| Age | Commit message (Collapse) | Author |
|---|
|
Add Murata Manufacturing Co., Ltd. to the list of device tree
vendor prefixes.
Murata manufactures NTC (Negative Temperature Coefficient) based
Thermistors for small scale applications like Mobiles and PDAs.
Signed-off-by: Naveen Krishna Chatradhi <ch.naveen@samsung.com>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
|
|
Current code is buggy, it shows the current fan speed as minimum fan speed.
Fix up show_fan_reg macro to correctly report fan and fan_min speed.
Signed-off-by: Axel Lin <axel.lin@ingics.com>
Acked-by: Kevin Lo <kevlo@kevlo.org>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
|
|
Byte-to-bit-count computation is only partly converted to big-endian and is
mixing in CPU-endian values. Problem was noticed by sparce with warning:
CHECK arch/x86/crypto/sha512_ssse3_glue.c
arch/x86/crypto/sha512_ssse3_glue.c:144:19: warning: restricted __be64 degrades to integer
arch/x86/crypto/sha512_ssse3_glue.c:144:17: warning: incorrect type in assignment (different base types)
arch/x86/crypto/sha512_ssse3_glue.c:144:17: expected restricted __be64 <noident>
arch/x86/crypto/sha512_ssse3_glue.c:144:17: got unsigned long long
Cc: <stable@vger.kernel.org>
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Acked-by: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
When runing with the kernel(3.15-rc7+), the follow bug occurs:
[ 9969.258987] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:586
[ 9969.359906] in_atomic(): 1, irqs_disabled(): 0, pid: 160655, name: python
[ 9969.441175] INFO: lockdep is turned off.
[ 9969.488184] CPU: 26 PID: 160655 Comm: python Tainted: G A 3.15.0-rc7+ #85
[ 9969.581032] Hardware name: FUJITSU-SV PRIMEQUEST 1800E/SB, BIOS PRIMEQUEST 1000 Series BIOS Version 1.39 11/16/2012
[ 9969.706052] ffffffff81a20e60 ffff8803e941fbd0 ffffffff8162f523 ffff8803e941fd18
[ 9969.795323] ffff8803e941fbe0 ffffffff8109995a ffff8803e941fc58 ffffffff81633e6c
[ 9969.884710] ffffffff811ba5dc ffff880405c6b480 ffff88041fdd90a0 0000000000002000
[ 9969.974071] Call Trace:
[ 9970.003403] [<ffffffff8162f523>] dump_stack+0x4d/0x66
[ 9970.065074] [<ffffffff8109995a>] __might_sleep+0xfa/0x130
[ 9970.130743] [<ffffffff81633e6c>] mutex_lock_nested+0x3c/0x4f0
[ 9970.200638] [<ffffffff811ba5dc>] ? kmem_cache_alloc+0x1bc/0x210
[ 9970.272610] [<ffffffff81105807>] cpuset_mems_allowed+0x27/0x140
[ 9970.344584] [<ffffffff811b1303>] ? __mpol_dup+0x63/0x150
[ 9970.409282] [<ffffffff811b1385>] __mpol_dup+0xe5/0x150
[ 9970.471897] [<ffffffff811b1303>] ? __mpol_dup+0x63/0x150
[ 9970.536585] [<ffffffff81068c86>] ? copy_process.part.23+0x606/0x1d40
[ 9970.613763] [<ffffffff810bf28d>] ? trace_hardirqs_on+0xd/0x10
[ 9970.683660] [<ffffffff810ddddf>] ? monotonic_to_bootbased+0x2f/0x50
[ 9970.759795] [<ffffffff81068cf0>] copy_process.part.23+0x670/0x1d40
[ 9970.834885] [<ffffffff8106a598>] do_fork+0xd8/0x380
[ 9970.894375] [<ffffffff81110e4c>] ? __audit_syscall_entry+0x9c/0xf0
[ 9970.969470] [<ffffffff8106a8c6>] SyS_clone+0x16/0x20
[ 9971.030011] [<ffffffff81642009>] stub_clone+0x69/0x90
[ 9971.091573] [<ffffffff81641c29>] ? system_call_fastpath+0x16/0x1b
The cause is that cpuset_mems_allowed() try to take
mutex_lock(&callback_mutex) under the rcu_read_lock(which was hold in
__mpol_dup()). And in cpuset_mems_allowed(), the access to cpuset is
under rcu_read_lock, so in __mpol_dup, we can reduce the rcu_read_lock
protection region to protect the access to cpuset only in
current_cpuset_is_being_rebound(). So that we can avoid this bug.
This patch is a temporary solution that just addresses the bug
mentioned above, can not fix the long-standing issue about cpuset.mems
rebinding on fork():
"When the forker's task_struct is duplicated (which includes
->mems_allowed) and it races with an update to cpuset_being_rebound
in update_tasks_nodemask() then the task's mems_allowed doesn't get
updated. And the child task's mems_allowed can be wrong if the
cpuset's nodemask changes before the child has been added to the
cgroup's tasklist."
