Users have reported being unable to trace non-signed modules loaded
within a kernel supporting module signature.
This is caused by tracepoint.c:tracepoint_module_coming() refusing to
take into account tracepoints sitting within force-loaded modules
(TAINT_FORCED_MODULE). The reason for this check, in the first place, is
that a force-loaded module may have a struct module incompatible with
the layout expected by the kernel, and can thus cause a kernel crash
upon forced load of that module on a kernel with CONFIG_TRACEPOINTS=y.
Tracepoints, however, specifically accept TAINT_OOT_MODULE and
TAINT_CRAP, since those modules do not lead to the "very likely system
crash" issue cited above for force-loaded modules.
With kernels having CONFIG_MODULE_SIG=y (signed modules), a non-signed
module is tainted re-using the TAINT_FORCED_MODULE taint flag.
Unfortunately, this means that Tracepoints treat that module as a
force-loaded module, and thus silently refuse to consider any tracepoint
within this module.
Since an unsigned module does not fit within the "very likely system
crash" category of tainting, add a new TAINT_UNSIGNED_MODULE taint flag
to specifically address this taint behavior, and accept those modules
within Tracepoints. We use the letter 'X' as a taint flag character for
a module being loaded that doesn't know how to sign its name (proposed
by Steven Rostedt).
Also add the missing 'O' entry to trace event show_module_flags() list
for the sake of completeness.
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Acked-by: Steven Rostedt <rostedt@goodmis.org>
NAKed-by: Ingo Molnar <mingo@redhat.com>
CC: Thomas Gleixner <tglx@linutronix.de>
CC: David Howells <dhowells@redhat.com>
CC: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
MODULE_DEVICE_TABLE() calles MODULE_GENERIC_TABLE(); make it do the
work directly. This also removes a wart introduced in the last patch,
where the alias is defined to be an unknown struct type "struct
type##__##name##_device_id" instead of "struct type##_device_id" (it's
an extern so GCC doesn't care, but it's wrong).
The other user of MODULE_GENERIC_TABLE (ISAPNP_CARD_TABLE) is unused,
so delete it.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Commit 78551277e4: "Input: i8042 - add PNP modaliases" had a bug, where the
second call to MODULE_DEVICE_TABLE() overrode the first resulting in not all
the modaliases being exposed.
This fixes the problem by including the name of the device_id table in the
__mod_*_device_table alias, allowing us to export several device_id tables
per module.
Suggested-by: Kay Sievers <kay@vrfy.org>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Signed-off-by: Tom Gundersen <teg@jklm.no>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
When dumping loaded modules, we print them one by one in separate
printks. Let's use pr_cont as they are continuation prints.
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Pull CIFS fixes from Steve French:
"A fix for the problem which Al spotted in cifs_writev and a followup
(noticed when fixing CVE-2014-0069) patch to ensure that cifs never
sends more than the smb frame length over the socket (as we saw with
that cifs_iovec_write problem that Jeff fixed last month)"
* 'for-next' of git://git.samba.org/sfrench/cifs-2.6:
cifs: mask off top byte in get_rfc1002_length()
cifs: sanity check length of data to send before sending
CIFS: Fix wrong pos argument of cifs_find_lock_conflict
Pull audit namespace fixes from Eric Biederman:
"Starting with 3.14-rc1 the audit code is faulty (think oopses and
races) with respect to how it computes the network namespace of which
socket to reply to, and I happened to notice by chance when reading
through the code.
My testing and the automated build bots don't find any problems with
these fixes"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
audit: Update kdoc for audit_send_reply and audit_list_rules_send
audit: Send replies in the proper network namespace.
audit: Use struct net not pid_t to remember the network namespce to reply in
This was an optimization that made memcpy type benchmarks a little
faster on ancient (Circa 1998) IDT Winchip CPUs. In real-life
workloads, it wasn't even noticable, and I doubt anyone is running
benchmarks on 16 year old silicon any more.
Given this code has likely seen very little use over the last decade,
let's just remove it.
Signed-off-by: Dave Jones <davej@fedoraproject.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Merge misc fixes from Andrew Morton:
"Nine fixes"
* emailed patches from Andrew Morton akpm@linux-foundation.org>:
cris: convert ffs from an object-like macro to a function-like macro
hfsplus: add HFSX subfolder count support
tools/testing/selftests/ipc/msgque.c: handle msgget failure return correctly
MAINTAINERS: blackfin: add git repository
revert "kallsyms: fix absolute addresses for kASLR"
mm/Kconfig: fix URL for zsmalloc benchmark
fs/proc/base.c: fix GPF in /proc/$PID/map_files
mm/compaction: break out of loop on !PageBuddy in isolate_freepages_block
mm: fix GFP_THISNODE callers and clarify
This avoids bad interactions with code using identifiers called "ffs":
drivers/usb/gadget/f_fs.c: In function 'ffsmod_init':
drivers/usb/gadget/f_fs.c:2693:494: error: 'ffsusb_func' undeclared (first use in this function)
drivers/usb/gadget/f_fs.c:2693:494: note: each undeclared identifier is reported only once for each function it appears in
drivers/usb/gadget/f_fs.c: In function 'ffsmod_exit':
drivers/usb/gadget/f_fs.c:2693:677: error: 'ffsusb_func' undeclared (first use in this function)
drivers/usb/gadget/f_fs.c: At top level:
drivers/usb/gadget/f_fs.c:2693:35: warning: 'kernel_ffsusb_func' defined but not used [-Wunused-variable]
drivers/usb/gadget/f_fs.c: In function 'ffsmod_init':
drivers/usb/gadget/f_fs.c:2693:15: warning: control reaches end of non-void function [-Wreturn-type]
See http://kisskb.ellerman.id.au/kisskb/buildresult/10715817/
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Adds support for HFSX 'HasFolderCount' flag and a corresponding
'folderCount' field in folder records. (For reference see
HFS_FOLDERCOUNT and kHFSHasFolderCountBit/kHFSHasFolderCountMask in
Apple's source code.)
Ignoring subfolder count leads to fs errors found by Mac:
...
Checking catalog hierarchy.
HasFolderCount flag needs to be set (id = 105)
(It should be 0x10 instead of 0)
Incorrect folder count in a directory (id = 2)
(It should be 7 instead of 6)
...
Steps to reproduce:
Format with "newfs_hfs -s /dev/diskXXX".
Mount in Linux.
Create a new directory in root.
Unmount.
Run "fsck_hfs /dev/diskXXX".
The patch handles directory creation, deletion, and rename.
Signed-off-by: Sergei Antonov <saproj@gmail.com>
Reviewed-by: Vyacheslav Dubeyko <slava@dubeyko.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Christoph Hellwig <hch@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
A failed msgget causes the test to return an uninitialised value in ret.
