1. 11 Jun, 2009 4 commits
  2. 10 Jun, 2009 25 commits
  3. 09 Jun, 2009 11 commits
    • Jan Kara's avatar
      jbd: fix race in buffer processing in commit code · a61d90d7
      Jan Kara authored
      In commit code, we scan buffers attached to a transaction.  During this
      scan, we sometimes have to drop j_list_lock and then we recheck whether
      the journal buffer head didn't get freed by journal_try_to_free_buffers().
       But checking for buffer_jbd(bh) isn't enough because a new journal head
      could get attached to our buffer head.  So add a check whether the journal
      head remained the same and whether it's still at the same transaction and
      list.
      
      This is a nasty bug and can cause problems like memory corruption (use after
      free) or trigger various assertions in JBD code (observed).
      Signed-off-by: default avatarJan Kara <jack@suse.cz>
      Cc: <stable@kernel.org>
      Cc: <linux-ext4@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      a61d90d7
    • Ian Kent's avatar
      autofs4: remove hashed check in validate_wait() · 463aea1a
      Ian Kent authored
      The recent ->lookup() deadlock correction required the directory inode
      mutex to be dropped while waiting for expire completion.  We were
      concerned about side effects from this change and one has been identified.
      
      I saw several error messages.
      
      They cause autofs to become quite confused and don't really point to the
      actual problem.
      
      Things like:
      
      handle_packet_missing_direct:1376: can't find map entry for (43,1827932)
      
      which is usually totally fatal (although in this case it wouldn't be
      except that I treat is as such because it normally is).
      
      do_mount_direct: direct trigger not valid or already mounted
      /test/nested/g3c/s1/ss1
      
      which is recoverable, however if this problem is at play it can cause
      autofs to become quite confused as to the dependencies in the mount tree
      because mount triggers end up mounted multiple times.  It's hard to
      accurately check for this over mounting case and automount shouldn't need
      to if the kernel module is doing its job.
      
      There was one other message, similar in consequence of this last one but I
      can't locate a log example just now.
      
      When checking if a mount has already completed prior to adding a new mount
      request to the wait queue we check if the dentry is hashed and, if so, if
      it is a mount point.  But, if a mount successfully completed while we
      slept on the wait queue mutex the dentry must exist for the mount to have
      completed so the test is not really needed.
      
      Mounts can also be done on top of a global root dentry, so for the above
      case, where a mount request completes and the wait queue entry has already
      been removed, the hashed test returning false can cause an incorrect
      callback to the daemon.  Also, d_mountpoint() is not sufficient to check
      if a mount has completed for the multi-mount case when we don't have a
      real mount at the base of the tree.
      Signed-off-by: default avatarIan Kent <raven@themaw.net>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      463aea1a
    • Mike Frysinger's avatar
      shm: fix unused warnings on nommu · 586c7e6a
      Mike Frysinger authored
      The massive nommu update (8feae131) resulted in these warnings:
      ipc/shm.c: In function `sys_shmdt':
      ipc/shm.c:974: warning: unused variable `size'
      ipc/shm.c:972: warning: unused variable `next'
      Signed-off-by: default avatarMike Frysinger <vapier@gentoo.org>
      Cc: David Howells <dhowells@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      586c7e6a
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus · 13df635f
      Linus Torvalds authored
      * git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus:
        kvm: fix kvm reboot crash when MAXSMP is used
        cpumask: alloc zeroed cpumask for static cpumask_var_ts
        cpumask: introduce zalloc_cpumask_var
      13df635f
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.dk/linux-2.6-block · 9cdba302
      Linus Torvalds authored
      * 'for-linus' of git://git.kernel.dk/linux-2.6-block:
        bsg: setting rq->bio to NULL
      9cdba302
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 · fd4d3429
      Linus Torvalds authored
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6:
        cls_cgroup: Fix oops when user send improperly 'tc filter add' request
        r8169: fix crash when large packets are received
      fd4d3429
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://neil.brown.name/md · 4d11eff6
      Linus Torvalds authored
      * 'for-linus' of git://neil.brown.name/md:
        md/raid5: fix bug in reshape code when chunk_size decreases.
        md/raid5 - avoid deadlocks in get_active_stripe during reshape
        md/raid5: use conf->raid_disks in preference to mddev->raid_disk
      4d11eff6
    • Chuck Ebbert's avatar
      x86: Clear TS in irq_ts_save() when in an atomic section · 0b8c3d5a
      Chuck Ebbert authored
      The dynamic FPU context allocation changes caused the padlock driver
      to generate the below warning. Fix it by masking TS when doing padlock
      encryption operations in an atomic section.
      
