Commit graph

233459 commits

Author SHA1 Message Date
Thomas Gleixner
c1ee626428 genirq: Prevent access beyond allocated_irqs bitmap
Lars-Peter Clausen pointed out:

   I stumbled upon this while looking through the existing archs using
   SPARSE_IRQ.  Even with SPARSE_IRQ the NR_IRQS is still the upper
   limit for the number of IRQs.

   Both PXA and MMP set NR_IRQS to IRQ_BOARD_START, with
   IRQ_BOARD_START being the number of IRQs used by the core.

   In various machine files the nr_irqs field of the ARM machine
   defintion struct is then set to "IRQ_BOARD_START + NR_BOARD_IRQS".

   As a result "nr_irqs" will greater then NR_IRQS which then again
   causes the "allocated_irqs" bitmap in the core irq code to be
   accessed beyond its size overwriting unrelated data.

The core code really misses a sanity check there.

This went unnoticed so far as by chance the compiler/linker places
data behind that bitmap which gets initialized later on those affected
platforms.

So the obvious fix would be to add a sanity check in early_irq_init()
and break all affected platforms. Though that check wants to be
backported to stable as well, which will require to fix all known
problematic platforms and probably some more yet not known ones as
well. Lots of churn.

A way simpler solution is to allocate a slightly larger bitmap and
avoid the whole churn w/o breaking anything. Add a few warnings when
an arch returns utter crap.

Reported-by: Lars-Peter Clausen <lars@metafoo.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@kernel.org # .37
Cc: Haojian Zhuang <haojian.zhuang@marvell.com>
Cc: Eric Miao <eric.y.miao@gmail.com>
Cc: Peter Zijlstra <peterz@infradead.org>
2011-02-19 12:10:51 +01:00
Linus Torvalds
0cc9d52578 Merge branch 'rtc-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
* 'rtc-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  RTC: Re-enable UIE timer/polling emulation
  RTC: Revert UIE emulation removal
  RTC: Release mutex in error path of rtc_alarm_irq_enable
2011-02-18 14:20:46 -08:00
Linus Torvalds
4c3021da45 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (37 commits)
  net: deinit automatic LIST_HEAD
  net: dont leave active on stack LIST_HEAD
  net: provide default_advmss() methods to blackhole dst_ops
  tg3: Restrict phy ioctl access
  drivers/net: Call netif_carrier_off at the end of the probe
  ixgbe: work around for DDP last buffer size
  ixgbe: fix panic due to uninitialised pointer
  e1000e: flush all writebacks before unload
  e1000e: check down flag in tasks
  isdn: hisax: Use l2headersize() instead of dup (and buggy) func.
  arp_notify: unconditionally send gratuitous ARP for NETDEV_NOTIFY_PEERS.
  cxgb4vf: Use defined Mailbox Timeout
  cxgb4vf: Quiesce Virtual Interfaces on shutdown ...
  cxgb4vf: Behave properly when CONFIG_DEBUG_FS isn't defined ...
  cxgb4vf: Check driver parameters in the right place ...
  pch_gbe: Fix the MAC Address load issue.
  iwlwifi: Delete iwl3945_good_plcp_health.
  net/can/softing: make CAN_SOFTING_CS depend on CAN_SOFTING
  netfilter: nf_iterate: fix incorrect RCU usage
  pch_gbe: Fix the issue that the receiving data is not normal.
  ...
2011-02-18 14:15:05 -08:00
Linus Torvalds
a5bbef0b2d Merge branch 'for-linus/bugfixes' of git://xenbits.xen.org/people/ianc/linux-2.6
* 'for-linus/bugfixes' of git://xenbits.xen.org/people/ianc/linux-2.6:
  xen: suspend and resume system devices when running PVHVM
2011-02-18 12:44:41 -08:00
Linus Torvalds
bc3adfc670 Merge branch 'fixes-2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq
* 'fixes-2.6.38' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq:
  workqueue: make sure MAYDAY_INITIAL_TIMEOUT is at least 2 jiffies long
  workqueue, freezer: unify spelling of 'freeze' + 'able' to 'freezable'
  workqueue: wake up a worker when a rescuer is leaving a gcwq
2011-02-18 12:36:06 -08:00
Eric Dumazet
ceaaec98ad net: deinit automatic LIST_HEAD
commit 9b5e383c11 (net: Introduce
unregister_netdevice_many()) left an active LIST_HEAD() in
rollback_registered(), with possible memory corruption.

