Commit Graph

455632 Commits

Author SHA1 Message Date
Tejun Heo 72d6f02a8d blk-mq: collapse __blk_mq_drain_queue() into blk_mq_freeze_queue()
Keeping __blk_mq_drain_queue() as a separate function doesn't buy us
anything and it's gonna be further simplified.  Let's flatten it into
its caller.

This patch doesn't make any functional change.

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Nicholas A. Bellinger <nab@linux-iscsi.org>
Signed-off-by: Jens Axboe <axboe@fb.com>
2014-07-01 10:33:02 -06:00
Tejun Heo 780db2071a blk-mq: decouble blk-mq freezing from generic bypassing
blk_mq freezing is entangled with generic bypassing which bypasses
blkcg and io scheduler and lets IO requests fall through the block
layer to the drivers in FIFO order.  This allows forward progress on
IOs with the advanced features disabled so that those features can be
configured or altered without worrying about stalling IO which may
lead to deadlock through memory allocation.

However, generic bypassing doesn't quite fit blk-mq.  blk-mq currently
doesn't make use of blkcg or ioscheds and it maps bypssing to
freezing, which blocks request processing and drains all the in-flight
ones.  This causes problems as bypassing assumes that request
processing is online.  blk-mq works around this by conditionally
allowing request processing for the problem case - during queue
initialization.

Another weirdity is that except for during queue cleanup, bypassing
started on the generic side prevents blk-mq from processing new
requests but doesn't drain the in-flight ones.  This shouldn't break
anything but again highlights that something isn't quite right here.

The root cause is conflating blk-mq freezing and generic bypassing
which are two different mechanisms.  The only intersecting purpose
that they serve is during queue cleanup.  Let's properly separate
blk-mq freezing from generic bypassing and simply use it where
necessary.

* request_queue->mq_freeze_depth is added and
  blk_mq_[un]freeze_queue() now operate on this counter instead of
  ->bypass_depth.  The replacement for QUEUE_FLAG_BYPASS isn't added
  but the counter is tested directly.  This will be further updated by
  later changes.

* blk_mq_drain_queue() is dropped and "__" prefix is dropped from
  blk_mq_freeze_queue().  Queue cleanup path now calls
  blk_mq_freeze_queue() directly.

* blk_queue_enter()'s fast path condition is simplified to simply
  check @q->mq_freeze_depth.  Previously, the condition was

	!blk_queue_dying(q) &&
	    (!blk_queue_bypass(q) || !blk_queue_init_done(q))

  mq_freeze_depth is incremented right after dying is set and
  blk_queue_init_done() exception isn't necessary as blk-mq doesn't
  start frozen, which only leaves the blk_queue_bypass() test which
  can be replaced by @q->mq_freeze_depth test.

This change simplifies the code and reduces confusion in the area.

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Nicholas A. Bellinger <nab@linux-iscsi.org>
Signed-off-by: Jens Axboe <axboe@fb.com>
2014-07-01 10:31:13 -06:00
Tejun Heo 776687bce4 block, blk-mq: draining can't be skipped even if bypass_depth was non-zero
Currently, both blk_queue_bypass_start() and blk_mq_freeze_queue()
skip queue draining if bypass_depth was already above zero.  The
assumption is that the one which bumped the bypass_depth should have
performed draining already; however, there's nothing which prevents a
new instance of bypassing/freezing from starting before the previous
one finishes draining.  The current code may allow the later
bypassing/freezing instances to complete while there still are
in-flight requests which haven't finished draining.

Fix it by draining regardless of bypass_depth.  We still skip draining
from blk_queue_bypass_start() while the queue is initializing to avoid
introducing excessive delays during boot.  INIT_DONE setting is moved
above the initial blk_queue_bypass_end() so that bypassing attempts
can't slip inbetween.

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Nicholas A. Bellinger <nab@linux-iscsi.org>
Signed-off-by: Jens Axboe <axboe@fb.com>
2014-07-01 10:29:17 -06:00
Tejun Heo 531ed6261e blk-mq: fix a memory ordering bug in blk_mq_queue_enter()
blk-mq uses a percpu_counter to keep track of how many usages are in
flight.  The percpu_counter is drained while freezing to ensure that
no usage is left in-flight after freezing is complete.

blk_mq_queue_enter/exit() and blk_mq_[un]freeze_queue() implement this
per-cpu gating mechanism; unfortunately, it contains a subtle bug -
smp_wmb() in blk_mq_queue_enter() doesn't prevent prevent the cpu from
fetching @q->bypass_depth before incrementing @q->mq_usage_counter and
if freezing happens inbetween the caller can slip through and freezing
can be complete while there are active users.

Use smp_mb() instead so that bypass_depth and mq_usage_counter
modifications and tests are properly interlocked.

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Nicholas A. Bellinger <nab@linux-iscsi.org>
Signed-off-by: Jens Axboe <axboe@fb.com>
2014-07-01 10:27:06 -06:00
Jens Axboe 17737d3b59 Merge branch 'for-3.17' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu into for-3.17/core
Merge the percpu_ref changes from Tejun, he says they are stable now.
2014-07-01 10:19:04 -06:00
Linus Torvalds 4c834452aa Linux 3.16-rc3 2014-06-29 14:11:36 -07:00
Linus Torvalds ef2e0391e5 Merge branch 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm
Pull ARM fixes from Russell King:
 "Another round of ARM fixes.  The largest change here is the L2 changes
  to work around problems for the Armada 37x/380 devices, where most of
  the size comes down to comments rather than code.

  The other significant fix here is for the ptrace code, to ensure that
  rewritten syscalls work as intended.  This was pointed out by Kees
  Cook, but Will Deacon reworked the patch to be more elegant.

  The remainder are fairly trivial changes"

* 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
  ARM: 8087/1: ptrace: reload syscall number after secure_computing() check
  ARM: 8086/1: Set memblock limit for nommu
  ARM: 8085/1: sa1100: collie: add top boot mtd partition
  ARM: 8084/1: sa1100: collie: revert back to cfi_probe
  ARM: 8080/1: mcpm.h: remove unused variable declaration
  ARM: 8076/1: mm: add support for HW coherent systems in PL310 cache
2014-06-29 13:40:08 -07:00
Randy Dunlap 97be078b87 MAINTAINERS: exceptions for Documentation maintainer
Note that I don't maintain Documentation/ABI/,
Documentation/devicetree/, or the language translation files.

Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-06-29 13:38:33 -07:00
Dan Carpenter 7d19e91b52 Documentation: add section about git to email-clients.txt
These days most people use git to send patches so I have added a section
about that.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-06-29 13:38:33 -07:00
Will Deacon 42309ab450 ARM: 8087/1: ptrace: reload syscall number after secure_computing() check
On the syscall tracing path, we call out to secure_computing() to allow
seccomp to check the syscall number being attempted. As part of this, a
SIGTRAP may be sent to the tracer and the syscall could be re-written by
a subsequent SET_SYSCALL ptrace request. Unfortunately, this new syscall
is ignored by the current code unless TIF_SYSCALL_TRACE is also set on
the current thread.

