- 24 Mar, 2010 8 commits
-
-
Martin Schwidefsky authored
Fix two bugs with the kernel image compression: 1) reset the bss section of the compressed vmlinux 2) clear the high half of the registers for 64 bit early enough for the decompression step Signed-off-by:Martin Schwidefsky <schwidefsky@de.ibm.com>
-
Hans-Joachim Picht authored
This patch now allows the use of the proc interface to either activate or deactivate call home on panic. e.g. echo 1 > /proc/sys/kernel/callhome strict_strtoul() requires _either_'\n\0' _or_ '\0' termination. This was missing and therefore the interface did not recognise valid input. Signed-off-by:
Hans-Joachim Picht <hans@linux.vnet.ibm.com> Signed-off-by:
-
Heiko Carstens authored
Avoid 64 bit division to fix this compile error on 32 bit: drivers/s390/char/sclp_cmd.c:711: undefined reference to `__udivdi3' Also move the whole arch_get_memory_phys_device function to the memory hotplug related functions. Signed-off-by:
Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by:
-
Stefan Haberland authored
Check tsb validity before the tcw_get_tsb function is called. Signed-off-by:
Stefan Haberland <stefan.haberland@de.ibm.com> Signed-off-by:
-
Stefan Weinhuber authored
All TCWs need to be aligned on a 64 byte boundary or the I/O will be rejected. For recovery requests we create fresh TCWs, so we need to do the proper alignment here as well. Signed-off-by:
Stefan Weinhuber <wein@de.ibm.com> Signed-off-by:
-
Christian Borntraeger authored
commit 02491447 "memcg: move charges of anonymous swap" revealed that the 1 byte and 2 byte cmpxchg is currently broken: arch/s390/include/asm/system.h: Assembler messages: arch/s390/include/asm/system.h:241: Error: junk at end of line: `(%r5)' make[1]: *** [mm/page_cgroup.o] Error 1 make[1]: *** Waiting for unfinished jobs.... It turned out that commit 987bcdac ([S390] use inline assembly contraints available with gcc 3.3.3) broke the inline assembly. The or operands are now in constraint 3 and 4 instead of 2 and 3. Signed-off-by:
Christian Borntraeger <borntraeger@de.ibm.com> Signed-off-by:
-
Heiko Carstens authored
The intermediate lowcore for CONFIG_SMP is allocated using a call to __alloc_bootmem() with a goal of 0. That however doesn't guarantee that the allocated piece of memory is below 2GB. Instead we should call __alloc_bootmem_low(). Signed-off-by:
-
Michael Holzheu authored
To save the registers for all CPUs a sigp "store status" is done that stores the registers to address absolute zero. To access storage at absolute zero, normally the address of the prefix register of the accessing CPU has to be used. This does not work when large pages are active (currently only under LPAR). In order to fix that problem, instead of memcpy memcpy_real is used, which switches to real mode where prefixing works. Signed-off-by:
Michael Holzheu <holzheu@linux.vnet.ibm.com> Signed-off-by:
-
- 22 Mar, 2010 16 commits
-
-
Linus Torvalds authored
Commit 45575f5a ("ppc64 sys_ipc breakage in 2.6.34-rc2") fixed the definition of the sys_ipc() helper, but didn't fix the prototype in <linux/syscalls.h> Reported-and-tested-by:
Andreas Schwab <schwab@linux-m68k.org> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhostLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost: virtio: console: Check if port is valid in resize_console virtio: console: Generate a kobject CHANGE event on adding 'name' attribute
