We currently trigger BUG when VIRTIO_NET_F_CTRL_VQ
is not set but one of features depending on it is.
That's not a friendly way to report errors to
hypervisors.
Let's check, and fail probe instead.
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Cc: Wanlong Gao <gaowanlong@cn.fujitsu.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Acked-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Pablo Neira Ayuso says:
====================
Netfilter fixes for net
The following patchset contains two bugfixes for your net tree, they are:
1) Validate netlink group from nfnetlink to avoid an out of bound array
access. This should only happen with superuser priviledges though.
Discovered by Andrey Ryabinin using trinity.
2) Don't push ethernet header before calling the netfilter output hook
for multicast traffic, this breaks ebtables since it expects to see
skb->data pointing to the network header, patch from Linus Luessing.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
John W. Linville says:
====================
pull request: wireless 2014-11-20
Please full this little batch of fixes intended for the 3.18 stream!
For the mac80211 patch, Johannes says:
"Here's another last minute fix, for minstrel HT crashing
depending on the value of some uninitialised stack."
On top of that...
Ben Greear fixes an ath9k regression in which a BSSID mask is
miscalculated.
Dmitry Torokhov corrects an error handling routing in brcmfmac which
was checking an unsigned variable for a negative value.
Johannes Berg avoids a build problem in brcmfmac for arches where
linux/unaligned/access_ok.h and asm/unaligned.h conflict.
Mathy Vanhoef addresses another brcmfmac issue so as to eliminate a
use-after-free of the URB transfer buffer if a timeout occurs.
Please let me know if there are problems!
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Peer priority groups were being reversed, but this was missed in the previous
fix sent out for this issue.
v2 : Previous patch was doing extra unnecessary work, result is the same.
Please ignore previous patch
Fixes : ee7bc3cdc2 ('cxgb4 : dcb open-lldp interop fixes')
Signed-off-by: Anish Bhatt <anish@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This fixes an old regression introduced by commit
b0d0d915 (ipx: remove the BKL).
When a recvmsg syscall blocks waiting for new data, no data can be sent on the
same socket with sendmsg because ipx_recvmsg() sleeps with the socket locked.
This breaks mars-nwe (NetWare emulator):
- the ncpserv process reads the request using recvmsg
- ncpserv forks and spawns nwconn
- ncpserv calls a (blocking) recvmsg and waits for new requests
- nwconn deadlocks in sendmsg on the same socket
Commit b0d0d915 has simply replaced BKL locking with
lock_sock/release_sock. Unlike now, BKL got unlocked while
sleeping, so a blocking recvmsg did not block a concurrent
sendmsg.
Only keep the socket locked while actually working with the socket data and
release it prior to calling skb_recv_datagram().
Signed-off-by: Jiri Bohac <jbohac@suse.cz>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
When userspace doesn't provide a mask, OVS datapath generates a fully
unwildcarded mask for the flow by copying the flow and setting all bits
in all fields. For IPv6 label, this creates a mask that matches on the
upper 12 bits, causing the following error:
openvswitch: netlink: Invalid IPv6 flow label value (value=ffffffff, max=fffff)
This patch ignores the label validation check for masks, avoiding this
error.
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
pptp_getname() only partially initializes the stack variable sa,
particularly only fills the pptp part of the sa_addr union. The code
thereby discloses 16 bytes of kernel stack memory via getsockname().
Fix this by memset(0)'ing the union before.
Cc: Dmitry Kozlov <xeb@mail.ru>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
fix one regression and one endian issue.
* 'drm-fixes-3.18' of git://people.freedesktop.org/~agd5f/linux:
drm/radeon: fix endian swapping in vbios fetch for tdp table
drm/radeon: disable native backlight control on pre-r6xx asics (v2)
TIF_NOHZ is 19 (i.e. _TIF_SYSCALL_TRACE | _TIF_NOTIFY_RESUME |
_TIF_SINGLESTEP), not (1<<19).
This code is involved in Dave's trinity lockup, but I don't see why
it would cause any of the problems he's seeing, except inadvertently
by causing a different path through entry_64.S's syscall handling.
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Cc: Don Zickus <dzickus@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Dave Jones <davej@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Link: http://lkml.kernel.org/r/a6cd3b60a3f53afb6e1c8081b0ec30ff19003dd7.1416434075.git.luto@amacapital.net
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
This is a specific implementation, <asm/unaligned.h> is the
multiplexer that has the arch-specific knowledge of which
of the implementations needs to be used, so include that.
