Skip to main content

Browse the archive

swh:1:snp:77163734605b0ec556b01d897b7bb4a7e30d46b6
sort by:
Revision Author Date Message Commit Date
92a5655 David Jeffery 05 August 2014, 15:19:42 UTC nfs: Don't busy-wait on SIGKILL in __nfs_iocounter_wait If a SIGKILL is sent to a task waiting in __nfs_iocounter_wait, it will busy-wait or soft lockup in its while loop. nfs_wait_bit_killable won't sleep, and the loop won't exit on the error return. Stop the busy-wait by breaking out of the loop when nfs_wait_bit_killable returns an error. Signed-off-by: David Jeffery <djeffery@redhat.com> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com> 22 August 2014, 22:04:44 UTC
78270e8 Weston Andros Adamson 14 August 2014, 21:39:33 UTC nfs: can_coalesce_requests must enforce contiguity Commit 6094f83864c1d1296566a282cba05ba613f151ee "nfs: allow coalescing of subpage requests" got rid of the requirement that requests cover whole pages, but it made some incorrect assumptions. It turns out that callers of this interface can map adjacent requests (by file position as seen by req_offset + req->wb_bytes) to different pages, even when they could share a page. An example is the direct I/O interface - iov_iter_get_pages_alloc may return one segment with a partial page filled and the next segment (which is adjacent in the file position) starts with a new page. Reported-by: Toralf Förster <toralf.foerster@gmx.de> Signed-off-by: Weston Andros Adamson <dros@primarydata.com> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com> 22 August 2014, 22:04:44 UTC
bba5c18 Weston Andros Adamson 14 August 2014, 21:39:32 UTC nfs: disallow duplicate pages in pgio page vectors Adjacent requests that share the same page are allowed, but should only use one entry in the page vector. This avoids overruning the page vector - it is sized based on how many bytes there are, not by request count. This fixes issues that manifest as "Redzone overwritten" bugs (the vector overrun) and hangs waiting on page read / write, as it waits on the same page more than once. This also adds bounds checking to the page vector with a graceful failure (WARN_ON_ONCE and pgio error returned to application). Reported-by: Toralf Förster <toralf.foerster@gmx.de> Signed-off-by: Weston Andros Adamson <dros@primarydata.com> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com> 22 August 2014, 22:04:44 UTC
7c3af97 Weston Andros Adamson 08 August 2014, 15:00:57 UTC nfs: don't sleep with inode lock in lock_and_join_requests This handles the 'nonblock=false' case in nfs_lock_and_join_requests. If the group is already locked and blocking is allowed, drop the inode lock and wait for the group lock to be cleared before trying it all again. This should fix warnings found in peterz's tree (sched/wait branch), where might_sleep() checks are added to wait.[ch]. Reported-by: Fengguang Wu <fengguang.wu@intel.com> Signed-off-by: Weston Andros Adamson <dros@primarydata.com> Reviewed-by: Peng Tao <tao.peng@primarydata.com> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com> 22 August 2014, 22:04:43 UTC
9497001 Weston Andros Adamson 08 August 2014, 15:00:56 UTC nfs: fix error handling in lock_and_join_requests This fixes handling of errors from nfs_page_group_lock in nfs_lock_and_join_requests. It now releases the inode lock and the reference to the head request. Reported-by: Peng Tao <tao.peng@primarydata.com> Signed-off-by: Weston Andros Adamson <dros@primarydata.com> Reviewed-by: Peng Tao <tao.peng@primarydata.com> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com> 22 August 2014, 22:04:43 UTC
bfd484a Weston Andros Adamson 08 August 2014, 15:00:55 UTC nfs: use blocking page_group_lock in add_request __nfs_pageio_add_request was calling nfs_page_group_lock nonblocking, but this can return -EAGAIN which would end up passing -EIO to the application. There is no reason not to block in this path, so change the two calls to do so. Also, there is no need to check the return value of nfs_page_group_lock when nonblock=false, so remove the error handling code. Signed-off-by: Weston Andros Adamson <dros@primarydata.com> Reviewed-by: Peng Tao <tao.peng@primarydata.com> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com> 22 August 2014, 22:04:43 UTC
bc8a309 Weston Andros Adamson 08 August 2014, 15:00:54 UTC nfs: fix nonblocking calls to nfs_page_group_lock nfs_page_group_lock was calling wait_on_bit_lock even when told not to block. Fix by first trying test_and_set_bit, followed by wait_on_bit_lock if and only if blocking is allowed. Return -EAGAIN if nonblocking and the test_and_set of the bit was already locked. Signed-off-by: Weston Andros Adamson <dros@primarydata.com> Reviewed-by: Peng Tao <tao.peng@primarydata.com> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com> 22 August 2014, 22:04:42 UTC
fd2f3a0 Weston Andros Adamson 08 August 2014, 15:00:53 UTC nfs: change nfs_page_group_lock argument Flip the meaning of the second argument from 'wait' to 'nonblock' to match related functions. Update all five calls to reflect this change. Signed-off-by: Weston Andros Adamson <dros@primarydata.com> Reviewed-by: Peng Tao <tao.peng@primarydata.com> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com> 22 August 2014, 22:04:42 UTC
451fd72 Linus Torvalds 22 August 2014, 21:50:21 UTC Merge tag 'pwm/for-3.17-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/thierry.reding/linux-pwm Pull pwm fix from Thierry Reding: "Just one bugfix for the PWM lookup table code that would cause a PWM channel to be set to the wrong period and polarity for non-perfect matches" * tag 'pwm/for-3.17-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/thierry.reding/linux-pwm: pwm: Fix period and polarity in pwm_get() for non-perfect matches 22 August 2014, 21:50:21 UTC
47e4df9 Michal Kazior 18 August 2014, 11:19:09 UTC mac80211: fix channel switch for chanctx-based drivers The new_ctx pointer is set only for non-chanctx drivers. This yielded a crash for chanctx-based drivers during channel switch finalization: BUG: unable to handle kernel NULL pointer dereference at 0000000000000020 IP: ieee80211_vif_use_reserved_switch+0x71c/0xb00 [mac80211] Use an adequate chanctx pointer to fix this. Reported-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Michal Kazior <michal.kazior@tieto.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 22 August 2014, 21:45:49 UTC
433ab34 Linus Torvalds 22 August 2014, 21:33:18 UTC Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net Pull networking fixes from David Miller: "Here are some bug fixes that have piled up during ksummit/linuxcon. 1) Fix endian problems in ibmveth, from Anton Blanchard. 2) IPV6 routing code does GFP_KERNEL allocation in atomic, fix from Benjamin Block. 3) SCTP association fixes from Daniel Borkmann. 4) When multiple VLAN headers are present we have to make sure the second and subsequent ones are pullable in the SKB otherwise we blindly dereference garbage. From Jiri Benc. 5) The argument adjustment of the signature of hlist_add_after*() introduced a regression in the batman-adv code, fix from Sven Eckelmann. 6) Fix TX hang handling to avoid a panic in i40e, from Anjali Singhai Jain. 7) PTP flag test is inverted in i40e driver, from Jesse Brandeburg. 8) ATM LEC driver needs to hold RTNL mutex over MTU changes, from Chas Williams. 9) Truncate packets larger then the TPACKET_V3 format configured buffers, otherwise we overwrite past the end of said buffers. From Eric Dumazet. 10) Fix endianness bugs in qlcnic firmware handling, from Rajesh Borundia and Shahed Shaikh. 11) CXGB4 sometimes doesn't get all of the TX completion events it should resulting in SKBs getting stuck in the TX queue, from Hariprasad Shenai. 12) When the FEC chip's PTP clock is disabled, you can't access the register. Add necessary checks to avoid the resulting hang, from Fugang Duan" * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (37 commits) drivers: isdn: eicon: xdi_msg.h: Fix typo in #ifndef net: sctp: fix suboptimal edge-case on non-active active/retrans path selection net: sctp: spare unnecessary comparison in sctp_trans_elect_best net: ethernet: broadcom: bnx2x: Remove redundant #ifdef ibmveth: Fix endian issues with rx_no_buffer statistic net: xgene: fix possible NULL dereference in xgene_enet_free_desc_rings() openvswitch: fix panic with multiple vlan headers net: ipv6: fib: don't sleep inside atomic lock net: fec: ptp: avoid register access when ipg clock is disabled cxgb4: Free completed tx skbs promptly cxgb4: Fix race condition in cleanup sctp: not send SCTP_PEER_ADDR_CHANGE notifications with failed probe bnx2x: Revert UNDI flushing mechanism qlcnic: Fix endianess issue in firmware load from file operation qlcnic: Fix endianess issue in FW dump template header qlcnic: Fix flash access interface to application MAINTAINERS: Add section for MRF24J40 IEEE 802.15.4 radio driver macvlan: Allow setting multicast filter on all macvlan types packet: handle too big packets for PACKET_V3 MAINTAINERS: add entry for ec_bhf driver ... 22 August 2014, 21:33:18 UTC
2ba136d Tony Battersby 22 August 2014, 19:53:35 UTC fix regression in SCSI_IOCTL_SEND_COMMAND blk_rq_set_block_pc() memsets rq->cmd to 0, so it should come immediately after blk_get_request() to avoid overwriting the user-supplied CDB. Also check for failure to allocate rq. Fixes: f27b087b81b7 ("block: add blk_rq_set_block_pc()") Cc: <stable@vger.kernel.org> # 3.16.x Signed-off-by: Tony Battersby <tonyb@cybernetics.com> Signed-off-by: Jens Axboe <axboe@fb.com> 22 August 2014, 20:04:33 UTC
