- 30 Sep, 2008 3 commits
-
-
Wei Yongjun authored
Since call to function sctp_sf_abort_violation() need paramter 'arg' with 'struct sctp_chunk' type, it will read the chunk type and chunk length from the chunk_hdr member of chunk. But call to sctp_sf_violation_paramlen() always with 'struct sctp_paramhdr' type's parameter, it will be passed to sctp_sf_abort_violation(). This may cause kernel panic. sctp_sf_violation_paramlen() |-- sctp_sf_abort_violation() |-- sctp_make_abort_violation() This patch fixed this problem. This patch also fix two place which called sctp_sf_violation_paramlen() with wrong paramter type. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Heiko Carstens authored
fb65a7c0 ("iucv: Fix bad merging.") fixed a merge error, but in a wrong way. We now end up with the bug below. This patch corrects the mismerge like it was intended. BUG: scheduling while atomic: swapper/1/0x00000000 Modules linked in: CPU: 1 Not tainted 2.6.27-rc7-00094-gc0f4d6d4 #9 Process swapper (pid: 1, task: 000000003fe7d988, ksp: 000000003fe838c0) 0000000000000000 000000003fe839b8 0000000000000002 0000000000000000 000000003fe83a58 000000003fe839d0 000000003fe839d0 0000000000390de6 000000000058acd8 00000000000000d0 000000003fe7dcd8 0000000000000000 000000000000000c 000000000000000d 0000000000000000 000000003fe83a28 000000000039c5b8 0000000000015e5e 000000003fe839b8 000000003fe83a00 Call Trace: ([<0000000000015d6a>] show_trace+0xe6/0x134) [<0000000000039656>] __schedule_bug+0xa2/0xa8 [<0000000000391744>] schedule+0x49c/0x910 [<0000000000391f64>] schedule_timeout+0xc4/0x114 [<00000000003910d4>] wait_for_common+0xe8/0x1b4 [<00000000000549ae>] call_usermodehelper_exec+0xa6/0xec [<00000000001af7b8>] kobject_uevent_env+0x418/0x438 [<00000000001d08fc>] bus_add_driver+0x1e4/0x298 [<00000000001d1ee4>] driver_register+0x90/0x18c [<0000000000566848>] netiucv_init+0x168/0x2c8 [<00000000000120be>] do_one_initcall+0x3e/0x17c [<000000000054a31a>] kernel_init+0x1ce/0x248 [<000000000001a97a>] kernel_thread_starter+0x6/0xc [<000000000001a974>] kernel_thread_starter+0x0/0xc iucv: NETIUCV driver initialized initcall netiucv_init+0x0/0x2c8 returned with preemption imbalance Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Herbert Xu authored
We're never supposed to shrink the headroom or tailroom. In fact, shrinking the headroom is a fatal action. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 29 Sep, 2008 18 commits
-
-
Linus Torvalds authored
-
Balbir Singh authored
There's a race between mm->owner assignment and swapoff, more easily seen when task slab poisoning is turned on. The condition occurs when try_to_unuse() runs in parallel with an exiting task. A similar race can occur with callers of get_task_mm(), such as /proc/<pid>/<mmstats> or ptrace or page migration. CPU0 CPU1 try_to_unuse looks at mm = task0->mm increments mm->mm_users task 0 exits mm->owner needs to be updated, but no new owner is found (mm_users > 1, but no other task has task->mm = task0->mm) mm_update_next_owner() leaves mmput(mm) decrements mm->mm_users task0 freed dereferencing mm->owner fails The fix is to notify the subsystem via mm_owner_changed callback(), if no new owner is found, by specifying the new task as NULL. Jiri Slaby: mm->owner was set to NULL prior to calling cgroup_mm_owner_callbacks(), but must be set after that, so as not to pass NULL as old owner causing oops. Daisuke Nishimura: mm_update_next_owner() may set mm->owner to NULL, but mem_cgroup_from_task() and its callers need to take account of this situation to avoid oops. Hugh Dickins: Lockdep warning and hang below exec_mmap() when testing these patches. exit_mm() up_reads mmap_sem before calling mm_update_next_owner(), so exec_mmap() now needs to do the same. And with that repositioning, there's now no point in mm_need_new_owner() allowing for NULL mm. Reported-by: Hugh Dickins <hugh@veritas.com> Signed-off-by: Balbir Singh <balbir@linux.vnet.ibm.com> Signed-off-by: Jiri Slaby <jirislaby@gmail.com> Signed-off-by: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp> Signed-off-by: Hugh Dickins <hugh@veritas.com> Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> Cc: Paul Menage <menage@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Linus Torvalds authored
Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: x86: disable apm on the olpc
-
git://git.kernel.org/pub/scm/linux/kernel/git/bart/ide-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/bart/ide-2.6: cdrom: update ioctl documentation ide: note that IDE generic may prevent other drivers from attaching ide-tape: fix vendor strings Swarm: Fix crash due to missing initialization
-
git://ftp.linux-mips.org/pub/scm/upstream-linusLinus Torvalds authored
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus: [SSB] Initialise dma_mask for SSB_BUSTYPE_SSB devices [MIPS] BCM47xx: Fix build error due to missing PCI functions [MIPS] IP27: Switch to dynamic interrupt routing avoding panic on error. [MIPS] au1000: Make sure GPIO value is zero or one
-
git://www.linux-m32r.org/git/takata/linux-2.6_devLinus Torvalds authored
* 'linux-m32r' of git://www.linux-m32r.org/git/takata/linux-2.6_dev: m32r/kernel/: cleanups m32r: export __ndelay m32r: export empty_zero_page m32r: don't offer CONFIG_ISA m32r: remove the unused NOHIGHMEM option
-
git://git.kernel.org/pub/scm/linux/kernel/git/jwessel/linux-2.6-kgdbLinus Torvalds authored
* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jwessel/linux-2.6-kgdb: kgdboc,tty: Fix tty polling search to use name correctly kgdb, x86_64: fix PS CS SS registers in gdb serial kgdb, x86_64: gdb serial has BX and DX reversed kgdb, x86, arm, mips, powerpc: ignore user space single stepping kgdb: could not write to the last of valid memory with kgdb
-
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6: ALSA: ASoC: Fix another cs4270 error path ALSA: make the CS4270 driver a new-style I2C driver
-
git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6: [SCSI] qlogicpti: fix sg list traversal error in continuation entries [SCSI] Fix hang with split requests [SCSI] qla2xxx: Defer enablement of RISC interrupts until ISP initialization completes.
-
git://git.kernel.dk/linux-2.6-blockLinus Torvalds authored
* 'for-linus' of git://git.kernel.dk/linux-2.6-block: scsi: fix fall out of sg-chaining patch in qlogicpti
-
git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-devLinus Torvalds authored
* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev: sata_nv: reinstate nv_hardreset() for non generic controllers
-
zippel@linux-m68k.org authored
Commit f072181e ("kconfig: drop the ""trying to assign nonexistent symbol" warning") simply dropped the warnings, but it does a little more than that, it also marks the current .config as needed saving, so add this back. Signed-off-by: Roman Zippel <zippel@linux-m68k.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
zippel@linux-m68k.org authored
Recent changes to oldconfig have mixed up the silentoldconfig handling, so this fixes that by clearly separating that special mode, e.g. KCONFIG_NOSILENTUPDATE is only relevant here, the .config is written as needed. This will also properly close Bug 11230. Signed-off-by: Roman Zippel <zippel@linux-m68k.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Linus Torvalds authored
The VFS interface for the 'd_compare()' is a bit special (read: 'odd'), because it really just essentially replaces a memcmp(). The filesystem is supposed to just compare the two names with whatever case-independent or other function. And when I say 'is supposed to', I obviously mean that 'procfs does odd things, and actually looks at the dentry that we don't even pass down, rather than just the name'. Which results in problems, because we actually call d_compare before we have even verified that the dentry is still hashed at all. And that causes a problm since the inode that procfs looks at may have been free'd and the d_inode pointer is NULL. procfs just assumes that all dentries are positive, since procfs itself never generates a negative one. But memory pressure will still result in the dentry getting torn down, and as it is removed by RCU, it still remains visible on some lists - and to d_compare. If the filesystem just did a name comparison, we wouldn't care. And we could just fix procfs to know about negative dentries too. But rather than have the low-level filesystems know about internal VFS details, just move the check for a unhashed dentry up a