1. 13 3月, 2014 11 次提交
  2. 12 3月, 2014 3 次提交
  3. 11 3月, 2014 12 次提交
  4. 10 3月, 2014 14 次提交
    • A
      get rid of fget_light() · bd2a31d5
      Al Viro 提交于
      instead of returning the flags by reference, we can just have the
      low-level primitive return those in lower bits of unsigned long,
      with struct file * derived from the rest.
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      bd2a31d5
    • A
      00e188ef
    • L
      vfs: atomic f_pos accesses as per POSIX · 9c225f26
      Linus Torvalds 提交于
      Our write() system call has always been atomic in the sense that you get
      the expected thread-safe contiguous write, but we haven't actually
      guaranteed that concurrent writes are serialized wrt f_pos accesses, so
      threads (or processes) that share a file descriptor and use "write()"
      concurrently would quite likely overwrite each others data.
      
      This violates POSIX.1-2008/SUSv4 Section XSI 2.9.7 that says:
      
       "2.9.7 Thread Interactions with Regular File Operations
      
        All of the following functions shall be atomic with respect to each
        other in the effects specified in POSIX.1-2008 when they operate on
        regular files or symbolic links: [...]"
      
      and one of the effects is the file position update.
      
      This unprotected file position behavior is not new behavior, and nobody
      has ever cared.  Until now.  Yongzhi Pan reported unexpected behavior to
      Michael Kerrisk that was due to this.
      
      This resolves the issue with a f_pos-specific lock that is taken by
      read/write/lseek on file descriptors that may be shared across threads
      or processes.
      Reported-by: NYongzhi Pan <panyongzhi@gmail.com>
      Reported-by: NMichael Kerrisk <mtk.manpages@gmail.com>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      9c225f26
    • A
      ocfs2 syncs the wrong range... · 1b56e989
      Al Viro 提交于
      Cc: stable@vger.kernel.org
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      1b56e989
    • T
      libata: use wider match for blacklisting Crucial M500 · 83493d7e
      Tejun Heo 提交于
      We're now blacklisting "Crucial_CT???M500SSD1" and
      "Crucial_CT???M500SSD3".  Also, "Micron_M500*" is blacklisted which is
      about the same devices as the crucial branded ones.  Let's merge the
      two Crucial M500 entries and widen the match to
      "Crucial_CT???M500SSD*" so that we don't have to fiddle with new
      entries for similar devices.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Suggested-by: NLinus Torvalds <torvalds@linux-foundation.org>
      Cc: stable@vger.kernel.org
      83493d7e
    • L
      Linux 3.14-rc6 · fa389e22
      Linus Torvalds 提交于
      fa389e22
    • L
      Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc · 79e61542
      Linus Torvalds 提交于
      Pull ARM SoC fixes from from Olof Johansson:
       "A collection of fixes for ARM platforms.  A little large due to us
        missing to do one last week, but there's nothing in particular here
        that is in itself large and scary.
      
        Mostly a handful of smaller fixes all over the place.  The majority is
        made up of fixes for OMAP, but there are a few for others as well.  In
        particular, there was a decision to rename a binding for the Broadcom
        pinctrl block that we need to go in before the final release since we
        then treat it as ABI"
      
      * tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
        ARM: dts: omap3-gta04: Add ti,omap36xx to compatible property to avoid problems with booting
        ARM: tegra: add LED options back into tegra_defconfig
        ARM: dts: omap3-igep: fix boot fail due wrong compatible match
        ARM: OMAP3: Fix pinctrl interrupts for core2
        pinctrl: Rename Broadcom Capri pinctrl binding
        pinctrl: refer to updated dt binding string.
        Update dtsi with new pinctrl compatible string
        ARM: OMAP: Kill warning in CPUIDLE code with !CONFIG_SMP
        ARM: OMAP2+: Add support for thumb mode on DT booted N900
        ARM: OMAP2+: clock: fix clkoutx2 with CLK_SET_RATE_PARENT
        ARM: OMAP4: hwmod: Fix SOFTRESET logic for OMAP4
        ARM: DRA7: hwmod data: correct the sysc data for spinlock
        ARM: OMAP5: PRM: Fix reboot handling
        ARM: sunxi: dt: Change the touchscreen compatibles
        ARM: sun7i: dt: Fix interrupt trigger types
      79e61542
    • L
      Merge tag 'nfs-for-3.14-5' of git://git.linux-nfs.org/projects/trondmy/linux-nfs · fe9ea91c
      Linus Torvalds 提交于
      Pull NFS client bugfixes from Trond Myklebust:
       "Highlights include:
      
