| bbb35ef | Richard Weinberger | 27 September 2012, 18:10:57 UTC | um: Fix IPC on um commit c1d7e01d (ipc: use Kconfig options for __ARCH_WANT_[COMPAT_]IPC_PARSE_VERSION) forgot UML and broke IPC on it. Also UML has to select ARCH_WANT_IPC_PARSE_VERSION usin Kconfig. Reported-and-tested-by: <Toralf Förster toralf.foerster@gmx.de> Signed-off-by: Richard Weinberger <richard@nod.at> | 27 September 2012, 18:12:35 UTC |
| d2ce4e9 | Al Viro | 20 September 2012, 13:28:25 UTC | um: kill thread->forking we only use that to tell copy_thread() done by syscall from that done by kernel_thread(). However, it's easier to do simply by checking PF_KTHREAD in thread flags. Merge sys_clone() guts for 32bit and 64bit, while we are at it... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> | 27 September 2012, 16:04:55 UTC |
| f9a38ea | Al Viro | 06 September 2012, 17:39:47 UTC | um: let signal_delivered() do SIGTRAP on singlestepping into handler ... rather than duplicating that in sigframe setup code (and doing that inconsistently, at that) Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> | 27 September 2012, 16:04:47 UTC |
| bf56d57 | Al Viro | 06 September 2012, 03:20:33 UTC | um: don't leak floating point state and segment registers on execve() Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> | 27 September 2012, 16:04:38 UTC |
| 4245979 | Al Viro | 03 September 2012, 07:24:18 UTC | um: take cleaning singlestep to start_thread() ... assuming it's needed to be done at all Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> | 27 September 2012, 16:04:26 UTC |
| 5e19997 | Linus Torvalds | 26 September 2012, 21:28:17 UTC | Merge tag 'for-linus' of git://linux-c6x.org/git/projects/linux-c6x-upstreaming Pull c6x arch fixes from Mark Salter: - Add __NR_kcmp to generic syscall list - C6X: Use generic asm/barrier.h * tag 'for-linus' of git://linux-c6x.org/git/projects/linux-c6x-upstreaming: syscalls: add __NR_kcmp syscall to generic unistd.h c6x: use asm-generic/barrier.h | 26 September 2012, 21:28:17 UTC |
| 7106891 | Dave Jiang | 25 September 2012, 22:24:56 UTC | MAINTAINERS: update Intel C600 SAS driver maintainers Cc: Lukasz Dorau <lukasz.dorau@intel.com> Cc: Maciej Patelczyk <maciej.patelczyk@intel.com> Signed-off-by: Dave Jiang <dave.jiang@intel.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | 26 September 2012, 21:27:53 UTC |
| 11ef4cf | Mark Salter | 24 September 2012, 19:19:26 UTC | syscalls: add __NR_kcmp syscall to generic unistd.h Commit d97b46a64 ("syscalls, x86: add __NR_kcmp syscall" ) added a new syscall to support checkpoint restore. It is currently x86-only, but that restriction will be removed in a subsequent patch. Unfortunately, the kernel checksyscalls script had a bug which suppressed any warning to other architectures that the kcmp syscall was not implemented. A patch to checksyscalls is being tested in linux-next and other architectures are seeing warnings about kcmp being unimplemented. This patch adds __NR_kcmp to <asm-generic/unistd.h> so that kcmp is wired in for architectures using the generic syscall list. Signed-off-by: Mark Salter <msalter@redhat.com> Acked-by: Arnd Bergmann <arnd@arndb.de> | 26 September 2012, 19:26:30 UTC |
| 6f0f9b6 | Linus Torvalds | 25 September 2012, 21:20:29 UTC | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net Pull more networking fixes from David Miller: 1) Eric Dumazet discovered and fixed what turned out to be a family of bugs. These functions were using pskb_may_pull() which might need to reallocate the linear SKB data buffer, but the callers were not expecting this possibility. The callers have cached pointers to the packet header areas, and would need to reload them if we were to continue using pskb_may_pull(). So they could end up reading garbage. It's easier to just change these RAW4/RAW6/MIP6 routines to use skb_header_pointer() instead of pskb_may_pull(), which won't modify the linear SKB data area. 2) Dave Jone's syscall spammer caught a case where a non-TCP socket can call down into the TCP keepalive code. The case basically involves creating a raw socket with sk_protocol == IPPROTO_TCP, then calling setsockopt(sock_fd, SO_KEEPALIVE, ...) Fixed by Eric Dumazet. 3) Bluetooth devices do not get configured properly while being powered on, resulting in always using legacy pairing instead of SSP. Fix from Andrzej Kaczmarek. 4) Bluetooth cancels delayed work erroneously, put stricter checks in place. From Andrei Emeltchenko. 5) Fix deadlock between cfg80211_mutex and reg_regdb_search_mutex in cfg80211, from Luis R. Rodriguez. 6) Fix interrupt double release in iwlwifi, from Emmanuel Grumbach. 7) Missing module license in bcm87xx driver, from Peter Huewe. 8) Team driver can lose port changed events when adding devices to a team, fix from Jiri Pirko. 9) Fix endless loop when trying ot unregister PPPOE device in zombie state, from Xiaodong Xu. 10) batman-adv layer needs to set MAC address of software device earlier, otherwise we call tt_local_add with it uninitialized. 11) Fix handling of KSZ8021 PHYs, it's matched currently by KS8051 but that doesn't program the device properly. From Marek Vasut. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: ipv6: mip6: fix mip6_mh_filter() ipv6: raw: fix icmpv6_filter() net: guard tcp_set_keepalive() to tcp sockets phy/micrel: Add missing header to micrel_phy.h phy/micrel: Rename KS80xx to KSZ80xx phy/micrel: Implement support for KSZ8021 batman-adv: Fix symmetry check / route flapping in multi interface setups batman-adv: Fix change mac address of soft iface. pppoe: drop PPPOX_ZOMBIEs in pppoe_release team: send port changed when added ipv4: raw: fix icmp_filter() net/phy/bcm87xx: Add MODULE_LICENSE("GPL") to GPL driver iwlwifi: don't double free the interrupt in failure path cfg80211: fix possible circular lock on reg_regdb_search() Bluetooth: Fix not removing power_off delayed work Bluetooth: Fix freeing uninitialized delayed works Bluetooth: mgmt: Fix enabling LE while powered off Bluetooth: mgmt: Fix enabling SSP while powered off | 25 September 2012, 21:20:29 UTC |
| 96af69e | Eric Dumazet | 25 September 2012, 20:01:28 UTC | ipv6: mip6: fix mip6_mh_filter() mip6_mh_filter() should not modify its input, or else its caller would need to recompute ipv6_hdr() if skb->head is reallocated. Use skb_header_pointer() instead of pskb_may_pull() Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 25 September 2012, 20:04:44 UTC |
| 78cc88c | David S. Miller | 25 September 2012, 17:24:02 UTC | Merge tag 'batman-adv-fix-for-davem' of git://git.open-mesh.org/linux-merge Included fixes: - fix the behaviour of batman-adv in case of virtual interface MAC change event - fix symmetric link check in neighbour selection Signed-off-by: David S. Miller <davem@davemloft.net> | 25 September 2012, 17:24:02 UTC |
| 1b05c4b | Eric Dumazet | 25 September 2012, 07:03:40 UTC | ipv6: raw: fix icmpv6_filter() icmpv6_filter() should not modify its input, or else its caller would need to recompute ipv6_hdr() if skb->head is reallocated. Use skb_header_pointer() instead of pskb_may_pull() and change the prototype to make clear both sk and skb are const. Also, if icmpv6 header cannot be found, do not deliver the packet, as we do in IPv4. Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 25 September 2012, 17:21:49 UTC |
| 9391734 | Linus Torvalds | 25 September 2012, 16:20:48 UTC | Merge tag 'sh-for-linus' of git://github.com/pmundt/linux-sh Pull SuperH fix from Paul Mundt: "One last minute regression fix.." * tag 'sh-for-linus' of git://github.com/pmundt/linux-sh: sh: pfc: Fix up GPIO mux type reconfig case. | 25 September 2012, 16:20:48 UTC |
| e108a3c | Linus Torvalds | 25 September 2012, 16:00:02 UTC | Merge branch 'akpm' (sundry from Andrew) Merge misc fixes from Andrew Morton: "One maintainer change and three bugfixes" * emailed patches from Andrew Morton <akpm@linux-foundation.org>: (4 commits) c/r: prctl: fix build error for no-MMU case lib/flex_proportions.c: fix corruption of denominator in flexible proportions checksyscalls: fix "here document" handling pwm-backlight: take over maintenance | 25 September 2012, 16:00:02 UTC |
| be8cfc4 | Mark Salter | 25 September 2012, 00:17:38 UTC | c/r: prctl: fix build error for no-MMU case Commit 1ad75b9e1628 ("c/r: prctl: add minimal address test to PR_SET_MM") added some address checking to prctl_set_mm() used by checkpoint-restore. This causes a build error for no-MMU systems: kernel/sys.c: In function 'prctl_set_mm': kernel/sys.c:1868:34: error: 'mmap_min_addr' undeclared (first use in this function) The test for mmap_min_addr doesn't make a lot of sense for no-MMU code as noted in commit 6e1415467614 ("NOMMU: Optimise away the {dac_,}mmap_min_addr tests"). This patch defines mmap_min_addr as 0UL in the no-MMU case so that the compiler will optimize away tests for "addr < mmap_min_addr". Signed-off-by: Mark Salter <msalter@redhat.com> Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org> Cc: <stable@vger.kernel.org> [3.6.x] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | 25 September 2012, 15:59:21 UTC |
