- 09 Aug, 2009 4 commits
-
-
Chuck Lever authored
Commit a14017db added support in the kernel's NFS mount client to decode the authentication flavor list returned by mountd. The NFS client can now use this list to determine whether the authentication flavor requested by the user is actually supported by the server. Note we don't actually negotiate the security flavor if none was specified by the user. Instead, we try to use AUTH_SYS, and fail if the server does not support it. This prevents us from negotiating an inappropriate security flavor (some servers list AUTH_NULL first). If the server does not support AUTH_SYS, the user must provide an appropriate security flavor by specifying the "sec=" mount option. Signed-off-by:
Chuck Lever <chuck.lever@oracle.com> Signed-off-by:
Trond Myklebust <Trond.Myklebust@netapp.com>
-
Chuck Lever authored
Previous logic in the NFS mount parsing code path assumed auth_flavor_len was set to zero for simple authentication flavors (like AUTH_UNIX), and 1 for compound flavors (like AUTH_GSS). At some earlier point (maybe even before the option parsers were merged?) specific checks for auth_flavor_len being zero were removed from the functions that validate the mount option that sets the mount point's authentication flavor. Since we are populating an array for authentication flavors, the auth_flavor_len should always be set to the number of flavors. Let's eliminate some cleverness here, and prepare for new logic that needs to know the number of flavors in the auth_flavors[] array. (auth_flavors[] is an array because at some point we want to allow a list of acceptable authentication flavors to be specified via the sec= mount option. For now it remains a single element array). Signed-off-by:
-
Chuck Lever authored
After certain failure modes of an NFS mount, an NFS client should send a MOUNTPROC_UMNT request to remove the just-added mount entry from the server's mount table. While no-one should rely on the accuracy of the server's mount table, sending a UMNT is simply being a good internet neighbor. Since NFS mount processing is handled in the kernel now, we will need a function in the kernel's mountd client that can post a MOUNTRPC_UMNT request, in order to handle these failure modes. Signed-off-by:
-
Chuck Lever authored
The new minorversion= mount option (commit 3fd5be9e) was merged at the same time as the recent sloppy parser fixes (commit a5a16bae), so minorversion= still uses the old value parsing logic. If the minorversion= option specifies a bogus value, it should fail with "bad value" not "bad option." Signed-off-by:
-
- 08 Aug, 2009 5 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6: USB: fix oops on disconnect in cdc-acm USB: storage: include Prolific Technology USB drive in unusual_devs list USB: ftdi_sio: add product_id for Marvell OpenRD Base, Client USB: ftdi_sio: add vendor and product id for Bayer glucose meter serial converter cable USB: EHCI: fix counting of transaction error retries USB: EHCI: fix two new bugs related to Clear-TT-Buffer USB: usbfs: fix -ENOENT error code to be -ENODEV USB: musb: fix the nop registration for OMAP3EVM USB: devio: Properly do access_ok() checks USB: pl2303: New vendor and product id
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-2.6: Staging: rspiusb: Fix buffer overflow staging: add dependencies on PCI for drivers that require it Staging: rtl8192su: fix build error Staging: rt2870: Revert d44ca7 Removal of kernel_thread() API Staging: rt2870: Add USB ID for Linksys, Planex Communications, Belkin
-
