1. 14 Aug, 2013 14 commits
    • Linus Torvalds's avatar
      Merge branch 'akpm' (patches from Andrew Morton) · f1d6e17f
      Linus Torvalds authored
      Merge a bunch of fixes from Andrew Morton.
      
      * emailed patches from Andrew Morton <akpm@linux-foundation.org>:
        fs/proc/task_mmu.c: fix buffer overflow in add_page_map()
        arch: *: Kconfig: add "kernel/Kconfig.freezer" to "arch/*/Kconfig"
        ocfs2: fix null pointer dereference in ocfs2_dir_foreach_blk_id()
        x86 get_unmapped_area(): use proper mmap base for bottom-up direction
        ocfs2: fix NULL pointer dereference in ocfs2_duplicate_clusters_by_page
        ocfs2: Revert 40bd62eb to avoid regression in extended allocation
        drivers/rtc/rtc-stmp3xxx.c: provide timeout for potentially endless loop polling a HW bit
        hugetlb: fix lockdep splat caused by pmd sharing
        aoe: adjust ref of head for compound page tails
        microblaze: fix clone syscall
        mm: save soft-dirty bits on file pages
        mm: save soft-dirty bits on swapped pages
        memcg: don't initialize kmem-cache destroying work for root caches
      f1d6e17f
    • yonghua zheng's avatar
      fs/proc/task_mmu.c: fix buffer overflow in add_page_map() · 8c829622
      yonghua zheng authored
      Recently we met quite a lot of random kernel panic issues after enabling
      CONFIG_PROC_PAGE_MONITOR.  After debuggind we found this has something
      to do with following bug in pagemap:
      
      In struct pagemapread:
      
        struct pagemapread {
            int pos, len;
            pagemap_entry_t *buffer;
            bool v2;
        };
      
      pos is number of PM_ENTRY_BYTES in buffer, but len is the size of
      buffer, it is a mistake to compare pos and len in add_page_map() for
      checking buffer is full or not, and this can lead to buffer overflow and
      random kernel panic issue.
      
      Correct len to be total number of PM_ENTRY_BYTES in buffer.
      
      [akpm@linux-foundation.org: document pagemapread.pos and .len units, fix PM_ENTRY_BYTES definition]
      Signed-off-by: default avatarYonghua Zheng <younghua.zheng@gmail.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      8c829622
    • Chen Gang's avatar
      arch: *: Kconfig: add "kernel/Kconfig.freezer" to "arch/*/Kconfig" · 57a1a197
      Chen Gang authored
      All architectures include "kernel/Kconfig.freezer" except three left, so
      let them include it too, or 'allmodconfig' will report error.
      
      The related errors: (with allmodconfig for openrisc):
      
          CC      kernel/cgroup_freezer.o
        kernel/cgroup_freezer.c: In function 'freezer_css_online':
        kernel/cgroup_freezer.c:133:15: error: 'system_freezing_cnt' undeclared (first use in this function)
        kernel/cgroup_freezer.c:133:15: note: each undeclared identifier is reported only once for each function it appears in
        kernel/cgroup_freezer.c: In function 'freezer_css_offline':
        kernel/cgroup_freezer.c:157:15: error: 'system_freezing_cnt' undeclared (first use in this function)
        kernel/cgroup_freezer.c: In function 'freezer_attach':
        kernel/cgroup_freezer.c:200:4: error: implicit declaration of function 'freeze_task'
        kernel/cgroup_freezer.c: In function 'freezer_apply_state':
        kernel/cgroup_freezer.c:371:16: error: 'system_freezing_cnt' undeclared (first use in this function)
      Signed-off-by: default avatarChen Gang <gang.chen@asianux.com>
      Cc: Richard Kuo <rkuo@codeaurora.org>
      Cc: Jonas Bonn <jonas@southpole.se>
      Cc: Chen Liqin <liqin.chen@sunplusct.com>
      Cc: Lennox Wu <lennox.wu@gmail.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      57a1a197
    • Jeff Liu's avatar
      ocfs2: fix null pointer dereference in ocfs2_dir_foreach_blk_id() · d6394b59
      Jeff Liu authored
      Fix a NULL pointer deference while removing an empty directory, which
      was introduced by commit 3704412b ("[readdir] convert ocfs2").
      
