- 14 May, 2008 2 commits
-
-
Nick Piggin authored
There is a possible data race in the page table walking code. After the split ptlock patches, it actually seems to have been introduced to the core code, but even before that I think it would have impacted some architectures (powerpc and sparc64, at least, walk the page tables without taking locks eg. see find_linux_pte()). The race is as follows: The pte page is allocated, zeroed, and its struct page gets its spinlock initialized. The mm-wide ptl is then taken, and then the pte page is inserted into the pagetables. At this point, the spinlock is not guaranteed to have ordered the previous stores to initialize the pte page with the subsequent store to put it in the page tables. So another Linux page table walker might be walking down (without any locks, because we have split-leaf-ptls), and find that new pte we've inserted. It might try to take the spinlock before the store from the other CPU initializes it. And subsequently it might read a pte_t out before stores from the other CPU have cleared the memory. There are also similar races in higher levels of the page tables. They obviously don't involve the spinlock, but could see uninitialized memory. Arch code and hardware pagetable walkers that walk the pagetables without locks could see similar uninitialized memory problems, regardless of whether split ptes are enabled or not. I prefer to put the barriers in core code, because that's where the higher level logic happens, but the page table accessors are per-arch, and open-coding them everywhere I don't think is an option. I'll put the read-side barriers in alpha arch code for now (other architectures perform data-dependent loads in order). Signed-off-by:
Nick Piggin <npiggin@suse.de> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
Nick Piggin authored
read_barrie_depends has always been a noop (not a compiler barrier) on all architectures except SMP alpha. This brings UP alpha and frv into line with all other architectures, and fixes incorrect documentation. Signed-off-by:
Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by:
-
- 13 May, 2008 38 commits
-
-
Linus Torvalds authored
Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: x86: user_regset_view table fix for ia32 on 64-bit x86: arch/x86/mm/pat.c - fix warning x86: fix csum_partial() export x86: early_init_centaur(): use set_cpu_cap() x86: fix app crashes after SMP resume x86: wakeup.lds.S - section ordering fix x86: [VOYAGER] fix duplicate phys_cpu_present_map symbol x86/pci: fix broken ISA DMA
-
git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6: [SCSI] qla1280: Fix queue depth problem [SCSI] aha152x: Fix oops on module removal [SCSI] aha152x: fix init suspiciously returned 1, it should follow 0/-E convention [SCSI] libiscsi regression in 2.6.25: fix setting of recv timer [SCSI] libiscsi regression in 2.6.25: fix nop timer handling [SCSI] gdth: fix Error: Driver 'gdth' is already registered, aborting... [SCSI] gdth: fix timer handling
-
git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci-2.6: ACPI/PCI: another multiple _OSC memory leak fix x86/PCI: X86_PAT & mprotect PCI: enable nv_msi_ht_cap_quirk for ALi bridges PCI: Make the intel-iommu_wait_op macro work when jiffies are not running ACPI/PCI: handle multiple _OSC ACPI/PCI: handle multiple _OSC x86/PCI: fix broken ISA DMA PCI ACPI: fix uninitialized variable in __pci_osc_support_set
-
Roland McGrath authored
The user_regset_view table for the 32-bit regsets on the 64-bit build had the wrong sizes for the FP regsets. This bug had no user-visible effect (just on kernel modules using the user_regset interfaces and the like). But the fix is trivial and risk-free. Signed-off-by:
Roland McGrath <roland@redhat.com> Signed-off-by:
Ingo Molnar <mingo@elte.hu>
-
Pranith Kumar authored
fix this warning: arch/x86/mm/pat.c: In function `phys_mem_access_prot_allowed': arch/x86/mm/pat.c:558: warning: long long unsigned int format, long unsigned int arg (arg 6) arch/x86/mm/pat.c: In function `map_devmem': arch/x86/mm/pat.c:580: warning: long long unsigned int format, long unsigned int arg (arg 6) Signed-off-by:
D Pranith Kumar <bobby.prani@gmail.com> Signed-off-by:
-
Ingo Molnar authored
Fix this symbol export problem: Building modules, stage 2. MODPOST 193 modules ERROR: "csum_partial" [fs/reiserfs/reiserfs.ko] undefined! make[1]: *** [__modpost] Error 1 make: *** [modules] Error 2 This is due to a known weakness of symbol exports: if a symbol's only in-core user is an EXPORT_SYMBOL from a lib-y section, the symbol is not linked in. The solution is to move the export to x8664_ksyms_64.c - but the real solution would be to fix kbuild. Signed-off-by: -
Andrew Morton authored
arch/x86/kernel/setup_64.c:954: warning: passing argument 2 of 'set_bit' from incompatible pointer type Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
-
Hugh Dickins authored
After resume on a 2cpu laptop, kernel builds collapse with a sed hang, sh or make segfault (often on 20295564), real-time signal to cc1 etc. Several hurdles to jump, but a manually-assisted bisect led to -rc1's d2bcbad5 x86: do not zap_low_mappings in __smp_prepare_cpus. Though the low mappings were removed at bootup, they were left behind (with Global flags helping to keep them in TLB) after resume or cpu online, causing the crashes seen. Reinstate zap_low_mappings (with local __flush_tlb_all) for each cpu_up on x86_32. This used to be serialized by smp_commenced_mask: that's now gone, but a low_mappings flag will do. No need for native_smp_cpus_done to repeat the zap: let mem_init zap BSP's low mappings just like on UP. (In passing, fix error code from native_cpu_up: do_boot_cpu returns a variety of diagnostic values, Dprintk what it says but convert to -EIO. And save_pg_dir separately before zap_low_mappings: doesn't matter now, but zapping twice in succession wiped out resume's swsusp_pg_dir.) That worked well on the duo and one quad, but wouldn't boot 3rd or 4th cpu on P4 Xeon, oopsing just after unlock_ipi_call_lock. The TLB flush IPI now being sent reveals a long-standing bug: the booting cpu has its APIC readied in smp_callin at the top of start_secondary, but isn't put into the cpu_online_map until just before that unlock_ipi_call_lock. So native_smp_call_function_mask to online cpus would send_IPI_allbutself, including the cpu just coming up, though it has been excluded from the count to wait for: by the time it handles the IPI, the call data on native_smp_call_function_mask's stack may well have been overwritten. So fall back to send_IPI_mask while cpu_online_map does not match cpu_callout_map: perhaps there's a better APICological fix to be made at the start_secondary end, but I wouldn't know that. Signed-off-by:
Hugh Dickins <hugh@veritas.com> Signed-off-by:
-
Jeremy Higdon authored
The qla1280 driver was ANDing the output value of mailbox register 0 with (1 << target-number) to determine whether to enable queueing on the target in question. But mailbox register 0 has the status code for the mailbox command (in this case, Set Target Parameters). Potential values are: /* * ISP mailbox command complete status codes */ So clearly that is in error. I can't think what the author of that line was looking for in a mailbox register, so I just eliminated the AND. flag is used later in the function, and I think that the later usage was also wrong, though it was used to set values that aren't used. Oh well, an overhaul of this driver is not what I want to do now -- just a bugfix. After the fix, I found that my disks were getting a queue depth of 255, which is far too many. Most SCSI disks are limited to 32 or 64. In any case, there's no point, queueing up a bunch of commands to the adapter that will just result in queue full or starve other targets from being issued commands due to running out of internal memory. So I dropped default queue depth to 32 (from which 1 is subtracted elsewhere, giving net of 31). I tested with a Seagate ST336753LC, and results look good, so I'm satisfied with this patch. Signed-off-by:
Jeremy Higdon <jeremy@sgi.com> Acked-by:
Jes Sorensen <jes@sgi.com> Cc: Stable Tree <stable@kernel.org> Signed-off-by:
James Bottomley <James.Bottomley@HansenPartnership.com>
-
Kenji Kaneshige authored
