- 05 5月, 2010 13 次提交
-
-
由 Toshiyuki Okajima 提交于
find_keyring_by_name() can gain access to a keyring that has had its reference count reduced to zero, and is thus ready to be freed. This then allows the dead keyring to be brought back into use whilst it is being destroyed. The following timeline illustrates the process: |(cleaner) (user) | | free_user(user) sys_keyctl() | | | | key_put(user->session_keyring) keyctl_get_keyring_ID() | || //=> keyring->usage = 0 | | |schedule_work(&key_cleanup_task) lookup_user_key() | || | | kmem_cache_free(,user) | | . |[KEY_SPEC_USER_KEYRING] | . install_user_keyrings() | . || | key_cleanup() [<= worker_thread()] || | | || | [spin_lock(&key_serial_lock)] |[mutex_lock(&key_user_keyr..mutex)] | | || | atomic_read() == 0 || | |{ rb_ease(&key->serial_node,) } || | | || | [spin_unlock(&key_serial_lock)] |find_keyring_by_name() | | ||| | keyring_destroy(keyring) ||[read_lock(&keyring_name_lock)] | || ||| | |[write_lock(&keyring_name_lock)] ||atomic_inc(&keyring->usage) | |. ||| *** GET freeing keyring *** | |. ||[read_unlock(&keyring_name_lock)] | || || | |list_del() |[mutex_unlock(&key_user_k..mutex)] | || | | |[write_unlock(&keyring_name_lock)] ** INVALID keyring is returned ** | | . | kmem_cache_free(,keyring) . | . | atomic_dec(&keyring->usage) v *** DESTROYED *** TIME If CONFIG_SLUB_DEBUG=y then we may see the following message generated: ============================================================================= BUG key_jar: Poison overwritten ----------------------------------------------------------------------------- INFO: 0xffff880197a7e200-0xffff880197a7e200. First byte 0x6a instead of 0x6b INFO: Allocated in key_alloc+0x10b/0x35f age=25 cpu=1 pid=5086 INFO: Freed in key_cleanup+0xd0/0xd5 age=12 cpu=1 pid=10 INFO: Slab 0xffffea000592cb90 objects=16 used=2 fp=0xffff880197a7e200 flags=0x200000000000c3 INFO: Object 0xffff880197a7e200 @offset=512 fp=0xffff880197a7e300 Bytes b4 0xffff880197a7e1f0: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZZZZZ Object 0xffff880197a7e200: 6a 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b jkkkkkkkkkkkkkkk Alternatively, we may see a system panic happen, such as: BUG: unable to handle kernel NULL pointer dereference at 0000000000000001 IP: [<ffffffff810e61a3>] kmem_cache_alloc+0x5b/0xe9 PGD 6b2b4067 PUD 6a80d067 PMD 0 Oops: 0000 [#1] SMP last sysfs file: /sys/kernel/kexec_crash_loaded CPU 1 ... Pid: 31245, comm: su Not tainted 2.6.34-rc5-nofixed-nodebug #2 D2089/PRIMERGY RIP: 0010:[<ffffffff810e61a3>] [<ffffffff810e61a3>] kmem_cache_alloc+0x5b/0xe9 RSP: 0018:ffff88006af3bd98 EFLAGS: 00010002 RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffff88007d19900b RDX: 0000000100000000 RSI: 00000000000080d0 RDI: ffffffff81828430 RBP: ffffffff81828430 R08: ffff88000a293750 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000100000 R12: 00000000000080d0 R13: 00000000000080d0 R14: 0000000000000296 R15: ffffffff810f20ce FS: 00007f97116bc700(0000) GS:ffff88000a280000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000001 CR3: 000000006a91c000 CR4: 00000000000006e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Process su (pid: 31245, threadinfo