
  time wait_task_stopped() acquired siglock.  This may lead to
  unexpected failure of WNOHANG waits.

  This reorganization addresses this single race case but there are
  other cases - TASK_RUNNING -> TASK_STOPPED transition and EXIT_*
  transitions.

* Scheduled ptrace updates require changes to the initial test which
  would fit better inside wait_task_stopped().

Signed-off-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
13 years agoptrace: fix signal->wait_chldexit usage in task_clear_group_stop_trapping()
Tejun Heo [Fri, 6 May 2011 09:52:22 +0000 (11:52 +0200)]
ptrace: fix signal->wait_chldexit usage in task_clear_group_stop_trapping()

GROUP_STOP_TRAPPING waiting mechanism piggybacks on
signal->wait_chldexit which is primarily used to implement waiting for
wait(2) and friends.  When do_wait() waits on signal->wait_chldexit,
it uses a custom wake up callback, child_wait_callback(), which
expects the child task which is waking up the parent to be passed in
as @key to filter out spurious wakeups.

task_clear_group_stop_trapping() used __wake_up_sync() which uses NULL
@key causing the following oops if the parent was doing do_wait().

  BUG: unable to handle kernel NULL pointer dereference at 00000000000002d8
  IP: [<ffffffff810499f9>] child_wait_callback+0x29/0x80
  PGD 1d899067 PUD 1e418067 PMD 0
  Oops: 0000 [#1] PREEMPT SMP
  last sysfs file: /sys/devices/pci0000:00/0000:00:03.0/local_cpus
  CPU 2
  Modules linked in:

  Pid: 4498, comm: test-continued Not tainted 2.6.39-rc6-work+ #32 Bochs Bochs
  RIP: 0010:[<ffffffff810499f9>]  [<ffffffff810499f9>] child_wait_callback+0x29/0x80
  RSP: 0000:ffff88001b889bf8  EFLAGS: 00010046
  RAX: 0000000000000000 RBX: ffff88001fab3af8 RCX: 0000000000000000
  RDX: 0000000000000001 RSI: 0000000000000002 RDI: ffff88001d91df20
  RBP: ffff88001b889c08 R08: 0000000000000000 R09: 0000000000000000
  R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
  R13: ffff88001fb70550 R14: 0000000000000000 R15: 0000000000000001
  FS:  00007f26ccae4700(0000) GS:ffff88001fd00000(0000) knlGS:0000000000000000
  CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
  CR2: 00000000000002d8 CR3: 000000001b8ac000 CR4: 00000000000006e0
  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
  DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
  Process test-continued (pid: 4498, threadinfo ffff88001b888000, task ffff88001fb88000)
  Stack:
   ffff88001b889c18 ffff88001fb70538 ffff88001b889c58 ffffffff810312f9
   0000000000000001 0000000200000001 ffff88001b889c58 ffff88001fb70518
   0000000000000002 0000000000000082 0000000000000001 0000000000000000
  Call Trace:
   [<ffffffff810312f9>] __wake_up_common+0x59/0x90
   [<ffffffff81035263>] __wake_up_sync_key+0x53/0x80
   [<ffffffff810352a0>] __wake_up_sync+0x10/0x20
   [<ffffffff8105a984>] task_clear_jobctl_trapping+0x44/0x50
   [<ffffffff8105bcbc>] ptrace_stop+0x7c/0x290
   [<ffffffff8105c20a>] do_signal_stop+0x28a/0x2d0
   [<ffffffff8105d27f>] get_signal_to_deliver+0x14f/0x5a0
   [<ffffffff81002175>] do_signal+0x75/0x7b0
   [<ffffffff8100292d>] do_notify_resume+0x5d/0x70
   [<ffffffff8182e36a>] retint_signal+0x46/0x8c
  Code: 00 00 55 48 89 e5 53 48 83 ec 08 0f 1f 44 00 00 8b 47 d8 83 f8 03 74 3a 85 c0 49 89 c8 75 23 89 c0 48 8b 5f e0 4c 8d 0c 40 31 c0 <4b> 39 9c c8 d8 02 00 00 74 1d 48 83 c4 08 5b c9 c3 66 0f 1f 44

Fix it by using __wake_up_sync_key() and passing in the child as @key.

I still think it's a mistake to piggyback on wait_chldexit for this.
Given the relative low frequency of ptrace use, we would be much
better off leaving already complex wait_chldexit alone and using bit
waitqueue.

Signed-off-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
13 years agosignal: sys_sigprocmask() needs retarget_shared_pending()
Oleg Nesterov [Mon, 9 May 2011 11:48:56 +0000 (13:48 +0200)]
signal: sys_sigprocmask() needs retarget_shared_pending()

sys_sigprocmask() changes current->blocked by hand. Convert this code
to use set_current_blocked().

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
13 years agosignal: cleanup sys_sigprocmask()
Oleg Nesterov [Thu, 28 Apr 2011 09:36:20 +0000 (11:36 +0200)]
signal: cleanup sys_sigprocmask()

Cleanup. Remove the unneeded goto's, we can simply read blocked.sig[0]
unconditionally and then copy-to-user it if oset != NULL.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
13 years agosignal: rename signandsets() to sigandnsets()
Oleg Nesterov [Wed, 27 Apr 2011 20:01:27 +0000 (22:01 +0200)]
signal: rename signandsets() to sigandnsets()

As Tejun and Linus pointed out, "nand" is the wrong name for "x & ~y",
it should be "andn". Rename signandsets() as suggested.

Suggested-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Tejun Heo <tj@kernel.org>
13 years agosignal: do_sigtimedwait() needs retarget_shared_pending()
Oleg Nesterov [Wed, 27 Apr 2011 19:56:14 +0000 (21:56 +0200)]
signal: do_sigtimedwait() needs retarget_shared_pending()

do_sigtimedwait() changes current->blocked and thus it needs
set_current_blocked()->retarget_shared_pending().

We could use set_current_blocked() directly. It is fine to change
->real_blocked from all-zeroes to ->blocked and vice versa lockless,
but this is not immediately clear, looks racy, and needs a huge
comment to explain why this is correct.

To keep the things simple this patch adds the new static helper,
__set_task_blocked() which should be called with ->siglock held. This
way we can change both ->real_blocked and ->blocked atomically under
->siglock as the current code does. This is more understandable.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
13 years agosignal: introduce do_sigtimedwait() to factor out compat/native code
Oleg Nesterov [Wed, 27 Apr 2011 19:44:14 +0000 (21:44 +0200)]
signal: introduce do_sigtimedwait() to factor out compat/native code

Factor out the common code in sys_rt_sigtimedwait/compat_sys_rt_sigtimedwait
to the new helper, do_sigtimedwait().

Add the comment to document the extra tick we add to timespec_to_jiffies(ts),
thanks to Linus who explained this to me.

Perhaps it would be better to move compat_sys_rt_sigtimedwait() into
signal.c under CONFIG_COMPAT, then we can make do_sigtimedwait() static.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
13 years agosignal: sys_rt_sigtimedwait: simplify the timeout logic
Oleg Nesterov [Wed, 27 Apr 2011 19:24:19 +0000 (21:24 +0200)]
signal: sys_rt_sigtimedwait: simplify the timeout logic

No functional changes, cleanup compat_sys_rt_sigtimedwait() and
sys_rt_sigtimedwait().

Calculate the timeout before we take ->siglock, this simplifies and
lessens the code. Use timespec_valid() to check the timespec.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Tejun Heo <tj@kernel.org>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
13 years agosignal: cleanup sys_rt_sigprocmask()
Oleg Nesterov [Wed, 27 Apr 2011 19:18:10 +0000 (21:18 +0200)]
signal: cleanup sys_rt_sigprocmask()

sys_rt_sigprocmask() looks unnecessarily complicated, simplify it.
We can just read current->blocked lockless unconditionally before
anything else and then copy-to-user it if needed.  At worst we
copy 4 words on mips.

We could copy-to-user the old mask first and simplify the code even
more, but the patch tries to keep the current behaviour: we change
current->block even if copy_to_user(oset) fails.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
Acked-by: Tejun Heo <tj@kernel.org>
13 years agox86: signal: sys_rt_sigreturn() should use set_current_blocked()
Oleg Nesterov [Wed, 27 Apr 2011 19:09:39 +0000 (21:09 +0200)]
x86: signal: sys_rt_sigreturn() should use set_current_blocked()

Normally sys_rt_sigreturn() restores the old current->blocked which was
changed by handle_signal(), and unblocking is always fine.

