The commit 9195bb8e38 ("ipv6: improve
ipv6_find_hdr() to skip empty routing headers") broke ipv6_find_hdr().
When a target is specified like IPPROTO_ICMPV6 ipv6_find_hdr()
returns -ENOENT when it's found, not the header as expected.
A part of IPVS is broken and possible also nft_exthdr_eval().
When target is -1 which it is most cases, it works.
This patch exits the do while loop if the specific header is found
so the nexthdr could be returned as expected.
Reported-by: Art -kwaak- van Breemen <ard@telegraafnet.nl>
Signed-off-by: Hans Schillstrom <hans@schillstrom.com>
CC:Ansis Atteka <aatteka@nicira.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
If the neigh table's entries is less than gc_thresh1, the function
will return directly, and the reachabletime will not be recompute,
so the reachabletime can be guessed.
Signed-off-by: Duan Jiong <duanj.fnst@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
John W. Linville says:
====================
Regarding the mac80211 bits, Johannes says:
"This time, I have a fix from Arik for scheduled scan recovery (something
that only recently went into the tree), a memory leak fix from Eytan and
a small regulatory bugfix from Inbal. The EAPOL change from Felix makes
rekeying more stable while lots of traffic is flowing, and there's
Emmanuel's and my fixes for a race in the code handling powersaving
clients."
Regarding the NFC bits, Samuel says:
"We only have one candidate for 3.14 fixes, and this is a NCI NULL
pointer dereference introduced during the 3.14 merge window."
Regarding the iwlwifi bits, Emmanuel says:
"This should fix an issue raised in iwldvm when we have lots of
association failures. There is a bugzilla for this bug - it hasn't
been validated by the user, but I hope it will do the trick."
Beyond that...
Amitkumar Karwar brings two mwifiex fixes, one to avoid a NULL pointer
dereference and another to address an improperly timed interrupt.
Arend van Spriel gives us a brcmfmac fix to avoid a crash during
scatter-gather packet transfers.
Avinash Patila offers an mwifiex to avoid an invalid memory access
when a device is removed.
Bing Zhao delivers a simple fix to avoid a naming conflict between
libertas and mwifiex.
Felix Fietkau provides a trio of ath9k fixes that properly account
for sequence numbering in ps-poll frames, reduce the rate for false
positives during baseband hang detection, and fix a regression related
to rx descriptor handling.
James Cameron shows us a libertas fix to ignore zero-length IEs when
processing scan results.
Kirill Tkhai brings a hostap fix to avoid prematurely freeing a timer.
Stanislaw Gruszka fixes an ath9k locking problem.
Sujith Manoharan addresses ETSI compliance for a device handled by
ath9k by adjusting the minimum CCA power threshold values.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Commit c14db2025 "bnx2x: Correct default Tx switching behaviour" supposedly
changed the default Tx switching behaviour, but was missing the fastpath change
required for FW to pass packets from PFs to VFs.
Signed-off-by: Yuval Mintz <yuvalmin@broadcom.com>
Signed-off-by: Ariel Elior <ariele@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Avoid the following sparse __CHECK_ENDIAN__ warnings:
include/net/addrconf.h:318:25: warning: restricted __be64 degrades to integer
include/net/addrconf.h:318:70: warning: restricted __be64 degrades to integer
include/net/addrconf.h:330:25: warning: restricted __be64 degrades to integer
include/net/addrconf.h:330:70: warning: restricted __be64 degrades to integer
include/net/addrconf.h:347:25: warning: restricted __be64 degrades to integer
include/net/addrconf.h:348:26: warning: restricted __be64 degrades to integer
include/net/addrconf.h:349:18: warning: restricted __be64 degrades to integer
The warnings are false but they make it harder to spot real
bugs.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: David S. Miller <davem@davemloft.net>
Commit e504c9098e (kvm, vmx: Fix lazy FPU on nested guest, 2013-11-13)
highlighted a real problem, but the fix was subtly wrong.
nested_read_cr0 is the CR0 as read by L2, but here we want to look at
the CR0 value reflecting L1's setup. In other words, L2 might think
that TS=0 (so nested_read_cr0 has the bit clear); but if L1 is actually
running it with TS=1, we should inject the fault into L1.
The effective value of CR0 in L2 is contained in vmcs12->guest_cr0, use
it.
Fixes: e504c9098e
Reported-by: Kashyap Chamarty <kchamart@redhat.com>
Reported-by: Stefan Bader <stefan.bader@canonical.com>
Tested-by: Kashyap Chamarty <kchamart@redhat.com>
Tested-by: Anthoine Bourgeois <bourgeois@bertin.fr>
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Because those following if conditions will not be matched.
Signed-off-by: Duan Jiong <duanj.fnst@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Steffen Klassert says:
====================
This is the rework of the IPsec virtual tunnel interface
for ipv4 to support inter address family tunneling and
namespace crossing. The only change to the last RFC version
is a compile fix for an odd configuration where CONFIG_XFRM
is set but CONFIG_INET is not set.
1) Add and use a IPsec protocol multiplexer.
2) Add xfrm_tunnel_skb_cb to the skb common buffer
to store a receive callback there.
3) Make vti work with i_key set by not including the i_key
when comupting the hash for the tunnel lookup in case of
vti tunnels.
4) Update ip_vti to use it's own receive hook.
5) Remove xfrm_tunnel_notifier, this is replaced by the IPsec
protocol multiplexer.
6) We need to be protocol family indepenent, so use the on xfrm_lookup
returned dst_entry instead of the ipv4 rtable in vti_tunnel_xmit().
7) Add support for inter address family tunneling.
