The following commit [0] fixed a use-after-free, but left the subdrv open
in the error path.
[0] commit 6ca605f7c7
drm/exynos: Fix freeing issues in exynos_drm_drv.c
Signed-off-by: Daniel Kurtz <djkurtz@chromium.org>
Acked-by: Sachin Kamat <sachin.kamat@linaro.org>
Signed-off-by: Inki Dae <inki.dae@samsung.com>
Fix some "Bad rss-counter state" reports on exit, arising from the
interaction between page migration and remap_file_pages(): zap_pte()
must count a migration entry when zapping it.
And yes, it is possible (though very unusual) to find an anon page or
swap entry in a VM_SHARED nonlinear mapping: coming from that horrid
get_user_pages(write, force) case which COWs even in a shared mapping.
Signed-off-by: Hugh Dickins <hughd@google.com>
Tested-by: Sasha Levin sasha.levin@oracle.com>
Tested-by: Dave Jones davej@redhat.com>
Cc: Cyrill Gorcunov <gorcunov@gmail.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Resource management
- Revert "Insert GART region into resource map"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJTKdCYAAoJEFmIoMA60/r88lMP/3Njn9KD69FNU+Hphs5ExbQG
OtqudAWiJBPAabsvXAJNHh/osCJJcPgewzKGOX9dboEP3eL/bCibT2dKgXIjxRav
WULAlINj6x1h3K+/+VlBVsW0W/DcnK7zIQ0O7Qjqh8f0E2v7+nB5/tOOQ6gQeqxH
kp7jzBxdTUfVeZtfwY80ccHM2zI/nqm6/p5PobMt3G8vsdamxNGDjHDlOlqARgNs
/nP26/XusS9Uw0MI7wwuALgLNLNMbLWMmKBfz1n7Gw3wUvWvQeK+ib67gyTgoVT7
VVDuFn8bg3hMqVwlCrBU8SnS83/dQlSl0fze0gL4UMPH+AGxHnTPCeirOkEhvtDY
krVuiber7PAkj5dz0ApRR9nawHSh20Y7WJxLDYrpILo8C3e4pXcGRVsm4d8e3GuP
zYwD/6OH6SgMdozc456Jb1qSaXDfLfVffYKcjLS+5bPstP+QIFSUdJdhRrsOKZGn
VuIvqXioKeBYe4QqJYGt7cMWdRXTqkrYXOV5N1qPOqBloc83sRdQWtSqHivISma9
rIeyBCAA30SYtr9FF0n/up8Mw9AhNukfcKuouWUuDV/FeMRbMbblvw8Vgnq8eXY9
fLqUMOTPnE0nz5hScHPfTolQ6ATghh/sk6EOkD4gvvfS7+Ul5oiduE+rBOb2eY2Q
M6/H1MT1OiNKcRROt0q6
=yDUb
-----END PGP SIGNATURE-----
Merge tag 'pci-v3.14-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci
Pull PCI resource management fix from Bjorn Helgaas:
"This is a fix for an AGP regression exposed by e501b3d87f ("agp:
Support 64-bit APBASE"), which we merged in v3.14-rc1.
We've warned about the conflict between the GART and PCI resources and
cleared out the PCI resource for a long time, but after e501b3d87f,
we still *use* that cleared-out PCI resource. I think the GART
resource is incorrect, so this patch removes it"
* tag 'pci-v3.14-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
Revert "[PATCH] Insert GART region into resource map"
Pull cgroup fix from Tejun Heo:
"One really late cgroup patch to fix error path in create_css().
Hitting this bug would be pretty rare but still possible and it gets
delayed we'd need to backport it through -stable anyway. It only
updates error path in create_css() and has low chance of new
breakages"
* 'for-3.14-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup:
cgroup: fix a failure path in create_css()
Due to name collision in ftrace safe_load and safe_store macros,
these macros cannot take expressions as operands.
