Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[PATCH 3.4 06/60] ASoC: wm8962: Turn on regcache_cache_only before disabling regulator
65 views
Skip to first unread message
Greg Kroah-Hartman
Dec 2, 2013, 2:10:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Nicolin Chen <b42...@freescale.com>
commit 50bfcf2df2fadf77e143d6099150e6fa7ef4d78c upstream.
It's safer to turn on regcache_cache_only before disabling regulator since
the driver will turn off the regcache_cache_only after enabling regulator.
If we remain cache_only false, some command like 'amixer cset' would get
failure if being run before wm8962_resume().
Signed-off-by: Nicolin Chen <b42...@freescale.com>
Signed-off-by: Mark Brown <bro...@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
sound/soc/codecs/wm8962.c | 2 ++
1 file changed, 2 insertions(+)
--- a/sound/soc/codecs/wm8962.c
+++ b/sound/soc/codecs/wm8962.c
@@ -3675,6 +3675,8 @@ static __devinit int wm8962_i2c_probe(st
if (ret < 0)
goto err_regmap;
+ regcache_cache_only(wm8962->regmap, true);
+
/* The drivers should power up as needed */
regulator_bulk_disable(ARRAY_SIZE(wm8962->supplies), wm8962->supplies);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majo...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
------------------
From: Nicolin Chen <b42...@freescale.com>
commit 50bfcf2df2fadf77e143d6099150e6fa7ef4d78c upstream.
It's safer to turn on regcache_cache_only before disabling regulator since
the driver will turn off the regcache_cache_only after enabling regulator.
If we remain cache_only false, some command like 'amixer cset' would get
failure if being run before wm8962_resume().
Signed-off-by: Nicolin Chen <b42...@freescale.com>
Signed-off-by: Mark Brown <bro...@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
sound/soc/codecs/wm8962.c | 2 ++
1 file changed, 2 insertions(+)
--- a/sound/soc/codecs/wm8962.c
+++ b/sound/soc/codecs/wm8962.c
@@ -3675,6 +3675,8 @@ static __devinit int wm8962_i2c_probe(st
if (ret < 0)
goto err_regmap;
+ regcache_cache_only(wm8962->regmap, true);
+
/* The drivers should power up as needed */
regulator_bulk_disable(ARRAY_SIZE(wm8962->supplies), wm8962->supplies);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majo...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Greg Kroah-Hartman
Dec 2, 2013, 2:10:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Larry Finger <Larry....@lwfinger.net>
------------------
commit b4ade797668e33b4e8353c2701ce01d7084dfafa upstream.
The routine that processes received frames was returning the RSSI value for the
signal strength; however, that value is available only for associated APs. As
a result, the strength was the absurd value of 10 dBm. As a result, scans
return incorrect values for the strength, which causes unwanted attempts to roam.
This patch fixes https://bugzilla.kernel.org/show_bug.cgi?id=63881.
Signed-off-by: Larry Finger <Larry....@lwfinger.net>
Reported-by: Matthieu Baerts <mat...@gmail.com>
Signed-off-by: John W. Linville <linv...@tuxdriver.com>
drivers/net/wireless/rtlwifi/rtl8192se/trx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/net/wireless/rtlwifi/rtl8192se/trx.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192se/trx.c
@@ -582,7 +582,7 @@ bool rtl92se_rx_query_desc(struct ieee80
}
/*rx_status->qual = stats->signal; */
- rx_status->signal = stats->rssi + 10;
+ rx_status->signal = stats->recvsignalpower + 10;
/*rx_status->noise = -stats->noise; */
return true;
Greg Kroah-Hartman
Dec 2, 2013, 2:10:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Larry Finger <Larry....@lwfinger.net>
commit 78dbfecb95be4635b995af3bd29fa10013409fcd upstream.
------------------
From: Larry Finger <Larry....@lwfinger.net>
The routine that processes received frames was returning the RSSI value for the
signal strength; however, that value is available only for associated APs. As
a result, the strength was the absurd value of 10 dBm. As a result, scans
return incorrect values for the strength, which causes unwanted attempts to roam.
Signed-off-by: John W. Linville <linv...@tuxdriver.com>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
drivers/net/wireless/rtlwifi/rtl8192cu/trx.c | 2 +-
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c
@@ -349,7 +349,7 @@ bool rtl92cu_rx_query_desc(struct ieee80
p_drvinfo);
Greg Kroah-Hartman
Dec 2, 2013, 2:10:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Ryan Mallon <rma...@gmail.com>
------------------
commit 312b4e226951f707e120b95b118cbc14f3d162b2 upstream.
Some setuid binaries will allow reading of files which have read
permission by the real user id. This is problematic with files which
use %pK because the file access permission is checked at open() time,
but the kptr_restrict setting is checked at read() time. If a setuid
binary opens a %pK file as an unprivileged user, and then elevates
permissions before reading the file, then kernel pointer values may be
leaked.
This happens for example with the setuid pppd application on Ubuntu 12.04:
$ head -1 /proc/kallsyms
00000000 T startup_32
$ pppd file /proc/kallsyms
pppd: In file /proc/kallsyms: unrecognized option 'c1000000'
This will only leak the pointer value from the first line, but other
setuid binaries may leak more information.
Fix this by adding a check that in addition to the current process having
CAP_SYSLOG, that effective user and group ids are equal to the real ids.
If a setuid binary reads the contents of a file which uses %pK then the
pointer values will be printed as NULL if the real user is unprivileged.
Update the sysctl documentation to reflect the changes, and also correct
the documentation to state the kptr_restrict=0 is the default.
This is a only temporary solution to the issue. The correct solution is
to do the permission check at open() time on files, and to replace %pK
with a function which checks the open() time permission. %pK uses in
printk should be removed since no sane permission check can be done, and
instead protected by using dmesg_restrict.
Signed-off-by: Ryan Mallon <rma...@gmail.com>
Cc: Kees Cook <kees...@chromium.org>
Cc: Alexander Viro <vi...@zeniv.linux.org.uk>
Cc: Joe Perches <j...@perches.com>
Cc: "Eric W. Biederman" <ebie...@xmission.com>
Signed-off-by: Andrew Morton <ak...@linux-foundation.org>
Signed-off-by: Linus Torvalds <torv...@linux-foundation.org>
Documentation/sysctl/kernel.txt | 25 ++++++++++++++++++-------
lib/vsprintf.c | 33 ++++++++++++++++++++++++++++++---
2 files changed, 48 insertions(+), 10 deletions(-)
--- a/Documentation/sysctl/kernel.txt
+++ b/Documentation/sysctl/kernel.txt
@@ -284,13 +284,24 @@ Default value is "/sbin/hotplug".
kptr_restrict:
This toggle indicates whether restrictions are placed on
-exposing kernel addresses via /proc and other interfaces. When
-kptr_restrict is set to (0), there are no restrictions. When
-kptr_restrict is set to (1), the default, kernel pointers
-printed using the %pK format specifier will be replaced with 0's
-unless the user has CAP_SYSLOG. When kptr_restrict is set to
-(2), kernel pointers printed using %pK will be replaced with 0's
-regardless of privileges.
+exposing kernel addresses via /proc and other interfaces.
+
+When kptr_restrict is set to (0), the default, there are no restrictions.
+
+When kptr_restrict is set to (1), kernel pointers printed using the %pK
+format specifier will be replaced with 0's unless the user has CAP_SYSLOG
+and effective user and group ids are equal to the real ids. This is
+because %pK checks are done at read() time rather than open() time, so
+if permissions are elevated between the open() and the read() (e.g via
+a setuid binary) then %pK will not leak kernel pointers to unprivileged
+users. Note, this is a temporary solution only. The correct long-term
+solution is to do the permission checks at open() time. Consider removing
+world read permissions from files that use %pK, and using dmesg_restrict
+to protect against uses of %pK in dmesg(8) if leaking kernel pointer
+values to unprivileged users is a concern.
+
+When kptr_restrict is set to (2), kernel pointers printed using
+%pK will be replaced with 0's regardless of privileges.
==============================================================
--- a/lib/vsprintf.c
+++ b/lib/vsprintf.c
@@ -25,6 +25,7 @@
#include <linux/kallsyms.h>
#include <linux/uaccess.h>
#include <linux/ioport.h>
+#include <linux/cred.h>
#include <net/addrconf.h>
#include <asm/page.h> /* for PAGE_SIZE */
@@ -930,11 +931,37 @@ char *pointer(const char *fmt, char *buf
spec.field_width = 2 * sizeof(void *);
return string(buf, end, "pK-error", spec);
}
- if (!((kptr_restrict == 0) ||
- (kptr_restrict == 1 &&
- has_capability_noaudit(current, CAP_SYSLOG))))
+
+ switch (kptr_restrict) {
+ case 0:
+ /* Always print %pK values */
+ break;
+ case 1: {
+ /*
+ * Only print the real pointer value if the current
+ * process has CAP_SYSLOG and is running with the
+ * same credentials it started with. This is because
+ * access to files is checked at open() time, but %pK
+ * checks permission at read() time. We don't want to
+ * leak pointer values if a binary opens a file using
+ * %pK and then elevates privileges before reading it.
+ */
+ const struct cred *cred = current_cred();
+
+ if (!has_capability_noaudit(current, CAP_SYSLOG) ||
+ (cred->euid != cred->uid) ||
+ (cred->egid != cred->gid))
+ ptr = NULL;
+ break;
+ }
+ case 2:
+ default:
+ /* Always print 0's for %pK */
ptr = NULL;
+ break;
+ }
break;
+
case 'N':
switch (fmt[1]) {
case 'F':
Greg Kroah-Hartman
Dec 2, 2013, 2:10:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Russell King <rmk+k...@arm.linux.org.uk>
------------------
commit f3964fe1c9d9a887d65faf594669852e4dec46e0 upstream.
The CS2 region contains the Assabet board configuration and status
registers, which are 32-bit. Unfortunately, some boot loaders do not
configure this region correctly, leaving it setup as a 16-bit region.
Fix this.
Signed-off-by: Russell King <rmk+k...@arm.linux.org.uk>
arch/arm/mach-sa1100/assabet.c | 3 +++
1 file changed, 3 insertions(+)
--- a/arch/arm/mach-sa1100/assabet.c
+++ b/arch/arm/mach-sa1100/assabet.c
@@ -509,6 +509,9 @@ static void __init assabet_map_io(void)
* Its called GPCLKR0 in my SA1110 manual.
*/
Ser1SDCR0 |= SDCR0_SUS;
+ MSC1 = (MSC1 & ~0xffff) |
+ MSC_NonBrst | MSC_32BitStMem |
+ MSC_RdAcc(2) | MSC_WrAcc(2) | MSC_Rec(0);
if (!machine_has_neponset())
sa1100_register_uart_fns(&assabet_port_fns);
Greg Kroah-Hartman
Dec 2, 2013, 2:10:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Yinghai Lu <yin...@kernel.org>
------------------
commit e7cc5cf74544d97d7b69e2701595037474db1f96 upstream.
The pcie_portdrv .probe() method calls pci_enable_device() once, in
pcie_port_device_register(), but the .remove() method calls
pci_disable_device() twice, in pcie_port_device_remove() and in
pcie_portdrv_remove().
That causes a "disabling already-disabled device" warning when removing a
PCIe port device. This happens all the time when removing Thunderbolt
devices, but is also easy to reproduce with, e.g.,
"echo 0000:00:1c.3 > /sys/bus/pci/drivers/pcieport/unbind"
This patch removes the disable from pcie_portdrv_remove().
[bhelgaas: changelog, tag for stable]
Reported-by: David Bulkow <David....@stratus.com>
Reported-by: Mika Westerberg <mika.we...@linux.intel.com>
Signed-off-by: Yinghai Lu <yin...@kernel.org>
Signed-off-by: Bjorn Helgaas <bhel...@google.com>
drivers/pci/pcie/portdrv_pci.c | 1 -
1 file changed, 1 deletion(-)
--- a/drivers/pci/pcie/portdrv_pci.c
+++ b/drivers/pci/pcie/portdrv_pci.c
@@ -151,7 +151,6 @@ static int __devinit pcie_portdrv_probe(
static void pcie_portdrv_remove(struct pci_dev *dev)
{
pcie_port_device_remove(dev);
- pci_disable_device(dev);
}
static int error_detected_iter(struct device *device, void *data)
Greg Kroah-Hartman
Dec 2, 2013, 2:10:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Avinash Patil <pat...@marvell.com>
------------------
commit d03b4aa77e1187b77dfe37d14a923547f00baa66 upstream.
While receiving a packet on SDIO interface, we allocate skb with
size multiple of SDIO block size. We need to resize this skb
after RX using packet length from RX header.
Signed-off-by: Avinash Patil <pat...@marvell.com>
Signed-off-by: Bing Zhao <bz...@marvell.com>
Signed-off-by: John W. Linville <linv...@tuxdriver.com>
drivers/net/wireless/mwifiex/sdio.c | 3 +++
1 file changed, 3 insertions(+)
--- a/drivers/net/wireless/mwifiex/sdio.c
+++ b/drivers/net/wireless/mwifiex/sdio.c
@@ -938,7 +938,10 @@ static int mwifiex_decode_rx_packet(stru
struct sk_buff *skb, u32 upld_typ)
{
u8 *cmd_buf;
+ __le16 *curr_ptr = (__le16 *)skb->data;
+ u16 pkt_len = le16_to_cpu(*curr_ptr);
+ skb_trim(skb, pkt_len);
skb_pull(skb, INTF_HEADER_LEN);
switch (upld_typ) {
Greg Kroah-Hartman
Dec 2, 2013, 2:10:04 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Peter Zijlstra <pet...@infradead.org>
------------------
commit 0fc0287c9ed1ffd3706f8b4d9b314aa102ef1245 upstream.
Juri hit the below lockdep report:
[ 4.303391] ======================================================
[ 4.303392] [ INFO: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected ]
[ 4.303394] 3.12.0-dl-peterz+ #144 Not tainted
[ 4.303395] ------------------------------------------------------
[ 4.303397] kworker/u4:3/689 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[ 4.303399] (&p->mems_allowed_seq){+.+...}, at: [<ffffffff8114e63c>] new_slab+0x6c/0x290
[ 4.303417]
[ 4.303417] and this task is already holding:
[ 4.303418] (&(&q->__queue_lock)->rlock){..-...}, at: [<ffffffff812d2dfb>] blk_execute_rq_nowait+0x5b/0x100
[ 4.303431] which would create a new lock dependency:
[ 4.303432] (&(&q->__queue_lock)->rlock){..-...} -> (&p->mems_allowed_seq){+.+...}
[ 4.303436]
[ 4.303898] the dependencies between the lock to be acquired and SOFTIRQ-irq-unsafe lock:
[ 4.303918] -> (&p->mems_allowed_seq){+.+...} ops: 2762 {
[ 4.303922] HARDIRQ-ON-W at:
[ 4.303923] [<ffffffff8108ab9a>] __lock_acquire+0x65a/0x1ff0
[ 4.303926] [<ffffffff8108cbe3>] lock_acquire+0x93/0x140
[ 4.303929] [<ffffffff81063dd6>] kthreadd+0x86/0x180
[ 4.303931] [<ffffffff816ded6c>] ret_from_fork+0x7c/0xb0
[ 4.303933] SOFTIRQ-ON-W at:
[ 4.303933] [<ffffffff8108abcc>] __lock_acquire+0x68c/0x1ff0
[ 4.303935] [<ffffffff8108cbe3>] lock_acquire+0x93/0x140
[ 4.303940] [<ffffffff81063dd6>] kthreadd+0x86/0x180
[ 4.303955] [<ffffffff816ded6c>] ret_from_fork+0x7c/0xb0
[ 4.303959] INITIAL USE at:
[ 4.303960] [<ffffffff8108a884>] __lock_acquire+0x344/0x1ff0
[ 4.303963] [<ffffffff8108cbe3>] lock_acquire+0x93/0x140
[ 4.303966] [<ffffffff81063dd6>] kthreadd+0x86/0x180
[ 4.303969] [<ffffffff816ded6c>] ret_from_fork+0x7c/0xb0
[ 4.303972] }
Which reports that we take mems_allowed_seq with interrupts enabled. A
little digging found that this can only be from
cpuset_change_task_nodemask().
This is an actual deadlock because an interrupt doing an allocation will
hit get_mems_allowed()->...->__read_seqcount_begin(), which will spin
forever waiting for the write side to complete.
Cc: John Stultz <john....@linaro.org>
Cc: Mel Gorman <mgo...@suse.de>
Reported-by: Juri Lelli <juri....@gmail.com>
Signed-off-by: Peter Zijlstra <pet...@infradead.org>
Tested-by: Juri Lelli <juri....@gmail.com>
Acked-by: Li Zefan <liz...@huawei.com>
Acked-by: Mel Gorman <mgo...@suse.de>
Signed-off-by: Tejun Heo <t...@kernel.org>
kernel/cpuset.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
--- a/kernel/cpuset.c
+++ b/kernel/cpuset.c
@@ -983,8 +983,10 @@ static void cpuset_change_task_nodemask(
need_loop = task_has_mempolicy(tsk) ||
!nodes_intersects(*newmems, tsk->mems_allowed);
- if (need_loop)
+ if (need_loop) {
+ local_irq_disable();
write_seqcount_begin(&tsk->mems_allowed_seq);
+ }
nodes_or(tsk->mems_allowed, tsk->mems_allowed, *newmems);
mpol_rebind_task(tsk, newmems, MPOL_REBIND_STEP1);
@@ -992,8 +994,10 @@ static void cpuset_change_task_nodemask(
mpol_rebind_task(tsk, newmems, MPOL_REBIND_STEP2);
tsk->mems_allowed = *newmems;
- if (need_loop)
+ if (need_loop) {
write_seqcount_end(&tsk->mems_allowed_seq);
+ local_irq_enable();
+ }
task_unlock(tsk);
Greg Kroah-Hartman
Dec 2, 2013, 2:10:04 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Alex Williamson <alex.wi...@redhat.com>
------------------
commit e40f193f5bb022e927a57a4f5d5194e4f12ddb74 upstream.
The iommu integration into memory slots expects memory slots to be
added or removed and doesn't handle the move case. We can unmap
slots from the iommu after we mark them invalid and map them before
installing the final memslot array. Also re-order the kmemdup vs
map so we don't leave iommu mappings if we get ENOMEM.
Reviewed-by: Gleb Natapov <gl...@redhat.com>
Signed-off-by: Alex Williamson <alex.wi...@redhat.com>
Signed-off-by: Marcelo Tosatti <mtos...@redhat.com>
Cc: Luis Henriques <luis.he...@canonical.com>
virt/kvm/kvm_main.c | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -790,6 +790,8 @@ int __kvm_set_memory_region(struct kvm *
old_memslots = kvm->memslots;
rcu_assign_pointer(kvm->memslots, slots);
synchronize_srcu_expedited(&kvm->srcu);
+ /* slot was deleted or moved, clear iommu mapping */
+ kvm_iommu_unmap_pages(kvm, &old);
/* From this point no new shadow pages pointing to a deleted,
* or moved, memslot will be created.
*
@@ -805,20 +807,19 @@ int __kvm_set_memory_region(struct kvm *
if (r)
goto out_free;
- /* map/unmap the pages in iommu page table */
- if (npages) {
- r = kvm_iommu_map_pages(kvm, &new);
- if (r)
- goto out_free;
- } else
- kvm_iommu_unmap_pages(kvm, &old);
-
r = -ENOMEM;
slots = kmemdup(kvm->memslots, sizeof(struct kvm_memslots),
GFP_KERNEL);
if (!slots)
goto out_free;
+ /* map new memory slot into the iommu */
+ if (npages) {
+ r = kvm_iommu_map_pages(kvm, &new);
+ if (r)
+ goto out_slots;
+ }
+
/* actual memory is freed via old in kvm_free_physmem_slot below */
if (!npages) {
new.rmap = NULL;
@@ -845,6 +846,8 @@ int __kvm_set_memory_region(struct kvm *
return 0;
+out_slots:
+ kfree(slots);
out_free:
kvm_free_physmem_slot(&new, &old);
out:
Greg Kroah-Hartman
Dec 2, 2013, 2:20:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Stefan Achatz <eraz...@users.sourceforge.net>
------------------
commit 7be63f20b00840a6f1c718dcee00855688d64acd upstream.