8) Check if the tunnel endpoints of the xfrm state and the vti interface
are matching and return an error otherwise.
8) Enable namespace crossing tor vti devices.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Steffen Klassert says:
====================
1) Build fix for ip_vti when NET_IP_TUNNEL is not set.
We need this set to have ip_tunnel_get_stats64()
available.
2) Fix a NULL pointer dereference on sub policy usage.
We try to access a xfrm_state from the wrong array.
3) Take xfrm_state_lock in xfrm_migrate_state_find(),
we need it to traverse through the state lists.
4) Clone states properly on migration, otherwise we crash
when we migrate a state with aead algorithm attached.
5) Fix unlink race when between thread context and timer
when policies are deleted.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Luis R. Rodriguez says:
====================
net: start kdoc'ifying net_device
While working on extending some functionality I felt restricted
with the amount of documentation I can add. Part of this is that
the existing style on the header files don't let me be verbose.
This starts addressing that by using kdoc for the net_device
flags, and as Ben noted, the priv_flags can be moved out from
UAPI.
Luis R. Rodriguez (2):
net: kdoc struct net_device flags and priv_flags
net: move net_device priv_flags out from UAPI
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
These are private to userspace, and they're unstable
anyway and can be shuffled at will (see 080e4130b1)
so any userspace application relying on them is on crack.
Test compiled with allyesconfig.
mcgrof@drvbp1 /pub/mem/mcgrof/net-next (git::master)$ make allyesconfig
mcgrof@drvbp1 /pub/mem/mcgrof/net-next (git::master)$ time make -j 20
...
BUILD arch/x86/boot/bzImage
Setup is 16992 bytes (padded to 17408 bytes).
System is 56153 kB
CRC 721d2751
Kernel: arch/x86/boot/bzImage is ready (#1)
real 19m35.744s
user 280m37.984s
sys 27m54.104s
Cc: netdev@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: Ben Hutchings <ben@decadent.org.uk>
Cc: Florian Fainelli <f.fainelli@gmail.com>
Cc: David Miller <davem@davemloft.net>
Signed-off-by: Luis R. Rodriguez <mcgrof@suse.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
We have documentation for these flags but they're scattered
all over the place. #defines don't allow documentation to be
written easily so to help to start bringing some documentation
together use the enums kdoc practice but keep the defines to
allow userspace to be able to #ifdef them.
I've verified the same values are assigned before and after
with a simple userspace test program [0] and checksumming the
output.
[0] http://drvbp1.linux-foundation.org/~mcgrof/kdoc/netdev_flags/
mcgrof@gnat ~/tmp $ ./check-flags | sha1sum
0ec5b6b1840aa3bb9ce464e61c564820871c92c3 -
Cc: netdev@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: Ben Hutchings <ben@decadent.org.uk>
Cc: Florian Fainelli <f.fainelli@gmail.com>
Cc: David Miller <davem@davemloft.net>
Signed-off-by: Luis R. Rodriguez <mcgrof@suse.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
We are trying to finally kill off interruptible_sleep_on_timeout.
the two uses in the nicstar driver can be trivially replaced
with wait_event_interruptible_lock_irq_timeout, which prevents the
wake-up race and is able to check the buffer state with scq->lock
held.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Chas Williams <chas@cmf.nrl.navy.mil>
Signed-off-by: David S. Miller <davem@davemloft.net>
When a VHT network uses 20 or 40 MHz as per the HT operation
information, the channel center frequency segment 0 field in
the VHT operation information is reserved, so ignore it.
This fixes association with such networks when the AP puts 0
into the field, previously we'd disconnect due to an invalid
channel with the message
wlan0: AP VHT information is invalid, disable VHT
Cc: stable@vger.kernel.org
Fixes: f2d9d270c1 ("mac80211: support VHT association")
Reported-by: Tim Nelson <tim.l.nelson@gmail.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Now that we disable audio while setting up the audio
hw, we should be able to set this up without hangs.
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Disable audio around audio hw setup. This may avoid
hangs on certain asics.
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Properly clear the enable bit when audio disable is requested.
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Cc: stable@vger.kernel.org
Need to free the uvd ring. Also reshuffle gart tear down to
happen after uvd tear down.
Signed-off-by: Jérôme Glisse <jglisse@redhat.com>
Cc: stable@vger.kernel.org
Reviewed-by: Christian König <christian.koenig@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Causes display problems. We had already disabled
sharing for non-DP displays.
Based on a patch from:
Niels Ole Salscheider <niels_ole@salscheider-online.de>
bug:
https://bugzilla.kernel.org/show_bug.cgi?id=58121
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
Otherwise we might get a crash here.
Signed-off-by: Christian König <christian.koenig@amd.com>
Cc: stable@vger.kernel.org
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Print the supported functions mask in addition to
the version. This is useful in debugging PX
problems since we can see what functions are available.
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
- Add the new sched_setattr/sched_getattr syscalls to the asm-generic
syscall list, which is used by arc, arm64, c6x, hexagon, metag,
openrisc, score, tile, and unicore32.
