Commit Graph

414448 Commits

Author SHA1 Message Date
Linus Torvalds 4203d0eb3a Bug-fixes:
- Fix balloon driver for auto-translate guests (PVHVM, ARM) to not use
    scratch pages.
  - Fix block API header for ARM32 and ARM64 to have proper layout
  - On ARM when mapping guests, stick on PTE_SPECIAL
  - When using SWIOTLB under ARM, don't call swiotlb functions twice
  - When unmapping guests memory and if we fail, don't return pages which
    failed to be unmapped.
  - Grant driver was using the wrong address on ARM.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.15 (GNU/Linux)
 
 iQEcBAABAgAGBQJSsdFEAAoJEFjIrFwIi8fJDQwIAL1ygSTwSXdH6TlqtD9GVdsE
 G6kiCM7G6VXrKMf8zBtgbGpcl6FT0zOIz4cRcXbyDniuHTjdWuH9dlmZOzFMAirE
 uMWwOB1EfmRBEJRsd2pW0Gj0O6VABWh8BHklFCeWUvk/Stlw9uXqIwf7Pjcj6wPT
 XW+ZywqsAve4MM60Rz/nMsakLcTK4i5SCRgPPFgAnPKUod3f/QbEHwci/lpinJFv
 AuQp2JytCsDc2nehEi1kMwEx7LLBlUcjXTqPG5lhQnXrFleDtMdCJd9dGjeze7Qu
 F5sftfdlp18ojQwegv1PGiVI4jV8rIq29ybaef/y9DLd3nC3rmi8B8/m9RG2qyI=
 =dUsw
 -----END PGP SIGNATURE-----

Merge tag 'stable/for-linus-3.13-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip

Pull Xen bugfixes from Konrad Rzeszutek Wilk:
 - Fix balloon driver for auto-translate guests (PVHVM, ARM) to not use
   scratch pages.
 - Fix block API header for ARM32 and ARM64 to have proper layout
 - On ARM when mapping guests, stick on PTE_SPECIAL
 - When using SWIOTLB under ARM, don't call swiotlb functions twice
 - When unmapping guests memory and if we fail, don't return pages which
   failed to be unmapped.
 - Grant driver was using the wrong address on ARM.

* tag 'stable/for-linus-3.13-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
  xen/balloon: Seperate the auto-translate logic properly (v2)
  xen/block: Correctly define structures in public headers on ARM32 and ARM64
  arm: xen: foreign mapping PTEs are special.
  xen/arm64: do not call the swiotlb functions twice
  xen: privcmd: do not return pages which we have failed to unmap
  XEN: Grant table address, xen_hvm_resume_frames, is a phys_addr not a pfn
2013-12-20 09:34:54 -08:00
Linus Torvalds 5263f0a880 This fixes a long standing bug in the ftrace profiler.
The problem is that the profiler only initializes the online
 CPUs, and not possible CPUs. This causes issues if the user takes
 CPUs online or offline while the profiler is running.
 
 If we online a CPU after starting the profiler, we lose all the
 trace information on the CPU going online.
 
 If we offline a CPU after running a test and start a new test, it
 will not clear the old data from that CPU.
 
 This bug causes incorrect data to be reported to the user if they
 online or offline CPUs during the profiling.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.15 (GNU/Linux)
 
 iQEcBAABAgAGBQJSsNBHAAoJEKQekfcNnQGuKP8H/2mol/d7z2vANh7/FeNjTKIN
 VkRzDEwUIwoaJBsL75EDDXBFx7w8jjAsXyoTrqrvMRV4UNcsfm46mohQTPAmK39y
 muqodL1VnVXdKrUmtw/1nL7yDi2KltQH1UwOgvwXGuUFIq5cuCXNQxNK9/1fVVVn
 tIMNz5kEAG3XCwnqP0PgQxWCuA7s+aQR0ijTf4vPf1G3IJujPyG9VhJWcGS3dJTR
 t8TPyatd9D/S+7/r7iZ9hS8nWpaka3qJfhiWqk16SC9LiUXVA8oFOVMoN7n6Co5E
 6r2dNo01WOABlojCxi1t3afUtcV1bUjBnVkiDva5cSc84pQSxe1qRrIpjTmHk00=
 =MSZs
 -----END PGP SIGNATURE-----

Merge tag 'trace-fixes-v3.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace

Pull ftrace fix from Steven Rostedt:
 "This fixes a long standing bug in the ftrace profiler.  The problem is
  that the profiler only initializes the online CPUs, and not possible
  CPUs.  This causes issues if the user takes CPUs online or offline
  while the profiler is running.

  If we online a CPU after starting the profiler, we lose all the trace
  information on the CPU going online.

  If we offline a CPU after running a test and start a new test, it will
  not clear the old data from that CPU.

  This bug causes incorrect data to be reported to the user if they
  online or offline CPUs during the profiling"

* tag 'trace-fixes-v3.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
  ftrace: Initialize the ftrace profiler for each possible cpu
2013-12-20 09:32:30 -08:00
Kevin Hilman cd15c51d6c I accidentally removed some mux code for omap4 that I thought was
dead code as omap4 has been booting with device tree only since
 v3.10. Turns out I also removed some display related mux code,
 so let's revert that except for the dead code parts.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.15 (GNU/Linux)
 
 iQIcBAABAgAGBQJSsd7KAAoJEBvUPslcq6Vz19gQAK6IyA51RxgyTF6ads5SyNny
 HAl7AO/O4yoverXibgdGEe3V6Caye8QbsAVE0qyZAVgtPCattCclRGYUGy8fcy00
 mV/KhW6EcQXxApU37f+6uyAm7RrkMPzTP6glqH9IllvFZYsOTNlt6W5+W0juW97n
 1xZMvx75bz6aiOvox5mRmSySr0+D3nHGfWhixmPAF09afUWlow2RGMZlPKtEZ27x
 wKEV6uxBjGrQoBKIkM1INwB6PzcYsoxwMVDfIzIiGU3Ck/59yVmKqT2UfaqkneXC
 poGA9FZ2eeSmh/0fxPue4gDRNYW5f7rjzjjf+x5kKTJi8+G5dX9TpaZhDd7cwvAy
 U0hnBWz6P3x0XRDzAAIuUeZP2S9JzedXbBKgAE3447r8MNH74TRA2y07ERpakS45
 DpyfepUcueEs9EMSgW/gPbG79cbdA9AiK9dPFVGchlvyk8eUD0KCRoBBPCuv99Z6
 mQzcSrQ7XBJV4zq7zomlsL9ERd8R9DjgF89ZWUeiQKbFFxceldkclaVX7s5m2H5h
 HzHYTKKNhcP+ZBwoX/IabRhE/N6hNMDKsrnz2GllVHfpocWRJXOZYnosVI/AS/iR
 5lLwIdsX6EQYHX1ZrVR8ROJ3R0ft52kNwS6bKt10hor0D/Y5DVpb2i9D34uYMjPj
 QBAIwd4yXIJhBwv+ldHp
 =gI+4
 -----END PGP SIGNATURE-----

