1. 08 Apr, 2015 4 commits
    • Linus Torvalds's avatar
      Merge branch 'akpm' (patches from Andrew) · b97fdef8
      Linus Torvalds authored
      Merge misc fixes from Andrew Morton:
       "Three fixes"
      
      * emailed patches from Andrew Morton <akpm@linux-foundation.org>:
        mm: numa: disable change protection for vma(VM_HUGETLB)
        include/linux/dmapool.h: declare struct device
        mm: move zone lock to a different cache line than order-0 free page lists
      b97fdef8
    • Linus Torvalds's avatar
      Copy the kernel module data from user space in chunks · 3afe9f84
      Linus Torvalds authored
      Unlike most (all?) other copies from user space, kernel module loading
      is almost unlimited in size.  So we do a potentially huge
      "copy_from_user()" when we copy the module data from user space to the
      kernel buffer, which can be a latency concern when preemption is
      disabled (or voluntary).
      
      Also, because 'copy_from_user()' clears the tail of the kernel buffer on
      failures, even a *failed* copy can end up wasting a lot of time.
      
      Normally neither of these are concerns in real life, but they do trigger
      when doing stress-testing with trinity.  Running in a VM seems to add
      its own overheadm causing trinity module load testing to even trigger
      the watchdog.
      
      The simple fix is to just chunk up the module loading, so that it never
      tries to copy insanely big areas in one go.  That bounds the latency,
      and also the amount of (unnecessarily, in this case) cleared memory for
      the failure case.
      Reported-by: default avatarSasha Levin <sasha.levin@oracle.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      3afe9f84
    • Linus Torvalds's avatar
      x86: clean up/fix 'copy_in_user()' tail zeroing · cae2a173
      Linus Torvalds authored
      The rule for 'copy_from_user()' is that it zeroes the remaining kernel
      buffer even when the copy fails halfway, just to make sure that we don't
      leave uninitialized kernel memory around.  Because even if we check for
      errors, some kernel buffers stay around after thge copy (think page
      cache).
      
      However, the x86-64 logic for user copies uses a copy_user_generic()
      function for all the cases, that set the "zerorest" flag for any fault
      on the source buffer.  Which meant that it didn't just try to clear the
      kernel buffer after a failure in copy_from_user(), it also tried to
      clear the destination user buffer for the "copy_in_user()" case.
      
      Not only is that pointless, it also means that the clearing code has to
      worry about the tail clearing taking page faults for the user buffer
      case.  Which is just stupid, since that case shouldn't happen in the
      first place.
      
      Get rid of the whole "zerorest" thing entirely, and instead just check
      if the destination is in kernel space or not.  And then just use
      memset() to clear the tail of the kernel buffer if necessary.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      cae2a173
    • Linus Torvalds's avatar
      Merge tag 'media/v3.20-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media · 7b43b473
      Linus Torvalds authored
      Pull media updates from Mauro Carvalho Chehab:
       "A series of fixup patches for version 4.0:
      
         - one VB2 core fixup, when stopping the stream;
         - one VB2 core fixup for dma-contig memory type;
         - driver fixes at rtl28xx, s5p (tv, jpeg, mfc, soc-camera, sh_veu,
           cx23885, gspca"
      
      * tag 'media/v3.20-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media:
        [media] rtl28xxu: return success for unimplemented FE callback
        [media] rtl2832: disable regmap register cache
        [media] vb2: Fix dma_dir setting for dma-contig mem type
        [media] media: s5p-mfc: fix broken pointer cast on 64bit arch
        [media] media: s5p-mfc: fix mmap support for 64bit arch
        [media] cx23885: fix querycap
        [media] sh_veu: v4l2_dev wasn't set
        [media] s5p-mfc: Fix NULL pointer dereference caused by not set q->lock
        [media] s5p-jpeg: exynos3250: fix erroneous reset procedure
        [media] s5p-tv: hdmi needs I2C support
        [media] s5p-jpeg: Initialize cb and cr to zero
        [media] media: fix gspca drivers build dependencies
        [media] soc-camera: Fix devm_kfree() in soc_of_bind()
        [media] media: atmel-isi: increase the burst length to improve the performance
        [media] vb2: fix 'UNBALANCED' warnings when calling vb2_thread_stop()
      7b43b473
  2. 07 Apr, 2015 3 commits
    • Naoya Horiguchi's avatar
      mm: numa: disable change protection for vma(VM_HUGETLB) · 6b79c57b
      Naoya Horiguchi authored
      Currently when a process accesses a hugetlb range protected with
      PROTNONE, unexpected COWs are triggered, which finally puts the hugetlb
      subsystem into a broken/uncontrollable state, where for example
      h->resv_huge_pages is subtracted too much and wraps around to a very
      large number, and the free hugepage pool is no longer maintainable.
      
