David S. Miller [Fri, 8 Feb 2013 23:02:14 +0000 (18:02 -0500)]
Merge git://git./linux/kernel/git/davem/net
Synchronize with 'net' in order to sort out some l2tp, wireless, and
ipv6 GRE fixes that will be built on top of in 'net-next'.
Signed-off-by: David S. Miller <davem@davemloft.net>
Vipul Pandya [Fri, 8 Feb 2013 02:49:51 +0000 (02:49 +0000)]
cxgb4vf: Fix extraction of cpl_rx_pkt from the response queue descriptor
This was preventing GRO and RxCheckSum offload to happen.
Signed-off-by: Jay Hernandez <jay@chelsio.com>
Signed-off-by: Vipul Pandya <vipul@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Daniel Borkmann [Thu, 7 Feb 2013 23:22:58 +0000 (23:22 +0000)]
net: sctp: sctp_auth_make_key_vector: use sctp_auth_create_key
In sctp_auth_make_key_vector, we allocate a temporary sctp_auth_bytes
structure with kmalloc instead of the sctp_auth_create_key allocator.
Change this to sctp_auth_create_key as it is the case everywhere else,
so that we also can properly free it via sctp_auth_key_put. This makes
it easier for future code changes in the structure and allocator itself,
since a single API is consistently used for this purpose. Also, by
using sctp_auth_create_key we're doing sanity checks over the arguments.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric Dumazet [Thu, 7 Feb 2013 16:41:02 +0000 (16:41 +0000)]
macvlan: add a salt to mc_hash()
Some multicast addresses are common to all macvlans,
so if a multicast message has a hash value collision, we
have to deliver a copy to all macvlans, adding significant
latency and possible packet drops if netdev_max_backlog
limit is hit.
Having a per macvlan hash function permits to reduce the
impact of hash collisions.
Suggested-by: Maciej Żenczykowski <maze@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric Dumazet [Thu, 7 Feb 2013 16:02:57 +0000 (16:02 +0000)]
macvlan: broadcast addr should be part of mc_filter
commit
cd431e738509e (macvlan: add multicast filter) forgot
the broadcast case.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Maciej Żenczykowski <maze@google.com>
SIgned-off-by: Maciej Żenczykowski <maze@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Amerigo Wang [Thu, 7 Feb 2013 15:52:40 +0000 (15:52 +0000)]
ipv6: fix a RCU warning in net/ipv6/ip6_flowlabel.c
This patch fixes the following RCU warning:
[ 51.680236] ===============================
[ 51.681914] [ INFO: suspicious RCU usage. ]
[ 51.683610]
3.8.0-rc6-next-20130206-sasha-00028-g83214f7-dirty #276 Tainted: G W
[ 51.686703] -------------------------------
[ 51.688281] net/ipv6/ip6_flowlabel.c:671 suspicious rcu_dereference_check() usage!
we should use rcu_dereference_bh() when we hold rcu_read_lock_bh().
Reported-by: Sasha Levin <sasha.levin@oracle.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: Cong Wang <amwang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Joe Perches [Thu, 7 Feb 2013 11:46:27 +0000 (11:46 +0000)]
drivers: net: Remove remaining alloc/OOM messages
alloc failures already get standardized OOM
messages and a dump_stack.
For the affected mallocs around these OOM messages:
Converted kmallocs with multiplies to kmalloc_array.
Converted a kmalloc/memcpy to kmemdup.
Removed now unused stack variables.
Removed unnecessary parentheses.
Neatened alignment.
Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Arend van Spriel <arend@broadcom.com>
Acked-by: Marc Kleine-Budde <mkl@pengutronix.de>
Acked-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Rafał Miłecki [Thu, 7 Feb 2013 05:40:38 +0000 (05:40 +0000)]
bgmac: fix "cmdcfg" calls for promisc and loopback modes
The last (bool) parameter in bgmac_cmdcfg_maskset says if the write
should be made, even if value didn't change. Currently driver doesn't
match the specs about (not) forcing some changes. This makes it follow
them.
Reported-by: Nathan Hintz <nlhintz@hotmail.com>
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Rafał Miłecki [Thu, 7 Feb 2013 00:27:17 +0000 (00:27 +0000)]
bgmac: validate (and random if needed) MAC addr
This adds check for a valid Ethernet MAC address and in case it is not,
it will generate a valid random one, such that the adapter is still
usable.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Duyck [Fri, 8 Feb 2013 10:17:15 +0000 (10:17 +0000)]
skbuff: Move definition of NETDEV_FRAG_PAGE_MAX_SIZE
In order to address the fact that some devices cannot support the full 32K
frag size we need to have the value accessible somewhere so that we can use it
to do comparisons against what the device can support. As such I am moving
the values out of skbuff.c and into skbuff.h.
Signed-off-by: Alexander Duyck <alexander.h.duyck@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Linus Torvalds [Fri, 8 Feb 2013 21:20:39 +0000 (08:20 +1100)]
Linux 3.8-rc7
Linus Torvalds [Fri, 8 Feb 2013 21:01:18 +0000 (08:01 +1100)]
Merge branch 'fixes' of git://git.linaro.org/people/rmk/linux-arm
Pull ARM fixes from Russell King:
"I was going to hold these off until v3.8 was out, and send them with a
stable tag, but as everyone else is pushing much bigger fixes which
Linus is accepting, let's save people from the hastle of having to
patch v3.8 back into working or use a stable kernel.
Looking at the diffstat, this really is high value for its size; this
is miniscule compared to how the -rc6 to tip diffstat currently looks.
So, four patches in this set:
- Punit Agrawal reports that the kernel no longer boots on MPCore due
to a new assumption made in the GIC code which isn't true of
earlier GIC designs. This is the biggest change in this set.
- Punit's boot log also revealed a bunch of WARN_ON() dumps caused by
the DT-ification of the GIC support without fixing up non-DT
Realview - which now sees a greater number of interrupts than it
did before.
- A fix for the DMA coherent code from Marek which uses the wrong
check for atomic allocations; this can result in spinlock lockups
or other nasty effects.
- A fix from Will, which will affect all Android based platforms if
not applied (which use the 2G:2G VM split) - this causes
particularly 'make' to misbehave unless this bug is fixed."
* 'fixes' of git://git.linaro.org/people/rmk/linux-arm:
ARM: 7641/1: memory: fix broken mmap by ensuring TASK_UNMAPPED_BASE is aligned
ARM: DMA mapping: fix bad atomic test
ARM: realview: ensure that we have sufficient IRQs available
ARM: GIC: fix GIC cpumask initialization
Linus Torvalds [Fri, 8 Feb 2013 20:55:24 +0000 (07:55 +1100)]
Merge git://git./linux/kernel/git/davem/net
Pull networking fixes from David Miller:
1) Revert iwlwifi reclaimed packet tracking, it causes problems for a
bunch of folks. From Emmanuel Grumbach.
2) Work limiting code in brcmsmac wifi driver can clear tx status
without processing the event. From Arend van Spriel.
3) rtlwifi USB driver processes wrong SKB, fix from Larry Finger.
4) l2tp tunnel delete can race with close, fix from Tom Parkin.
5) pktgen_add_device() failures are not checked at all, fix from Cong
Wang.
6) Fix unintentional removal of carrier off from tun_detach(),
otherwise we confuse userspace, from Michael S. Tsirkin.
7) Don't leak socket reference counts and ubufs in vhost-net driver,
from Jason Wang.
8) vmxnet3 driver gets it's initial carrier state wrong, fix from Neil
Horman.
9) Protect against USB networking devices which spam the host with 0
length frames, from Bjørn Mork.
10) Prevent neighbour overflows in ipv6 for locally destined routes,
from Marcelo Ricardo. This is the best short-term fix for this, a
longer term fix has been implemented in net-next.
11) L2TP uses ipv4 datagram routines in it's ipv6 code, whoops. This
mistake is largely because the ipv6 functions don't even have some
kind of prefix in their names to suggest they are ipv6 specific.
From Tom Parkin.
12) Check SYN packet drops properly in tcp_rcv_fastopen_synack(), from
Yuchung Cheng.
13) Fix races and TX skb freeing bugs in via-rhine's NAPI support, from
Francois Romieu and your's truly.
14) Fix infinite loops and divides by zero in TCP congestion window
handling, from Eric Dumazet, Neal Cardwell, and Ilpo Järvinen.
15) AF_PACKET tx ring handling can leak kernel memory to userspace, fix
from Phil Sutter.
16) Fix error handling in ipv6 GRE tunnel transmit, from Tommi Rantala.
17) Protect XEN netback driver against hostile frontend putting garbage
into the rings, don't leak pages in TX GOP checking, and add proper
resource releasing in error path of xen_netbk_get_requests(). From
Ian Campbell.
18) SCTP authentication keys should be cleared out and released with
kzfree(), from Daniel Borkmann.