Merge tag 'omap-for-v3.13/display-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into fixes

I accidentally removed some mux code for omap4 that I thought was
dead code as omap4 has been booting with device tree only since
v3.10. Turns out I also removed some display related mux code,
so let's revert that except for the dead code parts.

* tag 'omap-for-v3.13/display-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap: (439 commits)
  Revert "ARM: OMAP2+: Remove legacy mux code for display.c"
  +Linux 3.13-rc4
2013-12-20 08:30:50 -08:00
Theodore Ts'o f5a44db5d2 ext4: add explicit casts when masking cluster sizes
The missing casts can cause the high 64-bits of the physical blocks to
be lost.  Set up new macros which allows us to make sure the right
thing happen, even if at some point we end up supporting larger
logical block numbers.

Thanks to the Emese Revfy and the PaX security team for reporting this
issue.

Reported-by: PaX Team <pageexec@freemail.hu>
Reported-by: Emese Revfy <re.emese@gmail.com>                                 
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@vger.kernel.org
2013-12-20 09:29:35 -05:00
Helmut Schaa 443d20fd18 netfilter: nf_ct_timestamp: Fix BUG_ON after netns deletion
When having nf_conntrack_timestamp enabled deleting a netns
can lead to the following BUG being triggered:

[63836.660000] Kernel bug detected[#1]:
[63836.660000] CPU: 0 PID: 0 Comm: swapper Not tainted 3.10.18 #14
[63836.660000] task: 802d9420 ti: 802d2000 task.ti: 802d2000
[63836.660000] $ 0   : 00000000 00000000 00000000 00000000
[63836.660000] $ 4   : 00000001 00000004 00000020 00000020
[63836.660000] $ 8   : 00000000 80064910 00000000 00000000
[63836.660000] $12   : 0bff0002 00000001 00000000 0a0a0abe
[63836.660000] $16   : 802e70a0 85f29d80 00000000 00000004
[63836.660000] $20   : 85fb62a0 00000002 802d3bc0 85fb62a0
[63836.660000] $24   : 00000000 87138110
[63836.660000] $28   : 802d2000 802d3b40 00000014 871327cc
[63836.660000] Hi    : 000005ff
[63836.660000] Lo    : f2edd000
[63836.660000] epc   : 87138794 __nf_ct_ext_add_length+0xe8/0x1ec [nf_conntrack]
[63836.660000]     Not tainted
[63836.660000] ra    : 871327cc nf_conntrack_in+0x31c/0x7b8 [nf_conntrack]
[63836.660000] Status: 1100d403 KERNEL EXL IE
[63836.660000] Cause : 00800034
[63836.660000] PrId  : 0001974c (MIPS 74Kc)
[63836.660000] Modules linked in: ath9k ath9k_common pppoe ppp_async iptable_nat ath9k_hw ath pppox ppp_generic nf_nat_ipv4 nf_conntrack_ipv4 mac80211 ipt_MASQUERADE cfg80211 xt_time xt_tcpudp xt_state xt_quota xt_policy xt_pkttype xt_owner xt_nat xt_multiport xt_mark xh
[63836.660000] Process swapper (pid: 0, threadinfo=802d2000, task=802d9420, tls=00000000)
[63836.660000] Stack : 802e70a0 871323d4 00000005 87080234 802e70a0 86d2a840 00000000 00000000
[63836.660000] Call Trace:
[63836.660000] [<87138794>] __nf_ct_ext_add_length+0xe8/0x1ec [nf_conntrack]
[63836.660000] [<871327cc>] nf_conntrack_in+0x31c/0x7b8 [nf_conntrack]
[63836.660000] [<801ff63c>] nf_iterate+0x90/0xec
[63836.660000] [<801ff730>] nf_hook_slow+0x98/0x164
[63836.660000] [<80205968>] ip_rcv+0x3e8/0x40c
[63836.660000] [<801d9754>] __netif_receive_skb_core+0x624/0x6a4
[63836.660000] [<801da124>] process_backlog+0xa4/0x16c
[63836.660000] [<801d9bb4>] net_rx_action+0x10c/0x1e0
[63836.660000] [<8007c5a4>] __do_softirq+0xd0/0x1bc
[63836.660000] [<8007c730>] do_softirq+0x48/0x68
[63836.660000] [<8007c964>] irq_exit+0x54/0x70
[63836.660000] [<80060830>] ret_from_irq+0x0/0x4
[63836.660000] [<8006a9f8>] r4k_wait_irqoff+0x18/0x1c
[63836.660000] [<8009cfb8>] cpu_startup_entry+0xa4/0x104
[63836.660000] [<802eb918>] start_kernel+0x394/0x3ac
[63836.660000]
[63836.660000]
Code: 00821021  8c420000  2c440001 <00040336> 90440011  92350010  90560010  2485ffff  02a5a821
[63837.040000] ---[ end trace ebf660c3ce3b55e7 ]---
[63837.050000] Kernel panic - not syncing: Fatal exception in interrupt
[63837.050000] Rebooting in 3 seconds..

Fix this by not unregistering the conntrack extension in the per-netns
cleanup code.

This bug was introduced in (73f4001 netfilter: nf_ct_tstamp: move
initialization out of pernet_operations).

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2013-12-20 14:58:29 +01:00
Steven Whitehouse 582d2f7aed GFS2: Wait for async DIO in glock state changes
We need to wait for any outstanding DIO to complete in a couple
of situations. Firstly, in case we are changing out of deferred
mode (in inode_go_sync) where GLF_DIRTY will not be set. That
call could be prefixed with a test for gl_state == LM_ST_DEFERRED
but it doesn't seem worth it bearing in mind that the test for
outstanding DIO is very quick anyway, in the usual case that there
is none.

