1. 02 10月, 2012 15 次提交
    • A
      rbd: handle locking inside __rbd_client_find() · 1f7ba331
      Alex Elder 提交于
      There is only caller of __rbd_client_find(), and it somewhat
      clumsily gets the appropriate lock and gets a reference to the
      existing ceph_client structure if it's found.
      
      Instead, have that function handle its own locking, and acquire the
      reference if found while it holds the lock.  Drop the underscores
      from the name because there's no need to signify anything special
      about this function.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NYehuda Sadeh <yehuda@inktank.com>
      1f7ba331
    • W
      ceph: use list_move_tail instead of list_del/list_add_tail · cc4829e5
      Wei Yongjun 提交于
      Using list_move_tail() instead of list_del() + list_add_tail().
      Signed-off-by: NWei Yongjun <yongjun_wei@trendmicro.com.cn>
      Signed-off-by: NSage Weil <sage@inktank.com>
      cc4829e5
    • A
      rbd: add new snapshots at the tail · 523f3258
      Alex Elder 提交于
      This fixes a bug that went in with this commit:
      
          commit f6e0c99092cca7be00fca4080cfc7081739ca544
          Author: Alex Elder <elder@inktank.com>
          Date:   Thu Aug 2 11:29:46 2012 -0500
          rbd: simplify __rbd_init_snaps_header()
      
      The problem is that a new rbd snapshot needs to go either after an
      existing snapshot entry, or at the *end* of an rbd device's snapshot
      list.  As originally coded, it is placed at the beginning.  This was
      based on the assumption the list would be empty (so it wouldn't
      matter), but in fact if multiple new snapshots are added to an empty
      list in one shot the list will be non-empty after the first one is
      added.
      
      This addresses http://tracker.newdream.net/issues/3063Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      523f3258
    • A
      rbd: rename block_name -> object_prefix · 843a0d08
      Alex Elder 提交于
      In the on-disk image header structure there is a field "block_name"
      which represents what we now call the "object prefix" for an rbd
      image.  Rename this field "object_prefix" to be consistent with
      modern usage.
      
      This appears to be the only remaining vestige of the use of "block"
      in symbols that represent objects in the rbd code.
      
      This addresses http://tracker.newdream.net/issues/1761Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      Reviewed-by: NDan Mick <dan.mick@inktank.com>
      843a0d08
    • I
      libceph: Fix sparse warning · 7698f2f5
      Iulius Curt 提交于
      Make ceph_monc_do_poolop() static to remove the following sparse warning:
       * net/ceph/mon_client.c:616:5: warning: symbol 'ceph_monc_do_poolop' was not
         declared. Should it be static?
      Also drops the 'ceph_monc_' prefix, now being a private function.
      Signed-off-by: NIulius Curt <icurt@ixiacom.com>
      Signed-off-by: NSage Weil <sage@inktank.com>
      7698f2f5
    • S
      libceph: remove unused monc->have_fsid · 290e3359
      Sage Weil 提交于
      This is unused; use monc->client->have_fsid.
      Signed-off-by: NSage Weil <sage@inktank.com>
      290e3359
    • A
      ceph: let path portion of mount "device" be optional · c98f533c
      Alex Elder 提交于
      A recent change to /sbin/mountall causes any trailing '/' character
      in the "device" (or fs_spec) field in /etc/fstab to be stripped.  As
      a result, an entry for a ceph mount that intends to mount the root
      of the name space ends up with now path portion, and the ceph mount
      option processing code rejects this.
      
      That is, an entry in /etc/fstab like:
          cephserver:port:/ /mnt ceph defaults 0 0
      provides to the ceph code just "cephserver:port:" as the "device,"
      and that gets rejected.
      
      Although this is a bug in /sbin/mountall, we can have the ceph mount
      code support an empty/nonexistent path, interpreting it to mean the
      root of the name space.
      
      RFC 5952 offers recommendations for how to express IPv6 addresses,
      and recommends the usage found in RFC 3986 (which specifies the
      format for URI's) for representing both IPv4 and IPv6 addresses that
      include port numbers.  (See in particular the definition of
      "authority" found in the Appendix of RFC 3986.)
      
