Commit graph

9650 commits

Author SHA1 Message Date
Oleg Nesterov
788e05a67c [PATCH] fix do_coredump() vs SIGSTOP race
Let's suppose we have 2 threads in thread group:
	A - does coredump
	B - has pending SIGSTOP

thread A						thread B

do_coredump:						get_signal_to_deliver:

  lock(->sighand)
  ->signal->flags = SIGNAL_GROUP_EXIT
  unlock(->sighand)

							lock(->sighand)
							signr = dequeue_signal()
								->signal->flags |= SIGNAL_STOP_DEQUEUED
								return SIGSTOP;

							do_signal_stop:
							    unlock(->sighand)

  coredump_wait:

      zap_threads:
          lock(tasklist_lock)
          send SIGKILL to B
              // signal_wake_up() does nothing
          unlock(tasklist_lock)

							    lock(tasklist_lock)
							    lock(->sighand)
							    re-check sig->flags & SIGNAL_STOP_DEQUEUED, yes
							    set_current_state(TASK_STOPPED);
							    finish_stop:
							        schedule();
							            // ->state == TASK_STOPPED

      wait_for_completion(&startup_done)
         // waits for complete() from B,
         // ->state == TASK_UNINTERRUPTIBLE

We can't wake up 'B' in any way:

	SIGCONT will be ignored because handle_stop_signal() sees
	->signal->flags & SIGNAL_GROUP_EXIT.

	sys_kill(SIGKILL)->__group_complete_signal() will choose
	uninterruptible 'A', so it can't help.

	sys_tkill(B, SIGKILL) will be ignored by specific_send_sig_info()
	because B already has pending SIGKILL.

This scenario is not possbile if 'A' does do_group_exit(), because
it sets sig->flags = SIGNAL_GROUP_EXIT and delivers SIGKILL to
subthreads atomically, holding both tasklist_lock and sighand->lock.
That means that do_signal_stop() will notice !SIGNAL_STOP_DEQUEUED
after re-locking ->sighand. And it is not possible to any other
thread to re-add SIGNAL_STOP_DEQUEUED later, because dequeue_signal()
can only return SIGKILL.

I think it is better to change do_coredump() to do sigaddset(SIGKILL)
and signal_wake_up() under sighand->lock, but this patch is much
simpler.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-08 14:53:31 -07:00
Linus Torvalds
8298411468 Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
The nameidata "last.name" is always allocated with "__getname()", and
should always be free'd with "__putname()".

Using "putname()" without the underscores will leak memory, because the
allocation will have been hidden from the AUDITSYSCALL code.

Arguably the real bug is that the AUDITSYSCALL code is really broken,
but in the meantime this fixes the problem people see.

Reported by Robert Derr, patch by Rick Lindsley.

Acked-by: Al Viro <viro@ftp.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-06 21:54:21 -07:00
Linus Torvalds
edb4a3534a Merge branch 'release' of master.kernel.org:/pub/scm/linux/kernel/git/aegl/linux-2.6 2005-10-06 15:37:09 -07:00
Bryan Sutula
76e677e25d [IA64] Avoid kernel hang during CMC interrupt storm
I've noticed a kernel hang during a storm of CMC interrupts, which was
tracked down to the continual execution of the interrupt handler.

There's code in the CMC handler that's supposed to disable CMC
interrupts and switch to polling mode when it sees a bunch of CMCs.
Because disabling CMCs across all CPUs isn't safe in interrupt context,
the disable is done with a schedule_work().  But with continual CMC
interrupts, the schedule_work() never gets executed.

The following patch immediately disables CMC interrupts for the current
CPU.  This then allows (at least) one CPU to ignore CMC interrupts,
execute the schedule_work() code, and disable CMC interrupts on the rest
of the CPUs.

Acked-by: Keith Owens <kaos@sgi.com>
Signed-off-by: Bryan Sutula <Bryan.Sutula@hp.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
2005-10-06 15:04:11 -07:00
Linus Torvalds
b954cbcb1a Merge master.kernel.org:/home/rmk/linux-2.6-ucb 2005-10-06 15:01:11 -07:00
Linus Torvalds
5cd9a60cc6 Merge master.kernel.org:/home/rmk/linux-2.6-arm 2005-10-06 15:00:53 -07:00
Linus Torvalds
9aec247d3b Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2005-10-06 14:16:19 -07:00
Linus Torvalds
dce32c781b Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6 2005-10-06 14:16:07 -07:00
Russell King
a448a28589 [MFD] Fix gcc4 build errors in ucb1x00-core.c
drivers/mfd/ucb1x00-core.c:555: error: static declaration of 'ucb1x00_class' follows non-static declaration
drivers/mfd/ucb1x00.h:109: error: previous declaration of 'ucb1x00_class' was here

Since ucb1x00_class isn't used by anything, remove the extern
declaration and the symbol export.

