1. 23 4月, 2012 2 次提交
    • G
      powerpc/eeh: Fix crash caused by null eeh_dev · 2ef822c5
      Gavin Shan 提交于
      The problem was reported by Anton Blanchard. While EEH error
      happened to the PCI device without the corresponding device
      driver, kernel crash was seen. Eventually, I successfully
      reproduced the problem on Firebird-L machine with utility
      "errinjct". Initially, the device driver for Emulex ethernet
      MAC has been disabled from .config and force data parity on
      the Emulex ethernet MAC with help of "errinjct". Eventually,
      I saw the kernel crash after issueing couple of "lspci -v"
      command.
      
      The root cause behind is that the PCI device, including the
      reference to the corresponding eeh device, will be removed
      from the system while EEH does recovery. Afterwards, the
      PCI device will be probed again and added into the system
      accordingly. So it's not safe to retrieve the eeh device from
      the corresponding PCI device after the PCI device has been removed
      and not added again.
      
      The patch fixes the issue and retrieve the eeh device from OF node
      instead of PCI device after the PCI device has been removed.
      Signed-off-by: NGavin Shan <shangw@linux.vnet.ibm.com>
      Tested-by: NAnton Blanchard <anton@samba.org>
      Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org>
      2ef822c5
    • B
      aec49c7c
  2. 20 4月, 2012 6 次提交
  3. 19 4月, 2012 9 次提交
  4. 18 4月, 2012 6 次提交
    • E
      fcaps: clear the same personality flags as suid when fcaps are used · d52fc5dd
      Eric Paris 提交于
      If a process increases permissions using fcaps all of the dangerous
      personality flags which are cleared for suid apps should also be cleared.
      Thus programs given priviledge with fcaps will continue to have address space
      randomization enabled even if the parent tried to disable it to make it
      easier to attack.
      Signed-off-by: NEric Paris <eparis@redhat.com>
      Reviewed-by: NSerge Hallyn <serge.hallyn@canonical.com>
      Signed-off-by: NJames Morris <james.l.morris@oracle.com>
      d52fc5dd
    • J
      mpi: Avoid using freed pointer in mpi_lshift_limbs() · 09c79b60
      Jesper Juhl 提交于
      At the start of the function we assign 'a->d' to 'ap'. Then we use the
      RESIZE_IF_NEEDED macro on 'a' - this may free 'a->d' and replace it
      with newly allocaetd storage. In that case, we'll be operating on
      freed memory further down in the function when we index into 'ap[]'.
      Since we don't actually need 'ap' until after the use of the
      RESIZE_IF_NEEDED macro we can just delay the assignment to it until
      after we've potentially resized, thus avoiding the issue.
      
      While I was there anyway I also changed the integer variable 'n' to be
      const. It might as well be since we only assign to it once and use it
      as a constant, and then the compiler will tell us if we ever assign to
      it in the future.
      Signed-off-by: NJesper Juhl <jj@chaosbits.net>
      Acked-by: NDmitry Kasatkin <dmitry.kasatkin@intel.com>
      Signed-off-by: NJames Morris <james.l.morris@oracle.com>
      09c79b60
    • C
      Smack: move label list initialization · 86812bb0
      Casey Schaufler 提交于
      A kernel with Smack enabled will fail if tmpfs has xattr support.
      
      Move the initialization of predefined Smack label
      list entries to the LSM initialization from the
      smackfs setup. This became an issue when tmpfs
      acquired xattr support, but was never correct.
      Signed-off-by: NCasey Schaufler <casey@schaufler-ca.com>
      Signed-off-by: NJames Morris <james.l.morris@oracle.com>
      86812bb0
    • L
      Merge tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 · 592fe898
      Linus Torvalds 提交于
      Pull ext4 regression fixes from Ted Ts'o:
       "This fixes a scalability problem reported by Andi Kleen and Tim Chen;
        they were quite secretive about the precise nature of their workload,
        but they later admitted that it only showed up when they were using a
        large sparse file, so the amount of data I/O that was needed was close
        to zero.
      
        I'm not sure how realistic this is and it's only a regression if you
        consider changes made since 2.6.39 to be a "regression" vis-a-vis the
        policy regarding post-merge window bug fixes, but Linus agreed it was
        worth fixing, so I'm including it in this pull request.
      
        This also fixes the journalled quota mount options, which I
        accidentally broke while I was cleaning up the mount option handling."
      
      * tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
        ext4: fix handling of journalled quota options
        ext4: address scalability issue by removing extent cache statistics
      592fe898
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · d44c6d4f
      Linus Torvalds 提交于
      Pull vfs fixes from Al Viro:
       "A bunch of endianness fixes and a couple of nfsd error value fixes.
      
