Commit graph

121718 commits

Author SHA1 Message Date
Nicholas Bellinger
2ff017f5b4 iscsi-target: Disable markers + remove dangerous local scope array usage
This patch makes iscsi-target explictly disable OFMarker=Yes and IFMarker=yes
parameter key usage during iscsi login by setting IFMarkInt_Reject and
OFMarkInt_Reject values in iscsi_enforce_integrity_rules() to effectively
disable iscsi marker usage.  With this patch, an initiator proposer asking
to enable either marker parameter keys will be issued a 'No' response, and
the target sets OFMarkInt + IFMarkInt parameter key response to 'Irrelevant'.

With markers disabled during iscsi login, this patch removes the problematic
on-stack local-scope array for marker intervals in iscsit_do_rx_data() +
iscsit_do_tx_data(), and other related marker code in iscsi_target_util.c.
This fixes a potentional stack smashing scenario with small range markers
enabled and a large MRDSL as reported by DanC here:

[bug report] target: stack can be smashed
http://www.spinics.net/lists/target-devel/msg00453.html

Reported-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2011-09-16 19:37:18 +00:00
Nicholas Bellinger
784eb99eba target: Skip non hex characters for VPD=0x83 NAA IEEE Registered Extended
This patch adds target_parse_naa_6h_vendor_specific() to address a bug where the
conversion of PRODUCT SERIAL NUMBER to use hex2bin() in target_emulate_evpd_83()
was not doing proper isxdigit() checking.  This conversion of the vpd_unit_serial
configifs attribute is done while generating a VPD=0x83 NAA IEEE Registered
Extended DESIGNATOR format's 100 bits of unique VENDOR SPECIFIC IDENTIFIER +
VENDOR SPECIFIC IDENTIFIER EXTENSION area.

This patch allows vpd_unit_serial (VPD=0x80) and the T10 Vendor ID DESIGNATOR
format (VPD=0x83) to continue to use free-form variable length ASCII values,
and now skips any non hex characters for fixed length NAA IEEE Registered Extended
DESIGNATOR format (VPD=0x83) requring the binary conversion.

This was originally reported by Martin after the v3.1-rc1 change to use hex2bin()
in commit 11650b8596 where the use of non hex
characters in vpd_unit_serial generated different values than the original
v3.0 internal hex -> binary code.  This v3.1 change caused a problem with
filesystems who write a NAA DESIGNATOR onto it's ondisk metadata, and this patch
will (again) change existing values to ensure that non hex characters are not
included in the fixed length NAA DESIGNATOR.

Note this patch still expects vpd_unit_serial to be set via existing userspace
methods of uuid generation, and does not do strict formatting via configfs input.

The original bug report and thread can be found here:

NAA breakage
http://www.spinics.net/lists/target-devel/msg00477.html

The v3.1-rc1 formatting of VPD=0x83 w/o this patch:

VPD INQUIRY: Device Identification page
  Designation descriptor number 1, descriptor length: 20
    designator_type: NAA,  code_set: Binary
    associated with the addressed logical unit
      NAA 6, IEEE Company_id: 0x1405
      Vendor Specific Identifier: 0xffde35ebf
      Vendor Specific Identifier Extension: 0x3092f498ffa820f9
      [0x6001405ffde35ebf3092f498ffa820f9]
  Designation descriptor number 2, descriptor length: 56
    designator_type: T10 vendor identification,  code_set: ASCII
    associated with the addressed logical unit
      vendor id: LIO-ORG
      vendor specific: IBLOCK:ffde35ec-3092-4980-a820-917636ca54f1

The v3.1-final formatting of VPD=0x83 w/ this patch:

VPD INQUIRY: Device Identification page
  Designation descriptor number 1, descriptor length: 20
    designator_type: NAA,  code_set: Binary
    associated with the addressed logical unit
      NAA 6, IEEE Company_id: 0x1405
      Vendor Specific Identifier: 0xffde35ec3
      Vendor Specific Identifier Extension: 0x924980a82091763
      [0x6001405ffde35ec30924980a82091763]
  Designation descriptor number 2, descriptor length: 56
    designator_type: T10 vendor identification,  code_set: ASCII
    associated with the addressed logical unit
      vendor id: LIO-ORG
      vendor specific: IBLOCK:ffde35ec-3092-4980-a820-917636ca54f1