| b5bd6a0 | Jan Kara | 25 September 2012, 00:17:35 UTC | lib/flex_proportions.c: fix corruption of denominator in flexible proportions When racing with CPU hotplug, percpu_counter_sum() can return negative values for the number of observed events. This confuses fprop_new_period(), which uses unsigned type and as a result number of events is set to big *positive* number. From that moment on, things go pear shaped and can result e.g. in division by zero as denominator is later truncated to 32-bits. This bug causes a divide-by-zero oops in bdi_dirty_limit() in Borislav's 3.6.0-rc6 based kernel. Fix the issue by using a signed type in fprop_new_period(). That makes us bail out from the function without doing anything (mistakenly) thinking there are no events to age. That makes aging somewhat inaccurate but getting accurate data would be rather hard. Signed-off-by: Jan Kara <jack@suse.cz> Reported-by: Borislav Petkov <bp@amd64.org> Reported-by: Srivatsa S. Bhat <srivatsa.bhat@linux.vnet.ibm.com> Cc: Wu Fengguang <fengguang.wu@intel.com> Cc: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | 25 September 2012, 15:59:21 UTC |
| 0e75898 | Heiko Carstens | 25 September 2012, 00:17:33 UTC | checksyscalls: fix "here document" handling "echo" doesn't read from stdin, therefore the checksyscalls script didn't warn about not implemented system calls anymore since 29dc54c6 ("checksyscalls: Use arch/x86/syscalls/syscall_32.tbl as source"). Use "cat" instead of "echo" which handles this correctly. Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Cc: Michal Marek <mmarek@suse.cz> Cc: H. Peter Anvin <hpa@linux.intel.com> Cc: Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | 25 September 2012, 15:59:21 UTC |
| a140b98 | Thierry Reding | 25 September 2012, 00:17:30 UTC | pwm-backlight: take over maintenance Since the pwm-backlight driver is lacking a proper maintainer and is the heaviest user of the PWM framework I'm taking over maintenance. Signed-off-by: Thierry Reding <thierry.reding@avionic-design.de> Acked-by: Arun Murthy <arun.murthy@stericsson.com> Cc: Matthew Garrett <mjg@redhat.com> Cc: Robert Morell <rmorell@nvidia.com> Cc: Dilan Lee <dilee@nvidia.com> Cc: Axel Lin <axel.lin@gmail.com> Cc: Mark Brown <broonie@opensource.wolfsonmicro.com> Cc: Alexandre Courbot <acourbot@nvidia.com> Acked-by: Sachin Kamat <sachin.kamat@linaro.org> Acked-by: Linus Walleij <linus.walleij@linaro.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | 25 September 2012, 15:59:21 UTC |
| 16d74eb | Paul Mundt | 25 September 2012, 02:51:05 UTC | sh: pfc: Fix up GPIO mux type reconfig case. Some drivers need to switch pin states between GPIO and pin function at runtime, which was inadvertently broken in the pinctrl driver for GPIOs being bound to a specific direction. This fixes up the request path to ensure that previously configured GPIOs don't cause us to inadvertently error out with an unsupported mux on reconfig, which in practice is primarily aimed at trapping pull-up/down users that have yet to be implemented under the new API. Fixes up regressions in the TPU PWM driver, amongst others. Reported-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com> Tested-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com> Signed-off-by: Paul Mundt <lethal@linux-sh.org> | 25 September 2012, 02:51:05 UTC |
| 41e2685 | David S. Miller | 25 September 2012, 02:00:00 UTC | Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless John W. Linville says: ==================== Please pull this last(?) batch of fixes intended for 3.6... For the Bluetooth bits, Gustavo says this: "Here goes probably my last update to 3.6. It includes the two patches you were ok last week(from Andrzej Kaczmarek), those are critical ones, and two other fixes one for a system crash and the other for a missing lockdep annotation." The referenced fixes from Andrzej prevent attempts to configure devices that are powered-off. Along with the Bluetooth fixes, there are a couple of 802.11 fixes. Emmanuel Grumbach gives us an iwlwifi fix to prevent releasing an interrupt twice. Luis R. Rodriguez provides a fix for a possible circular lock dependency in the cfg80211 regulatory enforcement code. All of these have been in linux-next for a few days. I hope they are not too late to make the 3.6 release! ==================== Signed-off-by: David S. Miller <davem@davemloft.net> | 25 September 2012, 02:00:00 UTC |
| 56d27ad | Linus Torvalds | 24 September 2012, 23:17:17 UTC | Merge git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile Pull tile gxio ABI fix from Chris Metcalf: "This fixes a last-minute change in the Tilera hypervisor ABI for TRIO (PCI root complex) support. We've locked in this ABI going forward and will make sure no further ABI changes like this occur." * git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile: tile: gxio iorpc numbering change for TRIO interface | 24 September 2012, 23:17:17 UTC |
| 1abbce4 | Linus Torvalds | 24 September 2012, 23:16:33 UTC | Merge tag 'vfio-for-linus' of git://github.com/awilliam/linux-vfio Pull vfio fixes from Alex Williamson: "VFIO doc update and virqfd race fix" * tag 'vfio-for-linus' of git://github.com/awilliam/linux-vfio: vfio: Fix virqfd release race vfio: Trivial Documentation correction | 24 September 2012, 23:16:33 UTC |
| 0c59f23 | Linus Torvalds | 24 September 2012, 23:14:34 UTC | Merge tag 'stable/for-linus-3.6-rc7-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen Pull a Xen fix from Konrad Rzeszutek Wilk: "It is a bug-fix when we run the initial PV guest on a AMD K8 machine and have CONFIG_AMD_NUMA enabled and detect the NUMA topology from the Northbridge. We end up in the situation where the initial domain gets too much information and gets confused and crashes - the fix is to restrict the domain to get the information - and we do it by just disabling NUMA on the PV guest (the hypervisor is still able to do its proper NUMA allocations of guests). It is OK to disable the PV guest from accessing NUMA data as right now we do not inject any NUMA node information to the PV guests. When we do get to that point, then this patch will have to be reverted." * Disable PV NUMA support as we do not do anything with it (yet) and it can cause bootup crashes on certain AMD machines. * tag 'stable/for-linus-3.6-rc7-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen: xen/boot: Disable NUMA for PV guests. | 24 September 2012, 23:14:34 UTC |
| bee2d97 | Linus Torvalds | 24 September 2012, 23:13:49 UTC | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client Pull two ceph fixes from Sage Weil: "The first fixes a leak in the rbd setup error path, and the second fixes a more serious problem with mismatched kmap/kunmap that surfaced after the recent refactoring work." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client: libceph: only kunmap kmapped pages rbd: drop dev reference on error in rbd_open() | 24 September 2012, 23:13:49 UTC |
| 3e10986 | Eric Dumazet | 24 September 2012, 07:00:11 UTC | net: guard tcp_set_keepalive() to tcp sockets Its possible to use RAW sockets to get a crash in tcp_set_keepalive() / sk_reset_timer() Fix is to make sure socket is a SOCK_STREAM one. Reported-by: Dave Jones <davej@redhat.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 24 September 2012, 20:51:53 UTC |
| 69190e6 | Marek Vasut | 23 September 2012, 16:58:51 UTC | phy/micrel: Add missing header to micrel_phy.h The license header was missing in micrel_phy.h . This patch adds one. Signed-off-by: Marek Vasut <marex@denx.de> Cc: David J. Choi <david.choi@micrel.com> Cc: David S. Miller <davem@davemloft.net> Cc: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 24 September 2012, 19:54:33 UTC |
| 510d573 | Marek Vasut | 23 September 2012, 16:58:50 UTC | phy/micrel: Rename KS80xx to KSZ80xx There is no such part as KS8001, KS8041 or KS8051. There are only KSZ8001, KSZ8041 and KSZ8051. Rename these parts as such to match the Micrel naming. Signed-off-by: Marek Vasut <marex@denx.de> Cc: David J. Choi <david.choi@micrel.com> Cc: David S. Miller <davem@davemloft.net> Cc: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com> Cc: Linux ARM kernel <linux-arm-kernel@lists.infradead.org> Cc: Fabio Estevam <fabio.estevam@freescale.com> Cc: Shawn Guo <shawn.guo@linaro.org> Signed-off-by: David S. Miller <davem@davemloft.net> | 24 September 2012, 19:54:33 UTC |
| 212ea99 | Marek Vasut | 23 September 2012, 16:58:49 UTC | phy/micrel: Implement support for KSZ8021 The KSZ8021 PHY was previously caught by KS8051, which is not correct. This PHY needs additional setup if it is strapped for address 0. In such case an reserved bit must be written in the 0x16, "Operation Mode Strap Override" register. According to the KS8051 datasheet, that bit means "PHY Address 0 in non-broadcast" and it indeed behaves as such on KSZ8021. The issue where the ethernet controller (Freescale FEC) did not communicate with network is fixed by writing this bit as 1. Signed-off-by: Marek Vasut <marex@denx.de> Cc: David J. Choi <david.choi@micrel.com> Cc: David S. Miller <davem@davemloft.net> Cc: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 24 September 2012, 19:54:32 UTC |
| e70cf54 | Chris Metcalf | 24 September 2012, 18:57:58 UTC | tile: gxio iorpc numbering change for TRIO interface An ABI numbering change was made in the hypervisor for Tilera's 4.1 MDE release (just shipped). It's incompatible with the previous 4.0 release ABI numbering, so we track the new numbering going forward. We plan to avoid modifying ABI numbering for these interfaces again. Signed-off-by: Chris Metcalf <cmetcalf@tilera.com> | 24 September 2012, 19:11:53 UTC |
