Commit Graph

144364 Commits

Author SHA1 Message Date
Daisuke Nishimura
ae3abae64f memcg: fix mem_cgroup_shrink_usage()
Current mem_cgroup_shrink_usage() has two problems.

1. It doesn't call mem_cgroup_out_of_memory and doesn't update
   last_oom_jiffies, so pagefault_out_of_memory invokes global OOM.

2. Considering hierarchy, shrinking has to be done from the
   mem_over_limit, not from the memcg which the page would be charged to.

mem_cgroup_try_charge_swapin() does all of these things properly, so we
use it and call cancel_charge_swapin when it succeeded.

The name of "shrink_usage" is not appropriate for this behavior, so we
change it too.

Signed-off-by: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Acked-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Li Zefan <lizf@cn.fujitsu.cn>
Cc: Paul Menage <menage@google.com>
Cc: Dhaval Giani <dhaval@linux.vnet.ibm.com>
Cc: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Cc: YAMAMOTO Takashi <yamamoto@valinux.co.jp>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: David Rientjes <rientjes@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-05-02 15:36:09 -07:00
Vitaly Mayatskikh
0816178638 pagemap: require aligned-length, non-null reads of /proc/pid/pagemap
The intention of commit aae8679b0e
("pagemap: fix bug in add_to_pagemap, require aligned-length reads of
/proc/pid/pagemap") was to force reads of /proc/pid/pagemap to be a
multiple of 8 bytes, but now it allows to read 0 bytes, which actually
puts some data to user's buffer.  According to POSIX, if count is zero,
read() should return zero and has no other results.

Signed-off-by: Vitaly Mayatskikh <v.mayatskih@gmail.com>
Cc: Thomas Tuttle <ttuttle@google.com>
Acked-by: Matt Mackall <mpm@selenic.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-05-02 15:36:09 -07:00
Nick Piggin
b827e496c8 mm: close page_mkwrite races
Change page_mkwrite to allow implementations to return with the page
locked, and also change it's callers (in page fault paths) to hold the
lock until the page is marked dirty.  This allows the filesystem to have
full control of page dirtying events coming from the VM.

Rather than simply hold the page locked over the page_mkwrite call, we
call page_mkwrite with the page unlocked and allow callers to return with
it locked, so filesystems can avoid LOR conditions with page lock.

The problem with the current scheme is this: a filesystem that wants to
associate some metadata with a page as long as the page is dirty, will
perform this manipulation in its ->page_mkwrite.  It currently then must
return with the page unlocked and may not hold any other locks (according
to existing page_mkwrite convention).

In this window, the VM could write out the page, clearing page-dirty.  The
filesystem has no good way to detect that a dirty pte is about to be
attached, so it will happily write out the page, at which point, the
filesystem may manipulate the metadata to reflect that the page is no
longer dirty.

It is not always possible to perform the required metadata manipulation in
->set_page_dirty, because that function cannot block or fail.  The
filesystem may need to allocate some data structure, for example.

And the VM cannot mark the pte dirty before page_mkwrite, because
page_mkwrite is allowed to fail, so we must not allow any window where the
page could be written to if page_mkwrite does fail.

This solution of holding the page locked over the 3 critical operations
(page_mkwrite, setting the pte dirty, and finally setting the page dirty)
closes out races nicely, preventing page cleaning for writeout being
initiated in that window.  This provides the filesystem with a strong
synchronisation against the VM here.

- Sage needs this race closed for ceph filesystem.
- Trond for NFS (http://bugzilla.kernel.org/show_bug.cgi?id=12913).
- I need it for fsblock.
- I suspect other filesystems may need it too (eg. btrfs).
- I have converted buffer.c to the new locking. Even simple block allocation
  under dirty pages might be susceptible to i_size changing under partial page
  at the end of file (we also have a buffer.c-side problem here, but it cannot
  be fixed properly without this patch).
- Other filesystems (eg. NFS, maybe btrfs) will need to change their
  page_mkwrite functions themselves.