Assign ret to -errno on error exit.
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Davidlohr Bueso <davidlohr@hp.com>
Cc: Stanislav Kinsbursky <skinsbursky@parallels.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Add the git repository currently in use for blackfin architecture
development.
This information was obtained from Steven Miao.
Signed-off-by: Michael Opdenacker <michael.opdenacker@free-electrons.com>
Cc: Steven Miao <realmz6@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Revert the recently applied 0f55159d09 ("kallsyms: fix absolute
addresses for kASLR"). Kees said
: This got NAKed, please don't apply -- this patch works for x86 and
: ARM, but may cause problems for others:
:
: https://lkml.org/lkml/2014/2/24/718
It appears that Kees will be fixing all this up for 3.15.
Cc: Andy Honig <ahonig@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Michal Marek <mmarek@suse.cz>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
The help text for CONFIG_PGTABLE_MAPPING has an incorrect URL. While
we're at it, remove the unnecessary footnote notation.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Acked-by: Minchan Kim <minchan@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
The expected logic of proc_map_files_get_link() is either to return 0
and initialize 'path' or return an error and leave 'path' uninitialized.
By the time dname_to_vma_addr() returns 0 the corresponding vma may have
already be gone. In this case the path is not initialized but the
return value is still 0. This results in 'general protection fault'
inside d_path().
Steps to reproduce:
CONFIG_CHECKPOINT_RESTORE=y
fd = open(...);
while (1) {
mmap(fd, ...);
munmap(fd, ...);
}
ls -la /proc/$PID/map_files
Addresses https://bugzilla.kernel.org/show_bug.cgi?id=68991
Signed-off-by: Artem Fetishev <artem_fetishev@epam.com>
Signed-off-by: Aleksandr Terekhov <aleksandr_terekhov@epam.com>
Reported-by: <wiebittewas@gmail.com>
Acked-by: Pavel Emelyanov <xemul@parallels.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Reviewed-by: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
We received several reports of bad page state when freeing CMA pages
previously allocated with alloc_contig_range:
BUG: Bad page state in process Binder_A pfn:63202
page:d21130b0 count:0 mapcount:1 mapping: (null) index:0x7dfbf
page flags: 0x40080068(uptodate|lru|active|swapbacked)
Based on the page state, it looks like the page was still in use. The
page flags do not make sense for the use case though. Further debugging
showed that despite alloc_contig_range returning success, at least one
page in the range still remained in the buddy allocator.
There is an issue with isolate_freepages_block. In strict mode (which
CMA uses), if any pages in the range cannot be isolated,
isolate_freepages_block should return failure 0. The current check
keeps track of the total number of isolated pages and compares against
the size of the range:
if (strict && nr_strict_required > total_isolated)
total_isolated = 0;
After taking the zone lock, if one of the pages in the range is not in
the buddy allocator, we continue through the loop and do not increment
total_isolated. If in the last iteration of the loop we isolate more
than one page (e.g. last page needed is a higher order page), the check
for total_isolated may pass and we fail to detect that a page was
skipped. The fix is to bail out if the loop immediately if we are in
strict mode. There's no benfit to continuing anyway since we need all
pages to be isolated. Additionally, drop the error checking based on
nr_strict_required and just check the pfn ranges. This matches with
what isolate_freepages_range does.
Signed-off-by: Laura Abbott <lauraa@codeaurora.org>
Acked-by: Minchan Kim <minchan@kernel.org>
Cc: Mel Gorman <mgorman@suse.de>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Acked-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
Acked-by: Michal Nazarewicz <mina86@mina86.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
GFP_THISNODE is for callers that implement their own clever fallback to
remote nodes. It restricts the allocation to the specified node and
does not invoke reclaim, assuming that the caller will take care of it
when the fallback fails, e.g. through a subsequent allocation request
without GFP_THISNODE set.
However, many current GFP_THISNODE users only want the node exclusive
aspect of the flag, without actually implementing their own fallback or
triggering reclaim if necessary. This results in things like page
migration failing prematurely even when there is easily reclaimable
memory available, unless kswapd happens to be running already or a
concurrent allocation attempt triggers the necessary reclaim.
Convert all callsites that don't implement their own fallback strategy
to __GFP_THISNODE. This restricts the allocation a single node too, but
at the same time allows the allocator to enter the slowpath, wake
kswapd, and invoke direct reclaim if necessary, to make the allocation
happen when memory is full.
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Rik van Riel <riel@redhat.com>
Cc: Jan Stancek <jstancek@redhat.com>
Cc: Mel Gorman <mgorman@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Pull vfs fixes from Al Viro.
Clean up file table accesses (get rid of fget_light() in favor of the
fdget() interface), add proper file position locking.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
get rid of fget_light()
sockfd_lookup_light(): switch to fdget^W^Waway from fget_light
vfs: atomic f_pos accesses as per POSIX
ocfs2 syncs the wrong range...
Pull libata fixlet from Tejun Heo:
"I merged the two blaclist entries into 'Crucial_CT???M500SSD*'"
* 'for-3.14-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata:
libata: use wider match for blacklisting Crucial M500
instead of returning the flags by reference, we can just have the
low-level primitive return those in lower bits of unsigned long,
with struct file * derived from the rest.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Our write() system call has always been atomic in the sense that you get
the expected thread-safe contiguous write, but we haven't actually
guaranteed that concurrent writes are serialized wrt f_pos accesses, so
threads (or processes) that share a file descriptor and use "write()"
concurrently would quite likely overwrite each others data.
This violates POSIX.1-2008/SUSv4 Section XSI 2.9.7 that says:
"2.9.7 Thread Interactions with Regular File Operations
All of the following functions shall be atomic with respect to each
other in the effects specified in POSIX.1-2008 when they operate on
regular files or symbolic links: [...]"
and one of the effects is the file position update.
This unprotected file position behavior is not new behavior, and nobody
has ever cared. Until now. Yongzhi Pan reported unexpected behavior to
Michael Kerrisk that was due to this.
This resolves the issue with a f_pos-specific lock that is taken by
read/write/lseek on file descriptors that may be shared across threads
or processes.
Reported-by: Yongzhi Pan <panyongzhi@gmail.com>
Reported-by: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
We're now blacklisting "Crucial_CT???M500SSD1" and
"Crucial_CT???M500SSD3". Also, "Micron_M500*" is blacklisted which is
about the same devices as the crucial branded ones. Let's merge the
two Crucial M500 entries and widen the match to
"Crucial_CT???M500SSD*" so that we don't have to fiddle with new
entries for similar devices.