      According to those standards, no host specification will ever
      contain a '/' character.  As a result, it is sufficient to scan a
      provided "device" from an /etc/fstab entry for the first '/'
      character, and if it's found, treat that as the beginning of the
      path.  If no '/' character is present, we can treat the entire
      string as the monitor host specification(s), and assume the path
      to be the root of the name space.  We'll still require a ':' to
      separate the host portion from the (possibly empty) path portion.
      
      This means that we can more formally define how ceph will interpret
      the "device" it's provided when processing a mount request:
      
          "device" will look like:
              <server_spec>[,<server_spec>...]:[<path>]
          where
              <server_spec> is <ip>[:<port>]
              <path> is optional, but if present must begin with '/'
      
      This addresses http://tracker.newdream.net/issues/2919Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NDan Mick <dan.mick@inktank.com>
      c98f533c
    • A
      rbd: separate reading header from decoding it · 4156d998
      Alex Elder 提交于
      Right now rbd_read_header() both reads the header object for an rbd
      image and decodes its contents.  It does this repeatedly if needed,
      in order to ensure a complete and intact header is obtained.
      
      Separate this process into two steps--reading of the raw header
      data (in new function, rbd_dev_v1_header_read()) and separately
      decoding its contents (in rbd_header_from_disk()).  As a result,
      the latter function no longer requires its allocated_snaps argument.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      4156d998
    • A
      rbd: expand rbd_dev_ondisk_valid() checks · 103a150f
      Alex Elder 提交于
      Add checks on the validity of the snap_count and snap_names_len
      field values in rbd_dev_ondisk_valid().  This eliminates the
      need to do them in rbd_header_from_disk().
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      103a150f
    • A
      rbd: return earlier in rbd_header_from_disk() · 28cb775d
      Alex Elder 提交于
      The only caller of rbd_header_from_disk() is rbd_read_header().
      It passes as allocated_snaps the number of snapshots it will
      have received from the server for the snapshot context that
      rbd_header_from_disk() is to interpret.  The first time through
      it provides 0--mainly to extract the number of snapshots from
      the snapshot context header--so that it can allocate an
      appropriately-sized buffer to receive the entire snapshot
      context from the server in a second request.
      
      rbd_header_from_disk() will not fill in the array of snapshot ids
      unless the number in the snapshot matches the number the caller
      had allocated.
      
      This patch adjusts that logic a little further to be more efficient.
      rbd_read_header() doesn't even examine the snapshot context unless
      the snapshot count (stored in header->total_snaps) matches the
      number of snapshots allocated.  So rbd_header_from_disk() doesn't
      need to allocate or fill in the snapshot context field at all in
      that case.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      28cb775d
    • A
      rbd: rearrange rbd_header_from_disk() · 6a52325f
      Alex Elder 提交于
      This just moves code around for the most part.  It was pulled out as
      a separate patch to avoid cluttering up some upcoming patches which
      are more substantive.  The point is basically to group everything
      related to initializing the snapshot context together.
      
      The only functional change is that rbd_header_from_disk() now
      ensures the (in-core) header it is passed is zero-filled.  This
      allows a simpler error handling path in rbd_header_from_disk().
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      6a52325f
    • A
      rbd: use sizeof (object) instead of sizeof (type) · d2bb24e5
      Alex Elder 提交于
      Fix a few spots in rbd_header_from_disk() to use sizeof (object)
      rather than sizeof (type).  Use a local variable to record sizes
      to shorten some lines and improve readability.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      d2bb24e5
    • A
      rbd: ensure invalid pointers are made null · d78fd7ae
      Alex Elder 提交于
      Fix a number of spots where a pointer value that is known to
      have become invalid but was not reset to null.
      
