1. 16 11月, 2014 8 次提交
  2. 10 11月, 2014 1 次提交
    • A
      sched/numa: Fix out of bounds read in sched_init_numa() · c123588b
      Andrey Ryabinin 提交于
      On latest mm + KASan patchset I've got this:
      
          ==================================================================
          BUG: AddressSanitizer: out of bounds access in sched_init_smp+0x3ba/0x62c at addr ffff88006d4bee6c
          =============================================================================
          BUG kmalloc-8 (Not tainted): kasan error
          -----------------------------------------------------------------------------
      
          Disabling lock debugging due to kernel taint
          INFO: Allocated in alloc_vfsmnt+0xb0/0x2c0 age=75 cpu=0 pid=0
           __slab_alloc+0x4b4/0x4f0
           __kmalloc_track_caller+0x15f/0x1e0
           kstrdup+0x44/0x90
           alloc_vfsmnt+0xb0/0x2c0
           vfs_kern_mount+0x35/0x190
           kern_mount_data+0x25/0x50
           pid_ns_prepare_proc+0x19/0x50
           alloc_pid+0x5e2/0x630
           copy_process.part.41+0xdf5/0x2aa0
           do_fork+0xf5/0x460
           kernel_thread+0x21/0x30
           rest_init+0x1e/0x90
           start_kernel+0x522/0x531
           x86_64_start_reservations+0x2a/0x2c
           x86_64_start_kernel+0x15b/0x16a
          INFO: Slab 0xffffea0001b52f80 objects=24 used=22 fp=0xffff88006d4befc0 flags=0x100000000004080
          INFO: Object 0xffff88006d4bed20 @offset=3360 fp=0xffff88006d4bee70
      
          Bytes b4 ffff88006d4bed10: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a  ........ZZZZZZZZ
          Object ffff88006d4bed20: 70 72 6f 63 00 6b 6b a5                          proc.kk.
          Redzone ffff88006d4bed28: cc cc cc cc cc cc cc cc                          ........
          Padding ffff88006d4bee68: 5a 5a 5a 5a 5a 5a 5a 5a                          ZZZZZZZZ
          CPU: 0 PID: 1 Comm: swapper/0 Tainted: G    B          3.18.0-rc3-mm1+ #108
          Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.7.5-0-ge51488c-20140602_164612-nilsson.home.kraxel.org 04/01/2014
           ffff88006d4be000 0000000000000000 ffff88006d4bed20 ffff88006c86fd18
           ffffffff81cd0a59 0000000000000058 ffff88006d404240 ffff88006c86fd48
           ffffffff811fa3a8 ffff88006d404240 ffffea0001b52f80 ffff88006d4bed20
          Call Trace:
          dump_stack (lib/dump_stack.c:52)
          print_trailer (mm/slub.c:645)
          object_err (mm/slub.c:652)
          ? sched_init_smp (kernel/sched/core.c:6552 kernel/sched/core.c:7063)
          kasan_report_error (mm/kasan/report.c:102 mm/kasan/report.c:178)
          ? kasan_poison_shadow (mm/kasan/kasan.c:48)
          ? kasan_unpoison_shadow (mm/kasan/kasan.c:54)
          ? kasan_poison_shadow (mm/kasan/kasan.c:48)
          ? kasan_kmalloc (mm/kasan/kasan.c:311)
          __asan_load4 (mm/kasan/kasan.c:371)
          ? sched_init_smp (kernel/sched/core.c:6552 kernel/sched/core.c:7063)
          sched_init_smp (kernel/sched/core.c:6552 kernel/sched/core.c:7063)
          kernel_init_freeable (init/main.c:869 init/main.c:997)
          ? finish_task_switch (kernel/sched/sched.h:1036 kernel/sched/core.c:2248)
          ? rest_init (init/main.c:924)
          kernel_init (init/main.c:929)
          ? rest_init (init/main.c:924)
          ret_from_fork (arch/x86/kernel/entry_64.S:348)
          ? rest_init (init/main.c:924)
          Read of size 4 by task swapper/0:
          Memory state around the buggy address:
           ffff88006d4beb80: fc fc fc fc fc fc fc fc fc fc 00 fc fc fc fc fc
           ffff88006d4bec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
           ffff88006d4bec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
           ffff88006d4bed00: fc fc fc fc 00 fc fc fc fc fc fc fc fc fc fc fc
           ffff88006d4bed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
          >ffff88006d4bee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc 04 fc
                                                                    ^
           ffff88006d4bee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
           ffff88006d4bef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
           ffff88006d4bef80: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
           ffff88006d4bf000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
           ffff88006d4bf080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
          ==================================================================
      