Signed-off-by: Tejun Heo <tj@kernel.org>
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: stable@vger.kernel.org
A collection of fixes for ARM platforms. A little large due to us missing to
do one last week, but there's nothing in particular here that is in itself
large and scary.
Mostly a handful of smaller fixes all over the place. The majority is made
up of fixes for OMAP, but there are a few for others as well. In particular,
there was a decision to rename a binding for the Broadcom pinctrl block that
we need to go in before the final release since we then treat it as ABI.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAABAgAGBQJTHKFOAAoJEIwa5zzehBx36EoP/0K7ts9qrShYUD2ASy9HuFKj
cUcIHF+c0203bavIZzP5EQW/m7TGSybjO8UwkOaLv5SL6E9fn8rR01mmKpONeZbN
E40ANvOxP3FdWWUFzZSh4oyaX0abaPUtPaYBavakHQI2Ej2m4UmpXAWUkCUGt9Om
sXSAYuOi6tmpy40aimpaI1QBtx/eyxxJgEBKcbFBvhp1P3d56LTtoqmzACxBFU/8
4NJIXuZlXTmXV9qIX+y4yXDhmVb6c/gEbNeLJ2F3yWzEeTgnMeycDb8o27Jl6Ii4
rjsT25qplW5zvUODuhU6QUjuipPh8+WtyF8ruKMakxMNkVoGAC2flWw2TBR09tVj
zIqYP7/vDhCEYcw4g/BqR8tEvojWt2m7Hm5y+oQY3qmCtLewL6TYeXZcXWFLCwSk
m4zSvzZOsRsZWsZcflJKZr3g5vsjbg3vtoc3pOZaN4UcqEhU1HCtMfN3znnXIhtj
xGWqN22S3OpGM0lzLY95lnVeLdrs6eX/ZY23BG1OV4OcDWM4nYwAxEq94QgPvSxR
9E/fFhU2DZIulEA5Z+/PIReUCLuNL709zqnyAG9VTvbeC24sdr0W6bEM08O85xan
kb7sbYRnt4qr4uOhPCi7wIENY4rrS91dcE3XZUhJtLWi/0jj+pHT9VoggyS4QdtS
aWRhg70S5M6quMEoIOzg
=YBim
-----END PGP SIGNATURE-----
Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
Pull ARM SoC fixes from from Olof Johansson:
"A collection of fixes for ARM platforms. A little large due to us
missing to do one last week, but there's nothing in particular here
that is in itself large and scary.
Mostly a handful of smaller fixes all over the place. The majority is
made up of fixes for OMAP, but there are a few for others as well. In
particular, there was a decision to rename a binding for the Broadcom
pinctrl block that we need to go in before the final release since we
then treat it as ABI"
* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
ARM: dts: omap3-gta04: Add ti,omap36xx to compatible property to avoid problems with booting
ARM: tegra: add LED options back into tegra_defconfig
ARM: dts: omap3-igep: fix boot fail due wrong compatible match
ARM: OMAP3: Fix pinctrl interrupts for core2
pinctrl: Rename Broadcom Capri pinctrl binding
pinctrl: refer to updated dt binding string.
Update dtsi with new pinctrl compatible string
ARM: OMAP: Kill warning in CPUIDLE code with !CONFIG_SMP
ARM: OMAP2+: Add support for thumb mode on DT booted N900
ARM: OMAP2+: clock: fix clkoutx2 with CLK_SET_RATE_PARENT
ARM: OMAP4: hwmod: Fix SOFTRESET logic for OMAP4
ARM: DRA7: hwmod data: correct the sysc data for spinlock
ARM: OMAP5: PRM: Fix reboot handling
ARM: sunxi: dt: Change the touchscreen compatibles
ARM: sun7i: dt: Fix interrupt trigger types
Highlights include:
- Fix another nfs4_sequence corruptor in RELEASE_LOCKOWNER
- Fix an Oopsable delegation callback race
- Fix another bad stateid infinite loop
- Fail the data server I/O is the stateid represents a lost lock
- Fix an Oopsable sunrpc trace event
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJTHJSVAAoJEGcL54qWCgDyVRkP/2t43gjMF6P+Yc7VUW2e5uTv
rHhPGFLuDVs9oS3WUYegzvThZMs//ovTaYgUSDNpOYztEB6P8bDRm41q/VgUIixY
zWFoEplDgAZZE7gP2EJuXJv3bEdhJqXuCG2KUysqMsaIGlahrlQdHmqGTz6Y931o
WROyMWVvnL4IoEtQHVR7DwyqkvSmifPJ8MZZv3Liy82wuw1fCsh8uy8mkYYSbdvN
OK4JmHqdJ+CbAZ0WmE4Xe3Itqy/aIMBL9Jyrq4Zl1QX0p7ez3Xpy4XwmtlZXn2KP
bKMfK2vP9RggagIpjUL+dhCqxlsyjlF6EzTnQRe7jXqlJ/vJ9pQF8X294jwRysfp
80jDqsTSND4JQiZuBISID23N1nL0TzrP2tWqipR9zx5JJMRVzYZWTzEq4w2uAHgg
aW2vTdRNRLZWydlfFNQ8FiuEPIFoQaJFmOCQisec2LtfffLZZBz7JPofjNH9CgU8
mcbPhv75m2imXDOylydiVoD4x/myCGheYw2hpqhb1ZeuQxdN9lnwa0JzjPiP1h38
XIYwzM7TE8WayrdkMDCeIem1dz/VexknfKmXmFXlMfn3GRKxowCSrggxKG92k0eP
L35cJj91a9AoxMz/ej0erv0iI1flLeoYP9aJzIRtZf+SB1BZkKhmWlFRQKqnlIOA
BzjYui4mUoEQEa5Sk7Th
=JfQx
-----END PGP SIGNATURE-----
Merge tag 'nfs-for-3.14-5' of git://git.linux-nfs.org/projects/trondmy/linux-nfs
Pull NFS client bugfixes from Trond Myklebust:
"Highlights include:
- Fix another nfs4_sequence corruptor in RELEASE_LOCKOWNER
- Fix an Oopsable delegation callback race
- Fix another bad stateid infinite loop
- Fail the data server I/O is the stateid represents a lost lock
- Fix an Oopsable sunrpc trace event"
* tag 'nfs-for-3.14-5' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
SUNRPC: Fix oops when trace sunrpc_task events in nfs client
NFSv4: Fail the truncate() if the lock/open stateid is invalid
NFSv4.1 Fail data server I/O if stateid represents a lost lock
NFSv4: Fix the return value of nfs4_select_rw_stateid
NFSv4: nfs4_stateid_is_current should return 'true' for an invalid stateid
NFS: Fix a delegation callback race
NFSv4: Fix another nfs4_sequence corruptor
Here are 4 USB fixes for your current tree.