This issue was revealed by kbuild testing
when <asm/unaligned.h> was added in <linux/ieee80211.h>
resulting in redefinition of get_unaligned_be16 (and
probably others).
Cc: stable@vger.kernel.org # v3.17
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Arend van Spriel <arend@broadcom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Just use the acpi interface. That's what windows uses on this
generation and it's the only thing that seems to work reliably
on these generation parts.
You can still force the native backlight interface by setting
radeon.backlight=1
Bug:
https://bugzilla.kernel.org/show_bug.cgi?id=88501
v2: merge into above if/else block
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
Check against !OVL_PATH_LOWER instead of OVL_PATH_MERGE. For a copied up
directory the two are currently equivalent.
Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Pass dentry into ovl_dir_read_merged() insted of upperpath and lowerpath.
This cleans up callers and paves the way for multi-layer directory reads.
Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Xattr operations can race with copy up. This does not matter as long as
we consistently fiter out "trunsted.overlay.opaque" attribute on upper
directories.
Previously we checked parent against OVL_PATH_MERGE. This is too general,
and prone to race with copy-up. I.e. we found the parent to be on the
lower layer but ovl_dentry_real() would return the copied-up dentry,
possibly with the "opaque" attribute.
So instead use ovl_path_real() and decide to filter the attributes based on
the actual type of the dentry we'll use.
Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
ovl_remove_and_whiteout() needs to check if upper dentry exists or not
after having locked upper parent directory.
Previously we used a "type" value computed before locking the upper parent
directory, which is susceptible to racing with copy-up.
There's a similar check in ovl_check_empty_and_clear(). This one is not
actually racy, since copy-up doesn't change the "emptyness" property of a
directory. Add a comment to this effect, and check the existence of upper
dentry locally to make the code cleaner.
Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Some distributions carry an "old" format of overlayfs while mainline has a
"new" format.
The distros will possibly want to keep the old overlayfs alongside the new
for compatibility reasons.
To make it possible to differentiate the two versions change the name of
the new one from "overlayfs" to "overlay".
Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Reported-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Cc: Andy Whitcroft <apw@canonical.com>
The /aliases node isn't always present in the device tree, but the
unittest code assumes that /aliases is there. Add a check when inserting
the testcase data to see if of_aliases needs to be updated, and undo the
settings when the nodes are removed.
Signed-off-by: Grant Likely <grant.likely@linaro.org>
Cc: Rob Herring <robh+dt@kernel.org>
Cc: Gaurav Minocha <gaurav.minocha.os@gmail.com>
Cc: <stable@vger.kernel.org>
isert has an issue of trying to create a CQ with more CQEs than are
supported by the hardware, that currently results in failures during
isert_device creation during first session login.
This is the isert version of the patch that Minh Tran submitted for
iser, and is simple a workaround required to function with existing
ocrdma hardware.
Signed-off-by: Chris Moore <chris.moore@emulex.com>
Reviewied-by: Sagi Grimberg <sagig@mellanox.com>
Cc: <stable@vger.kernel.org> # 3.10+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
two regression fixes.
* tag 'drm-intel-fixes-2014-11-19' of git://anongit.freedesktop.org/drm-intel:
drm/i915: Kick fbdev before vgacon
drm/i915: drop WaSetupGtModeTdRowDispatch:snb
As reported by Dmitry, on some Chromebooks there are devices with
corresponding ACPI objects and with unusual system wakeup
configuration. Namely, they technically are wakeup-capable, but the
wakeup is handled via a platform-specific out-of-band mechanism and
the ACPI PM layer has no information on the wakeup capability. As
a result, device_may_wakeup(dev) called from acpi_dev_suspend_late()
returns 'true' for those devices, but the wakeup.flags.valid flag is
unset for the corresponding ACPI device objects, so acpi_device_wakeup()
reproducibly fails for them causing acpi_dev_suspend_late() to return
an error code. The entire system suspend is then aborted and the
machines in question cannot suspend at all.
Address the problem by ignoring the device_may_wakeup(dev) return
value in acpi_dev_suspend_late() if the ACPI companion of the device
being handled has wakeup.flags.valid unset (in which case it is clear
that the wakeup is supposed to be handled by other means).