Signed-off-by: Gu Zheng <guz.fnst@cn.fujitsu.com>
Acked-by: Li Zefan <lizefan@huawei.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: stable <stable@vger.kernel.org>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc
Pull powerpc fixes and cleanups from Ben Herrenschmidt:
"Here are a handful or two of powerpc fixes and simple/trivial
cleanups. A bunch of them fix ftrace with the new ABI v2 in Little
Endian, the rest is a scattering of fairly simple things"
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc:
powerpc: Don't skip ePAPR spin-table CPUs
powerpc/module: Fix TOC symbol CRC
powerpc/powernv: Remove OPAL v1 takeover
powerpc/kmemleak: Do not scan the DART table
selftests/powerpc: Use the test harness for the TM DSCR test
powerpc/cell: cbe_thermal.c: Cleaning up a variable is of the wrong type
powerpc/kprobes: Fix jprobes on ABI v2 (LE)
powerpc/ftrace: Use pr_fmt() to namespace error messages
powerpc/ftrace: Fix nop of modules on 64bit LE (ABIv2)
powerpc/ftrace: Fix inverted check of create_branch()
powerpc/ftrace: Fix typo in mask of opcode
powerpc: Add ppc_global_function_entry()
powerpc/macintosh/smu.c: Fix closing brace followed by if
powerpc: Remove __arch_swab*
powerpc: Remove ancient DEBUG_SIG code
powerpc/kerenl: Enable EEH for IO accessors
|
|
Pull vhost cleanups from Michael S Tsirkin:
"Two cleanup patches removing code duplication that got introduced by
changes in rc1. Not fixing crashes, but I'd rather not carry the
duplicate code until the next merge window"
* tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost:
vhost-scsi: don't open-code kvfree
vhost-net: don't open-code kvfree
|
|
kvm_arch_vcpu_free() is called in 2 code paths:
1) kvm_vm_ioctl()
kvm_vm_ioctl_create_vcpu()
kvm_arch_vcpu_destroy()
kvm_arch_vcpu_free()
2) kvm_put_kvm()
kvm_destroy_vm()
kvm_arch_destroy_vm()
kvm_mips_free_vcpus()
kvm_arch_vcpu_free()
Neither of the paths handles VCPU free. We need to do it in
kvm_arch_vcpu_free() corresponding to the memory allocation in
kvm_arch_vcpu_create().
Signed-off-by: Deng-Cheng Zhu <dengcheng.zhu@imgtec.com>
Cc: stable@vger.kernel.org
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
Pull tracing cleanups and fixes from Steven Rostedt:
"This includes three patches from Oleg Nesterov. The first is a fix to
a race condition that happens between enabling/disabling syscall
tracepoints and new process creations (the check to go into the ptrace
path for a process can be set when it shouldn't, or not set when it
should). Not a major bug but one that should be fixed and even
applied to stable.
The other two patches are cleanup/fixes that are not that critical,
but for an -rc1 release would be nice to have. They both deal with
syscall tracepoints.
It also includes a patch to introduce a new macro for the
TRACE_EVENT() format called __field_struct(). Originally, __field()
was used to record any variable into a trace event, but with the
addition of setting the "is signed" attribute, the check causes
anything but a primitive variable to fail to compile. That is,
structs and unions can't be used as they once were. When the "is
signed" check was introduce there were only primitive variables being
recorded. But that will change soon and it was reported that
__field() causes build failures.
To solve the __field() issue, __field_struct() is introduced to allow
trace_events to be able to record complex types too"
* tag 'trace-fixes-v3.16-rc1-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
tracing: Add __field_struct macro for TRACE_EVENT()
tracing: syscall_regfunc() should not skip kernel threads
tracing: Change syscall_*regfunc() to check PF_KTHREAD and use for_each_process_thread()
tracing: Fix syscall_*regfunc() vs copy_process() race
|
|
AT91 symbols AT91SAM9263, AT91SAM9RL, and AT91SAM9G45 do not exist and this
patch changes them to their correct ARCH_* version.
These symbols are chosen instead of the SOC_* ones because this driver is not
converted to DT.
Anyway, the ATMEL_PWM symbol and the associated driver will be removed soon,
during the move to the PWM sub-system.
Reported-by: Paul Bolle <pebolle@tiscali.nl>
Acked-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Nicolas Ferre <nicolas.ferre@atmel.com>
|
|
Even though the virtio-scsi spec guarantees that all requests related
to the TMF will have been completed by the time the TMF itself completes,
the request queue's callback might not have run yet. This causes requests
to be completed more than once, and as a result triggers a variety of
BUGs or oopses.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Venkatesh Srinivas <venkateshs@google.com>
Cc: stable@vger.kernel.org
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
Calling the workqueue interface on uninitialized work items isn't a
good idea even if they're zeroed. It's not failing catastrophically only
through happy accidents.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Cc: stable@vger.kernel.org
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
Add a memory barrier prior to sending a new command to the VIOS
to ensure the VIOS does not receive stale data in the command buffer.
Also add a memory barrier when processing the CRQ for completed commands.
Signed-off-by: Brian King <brking@linux.vnet.ibm.com>
Acked-by: Nathan Fontenot <nfont@linux.vnet.ibm.com>
Cc: stable@vger.kernel.org
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
If a CRQ reset is triggered for some reason while in the middle
of performing VSCSI adapter initialization, we don't want to
call the done function for the initialization MAD commands as
this will only result in two threads attempting initialization
at the same time, resulting in failures.