Add missing switch breaks.
Signed-off-by: Stefan Achatz <eraz...@users.sourceforge.net>
Signed-off-by: Jiri Kosina <jko...@suse.cz>
drivers/hid/hid-roccat-kovaplus.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/drivers/hid/hid-roccat-kovaplus.c
+++ b/drivers/hid/hid-roccat-kovaplus.c
@@ -623,9 +623,13 @@ static void kovaplus_keep_values_up_to_d
break;
case KOVAPLUS_MOUSE_REPORT_BUTTON_TYPE_CPI:
kovaplus->actual_cpi = kovaplus_convert_event_cpi(button_report->data1);
+ break;
case KOVAPLUS_MOUSE_REPORT_BUTTON_TYPE_SENSITIVITY:
kovaplus->actual_x_sensitivity = button_report->data1;
kovaplus->actual_y_sensitivity = button_report->data2;
+ break;
+ default:
+ break;
Greg Kroah-Hartman
Dec 2, 2013, 2:20:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Nanno Langstraat <lan...@gmail.com>
------------------
commit 43c831468b3d26dbe8f2e061ccaf1abaf9cc1b8b upstream.
Use case: people who use both Apple and PC keyboards regularly, and desire to
keep&use their PC muscle memory.
A particular use case: an Apple compact external keyboard connected to a PC
laptop. (This use case can't be covered well by X.org key remappings etc.)
Signed-off-by: Nanno Langstraat <lan...@gmail.com>
Signed-off-by: Jiri Kosina <jko...@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
drivers/hid/hid-apple.c | 22 ++++++++++++++++++++++
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
1 file changed, 22 insertions(+)
--- a/drivers/hid/hid-apple.c
+++ b/drivers/hid/hid-apple.c
@@ -48,6 +48,12 @@ module_param(iso_layout, uint, 0644);
MODULE_PARM_DESC(iso_layout, "Enable/Disable hardcoded ISO-layout of the keyboard. "
"(0 = disabled, [1] = enabled)");
+static unsigned int swap_opt_cmd = 0;
+module_param(swap_opt_cmd, uint, 0644);
+MODULE_PARM_DESC(swap_opt_cmd, "Swap the Option (\"Alt\") and Command (\"Flag\") keys. "
+ "(For people who want to keep Windows PC keyboard muscle memory. "
+ "[0] = as-is, Mac layout. 1 = swapped, Windows layout.)");
+
struct apple_sc {
unsigned long quirks;
unsigned int fn_on;
@@ -152,6 +158,14 @@ static const struct apple_key_translatio
{ }
};
+static const struct apple_key_translation swapped_option_cmd_keys[] = {
+ { KEY_LEFTALT, KEY_LEFTMETA },
+ { KEY_LEFTMETA, KEY_LEFTALT },
+ { KEY_RIGHTALT, KEY_RIGHTMETA },
+ { KEY_RIGHTMETA,KEY_RIGHTALT },
+ { }
+};
+
static const struct apple_key_translation *apple_find_translation(
const struct apple_key_translation *table, u16 from)
{
@@ -244,6 +258,14 @@ static int hidinput_apple_event(struct h
}
}
+ if (swap_opt_cmd) {
+ trans = apple_find_translation(swapped_option_cmd_keys, usage->code);
+ if (trans) {
+ input_event(input, usage->type, trans->to, value);
+ return 1;
+ }
+ }
+
return 0;
Greg Kroah-Hartman
Dec 2, 2013, 2:20:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Alex Deucher <alexande...@amd.com>
------------------
commit d5693761b2b4ff530c8af8af9ec55b6eae76e617 upstream.
Typo in the register offset.
Noticed-by: Sylvain BERTRAND <syl...@legeek.net>
Signed-off-by: Alex Deucher <alexande...@amd.com>
drivers/gpu/drm/radeon/sid.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/gpu/drm/radeon/sid.h
+++ b/drivers/gpu/drm/radeon/sid.h
@@ -165,7 +165,7 @@
#define NOOFGROUPS_SHIFT 12
#define NOOFGROUPS_MASK 0x00001000
-#define MC_SEQ_TRAIN_WAKEUP_CNTL 0x2808
+#define MC_SEQ_TRAIN_WAKEUP_CNTL 0x28e8
#define TRAIN_DONE_D0 (1 << 30)
#define TRAIN_DONE_D1 (1 << 31)
Greg Kroah-Hartman
Dec 2, 2013, 2:20:04 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Mathias Krause <min...@googlemail.com>
------------------
commit 64fbff9ae0a0a843365d922e0057fc785f23f0e3 upstream.
We leak 4 bytes of kernel stack in response to an AUDIT_GET request as
we miss to initialize the mask member of status_set. Fix that.
Cc: Al Viro <vi...@zeniv.linux.org.uk>
Cc: Eric Paris <epa...@redhat.com>
Signed-off-by: Mathias Krause <min...@googlemail.com>
Signed-off-by: Richard Guy Briggs <r...@redhat.com>
Signed-off-by: Eric Paris <epa...@redhat.com>
kernel/audit.c | 1 +
1 file changed, 1 insertion(+)
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -684,6 +684,7 @@ static int audit_receive_msg(struct sk_b
switch (msg_type) {
case AUDIT_GET:
+ status_set.mask = 0;
status_set.enabled = audit_enabled;
status_set.failure = audit_failure;
status_set.pid = audit_pid;
Greg Kroah-Hartman
Dec 2, 2013, 2:20:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Ben Skeggs <bsk...@redhat.com>
------------------
commit 9360bd1112d8874d21942e2ae74f5416b00a8db6 upstream.
Signed-off-by: Ben Skeggs <bsk...@redhat.com>
drivers/gpu/drm/nouveau/nouveau_gem.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/drivers/gpu/drm/nouveau/nouveau_gem.c
+++ b/drivers/gpu/drm/nouveau/nouveau_gem.c
@@ -281,7 +281,8 @@ validate_fini_list(struct list_head *lis
list_for_each_safe(entry, tmp, list) {
nvbo = list_entry(entry, struct nouveau_bo, entry);
- nouveau_bo_fence(nvbo, fence);
+ if (likely(fence))
+ nouveau_bo_fence(nvbo, fence);
if (unlikely(nvbo->validate_mapped)) {
ttm_bo_kunmap(&nvbo->kmap);
Greg Kroah-Hartman
Dec 2, 2013, 2:20:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Tyler Hicks <tyh...@canonical.com>
------------------
commit 0868a5e150bc4c47e7a003367cd755811eb41e0b upstream.
When the audit=1 kernel parameter is absent and auditd is not running,
AUDIT_USER_AVC messages are being silently discarded.
AUDIT_USER_AVC messages should be sent to userspace using printk(), as
mentioned in the commit message of 4a4cd633 ("AUDIT: Optimise the
audit-disabled case for discarding user messages").
When audit_enabled is 0, audit_receive_msg() discards all user messages
except for AUDIT_USER_AVC messages. However, audit_log_common_recv_msg()
refuses to allocate an audit_buffer if audit_enabled is 0. The fix is to
special case AUDIT_USER_AVC messages in both functions.
It looks like commit 50397bd1 ("[AUDIT] clean up audit_receive_msg()")
introduced this bug.
Signed-off-by: Tyler Hicks <tyh...@canonical.com>
Cc: linux...@redhat.com
Acked-by: Kees Cook <kees...@chromium.org>
kernel/audit.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -625,7 +625,7 @@ static int audit_log_common_recv_msg(str
char *ctx = NULL;
u32 len;
- if (!audit_enabled) {
+ if (!audit_enabled && msg_type != AUDIT_USER_AVC) {
*ab = NULL;
return rc;
Greg Kroah-Hartman
Dec 2, 2013, 2:20:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Daniel Vetter <daniel...@ffwll.ch>
------------------
commit b2ea8ef559b4d94190009f3651b5b3ab7c05afd3 upstream.
Apparently they need the same treatment as primary planes. This fixes
modesetting failures because of stuck cursors (!) on Thomas' i830M
machine.
I've figured while at it I'll also roll it out for the ivb 3 pipe
version of this function. I didn't do this for i845/i865 since Bspec
says the update mechanism works differently, and there's some
additional rules about what can be updated in which order.
Tested-by: Thomas Richter <th...@math.tu-berlin.de>
Cc: Thomas Richter <th...@math.tu-berlin.de>
Cc: Ville Syrjälä <ville....@linux.intel.com>
Signed-off-by: Daniel Vetter <daniel...@ffwll.ch>
drivers/gpu/drm/i915/intel_display.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/drivers/gpu/drm/i915/intel_display.c
+++ b/drivers/gpu/drm/i915/intel_display.c
@@ -6377,7 +6377,9 @@ static void i9xx_update_cursor(struct dr
intel_crtc->cursor_visible = visible;
}
/* and commit changes on next vblank */
+ POSTING_READ(CURCNTR(pipe));
I915_WRITE(CURBASE(pipe), base);
+ POSTING_READ(CURBASE(pipe));
}
static void ivb_update_cursor(struct drm_crtc *crtc, u32 base)
@@ -6402,7 +6404,9 @@ static void ivb_update_cursor(struct drm
intel_crtc->cursor_visible = visible;
}
/* and commit changes on next vblank */
+ POSTING_READ(CURCNTR_IVB(pipe));
I915_WRITE(CURBASE_IVB(pipe), base);
+ POSTING_READ(CURBASE_IVB(pipe));
}
/* If no-part of the cursor is visible on the framebuffer, then the GPU may hang... */
Greg Kroah-Hartman
Dec 2, 2013, 2:20:06 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: "Steven Rostedt (Red Hat)" <ros...@goodmis.org>
------------------
commit 8a56d7761d2d041ae5e8215d20b4167d8aa93f51 upstream.
Commit 8c4f3c3fa9681 "ftrace: Check module functions being traced on reload"
fixed module loading and unloading with respect to function tracing, but
it missed the function graph tracer. If you perform the following
# cd /sys/kernel/debug/tracing
# echo function_graph > current_tracer
# modprobe nfsd
# echo nop > current_tracer
You'll get the following oops message:
------------[ cut here ]------------
WARNING: CPU: 2 PID: 2910 at /linux.git/kernel/trace/ftrace.c:1640 __ftrace_hash_rec_update.part.35+0x168/0x1b9()
Modules linked in: nfsd exportfs nfs_acl lockd ipt_MASQUERADE sunrpc ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter ip6_tables uinput snd_hda_codec_idt
CPU: 2 PID: 2910 Comm: bash Not tainted 3.13.0-rc1-test #7
Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./To be filled by O.E.M., BIOS SDBLI944.86P 05/08/2007
0000000000000668 ffff8800787efcf8 ffffffff814fe193 ffff88007d500000
0000000000000000 ffff8800787efd38 ffffffff8103b80a 0000000000000668
ffffffff810b2b9a ffffffff81a48370 0000000000000001 ffff880037aea000
Call Trace:
[<ffffffff814fe193>] dump_stack+0x4f/0x7c
[<ffffffff8103b80a>] warn_slowpath_common+0x81/0x9b
[<ffffffff810b2b9a>] ? __ftrace_hash_rec_update.part.35+0x168/0x1b9
[<ffffffff8103b83e>] warn_slowpath_null+0x1a/0x1c
[<ffffffff810b2b9a>] __ftrace_hash_rec_update.part.35+0x168/0x1b9
[<ffffffff81502f89>] ? __mutex_lock_slowpath+0x364/0x364
[<ffffffff810b2cc2>] ftrace_shutdown+0xd7/0x12b
[<ffffffff810b47f0>] unregister_ftrace_graph+0x49/0x78
[<ffffffff810c4b30>] graph_trace_reset+0xe/0x10
[<ffffffff810bf393>] tracing_set_tracer+0xa7/0x26a
[<ffffffff810bf5e1>] tracing_set_trace_write+0x8b/0xbd
[<ffffffff810c501c>] ? ftrace_return_to_handler+0xb2/0xde
[<ffffffff811240a8>] ? __sb_end_write+0x5e/0x5e
[<ffffffff81122aed>] vfs_write+0xab/0xf6
[<ffffffff8150a185>] ftrace_graph_caller+0x85/0x85
[<ffffffff81122dbd>] SyS_write+0x59/0x82
[<ffffffff8150a185>] ftrace_graph_caller+0x85/0x85
[<ffffffff8150a2d2>] system_call_fastpath+0x16/0x1b
---[ end trace 940358030751eafb ]---
The above mentioned commit didn't go far enough. Well, it covered the
function tracer by adding checks in __register_ftrace_function(). The
problem is that the function graph tracer circumvents that (for a slight
efficiency gain when function graph trace is running with a function
tracer. The gain was not worth this).
The problem came with ftrace_startup() which should always be called after
__register_ftrace_function(), if you want this bug to be completely fixed.
Anyway, this solution moves __register_ftrace_function() inside of
ftrace_startup() and removes the need to call them both.
Reported-by: Dave Wysochanski <dwys...@redhat.com>
Fixes: ed926f9b35cd ("ftrace: Use counters to enable functions to trace")
Signed-off-by: Steven Rostedt <ros...@goodmis.org>
kernel/trace/ftrace.c | 68 +++++++++++++++++++++++++-------------------------
1 file changed, 34 insertions(+), 34 deletions(-)
--- a/kernel/trace/ftrace.c
+++ b/kernel/trace/ftrace.c
@@ -312,9 +312,6 @@ static int remove_ftrace_list_ops(struct
static int __register_ftrace_function(struct ftrace_ops *ops)
{
- if (ftrace_disabled)
- return -ENODEV;
-
if (FTRACE_WARN_ON(ops == &global_ops))
return -EINVAL;
@@ -348,9 +345,6 @@ static int __unregister_ftrace_function(
{
int ret;
- if (ftrace_disabled)
- return -ENODEV;
-
if (WARN_ON(!(ops->flags & FTRACE_OPS_FL_ENABLED)))
return -EBUSY;
@@ -1940,10 +1934,15 @@ static void ftrace_startup_enable(int co
static int ftrace_startup(struct ftrace_ops *ops, int command)
{
bool hash_enable = true;
+ int ret;
if (unlikely(ftrace_disabled))
return -ENODEV;
+ ret = __register_ftrace_function(ops);
+ if (ret)
+ return ret;
+
ftrace_start_up++;
command |= FTRACE_UPDATE_CALLS;
@@ -1965,12 +1964,17 @@ static int ftrace_startup(struct ftrace_
return 0;
}
-static void ftrace_shutdown(struct ftrace_ops *ops, int command)
+static int ftrace_shutdown(struct ftrace_ops *ops, int command)
{
bool hash_disable = true;
+ int ret;
if (unlikely(ftrace_disabled))
- return;
+ return -ENODEV;
+
+ ret = __unregister_ftrace_function(ops);
+ if (ret)
+ return ret;
ftrace_start_up--;
/*
@@ -2005,9 +2009,10 @@ static void ftrace_shutdown(struct ftrac
}
if (!command || !ftrace_enabled)
- return;
+ return 0;
ftrace_run_update_code(command);
+ return 0;
}
static void ftrace_startup_sysctl(void)
@@ -2873,16 +2878,13 @@ static void __enable_ftrace_function_pro
if (i == FTRACE_FUNC_HASHSIZE)
return;
- ret = __register_ftrace_function(&trace_probe_ops);
- if (!ret)
- ret = ftrace_startup(&trace_probe_ops, 0);
+ ret = ftrace_startup(&trace_probe_ops, 0);
ftrace_probe_registered = 1;
}
static void __disable_ftrace_function_probe(void)
{
- int ret;
int i;
if (!ftrace_probe_registered)
@@ -2895,9 +2897,7 @@ static void __disable_ftrace_function_pr
}
/* no more funcs left */
- ret = __unregister_ftrace_function(&trace_probe_ops);
- if (!ret)
- ftrace_shutdown(&trace_probe_ops, 0);
+ ftrace_shutdown(&trace_probe_ops, 0);
ftrace_probe_registered = 0;
}
@@ -3948,12 +3948,15 @@ device_initcall(ftrace_nodyn_init);
static inline int ftrace_init_dyn_debugfs(struct dentry *d_tracer) { return 0; }
static inline void ftrace_startup_enable(int command) { }
/* Keep as macros so we do not need to define the commands */
-# define ftrace_startup(ops, command) \
- ({ \
- (ops)->flags |= FTRACE_OPS_FL_ENABLED; \
- 0; \
+# define ftrace_startup(ops, command) \
+ ({ \
+ int ___ret = __register_ftrace_function(ops); \
+ if (!___ret) \
+ (ops)->flags |= FTRACE_OPS_FL_ENABLED; \
+ ___ret; \
})
-# define ftrace_shutdown(ops, command) do { } while (0)
+# define ftrace_shutdown(ops, command) __unregister_ftrace_function(ops)
+
# define ftrace_startup_sysctl() do { } while (0)
# define ftrace_shutdown_sysctl() do { } while (0)
@@ -4323,15 +4326,8 @@ int register_ftrace_function(struct ftra
mutex_lock(&ftrace_lock);
- if (unlikely(ftrace_disabled))
- goto out_unlock;
-
- ret = __register_ftrace_function(ops);
- if (!ret)
- ret = ftrace_startup(ops, 0);
+ ret = ftrace_startup(ops, 0);
-
- out_unlock:
mutex_unlock(&ftrace_lock);
return ret;
}
@@ -4348,9 +4344,7 @@ int unregister_ftrace_function(struct ft
int ret;
mutex_lock(&ftrace_lock);
- ret = __unregister_ftrace_function(ops);
- if (!ret)
- ftrace_shutdown(ops, 0);
+ ret = ftrace_shutdown(ops, 0);
mutex_unlock(&ftrace_lock);
return ret;
@@ -4544,6 +4538,12 @@ ftrace_suspend_notifier_call(struct noti
return NOTIFY_DONE;
}
+/* Just a place holder for function graph */
+static struct ftrace_ops fgraph_ops __read_mostly = {
+ .func = ftrace_stub,
+ .flags = FTRACE_OPS_FL_GLOBAL,
+};
+
int register_ftrace_graph(trace_func_graph_ret_t retfunc,
trace_func_graph_ent_t entryfunc)
{
@@ -4570,7 +4570,7 @@ int register_ftrace_graph(trace_func_gra
ftrace_graph_return = retfunc;
ftrace_graph_entry = entryfunc;
- ret = ftrace_startup(&global_ops, FTRACE_START_FUNC_RET);
+ ret = ftrace_startup(&fgraph_ops, FTRACE_START_FUNC_RET);
out:
mutex_unlock(&ftrace_lock);
@@ -4587,7 +4587,7 @@ void unregister_ftrace_graph(void)
ftrace_graph_active--;
ftrace_graph_return = (trace_func_graph_ret_t)ftrace_stub;
ftrace_graph_entry = ftrace_graph_entry_stub;
- ftrace_shutdown(&global_ops, FTRACE_STOP_FUNC_RET);
+ ftrace_shutdown(&fgraph_ops, FTRACE_STOP_FUNC_RET);
unregister_pm_notifier(&ftrace_suspend_notifier);
unregister_trace_sched_switch(ftrace_graph_probe_sched_switch, NULL);
Greg Kroah-Hartman
Dec 2, 2013, 2:20:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Mauro Carvalho Chehab <m.ch...@samsung.com>
------------------
commit ac5b4b6bf0c84c48d7e2e3fce22e35b04282ba76 upstream.
Dynamic static allocation is evil, as Kernel stack is too low, and
ompilation complains about it on some archs:
drivers/staging/media/lirc/lirc_zilog.c:967:1: warning: 'read' uses dynamic stack allocation [enabled by default]
Instead, let's enforce a limit for the buffer to be 64. That should
be more than enough.