But the debugger or application itself can change frame->uc_sigmask and
thus we need set_current_blocked()->retarget_shared_pending().

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
Acked-by: Tejun Heo <tj@kernel.org>
13 years agox86: signal: handle_signal() should use set_current_blocked()
Oleg Nesterov [Wed, 27 Apr 2011 19:04:28 +0000 (21:04 +0200)]
x86: signal: handle_signal() should use set_current_blocked()

This is ugly, but if sigprocmask() needs retarget_shared_pending() then
handle signal should follow this logic. In theory it is newer correct to
add the new signals to current->blocked, the signal handler can sleep/etc
so we should notify other threads in case we block the pending signal and
nobody else has TIF_SIGPENDING.

Of course, this change doesn't make signals faster :/

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
Acked-by: Tejun Heo <tj@kernel.org>
13 years agosignal: sigprocmask() should do retarget_shared_pending()
Oleg Nesterov [Wed, 27 Apr 2011 18:59:41 +0000 (20:59 +0200)]
signal: sigprocmask() should do retarget_shared_pending()

In short, almost every changing of current->blocked is wrong, or at least
can lead to the unexpected results.

For example. Two threads T1 and T2, T1 sleeps in sigtimedwait/pause/etc.
kill(tgid, SIG) can pick T2 for TIF_SIGPENDING. If T2 calls sigprocmask()
and blocks SIG before it notices the pending signal, nobody else can handle
this pending shared signal.

I am not sure this is bug, but at least this looks strange imho. T1 should
not sleep forever, there is a signal which should wake it up.

This patch moves the code which actually changes ->blocked into the new
helper, set_current_blocked() and changes this code to call
retarget_shared_pending() as exit_signals() does. We should only care about
the signals we just blocked, we use "newset & ~current->blocked" as a mask.

We do not check !sigisemptyset(newblocked), retarget_shared_pending() is
cheap unless mask & shared_pending.

Note: for this particular case we could simply change sigprocmask() to
return -EINTR if signal_pending(), but then we should change other callers
and, more importantly, if we need this fix then set_current_blocked() will
have more callers and some of them can't restart. See the next patch as a
random example.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
Acked-by: Tejun Heo <tj@kernel.org>
13 years agosignal: sigprocmask: narrow the scope of ->siglock
Oleg Nesterov [Wed, 27 Apr 2011 17:54:20 +0000 (19:54 +0200)]
signal: sigprocmask: narrow the scope of ->siglock

No functional changes, preparation to simplify the review of the next change.

1. We can read current->block lockless, nobody else can ever change this mask.

2. Calculate the resulting sigset_t outside of ->siglock into the temporary
   variable, then take ->siglock and change ->blocked.

Also, kill the stale comment about BKL.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
Acked-by: Tejun Heo <tj@kernel.org>
13 years agosignal: retarget_shared_pending: optimize while_each_thread() loop
Oleg Nesterov [Wed, 27 Apr 2011 17:50:21 +0000 (19:50 +0200)]
signal: retarget_shared_pending: optimize while_each_thread() loop

retarget_shared_pending() blindly does recalc_sigpending_and_wake() for
every sub-thread, this is suboptimal. We can check t->blocked and stop
looping once every bit in shared_pending has the new target.

Note: we do not take task_is_stopped_or_traced(t) into account, we are
not trying to speed up the signal delivery or to avoid the unnecessary
(but harmless) signal_wake_up(0) in this unlikely case.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
Acked-by: Tejun Heo <tj@kernel.org>
13 years agosignal: retarget_shared_pending: consider shared/unblocked signals only
Oleg Nesterov [Wed, 27 Apr 2011 17:18:39 +0000 (19:18 +0200)]
signal: retarget_shared_pending: consider shared/unblocked signals only

exit_signals() checks signal_pending() before retarget_shared_pending() but
this is suboptimal. We can avoid the while_each_thread() loop in case when
there are no shared signals visible to us.

Add the "shared_pending.signal & ~blocked" check. We don't use tsk->blocked
directly but pass ~blocked as an argument, this is needed for the next patch.

Note: we can optimize this more. while_each_thread(t) can check t->blocked
into account and stop after every pending signal has the new target, see the
next patch.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
Acked-by: Tejun Heo <tj@kernel.org>
13 years agosignal: introduce retarget_shared_pending()
Oleg Nesterov [Wed, 27 Apr 2011 17:17:37 +0000 (19:17 +0200)]
signal: introduce retarget_shared_pending()

No functional changes. Move the notify-other-threads code from exit_signals()
to the new helper, retarget_shared_pending().

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Matt Fleming <matt.fleming@linux.intel.com>
Acked-by: Tejun Heo <tj@kernel.org>
13 years agoMerge branch 'ptrace' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/misc into...
Oleg Nesterov [Thu, 7 Apr 2011 18:44:11 +0000 (20:44 +0200)]
Merge branch 'ptrace' of git://git./linux/kernel/git/tj/misc into ptrace

13 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid
Linus Torvalds [Thu, 7 Apr 2011 16:42:13 +0000 (09:42 -0700)]
Merge branch 'for-linus' of git://git./linux/kernel/git/jikos/hid

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
  HID: Add support for CH Pro Throttle
  HID: hid-magicmouse: Increase evdev buffer size
  HID: add FF support for Logitech G25/G27
  HID: roccat: Add support for wireless variant of Pyra
  HID: Fix typo Keyoutch -> Keytouch
  HID: add support for Skycable 0x3f07 wireless presenter

13 years agofix build fail for hv_mouse indefine udelay
Youquan Song [Wed, 6 Apr 2011 06:35:12 +0000 (14:35 +0800)]
fix build fail for hv_mouse indefine udelay

Fix build failure issue for hv_mouse
When build 2.6.39-rc1 kernel, it will be blocked at build hv_mouse.

  drivers/staging/hv/hv_mouse.c: In function ‘ReleaseInputDevice’:
  drivers/staging/hv/hv_mouse.c:293: error: implicit declaration of function ‘udelay’

Signed-off-by: Youquan Song <youquan.song@intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agomm: avoid wrapping vm_pgoff in mremap()
Linus Torvalds [Thu, 7 Apr 2011 14:35:50 +0000 (07:35 -0700)]
mm: avoid wrapping vm_pgoff in mremap()

The normal mmap paths all avoid creating a mapping where the pgoff
inside the mapping could wrap around due to overflow.  However, an
expanding mremap() can take such a non-wrapping mapping and make it
bigger and cause a wrapping condition.

Noticed by Robert Swiecki when running a system call fuzzer, where it
caused a BUG_ON() due to terminally confusing the vma_prio_tree code.  A
vma dumping patch by Hugh then pinpointed the crazy wrapped case.

Reported-and-tested-by: Robert Swiecki <robert@swiecki.net>
Acked-by: Hugh Dickins <hughd@google.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agoHID: Add support for CH Pro Throttle
Jiri Kosina [Wed, 6 Apr 2011 14:12:32 +0000 (07:12 -0700)]
HID: Add support for CH Pro Throttle

CH Pro Throttle needs NOGET the same way as other products from
the same vendor require.

Reported-by: Unavowed <unavowed@vexillium.org>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
13 years agoHID: hid-magicmouse: Increase evdev buffer size
Chase Douglas [Fri, 1 Apr 2011 21:03:39 +0000 (17:03 -0400)]
HID: hid-magicmouse: Increase evdev buffer size

The evdev buffer isn't big enough when you get many fingers on the
device. Bump up the buffer to a reasonable size, matching what other
multitouch devices use. Without this change, events may be discarded in
the evdev buffer before they are read.