This patch slightly reworks the enter path of the syscall tracing code
so that we always reload the syscall number from
current_thread_info()->syscall after the potential ptrace traps.

Acked-by: Kees Cook <keescook@chromium.org>
Tested-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-29 10:29:35 +01:00
Laura Abbott 6980c3e251 ARM: 8086/1: Set memblock limit for nommu
Commit 1c2f87c (ARM: 8025/1: Get rid of meminfo) changed find_limits
to use memblock_get_current_limit for calculating the max_low pfn.
nommu targets never actually set a limit on memblock though which
means memblock_get_current_limit will just return the default
value. Set the memblock_limit to be the end of DDR to make sure
bounds are calculated correctly.

Signed-off-by: Laura Abbott <lauraa@codeaurora.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-29 10:29:34 +01:00
Andrea Adami 3abe742339 ARM: 8085/1: sa1100: collie: add top boot mtd partition
The CFI mapping is now perfect so we can expose the top block, read only.
There isn't much to read, though, just the sharpsl_params values.

Signed-off-by: Andrea Adami <andrea.adami@gmail.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-29 10:29:34 +01:00
Andrea Adami 92183103d8 ARM: 8084/1: sa1100: collie: revert back to cfi_probe
Reverts commit d26b17edaf
ARM: sa1100: collie.c: fall back to jedec_probe flash detection

Unfortunately the detection was challenged on the defective unit used for tests:
one of the NOR chips did not respond to the CFI query.
Moreover that bad device needed extra delays on erase-suspend/resume cycles.

Tested personally on 3 different units and with feedback of two other users.

Signed-off-by: Andrea Adami <andrea.adami@gmail.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-29 10:29:33 +01:00
Nicolas Pitre d0ba7cc02c ARM: 8080/1: mcpm.h: remove unused variable declaration
The sync_phys variable has been replaced by link time computation in
mcpm_head.S before the code was submitted upstream.

Signed-off-by: Nicolas Pitre <nico@linaro.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-29 10:29:32 +01:00
Thomas Petazzoni 98ea2dba65 ARM: 8076/1: mm: add support for HW coherent systems in PL310 cache
When a PL310 cache is used on a system that provides hardware
coherency, the outer cache sync operation is useless, and can be
skipped. Moreover, on some systems, it is harmful as it causes
deadlocks between the Marvell coherency mechanism, the Marvell PCIe
controller and the Cortex-A9.

To avoid this, this commit introduces a new Device Tree property
'arm,io-coherent' for the L2 cache controller node, valid only for the
PL310 cache. It identifies the usage of the PL310 cache in an I/O
coherent configuration. Internally, it makes the driver disable the
outer cache sync operation.

Note that technically speaking, a fully coherent system wouldn't
require any of the other .outer_cache operations. However, in
practice, when booting secondary CPUs, these are not yet coherent, and
therefore a set of cache maintenance operations are necessary at this
point. This explains why we keep the other .outer_cache operations and
only ->sync is disabled.

While in theory any write to a PL310 register could cause the
deadlock, in practice, disabling ->sync is sufficient to workaround
the deadlock, since the other cache maintenance operations are only
used in very specific situations.

Contrary to previous versions of this patch, this new version does not
simply NULL-ify the ->sync member, because the l2c_init_data
structures are now 'const' and therefore cannot be modified, which is
a good thing. Therefore, this patch introduces a separate
l2c_init_data instance, called of_l2c310_coherent_data.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-06-29 10:26:37 +01:00
Linus Torvalds 24b414d5a7 spi: Fixes for v3.16
A few driver specific fixes, the biggest one being a fix for the newly
 added Qualcomm SPI controller driver to make it not use its internal
 chip select due to hardware bugs, replacing it with GPIOs.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJTrr4lAAoJELSic+t+oim9/30P/3wie8c4eNjRQLPYrNmq9y1t
 S9sF6U6ur3mDD1GXol1hoe3FU3aaF9TiNU8sq8wtj2TCvmB6BLlH70uKdIIbKB4B
 b1WVNoclBTZYE3v8FdsJce5eyBjaNY90cRJ5TGwwIWowSNuWwo0/+1zWWzzyH9AF
 u2STutPSZAJL99RRnUZj+5zx9cspTnc+TNX5UFIXbRcvLPnYkg8TeQvXFUAH9CgL
 p0sbveu8C3ZS2es5h1Py/f9v0/Pv00fGCVNW073JA82I5viUAogI5+63e65kKZcm
 xjdY4yIrIrsORjbpUny7YjkgdxdpAWjO4IFnFdPT4GZBe9Ad7ACYKfiox/q/EO7O
 H8z8v6Ebq/6+wV9uvZtSTIWd2PRV7YUsYijTZGFN02+f4QQq5OckgQMD0ODOBb4k
 uI1qiTcd11g1gXlExne23fzvBzpCfD1h2N8h/DyXRBhlyb9NupaABjqVP/fkds5g
 k5j6VuYcGy3UZeGmSOrx85d5pWgOBp/hDJ8DwWo9AUGPrnDx9HgAerxhNMXaJcQA
 PFypfT2L23ACxbTSZmAj2uRbKv4zyiqM+xtxdLmY/KrvpuDoKAlDGtZV1TFeNo7c
 4H3c96fAc/i0BsinY3b1weQ+oGNcNWv9nvdqVGxuBvWs862HkvUcP5mB5ki5BGxh
 h3uVSfQeETPizC+3w52A
 =Jdak
 -----END PGP SIGNATURE-----

Merge tag 'spi-v3.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi

Pull spi fixes from Mark Brown:
 "A few driver specific fixes, the biggest one being a fix for the newly
  added Qualcomm SPI controller driver to make it not use its internal
  chip select due to hardware bugs, replacing it with GPIOs"

* tag 'spi-v3.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi:
  spi: qup: Remove chip select function
  spi: qup: Fix order of spi_register_master
  spi: sh-sci: fix use-after-free in sh_sci_spi_remove()
  spi/pxa2xx: fix incorrect SW mode chipselect setting for BayTrail LPSS SPI
2014-06-28 11:32:32 -07:00
Linus Torvalds 4194976b09 regulator: Fixes for v3.16
Several driver specific fixes here, the palmas fixes being especially
 important for a range of boards - the recent updates to support new
 devices have introduced several regressions.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJTrsM3AAoJELSic+t+oim9ACIP/RIatlNlq0ALnWaYqaGCkQIF
 /kQJkBmInCIZ9e7zumnOxpE39OQIcfhqpQeH1aeVlQA6FabGhjdss8AJoM0VbUNS
 Cj46QnvADMruuow/ZQ4er2Na2w0lzO7CGffnrK+J1N2K3mivkJbBDomtYyJ93/kw
 rgqEWahszvIvHFD+yFITDhFW7I1f6YaKGj7oTIh844XD3kmphXxCRgQuojYaw7Xa
 qwLou8OfQL7NZv+z5suffO6n6ga3FgxNge+zynPXSx9lUgnUL/DZzf4tbE42GyXk
 wPANjTg2JBAwyb/X6zvb7hU7ag5clZhpfvOZRtmYHeyQDQcdUYfVKadBZE9ZAqQv
 1B6q5XJQeE/XzHicQav0WN+FI/lOdf/ePyRRL2kGqAdQkDqnBM3lpRvM8c7uAhLT
 r75z822QBug7pw9HSUN3CIhTMpHxdmXq3tVLGOULLXdBxDPNOvXEKqjj3khj+NZm
 5JJEcCYsu0PgbyJKdSF/yIeCFLY0slXNfnuWUvoMlOcpY3EgxwUi+FOxjmPxhq5v
 df47PJ4vcRXh/wHeA1oZQ1NDUEMfP1iX4ysUktQfaUUKq1QjdIegj4aykRHriVfc
 OQGJ4S3Dco8FDeWZtpmaFnA68cJR4nFCMzZOqLiK/wHadpF7qcgEKNync0QAvKK3
 Y15h23vpcq+OWdHGnObL
 =K0Hp
 -----END PGP SIGNATURE-----

