1. 03 Feb, 2003 9 commits
  2. 02 Feb, 2003 31 commits
    • James Bottomley's avatar
    • Jeff Garzik's avatar
      Merge kernel.bkbits.net:net-drivers-2.5 · 0145e5c9
      Jeff Garzik authored
      into redhat.com:/garz/repo/net-drivers-2.5
      0145e5c9
    • Linus Torvalds's avatar
      Merge bk://bk.arm.linux.org.uk · 49a85c6a
      Linus Torvalds authored
      into home.transmeta.com:/home/torvalds/v2.5/linux
      49a85c6a
    • Russell King's avatar
      [ARM] Add arch/arm/common · 1687c697
      Russell King authored
      Certain support files are shared between various ARM machine classes.
      In other to sanely support these, we place the shared files in
      arch/arm/common instead of the individual machine class directories.
      1687c697
    • Linus Torvalds's avatar
      Merge · 4251bd1a
      Linus Torvalds authored
      4251bd1a
    • Andrew Morton's avatar
      [PATCH] fix show_task oops · c7766898
      Andrew Morton authored
      Patch from Russell King <rmk@arm.linux.org.uk>
      
      show_task() attempts to calculate the amount of free space which hasn't been
      written to on the kernel stack by reading from the base of the kernel stack
      upwards.
      
      However, it mistakenly uses the task_struct pointer as the base of the stack,
      which it isn't, and this can cause an oops.
      
      Here is a patch which uses the task thread pointer instead, which should be
      located at the bottom of the kernel stack.  It appears this was missed when
      the thread structure was introduced.
      c7766898
    • Andrew Morton's avatar
      [PATCH] exit_mmap fix for 64bit->32bit execs · 2e7c21ea
      Andrew Morton authored
      The recent exit_mmap() changes broke PPC64 when 64-bit applications exec
      32-bit ones.  ia32-on-ia64 was broken as well
      
      What is happening is that load_elf_binary() sets TIF_32BIT (via
      SET_PERSONALITY) _before_ running exit_mmap().  So when we're unmapping the
      vma's of the old image, we are running under the new image's personality.
      
      This causes PPC64 to pass a 32-bit TASK_SIZE to unmap_vmas(), even when the
      execing process had a 64-bit image.  Because unmap_vmas() is not provided
      with the correct virtual address span it does not unmap all the old image's
      vma's and we go BUG_ON(mm->map_count) in exit_mmap().
      
      The early SET_PERSONALITY() is required before we look up the interpreter
      because the lookup of the executable has to happen under the alternate root
      which SET_PERSONALITY() may set.
      
      Unfortunately this means that we're running flush_old_exec() under the new
      exec's personality.  Hence this bug.
      
      So what the patch does is to simply pass ~0UL into unmap_vmas(), which tells
      it to unmap everything regardless of current personality.  Which is what the
      old open-coded VMA killer was doing.
      
      There remains the problem that some architectures are sometimes passing the
      incorrect TASK_SIZE into tlb_finish_mmu().  They've always been doing that.
      2e7c21ea
    • Andrew Morton's avatar
      [PATCH] Fix generic_file_readonly_mmap() · b91c1b1b
      Andrew Morton authored
      We cannot clear VM_MAYWRITE in there - it turns writeable MAP_PRIVATE
      mappings into readonly ones.
      
      So change it back to the 2.4 form - disallow a writeable MAP_SHARED mapping
      against filesystems which do not implement ->writepage().
      b91c1b1b
    • Andrew Morton's avatar
      [PATCH] soundcore.c referenced non-existent errno variable · 858743c2
      Andrew Morton authored
      Patch from: Petr Vandrovec <vandrove@vc.cvut.cz>
      
      soundcore is trying to perform kernel syscalls to load firmware, but falls
      afoul of missing `errno'.  Convert it to use VFS API functions.
      858743c2
    • Andrew Morton's avatar
      [PATCH] floppy locking fix · 7bb503fc
      Andrew Morton authored
      redo_fd_request() needs to take the queue lock around the call to
      elv_next_request().
      7bb503fc
    • Andrew Morton's avatar
      [PATCH] atyfb compilation fix · 0391b9be
      Andrew Morton authored
      Patch from "Andres Salomon" <dilinger@voxel.net>
      