Two of them are reverts to hopefully resolve the nasty XHCI regressions
we have been having on some types of devices. The other two are quirks
for some Logitech video devices.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iEYEABECAAYFAlMbu0sACgkQMUfUDdst+yl/MgCeJbq5Lre/M59O5YVWhS3fghsG
PisAoI7t2LLnhiC/DwZD10vs2hEkZxw2
=R/Qt
-----END PGP SIGNATURE-----
Merge tag 'usb-3.14-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
Pull USB fixes from Greg KH:
"Here are 4 USB fixes for your current tree.
Two of them are reverts to hopefully resolve the nasty XHCI
regressions we have been having on some types of devices. The other
two are quirks for some Logitech video devices"
* tag 'usb-3.14-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
Revert "USBNET: ax88179_178a: enable tso if usb host supports sg dma"
Revert "xhci 1.0: Limit arbitrarily-aligned scatter gather."
usb: Make DELAY_INIT quirk wait 100ms between Get Configuration requests
usb: Add device quirk for Logitech HD Pro Webcams C920 and C930e
Here is a single staging driver fix for your tree.
It resolves an issue with arbritary writes to memory if a specific
driver is loaded.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iEYEABECAAYFAlMbwF4ACgkQMUfUDdst+ynSIwCZAfb/XkCqRqnzW8nfAOqITRP9
VwUAoMHjGSr6mBbXFzHz5QoxGwylY+dW
=+BBI
-----END PGP SIGNATURE-----
Merge tag 'staging-3.15-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging
Pull staging driver tree fix from Greg KH:
"Here is a single staging driver fix for your tree.
It resolves an issue with arbritary writes to memory if a specific
driver is loaded"
* tag 'staging-3.15-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
staging/cxt1e1/linux.c: Correct arbitrary memory write in c4_ioctl()
This fixes CVE-2014-0102.
The following command sequence produces an oops:
keyctl new_session
i=`keyctl newring _ses @s`
keyctl link @s $i
The problem is that search_nested_keyrings() sees two keyrings that have
matching type and description, so keyring_compare_object() returns true.
s_n_k() then passes the key to the iterator function -
keyring_detect_cycle_iterator() - which *should* check to see whether this is
the keyring of interest, not just one with the same name.
Because assoc_array_find() will return one and only one match, I assumed that
the iterator function would only see an exact match or never be called - but
the iterator isn't only called from assoc_array_find()...
The oops looks something like this:
kernel BUG at /data/fs/linux-2.6-fscache/security/keys/keyring.c:1003!
invalid opcode: 0000 [#1] SMP
...
RIP: keyring_detect_cycle_iterator+0xe/0x1f
...
Call Trace:
search_nested_keyrings+0x76/0x2aa
__key_link_check_live_key+0x50/0x5f
key_link+0x4e/0x85
keyctl_keyring_link+0x60/0x81
SyS_keyctl+0x65/0xe4
tracesys+0xdd/0xe2
The fix is to make keyring_detect_cycle_iterator() check that the key it
has is the key it was actually looking for rather than calling BUG_ON().
A testcase has been included in the keyutils testsuite for this:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/keyutils.git/commit/?id=891f3365d07f1996778ade0e3428f01878a1790b
Reported-by: Tommi Rantala <tt.rantala@gmail.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Pull thermal fixes from Zhang Rui:
"Specifics:
- Update the help text of INT3403 Thermal driver, which was not
friendly to users. From Zhang Rui.
- The "type" sysfs attribute of x86_pkg_temp_thermal registered
thermal zones includes an instance number, which makes the
thermal-to-hwmon bridge fails to group them all in a single hwmon
device. Fixed by Jean Delvare.
- The hwmon device registered by x86_pkg_temp_thermal driver is
redundant because the temperature value reported by
x86_pkg_temp_thermal is already reported by the coretemp driver.
Fixed by Jean Delvare.
- Fix a problem that the cooling device can not be updated properly
if it is initialized at max cooling state. From Ni Wade.
- Fix a problem that OF registered thermal zones are running without
thermal governors. From Zhang Rui.
- Commit beeb5a1e0e ("thermal: rcar-thermal: Enable driver
compilation with COMPILE_TEST") broke build on archs wihout io
memory. Thus make it depend on HAS_IOMEM to bypass build failures.
Fixed by Richard Weinberger"
* 'for-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux:
Thermal: thermal zone governor fix
Thermal: Allow first update of cooling device state
thermal,rcar_thermal: Add dependency on HAS_IOMEM
x86_pkg_temp_thermal: Fix the thermal zone type
x86_pkg_temp_thermal: Do not expose as a hwmon device
Thermal: update INT3404 thermal driver help text
A scattering of driver specific fixes here. The fixes from Axel cover
bitrot in apparently unmaintained drivers, the at79 bug is fixing a
glitch on /CS during initialisation of some devices which could break
some slaves and the remainder are fixes for recently introduced bugs
from the past release cycle or so.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIbBAABAgAGBQJTGVKmAAoJELSic+t+oim9us4P9RSbIcwJWobTy2Px/7yPH2e9
mAjlTVnBQ2EqwPAI+iro1xQfTeeyn3fAkdINrkWe6xGkbXH4n4OezWZzdH0VbPFV
buUPc9EYt8FysG/Xne3nyW3cCDzv0+CzvD5CY/83SDa2YMd+2134dxb/8UOpLE+Q
ptde7EsR11z2XF9PLdm4Wc7ouGEczm3zfbgy1v1uO0UZqeFe8sbzroYLdTZnRYZ5
s9BD3hUgcB9+cV/v4gv988hYhofmvmsYluBmo8Q7OVgMJ90ne281P8X9CqxEEn1w
vsebrQ3xFIybDk1GGp79IMTyNooX48+2eTalsJa4+eWsGYpZjMW7wHx+pYX5pqnI
hxrKU4yXQ8Sa7CMwfGcLgzJpa7DPbTKJZrw7X1x71+Pu8HcBHEKO1xKJ9YNY98Kd
B0zvdPaYmEFX5e4T7Tv2opk3TVYZtrlNmu16DxgktzYEUdArkDZAV0SVHMtGzpGn
/AMtvm5LIH58smyhdsocQtdddjE2oELVuLqtfIZgq8KuARmFYVzDro/q9BXcJMWK
0LJCscr4bxljFEm+NDhPTwtQ1TX3Ahl+sTDkyx1sYjfQXEUsJyP0YesLqbyIP1xY
gzAURogPooS7Gz4ggkyZv0cvcsKcziXvf4MYpIKT58HjfVgGk5Kk7LU6E2eUJMXU
AzmQoeKfWrIUzKYOk8w=
=2e3U
-----END PGP SIGNATURE-----
Merge tag 'spi-v3.14-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi
Pull spi fixes from Mark Brown:
"A scattering of driver specific fixes here.
