- 01 Dec, 2012 5 commits
-
-
git://linux-c6x.org/git/projects/linux-c6x-upstreamingLinus Torvalds authored
Pull C6X fixes from Mark Salter. * tag 'for-linus' of git://linux-c6x.org/git/projects/linux-c6x-upstreaming: c6x: use generic kvm_para.h c6x: remove internal kernel symbols from exported setup.h c6x: fix misleading comment c6x: run do_notify_resume with interrupts enabled
-
git://git.kernel.org/pub/scm/linux/kernel/git/viro/signalLinus Torvalds authored
Pull assorted signal-related fixes from Al Viro: "uml regression fix (braino in sys_execve() patch) + a bunch of fucked sigaltstack-on-rt_sigreturn uses, similar to sparc64 fix that went in through davem's tree. m32r horrors not included - that one's waiting for maintainer." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal: microblaze: rt_sigreturn is too trigger-happy about sigaltstack errors score: do_sigaltstack() expects a userland pointer... sh64: fix altstack switching on sigreturn openrisk: fix altstack switching on sigreturn um: get_safe_registers() should be done in flush_thread(), not start_thread()
-
git://git.samba.org/sfrench/cifs-2.6Linus Torvalds authored
Pull CIFS fixes from Steve French: "Two low risk, small fixes, that fix cifs regressions introduced in 3.7." * 'for-linus' of git://git.samba.org/sfrench/cifs-2.6: CIFS: Fix wrong buffer pointer usage in smb_set_file_info cifs: fix writeback race with file that is growing
-
git://git.kernel.org/pub/scm/linux/kernel/git/ohad/remoteprocLinus Torvalds authored
Pull remoteproc fix from Ohad Ben-Cohen: "A single remoteproc fix for an error path issue reported by Ido Yariv." * tag 'rproc-3.7-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/ohad/remoteproc: remoteproc: fix error path of ->find_vqs
-
git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pendingLinus Torvalds authored
Pull target fix from Nicholas Bellinger: "So just a single target fix for v3.7.0 this time around from Roland to address a aborted command bug w/ tcm_qla2xxx fabric ports. Also, there is one outstanding IBLOCK + virtio-blk bug that is still being tracked down effecting v3.6.x, but AFAICT thus far this appears to be a bug outside of target code." * git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending: target: Fix handling of aborted commands
-
- 30 Nov, 2012 12 commits
-
-
git://people.freedesktop.org/~airlied/linuxLinus Torvalds authored
Pull DRM fixes from Dave Airlie: "Just driver fixes, nothing major, except maybe the Ironlake rc6 disable: - intel: * revert ironlake rc6 - we still have one ilk regression, but this gets rid of one big one * turn off cloning * a directed fix for Apple edp - radeon: one modesetting fix - exynos: minor fixes" * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: radeon: fix pll/ctrc mapping on dce2 and dce3 hardware Revert "drm/i915: enable rc6 on ilk again" drm/i915: do not default to 18 bpp for eDP if missing from VBT drm/exynos: Fix potential NULL pointer dereference in exynos_drm_encoder.c drm/exynos: Make exynos4/5_fimd_driver_data static drm/exynos: fix overlay updating issue drm/exynos: remove unnecessary code. drm/exynos: fix linux framebuffer address setting. drm/i915: disable cloning on sdvo
-
Linus Torvalds authored
Merge misc fixes from Andrew Morton: "Seven fixes, some of them fingers-crossed :(" * emailed patches from Andrew Morton <akpm@linux-foundation.org>: (7 patches) drivers/rtc/rtc-tps65910.c: fix invalid pointer access on _remove() mm: soft offline: split thp at the beginning of soft_offline_page() mm: avoid waking kswapd for THP allocations when compaction is deferred or contended revert "Revert "mm: remove __GFP_NO_KSWAPD"" mm: vmscan: fix endless loop in kswapd balancing mm/vmemmap: fix wrong use of virt_to_page mm: compaction: fix return value of capture_free_page()
