Commit graph

322926 commits

Author SHA1 Message Date
Marc Kleine-Budde
ab04c8bd42 can: ti_hecc: fix oops during rmmod
This patch fixes an oops which occurs when unloading the driver, while the
network interface is still up. The problem is that first the io mapping is
teared own, then the CAN device is unregistered, resulting in accessing the
hardware's iomem:

[  172.744232] Unable to handle kernel paging request at virtual address c88b0040
[  172.752441] pgd = c7be4000
[  172.755645] [c88b0040] *pgd=87821811, *pte=00000000, *ppte=00000000
[  172.762207] Internal error: Oops: 807 [#1] PREEMPT ARM
[  172.767517] Modules linked in: ti_hecc(-) can_dev
[  172.772430] CPU: 0    Not tainted  (3.5.0alpha-00037-g3554cc0 #126)
[  172.778961] PC is at ti_hecc_close+0xb0/0x100 [ti_hecc]
[  172.784423] LR is at __dev_close_many+0x90/0xc0
[  172.789123] pc : [<bf00c768>]    lr : [<c033be58>]    psr: 60000013
[  172.789123] sp : c5c1de68  ip : 00040081  fp : 00000000
[  172.801025] r10: 00000001  r9 : c5c1c000  r8 : 00100100
[  172.806457] r7 : c5d0a48c  r6 : c5d0a400  r5 : 00000000  r4 : c5d0a000
[  172.813232] r3 : c88b0000  r2 : 00000001  r1 : c5d0a000  r0 : c5d0a000
[  172.820037] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
[  172.827423] Control: 10c5387d  Table: 87be4019  DAC: 00000015
[  172.833404] Process rmmod (pid: 600, stack limit = 0xc5c1c2f0)
[  172.839447] Stack: (0xc5c1de68 to 0xc5c1e000)
[  172.843994] de60:                   bf00c6b8 c5c1dec8 c5d0a000 c5d0a000 00200200 c033be58
[  172.852478] de80: c5c1de44 c5c1dec8 c5c1dec8 c033bf2c c5c1de90 c5c1de90 c5d0a084 c5c1de44
[  172.860992] dea0: c5c1dec8 c033c098 c061d3dc c5d0a000 00000000 c05edf28 c05edb34 c000d724
[  172.869476] dec0: 00000000 c033c2f8 c5d0a084 c5d0a084 00000000 c033c370 00000000 c5d0a000
[  172.877990] dee0: c05edb00 c033c3b8 c5d0a000 bf00d3ac c05edb00 bf00d7c8 bf00d7c8 c02842dc
[  172.886474] df00: c02842c8 c0282f90 c5c1c000 c05edb00 bf00d7c8 c0283668 bf00d7c8 00000000
[  172.894989] df20: c0611f98 befe2f80 c000d724 c0282d10 bf00d804 00000000 00000013 c0068a8c
[  172.903472] df40: c5c538e8 685f6974 00636365 c61571a8 c5cb9980 c61571a8 c6158a20 c00c9bc4
[  172.911987] df60: 00000000 00000000 c5cb9980 00000000 c5cb9980 00000000 c7823680 00000006
[  172.920471] df80: bf00d804 00000880 c5c1df8c 00000000 000d4267 befe2f80 00000001 b6d90068
[  172.928985] dfa0: 00000081 c000d5a0 befe2f80 00000001 befe2f80 00000880 b6d90008 00000008
[  172.937469] dfc0: befe2f80 00000001 b6d90068 00000081 00000001 00000000 befe2eac 00000000
[  172.945983] dfe0: 00000000 befe2b18 00023ba4 b6e6addc 60000010 befe2f80 a8e00190 86d2d344
[  172.954498] [<bf00c768>] (ti_hecc_close+0xb0/0x100 [ti_hecc]) from [<c033be58>] (__dev__registered_many+0xc0/0x2a0)
[  172.984161] [<c033c098>] (rollback_registered_many+0xc0/0x2a0) from [<c033c2f8>] (rollback_registered+0x20/0x30)
[  172.994750] [<c033c2f8>] (rollback_registered+0x20/0x30) from [<c033c370>] (unregister_netdevice_queue+0x68/0x98)
[  173.005401] [<c033c370>] (unregister_netdevice_queue+0x68/0x98) from [<c033c3b8>] (unregister_netdev+0x18/0x20)
[  173.015899] [<c033c3b8>] (unregister_netdev+0x18/0x20) from [<bf00d3ac>] (ti_hecc_remove+0x60/0x80 [ti_hecc])
[  173.026245] [<bf00d3ac>] (ti_hecc_remove+0x60/0x80 [ti_hecc]) from [<c02842dc>] (platform_drv_remove+0x14/0x18)
[  173.036712] [<c02842dc>] (platform_drv_remove+0x14/0x18) from [<c0282f90>] (__device_release_driver+0x7c/0xbc)

Cc: stable <stable@vger.kernel.org>
Cc: Anant Gole <anantgole@ti.com>
Tested-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
2012-09-21 12:54:53 +02:00
Ira W. Snyder
e21093ef6f can: janz-ican3: fix support for older hardware revisions
The Revision 1.0 Janz CMOD-IO Carrier Board does not have support for
the reset registers. To support older hardware, the code is changed to
use the hardware reset register on the Janz VMOD-ICAN3 hardware itself.

Cc: stable <stable@vger.kernel.org>
Signed-off-by: Ira W. Snyder <iws@ovro.caltech.edu>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
2012-09-21 12:54:52 +02:00
Ed Cashin
c0d680e577 net: do not disable sg for packets requiring no checksum
A change in a series of VLAN-related changes appears to have
inadvertently disabled the use of the scatter gather feature of
network cards for transmission of non-IP ethernet protocols like ATA
over Ethernet (AoE).  Below is a reference to the commit that
introduces a "harmonize_features" function that turns off scatter
gather when the NIC does not support hardware checksumming for the
ethernet protocol of an sk buff.

  commit f01a5236bd
  Author: Jesse Gross <jesse@nicira.com>
  Date:   Sun Jan 9 06:23:31 2011 +0000

      net offloading: Generalize netif_get_vlan_features().