6f4a162 Tony Battersby 22 August 2014, 19:53:39 UTC scsi-mq: fix requests that use a separate CDB buffer This patch fixes code such as the following with scsi-mq enabled: rq = blk_get_request(...); blk_rq_set_block_pc(rq); rq->cmd = my_cmd_buffer; /* separate CDB buffer */ blk_execute_rq_nowait(...); Code like this appears in e.g. sg_start_req() in drivers/scsi/sg.c (for large CDBs only). Without this patch, scsi_mq_prep_fn() will set rq->cmd back to rq->__cmd, causing the wrong CDB to be sent to the device. Signed-off-by: Tony Battersby <tonyb@cybernetics.com> Signed-off-by: Jens Axboe <axboe@fb.com> 22 August 2014, 20:04:31 UTC
bce0b6c Steven Rostedt (Red Hat) 21 August 2014, 03:57:04 UTC ftrace: Fix up trampoline accounting with looping on hash ops Now that a ftrace_hash can be shared by multiple ftrace_ops, they can dec the rec->flags by more than once (one per those that share the ftrace_hash). This means that the tramp_hash may not have a hash item when it was added. For example, if two ftrace_ops share a hash for a ftrace record, and the first ops has a trampoline, when it adds itself it will set the rec->flags TRAMP flag and increments its nr_trampolines counter. When the second ops is added, it must clear that tramp flag but also decrement the other ops that shares its hash. As the update to the function callbacks has not yet been performed, the other ops will not have the tramp hash set yet and it can not be used to know to decrement its nr_trampolines. Luckily, the tramp_hash does not need to be used. As the ftrace_mutex is held, a ops with a trampoline to a record during an update of another ops that shares the record will have its func_hash pointing to it. Since a trampoline can only be set for a record if only one ops is attached to it, we can just check if the record has a trampoline (the FTRACE_FL_TRAMP flag is set) and then find the ops that has this record in its hashes. Also added some output to help debug when things go wrong. Cc: stable@vger.kernel.org # 3.16+ (apply after 3.17-rc4 is out) Signed-off-by: Steven Rostedt <rostedt@goodmis.org> 22 August 2014, 19:24:12 UTC
faaa552 Rasmus Villemoes 22 August 2014, 16:39:14 UTC drivers: isdn: eicon: xdi_msg.h: Fix typo in #ifndef Test for definedness of the macro which is actually defined (the change is hard to see: it is s/SSS/SSA/). Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 18:31:30 UTC
aa4a83e Daniel Borkmann 22 August 2014, 11:03:30 UTC net: sctp: fix suboptimal edge-case on non-active active/retrans path selection In SCTP, selection of active (T.ACT) and retransmission (T.RET) transports is being done whenever transport control operations (UP, DOWN, PF, ...) are engaged through sctp_assoc_control_transport(). Commits 4c47af4d5eb2 ("net: sctp: rework multihoming retransmission path selection to rfc4960") and a7288c4dd509 ("net: sctp: improve sctp_select_active_and_retran_path selection") have both improved it towards a more fine-grained and optimal path selection. Currently, the selection algorithm for T.ACT and T.RET is as follows: 1) Elect the two most recently used ACTIVE transports T1, T2 for T.ACT, T.RET, where T.ACT<-T1 and T1 is most recently used 2) In case primary path T.PRI not in {T1, T2} but ACTIVE, set T.ACT<-T.PRI and T.RET<-T1 3) If only T1 is ACTIVE from the set, set T.ACT<-T1 and T.RET<-T1 4) If none is ACTIVE, set T.ACT<-best(T.PRI, T.RET, T3) where T3 is the most recently used (if avail) in PF, set T.RET<-T.PRI Prior to above commits, 4) was simply a camp on T.ACT<-T.PRI and T.RET<-T.PRI, ignoring possible paths in PF. Camping on T.PRI is still slightly suboptimal as it can lead to the following scenario: Setup: <A> <B> T1: p1p1 (10.0.10.10) <==> .'`) <==> p1p1 (10.0.10.12) <= T.PRI T2: p1p2 (10.0.10.20) <==> (_ . ) <==> p1p2 (10.0.10.22) net.sctp.rto_min = 1000 net.sctp.path_max_retrans = 2 net.sctp.pf_retrans = 0 net.sctp.hb_interval = 1000 T.PRI is permanently down, T2 is put briefly into PF state (e.g. due to link flapping). Here, the first time transmission is sent over PF path T2 as it's the only non-INACTIVE path, but the retransmitted data-chunks are sent over the INACTIVE path T1 (T.PRI), which is not good. After the patch, it's choosing better transports in both cases by modifying step 4): 4) If none is ACTIVE, set T.ACT_new<-best(T.ACT_old, T3) where T3 is the most recently used (if avail) in PF, set T.RET<-T.ACT_new This will still select a best possible path in PF if available (which can also include T.PRI/T.RET), and set both T.ACT/T.RET to it. In case sctp_assoc_control_transport() *just* put T.ACT_old into INACTIVE as it transitioned from ACTIVE->PF->INACTIVE and stays in INACTIVE just for a very short while before going back ACTIVE, it will guarantee that this path will be reselected for T.ACT/T.RET since T3 (PF) is not available. Previously, this was not possible, as we would only select between T.PRI and T.RET, and a possible T3 would be NULL due to the fact that we have just transitioned T3 in sctp_assoc_control_transport() from PF->INACTIVE and would select a suboptimal path when T.PRI/T.RET have worse properties. In the case that T.ACT_old permanently went to INACTIVE during this transition and there's no PF path available, plus T.PRI and T.RET are INACTIVE as well, we would now camp on T.ACT_old, but if everything is being INACTIVE there's really not much we can do except hoping for a successful HB to bring one of the transports back up again and, thus cause a new selection through sctp_assoc_control_transport(). Now both tests work fine: Case 1: 1. T1 S(ACTIVE) T.ACT T2 S(ACTIVE) T.RET 2. T1 S(ACTIVE) T.ACT, T.RET T2 S(PF) 3. T1 S(ACTIVE) T.ACT, T.RET T2 S(INACTIVE) 5. T1 S(PF) T.ACT, T.RET T2 S(INACTIVE) [ 5.1 T1 S(INACTIVE) T.ACT, T.RET T2 S(INACTIVE) ] 6. T1 S(ACTIVE) T.ACT, T.RET T2 S(INACTIVE) 7. T1 S(ACTIVE) T.ACT T2 S(ACTIVE) T.RET Case 2: 1. T1 S(ACTIVE) T.ACT T2 S(ACTIVE) T.RET 2. T1 S(PF) T2 S(ACTIVE) T.ACT, T.RET 3. T1 S(INACTIVE) T2 S(ACTIVE) T.ACT, T.RET 5. T1 S(INACTIVE) T2 S(PF) T.ACT, T.RET [ 5.1 T1 S(INACTIVE) T2 S(INACTIVE) T.ACT, T.RET ] 6. T1 S(INACTIVE) T2 S(ACTIVE) T.ACT, T.RET 7. T1 S(ACTIVE) T.ACT T2 S(ACTIVE) T.RET Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Acked-by: Vlad Yasevich <vyasevich@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 18:31:30 UTC
ea4f19c Daniel Borkmann 22 August 2014, 11:03:29 UTC net: sctp: spare unnecessary comparison in sctp_trans_elect_best When both transports are the same, we don't have to go down that road only to realize that we will return the very same transport. We are guaranteed that curr is always non-NULL. Therefore, just short-circuit this special case. Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Acked-by: Vlad Yasevich <vyasevich@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 18:31:30 UTC
7d149c5 Rasmus Villemoes 20 August 2014, 13:14:49 UTC net: ethernet: broadcom: bnx2x: Remove redundant #ifdef Nothing defines _ASM_GENERIC_INT_L64_H, it is a weird way to check for 64 bit longs, and u64 should be printed using %llx anyway. Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 18:29:58 UTC
cbd5228 Anton Blanchard 22 August 2014, 01:36:52 UTC ibmveth: Fix endian issues with rx_no_buffer statistic Hidden away in the last 8 bytes of the buffer_list page is a solitary statistic. It needs to be byte swapped or else ethtool -S will produce numbers that terrify the user. Since we do this in multiple places, create a helper function with a comment explaining what is going on. Signed-off-by: Anton Blanchard <anton@samba.org> Cc: stable@vger.kernel.org Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 18:28:00 UTC
c10e4ca Iyappan Subramanian 21 August 2014, 20:44:48 UTC net: xgene: fix possible NULL dereference in xgene_enet_free_desc_rings() A NULL pointer dereference is possible for the argument ring->buf_pool which is passed to xgene_enet_free_desc_ring(), as ring could be NULL. And now since NULL pointers are being checked for before the calls to xgene_enet_free_desc_ring(), might as well take advantage of them and not call the function if the argument would be NULL. Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Iyappan Subramanian <isubramanian@apm.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 18:25:25 UTC
2ba5af4 Jiri Benc 21 August 2014, 19:33:44 UTC openvswitch: fix panic with multiple vlan headers When there are multiple vlan headers present in a received frame, the first one is put into vlan_tci and protocol is set to ETH_P_8021Q. Anything in the skb beyond the VLAN TPID may be still non-linear, including the inner TCI and ethertype. While ovs_flow_extract takes care of IP and IPv6 headers, it does nothing with ETH_P_8021Q. Later, if OVS_ACTION_ATTR_POP_VLAN is executed, __pop_vlan_tci pulls the next vlan header into vlan_tci. This leads to two things: 1. Part of the resulting ethernet header is in the non-linear part of the skb. When eth_type_trans is called later as the result of OVS_ACTION_ATTR_OUTPUT, kernel BUGs in __skb_pull. Also, __pop_vlan_tci is in fact accessing random data when it reads past the TPID. 2. network_header points into the ethernet header instead of behind it. mac_len is set to a wrong value (10), too. Reported-by: Yulong Pei <ypei@redhat.com> Signed-off-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 18:24:04 UTC
