- 04 Mar, 2012 7 commits
-
-
OGAWA Hirofumi authored
commit d8521fcc upstream. ratelimit_state initialization of printk_ratelimited() seems broken. This fixes it by using DEFINE_RATELIMIT_STATE() to initialize spinlock properly. Signed-off-by:
OGAWA Hirofumi <hirofumi@mail.parknet.co.jp> Cc: Joe Perches <joe@perches.com> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org> Cc: Sven-Haegar Koch <haegar@sdinet.de> Signed-off-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
Yong Zhang authored
commit bb1dc0ba upstream. When __ratelimit() returns 1 this means that we can go ahead. Signed-off-by:
Yong Zhang <yong.zhang@windriver.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: Joe Perches <joe@perches.com> Signed-off-by:
-
Eliad Peller authored
commit 07ae2dfc upstream. The current code checks for stored_mpdu_num > 1, causing the reorder_timer to be triggered indefinitely, but the frame is never timed-out (until the next packet is received) Signed-off-by:
Eliad Peller <eliad@wizery.com> Acked-by:
Johannes Berg <johannes@sipsolutions.net> Signed-off-by:
John W. Linville <linville@tuxdriver.com> Signed-off-by:
-
Dan Carpenter authored
commit f6302f1b upstream. "subbuf_size" and "n_subbufs" come from the user and they need to be capped to prevent an integer overflow. Signed-off-by:
Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by:
Jens Axboe <axboe@kernel.dk> Signed-off-by:
-
Wu Fengguang authored
commit 3310225d upstream. PROP_MAX_SHIFT should be set to <=32 on 64-bit box. This fixes two bugs in the below lines of bdi_dirty_limit(): bdi_dirty *= numerator; do_div(bdi_dirty, denominator); 1) divide error: do_div() only uses the lower 32 bit of the denominator, which may trimmed to be 0 when PROP_MAX_SHIFT > 32. 2) overflow: (bdi_dirty * numerator) could easily overflow if numerator used up to 48 bits, leaving only 16 bits to bdi_dirty Cc: Peter Zijlstra <a.p.zijlstra@chello.nl> Reported-by:
Ilya Tumaykin <librarian_rus@yahoo.com> Tested-by:
Wu Fengguang <fengguang.wu@intel.com> Signed-off-by:
-
Nikolaus Schulz authored
commit eb2f255b upstream. In order to extract the high byte of the 16-bit word, shift the word to the right, not to the left. Signed-off-by:
Nikolaus Schulz <mail@microschulz.de> Signed-off-by:
Guenter Roeck <guenter.roeck@ericsson.com> Signed-off-by:
-
Daniel Vetter authored
commit e57b6886 upstream. According to a bug report, it doesn't have one. Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=44263Acked-by:
Chris Wilson <chris@chris-wilson.co.uk> Signed-Off-by:
Daniel Vetter <daniel.vetter@ffwll.ch> Signed-off-by:
Keith Packard <keithp@keithp.com> Signed-off-by:
-
- 13 Feb, 2012 22 commits
-
-
Greg Kroah-Hartman authored
-
Eric Dumazet authored
commit b1faf566 upstream. Correct sk_forward_alloc handling for error_queue would need to use a backlog of frames that softirq handler could not deliver because socket is owned by user thread. Or extend backlog processing to be able to process normal and error packets. Another possibility is to not use mem charge for error queue, this is what I implemented in this patch. Note: this reverts commit 29030374 (net: fix sk_forward_alloc corruptions), since we dont need to lock socket anymore. Signed-off-by:
Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by:
David S. Miller <davem@davemloft.net> Cc: 单卫 <shanwei88@gmail.com> Signed-off-by:
-
Eric Dumazet authored
commit 29030374 upstream. As David found out, sock_queue_err_skb() should be called with socket lock hold, or we risk sk_forward_alloc corruption, since we use non atomic operations to update this field. This patch adds bh_lock_sock()/bh_unlock_sock() pair to three spots. (BH already disabled) 1) skb_tstamp_tx() 2) Before calling ip_icmp_error(), in __udp4_lib_err() 3) Before calling ipv6_icmp_error(), in __udp6_lib_err() Reported-by:
Anton Blanchard <anton@samba.org> Signed-off-by:
-
Axel Lin authored
commit b5266ea6 upstream. Signed-off-by:
Axel Lin <axel.lin@gmail.com> Acked-by:
Michał Mirosław <mirq-linux@rere.qmqm.pl> Signed-off-by:
-
Milan Kocian authored
commit 90451e69 upstream. Signed-off-by:
Milan Kocian <milon@wq.cz> Signed-off-by:
-
Jayachandran C authored
commit e4436a7c upstream. The Netlogic XLP SoC's on-chip USB controller appears as a PCI USB device, but does not need the EHCI/OHCI handoff done in usb/host/pci-quirks.c. The pci-quirks.c is enabled for all vendors and devices, and is enabled if USB and PCI are configured. If we do not skip the qurik handling on XLP, the readb() call in ehci_bios_handoff() will cause a crash since byte access is not supported for EHCI registers in XLP. Signed-off-by:
Jayachandran C <jayachandranc@netlogicmicro.com> Acked-by:
Alan Stern <stern@rowland.harvard.edu> Signed-off-by:
-
Timo Juhani Lindfors authored
commit 683da59d upstream. ab943a2e (USB: gadget: gadget zero uses new suspend/resume hooks) introduced a copy-paste error where f_loopback.c writes to a variable declared in f_sourcesink.c. This prevents one from creating gadgets that only have a loopback function. Signed-off-by:
Timo Juhani Lindfors <timo.lindfors@iki.fi> Signed-off-by:
Felipe Balbi <balbi@ti.com> Signed-off-by:
-
Arve Hjønnevåg authored
commit bd1eff97 upstream. Opening the binder driver and sharing the file returned with other processes (e.g. by calling fork) can crash the kernel. Prevent these crashes with the following changes: - Add a mutex to protect against two processes mmapping the same binder_proc. - After locking mmap_sem, check that the vma we want to access (still) points to the same mm_struct. - Use proc->tsk instead of current to get the files struct since this is where we get the rlimit from. Signed-off-by:
Arve Hjønnevåg <arve@android.com> Signed-off-by:
-
Arve Hjønnevåg authored
commit 3c1b86f1 upstream. If user-space partially unmaps the driver, binder_vma_open would dump the kernel stack. This is not a kernel bug however and will be treated as if the whole area was unmapped once binder_vma_close gets called. Signed-off-by:
-
Pekka Paalanen authored
commit 635032cb upstream. Programming an image was broken, because odev->buf_offs was not advanced for val == 0 in append_values(). This regression was introduced in: commit 1ff12a4a Author: Kevin A. Granade <kevin.granade@gmail.com> Date: Sat Sep 5 01:03:39 2009 -0500 Staging: asus_oled: Cleaned up checkpatch issues. Fix the image processing by special-casing val == 0. I have tested this change on an Asus G50V laptop only. Cc: Jakub Schmidtke <sjakub@gmail.com> Cc: Kevin A. Granade <kevin.granade@gmail.com> Signed-off-by:
Pekka Paalanen <pq@iki.fi> Signed-off-by:
-
Hubert Feurstein authored
commit 9f106503 upstream. An error was existing in the saving of CONTRAST_CTR register across suspend/resume. Signed-off-by:
Hubert Feurstein <h.feurstein@gmail.com> Signed-off-by:
Nicolas Ferre <nicolas.ferre@atmel.com> Acked-by:
Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Signed-off-by:
Florian Tobias Schandinat <FlorianSchandinat@gmx.de> Signed-off-by:
-
Li Wang authored
commit 684a3ff7 upstream. ecryptfs_write() can enter an infinite loop when truncating a file to a size larger than 4G. This only happens on architectures where size_t is represented by 32 bits. This was caused by a size_t overflow due to it incorrectly being used to store the result of a calculation which uses potentially large values of type loff_t. [tyhicks@canonical.com: rewrite subject and commit message] Signed-off-by:
Li Wang <liwang@nudt.edu.cn> Signed-off-by:
Yunchuan Wen <wenyunchuan@kylinos.com.cn> Reviewed-by:
Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by:
Tyler Hicks <tyhicks@canonical.com> Signed-off-by:
-
Rodrigo Vivi authored
commit 23bd15ec upstream. TV Out refresh rate was half of the specification for almost all modes. Due to this reason pixel clock was so low for some modes causing flickering screen. Signed-off-by:
Rodrigo Vivi <rodrigo.vivi@gmail.com> Reviewed-by:
Jesse Barnes <jbarnes@virtuousgeek.org> Signed-off-by:
Eugeni Dodonov <eugeni.dodonov@intel.com> Signed-off-by:
-
Jan Kara authored
commit 853a0c25 upstream. When we hit EIO while writing LVID, the buffer uptodate bit is cleared. This then results in an anoying warning from mark_buffer_dirty() when we write the buffer again. So just set uptodate flag unconditionally. Reviewed-by:
Namjae Jeon <linkinjeon@gmail.com> Signed-off-by:
Jan Kara <jack@suse.cz> Cc: Dave Jones <davej@redhat.com> Signed-off-by:
-
Bian Naimeng authored
commit 5fe46e9d upstream. If NFSv4 client send a request before connect, or the old connection was broken because a ETIMEOUT error catched by call_status, ->send_request will return ENOSOCK, but rpc layer can not deal with it, so make sure ->send_request can translate ENOSOCK into ENOCONN. Signed-off-by:
Bian Naimeng <biannm@cn.fujitsu.com> Signed-off-by:
Trond Myklebust <Trond.Myklebust@netapp.com> Cc: Chuck Lever <chuck.lever@oracle.com> Signed-off-by:
-
Trond Myklebust authored
commit b0ed9dbc upstream. NFSv4 open recovery is currently broken: since we do not clear the state->flags states before attempting recovery, we end up with the 'can_open_cached()' function triggering. This again leads to no OPEN call being put on the wire. Reported-by:
Sachin Prabhu <sprabhu@redhat.com> Signed-off-by:
-
Trond Myklebust authored
commit a9ed2e25 upstream. If our lease expires, and the server reboots while we're recovering, we need to be able to wait until the grace period is over. Signed-off-by:
-
Trond Myklebust authored
commit c8b7ae3d upstream. Signed-off-by:
-
Trond Myklebust authored
commit 4f7cdf18 upstream. nfs4_recovery_handle_error() will correctly handle errors such as NFS4ERR_CB_PATH_DOWN, however because they are still passed back to the main loop in nfs4_state_manager(), they can cause the latter to exit prematurely. Fix this by letting nfs4_recovery_handle_error() change the error value in cases where there is no action required by the caller. Signed-off-by:
-
Trond Myklebust authored
commit e345e88a upstream. In practice, we need to ensure that we call nfs4_state_end_reclaim_reboot in 2 cases: - If we lose the lease while we were reclaiming state OR - After we're done with reboot recovery Signed-off-by:
-
Carsten Otte authored
commit 99f02ef1 upstream. Fix a race condition that shows in conjunction with xip_file_fault() when two threads of the same user process fault on the same memory page. In this case, the race winner will install the page table entry and the unlucky loser will cause an oops: xip_file_fault calls vm_insert_pfn (via vm_insert_mixed) which drops out at this check: retval = -EBUSY; if (!pte_none(*pte)) goto out_unlock; The resulting -EBUSY return value will trigger a BUG_ON() in xip_file_fault. This fix simply considers the fault as fixed in this case, because the race winner has successfully installed the pte. [akpm@linux-foundation.org: use conventional (and consistent) comment layout] Reported-by:
David Sadler <dsadler@us.ibm.com> Signed-off-by:
Carsten Otte <cotte@de.ibm.com> Reported-by:
Louis Alex Eisner <leisner@cs.ucsd.edu> Cc: Hugh Dickins <hughd@google.com> Signed-off-by:
-
Jack Morgenstein authored
commit a6f7feae upstream. In the current code, vendor-specific MADs (e.g with the FDR-10 attribute) are silently dropped by the driver, resulting in timeouts at the sending side and inability to query/configure the relevant feature. However, the ConnectX firmware is able to handle such MADs. For unsupported attributes, the firmware returns a GET_RESPONSE MAD containing an error status. For example, for a FDR-10 node with LID 11: # ibstat mlx4_0 1 CA: 'mlx4_0' Port 1: State: Active Physical state: LinkUp Rate: 40 (FDR10) Base lid: 11 LMC: 0 SM lid: 24 Capability mask: 0x02514868 Port GUID: 0x0002c903002e65d1 Link layer: InfiniBand Extended Port Query (EPI) vendor