- 13 Jun, 2008 31 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: tcp: Revert 'process defer accept as established' changes. ipv6: Fix duplicate initialization of rawv6_prot.destroy bnx2x: Updating the Maintainer net: Eliminate flush_scheduled_work() calls while RTNL is held. drivers/net/r6040.c: correct bad use of round_jiffies() fec_mpc52xx: MPC52xx_MESSAGES_DEFAULT: 2nd NETIF_MSG_IFDOWN => IFUP ipg: fix receivemode IPG_RM_RECEIVEMULTICAST{,HASH} in ipg_nic_set_multicast_list() netfilter: nf_conntrack: fix ctnetlink related crash in nf_nat_setup_info() netfilter: Make nflog quiet when no one listen in userspace. ipv6: Fail with appropriate error code when setting not-applicable sockopt. ipv6: Check IPV6_MULTICAST_LOOP option value. ipv6: Check the hop limit setting in ancillary data. ipv6 route: Fix route lifetime in netlink message. ipv6 mcast: Check address family of gf_group in getsockopt(MS_FILTER). dccp: Bug in initial acknowledgment number assignment dccp ccid-3: X truncated due to type conversion dccp ccid-3: TFRC reverse-lookup Bug-Fix dccp ccid-2: Bug-Fix - Ack Vectors need to be ignored on request sockets dccp: Fix sparse warnings dccp ccid-3: Bug-Fix - Zero RTT is possible
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6: sparc: get leo framebuffer working
-
Linus Torvalds authored
* master.kernel.org:/home/rmk/linux-2.6-arm: [ARM] 5091/1: Add missing bitfield include to regs-lcd.h [ARM] 5090/1: Correct pxafb palette typo error [ARM] 5077/1: spi: fix list scan success verification in PXA ssp driver
-
Sergey Lapin authored
Ramtron FM3130 is a chip with two separate devices inside, RTC clock and FRAM. This driver provides only RTC functionality. This chip is met in lots of custom boards with AT91SAMXXXX CPU I work with, is cheap and in no way better or worse than any other RTC on market. While it is mostly met on much smaller devices, I think it is great to have it supported in Linux. Signed-off-by:
Sergey Lapin <slapin@ossfans.org> Signed-off-by:
Alessandro Zummo <a.zummo@towertech.it> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
David Brownell authored
More Kconfig tweaks related to the legacy PC RTC code: - Describe the legacy PC RTC driver as such ... it's never quite been clear that this driver is for PC RTCs, and now it's fair to call this the "legacy" driver. - Force it to understand about HPET stealing its IRQs ... kernel code does this always when HPET is in use, there should be no option for users to goof up the config. This seems to fix kernel bugzilla #10729. Signed-off-by:
David Brownell <dbrownell@users.sourceforge.net> Cc: Maxim Levitsky <maximlevitsky@gmail.com> Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by:
-
Stas Sergeev authored
Recently (around 2.6.25) I've noticed that RTC no longer works for me. It turned out this is because I use pnpacpi=off kernel option to work around the parport_pc bugs. I always did so, but RTC used to work fine in the past, and now it have regressed. The patch fixes the problem by creating the platform device for the RTC when PNP is disabled. This may also help running the PNP-enabled kernel on an older PCs. Signed-off-by:
Stas Sergeev <stsp@aknet.ru> Cc: David Brownell <david-b@pacbell.net> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Bjorn Helgaas <bjorn.helgaas@hp.com> Cc: Adam Belay <ambx1@neo.rr.com> Signed-off-by:
-
Nick Piggin authored