Merge tag 'regulator-v3.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator

Pull regulator fixes from Mark Brown:
 "Several driver specific fixes here, the palmas fixes being especially
  important for a range of boards - the recent updates to support new
  devices have introduced several regressions"

* tag 'regulator-v3.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator:
  regulator: tps65218: Correct the the config register for LDO1
  regulator: tps65218: Add the missing of_node assignment in probe
  regulator: palmas: fix typo in enable_reg calculation
  regulator: bcm590xx: fix vbus name
  regulator: palmas: Fix SMPS enable/disable/is_enabled
2014-06-28 11:31:58 -07:00
Linus Torvalds eb477e03fe Merge git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending
Pull SCSI target fixes from Nicholas Bellinger:
 "Mostly minor fixes this time around.  The highlights include:

   - iscsi-target CHAP authentication fixes to enforce explicit key
     values (Tejas Vaykole + rahul.rane)
   - fix a long-standing OOPs in target-core when a alua configfs
     attribute is accessed after port symlink has been removed.
     (Sebastian Herbszt)
   - fix a v3.10.y iscsi-target regression causing the login reject
     status class/detail to be ignored (Christoph Vu-Brugier)
   - fix a v3.10.y iscsi-target regression to avoid rejecting an
     existing ITT during Data-Out when data-direction is wrong (Santosh
     Kulkarni + Arshad Hussain)
   - fix a iscsi-target related shutdown deadlock on UP kernels (Mikulas
     Patocka)
   - fix a v3.16-rc1 build issue with vhost-scsi + !CONFIG_NET (MST)"

* git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending:
  iscsi-target: fix iscsit_del_np deadlock on unload
  iovec: move memcpy_from/toiovecend to lib/iovec.c
  iscsi-target: Avoid rejecting incorrect ITT for Data-Out
  tcm_loop: Fix memory leak in tcm_loop_submission_work error path
  iscsi-target: Explicily clear login response PDU in exception path
  target: Fix left-over se_lun->lun_sep pointer OOPs
  iscsi-target; Enforce 1024 byte maximum for CHAP_C key value
  iscsi-target: Convert chap_server_compute_md5 to use kstrtoul
2014-06-28 09:43:58 -07:00
Mark Brown 7216a41839 Merge remote-tracking branches 'spi/fix/pxa2xx', 'spi/fix/qup' and 'spi/fix/sh-sci' into spi-linus 2014-06-28 14:01:23 +01:00
Mark Brown 11767484b8 Merge remote-tracking branches 'regulator/fix/bcm590xx', 'regulator/fix/palmas' and 'regulator/fix/tps65218' into regulator-linus 2014-06-28 14:01:04 +01:00
Tejun Heo 2d7227828e percpu-refcount: implement percpu_ref_reinit() and percpu_ref_is_zero()
Now that explicit invocation of percpu_ref_exit() is necessary to free
the percpu counter, we can implement percpu_ref_reinit() which
reinitializes a released percpu_ref.  This can be used implement
scalable gating switch which can be drained and then re-opened without
worrying about memory allocation failures.

percpu_ref_is_zero() is added to be used in a sanity check in
percpu_ref_exit().  As this function will be useful for other purposes
too, make it a public interface.

v2: Use smp_read_barrier_depends() instead of smp_load_acquire().  We
    only need data dep barrier and smp_load_acquire() is stronger and
    heavier on some archs.  Spotted by Lai Jiangshan.

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Kent Overstreet <kmo@daterainc.com>
Cc: Christoph Lameter <cl@linux-foundation.org>
Cc: Lai Jiangshan <laijs@cn.fujitsu.com>
2014-06-28 08:10:14 -04:00
Tejun Heo 9a1049da9b percpu-refcount: require percpu_ref to be exited explicitly
Currently, a percpu_ref undoes percpu_ref_init() automatically by
freeing the allocated percpu area when the percpu_ref is killed.
While seemingly convenient, this has the following niggles.

* It's impossible to re-init a released reference counter without
  going through re-allocation.

* In the similar vein, it's impossible to initialize a percpu_ref
  count with static percpu variables.

* We need and have an explicit destructor anyway for failure paths -
  percpu_ref_cancel_init().

This patch removes the automatic percpu counter freeing in
percpu_ref_kill_rcu() and repurposes percpu_ref_cancel_init() into a
generic destructor now named percpu_ref_exit().  percpu_ref_destroy()
is considered but it gets confusing with percpu_ref_kill() while
"exit" clearly indicates that it's the counterpart of
percpu_ref_init().

All percpu_ref_cancel_init() users are updated to invoke
percpu_ref_exit() instead and explicit percpu_ref_exit() calls are
added to the destruction path of all percpu_ref users.

Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Benjamin LaHaise <bcrl@kvack.org>
Cc: Kent Overstreet <kmo@daterainc.com>
Cc: Christoph Lameter <cl@linux-foundation.org>
Cc: Benjamin LaHaise <bcrl@kvack.org>
Cc: Nicholas A. Bellinger <nab@linux-iscsi.org>
Cc: Li Zefan <lizefan@huawei.com>
2014-06-28 08:10:14 -04:00
Tejun Heo 7d74207512 percpu-refcount: use unsigned long for pcpu_count pointer
percpu_ref->pcpu_count is a percpu pointer with a status flag in its
lowest bit.  As such, it always goes through arithmetic operations
which is very cumbersome to do on a pointer.  It has to be first
casted to unsigned long and then back.

Let's just make the field unsigned long so that we can skip the first
casts.  While at it, rename it to pcpu_counter_ptr to clarify that
it's a pointer value.

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Kent Overstreet <kmo@daterainc.com>
Cc: Christoph Lameter <cl@linux-foundation.org>
2014-06-28 08:10:13 -04:00
Tejun Heo eae7975ddf percpu-refcount: add helpers for ->percpu_count accesses
* All four percpu_ref_*() operations implemented in the header file
  perform the same operation to determine whether the percpu_ref is
  alive and extract the percpu pointer.  Factor out the common logic
  into __pcpu_ref_alive().  This doesn't change the generated code.

