Граф коммитов

323352 Коммитов

Автор SHA1 Сообщение Дата
Linus Torvalds a4be6c77b5 Merge branch 'for-linus' of git://git.samba.org/sfrench/cifs-2.6
Pull cifs fix from Steve French.

* 'for-linus' of git://git.samba.org/sfrench/cifs-2.6:
  cifs: fix return value in cifsConvertToUTF16
2012-09-22 12:36:57 -07:00
Eric Dumazet ab43ed8b74 ipv4: raw: fix icmp_filter()
icmp_filter() should not modify its input, or else its caller
would need to recompute ip_hdr() if skb->head is reallocated.

Use skb_header_pointer() instead of pskb_may_pull() and
change the prototype to make clear both sk and skb are const.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-22 15:35:05 -04:00
Peter Hüwe 9913b8c8f0 net/phy/bcm87xx: Add MODULE_LICENSE("GPL") to GPL driver
Currently the driver has no MODULE_LICENSE attribute in its source which
results in a kernel taint if I load this:

root@(none):~# modprobe bcm87xx
bcm87xx: module license 'unspecified' taints kernel.

Since the first lines of the source code clearly state:
 * This file is subject to the terms and conditions of the GNU General
 * Public License.  See the file "COPYING" in the main directory of this
 * archive for more details.
I think it's safe to add the MODULE_LICENSE("GPL") macro and thus remove
the kernel taint.

Cc: stable@vger.kernel.org
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-22 15:33:46 -04:00
John W. Linville 1199992df2 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem 2012-09-22 12:19:22 -04:00
Nestor Lopez Casado 596264082f HID: Fix logitech-dj: missing Unifying device issue
This patch fixes an issue introduced after commit 4ea5454203
("HID: Fix race condition between driver core and ll-driver").

After that commit, hid-core discards any incoming packet that arrives while
hid driver's probe function is being executed.

This broke the enumeration process of hid-logitech-dj, that must receive
control packets in-band with the mouse and keyboard packets. Discarding mouse
or keyboard data at the very begining is usually fine, but it is not the case
for control packets.

This patch forces a re-enumeration of the paired devices when a packet arrives
that comes from an unknown device.

Based on a patch originally written by Benjamin Tissoires.

Cc: stable@vger.kernel.org   # v3.2+
Signed-off-by: Nestor Lopez Casado <nlopezcasad@logitech.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2012-09-22 10:58:48 +02:00
Axel Lin 391499801b HID: lenovo-tpkbd: Fix memory leak in tpkbd_remove_tp()
We need to kfree names for led_mute and led_micmute in tpkbd_remove_tp().

Signed-off-by: Axel Lin <axel.lin@gmail.com>
Acked-by: Bernhard Seibold <mail@bernhard-seibold.de>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2012-09-22 10:58:36 +02:00
Alex Elder 5ce765a540 libceph: only kunmap kmapped pages
In write_partial_msg_pages(), pages need to be kmapped in order to
perform a CRC-32c calculation on them.  As an artifact of the way
this code used to be structured, the kunmap() call was separated
from the kmap() call and both were done conditionally.  But the
conditions under which the kmap() and kunmap() calls were made
differed, so there was a chance a kunmap() call would be done on a
page that had not been mapped.

The symptom of this was tripping a BUG() in kunmap_high() when
pkmap_count[nr] became 0.

Reported-by: Bryan K. Wright <bryan@virginia.edu>
Signed-off-by: Alex Elder <elder@inktank.com>
Reviewed-by: Sage Weil <sage@inktank.com>
2012-09-21 20:49:26 -07:00
Alex Elder 340c7a2b2c rbd: drop dev reference on error in rbd_open()
If a read-only rbd device is opened for writing in rbd_open(), it
returns without dropping the just-acquired device reference.

Fix this by moving the read-only check before getting the reference.

Signed-off-by: Alex Elder <elder@inktank.com>
Reviewed-by: Yehuda Sadeh <yehuda@inktank.com>
Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
2012-09-21 20:48:54 -07:00
Linus Torvalds abef3bd710 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking updates from David Miller:
 "More bug fixes, nothing gets past these guys"

 1) More kernel info leaks found by Mathias Krause, this time in the
    IPSEC configuration layers.

 2) When IPSEC policies change, we do not properly make sure that cached
    routes (which could now be stale) throughout the system will be
    revalidated.  Fix this by generalizing the generation count
    invalidation scheme used by ipv4.  From Nicolas Dichtel.

 3) When repairing TCP sockets, we need to allow to restore not just the
    send window scale, but the receive one too.  Extend the existing
    interface to achieve this in a backwards compatible way.  From
    Andrey Vagin.

 4) A fix for FCOE scatter gather feature validation erroneously caused
    scatter gather to be disabled for things like AOE too.  From Ed L
    Cashin.

 5) Several cases of mishandling of error pointers, from Mathias Krause,
    Wei Yongjun, and Devendra Naga.

 6) Fix gianfar build, from Richard Cochran.

 7) CAP_NET_* failures should return -EPERM not -EACCES, from Zhao
    Hongjiang.

 8) Hardware reset fix in janz-ican3 CAN driver, from Ira W Snyder.

 9) Fix oops during rmmod in ti_hecc CAN driver, from Marc Kleine-Budde.

10) The removal of the conditional compilation of the clk support code
    in the stmmac driver broke things.  This is because the interfaces
    used are the ones that don't also perform the enable/disable of the
    clk.  Fix from Stefan Roese.