We shrink a radix tree when its root node has only one child, in the left most slot. The child becomes the new root node. To perform this operation in a manner compatible with concurrent lockless lookups, we atomically switch the root pointer from the parent to its child. However a concurrent lockless lookup may now have loaded a pointer to the parent (and is presently deciding what to do next). For this reason, we also have to keep the parent node in a valid state after shrinking the tree, until the next RCU grace period -- otherwise this lookup with the parent pointer may not do the right thing. Notably, we need to keep the child in the left most slot there in case that is requested by the lookup. This is all pretty standard RCU stuff. It is worth repeating because in my eagerness to obey the radix tree node constructor scheme, I had broken it by zeroing the radix tree node before the grace period. What could happen is that a lookup can load the parent pointer, then decide it wants to follow the left most child slot, only to find the slot contained NULL due to the concurrent shrinker having zeroed the parent node before waiting for a grace period. The lookup would return a false negative as a result. Fix it by doing that clearing in the RCU callback. I would normally want to rip out the constructor entirely, but radix tree nodes are one of those places where they make sense (only few cachelines will be touched soon after allocation). This was never actually found in any lockless pagecache testing or by the test harness, but by seeing the odd problem with my scalable vmap rewrite. I have not tickled the test harness into reproducing it yet, but I'll keep working at it. Fortunately, it is not a problem anywhere lockless pagecache is used in mainline kernels (pagecache probe is not a guarantee, and brd does not have concurrent lookups and deletes). Signed-off-by:
Nick Piggin <npiggin@suse.de> Acked-by:
Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: "Paul E. McKenney" <paulmck@us.ibm.com> Signed-off-by:
-
Jiri Bohac authored
Several console keyboard maps are broken since commit 04c71976 Author: Samuel Thibault <samuel.thibault@ens-lyon.org> Date: Tue Oct 16 23:27:04 2007 -0700 unicode diacritics support because that changeset made k_self consider the value as a latin1 character when in Unicode mode, which is wrong; k_self should still take the console map into account. Signed-off-by:
Samuel Thibault <samuel.thibault@ens-lyon.org> Signed-off-by:
-
Paul Menage authored
sysvipc_shm_proc_show() picks between format strings (based on the expected maximum length of a SHM segment) in a way that prevents gcc from performing format checks on the seq_printf() parameters. This hid two format errors - shp->shm_segsz and shp->shm_nattach are both unsigned long, but were being printed as unsigned int and signed int respectively. This leads to 32-bit truncation of SHM segment sizes reported in /proc/sysvipc/shm. (And for nattach, but that's less of a problem for most users). This patch makes the format string directly visible to gcc's format specifier checker, and fixes the two broken format specifiers. Signed-off-by:
Paul Menage <menage@google.com> Cc: Nadia Derbey <Nadia.Derbey@bull.net> Cc: Manfred Spraul <manfred@colorfullife.com> Cc: Pierre Peiffer <peifferp@gmail.com> Signed-off-by:
-
Dave Hansen authored
We were walking right into huge page areas in the pagemap walker, and calling the pmds pmd_bad() and clearing them. That leaked huge pages. Bad. This patch at least works around that for now. It ignores huge pages in the pagemap walker for the time being, and won't leak those pages. Signed-off-by:
Dave Hansen <dave@linux.vnet.ibm.com> Acked-by:
Matt Mackall <mpm@selenic.com> Signed-off-by:
-
Dave Hansen authored
We need this at least for huge page detection for now, because powerpc needs the vm_area_struct to be able to determine whether a virtual address is referring to a huge page (its pmd_huge() doesn't work). It might also come in handy for some of the other users. Signed-off-by:
-
Philippe De Muyter authored