The can_checksum_protocol function is not equipped to consider a
protocol that does not require checksumming.  Calling it for a
protocol that requires no checksum is inappropriate.

The patch below has harmonize_features call can_checksum_protocol when
the protocol needs a checksum, so that the network layer is not forced
to perform unnecessary skb linearization on the transmission of AoE
packets.  Unnecessary linearization results in decreased performance
and increased memory pressure, as reported here:

  http://www.spinics.net/lists/linux-mm/msg15184.html

The problem has probably not been widely experienced yet, because
only recently has the kernel.org-distributed aoe driver acquired the
ability to use payloads of over a page in size, with the patchset
recently included in the mm tree:

  https://lkml.org/lkml/2012/8/28/140

The coraid.com-distributed aoe driver already could use payloads of
greater than a page in size, but its users generally do not use the
newest kernels.

Signed-off-by: Ed Cashin <ecashin@coraid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 22:23:40 -04:00
Ed Cashin
8babe8cc65 aoe: assert AoE packets marked as requiring no checksum
In order for the network layer to see that AoE requires
no checksumming in a generic way, the packets must be
marked as requiring no checksum, so we make this requirement
explicit with the assertion.

Signed-off-by: Ed Cashin <ecashin@coraid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 22:23:40 -04:00
Devendra Naga
3cfc159010 at91ether: return PTR_ERR if call to clk_get fails
we are currently returning ENODEV, as the clk_get may give a exact
error code in its returned pointer, assign it to the ret by using the
PTR_ERR function, so that the subsequent goto label will jump to the
error path and clean the driver and return the error correctly.

Signed-off-by: Devendra Naga <devendra.aaru@gmail.com>
Acked-by: Nicolas Ferre <nicolas.ferre@atmel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 22:21:40 -04:00
Mathias Krause
e3ac104d41 xfrm_user: don't copy esn replay window twice for new states
The ESN replay window was already fully initialized in
xfrm_alloc_replay_state_esn(). No need to copy it again.

Cc: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:40 -04:00
Mathias Krause
ecd7918745 xfrm_user: ensure user supplied esn replay window is valid
The current code fails to ensure that the netlink message actually
contains as many bytes as the header indicates. If a user creates a new
state or updates an existing one but does not supply the bytes for the
whole ESN replay window, the kernel copies random heap bytes into the
replay bitmap, the ones happen to follow the XFRMA_REPLAY_ESN_VAL
netlink attribute. This leads to following issues:

1. The replay window has random bits set confusing the replay handling
   code later on.

2. A malicious user could use this flaw to leak up to ~3.5kB of heap
   memory when she has access to the XFRM netlink interface (requires
   CAP_NET_ADMIN).

Known users of the ESN replay window are strongSwan and Steffen's
iproute2 patch (<http://patchwork.ozlabs.org/patch/85962/>). The latter
uses the interface with a bitmap supplied while the former does not.
strongSwan is therefore prone to run into issue 1.

To fix both issues without breaking existing userland allow using the
XFRMA_REPLAY_ESN_VAL netlink attribute with either an empty bitmap or a
fully specified one. For the former case we initialize the in-kernel
bitmap with zero, for the latter we copy the user supplied bitmap. For
state updates the full bitmap must be supplied.

To prevent overflows in the bitmap length calculation the maximum size
of bmp_len is limited to 128 by this patch -- resulting in a maximum
replay window of 4096 packets. This should be sufficient for all real
life scenarios (RFC 4303 recommends a default replay window size of 64).

Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: Martin Willi <martin@revosec.ch>
Cc: Ben Hutchings <bhutchings@solarflare.com>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:40 -04:00
Mathias Krause
1f86840f89 xfrm_user: fix info leak in copy_to_user_tmpl()
The memory used for the template copy is a local stack variable. As
struct xfrm_user_tmpl contains multiple holes added by the compiler for
alignment, not initializing the memory will lead to leaking stack bytes
to userland. Add an explicit memset(0) to avoid the info leak.

Initial version of the patch by Brad Spengler.

Cc: Brad Spengler <spender@grsecurity.net>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:40 -04:00
Mathias Krause
7b789836f4 xfrm_user: fix info leak in copy_to_user_policy()
The memory reserved to dump the xfrm policy includes multiple padding
bytes added by the compiler for alignment (padding bytes in struct
xfrm_selector and struct xfrm_userpolicy_info). Add an explicit
memset(0) before filling the buffer to avoid the heap info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:39 -04:00
Mathias Krause
f778a63671 xfrm_user: fix info leak in copy_to_user_state()
The memory reserved to dump the xfrm state includes the padding bytes of
struct xfrm_usersa_info added by the compiler for alignment (7 for
amd64, 3 for i386). Add an explicit memset(0) before filling the buffer
to avoid the info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:39 -04:00
Mathias Krause
4c87308bde xfrm_user: fix info leak in copy_to_user_auth()
copy_to_user_auth() fails to initialize the remainder of alg_name and
therefore discloses up to 54 bytes of heap memory via netlink to
userland.

Use strncpy() instead of strcpy() to fill the trailing bytes of alg_name
with null bytes.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:39 -04:00
Bjørn Mork
9db273f456 net: qmi_wwan: adding Huawei E367, ZTE MF683 and Pantech P4200
One of the modes of Huawei E367 has this QMI/wwan interface:

 I:* If#= 1 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=01 Prot=07 Driver=(none)
 E:  Ad=83(I) Atr=03(Int.) MxPS=  64 Ivl=2ms
 E:  Ad=84(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms
 E:  Ad=02(O) Atr=02(Bulk) MxPS= 512 Ivl=4ms

Huawei use subclass and protocol to identify vendor specific
functions, so adding a new vendor rule for this combination.