793c3b4 Benjamin Block 21 August 2014, 17:37:48 UTC net: ipv6: fib: don't sleep inside atomic lock The function fib6_commit_metrics() allocates a piece of memory in mode GFP_KERNEL while holding an atomic lock from higher up in the stack, in the function __ip6_ins_rt(). This produces the following BUG: > BUG: sleeping function called from invalid context at mm/slub.c:1250 > in_atomic(): 1, irqs_disabled(): 0, pid: 2909, name: dhcpcd > 2 locks held by dhcpcd/2909: > #0: (rtnl_mutex){+.+.+.}, at: [<ffffffff81978e67>] rtnl_lock+0x17/0x20 > #1: (&tb->tb6_lock){++--+.}, at: [<ffffffff81a6951a>] ip6_route_add+0x65a/0x800 > CPU: 1 PID: 2909 Comm: dhcpcd Not tainted 3.17.0-rc1 #1 > Hardware name: ASUS All Series/Q87T, BIOS 0216 10/16/2013 > 0000000000000008 ffff8800c8f13858 ffffffff81af135a 0000000000000000 > ffff880212202430 ffff8800c8f13878 ffffffff810f8d3a ffff880212202c98 > 0000000000000010 ffff8800c8f138c8 ffffffff8121ad0e 0000000000000001 > Call Trace: > [<ffffffff81af135a>] dump_stack+0x4e/0x68 > [<ffffffff810f8d3a>] __might_sleep+0x10a/0x120 > [<ffffffff8121ad0e>] kmem_cache_alloc_trace+0x4e/0x190 > [<ffffffff81a6bcd6>] ? fib6_commit_metrics+0x66/0x110 > [<ffffffff81a6bcd6>] fib6_commit_metrics+0x66/0x110 > [<ffffffff81a6cbf3>] fib6_add+0x883/0xa80 > [<ffffffff81a6951a>] ? ip6_route_add+0x65a/0x800 > [<ffffffff81a69535>] ip6_route_add+0x675/0x800 > [<ffffffff81a68f2a>] ? ip6_route_add+0x6a/0x800 > [<ffffffff81a6990c>] inet6_rtm_newroute+0x5c/0x80 > [<ffffffff8197cf01>] rtnetlink_rcv_msg+0x211/0x260 > [<ffffffff81978e67>] ? rtnl_lock+0x17/0x20 > [<ffffffff81119708>] ? lock_release_holdtime+0x28/0x180 > [<ffffffff81978e67>] ? rtnl_lock+0x17/0x20 > [<ffffffff8197ccf0>] ? __rtnl_unlock+0x20/0x20 > [<ffffffff819a989e>] netlink_rcv_skb+0x6e/0xd0 > [<ffffffff81978ee5>] rtnetlink_rcv+0x25/0x40 > [<ffffffff819a8e59>] netlink_unicast+0xd9/0x180 > [<ffffffff819a9600>] netlink_sendmsg+0x700/0x770 > [<ffffffff81103735>] ? local_clock+0x25/0x30 > [<ffffffff8194e83c>] sock_sendmsg+0x6c/0x90 > [<ffffffff811f98e3>] ? might_fault+0xa3/0xb0 > [<ffffffff8195ca6d>] ? verify_iovec+0x7d/0xf0 > [<ffffffff8194ec3e>] ___sys_sendmsg+0x37e/0x3b0 > [<ffffffff8111ef15>] ? trace_hardirqs_on_caller+0x185/0x220 > [<ffffffff81af979e>] ? mutex_unlock+0xe/0x10 > [<ffffffff819a55ec>] ? netlink_insert+0xbc/0xe0 > [<ffffffff819a65e5>] ? netlink_autobind.isra.30+0x125/0x150 > [<ffffffff819a6520>] ? netlink_autobind.isra.30+0x60/0x150 > [<ffffffff819a84f9>] ? netlink_bind+0x159/0x230 > [<ffffffff811f989a>] ? might_fault+0x5a/0xb0 > [<ffffffff8194f25e>] ? SYSC_bind+0x7e/0xd0 > [<ffffffff8194f8cd>] __sys_sendmsg+0x4d/0x80 > [<ffffffff8194f912>] SyS_sendmsg+0x12/0x20 > [<ffffffff81afc692>] system_call_fastpath+0x16/0x1b Fixing this by replacing the mode GFP_KERNEL with GFP_ATOMIC. Signed-off-by: Benjamin Block <bebl@mageta.org> Acked-by: David Rientjes <rientjes@google.com> Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 17:54:49 UTC
91c0d98 Nimrod Andy 21 August 2014, 09:09:38 UTC net: fec: ptp: avoid register access when ipg clock is disabled The current kernel hang on i.MX6SX with rootfs mount from MMC. The root cause is that ptp uses a periodic timer to access enet register even if ipg clock is disabled. FEC ptp driver start one period timer to read 1588 counter register in the ptp init function that is called after FEC driver is probed. To save power, after FEC probe finish, FEC driver disable all clocks including ipg clock that is needed for register access. i.MX5x, i.MX6q/dl/sl FEC register access don't cause system hang when ipg clock is disabled, just return zero value. But for i.MX6sx SOC, it cause system hang. To avoid the issue, we need to check ptp clock status before ptp timer count access. Signed-off-by: Fugang Duan <B38611@freescale.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 17:45:56 UTC
8426191 Steven Rostedt (Red Hat) 18 August 2014, 17:21:08 UTC ftrace: Update all ftrace_ops for a ftrace_hash_ops update When updating what an ftrace_ops traces, if it is registered (that is, actively tracing), and that ftrace_ops uses the shared global_ops local_hash, then we need to update all tracers that are active and also share the global_ops' ftrace_hash_ops. Cc: stable@vger.kernel.org # 3.16 (apply after 3.17-rc4 is out) Signed-off-by: Steven Rostedt <rostedt@goodmis.org> 22 August 2014, 17:21:14 UTC
33b7f99 Steven Rostedt (Red Hat) 15 August 2014, 21:23:02 UTC ftrace: Allow ftrace_ops to use the hashes from other ops Currently the top level debug file system function tracer shares its ftrace_ops with the function graph tracer. This was thought to be fine because the tracers are not used together, as one can only enable function or function_graph tracer in the current_tracer file. But that assumption proved to be incorrect. The function profiler can use the function graph tracer when function tracing is enabled. Since all function graph users uses the function tracing ftrace_ops this causes a conflict and when a user enables both function profiling as well as the function tracer it will crash ftrace and disable it. The quick solution so far is to move them as separate ftrace_ops like it was earlier. The problem though is to synchronize the functions that are traced because both function and function_graph tracer are limited by the selections made in the set_ftrace_filter and set_ftrace_notrace files. To handle this, a new structure is made called ftrace_ops_hash. This structure will now hold the filter_hash and notrace_hash, and the ftrace_ops will point to this structure. That will allow two ftrace_ops to share the same hashes. Since most ftrace_ops do not share the hashes, and to keep allocation simple, the ftrace_ops structure will include both a pointer to the ftrace_ops_hash called func_hash, as well as the structure itself, called local_hash. When the ops are registered, the func_hash pointer will be initialized to point to the local_hash within the ftrace_ops structure. Some of the ftrace internal ftrace_ops will be initialized statically. This will allow for the function and function_graph tracer to have separate ops but still share the same hash tables that determine what functions they trace. Cc: stable@vger.kernel.org # 3.16 (apply after 3.17-rc4 is out) Signed-off-by: Steven Rostedt <rostedt@goodmis.org> 22 August 2014, 17:18:48 UTC
26d189b Linus Torvalds 22 August 2014, 16:08:20 UTC Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 fixes from Will Deacon: "This small set of fixes addresses a few issues introduced during the merge window, including: - fix typo in I-cache detection that was causing us to treat all I-caches as aliasing - hook up memfd_create and getrandom syscalls for native and compat - revert a temporary hack for defconfig builds in -next (the audit tree changes didn't make it in this merge window) - a couple of UEFI fixes for TEXT_OFFSET fuzzing and /memreserve/ - a simple sparsemem fix for 48-bit physical addressing - small defconfig updates to get autotesters working with X-gene" * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: Revert "arm64: Do not invoke audit_syscall_* functions if !CONFIG_AUDIT_SYSCALL" arm64: mm: update max pa bits to 48 arm64: ignore DT memreserve entries when booting in UEFI mode arm64: configs: Enable X-Gene SATA and ethernet in defconfig arm64: align randomized TEXT_OFFSET on 4 kB boundary asm-generic: add memfd_create system call to unistd.h arm64: compat: wire up memfd_create and getrandom syscalls for aarch32 arm64: fix typo in I-cache policy detection 22 August 2014, 16:08:20 UTC
1ae45cf Linus Torvalds 22 August 2014, 16:06:22 UTC Merge tag 'iommu-fixes-v3.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu Pull IOMMU fixes from Joerg Roedel: "The fixes include: - fix a crash in the VT-d driver when devices with a driver attached are hot-unplugged - fix a AMD IOMMU driver crash with device assignment of 32 bit PCI devices to KVM guests - fix for a copy&paste error in generic IOMMU code. Now the right function pointer is checked before calling" * tag 'iommu-fixes-v3.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu: iommu/core: Check for the right function pointer in iommu_map() iommu/amd: Fix cleanup_domain for mass device removal iommu/vt-d: Defer domain removal if device is assigned to a driver 22 August 2014, 16:06:22 UTC
37dbeab Alex Deucher 21 August 2014, 14:55:07 UTC drm/radeon: add additional SI pci ids Signed-off-by: Alex Deucher <alexander.deucher@amd.com> Cc: stable@vger.kernel.org 22 August 2014, 14:47:59 UTC
5fc540e Alex Deucher 21 August 2014, 14:48:11 UTC drm/radeon: add new bonaire pci ids Signed-off-by: Alex Deucher <alexander.deucher@amd.com> Cc: stable@vger.kernel.org 22 August 2014, 14:47:59 UTC
6dc14ba Alex Deucher 21 August 2014, 14:41:42 UTC drm/radeon: add new KV pci id bug: https://bugs.freedesktop.org/show_bug.cgi?id=82912 Signed-off-by: Alex Deucher <alexander.deucher@amd.com> Cc: stable@vger.kernel.org 22 August 2014, 14:47:58 UTC
e0b760f Jeff Layton 22 August 2014, 13:58:22 UTC locks: pass correct "before" pointer to locks_unlink_lock in generic_add_lease The argument to locks_unlink_lock can't be just any pointer to a pointer. It must be a pointer to the fl_next field in the previous lock in the list. Cc: <stable@vger.kernel.org> # v3.15+ Signed-off-by: Jeff Layton <jlayton@primarydata.com> Reviewed-by: Christoph Hellwig <hch@lst.de> 22 August 2014, 13:58:22 UTC
94a988a Takashi Iwai 22 August 2014, 09:18:48 UTC ALSA: pcm: Fix the silence data for DSD formats Right now we set 0 as the silence data for DSD_U8 and DSD_U16 formats, but this is actually wrong. 0 is rather the most negative value. Alternatively, we may take the repeating 0x69 pattern like ffmpeg deploys. Reference: https://ffmpeg.org/pipermail/ffmpeg-cvslog/2014-April/076427.html Suggested-by: Alexander E. Patrakov <patrakov@gmail.com> Signed-off-by: Takashi Iwai <tiwai@suse.de> 22 August 2014, 09:24:58 UTC