Signed-off-by: Mauro Carvalho Chehab <m.ch...@samsung.com>
Reviewed-by: Hans Verkuil <hans.v...@cisco.com>
Signed-off-by: Mauro Carvalho Chehab <m.ch...@samsung.com>
drivers/staging/media/lirc/lirc_zilog.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
--- a/drivers/staging/media/lirc/lirc_zilog.c
+++ b/drivers/staging/media/lirc/lirc_zilog.c
@@ -61,6 +61,9 @@
#include <media/lirc_dev.h>
#include <media/lirc.h>
+/* Max transfer size done by I2C transfer functions */
+#define MAX_XFER_SIZE 64
+
struct IR;
struct IR_rx {
@@ -942,7 +945,14 @@ static ssize_t read(struct file *filep,
schedule();
set_current_state(TASK_INTERRUPTIBLE);
} else {
- unsigned char buf[rbuf->chunk_size];
+ unsigned char buf[MAX_XFER_SIZE];
+
+ if (rbuf->chunk_size > sizeof(buf)) {
+ zilog_error("chunk_size is too big (%d)!\n",
+ rbuf->chunk_size);
+ ret = -EINVAL;
+ break;
+ }
m = lirc_buffer_read(rbuf, buf);
if (m == rbuf->chunk_size) {
ret = copy_to_user((void *)outbuf+written, buf,
Greg Kroah-Hartman
Dec 2, 2013, 4:30:01 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Malcolm Priestley <tvbo...@gmail.com>
------------------
commit 9df682927c2e3a92f43803d6b52095992e3b2ab8 upstream.
This fixes resets on heavy TX data traffic.
Vendor driver
VT6656_Linux_src_v1.21.03_x86_11.04.zip
http://www.viaembedded.com/servlet/downloadSvl?id=1890&download_file_id=14704
This is GPL-licensed code.
original code
BBbVT3184Init
...
//2007-0725, RobertChang add, Enable Squelch detect reset option(SQ_RST_Opt), USB (register4, bit1)
CONTROLnsRequestIn(pDevice,
MESSAGE_TYPE_READ,
(WORD)0x600+4, // USB's Reg4's bit1
MESSAGE_REQUEST_MEM,
1,
(PBYTE) &byData);
byData = byData|2 ;
CONTROLnsRequestOut(pDevice,
MESSAGE_TYPE_WRITE,
(WORD)0x600+4, // USB's Reg4's bit1
MESSAGE_REQUEST_MEM,
1,
(PBYTE) &byData);
return TRUE;//ntStatus;
....
A back port patch is needed for kernels less than 3.10.
Signed-off-by: Malcolm Priestley <tvbo...@gmail.com>
drivers/staging/vt6656/baseband.c | 11 +++++++++++
drivers/staging/vt6656/rndis.h | 1 +
2 files changed, 12 insertions(+)
--- a/drivers/staging/vt6656/baseband.c
+++ b/drivers/staging/vt6656/baseband.c
@@ -976,6 +976,7 @@ BOOL BBbVT3184Init(PSDevice pDevice)
PBYTE pbyAgc;
WORD wLengthAgc;
BYTE abyArray[256];
+ u8 data;
ntStatus = CONTROLnsRequestIn(pDevice,
MESSAGE_TYPE_READ,
@@ -1144,6 +1145,16 @@ else {
ControlvWriteByte(pDevice,MESSAGE_REQUEST_BBREG,0x0D,0x01);
RFbRFTableDownload(pDevice);
+
+ /* Fix for TX USB resets from vendors driver */
+ CONTROLnsRequestIn(pDevice, MESSAGE_TYPE_READ, USB_REG4,
+ MESSAGE_REQUEST_MEM, sizeof(data), &data);
+
+ data |= 0x2;
+
+ CONTROLnsRequestOut(pDevice, MESSAGE_TYPE_WRITE, USB_REG4,
+ MESSAGE_REQUEST_MEM, sizeof(data), &data);
+
return TRUE;//ntStatus;
}
--- a/drivers/staging/vt6656/rndis.h
+++ b/drivers/staging/vt6656/rndis.h
@@ -69,6 +69,7 @@
#define VIAUSB20_PACKET_HEADER 0x04
+#define USB_REG4 0x604
/*--------------------- Export Classes ----------------------------*/
Greg Kroah-Hartman
Dec 2, 2013, 4:30:01 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Mikulas Patocka <mpat...@redhat.com>
------------------
commit f36afb3957353d2529cb2b00f78fdccd14fc5e9c upstream.
dm-mpath and dm-thin must process messages even if some device is
suspended, so we allocate argv buffer with GFP_NOIO. These messages have
a small fixed number of arguments.
On the other hand, dm-switch needs to process bulk data using messages
so excessive use of GFP_NOIO could cause trouble.
The patch also lowers the default number of arguments from 64 to 8, so
that there is smaller load on GFP_NOIO allocations.
Signed-off-by: Mikulas Patocka <mpat...@redhat.com>
Acked-by: Alasdair G Kergon <a...@redhat.com>
Signed-off-by: Mike Snitzer <sni...@redhat.com>
drivers/md/dm-table.c | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
--- a/drivers/md/dm-table.c
+++ b/drivers/md/dm-table.c
@@ -581,14 +581,28 @@ static int adjoin(struct dm_table *table
/*
* Used to dynamically allocate the arg array.
+ *
+ * We do first allocation with GFP_NOIO because dm-mpath and dm-thin must
+ * process messages even if some device is suspended. These messages have a
+ * small fixed number of arguments.
+ *
+ * On the other hand, dm-switch needs to process bulk data using messages and
+ * excessive use of GFP_NOIO could cause trouble.
*/
static char **realloc_argv(unsigned *array_size, char **old_argv)
{
char **argv;
unsigned new_size;
+ gfp_t gfp;
- new_size = *array_size ? *array_size * 2 : 64;
- argv = kmalloc(new_size * sizeof(*argv), GFP_KERNEL);
+ if (*array_size) {
+ new_size = *array_size * 2;
+ gfp = GFP_KERNEL;
+ } else {
+ new_size = 8;
+ gfp = GFP_NOIO;
+ }
+ argv = kmalloc(new_size * sizeof(*argv), gfp);
if (argv) {
memcpy(argv, old_argv, *array_size * sizeof(*argv));
*array_size = new_size;
Greg Kroah-Hartman
Dec 2, 2013, 4:30:01 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Andreas Bießmann <and...@biessmann.de>
------------------
commit 7a2a74f4b856993218aa7cdeeb6c3103101340db upstream.
Before the CRT was (fully) set up in kernel_entry (bss cleared before in
_start, but also not before jump to panic() in no_tag_table case).
This patch fixes this up to have a fully working CRT when branching to panic()
in no_tag_table.
Signed-off-by: Andreas Bießmann <and...@biessmann.de>
Acked-by: Hans-Christian Egtvedt <egt...@samfundet.no>
Cc: Haavard Skinnemoen <hskin...@gmail.com>
arch/avr32/boot/u-boot/head.S | 30 +++++++++++++++++++++++++-----
arch/avr32/kernel/head.S | 20 --------------------
2 files changed, 25 insertions(+), 25 deletions(-)
--- a/arch/avr32/boot/u-boot/head.S
+++ b/arch/avr32/boot/u-boot/head.S
@@ -8,6 +8,8 @@
* published by the Free Software Foundation.
*/
#include <asm/setup.h>
+#include <asm/thread_info.h>
+#include <asm/sysreg.h>
/*
* The kernel is loaded where we want it to be and all caches
@@ -20,11 +22,6 @@
.section .init.text,"ax"
.global _start
_start:
- /* Check if the boot loader actually provided a tag table */
- lddpc r0, magic_number
- cp.w r12, r0
- brne no_tag_table
-
/* Initialize .bss */
lddpc r2, bss_start_addr
lddpc r3, end_addr
@@ -34,6 +31,25 @@ _start:
cp r2, r3
brlo 1b
+ /* Initialize status register */
+ lddpc r0, init_sr
+ mtsr SYSREG_SR, r0
+
+ /* Set initial stack pointer */
+ lddpc sp, stack_addr
+ sub sp, -THREAD_SIZE
+
+#ifdef CONFIG_FRAME_POINTER
+ /* Mark last stack frame */
+ mov lr, 0
+ mov r7, 0
+#endif
+
+ /* Check if the boot loader actually provided a tag table */
+ lddpc r0, magic_number
+ cp.w r12, r0
+ brne no_tag_table
+
/*
* Save the tag table address for later use. This must be done
* _after_ .bss has been initialized...
@@ -53,6 +69,10 @@ bss_start_addr:
.long __bss_start
end_addr:
.long _end
+init_sr:
+ .long 0x007f0000 /* Supervisor mode, everything masked */
+stack_addr:
+ .long init_thread_union
no_tag_table:
sub r12, pc, (. - 2f)
--- a/arch/avr32/kernel/head.S
+++ b/arch/avr32/kernel/head.S
@@ -10,33 +10,13 @@
#include <linux/linkage.h>
#include <asm/page.h>
-#include <asm/thread_info.h>
-#include <asm/sysreg.h>
.section .init.text,"ax"
.global kernel_entry
kernel_entry:
- /* Initialize status register */
- lddpc r0, init_sr
- mtsr SYSREG_SR, r0
-
- /* Set initial stack pointer */
- lddpc sp, stack_addr
- sub sp, -THREAD_SIZE
-
-#ifdef CONFIG_FRAME_POINTER
- /* Mark last stack frame */
- mov lr, 0
- mov r7, 0
-#endif
-
/* Start the show */
lddpc pc, kernel_start_addr
.align 2
-init_sr:
- .long 0x007f0000 /* Supervisor mode, everything masked */
-stack_addr:
- .long init_thread_union
kernel_start_addr:
.long start_kernel
Greg Kroah-Hartman
Dec 2, 2013, 4:30:01 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Kailang Yang <kai...@realtek.com>
------------------
commit 9ad54547cf6f4410eba83bb95dfd2a0966718d6d upstream.
Set the missing pcbeep default amp for ALC668.
Signed-off-by: Kailang Yang <kai...@realtek.com>
Signed-off-by: Takashi Iwai <ti...@suse.de>
sound/pci/hda/patch_realtek.c | 1 +
1 file changed, 1 insertion(+)
--- a/sound/pci/hda/patch_realtek.c
+++ b/sound/pci/hda/patch_realtek.c
@@ -6969,6 +6969,7 @@ static int patch_alc662(struct hda_codec
case 0x10ec0272:
case 0x10ec0663:
case 0x10ec0665:
+ case 0x10ec0668:
set_beep_amp(spec, 0x0b, 0x04, HDA_INPUT);
break;
case 0x10ec0273:
Greg Kroah-Hartman
Dec 2, 2013, 4:30:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Tom Gundersen <t...@jklm.no>
------------------
commit 78551277e4df57864b0b0e7f85c23ede2be2edb8 upstream.
This allows the module to be autoloaded in the common case.
In order to work on non-PnP systems the module should be compiled in or
loaded unconditionally at boot (c.f. modules-load.d(5)), as before.
Signed-off-by: Tom Gundersen <t...@jklm.no>
Signed-off-by: Dmitry Torokhov <dmitry....@gmail.com>
drivers/input/serio/i8042-x86ia64io.h | 2 ++
1 file changed, 2 insertions(+)
--- a/drivers/input/serio/i8042-x86ia64io.h
+++ b/drivers/input/serio/i8042-x86ia64io.h
@@ -765,6 +765,7 @@ static struct pnp_device_id pnp_kbd_devi
{ .id = "CPQA0D7", .driver_data = 0 },
{ .id = "", },
};
+MODULE_DEVICE_TABLE(pnp, pnp_kbd_devids);
static struct pnp_driver i8042_pnp_kbd_driver = {
.name = "i8042 kbd",
@@ -786,6 +787,7 @@ static struct pnp_device_id pnp_aux_devi
{ .id = "SYN0801", .driver_data = 0 },
{ .id = "", },
};
+MODULE_DEVICE_TABLE(pnp, pnp_aux_devids);
static struct pnp_driver i8042_pnp_aux_driver = {
.name = "i8042 aux",
Greg Kroah-Hartman
Dec 2, 2013, 4:30:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
commit 4e58e54754dc1fec21c3a9e824bc108b05fdf46e upstream.
------------------
If an TRACE_EVENT() uses __assign_str() or __get_str on a NULL pointer
then the following oops will happen:
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<c127a17b>] strlen+0x10/0x1a
*pde = 00000000 ^M
Oops: 0000 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 3.13.0-rc1-test+ #2
Hardware name: /DG965MQ, BIOS MQ96510J.86A.0372.2006.0605.1717 06/05/2006^M
task: f5cde9f0 ti: f5e5e000 task.ti: f5e5e000
EIP: 0060:[<c127a17b>] EFLAGS: 00210046 CPU: 1
EIP is at strlen+0x10/0x1a
EAX: 00000000 EBX: c2472da8 ECX: ffffffff EDX: c2472da8
ESI: c1c5e5fc EDI: 00000000 EBP: f5e5fe84 ESP: f5e5fe80
DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
CR0: 8005003b CR2: 00000000 CR3: 01f32000 CR4: 000007d0
Stack:
f5f18b90 f5e5feb8 c10687a8 0759004f 00000005 00000005 00000005 00200046
00000002 00000000 c1082a93 f56c7e28 c2472da8 c1082a93 f5e5fee4 c106bc61^M
00000000 c1082a93 00000000 00000000 00000001 00200046 00200082 00000000
Call Trace:
[<c10687a8>] ftrace_raw_event_lock+0x39/0xc0
[<c1082a93>] ? ktime_get+0x29/0x69
[<c1082a93>] ? ktime_get+0x29/0x69
[<c106bc61>] lock_release+0x57/0x1a5
[<c1082a93>] ? ktime_get+0x29/0x69
[<c10824dd>] read_seqcount_begin.constprop.7+0x4d/0x75
[<c1082a93>] ? ktime_get+0x29/0x69^M
[<c1082a93>] ktime_get+0x29/0x69
[<c108a46a>] __tick_nohz_idle_enter+0x1e/0x426
[<c10690e8>] ? lock_release_holdtime.part.19+0x48/0x4d
[<c10bc184>] ? time_hardirqs_off+0xe/0x28
[<c1068c82>] ? trace_hardirqs_off_caller+0x3f/0xaf
[<c108a8cb>] tick_nohz_idle_enter+0x59/0x62
[<c1079242>] cpu_startup_entry+0x64/0x192
[<c102299c>] start_secondary+0x277/0x27c
Code: 90 89 c6 89 d0 88 c4 ac 38 e0 74 09 84 c0 75 f7 be 01 00 00 00 89 f0 48 5e 5d c3 55 89 e5 57 66 66 66 66 90 83 c9 ff 89 c7 31 c0 <f2> ae f7 d1 8d 41 ff 5f 5d c3 55 89 e5 57 66 66 66 66 90 31 ff
EIP: [<c127a17b>] strlen+0x10/0x1a SS:ESP 0068:f5e5fe80
CR2: 0000000000000000
---[ end trace 01bc47bf519ec1b2 ]---
New tracepoints have been added that have allowed for NULL pointers
being assigned to strings. To fix this, change the TRACE_EVENT() code
to check for NULL and if it is, it will assign "(null)" to it instead
(similar to what glibc printf does).
Reported-by: Shuah Khan <shua...@samsung.com>
Reported-by: Jovi Zhangwei <jovi.z...@gmail.com>
Link: http://lkml.kernel.org/r/CAGdX0WFeEuy+DtpsJzyzn034...@mail.gmail.com
Link: http://lkml.kernel.org/r/528D6972...@samsung.com
Fixes: 9cbf117662e2 ("tracing/events: provide string with undefined size support")
Signed-off-by: Steven Rostedt <ros...@goodmis.org>
include/trace/ftrace.h | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--- a/include/trace/ftrace.h
+++ b/include/trace/ftrace.h
@@ -379,7 +379,8 @@ ftrace_define_fields_##call(struct ftrac
__data_size += (len) * sizeof(type);
#undef __string
-#define __string(item, src) __dynamic_array(char, item, strlen(src) + 1)
+#define __string(item, src) __dynamic_array(char, item, \
+ strlen((src) ? (const char *)(src) : "(null)") + 1)
#undef DECLARE_EVENT_CLASS
#define DECLARE_EVENT_CLASS(call, proto, args, tstruct, assign, print) \
@@ -504,7 +505,7 @@ static inline notrace int ftrace_get_off
#undef __assign_str
#define __assign_str(dst, src) \
- strcpy(__get_str(dst), src);
+ strcpy(__get_str(dst), (src) ? (const char *)(src) : "(null)");
#undef TP_fast_assign
#define TP_fast_assign(args...) args
Greg Kroah-Hartman
Dec 2, 2013, 4:30:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Michael Neuling <mi...@neuling.org>
------------------
commit ec67ad82814bee92251fd963bf01c7a173856555 upstream.
In a recent patch:
commit c13f20ac48328b05cd3b8c19e31ed6c132b44b42
Author: Michael Neuling <mi...@neuling.org>
powerpc/signals: Mark VSX not saved with small contexts
We fixed an issue but an improved solution was later discussed after the patch
was merged.
Firstly, this patch doesn't handle the 64bit signals case, which could also hit
this issue (but has never been reported).
Secondly, the original patch isn't clear what MSR VSX should be set to. The
new approach below always clears the MSR VSX bit (to indicate no VSX is in the
context) and sets it only in the specific case where VSX is available (ie. when
VSX has been used and the signal context passed has space to provide the
state).
This reverts the original patch and replaces it with the improved solution. It
also adds a 64 bit version.
Signed-off-by: Michael Neuling <mi...@neuling.org>
Signed-off-by: Benjamin Herrenschmidt <be...@kernel.crashing.org>
arch/powerpc/kernel/signal_32.c | 16 +++++++---------
arch/powerpc/kernel/signal_64.c | 6 ++++++
2 files changed, 13 insertions(+), 9 deletions(-)
--- a/arch/powerpc/kernel/signal_32.c
+++ b/arch/powerpc/kernel/signal_32.c
@@ -447,6 +447,12 @@ static int save_user_regs(struct pt_regs
#endif /* CONFIG_ALTIVEC */
if (copy_fpr_to_user(&frame->mc_fregs, current))
return 1;
+
+ /*
+ * Clear the MSR VSX bit to indicate there is no valid state attached
+ * to this context, except in the specific case below where we set it.
+ */
+ msr &= ~MSR_VSX;
#ifdef CONFIG_VSX
/*
* Copy VSR 0-31 upper half from thread_struct to local
@@ -459,15 +465,7 @@ static int save_user_regs(struct pt_regs
if (copy_vsx_to_user(&frame->mc_vsregs, current))
return 1;
msr |= MSR_VSX;
- } else if (!ctx_has_vsx_region)
- /*
- * With a small context structure we can't hold the VSX
- * registers, hence clear the MSR value to indicate the state
- * was not saved.
- */
- msr &= ~MSR_VSX;
-
-
+ }
#endif /* CONFIG_VSX */
#ifdef CONFIG_SPE
/* save spe registers */
--- a/arch/powerpc/kernel/signal_64.c
+++ b/arch/powerpc/kernel/signal_64.c
@@ -117,6 +117,12 @@ static long setup_sigcontext(struct sigc
flush_fp_to_thread(current);
/* copy fpr regs and fpscr */
err |= copy_fpr_to_user(&sc->fp_regs, current);
+
+ /*
+ * Clear the MSR VSX bit to indicate there is no valid state attached
+ * to this context, except in the specific case below where we set it.
+ */
+ msr &= ~MSR_VSX;
#ifdef CONFIG_VSX
/*
* Copy VSX low doubleword to local buffer for formatting,
Greg Kroah-Hartman
Dec 2, 2013, 4:30:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Ursula Braun <ursula...@de.ibm.com>
------------------
commit 6fb392b1a63ae36c31f62bc3fc8630b49d602b62 upstream.
Check user-defined length in snmp ioctl request and allow request
only if it fits into a qeth command buffer.
