1. 07 5月, 2013 1 次提交
  2. 23 11月, 2012 1 次提交
    • J
      floppy: destroy floppy workqueue before cleaning up the queue · eac7cc52
      Jiri Kosina 提交于
      We need to first destroy the floppy_wq workqueue before cleaning up
      the queue. Otherwise we might race with still pending work with the
      workqueue, but all the block queue already gone. This might lead to
      various oopses, such as
      
       CPU 0
       Pid: 6, comm: kworker/u:0 Not tainted 3.7.0-rc4 #1 Bochs Bochs
       RIP: 0010:[<ffffffff8134eef5>]  [<ffffffff8134eef5>] blk_peek_request+0xd5/0x1c0
       RSP: 0000:ffff88000dc7dd88  EFLAGS: 00010092
       RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000000
       RDX: ffff88000f602688 RSI: ffffffff81fd95d8 RDI: 6b6b6b6b6b6b6b6b
       RBP: ffff88000dc7dd98 R08: ffffffff81fd95c8 R09: 0000000000000000
       R10: ffffffff81fd9480 R11: 0000000000000001 R12: 6b6b6b6b6b6b6b6b
       R13: ffff88000dc7dfd8 R14: ffff88000dc7dfd8 R15: 0000000000000000
       FS:  0000000000000000(0000) GS:ffffffff81e21000(0000) knlGS:0000000000000000
       CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
       CR2: 0000000000000000 CR3: 0000000001e11000 CR4: 00000000000006f0
       DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
       DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
       Process kworker/u:0 (pid: 6, threadinfo ffff88000dc7c000, task ffff88000dc5ecc0)
       Stack:
        0000000000000000 0000000000000000 ffff88000dc7ddb8 ffffffff8134efee
        ffff88000dc7ddb8 0000000000000000 ffff88000dc7dde8 ffffffff814aef3c
        ffffffff81e75d80 ffff88000dc0c640 ffff88000fbfb000 ffffffff814aed90
       Call Trace:
        [<ffffffff8134efee>] blk_fetch_request+0xe/0x30
        [<ffffffff814aef3c>] redo_fd_request+0x1ac/0x400
        [<ffffffff814aed90>] ? start_motor+0x130/0x130
        [<ffffffff8106b526>] process_one_work+0x136/0x450
        [<ffffffff8106af65>] ? manage_workers+0x205/0x2e0
        [<ffffffff8106bb6d>] worker_thread+0x14d/0x420
        [<ffffffff8106ba20>] ? rescuer_thread+0x1a0/0x1a0
        [<ffffffff8107075a>] kthread+0xba/0xc0
        [<ffffffff810706a0>] ? __kthread_parkme+0x80/0x80
        [<ffffffff818b553a>] ret_from_fork+0x7a/0xb0
        [<ffffffff810706a0>] ? __kthread_parkme+0x80/0x80
       Code: 0f 84 c0 00 00 00 83 f8 01 0f 85 e2 00 00 00 81 4b 40 00 00 80 00 48 89 df e8 58 f8 ff ff be fb ff ff ff
       fe ff ff <49> 8b 1c 24 49 39 dc 0f 85 2e ff ff ff 41 0f b6 84 24 28 04 00
       RIP  [<ffffffff8134eef5>] blk_peek_request+0xd5/0x1c0
        RSP <ffff88000dc7dd88>
      Reported-by: NFengguang Wu <fengguang.wu@intel.com>
      Tested-by: NFengguang Wu <fengguang.wu@intel.com>
      Signed-off-by: NJiri Kosina <jkosina@suse.cz>
      Signed-off-by: NJens Axboe <axboe@kernel.dk>
      eac7cc52
  3. 30 10月, 2012 5 次提交
  4. 22 8月, 2012 2 次提交
    • T
      workqueue: deprecate __cancel_delayed_work() · 136b5721
      Tejun Heo 提交于
      Now that cancel_delayed_work() can be safely called from IRQ handlers,
      there's no reason to use __cancel_delayed_work().  Use
      cancel_delayed_work() instead of __cancel_delayed_work() and mark the
      latter deprecated.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Acked-by: NJens Axboe <axboe@kernel.dk>
      Cc: Jiri Kosina <jkosina@suse.cz>
      Cc: Roland Dreier <roland@kernel.org>
      Cc: Tomi Valkeinen <tomi.valkeinen@ti.com>
      136b5721
    • T
      workqueue: use mod_delayed_work() instead of __cancel + queue · e7c2f967
      Tejun Heo 提交于
      Now that mod_delayed_work() is safe to call from IRQ handlers,
      __cancel_delayed_work() followed by queue_delayed_work() can be
      replaced with mod_delayed_work().
      