mad timeouts before the patch: # smpquery MEPI 11 -d ibwarn: [4196] smp_query_via: attr 0xff90 mod 0x0 route Lid 11 ibwarn: [4196] _do_madrpc: retry 1 (timeout 1000 ms) ibwarn: [4196] _do_madrpc: retry 2 (timeout 1000 ms) ibwarn: [4196] _do_madrpc: timeout after 3 retries, 3000 ms ibwarn: [4196] mad_rpc: _do_madrpc failed; dport (Lid 11) smpquery: iberror: [pid 4196] main: failed: operation EPI: ext port info query failed EPI query works OK with the patch: # smpquery MEPI 11 -d ibwarn: [6548] smp_query_via: attr 0xff90 mod 0x0 route Lid 11 ibwarn: [6548] mad_rpc: data offs 64 sz 64 mad data 0000 0000 0000 0001 0000 0001 0000 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 # Ext Port info: Lid 11 port 0 StateChangeEnable:...............0x00 LinkSpeedSupported:..............0x01 LinkSpeedEnabled:................0x01 LinkSpeedActive:.................0x01 Signed-off-by:
Jack Morgenstein <jackm@mellanox.com> Signed-off-by:
Or Gerlitz <ogerlitz@mellanox.com> Acked-by:
Ira Weiny <weiny2@llnl.gov> Signed-off-by:
Roland Dreier <roland@purestorage.com> Signed-off-by:
-
- 03 Feb, 2012 11 commits
-
-
Greg Kroah-Hartman authored
-
Johan Hovold authored
commit 108e02b1 upstream. Fix regression introduced by commit b1ffb4c8 ("USB: Fix Corruption issue in USB ftdi driver ftdi_sio.c") which caused the termios settings to no longer be initialised at open. Consequently it was no longer possible to set the port to the default speed of 9600 baud without first changing to another baud rate and back again. Reported-by:
Roland Ramthun <mail@roland-ramthun.de> Signed-off-by:
Johan Hovold <jhovold@gmail.com> Tested-by:
-
Johan Hovold authored
commit be125d9c upstream. We do not implement B0 hangup yet so map low baudrates to 300bps. Signed-off-by:
-
Renato Caldas authored
commit 791b7d7c upstream. This device is a Oscilloscope/Logic Analizer/Pattern Generator/TDR, using a Silabs CP2103 USB to UART Bridge. Signed-off-by:
Renato Caldas <rmsc@fe.up.pt> Signed-off-by:
-
Vivien Didelot authored
commit 6edf3c30 upstream. When no platform data was supplied, returned error code was 0. Signed-off-by:
Vivien Didelot <vivien.didelot@savoirfairelinux.com> Signed-off-by:
-
Jean Delvare authored
commit 86b2bbfd upstream. Properly clamp temperature limits set by the user. Without this fix, attempts to write temperature limits above the maximum supported by the chip (255 degrees Celsius) would arbitrarily and unexpectedly result in the limit being set to 0 degree Celsius. Signed-off-by:
Jean Delvare <khali@linux-fr.org> Signed-off-by:
-
Harrison Metzger authored
commit 1097cceb upstream. This changes the max length for the usb seven segment delcom device to 8 from 6. Delcom has both 6 and 8 variants and having 8 works fine with devices which are only 6. Signed-off-by:
Harrison Metzger <harrisonmetz@gmail.com> Signed-off-by:
Stuart Pook <stuart@acm.org> Signed-off-by:
-
Eric W. Biederman authored
commit 6d443d84 upstream. Calling edge_remove_sysfs_attrs from edge_disconnect is too late as the device has already been removed from sysfs. Do the simple and obvious thing and make edge_remove_sysfs_attrs the port_remove method. Signed-off-by:
Eric W. Biederman <ebiederm@xmission.com> Reported-by:
Wolfgang Frisch <wfpub@roembden.net> Signed-off-by:
-
Bjørn Mork authored
commit c428b70c upstream. wdm_in_callback() will also touch this field, so we cannot change it without locking Signed-off-by:
Bjørn Mork <bjorn@mork.no> Acked-by:
Oliver Neukum <oneukum@suse.de> Signed-off-by:
-
Alan Cox authored
commit 2353f806 upstream. 0x04d8, 0x000a: Hornby Elite Signed-off-by:
Alan Cox <alan@linux.intel.com> Signed-off-by:
-
Peter Naulls authored
commit fc216ec3 upstream. I tested this against 2.6.39 in the Ubuntu kernel, however I see the IDs are not in latest 3.2 git. This adds IDs for the FTDI controller in the Rainforest Automation Zigbee dongle. Signed-off-by:
Peter Naulls <peter@chocky.org> Signed-off-by:
-