* There are a couple places in percpu-refcount.c which masks out
  PCPU_REF_DEAD to obtain the percpu pointer.  Factor it out into
  pcpu_count_ptr().

* The above changes make the WARN_ON_ONCE() conditional at the top of
  percpu_ref_kill_and_confirm() the only user of REF_STATUS().  Test
  PCPU_REF_DEAD directly and remove REF_STATUS().

This patch doesn't introduce any functional change.

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Kent Overstreet <kmo@daterainc.com>
Cc: Christoph Lameter <cl@linux-foundation.org>
2014-06-28 08:10:13 -04:00
Tejun Heo d630dc4c9a percpu-refcount: one bit is enough for REF_STATUS
percpu-refcount currently reserves two lowest bits of its percpu
pointer to indicate its state; however, only one bit is used for
PCPU_REF_DEAD.

Simplify it by removing PCPU_STATUS_BITS/MASK and testing
PCPU_REF_DEAD directly.  This also allows the compiler to choose a
more efficient instruction depending on the architecture.

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Kent Overstreet <kmo@daterainc.com>
Cc: Christoph Lameter <cl@linux-foundation.org>
2014-06-28 08:10:12 -04:00
Tejun Heo 55c6c814ae percpu-refcount, aio: use percpu_ref_cancel_init() in ioctx_alloc()
ioctx_alloc() reaches inside percpu_ref and directly frees
->pcpu_count in its failure path, which is quite gross.  percpu_ref
has been providing a proper interface to do this,
percpu_ref_cancel_init(), for quite some time now.  Let's use that
instead.

This patch doesn't introduce any behavior changes.

Signed-off-by: Tejun Heo <tj@kernel.org>
Acked-by: Benjamin LaHaise <bcrl@kvack.org>
Cc: Kent Overstreet <kmo@daterainc.com>
2014-06-28 08:10:12 -04:00
Mikulas Patocka 81a9c5e72b iscsi-target: fix iscsit_del_np deadlock on unload
On uniprocessor preemptible kernel, target core deadlocks on unload. The
following events happen:
* iscsit_del_np is called
* it calls send_sig(SIGINT, np->np_thread, 1);
* the scheduler switches to the np_thread
* the np_thread is woken up, it sees that kthread_should_stop() returns
  false, so it doesn't terminate
* the np_thread clears signals with flush_signals(current); and goes back
  to sleep in iscsit_accept_np
* the scheduler switches back to iscsit_del_np
* iscsit_del_np calls kthread_stop(np->np_thread);
* the np_thread is waiting in iscsit_accept_np and it doesn't respond to
  kthread_stop

The deadlock could be resolved if the administrator sends SIGINT signal to
the np_thread with killall -INT iscsi_np

The reproducible deadlock was introduced in commit
db6077fd0b, but the thread-stopping code was
racy even before.

This patch fixes the problem. Using kthread_should_stop to stop the
np_thread is unreliable, so we test np_thread_state instead. If
np_thread_state equals ISCSI_NP_THREAD_SHUTDOWN, the thread exits.

Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Cc: stable@vger.kernel.org
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-27 23:23:35 -07:00
Linus Torvalds 3e7b256cba IOMMU Fixes for Linux v3.16-rc1
* Fix VT-d regression with handling multiple RMRR entries per
 	  device
 	* Fix a small race that was left in the mmu_notifier handling in
 	  the AMD IOMMUv2 driver
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJTqTeIAAoJECvwRC2XARrjL0gQAMLPRDWaXPsVxlq3pAMb+My4
 AzqB5jBWV4sNNt/jg/qa81FI6MvDknkNlAO2iCJa71nBnuGQFD6V9Rwp5wzWTJpe
 M29UV3ZDaUgH6ox3oPHUtnNtsSJhJ8E23qL/q5gBPIL8eM21Gworau/CkNfGf3DA
 K/ut3KhyqHHcGlST27CAKwH2QyvcdXOpwL4xLLB1buv3SWW2EjVqeXA8c5YqybQy
 a9ucoLKp8MrosTvrzSYgZzYfOJCaSpzfVwEC2G2Hrh2IHdrRNE5GcFu07qrR2cLC
 1QKBVaCgK5PSPQAd8fhg0lfwzIUPi0ZrxjPhdQlG+E+V1SNFU5tcVdn0p8TmljLN
 3vGdRS90o3XM2pkdv6h1pkzEd6aukBw5LkORYcMJwDEn40S2lSYW2za+sOkyAltH
 jgHDQDtRCMnJpj7fa6x5Nk3VkWBRbdpuyJLPmqzMwhUzGq1FUrM1PSIo9962u3nk
 BhRP0A5/emaH/Fc94S+sspfOHYVnpqr/wtRrMln7xbIrKSxyQh3MX9J7vHxpw/Wl
 qWGYFV4RfG+JT9dGF+SAZTVFLTpgnh32gpKHJgUkahAyxHQVuckmk99XD1ScpDCD
 fArbvL+SCo/i35aScAvzP0+lXJggfeaeslGKPHQx8FLY+zrV2krYEBh3hBlXibJT
 turjVNs8gAwE6uzp1+Cv
 =ZWyp
 -----END PGP SIGNATURE-----

Merge tag 'iommu-fixes-v3.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu

Pull IOMMU fixes from Joerg Roedel:

 - fix VT-d regression with handling multiple RMRR entries per device

 - fix a small race that was left in the mmu_notifier handling in the
   AMD IOMMUv2 driver

* tag 'iommu-fixes-v3.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
  iommu/amd: Fix small race between invalidate_range_end/start
  iommu/vt-d: fix bug in handling multiple RMRRs for the same PCI device
2014-06-27 19:00:45 -07:00
Linus Torvalds d1fc98ba96 Merge branch 'x86/urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fixes from Peter Anvin:
 "A pile of fixes related to the VDSO, EFI and 32-bit badsys handling.

  It turns out that removing the section headers from the VDSO breaks
  gdb, so this puts back most of them.  A very simple typo broke
  rt_sigreturn on some versions of glibc, with obviously disastrous
  results.  The rest is pretty much fixes for the corresponding fallout.

  The EFI fixes fixes an arithmetic overflow on 32-bit systems and
  quiets some build warnings.