      This patch simply stops changing protection for vma(VM_HUGETLB) to fix
      the problem.  And this also allows us to avoid useless overhead of minor
      faults.
      Signed-off-by: default avatarNaoya Horiguchi <n-horiguchi@ah.jp.nec.com>
      Suggested-by: default avatarMel Gorman <mgorman@suse.de>
      Cc: Hugh Dickins <hughd@google.com>
      Cc: "Kirill A. Shutemov" <kirill@shutemov.name>
      Cc: David Rientjes <rientjes@google.com>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
      Cc: Ingo Molnar <mingo@elte.hu>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      6b79c57b
    • Mark Brown's avatar
      include/linux/dmapool.h: declare struct device · ce66b032
      Mark Brown authored
      dmapool uses struct device in function arguments but relies on an
      implicit inclusion to declare struct device causing warnings in some
      configurations:
      
        include/linux/dmapool.h:31:7: warning: 'struct device' declared inside parameter list
      
      Fix this by adding a struct device declaration to the file.
      Signed-off-by: default avatarMark Brown <broonie@kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      ce66b032
    • Mel Gorman's avatar
      mm: move zone lock to a different cache line than order-0 free page lists · a368ab67
      Mel Gorman authored
      Huang Ying reported the following problem due to commit 3484b2de ("mm:
      rearrange zone fields into read-only, page alloc, statistics and page
      reclaim lines") from the Intel performance tests
      
          24b7e581  3484b2de
          ----------------  --------------------------
                   %stddev     %change         %stddev
                       \          |                \
              152288 \261  0%     -46.2%      81911 \261  0%  aim7.jobs-per-min
                 237 \261  0%     +85.6%        440 \261  0%  aim7.time.elapsed_time
                 237 \261  0%     +85.6%        440 \261  0%  aim7.time.elapsed_time.max
               25026 \261  0%     +70.7%      42712 \261  0%  aim7.time.system_time
             2186645 \261  5%     +32.0%    2885949 \261  4%  aim7.time.voluntary_context_switches
             4576561 \261  1%     +24.9%    5715773 \261  0%  aim7.time.involuntary_context_switches
      
      The problem is specific to very large machines under stress.  It was not
      reproducible with the machines I had used to justify the original patch
      because large numbers of CPUs are required.  When pressure is high enough,
      the cache line is bouncing between CPUs trying to acquire the lock and the
      holder of the lock adjusting free lists.  The intention was that the
      acquirer of the lock would automatically have the cache line holding the
      free lists but according to Huang, this is not a universal win.
      
      One possibility is to move the zone lock to its own cache line but it
      increases the size of the zone.  This patch moves the lock to the other
      end of the free lists where they do not contend under high pressure.  It
      does mean the page allocator paths now require more cache lines but Huang
      reports that it restores performance to previous levels on large machines
      
                   %stddev     %change         %stddev
                       \          |                \
               84568 \261  1%     +94.3%     164280 \261  1%  aim7.jobs-per-min
             2881944 \261  2%     -35.1%    1870386 \261  8%  aim7.time.voluntary_context_switches
                 681 \261  1%      -3.4%        658 \261  0%  aim7.time.user_time
             5538139 \261  0%     -12.1%    4867884 \261  0%  aim7.time.involuntary_context_switches
               44174 \261  1%     -46.0%      23848 \261  1%  aim7.time.system_time
                 426 \261  1%     -48.4%        219 \261  1%  aim7.time.elapsed_time
                 426 \261  1%     -48.4%        219 \261  1%  aim7.time.elapsed_time.max
                 468 \261  1%     -43.1%        266 \261  2%  uptime.boot
      Signed-off-by: default avatarMel Gorman <mgorman@suse.de>
      Reported-by: default avatarHuang Ying <ying.huang@intel.com>
      Tested-by: default avatarHuang Ying <ying.huang@intel.com>
      Acked-by: default avatarDavid Rientjes <rientjes@google.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      a368ab67
  3. 06 Apr, 2015 8 commits
    • Linus Torvalds's avatar
      Linux 4.0-rc7 · f22e6e84
      Linus Torvalds authored
      f22e6e84
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · 442bb4ba
      Linus Torvalds authored
      Pull networking fixes from David Miller:
      
       1) In TCP, don't register an FRTO for cumulatively ACK'd data that was
          previously SACK'd, from Neal Cardwell.
      