| b02d617 | Mark Salter | 21 September 2012, 18:35:49 UTC | c6x: use asm-generic/barrier.h A recent patch in the linux-next tree caused a build failure on C6X because C6X didn't define a read_barrier_depends() macro. C6X does not support SMP and the architecture doesn't provide any special memory ordering instructions, so it makes sense to just use the generic barrier.h rather than patching the existing c6x specific header. Signed-off-by: Mark Salter <msalter@redhat.com> | 24 September 2012, 18:39:36 UTC |
| 8d54db7 | Konrad Rzeszutek Wilk | 17 August 2012, 14:22:37 UTC | xen/boot: Disable NUMA for PV guests. The hypervisor is in charge of allocating the proper "NUMA" memory and dealing with the CPU scheduler to keep them bound to the proper NUMA node. The PV guests (and PVHVM) have no inkling of where they run and do not need to know that right now. In the future we will need to inject NUMA configuration data (if a guest spans two or more NUMA nodes) so that the kernel can make the right choices. But those patches are not yet present. In the meantime, disable the NUMA capability in the PV guest, which also fixes a bootup issue. Andre says: "we see Dom0 crashes due to the kernel detecting the NUMA topology not by ACPI, but directly from the northbridge (CONFIG_AMD_NUMA). This will detect the actual NUMA config of the physical machine, but will crash about the mismatch with Dom0's virtual memory. Variation of the theme: Dom0 sees what it's not supposed to see. This happens with the said config option enabled and on a machine where this scanning is still enabled (K8 and Fam10h, not Bulldozer class) We have this dump then: NUMA: Warning: node ids are out of bound, from=-1 to=-1 distance=10 Scanning NUMA topology in Northbridge 24 Number of physical nodes 4 Node 0 MemBase 0000000000000000 Limit 0000000040000000 Node 1 MemBase 0000000040000000 Limit 0000000138000000 Node 2 MemBase 0000000138000000 Limit 00000001f8000000 Node 3 MemBase 00000001f8000000 Limit 0000000238000000 Initmem setup node 0 0000000000000000-0000000040000000 NODE_DATA [000000003ffd9000 - 000000003fffffff] Initmem setup node 1 0000000040000000-0000000138000000 NODE_DATA [0000000137fd9000 - 0000000137ffffff] Initmem setup node 2 0000000138000000-00000001f8000000 NODE_DATA [00000001f095e000 - 00000001f0984fff] Initmem setup node 3 00000001f8000000-0000000238000000 Cannot find 159744 bytes in node 3 BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff81d220e6>] __alloc_bootmem_node+0x43/0x96 Pid: 0, comm: swapper Not tainted 3.3.6 #1 AMD Dinar/Dinar RIP: e030:[<ffffffff81d220e6>] [<ffffffff81d220e6>] __alloc_bootmem_node+0x43/0x96 .. snip.. [<ffffffff81d23024>] sparse_early_usemaps_alloc_node+0x64/0x178 [<ffffffff81d23348>] sparse_init+0xe4/0x25a [<ffffffff81d16840>] paging_init+0x13/0x22 [<ffffffff81d07fbb>] setup_arch+0x9c6/0xa9b [<ffffffff81683954>] ? printk+0x3c/0x3e [<ffffffff81d01a38>] start_kernel+0xe5/0x468 [<ffffffff81d012cf>] x86_64_start_reservations+0xba/0xc1 [<ffffffff81007153>] ? xen_setup_runstate_info+0x2c/0x36 [<ffffffff81d050ee>] xen_start_kernel+0x565/0x56c " so we just disable NUMA scanning by setting numa_off=1. CC: stable@vger.kernel.org Reported-and-Tested-by: Andre Przywara <andre.przywara@amd.com> Acked-by: Andre Przywara <andre.przywara@amd.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> | 24 September 2012, 12:47:20 UTC |
| 979570e | Linus Torvalds | 24 September 2012, 01:10:57 UTC | Linux 3.6-rc7 | 24 September 2012, 01:10:57 UTC |
| 56bae80 | Linus Torvalds | 23 September 2012, 22:40:58 UTC | Merge branch 'rc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild Pull kbuild fixes from Michal Marek: "There are two more kbuild fixes for 3.6. One fixes a race between x86's archscripts target and the rule (re)building scripts/basic/fixdep. The second is a fix for the previous attempt at fixing make firmware_install with make 3.82. This new solution should work with any version of GNU make" * 'rc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild: x86/kbuild: archscripts depends on scripts_basic firmware: fix directory creation rule matching with make 3.80 | 23 September 2012, 22:40:58 UTC |
| 0737c8d | Linus Torvalds | 23 September 2012, 21:50:15 UTC | Merge branch 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging Pull hwmon subsystem fixes from Jean Delvare. * 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging: hwmon: (fam15h_power) Tweak runavg_range on resume hwmon: (coretemp) Use get_online_cpus to avoid races involving CPU hotplug hwmon: (via-cputemp) Use get_online_cpus to avoid races involving CPU hotplug | 23 September 2012, 21:50:15 UTC |
| 0bf7a70 | Linus Torvalds | 23 September 2012, 21:48:28 UTC | Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi Pull SCSI fixes from James Bottomley: "This is a set of four essential fixes: two oops related (bnx2i, virtio-scsi), one data corruption related (hpsa) and one failure to boot due to interrupt routing issues (mpt2ss). Signed-off-by: James Bottomley <JBottomley@Parallels.com>" * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: [SCSI] hpsa: fix handling of protocol error [SCSI] mpt2sas: Fix for issue - Unable to boot from the drive connected to HBA [SCSI] bnx2i: Fixed NULL ptr deference for 1G bnx2 Linux iSCSI offload [SCSI] scsi: virtio-scsi: Fix address translation failure of HighMem pages used by sg list | 23 September 2012, 21:48:28 UTC |
| faa2ad0 | Shaun Ruffell | 23 September 2012, 01:26:38 UTC | edac_mc: edac_mc_free() cannot assume mem_ctl_info is registered in sysfs. Fix potential NULL pointer dereference in edac_unregister_sysfs() on system boot introduced in 3.6-rc1. Since commit 7a623c039 ("edac: rewrite the sysfs code to use struct device") edac_mc_alloc() no longer initializes embedded kobjects in struct mem_ctl_info. Therefore edac_mc_free() can no longer simply decrement a kobject reference count to free the allocated memory unless the memory controller driver module had also called edac_mc_add_mc(). Now edac_mc_free() will check if the newly embedded struct device has been registered with sysfs before using either the standard device release functions or freeing the data structures itself with logic pulled out of the error path of edac_mc_alloc(). The BUG this patch resolves for me: BUG: unable to handle kernel NULL pointer dereference at (null) EIP is at __wake_up_common+0x1a/0x6a Process modprobe (pid: 933, ti=f3dc6000 task=f3db9520 task.ti=f3dc6000) Call Trace: complete_all+0x3f/0x50 device_pm_remove+0x23/0xa2 device_del+0x34/0x142 edac_unregister_sysfs+0x3b/0x5c [edac_core] edac_mc_free+0x29/0x2f [edac_core] e7xxx_probe1+0x268/0x311 [e7xxx_edac] e7xxx_init_one+0x56/0x61 [e7xxx_edac] local_pci_probe+0x13/0x15 ... Cc: Mauro Carvalho Chehab <mchehab@redhat.com> Cc: Shaohui Xie <Shaohui.Xie@freescale.com> Signed-off-by: Shaun Ruffell <sruffell@digium.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | 23 September 2012, 21:46:40 UTC |
| ef6e781 | Fengguang Wu | 23 September 2012, 00:18:06 UTC | edac_mc: fix messy kfree calls in the error path coccinelle warns about: + drivers/edac/edac_mc.c:429:9-23: ERROR: reference preceded by free on line 429 421 if (mci->csrows) { > 422 for (chn = 0; chn < tot_channels; chn++) { 423 csr = mci->csrows[chn]; 424 if (csr) { > 425 for (chn = 0; chn < tot_channels; chn++) 426 kfree(csr->channels[chn]); 427 kfree(csr); 428 } > 429 kfree(mci->csrows[i]); 430 } 431 kfree(mci->csrows); 432 } and that code block seem to mess things up in several ways (double free, memory leak, out-of-bound reads etc.): L422: The iterator "chn" and bound "tot_channels" are totally wrong. Should be "row" and "tot_csrows" respectively. Which means either memory leak, or out-of-bound reads (which if does not trigger an immediate page fault error, will further lead to kfree() on random addresses). L425: The inner loop is reusing the same iterator "chn" as the outer loop, which could lead to premature end of the outer loop, and hence memory leak. L429: The array index 'i' in mci->csrows[i] is a temporary value used in previous loops, and won't change at all in the current loop. Which means either out-of-bound read and possibly kfree(random number), or the same mci->csrows[i] get freed once and again, and possibly double free for the kfree(csr) in L427. L426/L427: a kfree(csr->channels) is needed in between to avoid leaking the memory. The buggy code was introduced by commit de3910eb ("edac: change the mem allocation scheme to make Documentation/kobject.txt happy") in the 3.6-rc1 merge window. Fix it by freeing up resources in this order: free csrows[i]->channels[j] free csrows[i]->channels free csrows[i] free csrows CC: Mauro Carvalho Chehab <mchehab@redhat.com> CC: Shaun Ruffell <sruffell@digium.com> Signed-off-by: Fengguang Wu <fengguang.wu@intel.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | 23 September 2012, 21:45:26 UTC |
| 7caf69f | Linus Lüssing | 18 September 2012, 01:01:08 UTC | batman-adv: Fix symmetry check / route flapping in multi interface setups If receiving an OGM from a neighbor other than the currently selected and if it has the same TQ then we are supposed to switch if this neighbor provides a more symmetric link than the currently selected one. However this symmetry check currently is broken if the interface of the neighbor we received the OGM from and the one of the currently selected neighbor differ: We are currently trying to determine the symmetry of the link towards the selected router via the link we received the OGM from instead of just checking via the link towards the currently selected router. This leads to way more route switches than necessary and can lead to permanent route flapping in many common multi interface setups. This patch fixes this issue by using the right interface for this symmetry check. Signed-off-by: Linus Lüssing <linus.luessing@web.de> | 23 September 2012, 21:12:49 UTC |