The generic nvram driver announces itself as 'Macintosh non-volatile memory driver' instead of 'Generic non-volatile memory driver'. Fix that. Signed-off-by:
Philippe De Muyter <phdm@macqel.be> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Arjan van de Ven <arjan@linux.intel.com> Cc: Paul Mackerras <paulus@samba.org> Signed-off-by:
-
Philippe De Muyter authored
In the cirrusfb driver, the RAM address printk has a superfluous 'x' that could be interpreted as "don't care", while it is actually a typo. Fix that. [akpm@linux-foundation.org: join the two printk strings to make it atomic] Signed-off-by:
-
Stephen Hemminger authored
Since many distros load this driver by default (throw it against the wall and see what sticks method). Change the error message severity level to avoid alarming users. Isn't it annoying when users actually read the error logs... Signed-off-by:
Stephen Hemminger <shemminger@vyatta.com> Cc: Michael Buesch <mb@bu3sch.de> Acked-by:
Jan Beulich <jbeulich@novell.com> Signed-off-by:
-
Julia Lawall authored
spid has been allocated in this function and so should be freed before leaving it, as in the other error handling cases. The semantic match that finds the problem is as follows: (http://www.emn.fr/x-info/coccinelle/) @r exists@ expression E,E1; statement S; position p1,p2,p3; @@ E =@p1 \(kmalloc\|kcalloc\|kzalloc\)(...) ... when != E = E1 if (E == NULL || ...) S ... when != E = E1 if@p2 (...) { ... when != kfree(E) } ... when != E = E1 kfree@p3(E); @forall@ position r.p2; expression r.E; int E1 != 0; @@ * if@p2 (...) { ... when != kfree(E) when strict return E1; } Signed-off-by:
Julia Lawall <julia@diku.dk> Cc: Karsten Keil <kkeil@suse.de> Signed-off-by:
-
Chuck Ebbert authored
With CONFIG_DEBUG_SHIRQ set we will get an interrupt as soon as we allocate one. Tasklets may be scheduled in the interrupt handler but they will be initialized after the handler returns, causing a BUG() in kernel/softirq.c when they run. Should fix this Fedora bug report: https://bugzilla.redhat.com/show_bug.cgi?id=449817Signed-off-by:
Chuck Ebbert <cebbert@redhat.com> Acked-by:
Pierre Ossman <drzeus@drzeus.cx> Cc: <stable@kernel.org> Signed-off-by:
-
Eric Miao authored
Signed-off-by:
Eric Miao <eric.miao@marvell.com> Acked-by:
Russell King <rmk@arm.linux.org.uk> Acked-by:
Nicolas Pitre <nico@marvell.com> Signed-off-by:
-
Jeff Dike authored
Fedora broke PTRACE_SYSEMU again, and UML crashes as a result when it doesn't need to. This patch makes the PTRACE_SYSEMU check fail gracefully and makes UML fall back to PTRACE_SYSCALL. Signed-off-by:
Jeff Dike <jdike@linux.intel.com> Signed-off-by:
-
Jeff Dike authored
I allowed an include of asm/user.h to sneak back in. This patch replaces it with sys/user.h. Signed-off-by:
-
Haavard Skinnemoen authored
alarm->pending indicates whether there's an alarm that has actually been triggered, not whether we're waiting for it. alarm->enabled indicates that. Also add missing locking around reading the RTC registers. Signed-off-by:
Haavard Skinnemoen <haavard.skinnemoen@atmel.com> Signed-off-by:
-
Philippe De Muyter authored
The coldfire timer must be initialised to n - 1 if we want it to count n cycles between each tick interrupt. This was already fixed, but has been lost with the conversion to GENERIC_TIMER. Signed-off-by:
Greg Ungerer <gerg@snapgear.com> Signed-off-by:
-
Masami Hiramatsu authored
Fix error checking routine to catch an error which occurs in first __register_*probe(). Signed-off-by:
Masami Hiramatsu <mhiramat@redhat.com> Cc: Ananth N Mavinakayanahalli <ananth@in.ibm.com> Cc: Jim Keniston <jkenisto@us.ibm.com> Cc: David Miller <davem@davemloft.net> Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com> Signed-off-by:
-
Mike Miller authored