ffff88006af3a000, task ffff8800374414c0) Stack: 0000000512e0958e 0000000000008000 ffff880037f8d180 0000000000000001 0000000000000000 0000000000008001 ffff88007d199000 ffffffff810f20ce 0000000000008000 ffff88006af3be48 0000000000000024 ffffffff810face3 Call Trace: [<ffffffff810f20ce>] ? get_empty_filp+0x70/0x12f [<ffffffff810face3>] ? do_filp_open+0x145/0x590 [<ffffffff810ce208>] ? tlb_finish_mmu+0x2a/0x33 [<ffffffff810ce43c>] ? unmap_region+0xd3/0xe2 [<ffffffff810e4393>] ? virt_to_head_page+0x9/0x2d [<ffffffff81103916>] ? alloc_fd+0x69/0x10e [<ffffffff810ef4ed>] ? do_sys_open+0x56/0xfc [<ffffffff81008a02>] ? system_call_fastpath+0x16/0x1b Code: 0f 1f 44 00 00 49 89 c6 fa 66 0f 1f 44 00 00 65 4c 8b 04 25 60 e8 00 00 48 8b 45 00 49 01 c0 49 8b 18 48 85 db 74 0d 48 63 45 18 <48> 8b 04 03 49 89 00 eb 14 4c 89 f9 83 ca ff 44 89 e6 48 89 ef RIP [<ffffffff810e61a3>] kmem_cache_alloc+0x5b/0xe9 This problem is that find_keyring_by_name does not confirm that the keyring is valid before accepting it. Skipping keyrings that have been reduced to a zero count seems the way to go. To this end, use atomic_inc_not_zero() to increment the usage count and skip the candidate keyring if that returns false. The following script _may_ cause the bug to happen, but there's no guarantee as the window of opportunity is small: #!/bin/sh LOOP=100000 USER=dummy_user /bin/su -c "exit;" $USER || { /usr/sbin/adduser -m $USER; add=1; } for ((i=0; i<LOOP; i++)) do /bin/su -c "echo '$i' > /dev/null" $USER done (( add == 1 )) && /usr/sbin/userdel -r $USER exit Note that the nominated user must not be in use. An alternative way of testing this may be: for ((i=0; i<100000; i++)) do keyctl session foo /bin/true || break done >&/dev/null as that uses a keyring named "foo" rather than relying on the user and user-session named keyrings. Reported-by: NToshiyuki Okajima <toshi.okajima@jp.fujitsu.com> Signed-off-by: NDavid Howells <dhowells@redhat.com> Tested-by: NToshiyuki Okajima <toshi.okajima@jp.fujitsu.com> Acked-by: NSerge Hallyn <serue@us.ibm.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6由 Linus Torvalds 提交于
* 'drm-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6: drm/radeon/kms/legacy: only enable load detection property on DVI-I drm/radeon/kms: fix panel scaling adjusted mode setup drivers/gpu/drm/drm_sysfs.c: sysfs files error handling drivers/gpu/drm/radeon/radeon_atombios.c: range check issues gpu: vga_switcheroo, fix lock imbalance drivers/gpu/drm/drm_memory.c: fix check for end of loop drivers/gpu/drm/via/via_video.c: fix off by one issue drm/radeon/kms/agp The wrong AGP chipset can cause a NULL pointer dereference drm/radeon/kms: r300 fix CS checker to allow zbuffer-only fastfill
-
由 Linus Torvalds 提交于
Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/x86/linux-2.6-tip * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/x86/linux-2.6-tip: powernow-k8: Fix frequency reporting x86: Fix parse_reservetop() build failure on certain configs x86: Fix NULL pointer access in irq_force_complete_move() for Xen guests x86: Fix 'reservetop=' functionality
-
由 Linus Torvalds 提交于