Signed-off-by: Brian King <brking@linux.vnet.ibm.com>
Acked-by: Nathan Fontenot <nfont@linux.vnet.ibm.com>
Cc: stable@vger.kernel.org
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
Signed-off-by: Quinn Tran <quinn.tran@qlogic.com>
Signed-off-by: Saurav Kashyap <saurav.kashyap@qlogic.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
Recently had this warning reported:
[ 290.489047] Call Trace:
[ 290.489053] [<ffffffff8169efec>] dump_stack+0x19/0x1b
[ 290.489055] [<ffffffff810ac7a9>] __might_sleep+0x179/0x230
[ 290.489057] [<ffffffff816a4ad5>] mutex_lock_nested+0x55/0x520
[ 290.489061] [<ffffffffa01b9905>] ? bnx2fc_l2_rcv_thread+0xc5/0x4c0 [bnx2fc]
[ 290.489065] [<ffffffffa0174c1a>] fc_vport_id_lookup+0x3a/0xa0 [libfc]
[ 290.489068] [<ffffffffa01b9a6c>] bnx2fc_l2_rcv_thread+0x22c/0x4c0 [bnx2fc]
[ 290.489070] [<ffffffffa01b9840>] ? bnx2fc_vport_destroy+0x110/0x110 [bnx2fc]
[ 290.489073] [<ffffffff8109e0cd>] kthread+0xed/0x100
[ 290.489075] [<ffffffff8109dfe0>] ? insert_kthread_work+0x80/0x80
[ 290.489077] [<ffffffff816b2fec>] ret_from_fork+0x7c/0xb0
[ 290.489078] [<ffffffff8109dfe0>] ? insert_kthread_work+0x80/0x80
Its due to the fact that we call a potentially sleeping function from the bnx2fc
rcv path with preemption disabled (via the get_cpu call embedded in the per-cpu
variable stats lookup in bnx2fc_l2_rcv_thread.
Easy enough fix, we can just move the stats collection later in the function
where we are sure we won't preempt or sleep. This also allows us to not have to
enable pre-emption when doing a per-cpu lookup, since we're certain not to get
rescheduled.
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Eddie Wai <eddie.wai@broadcom.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
In case of of error, the bnx2fc_cmd_mgr_alloc() function will call
the bnx2fc_cmd_mgr_free() to perform the cleanup.
The problem is that in one case the latter may try to scan
some not-yet initialized lists, resulting in a kernel panic.
This patch prevents this from happening by freeing the lists
before calling bnx2fc_cmd_mgr_free().
Signed-off-by: Maurizio Lombardi <mlombard@redhat.com>
Acked-by: Eddie Wai <eddie.wai@broadcom.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
debugfs caught this:
WARNING: at lib/debugobjects.c:260 debug_print_object+0x83/0xa0()
ODEBUG: free active (active state 0) object type: work_struct
hint: fc_scsi_scan_rport+0x0/0xd0 [scsi_transport_fc]
CPU: 1 PID: 184 Comm: kworker/1:1 Tainted: G W
-------------- 3.10.0-123.el7.x86_64.debug #1
Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013
Workqueue: fc_wq_5 fc_rport_final_delete [scsi_transport_fc]
Call Trace:
[<ffffffff8169efec>] dump_stack+0x19/0x1b
[<ffffffff8106cbd1>] warn_slowpath_common+0x61/0x80
[<ffffffff8106cc4c>] warn_slowpath_fmt+0x5c/0x80
[<ffffffff8133e003>] debug_print_object+0x83/0xa0
[<ffffffffa04e2f40>] ? fc_parse_wwn+0x100/0x100
[<ffffffff8133f23b>] debug_check_no_obj_freed+0x22b/0x270
[<ffffffffa04e127e>] ? fc_rport_dev_release+0x1e/0x30
[<ffffffff811db3e9>] kfree+0xd9/0x2d0
[<ffffffffa04e127e>] fc_rport_dev_release+0x1e/0x30
[<ffffffff81428032>] device_release+0x32/0xa0
[<ffffffff8132701e>] kobject_release+0x7e/0x1b0
[<ffffffff81326ed8>] kobject_put+0x28/0x60
[<ffffffff81428397>] put_device+0x17/0x20
[<ffffffffa04e5025>] fc_rport_final_delete+0x165/0x210
[<ffffffff810959b0>] process_one_work+0x220/0x710
[<ffffffff81095944>] ? process_one_work+0x1b4/0x710
[<ffffffff81095fbb>] worker_thread+0x11b/0x3a0
[<ffffffff81095ea0>] ? process_one_work+0x710/0x710
[<ffffffff8109e0cd>] kthread+0xed/0x100
[<ffffffff8109dfe0>] ? insert_kthread_work+0x80/0x80
[<ffffffff816b2fec>] ret_from_fork+0x7c/0xb0
[<ffffffff8109dfe0>] ? insert_kthread_work+0x80/0x80
Seems to be because the scan_work work_struct might be active when the housing
fc_rport struct gets freed. Ensure that we cancel it prior to freeing the rport
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Reviewed-by: Vasu Dev <vasu.dev@intel.com>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
The pm8001_get_phy_settings_info() function does not check
the kzalloc() return value and does not free the allocated memory.
