Commit Graph

300316 Commits

Author SHA1 Message Date
Cyrill Gorcunov
eb94cd96e0 fs, proc: fix ABBA deadlock in case of execution attempt of map_files/ entries
map_files/ entries are never supposed to be executed, still curious
minds might try to run them, which leads to the following deadlock

  ======================================================
  [ INFO: possible circular locking dependency detected ]
  3.4.0-rc4-24406-g841e6a6 #121 Not tainted
  -------------------------------------------------------
  bash/1556 is trying to acquire lock:
   (&sb->s_type->i_mutex_key#8){+.+.+.}, at: do_lookup+0x267/0x2b1

  but task is already holding lock:
   (&sig->cred_guard_mutex){+.+.+.}, at: prepare_bprm_creds+0x2d/0x69

  which lock already depends on the new lock.

  the existing dependency chain (in reverse order) is:

  -> #1 (&sig->cred_guard_mutex){+.+.+.}:
         validate_chain+0x444/0x4f4
         __lock_acquire+0x387/0x3f8
         lock_acquire+0x12b/0x158
         __mutex_lock_common+0x56/0x3a9
         mutex_lock_killable_nested+0x40/0x45
         lock_trace+0x24/0x59
         proc_map_files_lookup+0x5a/0x165
         __lookup_hash+0x52/0x73
         do_lookup+0x276/0x2b1
         walk_component+0x3d/0x114
         do_last+0xfc/0x540
         path_openat+0xd3/0x306
         do_filp_open+0x3d/0x89
         do_sys_open+0x74/0x106
         sys_open+0x21/0x23
         tracesys+0xdd/0xe2

  -> #0 (&sb->s_type->i_mutex_key#8){+.+.+.}:
         check_prev_add+0x6a/0x1ef
         validate_chain+0x444/0x4f4
         __lock_acquire+0x387/0x3f8
         lock_acquire+0x12b/0x158
         __mutex_lock_common+0x56/0x3a9
         mutex_lock_nested+0x40/0x45
         do_lookup+0x267/0x2b1
         walk_component+0x3d/0x114
         link_path_walk+0x1f9/0x48f
         path_openat+0xb6/0x306
         do_filp_open+0x3d/0x89
         open_exec+0x25/0xa0
         do_execve_common+0xea/0x2f9
         do_execve+0x43/0x45
         sys_execve+0x43/0x5a
         stub_execve+0x6c/0xc0

This is because prepare_bprm_creds grabs task->signal->cred_guard_mutex
and when do_lookup happens we try to grab task->signal->cred_guard_mutex
again in lock_trace.

Fix it using plain ptrace_may_access() helper in proc_map_files_lookup()
and in proc_map_files_readdir() instead of lock_trace(), the caller must
be CAP_SYS_ADMIN granted anyway.

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Reported-by: Sasha Levin <levinsasha928@gmail.com>
Cc: Konstantin Khlebnikov <khlebnikov@openvz.org>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: Dave Jones <davej@redhat.com>
Cc: Vasiliy Kulikov <segoon@openwall.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-05-17 18:00:51 -07:00
Rajkumar Kasirajan
c0a5f4a05a drivers/rtc/rtc-pl031.c: configure correct wday for 2000-01-01
The reset date of the ST Micro version of PL031 is 2000-01-01.  The
correct weekday for 2000-01-01 is saturday, but pl031 is initialized to
sunday.  This may lead to alarm malfunction, so configure the correct
wday if RTC_DR indicates reset.

Signed-off-by: Rajkumar Kasirajan <rajkumar.kasirajan@stericsson.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Cc: Mattias Wallin <mattias.wallin@stericsson.com>
Cc: Alessandro Zummo <a.zummo@towertech.it>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-05-17 18:00:51 -07:00
Linus Torvalds
1be5f0b757 Merge branch 'fixes' of git://git.infradead.org/users/vkoul/slave-dma
Pull slave-dmaengine fixes fromVinod Koul:
 "fixes of cylic dma usages in slave dma drivers"

* 'fixes' of git://git.infradead.org/users/vkoul/slave-dma:
  dmaengine: fix cyclic dma usage
  dmaengine: pl330: dont complete descriptor for cyclic dma
2012-05-17 09:57:13 -07:00
Linus Torvalds
42e8b9c001 virtio: last minute fixes for 3.4
Here are a couple of last minute virtio fixes for 3.4.
 Hope it's not too late yes - I might have tried too hard
 to make sure the fix is well tested.
 
 Fixes are by Amit and myself. One fixes module removal
 and one suspend of a VM, the last one the handling of out
 of memory condition.
 They are thus very low risk as most people never hit these paths, but do fix
 very annoying problems for people that do use the feature.
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQEcBAABAgAGBQJPtMReAAoJECgfDbjSjVRp/7sIAIj1C/FaDWpKYydSti2wGO5C
 oT4JIFbiPUbs+9dkfDQve744ox3f9zW/K1e+xr0QkSpIDT76NFihUr++9PTGpLlw
 LPxbHXljQ+370gMu9eoF0iewRpY8rca3ZwL+5kb5GA+J+RGcXWbrj/wvu1IFW5Yy
 cGI8y/dkpEW42rVp1SJ+/yIYidkP2Ko017j/BmfTq0YIU2g8e+cH00uqQhhPaXlH
 h8PYxpzWBJbh1jmA6Zb0hsVfDpSrZoylCLEOeN0Vs1xF9MXwagAkVcIITdQCsIIh
 O7xsU+QB9pQd0RcUGXHJh8UNo7O5y55+wiZt/YDt3q8su4tPdPjjybmlBx6CJDE=
 =/XBC
 -----END PGP SIGNATURE-----

Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost

Pull last minute virtio fixes from Michael S. Tsirkin:
 "Here are a couple of last minute virtio fixes for 3.4.  Hope it's not
  too late yes - I might have tried too hard to make sure the fix is
  well tested.

  Fixes are by Amit and myself.  One fixes module removal and one
  suspend of a VM, the last one the handling of out of memory condition.

  They are thus very low risk as most people never hit these paths, but
  do fix very annoying problems for people that do use the feature.

