The original bio might be submitted, so we shoud increase bi_remaining to
account for it when we deal with the error that the device is missing or
is not writeable, or we would skip the endio handle.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
The deadlock happened when we mount degraded filesystem, the reproduced
steps are following:
# mkfs.btrfs -f -m raid1 -d raid1 <dev0> <dev1>
# echo 1 > /sys/block/`basename <dev0>`/device/delete
# mount -o degraded <dev1> <mnt>
The reason was that the counter -- bi_remaining was wrong. If the missing
or unwriteable device was the last device in the mapping array, we would
not submit the original bio, so we shouldn't increase bi_remaining of it
in btrfs_end_bio(), or we would skip the final endio handle.
Fix this problem by adding a flag into btrfs bio structure. If we submit
the original bio, we will set the flag, and we increase bi_remaining counter,
or we don't.
Though there is another way to fix it -- decrease bi_remaining counter of the
original bio when we make sure the original bio is not submitted, this method
need add more check and is easy to make mistake.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
Reviewed-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: Chris Mason <clm@fb.com>
While running balance, scrub, fsstress concurrently we hit the
following kernel crash:
[56561.448845] BTRFS info (device sde): relocating block group 11005853696 flags 132
[56561.524077] BUG: unable to handle kernel NULL pointer dereference at 0000000000000078
[56561.524237] IP: [<ffffffffa038956d>] scrub_chunk.isra.12+0xdd/0x130 [btrfs]
[56561.524297] PGD 9be28067 PUD 7f3dd067 PMD 0
[56561.524325] Oops: 0000 [#1] SMP
[....]
[56561.527237] Call Trace:
[56561.527309] [<ffffffffa038980e>] scrub_enumerate_chunks+0x24e/0x490 [btrfs]
[56561.527392] [<ffffffff810abe00>] ? abort_exclusive_wait+0x50/0xb0
[56561.527476] [<ffffffffa038add4>] btrfs_scrub_dev+0x1a4/0x530 [btrfs]
[56561.527561] [<ffffffffa0368107>] btrfs_ioctl+0x13f7/0x2a90 [btrfs]
[56561.527639] [<ffffffff811c82f0>] do_vfs_ioctl+0x2e0/0x4c0
[56561.527712] [<ffffffff8109c384>] ? vtime_account_user+0x54/0x60
[56561.527788] [<ffffffff810f768c>] ? __audit_syscall_entry+0x9c/0xf0
[56561.527870] [<ffffffff811c8551>] SyS_ioctl+0x81/0xa0
[56561.527941] [<ffffffff815707f7>] tracesys+0xdd/0xe2
[...]
[56561.528304] RIP [<ffffffffa038956d>] scrub_chunk.isra.12+0xdd/0x130 [btrfs]
[56561.528395] RSP <ffff88004c0f5be8>
[56561.528454] CR2: 0000000000000078
This is because in btrfs_relocate_chunk(), we will free @bdev directly while
scrub may still hold extent mapping, and may access freed memory.
Fix this problem by wrapping freeing @bdev work into free_extent_map() which
is based on reference count.
Reported-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Signed-off-by: Wang Shilong <wangsl.fnst@cn.fujitsu.com>
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
When run scrub with balance, sometimes -ENOENT will be returned, since
in scrub_enumerate_chunks() will search dev_extent in *COMMIT_ROOT*, but
btrfs_lookup_block_group() will search block group in *MEMORY*, so if a
chunk is removed but not committed, -ENOENT will be returned.
However, there is no need to stop scrubbing since other chunks may be
scrubbed without problem.
So this patch changes the behavior to skip removed chunks and continue
to scrub the rest.
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
When we mounted the filesystem after the crash, we got the following
message:
BTRFS error (device xxx): block group xxxx has wrong amount of free space
BTRFS error (device xxx): failed to load free space cache for block group xxx
It is because we didn't update the metadata of the allocated space (in extent
tree) until the file data was written into the disk. During this time, there was
no information about the allocated spaces in either the extent tree nor the
free space cache. when we wrote out the free space cache at this time (commit
transaction), those spaces were lost. In fact, only the free space that is
used to store the file data had this problem, the others didn't because
the metadata of them is updated in the same transaction context.