The Pantech devices UML290 (106c:3718) and P4200 (106c:3721) use
the same subclass to identify the QMI/wwan function.  Replace the
existing device specific UML290 entries with generic vendor matching,
adding support for the Pantech P4200.

The ZTE MF683 has 6 vendor specific interfaces, all using
ff/ff/ff for cls/sub/prot.  Adding a match on interface #5 which
is a QMI/wwan interface.

Cc: Fangxiaozhi (Franko) <fangxiaozhi@huawei.com>
Cc: Thomas Schäfer <tschaefer@t-online.de>
Cc: Dan Williams <dcbw@redhat.com>
Cc: Shawn J. Goff <shawn7400@gmail.com>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 17:54:28 -04:00
Andrey Vagin
bc26ccd8fc tcp: restore rcv_wscale in a repair mode (v2)
rcv_wscale is a symetric parameter with snd_wscale.

Both this parameters are set on a connection handshake.

Without this value a remote window size can not be interpreted correctly,
because a value from a packet should be shifted on rcv_wscale.

And one more thing is that wscale_ok should be set too.

This patch doesn't break a backward compatibility.
If someone uses it in a old scheme, a rcv window
will be restored with the same bug (rcv_wscale = 0).

v2: Save backward compatibility on big-endian system. Before
    the first two bytes were snd_wscale and the second two bytes were
    rcv_wscale. Now snd_wscale is opt_val & 0xFFFF and rcv_wscale >> 16.
    This approach is independent on byte ordering.

Cc: David S. Miller <davem@davemloft.net>
Cc: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
Cc: James Morris <jmorris@namei.org>
Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
Cc: Patrick McHardy <kaber@trash.net>
CC: Pavel Emelyanov <xemul@parallels.com>
Signed-off-by: Andrew Vagin <avagin@openvz.org>
Acked-by: Pavel Emelyanov <xemul@parallels.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 17:49:58 -04:00
Li RongQing
8ea853fd0b net/core: fix comment in skb_try_coalesce
It should be the skb which is not cloned

Signed-off-by: Li RongQing <roy.qing.li@gmail.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-19 17:29:13 -04:00
Søren holm
ed3770a9cd asix: Support DLink DUB-E100 H/W Ver C1
Signed-off-by: Søren Holm <sgh@sgh.dk>
Cc: stable@vger.kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-19 17:21:35 -04:00
Paolo Valente
7126195697 pkt_sched: fix virtual-start-time update in QFQ
If the old timestamps of a class, say cl, are stale when the class
becomes active, then QFQ may assign to cl a much higher start time
than the maximum value allowed. This may happen when QFQ assigns to
the start time of cl the finish time of a group whose classes are
characterized by a higher value of the ratio
max_class_pkt/weight_of_the_class with respect to that of
cl. Inserting a class with a too high start time into the bucket list
corrupts the data structure and may eventually lead to crashes.
This patch limits the maximum start time assigned to a class.

Signed-off-by: Paolo Valente <paolo.valente@unimore.it>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-19 16:23:53 -04:00
Michal Kubeček
15c041759b tcp: flush DMA queue before sk_wait_data if rcv_wnd is zero
If recv() syscall is called for a TCP socket so that
  - IOAT DMA is used
  - MSG_WAITALL flag is used
  - requested length is bigger than sk_rcvbuf
  - enough data has already arrived to bring rcv_wnd to zero
then when tcp_recvmsg() gets to calling sk_wait_data(), receive
window can be still zero while sk_async_wait_queue exhausts
enough space to keep it zero. As this queue isn't cleaned until
the tcp_service_net_dma() call, sk_wait_data() cannot receive
any data and blocks forever.

If zero receive window and non-empty sk_async_wait_queue is
detected before calling sk_wait_data(), process the queue first.

Signed-off-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-19 16:07:58 -04:00
Linus Lüssing
dbd6b11e15 batman-adv: make batadv_test_bit() return 0 or 1 only
On some architectures test_bit() can return other values than 0 or 1:

With a generic x86 OpenWrt image in a kvm setup (batadv_)test_bit()
frequently returns -1 for me, leading to batadv_iv_ogm_update_seqnos()
wrongly signaling a protected seqno window.

This patch tries to fix this issue by making batadv_test_bit() return 0
or 1 only.

Signed-off-by: Linus Lüssing <linus.luessing@web.de>
Acked-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Antonio Quartulli <ordex@autistici.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-19 15:49:53 -04:00
Tushar Dave
59d86c760f e1000: Small packets may get corrupted during padding by HW
On PCI/PCI-X HW, if packet size is less than ETH_ZLEN,
packets may get corrupted during padding by HW.
To WA this issue, pad all small packets manually.

Signed-off-by: Tushar Dave <tushar.n.dave@intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 16:32:21 -04:00
Li RongQing
433a195480 xfrm: fix a read lock imbalance in make_blackhole
if xfrm_policy_get_afinfo returns 0, it has already released the read
lock, xfrm_policy_put_afinfo should not be called again.

Signed-off-by: Li RongQing <roy.qing.li@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 16:30:15 -04:00
Eric Dumazet
1d57f19539 tcp: fix regression in urgent data handling
Stephan Springl found that commit 1402d36601 "tcp: introduce
tcp_try_coalesce" introduced a regression for rlogin

It turns out problem comes from TCP urgent data handling and
a change in behavior in input path.

rlogin sends two one-byte packets with URG ptr set, and when next data
frame is coalesced, we lack sk_data_ready() calls to wakeup consumer.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Stephan Springl <springl-k@lar.bfw.de>
Cc: Alexander Duyck <alexander.h.duyck@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 16:26:27 -04:00
Michael S. Tsirkin
0e698bf662 net: fix memory leak on oom with zerocopy
If orphan flags fails, we don't free the skb
on receive, which leaks the skb memory.