For example, compiler will complain for a macro call like the following:
safe_store_code(new_code2, ip + 4, faulted);
arch/mips/include/asm/ftrace.h:61:6: note: in definition of macro 'safe_store'
: [dst] "r" (dst), [src] "r" (src)\
^
arch/mips/kernel/ftrace.c:118:2: note: in expansion of macro 'safe_store_code'
safe_store_code(new_code2, ip + 4, faulted);
^
arch/mips/kernel/ftrace.c:118:32: error: undefined named operand 'ip + 4'
safe_store_code(new_code2, ip + 4, faulted);
^
arch/mips/include/asm/ftrace.h:61:6: note: in definition of macro 'safe_store'
: [dst] "r" (dst), [src] "r" (src)\
^
arch/mips/kernel/ftrace.c:118:2: note: in expansion of macro 'safe_store_code'
safe_store_code(new_code2, ip + 4, faulted);
^
This build error is triggered by a4671094 [MIPS: ftrace: Fix icache flush
range error]. Tweak variable naming in those macros to allow flexible
operands.
Signed-off-by: Viller Hsiao <villerhsiao@gmail.com>
Cc: linux-mips@linux-mips.org
Cc: rostedt@goodmis.org
Cc: fweisbec@gmail.com
Cc: mingo@redhat.com
Cc: Qais.Yousef@imgtec.com
Patchwork: https://patchwork.linux-mips.org/patch/6622/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
two more fixes, both regressions.
* tag 'drm-intel-fixes-2014-03-19' of git://anongit.freedesktop.org/drm-intel:
drm/i915: Disable stolen memory when DMAR is active
Revert "drm/i915: don't touch the VDD when disabling the panel"
Currently, via-rhine fails to call pci_disable_device() for errors
in rhine_init_one().
Reported-by: Huqiu Liu <liuhq11@mails.tsinghua.edu.cn>
Signed-off-by: Roger Luethi <rl@hellgate.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pull timer fix from Thomas Gleixner:
"A single bugfix: make the scheduler clock on Vybrid SoCs count
forward"
* 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
clocksource: vf_pit_timer: use complement for sched_clock reading
The snd_compr_open function would always return 0 even if the compressed
ops open function failed, obviously this is incorrect. Looks like this
was introduced by a small typo in:
commit a0830dbd4e
ALSA: Add a reference counter to card instance
This patch returns the value from the compressed op as it should.
Signed-off-by: Charles Keepax <ckeepax@opensource.wolfsonmicro.com>
Acked-by: Vinod Koul <vinod.koul@intel.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
We have reports of heavy screen corruption if we try to use the stolen
memory reserved by the BIOS whilst the DMA-Remapper is active. This
quirk may be only specific to a few machines or BIOSes, but first lets
apply the big hammer and always disable use of stolen memory when DMAR
is active.
v2 by Jani: Rebase on -fixes, only look at intel_iommu_gfx_mapped.
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=68535
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: stable@vger.kernel.org
Signed-off-by: Jani Nikula <jani.nikula@intel.com>
This reverts
commit dff392dbd2
Author: Paulo Zanoni <paulo.r.zanoni@intel.com>
Date: Fri Dec 6 17:32:41 2013 -0200
drm/i915: don't touch the VDD when disabling the panel
which didn't take into account
commit 6cb49835da
Author: Daniel Vetter <daniel.vetter@ffwll.ch>
Date: Sun May 20 17:14:50 2012 +0200
drm/i915: enable vdd when switching off the eDP panel
and
commit 35a38556d9
Author: Daniel Vetter <daniel.vetter@ffwll.ch>
Date: Sun Aug 12 22:17:14 2012 +0200
drm/i915: reorder edp disabling to fix ivb MacBook Air
Unsurprisingly, various MacBooks failed.
Effectively the same has already been done in drm-intel-next-queued.
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=74628
Tested-by: Patrik Jakobsson <patrik.r.jakobsson@gmail.com>
Cc: Paulo Zanoni <paulo.r.zanoni@intel.com>
Acked-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Signed-off-by: Jani Nikula <jani.nikula@intel.com>
If online_css() fails, we should remove cgroup files belonging
to css->ss.
Signed-off-by: Li Zefan <lizefan@huawei.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
This reverts commit 56dd669a13, which makes the GART visible in
/proc/iomem. This fixes a regression: e501b3d87f ("agp: Support 64-bit
APBASE") exposed an existing problem with a conflict between the GART
region and a PCI BAR region.
The GART addresses are bus addresses, not CPU addresses, and therefore
should not be inserted in iomem_resource.