Signed-off-by: Maurizio Lombardi <mlombard@redhat.com>
Acked-by: Suresh Thiagarajan <Suresh.Thiagarajan@pmcs.com>
Acked-by: Jack Wang <xjtuwjp@gmail.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
Email IDs
Updating maintainers Email Ids for the entry LSILOGIC MPT FUSION DRIVERS in
MAINTAINERS file
Signed-off-by: Sreekanth Reddy <Sreekanth.Reddy@avagotech.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
commit 0e7c60c [SCSI] be2iscsi: fix memory leak in error path
fixed an potential junk pointer free if mgmt_get_if_info() returned an error
fix it on one more place
Signed-off-by: Tomas Henzl <thenzl@redhat.com>
Reviewed-by: Mike Christie <michaelc@cs.wisc.edu>
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
a jump to 'free_memory' is apparently missing
Signed-off-by: Tomas Henzl <thenzl@redhat.com>
Reviewed-by: Mike Christie <michaelc@cs.wisc.edu>
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
For MIPI, DSI PLL is configured separately in vlv_configure_dsi_pll
during the DSI enable sequence
Causing WARN dump otherwise in dpio_reads
v2: Add IS_CHERRYVIEW check as suggested by Ville
Signed-off-by: Shobhit Kumar <shobhit.kumar@intel.com>
Reviewed-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Signed-off-by: Jani Nikula <jani.nikula@intel.com>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/jolsa/perf into perf/urgent
Pull perf/urgent fixes from Jiri Olsa:
* Fix kernel start address lookup in report code (Simon Que)
* Fix segfault in cumulative.callchain report (Jiri Olsa)
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu into core/urgent
Pull RCU fixes from Paul E. McKenney:
" This series includes the following:
1. Export a pair of debug-object interfaces for RCU that will
allow the slab allocators to avoid a recursion bug located
by Sasha Levin. Strictly speaking, this is not a regression,
but it would be good to enable the fix.
2. Address a serious performance regression on an open/close
micro-benchmark located by Dave Hansen. The offending commit
is ac1bea85781e (Make cond_resched() report RCU quiescent states). "
Signed-off-by: Ingo Molnar <mingo@kernel.org>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos into drm-fixes
This pull-request fixes hdmi power-off order issue, mixer issues
related to power on/off, and includes trivial fixups.
* 'exynos-drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos:
drm/exynos: enable vsync interrupt while waiting for vblank
drm/exynos: soft reset mixer before reconfigure after power-on
drm/exynos: allow multiple layer updates per vsync for mixer
drm/exynos: stop mixer before gating clocks during poweroff
drm/exynos: set power state variable after enabling clocks and power
drm/exynos: disable unused windows on apply
drm/exynos: Fix de-registration ordering
drm/exynos: change zero to NULL for sparse
drm/exynos: dpi: Fix NULL pointer dereference with legacy bindings
drm/exynos: hdmi: fix power order issue
|
|
git://people.freedesktop.org/~robclark/linux into drm-fixes
A handful of fixes from various folks.
* 'msm-fixes-3.16' of git://people.freedesktop.org/~robclark/linux:
drm/msm: fix IOMMU cleanup for -EPROBE_DEFER
drm/msm: use PAGE_ALIGNED instead of IS_ALIGNED(PAGE_SIZE)
drm/msm/hdmi: set hdp clock rate before prepare_enable
drm/msm: storage class should be before const qualifier
drm/msm: Replace type of paddr to uint32_t.
|
|
If user uses wrong ioctl command with _IOC_NONE and argument size
greater than 0, it can cause NULL pointer access from memset of line
463. If _IOC_NONE, don't memset to 0 for kdata.
Signed-off-by: Zhaowei Yuan <zhaowei.yuan@samsung.com>
Reviewed-by: David Herrmann <dh.herrmann@gmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Dave Airlie <airlied@redhat.com>
|
|
Commit 59a53afe70fd530040bdc69581f03d880157f15a "powerpc: Don't setup
CPUs with bad status" broke ePAPR SMP booting. ePAPR says that CPUs
that aren't presently running shall have status of disabled, with
enable-method being used to determine whether the CPU can be enabled.
Fix by checking for spin-table, which is currently the only supported
enable-method.
Signed-off-by: Scott Wood <scottwood@freescale.com>
Cc: Michael Neuling <mikey@neuling.org>
Cc: Emil Medve <Emilian.Medve@Freescale.com>
Cc: stable@vger.kernel.org
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
|
|
The commit 71ec7c55ed91 introduced the magic symbol ".TOC." for ELFv2 ABI.
This symbol is built manually and has no CRC value computed. A zero value
is put in the CRC section to avoid modpost complaining about a missing CRC.
Unfortunately, this breaks the kernel module loading when the kernel is
relocated (kdump case for instance) because of the relocation applied to
the kcrctab values.
This patch compute a CRC value for the TOC symbol which will match the one
compute by the kernel when it is relocated - aka '0 - relocate_start' done in
maybe_relocated called by check_version (module.c).
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Cc: Anton Blanchard <anton@samba.org>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
|
|
In commit 27f4488872d9 "Add OPAL takeover from PowerVM" we added support
for "takeover" on OPAL v1 machines.
This was a mode of operation where we would boot under pHyp, and query
for the presence of OPAL. If detected we would then do a special
sequence to take over the machine, and the kernel would end up running
in hypervisor mode.
OPAL v1 was never a supported product, and was never shipped outside
IBM. As far as we know no one is still using it.
Newer versions of OPAL do not use the takeover mechanism. Although the
query for OPAL should be harmless on machines with newer OPAL, we have
seen a machine where it causes a crash in Open Firmware.
The code in early_init_devtree() to copy boot_command_line into cmd_line
was added in commit 817c21ad9a1f "Get kernel command line accross OPAL
takeover", and AFAIK is only used by takeover, so should also be
removed.