  Signed-off-by: Michael S. Tsirkin <mst@redhat.com>"

* tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost:
  virtio_net: invoke softirqs after __napi_schedule
  virtio: balloon: let host know of updated balloon size before module removal
  virtio: console: tell host of open ports after resume from s3/s4
2012-05-17 09:55:58 -07:00
Linus Torvalds
674ff51776 ARM: SoC fixes for 3.4
I will stop trying to predict when we're done with fixes for a release.
 
 Here's another small batch of three patches for arm-soc:
 
 - A fix for a boot time WARN_ON() due to irq domain conversion on PRIMA2
 - Fix for a regression in Tegra SMP spinup code due to swapped register offsets
 - Fixed config dependency for mv_cesa crypto driver to avoid build breakage
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJPtIh7AAoJEIwa5zzehBx3l8wP/1YHLAmjUDSIyhhgUr4aCVJQ
 BH/0rklbf+xsGRA+TIzk5VH6vIZYcRn//E1RDsYM+OLVeBBJW/0Jyg13bjYRrMSx
 KvtlKrzoULH1SNFVJstCYajRP4pP0jP+dmLy2EYFTrRXRAviZ6KlZsNCuD1AgfcE
 eYPClDBt6Wx5WGPMivtAGz+tCy56eXb7Iyrzj0SltknS+5ycoAmVKqdvRON6vUdL
 MEB/Z9E+BehOTQ8pTUP+u5a5P73kWzf8rt4+Y48gxVhMcnFJsnElrzgPzTWfYRfE
 eeG5LPXMiOeqoE0xsQzwJa6U49cp14qfRZyVVUfLRM/KhKIFBmslVdOJNoEeS17U
 zIG8sFo7IuAh6nAFY0v8ASoaCFNAuPHZBblb5xq/IYgSvkf4GkLqNW2xq3zCjpa6
 LR6LSCy517/+197fXV55+w+2WNRBqpqgqtZzUdROTtCJwYN0NDhD0VGNSgS9QYeF
 4VCw2IChyGkIpIEc8SoK1bmtCK/60cKTaAVduzRoz5v7+lsQLHSG/g4odONspcBD
 xrA5o6LvFHtituYDF0wu4U9NhaxtbZMFaSBAr8LztVPivlT57FoHyyoQTkrWgcfl
 0VJur8AcdB7j8hr7tWqlVxAqJQOSR2pXtUMwgMUkiPmJz8bApYo04rHllYXQGOAg
 qWu9jUoDHsCVhVJ4zv3+
 =jft8
 -----END PGP SIGNATURE-----

Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM: SoC fixes from Olof Johansson:
 "I will stop trying to predict when we're done with fixes for a
  release.

  Here's another small batch of three patches for arm-soc:

   - A fix for a boot time WARN_ON() due to irq domain conversion on
     PRIMA2
   - Fix for a regression in Tegra SMP spinup code due to swapped
     register offsets
   - Fixed config dependency for mv_cesa crypto driver to avoid build
     breakage"

* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
  ARM: PRIMA2: fix irq domain size and IRQ mask of internal interrupt controller
  crypto: mv_cesa requires on CRYPTO_HASH to build
  ARM: tegra: Fix flow controller accesses
2012-05-17 09:46:07 -07:00
Linus Torvalds
36a1987cd8 md: 2 fixes for 3.4
one fixes a bug in the new raid10 resize code so is relevant
 to 3.4 only
 Other fixes a bug in the use of md by dm-raid, so is relevant
 to any kernel with dm-raid support
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.18 (GNU/Linux)
 
 iQIVAwUAT7SBkznsnt1WYoG5AQK3wQ//Q2sPicPHb5MNGTTBpphYo1QWo+l9jFHs
 ZDBM+MaiNJg3kBN5ueUU+MENvLcaA5+zoxsGVBXBKyXr70ffqiQcLXyU7fHwrGu3
 5MD36p55ZPnq2pemCrp4qdTXEUabmDb+0/R7e5lywnzNdbmCAfh4uYih0VPiaClV
 ihq/Ci12TDnezmLjksc09OCquhm0s3zH2BnMCVdmSAkhnXCxTeZ45s/ob71Y2xvj
 cJ15SYlAG4t0QCikL5R8pZtkh0h2SuUhufDE09eD8yT4RGO4PHSQ4oHujajftzey
 9sB0NGH7Yla8gOXjA+EpzKPaiqtZxJB+1v/bhqA2FoOYAks8VoFfeqgwUbPYE7bk
 GIfGB4hFsUXaJo13uzofyJXBIp9mM/J5Sk1VJsiLE85P7wewg6N199B8lpC3lFDw
 tMLjfTMJzFOUqZBESjJoxyrc4fairZ9VCUWwpqjuioLO50e+lOi/jQHTspX78e+w
 GxgjHp8hh0RqQiTkl7vIz9KVcQIeOTG9uzz61IuDp15cRSrMs6E8gVKoX8gKW9g2
 Hec17fdG/H6ZeZa7MB9GzUD4HCj0PRbODQ3/fPhUdsbgtQjOvsVUH8LCRRU0U6cb
 YF+qsDFtUF7QT2kNbrs9R6adGj97c2HWUMyRWMQAXGuL5TkstvhrRv/rk1+bv2VG
 w7ptbiklj7o=
 =9zxe
 -----END PGP SIGNATURE-----

Merge tag 'md-3.4-fixes' of git://neil.brown.name/md

Pull two md fixes from NeilBrown:
 "One fixes a bug in the new raid10 resize code so is relevant to 3.4
  only.

  The other fixes a bug in the use of md by dm-raid, so is relevant to
  any kernel with dm-raid support"

* tag 'md-3.4-fixes' of git://neil.brown.name/md:
  MD: Add del_timer_sync to mddev_suspend (fix nasty panic)
  md/raid10: set dev_sectors properly when resizing devices in array.
2012-05-17 09:44:35 -07:00
Linus Torvalds
31ae98359d Merge branches 'perf-urgent-for-linus', 'x86-urgent-for-linus' and 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull perf, x86 and scheduler updates from Ingo Molnar.

* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  tracing: Do not enable function event with enable
  perf stat: handle ENXIO error for perf_event_open
  perf: Turn off compiler warnings for flex and bison generated files
  perf stat: Fix case where guest/host monitoring is not supported by kernel
  perf build-id: Fix filename size calculation

* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86, kvm: KVM paravirt kernels don't check for CPUID being unavailable
  x86: Fix section annotation of acpi_map_cpu2node()
  x86/microcode: Ensure that module is only loaded on supported Intel CPUs

* 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  sched: Fix KVM and ia64 boot crash due to sched_groups circular linked list assumption
2012-05-17 09:35:17 -07:00
Michael S. Tsirkin
ec13ee8014 virtio_net: invoke softirqs after __napi_schedule
__napi_schedule might raise softirq but nothing
causes do_softirq to trigger, so it does not in fact
run. As a result,
the error message "NOHZ: local_softirq_pending 08"
sometimes occurs during boot of a KVM guest when the network service is
started and we are oom:

  ...
  Bringing up loopback interface:  [  OK  ]
  Bringing up interface eth0:
  Determining IP information for eth0...NOHZ: local_softirq_pending 08
   done.
  [  OK  ]
  ...

Further, receive queue processing might get delayed
indefinitely until some interrupt triggers:
virtio_net expected napi to be run immediately.

One way to cause do_softirq to be executed is by
invoking local_bh_enable(). As __napi_schedule is
normally called from bh or irq context, this
seems to make sense: disable bh before __napi_schedule
and enable afterwards.

In fact it's a very complicated way of calling do_softirq(),
and works since this function is only used when we are not
in interrupt context.  It's not hot at all, in any ideal scenario.

Reported-by: Ulrich Obergfell <uobergfe@redhat.com>
Tested-by: Ulrich Obergfell <uobergfe@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Rusty Russell <rusty@rustcorp.com.au>
2012-05-17 12:16:38 +03:00
Amit Shah
b8ae0eb320 virtio: balloon: let host know of updated balloon size before module removal
When the balloon module is removed, we deflate the balloon, reclaiming
all the pages that were given to the host.  However, we don't update the
config values for the new balloon size, resulting in the host showing
outdated balloon values.

The size update is done after each leak and fill operation, only the
module removal case was left out.

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-05-17 12:14:34 +03:00
Amit Shah
fa8b66ccd2 virtio: console: tell host of open ports after resume from s3/s4
If a port was open before going into one of the sleep states, the port
can continue normal operation after restore.  However, the host has to
be told that the guest side of the connection is open to restore
pre-suspend state.

This wasn't noticed so far due to a bug in qemu that was fixed recently
(which marked the guest-side connection as always open).

CC: stable@vger.kernel.org   # Only for 3.3

Signed-off-by: Amit Shah <amit.shah@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2012-05-17 12:14:33 +03:00
Barry Song
ad3b8a8393 ARM: PRIMA2: fix irq domain size and IRQ mask of internal interrupt controller
the old codes will cause 3.4 kernel warning as irq domain size is wrong:
------------[ cut here ]------------
WARNING: at kernel/irq/irqdomain.c:74 irq_domain_legacy_revmap+0x24/0x48()
Modules linked in:
[<c0013f50>] (unwind_backtrace+0x0/0xf8) from [<c001e7d8>] (warn_slowpath_common+0x54/0x64)
[<c001e7d8>] (warn_slowpath_common+0x54/0x64) from [<c001e804>] (warn_slowpath_null+0x1c/0x24)
[<c001e804>] (warn_slowpath_null+0x1c/0x24) from [<c005c3c4>] (irq_domain_legacy_revmap+0x24/0x48)
[<c005c3c4>] (irq_domain_legacy_revmap+0x24/0x48) from [<c005c704>] (irq_create_mapping+0x20/0x120)
[<c005c704>] (irq_create_mapping+0x20/0x120) from [<c005c880>] (irq_create_of_mapping+0x7c/0xf0)
[<c005c880>] (irq_create_of_mapping+0x7c/0xf0) from [<c01a6c48>] (irq_of_parse_and_map+0x2c/0x34)
[<c01a6c48>] (irq_of_parse_and_map+0x2c/0x34) from [<c01a6c68>] (of_irq_to_resource+0x18/0x74)
[<c01a6c68>] (of_irq_to_resource+0x18/0x74) from [<c01a6ce8>] (of_irq_count+0x24/0x34)
[<c01a6ce8>] (of_irq_count+0x24/0x34) from [<c01a7220>] (of_device_alloc+0x58/0x158)
[<c01a7220>] (of_device_alloc+0x58/0x158) from [<c01a735c>] (of_platform_device_create_pdata+0x3c/0x80)
[<c01a735c>] (of_platform_device_create_pdata+0x3c/0x80) from [<c01a7468>] (of_platform_bus_create+0xc8/0x190)
[<c01a7468>] (of_platform_bus_create+0xc8/0x190) from [<c01a74cc>] (of_platform_bus_create+0x12c/0x190)
---[ end trace 1b75b31a2719ed32 ]---

Signed-off-by: Barry Song <Baohua.Song@csr.com>
Signed-off-by: Olof Johansson <olof@lixom.net>
2012-05-16 21:52:13 -07:00
Jonathan Brassow
0d9f4f135e MD: Add del_timer_sync to mddev_suspend (fix nasty panic)
Use del_timer_sync to remove timer before mddev_suspend finishes.

We don't want a timer going off after an mddev_suspend is called.  This is
especially true with device-mapper, since it can call the destructor function
immediately following a suspend.  This results in the removal (kfree) of the
structures upon which the timer depends - resulting in a very ugly panic.
Therefore, we add a del_timer_sync to mddev_suspend to prevent this.

Cc: stable@vger.kernel.org
Signed-off-by: NeilBrown <neilb@suse.de>
2012-05-17 10:38:24 +10:00
NeilBrown
6508fdbf40 md/raid10: set dev_sectors properly when resizing devices in array.
raid10 stores dev_sectors in 'conf' separately from the one in
'mddev' because it can have a very significant effect on block
addressing and so need to be updated carefully.