(v2: Fix parsing code to dereference + check for string terminator instead
     of null pointer to ensure a zeroed payload for vpd_unit_serial less
     than 100 bits of NAA DESIGNATOR VENDOR SPECIFIC area.  Also, remove
     the unnecessary bitwise assignment)

Reported-by: Martin Svec <martin.svec@zoner.cz>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2011-09-16 19:36:56 +00:00
Christoph Hellwig
58fc73d10f tcm_fc: Work queue based approach instead of managing own thread and event based mechanism
Problem: Changed from wake_up_interruptible -> wake_up_process and
wait_event_interruptible-> schedule_timeout_interruptible broke the FCoE
target.  Earlier approach of wake_up_interruptible was also looking at
'queue_cnt' which is not necessary, because it increment of 'queue_cnt'
with wake_up_inetrriptible / waker_up_process introduces race condition.

Fix: Instead of fixing the code which used wake_up_process and remove
'queue_cnt', using work_queue based approach is cleaner and acheives
same result. As well, work queue based approach has less programming
overhead and OS manages threads which processes work queues.

This patch is developed by Christoph Hellwig and reviwed+validated by
Kiran Patil.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Kiran Patil <kiran.patil@intel.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2011-09-16 09:50:09 +00:00
Kiran Patil
079587b4eb tcm_fc: Invalidation of DDP context for FCoE target in error conditions
Problem: HW DDP context wasn;t invalidated in case of ABORTS, etc...
This leads to the problem where memory pages which are used for DDP
as user descriptor could get reused for some other purpose (such as to
satisfy new memory allocation request either by kernel or user mode threads)
and since HW DDP context was not invalidated, HW continue to write to
those pages, hence causing memory corruption.

Fix: Either on incoming ABORTS or due to exchange time out, allowed the
target to cleanup HW DDP context if it was setup for respective ft_cmd.
Added new function to perform this cleanup, furthur it can be enhanced
for other cleanup activity.

Additinal Notes: To avoid calling ddp_done from multiple places, composed
the functionality in helper function "ft_invl_hw_context" and it is being
called from multiple places. Cleaned up code in function "ft_recv_write_data"
w.r.t DDP.

Signed-off-by: Kiran Patil <kiran.patil@intel.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2011-09-16 09:29:27 +00:00
Roland Dreier
bcac364a24 target: Fix race between multiple invocations of target_qf_do_work()
When work is scheduled with schedule_work(), the work can end up
running on multiple CPUs at the same time -- this happens if
the work is already running on one CPU and schedule_work() is called
on another CPU.  This leads to list corruption with target_qf_do_work(),
which is roughly doing:

	spin_lock(...);
	list_for_each_entry_safe(...) {
		list_del(...);
		spin_unlock(...);

		// do stuff

		spin_lock(...);
	}

With multiple CPUs running this code, one CPU can end up deleting the
list entry that the other CPU is about to work on.

Fix this by splicing the list entries onto a local list and then
operating on that in the work function.  This way, each invocation of
target_qf_do_work() operates on its own local list and so multiple
invocations don't corrupt each other's list.  This also avoids dropping
and reacquiring the lock for each list entry.

Signed-off-by: Roland Dreier <roland@purestorage.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2011-09-16 09:29:20 +00:00
Linus Torvalds
fa758702c2 Merge branch 'hwmon-for-linus' of git://github.com/groeck/linux
* 'hwmon-for-linus' of git://github.com/groeck/linux:
  hwmon: (coretemp) Initialize tmin
  hwmon: (pmbus) Fix low limit temperature alarms
2011-09-15 12:34:59 -07:00
Russell King
4f5b04800a drivers/gpio/gpio-generic.c: fix build errors
Building a kernel with hotplug disabled results in a link failure:

  `bgpio_remove' referenced in section `___ksymtab_gpl+bgpio_remove' of drivers/built-in.o: defined in discarded section `.devexit.text' of drivers/built-in.o

This is because of bgpio_remove() is exported.  It is illegal to export
symbols which are discarded either at link time or as part of an
init/exit section.

Fix this by dropping the __devexit attributation from bgpio_remove().
Also drop the __devinit attributation from bgpio_init().

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Cc: Grant Likely <grant.likely@secretlab.ca>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-14 18:09:38 -07:00
Naga Chumbalkar
e71f5cc402 drivers/cpufreq/pcc-cpufreq.c: avoid NULL pointer dereference
per_cpu(processors, n) can be NULL, resulting in:

  Loading CPUFreq modules[  437.661360] BUG: unable to handle kernel NULL pointer dereference at (null)
  IP: [<ffffffffa0434314>] pcc_cpufreq_cpu_init+0x74/0x220 [pcc_cpufreq]

It's better to avoid the oops by failing the driver, and allowing the
system to boot.