ee3043b Rasmus Villemoes 22 August 2014, 09:23:09 UTC ALSA: ctxfi: ct20k1reg: Fix typo in include guard Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk> Signed-off-by: Takashi Iwai <tiwai@suse.de> 22 August 2014, 09:24:57 UTC
3c25d04 Rasmus Villemoes 22 August 2014, 09:22:09 UTC ALSA: hda: ca0132_regs.h: Fix typo in include guard Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk> Signed-off-by: Takashi Iwai <tiwai@suse.de> 22 August 2014, 09:24:11 UTC
80b304f Ingo Molnar 22 August 2014, 08:04:15 UTC Merge tag 'efi-urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/mfleming/efi into x86/urgent Pull EFI fixes from Matt Fleming: * WARN_ON(!spin_is_locked()) always triggers on non-SMP machines. Swap it for the more canonical lockdep_assert_held() which always does the right thing - Guenter Roeck * Assign the correct value to efi.runtime_version on arm64 so that all the runtime services can be invoked - Semen Protsenko Signed-off-by: Ingo Molnar <mingo@kernel.org> 22 August 2014, 08:04:15 UTC
6a7519e Semen Protsenko 15 August 2014, 13:22:44 UTC efi/arm64: Store Runtime Services revision "efi" global data structure contains "runtime_version" field which must be assigned in order to use it later in Runtime Services virtual calls (virt_efi_* functions). Before this patch "runtime_version" was unassigned (0), so each Runtime Service virtual call that checks revision would fail. Signed-off-by: Semen Protsenko <semen.protsenko@linaro.org> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: <stable@vger.kernel.org> Signed-off-by: Matt Fleming <matt.fleming@intel.com> 22 August 2014, 07:45:41 UTC
aee530c Guenter Roeck 13 August 2014, 18:21:34 UTC firmware: Do not use WARN_ON(!spin_is_locked()) spin_is_locked() always returns false for uniprocessor configurations in several architectures, so do not use WARN_ON with it. Use lockdep_assert_held() instead to also reduce overhead in non-debug kernels. Signed-off-by: Guenter Roeck <linux@roeck-us.net> Cc: <stable@vger.kernel.org> Signed-off-by: Matt Fleming <matt.fleming@intel.com> 22 August 2014, 07:45:40 UTC
ddc64b2 Clemens Ladisch 21 August 2014, 18:55:21 UTC ALSA: core: fix buffer overflow in snd_info_get_line() snd_info_get_line() documents that its last parameter must be one less than the buffer size, but this API design guarantees that (literally) every caller gets it wrong. Just change this parameter to have its obvious meaning. Reported-by: Tommi Rantala <tt.rantala@gmail.com> Cc: <stable@vger.kernel.org> # v2.2.26+ Signed-off-by: Clemens Ladisch <clemens@ladisch.de> Signed-off-by: Takashi Iwai <tiwai@suse.de> 22 August 2014, 05:21:05 UTC
08f1a1b Hariprasad Shenai 21 August 2014, 11:34:46 UTC cxgb4: Free completed tx skbs promptly Description of problem: The NIC card is not reporting back to the driver the transmitted skbs, so they get stuck in the TX ring causing issues with reference counters in other kernel components. Developed a new Automatic Egress Queue Update firmware facility to slowly tick through Egress Queues and send back any outstanding CIDX Updates which are laying around. Based on original work by Casey Leedom <leedom@chelsio.com> Signed-off-by: Hariprasad Shenai <hariprasad@chelsio.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 04:54:52 UTC
215a004 David S. Miller 22 August 2014, 04:53:15 UTC Merge tag 'linux-can-fixes-for-3.17-20140821' of git://gitorious.org/linux-can/linux-can Marc Kleine-Budde says: ==================== pull-request: can 2014-08-21 The first patch is from Mirza Krak, it fixes the initialization of the hardware in the sja1000 driver. The next patch is contributed by Dan Carpenter, it fixes the error handling in the c_can's probe function. Then there are two patches for the flexcan driver, one by Alexander Stein, which fixes the resetting of the bus error interrupt mask, the other one by Sebastian Andrzej Siewior which adds an additional error state transition message. ==================== Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 04:53:15 UTC
29aaee6 Anish Bhatt 20 August 2014, 20:44:06 UTC cxgb4: Fix race condition in cleanup There is a possible race condition when we unregister the PCI Driver and then flush/destroy the global "workq". This could lead to situations where there are tasks on the Work Queue with references to now deleted adapter data structures. Instead, have per-adapter Work Queues which were instantiated and torn down in init_one() and remove_one(), respectively. v2: Remove unnecessary call to flush_workqueue() before destroy_workqueue() Signed-off-by: Anish Bhatt <anish@chelsio.com> Signed-off-by: Casey Leedom <leedom@chelsio.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 04:45:36 UTC
061079a zhuyj 20 August 2014, 09:31:43 UTC sctp: not send SCTP_PEER_ADDR_CHANGE notifications with failed probe Since the transport has always been in state SCTP_UNCONFIRMED, it therefore wasn't active before and hasn't been used before, and it always has been, so it is unnecessary to bug the user with a notification. Reported-by: Deepak Khandelwal <khandelwal.deepak.1987@gmail.com> Suggested-by: Vlad Yasevich <vyasevich@gmail.com> Suggested-by: Michael Tuexen <tuexen@fh-muenster.de> Suggested-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: Zhu Yanjun <Yanjun.Zhu@windriver.com> Acked-by: Vlad Yasevich <vyasevich@gmail.com> Acked-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 04:33:17 UTC
049d280 Geert Uytterhoeven 20 August 2014, 13:39:22 UTC sh: intc: Confine SH_INTC to platforms that need it Currently the sh-intc driver is compiled on all SuperH and non-multiplatform SH-Mobile platforms, while it's only used on a limited number of platforms: - SuperH: SH2(A), SH3(A), SH4(A)(L) (all but SH5) - ARM: sh7372, sh73a0 Drop the "default y" on SH_INTC, make all CPU platforms that use it select it, and protect all sub-options by "if SH_INTC" to fix this. Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be> Acked-by: Magnus Damm <damm+renesas@opensource.se> Signed-off-by: Simon Horman <horms+renesas@verge.net.au> 22 August 2014, 03:28:16 UTC
a57821c Christoph Hellwig 22 August 2014, 01:39:53 UTC block: support > 16 byte CDBs for SG_IO Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Boaz Harrosh <boaz@plexistor.com> Signed-off-by: Jens Axboe <axboe@fb.com> 22 August 2014, 01:42:01 UTC
2cada58 Christoph Hellwig 22 August 2014, 01:38:27 UTC block: cleanup error handling in sg_io Make sure we always clean up through the out label and just have a single place to put the request. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Jens Axboe <axboe@fb.com> 22 August 2014, 01:42:01 UTC
aeac318 Dmitry Monakhov 18 August 2014, 08:49:08 UTC brd: add ram disk visibility option Currenly ram disk is not visiable inside /proc/partitions. This was done for compatibility reasons here: 53978d0a7a27. But some utilities expect disk presents in /proc/partitions. Let's add module's option and let's administrator chose visibility behaviour. By default, old behaviour preserved. Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org> Signed-off-by: Jens Axboe <axboe@fb.com> 22 August 2014, 01:42:01 UTC
ffb5db7 Michal Simek 13 August 2014, 11:59:50 UTC block: systemace: Remove .owner field for driver There is no need to init .owner field. Based on the patch from Peter Griffin <peter.griffin@linaro.org> "mmc: remove .owner field for drivers using module_platform_driver" This patch removes the superflous .owner field for drivers which use the module_platform_driver API, as this is overriden in platform_driver_register anyway." Signed-off-by: Michal Simek <michal.simek@xilinx.com> Signed-off-by: Jens Axboe <axboe@fb.com> 22 August 2014, 01:37:54 UTC
cddd5d1 Tejun Heo 16 August 2014, 12:02:24 UTC blk-mq: blk_mq_freeze_queue() should allow nesting While converting to percpu_ref for freezing, add703fda981 ("blk-mq: use percpu_ref for mq usage count") incorrectly made blk_mq_freeze_queue() misbehave when freezing is nested due to percpu_ref_kill() being invoked on an already killed ref. Fix it by making blk_mq_freeze_queue() kill and kick the queue only for the outermost freeze attempt. All the nested ones can simply wait for the ref to reach zero. While at it, remove unnecessary @wake initialization from blk_mq_unfreeze_queue(). Signed-off-by: Tejun Heo <tj@kernel.org> Reported-by: Ming Lei <ming.lei@canonical.com> Signed-off-by: Jens Axboe <axboe@fb.com> 22 August 2014, 01:37:51 UTC
a68aafa Jens Axboe 15 August 2014, 19:19:15 UTC blk-mq: correct a few wrong/bad comments Just grammar or spelling errors, nothing major. Signed-off-by: Jens Axboe <axboe@fb.com> 22 August 2014, 01:37:49 UTC
16f408d Sagi Grimberg 13 August 2014, 11:49:31 UTC block: Fix BUG_ON when pi errors occur When getting a pi error we get to bio_integrity_end_io with bi_remaining already decremented to 0 where we will eventually need to call bio_endio with restored original bio completion handler. Calling bio_endio invokes a BUG_ON(). We should call bio_endio_nodec instead, like what is done in bio_integrity_verify_fn. Signed-off-by: Sagi Grimberg <sagig@mellanox.com> Signed-off-by: Jens Axboe <axboe@fb.com> 22 August 2014, 01:37:47 UTC
274a584 Jens Axboe 15 August 2014, 18:44:08 UTC blk-mq: don't allow merges if turned off for the queue blk-mq uses BLK_MQ_F_SHOULD_MERGE, as set by the driver at init time, to determine whether it should merge IO or not. However, this could also be disabled by the admin, if merging is switched off through sysfs. So check the general queue state as well before attempting to merge IO. Reported-by: Rob Elliott <Elliott@hp.com> Tested-by: Rob Elliott <Elliott@hp.com> Signed-off-by: Jens Axboe <axboe@fb.com> 22 August 2014, 01:37:45 UTC
