| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Sometimes VM asks the shrinker to return amount of objects it can shrink,
and we return the ubifs_clean_zn_cnt in that case. However, it is possible
that this counter is negative for a short period of time, due to the way
UBIFS TNC code updates it. And I can observe the following warnings sometimes:
shrink_slab: ubifs_shrinker+0x0/0x2b7 [ubifs] negative objects to delete nr=-8541616642706119788
This patch makes sure UBIFS never returns negative count of objects.
Signed-off-by: Artem Bityutskiy <[email protected]>
Cc: [email protected]
|
|
The jump to 4f will cause the NUL padding loop to run at least one time,
so if string length is zero just jump to the end. Otherwise we wrongly
write one NUL byte when size==0.
Signed-off-by: Steven Miao <[email protected]>
Signed-off-by: Mike Frysinger <[email protected]>
|
|
Use the normal include style.
Signed-off-by: Joe Perches <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
We should only call ssc_free() when ssc_request() succeeds or bad
things will happen.
Signed-off-by: Joachim Eastwood <[email protected]>
Acked-by: Liam Girdwood <[email protected]>
Signed-off-by: Mark Brown <[email protected]>
|
|
In the original code if auto detect failed and tea575x_tuner == 4
then we copy bogus information to chip->tea.card. I've changed the
autodetect code to cleanup and return -ENODEV on error instead.
Signed-off-by: Dan Carpenter <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
Check whether the pin supports EAPD in ad198x_power_eapd_write.
Signed-off-by: Raymond Yau <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
In ad198x_power_eapd(), wrong pin NIDs are used for controlling EAPD for
HP and Front outputs of AD1988/AD1989. These are actually same with the
ones for AD1984 & co, port-A is 0x11 and port-D 0x12.
Reported-by: Raymond Yau <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
This function attempts to free one fragment beyond the number of
fragments that were actually mapped. This patch brings back the limit
to the correct spot.
Signed-off-by: Matt Carlson <[email protected]>
Tested-by: Alex Williamson <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Because there is a possibility that skb is kfree_skb()ed and zero cleared
after ndo_start_xmit, we should not see the contents of skb like skb->len and
skb->dev->name after ndo_start_xmit. But trace_net_dev_xmit does that
and causes panic by NULL pointer dereference.
This patch fixes trace_net_dev_xmit not to see the contents of skb directly.
If you want to reproduce this panic,
1. Get tracepoint of net_dev_xmit on
2. Create 2 guests on KVM
2. Make 2 guests use virtio_net
4. Execute netperf from one to another for a long time as a network burden
5. host will panic(It takes about 30 minutes)
Signed-off-by: Koki Sanagi <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Signed-off-by: Chris Metcalf <[email protected]>
Acked-by: Arnd Bergmann <[email protected]>
|
|
One of the error paths in
sound/usb/6fire/firmware.c::usb6fire_fw_ezusb_upload() neglects to free
the memory allocated for the firmware before returning, thus leaking the
memory.
Signed-off-by: Jesper Juhl <[email protected]>
Signed-off-by: Takashi Iwai <[email protected]>
|
|
By ignoring the unset values of the minconfig in deciding
what to test in the config_bisect can cause the problem
config from being tested too.
Just do not test the configs that are set in the minconfig.
Signed-off-by: Steven Rostedt <[email protected]>
|
|
The command that is called that reboots the kernel may fail
but the return code is not passed back to the ktest.pl script.
This is because a ';' is used between the two commands and
if the second command fails, only the first command's return
code is returned. Using a '&&' between the two commands fixes
this.
Signed-off-by: Steven Rostedt <[email protected]>
|
|
Because in perl the array size returned by $#arr, is the last
index and not the actually size of the array, we end the config
bisect early, thinking there is only one config left when there
are in fact two. Thus the result has a 50% chance of picking
the correct config that caused the problem.
Signed-off-by: Steven Rostedt <[email protected]>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen into for-linus
|
|
list_entry() and hlist_entry() are both simply aliases for
container_of(), but since io_context.cic_list.first is an hlist_node one
should at least use the correct alias.
