- 08 11月, 2014 7 次提交
-
-
由 Sudeep Holla 提交于
Many sysfs *_show function use cpu{list,mask}_scnprintf to copy cpumap to the buffer aligned to PAGE_SIZE, append '\n' and '\0' to return null terminated buffer with newline. This patch creates a new helper function cpumap_print_to_pagebuf in cpumask.h using newly added bitmap_print_to_pagebuf and consolidates most of those sysfs functions using the new helper function. Signed-off-by: NSudeep Holla <sudeep.holla@arm.com> Suggested-by: NStephen Boyd <sboyd@codeaurora.org> Tested-by: NStephen Boyd <sboyd@codeaurora.org> Acked-by: N"Rafael J. Wysocki" <rjw@rjwysocki.net> Acked-by: NBjorn Helgaas <bhelgaas@google.com> Acked-by: NPeter Zijlstra (Intel) <peterz@infradead.org> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: x86@kernel.org Cc: linux-acpi@vger.kernel.org Cc: linux-pci@vger.kernel.org Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Alex Williamson 提交于
bus_find_device_by_name() acquires a device reference which is never released. This results in an object leak, which on older kernels results in failure to release all resources of PCI devices. libvirt uses drivers_probe to re-attach devices to the host after assignment and is therefore a common trigger for this leak. Example: # cd /sys/bus/pci/ # dmesg -C # echo 1 > devices/0000\:01\:00.0/sriov_numvfs # echo 0 > devices/0000\:01\:00.0/sriov_numvfs # dmesg | grep 01:10 pci 0000:01:10.0: [8086:10ca] type 00 class 0x020000 kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_add_internal: parent: '0000:00:01.0', set: 'devices' kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_uevent_env kobject: '0000:01:10.0' (ffff8801d79cd0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0' kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_uevent_env kobject: '0000:01:10.0' (ffff8801d79cd0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0' kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_uevent_env kobject: '0000:01:10.0' (ffff8801d79cd0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0' kobject: '0000:01:10.0' (ffff8801d79cd0a8): kobject_cleanup, parent (null) kobject: '0000:01:10.0' (ffff8801d79cd0a8): calling ktype release kobject: '0000:01:10.0': free name [kobject freed as expected] # dmesg -C # echo 1 > devices/0000\:01\:00.0/sriov_numvfs # echo 0000:01:10.0 > drivers_probe # echo 0 > devices/0000\:01\:00.0/sriov_numvfs # dmesg | grep 01:10 pci 0000:01:10.0: [8086:10ca] type 00 class 0x020000 kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_add_internal: parent: '0000:00:01.0', set: 'devices' kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_uevent_env kobject: '0000:01:10.0' (ffff8801d79ce0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0' kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_uevent_env kobject: '0000:01:10.0' (ffff8801d79ce0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0' kobject: '0000:01:10.0' (ffff8801d79ce0a8): kobject_uevent_env kobject: '0000:01:10.0' (ffff8801d79ce0a8): fill_kobj_path: path = '/devices/pci0000:00/0000:00:01.0/0000:01:10.0' [no free] Signed-off-by: NAlex Williamson <alex.williamson@redhat.com> Cc: stable@vger.kernel.org Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Sergey Klyaus 提交于
bus_add_device() should be called before devtmpfs_create_node(), so when userland application opens device from devtmpfs, it wouldn't get ENODEV from kernel, because device_add() wasn't completed. Signed-off-by: NSergey Klyaus <Sergey.Klyaus@Tune-IT.Ru> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 NeilBrown 提交于
To match the previous patch which used the pre-alloc buffer for writes, this patch causes reads to use the same buffer. This is not strictly necessary as the current seq_read() will allocate on first read, so user-space can trigger the required pre-alloc. But consistency is valuable. The read function is somewhat simpler than seq_read() and, for example, does not support reading from an offset into the file: reads must be at the start of the file. As seq_read() does not use the prealloc buffer, ->seq_show is incompatible with ->prealloc and caused an EINVAL return from open(). sysfs code which calls into kernfs always chooses the correct function. As the buffer is shared with writes and other reads, the mutex is extended to cover the copy_to_user. Signed-off-by: NNeilBrown <neilb@suse.de> Reviewed-by: NTejun Heo <tj@kernel.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 NeilBrown 提交于
