| Age | Commit message (Collapse) | Author |
|---|
|
When the policy for user space is to ignore misaligned accesses from user
space, the processor then performs a documented rotation on the accessed
data. This is the result of the access being trapped, and the kernel
disabling the alignment trap before returning to user space again.
In kernel space we always want misaligned accesses to be fixed up. This
is enforced by always re-enabling the alignment trap on every entry into
kernel space from user space. No such re-enabling is performed when an
exception occurs while already in kernel space as the alignment trap is
always supposed to be enabled in that case.
There is however a small race window when a misaligned access in user
space is trapped and the alignment trap disabled, but the CPU didn't
return to user space just yet. Any exception would be entered from kernel
space at that point and the kernel would then execute with the alignment
trap disabled.
Thanks to Maxime Bizon <mbizon@freebox.fr> for providing a test module
that made this issue reproducible.
Signed-off-by: Nicolas Pitre <nicolas.pitre@linaro.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
Use a correct udelay value to get bus speed around 100KHz. The udelay
value was most likely copied from the older devices, but the 9g45
is signicantly faster (400MHz, DDR, ..), so a udelay of 2 gives a
bus speed of around 190KHz, which is too fast for some devices.
A udelay value of 5 gives a bus speed of around 90KHz here.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Signed-off-by: Nicolas Ferre <nicolas.ferre@atmel.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/nico/orion
|
|
This patch replace all the lock functions with the irq safe variant.
The ns2_led_{set,get}_mode() functions must be safe in all context.
For example, the trigger timer call led_set_brightness() in a softirq
context.
Signed-off-by: Simon Guinot <sguinot@lacie.com>
Signed-off-by: Nicolas Pitre <nico@fluxnic.net>
|
|
Signed-off-by: Eric Miao <eric.miao@canonical.com>
Acked-by: Saeed Bishara <saeed@marvell.com>
Signed-off-by: Nicolas Pitre <nico@fluxnic.net>
|
|
When using simultaneously the two DMA channels on a same engine, some
transfers are never completed. For example, an endless lock can occur
while writing heavily on a RAID5 array (with async-tx offload support
enabled).
Note that this issue can also be reproduced by using the DMA test
client.
On a same engine, the interrupt cause register is shared between two
DMA channels. This patch make sure that the cause bit is only cleared
for the requested channel.
Signed-off-by: Simon Guinot <sguinot@lacie.com>
Tested-by: Luc Saillard <luc@saillard.org>
Acked-by: Saeed Bishara <saeed@marvell.com>
Signed-off-by: Nicolas Pitre <nico@fluxnic.net>
|
|
The support for the 2 pcie port of the 6282 has broken i/o port by switching
*_IO_PHYS_BASE and *_IO_BUS_BASE. In fact, the patches reintroduced the same
bug solved by commit 35f029e2514be209eb0e88c7d927f3bcc42a5cc2.
So, I'm adding back *_IO_BUS_BASE in resource declaration and fix definition
of KIRKWOOD_PCIE1_IO_BUS_BASE. With this change, the xgi card on my t5325 is
working again.
Signed-off-by: Arnaud Patard <arnaud.patard@rtp-net.org>
Acked-by: Saeed Bishara <saeed@marvell.com>
Signed-off-by: Nicolas Pitre <nico@fluxnic.net>
Cc: stable@kernel.org
|
|
Jonathan Cameron reports that when using the environment
variable KCONFIG_CONFIG, he encounters this error:
make[2]: *** No rule to make target `.config', needed by `arch/arm/boot/compressed/vmlinux.lds'
Reported-by: Jonathan Cameron <jic23@cam.ac.uk>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
ARMv7 onwards requires that there are no aliases to the same physical
location using different memory types (i.e. Normal vs Strongly Ordered).
Access to SO mappings when the unaligned accesses are handled in
hardware is also Unpredictable (pgprot_noncached() mappings in user
space).
The /dev/mem driver requires uncached mappings with O_SYNC. The patch
implements the phys_mem_access_prot() function which generates Strongly
Ordered memory attributes if !pfn_valid() (independent of O_SYNC) and
Normal Noncacheable (writecombine) if O_SYNC.
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
5cfc8ee0bb51 (ARM: convert arm to arch_gettimeoffset()) marked all of
at91 AND at91x40 as needing ARCH_USES_GETTIMEOFFSET, and hence no high
res timer support / accurate clock_gettime() - But only at91x40 needs it.
Cc: stable@kernel.org
Signed-off-by: Peter Korsgaard <peter.korsgaard@barco.com>
Acked-by: John Stultz <johnstul@us.ibm.com>
Acked-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
Setting of these bits can cause issues on other SMP SoC's not produced
by ARM.