This fixes a regression introduced by commit a76e9bd89a (i2c:
attach/detach I2C client device to the ACPI power domain) as the
affected systems could suspend and resume successfully before that
commit.
Fixes: a76e9bd89a (i2c: attach/detach I2C client device to the ACPI power domain)
Reported-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-by: Dmitry Torokhov <dtor@chromium.org>
Cc: 3.13+ <stable@vger.kernel.org> # 3.13+
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
cxgb4i was returning wrong error and not releasing module reference if remote
end abruptly closed TCP connection. This prevents the cxgb4 network module from
being unloaded, further affecting other network drivers dependent on cxgb4
Sending to net as this affects all cxgb4 based network drivers.
Signed-off-by: Anish Bhatt <anish@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
pim6_protocol was added when initiation, but it not deleted.
Similarly, unregister RTNL_FAMILY_IP6MR rtnetlink.
Signed-off-by: Duan Jiong <duanj.fnst@cn.fujitsu.com>
Reviewed-by: Cong Wang <cwang@twopensource.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Aaron reported that a 32-bit x86 kernel with Physical Address Extension
(PAE) support complains about bridge prefetchable memory windows above 4GB:
pci_bus 0000:00: root bus resource [mem 0x380000000000-0x383fffffffff]
...
pci 0000:03:00.0: reg 0x10: [mem 0x383fffc00000-0x383fffdfffff 64bit pref]
pci 0000:03:00.0: reg 0x20: [mem 0x383fffe04000-0x383fffe07fff 64bit pref]
pci 0000:03:00.1: reg 0x10: [mem 0x383fffa00000-0x383fffbfffff 64bit pref]
pci 0000:03:00.1: reg 0x20: [mem 0x383fffe00000-0x383fffe03fff 64bit pref]
pci 0000:00:02.2: PCI bridge to [bus 03-04]
pci 0000:00:02.2: bridge window [io 0x1000-0x1fff]
pci 0000:00:02.2: bridge window [mem 0x91900000-0x91cfffff]
pci 0000:00:02.2: can't handle 64-bit address space for bridge
In this kernel, unsigned long is 32 bits and dma_addr_t is 64 bits.
Previously we used "unsigned long" to hold the bridge window address. But
this is a bus address, so we should use dma_addr_t instead.
Use dma_addr_t to hold the bridge window base and limit.
The question of whether the CPU can actually *address* the window is
separate and depends on what the physical address space of the CPU is and
whether the host bridge does any address translation.
[bhelgaas: fix "shift count > width of type", changelog, stable tag]
Fixes: d56dbf5bab ("PCI: Allocate 64-bit BARs above 4G when possible")
Link: https://bugzilla.kernel.org/show_bug.cgi?id=88131
Reported-by: Aaron Ma <mapengyu@gmail.com>
Tested-by: Aaron Ma <mapengyu@gmail.com>
Signed-off-by: Yinghai Lu <yinghai@kernel.org>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
CC: stable@vger.kernel.org # v3.14+
depending on the value of some uninitialised stack.
-----BEGIN PGP SIGNATURE-----
iQIcBAABCAAGBQJUa70EAAoJEDBSmw7B7bqr40gQAMgNUKILuYTyHZaKR7teV8aG
uVFzrMdmNjCZIsxAuH1X8VNOJZEAB+Ro+lTybNjC/tTPyA+Yu3lDCQjSYiE8UOFk
mDrNFG0tjZHGn3axceLIhujfPqXEks/wQ98tDEJU2eMLxS0nClwyTXjhc1IxzUBO
/L2HlhGWADRZ6FIV7yhRO33KN1l3Q8oxW79ybJq/5JCcclfGBt3OpYvi7AW6M4iK
qfgTfS6GbpcRRc4+HVA/cgYOFaRmMI71bvqMgvh8MgmqfQeRw+WSOaUiLx795CsR
OKrIQgdpVp2JHwHkFXIgBy+EBBbXtCozvxKX3u+YKPabj4GC/6dkT370nuvv9hkz
IzTxt+yNBTqJawum7vM6WypgT4wCZOR0JbY0vDW5jYLJnDfGJkYFbny7WtRtCVf7
xWzIixkyWLNFs6swbRdIKoU5GNw2fNe7az4fRoUqNtZGSPHiK7oD5sEkr81hWUV5
5XsifngqekfdVvIGTckpy2SAikxgkrtHOQFIGJz+PN1CjvDT++66Opr3AHnwWeSP
IAjmoVOCiyIBzXlcsZJmAfPa4Hvk+NAPRKCx6N25q/+ESpOZRARWFRV3VuPeGzQW
+SiC4V9VYWHvW9VPJ37WkAFYv5tPaLLyURdU7p6MSwuc0RCPgtcvXty2QFbjQLdf
k0apC9DZydQPF2kre6Pv
=L2Jb
-----END PGP SIGNATURE-----
Merge tag 'mac80211-for-john-2014-11-18' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211
Johannes Berg <johannes@sipsolutions.net> says:
"Here's another last minute fix, for minstrel HT crashing
depending on the value of some uninitialised stack."