Return value was also wrong: netif_receive_skb
is supposed to return NET_RX_DROP, not ENOMEM.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 16:24:00 -04:00
Nikolay Aleksandrov
e4d1aa40e3 netxen: check for root bus in netxen_mask_aer_correctable
Add a check if pdev->bus->self == NULL (root bus). When attaching
a netxen NIC to a VM it can be on the root bus and the guest would
crash in netxen_mask_aer_correctable() because of a NULL pointer
dereference if CONFIG_PCIEAER is present.

Signed-off-by: Nikolay Aleksandrov <nikolay@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 16:22:08 -04:00
Michal Schmidt
e488921f44 bnx2x: fix rx checksum validation for IPv6
Commit d6cb3e41 "bnx2x: fix checksum validation" caused a performance
regression for IPv6. Rx checksum offload does not work. IPv6 packets
are passed to the stack with CHECKSUM_NONE.

The hardware obviously cannot perform IP checksum validation for IPv6,
because there is no checksum in the IPv6 header. This should not prevent
us from setting CHECKSUM_UNNECESSARY.

Tested on BCM57711.

Signed-off-by: Michal Schmidt <mschmidt@redhat.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: Eilon Greenstein <eilong@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 16:13:46 -04:00
Mathias Krause
c254637225 xfrm_user: return error pointer instead of NULL #2
When dump_one_policy() returns an error, e.g. because of a too small
buffer to dump the whole xfrm policy, xfrm_policy_netlink() returns
NULL instead of an error pointer. But its caller expects an error
pointer and therefore continues to operate on a NULL skbuff.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 16:13:46 -04:00
Mathias Krause
864745d291 xfrm_user: return error pointer instead of NULL
When dump_one_state() returns an error, e.g. because of a too small
buffer to dump the whole xfrm state, xfrm_state_netlink() returns NULL
instead of an error pointer. But its callers expect an error pointer
and therefore continue to operate on a NULL skbuff.

This could lead to a privilege escalation (execution of user code in
kernel context) if the attacker has CAP_NET_ADMIN and is able to map
address 0.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 16:13:45 -04:00
Nicolas Dichtel
2c20cbd7e3 ipv6: use DST_* macro to set obselete field
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 15:57:04 -04:00
Nicolas Dichtel
6f3118b571 ipv6: use net->rt_genid to check dst validity
IPv6 dst should take care of rt_genid too. When a xfrm policy is inserted or
deleted, all dst should be invalidated.
To force the validation, dst entries should be created with ->obsolete set to
DST_OBSOLETE_FORCE_CHK. This was already the case for all functions calling
ip6_dst_alloc(), except for ip6_rt_copy().

As a consequence, we can remove the specific code in inet6_connection_sock.

Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 15:57:03 -04:00
Nicolas Dichtel
ee8372dd19 xfrm: invalidate dst on policy insertion/deletion
When a policy is inserted or deleted, all dst should be recalculated.

Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 15:57:03 -04:00
Nicolas Dichtel
b42664f898 netns: move net->ipv4.rt_genid to net->rt_genid
This commit prepares the use of rt_genid by both IPv4 and IPv6.
Initialization is left in IPv4 part.

Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 15:57:03 -04:00
Eric Dumazet
2885da7296 net: rt_cache_flush() cleanup
We dont use jhash anymore since route cache removal,
so we can get rid of get_random_bytes() calls for rt_genid
changes.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 15:54:19 -04:00
Nicolas Dichtel
bafa6d9d89 ipv4/route: arg delay is useless in rt_cache_flush()
Since route cache deletion (89aef8921b), delay is no
more used. Remove it.

Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-18 15:44:34 -04:00
David S. Miller
a1f6d8f771 Merge branch 'for-davem' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
John W. Linville says:

====================
This is a batch of fixes intended for the 3.6 stream.

Arend van Spriel sends a simple thinko fix to correct a constant,
preventing the setting of an invalid power level.

Colin Ian King gives us a simple allocation failure check to avoid a
NULL pointer dereference.

Felix Fietkau sends another ath9k tx power patch, this time disabling a
feature that has been reported to cause rx problems.

Hante Meuleman provides a pair of endian fixes for brcmfmac.

Larry Finger offers an rtlwifi fix that avoids a system lockup related
to loading the wrong firmware for RTL8188CE devices.

These have been in linux-next for a few days and I think they should be
included in the final 3.6 kernel if possible.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-17 01:28:58 -04:00
Linus Torvalds
3f0c3c8fe3 Merge git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-3.0-fixes
Pull GFS2 fixes from Steven Whitehouse:
 "Here are three GFS2 fixes for the current kernel tree.  These are all
  related to the block reservation code which was added at the merge
  window.  That code will be getting an update at the forthcoming merge
  window too.  In the mean time though there are a few smaller issues
  which should be fixed.

  The first patch resolves an issue with write sizes of greater than 32
  bits with the size hinting code.  The second ensures that the
  allocation data structure is initialised when using xattrs and the
  third takes into account allocations which may have been made by other
  nodes which affect a reservation on the local node."

* git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-3.0-fixes:
  GFS2: Take account of blockages when using reserved blocks
  GFS2: Fix missing allocation data for set/remove xattr
  GFS2: Make write size hinting code common
2012-09-14 18:05:14 -07:00
Linus Torvalds
9cb0ee8576 Merge branch 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86
Pull x86 platform driver updates from Matthew Garrett:
 "A few small updates for 3.6 - a trivial regression fix and a couple of
  conformance updates for the gmux driver, plus some tiny fixes for
  asus-wmi, eeepc-laptop and thinkpad_acpi."