bit, so that we will only call d_compare on dentries that are still active. The actual oops this caused didn't look like a NULL pointer dereference because procfs did a 'container_of(inode, struct proc_inode, vfs_inode)' to get at its internal proc_inode information from the inode pointer, and accessed a field below the inode. So the oops would look something like BUG: unable to handle kernel paging request at fffffffffffffff0 IP: [<ffffffff802bc6c6>] proc_sys_compare+0x36/0x50 and was seen on both x86-64 (Alexey Dobriyan and Hugh Dickins) and ppc64 (Hugh Dickins). Reported-by: Alexey Dobriyan <adobriyan@gmail.com> Acked-by: Hugh Dickins <hugh@veritas.com> Cc: Al Viro <viro@ZenIV.linux.org.uk> Reviewed-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-of-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Jean Delvare authored
Conversion to new-style i2c driver missed the error path of the probe function. Fix it. Signed-off-by: Jean Delvare <khali@linux-fr.org> Cc: Timur Tabi <timur@freescale.com> Signed-off-by: Takashi Iwai <tiwai@suse.de>
-
Timur Tabi authored
Update the CS4270 ALSA device driver to use the new-style I2C interface. Starting with the 2.6.27 PowerPC kernel, I2C devices that have entries in the device trees can no longer be probed by old-style I2C drivers. The device tree for Freescale MPC8610 HPCD has included an entry for the CS4270 since 2.6.25, but that entry was previously ignored by the PowerPC I2C subsystem. Since that's no longer the case, the best solution is to update the CS4270 driver to a new-style interface, rather than try to revert the behavior of new PowerPC I2C subsystem. Signed-off-by: Timur Tabi <timur@freescale.com> Signed-off-by: Takashi Iwai <tiwai@suse.de>
-
Boaz Harrosh authored
Boaz writes: "I've reviewed all patches since Matthew's, and I find one small problem. In the load_cmd() there is a compound loop where the first 4 sg's are set then the rest are set into a memory structure in group of 7 sg's. Well the second 7-group and on is a bug because sg pointer does not advance. This is a fall out from Jens's patch." The reporter, Meelis Roos <mroos@ut.ee>, verified that this patch does indeed fix his problem with qlogicpti. Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
-
Tejun Heo authored
Commit 2fd673ec which tried to remove hardreset for generic accidentally removed it for all flavors as all others were inheriting from nv_generic_ops. This patch reinstates nv_hardreset() and puts it into nv_common_ops which all flavors inherit from. nv_generic_ops now inherits from nv_common_ops and overrides .hardreset to ATA_OP_NULL. While at it, explain why nv_hardreset and ATA_OP_NULL override are necessary. Signed-off-by: Tejun Heo <tj@kernel.org> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
-
- 28 Sep, 2008 1 commit
-
-
Boaz Harrosh authored
The current sg list traversal logic for the continuation entries doesn't advance the list pointer once all seven slots are used, so the next continuation entry (if there is one) wrongly begins again at the start of the sg list. Fix by advancing the sg pointer after the for_each_sg(). Reported-by: Meelis Roos <mroos@ut.ee> Cc: David Miller <davem@davemloft.net> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
-
- 27 Sep, 2008 13 commits
-
-
Márton Németh authored
Correct copy-paste problem: CDROMCLOSETRAY is about closing the tray, not opening it. Signed-off-by: Márton Németh <nm127@freemail.hu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Cc: Jens Axboe <jens.axboe@oracle.com> Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
-
Tejun Heo authored
Enabling IDE generic may prevent ATA controllers located on legacy ports from being attached to more proper driver or can prevent other controllers which share the IRQ from working. Note it in the help message. Signed-off-by: Tejun Heo <tj@kernel.org> Cc: xerces8 <xerces8@butn.net> Cc: Jeff Garzik <jgarzik@pobox.com> Cc: stein@hermes.si [bart: s/will grab/may grab/ since Borislav has fixed PCI-case for .28] Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
-
Borislav Petkov authored
