- 19 Oct, 2007 6 commits
-
-
Adrian Bunk authored
-
Adam Litke authored
When expanding the stack, we don't currently check if the VMA will cross into an area of the address space that is reserved for hugetlb pages. Subsequent faults on the expanded portion of such a VMA will confuse the low-level MMU code, resulting in an OOPS. Check for this. Signed-off-by:
Adam Litke <agl@us.ibm.com> Signed-off-by:
Adrian Bunk <bunk@kernel.org>
-
Adrian Bunk authored
If it's EXPORT_SYMBOL'ed it can't be __devinit. Reported by Mikael Pettersson. Signed-off-by: -
Hugh Dickins authored
hugetlb_vmtruncate_list was misconverted to prio_tree: its prio_tree is in units of PAGE_SIZE (PAGE_CACHE_SIZE) like any other, not HPAGE_SIZE (whereas its radix_tree is kept in units of HPAGE_SIZE, otherwise slots would be absurdly sparse). At first I thought the error benign, just calling __unmap_hugepage_range on more vmas than necessary; but on 32-bit machines, when the prio_tree is searched correctly, it happens to ensure the v_offset calculation won't overflow. As it stood, when truncating at or beyond 4GB, it was liable to discard pages COWed from lower offsets; or even to clear pmd entries of preceding vmas, triggering exit_mmap's BUG_ON(nr_ptes). Signed-off-by:
Hugh Dickins <hugh@veritas.com> Signed-off-by:
-
Arthur Othieno authored
In kernel bugzilla #6248 (http://bugzilla.kernel.org/show_bug.cgi?id=6248), Adrian Bunk <bunk@stusta.de> notes that CONFIG_HUGETLBFS is missing Kconfig help text. Signed-off-by:
Arthur Othieno <apgo@patchbomb.org> Signed-off-by:
-
Randy Dunlap authored
Fix typos, spelling, etc., in Doc/vm/hugetlbpage.txt. Signed-off-by:
Randy Dunlap <rdunlap@xenotime.net> Signed-off-by:
-
- 18 Oct, 2007 14 commits
-
-
Ken Chen authored
DEBUG_PAGEALLOC is not compatible with hugetlb page support. That debug option turns off PSE. Once it is turned off in CR4, the cpu will ignore pse bit in the pmd and causing infinite page-not- present faults. So disable DEBUG_PAGEALLOC if the user selected hugetlbfs. Signed-off-by:
Ken Chen <kenneth.w.chen@intel.com> Signed-off-by:
-
Zhang Yanmin authored
Function lazy_mmu_prot_update is also used on huge pages when it is called by set_huge_ptep_writable, but it isn't aware of huge pages. Signed-off-by:
Zhang Yanmin <yanmin.zhang@intel.com> Acked-by:
Tony Luck <tony.luck@intel.com> Signed-off-by:
-
Stephen Smalley authored
Clear parent death signal on SID transitions to prevent unauthorized signaling between SIDs. Signed-off-by:
Stephen Smalley <sds@tycho.nsa.gov> Acked-by:
Eric Paris <eparis@parisplace.org> Signed-off-by:
James Morris <jmorris@localhost.localdomain> Signed-off-by:
-
Ulrich Drepper authored
I need this patch to get a UML kernel to compile. This is with the kernel headers in FC6 which are automatically generated from the kernel tree. Some headers are missing but those files don't need them. At least it appears so since the resuling kernel works fine. Tested on x86-64. Signed-off-by:
Ulrich Drepper <drepper@redhat.com> Signed-off-by:
-
Andreas Arens authored
cherry picked from commit c545d6ad Update get_dvb_firmware script for the new location of the tda10046 firmware. The old location doesn't work anymore. Signed-off-by:
Andreas Arens <ari@goron.de> Signed-off-by:
Michael Krufky <mkrufky@linuxtv.org> Signed-off-by:
Mauro Carvalho Chehab <mchehab@infradead.org> Signed-off-by:
-
Michael Krufky authored
cherry picked from commit 302170a4 get_dvb_firmware: update script for new location of sp8870 firmware This url is no longer valid: http://www.technotrend.de/new/217g/tt_Premium_217g.zip Replace with: http://www.softwarepatch.pl/9999ccd06a4813cb827dbb0005071c71/tt_Premium_217g.zip Thanks-to: Tobias Stoeber <tobi@to-st.de> Signed-off-by:
-
Mike Frysinger authored
We went and named them __NR_sys_foo instead of __NR_foo. It may be too late to change this, but we can at least add the proper names now. Signed-off-by:
Mike Frysinger <vapier@gentoo.org> Signed-off-by:
-
Jan Altenberg authored
Signed-off-by:
Jan Altenberg <tb10alj@tglx.de> Signed-off-by:
-
Ilpo Järvinen authored