The acpi_query_osc() function can be called for the ACPI object that doesn't have _OSC method. In this case, acpi_get_osc_data() would allocate a useless memory region. To avoid this, we need to check the existence of _OSC before calling acpi_get_osc_data() in acpi_query_osc(). Signed-off-by:
Kenji Kaneshige <kaneshige.kenji@jp.fujitsu.com> Signed-off-by:
Jesse Barnes <jbarnes@virtuousgeek.org>
-
Venki Pallipadi authored
Some versions of X used the mprotect workaround to change caching type from UC to WB, so that it can then use mtrr to program WC for that region [1]. Change the mmap of pci space through /sys or /proc interfaces from UC to UC_MINUS. With this change, X will not need to use mprotect workaround to get WC type since the MTRR mapping type will be honored. The bug in mprotect that clobbers PAT bits is fixed in a follow on patch. So, this X workaround will stop working as well. Signed-off-by:
Venkatesh Pallipadi <venkatesh.pallipadi@intel.com> Signed-off-by:
Suresh Siddha <suresh.b.siddha@intel.com> Signed-off-by:
-
Björn Krombholz authored
This applies the NVidia MSI enabled flag for HT capable devices quirk to ALi bridges as well. As described in more detail in http://bugzilla.kernel.org/show_bug.cgi?id=10667 this is required for my board which is using an nForce 3 250Gb chipset with an ALi M1695 northbridge. It fixes a regression introduced in 2.6.24 that made the internal NIC of the board unusable (MSI initialisation of the NIC but disabled MSI on the northbridge devices. Signed-off-by:
Björn Krombholz <fox.box@gmail.com> Signed-off-by:
-
mark gross authored
The following patch changes the intel-iommu.c code to use the TSC instead of jiffies for detecting bad DMAR functionality. Some systems with bad bios's have been seen to hang in early boot spinning in the IOMMU_WAIT_IO macro. This patch will replace the infinite loop with a call to panic. Signed-off-by:
Mark Gross <mgross@linux.intel.com> Signed-off-by:
-
Kenji Kaneshige authored
The pci_osc_control_set() function can be called for the ACPI object that doesn't have _OSC method. In this case, acpi_get_osc_data() would allocate a useless memory region. To avoid this, we need to check the existence of _OSC before calling acpi_get_osc_data(). Here is a patch to fix this problem in pci_osc_control_set. Signed-off-by:
-
Shaohua Li authored
There is an IA64 system here which have two pci root bridges with _OSC. One _OSC disables SHPC control bit but the other not. Below patch makes _OSC data per-device instead of one global, otherwise linux takes both root bridges don't support SHPC. Signed-off-by:
Shaohua Li <shaohua.li@intel.com> Signed-off-by:
-
Takashi Iwai authored
Rene Herman reported: > commit 8779f2fc > > "x86: don't try to allocate from DMA zone at first" > > breaks all of ISA DMA. Or all of ALSA ISA DMA at least. All > ISA soundcards are silent following that commit -- no error > messages, everything appears fine, just silence. That patch is buggy. We had an implicit assumption that dev = NULL for ISA devices that require 24bit DMA. The recent work on x86 dma_alloc_coherent() breaks the ISA DMA buffer allocation, which is represented by "dev = NULL" and requires 24bit DMA implicitly. Bisected-by:
Rene Herman <rene.herman@keyaccess.nl> Signed-off-by:
Takashi Iwai <tiwai@suse.de> Signed-off-by:
-
Kenji Kaneshige authored
Fix uninitialized variable in __pci_osc_support_set(). If the ACPI namespace doesn't have any device object corresponding to the specified hid, 'retval' in __pci_osc_support_set() is not changed by the acpi_query_osc() callback. Since 'retval' is not initizlized in the current implementation, the contents of 'retval' is undefined in this case. This causes a mis-handling of ctrlset_buf[OSC_SUPPORT_TYPE] and will cause an unexpected result in the subsequent pci_osc_control_set() call as a result. Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6: [ALSA] ASoC: Fix wrong enum count for jack_function in N810 machine driver [ALSA] ASoC: build fix for snd_soc_info_bool_ext [ALSA] ASoC: Fix TLV320AIC3X mono line output interconnect [ALSA] soc - fsl_ssi.c fix "BUG: scheduling while atomic" [ALSA] emux midi synthesizer doesn't honor SOFT_PEDAL-release event
-
Cyrill Gorcunov authored
