1. 08 Apr, 2013 3 commits
    • Steven Rostedt (Red Hat)'s avatar
      ftrace: Do not call stub functions in control loop · 395b97a3
      Steven Rostedt (Red Hat) authored
      The function tracing control loop used by perf spits out a warning
      if the called function is not a control function. This is because
      the control function references a per cpu allocated data structure
      on struct ftrace_ops that is not allocated for other types of
      functions.
      
      commit 0a016409 "ftrace: Optimize the function tracer list loop"
      
      Had an optimization done to all function tracing loops to optimize
      for a single registered ops. Unfortunately, this allows for a slight
      race when tracing starts or ends, where the stub function might be
      called after the current registered ops is removed. In this case we
      get the following dump:
      
      root# perf stat -e ftrace:function sleep 1
      [   74.339105] WARNING: at include/linux/ftrace.h:209 ftrace_ops_control_func+0xde/0xf0()
      [   74.349522] Hardware name: PRIMERGY RX200 S6
      [   74.357149] Modules linked in: sg igb iTCO_wdt ptp pps_core iTCO_vendor_support i7core_edac dca lpc_ich i2c_i801 coretemp edac_core crc32c_intel mfd_core ghash_clmulni_intel dm_multipath acpi_power_meter pcspk
      r microcode vhost_net tun macvtap macvlan nfsd kvm_intel kvm auth_rpcgss nfs_acl lockd sunrpc uinput xfs libcrc32c sd_mod crc_t10dif sr_mod cdrom mgag200 i2c_algo_bit drm_kms_helper ttm qla2xxx mptsas ahci drm li
      bahci scsi_transport_sas mptscsih libata scsi_transport_fc i2c_core mptbase scsi_tgt dm_mirror dm_region_hash dm_log dm_mod
      [   74.446233] Pid: 1377, comm: perf Tainted: G        W    3.9.0-rc1 #1
      [   74.453458] Call Trace:
      [   74.456233]  [<ffffffff81062e3f>] warn_slowpath_common+0x7f/0xc0
      [   74.462997]  [<ffffffff810fbc60>] ? rcu_note_context_switch+0xa0/0xa0
      [   74.470272]  [<ffffffff811041a2>] ? __unregister_ftrace_function+0xa2/0x1a0
      [   74.478117]  [<ffffffff81062e9a>] warn_slowpath_null+0x1a/0x20
      [   74.484681]  [<ffffffff81102ede>] ftrace_ops_control_func+0xde/0xf0
      [   74.491760]  [<ffffffff8162f400>] ftrace_call+0x5/0x2f
      [   74.497511]  [<ffffffff8162f400>] ? ftrace_call+0x5/0x2f
      [   74.503486]  [<ffffffff8162f400>] ? ftrace_call+0x5/0x2f
      [   74.509500]  [<ffffffff810fbc65>] ? synchronize_sched+0x5/0x50
      [   74.516088]  [<ffffffff816254d5>] ? _cond_resched+0x5/0x40
      [   74.522268]  [<ffffffff810fbc65>] ? synchronize_sched+0x5/0x50
      [   74.528837]  [<ffffffff811041a2>] ? __unregister_ftrace_function+0xa2/0x1a0
      [   74.536696]  [<ffffffff816254d5>] ? _cond_resched+0x5/0x40
      [   74.542878]  [<ffffffff8162402d>] ? mutex_lock+0x1d/0x50
      [   74.548869]  [<ffffffff81105c67>] unregister_ftrace_function+0x27/0x50
      [   74.556243]  [<ffffffff8111eadf>] perf_ftrace_event_register+0x9f/0x140
      [   74.563709]  [<ffffffff816254d5>] ? _cond_resched+0x5/0x40
      [   74.569887]  [<ffffffff8162402d>] ? mutex_lock+0x1d/0x50
      [   74.575898]  [<ffffffff8111e94e>] perf_trace_destroy+0x2e/0x50
      [   74.582505]  [<ffffffff81127ba9>] tp_perf_event_destroy+0x9/0x10
      [   74.589298]  [<ffffffff811295d0>] free_event+0x70/0x1a0
      [   74.595208]  [<ffffffff8112a579>] perf_event_release_kernel+0x69/0xa0
      [   74.602460]  [<ffffffff816254d5>] ? _cond_resched+0x5/0x40
      [   74.608667]  [<ffffffff8112a640>] put_event+0x90/0xc0
      [   74.614373]  [<ffffffff8112a740>] perf_release+0x10/0x20
      [   74.620367]  [<ffffffff811a3044>] __fput+0xf4/0x280
      [   74.625894]  [<ffffffff811a31de>] ____fput+0xe/0x10
      [   74.631387]  [<ffffffff81083697>] task_work_run+0xa7/0xe0
      [   74.637452]  [<ffffffff81014981>] do_notify_resume+0x71/0xb0
      [   74.643843]  [<ffffffff8162fa92>] int_signal+0x12/0x17
      