Signed-off-by: Ursula Braun <ursula...@de.ibm.com>
Signed-off-by: Frank Blaschka <frank.b...@de.ibm.com>
Reviewed-by: Heiko Carstens <heic...@linux.vnet.ibm.com>
Reported-by: Nico Golde <ni...@ngolde.de>
Reported-by: Fabian Yamaguchi <fa...@goesec.de>
Signed-off-by: David S. Miller <da...@davemloft.net>
drivers/s390/net/qeth_core_main.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
--- a/drivers/s390/net/qeth_core_main.c
+++ b/drivers/s390/net/qeth_core_main.c
@@ -4357,7 +4357,7 @@ int qeth_snmp_command(struct qeth_card *
struct qeth_cmd_buffer *iob;
struct qeth_ipa_cmd *cmd;
struct qeth_snmp_ureq *ureq;
- int req_len;
+ unsigned int req_len;
struct qeth_arp_query_info qinfo = {0, };
int rc = 0;
@@ -4373,6 +4373,10 @@ int qeth_snmp_command(struct qeth_card *
/* skip 4 bytes (data_len struct member) to get req_len */
if (copy_from_user(&req_len, udata + sizeof(int), sizeof(int)))
return -EFAULT;
+ if (req_len > (QETH_BUFSIZE - IPA_PDU_HEADER_SIZE -
+ sizeof(struct qeth_ipacmd_hdr) -
+ sizeof(struct qeth_ipacmd_setadpparms_hdr)))
+ return -EINVAL;
ureq = memdup_user(udata, req_len + sizeof(struct qeth_snmp_ureq_hdr));
if (IS_ERR(ureq)) {
QETH_CARD_TEXT(card, 2, "snmpnome");
Greg Kroah-Hartman
Dec 2, 2013, 4:30:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Aaron Lu <aaro...@intel.com>
------------------
commit fd432b9f8c7c88428a4635b9f5a9c6e174df6e36 upstream.
When system has a lot of highmem (e.g. 16GiB using a 32 bits kernel),
the code to calculate how much memory we need to preallocate in
normal zone may cause overflow. As Leon has analysed:
It looks that during computing 'alloc' variable there is overflow:
alloc = (3943404 - 1970542) - 1978280 = -5418 (signed)
And this function goes to err_out.
Fix this by avoiding that overflow.
References: https://bugzilla.kernel.org/show_bug.cgi?id=60817
Reported-and-tested-by: Leon Drugi <ey...@wp.pl>
Signed-off-by: Aaron Lu <aaro...@intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j...@intel.com>
kernel/power/snapshot.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
--- a/kernel/power/snapshot.c
+++ b/kernel/power/snapshot.c
@@ -1398,7 +1398,11 @@ int hibernate_preallocate_memory(void)
* highmem and non-highmem zones separately.
*/
pages_highmem = preallocate_image_highmem(highmem / 2);
- alloc = (count - max_size) - pages_highmem;
+ alloc = count - max_size;
+ if (alloc > pages_highmem)
+ alloc -= pages_highmem;
+ else
+ alloc = 0;
pages = preallocate_image_memory(alloc, avail_normal);
if (pages < alloc) {
/* We have exhausted non-highmem pages, try highmem. */
Greg Kroah-Hartman
Dec 2, 2013, 4:30:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Jerome Glisse <jgl...@redhat.com>
------------------
commit 97b6ff6be9da7675aab339334fda996d6c5077d9 upstream.
GPU with low amount of ram can fails at pinning new framebuffer before
unpinning old one. On such failure, retry with unpinning old one before
pinning new one allowing to work around the issue. This is somewhat
ugly but only affect those old GPU we care about.
Signed-off-by: Jerome Glisse <jgl...@redhat.com>
Signed-off-by: Alex Deucher <alexande...@amd.com>
drivers/gpu/drm/radeon/radeon_legacy_crtc.c | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
--- a/drivers/gpu/drm/radeon/radeon_legacy_crtc.c
+++ b/drivers/gpu/drm/radeon/radeon_legacy_crtc.c
@@ -416,6 +416,7 @@ int radeon_crtc_do_set_base(struct drm_c
/* Pin framebuffer & get tilling informations */
obj = radeon_fb->obj;
rbo = gem_to_radeon_bo(obj);
+retry:
r = radeon_bo_reserve(rbo, false);
if (unlikely(r != 0))
return r;
@@ -424,6 +425,33 @@ int radeon_crtc_do_set_base(struct drm_c
&base);
if (unlikely(r != 0)) {
radeon_bo_unreserve(rbo);
+
+ /* On old GPU like RN50 with little vram pining can fails because
+ * current fb is taking all space needed. So instead of unpining
+ * the old buffer after pining the new one, first unpin old one
+ * and then retry pining new one.
+ *
+ * As only master can set mode only master can pin and it is
+ * unlikely the master client will race with itself especialy
+ * on those old gpu with single crtc.
+ *
+ * We don't shutdown the display controller because new buffer
+ * will end up in same spot.
+ */
+ if (!atomic && fb && fb != crtc->fb) {
+ struct radeon_bo *old_rbo;
+ unsigned long nsize, osize;
+
+ old_rbo = gem_to_radeon_bo(to_radeon_framebuffer(fb)->obj);
+ osize = radeon_bo_size(old_rbo);
+ nsize = radeon_bo_size(rbo);
+ if (nsize <= osize && !radeon_bo_reserve(old_rbo, false)) {
+ radeon_bo_unpin(old_rbo);
+ radeon_bo_unreserve(old_rbo);
+ fb = NULL;
+ goto retry;
+ }
+ }
return -EINVAL;
}
radeon_bo_get_tiling_flags(rbo, &tiling_flags, NULL);
Greg Kroah-Hartman
Dec 2, 2013, 4:30:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Marcelo Tosatti <mtos...@redhat.com>
------------------
commit 12d6e7538e2d418c08f082b1b44ffa5fb7270ed8 upstream.
PPC must flush all translations before the new memory slot
is visible.
Signed-off-by: Marcelo Tosatti <mtos...@redhat.com>
Signed-off-by: Avi Kivity <a...@redhat.com>
Cc: Luis Henriques <luis.he...@canonical.com>
virt/kvm/kvm_main.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -774,7 +774,7 @@ int __kvm_set_memory_region(struct kvm *
/* destroy any largepage mappings for dirty tracking */
}
- if (!npages) {
+ if (!npages || base_gfn != old.base_gfn) {
struct kvm_memory_slot *slot;
r = -ENOMEM;
@@ -790,8 +790,8 @@ int __kvm_set_memory_region(struct kvm *
old_memslots = kvm->memslots;
rcu_assign_pointer(kvm->memslots, slots);
synchronize_srcu_expedited(&kvm->srcu);
- /* From this point no new shadow pages pointing to a deleted
rcu_assign_pointer(kvm->memslots, slots);
synchronize_srcu_expedited(&kvm->srcu);
- * memslot will be created.
+ /* From this point no new shadow pages pointing to a deleted,
+ * or moved, memslot will be created.
*
* validation of sp->gfn happens in:
* - gfn_to_hva (kvm_read_guest, gfn_to_pfn)
Greg Kroah-Hartman
Dec 2, 2013, 4:30:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Stanislaw Gruszka <stf...@wp.pl>
------------------
commit 2bf127a5cc372b9319afcbae10b090663b621c8b upstream.
RSSI value is provided on word3 not on word2.
Signed-off-by: Stanislaw Gruszka <stf...@wp.pl>
Signed-off-by: John W. Linville <linv...@tuxdriver.com>
drivers/net/wireless/rt2x00/rt2400pci.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/net/wireless/rt2x00/rt2400pci.c
+++ b/drivers/net/wireless/rt2x00/rt2400pci.c
@@ -1253,7 +1253,7 @@ static void rt2400pci_fill_rxdone(struct
*/
rxdesc->timestamp = ((u64)rx_high << 32) | rx_low;
rxdesc->signal = rt2x00_get_field32(word2, RXD_W2_SIGNAL) & ~0x08;
- rxdesc->rssi = rt2x00_get_field32(word2, RXD_W3_RSSI) -
+ rxdesc->rssi = rt2x00_get_field32(word3, RXD_W3_RSSI) -
entry->queue->rt2x00dev->rssi_offset;
rxdesc->size = rt2x00_get_field32(word0, RXD_W0_DATABYTE_COUNT);
Greg Kroah-Hartman
Dec 2, 2013, 4:30:04 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Andreas Bießmann <and...@biessmann.de>
------------------
commit d617b338bbfdd77e9cbd8e7dc949cee3dd73d575 upstream.
This patch fixes following error (for big kernels):
---8<---
arch/avr32/boot/u-boot/head.o: In function `no_tag_table':
(.init.text+0x44): relocation truncated to fit: R_AVR32_22H_PCREL against symbol `panic' defined in .text.unlikely section in kernel/built-in.o
arch/avr32/kernel/built-in.o: In function `bad_return':
(.ex.text+0x236): relocation truncated to fit: R_AVR32_22H_PCREL against symbol `panic' defined in .text.unlikely section in kernel/built-in.o
--->8---
It comes up when the kernel increases and 'panic()' is too far away to fit in
the +/- 2MiB range. Which in turn issues from the 21-bit displacement in
'br{cond4}' mnemonic which is one of the two ways to do jumps (rjmp has just
10-bit displacement and therefore a way smaller range). This fact was stated
before in 8d29b7b9f81d6b83d869ff054e6c189d6da73f1f.
One solution to solve this is to add a local storage for the symbol address
and just load the $pc with that value.
Signed-off-by: Andreas Bießmann <and...@biessmann.de>
Acked-by: Hans-Christian Egtvedt <egt...@samfundet.no>
Cc: Haavard Skinnemoen <hskin...@gmail.com>
arch/avr32/kernel/entry-avr32b.S | 3 ++-
2 files changed, 6 insertions(+), 2 deletions(-)
--- a/arch/avr32/boot/u-boot/head.S
+++ b/arch/avr32/boot/u-boot/head.S
@@ -73,8 +73,11 @@ init_sr:
.long 0x007f0000 /* Supervisor mode, everything masked */
stack_addr:
.long init_thread_union
+panic_addr:
+ .long panic
no_tag_table:
sub r12, pc, (. - 2f)
+ /* branch to panic() which can be far away with that construct */
+ lddpc pc, panic_addr
2: .asciz "Boot loader didn't provide correct magic number\n"
--- a/arch/avr32/kernel/entry-avr32b.S
+++ b/arch/avr32/kernel/entry-avr32b.S
@@ -399,9 +399,10 @@ handle_critical:
/* We should never get here... */
bad_return:
sub r12, pc, (. - 1f)
- bral panic
+ lddpc pc, 2f
.align 2
1: .asciz "Return from critical exception!"
+2: .long panic
.align 1
do_bus_error_write:
Greg Kroah-Hartman
Dec 2, 2013, 4:30:04 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Mikulas Patocka <mpat...@redhat.com>
------------------
commit 3ec981e30fae1f3c8728a05c730acaa1f627bcfb upstream.
loop: fix crash if blk_alloc_queue fails
If blk_alloc_queue fails, loop_add cleans up, but it doesn't clean up the
identifier allocated with idr_alloc. That causes crash on module unload in
idr_for_each(&loop_index_idr, &loop_exit_cb, NULL); where we attempt to
remove non-existed device with that id.
BUG: unable to handle kernel NULL pointer dereference at 0000000000000380
IP: [<ffffffff812057c9>] del_gendisk+0x19/0x2d0
PGD 43d399067 PUD 43d0ad067 PMD 0
Oops: 0000 [#1] PREEMPT SMP
Modules linked in: loop(-) dm_snapshot dm_zero dm_mirror dm_region_hash dm_log dm_loop dm_mod ip6table_filter ip6_tables uvesafb cfbcopyarea cfbimgblt cfbfillrect fbcon font bitblit fbcon_rotate fbcon_cw fbcon_ud fbcon_ccw softcursor fb fbdev msr ipt_MASQUERADE iptable_nat nf_nat_ipv4 nf_conntrack_ipv4 nf_defrag_ipv4 xt_state ipt_REJECT xt_tcpudp iptable_filter ip_tables x_tables bridge stp llc tun ipv6 cpufreq_userspace cpufreq_stats cpufreq_ondemand cpufreq_conservative cpufreq_powersave spadfs fuse hid_generic usbhid hid raid0 md_mod dmi_sysfs nf_nat_ftp nf_nat nf_conntrack_ftp nf_conntrack snd_usb_audio snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd_page_alloc lm85 hwmon_vid snd_hwdep snd_usbmidi_lib snd_rawmidi snd soundcore acpi_cpufreq ohci_hcd freq_table tg3 ehci_pci mperf ehci_hcd kvm_amd kvm sata_svw serverworks libphy libata ide_core k10temp usbcore hwmon microcode ptp pcspkr pps_core e100 skge mii usb_common i2c_piix4 floppy evdev rtc_cmos i2c_core processor but!
ton unix
CPU: 7 PID: 2735 Comm: rmmod Tainted: G W 3.10.15-devel #15
Hardware name: empty empty/S3992-E, BIOS 'V1.06 ' 06/09/2009
task: ffff88043d38e780 ti: ffff88043d21e000 task.ti: ffff88043d21e000
RIP: 0010:[<ffffffff812057c9>] [<ffffffff812057c9>] del_gendisk+0x19/0x2d0
RSP: 0018:ffff88043d21fe10 EFLAGS: 00010282
RAX: ffffffffa05102e0 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff88043ea82800 RDI: 0000000000000000
RBP: ffff88043d21fe48 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000001 R11: 0000000000000000 R12: 00000000000000ff
R13: 0000000000000080 R14: 0000000000000000 R15: ffff88043ea82800
FS: 00007ff646534700(0000) GS:ffff880447000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000380 CR3: 000000043e9bf000 CR4: 00000000000007e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Stack:
ffffffff8100aba4 0000000000000092 ffff88043d21fe48 ffff88043ea82800
00000000000000ff ffff88043d21fe98 0000000000000000 ffff88043d21fe60
ffffffffa05102b4 0000000000000000 ffff88043d21fe70 ffffffffa05102ec
Call Trace:
[<ffffffff8100aba4>] ? native_sched_clock+0x24/0x80
[<ffffffffa05102b4>] loop_remove+0x14/0x40 [loop]
[<ffffffffa05102ec>] loop_exit_cb+0xc/0x10 [loop]
[<ffffffff81217b74>] idr_for_each+0x104/0x190
[<ffffffffa05102e0>] ? loop_remove+0x40/0x40 [loop]
[<ffffffff8109adc5>] ? trace_hardirqs_on_caller+0x105/0x1d0
[<ffffffffa05135dc>] loop_exit+0x34/0xa58 [loop]
[<ffffffff810a98ea>] SyS_delete_module+0x13a/0x260
[<ffffffff81221d5e>] ? trace_hardirqs_on_thunk+0x3a/0x3f
[<ffffffff813cff16>] system_call_fastpath+0x1a/0x1f
Code: f0 4c 8b 6d f8 c9 c3 66 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 56 41 55 4c 8d af 80 00 00 00 41 54 53 48 89 fb 48 83 ec 18 <48> 83 bf 80 03 00
00 00 74 4d e8 98 fe ff ff 31 f6 48 c7 c7 20
RIP [<ffffffff812057c9>] del_gendisk+0x19/0x2d0
RSP <ffff88043d21fe10>
CR2: 0000000000000380
---[ end trace 64ec069ec70f1309 ]---
Signed-off-by: Mikulas Patocka <mpat...@redhat.com>
Acked-by: Tejun Heo <t...@kernel.org>
Signed-off-by: Jens Axboe <ax...@kernel.dk>
drivers/block/loop.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- a/drivers/block/loop.c
+++ b/drivers/block/loop.c
@@ -1636,7 +1636,7 @@ static int loop_add(struct loop_device *
lo->lo_queue = blk_alloc_queue(GFP_KERNEL);
if (!lo->lo_queue)
- goto out_free_dev;
+ goto out_free_idr;
disk = lo->lo_disk = alloc_disk(1 << part_shift);
if (!disk)
@@ -1680,6 +1680,8 @@ static int loop_add(struct loop_device *
out_free_queue:
blk_cleanup_queue(lo->lo_queue);
+out_free_idr:
+ idr_remove(&loop_index_idr, i);
out_free_dev:
kfree(lo);
out:
Greg Kroah-Hartman
Dec 2, 2013, 4:30:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Paul Moore <pmo...@redhat.com>
------------------
commit 42d64e1add3a1ce8a787116036163b8724362145 upstream.
The SELinux/NetLabel glue code has a locking bug that affects systems
with NetLabel enabled, see the kernel error message below. This patch
corrects this problem by converting the bottom half socket lock to a
more conventional, and correct for this call-path, lock_sock() call.
===============================
[ INFO: suspicious RCU usage. ]
3.11.0-rc3+ #19 Not tainted
-------------------------------
net/ipv4/cipso_ipv4.c:1928 suspicious rcu_dereference_protected() usage!
other info that might help us debug this:
rcu_scheduler_active = 1, debug_locks = 0
2 locks held by ping/731:
#0: (slock-AF_INET/1){+.-...}, at: [...] selinux_netlbl_socket_connect
#1: (rcu_read_lock){.+.+..}, at: [<...>] netlbl_conn_setattr
stack backtrace:
CPU: 1 PID: 731 Comm: ping Not tainted 3.11.0-rc3+ #19
Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
0000000000000001 ffff88006f659d28 ffffffff81726b6a ffff88003732c500
ffff88006f659d58 ffffffff810e4457 ffff88006b845a00 0000000000000000
000000000000000c ffff880075aa2f50 ffff88006f659d90 ffffffff8169bec7
Call Trace:
[<ffffffff81726b6a>] dump_stack+0x54/0x74
[<ffffffff810e4457>] lockdep_rcu_suspicious+0xe7/0x120
[<ffffffff8169bec7>] cipso_v4_sock_setattr+0x187/0x1a0
[<ffffffff8170f317>] netlbl_conn_setattr+0x187/0x190
[<ffffffff8170f195>] ? netlbl_conn_setattr+0x5/0x190
[<ffffffff8131ac9e>] selinux_netlbl_socket_connect+0xae/0xc0
[<ffffffff81303025>] selinux_socket_connect+0x135/0x170
[<ffffffff8119d127>] ? might_fault+0x57/0xb0
[<ffffffff812fb146>] security_socket_connect+0x16/0x20
[<ffffffff815d3ad3>] SYSC_connect+0x73/0x130
[<ffffffff81739a85>] ? sysret_check+0x22/0x5d
[<ffffffff810e5e2d>] ? trace_hardirqs_on_caller+0xfd/0x1c0
[<ffffffff81373d4e>] ? trace_hardirqs_on_thunk+0x3a/0x3f
[<ffffffff815d52be>] SyS_connect+0xe/0x10
[<ffffffff81739a59>] system_call_fastpath+0x16/0x1b
Signed-off-by: Paul Moore <pmo...@redhat.com>
security/selinux/netlabel.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
--- a/security/selinux/netlabel.c
+++ b/security/selinux/netlabel.c
@@ -442,8 +442,7 @@ int selinux_netlbl_socket_connect(struct
sksec->nlbl_state != NLBL_CONNLABELED)
return 0;
- local_bh_disable();
- bh_lock_sock_nested(sk);
+ lock_sock(sk);
/* connected sockets are allowed to disconnect when the address family
* is set to AF_UNSPEC, if that is what is happening we want to reset
@@ -464,7 +463,6 @@ int selinux_netlbl_socket_connect(struct
sksec->nlbl_state = NLBL_CONNLABELED;
socket_connect_return:
- bh_unlock_sock(sk);
- local_bh_enable();
+ release_sock(sk);
return rc;
Greg Kroah-Hartman
Dec 2, 2013, 4:30:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Jakob Bornecrantz <ja...@vmware.com>
------------------
commit 9a0599ddeae012a771bba5e23393fc52d8a59d89 upstream.
Fix the case where the ttm pointer may be NULL causing
a NULL pointer dereference.
Signed-off-by: Jakob Bornecrantz <ja...@vmware.com>
Signed-off-by: Thomas Hellström <thell...@vmware.com>
drivers/gpu/drm/ttm/ttm_bo_util.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- a/drivers/gpu/drm/ttm/ttm_bo_util.c
+++ b/drivers/gpu/drm/ttm/ttm_bo_util.c
@@ -342,7 +342,9 @@ int ttm_bo_move_memcpy(struct ttm_buffer
if (old_iomap == NULL && ttm == NULL)
goto out2;
- if (ttm->state == tt_unpopulated) {
+ /* TTM might be null for moves within the same region.