[ This also moves page_mkwrite another step closer to fault, which should
  eventually allow page_mkwrite to be moved into ->fault, and thus avoiding a
  filesystem calldown and page lock/unlock cycle in __do_fault. ]

[akpm@linux-foundation.org: fix derefs of NULL ->mapping]
Cc: Sage Weil <sage@newdream.net>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
Signed-off-by: Nick Piggin <npiggin@suse.de>
Cc: Valdis Kletnieks <Valdis.Kletnieks@vt.edu>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-05-02 15:36:09 -07:00
Heiko Carstens
a5fc1abe43 atomic: fix atomic_long_cmpxchg/xchg for 64 bit architectures
On a linux-next allyesconfig build:

kernel/trace/ring_buffer.c:1726:
	warning: passing argument 1 of 'atomic_cmpxchg' from incompatible pointer type
linux-next/arch/s390/include/asm/atomic.h:112:
	note: expected 'struct atomic_t *' but argument is of type 'struct atomic64_t *'

atomic_long_cmpxchg and atomic_long_xchg are incorrectly defined for 64
bit architectures.  They should be mapped to the atomic64_* variants.

Acked-by: Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Acked-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-05-02 15:36:09 -07:00
Jesper Nilsson
9e040a3e91 CRISv10: fix serial driver proc-usage
drivers/serial/crisv10.c:4428: error: unknown field 'read_proc' specified in initializer

Commit 0f043a81eb ("proc tty: remove struct
tty_operations::read_proc") removes the read_proc entry from struct
tty_operations.

Rework the proc handling in the CRISv10 serial driver to use proc_fops
instead.

Signed-off-by: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Mikael Starvik <starvik@axis.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-05-02 15:36:09 -07:00
Christoph Hellwig
cf94a4d116 MAINTAINERS: add ptrace entry
Add Roland and Oleg as formal ptrace maintainers, they've been doing the
job for a while.

Includes the file patterns requested by Joe.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Acked-by: Roland McGrath <roland@redhat.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-05-02 15:36:09 -07:00
Daisuke Nishimura
c0bd3f63ce memcg: fix try_get_mem_cgroup_from_swapcache()
This is a bugfix for commit 3c776e6466
("memcg: charge swapcache to proper memcg").

Used bit of swapcache is solid under page lock, but considering
move_account, pc->mem_cgroup is not.

We need lock_page_cgroup() anyway.

Signed-off-by: Daisuke Nishimura <nishimura@mxp.nes.nec.co.jp>
Acked-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-05-02 15:36:09 -07:00
Florian Fainelli
1e50cc9022 MAINTAINERS: Florian has moved
I will finish school soon, so replace my student address with this one.

Signed-off-by: Florian Fainelli <florian@openwrt.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-05-02 15:36:09 -07:00
Ian Kent
a8985f3ac5 autofs4: fix incorrect return in autofs4_mount_busy()
Fix an obvious incorrect return status in autofs4_mount_busy().

Signed-off-by: Ian Kent <raven@themaw.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-05-02 15:36:09 -07:00
Johannes Weiner
bc43f75cd9 mm: fix pageref leak in do_swap_page()
By the time the memory cgroup code is notified about a swapin we
already hold a reference on the fault page.

If the cgroup callback fails make sure to unlock AND release the page
reference which was taken by lookup_swap_cach(), or we leak the reference.

Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Cc: Balbir Singh <balbir@linux.vnet.ibm.com>
Reviewed-by: Minchan Kim <minchan.kim@gmail.com>
Acked-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-05-02 15:36:09 -07:00
Robert Moore
53951bd57d acpica: validate package element more carefully in acpi_rs_get_pci_routing_table_length
acpi_rs_get_pci_routing_table_length is not performing sufficient
validation on the package returned from _PRT.  It assumes a package of
packages and fails/faults if this is not the case.

We should validate each subpackage when extracted from the parent
package, and not accept objects of the wrong type, since that will just
cause the scanning to fail (likely with a kernel oops).