Fix imbalanced calls for mutex lock/unlock on ecryptfs_daemon_hash_mux Revealed by Ingo Molnar: http://lkml.org/lkml/2008/5/7/260Signed-off-by:
Cyrill Gorcunov <gorcunov@gmail.com> Cc: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by:
-
Jan Engelhardt authored
Another addendum to commit c9e587ab ("vt: fix background color on line feed"). fbcon still was not doing the right thing (read: continued to do old behavior). fbcon_clear() seems to clear the new line (e.g. where your new prompt appears after doing echo -en "\e[42mfoo\n"), while scr_memsetw clears the previous one only (where "foo" appears). So just temporarily set the video_erase_char to the scrl_erase_char so that fbcon_clear does the right thing. Signed-off-by:
Jan Engelhardt <jengelh@medozas.de> Signed-off-by:
-
Jan Engelhardt authored
Addendum to commit c9e587ab ("vt: fix background color on line feed"). vc->vc_scrl_erase_char was not updated when fbcon switches between 256- and 512-glyph fonts. Signed-off-by:
David S. Miller <davem@davemloft.net> Signed-off-by:
-
Maciej W. Rozycki authored
The driver uses printk(), but does not include <linux/kernel.h> -- add it. Signed-off-by:
Maciej W. Rozycki <macro@linux-mips.org> Cc: Alessandro Zummo <a.zummo@towertech.it> Cc: Alexander Bigga <ab@mycable.de> Cc: Wim Van Sebroeck <wim@iguana.be> Cc: David Brownell <david-b@pacbell.net> Signed-off-by:
-
Maciej W. Rozycki authored
Watchdog handlers within the driver make use of "save_client" -- make sure it has been initalized before the handlers are registered. Signed-off-by:
-
Andrew Morton authored
drivers/char/synclink_gt.c: In function 'put_char': drivers/char/synclink_gt.c:919: warning: 'ret' may be used uninitialized in this function The compiler speaketh truth. Cc: Paul Fulghum <paulkf@microgate.com> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Signed-off-by:
-
Jean Delvare authored
bdevname() fills the buffer that it is given as a parameter, so calling strcpy() or snprintf() on the returned value is redundant (and probably not guaranteed to work - I don't think strcpy and snprintf support overlapping buffers.) Signed-off-by:
Jean Delvare <khali@linux-fr.org> Cc: Stephen Tweedie <sct@redhat.com> Cc: Jens Axboe <axboe@kernel.dk> Signed-off-by:
-
Miklos Szeredi authored
Prior to 2.6.26 fuse only supported single page write requests. In theory all fuse filesystem should be able support bigger than 4k writes, as there's nothing in the API to prevent it. Unfortunately there's a known case in NTFS-3G where big writes cause filesystem corruption. There could also be other filesystems, where the lack of testing with big write requests would result in bugs. To prevent such problems on a kernel upgrade, disable big writes by default, but let filesystems set a flag to turn it on. Signed-off-by:
Miklos Szeredi <mszeredi@suse.cz> Cc: Szabolcs Szakacsits <szaka@ntfs-3g.org> Signed-off-by:
-
Dhaval Giani authored
Correct the cgroups documentation to reflect the correct file names. Signed-off-by:
Dhaval Giani <dhaval@linux.vnet.ibm.com> Cc: Sudhir Kumar <skumar@linux.vnet.ibm.com> Cc: Balbir Singh <balbir@in.ibm.com> Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> Acked-by:
Paul Menage <menage@google.com> Signed-off-by:
-
KOSAKI Motohiro authored
When mm destruction happens, we should pass mm_update_next_owner() the old mm. But unfortunately new mm is passed in exec_mmap(). Thus, kernel panic is possible when a multi-threaded process uses exec(). Also, the owner member comment description is wrong. mm->owner does not necessarily point to the thread group leader. [akpm@linux-foundation.org: coding-style fixes] Signed-off-by:
KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Acked-by:
Balbir Singh <balbir@linux.vnet.ibm.com> Cc: "Paul Menage" <menage@google.com> Cc: "KAMEZAWA Hiroyuki" <kamezawa.hiroyu@jp.fujitsu.com> Signed-off-by:
-
Joakim Tjernlund authored
The current driver may cause glitches on SPI CLK line since one must disable the SPI controller before changing any HW settings. Fix this by implementing a local spi_transfer function that won't change speed and/or word size while CS is active. While doing that heavy lifting a few other issues were addressed too: - Make word size 16 and 32 work too. - Honor bits_per_word and speed_hz in spi transaction. - Optimize the common path. This also stops using the "bitbang" framework (except for a few constants). [Roel Kluin <12o3l@tiscali.nl>: "irq" needs to be signed] Signed-off-by:
Joakim Tjernlund <Joakim.Tjernlund@transmode.se> Signed-off-by:
David Brownell <dbrownell@users.sourceforge.net> Signed-off-by:
-
Paul Jackson authored
They aren't used. They were briefly used as part of some other patches to provide an alternative format for displaying some /proc and /sys cpumasks. They probably should have been removed when those other patches were dropped, in favor of a different solution. Signed-off-by:
Paul Jackson <pj@sgi.com> Cc: "Mike Travis" <travis@sgi.com> Cc: "Bert Wesarg" <bert.wesarg@googlemail.com> Cc: Alexey Dobriyan <adobriyan@gmail.com> Cc: WANG Cong <xiyou.wangcong@gmail.com> Signed-off-by:
-
Geert Uytterhoeven authored
CONFIG_FB_DEFERRED_IO can not be turned off, while it's already selected automatically by the drivers that need it. Although it's nice to have more compile-coverage, not being able to disable a rarely used feature is annoying. Signed-off-by:
Geert Uytterhoeven <geert@linux-m68k.org> Acked-by:
Jaya Kumar <jayakumar.lkml@gmail.com> Signed-off-by:
-
Nicolas Ferre authored
Fix divider calculation and allow CLKVAL = 0 (divisor 2) It was not possible to get the clock value 0 (divisor 2) because the test "<=0" force the BYPASS bit to be activated instead. [akpm@linux-foundation.org: coding-style fixes] Signed-off-by:
Nicolas Ferre <nicolas.ferre@atmel.com> Cc: Per Hedblom <per.hedblom@abem.se> Cc: Roel Kluin <12o3l@tiscali.nl> Cc: Jan Weber <jw022609@uni-greifswald.de> Cc: Andrew Victor <linux@maxim.org.za> Cc: Haavard Skinnemoen <hskinnemoen@atmel.com> Signed-off-by:
-
Maciej W. Rozycki authored
The input argument to rtc_time_to_tm() is unsigned as well as are members of the output structure. However signed arithmetic is used within for calculations leading to incorrect results for input values outside the signed positive range. If this happens the time of day returned is out of range. Found the problem when fiddling with the RTC and the driver where year was set to an unexpectedly large value like 2070, e.g.: rtc0: setting system clock to 2070-01-01 1193046:71582832:26 UTC (3155760954) while it should be: rtc0: setting system clock to 2070-01-01 00:15:54 UTC (3155760954) Changing types to unsigned fixes the problem. [akpm@linux-foundation.org: remove old-fashioned `register' keyword] Signed-off-by:
-
Greg Ungerer authored
Include the missing kcrctab and kcrctab_unused sections into the m68knommu linker script. Signed-off-by:
Greg Ungerer <gerg@uclinux.org> Signed-off-by:
-
Cyrill Gorcunov authored
There is an ability to lose an initcall return value if it happened with irq disabled or imbalanced preemption (and if we debug initcall). Signed-off-by:
-
Jordan Crouse authored
Update the Geode list location in the MAINTAINERS file. Signed-off-by:
Jordan Crouse <jordan.crouse@amd.com> Signed-off-by:
-
Eric Sesterhenn authored
Fix an oops with a corrupted hfs+ image. See http://bugzilla.kernel.org/show_bug.cgi?id=10548 for details. Problem is that we call hfs_btree_open() from hfsplus_fill_super() to set HFSPLUS_SB(sb).[ext_tree|cat_tree] Both trees are still NULL at this moment. If hfs_btree_open() fails for any reason it calls iput() on the page, which gets to hfsplus_releasepage() which tries to access HFSPLUS_SB(sb).* which is still NULL and oopses while dereferencing it. [akpm@linux-foundation.org: build fix] Signed-off-by:
Eric Sesterhenn <snakebyte@gmx.de> Cc: Roman Zippel <zippel@linux-m68k.org> Signed-off-by:
-
Mel Gorman authored
PA-RISC to aid debugging prints out the zonelists setup by the system. A bad call to node_zonelist() breaks at compile-time. This patch fixes it. Signed-off-by:
Mel Gorman <mel@csn.ul.ie> Cc: Christoph Lameter <clameter@sgi.com> Cc: Lee Schermerhorn <lee.schermerhorn@hp.com> Cc: Kyle McMartin <kyle@mcmartin.ca> Cc: Grant Grundler <grundler@parisc-linux.org> Cc: James Bottomley <James.Bottomley@HansenPartnership.com> Cc: Adrian Bunk <bunk@kernel.org> Signed-off-by:
-