md/raid allows metadata management to be performed in user-space. A various times, particularly on device failure, the metadata needs to be updated before further writes can be permitted. This means that the user-space program which updates metadata much not block on writeout, and so must not allocate memory. mlockall(MCL_CURRENT|MCL_FUTURE) and pre-allocation can avoid all memory allocation issues for user-memory, but that does not help kernel memory. Several kernel objects can be pre-allocated. e.g. files opened before any writes to the array are permitted. However some kernel allocation happens in places that cannot be pre-allocated. In particular, writes to sysfs files (to tell md that it can now allow writes to the array) allocate a buffer using GFP_KERNEL. This patch allows attributes to be marked as "PREALLOC". In that case the maximal buffer is allocated when the file is opened, and then used on each write instead of allocating a new buffer. As the same buffer is now shared for all writes on the same file description, the mutex is extended to cover full use of the buffer including the copy_from_user(). The new __ATTR_PREALLOC() 'or's a new flag in to the 'mode', which is inspected by sysfs_add_file_mode_ns() to determine if the file should be marked as requiring prealloc. Despite the comment, we *do* use ->seq_show together with ->prealloc in this patch. The next patch fixes that. Signed-off-by: NNeilBrown <neilb@suse.de> Reviewed-by: NTejun Heo <tj@kernel.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Vladimir Zapolskiy 提交于
According to the user expectations common utilities like dd or sh redirection operator > should work correctly over binary files from sysfs. At the moment doing excessive write can not be completed: write(1, "\0\0\0\0\0\0\0\0", 8) = 4 write(1, "\0\0\0\0", 4) = 0 write(1, "\0\0\0\0", 4) = 0 write(1, "\0\0\0\0", 4) = 0 ... Fix the problem by returning EFBIG described in man 2 write. Signed-off-by: NVladimir Zapolskiy <vladimir_zapolskiy@mentor.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Pankaj Dubey 提交于
We will hit NULL pointer dereference if we call platform_device_register_simple or platform_device_add at very early stage. I have observed following crash when called platform_device_add from "init_irq" hook of machine_desc. This patch fixes this issue and let system handle this case gracefully instead of kernel panic. [0.000000] Unable to handle kernel NULL pointer dereference at virtual address 0000000c [0.000000] pgd = c0004000 [0.000000] [0000000c] *pgd=00000000 [0.000000] Internal error: Oops: 5 [#1] PREEMPT ARM [0.000000] Modules linked in: [0.000000] CPU: 0 PID: 0 Comm: swapper Tainted: G W 3.17.0-rc6-00198-ga1603f1-dirty #319 [0.000000] task: c05b23f0 ti: c05a8000 task.ti: c05a8000 [0.000000] PC is at kobject_namespace+0x18/0x58 [0.000000] LR is at kobject_add_internal+0x90/0x2ec [snip] [0.000000] [<c01b1df0>] (kobject_namespace) from [<c01b2338>] (kobject_add_internal+0x90/0x2ec) [0.000000] [<c01b2338>] (kobject_add_internal) from [<c01b2728>] (kobject_add+0x4c/0x98) [0.000000] [<c01b2728>] (kobject_add) from [<c0226274>] (device_add+0xe8/0x51c) [0.000000] [<c0226274>] (device_add) from [<c0229c70>] (platform_device_add+0xb4/0x214) [0.000000] [<c0229c70>] (platform_device_add) from [<c022a338>] (platform_device_register_full+0xb8/0xdc) [0.000000] [<c022a338>] (platform_device_register_full) from [<c0570214>] (exynos_init_irq+0x90/0x9c) [0.000000] [<c0570214>] (exynos_init_irq) from [<c056c18c>] (init_IRQ+0x2c/0x78) [0.000000] [<c056c18c>] (init_IRQ) from [<c0569a54>] (start_kernel+0x22c/0x378) [0.000000] [<c0569a54>] (start_kernel) from [<40008070>] (0x40008070) [0.000000] Code: e590000c e3500000 0a00000e e5903014 (e593300c) Signed-off-by: NPankaj Dubey <pankaj.dubey@samsung.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
- 07 11月, 2014 4 次提交
-
-
由 Wolfram Sang 提交于
There are calls which silently set the owner of a module. This is the preferred way [1], so avoid setting it manually. Currently, we only care about platform drivers, but there might be more calls to be added later. [1] https://lkml.org/lkml/2014/10/12/87Signed-off-by: NWolfram Sang <wsa@the-dreams.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Wolfram Sang 提交于
Since commit 9447057e ("platform_device: use a macro instead of platform_driver_register"), platform_driver_register() always overwrites the .owner field of a platform_driver with THIS_MODULE. This breaks platform_create_bundle() which uses it via platform_driver_probe() from within the platform core instead of the module init. Fix it by using a similar #define construct to obtain THIS_MODULE and pass it on later. Reported-by: NRussell King <rmk+kernel@arm.linux.org.uk> Signed-off-by: NWolfram Sang <wsa@the-dreams.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Wolfram Sang 提交于