-
git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-socLinus Torvalds authored
Pull ARM SoC fixes from Arnd Bergmann: "These are three fixes for the Marvell EBU family and one for the Samsung s3c platforms. All of them are obvious should still make it into 3.7." * tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: ARM: Kirkwood: Update PCI-E fixup Dove: Fix irq_to_pmu() Dove: Attempt to fix PMU/RTC interrupts ARM: S3C24XX: Fix potential NULL pointer dereference error
-
git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-socLinus Torvalds authored
Pull ARM ixp4xx bug fixes from Arnd Bergmann: "These were originally prepared by Krzysztof Halasa but not submitted in time for v3.7 due to some confusion about how ixp4xx patches should be handled. Jason Cooper thankfully offered to help out sending the patches upstream through arm-soc now, but given the timing, we could as well delay them for 3.8." * tag 'ixp4xx-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: IXP4xx: use __iomem for MMIO IXP4xx: map CPU config registers within VMALLOC region. IXP4xx: Always ioremap() Queue Manager MMIO region at boot. ixp4xx: Declare MODULE_FIRMWARE usage IXP4xx crypto: MOD_AES{128,192,256} already include key size. WAN: Remove redundant HDLC info printed by IXP4xx HSS driver. IXP4xx: Remove time limit for PCI TRDY to enable use of slow devices. IXP4xx: ixp4xx_crypto driver requires Queue Manager and NPE drivers. IXP4xx: HW pseudo-random generator is available on IXP45x/46x only. IXP4xx: Fix off-by-one bug in Goramo MultiLink platform. IXP4xx: Fix Goramo MultiLink platform compilation.
-
git://git.linaro.org/people/rmk/linux-armLinus Torvalds authored
Pull final ARM fix from Russell King: "One final fix, spotted by Will, to do with what happens when we boot a SMP kernel on UP." * 'fixes' of git://git.linaro.org/people/rmk/linux-arm: ARM: 7586/1: sp804: set cpumask to cpu_possible_mask for clock event device
-
Kim, Milo authored
The tps65910_rtc data is registered as the platform driver data in _probe(= ). Therefore the tps65910_rtc should be used on unregistering the rtc device. And device pointer should be retrieved from the platform_device structure. This patch fixes the below oops: Unable to handle kernel NULL pointer dereference at virtual address 00000008 Modules linked in: rtc_tps65910(-) CPU: 0 Not tainted (3.7.0-rc7-next-20121128-g6b1f974-dirty #7) PC is at tps65910_rtc_alarm_irq_enable+0x20/0x2c [rtc_tps65910] (tps65910_rtc_alarm_irq_enable+0x20/0x2c [rtc_tps65910]) (tps65910_rtc_remove+0x18/0x28 [rtc_tps65910]) (platform_drv_remove+0x18/0x1c) (__device_release_driver+0x70/0xcc) (driver_detach+0xb4/0xb8) (bus_remove_driver+0x7c/0xc0) (sys_delete_module+0x148/0x21c) Signed-off-by: Milo(Woogyom) Kim <milo.kim@ti.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Naoya Horiguchi authored
When we try to soft-offline a thp tail page, put_page() is called on the tail page unthinkingly and VM_BUG_ON is triggered in put_compound_page(). This patch splits thp before going into the main body of soft-offlining. Signed-off-by: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com> Cc: Andi Kleen <andi@firstfloor.org> Cc: Tony Luck <tony.luck@intel.com> Cc: Andi Kleen <andi.kleen@intel.com> Cc: Wu Fengguang <fengguang.wu@intel.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Mel Gorman authored