The second case is in inode_go_lock which will catch the cases
where we have a cached EX lock, but where we grant deferred locks
against it so that there is no glock state transistion. We only
need to wait if the state is not deferred, since DIO is valid
anyway in that state.

Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-12-20 10:42:08 +00:00
Steven Whitehouse dfd11184d8 GFS2: Fix incorrect invalidation for DIO/buffered I/O
In patch 209806aba9 we allowed
local deferred locks to be granted against a cached exclusive
lock. That opened up a corner case which this patch now
fixes.

The solution to the problem is to check whether we have cached
pages each time we do direct I/O and if so to unmap, flush
and invalidate those pages. Since the glock state machine
normally does that for us, mostly the code will be a no-op.

Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
2013-12-20 10:41:21 +00:00
Daniel Borkmann 540436c80e netfilter: nft_exthdr: call ipv6_find_hdr() with explicitly initialized offset
In nft's nft_exthdr_eval() routine we process IPv6 extension header
through invoking ipv6_find_hdr(), but we call it with an uninitialized
offset variable that contains some stack value. In ipv6_find_hdr()
we then test if the value of offset != 0 and call skb_header_pointer()
on that offset in order to map struct ipv6hdr into it. Fix it up by
initializing offset to 0 as it was probably intended to be.

Fixes: 96518518cc ("netfilter: add nftables")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2013-12-20 11:25:10 +01:00
Alex Deucher e2f6c88fb9 drm/radeon: fix asic gfx values for scrapper asics
Fixes gfx corruption on certain TN/RL parts.

bug:
https://bugs.freedesktop.org/show_bug.cgi?id=60389

Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
2013-12-19 19:41:46 -05:00
Wang Weidong 965cdea825 dccp: catch failed request_module call in dccp_probe init
Check the return value of request_module during dccp_probe initialisation,
bail out if that call fails.

Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Wang Weidong <wangweidong1@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-19 19:25:50 -05:00
David S. Miller b1aca94efa Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/net
Jeff Kirsher says:

====================
Intel Wired LAN Driver Updates

This series contains updates to net, ixgbe and e1000e.

David provides compiler fixes for e1000e.

Don provides a fix for ixgbe to resolve a compile warning.

John provides a fix to net where it is useful to be able to walk all
upper devices when bringing a device online where the RTNL lock is held.
In this case, it is safe to walk the all_adj_list because the RTNL lock is
used to protect the write side as well.  This patch adds a check to see
if the RTNL lock is held before throwing a warning in
netdev_all_upper_get_next_dev_rcu().
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-19 19:23:54 -05:00
Leigh Brown 1a1f20bc9d net: mvmdio: fix interrupt timeout handling
This version corrects the whitespace issue.

orion_mdio_wait_ready uses wait_event_timeout to wait for the
SMI interrupt to fire.  wait_event_timeout waits for between
"timeout - 1" and "timeout" jiffies.  In this case a 1ms timeout
when HZ is 1000 results in a wait of 0 to 1 jiffies, causing
premature timeouts.

This fix ensures a minimum timeout of 2 jiffies, ensuring
wait_event_timeout will always wait at least 1 jiffie.

Issue reported by Nicolas Schichan.

Tested-by: Nicolas Schichan <nschichan@freebox.fr>
Signed-off-by: Leigh Brown <leigh@solinno.co.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-19 19:20:44 -05:00
Betty Dall a4f6363476 atl1c: Check return from pci_find_ext_capability() in atl1c_reset_pcie()
The function atl1c_reset_pcie() does not check the return from
pci_find_ext_cabability() where it is getting the postion of the
PCI_EXT_CAP_ID_ERR. It is possible for the return to be 0.

Signed-off-by: Betty Dall <betty.dall@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-19 19:14:42 -05:00
Li RongQing 24f5b855e1 ipv6: always set the new created dst's from in ip6_rt_copy
ip6_rt_copy only sets dst.from if ort has flag RTF_ADDRCONF and RTF_DEFAULT.
but the prefix routes which did get installed by hand locally can have an
expiration, and no any flag combination which can ensure a potential from
does never expire, so we should always set the new created dst's from.

This also fixes the new created dst is always expired since the ort, which
is created by RA, maybe has RTF_EXPIRES and RTF_ADDRCONF, but no RTF_DEFAULT.

Suggested-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
CC: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: Li RongQing <roy.qing.li@gmail.com>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-19 18:35:21 -05:00
Kevin Hilman 5b8314a988 Couple of updates to MAINTAINERS file for Keystone
- Add git tree information
 - Add clock drivers entry
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJSr3LGAAoJEHJsHOdBp5c/kV8QALpVFfHFLw2RWn3pZyhKor4r
 8Mix72f886j7Fxao/9+xutW6+G4QVzNb/Bbi5EwOCf3xaFStO9ZJMMTD7Irpfz3/
 FKRlaKxi23AuTrOvrT1dWT0EV4/Zu1tvoP6G7ElQ8RkYcVHdAxx0qa8Sjoe1F6yE
 UwzlXC+uduXffw6PLZyxzDquLR0eJMNFO52C33bJ2ZYQfczwdBU1Qdm8wvj+HrWM
 L+iJFVVFhnp5VpQk40JNtzMbleJPBOR/XhCQQnwb7UqZ3A5JZgxIULvdFXbEUq5B
 1vMuVc592UruxW1W9IG9fafAHYmOU0VR1WGiCy3+nVZrdHRXl6DqM6h+MAPyolXE
 K3KtnGz+l5Rq4LfwxIgnMpUZL+ezUVqUFKkoFVCRmulQZlKvEG2z3bQDzTRenHBN
 vM0Bk2E0W22W+MFvD3CThBxmTgS61rhZXBAVCGx57qIFnP5o02wCjb/wvuELwoXo
 Z7RlLaTfhtDGtPGOP0ePjjdwmBdEE47AQmgMXI4Rpvz0Ap3n4hf8e67d2IG0JjJL
 6YMyMxJxBFkBznp+BNEMcQKdP55Rs3XHeCvbwOlfMShHyJBl5eT6N7Y/WTTANNFz
 3Ow8x651uX/nVryOFs9nJBGpOEEVern515wc8cqHmrciYZZQKgkZ8w42YPhOK8/j
 iBraw4OZojqHyRLmP/VA
 =xMe6
 -----END PGP SIGNATURE-----