        Speaking of endianness stuff, I'm rather tempted to slap
      
      	ccflags-y += -D__CHECK_ENDIAN__
      
        in fs/Makefile, if not making it default for the entire tree; nfsd
        regressions I've caught make one hell of a pile and we'd obviously
        benefit from having that kind of stuff caught earlier..."
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        lockd: fix the endianness bug
        ocfs2: ->e_leaf_clusters endianness breakage
        ocfs2: ->rl_count endianness breakage
        ocfs: ->rl_used breakage on big-endian
        ocfs2: ->l_next_free_req breakage on big-endian
        btrfs: btrfs_root_readonly() broken on big-endian
        ext4: fix endianness breakage in ext4_split_extent_at()
        nfsd: fix compose_entry_fh() failure exits
        nfsd: fix error value on allocation failure in nfsd4_decode_test_stateid()
        nfsd: fix endianness breakage in TEST_STATEID handling
        nfsd: fix error values returned by nfsd4_lockt() when nfsd_open() fails
        nfsd: fix b0rken error value for setattr on read-only mount
      d44c6d4f
    • L
      Merge git://git.samba.org/sfrench/cifs-2.6 · bc0cf58e
      Linus Torvalds 提交于
      Pull CIFS fixes from Steve French.
      
      * git://git.samba.org/sfrench/cifs-2.6:
        Fix number parsing in cifs_parse_mount_options
        Cleanup handling of NULL value passed for a mount option
      bc0cf58e
  5. 17 4月, 2012 8 次提交
  6. 16 4月, 2012 9 次提交
    • M
      x86: Handle failures of parsing immediate operands in the instruction decoder · 6c7b8e82
      Masami Hiramatsu 提交于
      This can happen if the instruction is much longer than the maximum length,
      or if insn->opnd_bytes is manually changed.
      
      This patch also fixes warnings from -Wswitch-default flag.
      Reported-by: NPrashanth Nageshappa <prashanth@linux.vnet.ibm.com>
      Signed-off-by: NMasami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Ananth N Mavinakayanahalli <ananth@in.ibm.com>
      Cc: Jim Keniston <jkenisto@linux.vnet.ibm.com>
      Cc: Linux-mm <linux-mm@kvack.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Andi Kleen <andi@firstfloor.org>
      Cc: Christoph Hellwig <hch@infradead.org>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Cc: Arnaldo Carvalho de Melo <acme@infradead.org>
      Cc: Anton Arapov <anton@redhat.com>
      Cc: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
      Cc: yrl.pp-manager.tt@hitachi.com
      Cc: Peter Zijlstra <peterz@infradead.org>
      Link: http://lkml.kernel.org/r/20120413032427.32577.42602.stgit@localhost.localdomainSigned-off-by: NIngo Molnar <mingo@kernel.org>
      6c7b8e82
    • L
      Linux 3.4-rc3 · e816b57a
      Linus Torvalds 提交于
      e816b57a
    • L
      Merge branch 'fixes' of git://git.linaro.org/people/rmk/linux-arm · 9a8e5d41
      Linus Torvalds 提交于
      Pull ARM fixes from Russell King:
       "Nothing too disasterous, the biggest thing being the removal of the
        regulator support for vcore in the AMBA driver; only one SoC was using
        this and it got broken during the last merge window, which then
        started causing problems for other people.  Mutual agreement was
        reached for it to be removed."
      
      * 'fixes' of git://git.linaro.org/people/rmk/linux-arm:
        ARM: 7386/1: jump_label: fixup for rename to static_key
        ARM: 7384/1: ThumbEE: Disable userspace TEEHBR access for !CONFIG_ARM_THUMBEE
        ARM: 7382/1: mm: truncate memory banks to fit in 4GB space for classic MMU
        ARM: 7359/2: smp_twd: Only wait for reprogramming on active cpus
        ARM: 7383/1: nommu: populate vectors page from paging_init
        ARM: 7381/1: nommu: fix typo in mm/Kconfig
        ARM: 7380/1: DT: do not add a zero-sized memory property
        ARM: 7379/1: DT: fix atags_to_fdt() second call site
        ARM: 7366/3: amba: Remove AMBA level regulator support
        ARM: 7377/1: vic: re-read status register before dispatching each IRQ handler
        ARM: 7368/1: fault.c: correct how the tsk->[maj|min]_flt gets incremented
      9a8e5d41
    • L
      x86-32: fix up strncpy_from_user() sign error · 12e993b8
      Linus Torvalds 提交于
      The 'max' range needs to be unsigned, since the size of the user address
      space is bigger than 2GB.
      
      We know that 'count' is positive in 'long' (that is checked in the
      caller), so we will truncate 'max' down to something that fits in a
      signed long, but before we actually do that, that comparison needs to be
      done in unsigned.
      
      Bug introduced in commit 92ae03f2 ("x86: merge 32/64-bit versions of
      'strncpy_from_user()' and speed it up").  On x86-64 you can't trigger
      this, since the user address space is much smaller than 63 bits, and on
      x86-32 it works in practice, since you would seldom hit the strncpy
      limits anyway.
      