Signed-off-by: Naga Chumbalkar <nagananda.chumbalkar@hp.com>
Cc: Dave Jones <davej@codemonkey.org.uk>
Cc: Len Brown <lenb@kernel.org>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-14 18:09:38 -07:00
Donggeun Kim
88cee8fd77 drivers/rtc/rtc-s3c.c: fix no occurrence of alarm interrupt
The driver does not generate an alarm interrupt even though a time for
an alarm is set.

This results from disabling rtc_clk after setting the alarm time.

To generate an alarm interrupt the driver should maintain its enabled
state for rtc_clk the until alarm interrupt occurs.  This patch permits
generation of an alarm interrupt.

[akpm@linux-foundation.org: make s3c_rtc_alarm_clk_lock local to s3c_rtc_alarm_clk_enable()]
Signed-off-by: Donggeun Kim <dg77.kim@samsung.com>
Signed-off-by: MyungJoo Ham <myungjoo.ham@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-14 18:09:38 -07:00
Johan Hovold
7a5caabd09 drivers/leds/ledtrig-timer.c: fix broken sysfs delay handling
Fix regression introduced by commit 5ada28bf76 ("led-class: always
implement blinking") which broke sysfs delay handling by not storing the
updated value.  Consequently it was only possible to set one of the delays
through the sysfs interface as the other delay was automatically restored
to it's default value.  Reading the parameters always gave the defaults.

Signed-off-by: Johan Hovold <jhovold@gmail.com>
Acked-by: Florian Fainelli <florian@openwrt.org>
Acked-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: <stable@kernel.org>		[2.6.37+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-14 18:09:38 -07:00
Jesper Juhl
1ebe9dad94 drivers/misc/pti.c: give 'comm' function scope in pti_control_frame_built_and_sent()
In drivers/misc/pti.c::pti_control_frame_built_and_sent() we assign 'comm'
to 'thread_name_p' if (!thread_name).  The problem is that 'comm' then
goes out of scope and later we use 'thread_name_p' which now refers to an
out-of-scope variable.  To fix that, simply move 'comm' up to have
function scope.

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Cc: Greg Kroah-Hartman <gregkh@suse.de>
Cc: J Freyensee <james_p_freyensee@linux.intel.com>
Cc: Jeremy Rocher <rocher.jeremy@gmail.com>
Cc: Sergei Trofimovich <slyfox@gentoo.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-14 18:09:38 -07:00
WANG Cong
83ede96e98 cris: fix a build error in drivers/tty/serial/crisv10.c
Fix these errors:

    drivers/tty/serial/crisv10.c:4453: error: 'if_ser0' undeclared (first use in this function): 2 errors in 2 logs
    drivers/tty/serial/crisv10.c:4453: error: (Each undeclared identifier is reported only once: 2 errors in 2 logs
    drivers/tty/serial/crisv10.c:4453: error: for each function it appears in.): 2 errors in 2 logs

"if_ser0" is a typo, it should be "if_serial_0".

Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-14 18:09:38 -07:00
Axel Lin
d4c32f355c drivers/rtc/rtc-imxdi.c needs linux/sched.h
Include linux/sched.h to fix below build error.

    CC      drivers/rtc/rtc-imxdi.o
  drivers/rtc/rtc-imxdi.c: In function 'di_write_wait':
  drivers/rtc/rtc-imxdi.c:168: error: 'TASK_INTERRUPTIBLE' undeclared (first use in this function)
  drivers/rtc/rtc-imxdi.c:168: error: (Each undeclared identifier is reported only once
  drivers/rtc/rtc-imxdi.c:168: error: for each function it appears in.)
  drivers/rtc/rtc-imxdi.c:168: error: implicit declaration of function 'signal_pending'
  drivers/rtc/rtc-imxdi.c:168: error: implicit declaration of function 'schedule_timeout'
  drivers/rtc/rtc-imxdi.c: In function 'dryice_norm_irq':
  drivers/rtc/rtc-imxdi.c:329: error: 'TASK_INTERRUPTIBLE' undeclared (first use in this function)