Signed-off-by: John W. Linville <linville@tuxdriver.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJUa62AAAoJECte4hHFiupU4poP/ioEJ/FE0ODYBWzLkseu1SA3
l9+Y76SvXb1HJ9g0GMK2Dk71R6GsmxT7cUx2Gn9EwRyFF9hHDq5d3Oz+zGIJxLcj
GJeVLKEarg74nxFixIb19H5mrfpSP18wvg68BBjLuAiM9zo++AYiJU1jb9hSIU/f
dkFFaU3/HSBZVbrb152kTO7bMvxzi0fYnlhK8TisZbq6YWMla5oJOAugxT7Ew81L
fAb3FnZdho/XLXecBLsOtSEnDVv9rD89H0IyYp89pBTmtpzDH6JUR77BBmdN9w/D
7hHtqjuC0vhBG9xrFq5z5vnbgR3SmxfkTgstsJUyYkAP/R9v3I/LznlHfUp80UrI
IkJw66iYOZRFo5bORHoY8ID+/2h8b/AcBAwBRXj+RcwjndEZbWl4JOEP1bxYlQG3
53WIhYLwTcJP1djp2NPWt0Z6Hli/j2KlAYsbunbnNIGmZJovtirWe2+sob/Xvoi2
FO8kVlbeowT2hu6tMPenQ+qfR7nO9MqK2PMT4NWPcR7a42h7fIHS9JAa2SJVfANJ
weGvh3RcVOKfiPvmDCZGSlytk+OgEmS5vna/xOoQZP8xIhQ3899MM/Lpz2gIExvU
mHbxj6nV2DmgljFTCz2T9z5yfhZs+OHd5Nrl048UIt/XIaUIBa0lax9WjqDTY8sZ
TCH/A/JHILxmpQLOq66N
=OIH1
-----END PGP SIGNATURE-----
Merge tag 'linux-can-fixes-for-3.18-20141118' of git://gitorious.org/linux-can/linux-can
Marc Kleine-Budde says:
====================
pull-request: can 2014-11-18
this is a pull request of 17 patches for net/master for the v3.18 release
cycle.
The last patch of this pull request ("can: m_can: update to support CAN FD
features") adds, as the description says, a new feature to the m_can driver. As
the m_can driver has been added in v3.18 there is no risk of causing a
regression. Give me a note if this is not okay and I'll create a new pull
request without it.
There is a patch for the CAN infrastructure by Thomas Körper which fixes
calling kfree_skb() from interrupt context. Roman Fietze fixes a typo also in
the infrastructure. A patch by Dong Aisheng adds a generic helper function to
tell if a skb is normal CAN or CAN-FD frame. Alexey Khoroshilov of the Linux
Driver Verification project fixes a memory leak in the esd_usb2 driver. Two
patches by Sudip Mukherjee remove unused variables and fixe the signess of a
variable. Three patches by me add the missing .ndo_change_mtu callback to the
xilinx_can, rcar_can and gs_usb driver.
The remaining patches improve the m_can driver: David Cohen adds the missing
CONFIG_HAS_IOMEM dependency. Dong Aisheng provides 6 bugfix patches (most
important: missing RAM init, sleep in NAPI poll, dlc in RTR). While the last of
his patches adds CAN FD support to the driver.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
This is currently missing, which results in a crash when one attempts
to set VXLAN tunnel over the mlx4_en when acting as PF.
[ 2408.785472] BUG: unable to handle kernel NULL pointer dereference at (null)
[...]