| 40a3eb3 | Def | 20 September 2012, 12:56:13 UTC | batman-adv: Fix change mac address of soft iface. Into function interface_set_mac_addr, the function tt_local_add was invoked before updating dev->dev_addr. The new MAC address was not tagged as NoPurge. Signed-off-by: Def <def@laposte.net> | 23 September 2012, 21:12:48 UTC |
| 5f0ecb9 | Andreas Herrmann | 23 September 2012, 18:27:32 UTC | hwmon: (fam15h_power) Tweak runavg_range on resume The quirk introduced with commit 00250ec90963b7ef6678438888f3244985ecde14 (hwmon: fam15h_power: fix bogus values with current BIOSes) is not only required during driver load but also when system resumes from suspend. The BIOS might set the previously recommended (but unsuitable) initilization value for the running average range register during resume. Signed-off-by: Andreas Herrmann <andreas.herrmann3@amd.com> Tested-by: Andreas Hartmann <andihartmann@01019freenet.de> Signed-off-by: Jean Delvare <khali@linux-fr.org> Cc: stable@vger.kernel.org # 3.0+ | 23 September 2012, 18:54:09 UTC |
| 641f145 | Silas Boyd-Wickizer | 23 September 2012, 18:27:32 UTC | hwmon: (coretemp) Use get_online_cpus to avoid races involving CPU hotplug coretemp_init loops with for_each_online_cpu, adding platform_devices and sysfs interfaces, then calls register_hotcpu_notifier. There is a race if a CPU is offlined or onlined after the loop, but before register_hotcpu_notifier. The race might result in the absence of a platform_device+sysfs interface for an online CPU, or the presence of a platform_device+sysfs interface for an offline CPU. A similar race occurs during coretemp_exit, after the module calls unregister_hotcpu_notifier, but before it unregisters all devices, a CPU might offline and a device for an offline CPU will exist for a short while. This fix surrounds for_each_online_cpu and register_hotcpu_notifier with get_online_cpus+put_online_cpus; and surrounds unregister_hotcpu_notifier and device unregistering with get_online_cpus+put_online_cpus. Build tested. Signed-off-by: Silas Boyd-Wickizer <sbw@mit.edu> Signed-off-by: Jean Delvare <khali@linux-fr.org> | 23 September 2012, 18:27:32 UTC |
| 1ec3ddf | Silas Boyd-Wickizer | 23 September 2012, 18:27:32 UTC | hwmon: (via-cputemp) Use get_online_cpus to avoid races involving CPU hotplug via_cputemp_init loops with for_each_online_cpu, adding platform_devices, then calls register_hotcpu_notifier. If a CPU is offlined between the loop and register_hotcpu_notifier, then later onlined, via_cputemp_device_add will attempt to add platform devices with the same ID. A similar race occurs during via_cputemp_exit, after the module calls unregister_hotcpu_notifier, a CPU might offline and a device will exist for a CPU that is offline. This fix surrounds for_each_online_cpu and register_hotcpu_notifier with get_online_cpus+put_online_cpus; and surrounds unregister_hotcpu_notifier and device unregistering with get_online_cpus+put_online_cpus. Build tested. Signed-off-by: Silas Boyd-Wickizer <sbw@mit.edu> Acked-by: Harald Welte <laforge@gnumonks.org> Signed-off-by: Jean Delvare <khali@linux-fr.org> | 23 September 2012, 18:27:32 UTC |
| 2b018d5 | Xiaodong Xu | 22 September 2012, 00:09:32 UTC | pppoe: drop PPPOX_ZOMBIEs in pppoe_release When PPPOE is running over a virtual ethernet interface (e.g., a bonding interface) and the user tries to delete the interface in case the PPPOE state is ZOMBIE, the kernel will loop forever while unregistering net_device for the reference count is not decreased to zero which should have been done with dev_put(). Signed-off-by: Xiaodong Xu <stid.smth@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 22 September 2012, 19:49:31 UTC |
| e5e77cf | Linus Torvalds | 22 September 2012, 19:47:53 UTC | Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus Pull MIPS fixes from Ralf Baechle: "Random fixes across arch/mips, essentially. One fix for an issue in get_user_pages_fast() which previously was discovered on x86, a miscalculation in the support for the MIPS MT hardware multithreading support, the RTC support for the Malta and a fix for a spurious interrupt issue that seems to bite only very special Malta configurations." * 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus: MIPS: Malta: Don't crash on spurious interrupt. MIPS: Malta: Remove RTC Data Mode bootstrap breakage MIPS: mm: Add compound tail page _mapcount when mapped MIPS: CMP/SMTC: Fix tc_id calculation | 22 September 2012, 19:47:53 UTC |
| 0b121fd | Jiri Pirko | 22 September 2012, 07:07:53 UTC | team: send port changed when added On some hw, link is not up during adding iface to team. That causes event not being sent to userspace and that may cause confusion. Fix this bug by sending port changed event once it's added to team. Signed-off-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: David S. Miller <davem@davemloft.net> | 22 September 2012, 19:46:12 UTC |
| b3a297d | Linus Torvalds | 22 September 2012, 19:40:16 UTC | Merge branch 'fixes' of git://git.linaro.org/people/rmk/linux-arm Pull ARM and clkdev fixes from Russell King: "Two patches for clkdev which resolve the long standing issue that the devm_* versions were dependent on clkdev, which they shouldn't have been. Instead, they're dependent on HAVE_CLK instead, which implies that you're providing clk_get() and clk_put(). A small fix to the ARM decompressor to ensure that the page tables are properly interpreted by the CPU, and reserve syscall 378 for kcmp (the checksyscalls.sh script is unfortunately currently broken so arch maintainers aren't getting notified of new syscalls...) Lastly, a larger fix for an issue between the common clk subsystem and smp_twd which causes warnings to be spat out." * 'fixes' of git://git.linaro.org/people/rmk/linux-arm: ARM: reserve syscall 378 for kcmp ARM: 7535/1: Reprogram smp_twd based on new common clk framework notifiers ARM: 7537/1: clk: Fix release in devm_clk_put() ARM: 7532/1: decompressor: reset SCTLR.TRE for VMSA ARMv7 cores ARM: 7534/1: clk: Make the managed clk functions generically available | 22 September 2012, 19:40:16 UTC |
| cead24c | Linus Torvalds | 22 September 2012, 19:37:54 UTC | Merge branch 'upstream-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid Pull HID fixes from Jiri Kosina: "The most important fix is Logitech Unifying receiver regression in device enumeration fix from Nestor Lopez Casado. In addition to that, there is a small memory leak fix for Thinkpad keyboard driver from Axel Lin." * 'upstream-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid: HID: Fix logitech-dj: missing Unifying device issue HID: lenovo-tpkbd: Fix memory leak in tpkbd_remove_tp() | 22 September 2012, 19:37:54 UTC |
| a4be6c7 | Linus Torvalds | 22 September 2012, 19:36:57 UTC | Merge branch 'for-linus' of git://git.samba.org/sfrench/cifs-2.6 Pull cifs fix from Steve French. * 'for-linus' of git://git.samba.org/sfrench/cifs-2.6: cifs: fix return value in cifsConvertToUTF16 | 22 September 2012, 19:36:57 UTC |
| ab43ed8 | Eric Dumazet | 22 September 2012, 00:08:29 UTC | ipv4: raw: fix icmp_filter() icmp_filter() should not modify its input, or else its caller would need to recompute ip_hdr() if skb->head is reallocated. Use skb_header_pointer() instead of pskb_may_pull() and change the prototype to make clear both sk and skb are const. Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 22 September 2012, 19:35:05 UTC |
| 9913b8c | Peter Hüwe | 21 September 2012, 16:44:18 UTC | net/phy/bcm87xx: Add MODULE_LICENSE("GPL") to GPL driver Currently the driver has no MODULE_LICENSE attribute in its source which results in a kernel taint if I load this: root@(none):~# modprobe bcm87xx bcm87xx: module license 'unspecified' taints kernel. Since the first lines of the source code clearly state: * This file is subject to the terms and conditions of the GNU General * Public License. See the file "COPYING" in the main directory of this * archive for more details. I think it's safe to add the MODULE_LICENSE("GPL") macro and thus remove the kernel taint. Cc: stable@vger.kernel.org Signed-off-by: Peter Huewe <peterhuewe@gmx.de> Signed-off-by: David S. Miller <davem@davemloft.net> | 22 September 2012, 19:33:46 UTC |
| 1199992 | John W. Linville | 22 September 2012, 16:19:22 UTC | Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem | 22 September 2012, 16:19:22 UTC |
| 5962640 | Nestor Lopez Casado | 21 September 2012, 10:21:34 UTC | HID: Fix logitech-dj: missing Unifying device issue This patch fixes an issue introduced after commit 4ea5454203d991ec ("HID: Fix race condition between driver core and ll-driver"). After that commit, hid-core discards any incoming packet that arrives while hid driver's probe function is being executed. This broke the enumeration process of hid-logitech-dj, that must receive control packets in-band with the mouse and keyboard packets. Discarding mouse or keyboard data at the very begining is usually fine, but it is not the case for control packets. This patch forces a re-enumeration of the paired devices when a packet arrives that comes from an unknown device. Based on a patch originally written by Benjamin Tissoires. Cc: stable@vger.kernel.org # v3.2+ Signed-off-by: Nestor Lopez Casado <nlopezcasad@logitech.com> Signed-off-by: Jiri Kosina <jkosina@suse.cz> | 22 September 2012, 08:58:48 UTC |