+ */
+ if (ttm && ttm->state == tt_unpopulated) {
ret = ttm->bdev->driver->ttm_tt_populate(ttm);
if (ret)
goto out1;
Greg Kroah-Hartman
Dec 2, 2013, 4:30:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Dan Williams <dc...@redhat.com>
------------------
commit 8e3ffa471091c560deb6738ed9ab7445b7a5fd04 upstream.
Userspace uses the netdev devtype for stuff like device naming and type
detection. Be nice and set it. Remove the pointless #if/#endif around
SET_NETDEV_DEV too.
Signed-off-by: Dan Williams <dc...@redhat.com>
Signed-off-by: John W. Linville <linv...@tuxdriver.com>
drivers/net/wireless/prism54/islpci_dev.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
--- a/drivers/net/wireless/prism54/islpci_dev.c
+++ b/drivers/net/wireless/prism54/islpci_dev.c
@@ -811,6 +811,10 @@ static const struct net_device_ops islpc
.ndo_validate_addr = eth_validate_addr,
};
+static struct device_type wlan_type = {
+ .name = "wlan",
+};
+
struct net_device *
islpci_setup(struct pci_dev *pdev)
{
@@ -821,9 +825,8 @@ islpci_setup(struct pci_dev *pdev)
return ndev;
pci_set_drvdata(pdev, ndev);
-#if defined(SET_NETDEV_DEV)
SET_NETDEV_DEV(ndev, &pdev->dev);
-#endif
+ SET_NETDEV_DEVTYPE(ndev, &wlan_type);
/* setup the structure members */
ndev->base_addr = pci_resource_start(pdev, 0);
Greg Kroah-Hartman
Dec 2, 2013, 4:30:06 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: NeilBrown <ne...@suse.de>
------------------
commit 02e5f5c0a0f726e66e3d8506ea1691e344277969 upstream.
The various ->run routines of md personalities assume that the 'queue'
has been initialised by the blk_set_stacking_limits() call in
md_alloc().
However when the level is changed (by level_store()) the ->run routine
for the new level is called for an array which has already had the
stacking limits modified. This can result in incorrect final
settings.
So call blk_set_stacking_limits() before ->run in level_store().
A specific consequence of this bug is that it causes
discard_granularity to be set incorrectly when reshaping a RAID4 to a
RAID0.
This is suitable for any -stable kernel since 3.3 in which
blk_set_stacking_limits() was introduced.
Reported-and-tested-by: "Baldysiak, Pawel" <pawel.b...@intel.com>
Signed-off-by: NeilBrown <ne...@suse.de>
drivers/md/md.c | 1 +
1 file changed, 1 insertion(+)
--- a/drivers/md/md.c
+++ b/drivers/md/md.c
@@ -3507,6 +3507,7 @@ level_store(struct mddev *mddev, const c
mddev->in_sync = 1;
del_timer_sync(&mddev->safemode_timer);
}
+ blk_set_stacking_limits(&mddev->queue->limits);
pers->run(mddev);
mddev_resume(mddev);
set_bit(MD_CHANGE_DEVS, &mddev->flags);
Greg Kroah-Hartman
Dec 2, 2013, 4:30:06 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Mathias Krause <min...@googlemail.com>
------------------
commit 4d8fe7376a12bf4524783dd95cbc00f1fece6232 upstream.
Using the nlmsg_len member of the netlink header to test if the message
is valid is wrong as it includes the size of the netlink header itself.
Thereby allowing to send short netlink messages that pass those checks.
Use nlmsg_len() instead to test for the right message length. The result
of nlmsg_len() is guaranteed to be non-negative as the netlink message
already passed the checks of nlmsg_ok().
Also switch to min_t() to please checkpatch.pl.
Signed-off-by: Mathias Krause <min...@googlemail.com>
kernel/audit.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -695,7 +695,7 @@ static int audit_receive_msg(struct sk_b
&status_set, sizeof(status_set));
break;
case AUDIT_SET:
- if (nlh->nlmsg_len < sizeof(struct audit_status))
+ if (nlmsg_len(nlh) < sizeof(struct audit_status))
return -EINVAL;
status_get = (struct audit_status *)data;
if (status_get->mask & AUDIT_STATUS_ENABLED) {
Greg Kroah-Hartman
Dec 2, 2013, 4:40:01 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Larry Finger <Larry....@lwfinger.net>
------------------
commit 3545f3d5f4af715c914394123ce7725a9cf0a1c4 upstream.
The routine that processes received frames was returning the RSSI value for the
signal strength; however, that value is available only for associated APs. As
a result, the strength was the absurd value of 10 dBm. As a result, scans
return incorrect values for the strength, which causes unwanted attempts to roam.
Signed-off-by: Larry Finger <Larry....@lwfinger.net>
Signed-off-by: John W. Linville <linv...@tuxdriver.com>
drivers/net/wireless/rtlwifi/rtl8192de/trx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/net/wireless/rtlwifi/rtl8192de/trx.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192de/trx.c
@@ -529,7 +529,7 @@ bool rtl92de_rx_query_desc(struct ieee80
p_drvinfo);
}
/*rx_status->qual = stats->signal; */
- rx_status->signal = stats->rssi + 10;
+ rx_status->signal = stats->recvsignalpower + 10;
/*rx_status->noise = -stats->noise; */
return true;
Greg Kroah-Hartman
Dec 2, 2013, 4:40:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Gwendal Grignou <gwe...@google.com>
------------------
commit 3e85c3ecbc520751324a191d23bb94873ed01b10 upstream.
6.0 Gbps link speed was not decoded properly:
speed was reported at 3.0 Gbps only.
Tested: On a machine where libata reports 6.0 Gbps in
/var/log/messages:
ata1: SATA link up 6.0 Gbps (SStatus 133 SControl 300)
Before:
cat /sys/class/ata_link/link1/sata_spd
3.0 Gbps
After:
cat /sys/class/ata_link/link1/sata_spd
6.0 Gbps
Signed-off-by: Gwendal Grignou <gwe...@google.com>
Signed-off-by: Tejun Heo <t...@kernel.org>
drivers/ata/libata-transport.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
--- a/drivers/ata/libata-transport.c
+++ b/drivers/ata/libata-transport.c
@@ -319,25 +319,25 @@ int ata_tport_add(struct device *parent,
/*
* ATA link attributes
*/
+static int noop(int x) { return x; }
-
-#define ata_link_show_linkspeed(field) \
+#define ata_link_show_linkspeed(field, format) \
static ssize_t \
show_ata_link_##field(struct device *dev, \
struct device_attribute *attr, char *buf) \
{ \
struct ata_link *link = transport_class_to_link(dev); \
\
- return sprintf(buf,"%s\n", sata_spd_string(fls(link->field))); \
+ return sprintf(buf, "%s\n", sata_spd_string(format(link->field))); \
}
-#define ata_link_linkspeed_attr(field) \
- ata_link_show_linkspeed(field) \
+#define ata_link_linkspeed_attr(field, format) \
+ ata_link_show_linkspeed(field, format) \
static DEVICE_ATTR(field, S_IRUGO, show_ata_link_##field, NULL)
-ata_link_linkspeed_attr(hw_sata_spd_limit);
-ata_link_linkspeed_attr(sata_spd_limit);
-ata_link_linkspeed_attr(sata_spd);
+ata_link_linkspeed_attr(hw_sata_spd_limit, fls);
+ata_link_linkspeed_attr(sata_spd_limit, fls);
+ata_link_linkspeed_attr(sata_spd, noop);
static DECLARE_TRANSPORT_CLASS(ata_link_class,
Greg Kroah-Hartman
Dec 2, 2013, 4:40:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Eric Seppanen <er...@purestorage.com>
------------------
commit 369653e4fb511928511b0ce81f41c812ff1f28b6 upstream.
extract_param() is called with max_length set to the total size of the
output buffer. It's not safe to allow a parameter length equal to the
buffer size as the terminating null would be written one byte past the
end of the output buffer.
Signed-off-by: Eric Seppanen <er...@purestorage.com>
Signed-off-by: Nicholas Bellinger <n...@linux-iscsi.org>
drivers/target/iscsi/iscsi_target_nego.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/target/iscsi/iscsi_target_nego.c
+++ b/drivers/target/iscsi/iscsi_target_nego.c
@@ -89,7 +89,7 @@ int extract_param(
if (len < 0)
return -1;
- if (len > max_length) {
+ if (len >= max_length) {
pr_err("Length of input: %d exceeds max_length:"
" %d\n", len, max_length);
return -1;
Greg Kroah-Hartman
Dec 2, 2013, 4:40:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Eric Seppanen <er...@purestorage.com>
commit 86784c6bdeeef78eed94d298be7a8879f6a97ee2 upstream.
------------------
From: Eric Seppanen <er...@purestorage.com>
In iSCSI negotiations with initiator CHAP enabled, usernames with
trailing garbage are permitted, because the string comparison only
checks the strlen of the configured username.
e.g. "usernameXXXXX" will be permitted to match "username".
Just check one more byte so the trailing null char is also matched.
Signed-off-by: Eric Seppanen <er...@purestorage.com>
Signed-off-by: Nicholas Bellinger <n...@linux-iscsi.org>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
1 file changed, 4 insertions(+), 1 deletion(-)
--- a/drivers/target/iscsi/iscsi_target_auth.c
+++ b/drivers/target/iscsi/iscsi_target_auth.c
@@ -174,6 +174,7 @@ static int chap_server_compute_md5(
unsigned char client_digest[MD5_SIGNATURE_SIZE];
unsigned char server_digest[MD5_SIGNATURE_SIZE];
unsigned char chap_n[MAX_CHAP_N_SIZE], chap_r[MAX_RESPONSE_LENGTH];
+ size_t compare_len;
struct iscsi_chap *chap = conn->auth_protocol;
struct crypto_hash *tfm;
struct hash_desc desc;
@@ -212,7 +213,9 @@ static int chap_server_compute_md5(
goto out;
}
- if (memcmp(chap_n, auth->userid, strlen(auth->userid)) != 0) {
+ /* Include the terminating NULL in the compare */
+ compare_len = strlen(auth->userid) + 1;
+ if (strncmp(chap_n, auth->userid, compare_len) != 0) {
pr_err("CHAP_N values do not match!\n");
goto out;
Greg Kroah-Hartman
Dec 2, 2013, 4:40:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Felipe Pena <feli...@gmail.com>
------------------
commit 3aef7dde8dcf09e0124f0a2665845a507331972b upstream.
There is a typo in the struct member name on assignment when checking
rtlphy->current_chan_bw == HT_CHANNEL_WIDTH_20_40, the check uses pwrgroup_ht40
for bound limit and uses pwrgroup_ht20 when assigning instead.
Signed-off-by: Felipe Pena <feli...@gmail.com>
Acked-by: Larry Finger <Larry....@lwfinger.net>
Signed-off-by: John W. Linville <linv...@tuxdriver.com>
drivers/net/wireless/rtlwifi/rtl8192se/rf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/net/wireless/rtlwifi/rtl8192se/rf.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192se/rf.c
@@ -268,7 +268,7 @@ static void _rtl92s_get_txpower_writeval
rtlefuse->pwrgroup_ht40
[RF90_PATH_A][chnl - 1]) {
pwrdiff_limit[i] =
- rtlefuse->pwrgroup_ht20
+ rtlefuse->pwrgroup_ht40
[RF90_PATH_A][chnl - 1];
}
} else {
Greg Kroah-Hartman
Dec 2, 2013, 4:40:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Theodore Ts'o <ty...@mit.edu>
------------------
commit dcb9917ba041866686fe152850364826c4622a36 upstream.
Reported-by: Dave Jones <da...@redhat.com>
Signed-off-by: "Theodore Ts'o" <ty...@mit.edu>
fs/ext4/xattr.c | 1 +
1 file changed, 1 insertion(+)
--- a/fs/ext4/xattr.c
+++ b/fs/ext4/xattr.c
@@ -1270,6 +1270,7 @@ retry:
new_extra_isize = s_min_extra_isize;
kfree(is); is = NULL;
kfree(bs); bs = NULL;
+ brelse(bh);
goto retry;
}
error = -1;
Greg Kroah-Hartman
Dec 2, 2013, 4:40:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Marc Kleine-Budde <m...@pengutronix.de>
------------------
commit 0d1862ea1a5bb876cf05555a7307080cb75bf379 upstream.
In the flexcan_chip_start() function first the flexcan core is going through
the soft reset sequence, then the RX FIFO is enabled.
With the hardware is put into FIFO mode, message buffers 1...7 are reserved by
the FIFO engine. The remaining message buffers are in reset default values.
This patch removes the bogus initialization of the message buffers, as it
causes an imprecise external abort on imx6.
Reported-by: Lothar Waßmann <L...@KARO-electronics.de>
Tested-by: Lothar Waßmann <L...@KARO-electronics.de>
[mkl: adjusted context for stable]
Signed-off-by: Marc Kleine-Budde <m...@pengutronix.de>
drivers/net/can/flexcan.c | 12 ------------
1 file changed, 12 deletions(-)
--- a/drivers/net/can/flexcan.c
+++ b/drivers/net/can/flexcan.c
@@ -667,7 +667,6 @@ static int flexcan_chip_start(struct net
{
struct flexcan_priv *priv = netdev_priv(dev);
struct flexcan_regs __iomem *regs = priv->base;
- unsigned int i;
int err;
u32 reg_mcr, reg_ctrl;
@@ -735,17 +734,6 @@ static int flexcan_chip_start(struct net
netdev_dbg(dev, "%s: writing ctrl=0x%08x", __func__, reg_ctrl);
flexcan_write(reg_ctrl, ®s->ctrl);
- for (i = 0; i < ARRAY_SIZE(regs->cantxfg); i++) {
- flexcan_write(0, ®s->cantxfg[i].can_ctrl);
- flexcan_write(0, ®s->cantxfg[i].can_id);
- flexcan_write(0, ®s->cantxfg[i].data[0]);
- flexcan_write(0, ®s->cantxfg[i].data[1]);
-
- /* put MB into rx queue */
- flexcan_write(FLEXCAN_MB_CNT_CODE(0x4),
- ®s->cantxfg[i].can_ctrl);
- }
-
/* Abort any pending TX, mark Mailbox as INACTIVE */
flexcan_write(FLEXCAN_MB_CNT_CODE(0x4),
®s->cantxfg[FLEXCAN_TX_BUF_ID].can_ctrl);
Greg Kroah-Hartman
Dec 2, 2013, 4:40:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Vegard Nossum <vegard...@oracle.com>
------------------
commit ea5ec76d76da9279d12027c1828544c5ccbe7932 upstream.
If the permission check fails, we drop a reference to the blkif without
having taken it in the first place. The bug was introduced in commit
604c499cbbcc3d5fe5fb8d53306aa0fae1990109 (xen/blkback: Check device
permissions before allowing OP_DISCARD).
Cc: Jan Beulich <JBeu...@suse.com>
Cc: Konrad Rzeszutek Wilk <konra...@oracle.com>
Signed-off-by: Vegard Nossum <vegard...@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konra...@oracle.com>
Signed-off-by: Jens Axboe <ax...@kernel.dk>
drivers/block/xen-blkback/blkback.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/drivers/block/xen-blkback/blkback.c
+++ b/drivers/block/xen-blkback/blkback.c
@@ -401,6 +401,8 @@ static int dispatch_discard_io(struct xe
unsigned long secure;
struct phys_req preq;
+ xen_blkif_get(blkif);
+
preq.sector_number = req->u.discard.sector_number;
preq.nr_sects = req->u.discard.nr_sectors;
@@ -413,7 +415,6 @@ static int dispatch_discard_io(struct xe
}
blkif->st_ds_req++;
- xen_blkif_get(blkif);
secure = (blkif->vbd.discard_secure &&
(req->u.discard.flag & BLKIF_DISCARD_SECURE)) ?
BLKDEV_DISCARD_SECURE : 0;
Greg Kroah-Hartman
Dec 2, 2013, 4:40:02 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Shan Hai <shan...@windriver.com>
------------------
commit 0523f037f65dba10191b0fa9c51266f90ba64630 upstream.
The "Slimtype DVD A DS8A9SH" drive locks up with following backtrace when
the max sector is smaller than 65535 bytes, fix it by adding a quirk to set
the max sector to 65535 bytes.
INFO: task flush-11:0:663 blocked for more than 120 seconds.
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
flush-11:0 D 00000000ffff5ceb 0 663 2 0x00000000
ffff88026d3b1710 0000000000000046 0000000000000001 0000000000000000
ffff88026f2530c0 ffff88026d365860 ffff88026d3b16e0 ffffffff812ffd52
ffff88026d4fd3d0 0000000100000001 ffff88026d3b16f0 ffff88026d3b1fd8
Call Trace:
[<ffffffff812ffd52>] ? cfq_may_queue+0x52/0xf0
[<ffffffff81604338>] schedule+0x18/0x30
[<ffffffff81604392>] io_schedule+0x42/0x60
[<ffffffff812f22bb>] get_request_wait+0xeb/0x1f0
[<ffffffff81065660>] ? autoremove_wake_function+0x0/0x40
[<ffffffff812eb382>] ? elv_merge+0x42/0x210
[<ffffffff812f26ae>] __make_request+0x8e/0x4e0
[<ffffffff812f068e>] generic_make_request+0x21e/0x5e0
[<ffffffff812f0aad>] submit_bio+0x5d/0xd0
[<ffffffff81141422>] submit_bh+0xf2/0x130
[<ffffffff8114474c>] __block_write_full_page+0x1dc/0x3a0
[<ffffffff81143f60>] ? end_buffer_async_write+0x0/0x120
[<ffffffff811474e0>] ? blkdev_get_block+0x0/0x70
[<ffffffff811474e0>] ? blkdev_get_block+0x0/0x70
[<ffffffff81143f60>] ? end_buffer_async_write+0x0/0x120
[<ffffffff811449ee>] block_write_full_page_endio+0xde/0x100
[<ffffffff81144a20>] block_write_full_page+0x10/0x20
[<ffffffff81148703>] blkdev_writepage+0x13/0x20
[<ffffffff810d7525>] __writepage+0x15/0x40
[<ffffffff810d7c0f>] write_cache_pages+0x1cf/0x3e0
[<ffffffff810d7510>] ? __writepage+0x0/0x40
[<ffffffff810d7e42>] generic_writepages+0x22/0x30
[<ffffffff810d7e6f>] do_writepages+0x1f/0x40
[<ffffffff8113ae67>] writeback_single_inode+0xe7/0x3b0
[<ffffffff8113b574>] writeback_sb_inodes+0x184/0x280
[<ffffffff8113bedb>] writeback_inodes_wb+0x6b/0x1a0
[<ffffffff8113c24b>] wb_writeback+0x23b/0x2a0
[<ffffffff8113c42d>] wb_do_writeback+0x17d/0x190
[<ffffffff8113c48b>] bdi_writeback_task+0x4b/0xe0
[<ffffffff810e82a0>] ? bdi_start_fn+0x0/0x100
[<ffffffff810e8321>] bdi_start_fn+0x81/0x100
[<ffffffff810e82a0>] ? bdi_start_fn+0x0/0x100
[<ffffffff8106522e>] kthread+0x8e/0xa0
[<ffffffff81039274>] ? finish_task_switch+0x54/0xc0
[<ffffffff81003334>] kernel_thread_helper+0x4/0x10
[<ffffffff810651a0>] ? kthread+0x0/0xa0
[<ffffffff81003330>] ? kernel_thread_helper+0x0/0x10
The above trace was triggered by
"dd if=/dev/zero of=/dev/sr0 bs=2048 count=32768"
Signed-off-by: Shan Hai <shan...@windriver.com>
Signed-off-by: Tejun Heo <t...@kernel.org>
drivers/ata/libata-core.c | 1 +
1 file changed, 1 insertion(+)
--- a/drivers/ata/libata-core.c
+++ b/drivers/ata/libata-core.c
@@ -4074,6 +4074,7 @@ static const struct ata_blacklist_entry
{ "TORiSAN DVD-ROM DRD-N216", NULL, ATA_HORKAGE_MAX_SEC_128 },
{ "QUANTUM DAT DAT72-000", NULL, ATA_HORKAGE_ATAPI_MOD16_DMA },
{ "Slimtype DVD A DS8A8SH", NULL, ATA_HORKAGE_MAX_SEC_LBA48 },
+ { "Slimtype DVD A DS8A9SH", NULL, ATA_HORKAGE_MAX_SEC_LBA48 },
/* Devices we expect to fail diagnostics */
Greg Kroah-Hartman
Dec 2, 2013, 4:40:03 PM12/2/13
to
This is the start of the stable review cycle for the 3.4.72 release.