         - Fix another nfs4_sequence corruptor in RELEASE_LOCKOWNER
         - Fix an Oopsable delegation callback race
         - Fix another bad stateid infinite loop
         - Fail the data server I/O is the stateid represents a lost lock
         - Fix an Oopsable sunrpc trace event"
      
      * tag 'nfs-for-3.14-5' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
        SUNRPC: Fix oops when trace sunrpc_task events in nfs client
        NFSv4: Fail the truncate() if the lock/open stateid is invalid
        NFSv4.1 Fail data server I/O if stateid represents a lost lock
        NFSv4: Fix the return value of nfs4_select_rw_stateid
        NFSv4: nfs4_stateid_is_current should return 'true' for an invalid stateid
        NFS: Fix a delegation callback race
        NFSv4: Fix another nfs4_sequence corruptor
      fe9ea91c
    • L
      Merge tag 'usb-3.14-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · cf8bf7cd
      Linus Torvalds 提交于
      Pull USB fixes from Greg KH:
       "Here are 4 USB fixes for your current tree.
      
        Two of them are reverts to hopefully resolve the nasty XHCI
        regressions we have been having on some types of devices.  The other
        two are quirks for some Logitech video devices"
      
      * tag 'usb-3.14-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
        Revert "USBNET: ax88179_178a: enable tso if usb host supports sg dma"
        Revert "xhci 1.0: Limit arbitrarily-aligned scatter gather."
        usb: Make DELAY_INIT quirk wait 100ms between Get Configuration requests
        usb: Add device quirk for Logitech HD Pro Webcams C920 and C930e
      cf8bf7cd
    • L
      Merge tag 'staging-3.15-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging · a491ce72
      Linus Torvalds 提交于
      Pull staging driver tree fix from Greg KH:
       "Here is a single staging driver fix for your tree.
      
        It resolves an issue with arbritary writes to memory if a specific
        driver is loaded"
      
      * tag 'staging-3.15-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
        staging/cxt1e1/linux.c: Correct arbitrary memory write in c4_ioctl()
      a491ce72
    • D
      KEYS: Make the keyring cycle detector ignore other keyrings of the same name · 979e0d74
      David Howells 提交于
      This fixes CVE-2014-0102.
      
      The following command sequence produces an oops:
      
      	keyctl new_session
      	i=`keyctl newring _ses @s`
      	keyctl link @s $i
      
      The problem is that search_nested_keyrings() sees two keyrings that have
      matching type and description, so keyring_compare_object() returns true.
      s_n_k() then passes the key to the iterator function -
      keyring_detect_cycle_iterator() - which *should* check to see whether this is
      the keyring of interest, not just one with the same name.
      
      Because assoc_array_find() will return one and only one match, I assumed that
      the iterator function would only see an exact match or never be called - but
      the iterator isn't only called from assoc_array_find()...
      
      The oops looks something like this:
      
      	kernel BUG at /data/fs/linux-2.6-fscache/security/keys/keyring.c:1003!
      	invalid opcode: 0000 [#1] SMP
      	...
      	RIP: keyring_detect_cycle_iterator+0xe/0x1f
      	...
      	Call Trace:
      	  search_nested_keyrings+0x76/0x2aa
      	  __key_link_check_live_key+0x50/0x5f
      	  key_link+0x4e/0x85
      	  keyctl_keyring_link+0x60/0x81
      	  SyS_keyctl+0x65/0xe4
      	  tracesys+0xdd/0xe2
      
      The fix is to make keyring_detect_cycle_iterator() check that the key it
      has is the key it was actually looking for rather than calling BUG_ON().
      