        BUG: unable to handle kernel NULL pointer dereference at (null)
        IP: [<(null)>]           (null)
        PGD 6da85067 PUD 6da89067 PMD 0
        Oops: 0010 [#1] SMP
        CPU: 0 PID: 6564 Comm: rmdir Tainted: G           O 3.11.0-rc1 #4
        RIP: 0010:[<0000000000000000>]  [<          (null)>]           (null)
        Call Trace:
          ocfs2_dir_foreach+0x49/0x50 [ocfs2]
          ocfs2_empty_dir+0x12c/0x3e0 [ocfs2]
          ocfs2_unlink+0x56e/0xc10 [ocfs2]
          vfs_rmdir+0xd5/0x140
          do_rmdir+0x1cb/0x1e0
          SyS_rmdir+0x16/0x20
          system_call_fastpath+0x16/0x1b
        Code:  Bad RIP value.
        RIP  [<          (null)>]           (null)
        RSP <ffff88006daddc10>
        CR2: 0000000000000000
      
      [dan.carpenter@oracle.com: fix pointer math]
      Signed-off-by: default avatarJie Liu <jeff.liu@oracle.com>
      Reported-by: default avatarDavid Weber <wb@munzinger.de>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Joel Becker <jlbec@evilplan.org>
      Cc: Mark Fasheh <mfasheh@suse.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      d6394b59
    • Radu Caragea's avatar
      x86 get_unmapped_area(): use proper mmap base for bottom-up direction · df54d6fa
      Radu Caragea authored
      When the stack is set to unlimited, the bottomup direction is used for
      mmap-ings but the mmap_base is not used and thus effectively renders
      ASLR for mmapings along with PIE useless.
      
      Cc: Michel Lespinasse <walken@google.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Reviewed-by: default avatarRik van Riel <riel@redhat.com>
      Acked-by: default avatarIngo Molnar <mingo@kernel.org>
      Cc: Adrian Sendroiu <molecula2788@gmail.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      df54d6fa
    • Tiger Yang's avatar
      ocfs2: fix NULL pointer dereference in ocfs2_duplicate_clusters_by_page · c7dd3392
      Tiger Yang authored
      Since ocfs2_cow_file_pos will invoke ocfs2_refcount_icow with a NULL as
      the struct file pointer, it finally result in a null pointer dereference
      in ocfs2_duplicate_clusters_by_page.
      
      This patch replace file pointer with inode pointer in
      cow_duplicate_clusters to fix this issue.
      
      [jeff.liu@oracle.com: rebased patch against linux-next tree]
      Signed-off-by: default avatarTiger Yang <tiger.yang@oracle.com>
      Signed-off-by: default avatarJie Liu <jeff.liu@oracle.com>
      Cc: Joel Becker <jlbec@evilplan.org>
      Cc: Mark Fasheh <mfasheh@suse.com>
      Acked-by: default avatarTao Ma <tm@tao.ma>
      Tested-by: default avatarDavid Weber <wb@munzinger.de>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      c7dd3392
    • Jie Liu's avatar
      ocfs2: Revert 40bd62eb to avoid regression in extended allocation · 6115ea28
      Jie Liu authored
      Revert commit 40bd62eb ("fs/ocfs2/journal.h: add bits_wanted while
      calculating credits in ocfs2_calc_extend_credits").
      
      Unfortunately this change broke fallocate even if there is insufficient
      disk space for the preallocation, which is a serious problem.
      