19) L2TP is a bit too clever trying to maintain skb->truesize, and ends
up corrupting socket memory accounting to the point where packet
sending is halted indefinitely. Just remove the adjustments
entirely, they aren't really needed. From Eric Dumazet.
20) ATM Iphase driver uses a data type with the same name as the S390
headers, rename to fix the build. From Heiko Carstens.
21) Fix a typo in copying the inner network header offset from one SKB
to another, from Pravin B Shelar.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (56 commits)
net: sctp: sctp_endpoint_free: zero out secret key data
net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree
atm/iphase: rename fregt_t -> ffreg_t
net: usb: fix regression from FLAG_NOARP code
l2tp: dont play with skb->truesize
net: sctp: sctp_auth_key_put: use kzfree instead of kfree
netback: correct netbk_tx_err to handle wrap around.
xen/netback: free already allocated memory on failure in xen_netbk_get_requests
xen/netback: don't leak pages on failure in xen_netbk_tx_check_gop.
xen/netback: shutdown the ring if it contains garbage.
net: qmi_wwan: add more Huawei devices, including E320
net: cdc_ncm: add another Huawei vendor specific device
ipv6/ip6_gre: fix error case handling in ip6gre_tunnel_xmit()
tcp: fix for zero packets_in_flight was too broad
brcmsmac: rework of mac80211 .flush() callback operation
ssb: unregister gpios before unloading ssb
bcma: unregister gpios before unloading bcma
rtlwifi: Fix scheduling while atomic bug
net: usbnet: fix tx_dropped statistics
tcp: ipv6: Update MIB counters for drops
...
David S. Miller [Fri, 8 Feb 2013 20:18:40 +0000 (15:18 -0500)]
Merge branch 'wireless'
John W. Linville says:
====================
Please accept this pull request intended for the 3.9 stream!
Included are a mac80211 pull, an iwlwifi pull (actually two -- one
was a fast-forward), a wl12xx pull, and a couple of Bluetooth pulls.
On mac80211, Johannes says:
"I've included
* AKM definitions from Bing,
* mesh fixes from Thomas, including a fix from him for me breaking his
patch while applying,
* channel check fix from Simon,
* an old patch from Yoni Divinsky who doesn't even work for TI any
more, to configure the WEP TX key for ARP offload etc.
* MAC ACL API from Vasanth
* a fix for the infamous chanctx_conf warning from Arnd
* from myself, a fix for my previous aggregation changes, some cleanup
and some improvements and fixes for WoWLAN"
On iwlwifi, Johannes says:
"Two small changes for iwlwifi-next, one to update all our Copyright
notices and one to provide the RX page order."
And also:
"So what I have here is some cleanups, preparations and the new MVM
(multi-virtual MAC) driver itself and (this is new) some work on the
transport API as well as a message flooding fix."
On wl12xx, Luca says:
"Lots of bugfixes and improvements in our TI wireless drivers,
including support for multi-channel. Intended for 3.9."
On Bluetooth, Gustavo says:
"This is my first pull request to 3.9. The biggest changes here are from Johan
Hedberg who made a lot of fixes in the Management interface. The issues arose
due to a new test tool we wrote and the usage of the Management interface as
default in BlueZ 5. The rest of the patches are more clean ups and small
fixes."
And also:
"Here goes another batch intended for 3.9, the majority of the patch here are
from Johan who is fixing many issues in the management interface that have
appeared lately. The rest of the patches are just small improvements, fixes
and clean ups."
Along with those are the usual variety of updates/enhancements to
the mwl8k, mwifiex, ath9k, rtlwifi, and rt2x00 drivers as well as
a few updates for the ssb and bcma busses. I don't think there are
any big headliners there.
Please let me know if there are problems!
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Fri, 8 Feb 2013 19:55:08 +0000 (14:55 -0500)]
Merge branch 'sctp_keys'
Daniel Borkmann says:
====================
Cryptographically used keys should be zeroed out when our session
ends resp. memory is freed, thus do not leave them somewhere in the
memory.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Daniel Borkmann [Fri, 8 Feb 2013 03:04:35 +0000 (03:04 +0000)]
net: sctp: sctp_endpoint_free: zero out secret key data
On sctp_endpoint_destroy, previously used sensitive keying material
should be zeroed out before the memory is returned, as we already do
with e.g. auth keys when released.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Vlad Yasevich <vyasevic@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Daniel Borkmann [Fri, 8 Feb 2013 03:04:34 +0000 (03:04 +0000)]
net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree
In sctp_setsockopt_auth_key, we create a temporary copy of the user
passed shared auth key for the endpoint or association and after
internal setup, we free it right away. Since it's sensitive data, we
should zero out the key before returning the memory back to the
allocator. Thus, use kzfree instead of kfree, just as we do in
sctp_auth_key_put().
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Heiko Carstens [Fri, 8 Feb 2013 00:19:11 +0000 (00:19 +0000)]
atm/iphase: rename fregt_t -> ffreg_t
We have conflicting type qualifiers for "freg_t" in s390's ptrace.h and the
iphase atm device driver, which causes the compile error below.
Unfortunately the s390 typedef can't be renamed, since it's a user visible api,
nor can I change the include order in s390 code to avoid the conflict.
So simply rename the iphase typedef to a new name. Fixes this compile error:
In file included from drivers/atm/iphase.c:66:0:
drivers/atm/iphase.h:639:25: error: conflicting type qualifiers for 'freg_t'
In file included from next/arch/s390/include/asm/ptrace.h:9:0,
from next/arch/s390/include/asm/lowcore.h:12,
from next/arch/s390/include/asm/thread_info.h:30,
from include/linux/thread_info.h:54,
from include/linux/preempt.h:9,
from include/linux/spinlock.h:50,
from include/linux/seqlock.h:29,
from include/linux/time.h:5,
from include/linux/stat.h:18,
from include/linux/module.h:10,
from drivers/atm/iphase.c:43:
next/arch/s390/include/uapi/asm/ptrace.h:197:3: note: previous declaration of 'freg_t' was here
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Acked-by: chas williams - CONTRACTOR <chas@cmf.nrl.navy.mil>
Signed-off-by: David S. Miller <davem@davemloft.net>
John W. Linville [Fri, 8 Feb 2013 18:16:17 +0000 (13:16 -0500)]
Merge branch 'master' of git://git./linux/kernel/git/linville/wireless-next into for-davem
Will Deacon [Fri, 8 Feb 2013 11:52:29 +0000 (12:52 +0100)]
ARM: 7641/1: memory: fix broken mmap by ensuring TASK_UNMAPPED_BASE is aligned
We have received multiple reports of mmap failures when running with a
2:2 vm split. These manifest as either -EINVAL with a non page-aligned
address (ending 0xaaa) or a SEGV, depending on the application. The
issue is commonly observed in children of make, which appears to use
bottom-up mmap (assumedly because it changes the stack rlimit).
Further investigation reveals that this regression was triggered by
394ef6403abc ("mm: use vm_unmapped_area() on arm architecture"), whereby
TASK_UNMAPPED_BASE is no longer page-aligned for bottom-up mmap, causing
get_unmapped_area to choke on misaligned addressed.
This patch fixes the problem by defining TASK_UNMAPPED_BASE in terms of
TASK_SIZE and explicitly aligns the result to 16M, matching the other
end of the heap.