[ 2408.994104] Call Trace:
[ 2408.996584] [<ffffffffa021f7f5>] ? vxlan_get_rx_port+0xd6/0x103 [vxlan]
[ 2409.003316] [<ffffffffa021f71f>] ? vxlan_lowerdev_event+0xf2/0xf2 [vxlan]
[ 2409.010225] [<ffffffffa0630358>] mlx4_en_start_port+0x862/0x96a [mlx4_en]
[ 2409.017132] [<ffffffffa063070f>] mlx4_en_open+0x17f/0x1b8 [mlx4_en]
While here, make sure to invoke vxlan_get_rx_port() only when VXLAN
offloads are actually enabled and not when they are only supported.
Reported-by: Ido Shamay <idos@mellanox.com>
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Since commit 6fde8f037e ("bonding: fix locking in
bond_loadbalance_arp_mon()") we can have a stale bond carrier state and
stale curr_active_slave when using arp monitoring in loadbalance modes. The
reason is that in bond_loadbalance_arp_mon() we can't have
do_failover == true but slave_state_changed == false, whenever do_failover
is true then slave_state_changed is also true. Then the following piece
from bond_loadbalance_arp_mon():
if (slave_state_changed) {
bond_slave_state_change(bond);
if (BOND_MODE(bond) == BOND_MODE_XOR)
bond_update_slave_arr(bond, NULL);
} else if (do_failover) {
block_netpoll_tx();
bond_select_active_slave(bond);
unblock_netpoll_tx();
}
will execute only the first branch, always and regardless of do_failover.
Since these two events aren't related in such way, we need to decouple and
consider them separately.
For example this issue could lead to the following result:
Bonding Mode: load balancing (round-robin)
*MII Status: down*
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0
ARP Polling Interval (ms): 100
ARP IP target/s (n.n.n.n form): 192.168.9.2
Slave Interface: ens12
*MII Status: up*
Speed: 10000 Mbps
Duplex: full
Link Failure Count: 2
Permanent HW addr: 00:0f:53:01:42:2c
Slave queue ID: 0
Slave Interface: eth1
*MII Status: up*
Speed: Unknown
Duplex: Unknown
Link Failure Count: 70
Permanent HW addr: 52:54:00:2f:0f:8e
Slave queue ID: 0
Since some interfaces are up, then the status of the bond should also be
up, but it will never change unless something invokes bond_set_carrier()
(i.e. enslave, bond_select_active_slave etc). Now, if I force the
calling of bond_select_active_slave via for example changing
primary_reselect (it can change in any mode), then the MII status goes to
"up" because it calls bond_select_active_slave() which should've been done
from bond_loadbalance_arp_mon() itself.
CC: Veaceslav Falico <vfalico@gmail.com>
CC: Jay Vosburgh <j.vosburgh@gmail.com>
CC: Andy Gospodarek <andy@greyhouse.net>
CC: Ding Tianhong <dingtianhong@huawei.com>
Fixes: 6fde8f037e ("bonding: fix locking in bond_loadbalance_arp_mon()")
Signed-off-by: Nikolay Aleksandrov <nikolay@redhat.com>
Acked-by: Veaceslav Falico <vfalico@gmail.com>
Acked-by: Andy Gospodarek <gospo@cumulusnetworks.com>
Acked-by: Ding Tianhong <dingtianhong@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The fair reader/writer locks mean that btrfs_clear_path_blocking needs
to strictly follow lock ordering rules even when we already have
blocking locks on a given path.
Before we can clear a blocking lock on the path, we need to make sure
all of the locks have been converted to blocking. This will remove lock
inversions against anyone spinning in write_lock() against the buffers
we're trying to get read locks on. These inversions didn't exist before
the fair read/writer locks, but now we need to be more careful.
We papered over this deadlock in the past by changing
btrfs_try_read_lock() to be a true trylock against both the spinlock and
the blocking lock. This was slower, and not sufficient to fix all the
deadlocks. This patch adds a btrfs_tree_read_lock_atomic(), which
basically means get the spinlock but trylock on the blocking lock.