The fixes from Axel cover bitrot in apparently unmaintained drivers,
the at79 bug is fixing a glitch on /CS during initialisation of some
devices which could break some slaves and the remainder are fixes for
recently introduced bugs from the past release cycle or so"
* tag 'spi-v3.14-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi:
spi: atmel: add missing spi_master_{resume,suspend} calls to PM callbacks
spi: coldfire-qspi: Fix getting correct address for *mcfqspi
spi: fsl-dspi: Fix getting correct address for master
spi: spi-ath79: fix initial GPIO CS line setup
spi: spi-imx: spi_imx_remove: do not disable disabled clocks
spi-topcliff-pch: Fix probing when DMA mode is used
spi/topcliff-pch: Fix DMA channel
Pull SCSI target fixes from Nicholas Bellinger:
"This series addresses a number of outstanding issues wrt to active I/O
shutdown using iser-target. This includes:
- Fix a long standing tpg_state bug where a tpg could be referenced
during explicit shutdown (v3.1+ stable)
- Use list_del_init for iscsi_cmd->i_conn_node so list_empty checks
work as expected (v3.10+ stable)
- Fix a isert_conn->state related hung task bug + ensure outstanding
I/O completes during session shutdown. (v3.10+ stable)
- Fix isert_conn->post_send_buf_count accounting for RDMA READ/WRITEs
(v3.10+ stable)
- Ignore FRWR completions during active I/O shutdown (v3.12+ stable)
- Fix command leakage for interrupt coalescing during active I/O
shutdown (v3.13+ stable)
Also included is another DIF emulation fix from Sagi specific to
v3.14-rc code"
* git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending:
Target/sbc: Fix sbc_copy_prot for offset scatters
iser-target: Fix command leak for tx_desc->comp_llnode_batch
iser-target: Ignore completions for FRWRs in isert_cq_tx_work
iser-target: Fix post_send_buf_count for RDMA READ/WRITE
iscsi/iser-target: Fix isert_conn->state hung shutdown issues
iscsi/iser-target: Use list_del_init for ->i_conn_node
iscsi-target: Fix iscsit_get_tpg_from_np tpg_state bug
Revert commit 3130497f5b ("ACPI / sleep: pm_power_off needs more
sanity checks to be installed") that breaks power ACPI power off on a
lot of systems, because it checks wrong registers.
Fixes: 3130497f5b ("ACPI / sleep: pm_power_off needs more sanity checks to be installed")
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
issues booting 3430 based boards.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iQIcBAABAgAGBQJTE7TIAAoJEBvUPslcq6VzHvEP/RxCNr6O1sRneB4r+kLScgX1
ccvJtPAN5s4/MmUZnfoW2REzC8SXc6NxqfnaYaTSSMgn+C+xU98tkI8BGz8IiSA6
e3LXSQYu1tTht1pL68OFOI0x0mhAhGTFKUFsoAPVWUlyJegckxAg9XKK/SRq52Ea
ko02mJgdZY6mLaJowsIl940MqW4yGKr3g/z+CDDhYh9E2I0O5hGNjWhhtqcgsjit
C/HlL7MHf186NEURpd9PAh+6H0bJHHWA0p2Ir825sfJgBFG44pJvnTz7YIpBOQeb
twlULgFsSPc5osBzxvMBi4xu0Th6h9rydp1QP0tgoS1eEh1ekcf0/gb7wXHYw6g4
8oKB+K1CJy35UAKgIyObh8VKqNpzQOkQZ6enSBAuS0I944XcNcSxcSUhiY9wo9q4
96j0cvGIAC8nNIfLXKISnhJuzW4Xa20cIZwjDx9zCHgUGxgx1x2I8g/qVu2pHtwv
TEZrK94LhlEHNO2By3/4s647YX0r6PpDaGo1rG2z11sRWu3C/G+/KASADW2VNwyC
bY1HupfLZ6U/zmYu2Y250CyNU+0yTragDKdR8SboT9BQTJ/wWZQckerE/R8y2hN7
lg67ah0jounBm902bW8JxcUYCuSdku4rtIn7EoDRWRQhnXVYEbmnecM8wltomak5
vcCiCZkhqQ/O9j0dFLh9
=J6Y0
-----END PGP SIGNATURE-----
Merge tag 'omap-for-v3.14/fixes-dt-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into fixes
From Tony Lindgren:
Two omap3430 vs 3630 device tree regression fixes for
issues booting 3430 based boards.
* tag 'omap-for-v3.14/fixes-dt-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
ARM: dts: omap3-gta04: Add ti,omap36xx to compatible property to avoid problems with booting
ARM: dts: omap3-igep: fix boot fail due wrong compatible match
Signed-off-by: Olof Johansson <olof@lixom.net>
other bcm mobile bindings.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAABAgAGBQJTDB0VAAoJEPYb7NoJr+nLwGkQALuroLtwGGq0/6Jw4dr9n5UO
tclAvSbuvUoqwu58cD3grWhkavFKQqR4fJdWcrmczROD9r6rX48QDFe2jNlRjgj/
yNKkTsd+Ay9I0tPeyx3Buf+tVeQgqsSuG7FJPKgAxMf3HT+tmaWpdIMsjcLOwzdi
ZMTpIw0cLGMdtr8OSHW/nJuaQV3b+DhnjSLC8QIRg3XgJGjNzJxiKu2Flp0w261P
Ubzs/PDv83Xl5d972e6JoYR5gGzMwIskm64LmEbHiigLJsvo71oHW57Q2g9asx7h
stiBzAWF7/Q1xDQ0hTukIOIbX94juR9zSaje66qZ578CFiRAYefginCfyIak9R6R
Jk0X3krsc0bU9hi4maiYEMVXO3R7K7Rv4BcdoXkg38BXNyINfpdUZlb/5ds6o2FJ
AZaBgt+/3dl649YaX+ft9VW+1oeV4Hj89sn2pH56NV/rC+dzmh3EHExyHFPJ+sO+
KKaoXVPf7+TyStrwSxXPSdpUlmGWRWEn9NF1JIGtGNBU+hbiXw7TEOD6DaC8TAN0
kqAC3ba1YwJalR5rr6UC8ZG2dIZMv3BF7efrM+ewcV7w7F5KF/suJmYIGF+hAFfJ
Ki7YRRUMS2bVroFjQ7haFGkcwS4JzQnR0hO4O4rNu9JbgBWs0Zv5idj1G/EFpT7a
hM4ZETYQQb27LVicK/dN
=2dxs
-----END PGP SIGNATURE-----
Merge tag 'bcm-for-3.14-pinctrl-reduced-rename' of git://github.com/broadcom/bcm11351 into fixes
Merge 'bcm pinctrl rename' From Christin Daudt:
Rename pinctrl dt binding to restore consistency with other bcm mobile
bindings.