git://git.kernel.org/pub/scm/linux/kernel/git/anholt/drm-intelLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/anholt/drm-intel: (22 commits) drm/i915: Fix read outside array bounds in restoring the SWF10 range. drm/i915: Use our own workqueue to avoid wedging the system along with the GPU. drm/i915: Add support for dual-channel LVDS on 8xx. drm/i915: Return disconnected for SDVO DVI when there's no digital EDID. drm/i915: Choose real sdvo output according to result from detection drm/i915: Set preferred mode for integrated TV according to TV format drm/i915: fix 845G FIFO size & burst length drm/i915: fix VGA detect on IGDNG drm/i915: Add eDP support on IGDNG mobile chip drm/i915: enable DisplayPort support on IGDNG drm/i915: Fix channel ending action for DP aux transaction drm/i915: fix issue in display pipe setup on IGDNG drm/i915: disable VGA plane reliably drm/I915: Fix offset to DVO timings in LVDS data drm/i915: hdmi detection according by reading edid drm/i915: correct self-refresh calculation in "everything off" case drm/i915: handle FIFO oversubsription correctly drm/i915: FIFO watermark calculation fixes drm/i915: ignore lvds on AOpen Mini PC MP-915 drm/i915: Allow frame buffers up to 4096x4096 on 915/945 class hardware ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/mason/btrfs-unstableLinus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/mason/btrfs-unstable: Btrfs: fix balancing oops when invalidate_inode_pages2 returns EBUSY Btrfs: correct error-handling zlib error handling Btrfs: remove superfluous NULL pointer check in btrfs_rename() Btrfs: make sure the async caching thread advances the key Btrfs: fix btrfs_remove_from_free_space corner case
-
git://git.kernel.org/pub/scm/linux/kernel/git/hch/xfs-icache-racesLinus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/hch/xfs-icache-races: xfs: fix freeing of inodes not yet added to the inode cache vfs: add __destroy_inode vfs: fix inode_init_always calling convention
-
- 07 Aug, 2009 31 commits
-
-
Roel Kluin authored
usb_buffer_map_sg() may return -1. This will result in a read from pdx->PixelUrb[frameInfo][-1] Signed-off-by:
Roel Kluin <roel.kluin@gmail.com> Signed-off-by:
Greg Kroah-Hartman <gregkh@suse.de>
-
Jeff Mahoney authored
This patch adds PCI dependencies to staging drivers that require it. Signed-off-by:
Jeff Mahoney <jeffm@suse.com> Signed-off-by:
-
Greg Kroah-Hartman authored
This fixes a build error when selecting the rtl8192su driver as a module. This has been reported by me, and the opensuse kernel developer team, and I finally tracked it down. Signed-off-by: -
Mike Galbraith authored
Staging: rt2870: Revert d44ca7 Removal of kernel_thread() API The sanity check this patch introduced triggers on shutdown, apparently due to threads having already exited by the time BUG_ON() is reached. Signed-off-by:
Mike Galbraith <efault@gmx.de> Cc: Peter Teoh <htmldeveloper@gmail.com> Cc: stable <stable@kernel.org> Signed-off-by:
-
Jakob Gruber authored
Linksys WUSB100, Belkin F5D8053 N, Planex Communications unknown model. Signed-off-by:
Jakob Gruber <jakob.gruber@kabelnet.at> Signed-off-by:
-
Oliver Neukum authored
This patch fixes an oops caused when during an unplug a device's table of endpoints is zeroed before the driver is notified. A pointer to the endpoint must be cached. this fixes a regression caused by commit 5186ffee Therefore it should go into 2.6.31 Signed-off-by:
Oliver Neukum <oliver@neukum.org> Signed-off-by:
-
Rogerio Brito authored
Add a quirk entry for the Leading Driver UD-11 usb flash drive. As Alan Stern told me, the device doesn't deal correctly with the locking media feature of the device, and this patch incorporates it. Compiled, tested, working. Signed-off-by:
Rogerio Brito <rbrito@ime.usp.br> Cc: Phil Dibowitz <phil@ipom.com> Cc: Alan Stern <stern@rowland.harvard.edu> Cc: Robert Hancock <hancockrwd@gmail.com> Cc: stable <stable@kernel.org> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
-
Dhaval Vasa authored
reference: http://www.open-rd.orgSigned-off-by:
Dhaval Vasa <dhaval.vasa@einfochips.com> Cc: stable <stable@kernel.org> Signed-off-by:
-
Marko Hänninen authored
Attached patch adds USB vendor and product IDs for Bayer's USB to serial converter cable used by Bayer blood glucose meters. It seems to be a FT232RL based device and works without any problem with ftdi_sio driver when this patch is applied. See: http://winglucofacts.com/cables/Signed-off-by:
Marko Hänninen <bugitus@gmail.com> Cc: stable <stable@kernel.org> Signed-off-by:
-
Alan Stern authored
This patch (as1274) simplifies the counting of transaction-error retries. Now we will count up from 0 to QH_XACTERR_MAX instead of down from QH_XACTERR_MAX to 0. The patch also fixes a small bug: qh->xacterr was not getting initialized for interrupt endpoints. Signed-off-by:
Alan Stern <stern@rowland.harvard.edu> Tested-by:
Matthijs Kooijman <matthijs@stdin.nl> Signed-off-by:
-
Alan Stern authored
This patch (as1273) fixes two(!) bugs introduced by the new Clear-TT-Buffer implementation in ehci-hcd. It is now possible for an idle QH to have some URBs on its queue -- this will happen if a Clear-TT-Buffer is pending for the QH's endpoint. Consequently we should not issue a warning when someone tries to unlink an URB from an idle QH; instead we should process the request immediately. The refcounts for QHs could get messed up, because submit_async() would increment the refcount when calling qh_link_async() and qh_link_async() would then refuse to link the QH into the schedule if a Clear-TT-Buffer was pending. Instead we should increment the refcount only when the QH actually is added to the schedule. The current code tries to be clever by leaving the refcount alone if an unlink is immediately followed by a relink; the patch changes this to an unconditional decrement and increment (although they occur in the opposite order). Signed-off-by:
Manuel Lauss <manuel.lauss@gmail.com> Tested-by:
-
Alan Stern authored
This patch (as1272) changes the error code returned when an open call for a USB device node fails to locate the corresponding device. The appropriate error code is -ENODEV, not -ENOENT. Signed-off-by:
-
Gupta, Ajay Kumar authored
OMAP3EVM uses ISP1504 phy which doesn't require any programming and thus has to use NOP otg transceiver. Cleanups being done: - Remove unwanted code in usb-musb.c file - Register NOP in OMAP3EVM board file using usb_nop_xceiv_register(). - Select NOP_USB_XCEIV for OMAP3EVM boards. - Don't enable TWL4030_USB in omap3_evm_defconfig Signed-off-by:
Ajay Kumar Gupta <ajay.gupta@ti.com> Signed-off-by:
Eino-Ville Talvala <talvala@stanford.edu> Acked-by:
David Brownell <dbrownell@users.sourceforge.net> Signed-off-by:
-
Michael Buesch authored
access_ok() checks must be done on every part of the userspace structure that is accessed. If access_ok() on one part of the struct succeeded, it does not imply it will succeed on other parts of the struct. (Does depend on the architecture implementation of access_ok()). This changes the __get_user() users to first check access_ok() on the data structure. Signed-off-by:
Michael Buesch <mb@bu3sch.de> Cc: stable <stable@kernel.org> Cc: Pete Zaitcev <zaitcev@redhat.com> Signed-off-by:
-
Khanh-Dang Nguyen Thu Lam authored
I am submitting a patch for the pl2303 driver. This patch adds support for the "Sony QN-3USB" cable (vendor=0x054c, product=0x0437). This USB cable is a so-called data cable used to connect a Sony mobile phone to a computer. Supported models are Sony CMD-J5, J6, J7, J16, J26, J70 and Z7. I have used this patch with my Sony CMD-J70 for several days and I haven't encountered any kernel/hardware issue. From: Khanh-Dang Nguyen Thu Lam <kdntl@yahoo.fr> Signed-off-by: -
Yan Zheng authored
invalidate_inode_pages2_range may return -EBUSY occasionally which results Oops. This patch fixes the issue by moving invalidate_inode_pages2_range into a loop and keeping calling it until the return value is not -EBUSY. The EBUSY return is temporary, and can happen when the btrfs release page function is unable to release a page because the EXTENT_LOCK bit is set. Signed-off-by:
Yan Zheng <zheng.yan@oracle.com> Signed-off-by:
Chris Mason <chris.mason@oracle.com>
-
Julia Lawall authored
find_zlib_workspace returns an ERR_PTR value in an error case instead of NULL. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // <smpl> @match exists@ expression x, E; statement S1, S2; @@ x = find_zlib_workspace(...) ... when != x = E ( * if (x == NULL || ...) S1 else S2 | * if (x == NULL && ...) S1 else S2 ) // </smpl> Signed-off-by:
Julia Lawall <julia@diku.dk> Signed-off-by:
-
Bartlomiej Zolnierkiewicz authored
This takes care of the following entry from Dan's list: fs/btrfs/inode.c +4788 btrfs_rename(36) warning: variable derefenced before check 'old_inode' Reported-by:
Dan Carpenter <error27@gmail.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Eugene Teo <eteo@redhat.com> Cc: Julia Lawall <julia@diku.dk> Signed-off-by:
Bartlomiej Zolnierkiewicz <bzolnier@gmail.com> Signed-off-by:
-
Linus Torvalds authored
* master.kernel.org:/home/rmk/linux-2.6-arm: (30 commits) ARM: 5639/1: arm: clkdev.c should include <linux/clk.h> ARM: 5638/1: arch/arm/kernel/signal.c: use correct address space for CRUNCH ARM: 5637/1: [KS8695] Don't reference CLOCK_TICK_RATE in drivers ARM: S3C64XX: serial: Fix section mismatch warning ARM: S3C24XX: serial: Fix section mismatch warnings ARM: S3C: PWM fix for low duty cycle ARM: 5597/1: [PCI] reset all internal hardware prior PCI initialization ARM: 5627/1: Fix restoring of lr at the end of mcount ARM: 5624/1: Document cache aliasing region S3C64XX: Fix ARMCLK configuration S3C64XX: Fix get_rate() for ARMCLK S3C24XX: GPIO: Fix pin range check in s3c_gpiolib_getchip mx3 defconfig update mx27 defconfig update ARM: 5623/1: Treo680: ir shutdown typo fix ARM: includecheck fix: plat-stmp3xxx/pinmux.c ARM: includecheck fix: plat-s3c64xx/pm.c ARM: includecheck fix: mach-omap2/mcbsp.c ARM: includecheck fix: mach-omap1/mcbsp.c ARM: includecheck fix: board-sffsdr.c ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: net: Fix spinlock use in alloc_netdev_mq()
-
git://git390.marist.edu/pub/scm/linux-2.6Linus Torvalds authored
* 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6: [S390] KVM: Read buffer overflow [S390] kernel: Storing machine flags early in lowcore
-
git://git.infradead.org/~dwmw2/iommu-2.6.31Linus Torvalds authored
* git://git.infradead.org/~dwmw2/iommu-2.6.31: intel-iommu: Fix enabling snooping feature by mistake intel-iommu: Mask physical address to correct page size in intel_map_single() intel-iommu: Correct sglist size calculation.
-
Linus Torvalds authored
Merge branch 'perfcounters-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'perfcounters-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: perf_counter: Fix double list iteration in per task precise stats perf: Auto-detect libelf perf symbol: Fix symbol parsing in certain cases: use the build-id as a symlink perf_counter/powerpc: Check oprofile_cpu_type for NULL before using it ftrace: Fix perf-tracepoint OOPS perf report: Add missing command line options to man page perf: Auto-detect libbfd perf report: Make --sort comm,dso,symbol the default
-
git://git.infradead.org/mtd-2.6Linus Torvalds authored
* git://git.infradead.org/mtd-2.6: jffs2: Fix return value from jffs2_do_readpage_nolock() mtd: mtdblock: introduce mtdblks_lock mtd: remove 'SBC8240 Wind River' Device Driver Code mtd: OneNAND: OMAP2/3: free GPMC CS on module removal mtd: OneNAND: fix incorrect bufferram offset mtd: blkdevs: do not forget to get MTD devices mtd: fix the conversion from dev to mtd_info mtd: let include/linux/mtd/partitions.h stand on its own
-
git://git.kernel.org/pub/scm/linux/kernel/git/dtor/inputLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Input: matrix_keypad - make matrix keymap size dynamic Input: wistron_btns - support Prestigio Wifi RF kill button Input: i8042 - add Asus G1S to noloop exception list
-
git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6Linus Torvalds authored
* 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6: drm/radeon/kms: setup MC/VRAM the same way for suspend/resume drm/radeon/kms: Fix caching mode selection for GTT object
-
Linus Torvalds authored
The new credentials code broke load_flat_shared_library() as it now uses an uninitialized cred pointer. Reported-by:
Bernd Schmidt <bernds_cb1@t-online.de> Tested-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
Albin Tonnerre authored
These includes were added by 079effb6 ("kmemtrace, kbuild: fix slab.h dependency problem in lib/decompress_inflate.c") to fix the build when using kmemtrace. However this is not necessary when used to create a compressed kernel, and actually creates issues (brings a lot of things unavailable in the decompression environment), so don't include it if STATIC is defined. Signed-off-by:
Albin Tonnerre <albin.tonnerre@free-electrons.com> Cc: Sam Ravnborg <sam@ravnborg.org> Cc: Russell King <rmk@arm.linux.org.uk> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Pekka Enberg <penberg@cs.helsinki.fi> Cc: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro> Cc: Phillip Lougher <phillip@lougher.demon.co.uk> Signed-off-by:
-
Phillip Lougher authored
decompress_bunzip2 and decompress_unlzma have a nasty hack that subtracts 4 from the input length if being called in the pre-boot environment. This is a nasty hack because it relies on the fact that flush = NULL only when called from the pre-boot environment (i.e. arch/x86/boot/compressed/misc.c). initramfs.c/do_mounts_rd.c pass in a flush buffer (flush != NULL). This hack prevents the decompressors from being used with flush = NULL by other callers unless knowledge of the hack is propagated to them. This patch removes the hack by making decompress (called only from the pre-boot environment) a wrapper function that subtracts 4 from the input length before calling the decompressor. Signed-off-by:
Phillip Lougher <phillip@lougher.demon.co.uk> Cc: "H. Peter Anvin" <hpa@zytor.com> Signed-off-by:
-
Phillip Lougher authored
Fix and improve comments in decompress/generic.h that describe the decompressor API. Also remove an unused definition, and rename INBUF_LEN in lib/decompress_inflate.c to conform to bzip2/lzma naming. Signed-off-by:
-
Eric Dumazet authored
While looking at Jens Rosenboom bug report (http://lkml.org/lkml/2009/7/27/35) about strange sys_futex call done from a dying "ps" program, we found following problem. clone() syscall has special support for TID of created threads. This support includes two features. One (CLONE_CHILD_SETTID) is to set an integer into user memory with the TID value. One (CLONE_CHILD_CLEARTID) is to clear this same integer once the created thread dies. The integer location is a user provided pointer, provided at clone() time. kernel keeps this pointer value into current->clear_child_tid. At execve() time, we should make sure kernel doesnt keep this user provided pointer, as full user memory is replaced by a new one. As glibc fork() actually uses clone() syscall with CLONE_CHILD_SETTID and CLONE_CHILD_CLEARTID set, chances are high that we might corrupt user memory in forked processes. Following sequence could happen: 1) bash (or any program) starts a new process, by a fork() call that glibc maps to a clone( ... CLONE_CHILD_SETTID | CLONE_CHILD_CLEARTID ...) syscall 2) When new process starts, its current->clear_child_tid is set to a location that has a meaning only in bash (or initial program) context (&THREAD_SELF->tid) 3) This new process does the execve() syscall to start a new program. current->clear_child_tid is left unchanged (a non NULL value) 4) If this new program creates some threads, and initial thread exits, kernel will attempt to clear the integer pointed by current->clear_child_tid from mm_release() : if (tsk->clear_child_tid && !(tsk->flags & PF_SIGNALED) && atomic_read(&mm->mm_users) > 1) { u32 __user * tidptr = tsk->clear_child_tid; tsk->clear_child_tid = NULL; /* * We don't check the error code - if userspace has * not set up a proper pointer then tough luck. */ << here >> put_user(0, tidptr); sys_futex(tidptr, FUTEX_WAKE, 1, NULL, NULL, 0); } 5) OR : if new program is not multi-threaded, but spied by /proc/pid users (ps command for example), mm_users > 1, and the exiting program could corrupt 4 bytes in a persistent memory area (shm or memory mapped file) If current->clear_child_tid points to a writeable portion of memory of the new program, kernel happily and silently corrupts 4 bytes of memory, with unexpected effects. Fix is straightforward and should not break any sane program. Reported-by:
Jens Rosenboom <jens@mcbone.net> Acked-by:
Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by:
Oleg Nesterov <oleg@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Sonny Rao <sonnyrao@us.ibm.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ulrich Drepper <drepper@redhat.com> Cc: Oleg Nesterov <oleg@redhat.com> Cc: <stable@kernel.org> Signed-off-by:
-