| 3914998 | Axel Lin | 13 September 2012, 05:25:12 UTC | HID: lenovo-tpkbd: Fix memory leak in tpkbd_remove_tp() We need to kfree names for led_mute and led_micmute in tpkbd_remove_tp(). Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Bernhard Seibold <mail@bernhard-seibold.de> Signed-off-by: Jiri Kosina <jkosina@suse.cz> | 22 September 2012, 08:58:36 UTC |
| 5ce765a | Alex Elder | 21 September 2012, 22:59:58 UTC | libceph: only kunmap kmapped pages In write_partial_msg_pages(), pages need to be kmapped in order to perform a CRC-32c calculation on them. As an artifact of the way this code used to be structured, the kunmap() call was separated from the kmap() call and both were done conditionally. But the conditions under which the kmap() and kunmap() calls were made differed, so there was a chance a kunmap() call would be done on a page that had not been mapped. The symptom of this was tripping a BUG() in kunmap_high() when pkmap_count[nr] became 0. Reported-by: Bryan K. Wright <bryan@virginia.edu> Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Sage Weil <sage@inktank.com> | 22 September 2012, 03:49:26 UTC |
| 340c7a2 | Alex Elder | 10 August 2012, 20:12:07 UTC | rbd: drop dev reference on error in rbd_open() If a read-only rbd device is opened for writing in rbd_open(), it returns without dropping the just-acquired device reference. Fix this by moving the read-only check before getting the reference. Signed-off-by: Alex Elder <elder@inktank.com> Reviewed-by: Yehuda Sadeh <yehuda@inktank.com> Reviewed-by: Josh Durgin <josh.durgin@inktank.com> | 22 September 2012, 03:48:54 UTC |
| abef3bd | Linus Torvalds | 21 September 2012, 21:32:55 UTC | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net Pull networking updates from David Miller: "More bug fixes, nothing gets past these guys" 1) More kernel info leaks found by Mathias Krause, this time in the IPSEC configuration layers. 2) When IPSEC policies change, we do not properly make sure that cached routes (which could now be stale) throughout the system will be revalidated. Fix this by generalizing the generation count invalidation scheme used by ipv4. From Nicolas Dichtel. 3) When repairing TCP sockets, we need to allow to restore not just the send window scale, but the receive one too. Extend the existing interface to achieve this in a backwards compatible way. From Andrey Vagin. 4) A fix for FCOE scatter gather feature validation erroneously caused scatter gather to be disabled for things like AOE too. From Ed L Cashin. 5) Several cases of mishandling of error pointers, from Mathias Krause, Wei Yongjun, and Devendra Naga. 6) Fix gianfar build, from Richard Cochran. 7) CAP_NET_* failures should return -EPERM not -EACCES, from Zhao Hongjiang. 8) Hardware reset fix in janz-ican3 CAN driver, from Ira W Snyder. 9) Fix oops during rmmod in ti_hecc CAN driver, from Marc Kleine-Budde. 10) The removal of the conditional compilation of the clk support code in the stmmac driver broke things. This is because the interfaces used are the ones that don't also perform the enable/disable of the clk. Fix from Stefan Roese. 11) The QFQ packet scheduler can record out of range virtual start times, resulting later in misbehavior and even crashes. Fix from Paolo Valente. 12) If MSG_WAITALL is used with IOAT DMA under TCP, we can wedge the receiver when the advertised receive window goes to zero. Detect this case and force the processing of the IOAT DMA queue when it happens to avoid getting stuck. Fix from Michal Kubecek. 13) batman-adv assumes that test_bit() returns only 0 or 1, but this is not true for x86 (which returns -1 or 0, via the 'sbb' instruction). Fix from Linus Lussing. 14) Fix small packet corruption in e1000, from Tushar Dave. 15) make_blackhole() in the IPSEC policy code can do one read unlock too many, fix from Li RongQing. 16) The new tcp_try_coalesce() code introduced a bug in TCP URG handling, fix from Eric Dumazet. 17) Fix memory leak in __netif_receive_skb() when doing zerocopy and when hit an OOM condition. From Michael S Tsirkin. 18) netxen blindly deferences pdev->bus->self, which is not guarenteed to be non-NULL. Fix from Nikolay Aleksandrov. 19) Fix a performance regression caused by mistakes in ipv6 checksum validation in the bnx2x driver, fix from Michal Schmidt. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (45 commits) net/stmmac: Use clk_prepare_enable and clk_disable_unprepare net: change return values from -EACCES to -EPERM net/irda: sh_sir: fix return value check in sh_sir_set_baudrate() stmmac: fix return value check in stmmac_open_ext_timer() gianfar: fix phc index build failure ipv6: fix return value check in fib6_add() bnx2x: remove false warning regarding interrupt number can: ti_hecc: fix oops during rmmod can: janz-ican3: fix support for older hardware revisions net: do not disable sg for packets requiring no checksum aoe: assert AoE packets marked as requiring no checksum at91ether: return PTR_ERR if call to clk_get fails xfrm_user: don't copy esn replay window twice for new states xfrm_user: ensure user supplied esn replay window is valid xfrm_user: fix info leak in copy_to_user_tmpl() xfrm_user: fix info leak in copy_to_user_policy() xfrm_user: fix info leak in copy_to_user_state() xfrm_user: fix info leak in copy_to_user_auth() net: qmi_wwan: adding Huawei E367, ZTE MF683 and Pantech P4200 tcp: restore rcv_wscale in a repair mode (v2) ... | 21 September 2012, 21:32:55 UTC |
| 6219844 | Linus Torvalds | 21 September 2012, 21:31:50 UTC | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc Pull sparc updates from David Miller: 1) Debugging builds on 32-bit sparc need to handle the R_SPARC_DISP32 relocation, not just 64-bit sparc. From Andreas Larsson. 2) Wei Yongjun noticed that module_alloc() on sparc can return an error pointer, but that's not allowed. module_alloc() should return only a valid pointer, or NULL. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc: sparc: fix the return value of module_alloc() sparc32: Enable the relocation target R_SPARC_DISP32 for sparc32 | 21 September 2012, 21:31:50 UTC |
| 9d10890 | Linus Torvalds | 21 September 2012, 21:26:23 UTC | Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Ingo Molnar: "Small fixlets" * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mm/init.c: Fix devmem_is_allowed() off by one x86/kconfig: Remove outdated reference to Intel CPUs in CONFIG_SWIOTLB | 21 September 2012, 21:26:23 UTC |
| 519b3b7 | Linus Torvalds | 21 September 2012, 21:25:46 UTC | Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull timer fix from Ingo Molnar: "One more timekeeping fix for v3.6" * 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: time: Fix timeekeping_get_ns overflow on 32bit systems | 21 September 2012, 21:25:46 UTC |
| 18f5600 | Linus Torvalds | 21 September 2012, 21:24:48 UTC | Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull perf fixes from Ingo Molnar: "Small perf fixlets" * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: tracing: Don't call page_to_pfn() if page is NULL perf/x86: Fix Intel Ivy Bridge support perf/x86/ibs: Check syscall attribute flags perf/x86: Export Sandy Bridge uncore clockticks event in sysfs | 21 September 2012, 21:24:48 UTC |
| 789f95b | Linus Torvalds | 21 September 2012, 19:43:01 UTC | Merge tag 'for-linus-v3.6-rc7' of git://oss.sgi.com/xfs/xfs Pull xfs bugfixes from Ben Myers: - fix a regression related to xfs_sync_worker racing with unmount. - fix a race while discarding xfs buffers. * tag 'for-linus-v3.6-rc7' of git://oss.sgi.com/xfs/xfs: xfs: stop the sync worker before xfs_unmountfs xfs: fix race while discarding buffers [V4] | 21 September 2012, 19:43:01 UTC |
| 36a21fe | Linus Torvalds | 21 September 2012, 19:41:28 UTC | Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux Pull drm fixes from Dave Airlie: "Fixes for big 3 drivers: nouveau: revert earlier MBP fix, put a dmi based MBP fix in its place (fixes a regression we found on some Dell eDP panels doing some internal testing) radeon: revert pll fixes, real fix is too invasive, fix scratch leak intel: 3 minor fixes, one for HDMI audio." * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: drm/nouveau: add dmi quirk for gpio reset drm/radeon: Prevent leak of scratch register on resume from suspend Revert "drm/nv50-/gpio: initialise to vbios defaults during init" Revert "drm/radeon: rework pll selection (v3)" drm/i915: HDMI - Clear Audio Enable bit for Hot Plug drm/i915: Reduce a pin-leak BUG into a WARN drm/i915: enable lvds pin pairs before dpll on gen2 | 21 September 2012, 19:41:28 UTC |
| 6551d6f | Linus Torvalds | 21 September 2012, 19:39:28 UTC | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input Pull input updates from Dmitry Torokhov: "Updates for the input subsystem. Just a few driver updates mostly dealing with recent regressions." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Input: edt-ft5x06 - return -EFAULT on copy_to_user() error Input: sentelic - filter out erratic movement when lifting finger Input: ambakmi - [un]prepare clocks when enabling amd disabling Input: i8042 - disable mux on Toshiba C850D Revert "input: ab8500-ponkey: Create AB8500 domain IRQ mapping" Input: imx_keypad - fix missing clk conversions Input: usbtouchscreen - initialize eGalax devices | 21 September 2012, 19:39:28 UTC |
