Граф коммитов

505628 Коммитов

Автор SHA1 Сообщение Дата
Wolfram Sang bb82d90e74 char: ipmi: Remove obsolete cleanup for clientdata
A few new i2c-drivers came into the kernel which clear the clientdata-pointer
on exit or error. This is obsolete meanwhile, the core will do it.

Signed-off-by: Wolfram Sang <wsa@the-dreams.de>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2015-02-19 19:54:50 -06:00
Corey Minyard 2fcaf60ca0 ipmi: Remove a FIXME for slab conversion
There can't be more than a few IPMI messages allocated at any one time,
so converting the messages to slabs would be a waste.  So just remove
the FIXME.

Suggested-by: Nicholas Krause <xerofoify@gmail.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
2015-02-19 19:54:50 -06:00
Linus Torvalds 3d883483dc Merge branch 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/evalenti/linux-soc-thermal
Pull more thermal managament updates from Zhang Rui:
 "Specifics:

   - Exynos thermal driver refactoring.  Several cleanups, code
     optimization, unused symbols removal, and unused feature removal in
     Exynos thermal driver.  Thanks Lukasz for this effort.

   - Exynos thermal driver support to OF thermal.  After the code
     refactoring, the driver earned the support to OF thermal.  Chip
     thermal data were moved from driver code to DTS, reducing the code
     footprint.  Thanks Lukasz for this.

   - After receiving the OF thermal support, the exynos thermal driver
     now must allow modular build.  Thanks Arnd for detecting, reporting
     and fixing this.

   - Exynos thermal driver support to Exynos 7 SoC.  Thanks Abhilash for
     this.

   - Accurate temperature reporting on Rockchip thermal driver, thanks
     to Caesar.

   - Fix on how OF thermal enables its zones, thanks Lukasz for fixing.

   - Fixes in OF thermal examples under Documentation/.  Thanks Srinivas
     for fixing"

* 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/evalenti/linux-soc-thermal:
  thermal: exynos: Add TMU support for Exynos7 SoC
  dts: Documentation: Add documentation for Exynos7 SoC thermal bindings
  cpufreq: exynos: allow modular build
  thermal: Fix examples in DT documentation
  thermal: exynos: Correct sanity check at exynos_report_trigger() function
  thermal: Kconfig: Remove config for not used EXYNOS_THERMAL_CORE
  thermal: exynos: Remove exynos_tmu_data.c file
  thermal: rockchip: make temperature reporting much more accurate
  thermal: exynos: Remove exynos_thermal_common.[c|h] files
  thermal: samsung: core: Exynos TMU rework to use device tree for configuration
  dts: Documentation: Update exynos-thermal.txt example for Exynos5440
  dts: Documentation: Extending documentation entry for exynos-thermal
  cpufreq: exynos: Use device tree to determine if cpufreq cooling should be registered
  thermal: exynos: Modify exynos thermal code to use device tree for cpu cooling configuration
  thermal: exynos: Provide thermal_exynos.h file to be included in device tree files
  thermal: exynos: cosmetic: Correct comment format
  thermal: of: Enable thermal_zoneX when sensor is correctly added
2015-02-19 17:51:22 -08:00
Keith Busch 0c0f9b95c8 NVMe: Fix potential corruption on sync commands
This makes all sync commands uninterruptible and schedules without timeout
so the controller either has to post a completion or the timeout recovery
fails the command. This fixes potential memory or data corruption from
a command timing out too early or woken by a signal. Previously any DMA
buffers mapped for that command would have been released even though we
don't know what the controller is planning to do with those addresses.

Signed-off-by: Keith Busch <keith.busch@intel.com>
2015-02-19 16:15:38 -07:00
Keith Busch 4832851840 NVMe: Remove unused variables
We don't track queues in a llist, subscribe to hot-cpu notifications,
or internally retry commands. Delete the unused artifacts.

Signed-off-by: Keith Busch <keith.busch@intel.com>
2015-02-19 16:15:38 -07:00
Keith Busch 9ac16938ab NVMe: Fix scsi mode select llbaa setting
It should be a logical bitwise AND, not conditional.

Signed-off-by: Keith Busch <keith.busch@intel.com>
2015-02-19 16:15:37 -07:00
Keith Busch 07836e659c NVMe: Fix potential corruption during shutdown
The driver has to end unreturned commands at some point even if the
controller has not provided a completion. The driver tried to be safe by
deleting IO queues prior to ending all unreturned commands. That should
cause the controller to internally abort inflight commands, but IO queue
deletion request does not have to be successful, so all bets are off. We
still have to make progress, so to be extra safe, this patch doesn't
clear a queue to release the dma mapping for a command until after the
pci device has been disabled.

This patch removes the special handling during device initialization
so controller recovery can be done all the time. This is possible since
initialization is not inlined with pci probe anymore.

Reported-by: Nilish Choudhury <nilesh.choudhury@oracle.com>
Signed-off-by: Keith Busch <keith.busch@intel.com>
2015-02-19 16:15:37 -07:00
Keith Busch 2e1d844819 NVMe: Asynchronous controller probe
This performs the longest parts of nvme device probe in scheduled work.
This speeds up probe significantly when multiple devices are in use.

Signed-off-by: Keith Busch <keith.busch@intel.com>
2015-02-19 16:15:36 -07:00
Keith Busch b3fffdefab NVMe: Register management handle under nvme class
This creates a new class type for nvme devices to register their
management character devices with. This is so we do not rely on miscdev
to provide enough minors for as many nvme devices some people plan to
use. The previous limit was approximately 60 NVMe controllers, depending
on the platform and kernel. Now the limit is 1M, which ought to be enough
for anybody.

Since we have a new device class, it makes sense to attach the block
devices under this as well, so part of this patch moves the management
handle initialization prior to the namespaces discovery.