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
|
|
cxgb4_netdev maybe lead to dead lock, since it uses a spin lock, and be called
in both thread and softirq context, but not disable BH, the lockdep report is
below; In fact, cxgb4_netdev only reads adap_rcu_list with RCU protection, so
not need to hold spin lock again.
=================================
[ INFO: inconsistent lock state ]
3.14.7+ #24 Tainted: G C O
---------------------------------
inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.
radvd/3794 [HC0[0]:SC1[1]:HE1:SE0] takes:
(adap_rcu_lock){+.?...}, at: [<ffffffffa09989ea>] clip_add+0x2c/0x116 [cxgb4]
{SOFTIRQ-ON-W} state was registered at:
[<ffffffff810fca81>] __lock_acquire+0x34a/0xe48
[<ffffffff810fd98b>] lock_acquire+0x82/0x9d
[<ffffffff815d6ff8>] _raw_spin_lock+0x34/0x43
[<ffffffffa09989ea>] clip_add+0x2c/0x116 [cxgb4]
[<ffffffffa0998beb>] cxgb4_inet6addr_handler+0x117/0x12c [cxgb4]
[<ffffffff815da98b>] notifier_call_chain+0x32/0x5c
[<ffffffff815da9f9>] __atomic_notifier_call_chain+0x44/0x6e
[<ffffffff815daa32>] atomic_notifier_call_chain+0xf/0x11
[<ffffffff815b1356>] inet6addr_notifier_call_chain+0x16/0x18
[<ffffffffa01f72e5>] ipv6_add_addr+0x404/0x46e [ipv6]
[<ffffffffa01f8df0>] addrconf_add_linklocal+0x5f/0x95 [ipv6]
[<ffffffffa01fc3e9>] addrconf_notify+0x632/0x841 [ipv6]
[<ffffffff815da98b>] notifier_call_chain+0x32/0x5c
[<ffffffff810e09a1>] __raw_notifier_call_chain+0x9/0xb
[<ffffffff810e09b2>] raw_notifier_call_chain+0xf/0x11
[<ffffffff8151b3b7>] call_netdevice_notifiers_info+0x4e/0x56
[<ffffffff8151b3d0>] call_netdevice_notifiers+0x11/0x13
[<ffffffff8151c0a6>] netdev_state_change+0x1f/0x38
[<ffffffff8152f004>] linkwatch_do_dev+0x3b/0x49
[<ffffffff8152f184>] __linkwatch_run_queue+0x10b/0x144
[<ffffffff8152f1dd>] linkwatch_event+0x20/0x27
[<ffffffff810d7bc0>] process_one_work+0x1cb/0x2ee
[<ffffffff810d7e3b>] worker_thread+0x12e/0x1fc
[<ffffffff810dd391>] kthread+0xc4/0xcc
[<ffffffff815dc48c>] ret_from_fork+0x7c/0xb0
irq event stamp: 3388
hardirqs last enabled at (3388): [<ffffffff810c6c85>]
__local_bh_enable_ip+0xaa/0xd9
hardirqs last disabled at (3387): [<ffffffff810c6c2d>]
__local_bh_enable_ip+0x52/0xd9
softirqs last enabled at (3288): [<ffffffffa01f1d5b>]
rcu_read_unlock_bh+0x0/0x2f [ipv6]
softirqs last disabled at (3289): [<ffffffff815ddafc>]
do_softirq_own_stack+0x1c/0x30
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(adap_rcu_lock);
<Interrupt>
lock(adap_rcu_lock);
*** DEADLOCK ***
5 locks held by radvd/3794:
#0: (sk_lock-AF_INET6){+.+.+.}, at: [<ffffffffa020b85a>]
rawv6_sendmsg+0x74b/0xa4d [ipv6]
#1: (rcu_read_lock){.+.+..}, at: [<ffffffff8151ac6b>]
rcu_lock_acquire+0x0/0x29
#2: (rcu_read_lock){.+.+..}, at: [<ffffffffa01f4cca>]
rcu_lock_acquire.constprop.16+0x0/0x30 [ipv6]
#3: (rcu_read_lock){.+.+..}, at: [<ffffffff810e09b4>]
rcu_lock_acquire+0x0/0x29
#4: (rcu_read_lock){.+.+..}, at: [<ffffffffa0998782>]
rcu_lock_acquire.constprop.40+0x0/0x30 [cxgb4]
stack backtrace:
CPU: 7 PID: 3794 Comm: radvd Tainted: G C O 3.14.7+ #24
Hardware name: Supermicro X7DBU/X7DBU, BIOS 6.00 12/03/2007
ffffffff81f15990 ffff88012fdc36a8 ffffffff815d0016 0000000000000006
ffff8800c80dc2a0 ffff88012fdc3708 ffffffff815cc727 0000000000000001
0000000000000001 ffff880100000000 ffffffff81015b02 ffff8800c80dcb58
Call Trace:
<IRQ> [<ffffffff815d0016>] dump_stack+0x4e/0x71
[<ffffffff815cc727>] print_usage_bug+0x1ec/0x1fd
[<ffffffff81015b02>] ? save_stack_trace+0x27/0x44
[<ffffffff810fbfaa>] ? check_usage_backwards+0xa0/0xa0
[<ffffffff810fc640>] mark_lock+0x11b/0x212
[<ffffffff810fca0b>] __lock_acquire+0x2d4/0xe48
[<ffffffff810fbfaa>] ? check_usage_backwards+0xa0/0xa0
[<ffffffff810fbff6>] ? check_usage_forwards+0x4c/0xa6
[<ffffffff810c6c8a>] ? __local_bh_enable_ip+0xaf/0xd9