| 868f480 | Linus Torvalds | 21 September 2012, 19:36:23 UTC | Merge git://www.linux-watchdog.org/linux-watchdog Pull watchdog fixes from Wim Van Sebroeck: "Fix a kdump issue in hpwdt and a possible NULL dereference." * git://www.linux-watchdog.org/linux-watchdog: watchdog: move the dereference below the NULL test hpwdt: Fix kdump issue in hpwdt | 21 September 2012, 19:36:23 UTC |
| 6d77987 | Linus Torvalds | 21 September 2012, 19:33:31 UTC | Merge tag 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging Pull hwmon fixes from Guenter Roeck: - Add missing 'name' sysfs attributes to ad7314 and ads7871 drivers - Bump maximum wait time for applesmc driver (again) - Fix build warning seen with W=1 in include/linux/kernel.h, introduced with commit b6d86d3d6d6e ("Fix DIV_ROUND_CLOSEST to support negative dividends") * tag 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging: linux/kernel.h: Fix warning seen with W=1 due to change in DIV_ROUND_CLOSEST hwmon: (applesmc) Bump max wait hwmon: (ad7314) Add 'name' sysfs attribute hwmon: (ads7871) Add 'name' sysfs attribute | 21 September 2012, 19:33:31 UTC |
| 06b050e | Linus Torvalds | 21 September 2012, 19:15:37 UTC | Merge branch 'fixes' of git://git.infradead.org/users/vkoul/slave-dma Pull slave-dmaengine fixes from Vinod Koul: "There are two trivial fixes in pl330 driver and two in at_hdmac driver." * 'fixes' of git://git.infradead.org/users/vkoul/slave-dma: DMA: PL330: Check the pointer returned by kzalloc DMA: PL330: Fix potential NULL pointer dereference in pl330_submit_req() dmaengine: at_hdmac: check that each sg data length is non-null dmaengine: at_hdmac: fix comment in atc_prep_slave_sg() | 21 September 2012, 19:15:37 UTC |
| 6336501 | Linus Torvalds | 21 September 2012, 19:14:47 UTC | Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc Pull arm-soc bug fixes from Olof Johansson: "A couple of samsung clock locking fixes, at91 device tree gpio configuration fix and a couple more for shmobile and i.MX. All small targeted fixes." * tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: ARM i.MX25: Make timer irq work again ARM: imx: armadillo5x0: Fix illegal register access ARM: shmobile: kzm9g: bugfix: correct mmcif interrupt settings ARM: SAMSUNG: Use spin_lock_{irqsave,irqrestore} in clk_set_rate ARM: at91: fix missing #interrupt-cells on gpio-controller ARM: SAMSUNG: use spin_lock_irqsave() in clk_set_parent | 21 September 2012, 19:14:47 UTC |
| a9e8d1a | Wei Yongjun | 20 September 2012, 18:57:51 UTC | sparc: fix the return value of module_alloc() In case of error, function module_alloc() in other platform never returns ERR_PTR(), and all of the user only check for NULL, so we'd better return NULL instead of ERR_PTR(). dpatch engine is used to auto generated this patch. (https://github.com/weiyj/dpatch) Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 19:14:20 UTC |
| dfa520a | Andreas Larsson | 17 September 2012, 19:59:52 UTC | sparc32: Enable the relocation target R_SPARC_DISP32 for sparc32 GNU Binutils 2.20.1 generates .eh_frame sections that uses R_SPARC_DISP32. Signed-off-by: Andreas Larsson <andreas@gaisler.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 19:14:19 UTC |
| 267b50f | Linus Torvalds | 21 September 2012, 19:10:17 UTC | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux Pull s390 fixes from Martin Schwidefsky: "Bug fixes for 3.6-rc7, including some important patches for large page related memory management issues." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390/dasd: fix read unit address configuration loop s390/dasd: fix pathgroup race s390/mm: fix user access page-table walk code s390/hwcaps: do not report high gprs for 31 bit kernel s390/cio: invalidate cdev pointer before deregistration s390/cio: fix IO subchannel event race s390/dasd: move wake_up call s390/hugetlb: use direct TLB flushing for hugetlbfs pages s390/mm: fix deadlock in unmap_hugepage_range() | 21 September 2012, 19:10:17 UTC |
| 8ca7de9 | Linus Torvalds | 21 September 2012, 19:06:54 UTC | Merge tag 'stable/for-linus-3.6-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen Pull Xen bug-fixes from Konrad Rzeszutek Wilk: - Fix M2P batching re-using the incorrect structure field. In v3.5 we added batching for M2P override (Machine Frame Number -> Physical Frame Number), but the original MFN was saved in an incorrect structure - and we would oops/restore when restoring with the old MFN. - Disable BIOS SMP MP table search. A bootup issue that we had ignored until we found that on DL380 G6 it was needed. * tag 'stable/for-linus-3.6-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen: xen/boot: Disable BIOS SMP MP table search. xen/m2p: do not reuse kmap_op->dev_bus_addr | 21 September 2012, 19:06:54 UTC |
| a630844 | Stefan Roese | 21 September 2012, 01:06:29 UTC | net/stmmac: Use clk_prepare_enable and clk_disable_unprepare This patch fixes an issue introduced by commit ID 6a81c26f [net/stmmac: remove conditional compilation of clk code], which switched from the internal stmmac_clk_{en}{dis}able calls to clk_{en}{dis}able. By this, calling clk_prepare and clk_unprepare was removed. clk_{un}prepare is mandatory for platforms using common clock framework. Since these drivers are used by SPEAr platform, which supports common clock framework, add clk_{un}prepare() support for them. Otherwise the clocks are not correctly en-/disabled and ethernet support doesn't work. Signed-off-by: Stefan Roese <sr@denx.de> Cc: Viresh Kumar <viresh.kumar@linaro.org> Cc: Giuseppe Cavallaro <peppe.cavallaro@st.com> Reviewed-by: Viresh Kumar <viresh.kumar@linaro.org> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 18:59:52 UTC |
| e05e279 | Linus Torvalds | 21 September 2012, 18:48:05 UTC | debugfs: fix u32_array race in format_array_alloc The format_array_alloc() function is fundamentally racy, in that it prints the array twice: once to figure out how much space to allocate for the buffer, and the second time to actually print out the data. If any of the array contents changes in between, the allocation size may be wrong, and the end result may be truncated in odd ways. Just don't do it. Allocate a maximum-sized array up-front, and just format the array contents once. The only user of the u32_array interfaces is the Xen spinlock statistics code, and it has 31 entries in the arrays, so the maximum size really isn't that big, and the end result is much simpler code without the bug. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | 21 September 2012, 18:48:05 UTC |
| bf5b30b | Zhao Hongjiang | 20 September 2012, 22:37:25 UTC | net: change return values from -EACCES to -EPERM Change return value from -EACCES to -EPERM when the permission check fails. Signed-off-by: Zhao Hongjiang <zhaohongjiang@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 17:58:08 UTC |
| e0c7a4a | David S. Miller | 21 September 2012, 17:49:59 UTC | Merge branch 'fixes-for-3.6' of git://gitorious.org/linux-can/linux-can Marc Kleine-Budde says: ==================== two patches for the v3.6 release cycle. Ira W. Snyder fixed support for the older version of the Janz CMOD-IO Carrier Board. I found and fixed an oops in the ti_hecc driver, which occurs when removing the module if the network interface is still open. ==================== Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 17:50:16 UTC |
| dc9c975 | Wei Yongjun | 20 September 2012, 21:13:55 UTC | net/irda: sh_sir: fix return value check in sh_sir_set_baudrate() In case of error, the function clk_get() returns ERR_PTR() and never returns NULL pointer. The NULL test in the error handling should be replaced with IS_ERR(). dpatch engine is used to auto generated this patch. (https://github.com/weiyj/dpatch) Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 17:47:24 UTC |
| 6861509 | Wei Yongjun | 20 September 2012, 21:06:10 UTC | stmmac: fix return value check in stmmac_open_ext_timer() In case of error, the function clk_get() returns ERR_PTR() and never returns NULL pointer. The NULL test in the error handling should be replaced with IS_ERR(). dpatch engine is used to auto generated this patch. (https://github.com/weiyj/dpatch) Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 17:47:24 UTC |
| 28889b7 | Richard Cochran | 20 September 2012, 19:11:12 UTC | gianfar: fix phc index build failure This patch fixes a build failure introduced in commit 66636287 ("gianfar: Support the get_ts_info ethtool method."). Not only was a global variable inconsistently named, but also it was not exported as it should have been. This fix is also needed in stable version 3.5. Signed-off-by: Richard Cochran <richardcochran@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 17:45:29 UTC |
| f950c0e | Wei Yongjun | 20 September 2012, 18:29:56 UTC | ipv6: fix return value check in fib6_add() In case of error, the function fib6_add_1() returns ERR_PTR() or NULL pointer. The ERR_PTR() case check is missing in fib6_add(). dpatch engine is used to generated this patch. (https://github.com/weiyj/dpatch) Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 17:43:52 UTC |
