1. 11 3月, 2015 1 次提交
  2. 06 3月, 2015 1 次提交
    • J
      xen/events: avoid NULL pointer dereference in dom0 on large machines · 85e40b05
      Juergen Gross 提交于
      Using the pvops kernel a NULL pointer dereference was detected on a
      large machine (144 processors) when booting as dom0 in
      evtchn_fifo_unmask() during assignment of a pirq.
      
      The event channel in question was the first to need a new entry in
      event_array[] in events_fifo.c. Unfortunately xen_irq_info_pirq_setup()
      is called with evtchn being 0 for a new pirq and the real event channel
      number is assigned to the pirq only during __startup_pirq().
      
      It is mandatory to call xen_evtchn_port_setup() after assigning the
      event channel number to the pirq to make sure all memory needed for the
      event channel is allocated.
      Signed-off-by: NJuergen Gross <jgross@suse.com>
      Cc: <stable@vger.kernel.org> # 3.14+
      Signed-off-by: NDavid Vrabel <david.vrabel@citrix.com>
      85e40b05
  3. 24 2月, 2015 2 次提交
    • J
      xen-scsiback: mark pvscsi frontend request consumed only after last read · facb5732
      Juergen Gross 提交于
      A request in the ring buffer mustn't be read after it has been marked
      as consumed. Otherwise it might already have been reused by the
      frontend without violating the ring protocol.
      
      To avoid inconsistencies in the backend only work on a private copy
      of the request. This will ensure a malicious guest not being able to
      bypass consistency checks of the backend by modifying an active
      request.
      Signed-off-by: NJuergen Gross <jgross@suse.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NDavid Vrabel <david.vrabel@citrix.com>
      facb5732
    • D
      x86/xen: allow privcmd hypercalls to be preempted · fdfd811d
      David Vrabel 提交于
      Hypercalls submitted by user space tools via the privcmd driver can
      take a long time (potentially many 10s of seconds) if the hypercall
      has many sub-operations.
      
      A fully preemptible kernel may deschedule such as task in any upcall
      called from a hypercall continuation.
      
      However, in a kernel with voluntary or no preemption, hypercall
      continuations in Xen allow event handlers to be run but the task
      issuing the hypercall will not be descheduled until the hypercall is
      complete and the ioctl returns to user space.  These long running
      tasks may also trigger the kernel's soft lockup detection.
      
      Add xen_preemptible_hcall_begin() and xen_preemptible_hcall_end() to
      bracket hypercalls that may be preempted.  Use these in the privcmd
      driver.
      
      When returning from an upcall, call xen_maybe_preempt_hcall() which
      adds a schedule point if if the current task was within a preemptible
      hypercall.
      
      Since _cond_resched() can move the task to a different CPU, clear and
      set xen_in_preemptible_hcall around the call.
      Signed-off-by: NDavid Vrabel <david.vrabel@citrix.com>
      Reviewed-by: NBoris Ostrovsky <boris.ostrovsky@oracle.com>
      fdfd811d
  4. 21 2月, 2015 3 次提交
  5. 20 2月, 2015 23 次提交
    • L
      thermal: exynos: fix: Check if data->tmu_read callback is present before read · 4531fa16
      Lukasz Majewski 提交于
      The exynos_tmu_data() function should on entrance test not only for valid
      data pointer, but also for data->tmu_read one.
      It is important, since afterwards it is dereferenced to get temperature code.
      Signed-off-by: NLukasz Majewski <l.majewski@samsung.com>
      Tested-by: NAbhilash Kesavan <a.kesavan@samsung.com>
      Signed-off-by: NZhang Rui <rui.zhang@intel.com>
      4531fa16
    • D
      Infiniband: Fix potential NULL d_inode dereference · a95104fd
      David Howells 提交于
      Code that does this:
      
      	if (!(d_unhashed(tmp) && tmp->d_inode)) {
      		...
      		simple_unlink(parent->d_inode, tmp);
      	}
      
      is broken because:
      
      	!(d_unhashed(tmp) && tmp->d_inode)
      
      is equivalent to:
      
      	!d_unhashed(tmp) || !tmp->d_inode
      
      so it is possible to get into simple_unlink() with tmp->d_inode == NULL.
      
      simple_unlink(), however, assumes tmp->d_inode cannot be NULL.
      