With "mm: vmscan: scale number of pages reclaimed by reclaim/compaction based on failures" reverted, Zdenek Kabelac reported the following Hmm, so it's just took longer to hit the problem and observe kswapd0 spinning on my CPU again - it's not as endless like before - but still it easily eats minutes - it helps to turn off Firefox or TB (memory hungry apps) so kswapd0 stops soon - and restart those apps again. (And I still have like >1GB of cached memory) kswapd0 R running task 0 30 2 0x00000000 Call Trace: preempt_schedule+0x42/0x60 _raw_spin_unlock+0x55/0x60 put_super+0x31/0x40 drop_super+0x22/0x30 prune_super+0x149/0x1b0 shrink_slab+0xba/0x510 The sysrq+m indicates the system has no swap so it'll never reclaim anonymous pages as part of reclaim/compaction. That is one part of the problem but not the root cause as file-backed pages could also be reclaimed. The likely underlying problem is that kswapd is woken up or kept awake for each THP allocation request in the page allocator slow path. If compaction fails for the requesting process then compaction will be deferred for a time and direct reclaim is avoided. However, if there are a storm of THP requests that are simply rejected, it will still be the the case that kswapd is awake for a prolonged period of time as pgdat->kswapd_max_order is updated each time. This is noticed by the main kswapd() loop and it will not call kswapd_try_to_sleep(). Instead it will loopp, shrinking a small number of pages and calling shrink_slab() on each iteration. This patch defers when kswapd gets woken up for THP allocations. For !THP allocations, kswapd is always woken up. For THP allocations, kswapd is woken up iff the process is willing to enter into direct reclaim/compaction. [akpm@linux-foundation.org: fix typo in comment] Signed-off-by: Mel Gorman <mgorman@suse.de> Cc: Zdenek Kabelac <zkabelac@redhat.com> Cc: Seth Jennings <sjenning@linux.vnet.ibm.com> Cc: Jiri Slaby <jirislaby@gmail.com> Cc: Rik van Riel <riel@redhat.com> Cc: Robert Jennings <rcj@linux.vnet.ibm.com> Cc: Valdis Kletnieks <Valdis.Kletnieks@vt.edu> Cc: Glauber Costa <glommer@gmail.com> Cc: Johannes Weiner <hannes@cmpxchg.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Andrew Morton authored
It apepars that this patch was innocent, and we hope that "mm: avoid waking kswapd for THP allocations when compaction is deferred or contended" will fix the final kswapd-spinning cause. Cc: Zdenek Kabelac <zkabelac@redhat.com> Cc: Seth Jennings <sjenning@linux.vnet.ibm.com> Cc: Valdis Kletnieks <Valdis.Kletnieks@vt.edu> Cc: Jiri Slaby <jirislaby@gmail.com> Cc: Rik van Riel <riel@redhat.com> Cc: Robert Jennings <rcj@linux.vnet.ibm.com> Cc: Mel Gorman <mgorman@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Johannes Weiner authored
Kswapd does not in all places have the same criteria for a balanced zone. Zones are only being reclaimed when their high watermark is breached, but compaction checks loop over the zonelist again when the zone does not meet the low watermark plus two times the size of the allocation. This gets kswapd stuck in an endless loop over a small zone, like the DMA zone, where the high watermark is smaller than the compaction requirement. Add a function, zone_balanced(), that checks the watermark, and, for higher order allocations, if compaction has enough free memory. Then use it uniformly to check for balanced zones. This makes sure that when the compaction watermark is not met, at least reclaim happens and progress is made - or the zone is declared unreclaimable at some point and skipped entirely. Signed-off-by: Johannes Weiner <hannes@cmpxchg.org> Reported-by: George Spelvin <linux@horizon.com> Reported-by: Johannes Hirte <johannes.hirte@fem.tu-ilmenau.de> Reported-by: Tomas Racek <tracek@redhat.com> Tested-by: Johannes Hirte <johannes.hirte@fem.tu-ilmenau.de> Reviewed-by: Rik van Riel <riel@redhat.com> Cc: Mel Gorman <mel@csn.ul.ie> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Jianguo Wu authored