58b80ad Kuninori Morimoto 06 August 2014, 01:24:51 UTC ARM: shmobile: r8a7791: add missing 0x0100 for SDCKCR 4bfb358b1d6cdeff8c6a13677f01ed78e9696b98 (ARM: shmobile: Add r8a7791 legacy SDHI clocks) added r8a7791 SDHI clock support. But, it is missing "0x0100: x 1/8" division ratio. This patch fixes hidden bug. It is based on R-Car H2 v0.7, R-Car M2 v0.9. Reported-by: Yusuke Goda <yusuke.goda.sx@renesas.com> Signed-off-by: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com> Signed-off-by: Simon Horman <horms+renesas@verge.net.au> 22 August 2014, 00:59:54 UTC
4fb12fe Kuninori Morimoto 06 August 2014, 01:24:30 UTC ARM: shmobile: r8a7790: add missing 0x0100 for SDCKCR 9f13ee6f83c52065112d3e396e42e3780911ef53 (ARM: shmobile: r8a7790: add div4 clocks) added r8a7790 DIV4 clock support. But, it is missing "0x0100: x 1/8" division ratio. This patch fixes hidden bug. It is based on R-Car H2 v0.7, R-Car M2 v0.9. Reported-by: Yusuke Goda <yusuke.goda.sx@renesas.com> Signed-off-by: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com> Signed-off-by: Simon Horman <horms+renesas@verge.net.au> 22 August 2014, 00:59:42 UTC
7c3afd8 Yuval Mintz 18 August 2014, 19:36:23 UTC bnx2x: Revert UNDI flushing mechanism Commit 91ebb929b6f8 ("bnx2x: Add support for Multi-Function UNDI") [which was later supposedly fixed by de682941eef3 ("bnx2x: Fix UNDI driver unload")] introduced a bug in which in some [yet-to-be-determined] scenarios the alternative flushing mechanism which was to guarantee the Rx buffers are empty before resetting them during device probe will fail. If this happens, when device will be loaded once more a fatal attention will occur; Since this most likely happens in boot from SAN scenarios, the machine will fail to load. Notice this may occur not only in the 'Multi-Function' scenario but in the regular scenario as well, i.e., this introduced a regression in the driver's ability to perform boot from SAN. The patch reverts the mechanism and applies the old scheme to multi-function devices as well as to single-function devices. Signed-off-by: Yuval Mintz <Yuval.Mintz@qlogic.com> Signed-off-by: Ariel Elior <Ariel.Elior@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 00:54:43 UTC
9a6d33c David S. Miller 22 August 2014, 00:43:20 UTC Merge branch 'qlcnic' Shahed Shaikh says: ==================== qlcnic: Bug fixes This series fixes some bugs related to endianess. Please apply this series to net. ==================== Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 00:43:20 UTC
3d8623e Shahed Shaikh 18 August 2014, 13:31:55 UTC qlcnic: Fix endianess issue in firmware load from file operation Firmware binary file is in little endian. On big-endian architecture, while writing this binary FW file to adapters memory, writel() swaps the data resulting into corruption of FW image. So, swap the data before writing into adapters memory. Signed-off-by: Shahed Shaikh <shahed.shaikh@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 00:43:15 UTC
d874df5 Rajesh Borundia 18 August 2014, 13:31:54 UTC qlcnic: Fix endianess issue in FW dump template header Firmware dump template header is read from adapter using readl() which swaps the data. So, adjust structure element on the boundary of 32bit dword. Signed-off-by: Rajesh Borundia <rajesh.borundia@qlogic.com> Signed-off-by: Shahed Shaikh <shahed.shaikh@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 00:43:15 UTC
26acc71 Jitendra Kalsaria 18 August 2014, 13:31:53 UTC qlcnic: Fix flash access interface to application Application expects flash data in little endian, but driver reads/writes flash data using readl()/writel() APIs which swaps data on big endian machine. So, swap the data after reading from and before writing to flash memory. Signed-off-by: Jitendra Kalsaria <jitendra.kalsaria@qlogic.com> Signed-off-by: Shahed Shaikh <shahed.shaikh@qlogic.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 00:43:15 UTC
d715569 Alan Ott 16 August 2014, 21:09:03 UTC MAINTAINERS: Add section for MRF24J40 IEEE 802.15.4 radio driver Alan is the original author of the driver. This change was discussed with the 802.15.4 subsystem maintainer, Alexander Aring. Signed-off-by: Alan Ott <alan@signal11.us> Acked-by: Alexander Aring <alex.aring@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> 22 August 2014, 00:36:50 UTC
8a50f11 Vlad Yasevich 15 August 2014, 17:04:59 UTC macvlan: Allow setting multicast filter on all macvlan types Currently, macvlan code restricts multicast and unicast filter setting only to passthru devices. As a result, if a guest using macvtap wants to receive multicast traffic, it has to set IFF_ALLMULTI or IFF_PROMISC. This patch makes it possible to use the fdb interface to add multicast addresses to the filter thus allowing a guest to receive only targeted multicast traffic. CC: John Fastabend <john.r.fastabend@intel.com> CC: Michael S. Tsirkin <mst@redhat.com> CC: Jason Wang <jasowang@redhat.com> Signed-off-by: Vladislav Yasevich <vyasevic@redhat.com> Acked-by: John Fastabend <john.r.fastabend@intel.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> 21 August 2014, 23:54:25 UTC
dc80811 Eric Dumazet 15 August 2014, 16:16:04 UTC packet: handle too big packets for PACKET_V3 af_packet can currently overwrite kernel memory by out of bound accesses, because it assumed a [new] block can always hold one frame. This is not generally the case, even if most existing tools do it right. This patch clamps too long frames as API permits, and issue a one time error on syslog. [ 394.357639] tpacket_rcv: packet too big, clamped from 5042 to 3966. macoff=82 In this example, packet header tp_snaplen was set to 3966, and tp_len was set to 5042 (skb->len) Signed-off-by: Eric Dumazet <edumazet@google.com> Fixes: f6fb8f100b80 ("af-packet: TPACKET_V3 flexible buffer implementation.") Acked-by: Daniel Borkmann <dborkman@redhat.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net> 21 August 2014, 23:44:28 UTC
564ee36 Dariusz Marcinkiewicz 15 August 2014, 15:50:47 UTC MAINTAINERS: add entry for ec_bhf driver Added entry for ec_bhf driver. Signed-off-by: Dariusz Marcinkiewicz <reksio@newterm.pl> Signed-off-by: David S. Miller <davem@davemloft.net> 21 August 2014, 23:39:34 UTC
6df378d chas williams - CONTRACTOR 14 August 2014, 13:19:47 UTC lec: Use rtnl lock/unlock when updating MTU The LECS response contains the MTU that should be used. Correctly synchronize with other layers when updating. Signed-off-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Signed-off-by: David S. Miller <davem@davemloft.net> 21 August 2014, 23:31:23 UTC
20a984c Dave Airlie 21 August 2014, 21:29:52 UTC Merge tag 'drm-intel-fixes-2014-08-21' of git://anongit.freedesktop.org/drm-intel Display fixes from Ville and Imre, all cc: stable. * tag 'drm-intel-fixes-2014-08-21' of git://anongit.freedesktop.org/drm-intel: drm/i915: don't try to retrain a DP link on an inactive CRTC drm/i915: make sure VDD is turned off during system suspend drm/i915: cancel hotplug and dig_port work during suspend and unload drm/i915: fix HPD IRQ reenable work cancelation drm/i915: take display port power domain in DP HPD handler drm/i915: Don't try to enable cursor from setplane when crtc is disabled drm/i915: Skip load detect when intel_crtc->new_enable==true drm/i915: Fix locking for intel_enable_pipe_a() 21 August 2014, 21:29:52 UTC
c3735ae Dave Airlie 21 August 2014, 21:29:25 UTC Merge branch 'drm-fixes-3.17' of git://people.freedesktop.org/~agd5f/linux more radeon fixes * 'drm-fixes-3.17' of git://people.freedesktop.org/~agd5f/linux: Revert "drm/radeon: Use write-combined CPU mappings of ring buffers with PCIe" drm/radeon: fix active_cu mask on SI and CIK after re-init (v3) drm/radeon: fix active cu count for SI and CIK drm/radeon: re-enable selective GPUVM flushing drm/radeon: Sync ME and PFP after CP semaphore waits v4 drm/radeon: fix display handling in radeon_gpu_reset drm/radeon: fix pm handling in radeon_gpu_reset drm/radeon: Only flush HDP cache for indirect buffers from userspace drm/radeon: properly document reloc priority mask 21 August 2014, 21:29:25 UTC
5317821 Linus Torvalds 21 August 2014, 21:26:27 UTC Merge branch 'for-3.17-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata Pull libata fixes from Tejun Heo: "Nothing drastic but pushing out early due to build breakage in the new tegra platform. Additionally: - M550 tagged trim blacklist pattern is widened so that it matches the new 1TB model - three controller specific fixes" * 'for-3.17-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata: libata: widen Crucial M550 blacklist matching pata_scc: propagate return value of scc_wait_after_reset ata: ahci_tegra: Change include to fix compilation pata_samsung_cf: change ret type to signed ahci_xgene: Removing NCQ support from the APM X-Gene SoC AHCI SATA Host Controller driver. 21 August 2014, 21:26:27 UTC
cee5aa1 Linus Torvalds 21 August 2014, 21:25:20 UTC Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid Pull HID fixes from Jiri Kosina: - fixes for a couple potential memory corruption problems (the HW would have to be manufactured to be deliberately evil to trigger those) found by Ben Hawkes - fix for potential infinite loop when using sysfs interface of logitech driver, from Simon Wood - a couple more simple driver fixes * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid: HID: fix a couple of off-by-ones HID: logitech: perform bounds checking on device_id early enough HID: logitech: fix bounds checking on LED report size HID: logitech: Prevent possibility of infinite loop when using /sys interface HID: rmi: print an error if F11 is not found instead of stopping the device HID: hid-sensor-hub: use devm_ functions consistently HID: huion: Use allocated buffer for DMA HID: huion: Fail on parameter retrieval errors 21 August 2014, 21:25:20 UTC