Signed-off-by: Chris Mason <clm@fb.com>
Signed-off-by: Josef Bacik <jbacik@fb.com>
Reported-by: Patrick Schmid <schmid@phys.ethz.ch>
cc: stable@vger.kernel.org #v3.15+
With the isofs_hash() function removed, isofs_hash_ms() is the only user
of isofs_hash_common(), but it's defined inside of an #ifdef, which triggers
this gcc warning in ARM axm55xx_defconfig starting with v3.18-rc3:
fs/isofs/inode.c:177:1: warning: 'isofs_hash_common' defined but not used [-Wunused-function]
This patch moves the function inside of the same #ifdef section to avoid that
warning, which seems the best compromise of a relatively harmless patch for
a late -rc.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Fixes: b0afd8e5db ("isofs: don't bother with ->d_op for normal case")
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
In "d_prune_alias(): just lock the parent and call __dentry_kill()" the old
dget + d_drop + dput has been replaced with lock_parent + __dentry_kill;
unfortunately, dput() does more than just killing dentry - it also drops the
reference to parent. New variant leaks that reference and needs dput(parent)
after killing the child off.
Signed-off-by: Yan, Zheng <zyan@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
The removal path for selftest data has an off by one error that causes
the code to dereference beyond the end of the nodes[] array on the first
pass through. The old code only worked by chance on a lot of platforms,
but the bug was recently exposed on aarch64.
The fix is simple. Decrement the node count before dereferencing, not
after.
Reported-by: Kevin Hilman <khilman@linaro.org>
Cc: Rob Herring <robh+dt@kernel.org>
Cc: Gaurav Minocha <gaurav.minocha.os@gmail.com>
Cc: <stable@vger.kernel.org> # v3.17+
This patch fixes a long standing issue introduced during the 3.16 merge window.
Shortly after the merge, exynos5250-based arndale boards began to produce the
following errors:
kern.err kernel: exynos-cpufreq exynos-cpufreq: failed to set cpu voltage
kern.err kernel: cpufreq: __target_index: Failed to change cpu frequency: -22
Further analysis revealed that the S5M8767 voltage regulator used on the
exynos5250-based arndale board utilizes the S3C2410 I2C controller. If the
S3C2410 I2C controller driver is not enabled, the S5M8767 voltage regulator
fails to probe. Therefore a dependency exists between these two drivers.
In the exynos_defconfig both CONFIG_REGULATOR_S5M8767 and CONFIG_I2C_S3C2410
options are enabled, and no errors are produced. However, in the
multi_v7_defconfig only the CONFIG_REGULATOR_S5M8767 option is enabled and the
errors are present. So let's enable the CONFIG_I2C_S3C2410 option in the
multi_v7_defconfig to allow the S5M8767 voltage regulator to probe.
Signed-off-by: Tyler Baker <tyler.baker@linaro.org>
Acked-by: Kukjin Kim <kgene.kim@samsung.com>
Signed-off-by: Kevin Hilman <khilman@linaro.org>
Implement the microMIPS encoding of the J instruction for the purpose of
the static keys feature, fixing a crash early on in bootstrap as the
kernel is unhappy seeing the ISA bit set in jump table entries. Make
sure the ISA bit correctly reflects the instruction encoding chosen for
the kernel, 0 for the standard MIPS and 1 for the microMIPS encoding.
Also make sure the instruction to patch is a 32-bit NOP in the microMIPS
mode as by default the 16-bit short encoding is assumed
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/8516/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Correct the check for the span of the 256MB segment addressable by the J
instruction according to this instruction's semantics. The calculation
of the jump target is applied to the address of the delay-slot
instruction that immediately follows. Adjust the check accordingly by
adding 4 to `e->code' that holds the address of the J instruction
itself.
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/8515/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Commit cf62a8b813 ("MIPS: lib: memcpy: Use macro to build the
copy_user code") switched to a macro in order to build the memcpy
symbols in preparation for the EVA support. However, this commit
also removed the NOP instruction after the 'jr ra' when returning
back to the caller. This had no visible side-effects since the next
instruction was a load to the t0 register which was already in the
clobbered list, but it may have undesired effects in the future
if some other code is introduced in between the .Ldone and
the .Ll_exc_copy labels.