  Finally, when invoking an invalid system call number on x86-32, we
  bypass a bunch of handling, which can make the audit code oops"

* 'x86/urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  efi-pstore: Fix an overflow on 32-bit builds
  x86/vdso: Error out in vdso2c if DT_RELA is present
  x86/vdso: Move DISABLE_BRANCH_PROFILING into the vdso makefile
  x86_32, signal: Fix vdso rt_sigreturn
  x86_32, entry: Do syscall exit work on badsys (CVE-2014-4508)
  x86/vdso: Create .build-id links for unstripped vdso files
  x86/vdso: Remove some redundant in-memory section headers
  x86/vdso: Improve the fake section headers
  x86/vdso2c: Use better macros for ELF bitness
  x86/vdso: Discard the __bug_table section
  efi: Fix compiler warnings (unused, const, type)
2014-06-27 18:43:03 -07:00
Linus Torvalds c9a606660e Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus
Pull MIPS fixes from Ralf Baechle:
 "This is dominated by a large number of changes necessary for the MIPS
  BPF code.  code.  Aside of that there are

   - a fix for the MSC system controller support code.
   - a Turbochannel fix.
   - a recordmcount fix that's MIPS-specific.
   - barrier fixes to smp-cps / pm-cps after unrelated changes elsewhere
     in the kernel.
   - revert support for MSA registers in the signal frames.  The
     reverted patch did modify the signal stack frame which of course is
     inacceptable.
   - fix math-emu build breakage with older compilers.
   - some related cleanup.
   - fix Lasat build error if CONFIG_CRC32 isn't set to y by the user"

* 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus: (27 commits)
  MIPS: Lasat: Fix build error if CRC32 is not enabled.
  TC: Handle device_register() errors.
  MIPS: MSC: Prevent out-of-bounds writes to MIPS SC ioremap'd region
  MIPS: bpf: Fix stack space allocation for BPF memwords on MIPS64
  MIPS: BPF: Use 32 or 64-bit load instruction to load an address to register
  MIPS: bpf: Fix PKT_TYPE case for big-endian cores
  MIPS: BPF: Prevent kernel fall over for >=32bit shifts
  MIPS: bpf: Drop update_on_xread and always initialize the X register
  MIPS: bpf: Fix is_range() semantics
  MIPS: bpf: Use pr_debug instead of pr_warn for unhandled opcodes
  MIPS: bpf: Fix return values for VLAN_TAG_PRESENT case
  MIPS: bpf: Use correct mask for VLAN_TAG case
  MIPS: bpf: Fix branch conditional for BPF_J{GT/GE} cases
  MIPS: bpf: Add SEEN_SKB to flags when looking for the PKT_TYPE
  MIPS: bpf: Use 'andi' instead of 'and' for the VLAN cases
  MIPS: bpf: Return error code if the offset is a negative number
  MIPS: bpf: Use the LO register to get division's quotient
  MIPS: mm: uasm: Fix lh micro-assembler instruction
  MIPS: uasm: Add SLT uasm instruction
  MIPS: uasm: Add s3s1s2 instruction builder
  ...
2014-06-27 18:37:56 -07:00
Linus Torvalds 1857a5b65c ARC fixes for 3.16
Some SMP changes, a ptrace request for NPTL debugging,
 bunch of build breakages/warnings
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.14 (GNU/Linux)
 
 iQIcBAABAgAGBQJTrWA6AAoJEGnX8d3iisJeQBoP/jZNSOnuzmOthsVTT9e5F6N5
 57mt+KM2QWIrBXYTTMXw6TcgSFt52gGgvvUAcYNXrgWq1aOT3VcVk9KJFxgsrDhi
 wLOaU4lNVTCgU0riQKofLThWgZYUcZWRxbngEQ2CX1cauIjHH7Cxdt9x5tFFsuaP
 xvPP3zrkpStq05v4ZwGsIMguK8SHTNFHJKFDAEqJk8t1iTIz0yIoMWvArlDeWE4A
 7ackSRzvdNmfirnJCl+bVbhDFiQ2hCdrtgfQG5sVQaI3XPVib/RvW9dDJ99XEzal
 2iBXfjBe15UvzHt+ZBn47cgJpghfCVGfyH0EgeP0jhxilrdQSZw59px0GhpuUIh2
 Avf7cNqhgy+YwOSjW2y0Glyh3dih61wbY7Cajo3W6uTomLFrgE4cq5oNF+8yGbbF
 ez9A11Mnbij7y0ajBg4+5acTd22gEKc5MunbRiIWSSbBtDCVgpIvZoDsewRW/nPY
 lBd50yXxBShIQ/OpvnhBg1zSsQwv5IWXH7QwpWPMcZHfMOiRcCdE3r/jAjLSF2H5
 hk4l+DwkbIdA2qBBQ3kHCxCMcVTRm08aaqdR459SXhzYB6gooDzWqiIXcmFkfXpr
 6nI4muqjQAvIe8JBgKsZmvepCszenVs44NYSUlcGd28yrYYWJ6aixhi+xIzzjK1R
 Fr70up4HZJdPso39d8oC
 =azkJ
 -----END PGP SIGNATURE-----

Merge tag 'arc-fixes-for-3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc

Pull ARC fixes from Vineet Gupta:
 "Some SMP changes, a ptrace request for NPTL debugging, bunch of build
  breakages/warnings"

* tag 'arc-fixes-for-3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc:
  ARC: [SMP] Enable icache coherency
  ARC: [SMP] Fix IPI IRQ registration
  ARC: Implement ptrace(PTRACE_GET_THREAD_AREA)
  ARC: optimize kernel bss clearing in early boot code
  ARC: Fix build breakage for !CONFIG_ARC_DW2_UNWIND
  ARC: fix build warning in devtree
  ARC: remove checks for CONFIG_ARC_MMU_V4
2014-06-27 18:36:50 -07:00
Linus Torvalds 8dd68eb3ca Compress bugfix for 3.16-rc3
Here is another lz4 bugfix for 3.16-rc3 that resolves a reported issue
 with that compression algorithm.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iEYEABECAAYFAlOuGXoACgkQMUfUDdst+ym2ggCgyo0pzGL72nt2lT4QjriPhLAq
 3nwAnjB4x3sezmwoqlkqfhKGuRon2lMw
 =Tcxf
 -----END PGP SIGNATURE-----

Merge tag 'compress-3.16-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core

Pull compress bugfix from Greg KH:
 "Here is another lz4 bugfix for 3.16-rc3 that resolves a reported issue
  with that compression algorithm"

* tag 'compress-3.16-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core:
  lz4: fix another possible overrun
2014-06-27 18:33:49 -07:00
Linus Torvalds 772205d8e4 Bug-fix:
* Don't assume that 0 as a physical address is incorrect and fail the request.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJTpJSbAAoJEFjIrFwIi8fJSDQH/3wm3iDUrW+yxxXofTG056v3
 mO4Yl2xAuP5bTVIQWEGU/3hxkfuHF4fKdHYULbZGmVMDfmT7SfnkT67i2uCFu3y5
 H7/GjZwbo5Oz6PCWrR+xAd2Xp3TuDhs24/wi7xFhWswgacZWEJzjC41jGqJEZbpB
 iidyI3z7/LppJcJAxzeBjCuqj//zL26Bk2nOKNtZIdRX4G+bEpRVRDLDBo7wSUmN
 BIZysIsQtid24GwiV3FsG5WQypdIFSDJRNlkIeUHOEpVd9QDuTZLU5xbtM0suwHy
 mAjaNTg3uGUoUbTrvf/lNmaxg1546moj2z2gKWCYJ9aEI28kNxI/G/mJ4ml2hWQ=
 =wH3p
 -----END PGP SIGNATURE-----