Even if device is freed without touching its unreg_list (and therefore
touching the previous memory location holding LISTE_HEAD(single), better
close the bug for good, since its really subtle.

(Same fix for default_device_exit_batch() for completeness)

Reported-by: Michal Hocko <mhocko@suse.cz>
Tested-by: Michal Hocko <mhocko@suse.cz>
Reported-by: Eric W. Biderman <ebiderman@xmission.com>
Tested-by: Eric W. Biderman <ebiderman@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
CC: Ingo Molnar <mingo@elte.hu>
CC: Octavian Purdila <opurdila@ixiacom.com>
CC: stable <stable@kernel.org> [.33+]
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-02-18 11:49:36 -08:00
Linus Torvalds
f87e6f4793 net: dont leave active on stack LIST_HEAD
Eric W. Biderman and Michal Hocko reported various memory corruptions
that we suspected to be related to a LIST head located on stack, that
was manipulated after thread left function frame (and eventually exited,
so its stack was freed and reused).

Eric Dumazet suggested the problem was probably coming from commit
443457242b (net: factorize
sync-rcu call in unregister_netdevice_many)

This patch fixes __dev_close() and dev_close() to properly deinit their
respective LIST_HEAD(single) before exiting.

References: https://lkml.org/lkml/2011/2/16/304
References: https://lkml.org/lkml/2011/2/14/223

Reported-by: Michal Hocko <mhocko@suse.cz>
Tested-by: Michal Hocko <mhocko@suse.cz>
Reported-by: Eric W. Biderman <ebiderman@xmission.com>
Tested-by: Eric W. Biderman <ebiderman@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
CC: Ingo Molnar <mingo@elte.hu>
CC: Octavian Purdila <opurdila@ixiacom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-02-18 11:49:35 -08:00
Eric Dumazet
214f45c91b net: provide default_advmss() methods to blackhole dst_ops
Commit 0dbaee3b37 (net: Abstract default ADVMSS behind an
accessor.) introduced a possible crash in tcp_connect_init(), when
dst->default_advmss() is called from dst_metric_advmss()

Reported-by: George Spelvin <linux@horizon.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-02-18 11:39:01 -08:00
Linus Torvalds
3c18d4de86 Expand CONFIG_DEBUG_LIST to several other list operations
When list debugging is enabled, we aim to readably show list corruption
errors, and the basic list_add/list_del operations end up having extra
debugging code in them to do some basic validation of the list entries.

However, "list_del_init()" and "list_move[_tail]()" ended up avoiding
the debug code due to how they were written. This fixes that.

So the _next_ time we have list_move() problems with stale list entries,
we'll hopefully have an easier time finding them..

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-02-18 11:32:28 -08:00
Linus Torvalds
2a324ce7b7 Merge branch 'pm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/suspend-2.6
* 'pm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/suspend-2.6:
  PM / Hibernate: Return error code when alloc_image_page() fails
2011-02-17 17:52:36 -08:00
Linus Torvalds
c8b392e9ad Merge branch 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6
* 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6:
  drm/radeon/kms: add missing frac fb div flag for dce4+
  drm/radeon/kms: do not reject X16 and Y16X16 floating-point formats on r300
  drm/nouveau: fix suspend/resume on GPUs that don't have PM support
  drm/nouveau: flips/flipd need to always set 'evict' for move_accel_cleanup()
  drm/nv40: fix tiling-related setup for a number of chipsets
  drm/nouveau: fix non-EDIDful native mode selection
  drm/nouveau: Fix detection of DDC-based LVDS on DCB15 boards.
  drm/nv04-nv40: Fix NULL dereference when we fail to find an LVDS native mode.
  drm/nv10: Fix crash when allocating a BO larger than half the available VRAM.
2011-02-17 17:52:17 -08:00
Linus Torvalds
dd8240bd3e Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband:
  IB/qib: Prevent double completions after a timeout or RNR error
  IB/qib: Fix double add_timer()
  RDMA/nes: Don't generate async events for unregistered devices
2011-02-17 17:51:52 -08:00
Linus Torvalds
a0aeccdc69 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6:
  sparc64: Fix NMI startup bug which also breaks perf.
  sparc: fix size argument to find_next_zero_bit()
  sparc: use bitmap_set()
  sparc32: unaligned memory access (MNA) trap handler bug
2011-02-17 17:51:27 -08:00
Timo Warns
fa7ea87a05 fs/partitions: Validate map_count in Mac partition tables
Validate number of blocks in map and remove redundant variable.

