1. 21 4月, 2011 1 次提交
    • V
      agp: fix OOM and buffer overflow · b522f021
      Vasiliy Kulikov 提交于
      page_count is copied from userspace.  agp_allocate_memory() tries to
      check whether this number is too big, but doesn't take into account the
      wrap case.  Also agp_create_user_memory() doesn't check whether
      alloc_size is calculated from num_agp_pages variable without overflow.
      This may lead to allocation of too small buffer with following buffer
      overflow.
      
      Another problem in agp code is not addressed in the patch - kernel memory
      exhaustion (AGPIOC_RESERVE and AGPIOC_ALLOCATE ioctls).  It is not checked
      whether requested pid is a pid of the caller (no check in agpioc_reserve_wrap()).
      Each allocation is limited to 16KB, though, there is no per-process limit.
      This might lead to OOM situation, which is not even solved in case of the
      caller death by OOM killer - the memory is allocated for another (faked) process.
      Signed-off-by: NVasiliy Kulikov <segoon@openwall.com>
      Signed-off-by: NDave Airlie <airlied@redhat.com>
      b522f021
  2. 24 11月, 2010 2 次提交
  3. 21 9月, 2010 1 次提交
  4. 05 9月, 2010 1 次提交
  5. 15 6月, 2010 2 次提交
  6. 11 5月, 2010 1 次提交
  7. 30 3月, 2010 1 次提交
    • T
      include cleanup: Update gfp.h and slab.h includes to prepare for breaking... · 5a0e3ad6
      Tejun Heo 提交于
      include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
      
      percpu.h is included by sched.h and module.h and thus ends up being
      included when building most .c files.  percpu.h includes slab.h which
      in turn includes gfp.h making everything defined by the two files
      universally available and complicating inclusion dependencies.
      
      percpu.h -> slab.h dependency is about to be removed.  Prepare for
      this change by updating users of gfp and slab facilities include those
      headers directly instead of assuming availability.  As this conversion
      needs to touch large number of source files, the following script is
      used as the basis of conversion.
      
        http://userweb.kernel.org/~tj/misc/slabh-sweep.py
      
      The script does the followings.
      
      * Scan files for gfp and slab usages and update includes such that
        only the necessary includes are there.  ie. if only gfp is used,
        gfp.h, if slab is used, slab.h.
      
      * When the script inserts a new include, it looks at the include
        blocks and try to put the new include such that its order conforms
        to its surrounding.  It's put in the include block which contains
        core kernel includes, in the same order that the rest are ordered -
        alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
        doesn't seem to be any matching order.
      
      * If the script can't find a place to put a new include (mostly
        because the file doesn't have fitting include block), it prints out
        an error message indicating which .h file needs to be added to the
        file.
      
      The conversion was done in the following steps.
      
      1. The initial automatic conversion of all .c files updated slightly
         over 4000 files, deleting around 700 includes and adding ~480 gfp.h
         and ~3000 slab.h inclusions.  The script emitted errors for ~400
         files.
      
      2. Each error was manually checked.  Some didn't need the inclusion,
         some needed manual addition while adding it to implementation .h or
         embedding .c file was more appropriate for others.  This step added
         inclusions to around 150 files.
      
      3. The script was run again and the output was compared to the edits
         from #2 to make sure no file was left behind.
      
      4. Several build tests were done and a couple of problems were fixed.
         e.g. lib/decompress_*.c used malloc/free() wrappers around slab
         APIs requiring slab.h to be added manually.
      
      5. The script was run on all .h files but without automatically
         editing them as sprinkling gfp.h and slab.h inclusions around .h
         files could easily lead to inclusion dependency hell.  Most gfp.h
         inclusion directives were ignored as stuff from gfp.h was usually
         wildly available and often used in preprocessor macros.  Each
         slab.h inclusion directive was examined and added manually as
         necessary.
      
      6. percpu.h was updated not to include slab.h.
      
      7. Build test were done on the following configurations and failures
         were fixed.  CONFIG_GCOV_KERNEL was turned off for all tests (as my
         distributed build env didn't work with gcov compiles) and a few
         more options had to be turned off depending on archs to make things
         build (like ipr on powerpc/64 which failed due to missing writeq).
      
         * x86 and x86_64 UP and SMP allmodconfig and a custom test config.
         * powerpc and powerpc64 SMP allmodconfig
         * sparc and sparc64 SMP allmodconfig
         * ia64 SMP allmodconfig
         * s390 SMP allmodconfig
         * alpha SMP allmodconfig
         * um on x86_64 SMP allmodconfig
      
      8. percpu.h modifications were reverted so that it could be applied as
         a separate patch and serve as bisection point.
      