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (38 commits) ip_gre: include route header_len in max_headroom calculation if_tunnel.h: add missing ams/byteorder.h include ipv4: Don't drop redirected route cache entry unless PTMU actually expired net: suppress lockdep-RCU false positive in FIB trie. Bluetooth: Fix kernel crash on L2CAP stress tests Bluetooth: Convert debug files to actually use debugfs instead of sysfs Bluetooth: Fix potential bad memory access with sysfs files netfilter: ctnetlink: fix reliable event delivery if message building fails netlink: fix NETLINK_RECV_NO_ENOBUFS in netlink_set_err() NET_DMA: free skbs periodically netlink: fix unaligned access in nla_get_be64() tcp: Fix tcp_mark_head_lost() with packets == 0 net: ipmr/ip6mr: fix potential out-of-bounds vif_table access KS8695: update ksp->next_rx_desc_read at the end of rx loop igb: Add support for 82576 ET2 Quad Port Server Adapter ixgbevf: Message formatting cleanups ixgbevf: Shorten up delay timer for watchdog task ixgbevf: Fix VF Stats accounting after reset ixgbe: Set IXGBE_RSC_CB(skb)->DMA field to zero after unmapping the address ixgbe: fix for real_num_tx_queues update issue ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/bp/bpLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp: edac, mce: Filter out invalid values
-
Tetsuo Handa authored
alloc_skb() can return NULL. Signed-off-by:
Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by:
David Howells <dhowells@redhat.com> Signed-off-by:
-
Dan Carpenter authored
It seems clear from the surrounding code that xpermits is allowed to be NULL here. Signed-off-by:
Dan Carpenter <error27@gmail.com> Signed-off-by:
-
Anton Blanchard authored
I chased down a fail on ppc64 on 2.6.34-rc2 where an application that uses shared memory was getting a SEGV. Commit baed7fc9 ("Add generic sys_ipc wrapper") changed the second argument from an unsigned long to an int. When we call shmget the system call wrappers for sys_ipc will sign extend second (ie the size) which truncates it. It took a while to track down because the call succeeds and strace shows the untruncated size :) The patch below changes second from an int to an unsigned long which fixes shmget on ppc64 (and I assume s390, sparc64 and mips64). Signed-off-by:
Anton Blanchard <anton@samba.org> -- I assume the function prototypes for the other IPC methods would cause us to sign or zero extend second where appropriate (avoiding any security issues). Come to think of it, the syscall wrappers for each method should do that for us as well. Signed-off-by:
-
Rafael J. Wysocki authored
Commit 3f6da390 (perf: Rework and fix the arch CPU-hotplug hooks) broke suspend to RAM on my HP nx6325 (and most likely on other AMD-based boxes too) by allowing amd_pmu_cpu_offline() to be executed for CPUs that are going offline as part of the suspend process. The problem is that cpuhw->amd_nb may be NULL already, so the function should make sure it's not NULL before accessing the object pointed to by it. Signed-off-by:
Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by:
-
Borislav Petkov authored
Print the CPU associated with the error only when the field is valid. Cc: <stable@kernel.org> # .32.x .33.x Signed-off-by:Borislav Petkov <borislav.petkov@amd.com>
-
Amit Shah authored
The console port could have been hot-unplugged. Check if it is valid before working on it. Signed-off-by:
Amit Shah <amit.shah@redhat.com> Signed-off-by:
Michael S. Tsirkin <mst@redhat.com>
-
Amit Shah authored
When the host lets us know what 'name' a port is assigned, we create the sysfs 'name' attribute. Generate a 'change' event after this so that udev wakes up and acts on the rules for virtio-ports (currently there's only one rule that creates a symlink from the 'name' to the actual char device). Signed-off-by:
-
Timo Teräs authored
Taking route's header_len into account, and updating gre device needed_headroom will give better hints on upper bound of required headroom. This is useful if the gre traffic is xfrm'ed. Signed-off-by:
Timo Teras <timo.teras@iki.fi> Acked-by:
Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
Paulius Zaleckas authored
When compiling userspace application which includes if_tunnel.h and uses GRE_* defines you will get undefined reference to __cpu_to_be16. Fix this by adding missing #include <asm/byteorder.h> Cc: stable@kernel.org Signed-off-by:
Paulius Zaleckas <paulius.zaleckas@gmail.com> Signed-off-by:
-
Guenter Roeck authored