On many machines, the GART region is addressable by the CPU as well as by
an AGP master, but CPU addressability is not required by the spec. On some
of these machines, the GART is mapped by a PCI BAR, and in that case, the
PCI core automatically inserts it into iomem_resource, just as it does for
all BARs.
Inserting it here means we'll have a conflict if the PCI core later tries
to claim the GART region, so let's drop the insertion here.
The conflict indirectly causes X failures, as reported by Jouni in the
bugzilla below. We detected the conflict even before e501b3d87f, but
after it the AGP code (fix_northbridge()) uses the PCI resource (which is
zeroed because of the conflict) instead of reading the BAR again.
Conflicts:
arch/x86_64/kernel/aperture.c
Fixes: e501b3d87f agp: Support 64-bit APBASE
Link: https://bugzilla.kernel.org/show_bug.cgi?id=72201
Reported-and-tested-by: Jouni Mettälä <jtmettala@gmail.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Use pci_iounmap instead of iounmap when the virtual mapping was done
with pci_iomap. A simplified version of the semantic patch that finds this
issue is as follows: (http://coccinelle.lip6.fr/)
// <smpl>
@r@
expression addr;
@@
addr = pci_iomap(...)
@rr@
expression r.addr;
@@
* iounmap(addr)
// </smpl>
Signed-off-by: Peter Senna Tschudin <peter.senna@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch fixes a NULL pointer dereference in the event of an
skb allocation failure in arp_reduce().
Signed-Off-By: David L Stevens <dlstevens@us.ibm.com>
Acked-by: Cong Wang <cwang@twopensource.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Michael Chan says:
====================
cnic bug fixes for net-next
Michael Chan (3):
cnic: Use proper ulp_ops for per device operations.
cnic,bnx2i,bnx2fc: Fix inconsistent use of page size
cnic: Update version to 2.5.20 and copyright year.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
The bnx2/bnx2x rings are made up of linked pages. However there is an
upper limit on the page size as some the page size settings are 16-bit
in the hardware/firmware interface. In the current code, some parts
use BNX2_PAGE_SIZE which has a 16K upper limit and some parts use
PAGE_SIZE. On archs with >= 64K PAGE_SIZE, it generates some compile
warnings. Define a new CNIC_PAGE_SZIE which has an upper limit of
16K and use it consistently in all relevant parts.
Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: Eddie Wai <eddie.wai@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
For per device operations, cnic needs to dereference the RCU protected
cp->ulp_ops instead of the global cnic_ulp_tbl. In 2 locations,
cnic_send_nlmsg() and cnic_copy_ulp_stats(), it was referencing the
global table. If the device has been unregistered and these functions
are still being called (very unlikely scenarios), it could lead to NULL
pointer dereference.
Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This is a context modified revert of commit 6a9612e2cb
("net: cdc_ncm: remove ncm_parm field") which introduced
a NCM specification violation, causing setup errors for
some devices. These errors resulted in the device and
host disagreeing about shared settings, with complete
failure to communicate as the end result.
The NCM specification require that many of the NCM specific
control reuests are sent only while the NCM Data Interface
is in alternate setting 0. Reverting the commit ensures that
we follow this requirement.
Fixes: 6a9612e2cb ("net: cdc_ncm: remove ncm_parm field")
Reported-and-tested-by: Pasi Kärkkäinen <pasik@iki.fi>
Reported-by: Thomas Schäfer <tschaefer@t-online.de>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: David S. Miller <davem@davemloft.net>
In ip6_append_data_mtu(), when the xfrm mode is not tunnel(such as
transport),the ipsec header need to be added in the first fragment, so the mtu
will decrease to reserve space for it, then the second fragment come, the mtu
should be turn back, as the commit 0c1833797a
said. however, in the commit a493e60ac4bbe2e977e7129d6d8cbb0dd236be, it use
*mtu = min(*mtu, ...) to change the mtu, which lead to the new mtu is alway
equal with the first fragment's. and cannot turn back.
when I test through ping6 -c1 -s5000 $ip (mtu=1280):
...frag (0|1232) ESP(spi=0x00002000,seq=0xb), length 1232
...frag (1232|1216)
...frag (2448|1216)
...frag (3664|1216)
...frag (4880|164)
which should be:
...frag (0|1232) ESP(spi=0x00001000,seq=0x1), length 1232
...frag (1232|1232)
...frag (2464|1232)
...frag (3696|1232)
...frag (4928|116)
so delete the min() when change back the mtu.