There are many methods which can fix the above problem
- track the allocated space, and write it out when we write out the free
space cache
- account the size of the allocated space that is used to store the file
data, if the size is not zero, don't write out the free space cache.
The first one is complex and may make the performance drop down.
This patch chose the second method, we use a per-block-group variant to
account the size of that allocated space. Besides that, we also introduce
a per-block-group read-write semaphore to avoid the race between
the allocation and the free space cache write out.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
This patch makes the free space cache write out functions more readable,
and beisdes that, it also reduces the stack space that the function --
__btrfs_write_out_cache uses from 194bytes to 144bytes.
Signed-off-by: Miao Xie <miaox@cn.fujitsu.com>
Signed-off-by: Chris Mason <clm@fb.com>
The lock_wq wait queue is not used anywhere, therefore just remove it.
On a x86_64 system, this reduced sizeof(struct extent_buffer) from 320
bytes down to 296 bytes, which means a 4Kb page can now be used for
13 extent buffers instead of 12.
Signed-off-by: Filipe David Borba Manana <fdmanana@gmail.com>
Signed-off-by: Chris Mason <clm@fb.com>
The Btrfs tree trylock function is poorly named. It always takes
the spinlock and backs off if the blocking lock is held. This
can lead to surprising lockups because people expect it to really be a
trylock.
This commit makes it a pure trylock, both for the spinlock and the
blocking lock. It also reworks the nested lock handling slightly to
avoid taking the read lock while a spinning write lock might be held.
Signed-off-by: Chris Mason <clm@fb.com>
In the conversion to generic early console, the passing of options from
the early 8250 console to the regular ttyS console was broken. This
resulted in the baud rate changing when switching consoles during boot.
This feature allows specifying a single console option on the kernel
command line rather than both an early console and regular serial tty
console. It would be nice to generalize this feature. However, it only
works if the correct baud rate can be probed early which is not the
case on many platforms which have non-standard UART clock rates. So for
now, this is left as an 8250 specific feature.
Reported-and-tested-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Rob Herring <robh@kernel.org>
Cc: Jiri Slaby <jslaby@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
If INPCK is not set, input parity detection should be disabled. This means
parity errors should not be received from the tty driver, and the data
received should be treated normally.
SUS v3, 11.2.2, General Terminal Interface - Input Modes, states:
"If INPCK is set, input parity checking shall be enabled. If INPCK is
not set, input parity checking shall be disabled, allowing output parity
generation without input parity errors. Note that whether input parity
checking is enabled or disabled is independent of whether parity detection
is enabled or disabled (see Control Modes). If parity detection is enabled
but input parity checking is disabled, the hardware to which the terminal
is connected shall recognize the parity bit, but the terminal special file
shall not check whether or not this bit is correctly set."
Ignore parity errors reported by the tty driver when INPCK is not set, and
handle the received data normally.
Fixes: Bugzilla #71681, 'Improvement of n_tty_receive_parity_error from n_tty.c'
Reported-by: Ivan <athlon_@mail.ru>
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
If IGNBRK is set without either BRKINT or PARMRK set, some uart
drivers send a 0x00 byte for BREAK without the TTYBREAK flag to the
line discipline, when it should send either nothing or the TTYBREAK flag
set. This happens because the read_status_mask masks out the BI
condition, which uart_insert_char() then interprets as a normal 0x00 byte.
SUS v3 is clear regarding the meaning of IGNBRK; Section 11.2.2, General
Terminal Interface - Input Modes, states:
"If IGNBRK is set, a break condition detected on input shall be ignored;
that is, not put on the input queue and therefore not read by any
process."
Fix read_status_mask to include the BI bit if IGNBRK is set; the
lsr status retains the BI bit if a BREAK is recv'd, which is
subsequently ignored in uart_insert_char() when masked with the
ignore_status_mask.