* 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86:
  thinkpad_acpi: buffer overflow in fan_get_status()
  eeepc-laptop: fix device reference count leakage in eeepc_rfkill_hotplug()
  platform/x86: fix asus_laptop.wled_type description
  asus-laptop: HRWS/HWRS typo
  drivers-platform-x86: remove useless #ifdef CONFIG_ACPI_VIDEO
  apple-gmux: Fix port address calculation in gmux_pio_write32()
  apple-gmux: Fix index read functions
  apple-gmux: Obtain version info from indexed gmux
2012-09-14 17:59:35 -07:00
Linus Torvalds
5b799dde31 Merge branch 'i2c-embedded/for-current' of git://git.pengutronix.de/git/wsa/linux
Pull i2c embedded fixes from Wolfram Sang:
 "The last bunch of (typical) i2c-embedded driver fixes for 3.6.

  Also update the MAINTAINERS file to point to my tree since people keep
  asking where to find their patches."

* 'i2c-embedded/for-current' of git://git.pengutronix.de/git/wsa/linux:
  i2c: algo: pca: Fix mode selection for PCA9665
  MAINTAINERS: fix tree for current i2c-embedded development
  i2c: mxs: correctly setup speed for non devicetree
  i2c: pnx: Fix read transactions of >= 2 bytes
  i2c: pnx: Fix bit definitions
2012-09-14 17:55:57 -07:00
Linus Torvalds
1547cb80db - Fixes a regression, introduced in 3.6-rc1, when a file is closed before its
shared memory mapping is dirtied and unmapped. The lower file was being
   released when the eCryptfs file was closed and the dirtied pages could not be
   written out.
 - Adds a call to the lower filesystem's ->flush() from ecryptfs_flush().
 - Fixes a regression, introduced in 2.6.39, when a file is renamed on top of
   another file. The target file's inode was not being evicted and the space
   taken by the file was not reclaimed until eCryptfs was unmounted.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABCgAGBQJQU14UAAoJENaSAD2qAscKrpwQAK+Xu3RAHPLO16bEjhrFZaIr
 FY2z8yK5geFzHfmhDxUT7jovw8d2ghAjrE3XHf+PgrqfUqIZ6vo57GFmR8ZNS+30
 exNOb1DffaRqIejStrFkz+Ek4/FbnaPD/FvJYgC8D3Bv04YllyNI9Euq49VkkOiy
 v6jxAy4H+/MCGzYvR4K0jmKlOLuC47TtJ322jXTm0iNeJJH2+kNXm0WvE8dY7dYV
 2QMvv11M1HMI39S4yIY0eBPwbloP3AoO++H3Id7/XWcIlaaeZrVA7HmV8z04DEWq
 Nt2vceSbX4FVBxmLab5TzTftorskJRDLCtMaSM8opve+3Sxgx+wooLskgrHqJjZH
 8AtGfs/ZzvUkKcYMNv+iMax0/KqkGKOhdJMmqc37aI8qkBo5IYXpIPU1ZTy/S2T8
 t3fM8jEI4AOKFn7GlG0kZg7EXo0wWPw3A8X73tCQx8W6sJy5STvv07hFZspX/4nn
 +qhlM7Qzpr1XXPEv9cKo4oXzqOmlSi1Jd2ueGANNGJvche90uCWgmSZCfNNxGnPq
 mLiiiV6KJ94xjjyf/ZWiKLryk5rv0fWiYXzutaORADn6WWwIVKX9IyvJfFI8y+M6
 phREWNdOnyDFFA++h5QotWh3L7ZCL/HNeTpLDSD1ONxosVDhViviA2HrRlyl8LSc
 soDzN7w+yOh+QjlN4sO/
 =UC2V
 -----END PGP SIGNATURE-----

Merge tag 'ecryptfs-3.6-rc6-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs

Pull ecryptfs fixes from Tyler Hicks:

 - Fixes a regression, introduced in 3.6-rc1, when a file is closed
   before its shared memory mapping is dirtied and unmapped.  The lower
   file was being released when the eCryptfs file was closed and the
   dirtied pages could not be written out.
 - Adds a call to the lower filesystem's ->flush() from
   ecryptfs_flush().
 - Fixes a regression, introduced in 2.6.39, when a file is renamed on
   top of another file.  The target file's inode was not being evicted
   and the space taken by the file was not reclaimed until eCryptfs was
   unmounted.

* tag 'ecryptfs-3.6-rc6-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs:
  eCryptfs: Copy up attributes of the lower target inode after rename
  eCryptfs: Call lower ->flush() from ecryptfs_flush()
  eCryptfs: Write out all dirty pages just before releasing the lower file
2012-09-14 17:53:55 -07:00
Linus Torvalds
1568d9f425 Merge branch 'fixes-for-3.6' of git://git.linaro.org/people/mszyprowski/linux-dma-mapping
Pull one more DMA-mapping fix from Marek Szyprowski:
 "This patch fixes very subtle bug (typical off-by-one error) which
  might appear in very rare circumstances."

