- 17 Sep, 2010 3 commits
-
-
Linus Walleij authored
We have to use _cansleep gpio accessors in the MMCI driver so as to avoid slowpath warnings, now U300 has MMCI but doesn't have these functions in place to siply wrap the existing non-sleeping functions into sleepable variants. Signed-off-by: Linus Walleij <linus.walleij@stericsson.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
-
Linus Walleij authored
The prescaler 16 is now used only when the timer runs at 32 MHz or more. Some comment updates as well. Acked-by: Alessandro Rubini <rubini@unipv.it> Signed-off-by: Jonas Aaberg <jonas.aberg@stericsson.com> Signed-off-by: Linus Walleij <linus.walleij@stericsson.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
-
Linus Walleij authored
timer0 to 3 are all on mtu block 0, so don't calculate the clock event rate based upon mtu block 1's clock speed. Acked-by: Alessandro Rubini <rubini@unipv.it> Signed-off-by: Jonas Aaberg <jonas.aberg@stericsson.com> Signed-off-by: Linus Walleij <linus.walleij@stericsson.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
-
- 16 Sep, 2010 10 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: cifs: fix potential double put of TCP session reference
-
git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6Linus Torvalds authored
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6: [IA64] Optimize ticket spinlocks in fsys_rt_sigprocmask
-
git://github.com/schandinat/linux-2.6Linus Torvalds authored
* '2.6.36-fixes' of git://github.com/schandinat/linux-2.6: drivers/video/via/ioctl.c: prevent reading uninitialized stack memory
-
git://git.kernel.org/pub/scm/linux/kernel/git/brodo/pcmcia-2.6Linus Torvalds authored
* 'urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/brodo/pcmcia-2.6: pcmcia pcnet_cs: try setting io_lines to 16 if card setup fails pcmcia: per-device, not per-socket debug messages pcmcia serial_cs.c: fix multifunction card handling
-
git://git.infradead.org/users/cbou/battery-2.6.36Linus Torvalds authored
* git://git.infradead.org/users/cbou/battery-2.6.36: apm_power: Add missing break statement intel_pmic_battery: Fix battery charging status on mrst
-
git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdogLinus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog: watchdog: Enable NXP LPC32XX support in Kconfig (resend) watchdog: ts72xx_wdt: disable watchdog at probe watchdog: sb_wdog: release irq and reboot notifier in error path and module_exit()
-
git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tileLinus Torvalds authored
* 'stable' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile: arch/tile: fix formatting bug in register dumps arch/tile: fix memcpy_fromio()/memcpy_toio() signatures arch/tile: Save and restore extra user state for tilegx arch/tile: Change struct sigcontext to be more useful arch/tile: finish const-ifying sys_execve()
-
git://git.kernel.org/pub/scm/linux/kernel/git/lrg/voltage-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lrg/voltage-2.6: regulator: wm8350-regulator - fix the logic of checking REGULATOR_MODE_STANDBY mode regulator: wm831x-ldo - fix the logic to set REGULATOR_MODE_IDLE and REGULATOR_MODE_STANDBY modes regulator: ab8500 - fix off-by-one value range checking for selector regulator: 88pm8607 - fix value range checking for accessing info->vol_table regulator: isl6271a-regulator - fix regulator_desc parameter for regulator_register() regulator: ad5398 - fix a memory leak regulator: Update e-mail address for Liam Girdwood regulator: set max8998->dev to &pdev->dev. regulator: tps6586x-regulator - fix bit_mask parameter for tps6586x_set_bits() regulator: tps6586x-regulator - fix value range checking for val regulator: max8998 - set max8998->num_regulators regulator: max8998 - fix memory allocation size for max8998->rdev regulator: tps6507x - remove incorrect comments regulator: max1586 - improve the logic of choosing selector regulator: ab8500 - fix the logic to remove already registered regulators in error path regulator: ab3100 - fix the logic to remove already registered regulators in error path regulator/ab8500: move dereference below the check for NULL
-
git://git.kernel.org/pub/scm/linux/kernel/git/tj/wqLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq: workqueue: add documentation
-
git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6Linus Torvalds authored