Affected drivers:
8250 - all
serial_txx9
mfd
amba-pl010
amba-pl011
atmel_serial
bfin_uart
dz
ip22zilog
max310x
mxs-auart
netx-serial
pnx8xxx_uart
pxa
sb1250-duart
sccnxp
serial_ks8695
sirfsoc_uart
st-asc
vr41xx_siu
zs
sunzilog
fsl_lpuart
sunsab
ucc_uart
bcm63xx_uart
sunsu
efm32-uart
pmac_zilog
mpsc
msm_serial
m32r_sio
Unaffected drivers:
omap-serial
rp2
sa1100
imx
icom
Annotated for fixes:
altera_uart
mcf
Drivers without break detection:
21285
xilinx-uartps
altera_jtaguart
apbuart
arc-uart
clps711x
max3100
uartlite
msm_serial_hs
nwpserial
lantiq
vt8500_serial
Unknown:
samsung
mpc52xx_uart
bfin_sport_uart
cpm_uart/core
Fixes: Bugzilla #71651, '8250_core.c incorrectly handles IGNBRK flag'
Reported-by: Ivan <athlon_@mail.ru>
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Pull security maintainership update from James Morris:
"Add Serge Hallyn as security subsystem co-maintainer"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
security: add Serge Hallyn as a maintainer
arm64 tree)
- stack alignment exception entry code fix
- GHASH crypto algorithm fix and performance improvement
- CMA buffer limited to 32-bit (until a better way to describe the
system topology in DT)
- UAPI sigcontext.h build fix
- __kernel_old_{gid,uid}_t definitions fix (affecting 32-bit LTP)
- ptrace fixes (kernel fault and 32-bit arm core dump)
- pte_mknotpresent() fix
- dts updates (APM SoC)
- defconfig and Kconfig update
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAABAgAGBQJTodfUAAoJEGvWsS0AyF7x3f8P/iDSM8Wf7AeoMOLrOiKdqgM8
gqhs9Np6sXpIXHfZbXdHuByRL+wIZlbhUlJ8BGAAcHuz2QqsnPUkQHa5O1TEPHZG
fSOuqM/FAF0C/EKvKzRNej6OqCoevMUCvHONphKemNiZZP8H7vktoI1PuGyl7Wsr
MBrd+lqIzbx17ppXNx9sPwcWumnxwSJAkjF0fJU7IR1yZv6Vg1USrc9cJJ5dLVUd
sBn9M0SBvCbZ63ovBoBeCiCtqTDk47m9v4Ae3Tw7A590yY7jE/vWb7MJxr0U+E0K
PDhCyoOTnWHpWqPH0GgpKAmu6QeZ15IOW2DM21zj3cP9YdFRSu8VPbSMCd5XSQE/
Jd4y2FWQJBlYsBLpD7OSXy4QdEZqY7bXYD7Ine1Rt5iM6Masnu3dFdQIOBE9Z5yu
p0x1JQVf8PHVbCvCqtLQu4V03oiElyplV6uJVh4qBlepa8Cjuk99l6W9jCV6v3EP
dSdHSOUkJI/hvhlNgCKVhacFVtseAA5Uo8ov/hZq2SFRSIQRjFVvVGGDfS0XR22d
4IlagY8fGvjShFdEk/gfIUyH7Jeo1y7k69QpOkYde1yvfUEgWkThqlCrLDOVPkcG
6UFaJ7qKs9GpipJmnq6Y2RZlEPsUgLLVoz5a2xMEpGCXUhpk8LlnhQA0TvxgoVLK
Q5/+tl3Fx/SVXHUZRswj
=yCGm
-----END PGP SIGNATURE-----
Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Pull arm64 fixes from Catalin Marinas:
"These are primarily bug fixes with a performance improvement patch for
the GHASH crypto algorithm (which went in during this merging window)
and dts/defconfig/Kconfig updates.