* 'fixes-for-3.6' of git://git.linaro.org/people/mszyprowski/linux-dma-mapping:
  arm: mm: fix DMA pool affiliation check
2012-09-14 17:53:11 -07:00
Linus Torvalds
1c23ce720d Fix word size register read and write operations in ina2xx driver, and
initialize uninitialized structure elements in twl4030-madc-hwmon driver.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJQUqtMAAoJEMsfJm/On5mBMQsP/jH4HzFWMVHg14M5PSrGy9me
 P77+ldlO09SnvmA2qdMZSNfBXrh5bjq6VoPNR5vdX9PB2jdJ0HOdKvyUG9D2eXQD
 jGJAYGk24HrjrGi6FeVD7pP7NGwQRyyVRM1Vmm+n/M781SD66gJPCMO+qC6391ma
 oytVuejT6TVajZtXfWZuKp1GQ2x3lb21hfhrDbnSB3AibYilXSqktx4AjmG+IDRb
 SsNPI+WLu4mNJQMTYFVrrRs2b6PLYDw1ODuIQIoB3lyKEJVOE6mUw2EQXEnzaybb
 F03Ujktgn81/7kvPQK1Qovq97TuwrY0mxDRwg/5brUZo9nNxeMqTMt9IXesDCokf
 euzVUWM+kZ7FLIokl5GwuZt309tVxQozr0aE6JKOi+CPkcT4VskBfC8DfNJ2wqnR
 tUTzFiCa/wo2cr3/iqf6o5sR7eRJBN5lF9RLW14K+2MvotwEDOZ3R/9EtEEL1MSP
 bdGQ1p4swYQxu8O8FFLVVWbPUl4/c0l/dW0yiEpQl/hdHpP2G/DV3pSBLMyrOzGu
 elpm2lFzC+aKG7lm08IpxHzBKXOZZ7Lp3s9FN3koOcAWD/hGlS6jNOPCFpMdlVg0
 uFeMO/lgveuvcTD5llBa9d+yWzCNYPHuqx1kBbiNyZ3sisdwCmuldgISuKPcp7wb
 BQ5Xc6sv7Jg3tDbP12d+
 =gYp1
 -----END PGP SIGNATURE-----

Merge tag 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging

Pull hwmon fixes from Guenter Roeck:
 "Fix word size register read and write operations in ina2xx driver, and
  initialize uninitialized structure elements in twl4030-madc-hwmon
  driver."

* tag 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
  hwmon: (ina2xx) Fix word size register read and write operations
  hwmon: (twl4030-madc-hwmon) Initialize uninitialized structure elements
2012-09-14 17:52:29 -07:00
Linus Torvalds
dd383af6aa Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux
Pull drm fixes from Dave Airlie:
 "I realise this a bit bigger than I would want at this point.

  Exynos is a large chunk, I got them to half what they wanted already,
  and hey its ARM based, so not going to hurt many people.

  Radeon has only two fixes, but the PLL fixes were a bit bigger, but
  required for a lot of scenarios, the fence fix is really urgent.

  vmwgfx: I've pulled in a dumb ioctl support patch that I was going to
  shove in later and cc stable, but we need it asap, its mainly to stop
  mesa growing a really ugly dependency in userspace to run stuff on
  vmware, and if I don't stick it in the kernel now, everyone will have
  to ship ugly userspace libs to workaround it.

  nouveau: single urgent fix found in F18 testing, causes X to not start
  properly when f18 plymouth is used

  i915: smattering of fixes and debug quieting

  gma500: single regression fix

  So as I said a bit large, but its fairly well scattered and its all
  stuff I'll be shipping in F18's 3.6 kernel."

* 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: (26 commits)
  drm/nouveau: fix booting with plymouth + dumb support
  drm/radeon: make 64bit fences more robust v3
  drm/radeon: rework pll selection (v3)
  drm: Drop the NV12M and YUV420M formats
  drm/exynos: remove DRM_FORMAT_NV12M from plane module
  drm/exynos: fix double call of drm_prime_(init/destroy)_file_private
  drm/exynos: add dummy support for dmabuf-mmap
  drm/exynos: Add missing braces around sizeof in exynos_mixer.c
  drm/exynos: Add missing braces around sizeof in exynos_hdmi.c
  drm/exynos: Make g2d_pm_ops static
  drm/exynos: Add dependency for G2D in Kconfig
  drm/exynos: fixed page align bug.
  drm/exynos: Use ERR_CAST inlined function instead of ERR_PTR(PTR_ERR(.. [1]
  drm/exynos: Use devm_* functions in exynos_drm_g2d.c file
  drm/exynos: Use devm_kzalloc in exynos_drm_hdmi.c file
  drm/exynos: Use devm_kzalloc in exynos_drm_vidi.c file
  drm/exynos: Remove redundant check in exynos_drm_fimd.c file
  drm/exynos: Remove redundant check in exynos_hdmi.c file
  vmwgfx: add dumb ioctl support
  gma500: Fix regression on Oaktrail devices
  ...
2012-09-14 17:51:10 -07:00
Linus Torvalds
889cb3b9a4 Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull scheduler fixes from Ingo Molnar:
 "Smaller fixlets"

* 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  sched: Fix kernel-doc warnings in kernel/sched/fair.c
  sched: Unthrottle rt runqueues in __disable_runtime()
  sched: Add missing call to calc_load_exit_idle()
  sched: Fix load avg vs cpu-hotplug
2012-09-14 17:44:52 -07:00
Linus Torvalds
7ef6e97380 Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull perf fixes from Ingo Molnar:
 "This tree includes various fixes"

Ingo really needs to improve on the whole "explain git pull" part.
"Various fixes" indeed.

* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  perf/hwpb: Invoke __perf_event_disable() if interrupts are already disabled
  perf/x86: Enable Intel Cedarview Atom suppport
  perf_event: Switch to internal refcount, fix race with close()
  oprofile, s390: Fix uninitialized memory access when writing to oprofilefs
  perf/x86: Fix microcode revision check for SNB-PEBS
2012-09-14 17:43:45 -07:00
Linus Torvalds
7076cca9a7 Merge branch 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull a core sparse warning fix from Ingo Molnar

* 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  mm/memblock: Use NULL instead of 0 for pointers
2012-09-14 17:43:14 -07:00
Linus Torvalds
a1362d504e Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller:

 1) Use after free and new device IDs in bluetooth from Andre Guedes,
    Yevgeniy Melnichuk, Gustavo Padovan, and Henrik Rydberg.