      Most conversions are straight-forward except for the following.
      
      * net/core/link_watch.c: linkwatch_schedule_work() was doing a quite
        elaborate dancing around its delayed_work.  Collapse it such that
        linkwatch_work is queued for immediate execution if LW_URGENT and
        existing timer is kept otherwise.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Tomi Valkeinen <tomi.valkeinen@ti.com> 
      e7c2f967
  5. 31 7月, 2012 1 次提交
  6. 04 7月, 2012 2 次提交
    • A
      floppy: Run floppy initialization asynchronous · 0cc15d03
      Andi Kleen 提交于
      floppy_init is quite slow, 3s on my test system to determine
      that there is no floppy. Run it asynchronous to the other
      init calls to improve boot time.
      
      [jkosina@suse.cz: fix modular build]
      Signed-off-by: NAndi Kleen <ak@linux.intel.com>
      Signed-off-by: NJiri Kosina <jkosina@suse.cz>
      0cc15d03
    • L
      floppy: cancel any pending fd_timeouts before adding a new one · dab058fd
      Linus Torvalds 提交于
      In commit 070ad7e7 ("floppy: convert to delayed work and
      single-thread wq") the 'fd_timeout' timer was converted to a delayed
      work.  However, the "del_timer(&fd_timeout)" was lost in the process,
      and any previous pending timeouts would stay active when we then
      re-queued the timeout.
      
      This resulted in the floppy probe sequence having a (stale) 20s timeout
      rather than the intended 3s timeout, and thus made booting with the
      floppy driver (but no actual floppy controller) take much longer than it
      should.
      
      Of course, there's little reason for most people to compile the floppy
      driver into the kernel at all, which is why most people never noticed.
      
      Canceling the delayed work where we used to do the del_timer() fixes the
      issue, and makes the floppy probing use the proper new timeout instead.
      The three second timeout is still very wasteful, but better than the 20s
      one.
      Reported-and-tested-by: NAndi Kleen <ak@linux.intel.com>
      Reported-and-tested-by: NCalvin Walton <calvin.walton@kepstin.ca>
      Cc: Jiri Kosina <jkosina@suse.cz>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      dab058fd
  7. 18 5月, 2012 2 次提交
    • J
      floppy: remove floppy-specific O_EXCL handling · bfa10b8c
      Jiri Kosina 提交于
      Block layer now handles O_EXCL in a generic way for block devices.
      
      The semantics is however different for floppy and all other block devices,
      as floppy driver contains its own O_EXCL handling.
      
      The semantics for all-but-floppy bdevs is "there can be at most one O_EXCL
      open of this file", while for floppy bdev the semantics is "if someone has
      the bdev open with O_EXCL, noone else can open it".
      
      There is actual userspace-observable change in behavior because of this
      since commit e525fd89 ("block: make blkdev_get/put() handle exclusive
      access") -- on kernels containing this commit, mount of /dev/fd0 causes
      the fd0 block device be claimed with _EXCL, preventing subsequent
      open(/dev/fd0).
      
      Bring things back into shape, i.e.  make it possible, analogically to
      other block devices, to mount the floppy and open() it afterwards --
      remove the floppy-specific handling and let the generic bdev code O_EXCL
      handling take over.
      Signed-off-by: NJiri Kosina <jkosina@suse.cz>
      Acked-by: NTejun Heo <tj@kernel.org>
      Acked-by: NNeilBrown <neilb@suse.de>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NJiri Kosina <jkosina@suse.cz>
      bfa10b8c
    • J
      floppy: convert to delayed work and single-thread wq · 070ad7e7
      Jiri Kosina 提交于
      There are several races in floppy driver between bottom half
      (scheduled_work) and timers (fd_timeout, fd_timer). Due to slowness
      of the actual floppy devices, those races are never (at least to my
      knowledge) triggered on a bare floppy metal. However on virtualized
      (emulated) floppy drives, which are of course magnitudes faster
      than the real ones, these races trigger reliably. They usually exhibit
      themselves as NULL pointer dereferences during DMA setup, such as
      