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-06 13:09:42 +01:00
David S. Miller
9ad98c5b44 [SPARC64]: Fix initrd when net booting.
By allocating early memory for the firmware page tables, we
can write over the beginning of the initrd image.

So what we do now is:

1) Read in firmware translations table while still on the
   firmware's trap table.
2) Switch to Linux trap table.
3) Init bootmem.
4) Build firmware page tables using __alloc_bootmem().

And this keeps the initrd from being clobbered.

Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 15:12:00 -07:00
Catalin Marinas
e03eb5272b [ARM] 2954/1: Allow D and I cache and branch prediction disabling for ARMv6
Patch from Catalin Marinas

There is no reason to not allow these config options. They are useful when
the hardware has problems.

Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-05 23:06:36 +01:00
Martin Habets
782c3fd470 [SPARC]: Remove some duplicated sparc32 config items
Remove some duplicated items due to the inclusion of the general
drivers/Kconfig file. These are now taken from drivers/char/Kconfig,
and can be turned off there as well (which is desirable sometimes).

Signed-off-by: Martin Habets <errandir_news@mph.eclipse.co.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:21:36 -07:00
Ralf Baechle
3a867b36c3 [AX.25]: Fix packet socket crash
Since changeset 98a82febb6 AX.25 is passing
received IP and ARP packets to the stack through netif_rx() but we don't
set the skb->mac.raw to right value which may result in a crash with
applications that use a packet socket.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:16:04 -07:00
Herbert Xu
77d8d7a684 [IPSEC]: Document that policy direction is derived from the index.
Here is a patch that adds a helper called xfrm_policy_id2dir to
document the fact that the policy direction can be and is derived
from the index.

This is based on a patch by YOSHIFUJI Hideaki and 210313105@suda.edu.cn.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:15:12 -07:00
YOSHIFUJI Hideaki
140e26fcd5 [IPV6]: Fix NS handing for proxy/anycast address
Timer set up by pneigh_enqueue() ended up calling ndisc_rcv()
via pndisc_redo(), which clears LOCALLY_ENQUEUED flag in
NEIGH_CB(skb) and NS was queued again.
Let's call ndisc_recv_ns() directly to avoid the loop.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:11:41 -07:00
Stephen Hemminger
42a39450f8 [TCP]: BIC coding bug in Linux 2.6.13
Missing parenthesis in causes BIC to be slow in increasing congestion
window.

Spotted by Injong Rhee.

Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:09:31 -07:00
Yan Zheng
fab10fe37a [MCAST] ipv6: Fix address size in grec_size
Signed-Off-By: Yan Zheng <yanzheng@21cn.com>
Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Acked-by: David L Stevens <dlstevens@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:08:13 -07:00
Dave Jones
c0758146ad [PATCH] Fix drm 'debug' sysfs permissions
Just enables some extra printk's, but still..  Only the sysadmin should
be able to do that.

Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-05 07:38:28 -07:00
Benjamin Herrenschmidt
23cb8c297e [PATCH] ppc: Fix timekeeping with HZ=250 on some Mac models
Older Macs which uses the VIA chip timers to calibrate the timebase used
some code that wouldn't work if HZ wasn't divisible by 100...

This fixes it at least for 250.  Not totally perfect but should be
enough for now (so it at least works with the default value which is now
250).

There is still a potential issue with the core using CLOCK_TICK_RATE to
maintain xtime and CLOCK_TICK_RATE value on ppc32 is pure crap, but that
is a different problem, this patch at least brings us back to our
previous situation.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-05 07:33:42 -07:00
Al Viro
329d4dd72e [PATCH] fix the breakage in sparc headers
If we switch extern inline to static inline, we'd better switch the
pre-declarations we use to say that these puppies have
__attribute_const__ on them.