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Fixes: 75a493e60a ("ipv6: ip6_append_data_mtu did not care about pmtudisc and frag_size")
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
The Kconfig symbol ISDN_CAPI_MIDDLEWARE is only used in capi.c. Setting
it without setting ISDN_CAPI_CAPI20 is therefor useless. Make it depend
on ISDN_CAPI_CAPI20 and put its entry after ISDN_CAPI_CAPI20's entry.
Signed-off-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: David S. Miller <davem@davemloft.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAABAgAGBQJTItl6AAoJEBvWZb6bTYby/EMP/A+/l9rU9oji5nns2ei2YVf7
kmnpshb2rgDP6gTtPet3qPKcSUNq4bG7zPEZ04FG5H70PduDYBWchfT/jTZKxcBB
rZgtrsMAzGjoxvtsQAc1yQiMtlkG28HD3yn0TC7BvazTQlZnzHVZTmiCZc9r0Qo7
SjLslo00ITbhRVwkLi1cuSeuaNcim1WDgxeUFhpRd48HoywtkzGLGuU8dWmakwb0
IDoo6X9srNlmZgrRdMaBS3agQtt1GoOE2T/KaJbnJ6lmnkGzBVKrw8kIZamQlwnK
GnmJAM//1zu4eoWJquNuc9wqsZK2t0e68LXAL9HLeMQGyl1YBh5hTiInTUnXiCAI
D/r/rkF2lqPgKotDBY/Q1l0bHABR53MOwa5ooZANLatnTwTv4gSpM8L1CAnekGhq
dxqVYqeJr1+ZemhalO1pbi/V9CfpJHBBye9JDan8rJmkj25kCH7PF3BxLYgKckQs
OtfZyOqpsZSCvpzFQa70VmWTGDqOxk686/R9ql88sdGbgyzZOHxHCeMIoAgCah6c
o5s1CktKKLOmC2M6NNn1z44V1/LmmC2fgKuaSjI/y7rjgGwRoGrAV1giVMdnTc5y
hGo4fD83/zHJnkafVdBQbmkKP69bC65a0w4iLXSxOKkPtHCI3c2IrZpovAC42aTp
iREImat0+YzW4hDRI+qa
=uZp5
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull another kvm fix from Paolo Bonzini:
"A fix for a PowerPC bug that was introduced during the 3.14 merge
window"
* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
KVM: PPC: Book3S HV: Fix register usage when loading/saving VRSAVE
KVM: PPC: Book3S HV: Remove bogus duplicate code
Steffen Klassert says:
====================
1) Fix a sleep in atomic when pfkey_sadb2xfrm_user_sec_ctx()
is called from pfkey_compile_policy().
Fix from Nikolay Aleksandrov.
2) security_xfrm_policy_alloc() can be called in process and atomic
context. Add an argument to let the callers choose the appropriate
way. Fix from Nikolay Aleksandrov.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
The code introduced in commit 1f91ecc14d ("ALSA: oxygen: modify
adjust_dg_dac_routing function") accidentally disregarded the old value
of the playback routing register, so it broke the "Stereo Upmixing"
mixer control.
The unmuted parts of the channel routing are the same for all settings
of the output destination, so it suffices to revert that part of the
patch.