This can only happen with a serious BIOS bug, and is accompanied by a
warning something like this:

  ACPI Warning (nspredef-0949): \_SB_.PCI0.PEG4._PRT: Return Package type mismatch at index 0 - found Integer, expected Package [20090320]

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-05-02 11:48:37 -07:00
Linus Torvalds
091438dd56 Linux 2.6.30-rc4 2009-04-29 21:48:16 -07:00
Linus Torvalds
9ea66ab580 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6:
  eCryptfs: Fix min function comparison warning
  ecryptfs: fix printk format warning
2009-04-29 21:25:53 -07:00
Linus Torvalds
93acda847f Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6
* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6:
  V4L/DVB (11652): au0828: fix kernel oops regression on USB disconnect.
  V4L/DVB (11626): cx23885: Two fixes for DViCO FusionHDTV DVB-T Dual Express
  V4L/DVB (11612): mx3_camera: Fix compilation with CONFIG_PM
  V4L/DVB (11570): patch: s2255drv: fix race condition on set mode
  V4L/DVB (11568): cx18: Fix the handling of i2c bus registration error
  V4L/DVB (11561a): move media after i2c
  V4L/DVB (11516): drivers/media/video/saa5246a.c: fix use-after-free
  V4L/DVB (11515): drivers/media/video/saa5249.c: fix use-after-free and leak
  V4L/DVB (11494a): cx231xx Kconfig fixes
  V4L/DVB (11494): cx18: Send correct input routing value to external audio multiplexers
2009-04-29 21:25:39 -07:00
Devin Heitmueller
fe78a49c8a V4L/DVB (11652): au0828: fix kernel oops regression on USB disconnect.
A regression was introduced in hg changeset 33810c734a0d, which resulted in
a kernel panic whenever the device was disconnected from USB.  The call to
4l2_device_register() was overwriting the pointer for usb_set_intfdata(), so
when au0828_usb_disconnect() was called, the usb_get_intfdata() returned a
pointer to the v4l2_device instead of the au0828_dev structure.

Signed-off-by: Devin Heitmueller <dheitmueller@linuxtv.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2009-04-29 16:02:51 -03:00
Christopher Pascoe
d4dc673da9 V4L/DVB (11626): cx23885: Two fixes for DViCO FusionHDTV DVB-T Dual Express
Two fixes for DViCO FusionHDTV DVB-T Dual Express:

 * Reset correct tuner when reinitializing xc3028.
 * Disable the I2C gate control to avoid locking up the I2C bus.

Tested-by: John Knops <jknops@australiaonline.net.au>
Reviewed-by: Steven Toth <stoth@linuxtv.org>
Signed-off-by: Christopher Pascoe <linuxdvb@itee.uq.edu.au>
Signed-off-by: Devin Heitmueller <dheitmueller@linuxtv.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2009-04-29 16:00:38 -03:00
Sascha Hauer
e39c904797 V4L/DVB (11612): mx3_camera: Fix compilation with CONFIG_PM
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Guennadi Liakhovetski <g.liakhovetski@gmx.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2009-04-29 15:59:24 -03:00
Dean Anderson
9d63cec168 V4L/DVB (11570): patch: s2255drv: fix race condition on set mode
set_modeready flag must be set before command sent to USB in
s2255_write_config.

Signed-off-by: Dean Anderson <dean@sensoray.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2009-04-29 15:41:14 -03:00
Jean Delvare
272aa3966b V4L/DVB (11568): cx18: Fix the handling of i2c bus registration error
* Return actual error values as returned by the i2c subsystem, rather
  than 0 or 1.
* If the registration of the second bus fails, unregister the first one
  before exiting, otherwise we are leaking resources.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Acked-by: Andy Walls <awalls@radix.net>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2009-04-29 15:41:13 -03:00
Guennadi Liakhovetski
a357482a1e V4L/DVB (11561a): move media after i2c
Currently drivers/media drivers are linked very early - directly after
base, block, misc, and mfd and before ata, scsi, ide, input, firewire,
usb, and i2c. This breaks static build of video4linux drivers, that use
generic CPU i2c adapter drivers and the v4l2-subdev subsystem, because
during video4linux probing the v4l2-subdev core requires a struct
i2c_adapter context, which cannot be satisfied before the i2c subsystem is
initialised. Moving drivers/media after drivers/i2c fixes this problem.