Signed-off-by: Paul Bolle <[email protected]>
Signed-off-by: Jens Axboe <[email protected]>
|
|
queue_fail can only be reached if cic is NULL, so its check for cic must
be bogus.
Signed-off-by: Paul Bolle <[email protected]>
Signed-off-by: Jens Axboe <[email protected]>
|
|
In certain circumstances, we can get an oops from a torn down device.
Most notably this is from CD roms trying to call scsi_ioctl. The root
cause of the problem is the fact that after scsi_remove_device() has
been called, the queue is fully torn down. This is actually wrong
since the queue can be used until the sdev release function is called.
Therefore, we add an extra reference to the queue which is released in
sdev->release, so the queue always exists.
Reported-by: Parag Warudkar <[email protected]>
Cc: [email protected]
Signed-off-by: James Bottomley <[email protected]>
|
|
The failed_get label is used after the call to clk_get has succeeded, so it
should be moved up above the call to clk_put.
The failed_req labels doesn't do anything different than failed_get, so
delete it.
A simplified version of the semantic match that finds this problem is as
follows: (http://coccinelle.lip6.fr/)
// <smpl>
@r exists@
expression e1,e2;
statement S;
@@
e1 = clk_get@p1(...);
... when != e1 = e2
when != clk_put(e1)
when any
if (...) { ... when != clk_put(e1)
when != if (...) { ... clk_put(e1) ... }
* return@p3 ...;
} else S
// </smpl>
Signed-off-by: Julia Lawall <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
These definitions are needed to let the runtime PM subsystem turn off
DMAC clocks, when it is suspended by the driver.
Signed-off-by: Guennadi Liakhovetski <[email protected]>
Signed-off-by: Paul Mundt <[email protected]>
|
|
A recent patch has introduced a regression, where repeating a memcpy
DMA test with shdma module unloading between them skips the DMA channel
configuration. Fix this regression by always configuring the channel
during its allocation.
Signed-off-by: Guennadi Liakhovetski <[email protected]>
Signed-off-by: Paul Mundt <[email protected]>
|
|
Currently the DM9000 driver requests the primary interrupt before it
resets the chip and puts it into a known good state. This means that if
the chip is asserting interrupt for some reason we can end up with a
screaming IRQ that the interrupt handler is unable to deal with. Avoid
this by only requesting the interrupt after we've reset the chip so we
know what state it's in.
This started manifesting itself on one of my boards in the past month or
so, I suspect as a result of some core infrastructure changes removing
some form of mitigation against bad behaviour here, even when things boot
it seems that the new code brings the interface up more quickly.
Signed-off-by: Mark Brown <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Go to existing error handling code at the end of the function that calls
clk_put.
A simplified version of the semantic match that finds this problem is as
follows: (http://coccinelle.lip6.fr/)
// <smpl>
@r exists@
expression e1,e2;
statement S;
@@
e1 = clk_get@p1(...);
... when != e1 = e2
when != clk_put(e1)
when any
if (...) { ... when != clk_put(e1)
when != if (...) { ... clk_put(e1) ... }
* return@p3 ...;
} else S
// </smpl>
Signed-off-by: Julia Lawall <[email protected]>
Acked-by: Kevin Hilman <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Currently, user-space cannot determine if a 0 tcp_vlan_tci
means there is no VLAN tag or the VLAN ID was zero.
Add flag to make this explicit. User-space can check for
TP_STATUS_VLAN_VALID || tp_vlan_tci > 0, which will be backwards
compatible. Older could would have just checked for tp_vlan_tci,
so it will work no worse than before.
Signed-off-by: Ben Greear <[email protected]>
Acked-by: Eric Dumazet <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Take the RTNL lock unconditionally when calling dev_close.
Taking the lock conditionally may cause race conditions.
Signed-off-by: Sjur Brændeland <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
This avoids messages like this after suspend:
cdc_ncm 2-1.4:1.6: no reset_resume for driver cdc_ncm?
cdc_ncm 2-1.4:1.7: no reset_resume for driver cdc_ncm?
cdc_ncm 2-1.4:1.6: usb0: unregister 'cdc_ncm' usb-0000:00:1d.0-1.4, CDC NCM
This is important for the Ericsson F5521gw GSM/UMTS modem.