Fixes: 1f91ecc14d ('ALSA: oxygen: modify adjust_dg_dac_routing function')
Tested-by: Roman Volkov <v1ron@mail.ru>
Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
. Make 'perf bench mem' (i.e. no args) mean 'run all tests' so that we can run
all tests, not stopping at the numa ones. (Arnaldo Carvalho de Melo)
. Fix NULL pointer dereference after last test in in "perf bench all" (Patrick Palka)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJTIzp1AAoJENZQFvNTUqpAYo8P/0Wx6kEI6OhTWQYHYh7OTSjs
StTwVr9v8q1IVoGsWQF0ehqVP1KErBPWAlwp6EzvKJt4XIDe8JfGWqoAo3fbSRUz
j8I7fCqvZC12Befgq035EILCTuaR6OWTOPdwkGr28QSTA5Cfni8LeziizlVPQEt6
52OR1A4vmOZ9ZLA0YXlbjQH70+HdGff86iDkBVQHL+koYjg1itAEY0p//qkLqSMk
v8pjyzdq6mMdpemiqE2caUp/tVUuJhAHTQ8tyaVmETPzNE6uDsk/De9lqvPULAa+
PYhrafFyFUdL5Ee9hJMpFoehYofg8mr5JKTh7SVX/S0EWKzo8Fry+A0BHaZgchlj
0ibey6l85N6dBp9/Ye78In4Tc1BcqG4i9QouMHawFqdMdhA3WdkMLjl9LVu3PY1C
qdFQkTyIC7LYqefSS+hx7WmXugxrrwXTLy6UTX/hzjufaUuu5br9+jr6qYiQsS6G
Exa1tSetfig9+d3VUfAKF6HTxLa4htbNS50XKrEj+ixnhP19XJ8yjbtOiYxMJxkg
OekJ7wv2cFImQp6vzMqG+8ge4olBLATHsM60L6UoIgdwWl2qy83ePx7Fuaif7tQX
tqUtaIxLmqLi/pyl6rreKop4y2fQT/HK0OMab5oUcSqiNvJorb3ujpVISY9YsNY2
/U0Vr9lvU13mH7hdU21x
=9uCB
-----END PGP SIGNATURE-----
Merge tag 'perf-urgent-for-mingo' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux into perf/urgent
Pull two 'perf bench' fixes from Arnaldo:
* Make 'perf bench mem' (i.e. no args) mean 'run all tests' so that we can run
all tests, not stopping at the numa ones. (Arnaldo Carvalho de Melo)
* Fix NULL pointer dereference after last test in in "perf bench all" (Patrick Palka)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
If CONFIG_TRANSPARENT_HUGEPAGE is enabled, but CONFIG_HUGETLB_PAGE is not,
it is possible to end up with a configuration that fails to build with the
following error:
include/linux/huge_mm.h:125:2: error: #error "hugepages can't be allocated by the buddy allocator"
This is due to CONFIG_FORCE_MAX_ZONEORDER defaulting to 11. It already has
ranges that change the valid values when HUGETLB_PAGE is enabled, but this
is not done for TRANSPARENT_HUGEPAGE. Fix by changing the HUGETLB_PAGE
dependencies to MIPS_HUGE_TLB_SUPPORT, which includes both
TRANSPARENT_HUGEPAGE and HUGETLB_PAGE.
Signed-off-by: Alex Smith <alex.smith@imgtec.com>
Reviewed-by: Markos Chandras <markos.chandras@imgtec.com>
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/6391/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
This regression has been introduced in
commit b3f2333de8
Author: Daniel Vetter <daniel.vetter@ffwll.ch>
Date: Wed Dec 11 11:34:31 2013 +0100
drm: restrict the device list for shadow attached drivers
Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Reviewed-by: David Herrmann <dh.herrmann@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Two 3.14 specific fixes, two cc: stable.
* tag 'drm-intel-fixes-2014-03-17' of git://anongit.freedesktop.org/drm-intel:
drm/i915: Don't enable display error interrupts from the start
drm/i915: Fix scanline counter fixup on BDW
drm/i915: Add a workaround for HSW scanline counter weirdness
drm/i915: Fix PSR programming
commit f280e89a (drivers: net: cpsw: fix for cpsw crash when build as modules)
moved cpts_register()/cpts_unregister() to ndo_open()/ndo_stop(), but failed
to remove cpts_register in cpsw_probe() which leads to a double registration
and the following debug object splat.
[ 18.991902] ODEBUG: init active (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x2c
[ 19.082249] [<c0059e80>] (init_timer_key) from [<c04965d4>] (cpts_register+0x1f0/0x2c4)
[ 19.090642] [<c04965d4>] (cpts_register) from [<c04931dc>] (cpsw_ndo_open+0x780/0x81c)
[ 19.098948] [<c04931dc>] (cpsw_ndo_open) from [<c0599c2c>] (__dev_open+0xb4/0x118)
Signed-off-by: Benedikt Spranger <b.spranger@linutronix.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pull final final block IO fixes from Jens Axboe:
"Yes, the last round was final. This one is final final.