However raid10_resize isn't updating it at all!

To update it correctly, we need to make sure it is a proper
multiple of the chunksize taking various details of the layout
in to account.
This calculation is currently done in setup_conf.   So split it
out from there and call it from raid10_resize as well.
Then set conf->dev_sectors properly.

Signed-off-by: NeilBrown <neilb@suse.de>
2012-05-17 10:08:45 +10:00
Linus Torvalds
0e93b4b304 Merge git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull kvm powerpc fixes from Marcelo Tosatti:
 "Urgent KVM PPC updates, quoting Alexander Graf:

    There are a few bugs in 3.4 that really should be fixed before
    people can be all happy and fuzzy about KVM on PowerPC.  These fixes
    are:

     * fix POWER7 bare metal with PR=y
     * fix deadlock on HV=y book3s_64 mode in low memory cases
     * fix invalid MMU scope of PR=y mode on book3s_64, possibly eading
       to memory corruption"

* git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: PPC: Book3S HV: Fix bug leading to deadlock in guest HPT updates
  powerpc/kvm: Fix VSID usage in 64-bit "PR" KVM
  KVM: PPC: Book3S: PR: Fix hsrr code
  KVM: PPC: Fix PR KVM on POWER7 bare metal
  KVM: PPC: Book3S: PR: Handle EMUL_ASSIST
2012-05-16 14:30:51 -07:00
Linus Torvalds
b724cc199b sound fixes for 3.4
A few last-minute regression fixes for 3.4 final kernel.
 All trivial, and Cc'ed to stable kernel.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.18 (GNU/Linux)
 
 iQIcBAABAgAGBQJPs5nDAAoJEGwxgFQ9KSmkKqAP/AxbPIMOhYtwJXSLIBJdDTBy
 QIh7SUZTDF7m3h3pElFIUzb6NXftBOktwNBCYjYrtWH3hv6a0XwAG/zs2ysvHo4O
 1iIEIT61ojckSC2OXqdCLSnZrLZmysuBUJEt8JdpHKoGnfxt8xUUSOqtIggur6s+
 T34u1pqJr7gcaU0/51XXqGqR2s4qui8LkSyPVx+s3Pz4+mfh+um1SBcYz5bYpkXe
 04gwCR6qrxwvqn1gGUiwFw1KtWNuD+BwWyLN+WNWLrm7NVipVLPaAaCjvnouxYwU
 Z9psy3QgwgFyJ0k27lWf+NkP25/9NXuj0yaV0++dUHR4QP3+P9IJpvpyFLvkyXBe
 EPjLsAdW9WQKlp/0eN/b2k8825Ip5on3UNrQhTmXc0QLC6bCyoRlznSI2nKC7rZw
 eYcFUv37pka3iL9i/cNQKwhY8iRwts6vAuHdqONA3iDyCoBIYWsZZDzs+tjc3xYN
 f1cI+vbDLatzpn6ut2yXIqCHJLLUROL6DnKC6l86+7DNXo7hJ9CZOSgedhvdPRc6
 sayOsbWwG8RX7vLsbp4SvfpaGwI+GtfFoaECKcLW5Tem8xLuTbUcuIavAyjqxzrk
 Shp7TGDmM5U1JFcXK3ZtvUcumBFjTa2rl9OB5dHMzLQV8KZAzeVUNqSHm4pma3SX
 NpdEX7QxM83K0zSnppjh
 =e/ZS
 -----END PGP SIGNATURE-----

Merge tag 'sound-3.4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound

Pull sound fixes from Takashi Iwai:
 "A few last-minute regression fixes for 3.4 final kernel.  All trivial,
  and Cc'ed to stable kernel."

* tag 'sound-3.4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ASoC: wm8994: Fix AIF2ADC power down
  ALSA: hda/idt - Fix power-map for speaker-pins with some HP laptops
  ASoC: cs42l73: Sync digital mixer kcontrols to allow for 0dB
2012-05-16 14:29:45 -07:00
Linus Torvalds
f8fc341ba4 Fix a nasty off-by-one remoteproc bug which leaks memory when
a remote processor is shut down and, on certain circumstances,
 can indirectly prevent it from being reloaded.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJPs2y2AAoJELLolMlTRIoMcl0P/0fPAjNlIeMbiWy5FqTgwkM6
 QnujXPq0+fGRbO8ScjAVCVUmKewEbBtzA7h6b3XD4VUCMVIiWx2+hEhuYMNHduxj
 CnqwNsukl/PmPLBQucghuITjGqgAAasuO7UvE4b12vn/ZD8y28f21sL4S0G5DIAv
 GKLInkwMWwCjdNBa1CquVSl7t75TtEPByPuLa+3Cr+uhKP0zI+1TEyTzA6oSi+ub
 aR56yZCS2HF4jiTNKb/+x/mSeaCOhUb7/d8173c9fKFFU8jF6LNc0uRByLSUg2Ze
 2cU5UEhtxBhJ3fG2HuAMAvXJyFvriW+kYcUZeubgaHIWR/g+vNXYO4Q1Aoicve6V
 Ulp4y5Nwv4xbU3BLOm1r3CFioTTSBOpqHY6x1NjyJUCRGel0XWWsNuLvm6nMTVql
 GmzwKPH5nnyFI1piJRagLzPs1KbW6yBqwghiUkGagEfuHsjHPZ6RHMolVVSFhD5Z
 wmvwO8nJ59bgjMndz1VAPkcvihYDG8kZ2GrsOE7i8wLUK7V1MuI0SH5364nti58F
 dxetaqcOkARN4Alt+6mNgymOqybcueOUa9BhlosXyGRhHYfUnlQV1m+i5uT9P4pJ
 558rJ4PHJDqC3KsRLgY8oK9QIGOAthR+naUSSSipIfuiXnDNCydXEApY+Q5PkgEm
 +HBh+0lwlEWY2i+Ege3F
 =wUSA
 -----END PGP SIGNATURE-----

Merge tag 'rproc-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ohad/remoteproc

Pull remoteproc fix from Ohad Ben-Cohen:
 "Fix a nasty off-by-one remoteproc bug which leaks memory when a remote
  processor is shut down and, on certain circumstances, can indirectly
  prevent it from being reloaded."