- ftrace_return_addr() macro fix for arm (introduced earlier via the
arm64 tree)
- stack alignment exception entry code fix
- GHASH crypto algorithm fix and performance improvement
- CMA buffer limited to 32-bit (until a better way to describe the
system topology in DT)
- UAPI sigcontext.h build fix
- __kernel_old_{gid,uid}_t definitions fix (affecting 32-bit LTP)
- ptrace fixes (kernel fault and 32-bit arm core dump)
- pte_mknotpresent() fix
- dts updates (APM SoC)
- defconfig and Kconfig update"
* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
arm64: mm: remove broken &= operator from pmd_mknotpresent
arm64: fix build error in sigcontext.h
arm64: dts: Add more serial port nodes in APM X-Gene device tree
arm64/dma: Removing ARCH_HAS_DMA_GET_REQUIRED_MASK macro
arm64: ptrace: fix empty registers set in prstatus of aarch32 process core
arm64: uid16: fix __kernel_old_{gid,uid}_t definitions
arm64: ptrace: change fs when passing kernel pointer to regset code
arm64: Limit the CMA buffer to 32-bit if ZONE_DMA
arm/ftrace: fix ftrace_return_addr() to ftrace_return_address()
arm64/crypto: improve performance of GHASH algorithm
arm64/crypto: fix data corruption bug in GHASH algorithm
arm64: defconfig update for LTP
arm64: ftrace: Fix comment typo 'CONFIG_FUNCTION_GRAPH_FP_TEST'
arm64: add ARCH_HAS_OPP to allow enabling OPP library
arm64: restore alphabetic order in Kconfig
arm64: Bug fix in stack alignment exception
* pm-cpufreq:
cpufreq: unlock when failing cpufreq_update_policy()
intel_pstate: Correct rounding in busy calculation
cpufreq: cpufreq-cpu0: fix CPU_THERMAL dependency
* pm-cpuidle:
cpuidle: mvebu: Fix the name of the states
* acpi-general:
ACPI: use kstrto*() instead of simple_strto*()
* acpi-processor:
ACPI / processor replace __attribute__((packed)) by __packed
* acpi-lpss:
ACPI / LPSS: Take I2C host controllers out of reset
* acpi-battery:
ACPI / battery: add quirk for Acer Aspire V5-573G
ACPI / battery: use callback for setting up quirks
First round of fixes for 3.16-rc, mostly cc: stable, and the vt/vgacon
fixes from Daniel [1] to avoid hangs and unclaimed register errors on
module load/reload.
* tag 'drm-intel-fixes-2014-06-17' of git://anongit.freedesktop.org/drm-intel:
drm/i915/bdw: remove erroneous chv specific workarounds from bdw code
drm/i915: fix possible refcount leak when resetting forcewake
drm/i915: Reorder semaphore deadlock check
drm/i95: Initialize active ring->pid to -1
drm/i915: set backlight duty cycle after backlight enable for gen4
drm/i915: Avoid div-by-zero when pixel_multiplier is zero
drm/i915: Disable FBC by default also on Haswell and later
drm/i915: Kick out vga console
drm/i915: Fixup global gtt cleanup
vt: Don't ignore unbind errors in vt_unbind
vt: Fix up unregistration of vt drivers
vt: Fix replacement console check when unbinding
The acquire ctx will typically be declared on the stack, which means we
could have garbage values for any uninitialized field. In this case, it
was triggering WARN_ON()s because 'contended' had garbage value.
Go ahead and use memset() to be more future-proof.
v2: now with extra brown paper bag
Reported-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Signed-off-by: Rob Clark <robdclark@gmail.com>
Reviewed-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Tested-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
mode validation, deep color and pageflipping fixes.
* 'drm-fixes-3.16' of git://people.freedesktop.org/~agd5f/linux:
drm/radeon: Fix radeon_irq_kms_pflip_irq_get/put() imbalance
Revert "drm/radeon: remove drm_vblank_get|put from pflip handling"
drm/radeon: improve dvi_mode_valid
drm/radeon: update mode_valid testing for DP
drm/radeon: Use dce5/6 hdmi deep color clock setup also on dce8+
With commit aed3f9d498 ("staging: comedi: addi_apci_1564:
absorb apci1564_reset()"), the apci 1564 driver has gained
a dependency on the addi watchdog module, which is not reflected
correctly in Kconfig, and that can lead to link errors
when the watchdog is disabled.
This adds an explicit 'select', like it is done in the other
addi apci drivers that need it.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Cc: H Hartley Sweeten <hsweeten@visionengravers.com>
Acked-by: Ian Abbott <abbotti@mev.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fixes a regression in 3.16-rc1 compared to 3.15.
The unbalanced calls would presumably result in the page flip interrupts
never getting disabled once they are enabled.