I enable CONFIG_DEBUG_VIRTUAL and CONFIG_SPARSEMEM_VMEMMAP, when doing memory hotremove, there is a kernel BUG at arch/x86/mm/physaddr.c:20. It is caused by free_section_usemap()->virt_to_page(), virt_to_page() is only used for kernel direct mapping address, but sparse-vmemmap uses vmemmap address, so it is going wrong here. ------------[ cut here ]------------ kernel BUG at arch/x86/mm/physaddr.c:20! invalid opcode: 0000 [#1] SMP Modules linked in: acpihp_drv acpihp_slot edd cpufreq_conservative cpufreq_userspace cpufreq_powersave acpi_cpufreq mperf fuse vfat fat loop dm_mod coretemp kvm crc32c_intel ipv6 ixgbe igb iTCO_wdt i7core_edac edac_core pcspkr iTCO_vendor_support ioatdma microcode joydev sr_mod i2c_i801 dca lpc_ich mfd_core mdio tpm_tis i2c_core hid_generic tpm cdrom sg tpm_bios rtc_cmos button ext3 jbd mbcache usbhid hid uhci_hcd ehci_hcd usbcore usb_common sd_mod crc_t10dif processor thermal_sys hwmon scsi_dh_alua scsi_dh_hp_sw scsi_dh_rdac scsi_dh_emc scsi_dh ata_generic ata_piix libata megaraid_sas scsi_mod CPU 39 Pid: 6454, comm: sh Not tainted 3.7.0-rc1-acpihp-final+ #45 QCI QSSC-S4R/QSSC-S4R RIP: 0010:[<ffffffff8103c908>] [<ffffffff8103c908>] __phys_addr+0x88/0x90 RSP: 0018:ffff8804440d7c08 EFLAGS: 00010006 RAX: 0000000000000006 RBX: ffffea0012000000 RCX: 000000000000002c ... Signed-off-by: Jianguo Wu <wujianguo@huawei.com> Signed-off-by: Jiang Liu <jiang.liu@huawei.com> Reviewd-by: Wen Congyang <wency@cn.fujitsu.com> Acked-by: Johannes Weiner <hannes@cmpxchg.org> Reviewed-by: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com> Reviewed-by: Michal Hocko <mhocko@suse.cz> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Mel Gorman authored
Commit ef6c5be6 ("fix incorrect NR_FREE_PAGES accounting (appears like memory leak)") fixes a NR_FREE_PAGE accounting leak but missed the return value which was also missed by this reviewer until today. That return value is used by compaction when adding pages to a list of isolated free pages and without this follow-up fix, there is a risk of free list corruption. Signed-off-by: Mel Gorman <mgorman@suse.de> Cc: Dave Hansen <dave@linux.vnet.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
- 29 Nov, 2012 8 commits
-
-
Arnd Bergmann authored
Merge branch 'v3.7-samsung-fixes-4' of git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung into fixes From Kukjin Kim <kgene.kim@samsung.com>: Samsung fixes for v3.7 * 'v3.7-samsung-fixes-4' of git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung: ARM: S3C24XX: Fix potential NULL pointer dereference error This would have been ok to delay to 3.8 according to Kukjin, but since it's an obvious bug fix and a potential NULL pointer dereference, it seem appropriate for a late 3.7 submission. Signed-off-by: Arnd Bergmann <arnd@arndb.de>
-
Ohad Ben-Cohen authored
Eliminate an erroneous invocation of rproc_shutdown inside the error path of rproc_virtio_find_vqs. Reported-by: Ido Yariv <ido@wizery.com> Signed-off-by: Ohad Ben-Cohen <ohad@wizery.com>
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds authored
Pull networking fixes from David Miller: "Some more fixes trickled in over the past few days: 1) PIM device names can overflow the IFNAMSIZ buffer unless we properly limit the allowed indexes, fix from Eric Dumazet. 2) Under heavy load we can OOPS in icmp reply processing due to an unchecked inet_putpeer() call. Fix from Neal Cardwell. 3) SCTP round trip calculations need to use 64-bit math to avoid overflows, fix from Schoch Christian. 4) Fix a memory leak and an error return flub in SCTP and IRDA triggerable by userspace. Fix from Tommi Rantala and found by the syscall fuzzer (trinity). 5) MLX4 driver gives bogus size to memcpy() call, fix from Amir Vadai. 6) Fix length calculation in VHOST descriptor translation, from Michael S Tsirkin. 7) Ambassador ATM driver loops forever while loading firmware, fix from Dan Carpenter. 8) Over MTU packets in openvswitch warn about wrong device, fix from Jesse Gross. 