Merge tag 'keystone/maintainer-file' of git://git.kernel.org/pub/scm/linux/kernel/git/ssantosh/linux-keystone into fixes

From Santosh Shilimkar:
Couple of updates to MAINTAINERS file for Keystone

- Add git tree information
- Add clock drivers entry

* tag 'keystone/maintainer-file' of git://git.kernel.org/pub/scm/linux/kernel/git/ssantosh/linux-keystone:
  MAINTAINERS: Add keystone clock drivers
  MAINTAINERS: Add keystone git tree information

Signed-off-by: Kevin Hilman <khilman@linaro.org>
2013-12-19 15:13:16 -08:00
Eric Dumazet 7a2a84518c net: fec: fix potential use after free
skb_tx_timestamp(skb) should be called _before_ TX completion
has a chance to trigger, otherwise it is too late and we access
freed memory.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Fixes: de5fb0a053 ("net: fec: put tx to napi poll function to fix dead lock")
Cc: Frank Li <Frank.Li@freescale.com>
Cc: Richard Cochran <richardcochran@gmail.com>
Acked-by: Richard Cochran <richardcochran@gmail.com>
Acked-by: Frank Li <Frank.Li@freescale.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-19 18:03:25 -05:00
Nicholas Bellinger dcd211997d qla2xxx: Fix scsi_host leak on qlt_lport_register callback failure
This patch fixes a possible scsi_host reference leak in qlt_lport_register(),
when a non zero return from the passed (*callback) does not call drop the
local reference via scsi_host_put() before returning.

This currently does not effect existing tcm_qla2xxx code as the passed callback
will never fail, but fix this up regardless for future code.

Cc: Chad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2013-12-19 14:50:17 -08:00
Andy Grover de06875f08 target: Remove extra percpu_ref_init
lun->lun_ref is also initialized in core_tpg_post_addlun, so it doesn't
need to be done in core_tpg_setup_virtual_lun0.

(nab: Drop left-over percpu_ref_cancel_init in failure path)

Signed-off-by: Andy Grover <agrover@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2013-12-19 14:49:54 -08:00
Jan Beulich fce7d3bfc0 x86/efi: Don't select EFI from certain special ACPI drivers
Commit 7ea6c6c1 ("Move cper.c from drivers/acpi/apei to
drivers/firmware/efi") results in CONFIG_EFI being enabled even
when the user doesn't want this. Since ACPI APEI used to build
fine without UEFI (and as far as I know also has no functional
depency on it), at least in that case using a reverse dependency
is wrong (and a straight one isn't needed).

Whether the same is true for ACPI_EXTLOG I don't know - if there
is a functional dependency, it should depend on EFI rather than
selecting it. It certainly has (currently) no build dependency.

Adjust Kconfig and build logic so that the bad dependency gets
avoided.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Tony Luck <tony.luck@intel.com>
Cc: Matt Fleming <matt.fleming@intel.com>
Link: http://lkml.kernel.org/r/52AF1EBC020000780010DBF9@nat28.tlf.novell.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2013-12-19 21:32:46 +01:00
Michal Schmidt c047e07073 bnx2x: downgrade "valid ME register value" message level
"valid ME register value" is not an error. It should be logged for
debugging only.

Signed-off-by: Michal Schmidt <mschmidt@redhat.com>
Acked-by: Yuval Mintz <yuvalmin@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-19 15:16:16 -05:00
Salva Peiró 8e3fbf8704 hamradio/yam: fix info leak in ioctl
The yam_ioctl() code fails to initialise the cmd field
of the struct yamdrv_ioctl_cfg. Add an explicit memset(0)
before filling the structure to avoid the 4-byte info leak.

Signed-off-by: Salva Peiró <speiro@ai2.upv.es>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-19 15:09:38 -05:00
Wenliang Fan e9db5c21d3 drivers/net/hamradio: Integer overflow in hdlcdrv_ioctl()
The local variable 'bi' comes from userspace. If userspace passed a
large number to 'bi.data.calibrate', there would be an integer overflow
in the following line:
	s->hdlctx.calibrate = bi.data.calibrate * s->par.bitrate / 16;

Signed-off-by: Wenliang Fan <fanwlexca@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-19 15:02:14 -05:00
Wei Yongjun 0c8d087c04 xen-netback: fix some error return code
'err' is overwrited to 0 after maybe_pull_tail() call, so the error
code was not set if skb_partial_csum_set() call failed. Fix to return
error -EPROTO from those error handling case instead of 0.

Fixes: d52eb0d46f ('xen-netback: make sure skb linear area covers checksum field')
Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Acked-by: Wei Liu <wei.liu2@citrix.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-19 14:58:47 -05:00
Daniel Borkmann b1aac815c0 net: inet_diag: zero out uninitialized idiag_{src,dst} fields
Jakub reported while working with nlmon netlink sniffer that parts of
the inet_diag_sockid are not initialized when r->idiag_family != AF_INET6.
That is, fields of r->id.idiag_src[1 ... 3], r->id.idiag_dst[1 ... 3].

In fact, it seems that we can leak 6 * sizeof(u32) byte of kernel [slab]
memory through this. At least, in udp_dump_one(), we allocate a skb in ...

  rep = nlmsg_new(sizeof(struct inet_diag_msg) + ..., GFP_KERNEL);

... and then pass that to inet_sk_diag_fill() that puts the whole struct
inet_diag_msg into the skb, where we only fill out r->id.idiag_src[0],
r->id.idiag_dst[0] and leave the rest untouched:

  r->id.idiag_src[0] = inet->inet_rcv_saddr;
  r->id.idiag_dst[0] = inet->inet_daddr;

struct inet_diag_msg embeds struct inet_diag_sockid that is correctly /
fully filled out in IPv6 case, but for IPv4 not.

So just zero them out by using plain memset (for this little amount of
bytes it's probably not worth the extra check for idiag_family == AF_INET).

Similarly, fix also other places where we fill that out.