Signed-off-by: Keith Busch <keith.busch@intel.com>
2015-02-19 16:15:36 -07:00
Keith Busch 4f1982b4e2 NVMe: Update SCSI Inquiry VPD 83h translation
The original translation created collisions on Inquiry VPD 83 for many
existing devices. Newer specifications provide other ways to translate
based on the device's version can be used to create unique identifiers.

Version 1.1 provides an EUI64 field that uniquely identifies each
namespace, and 1.2 added the longer NGUID field for the same reason.
Both follow the IEEE EUI format and readily translate to the SCSI device
identification EUI designator type 2h. For devices implementing either,
the translation will use this type, defaulting to the EUI64 8-byte type if
implemented then NGUID's 16 byte version if not. If neither are provided,
the 1.0 translation is used, and is updated to use the SCSI String format
to guarantee a unique identifier.

Knowing when to use the new fields depends on the nvme controller's
revision. The NVME_VS macro was not decoding this correctly, so that is
fixed in this patch and moved to a more appropriate place.

Since the Identify Namespace structure required an update for the NGUID
field, this patch adds the remaining new 1.2 fields to the structure.

Signed-off-by: Keith Busch <keith.busch@intel.com>
2015-02-19 16:15:35 -07:00
Keith Busch e1e5e5641e NVMe: Metadata format support
Adds support for NVMe metadata formats and exposes block devices for
all namespaces regardless of their format. Namespace formats that are
unusable will have disk capacity set to 0, but a handle to the block
device is created to simplify device management. A namespace is not
usable when the format requires host interleave block and metadata in
single buffer, has no provisioned storage, or has better data but failed
to register with blk integrity.

The namespace has to be scanned in two phases to support separate
metadata formats. The first establishes the sector size and capacity
prior to invoking add_disk. If metadata is required, the capacity will
be temporarilly set to 0 until it can be revalidated and registered with
the integrity extenstions after add_disk completes.

The driver relies on the integrity extensions to provide the metadata
buffer. NVMe requires this be a single physically contiguous region,
so only one integrity segment is allowed per command. If the metadata
is used for T10 PI, the driver provides mappings to save and restore
the reftag physical block translation. The driver provides no-op
functions for generate and verify if metadata is not used for protection
information. This way the setup is always provided by the block layer.

If a request does not supply a required metadata buffer, the command
is failed with bad address. This could only happen if a user manually
disables verify/generate on such a disk. The only exception to where
this is okay is if the controller is capable of stripping/generating
the metadata, which is possible on some types of formats.

The metadata scatter gather list now occupies the spot in the nvme_iod
that used to be used to link retryable IOD's, but we don't do that
anymore, so the field was unused.

Signed-off-by: Keith Busch <keith.busch@intel.com>
2015-02-19 16:15:35 -07:00
David Vrabel e3a1f6cac1 x86: pte_protnone() and pmd_protnone() must check entry is not present
Since _PAGE_PROTNONE aliases _PAGE_GLOBAL it is only valid if
_PAGE_PRESENT is clear.  Make pte_protnone() and pmd_protnone() check
for this.

This fixes a 64-bit Xen PV guest regression introduced by 8a0516ed8b
("mm: convert p[te|md]_numa users to p[te|md]_protnone_numa").  Any
userspace process would endlessly fault.

In a 64-bit PV guest, userspace page table entries have _PAGE_GLOBAL set
by the hypervisor.  This meant that any fault on a present userspace
entry (e.g., a write to a read-only mapping) would be misinterpreted as
a NUMA hinting fault and the fault would not be correctly handled,
resulting in the access endlessly faulting.

Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Acked-by: Mel Gorman <mgorman@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-02-19 15:04:49 -08:00
Preeti U Murthy 70734a786a cpuidle: powernv: Avoid endianness conversions while parsing DT
We currently read the information about idle states from the DT
so as to populate the cpuidle table. Use those APIs to read from
the DT that can avoid endianness conversions of the property values
in the cpuidle driver.

Signed-off-by: Preeti U Murthy <preeti@linux.vnet.ibm.com>
Acked-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2015-02-19 23:44:38 +01:00
Linus Torvalds 2b9fb532d4 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs updates from Chris Mason:
 "This pull is mostly cleanups and fixes:

   - The raid5/6 cleanups from Zhao Lei fixup some long standing warts
     in the code and add improvements on top of the scrubbing support
     from 3.19.

   - Josef has round one of our ENOSPC fixes coming from large btrfs
     clusters here at FB.

   - Dave Sterba continues a long series of cleanups (thanks Dave), and
     Filipe continues hammering on corner cases in fsync and others

  This all was held up a little trying to track down a use-after-free in
  btrfs raid5/6.  It's not clear yet if this is just made easier to
  trigger with this pull or if its a new bug from the raid5/6 cleanups.
  Dave Sterba is the only one to trigger it so far, but he has a
  consistent way to reproduce, so we'll get it nailed shortly"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (68 commits)
  Btrfs: don't remove extents and xattrs when logging new names
  Btrfs: fix fsync data loss after adding hard link to inode
  Btrfs: fix BUG_ON in btrfs_orphan_add() when delete unused block group
  Btrfs: account for large extents with enospc
  Btrfs: don't set and clear delalloc for O_DIRECT writes
  Btrfs: only adjust outstanding_extents when we do a short write
  btrfs: Fix out-of-space bug
  Btrfs: scrub, fix sleep in atomic context
  Btrfs: fix scheduler warning when syncing log
  Btrfs: Remove unnecessary placeholder in btrfs_err_code
  btrfs: cleanup init for list in free-space-cache
  btrfs: delete chunk allocation attemp when setting block group ro
  btrfs: clear bio reference after submit_one_bio()
  Btrfs: fix scrub race leading to use-after-free
  Btrfs: add missing cleanup on sysfs init failure
  Btrfs: fix race between transaction commit and empty block group removal
  btrfs: add more checks to btrfs_read_sys_array
  btrfs: cleanup, rename a few variables in btrfs_read_sys_array
  btrfs: add checks for sys_chunk_array sizes
  btrfs: more superblock checks, lower bounds on devices and sectorsize/nodesize
  ...
2015-02-19 14:36:00 -08:00
Linus Torvalds 4533f6e27a Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client
Pull Ceph changes from Sage Weil:
 "On the RBD side, there is a conversion to blk-mq from Christoph,
  several long-standing bug fixes from Ilya, and some cleanup from
  Rickard Strandqvist.