* 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6: drm/radeon/kms: only warn on mipmap size checks in r600 cs checker (v2) drm/radeon/kms: force legacy pll algo for RV620 LVDS drm: fix race between driver loading and userspace open. drm: Use a nondestructive mode for output detect when polling (v2) drm/radeon/kms: fix the colorbuffer CS checker for r300-r500 drm/radeon/kms: increase lockup detection interval to 10 sec for r100-r500 drm/radeon/kms/evergreen: fix backend setup drm: Use a nondestructive mode for output detect when polling drm/radeon: add some missing copyright headers drm: Only decouple the old_fb from the crtc is we call mode_set* drm/radeon/kms: don't enable underscan with interlaced modes drm/radeon/kms: add connector table for Mac x800 drm/radeon/kms: fix regression in RMX code (v2) drm: Fix regression in disable polling e58f637b
-
- 15 Sep, 2010 20 commits
-
-
Dan Rosenberg authored
The VIAFB_GET_INFO device ioctl allows unprivileged users to read 246 bytes of uninitialized stack memory, because the "reserved" member of the viafb_ioctl_info struct declared on the stack is not altered or zeroed before being copied back to the user. This patch takes care of it. Signed-off-by: Dan Rosenberg <dan.j.rosenberg@gmail.com> Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
-
Petr Tesarik authored
Tony's fix (f574c843) has a small bug, it incorrectly uses "r3" as a scratch register in the first of the two unlock paths ... it is also inefficient. Optimize the fast path again. Signed-off-by: Petr Tesarik <ptesarik@suse.cz> Signed-off-by: Tony Luck <tony.luck@intel.com>
-
Kevin Wells authored
The NXP LPC32XX processor use the same watchdog as the Philips PNX4008 processor. Signed-off-by: Kevin Wells <wellsk40@gmail.com> Tested-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
-
Mika Westerberg authored
Since it may be already enabled by bootloader or some other utility. This patch makes sure that the watchdog is disabled before any userspace daemon opens the device. It is also required by the watchdog API. Signed-off-by: Mika Westerberg <mika.westerberg@iki.fi> Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
-
Akinobu Mita authored
irq and reboot notifier are acquired in module_init() but never released. They should be released correctly, otherwise reloading the module or error during module_init() will cause a problem. Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com> Cc: Andrew Sharp <andy.sharp@lsi.com> Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
-
Dominik Brodowski authored
Some pcnet_cs compatible cards require an exact 16-lines match of the ioport areas specified in CIS, but set the "iolines" value in the CIS incorrectly. We can easily work around this issue -- same as we do in serial_cs -- by first trying setting iolines to the CIS-specified value, and then trying a 16-line match. Reported-and-tested-by: Wolfram Sang <w.sang@pengutronix.de> Hardware-supplied-by: Jochen Frieling <j.frieling@pengutronix.de> CC: netdev@vger.kernel.org Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
-
Dominik Brodowski authored
As the iomem / ioport setup differs per device, it is much better to print out the device instead of the socket. Tested-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
-
Dominik Brodowski authored
We shouldn't overwrite pre-set values, and we should also set the port address to the beginning, and not the end of the 8-port range. CC: linux-serial@vger.kernel.org Reported-by: Komuro <komurojun-mbn@nifty.com> Hardware-supplied-by: Jochen Frieling <j.frieling@pengutronix.de> Tested-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
-
Chris Metcalf authored
This cut-and-paste bug was caused by rewriting the register dump code to use only a single printk per line of output. Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
-
Chris Metcalf authored
This tripped up a driver (not yet committed to git). Fix it now. Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
-
Chris Metcalf authored
During context switch, save and restore a couple of additional bits of tilegx user state that can be persistently modified by userspace. Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
-
Chris Metcalf authored
Rather than just using pt_regs, it now contains the actual saved state explicitly, similar to pt_regs. By doing it this way, we provide a cleaner API for userspace (or equivalently, we avoid the need for libc to provide its own definition of sigcontext). While we're at it, move PT_FLAGS_xxx to where they are not visible from userspace. And always pass siginfo and mcontext to signal handlers, even if they claim they don't need it, since sometimes they actually try to use it anyway in practice. Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
-
Chris Metcalf authored
The sys_execve() implementation was properly const-ified but not the declaration, the syscall wrappers, or the compat version. This change completes the constification process. Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
-