Add support for the next generation of HP Smart Array SAS/SATA controllers. Shipping date is late Fall 2008. Bump the driver version to 3.6.20 to reflect the new hardware support from patch 1 of this set. Signed-off-by:
Mike Miller <mike.miller@hp.com> Cc: Jens Axboe <jens.axboe@oracle.com> Cc: <stable@kernel.org> Signed-off-by:
-
Andrew G. Morgan authored
The dummy module is used by folk that run security conscious code(!?). A feature of such code (for example, dhclient) is that it tries to operate with minimum privilege (dropping unneeded capabilities). While the dummy module doesn't restrict code execution based on capability state, the user code expects the kernel to appear to support it. This patch adds back faked support for the PR_SET_KEEPCAPS etc., calls - making the kernel behave as before 2.6.26. For details see: http://bugzilla.kernel.org/show_bug.cgi?id=10748Signed-off-by:
Andrew G. Morgan <morgan@kernel.org> Acked-by:
Serge Hallyn <serue@us.ibm.com> Cc: James Morris <jmorris@namei.org> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: Chris Wright <chrisw@sous-sol.org> Signed-off-by:
-
Ben Nizette authored
Move the forward-declaration of struct mm_struct a little way up proc_fs.h. This fixes a bunch of "'struct mm_struct' declared inside parameter list" warnings with CONFIG_PROC_FS=n Signed-off-by:
Ben Nizette <bn@niasdigital.com> Signed-off-by:
-
Paul Jackson authored
Add URL for another CPUSETS web page to the MAINTAINERS file. This URL provides links to major LGPL user level C libraries supporting cpuset usage and user level cpu and node masks. Signed-off-by:
Paul Jackson <pj@sgi.com> Signed-off-by:
-
Krzysztof Helt authored
Release ports which are requested during detection which are not freed if there is no hga card. Otherwise there is a crash during cat /proc/ioports command. Signed-off-by:
Krzysztof Helt <krzysztof.h1@wp.pl> Cc: <stable@kernel.org> Signed-off-by:
-
Aneesh Kumar K.V authored
Add ext2_find_{first,next}_bit(), which are needed for ext4. They're derived out of the ext2_find_next_zero_bit found in the same file. Compile tested with crosstools [Reworked to preserve all symmetry with ext2_find_{first,next}_zero_bit()] This fixes http://bugzilla.kernel.org/show_bug.cgi?id=10393 [akpm@linux-foundation.org: coding-style fixes] Signed-off-by:Geert Uytterhoeven <geert@linux-m68k.org> Signed-off-by:
-
OGAWA Hirofumi authored
New chmod() allows only acceptable permission, and if not acceptable, it returns -EPERM. Old one allows even if it can't store permission to on disk inode. But it seems too strict for users. E.g. https://bugzilla.redhat.com/show_bug.cgi?id=449080: With new one, rsync couldn't create the temporary file. So, this patch allows like old one, but now it doesn't change the permission if it can't store, and it returns 0. Also, this patch fixes missing check. Signed-off-by:
OGAWA Hirofumi <hirofumi@mail.parknet.co.jp> Signed-off-by:
-
kosaki.motohiro@jp.fujitsu.com authored
"Smarter retry of costly-order allocations" patch series change behaver of do_try_to_free_pages(). But unfortunately ret variable type was unchanged. Thus an overflow is possible. Signed-off-by:
KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Acked-by:
Nishanth Aravamudan <nacc@us.ibm.com> Signed-off-by:
-
Amit Kucheria authored
Addresses https://bugs.edge.launchpad.net/ubuntu/+source/linux-source-2.6.22/+bug/178634Signed-off-by:
Amit Kucheria <amit.kucheria@ubuntu.com> Signed-off-by:
maximilian attems <max@stro.at> Acked-by:
Dave Airlie <airlied@linux.ie> Signed-off-by:
-
- 12 Jun, 2008 9 commits
-
-
David S. Miller authored