Otherwise modemmanager looses the fact that the cdc_ncm and cdc_acm devices
belong together.
The cdc_ether module does the same.
Signed-off-by: Stefan Metzmacher <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
commit 4af429d29b341bb1735f04c2fb960178ed5d52e7 (vlan: lockless
transmit path) have a typo in vlan_dev_hard_start_xmit(), using
u64_stats_update_begin() to end the stat update, it should be
u64_stats_update_end().
Signed-off-by: Wei Yongjun <[email protected]>
Reviewed-by: WANG Cong <[email protected]>
Acked-by: Eric Dumazet <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Check against mistakenly passing in IPv6 addresses (which would result
in an INADDR_ANY bind) or similar incompatible sockaddrs.
Signed-off-by: Marcus Meissner <[email protected]>
Cc: Reinhard Max <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
|
|
Further relax temperature range checks after reading the IA32_TEMPERATURE_TARGET
register. If the register returns a value other than 0 in bits 16..32, assume
that the returned value is correct.
This change applies to both packet and core temperature limits.
Cc: Carsten Emde <[email protected]>
Cc: Fenghua Yu <[email protected]>
Cc: Jean Delvare <[email protected]>
Signed-off-by: Guenter Roeck <[email protected]>
Acked-by: Fenghua Yu <[email protected]>
|
|
Commit a321cedb12904114e2ba5041a3673ca24deb09c9 excludes CPU models 0xe, 0xf,
0x16, and 0x1a from TjMax temperature adjustment, even though several of those
CPUs are known to have TiMax other than 100 degrees C, and even though the code
in adjust_tjmax() explicitly handles those CPUs and points to a Web document
listing several of the affected CPU IDs.
Reinstate original TjMax adjustment if TjMax can not be determined using the
IA32_TEMPERATURE_TARGET register.
https://bugzilla.kernel.org/show_bug.cgi?id=32582
Signed-off-by: Guenter Roeck <[email protected]>
Cc: Huaxu Wan <[email protected]>
Cc: Carsten Emde <[email protected]>
Cc: Valdis Kletnieks <[email protected]>
Cc: Henrique de Moraes Holschuh <[email protected]>
Cc: Yong Wang <[email protected]>
Cc: Rudolf Marek <[email protected]>
Cc: Fenghua Yu <[email protected]>
Tested-by: Jean Delvare <[email protected]>
Acked-by: Jean Delvare <[email protected]>
Acked-by: Fenghua Yu <[email protected]>
Cc: <[email protected]> # .35.x .36.x .37.x .38.x .39.x
|
|
This reverts commit a197b59ae6e8bee56fcef37ea2482dc08414e2ac.
As rmk says:
"Commit a197b59ae6e8 (mm: fail GFP_DMA allocations when ZONE_DMA is not
configured) is causing regressions on ARM with various drivers which
use GFP_DMA.
The behaviour up until now has been to silently ignore that flag when
CONFIG_ZONE_DMA is not enabled, and to allocate from the normal zone.
However, as a result of the above commit, such allocations now fail
which causes drivers to fail. These are regressions compared to the
previous kernel version."
so just revert it.
Requested-by: Russell King <[email protected]>
Acked-by: Andrew Morton <[email protected]>
Cc: David Rientjes <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
* git://git.infradead.org/iommu-2.6:
intel-iommu: Fix off-by-one in RMRR setup
intel-iommu: Add domain check in domain_remove_one_dev_info
intel-iommu: Remove Host Bridge devices from identity mapping
intel-iommu: Use coherent DMA mask when requested
intel-iommu: Dont cache iova above 32bit
intel-iommu: Speed up processing of the identity_mapping function
intel-iommu: Check for identity mapping candidate using system dma mask
intel-iommu: Only unlink device domains from iommu
intel-iommu: Enable super page (2MiB, 1GiB, etc.) support
intel-iommu: Flush unmaps at domain_exit
intel-iommu: Remove obsolete comment from detect_intel_iommu
intel-iommu: fix VT-d PMR disable for TXT on S3 resume
|
|
Jens' back-merge commit 698567f3fa79 ("Merge commit 'v2.6.39' into
for-2.6.40/core") was incorrectly done, and re-introduced the
DISK_EVENT_MEDIA_CHANGE lines that had been removed earlier in commits
- 9fd097b14918 ("block: unexport DISK_EVENT_MEDIA_CHANGE for
legacy/fringe drivers")
- 7eec77a1816a ("ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd
and ide-cd")
because of conflicts with the "g->flags" updates near-by by commit
d4dc210f69bc ("block: don't block events on excl write for non-optical
devices")
As a result, we re-introduced the hanging behavior due to infinite disk
media change reports.