The best way to trigger action is by submitting a patch:-) So, let's see
what comes out of it - on the one hand I don't see any reason why media
has to be linked this early, and nobody was able to give me one yesterday
as this problem has been discussed on linux-media, OTOH, maybe indeed it
would be better to move i2c the whole way up above media, but that'd be
much bigger of a change, I think.
--
To unsubscribe from this list: send the line "unsubscribe linux-media" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Signed-off-by: Guennadi Liakhovetski <g.liakhovetski@gmx.de>
Acked-by: Jean Delvare <khali@linux-fr.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2009-04-29 15:41:13 -03:00
Dan Carpenter
9401608bb3 V4L/DVB (11516): drivers/media/video/saa5246a.c: fix use-after-free
I lowered the kfree(t) down a couple lines and removed the superflous
"t->vdev = NULL;"

Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2009-04-29 15:41:12 -03:00
Dan Carpenter
5b83cfa985 V4L/DVB (11515): drivers/media/video/saa5249.c: fix use-after-free and leak
I moved the kfree() down a couple lines.  t->vdev is going to be in freed
memory so there is no point setting it to NULL.  I added a kfree(t) on a

Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2009-04-29 15:41:11 -03:00
Mauro Carvalho Chehab
3964b58a25 V4L/DVB (11494a): cx231xx Kconfig fixes
selecting ALSA module breaks if !SND. Just remove select.

While here, let's fix the whitespacing at the Kconfig.

Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2009-04-29 15:41:11 -03:00
Andy Walls
92ab9baee3 V4L/DVB (11494): cx18: Send correct input routing value to external audio multiplexers
A late v4l2_subdev framework change accidentally sent the audio input
routing value to the external multiplexer, instead of the muxer input routing
value to the external multiplexer.  This change corrects that error.

Signed-off-by: Andy Walls <awalls@radix.net>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2009-04-29 15:41:10 -03:00
Linus Torvalds
3dacbdad24 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (24 commits)
  e100: do not go D3 in shutdown unless system is powering off
  netfilter: revised locking for x_tables
  Bluetooth: Fix connection establishment with low security requirement
  Bluetooth: Add different pairing timeout for Legacy Pairing
  Bluetooth: Ensure that HCI sysfs add/del is preempt safe
  net: Avoid extra wakeups of threads blocked in wait_for_packet()
  net: Fix typo in net_device_ops description.
  ipv4: Limit size of route cache hash table
  Add reference to CAPI 2.0 standard
  Documentation/isdn/INTERFACE.CAPI
  update Documentation/isdn/00-INDEX
  ixgbe: Fix WoL functionality for 82599 KX4 devices
  veth: prevent oops caused by netdev destructor
  xfrm: wrong hash value for temporary SA
  forcedeth: tx timeout fix
  net: Fix LL_MAX_HEADER for CONFIG_TR_MODULE
  mlx4_en: Handle page allocation failure during receive
  mlx4_en: Fix cleanup flow on cq activation
  vlan: update vlan carrier state for admin up/down
  netfilter: xt_recent: fix stack overread in compat code
  ...
2009-04-29 07:55:45 -07:00
Thadeu Lima de Souza Cascardo
ac7c992cac e100: do not go D3 in shutdown unless system is powering off
After experimenting with kexec with the last merges after 2.6.29, I've
had some problems when probing e100.  It would not read the eeprom.  After
some bisects, I realized this has been like that since forever (at least
2.6.18).  The problem is that shutdown is doing the same thing that
suspend does and puts the device in D3 state.  I couldn't find a way to
get the device back to a sane state in the probe function.  So, based on
some similar patches from Rafael J. Wysocki for e1000, e1000e, and ixgbe,
I wrote this one for e100.

Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@holoscopio.com>
Acked-by: "Rafael J. Wysocki" <rjw@sisk.pl>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-04-28 22:42:39 -07:00
David S. Miller
bf0de3e9c8 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/holtmann/bluetooth-2.6 2009-04-28 22:40:49 -07:00
Stephen Hemminger
942e4a2bd6 netfilter: revised locking for x_tables
The x_tables are organized with a table structure and a per-cpu copies
of the counters and rules. On older kernels there was a reader/writer 
lock per table which was a performance bottleneck. In 2.6.30-rc, this
was converted to use RCU and the counters/rules which solved the performance
problems for do_table but made replacing rules much slower because of
the necessary RCU grace period.

This version uses a per-cpu set of spinlocks and counters to allow to
table processing to proceed without the cache thrashing of a global
reader lock and keeps the same performance for table updates.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-04-28 22:36:33 -07:00
Linus Torvalds
56a50adda4 Merge branch 'drm-intel-next' of git://git.kernel.org/pub/scm/linux/kernel/git/anholt/drm-intel
* 'drm-intel-next' of git://git.kernel.org/pub/scm/linux/kernel/git/anholt/drm-intel:
  drm/i915: fix up error path leak in i915_cmdbuffer
  drm/i915: fix unpaired i915 device mutex on entervt failure.
  drm/i915: add support for G41 chipset
  drm/i915: Enable ASLE if present
  drm/i915: Unregister ACPI video driver when exiting
  drm/i915: Register ACPI video even when not modesetting
  drm/i915: fix transition to I915_TILING_NONE
  drm/i915: Don't let an oops get triggered from irq_emit without dma init.
  drm/i915: allow tiled front buffers on 965+
2009-04-28 17:21:20 -07:00
Linus Torvalds
c2e2ceeae4 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband: (21 commits)
  RDMA/nes: Update iw_nes version
  RDMA/nes: Fix error path in nes_accept()
  RDMA/nes: Fix hang issues for large cluster dynamic connections
  RDMA/nes: Increase rexmit timeout interval
  RDMA/nes: Check for sequence number wrap-around
  RDMA/nes: Do not set apbvt entry for loopback
  RDMA/nes: Fix unused variable compile warning when INFINIBAND_NES_DEBUG=n
  RDMA/nes: Fix fw_ver in /sys
  RDMA/nes: Set trace length to 1 inch for SFP_D
  RDMA/nes: Enable repause timer for port 1
  RDMA/nes: Correct CDR loop filter setting for port 1
  RDMA/nes: Modify thermo mitigation to flip SerDes1 ref clk to internal
  RDMA/nes: Fix resource issues in nes_create_cq() and nes_destroy_cq()
  RDMA/nes: Remove root_256()'s unused pbl_count_256 parameter
  mlx4_core: Fix memory leak in mlx4_enable_msi_x()
  IB/mthca: Fix timeout for INIT_HCA and a few other commands
  RDMA/cxgb3: Don't zero QP attrs when moving to IDLE
  RDMA/nes: Fix bugs in nes_reg_phys_mr()
  RDMA/nes: Fix compiler warning at nes_verbs.c:1955
  IPoIB: Disable NAPI while CQ is being drained
  ...
2009-04-28 17:21:07 -07:00
Geert Uytterhoeven
16752e2ead m68k: arch/m68k/kernel/sun3-head.S needs <linux/init.h>
Fix this:

  arch/m68k/kernel/sun3-head.S: Assembler messages:
  arch/m68k/kernel/sun3-head.S:32: Error: Unknown operator -- statement `__head' ignored

Introduced by commit 6f335cab04 ("m68k:
convert to use __HEAD and HEAD_TEXT macros."), which started using
__HEAD without adding the appropriate include.

Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-28 16:07:18 -07:00
Linus Torvalds
2d04f6b9bc Merge branch 'for-linus' of git://git.kernel.dk/linux-2.6-block
* 'for-linus' of git://git.kernel.dk/linux-2.6-block:
  bio: fix memcpy corruption in bio_copy_user_iov()
  hd: fix locking
  mg_disk: fix CONFIG_LBD=y warning
  mg_disk: fix locking
2009-04-28 16:06:48 -07:00
Linus Torvalds
8b86bd7a4a Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lrg/voltage-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lrg/voltage-2.6:
  regulator: Fix default constraints for fixed voltage regulators
  regulator/bq24022: fix bug in is_enabled function
  regulator/virtual: fix strings compare predicates
  regulator core: fix double-free in regulator_register() error path
  drivers/regulator: fix when type is different from REGULATOR_VOLTAGE or REGULATOR_CURRENT
  unreachable code in drms_uA_update()
  regulator: fix header file missing kernel-doc
2009-04-28 16:06:33 -07:00
Roland Dreier
9308f96c79 Merge branches 'cxgb3', 'ipoib', 'mthca', 'mlx4' and 'nes' into for-linus 2009-04-28 16:01:31 -07:00
Linus Torvalds
c3310e7766 Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc:
  powerpc/ps3: Fix build error on UP
  powerpc/cell: Select PCI for IBM_CELL_BLADE AND CELLEB
  powerpc: ppc32 needs elf_read_implies_exec()
  powerpc/86xx: Add device_type entry to soc for ppc9a
  powerpc/44x: Correct memory size calculation for denali-based boards
  maintainers: Fix PowerPC 4xx git tree
  powerpc: fix for long standing bug noticed by gcc 4.4.0
  Revert "powerpc: Add support for early tlbilx opcode"
2009-04-28 15:55:32 -07:00
Tim Abbott
13beadd91f powerpc: Revert switch to TEXT_TEXT in linker script
Commit edada399 broke the build on 64-bit powerpc because it moved the
__ftr_alt_* sections of a file away from the .text section, causing
link failures due to relative conditional branch targets being too far
away from the branch instructions.  This happens on pretty much all
64-bit powerpc configs.

This change reverts commit edada399 while preserving the update from
the *.refok sections to .ref.text that has happened since.

Signed-off-by: Tim Abbott <tabbott@mit.edu>
Requested-by: Paul Mackerras <paulus@samba.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-04-28 15:55:14 -07:00
FUJITA Tomonori
69838727bc bio: fix memcpy corruption in bio_copy_user_iov()
st driver uses blk_rq_map_user() in order to just build a request out
of page frames. In this case, map_data->offset is a non zero value and
iov[0].iov_base is NULL. We need to increase nr_pages for that.

Cc: stable@kernel.org
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2009-04-28 20:24:29 +02:00
Tejun Heo
0191944282 hd: fix locking
hd dance around local irq and HD_IRQ enable without achieving much.
It ends up transferring data from irq handler with both local irq and
HD_IRQ disabled.  The only place it actually does something is while
transferring the first block of a request which it does with HD_IRQ
disabled but local irq enabled.

Unfortunately, the dancing is horribly broken from locking POV.  IRQ
and timeout handlers access block queue without grabbing the queue
lock and running the driver in SMP configuration crashes the whole
machine pretty quickly.

Remove meaningless irq enable/disable dancing and add proper locking
in issue, irq and timeout paths.

Signed-off-by: Tejun Heo <tj@kernel.org>
2009-04-28 20:24:20 +02:00
Bartlomiej Zolnierkiewicz
0d9f346fb0 mg_disk: fix CONFIG_LBD=y warning
drivers/block/mg_disk.c: In function ‘mg_dump_status’:
drivers/block/mg_disk.c:265: warning: format ‘%ld’ expects type ‘long int’, but
argument 2 has type ‘sector_t’

[ Impact: kill build warning ]

Cc: unsik Kim <donari75@gmail.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
2009-04-28 20:24:20 +02:00
Tejun Heo
39f36b47ca mg_disk: fix locking
IRQ and timeout handlers call functions which expect locked queue lock
without locking it.  Fix it.

While at it, convert 0s used as null pointer constant to NULLs.