11) The QFQ packet scheduler can record out of range virtual start
    times, resulting later in misbehavior and even crashes.  Fix from
    Paolo Valente.

12) If MSG_WAITALL is used with IOAT DMA under TCP, we can wedge the
    receiver when the advertised receive window goes to zero.  Detect
    this case and force the processing of the IOAT DMA queue when it
    happens to avoid getting stuck.  Fix from Michal Kubecek.

13) batman-adv assumes that test_bit() returns only 0 or 1, but this is
    not true for x86 (which returns -1 or 0, via the 'sbb' instruction).
    Fix from Linus Lussing.

14) Fix small packet corruption in e1000, from Tushar Dave.

15) make_blackhole() in the IPSEC policy code can do one read unlock too
    many, fix from Li RongQing.

16) The new tcp_try_coalesce() code introduced a bug in TCP URG
    handling, fix from Eric Dumazet.

17) Fix memory leak in __netif_receive_skb() when doing zerocopy and
    when hit an OOM condition.  From Michael S Tsirkin.

18) netxen blindly deferences pdev->bus->self, which is not guarenteed
    to be non-NULL.  Fix from Nikolay Aleksandrov.

19) Fix a performance regression caused by mistakes in ipv6 checksum
    validation in the bnx2x driver, fix from Michal Schmidt.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (45 commits)
  net/stmmac: Use clk_prepare_enable and clk_disable_unprepare
  net: change return values from -EACCES to -EPERM
  net/irda: sh_sir: fix return value check in sh_sir_set_baudrate()
  stmmac: fix return value check in stmmac_open_ext_timer()
  gianfar: fix phc index build failure
  ipv6: fix return value check in fib6_add()
  bnx2x: remove false warning regarding interrupt number
  can: ti_hecc: fix oops during rmmod
  can: janz-ican3: fix support for older hardware revisions
  net: do not disable sg for packets requiring no checksum
  aoe: assert AoE packets marked as requiring no checksum
  at91ether: return PTR_ERR if call to clk_get fails
  xfrm_user: don't copy esn replay window twice for new states
  xfrm_user: ensure user supplied esn replay window is valid
  xfrm_user: fix info leak in copy_to_user_tmpl()
  xfrm_user: fix info leak in copy_to_user_policy()
  xfrm_user: fix info leak in copy_to_user_state()
  xfrm_user: fix info leak in copy_to_user_auth()
  net: qmi_wwan: adding Huawei E367, ZTE MF683 and Pantech P4200
  tcp: restore rcv_wscale in a repair mode (v2)
  ...
2012-09-21 14:32:55 -07:00
Linus Torvalds 6219844e72 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc
Pull sparc updates from David Miller:

1) Debugging builds on 32-bit sparc need to handle the R_SPARC_DISP32
   relocation, not just 64-bit sparc.  From Andreas Larsson.

2) Wei Yongjun noticed that module_alloc() on sparc can return an
   error pointer, but that's not allowed.  module_alloc() should
   return only a valid pointer, or NULL.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc:
  sparc: fix the return value of module_alloc()
  sparc32: Enable the relocation target R_SPARC_DISP32 for sparc32
2012-09-21 14:31:50 -07:00
Linus Torvalds 9d10890792 Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fixes from Ingo Molnar:
 "Small fixlets"

* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/mm/init.c: Fix devmem_is_allowed() off by one
  x86/kconfig: Remove outdated reference to Intel CPUs in CONFIG_SWIOTLB
2012-09-21 14:26:23 -07:00
Linus Torvalds 519b3b742d Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull timer fix from Ingo Molnar:
 "One more timekeeping fix for v3.6"

* 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  time: Fix timeekeping_get_ns overflow on 32bit systems
2012-09-21 14:25:46 -07:00
Linus Torvalds 18f5600ba2 Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull perf fixes from Ingo Molnar:
 "Small perf fixlets"

* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  tracing: Don't call page_to_pfn() if page is NULL
  perf/x86: Fix Intel Ivy Bridge support
  perf/x86/ibs: Check syscall attribute flags
  perf/x86: Export Sandy Bridge uncore clockticks event in sysfs
2012-09-21 14:24:48 -07:00
Linus Torvalds 789f95b788 xfs: bugfixes for 3.6-rc7
- fix a regression related to xfs_sync_worker racing with unmount.
 - fix a race while discarding xfs buffers.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.10 (GNU/Linux)
 
 iQIcBAABAgAGBQJQWO3uAAoJENaLyazVq6ZOjfcP+gJkcJLS5+qmyNEcW2IUH0+E
 4WptMdBCLgZGa54aGAJ2mwg0FysyyTiTXjOSETRiBU+N3bAhgweucRsxc8z+awen
 L+InHr8YgQyAoY0nhEcXI/EuHaF9OlgVT6YCOqr/V4gtLO+aczovQS1wA3w/pjAk
 RWa4z+VlH+D9KenatoCcHSY6PIPO9pLs4Gfb7D/9BLFN+f6OnIaUlkwIQSuumuaw
 Lt/sw24/FEBYyzspmGfJT1fjDZK4VI4QoPEAVuvGiJCGFzSW2RDmlb48ZXsnGBbM
 f83tKjB7praQhXnBt56/S5YThgWzt8eaJVIhSExtEh1tisb5iWNQzVPk+USXUE9t
 DNTxtJjwiECbslyVYkTDUKnhdPGtHkpQSN96RBUDvQYfoLHQ/aXbxfPIZGEt24YM
 A/TbCFDFQrI91Rn3TkAxygvfOkxWxE9TB1PmwfgrJGFDWNxg84OBiCX9IMNi3NUF
 glqoKn6aI5fZH6gHVU7xA+bnfJYYRIxUtgIHJ1sYH6dH185G5Yj3m9bojcN7DnmM
 x1kLf0lscumgdB3OGLgpe5IrrFKM+ncclkS24X3eWOCvnWiEXBwajPqA8LloekZA
 X+IyGhoSfg2yRJAYEipRD+H0XouNM/AsLMcI/VbEoLGebxpsKCkg0VwCbd/4xISO
 90Q9jWXC4dzUVRc60rPw
 =ZcGP
 -----END PGP SIGNATURE-----