Acked-by: Nicolas Pitre <nico@linaro.org>
Reported-by: Steve Capper <steve.capper@arm.com>
Reported-by: Jean-Francois Moine <moinejf@free.fr>
Reported-by: Christoffer Dall <cdall@cs.columbia.edu>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Russell King [Wed, 30 Jan 2013 23:55:35 +0000 (23:55 +0000)]
ARM: DMA mapping: fix bad atomic test
Realview fails to boot with this warning:
BUG: spinlock lockup suspected on CPU#0, init/1
lock: 0xcf8bde10, .magic:
dead4ead, .owner: init/1, .owner_cpu: 0
Backtrace:
[<
c00185d8>] (dump_backtrace+0x0/0x10c) from [<
c03294e8>] (dump_stack+0x18/0x1c) r6:
cf8bde10 r5:
cf83d1c0 r4:
cf8bde10 r3:
cf83d1c0
[<
c03294d0>] (dump_stack+0x0/0x1c) from [<
c018926c>] (spin_dump+0x84/0x98)
[<
c01891e8>] (spin_dump+0x0/0x98) from [<
c0189460>] (do_raw_spin_lock+0x100/0x198)
[<
c0189360>] (do_raw_spin_lock+0x0/0x198) from [<
c032cbac>] (_raw_spin_lock+0x3c/0x44)
[<
c032cb70>] (_raw_spin_lock+0x0/0x44) from [<
c01c9224>] (pl011_console_write+0xe8/0x11c)
[<
c01c913c>] (pl011_console_write+0x0/0x11c) from [<
c002aea8>] (call_console_drivers.clone.7+0xdc/0x104)
[<
c002adcc>] (call_console_drivers.clone.7+0x0/0x104) from [<
c002b320>] (console_unlock+0x2e8/0x454)
[<
c002b038>] (console_unlock+0x0/0x454) from [<
c002b8b4>] (vprintk_emit+0x2d8/0x594)
[<
c002b5dc>] (vprintk_emit+0x0/0x594) from [<
c0329718>] (printk+0x3c/0x44)
[<
c03296dc>] (printk+0x0/0x44) from [<
c002929c>] (warn_slowpath_common+0x28/0x6c)
[<
c0029274>] (warn_slowpath_common+0x0/0x6c) from [<
c0029304>] (warn_slowpath_null+0x24/0x2c)
[<
c00292e0>] (warn_slowpath_null+0x0/0x2c) from [<
c0070ab0>] (lockdep_trace_alloc+0xd8/0xf0)
[<
c00709d8>] (lockdep_trace_alloc+0x0/0xf0) from [<
c00c0850>] (kmem_cache_alloc+0x24/0x11c)
[<
c00c082c>] (kmem_cache_alloc+0x0/0x11c) from [<
c00bb044>] (__get_vm_area_node.clone.24+0x7c/0x16c)
[<
c00bafc8>] (__get_vm_area_node.clone.24+0x0/0x16c) from [<
c00bb7b8>] (get_vm_area_caller+0x48/0x54)
[<
c00bb770>] (get_vm_area_caller+0x0/0x54) from [<
c0020064>] (__alloc_remap_buffer.clone.15+0x38/0xb8)
[<
c002002c>] (__alloc_remap_buffer.clone.15+0x0/0xb8) from [<
c0020244>] (__dma_alloc+0x160/0x2c8)
[<
c00200e4>] (__dma_alloc+0x0/0x2c8) from [<
c00204d8>] (arm_dma_alloc+0x88/0xa0)[<
c0020450>] (arm_dma_alloc+0x0/0xa0) from [<
c00beb00>] (dma_pool_alloc+0xcc/0x1a8)
[<
c00bea34>] (dma_pool_alloc+0x0/0x1a8) from [<
c01a9d14>] (pl08x_fill_llis_for_desc+0x28/0x568)
[<
c01a9cec>] (pl08x_fill_llis_for_desc+0x0/0x568) from [<
c01aab8c>] (pl08x_prep_slave_sg+0x258/0x3b0)
[<
c01aa934>] (pl08x_prep_slave_sg+0x0/0x3b0) from [<
c01c9f74>] (pl011_dma_tx_refill+0x140/0x288)
[<
c01c9e34>] (pl011_dma_tx_refill+0x0/0x288) from [<
c01ca748>] (pl011_start_tx+0xe4/0x120)
[<
c01ca664>] (pl011_start_tx+0x0/0x120) from [<
c01c54a4>] (__uart_start+0x48/0x4c)
[<
c01c545c>] (__uart_start+0x0/0x4c) from [<
c01c632c>] (uart_start+0x2c/0x3c)
[<
c01c6300>] (uart_start+0x0/0x3c) from [<
c01c795c>] (uart_write+0xcc/0xf4)
[<
c01c7890>] (uart_write+0x0/0xf4) from [<
c01b0384>] (n_tty_write+0x1c0/0x3e4)
[<
c01b01c4>] (n_tty_write+0x0/0x3e4) from [<
c01acfe8>] (tty_write+0x144/0x240)
[<
c01acea4>] (tty_write+0x0/0x240) from [<
c01ad17c>] (redirected_tty_write+0x98/0xac)
[<
c01ad0e4>] (redirected_tty_write+0x0/0xac) from [<
c00c371c>] (vfs_write+0xbc/0x150)
[<
c00c3660>] (vfs_write+0x0/0x150) from [<
c00c39c0>] (sys_write+0x4c/0x78)
[<
c00c3974>] (sys_write+0x0/0x78) from [<
c0014460>] (ret_fast_syscall+0x0/0x3c)
This happens because the DMA allocation code is not respecting atomic
allocations correctly.
GFP flags should not be tested for GFP_ATOMIC to determine if an
atomic allocation is being requested. GFP_ATOMIC is not a flag but
a value. The GFP bitmask flags are all prefixed with __GFP_.
The rest of the kernel tests for __GFP_WAIT not being set to indicate
an atomic allocation. We need to do the same.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Russell King [Wed, 30 Jan 2013 23:54:26 +0000 (23:54 +0000)]
ARM: realview: ensure that we have sufficient IRQs available
Realview EB with a rev B MPcore tile results in lots of warnings at
boot because it can't allocate enough IRQs. Fix this by increasing
the number of available IRQs.
WARNING: at /home/rmk/git/linux-rmk/arch/arm/common/gic.c:757 gic_init_bases+0x12c/0x2ec()
Cannot allocate irq_descs @ IRQ96, assuming pre-allocated
Modules linked in:
Backtrace:
[<
c00185d8>] (dump_backtrace+0x0/0x10c) from [<
c03294e8>] (dump_stack+0x18/0x1c) r6:
000002f5 r5:
c042c62c r4:
c044ff40 r3:
c045f240
[<
c03294d0>] (dump_stack+0x0/0x1c) from [<
c00292c8>] (warn_slowpath_common+0x54/0x6c)
[<
c0029274>] (warn_slowpath_common+0x0/0x6c) from [<
c0029384>] (warn_slowpath_fmt+0x38/0x40)
[<
c002934c>] (warn_slowpath_fmt+0x0/0x40) from [<
c042c62c>] (gic_init_bases+0x12c/0x2ec)
[<
c042c500>] (gic_init_bases+0x0/0x2ec) from [<
c042cdc8>] (gic_init_irq+0x8c/0xd8)
[<
c042cd3c>] (gic_init_irq+0x0/0xd8) from [<
c042827c>] (init_IRQ+0x1c/0x24)
[<
c0428260>] (init_IRQ+0x0/0x24) from [<
c04256c8>] (start_kernel+0x1a4/0x300)
[<
c0425524>] (start_kernel+0x0/0x300) from [<
70008070>] (0x70008070)
---[ end trace
1b75b31a2719ed1c ]---
------------[ cut here ]------------
WARNING: at /home/rmk/git/linux-rmk/kernel/irq/irqdomain.c:234 irq_domain_add_legacy+0x80/0x140()
Modules linked in:
Backtrace:
[<
c00185d8>] (dump_backtrace+0x0/0x10c) from [<
c03294e8>] (dump_stack+0x18/0x1c) r6:
000000ea r5:
c0081a38 r4:
00000000 r3:
c045f240
[<
c03294d0>] (dump_stack+0x0/0x1c) from [<
c00292c8>] (warn_slowpath_common+0x54/0x6c)
[<
c0029274>] (warn_slowpath_common+0x0/0x6c) from [<
c0029304>] (warn_slowpath_null+0x24/0x2c)
[<
c00292e0>] (warn_slowpath_null+0x0/0x2c) from [<
c0081a38>] (irq_domain_add_legacy+0x80/0x140)
[<
c00819b8>] (irq_domain_add_legacy+0x0/0x140) from [<
c042c64c>] (gic_init_bases+0x14c/0x2ec)
[<
c042c500>] (gic_init_bases+0x0/0x2ec) from [<
c042cdc8>] (gic_init_irq+0x8c/0xd8)
[<
c042cd3c>] (gic_init_irq+0x0/0xd8) from [<
c042827c>] (init_IRQ+0x1c/0x24)
[<
c0428260>] (init_IRQ+0x0/0x24) from [<
c04256c8>] (start_kernel+0x1a4/0x300)
[<
c0425524>] (start_kernel+0x0/0x300) from [<
70008070>] (0x70008070)
---[ end trace
1b75b31a2719ed1d ]---
------------[ cut here ]------------
WARNING: at /home/rmk/git/linux-rmk/arch/arm/common/gic.c:762 gic_init_bases+0x170/0x2ec()
Modules linked in:
Backtrace:
[<
c00185d8>] (dump_backtrace+0x0/0x10c) from [<
c03294e8>] (dump_stack+0x18/0x1c) r6:
000002fa r5:
c042c670 r4:
00000000 r3:
c045f240
[<
c03294d0>] (dump_stack+0x0/0x1c) from [<
c00292c8>] (warn_slowpath_common+0x54/0x6c)
[<
c0029274>] (warn_slowpath_common+0x0/0x6c) from [<
c0029304>] (warn_slowpath_null+0x24/0x2c)
[<
c00292e0>] (warn_slowpath_null+0x0/0x2c) from [<
c042c670>] (gic_init_bases+0x170/0x2ec)
[<
c042c500>] (gic_init_bases+0x0/0x2ec) from [<
c042cdc8>] (gic_init_irq+0x8c/0xd8)
[<
c042cd3c>] (gic_init_irq+0x0/0xd8) from [<
c042827c>] (init_IRQ+0x1c/0x24)
[<
c0428260>] (init_IRQ+0x0/0x24) from [<
c04256c8>] (start_kernel+0x1a4/0x300)
[<
c0425524>] (start_kernel+0x0/0x300) from [<
70008070>] (0x70008070)
---[ end trace
1b75b31a2719ed1e ]---
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Russell King [Wed, 30 Jan 2013 23:49:57 +0000 (23:49 +0000)]
ARM: GIC: fix GIC cpumask initialization
Punit Agrawal reports:
> I was trying to boot 3.8-rc5 on Realview EB 11MPCore using
> realview-smp_defconfig as a starting point but the kernel failed to
> progress past the log below (config attached).