        # df -h
        /dev/sda8        22G  1.2G   21G   6% /ocfs2
        # fallocate -o 0 -l 200M /ocfs2/testfile
        fallocate: /ocfs2/test: fallocate failed: No space left on device
      
      and a kernel warning:
      
        CPU: 3 PID: 3656 Comm: fallocate Tainted: G        W  O 3.11.0-rc3 #2
        Call Trace:
          dump_stack+0x77/0x9e
          warn_slowpath_common+0xc4/0x110
          warn_slowpath_null+0x2a/0x40
          start_this_handle+0x6c/0x640 [jbd2]
          jbd2__journal_start+0x138/0x300 [jbd2]
          jbd2_journal_start+0x23/0x30 [jbd2]
          ocfs2_start_trans+0x166/0x300 [ocfs2]
          __ocfs2_extend_allocation+0x38f/0xdb0 [ocfs2]
          ocfs2_allocate_unwritten_extents+0x3c9/0x520
          __ocfs2_change_file_space+0x5e0/0xa60 [ocfs2]
          ocfs2_fallocate+0xb1/0xe0 [ocfs2]
          do_fallocate+0x1cb/0x220
          SyS_fallocate+0x6f/0xb0
          system_call_fastpath+0x16/0x1b
        JBD2: fallocate wants too many credits (51216 > 4381)
      Signed-off-by: default avatarJie Liu <jeff.liu@oracle.com>
      Cc: Goldwyn Rodrigues <rgoldwyn@suse.com>
      Cc: Joel Becker <jlbec@evilplan.org>
      Cc: Mark Fasheh <mfasheh@suse.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      6115ea28
    • Lothar Waßmann's avatar
      drivers/rtc/rtc-stmp3xxx.c: provide timeout for potentially endless loop polling a HW bit · 28a0c883
      Lothar Waßmann authored
      It's always a bad idea to poll on HW bits without a timeout.
      
      The i.MX28 RTC can be easily brought into a state in which the RTC is
      not running (until after a power-on-reset) and thus the status bits
      which are polled in the driver won't ever change.
      
      This patch prevents the kernel from getting stuck in this case.
      Signed-off-by: default avatarLothar Waßmann <LW@KARO-electronics.de>
      Acked-by: default avatarWolfram Sang <wsa@the-dreams.de>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      28a0c883
    • Michal Hocko's avatar
      hugetlb: fix lockdep splat caused by pmd sharing · b610ded7
      Michal Hocko authored
      Dave has reported the following lockdep splat:
      
        =================================
        [ INFO: inconsistent lock state ]
        3.11.0-rc1+ #9 Not tainted
        ---------------------------------
        inconsistent {RECLAIM_FS-ON-W} -> {IN-RECLAIM_FS-W} usage.
        kswapd0/49 [HC0[0]:SC0[0]:HE1:SE1] takes:
         (&mapping->i_mmap_mutex){+.+.?.}, at: [<c114971b>] page_referenced+0x87/0x5e3
        {RECLAIM_FS-ON-W} state was registered at:
           mark_held_locks+0x81/0xe7
           lockdep_trace_alloc+0x5e/0xbc
           __alloc_pages_nodemask+0x8b/0x9b6
           __get_free_pages+0x20/0x31
           get_zeroed_page+0x12/0x14
           __pmd_alloc+0x1c/0x6b
           huge_pmd_share+0x265/0x283
           huge_pte_alloc+0x5d/0x71
           hugetlb_fault+0x7c/0x64a
           handle_mm_fault+0x255/0x299
           __do_page_fault+0x142/0x55c
           do_page_fault+0xd/0x16
           error_code+0x6c/0x74
        irq event stamp: 3136917
        hardirqs last  enabled at (3136917):  _raw_spin_unlock_irq+0x27/0x50
        hardirqs last disabled at (3136916):  _raw_spin_lock_irq+0x15/0x78
        softirqs last  enabled at (3136180):  __do_softirq+0x137/0x30f
        softirqs last disabled at (3136175):  irq_exit+0xa8/0xaa
        other info that might help us debug this:
         Possible unsafe locking scenario:
               CPU0
               ----
          lock(&mapping->i_mmap_mutex);
          <Interrupt>
            lock(&mapping->i_mmap_mutex);
      