Since commit 9447057e ("platform_device: use a macro instead of platform_driver_register"), platform_driver_register() always overwrites the .owner field of a platform_driver with THIS_MODULE. This breaks platform_driver_probe() which uses it from within the platform core instead of the module init. Fix it by using a similar #define construct to obtain THIS_MODULE and pass it on later. Reported-by: NRussell King <rmk+kernel@arm.linux.org.uk> Signed-off-by: NWolfram Sang <wsa@the-dreams.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Wolfram Sang 提交于
Commit 9447057e ("platform_device: use a macro instead of platform_driver_register") introduced a codepath which could result into drivers having no owner. This went unnoticed for months, so add a warning in case this happens again somewhere else somewhen. Signed-off-by: NWolfram Sang <wsa@the-dreams.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
- 04 11月, 2014 1 次提交
-
-
由 Greg Kroah-Hartman 提交于
Merge branch 'platform/remove_owner' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux into driver-core-next Remove all .owner fields from platform drivers
-
- 03 11月, 2014 16 次提交
-
-
由 Linus Torvalds 提交于
-
git://git.infradead.org/linux-mtd由 Linus Torvalds 提交于
Pull MTD fixes from Brian Norris: "Three main MTD fixes for 3.18: - A regression from 3.16 which was noticed in 3.17. With the restructuring of the m25p80.c driver and the SPI NOR library framework, we omitted proper listing of the SPI device IDs. This means m25p80.c wouldn't auto-load (modprobe) properly when built as a module. For now, we duplicate the device IDs into both modules. - The OMAP / ELM modules were depending on an implicit link ordering. Use deferred probing so that the new link order (in 3.18-rc) can still allow for successful probing. - Fix suspend/resume support for LH28F640BF NOR flash" * tag 'for-linus-20141102' of git://git.infradead.org/linux-mtd: mtd: cfi_cmdset_0001.c: fix resume for LH28F640BF chips mtd: omap: fix mtd devices not showing up mtd: m25p80,spi-nor: Fix module aliases for m25p80 mtd: spi-nor: make spi_nor_scan() take a chip type name, not spi_device_id mtd: m25p80: get rid of spi_get_device_id
-
git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi由 Linus Torvalds 提交于
Pull SCSI fixes from James Bottomley: "This is a set of six patches consisting of: - two MAINTAINER updates - two scsi-mq fixs for the old parallel interface (not every request is tagged and we need to set the right flags to populate the SPI tag message) - a fix for a memory leak in scatterlist traversal caused by a preallocation update in 3.17 - an ipv6 fix for cxgbi" [ The scatterlist fix also came in separately through the block layer tree ] * tag 'scsi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: MAINTAINERS: ufs - remove self MAINTAINERS: change hpsa and cciss maintainer libcxgbi : support ipv6 address host_param scsi: set REQ_QUEUE for the blk-mq case Revert "block: all blk-mq requests are tagged" lib/scatterlist: fix memory leak with scsi-mq
-
git://people.freedesktop.org/~airlied/linux由 Linus Torvalds 提交于
Pull drm fixes from Dave Airlie: "Nothing too astounding or major: radeon, i915, vmwgfx, armada and exynos. Biggest ones: - vmwgfx has one big locking regression fix - i915 has come displayport fixes - radeon has some stability and a memory alloc failure - armada and exynos have some vblank fixes" * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: (24 commits) drm/exynos: correct connector->dpms field before resuming drm/exynos: enable vblank after DPMS on drm/exynos: init kms poll at the end of initialization drm/exynos: propagate plane initialization errors drm/exynos: vidi: fix build warning drm/exynos: remove explicit encoder/connector de-initialization drm/exynos: init vblank with real number of crtcs drm/vmwgfx: Filter out modes those cannot be supported by the current VRAM size. drm/vmwgfx: Fix hash key computation drm/vmwgfx: fix lock breakage drm/i915/dp: only use training pattern 3 on platforms that support it drm/radeon: remove some buggy dead code drm/i915: Ignore VBT backlight check on Macbook 2, 1 drm/radeon: remove invalid pci id drm/radeon: dpm fixes for asrock systems radeon: clean up coding style differences in radeon_get_bios() drm/radeon: Use drm_malloc_ab instead of kmalloc_array drm/radeon/dpm: disable ulv support on SI drm/i915: Fix GMBUSFREQ on vlv/chv drm/i915: Ignore long hpds on eDP ports ...