      To fix this a new ftrace_ops flag is added that denotes the ftrace_list_end
      ftrace_ops stub as just that, a stub. This flag is now checked in the
      control loop and the function is not called if the flag is set.
      
      Thanks to Jovi for not just reporting the bug, but also pointing out
      where the bug was in the code.
      
      Link: http://lkml.kernel.org/r/514A8855.7090402@redhat.com
      Link: http://lkml.kernel.org/r/1364377499-1900-15-git-send-email-jovi.zhangwei@huawei.comTested-by: default avatarWANG Chao <chaowang@redhat.com>
      Reported-by: default avatarWANG Chao <chaowang@redhat.com>
      Reported-by: default avatarzhangwei(Jovi) <jovi.zhangwei@huawei.com>
      Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
      395b97a3
    • Jan Kiszka's avatar
      ftrace: Consistently restore trace function on sysctl enabling · 5000c418
      Jan Kiszka authored
      If we reenable ftrace via syctl, we currently set ftrace_trace_function
      based on the previous simplistic algorithm. This is inconsistent with
      what update_ftrace_function does. So better call that helper instead.
      
      Link: http://lkml.kernel.org/r/5151D26F.1070702@siemens.com
      
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarJan Kiszka <jan.kiszka@siemens.com>
      Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
      5000c418
    • Steven Rostedt (Red Hat)'s avatar
      tracing: Fix race with update_max_tr_single and changing tracers · 2930e04d
      Steven Rostedt (Red Hat) authored
      The commit 34600f0e "tracing: Fix race with max_tr and changing tracers"
      fixed the updating of the main buffers with the race of changing
      tracers, but left out the fix to the updating of just a per cpu buffer.
      Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
      2930e04d
  2. 18 Mar, 2013 7 commits
  3. 15 Mar, 2013 2 commits
  4. 14 Mar, 2013 3 commits
  5. 13 Mar, 2013 25 commits
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace · aea8b5d1
      Linus Torvalds authored
      Pull namespace bugfixes from Eric Biederman:
       "This tree includes a partial revert for "fs: Limit sys_mount to only
        request filesystem modules." When I added the new style module aliases
        to the filesystems I deleted the old ones.  A bad move.  It turns out
        that distributions like Arch linux use module aliases when
        constructing ramdisks.  Which meant ultimately that an ext3 filesystem
        mounted with ext4 would not result in the ext4 module being put into
        the ramdisk.
      
        The other change in this tree adds a handful of filesystem module
        alias I simply failed to add the first time.  Which inconvinienced a
        few folks using cifs.
      
        I don't want to inconvinience folks any longer than I have to so here
        are these trivial fixes."
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
        fs: Readd the fs module aliases.
        fs: Limit sys_mount to only request filesystem modules. (Part 3)
      aea8b5d1
    • Linus Torvalds's avatar
      Merge branch 'akpm' (fixes from Andrew) · 842d223f
      Linus Torvalds authored
      Merge misc fixes from Andrew Morton:
      
       - A bunch of fixes
      
       - Finish off the idr API conversions before someone starts to use the
         old interfaces again.
      