Merge tag 'stable/for-linus-3.16-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/swiotlb

Pull swiotlb bugfix from Konrad Rzeszutek Wilk:
 "One bug-fix that had been in tree for quite some time.  We had assumed
  that the physical address zero was invalid and would fail it.  But
  that is not true and on some architectures it is not reserved and
  valid.  This fixes it"

* tag 'stable/for-linus-3.16-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/swiotlb:
  swiotlb: don't assume PA 0 is invalid
2014-06-27 18:04:22 -07:00
Linus Torvalds cf0d135649 sound fixes for 3.16-rc3
Here includes a few patchset for fixing mostly HD-audio issues in
 addition to a patch assuring the compress API bytes alignment and a
 fix for the die-hard existing race condition at USB-audio
 disconnection.  The volume looks big in Realtek HD-audio code, but
 it's just a translation of the fixup tables, and the actual changes
 are rather trivial.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJTrUKNAAoJEGwxgFQ9KSmkuO0QALbjrcJ435F/Ycn6jR3pR8xB
 q8kJzkB/iJ+miukBDhjTSDsDH3niZJ5yHvtmkij5Q9arzPPJm9pd4R6UZPDJiKje
 S9RenZDqeWN3+WomdHL5LnlaUx1FC/DZGcyuE+mn0UKTzXdnbBx1S6fB63XuTWGX
 SpGTBAGqRUUcpoXlwPvMhEkZrSKibfp+rKM9KqRZf/kCspimgkQw9xTptts7YEsj
 6EBssWVSaw8TpxNDBqw6SPZdeW9kuCrMhVt39O158ceTEQ9NlCVqcNBjnN71inCD
 J/bu/QyN4UDht2otRx/1L5cK4Dho1U8K13ZzcV5Z3+3vpkzkPuCwU/Oe0Q9cEi9a
 aL36Y7qhueWGSEpGn4wnBIdkzX4MM0kOnOjPldC71wDNzsB5zOoXu9Dy652rtOTI
 tTGHw2fi0WUTTqOPfYT5u0QYH1H4wNMV9c+jSdWNcoj92cG7brgIzWph9gRTAMtY
 NeKa0rPtCvGfKy4Iin/ncDpBkgjm8UOZutmCCHvztdIGa8zPTCOLqo57kf+Jun9x
 P0USSpu99qU3EQ6JqpaxaucpAPRzTWPVVTFRd/GK6c/Td50KIRKEyCNd+5klFC29
 BIc2RxTGiv+dLoLjVgwvy9wuQrBEtnXlfCSTcyaxLS2xxy10tcOrwBGVo9AAzcZN
 ZfPqLDTMlg6dqoKFV21Q
 =iKT+
 -----END PGP SIGNATURE-----

Merge tag 'sound-3.16-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound

Pull sound fixes from Takashi Iwai:
 "Here includes a few patchset for fixing mostly HD-audio issues in
  addition to a patch assuring the compress API bytes alignment and a
  fix for the die-hard existing race condition at USB-audio
  disconnection.  The volume looks big in Realtek HD-audio code, but
  it's just a translation of the fixup tables, and the actual changes
  are rather trivial"

* tag 'sound-3.16-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ALSA: hda - restore BCLK M/N values when resuming HSW/BDW display controller
  ALSA: usb-audio: Fix races at disconnection and PCM closing
  ALSA: hda - Adjust speaker HPF and add LED support for HP Spectre 13
  ALSA: hda - Make the pin quirk tables use the SND_HDA_PIN_QUIRK macro
  ALSA: hda - Make a SND_HDA_PIN_QUIRK macro
  ALSA: hda - Add pin quirk for Dell XPS 15
  ALSA: hda - hdmi: call overridden init on resume
  ALSA: hda - Fix usage of "model" module parameter
  ALSA: compress: fix the struct alignment to 4 bytes
2014-06-27 17:21:36 -07:00
Linus Torvalds 5ded6ea462 Couple of simple fixes due for the v3.16 -rcs.
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.14 (GNU/Linux)
 
 iQIcBAABAgAGBQJTrUkLAAoJEFGvii+H/HdhIvYP/jjGSsJcEa3wcD8Mi9gFc1SN
 /lspNCCW4CZgBJN9jzz5uCh68SjtllbxEnjOuL04CsnVZSIp4N1+zdJyM997e4oA
 Ge6cu3fxy62Jghnq+l8YmJf8tZ8VtDdNrLX4+gOIyu2gyQfVEthHOitcd+NcDUuD
 vI/sV+N9jDfe1vqNSJTLV3OQ8IV9S4z8gF054yT1j0r1dLjPs6SV1XAW3UYtlCrK
 f+LtS3vowSnIymFke7XYyITY4Ad/vLXbW5E5iubKO6xNwlpRfFx9Txmpe4S+bIN3
 GV/pZNhhWuIpdYlf70BRpbR/wSVoCUAQ9XhgZOMNMITWYNysqWdRie28pPZpRarF
 VoXOsBVzISebDyTzNBsLj6iXNiozCZeOWIt4gPbM8RBsIjGU/Ux0C+ta18W6y1t/
 iAVQPNd8PeTK2HTTDAUqMz4VIuRxGSYSyE+L08Ui1RvlqlMJkGDp4smNOO3PKQRD
 pahD0eCPURbppiZ8+8fcqUjLBEvD9JYzZgB9Apvp/8wDpWPO0hIFZNENxXUZQzGN
 eTXDwQx+DH5NjHUH2dwaEJN8yxIUH1RKkQ6m9qBSWAy2jKYusNON9DTyvz17THS6
 tjONGfC3L57TTsm1VOrZUQrMfclWGjpoVcHQdZFtdcFH+cTOzNSmzL+w4k5C8sTT
 VAje5qbrnvJeW8MYAsE2
 =stYK
 -----END PGP SIGNATURE-----

Merge tag 'mfd-fixes-3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd

Pull MFD fixes from Lee Jones:
 "Couple of simple fixes due for the v3.16 -rcs"

* tag 'mfd-fixes-3.16' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd:
  mfd: ab8500: Fix dt irq mapping
  mfd: davinci: Voicecodec needs regmap_mmio
  mfd: STw481x: Allow modular build
  mfd: UCB1x00: Enable modular build
2014-06-27 17:20:48 -07:00
Linus Torvalds c163b524d2 Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux
Pull drm fixes from Dave Airlie:
 "Exynos, i915 and msm fixes and one core fix.

  exynos:
     hdmi power off and mixer issues

  msm:
     iommu, build fixes,

  i915:
     regression races and warning fixes"