* tag 'bcm-for-3.14-pinctrl-reduced-rename' of git://github.com/broadcom/bcm11351:
pinctrl: Rename Broadcom Capri pinctrl binding
pinctrl: refer to updated dt binding string.
Update dtsi with new pinctrl compatible string
+ Linux 3.14-rc4
Signed-off-by: Olof Johansson <olof@lixom.net>
interrupt types of some IPs, the other fixes up a compatible that got
introduced during 3.14
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAABAgAGBQJTFFXwAAoJEBx+YmzsjxAgXR4P/3Oa9crjF3IFZq4ugO+cJsbg
F3xjKMfuyCjfAYwtzexivRl7PjuGShdevYvNRbY1sqNTAIQbJRWAQC+ZXolXPp/W
gE6z8mAIlLG0OmE8t1glGLhXVyXiRTlm2s96su2q73MWqYMNXE+yr8K+qt+5gA7r
M34lYAGqKyQEgs8TKSGSvqa7yZLWZlii6FKwtOCU6HlFm3Rz9Glj8MyTixQDMY0H
LCONp9csbEgPfrLh+FfJitK2H5kRAU0xJAmP/k+rZtzSKy0kPuCTsKO/ZeUnKhQy
Rq1Li60Ho3nzmVNljtFVPoDZluxlrZwXA8xLzE88CiwjlYx3TauFFxIIbyGwPamX
hBEWDqL0x9Y7FQD4Ft4s8mnCE1bD+7eKnqCyCDVGD5je+1qu70vFQZa7ZR2eM9kg
FS/GSWuG54nIBRwIn7tcdK6iKxkvOIq9ZyQIYw5Uk0d2ZYeiyWNnHl9KtfjwKkXN
Yh2N6yd4tH6gUhH9niHyczumTuya4+QUbd8DxZrbkD9G3XnmQdLbjTifAjvZTzk/
zRF/nx399aEYd2LHoBpozuhF9k8otrleC8sWqIjkwVRVX9KYsgNC2CuIgUQCgSpX
hFcx1xtdNwFyq3AdZmrSV1ORBumEb3lhNAtXWwtFfioamDWDIb2m39wgxiNhZrN7
hdpJ2Rt48dI8iTRKRxQ9
=uxIH
-----END PGP SIGNATURE-----
Merge tag 'sunxi-fixes-for-3.14' of https://github.com/mripard/linux into fixes
Allwinner fixes from Maxime Ripard:
Two fixes for device trees additions that got added in 3.14. One fixes the
interrupt types of some IPs, the other fixes up a compatible that got
introduced during 3.14
* tag 'sunxi-fixes-for-3.14' of https://github.com/mripard/linux:
ARM: sunxi: dt: Change the touchscreen compatibles
ARM: sun7i: dt: Fix interrupt trigger types
Signed-off-by: Olof Johansson <olof@lixom.net>
The kbuild test robot reported:
> tree: git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-next
> head: 6f285b19d0
> commit: 6f285b19d0 [2/2] audit: Send replies in the proper network namespace.
> reproduce: make htmldocs
>
> >> Warning(kernel/audit.c:575): No description found for parameter 'request_skb'
> >> Warning(kernel/audit.c:575): Excess function parameter 'portid' description in 'audit_send_reply'
> >> Warning(kernel/auditfilter.c:1074): No description found for parameter 'request_skb'
> >> Warning(kernel/auditfilter.c:1074): Excess function parameter 'portid' description in 'audit_list_rules_s
Which was caused by my failure to update the kdoc annotations when I
updated the functions. Fix that small oversight now.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Pull cgroup fixes from Tejun Heo:
"Two cpuset locking fixes from Li. Both tagged for -stable"
* 'for-3.14-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup:
cpuset: fix a race condition in __cpuset_node_allowed_softwall()
cpuset: fix a locking issue in cpuset_migrate_mm()
Pull workqueue fix from Tejun Heo:
"This pull request contains a workqueue usage fix for firewire.
For quite a long time now, workqueue only treats two work items
identical iff both their addresses and callbacks match. This is to
avoid introducing false dependency through the work item being
recycled while being executed. This changes non-reentrancy guarantee
for the users of PREPARE[_DELAYED]_WORK() - if the function changes,
reentrancy isn't guaranteed against the previous instance. Firewire
depended on such nonreentrancy guarantee.