Alex Deucher authored
The texture base address registers are in units of 256 bytes. The original CS checker treated these offsets as bytes, so the original check was wrong. I fixed the units in a patch during the 2.6.36 cycle, but this ended up breaking some existing userspace (probably due to a bug in either userspace texture allocation or the drm texture mipmap checker). So for now, until we come up with a better fix, just warn if the mipmap size it too large. This will keep existing userspace working and it should be just as safe as before when we were checking the wrong units. These are GPU MC addresses, so if they fall outside of the VRAM or GART apertures, they end up at the GPU default page, so this should be safe from a security perspective. v2: Just disable the warning. It just spams the log and there's nothing the user can do about it. Signed-off-by: Alex Deucher <alexdeucher@gmail.com> Cc: Jerome Glisse <glisse@freedesktop.org> Signed-off-by: Dave Airlie <airlied@redhat.com>
-
ssh://master.kernel.org/home/hpa/tree/secLinus Torvalds authored
* ssh://master.kernel.org/home/hpa/tree/sec: x86-64, compat: Retruncate rax after ia32 syscall entry tracing x86-64, compat: Test %rax for the syscall number, not %eax compat: Make compat_alloc_user_space() incorporate the access_ok()
-
David Howells authored
Fix up the IRQ names for the MN10300 on-chip serial ports in the driver as request_interrupt() no longer allows names containing slashes, giving a warning like the following if one is encountered: ------------[ cut here ]------------ WARNING: at fs/proc/generic.c:323 __xlate_proc_name+0x62/0x7c() name 'ttySM0/Rx' Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.infradead.org/mtd-2.6Linus Torvalds authored
* git://git.infradead.org/mtd-2.6: mtd: pxa3xx: fix build error when CONFIG_MTD_PARTITIONS is not defined mtd: mxc_nand: configure pages per block for v2 controller mtd: OneNAND: Fix loop hang when DMA error at Samsung SoCs mtd: OneNAND: Fix 2KiB pagesize handling at Samsung SoCs mtd: Blackfin NFC: fix invalid free in remove() mtd: Blackfin NFC: fix build error after nand_scan_ident() change mxc_nand: Do not do byte accesses to the NFC buffer.
-
git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hidLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid: HID: fix hiddev's use of usb_find_interface HID: fixup blacklist entry for Asus T91MT HID: add device ID for new Asus Multitouch Controller HID: add no-get quirk for eGalax touch controller HID: Add quirk for eGalax touch controler. HID: add support for another BTC Emprex remote control HID: Set Report ID properly for Output reports on the Control endpoint. HID: Kanvus Note A5 tablet needs HID_QUIRK_MULTI_INPUT HID: Add support for chicony multitouch screens.
-
git://git.linux-nfs.org/projects/trondmy/nfs-2.6Linus Torvalds authored
* 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6: SUNRPC: Fix the NFSv4 and RPCSEC_GSS Kconfig dependencies statfs() gives ESTALE error NFS: Fix a typo in nfs_sockaddr_match_ipaddr6 sunrpc: increase MAX_HASHTABLE_BITS to 14 gss:spkm3 miss returning error to caller when import security context gss:krb5 miss returning error to caller when import security context Remove incorrect do_vfs_lock message SUNRPC: cleanup state-machine ordering SUNRPC: Fix a race in rpc_info_open SUNRPC: Fix race corrupting rpc upcall Fix null dereference in call_allocate
-
Jeff Moyer authored
Tavis Ormandy pointed out that do_io_submit does not do proper bounds checking on the passed-in iocb array: if (unlikely(nr < 0)) return -EINVAL; if (unlikely(!access_ok(VERIFY_READ, iocbpp, (nr*sizeof(iocbpp))))) return -EFAULT; ^^^^^^^^^^^^^^^^^^ The attached patch checks for overflow, and if it is detected, the number of iocbs submitted is scaled down to a number that will fit in the long. This is an ok thing to do, as sys_io_submit is documented as returning the number of iocbs submitted, so callers should handle a return value of less than the 'nr' argument passed in. Reported-by: Tavis Ormandy <taviso@cmpxchg8b.com> Signed-off-by: Jeff Moyer <jmoyer@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
- 14 Sep, 2010 7 commits
-
-
Jeff Layton authored
cifs_get_smb_ses must be called on a server pointer on which it holds an active reference. It first does a search for an existing SMB session. If it finds one, it'll put the server reference and then try to ensure that the negprot is done, etc. If it encounters an error at that point then it'll return an error. There's a potential problem here though. When cifs_get_smb_ses returns an error, the caller will also put the TCP server reference leading to a double-put. Fix this by having cifs_get_smb_ses only put the server reference if it found an existing session that it could use and isn't returning an error. Cc: stable@kernel.org Reviewed-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