       2) Need to hold RNL mutex in ipv4 multicast code namespace cleanup,
          from Cong WANG.
      
       3) Similarly we have to hold RNL mutex for fib_rules_unregister(), also
          from Cong WANG.
      
       4) Revert and rework netns nsid allocation fix, from Nicolas Dichtel.
      
       5) When we encapsulate for a tunnel device, skb->sk still points to the
          user socket.  So this leads to cases where we retraverse the
          ipv4/ipv6 output path with skb->sk being of some other address
          family (f.e. AF_PACKET).  This can cause things to crash since the
          ipv4 output path is dereferencing an AF_PACKET socket as if it were
          an ipv4 one.
      
          The short term fix for 'net' and -stable is to elide these socket
          checks once we've entered an encapsulation sequence by testing
          xmit_recursion.
      
          Longer term we have a better solution wherein we pass the tunnel's
          socket down through the output paths, but that is way too invasive
          for 'net' and -stable.
      
          From Hannes Frederic Sowa.
      
       6) l2tp_init() failure path forgets to unregister per-net ops, from
          Cong WANG.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
        net/mlx4_core: Fix error message deprecation for ConnectX-2 cards
        net: dsa: fix filling routing table from OF description
        l2tp: unregister l2tp_net_ops on failure path
        mvneta: dont call mvneta_adjust_link() manually
        ipv6: protect skb->sk accesses from recursive dereference inside the stack
        netns: don't allocate an id for dead netns
        Revert "netns: don't clear nsid too early on removal"
        ip6mr: call del_timer_sync() in ip6mr_free_table()
        net: move fib_rules_unregister() under rtnl lock
        ipv4: take rtnl_lock and mark mrt table as freed on namespace cleanup
        tcp: fix FRTO undo on cumulative ACK of SACKed range
        xen-netfront: transmit fully GSO-sized packets
      442bb4ba
    • Jack Morgenstein's avatar
      net/mlx4_core: Fix error message deprecation for ConnectX-2 cards · fde913e2
      Jack Morgenstein authored
      Commit 1daa4303 ("net/mlx4_core: Deprecate error message at
      ConnectX-2 cards startup to debug") did the deprecation only for port 1
      of the card. Need to deprecate for port 2 as well.
      
      Fixes: 1daa4303 ("net/mlx4_core: Deprecate error message at ConnectX-2 cards startup to debug")
      Signed-off-by: default avatarJack Morgenstein <jackm@dev.mellanox.co.il>
      Signed-off-by: default avatarAmir Vadai <amirv@mellanox.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      fde913e2
    • Pavel Nakonechny's avatar
      net: dsa: fix filling routing table from OF description · 30303813
      Pavel Nakonechny authored
      According to description in 'include/net/dsa.h', in cascade switches
      configurations where there are more than one interconnected devices,
      'rtable' array in 'dsa_chip_data' structure is used to indicate which
      port on this switch should be used to send packets to that are destined
      for corresponding switch.
      
      However, dsa_of_setup_routing_table() fills 'rtable' with port numbers
      of the _target_ switch, but not current one.
      
      This commit removes redundant devicetree parsing and adds needed port
      number as a function argument. So dsa_of_setup_routing_table() now just
      looks for target switch number by parsing parent of 'link' device node.
      
      To remove possible misunderstandings with the way of determining target
      switch number, a corresponding comment was added to the source code and
      to the DSA device tree bindings documentation file.
      
      This was tested on a custom board with two Marvell 88E6095 switches with
      following corresponding routing tables: { -1, 10 } and { 8, -1 }.
      Signed-off-by: default avatarPavel Nakonechny <pavel.nakonechny@skitlab.ru>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Reviewed-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      30303813
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input · 9e441639
      Linus Torvalds authored
      Pull input fixes from Dmitry Torokhov:
       "Updates for the input subsystem - two more tweaks for ALPS driver to
        work out kinks after splitting the touchpad, trackstick, and potential
        external PS/2 mouse into separate input devices.
      