9) Netfilter IPSET's netlink code can overrun a string buffer because it's not properly limited to IFNAMSIZ. Fix from Florian Westphal. 10) PCAN USB driver sets wrong timestamp in SKB, from Oliver Hartkopp. 11) Make sure the RX ifindex always has a valid value in the CAN BCM driver, even if we haven't received a frame yet. Fix also from Oliver Hartkopp." * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: team: fix hw_features setup atm: forever loop loading ambassador firmware vhost: fix length for cross region descriptor irda: irttp: fix memory leak in irttp_open_tsap() error path net: qmi_wwan: add Huawei E173 net/mlx4_en: Can set maxrate only for TC0 sctp: Error in calculation of RTTvar sctp: fix -ENOMEM result with invalid user space pointer in sendto() syscall sctp: fix memory leak in sctp_datamsg_from_user() when copy from user space fails net: ipmr: limit MRT_TABLE identifiers ipv4: avoid passing NULL to inet_putpeer() in icmpv4_xrlim_allow() can: bcm: initialize ifindex for timeouts without previous frame reception can: peak_usb: fix hwtstamp assignment netfilter: ipset: fix netiface set name overflow openvswitch: Store flow key len if ARP opcode is not request or reply. openvswitch: Print device when warning about over MTU packets.
-
Al Viro authored
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
incidentally, declaring a local variable as __user (!) to make sparse STFU is really sick. Especially since sparse had been 100% right - it *is* a bug. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
do_sigaltstack() expects _userland_ address, TYVM... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
... or we'll end up buggering the results of ELF_PLAT_INIT() Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-
- 28 Nov, 2012 15 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/jesse/openvswitchDavid S. Miller authored
Two small openswitch fixes from Jesse Gross. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Mark Salter authored
Signed-off-by: Mark Salter <msalter@redhat.com>
-
Mark Salter authored
Some internal kernel symbols were referenced in the exported setup.h. This splits out the internal bits from the exported uapi bits. Signed-off-by: Mark Salter <msalter@redhat.com>
-
Jiri Pirko authored
Do this in the same way bonding does. This fixed setup resolves performance issues when using some cards with certain offloading. Signed-off-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Dan Carpenter authored
There was a forever loop introduced here when we converted this to request_firmware() back in 2008. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Acked-by: Chas Williams <chas@cmf.nrl.navy.mil> Signed-off-by: David S. Miller <davem@davemloft.net>
-
git://1984.lsi.us.es/nfDavid S. Miller authored
An interface name overflow fix in netfilter via Pablo Neira Ayuso. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Michael S. Tsirkin authored
If a single descriptor crosses a region, the second chunk length should be decremented by size translated so far, instead it includes the full descriptor length. Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tommi Rantala authored
Cleanup the memory we allocated earlier in irttp_open_tsap() when we hit this error path. The leak goes back to at least 1da177e4 ("Linux-2.6.12-rc2"). Discovered with Trinity (the syscall fuzzer). Signed-off-by: Tommi Rantala <tt.rantala@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Bjørn Mork authored