-
git://ftp.arm.linux.org.uk/~rmk/linux-arm由 Linus Torvalds 提交于
Pull ARM fixes from Russell King: - add the new bpf syscall to ARM. - drop a redundant return statement in __iommu_alloc_remap() - fix a performance issue noticed by Thomas Petazzoni with kmap_atomic(). - fix an issue with the L2 cache OF parsing code which caused it to incorrectly print warnings on each boot, and make the warning text more consistent with the rest of the code * 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm: ARM: 8180/1: mm: implement no-highmem fast path in kmap_atomic_pfn() ARM: 8183/1: l2c: Improve l2c310_of_parse() error message ARM: 8181/1: Drop extra return statement ARM: 8182/1: l2c: Make l2x0_cache_size_of_parse() return 'int' ARM: enable bpf syscall
-
git://git.kernel.org/pub/scm/virt/kvm/kvm由 Linus Torvalds 提交于
Pull kvm fixes from Paolo Bonzini: "A small set of x86 fixes. The most serious is an SRCU lockdep fix. A bit late - needed some time to test the SRCU fix, which only came in on Friday" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: KVM: vmx: defer load of APIC access page address during reset KVM: nVMX: Disable preemption while reading from shadow VMCS KVM: x86: Fix far-jump to non-canonical check KVM: emulator: fix execution close to the segment limit KVM: emulator: fix error code for __linearize
-
由 Dave Airlie 提交于
Merge branch 'exynos-drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos into drm-fixes This pull-request includes some bug fixes and code cleanups. Especially, this fixes the bind failure issue occurred when it tries to re-bind Exynos drm driver after unbound, and the modetest failure issue incurred by not having a pair to vblank on and off requests. * 'exynos-drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos: drm/exynos: correct connector->dpms field before resuming drm/exynos: enable vblank after DPMS on drm/exynos: init kms poll at the end of initialization drm/exynos: propagate plane initialization errors drm/exynos: vidi: fix build warning drm/exynos: remove explicit encoder/connector de-initialization drm/exynos: init vblank with real number of crtcs
-
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs由 Linus Torvalds 提交于
Pull VFS fixes from Al Viro: "A bunch of assorted fixes, most of them followups to overlayfs merge" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: ovl: initialize ->is_cursor Return short read or 0 at end of a raw device, not EIO isofs: don't bother with ->d_op for normal case isofs_cmp(): we'll never see a dentry for . or .. overlayfs: fix lockdep misannotation ovl: fix check for cursor overlayfs: barriers for opening upper-layer directory rcu: Provide counterpart to rcu_dereference() for non-RCU situations staging: android: logger: Fix log corruption regression
-
由 Linus Torvalds 提交于
The sk_prot is irda's own set of protocol handlers, so irda should statically know what that function is anyway, without using an indirect pointer. And as it happens, we know *exactly* what that pointer is statically: it's NULL, because irda doesn't define a disconnect operation. So calling that function is doubly wrong, and will just cause an oops. Reported-by: NMartin Lang <mlg.hessigheim@gmail.com> Cc: Samuel Ortiz <samuel@sortiz.org> Cc: David Miller <davem@davemloft.net> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Andrzej Hajda 提交于
During system suspend after connector switch off its dpms field is set to connector previous dpms state. To properly resume dpms field should be set to its actual state (off) before resuming to previous dpms state. Signed-off-by: NAndrzej Hajda <a.hajda@samsung.com> Signed-off-by: NInki Dae <inki.dae@samsung.com>
-
由 Andrzej Hajda 提交于