Reported-by: Jakub Zawadzki <darkjames-ws@darkjames.pl>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-19 14:55:52 -05:00
Len Brown 40e2d7f9b5 x86 idle: Repair large-server 50-watt idle-power regression
Linux 3.10 changed the timing of how thread_info->flags is touched:

	x86: Use generic idle loop
	(7d1a941731)

This caused Intel NHM-EX and WSM-EX servers to experience a large number
of immediate MONITOR/MWAIT break wakeups, which caused cpuidle to demote
from deep C-states to shallow C-states, which caused these platforms
to experience a significant increase in idle power.

Note that this issue was already present before the commit above,
however, it wasn't seen often enough to be noticed in power measurements.

Here we extend an errata workaround from the Core2 EX "Dunnington"
to extend to NHM-EX and WSM-EX, to prevent these immediate
returns from MWAIT, reducing idle power on these platforms.

While only acpi_idle ran on Dunnington, intel_idle
may also run on these two newer systems.
As of today, there are no other models that are known
to need this tweak.

Link: http://lkml.kernel.org/r/CAJvTdK=%2BaNN66mYpCGgbHGCHhYQAKx-vB0kJSWjVpsNb_hOAtQ@mail.gmail.com
Signed-off-by: Len Brown <len.brown@intel.com>
Link: http://lkml.kernel.org/r/baff264285f6e585df757d58b17788feabc68918.1387403066.git.len.brown@intel.com
Cc: <stable@vger.kernel.org> # 3.12.x, 3.11.x, 3.10.x
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2013-12-19 11:47:39 -08:00
Tejun Heo 85fbd722ad libata, freezer: avoid block device removal while system is frozen
Freezable kthreads and workqueues are fundamentally problematic in
that they effectively introduce a big kernel lock widely used in the
kernel and have already been the culprit of several deadlock
scenarios.  This is the latest occurrence.

During resume, libata rescans all the ports and revalidates all
pre-existing devices.  If it determines that a device has gone
missing, the device is removed from the system which involves
invalidating block device and flushing bdi while holding driver core
layer locks.  Unfortunately, this can race with the rest of device
resume.  Because freezable kthreads and workqueues are thawed after
device resume is complete and block device removal depends on
freezable workqueues and kthreads (e.g. bdi_wq, jbd2) to make
progress, this can lead to deadlock - block device removal can't
proceed because kthreads are frozen and kthreads can't be thawed
because device resume is blocked behind block device removal.

839a8e8660 ("writeback: replace custom worker pool implementation
with unbound workqueue") made this particular deadlock scenario more
visible but the underlying problem has always been there - the
original forker task and jbd2 are freezable too.  In fact, this is
highly likely just one of many possible deadlock scenarios given that
freezer behaves as a big kernel lock and we don't have any debug
mechanism around it.

I believe the right thing to do is getting rid of freezable kthreads
and workqueues.  This is something fundamentally broken.  For now,
implement a funny workaround in libata - just avoid doing block device
hot[un]plug while the system is frozen.  Kernel engineering at its
finest.  :(

v2: Add EXPORT_SYMBOL_GPL(pm_freezing) for cases where libata is built
    as a module.

v3: Comment updated and polling interval changed to 10ms as suggested
    by Rafael.

v4: Add #ifdef CONFIG_FREEZER around the hack as pm_freezing is not
    defined when FREEZER is not configured thus breaking build.
    Reported by kbuild test robot.

Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Tomaž Šolc <tomaz.solc@tablix.org>
Reviewed-by: "Rafael J. Wysocki" <rjw@rjwysocki.net>
Link: https://bugzilla.kernel.org/show_bug.cgi?id=62801
Link: http://lkml.kernel.org/r/20131213174932.GA27070@htj.dyndns.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Len Brown <len.brown@intel.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: stable@vger.kernel.org
Cc: kbuild test robot <fengguang.wu@intel.com>
2013-12-19 13:50:32 -05:00
Will Deacon cdc27c2784 arm64: ptrace: avoid using HW_BREAKPOINT_EMPTY for disabled events
Commit 8f34a1da35 ("arm64: ptrace: use HW_BREAKPOINT_EMPTY type for
disabled breakpoints") fixed an issue with GDB trying to zero breakpoint
control registers. The problem there is that the arch hw_breakpoint code
will attempt to create a (disabled), execute breakpoint of length 0.

This will fail validation and report unexpected failure to GDB. To avoid
this, we treated disabled breakpoints as HW_BREAKPOINT_EMPTY, but that
seems to have broken with recent kernels, causing watchpoints to be
treated as TYPE_INST in the core code and returning ENOSPC for any
further breakpoints.

This patch fixes the problem by prioritising the `enable' field of the
breakpoint: if it is cleared, we simply update the perf_event_attr to
indicate that the thing is disabled and don't bother changing either the
type or the length. This reinforces the behaviour that the breakpoint
control register is essentially read-only apart from the enable bit
when disabling a breakpoint.

Cc: <stable@vger.kernel.org>
Reported-by: Aaron Liu <liucy214@gmail.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2013-12-19 17:41:25 +00:00
Linus Torvalds f7556698a3 Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull scheduler fixes from Ingo Molnar:
 "An RT group-scheduling fix and the sched-domains topology setup fix
  from Mel"

* 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  sched/rt: Fix rq's cpupri leak while enqueue/dequeue child RT entities
  sched: Assign correct scheduling domain to 'sd_llc'
2013-12-19 09:11:22 -08:00
Linus Torvalds 58cac3faef Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull perf fixes from Ingo Molnar:
 "An ABI documentation fix, and a mixed-PMU perf-info-corruption fix"

* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  perf: Document the new transaction sample type
  perf: Disable all pmus on unthrottling and rescheduling
2013-12-19 09:10:46 -08:00
Linus Torvalds 9b1be0f976 sound fixes for 3.13-rc5
We have a bit more changes than usual in ASoC here, as it was slipped
 from the previous update.  There are one minr ASoC PCM code fix and
 ASoC dmaengine fix, in addition of a collection of small ASoC driver
 fixes.  The rest are a couple of HD-audio stable fixups, and a
 long-standing fix for the paused stream handling.
 
