Impact: fix math-emu related crash while using GDB/ptrace
init_fpu() calls finit to initialize a task's xstate, while finit always
works on the current task. If we use PTRACE_GETFPREGS on another
process and both processes did not already use floating point, we get
a null pointer exception in finit.
This patch creates a new function finit_task that takes a task_struct
parameter. finit becomes a wrapper that simply calls finit_task with
current. On the plus side this avoids many calls to get_current which
would each resolve to an inline assembler mov instruction.
An empty finit_task has been added to i387.h to avoid linker errors in
case the compiler still emits the call in init_fpu when
CONFIG_MATH_EMULATION is not defined.
The declaration of finit in i387.h has been removed as the remaining
code using this function gets its prototype from fpu_proto.h.
Signed-off-by: Daniel Glöckner <dg@emlix.com>
Cc: Suresh Siddha <suresh.b.siddha@intel.com>
Cc: "Pallipadi Venkatesh" <venkatesh.pallipadi@intel.com>
Cc: Arjan van de Ven <arjan@infradead.org>
Cc: Bill Metzenthen <billm@melbpc.org.au>
LKML-Reference: <E1Lew31-0004il-Fg@mailer.emlix.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Impact: Fix boot failure on EFI system with large runtime memory range
Brian Maly reported that some EFI system with large runtime memory
range can not boot. Because the FIX_MAP used to map runtime memory
range is smaller than run time memory range.
This patch fixes this issue by re-implement efi_ioremap() with
init_memory_mapping().
Reported-and-tested-by: Brian Maly <bmaly@redhat.com>
Signed-off-by: Huang Ying <ying.huang@intel.com>
Cc: Brian Maly <bmaly@redhat.com>
Cc: Yinghai Lu <yinghai@kernel.org>
LKML-Reference: <1236135513.6204.306.camel@yhuang-dev.sh.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Impact: reactivate DMI quirks on EFI hardware
DMI tables are loaded by EFI, so the dmi calls must happen after
efi_init() and not before.
Currently Apple hardware uses DMI to determine the framebuffer mappings
for efifb. Without DMI working you also have no video on MacBook Pro.
This patch resolves the DMI issue for EFI hardware (DMI is now properly
detected at boot), and additionally efifb now loads on Apple hardware
(i.e. video works).
Signed-off-by: Brian Maly <bmaly@redhat>
Acked-by: Yinghai Lu <yinghai@kernel.org>
Cc: ying.huang@intel.com
LKML-Reference: <49ADEDA3.1030406@redhat.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
arch/x86/kernel/setup.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
Change sctp_ctl_sock_init() to try IPv4 if IPv6 socket registration
fails. Required if the IPv6 module is loaded with "disable=1", else
SCTP will fail to load.
Signed-off-by: Brian Haley <brian.haley@hp.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Add "disable" module parameter support to ipv6.ko by specifying
"disable=1" on module load. We just do the minimum of initializing
inetsw6[] so calls from other modules to inet6_register_protosw()
won't OOPs, then bail out. No IPv6 addresses or sockets can be
created as a result, and a reboot is required to enable IPv6.
Signed-off-by: Brian Haley <brian.haley@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
with while (i-- > 0); i reaches -1 after the loop, so the test below is printed
one too early: 0 still means success.
Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
with while (--worklimit >= 0); worklimit reaches -1 after the loop. In
3c589_cs.c this caused a warning not to be printed.
In 3c574_cs.c contrastingly, el3_rx() treats worklimit differently:
static int el3_rx(struct net_device *dev, int worklimit)
{
while (--worklimit >= 0) { ... }
return worklimit;
}
el3_rx() is only called by function el3_interrupt(): twice:
static irqreturn_t el3_interrupt(int irq, void *dev_id)
{
int work_budget = max_interrupt_work;
while(...) {
if (...)
work_budget = el3_rx(dev, work_budget);
if (...)
work_budget = el3_rx(dev, work_budget);
if (--work_budget < 0) {
...
break;
}
}
}
The error path can occur 2 too early.
Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
with while (timeout-- > 0); timeout reaches -1 after the loop, so the tests
below are off by one. also don't do an '< 0' test on an unsigned.
Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Currently, modular tokenring ("tr") lacks a license and fails to load:
tr: module license 'unspecified' taints kernel.
tr: Unknown symbol proc_net_fops_create
Beacuse of this, no tokenring driver can load if it depends on modular
tr. Fix this by adding GPL module license as it is in the kernel.
With this fix, tr module loads fine and tms380 driver also loads. Well,
it does'nt work but that's a different bug.
Signed-off-by: Meelis Roos <mroos@linux.ee>
Signed-off-by: David S. Miller <davem@davemloft.net>
Add vendor/product IDs for new no name dm9601 compatible usb ethernet
adaptors.
Reported-by: Eric Lauriault <eric@linux.ca>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Signed-off-by: David S. Miller <davem@davemloft.net>
The callers of netlink_set_err() currently pass a negative value
as parameter for the error code. However, sk->sk_err wants a
positive error value. Without this patch, skb_recv_datagram() called
by netlink_recvmsg() may return a positive value to report an error.
Another choice to fix this is to change callers to pass a positive
error value, but this seems a bit inconsistent and error prone
to me. Indeed, the callers of netlink_set_err() assumed that the
(usual) negative value for error codes was fine before this patch :).
This patch also includes some documentation in docbook format
for netlink_set_err() to avoid this sort of confusion.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
commit a969e76a71 (powerpc: Correct USB
support for GE Fanuc SBC610) introduced a fixup for NEC usb controllers.
This fixup should only run on GEF SBC610 boards.
Fixes Fedora bug #486511.
(https://bugzilla.redhat.com/show_bug.cgi?id=486511)
Signed-off-by: Tony Breeds <tony@bakeyournoodle.com>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
There is another user of IXP4xx queue manager, fix it.
Signed-off-by: Krzysztof Hałasa <khc@pm.waw.pl>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
sched: don't allow setuid to succeed if the user does not have rt bandwidth
sched_rt: don't start timer when rt bandwidth disabled
* 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
x86: oprofile: don't set counter width from cpuid on Core2
x86: fix init_memory_mapping() to handle small ranges
* 'tracing/mmiotrace' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
x86 mmiotrace: fix race with release_kmmio_fault_page()
x86 mmiotrace: improve handling of secondary faults
x86 mmiotrace: split set_page_presence()
x86 mmiotrace: fix save/restore page table state
x86 mmiotrace: WARN_ONCE if dis/arming a page fails
x86: add far read test to testmmiotrace
x86: count errors in testmmiotrace.ko
* 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
rcu: Teach RCU that idle task is not quiscent state at boot
`iop_adma_remove' referenced in section `.data' of drivers/built-in.o: defined in discarded section `.devexit.text' of drivers/built-in.o
`mv_xor_remove' referenced in section `.data' of drivers/built-in.o: defined in discarded section `.devexit.text' of drivers/built-in.o
`mv64xxx_i2c_unmap_regs' referenced in section `.devinit.text' of drivers/built-in.o: defined in discarded section `.devexit.text' of drivers/built-in.o
`mv64xxx_i2c_remove' referenced in section `.data' of drivers/built-in.o: defined in discarded section `.devexit.text' of drivers/built-in.o
`orion_nand_remove' referenced in section `.data' of drivers/built-in.o: defined in discarded section `.devexit.text' of drivers/built-in.o
`pxafb_remove' referenced in section `.data' of drivers/built-in.o: defined in discarded section `.devexit.text' of drivers/built-in.o
Acked-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
The cacheid_init() function assumes that if cpu_architecture() returns
7, the caches are VIPT_NONALIASING. The cpu_architecture() function
returns the version of the supported MMU features (e.g. TEX remapping)
but it doesn't make any assumptions about the cache type. The patch adds
the checking of the Cache Type Register for the ARMv7 format.
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
The target of the strex instruction to clear the exlusive monitor
is currently the top of the stack. If the store succeeeds this
corrupts r0 in pt_regs. Use the next stack location instead of
the current one to prevent any chance of corrupting an in-use
address.