      I had actually tested the corner-cases, I had only tested them on
      x86-64.  Besides, I had only worried about the case of a pointer *close*
      to the end of the address space, rather than really far away from it ;)
      
      This also changes the "we hit the user-specified maximum" to return
      'res', for the trivial reason that gcc seems to generate better code
      that way.  'res' and 'count' are the same in that case, so it really
      doesn't matter which one we return.
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      12e993b8
    • R
      ARM: 7386/1: jump_label: fixup for rename to static_key · 708e5978
      Rabin Vincent 提交于
      c5905afb ("static keys: Introduce 'struct static_key'...") renamed
      struct jump_label_key to struct static_key.  Fixup ARM for this to
      eliminate these build warnings:
      
        include/linux/jump_label.h:113:2:
        warning: passing argument 1 of 'arch_static_branch' from incompatible pointer type
        include/asm/jump_label.h:17:82:
        note: expected 'struct jump_label_key *' but argument is of type 'struct static_key *'
      Signed-off-by: NRabin Vincent <rabin@rab.in>
      Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>
      708e5978
    • J
      ARM: 7384/1: ThumbEE: Disable userspace TEEHBR access for !CONFIG_ARM_THUMBEE · 078c0454
      Jonathan Austin 提交于
      Currently when ThumbEE is not enabled (!CONFIG_ARM_THUMBEE) the ThumbEE
      register states are not saved/restored at context switch. The default state
      of the ThumbEE Ctrl register (TEECR) allows userspace accesses to the
      ThumbEE Base Handler register (TEEHBR). This can cause unexpected behaviour
      when people use ThumbEE on !CONFIG_ARM_THUMBEE kernels, as well as allowing
      covert communication - eg between userspace tasks running inside chroot
      jails.
      
      This patch sets up TEECR in order to prevent user-space access to TEEHBR
      when !CONFIG_ARM_THUMBEE. In this case, tasks are sent SIGILL if they try to
      access TEEHBR.
      
      Cc: stable@vger.kernel.org
      Reviewed-by: NWill Deacon <will.deacon@arm.com>
      Signed-off-by: NJonathan Austin <jonathan.austin@arm.com>
      Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>
      078c0454
    • W
      ARM: 7382/1: mm: truncate memory banks to fit in 4GB space for classic MMU · e5ab8580
      Will Deacon 提交于
      If a bank of memory spanning the 4GB boundary is added on a !CONFIG_LPAE
      kernel then we will hang early during boot since the memory bank will
      have wrapped around to zero.
      
      This patch truncates memory banks for !LPAE configurations when the end
      address is not representable in 32 bits.
      Acked-by: NNicolas Pitre <nico@linaro.org>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>
      e5ab8580
    • L
      ARM: 7359/2: smp_twd: Only wait for reprogramming on active cpus · 9f855503
      Linus Walleij 提交于
      During booting of cpu1, there is a short window where cpu1
      is online, but not active where cpu1 is occupied by waiting
      to become active. If cpu0 then decides to schedule something
      on cpu1 and wait for it to complete, before cpu0 has set
      cpu1 active, we have a deadlock.
      
      Typically it's this CPU frequency transition that happens at
      this time, so let's just not wait for it to happen, it will
      happen whenever the CPU eventually comes online instead.
      
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: stable@kernel.org
      Signed-off-by: NJonas Aaberg <jonas.aberg@stericsson.com>
      Reviewed-by: NRickard Andersson <rickard.andersson@stericsson.com>
      Signed-off-by: NLinus Walleij <linus.walleij@linaro.org>
      Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>
      9f855503
    • R
      PCI: Fix regression in pci_restore_state(), v3 · ebfc5b80
      Rafael J. Wysocki 提交于
      Commit 26f41062 ("PCI: check for pci bar restore completion and
      retry") attempted to address problems with PCI BAR restoration on
      systems where FLR had not been completed before pci_restore_state() was
      called, but it did that in an utterly wrong way.
      
      First off, instead of retrying the writes for the BAR registers only, it
      did that for all of the PCI config space of the device, including the
      status register (whose value after the write quite obviously need not be
      the same as the written one).  Second, it added arbitrary delay to
      pci_restore_state() even for systems where the PCI config space
      restoration was successful at first attempt.  Finally, the mdelay(10) it
      added to every iteration of the writing loop was way too much of a delay
      for any reasonable device.
      
      All of this actually caused resume failures for some devices on Mikko's
      system.
      
      To fix the regression, make pci_restore_state() only retry the writes
      for BAR registers and only wait if the first read from the register
      doesn't return the written value.  Additionaly, make it wait for 1 ms,
      instead of 10 ms, after every failing attempt to write into config
      space.
      Reported-by: NMikko Vinni <mmvinni@yahoo.com>
      Signed-off-by: NRafael J. Wysocki <rjw@sisk.pl>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      ebfc5b80