The mtip32xx fix could have waited, but it's so simple and gets rid of
two warning spewages on load. The two block flush fixes are critical
for blk-mq, and are the primary reason for this late pull request"
* 'for-linus' of git://git.kernel.dk/linux-block:
mtip32xx: fix bad use of smp_processor_id()
block: change flush sequence list addition back to front add
block: fix q->flush_rq NULL pointer crash on dm-mpath flush
Pull MIPS updates from Ralf Baechle:
"A fair number of fixes all across arch/mips. Nothing really stands
out though APRP, the FPU code and syscall tracing code received
multiple patches those all were small"
* 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus:
MIPS: mark O32+FP64 experimental for now
MIPS: ftrace: Fix icache flush range error
MIPS: Fix syscall tracing interface
MIPS: asm: syscall: Fix copying system call arguments
MIPS: Octeon: Fix fall through on bar type OCTEON_DMA_BAR_TYPE_SMALL
MIPS: FPU: Fix conflict of register usage
MIPS: Replace CONFIG_MIPS64 and CONFIG_MIPS32_R2
MIPS: math-emu: Fix prefx detection and COP1X function field definition
MIPS: APRP: Choose the correct VPE loader by fixing the linking
MIPS: APRP: Unregister rtlx interrupt hook at module exit
MIPS: APRP: Fix the linking of rtlx interrupt hook
MIPS: bcm47xx: Include missing errno.h for ENXIO
MIPS: Alchemy: Fix unchecked kstrtoul return value
MIPS: Fix randconfig build error.
1. For the 64 bits dma mask use dma_set_mask_and_coherent instead of
dma_set_mask and dma_set_coherent_mask.
2. For the 32 bits dma mask dma_set_coherent_mask is only called if
dma_set_mask fails, which is unusual. Assuming this as a bug, fixes
it by replacing calls to dma_set_mask and dma_set_coherent_mask by a
call to dma_set_mask_and_coherent.
Signed-off-by: Peter Senna Tschudin <peter.senna@gmail.com>
Tested-by: Jonas Hahnfeld <hahnjo@hahnjo.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
This is a small patch which uses ARRAY_SIZE macro
rather than a number to make code readability better.
Signed-off-by: Doug Wilson <doug.lkml@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
When checking a system call return code for an error,
linux_sparc_syscall was sign-extending the lower 32-bit value and
comparing it to -ERESTART_RESTARTBLOCK. lseek can return valid return
codes whose lower 32-bits alone would indicate a failure (such as 4G-1).
Use the whole 64-bit value to check for errors. Only the 32-bit path
should sign extend the lower 32-bit value.
Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com>
Acked-by: Bob Picco <bob.picco@oracle.com>
Acked-by: Allen Pais <allen.pais@oracle.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: sparclinux@vger.kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
Commit 597ce1723e "MIPS: Support for 64-bit FP with O32 binaries"
introduced support for setting Status.FR=1 for O32 binaries with the
EF_MIPS_FP64 ELF header flag set. Whilst this flag is currently
supported by binutils it does introduce an ABI break within userland.
Objects built with EF_MIPS_FP64 cannot be safely linked with those built
without it since code in either object may assume behaviour specific to
a value of FR.
More recently there has been discussion around avoiding further
fragmentation of the O32 ABI whilst still allowing the use of FR=1 and
features such as MSA which depend upon it. Details of the plan to allow
this are still being worked on, and whilst the kernel will need the
ability to handle FR=1 with O32 tasks it is unclear what else it may
need to provide to a userland which seeks to avoid another ABI break. In
order to prevent the proliferation of userland which may rely upon the
current EF_MIPS_FP64 behaviour this patch marks the kernel support for
it experimental & disables it by default. Under current proposals it is
likely that this support can simply be enabled again later, but possibly
after the introduction of further interfaces with userland and support
for the MIPS R5 UFR feature.
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Cc: Matthew Fortune <matthew.fortune@imgtec.com>
Cc: linux-mips@linux-mips.org
Cc: Paul Burton <paul.burton@imgtec.com>
Patchwork: https://patchwork.linux-mips.org/patch/6549/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Pull HID fixes from Jiri Kosina:
- fix for ordering of device removal actions in hidraw, by Fernando
Luis Vázquez Cao
- fix for uninitialized workqueue usage in hid-sony, by Frank Praznik
- device ID addition for new variant of Logitech G27, from Simon Wood
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
HID: hid-lg4ff: Support new version of G27
HID: hidraw: fix warning destroying hidraw device files after parent
HID: sony: Fix work queue issues.