  On the CephFS side there is a long list of fixes from Zheng, including
  improved session handling, a few IO path fixes, some dcache management
  correctness fixes, and several blocking while !TASK_RUNNING fixes.

  The core code gets a few cleanups and Chaitanya has added support for
  TCP_NODELAY (which has been used on the server side for ages but we
  somehow missed on the kernel client).

  There is also an update to MAINTAINERS to fix up some email addresses
  and reflect that Ilya and Zheng are doing most of the maintenance for
  RBD and CephFS these days.  Do not be surprised to see a pull request
  come from one of them in the future if I am unavailable for some
  reason"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client: (27 commits)
  MAINTAINERS: update Ceph and RBD maintainers
  libceph: kfree() in put_osd() shouldn't depend on authorizer
  libceph: fix double __remove_osd() problem
  rbd: convert to blk-mq
  ceph: return error for traceless reply race
  ceph: fix dentry leaks
  ceph: re-send requests when MDS enters reconnecting stage
  ceph: show nocephx_require_signatures and notcp_nodelay options
  libceph: tcp_nodelay support
  rbd: do not treat standalone as flatten
  ceph: fix atomic_open snapdir
  ceph: properly mark empty directory as complete
  client: include kernel version in client metadata
  ceph: provide seperate {inode,file}_operations for snapdir
  ceph: fix request time stamp encoding
  ceph: fix reading inline data when i_size > PAGE_SIZE
  ceph: avoid block operation when !TASK_RUNNING (ceph_mdsc_close_sessions)
  ceph: avoid block operation when !TASK_RUNNING (ceph_get_caps)
  ceph: avoid block operation when !TASK_RUNNING (ceph_mdsc_sync)
  rbd: fix error paths in rbd_dev_refresh()
  ...
2015-02-19 14:14:42 -08:00
Steven J. Hill 05f9883a28 MIPS: Usage and cosmetic cleanups of page table bits.
* Clean up white spaces and tabs.
   * Get rid of remaining hardcoded values for calculating
     shifts and masks.
   * Get rid of redundant macro values.
   * Do not use page table bits directly in #ifdef's.

Signed-off-by: Steven J. Hill <Steven.Hill@imgtec.com>
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/9287/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-02-19 22:15:59 +01:00
Linus Torvalds 89d3fa45b4 Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux
Pull thermal managament updates from Zhang Rui:
 "Specifics:

   - Abstract the code and introduce helper functions for all int340x
     thermal drivers.  From: Srinivas Pandruvada.

   - Reorganize the ACPI LPAT table support code so that it can be
     shared for both ACPI PMIC driver and int340x thermal driver.

   - Add support for Braswell in intel_soc_dts thermal driver.

   - a couple of small fixes/cleanups for step_wise governor and int340x
     thermal driver"

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux:
  Thermal/int340x_thermal: remove unused uuids.
  thermal: step_wise: spelling fixes
  thermal: int340x: fix sparse warning
  Thermal/int340x: LPAT conversion for temperature
  ACPI / PMIC: Use common LPAT table handling functions
  ACPI / LPAT: Common table processing functions
  thermal: Intel SoC DTS: Add Braswell support
  Thermal/int340x/int3402: Provide notification support
  Thermal/int340x/processor_thermal: Add thermal zone support
  Thermal/int340x/int3403: Use int340x thermal API
  Thermal/int340x/int3402: Use int340x thermal API
  Thermal/int340x: Add common thermal zone handler
2015-02-19 11:28:36 -08:00
Linus Torvalds 477ea11696 * A fix to sb_edac for proper detection on SNB machines
* A fix to amd64_edac to not explode on Numascale machines with more
 than 16 memory controllers, from Daniel J Blueman.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJU5aSqAAoJEBLB8Bhh3lVKGbgP+gOzBaeBlIa9BcdrohiF2mKz
 UyS/2v/RN/OK0F9u/LUJr15jwZex4TPbE7QPoMF6IvsHQR/5Jh5k4fZUaU8/3sY8
 F6ugd7/I4x2mFrYvcJsK5PUm5ZqdYG6dyQKNAInqQw+/sAdL9i9shXz9SUUJXh98
 Qa2zGSEyJVNIYmTi3rcSy8gxwJR8xdwL56iGmt4HEc/asjziSoIxOCwEVLh6OR9e
 vgLDzOntgS56ymbPiNXHfpEE7IqBkJELCFma6RHer4L4R2fTlJRqk1oahS91tx3X
 /m70IVrLu/v6/aDWMdDzSj9oTm6mZD2IpQEAurrp+kFqzLj7EUOlhnXJF1fsyEJY
 OmDO+/Z72iRfgVv0SlT0AsrDkVvXUOfERBhyKZpd4wxUV2/XUYFqhwVPE86+al8p
 wSuwUJrvKQ4bGdRQYEufZBO7JOUTk8K09iFEzREEYbzvEZPc4ZPMUTXAgOA54x6V
 HOhD6NhPR0RJwg9OgqJndgnF0XTcruh6/LuFO2ioyKCR92hjutwuoYyxVI8jfv1W
 rHB09wdNzv4EIIoH/5BeBNIv3Vtc04n5d6MRWbYHmBWAt6Ib+jBXWVNMoWSrAOIQ
 4MNBgxH5sEhTFKnFOt+/cXZktLVr0G79vii5GaodXKgaTnV59Jm4sV06k5vxHxly
 eee2zEWMoT3M4fhYC3St
 =Zypx
 -----END PGP SIGNATURE-----

Merge tag 'edac_fixes_for_3.20' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp

Pull two EDAC fixes from Borislav Petkov:

 - A fix to sb_edac for proper detection on SNB machines

 - A fix to amd64_edac to not explode on Numascale machines with more
   than 16 memory controllers, from Daniel J Blueman.