This reverts two changesets, ec3c0982 ("[TCP]: TCP_DEFER_ACCEPT updates - process as established") and the follow-on bug fix 9ae27e0a ("tcp: Fix slab corruption with ipv6 and tcp6fuzz"). This change causes several problems, first reported by Ingo Molnar as a distcc-over-loopback regression where connections were getting stuck. Ilpo Järvinen first spotted the locking problems. The new function added by this code, tcp_defer_accept_check(), only has the child socket locked, yet it is modifying state of the parent listening socket. Fixing that is non-trivial at best, because we can't simply just grab the parent listening socket lock at this point, because it would create an ABBA deadlock. The normal ordering is parent listening socket --> child socket, but this code path would require the reverse lock ordering. Next is a problem noticed by Vitaliy Gusev, he noted: ---------------------------------------- >--- a/net/ipv4/tcp_timer.c >+++ b/net/ipv4/tcp_timer.c >@@ -481,6 +481,11 @@ static void tcp_keepalive_timer (unsigned long data) > goto death; > } > >+ if (tp->defer_tcp_accept.request && sk->sk_state == TCP_ESTABLISHED) { >+ tcp_send_active_reset(sk, GFP_ATOMIC); >+ goto death; Here socket sk is not attached to listening socket's request queue. tcp_done() will not call inet_csk_destroy_sock() (and tcp_v4_destroy_sock() which should release this sk) as socket is not DEAD. Therefore socket sk will be lost for freeing. ---------------------------------------- Finally, Alexey Kuznetsov argues that there might not even be any real value or advantage to these new semantics even if we fix all of the bugs: ---------------------------------------- Hiding from accept() sockets with only out-of-order data only is the only thing which is impossible with old approach. Is this really so valuable? My opinion: no, this is nothing but a new loophole to consume memory without control. ---------------------------------------- So revert this thing for now. Signed-off-by:
David S. Miller <davem@davemloft.net>
-
David S. Miller authored
In changeset 22dd4850 ("raw: Raw socket leak.") code was added so that we flush pending frames on raw sockets to avoid leaks. The ipv4 part was fine, but the ipv6 part was not done correctly. Unlike the ipv4 side, the ipv6 code already has a .destroy method for rawv6_prot. So now there were two assignments to this member, and what the compiler does is use the last one, effectively making the ipv6 parts of that changeset a NOP. Fix this by removing the: .destroy = inet6_destroy_sock, line, and adding an inet6_destroy_sock() call to the end of raw6_destroy(). Noticed by Al Viro. Signed-off-by:
YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
-
Eilon Greenstein authored
I would like to thank Eliezer Tamir for writing and maintaining the driver for the past two years. I will take over maintaining the bnx2x driver from now on. Signed-off-by:
Eilon Greenstein <eilong@broadcom.com> Signed-off-by:
Eliezer Tamir <eliezert@broadcom.com> Signed-off-by:
-
Linus Torvalds authored
.. and a new name, courtesy of Alan.
-
Linus Torvalds authored
Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: x86: fix pointer type warning in arch/x86/mm/init_64.c:early_memtest x86, lockdep: fix "WARNING: at kernel/lockdep.c:2658 check_flags+0x4c/0x128()" x86: fix an incompatible pointer type warning on 64-bit compilations x86: fix lockdep warning during suspend-to-ram x86: fix unused variable 'loops' warning in arch/x86/boot/a20.c Revert "x86: fix ioapic bug again" x86: fix asm warning in head_32.S x86: fix endless page faults in mount_block_root for Linux 2.6 geode: fix modular build
-
Linus Torvalds authored
Merge branch 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: sched: 64-bit: fix arithmetics overflow sched: fair group: fix overflow(was: fix divide by zero) sched: fix TASK_WAKEKILL vs SIGKILL race
-
Stefan Schmidt authored
Macros like Fld() or FShft used in regs-lcd.h are defined in bitfield.h, but the latter is not included. Also fix one whitespace issue while being there. Signed-off-by:
Antonio Ospite <ao2@openezx.org> Signed-off-by:
Stefan Schmidt <stefan@datenfreihafen.org> Acked-by:
Russell King <rmk+kernel@arm.linux.org.uk>
-
Kevin Winchester authored
Changed the call to find_e820_area_size to pass u64 instead of unsigned long. Signed-off-by:
Kevin Winchester <kjwinchester@gmail.com> Signed-off-by:
Ingo Molnar <mingo@elte.hu>
-
Vegard Nossum authored
Alessandro Suardi reported: > Recently upgraded my FC6 desktop to Fedora 9; with the > latest nautilus RPM updates my VNC session went nuts > with nautilus pegging the CPU for everything that breathed. > > I now reverted to an earlier nautilus package, but during > the peak CPU period my kernel spat this: > > [314185.623294] ------------[ cut here ]------------ > [314185.623414] WARNING: at kernel/lockdep.c:2658 check_flags+0x4c/0x128() > [314185.623514] Modules linked in: iptable_filter ip_tables x_tables > sunrpc ipv6 fuse snd_via82xx snd_ac97_codec ac97_bus snd_mpu401_uart > snd_rawmidi via686a hwmon parport_pc sg parport uhci_hcd ehci_hcd > [314185.623924] Pid: 12314, comm: nautilus Not tainted 2.6.26-rc5-git2 #4 > [314185.624021] [<c0115b95>] warn_on_slowpath+0x41/0x7b > [314185.624021] [<c010de70>] ? do_page_fault+0x2c1/0x5fd > [314185.624021] [<c0128396>] ? up_read+0x16/0x28 > [314185.624021] [<c010de70>] ? do_page_fault+0x2c1/0x5fd > [314185.624021] [<c012fa33>] ? __lock_acquire+0xbb4/0xbc3 > [314185.624021] [<c012d0a0>] check_flags+0x4c/0x128 > [314185.624021] [<c012fa73>] lock_acquire+0x31/0x7d > [314185.624021] [<c0128cf6>] __atomic_notifier_call_chain+0x30/0x80 > [314185.624021] [<c0128cc6>] ? __atomic_notifier_call_chain+0x0/0x80 > [314185.624021] [<c0128d52>] atomic_notifier_call_chain+0xc/0xe > [314185.624021] [<c0128d81>] notify_die+0x2d/0x2f > [314185.624021] [<c01043b0>] do_int3+0x1f/0x4d > [314185.624021] [<c02f2d3b>] int3+0x27/0x2c > [314185.624021] ======================= > [314185.624021] ---[ end trace 1923f65a2d7bb246 ]--- > [314185.624021] possible reason: unannotated irqs-off. > [314185.624021] irq event stamp: 488879 > [314185.624021] hardirqs last enabled at (488879): [<c0102d67>] > restore_nocheck+0x12/0x15 > [314185.624021] hardirqs last disabled at (488878): [<c0102dca>] > work_resched+0x19/0x30 > [314185.624021] softirqs last enabled at (488876): [<c011a1ba>] > __do_softirq+0xa6/0xac > [314185.624021] softirqs last disabled at (488865): [<c010476e>] > do_softirq+0x57/0xa6 > > I didn't seem to find it with some googling, so here it is. > > I was incidentally ltracing that process to try and find out > what was gulping down that much CPU (sorry, no idea > whether ltrace and the WARNING happened at the same > time or which came first) and: Yeah, this is extremely likely to be the source of the warning. The warning should be harmless, however. > Box is my trusty noname K7-800, 512MB RAM; if there's > anything else useful I might be able to provide, just ask. It would be interesting to see where the int3 comes from. Too bad, lockdep doesn't provide the register dump. The stacktrace also doesn't go further than the int3(), I wonder if this int3 came from userspace? The ltrace readme says "software breakpoints, like gdb", so I guess this is the case. Yep, seems like it. This looks relevant: | commit fb1dac90 | Author: Peter Zijlstra <a.p.zijlstra@chello.nl> | Date: Wed Jan 16 09:51:59 2008 +0100 | | lockdep: more hardirq annotations for notify_die() I'm attaching a similarly-looking patch for this case (DO_VM86_ERROR), though I suspect it might be missing for the other cases (DO_ERROR/DO_ERROR_INFO) as well. Reported-by:
Alessandro Suardi <alessandro.suardi@gmail.com> Signed-off-by:
Vegard Nossum <vegard.nossum@gmail.com> Acked-by:
-