Signed-off-by: Axel Lin <axel.lin@gmail.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Cc: Wan ZongShun <mcuos.com@gmail.com>
Cc: Alessandro Zummo <a.zummo@towertech.it>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-14 18:09:37 -07:00
Linus Torvalds
bcd438be3b Merge git://bedivere.hansenpartnership.com/git/scsi-rc-fixes-2.6
* git://bedivere.hansenpartnership.com/git/scsi-rc-fixes-2.6: (25 commits)
  [SCSI] bnx2i: Fixed the endian on TTT for NOP out transmission
  [SCSI] libfc: fix referencing to fc_fcp_pkt from the frame pointer via fr_fsp()
  [SCSI] libfc: block SCSI eh thread for blocked rports
  [SCSI] libfc: fix fc_eh_host_reset
  [SCSI] fcoe: Fix deadlock between fip's recv_work and rtnl
  [SCSI] qla2xxx: Update version number to 8.03.07.07-k.
  [SCSI] qla2xxx: Set the task attributes after memsetting fcp cmnd.
  [SCSI] qla2xxx: Correct inadvertent loop state transitions during port-update handling.
  [SCSI] qla2xxx: Save and restore irq in the response queue interrupt handler.
  [SCSI] qla2xxx: Double check for command completion if abort mailbox command fails.
  [SCSI] qla2xxx: Acquire hardware lock while manipulating dsd list.
  [SCSI] qla2xxx: Fix qla24xx revision check while enabling interrupts.
  [SCSI] qla2xxx: T10 DIF - Fix incorrect error reporting.
  [SCSI] qla2xxx: T10 DIF - Handle uninitalized sectors.
  [SCSI] hpsa: fix physical device lun and target numbering problem
  [SCSI] hpsa: fix problem that OBDR devices are not detected
  [SCSI] isci: add version number
  [SCSI] isci: fix event-get pointer increment
  [SCSI] isci: dynamic interrupt coalescing
  [SCSI] isci: Leave requests alone if already terminating.
  ...
2011-09-14 16:09:14 -07:00
Jean Delvare
cd5bd3df1a hwmon: (coretemp) Initialize tmin
ttarget is initialized when the driver is loaded, but tmin is not.
As a result, tempX_max_hyst attributes read 0. Fix this.

Also use THERM_*_THRESHOLD* constants in these initializations instead
of hard-coding the constants.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Cc: "R, Durgadoss" <durgadoss.r@intel.com>
Cc: Guenter Roeck <guenter.roeck@ericsson.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Signed-off-by: Guenter Roeck <guenter.roeck@ericsson.com>
2011-09-14 03:55:05 -07:00
Benjamin Herrenschmidt
1a4b1a41b8 pci: Don't crash when reading mpss from root complex
In pcie_find_smpss(), we have the following statement:

 	if (dev->is_hotplug_bridge && (!list_is_singular(&dev->bus->devices) ||
	    dev->bus->self->pcie_type != PCI_EXP_TYPE_ROOT_PORT))

The problem is that at least on my machine, this gets called for the
root complex (virtual P2P bridge), and dev->bus->self is NULL since
the parent bus for this is not itself anchor to a PCI device.

This adds the necessary NULL check.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-by: Jon Mason <mason@myri.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-13 16:08:31 -07:00
Guenter Roeck
40257b953f hwmon: (pmbus) Fix low limit temperature alarms
Temperature alarms are detected by checking the alarm bit and comparing
temperature limits against the current temperature. For low limits, this
comparison needs to be reversed (temp < limit instead of temp > limit).
This was not taken into account, resulting in wrong alarms if a temperature
fell below a low limit.

Fix by adding a low limit flag in the limit data structure. When creating the
sensor entry, the order of registers to compare is now reversed for low limits.