* tag 'edac_fixes_for_3.20' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp:
  EDAC, amd64_edac: Prevent OOPS with >16 memory controllers
  sb_edac: Fix detection on SNB machines
2015-02-19 11:18:14 -08:00
Linus Torvalds 6ed3e57fd2 platform-drivers-x86 for 3.20
toshiba_acpi: Add support for missing features from the Windows driver,
               bump the sysfs version, and clean up the driver.
 thinkpad_acpi: BIOS string versions, unhandled hkey events.
 samsung-laptop: Add native backlight quirk, enable better lid handling.
 intel_scu_ipc: Read resources from PCI configuration
 other: Fix sparse warnings, general cleanups.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJU5Xg2AAoJEKbMaAwKp364WaUH/Akf1jrGGaC8czGVsvAz4syV
 jV+4yHA1z/E1sy1LjS7gKxpaYO5j5a6Nv0488kaM/RPZoVPSXgGsrCS/HPjpRJIR
 90PGQuZ3gUWpqt6ICqjs22fHVQ/k0NF7uiLgqOsACnLWAN7ts3GXNs6CLpzlwhQY
 +YXzw3ac1QeB3lSKYxTmRKRZ9qCoHBmONSG/DzyHw8cmXI9LuSd7LCs8BHsg3M1v
 /WYJlLTJRgS5POfPenWoW1GQ0tN9OgC19Hk4dtFMv0U1s6au7z0a8rFqHc0qR18b
 tMkf9/8kaatTrKLlWhxX2/Wyenu8wpVjSYvRrRHsMCJRaWHyQQStd3Lhvw0Kzyg=
 =W5L5
 -----END PGP SIGNATURE-----

Merge tag 'platform-drivers-x86-v3.20-1' of git://git.infradead.org/users/dvhart/linux-platform-drivers-x86

Pull platform driver update from Darren Hart:
 "This includes a significant update to the toshiba_acpi driver,
  bringing it to feature parity with the Windows driver, followed by
  some needed cleanups.

  The other changes are mostly minor updates, quirks, sparse fixes, or
  cleanups.

  Details:

   - toshiba_acpi:
       Add support for missing features from the Windows driver, bump the
       sysfs version, and clean up the driver.

   - thinkpad_acpi:
       BIOS string versions, unhandled hkey events.

   - msamsung-laptop:
       Add native backlight quirk, enable better lid handling.

   - intel_scu_ipc:
       Read resources from PCI configuration

   - other:
       Fix sparse warnings, general cleanups"

* tag 'platform-drivers-x86-v3.20-1' of git://git.infradead.org/users/dvhart/linux-platform-drivers-x86: (34 commits)
  toshiba_acpi: Cleanup GPL header
  toshiba_acpi: Cleanup comment blocks and capitalization
  toshiba_acpi: Make use of DEVICE_ATTR_{RO, RW} macros
  toshiba_acpi: Drop the toshiba_ prefix from sysfs function names
  toshiba_acpi: Move sysfs function and struct declarations further down
  Documentation/ABI: Add file describing the sysfs entries for toshiba_acpi
  toshiba_acpi: Clean file according to coding style
  toshiba_acpi: Bump version number to 0.21
  toshiba_acpi: Add support to enable/disable USB 3
  toshiba_acpi: Add support for Panel Power ON
  toshiba_acpi: Add support for Keyboard functions mode
  toshiba_acpi: Add fan entry to sysfs
  toshiba_acpi: Add version entry to sysfs
  thinkpad_acpi: support new BIOS version string pattern
  thinkpad_acpi: unhandled hkey event
  toshiba_acpi: Make toshiba_eco_mode_available more robust
  classmate-laptop: Fix sparse warning (0 as NULL)
  Sony-laptop: Fix sparse warning (make undeclared var static)
  thinkpad_acpi.c: Fix sparse warning (make undeclared var static)
  samsung-laptop.c: Prefer kstrtoint over single variable sscanf
  ...
2015-02-19 10:56:51 -08:00
Rajaneesh Acharya dd8f30cc05 kgdb, docs: Fix <para> pdfdocs build errors
kgdb.pdf failed to build from 'make pdfdocs' giving errors such as:

jade:... Documentation/DocBook/kgdb.xml:200:8:E:
document type does not allow element "para" here; missing one of
"footnote", "caution", "important", "note", "tip", "warning",
"blockquote", "informalexample" start-tag

Fixing minor <para> and <sect> issues allows kgdb.pdf to be generated
under Fedora20.

Originally submitted by rajaneesh.acharya@yahoo.com in 2011, discussed here:
http://permalink.gmane.org/gmane.linux.documentation/3954
as patch:
 The following are the enhancements that removed the errors
 while issuing "make pdfdocs"

[graham.whaley@intel.com: Improved commit message and ported to 3.18.1]
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
2015-02-19 12:39:04 -06:00
Colin Cross 5516fd7b92 debug: prevent entering debug mode on panic/exception.
On non-developer devices, kgdb prevents the device from rebooting
after a panic.