There are 60 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Wed Dec 4 19:01:45 UTC 2013.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
kernel.org/pub/linux/kernel/v3.0/stable-review/patch-3.4.72-rc1.gz
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gre...@linuxfoundation.org>
Linux 3.4.72-rc1
Nanno Langstraat <lan...@gmail.com>
HID: apple: option to swap the 'Option' ("Alt") and 'Command' ("Flag") keys.
Stefan Achatz <eraz...@users.sourceforge.net>
HID: roccat: fix Coverity CID 141438
Mauro Carvalho Chehab <m.ch...@samsung.com>
media: lirc_zilog: Don't use dynamic static allocation
ftrace: Fix function graph with loading of modules
Alex Williamson <alex.wi...@redhat.com>
KVM: Fix iommu map/unmap to handle memory slot moves
Marcelo Tosatti <mtos...@redhat.com>
KVM: perform an invalid memslot step for gpa base change
Tom Gundersen <t...@jklm.no>
Input: i8042 - add PNP modaliases
tracing: Allow events to have NULL strings
Kailang Yang <kai...@realtek.com>
ALSA: hda/realtek - Set pcbeep amp for ALC668
Peter Zijlstra <pet...@infradead.org>
cpuset: Fix memory allocator deadlock
Michael Neuling <mi...@neuling.org>
powerpc/signals: Improved mark VSX not saved with small contexts fix
NeilBrown <ne...@suse.de>
md: fix calculation of stacking limits on level change.
Jerome Glisse <jgl...@redhat.com>
radeon: workaround pinning failure on low ram gpu
Alex Deucher <alexande...@amd.com>
drm/radeon/si: fix define for MC_SEQ_TRAIN_WAKEUP_CNTL
Ben Skeggs <bsk...@redhat.com>
drm/nouveau: when bailing out of a pushbuf ioctl, do not remove previous fence
Daniel Vetter <daniel...@ffwll.ch>
drm/i915: flush cursors harder
Jakob Bornecrantz <ja...@vmware.com>
drm/ttm: Handle in-memory region copies
Dan Williams <dc...@redhat.com>
prism54: set netdev type to "wlan"
Andreas Bießmann <and...@biessmann.de>
avr32: fix out-of-range jump in large kernels
Andreas Bießmann <and...@biessmann.de>
avr32: setup crt for early panic()
Paul Moore <pmo...@redhat.com>
selinux: correct locking in selinux_netlbl_socket_connect)
Yinghai Lu <yin...@kernel.org>
PCI: Remove duplicate pci_disable_device() from pcie_portdrv_remove()
Mathias Krause <min...@googlemail.com>
audit: fix info leak in AUDIT_GET requests
Mathias Krause <min...@googlemail.com>
audit: use nlmsg_len() to get message payload length
Tyler Hicks <tyh...@canonical.com>
audit: printk USER_AVC messages when audit isn't enabled
Avinash Patil <pat...@marvell.com>
mwifiex: correct packet length for packets from SDIO interface
Aaron Lu <aaro...@intel.com>
PM / hibernate: Avoid overflow in hibernate_preallocate_memory()
Mikulas Patocka <mpat...@redhat.com>
dm: allocate buffer for messages with small number of arguments using GFP_NOIO
Stanislaw Gruszka <stf...@wp.pl>
rt2400pci: fix RSSI read
Ursula Braun <ursula...@de.ibm.com>
qeth: avoid buffer overflow in snmp ioctl
Larry Finger <Larry....@lwfinger.net>
rtlwifi: rtl8192cu: Fix incorrect signal strength for unassociated AP
Larry Finger <Larry....@lwfinger.net>
rtlwifi: rtl8192se: Fix incorrect signal strength for unassociated AP
Larry Finger <Larry....@lwfinger.net>
rtlwifi: rtl8192de: Fix incorrect signal strength for unassociated AP
Malcolm Priestley <tvbo...@gmail.com>
staging: vt6656: [BUG] Fix for TX USB resets from vendors driver.
Vegard Nossum <vegard...@oracle.com>
xen/blkback: fix reference counting
Theodore Ts'o <ty...@mit.edu>
ext4: avoid bh leak in retry path of ext4_expand_extra_isize_ea()
Huang Shijie <b32...@freescale.com>
mtd: gpmi: fix kernel BUG due to racing DMA operations
Wang Haitao <wang.h...@zte.com.cn>
mtd: map: fixed bug in 64-bit systems
Brian Norris <computer...@gmail.com>
mtd: nand: hack ONFI for non-power-of-2 dimensions
Mikulas Patocka <mpat...@redhat.com>
IB/ipath: Convert ipath_user_sdma_pin_pages() to use get_user_pages_fast()
Eric Seppanen <er...@purestorage.com>
iscsi-target: chap auth shouldn't match username with trailing garbage
Eric Seppanen <er...@purestorage.com>
iscsi-target: fix extract_param to handle buffer length corner case
Samir Benmendil <samir.b...@gmail.com>
ahci: add Marvell 9230 to the AHCI PCI device list
xiangliang yu <yxl...@gmail.com>
ahci: disabled FBS prior to issuing software reset
Larry Finger <Larry....@lwfinger.net>
rtlwifi: rtl8192cu: Fix more pointer arithmetic errors
Felipe Pena <feli...@gmail.com>
rtlwifi: rtl8192se: Fix wrong assignment
Ryan Mallon <rma...@gmail.com>
vsprintf: check real user/group id for %pK
Shan Hai <shan...@windriver.com>
drivers/libata: Set max sector to 65535 for Slimtype DVD A DS8A9SH drive
Gwendal Grignou <gwe...@google.com>
libata: Fix display of sata speed
Marc Kleine-Budde <m...@pengutronix.de>
can: flexcan: fix flexcan_chip_start() on imx6
Ilija Hadzic <iha...@research.bell-labs.com>
devpts: plug the memory leak in kill_sb
KOSAKI Motohiro <kosaki....@jp.fujitsu.com>
alarmtimer: return EINVAL instead of ENOTSUPP if rtcdev doesn't exist
Takashi Iwai <ti...@suse.de>
ASoC: blackfin: Fix missing break
Nicolin Chen <b42...@freescale.com>
ASoC: wm8962: Turn on regcache_cache_only before disabling regulator
Phil Edworthy <phil.e...@renesas.com>
ASoC: ak4642: prevent un-necessary changes to SG_SL1
Johan Hovold <jho...@gmail.com>
backlight: atmel-pwm-bl: fix reported brightness
Greg Kroah-Hartman <gre...@linuxfoundation.org>
Staging: tidspbridge: disable driver
Jonathan Austin <jonatha...@arm.com>
ARM: integrator_cp: Set LCD{0,1} enable lines when turning on CLCD
Russell King <rmk+k...@arm.linux.org.uk>
ARM: sa11x0/assabet: ensure CS2 is configured appropriately
-------------
Diffstat:
Documentation/sysctl/kernel.txt | 25 +++++++---
Makefile | 4 +-
arch/arm/mach-integrator/integrator_cp.c | 3 +-
arch/arm/mach-sa1100/assabet.c | 3 ++
arch/avr32/boot/u-boot/head.S | 35 +++++++++++---
arch/avr32/kernel/entry-avr32b.S | 3 +-
arch/avr32/kernel/head.S | 20 --------
arch/powerpc/kernel/signal_32.c | 16 +++----
arch/powerpc/kernel/signal_64.c | 6 +++
drivers/ata/ahci.c | 2 +
drivers/ata/libahci.c | 16 +++++++
drivers/ata/libata-core.c | 1 +
drivers/ata/libata-transport.c | 16 +++----
drivers/block/loop.c | 4 +-
drivers/block/xen-blkback/blkback.c | 3 +-
drivers/gpu/drm/i915/intel_display.c | 4 ++
drivers/gpu/drm/nouveau/nouveau_gem.c | 3 +-
drivers/gpu/drm/radeon/radeon_legacy_crtc.c | 28 +++++++++++
drivers/gpu/drm/radeon/sid.h | 2 +-
drivers/gpu/drm/ttm/ttm_bo_util.c | 4 +-
drivers/hid/hid-apple.c | 22 +++++++++
drivers/hid/hid-roccat-kovaplus.c | 4 ++
drivers/infiniband/hw/ipath/ipath_user_sdma.c | 7 +--
drivers/input/serio/i8042-x86ia64io.h | 2 +
drivers/md/dm-table.c | 18 ++++++-
drivers/md/md.c | 1 +
drivers/mtd/nand/gpmi-nand/gpmi-nand.c | 4 +-
drivers/mtd/nand/nand_base.c | 15 +++++-
drivers/net/can/flexcan.c | 12 -----
drivers/net/wireless/mwifiex/sdio.c | 3 ++
drivers/net/wireless/prism54/islpci_dev.c | 7 ++-
drivers/net/wireless/rt2x00/rt2400pci.c | 2 +-
drivers/net/wireless/rtlwifi/rtl8192cu/mac.c | 6 +--
drivers/net/wireless/rtlwifi/rtl8192cu/trx.c | 8 ++--
drivers/net/wireless/rtlwifi/rtl8192de/trx.c | 2 +-
drivers/net/wireless/rtlwifi/rtl8192se/rf.c | 2 +-
drivers/net/wireless/rtlwifi/rtl8192se/trx.c | 2 +-
drivers/pci/pcie/portdrv_pci.c | 1 -
drivers/s390/net/qeth_core_main.c | 6 ++-
drivers/staging/media/lirc/lirc_zilog.c | 12 ++++-
drivers/staging/tidspbridge/Kconfig | 2 +-
drivers/staging/vt6656/baseband.c | 11 +++++
drivers/staging/vt6656/rndis.h | 1 +
drivers/target/iscsi/iscsi_target_auth.c | 5 +-
drivers/target/iscsi/iscsi_target_nego.c | 2 +-
drivers/video/backlight/atmel-pwm-bl.c | 4 +-
fs/devpts/inode.c | 1 +
fs/ext4/xattr.c | 1 +
include/linux/mtd/map.h | 4 +-
include/trace/ftrace.h | 5 +-
kernel/audit.c | 5 +-
kernel/cpuset.c | 8 +++-
kernel/power/snapshot.c | 6 ++-
kernel/time/alarmtimer.c | 4 +-
kernel/trace/ftrace.c | 68 +++++++++++++--------------
lib/vsprintf.c | 33 +++++++++++--
security/selinux/netlabel.c | 6 +--
sound/pci/hda/patch_realtek.c | 1 +
sound/soc/blackfin/bf5xx-i2s.c | 1 +
sound/soc/codecs/ak4642.c | 2 +-
sound/soc/codecs/wm8962.c | 2 +
virt/kvm/kvm_main.c | 25 +++++-----
62 files changed, 363 insertions(+), 168 deletions(-)
There are 60 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Wed Dec 4 19:01:45 UTC 2013.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
kernel.org/pub/linux/kernel/v3.0/stable-review/patch-3.4.72-rc1.gz
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gre...@linuxfoundation.org>
Linux 3.4.72-rc1
Nanno Langstraat <lan...@gmail.com>
HID: apple: option to swap the 'Option' ("Alt") and 'Command' ("Flag") keys.
Stefan Achatz <eraz...@users.sourceforge.net>
HID: roccat: fix Coverity CID 141438
Mauro Carvalho Chehab <m.ch...@samsung.com>
media: lirc_zilog: Don't use dynamic static allocation
ftrace: Fix function graph with loading of modules
Alex Williamson <alex.wi...@redhat.com>
KVM: Fix iommu map/unmap to handle memory slot moves
Marcelo Tosatti <mtos...@redhat.com>
KVM: perform an invalid memslot step for gpa base change
Tom Gundersen <t...@jklm.no>
Input: i8042 - add PNP modaliases
tracing: Allow events to have NULL strings
Kailang Yang <kai...@realtek.com>
ALSA: hda/realtek - Set pcbeep amp for ALC668
Peter Zijlstra <pet...@infradead.org>
cpuset: Fix memory allocator deadlock
Michael Neuling <mi...@neuling.org>
powerpc/signals: Improved mark VSX not saved with small contexts fix
NeilBrown <ne...@suse.de>
md: fix calculation of stacking limits on level change.
Jerome Glisse <jgl...@redhat.com>
radeon: workaround pinning failure on low ram gpu
Alex Deucher <alexande...@amd.com>
drm/radeon/si: fix define for MC_SEQ_TRAIN_WAKEUP_CNTL
Ben Skeggs <bsk...@redhat.com>
drm/nouveau: when bailing out of a pushbuf ioctl, do not remove previous fence
Daniel Vetter <daniel...@ffwll.ch>
drm/i915: flush cursors harder
Jakob Bornecrantz <ja...@vmware.com>
drm/ttm: Handle in-memory region copies
Dan Williams <dc...@redhat.com>
prism54: set netdev type to "wlan"
Andreas Bießmann <and...@biessmann.de>
avr32: fix out-of-range jump in large kernels
Andreas Bießmann <and...@biessmann.de>
avr32: setup crt for early panic()
Paul Moore <pmo...@redhat.com>
selinux: correct locking in selinux_netlbl_socket_connect)
Yinghai Lu <yin...@kernel.org>
PCI: Remove duplicate pci_disable_device() from pcie_portdrv_remove()
Mathias Krause <min...@googlemail.com>
audit: fix info leak in AUDIT_GET requests
Mathias Krause <min...@googlemail.com>
audit: use nlmsg_len() to get message payload length
Tyler Hicks <tyh...@canonical.com>
audit: printk USER_AVC messages when audit isn't enabled
Avinash Patil <pat...@marvell.com>
mwifiex: correct packet length for packets from SDIO interface
Aaron Lu <aaro...@intel.com>
PM / hibernate: Avoid overflow in hibernate_preallocate_memory()
Mikulas Patocka <mpat...@redhat.com>
dm: allocate buffer for messages with small number of arguments using GFP_NOIO
Stanislaw Gruszka <stf...@wp.pl>
rt2400pci: fix RSSI read
Ursula Braun <ursula...@de.ibm.com>
qeth: avoid buffer overflow in snmp ioctl
Larry Finger <Larry....@lwfinger.net>
rtlwifi: rtl8192cu: Fix incorrect signal strength for unassociated AP
Larry Finger <Larry....@lwfinger.net>
rtlwifi: rtl8192se: Fix incorrect signal strength for unassociated AP
Larry Finger <Larry....@lwfinger.net>
rtlwifi: rtl8192de: Fix incorrect signal strength for unassociated AP
Malcolm Priestley <tvbo...@gmail.com>
staging: vt6656: [BUG] Fix for TX USB resets from vendors driver.
Vegard Nossum <vegard...@oracle.com>
xen/blkback: fix reference counting
Theodore Ts'o <ty...@mit.edu>
ext4: avoid bh leak in retry path of ext4_expand_extra_isize_ea()
Huang Shijie <b32...@freescale.com>
mtd: gpmi: fix kernel BUG due to racing DMA operations
Wang Haitao <wang.h...@zte.com.cn>
mtd: map: fixed bug in 64-bit systems
Brian Norris <computer...@gmail.com>
mtd: nand: hack ONFI for non-power-of-2 dimensions
Mikulas Patocka <mpat...@redhat.com>
loop: fix crash if blk_alloc_queue fails
Jan Kara <ja...@suse.cz>
IB/ipath: Convert ipath_user_sdma_pin_pages() to use get_user_pages_fast()
Eric Seppanen <er...@purestorage.com>
iscsi-target: chap auth shouldn't match username with trailing garbage
Eric Seppanen <er...@purestorage.com>
iscsi-target: fix extract_param to handle buffer length corner case
Samir Benmendil <samir.b...@gmail.com>
ahci: add Marvell 9230 to the AHCI PCI device list
xiangliang yu <yxl...@gmail.com>
ahci: disabled FBS prior to issuing software reset
Larry Finger <Larry....@lwfinger.net>
rtlwifi: rtl8192cu: Fix more pointer arithmetic errors
Felipe Pena <feli...@gmail.com>
rtlwifi: rtl8192se: Fix wrong assignment
Ryan Mallon <rma...@gmail.com>
vsprintf: check real user/group id for %pK
Shan Hai <shan...@windriver.com>
drivers/libata: Set max sector to 65535 for Slimtype DVD A DS8A9SH drive
Gwendal Grignou <gwe...@google.com>
libata: Fix display of sata speed
Marc Kleine-Budde <m...@pengutronix.de>
can: flexcan: fix flexcan_chip_start() on imx6
Ilija Hadzic <iha...@research.bell-labs.com>
devpts: plug the memory leak in kill_sb
KOSAKI Motohiro <kosaki....@jp.fujitsu.com>
alarmtimer: return EINVAL instead of ENOTSUPP if rtcdev doesn't exist
Takashi Iwai <ti...@suse.de>
ASoC: blackfin: Fix missing break
Nicolin Chen <b42...@freescale.com>
ASoC: wm8962: Turn on regcache_cache_only before disabling regulator
Phil Edworthy <phil.e...@renesas.com>
ASoC: ak4642: prevent un-necessary changes to SG_SL1
Johan Hovold <jho...@gmail.com>
backlight: atmel-pwm-bl: fix reported brightness
Greg Kroah-Hartman <gre...@linuxfoundation.org>
Staging: tidspbridge: disable driver
Jonathan Austin <jonatha...@arm.com>
ARM: integrator_cp: Set LCD{0,1} enable lines when turning on CLCD
Russell King <rmk+k...@arm.linux.org.uk>
ARM: sa11x0/assabet: ensure CS2 is configured appropriately
-------------
Diffstat:
Documentation/sysctl/kernel.txt | 25 +++++++---
Makefile | 4 +-
arch/arm/mach-integrator/integrator_cp.c | 3 +-
arch/arm/mach-sa1100/assabet.c | 3 ++
arch/avr32/boot/u-boot/head.S | 35 +++++++++++---
arch/avr32/kernel/entry-avr32b.S | 3 +-
arch/avr32/kernel/head.S | 20 --------
arch/powerpc/kernel/signal_32.c | 16 +++----
arch/powerpc/kernel/signal_64.c | 6 +++
drivers/ata/ahci.c | 2 +
drivers/ata/libahci.c | 16 +++++++
drivers/ata/libata-core.c | 1 +
drivers/ata/libata-transport.c | 16 +++----
drivers/block/loop.c | 4 +-
drivers/block/xen-blkback/blkback.c | 3 +-
drivers/gpu/drm/i915/intel_display.c | 4 ++
drivers/gpu/drm/nouveau/nouveau_gem.c | 3 +-
drivers/gpu/drm/radeon/radeon_legacy_crtc.c | 28 +++++++++++
drivers/gpu/drm/radeon/sid.h | 2 +-
drivers/gpu/drm/ttm/ttm_bo_util.c | 4 +-
drivers/hid/hid-apple.c | 22 +++++++++
drivers/hid/hid-roccat-kovaplus.c | 4 ++
drivers/infiniband/hw/ipath/ipath_user_sdma.c | 7 +--
drivers/input/serio/i8042-x86ia64io.h | 2 +
drivers/md/dm-table.c | 18 ++++++-
drivers/md/md.c | 1 +
drivers/mtd/nand/gpmi-nand/gpmi-nand.c | 4 +-
drivers/mtd/nand/nand_base.c | 15 +++++-
drivers/net/can/flexcan.c | 12 -----
drivers/net/wireless/mwifiex/sdio.c | 3 ++
drivers/net/wireless/prism54/islpci_dev.c | 7 ++-
drivers/net/wireless/rt2x00/rt2400pci.c | 2 +-
drivers/net/wireless/rtlwifi/rtl8192cu/mac.c | 6 +--
drivers/net/wireless/rtlwifi/rtl8192cu/trx.c | 8 ++--
drivers/net/wireless/rtlwifi/rtl8192de/trx.c | 2 +-
drivers/net/wireless/rtlwifi/rtl8192se/rf.c | 2 +-
drivers/net/wireless/rtlwifi/rtl8192se/trx.c | 2 +-
drivers/pci/pcie/portdrv_pci.c | 1 -
drivers/s390/net/qeth_core_main.c | 6 ++-
drivers/staging/media/lirc/lirc_zilog.c | 12 ++++-
drivers/staging/tidspbridge/Kconfig | 2 +-
drivers/staging/vt6656/baseband.c | 11 +++++
drivers/staging/vt6656/rndis.h | 1 +
drivers/target/iscsi/iscsi_target_auth.c | 5 +-
drivers/target/iscsi/iscsi_target_nego.c | 2 +-
drivers/video/backlight/atmel-pwm-bl.c | 4 +-
fs/devpts/inode.c | 1 +
fs/ext4/xattr.c | 1 +
include/linux/mtd/map.h | 4 +-
include/trace/ftrace.h | 5 +-
kernel/audit.c | 5 +-
kernel/cpuset.c | 8 +++-
kernel/power/snapshot.c | 6 ++-
kernel/time/alarmtimer.c | 4 +-
kernel/trace/ftrace.c | 68 +++++++++++++--------------
lib/vsprintf.c | 33 +++++++++++--
security/selinux/netlabel.c | 6 +--
sound/pci/hda/patch_realtek.c | 1 +
sound/soc/blackfin/bf5xx-i2s.c | 1 +
sound/soc/codecs/ak4642.c | 2 +-
sound/soc/codecs/wm8962.c | 2 +
virt/kvm/kvm_main.c | 25 +++++-----
62 files changed, 363 insertions(+), 168 deletions(-)
Greg Kroah-Hartman
Dec 2, 2013, 4:40:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Wang Haitao <wang.h...@zte.com.cn>
------------------
commit a4d62babf988fe5dfde24437fa135ef147bc7aa0 upstream.