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: KEYS: Fix RCU handling in key_gc_keyring() KEYS: Fix an RCU warning in the reading of user keys
-
由 David Howells 提交于
key_gc_keyring() needs to either hold the RCU read lock or hold the keyring semaphore if it's going to scan the keyring's list. Given that it only needs to read the key list, and it's doing so under a spinlock, the RCU read lock is the thing to use. Furthermore, the RCU check added in e7b0a61b is incorrect as holding the spinlock on key_serial_lock is not grounds for assuming a keyring's pointer list can be read safely. Instead, a simple rcu_dereference() inside of the previously mentioned RCU read lock is what we want. Reported-by: NSerge E. Hallyn <serue@us.ibm.com> Signed-off-by: NDavid Howells <dhowells@redhat.com> Acked-by: NSerge Hallyn <serue@us.ibm.com> Acked-by: N"Paul E. McKenney" <paulmck@linux.vnet.ibm.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 David Howells 提交于
Fix an RCU warning in the reading of user keys: =================================================== [ INFO: suspicious rcu_dereference_check() usage. ] --------------------------------------------------- security/keys/user_defined.c:202 invoked rcu_dereference_check() without protection! other info that might help us debug this: rcu_scheduler_active = 1, debug_locks = 0 1 lock held by keyctl/3637: #0: (&key->sem){+++++.}, at: [<ffffffff811a80ae>] keyctl_read_key+0x9c/0xcf stack backtrace: Pid: 3637, comm: keyctl Not tainted 2.6.34-rc5-cachefs #18 Call Trace: [<ffffffff81051f6c>] lockdep_rcu_dereference+0xaa/0xb2 [<ffffffff811aa55f>] user_read+0x47/0x91 [<ffffffff811a80be>] keyctl_read_key+0xac/0xcf [<ffffffff811a8a06>] sys_keyctl+0x75/0xb7 [<ffffffff81001eeb>] system_call_fastpath+0x16/0x1b Signed-off-by: NDavid Howells <dhowells@redhat.com> Acked-by: NSerge Hallyn <serue@us.ibm.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 Alex Deucher 提交于
DVI-D doesn't have analog. This matches the avivo behavior. Signed-off-by: NAlex Deucher <alexdeucher@gmail.com> Signed-off-by: NDave Airlie <airlied@redhat.com>
-
由 Alex Deucher 提交于
This should duplicate exactly what the ddx does for both legacy and avivo. Signed-off-by: NAlex Deucher <alexdeucher@gmail.com> Signed-off-by: NDave Airlie <airlied@redhat.com>
-
git://git.kernel.org/pub/scm/linux/kernel/git/jlbec/ocfs2由 Linus Torvalds 提交于
* 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jlbec/ocfs2: ocfs2: Avoid a gcc warning in ocfs2_wipe_inode(). ocfs2: Avoid direct write if we fall back to buffered I/O ocfs2_dlmfs: Fix math error when reading LVB. ocfs2: Update VFS inode's id info after reflink. ocfs2: potential ERR_PTR dereference on error paths ocfs2: Add directory entry later in ocfs2_symlink() and ocfs2_mknod() ocfs2: use OCFS2_INODE_SKIP_ORPHAN_DIR in ocfs2_mknod error path ocfs2: use OCFS2_INODE_SKIP_ORPHAN_DIR in ocfs2_symlink error path ocfs2: add OCFS2_INODE_SKIP_ORPHAN_DIR flag and honor it in the inode wipe code ocfs2: Reset status if we want to restart file extension. ocfs2: Compute metaecc for superblocks during online resize. ocfs2: Check the owner of a lockres inside the spinlock ocfs2: one more warning fix in ocfs2_file_aio_write(), v2 ocfs2_dlmfs: User DLM_* when decoding file open flags.
