- 14 Dec, 2006 19 commits
-
-
Adrian Bunk authored
This patch fixes two memory leaks spotted by the Coverity checker. Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Adrian Bunk authored
This patch fixes three off-by-one errors found by the Coverity checker. Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Peer Chen authored
Add support for PATA controllers of MCP67 to amd74xx.c. Signed-off-by: Peer Chen <pchen@nvidia.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Peer Chen authored
Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Randy Dunlap authored
Add some nVidia chipset ID's support. Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Andrew Chew authored
Added MCP61 support to sata_nv and amd74xx. Signed-off-by: Jeff Garzik <jeff@garzik.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Jeff Garzik authored
Based on a patch contributed by Andrew Chew @ NVIDIA. Signed-off-by: Jeff Garzik <jeff@garzik.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Mark McLoughlin authored
When suspending a device-mapper device, dm_suspend() sleeps until all necessary I/O is completed. This state is triggered by a callback from persistent_commit(). But some I/O can still be issued *after* the callback (to prepare the next metadata area for use if the current one is full). This patch delays the callback until after that I/O is complete. Signed-off-by: Mark McLoughlin <markmc@redhat.com> Signed-off-by: Alasdair G Kergon <agk@redhat.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Daniel Kobras authored
On an nForce4-equipped machine with two SATA disk in raid1 setup using dmraid, we experienced frequent deadlock of the system under high i/o load. 'cat /dev/zero > ~/zero' was the most reliable way to reproduce them: Randomly after a few GB, 'cp' would be left in 'D' state along with kjournald and kmirrord. The functions cp and kjournald were blocked in did vary, but kmirrord's wchan always pointed to 'mempool_alloc()'. We've seen this pattern on 2.6.15 and 2.6.17 kernels. http://lkml.org/lkml/2005/4/20/142 indicates that this problem has been around even before. So much for the facts, here's my interpretation: mempool_alloc() first tries to atomically allocate the requested memory, or falls back to hand out preallocated chunks from the mempool. If both fail, it puts the calling process (kmirrord in this case) on a private waitqueue until somebody refills the pool. Where the only 'somebody' is kmirrord itself, so we have a deadlock. I worked around this problem by falling back to a (blocking) kmalloc when before kmirrord would have ended up on the waitqueue. This defeats part of the benefits of using the mempool, but at least keeps the system running. And it could be done with a two-line change. Note that mempool_alloc() clears the GFP_NOIO flag internally, and only uses it to decide whether to wait or return an error if immediate allocation fails, so the attached patch doesn't change behaviour in the non-deadlocking case. Path is against current git (2.6.18-rc4), but should apply to earlier versions as well. I've tested on 2.6.15, where this patch makes the difference between random lockup and a stable system. Signed-off-by: Daniel Kobras <kobras@linux.de> Acked-by: Alasdair G Kergon <agk@redhat.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Neil Brown authored
The device-mapper core does not perform any remapping of bios before passing them to the targets. If a particular mapping begins part-way into a device, targets obtain the sector relative to the start of the mapping by subtracting ti->begin. The dm-raid1 target didn't do this everywhere: this patch fixes it, taking care to subtract ti->begin exactly once for each bio. Signed-off-by: Neil Brown <neilb@suse.de> Signed-off-by: Alasdair G Kergon <agk@redhat.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Jeff Mahoney authored
The reference counting on dm-mod is zero if no mapped devices are open. This is incorrect, and can lead to an oops if the module is unloaded while mapped devices exist. This patch claims a reference to the module whenever a device is created, and drops it again when the device is freed. Devices must be removed before dm-mod is unloaded. Signed-off-by: Jeff Mahoney <jeffm@suse.com> Signed-off-by: Alasdair G Kergon <agk@redhat.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Alasdair G Kergon authored