Otherwise we get extern declaration followed by static inline one.
Which makes gcc unhappy, and for a good reason...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-05 07:33:42 -07:00
Randy Dunlap
83fa3400eb [XFRM]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in xfrm code:
net/xfrm/xfrm_policy.c:232:47: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:45:35 -07:00
Randy Dunlap
3d2aef6689 [TEXTSEARCH]: fix sparse gfp nocast warnings
Fix nocast sparse warnings:
include/linux/textsearch.h:165:57: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:45:14 -07:00
Randy Dunlap
dd13a285b7 [RPC]: fix sparse gfp nocast warnings
Fix nocast sparse warnings:
net/rxrpc/call.c:2013:25: warning: implicit cast to nocast type
net/rxrpc/connection.c:538:46: warning: implicit cast to nocast type
net/sunrpc/sched.c:730:36: warning: implicit cast to nocast type
net/sunrpc/sched.c:734:56: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:44:45 -07:00
Randy Dunlap
00fa023345 [AF_KEY]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in net/key code:
net/key/af_key.c:195:27: warning: implicit cast to nocast type
net/key/af_key.c:1439:28: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:43:04 -07:00
Randy Dunlap
c6f4fafccf [NETFILTER]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in nfnetlink code:
net/netfilter/nfnetlink.c:204:43: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:42:42 -07:00
Randy Dunlap
8eea00a44d [IPVS]: fix sparse gfp nocast warnings
From: Randy Dunlap <rdunlap@xenotime.net>

Fix implicit nocast warnings in ip_vs code:
net/ipv4/ipvs/ip_vs_app.c:631:54: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:42:15 -07:00
Randy Dunlap
f4a19a56e3 [DECNET]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in decnet code:
net/decnet/af_decnet.c:458:40: warning: implicit cast to nocast type
net/decnet/dn_nsp_out.c:125:35: warning: implicit cast to nocast type
net/decnet/dn_nsp_out.c:219:29: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:41:48 -07:00
Randy Dunlap
17b6988563 [CONNECTOR]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in connector code:
drivers/connector/connector.c:102:24: warning: implicit cast to nocast type
drivers/connector/connector.c:114:45: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:41:16 -07:00
Randy Dunlap
de54f3907d [BONDING]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in bonding code:
drivers/net/bonding/bond_main.c:1302:49: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:39:41 -07:00
Randy Dunlap
7b5b3f3d82 [ATM]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in atm code:
net/atm/atm_misc.c:35:44: warning: implicit cast to nocast type
drivers/atm/fore200e.c:183:33: warning: implicit cast to nocast type

Also use kzalloc() instead of kmalloc().

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:38:44 -07:00
Pavel Roskin
9bc39bec87 [PATCH] orinoco: Information leakage due to incorrect padding
The orinoco driver can send uninitialized data exposing random pieces of
the system memory.  This happens because data is not padded with zeroes
when its length needs to be increased.

Reported by Meder Kydyraliev <meder@o0o.nu>

Signed-off-by: Pavel Roskin <proski@gnu.org>
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
2005-10-04 23:37:21 -04:00
Linus Torvalds
bb77c03cf4 Merge branch 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/roland/infiniband 2005-10-04 16:55:43 -07:00
Deepak Saxena
ce12467d44 [PATCH] Fix broken IXP4xx GPIO macro
Macro ended up backwards during one of cleanups. Found by Alessandro Zummo.

Signed-off-by: Deepak Saxena <dsaxena@plexity.net>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 16:41:48 -07:00
Horst H. von Brand
a5181ab06d [NETFILTER]: Fix Kconfig typo
Signed-off-by: Horst H. von Brand <vonbrand@inf.utfsm.cl>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 15:58:56 -07:00
Linus Torvalds
50165d8b1d Merge master.kernel.org:/home/rmk/linux-2.6-arm 2005-10-04 15:57:53 -07:00
Andi Kleen
944d2647dd [PATCH] x86_64: Drop global bit from early low mappings
Drop global bit from early low mappings

Suggested by Linus, originally also proposed by Suresh.

This fixes a race condition with early start of udev, originally
tracked down by Suresh B. Siddha. The problem was that switching
to the user space VM would not clear the global low mappings
for the beginning of memory, which lead to memory corruption.

Drop the global bits.

The kernel mapping stays global because it should stay constant.

Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 15:56:52 -07:00
Eric Dumazet
6d2553612f [INET]: Shrink struct inet_ehash_bucket on 32 bits UP
No need to align struct inet_ehash_bucket on a 8 bytes boundary.