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
Cc: <stable@vger.kernel.org> # v3.15+
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/8512/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
HTW needs to stop and start again whenever the EntryHI register
changes otherwise an inflight HTW operation might use the new
EntryHI register for updating an old entry and that could lead
to crashes or even a machine check exception. We fix this by
ensuring the HTW has stop whenever the EntryHI register is about
to change
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
Cc: <stable@vger.kernel.org> # v3.17+
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/8511/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
When EVA is turned on and prefetching is being used in memcpy.S,
the v1 register is being used as a helper register to the PREFE
instruction. However, v1 ($3) was not in the clobber list, which
means that the compiler did not preserve it across function calls,
and that could corrupt the value of the register leading to all
sorts of userland crashes. We fix this problem by using the
DADDI_SCRATCH macro to define the clobbered register when
CONFIG_EVA && CONFIG_CPU_HAS_PREFETCH are enabled.
Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
Cc: <stable@vger.kernel.org> # v3.15+
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/8510/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
In CPU manual Loongson-3 is MIPS64R2 compatible, but during tests we
found that its EI/DI instructions have problems. So we just set the ISA
level to MIPS64R1.
Signed-off-by: Huacai Chen <chenhc@lemote.com>
Cc: John Crispin <john@phrozen.org>
Cc: Steven J. Hill <Steven.Hill@imgtec.com>
Cc: linux-mips@linux-mips.org
Cc: Fuxin Zhang <zhangfx@lemote.com>
Cc: Zhangjin Wu <wuzhangjin@gmail.com>
Patchwork: https://patchwork.linux-mips.org/patch/8320/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
All Loongson-2/3 processors support _CACHE_UNCACHED_ACCELERATED, not
only Loongson-3A.
Signed-off-by: Huacai Chen <chenhc@lemote.com>
Cc: John Crispin <john@phrozen.org>
Cc: Steven J. Hill <Steven.Hill@imgtec.com>
Cc: linux-mips@linux-mips.org
Cc: Fuxin Zhang <zhangfx@lemote.com>
Cc: Zhangjin Wu <wuzhangjin@gmail.com>
Patchwork: https://patchwork.linux-mips.org/patch/8319/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
export the __node_distances symbol in the ip27 memory code to fix the
build error:
Building modules, stage 2.
MODPOST 311 modules
ERROR: "__node_distances" [drivers/block/nvme.ko] undefined!
scripts/Makefile.modpost:90: recipe for target '__modpost' failed
when building the kernel with:
CONFIG_SGI_IP27=y
CONFIG_BLK_DEV_NVME=m
Signed-off-by: James Cowgill <James.Cowgill@imgtec.com>
Cc: <stable@vger.kernel.org> # v3.15+
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
export the __node_distances symbol in the loongson3 numa code to fix the
build error:
Building modules, stage 2.
MODPOST 221 modules
ERROR: "__node_distances" [drivers/block/nvme.ko] undefined!
scripts/Makefile.modpost:90: recipe for target '__modpost' failed
when building the kernel with:
CONFIG_CPU_LOONGSON3=y
CONFIG_NUMA=y
CONFIG_BLK_DEV_NVME=m
Signed-off-by: James Cowgill <James.Cowgill@imgtec.com>
Cc: <stable@vger.kernel.org> # v3.17+
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Reviewed-by: Huacai Chen <chenhc@lemote.com>
Cc: linux-mips@linux-mips.org
Cc: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Patchwork: https://patchwork.linux-mips.org/patch/8444/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
This contains the serial port numbering fixes that are required for the
serial port numbering to stay the same with or without the serial core
making use of the aliases defined in DT.