- An IRQ affinity bug fix for metag to prevent interrupts being vectored
to offline CPUs when their affinity is changed via /proc/irq/ (thanks
tglx).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iQIcBAABAgAGBQJTDwkFAAoJEKHZs+irPybfR/wP/RP4hhdad9i+Poc86PAj0vGT
6KyNgUifceh9WfQbHom84GvBnhLB66J2Uc4uUX6F+xdUmPUvhhn4Nac39c4exMnf
klWoqcKkm8jb1kGLVuUdlgSssqLudEca/C5ArbOpZfvVwQxFf+WNpyWUNsNlvS/I
M1chio/jyWewVq2K4CmB/ZdoQ8lC7EVKH1FwCuMOsV9h7M32eqvpQgopSiKnKFw1
0o9a775PUvEK9PvEMa16ALShjch72ATFM9cVgFULr9M3BjHCn2H/jaNBzAhBLGSa
+sAcgFBQumLrK1HqyThW7Fm5rXQwMuru3nHYevBFXwLKrVSMjqN+tfCEY4oLGwSz
ywGc0rqNR7AuBzL/dnsjdBNhg30rvMIvWb/F6o/SM2IJNvnQjNJbKA97qdCqOevH
hpyycx/zAbEtX/8hsPHRkCNg9+Ms0wcH9NJ8u5ul24WVAd1rYCcgmHWNdIFpkE9G
fA6qckAye9/3xREi7gA50sl02Dxq4xyYaAfv72lOLEy+MIK/e8xMJL+PuI2eVt+g
J0AsjmuVNuNPK64eohmBBgXsS+7czMTuaHvHOCP6897bipUHAzx//UC347WOar1p
LvbLUpK9T5YGUxfoZ/ZlD8hi9myxKqIFNJnfJRwIhMpkYebFkqOsYRYXuZ6zPtDT
haQisQWsM7eLTMe9qRr+
=fVZo
-----END PGP SIGNATURE-----
Merge tag 'metag-fixes-v3.14' of git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/metag
Pull Metag arch and asm-generic fixes from James Hogan:
- Add the new sched_setattr/sched_getattr syscalls to the asm-generic
syscall list, which is used by arc, arm64, c6x, hexagon, metag,
openrisc, score, tile, and unicore32.
- An IRQ affinity bug fix for metag to prevent interrupts being
vectored to offline CPUs when their affinity is changed via
/proc/irq/ (thanks tglx).
* tag 'metag-fixes-v3.14' of git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/metag:
irq-metag*: stop set_affinity vectoring to offline cpus
asm-generic: add sched_setattr/sched_getattr syscalls
Just a single trivial patch to plug a memory leak in an error path.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAABAgAGBQJTDgK7AAoJEN0jrNd/PrOh6c4P/iBytP1gTlfTjleUO5/2n0vt
ILn6JWPoYx9hP+Zt+rjGqezIHAc60exGyANJOf8T+/BU9moHVHK9uCEzEu0vP8SR
qQyVxhXC55xL/6aHrQWtD47q13PNG989MGC4W/jWkPHbvtxg0YzWAu/Nq12ueZA8
vmkQKLVBG1Z9YQ9u1c4H4cP5XkLCZWTZAnImpcX35Nop74bTtOg+izoWm+3Yrt+K
vHlonTE7DsYdrjDoD+c0b1FjE7F376ywJAh9zEJox0OR+wLOdKCTqA6/qSwuv8dR
l5DLUbbmeTD+gOLEjDYcAw5FDmYDC5KygM7PtS7M+wmaHISHATlTlosmbozukbu/
Xit/IeRYRF+6t1JejO2cMGGZuDJ9uT1rKVl5KqA6mVAlrsYuFK+uzCcXNv6KwNxK
VrUG76KlBmy7ALn3dCBw6+dqFwmxBRUkRjaPByF9nvCAqBNud/uWVvfDGFF+dgo4
j1SKOrRq9N89uwYQpofLsLeVCWqm8QTbUuNLkz6z23xy2hItDYupLn0DRj2ND3ud
qF3QnEGx515ZlShAgkzkGCu6kRXMuUHAIMd7juZVjp5HDJJXK23zktSxflley5yX
Za8nRtIlM716TJxXQuJIjW14BKDmdoBvy/SRuGfa+lywfrgMKwndWHIt9VD5QLYo
xF6gRl4CuZqRuxF8RRbw
=zhst
-----END PGP SIGNATURE-----
Merge tag 'pwm/for-3.14-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/thierry.reding/linux-pwm
Pull pwm fix from Thierry Reding:
"Just a single trivial patch to plug a memory leak in an error path"
* tag 'pwm/for-3.14-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/thierry.reding/linux-pwm:
pwm: lp3943: Fix potential memory leak during request
Pull filesystem fixes from Jan Kara:
"Notification, writeback, udf, quota fixes
The notification patches are (with one exception) a fallout of my
fsnotify rework which went into -rc1 (I've extented LTP to cover these
cornercases to avoid similar breakage in future).