Merge tag 'for-linus-v3.6-rc7' of git://oss.sgi.com/xfs/xfs

Pull xfs bugfixes from Ben Myers:
 - fix a regression related to xfs_sync_worker racing with unmount.
 - fix a race while discarding xfs buffers.

* tag 'for-linus-v3.6-rc7' of git://oss.sgi.com/xfs/xfs:
  xfs: stop the sync worker before xfs_unmountfs
  xfs: fix race while discarding buffers [V4]
2012-09-21 12:43:01 -07:00
Linus Torvalds 36a21fe639 Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux
Pull drm fixes from Dave Airlie:
 "Fixes for big 3 drivers:

  nouveau: revert earlier MBP fix, put a dmi based MBP fix in its place
  (fixes a regression we found on some Dell eDP panels doing some
  internal testing)

  radeon: revert pll fixes, real fix is too invasive, fix scratch leak

  intel: 3 minor fixes, one for HDMI audio."

* 'drm-fixes' of git://people.freedesktop.org/~airlied/linux:
  drm/nouveau: add dmi quirk for gpio reset
  drm/radeon: Prevent leak of scratch register on resume from suspend
  Revert "drm/nv50-/gpio: initialise to vbios defaults during init"
  Revert "drm/radeon: rework pll selection (v3)"
  drm/i915: HDMI - Clear Audio Enable bit for Hot Plug
  drm/i915: Reduce a pin-leak BUG into a WARN
  drm/i915: enable lvds pin pairs before dpll on gen2
2012-09-21 12:41:28 -07:00
Linus Torvalds 6551d6fe21 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
Pull input updates from Dmitry Torokhov:
 "Updates for the input subsystem.  Just a few driver updates mostly
  dealing with recent regressions."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
  Input: edt-ft5x06 - return -EFAULT on copy_to_user() error
  Input: sentelic - filter out erratic movement when lifting finger
  Input: ambakmi - [un]prepare clocks when enabling amd disabling
  Input: i8042 - disable mux on Toshiba C850D
  Revert "input: ab8500-ponkey: Create AB8500 domain IRQ mapping"
  Input: imx_keypad - fix missing clk conversions
  Input: usbtouchscreen - initialize eGalax devices
2012-09-21 12:39:28 -07:00
Linus Torvalds 868f480bed Merge git://www.linux-watchdog.org/linux-watchdog
Pull watchdog fixes from Wim Van Sebroeck:
 "Fix a kdump issue in hpwdt and a possible NULL dereference."

* git://www.linux-watchdog.org/linux-watchdog:
  watchdog: move the dereference below the NULL test
  hpwdt: Fix kdump issue in hpwdt
2012-09-21 12:36:23 -07:00
Linus Torvalds 6d77987fe6 Add missing 'name' sysfs attributes to ad7314 and ads7871 drivers
Bump maximum wait time for applesmc driver (again)
 Fix build warning seen with W=1 in include/linux/kernel.h, introduced
 with b6d86d3 (Fix DIV_ROUND_CLOSEST to support negative dividends)
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJQWhFlAAoJEMsfJm/On5mBNisP/iex3oyGvUjyW8ywdrEDZ03C
 TPMn3CIajCIA9T9HJh3CBc0bUX/NP7+M2dzNsXl0Nh6voJy6+6u0AgF9SpZpH9ke
 VDm5DVW8M66q/g0DRd++UO/KBfTWoQ+lncclhXErdnqIUSII40XE6N0o5VgpT5EJ
 V13QlaS8EiEw/TD7tnOgOdLczM6TWYrsKVu2JjQDrRdJuMz0xvTXr4MFpdZuc0G1
 oxYlvGI5rdkIfkdhXuyD4yxs34Pl//W6K0nj6M9F3cwZcmh3gdPLaQxeck5sHtL+
 63QLdSc1BDmyRS2P0slFNZRmRvresxOSKL5CqXs+AyaQ5R9fiMKY0JOQJb9TME9R
 5nND0ZyTbm57IKUxVAdDvdDD7C037vS8UZLyCXLDgNY1WNsMm8puk+cCvFtTxO3w
 0wlmdPDLXihtgMkmGHssoRPSlcDrk9P6ovAyatbrEkbwUUzRDdAGN2cHkXuwuVkc
 OrD7Bk8aTlJeR8nvL9dORcJtSZ+0xSOsv7/8j+sKpWu0D+i/TIoDPELfe0VvljwA
 J46kS4oQR1tZzEZnEE54jWv/22I6WHll6vUzgGoRDp7zfuj/JAWlO9Ik8DUU1uBO
 q/8Qf7RyN5p1PbKMO8l+23r4UC3MNczMzVlhLBBHGGUMY0F6u8Nq20Z0TE6fn10q
 QITsxQ90n2dAicKhNFMD
 =0dS3
 -----END PGP SIGNATURE-----