      Also, toss in a change so we use sizeof (object) rather than
      sizeof (type).
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      d78fd7ae
    • A
      rbd: make snap_names_len a u64 · 0f1d3f93
      Alex Elder 提交于
      The snap_names_len field of an rbd_image_header structure is defined
      with type size_t.  That field is used as both the source and target
      of 64-bit byte-order swapping operations though, so it's best to
      define it with type u64 instead.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      0f1d3f93
    • A
      rbd: simplify __rbd_init_snaps_header() · 35938150
      Alex Elder 提交于
      The purpose of __rbd_init_snaps_header() is to compare a new
      snapshot context with an rbd device's list of existing snapshots.
      It updates the list by adding any new snapshots or removing any
      that are not present in the new snapshot context.
      
      The code as written is a little confusing, because it traverses both
      the existing snapshot list and the set of snapshots in the snapshot
      context in reverse.  This was done based on an assumption about
      snapshots that is not true--namely that a duplicate snapshot name
      could cause an error in intepreting things if they were not
      processed in ascending order.
      
      These precautions are not necessary, because:
          - all snapshots are uniquely identified by their snapshot id
          - a new snapshot cannot be created if the rbd device has another
            snapshot with the same name
      (It is furthermore not currently possible to rename a snapshot.)
      
      This patch re-implements __rbd_init_snaps_header() so it passes
      through both the existing snapshot list and the entries in the
      snapshot context in forward order.  It still does the same thing
      as before, but I find the logic considerably easier to understand.
      
      By going forward through the names in the snapshot context, there
      is no longer a need for the rbd_prev_snap_name() helper function.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      35938150
  2. 01 10月, 2012 1 次提交
  3. 30 9月, 2012 3 次提交
    • M
      vfs: dcache: fix deadlock in tree traversal · 8110e16d
      Miklos Szeredi 提交于
      IBM reported a deadlock in select_parent().  This was found to be caused
      by taking rename_lock when already locked when restarting the tree
      traversal.
      
      There are two cases when the traversal needs to be restarted:
      
       1) concurrent d_move(); this can only happen when not already locked,
          since taking rename_lock protects against concurrent d_move().
      
       2) racing with final d_put() on child just at the moment of ascending
          to parent; rename_lock doesn't protect against this rare race, so it
          can happen when already locked.
      
      Because of case 2, we need to be able to handle restarting the traversal
      when rename_lock is already held.  This patch fixes all three callers of
      try_to_ascend().
      
      IBM reported that the deadlock is gone with this patch.
      
      [ I rewrote the patch to be smaller and just do the "goto again" if the
        lock was already held, but credit goes to Miklos for the real work.
         - Linus ]
      Signed-off-by: NMiklos Szeredi <mszeredi@suse.cz>
      Cc: Al Viro <viro@ZenIV.linux.org.uk>
      Cc: stable@vger.kernel.org
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      8110e16d
    • L
      Merge tag 'iommu-fixes-v3.6-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu · 6a3e3dbe
      Linus Torvalds 提交于
      Pull IOMMU fixes from Joerg Roedel:
       "Two small patches:
      
      	* One patch to fix the function declarations for
      	  !CONFIG_IOMMU_API. This is causing build errors
      	  in linux-next and should be fixed for v3.6.
      
      	* Another patch to fix an IOMMU group related NULL pointer
      	  dereference."
      
      * tag 'iommu-fixes-v3.6-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
        iommu/amd: Fix wrong assumption in iommu-group specific code
        iommu: static inline iommu group stub functions
      6a3e3dbe
    • L
      Merge git://git.infradead.org/users/willy/linux-nvme · 21e98932
      Linus Torvalds 提交于
      Pull NVMe driver fixes from Matthew Wilcox:
       "Now that actual hardware has been released (don't have any yet
        myself), people are starting to want some of these fixes merged."
      
      Willy doesn't have hardware? Guys...
      