Reported-by: Simon Budig <simon@budig.de>
Cc: Henrik Rydberg <rydberg@euromail.se>
Cc: Jiri Kosina <jkosina@suse.cz>
Cc: stable@kernel.org
Signed-off-by: Chase Douglas <chase.douglas@canonical.com>
Acked-by: Henrik Rydberg <rydberg@euromail.se>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
13 years agoLinux 2.6.39-rc2
Linus Torvalds [Wed, 6 Apr 2011 01:30:43 +0000 (18:30 -0700)]
Linux 2.6.39-rc2

13 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux...
Linus Torvalds [Tue, 5 Apr 2011 22:29:01 +0000 (15:29 -0700)]
Merge branch 'for-linus' of git://git./linux/kernel/git/axboe/linux-2.6-block

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux-2.6-block:
  ide: always ensure that blk_delay_queue() is called if we have pending IO
  block: fix request sorting at unplug
  dm: improve block integrity support
  fs: export empty_aops
  ide: ide_requeue_and_plug() reinstate "always plug" behaviour
  blk-throttle: don't call xchg on bool
  ufs: remove unessecary blk_flush_plug
  block: make the flush insertion use the tail of the dispatch list
  block: get rid of elv_insert() interface
  block: dump request state on seeing a corrupted request completion

13 years agoinotify: fix double free/corruption of stuct user
Eric Paris [Tue, 5 Apr 2011 21:20:50 +0000 (17:20 -0400)]
inotify: fix double free/corruption of stuct user

On an error path in inotify_init1 a normal user can trigger a double
free of struct user.  This is a regression introduced by a2ae4cc9a16e
("inotify: stop kernel memory leak on file creation failure").

We fix this by making sure that if a group exists the user reference is
dropped when the group is cleaned up.  We should not explictly drop the
reference on error and also drop the reference when the group is cleaned
up.

The new lifetime rules are that an inotify group lives from
inotify_new_group to the last fsnotify_put_group.  Since the struct user
and inotify_devs are directly tied to this lifetime they are only
changed/updated in those two locations.  We get rid of all special
casing of struct user or user->inotify_devs.

Signed-off-by: Eric Paris <eparis@redhat.com>
Cc: stable@kernel.org (2.6.37 and up)
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agoide: always ensure that blk_delay_queue() is called if we have pending IO
Jens Axboe [Tue, 5 Apr 2011 01:29:57 +0000 (03:29 +0200)]
ide: always ensure that blk_delay_queue() is called if we have pending IO

Just because we are not requeuing a request does not mean that
some aren't pending. So always issue a blk_delay_queue() if
either we are requeueing OR there's pending IO.

This fixes a boot problem for some IDE boxes.

Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
13 years agoblock: fix request sorting at unplug
Konstantin Khlebnikov [Sun, 3 Apr 2011 22:15:02 +0000 (00:15 +0200)]
block: fix request sorting at unplug

Comparison function for list_sort() must be anticommutative,
otherwise it is not sorting in ordinary meaning.

But fortunately list_sort() always check ((*cmp)(priv, a, b) <= 0)
it not distinguish negative and zero, so comparison function can
implement only less-or-equal instead of full three-way comparison.

Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
13 years agodm: improve block integrity support
Mike Snitzer [Fri, 1 Apr 2011 19:02:31 +0000 (21:02 +0200)]
dm: improve block integrity support

The current block integrity (DIF/DIX) support in DM is verifying that
all devices' integrity profiles match during DM device resume (which
is past the point of no return).  To some degree that is unavoidable
(stacked DM devices force this late checking).  But for most DM
devices (which aren't stacking on other DM devices) the ideal time to
verify all integrity profiles match is during table load.

Introduce the notion of an "initialized" integrity profile: a profile
that was blk_integrity_register()'d with a non-NULL 'blk_integrity'
template.  Add blk_integrity_is_initialized() to allow checking if a
profile was initialized.

Update DM integrity support to:
- check all devices with _initialized_ integrity profiles match
  during table load; uninitialized profiles (e.g. for underlying DM
  device(s) of a stacked DM device) are ignored.
- disallow a table load that would result in an integrity profile that
  conflicts with a DM device's existing (in-use) integrity profile
- avoid clearing an existing integrity profile
- validate all integrity profiles match during resume; but if they
  don't all we can do is report the mismatch (during resume we're past
  the point of no return)

Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Cc: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
13 years agofs: export empty_aops
Jens Axboe [Tue, 5 Apr 2011 21:51:48 +0000 (23:51 +0200)]
fs: export empty_aops

With the ->sync_page() hook gone, we have a few users that
add their own static address_space_operations without any
functions defined.

fs/inode.c already has an empty_aops that it uses for init
purposes. Lets export that and use it in the places where
an otherwise empty aops was defined.

Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
13 years agoide: ide_requeue_and_plug() reinstate "always plug" behaviour
Jens Axboe [Wed, 30 Mar 2011 10:22:23 +0000 (12:22 +0200)]
ide: ide_requeue_and_plug() reinstate "always plug" behaviour

We see stalls if we don't always ensure that the queue gets run
again. Even if rq == NULL, we could have other pending requests
in the queue.

Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
13 years agoblk-throttle: don't call xchg on bool
Andreas Schwab [Wed, 30 Mar 2011 10:21:56 +0000 (12:21 +0200)]
blk-throttle: don't call xchg on bool

xchg does not work portably with smaller than 32bit types.

Signed-off-by: Andreas Schwab <schwab@linux-m68k.org>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
13 years agoufs: remove unessecary blk_flush_plug
Christoph Hellwig [Wed, 30 Mar 2011 10:17:43 +0000 (12:17 +0200)]
ufs: remove unessecary blk_flush_plug

We already flush the per-process plugging list when context switching,
so a blk_flush_plug call just before a yield() is not needed.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
13 years agoblock: make the flush insertion use the tail of the dispatch list
Jens Axboe [Wed, 30 Mar 2011 11:27:09 +0000 (13:27 +0200)]
block: make the flush insertion use the tail of the dispatch list

It's not a preempt type request, in fact we have to insert it
behind requests that do specify INSERT_FRONT.

Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
13 years agoblock: get rid of elv_insert() interface
Jens Axboe [Wed, 30 Mar 2011 07:52:30 +0000 (09:52 +0200)]
block: get rid of elv_insert() interface

Merge it with __elv_add_request(), it's pretty pointless to
have a function with only two callers. The main interface
is elv_add_request()/__elv_add_request().

Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
13 years agoblock: dump request state on seeing a corrupted request completion
Jens Axboe [Wed, 30 Mar 2011 07:51:33 +0000 (09:51 +0200)]
block: dump request state on seeing a corrupted request completion

Currently we just dump a non-informative 'request botched' message.
Lets actually try and print something sane to help debug issues
around this.

Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
13 years agoMerge branch 'drm-intel-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/keith...
Linus Torvalds [Tue, 5 Apr 2011 20:39:49 +0000 (13:39 -0700)]
Merge branch 'drm-intel-fixes' of git://git./linux/kernel/git/keithp/linux-2.6

* 'drm-intel-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/keithp/linux-2.6:
  drm/i915/lvds: Remove 0xa0 DDC probe for LVDS
  drm/i915/crt: Remove 0xa0 probe for VGA

13 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
Linus Torvalds [Tue, 5 Apr 2011 19:35:29 +0000 (12:35 -0700)]
Merge branch 'for-linus' of git://git./linux/kernel/git/dtor/input

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
  Input: rpckbd - fix a leak of the IRQ during init failure
  Input: wacom - add support for Lenovo tablet ID (0xE6)
  Input: i8042 - downgrade selftest error message to dbg()
  Input: synaptics - fix crash in synaptics_module_init()
  Input: spear-keyboard - fix inverted condition in interrupt handler
  Input: uinput - allow for 0/0 min/max on absolute axes.
  Input: sparse-keymap - report KEY_UNKNOWN for unknown scan codes
  Input: sparse-keymap - report scancodes with key events
  Input: h3600_ts_input - fix a spelling error
  Input: wacom - report resolution for pen devices
  Input: wacom - constify wacom_features for a new missed Bamboo models

13 years agoMerge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc
Linus Torvalds [Tue, 5 Apr 2011 19:29:43 +0000 (12:29 -0700)]
Merge branch 'merge' of git://git./linux/kernel/git/benh/powerpc

* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc:
  powerpc/pseries: Fix build without CONFIG_HOTPLUG_CPU
  powerpc: Set nr_cpu_ids early and use it to free PACAs
  powerpc/pseries: Don't register global initcall
  powerpc/kexec: Fix mismatched ifdefs for PPC64/SMP.
  edac/mpc85xx: Limit setting/clearing of HID1[RFXE] to e500v1/v2 cores
  powerpc/85xx: Update dts for PCIe memory maps to match u-boot of Px020RDB

13 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/btrfs...
Linus Torvalds [Tue, 5 Apr 2011 19:29:25 +0000 (12:29 -0700)]
Merge branch 'for-linus' of git://git./linux/kernel/git/mason/btrfs-unstable