      This solves:
      
      BUG: sleeping function called from invalid context at mm/slub.c:1602
      in_atomic(): 1, irqs_disabled(): 0, pid: 82, name: cryptomgr_test
      Pid: 82, comm: cryptomgr_test Not tainted 2.6.29.4-168.test7.fc11.x86_64 #1
      Call Trace:
      [<ffffffff8103ff16>] __might_sleep+0x10b/0x110
      [<ffffffff810cd3b2>] kmem_cache_alloc+0x37/0xf1
      [<ffffffff81018505>] init_fpu+0x49/0x8a
      [<ffffffff81012a83>] math_state_restore+0x3e/0xbc
      [<ffffffff813ac6d0>] do_device_not_available+0x9/0xb
      [<ffffffff810123ab>] device_not_available+0x1b/0x20
      [<ffffffffa001c066>] ? aes_crypt+0x66/0x74 [padlock_aes]
      [<ffffffff8119a51a>] ? blkcipher_walk_next+0x257/0x2e0
      [<ffffffff8119a731>] ? blkcipher_walk_first+0x18e/0x19d
      [<ffffffffa001c1fe>] aes_encrypt+0x9d/0xe5 [padlock_aes]
      [<ffffffffa0027253>] crypt+0x6b/0x114 [xts]
      [<ffffffffa001c161>] ? aes_encrypt+0x0/0xe5 [padlock_aes]
      [<ffffffffa001c161>] ? aes_encrypt+0x0/0xe5 [padlock_aes]
      [<ffffffffa0027390>] encrypt+0x49/0x4b [xts]
      [<ffffffff81199acc>] async_encrypt+0x3c/0x3e
      [<ffffffff8119dafc>] test_skcipher+0x1da/0x658
      [<ffffffff811979c3>] ? crypto_spawn_tfm+0x8e/0xb1
      [<ffffffff8119672d>] ? __crypto_alloc_tfm+0x11b/0x15f
      [<ffffffff811979c3>] ? crypto_spawn_tfm+0x8e/0xb1
      [<ffffffff81199dbe>] ? skcipher_geniv_init+0x2b/0x47
      [<ffffffff8119a905>] ? async_chainiv_init+0x5c/0x61
      [<ffffffff8119dfdd>] alg_test_skcipher+0x63/0x9b
      [<ffffffff8119e1bc>] alg_test+0x12d/0x175
      [<ffffffff8119c488>] cryptomgr_test+0x38/0x54
      [<ffffffff8119c450>] ? cryptomgr_test+0x0/0x54
      [<ffffffff8105c6c9>] kthread+0x4d/0x78
      [<ffffffff8101264a>] child_rip+0xa/0x20
      [<ffffffff81011f67>] ? restore_args+0x0/0x30
      [<ffffffff8105c67c>] ? kthread+0x0/0x78
      [<ffffffff81012640>] ? child_rip+0x0/0x20
      Signed-off-by: default avatarChuck Ebbert <cebbert@redhat.com>
      Cc: Suresh Siddha <suresh.b.siddha@intel.com>
      LKML-Reference: <20090609104050.50158cfe@dhcp-100-2-144.bos.redhat.com>
      Signed-off-by: default avatarIngo Molnar <mingo@elte.hu>
      0b8c3d5a
    • Ingo Molnar's avatar
      Merge branch 'amd-iommu/fixes' of... · 92db1e6a
      Ingo Molnar authored
      Merge branch 'amd-iommu/fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/linux-2.6-iommu into core/iommu
      92db1e6a
    • Andreas Herrmann's avatar
      x86: Detect use of extended APIC ID for AMD CPUs · 42937e81
      Andreas Herrmann authored
      Booting a 32-bit kernel on Magny-Cours results in the following panic:
      
        ...
        Using APIC driver default
        ...
        Overriding APIC driver with bigsmp
        ...
        Getting VERSION: 80050010
        Getting VERSION: 80050010
        Getting ID: 10000000
        Getting ID: ef000000
        Getting LVT0: 700
        Getting LVT1: 10000
        Kernel panic - not syncing: Boot APIC ID in local APIC unexpected (16 vs 0)
        Pid: 1, comm: swapper Not tainted 2.6.30-rcX #2
        Call Trace:
         [<c05194da>] ? panic+0x38/0xd3
         [<c0743102>] ? native_smp_prepare_cpus+0x259/0x31f
         [<c073b19d>] ? kernel_init+0x3e/0x141
         [<c073b15f>] ? kernel_init+0x0/0x141
         [<c020325f>] ? kernel_thread_helper+0x7/0x10
      
      The reason is that default_get_apic_id handled extension of local APIC
      ID field just in case of XAPIC.
      
      Thus for this AMD CPU, default_get_apic_id() returns 0 and
      bigsmp_get_apic_id() returns 16 which leads to the respective kernel
      panic.
      
      This patch introduces a Linux specific feature flag to indicate
      support for extended APIC id (8 bits instead of 4 bits width) and sets
      the flag on AMD CPUs if applicable.
      Signed-off-by: default avatarAndreas Herrmann <andreas.herrmann3@amd.com>
      Cc: <stable@kernel.org>
      LKML-Reference: <20090608135509.GA12431@alberich.amd.com>
      Signed-off-by: default avatarIngo Molnar <mingo@elte.hu>
      42937e81
    • FUJITA Tomonori's avatar
      bsg: setting rq->bio to NULL · c1d4c41f
      FUJITA Tomonori authored
      Due to commit 1cd96c24 ("block: WARN
      in __blk_put_request() for potential bio leak"), BSG SMP requests get
      the false warnings:
      
      WARNING: at block/blk-core.c:1068 __blk_put_request+0x52/0xc0()
      
      This sets rq->bio to NULL to avoid that false warnings.
      Signed-off-by: default avatarFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
      Signed-off-by: default avatarJens Axboe <jens.axboe@oracle.com>
      c1d4c41f