      * git://git.infradead.org/users/willy/linux-nvme:
        NVMe: Cancel outstanding IOs on queue deletion
        NVMe: Free admin queue memory on initialisation failure
        NVMe: Use ida for nvme device instance
        NVMe: Fix whitespace damage in nvme_init
        NVMe: handle allocation failure in nvme_map_user_pages()
        NVMe: Fix uninitialized iod compiler warning
        NVMe: Do not set IO queue depth beyond device max
        NVMe: Set block queue max sectors
        NVMe: use namespace id for nvme_get_features
        NVMe: replace nvme_ns with nvme_dev for user admin
        NVMe: Fix nvme module init when nvme_major is set
        NVMe: Set request queue logical block size
      21e98932
  4. 29 9月, 2012 5 次提交
    • L
      mtdchar: fix offset overflow detection · 9c603e53
      Linus Torvalds 提交于
      Sasha Levin has been running trinity in a KVM tools guest, and was able
      to trigger the BUG_ON() at arch/x86/mm/pat.c:279 (verifying the range of
      the memory type).  The call trace showed that it was mtdchar_mmap() that
      created an invalid remap_pfn_range().
      
      The problem is that mtdchar_mmap() does various really odd and subtle
      things with the vma page offset etc, and uses the wrong types (and the
      wrong overflow) detection for it.
      
      For example, the page offset may well be 32-bit on a 32-bit
      architecture, but after shifting it up by PAGE_SHIFT, we need to use a
      potentially 64-bit resource_size_t to correctly hold the full value.
      
      Also, we need to check that the vma length plus offset doesn't overflow
      before we check that it is smaller than the length of the mtdmap region.
      
      This fixes things up and tries to make the code a bit easier to read.
      Reported-and-tested-by: NSasha Levin <levinsasha928@gmail.com>
      Acked-by: NSuresh Siddha <suresh.b.siddha@intel.com>
      Acked-by: NArtem Bityutskiy <dedekind1@gmail.com>
      Cc: David Woodhouse <dwmw2@infradead.org>
      Cc: linux-mtd@lists.infradead.org
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      9c603e53
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 6672d90f
      Linus Torvalds 提交于
      Pull networking fixes from David S Miller:
      
       1) Netfilter xt_limit module can use uninitialized rules, from Jan
          Engelhardt.
      
       2) Wei Yongjun has found several more spots where error pointers were
          treated as NULL/non-NULL and vice versa.
      
       3) bnx2x was converted to pci_io{,un}map() but one remaining plain
          iounmap() got missed.  From Neil Horman.
      
       4) Due to a fence-post type error in initialization of inetpeer entries
          (which is where we store the ICMP rate limiting information), we can
          erroneously drop ICMPs if the inetpeer was created right around when
          jiffies wraps.
      
          Fix from Nicolas Dichtel.
      
       5) smsc75xx resume fix from Steve Glendinnig.
      
       6) LAN87xx smsc chips need an explicit hardware init, from Marek Vasut.
      
       7) qlcnic uses msleep() with locks held, fix from Narendra K.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
        netdev: octeon: fix return value check in octeon_mgmt_init_phy()
        inetpeer: fix token initialization
        qlcnic: Fix scheduling while atomic bug
        bnx2: Clean up remaining iounmap
        net: phy: smsc: Implement PHY config_init for LAN87xx
        smsc75xx: fix resume after device reset
        netdev: pasemi: fix return value check in pasemi_mac_phy_init()
        team: fix return value check
        l2tp: fix return value check
        netfilter: xt_limit: have r->cost != 0 case work
      6672d90f
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 7596824e
      Linus Torvalds 提交于
      Pull vfs fixes from Al Viro:
       "A couple of fixes; one for automount/lazy umount race, another a
        classic "we don't protect the refcount transition to zero with the
        lock that protects looking for object in hash" kind of crap in lockd."
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        close the race in nlmsvc_free_block()
        do_add_mount()/umount -l races
      7596824e
    • L
      Merge branch 'for-linus-3.6-rc-final' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/uml · 97956605
      Linus Torvalds 提交于
      Pull UML fixes from Richard Weinberger.
      
      * 'for-linus-3.6-rc-final' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/uml:
        um: Preinclude include/linux/kern_levels.h
        um: Fix IPC on um
        um: kill thread->forking
        um: let signal_delivered() do SIGTRAP on singlestepping into handler
        um: don't leak floating point state and segment registers on execve()
        um: take cleaning singlestep to start_thread()
      97956605
    • L
      Merge tag 'dm-3.6-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-dm · c3a086e6
      Linus Torvalds 提交于
      Pull dm fixes from Alasdair G Kergon:
       "A few fixes for problems discovered during the 3.6 cycle.
      