The Huawei E173 is a QMI/wwan device which normally appear as 12d1:1436 in Linux. The descriptors displayed in that mode will be picked up by cdc_ether. But the modem has another mode with a different device ID and a slightly different set of descriptors. This is the mode used by Windows like this: 3Modem: USB\VID_12D1&PID_140C&MI_00\6&3A1D2012&0&0000 Networkcard: USB\VID_12D1&PID_140C&MI_01\6&3A1D2012&0&0001 Appli.Inter: USB\VID_12D1&PID_140C&MI_02\6&3A1D2012&0&0002 PC UI Inter: USB\VID_12D1&PID_140C&MI_03\6&3A1D2012&0&0003 Reported-by: Thomas Schäfer <tschaefer@t-online.de> Signed-off-by: Bjørn Mork <bjorn@mork.no> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Amir Vadai authored
Had a typo in memcpy. Signed-off-by: Amir Vadai <amirv@mellanox.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Schoch Christian authored
The calculation of RTTVAR involves the subtraction of two unsigned numbers which may causes rollover and results in very high values of RTTVAR when RTT > SRTT. With this patch it is possible to set RTOmin = 1 to get the minimum of RTO at 4 times the clock granularity. Change Notes: v2) *Replaced abs() by abs64() and long by __s64, changed patch description. Signed-off-by: Christian Schoch <e0326715@student.tuwien.ac.at> CC: Vlad Yasevich <vyasevich@gmail.com> CC: Sridhar Samudrala <sri@us.ibm.com> CC: Neil Horman <nhorman@tuxdriver.com> CC: linux-sctp@vger.kernel.org Acked-by: Vlad Yasevich <vyasevich@gmail.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tommi Rantala authored
Consider the following program, that sets the second argument to the sendto() syscall incorrectly: #include <string.h> #include <arpa/inet.h> #include <sys/socket.h> int main(void) { int fd; struct sockaddr_in sa; fd = socket(AF_INET, SOCK_STREAM, 132 /*IPPROTO_SCTP*/); if (fd < 0) return 1; memset(&sa, 0, sizeof(sa)); sa.sin_family = AF_INET; sa.sin_addr.s_addr = inet_addr("127.0.0.1"); sa.sin_port = htons(11111); sendto(fd, NULL, 1, 0, (struct sockaddr *)&sa, sizeof(sa)); return 0; } We get -ENOMEM: $ strace -e sendto ./demo sendto(3, NULL, 1, 0, {sa_family=AF_INET, sin_port=htons(11111), sin_addr=inet_addr("127.0.0.1")}, 16) = -1 ENOMEM (Cannot allocate memory) Propagate the error code from sctp_user_addto_chunk(), so that we will tell user space what actually went wrong: $ strace -e sendto ./demo sendto(3, NULL, 1, 0, {sa_family=AF_INET, sin_port=htons(11111), sin_addr=inet_addr("127.0.0.1")}, 16) = -1 EFAULT (Bad address) Noticed while running Trinity (the syscall fuzzer). Signed-off-by: Tommi Rantala <tt.rantala@gmail.com> Acked-by: Vlad Yasevich <vyasevich@gmail.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tommi Rantala authored
Trinity (the syscall fuzzer) discovered a memory leak in SCTP, reproducible e.g. with the sendto() syscall by passing invalid user space pointer in the second argument: #include <string.h> #include <arpa/inet.h> #include <sys/socket.h> int main(void) { int fd; struct sockaddr_in sa; fd = socket(AF_INET, SOCK_STREAM, 132 /*IPPROTO_SCTP*/); if (fd < 0) return 1; memset(&sa, 0, sizeof(sa)); sa.sin_family = AF_INET; sa.sin_addr.s_addr = inet_addr("127.0.0.1"); sa.sin_port = htons(11111); sendto(fd, NULL, 1, 0, (struct sockaddr *)&sa, sizeof(sa)); return 0; } As far as I can tell, the leak has been around since ~2003. Signed-off-by: Tommi Rantala <tt.rantala@gmail.com> Acked-by: Vlad Yasevich <vyasevich@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Pavel Shilovsky authored
Commit 6bdf6dbd caused a regression in setattr codepath that leads to files with wrong attributes. Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru> Reviewed-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <smfrench@gmail.com>
-
Mikulas Patocka authored
Use synchronize_sched_expedited() instead of synchronize_sched() to improve mount speed. This patch improves mount time from 0.500s to 0.013s for Jeff's test-case. Signed-off-by: Mikulas Patocka <mpatocka@redhat.com> Reported-and-tested-by: Jeff Chua <jeff.chua.linux@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-