[<ffffffff810fd98b>] lock_acquire+0x82/0x9d
[<ffffffffa09989ea>] ? clip_add+0x2c/0x116 [cxgb4]
[<ffffffffa0998782>] ? rcu_read_unlock+0x23/0x23 [cxgb4]
[<ffffffff815d6ff8>] _raw_spin_lock+0x34/0x43
[<ffffffffa09989ea>] ? clip_add+0x2c/0x116 [cxgb4]
[<ffffffffa09987b0>] ? rcu_lock_acquire.constprop.40+0x2e/0x30 [cxgb4]
[<ffffffffa0998782>] ? rcu_read_unlock+0x23/0x23 [cxgb4]
[<ffffffffa09989ea>] clip_add+0x2c/0x116 [cxgb4]
[<ffffffffa0998beb>] cxgb4_inet6addr_handler+0x117/0x12c [cxgb4]
[<ffffffff810fd99d>] ? lock_acquire+0x94/0x9d
[<ffffffff810e09b4>] ? raw_notifier_call_chain+0x11/0x11
[<ffffffff815da98b>] notifier_call_chain+0x32/0x5c
[<ffffffff815da9f9>] __atomic_notifier_call_chain+0x44/0x6e
[<ffffffff815daa32>] atomic_notifier_call_chain+0xf/0x11
[<ffffffff815b1356>] inet6addr_notifier_call_chain+0x16/0x18
[<ffffffffa01f72e5>] ipv6_add_addr+0x404/0x46e [ipv6]
[<ffffffff810fde6a>] ? trace_hardirqs_on+0xd/0xf
[<ffffffffa01fb634>] addrconf_prefix_rcv+0x385/0x6ea [ipv6]
[<ffffffffa0207950>] ndisc_rcv+0x9d3/0xd76 [ipv6]
[<ffffffffa020d536>] icmpv6_rcv+0x592/0x67b [ipv6]
[<ffffffff810c6c85>] ? __local_bh_enable_ip+0xaa/0xd9
[<ffffffff810c6c85>] ? __local_bh_enable_ip+0xaa/0xd9
[<ffffffff810fd8dc>] ? lock_release+0x14e/0x17b
[<ffffffffa020df97>] ? rcu_read_unlock+0x21/0x23 [ipv6]
[<ffffffff8150df52>] ? rcu_read_unlock+0x23/0x23
[<ffffffffa01f4ede>] ip6_input_finish+0x1e4/0x2fc [ipv6]
[<ffffffffa01f540b>] ip6_input+0x33/0x38 [ipv6]
[<ffffffffa01f5557>] ip6_mc_input+0x147/0x160 [ipv6]
[<ffffffffa01f4ba3>] ip6_rcv_finish+0x7c/0x81 [ipv6]
[<ffffffffa01f5397>] ipv6_rcv+0x3a1/0x3e2 [ipv6]
[<ffffffff8151ef96>] __netif_receive_skb_core+0x4ab/0x511
[<ffffffff810fdc94>] ? mark_held_locks+0x71/0x99
[<ffffffff8151f0c0>] ? process_backlog+0x69/0x15e
[<ffffffff8151f045>] __netif_receive_skb+0x49/0x5b
[<ffffffff8151f0cf>] process_backlog+0x78/0x15e
[<ffffffff8151f571>] ? net_rx_action+0x1a2/0x1cc
[<ffffffff8151f47b>] net_rx_action+0xac/0x1cc
[<ffffffff810c69b7>] ? __do_softirq+0xad/0x218
[<ffffffff810c69ff>] __do_softirq+0xf5/0x218
[<ffffffff815ddafc>] do_softirq_own_stack+0x1c/0x30
<EOI> [<ffffffff810c6bb6>] do_softirq+0x38/0x5d
[<ffffffffa01f1d5b>] ? ip6_copy_metadata+0x156/0x156 [ipv6]
[<ffffffff810c6c78>] __local_bh_enable_ip+0x9d/0xd9
[<ffffffffa01f1d88>] rcu_read_unlock_bh+0x2d/0x2f [ipv6]
[<ffffffffa01f28b4>] ip6_finish_output2+0x381/0x3d8 [ipv6]
[<ffffffffa01f49ef>] ip6_finish_output+0x6e/0x73 [ipv6]
[<ffffffffa01f4a70>] ip6_output+0x7c/0xa8 [ipv6]
[<ffffffff815b1bfa>] dst_output+0x18/0x1c
[<ffffffff815b1c9e>] ip6_local_out+0x1c/0x21
[<ffffffffa01f2489>] ip6_push_pending_frames+0x37d/0x427 [ipv6]
[<ffffffff81558af8>] ? skb_orphan+0x39/0x39
[<ffffffffa020b85a>] ? rawv6_sendmsg+0x74b/0xa4d [ipv6]
[<ffffffffa020ba51>] rawv6_sendmsg+0x942/0xa4d [ipv6]
[<ffffffff81584cd2>] inet_sendmsg+0x3d/0x66
[<ffffffff81508930>] __sock_sendmsg_nosec+0x25/0x27
[<ffffffff8150b0d7>] sock_sendmsg+0x5a/0x7b
[<ffffffff810fd8dc>] ? lock_release+0x14e/0x17b
[<ffffffff8116d756>] ? might_fault+0x9e/0xa5
[<ffffffff8116d70d>] ? might_fault+0x55/0xa5
[<ffffffff81508cb1>] ? copy_from_user+0x2a/0x2c
[<ffffffff8150b70c>] ___sys_sendmsg+0x226/0x2d9
[<ffffffff810fcd25>] ? __lock_acquire+0x5ee/0xe48
[<ffffffff810fde01>] ? trace_hardirqs_on_caller+0x145/0x1a1
[<ffffffff8118efcb>] ? slab_free_hook.isra.71+0x50/0x59
[<ffffffff8115c81f>] ? release_pages+0xbc/0x181
[<ffffffff810fd99d>] ? lock_acquire+0x94/0x9d
[<ffffffff81115e97>] ? read_seqcount_begin.constprop.25+0x73/0x90
[<ffffffff8150c408>] __sys_sendmsg+0x3d/0x5b
[<ffffffff8150c433>] SyS_sendmsg+0xd/0x19
[<ffffffff815dc53d>] system_call_fastpath+0x1a/0x1f
Reported-by: Ben Greear <greearb@candelatech.com>
Cc: Casey Leedom <leedom@chelsio.com>
Cc: Hariprasad Shenai <hariprasad@chelsio.com>