        *** DEADLOCK ***
        no locks held by kswapd0/49.
      
        stack backtrace:
        CPU: 1 PID: 49 Comm: kswapd0 Not tainted 3.11.0-rc1+ #9
        Hardware name: Dell Inc.                 Precision WorkStation 490    /0DT031, BIOS A08 04/25/2008
        Call Trace:
          dump_stack+0x4b/0x79
          print_usage_bug+0x1d9/0x1e3
          mark_lock+0x1e0/0x261
          __lock_acquire+0x623/0x17f2
          lock_acquire+0x7d/0x195
          mutex_lock_nested+0x6c/0x3a7
          page_referenced+0x87/0x5e3
          shrink_page_list+0x3d9/0x947
          shrink_inactive_list+0x155/0x4cb
          shrink_lruvec+0x300/0x5ce
          shrink_zone+0x53/0x14e
          kswapd+0x517/0xa75
          kthread+0xa8/0xaa
          ret_from_kernel_thread+0x1b/0x28
      
      which is a false positive caused by hugetlb pmd sharing code which
      allocates a new pmd from withing mapping->i_mmap_mutex.  If this
      allocation causes reclaim then the lockdep detector complains that we
      might self-deadlock.
      
      This is not correct though, because hugetlb pages are not reclaimable so
      their mapping will be never touched from the reclaim path.
      
      The patch tells lockup detector that hugetlb i_mmap_mutex is special by
      assigning it a separate lockdep class so it won't report possible
      deadlocks on unrelated mappings.
      
      [peterz@infradead.org: comment for annotation]
      Reported-by: default avatarDave Jones <davej@redhat.com>
      Signed-off-by: default avatarMichal Hocko <mhocko@suse.cz>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Reviewed-by: default avatarMinchan Kim <minchan@kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      b610ded7
    • Ed Cashin's avatar
      aoe: adjust ref of head for compound page tails · fb32975d
      Ed Cashin authored
      Fix a BUG which can trigger when direct-IO is used with AOE.
      
      As discussed previously, the fact that some users of the block layer
      provide bios that point to pages with a zero _count means that it is not
      OK for the network layer to do a put_page on the skb frags during an
      skb_linearize, so the aoe driver gets a reference to pages in bios and
      puts the reference before ending the bio.  And because it cannot use
      get_page on a page with a zero _count, it manipulates the value
      directly.
      
      It is not OK to increment the _count of a compound page tail, though,
      since the VM layer will VM_BUG_ON a non-zero _count.  Block users that
      do direct I/O can result in the aoe driver seeing compound page tails in
      bios.  In that case, the same logic works as long as the head of the
      compound page is used instead of the tails.  This patch handles compound
      pages and does not BUG.
      
      It relies on the block layer user leaving the relationship between the
      page tail and its head alone for the duration between the submission of
      the bio and its completion, whether successful or not.
      Signed-off-by: default avatarEd Cashin <ecashin@coraid.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      fb32975d
    • Michal Simek's avatar
      microblaze: fix clone syscall · dfa9771a
      Michal Simek authored
      Fix inadvertent breakage in the clone syscall ABI for Microblaze that
      was introduced in commit f3268edb ("microblaze: switch to generic
      fork/vfork/clone").
      
      The Microblaze syscall ABI for clone takes the parent tid address in the
      4th argument; the third argument slot is used for the stack size.  The
      incorrectly-used CLONE_BACKWARDS type assigned parent tid to the 3rd
      slot.
      
      This commit restores the original ABI so that existing userspace libc
      code will work correctly.
      