* tag 'rproc-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ohad/remoteproc:
  remoteproc: fix off-by-one bug in __rproc_free_vrings
2012-05-16 14:26:05 -07:00
Linus Torvalds
dfae359f08 Merge git://git.samba.org/sfrench/cifs-2.6
Pull CIFS fix from Jeff Layton

* git://git.samba.org/sfrench/cifs-2.6:
  cifs: fix misspelling of "forcedirectio"
2012-05-16 14:22:38 -07:00
Linus Torvalds
39d6411b7d Merge branch 'stable' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile
Pull two Tile arch fixes from Chris Metcalf:
 "These are both bug-fixes, one to avoid some issues in how we invoke
  the "pending userspace work" flags on return to userspace, and the
  other to provide the same signal handler arguments for tilegx32 that
  we do for tilegx64."

* 'stable' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile:
  arch/tile: apply commit 74fca9da0 to the compat signal handling as well
  arch/tile: fix up some issues in calling do_work_pending()
2012-05-16 14:21:41 -07:00
Linus Torvalds
8011652957 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking tree from David Miller:

1) ptp_pch driver build broke during this merge window due to missing
   slab.h header, fix from Geery Uytterhoeven.

2) If ipset passes in a bogus hash table size we crash because the size
   is not validated properly.  Compounding this, gcc-4.7 can miscompile
   ipset such that even when the user specifies legitimate parameters
   the tool passes in an out-of-range size to the kernel.

   Fix from Jozsef Kadlecsik.

3) Users have reported that the netdev watchdog can trigger with pch_gbe
   devices, and it turns out this is happening because of races in the
   TX path of the driver leading to the transmitter hanging.  Fix from
   Eric Dumazet, reported and tested by Andy Cress.

4) Novatel USB551L devices match the generic class entries for the cdc
   ethernet USB driver, but they don't work because they have generic
   descriptors and thus need FLAG_WWAN to function properly.

   Add the necessary ID table entry to fix this, from Dan Williams.

5) A recursive locking fix in the USBNET driver added a new problem, in
   that packet list traversal is now racy and we can thus access
   unlinked SKBs and crash.

   Avoid this situation by adding some extra state tracking, from Ming
   Lei.

6) The rtlwifi conversion to asynchronous firmware loading is racy, fix
   by reordering the probe procedure.  From Larry Finger.

   Fixes: https://bugzilla.kernel.org/show_bug.cgi?id=43187

7) Fix regressions with bluetooth keyboards by notifying userland
   properly when the security level changes, from Gustavo Padovan.

8) Bluetooth needs to make sure device connected events are emitted
   before other kinds of events, otherwise userspace will think there is
   no baseband link yet and therefore abort the sockets associated with
   that connection.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
  netfilter: ipset: fix hash size checking in kernel
  ptp_pch: Add missing #include <linux/slab.h>
  pch_gbe: fix transmit races
  cdc_ether: add Novatel USB551L device IDs for FLAG_WWAN
  usbnet: fix skb traversing races during unlink(v2)
  Bluetooth: mgmt: Fix device_connected sending order
  Bluetooth: notify userspace of security level change
  rtlwifi: fix for race condition when firmware is cached
2012-05-16 13:14:52 -07:00
Chris Metcalf
a134d22829 arch/tile: apply commit 74fca9da0 to the compat signal handling as well
This passes siginfo and mcontext to tilegx32 signal handlers that
don't have SA_SIGINFO set just as we have been doing for tilegx64.

Cc: stable@vger.kernel.org
Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
2012-05-16 16:01:45 -04:00
Chris Metcalf
fc327e268f arch/tile: fix up some issues in calling do_work_pending()
First, we were at risk of handling thread-info flags, in particular
do_signal(), when returning from kernel space.  This could happen
after a failed kernel_execve(), or when forking a kernel thread.
The fix is to test in do_work_pending() for user_mode() and return
immediately if so; we already had this test for one of the flags,
so I just hoisted it to the top of the function.

Second, if a ptraced process updated the callee-saved registers
in the ptregs struct and then processed another thread-info flag, we
would overwrite the modifications with the original callee-saved
registers.  To fix this, we add a register to note if we've already
saved the registers once, and skip doing it on additional passes
through the loop.  To avoid a performance hit from the couple of
extra instructions involved, I modified the GET_THREAD_INFO() macro
to be guaranteed to be one instruction, then bundled it with adjacent
instructions, yielding an overall net savings.

Reported-By: Al Viro <viro@ZenIV.linux.org.uk>
Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
2012-05-16 16:01:16 -04:00
Jozsef Kadlecsik
26a5d3cc0b netfilter: ipset: fix hash size checking in kernel
The hash size must fit both into u32 (jhash) and the max value of
size_t. The missing checking could lead to kernel crash, bug reported
by Seblu.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-05-16 15:38:49 -04:00
Geert Uytterhoeven
769b0daf6e ptp_pch: Add missing #include <linux/slab.h>
drivers/ptp/ptp_pch.c: In function 'pch_remove':
drivers/ptp/ptp_pch.c:576:2: error: implicit declaration of function 'kfree' [-Werror=implicit-function-declaration]
drivers/ptp/ptp_pch.c: In function 'pch_probe':
drivers/ptp/ptp_pch.c:587:2: error: implicit declaration of function 'kzalloc' [-Werror=implicit-function-declaration]

Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Acked-by: Richard Cochran <richardcochran@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-05-16 14:44:44 -04:00
Jeff Layton
531c8ff0d4 cifs: fix misspelling of "forcedirectio"
...and add a "directio" synonym since that's what the manpage has
always advertised.