Signed-off-by: Guenter Roeck <guenter.roeck@ericsson.com>
Acked-by: Jean Delvare <khali@linux-fr.org>
Cc: stable@kernel.org # 3.0+
2011-09-13 06:19:15 -07:00
Len Brown
38c0a0c9ae Merge branches 'apei', 'bz-13195' and 'doc' into acpi 2011-09-12 20:00:00 -04:00
Linus Torvalds
8cb3ed17cb Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux
* 'drm-fixes' of git://people.freedesktop.org/~airlied/linux:
  drm: Remove duplicate "return" statement
  drm/nv04/crtc: Bail out if FB is not bound to crtc
  drm/nouveau: fix nv04_sgdma_bind on non-"4kB pages" archs
  drm/nouveau: properly handle allocation failure in nouveau_sgdma_populate
  drm/nouveau: fix oops on pre-semaphore hardware
  drm/nv50/crtc: Bail out if FB is not bound to crtc
  drm/radeon/kms: fix DP detect and EDID fetch for DP bridges
2011-09-12 13:49:07 -07:00
Linus Torvalds
87adf1c66c Merge branch 'v4l_for_linus' of git://linuxtv.org/mchehab/for_linus
* 'v4l_for_linus' of git://linuxtv.org/mchehab/for_linus:
  [media] vp7045: fix buffer setup
  [media] nuvoton-cir: simplify raw IR sample handling
  [media] [Resend] viacam: Don't explode if pci_find_bus() returns NULL
  [media] v4l2: Fix documentation of the codec device controls
  [media] gspca - sonixj: Fix the darkness of sensor om6802 in 320x240
  [media] gspca - sonixj: Fix wrong register mask for sensor om6802
  [media] gspca - ov519: Fix LED inversion of some ov519 webcams
  [media] pwc: precedence bug in pwc_init_controls()
2011-09-11 14:58:47 -07:00
Florian Mickler
fc61ccd35f [media] vp7045: fix buffer setup
dvb_usb_device_init calls the frontend_attach method of this driver which
uses vp7045_usb_ob. In order to have a buffer ready in vp7045_usb_op, it has to
be allocated before that happens.

Luckily we can use the whole private data as the buffer as it gets separately
allocated on the heap via kzalloc in dvb_usb_device_init and is thus apt for
use via usb_control_msg.

This fixes a
	BUG: unable to handle kernel paging request at 0000000000001e78

reported by Tino Keitel and diagnosed by Dan Carpenter.

Cc: stable@kernel.org # For v3.0 and upper
Tested-by: Tino Keitel <tino.keitel@tikei.de>
Signed-off-by: Florian Mickler <florian@mickler.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2011-09-11 09:33:41 -03:00
Jarod Wilson
de4ed0c111 [media] nuvoton-cir: simplify raw IR sample handling
The nuvoton-cir driver was storing up consecutive pulse-pulse and
space-space samples internally, for no good reason, since
ir_raw_event_store_with_filter() already merges back to back like
samples types for us. This should also fix a regression introduced late
in 3.0 that related to a timeout change, which actually becomes correct
when coupled with this change. Tested with RC6 and RC5 on my own
nuvoton-cir hardware atop vanilla 3.0.0, after verifying quirky
behavior in 3.0 due to the timeout change.

Reported-by: Stephan Raue <sraue@openelec.tv>
CC: Stephan Raue <sraue@openelec.tv>
CC: stable@vger.kernel.org
Signed-off-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2011-09-11 09:33:40 -03:00
Jesper Juhl
c8814df3a5 [media] [Resend] viacam: Don't explode if pci_find_bus() returns NULL
In the unlikely case that pci_find_bus() should return NULL
viacam_serial_is_enabled() is going to dereference a NULL pointer and
blow up. Better safe than sorry, so be defensive and check the
pointer.

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Acked-by: Jonathan Corbet <corbet@lwn.net>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2011-09-11 09:33:39 -03:00
Jean-François Moine
5b5cfc3674 [media] gspca - sonixj: Fix the darkness of sensor om6802 in 320x240
The images are clearer with a lower bridge clock.

Signed-off-by: Jean-François Moine <moinejf@free.fr>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2011-09-11 09:33:37 -03:00
Luiz Carlos Ramos
313c68e644 [media] gspca - sonixj: Fix wrong register mask for sensor om6802
The bug was introduced by git commit 0e4d413af1, giving very dark images.

Signed-off-by: Luiz Carlos Ramos <lramos.prof@yahoo.com.br>
Signed-off-by: Jean-François Moine <moinejf@free.fr>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2011-09-11 09:33:37 -03:00
Jean-François Moine
55c53e1f24 [media] gspca - ov519: Fix LED inversion of some ov519 webcams
The list of the webcams which have LED inversion was rebuild scanning
ms-win .inf files.

Signed-off-by: Jean-François Moine <moinejf@free.fr>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2011-09-11 09:33:36 -03:00
Dan Carpenter
4264a8b638 [media] pwc: precedence bug in pwc_init_controls()
'!' has higher precedence than '&' so we need parenthesis here.

Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2011-09-11 09:33:35 -03:00
Randy Dunlap
d7a210f3d3 scsi: qla4xxx driver depends on NET
When CONFIG_NET is disabled, SCSI_QLA_ISCSI selects SCSI_ISCSI_ATTRS,
which uses network interfaces, so the build fails with multiple errors:

  warning: (ISCSI_TCP && SCSI_CXGB3_ISCSI && SCSI_CXGB4_ISCSI && SCSI_QLA_ISCSI && INFINIBAND_ISER) selects SCSI_ISCSI_ATTRS which has unmet direct dependencies (SCSI && NET)

  ERROR: "skb_trim" [drivers/scsi/scsi_transport_iscsi.ko] undefined!
  ERROR: "netlink_kernel_create" [drivers/scsi/scsi_transport_iscsi.ko] undefined!
  ERROR: "netlink_kernel_release" [drivers/scsi/scsi_transport_iscsi.ko] undefined!
  ...

so make SCSI_QLA_ISCSI also depend on NET to prevent the build errors.

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Cc:	Ravi Anand <ravi.anand@qlogic.com>
Cc:	Vikas Chaudhary <vikas.chaudhary@qlogic.com>
Cc:	iscsi-driver@qlogic.com
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-10 17:31:31 -07:00
Linus Torvalds
d0a77454c7 Merge branch 'fixes' of http://ftp.arm.linux.org.uk/pub/linux/arm/kernel/git-cur/linux-2.6-arm
* 'fixes' of http://ftp.arm.linux.org.uk/pub/linux/arm/kernel/git-cur/linux-2.6-arm:
  ARM: 7088/1: entry: fix wrong parameter name used in do_thumb_abort
  ARM: 7080/1: l2x0: make sure I&D are not locked down on init
  ARM: 7081/1: mach-integrator: fix the clocksource
  NET: am79c961: fix race in link status code
  ARM: 7067/1: mm: keep significant bits in pfn_valid
2011-09-10 17:28:46 -07:00
Bart Van Assche
c338bfb5ec backlight: Declare backlight_types[] const
Since backlight_types[] isn't modified, let's declare it const.  That
was probably the intention of the author of commit bb7ca747f8
("backlight: add backlight type"), via which the "const char const *"
construct was introduced.  The duplicate const was detected by sparse.

Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Cc: Matthew Garrett <mjg@redhat.com>
Cc: Richard Purdie <rpurdie@rpsys.net>
Cc: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-10 14:00:02 -07:00
Linus Torvalds
290a1cc4f7 Merge branch 'for-linus' of git://neil.brown.name/md
* 'for-linus' of git://neil.brown.name/md:
  md: Fix handling for devices from 2TB to 4TB in 0.90 metadata.
  md/raid1,10: Remove use-after-free bug in make_request.
  md/raid10: unify handling of write completion.
  Avoid dereferencing a 'request_queue' after last close.
2011-09-10 10:19:15 -07:00
NeilBrown
27a7b260f7 md: Fix handling for devices from 2TB to 4TB in 0.90 metadata.
0.90 metadata uses an unsigned 32bit number to count the number of
kilobytes used from each device.
This should allow up to 4TB per device.
However we multiply this by 2 (to get sectors) before casting to a
larger type, so sizes above 2TB get truncated.

Also we allow rdev->sectors to be larger than 4TB, so it is possible
for the array to be resized larger than the metadata can handle.
So make sure rdev->sectors never exceeds 4TB when 0.90 metadata is in
used.

Also the sanity check at the end of super_90_load should include level
1 as it used ->size too. (RAID0 and Linear don't use ->size at all).

Reported-by: Pim Zandbergen <P.Zandbergen@macroscoop.nl>
Cc: stable@kernel.org
Signed-off-by: NeilBrown <neilb@suse.de>
2011-09-10 17:21:28 +10:00
NeilBrown
079fa166a2 md/raid1,10: Remove use-after-free bug in make_request.
A single request to RAID1 or RAID10 might result in multiple
requests if there are known bad blocks that need to be avoided.

To detect if we need to submit another write request we test:
 	if (sectors_handled < (bio->bi_size >> 9)) {

However this is after we call **_write_done() so the 'bio' no longer
belongs to us - the writes could have completed and the bio freed.

So move the **_write_done call until after the test against
bio->bi_size.

This addresses https://bugzilla.kernel.org/show_bug.cgi?id=41862

Reported-by: Bruno Wolff III <bruno@wolff.to>
Tested-by: Bruno Wolff III <bruno@wolff.to>
Signed-off-by: NeilBrown <neilb@suse.de>
2011-09-10 17:21:23 +10:00
NeilBrown
19d5f834d6 md/raid10: unify handling of write completion.
A write can complete at two different places:
1/ when the last member-device write completes, through
   raid10_end_write_request
2/ in make_request() when we remove the initial bias from ->remaining.