Signed-off-by: Seth Forshee <seth.forshee@gmail.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Impact: fix stuck NMIs and non-working oprofile on certain CPUs
Resetting the counter width of the performance counters on Intel's
Core2 CPUs, breaks the delivery of NMIs, when running in x86_64 mode.
This should fix bug #12395:
http://bugzilla.kernel.org/show_bug.cgi?id=12395
Signed-off-by: Tim Blechmann <tim@klingt.org>
Signed-off-by: Robert Richter <robert.richter@amd.com>
LKML-Reference: <20090303100412.GC10085@erda.amd.com>
Cc: <stable@kernel.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
I have a system where UART0 is configured with hardware flow control, but UART1
doesn't have it enabled. Attempting to access UART1 in this configuration
results in the following error in dmesg:
<3>bfin-gpio: GPIO 0 is already reserved as Peripheral by bfin-uart !
<5>Stack from 0082bc7c:
<5> 0082bc88 00404dd6 00000003 00000000 0054051e 004079da 0082bcb4
00000000
<5> 00000003 00000000 0052686c 0113f2a0 005fa3f0 00000032 20515249
00003035
<5> 00427228 00526e50 0113f2e0 005fa3f0 00000032 0113f2e0 0054b748
0000ffff
<5> 22222222 22222222 004e1628 00427304 00000000 00000032 00000023
0054b748
<5> 00487a94 0054b7e8 0054b748 0000000b 00487fb8 0054b748 0054b748
00000001
<5> 0000000a 005fa3f0 009d4fe8 0101e3c0 0054b748 005fa3f0 0050b134
0054b748
<5>
<5>Call Trace:
<4>[<00485c16>] _uart_startup+0x56/0x178
<4>[<004865c8>] _uart_open+0x40/0x3e0
<4>[<0048661c>] _uart_open+0x94/0x3e0
<4>[<0047f1ce>] _init_dev+0x1fa/0x450
<4>[<004e1628>] ___mutex_unlock_slowpath+0x30/0xe8
<4>[<004815da>] _tty_open+0xf6/0x21c
<4>[<0043dab0>] ___path_lookup_intent_open+0x34/0x7c
<4>[<004375e4>] _chrdev_open+0x7c/0x134
<4>[<0043dc2c>] _open_namei+0x60/0x568
<4>[<00433fa2>] ___dentry_open+0x9e/0x188
<4>[<00437568>] _chrdev_open+0x0/0x134
<4>[<0043410c>] _nameidata_to_filp+0x30/0x3c
<4>[<00434152>] _do_filp_open+0x3a/0x44
<4>[<00408826>] _task_running_tick+0x102/0x278
<4>[<0043418e>] _do_sys_open+0x32/0xac
<4>[<0043ede4>] _sys_ioctl+0x28/0x50
<4>[<0043edbc>] _sys_ioctl+0x0/0x50
<4>[<00434224>] _sys_open+0x18/0x20
<4>[<0043420c>] _sys_open+0x0/0x20
<4>[<00418174>] _sys_setuid+0x0/0xc8
This is because the #ifdef's in bfin_serial_5xx.h are messed up. More
specifically, they add/remove the uart_{rts,cts}_pin fields in
bfin_serial_resources based on whether the particular port has rts/cts enabled,
as opposed to when either port has it enabled.
This patch fixed this.
Signed-off-by: Tom Parker <blackfin@tevp.net>
Signed-off-by: Sonic Zhang <sonic.zhang@analog.com>
Signed-off-by: Bryan Wu <cooloney@kernel.org>
It turns out that net_alive is unnecessary, and the original problem
that led to it being added was simply that the icmp code thought
it was a network device and wound up being unable to handle packets
while there were still packets in the network namespace.
Now that icmp and tcp have been fixed to properly register themselves
this problem is no longer present and we have a stronger guarantee
that packets will not arrive in a network namespace then that provided
by net_alive in netif_receive_skb. So remove net_alive allowing
packet reception run a little faster.
Additionally document the strong reason why network namespace cleanup
is safe so that if something happens again someone else will have
a chance of figuring it out.
Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
To remove the possibility of packets flying around when network
devices are being cleaned up use reisger_pernet_subsys instead of
register_pernet_device.
Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>
Acked-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Recently I had a kernel panic in icmp_send during a network namespace
cleanup. There were packets in the arp queue that failed to be sent
and we attempted to generate an ICMP host unreachable message, but
failed because icmp_sk_exit had already been called.
The network devices are removed from a network namespace and their
arp queues are flushed before we do attempt to shutdown subsystems
so this error should have been impossible.
It turns out icmp_init is using register_pernet_device instead
of register_pernet_subsys. Which resulted in icmp being shut down
while we still had the possibility of packets in flight, making
a nasty NULL pointer deference in interrupt context possible.
Changing this to register_pernet_subsys fixes the problem in
my testing.
Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>
Acked-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
When a network namespace is destroyed the network interfaces are
all unregistered, making addrconf_ifdown called by the netdevice
notifier.
In the other hand, the addrconf exit method does a loop on the network
devices and does addrconf_ifdown on each of them. But the ordering of
the netns subsystem is not right because it uses the register_pernet_device
instead of register_pernet_subsys. If we handle the loopback as
any network device, we can safely use register_pernet_subsys.
But if we use register_pernet_subsys, the addrconf exit method will do
exactly what was already done with the unregistering of the network
devices. So in definitive, this code is pointless.
I removed the netns addrconf exit method and moved the code to the
addrconf cleanup function.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
make sure ANOMALY_05000278/ANOMALY_05000380 is defined for all parts
Signed-off-by: Mike Frysinger <vapier.adi@gmail.com>
Signed-off-by: Bryan Wu <cooloney@kernel.org>
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Impact: fix failed EFI bootup in certain circumstances
Ying Huang found init_memory_mapping() has problem with small ranges
less than 2M when he tried to direct map the EFI runtime code out of
max_low_pfn_mapped.
It turns out we never considered that case and didn't check the range...
Reported-by: Ying Huang <ying.huang@intel.com>
Signed-off-by: Yinghai Lu <yinghai@kernel.org>
Cc: Brian Maly <bmaly@redhat.com>
LKML-Reference: <49ACDDED.1060508@kernel.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
The following patch enables SMC911x support to work on the OMAP LDP
board. Although the SMC911x driver will eventually be obsoleted, the
smsc911x patches are rather invasive for the -rc kernels.
Rather than risk destablising smsc911x, this simpler patch is preferred
to allow the network interface to work.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Acked-by: Tony Lindgren <tony@atomide.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
If ERROR chunk is received with too many error causes in ESTABLISHED
state, the kernel get panic.
This is because sctp limit the max length of cmds to 14, but while
ERROR chunk is received, one error cause will add around 2 cmds by
sctp_add_cmd_sf(). So many error causes will fill the limit of cmds
and panic.
This patch fixed the problem.
This bug can be test by SCTP Conformance Test Suite
<http://networktest.sourceforge.net/>.
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
An extra list_del() during the module load failure and unload
resulted in a crash with a list corruption. Now sctp can
be unloaded again.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This reverts commit 155b25bcc2, which was
totally wrong - the "embedded" options still exists (very much so) even
on non-embedded platforms.
It's just that we don't bother with actually asking about them when
we're not embedded, we just take their default values (which is usually
'y' - the options add features that may not be worth it in a constrained
environment).
Noticed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6:
drm/i915: Fix use-before-null-check in i915_irq_emit().
drm: Avoid client deadlocks when the master disappears.
drm: Wake up all lock waiters when the master disappears.
drm: Don't return ERESTARTSYS to user-space.
This could be triggered by a client asking to emit an irq when the device
wasn't initialized.
Signed-off-by: Eric Anholt <eric@anholt.net>
Signed-off-by: Dave Airlie <airlied@linux.ie>
This is done by
1) Wake up lock waiters when we close the master file descriptor.
Not when the master structure is removed, since the latter
requires the waiters themselves to release the refcount on the
master structure -> Deadlock.
2) Send a SIGTERM to all clients waiting for the lock.
Normally these clients will get a SIGPIPE when the X server dies,
but clients may also spin trying to grab the DRM lock, without
getting any sort of notification.
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Signed-off-by: Dave Airlie <airlied@linux.ie>