- 05 Oct, 2009 40 commits
-
-
Zhenyu Wang authored
commit b09aea7f upstream. New register for PCH LVDS on IGDNG should be used. This is a copy-n-paste typo. This fixes possible dual channel LVDS panel failure on IGDNG. Signed-off-by: Zhenyu Wang <zhenyuw@linux.intel.com> Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Chris Wilson authored
commit cd0b9fb4 upstream. Eric noted a potential concern with the low bits not being strictly used as part of the absolute offset (instead part of the command stream to the GPU), but in practice that should not be an issue. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk> Tested-by: Andy Whitcroft <apw@canonical.com> Cc: Eric Anholt <eric@anholt.net> Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Chris Wilson authored
commit 4960aaca upstream. If we failed to set the domain, the buffer was no longer being tracked on any list. Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk> Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Jesse Barnes authored
commit d660467c upstream. A very high dotclock (e.g. 229500kHz as reported by Anton) can cause the entries_required variable to overflow, potentially leading to a FIFO watermark value that's too low to support the given mode. Split the division across the calculation to avoid this. Reported-by: Anton Khirnov <wyskas@gmail.com> Tested-by: Anton Khirnov <wyskas@gmail.com> Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Chris Wilson authored
commit 7e616158 upstream. drm_ht_remove_item() does not handle removing an absent item and the hlist in particular is incorrectly initialised. The easy remedy is simply skip calling i915_gem_free_mmap_offset() unless we have actually created the offset and associated ht entry. This also fixes the mishandling of a partially constructed offset which leaves pointers initialized after freeing them along the i915_gem_create_mmap_offset() error paths. In particular this should fix the oops found here: https://bugs.launchpad.net/ubuntu/+source/xserver-xorg-video-intel/+bug/415357/comments/8Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk> Signed-off-by: Eric Anholt <eric@anholt.net>
-
Zhenyu Wang authored
commit b7e53aba upstream. Don't need extra config restore like for intel_agp, which might cause resume hang issue found by Alan on 845G. Cc: Stable Team <stable@kernel.org> Cc: Alan Stern <stern@rowland.harvard.edu> Signed-off-by: Zhenyu Wang <zhenyuw@linux.intel.com> Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Hennerich, Michael authored
commit eb661bc8 upstream. SL811 Device detected after removal used to be working in linux-2.6.22 but then broke somewhere between 2.6.22 and 2.6.28. Current hub_port_connect_change() in drivers/usb/core/hub.c won't call usb_disconnect() in case the SL811 driver sets portstatus USB_PORT_FEAT_CONNECTION upon removal. AFAIK the SL811 has only a combined Device Insert/Remove detection bit, therefore use a count to distinguish insert or remove. Signed-Off-By: Michael Hennerich <hennerich@blackfin.uclinux.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Guus Sliepen authored
commit 665d7662 upstream. According to the specifications, an instrument should not return more data in a DEV_DEP_MSG_IN urb than requested. However, some instruments can send more than requested. This could cause the kernel to write the extra data past the end of the buffer provided by read(). Fix this by checking that the value of the TranserSize field is not larger than the urb itself and not larger than the size of the userspace buffer. Also correctly decrement the remaining size of the buffer when userspace read()s more than USBTMC_SIZE_IOBUFFER. Signed-off-by: Guus Sliepen <guus@sliepen.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
fangxiaozhi authored
commit d0defb85 upstream. In this patch, we always make the return value of function usb_stor_huawei_e220_init to be zero. Then it will not prevent usb-storage driver from attaching to the CDROM device of Huawei Datacard. Signed-off-by: fangxiaozhi <huananhu@huawei.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Oliver Neukum authored
commit e5dc8ae1 upstream. In the resume path of a block driver GFP_NOIO must be used to avoid a possible deadlock. The onetouch subdriver of storage violates the requirement. Signed-off-by: Oliver Neukum <oliver@neukum.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Pawel Ludwikow authored
commit 35904e6b upstream. I'd like to present my small patch enabling to use Sanwa PC5000 mulitimeter with linux. Signed-off-by: Pawel Ludwikow <pludwiko@rab.ict.pwr.wroc.pl> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Jack Steiner authored
commit d2374aec upstream. The UV BIOS has changed the way interrupt remapping is being done. This affects the id used for sending IPIs. The upper id bits no longer need to be masked off. Signed-off-by: Jack Steiner <steiner@sgi.com> LKML-Reference: <20090909154104.GA25083@sgi.com> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Kevin Cernekee authored