      * emailed patches from Andrew Morton <akpm@linux-foundation.org>:
        idr: idr_alloc() shouldn't trigger lowmem warning when preloaded
        UAPI: fix endianness conditionals in M32R's asm/stat.h
        UAPI: fix endianness conditionals in linux/raid/md_p.h
        UAPI: fix endianness conditionals in linux/acct.h
        UAPI: fix endianness conditionals in linux/aio_abi.h
        decompressors: fix typo "POWERPC"
        mm/fremap.c: fix oops on error path
        idr: deprecate idr_pre_get() and idr_get_new[_above]()
        tidspbridge: convert to idr_alloc()
        zcache: convert to idr_alloc()
        mlx4: remove leftover idr_pre_get() call
        workqueue: convert to idr_alloc()
        nfsd: convert to idr_alloc()
        nfsd: remove unused get_new_stid()
        kernel/signal.c: use __ARCH_HAS_SA_RESTORER instead of SA_RESTORER
        signal: always clear sa_restorer on execve
        mm: remove_memory(): fix end_pfn setting
        include/linux/res_counter.h needs errno.h
      842d223f
    • Tejun Heo's avatar
      idr: idr_alloc() shouldn't trigger lowmem warning when preloaded · 59bfbcf0
      Tejun Heo authored
      GFP_NOIO is often used for idr_alloc() inside preloaded section as the
      allocation mask doesn't really matter.  If the idr tree needs to be
      expanded, idr_alloc() first tries to allocate using the specified
      allocation mask and if it fails falls back to the preloaded buffer.  This
      order prevent non-preloading idr_alloc() users from taking advantage of
      preloading ones by using preload buffer without filling it shifting the
      burden of allocation to the preload users.
      
      Unfortunately, this allowed/expected-to-fail kmem_cache allocation ends up
      generating spurious slab lowmem warning before succeeding the request from
      the preload buffer.
      
      This patch makes idr_layer_alloc() add __GFP_NOWARN to the first
      kmem_cache attempt and try kmem_cache again w/o __GFP_NOWARN after
      allocation from preload_buffer fails so that lowmem warning is generated
      if not suppressed by the original @gfp_mask.
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Reported-by: default avatarDavid Teigland <teigland@redhat.com>
      Tested-by: default avatarDavid Teigland <teigland@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      59bfbcf0
    • David Howells's avatar
      UAPI: fix endianness conditionals in M32R's asm/stat.h · 415586c9
      David Howells authored
      In the UAPI header files, __BIG_ENDIAN and __LITTLE_ENDIAN must be
      compared against __BYTE_ORDER in preprocessor conditionals where these are
      exposed to userspace (that is they're not inside __KERNEL__ conditionals).
      
      However, in the main kernel the norm is to check for
      "defined(__XXX_ENDIAN)" rather than comparing against __BYTE_ORDER and
      this has incorrectly leaked into the userspace headers.
      
      The definition of struct stat64 in M32R's asm/stat.h is wrong in this way.
       Note that userspace will likely interpret the field order incorrectly as
      the big-endian variant on little-endian machines - depending on header
      inclusion order.
      
      [!!!] NOTE [!!!]  This patch may adversely change the userspace API.  It might
      be better to fix the ordering of st_blocks and __pad4 in struct stat64.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Cc: Hirokazu Takata <takata@linux-m32r.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      415586c9
    • David Howells's avatar
      UAPI: fix endianness conditionals in linux/raid/md_p.h · ca044f9a
      David Howells authored
      In the UAPI header files, __BIG_ENDIAN and __LITTLE_ENDIAN must be
      compared against __BYTE_ORDER in preprocessor conditionals where these are
      exposed to userspace (that is they're not inside __KERNEL__ conditionals).
      
      However, in the main kernel the norm is to check for
      "defined(__XXX_ENDIAN)" rather than comparing against __BYTE_ORDER and
      this has incorrectly leaked into the userspace headers.
      
      The definition of struct mdp_superblock_s in linux/raid/md_p.h is wrong in
      this way.  Note that userspace will likely interpret the ordering of the
      fields incorrectly as the big-endian variant on a little-endian machines -
      depending on header inclusion order.
      
      [!!!] NOTE [!!!]  This patch may adversely change the userspace API.  It might
      be better to fix the ordering of events_hi, events_lo, cp_events_hi and
      cp_events_lo in struct mdp_superblock_s / typedef mdp_super_t.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Acked-by: default avatarNeilBrown <neilb@suse.de>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      ca044f9a
    • David Howells's avatar
      UAPI: fix endianness conditionals in linux/acct.h · 29ba06b9
      David Howells authored
      In the UAPI header files, __BIG_ENDIAN and __LITTLE_ENDIAN must be
      compared against __BYTE_ORDER in preprocessor conditionals where these are
      exposed to userspace (that is they're not inside __KERNEL__ conditionals).
      