These two should do exactly the same thing and the comment says they
do, but they don't.

So factor the correct code out into a function and call it in both
places.  This makes the code much more similar to RAID1.

The difference is only significant if there is an error, and they
usually take a while, so it is unlikely that there will be an error
already when make_request is completing, so this is unlikely to cause
real problems.

Signed-off-by: NeilBrown <neilb@suse.de>
2011-09-10 17:21:17 +10:00
Jon Mason
ed2888e906 PCI: Remove MRRS modification from MPS setting code
Modifying the Maximum Read Request Size to 0 (value of 128Bytes) has
massive negative ramifications on some devices.  Without knowing which
devices have this issue, do not modify from the default value when
walking the PCI-E bus in pcie_bus_safe mode.  Also, make pcie_bus_safe
the default procedure.

Tested-by: Sven Schnelle <svens@stackframe.org>
Tested-by: Simon Kirby <sim@hostway.ca>
Tested-by: Stephen M. Cameron <scameron@beardog.cce.hp.com>
Reported-and-tested-by: Eric Dumazet <eric.dumazet@gmail.com>
Reported-and-tested-by: Niels Ole Salscheider <niels_ole@salscheider-online.de>
References: https://bugzilla.kernel.org/show_bug.cgi?id=42162
Signed-off-by: Jon Mason <mason@myri.com>
Acked-by: Jesse Barnes <jbarnes@virtuousgeek.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-09 19:49:58 -07:00
Shyam Iyer
5307f6d5fb Fix pointer dereference before call to pcie_bus_configure_settings
Commit b03e7495a8 ("PCI: Set PCI-E Max Payload Size on fabric")
introduced a potential NULL pointer dereference in calls to
pcie_bus_configure_settings due to attempts to access pci_bus self
variables when the self pointer is NULL.

To correct this, verify that the self pointer in pci_bus is non-NULL
before dereferencing it.

Reported-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: Shyam Iyer <shyam_iyer@dell.com>
Signed-off-by: Jon Mason <mason@myri.com>
Acked-by: Jesse Barnes <jbarnes@virtuousgeek.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-09-09 19:49:58 -07:00
Linus Torvalds
a6a5ed0dd3 Merge branch 'for-linus' of git://dev.laptop.org/users/cjb/mmc
* 'for-linus' of git://dev.laptop.org/users/cjb/mmc:
  mmc: sdhci-s3c: Fix mmc card I/O problem
  mmc: sd: UHS-I bus speed should be set last in UHS initialization
  mmc: sdhi: initialise mmc_data->flags before use
  mmc: core: use non-reentrant workqueue for clock gating
  mmc: core: prevent aggressive clock gating racing with ios updates
  mmc: rename mmc_host_clk_{ungate|gate} to mmc_host_clk_{hold|release}
  mmc: sdhci-esdhc-imx: add missing inclusion of linux/module.h
2011-09-09 15:50:25 -07:00
Lin Ming
55a01f6f68 drm: Remove duplicate "return" statement
Remove the duplicate "return" statement in drm_fb_helper_panic().

Signed-off-by: Lin Ming <ming.m.lin@intel.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-09-09 09:11:44 +01:00
Dave Airlie
909d6e0cb6 Merge branch 'drm-nouveau-fixes' of git://anongit.freedesktop.org/git/nouveau/linux-2.6 into drm-test
* 'drm-nouveau-fixes' of git://anongit.freedesktop.org/git/nouveau/linux-2.6:
  drm/nv04/crtc: Bail out if FB is not bound to crtc
  drm/nouveau: fix nv04_sgdma_bind on non-"4kB pages" archs
  drm/nouveau: properly handle allocation failure in nouveau_sgdma_populate
  drm/nouveau: fix oops on pre-semaphore hardware
  drm/nv50/crtc: Bail out if FB is not bound to crtc
2011-09-09 09:10:04 +01:00
Emil Velikov
0e83bb4eee drm/nv04/crtc: Bail out if FB is not bound to crtc
This commit resolves a possible 'NULL pointer dereference'
It uses the same approach as radeon, intel and nouveau/nv50

Fixes bug 'Nouveau: Kernel oops when unplugging external monitor'
https://bugs.freedesktop.org/show_bug.cgi?id=40336

Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-09-09 17:24:21 +10:00
Marcin Slusarz
1bf2706601 drm/nouveau: fix nv04_sgdma_bind on non-"4kB pages" archs
nv04_sgdma_bind binds the same page multiple times on
architectures where PAGE_SIZE != 4096.
Let's fix it.