This is fixed by doing the work item multiplexing from firewire proper
while keeping the work function unchanged"
* 'for-3.14-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq:
firewire: don't use PREPARE_DELAYED_WORK
regression since v3.10.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAABAgAGBQJTGuNHAAoJEHnzb7JUXXnQlAIP/Ax3QGivoxC4GnidUMWoDwhV
qYLuq6RQyM2GIT/hkUn5yfcWfJvPw4C4zfVehs5gOER+HrN1gRmQA3Ic00VIIqZm
hpvVCZNzfCJMFK9ipkLvOLEdHZkqTyZYWWQFa8IdWGztkWshrZkGih/xImr8YWQb
oOxoCC/548m/R5pdlXCplb2KUZWdpyamvpPxj24obYd1byS+s2gHxx2tGO1coAHR
BP/L+qzWTRh0oW4TzHYUFfVoUy26wIUuB3WZKn1EuhVp7q+UJ9JXQpbwFp2vYREg
4OC/f0TySTLMFjEBu5TD/Z8tDNZXLyljuO8nniTRkPqujBqJqveub7xEdtMhXx5a
JvlDDhqALthVE4zse72swA3kshzkAveHXRDmHjIlNrz6ei/mkyjFsk1gWnza22YA
1BZjhYAQjrv3MDRPD21e7LtNfOWfniNcSC6KeJc8h3MMXlkUX8wKiGdjDtujOnGE
rQ2QAFQdQv7yYavWcH0nbHFqWH5sbct7LVIPJ64lg3pleVXGmc/XGoXNpPykQRJn
WcUXcbO7dc4e8AHIe3DVlUW/KgiucqiLPhC5jpukrXZc039glpOeDPrTeeXYrBaD
UuZ6w8s7S1MmYBbop5bBW6MJHOQcn0jyej8QnYhoClZ7VcAnUezPz1rxx+hUq+H+
ov4pftNGrTVd/pexsYvN
=F0Ho
-----END PGP SIGNATURE-----
Merge tag 'firewire-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394
Pull firewire fixes from Stefan Richter:
"Fix a use-after-free regression since v3.4 and an initialization
regression since v3.10"
* tag 'firewire-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394:
firewire: ohci: fix probe failure with Agere/LSI controllers
firewire: net: fix use after free
CPU frequency cannot be scaled.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQIcBAABAgAGBQJTGoj7AAoJEDqPOy9afJhJm6oQAMEw19Xyz/Of4n4/7sTogL+G
SXSQK9Ava2rbYNaPrU267dpgFausCQZNIN2uCsrvQtIsWq6ScInKgVxjXUHhE2rm
F2UkapBBctPhJYKS1W+6WzZzUNNE1Lo4Ab33GlpWV+DBZlJ/XFVDmgbtEs/H59lC
woedh6q9JZSDa8QSk8t4gG7Fkk15ImgXI2pm9/WiCkh7ZHLgBPTGOpe9rVOiieNf
uzALWBhpgySEJXDjqK2O6cbng11EvUJGmLYxrOwfOBwcnLe4fk6t26KEovT0e/2s
HidGVoiGSMWZfY1xrnHaehJvqO7qu7iBsWfn5KRFoMW7NbjDKFUg5YfEIjuh3R/J
KSEHovNO/PmS2xyQowLplgP2pAuHfZ80oRgsOWZ1fG3CCfXghfr5WVMAL1pqtSQV
HzTqm+Aiaf4rbKOTcGISYBjG+X7/wU0w/tvDgjpoMo08mR+RmmTC0wkauWXmDOZQ
P91lWuUtSbpY2B9JdjVNHKTLWpKD8nDBV+aTXj4OwxVIk6s9FhNw6+++9l46OrT8
02BVhU0Z3rg20o69Nx1vShQFN7vhxsKXC9UePdpt3NnlgUUe1JYiVe44ut/AMr5O
PIAXQQXj+zgFQX8PdKtLAvRO2DnF4OpCH758AXywmarYZYDahmc6XSJTEqsk3Tbt
rQCfsnVwgbyQTHfvgqk7
=UEPE
-----END PGP SIGNATURE-----
Merge tag 'clk-fixes-for-linus' of git://git.linaro.org/people/mike.turquette/linux
Pull clk driver fix from Mike Turquette:
"Single fix for a clock driver merged in 3.14-rc1. Without this fix
the CPU frequency cannot be scaled"
* tag 'clk-fixes-for-linus' of git://git.linaro.org/people/mike.turquette/linux:
clk: shmobile: rcar-gen2: Use kick bit to allow Z clock frequency change
- ACPI tables in some BIOSes list device resources with size equal
to 0, which doesn't make sense, so we should ignore them, but
instead we try to use them and mangle things completely. Fix
from Zhang Rui.
- Several models of Samsung laptops accumulate EC events when they
are in sleep states which leads to EC buffer overflows that prevent
new events from being signaled after system resume or reboot. This
has been affecting many users for quite a while and may be addressed
by clearing the EC buffer during system resume and system startup on
those machines. From Kieran Clancy.
- If the ACPI sleep control and status registers are not present
(which happens if the Hardware Reduced ACPI mode bit is set in
the ACPI tables, but also may result from BIOS bugs), we should
not try to use ACPI to power off the system and ACPI S5 should
not be listed as supported. Fix from Aubrey Li.
- There's a race condition in cpufreq_get() that leads to a kernel
crash if that function is called at a wrong time. Fix from
Aaron Plattner.
- cpufreq policy objects have to be initialized entirely before
they are first accessed by their users which isn't the case
currently and that potentially leads to various kinds of
breakage that is difficult to debug. Fix from Viresh Kumar.
- Locking is missing in __cpufreq_add_dev() which leads to a race
condition that may trigger a kernel crash. Fix from Viresh Kumar.
/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAABCAAGBQJTGnQlAAoJEILEb/54YlRxc8EP/jK95zPwkMwASjNR1s/Gs7/Y
dx4qOYsWSs0Iutn1syyEg57TgjS/14z0UgOnYRiRHAFP+9610SLjZkZZelYQMgFE
N4NyQJB7rTL+ycGH1oovbWQPQlewx4aX6p6XNg4bQHTHwxiik/gS6G7rW4Edxt+h
BIc0SXDf/ldsDJk42v4ie0lSmIRtFF789cXvESi6KmLyNuwiuvGo25uCODVTZxAz
h/ekjcF3PrbAsTeI+yw4J8pceI/IxXksdHp08jQsS7/QYGnMTGo3PXX3NfgSszbg
WPPgk409AHjgGPgtWjkVXCChJbKJ57CtHVQ+PG8EYZy+yMTRLWEhxfGcg9sjcKaJ
Z5gvCQz/g7vF0zk4ScMb6Re+t53lN3SsPwsROj2p/RD7X8uLWIi0Ocuk+iLhermv
HOEg0Loo6gAN3QiviPjUhtVK1cNu3zuCuTbjhDq6L6S4t1LsnbIWd3QdoUBn1GM+
wIgFK/qu11m6QV3q8dlAxE/iMZQ8KrixlKfETPXK6KlrWBPA4v5H4lu5IjNEsmd0
tPbNPFhR4zzlV3QVzlk1NYCV9TxIX7kMl5CIZERLpzkzg9UkgJuaatQx7UjwCcxL
JTUtMxmHGL7m8ToVJgOcBo+WIjRIEGdQ53ZoB0WndwHYuRIt78WoNP5xTi84JEOk
AE/Od2/YjC/lb8u/gxK4
=57PZ
-----END PGP SIGNATURE-----
Merge tag 'pm+acpi-3.14-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull ACPI and power management fixes from Rafael Wysocki:
- ACPI tables in some BIOSes list device resources with size equal to
0, which doesn't make sense, so we should ignore them, but instead we
try to use them and mangle things completely. Fix from Zhang Rui.
- Several models of Samsung laptops accumulate EC events when they are
in sleep states which leads to EC buffer overflows that prevent new
events from being signaled after system resume or reboot. This has
been affecting many users for quite a while and may be addressed by
clearing the EC buffer during system resume and system startup on
those machines. From Kieran Clancy.
- If the ACPI sleep control and status registers are not present (which
happens if the Hardware Reduced ACPI mode bit is set in the ACPI
tables, but also may result from BIOS bugs), we should not try to use
ACPI to power off the system and ACPI S5 should not be listed as
supported. Fix from Aubrey Li.