Persistent snapshots currently store a private copy of the chunk size. Userspace also supplies the chunk size when loading a snapshot. Ensure consistency by only storing the chunk_size in one place instead of two. Currently the two sizes will differ if the chunk size supplied by userspace does not match the chunk size an existing snapshot actually uses. Amongst other problems, this causes an incorrect 'percentage full' to be reported. The patch ensures consistency by only storing the chunk_size in one place, removing it from struct pstore. Some initialisation is delayed until the correct chunk_size is known. If read_header() discovers that the wrong chun size was supplied, the 'area' buffer (which the header already got read into is reinitialised to the correct size. Signed-off-by: Alasdair G Kergon <agk@redhat.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Michal Miroslaw authored
Fix BUG I tripped on while testing failover and multipathing. BUG shows up on error path in multipath_ctr() when parse_priority_group() fails after returning at least once without error. The fix is to initialize m->ti early - just after alloc()ing it. BUG: unable to handle kernel NULL pointer dereference at virtual address 0000000 0 printing eip: c027c3d2 *pde = 00000000 Oops: 0000 [#3] Modules linked in: qla2xxx ext3 jbd mbcache sg ide_cd cdrom floppy CPU: 0 EIP: 0060:[<c027c3d2>] Not tainted VLI EFLAGS: 00010202 (2.6.17.3 #1) EIP is at dm_put_device+0xf/0x3b eax: 00000001 ebx: ee4fcac0 ecx: 00000000 edx: ee4fcac0 esi: ee4fc4e0 edi: ee4fc4e0 ebp: 00000000 esp: c5db3e78 ds: 007b es: 007b ss: 0068 Process multipathd (pid: 15912, threadinfo=c5db2000 task=ef485a90) Stack: ec4eda40 c02816bd ee4fc4c0 00000000 f7e89498 f883e0bc c02816f6 f7e89480 f7e8948c c0281801 ffffffea f7e89480 f883e080 c0281ffe 00000001 00000000 00000004 dfe9cab8 f7a693c0 f883e080 f883e0c0 ca4b99c0 c027c6ee 01400000 Call Trace: <c02816bd> free_pgpaths+0x31/0x45 <c02816f6> free_priority_group+0x25/0x2e <c0281801> free_multipath+0x35/0x67 <c0281ffe> multipath_ctr+0x123/0x12d <c027c6ee> dm_table_add_target+0x11e/0x18b <c027e5b4> populate_table+0x8a/0xaf <c027e62b> table_load+0x52/0xf9 <c027ec23> ctl_ioctl+0xca/0xfc <c027e5d9> table_load+0x0/0xf9 <c0152146> do_ioctl+0x3e/0x43 <c0152360> vfs_ioctl+0x16c/0x178 <c01523b4> sys_ioctl+0x48/0x60 <c01029b3> syscall_call+0x7/0xb Code: 97 f0 00 00 00 89 c1 83 c9 01 80 e2 01 0f 44 c1 88 43 14 8b 04 24 59 5b 5e 5f 5d c3 53 89 c1 89 d3 ff 4a 08 0f 94 c0 84 c0 74 2a <8b> 01 8b 10 89 d8 e8 f6 fb ff ff 8b 03 8b 53 04 89 50 04 89 02 EIP: [<c027c3d2>] dm_put_device+0xf/0x3b SS:ESP 0068:c5db3e78 Signed-off-by: Michal Miroslaw <mirq-linux@rere.qmqm.pl> Acked-by: Alasdair G Kergon <agk@redhat.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Jean Delvare authored
Fix uses of "&&" where "&" was obviously intended instead. Signed-off-by: Jean Delvare <khali@linux-fr.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Joerg Ahrens authored
I am using a Xircom CEM33 pcmcia NIC which has occasional hardware problems. If the netdev watchdog detects a transmit timeout, do_reset is called which msleeps - this is illegal in atomic context. This patch schedules the timeout handling as a workqueue item. Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Alexey Kuznetsov authored
Found in 2.4 by Yixin Pan <yxpan@hotmail.com>. > When I read fib_semantics.c of Linux-2.4.32, write_lock(&fib_info_lock) = > is used in fib_release_info() instead of write_lock_bh(&fib_info_lock). = > Is the following case possible: a BH interrupts fib_release_info() while = > holding the write lock, and calls ip_check_fib_default() which calls = > read_lock(&fib_info_lock), and spin forever. Signed-off-by: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Hans Verkuil authored
The TUNER_LG_NTSC_TAPE is identical in all respects to the TUNER_PHILIPS_FM1236_MK3. So use the params struct for the Philips tuner. Also add this LG_NTSC_TAPE tuner to the switches where radio specific parameters are set so it behaves like a TUNER_PHILIPS_FM1236_MK3. This change fixes the radio support for this tuner (the wrong bandswitch byte was used). Thanks to Andy Walls <cwalls@radix.net> for finding this bug. Signed-off-by: Hans Verkuil <hverkuil@xs4all.nl> Signed-off-by: Michael Krufky <mkrufky@linuxtv.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Michael Krufky authored
In some cases when using VSB, the AGC status register has been known to falsely report "no signal" when in fact there is a carrier lock. The datasheet labels these status flags as QAM only, yet the lgdt330x module is using these flags for both QAM and VSB. This patch allows for the carrier recovery lock status register to be tested, even if the agc signal status register falsely reports no signal. Thanks to jcrews from #linuxtv in irc, for initially reporting this bug. Signed-off-by: Michael Krufky <mkrufky@linuxtv.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Herbert Xu authored