      Given the fact that I had only a couple of failures from tests on step
      6, I'm fairly confident about the coverage of this conversion patch.
      If there is a breakage, it's likely to be something in one of the arch
      headers which should be easily discoverable easily on most builds of
      the specific arch.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Guess-its-ok-by: NChristoph Lameter <cl@linux-foundation.org>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
      5a0e3ad6
  8. 03 8月, 2009 3 次提交
  9. 19 6月, 2009 1 次提交
  10. 20 4月, 2009 1 次提交
  11. 21 8月, 2008 3 次提交
  12. 15 8月, 2008 1 次提交
  13. 12 8月, 2008 2 次提交
  14. 26 6月, 2008 1 次提交
  15. 19 6月, 2008 3 次提交
  16. 19 2月, 2008 1 次提交
    • A
      fix historic ioremap() abuse in AGP · fcea424d
      Arjan van dev Ven 提交于
      Several AGP drivers right now use ioremap_nocache() on kernel ram in order
      to turn a page of regular memory uncached.
      
      There are two problems with this:
      
          1) This is a total nightmare for the ioremap() implementation to keep
             various mappings of the same page coherent.
      
          2) It's a total nightmare for the AGP code since it adds a ton of
             complexity in terms of keeping track of 2 different pointers to
             the same thing, in terms of error handling etc etc.
      
      This patch fixes this by making the AGP drivers use the new
      set_memory_XX APIs instead.
      
      Note: amd-k7-agp.c is built on Alpha too, and generic.c is built
      on ia64 as well, which do not yet have the set_memory_*() APIs,
      so for them some we have a few ugly #ifdefs - hopefully they'll
      be fixed soon.
      Signed-off-by: NArjan van de Ven <arjan@linux.intel.com>
      Signed-off-by: NIngo Molnar <mingo@elte.hu>
      Signed-off-by: NDave Airlie <airlied@linux.ie>
      fcea424d
  17. 05 2月, 2008 1 次提交
    • D
      agp: add chipset flushing support to AGP interface · a13af4b4
      Dave Airlie 提交于
      This bumps the AGP interface to 0.103.
      
      Certain Intel chipsets contains a global write buffer, and this can require
      flushing from the drm or X.org to make sure all data has hit RAM before
      initiating a GPU transfer, due to a lack of coherency with the integrated
      graphics device and this buffer.
      
      This just adds generic support to the AGP interfaces, a follow-on patch
      will add support to the Intel driver to use this interface.
      Signed-off-by: NDave Airlie <airlied@redhat.com>
      a13af4b4
  18. 30 1月, 2008 1 次提交
  19. 15 10月, 2007 1 次提交
  20. 27 7月, 2007 1 次提交
  21. 22 5月, 2007 1 次提交
    • A
      Detach sched.h from mm.h · e8edc6e0
      Alexey Dobriyan 提交于
      First thing mm.h does is including sched.h solely for can_do_mlock() inline
      function which has "current" dereference inside. By dealing with can_do_mlock()
      mm.h can be detached from sched.h which is good. See below, why.
      
      This patch
      a) removes unconditional inclusion of sched.h from mm.h
      b) makes can_do_mlock() normal function in mm/mlock.c
      c) exports can_do_mlock() to not break compilation
      d) adds sched.h inclusions back to files that were getting it indirectly.
      e) adds less bloated headers to some files (asm/signal.h, jiffies.h) that were
         getting them indirectly
      
      Net result is:
      a) mm.h users would get less code to open, read, preprocess, parse, ... if
         they don't need sched.h
      b) sched.h stops being dependency for significant number of files:
         on x86_64 allmodconfig touching sched.h results in recompile of 4083 files,
         after patch it's only 3744 (-8.3%).
      
      Cross-compile tested on
      
      	all arm defconfigs, all mips defconfigs, all powerpc defconfigs,
      	alpha alpha-up
      	arm
      	i386 i386-up i386-defconfig i386-allnoconfig
      	ia64 ia64-up
      	m68k
      	mips
      	parisc parisc-up
      	powerpc powerpc-up
      	s390 s390-up
      	sparc sparc-up
      	sparc64 sparc64-up
      	um-x86_64
      	x86_64 x86_64-up x86_64-defconfig x86_64-allnoconfig
      
      as well as my two usual configs.
      Signed-off-by: NAlexey Dobriyan <adobriyan@gmail.com>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      e8edc6e0
  22. 27 4月, 2007 1 次提交
  23. 23 2月, 2007 1 次提交
  24. 11 2月, 2007 1 次提交
  25. 04 2月, 2007 1 次提交
    • T
      [AGPGART] Allow drm-populated agp memory types · a030ce44
      Thomas Hellstrom 提交于
      This patch allows drm to populate an agpgart structure with pages of its own.
      It's needed for the new drm memory manager which dynamically flips pages in and out of AGP.
      
      The patch modifies the generic functions as well as the intel agp driver. The intel drm driver is
      currently the only one supporting the new memory manager.
      