Incase of panics and exceptions, to allow the device to reboot, prevent
entering debug mode to avoid getting stuck waiting for the user to
interact with debugger.

To avoid entering the debugger on panic/exception without any extra
configuration, panic_timeout is being used which can be set via
/proc/sys/kernel/panic at run time and CONFIG_PANIC_TIMEOUT sets the
default value.

Setting panic_timeout indicates that the user requested machine to
perform unattended reboot after panic. We dont want to get stuck waiting
for the user input incase of panic.

Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: kgdb-bugreport@lists.sourceforge.net
Cc: linux-kernel@vger.kernel.org
Cc: Android Kernel Team <kernel-team@android.com>
Cc: John Stultz <john.stultz@linaro.org>
Cc: Sumit Semwal <sumit.semwal@linaro.org>
Signed-off-by: Colin Cross <ccross@android.com>
[Kiran: Added context to commit message.
panic_timeout is used instead of break_on_panic and
break_on_exception to honor CONFIG_PANIC_TIMEOUT
Modified the commit as per community feedback]
Signed-off-by: Kiran Raparthy <kiran.kumar@linaro.org>
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
2015-02-19 12:39:03 -06:00
Daniel Thompson 32d375f6f2 kdb: Const qualifier for kdb_getstr's prompt argument
All current callers of kdb_getstr() can pass constant pointers via the
prompt argument. This patch adds a const qualification to make explicit
the fact that this is safe.

Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
2015-02-19 12:39:03 -06:00
Daniel Thompson fb6daa7520 kdb: Provide forward search at more prompt
Currently kdb allows the output of comamnds to be filtered using the
| grep feature. This is useful but does not permit the output emitted
shortly after a string match to be examined without wading through the
entire unfiltered output of the command. Such a feature is particularly
useful to navigate function traces because these traces often have a
useful trigger string *before* the point of interest.

This patch reuses the existing filtering logic to introduce a simple
forward search to kdb that can be triggered from the more prompt.

Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
2015-02-19 12:39:03 -06:00
Daniel Thompson ab08e464a2 kdb: Fix a prompt management bug when using | grep
Currently when the "| grep" feature is used to filter the output of a
command then the prompt is not displayed for the subsequent command.
Likewise any characters typed by the user are also not echoed to the
display. This rather disconcerting problem eventually corrects itself
when the user presses Enter and the kdb_grepping_flag is cleared as
kdb_parse() tries to make sense of whatever they typed.

This patch resolves the problem by moving the clearing of this flag
from the middle of command processing to the beginning.

Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
2015-02-19 12:39:03 -06:00
Daniel Thompson 5454388113 kdb: Remove stack dump when entering kgdb due to NMI
Issuing a stack dump feels ergonomically wrong when entering due to NMI.

Entering due to NMI is normally a reaction to a user request, either the
NMI button on a server or a "magic knock" on a UART. Therefore the
backtrace behaviour on entry due to NMI should be like SysRq-g (no stack
dump) rather than like oops.

Note also that the stack dump does not offer any information that
cannot be trivial retrieved using the 'bt' command.

Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
2015-02-19 12:39:02 -06:00
Daniel Thompson f7d4ca8bbf kdb: Avoid printing KERN_ levels to consoles
Currently when kdb traps printk messages then the raw log level prefix
(consisting of '\001' followed by a numeral) does not get stripped off
before the message is issued to the various I/O handlers supported by
kdb. This causes annoying visual noise as well as causing problems
grepping for ^. It is also a change of behaviour compared to normal usage
of printk() usage. For example <SysRq>-h ends up with different output to
that of kdb's "sr h".

This patch addresses the problem by stripping log levels from messages
before they are issued to the I/O handlers. printk() which can also
act as an i/o handler in some cases is special cased; if the caller
provided a log level then the prefix will be preserved when sent to
printk().

The addition of non-printable characters to the output of kdb commands is a
regression, albeit and extremely elderly one, introduced by commit
04d2c8c83d ("printk: convert the format for KERN_<LEVEL> to a 2 byte
pattern"). Note also that this patch does *not* restore the original
behaviour from v3.5. Instead it makes printk() from within a kdb command
display the message without any prefix (i.e. like printk() normally does).

Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Cc: Joe Perches <joe@perches.com>
Cc: stable@vger.kernel.org
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
2015-02-19 12:39:02 -06:00
Jason Wessel df0036d117 kdb: Fix off by one error in kdb_cpu()
There was a follow on replacement patch against the prior
"kgdb: Timeout if secondary CPUs ignore the roundup".

See: https://lkml.org/lkml/2015/1/7/442

This patch is the delta vs the patch that was committed upstream:
  * Fix an off-by-one error in kdb_cpu().
  * Replace NR_CPUS with CONFIG_NR_CPUS to tell checkpatch that we
    really want a static limit.
  * Removed the "KGDB: " prefix from the pr_crit() in debug_core.c
    (kgdb-next contains a patch which introduced pr_fmt() to this file
    to the tag will now be applied automatically).

Cc: Daniel Thompson <daniel.thompson@linaro.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
2015-02-19 12:39:02 -06:00
Jay Lan 1467559232 kdb: fix incorrect counts in KDB summary command output
The output of KDB 'summary' command should report MemTotal, MemFree
and Buffers output in kB. Current codes report in unit of pages.

A define of K(x) as
is defined in the code, but not used.

This patch would apply the define to convert the values to kB.
Please include me on Cc on replies. I do not subscribe to linux-kernel.