[ Impact: fix locking, cleanup ]

Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: unsik Kim <donari75@gmail.com>
2009-04-28 20:24:19 +02:00
Mark Brown
3e59091828 regulator: Fix default constraints for fixed voltage regulators
Default voltage constraints were being provided for fixed voltage
regulator where board constraints were not provided but these constraints
used INT_MIN as the default minimum voltage which is not a valid value
since it is less than zero. Use 1uV instead.

Also set the default values we set in the constraints themselves since
otherwise the max_uV constraint we determine will not be stored in the
actual constraint strucutre and will therefore not be used.

Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Signed-off-by: Liam Girdwood <lrg@slimlogic.co.uk>
2009-04-28 18:58:08 +01:00
Philipp Zabel
030853b7ab regulator/bq24022: fix bug in is_enabled function
This seems to be fallout from last October's regulator core rework.
It got noticed only because of recent regulator framework changes.

Signed-off-by: Philipp Zabel <philipp.zabel@gmail.com>
Signed-off-by: Liam Girdwood <lrg@slimlogic.co.uk>
2009-04-28 18:58:08 +01:00
Mike Rapoport
aa61d558f0 regulator/virtual: fix strings compare predicates
Signed-off-by: Mike Rapoport <mike@compulab.co.il>
Acked-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Signed-off-by: Liam Girdwood <lrg@slimlogic.co.uk>
2009-04-28 18:58:07 +01:00
Paul Walmsley
53032dafc6 regulator core: fix double-free in regulator_register() error path
During regulator registration, any error after device_register() will
cause a double-free on the struct regulator_dev 'rdev'.  The bug is in
drivers/regulator/core.c:regulator_register():

...
scrub:
	device_unregister(&rdev->dev);
clean:
	kfree(rdev);                           <---
	rdev = ERR_PTR(ret);
	goto out;
...

device_unregister() calls regulator_dev_release() which frees rdev.  The
subsequent kfree corrupts memory and causes some OMAP3 systems to oops on
boot in regulator_get().

Applies against 2.6.30-rc3.

Signed-off-by: Paul Walmsley <paul@pwsan.com>
Acked-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Signed-off-by: Liam Girdwood <lrg@slimlogic.co.uk>
2009-04-28 18:58:07 +01:00
Diego Liziero
cd78dfc6c6 drivers/regulator: fix when type is different from REGULATOR_VOLTAGE or REGULATOR_CURRENT
When regulator_desc->type is something different from REGULATOR_VOLTAGE or REGULATOR_CURRENT
the if should probably return ERR_PTR(-EINVAL)

The semantic patch that makes this change is as follows:
(http://www.emn.fr/x-info/coccinelle/)

@@ expression E; constant C; @@
(
- !E == C
+ E != C
)

Signed-off-by: Diego Liziero <diegoliz@gmail.com>
Acked-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Signed-off-by: Liam Girdwood <lrg@slimlogic.co.uk>
2009-04-28 18:58:07 +01:00
Dan Carpenter
036de8efae unreachable code in drms_uA_update()
I removed the extra semi-colon and indented the return statement.

The unreachable code was found by smatch (http://repo.or.cz/w/smatch.git).
The patch was compile tested.

regards,
dan carpenter

Signed-off-by: Dan Carpenter <error27@gmail.com>
Acked-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Signed-off-by: Liam Girdwood <lrg@slimlogic.co.uk>
2009-04-28 18:58:06 +01:00
Randy Dunlap
9f6532519f regulator: fix header file missing kernel-doc
Add regulator header file missing kernel-doc:

Warning(include/linux/regulator/driver.h:117): No description found for parameter 'set_mode'

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
cc:	Liam Girdwood <lrg@slimlogic.co.uk>
cc:	Mark Brown <broonie@opensource.wolfsonmicro.com>
Signed-off-by: Liam Girdwood <lrg@slimlogic.co.uk>
2009-04-28 18:58:06 +01:00
Marcel Holtmann
3fdca1e137 Bluetooth: Fix connection establishment with low security requirement
The Bluetooth 2.1 specification introduced four different security modes
that can be mapped using Legacy Pairing and Simple Pairing. With the
usage of Simple Pairing it is required that all connections (except
the ones for SDP) are encrypted. So even the low security requirement
mandates an encrypted connection when using Simple Pairing. When using
Legacy Pairing (for Bluetooth 2.0 devices and older) this is not required
since it causes interoperability issues.