e9d99a1 Linus Torvalds 21 August 2014, 21:24:40 UTC Merge tag 'sound-3.17-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound fixes from Takashi Iwai: "A bunch of ASoC fixes with a few HD-audio fixes in this pull request. All fairly small, boring and device-specific fixes, in addition to MAINTAINERS update for better reviewing" * tag 'sound-3.17-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: ALSA: hda/hdmi - apply Valleyview fix-ups to Cherryview display codec ALSA: hda/hdmi - set depop_delay for haswell plus ALSA: hda - restore the gpio led after resume ALSA: hda/realtek - Avoid setting wrong COEF on ALC269 & co ASoC: pxa-ssp: drop SNDRV_PCM_FMTBIT_S24_LE ASoC: fsl-esai: Revert .xlate_tdm_slot_mask() support ASoC: mcasp: Fix implicit BLCK divider setting ASoC: arizona: Fix TDM slot length handling in arizona_hw_params ASoC: pcm512x: Correct Digital Playback control names ASoC: dapm: Fix uninitialized variable in snd_soc_dapm_get_enum_double() ASoC: Intel: Restore Baytrail ADSP streams only when ADSP was in reset ASoC: Intel: Wait Baytrail ADSP boot at resume_early stage ASoC: Intel: Merge Baytrail ADSP suspend_noirq into suspend_late MAINTAINERS: Add i.MX maintainers and paths to Freescale ASoC entry ASoC: Intel: Update Baytrail ADSP firmware name 21 August 2014, 21:24:40 UTC
29fdd5b Linus Torvalds 21 August 2014, 21:07:44 UTC Merge branch 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux Pull i2c fixes from Wolfram Sang: "Here is the fixup for the 'lowlight' of my last pull request. I2C is not selected anymore by I2C_ACPI. Instead, the code in question now depends on I2C=y. Also, Mika has agreed to support me and be the maintainer for I2C-ACPI related patches. Finally, a new-ID-patch came along last week" * 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: MAINTAINERS: add maintainer for ACPI parts of I2C i2c: i801: Add PCI ID for Intel Braswell i2c: rework kernel config I2C_ACPI 21 August 2014, 21:07:44 UTC
d1433d5 Linus Torvalds 21 August 2014, 21:06:56 UTC Merge tag 'please-pull-memfd_create' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux Pull ia64 update from Tony Luck: "Add memfd_create syscall to ia64" * tag 'please-pull-memfd_create' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux: [IA64] Wire up memfd_create() system call 21 August 2014, 21:06:56 UTC
f8d08a1 Linus Torvalds 21 August 2014, 21:06:18 UTC Merge tag 'microblaze-3.17-rc2' of git://git.monstr.eu/linux-2.6-microblaze Pull microblaze update from Michal Simek: "Wire-up seccomp/getrandom/memfd_create syscalls" * tag 'microblaze-3.17-rc2' of git://git.monstr.eu/linux-2.6-microblaze: microblaze: Wire-up memfd_create syscall microblaze: Wire-up getrandom syscall microblaze: Wire-up seccomp syscall 21 August 2014, 21:06:18 UTC
3f2dad9 Grygorii Strashko 21 August 2014, 15:25:05 UTC spi: davinci: fix SPI_NO_CS functionality The driver should not touch CS lines if SPI_NO_CS flag is set. This patch fixes it as this functionality was broken accidentally by commit a88e34ea213e1b ("spi: davinci: add support to configure gpio cs through dt"). Fixes: a88e34ea213e1b ("spi: davinci: add support to configure gpio cs through dt") Signed-off-by: Grygorii Strashko <grygorii.strashko@ti.com> Signed-off-by: Mark Brown <broonie@linaro.org> 21 August 2014, 18:08:56 UTC
4ab2578 Jiri Kosina 21 August 2014, 14:57:48 UTC HID: fix a couple of off-by-ones There are a few very theoretical off-by-one bugs in report descriptor size checking when performing a pre-parsing fixup. Fix those. Cc: stable@vger.kernel.org Reported-by: Ben Hawkes <hawkes@google.com> Reviewed-by: Benjamin Tissoires <benjamin.tissoires@redhat.com> Signed-off-by: Jiri Kosina <jkosina@suse.cz> 21 August 2014, 15:43:28 UTC
ad3e14d Jiri Kosina 21 August 2014, 14:57:17 UTC HID: logitech: perform bounds checking on device_id early enough device_index is a char type and the size of paired_dj_deivces is 7 elements, therefore proper bounds checking has to be applied to device_index before it is used. We are currently performing the bounds checking in logi_dj_recv_add_djhid_device(), which is too late, as malicious device could send REPORT_TYPE_NOTIF_DEVICE_UNPAIRED early enough and trigger the problem in one of the report forwarding functions called from logi_dj_raw_event(). Fix this by performing the check at the earliest possible ocasion in logi_dj_raw_event(). Cc: stable@vger.kernel.org Reported-by: Ben Hawkes <hawkes@google.com> Reviewed-by: Benjamin Tissoires <benjamin.tissoires@redhat.com> Signed-off-by: Jiri Kosina <jkosina@suse.cz> 21 August 2014, 15:43:06 UTC
51217e6 Jiri Kosina 21 August 2014, 14:56:47 UTC HID: logitech: fix bounds checking on LED report size The check on report size for REPORT_TYPE_LEDS in logi_dj_ll_raw_request() is wrong; the current check doesn't make any sense -- the report allocated by HID core in hid_hw_raw_request() can be much larger than DJREPORT_SHORT_LENGTH, and currently logi_dj_ll_raw_request() doesn't handle this properly at all. Fix the check by actually trimming down the report size properly if it is too large. Cc: stable@vger.kernel.org Reported-by: Ben Hawkes <hawkes@google.com> Reviewed-by: Benjamin Tissoires <benjamin.tissoires@redhat.com> Signed-off-by: Jiri Kosina <jkosina@suse.cz> 21 August 2014, 15:38:13 UTC
f6dc45c Chris Mason 20 August 2014, 14:15:33 UTC Btrfs: fix filemap_flush call in btrfs_file_release We should only be flushing on close if the file was flagged as needing it during truncate. I broke this with my ordered data vs transaction commit deadlock fix. Thanks to Miao Xie for catching this. Signed-off-by: Chris Mason <clm@fb.com> Reported-by: Miao Xie <miaox@cn.fujitsu.com> Reported-by: Fengguang Wu <fengguang.wu@intel.com> 21 August 2014, 14:55:31 UTC
38c1c2e Liu Bo 19 August 2014, 15:33:13 UTC Btrfs: fix crash on endio of reading corrupted block The crash is ------------[ cut here ]------------ kernel BUG at fs/btrfs/extent_io.c:2124! [...] Workqueue: btrfs-endio normal_work_helper [btrfs] RIP: 0010:[<ffffffffa02d6055>] [<ffffffffa02d6055>] end_bio_extent_readpage+0xb45/0xcd0 [btrfs] This is in fact a regression. It is because we forgot to increase @offset properly in reading corrupted block, so that the @offset remains, and this leads to checksum errors while reading left blocks queued up in the same bio, and then ends up with hiting the above BUG_ON. Reported-by: Chris Murphy <lists@colorremedies.com> Signed-off-by: Liu Bo <bo.li.liu@oracle.com> Signed-off-by: Chris Mason <clm@fb.com> 21 August 2014, 14:55:30 UTC
a3c1089 Eric Sandeen 17 August 2014, 20:09:21 UTC btrfs: fix leak in qgroup_subtree_accounting() error path Coverity pointed this out; in the newly added qgroup_subtree_accounting(), if btrfs_find_all_roots() returns an error, we leak at least the parents pointer, and possibly the roots pointer, depending on what failure occurs. If btrfs_find_all_roots() returns an error, we need to free up all allocations before we return. "roots" is initialized to NULL, so it should be safe to free it unconditionally (ulist_free() handles that case). Cc: Mark Fasheh <mfasheh@suse.de> Signed-off-by: Eric Sandeen <sandeen@redhat.com> Reviewed-by: Mark Fasheh <mfasheh@suse.de> Signed-off-by: Chris Mason <clm@fb.com> 21 August 2014, 14:55:29 UTC
51f395a Qu Wenruo 08 August 2014, 05:06:20 UTC btrfs: Use right extent length when inserting overlap extent map. When current btrfs finds that a new extent map is going to be insereted but failed with -EEXIST, it will try again to insert the extent map but with the length of sectorsize. This is OK if we don't enable 'no-holes' feature since all extent space is continuous, we will not go into the not found->insert routine. But if we enable 'no-holes' feature, it will make things out of control. e.g. in 4K sectorsize, we pass the following args to btrfs_get_extent(): btrfs_get_extent() args: start: 27874 len 4100 28672 27874 28672 27874+4100 32768 |-----------------------| |---------hole--------------------|---------data----------| 1) not found and insert Since no extent map containing the range, btrfs_get_extent() will go into the not_found and insert routine, which will try to insert the extent map (27874, 27847 + 4100). 2) first overlap But it overlaps with (28672, 32768) extent, so -EEXIST will be returned by add_extent_mapping(). 3) retry but still overlap After catching the -EEXIST, then btrfs_get_extent() will try insert it again but with 4K length, which still overlaps, so -EEXIST will be returned. This makes the following patch fail to punch hole. d77815461f047e561f77a07754ae923ade597d4e btrfs: Avoid trucating page or punching hole in a already existed hole. This patch will use the right length, which is the (exsisting->start - em->start) to insert, making the above patch works in 'no-holes' mode. Also, some small code style problems in above patch is fixed too. Reported-by: Filipe David Manana <fdmanana@gmail.com> Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com> Reviewed-by: Filipe David Manana <fdmanana@suse.com> Tested-by: Filipe David Manana <fdmanana@suse.com> Signed-off-by: Chris Mason <clm@fb.com> 21 August 2014, 14:55:27 UTC