      I think that what was meant is this:
      
      	!d_unhashed(tmp) && tmp->d_inode
      
      and that the logical-not operator or the final close-bracket was misplaced.
      Signed-off-by: NDavid Howells <dhowells@redhat.com>
      cc: Bryan O'Sullivan <bos@pathscale.com>
      cc: Roland Dreier <rolandd@cisco.com>
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      a95104fd
    • T
      clk: Only recalculate the rate if needed · ec02ace8
      Tomeu Vizoso 提交于
      We don't really need to recalculate the effective rate of a clock when a
      per-user clock is removed, if the constraints of the later aren't
      limiting the requested rate.
      
      This was causing problems with clocks that never had a rate set before,
      as rate_req would be zero. Though this could be considered a bug in the
      implementation of those clocks, this should be checked somewhere else.
      
      Fixes: 1c8e6004 ("clk: Add rate constraints to clocks")
      Cc: Thierry Reding <thierry.reding@gmail.com>
      Cc: Peter De Schrijver <pdeschrijver@nvidia.com>
      Signed-off-by: NTomeu Vizoso <tomeu.vizoso@collabora.com>
      Signed-off-by: NMichael Turquette <mturquette@linaro.org>
      ec02ace8
    • C
      ipmi: Fix a memory ordering issue · 1d86e29b
      Corey Minyard 提交于
      From a locking point of view it is safe to check waiting_msg without
      a lock, but there is a memory ordering issue that causes it to
      possibly not be set right when viewed from another processor.  We are
      already claiming a lock right after that, move the check to inside
      the lock to enforce the memory ordering.
      Signed-off-by: NCorey Minyard <cminyard@mvista.com>
      1d86e29b
    • J
      ipmi: Remove uses of return value of seq_printf · d6c5dc18
      Joe Perches 提交于
      The seq_printf like functions will soon be changed to return void.
      
      Convert these uses to check seq_has_overflowed instead.
      Signed-off-by: NJoe Perches <joe@perches.com>
      Signed-off-by: NCorey Minyard <cminyard@mvista.com>
      d6c5dc18
    • T
      ipmi: Use is_visible callback for conditional sysfs entries · 2d06a0c9
      Takashi Iwai 提交于
      Instead of manual calls of device_create_file() and
      device_remove_file(), implement the condition in is_visible callback
      for the attribute group and put these entries to the group, too.
      This simplifies the code and avoids the possible races.
      Signed-off-by: NTakashi Iwai <tiwai@suse.de>
      Signed-off-by: NCorey Minyard <cminyard@mvista.com>
      2d06a0c9
    • N
      ipmi: Free ipmi_recv_msg messages from the linked list on close · bdf2829c
      Nicholas Krause 提交于
      This adds a loop through the elements in the linked list, recv_msgs using
      list_for_entry_safe in order to free messages in this list.  In addition
      we are using the safe version of this marco in order to prevent use after
      bugs related to deleting the element we are on currently by holding a
      pointer to the next element after the current one we are on and freeing
      with the function, ipmi_free_recv_msg internally in this loop.
      Signed-off-by: NNicholas Krause <xerofoify@gmail.com>
      Signed-off-by: NCorey Minyard <cminyard@mvista.com>
      bdf2829c
    • A
      ipmi: avoid gcc warning · 191cc414
      Arnd Bergmann 提交于
      A new harmless warning has come up on ARM builds with gcc-4.9:
      
      drivers/char/ipmi/ipmi_msghandler.c: In function 'smi_send.isra.11':
      include/linux/spinlock.h:372:95: warning: 'flags' may be used uninitialized in this function [-Wmaybe-uninitialized]
        raw_spin_unlock_irqrestore(&lock->rlock, flags);
                                                                                                     ^
      drivers/char/ipmi/ipmi_msghandler.c:1490:16: note: 'flags' was declared here
        unsigned long flags;
                      ^
      
      This could be worked around by initializing the 'flags' variable, but it
      seems better to rework the code to avoid this.
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Fixes: 7ea0ed2b ("ipmi: Make the message handler easier to use for SMI interfaces")
      Signed-off-by: NCorey Minyard <cminyard@mvista.com>
      191cc414
    • J
      ipmi: Update timespec usage to timespec64 · 48862ea2
      John Stultz 提交于
      As part of the internal y2038 cleanup, this patch removes
      timespec usage in the ipmi driver, replacing it timespec64
      
      Cc: openipmi-developer@lists.sourceforge.net
      Cc: Arnd Bergmann <arnd@arndb.de>
      Signed-off-by: NJohn Stultz <john.stultz@linaro.org>
      Signed-off-by: NCorey Minyard <minyard@mvista.com>
      48862ea2
    • J
      ipmi: Cleanup DEBUG_TIMING ifdef usage · f93aae9f
      John Stultz 提交于
      The driver uses #ifdef DEBUG_TIMING in order to conditionally print out
      timestamped debug messages. Unfortunately it adds the ifdefs all over the
      usage sites.
      