Acked-by: Sachin Prabhu <sprabhu@redhat.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2012-05-16 11:26:25 -05:00
Arnd Bergmann
1fb372f88e Merge branch 'for-3.4/fixes-for-final' of git://git.kernel.org/pub/scm/linux/kernel/git/swarren/linux-tegra into fixes
* 'for-3.4/fixes-for-final' of git://git.kernel.org/pub/scm/linux/kernel/git/swarren/linux-tegra:
  ARM: tegra: Fix flow controller accesses

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2012-05-16 15:47:11 +02:00
Arnd Bergmann
139abbf5ef Merge branch 'marvell_fixes_for_v3.4' of git://git.infradead.org/users/jcooper/linux into fixes
* 'marvell_fixes_for_v3.4' of git://git.infradead.org/users/jcooper/linux:
  crypto: mv_cesa requires on CRYPTO_HASH to build

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2012-05-16 15:44:34 +02:00
Paul Mackerras
51bfd29981 KVM: PPC: Book3S HV: Fix bug leading to deadlock in guest HPT updates
When handling the H_BULK_REMOVE hypercall, we were forgetting to
invalidate and unlock the hashed page table entry (HPTE) in the case
where the page had been paged out.  This fixes it by clearing the
first doubleword of the HPTE in that case.

This fixes a regression introduced in commit a92bce95f0 ("KVM: PPC:
Book3S HV: Keep HPTE locked when invalidating").  The effect of the
regression is that the host kernel will sometimes hang when under
memory pressure.

Signed-off-by: Paul Mackerras <paulus@samba.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-05-16 15:02:12 +02:00
Benjamin Herrenschmidt
ffe3649282 powerpc/kvm: Fix VSID usage in 64-bit "PR" KVM
The code forgot to scramble the VSIDs the way we normally do
and was basically using the "proto VSID" directly with the MMU.

This means that in practice, KVM used random VSIDs that could
collide with segments used by other user space programs.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
[agraf: simplify ppc32 case]
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-05-16 15:02:11 +02:00
Alexander Graf
32c7dbfd47 KVM: PPC: Book3S: PR: Fix hsrr code
When jumping back into the kernel to code that knows that it would be
using HSRR registers instead of SRR registers, we need to make sure we
pass it all information on where to jump to in HSRR registers.

Unfortunately, we used r10 to store the information to distinguish between
the HSRR and SRR case. That register got clobbered in between though,
rendering the later comparison invalid.

Instead, let's use cr1 to store this information. That way we don't
need yet another register and everyone's happy.

This fixes PR KVM on POWER7 bare metal for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-05-16 15:02:11 +02:00
Alexander Graf
56e13dbae3 KVM: PPC: Fix PR KVM on POWER7 bare metal
When running on a system that is HV capable, some interrupts use HSRR
SPRs instead of the normal SRR SPRs. These are also used in the Linux
handlers to jump back to code after an interrupt got processed.

Unfortunately, in our "jump back to the real host handler after we've
done the context switch" code, we were only setting the SRR SPRs,
rendering Linux to jump back to some invalid IP after it's processed
the interrupt.

This fixes random crashes on p7 opal mode with PR KVM for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-05-16 15:02:10 +02:00
Alexander Graf
7ef4e985d5 KVM: PPC: Book3S: PR: Handle EMUL_ASSIST
In addition to normal "priviledged instruction" traps, we can also receive
"emulation assist" traps on newer hardware that has the HV bit set.

Handle that one the same way as a privileged instruction, including the
instruction fetching. That way we don't execute old instructions that we
happen to still leave in that field when an emul assist trap comes.

This fixes -M mac99 / -M g3beige on p7 bare metal for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
2012-05-16 15:02:10 +02:00
David S. Miller
d0cad88d07 Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
John Linville says:

Here are three more fixes that some of my developers are desperate to
see included in 3.4...

Johan Hedberg went to some length justifyng the inclusion of these two
Bluetooth fixes:

"The device_connected fix should be quite self-explanatory, but it's
actually a wider issue than just for keyboards. All profiles that do
incoming connection authorization (e.g. headsets) will break without it
with specific hardware. The reason it wasn't caught earlier is that it
only occurs with specific Bluetooth adapters.

As for the security level patch, this fixes L2CAP socket based security
level elevation during a connection. The HID profile needs this (for
keyboards) and it is the only way to achieve the security level
elevation when using the management interface to talk to the kernel
(hence the management enabling patch being the one that exposes this"

The rtlwifi fix addresses a regression related to firmware loading,
as described in kernel.org bug 43187.  It basically just moves a hunk
of code to a more appropriate place.

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-05-16 01:04:07 -04:00
Srivatsa S. Bhat
568b44559d mn10300/CPU hotplug: Add missing call to notify_cpu_starting()
The scheduler depends on receiving the CPU_STARTING notification, without
which we end up into a lot of trouble. So add the missing call to
notify_cpu_starting() in the bringup code.

Signed-off-by: Srivatsa S. Bhat <srivatsa.bhat@linux.vnet.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-05-15 18:16:57 -07:00
Srivatsa S. Bhat
ec2e0f9811 parisc/CPU hotplug: Add missing call to notify_cpu_starting()
The scheduler depends on receiving the CPU_STARTING notification, without
which we end up into a lot of trouble. So add the missing call to
notify_cpu_starting() in the bringup code.