The SHA384 block size should be 128 bytes, not 96 bytes. This was spotted by Andrew Donofrio. This breaks HMAC which uses the block size during setup and the final calculation. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
- 13 Dec, 2006 1 commit
-
-
Adrian Bunk authored
-
- 09 Dec, 2006 4 commits
-
-
Adrian Bunk authored
-
Chuck Ebbert authored
Fix check for bad address; use macro instead of open-coding two checks. Taken from RHEL4 kernel update. From: Ernie Petrides <petrides@redhat.com> For background, the BAD_ADDR() macro should return TRUE if the address is TASK_SIZE, because that's the lowest address that is *not* valid for user-space mappings. The macro was correct in binfmt_aout.c but was wrong for the "equal to" case in binfmt_elf.c. There were two in-line validations of user-space addresses in binfmt_elf.c, which have been appropriately converted to use the corrected BAD_ADDR() macro in the patch you posted yesterday. Note that the size checks against TASK_SIZE are okay as coded. The additional changes that I propose are below. These are in the error paths for bad ELF entry addresses once load_elf_binary() has already committed to exec'ing the new image (following the tearing down of the task's original address space). The 1st hunk deals with the interp-side of the outer "if". There were two problems here. The printk() should be removed because this path can be triggered at will by a bogus interpreter image created and used by a malicious user. Further, the error code should not be ENOEXEC, because that causes the loop in search_binary_handler() to continue trying other exec handlers (twice, in fact). But it's too late for this to work correctly, because the user address space has already been torn down, and an exec() failure cannot be returned to the user code because the code no longer exists. The only recovery is to force a SIGSEGV, but it's best to terminate the search loop immediately. I somewhat arbitrarily chose EINVAL as a fallback error code, but any error returned by load_elf_interp() will override that (but this value will never be seen by user-space). The 2nd hunk deals with the non-interp-side of the outer "if". There were two problems here as well. The SIGSEGV needs to be forced, because a prior sigaction() syscall might have set the associated disposition to SIG_IGN. And the ENOEXEC should be changed to EINVAL as described above. Signed-off-by: Chuck Ebbert <76306.1226@compuserve.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
David S. Miller authored
We grab a reference to the route's inetpeer entry but forget to release it in xfrm4_dst_destroy(). Bug discovered by Kazunori MIYAZAWA <kazunori@miyazawa.org> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Patrick McHardy authored
Currently the behaviour of disable_xfrm is inconsistent between locally generated and forwarded packets. For locally generated packets disable_xfrm disables the policy lookup if it is set on the output device, for forwarded traffic however it looks at the input device. This makes it impossible to disable xfrm on all devices but a dummy device and use normal routing to direct traffic to that device. Always use the output device when checking disable_xfrm. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
- 08 Dec, 2006 8 commits
-
-
Adrian Bunk authored
This patch reverts the quirk_via_irq changes in 2.6.16.17 that caused regressions for several people. Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Daniel Ritz authored
Signed-off-by: Daniel Ritz <daniel.ritz@gmx.ch> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Daniel Ritz authored
- add the ICH6(R) LPC to the ICH6 ACPI quirks. currently only the ICH6-M is handled. [ PCI_DEVICE_ID_INTEL_ICH6_1 is the ICH6-M LPC, ICH6_0 is the ICH6(R) ] Signed-off-by: Daniel Ritz <daniel.ritz@gmx.ch> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Jean Delvare authored
Unhide the SMBus controller on the Asus PU-DLS board. This fixes bug #6763. Signed-off-by: Jean Delvare <khali@linux-fr.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Bjorn Helgaas authored
Without this quirk, e100 can be pulling on a shared interrupt line when another device (eg. USB) loads, causing the interrupt to scream and get disabled. http://bugzilla.kernel.org/show_bug.cgi?id=5918Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Linus Torvalds authored