-
由 David Howells 提交于
The x86_64 call_rwsem_wait() treats the active state counter part of the R/W semaphore state as being 16-bit when it's actually 32-bit (it's half of the 64-bit state). It should do "decl %edx" not "decw %dx". Signed-off-by: NDavid Howells <dhowells@redhat.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging由 Linus Torvalds 提交于
* 'i2c-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging: i2c-core: Use per-adapter userspace device lists i2c: Fix probing of FSC hardware monitoring chips i2c-core: Erase pointer to clientdata on removal
-
由 Linus Torvalds 提交于
Merge branch 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: perf: Fix resource leak in failure path of perf_event_open()
-
由 Linus Torvalds 提交于
Merge branch 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: rcu: Fix RCU lockdep splat on freezer_fork path rcu: Fix RCU lockdep splat in set_task_cpu on fork path mutex: Don't spin when the owner CPU is offline or other weird cases
-
- 04 5月, 2010 16 次提交
-
-
由 Jean Delvare 提交于
Using a single list for all userspace devices leads to a dead lock on multiplexed buses in some circumstances (mux chip instantiated from userspace). This is solved by using a separate list for each bus segment. Signed-off-by: NJean Delvare <khali@linux-fr.org> Acked-by: NMichael Lawnick <ml.lawnick@gmx.de>
-
由 Jean Delvare 提交于
Some FSC hardware monitoring chips (Syleus at least) doesn't like quick writes we typically use to probe for I2C chips. Use a regular byte read instead for the address they live at (0x73). These are the only known chips living at this address on PC systems. For clarity, this fix should not be needed for kernels 2.6.30 and later, as we started instantiating the hwmon devices explicitly based on DMI data. Still, this fix is valuable in the following two cases: * Support for recent FSC chips on older kernels. The DMI-based device instantiation is more difficult to backport than the device support itself. * Case where the DMI-based device instantiation fails, whatever the reason. We fall back to probing in that case, so it should work. This fixes kernel bug #15634: https://bugzilla.kernel.org/show_bug.cgi?id=15634Signed-off-by: NJean Delvare <khali@linux-fr.org> Acked-by: NHans de Goede <hdegoede@redhat.com> Cc: stable@kernel.org
-
由 Wolfram Sang 提交于
After discovering that a lot of i2c-drivers leave the pointer to their clientdata dangling, it was decided to let the core handle this issue. It is assumed that the core may access the private data after remove() as there are no guarantees for the lifetime of such pointers anyhow (see thread starting at http://lkml.org/lkml/2010/3/21/68) Signed-off-by: NWolfram Sang <w.sang@pengutronix.de> Signed-off-by: NJean Delvare <khali@linux-fr.org>
-
由 Joel Becker 提交于
gcc warns that a variable is uninitialized. It's actually handled, but an early return fools gcc. Let's just initialize the variable to a garbage value that will crash if the usage is ever broken. Signed-off-by: NJoel Becker <joel.becker@oracle.com>
-
git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client由 Linus Torvalds 提交于
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client: ceph: remove bad auth_x kmem_cache ceph: fix lockless caps check ceph: clear dir complete, invalidate dentry on replayed rename ceph: fix direct io truncate offset ceph: discard incoming messages with bad seq # ceph: fix seq counting for skipped messages ceph: add missing #includes ceph: fix leaked spinlock during mds reconnect ceph: print more useful version info on module load ceph: fix snap realm splits ceph: clear dir complete on d_move
-
由 Sage Weil 提交于
It's useless, since our allocations are already a power of 2. And it was allocated per-instance (not globally), which caused a name collision when we tried to mount a second file system with auth_x enabled. Signed-off-by: NSage Weil <sage@newdream.net>
-
由 Sage Weil 提交于
The __ variant requires caller to hold i_lock. Signed-off-by: NSage Weil <sage@newdream.net>
-
由 Sage Weil 提交于
If a rename operation is resent to the MDS following an MDS restart, the client does not get a full reply (containing the resulting metadata) back. In that case, a ceph_rename() needs to compensate by doing anything useful that fill_inode() would have, like d_move(). It also needs to invalidate the dentry (to workaround the vfs_rename_dir() bug) and clear the dir complete flag, just like fill_trace(). Signed-off-by: NSage Weil <sage@newdream.net>
-
由 Sage Weil 提交于
truncate_inode_pages_range wants the end offset to align with the last byte in a page. Signed-off-by: NSage Weil <sage@newdream.net>
-
由 Sage Weil 提交于
We can get old message seq #'s after a tcp reconnect for stateful sessions (i.e., the MDS). If we get a higher seq #, that is an error, and we shouldn't see any bad seq #'s for stateless (mon, osd) connections. Signed-off-by: NSage Weil <sage@newdream.net>
-
由 Sage Weil 提交于
Increment in_seq even when the message is skipped for some reason. Signed-off-by: NSage Weil <sage@newdream.net>
-
由 Sage Weil 提交于
Signed-off-by: NSage Weil <sage@newdream.net>
-
由 Sage Weil 提交于
Signed-off-by: NSage Weil <sage@newdream.net>
-
由 Sage Weil 提交于
Decouple the client version from the server side. Print relevant protocol and map version info instead. Signed-off-by: NSage Weil <sage@newdream.net>
-
由 Sage Weil 提交于
The snap realm split was checking i_snap_realm, not the list_head, to determine if an inode belonged in the new realm. The check always failed, which meant we always moved the inode, corrupting the old realm's list and causing various crashes. Also wait to release old realm reference to avoid possibility of use after free. Signed-off-by: NSage Weil <sage@newdream.net>
-
由 Sage Weil 提交于
d_move() reorders the d_subdirs list, breaking the readdir result caching. Unless/until d_move preserves that ordering, clear CEPH_I_COMPLETE on rename. Signed-off-by: NSage Weil <sage@newdream.net>
-
- 03 5月, 2010 5 次提交
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog由 Linus Torvalds 提交于
* git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog: watchdog: ep93xx_wdt.c fix default timout value in MODULE_PARM_DESC string.