Signed-off-by: Marcin Slusarz <marcin.slusarz@gmail.com>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-09-09 17:24:10 +10:00
Marcin Slusarz
17c8b96093 drm/nouveau: properly handle allocation failure in nouveau_sgdma_populate
Not cleaning after alloc failure would result in crash on destroy,
because nouveau_sgdma_clear assumes "ttm_alloced" to be not null when
"pages" is not null.

Signed-off-by: Marcin Slusarz <marcin.slusarz@gmail.com>
Cc: stable@kernel.org
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-09-09 17:24:06 +10:00
Ben Skeggs
cfd8be088e drm/nouveau: fix oops on pre-semaphore hardware
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-09-09 17:24:00 +10:00
Emil Velikov
ffbc559b06 drm/nv50/crtc: Bail out if FB is not bound to crtc
Fixes possbile NULL pointer dereference
Resolves 'kernel crash in nv50_crtc_do_mode_set_base during shutdown'
https://bugs.freedesktop.org/show_bug.cgi?id=40005

Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-09-09 17:23:56 +10:00
Linus Torvalds
e4e436e0bd Merge branch 'fixes' of git://git.infradead.org/users/vkoul/slave-dma
* 'fixes' of git://git.infradead.org/users/vkoul/slave-dma:
  dmaengine/ste_dma40: fix memory leak due to prepared descriptors
  dmaengine/ste_dma40: fix Oops due to double free of client descriptor
  dmaengine/ste_dma40: remove duplicate call to d40_pool_lli_free().
  dmaengine/ste_dma40: add missing kernel doc for pending_queue
2011-09-08 16:49:32 -07:00
Linus Torvalds
9ba365438a Merge branch 'for-linus' of git://opensource.wolfsonmicro.com/regmap
* 'for-linus' of git://opensource.wolfsonmicro.com/regmap:
  regmap: Remove bitrotted module_put()s
2011-09-08 16:47:52 -07:00
Linus Torvalds
3d0283ebc8 Merge branch 'for-linus' of git://twin.jikos.cz/jikos/hid
* 'for-linus' of git://twin.jikos.cz/jikos/hid:
  HID: wacom: Unregister sysfs attributes on remove
  HID: wacom: Fix error path of power-supply initialization
  HID: add support for HuiJia USB Gamepad connector
  HID: magicmouse: ignore 'ivalid report id' while switching modes, v2
  HID: magicmouse: Set resolution of touch surfaces
2011-09-08 16:45:37 -07:00
Linus Torvalds
4dcaadc319 Merge branch 'for-31-rc5/i2c-fixes' of git://git.fluff.org/bjdooks/linux
* 'for-31-rc5/i2c-fixes' of git://git.fluff.org/bjdooks/linux:
  i2c-tegra: fix possible race condition after tx
  i2c-tegra: add I2C_FUNC_SMBUS_EMUL
  i2c-tegra: Add of_match_table
  i2c-pxa2xx: return proper error code in ce4100_i2c_probe error paths
2011-09-08 16:42:34 -07:00
Linus Torvalds
4fbcc42dc4 Merge branch 'amd/fixes' of git://git.8bytes.org/scm/iommu
* 'amd/fixes' of git://git.8bytes.org/scm/iommu:
  iommu/amd: Don't take domain->lock recursivly
  iommu/amd: Make sure iommu->need_sync contains correct value
2011-09-08 16:39:47 -07:00
Linus Torvalds
79016f6488 Merge branch 'timers-fixes-for-linus' of git://tesla.tglx.de/git/linux-2.6-tip
* 'timers-fixes-for-linus' of git://tesla.tglx.de/git/linux-2.6-tip:
  rtc: twl: Fix registration vs. init order
  rtc: Initialized rtc_time->tm_isdst
  rtc: Fix RTC PIE frequency limit
  rtc: rtc-twl: Remove lockdep related local_irq_enable()
  rtc: rtc-twl: Switch to using threaded irq
  rtc: ep93xx: Fix 'rtc' may be used uninitialized warning
  alarmtimers: Avoid possible denial of service with high freq periodic timers
  alarmtimers: Memset itimerspec passed into alarm_timer_get
  alarmtimers: Avoid possible null pointer traversal
2011-09-07 13:03:48 -07:00