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/btrfs-unstable:
  Btrfs: don't warn in btrfs_add_orphan
  Btrfs: fix free space cache when there are pinned extents and clusters V2
  Btrfs: Fix uninitialized root flags for subvolumes
  btrfs: clear __GFP_FS flag in the space cache inode
  Btrfs: fix memory leak in start_transaction()
  Btrfs: fix memory leak in btrfs_ioctl_start_sync()
  Btrfs: fix subvol_sem leak in btrfs_rename()
  Btrfs: Fix oops for defrag with compression turned on
  Btrfs: fix /proc/mounts info.
  Btrfs: fix compiler warning in file.c

13 years agoMerge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
Linus Torvalds [Tue, 5 Apr 2011 19:26:57 +0000 (12:26 -0700)]
Merge git://git./linux/kernel/git/davem/net-2.6

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (27 commits)
  ipv6: Don't pass invalid dst_entry pointer to dst_release().
  mlx4: fix kfree on error path in new_steering_entry()
  tcp: len check is unnecessarily devastating, change to WARN_ON
  sctp: malloc enough room for asconf-ack chunk
  sctp: fix auth_hmacs field's length of struct sctp_cookie
  net: Fix dev dev_ethtool_get_rx_csum() for forced NETIF_F_RXCSUM
  usbnet: use eth%d name for known ethernet devices
  starfire: clean up dma_addr_t size test
  iwlegacy: fix bugs in change_interface
  carl9170: Fix tx aggregation problems with some clients
  iwl3945: disable hw scan by default
  wireless: rt2x00: rt2800usb.c add and identify ids
  iwl3945: do not deprecate software scan
  mac80211: fix aggregation frame release during timeout
  cfg80211: fix BSS double-unlinking (continued)
  cfg80211:: fix possible NULL pointer dereference
  mac80211: fix possible NULL pointer dereference
  mac80211: fix NULL pointer dereference in ieee80211_key_alloc()
  ath9k: fix a chip wakeup related crash in ath9k_start
  mac80211: fix a crash in minstrel_ht in HT mode with no supported MCS rates
  ...

13 years agodrm/i915/lvds: Remove 0xa0 DDC probe for LVDS
Chris Wilson [Tue, 5 Apr 2011 15:04:40 +0000 (16:04 +0100)]
drm/i915/lvds: Remove 0xa0 DDC probe for LVDS

This is a revert of 428d2e828c0a68206e5158a42451487601dc9194.

This is broken in the same manner as for VGA: trying to write to an
invalid address on the (currently 7-bit) i2c bus.

One notable failure appears to be for MacBooks. The scary part was that
it gave the appearance of working (i.e. reporting the absence of the
panel) on various all-in-one machines with ghost LVDS panels and not
failing for laptops.

Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Acked-by: Dave Airlie <airlied@linux.ie>
Signed-off-by: Keith Packard <keithp@keithp.com>
13 years agodrm/i915/crt: Remove 0xa0 probe for VGA
Chris Wilson [Tue, 5 Apr 2011 15:04:39 +0000 (16:04 +0100)]
drm/i915/crt: Remove 0xa0 probe for VGA

This is a moral revert of 6ec3d0c0e9c0c605696e91048eebaca7b0c36695.

Following the fix to reset the GMBUS controller after a NAK, we finally
utilize the 0xa0 probe for a CRT connection. And discover that the code
is broken. Shock.

There are a number of issues, but following a key insight from Dave
Airlie, that 0xA0 is an invalid address on a 7-bit bus (though not if we
were to enable 10-bit addressing), and would look like the EDID port
0x50, it is possible to see where the confusion starts.

In short, a write to 0xA0 is accepted by the GMBUS controller which we
interpreted as meaning the existence of a connection (a slave on the
other end of the wire ACKing the write). That was false.

During testing with a broken GMBUS implementation, which never reset an
earlier NAK, this test always reported a NAK and so we proceeded on to
the next test.

Reported-and-tested-by: Sitsofe Wheeler <sitsofe@yahoo.com>
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=35904
Reported-and-tested-by: Riccardo Magliocchetti <riccardo.magliocchetti@gmail.com>
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=32612
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Acked-by: Dave Airlie <airlied@linux.ie>
Signed-off-by: Keith Packard <keithp@keithp.com>
13 years agopowerpc/pseries: Fix build without CONFIG_HOTPLUG_CPU
Matt Evans [Thu, 31 Mar 2011 19:33:08 +0000 (19:33 +0000)]
powerpc/pseries: Fix build without CONFIG_HOTPLUG_CPU

Signed-off-by: Matt Evans <matt@ozlabs.au.ibm.com>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
13 years agopowerpc: Set nr_cpu_ids early and use it to free PACAs
Ryan Grimm [Thu, 31 Mar 2011 19:33:02 +0000 (19:33 +0000)]
powerpc: Set nr_cpu_ids early and use it to free PACAs

Without this, "holes" in the CPU numbering can cause us to
free too many PACAs

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
13 years agopowerpc/pseries: Don't register global initcall
Benjamin Herrenschmidt [Thu, 31 Mar 2011 18:49:45 +0000 (18:49 +0000)]
powerpc/pseries: Don't register global initcall

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
13 years agopowerpc/kexec: Fix mismatched ifdefs for PPC64/SMP.
Paul Gortmaker [Thu, 31 Mar 2011 07:27:20 +0000 (07:27 +0000)]
powerpc/kexec: Fix mismatched ifdefs for PPC64/SMP.

Commit b3df895aebe091b1657 "powerpc/kexec: Add support for FSL-BookE"
introduced the original PPC_STD_MMU_64 checks around the function
crash_kexec_wait_realmode().   Then commit c2be05481f61252
"powerpc: Fix default_machine_crash_shutdown #ifdef botch" changed
the ifdef around the calling site to add a check on SMP, but the
ifdef around the function itself was left unchanged, leaving an
unused function for PPC_STD_MMU_64=y and SMP=n

Rather than have two ifdefs that can get out of sync like this,
simply put the corrected conditional around the function and use
a stub to get rid of one set of ifdefs completely.

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
13 years agoMerge remote branch 'kumar/merge' into merge
Benjamin Herrenschmidt [Tue, 5 Apr 2011 06:20:22 +0000 (16:20 +1000)]
Merge remote branch 'kumar/merge' into merge

13 years agoBtrfs: don't warn in btrfs_add_orphan
Josef Bacik [Mon, 28 Mar 2011 13:43:25 +0000 (13:43 +0000)]
Btrfs: don't warn in btrfs_add_orphan

When I moved the orphan adding to btrfs_truncate I missed the fact that during
orphan cleanup we just add the orphan items to the orphan list without going
through btrfs_orphan_add, which results in lots of warnings on mount if you have
any orphan items that need to be truncated.  Just remove this warning since it's
ok, this will allow all of the normal space accounting take place.  Thanks,

Signed-off-by: Josef Bacik <josef@redhat.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
13 years agoBtrfs: fix free space cache when there are pinned extents and clusters V2
Josef Bacik [Fri, 1 Apr 2011 14:55:00 +0000 (14:55 +0000)]
Btrfs: fix free space cache when there are pinned extents and clusters V2

I noticed a huge problem with the free space cache that was presenting
as an early ENOSPC.  Turns out when writing the free space cache out I
forgot to take into account pinned extents and more importantly
clusters.  This would result in us leaking free space everytime we
unmounted the filesystem and remounted it.

I fix this by making sure to check and see if the current block group
has a cluster and writing out any entries that are in the cluster to the
cache, as well as writing any pinned extents we currently have to the
cache since those will be available for us to use the next time the fs
mounts.

This patch also adds a check to the end of load_free_space_cache to make
sure we got the right amount of free space cache, and if not make sure
to clear the cache and re-cache the old fashioned way.

Signed-off-by: Josef Bacik <josef@redhat.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
13 years agoBtrfs: Fix uninitialized root flags for subvolumes
Li Zefan [Mon, 28 Mar 2011 02:01:25 +0000 (02:01 +0000)]
Btrfs: Fix uninitialized root flags for subvolumes

root_item->flags and root_item->byte_limit are not initialized when
a subvolume is created. This bug is not revealed until we added
readonly snapshot support - now you mount a btrfs filesystem and you
may find the subvolumes in it are readonly.

To work around this problem, we steal a bit from root_item->inode_item->flags,
and use it to indicate if those fields have been properly initialized.
When we read a tree root from disk, we check if the bit is set, and if
not we'll set the flag and initialize the two fields of the root item.