 So, all commits look not scary (and hopefully won't give you
 disastrous holiday season).
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJSstz0AAoJEGwxgFQ9KSmkc7UP/A5n/mgQlsyyjax0bJSEK0gx
 0GpqnCo4mQFypDnPpb6MN3Xa8GDS+MbUFUmZYOpuB3aAoUm0quiBpB9u7tfjr/BO
 lMS42dhvDQSe+EGJDoBo6TAp8yb2uU7x70GqnzijWvISqn5rMzgFRWuUPKnXEuaE
 On++cPZhfy0f8sWmh2FdBXDeKNa/32n2RU3PcO8vdAG3BRz8eO05cVxGV8hywHHa
 BGMwsVUUq+9jT4sF5a8pbqC9J1+EmJk1xkNc3I+i7KDw0MrwUsyt/i/MbcNBcNgH
 FyG2VejPHkcpPs/wSZNRZe0nHjAyCYsYMFjmS0V7HqZYdKWUTzBhP63QRrUC5Dgw
 lEDpApKIk+6gFgBY7tyqD3MEG5K6YSs7h0jElm32ei649U15IMr1nXB4FYM3zYyY
 PBzFpTcO+lpIj/kV7GJeIdCROLUKaTheHEd4TpbNt2lLWwFs05B1b/QhMF50zw3X
 7ad+VxZx+3PbvQrUU2IsBth23I9x4a9HwSScTq9xZdMzWT3TQ7O4B/Ii15rI4QTK
 oQ3tofuqx3IJFoRcrXMZwF8RfKYopseO208so1v9qHt+5UeYxp8xokpa8QHzY3Yw
 UjsaymLdp+uCeEYE2reaE6d4xFPXiEr2vPgBDR7ZAZLVKrlDl5+AND1m6E0FVG2v
 FHlJjFh58wngEbSfQbbk
 =OXEI
 -----END PGP SIGNATURE-----

Merge tag 'sound-3.13-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound

Pull sound fixes from Takashi Iwai:
 "We have a bit more changes than usual in ASoC here, as it was slipped
  from the previous update.  There are one minr ASoC PCM code fix and
  ASoC dmaengine fix, in addition of a collection of small ASoC driver
  fixes.  The rest are a couple of HD-audio stable fixups, and a
  long-standing fix for the paused stream handling.

  So, all commits look not scary (and hopefully won't give you
  disastrous holiday season)"

* tag 'sound-3.13-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ALSA: hda - Add Dell headset detection quirk for one more laptop model
  ASoC: wm8904: fix DSP mode B configuration
  ASoC: wm_adsp: Add small delay while polling DSP RAM start
  ALSA: Add SNDRV_PCM_STATE_PAUSED case in wait_for_avail function
  ASoC: kirkwood: Fix the CPU DAI rates
  ASoC: wm5110: Correct HPOUT3 DAPM route typo
  ALSA: hda - Add Dell headset detection quirk for three laptop models
  ALSA: hda - Add enable_msi=0 workaround for four HP machines
  ASoC: don't leak on error in snd_dmaengine_pcm_register
  ASoC: fsl: imx-wm8962: Don't update bias_level in machine driver
  ASoC: tegra: fix uninitialized variables in set_fmt
  ASoC: wm8962: Enable SYSCLK provisonally before fetching generated DSPCLK_DIV
  ASoC: sam9x5_wm8731: change to work in DSP A mode
  ASoC: atmel_ssc_dai: add dai trigger ops
  ASoC: soc-pcm: Use valid condition for snd_soc_dai_digital_mute() in hw_free()
2013-12-19 09:10:10 -08:00
Matias Bjorling d15ee6b1a4 null_blk: warning on ignored submit_queues param
Let the user know when the number of submission queues are being
ignored.

Signed-off-by: Matias Bjorling <m@bjorling.me>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2013-12-19 08:09:43 -07:00
Matias Bjorling 2d263a7856 null_blk: refactor init and init errors code paths
Simplify the initialization logic of the three block-layers.

- The queue initialization is split into two parts. This allows reuse of
  code when initializing the sq-, bio- and mq-based layers.
- Set submit_queues default value to 0 and always set it at init time.
- Simplify the init error code paths.

Signed-off-by: Matias Bjorling <m@bjorling.me>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2013-12-19 08:09:42 -07:00
Matias Bjorling 12f8f4fc03 null_blk: documentation
Add description of module and its parameters.

Signed-off-by: Matias Bjorling <m@bjorling.me>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2013-12-19 08:09:41 -07:00
Matias Bjorling 0c56010c83 null_blk: mem garbage on NUMA systems during init
For NUMA systems, initializing the blk-mq layer and using per node hctx.
We initialize submit queues to 1, while blk-mq nr_hw_queues is
initialized to the number of NUMA nodes.

This makes the null_init_hctx function overwrite memory outside of what
it allocated.  In my case it lead to writing garbage into struct
request_queue's mq_map.

Signed-off-by: Matias Bjorling <m@bjorling.me>
Cc: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-12-19 08:09:38 -07:00
Rashika Kheria a26ba7fadd drivers: block: Mark the functions as static in skd_main.c
Mark functions skd_skmsg_state_to_str() and skd_skreq_state_to_str() as
static in skd_main.c because they are not used outside this file.

This eliminates the following warnings in skd_main.c:
drivers/block/skd_main.c:5272:13: warning: no previous prototype for ‘skd_skmsg_state_to_str’ [-Wmissing-prototypes]
drivers/block/skd_main.c:5284:13: warning: no previous prototype for ‘skd_skreq_state_to_str’ [-Wmissing-prototypes]

Signed-off-by: Rashika Kheria <rashika.kheria@gmail.com>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2013-12-19 08:06:49 -07:00
Vineet Gupta 1e01c7eb7c ARC: Allow conditional multiple inclusion of uapi/asm/unistd.h
Commit 97bc386fc1 "ARC: Add guard macro to uapi/asm/unistd.h"
inhibited multiple inclusion of ARCH unistd.h. This however hosed the system
since Generic syscall table generator relies on it being included twice,
and in lack-of an empty table was emitted by C preprocessor.