      All kernel versions from v3.8-rc1 were affected.
      Signed-off-by: default avatarMichal Simek <michal.simek@xilinx.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      dfa9771a
    • Cyrill Gorcunov's avatar
      mm: save soft-dirty bits on file pages · 41bb3476
      Cyrill Gorcunov authored
      Andy reported that if file page get reclaimed we lose the soft-dirty bit
      if it was there, so save _PAGE_BIT_SOFT_DIRTY bit when page address get
      encoded into pte entry.  Thus when #pf happens on such non-present pte
      we can restore it back.
      Reported-by: default avatarAndy Lutomirski <luto@amacapital.net>
      Signed-off-by: default avatarCyrill Gorcunov <gorcunov@openvz.org>
      Acked-by: default avatarPavel Emelyanov <xemul@parallels.com>
      Cc: Matt Mackall <mpm@selenic.com>
      Cc: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>
      Cc: Marcelo Tosatti <mtosatti@redhat.com>
      Cc: KOSAKI Motohiro <kosaki.motohiro@gmail.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>
      Cc: Minchan Kim <minchan@kernel.org>
      Cc: Wanpeng Li <liwanp@linux.vnet.ibm.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      41bb3476
    • Cyrill Gorcunov's avatar
      mm: save soft-dirty bits on swapped pages · 179ef71c
      Cyrill Gorcunov authored
      Andy Lutomirski reported that if a page with _PAGE_SOFT_DIRTY bit set
      get swapped out, the bit is getting lost and no longer available when
      pte read back.
      
      To resolve this we introduce _PTE_SWP_SOFT_DIRTY bit which is saved in
      pte entry for the page being swapped out.  When such page is to be read
      back from a swap cache we check for bit presence and if it's there we
      clear it and restore the former _PAGE_SOFT_DIRTY bit back.
      
      One of the problem was to find a place in pte entry where we can save
      the _PTE_SWP_SOFT_DIRTY bit while page is in swap.  The _PAGE_PSE was
      chosen for that, it doesn't intersect with swap entry format stored in
      pte.
      Reported-by: default avatarAndy Lutomirski <luto@amacapital.net>
      Signed-off-by: default avatarCyrill Gorcunov <gorcunov@openvz.org>
      Acked-by: default avatarPavel Emelyanov <xemul@parallels.com>
      Cc: Matt Mackall <mpm@selenic.com>
      Cc: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>
      Cc: Marcelo Tosatti <mtosatti@redhat.com>
      Cc: KOSAKI Motohiro <kosaki.motohiro@gmail.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>
      Reviewed-by: default avatarMinchan Kim <minchan@kernel.org>
      Reviewed-by: default avatarWanpeng Li <liwanp@linux.vnet.ibm.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      179ef71c
    • Andrey Vagin's avatar
      memcg: don't initialize kmem-cache destroying work for root caches · 3e6b11df
      Andrey Vagin authored
      struct memcg_cache_params has a union.  Different parts of this union
      are used for root and non-root caches.  A part with destroying work is
      used only for non-root caches.
      
      I fixed the same problem in another place v3.9-rc1-16204-gf101a946, but
      didn't notice this one.
      
      This patch fixes the kernel panic:
      
      [   46.848187] BUG: unable to handle kernel paging request at 000000fffffffeb8
      [   46.849026] IP: [<ffffffff811a484c>] kmem_cache_destroy_memcg_children+0x6c/0xc0
      [   46.849092] PGD 0
      [   46.849092] Oops: 0000 [#1] SMP
      ...
      Signed-off-by: default avatarAndrey Vagin <avagin@openvz.org>
      Cc: Glauber Costa <glommer@openvz.org>
      Cc: Johannes Weiner <hannes@cmpxchg.org>
      Acked-by: default avatarMichal Hocko <mhocko@suse.cz>
      Cc: Balbir Singh <bsingharora@gmail.com>
      Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
      Cc: Konstantin Khlebnikov <khlebnikov@openvz.org>
      Cc: <stable@vger.kernel.org>    [3.9.x]
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      3e6b11df
  2. 13 Aug, 2013 4 commits
  3. 12 Aug, 2013 6 commits
  4. 11 Aug, 2013 4 commits
    • Linus Torvalds's avatar
      Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · e5d081f4
      Linus Torvalds authored
      Pull SCSI fixes from James Bottomley:
       "This is three bug fixes: An fnic warning caused by sleeping under a
        lock, a major regression with our updated WRITE SAME/UNMAP logic which
        caused tons of USB devices (and one RAID card) to cease to function
        and a megaraid_sas firmware initialisation problem which causes kdump
        failures"
      
      * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        [SCSI] Don't attempt to send extended INQUIRY command if skip_vpd_pages is set
        [SCSI] fnic: BUG: sleeping function called from invalid context during probe
        [SCSI] megaraid_sas: megaraid_sas driver init fails in kdump kernel
      e5d081f4
    • Linus Torvalds's avatar
      Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc · 77f63b4d
      Linus Torvalds authored
      Pull powerpc fixes from Ben Herrenschmidt:
       "This includes small series from Michael Neuling to fix a couple of
        nasty remaining problems with the new Power8 support, also targeted at
        stable 3.10, without which some new userspace accessible registers
        aren't properly context switched, and in some case, can be clobbered
        by the user of transactional memory.
      