eMMC is also fixed for TN7 and Roth boards which were using the wrong
regulators.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJUZNbZAAoJEN0jrNd/PrOhZugP/2SABzzEa1EwAwE0ksM/Z47x
MYDGUQ7nKuagGNwdHsQPEf+JXLADS1eOzdoQ187SaJdSt0DmbOzoU2IbG9b6Rm4j
31Al6XL2PdyDOeopMSbrwLHh7+HVhaW7TEQcCMqDJEEgsJIWY0sLuuDLLirpMoaO
oPD9anXAlVYhcDN8bPdW0gUMrZOGU9rB+q1jTj9kW1qX9xsNHb05WvLiZOwV032d
Hw0/q/BJ/MzoqXT/Z2UrIPpgcL9xnVw3NUPqE+dCXoAGRSsG6ggue+9TDAVyU7Xw
Fg4Hwm/qwnk1lAKvMgGw+fjLd/gUdIuo2kAg5sY2tGo+HTbgMMIz2LlXoz3gmx8/
XnBIKnCqv79kVIyRsOVYLXWrPJx5Ns8rMWXxM/SnD6hPNsudE/rr5dBHP+vS40AU
V/ty6G7BME1LM99h76Ixoaaw5ojjYLPdTb30SEKePKLsY+8gYh6up5Fuo1SdENlv
sIuQR1R7pGbsmshfMd5+xNH55QEucYD/IKz59Zc5+fZJBMEViMH2Q2NIsLYCsO1C
oSN3ck9Gwan2PrEV42uVOHPoQdqta8ZGm02Fl3pJb/2W04/KB3ahdCcPbBI9UGol
zR1EPbUlEiLN1Fczw7gy0/zrFO2Cq4VzwuHZgwiQvsxY8K2ChmsvloBnt9Rpj+VS
Xqbno7ENFXdRiIMWoIn0
=ick3
-----END PGP SIGNATURE-----
Merge tag 'tegra-for-3.18-fixes-for-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux into fixes
Pull "ARM: tegra: Device tree fixes for v3.18-rc5" from Thierry Reding:
This contains the serial port numbering fixes that are required for the
serial port numbering to stay the same with or without the serial core
making use of the aliases defined in DT.
eMMC is also fixed for TN7 and Roth boards which were using the wrong
regulators.
* tag 'tegra-for-3.18-fixes-for-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux:
ARM: tegra: roth: Fix SD card VDD_IO regulator
ARM: tegra: Remove eMMC vmmc property for roth/tn7
ARM: dts: tegra: move serial aliases to per-board
ARM: tegra: Add serial port labels to Tegra124 DT
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
* Correct IIC0 parent clock on r8a7740
* Correct SD3CKCR address to device tree on r8a7790
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJUYrybAAoJENfPZGlqN0++V0EP/1VvilCY1UkP4JG142J9GLKl
8V4H30OfVWr9m9O6LPEwOB/qkl9L6mlyu+oxTi1VI+96542IREfYz/REdy3HmgS2
zD7SEMikoqNbuPfjimonBSbtjRvNLrdcNBjrP9u0pJEZYmGBJelNWxTHAsp6fxDy
6nG+/hiNO3i7hyMaZwsYB+5E+9itJkSv4YOS9bh0IAM+WIMN+VasrMSGu9ZKUCT/
f2zcy2xLR/Zmd2ad6zpfFXDznO6C2vBfGg+fZ97K7H5mkSdkpSR5vYwxVWQY+49L
iTlevIi9E7ubp3QIgiSDy9qLAmWxL6wGm4Utj90c+jSKeLPd9NTmGAz0bIjVSYND
b8pmdww3dbYsxyqsWbYlscpYwxN83jynEQx3ZU0dCEA9X7o7SfkQpZlhw/qkNAIu
3iwEqNbrLLlz9nyl7lMFRUPGcn6pugd5ylq6zhfHR9cRRuMAjkkA/1iTEt4kPXSq
6wFLArgNSID9ood0mpuVzp0xWmqY9XsxwYQJLfIE53W8CatWP/HAWAEBiunCJVTg
p0A1WbRrVL0GIQ8QEOjfAo+a0WF0gaiT4Xr66tq6U0o0JwSXr7fws77cl82GXyol
m7AKJ+lzPS2RQg0DdjZAQ1OkA9laQmXtQb44a6OipMw2JdM3oG5yvK0IAb+sxjh1
mOiUw0Zggyf/L+PAxeKJ
=Du2A
-----END PGP SIGNATURE-----
Merge tag 'renesas-dt-fixes-for-v3.18' of git://git.kernel.org/pub/scm/linux/kernel/git/horms/renesas into fixes
Pull "Renesas ARM Based SoC DT Fixes for v3.18" from Simon Horman:
* Correct IIC0 parent clock on r8a7740
* Correct SD3CKCR address to device tree on r8a7790
* tag 'renesas-dt-fixes-for-v3.18' of git://git.kernel.org/pub/scm/linux/kernel/git/horms/renesas:
ARM: shmobile: r8a7740 dtsi: Correct IIC0 parent clock
ARM: shmobile: r8a7790: Fix SD3CKCR address to device tree
Signed-off-by: Arnd Bergmann <arnd@arndb.de>