Reported-by: Andreas Philipp <philipp.andreas@gmail.com>
Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
Tested-by: Andreas Philipp <philipp.andreas@gmail.com>
cc: stable@kernel.org
Signed-off-by: Chris Mason <chris.mason@oracle.com>
13 years agobtrfs: clear __GFP_FS flag in the space cache inode
Miao Xie [Thu, 31 Mar 2011 09:43:23 +0000 (09:43 +0000)]
btrfs: clear __GFP_FS flag in the space cache inode

the object id of the space cache inode's key is allocated from the relative
root, just like the regular file. So we can't identify space cache inode by
checking the object id of the inode's key, and we have to clear __GFP_FS flag
at the time we look up the space cache inode.

Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
Signed-off-by: Liu Bo <liubo2009@cn.fujitsu.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
13 years agoBtrfs: fix memory leak in start_transaction()
Yoshinori Sano [Sun, 3 Apr 2011 12:31:28 +0000 (12:31 +0000)]
Btrfs: fix memory leak in start_transaction()

Free btrfs_trans_handle when join_transaction() fails
in start_transaction()

Signed-off-by: Yoshinori Sano <yoshinori.sano@gmail.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
13 years agoBtrfs: fix memory leak in btrfs_ioctl_start_sync()
Tsutomu Itoh [Mon, 4 Apr 2011 01:52:13 +0000 (01:52 +0000)]
Btrfs: fix memory leak in btrfs_ioctl_start_sync()

Call btrfs_end_transaction() if btrfs_commit_transaction_async() fails.

Signed-off-by: Tsutomu Itoh <t-itoh@jp.fujitsu.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
13 years agoBtrfs: fix subvol_sem leak in btrfs_rename()
Johann Lombardi [Thu, 31 Mar 2011 13:23:47 +0000 (13:23 +0000)]
Btrfs: fix subvol_sem leak in btrfs_rename()

btrfs_rename() does not release the subvol_sem if the transaction failed to start.

Signed-off-by: Johann Lombardi <johann@whamcloud.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
13 years agoBtrfs: Fix oops for defrag with compression turned on
Li Zefan [Mon, 28 Mar 2011 08:30:38 +0000 (08:30 +0000)]
Btrfs: Fix oops for defrag with compression turned on

When we defrag a file, whose size can be fit into an inline extent,
with compression enabled, the compress type is set to be
fs_info->compress_type, which is 0 if the btrfs filesystem is mounted
without compress option. This leads to oops.

Reported-by: Daniel Blueman <daniel.blueman@gmail.com>
Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
13 years agoBtrfs: fix /proc/mounts info.
Tsutomu Itoh [Thu, 31 Mar 2011 00:44:29 +0000 (00:44 +0000)]
Btrfs: fix /proc/mounts info.

Some mount options are not displayed by /proc/mounts.
This patch displays the option such as compress_type by /proc/mounts.

Ex.
  [before]
    $ mount | grep sdc2
    /dev/sdc2 on /test12 type btrfs (rw,space_cache,compress=lzo)
    $ cat /proc/mounts | grep sdc2
    /dev/sdc2 /test12 btrfs rw,relatime,compress 0 0

  [after]
    $ mount | grep sdc2
    /dev/sdc2 on /test12 type btrfs (rw,space_cache,compress=lzo)
    $ cat /proc/mounts | grep sdc2
    /dev/sdc2 /test12 btrfs rw,relatime,compress=lzo,space_cache 0 0

Signed-off-by: Tsutomu Itoh <t-itoh@jp.fujitsu.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
13 years agoBtrfs: fix compiler warning in file.c
Tsutomu Itoh [Wed, 30 Mar 2011 00:57:23 +0000 (00:57 +0000)]
Btrfs: fix compiler warning in file.c

While compiling Btrfs, I got following messages:

  CC [M]  fs/btrfs/file.o
fs/btrfs/file.c: In function '__btrfs_buffered_write':
fs/btrfs/file.c:909: warning: 'ret' may be used uninitialized in this function
  CC [M]  fs/btrfs/tree-defrag.o

This patch fixes compiler warning.

Signed-off-by: Tsutomu Itoh <t-itoh@jp.fujitsu.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
13 years agoMerge branch 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied...
Linus Torvalds [Tue, 5 Apr 2011 00:56:07 +0000 (17:56 -0700)]
Merge branch 'drm-fixes' of git://git./linux/kernel/git/airlied/drm-2.6

* 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6:
  drm: fix "persistant" typo
  drm/radeon/kms: add some new ontario pci ids
  drm/radeon/kms: pageflipping cleanup for avivo+
  drm/radeon/kms: Add support for tv-out dongle on G5 9600
  drm: export drm_find_cea_extension to drivers
  drm/radeon/kms: add some sanity checks to obj info record parsingi (v2)
  drm/i915: Reset GMBUS controller after NAK
  drm/i915: Busy-spin wait_for condition in atomic contexts
  drm/i915/lvds: Always return connected in the absence of better information

13 years agoMerge branch 'next' of git://git.monstr.eu/linux-2.6-microblaze
Linus Torvalds [Tue, 5 Apr 2011 00:54:46 +0000 (17:54 -0700)]
Merge branch 'next' of git://git.monstr.eu/linux-2.6-microblaze

* 'next' of git://git.monstr.eu/linux-2.6-microblaze:
  microblaze: Fix ftrace
  microblaze: Wire up new syscalls
  microblaze: Fix level/edge irq sensibility

13 years agoDocumentation: update cgroups info user groups names
Geunsik Lim [Mon, 4 Apr 2011 22:10:45 +0000 (15:10 -0700)]
Documentation: update cgroups info user groups names

Update suitable words to explain / understand cgroups contents.

Signed-off-by: Geunsik Lim <geunsik.lim@samsung.com>
Cc: Paul Menage <menage@google.com>
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agoDocumentation: consolidate leds files to leds/ subdir
Antonio Ospite [Mon, 4 Apr 2011 22:08:46 +0000 (15:08 -0700)]
Documentation: consolidate leds files to leds/ subdir

leds: move leds-class documentation under the leds/ subdir.
Add also a leds/00-INDEX file describing the files under leds/

Signed-off-by: Antonio Ospite <ospite@studenti.unina.it>
Acked-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agokemleak-test: build as module only
Daniel Baluta [Mon, 4 Apr 2011 22:06:44 +0000 (15:06 -0700)]
kemleak-test: build as module only

mm/kmemleak-test.c is used to provide an example of how kmemleak
tool works.

Memory is leaked at module unload-time, so building the test
in kernel (Y) makes the leaks impossible and the test useless.

Qualify DEBUG_KMEMLEAK_TEST config symbol with "depends on m",
to restrict module-only building.

Signed-off-by: Daniel Baluta <dbaluta@ixiacom.com>
Acked-by: Pekka Enberg <penberg@kernel.org>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agoDocumentation: fix minor typos/spelling
Sylvestre Ledru [Mon, 4 Apr 2011 22:04:46 +0000 (15:04 -0700)]
Documentation: fix minor typos/spelling

Fix some minor typos:
 * informations => information
 * there own => their own
 * these => this

Signed-off-by: Sylvestre Ledru <sylvestre.ledru@scilab.org>
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agoDocumentation: update panic parameter info
Randy Dunlap [Mon, 4 Apr 2011 22:02:24 +0000 (15:02 -0700)]
Documentation: update panic parameter info

Add a little more info for some of the panic-related kernel parameters.
Fix "oops=panic" to fit in 80 columns.

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Reviewed-by: Jesper Juhl <jj@chaosbits.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agokernel/signal.c: add kernel-doc notation to syscalls
Randy Dunlap [Mon, 4 Apr 2011 22:00:26 +0000 (15:00 -0700)]
kernel/signal.c: add kernel-doc notation to syscalls

Add kernel-doc to syscalls in signal.c.

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agokernel/signal.c: fix typos and coding style
Randy Dunlap [Mon, 4 Apr 2011 21:59:31 +0000 (14:59 -0700)]
kernel/signal.c: fix typos and coding style

General coding style and comment fixes; no code changes:

 - Use multi-line-comment coding style.
 - Put some function signatures completely on one line.
 - Hyphenate some words.
 - Spell Posix as POSIX.
 - Correct typos & spellos in some comments.
 - Drop trailing whitespace.
 - End sentences with periods.