Before DPMS off driver disables vblank. It should be balanced by vblank enable after DPMS on. The patch fixes issue with page_flip ioctl not being able to acquire vblank counter introduced by patch: drm: Always reject drm_vblank_get() after drm_vblank_off() Signed-off-by: NAndrzej Hajda <a.hajda@samsung.com> Signed-off-by: NInki Dae <inki.dae@samsung.com>
-
由 Andrzej Hajda 提交于
HPD events can be generated by components even if drm_dev is not fully initialized, to skip such events kms poll initialization should be performed at the end of load callback followed directly by forced connection detection. Signed-off-by: NAndrzej Hajda <a.hajda@samsung.com> Signed-off-by: NInki Dae <inki.dae@samsung.com>
-
由 Andrzej Hajda 提交于
In case of error during plane initialization load callback incorrectly return success, this patch fixes it. Signed-off-by: NAndrzej Hajda <a.hajda@samsung.com> Signed-off-by: NInki Dae <inki.dae@samsung.com>
-
由 Inki Dae 提交于
encoder object isn't used anymore so remove it. Signed-off-by: NInki Dae <inki.dae@samsung.com>
-
由 Andrzej Hajda 提交于
All KMS objects are destroyed by drm_mode_config_cleanup in proper order so component drivers should not care about it. Signed-off-by: NAndrzej Hajda <a.hajda@samsung.com> Signed-off-by: NInki Dae <inki.dae@samsung.com>
-
由 Andrzej Hajda 提交于
Initialization of vblank with MAX_CRTC caused attempts to disabling vblanks for non-existing crtcs in case drm used fewer crtcs. The patch fixes it. Signed-off-by: NAndrzej Hajda <a.hajda@samsung.com> Signed-off-by: NInki Dae <inki.dae@samsung.com>
-
- 02 11月, 2014 7 次提交
-
-
由 Paolo Bonzini 提交于
Most call paths to vmx_vcpu_reset do not hold the SRCU lock. Defer loading the APIC access page to the next vmentry. This avoids the following lockdep splat: [ INFO: suspicious RCU usage. ] 3.18.0-rc2-test2+ #70 Not tainted ------------------------------- include/linux/kvm_host.h:474 suspicious rcu_dereference_check() usage! other info that might help us debug this: rcu_scheduler_active = 1, debug_locks = 0 1 lock held by qemu-system-x86/2371: #0: (&vcpu->mutex){+.+...}, at: [<ffffffffa037d800>] vcpu_load+0x20/0xd0 [kvm] stack backtrace: CPU: 4 PID: 2371 Comm: qemu-system-x86 Not tainted 3.18.0-rc2-test2+ #70 Hardware name: Dell Inc. OptiPlex 9010/0M9KCM, BIOS A12 01/10/2013 0000000000000001 ffff880209983ca8 ffffffff816f514f 0000000000000000 ffff8802099b8990 ffff880209983cd8 ffffffff810bd687 00000000000fee00 ffff880208a2c000 ffff880208a10000 ffff88020ef50040 ffff880209983d08 Call Trace: [<ffffffff816f514f>] dump_stack+0x4e/0x71 [<ffffffff810bd687>] lockdep_rcu_suspicious+0xe7/0x120 [<ffffffffa037d055>] gfn_to_memslot+0xd5/0xe0 [kvm] [<ffffffffa03807d3>] __gfn_to_pfn+0x33/0x60 [kvm] [<ffffffffa0380885>] gfn_to_page+0x25/0x90 [kvm] [<ffffffffa038aeec>] kvm_vcpu_reload_apic_access_page+0x3c/0x80 [kvm] [<ffffffffa08f0a9c>] vmx_vcpu_reset+0x20c/0x460 [kvm_intel] [<ffffffffa039ab8e>] kvm_vcpu_reset+0x15e/0x1b0 [kvm] [<ffffffffa039ac0c>] kvm_arch_vcpu_setup+0x2c/0x50 [kvm] [<ffffffffa037f7e0>] kvm_vm_ioctl+0x1d0/0x780 [kvm] [<ffffffff810bc664>] ? __lock_is_held+0x54/0x80 [<ffffffff812231f0>] do_vfs_ioctl+0x300/0x520 [<ffffffff8122ee45>] ? __fget+0x5/0x250 [<ffffffff8122f0fa>] ? __fget_light+0x2a/0xe0 [<ffffffff81223491>] SyS_ioctl+0x81/0xa0 [<ffffffff816fed6d>] system_call_fastpath+0x16/0x1b Reported-by: NTakashi Iwai <tiwai@suse.de> Reported-by: NAlexei Starovoitov <alexei.starovoitov@gmail.com> Reviewed-by: NWanpeng Li <wanpeng.li@linux.intel.com> Tested-by: NWanpeng Li <wanpeng.li@linux.intel.com> Fixes: 38b99173Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Jan Kiszka 提交于