      A testcase has been included in the keyutils testsuite for this:
      
      	http://git.kernel.org/cgit/linux/kernel/git/dhowells/keyutils.git/commit/?id=891f3365d07f1996778ade0e3428f01878a1790bReported-by: NTommi Rantala <tt.rantala@gmail.com>
      Signed-off-by: NDavid Howells <dhowells@redhat.com>
      Acked-by: NJames Morris <james.l.morris@oracle.com>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      979e0d74
    • L
      Merge branch 'for-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux · 1dc3217d
      Linus Torvalds 提交于
      Pull thermal fixes from Zhang Rui:
       "Specifics:
      
         - Update the help text of INT3403 Thermal driver, which was not
           friendly to users.  From Zhang Rui.
      
         - The "type" sysfs attribute of x86_pkg_temp_thermal registered
           thermal zones includes an instance number, which makes the
           thermal-to-hwmon bridge fails to group them all in a single hwmon
           device.  Fixed by Jean Delvare.
      
         - The hwmon device registered by x86_pkg_temp_thermal driver is
           redundant because the temperature value reported by
           x86_pkg_temp_thermal is already reported by the coretemp driver.
           Fixed by Jean Delvare.
      
         - Fix a problem that the cooling device can not be updated properly
           if it is initialized at max cooling state.  From Ni Wade.
      
         - Fix a problem that OF registered thermal zones are running without
           thermal governors.  From Zhang Rui.
      
         - Commit beeb5a1e ("thermal: rcar-thermal: Enable driver
           compilation with COMPILE_TEST") broke build on archs wihout io
           memory.  Thus make it depend on HAS_IOMEM to bypass build failures.
           Fixed by Richard Weinberger"
      
      * 'for-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux:
        Thermal: thermal zone governor fix
        Thermal: Allow first update of cooling device state
        thermal,rcar_thermal: Add dependency on HAS_IOMEM
        x86_pkg_temp_thermal: Fix the thermal zone type
        x86_pkg_temp_thermal: Do not expose as a hwmon device
        Thermal: update INT3404 thermal driver help text
      1dc3217d
    • L
      Merge tag 'spi-v3.14-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi · 4aa41ba7
      Linus Torvalds 提交于
      Pull spi fixes from Mark Brown:
       "A scattering of driver specific fixes here.
      
        The fixes from Axel cover bitrot in apparently unmaintained drivers,
        the at79 bug is fixing a glitch on /CS during initialisation of some
        devices which could break some slaves and the remainder are fixes for
        recently introduced bugs from the past release cycle or so"
      
      * tag 'spi-v3.14-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi:
        spi: atmel: add missing spi_master_{resume,suspend} calls to PM callbacks
        spi: coldfire-qspi: Fix getting correct address for *mcfqspi
        spi: fsl-dspi: Fix getting correct address for master
        spi: spi-ath79: fix initial GPIO CS line setup
        spi: spi-imx: spi_imx_remove: do not disable disabled clocks
        spi-topcliff-pch: Fix probing when DMA mode is used
        spi/topcliff-pch: Fix DMA channel
      4aa41ba7
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending · 66a523db
      Linus Torvalds 提交于
      Pull SCSI target fixes from Nicholas Bellinger:
       "This series addresses a number of outstanding issues wrt to active I/O
        shutdown using iser-target.  This includes:
      
         - Fix a long standing tpg_state bug where a tpg could be referenced
           during explicit shutdown (v3.1+ stable)
         - Use list_del_init for iscsi_cmd->i_conn_node so list_empty checks
           work as expected (v3.10+ stable)
         - Fix a isert_conn->state related hung task bug + ensure outstanding
           I/O completes during session shutdown.  (v3.10+ stable)
         - Fix isert_conn->post_send_buf_count accounting for RDMA READ/WRITEs
           (v3.10+ stable)
         - Ignore FRWR completions during active I/O shutdown (v3.12+ stable)
         - Fix command leakage for interrupt coalescing during active I/O
           shutdown (v3.13+ stable)
      
        Also included is another DIF emulation fix from Sagi specific to
        v3.14-rc code"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending:
        Target/sbc: Fix sbc_copy_prot for offset scatters
        iser-target: Fix command leak for tx_desc->comp_llnode_batch
        iser-target: Ignore completions for FRWRs in isert_cq_tx_work
        iser-target: Fix post_send_buf_count for RDMA READ/WRITE
        iscsi/iser-target: Fix isert_conn->state hung shutdown issues
        iscsi/iser-target: Use list_del_init for ->i_conn_node
        iscsi-target: Fix iscsit_get_tpg_from_np tpg_state bug
      66a523db