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agoDocumentation: update kmemleak arch. info
Daniel Baluta [Mon, 4 Apr 2011 21:58:03 +0000 (14:58 -0700)]
Documentation: update kmemleak arch. info

Besides x86 and arm, kmemleak now supports powerpc, sparc, sh,
microblaze and tile.

Signed-off-by: Daniel Baluta <dbaluta@ixiacom.com>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agodrm: fix "persistant" typo
Jan Engelhardt [Sun, 3 Apr 2011 23:25:18 +0000 (01:25 +0200)]
drm: fix "persistant" typo

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Dave Airlie <airlied@redhat.com>
13 years agodrm/radeon/kms: add some new ontario pci ids
Alex Deucher [Mon, 4 Apr 2011 15:03:16 +0000 (11:03 -0400)]
drm/radeon/kms: add some new ontario pci ids

Signed-off-by: Alex Deucher <alexdeucher@gmail.com>
Cc:stable@kernel.org
Signed-off-by: Dave Airlie <airlied@redhat.com>
13 years agotty: fix endless work loop when the buffer fills up
Linus Torvalds [Mon, 4 Apr 2011 21:26:54 +0000 (14:26 -0700)]
tty: fix endless work loop when the buffer fills up

Commit f23eb2b2b285 ('tty: stop using "delayed_work" in the tty layer')
ended up causing hung machines on UP with no preemption, because the
work routine to flip the buffer data to the ldisc would endlessly re-arm
itself if the destination buffer had filled up.

With the delayed work, that only caused a timer-driving polling of the
tty state every timer tick, but without the delay we just ended up with
basically a busy loop instead.

Stop the insane polling, and instead make the code that opens up the
receive room re-schedule the buffer flip work.  That's what we should
have been doing anyway.

This same "poll for tty room" issue is almost certainly also the cause
of excessive kworker activity when idle reported by Dave Jones, who also
reported "flush_to_ldisc executing 2500 times a second" back in Nov 2010:

  http://lkml.org/lkml/2010/11/30/592

which is that silly flushing done every timer tick.  Wasting both power
and CPU for no good reason.

Reported-and-tested-by: Alexander Beregalov <a.beregalov@gmail.com>
Reported-and-tested-by: Sitsofe Wheeler <sitsofe@yahoo.com>
Cc: Greg KH <gregkh@suse.de>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Dave Jones <davej@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agoipv6: Don't pass invalid dst_entry pointer to dst_release().
Boris Ostrovsky [Mon, 4 Apr 2011 20:07:26 +0000 (13:07 -0700)]
ipv6: Don't pass invalid dst_entry pointer to dst_release().

Make sure dst_release() is not called with error pointer. This is
similar to commit 4910ac6c526d2868adcb5893e0c428473de862b5 ("ipv4:
Don't ip_rt_put() an error pointer in RAW sockets.").

Signed-off-by: Boris Ostrovsky <boris.ostrovsky@amd.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
13 years agoMerge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git...
Linus Torvalds [Mon, 4 Apr 2011 15:37:45 +0000 (08:37 -0700)]
Merge branch 'x86-fixes-for-linus' of git://git./linux/kernel/git/tip/linux-2.6-tip

* 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  x86, UV: Fix kdump reboot
  x86, amd-nb: Rename CPU PCI id define for F4
  sound: Add delay.h to sound/soc/codecs/sn95031.c
  x86, mtrr, pat: Fix one cpu getting out of sync during resume
  x86, microcode: Unregister syscore_ops after microcode unloaded
  x86: Stop including <linux/delay.h> in two asm header files

13 years agoMerge branch 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel...
Linus Torvalds [Mon, 4 Apr 2011 15:36:58 +0000 (08:36 -0700)]
Merge branch 'sched-fixes-for-linus' of git://git./linux/kernel/git/tip/linux-2.6-tip

* 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  sched: Fix rebalance interval calculation
  sched, doc: Beef up load balancing description
  sched: Leave sched_setscheduler() earlier if possible, do not disturb SCHED_FIFO tasks

13 years agoMerge branch 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel...
Linus Torvalds [Mon, 4 Apr 2011 15:36:40 +0000 (08:36 -0700)]
Merge branch 'perf-fixes-for-linus' of git://git./linux/kernel/git/tip/linux-2.6-tip

* 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  perf: Fix task_struct reference leak
  perf: Fix task context scheduling
  perf: mmap 512 kiB by default
  perf: Rebase max unprivileged mlock threshold on top of page size
  perf tools: Fix NO_NEWT=1 python build error
  perf symbols: Properly align symbol_conf.priv_size
  perf tools: Emit clearer message for sys_perf_event_open ENOENT return
  perf tools: Fixup exit path when not able to open events
  perf symbols: Fix vsyscall symbol lookup
  oprofile, x86: Allow setting EDGE/INV/CMASK for counter events

13 years agoMerge branch 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel...
Linus Torvalds [Mon, 4 Apr 2011 15:36:15 +0000 (08:36 -0700)]
Merge branch 'core-fixes-for-linus' of git://git./linux/kernel/git/tip/linux-2.6-tip

* 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  rcu: create new rcu_access_index() and use in mce
  WARN_ON_SMP(): Add comment to explain ({0;})

13 years agousb/serial: fix function args warnings, dropping *filp
Randy Dunlap [Sun, 3 Apr 2011 18:42:00 +0000 (11:42 -0700)]
usb/serial: fix function args warnings, dropping *filp

Fix build warnings caused by removal of *filp arg in struct
usb_serial_driver.

These changes were missed somehow in commits 00a0d0d65b61 ("tty: remove
filp from the USB tty ioctls") and 60b33c133ca0b ("tiocmget: kill off
the passing of the struct file")

  drivers/usb/serial/mct_u232.c:159: warning: initialization from incompatible pointer type
  drivers/usb/serial/opticon.c:627: warning: initialization from incompatible pointer type

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Cc: Alan Cox <alan@linux.intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agoMerge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab...
Linus Torvalds [Mon, 4 Apr 2011 15:33:53 +0000 (08:33 -0700)]
Merge branch 'v4l_for_linus' of git://git./linux/kernel/git/mchehab/linux-2.6

* 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6:
  [media] radio: wl128x: Update registration process with ST
  [media] staging: altera-jtag needs delay.h

13 years agoMerge branch 'unicore32' of git://git.kernel.org/pub/scm/linux/kernel/git/epip/linux...
Linus Torvalds [Mon, 4 Apr 2011 15:33:21 +0000 (08:33 -0700)]
Merge branch 'unicore32' of git://git./linux/kernel/git/epip/linux-2.6-unicore32

* 'unicore32' of git://git.kernel.org/pub/scm/linux/kernel/git/epip/linux-2.6-unicore32:
  unicore32 framebuffer fix: get videomemory by __get_free_pages() and make it floatable
  unicore32 core architecture: remove duplicated #include
  unicore32 rtc driver fix: cleanup irq_set_freq and irq_set_state
  unicore32 fix: remove arch-specific futex support
  unicore32 ldscript fix: add cacheline parameter to PERCPU() macro

13 years agoMerge branch 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groec...
Linus Torvalds [Mon, 4 Apr 2011 15:32:56 +0000 (08:32 -0700)]
Merge branch 'hwmon-for-linus' of git://git./linux/kernel/git/groeck/staging

* 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/staging:
  hwmon: twl4030-madc-hwmon: add "platform:" prefix for platform modalias

13 years agontp: fix non privileged system time shifting
Richard Cochran [Mon, 4 Apr 2011 15:31:23 +0000 (08:31 -0700)]
ntp: fix non privileged system time shifting

The ADJ_SETOFFSET bit added in commit 094aa188 ("ntp: Add ADJ_SETOFFSET
mode bit") also introduced a way for any user to change the system time.
Sneaky or buggy calls to adjtimex() could set

    ADJ_OFFSET_SS_READ | ADJ_SETOFFSET

which would result in a successful call to timekeeping_inject_offset().
This patch fixes the issue by adding the capability check.

Signed-off-by: Richard Cochran <richard.cochran@omicron.at>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agortc-mrst: Fix section types
Major Lee [Mon, 4 Apr 2011 10:32:12 +0000 (11:32 +0100)]
rtc-mrst: Fix section types

Fix the following section mismatch warning.