When only GSO skb was partially ACKed, no hints are reset, therefore fastpath_cnt_hint must be tweaked too or else it can corrupt fackets_out. The corruption to occur, one must have non-trivial ACK/SACK sequence, so this bug is not very often that harmful. There's a fackets_out state reset in TCP because fackets_out is known to be inaccurate and that fixes the issue eventually anyway. In case there was also at least one skb that got fully ACKed, the fastpath_skb_hint is set to NULL which causes a recount for fastpath_cnt_hint (the old value won't be accessed anymore), thus it can safely be decremented without additional checking. Reported by Cedric Le Goater <clg@fr.ibm.com> Signed-off-by:
Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by:
David S. Miller <davem@davemloft.net> Signed-off-by:
-
David S. Miller authored
Thanks to Tom Callaway for the excellent bug report and test case. sys_ipc() has several problems, most to due with semaphore call handling: 1) 'err' return should be a 'long' 2) "union semun" is passed in a register on 64-bit compared to 32-bit which provides it on the stack and therefore by reference 3) Second and third arguments to SEMCTL are swapped compared to 32-bit. Signed-off-by:
-
David S. Miller authored
This fixes kernel bugzilla #5731 It should generate an empty packet for datagram protocols when the socket is connected, for one. The check is doubly-wrong because all that a write() can be is a sendmsg() call with a NULL msg_control and a single entry iovec. No special semantics should be assigned to it, therefore the zero length check should be removed entirely. This matches the behavior of BSD and several other systems. Alan Cox notes that SuSv3 says the behavior of a zero length write on non-files is "unspecified", but that's kind of useless since BSD has defined this behavior for a quarter century and BSD is essentially what application folks code to. Based upon a patch from Stephen Hemminger. Adrian Bunk: Backported to 2.6.16. Signed-off-by:
-
Stephen Hemminger authored
Signed-off-by:
Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by:
-
Kumar Gala authored
Its legal for the stfiwx instruction to have RA = 0 as part of its effective address calculation. This is illegal for all other XE form instructions. Add code to compute the proper effective address for stfiwx if RA = 0 rather than treating it as illegal. Adrian Bunk: Backported to 2.6.16. Signed-off-by:
Kumar Gala <galak@kernel.crashing.org> Signed-off-by:
-
Ilpo Järvinen authored
Overflow can occur very easily with 32 bits, e.g., with 1 second us_idle is approx. 2^20, which leaves only 11-Wlog bits for queue length. Since the EWMA exponent is typically around 9, queue lengths larger than 2^2 cause overflow. Whether the affected branch is taken when us_idle is as high as 1 second, depends on Scell_log, but with rather reasonable configuration Scell_log is large enough to cause p->Stab to have zero index, which always results zero shift (typically also few other small indices result in zero shift). Signed-off-by:
-
- 12 Oct, 2007 2 commits
-
-
Adrian Bunk authored
-
Adrian Bunk authored
This reverts commit 3198d0f1.
-
- 07 Oct, 2007 2 commits
-
-
Adrian Bunk authored
-
Takashi Iwai authored
Commit ccec6e2c in mainline. Use seq_file for the proc file read/write of snd-page-alloc module. This automatically fixes bugs in the old proc code. Adrian Bunk: Backported to 2.6.16. Signed-off-by:
Takashi Iwai <tiwai@suse.de> Signed-off-by:
-
- 06 Oct, 2007 16 commits
-
-
Adrian Bunk authored
Stolen from a patch by Johannes Berg <johannes@sipsolutions.net>. Signed-off-by: -
Eric Sandeen authored
Backport of ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.22-rc1/2.6.22-rc1-mm1/broken-out/gregkh-driver-sysfs-allocate-inode-number-using-ida.patch For regular files in sysfs, sysfs_readdir wants to traverse sysfs_dirent->s_dentry->d_inode->i_ino to get to the inode number. But, the dentry can be reclaimed under memory pressure, and there is no synchronization with readdir. This patch follows Tejun's scheme of allocating and storing an inode number in the new s_ino member of a sysfs_dirent, when dirents are created, and retrieving it from there for readdir, so that the pointer chain doesn't have to be traversed. Tejun's upstream patch uses a new-ish "ida" allocator which brings along some extra complexity; this -stable patch has a brain-dead incrementing counter which does not guarantee uniqueness, but because sysfs doesn't hash inodes as iunique expects, uniqueness wasn't guaranteed today anyway. Adrian Bunk: Backported to 2.6.16. Signed-off-by:
Eric Sandeen <sandeen@redhat.com> Signed-off-by:
-
Matt Mackall authored
If root raised the default wakeup threshold over the size of the output pool, the pool transfer function could overflow the stack with RNG bytes, causing a DoS or potential privilege escalation. (Bug reported by the PaX Team <pageexec@freemail.hu>) Signed-off-by:
Matt Mackall <mpm@selenic.com> Signed-off-by:
-
Matt Mackall authored
Add data from zero-entropy random_writes directly to output pools to avoid accounting difficulties on machines without entropy sources. Tested on lguest with all entropy sources disabled. Signed-off-by:
Theodore Ts'o <tytso@mit.edu> Signed-off-by:
-
Matt Mackall authored
Fix cast error in entropy extraction. Add comments explaining the magic 16. Remove extra confusing loop variable. Signed-off-by:
-
Marcel Holtmann authored
This fixes a vulnerability in the "parent process death signal" implementation discoverd by Wojciech Purczynski of COSEINC PTE Ltd. and iSEC Security Research. http://marc.info/?l=bugtraq&m=118711306802632&w=2Signed-off-by:
Marcel Holtmann <marcel@holtmann.org> Signed-off-by:
-
Dann Frazier authored
Signed-off-by:
Dann Frazier <dannf@hp.com> Signed-off-by:
Andres Salomon <dilinger@debian.org> Signed-off-by:
-
Kumar Gala authored
When we flush register state for FP, Altivec, or SPE in flush_*_to_thread we need to respect the task_struct that the caller has passed to us. Most cases we are called with current, however sometimes (ptrace) we may be passed a different task_struct. This showed up when using gdbserver debugging a simple program that used floating point. When gdb tried to show the FP regs they all showed up as 0, because the child's FP registers were never properly flushed to memory. Signed-off-by:
-
Andi Kleen authored
Strictly it's only needed for eax. It actually does a little more than strictly needed -- the other registers are already zero extended. Also remove the now unnecessary and non functional compat task check in ptrace. Found by Wojciech Purczynski Signed-off-by:
Andi Kleen <ak@suse.de> Signed-off-by:
-
Adrian Bunk authored
Static functions mustn't be exported. Signed-off-by: -
Adrian Bunk authored
Static functions mustn't be exported. Signed-off-by: -
Adrian Bunk authored
A static function mustn't be exported. Signed-off-by: -
Adrian Bunk authored
A static function mustn't be exported. Signed-off-by: -
Adrian Bunk authored
A static function mustn't be exported. Signed-off-by: -
Mikael Pettersson authored
Compiling 2.6.21-rc5 with gcc-4.2.0 20070317 (prerelease) for sparc64 fails as follows: gcc -Wp,-MD,arch/sparc64/kernel/.time.o.d -nostdinc -isystem /home/mikpe/pkgs/linux-sparc64/gcc-4.2.0/lib/gcc/sparc64-unknown-linux-gnu/4.2.0/include -D__KERNEL__ -Iinclude -include include/linux/autoconf.h -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -Os -m64 -pipe -mno-fpu -mcpu=ultrasparc -mcmodel=medlow -ffixed-g4 -ffixed-g5 -fcall-used-g7 -Wno-sign-compare -Wa,--undeclared-regs -fomit-frame-pointer -fno-stack-protector -Wdeclaration-after-statement -Wno-pointer-sign -Werror -D"KBUILD_STR(s)=#s" -D"KBUILD_BASENAME=KBUILD_STR(time)" -D"KBUILD_MODNAME=KBUILD_STR(time)" -c -o arch/sparc64/kernel/time.o arch/sparc64/kernel/time.c cc1: warnings being treated as errors arch/sparc64/kernel/time.c: In function 'kick_start_clock': arch/sparc64/kernel/time.c:559: warning: overflow in implicit constant conversion make[1]: *** [arch/sparc64/kernel/time.o] Error 1 make: *** [arch/sparc64/kernel] Error 2 gcc gets unhappy when the MSTK_SET macro's u8 __val variable is updated with &= ~0xff (MSTK_YEAR_MASK). Making the constant unsigned fixes the problem. [ I fixed up the sparc32 side as well -DaveM ] Signed-off-by:
Mikael Pettersson <mikpe@it.uu.se> Signed-off-by:
-
Adrian Bunk authored
A static function mustn't be exported. Signed-off-by:
-