TCP sessions over IPv4 can get stuck if routers between endpoints do not fragment packets but implement PMTU instead, and we are using those routers because of an ICMP redirect. Setup is as follows MTU1 MTU2 MTU1 A--------B------C------D with MTU1 > MTU2. A and D are endpoints, B and C are routers. B and C implement PMTU and drop packets larger than MTU2 (for example because DF is set on all packets). TCP sessions are initiated between A and D. There is packet loss between A and D, causing frequent TCP retransmits. After the number of retransmits on a TCP session reaches tcp_retries1, tcp calls dst_negative_advice() prior to each retransmit. This results in route cache entries for the peer to be deleted in ipv4_negative_advice() if the Path MTU is set. If the outstanding data on an affected TCP session is larger than MTU2, packets sent from the endpoints will be dropped by B or C, and ICMP NEEDFRAG will be returned. A and D receive NEEDFRAG messages and update PMTU. Before the next retransmit, tcp will again call dst_negative_advice(), causing the route cache entry (with correct PMTU) to be deleted. The retransmitted packet will be larger than MTU2, causing it to be dropped again. This sequence repeats until the TCP session aborts or is terminated. Problem is fixed by removing redirected route cache entries in ipv4_negative_advice() only if the PMTU is expired. Signed-off-by:Guenter Roeck <guenter.roeck@ericsson.com> Signed-off-by:
-
-
Paul E. McKenney authored
Allow fib_find_node() to be called either under rcu_read_lock() protection or with RTNL held. Signed-off-by:
Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by:
Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by:
-
- 21 Mar, 2010 3 commits
-
-
Andrei Emeltchenko authored
Added very simple check that req buffer has enough space to fit configuration parameters. Shall be enough to reject packets with configuration size more than req buffer. Crash trace below [ 6069.659393] Unable to handle kernel paging request at virtual address 02000205 [ 6069.673034] Internal error: Oops: 805 [#1] PREEMPT ... [ 6069.727172] PC is at l2cap_add_conf_opt+0x70/0xf0 [l2cap] [ 6069.732604] LR is at l2cap_recv_frame+0x1350/0x2e78 [l2cap] ... [ 6070.030303] Backtrace: [ 6070.032806] [<bf1c2880>] (l2cap_add_conf_opt+0x0/0xf0 [l2cap]) from [<bf1c6624>] (l2cap_recv_frame+0x1350/0x2e78 [l2cap]) [ 6070.043823] r8:dc5d3100 r7:df2a91d6 r6:00000001 r5:df2a8000 r4:00000200 [ 6070.050659] [<bf1c52d4>] (l2cap_recv_frame+0x0/0x2e78 [l2cap]) from [<bf1c8408>] (l2cap_recv_acldata+0x2bc/0x350 [l2cap]) [ 6070.061798] [<bf1c814c>] (l2cap_recv_acldata+0x0/0x350 [l2cap]) from [<bf0037a4>] (hci_rx_task+0x244/0x478 [bluetooth]) [ 6070.072631] r6:dc647700 r5:00000001 r4:df2ab740 [ 6070.077362] [<bf003560>] (hci_rx_task+0x0/0x478 [bluetooth]) from [<c006b9fc>] (tasklet_action+0x78/0xd8) [ 6070.087005] [<c006b984>] (tasklet_action+0x0/0xd8) from [<c006c160>] Signed-off-by:
Andrei Emeltchenko <andrei.emeltchenko@nokia.com> Acked-by:
Gustavo F. Padovan <gustavo@padovan.org> Signed-off-by:
Marcel Holtmann <marcel@holtmann.org>
-
Marcel Holtmann authored
Some of the debug files ended up wrongly in sysfs, because at that point of time, debugfs didn't exist. Convert these files to use debugfs and also seq_file. This patch converts all of these files at once and then removes the exported symbol for the Bluetooth sysfs class. Signed-off-by: -
Marcel Holtmann authored
When creating a high number of Bluetooth sockets (L2CAP, SCO and RFCOMM) it is possible to scribble repeatedly on arbitrary pages of memory. Ensure that the content of these sysfs files is always less than one page. Even if this means truncating. The files in question are scheduled to be moved over to debugfs in the future anyway. Based on initial patches from Neil Brown and Linus Torvalds Reported-by:
Neil Brown <neilb@suse.de> Signed-off-by:
-
- 20 Mar, 2010 13 commits
-
-
-
Pablo Neira Ayuso authored
This patch fixes a bug that allows to lose events when reliable event delivery mode is used, ie. if NETLINK_BROADCAST_SEND_ERROR and NETLINK_RECV_NO_ENOBUFS socket options are set. Signed-off-by:
Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by:
-
Pablo Neira Ayuso authored
Currently, ENOBUFS errors are reported to the socket via netlink_set_err() even if NETLINK_RECV_NO_ENOBUFS is set. However, that should not happen. This fixes this problem and it changes the prototype of netlink_set_err() to return the number of sockets that have set the NETLINK_RECV_NO_ENOBUFS socket option. This return value is used in the next patch in these bugfix series. Signed-off-by:
-
Steven J. Magnani authored
Under NET_DMA, data transfer can grind to a halt when userland issues a large read on a socket with a high RCVLOWAT (i.e., 512 KB for both). This appears to be because the NET_DMA design queues up lots of memcpy operations, but doesn't issue or wait for them (and thus free the associated skbs) until it is time for tcp_recvmesg() to return. The socket hangs when its TCP window goes to zero before enough data is available to satisfy the read. Periodically issue asynchronous memcpy operations, and free skbs for ones that have completed, to prevent sockets from going into zero-window mode. Signed-off-by:
Steven J. Magnani <steve@digidescorp.com> Signed-off-by:
-
Pablo Neira Ayuso authored
This patch fixes a unaligned access in nla_get_be64() that was introduced by myself in a17c8598. Signed-off-by:
-
Lennart Schulte authored
A packet is marked as lost in case packets == 0, although nothing should be done. This results in a too early retransmitted packet during recovery in some cases. This small patch fixes this issue by returning immediately. Signed-off-by:
Lennart Schulte <lennart.schulte@nets.rwth-aachen.de> Signed-off-by:
Arnd Hannemann <hannemann@nets.rwth-aachen.de> Signed-off-by:
-
Patrick McHardy authored
mfc_parent of cache entries is used to index into the vif_table and is initialised from mfcctl->mfcc_parent. This can take values of to 2^16-1, while the vif_table has only MAXVIFS (32) entries. The same problem affects ip6mr. Refuse invalid values to fix a potential out-of-bounds access. Unlike the other validity checks, this is checked in ipmr_mfc_add() instead of the setsockopt handler since its unused in the delete path and might be uninitialized. Signed-off-by:
Patrick McHardy <kaber@trash.net> Signed-off-by:
-
Yegor Yefremov authored
There is no need to adjust the next rx descriptor after each packet, so do it only once at the end of the routine. Signed-off-by:
Yegor Yefremov <yegorslists@googlemail.com>
-
Carolyn Wyborny authored
Signed-off-by:
Carolyn Wyborny <carolyn.wyborny@intel.com> Signed-off-by:
Jeff Kirsher <jeffrey.t.kirsher@intel.com> Signed-off-by:
-
Greg Rose authored
Clean up some text output formatting. Signed-off-by:
Greg Rose <gregory.v.rose@intel.com> Signed-off-by:
-
Greg Rose authored
The recovery from PF reset works better when you shorten up the delay until the watchdog task executes. Signed-off-by:
-
Greg Rose authored
The counters in the 82599 Virtual Function are not clear on read. They accumulate to the maximum value and then roll over. They are also not cleared when the VF executes a soft reset, so it is possible they are non-zero when the driver loads and starts. This has all been accounted for in the code that keeps the stats up to date but there is one case that is not. When the PF driver is reset the counters in the VF are all reset to zero. This adds an additional accounting overhead into the VF driver when the PF is reset under its feet. This patch adds additional counters that are used by the VF driver to accumulate and save stats after a PF reset has been detected. Prior to this patch displaying the stats in the VF after the PF has reset would show bogus data. Signed-off-by:
-
Mallikarjuna R Chilakala authored
As per Simon Horman's feedback set IXGBE_RSC_CB(skb)->dma to zero after unmapping HWRSC DMA address to avoid double freeing. Signed-off-by:
Mallikarjuna R Chilakala <mallikarjuna.chilakala@intel.com> Acked-by:
Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com> Signed-off-by:
-