Tssk, tssk, people! Don't do back-merges at all, and *definitely* don't
do them to hide merge conflicts from me - especially as I'm likely
better at merging them than you are, since I do so many merges.
Reported-by: Steven Rostedt <[email protected]>
Cc: Jens Axboe <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
|
|
Trivial config change to enable backtraces on panic.
Signed-off-by: Chris Metcalf <[email protected]>
|
|
In some cases we can read wrong temperature value. If after that
temperature value will not be updated to good one, we badly configure
tx power parameters and device is unable to send a data.
Resolves:
https://bugzilla.kernel.org/show_bug.cgi?id=35932
Cc: [email protected] # 2.6.39+
Signed-off-by: Stanislaw Gruszka <[email protected]>
Signed-off-by: John W. Linville <[email protected]>
|
|
read_lock() ... read_unlock_bh() is clearly bogus.
This was broken by
commit 23691d75cdc69c3b285211b4d77746aa20a17d18
Author: Gustavo F. Padovan <[email protected]>
Date: Wed Apr 27 18:26:32 2011 -0300
Bluetooth: Remove l2cap_sk_list
Signed-off-by: Johannes Berg <[email protected]>
Signed-off-by: John W. Linville <[email protected]>
|
|
This is the same fix as
commit 841051602e3fa18ea468fe5a177aa92b6eb44b56
Author: Matteo Croce <[email protected]>
Date: Fri Dec 3 02:25:08 2010 +0100
The ath9k driver subtracts 3 dBm to the txpower as with two radios the
signal power is doubled.
The resulting value is assigned in an u16 which overflows and makes
the card work at full power.
in two more places. I grepped the ath tree and didn't find any others.
Cc: [email protected]
Signed-off-by: Daniel Halperin <[email protected]>
Signed-off-by: John W. Linville <[email protected]>
|
|
Commit 0a35d36 ("cfg80211: Use capability info to detect mesh beacons")
assumed that probe response with both ESS and IBSS bits cleared
means that the frame was sent by a mesh sta.
However, these capabilities are also being used in the p2p_find phase,
and the mesh-validation broke it.
Rename the WLAN_CAPABILITY_IS_MBSS macro, and verify that mesh ies
exist before assuming this frame was sent by a mesh sta.
Signed-off-by: Eliad Peller <[email protected]>
Signed-off-by: John W. Linville <[email protected]>
|
|
The current temperature range check of MSR_IA32_TEMPERATURE_TARGET
seems too strict to me, some TjMax values documented in
Documentation/hwmon/coretemp wouldn't pass. Relax the check so that
all the documented values pass.
Signed-off-by: Jean Delvare <[email protected]>
Cc: Carsten Emde <[email protected]>
Cc: Fenghua Yu <[email protected]>
Signed-off-by: Guenter Roeck <[email protected]>
|
|
The temp_fault sysfs attribute is wrong, it should be temp2_fault instead.
Reported-by: Guenter Roeck <[email protected]>
Signed-off-by: Per Dalen <[email protected]>
Acked-by: Jean Delvare <[email protected]>
Signed-off-by: Guenter Roeck <[email protected]>
|
|
blkbk->pending_pages can be NULL here so I added a check for it.
Signed-off-by: Dan Carpenter <[email protected]>
[v1: Redid the loop a bit]
Signed-off-by: Konrad Rzeszutek Wilk <[email protected]>
|
|
...because vbd_size() dereferences bd_disk if bd_part is NULL.