| 3604885 | David Rientjes | 21 September 2012, 09:16:29 UTC | debugfs: fix race in u32_array_read and allocate array at open u32_array_open() is racy when multiple threads read from a file with a seek position of zero, i.e. when two or more simultaneous reads are occurring after the non-seekable files are created. It is possible that file->private_data is double-freed because the threads races between kfree(file->private-data); and file->private_data = NULL; The fix is to only do format_array_alloc() when the file is opened and free it when it is closed. Note that because the file has always been non-seekable, you can't open it and read it multiple times anyway, so the data has always been generated just once. The difference is that now it is generated at open time rather than at the time of the first read, and that avoids the race. Reported-by: Dave Jones <davej@redhat.com> Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Tested-by: Raghavendra <raghavendra.kt@linux.vnet.ibm.com> Signed-off-by: David Rientjes <rientjes@google.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | 21 September 2012, 17:28:17 UTC |
| 185d4c8 | Ariel Elior | 20 September 2012, 05:26:41 UTC | bnx2x: remove false warning regarding interrupt number Since version 7.4 the FW configures in the pci config space the max number of interrupts available to the physical function, instead of the exact number to use. This causes a false warning in driver when comparing the number of configured interrupts to the number about to be used. Signed-off-by: Ariel Elior <ariele@broadcom.com> Signed-off-by: Eilon Greenstein <eilong@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 17:27:16 UTC |
| bf619fa | Russell King | 21 September 2012, 16:55:20 UTC | ARM: reserve syscall 378 for kcmp kcmp has appeared on x86, but has not been noticed because checksyscalls.sh is broken at the moment. Reserve ARM syscall 378 for this should we ever need it, and add an __IGNORE entry for this unimplemented syscall. Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk> | 21 September 2012, 16:56:25 UTC |
| b68e7fa | Alex Williamson | 21 September 2012, 16:48:28 UTC | vfio: Fix virqfd release race vfoi-pci supports a mechanism like KVM's irqfd for unmasking an interrupt through an eventfd. There are two ways to shutdown this interface: 1) close the eventfd, 2) ioctl (such as disabling the interrupt). Both of these do the release through a workqueue, which can result in a segfault if two jobs get queued for the same virqfd. Fix this by protecting the pointer to these virqfds by a spinlock. The vfio pci device will therefore no longer have a reference to it once the release job is queued under lock. On the ioctl side, we still flush the workqueue to ensure that any outstanding releases are completed. Signed-off-by: Alex Williamson <alex.williamson@redhat.com> | 21 September 2012, 16:48:28 UTC |
| b37b593 | Alex Williamson | 21 September 2012, 16:48:03 UTC | vfio: Trivial Documentation correction Signed-off-by: Alex Williamson <alex.williamson@redhat.com> | 21 September 2012, 16:48:03 UTC |
| 24cc7fb | Jeff Mahoney | 20 September 2012, 14:28:45 UTC | x86/kbuild: archscripts depends on scripts_basic While building the SUSE kernel packages, which build the scripts, make clean, and then build everything, we have been running into spurious build failures. We tracked them down to a simple dependency issue: $ make mrproper CLEAN arch/x86/tools CLEAN scripts/basic $ cp patches/config/x86_64/desktop .config $ make archscripts HOSTCC arch/x86/tools/relocs /bin/sh: scripts/basic/fixdep: No such file or directory make[3]: *** [arch/x86/tools/relocs] Error 1 make[2]: *** [archscripts] Error 2 make[1]: *** [sub-make] Error 2 make: *** [all] Error 2 This was introduced by commit 6520fe55 (x86, realmode: 16-bit real-mode code support for relocs), which added the archscripts dependency to archprepare. This patch adds the scripts_basic dependency to the x86 archscripts. Signed-off-by: Jeff Mahoney <jeffm@suse.com> Signed-off-by: Michal Marek <mmarek@suse.cz> | 21 September 2012, 11:49:47 UTC |
| c1c1a59 | Mark Asselstine | 19 September 2012, 20:30:44 UTC | firmware: fix directory creation rule matching with make 3.80 Since make 3.80 doesn't support secondary expansion it uses a fallback rule to create firmware directories which is matched after primary expansion of the $(installed-fw) rule's prerequisite. Commit 6c7080a61fc7 [firmware: fix directory creation rule matching with make 3.82] changed the expression generated after primary expansion such that the fallback was not matched. Updating the fallback rule to match the new look primary expansion is not an option for various reasons. The trailing slash added here to $(INSTALL_FW_PATH)/. while defining installed-fw-dirs fixes builds with make 3.82 since this will provide a matching rule for $(INSTALL_FW_PATH)/$$(dir %) when % is in the base firmware directory (ie. $(dir %) gives './'). Versions of make prior to 3.82 will strip this trailing slash along with the one generated by $(dir %) when % is in the base firmware directory and as such continue to function as before. Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com> Tested-by: Jan Beulich <jbeulich@suse.com> Signed-off-by: Michal Marek <mmarek@suse.cz> | 21 September 2012, 11:15:42 UTC |
| ab04c8b | Marc Kleine-Budde | 19 September 2012, 12:58:45 UTC | can: ti_hecc: fix oops during rmmod This patch fixes an oops which occurs when unloading the driver, while the network interface is still up. The problem is that first the io mapping is teared own, then the CAN device is unregistered, resulting in accessing the hardware's iomem: [ 172.744232] Unable to handle kernel paging request at virtual address c88b0040 [ 172.752441] pgd = c7be4000 [ 172.755645] [c88b0040] *pgd=87821811, *pte=00000000, *ppte=00000000 [ 172.762207] Internal error: Oops: 807 [#1] PREEMPT ARM [ 172.767517] Modules linked in: ti_hecc(-) can_dev [ 172.772430] CPU: 0 Not tainted (3.5.0alpha-00037-g3554cc0 #126) [ 172.778961] PC is at ti_hecc_close+0xb0/0x100 [ti_hecc] [ 172.784423] LR is at __dev_close_many+0x90/0xc0 [ 172.789123] pc : [<bf00c768>] lr : [<c033be58>] psr: 60000013 [ 172.789123] sp : c5c1de68 ip : 00040081 fp : 00000000 [ 172.801025] r10: 00000001 r9 : c5c1c000 r8 : 00100100 [ 172.806457] r7 : c5d0a48c r6 : c5d0a400 r5 : 00000000 r4 : c5d0a000 [ 172.813232] r3 : c88b0000 r2 : 00000001 r1 : c5d0a000 r0 : c5d0a000 [ 172.820037] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user [ 172.827423] Control: 10c5387d Table: 87be4019 DAC: 00000015 [ 172.833404] Process rmmod (pid: 600, stack limit = 0xc5c1c2f0) [ 172.839447] Stack: (0xc5c1de68 to 0xc5c1e000) [ 172.843994] de60: bf00c6b8 c5c1dec8 c5d0a000 c5d0a000 00200200 c033be58 [ 172.852478] de80: c5c1de44 c5c1dec8 c5c1dec8 c033bf2c c5c1de90 c5c1de90 c5d0a084 c5c1de44 [ 172.860992] dea0: c5c1dec8 c033c098 c061d3dc c5d0a000 00000000 c05edf28 c05edb34 c000d724 [ 172.869476] dec0: 00000000 c033c2f8 c5d0a084 c5d0a084 00000000 c033c370 00000000 c5d0a000 [ 172.877990] dee0: c05edb00 c033c3b8 c5d0a000 bf00d3ac c05edb00 bf00d7c8 bf00d7c8 c02842dc [ 172.886474] df00: c02842c8 c0282f90 c5c1c000 c05edb00 bf00d7c8 c0283668 bf00d7c8 00000000 [ 172.894989] df20: c0611f98 befe2f80 c000d724 c0282d10 bf00d804 00000000 00000013 c0068a8c [ 172.903472] df40: c5c538e8 685f6974 00636365 c61571a8 c5cb9980 c61571a8 c6158a20 c00c9bc4 [ 172.911987] df60: 00000000 00000000 c5cb9980 00000000 c5cb9980 00000000 c7823680 00000006 [ 172.920471] df80: bf00d804 00000880 c5c1df8c 00000000 000d4267 befe2f80 00000001 b6d90068 [ 172.928985] dfa0: 00000081 c000d5a0 befe2f80 00000001 befe2f80 00000880 b6d90008 00000008 [ 172.937469] dfc0: befe2f80 00000001 b6d90068 00000081 00000001 00000000 befe2eac 00000000 [ 172.945983] dfe0: 00000000 befe2b18 00023ba4 b6e6addc 60000010 befe2f80 a8e00190 86d2d344 [ 172.954498] [<bf00c768>] (ti_hecc_close+0xb0/0x100 [ti_hecc]) from [<c033be58>] (__dev__registered_many+0xc0/0x2a0) [ 172.984161] [<c033c098>] (rollback_registered_many+0xc0/0x2a0) from [<c033c2f8>] (rollback_registered+0x20/0x30) [ 172.994750] [<c033c2f8>] (rollback_registered+0x20/0x30) from [<c033c370>] (unregister_netdevice_queue+0x68/0x98) [ 173.005401] [<c033c370>] (unregister_netdevice_queue+0x68/0x98) from [<c033c3b8>] (unregister_netdev+0x18/0x20) [ 173.015899] [<c033c3b8>] (unregister_netdev+0x18/0x20) from [<bf00d3ac>] (ti_hecc_remove+0x60/0x80 [ti_hecc]) [ 173.026245] [<bf00d3ac>] (ti_hecc_remove+0x60/0x80 [ti_hecc]) from [<c02842dc>] (platform_drv_remove+0x14/0x18) [ 173.036712] [<c02842dc>] (platform_drv_remove+0x14/0x18) from [<c0282f90>] (__device_release_driver+0x7c/0xbc) Cc: stable <stable@vger.kernel.org> Cc: Anant Gole <anantgole@ti.com> Tested-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de> | 21 September 2012, 10:54:53 UTC |
| e21093e | Ira W. Snyder | 11 September 2012, 22:58:15 UTC | can: janz-ican3: fix support for older hardware revisions The Revision 1.0 Janz CMOD-IO Carrier Board does not have support for the reset registers. To support older hardware, the code is changed to use the hardware reset register on the Janz VMOD-ICAN3 hardware itself. Cc: stable <stable@vger.kernel.org> Signed-off-by: Ira W. Snyder <iws@ovro.caltech.edu> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de> | 21 September 2012, 10:54:52 UTC |