-
Roland McGrath authored
In commit d4d67150, we reopened an old hole for a 64-bit ptracer touching a 32-bit tracee in system call entry. A %rax value set via ptrace at the entry tracing stop gets used whole as a 32-bit syscall number, while we only check the low 32 bits for validity. Fix it by truncating %rax back to 32 bits after syscall_trace_enter, in addition to testing the full 64 bits as has already been added. Reported-by: Ben Hawkes <hawkes@sota.gen.nz> Signed-off-by: Roland McGrath <roland@redhat.com> Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
-
H. Peter Anvin authored
On 64 bits, we always, by necessity, jump through the system call table via %rax. For 32-bit system calls, in theory the system call number is stored in %eax, and the code was testing %eax for a valid system call number. At one point we loaded the stored value back from the stack to enforce zero-extension, but that was removed in checkin d4d67150. An actual 32-bit process will not be able to introduce a non-zero-extended number, but it can happen via ptrace. Instead of re-introducing the zero-extension, test what we are actually going to use, i.e. %rax. This only adds a handful of REX prefixes to the code. Reported-by: Ben Hawkes <hawkes@sota.gen.nz> Signed-off-by: H. Peter Anvin <hpa@linux.intel.com> Cc: <stable@kernel.org> Cc: Roland McGrath <roland@redhat.com> Cc: Andrew Morton <akpm@linux-foundation.org>
-
H. Peter Anvin authored
compat_alloc_user_space() expects the caller to independently call access_ok() to verify the returned area. A missing call could introduce problems on some architectures. This patch incorporates the access_ok() check into compat_alloc_user_space() and also adds a sanity check on the length. The existing compat_alloc_user_space() implementations are renamed arch_compat_alloc_user_space() and are used as part of the implementation of the new global function. This patch assumes NULL will cause __get_user()/__put_user() to either fail or access userspace on all architectures. This should be followed by checking the return value of compat_access_user_space() for NULL in the callers, at which time the access_ok() in the callers can also be removed. Reported-by: Ben Hawkes <hawkes@sota.gen.nz> Signed-off-by: H. Peter Anvin <hpa@linux.intel.com> Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Acked-by: Chris Metcalf <cmetcalf@tilera.com> Acked-by: David S. Miller <davem@davemloft.net> Acked-by: Ingo Molnar <mingo@elte.hu> Acked-by: Thomas Gleixner <tglx@linutronix.de> Acked-by: Tony Luck <tony.luck@intel.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Fenghua Yu <fenghua.yu@intel.com> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Heiko Carstens <heiko.carstens@de.ibm.com> Cc: Helge Deller <deller@gmx.de> Cc: James Bottomley <jejb@parisc-linux.org> Cc: Kyle McMartin <kyle@mcmartin.ca> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: Paul Mackerras <paulus@samba.org> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: <stable@kernel.org>
-
Alex Deucher authored
There has been periodic evidence that LVDS, on at least some panels, prefers the dividers selected by the legacy pll algo. This patch forces the use of the legacy pll algo on RV620 LVDS panels. The old behavior (new pll algo) can be selected by setting the new_pll module parameter to 1. Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=30029Signed-off-by: Alex Deucher <alexdeucher@gmail.com> Cc: stable@kernel.org Signed-off-by: Dave Airlie <airlied@redhat.com>
-
Dave Airlie authored
Not 100% sure this is due to BKL removal, its most likely a combination of that + userspace timing changes in udev/plymouth. The drm adds the sysfs device before the driver has completed internal loading, this causes udev to make the node and plymouth to open it before we've completed loading. The proper solution is to delay the sysfs manipulation until later in loading however this causes knock on issues with sysfs connector nodes, so we can use the global mutex to serialise loading and userspace opens. Reported-by: Toni Spets (hifi on #radeon) Signed-off-by: Dave Airlie <airlied@redhat.com>
-
Chris Wilson authored
v2: Julien Cristau pointed out that @nondestructive results in double-negatives and confusion when trying to interpret the parameter, so use @force instead. Much easier to type as well. ;-) And fix the miscompilation of vmgfx reported by Sedat Dilek. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk> Cc: stable@kernel.org Signed-off-by: Dave Airlie <airlied@redhat.com>
-