      However, in the main kernel the norm is to check for
      "defined(__XXX_ENDIAN)" rather than comparing against __BYTE_ORDER and
      this has incorrectly leaked into the userspace headers.
      
      The definition of ACCT_BYTEORDER in linux/acct.h is wrong in this way.
      Note that userspace will likely interpret this incorrectly as the
      big-endian variant on little-endian machines - depending on header
      inclusion order.
      
      [!!!] NOTE [!!!]  This patch may adversely change the userspace API.  It might
      be better to fix the value of ACCT_BYTEORDER.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      29ba06b9
    • David Howells's avatar
      UAPI: fix endianness conditionals in linux/aio_abi.h · 51b154ed
      David Howells authored
      In the UAPI header files, __BIG_ENDIAN and __LITTLE_ENDIAN must be
      compared against __BYTE_ORDER in preprocessor conditionals where these are
      exposed to userspace (that is they're not inside __KERNEL__ conditionals).
      
      However, in the main kernel the norm is to check for
      "defined(__XXX_ENDIAN)" rather than comparing against __BYTE_ORDER and
      this has incorrectly leaked into the userspace headers.
      
      The definition of PADDED() in linux/aio_abi.h is wrong in this way.  Note
      that userspace will likely interpret this and thus the order of fields in
      struct iocb incorrectly as the little-endian variant on big-endian
      machines - depending on header inclusion order.
      
      [!!!] NOTE [!!!]  This patch may adversely change the userspace API.  It might
      be better to fix the ordering of aio_key and aio_reserved1 in struct iocb.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Acked-by: default avatarBenjamin LaHaise <bcrl@kvack.org>
      Acked-by: default avatarJeff Moyer <jmoyer@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      51b154ed
    • Paul Bolle's avatar
      decompressors: fix typo "POWERPC" · 97da55fc
      Paul Bolle authored
      Commit 5dc49c75 ("decompressors: make the default XZ_DEC_* config
      match the selected architecture") added
      
      	default y if POWERPC
      
      to lib/xz/Kconfig.  But there is no Kconfig symbol POWERPC.  The most
      general Kconfig symbol for the powerpc architecture is PPC.  So let's
      use that.
      Signed-off-by: default avatarPaul Bolle <pebolle@tiscali.nl>
      Cc: Florian Fainelli <florian@openwrt.org>
      Cc: Lasse Collin <lasse.collin@tukaani.org>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      97da55fc
    • Andrew Morton's avatar
      mm/fremap.c: fix oops on error path · 6d7825b1
      Andrew Morton authored
      If find_vma() fails, sys_remap_file_pages() will dereference `vma', which
      contains NULL.  Fix it by checking the pointer.
      
      (We could alternatively check for err==0, but this seems more direct)
      
      (The vm_flags change is to squish a bogus used-uninitialised warning
      without adding extra code).
      Reported-by: default avatarTommi Rantala <tt.rantala@gmail.com>
      Cc: Michel Lespinasse <walken@google.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      6d7825b1
    • Tejun Heo's avatar
      idr: deprecate idr_pre_get() and idr_get_new[_above]() · c8615d37
      Tejun Heo authored
      Now that all in-kernel users are converted to ues the new alloc
      interface, mark the old interface deprecated.  We should be able to
      remove these in a few releases.
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      c8615d37
    • Tejun Heo's avatar
      tidspbridge: convert to idr_alloc() · 8e467e85
      Tejun Heo authored
      idr_get_new*() and friends are about to be deprecated.  Convert to the
      new idr_alloc() interface.
      
      There are some peculiarities and possible bugs in the converted
      functions.  This patch preserves those.
      
      * drv_insert_node_res_element() returns -ENOMEM on alloc failure,
        -EFAULT if id space is exhausted.  -EFAULT is at best misleading.
      
      * drv_proc_insert_strm_res_element() is even weirder.  It returns
        -EFAULT if kzalloc() fails, -ENOMEM if idr preloading fails and
        -EPERM if id space is exhausted.  What's going on here?
      