To support this properly the low security requirement translates into
different host controller transactions depending if Simple Pairing is
supported or not. However in case of Simple Pairing the command to
switch on encryption after a successful authentication is not triggered
for the low security mode. This patch fixes this and actually makes
the logic to differentiate between Simple Pairing and Legacy Pairing
a lot simpler.

Based on a report by Ville Tervo <ville.tervo@nokia.com>

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2009-04-28 09:31:39 -07:00
Marcel Holtmann
052b30b0a8 Bluetooth: Add different pairing timeout for Legacy Pairing
The Bluetooth stack uses a reference counting for all established ACL
links and if no user (L2CAP connection) is present, the link will be
terminated to save power. The problem part is the dedicated pairing
when using Legacy Pairing (Bluetooth 2.0 and before). At that point
no user is present and pairing attempts will be disconnected within
10 seconds or less. In previous kernel version this was not a problem
since the disconnect timeout wasn't triggered on incoming connections
for the first time. However this caused issues with broken host stacks
that kept the connections around after dedicated pairing. When the
support for Simple Pairing got added, the link establishment procedure
needed to be changed and now causes issues when using Legacy Pairing

When using Simple Pairing it is possible to do a proper reference
counting of ACL link users. With Legacy Pairing this is not possible
since the specification is unclear in some areas and too many broken
Bluetooth devices have already been deployed. So instead of trying to
deal with all the broken devices, a special pairing timeout will be
introduced that increases the timeout to 60 seconds when pairing is
triggered.

If a broken devices now puts the stack into an unforeseen state, the
worst that happens is the disconnect timeout triggers after 120 seconds
instead of 4 seconds. This allows successful pairings with legacy and
broken devices now.

Based on a report by Johan Hedberg <johan.hedberg@nokia.com>

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2009-04-28 09:31:38 -07:00
Roger Quadros
f3784d834c Bluetooth: Ensure that HCI sysfs add/del is preempt safe
Use a different work_struct variables for add_conn() and del_conn() and
use single work queue instead of two for adding and deleting connections.

It eliminates the following error on a preemptible kernel:

[  204.358032] Unable to handle kernel NULL pointer dereference at virtual address 0000000c
[  204.370697] pgd = c0004000
[  204.373443] [0000000c] *pgd=00000000
[  204.378601] Internal error: Oops: 17 [#1] PREEMPT
[  204.383361] Modules linked in: vfat fat rfcomm sco l2cap sd_mod scsi_mod iphb pvr2d drm omaplfb ps
[  204.438537] CPU: 0    Not tainted  (2.6.28-maemo2 #1)
[  204.443664] PC is at klist_put+0x2c/0xb4
[  204.447601] LR is at klist_put+0x18/0xb4
[  204.451568] pc : [<c0270f08>]    lr : [<c0270ef4>]    psr: a0000113
[  204.451568] sp : cf1b3f10  ip : cf1b3f10  fp : cf1b3f2c
[  204.463104] r10: 00000000  r9 : 00000000  r8 : bf08029c
[  204.468353] r7 : c7869200  r6 : cfbe2690  r5 : c78692c8  r4 : 00000001
[  204.474945] r3 : 00000001  r2 : cf1b2000  r1 : 00000001  r0 : 00000000
[  204.481506] Flags: NzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM Segment kernel
[  204.488861] Control: 10c5387d  Table: 887fc018  DAC: 00000017
[  204.494628] Process btdelconn (pid: 515, stack limit = 0xcf1b22e0)

Signed-off-by: Roger Quadros <ext-roger.quadros@nokia.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2009-04-28 09:31:38 -07:00