-
由 Ryusuke Konishi 提交于
As of 32a88aa1, __sync_filesystem() will return 0 if s_bdi is not set. And nilfs does not set s_bdi anywhere. I noticed this problem by the warning introduced by the recent commit 5129a469 ("Catch filesystem lacking s_bdi"). WARNING: at fs/super.c:959 vfs_kern_mount+0xc5/0x14e() Hardware name: PowerEdge 2850 Modules linked in: nilfs2 loop tpm_tis tpm tpm_bios video shpchp pci_hotplug output dcdbas Pid: 3773, comm: mount.nilfs2 Not tainted 2.6.34-rc6-debug #38 Call Trace: [<c1028422>] warn_slowpath_common+0x60/0x90 [<c102845f>] warn_slowpath_null+0xd/0x10 [<c1095936>] vfs_kern_mount+0xc5/0x14e [<c1095a03>] do_kern_mount+0x32/0xbd [<c10a811e>] do_mount+0x671/0x6d0 [<c1073794>] ? __get_free_pages+0x1f/0x21 [<c10a684f>] ? copy_mount_options+0x2b/0xe2 [<c107b634>] ? strndup_user+0x48/0x67 [<c10a81de>] sys_mount+0x61/0x8f [<c100280c>] sysenter_do_call+0x12/0x32 This ensures to set s_bdi for nilfs and fixes the sync silent failure. Signed-off-by: NRyusuke Konishi <konishi.ryusuke@lab.ntt.co.jp> Acked-by: NJens Axboe <jens.axboe@oracle.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Mark Langsdorf 提交于
With F10, model 10, all valid frequencies are in the ACPI _PST table. Cc: <stable@kernel.org> # 33.x 32.x Signed-off-by: NMark Langsdorf <mark.langsdorf@amd.com> LKML-Reference: <1270065406-1814-6-git-send-email-bp@amd64.org> Signed-off-by: NBorislav Petkov <borislav.petkov@amd.com> Reviewed-by: NThomas Renninger <trenn@suse.de> Signed-off-by: NH. Peter Anvin <hpa@zytor.com> Signed-off-by: NIngo Molnar <mingo@elte.hu>
-
由 Wim Van Sebroeck 提交于
The WATCHDOG_TIMEOUT macro does not exist. The default timeout value is WDT_TIMEOUT. Fix the MODULE_PARM_DESC so that the code can compile again. reported-by: NRandy Dunlap <randy.dunlap@oracle.com> Signed-off-by: NWim Van Sebroeck <wim@iguana.be>
-
由 Ingo Molnar 提交于
Commit e67a807f ("x86: Fix 'reservetop=' functionality") added a fixup_early_ioremap() call to parse_reservetop() and declared it in io.h. But asm/io.h was only included indirectly - and on some configs not at all, causing a build failure on those configs. Cc: Liang Li <liang.li@windriver.com> Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Cc: Yinghai Lu <yinghai@kernel.org> Cc: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com> Cc: Wang Chen <wangchen@cn.fujitsu.com> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Andrew Morton <akpm@linux-foundation.org> LKML-Reference: <1272621711-8683-1-git-send-email-liang.li@windriver.com> Signed-off-by: NIngo Molnar <mingo@elte.hu>
-
- 01 5月, 2010 6 次提交
-
-
由 Tejun Heo 提交于
perf_event_open() kfrees event after init failure which doesn't release all resources allocated by perf_event_alloc(). Use free_event() instead. Signed-off-by: NTejun Heo <tj@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Paul Mackerras <paulus@au1.ibm.com> Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: <stable@kernel.org> LKML-Reference: <4BDBE237.1040809@kernel.org> Signed-off-by: NIngo Molnar <mingo@elte.hu>
-
由 Prarit Bhargava 提交于