Signed-off-by: Srivatsa S. Bhat <srivatsa.bhat@linux.vnet.ibm.com>
Acked-and-Tested-by: Mikulas Patocka <mpatocka@redhat.com>
Acked-and-Tested-by: Tobias Ulmer <tobiasu@tmux.org>
Tested-by: John David Anglin <dave.anglin@bell.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-05-15 18:16:57 -07:00
John W. Linville
6037463148 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem 2012-05-15 16:38:00 -04:00
Takashi Iwai
21363cf0ca ASoC: Last minute fixes
Some last minute fixes for ASoC.  Small, focused changes to specific
 drivers.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIcBAABAgAGBQJPspeNAAoJEBus8iNuMP3deBkP/15YJrq0uQ6JkLwbkS6aor/R
 C0BILwQVvHhTt2IAUq44T1lJwjdTYhTgZU8IF5PJhmeSrPGJY3aGaxDocuYhoHFM
 RQJye5lxfkmsvMjS+nx0qxaSyYMyTP0rM3GC0urgMME/1KKQ9P0/PcwVvtbGt/aR
 JuhWmh8Zkk2qmsdFlcd3wFoiVqSDwHmnLJkcj5a6SxAHuwwVGxfF+ZjWJrt+7VFo
 xkmKGpb5iWDmgiZJwGBCwYzVp+pbOEltKoRuhmmtDOgXm01YlMwBLQzvoaJA8uaK
 p+xzrAPvr25rQxLnv4W0LFHJcF/ONkyfPP0nfxK2Y1pMYY7xvMRmM8l5yw0QF97m
 FFZdjz9IBPVW0urCsRrVC/b+2a4VdOlCloYoffGocd1oroNZJlBcFsWtx5/9QOiK
 5eynB2EY/Aywu+Sle9BIKV2Gx7gseo9wdt8oi1cK1CmCeser1NekG0cavJJux8LO
 oHrOssKb4rRK1Br0jT1A4xUr0G2mIwTWIvNrRIVkNId8PVfGUKbW6dlTkG72h6Jp
 j1Rs4lR0wSlCYfwBzxrmf7/L/5dTNDFiiVZWBky29prq3yNkhqTvKMqCSyb5Uboc
 /zJdzfFwh+dF8w08fxvpd0VfeNPiWNyPqDOH0dbjxCL68lnmUoS1WJ5ec1l6ZJht
 1xXeuj4sK9PZ6uzJc/Il
 =iqgt
 -----END PGP SIGNATURE-----

Merge tag 'asoc-3.4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus

ASoC: Last minute fixes

Some last minute fixes for ASoC.  Small, focused changes to specific
drivers.
2012-05-15 21:05:45 +02:00
Eric Dumazet
3ab77bf271 pch_gbe: fix transmit races
Andy reported pch_gbe triggered "NETDEV WATCHDOG" errors.

May 11 11:06:09 kontron kernel: WARNING: at net/sched/sch_generic.c:261
dev_watchdog+0x1ec/0x200() (Not tainted)
May 11 11:06:09 kontron kernel: Hardware name: N/A
May 11 11:06:09 kontron kernel: NETDEV WATCHDOG: eth0 (pch_gbe):
transmit queue 0 timed out

It seems pch_gbe has a racy tx path (races with TX completion path)

Remove tx_queue_lock lock since it has no purpose, we must use tx_lock
instead.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Andy Cress <andy.cress@us.kontron.com>
Tested-by: Andy Cress <andy.cress@us.kontron.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-05-15 13:41:43 -04:00
Dan Williams
4e6304b842 cdc_ether: add Novatel USB551L device IDs for FLAG_WWAN
Needs to be tagged with FLAG_WWAN, which since it has generic
descriptors, won't happen if we don't override the generic
driver info.

Cc: Oliver Neukum <oliver@neukum.org>
Cc: stable@vger.kernel.org
Signed-off-by: Dan Williams <dcbw@redhat.com>
Acked-by: Oliver Neukum <oliver@neukum.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-05-15 13:41:43 -04:00
Ming Lei
5b6e9bcdeb usbnet: fix skb traversing races during unlink(v2)
Commit 4231d47e6fe69f061f96c98c30eaf9fb4c14b96d(net/usbnet: avoid
recursive locking in usbnet_stop()) fixes the recursive locking
problem by releasing the skb queue lock before unlink, but may
cause skb traversing races:
	- after URB is unlinked and the queue lock is released,
	the refered skb and skb->next may be moved to done queue,
	even be released
	- in skb_queue_walk_safe, the next skb is still obtained
	by next pointer of the last skb
	- so maybe trigger oops or other problems

This patch extends the usage of entry->state to describe 'start_unlink'
state, so always holding the queue(rx/tx) lock to change the state if
the referd skb is in rx or tx queue because we need to know if the
refered urb has been started unlinking in unlink_urbs.

The other part of this patch is based on Huajun's patch:
always traverse from head of the tx/rx queue to get skb which is
to be unlinked but not been started unlinking.

Signed-off-by: Huajun Li <huajun.li.lee@gmail.com>
Signed-off-by: Ming Lei <tom.leiming@gmail.com>
Cc: Oliver Neukum <oneukum@suse.de>
Cc: stable@kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-05-15 13:41:42 -04:00
Mark Brown
c7f5f23893 ASoC: wm8994: Fix AIF2ADC power down
Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Cc: stable@vger.kernel.org
2012-05-15 18:29:30 +01:00
Jiri Kosina
3911ff30f5 genirq: export handle_edge_irq() and irq_to_desc()
Export handle_edge_irq() and irq_to_desc() to modules to allow them to
do things such as

	__irq_set_handler_locked(...., handle_edge_irq);

This fixes

	ERROR: "handle_edge_irq" [drivers/gpio/gpio-pch.ko] undefined!
	ERROR: "irq_to_desc" [drivers/gpio/gpio-pch.ko] undefined!

when gpio-pch is being built as a module.

This was introduced by commit df9541a60a ("gpio: pch9: Use proper flow
type handlers") that added

	__irq_set_handler_locked(d->irq, handle_edge_irq);

but handle_edge_irq() was not exported for modules (and inlined
__irq_set_handler_locked() requires irq_to_desc() exported as well)

Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-05-15 08:10:07 -07:00
Takashi Iwai
b0791dda81 ALSA: hda/idt - Fix power-map for speaker-pins with some HP laptops
BIOS on some HP laptops don't set the speaker-pins as fixed but expose
as jacks, and this confuses the driver as if these pins are
jack-detectable.  As a result, the machine doesn't get sounds from
speakers because the driver prepares the power-map update via jack
unsol events which never come up in reality.  The bug was introduced
in some time in 3.2 for enabling the power-mapping feature.

This patch fixes the problem by replacing the check of the persistent
power-map bits with a proper is_jack_detectable() call.

Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=43240

Cc: <stable@vger.kernel.org> [v3.2+]
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2012-05-15 08:14:36 +02:00
Vinod Koul
d41160524d dmaengine: fix cyclic dma usage
for cyclic dma, dont makr the descriptor as complte. Fix the remaining users of
cyclic dma which do so

Signed-off-by: Vinod Koul <vinod.koul@linux.intel.com>
Tested-by: Nicolas Ferre <nicolas.ferre@atmel.com>
Acked-by: Nicolas Ferre <nicolas.ferre@atmel.com>
Tested-by: Mika Westerberg <mika.westerberg@iki.fi>
2012-05-15 08:43:40 +05:30
Alexander Clouter
1ebfefcf37 crypto: mv_cesa requires on CRYPTO_HASH to build
Without CRYPTO_HASH being selected, mv_cesa has a lot of hooks
into undefined exports.
----
  MODPOST 81 modules
  Kernel: arch/arm/boot/Image is ready
  AS      arch/arm/boot/compressed/head.o
  GZIP    arch/arm/boot/compressed/piggy.gzip
  CC      arch/arm/boot/compressed/misc.o
  CC      arch/arm/boot/compressed/decompress.o
ERROR: "crypto_ahash_type" [drivers/crypto/mv_cesa.ko] undefined!
ERROR: "crypto_shash_final" [drivers/crypto/mv_cesa.ko] undefined!
ERROR: "crypto_register_ahash" [drivers/crypto/mv_cesa.ko] undefined!
ERROR: "crypto_unregister_ahash" [drivers/crypto/mv_cesa.ko] undefined!
ERROR: "crypto_shash_update" [drivers/crypto/mv_cesa.ko] undefined!
ERROR: "crypto_shash_digest" [drivers/crypto/mv_cesa.ko] undefined!
ERROR: "crypto_shash_setkey" [drivers/crypto/mv_cesa.ko] undefined!
ERROR: "crypto_alloc_shash" [drivers/crypto/mv_cesa.ko] undefined!
make[1]: *** [__modpost] Error 1
make: *** [modules] Error 2
make: *** Waiting for unfinished jobs....
----

Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
Cc: stable@vger.kernel.org
2012-05-15 01:10:06 +00:00
Linus Torvalds
b6255ee3d8 Merge branch 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media
Pull media fixes from Mauro Carvalho Chehab:
 "For a some fix patches for v3.4, including a regression fix at DVB core"

Fix up trivial conflicts in Documentation/feature-removal-schedule.txt

* 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media:
  [media] gspca - sonixj: Fix a zero divide in isoc interrupt
  [media] media: videobuf2-dma-contig: include header for exported symbols
  [media] media: videobuf2-dma-contig: quiet sparse noise about plain integer as NULL pointer
  [media] media: vb2-memops: Export vb2_get_vma symbol
  [media] s5p-fimc: Correct memory allocation for VIDIOC_CREATE_BUFS
  [media] s5p-fimc: Fix locking in subdev set_crop op
  [media] dvb_frontend: fix a regression with DVB-S zig-zag
  [media] fintek-cir: change || to &&
  [media] V4L: Schedule V4L2_CID_HCENTER, V4L2_CID_VCENTER controls for removal
  [media] rc: Postpone ISR registration
  [media] marvell-cam: fix an ARM build error
  [media] V4L: soc-camera: protect hosts during probing from overzealous user-space
2012-05-14 11:23:37 -07:00
Linus Torvalds
d69c5c2cf2 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller:
 "The main purpose of this pull request is to fix up the erroneous
  bonding patch I applied last round.  I meant to apply v4 of the patch
  from Jiri but I applied v3 by accident.  Mea culpa.

  Also, eagle eyed Dan Carpenter noticed that openvswitch has one of
  those "X = alloc(); if (!Y)" mistakes, test the proper pointer
  instead."

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
  openvswitch: checking wrong variable in queue_userspace_packet()
  bonding: Fix LACPDU rx_dropped commit.
2012-05-14 11:19:32 -07:00
Johan Hedberg
671267bf3a Bluetooth: mgmt: Fix device_connected sending order
The mgmt_ev_device_connected signal must be sent before any event
indications happen for sockets associated with the connection. Otherwise
e.g. device authorization for the sockets will fail with ENOTCONN as
user space things that there is no baseband link.

This patch fixes the issue by ensuring that the device_connected event
if sent (if it hasn't been so already) as soon as the first ACL data
packet arrives from the remote device.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-14 13:56:15 -04:00
Gustavo Padovan
a7d7723ae7 Bluetooth: notify userspace of security level change
It fixes L2CAP socket based security level elevation during a
connection. The HID profile needs this (for keyboards) and it is the only
way to achieve the security level elevation when using the management
interface to talk to the kernel (hence the management enabling patch
being the one that exposes this issue).

It enables the userspace a security level change when the socket is
already connected and create a way to notify the socket the result of the
request. At the moment of the request the socket is made non writable, if
the request fails the connections closes, otherwise the socket is made
writable again, POLL_OUT is emmited.

Signed-off-by: Gustavo Padovan <gustavo@padovan.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-14 13:51:25 -04:00
Larry Finger
574e02abaf rtlwifi: fix for race condition when firmware is cached
In commit b0302ab, the rtlwifi family of drivers was converted to use
asynchronous firmware loading. Unfortumately, the implementation was
racy, and the ieee80211 routines could be started before rtl_init_core()
was called to setup the data.

This patch fixes the bug noted in https://bugzilla.kernel.org/show_bug.cgi?id=43187.

Reported-by: Joshua Roys <Joshua.Roys@gtri.gatech.edu>
Tested-by: Neptune Ning <frostyplanet@gmail.com>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Cc: Stable <stable@vger.kernel.org>    [3.3]
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-05-14 13:51:24 -04:00
Alan Cox
c3709e6734 x86, kvm: KVM paravirt kernels don't check for CPUID being unavailable
We set cpuid_level to -1 if there is no CPUID instruction (only
possible on i386).

Signed-off-by: Alan Cox <alan@linux.intel.com>
Link: http://lkml.kernel.org/r/20120514174059.30236.1064.stgit@bluebook
Resolves-bug: https://bugzilla.kernel.org/show_bug.cgi?id=12122
Cc: Avi Kivity <avi@redhat.com>
Cc: Marcelo Tosatti <mtosatti@redhat.com>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2012-05-14 10:49:32 -07:00