Fix that by allowing one exception to rule for the special case (just
like Xtensa)

Suggested-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
2013-12-19 19:44:12 +05:30
Takashi Iwai 356f402da0 ASoC: Fixes for v3.13
The fixes here are all driver specific ones, none of which particularly
 stand out but all of which are useful to users of those drivers.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.15 (GNU/Linux)
 
 iQIcBAABAgAGBQJSstRwAAoJELSic+t+oim9zPcP/3bbMKIGKrRhnkGrYWrJQqBS
 NVj327bouHo8TwvW/PDrApY9QOXMxv9Z5GMeazJJ4Y6rOZ/zYVOpO1kU6vwGZ+so
 GMtMGFzV5+aF0Rvud+YAKFFV6uj/hkP08YKt9tDFAXBia/Ff8MVdvCW1xt1a6wO4
 En+tmZKenhELKjtbnhpfCZClcFLYZxmtYR94Tr3NvzaIDMG0cdR5hKF8V93Wr66v
 mCyBG8AblRoWklKNoB2UXJup9/xDR1yggaCq8ObSRbNfs8Zxso6fN7LrqjWuNz7w
 Yvh/UiRNqWjcrmihaqRvt0KayEXF5ZSvTUB0U7InYmeZZArITMIJ2Z/BXzi1SazG
 /kCg9qkNigeUYMpJPDOm71SKjvzSB1mL+Eol/5wC/GxmdFMEriKf5ob7D3Kq1zR+
 c83bZZqK+663OXTdmASTB5wDAyDqwHBFVdOQlY4s8L11nP/bHDgeiRAcni4wdfOW
 xovgyPY+PMGFJBfqqvoXShNtDsp2gMDhWYDrH9vUvwUQAhdikPbfEU9KhlOfEpiv
 /HMD3r0VKbsstBhE9CE5dnmketQNHPDBkBCzhoFmKOQPKhR9lBwNkLiLQEYfvWaB
 omg0vPUubTb+EN6lechRoPYI/s6+mZ+nBaj3skI3MUcqfsegL7QLl6O4RNlCOFD9
 S83sp2o6MK1qHspj1MP4
 =pOaJ
 -----END PGP SIGNATURE-----

Merge tag 'asoc-v3.13-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus

ASoC: Fixes for v3.13

The fixes here are all driver specific ones, none of which particularly
stand out but all of which are useful to users of those drivers.
2013-12-19 12:22:11 +01:00
Mark Brown 96b7fe0119 Merge remote-tracking branches 'asoc/fix/adsp', 'asoc/fix/arizona', 'asoc/fix/atmel', 'asoc/fix/fsl', 'asoc/fix/kirkwood', 'asoc/fix/tegra', 'asoc/fix/wm8904' and 'asoc/fix/wm8962' into asoc-linus 2013-12-19 10:25:27 +00:00
Mark Brown 3c19a0a2bd Merge remote-tracking branch 'asoc/fix/dma' into asoc-linus 2013-12-19 10:25:27 +00:00
Mark Brown 6da37d470b Merge remote-tracking branch 'asoc/fix/core' into asoc-linus 2013-12-19 10:25:26 +00:00
Ben Dooks d721a15c30 ARM: shmobile: r8a7790: fix shdi resource sizes
The r8a7790.dtsi file has four sdhi nodes which the first two have the wrong
resource size for their register block. This causes the sh_modbile_sdhi driver
to fail to communicate with card at-all.

Change sdhi{0,1} node size from 0x100 to 0x200 to correct these nodes
as per Kuninori Morimoto's response to the original patch where all four
nodes where changed. sdhi{2,3} are the correct size.

This bug has been present since sdhi resources were added to the r8a7790 by
8c9b1aa418 ("ARM: shmobile: r8a7790: add MMCIF and SDHI DT
templates") in v3.11-rc2.

Signed-off-by: Ben Dooks <ben.dooks@codethink.co.uk>
Tested-by: William Towle <william.towle@codethink.co.uk>
Acked-by: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com>
Signed-off-by: Simon Horman <horms+renesas@verge.net.au>
2013-12-19 18:14:48 +09:00
Kuninori Morimoto 4799e310ca ARM: shmobile: bockw: fixup DMA mask
4dcfa60071
(ARM: DMA-API: better handing of DMA masks for coherent allocations)
exchanged DMA mask check method.
Below warning will appear without this patch

asoc-simple-card asoc-simple-card.0: \
  Coherent DMA mask 0xffffffffffffffff is larger than dma_addr_t allows
asoc-simple-card asoc-simple-card.0: \
  Driver did not use or check the return value from dma_set_coherent_mask()?

Signed-off-by: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com>
Acked-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Signed-off-by: Simon Horman <horms+renesas@verge.net.au>
2013-12-19 18:10:26 +09:00
Nicholas Bellinger 95cadace8f target/file: Update hw_max_sectors based on current block_size
This patch allows FILEIO to update hw_max_sectors based on the current
max_bytes_per_io.  This is required because vfs_[writev,readv]() can accept
a maximum of 2048 iovecs per call, so the enforced hw_max_sectors really
needs to be calculated based on block_size.

This addresses a >= v3.5 bug where block_size=512 was rejecting > 1M
sized I/O requests, because FD_MAX_SECTORS was hardcoded to 2048 for
the block_size=4096 case.

(v2: Use max_bytes_per_io instead of ->update_hw_max_sectors)

Reported-by: Henrik Goldman <hg@x-formation.com>
Cc: <stable@vger.kernel.org> #3.5+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2013-12-19 00:18:54 -08:00
Nicholas Bellinger 2853c2b667 iser-target: Move INIT_WORK setup into isert_create_device_ib_res
This patch moves INIT_WORK setup for cq_desc->cq_[rx,tx]_work into
isert_create_device_ib_res(), instead of being done each callback
invocation in isert_cq_[rx,tx]_callback().

This also fixes a 'INFO: trying to register non-static key' warning
when cancel_work_sync() is called before INIT_WORK has setup the
struct work_struct.

Reported-by: Or Gerlitz <ogerlitz@mellanox.com>
Cc: <stable@vger.kernel.org> #3.12+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2013-12-19 00:18:43 -08:00
Nicholas Bellinger db6077fd0b iscsi-target: Fix incorrect np->np_thread NULL assignment
When shutting down a target there is a race condition between
iscsit_del_np() and __iscsi_target_login_thread().
The latter sets the thread pointer to NULL, and the former
tries to issue kthread_stop() on that pointer without any
synchronization.

This patch moves the np->np_thread NULL assignment into
iscsit_del_np(), after kthread_stop() has completed. It also
removes the signal_pending() + np_state check, and only
exits when kthread_should_stop() is true.

Reported-by: Hannes Reinecke <hare@suse.de>
Cc: <stable@vger.kernel.org> #3.12+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2013-12-19 00:18:25 -08:00
Laurent Pinchart 9fb444f22f ARM: shmobile: armadillo: Add PWM backlight power supply
Commit 22ceeee16e ("pwm-backlight: Add
power supply support") added a mandatory power supply for the PWM
backlight. Add a fixed 5V regulator to board code with a consumer supply
entry for the backlight device.