The UDF patch is a nasty data corruption Al has recently reported,
the revert of the writeback patch is due to possibility of violating
sync(2) guarantees, and a quota bug can lead to corruption of quota
files in ocfs2"
* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs:
fsnotify: Allocate overflow events with proper type
fanotify: Handle overflow in case of permission events
fsnotify: Fix detection whether overflow event is queued
Revert "writeback: do not sync data dirtied after sync start"
quota: Fix race between dqput() and dquot_scan_active()
udf: Fix data corruption on file type conversion
inotify: Fix reporting of cookies for inotify events
touch freed memory.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJTDdwqAAoJECmIfjd9wqK0+LUP/35Ds9kdee6XawmaVCFegmgJ
FeW+2yBwwZyHqY77xkjZy2nrl7A9+LSzGnQocQdsHBy2PKtqlrt+ksx2Vz83nk3g
Qtqzzz3uW7iiWSz6vI3PuD1Ye4Z6ebvq5IFeSnInBMTBZUGY+bdX+wWZe/xtuXAh
a67nynajQRXWotg58WRJD0MUXYNbPY3S174NHr3BQV7DMzqtZyOiZmVDd1uIFIbu
5JNyXxCprydey0lFvDef7oVueCk/VD9mQha2ogYizta4NR+gjuTjQWdyTxXvri+A
48gQHEXAWgRR7YBeiOWeUvHquNL4G6im+HoXNwJ93IK19xY5UeGU/MuyPJzhqPNc
ysxdDOi760Vggdc86Yx//+8W5EnSA3q0vnIKRGA+oWeZxR9Y+83Eg87bRFVa9Zdi
TpvdegXzj/ZCwx3AKVAb2NBfrcQP8RucVHw8CsNY7a1WfpKL/k70JWqbGeGkp/iB
LZyQQjOmweUv6h41wOrsvJHNeKKuUi280tP2Eck1KPebfI8kZCpjV3rqaqxdTIYB
5l0+eI2JFD4KIsJr0Xv+QjDwRO+wKXXGUKcsj0FlEzzIK5b7iV7jKRYfYw0VRg/X
ZCtO16nBZ+mmGt6kyEoToOt+YhOoqGL/HglbXUxvjRQL19LwpRbINvN/54f5idGy
J1IXvzLyhkxO8s48QWmD
=J2Up
-----END PGP SIGNATURE-----
Merge tag 'upstream-3.14-rc5' of git://git.infradead.org/linux-ubifs
Pull ubifs fix from Artem Bityutskiy:
"Just a single fix for the UBI module unload path which makes sure we
do not touch freed memory"
* tag 'upstream-3.14-rc5' of git://git.infradead.org/linux-ubifs:
UBI: fix some use after free bugs
The problem occurs when the guest performs a pusha with the stack
address pointing to an mmio address (or an invalid guest physical
address) to start with, but then extending into an ordinary guest
physical address. When doing repeated emulated pushes
emulator_read_write sets mmio_needed to 1 on the first one. On a
later push when the stack points to regular memory,
mmio_nr_fragments is set to 0, but mmio_is_needed is not set to 0.
As a result, KVM exits to userspace, and then returns to
complete_emulated_mmio. In complete_emulated_mmio
vcpu->mmio_cur_fragment is incremented. The termination condition of
vcpu->mmio_cur_fragment == vcpu->mmio_nr_fragments is never achieved.
The code bounces back and fourth to userspace incrementing
mmio_cur_fragment past it's buffer. If the guest does nothing else it
eventually leads to a a crash on a memcpy from invalid memory address.
However if a guest code can cause the vm to be destroyed in another
vcpu with excellent timing, then kvm_clear_async_pf_completion_queue
can be used by the guest to control the data that's pointed to by the
call to cancel_work_item, which can be used to gain execution.
Fixes: f78146b0f9
Signed-off-by: Andrew Honig <ahonig@google.com>
Cc: stable@vger.kernel.org (3.5+)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Commit 1fcf7ce0c6 (arm: kvm: implement CPU PM notifier) added
support for CPU power-management, using a cpu_notifier to re-init
KVM on a CPU that entered CPU idle.
The code assumed that a CPU entering idle would actually be powered
off, loosing its state entierely, and would then need to be
reinitialized. It turns out that this is not always the case, and
some HW performs CPU PM without actually killing the core. In this
case, we try to reinitialize KVM while it is still live. It ends up
badly, as reported by Andre Przywara (using a Calxeda Midway):
[ 3.663897] Kernel panic - not syncing: unexpected prefetch abort in Hyp mode at: 0x685760
[ 3.663897] unexpected data abort in Hyp mode at: 0xc067d150
[ 3.663897] unexpected HVC/SVC trap in Hyp mode at: 0xc0901dd0
The trick here is to detect if we've been through a full re-init or
not by looking at HVBAR (VBAR_EL2 on arm64). This involves
implementing the backend for __hyp_get_vectors in the main KVM HYP
code (rather small), and checking the return value against the
default one when the CPU notifier is called on CPU_PM_EXIT.
Reported-by: Andre Przywara <osp@andrep.de>
Tested-by: Andre Przywara <osp@andrep.de>
Cc: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
Cc: Rob Herring <rob.herring@linaro.org>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The allocated child qdisc is not freed in error conditions.
Defer the allocation after user configuration turns out to be
valid and acceptable.
Fixes: cc106e441a ("net: sched: tbf: fix the calculation of max_size")
Signed-off-by: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com>
Cc: Yang Yingliang <yangyingliang@huawei.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
It was always intended that a user could provide a thin metadata device
that is larger than the max supported by the on-disk format. The extra
space would just go unused.
Unfortunately that never worked. If the user attempted to use a larger
metadata device on creation they would get an error like the following:
device-mapper: space map common: space map too large
device-mapper: transaction manager: couldn't create metadata space map
device-mapper: thin metadata: tm_create_with_sm failed
device-mapper: table: 252:17: thin-pool: Error creating metadata object
device-mapper: ioctl: error adding target to table
Fix this by allowing the initial metadata space map creation to cap its
size at the max number of blocks supported (DM_SM_METADATA_MAX_BLOCKS).
get_metadata_dev_size() must also impose DM_SM_METADATA_MAX_BLOCKS (via
THIN_METADATA_MAX_SECTORS), otherwise extending metadata would cap at
THIN_METADATA_MAX_SECTORS_WARNING (which is larger than supported).
Also, the calculation for THIN_METADATA_MAX_SECTORS didn't account for
the sizeof the disk_bitmap_header. So the supported maximum metadata
size is a bit smaller (reduced from 33423360 to 33292800 sectors).
Lastly, remove the "excess space will not be used" warning message from
get_metadata_dev_size(); it resulted in printing the warning multiple
times. Factor out warn_if_metadata_device_too_big(), call it from
pool_ctr() and maybe_resize_metadata_dev().