Hardware:
CPU: XLP832,the 64-bit OS
NOR Flash:S29GL128S 128M
Software:
Kernel:2.6.32.41
Filesystem:JFFS2
When writing files, errors appear:
Write len 182 but return retlen 180
Write of 182 bytes at 0x072c815c failed. returned -5, retlen 180
Write len 186 but return retlen 184
Write of 186 bytes at 0x072caff4 failed. returned -5, retlen 184
These errors exist only in 64-bit systems,not in 32-bit systems. After analysis, we
found that the left shift operation is wrong in map_word_load_partial. For instance:
unsigned char buf[3] ={0x9e,0x3a,0xea};
map_bankwidth(map) is 4;
for (i=0; i < 3; i++) {
int bitpos;
bitpos = (map_bankwidth(map)-1-i)*8;
orig.x[0] &= ~(0xff << bitpos);
orig.x[0] |= buf[i] << bitpos;
}
The value of orig.x[0] is expected to be 0x9e3aeaff, but in this situation(64-bit
System) we'll get the wrong value of 0xffffffff9e3aeaff due to the 64-bit sign
extension:
buf[i] is defined as "unsigned char" and the left-shift operation will convert it
to the type of "signed int", so when left-shift buf[i] by 24 bits, the final result
will get the wrong value: 0xffffffff9e3aeaff.
If the left-shift bits are less than 24, then sign extension will not occur. Whereas
the bankwidth of the nor flash we used is 4, therefore this BUG emerges.
Signed-off-by: Pang Xunlei <pang....@zte.com.cn>
Signed-off-by: Zhang Yi <zhang...@zte.com.cn>
Signed-off-by: Lu Zhongjun <lu.zh...@zte.com.cn>
Signed-off-by: Brian Norris <computer...@gmail.com>
include/linux/mtd/map.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/include/linux/mtd/map.h
+++ b/include/linux/mtd/map.h
@@ -362,7 +362,7 @@ static inline map_word map_word_load_par
bitpos = (map_bankwidth(map)-1-i)*8;
#endif
orig.x[0] &= ~(0xff << bitpos);
- orig.x[0] |= buf[i-start] << bitpos;
+ orig.x[0] |= (unsigned long)buf[i-start] << bitpos;
}
}
return orig;
@@ -381,7 +381,7 @@ static inline map_word map_word_ff(struc
if (map_bankwidth(map) < MAP_FF_LIMIT) {
int bw = 8 * map_bankwidth(map);
- r.x[0] = (1 << bw) - 1;
+ r.x[0] = (1UL << bw) - 1;
} else {
for (i=0; i<map_words(map); i++)
r.x[i] = ~0UL;
Greg Kroah-Hartman
Dec 2, 2013, 4:40:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Johan Hovold <jho...@gmail.com>
------------------
commit 185d91442550110db67a7dc794a32efcea455a36 upstream.
The driver supports 16-bit brightness values, but the value returned
from get_brightness was truncated to eight bits.
Signed-off-by: Johan Hovold <jho...@gmail.com>
Cc: Jingoo Han <jg1...@samsung.com>
Signed-off-by: Andrew Morton <ak...@linux-foundation.org>
Signed-off-by: Linus Torvalds <torv...@linux-foundation.org>
drivers/video/backlight/atmel-pwm-bl.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/drivers/video/backlight/atmel-pwm-bl.c
+++ b/drivers/video/backlight/atmel-pwm-bl.c
@@ -70,7 +70,7 @@ static int atmel_pwm_bl_set_intensity(st
static int atmel_pwm_bl_get_intensity(struct backlight_device *bd)
{
struct atmel_pwm_bl *pwmbl = bl_get_data(bd);
- u8 intensity;
+ u32 intensity;
if (pwmbl->pdata->pwm_active_low) {
intensity = pwm_channel_readl(&pwmbl->pwmc, PWM_CDTY) -
@@ -80,7 +80,7 @@ static int atmel_pwm_bl_get_intensity(st
pwm_channel_readl(&pwmbl->pwmc, PWM_CDTY);
}
- return intensity;
+ return intensity & 0xffff;
}
static int atmel_pwm_bl_init_pwm(struct atmel_pwm_bl *pwmbl)
Greg Kroah-Hartman
Dec 2, 2013, 4:40:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Brian Norris <computer...@gmail.com>
------------------
commit 4355b70cf48363c50a9de450b01178c83aba8f6a upstream.
Some bright specification writers decided to write this in the ONFI spec
(from ONFI 3.0, Section 3.1):
"The number of blocks and number of pages per block is not required to
be a power of two. In the case where one of these values is not a
power of two, the corresponding address shall be rounded to an
integral number of bits such that it addresses a range up to the
subsequent power of two value. The host shall not access upper
addresses in a range that is shown as not supported."
This breaks every assumption MTD makes about NAND block/chip-size
dimensions -- they *must* be a power of two!
And of course, an enterprising manufacturer has made use of this lovely
freedom. Exhibit A: Micron MT29F32G08CBADAWP
"- Plane size: 2 planes x 1064 blocks per plane
- Device size: 32Gb: 2128 blockss [sic]"
This quickly hits a BUG() in nand_base.c, since the extra dimensions
overflow so we think it's a second chip (on my single-chip setup):
ONFI param page 0 valid
ONFI flash detected
NAND device: Manufacturer ID: 0x2c, Chip ID: 0x44 (Micron MT29F32G08CBADAWP), 4256MiB, page size: 8192, OOB size: 744
------------[ cut here ]------------
kernel BUG at drivers/mtd/nand/nand_base.c:203!
Internal error: Oops - BUG: 0 [#1] SMP ARM
[... trim ...]
[<c02cf3e4>] (nand_select_chip+0x18/0x2c) from [<c02d25c0>] (nand_do_read_ops+0x90/0x424)
[<c02d25c0>] (nand_do_read_ops+0x90/0x424) from [<c02d2dd8>] (nand_read+0x54/0x78)
[<c02d2dd8>] (nand_read+0x54/0x78) from [<c02ad2c8>] (mtd_read+0x84/0xbc)
[<c02ad2c8>] (mtd_read+0x84/0xbc) from [<c02d4b28>] (scan_read.clone.4+0x4c/0x64)
[<c02d4b28>] (scan_read.clone.4+0x4c/0x64) from [<c02d4c88>] (search_bbt+0x148/0x290)
[<c02d4c88>] (search_bbt+0x148/0x290) from [<c02d4ea4>] (nand_scan_bbt+0xd4/0x5c0)
[... trim ...]
---[ end trace 0c9363860d865ff2 ]---
So to fix this, just truncate these dimensions down to the greatest
power-of-2 dimension that is less than or equal to the specified
dimension.
Signed-off-by: Brian Norris <computer...@gmail.com>
drivers/mtd/nand/nand_base.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
--- a/drivers/mtd/nand/nand_base.c
+++ b/drivers/mtd/nand/nand_base.c
@@ -2888,10 +2888,21 @@ static int nand_flash_detect_onfi(struct
sanitize_string(p->model, sizeof(p->model));
if (!mtd->name)
mtd->name = p->model;
+
mtd->writesize = le32_to_cpu(p->byte_per_page);
- mtd->erasesize = le32_to_cpu(p->pages_per_block) * mtd->writesize;
+
+ /*
+ * pages_per_block and blocks_per_lun may not be a power-of-2 size
+ * (don't ask me who thought of this...). MTD assumes that these
+ * dimensions will be power-of-2, so just truncate the remaining area.
+ */
+ mtd->erasesize = 1 << (fls(le32_to_cpu(p->pages_per_block)) - 1);
+ mtd->erasesize *= mtd->writesize;
+
mtd->oobsize = le16_to_cpu(p->spare_bytes_per_page);
- chip->chipsize = le32_to_cpu(p->blocks_per_lun);
+
+ /* See erasesize comment */
+ chip->chipsize = 1 << (fls(le32_to_cpu(p->blocks_per_lun)) - 1);
chip->chipsize *= (uint64_t)mtd->erasesize * p->lun_count;
*busw = 0;
if (le16_to_cpu(p->features) & 1)
Greg Kroah-Hartman
Dec 2, 2013, 4:40:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Ilija Hadzic <iha...@research.bell-labs.com>
------------------
commit 66da0e1f9034140ae2f571ef96e254a25083906c upstream.
When devpts is unmounted, there may be a no-longer-used IDR tree hanging
off the superblock we are about to kill. This needs to be cleaned up
before destroying the SB.
The leak is usually not a big deal because unmounting devpts is typically
done when shutting down the whole machine. However, shutting down an LXC
container instead of a physical machine exposes the problem (the garbage
is detectable with kmemleak).
Signed-off-by: Ilija Hadzic <iha...@research.bell-labs.com>
Cc: Sukadev Bhattiprolu <suk...@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <ak...@linux-foundation.org>
Signed-off-by: Linus Torvalds <torv...@linux-foundation.org>
fs/devpts/inode.c | 1 +
Signed-off-by: Linus Torvalds <torv...@linux-foundation.org>
1 file changed, 1 insertion(+)
--- a/fs/devpts/inode.c
+++ b/fs/devpts/inode.c
@@ -475,6 +475,7 @@ static void devpts_kill_sb(struct super_
{
struct pts_fs_info *fsi = DEVPTS_SB(sb);
+ ida_destroy(&fsi->allocated_ptys);
kfree(fsi);
kill_litter_super(sb);
Greg Kroah-Hartman
Dec 2, 2013, 4:40:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: xiangliang yu <yxl...@gmail.com>
------------------
commit 89dafa20f3daab5b3e0c13d0068a28e8e64e2102 upstream.
Tested with Marvell 88se9125, attached with one port mulitplier(5 ports)
and one disk, we will get following boot log messages if using current
code:
ata8: SATA link up 6.0 Gbps (SStatus 133 SControl 330)
ata8.15: Port Multiplier 1.2, 0x1b4b:0x9715 r160, 5 ports, feat 0x1/0x1f
ahci 0000:03:00.0: FBS is enabled
ata8.00: hard resetting link
ata8.00: SATA link down (SStatus 0 SControl 330)
ata8.01: hard resetting link
ata8.01: SATA link down (SStatus 0 SControl 330)
ata8.02: hard resetting link
ata8.02: SATA link down (SStatus 0 SControl 330)
ata8.03: hard resetting link
ata8.03: SATA link up 6.0 Gbps (SStatus 133 SControl 133)
ata8.04: hard resetting link
ata8.04: failed to resume link (SControl 133)
ata8.04: failed to read SCR 0 (Emask=0x40)
ata8.04: failed to read SCR 0 (Emask=0x40)
ata8.04: failed to read SCR 1 (Emask=0x40)
ata8.04: failed to read SCR 0 (Emask=0x40)
ata8.03: native sectors (2) is smaller than sectors (976773168)
ata8.03: ATA-8: ST3500413AS, JC4B, max UDMA/133
ata8.03: 976773168 sectors, multi 0: LBA48 NCQ (depth 31/32)
ata8.03: configured for UDMA/133
ata8.04: failed to IDENTIFY (I/O error, err_mask=0x100)
ata8.15: hard resetting link
ata8.15: SATA link up 6.0 Gbps (SStatus 133 SControl 330)
ata8.15: Port Multiplier vendor mismatch '0x1b4b' != '0x133'
ata8.15: PMP revalidation failed (errno=-19)
ata8.15: hard resetting link
ata8.15: SATA link up 6.0 Gbps (SStatus 133 SControl 330)
ata8.15: Port Multiplier vendor mismatch '0x1b4b' != '0x133'
ata8.15: PMP revalidation failed (errno=-19)
ata8.15: limiting SATA link speed to 3.0 Gbps
ata8.15: hard resetting link
ata8.15: SATA link up 3.0 Gbps (SStatus 123 SControl 320)
ata8.15: Port Multiplier vendor mismatch '0x1b4b' != '0x133'
ata8.15: PMP revalidation failed (errno=-19)
ata8.15: failed to recover PMP after 5 tries, giving up
ata8.15: Port Multiplier detaching
ata8.03: disabled
ata8.00: disabled
ata8: EH complete
The reason is that current detection code doesn't follow AHCI spec:
First,the port multiplier detection process look like this:
ahci_hardreset(link, class, deadline)
if (class == ATA_DEV_PMP) {
sata_pmp_attach(dev) /* will enable FBS */
sata_pmp_init_links(ap, nr_ports);
ata_for_each_link(link, ap, EDGE) {
sata_std_hardreset(link, class, deadline);
if (link_is_online) /* do soft reset */
ahci_softreset(link, class, deadline);
}
}
But, according to chapter 9.3.9 in AHCI spec: Prior to issuing software
reset, software shall clear PxCMD.ST to '0' and then clear PxFBS.EN to
'0'.
The patch test ok with kernel 3.11.1.
tj: Patch white space contaminated, applied manually with trivial
updates.
Signed-off-by: Xiangliang Yu <yuxi...@marvell.com>
Signed-off-by: Tejun Heo <t...@kernel.org>
drivers/ata/libahci.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
--- a/drivers/ata/libahci.c
+++ b/drivers/ata/libahci.c
@@ -1249,9 +1249,11 @@ int ahci_do_softreset(struct ata_link *l
{
struct ata_port *ap = link->ap;
struct ahci_host_priv *hpriv = ap->host->private_data;
+ struct ahci_port_priv *pp = ap->private_data;
const char *reason = NULL;
unsigned long now, msecs;
struct ata_taskfile tf;
+ bool fbs_disabled = false;
int rc;
DPRINTK("ENTER\n");
@@ -1261,6 +1263,16 @@ int ahci_do_softreset(struct ata_link *l
if (rc && rc != -EOPNOTSUPP)
ata_link_warn(link, "failed to reset engine (errno=%d)\n", rc);
+ /*
+ * According to AHCI-1.2 9.3.9: if FBS is enable, software shall
+ * clear PxFBS.EN to '0' prior to issuing software reset to devices
+ * that is attached to port multiplier.
+ */
+ if (!ata_is_host_link(link) && pp->fbs_enabled) {
+ ahci_disable_fbs(ap);
+ fbs_disabled = true;
+ }
+
ata_tf_init(link->device, &tf);
/* issue the first D2H Register FIS */
@@ -1301,6 +1313,10 @@ int ahci_do_softreset(struct ata_link *l
} else
*class = ahci_dev_classify(ap);
+ /* re-enable FBS if disabled before */
+ if (fbs_disabled)
+ ahci_enable_fbs(ap);
+
DPRINTK("EXIT, class=%u\n", *class);
return 0;
Greg Kroah-Hartman
Dec 2, 2013, 4:40:04 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Huang Shijie <b32...@freescale.com>
------------------
commit 7b3d2fb92067bcb29f0f085a9fa9fa64920a6646 upstream.
[1] The gpmi uses the nand_command_lp to issue the commands to NAND chips.
The gpmi issues a DMA operation with gpmi_cmd_ctrl when it handles
a NAND_CMD_NONE control command. So when we read a page(NAND_CMD_READ0)
from the NAND, we may send two DMA operations back-to-back.
If we do not serialize the two DMA operations, we will meet a bug when
1.1) we enable CONFIG_DMA_API_DEBUG, CONFIG_DMADEVICES_DEBUG,
and CONFIG_DEBUG_SG.
1.2) Use the following commands in an UART console and a SSH console:
cmd 1: while true;do dd if=/dev/mtd0 of=/dev/null;done
cmd 1: while true;do dd if=/dev/mmcblk0 of=/dev/null;done
The kernel log shows below:
-----------------------------------------------------------------
kernel BUG at lib/scatterlist.c:28!
Unable to handle kernel NULL pointer dereference at virtual address 00000000
.........................
[<80044a0c>] (__bug+0x18/0x24) from [<80249b74>] (sg_next+0x48/0x4c)
[<80249b74>] (sg_next+0x48/0x4c) from [<80255398>] (debug_dma_unmap_sg+0x170/0x1a4)
[<80255398>] (debug_dma_unmap_sg+0x170/0x1a4) from [<8004af58>] (dma_unmap_sg+0x14/0x6c)
[<8004af58>] (dma_unmap_sg+0x14/0x6c) from [<8027e594>] (mxs_dma_tasklet+0x18/0x1c)
[<8027e594>] (mxs_dma_tasklet+0x18/0x1c) from [<8007d444>] (tasklet_action+0x114/0x164)
-----------------------------------------------------------------
1.3) Assume the two DMA operations is X (first) and Y (second).
The root cause of the bug:
Assume process P issues DMA X, and sleep on the completion
@this->dma_done. X's tasklet callback is dma_irq_callback. It firstly
wake up the process sleeping on the completion @this->dma_done,
and then trid to unmap the scatterlist S. The waked process P will
issue Y in another ARM core. Y initializes S->sg_magic to zero
with sg_init_one(), while dma_irq_callback is unmapping S at the same
time.
See the diagram:
ARM core 0 | ARM core 1
-------------------------------------------------------------
(P issues DMA X, then sleep) --> |
|
(X's tasklet wakes P) --> |
|
| <-- (P begin to issue DMA Y)
|
(X's tasklet unmap the |
scatterlist S with dma_unmap_sg) --> | <-- (Y calls sg_init_one() to init
| scatterlist S)
|
[2] This patch serialize both the X and Y in the following way:
Unmap the DMA scatterlist S firstly, and wake up the process at the end
of the DMA callback, in such a way, Y will be executed after X.