        Changes to support ALPS SS4 devices (protocol V8) will be coming in
        4.1..."
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
        Input: alps - document stick behavior for protocol V2
        Input: alps - report V2 Dualpoint Stick events via the right evdev node
        Input: alps - report interleaved bare PS/2 packets via dev3
      9e441639
    • WANG Cong's avatar
      67e04c29
    • Stas Sergeev's avatar
      mvneta: dont call mvneta_adjust_link() manually · ecf7b361
      Stas Sergeev authored
      mvneta_adjust_link() is a callback for of_phy_connect() and should
      not be called directly. The result of calling it directly is as below:
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      ecf7b361
    • hannes@stressinduktion.org's avatar
      ipv6: protect skb->sk accesses from recursive dereference inside the stack · f60e5990
      hannes@stressinduktion.org authored
      We should not consult skb->sk for output decisions in xmit recursion
      levels > 0 in the stack. Otherwise local socket settings could influence
      the result of e.g. tunnel encapsulation process.
      
      ipv6 does not conform with this in three places:
      
      1) ip6_fragment: we do consult ipv6_npinfo for frag_size
      
      2) sk_mc_loop in ipv6 uses skb->sk and checks if we should
         loop the packet back to the local socket
      
      3) ip6_skb_dst_mtu could query the settings from the user socket and
         force a wrong MTU
      
      Furthermore:
      In sk_mc_loop we could potentially land in WARN_ON(1) if we use a
      PF_PACKET socket ontop of an IPv6-backed vxlan device.
      
      Reuse xmit_recursion as we are currently only interested in protecting
      tunnel devices.
      
      Cc: Jiri Pirko <jiri@resnulli.us>
      Signed-off-by: default avatarHannes Frederic Sowa <hannes@stressinduktion.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      f60e5990
  4. 05 Apr, 2015 3 commits
  5. 04 Apr, 2015 3 commits
    • Linus Torvalds's avatar
      Merge tag 'usb-4.0-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · f8b3d8a5
      Linus Torvalds authored
      Pull USB fixes from Greg KH:
       "Here are some small USB fixes and new device ids for 4.0-rc6.  Nothing
        major, some xhci fixes for reported problems, and some usb-serial
        device ids.
      
        All have been in linux-next for a while"
      
      * tag 'usb-4.0-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
        USB: ftdi_sio: Use jtag quirk for SNAP Connect E10
        usb: isp1760: fix spin unlock in the error path of isp1760_udc_start
        usb: xhci: apply XHCI_AVOID_BEI quirk to all Intel xHCI controllers
        usb: xhci: handle Config Error Change (CEC) in xhci driver
        USB: keyspan_pda: add new device id
        USB: ftdi_sio: Added custom PID for Synapse Wireless product
      f8b3d8a5
    • Linus Torvalds's avatar
      Merge tag 'staging-4.0-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging · 8eb6dcf9
      Linus Torvalds authored
      Pull staging driver fixes from Greg KH:
       "Here are some staging driver fixes, well, really all just IIO driver
        fixes, for 4.0-rc6.  They fix issues that have been reported with
        these drivers.
      
        All of these patches have been in linux-next for a while"
      
      * tag 'staging-4.0-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
        iio: imu: Use iio_trigger_get for indio_dev->trig assignment
        iio: adc: vf610: use ADC clock within specification
        iio/adc/cc10001_adc.c: Fix !HAS_IOMEM build
        iio: core: Fix double free.
        iio:inv-mpu6050: Fix inconsistency for the scale channel
        staging: iio: dummy: Fix undefined symbol build error
        iio: inv_mpu6050: Clear timestamps fifo while resetting hardware fifo
        staging: iio: hmc5843: Set iio name property in sysfs
        iio: bmc150: change sampling frequency
        iio: fix drivers that check buffer->scan_mask
      8eb6dcf9
    • Linus Torvalds's avatar
      Merge tag 'tty-4.0-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty · eca8258b
      Linus Torvalds authored
      Pull tty/serial fixes from Greg KH:
       "Here are 3 serial driver fixes for 4.0-rc6.  They fix some reported
        issues with the samsung and fsl_lpuart drivers.
      
        All have been in linux-next for a while"
      
      * tag 'tty-4.0-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
        tty: serial: fsl_lpuart: clear receive flag on FIFO flush
        tty: serial: fsl_lpuart: specify transmit FIFO size
        serial: samsung: Clear operation mode on UART shutdown
      eca8258b
  6. 03 Apr, 2015 12 commits
  7. 02 Apr, 2015 7 commits