Signed-off-by: Li RongQing <roy.qing.li@gmail.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Acked-by: Casey Leedom <leedom@chelsio.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Fix nfs4_negotiate_security to create an rpc_clnt used to test each SECINFO
returned pseudoflavor. Check credential creation (and gss_context creation)
which is important for RPC_AUTH_GSS pseudoflavors which can fail for multiple
reasons including mis-configuration.
Don't call nfs4_negotiate in nfs4_submount as it was just called by
nfs4_proc_lookup_mountpoint (nfs4_proc_lookup_common)
Signed-off-by: Andy Adamson <andros@netapp.com>
[Trond: fix corrupt return value from nfs_find_best_sec()]
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
|
|
Do not return RPC_AUTH_UNIX if SEINFO reply tests fail. This
prevents an infinite loop of NFS4ERR_WRONGSEC for non RPC_AUTH_UNIX mounts.
Without this patch, a mount with no sec= option to a server
that does not include RPC_AUTH_UNIX in the
SECINFO return can be presented with an attemtp to use RPC_AUTH_UNIX
which will result in an NFS4ERR_WRONG_SEC which will prompt the SECINFO
call which will again try RPC_AUTH_UNIX....
Signed-off-by: Andy Adamson <andros@netapp.com>
Tested-By: Steve Dickson <steved@redhat.com>
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
|
|
Signed-off-by: Andy Adamson <andros@netapp.com>
Tested-By: Steve Dickson <steved@redhat.com>
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
|
|
Now that we have functions such as nfs_write_pageuptodate() that use
the cache_validity flags to check if the data cache is valid or not,
it is a little more important to keep the flags in sync with the
state of the data cache.
In particular, we'd like to ensure that if the data cache is empty, we
don't start marking it as needing revalidation.
Reported-by: Scott Mayhew <smayhew@redhat.com>
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
|
|
In nfs_update_inode(), if the change attribute is seen to change on
the server, then we set NFS_INO_REVAL_PAGECACHE in order to make
sure that we check the file size.
However, if we also update the file size in the same function, we
don't need to check it again. So make sure that we clear the
NFS_INO_REVAL_PAGECACHE that was set earlier.
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
|
|
NFS_INO_INVALID_DATA cannot be ignored, even if we have a delegation.
We're still having some problems with data corruption when multiple
clients are appending to a file and those clients are being granted
write delegations on open.
To reproduce:
Client A:
vi /mnt/`hostname -s`
while :; do echo "XXXXXXXXXXXXXXX" >>/mnt/file; sleep $(( $RANDOM % 5 )); done
Client B:
vi /mnt/`hostname -s`
while :; do echo "YYYYYYYYYYYYYYY" >>/mnt/file; sleep $(( $RANDOM % 5 )); done
What's happening is that in nfs_update_inode() we're recognizing that
the file size has changed and we're setting NFS_INO_INVALID_DATA
accordingly, but then we ignore the cache_validity flags in
nfs_write_pageuptodate() because we have a delegation. As a result,
in nfs_updatepage() we're extending the write to cover the full page
even though we've not read in the data to begin with.
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
Cc: <stable@vger.kernel.org> # v3.11+
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
|
|
Another restriction inherited for NVMe - those devices don't support
SG lists that have "gaps" in them. Gaps refers to cases where the
previous SG entry doesn't end on a page boundary. For NVMe, all SG
entries must start at offset 0 (except the first) and end on a page
boundary (except the last).
Signed-off-by: Jens Axboe <axboe@fb.com>
|
|
Macro bip_vec_idx() was used by bio integrity originally, but no longer
used now. So remove it.