Merge tag 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging

Pull hwmon fixes from Guenter Roeck:
 - Add missing 'name' sysfs attributes to ad7314 and ads7871 drivers
 - Bump maximum wait time for applesmc driver (again)
 - Fix build warning seen with W=1 in include/linux/kernel.h, introduced
   with commit b6d86d3d6d ("Fix DIV_ROUND_CLOSEST to support negative
   dividends")

* tag 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
  linux/kernel.h: Fix warning seen with W=1 due to change in DIV_ROUND_CLOSEST
  hwmon: (applesmc) Bump max wait
  hwmon: (ad7314) Add 'name' sysfs attribute
  hwmon: (ads7871) Add 'name' sysfs attribute
2012-09-21 12:33:31 -07:00
Linus Torvalds 06b050eb81 Merge branch 'fixes' of git://git.infradead.org/users/vkoul/slave-dma
Pull slave-dmaengine fixes from Vinod Koul:
 "There are two trivial fixes in pl330 driver and two in at_hdmac
  driver."

* 'fixes' of git://git.infradead.org/users/vkoul/slave-dma:
  DMA: PL330: Check the pointer returned by kzalloc
  DMA: PL330: Fix potential NULL pointer dereference in pl330_submit_req()
  dmaengine: at_hdmac: check that each sg data length is non-null
  dmaengine: at_hdmac: fix comment in atc_prep_slave_sg()
2012-09-21 12:15:37 -07:00
Linus Torvalds 633650132e arm-soc: bug fixes for v3.6-rc
A couple of samsung clock locking fixes, at91 device tree gpio
 configuration fix and a couple more for shmobile and i.MX.
 
 All small targeted fixes.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJQW6/SAAoJEIwa5zzehBx3b94QAJIhnBYalG3bcmCWjs8TYwIf
 WxYELe2KMn0rAK1QoTzo7oq/yyBLbtBdnyxVUQDHLXlrLlDwKU8hVcBDe/OT2C+t
 rJ8F0c7VqpUhW9QSJoUqaVhhnYg5KHXhEy6XAnBF0GOrUUH7M6dtHBsYFtd3J8Wp
 HnBU9UqPOJ979lV/tYKW+3AAApJ8tGr53KpoGhhUnlM3MyIyreYevvcAUbj4SDHg
 VIirlmDXYf4XO3w1Sg15aqYgx9qDkR6huKV+UrsKTW4xZxeat8K4Q5D0/qrBuXyH
 c1C7BeG5GPg52h/e3qMaiTLbzTrLMRvs1tlgLDj4ZNUB8WfFedj0i+4M+LXcWcyt
 fFlrZJLw+LlDlf0u+ReeDHJaKA0offAVr1W3r6yvRPfaAw+RSocaoP2BYeiZquhG
 1j83qPYBaPQGriN6wOECmceHl3v4hyva0rmA1tksjKlFXnw06TaceoVN4UiZwRCa
 gwL9MVdTC5TFGCNXUfzBLB9bpZOhvoV/fAmKAMfFw8ybAke/P76ko/Ssw+rNVx+2
 4ln5S5AOYMztwemRXf5SfroG7AM4JqcfrP02yZnXcZrF4kGVTtGSKJKfFebLfQ5o
 1QgLm8e1qk6Wmo1LWh1U3T4yXO227498tXWuyFYxG4avl+wzsK/8pxNyxzWFDnLN
 AJBcxlWWaCvA6aX4eODx
 =nNwT
 -----END PGP SIGNATURE-----

Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull arm-soc bug fixes from Olof Johansson:
 "A couple of samsung clock locking fixes, at91 device tree gpio
  configuration fix and a couple more for shmobile and i.MX.

  All small targeted fixes."

* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
  ARM i.MX25: Make timer irq work again
  ARM: imx: armadillo5x0: Fix illegal register access
  ARM: shmobile: kzm9g: bugfix: correct mmcif interrupt settings
  ARM: SAMSUNG: Use spin_lock_{irqsave,irqrestore} in clk_set_rate
  ARM: at91: fix missing #interrupt-cells on gpio-controller
  ARM: SAMSUNG: use spin_lock_irqsave() in clk_set_parent
2012-09-21 12:14:47 -07:00
Wei Yongjun a9e8d1a6b8 sparc: fix the return value of module_alloc()
In case of error, function module_alloc() in other platform never
returns ERR_PTR(), and all of the user only check for NULL, so
we'd better return NULL instead of ERR_PTR().

dpatch engine is used to auto generated this patch.
(https://github.com/weiyj/dpatch)

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21 12:14:20 -07:00
Andreas Larsson dfa520af2c sparc32: Enable the relocation target R_SPARC_DISP32 for sparc32
GNU Binutils 2.20.1 generates .eh_frame sections that uses R_SPARC_DISP32.