      Fix compilation of atyfb_base.c
      0391b9be
    • Andrew Morton's avatar
      [PATCH] correct wait accounting in wait_on_buffer() · 8458eee6
      Andrew Morton authored
      __wait_on_buffer() needs to use io_schedule(), so processes in there are
      accounted as being in I/O wait.
      8458eee6
    • Andrew Morton's avatar
      [PATCH] pcmcia timer initialisation fixes · 7a3ed3de
      Andrew Morton authored
      pcmcia timer initialisation fixes from Anton Blanchard
      7a3ed3de
    • Andrew Morton's avatar
      [PATCH] i386 pgd_index() doesn't parenthesize its arg · 80e06f8f
      Andrew Morton authored
      Patch from William Lee Irwin III <wli@holomorphy.com>
      
      PAE's pte_none() and pte_pfn() evaluate their arguments twice;
      analogous fixes have been made to other things; c.f. pgtable.h's long
      list of one-line inlines with parentheses still around their args.
      80e06f8f
    • Andrew Morton's avatar
      [PATCH] kernel param and KBUILD_MODNAME name-munging mess · 8863179c
      Andrew Morton authored
      Patch from: Rusty Russell <rusty@rustcorp.com.au>
      
      Mikael Pettersson points out that "-s" gets mangled to "_s" on the
      kernel command line, even though it turns out not to be a
      parameter.
      8863179c
    • Andrew Morton's avatar
      [PATCH] i386 pgd_index() doesn't parenthesize its arg · 70494a78
      Andrew Morton authored
      Patch from William Lee Irwin III <wli@holomorphy.com>
      
      pgd_index() doesn't parenthesize its argument.  This is a bad idea for
      macros, since it's legitimate to pass expressions to them that will get
      misinterpreted given operator precedence and the shift.
      70494a78
    • Andrew Morton's avatar
      [PATCH] symbol_get linkage fix · e7700cb5
      Andrew Morton authored
      Patch from Rusty Russell <rusty@rustcorp.com.au>
      
      Make symbol_get() use undefined weak symbols if !CONFIG_MODULE.
      Many thanks to RTH for introducing undef weak symbols to me.
      e7700cb5
    • Andrew Morton's avatar
      [PATCH] blkdev.h fixes · 33cd6bac
      Andrew Morton authored
      Patch from William Lee Irwin III <wli@holomorphy.com>
      
      BLK_BOUNCE_HIGH and BLK_BOUNCE_ANY are compared against 64-bit quantities.
      Cast these unsigned long quantities to avoid overflow.
      33cd6bac
    • Andrew Morton's avatar
      [PATCH] slab IRQ fix · 43bb7a3a
      Andrew Morton authored
      Patch from Manfred Spraul <manfred@colorfullife.com>
      
      cache_alloc_refill() forgets to disable interrupts again on an error path.
      This exposes us to slab corruption and it makes slab debugging go BUG (it
      expects local irqs to be disabled).
      43bb7a3a
    • Andrew Morton's avatar
      [PATCH] stack overflow checking fix · 4a369121
      Andrew Morton authored
      Patch from William Lee Irwin III <wli@holomorphy.com>
      
      struct thread_info is shared with the stack, not struct task_struct.
      False positives have been seen.
      4a369121
    • Andrew Morton's avatar
      [PATCH] Make fix sync_filesystems() actually do something · 055939f7
      Andrew Morton authored
      Random semicolon makes the whole thing a no-op.
      
      It _did_ work.  I must have broken it between testing and sending :(
      055939f7
    • Andrew Morton's avatar
      [PATCH] preempt spinlock efficiency fix · 157697eb
      Andrew Morton authored
      Patch from: jak@rudolph.ccur.com (Joe Korty)
      
      The new, preemptable spin_lock() spins on an atomic bus-locking read/write
      instead of an ordinary read, as the original spin_lock implementation did.
      Perhaps that is the source of the inefficiency being seen.
      
      Attached sample code compiles but is untested and incomplete (present
      only to illustrate the idea).
      157697eb
    • Andrew Morton's avatar
      [PATCH] quota semaphore fix · df38988c
      Andrew Morton authored
      The second quota locking fix.  Sorry, I seem to have misplaced the
      changelog.
      df38988c
    • Andrew Morton's avatar
      [PATCH] quota locking fix · 9a747377
      Andrew Morton authored
      Quota locking fix from Jan Kara.
      9a747377
    • Andrew Morton's avatar
      [PATCH] slab poison checking fix · 5a3446d8
      Andrew Morton authored
      Spotted by Andries Brouwer.  There's one place where slab is calling
      check_poison_obj() but not reporting on any detected failure.
      