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Acked-by: Joe Thornber <ejt@redhat.com>
A few more driver specific bug fixes, all driver specific things that
only affect users of those devices.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJTDyNMAAoJELSic+t+oim9ar0P/2J7YHzqD/gs9SR4ufqr2JK9
yudP5Stt81np6IZwJHJTF3n33RMXTanAdaFr5usJn0Mn8THuMzL6vCOr9zhoEOxu
j3HDvR6rLnVQ9N0Cw9L7uM+goQzbw3N/rAfyUd6UckT1raKCErtLRZvvb7BV9FLX
gu3K3b4w7LtTYqoFPPGpxjTENwNkX5rNWD5egDVnaiL9maAoCUal9HtznDSLu0pa
uo8ggJRXEQYXAQ1rpEvSKwwYrZ2fQ3IxTMi3ucm9KxGvO3xyK/aXt32yp0qH5Poz
v3FWDbXU8DsVYFXlRNrAIiAuMERBCsZQHismp3mt/yn+IOvcJHNVeRSJbIROddRr
TCU7vo/OoBzsN5BJ4McoHtmfJXKaN+xY5yJJ7xczBcYPcfQlIXiXZbSJC8WNFVet
MlNcvqpVzo9BIXwrGDbPofUBiruyOcbXg79QW1xWfR122BNoF2Ut+dKfXsoXfW5Y
oETCw5oMO4dOifLvWp+0q0GXOG0EK1fqiHoHxhU/fksr/WQeJS7bplixXpPZoiqV
PC6RKnFEeMHMdFmPyo7kQ94KVn4uQ/SomL+MQUIi+7+e2iC0vqql2A5kmE9iO+dS
V7KuVgwcQ3QkIHEVeHKwKH3ETsKB7yktqlnqysPgwAf8fNKeokNk7eALsxkeSkt3
b00TyEOk9oRYPlhmpcTd
=GL3V
-----END PGP SIGNATURE-----
Merge tag 'asoc-v3.14-rc4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus
ASoC: Updates for v3.14
A few more driver specific bug fixes, all driver specific things that
only affect users of those devices.
Drew Richardson reported that he could make the kernel go *boom* when hotplugging
while having perf events active.
It turned out that when you have a group event, the code in
__perf_event_exit_context() fails to remove the group siblings from
the context.
We then proceed with destroying and freeing the event, and when you
re-plug the CPU and try and add another event to that CPU, things go
*boom* because you've still got dead entries there.
Reported-by: Drew Richardson <drew.richardson@arm.com>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Cc: Will Deacon <will.deacon@arm.com>
Cc: <stable@vger.kernel.org>
Link: http://lkml.kernel.org/n/tip-k6v5wundvusvcseqj1si0oz0@git.kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Vince "Super Tester" Weaver reported a new round of syscall fuzzing (Trinity) failures,
with perf WARN_ON()s triggering. He also provided traces of the failures.
This is I think the relevant bit:
> pec_1076_warn-2804 [000] d... 147.926153: x86_pmu_disable: x86_pmu_disable
> pec_1076_warn-2804 [000] d... 147.926153: x86_pmu_state: Events: {
> pec_1076_warn-2804 [000] d... 147.926156: x86_pmu_state: 0: state: .R config: ffffffffffffffff ( (null))
> pec_1076_warn-2804 [000] d... 147.926158: x86_pmu_state: 33: state: AR config: 0 (ffff88011ac99800)
> pec_1076_warn-2804 [000] d... 147.926159: x86_pmu_state: }
> pec_1076_warn-2804 [000] d... 147.926160: x86_pmu_state: n_events: 1, n_added: 0, n_txn: 1
> pec_1076_warn-2804 [000] d... 147.926161: x86_pmu_state: Assignment: {
> pec_1076_warn-2804 [000] d... 147.926162: x86_pmu_state: 0->33 tag: 1 config: 0 (ffff88011ac99800)
> pec_1076_warn-2804 [000] d... 147.926163: x86_pmu_state: }
> pec_1076_warn-2804 [000] d... 147.926166: collect_events: Adding event: 1 (ffff880119ec8800)
So we add the insn:p event (fd[23]).
At this point we should have:
n_events = 2, n_added = 1, n_txn = 1
> pec_1076_warn-2804 [000] d... 147.926170: collect_events: Adding event: 0 (ffff8800c9e01800)
> pec_1076_warn-2804 [000] d... 147.926172: collect_events: Adding event: 4 (ffff8800cbab2c00)
We try and add the {BP,cycles,br_insn} group (fd[3], fd[4], fd[15]).
These events are 0:cycles and 4:br_insn, the BP event isn't x86_pmu so
that's not visible.
group_sched_in()
pmu->start_txn() /* nop - BP pmu */
event_sched_in()
event->pmu->add()
So here we should end up with:
0: n_events = 3, n_added = 2, n_txn = 2
4: n_events = 4, n_added = 3, n_txn = 3
But seeing the below state on x86_pmu_enable(), the must have failed,
because the 0 and 4 events aren't there anymore.
Looking at group_sched_in(), since the BP is the leader, its
event_sched_in() must have succeeded, for otherwise we would not have
seen the sibling adds.
But since neither 0 or 4 are in the below state; their event_sched_in()
must have failed; but I don't see why, the complete state: 0,0,1:p,4
fits perfectly fine on a core2.
However, since we try and schedule 4 it means the 0 event must have
succeeded! Therefore the 4 event must have failed, its failure will
have put group_sched_in() into the fail path, which will call:
event_sched_out()
event->pmu->del()
on 0 and the BP event.