  WARNING: drivers/rtc/built-in.o(.data+0xa0): Section mismatch in reference from the variable vrtc_mrst_platform_driver to the function .init.text:vrtc_mrst_platform_probe()
  The variable vrtc_mrst_platform_driver references the function __init vrtc_mrst_platform_probe()
  If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable:
    *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console,

Signed-off-by: Major Lee <major_lee@wistron.com>
Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
13 years agoedac/mpc85xx: Limit setting/clearing of HID1[RFXE] to e500v1/v2 cores
Kumar Gala [Thu, 31 Mar 2011 22:11:39 +0000 (17:11 -0500)]
edac/mpc85xx: Limit setting/clearing of HID1[RFXE] to e500v1/v2 cores

Only the e500v1/v2 cores have HID1[RXFE] so we should attempt to set or
clear this register bit on them.  Otherwise we get crashes like:

NIP: c0579f84 LR: c006d550 CTR: c0579f84
REGS: ef857ec0 TRAP: 0700   Not tainted  (2.6.38.2-00072-gf15ba3c)
MSR: 00021002 <ME,CE>  CR: 22044022  XER: 00000000
TASK = ef8559c0[1] 'swapper' THREAD: ef856000 CPU: 0
GPR00: c006d538 ef857f70 ef8559c0 00000000 00000004 00000000 00000000 00000000
GPR08: c0590000 c30170a8 00000000 c30170a8 00000001 0fffe000 00000000 00000000
GPR16: 00000000 7ffa0e60 00000000 00000000 7ffb0bd8 7ff3b844 c05be000 00000000
GPR24: 00000000 00000000 c05c28b0 c0579fac 00000000 00029002 00000000 c0579f84
NIP [c0579f84] mpc85xx_mc_clear_rfxe+0x0/0x28
LR [c006d550] on_each_cpu+0x34/0x50
Call Trace:
[ef857f70] [c006d538] on_each_cpu+0x1c/0x50 (unreliable)
[ef857f90] [c057a070] mpc85xx_mc_init+0xc4/0xdc
[ef857fa0] [c0001cd4] do_one_initcall+0x34/0x1a8
[ef857fd0] [c055d9d8] kernel_init+0x17c/0x218
[ef857ff0] [c000cda4] kernel_thread+0x4c/0x68
Instruction dump:
40be0018 3c60c052 3863c70c 4be9baad 3be0ffed 4bd7c99d 80010014 7fe3fb78
83e1000c 38210010 7c0803a6 4e800020 <7c11faa654290024 81290008
3d60c06e
Oops: Exception in kernel mode, sig: 4 [#2]
---[ end trace 49ff3b8f93efde1a ]---

Also use the HID1_RFXE define rather than a magic number.

Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
13 years agopowerpc/85xx: Update dts for PCIe memory maps to match u-boot of Px020RDB
Prabhakar Kushwaha [Fri, 25 Mar 2011 04:47:45 +0000 (10:17 +0530)]
powerpc/85xx: Update dts for PCIe memory maps to match u-boot of Px020RDB

PCIe memory address space is 1:1 mapped with u-boot.

Update dts of Px020RDB i.e. P1020RDB and P2020RDB to match the address map
changes in u-boot.

Signed-off-by: Prabhakar Kushwaha <prabhakar@freescale.com>
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
13 years agomlx4: fix kfree on error path in new_steering_entry()
Mariusz Kozlowski [Mon, 4 Apr 2011 05:04:01 +0000 (22:04 -0700)]
mlx4: fix kfree on error path in new_steering_entry()

On error path kfree() should get pointer to memory allocated by
kmalloc() not the address of variable holding it (which is on stack).

Signed-off-by: Mariusz Kozlowski <mk@lab.zgora.pl>
Signed-off-by: David S. Miller <davem@davemloft.net>
13 years agoptrace: ptrace_check_attach() should not do s/STOPPED/TRACED/
Oleg Nesterov [Fri, 1 Apr 2011 18:13:01 +0000 (20:13 +0200)]
ptrace: ptrace_check_attach() should not do s/STOPPED/TRACED/

After "ptrace: Clean transitions between TASK_STOPPED and TRACED"
d79fdd6d96f46fabb779d86332e3677c6f5c2a4f, ptrace_check_attach()
should never see a TASK_STOPPED tracee and s/STOPPED/TRACED/ is
no longer legal. Add the warning.

Note: ptrace_check_attach() can be greatly simplified, in particular
it doesn't need tasklist. But I'd prefer another patch for that.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
13 years agosignal: Turn SIGNAL_STOP_DEQUEUED into GROUP_STOP_DEQUEUED
Oleg Nesterov [Fri, 1 Apr 2011 18:12:38 +0000 (20:12 +0200)]
signal: Turn SIGNAL_STOP_DEQUEUED into GROUP_STOP_DEQUEUED

This patch moves SIGNAL_STOP_DEQUEUED from signal_struct->flags to
task_struct->group_stop, and thus makes it per-thread.

Like SIGNAL_STOP_DEQUEUED, GROUP_STOP_DEQUEUED can be false-positive
after return from get_signal_to_deliver(), this is fine. The only
purpose of this bit is: we can drop ->siglock after __dequeue_signal()
returns the sig_kernel_stop() signal and before we call
do_signal_stop(), in this case we must not miss SIGCONT if it comes in
between.

But, unlike SIGNAL_STOP_DEQUEUED, GROUP_STOP_DEQUEUED can not be
false-positive in do_signal_stop() if multiple threads dequeue the
sig_kernel_stop() signal at the same time.

Consider two threads T1 and T2, SIGTTIN has a hanlder.

- T1 dequeues SIGTSTP and sets SIGNAL_STOP_DEQUEUED, then
  it drops ->siglock

- SIGCONT comes and clears SIGNAL_STOP_DEQUEUED, SIGTSTP
  should be cancelled.

- T2 dequeues SIGTTIN and sets SIGNAL_STOP_DEQUEUED again.
  Since we have a handler we should not stop, T2 returns
  to usermode to run the handler.

- T1 continues, calls do_signal_stop() and wrongly starts
  the group stop because SIGNAL_STOP_DEQUEUED was restored
  in between.

With or without this change:

- we need to do something with ptrace_signal() which can
  return SIGSTOP, but this needs another discussion

- SIGSTOP can be lost if it races with the mt exec, will
  be fixed later.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
13 years agosignal: do_signal_stop: Remove the unneeded task_clear_group_stop_pending()
Oleg Nesterov [Fri, 1 Apr 2011 18:12:16 +0000 (20:12 +0200)]
signal: do_signal_stop: Remove the unneeded task_clear_group_stop_pending()

PF_EXITING or TASK_STOPPED has already called task_participate_group_stop()
and cleared its ->group_stop. No need to do task_clear_group_stop_pending()
when we start the new group stop.

Add a small comment to explain the !task_is_stopped() check. Note that this
check is not exactly right and it can lead to unnecessary stop later if the
thread is TASK_PTRACED. What we need is task_participated_in_group_stop(),
this will be solved later.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
13 years agosignal: prepare_signal(SIGCONT) shouldn't play with TIF_SIGPENDING
Oleg Nesterov [Fri, 1 Apr 2011 18:11:50 +0000 (20:11 +0200)]
signal: prepare_signal(SIGCONT) shouldn't play with TIF_SIGPENDING

prepare_signal(SIGCONT) should never set TIF_SIGPENDING or wake up
the TASK_INTERRUPTIBLE threads. We are going to call complete_signal()
which should pick the right thread correctly. All we need is to wake
up the TASK_STOPPED threads.

If the task was stopped, it can't return to usermode without taking
->siglock. Otherwise we don't care, and the spurious TIF_SIGPENDING
can't be useful.

The comment says:

* If there is a handler for SIGCONT, we must make
* sure that no thread returns to user mode before
* we post the signal

It is not clear what this means. Probably, "when there's only a single
thread" and this continues to be true. Otherwise, even if this SIGCONT
is not private, with or without this change only one thread can dequeue
SIGCONT, other threads can happily return to user mode before before
that thread handles this signal.

Note also that wake_up_state(t, __TASK_STOPPED) can't race with the task
which changes its state, TASK_STOPPED state is protected by ->siglock as
well.

In short: when it comes to signal delivery, SIGCONT is the normal signal
and does not need any special support.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
13 years agodrm/radeon/kms: pageflipping cleanup for avivo+
Alex Deucher [Sat, 2 Apr 2011 13:15:50 +0000 (09:15 -0400)]
drm/radeon/kms: pageflipping cleanup for avivo+

Avoid touching the flip setup regs while
acceleration is running.  Set them at modeset
rather than during pageflip.  Touching these
regs while acceleration is active caused hangs
on pre-avivo chips.  These chips do not seem
to be affected, but better safe than sorry,
plus it avoids repeatedly reprogramming the
regs every flip.