        Of particular note, are fixes to the thin target's discard support,
        which I hope is finally working correctly; and fixes for multipath
        ioctls and device limits when there are no paths."
      
      * tag 'dm-3.6-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-dm:
        dm verity: fix overflow check
        dm thin: fix discard support for data devices
        dm thin: tidy discard support
        dm: retain table limits when swapping to new table with no devices
        dm table: clear add_random unless all devices have it set
        dm: handle requests beyond end of device instead of using BUG_ON
        dm mpath: only retry ioctl when no paths if queue_if_no_path set
        dm thin: do not set discard_zeroes_data
      c3a086e6
  5. 28 9月, 2012 16 次提交
    • A
      thp: avoid VM_BUG_ON page_count(page) false positives in __collapse_huge_page_copy · 99a1300e
      Andrea Arcangeli 提交于
      Speculative cache pagecache lookups can elevate the refcount from
      under us, so avoid the false positive. If the refcount is < 2 we'll be
      notified by a VM_BUG_ON in put_page_testzero as there are two
      put_page(src_page) in a row before returning from this function.
      Signed-off-by: NAndrea Arcangeli <aarcange@redhat.com>
      Reviewed-by: NRik van Riel <riel@redhat.com>
      Reviewed-by: NJohannes Weiner <hannes@cmpxchg.org>
      Cc: Hugh Dickins <hughd@google.com>
      Cc: Mel Gorman <mgorman@suse.de>
      Cc: Petr Holasek <pholasek@redhat.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      99a1300e
    • J
      iommu/amd: Fix wrong assumption in iommu-group specific code · 0774e392
      Joerg Roedel 提交于
      The new IOMMU groups code in the AMD IOMMU driver makes the
      assumption that there is a pci_dev struct available for all
      device-ids listed in the IVRS ACPI table. Unfortunatly this
      assumption is not true and so this code causes a NULL
      pointer dereference at boot on some systems.
      
      Fix it by making sure the given pointer is never NULL when
      passed to the group specific code. The real fix is larger
      and will be queued for v3.7.
      Reported-by: NFlorian Dazinger <florian@dazinger.net>
      Signed-off-by: NJoerg Roedel <joerg.roedel@amd.com>
      0774e392
    • W
      netdev: octeon: fix return value check in octeon_mgmt_init_phy() · df555b66
      Wei Yongjun 提交于
      In case of error, the function of_phy_connect() returns NULL
      pointer not ERR_PTR(). The IS_ERR() test in the return value
      check should be replaced with NULL test.
      
      dpatch engine is used to auto generate this patch.
      (https://github.com/weiyj/dpatch)
      Signed-off-by: NWei Yongjun <yongjun_wei@trendmicro.com.cn>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      df555b66
    • L
      Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux · 63994137
      Linus Torvalds 提交于
      Pull drm fixes from Dave Airlie:
       "The three nouveau fixes quiten unneeded dmesg spam that people are
         seeing and pondering,
      
        The udl fix stops it from trying to driver monitors that are too big,
        where we get a black screen.
      
        And a vmware memory alloc problem."
      
      * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux:
        drm/nvc0/fifo: ignore bits in PFIFO_INTR that aren't set in PFIFO_INTR_EN
        drm/udl: limit modes to the sku pixel limits.
        vmwgfx: corruption in vmw_event_fence_action_create()
        drm/nvc0/ltcg: mask off intr 0x10
        drm/nouveau: silence a debug message triggered by newer userspace
      63994137
    • L
      Merge tag 'usb-3.6-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · a31fb698
      Linus Torvalds 提交于
      Pull USB fixes from Greg Kroah-Hartman:
       "Here are two USB bugfixes for your 3.6-rc7 tree.
      