This is confirmed to fix a hang due to PCI resource conflicts with setting up the Cardbus bridge on old laptops with the 440MX chipsets. Original report by Alessio Sangalli, lspci debugging help by Pekka Enberg, and trial patch suggested by Daniel Ritz: "From the docs available i would _guess_ this thing is really similar to the 82443BX/82371AB combination. at least the SMBus base address register is hidden at the very same place (32bit at 0x90 in function 3 of the "south" brigde)" The dang thing is largely undocumented, but the patch was corroborated by Asit Mallick: "I am trying to find the register information. 440MX is an integration of 440BX north-bridge without AGP and PIIX4E (82371EB). PIIX4 quirk should cover the ACPI and SMBus related I/O registers." and verified to fix the problem by Alessio. Signed-off-by: Linus Torvalds <torvalds@osdl.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Brice Goglin authored
The nVidia CK804 PCI-E chipset supports the AER extended capability but sometimes fails to link it (with some BIOS or after a warm reboot). It makes the AER cap invisible to pci_find_ext_capability(). The patch adds a quirk to set the missing bit that controls the linking of the capability. By the way, it removes the corresponding code in the myri10ge driver. Signed-off-by: Brice Goglin <brice@myri.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
John W. Linville authored
The naming of the constant defined for PCI ID 1022:7450 does not seem to match the information at http://pciids.sourceforge.net/: http://pci-ids.ucw.cz/iii/?i=1022 There 1022:7450 is listed as "AMD-8131 PCI-X Bridge" while 1022:7451 is listed as "AMD-8131 PCI-X IOAPIC". Yet, the current definition for 0x7450 is PCI_DEVICE_ID_AMD_8131_APIC. It seems to me like that name should map to 0x7451, while a name like PCI_DEVICE_ID_AMD_8131_BRIDGE should map to 0x7450. Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
- 06 Dec, 2006 2 commits
-
-
Ralf Baechle authored
<linux/mempolicy.h> uses struct mm_struct and relies on a definition or declaration somehow magically being dragged in which may result in a build: CC mm/mempolicy.o In file included from mm/mempolicy.c:69: include/linux/mempolicy.h:150: warning: 'struct mm_struct' declared inside parameter list include/linux/mempolicy.h:150: warning: its scope is only this definition or declaration, which is probably not what you want include/linux/mempolicy.h:174: warning: 'struct mm_struct' declared inside parameter list mm/mempolicy.c:673: error: conflicting types for 'do_migrate_pages' include/linux/mempolicy.h:174: error: previous declaration of 'do_migrate_pages' was here mm/mempolicy.c:1696: error: conflicting types for 'mpol_rebind_mm' include/linux/mempolicy.h:150: error: previous declaration of 'mpol_rebind_mm' was here make[1]: *** [mm/mempolicy.o] Error 1 make: *** [mm] Error 2 $ Including <linux/sched.h> is a step into direction of include hell so fixed by adding a forward declaration of struct mm_struct instead. Signed-off-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Adrian Bunk authored
-
- 04 Dec, 2006 6 commits
-
-
Adrian Bunk authored
-
Chris Wright authored
Make sure to properly clamp maxnum to avoid overflow (CVE-2006-5751). Signed-off-by: Chris Wright <chrisw@sous-sol.org> Acked-by: Stephen Hemminger <shemminger@osdl.org> Acked-by: David Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Trond Myklebust authored
fcntl(F_SETSIG) no longer works on leases because lease_release_private_callback() gets called as the lease is copied in order to initialise it. The problem is that lease_alloc() performs an unnecessary initialisation, which sets the lease_manager_ops. Avoid the problem by allocating the target lease structure using locks_alloc_lock(). Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Jens Axboe authored
cciss needs to call disk_stat_add() for iostat to work. Signed-off-by: Jens Axboe <jens.axboe@oracle.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Jens Axboe authored
cpqarray needs to call disk_stat_add() for iostat to work. Signed-off-by: Jens Axboe <jens.axboe@oracle.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-
Michael De Backer authored
Configuration bits are not set properly for DMA on some chipset revisions. It has already been corrected for M5229 (rev c7) but not for M5229 (rev c8). This leads to the bug described at http://bugzilla.kernel.org/show_bug.cgi?id=5786 (lost interrupt + ide bus hangs). Signed-off-by: Michael De Backer <micdb@skynet.be> Signed-off-by: Adrian Bunk <bunk@stusta.de>
-