        Along with that, a few slightly more minor things, such as a missing
        Kconfig option to enable handling of denorm exceptions when not
        running under a hypervisor (or userspace will randomly crash when
        hitting denorms with the vector unit), some nasty bugs in the new
        pstore oops code, and other simple bug fixes worth having in now.
      
        Note: I picked up the two powerpc KVM fixes as Alex Graf asked me to
        handle KVM bits while he is on vacation.  However I'll let him decide
        whether they should go to -stable or not when he is back"
      
      * 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc:
        powerpc/tm: Fix context switching TAR, PPR and DSCR SPRs
        powerpc: Save the TAR register earlier
        powerpc: Fix context switch DSCR on POWER8
        powerpc: Rework setting up H/FSCR bit definitions
        powerpc: Fix hypervisor facility unavaliable vector number
        powerpc/kvm/book3s_pr: Return appropriate error when allocation fails
        powerpc/kvm: Add signed type cast for comparation
        powerpc/eeh: Add missing procfs entry for PowerNV
        powerpc/pseries: Add backward compatibilty to read old kernel oops-log
        powerpc/pseries: Fix buffer overflow when reading from pstore
        powerpc: On POWERNV enable PPC_DENORMALISATION by default
      77f63b4d
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · 30b229bd
      Linus Torvalds authored
      Pull s390 kvm fixes from Paolo Bonzini:
       "Two fixes for s390"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
        KVM: s390: fix pfmf non-quiescing control handling
        KVM: s390: move kvm_guest_enter,exit closer to sie
      30b229bd
    • Linus Torvalds's avatar
      Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux · 9e6bdaaa
      Linus Torvalds authored
      Pull i2c fixes from Wolfram Sang:
       "Some driver bugfixes for the I2C subsystem"
      
      * 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
        i2c: mv64xxx: Document the newly introduced allwinner compatible
        i2c: Fix Kontron PLD prescaler calculation
        i2c: i2c-mxs: Use DMA mode even for small transfers
      9e6bdaaa
  5. 10 Aug, 2013 6 commits
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs · d92581fc
      Linus Torvalds authored
      Pull btrfs fixes from Chris Mason:
       "These are assorted fixes, mostly from Josef nailing down xfstests
        runs.  Zach also has a long standing fix for problems with readdir
        wrapping f_pos (or ctx->pos)
      
        These patches were spread out over different bases, so I rebased
        things on top of rc4 and retested overnight"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs:
        btrfs: don't loop on large offsets in readdir
        Btrfs: check to see if root_list is empty before adding it to dead roots
        Btrfs: release both paths before logging dir/changed extents
        Btrfs: allow splitting of hole em's when dropping extent cache
        Btrfs: make sure the backref walker catches all refs to our extent
        Btrfs: fix backref walking when we hit a compressed extent
        Btrfs: do not offset physical if we're compressed
        Btrfs: fix extent buffer leak after backref walking
        Btrfs: fix a bug of snapshot-aware defrag to make it work on partial extents
        btrfs: fix file truncation if FALLOC_FL_KEEP_SIZE is specified
      d92581fc
    • Linus Torvalds's avatar
      Merge tag 'nfs-for-3.11-4' of git://git.linux-nfs.org/projects/trondmy/linux-nfs · b8ea0d06
      Linus Torvalds authored
      Pull NFS client bugfixes from Trond Myklebust:
      
       - Stable patch for lockd to fix Oopses due to inappropriate calls to
         utsname()->nodename
      