In order to access the shadow VMCS, we need to load it. At this point, vmx->loaded_vmcs->vmcs and the actually loaded one start to differ. If we now get preempted by Linux, vmx_vcpu_put and, on return, the vmx_vcpu_load will work against the wrong vmcs. That can cause copy_shadow_to_vmcs12 to corrupt the vmcs12 state. Fix the issue by disabling preemption during the copy operation. copy_vmcs12_to_shadow is safe from this issue as it is executed by vmx_vcpu_run when preemption is already disabled before vmentry. This bug is exposed by running Jailhouse within KVM on CPUs with shadow VMCS support. Jailhouse never expects an interrupt pending vmexit, but the bug can cause it if, after copy_shadow_to_vmcs12 is preempted, the active VMCS happens to have the virtual interrupt pending flag set in the CPU-based execution controls. Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Nadav Amit 提交于
Commit d1442d85 ("KVM: x86: Handle errors when RIP is set during far jumps") introduced a bug that caused the fix to be incomplete. Due to incorrect evaluation, far jump to segment with L bit cleared (i.e., 32-bit segment) and RIP with any of the high bits set (i.e, RIP[63:32] != 0) set may not trigger #GP. As we know, this imposes a security problem. In addition, the condition for two warnings was incorrect. Fixes: d1442d85Reported-by: NDan Carpenter <dan.carpenter@oracle.com> Signed-off-by: NNadav Amit <namit@cs.technion.ac.il> [Add #ifdef CONFIG_X86_64 to avoid complaints of undefined behavior. - Paolo] Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
git://people.freedesktop.org/~thomash/linux由 Dave Airlie 提交于
A critical 3.18 regression fix from Rob, (thanks!) A fix to avoid advertizing modes we can't support from Sinclair (welcome Sinclair!) and a fix for an incorrect hash key computation from me that is completely harmless, but can wait 'til the next merge window if necessary. (I can't really bother stable with this one). * 'vmwgfx-fixes-3.18' of git://people.freedesktop.org/~thomash/linux: drm/vmwgfx: Filter out modes those cannot be supported by the current VRAM size. drm/vmwgfx: Fix hash key computation drm/vmwgfx: fix lock breakage
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging由 Linus Torvalds 提交于
Pull staging fixes from Greg KH: "Here are some staging driver fixes for 3.18-rc3. Mostly iio and comedi driver fixes for issues reported by people. All of these have been in linux-next for a while with no reported issues" * tag 'staging-3.18-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: staging: comedi: fix memory leak / bad pointer freeing for chanlist staging: comedi: Kconfig: fix config COMEDI_ADDI_APCI_3120 dependants staging: comedi: widen subdevice number argument in ioctl handlers staging: rtl8723au: Fix alignment of mac_addr for ether_addr_copy() usage drivers/staging/comedi/Kconfig: Let COMEDI_II_PCI20KC depend on HAS_IOMEM staging: comedi: (regression) channel list must be set for COMEDI_CMD ioctl iio: adc: mxs-lradc: Disable the clock on probe failure iio: st_sensors: Fix buffer copy staging:iio:ad5933: Drop "raw" from channel names staging:iio:ad5933: Fix NULL pointer deref when enabling buffer
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb由 Linus Torvalds 提交于
Pull USB fixes from Greg KH: "Here are a bunch of USB fixes for 3.18-rc3. Mostly usb-serial device ids and gadget fixes for issues that have been reported. Full details are in the shortlog. All of these have been in linux-next for a while" * tag 'usb-3.18-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (42 commits) usb: chipidea: Fix oops when removing the ci_hdrc module usb: gadget: function: Fixed the return value on error path usb: dwc2: gadget: disable phy before turning off power regulators usb: gadget: function: Remove redundant usb_free_all_descriptors usb: dwc3: gadget: Properly initialize LINK TRB usb: dwc2: gadget: fix gadget unregistration in udc_stop() function usb: dwc2: Bits in bitfield should add up to 32 usb: dwc2: gadget: sparse warning of context imbalance usb: gadget: udc: core: fix kernel oops with soft-connect usb: musb: musb_dsps: fix NULL pointer in suspend usb: musb: dsps: start OTG timer on resume again usb: gadget: loopback: don't queue requests to bogus endpoints usb: ffs: fix regression when quirk_ep_out_aligned_size flag is set usb: gadget: f_fs: remove redundant ffs_data_get() usb: gadget: udc: USB_GADGET_XILINX should depend on HAS_DMA Revert "usb: dwc3: dwc3-omap: Disable/Enable only wrapper interrupts in prepare/complete" usb: gadget: composite: enable BESL support usb: musb: cppi41: restart hrtimer only if not yet done usb: dwc3: ep0: fix Data Phase for transfer sizes aligned to wMaxPacketSize usb: serial: ftdi_sio: add "bricked" FTDI device PID ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs由 Linus Torvalds 提交于
Pull btrfs fixes from Chris Mason: "Filipe is nailing down some problems with our skinny extent variation, and Dave's patch fixes endian problems in the new super block checks" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: Btrfs: fix race that makes btrfs_lookup_extent_info miss skinny extent items Btrfs: properly clean up btrfs_end_io_wq_cache Btrfs: fix invalid leaf slot access in btrfs_lookup_extent() btrfs: use macro accessors in superblock validation checks
-
- 01 11月, 2014 5 次提交
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input由 Linus Torvalds 提交于
Pull input updates from Dmitry Torokhov: "A bunch of fixes for minor defects reported by Coverity, a few driver fixups and revert of i8042.nomux change so that we are once again enable active MUX mode if box claims to support it" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Revert "Input: i8042 - disable active multiplexing by default" Input: altera_ps2 - use correct type for irq return value Input: altera_ps2 - write to correct register when disabling interrupts Input: max77693-haptic - fix potential overflow Input: psmouse - remove unneeded check in psmouse_reconnect() Input: vsxxxaa - fix code dropping bytes from queue Input: ims-pcu - fix dead code in ims_pcu_ofn_reg_addr_store() Input: opencores-kbd - fix error handling Input: wm97xx - adapt parameters to tosa touchscreen. Input: i8042 - quirks for Fujitsu Lifebook A544 and Lifebook AH544 Input: stmpe-keypad - fix valid key line bitmask Input: soc_button_array - update calls to gpiod_get*()
-
git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm由 Linus Torvalds 提交于
Pull ACPI and power management fixes from Rafael Wysocki: "These are fixes received after my previous pull request plus one that has been in the works for quite a while, but its previous version caused problems to happen, so it's been deferred till now. Fixed are two recent regressions (MFD enumeration and cpufreq-dt), ACPI EC regression introduced in 3.17, system suspend error code path regression introduced in 3.15, an older bug related to recovery from failing resume from hibernation and a cpufreq-dt driver issue related to operation performance points. Specifics: - Fix a crash on r8a7791/koelsch during resume from system suspend caused by a recent cpufreq-dt commit (Geert Uytterhoeven). - Fix an MFD enumeration problem introduced by a recent commit adding ACPI support to the MFD subsystem that exposed a weakness in the ACPI core causing ACPI enumeration to be applied to all devices associated with one ACPI companion object, although it should be used for one of them only (Mika Westerberg). - Fix an ACPI EC regression introduced during the 3.17 cycle causing some Samsung laptops to misbehave as a result of a workaround targeted at some Acer machines. That includes a revert of a commit that went too far and a quirk for the Acer machines in question. From Lv Zheng. - Fix a regression in the system suspend error code path introduced during the 3.15 cycle that causes it to fail to take errors from asychronous execution of "late" suspend callbacks into account (Imre Deak). - Fix a long-standing bug