After this patch:
ARM core 0 | ARM core 1
-------------------------------------------------------------
(P issues DMA X, then sleep) --> |
|
(X's tasklet unmap the |
scatterlist S with dma_unmap_sg) --> |
|
(X's tasklet wakes P) --> |
|
| <-- (P begin to issue DMA Y)
|
| <-- (Y calls sg_init_one() to init
| scatterlist S)
|
Signed-off-by: Huang Shijie <b32...@freescale.com>
Signed-off-by: Brian Norris <computer...@gmail.com>
drivers/mtd/nand/gpmi-nand/gpmi-nand.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/drivers/mtd/nand/gpmi-nand/gpmi-nand.c
+++ b/drivers/mtd/nand/gpmi-nand/gpmi-nand.c
@@ -227,8 +227,6 @@ static void dma_irq_callback(void *param
struct gpmi_nand_data *this = param;
struct completion *dma_c = &this->dma_done;
- complete(dma_c);
-
switch (this->dma_type) {
case DMA_FOR_COMMAND:
dma_unmap_sg(this->dev, &this->cmd_sgl, 1, DMA_TO_DEVICE);
@@ -253,6 +251,8 @@ static void dma_irq_callback(void *param
default:
pr_err("in wrong DMA operation.\n");
}
+
+ complete(dma_c);
}
int start_dma_without_bch_irq(struct gpmi_nand_data *this,
Greg Kroah-Hartman
Dec 2, 2013, 4:40:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Jan Kara <ja...@suse.cz>
------------------
commit 4adcf7fb6783e354aab38824d803fa8c4f8e8a27 upstream.
ipath_user_sdma_queue_pkts() gets called with mmap_sem held for
writing. Except for get_user_pages() deep down in
ipath_user_sdma_pin_pages() we don't seem to need mmap_sem at all.
Even more interestingly the function ipath_user_sdma_queue_pkts() (and
also ipath_user_sdma_coalesce() called somewhat later) call
copy_from_user() which can hit a page fault and we deadlock on trying
to get mmap_sem when handling that fault. So just make
ipath_user_sdma_pin_pages() use get_user_pages_fast() and leave
mmap_sem locking for mm.
This deadlock has actually been observed in the wild when the node
is under memory pressure.
Signed-off-by: Jan Kara <ja...@suse.cz>
Signed-off-by: Mike Marciniszyn <mike.mar...@intel.com>
[ Merged in fix for call to get_user_pages_fast from Tetsuo Handa
<penguin...@I-love.SAKURA.ne.jp>. - Roland ]
Signed-off-by: Roland Dreier <rol...@purestorage.com>
drivers/infiniband/hw/ipath/ipath_user_sdma.c | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
--- a/drivers/infiniband/hw/ipath/ipath_user_sdma.c
+++ b/drivers/infiniband/hw/ipath/ipath_user_sdma.c
@@ -280,9 +280,7 @@ static int ipath_user_sdma_pin_pages(con
int j;
int ret;
- ret = get_user_pages(current, current->mm, addr,
- npages, 0, 1, pages, NULL);
-
+ ret = get_user_pages_fast(addr, npages, 0, pages);
if (ret != npages) {
int i;
@@ -811,10 +809,7 @@ int ipath_user_sdma_writev(struct ipath_
while (dim) {
const int mxp = 8;
- down_write(¤t->mm->mmap_sem);
ret = ipath_user_sdma_queue_pkts(dd, pq, &list, iov, dim, mxp);
- up_write(¤t->mm->mmap_sem);
-
if (ret <= 0)
goto done_unlock;
else {
Greg Kroah-Hartman
Dec 2, 2013, 4:40:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Samir Benmendil <samir.b...@gmail.com>
------------------
commit 6d5278a68a75891db1df5ae1ecf83d288fc58c65 upstream.
Tested with a DAWICONTROL DC-624e on 3.10.10
Signed-off-by: Samir Benmendil <samir.b...@gmail.com>
Signed-off-by: Tejun Heo <t...@kernel.org>
Reviewed-by: Levente Kurusa <le...@linux.com>
drivers/ata/ahci.c | 2 ++
1 file changed, 2 insertions(+)
--- a/drivers/ata/ahci.c
+++ b/drivers/ata/ahci.c
@@ -402,6 +402,8 @@ static const struct pci_device_id ahci_p
.driver_data = board_ahci_yes_fbs }, /* 88se9172 on some Gigabyte */
{ PCI_DEVICE(0x1b4b, 0x91a3),
.driver_data = board_ahci_yes_fbs },
+ { PCI_DEVICE(0x1b4b, 0x9230),
+ .driver_data = board_ahci_yes_fbs },
/* Promise */
{ PCI_VDEVICE(PROMISE, 0x3f20), board_ahci }, /* PDC42819 */
Greg Kroah-Hartman
Dec 2, 2013, 4:40:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Takashi Iwai <ti...@suse.de>
------------------
commit afed4dbe3a043dbd833a53b6b4951e155708afd2 upstream.
Fixes: 4b2ffc205cb9 ('ASoC: Blackfin I2S: add 8-bit sample support')
Reported-by: David Binderman
Signed-off-by: Takashi Iwai <ti...@suse.de>
Signed-off-by: Mark Brown <bro...@linaro.org>
sound/soc/blackfin/bf5xx-i2s.c | 1 +
1 file changed, 1 insertion(+)
--- a/sound/soc/blackfin/bf5xx-i2s.c
+++ b/sound/soc/blackfin/bf5xx-i2s.c
@@ -111,6 +111,7 @@ static int bf5xx_i2s_hw_params(struct sn
bf5xx_i2s->tcr2 |= 7;
bf5xx_i2s->rcr2 |= 7;
sport_handle->wdsize = 1;
+ break;
case SNDRV_PCM_FORMAT_S16_LE:
bf5xx_i2s->tcr2 |= 15;
bf5xx_i2s->rcr2 |= 15;
Greg Kroah-Hartman
Dec 2, 2013, 4:40:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Greg Kroah-Hartman <gre...@linuxfoundation.org>
------------------
commit 930ba4a374b96560ef9fde2145cdc454a164ddcc upstream.
There seems to be no active maintainer for the driver, and there is an
unfixed security bug, so disable the driver for now.
Hopefully someone steps up to be the maintainer, and works to get this
out of staging, otherwise it will be deleted soon.
Reported-by: Nico Golde <ni...@ngolde.de>
Reported-by: Dan Carpenter <dan.ca...@oracle.com>
Cc: Omar Ramirez Luna <omar.r...@copitl.com>
Cc: Omar Ramirez Luna <omar.r...@ti.com>
Cc: Kanigeri, Hari <h-kan...@ti.com>
Cc: Ameya Palande <ameya....@nokia.com>
Cc: Guzman Lugo, Fernando <fernan...@ti.com>
Cc: Hebbar, Shivananda <x0he...@ti.com>
Cc: Ramos Falcon, Ernesto <ern...@ti.com>
Cc: Felipe Contreras <felipe.c...@gmail.com>
Cc: Anna, Suman <s-a...@ti.com>
Cc: Gupta, Ramesh <grg...@ti.com>
Cc: Gomez Castellanos, Ivan <ivan....@ti.com>
Cc: Andy Shevchenko <ext-andriy...@nokia.com>
Cc: Armando Uribe De Leon <x009...@ti.com>
Cc: Deepak Chitriki <deepak....@ti.com>
Cc: Menon, Nishanth <n...@ti.com>
Cc: Phil Carmody <ext-phil....@nokia.com>
Cc: Ohad Ben-Cohen <oh...@wizery.com>
Cc: stable <sta...@vger.kernel.org>
drivers/staging/tidspbridge/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/staging/tidspbridge/Kconfig
+++ b/drivers/staging/tidspbridge/Kconfig
@@ -4,7 +4,7 @@
menuconfig TIDSPBRIDGE
tristate "DSP Bridge driver"
- depends on ARCH_OMAP3
+ depends on ARCH_OMAP3 && BROKEN
select OMAP_MBOX_FWK
help
DSP/BIOS Bridge is designed for platforms that contain a GPP and
Greg Kroah-Hartman
Dec 2, 2013, 4:40:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Phil Edworthy <phil.e...@renesas.com>
------------------
commit 7b5bfb82882b9b1c8423ce0ed6852ca3762d967a upstream.
If you record the sound during playback,
the playback sound becomes silent.
Modify so that the codec driver does not clear
SG_SL1::DACL bit which is controlled under widget
Signed-off-by: Phil Edworthy <phil.e...@renesas.com>
Signed-off-by: Kuninori Morimoto <kuninori.m...@renesas.com>
Signed-off-by: Mark Brown <bro...@linaro.org>
sound/soc/codecs/ak4642.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/sound/soc/codecs/ak4642.c
+++ b/sound/soc/codecs/ak4642.c
@@ -262,7 +262,7 @@ static int ak4642_dai_startup(struct snd
* This operation came from example code of
* "ASAHI KASEI AK4642" (japanese) manual p94.
*/
- snd_soc_write(codec, SG_SL1, PMMP | MGAIN0);
+ snd_soc_update_bits(codec, SG_SL1, PMMP | MGAIN0, PMMP | MGAIN0);
snd_soc_write(codec, TIMER, ZTM(0x3) | WTM(0x3));
snd_soc_write(codec, ALC_CTL1, ALC | LMTH0);
snd_soc_update_bits(codec, PW_MGMT1, PMADL, PMADL);
Greg Kroah-Hartman
Dec 2, 2013, 4:40:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Larry Finger <Larry....@lwfinger.net>
------------------
commit eafbdde9c5629bea58df07275c5917eb42afbbe7 upstream.
This driver uses a number of macros to get and set various fields in the
RX and TX descriptors. To work correctly, a u8 pointer to the descriptor
must be used; however, in some cases a descriptor structure pointer is used
instead. In addition, a duplicated statement is removed.
Signed-off-by: Larry Finger <Larry....@lwfinger.net>
Reported-by: Mark Cave-Ayland <mark.cav...@ilande.co.uk>
Signed-off-by: John W. Linville <linv...@tuxdriver.com>
drivers/net/wireless/rtlwifi/rtl8192cu/mac.c | 6 +++---
drivers/net/wireless/rtlwifi/rtl8192cu/trx.c | 6 +++---
2 files changed, 6 insertions(+), 6 deletions(-)
--- a/drivers/net/wireless/rtlwifi/rtl8192cu/mac.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192cu/mac.c
@@ -762,7 +762,7 @@ static long _rtl92c_signal_scale_mapping
static void _rtl92c_query_rxphystatus(struct ieee80211_hw *hw,
struct rtl_stats *pstats,
- struct rx_desc_92c *pdesc,
+ struct rx_desc_92c *p_desc,
struct rx_fwinfo_92c *p_drvinfo,
bool packet_match_bssid,
bool packet_toself,
@@ -777,11 +777,11 @@ static void _rtl92c_query_rxphystatus(st
u32 rssi, total_rssi = 0;
bool in_powersavemode = false;
bool is_cck_rate;
+ u8 *pdesc = (u8 *)p_desc;
- is_cck_rate = RX_HAL_IS_CCK_RATE(pdesc);
+ is_cck_rate = RX_HAL_IS_CCK_RATE(p_desc);
pstats->packet_matchbssid = packet_match_bssid;
pstats->packet_toself = packet_toself;
- pstats->is_cck = is_cck_rate;
pstats->packet_beacon = packet_beacon;
pstats->is_cck = is_cck_rate;
pstats->RX_SIGQ[0] = -1;
--- a/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c
+++ b/drivers/net/wireless/rtlwifi/rtl8192cu/trx.c
@@ -303,10 +303,10 @@ out:
bool rtl92cu_rx_query_desc(struct ieee80211_hw *hw,
struct rtl_stats *stats,
struct ieee80211_rx_status *rx_status,
- u8 *p_desc, struct sk_buff *skb)
+ u8 *pdesc, struct sk_buff *skb)
{
struct rx_fwinfo_92c *p_drvinfo;
- struct rx_desc_92c *pdesc = (struct rx_desc_92c *)p_desc;
+ struct rx_desc_92c *p_desc = (struct rx_desc_92c *)pdesc;
u32 phystatus = GET_RX_DESC_PHY_STATUS(pdesc);
stats->length = (u16) GET_RX_DESC_PKT_LEN(pdesc);
@@ -345,7 +345,7 @@ bool rtl92cu_rx_query_desc(struct ieee80
if (phystatus) {
p_drvinfo = (struct rx_fwinfo_92c *)(skb->data +
stats->rx_bufshift);
- rtl92c_translate_rx_signal_stuff(hw, skb, stats, pdesc,
+ rtl92c_translate_rx_signal_stuff(hw, skb, stats, p_desc,
p_drvinfo);
}
/*rx_status->qual = stats->signal; */
}
/*rx_status->qual = stats->signal; */
Greg Kroah-Hartman
Dec 2, 2013, 4:40:05 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Jonathan Austin <jonatha...@arm.com>
------------------
commit 30aeadd44deea3f3b0df45b9a70ee0fd5f8d6dc2 upstream.
This turns on the internal integrator LCD display(s). It seems that the code
to do this got lost in refactoring of the CLCD driver.
Signed-off-by: Jonathan Austin <jonatha...@arm.com>
Acked-by: Linus Walleij <linus....@linaro.org>
Signed-off-by: Olof Johansson <ol...@lixom.net>
arch/arm/mach-integrator/integrator_cp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/arch/arm/mach-integrator/integrator_cp.c
+++ b/arch/arm/mach-integrator/integrator_cp.c
@@ -366,7 +366,8 @@ static AMBA_APB_DEVICE(aaci, "mb:1d", 0,
static void cp_clcd_enable(struct clcd_fb *fb)
{
struct fb_var_screeninfo *var = &fb->fb.var;
- u32 val = CM_CTRL_STATIC1 | CM_CTRL_STATIC2;
+ u32 val = CM_CTRL_STATIC1 | CM_CTRL_STATIC2
+ | CM_CTRL_LCDEN0 | CM_CTRL_LCDEN1;
if (var->bits_per_pixel <= 8 ||
(var->bits_per_pixel == 16 && var->green.length == 5))
Greg Kroah-Hartman
Dec 2, 2013, 4:40:03 PM12/2/13
to
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: KOSAKI Motohiro <kosaki....@jp.fujitsu.com>
------------------
commit 98d6f4dd84a134d942827584a3c5f67ffd8ec35f upstream.
Fedora Ruby maintainer reported latest Ruby doesn't work on Fedora Rawhide
on ARM. (http://bugs.ruby-lang.org/issues/9008)
Because of, commit 1c6b39ad3f (alarmtimers: Return -ENOTSUPP if no
RTC device is present) intruduced to return ENOTSUPP when
clock_get{time,res} can't find a RTC device. However this is incorrect.
First, ENOTSUPP isn't exported to userland (ENOTSUP or EOPNOTSUP are the
closest userland equivlents).
Second, Posix and Linux man pages agree that clock_gettime and
clock_getres should return EINVAL if clk_id argument is invalid.
While the arugment that the clockid is valid, but just not supported
on this hardware could be made, this is just a technicality that
doesn't help userspace applicaitons, and only complicates error
handling.
Thus, this patch changes the code to use EINVAL.
Cc: Thomas Gleixner <tg...@linutronix.de>
Cc: Frederic Weisbecker <fwei...@gmail.com>
Reported-by: Vit Ondruch <v.on...@tiscali.cz>
Signed-off-by: KOSAKI Motohiro <kosaki....@jp.fujitsu.com>
[jstultz: Tweaks to commit message to include full rational]
Signed-off-by: John Stultz <john....@linaro.org>
kernel/time/alarmtimer.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/kernel/time/alarmtimer.c
+++ b/kernel/time/alarmtimer.c
@@ -474,7 +474,7 @@ static int alarm_clock_getres(const cloc
clockid_t baseid = alarm_bases[clock2alarm(which_clock)].base_clockid;
if (!alarmtimer_get_rtcdev())
- return -ENOTSUPP;
+ return -EINVAL;
return hrtimer_get_res(baseid, tp);
}
@@ -491,7 +491,7 @@ static int alarm_clock_get(clockid_t whi
struct alarm_base *base = &alarm_bases[clock2alarm(which_clock)];
if (!alarmtimer_get_rtcdev())
- return -ENOTSUPP;
+ return -EINVAL;
*tp = ktime_to_timespec(base->gettime());
return 0;
Guenter Roeck
Dec 2, 2013, 10:00:02 PM12/2/13
to
On 12/02/2013 11:05 AM, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 3.4.72 release.
> There are 60 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Wed Dec 4 19:01:45 UTC 2013.
> Anything received after that time might be too late.
>
Build results:
> This is the start of the stable review cycle for the 3.4.72 release.
> There are 60 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Wed Dec 4 19:01:45 UTC 2013.
> Anything received after that time might be too late.
>
total: 103 pass: 89 skipped: 10 fail: 4
qemu tests all passed. Results are as expected.
Guenter
Greg Kroah-Hartman
Dec 2, 2013, 10:10:01 PM12/2/13
to
On Mon, Dec 02, 2013 at 06:50:45PM -0800, Guenter Roeck wrote:
> On 12/02/2013 11:05 AM, Greg Kroah-Hartman wrote:
> > This is the start of the stable review cycle for the 3.4.72 release.
> > There are 60 patches in this series, all will be posted as a response
> > to this one. If anyone has any issues with these being applied, please
> > let me know.
> >
> > Responses should be made by Wed Dec 4 19:01:45 UTC 2013.
> > Anything received after that time might be too late.
> >
>
> Build results:
> total: 103 pass: 89 skipped: 10 fail: 4
>
> qemu tests all passed. Results are as expected.
Great, thanks for testing.
> On 12/02/2013 11:05 AM, Greg Kroah-Hartman wrote:
> > This is the start of the stable review cycle for the 3.4.72 release.
> > There are 60 patches in this series, all will be posted as a response
> > to this one. If anyone has any issues with these being applied, please
> > let me know.
> >
> > Responses should be made by Wed Dec 4 19:01:45 UTC 2013.
> > Anything received after that time might be too late.
> >
>
> Build results:
> total: 103 pass: 89 skipped: 10 fail: 4
>
> qemu tests all passed. Results are as expected.
Shuah Khan
Dec 3, 2013, 5:00:02 PM12/3/13
to
On 12/02/2013 12:05 PM, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 3.4.72 release.
> There are 60 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Wed Dec 4 19:01:45 UTC 2013.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> kernel.org/pub/linux/kernel/v3.0/stable-review/patch-3.4.72-rc1.gz
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
>
Patch applied cleanly
> This is the start of the stable review cycle for the 3.4.72 release.
> There are 60 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Wed Dec 4 19:01:45 UTC 2013.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> kernel.org/pub/linux/kernel/v3.0/stable-review/patch-3.4.72-rc1.gz
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
>
compile and boot tests - passed
dmesg regression testing - passed
dmesgs look good. No regressions compared to the previous dmesgs for
this release. dmesg emerg, crit, alert, err are clean. No regressions in
warn.
Test systems
Samsung Series 9 900X4C Intel Corei5 (3.4 and later)
HP ProBook 6475b AMD A10-4600M APU with Radeon(tm) HD Graphics
Dell OptiPlex 790 Intel(R) Core(TM) i5-2400
-- Shuah
--
Shuah Khan
Senior Linux Kernel Developer - Open Source Group
Samsung Research America(Silicon Valley)
shua...@samsung.com | (970) 672-0658
Satoru Takeuchi
Dec 4, 2013, 5:30:02 AM12/4/13
to
At Mon, 2 Dec 2013 11:05:41 -0800,
Building a kernel with this kernel also works fine.
- Build Machine: debian jessy x86_64
CPU: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz x 4
memory: 8GB
- Test machine: debian jessy x86_64(KVM guest on the Build Machine)
vCPU: x2
memory: 2GB
Thanks,
Satoru
Greg Kroah-Hartman wrote:
>
> This is the start of the stable review cycle for the 3.4.72 release.
> There are 60 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Wed Dec 4 19:01:45 UTC 2013.
> Anything received after that time might be too late.
This kernel can be built and boot without any problem.
>
> This is the start of the stable review cycle for the 3.4.72 release.
> There are 60 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Wed Dec 4 19:01:45 UTC 2013.
> Anything received after that time might be too late.
Building a kernel with this kernel also works fine.
- Build Machine: debian jessy x86_64
CPU: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz x 4
memory: 8GB
- Test machine: debian jessy x86_64(KVM guest on the Build Machine)
vCPU: x2
memory: 2GB
Thanks,
Satoru
0 new messages