Signed-off-by: Timo Warns <warns@pre-sense.de>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-02-17 17:50:51 -08:00
John Stultz
456d66ecd0 RTC: Re-enable UIE timer/polling emulation
This patch re-enables UIE timer/polling emulation for rtc devices
that do not support alarm irqs.

CC: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
CC: Thomas Gleixner <tglx@linutronix.de>
Reported-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Tested-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: John Stultz <john.stultz@linaro.org>
2011-02-17 14:59:42 -08:00
John Stultz
6e57b1d6a8 RTC: Revert UIE emulation removal
Uwe pointed out that my alarm based UIE emulation is not sufficient
to replace the older timer/polling based UIE emulation on devices
where there is no alarm irq. This causes rtc devices without alarms
to return -EINVAL to UIE ioctls. The fix is to re-instate the old
timer/polling method for devices without alarm irqs.

This patch reverts the following commits:
042620a018 - Remove UIE emulation
1daeddd596 - Cleanup removed UIE emulation declaration
b5cc8ca1c9 - Remove Kconfig symbol for UIE emulation

The emulation mode will still need to be wired-in with a following
patch before it will work.

CC: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
CC: Thomas Gleixner <tglx@linutronix.de>
Reported-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: John Stultz <john.stultz@linaro.org>
2011-02-17 14:59:41 -08:00
Uwe Kleine-König
516373b8b6 RTC: Release mutex in error path of rtc_alarm_irq_enable
On hardware that doesn't support alarm interrupts, rtc_alarm_irq_enable
could return without releasing the ops_lock mutex.

This was introduced in
	aa0be0f (RTC: Propagate error handling via rtc_timer_enqueue properly)

This patch corrects the issue by only returning once the mutex is
released.

[john.stultz: Reworded the commit log]

Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: John Stultz <john.stultz@linaro.org>
2011-02-17 14:59:22 -08:00
Matt Carlson
ed199facd0 tg3: Restrict phy ioctl access
If management firmware is present and the device is down, the firmware
will assume control of the phy.  If a phy access were allowed from the
host, it will collide with firmware phy accesses, resulting in
unpredictable behavior.  This patch fixes the problem by disallowing phy
accesses during the problematic condition.

Signed-off-by: Matt Carlson <mcarlson@broadcom.com>
Reviewed-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-02-17 14:11:15 -08:00
Ivan Vecera
0d672e9f8a drivers/net: Call netif_carrier_off at the end of the probe
Without calling of netif_carrier_off at the end of the probe the operstate
is unknown when the device is initially opened. By default the carrier is
on so when the device is opened and netif_carrier_on is called the link
watch event is not fired and operstate remains zero (unknown).

This patch fixes this behavior in forcedeth and r8169.

Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Acked-by: Francois Romieu <romieu@fr.zoreil.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-02-17 14:09:57 -08:00
Roland Dreier
814b0a6120 Merge branches 'nes' and 'qib' into for-next 2011-02-17 14:04:59 -08:00
Mike Marciniszyn
c0af2c057d IB/qib: Prevent double completions after a timeout or RNR error
There is a double completion associated with error handling for RC QPs.

The sequence is:

 - The do_rc_ack() routine fields an RNR nack and there are 0
   rnr_retries configured on the QP.
 - qib_error_qp() stops the pending timer
 - qib_rc_send_complete() is called from sdma_complete()
 - qib_rc_send_complete() starts the timer because the msb of the psn
   just completed says an ack is needed.
 - a bunch of flushes occur as ipoib posts WQEs to an error'ed QP
 - rc_timeout() calls qib_restart_rc()
 - qib_restart_rc() calls qib_send_complete() with a
   IB_WC_RETRY_EXC_ERR on a wqe that has already been completed in the
   past

The fix avoids starting the timer since another packet will never
arrive.

Signed-off-by: Mike Marciniszyn <mike.marciniszyn@qlogic.com>
Signed-off-by: Roland Dreier <roland@purestorage.com>
2011-02-17 14:04:50 -08:00
Ian Campbell
8dd38383a5 xen: suspend and resume system devices when running PVHVM
Otherwise we fail to properly suspend/resume all of the emulated devices.