      	BUG: unable to handle kernel NULL pointer dereference at 0000000a
      	[ ... snip ... ]
      	EIP: 0060:[<c02053d5>] EFLAGS: 00010293 CPU: 0
      	EAX: ffffe000 EBX: 0000000a ECX: 00000000 EDX: 0000000a
      	ESI: c05d2718 EDI: 00000000 EBP: 00000000 ESP: f540fe44
      	 DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
      	Process swapper (pid: 0, ti=f540e000 task=c082d5a0 task.ti=c0826000)
      	Stack:
      	 ffffe000 00001ffc 00000000 00000000 00000000 c05d2718 c0708b40 f540fe80
      	 c020470f c05d2718 c0708b40 00000000 f540fe80 0000000a f540fee4 00000000
      	 c0708b40 f540fee4 00000000 00000000 c020526b 00000000 c05d2718 c0708b40
      	Call Trace:
      	 [<c020470f>] dump_trace+0xaf/0x110
      	 [<c020526b>] show_trace_log_lvl+0x4b/0x60
      	 [<c0205298>] show_trace+0x18/0x20
      	 [<c05c5811>] dump_stack+0x6d/0x72
      	 [<c0248527>] warn_slowpath_common+0x77/0xb0
      	 [<c02485f3>] warn_slowpath_fmt+0x33/0x40
      	 [<f7ec593c>] setup_DMA+0x14c/0x210 [floppy]
      	 [<f7ecaa95>] setup_rw_floppy+0x105/0x190 [floppy]
      	 [<c0256d08>] run_timer_softirq+0x168/0x2a0
      	 [<c024e762>] __do_softirq+0xc2/0x1c0
      	 [<c02042ed>] do_softirq+0x7d/0xb0
      	 [<f54d8a00>] 0xf54d89ff
      
      but other instances can be easily seen as well. This can be observed at least under
      VMWare, VirtualBox and KVM.
      
      This patch converts all the timers and bottom halfs to be processed in a single
      workqueue. This aproach has been already discussed back in 2010 if I remember
      correctly, and Acked by Linus [1], but it then never made it to the tree.
      
      This all is based on original idea and code of Stephen Hemminger.  I have
      ported original Stepen's code to the current state of the floppy driver, and
      performed quite some testing (on real hardware), which didn't reveal any issues
      (this includes not only writing and reading data, but also formatting
      (unfortunately I didn't find any Double-Density disks any more)). Ability to
      handle errors properly (supplying known bad floppies) has also been verified.
      
      [1] http://kerneltrap.org/mailarchive/linux-kernel/2010/6/11/4582092Based-on-patch-by: NStephen Hemminger <shemminger@vyatta.com>
      Acked-by: NLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: NJiri Kosina <jkosina@suse.cz>
      070ad7e7
  8. 30 3月, 2012 1 次提交
    • L
      x86: Remove the ancient and deprecated disable_hlt() and enable_hlt() facility · f6365201
      Len Brown 提交于
      The X86_32-only disable_hlt/enable_hlt mechanism was used by the
      32-bit floppy driver. Its effect was to replace the use of the
      HLT instruction inside default_idle() with cpu_relax() - essentially
      it turned off the use of HLT.
      
      This workaround was commented in the code as:
      
       "disable hlt during certain critical i/o operations"
      
       "This halt magic was a workaround for ancient floppy DMA
        wreckage. It should be safe to remove."
      
      H. Peter Anvin additionally adds:
      
       "To the best of my knowledge, no-hlt only existed because of
        flaky power distributions on 386/486 systems which were sold to
        run DOS.  Since DOS did no power management of any kind,
        including HLT, the power draw was fairly uniform; when exposed
        to the much hhigher noise levels you got when Linux used HLT
        caused some of these systems to fail.
      
        They were by far in the minority even back then."
      
      Alan Cox further says:
      
       "Also for the Cyrix 5510 which tended to go castors up if a HLT
        occurred during a DMA cycle and on a few other boxes HLT during
        DMA tended to go astray.
      