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Daniel Walker <dwalker@codeaurora.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
Al Viro reports that calling "sys_sigsuspend(-ERESTARTNOHAND, 0, 0)"
with two signals coming and being handled in kernel space results
in the syscall restart being done twice.
Avoid this by clearing the 'why' flag when we call the signal handling
code to prevent further syscall restarts after the first.
Acked-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
register
Clearing bit 22 in the PL310 Auxiliary Control register (shared
attribute override enable) has the side effect of transforming Normal
Shared Non-cacheable reads into Cacheable no-allocate reads.
Coherent DMA buffers in Linux always have a Cacheable alias via the
kernel linear mapping and the processor can speculatively load cache
lines into the PL310 controller. With bit 22 cleared, Non-cacheable
reads would unexpectedly hit such cache lines leading to buffer
corruption.
Cc: Nicolas Pitre <nicolas.pitre@linaro.org>
Cc: <stable@kernel.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
corruption
On the r2p0, r2p1 and r2p2 versions of the Cortex-A9, data corruption
can occur if a shared cache line is replaced on one CPU as another CPU
is accessing it.
This workaround sets two bits in the diagnostic register of the Cortex-A9,
reducing the linefill issuing capabilities of the processor and
avoiding the erroneous behaviour.
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
On versions of the Cortex-A9 up to and including r2p2, under rare
circumstances, a DMB instruction between 2 write operations may not
ensure the correct visibility ordering of the 2 writes.
This workaround sets a bit in the diagnostic register of the Cortex-A9,
causing the DMB instruction to behave like a DSB, which functions
correctly on the affected cores.
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
Kconfig doesn't have any knowledge of specific v7 cores, so it is possible
to select errata workarounds that may cause inadvertent behaviour when
executed on a core other than those targetted by the fix.
This patch improves the variant and revision checking in proc-v7.S so
that the primary part number is also considered when applying errata
workarounds.
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
We have to use _cansleep gpio accessors in the MMCI driver so as
to avoid slowpath warnings, now U300 has MMCI but doesn't have
these functions in place to siply wrap the existing non-sleeping
functions into sleepable variants.
Signed-off-by: Linus Walleij <linus.walleij@stericsson.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
The prescaler 16 is now used only when the timer runs at 32 MHz
or more. Some comment updates as well.
Acked-by: Alessandro Rubini <rubini@unipv.it>
Signed-off-by: Jonas Aaberg <jonas.aberg@stericsson.com>
Signed-off-by: Linus Walleij <linus.walleij@stericsson.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
timer0 to 3 are all on mtu block 0, so don't calculate the clock event
rate based upon mtu block 1's clock speed.
Acked-by: Alessandro Rubini <rubini@unipv.it>
Signed-off-by: Jonas Aaberg <jonas.aberg@stericsson.com>
Signed-off-by: Linus Walleij <linus.walleij@stericsson.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6:
cifs: fix potential double put of TCP session reference
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6:
[IA64] Optimize ticket spinlocks in fsys_rt_sigprocmask
|
|
* '2.6.36-fixes' of git://github.com/schandinat/linux-2.6:
drivers/video/via/ioctl.c: prevent reading uninitialized stack memory
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/brodo/pcmcia-2.6
* 'urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/brodo/pcmcia-2.6:
pcmcia pcnet_cs: try setting io_lines to 16 if card setup fails
pcmcia: per-device, not per-socket debug messages
pcmcia serial_cs.c: fix multifunction card handling
|
|
* git://git.infradead.org/users/cbou/battery-2.6.36:
apm_power: Add missing break statement
intel_pmic_battery: Fix battery charging status on mrst
|
|
* git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog:
watchdog: Enable NXP LPC32XX support in Kconfig (resend)
watchdog: ts72xx_wdt: disable watchdog at probe
watchdog: sb_wdog: release irq and reboot notifier in error path and module_exit()
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile
* 'stable' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile:
arch/tile: fix formatting bug in register dumps
arch/tile: fix memcpy_fromio()/memcpy_toio() signatures
arch/tile: Save and restore extra user state for tilegx
arch/tile: Change struct sigcontext to be more useful
arch/tile: finish const-ifying sys_execve()
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/lrg/voltage-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lrg/voltage-2.6:
regulator: wm8350-regulator - fix the logic of checking REGULATOR_MODE_STANDBY mode
regulator: wm831x-ldo - fix the logic to set REGULATOR_MODE_IDLE and REGULATOR_MODE_STANDBY modes
regulator: ab8500 - fix off-by-one value range checking for selector
regulator: 88pm8607 - fix value range checking for accessing info->vol_table
regulator: isl6271a-regulator - fix regulator_desc parameter for regulator_register()
regulator: ad5398 - fix a memory leak
regulator: Update e-mail address for Liam Girdwood
regulator: set max8998->dev to &pdev->dev.