      * drv_proc_insert_strm_res_element() doesn't free *pstrm_res after
        failure.
      
      Only compile tested.
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Acked-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Víctor Manuel Jáquez Leal <vjaquez@igalia.com>
      Cc: Rene Sapiens <rene.sapiens@ti.com>
      Cc: Armando Uribe <x0095078@ti.com>
      Cc: Omar Ramirez Luna <omar.ramirez@ti.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      8e467e85
    • Tejun Heo's avatar
      zcache: convert to idr_alloc() · a37c3010
      Tejun Heo authored
      idr_get_new*() and friends are about to be deprecated.  Convert to the
      new idr_alloc() interface.
      
      Only compile tested.
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Cc: Dan Magenheimer <dan.magenheimer@oracle.com>
      Acked-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      a37c3010
    • Tejun Heo's avatar
      mlx4: remove leftover idr_pre_get() call · 95e1b714
      Tejun Heo authored
      Commit 6a920060 ("IB/mlx4: convert to idr_alloc()") forgot to remove
      idr_pre_get() call in mlx4_ib_cm_paravirt_init().  It's unnecessary and
      idr_pre_get() will soon be deprecated.  Remove it.
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Cc: Jack Morgenstein <jackm@dev.mellanox.co.il>
      Cc: Or Gerlitz <ogerlitz@mellanox.com>
      Cc: Roland Dreier <roland@purestorage.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      95e1b714
    • Tejun Heo's avatar
      workqueue: convert to idr_alloc() · e68035fb
      Tejun Heo authored
      idr_get_new*() and friends are about to be deprecated.  Convert to the
      new idr_alloc() interface.
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      e68035fb
    • Tejun Heo's avatar
      nfsd: convert to idr_alloc() · ebd6c707
      Tejun Heo authored
      idr_get_new*() and friends are about to be deprecated.  Convert to the
      new idr_alloc() interface.
      
      Only compile-tested.
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Acked-by: default avatarJ. Bruce Fields <bfields@redhat.com>
      Tested-by: default avatarJ. Bruce Fields <bfields@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      ebd6c707
    • Tejun Heo's avatar
      nfsd: remove unused get_new_stid() · 801cb2d6
      Tejun Heo authored
      get_new_stid() is no longer used since commit 3abdb607 ("nfsd4:
      simplify idr allocation").  Remove it.
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Acked-by: default avatarJ. Bruce Fields <bfields@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      801cb2d6
    • Andrew Morton's avatar
      kernel/signal.c: use __ARCH_HAS_SA_RESTORER instead of SA_RESTORER · 522cff14
      Andrew Morton authored
      __ARCH_HAS_SA_RESTORER is the preferred conditional for use in 3.9 and
      later kernels, per Kees.
      
      Cc: Emese Revfy <re.emese@gmail.com>
      Cc: Emese Revfy <re.emese@gmail.com>
      Cc: PaX Team <pageexec@freemail.hu>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: "Eric W. Biederman" <ebiederm@xmission.com>
      Cc: Serge Hallyn <serge.hallyn@canonical.com>
      Cc: Julien Tinnes <jln@google.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      522cff14
    • Kees Cook's avatar
      signal: always clear sa_restorer on execve · 2ca39528
      Kees Cook authored
      When the new signal handlers are set up, the location of sa_restorer is
      not cleared, leaking a parent process's address space location to
      children.  This allows for a potential bypass of the parent's ASLR by
      examining the sa_restorer value returned when calling sigaction().
      
      Based on what should be considered "secret" about addresses, it only
      matters across the exec not the fork (since the VMAs haven't changed
      until the exec).  But since exec sets SIG_DFL and keeps sa_restorer,
      this is where it should be fixed.
      
      Given the few uses of sa_restorer, a "set" function was not written
      since this would be the only use.  Instead, we use
      __ARCH_HAS_SA_RESTORER, as already done in other places.
      