      Other agp drivers may need some minor fixing up once they have a corresponding memory manager enabled drm driver.
      
      AGP memory types >= AGP_USER_TYPES are not populated by the agpgart driver, but the drm is expected
      to do that, as well as taking care of cache- and tlb flushing when needed.
      
      It's not possible to request these types from user space using agpgart ioctls.
      
      The Intel driver also gets a new memory type for pages that can be bound cached to the intel GTT.
      Signed-off-by: NThomas Hellstrom <thomas@tungstengraphics.com>
      Signed-off-by: NDave Jones <davej@redhat.com>
      a030ce44
  26. 23 12月, 2006 1 次提交
    • T
      [AGPGART] Remove unnecessary flushes when inserting and removing pages. · 5aa80c72
      Thomas Hellstrom 提交于
      This patch is to speed up flipping of pages in and out of the AGP aperture as
      needed by the new drm memory manager.
      
      A number of global cache flushes are removed as well as some PCI posting flushes.
      The following guidelines have been used:
      
      1) Memory that is only mapped uncached and that has been subject to a global
      cache flush after the mapping was changed to uncached does not need any more
      cache flushes. Neither before binding to the aperture nor after unbinding.
      
      2) Only do one PCI posting flush after a sequence of writes modifying page
      entries in the GATT.
      Signed-off-by: NThomas Hellstrom <thomas@tungstengraphics.com>
      Signed-off-by: NDave Jones <davej@redhat.com>
      5aa80c72
  27. 23 11月, 2006 1 次提交
    • L
      [AGP] Allocate AGP pages with GFP_DMA32 by default · 66c669ba
      Linus Torvalds 提交于
      Not all graphic page remappers support physical addresses over the 4GB
      mark for remapping, so while some do (the AMD64 GART always did, and I
      just fixed the i965 to do so properly), we're safest off just forcing
      GFP_DMA32 allocations to make sure graphics pages get allocated in the
      low 32-bit address space by default.
      
      AGP sub-drivers that really care, and can do better, could just choose
      to implement their own allocator (or we could add another "64-bit safe"
      default allocator for their use), but quite frankly, you're not likely
      to care in practice.
      
      So for now, this trivial change means that we won't be allocating pages
      that we can't map correctly by mistake on x86-64.
      
      [ On traditional 32-bit x86, this could never happen, because GFP_KERNEL
        would never allocate any highmem memory anyway ]
      Acked-by: NAndi Kleen <ak@suse.de>
      Acked-by: NDave Jones <davej@redhat.com>
      Cc: Eric Anholt <eric@anholt.net>
      Cc: Keith Packard <keithp@keithp.com>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      66c669ba
  28. 04 11月, 2006 1 次提交
    • D
      [AGPGART] Fix up misprogrammed bridges with incorrect AGPv2 rates. · 28af24bb
      Dave Jones 提交于
      Some dumb bridges are programmed to disobey the AGP2 spec.
      This is likely a BIOS misprogramming rather than poweron default, or
      it would be a lot more common.
      
      AGPv2 spec 6.1.9 states:
      
       "The RATE field indicates the data transfer rates supported by this
        device. A.G.P. devices must report all that apply."
      
      Fix them up as best we can.
      
      This will prevent errors like..
      
      agpgart: Found an AGP 3.5 compliant device at 0000:00:00.0.
      agpgart: req mode 1f000201 bridge_agpstat 1f000a14 vga_agpstat 2f000217.
      agpgart: Device is in legacy mode, falling back to 2.x
      agpgart: Putting AGP V2 device at 0000:00:00.0 into 0x mode
      agpgart: Putting AGP V2 device at 0000:01:00.0 into 0x mode
      agpgart: Putting AGP V2 device at 0000:01:00.1 into 0x mode
      
      https://bugs.freedesktop.org/show_bug.cgi?id=8816Signed-off-by: NDave Jones <davej@redhat.com>
      28af24bb
  29. 29 9月, 2006 1 次提交
  30. 11 9月, 2006 1 次提交
    • D
      [AGPGART] Rework AGPv3 modesetting fallback. · edf03fb0
      Dave Jones 提交于
      Sometimes the logic to handle AGPx8->AGPx4 fallback failed, as can
      be seen in https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=197346
      
      The failures occured if the bridge was in AGPx8 mode, but the
      user hadn't specified a mode in their X config.  We weren't
      setting the mode to the highest mode capable by the video card+bridge
      (as we do in the AGPv2 case), which was leading to all kinds of
      mayhem including us believing that after falling back from AGPx8, that
      we couldn't do x4 mode (which is disastrous in AGPv3, as those are
      the only two modes possible).
      Signed-off-by: NDave Jones <davej@redhat.com>
      edf03fb0
  31. 01 7月, 2006 1 次提交