Signed-off-by: Alex Deucher <alexdeucher@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
13 years agodrm/radeon/kms: Add support for tv-out dongle on G5 9600
Alex Deucher [Sat, 2 Apr 2011 13:09:08 +0000 (09:09 -0400)]
drm/radeon/kms: Add support for tv-out dongle on G5 9600

Signed-off-by: Alex Deucher <alexdeucher@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
13 years agoInput: rpckbd - fix a leak of the IRQ during init failure
Axel Lin [Sun, 3 Apr 2011 04:20:24 +0000 (21:20 -0700)]
Input: rpckbd - fix a leak of the IRQ during init failure

In rpckbd_open prror path, free_irq() was using NULL rather than the
driver data as the data pointer so free_irq() wouldn't have matched.

Signed-off-by: Axel Lin <axel.lin@gmail.com>
Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
13 years agounicore32 framebuffer fix: get videomemory by __get_free_pages() and make it floatable
Guan Xuetao [Fri, 1 Apr 2011 08:38:59 +0000 (16:38 +0800)]
unicore32 framebuffer fix: get videomemory by __get_free_pages() and make it floatable

1. get videomemory by __get_free_pages() in fb-puv3.c
2. remove resource reservation for old fixed UNIGFX_MMAP & UVC_MMAP space
3. remove unused macros: PKUNTIY_UNIGFX_MMAP_BASE, PKUNITY_UNIGFX_MMAP_SIZE,
PKUNITY_UVC_MMAP_BASE, PKUNITY_UVC_MMAP_SIZE and KUSER_UNIGFX_BASE
4. remove unused header linux/vmalloc.h in fb-puv3.h

Signed-off-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
Acked-by: Arnd Bergmann <arnd@arndb.de>
13 years agounicore32 core architecture: remove duplicated #include
Huang Weiyi [Sun, 20 Mar 2011 08:56:55 +0000 (16:56 +0800)]
unicore32 core architecture: remove duplicated #include

Remove duplicated #include('s) in
  arch/unicore32/kernel/traps.c

Signed-off-by: Huang Weiyi <weiyi.huang@gmail.com>
Acked-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
13 years agounicore32 rtc driver fix: cleanup irq_set_freq and irq_set_state
Guan Xuetao [Tue, 29 Mar 2011 12:38:51 +0000 (20:38 +0800)]
unicore32 rtc driver fix: cleanup irq_set_freq and irq_set_state

Signed-off-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
13 years agounicore32 fix: remove arch-specific futex support
Guan Xuetao [Tue, 29 Mar 2011 14:17:42 +0000 (22:17 +0800)]
unicore32 fix: remove arch-specific futex support

The futex functions in unicore32 are not used and verified,
so just replaced by asm-generic version.

Signed-off-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
Acked-by: Arnd Bergmann <arnd@arndb.de>
13 years agounicore32 ldscript fix: add cacheline parameter to PERCPU() macro
Guan Xuetao [Tue, 29 Mar 2011 13:30:04 +0000 (21:30 +0800)]
unicore32 ldscript fix: add cacheline parameter to PERCPU() macro

Also, adjust cacheline parameter of RW_DATA_SECTION and EXCEPTION_TABLE

Signed-off-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
Acked-by: Arnd Bergmann <arnd@arndb.de>
13 years agotcp: len check is unnecessarily devastating, change to WARN_ON
Ilpo Järvinen [Sat, 2 Apr 2011 04:47:41 +0000 (21:47 -0700)]
tcp: len check is unnecessarily devastating, change to WARN_ON

All callers are prepared for alloc failures anyway, so this error
can safely be boomeranged to the callers domain without super
bad consequences. ...At worst the connection might go into a state
where each RTO tries to (unsuccessfully) re-fragment with such
a mis-sized value and eventually dies.

Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
13 years agosctp: malloc enough room for asconf-ack chunk
Wei Yongjun [Thu, 31 Mar 2011 23:42:55 +0000 (23:42 +0000)]
sctp: malloc enough room for asconf-ack chunk

Sometime the ASCONF_ACK parameters can equal to the fourfold of
ASCONF parameters, this only happend in some special case:

  ASCONF parameter is :
    Unrecognized Parameter (4 bytes)
  ASCONF_ACK parameter should be:
    Error Cause Indication parameter (8 bytes header)
     + Error Cause (4 bytes header)
       + Unrecognized Parameter (4bytes)

Four 4bytes Unrecognized Parameters in ASCONF chunk will cause panic.

Pid: 0, comm: swapper Not tainted 2.6.38-next+ #22 Bochs Bochs
EIP: 0060:[<c0717eae>] EFLAGS: 00010246 CPU: 0
EIP is at skb_put+0x60/0x70
EAX: 00000077 EBX: c09060e2 ECX: dec1dc30 EDX: c09469c0
ESI: 00000000 EDI: de3c8d40 EBP: dec1dc58 ESP: dec1dc2c
 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Process swapper (pid: 0, ti=dec1c000 task=c09aef20 task.ti=c0980000)
Stack:
 c09469c0 e1894fa4 00000044 00000004 de3c8d00 de3c8d00 de3c8d44 de3c8d40
 c09060e2 de25dd80 de3c8d40 dec1dc7c e1894fa4 dec1dcb0 00000040 00000004
 00000000 00000800 00000004 00000004 dec1dce0 e1895a2b dec1dcb4 de25d960
Call Trace:
 [<e1894fa4>] ? sctp_addto_chunk+0x4e/0x89 [sctp]
 [<e1894fa4>] sctp_addto_chunk+0x4e/0x89 [sctp]
 [<e1895a2b>] sctp_process_asconf+0x32f/0x3d1 [sctp]
 [<e188d554>] sctp_sf_do_asconf+0xf8/0x173 [sctp]
 [<e1890b02>] sctp_do_sm+0xb8/0x159 [sctp]
 [<e18a2248>] ? sctp_cname+0x0/0x52 [sctp]
 [<e189392d>] sctp_assoc_bh_rcv+0xac/0xe3 [sctp]
 [<e1897d76>] sctp_inq_push+0x2d/0x30 [sctp]
 [<e18a21b2>] sctp_rcv+0x7a7/0x83d [sctp]
 [<c077a95c>] ? ipv4_confirm+0x118/0x125
 [<c073a970>] ? nf_iterate+0x34/0x62
 [<c074789d>] ? ip_local_deliver_finish+0x0/0x194
 [<c074789d>] ? ip_local_deliver_finish+0x0/0x194
 [<c0747992>] ip_local_deliver_finish+0xf5/0x194
 [<c074789d>] ? ip_local_deliver_finish+0x0/0x194
 [<c0747a6e>] NF_HOOK.clone.1+0x3d/0x44
 [<c0747ab3>] ip_local_deliver+0x3e/0x44
 [<c074789d>] ? ip_local_deliver_finish+0x0/0x194
 [<c074775c>] ip_rcv_finish+0x29f/0x2c7
 [<c07474bd>] ? ip_rcv_finish+0x0/0x2c7
 [<c0747a6e>] NF_HOOK.clone.1+0x3d/0x44
 [<c0747cae>] ip_rcv+0x1f5/0x233
 [<c07474bd>] ? ip_rcv_finish+0x0/0x2c7
 [<c071dce3>] __netif_receive_skb+0x310/0x336
 [<c07221f3>] netif_receive_skb+0x4b/0x51
 [<e0a4ed3d>] cp_rx_poll+0x1e7/0x29c [8139cp]
 [<c072275e>] net_rx_action+0x65/0x13a
 [<c0445a54>] __do_softirq+0xa1/0x149
 [<c04459b3>] ? __do_softirq+0x0/0x149
 <IRQ>
 [<c0445891>] ? irq_exit+0x37/0x72
 [<c040a7e9>] ? do_IRQ+0x81/0x95
 [<c07b3670>] ? common_interrupt+0x30/0x38
 [<c0428058>] ? native_safe_halt+0xa/0xc
 [<c040f5d7>] ? default_idle+0x58/0x92
 [<c0408fb0>] ? cpu_idle+0x96/0xb2
 [<c0797989>] ? rest_init+0x5d/0x5f
 [<c09fd90c>] ? start_kernel+0x34b/0x350
 [<c09fd0cb>] ? i386_start_kernel+0xba/0xc1

Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>