62e2390 Filipe Manana 08 August 2014, 01:47:06 UTC Btrfs: clone, don't create invalid hole extent map When cloning a file that consists of an inline extent, we were creating an extent map that represents a non-existing trailing hole starting at a file offset that isn't a multiple of the sector size. This happened because when processing an inline extent we weren't aligning the extent's length to the sector size, and therefore incorrectly treating the range [inline_extent_length; sector_size[ as a hole. Signed-off-by: Filipe Manana <fdmanana@suse.com> Reviewed-by: Satoru Takeuchi <takeuchi_satoru@jp.fujitsu.com> Signed-off-by: Chris Mason <clm@fb.com> 21 August 2014, 14:55:26 UTC
7064dd5 Filipe Manana 08 August 2014, 01:47:05 UTC Btrfs: don't monopolize a core when evicting inode If an inode has a very large number of extent maps, we can spend a lot of time freeing them, which triggers a soft lockup warning. Therefore reschedule if we need to when freeing the extent maps while evicting the inode. I could trigger this all the time by running xfstests/generic/299 on a file system with the no-holes feature enabled. That test creates an inode with 11386677 extent maps. $ mkfs.btrfs -f -O no-holes $TEST_DEV $ MKFS_OPTIONS="-O no-holes" ./check generic/299 generic/299 382s ... Message from syslogd@debian-vm3 at Aug 7 10:44:29 ... kernel:[85304.208017] BUG: soft lockup - CPU#0 stuck for 22s! [umount:25330] 384s Ran: generic/299 Passed all 1 tests $ dmesg (...) [86304.300017] BUG: soft lockup - CPU#0 stuck for 23s! [umount:25330] (...) [86304.300036] Call Trace: [86304.300036] [<ffffffff81698ba9>] __slab_free+0x54/0x295 [86304.300036] [<ffffffffa02ee9cc>] ? free_extent_map+0x5c/0xb0 [btrfs] [86304.300036] [<ffffffff811a6cd2>] kmem_cache_free+0x282/0x2a0 [86304.300036] [<ffffffffa02ee9cc>] free_extent_map+0x5c/0xb0 [btrfs] [86304.300036] [<ffffffffa02e3775>] btrfs_evict_inode+0xd5/0x660 [btrfs] [86304.300036] [<ffffffff811e7c8d>] ? __inode_wait_for_writeback+0x6d/0xc0 [86304.300036] [<ffffffff816a389b>] ? _raw_spin_unlock+0x2b/0x40 [86304.300036] [<ffffffff811d8cbb>] evict+0xab/0x180 [86304.300036] [<ffffffff811d8dce>] dispose_list+0x3e/0x60 [86304.300036] [<ffffffff811d9b04>] evict_inodes+0xf4/0x110 [86304.300036] [<ffffffff811bd953>] generic_shutdown_super+0x53/0x110 [86304.300036] [<ffffffff811bdaa6>] kill_anon_super+0x16/0x30 [86304.300036] [<ffffffffa02a78ba>] btrfs_kill_super+0x1a/0xa0 [btrfs] [86304.300036] [<ffffffff811bd3a9>] deactivate_locked_super+0x59/0x80 [86304.300036] [<ffffffff811be44e>] deactivate_super+0x4e/0x70 [86304.300036] [<ffffffff811dec14>] mntput_no_expire+0x174/0x1f0 [86304.300036] [<ffffffff811deab7>] ? mntput_no_expire+0x17/0x1f0 [86304.300036] [<ffffffff811e0517>] SyS_umount+0x97/0x100 (...) Signed-off-by: Filipe Manana <fdmanana@suse.com> Reviewed-by: Satoru Takeuchi <takeuchi_satoru@jp.fujitsu.com> Tested-by: Satoru Takeuchi <takeuchi_satoru@jp.fujitsu.com> Signed-off-by: Chris Mason <clm@fb.com> 21 August 2014, 14:55:25 UTC
74121f7 Filipe Manana 07 August 2014, 11:00:44 UTC Btrfs: fix hole detection during file fsync The file hole detection logic during a file fsync wasn't correct, because it didn't look back (in a previous leaf) for the last file extent item that can be in a leaf to the left of our leaf and that has a generation lower than the current transaction id. This made it assume that a hole exists when it really doesn't exist in the file. Such false positive hole detection happens in the following scenario: * We have a file that has many file extent items, covering 3 or more btree leafs (the first leaf must contain non file extent items too). * Two ranges of the file are modified, with their extent items being located at 2 different leafs and those leafs aren't consecutive. * When processing the second modified leaf, we weren't checking if some file extent item exists that is located in some leaf that is between our 2 modified leafs, and therefore assumed the range defined between the last file extent item in the first leaf and the first file extent item in the second leaf matched a hole. Fortunately this didn't result in overriding the log with wrong data, instead it made the last loop in copy_items() attempt to insert a duplicated key (for a hole file extent item), which makes the file fsync code return with -EEXIST to file.c:btrfs_sync_file() which in turn ends up doing a full transaction commit, which is much more expensive then writing only to the log tree and wait for it to be durably persisted (as well as the file's modified extents/pages). Therefore fix the hole detection logic, so that we don't pay the cost of doing full transaction commits. I could trigger this issue with the following test for xfstests (which never fails, either without or with this patch). The last fsync call results in a full transaction commit, due to the -EEXIST error mentioned above. I could also observe this behaviour happening frequently when running xfstests/generic/075 in a loop. Test: _cleanup() { _cleanup_flakey rm -fr $tmp } # get standard environment, filters and checks . ./common/rc . ./common/filter . ./common/dmflakey # real QA test starts here _supported_fs btrfs _supported_os Linux _require_scratch _require_dm_flakey _need_to_be_root rm -f $seqres.full # Create a file with many file extent items, each representing a 4Kb extent. # These items span 3 btree leaves, of 16Kb each (default mkfs.btrfs leaf size # as of btrfs-progs 3.12). _scratch_mkfs -l 16384 >/dev/null 2>&1 _init_flakey SAVE_MOUNT_OPTIONS="$MOUNT_OPTIONS" MOUNT_OPTIONS="$MOUNT_OPTIONS -o commit=999" _mount_flakey # First fsync, inode has BTRFS_INODE_NEEDS_FULL_SYNC flag set. $XFS_IO_PROG -f -c "pwrite -S 0x01 -b 4096 0 4096" -c "fsync" \ $SCRATCH_MNT/foo | _filter_xfs_io # For any of the following fsync calls, inode doesn't have the flag # BTRFS_INODE_NEEDS_FULL_SYNC set. for ((i = 1; i <= 500; i++)); do OFFSET=$((4096 * i)) LEN=4096 $XFS_IO_PROG -c "pwrite -S 0x01 $OFFSET $LEN" -c "fsync" \ $SCRATCH_MNT/foo | _filter_xfs_io done # Commit transaction and bump next transaction's id (to 7). sync # Truncate will set the BTRFS_INODE_NEEDS_FULL_SYNC flag in the btrfs's # inode runtime flags. $XFS_IO_PROG -c "truncate 2048000" $SCRATCH_MNT/foo # Commit transaction and bump next transaction's id (to 8). sync # Touch 1 extent item from the first leaf and 1 from the last leaf. The leaf # in the middle, containing only file extent items, isn't touched. So the # next fsync, when calling btrfs_search_forward(), won't visit that middle # leaf. First and 3rd leaf have now a generation with value 8, while the # middle leaf remains with a generation with value 6. $XFS_IO_PROG \ -c "pwrite -S 0xee -b 4096 0 4096" \ -c "pwrite -S 0xff -b 4096 2043904 4096" \ -c "fsync" \ $SCRATCH_MNT/foo | _filter_xfs_io _load_flakey_table $FLAKEY_DROP_WRITES md5sum $SCRATCH_MNT/foo | _filter_scratch _unmount_flakey _load_flakey_table $FLAKEY_ALLOW_WRITES # During mount, we'll replay the log created by the fsync above, and the file's # md5 digest should be the same we got before the unmount. _mount_flakey md5sum $SCRATCH_MNT/foo | _filter_scratch _unmount_flakey MOUNT_OPTIONS="$SAVE_MOUNT_OPTIONS" status=0 exit Signed-off-by: Filipe Manana <fdmanana@suse.com> Signed-off-by: Chris Mason <clm@fb.com> 21 August 2014, 14:55:24 UTC
5762b5c Filipe Manana 31 July 2014, 23:10:32 UTC Btrfs: ensure tmpfile inode is always persisted with link count of 0 If we open a file with O_TMPFILE, don't do any further operation on it (so that the inode item isn't updated) and then force a transaction commit, we get a persisted inode item with a link count of 1, and not 0 as it should be. Steps to reproduce it (requires a modern xfs_io with -T support): $ mkfs.btrfs -f /dev/sdd $ mount -o /dev/sdd /mnt $ xfs_io -T /mnt & $ sync Then btrfs-debug-tree shows the inode item with a link count of 1: $ btrfs-debug-tree /dev/sdd (...) fs tree key (FS_TREE ROOT_ITEM 0) leaf 29556736 items 4 free space 15851 generation 6 owner 5 fs uuid f164d01b-1b92-481d-a4e4-435fb0f843d0 chunk uuid 0e3d0e56-bcca-4a1c-aa5f-cec2c6f4f7a6 item 0 key (256 INODE_ITEM 0) itemoff 16123 itemsize 160 inode generation 3 transid 6 size 0 block group 0 mode 40755 links 1 item 1 key (256 INODE_REF 256) itemoff 16111 itemsize 12 inode ref index 0 namelen 2 name: .. item 2 key (257 INODE_ITEM 0) itemoff 15951 itemsize 160 inode generation 6 transid 6 size 0 block group 0 mode 100600 links 1 item 3 key (ORPHAN ORPHAN_ITEM 257) itemoff 15951 itemsize 0 orphan item checksum tree key (CSUM_TREE ROOT_ITEM 0) (...) Signed-off-by: Filipe Manana <fdmanana@suse.com> Signed-off-by: Chris Mason <clm@fb.com> 21 August 2014, 14:55:23 UTC
9c3b306 Filipe Manana 31 July 2014, 13:41:07 UTC Btrfs: race free update of commit root for ro snapshots This is a better solution for the problem addressed in the following commit: Btrfs: update commit root on snapshot creation after orphan cleanup (3821f348889e506efbd268cc8149e0ebfa47c4e5) The previous solution wasn't the best because of 2 reasons: 1) It added another full transaction commit, which is more expensive than just swapping the commit root with the root; 2) If a reboot happened after the first transaction commit (the one that creates the snapshot) and before the second transaction commit, then we would end up with the same problem if a send using that snapshot was requested before the first transaction commit after the reboot. This change addresses those 2 issues. The second issue is addressed by switching the commit root in the dentry lookup VFS callback, which is also called by the snapshot/subvol creation ioctl and performs orphan cleanup if needed. Like the vfs, the ioctl locks the parent inode too, preventing race issues between a dentry lookup and snapshot creation. Cc: Alex Lyakas <alex.btrfs@zadarastorage.com> Signed-off-by: Filipe Manana <fdmanana@suse.com> Signed-off-by: Chris Mason <clm@fb.com> 21 August 2014, 14:55:21 UTC