        The OHCI fix has been reported a number of times and is a regression
        from 3.5, and the patch that causes the regression was on the way to
        the -stable trees before I was reminded (again) that this fix needed
        to get to your tree soon.
      
        The host controller bugfix was reported in older kernels as being
        pretty easy to trigger, and has been tested by Red Hat and their
        customers.
      
        Both have been in the usb-next branch in the -next tree for a while
        now, I just cherry-picked them out to get to you in time for the 3.6
        release.
      
        Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>"
      
      * tag 'usb-3.6-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
        USB: Fix race condition when removing host controllers
        USB: ohci-at91: fix null pointer in ohci_hcd_at91_overcurrent_irq
      a31fb698
    • D
      ALSA: snd-usb: fix next_packet_size calls for pause case · 8dce30c8
      Daniel Mack 提交于
      Also fix the calls to next_packet_size() for the pause case. This was
      missed in 245baf98 ("ALSA: snd-usb: fix calls to next_packet_size").
      Signed-off-by: NDaniel Mack <zonque@gmail.com>
      Reviewed-by: NTakashi Iwai <tiwai@suse.de>
      Reported-and-tested-by: NChristian Tefzer <ctrefzer@gmx.de>
      Cc: stable@kernel.org
      [ Taking directly because Takashi is on vacation  - Linus ]
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      8dce30c8
    • L
      Merge tag 'asoc-3.6' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound · 9a7c5909
      Linus Torvalds 提交于
      Pull ASoC update from Mark Brown:
       "One small and obvious driver-specific fix.
      
        Takashi is on vacation now so he asked me to send directly, it's a
        pretty bad bug with low regression risk."
      
      * tag 'asoc-3.6' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound:
        ASoC: wm2000: Correct register size
      9a7c5909
    • N
      inetpeer: fix token initialization · bc9259a8
      Nicolas Dichtel 提交于
      When jiffies wraps around (for example, 5 minutes after the boot, see
      INITIAL_JIFFIES) and peer has just been created, now - peer->rate_last can be
      < XRLIM_BURST_FACTOR * timeout, so token is not set to the maximum value, thus
      some icmp packets can be unexpectedly dropped.
      
      Fix this case by initializing last_rate to 60 seconds in the past.
      Signed-off-by: NNicolas Dichtel <nicolas.dichtel@6wind.com>
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      bc9259a8
    • N
      qlcnic: Fix scheduling while atomic bug · 68b3f28c
      Narendra K 提交于
      In the device close path, 'qlcnic_fw_destroy_ctx' and
      'qlcnic_poll_rsp' call msleep. But  'qlcnic_fw_destroy_ctx' and
      'qlcnic_poll_rsp' are called with 'adapter->tx_clean_lock' spin lock
      held resulting in scheduling while atomic bug causing the following
      trace.
      
      I observed that the commit 012dc19a
      from John Fastabend addresses a similar issue in ixgbevf driver.
      Adopting the same approach used in the commit, this patch uses mdelay
      to address the issue.
      