 2) Fix crashes with short packet lengths and VLAN in pktgen, from
    Nishank Trivedi.

 3) mISDN calls flush_work_sync() with locks held, fix from Karsten
    Keil.

 4) Packet scheduler gred parameters are reported to userspace
    improperly scaled, and WRED idling is not performed correctly.  All
    from David Ward.

 5) Fix TCP socket refcount problem in ipv6, from Julian Anastasov.

 6) ibmveth device has RX queue alignment requirements which are not
    being explicitly met resulting in sporadic failures, fix from
    Santiago Leon.

 7) Netfilter needs to take care when interpreting sockets attached to
    socket buffers, they could be time-wait minisockets.  Fix from Eric
    Dumazet.

 8) sock_edemux() has the same issue as netfilter did in #7 above, fix
    from Eric Dumazet.

 9) Avoid infinite loops in CBQ scheduler with some configurations, from
    Eric Dumazet.

10) Deal with "Reflection scan: an Off-Path Attack on TCP", from Jozsef
    Kadlecsik.

11) SCTP overcharges socket for TX packets, fix from Thomas Graf.

12) CODEL packet scheduler should not reset it's state every time it
    builds a new flow, fix from Eric Dumazet.

13) Fix memory leak in nl80211, from Wei Yongjun.

14) NETROM doesn't check skb_copy_datagram_iovec() return values, from
    Alan Cox.

15) l2tp ethernet was using sizeof(ETH_HLEN) instead of plain ETH_HLEN,
    oops.  From Eric Dumazet.

16) Fix selection of ath9k chips on which PA linearization and AM2PM
    predistoration are used, from Felix Fietkau.

17) Flow steering settings in mlx4 driver need to be validated properly,
    from Hadar Hen Zion.

18) bnx2x doesn't show the correct link duplex setting, from Yaniv
    Rosner.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (75 commits)
  pktgen: fix crash with vlan and packet size less than 46
  bnx2x: Add missing afex code
  bnx2x: fix registers dumped
  bnx2x: correct advertisement of pause capabilities
  bnx2x: display the correct duplex value
  bnx2x: prevent timeouts when using PFC
  bnx2x: fix stats copying logic
  bnx2x: Avoid sending multiple statistics queries
  net: qmi_wwan: call subdriver with control intf only
  net_sched: gred: actually perform idling in WRED mode
  net_sched: gred: fix qave reporting via netlink
  net_sched: gred: eliminate redundant DP prio comparisons
  net_sched: gred: correct comment about qavg calculation in RIO mode
  mISDN: Fix wrong usage of flush_work_sync while holding locks
  netfilter: log: Fix log-level processing
  net-sched: sch_cbq: avoid infinite loop
  net: qmi_wwan: fix Gobi device probing for un2430
  net: fix net/core/sock.c build error
  ixp4xx_hss: fix build failure due to missing linux/module.h inclusion
  caif: move the dereference below the NULL test
  ...
2012-09-14 15:34:07 -07:00
Linus Torvalds
4bca55d3d9 USB patches for 3.6-rc6
Here are a number of USB patches, a bit more than I normally like this
 late in the -rc series, but given people's vacations (myself included),
 and the kernel summit, it seems to have happened this way.
 
 All are tiny, but they add up.  A number of gadget and xhci fixes, and a
 few new device ids.  All have been tested in linux-next.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iEYEABECAAYFAlBSFeQACgkQMUfUDdst+ykjlACfUj5OOjP+VIZ/LdXpPjeXV4/P
 Ho8An2/5iut+STLa+feA8AvMsvv/WdaL
 =YlCk
 -----END PGP SIGNATURE-----

Merge tag 'usb-3.6-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb

Pull USB patches from Greg Kroah-Hartman:
 "Here are a number of USB patches, a bit more than I normally like this
  late in the -rc series, but given people's vacations (myself
  included), and the kernel summit, it seems to have happened this way.

  All are tiny, but they add up.  A number of gadget and xhci fixes, and
  a few new device ids.  All have been tested in linux-next.

  Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>"

* tag 'usb-3.6-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (33 commits)
  usb: chipidea: udc: don't stall endpoint if request list is empty in isr_tr_complete_low
  usb: chipidea: cleanup dma_pool if udc_start() fails
  usb: chipidea: udc: fix error path in udc_start()
  usb: chipidea: udc: add pullup fuction, needed by the uvc gadget
  usb: chipidea: udc: fix setup of endpoint maxpacket size
  USB: option: replace ZTE K5006-Z entry with vendor class rule
  EHCI: Update qTD next pointer in QH overlay region during unlink
  USB: cdc-wdm: fix wdm_find_device* return value
  USB: ftdi_sio: do not claim CDC ACM function
  usb: dwc3: gadget: fix pending isoc handling
  usb: renesas_usbhs: fixup DMA transport data alignment
  usb: gadget: at91udc: Don't check for ep->ep.desc
  usb: gadget: at91udc: don't overwrite driver data
  usb: dwc3: core: fix incorrect usage of resource pointer
  usb: musb: musbhsdma: fix IRQ check
  usb: musb: tusb6010: fix error path in tusb_probe()
  usb: musb: host: fix for musb_start_urb Oops
  usb: gadget: dummy_hcd: add support for USB_DT_BOS on rh
  usb: gadget: dummy_hcd: fixup error probe path
  usb: gadget: s3c-hsotg.c: fix error return code
  ...
2012-09-14 14:54:57 -07:00
Linus Torvalds
fe59d297ea TTY fixes for 3.6-rc6
Here are 2 tiny patches for a serial driver to resolve issues that
 people have reported with the 3.6-rc tree.
 