On 32 bits Uniprocessor, that's a waste of 4 bytes per struct (50 %)

On other platforms, the attribute is useless, natual alignement is already 8.

platform     | Size before | Size after patch
-------------+-------------+------------------
32 bits, UP  |         8   |     4
32 bits, SMP |         8   |     8
64 bits, UP  |         8   |     8
64 bits, SMP |        16   |    16

Signed-off-by: Eric Dumazet <dada1@cosmosbay.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 15:55:51 -07:00
David S. Miller
0835ae0f27 [SPARC64]: Replace cheetah+ code patching with variables.
Instead of code patching to handle the page size fields in
the context registers, just use variables from which we get
the proper values.

Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 15:23:20 -07:00
Nicolas Pitre
c2f480869f [ARM] 2952/1: fix a register clobber list
Patch from Nicolas Pitre

If gcc decides to assign lr to %0 we're screwed.

Signed-off-by: Nicolas Pitre <nico@cam.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-04 23:17:53 +01:00
Nicolas Pitre
74f8849496 [ARM] 2951/1: fix wrong comment
Patch from Nicolas Pitre

The cmpxchg emulation syscall needs write access.

Signed-off-by: Nicolas Pitre <nico@cam.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-04 23:17:52 +01:00
Sascha Hauer
0a5b0aa8a3 [ARM] 2950/1: i.MX gpio setup function
Patch from Sascha Hauer

Current implementation of imx_gpio_mode does not allow to
configure all alternate routing possibilities of the i.MX. With
this patch every bit in the gpio setup registers has a
corresponding bit in the gpio_mode parameter, so every routing
should be possible now.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-04 23:17:52 +01:00
Sascha Hauer
d78795b693 [ARM] 2949/1: Hynix h720x Run mode
Patch from Sascha Hauer

After coming out of idle mode the h720x goes into slow mode. Switch
it back to run mode.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-04 23:17:51 +01:00
Linus Torvalds
f6e63cfb5c Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2005-10-04 13:55:22 -07:00
Allan Graves
fad1c45c93 [PATCH] uml: Fix sysrq-r support for skas mode
The old code had the IP and SP coming from the registers in the thread
struct, which are completely wrong since those are the userspace
registers.  This fixes that by pulling the correct values from the
jmp_buf in which the kernel state of each thread is stored.

Signed-off-by: Allan Graves <allan.graves@oracle.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 13:22:01 -07:00
Jeff Dike
71dc036247 [PATCH] UML - Fix Al's build tidying
Al's build tidying missed one bit from me - without this UML doesn't boot.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Acked-by: Al Viro <viro@ftp.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 13:22:01 -07:00
Al Viro
c2b513dfbb [PATCH] bfs iget() abuses
bfs_fill_super() walks the inode table to get the bitmap of free inodes
and collect stats.  It has no business using iget() for that - it's a
lot of extra work, extra icache pollution and more complex code.
Switched to walking the damn thing directly.

Note: that also allows to kill ->i_dsk_ino in there - separate patch if
Tigran can confirm that this field can be zero only for deleted inodes
(i.e.  something that could only be found during that scan and not by
normal lookups).

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 13:22:01 -07:00
Alexey Dobriyan
ce0fe7e70a [PATCH] bfs endianness annotations
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 13:22:01 -07:00
Al Viro
25e2d79f52 [PATCH] bogus kfree() in ibmtr
On several failure exits in ibmtr we end up doing kfree() on dev->priv,
with dev allocated by alloc_trdev() and ->priv never reassigned.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 13:22:00 -07:00
Al Viro
433992361c [PATCH] missing include in megaraid_sas
megaraid_sas depends on arch-specific indirect includes pulling
fs.h in; on alpha they do not.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 13:22:00 -07:00
Robert Olsson
e6308be85a [IPV4]: fib_trie root-node expansion
The patch below introduces special thresholds to keep root node in the trie 
large. This gives a flatter tree at the cost of a modest memory increase.
Overall it seems to be gain and this was also proposed by one the authors 
of the paper in recent a seminar.

Main table after loading 123 k routes.

	Aver depth:     3.30
	Max depth:      9
        Root-node size  12 bits
        Total size: 4044  kB

With the patch:
	Aver depth:     2.78
	Max depth:      8
        Root-node size  15 bits
        Total size: 4150  kB

An increase of 8-10% was seen in forwading performance for an rDoS attack. 

Signed-off-by: Robert Olsson <robert.olsson@its.uu.se>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 13:01:58 -07:00