      [79884.999115] BUG: scheduling while atomic: ip/30846/0x00000002
      [79885.005562] INFO: lockdep is turned off.
      [79885.009958] Modules linked in: qlcnic fuse nf_conntrack_netbios_ns nf_conntrack_broadcast ipt_MASQUERADE bnep bluetooth rfkill ip6table_mangle ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter ip6_tables iptable_nat nf_nat iptable_mangle ipt_REJECT nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack iptable_filter ip_tables dcdbas coretemp kvm_intel kvm iTCO_wdt ixgbe iTCO_vendor_support crc32c_intel ghash_clmulni_intel nfsd microcode sb_edac pcspkr edac_core dca bnx2x shpchp auth_rpcgss nfs_acl lpc_ich mfd_core mdio lockd libcrc32c wmi acpi_pad acpi_power_meter sunrpc uinput sd_mod sr_mod cdrom crc_t10dif ahci libahci libata megaraid_sas usb_storage dm_mirror dm_region_hash dm_log dm_mod [last unloaded: qlcnic]
      [79885.083608] Pid: 30846, comm: ip Tainted: G        W  O 3.6.0-rc7+ #1
      [79885.090805] Call Trace:
      [79885.093569]  [<ffffffff816764d8>] __schedule_bug+0x68/0x76
      [79885.099699]  [<ffffffff8168358e>] __schedule+0x99e/0xa00
      [79885.105634]  [<ffffffff81683929>] schedule+0x29/0x70
      [79885.111186]  [<ffffffff81680def>] schedule_timeout+0x16f/0x350
      [79885.117724]  [<ffffffff811afb7a>] ? init_object+0x4a/0x90
      [79885.123770]  [<ffffffff8107c190>] ? __internal_add_timer+0x140/0x140
      [79885.130873]  [<ffffffff81680fee>] schedule_timeout_uninterruptible+0x1e/0x20
      [79885.138773]  [<ffffffff8107e830>] msleep+0x20/0x30
      [79885.144159]  [<ffffffffa04c7fbf>] qlcnic_issue_cmd+0xef/0x290 [qlcnic]
      [79885.151478]  [<ffffffffa04c8265>] qlcnic_fw_cmd_destroy_rx_ctx+0x55/0x90 [qlcnic]
      [79885.159868]  [<ffffffffa04c92fd>] qlcnic_fw_destroy_ctx+0x2d/0xa0 [qlcnic]
      [79885.167576]  [<ffffffffa04bf2ed>] __qlcnic_down+0x11d/0x180 [qlcnic]
      [79885.174708]  [<ffffffffa04bf6f8>] qlcnic_close+0x18/0x20 [qlcnic]
      [79885.181547]  [<ffffffff8153b4c5>] __dev_close_many+0x95/0xe0
      [79885.187899]  [<ffffffff8153b548>] __dev_close+0x38/0x50
      [79885.193761]  [<ffffffff81545101>] __dev_change_flags+0xa1/0x180
      [79885.200419]  [<ffffffff81545298>] dev_change_flags+0x28/0x70
      [79885.206779]  [<ffffffff815531b8>] do_setlink+0x378/0xa00
      [79885.212731]  [<ffffffff81354fe1>] ? nla_parse+0x31/0xe0
      [79885.218612]  [<ffffffff815558ee>] rtnl_newlink+0x37e/0x560
      [79885.224768]  [<ffffffff812cfa19>] ? selinux_capable+0x39/0x50
      [79885.231217]  [<ffffffff812cbf98>] ? security_capable+0x18/0x20
      [79885.237765]  [<ffffffff81555114>] rtnetlink_rcv_msg+0x114/0x2f0
      [79885.244412]  [<ffffffff81551f87>] ? rtnl_lock+0x17/0x20
      [79885.250280]  [<ffffffff81551f87>] ? rtnl_lock+0x17/0x20
      [79885.256148]  [<ffffffff81555000>] ? __rtnl_unlock+0x20/0x20
      [79885.262413]  [<ffffffff81570fc1>] netlink_rcv_skb+0xa1/0xb0
      [79885.268661]  [<ffffffff81551fb5>] rtnetlink_rcv+0x25/0x40
      [79885.274727]  [<ffffffff815708bd>] netlink_unicast+0x19d/0x220
      [79885.281146]  [<ffffffff81570c45>] netlink_sendmsg+0x305/0x3f0
      [79885.287595]  [<ffffffff8152b188>] ? sock_update_classid+0x148/0x2e0
      [79885.294650]  [<ffffffff81525c2c>] sock_sendmsg+0xbc/0xf0
      [79885.300600]  [<ffffffff8152600c>] __sys_sendmsg+0x3ac/0x3c0
      [79885.306853]  [<ffffffff8109be23>] ? up_read+0x23/0x40
      [79885.312510]  [<ffffffff816896cc>] ? do_page_fault+0x2bc/0x570
      [79885.318968]  [<ffffffff81191854>] ? sys_brk+0x44/0x150
      [79885.324715]  [<ffffffff811c458c>] ? fget_light+0x24c/0x520
      [79885.330875]  [<ffffffff815286f9>] sys_sendmsg+0x49/0x90
      [79885.336707]  [<ffffffff8168e429>] system_call_fastpath+0x16/0x1b
      Signed-off-by: NNarendra K <narendra_k@dell.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      68b3f28c
    • N
      bnx2: Clean up remaining iounmap · 64f605c7
      Neil Horman 提交于
      commit c0357e97 modified bnx2 to switch from
      using ioremap/iounmap to pci_iomap/pci_iounmap.  They missed a spot in the error
      path of bnx2_init_one though.  This patch just cleans that up.
      Signed-off-by: NNeil Horman <nhorman@tuxdriver.com>
      CC: Michael Chan <mcan@broadcom.com>
      CC: "David S. Miller" <davem@davemloft.net>
      Acked-by: NMichael Chan <mchan@broadcom.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      64f605c7
    • L
      Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc · e556cb3e
      Linus Torvalds 提交于
      Pull one more arm-soc bugfix from Olof Johansson:
       "Here's a bugfix for orion5x.  Without this, PCI doesn't initialize
        properly because of too small coherent pool to cover the allocations
        needed.
      