87fa3bb Liu Bo 29 July 2014, 11:09:39 UTC Btrfs: fix regression of btrfs device replace Commit 49c6f736f34f901117c20960ebd7d5e60f12fcac( btrfs: dev replace should replace the sysfs entry) added the missing sysfs entry in the process of device replace, but didn't take missing devices into account, so now we have BUG: unable to handle kernel NULL pointer dereference at 0000000000000088 IP: [<ffffffffa0268551>] btrfs_kobj_rm_device+0x21/0x40 [btrfs] ... To reproduce it, 1. mkfs.btrfs -f disk1 disk2 2. mkfs.ext4 disk1 3. mount disk2 /mnt -odegraded 4. btrfs replace start -B 1 disk3 /mnt -------------------------- This fixes the problem. Reported-by: Chris Murphy <lists@colorremedies.com> Signed-off-by: Liu Bo <bo.li.liu@oracle.com> Reviewed-by: Satoru Takeuchi <takeuchi_satoru@jp.fujitsu.com> Tested-by: Satoru Takeuchi <takeuchi_satoru@jp.fujitsu.com> Signed-off-by: Chris Mason <clm@fb.com> 21 August 2014, 14:55:20 UTC
8117bd5 Mathias Nyman 19 August 2014, 11:00:01 UTC gpio-lynxpoint: enable input sensing in resume It appears that input sensing bit might be reset during suspend/resume. Set input sensing again for all requested gpios in resume Tested-by: Jerome Blin <jerome.blin@intel.com> Signed-off-by: Mathias Nyman <mathias.nyman@linux.intel.com> Acked-by: Mika Westerberg <mika.westerberg@linux.intel.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org> 21 August 2014, 12:44:57 UTC
58b84f6 Linus Walleij 19 August 2014, 17:00:53 UTC gpio: move GPIOD flags outside #ifdef The GPIOD flags are defined inside the #ifdef CONFIG_GPIOLIB switch, making the gpiolib stubs fail if these flags are used by a consumer. This is not correct: the stubs should compile fine without GPIOLIB. Reported-by: Ulf Hansson <ulf.hansson@linaro.org> Reviewed-by: Alexandre Courbot <acourbot@nvidia.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org> 21 August 2014, 12:44:36 UTC
0252d6a Bjorn Andersson 14 August 2014, 22:59:21 UTC pinctrl: qcom: apq8064: Correct interrupts in example The example in the binding document indicates that interrupt 32 is used for the TLMM summary IRQ. Correct this to reduce the confusion. Signed-off-by: Bjorn Andersson <bjorn.andersson@sonymobile.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org> 21 August 2014, 12:28:24 UTC
f6a8249 Tomasz Figa 08 August 2014, 23:48:05 UTC pinctrl: exynos: Lock GPIOs as interrupts when used as EINTs Currently after configuring a GPIO pin as an interrupt related pinmux registers are changed, but there is no protection from calling gpio_direction_*() in a badly written driver, which would cause the same pinmux register to be reconfigured for regular input/output and this disabling interrupt capability of the pin. This patch addresses this issue by moving pinmux reconfiguration to .irq_{request,release}_resources() callback of irq_chip and calling gpio_lock_as_irq() helper to prevent reconfiguration of pin direction. Setting up a GPIO interrupt on Samsung SoCs is a two-step operation - in addition to trigger configuration in a dedicated register, the pinmux must be also reconfigured to GPIO interrupt, which is a different function than normal GPIO input, although I/O-wise they both behave in the same way and gpio_get_value() can be used on a pin configured as IRQ as well. Such design implies subtleties such as gpio_direction_input() not having to fail if a pin is already configured as an interrupt nor change the configuration to normal input. But the FLAG_USED_AS_IRQ set in gpiolib by gpio_lock_as_irq() is only used to check that gpio_direction_output() is not called, it's not used to prevent gpio_direction_input() to be called. So this is not a complete solution for Samsung SoCs but it's definitely a move in the right direction. Signed-off-by: Tomasz Figa <t.figa@samsung.com> [javier: use request resources instead of startup and expand commit message] Signed-off-by: Javier Martinez Canillas <javier.martinez@collabora.co.uk> Signed-off-by: Linus Walleij <linus.walleij@linaro.org> 21 August 2014, 12:24:29 UTC
8ce261d Sebastian Andrzej Siewior 25 July 2014, 18:16:40 UTC can: flexcan: handle state passive -> warning transition Once the CAN-bus is open and a packet is sent, the controller switches into the PASSIVE state. Once the BUS is closed again it goes the back err-warning. The TX error counter goes 0 -> 0x80 -> 0x7f. This patch makes sure that the user learns about this state chang (CAN_STATE_ERROR_WARNING => CAN_STATE_ERROR_PASSIVE) Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de> Signed-off-by: Matthias Klein <matthias.klein@optimeas.de> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de> 21 August 2014, 08:50:00 UTC
bc03a54 Alexander Stein 12 August 2014, 08:47:21 UTC can: flexcan: Disable error interrupt when bus error reporting is disabled In case we don't have FLEXCAN_HAS_BROKEN_ERR_STATE and the user set CAN_CTRLMODE_BERR_REPORTING once it can not be unset again until reboot. So in case neither hardware nor user wants the error interrupt disable the bit. Signed-off-by: Alexander Stein <alexander.stein@systec-electronic.com> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de> 21 August 2014, 08:49:59 UTC
37b75a3 Dan Carpenter 01 August 2014, 08:53:44 UTC can: c_can: checking IS_ERR() instead of NULL devm_ioremap() returns NULL on error, not an ERR_PTR(). Fixes: 33cf75656923 ('can: c_can_platform: Fix raminit, use devm_ioremap() instead of devm_ioremap_resource()') Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Cc: linux-stable <stable@vger.kernel.org> # >= v3.11 Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de> 21 August 2014, 08:49:59 UTC
9e37bc6 Mirza Krak 08 August 2014, 12:30:50 UTC can: sja1000: Validate initialization state in start method When sja1000 is not compiled as module the SJA1000 chip is only initialized during device registration on kernel boot. Should the chip get a hardware reset there is no way to reinitialize it without re- booting the Linux kernel. This patch adds a check in sja1000_start if the chip is initialized, if not we initialize it. Signed-off-by: Mirza Krak <mirza.krak@hostmobility.com> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de> 21 August 2014, 08:49:34 UTC
83c43c4 Michal Simek 21 August 2014, 08:19:28 UTC microblaze: Wire-up memfd_create syscall Add new memfd_create syscall. Signed-off-by: Michal Simek <michal.simek@xilinx.com> 21 August 2014, 08:19:28 UTC
5313345 Michal Simek 07 August 2014, 13:59:05 UTC microblaze: Wire-up getrandom syscall Add new getrandom syscall. Signed-off-by: Michal Simek <michal.simek@xilinx.com> 21 August 2014, 08:07:05 UTC
b760949 Michal Simek 07 August 2014, 13:57:41 UTC microblaze: Wire-up seccomp syscall Add new seccomp syscall. Signed-off-by: Michal Simek <michal.simek@xilinx.com> 21 August 2014, 08:07:04 UTC
372b1db Linus Torvalds 20 August 2014, 23:33:21 UTC Merge branch 'for-linus' of git://git.samba.org/sfrench/cifs-2.6 Pull cifs fixes from Steve French: "Most important fixes in this set include three SMB3 fixes for stable (including fix for possible kernel oops), and a workaround to allow writes to Mac servers (only cifs dialect, not more current SMB2.1, worked to Mac servers). Also fallocate support added, and lease fix from Jeff" * 'for-linus' of git://git.samba.org/sfrench/cifs-2.6: [SMB3] Enable fallocate -z support for SMB3 mounts enable fallocate punch hole ("fallocate -p") for SMB3 Incorrect error returned on setting file compressed on SMB2 CIFS: Fix wrong directory attributes after rename CIFS: Fix SMB2 readdir error handling [CIFS] Possible null ptr deref in SMB2_tcon [CIFS] Workaround MacOS server problem with SMB2.1 write response cifs: handle lease F_UNLCK requests properly Cleanup sparse file support by creating worker function for it Add sparse file support to SMB2/SMB3 mounts Add missing definitions for CIFS File System Attributes cifs: remove unused function cifs_oplock_break_wait 20 August 2014, 23:33:21 UTC
92075f9 Linus Torvalds 20 August 2014, 23:32:16 UTC Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs Pull filesystem fixes from Jan Kara: "udf, isofs, and ext3 bug fixes" * 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs: ext3: Count internal journal as bsddf overhead in ext3_statfs isofs: Fix unbounded recursion when processing relocated directories udf: avoid unneeded up_write when fail to add entry in ->symlink 20 August 2014, 23:32:16 UTC
3951ad2 Linus Torvalds 20 August 2014, 23:23:06 UTC Merge branch 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86 Pull x86 platform driver revert from Matthew Garrett: "This clearly shouldn't have been merged. No excuse on my part" * 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86: Revert "platform/x86/toshiba-apci.c possible bad if test?" 20 August 2014, 23:23:06 UTC
e9de42d Linus Torvalds 20 August 2014, 23:22:10 UTC Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm Pull KVM fixes from Paolo Bonzini: "Reverting a 3.16 patch, fixing two bugs in device assignment (one has a CVE), and fixing some problems introduced during the merge window (the CMA bug came in via Andrew, the x86 ones via yours truly)" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: virt/kvm/assigned-dev.c: Set 'dev->irq_source_id' to '-1' after free it Revert "KVM: x86: Increase the number of fixed MTRR regs to 10" KVM: x86: do not check CS.DPL against RPL during task switch KVM: x86: Avoid emulating instructions on #UD mistakenly PC, KVM, CMA: Fix regression caused by wrong get_order() use kvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601) 20 August 2014, 23:22:10 UTC
back to top