Now x86_pmu_del() will reduce n_events; but it will not reduce n_added;
giving what we see below:
n_event = 2, n_added = 2, n_txn = 2
> pec_1076_warn-2804 [000] d... 147.926177: x86_pmu_enable: x86_pmu_enable
> pec_1076_warn-2804 [000] d... 147.926177: x86_pmu_state: Events: {
> pec_1076_warn-2804 [000] d... 147.926179: x86_pmu_state: 0: state: .R config: ffffffffffffffff ( (null))
> pec_1076_warn-2804 [000] d... 147.926181: x86_pmu_state: 33: state: AR config: 0 (ffff88011ac99800)
> pec_1076_warn-2804 [000] d... 147.926182: x86_pmu_state: }
> pec_1076_warn-2804 [000] d... 147.926184: x86_pmu_state: n_events: 2, n_added: 2, n_txn: 2
> pec_1076_warn-2804 [000] d... 147.926184: x86_pmu_state: Assignment: {
> pec_1076_warn-2804 [000] d... 147.926186: x86_pmu_state: 0->33 tag: 1 config: 0 (ffff88011ac99800)
> pec_1076_warn-2804 [000] d... 147.926188: x86_pmu_state: 1->0 tag: 1 config: 1 (ffff880119ec8800)
> pec_1076_warn-2804 [000] d... 147.926188: x86_pmu_state: }
> pec_1076_warn-2804 [000] d... 147.926190: x86_pmu_enable: S0: hwc->idx: 33, hwc->last_cpu: 0, hwc->last_tag: 1 hwc->state: 0
So the problem is that x86_pmu_del(), when called from a
group_sched_in() that fails (for whatever reason), and without x86_pmu
TXN support (because the leader is !x86_pmu), will corrupt the n_added
state.
Reported-and-Tested-by: Vince Weaver <vincent.weaver@maine.edu>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Dave Jones <davej@redhat.com>
Cc: <stable@vger.kernel.org>
Link: http://lkml.kernel.org/r/20140221150312.GF3104@twins.programming.kicks-ass.net
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Kirill Tkhai noted:
Since deadline tasks share rt bandwidth, we must care about
bandwidth timer set. Otherwise rt_time may grow up to infinity
in update_curr_dl(), if there are no other available RT tasks
on top level bandwidth.
RT task were in fact throttled right after they got enqueued,
and never executed again (rt_time never again went below rt_runtime).
Peter then proposed to accrue DL execution on rt_time only when
rt timer is active, and proposed a patch (this patch is a slight
modification of that) to implement that behavior. While this
solves Kirill problem, it has a drawback.
Indeed, Kirill noted again:
It looks we may get into a situation, when all CPU time is shared
between RT and DL tasks:
rt_runtime = n
rt_period = 2n
| RT working, DL sleeping | DL working, RT sleeping |
-----------------------------------------------------------
| (1) duration = n | (2) duration = n | (repeat)
|--------------------------|------------------------------|
| (rt_bw timer is running) | (rt_bw timer is not running) |
No time for fair tasks at all.
While this can happen during the first period, if rq is always backlogged,
RT tasks won't have the opportunity to execute anymore: rt_time reached
rt_runtime during (1), suppose after (2) RT is enqueued back, it gets
throttled since rt timer didn't fire, replenishment is from now on eaten up
by DL tasks that accrue their execution on rt_time (while rt timer is
active - we have an RT task waiting for replenishment). FAIR tasks are
not touched after this first period. Ok, this is not ideal, and the situation
is even worse!
What above (the nice case), practically never happens in reality, where
your rt timer is not aligned to tasks periods, tasks are in general not
periodic, etc.. Long story short, you always risk to overload your system.
This patch is based on Peter's idea, but exploits an additional fact:
if you don't have RT tasks enqueued, it makes little sense to continue
incrementing rt_time once you reached the upper limit (DL tasks have their
own mechanism for throttling).
This cures both problems:
- no matter how many DL instances in the past, you'll have an rt_time
slightly above rt_runtime when an RT task is enqueued, and from that
point on (after the first replenishment), the task will normally execute;
- you can still eat up all bandwidth during the first period, but not
anymore after that, remember that DL execution will increment rt_time
till the upper limit is reached.
The situation is still not perfect! But, we have a simple solution for now,
that limits how much you can jeopardize your system, as we keep working
towards the right answer: RT groups scheduled using deadline servers.
Reported-by: Kirill Tkhai <tkhai@yandex.ru>
Signed-off-by: Juri Lelli <juri.lelli@gmail.com>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Cc: Steven Rostedt <rostedt@goodmis.org>
Link: http://lkml.kernel.org/r/20140225151515.617714e2f2cd6c558531ba61@gmail.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
In deadline class we do not have group scheduling.
So, let's remove unnecessary
X = X;
equations.
Signed-off-by: Kirill Tkhai <ktkhai@parallels.com>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Cc: Juri Lelli <juri.lelli@gmail.com>
Link: http://lkml.kernel.org/r/1393343543.4089.5.camel@tkhai
Signed-off-by: Ingo Molnar <mingo@kernel.org>
dequeue_entity() is called when p->on_rq and sets se->on_rq = 0
which appears to guarentee that the !se->on_rq condition is met.
If the task has done set_current_state(TASK_INTERRUPTIBLE) without
schedule() the second condition will be met and vruntime will be
incorrectly adjusted twice.
In certain cases this can result in the task's vruntime never increasing
past the vruntime of other tasks on the CFS' run queue, starving them of
CPU time.
This patch changes switched_from_fair() to use !p->on_rq instead of
!se->on_rq.