>
> Pawel suggested I try reverting
384a290283f - "ARM: gic: use a private
> mapping for CPU target interfaces" that you've authored. With this
> commit reverted the kernel boots.
>
> I am not quite sure why the commit breaks 11MPCore but Pawel (cc'd)
> might be able to shed light on that.
Some early GIC implementations return zero for the first distributor
CPU routing register. This means we can't rely on that telling us
which CPU interface we're connected to. We know that these platforms
implement PPIs for IRQs 29-31 - but we shouldn't assume that these
will always be populated.
So, instead, scan for a non-zero CPU routing register in the first
32 IRQs and use that as our CPU mask.
Reported-by: Punit Agrawal <punit.agrawal@arm.com>
Reviewed-by: Nicolas Pitre <nico@linaro.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Linus Torvalds [Fri, 8 Feb 2013 08:46:26 +0000 (19:46 +1100)]
Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux
Pull drm regression fix from Dave Airlie:
"This one fixes a sleep while locked regression that was introduced
earlier in 3.8."
* 'drm-fixes' of git://people.freedesktop.org/~airlied/linux:
drm/ttm: fix fence locking in ttm_buffer_object_transfer, 2nd try
Lucas Stach [Thu, 7 Feb 2013 16:18:39 +0000 (16:18 +0000)]
net: usb: fix regression from FLAG_NOARP code
In commit
6509141f9c2ba74df6cc72ec35cd1865276ae3a4 ("usbnet: add new
flag FLAG_NOARP for usb net devices"), the newly added flag NOARP was
using an already defined value, which broke drivers using flag
MULTI_PACKET.
Signed-off-by: Lucas Stach <dev@lynxeye.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric Dumazet [Thu, 7 Feb 2013 14:00:34 +0000 (14:00 +0000)]
l2tp: dont play with skb->truesize
Andrew Savchenko reported a DNS failure and we diagnosed that
some UDP sockets were unable to send more packets because their
sk_wmem_alloc was corrupted after a while (tx_queue column in
following trace)
$ cat /proc/net/udp
sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode ref pointer drops
...
459:
00000000:0270
00000000:0000 07
00000000:
00000000 00:
00000000 00000000 0 0 4507 2
ffff88003d612380 0
466:
00000000:0277
00000000:0000 07
00000000:
00000000 00:
00000000 00000000 0 0 4802 2
ffff88003d613180 0
470:
076A070A:007B
00000000:0000 07
FFFF4600:
00000000 00:
00000000 00000000 123 0 5552 2
ffff880039974380 0
470:
010213AC:007B
00000000:0000 07
00000000:
00000000 00:
00000000 00000000 0 0 4986 2
ffff88003dbd3180 0
470:
010013AC:007B
00000000:0000 07
00000000:
00000000 00:
00000000 00000000 0 0 4985 2
ffff88003dbd2e00 0
470:
00FCA8C0:007B
00000000:0000 07
FFFFFB00:
00000000 00:
00000000 00000000 0 0 4984 2
ffff88003dbd2a80 0
...
Playing with skb->truesize is tricky, especially when
skb is attached to a socket, as we can fool memory charging.
Just remove this code, its not worth trying to be ultra
precise in xmit path.
Reported-by: Andrew Savchenko <bircoph@gmail.com>
Tested-by: Andrew Savchenko <bircoph@gmail.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: James Chapman <jchapman@katalix.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Fri, 8 Feb 2013 04:48:33 +0000 (23:48 -0500)]
Merge branch 'tg3'
Attention linux-next maintainer, you will hit a merge conflict between
this merge and the mips tree, the resolution is to preserve the removal
of uses of nvram_geenv() and nvram_parse_macaddr() from the net-next
side.
Hauke Mehrtens says:
====================
These patches are adding support for the Ethernet core found in the
BCM4705/BCM4785 SoC.
This is based on current master of davem/net-next.git.
v4:
* move setting of DMA_RWCTRL_ONE_DMA
v3:
* combined first two patches into one patch
v2:
* use of struct sprom in ssb_gige_get_macaddr() instead of accessing
the nvram directly
* add return value to ssb_gige_get_macaddr()
* try to read the mac address from ssb core before accessing the own
registers.
* fix two checkpatch warnings
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Hauke Mehrtens [Thu, 7 Feb 2013 05:37:39 +0000 (05:37 +0000)]
tg3: add support for Ethernet core in bcm4785
The BCM4785 or sometimes named BMC4705 is a Broadcom SoC which a
Gigabit 5750 Ethernet core. The core is connected via PCI with the rest
of the SoC, but it uses some extension.
This core does not use a firmware or an eeprom.
Some devices only have a switch which supports 100MBit/s, this
currently does not work with this driver.
This patch was original written by Michael Buesch <m@bues.ch> and is in
OpenWrt for some years now.
This was tested on a Linksys WRT610N V1 and older versions of this patch
were tested by other people on different devices.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Hauke Mehrtens [Thu, 7 Feb 2013 05:37:38 +0000 (05:37 +0000)]
tg3: make it possible to provide phy_id in ioctl
In OpenWrt we currently use a switch driver which uses the ioctls to
configure the switch in the phy. We have to provide the phy_id to do
so, but without this patch this is not possible.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Hauke Mehrtens [Thu, 7 Feb 2013 05:37:37 +0000 (05:37 +0000)]
ssb: get mac address from sprom struct for gige driver
The mac address is already stored in the sprom structure by the
platform code of the SoC this Ethernet core is found on, it just has to
be fetched from this structure instead of accessing the nvram here.
This patch also adds a return value to indicate if a mac address could
be fetched from the sprom structure.
When CONFIG_SSB_DRIVER_GIGE is not set the header file now also declares
ssb_gige_get_macaddr().
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Michael Buesch <m@bues.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
Daniel Borkmann [Thu, 7 Feb 2013 01:41:39 +0000 (01:41 +0000)]
net: sctp: sctp_auth_make_key_vector: remove duplicate ntohs calls
Instead of calling 3 times ntohs(random->param_hdr.length), 2 times
ntohs(hmacs->param_hdr.length), and 3 times ntohs(chunks->param_hdr.length)
within the same function, we only call each once and store it in a
variable.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Daniel Borkmann [Thu, 7 Feb 2013 00:55:37 +0000 (00:55 +0000)]
net: sctp: sctp_auth_key_put: use kzfree instead of kfree
For sensitive data like keying material, it is common practice to zero
out keys before returning the memory back to the allocator. Thus, use
kzfree instead of kfree.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Fri, 8 Feb 2013 04:37:36 +0000 (23:37 -0500)]
Merge branch 'fixes' of git://git./linux/kernel/git/jesse/openvswitch into openvswitch
Jesse Gross says:
====================
One bug fix for net/3.8 for a long standing problem that was reported a few
times recently.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Frank Li [Wed, 6 Feb 2013 14:59:59 +0000 (14:59 +0000)]
net: fec: fix spin_lock dead lock
=========================================================
[ INFO: possible irq lock inversion dependency detected ]
3.8.0-rc5+ #82 Not tainted
---------------------------------------------------------
swapper/0/0 just changed the state of lock:
(&(&fep->hw_lock)->rlock){..-...}, at: [<
8034e2f8>] fec_enet_start_xmit+0x48/0x 2cc
but this lock took another, SOFTIRQ-unsafe lock in the past:
(prepare_lock){+.+.+.}
and interrupts could create inverse lock ordering between them.
other info that might help us debug this:
Possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
lock(prepare_lock);
local_irq_disable()
lock(&(&fep->hw_lock)->rlock);
lock(prepare_lock);
<Interrupt>
lock(&(&fep->hw_lock)->rlock);
*** DEADLOCK ***
Signed-off-by: Frank Li <Frank.Li@freescale.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Frank Li [Wed, 6 Feb 2013 14:59:58 +0000 (14:59 +0000)]
net: fec: correct fix method about miss init spinlock
Old method will cause init spinlock twice.
New method will avoid init spinlock twice and fix miss init spinlock
at fec_restart.