      Example of the leak before applying this patch:
      
        $ cat /proc/$$/maps
        ...
        7fb9f3083000-7fb9f3238000 r-xp 00000000 fd:01 404469 .../libc-2.15.so
        ...
        $ ./leak
        ...
        7f278bc74000-7f278be29000 r-xp 00000000 fd:01 404469 .../libc-2.15.so
        ...
        1 0 (nil) 0x7fb9f30b94a0
        2 4000000 (nil) 0x7f278bcaa4a0
        3 4000000 (nil) 0x7f278bcaa4a0
        4 0 (nil) 0x7fb9f30b94a0
        ...
      
      [akpm@linux-foundation.org: use SA_RESTORER for backportability]
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Reported-by: default avatarEmese Revfy <re.emese@gmail.com>
      Cc: Emese Revfy <re.emese@gmail.com>
      Cc: PaX Team <pageexec@freemail.hu>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: "Eric W. Biederman" <ebiederm@xmission.com>
      Cc: Serge Hallyn <serge.hallyn@canonical.com>
      Cc: Julien Tinnes <jln@google.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      2ca39528
    • Toshi Kani's avatar
      mm: remove_memory(): fix end_pfn setting · f8749452
      Toshi Kani authored
      remove_memory() calls walk_memory_range() with [start_pfn, end_pfn), where
      end_pfn is exclusive in this range.  Therefore, end_pfn needs to be set to
      the next page of the end address.
      Signed-off-by: default avatarToshi Kani <toshi.kani@hp.com>
      Cc: Wen Congyang <wency@cn.fujitsu.com>
      Cc: Tang Chen <tangchen@cn.fujitsu.com>
      Cc: Kamezawa Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
      Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
      Cc: Jiang Liu <jiang.liu@huawei.com>
      Cc: Jianguo Wu <wujianguo@huawei.com>
      Cc: Lai Jiangshan <laijs@cn.fujitsu.com>
      Cc: Wu Jianguo <wujianguo@huawei.com>
      Cc: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      f8749452
    • Andrew Morton's avatar
      include/linux/res_counter.h needs errno.h · ebf47beb
      Andrew Morton authored
      alpha allmodconfig:
      
        In file included from mm/memcontrol.c:28:
        include/linux/res_counter.h: In function 'res_counter_set_limit':
        include/linux/res_counter.h:203: error: 'EBUSY' undeclared (first use in this function)
        include/linux/res_counter.h:203: error: (Each undeclared identifier is reported only once
        include/linux/res_counter.h:203: error: for each function it appears in.)
      
      Cc: Kamezawa Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
      Cc: Glauber Costa <glommer@parallels.com>
      Cc: Tejun Heo <tj@kernel.org>
      Cc: Frederic Weisbecker <fweisbec@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      ebf47beb
    • Linus Torvalds's avatar
      Merge tag 'usb-3.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · ad8395e1
      Linus Torvalds authored
      Pull USB fixes from Greg Kroah-Hartman:
       "Here are a number of tiny USB fixes and new USB device ids for your
        3.9 tree.
      
        The "largest" one here is a revert of a usb-storage patch that turned
        out to be incorrect, breaking existing users, which is never a good
        thing.  Everything else is pretty simple and small"
      
      * tag 'usb-3.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (43 commits)
        USB: quatech2: only write to the tty if the port is open.
        qcserial: bind to DM/DIAG port on Gobi 1K devices
        USB: cdc-wdm: fix buffer overflow
        usb: serial: Add Rigblaster Advantage to device table
        qcaux: add Franklin U600
        usb: musb: core: fix possible build error with randconfig
        usb: cp210x new Vendor/Device IDs
        usb: gadget: pxa25x: fix disconnect reporting
        usb: dwc3: ep0: fix sparc64 build
        usb: c67x00 RetryCnt value in c67x00 TD should be 3
        usb: Correction to c67x00 TD data length mask
        usb: Makefile: fix drivers/usb/phy/ Makefile entry
        USB: added support for Cinterion's products AH6 and PLS8
        usb: gadget: fix omap_udc build errors
        USB: storage: fix Huawei mode switching regression
        USB: storage: in-kernel modeswitching is deprecated
        tools: usb: ffs-test: Fix build failure
        USB: option: add Huawei E5331
        usb: musb: omap2430: fix sparse warning
        usb: musb: omap2430: fix omap_musb_mailbox glue check again
        ...
      ad8395e1
    • Linus Torvalds's avatar
      Merge tag 'tty-3.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty · cad9d566
      Linus Torvalds authored
      Pull tty/serial fixes from Greg Kroah-Hartman:
       "Here are some tty/serial driver fixes for 3.9
      
        We finally mute the annoying WARN_ON that lots of people are hitting
        and it turns out isn't needed anymore.  Also add a few new device ids
        and a some other minor fixes."
      