       - Stable patches for sunrpc to fix Oopses on shutdown when using
         AF_LOCAL sockets with rpcbind
      
       - Fix memory leak and error checking issues in nfs4_proc_lookup_mountpoint
      
       - Fix a regression with the sync mount option failing to work for nfs4
         mounts
      
       - Fix a writeback performance issue when doing cache invalidation
      
       - Remove an incorrect call to nfs_setsecurity in nfs_fhget
      
      * tag 'nfs-for-3.11-4' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
        NFSv4: Fix up nfs4_proc_lookup_mountpoint
        NFS: Remove unnecessary call to nfs_setsecurity in nfs_fhget()
        NFSv4: Fix the sync mount option for nfs4 mounts
        NFS: Fix writeback performance issue on cache invalidation
        SUNRPC: If the rpcbind channel is disconnected, fail the call to unregister
        SUNRPC: Don't auto-disconnect from the local rpcbind socket
        LOCKD: Don't call utsname()->nodename from nlmclnt_setlockargs
      b8ea0d06
    • Linus Torvalds's avatar
      Merge branch 'for-3.11' of git://linux-nfs.org/~bfields/linux · 022e5d09
      Linus Torvalds authored
      Pull nfsd fixes from Bruce Fields:
       "Some fixes for a 4.1 feature that in retrospect probably should have
        waited for 3.12....  But it appears to be working now"
      
      * 'for-3.11' of git://linux-nfs.org/~bfields/linux:
        nfsd: Fix SP4_MACH_CRED negotiation in EXCHANGE_ID
        nfsd4: Fix MACH_CRED NULL dereference
      022e5d09
    • Linus Torvalds's avatar
      Merge tag 'sound-3.11' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound · 1e24f76e
      Linus Torvalds authored
      Pull sound fixes from Takashi Iwai:
       "A couple of USB-audio fixes that should also go to stable kernels"
      
      * tag 'sound-3.11' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
        ALSA: usb-audio: do not trust too-big wMaxPacketSize values
        ALSA: 6fire: fix DMA issues with URB transfer_buffer usage
      1e24f76e
    • Linus Torvalds's avatar
      Merge tag 'staging-3.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging · 8ae3f1d0
      Linus Torvalds authored
      Pull staging driver fixes from Greg KH:
       "Here are 3 small fixes for staging/IIO drivers for 3.11-rc5.  Nothing
        huge, two IIO driver fixes, and a zcache fix.  All of these have been
        in linux-next for a while"
      
      * tag 'staging-3.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
        staging: zcache: fix "zcache=" kernel parameter
        iio: ti_am335x_adc: Fix wrong samples received on 1st read
        iio:trigger: Fix use_count race condition
      8ae3f1d0
    • Linus Torvalds's avatar
      Merge tag 'usb-3.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · e6e8ac44
      Linus Torvalds authored
      Pull USB fixes from Greg KH:
       "Here are 3 small USB fixes for 3.11-rc5.
      
        One is a fix that the ChromeOS developers ran into on some Intel
        hardware, one is a build fix, and the last is a MAINTAINERS update to
        help people figure out where to send USB network driver patches.
      
        All of these have been in linux-next for a while"
      
      * tag 'usb-3.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
        MAINTAINERS: Add separate section for USB NETWORKING DRIVERS
        usb: xhci: add missing dma-mapping.h includes
        usb: core: don't try to reset_device() a port that got just disconnected
      e6e8ac44
  6. 09 Aug, 2013 6 commits
    • Zach Brown's avatar
      btrfs: don't loop on large offsets in readdir · db62efbb
      Zach Brown authored
      When btrfs readdir() hits the last entry it sets the readdir offset to a
      huge value to stop buggy apps from breaking when the same name is
      returned by readdir() with concurrent rename()s.
      
      But unconditionally setting the offset to INT_MAX causes readdir() to
      loop returning any entries with offsets past INT_MAX.  It only takes a
      few hours of constant file creation and removal to create entries past
      INT_MAX.
      