Signed-off-by: Michel Dänzer <michel.daenzer@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
This reverts commit 75f36d8619.
drm_vblank_get() is necessary to ensure the DRM vblank counter value is
up to date in drm_send_vblank_event().
Seems to fix weston hangs waiting for page flips to complete.
Signed-off-by: Michel Dänzer <michel.daenzer@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Make sure we have an HDMI monitor before validating modes with
clocks >165 Mhz on single link connections.
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Need to use the adjusted clock on dce8 as well.
bug:
https://bugs.freedesktop.org/show_bug.cgi?id=80029
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
The length name of the states 2 was too long to fit in the allocated
string (limited to 16 bytes). This lead to improper string displayed
through sysfs.
This patch shorten the name by removing the reference to Marvell and
to the CPU as both are implicit. For coherency the same change have
been done for the states 1.
Signed-off-by: Gregory CLEMENT <gregory.clement@free-electrons.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Commit bd0fa9bb45 introduced a failure path to cpufreq_update_policy() if
cpufreq_driver->get(cpu) returns NULL. However, it jumps to the 'no_policy'
label, which exits without unlocking any of the locks the function acquired
earlier. This causes later calls into cpufreq to hang.
Fix this by creating a new 'unlock' label and jumping to that instead.
Fixes: bd0fa9bb45 ("cpufreq: Return error if ->get() failed in cpufreq_update_policy()")
Link: https://devtalk.nvidia.com/default/topic/751903/kernel-3-15-and-nv-drivers-337-340-failed-to-initialize-the-nvidia-kernel-module-gtx-550-ti-/
Signed-off-by: Aaron Plattner <aplattner@nvidia.com>
Cc: 3.15+ <stable@vger.kernel.org> # 3.15+
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
The kernel headers package (linux-headers) doesn't include several
header files required to build out-of-tree modules.
It makes the package unusable on e.g. ARM architecture:
/usr/src/linux-headers-3.14.0/arch/arm/include/asm/memory.h:24:25:
fatal error: mach/memory.h: No such file or directory
#include <mach/memory.h>
^
compilation terminated.
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Reviewed-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Michal Marek <mmarek@suse.cz>
A mixed bag of fixes, many of which feel just to late for 3.15.
* hid sensors - some devices need a feature report request in order to
change power state. This isn't part of the spec, but has been observed
on several devices and does no harm to others.
* mpl3115 has had two errors in the buffer description fixed. The presure is
signed, not unsigned and the temperature has 12 bits rather than 16.
These could lead to incorrect interpretation of the data in userspace.
* tsl2x7x - the high byte of the proximity thresholds should be written along
with the low byte (which was). This could lead to interesting results
with large thresholds.
* twl4030 - a flag to specify processed values were required was not set
when initializing a reading. As such values returned were in an unknown
state. Fixed by simply initializing it appropriately.
* IIO_SIMPLE_DUMMY_BUFFER did not select IIO_BUFFER leading to randconfig
build errors.
* ak8975 was applying an unwanted le16_to_cpu conversion as the i2c framework
already performs one. As such for big endian systems, the bytes would be
in the wrong order in the magnetic field measurements reported.
* mxs-lradc - the controllable voltage dividers were not enabled / disabled for
later channels than the first one during conversion.
* at91_adc error handling returned -ENOMEM in a u8. Return value of
at91_adc_get_trigger_value_by_name changed to int thus allowing -ENOMEM and
also original values to be returned.