| 017a27e | Dave Airlie | 21 September 2012, 10:46:01 UTC | Merge branch 'drm-intel-fixes' of git://people.freedesktop.org/~danvet/drm-intel into drm-fixes Daniel writes: Essentially just flush my -fixes queue before I head off to xdc. - gen2 regression fixer, we've enabled the lvds stuff too late. Not causing any known issues, but this restores the sequence before a refactor that landed in 3.5, and lvds is a fickle beast. And seriously, who runs gen2 still ... - downgrade a BUG to a WARN - we haven't root-caused/fixed the underlying issue yet, but this should help bug reporters quite a bit. - properly disable hdmi audio - we've lost track of this, which resulted in the alsa driver again losing track of the unplug event. * 'drm-intel-fixes' of git://people.freedesktop.org/~danvet/drm-intel: drm/i915: HDMI - Clear Audio Enable bit for Hot Plug drm/i915: Reduce a pin-leak BUG into a WARN drm/i915: enable lvds pin pairs before dpll on gen2 | 21 September 2012, 10:46:01 UTC |
| 6c06d60 | Dave Airlie | 21 September 2012, 13:19:50 UTC | drm/nouveau: add dmi quirk for gpio reset This fixes the gpio reset problem so the Retina MBP works, but avoids breaking the Dell systems. Ben will work on a better solution for 3.7. Tested by me on retina MBP. Signed-off-by: Dave Airlie <airlied@redhat.com> | 21 September 2012, 14:17:15 UTC |
| c0d680e | Ed Cashin | 19 September 2012, 15:49:00 UTC | net: do not disable sg for packets requiring no checksum A change in a series of VLAN-related changes appears to have inadvertently disabled the use of the scatter gather feature of network cards for transmission of non-IP ethernet protocols like ATA over Ethernet (AoE). Below is a reference to the commit that introduces a "harmonize_features" function that turns off scatter gather when the NIC does not support hardware checksumming for the ethernet protocol of an sk buff. commit f01a5236bd4b140198fbcc550f085e8361fd73fa Author: Jesse Gross <jesse@nicira.com> Date: Sun Jan 9 06:23:31 2011 +0000 net offloading: Generalize netif_get_vlan_features(). The can_checksum_protocol function is not equipped to consider a protocol that does not require checksumming. Calling it for a protocol that requires no checksum is inappropriate. The patch below has harmonize_features call can_checksum_protocol when the protocol needs a checksum, so that the network layer is not forced to perform unnecessary skb linearization on the transmission of AoE packets. Unnecessary linearization results in decreased performance and increased memory pressure, as reported here: http://www.spinics.net/lists/linux-mm/msg15184.html The problem has probably not been widely experienced yet, because only recently has the kernel.org-distributed aoe driver acquired the ability to use payloads of over a page in size, with the patchset recently included in the mm tree: https://lkml.org/lkml/2012/8/28/140 The coraid.com-distributed aoe driver already could use payloads of greater than a page in size, but its users generally do not use the newest kernels. Signed-off-by: Ed Cashin <ecashin@coraid.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 02:23:40 UTC |
| 8babe8c | Ed Cashin | 19 September 2012, 15:46:39 UTC | aoe: assert AoE packets marked as requiring no checksum In order for the network layer to see that AoE requires no checksumming in a generic way, the packets must be marked as requiring no checksum, so we make this requirement explicit with the assertion. Signed-off-by: Ed Cashin <ecashin@coraid.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 02:23:40 UTC |
| 3cfc159 | Devendra Naga | 19 September 2012, 21:04:36 UTC | at91ether: return PTR_ERR if call to clk_get fails we are currently returning ENODEV, as the clk_get may give a exact error code in its returned pointer, assign it to the ret by using the PTR_ERR function, so that the subsequent goto label will jump to the error path and clean the driver and return the error correctly. Signed-off-by: Devendra Naga <devendra.aaru@gmail.com> Acked-by: Nicolas Ferre <nicolas.ferre@atmel.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 21 September 2012, 02:21:40 UTC |
| e3ac104 | Mathias Krause | 19 September 2012, 11:33:43 UTC | xfrm_user: don't copy esn replay window twice for new states The ESN replay window was already fully initialized in xfrm_alloc_replay_state_esn(). No need to copy it again. Cc: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Mathias Krause <minipli@googlemail.com> Acked-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 20 September 2012, 22:08:40 UTC |
| ecd7918 | Mathias Krause | 20 September 2012, 10:01:49 UTC | xfrm_user: ensure user supplied esn replay window is valid The current code fails to ensure that the netlink message actually contains as many bytes as the header indicates. If a user creates a new state or updates an existing one but does not supply the bytes for the whole ESN replay window, the kernel copies random heap bytes into the replay bitmap, the ones happen to follow the XFRMA_REPLAY_ESN_VAL netlink attribute. This leads to following issues: 1. The replay window has random bits set confusing the replay handling code later on. 2. A malicious user could use this flaw to leak up to ~3.5kB of heap memory when she has access to the XFRM netlink interface (requires CAP_NET_ADMIN). Known users of the ESN replay window are strongSwan and Steffen's iproute2 patch (<http://patchwork.ozlabs.org/patch/85962/>). The latter uses the interface with a bitmap supplied while the former does not. strongSwan is therefore prone to run into issue 1. To fix both issues without breaking existing userland allow using the XFRMA_REPLAY_ESN_VAL netlink attribute with either an empty bitmap or a fully specified one. For the former case we initialize the in-kernel bitmap with zero, for the latter we copy the user supplied bitmap. For state updates the full bitmap must be supplied. To prevent overflows in the bitmap length calculation the maximum size of bmp_len is limited to 128 by this patch -- resulting in a maximum replay window of 4096 packets. This should be sufficient for all real life scenarios (RFC 4303 recommends a default replay window size of 64). Cc: Steffen Klassert <steffen.klassert@secunet.com> Cc: Martin Willi <martin@revosec.ch> Cc: Ben Hutchings <bhutchings@solarflare.com> Signed-off-by: Mathias Krause <minipli@googlemail.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 20 September 2012, 22:08:40 UTC |
| 1f86840 | Mathias Krause | 19 September 2012, 11:33:41 UTC | xfrm_user: fix info leak in copy_to_user_tmpl() The memory used for the template copy is a local stack variable. As struct xfrm_user_tmpl contains multiple holes added by the compiler for alignment, not initializing the memory will lead to leaking stack bytes to userland. Add an explicit memset(0) to avoid the info leak. Initial version of the patch by Brad Spengler. Cc: Brad Spengler <spender@grsecurity.net> Signed-off-by: Mathias Krause <minipli@googlemail.com> Acked-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 20 September 2012, 22:08:40 UTC |
| 7b78983 | Mathias Krause | 19 September 2012, 11:33:40 UTC | xfrm_user: fix info leak in copy_to_user_policy() The memory reserved to dump the xfrm policy includes multiple padding bytes added by the compiler for alignment (padding bytes in struct xfrm_selector and struct xfrm_userpolicy_info). Add an explicit memset(0) before filling the buffer to avoid the heap info leak. Signed-off-by: Mathias Krause <minipli@googlemail.com> Acked-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 20 September 2012, 22:08:39 UTC |
| f778a63 | Mathias Krause | 19 September 2012, 11:33:39 UTC | xfrm_user: fix info leak in copy_to_user_state() The memory reserved to dump the xfrm state includes the padding bytes of struct xfrm_usersa_info added by the compiler for alignment (7 for amd64, 3 for i386). Add an explicit memset(0) before filling the buffer to avoid the info leak. Signed-off-by: Mathias Krause <minipli@googlemail.com> Acked-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 20 September 2012, 22:08:39 UTC |
| 4c87308 | Mathias Krause | 19 September 2012, 11:33:38 UTC | xfrm_user: fix info leak in copy_to_user_auth() copy_to_user_auth() fails to initialize the remainder of alg_name and therefore discloses up to 54 bytes of heap memory via netlink to userland. Use strncpy() instead of strcpy() to fill the trailing bytes of alg_name with null bytes. Signed-off-by: Mathias Krause <minipli@googlemail.com> Acked-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: David S. Miller <davem@davemloft.net> | 20 September 2012, 22:08:39 UTC |
| 9db273f | Bjørn Mork | 19 September 2012, 10:03:36 UTC | net: qmi_wwan: adding Huawei E367, ZTE MF683 and Pantech P4200 One of the modes of Huawei E367 has this QMI/wwan interface: I:* If#= 1 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=01 Prot=07 Driver=(none) E: Ad=83(I) Atr=03(Int.) MxPS= 64 Ivl=2ms E: Ad=84(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=02(O) Atr=02(Bulk) MxPS= 512 Ivl=4ms Huawei use subclass and protocol to identify vendor specific functions, so adding a new vendor rule for this combination. The Pantech devices UML290 (106c:3718) and P4200 (106c:3721) use the same subclass to identify the QMI/wwan function. Replace the existing device specific UML290 entries with generic vendor matching, adding support for the Pantech P4200. The ZTE MF683 has 6 vendor specific interfaces, all using ff/ff/ff for cls/sub/prot. Adding a match on interface #5 which is a QMI/wwan interface. Cc: Fangxiaozhi (Franko) <fangxiaozhi@huawei.com> Cc: Thomas Schäfer <tschaefer@t-online.de> Cc: Dan Williams <dcbw@redhat.com> Cc: Shawn J. Goff <shawn7400@gmail.com> Signed-off-by: Bjørn Mork <bjorn@mork.no> Signed-off-by: David S. Miller <davem@davemloft.net> | 20 September 2012, 21:54:28 UTC |