Something between 2.6.38-rc2 and rc3 appears to have exposed this
issue, but it's always been wrong not to do this.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Jeremy Fitzhardinge <jeremy@goop.org>
2011-02-17 10:31:20 +00:00
Amir Hanania
c600636bd5 ixgbe: work around for DDP last buffer size
A HW limitation was recently discovered where the last buffer in a DDP offload
cannot be a full buffer size in length. Fix the issue with a work around by
adding another buffer with size = 1.

Signed-off-by: Amir Hanania <amir.hanania@intel.com>
Tested-by: Ross Brattain <ross.b.brattain@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2011-02-17 01:18:46 -08:00
Andy Gospodarek
4c7e604bab ixgbe: fix panic due to uninitialised pointer
Systems containing an 82599EB and running a backported driver from
upstream were panicing on boot.  It turns out hw->mac.ops.setup_sfp is
only set for 82599, so one should check to be sure that pointer is set
before continuing in ixgbe_sfp_config_module_task.  I verified by
inspection that the upstream driver has the same issue and also added a
check before the call in ixgbe_sfp_link_config.

Signed-off-by: Andy Gospodarek <andy@greyhouse.net>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2011-02-17 01:13:13 -08:00
Jesse Brandeburg
713b3c9e4c e1000e: flush all writebacks before unload
The driver was not flushing all writebacks before unloading, possibly
causing memory to be written by the hardware after the driver had
reinitialized the rings.

This adds missing functionality to flush any pending writebacks and is
called in all spots where descriptors should be completed before the driver
begins processing.

Signed-off-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
Reviewed-by: Bruce Allan <bruce.w.allan@intel.com>
Tested-by: Jeff Pieper <jeffrey.e.pieper@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2011-02-17 01:11:21 -08:00
Jesse Brandeburg
615b32af97 e1000e: check down flag in tasks
This change is part of a fix to avoid any tasks running while the driver is
exiting and deinitializing resources.

Signed-off-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
Tested-by: Jeff Pieper <jeffrey.e.pieper@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
2011-02-17 00:45:06 -08:00
Linus Torvalds
ee71508702 Merge branch 'for-2.6.38' of git://linux-nfs.org/~bfields/linux
* 'for-2.6.38' of git://linux-nfs.org/~bfields/linux:
  nfsd: correctly handle return value from nfsd_map_name_to_*
2011-02-16 21:53:41 -08:00
Dave Airlie
e138018e35 Merge remote branch 'nouveau/drm-nouveau-next' of /ssd/git/drm-nouveau-next into drm-fixes
* 'nouveau/drm-nouveau-next' of /ssd/git/drm-nouveau-next:
  drm/nouveau: fix suspend/resume on GPUs that don't have PM support
  drm/nouveau: flips/flipd need to always set 'evict' for move_accel_cleanup()
  drm/nv40: fix tiling-related setup for a number of chipsets
  drm/nouveau: fix non-EDIDful native mode selection
  drm/nouveau: Fix detection of DDC-based LVDS on DCB15 boards.
  drm/nv04-nv40: Fix NULL dereference when we fail to find an LVDS native mode.
  drm/nv10: Fix crash when allocating a BO larger than half the available VRAM.
2011-02-17 13:56:35 +10:00
Alex Deucher
9f4283f49f drm/radeon/kms: add missing frac fb div flag for dce4+
The fixed ref/post dividers are set by the AdjustPll table
rather than the ss info table on dce4+.  Make sure we enable
the fractional feedback dividers when using a fixed post
or ref divider on them as well.

Fixes:
https://bugzilla.kernel.org/show_bug.cgi?id=29272

Signed-off-by: Alex Deucher <alexdeucher@gmail.com>
Cc: stable@kernel.org
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-02-17 13:55:47 +10:00
Marek Olšák
16e4b8a6e4 drm/radeon/kms: do not reject X16 and Y16X16 floating-point formats on r300
Signed-off-by: Marek Olšák <maraeo@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-02-17 13:55:30 +10:00
Ben Skeggs
317495b25e drm/nouveau: fix suspend/resume on GPUs that don't have PM support
This has been broken since 2.6.37, and fixes resume on a couple of fermi
boards I have access to.

Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-02-17 12:02:22 +10:00
Linus Torvalds
68ac01a2de Merge branch 'spi/merge' of git://git.secretlab.ca/git/linux-2.6
* 'spi/merge' of git://git.secretlab.ca/git/linux-2.6:
  spi/pxa2xx pci: fix the release - remove race
2011-02-16 16:48:36 -08:00
Chuck Ebbert
e51900f7d3 block: revert block_dev read-only check
This reverts commit 75f1dc0d07 ("block: check bdev_read_only() from
blkdev_get()").  That commit added stricter checking to make sure
devices that were being used read-only were actually opened in that
mode.