BUG: spinlock bad magic on CPU#1, swapper/0/1
lock: 0xbfae0f8c, .magic:
00000000, .owner: <none>/-1, .owner_cpu: 0
Backtrace:
[<
80011d54>] (dump_backtrace+0x0/0x10c) from [<
804e7800>] (dump_stack+0x18/0x1c)
r6:
bfae0000 r5:
bfae0f8c r4:
00000000 r3:
806c1310
[<
804e77e8>] (dump_stack+0x0/0x1c) from [<
804e9f20>] (spin_dump+0x80/0x94)
[<
804e9ea0>] (spin_dump+0x0/0x94) from [<
804e9f60>] (spin_bug+0x2c/0x30)
r5:
805f6f8c r4:
bfae0f8c
[<
804e9f34>] (spin_bug+0x0/0x30) from [<
80257984>] (do_raw_spin_lock+0x170/0x1b0 )
r5:
806b4950 r4:
bfae0f8c
[<
80257814>] (do_raw_spin_lock+0x0/0x1b0) from [<
804ed15c>] (_raw_spin_lock_irqs ave+0x18/0x20)
[<
804ed144>] (_raw_spin_lock_irqsave+0x0/0x20) from [<
8033c694>] (fec_ptp_start_ cyclecounter+0x3c/0x120)
r4:
bfae0f8c r3:
00000002
[<
8033c658>] (fec_ptp_start_cyclecounter+0x0/0x120) from [<
80339e08>] (fec_resta rt+0x56c/0x5f8)
r8:
00000000 r7:
806e6f48 r6:
00000112 r5:
806b4950 r4:
bfae0000
[<
8033989c>] (fec_restart+0x0/0x5f8) from [<
8033b9e4>] (fec_probe+0x508/0xa48)
Signed-off-by: Frank Li <Frank.Li@freescale.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Tom Herbert [Wed, 6 Feb 2013 07:58:41 +0000 (07:58 +0000)]
mlx4_en: Fix BQL reset TX queue call point
Fix issue in Mellanox driver related to BQL. netdev_tx_reset_queue
was not being called in certain situations where the device was
being start and stopped. Moved netdev_tx_reset_queue from the reset
device path to mlx4_en_free_tx_buf which is where the rings are
cleaned in a reset (specifically from device being stopped).
Signed-off-by: Tom Herbert <therbert@google.com>
Acked-By: Amir Vadai <amirv@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Fri, 8 Feb 2013 04:31:47 +0000 (23:31 -0500)]
Merge branch 'netback'
Ian Campbell says:
====================
The Xen netback implementation contains a couple of flaws which can
allow a guest to cause a DoS in the backend domain, potentially
affecting other domains in the system.
CVE-2013-0216 is a failure to sanity check the ring producer/consumer
pointers which can allow a guest to cause netback to loop for an
extended period preventing other work from occurring.
CVE-2013-0217 is a memory leak on an error path which is guest
triggerable.
The following series contains the fixes for these issues, as previously
included in Xen Security Advisory 39:
http://lists.xen.org/archives/html/xen-announce/2013-02/msg00001.html
Changes in v2:
- Typo and block comment format fixes
- Added stable Cc
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Ian Campbell [Wed, 6 Feb 2013 23:41:38 +0000 (23:41 +0000)]
netback: correct netbk_tx_err to handle wrap around.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Jan Beulich <JBeulich@suse.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ian Campbell [Wed, 6 Feb 2013 23:41:37 +0000 (23:41 +0000)]
xen/netback: free already allocated memory on failure in xen_netbk_get_requests
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Matthew Daley [Wed, 6 Feb 2013 23:41:36 +0000 (23:41 +0000)]
xen/netback: don't leak pages on failure in xen_netbk_tx_check_gop.
Signed-off-by: Matthew Daley <mattjd@gmail.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Jan Beulich <JBeulich@suse.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Ian Campbell [Wed, 6 Feb 2013 23:41:35 +0000 (23:41 +0000)]
xen/netback: shutdown the ring if it contains garbage.
A buggy or malicious frontend should not be able to confuse netback.
If we spot anything which is not as it should be then shutdown the
device and don't try to continue with the ring in a potentially
hostile state. Well behaved and non-hostile frontends will not be
penalised.
As well as making the existing checks for such errors fatal also add a
new check that ensures that there isn't an insane number of requests
on the ring (i.e. more than would fit in the ring). If the ring
contains garbage then previously is was possible to loop over this
insane number, getting an error each time and therefore not generating
any more pending requests and therefore not exiting the loop in
xen_netbk_tx_build_gops for an externded period.
Also turn various netdev_dbg calls which no precipitate a fatal error
into netdev_err, they are rate limited because the device is shutdown
afterwards.
This fixes at least one known DoS/softlockup of the backend domain.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Jan Beulich <JBeulich@suse.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Fri, 8 Feb 2013 04:28:32 +0000 (23:28 -0500)]
Merge branch 'mlx4'
Amir Vadai says:
====================
This series from Yan Burman adds support for unicast MAC address filtering and
ndo FDB operations. It also includes some optimizations to loopback related
decisions and checks in the TX/RX fast path and one cleanup, all in separate
patches.
Today, when adding macvlan devices, the NIC goes into promiscuous mode, since
unicast MAC filtering is not supported. With these changes, macvlan devices can
be added without the penalty of promiscuous mode.
If for some reason adding a unicast address filter fails e.g as of missing space in
the HW mac table, the device forces itself into promiscuous mode (and out of this
forced state when enough space is available).
Also, now it is possible to have bridge under multi-function configuration that include
PF and VFs. In order to use bridge over PF/VFs, VM MAC fdb entries must be added e.g.
using 'bridge fdb add' command.
Changes from v1 - based on more comments from Eric Dumazet:
* added failure handling when adding unicast address filter
Changes from v0 - based on comments from Eric Dumazet:
* Removed unneeded synchronize_rcu()
* Use kfree_rcu() instead of synchronize_rcu() + kfree()
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Yan Burman [Thu, 7 Feb 2013 02:25:27 +0000 (02:25 +0000)]
net/mlx4_en: Implement ndo fdb functionality
Add support for setting embedded switch fdb in case of SRIOV, by
implementing ndo_fdb_{add, del, dump}. This will allow to use
bridged configuration with multi-function. In order to add VM MAC
to the eSwitch fdb, the following command may be used over the relevant function interface:
bridge fdb add <MAC> permanent self dev <IFACE>
Signed-off-by: Yan Burman <yanb@mellanox.com>
Signed-off-by: Amir Vadai <amirv@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yan Burman [Thu, 7 Feb 2013 02:25:26 +0000 (02:25 +0000)]
net/mlx4_en: Add unicast MAC filtering
Implement and advertise unicast MAC filtering, such that setting macvlan
instance over mlx4_en interfaces will not require the networking core
to put mlx4_en devices in promiscuous mode.
If for some reason adding a unicast address filter fails e.g as of missing space in
the HW mac table, the device forces itself into promiscuous mode (and out of this
forced state when enough space is available).
Signed-off-by: Yan Burman <yanb@mellanox.com>
Signed-off-by: Amir Vadai <amirv@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yan Burman [Thu, 7 Feb 2013 02:25:25 +0000 (02:25 +0000)]
net/mlx4_en: Manage hash of MAC addresses per port
As a preparation step for supporting multiple unicast addresses, store MAC addresses in hash table.
Remove the radix tree for MAC addresses per QP, as it's not in use.
Signed-off-by: Yan Burman <yanb@mellanox.com>
Signed-off-by: Amir Vadai <amirv@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yan Burman [Thu, 7 Feb 2013 02:25:24 +0000 (02:25 +0000)]
net/mlx4_en: Save previous MAC address of the port so we can replace it later
In preparation to having more than one unicast MAC per port, we need to keep track
of the previous MAC address in the flow of ndo_set_mac_address,
so that mlx4_en_replace_mac will know what to replace.
Signed-off-by: Yan Burman <yanb@mellanox.com>
Signed-off-by: Amir Vadai <amirv@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yan Burman [Thu, 7 Feb 2013 02:25:23 +0000 (02:25 +0000)]
net/mlx4_en: Re-arrange ndo_set_rx_mode related code
Currently, mlx4_en_do_set_multicast serves as the ndo_set_rx_mode entry for mlx4_en,
doing all related work. Split it to few calls, one per required functionality
(e.g multicast, promiscuous, etc) and rename some structures and calls
to use rx_mode notation instead of multicast.
Signed-off-by: Yan Burman <yanb@mellanox.com>
Signed-off-by: Amir Vadai <amirv@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yan Burman [Thu, 7 Feb 2013 02:25:22 +0000 (02:25 +0000)]
net/mlx4: Move Ethernet related functionality from mlx4_core to mlx4_en
Move low level code that deals with management of Ethernet MACs and QPs from mlx4_core to mlx4_en.
Also convert the new functions to deal with MACs in form of char array instead of u64.
Actual functions moved:
mlx4_replace_mac
mlx4_get_eth_qp
mlx4_put_eth_qp
To conduct this change, some functionality had to be exported from the core,
the following functions were added:
mlx4_get_base_qp
__mlx4_replace_mac (low level function for CX1/A0 compatibility)
Signed-off-by: Yan Burman <yanb@mellanox.com>
Signed-off-by: Amir Vadai <amirv@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yan Burman [Thu, 7 Feb 2013 02:25:21 +0000 (02:25 +0000)]
net/mlx4_en: Cleanup multiline strings
Make the code consistent in regard to error messages
not spanning multiple lines.