* 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: (22 commits)
  drm/i915: vlv_prepare_pll is only needed in case of non DSI interfaces
  drm: fix NULL pointer access by wrong ioctl
  drm/exynos: enable vsync interrupt while waiting for vblank
  drm/exynos: soft reset mixer before reconfigure after power-on
  drm/exynos: allow multiple layer updates per vsync for mixer
  drm/i915: Hold the table lock whilst walking the file's idr and counting the objects in debugfs
  drm/i915: BDW: Adding Reserved PCI IDs.
  drm/i915: Only mark the ctx as initialised after a SET_CONTEXT operation
  drm/exynos: stop mixer before gating clocks during poweroff
  drm/exynos: set power state variable after enabling clocks and power
  drm/exynos: disable unused windows on apply
  drm/exynos: Fix de-registration ordering
  drm/exynos: change zero to NULL for sparse
  drm/exynos: dpi: Fix NULL pointer dereference with legacy bindings
  drm/exynos: hdmi: fix power order issue
  drm/i915: default to having backlight if VBT not available
  drm/i915: cache hw power well enabled state
  drm/msm: fix IOMMU cleanup for -EPROBE_DEFER
  drm/msm: use PAGE_ALIGNED instead of IS_ALIGNED(PAGE_SIZE)
  drm/msm/hdmi: set hdp clock rate before prepare_enable
  ...
2014-06-27 17:05:39 -07:00
Michael S. Tsirkin ac5ccdba3a iovec: move memcpy_from/toiovecend to lib/iovec.c
ERROR: "memcpy_fromiovecend" [drivers/vhost/vhost_scsi.ko] undefined!

commit 9f977ef7b6
    vhost-scsi: Include prot_bytes into expected data transfer length
in target-pending makes drivers/vhost/scsi.c call memcpy_fromiovecend().
This function is not available when CONFIG_NET is not enabled.

socket.h already includes uio.h, so no callers need updating.

Reported-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-27 11:47:58 -07:00
Nicholas Bellinger 97c99b47ac iscsi-target: Avoid rejecting incorrect ITT for Data-Out
This patch changes iscsit_check_dataout_hdr() to dump the incoming
Data-Out payload when the received ITT is not associated with a
WRITE, instead of calling iscsit_reject_cmd() for the non WRITE
ITT descriptor.

This addresses a bug where an initiator sending an Data-Out for
an ITT associated with a READ would end up generating a reject
for the READ, eventually resulting in list corruption.

Reported-by: Santosh Kulkarni <santosh.kulkarni@calsoftinc.com>
Reported-by: Arshad Hussain <arshad.hussain@calsoftinc.com>
Cc: stable@vger.kernel.org # 3.10+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-27 11:47:57 -07:00
Greg Kroah-Hartman 4148c1f67a lz4: fix another possible overrun
There is one other possible overrun in the lz4 code as implemented by
Linux at this point in time (which differs from the upstream lz4
codebase, but will get synced at in a future kernel release.)  As
pointed out by Don, we also need to check the overflow in the data
itself.

While we are at it, replace the odd error return value with just a
"simple" -1 value as the return value is never used for anything other
than a basic "did this work or not" check.

Reported-by: "Don A. Bailey" <donb@securitymouse.com>
Reported-by: Willy Tarreau <w@1wt.eu>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-06-27 11:21:07 -07:00
H. Peter Anvin ba3f35c7ce * Fix a few compiler warnings (one being a real bug) in the arm64 EFI
code that lots of people are running into and reporting - Catalin Marinas
 
  * Use a cast to avoid a 32-bit overflow issue when generating pstore
    filenames - Andrzej Zaborowski
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJTrYAHAAoJEC84WcCNIz1VCy8QAKMyeHBhwoQeAZKrV50fe5UW
 LRKpjxZ7ZWxDmObFMM9x9Jlq6MWroL4WBJjA/DYiPbXgLxbReUITY9nzwruxe4ts
 isQlbKPfAI/7Fx3oFPSKz2UrFqRZPNxbNG+Gmu8vBrKQ1p3jd31NTugZWn27F6Yz
 6dkux7vCbJXbaHNmXMRX8JwTTptuPkleNWyeterry6q8HzOGIyRN8wXBrGvanesx
 w8IVZZfgIuCi5JxPXSemJCVaDUmQb/hk7NGTdA4xjl8P4s2uT7cqxEVYx2I4QI/c
 aAj2B6IAauh8/b1GtN8xN3HoweLGFopfpMILifIbL5HvN3urHfOEWYAFHB/d9Iha
 97v5ylb8LwGK6rxosp1pc3/BIhI/ePtP7cRpmyRinXF99mnwe3jmMfM5f0dH4+Xj
 HqFVTTnzzCzYji38UD5y+2JznjH40VSaFwf4FJY0Ssf9mbuoVasSCgTMTFhMOiBT
 6lsRe/raH+rOJ16Sn2MCceglwaZdwqMXdJYd9pBWa7D0oBZy1keTj5CR1O+0xOqx
 NE6tfZx08hATsyZkKW0CoYCQGAjOAoB19VvFL6G8yHuFfbllpZYflvdQUibbO+TM
 c6EYrBsdOGWKFM1bl4GJ61Ju8tksZJNj8scl/Mcr9yoxg6sAhECCr9jNpVqKTwLs
 54PspusLUZEDeQCKP4w6
 =ERxp
 -----END PGP SIGNATURE-----

Merge tag 'efi-urgent' into x86/urgent

 * Fix a few compiler warnings (one being a real bug) in the arm64 EFI
   code that lots of people are running into and reporting - Catalin Marinas

 * Use a cast to avoid a 32-bit overflow issue when generating pstore
   filenames - Andrzej Zaborowski

Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2014-06-27 07:55:24 -07:00
Andrzej Zaborowski 783ee43118 efi-pstore: Fix an overflow on 32-bit builds
In generic_id the long int timestamp is multiplied by 100000 and needs
an explicit cast to u64.

Without that the id in the resulting pstore filename is wrong and
userspace may have problems parsing it, but more importantly files in
pstore can never be deleted and may fill the EFI flash (brick device?).
This happens because when generic pstore code wants to delete a file,
it passes the id to the EFI backend which reinterpretes it and a wrong
variable name is attempted to be deleted.  There's no error message but
after remounting pstore, deleted files would reappear.

Signed-off-by: Andrew Zaborowski <andrew.zaborowski@intel.com>
Acked-by: David Rientjes <rientjes@google.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
2014-06-27 07:30:32 +01:00
Dave Airlie 0fcb70c301 Merge tag 'drm-intel-fixes-2014-06-26' of git://anongit.freedesktop.org/drm-intel into drm-fixes
Fixes for 3.16-rc2; regressions, races, and warns; Broadwell PCI IDs.

* tag 'drm-intel-fixes-2014-06-26' of git://anongit.freedesktop.org/drm-intel:
  drm/i915: vlv_prepare_pll is only needed in case of non DSI interfaces
  drm/i915: Hold the table lock whilst walking the file's idr and counting the objects in debugfs
  drm/i915: BDW: Adding Reserved PCI IDs.
  drm/i915: Only mark the ctx as initialised after a SET_CONTEXT operation
  drm/i915: default to having backlight if VBT not available
  drm/i915: cache hw power well enabled state
2014-06-27 15:04:06 +10:00
Nicholas Bellinger b43f1886e4 tcm_loop: Fix memory leak in tcm_loop_submission_work error path
This patch fixes a tcm_loop_cmd descriptor memory leak in the
tcm_loop_submission_work() error path, and would result in
warnings about leaked tcm_loop_cmd_cache objects at module
unload time.