      This patch cleans it up by adding a debug_timestamp() function which
      is compiled out if DEBUG_TIMING isn't present. This cleans up all
      the ugly ifdefs in the function logic.
      
      Cc: openipmi-developer@lists.sourceforge.net
      Cc: Arnd Bergmann <arnd@arndb.de>
      Signed-off-by: NJohn Stultz <john.stultz@linaro.org>
      Signed-off-by: NCorey Minyard <minyard@mvista.com>
      f93aae9f
    • N
      drivers:char:ipmi: Remove unneeded FIXME comment in the file,ipmi_si_intf.c · 31013fa9
      Nicholas Krause 提交于
      Removes a no longer needed FIXME comment in the function,acpi_gpe_irq_setup
      for the file,ipmi_si_intf.c. This comment is no longer needed as clearly we
      are passing the correct level of  ACPI_GPE_LEVEL_TRIGGERED to the installer
      function,acpi_install_gpe_handler due to no breakage after years of using
      this ACPI level in the function,acpi_install_gpe_handler.
      Signed-off-by: NNicholas Krause <xerofoify@gmail.com>
      Signed-off-by: NCorey Minyard <cminyard@mvista.com>
      31013fa9
    • W
      char: ipmi: Remove obsolete cleanup for clientdata · bb82d90e
      Wolfram Sang 提交于
      A few new i2c-drivers came into the kernel which clear the clientdata-pointer
      on exit or error. This is obsolete meanwhile, the core will do it.
      Signed-off-by: NWolfram Sang <wsa@the-dreams.de>
      Signed-off-by: NCorey Minyard <cminyard@mvista.com>
      bb82d90e
    • C
      ipmi: Remove a FIXME for slab conversion · 2fcaf60c
      Corey Minyard 提交于
      There can't be more than a few IPMI messages allocated at any one time,
      so converting the messages to slabs would be a waste.  So just remove
      the FIXME.
      Suggested-by: NNicholas Krause <xerofoify@gmail.com>
      Signed-off-by: NCorey Minyard <cminyard@mvista.com>
      2fcaf60c
    • K
      NVMe: Fix potential corruption on sync commands · 0c0f9b95
      Keith Busch 提交于
      This makes all sync commands uninterruptible and schedules without timeout
      so the controller either has to post a completion or the timeout recovery
      fails the command. This fixes potential memory or data corruption from
      a command timing out too early or woken by a signal. Previously any DMA
      buffers mapped for that command would have been released even though we
      don't know what the controller is planning to do with those addresses.
      Signed-off-by: NKeith Busch <keith.busch@intel.com>
      0c0f9b95
    • K
      NVMe: Remove unused variables · 48328518
      Keith Busch 提交于
      We don't track queues in a llist, subscribe to hot-cpu notifications,
      or internally retry commands. Delete the unused artifacts.
      Signed-off-by: NKeith Busch <keith.busch@intel.com>
      48328518
    • K
      NVMe: Fix scsi mode select llbaa setting · 9ac16938
      Keith Busch 提交于
      It should be a logical bitwise AND, not conditional.
      Signed-off-by: NKeith Busch <keith.busch@intel.com>
      9ac16938
    • K
      NVMe: Fix potential corruption during shutdown · 07836e65
      Keith Busch 提交于
      The driver has to end unreturned commands at some point even if the
      controller has not provided a completion. The driver tried to be safe by
      deleting IO queues prior to ending all unreturned commands. That should
      cause the controller to internally abort inflight commands, but IO queue
      deletion request does not have to be successful, so all bets are off. We
      still have to make progress, so to be extra safe, this patch doesn't
      clear a queue to release the dma mapping for a command until after the
      pci device has been disabled.
      
      This patch removes the special handling during device initialization
      so controller recovery can be done all the time. This is possible since
      initialization is not inlined with pci probe anymore.
      Reported-by: NNilish Choudhury <nilesh.choudhury@oracle.com>
      Signed-off-by: NKeith Busch <keith.busch@intel.com>
      07836e65
    • K
      NVMe: Asynchronous controller probe · 2e1d8448
      Keith Busch 提交于
      This performs the longest parts of nvme device probe in scheduled work.
      This speeds up probe significantly when multiple devices are in use.
      Signed-off-by: NKeith Busch <keith.busch@intel.com>
      2e1d8448
    • K
      NVMe: Register management handle under nvme class · b3fffdef
      Keith Busch 提交于
      This creates a new class type for nvme devices to register their
      management character devices with. This is so we do not rely on miscdev
      to provide enough minors for as many nvme devices some people plan to
      use. The previous limit was approximately 60 NVMe controllers, depending
      on the platform and kernel. Now the limit is 1M, which ought to be enough
      for anybody.
      