Signed-off-by: Jay Lan <jlan@sgi.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
2015-02-19 12:39:02 -06:00
Linus Torvalds b11a278397 Merge branch 'kconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild
Pull kconfig updates from Michal Marek:
 "Yann E Morin was supposed to take over kconfig maintainership, but
  this hasn't happened.  So I'm sending a few kconfig patches that I
  collected:

   - Fix for missing va_end in kconfig
   - merge_config.sh displays used if given too few arguments
   - s/boolean/bool/ in Kconfig files for consistency, with the plan to
     only support bool in the future"

* 'kconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
  kconfig: use va_end to match corresponding va_start
  merge_config.sh: Display usage if given too few arguments
  kconfig: use bool instead of boolean for type definition attributes
2015-02-19 10:36:45 -08:00
Linus Torvalds 7734334337 Merge branch 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild
Pull misc kbuild changes from Michal Marek:
 "Just a few non-critical kbuild changes:

   - builddeb adds the actual distribution name in the changelog
   - documentation fixes"

* 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
  kbuild: trivial - fix the help doc of CONFIG_CC_OPTIMIZE_FOR_SIZE
  kbuild: Update documentation of clean-files and clean-dirs
  builddeb: Try to determine distribution
  builddeb: Update year and git repository URL in debian/copyright
2015-02-19 10:31:37 -08:00
Sage Weil 0f5417cea6 MAINTAINERS: update Ceph and RBD maintainers
- add Ilya, drop Yehuda as an RBD maintainer
- add Zheng as a Ceph maintainer
- update Yehuda and Sage's emails

Signed-off-by: Sage Weil <sage@redhat.com>
2015-02-19 10:11:20 -08:00
Linus Torvalds 27a22ee4c7 Merge branch 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild
Pull kbuild updates from Michal Marek:

 - several cleanups in kbuild

 - serialize multiple *config targets so that 'make defconfig kvmconfig'
   works

 - The cc-ifversion macro got support for an else-branch

* 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
  kbuild,gcov: simplify kernel/gcov/Makefile more
  kbuild: allow cc-ifversion to have the argument for false condition
  kbuild,gcov: simplify kernel/gcov/Makefile
  kbuild,gcov: remove unnecessary workaround
  kbuild: do not add $(call ...) to invoke cc-version or cc-fullversion
  kbuild: fix cc-ifversion macro
  kbuild: drop $(version_h) from MRPROPER_FILES
  kbuild: use mixed-targets when two or more config targets are given
  kbuild: remove redundant line from bounds.h/asm-offsets.h
  kbuild: merge bounds.h and asm-offsets.h rules
  kbuild: Drop support for clean-rule
2015-02-19 10:07:08 -08:00
Martin Schwidefsky 61b0b01686 s390/spinlock: disabled compare-and-delay by default
Until we have hard performance data about the effects of CAD in the
spinlock loop disable the instruction by default.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2015-02-19 18:05:38 +01:00
Wolfram Sang b4ad0510f5 i2c: designware-baytrail: another fixup for proper Kconfig dependencies
IOSF_MBI is tristate. Baytrail driver isn't.

Reported-by: Randy Dunlap <rdunlap@infradead.org>
Acked-by: David E. Box <david.e.box@linux.intel.com>
Signed-off-by: Wolfram Sang <wsa@the-dreams.de>
2015-02-19 17:02:59 +01:00
Baruch Siach 8421d4fe8e i2c: fix reference to functionality constants definition
Since commit 607ca46e97 ('UAPI: (Scripted) Disintegrate include/linux') the
list of functionality constants moved to include/uapi/linux/i2c.h. Update the
reference accordingly.

Fixes: 607ca46e97 ('UAPI: (Scripted) Disintegrate include/linux')
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Wolfram Sang <wsa@the-dreams.de>
2015-02-19 16:57:48 +01:00
Ralf Baechle 661af35e5f Merge branch 'mipsr6-for-3.20' of git://git.linux-mips.org/pub/scm/mchandras/linux into mips-for-linux-next 2015-02-19 16:00:34 +01:00
James Hogan ca5d25642e MIPS: Export MSA functions used by lose_fpu(1) for KVM
Export the _save_msa asm function used by the lose_fpu(1) macro to GPL
modules so that KVM can make use of it when it is built as a module.

This fixes the following build error when CONFIG_KVM=m and
CONFIG_CPU_HAS_MSA=y due to commit f798217dfd ("KVM: MIPS: Don't leak
FPU/DSP to guest"):

ERROR: "_save_msa" [arch/mips/kvm/kvm.ko] undefined!

Fixes: f798217dfd (KVM: MIPS: Don't leak FPU/DSP to guest)
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Paul Burton <paul.burton@imgtec.com>
Cc: Gleb Natapov <gleb@kernel.org>
Cc: kvm@vger.kernel.org
Cc: linux-mips@linux-mips.org
Cc: <stable@vger.kernel.org> # 3.15+
Patchwork: https://patchwork.linux-mips.org/patch/9261/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-02-19 15:59:44 +01:00
James Hogan 3ce465e04b MIPS: Export FP functions used by lose_fpu(1) for KVM
Export the _save_fp asm function used by the lose_fpu(1) macro to GPL
modules so that KVM can make use of it when it is built as a module.

This fixes the following build error when CONFIG_KVM=m due to commit
f798217dfd ("KVM: MIPS: Don't leak FPU/DSP to guest"):

ERROR: "_save_fp" [arch/mips/kvm/kvm.ko] undefined!

Signed-off-by: James Hogan <james.hogan@imgtec.com>
Fixes: f798217dfd (KVM: MIPS: Don't leak FPU/DSP to guest)
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Paul Burton <paul.burton@imgtec.com>
Cc: Gleb Natapov <gleb@kernel.org>
Cc: kvm@vger.kernel.org
Cc: linux-mips@linux-mips.org
Cc: <stable@vger.kernel.org> # 3.10+
Patchwork: https://patchwork.linux-mips.org/patch/9260/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-02-19 15:58:51 +01:00
Kevin Cernekee 0e16d1e340 MIPS: BCM3384: Fix outdated use of mips_cpu_intc_init()
This function was renamed to mips_cpu_irq_of_init(), so fix it to avoid
a compile error.

Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
Cc: f.fainelli@gmail.com
Cc: jaedon.shin@gmail.com
Cc: abrestic@chromium.org
Cc: tglx@linutronix.de
Cc: jason@lakedaemon.net
Cc: jogo@openwrt.org
Cc: arnd@arndb.de
Cc: computersforpeace@gmail.com
Cc: linux-mips@linux-mips.org
Cc: devicetree@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Patchwork: https://patchwork.linux-mips.org/patch/8834/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-02-19 13:47:55 +01:00
Petr Malat 8cb48fe169 MIPS: Provide correct siginfo_t.si_stime
Provide correct siginfo_t.si_stime on MIPS64

Bug description:
MIPS version of copy_siginfo() is not aware of alignment on platforms with
64-bit long integers, which leads to an incorrect si_stime passed to signal
handlers, because the last element (si_stime) of _sifields._sigchld is not
copied. If _MIPS_SZLONG is 64, then the _sifields starts at the offset of
4 * sizeof(int).

Patch description:
Use the generic copy_siginfo, which doesn't have this problem.

Signed-off-by: Petr Malat <oss@malat.biz>
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/8671/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-02-19 13:47:46 +01:00
Markos Chandras 32098ec7bc MIPS: Makefile: Move the ASEs checks after setting the core's CFLAGS
We need to check the ASEs support against the core's CFLAGS instead
of depending to the default -march option from the toolchain.

Signed-off-by: Markos Chandras <markos.chandras@imgtec.com>
Cc: Maciej W. Rozycki <macro@linux-mips.org>
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/9180/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-02-19 13:47:32 +01:00
Ralf Baechle a8140f36af MIPS: Makefile: Pass -march option on Loongson3A cores
The loongson 3A cores do not select a suitable -march option so the build
system uses the default one from the toolchain. This may or may not be
suitable for a loongson 3A build. In order to avoid that, we explicitly set
a suitable -march option for that core.  Furthermore, some very old
compilers don't support -march= at all and there is the possibility of
toolchain combinations such as GCC 4.9 and binutils 2.24 for which
-march=loongson3a will result in MIPS64 R2 code being generated but then
rejected by GAS.  So treat the Longsoon 3A as an R2 CPU.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-02-19 13:47:20 +01:00
Ingo Molnar 1fbe23e0de * Two fixes hardening microcode data handling. (Quentin Casasnovas)
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJU5cyVAAoJEBLB8Bhh3lVKJWEP/1eK+XyiVdxV7FRuPmmgjGUC
 mD6MypFCwc942orTdltm9vlRFTU6OE1AkfEVX3NKawy+lzt/mE+TbWzwx+mr26un
 pqyKgSGGKqACDBADgUiVxubXffhAx9Ke5obScZoFA/Yp+l7os8wkwr6AMjwU+XgU
 FMGKWra0yeZsfCSkQgQ+q+RjQe2TOjh3YYVcwpPRaU6jkJ3CR+MNQ2tVmJnEVMAq
 Q3xEce8mMN+xpuyTlCyvpSIid8M9klAeXb5kjqfffJGSBmtVJ+nn3mDV1a0ejeYQ
 aA6X6SBwpIBPPjhwJrsgUcGC0GeF4X0TKjg1F6ZEW0lN9/mipiM+t3OEgxcBH0G7
 SOAUtQTRDasj0bJd5qKOhAWWmFoXjSc61XiMYUreOWDPoaje76oql+iN1auZsRSh
 RS6KCwYgdqQYscN05L/l4iHgJXeGUTm45BJ6rJb1wEJ9OldO5yK4O42Tn0IZyQ4g
 w10poQY4jkjPnHVUWvk5IQpu7AcBiZtov201a89QpRyPGFoGgOOu7n5y0nDLxuvK
 m3L8LrEve8xO8xdqyidQKE3KGLnDcuuTx9XscbEGtoNWQ8oGIYuYW9DvKzCK/kmU
 u24tx65tygcQ6NJoUW/S3mIwnlyM1egqziXjpzmfR2TvGraqNCkIkocYyf1etVjh
 c0Mem02eJTvarxEpvHAa
 =qoLG
 -----END PGP SIGNATURE-----

Merge tag 'microcode_fixes_for-3.21' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp into x86/urgent

Pull microcode fixes from Borislav Petkov:

  - Two fixes hardening microcode data handling. (Quentin Casasnovas)

Signed-off-by: Ingo Molnar <mingo@kernel.org>
2015-02-19 13:32:42 +01:00
Quentin Casasnovas 35a9ff4eec x86/microcode/intel: Handle truncated microcode images more robustly
We do not check the input data bounds containing the microcode before
copying a struct microcode_intel_header from it. A specially crafted
microcode could cause the kernel to read invalid memory and lead to a
denial-of-service.

Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Link: http://lkml.kernel.org/r/1422964824-22056-3-git-send-email-quentin.casasnovas@oracle.com
[ Made error message differ from the next one and flipped comparison. ]
Signed-off-by: Borislav Petkov <bp@suse.de>
2015-02-19 12:42:23 +01:00
Quentin Casasnovas f84598bd7c x86/microcode/intel: Guard against stack overflow in the loader
mc_saved_tmp is a static array allocated on the stack, we need to make
sure mc_saved_count stays within its bounds, otherwise we're overflowing
the stack in _save_mc(). A specially crafted microcode header could lead
to a kernel crash or potentially kernel execution.