Signed-off-by: Laszlo Ersek<[email protected]>
Signed-off-by: Konrad Rzeszutek Wilk <[email protected]>
|
|
* git://git.infradead.org/mtd-2.6:
mtd: fix physmap.h warnings
|
|
We were mapping an extra byte (and hence usually an extra page):
iommu_prepare_identity_map() expects to be given an 'end' argument which
is the last byte to be mapped; not the first byte *not* to be mapped.
Signed-off-by: David Woodhouse <[email protected]>
|
|
The comment in domain_remove_one_dev_info() states "No need to compare
PCI domain; it has to be the same". But for the si_domain that isn't
going to be true, as it consists of all the PCI devices that are
identity mapped thus multiple PCI domains can be in si_domain. The
code needs to validate the PCI domain too.
Signed-off-by: Mike Habeck <[email protected]>
Signed-off-by: Mike Travis <[email protected]>
Cc: [email protected]
Signed-off-by: David Woodhouse <[email protected]>
|
|
When using the 1:1 (identity) PCI DMA remapping, PCI Host Bridge devices
that do not use the IOMMU causes a kernel panic. Fix that by not
inserting those devices into the si_domain.
Signed-off-by: Mike Travis <[email protected]>
Reviewed-by: Mike Habeck <[email protected]>
Cc: [email protected]
Signed-off-by: David Woodhouse <[email protected]>
|
|
The __intel_map_single function is not honoring the passed in DMA mask.
This results in not using the coherent DMA mask when called from
intel_alloc_coherent().
Signed-off-by: Mike Travis <[email protected]>
Acked-by: Chris Wright <[email protected]>
Reviewed-by: Mike Habeck <[email protected]>
Cc: [email protected]
Signed-off-by: David Woodhouse <[email protected]>
|
|
Mike Travis and Mike Habeck reported an issue where iova allocation
would return a range that was larger than a device's dma mask.
https://lkml.org/lkml/2011/3/29/423
The dmar initialization code will reserve all PCI MMIO regions and copy
those reservations into a domain specific iova tree. It is possible for
one of those regions to be above the dma mask of a device. It is typical
to allocate iovas with a 32bit mask (despite device's dma mask possibly
being larger) and cache the result until it exhausts the lower 32bit
address space. Freeing the iova range that is >= the last iova in the
lower 32bit range when there is still an iova above the 32bit range will
corrupt the cached iova by pointing it to a region that is above 32bit.
If that region is also larger than the device's dma mask, a subsequent
allocation will return an unusable iova and cause dma failure.
Simply don't cache an iova that is above the 32bit caching boundary.
Reported-by: Mike Travis <[email protected]>
Reported-by: Mike Habeck <[email protected]>
Cc: [email protected]
Acked-by: Mike Travis <[email protected]>
Tested-by: Mike Habeck <[email protected]>
Signed-off-by: Chris Wright <[email protected]>
Signed-off-by: David Woodhouse <[email protected]>
|
|
When there are a large count of PCI devices, and the pass through
option for iommu is set, much time is spent in the identity_mapping
function hunting though the iommu domains to check if a specific
device is "identity mapped".
Speed up the function by checking the cached info to see if
it's mapped to the static identity domain.
Signed-off-by: Mike Travis <[email protected]>
Reviewed-by: Mike Habeck <[email protected]>
Cc: [email protected]
Signed-off-by: David Woodhouse <[email protected]>
|
|
The identity mapping code appears to make the assumption that if the
devices dma_mask is greater than 32bits the device can use identity
mapping. But that is not true: take the case where we have a 40bit
device in a 44bit architecture. The device can potentially receive a
physical address that it will truncate and cause incorrect addresses
to be used.
Instead check to see if the device's dma_mask is large enough
to address the system's dma_mask.
Signed-off-by: Mike Travis <[email protected]>
Reviewed-by: Mike Habeck <[email protected]>
Cc: [email protected]
Signed-off-by: David Woodhouse <[email protected]>
|