In 32-bit mode, the start address passed to flush_icache_range is
shifted by 4 bytes before the second safe_store_code() call.
This causes system crash from time to time because the first 4 bytes
might not be flushed properly. This bug exists since linux-3.8.
Also remove obsoleted comment while at it.
Signed-off-by: Viller Hsiao <villerhsiao@gmail.com>
Cc: linux-mips@linux-mips.org
Cc: rostedt@goodmis.org
Cc: fweisbec@gmail.com
Cc: mingo@redhat.com
Cc: Qais.Yousef@imgtec.com
Patchwork: https://patchwork.linux-mips.org/patch/6586/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
The syscall_get_arguments function expects the arguments to be copied
to the '*args' argument but instead a local variable was used to hold
the system call argument. As a result of which, this variable was
never passed to the filter and any filter testing the system call
arguments would fail. This is fixed by passing the '*args' variable
as the destination memory for the system call arguments.
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
Reviewed-by: Paul Burton <paul.burton@imgtec.com>
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/6402/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Pull scheduler fixes from Ingo Molnar:
"Three small fixes"
* 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
sched/clock: Prevent tracing recursion in sched_clock_cpu()
stop_machine: Fix^2 race between stop_two_cpus() and stop_cpus()
sched/deadline: Deny unprivileged users to set/change SCHED_DEADLINE policy
Pull perf fixes from Ingo Molnar:
"Misc smaller fixes"
* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
perf/x86: Fix leak in uncore_type_init failure paths
perf machine: Use map as success in ip__resolve_ams
perf symbols: Fix crash in elf_section_by_name
perf trace: Decode architecture-specific signal numbers
While testing and documenting the msgrcv() MSG_COPY flag that Stanislav
Kinsbursky added in commit 4a674f34ba ("ipc: introduce message queue
copy feature" => kernel 3.8), I discovered a couple of bugs in the
implementation. The two bugs concern MSG_COPY interactions with other
msgrcv() flags, namely:
(A) MSG_COPY + MSG_EXCEPT
(B) MSG_COPY + !IPC_NOWAIT
The bugs are distinct (and the fix for the first one is obvious),
however my fix for both is a single-line patch, which is why I'm
combining them in a single mail, rather than writing two mails+patches.
===== (A) MSG_COPY + MSG_EXCEPT =====
With the addition of the MSG_COPY flag, there are now two msgrcv()
flags--MSG_COPY and MSG_EXCEPT--that modify the meaning of the 'msgtyp'
argument in unrelated ways. Specifying both in the same call is a
logical error that is currently permitted, with the effect that MSG_COPY
has priority and MSG_EXCEPT is ignored. The call should give an error
if both flags are specified. The patch below implements that behavior.
===== (B) (B) MSG_COPY + !IPC_NOWAIT =====
The test code that was submitted in commit 3a665531a3 ("selftests: IPC
message queue copy feature test") shows MSG_COPY being used in
conjunction with IPC_NOWAIT. In other words, if there is no message at
the position 'msgtyp'. return immediately with the error in ENOMSG.
What was not (fully) tested is the behavior if MSG_COPY is specified
*without* IPC_NOWAIT, and there is an odd behavior. If the queue
contains less than 'msgtyp' messages, then the call blocks until the
next message is written to the queue. At that point, the msgrcv() call
returns a copy of the newly added message, regardless of whether that
message is at the ordinal position 'msgtyp'. This is clearly bogus, and
problematic for applications that might want to make use of the MSG_COPY
flag.
I considered the following possible solutions to this problem:
(1) Force the call to block until a message *does* appear at the
position 'msgtyp'.
(2) If the MSG_COPY flag is specified, the kernel should implicitly add
IPC_NOWAIT, so that the call fails with ENOMSG for this case.
(3) If the MSG_COPY flag is specified, but IPC_NOWAIT is not, generate
an error (probably, EINVAL is the right one).
I do not know if any application would really want to have the
functionality of solution (1), especially since an application can
determine in advance the number of messages in the queue using msgctl()
IPC_STAT. Obviously, this solution would be the most work to implement.