- There's a race condition in cpufreq_get() that leads to a kernel
crash if that function is called at a wrong time. Fix from Aaron
Plattner.
- cpufreq policy objects have to be initialized entirely before they
are first accessed by their users which isn't the case currently and
that potentially leads to various kinds of breakage that is difficult
to debug. Fix from Viresh Kumar.
- Locking is missing in __cpufreq_add_dev() which leads to a race
condition that may trigger a kernel crash. Fix from Viresh Kumar.
* tag 'pm+acpi-3.14-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
ACPI / EC: Clear stale EC events on Samsung systems
cpufreq: Initialize governor for a new policy under policy->rwsem
cpufreq: Initialize policy before making it available for others to use
cpufreq: use cpufreq_cpu_get() to avoid cpufreq_get() race conditions
ACPI / sleep: pm_power_off needs more sanity checks to be installed
ACPI / resources: ignore invalid ACPI device resources
It's an enum, not a #define, you can't use it in asm files.
Introduced in commit 5fa10196bd ("x86: Ignore NMIs that come in during
early boot"), and sadly I didn't compile-test things like I should have
before pushing out.
My weak excuse is that the x86 tree generally doesn't introduce stupid
things like this (and the ARM pull afterwards doesn't cause me to do a
compile-test either, since I don't cross-compile).
Cc: Don Zickus <dzickus@redhat.com>
Cc: H. Peter Anvin <hpa@linux.intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Pull ARM fixes from Russell King:
"A number of ARM updates for -rc, covering mostly ARM specific code,
but with one change to modpost.c to allow Thumb section mismatches to
be detected.
ARM changes include reporting when an attempt is made to boot a LPAE
kernel on hardware which does not support LPAE, rather than just being
silent about it.
A number of other minor fixes are included too"
* 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
ARM: 7992/1: boot: compressed: ignore bswapsdi2.S
ARM: 7991/1: sa1100: fix compile problem on Collie
ARM: fix noMMU kallsyms symbol filtering
ARM: 7980/1: kernel: improve error message when LPAE config doesn't match CPU
ARM: 7964/1: Detect section mismatches in thumb relocations
ARM: 7963/1: mm: report both sections from PMD
Pull x86 fixes from Peter Anvin:
"A small collection of minor fixes. The FPU stuff is still pending, I
fear. I haven't heard anything from Suresh so I suspect I'm going to
have to dig into the init specifics myself and fix up the patchset"
* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86: Ignore NMIs that come in during early boot
x86, trace: Further robustify CR2 handling vs tracing
x86, trace: Fix CR2 corruption when tracing page faults
x86/efi: Quirk out SGI UV
Pull power fixes from Ben Herrenschmidt:
"Here are a couple of powerpc fixes for 3.14.
One is (another!) nasty TM problem, we can crash the kernel by forking
inside a transaction. The other one is a simple fix for an alignment
issue which can hurt in LE mode"
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc:
powerpc: Align p_dyn, p_rela and p_st symbols
powerpc/tm: Fix crash when forking inside a transaction
Developers would say they put a trace_printk() before and after the trace
event but when they enable it (and the trace event said it was enabled) they
would see the trace_printks but not the trace event.
I was not able to reproduce this, but that's because I wasn't looking at
the right location. Recently, another bug came up that showed the issue.
If your kernel supports signed modules but allows for non-signed modules
to be loaded, then when one is, the kernel will silently set the
MODULE_FORCED taint on the module. Although, this taint happens without
the need for insmod --force or anything of the kind, it labels the
module with that taint anyway.
If this tainted module has tracepoints, the tracepoints will be ignored
because of the MODULE_FORCED taint. But no error message will be
displayed. Worse yet, the event infrastructure will still be created
letting users enable the trace event represented by the tracepoint,
although that event will never actually be enabled. This is because
the tracepoint infrastructure allows for non-existing tracepoints to
be enabled for new modules to arrive and have their tracepoints set.
Although there are several things wrong with the above, this change
only addresses the creation of the trace event files for tracepoints
that are not created when a module is loaded and is tainted. This change
will print an error message about the module being tainted and not the
trace events will not be created, and it does not create the trace event
infrastructure.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJTFnMPAAoJEKQekfcNnQGuPPwH/Rtwy/siM+ltvlLnEbRjS4RL
9aF5mfJUazmfCaOBMSaMUo92uCbciIVif6icX843JmCdCOR5Hk5SZryBbt2A/dF9
TcMloKNbIn/ad7yZ0O75BJlPnRJ5RZ42edQfW1lkdeWo644C8Kj399fVPt7KU5SH
1KTWyShT05E2fYjp2lMrb+FOFfKerlzkXtgGwJKXnd/7hrbdmKEH/OO8YkMrlVZp
SURPyzNMMVKoUFY797b6FrFRqV04C210BtNcNrd4S3/V9VE4IPS/8YSLfvVaGkD0
e2kVAvIOkwPnYzMZg70jf2R8NlGS2mwaVC+NenBHz3KlpFdaeRu1hFw7/n8h2/s=
=YbJd
-----END PGP SIGNATURE-----
Merge tag 'trace-fixes-v3.14-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
Pull tracing fix from Steven Rostedt:
"In the past, I've had lots of reports about trace events not working.
Developers would say they put a trace_printk() before and after the
trace event but when they enable it (and the trace event said it was
enabled) they would see the trace_printks but not the trace event.
I was not able to reproduce this, but that's because I wasn't looking
at the right location. Recently, another bug came up that showed the
issue.
If your kernel supports signed modules but allows for non-signed
modules to be loaded, then when one is, the kernel will silently set
the MODULE_FORCED taint on the module. Although, this taint happens
without the need for insmod --force or anything of the kind, it labels
the module with that taint anyway.
If this tainted module has tracepoints, the tracepoints will be
ignored because of the MODULE_FORCED taint. But no error message will
be displayed. Worse yet, the event infrastructure will still be
created letting users enable the trace event represented by the
tracepoint, although that event will never actually be enabled. This
is because the tracepoint infrastructure allows for non-existing
tracepoints to be enabled for new modules to arrive and have their
tracepoints set.
Although there are several things wrong with the above, this change
only addresses the creation of the trace event files for tracepoints
that are not created when a module is loaded and is tainted. This
change will print an error message about the module being tainted and
not the trace events will not be created, and it does not create the
trace event infrastructure"
* tag 'trace-fixes-v3.14-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
tracing: Do not add event files for modules that fail tracepoints
Pull irq fixes from Thomas Gleixner:
- a bugfix for a long standing waitqueue race
- a trivial fix for a missing include
* 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
genirq: Include missing header file in irqdomain.c
genirq: Remove racy waitqueue_active check