Signed-off-by: Andreas Larsson <andreas@gaisler.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21 12:14:19 -07:00
Linus Torvalds 267b50fe6f Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
Pull s390 fixes from Martin Schwidefsky:
 "Bug fixes for 3.6-rc7, including some important patches for large page
  related memory management issues."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
  s390/dasd: fix read unit address configuration loop
  s390/dasd: fix pathgroup race
  s390/mm: fix user access page-table walk code
  s390/hwcaps: do not report high gprs for 31 bit kernel
  s390/cio: invalidate cdev pointer before deregistration
  s390/cio: fix IO subchannel event race
  s390/dasd: move wake_up call
  s390/hugetlb: use direct TLB flushing for hugetlbfs pages
  s390/mm: fix deadlock in unmap_hugepage_range()
2012-09-21 12:10:17 -07:00
Linus Torvalds 8ca7de9164 Bug-fixes:
* Fix M2P batching re-using the incorrect structure field.
  * Disable BIOS SMP MP table search.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQEcBAABAgAGBQJQXGfdAAoJEFjIrFwIi8fJbWcH/0FI2d/VyB+ZU0ng3R0Oa7mt
 iR/x+Z+mfFdp2dXS6gs6DgJIZVA7i2K9pX4rOXjpDGGGyUeo1xoqjlQfsFWQGjZ/
 p49RrDrM93c2GdRXk3iMSWfboQI7BXBs5rnyYZQL7kMxUSR75MxbeONvhPrMSO9I
 3EBidWH08qjrn2HVF44F6xh5ONjpclo5AvGIzJ0eU4X0D0eqMnhvlAw8/UYJU2HV
 heRvuxWF9l2jNpLhKhZy1730D1X/vKA5qKAcBW8rCOpEijyPpmtKbqapeUJg/9pH
 NVquuwGutP5ozrSi7a/23+L+ezvQBmCPm5ZRG44PccBoZ/HVs8haT8UypSWSDzo=
 =TwvM
 -----END PGP SIGNATURE-----

Merge tag 'stable/for-linus-3.6-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen

Pull Xen bug-fixes from Konrad Rzeszutek Wilk:
 - Fix M2P batching re-using the incorrect structure field.

   In v3.5 we added batching for M2P override (Machine Frame Number ->
   Physical Frame Number), but the original MFN was saved in an
   incorrect structure - and we would oops/restore when restoring with
   the old MFN.

 - Disable BIOS SMP MP table search.

   A bootup issue that we had ignored until we found that on DL380 G6 it
   was needed.

* tag 'stable/for-linus-3.6-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
  xen/boot: Disable BIOS SMP MP table search.
  xen/m2p: do not reuse kmap_op->dev_bus_addr
2012-09-21 12:06:54 -07:00
Stefan Roese a630844d89 net/stmmac: Use clk_prepare_enable and clk_disable_unprepare
This patch fixes an issue introduced by commit ID 6a81c26f
[net/stmmac: remove conditional compilation of clk code], which
switched from the internal stmmac_clk_{en}{dis}able calls to
clk_{en}{dis}able. By this, calling clk_prepare and clk_unprepare
was removed.

clk_{un}prepare is mandatory for platforms using common clock framework.
Since these drivers are used by SPEAr platform, which supports common
clock framework, add clk_{un}prepare() support for them. Otherwise
the clocks are not correctly en-/disabled and ethernet support doesn't
work.

Signed-off-by: Stefan Roese <sr@denx.de>
Cc: Viresh Kumar <viresh.kumar@linaro.org>
Cc: Giuseppe Cavallaro <peppe.cavallaro@st.com>
Reviewed-by: Viresh Kumar <viresh.kumar@linaro.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21 14:59:52 -04:00
Linus Torvalds e05e279e6f debugfs: fix u32_array race in format_array_alloc
The format_array_alloc() function is fundamentally racy, in that it
prints the array twice: once to figure out how much space to allocate
for the buffer, and the second time to actually print out the data.

If any of the array contents changes in between, the allocation size may
be wrong, and the end result may be truncated in odd ways.

Just don't do it.  Allocate a maximum-sized array up-front, and just
format the array contents once.  The only user of the u32_array
interfaces is the Xen spinlock statistics code, and it has 31 entries in
the arrays, so the maximum size really isn't that big, and the end
result is much simpler code without the bug.

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-09-21 11:48:05 -07:00
Zhao Hongjiang bf5b30b8a4 net: change return values from -EACCES to -EPERM
Change return value from -EACCES to -EPERM when the permission check fails.

Signed-off-by: Zhao Hongjiang <zhaohongjiang@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21 13:58:08 -04:00
David S. Miller e0c7a4a1a6 Merge branch 'fixes-for-3.6' of git://gitorious.org/linux-can/linux-can
Marc Kleine-Budde says:

====================
two patches for the v3.6 release cycle. Ira W. Snyder fixed support for the
older version of the Janz CMOD-IO Carrier Board. I found and fixed an oops in
the ti_hecc driver, which occurs when removing the module if the network
interface is still open.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21 13:50:16 -04:00
Wei Yongjun dc9c9759eb net/irda: sh_sir: fix return value check in sh_sir_set_baudrate()
In case of error, the function clk_get() returns ERR_PTR()
and never returns NULL pointer. The NULL test in the error
handling should be replaced with IS_ERR().

dpatch engine is used to auto generated this patch.
(https://github.com/weiyj/dpatch)

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21 13:47:24 -04:00
Wei Yongjun 6861509f9f stmmac: fix return value check in stmmac_open_ext_timer()
In case of error, the function clk_get() returns ERR_PTR()
and never returns NULL pointer. The NULL test in the error
handling should be replaced with IS_ERR().

dpatch engine is used to auto generated this patch.
(https://github.com/weiyj/dpatch)

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21 13:47:24 -04:00
Richard Cochran 28889b7e78 gianfar: fix phc index build failure
This patch fixes a build failure introduced in commit 66636287
("gianfar: Support the get_ts_info ethtool method."). Not only was a
global variable inconsistently named, but also it was not exported as
it should have been.

This fix is also needed in stable version 3.5.