Solution (2) would have the effect of silently fixing any applications
that tried to employ broken behavior. However, it would mean that if we
later decided to implement solution (1), then user-space could not
easily detect what the kernel supports (but, since I'm somewhat doubtful
that solution (1) is needed, I'm not sure that this is much of a
problem).
Solution (3) would have the effect of informing broken applications that
they are doing something broken. The downside is that this would cause
a ABI breakage for any applications that are currently employing the
broken behavior. However:
a) Those applications are almost certainly not getting the results they
expect.
b) Possibly, those applications don't even exist, because MSG_COPY is
currently hidden behind CONFIG_CHECKPOINT_RESTORE.
The upside of solution (3) is that if we later decided to implement
solution (1), user-space could determine what the kernel supports, via
the error return.
In my view, solution (3) is mildly preferable to solution (2), and
solution (1) could still be done later if anyone really cares. The
patch below implements solution (3).
PS. For anyone out there still listening, it's the usual story:
documenting an API (and the thinking about, and the testing of the API,
that documentation entails) is the one of the single best ways of
finding bugs in the API, as I've learned from a lot of experience. Best
to do that documentation before releasing the API.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Acked-by: Stanislav Kinsbursky <skinsbursky@parallels.com>
Cc: Stanislav Kinsbursky <skinsbursky@parallels.com>
Cc: stable@vger.kernel.org
Cc: Serge Hallyn <serge.hallyn@canonical.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Pavel Emelyanov <xemul@parallels.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This is a set of six fixes. Two are instant crash/null deref types (storvsc
and isci). The two qla2xxx are initialisation problems that cause MSI-X
failures and card misdetection, the isci erroneous macro is actually illegal C
that's causing a miscompile with certain gcc versions and the be2iscsi bad if
expression is a static checker fix.
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQEcBAABAgAGBQJTJI/eAAoJEDeqqVYsXL0MSLkH/2uYBN9YkO6rkafxcIUYY0Ck
8+3xf7qdLVaEYoERkXQOncHg8r0BYWaUl0oi/K5nzq4chvMH3SW5L360SYRLT6Hs
0F2pFZ2bO192FPBSB2zxrkSDYmEtzBviUFbiWwVH2i1GJCGDMvI9TfDVbdnfF5Eh
YB5INjZQ0r5eS45uR5xo5VTotMOUd/3lfYCfcOLDB77SzkX280+OUXJOxRND4QtM
xKcWCahSR2ALzxy4+OUsSHsQNizjEufeDiTij1h9GJctbtPXgm4hRO04AEB2a0aQ
OBI5kKZobqh5DJgknBsASvYNDOaVOVlzML5Qs9m+ie1IEQBOtV6u1rQAONThy/8=
=1qQW
-----END PGP SIGNATURE-----
Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
Pull SCSI fixes from James Bottomley:
"This is a set of six fixes. Two are instant crash/null deref types
(storvsc and isci). The two qla2xxx are initialisation problems that
cause MSI-X failures and card misdetection, the isci erroneous macro
is actually illegal C that's causing a miscompile with certain gcc
versions and the be2iscsi bad if expression is a static checker fix"
* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
[SCSI] storvsc: NULL pointer dereference fix
[SCSI] qla2xxx: Poll during initialization for ISP25xx and ISP83xx
[SCSI] isci: correct erroneous for_each_isci_host macro
[SCSI] isci: fix reset timeout handling
[SCSI] be2iscsi: fix bad if expression
[SCSI] qla2xxx: Fix multiqueue MSI-X registration.
John W. Linville says:
====================
Please pull these last(?) few wireless bits intended for the 3.14
stream. Each is here to address a problem found with a patch already
merged...
Dave Jones gives us a memory leak fix, for an error path in brcmfmac.
Felix Fietkau moves a small delay to make it actually reachable.
Helmut Schaa fixes an ath9k sequence numbering problem for non-data
frames.
Stanislaw Gruszka reverts an earlier fix that was found to cause
random connection drops on RT5390 PCI adapters
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Callers of phy_ethtool_get_wol are supposed to provide a properly
cleared struct ethtool_wolinfo. Therefore, fix phy_suspend to clear
it before passing it to phy_ethtool_get_wol.
Signed-off-by: Sebastian Hesselbarth <sebastian.hesselbarth@gmail.com>
Reviewed-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
If this is added to the driver files, then maybe it's
appropriate to add to MAINTAINERS as well.
Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>