 Both of these have been in the linux-next tree for a while now.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iEYEABECAAYFAlBSGL4ACgkQMUfUDdst+ylrhQCgy0+bmNLtsxrEjJY20ahe9sVT
 Q3YAn0xmu8SJ+Bv1vJKKD6vIataVQ93a
 =iZmM
 -----END PGP SIGNATURE-----

Merge tag 'tty-3.6-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty

Pull TTY fixes from Greg Kroah-Hartman:
 "Here are 2 tiny patches for a serial driver to resolve issues that
  people have reported with the 3.6-rc tree.

  Both of these have been in the linux-next tree for a while now.

  Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>"

* tag 'tty-3.6-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
  tty: serial: imx: don't reinit clock in imx_setup_ufcr()
  tty: serial: imx: console write routing is unsafe on SMP
2012-09-14 14:54:29 -07:00
Linus Torvalds
f2378e386f Staging tree fixes for 3.6-rc6
Here are a few staging tree fixes for problems that have been reported.
 
 Nothing major, just a number of tiny driver fixes.  All of these have
 been in the linux-next tree for a while.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iEYEABECAAYFAlBSF54ACgkQMUfUDdst+ykh/wCeOAGv4uwvqK8pkYpdV4+XOlM/
 W1QAnRvjv4dCj0e2+W46Vp5xLPPOBePk
 =IyFJ
 -----END PGP SIGNATURE-----

Merge tag 'staging-3.6-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging

Pull staging tree fixes from Greg Kroah-Hartman:
 "Here are a few staging tree fixes for problems that have been
  reported.

  Nothing major, just a number of tiny driver fixes.  All of these have
  been in the linux-next tree for a while.

  Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>"

* tag 'staging-3.6-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
  drm/omap: add more new timings fields
  drm/omap: update for interlaced
  staging: r8712u: fix bug in r8712_recv_indicatepkt()
  staging: zcache: fix cleancache race condition with shrinker
  Staging: Android alarm: IOCTL command encoding fix
  staging: vt6656: [BUG] - Failed connection, incorrect endian.
  staging: ozwpan: fix memcmp() test in oz_set_active_pd()
  staging: wlan-ng: Fix problem with wrong arguments
  staging: comedi: das08: Correct AO output for das08jr-16-ao
  staging: comedi: das08: Correct AI encoding for das08jr-16-ao
  staging: comedi: das08: Fix PCI ref count
  staging: comedi: amplc_pci230: Fix PCI ref count
  staging: comedi: amplc_pc263: Fix PCI ref count
  staging: comedi: amplc_pc236: Fix PCI ref count
  staging: comedi: amplc_dio200: Fix PCI ref count
  staging: comedi: amplc_pci224: Fix PCI ref count
  drivers/iio/adc/at91_adc.c: adjust inconsistent IS_ERR and PTR_ERR
  staging iio: fix potential memory leak in lis3l02dq_ring.c
  staging:iio: prevent divide by zero bugs
2012-09-14 14:53:51 -07:00
Linus Torvalds
0462bfc88d Driver core fix for 3.6-rc6
Here is one fix for 3.6-rc6 for the kobject.h file.
 
 It fixes a reported oops if CONFIG_HOTPLUG is disabled.  It's been in
 the linux-next tree for a while now.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (GNU/Linux)
 
 iEYEABECAAYFAlBSFtQACgkQMUfUDdst+yksuQCg0HgFS6eYiprJCRm6OEwYH00F
 SkAAn3JW81UB1s72y8GeCFSigemiCGW2
 =nHRF
 -----END PGP SIGNATURE-----

Merge tag 'driver-core-3.6-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core

Pull driver core fix from Greg Kroah-Hartman:
 "Here is one fix for 3.6-rc6 for the kobject.h file.

  It fixes a reported oops if CONFIG_HOTPLUG is disabled.  It's been in
  the linux-next tree for a while now.

  Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>"

* tag 'driver-core-3.6-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core:
  kobject: fix oops with "input0: bad kobj_uevent_env content in show_uevent()"
2012-09-14 14:53:22 -07:00
Linus Torvalds
55815f7014 vfs: make O_PATH file descriptors usable for 'fstat()'
We already use them for openat() and friends, but fstat() also wants to
be able to use O_PATH file descriptors.  This should make it more
directly comparable to the O_SEARCH of Solaris.

Note that you could already do the same thing with "fstatat()" and an
empty path, but just doing "fstat()" directly is simpler and faster, so
there is no reason not to just allow it directly.

See also commit 332a2e1244, which did the same thing for fchdir, for
the same reasons.

Reported-by: ольга крыжановская <olga.kryzhanovska@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: stable@kernel.org    # O_PATH introduced in 3.0+
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-09-14 14:48:21 -07:00
Tyler Hicks
8335eafc28 eCryptfs: Copy up attributes of the lower target inode after rename
After calling into the lower filesystem to do a rename, the lower target
inode's attributes were not copied up to the eCryptfs target inode. This
resulted in the eCryptfs target inode staying around, rather than being
evicted, because i_nlink was not updated for the eCryptfs inode. This
also meant that eCryptfs didn't do the final iput() on the lower target
inode so it stayed around, as well. This would result in a failure to
free up space occupied by the target file in the rename() operation.
Both target inodes would eventually be evicted when the eCryptfs
filesystem was unmounted.

This patch calls fsstack_copy_attr_all() after the lower filesystem
does its ->rename() so that important inode attributes, such as i_nlink,
are updated at the eCryptfs layer. ecryptfs_evict_inode() is now called
and eCryptfs can drop its final reference on the lower inode.

http://launchpad.net/bugs/561129

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Tested-by: Colin Ian King <colin.king@canonical.com>
Cc: <stable@vger.kernel.org> [2.6.39+]
2012-09-14 09:36:03 -07:00