      We used to go BUG() in there.  Convert it over to the kinder, gentler
      slab_error() regime.
      5a3446d8
    • Andrew Morton's avatar
      [PATCH] ext3: fix scheduling storm and lockups · cd9ab8c2
      Andrew Morton authored
      There have been sporadic sightings of ext3 causing little blips of 100,000
      context switches per second when under load.
      
      At the start of do_get_write_access() we have this logic:
      
      	repeat:
      		lock_buffer(jh->bh);
      		...
      		unlock_buffer(jh->bh);
      		...
      		if (jh->j_list == BJ_Shadow) {
      			sleep_on_buffer(jh->bh);
      			goto repeat;
      		}
      
      The problem is that the unlock_buffer() will wake up anyone who is sleeping
      in the sleep_on_buffer().
      
      So if task A is asleep in sleep_on_buffer() and task B now runs
      do_get_write_access(), task B will wake task A by accident.  Task B will then
      sleep on the buffer and task A will loop, will run unlock_buffer() and then
      wake task B.
      
      This state will continue until I/O completes against the buffer and kjournal
      changes jh->j_list.
      
      Unless task A and task B happen to both have realtime scheduling policy - if
      they do then kjournald will never run.  The state is never cleared and your
      box locks up.
      
      
      The fix is to not do the `goto repeat;' until the buffer has been taken of
      the shadow list.  So we don't go and wake up the other waiter(s) until they
      can actually proceed to use the buffer.
      
      The patch removes the exported sleep_on_buffer() function and simply exports
      an existing function which provides access to a buffer_head's waitqueue
      pointer.  Which is a better interface anyway, because it permits the use of
      wait_event().
      
      This bug was introduced introduced into 2.4.20-pre5 and was faithfully ported
      up.
      cd9ab8c2
    • Andrew Morton's avatar
      [PATCH] ext2_new_block cleanups and fixes · 2ef0192c
      Andrew Morton authored
      The general error logic handling in there is:
      
      	*errp = -EFOO;
      	<lots of code>
      	if (some_error)
      		goto out;
      
      this is fragile and unmaintainable, because the setting of the error code is
      "far away" from the site where the error was detected.
      
      And the code was actually wrong - we're returning ENOSPC in places where fs
      metadata inconsistency was detected.  We traditionally return -EIO in this
      case.
      
      So change it all to do, effectively:
      
      	if (some_error) {
      		*errp = -EFOO;
      		goto out;
      	}
      2ef0192c
    • Andrew Morton's avatar
      [PATCH] fix handling of ext2 allocation failures · 359ae811
      Andrew Morton authored
      Patch from: Hugh Dickins <hugh@veritas.com>
      
      For almost a year (since 2.5.4) ext2_new_block has tended to set err 0
      instead of -ENOSPC or -EIO.  This manifested variously (typically depends on
      what's stale in ext2_get_block's chain[4] array): sometimes __brelse free
      free buffer backtraces, sometimes release_pages oops, usually
      generic_make_request beyond end of device messages, followed by further ext2
      errors.
      
      [Insert lecture on dangers of using goto for unwind :-]
      359ae811
    • Andrew Morton's avatar
      [PATCH] properly handle too long pathnames in d_path · 28b6394d
      Andrew Morton authored
      Forward port of a 2.4 patch by Christoph Hellwig.
      
      See http://cert.uni-stuttgart.de/archive/bugtraq/2002/03/msg00384.html
      for the security implications.
      28b6394d
    • Andrew Morton's avatar
      [PATCH] remove lock_kernel() from exec of setuid apps · 3b149cc7
      Andrew Morton authored
      Patch from Manfred Spraul <manfred@colorfullife.com>
      
      exec of setuid apps and ptrace must be synchronized, to ensure that a normal
      user cannot ptrace a setuid app across exec.  ptrace_attach acquires the
      task_lock around the uid checks, compute_creds acquires the BLK.  The patch
      converts compute_creds to the task_lock.  Additionally, it removes the
      do_unlock variable: the task_lock is not heaviliy used, there is no need to
      avoid the spinlock by adding branches.
      
      The patch is a cleanup patch, not a fix for a security problem: AFAICS the
      sys_ptrace in every arch acquires the BKL before calling ptrace_attach.
      3b149cc7
    • Andrew Morton's avatar
      [PATCH] Compile fix in sound/oss/maestro.c · db54e742
      Andrew Morton authored
      Patch from "Ph. Marek" <philipp.marek@bmlv.gv.at>
      
      Compile fix in sound/oss/maestro.c
      db54e742