I'm able to cause a task with a priority of 120 to starve all other
tasks with the same priority on an ARM platform running 3.2.51-rt72
PREEMPT RT by writing one character at time to a serial tty (16550 UART)
in a tight loop. I'm also able to verify making this change corrects the
problem on that platform and kernel version.
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Cc: stable@vger.kernel.org
Link: http://lkml.kernel.org/r/1392767811-28916-1-git-send-email-george.mccollister@gmail.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
A somewhat large set of fixes here due to the identification of some
systematic problems with hard to use APIs in the subsystem. Takashi did
a lot of work to address the enumeration API which uncovered a number of
off by one bugs caused by confusing APIs while Charles addressed issues
in the locking around DAPM.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJTCXkuAAoJELSic+t+oim99LEP/3o0MTeminJkA0ks+edRN32I
zlbPd1iv38Rh20J85zJ8lHhZlkDVPpwYVEDziCClfG3QbWiwh18HEreOhi5xswxi
qSIk+4chXvBpdWaopLq+MEZSEqFLaHDeWPifzNs8tjQ2F8+RPZ5aOtmeBrwFQZVR
fJmuJ8KnOvjcH8WGNKIepZENqNIU7NuwMmzB7mHwyANKuan30u9Vx5r7OZBEkA1h
n6vNa48i2HKrdFwajm7Y/o8s5Qrnseiz6NepaO4hTHQhlFhsU9mjCeYvmzhvc1Jv
NAC3x2yUIrff95IwzMQi/jwJHJN+VXIqvsp1MWNm4rOucZ5kxw+dtFmmXtvsedI1
HO1gWPqvsYENs5L4cGbi1An/T7vSWOjsbs/2QwRRqduRHVJxnnoADswoQG2AGhOy
z1uJsebt72eAsoCxrPmaysa4irNwkDLwpFEjTpEGpgWo3j5d+UfEUScc/1B3ia7g
a/Oq9q/Q71ogdKSrMpYc66eK7y1XGF2XZNl4x3g/ZwswibM4aIwBr6ZekpoPPOYq
KT3zEecKJ+lbPxl2rUQgm9ivAuC1XKJoBRLRgHXGtzZI54SFUkFD/dVL6GFfR6bS
V8RHeGqOmoD/w6WpfXC4w9yhfNhJPbOKOaSFUdCyU5D2bgb7AOcwZOXRavXtJwJP
//gsmzui+ikt4scli8a/
=Ty2j
-----END PGP SIGNATURE-----
Merge tag 'asoc-v3.14-rc4' into asoc-linus
ASoC: Fixes for v3.14
A somewhat large set of fixes here due to the identification of some
systematic problems with hard to use APIs in the subsystem. Takashi did
a lot of work to address the enumeration API which uncovered a number of
off by one bugs caused by confusing APIs while Charles addressed issues
in the locking around DAPM.
# gpg: Signature made Sun 23 Feb 2014 13:29:34 KST using RSA key ID 7EA229BD
# gpg: Good signature from "Mark Brown <broonie@sirena.org.uk>"
# gpg: aka "Mark Brown <broonie@debian.org>"
# gpg: aka "Mark Brown <broonie@kernel.org>"
# gpg: aka "Mark Brown <broonie@tardis.ed.ac.uk>"
# gpg: aka "Mark Brown <broonie@linaro.org>"
# gpg: aka "Mark Brown <Mark.Brown@linaro.org>"
A few fixes, all driver speccific ones. The DaVinci ones aren't as
clear as they should be from the subject lines on the commits but they
fix issues which will prevent correct operation in some use cases and
only affect that particular driver so are reasonably safe.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJTBDGxAAoJELSic+t+oim95ZoP/0YCVAn+Eia9ohs6o+8bEQWb
UXj6PxGlwk0z7kPsTLbffCqPlktTlrJPIpL4JPLkWPxUrS8Q/Lc1jSBS/wIfeQXs
u+kjn/RR91p8yLRDaVpgp2adoh18d9YU9hYuCcoDu+gLOCzTdLOXV3IriN67Sp3p
WZIORNKPaRH4uHQdtcY+ajdwduWi5fd4cF56FOS2xnq0dxJ07rFpLmdm6HaKxOB0
J9/F1h+asgdBIYmkg/+Kex1MO0OvcfCUSsYNbybXqesjfdicEHIco4IvegqBYq3F
wwu5K/bJQUx4Ylah3JvNCRDlzMLSTD709hcOZsEoZmrB6cWwakrJAkBXN2N6AHUt
CjzKZ+JLKovjttZ/h86MtvulQwH+T6ouVJ0CUcgNoD+pGlytl30DGB9Cn2j33jKr
ix/LvFF12wES1G8poAHvskuGWONyfefFq7Ri+t+W5blitSUVVYO+5EwZC7BR0GNt
bhoFxeTC2nO7tYkTTzoNEFrU/X+zy4m8dQfkaSDYnaDTtSURlOwa24qmCbI+FSTo
Ti7T/NtyWzDtFbDhxxhVE8HMR1BO9X2+16zAEN4SuWotYXzab7xbh3wjOQtWa5HL
toEBBY3ZQ5VFkCxe35dAXMPVp1ToQh7dTVohGE4wg7yPiorZ44ehNsSTMNaItjh5
/d2rx9Su3+X2R2xY+UqK
=Kgdb
-----END PGP SIGNATURE-----
Merge tag 'asoc-v3.14-rc3' into asoc-linus
ASoC: Fixes for v3.14
A few fixes, all driver speccific ones. The DaVinci ones aren't as
clear as they should be from the subject lines on the commits but they
fix issues which will prevent correct operation in some use cases and
only affect that particular driver so are reasonably safe.