* mcb - mcb_request_mem returns and ERR_PTR but the caller was checking for
NULL to detect an error.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJTnLYyAAoJEFSFNJnE9BaI6r4QAK22hjl1J3xoWwOPUJhfJ5Hh
VTjwO1OxwQ1XtUN5WneeJM73eu6moXD/avG2NbX4orAkNjSXKL6+/3WAds/rYMj2
0vPiJsKsGBBlhu2w2RU80xVOPT2/XXIH3bYWDiUlr/i6DLEh8mU3kKX/yZzF+cIn
hheYnOHZzLqGH8JircScEJv+B06svZtlfoDeLYaKY03HupTvEH95mvCSZk71PxZb
A+7Qb3nDlZrpLBFKj4L5x15MIoEgopID2pX0kHLNY2DE1sopr2Z+FgSa3u/wtSEx
k/ViyHPRk1mjTrQ92RMmTF5lMts6JFCmMgpPCNmcSyRKt6Fe6KcCMiWIlSs9I69i
6KAIes5XpP7Qti5Yd4gi70uiq7fL1hR18Yhzv6IdmNdS8iJhk53YiWDYiYBgXwWS
rcOva4NsaoeLYUdNJZRtap3RLsQRKAxg7HNhL+G88rr3wCsA0P7rb6BMdFK+3MiS
BDcYe8mHIzX9tJZa4EU8kOdr+aphQeDt1nH4aZDWT3J7fo6RWrWcPMWFAcx+1jp3
VVDL6Jn8WIuxYIDFznSQ6T6tvsvuqPgCqOA0ygfzvruo3m/oWvTT/+i2YFotGH3Y
7Mlw7TACAmcuZStBLg6R0R1fD39zpfp4/+GNRxFaaB8otMPyrbizb0HBcaksQCp0
0MTbFSjuAlXZ3NhVIm2O
=RuB2
-----END PGP SIGNATURE-----
Merge tag 'iio-fixes-for-3.16a' of git://git.kernel.org/pub/scm/linux/kernel/git/jic23/iio into staging-linus
Jonathan writes:
First set of IIO fixes for the 3.16 cycle.
A mixed bag of fixes, many of which feel just to late for 3.15.
* hid sensors - some devices need a feature report request in order to
change power state. This isn't part of the spec, but has been observed
on several devices and does no harm to others.
* mpl3115 has had two errors in the buffer description fixed. The presure is
signed, not unsigned and the temperature has 12 bits rather than 16.
These could lead to incorrect interpretation of the data in userspace.
* tsl2x7x - the high byte of the proximity thresholds should be written along
with the low byte (which was). This could lead to interesting results
with large thresholds.
* twl4030 - a flag to specify processed values were required was not set
when initializing a reading. As such values returned were in an unknown
state. Fixed by simply initializing it appropriately.
* IIO_SIMPLE_DUMMY_BUFFER did not select IIO_BUFFER leading to randconfig
build errors.
* ak8975 was applying an unwanted le16_to_cpu conversion as the i2c framework
already performs one. As such for big endian systems, the bytes would be
in the wrong order in the magnetic field measurements reported.
* mxs-lradc - the controllable voltage dividers were not enabled / disabled for
later channels than the first one during conversion.
* at91_adc error handling returned -ENOMEM in a u8. Return value of
at91_adc_get_trigger_value_by_name changed to int thus allowing -ENOMEM and
also original values to be returned.
* mcb - mcb_request_mem returns and ERR_PTR but the caller was checking for
NULL to detect an error.
After commits 890676c6 (kbuild: Use relative path when building in the source
tree) and 9da0763b (kbuild: Use relative path when building in a subdir
of the source tree), the $(srctree) variable can be a relative path.
This breaks Documentation/DocBook/media/Makefile, because it tries to
create symlinks from a subdirectory of the object tree to the source
tree. Fix this by using a full path in this case.
Reported-by: Randy Dunlap <rdunlap@infradead.org>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Tested-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Commit 7e1c0477 (kbuild: Use relative path for $(objtree)) assumes that
the build process does not change its working directory. make tar-pkg
was a couterexample, fix this by changing directory only for the tar
command and not for the whole script, which at one point references the
now relative $(objtree).
Reported-and-tested-by: "J. Bruce Fields" <bfields@fieldses.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
This should be a plain old '&' and could easily lead to undefined
behaviour if the target of a pmd_mknotpresent invocation was the same
as the parameter.