Signed-off-by: Richard Cochran <richardcochran@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21 13:45:29 -04:00
Wei Yongjun f950c0ecc7 ipv6: fix return value check in fib6_add()
In case of error, the function fib6_add_1() returns ERR_PTR()
or NULL pointer. The ERR_PTR() case check is missing in fib6_add().

dpatch engine is used to generated this patch.
(https://github.com/weiyj/dpatch)

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21 13:43:52 -04:00
David Rientjes 36048853c5 debugfs: fix race in u32_array_read and allocate array at open
u32_array_open() is racy when multiple threads read from a file with a
seek position of zero, i.e. when two or more simultaneous reads are
occurring after the non-seekable files are created.  It is possible that
file->private_data is double-freed because the threads races between

	kfree(file->private-data);

and

	file->private_data = NULL;

The fix is to only do format_array_alloc() when the file is opened and
free it when it is closed.

Note that because the file has always been non-seekable, you can't open
it and read it multiple times anyway, so the data has always been
generated just once.  The difference is that now it is generated at open
time rather than at the time of the first read, and that avoids the
race.

Reported-by: Dave Jones <davej@redhat.com>
Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Tested-by: Raghavendra <raghavendra.kt@linux.vnet.ibm.com>
Signed-off-by: David Rientjes <rientjes@google.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-09-21 10:28:17 -07:00
Ariel Elior 185d4c8bf5 bnx2x: remove false warning regarding interrupt number
Since version 7.4 the FW configures in the pci config space the max
number of interrupts available to the physical function, instead of
the exact number to use.
This causes a false warning in driver when comparing the number of
configured interrupts to the number about to be used.

Signed-off-by: Ariel Elior <ariele@broadcom.com>
Signed-off-by: Eilon Greenstein <eilong@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-21 13:27:16 -04:00
Russell King bf619faece ARM: reserve syscall 378 for kcmp
kcmp has appeared on x86, but has not been noticed because
checksyscalls.sh is broken at the moment.  Reserve ARM syscall 378
for this should we ever need it, and add an __IGNORE entry for this
unimplemented syscall.

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2012-09-21 17:56:25 +01:00
Alex Williamson b68e7fa879 vfio: Fix virqfd release race
vfoi-pci supports a mechanism like KVM's irqfd for unmasking an
interrupt through an eventfd.  There are two ways to shutdown this
interface: 1) close the eventfd, 2) ioctl (such as disabling the
interrupt).  Both of these do the release through a workqueue,
which can result in a segfault if two jobs get queued for the same
virqfd.

Fix this by protecting the pointer to these virqfds by a spinlock.
The vfio pci device will therefore no longer have a reference to it
once the release job is queued under lock.  On the ioctl side, we
still flush the workqueue to ensure that any outstanding releases
are completed.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2012-09-21 10:48:28 -06:00
Alex Williamson b37b593e20 vfio: Trivial Documentation correction
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2012-09-21 10:48:03 -06:00
Jeff Mahoney 24cc7fb69a x86/kbuild: archscripts depends on scripts_basic
While building the SUSE kernel packages, which build the scripts,
make clean, and then build everything, we have been running into spurious
build failures. We tracked them down to a simple dependency issue:

$ make mrproper
  CLEAN   arch/x86/tools
  CLEAN   scripts/basic
$ cp patches/config/x86_64/desktop .config
$ make archscripts
  HOSTCC  arch/x86/tools/relocs
/bin/sh: scripts/basic/fixdep: No such file or directory
make[3]: *** [arch/x86/tools/relocs] Error 1
make[2]: *** [archscripts] Error 2
make[1]: *** [sub-make] Error 2
make: *** [all] Error 2

This was introduced by commit
6520fe55 (x86, realmode: 16-bit real-mode code support for relocs),
which added the archscripts dependency to archprepare.

This patch adds the scripts_basic dependency to the x86 archscripts.

Signed-off-by: Jeff Mahoney <jeffm@suse.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
2012-09-21 13:49:47 +02:00
Mark Asselstine c1c1a59e37 firmware: fix directory creation rule matching with make 3.80
Since make 3.80 doesn't support secondary expansion it uses a fallback
rule to create firmware directories which is matched after primary
expansion of the $(installed-fw) rule's prerequisite. Commit
6c7080a61f [firmware: fix directory creation rule matching with make
3.82] changed the expression generated after primary expansion such
that the fallback was not matched. Updating the fallback rule to match
the new look primary expansion is not an option for various reasons.

The trailing slash added here to $(INSTALL_FW_PATH)/. while defining
installed-fw-dirs fixes builds with make 3.82 since this will provide
a matching rule for $(INSTALL_FW_PATH)/$$(dir %) when % is in the base
firmware directory (ie. $(dir %) gives './'). Versions of make prior
to 3.82 will strip this trailing slash along with the one generated by
$(dir %) when % is in the base firmware directory and as such continue
to function as before.

Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Tested-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
2012-09-21 13:15:42 +02:00
Marc Kleine-Budde ab04c8bd42 can: ti_hecc: fix oops during rmmod
This patch fixes an oops which occurs when unloading the driver, while the
network interface is still up. The problem is that first the io mapping is
teared own, then the CAN device is unregistered, resulting in accessing the
hardware's iomem:

[  172.744232] Unable to handle kernel paging request at virtual address c88b0040
[  172.752441] pgd = c7be4000
[  172.755645] [c88b0040] *pgd=87821811, *pte=00000000, *ppte=00000000
[  172.762207] Internal error: Oops: 807 [#1] PREEMPT ARM
[  172.767517] Modules linked in: ti_hecc(-) can_dev
[  172.772430] CPU: 0    Not tainted  (3.5.0alpha-00037-g3554cc0 #126)
[  172.778961] PC is at ti_hecc_close+0xb0/0x100 [ti_hecc]
[  172.784423] LR is at __dev_close_many+0x90/0xc0
[  172.789123] pc : [<bf00c768>]    lr : [<c033be58>]    psr: 60000013
[  172.789123] sp : c5c1de68  ip : 00040081  fp : 00000000
[  172.801025] r10: 00000001  r9 : c5c1c000  r8 : 00100100
[  172.806457] r7 : c5d0a48c  r6 : c5d0a400  r5 : 00000000  r4 : c5d0a000
[  172.813232] r3 : c88b0000  r2 : 00000001  r1 : c5d0a000  r0 : c5d0a000
[  172.820037] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
[  172.827423] Control: 10c5387d  Table: 87be4019  DAC: 00000015
[  172.833404] Process rmmod (pid: 600, stack limit = 0xc5c1c2f0)
[  172.839447] Stack: (0xc5c1de68 to 0xc5c1e000)
[  172.843994] de60:                   bf00c6b8 c5c1dec8 c5d0a000 c5d0a000 00200200 c033be58
[  172.852478] de80: c5c1de44 c5c1dec8 c5c1dec8 c033bf2c c5c1de90 c5c1de90 c5d0a084 c5c1de44
[  172.860992] dea0: c5c1dec8 c033c098 c061d3dc c5d0a000 00000000 c05edf28 c05edb34 c000d724
[  172.869476] dec0: 00000000 c033c2f8 c5d0a084 c5d0a084 00000000 c033c370 00000000 c5d0a000
[  172.877990] dee0: c05edb00 c033c3b8 c5d0a000 bf00d3ac c05edb00 bf00d7c8 bf00d7c8 c02842dc
[  172.886474] df00: c02842c8 c0282f90 c5c1c000 c05edb00 bf00d7c8 c0283668 bf00d7c8 00000000
[  172.894989] df20: c0611f98 befe2f80 c000d724 c0282d10 bf00d804 00000000 00000013 c0068a8c
[  172.903472] df40: c5c538e8 685f6974 00636365 c61571a8 c5cb9980 c61571a8 c6158a20 c00c9bc4
[  172.911987] df60: 00000000 00000000 c5cb9980 00000000 c5cb9980 00000000 c7823680 00000006
[  172.920471] df80: bf00d804 00000880 c5c1df8c 00000000 000d4267 befe2f80 00000001 b6d90068
[  172.928985] dfa0: 00000081 c000d5a0 befe2f80 00000001 befe2f80 00000880 b6d90008 00000008
[  172.937469] dfc0: befe2f80 00000001 b6d90068 00000081 00000001 00000000 befe2eac 00000000
[  172.945983] dfe0: 00000000 befe2b18 00023ba4 b6e6addc 60000010 befe2f80 a8e00190 86d2d344
[  172.954498] [<bf00c768>] (ti_hecc_close+0xb0/0x100 [ti_hecc]) from [<c033be58>] (__dev__registered_many+0xc0/0x2a0)
[  172.984161] [<c033c098>] (rollback_registered_many+0xc0/0x2a0) from [<c033c2f8>] (rollback_registered+0x20/0x30)
[  172.994750] [<c033c2f8>] (rollback_registered+0x20/0x30) from [<c033c370>] (unregister_netdevice_queue+0x68/0x98)
[  173.005401] [<c033c370>] (unregister_netdevice_queue+0x68/0x98) from [<c033c3b8>] (unregister_netdev+0x18/0x20)
[  173.015899] [<c033c3b8>] (unregister_netdev+0x18/0x20) from [<bf00d3ac>] (ti_hecc_remove+0x60/0x80 [ti_hecc])
[  173.026245] [<bf00d3ac>] (ti_hecc_remove+0x60/0x80 [ti_hecc]) from [<c02842dc>] (platform_drv_remove+0x14/0x18)
[  173.036712] [<c02842dc>] (platform_drv_remove+0x14/0x18) from [<c0282f90>] (__device_release_driver+0x7c/0xbc)

Cc: stable <stable@vger.kernel.org>
Cc: Anant Gole <anantgole@ti.com>
Tested-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
2012-09-21 12:54:53 +02:00
Ira W. Snyder e21093ef6f can: janz-ican3: fix support for older hardware revisions
The Revision 1.0 Janz CMOD-IO Carrier Board does not have support for
the reset registers. To support older hardware, the code is changed to
use the hardware reset register on the Janz VMOD-ICAN3 hardware itself.

Cc: stable <stable@vger.kernel.org>
Signed-off-by: Ira W. Snyder <iws@ovro.caltech.edu>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
2012-09-21 12:54:52 +02:00
Dave Airlie 017a27e7f5 Merge branch 'drm-intel-fixes' of git://people.freedesktop.org/~danvet/drm-intel into drm-fixes
Daniel writes:
Essentially just flush my -fixes queue before I head off to xdc.
- gen2 regression fixer, we've enabled the lvds stuff too late. Not
  causing any known issues, but this restores the sequence before a
  refactor that landed in 3.5, and lvds is a fickle beast. And seriously,
  who runs gen2 still ...
- downgrade a BUG to a WARN - we haven't root-caused/fixed the underlying
  issue yet, but this should help bug reporters quite a bit.
- properly disable hdmi audio - we've lost track of this, which resulted
  in the alsa driver again losing track of the unplug event.