Signed-off-by: Yan Burman <yanb@mellanox.com>
Signed-off-by: Amir Vadai <amirv@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yan Burman [Thu, 7 Feb 2013 02:25:20 +0000 (02:25 +0000)]
net/mlx4_en: Optimize Rx fast path filter checks
Currently, RX path code that does RX filtering is not optimized
and does an expensive conversion. In order to use ether_addr_equal_64bits
which is optimized for such cases, we need the MAC address kept by the device
to be in the form of unsigned char array instead of u64. Store the MAC address
as unsigned char array and convert to/from u64 out of the fast path when needed.
Side effect of this is that we no longer need priv->mac, since it's the same
as dev->dev_addr.
This optimization was suggested by Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Yan Burman <yanb@mellanox.com>
Signed-off-by: Amir Vadai <amirv@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Yan Burman [Thu, 7 Feb 2013 02:25:19 +0000 (02:25 +0000)]
net/mlx4_en: Optimize loopback related checks in data path
Currently there are relatively complex conditional checks in the fast path,
for TX loopback enabling and resulting RX filter logic.
Move elaborate if's out of data path, replace them with a single flag
for each state and update that state from appropriate places.
Also, in native (non SRIOV) mode and not in loopback or in selftest,
there is no need to try and filter out packets that HW loopback-ed,
as in native mode we do not loopback packets anymore.
Signed-off-by: Yan Burman <yanb@mellanox.com>
Signed-off-by: Amir Vadai <amirv@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Linus Torvalds [Fri, 8 Feb 2013 01:22:30 +0000 (12:22 +1100)]
Merge tag 'fixes-for-linus' of git://git./linux/kernel/git/rusty/linux
Pull virtio fix from Rusty Russell:
"Obviously I forgot to push this before linux.conf.au..."
* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux:
virtio_console: Don't access uninitialized data.
Linus Torvalds [Fri, 8 Feb 2013 01:15:14 +0000 (12:15 +1100)]
Merge tag 'rdma-for-linus' of git://git./linux/kernel/git/roland/infiniband
Pull IB regression fixes from Roland Dreier:
- Fix mlx4 VFs not working on old guests because of 64B CQE changes
- Fix ill-considered sparse fix for qib
- Fix IPoIB crash due to skb double destruct introduced in 3.8-rc1
* tag 'rdma-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband:
IB/qib: Fix for broken sparse warning fix
mlx4_core: Fix advertisement of wrong PF context behaviour
IPoIB: Fix crash due to skb double destruct
Linus Torvalds [Fri, 8 Feb 2013 01:06:46 +0000 (12:06 +1100)]
Merge branch 'for-linus' of git://git./linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes from Chris Mason:
"We've got corner cases for updating i_size that ceph was hitting,
error handling for quotas when we run out of space, a very subtle
snapshot deletion race, a crash while removing devices, and one
deadlock between subvolume creation and the sb_internal code (thanks
lockdep)."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs:
Btrfs: move d_instantiate outside the transaction during mksubvol
Btrfs: fix EDQUOT handling in btrfs_delalloc_reserve_metadata
Btrfs: fix possible stale data exposure
Btrfs: fix missing i_size update
Btrfs: fix race between snapshot deletion and getting inode
Btrfs: fix missing release of the space/qgroup reservation in start_transaction()
Btrfs: fix wrong sync_writers decrement in btrfs_file_aio_write()
Btrfs: do not merge logged extents if we've removed them from the tree
btrfs: don't try to notify udev about missing devices
Linus Torvalds [Fri, 8 Feb 2013 01:00:44 +0000 (12:00 +1100)]
Merge tag 'pinctrl-for-v3.8-late' of git://git./linux/kernel/git/linusw/linux-pinctrl
Pull late pinctrl fixes from Linus Walleij:
"Two patches appeared as of late, one was completely news to me, the
other one was rotated in -next for the next merge window but turned
out to be a showstopper.
- Exynos Kconfig fixup
- SIRF DT translation bug"
* tag 'pinctrl-for-v3.8-late' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
pinctrl: sirf: replace of_gpio_simple_xlate by sirf specific of_xlate
pinctrl: exynos: change PINCTRL_EXYNOS option
Linus Torvalds [Fri, 8 Feb 2013 00:55:27 +0000 (11:55 +1100)]
Merge tag 'stable/for-linus-3.8-rc6-tag' of git://git./linux/kernel/git/konrad/xen
Pull Xen fixes from Konrad Rzeszutek Wilk:
"This has two fixes. One is a security fix wherein we would spam the
kernel printk buffer if one of the guests was misbehaving. The other
is much tamer and it was us only checking for one type of error from
the IRQ subsystem (when allocating new IRQs) instead of for all of
them.
- Fix an IRQ allocation where we only check for a specific error (-1).
- CVE-2013-0231 / XSA-43. Make xen-pciback rate limit error messages
from xen_pcibk_enable_msi{,x}()"
* tag 'stable/for-linus-3.8-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
xen: fix error handling path if xen_allocate_irq_dynamic fails
xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}()
Linus Torvalds [Fri, 8 Feb 2013 00:52:53 +0000 (11:52 +1100)]
Merge tag 'regulator-v3.8-rc6' of git://git./linux/kernel/git/broonie/regulator
Pull regulator fixes from Mark Brown:
"Mostly driver specific fixes here, though one of them uncovered the
issue Stephen Warren fixed with multiple OF matches getting upset due
to a lack of cleanup."
* tag 'regulator-v3.8-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator:
regulator: s2mps11: fix incorrect register for buck10
regulator: clear state each invocation of of_regulator_match
regulator: max8997: Fix using wrong dev argument at various places
regulator: max77686: Fix using wrong dev argument at various places
regulator: max8907: Fix using wrong dev argument for calling of_regulator_match
regulator: max8998: fix incorrect min_uV value for ldo10
regulator: tps65910: Fix using wrong dev argument for calling of_regulator_match
regulator: tps65217: Fix using wrong dev argument for calling of_regulator_match
Daniel Vetter [Mon, 14 Jan 2013 14:08:14 +0000 (15:08 +0100)]
drm/ttm: fix fence locking in ttm_buffer_object_transfer, 2nd try
This fixes up
commit
e8e89622ed361c46bf90ba4828e685a8b603f7e5
Author: Daniel Vetter <daniel.vetter@ffwll.ch>
Date: Tue Dec 18 22:25:11 2012 +0100
drm/ttm: fix fence locking in ttm_buffer_object_transfer
which leaves behind a might_sleep in atomic context, since the
fence_lock spinlock is held over a kmalloc(GFP_KERNEL) call. The fix
is to revert the above commit and only take the lock where we need it,
around the call to ->sync_obj_ref.
v2: Fixup things noticed by Maarten Lankhorst:
- Brown paper bag locking bug.
- No need for kzalloc if we clear the entire thing on the next line.
- check for bo->sync_obj (totally unlikely race, but still someone
else could have snuck in) and clear fbo->sync_obj if it's cleared
already.
Reported-by: Dave Airlie <airlied@gmail.com>
Cc: Jerome Glisse <jglisse@redhat.com>
Cc: Maarten Lankhorst <maarten.lankhorst@canonical.com>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Sjur Brændeland [Mon, 21 Jan 2013 23:20:26 +0000 (09:50 +1030)]
virtio_console: Don't access uninitialized data.
Don't access uninitialized work-queue when removing device.
The work queue is initialized only if the device multi-queue.
So don't call cancel_work unless this is a multi-queue device.
This fixes the following panic:
Kernel panic - not syncing: BUG!