        A similar fix has already been done on kirkwood."
      
      * tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
        ARM: Orion5x: Fix too small coherent pool.
      e556cb3e
    • L
      Merge branch 'fixes-for-3.6' of git://git.linaro.org/people/mszyprowski/linux-dma-mapping · b56adb54
      Linus Torvalds 提交于
      Pull ARM dma-mapping fix from Marek Szyprowski:
       "This patch fixes a potential memory leak in the ARM dma-mapping code."
      
      * 'fixes-for-3.6' of git://git.linaro.org/people/mszyprowski/linux-dma-mapping:
        ARM: dma-mapping: Fix potential memory leak in atomic_pool_init()
      b56adb54
    • L
      Merge tag 'gpio-fixes-v3.6' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio · 39618435
      Linus Torvalds 提交于
      Pull GPIO fix from Linus Walleij:
       "A late GPIO fix: Roland Stigge found a problem in the LPC32xx driver
        where a callback ignores one of its arguments.  It needs to go into
        stable too so sending this upstream immediately."
      
      * tag 'gpio-fixes-v3.6' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio:
        gpio-lpc32xx: Fix value handling of gpio_direction_output()
      39618435
    • L
      Merge tag 'md-3.6-fixes' of git://neil.brown.name/md · d1d4bb9c
      Linus Torvalds 提交于
      Pull two md bugfixes from NeilBrown:
       "One (missing spinlock init) was only introduced recently.  The other
        has been present as long as raid10 has been supported, so is tagged
        for -stable."
      
      * tag 'md-3.6-fixes' of git://neil.brown.name/md:
        md/raid10: fix "enough" function for detecting if array is failed.
        md/raid5: add missing spin_lock_init.
      d1d4bb9c
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-edac · 5030fcbf
      Linus Torvalds 提交于
      Pull EDAC fixes from Mauro Carvalho Chehab:
       "Three edac fixes at the memory enumeration logic:
              - i3200_edac: Fixes a regression at the memory rank size, when the
                      memorias are dual-rank;
              - i5000_edac: Fix a longstanding bug when calculating the memory
                      size: before Kernel 3.6, the memory size were right only
                      with one specific configuration;
              - sb_edac: Fixes a bug since the initial release of the driver:
                      with 16GB DIMMs, there's an overflow at the memory size,
                      causing the number of pages per dimm (an unsigned value)
                      to have the highest bit equal to 1, effectively mangling
                      the memory size.
      
        The third bug can potentially affect the error decoding logic as well."
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-edac:
        sb_edac: Avoid overflow errors at memory size calculation
        i5000: Fix the memory size calculation with 2R memories
        i3200_edac: Fix memory rank size
      5030fcbf
    • J
      trivial select_parent documentation fix · fd517909
      J. Bruce Fields 提交于
      "Search list for X" sounds like you're trying to find X on a list.
      Signed-off-by: NJ. Bruce Fields <bfields@redhat.com>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      fd517909