Upstream PV guests fail to boot because of a NULL pointer in irq_force_complete_move(). It is possible that xen guests have irq_desc->chip_data = NULL. Test for NULL chip_data pointer before attempting to complete an irq move. Signed-off-by: NPrarit Bhargava <prarit@redhat.com> LKML-Reference: <20100427152434.16193.49104.sendpatchset@prarit.bos.redhat.com> Acked-by: NSuresh Siddha <suresh.b.siddha@intel.com> Signed-off-by: NH. Peter Anvin <hpa@zytor.com> Cc: <stable@kernel.org> [2.6.33]
-
由 Li Dongyang 提交于
when we fall back to buffered write from direct write, we call __generic_file_aio_write() but that will end up doing direct write even we are only prepared to do buffered write because the file has the O_DIRECT flag set. This is a fix for https://bugzilla.novell.com/show_bug.cgi?id=591039 revised with Joel's comments. Signed-off-by: NLi Dongyang <lidongyang@novell.com> Acked-by: NMark Fasheh <mfasheh@suse.com> Signed-off-by: NJoel Becker <joel.becker@oracle.com>
-
由 Joel Becker 提交于
Merge branch 'skip_delete_inode' of git://git.kernel.org/pub/scm/linux/kernel/git/mfasheh/ocfs2-mark into ocfs2-fixes
-
git://ftp.linux-mips.org/pub/scm/upstream-linus由 Linus Torvalds 提交于
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus: (27 commits) MIPS: Loongson 2F: Fix of problems introduced by -mfix-loongson2f-jump MIPS: Loongson-2F: Use CONFIG_CPU_JUMP_WORKAROUNDS to control workarounds. MIPS: Loongson 2F: Enable fixups of the latest binutils MIPS: Loongson: Add CPU_LOONGSON2F_WORKAROUNDS MIPS: Kconfig: Make Broadcom SoC support naming consistent MIPS: BCM63xx: Update defconfig MIPS: oprofile: Fix breakage when CONFIG_OPROFILE=m STAGING: octeon-ethernet: Use proper phy addresses for Movidis hardware. NET: mdio-octeon: Enable the hardware before using it. I2C: Fix section mismatch errors in i2c-octeon.c MIPS: Loongson: Fix LOONGSON_ADDRWIN_CFG macro. MIPS: Loongson: Fix phys_mem_access_prot() check MIPS: Loongson: Fix find_vga_mem_init() MIPS: Loongson: Fix typo in gdium mach type string. MIPS: Use CKSEG1ADDR for uncached handler MIPS: Check for accesses beyond the end of the PGD. MIPS: Use uasm_i_ds{r,l}l_safe() instead of uasm_i_ds{r,l}l() in tlbex.c MIPS: Add uasm_i_dsrl_safe() and uasm_i_dsll_safe() to uasm. MIPS: die() does not call die notifier chain MIPS: Swarm, Littlesur: Enable PATA platform driver. ...
-
由 Wu Zhangjin 提交于
The -mfix-loongson2f-jump option provided by latest CVS binutils have fixed the out-of-order issue of Loongson-2F described in chapter 15 of the Loongson2F User Manual [1, 2], but introduced some problems. The option changes all of the jump target to "addr & 0xcfffffff" through the at($1) register, but for the reboot address of Loongson 2F 0xbfc00000 this is wrong. Avoids the problem via telling the assembler to not use the $at register. [1] Loongson2F User Manual (Chinese Version) http://www.loongson.cn/uploadfile/file/200808211 [2] English Version of Chapter 15: http://groups.google.com.hk/group/loongson-dev/msg/e0d2e220958f10a6?dmode=sourceReported-and-tested-by: NLiu Shiwei <liushiwei@gmail.com> Signed-off-by: NWu Zhangjin <wuzhangjin@gmail.com> Cc: linux-mips <linux-mips@linux-mips.org> Patchwork: http://patchwork.linux-mips.org/patch/1109/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
-