Fixes: 9c7e535fcc (arm64: mm: Route pmd thp functions through pte equivalents)
Signed-off-by: Will Deacon <will.deacon@arm.com>
Cc: <stable@vger.kernel.org> # v3.15
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Quite a few build coverage fixes in here among the usual small driver
fixes includling the sigmadsp change from Lars - moving the driver to
separate modules per bus (which is basically just code motion) avoids
issues with some combinations of buses being enabled.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJToCEOAAoJELSic+t+oim9hS8P/jtMAdaR3JO5R1qtg8qj1tO8
ati7DEhkKHn+9rSv4rBtfjqFk0Tdy4r9ulQAS88D9k3WGWpZgUf8wdfMWdL94s5I
WRJbvtcss7VGarfOAEreaqd3/PJ0buVLeUm+JNap794WW74BqPlfw6+JveWCAL1V
UfRlkQ+PwbU4f7ieXKrtpinOpffFY6hB6N19l+nPqyy0aCn5S/rv4SXUkcJ77slG
jOjM1yxg2/RR25LDRqm6uyi2032KwhQZEyP3OccxcRWIROzltqNa+biPJwjdpUlo
aVHQ2vICFovOC1WsWSEwjntkLvgYOJGP/50ecC2SqgL6QmvR03isUqSKzkIxigog
2+fMEeXEn7gtjQNpZFDk2Ku9DDbDR22SaRlrjaMOa/YMCc8ylSY1IXuL51IkEfip
tSWGOGvg7veYhVQtnxu7wSxtnK/Gb53ugRxFYba1f44bxOKl5KByPfSY22e65e2X
hVFqVDbikEszcU7AJxMVKvGb1bPF+RGTmlfL20IXnxs/OtGVx0FURZGKLAMagVXr
3Um0W4HzAipmCBW5NmbQu+gAWoOa17c9rILOc4IaIW5zCvv+V8AURaiwT5sHtUhU
JAeNIPIVadO7Lps+bgGT/Auisa8loFiYXFGOJecgcXPiMnZ+2jp7Gb3EgG5Gl8YQ
boxQMUoCp3d+I2+uAqpm
=oF1h
-----END PGP SIGNATURE-----
Merge tag 'asoc-v3.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus
ASoC: Fixes for v3.16
Quite a few build coverage fixes in here among the usual small driver
fixes includling the sigmadsp change from Lars - moving the driver to
separate modules per bus (which is basically just code motion) avoids
issues with some combinations of buses being enabled.
When $srctree or $objtree are relative paths, we cannot change directory
and refer to them in the same subshell. Do the redirection outside of
the subshell to fix this.
Reported-and-tested-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
The ALSA control code expects that the range of assigned indices to a control is
continuous and does not overflow. Currently there are no checks to enforce this.
If a control with a overflowing index range is created that control becomes
effectively inaccessible and unremovable since snd_ctl_find_id() will not be
able to find it. This patch adds a check that makes sure that controls with a
overflowing index range can not be created.
Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Acked-by: Jaroslav Kysela <perex@perex.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Each control gets automatically assigned its numids when the control is created.
The allocation is done by incrementing the numid by the amount of allocated
numids per allocation. This means that excessive creation and destruction of
controls (e.g. via SNDRV_CTL_IOCTL_ELEM_ADD/REMOVE) can cause the id to
eventually overflow. Currently when this happens for the control that caused the
overflow kctl->id.numid + kctl->count will also over flow causing it to be
smaller than kctl->id.numid. Most of the code assumes that this is something
that can not happen, so we need to make sure that it won't happen
Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Acked-by: Jaroslav Kysela <perex@perex.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
A control that is visible on the card->controls list can be freed at any time.
This means we must not access any of its memory while not holding the
controls_rw_lock. Otherwise we risk a use after free access.
Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Acked-by: Jaroslav Kysela <perex@perex.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
There are two issues with the current implementation for replacing user
controls. The first is that the code does not check if the control is actually a
user control and neither does it check if the control is owned by the process
that tries to remove it. That allows userspace applications to remove arbitrary
controls, which can cause a user after free if a for example a driver does not
expect a control to be removed from under its feed.
The second issue is that on one hand when a control is replaced the
user_ctl_count limit is not checked and on the other hand the user_ctl_count is
increased (even though the number of user controls does not change). This allows
userspace, once the user_ctl_count limit as been reached, to repeatedly replace
a control until user_ctl_count overflows. Once that happens new controls can be
added effectively bypassing the user_ctl_count limit.
Both issues can be fixed by instead of open-coding the removal of the control
that is to be replaced to use snd_ctl_remove_user_ctl(). This function does
proper permission checks as well as decrements user_ctl_count after the control
has been removed.