Signed-off-by: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Link: http://lkml.kernel.org/r/1422964824-22056-1-git-send-email-quentin.casasnovas@oracle.com
Signed-off-by: Borislav Petkov <bp@suse.de>
2015-02-19 12:41:37 +01:00
Ingo Molnar a267b0a349 Merge branch 'tip-x86-kaslr' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp into x86/urgent
Pull ASLR and kASLR fixes from Borislav Petkov:

  - Add a global flag announcing KASLR state so that relevant code can do
    informed decisions based on its setting. (Jiri Kosina)

  - Fix a stack randomization entropy decrease bug. (Hector Marco-Gisbert)

Signed-off-by: Ingo Molnar <mingo@kernel.org>
2015-02-19 12:31:34 +01:00
Ilya Dryomov b28ec2f37e libceph: kfree() in put_osd() shouldn't depend on authorizer
a255651d4c ("ceph: ensure auth ops are defined before use") made
kfree() in put_osd() conditional on the authorizer.  A mechanical
mistake most likely - fix it.

Cc: Alex Elder <elder@linaro.org>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Reviewed-by: Alex Elder <elder@linaro.org>
2015-02-19 14:27:51 +03:00
Ilya Dryomov 7eb71e0351 libceph: fix double __remove_osd() problem
It turns out it's possible to get __remove_osd() called twice on the
same OSD.  That doesn't sit well with rb_erase() - depending on the
shape of the tree we can get a NULL dereference, a soft lockup or
a random crash at some point in the future as we end up touching freed
memory.  One scenario that I was able to reproduce is as follows:

            <osd3 is idle, on the osd lru list>
<con reset - osd3>
con_fault_finish()
  osd_reset()
                              <osdmap - osd3 down>
                              ceph_osdc_handle_map()
                                <takes map_sem>
                                kick_requests()
                                  <takes request_mutex>
                                  reset_changed_osds()
                                    __reset_osd()
                                      __remove_osd()
                                  <releases request_mutex>
                                <releases map_sem>
    <takes map_sem>
    <takes request_mutex>
    __kick_osd_requests()
      __reset_osd()
        __remove_osd() <-- !!!

A case can be made that osd refcounting is imperfect and reworking it
would be a proper resolution, but for now Sage and I decided to fix
this by adding a safe guard around __remove_osd().

Fixes: http://tracker.ceph.com/issues/8087

Cc: Sage Weil <sage@redhat.com>
Cc: stable@vger.kernel.org # 3.9+: 7c6e6fc53e73: libceph: assert both regular and lingering lists in __remove_osd()
Cc: stable@vger.kernel.org # 3.9+: cc9f1f518cec: libceph: change from BUG to WARN for __remove_osd() asserts
Cc: stable@vger.kernel.org # 3.9+
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Reviewed-by: Alex Elder <elder@linaro.org>
2015-02-19 14:27:50 +03:00
Christoph Hellwig 7ad18afad0 rbd: convert to blk-mq
This converts the rbd driver to use the blk-mq infrastructure.  Except
for switching to a per-request work item this is almost mechanical.

This was tested by Alexandre DERUMIER in November, and found to give
him 120000 iops, although the only comparism available was an old
3.10 kernel which gave 80000iops.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Alex Elder <elder@linaro.org>
[idryomov@gmail.com: context, blk_mq_init_queue() EH]
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
2015-02-19 14:27:42 +03:00
Hector Marco-Gisbert 4e7c22d447 x86, mm/ASLR: Fix stack randomization on 64-bit systems
The issue is that the stack for processes is not properly randomized on
64 bit architectures due to an integer overflow.

The affected function is randomize_stack_top() in file
"fs/binfmt_elf.c":

  static unsigned long randomize_stack_top(unsigned long stack_top)
  {
           unsigned int random_variable = 0;

           if ((current->flags & PF_RANDOMIZE) &&
                   !(current->personality & ADDR_NO_RANDOMIZE)) {
                   random_variable = get_random_int() & STACK_RND_MASK;
                   random_variable <<= PAGE_SHIFT;
           }
           return PAGE_ALIGN(stack_top) + random_variable;
           return PAGE_ALIGN(stack_top) - random_variable;
  }

Note that, it declares the "random_variable" variable as "unsigned int".
Since the result of the shifting operation between STACK_RND_MASK (which
is 0x3fffff on x86_64, 22 bits) and PAGE_SHIFT (which is 12 on x86_64):

	  random_variable <<= PAGE_SHIFT;

then the two leftmost bits are dropped when storing the result in the
"random_variable". This variable shall be at least 34 bits long to hold
the (22+12) result.

These two dropped bits have an impact on the entropy of process stack.
Concretely, the total stack entropy is reduced by four: from 2^28 to
2^30 (One fourth of expected entropy).

This patch restores back the entropy by correcting the types involved
in the operations in the functions randomize_stack_top() and
stack_maxrandom_size().

The successful fix can be tested with:

  $ for i in `seq 1 10`; do cat /proc/self/maps | grep stack; done
  7ffeda566000-7ffeda587000 rw-p 00000000 00:00 0                          [stack]
  7fff5a332000-7fff5a353000 rw-p 00000000 00:00 0                          [stack]
  7ffcdb7a1000-7ffcdb7c2000 rw-p 00000000 00:00 0                          [stack]
  7ffd5e2c4000-7ffd5e2e5000 rw-p 00000000 00:00 0                          [stack]
  ...

Once corrected, the leading bytes should be between 7ffc and 7fff,
rather than always being 7fff.

Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
Signed-off-by: Ismael Ripoll <iripoll@upv.es>
[ Rebased, fixed 80 char bugs, cleaned up commit message, added test example and CVE ]
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: <stable@vger.kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Fixes: CVE-2015-1593
Link: http://lkml.kernel.org/r/20150214173350.GA18393@www.outflux.net
Signed-off-by: Borislav Petkov <bp@suse.de>
2015-02-19 12:21:36 +01:00