# gpg: Signature made Wed 19 Feb 2014 13:23:13 KST using RSA key ID 7EA229BD
# gpg: Good signature from "Mark Brown <broonie@sirena.org.uk>"
# gpg: aka "Mark Brown <broonie@debian.org>"
# gpg: aka "Mark Brown <broonie@kernel.org>"
# gpg: aka "Mark Brown <broonie@tardis.ed.ac.uk>"
# gpg: aka "Mark Brown <broonie@linaro.org>"
# gpg: aka "Mark Brown <Mark.Brown@linaro.org>"
Only the first packet is currently handled correctly, but then
all others are assumed to have failed which is problematic. Fix
this, marking them all successful instead (since if they're not
then the firmware will have transmitted them as single frames.)
This fixes the lost packet reporting.
Also do a tiny variable scoping cleanup.
Cc: <stable@vger.kernel.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
[Add the dvm part]
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
There is a typo in the Limiter2 Release Rate control, a wrong enum for
Limiter1 is assigned. It must point to Limiter2.
Spotted by a compile warning:
In file included from sound/soc/codecs/sta32x.c:34:0:
sound/soc/codecs/sta32x.c:223:29: warning: ‘sta32x_limiter2_release_rate_enum’ defined but not used [-Wunused-variable]
static SOC_ENUM_SINGLE_DECL(sta32x_limiter2_release_rate_enum,
^
include/sound/soc.h:275:18: note: in definition of macro ‘SOC_ENUM_DOUBLE_DECL’
struct soc_enum name = SOC_ENUM_DOUBLE(xreg, xshift_l, xshift_r, \
^
sound/soc/codecs/sta32x.c:223:8: note: in expansion of macro ‘SOC_ENUM_SINGLE_DECL’
static SOC_ENUM_SINGLE_DECL(sta32x_limiter2_release_rate_enum,
^
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Mark Brown <broonie@linaro.org>
Cc: <stable@vger.kernel.org>
Some APs reject STA association request if a listen interval value exceeds
a threshold of 10. Thus, for example, Cisco APs may deny STA associations
returning status code 12 (Association denied due to reason outside the scope
of 802.11 standard) in the association response frame.
Fixing the issue by setting the default IWL_CONN_MAX_LISTEN_INTERVAL value
from 70 to 10.
Cc: <stable@vger.kernel.org> [3.10+]
Signed-off-by: Max Stepanov <Max.Stepanov@intel.com>
Reviewed-by: Alexander Bondar <alexander.bondar@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
A somewhat large set of fixes here due to the identification of some
systematic problems with hard to use APIs in the subsystem. Takashi did
a lot of work to address the enumeration API which uncovered a number of
off by one bugs caused by confusing APIs while Charles addressed issues
in the locking around DAPM.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJTCXkuAAoJELSic+t+oim99LEP/3o0MTeminJkA0ks+edRN32I
zlbPd1iv38Rh20J85zJ8lHhZlkDVPpwYVEDziCClfG3QbWiwh18HEreOhi5xswxi
qSIk+4chXvBpdWaopLq+MEZSEqFLaHDeWPifzNs8tjQ2F8+RPZ5aOtmeBrwFQZVR
fJmuJ8KnOvjcH8WGNKIepZENqNIU7NuwMmzB7mHwyANKuan30u9Vx5r7OZBEkA1h
n6vNa48i2HKrdFwajm7Y/o8s5Qrnseiz6NepaO4hTHQhlFhsU9mjCeYvmzhvc1Jv
NAC3x2yUIrff95IwzMQi/jwJHJN+VXIqvsp1MWNm4rOucZ5kxw+dtFmmXtvsedI1
HO1gWPqvsYENs5L4cGbi1An/T7vSWOjsbs/2QwRRqduRHVJxnnoADswoQG2AGhOy
z1uJsebt72eAsoCxrPmaysa4irNwkDLwpFEjTpEGpgWo3j5d+UfEUScc/1B3ia7g
a/Oq9q/Q71ogdKSrMpYc66eK7y1XGF2XZNl4x3g/ZwswibM4aIwBr6ZekpoPPOYq
KT3zEecKJ+lbPxl2rUQgm9ivAuC1XKJoBRLRgHXGtzZI54SFUkFD/dVL6GFfR6bS
V8RHeGqOmoD/w6WpfXC4w9yhfNhJPbOKOaSFUdCyU5D2bgb7AOcwZOXRavXtJwJP
//gsmzui+ikt4scli8a/
=Ty2j
-----END PGP SIGNATURE-----
Merge tag 'asoc-v3.14-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus
ASoC: Fixes for v3.14
A somewhat large set of fixes here due to the identification of some
systematic problems with hard to use APIs in the subsystem. Takashi did
a lot of work to address the enumeration API which uncovered a number of
off by one bugs caused by confusing APIs while Charles addressed issues
in the locking around DAPM.
Hans Schillstrom
Duan Jiong
Rafael J. Wysocki
David S. Miller
Yuval Mintz
Bjørn Mork
Paolo Bonzini
Andi Kleen
Lorenzo Colitti
Luis R. Rodriguez
Arnd Bergmann
John W. Linville
Johannes Berg
Alex Deucher
Jerome Glisse
Christian König
Linus Torvalds
Andrew Honig
Marc Zyngier
Hiroaki SHIMODA
Mike Snitzer
Ingo Molnar
Takashi Iwai
Peter Zijlstra
Juri Lelli
Kirill Tkhai
George McCollister
Mark Brown
Max Stepanov