Signed-off-by: Laurent Pinchart <laurent.pinchart+renesas@ideasonboard.com>
Signed-off-by: Simon Horman <horms+renesas@verge.net.au>
(cherry picked from commit ad11cb9a5cf96346f1240995c672cdbb5501785c)
Signed-off-by: Simon Horman <horms+renesas@verge.net.au>
2013-12-19 15:24:35 +09:00
Linus Torvalds 86fbf1617a Merge branch 'akpm' (incoming from Andrew)
Merge patches from Andrew Morton:
 "23 fixes and a MAINTAINERS update"

* emailed patches from Andrew Morton <akpm@linux-foundation.org>: (24 commits)
  mm/hugetlb: check for pte NULL pointer in __page_check_address()
  fix build with make 3.80
  mm/mempolicy: fix !vma in new_vma_page()
  MAINTAINERS: add Davidlohr as GPT maintainer
  mm/memory-failure.c: recheck PageHuge() after hugetlb page migrate successfully
  mm/compaction: respect ignore_skip_hint in update_pageblock_skip
  mm/mempolicy: correct putback method for isolate pages if failed
  mm: add missing dependency in Kconfig
  sh: always link in helper functions extracted from libgcc
  mm: page_alloc: exclude unreclaimable allocations from zone fairness policy
  mm: numa: defer TLB flush for THP migration as long as possible
  mm: numa: guarantee that tlb_flush_pending updates are visible before page table updates
  mm: fix TLB flush race between migration, and change_protection_range
  mm: numa: avoid unnecessary disruption of NUMA hinting during migration
  mm: numa: clear numa hinting information on mprotect
  sched: numa: skip inaccessible VMAs
  mm: numa: avoid unnecessary work on the failure path
  mm: numa: ensure anon_vma is locked to prevent parallel THP splits
  mm: numa: do not clear PTE for pte_numa update
  mm: numa: do not clear PMD during PTE update scan
  ...
2013-12-18 19:05:00 -08:00
Jianguo Wu 98398c32f6 mm/hugetlb: check for pte NULL pointer in __page_check_address()
In __page_check_address(), if address's pud is not present,
huge_pte_offset() will return NULL, we should check the return value.

Signed-off-by: Jianguo Wu <wujianguo@huawei.com>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: qiuxishi <qiuxishi@huawei.com>
Cc: Hanjun Guo <guohanjun@huawei.com>
Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-12-18 19:04:52 -08:00
Jan Beulich 7ac1815683 fix build with make 3.80
According to Documentation/Changes, make 3.80 is still being supported
for building the kernel, hence make files must not make (unconditional)
use of features introduced only in newer versions.

Commit 1bf49dd4be ("./Makefile: export initial ramdisk compression
config option") however introduced "else ifeq" constructs which make
3.80 doesn't understand.  Replace the logic there with more conventional
(in the kernel build infrastructure) list constructs (except that the
list here is intentionally limited to exactly one element).

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Cc: P J P <ppandit@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-12-18 19:04:52 -08:00
Wanpeng Li 11c731e81b mm/mempolicy: fix !vma in new_vma_page()
BUG_ON(!vma) assumption is introduced by commit 0bf598d863 ("mbind:
add BUG_ON(!vma) in new_vma_page()"), however, even if

    address = __vma_address(page, vma);

and

    vma->start < address < vma->end

page_address_in_vma() may still return -EFAULT because of many other
conditions in it.  As a result the while loop in new_vma_page() may end
with vma=NULL.

This patch revert the commit and also fix the potential dereference NULL
pointer reported by Dan.

   http://marc.info/?l=linux-mm&m=137689530323257&w=2

  kernel BUG at mm/mempolicy.c:1204!
  invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
  CPU: 3 PID: 7056 Comm: trinity-child3 Not tainted 3.13.0-rc3+ #2
  task: ffff8801ca5295d0 ti: ffff88005ab20000 task.ti: ffff88005ab20000
  RIP: new_vma_page+0x70/0x90
  RSP: 0000:ffff88005ab21db0  EFLAGS: 00010246
  RAX: fffffffffffffff2 RBX: 0000000000000000 RCX: 0000000000000000
  RDX: 0000000008040075 RSI: ffff8801c3d74600 RDI: ffffea00079a8b80
  RBP: ffff88005ab21dc8 R08: 0000000000000004 R09: 0000000000000000
  R10: 0000000000000000 R11: 0000000000000000 R12: fffffffffffffff2
  R13: ffffea00079a8b80 R14: 0000000000400000 R15: 0000000000400000

  FS:  00007ff49c6f4740(0000) GS:ffff880244e00000(0000) knlGS:0000000000000000
  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  CR2: 00007ff49c68f994 CR3: 000000005a205000 CR4: 00000000001407e0
  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
  Stack:
   ffffea00079a8b80 ffffea00079a8bc0 ffffea00079a8ba0 ffff88005ab21e50
   ffffffff811adc7a 0000000000000000 ffff8801ca5295d0 0000000464e224f8
   0000000000000000 0000000000000002 0000000000000000 ffff88020ce75c00
  Call Trace:
    migrate_pages+0x12a/0x850
    SYSC_mbind+0x513/0x6a0
    SyS_mbind+0xe/0x10
    ia32_do_call+0x13/0x13
  Code: 85 c0 75 2f 4c 89 e1 48 89 da 31 f6 bf da 00 02 00 65 44 8b 04 25 08 f7 1c 00 e8 ec fd ff ff 5b 41 5c 41 5d 5d c3 0f 1f 44 00 00 <0f> 0b 66 0f 1f 44 00 00 4c 89 e6 48 89 df ba 01 00 00 00 e8 48
  RIP  [<ffffffff8119f200>] new_vma_page+0x70/0x90
   RSP <ffff88005ab21db0>

Signed-off-by: Wanpeng Li <liwanp@linux.vnet.ibm.com>
Reported-by: Dave Jones <davej@redhat.com>
Reported-by: Sasha Levin <sasha.levin@oracle.com>
Reviewed-by: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Reviewed-by: Bob Liu <bob.liu@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-12-18 19:04:52 -08:00