in the hibernation resume error code path that fails to roll back everything correcty on "freeze" callback errors and leaves some devices in a "suspended" state causing more breakage to happen subsequently (Imre Deak). - Make the cpufreq-dt driver disable operation performance points that are not supported by the VR connected to the CPU voltage plane with acceptable tolerance instead of constantly failing voltage scaling later on (Lucas Stach)" * tag 'pm+acpi-3.18-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: ACPI / EC: Fix regression due to conflicting firmware behavior between Samsung and Acer. Revert "ACPI / EC: Add support to disallow QR_EC to be issued before completing previous QR_EC" cpufreq: cpufreq-dt: Restore default cpumask_setall(policy->cpus) PM / Sleep: fix recovery during resuming from hibernation PM / Sleep: fix async suspend_late/freeze_late error handling ACPI: Use ACPI companion to match only the first physical device cpufreq: cpufreq-dt: disable unsupported OPPs
-
git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci由 Linus Torvalds 提交于
Pull PCI fixes from Bjorn Helgaas: "These changes, intended for v3.18, fix: Sysfs - Fix "enable" filename change (Greg Kroah-Hartman) An unintentional sysfs filename change in commit 5136b2da ("PCI: convert bus code to use dev_groups"), which appeared in v3.13, changed "enable" to "enabled", and this changes it back. Old users of "enable" are currently broken and will be helped by this change. Anything that started to use "enabled" after v3.13 will be broken by this change. If necessary, we can add a symlink to make both work, but this patch doesn't do that. PCI device hotplug - Revert duplicate merge (Kamal Mostafa) A mistaken duplicate merge that added a check twice. Nothing's broken; this just removes the unnecessary code. Freescale i.MX6 - Wait for clocks to stabilize after ref_en (Richard Zhu) An i.MX6 clock problem that prevents mx6 nitrogen boards from booting" * tag 'pci-v3.18-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci: PCI: Rename sysfs 'enabled' file back to 'enable' PCI: imx6: Wait for clocks to stabilize after ref_en Revert duplicate "PCI: pciehp: Prevent NULL dereference during probe"
-
由 Andy Lutomirski 提交于
Rusty noticed a Really Bad Bug (tm) in my NT fix. The entry code reads out of bounds, causing the NT fix to be unreliable. But, and this is much, much worse, if your stack is somehow just below the top of the direct map (or a hole), you read out of bounds and crash. Excerpt from the crash: [ 1.129513] RSP: 0018:ffff88001da4bf88 EFLAGS: 00010296 2b:* f7 84 24 90 00 00 00 testl $0x4000,0x90(%rsp) That read is deterministically above the top of the stack. I thought I even single-stepped through this code when I wrote it to check the offset, but I clearly screwed it up. Fixes: 8c7aa698 ("x86_64, entry: Filter RFLAGS.NT on entry from userspace") Reported-by: NRusty Russell <rusty@ozlabs.org> Cc: stable@vger.kernel.org Signed-off-by: NAndy Lutomirski <luto@amacapital.net> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4由 Linus Torvalds 提交于
Pull ext4 bugfixes from Ted Ts'o: "A set of miscellaneous ext4 bug fixes for 3.18" * tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: ext4: make ext4_ext_convert_to_initialized() return proper number of blocks ext4: bail early when clearing inode journal flag fails ext4: bail out from make_indexed_dir() on first error jbd2: use a better hash function for the revoke table ext4: prevent bugon on race between write/fcntl ext4: remove extent status procfs files if journal load fails ext4: disallow changing journal_csum option during remount ext4: enable journal checksum when metadata checksum feature enabled ext4: fix oops when loading block bitmap failed ext4: fix overflow when updating superblock backups after resize
-