      Zero 'level' (e.g. on non-NUMA system) causing out of bounds
      access in this line:
      
           sched_max_numa_distance = sched_domains_numa_distance[level - 1];
      
      Fix this by exiting from sched_init_numa() earlier.
      Signed-off-by: NAndrey Ryabinin <a.ryabinin@samsung.com>
      Reviewed-by: NRik van Riel <riel@redhat.com>
      Fixes: 9942f79b ("sched/numa: Export info needed for NUMA balancing on complex topologies")
      Cc: peterz@infradead.org
      Link: http://lkml.kernel.org/r/1415372020-1871-1-git-send-email-a.ryabinin@samsung.comSigned-off-by: NIngo Molnar <mingo@kernel.org>
      c123588b
  3. 04 11月, 2014 23 次提交
  4. 03 11月, 2014 8 次提交
    • L
      Linux 3.18-rc3 · 0df1f248
      Linus Torvalds 提交于
      0df1f248
    • L
      Merge tag 'for-linus-20141102' of git://git.infradead.org/linux-mtd · 81d92dc1
      Linus Torvalds 提交于
      Pull MTD fixes from Brian Norris:
       "Three main MTD fixes for 3.18:
      
         - A regression from 3.16 which was noticed in 3.17.  With the
           restructuring of the m25p80.c driver and the SPI NOR library
           framework, we omitted proper listing of the SPI device IDs.  This
           means m25p80.c wouldn't auto-load (modprobe) properly when built as
           a module.  For now, we duplicate the device IDs into both modules.
      
         - The OMAP / ELM modules were depending on an implicit link ordering.
           Use deferred probing so that the new link order (in 3.18-rc) can
           still allow for successful probing.
      
         - Fix suspend/resume support for LH28F640BF NOR flash"
      
      * tag 'for-linus-20141102' of git://git.infradead.org/linux-mtd:
        mtd: cfi_cmdset_0001.c: fix resume for LH28F640BF chips
        mtd: omap: fix mtd devices not showing up
        mtd: m25p80,spi-nor: Fix module aliases for m25p80
        mtd: spi-nor: make spi_nor_scan() take a chip type name, not spi_device_id
        mtd: m25p80: get rid of spi_get_device_id
      81d92dc1
    • L
      Merge tag 'scsi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · ad2be379
      Linus Torvalds 提交于
      Pull SCSI fixes from James Bottomley:
       "This is a set of six patches consisting of:
         - two MAINTAINER updates
         - two scsi-mq fixs for the old parallel interface (not every request
           is tagged and we need to set the right flags to populate the SPI
           tag message)
         - a fix for a memory leak in scatterlist traversal caused by a
           preallocation update in 3.17
         - an ipv6 fix for cxgbi"
      
      [ The scatterlist fix also came in separately through the block layer tree ]
      
      * tag 'scsi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        MAINTAINERS: ufs - remove self
        MAINTAINERS: change hpsa and cciss maintainer
        libcxgbi : support ipv6 address host_param
        scsi: set REQ_QUEUE for the blk-mq case
        Revert "block: all blk-mq requests are tagged"
        lib/scatterlist: fix memory leak with scsi-mq
      ad2be379
    • L
      Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux · 12267166
      Linus Torvalds 提交于
      Pull drm fixes from Dave Airlie:
       "Nothing too astounding or major: radeon, i915, vmwgfx, armada and
        exynos.
      
        Biggest ones:
         - vmwgfx has one big locking regression fix
         - i915 has come displayport fixes
         - radeon has some stability and a memory alloc failure
         - armada and exynos have some vblank fixes"
      
      * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: (24 commits)
        drm/exynos: correct connector->dpms field before resuming
        drm/exynos: enable vblank after DPMS on
        drm/exynos: init kms poll at the end of initialization
        drm/exynos: propagate plane initialization errors
        drm/exynos: vidi: fix build warning
        drm/exynos: remove explicit encoder/connector de-initialization
        drm/exynos: init vblank with real number of crtcs
        drm/vmwgfx: Filter out modes those cannot be supported by the current VRAM size.
        drm/vmwgfx: Fix hash key computation
        drm/vmwgfx: fix lock breakage
        drm/i915/dp: only use training pattern 3 on platforms that support it
        drm/radeon: remove some buggy dead code
        drm/i915: Ignore VBT backlight check on Macbook 2, 1
        drm/radeon: remove invalid pci id
        drm/radeon: dpm fixes for asrock systems
        radeon: clean up coding style differences in radeon_get_bios()
        drm/radeon: Use drm_malloc_ab instead of kmalloc_array
        drm/radeon/dpm: disable ulv support on SI
        drm/i915: Fix GMBUSFREQ on vlv/chv
        drm/i915: Ignore long hpds on eDP ports
        ...
      12267166
    • O
      Merge tag 'fixes-against-v3.18-rc2' of... · 4257412d
      Olof Johansson 提交于
      Merge tag 'fixes-against-v3.18-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into fixes
      
      Merge "omap fixes against v3.18-rc2" from Tony Lindgren:
      
      Few fixes for omaps to enable NAND BCH so devices won't
      produce errors when booted with omap2plus_defconfig, and
      reduce bloat by making IPV6 a loadable module.
      
      Also let's add a warning about legacy boot being deprecated
      for omap3.
      
      We now have things working with device tree, and only omap3 is
      still booting in legacy mode. So hopefully this warning will
      help move the remaining legacy mode users to boot with device
      tree.
      
      As the total reduction of code and static data is somewhere
      around 20000 lines of code once we remove omap3 legacy mode
      booting, we really do want to make omap3 to boot also in
      device tree mode only over the next few merge cycles.
      
      * tag 'fixes-against-v3.18-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap: (407 commits)
        ARM: OMAP2+: Warn about deprecated legacy booting mode
        ARM: omap2plus_defconfig: Fix errors with NAND BCH
        ARM: omap2plus_defconfig: Fix bloat caused by having ipv6 built-in
        + Linux 3.18-rc2
      Signed-off-by: NOlof Johansson <olof@lixom.net>
      4257412d
    • L
      Merge branch 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm · 3c43de0f
      Linus Torvalds 提交于
      Pull ARM fixes from Russell King:
       - add the new bpf syscall to ARM.
       - drop a redundant return statement in __iommu_alloc_remap()
       - fix a performance issue noticed by Thomas Petazzoni with
         kmap_atomic().
       - fix an issue with the L2 cache OF parsing code which caused it to
         incorrectly print warnings on each boot, and make the warning text
         more consistent with the rest of the code
      
      * 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
        ARM: 8180/1: mm: implement no-highmem fast path in kmap_atomic_pfn()
        ARM: 8183/1: l2c: Improve l2c310_of_parse() error message
        ARM: 8181/1: Drop extra return statement
        ARM: 8182/1: l2c: Make l2x0_cache_size_of_parse() return 'int'
        ARM: enable bpf syscall
      3c43de0f
    • L
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · 7501a533
      Linus Torvalds 提交于
      Pull kvm fixes from Paolo Bonzini:
       "A small set of x86 fixes.  The most serious is an SRCU lockdep fix.
      
        A bit late - needed some time to test the SRCU fix, which only came in
        on Friday"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
        KVM: vmx: defer load of APIC access page address during reset
        KVM: nVMX: Disable preemption while reading from shadow VMCS
        KVM: x86: Fix far-jump to non-canonical check
        KVM: emulator: fix execution close to the segment limit
        KVM: emulator: fix error code for __linearize
      7501a533
    • D
      Merge branch 'exynos-drm-fixes' of... · 66338fee
      Dave Airlie 提交于
      Merge branch 'exynos-drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos into drm-fixes
      
      This pull-request includes some bug fixes and code cleanups.
      Especially, this fixes the bind failure issue occurred when it tries
      to re-bind Exynos drm driver after unbound, and the modetest failure
      issue incurred by not having a pair to vblank on and off requests.
      
      * 'exynos-drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos:
        drm/exynos: correct connector->dpms field before resuming
        drm/exynos: enable vblank after DPMS on
        drm/exynos: init kms poll at the end of initialization
        drm/exynos: propagate plane initialization errors
        drm/exynos: vidi: fix build warning
        drm/exynos: remove explicit encoder/connector de-initialization
        drm/exynos: init vblank with real number of crtcs
      66338fee