Call Trace:
62031b28: [<
6026085d>] panic+0x16b/0x2d3
62031b30: [<
6004ef5e>] flush_work+0x0/0x1d7
62031b60: [<
602606f2>] panic+0x0/0x2d3
62031b68: [<
600333b0>] memcpy+0x0/0x140
62031b80: [<
6002d58a>] unblock_signals+0x0/0x84
62031ba0: [<
602609c5>] printk+0x0/0xa0
62031bd8: [<
60264e51>] __mutex_unlock_slowpath+0x13d/0x148
62031c10: [<
6004ef5e>] flush_work+0x0/0x1d7
62031c18: [<
60050234>] try_to_grab_pending+0x0/0x17e
62031c38: [<
6004e984>] get_work_gcwq+0x71/0x8f
62031c48: [<
60050539>] __cancel_work_timer+0x5b/0x115
62031c78: [<
628acc85>] unplug_port+0x0/0x191 [virtio_console]
62031c98: [<
6005061c>] cancel_work_sync+0x12/0x14
62031ca8: [<
628ace96>] virtcons_remove+0x80/0x15c [virtio_console]
62031ce8: [<
628191de>] virtio_dev_remove+0x1e/0x7e [virtio]
62031d08: [<
601cf242>] __device_release_driver+0x75/0xe4
62031d28: [<
601cf2dd>] device_release_driver+0x2c/0x40
62031d48: [<
601ce0dd>] driver_unbind+0x7d/0xc6
62031d88: [<
601cd5d9>] drv_attr_store+0x27/0x29
62031d98: [<
60115f61>] sysfs_write_file+0x100/0x14d
62031df8: [<
600b737d>] vfs_write+0xcb/0x184
62031e08: [<
600b58b8>] filp_close+0x88/0x94
62031e38: [<
600b7686>] sys_write+0x59/0x88
62031e88: [<
6001ced1>] handle_syscall+0x5d/0x80
62031ea8: [<
60030a74>] userspace+0x405/0x531
62031f08: [<
600d32cc>] sys_dup+0x0/0x5e
62031f28: [<
601b11d6>] strcpy+0x0/0x18
62031f38: [<
600be46c>] do_execve+0x10/0x12
62031f48: [<
600184c7>] run_init_process+0x43/0x45
62031fd8: [<
60019a91>] new_thread_handler+0xba/0xbc
Signed-off-by: Sjur Brændeland <sjur.brandeland@stericsson.com>
Cc: stable@kernel.org
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Linus Torvalds [Wed, 6 Feb 2013 21:43:30 +0000 (08:43 +1100)]
Merge tag 'sound-3.8' of git://git./linux/kernel/git/tiwai/sound
Pull sound fixes from Takashi Iwai:
"Just a couple of build regression fixes for ASoC fsl stuff. It
doesn't look too trivial, but neither intrusive, so hopefully I can
avoid your curse..."
Hey, Takashi has a good track record, I think he gets a pass..
* tag 'sound-3.8' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
ASoC: fsl: fix snd-soc-imx-pcm module build
Revert "ASoC: fsl: fix multiple definition of init_module"
Linus Torvalds [Wed, 6 Feb 2013 21:38:33 +0000 (08:38 +1100)]
Merge branch 'for-linus' of git://git.kernel.dk/linux-block
Pull block layer updates from Jens Axboe:
"I've got a few bits pending for 3.8 final, that I better get sent out.
It's all been sitting for a while, I consider it safe.
It contains:
- Two bug fixes for mtip32xx, fixing a driver hang and a crash.
- A few-liner protocol error fix for drbd.
- A few fixes for the xen block front/back driver, fixing a potential
data corruption issue.
- A race fix for disk_clear_events(), causing spurious warnings. Out
of the Chrome OS base.
- A deadlock fix for disk_clear_events(), moving it to the a
unfreezable workqueue. Also from the Chrome OS base."
* 'for-linus' of git://git.kernel.dk/linux-block:
drbd: fix potential protocol error and resulting disconnect/reconnect
mtip32xx: fix for crash when the device surprise removed during rebuild
mtip32xx: fix for driver hang after a command timeout
block: prevent race/cleanup
block: remove deadlock in disk_clear_events
xen-blkfront: handle bvecs with partial data
llist/xen-blkfront: implement safe version of llist_for_each_entry
xen-blkback: implement safe iterator for the list of persistent grants
Bjørn Mork [Wed, 6 Feb 2013 05:22:08 +0000 (05:22 +0000)]
net: qmi_wwan: add more Huawei devices, including E320
Adding new class/subclass/protocol combinations based on the GPLed
out-of-tree Huawei driver. One of these has already appeared on a
device labelled as "E320".
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: David S. Miller <davem@davemloft.net>
Bjørn Mork [Wed, 6 Feb 2013 05:21:53 +0000 (05:21 +0000)]
net: cdc_ncm: add another Huawei vendor specific device
Adding a new vendor specific class/subclass/protocol combination
for CDC NCM devices based on information from a GPLed out-of-tree
driver from Huawei.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: David S. Miller <davem@davemloft.net>
Hauke Mehrtens [Wed, 6 Feb 2013 05:51:49 +0000 (05:51 +0000)]
bgmac: add ndo_set_rx_mode netdev ops
When changing the device from or to promisc mode this only affects the
device after the device is bought up the next time. For bridging it is
needed to change the device to promisc mode while it is up, which is
possible with this patch.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Hauke Mehrtens [Wed, 6 Feb 2013 04:44:59 +0000 (04:44 +0000)]
bgmac: add generic ndo_validate_addr netdev ops
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Hauke Mehrtens [Wed, 6 Feb 2013 04:44:58 +0000 (04:44 +0000)]
bgmac: write mac address to hardware in ndo_set_mac_address
The generic implementation just changes the netdev struct and does not
write the new mac address to the hardware or issues some command to do
so.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Hauke Mehrtens [Wed, 6 Feb 2013 04:44:57 +0000 (04:44 +0000)]
bgmac: implement missing code for BCM53572
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Tommi Rantala [Wed, 6 Feb 2013 03:24:02 +0000 (03:24 +0000)]
ipv6/ip6_gre: fix error case handling in ip6gre_tunnel_xmit()
ip6gre_tunnel_xmit() is leaking the skb when we hit this error branch,
and the -1 return value from this function is bogus. Use the error
handling we already have in place in ip6gre_tunnel_xmit() for this error
case to fix this.
Signed-off-by: Tommi Rantala <tt.rantala@gmail.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric Dumazet [Tue, 5 Feb 2013 20:22:50 +0000 (20:22 +0000)]
macvlan: add multicast filter
Setting up IPv6 addresses on configurations with many macvlans
is not really working, as many multicast messages are dropped.
Add a multicast filter to macvlan to reduce the amount of cloned
skbs and overhead.
Successfully tested with 1024 macvlans on one ethernet device.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Ben Greear <greearb@candelatech.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Eric Dumazet [Tue, 5 Feb 2013 20:22:20 +0000 (20:22 +0000)]
net: reset mac header in dev_start_xmit()
On 64 bit arches :
There is a off-by-one error in qdisc_pkt_len_init() because
mac_header is not set in xmit path.
skb_mac_header() returns an out of bound value that was
harmless because hdr_len is an 'unsigned int'
On 32bit arches, the error is abysmal.
This patch is also a prereq for "macvlan: add multicast filter"
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Ben Greear <greearb@candelatech.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Cong Wang [Tue, 5 Feb 2013 16:36:38 +0000 (16:36 +0000)]
net: adjust skb_gso_segment() for calling in rx path
skb_gso_segment() is almost always called in tx path,
except for openvswitch. It calls this function when
it receives the packet and tries to queue it to user-space.
In this special case, the ->ip_summed check inside
skb_gso_segment() is no longer true, as ->ip_summed value
has different meanings on rx path.
This patch adjusts skb_gso_segment() so that we can at least
avoid such warnings on checksum.
Cc: Jesse Gross <jesse@nicira.com>
Cc: David S. Miller <davem@davemloft.net>
Signed-off-by: Cong Wang <amwang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Aring [Tue, 5 Feb 2013 10:23:44 +0000 (10:23 +0000)]
wpan: use stack buffer instead of heap
head buffer is only temporary available in mac802154_header_create.
So it's not necessary to put it on the heap.
Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Aring [Tue, 5 Feb 2013 10:23:43 +0000 (10:23 +0000)]
6lowpan: use stack buffer instead of heap
head buffer is only temporary available in lowpan_header_create.
So it's not necessary to put it on the heap.
Also fixed a comment codestyle issue.
Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Wed, 6 Feb 2013 20:54:38 +0000 (15:54 -0500)]
6lowpan: Remove __init tag from lowpan_netlink_fini().
It's called from both __init and __exit code, so neither
tag is appropriate.
Signed-off-by: David S. Miller <davem@davemloft.net>
Ilpo Järvinen [Mon, 4 Feb 2013 02:14:25 +0000 (02:14 +0000)]
tcp: fix for zero packets_in_flight was too broad
There are transients during normal FRTO procedure during which
the packets_in_flight can go to zero between write_queue state
updates and firing the resulting segments out. As FRTO processing
occurs during that window the check must be more precise to
not match "spuriously" :-). More specificly, e.g., when
packets_in_flight is zero but FLAG_DATA_ACKED is true the problematic
branch that set cwnd into zero would not be taken and new segments
might be sent out later.
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Tested-by: Eric Dumazet <edumazet@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Flavio Leitner [Tue, 5 Feb 2013 09:30:55 +0000 (09:30 +0000)]
team: allow userspace to take control over carrier
Some modes don't require any special carrier handling so
in these cases, the kernel can control the carrier as for
any other interface. However, some other modes, e.g. lacp,
requires more than just that, so userspace needs to control
the carrier itself.
The daemon today is ready to control it, but the kernel
still can change it based on events.
This fix so that either kernel or userspace is controlling
the carrier.
Signed-off-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Jiri Pirko <jiri@resnulli.us>
Signed-off-by: David S. Miller <davem@davemloft.net>
Mugunthan V N [Tue, 5 Feb 2013 08:26:48 +0000 (08:26 +0000)]
drivers: net:ethernet: cpsw: add support for VLAN
adding support for VLAN interface for cpsw.