      * tag 'tty-3.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
        tty: serial: fix typo "SERIAL_S3C2412"
        serial: 8250: Keep 8250.<xxxx> module options functional after driver rename
        tty: serial: fix typo "ARCH_S5P6450"
        tty/8250_pnp: serial port detection regression since v3.7
        serial: bcm63xx_uart: fix compilation after "TTY: switch tty_insert_flip_char"
        serial: 8250_pci: add support for another kind of NetMos Technology PCI 9835 Multi-I/O Controller
        Fix 4 port and add support for 8 port 'Unknown' PCI serial port cards
        tty/serial: Add support for Altera serial port
        tty: serial: vt8500: Unneccessary duplicated clock code removed
        tty: serial: mpc5xxx: fix PSC clock name bug
        TTY: disable debugging warning
      cad9d566
    • Linus Torvalds's avatar
      Merge tag 'staging-3.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging · 886e03be
      Linus Torvalds authored
      Pull staging tree fixes from Greg Kroah-Hartman:
       "Here are some drivers/staging and drivers/iio fixes for 3.9 (the two
        are still pretty intertwined, hence them coming both from my tree
        still.) Nothing major, just a few things that have been reported by
        users, all of these have been in linux-next for a while."
      
      * tag 'staging-3.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
        staging: comedi: dt9812: use CR_CHAN() for channel number
        staging/vt6656: Fix too large integer constant warning on 32-bit
        staging: comedi: drivers: usbduxsigma.c: fix DMA buffers on stack
        staging: imx/drm: request irq only after adding the crtc
        staging: comedi: drivers: usbduxfast.c: fix for DMA buffers on stack
        staging: comedi: drivers: usbdux.c: fix DMA buffers on stack
        staging: vt6656: Fix oops on resume from suspend.
        iio:common:st_sensors fixed all warning messages about uninitialized variables
        iio: Fix build error seen if IIO_TRIGGER is defined but IIO_BUFFER is not
        iio/imu: inv_mpu6050 depends on IIO_BUFFER
        iio:ad5064: Initialize register cache correctly
        iio:ad5064: Fix off by one in DAC value range check
        iio:ad5064: Fix address of the second channel for ad5065/ad5045/ad5025
      886e03be
    • Eric W. Biederman's avatar
      userns: Don't allow CLONE_NEWUSER | CLONE_FS · e66eded8
      Eric W. Biederman authored
      Don't allowing sharing the root directory with processes in a
      different user namespace.  There doesn't seem to be any point, and to
      allow it would require the overhead of putting a user namespace
      reference in fs_struct (for permission checks) and incrementing that
      reference count on practically every call to fork.
      
      So just perform the inexpensive test of forbidding sharing fs_struct
      acrosss processes in different user namespaces.  We already disallow
      other forms of threading when unsharing a user namespace so this
      should be no real burden in practice.
      
      This updates setns, clone, and unshare to disallow multiple user
      namespaces sharing an fs_struct.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      e66eded8
    • Steven Rostedt (Red Hat)'s avatar
      tracing: Fix free of probe entry by calling call_rcu_sched() · 740466bc
      Steven Rostedt (Red Hat) authored
      Because function tracing is very invasive, and can even trace
      calls to rcu_read_lock(), RCU access in function tracing is done
      with preempt_disable_notrace(). This requires a synchronize_sched()
      for updates and not a synchronize_rcu().
      
      Function probes (traceon, traceoff, etc) must be freed after
      a synchronize_sched() after its entry has been removed from the
      hash. But call_rcu() is used. Fix this by using call_rcu_sched().
      
      Also fix the usage to use hlist_del_rcu() instead of hlist_del().
      
      Cc: stable@vger.kernel.org
      Cc: Paul McKenney <paulmck@linux.vnet.ibm.com>
      Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
      740466bc