* 'drm-intel-fixes' of git://people.freedesktop.org/~danvet/drm-intel:
  drm/i915: HDMI - Clear Audio Enable bit for Hot Plug
  drm/i915: Reduce a pin-leak BUG into a WARN
  drm/i915: enable lvds pin pairs before dpll on gen2
2012-09-21 20:46:01 +10:00
Dave Airlie 6c06d608ec drm/nouveau: add dmi quirk for gpio reset
This fixes the gpio reset problem so the Retina MBP works, but avoids
breaking the Dell systems. Ben will work on a better solution for 3.7.

Tested by me on retina MBP.

Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-09-21 10:17:15 -04:00
Ed Cashin c0d680e577 net: do not disable sg for packets requiring no checksum
A change in a series of VLAN-related changes appears to have
inadvertently disabled the use of the scatter gather feature of
network cards for transmission of non-IP ethernet protocols like ATA
over Ethernet (AoE).  Below is a reference to the commit that
introduces a "harmonize_features" function that turns off scatter
gather when the NIC does not support hardware checksumming for the
ethernet protocol of an sk buff.

  commit f01a5236bd
  Author: Jesse Gross <jesse@nicira.com>
  Date:   Sun Jan 9 06:23:31 2011 +0000

      net offloading: Generalize netif_get_vlan_features().

The can_checksum_protocol function is not equipped to consider a
protocol that does not require checksumming.  Calling it for a
protocol that requires no checksum is inappropriate.

The patch below has harmonize_features call can_checksum_protocol when
the protocol needs a checksum, so that the network layer is not forced
to perform unnecessary skb linearization on the transmission of AoE
packets.  Unnecessary linearization results in decreased performance
and increased memory pressure, as reported here:

  http://www.spinics.net/lists/linux-mm/msg15184.html

The problem has probably not been widely experienced yet, because
only recently has the kernel.org-distributed aoe driver acquired the
ability to use payloads of over a page in size, with the patchset
recently included in the mm tree:

  https://lkml.org/lkml/2012/8/28/140

The coraid.com-distributed aoe driver already could use payloads of
greater than a page in size, but its users generally do not use the
newest kernels.

Signed-off-by: Ed Cashin <ecashin@coraid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 22:23:40 -04:00
Ed Cashin 8babe8cc65 aoe: assert AoE packets marked as requiring no checksum
In order for the network layer to see that AoE requires
no checksumming in a generic way, the packets must be
marked as requiring no checksum, so we make this requirement
explicit with the assertion.

Signed-off-by: Ed Cashin <ecashin@coraid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 22:23:40 -04:00
Devendra Naga 3cfc159010 at91ether: return PTR_ERR if call to clk_get fails
we are currently returning ENODEV, as the clk_get may give a exact
error code in its returned pointer, assign it to the ret by using the
PTR_ERR function, so that the subsequent goto label will jump to the
error path and clean the driver and return the error correctly.

Signed-off-by: Devendra Naga <devendra.aaru@gmail.com>
Acked-by: Nicolas Ferre <nicolas.ferre@atmel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 22:21:40 -04:00
Mathias Krause e3ac104d41 xfrm_user: don't copy esn replay window twice for new states
The ESN replay window was already fully initialized in
xfrm_alloc_replay_state_esn(). No need to copy it again.

Cc: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:40 -04:00
Mathias Krause ecd7918745 xfrm_user: ensure user supplied esn replay window is valid
The current code fails to ensure that the netlink message actually
contains as many bytes as the header indicates. If a user creates a new
state or updates an existing one but does not supply the bytes for the
whole ESN replay window, the kernel copies random heap bytes into the
replay bitmap, the ones happen to follow the XFRMA_REPLAY_ESN_VAL
netlink attribute. This leads to following issues:

1. The replay window has random bits set confusing the replay handling
   code later on.

2. A malicious user could use this flaw to leak up to ~3.5kB of heap
   memory when she has access to the XFRM netlink interface (requires
   CAP_NET_ADMIN).

Known users of the ESN replay window are strongSwan and Steffen's
iproute2 patch (<http://patchwork.ozlabs.org/patch/85962/>). The latter
uses the interface with a bitmap supplied while the former does not.
strongSwan is therefore prone to run into issue 1.

To fix both issues without breaking existing userland allow using the
XFRMA_REPLAY_ESN_VAL netlink attribute with either an empty bitmap or a
fully specified one. For the former case we initialize the in-kernel
bitmap with zero, for the latter we copy the user supplied bitmap. For
state updates the full bitmap must be supplied.

To prevent overflows in the bitmap length calculation the maximum size
of bmp_len is limited to 128 by this patch -- resulting in a maximum
replay window of 4096 packets. This should be sufficient for all real
life scenarios (RFC 4303 recommends a default replay window size of 64).

Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: Martin Willi <martin@revosec.ch>
Cc: Ben Hutchings <bhutchings@solarflare.com>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:40 -04:00
Mathias Krause 1f86840f89 xfrm_user: fix info leak in copy_to_user_tmpl()
The memory used for the template copy is a local stack variable. As
struct xfrm_user_tmpl contains multiple holes added by the compiler for
alignment, not initializing the memory will lead to leaking stack bytes
to userland. Add an explicit memset(0) to avoid the info leak.

Initial version of the patch by Brad Spengler.

Cc: Brad Spengler <spender@grsecurity.net>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:40 -04:00
Mathias Krause 7b789836f4 xfrm_user: fix info leak in copy_to_user_policy()
The memory reserved to dump the xfrm policy includes multiple padding
bytes added by the compiler for alignment (padding bytes in struct
xfrm_selector and struct xfrm_userpolicy_info). Add an explicit
memset(0) before filling the buffer to avoid the heap info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-09-20 18:08:39 -04:00