It turns out that the change breaks a bunch of kernel code that opens
block devices.  Affected systems include dm, md, and the loop device.
Because strict checking for read-only opens of block devices was not
done before this, the code that opens the devices was opening them
read-write even if they were being used read-only.  Auditing all that
code will take time, and new userspace packages for dm, mdadm, etc.
will also be required.

Signed-off-by: Chuck Ebbert <cebbert@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-02-16 16:48:13 -08:00
Ben Skeggs
b8884da611 drm/nouveau: flips/flipd need to always set 'evict' for move_accel_cleanup()
We free the temporary binding before leaving this function, so we also have
to wait for the move to actually complete.

Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-02-17 09:41:01 +10:00
Ben Skeggs
1dc32671d8 drm/nv40: fix tiling-related setup for a number of chipsets
Due to the default case handling the older chipsets, a bunch of the newer
ones ended up having the wrong tiling regs used.  This commit switches the
default case to handle the newest chipsets.

This also makes nv4e touch the "extra" tiling regs.  "nv" doesn't touch
them for C51 but traces of the NVIDIA binary driver show it being done
there.

I couldn't find NV41/NV45 traces to confirm the behaviour there, but an
educated guess was taken at each of them.

Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-02-17 09:40:34 +10:00
Ben Skeggs
0d9b6193bc drm/nouveau: fix non-EDIDful native mode selection
The DRM core fills this value, but at too late a stage for this to work,
possibly resulting in an undesirable mode being selected.

Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-02-17 09:40:03 +10:00
Francisco Jerez
77b1d5dc11 drm/nouveau: Fix detection of DDC-based LVDS on DCB15 boards.
Signed-off-by: Francisco Jerez <currojerez@riseup.net>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-02-17 09:39:58 +10:00
Francisco Jerez
8788622147 drm/nv04-nv40: Fix NULL dereference when we fail to find an LVDS native mode.
Reported-by: Alex Buell <alex.buell@munted.org.uk>
Signed-off-by: Francisco Jerez <currojerez@riseup.net>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-02-17 09:39:49 +10:00
Francisco Jerez
812f219a0f drm/nv10: Fix crash when allocating a BO larger than half the available VRAM.
Reported-by: Alex Buell <alex.buell@munted.org.uk>
Signed-off-by: Francisco Jerez <currojerez@riseup.net>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2011-02-17 09:39:45 +10:00
NeilBrown
47c85291d3 nfsd: correctly handle return value from nfsd_map_name_to_*
These functions return an nfs status, not a host_err.  So don't
try to convert  before returning.

This is a regression introduced by
3c726023402a2f3b28f49b9d90ebf9e71151157d; I fixed up two of the callers,
but missed these two.

Cc: stable@kernel.org
Reported-by: Herbert Poetzl <herbert@13thfloor.at>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2011-02-16 18:31:05 -05:00
Stanislaw Gruszka
2e725a065b PM / Hibernate: Return error code when alloc_image_page() fails
Currently we return 0 in swsusp_alloc() when alloc_image_page() fails.
Fix that.  Also remove unneeded "error" variable since the only
useful value of error is -ENOMEM.

[rjw: Fixed up the changelog and changed subject.]

Signed-off-by: Stanislaw Gruszka <stf_xl@wp.pl>
Cc: stable@kernel.org
Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
2011-02-16 21:53:52 +01:00
Tejun Heo
3233cdbd9f workqueue: make sure MAYDAY_INITIAL_TIMEOUT is at least 2 jiffies long
MAYDAY_INITIAL_TIMEOUT is defined as HZ / 100 and depending on
configuration may end up 0 or 1.  Even when it's 1, depending on when
the mayday timer is added in the current jiffy interval, it may expire
way before a jiffy has passed.

Make sure MAYDAY_INITIAL_TIMEOUT is at least two to guarantee that at
least a full jiffy has passed before calling rescuers.

Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Ray Jui <rjui@broadcom.com>
Cc: stable@kernel.org
2011-02-16 18:10:19 +01:00
Linus Torvalds
a2640111d5 Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6:
  [SCSI] qla2xxx: Return DID_NO_CONNECT when FC device is lost.
  [SCSI] mptfusion: Bump version 03.04.18
  [SCSI] mptfusion: Fix Incorrect return value in mptscsih_dev_reset
  [SCSI] mptfusion: mptctl_release is required in mptctl.c
  [SCSI] target: fix use after free detected by SLUB poison
  [SCSI] target: Remove procfs based target_core_mib.c code
  [SCSI] target: Fix SCF_SCSI_CONTROL_SG_IO_CDB breakage
  [SCSI] target: Fix top-level configfs_subsystem default_group shutdown breakage
  [SCSI] target: fixed missing lock drop in error path
  [SCSI] target: Fix demo-mode MappedLUN shutdown UA/PR breakage
  [SCSI] target/iblock: Fix failed bd claim NULL pointer dereference
  [SCSI] target: iblock/pscsi claim checking for NULL instead of IS_ERR
  [SCSI] scsi_debug: Fix 32-bit overflow in do_device_access causing memory corruption
  [SCSI] qla2xxx: Change from irq to irqsave with host_lock
  [SCSI] qla2xxx: Fix race that could hang kthread_stop()
2011-02-16 09:07:00 -08:00
Linus Torvalds
0d6e82e7e0 Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: sha-s390 - Reset index after processing partial block
2011-02-16 09:04:41 -08:00
Linus Torvalds
3abb17e82f vfs: fix BUG_ON() in fs/namei.c:1461
When Al moved the nameidata_dentry_drop_rcu_maybe() call into the
do_follow_link function in commit 844a391799 ("nothing in
do_follow_link() is going to see RCU"), he mistakenly left the

	BUG_ON(inode != path->dentry->d_inode);

behind.  Which would otherwise be ok, but that BUG_ON() really needs to
be _after_ dropping RCU, since the dentry isn't necessarily stable
otherwise.

So complete the code movement in that commit, and move the BUG_ON() into
do_follow_link() too.  This means that we need to pass in 'inode' as an
argument (just for this one use), but that's a small thing.  And
eventually we may be confident enough in our path lookup that we can
just remove the BUG_ON() and the unnecessary inode argument.

Reported-and-tested-by: Eric Dumazet <eric.dumazet@gmail.com>
Acked-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-02-16 08:56:55 -08:00
Tejun Heo
58a69cb47e workqueue, freezer: unify spelling of 'freeze' + 'able' to 'freezable'
There are two spellings in use for 'freeze' + 'able' - 'freezable' and
'freezeable'.  The former is the more prominent one.  The latter is
mostly used by workqueue and in a few other odd places.  Unify the
spelling to 'freezable'.

Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Alan Stern <stern@rowland.harvard.edu>
Acked-by: "Rafael J. Wysocki" <rjw@sisk.pl>
Acked-by: Greg Kroah-Hartman <gregkh@suse.de>
Acked-by: Dmitry Torokhov <dtor@mail.ru>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: Alex Dubov <oakad@yahoo.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Steven Whitehouse <swhiteho@redhat.com>
2011-02-16 17:48:59 +01:00
Linus Torvalds
85e2efbb1d Linux 2.6.38-rc5 2011-02-15 19:23:45 -08:00
Linus Torvalds
048f039f3e Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu:
  m68knommu: set flow handler for secondary interrupt controller of 5249
  m68knommu: remove use of IRQ_FLG_LOCK from 68360 platform support
  m68knommu: fix dereference of port.tty
  m68knommu: add missing linker __modver section
  m68knommu: fix mis-named variable int set_irq_chip loop
  m68knommu: add optimize memmove() function
  m68k: remove arch specific non-optimized memcmp()
  m68knommu: fix use of un-defined _TIF_WORK_MASK
  m68knommu: Rename m548x_wdt.c to m54xx_wdt.c
  m68knommu: fix m548x_wdt.c compilation after headers renaming
  m68knommu: Remove dependencies on nonexistent M68KNOMMU
2011-02-15 17:51:18 -08:00
Greg Ungerer
86d306c960 m68knommu: set flow handler for secondary interrupt controller of 5249
The secondary interrupt controller of the ColdFire 5249 code is not
setting the edge triggered flow handler. Set it.

Signed-off-by: Greg Ungerer <gerg@uclinux.org>
2011-02-16 09:43:46 +10:00
Greg Ungerer
4531dab429 m68knommu: remove use of IRQ_FLG_LOCK from 68360 platform support
The m68knommu arch does not define or use IRQ_FLG_LOCK in its irq
subsystem. Remove obsolete use of it.

Signed-off-by: Greg Ungerer <gerg@uclinux.org>
2011-02-16 09:43:45 +10:00