CPSW VLAN Capability
* Can filter VLAN packets in Hardware
Signed-off-by: Mugunthan V N <mugunthanvnm@ti.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Mugunthan V N [Tue, 5 Feb 2013 08:26:47 +0000 (08:26 +0000)]
drivers: net: cpsw: Add helper functions for VLAN ALE implementation
Add helper functions for VLAN ALE implementations for Add, Delete
Dump VLAN related ALE entries
Signed-off-by: Mugunthan V N <mugunthanvnm@ti.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Neil Horman [Tue, 5 Feb 2013 08:05:43 +0000 (08:05 +0000)]
netpoll: protect napi_poll and poll_controller during dev_[open|close]
Ivan Vercera was recently backporting commit
9c13cb8bb477a83b9a3c9e5a5478a4e21294a760 to a RHEL kernel, and I noticed that,
while this patch protects the tg3 driver from having its ndo_poll_controller
routine called during device initalization, it does nothing for the driver
during shutdown. I.e. it would be entirely possible to have the
ndo_poll_controller method (or subsequently the ndo_poll) routine called for a
driver in the netpoll path on CPU A while in parallel on CPU B, the ndo_close or
ndo_open routine could be called. Given that the two latter routines tend to
initizlize and free many data structures that the former two rely on, the result
can easily be data corruption or various other crashes. Furthermore, it seems
that this is potentially a problem with all net drivers that support netpoll,
and so this should ideally be fixed in a common path.
As Ben H Pointed out to me, we can't preform dev_open/dev_close in atomic
context, so I've come up with this solution. We can use a mutex to sleep in
open/close paths and just do a mutex_trylock in the napi poll path and abandon
the poll attempt if we're locked, as we'll just retry the poll on the next send
anyway.
I've tested this here by flooding netconsole with messages on a system whos nic
driver I modfied to periodically return NETDEV_TX_BUSY, so that the netpoll tx
workqueue would be forced to send frames and poll the device. While this was
going on I rapidly ifdown/up'ed the interface and watched for any problems.
I've not found any.
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
CC: Ivan Vecera <ivecera@redhat.com>
CC: "David S. Miller" <davem@davemloft.net>
CC: Ben Hutchings <bhutchings@solarflare.com>
CC: Francois Romieu <romieu@fr.zoreil.com>
CC: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Alexander Aring [Tue, 5 Feb 2013 04:25:35 +0000 (04:25 +0000)]
wpan: whitespace fix
Signed-off-by: Alexander Aring <alex.aring@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Steffen Klassert [Tue, 5 Feb 2013 01:48:05 +0000 (01:48 +0000)]
ipv6: Don't send packet to big messages to self
Calling icmpv6_send() on a local message size error leads to an
incorrect update of the path mtu in the case when IPsec is used.
So use ipv6_local_error() instead to notify the socket about the
error.
Reported-by: Jiri Bohac <jbohac@suse.cz>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Joe Perches [Mon, 4 Feb 2013 18:22:29 +0000 (18:22 +0000)]
drivers: net: misc: Remove unused OOM variables
commits
9d11bd159
("wimax: Remove unnecessary alloc/OOM messages, alloc cleanups")
and
b2adaca92
("ethernet: Remove unnecessary alloc/OOM messages, alloc cleanups")
added a couple of unused variable warnings.
Remove the now unused variables.
Noticed-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Joe Perches [Mon, 4 Feb 2013 16:48:16 +0000 (16:48 +0000)]
net: core: Remove unnecessary alloc/OOM messages
alloc failures already get standardized OOM
messages and a dump_stack.
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Wed, 6 Feb 2013 19:51:14 +0000 (14:51 -0500)]
Merge branch 'wireless'
John W. Linville says:
====================
Please consider this pull request for the 3.8 stream...
Included is a bluetooth pull. Gustavo says:
"Two simple fixes for 3.8. One of the patches fixes a situation
where the connection wasn't terminated if a timeout ocurrs for LE
an SCO connections. The other fixes prevent NULL dereference in the
SMP code, it is a security fix as well."
Along with those...
Hauke Mehrtens provides a couple of ssb and bcma bus fixes that
prevent oopses when unloading those modules.
Larry Finger provides and rtlwifi fix to avoid a "scheduling while
atomic" bug.
Last but certainly not least, Arend van Spriel bring a brcmsmac fix that
reworks the mac80211 .flush() callback in order to avoid the dreaded
brcms_c_wait_for_tx_completion warnings. This one looks a little
large, but I think it is safe and isolated to brcmsmac in any case.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
John W. Linville [Wed, 6 Feb 2013 18:55:44 +0000 (13:55 -0500)]
Merge branch 'master' of git://git./linux/kernel/git/linville/wireless into for-davem
Chris Mason [Wed, 6 Feb 2013 17:06:02 +0000 (12:06 -0500)]
Btrfs: move d_instantiate outside the transaction during mksubvol
Dave Sterba triggered a lockdep complaint about lock ordering
between the sb_internal lock and the cleaner semaphore.
btrfs_lookup_dentry() checks for orphans if we're looking up
the inode for a subvolume, and subvolume creation is triggering
the lookup with a transaction running.
This commit moves the d_instantiate after the transaction closes.
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
Wei Liu [Thu, 31 Jan 2013 14:46:56 +0000 (14:46 +0000)]
xen: fix error handling path if xen_allocate_irq_dynamic fails
It is possible that the call to xen_allocate_irq_dynamic() returns negative
number other than -1.
Reviewed-by: David Vrabel <david.vrabel@citrix.com>
Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Jan Beulich [Wed, 6 Feb 2013 15:30:38 +0000 (10:30 -0500)]
xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}()
... as being guest triggerable (e.g. by invoking
XEN_PCI_OP_enable_msi{,x} on a device not being MSI/MSI-X capable).
This is CVE-2013-0231 / XSA-43.
Also make the two messages uniform in both their wording and severity.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Takashi Iwai [Wed, 6 Feb 2013 14:16:58 +0000 (15:16 +0100)]
Merge branch 'fix/fsl' of git://git./linux/kernel/git/broonie/sound into for-linus-uncursed
We need this for fixing build error regressions in soc/fsl.
Jan Schmidt [Mon, 28 Jan 2013 06:26:00 +0000 (23:26 -0700)]
Btrfs: fix EDQUOT handling in btrfs_delalloc_reserve_metadata
When btrfs_qgroup_reserve returned a failure, we were missing a counter
operation for BTRFS_I(inode)->outstanding_extents++, leading to warning
messages about outstanding extents and space_info->bytes_may_use != 0.
Additionally, the error handling code didn't take into account that we
dropped the inode lock which might require more cleanup.
Luckily, all the cleanup code we need is already there and can be shared
with reserve_metadata_bytes, which is exactly what this patch does.
Reported-by: Lev Vainblat <lev@zadarastorage.com>
Signed-off-by: Jan Schmidt <list.btrfs@jan-o-sch.net>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
Mark Brown [Wed, 6 Feb 2013 11:28:53 +0000 (11:28 +0000)]
Merge remote-tracking branch 'regulator/fix/tps65910' into tmp
Mark Brown [Wed, 6 Feb 2013 11:28:52 +0000 (11:28 +0000)]
Merge remote-tracking branch 'regulator/fix/tps65217' into tmp
Mark Brown [Wed, 6 Feb 2013 11:28:51 +0000 (11:28 +0000)]
Merge remote-tracking branch 'regulator/fix/s2mps11' into tmp
Mark Brown [Wed, 6 Feb 2013 11:28:51 +0000 (11:28 +0000)]
Merge remote-tracking branch 'regulator/fix/of' into tmp
Mark Brown [Wed, 6 Feb 2013 11:28:50 +0000 (11:28 +0000)]
Merge remote-tracking branch 'regulator/fix/max8998' into tmp
Mark Brown [Wed, 6 Feb 2013 11:28:49 +0000 (11:28 +0000)]
Merge remote-tracking branch 'regulator/fix/max8997' into tmp
Mark Brown [Wed, 6 Feb 2013 11:28:48 +0000 (11:28 +0000)]
Merge remote-tracking branch 'regulator/fix/max8907' into tmp
Mark Brown [Wed, 6 Feb 2013 11:28:48 +0000 (11:28 +0000)]
Merge remote-tracking branch 'regulator/fix/max77686' into tmp
Chris Mason [Wed, 6 Feb 2013 00:24:44 +0000 (19:24 -0500)]
Merge git://git./linux/kernel/git/josef/btrfs-next.git for-chris into for-linus
Linus Torvalds [Tue, 5 Feb 2013 21:36:12 +0000 (08:36 +1100)]
Merge branch 'v4l_for_linus' of git://git./linux/kernel/git/mchehab/linux-media
Pull media fixes from Mauro Carvalho Chehab:
"For a regression fix on a few radio drivers that were preventing radio
TX to work on those devices"
* 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media:
[media] radio: set vfl_dir correctly to fix modulator regression