Go ahead and invoke kmem_cache_free() to release tl_cmd back to
tcm_loop_cmd_cache before calling sc->scsi_done().

Reported-by: Sebastian Herbszt <herbszt@gmx.de>
Tested-by: Sebastian Herbszt <herbszt@gmx.de>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-26 20:56:49 -07:00
Nicholas Bellinger 683497566d iscsi-target: Explicily clear login response PDU in exception path
This patch adds a explicit memset to the login response PDU
exception path in iscsit_tx_login_rsp().

This addresses a regression bug introduced in commit baa4d64b
where the initiator would end up not receiving the login
response and associated status class + detail, before closing
the login connection.

Reported-by: Christophe Vu-Brugier <cvubrugier@yahoo.fr>
Tested-by: Christophe Vu-Brugier <cvubrugier@yahoo.fr>
Cc: stable@vger.kernel.org # 3.10+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-26 20:56:49 -07:00
Nicholas Bellinger 83ff42fcce target: Fix left-over se_lun->lun_sep pointer OOPs
This patch fixes a left-over se_lun->lun_sep pointer OOPs when one
of the /sys/kernel/config/target/$FABRIC/$WWPN/$TPGT/lun/$LUN/alua*
attributes is accessed after the $DEVICE symlink has been removed.

To address this bug, go ahead and clear se_lun->lun_sep memory in
core_dev_unexport(), so that the existing checks for show/store
ALUA attributes in target_core_fabric_configfs.c work as expected.

Reported-by: Sebastian Herbszt <herbszt@gmx.de>
Tested-by: Sebastian Herbszt <herbszt@gmx.de>
Cc: stable@vger.kernel.org
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-26 20:56:49 -07:00
Nicholas Bellinger e4fae2318b iscsi-target; Enforce 1024 byte maximum for CHAP_C key value
This patch adds a check in chap_server_compute_md5() to enforce a
1024 byte maximum for the CHAP_C key value following the requirement
in RFC-3720 Section 11.1.4:

   "..., C and R are large-binary-values and their binary length (not
   the length of the character string that represents them in encoded
   form) MUST not exceed 1024 bytes."

Reported-by: rahul.rane <rahul.rane@calsoftinc.com>
Tested-by: rahul.rane <rahul.rane@calsoftinc.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-26 20:56:42 -07:00
Nicholas Bellinger b06eef6eab iscsi-target: Convert chap_server_compute_md5 to use kstrtoul
This patch converts chap_server_compute_md5() from simple_strtoul() to
kstrtoul usage().

This addresses the case where a empty 'CHAP_I=' key value received during
mutual authentication would be converted to a '0' by simple_strtoul(),
instead of failing the login attempt.

Reported-by: Tejas Vaykole <tejas.vaykole@calsoftinc.com>
Tested-by: Tejas Vaykole <tejas.vaykole@calsoftinc.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-26 20:56:42 -07:00
Linus Torvalds 3493860c76 Merge branch 'for-linus' of git://git.kernel.dk/linux-block
Pull block fixes from Jens Axboe:
 "A small collection of fixes/changes for the current series.  This
  contains:

   - Removal of dead code from Gu Zheng.

   - Revert of two bad fixes that went in earlier in this round, marking
     things as __init that were not purely used from init.

   - A fix for blk_mq_start_hw_queue() using the __blk_mq_run_hw_queue(),
     which could place us wrongly.  Make it use the non __ variant,
     which handles cases where we are called from the wrong CPU set.
     From me.

   - A fix for drbd, which allocates discard requests without room for
     the SCSI payload.  From Lars Ellenberg.

   - A fix for user-after-free in the blkcg code from Tejun.

   - Addition of limiting gaps in SG lists, if the hardware needs it.
     This is the last pre-req patch for blk-mq to enable the full NVMe
     conversion.  Could wait until 3.17, but it's simple enough so would
     be nice to have everything we need for the NVMe port in the 3.17
     release.  From me"

* 'for-linus' of git://git.kernel.dk/linux-block:
  drbd: fix NULL pointer deref in blk_add_request_payload
  blk-mq: blk_mq_start_hw_queue() should use blk_mq_run_hw_queue()
  block: add support for limiting gaps in SG lists
  bio: remove unused macro bip_vec_idx()
  Revert "block: add __init to elv_register"
  Revert "block: add __init to blkcg_policy_register"
  blkcg: fix use-after-free in __blkg_release_rcu() by making blkcg_gq refcnt an atomic_t
  floppy: format block0 read error message properly
2014-06-26 13:06:13 -07:00
Al Viro 0b86dbf675 Fix 32-bit regression in block device read(2)
blkdev_read_iter() wants to cap the iov_iter by the amount of data
remaining to the end of device.  That's what iov_iter_truncate() is for
(trim iter->count if it's above the given limit).  So far, so good, but
the argument of iov_iter_truncate() is size_t, so on 32bit boxen (in
case of a large device) we end up with that upper limit truncated down
to 32 bits *before* comparing it with iter->count.

Easily fixed by making iov_iter_truncate() take 64bit argument - it does
the right thing after such change (we only reach the assignment in there
when the current value of iter->count is greater than the limit, i.e.
for anything that would get truncated we don't reach the assignment at
all) and that argument is not the new value of iter->count - it's an
upper limit for such.

The overhead of passing u64 is not an issue - the thing is inlined, so
callers passing size_t won't pay any penalty.

Reported-and-tested-by: Theodore Tso <tytso@mit.edu>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Tested-by: Alan Cox <gnomes@lxorguk.ukuu.org.uk>
Tested-by: Bruno Wolff III <bruno@wolff.to>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-06-26 13:02:28 -07:00
Mengdong Lin a07187c992 ALSA: hda - restore BCLK M/N values when resuming HSW/BDW display controller
For Intel Haswell/Broadwell display HD-A controller, the 24MHz HD-A link BCLK
is converted from Core Display Clock (CDCLK): BCLK = CDCLK * M / N
And there are two registers EM4 and EM5 to program M, N value respectively.
The EM4/EM5 values will be lost and when the display power well is disabled.

BIOS programs CDCLK selected by OEM and EM4/EM5, but BIOS has no idea about
display power well on/off at runtime. So the M/N can be wrong if non-default
CDCLK is used when the audio controller resumes, which results in an invalid
BCLK and abnormal audio playback rate. So this patch saves and restores valid
M/N values on controller suspend/resume.

And 'struct hda_intel' is defined to contain standard HD-A 'struct azx' and
Intel specific fields, as Takashi suggested.

Signed-off-by: Mengdong Lin <mengdong.lin@intel.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2014-06-26 15:47:42 +02:00