        Do we care ? I doubt it. The 5510 was pretty obscure, the 5520
        fixed it, the 5530 is probably the oldest still in any kind of
        use."
      
      So, let's finally drop this.
      Signed-off-by: NLen Brown <len.brown@intel.com>
      Signed-off-by: NJosh Boyer <jwboyer@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Acked-by: N"H. Peter Anvin" <hpa@zytor.com>
      Acked-by: NAlan Cox <alan@lxorguk.ukuu.org.uk>
      Cc: Stephen Hemminger <shemminger@vyatta.com
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: <stable@kernel.org>
      Link: http://lkml.kernel.org/n/tip-3rhk9bzf0x9rljkv488tloib@git.kernel.org
      [ If anyone cares then alternative instruction patching could be
        used to replace HLT with a one-byte NOP instruction. Much simpler. ]
      Signed-off-by: NIngo Molnar <mingo@kernel.org>
      f6365201
  9. 29 3月, 2012 1 次提交
  10. 06 3月, 2012 1 次提交
  11. 02 3月, 2012 1 次提交
  12. 09 2月, 2012 2 次提交
  13. 04 1月, 2012 1 次提交
  14. 21 9月, 2011 1 次提交
  15. 29 5月, 2011 1 次提交
    • L
      x86 idle floppy: deprecate disable_hlt() · 3b70b2e5
      Len Brown 提交于
      Plan to remove floppy_disable_hlt in 2012, an ancient
      workaround with comments that it should be removed.
      
      This allows us to remove clutter and a run-time branch
      from the idle code.
      
      WARN_ONCE() on invocation until it is removed.
      
      cc: x86@kernel.org
      cc: stable@kernel.org # .39.x
      Signed-off-by: NLen Brown <len.brown@intel.com>
      3b70b2e5
  16. 22 4月, 2011 1 次提交
    • T
      block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers · 9fd097b1
      Tejun Heo 提交于
      In-kernel disk event polling doesn't matter for legacy/fringe drivers
      and may lead to infinite event loop if ->check_events() implementation
      generates events on level condition instead of edge.
      
      Now that block layer supports suppressing exporting unlisted events,
      simply leaving disk->events cleared allows these drivers to keep the
      internal revalidation behavior intact while avoiding weird
      interactions with userland event handler.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Cc: Kay Sievers <kay.sievers@vrfy.org>
      Signed-off-by: NJens Axboe <jaxboe@fusionio.com>
      9fd097b1
  17. 10 3月, 2011 2 次提交
    • J
      block: remove per-queue plugging · 7eaceacc
      Jens Axboe 提交于
      Code has been converted over to the new explicit on-stack plugging,
      and delay users have been converted to use the new API for that.
      So lets kill off the old plugging along with aops->sync_page().
      Signed-off-by: NJens Axboe <jaxboe@fusionio.com>
      7eaceacc
    • T
      floppy,{ami|ata}flop: Convert to bdops->check_events() · 1a8a74f0
      Tejun Heo 提交于
      Convert the floppy drivers from ->media_changed() to ->check_events().
      Both floppy and ataflop buffer media changed state bit and clear them
      on revalidation and will behave correctly with kernel event polling.
      
      I can't tell how amiflop clears its event and it's possible that it
      may generate spurious events when polled.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Cc: Jens Axboe <axboe@kernel.dk>
      Cc: Kay Sievers <kay.sievers@vrfy.org>
      1a8a74f0
  18. 24 2月, 2011 1 次提交
    • N
      Fix over-zealous flush_disk when changing device size. · 93b270f7
      NeilBrown 提交于
      There are two cases when we call flush_disk.
      In one, the device has disappeared (check_disk_change) so any
      data will hold becomes irrelevant.
      In the oter, the device has changed size (check_disk_size_change)
      so data we hold may be irrelevant.
      
      In both cases it makes sense to discard any 'clean' buffers,
      so they will be read back from the device if needed.
      
      In the former case it makes sense to discard 'dirty' buffers
      as there will never be anywhere safe to write the data.  In the
      second case it *does*not* make sense to discard dirty buffers
      as that will lead to file system corruption when you simply enlarge
      the containing devices.
      
      flush_disk calls __invalidate_devices.
      __invalidate_device calls both invalidate_inodes and invalidate_bdev.
      
      invalidate_inodes *does* discard I_DIRTY inodes and this does lead
      to fs corruption.
      
      invalidate_bev *does*not* discard dirty pages, but I don't really care
      about that at present.
      