Note that by using snd_ctl_remove_user_ctl() the check which returns -EBUSY at
beginning of the function if the control already exists is removed. This is not
a problem though since the check is quite useless, because the lock that is
protecting the control list is released between the check and before adding the
new control to the list, which means that it is possible that a different
control with the same settings is added to the list after the check. Luckily
there is another check that is done while holding the lock in snd_ctl_add(), so
we'll rely on that to make sure that the same control is not added twice.
Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Acked-by: Jaroslav Kysela <perex@perex.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
The user-control put and get handlers as well as the tlv do not protect against
concurrent access from multiple threads. Since the state of the control is not
updated atomically it is possible that either two write operations or a write
and a read operation race against each other. Both can lead to arbitrary memory
disclosure. This patch introduces a new lock that protects user-controls from
concurrent access. Since applications typically access controls sequentially
than in parallel a single lock per card should be fine.
Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Acked-by: Jaroslav Kysela <perex@perex.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
I'm seeing this build failure for arm64:
CC [M] Documentation/filesystems/configfs/configfs_example_macros.o
In file included from /usr/include/bits/sigcontext.h:27:0,
from /usr/include/signal.h:340,
from /usr/include/sys/wait.h:30,
from Documentation/accounting/getdelays.c:24:
.../linux/usr/include/asm/sigcontext.h:61:2: error: unknown type name ‘u64’
u64 esr;
^
make[2]: *** [Documentation/accounting/getdelays] Error 1
This was introduced by commit 15af1942dd61ee23:
arm64: Expose ESR_EL1 information to user when SIGSEGV/SIGBUS
Using __u64 instead of u64 fixes the problem.
Signed-off-by: Mark Salter <msalter@redhat.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
APM X-Gene Storm SoC supports 4 serial ports. This patch adds device nodes
for serial ports 1 to 3 (a device node for serial port 0 is already present
in the dts file).
This patch also sets the compatible property of serial nodes to "ns16550a".
Signed-off-by: Vinayak Kale <vkale@apm.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Arm64 does not define dma_get_required_mask() function.
Therefore, it should not define the ARCH_HAS_DMA_GET_REQUIRED_MASK.
This causes build errors in some device drivers (e.g. mpt2sas)
Signed-off-by: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: <stable@vger.kernel.org>
Currently core file of aarch32 process prstatus note has empty
registers set. As result aarch32 core files create by V8 kernel are
not very useful.
It happens because compat_gpr_get and compat_gpr_set functions can
copy registers values to/from either kbuf or ubuf. ELF core file
collection function fill_thread_core_info calls compat_gpr_get
with kbuf set and ubuf set to 0. But current compat_gpr_get and
compat_gpr_set function handle copy to/from only ubuf case.
Fix is to handle kbuf and ubuf as two separate cases in similar
way as other functions like user_regset_copyout, user_regset_copyin do.
Signed-off-by: Victor Kamensky <victor.kamensky@linaro.org>
Acked-by: Will Deacon <will.deacon@arm.com>
Cc: stable@vger.kernel.org
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Whilst native arm64 applications don't have the 16-bit UID/GID syscalls
wired up, compat tasks can still access them. The 16-bit wrappers for
these syscalls use __kernel_old_uid_t and __kernel_old_gid_t, which must
be 16-bit data types to maintain compatibility with the 16-bit UIDs used
by compat applications.
This patch defines 16-bit __kernel_old_{gid,uid}_t types for arm64
instead of using the 32-bit types provided by asm-generic.
Signed-off-by: Will Deacon <will.deacon@arm.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Cc: <stable@vger.kernel.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Our compat PTRACE_POKEUSR implementation simply passes the user data to
regset_copy_from_user after some simple range checking. Unfortunately,
the data in question has already been copied to the kernel stack by this
point, so the subsequent access_ok check fails and the ptrace request
returns -EFAULT. This causes problems tracing fork() with older versions
of strace.
This patch briefly changes the fs to KERNEL_DS, so that the access_ok
check passes even with a kernel address.
Signed-off-by: Will Deacon <will.deacon@arm.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>