regulator: tps6586x-regulator - fix bit_mask parameter for tps6586x_set_bits()
regulator: tps6586x-regulator - fix value range checking for val
regulator: max8998 - set max8998->num_regulators
regulator: max8998 - fix memory allocation size for max8998->rdev
regulator: tps6507x - remove incorrect comments
regulator: max1586 - improve the logic of choosing selector
regulator: ab8500 - fix the logic to remove already registered regulators in error path
regulator: ab3100 - fix the logic to remove already registered regulators in error path
regulator/ab8500: move dereference below the check for NULL
|
|
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq:
workqueue: add documentation
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6
* 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6:
drm/radeon/kms: only warn on mipmap size checks in r600 cs checker (v2)
drm/radeon/kms: force legacy pll algo for RV620 LVDS
drm: fix race between driver loading and userspace open.
drm: Use a nondestructive mode for output detect when polling (v2)
drm/radeon/kms: fix the colorbuffer CS checker for r300-r500
drm/radeon/kms: increase lockup detection interval to 10 sec for r100-r500
drm/radeon/kms/evergreen: fix backend setup
drm: Use a nondestructive mode for output detect when polling
drm/radeon: add some missing copyright headers
drm: Only decouple the old_fb from the crtc is we call mode_set*
drm/radeon/kms: don't enable underscan with interlaced modes
drm/radeon/kms: add connector table for Mac x800
drm/radeon/kms: fix regression in RMX code (v2)
drm: Fix regression in disable polling e58f637
|
|
The VIAFB_GET_INFO device ioctl allows unprivileged users to read 246
bytes of uninitialized stack memory, because the "reserved" member of
the viafb_ioctl_info struct declared on the stack is not altered or
zeroed before being copied back to the user. This patch takes care of
it.
Signed-off-by: Dan Rosenberg <dan.j.rosenberg@gmail.com>
Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
|
|
Tony's fix (f574c843191728d9407b766a027f779dcd27b272) has a small bug,
it incorrectly uses "r3" as a scratch register in the first of the two
unlock paths ... it is also inefficient. Optimize the fast path again.
Signed-off-by: Petr Tesarik <ptesarik@suse.cz>
Signed-off-by: Tony Luck <tony.luck@intel.com>
|
|
The NXP LPC32XX processor use the same watchdog as the Philips
PNX4008 processor.
Signed-off-by: Kevin Wells <wellsk40@gmail.com>
Tested-by: Wolfram Sang <w.sang@pengutronix.de>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
|
|
Since it may be already enabled by bootloader or some other utility. This patch
makes sure that the watchdog is disabled before any userspace daemon opens the
device. It is also required by the watchdog API.
Signed-off-by: Mika Westerberg <mika.westerberg@iki.fi>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
|
|
module_exit()
irq and reboot notifier are acquired in module_init() but never released.
They should be released correctly, otherwise reloading the module or error
during module_init() will cause a problem.
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Cc: Andrew Sharp <andy.sharp@lsi.com>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
|
|
Some pcnet_cs compatible cards require an exact 16-lines match
of the ioport areas specified in CIS, but set the "iolines"
value in the CIS incorrectly. We can easily work around this
issue -- same as we do in serial_cs -- by first trying setting
iolines to the CIS-specified value, and then trying a 16-line
match.
Reported-and-tested-by: Wolfram Sang <w.sang@pengutronix.de>
Hardware-supplied-by: Jochen Frieling <j.frieling@pengutronix.de>
CC: netdev@vger.kernel.org
Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
|
|
As the iomem / ioport setup differs per device, it is much better
to print out the device instead of the socket.
Tested-by: Wolfram Sang <w.sang@pengutronix.de>
Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
|
|
We shouldn't overwrite pre-set values, and we should also
set the port address to the beginning, and not the end of
the 8-port range.
CC: linux-serial@vger.kernel.org
Reported-by: Komuro <komurojun-mbn@nifty.com>
Hardware-supplied-by: Jochen Frieling <j.frieling@pengutronix.de>
Tested-by: Wolfram Sang <w.sang@pengutronix.de>
Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
|
|
This cut-and-paste bug was caused by rewriting the register dump
code to use only a single printk per line of output.
Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
|
|
This tripped up a driver (not yet committed to git). Fix it now.
Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
|
|
During context switch, save and restore a couple of additional bits of
tilegx user state that can be persistently modified by userspace.
Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
|
|
Rather than just using pt_regs, it now contains the actual saved
state explicitly, similar to pt_regs. By doing it this way, we
provide a cleaner API for userspace (or equivalently, we avoid the
need for libc to provide its own definition of sigcontext).
While we're at it, move PT_FLAGS_xxx to where they are not visible
from userspace. And always pass siginfo and mcontext to signal
handlers, even if they claim they don't need it, since sometimes
they actually try to use it anyway in practice.
Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
|
|
The sys_execve() implementation was properly const-ified but not
the declaration, the syscall wrappers, or the compat version.
This change completes the constification process.
Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
|
|
The texture base address registers are in units of 256 bytes.
The original CS checker treated these offsets as bytes, so the
original check was wrong. I fixed the units in a patch during
the 2.6.36 cycle, but this ended up breaking some existing
userspace (probably due to a bug in either userspace texture allocation
or the drm texture mipmap checker). So for now, until we come
up with a better fix, just warn if the mipmap size it too large.
This will keep existing userspace working and it should be just
as safe as before when we were checking the wrong units. These
are GPU MC addresses, so if they fall outside of the VRAM or
GART apertures, they end up at the GPU default page, so this should
be safe from a security perspective.
v2: Just disable the warning. It just spams the log and there's
nothing the user can do about it.
Signed-off-by: Alex Deucher <alexdeucher@gmail.com>
Cc: Jerome Glisse <glisse@freedesktop.org>
Signed-off-by: Dave Airlie <airlied@redhat.com>
|
|
* ssh://master.kernel.org/home/hpa/tree/sec:
x86-64, compat: Retruncate rax after ia32 syscall entry tracing
x86-64, compat: Test %rax for the syscall number, not %eax
compat: Make compat_alloc_user_space() incorporate the access_ok()
|
|
Fix up the IRQ names for the MN10300 on-chip serial ports in the driver as
request_interrupt() no longer allows names containing slashes, giving a warning
like the following if one is encountered:
------------[ cut here ]------------
WARNING: at fs/proc/generic.c:323 __xlate_proc_name+0x62/0x7c()
name 'ttySM0/Rx'
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
* git://git.infradead.org/mtd-2.6:
mtd: pxa3xx: fix build error when CONFIG_MTD_PARTITIONS is not defined
mtd: mxc_nand: configure pages per block for v2 controller
mtd: OneNAND: Fix loop hang when DMA error at Samsung SoCs
mtd: OneNAND: Fix 2KiB pagesize handling at Samsung SoCs
mtd: Blackfin NFC: fix invalid free in remove()
mtd: Blackfin NFC: fix build error after nand_scan_ident() change
mxc_nand: Do not do byte accesses to the NFC buffer.
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
HID: fix hiddev's use of usb_find_interface
HID: fixup blacklist entry for Asus T91MT
HID: add device ID for new Asus Multitouch Controller
HID: add no-get quirk for eGalax touch controller
HID: Add quirk for eGalax touch controler.
HID: add support for another BTC Emprex remote control
HID: Set Report ID properly for Output reports on the Control endpoint.
HID: Kanvus Note A5 tablet needs HID_QUIRK_MULTI_INPUT
HID: Add support for chicony multitouch screens.
|
|
* 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6:
SUNRPC: Fix the NFSv4 and RPCSEC_GSS Kconfig dependencies
statfs() gives ESTALE error
NFS: Fix a typo in nfs_sockaddr_match_ipaddr6
sunrpc: increase MAX_HASHTABLE_BITS to 14
gss:spkm3 miss returning error to caller when import security context
gss:krb5 miss returning error to caller when import security context
Remove incorrect do_vfs_lock message
SUNRPC: cleanup state-machine ordering
SUNRPC: Fix a race in rpc_info_open
SUNRPC: Fix race corrupting rpc upcall
Fix null dereference in call_allocate
|
|
Tavis Ormandy pointed out that do_io_submit does not do proper bounds
checking on the passed-in iocb array:
if (unlikely(nr < 0))
return -EINVAL;
if (unlikely(!access_ok(VERIFY_READ, iocbpp, (nr*sizeof(iocbpp)))))
return -EFAULT; ^^^^^^^^^^^^^^^^^^
The attached patch checks for overflow, and if it is detected, the
number of iocbs submitted is scaled down to a number that will fit in
the long. This is an ok thing to do, as sys_io_submit is documented as
returning the number of iocbs submitted, so callers should handle a
return value of less than the 'nr' argument passed in.
Reported-by: Tavis Ormandy <taviso@cmpxchg8b.com>
Signed-off-by: Jeff Moyer <jmoyer@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
cifs_get_smb_ses must be called on a server pointer on which it holds an
active reference. It first does a search for an existing SMB session. If
it finds one, it'll put the server reference and then try to ensure that
the negprot is done, etc.
If it encounters an error at that point then it'll return an error.
There's a potential problem here though. When cifs_get_smb_ses returns
an error, the caller will also put the TCP server reference leading to a
double-put.
Fix this by having cifs_get_smb_ses only put the server reference if
it found an existing session that it could use and isn't returning an
error.
Cc: stable@kernel.org
Reviewed-by: Suresh Jayaraman <sjayaraman@suse.de>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
|