      So let's set the huge offset to LLONG_MAX if the last entry has already
      overflowed 32bit loff_t.   Without large offsets behaviour is identical.
      With large offsets 64bit apps will work and 32bit apps will be no more
      broken than they currently are if they see large offsets.
      Signed-off-by: default avatarZach Brown <zab@redhat.com>
      Signed-off-by: default avatarJosef Bacik <jbacik@fusionio.com>
      Signed-off-by: default avatarChris Mason <chris.mason@fusionio.com>
      db62efbb
    • Josef Bacik's avatar
      Btrfs: check to see if root_list is empty before adding it to dead roots · cfad392b
      Josef Bacik authored
      A user reported a panic when running with autodefrag and deleting snapshots.
      This is because we could end up trying to add the root to the dead roots list
      twice.  To fix this check to see if we are empty before adding ourselves to the
      dead roots list.  Thanks,
      Signed-off-by: default avatarJosef Bacik <jbacik@fusionio.com>
      Signed-off-by: default avatarChris Mason <chris.mason@fusionio.com>
      cfad392b
    • Josef Bacik's avatar
      Btrfs: release both paths before logging dir/changed extents · f3b15ccd
      Josef Bacik authored
      The ceph guys tripped over this bug where we were still holding onto the
      original path that we used to copy the inode with when logging.  This is based
      on Chris's fix which was reported to fix the problem.  We need to drop the paths
      in two cases anyway so just move the drop up so that we don't have duplicate
      code.  Thanks,
      
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarJosef Bacik <jbacik@fusionio.com>
      Signed-off-by: default avatarChris Mason <chris.mason@fusionio.com>
      f3b15ccd
    • Josef Bacik's avatar
      Btrfs: allow splitting of hole em's when dropping extent cache · ee20a983
      Josef Bacik authored
      I noticed while running multi-threaded fsync tests that sometimes fsck would
      complain about an improper gap.  This happens because we fail to add a hole
      extent to the file, which was happening when we'd split a hole EM because
      btrfs_drop_extent_cache was just discarding the whole em instead of splitting
      it.  So this patch fixes this by allowing us to split a hole em properly, which
      means that added holes actually get logged properly and we no longer see this
      fsck error.  Thankfully we're tolerant of these sort of problems so a user would
      not see any adverse effects of this bug, other than fsck complaining.  Thanks,
      Signed-off-by: default avatarJosef Bacik <jbacik@fusionio.com>
      Signed-off-by: default avatarChris Mason <chris.mason@fusionio.com>
      ee20a983
    • Josef Bacik's avatar
      Btrfs: make sure the backref walker catches all refs to our extent · ed8c4913
      Josef Bacik authored
      Because we don't mess with the offset into the extent for compressed we will
      properly find both extents for this case
      
      [extent a][extent b][rest of extent a]
      
      but because we already added a ref for the front half we won't add the inode
      information for the second half.  This causes us to leak that memory and not
      print out the other offset when we do logical-resolve.  So fix this by calling
      ulist_add_merge and then add our eie to the existing entry if there is one.
      With this patch we get both offsets out of logical-resolve.  With this and the
      other 2 patches I've sent we now pass btrfs/276 on my vm with compress-force=lzo
      set.  Thanks,
      Signed-off-by: default avatarJosef Bacik <jbacik@fusionio.com>
      Signed-off-by: default avatarChris Mason <chris.mason@fusionio.com>
      ed8c4913
    • Josef Bacik's avatar
      Btrfs: fix backref walking when we hit a compressed extent · 8ca15e05
      Josef Bacik authored
      If you do btrfs inspect-internal logical-resolve on a compressed extent that has
      been partly overwritten it won't find anything.  This is because we try and
      match the extent offset we've searched for based on the extent offset in the
      data extent entry.  However this doesn't work for compressed extents because the
      offsets are for the uncompressed size, not the compressed size.  So instead only
      do this check if we are not compressed, that way we can get an actual entry for
      the physical offset rather than nothing for compressed.  Thanks,
      Signed-off-by: default avatarJosef Bacik <jbacik@fusionio.com>
      Signed-off-by: default avatarChris Mason <chris.mason@fusionio.com>
      8ca15e05