      Since we have a new device class, it makes sense to attach the block
      devices under this as well, so part of this patch moves the management
      handle initialization prior to the namespaces discovery.
      Signed-off-by: NKeith Busch <keith.busch@intel.com>
      b3fffdef
    • K
      NVMe: Update SCSI Inquiry VPD 83h translation · 4f1982b4
      Keith Busch 提交于
      The original translation created collisions on Inquiry VPD 83 for many
      existing devices. Newer specifications provide other ways to translate
      based on the device's version can be used to create unique identifiers.
      
      Version 1.1 provides an EUI64 field that uniquely identifies each
      namespace, and 1.2 added the longer NGUID field for the same reason.
      Both follow the IEEE EUI format and readily translate to the SCSI device
      identification EUI designator type 2h. For devices implementing either,
      the translation will use this type, defaulting to the EUI64 8-byte type if
      implemented then NGUID's 16 byte version if not. If neither are provided,
      the 1.0 translation is used, and is updated to use the SCSI String format
      to guarantee a unique identifier.
      
      Knowing when to use the new fields depends on the nvme controller's
      revision. The NVME_VS macro was not decoding this correctly, so that is
      fixed in this patch and moved to a more appropriate place.
      
      Since the Identify Namespace structure required an update for the NGUID
      field, this patch adds the remaining new 1.2 fields to the structure.
      Signed-off-by: NKeith Busch <keith.busch@intel.com>
      4f1982b4
    • K
      NVMe: Metadata format support · e1e5e564
      Keith Busch 提交于
      Adds support for NVMe metadata formats and exposes block devices for
      all namespaces regardless of their format. Namespace formats that are
      unusable will have disk capacity set to 0, but a handle to the block
      device is created to simplify device management. A namespace is not
      usable when the format requires host interleave block and metadata in
      single buffer, has no provisioned storage, or has better data but failed
      to register with blk integrity.
      
      The namespace has to be scanned in two phases to support separate
      metadata formats. The first establishes the sector size and capacity
      prior to invoking add_disk. If metadata is required, the capacity will
      be temporarilly set to 0 until it can be revalidated and registered with
      the integrity extenstions after add_disk completes.
      
      The driver relies on the integrity extensions to provide the metadata
      buffer. NVMe requires this be a single physically contiguous region,
      so only one integrity segment is allowed per command. If the metadata
      is used for T10 PI, the driver provides mappings to save and restore
      the reftag physical block translation. The driver provides no-op
      functions for generate and verify if metadata is not used for protection
      information. This way the setup is always provided by the block layer.
      
      If a request does not supply a required metadata buffer, the command
      is failed with bad address. This could only happen if a user manually
      disables verify/generate on such a disk. The only exception to where
      this is okay is if the controller is capable of stripping/generating
      the metadata, which is possible on some types of formats.
      
      The metadata scatter gather list now occupies the spot in the nvme_iod
      that used to be used to link retryable IOD's, but we don't do that
      anymore, so the field was unused.
      Signed-off-by: NKeith Busch <keith.busch@intel.com>
      e1e5e564
    • P
      cpuidle: powernv: Avoid endianness conversions while parsing DT · 70734a78
      Preeti U Murthy 提交于
      We currently read the information about idle states from the DT
      so as to populate the cpuidle table. Use those APIs to read from
      the DT that can avoid endianness conversions of the property values
      in the cpuidle driver.
      Signed-off-by: NPreeti U Murthy <preeti@linux.vnet.ibm.com>
      Acked-by: NMichael Ellerman <mpe@ellerman.id.au>
      Signed-off-by: NRafael J. Wysocki <rafael.j.wysocki@intel.com>
      70734a78
    • W
      i2c: designware-baytrail: another fixup for proper Kconfig dependencies · b4ad0510
      Wolfram Sang 提交于
      IOSF_MBI is tristate. Baytrail driver isn't.
      Reported-by: NRandy Dunlap <rdunlap@infradead.org>
      Acked-by: NDavid E. Box <david.e.box@linux.intel.com>
      Signed-off-by: NWolfram Sang <wsa@the-dreams.de>
      b4ad0510
  6. 19 2月, 2015 10 次提交