Signed-off-by: Gu Zheng <guz.fnst@cn.fujitsu.com>
Signed-off-by: Jens Axboe <axboe@fb.com>
|
|
When the AHCI link is disabled, it can't be re-enabled except by
resetting the entire SoC. Rather than doing this silently print
some kernel messages to inform the user, along with how to avoid
this.
tj: Put a long printf format string on a single line.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Tejun Heo <tj@kernel.org>
|
|
Pull aio fixes from Ben LaHaise:
"These fix a kernel memory disclosure issue (arbitrary kmap() &
copy_to_user()) revealed in CVE-2014-0206 by changes that were
introduced in v3.10"
* git://git.kvack.org/~bcrl/aio-fixes:
aio: fix kernel memory disclosure in io_getevents() introduced in v3.10
aio: fix aio request leak when events are reaped by userspace
|
|
Pull ARM fixes from Russell King:
"A number of low impact fixes, the most noticable one is the thumb2
frame pointer fix. We also fix a regression caused during this merge
window with ARM925 CPUs running with caches disabled, and fix a number
of warnings"
* 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
ARM: arm925: ensure assembly sets up writethrough mapping
ARM: perf: fix compiler warning with gcc 4.6.4 (and tidy code)
ARM: l2c: fix dependencies on PL310 errata symbols
ARM: 8069/1: Make thread_save_fp macro aware of THUMB2 mode
ARM: 8068/1: scoop: Remove unused variable
|
|
NCQ feature is unsupported on hisilicon sata controller, so disable
it. This version of IP is used by hip04 and hix5hd2 soc.
tj: "|=" was replaced with "=" for no reason. Restored "|=".
Signed-off-by: Kefeng Wang <kefeng.wang@linaro.org>
Sigend-off-by: Tejun Heo <tj@kernel.org>
|
|
vdso2c was checking for various types of relocations to detect when
the vdso had undefined symbols or was otherwise dependent on
relocation at load time. Undefined symbols in the vdso would fail if
accessed at runtime, and certain implementation errors (e.g. branch
profiling or incorrect symbol visibilities) could result in data
access through the GOT that requires relocations. This could be
as simple as:
extern char foo;
return foo;
Without some kind of visibility control, the compiler would assume
that foo could be interposed at load time and would generate a
relocation.
x86-64 and x32 (as opposed to i386) use explicit-addent (RELA) instead
of implicit-addent (REL) relocations for data access, and vdso2c
forgot to detect those.
Whether these bad relocations would actually fail at runtime depends
on what the linker sticks in the unrelocated references. Nonetheless,
these relocations have no business existing in the vDSO and should be
fixed rather than silently ignored.
This error could trigger on some configurations due to branch
profiling. The previous patch fixed that.
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Link: http://lkml.kernel.org/r/74ef0c00b4d2a3b573e00a4113874e62f772e348.1403642755.git.luto@amacapital.net
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
|
|
DISABLE_BRANCH_PROFILING turns off branch profiling (i.e. a
redefinition of 'if'). Branch profiling depends on a bunch of
kernel-internal symbols and generates extra output sections, none of
which are useful or functional in the vDSO.
It's currently turned off for vclock_gettime.c, but vgetcpu.c also
triggers branch profiling, so just turn it off in the makefile.
This fixes the build on some configurations: the vdso could contain
undefined symbols, and the fake section table overflowed due to
ftrace's added sections.
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Link: http://lkml.kernel.org/r/bf1ec29e03b2bbc081f6dcaefa64db1c3a83fb21.1403642755.git.luto@amacapital.net
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
|
|
Current code did not allow sending the broadcast filtering command
for P2P Client interfaces. However, this was not enough, since once
broadcast filtering command was issued over the station interface
after the P2P Client connected, the command also attached the filters
to the P2P Client MAC which is not allowed (FW ASSERT 1063).
Fix this skipping P2P Client interfaces when constructing the broadcast
filtering command
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Reviewed-by: ArikX Nemtsov <arik@wizery.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
|
|
This reverts commit dc9a19296a872644f19a06d8eeb5db222d327b41.
3610 cards don't support UAPSD.
Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
|
|
Add one more 7265 series HW ID.
Edit one existing 7265 series HW ID.
CC: <stable@vger.kernel.org> [3.13+]
Signed-off-by: Oren Givon <oren.givon@intel.com>
Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
|
|
A kernel memory disclosure was introduced in aio_read_events_ring() in v3.10
by commit a31ad380bed817aa25f8830ad23e1a0480fef797. The changes made to
aio_read_events_ring() failed to correctly limit the index into
ctx->ring_pages[], allowing an attacked to cause the subsequent kmap() of
an arbitrary page with a copy_to_user() to copy the contents into userspace.
This vulnerability has been assigned CVE-2014-0206. Thanks to Mateusz and
Petr for disclosing this issue.
This patch applies to v3.12+. A separate backport is needed for 3.10/3.11.
Signed-off-by: Benjamin LaHaise <bcrl@kvack.org>
Cc: Mateusz Guzik <mguzik@redhat.com>
Cc: Petr Matousek <pmatouse@redhat.com>
Cc: Kent Overstreet <kmo@daterainc.com>
Cc: Jeff Moyer <jmoyer@redhat.com>
Cc: stable@vger.kernel.org
|
|
The aio cleanups and optimizations by kmo that were merged into the 3.10
tree added a regression for userspace event reaping. Specifically, the
reference counts are not decremented if the event is reaped in userspace,
leading to the application being unable to submit further aio requests.
This patch applies to 3.12+. A separate backport is required for 3.10/3.11.
This issue was uncovered as part of CVE-2014-0206.
Signed-off-by: Benjamin LaHaise <bcrl@kvack.org>
Cc: stable@vger.kernel.org
Cc: Kent Overstreet <kmo@daterainc.com>
Cc: Mateusz Guzik <mguzik@redhat.com>
Cc: Petr Matousek <pmatouse@redhat.com>
|