      So this patch adds a flag to __invalidate_device (calling it
      __invalidate_device2) to indicate whether dirty buffers should be
      killed, and this is passed to invalidate_inodes which can choose to
      skip dirty inodes.
      
      flusk_disk then passes true from check_disk_change and false from
      check_disk_size_change.
      
      dm avoids tripping over this problem by calling i_size_write directly
      rathher than using check_disk_size_change.
      
      md does use check_disk_size_change and so is affected.
      
      This regression was introduced by commit 608aeef1 which causes
      check_disk_size_change to call flush_disk, so it is suitable for any
      kernel since 2.6.27.
      
      Cc: stable@kernel.org
      Acked-by: NJeff Moyer <jmoyer@redhat.com>
      Cc: Andrew Patterson <andrew.patterson@hp.com>
      Cc: Jens Axboe <axboe@kernel.dk>
      Signed-off-by: NNeilBrown <neilb@suse.de>
      93b270f7
  19. 24 12月, 2010 1 次提交
  20. 08 11月, 2010 1 次提交
  21. 06 11月, 2010 2 次提交
    • V
      floppy: fix another use-after-free · d017bf6b
      Vivek Goyal 提交于
      While scanning the floopy code due to c093ee4f ("floppy: fix
      use-after-free in module load failure path"), I found one more instance
      of trying to access disk->queue pointer after doing put_disk() on
      gendisk.  For some reason , floppy moule still loads/unloads fine.  The
      object is probably still around with right pointer values.
      
       o There seems to be one more instance of trying to cleanup the request
         queue after we have called put_disk() on associated gendisk.
      
       o This fix is more out of code inspection.  Even without this fix for
         some reason I am able to load/unload floppy module without any
         issues.
      
       o Floppy module loads/unloads fine after the fix.
      Signed-off-by: NVivek Goyal <vgoyal@redhat.com>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      d017bf6b
    • L
      floppy: fix use-after-free in module load failure path · c093ee4f
      Linus Torvalds 提交于
      Commit 48821184 ("floppy: switch to one queue per drive instead of
      sharing a queue") introduced a use-after-free.  We do "put_disk()" on
      the disk device _before_ we then clean up the queue associated with that
      disk.
      
      Move the put_disk() down to avoid dereferencing a free'd data structure.
      
      Cc: Jens Axboe <jaxboe@fusionio.com>
      Cc: Vivek Goyal <vgoyal@redhat.com>
      Reported-and-tested-by: NRandy Dunlap <randy.dunlap@oracle.com>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      c093ee4f
  22. 05 10月, 2010 1 次提交
    • A
      block: autoconvert trivial BKL users to private mutex · 2a48fc0a
      Arnd Bergmann 提交于
      The block device drivers have all gained new lock_kernel
      calls from a recent pushdown, and some of the drivers
      were already using the BKL before.
      
      This turns the BKL into a set of per-driver mutexes.
      Still need to check whether this is safe to do.
      
      file=$1
      name=$2
      if grep -q lock_kernel ${file} ; then
          if grep -q 'include.*linux.mutex.h' ${file} ; then
                  sed -i '/include.*<linux\/smp_lock.h>/d' ${file}
          else
                  sed -i 's/include.*<linux\/smp_lock.h>.*$/include <linux\/mutex.h>/g' ${file}
          fi
          sed -i ${file} \
              -e "/^#include.*linux.mutex.h/,$ {
                      1,/^\(static\|int\|long\)/ {
                           /^\(static\|int\|long\)/istatic DEFINE_MUTEX(${name}_mutex);
      
      } }"  \
          -e "s/\(un\)*lock_kernel\>[ ]*()/mutex_\1lock(\&${name}_mutex)/g" \
          -e '/[      ]*cycle_kernel_lock();/d'
      else
          sed -i -e '/include.*\<smp_lock.h\>/d' ${file}  \
                      -e '/cycle_kernel_lock()/d'
      fi
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      2a48fc0a
  23. 22 9月, 2010 1 次提交
  24. 08 8月, 2010 7 次提交