Remove superfluous two bytes from each string buffer and add proper length format specifiers. Signed-off-by: Borislav Petkov <petkovbb@gmail.com> Tested-by: Mark de Wever <koraq@xs4all.nl> Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com> Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
-
Ralf Baechle authored
If things are just right this will result in the hws[0]->parent being passed to ide_host_add() being non-zero and an ooops a little later. Signed-off-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
-
Aurelien Jarno authored
For SSB_BUSTYPE_SSB type devices, we need to initialize dma_mask using coherent_dma_mask so that calls to dma_set_mask() succeed. It fixes the regression on the b44 driver introduced by commit f225763aSigned-off-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Aurelien Jarno authored
This patch defines pcibios_map_irq() and pcibios_plat_dev_init() for the BCM47xx platform. It fixes the regression introduced by commit aab547ce. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
pcibios_map_irq is no way of returning an error but on IP27 an interrupt is possibly not routable when running out of resources. So do the interrupt routing at pcibios_enable_device time. Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Bruno Randolf authored
David Brownell <david-b@pacbell.net> wrote: > The problem is that "value" is zero-or-nonzero. > This code wrongly assumes it's zero-or-one. > Possible fix: "((!!value) << gpio)". Signed-off-by: Bruno Randolf <br1@einfach.org> Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Adrian Bunk authored
This patch contains the following cleanups: - make the following needlessly global code static: - entry.S: resume_userspace - process.c: pm_idle - process.c: default_idle() - smp.c: send_IPI_allbutself() - time.c: timer_interrupt() - time.c: struct irq0 - traps.c: set_eit_vector_entries() - traps.c: kstack_depth_to_print - traps.c: show_trace() - traps.c: die_lock - remove the following unused code: - head.S: startup_32 - process.c: hlt_counter - process.c: disable_hlt() - process.c: enable_hlt() - process.c: dump_task_regs() - remove the following variables and their usages since they were always 0: - irq.c: irq_err_count - irq.c: irq_mis_count Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Hirokazu Takata <takata@linux-m32r.org>
-
Adrian Bunk authored
ERROR: "__ndelay" [drivers/spi/spi_bitbang.ko] undefined! Reported-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Hirokazu Takata <takata@linux-m32r.org>
-
Adrian Bunk authored
ERROR: "empty_zero_page" [fs/ext4/ext4dev.ko] undefined! Reported-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Hirokazu Takata <takata@linux-m32r.org>
-
Adrian Bunk authored
As far as I know no M32R hardware actually has ISA slots. And ISA drivers don't compile on M32R. Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Hirokazu Takata <takata@linux-m32r.org>
-
Adrian Bunk authored
Remove the unused NOHIGHMEM option. Reviewed-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Hirokazu Takata <takata@linux-m32r.org>
-
- 26 Sep, 2008 5 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6: ALSA: remove unneeded power_mutex lock in snd_pcm_drop ALSA: fix locking in snd_pcm_open*() and snd_rawmidi_open*()
-
git://oss.sgi.com:8090/xfs/linux-2.6Linus Torvalds authored
* git://oss.sgi.com:8090/xfs/linux-2.6: [XFS] Remove xfs_iext_irec_compact_full() [XFS] Fix extent list corruption in xfs_iext_irec_compact_full().
-
David Howells authored
Delete ARM's own cnt32_to_63.h as the copy in include/linux/ should now be used instead. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Jason Wessel authored
The tty_find_polling_driver() routine did not correctly check the base part of the tty name. This can lead to kgdboc selecting an incorrect driver, as well as accepting a completely invalid tty such as "echo ffff0 > /sys/module/kgdboc/parameters/kgdboc". Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
-
Jason Wessel authored
On x86_64 the gdb serial register structure defines the PS (also known as eflags), CS and SS registers as 4 bytes entities. This patch splits the x86_64 regnames enum into a 32 and 64 version to account for the 32 bit entities in the gdb serial packets. Also the program counter is properly filled in for the sleeping threads. Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
-