commit 051b982b upstream. kaweth_control() never frees the buffer that it allocates for the USB control message. Test case: while :; do ifconfig eth2 down ; ifconfig eth2 up ; done This is a tiny buffer so it is a slow leak. If you want to speed up the process, you can change the allocation size to e.g. 16384 bytes, and it will consume several megabytes within a few minutes. Signed-off-by: Kevin Cernekee <cernekee@gmail.com> Acked-by: Oliver Neukum <oliver@neukum.org> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Tilman Schmidt authored
commit a4304f2d upstream. The tty_operation chars_in_buffer() is not allowed to return a negative value to signal an error. Corrects the problem flagged by commit 23198fda, "tty: fix chars_in_buffers". Signed-off-by: Tilman Schmidt <tilman@imap.cc> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Alan Cox authored
commit 9a68e39d upstream. These are handled by the tty_port core code which will raise and lower the carrier correctly in tty_wait_until_ready Signed-off-by: Alan Cox <alan@linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Alan Cox authored
commit 9b80fee1 upstream. This changed in 2006 so its about time the ACM driver caught up Signed-off-by: Alan Cox <alan@linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Oliver Neukum authored
commit 7af25b4b upstream. cdc-acm needs to set a flag during open to tell the tty layer that the device is initialized Signed-off-by: Oliver Neukum <oliver@neukum.org> Cc: Marcel Holtmann <marcel@holtmann.org> Cc: Paul Martin <pm@debian.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Oliver Neukum authored
commit 7f1dc313 upstream. support for O_NONBLOCK in read and write path by simply not waiting for data in read or availability of the write urb in write but returning -EAGAIN Signed-off-by: Oliver Neukum <oliver@neukum.org> Tested-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Michael Hennerich authored
commit 11eaf170 upstream. Detect the UART on interface1 and blacklist interface0 (as that is the JTAG port). Signed-off-by: Michael Hennerich <michael.hennerich@analog.com> Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
mail@rainerkeller.de authored
commit ec3815c3 upstream. Some devices from the OpenDCC project are missing in the list of the FTDI PIDs. These PIDs are listed at http://www.opendcc.de/elektronik/usb/opendcc_usb.html (Sorry for the german only page.) This patch adds the three missing devices. Signed-off-by: Rainer Keller <mail@rainerkeller.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Pawel Ludwikow authored
commit e7d7fcc0 upstream. I'd like to present my small patch enabling to use Hameg HM8143 programmable power supply with linux. Signed-off-by: Pawel Ludwikow <pludwiko@rab.ict.pwr.wroc.pl> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Massimo Cirillo authored
commit 23af51ec upstream. The M29W128G Numonyx flash devices are intolerant to any 0xFF command: in the Cfi_util.c the function cfi_qry_mode_off() (that resets the device after the autoselect mode) must have a 0xF0 command after the 0xFF command. This fix solves also the cause of the fixup_M29W128G_write_buffer() fix, that can be removed now. The following patch applies to 2.6.30 kernel. Signed-off-by: Massimo Cirillo <maxcir@gmail.com> Acked-by: Alexey Korolev <akorolev@infradead.org> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Benjamin Krill authored
commit ebd5a74d upstream. The previous implementation breaks the dts binding "mtd-physmap.txt". This implementation fixes the issue by checking the availability of the reg property instead of the name property. Signed-off-by: Benjamin Krill <ben@codiert.org> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Feng Kan authored
commit 76c23c32 upstream. Fix ECC Correction bug where the byte offset location were double fliped causing correction routine to toggle the wrong byte location in the ECC segment. The ndfc_calculate_ecc routine change the order of getting the ECC code. /* The NDFC uses Smart Media (SMC) bytes order */ ecc_code[0] = p[2]; ecc_code[1] = p[1]; ecc_code[2] = p[3]; But in the Correction algorithm when calculating the byte offset location, the b1 is used as the upper part of the address. Which again reverse the order making the final byte offset address location incorrect. byte_addr = (addressbits[b1] << 4) + addressbits[b0]; The order is change to read it in straight and let the correction function to revert it to SMC order. Signed-off-by: Feng Kan <fkan@amcc.com> Acked-by: Victor Gallardo <vgallardo@amcc.com> Acked-by: Prodyut Hazarika <phazarika@amcc.com> Acked-by: Stefan Roese <sr@denx.de> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Christian Lamparter authored
commit fe9f6342 upstream. This patch adds the usbid for TP-Link TL-WN821N v2. Reported-by: Fabian Lenz <lenz_fabian@yahoo.de> Signed-off-by: Christian Lamparter <chunkeey@googlemail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Ryusuke Konishi authored
commit 1f28fcd9 upstream. This will fix file system corruption which infrequently happens after mount. The problem was reported from users with the title "[NILFS users] Fail to mount NILFS." (Message-ID: <200908211918.34720.yuri@itinteg.net>), and so forth. I've also experienced the corruption multiple times on kernel 2.6.30 and 2.6.31. The problem turned out to be caused due to discordance between mapping->nrpages of a btree node cache and the actual number of pages hung on the cache; if the mapping->nrpages becomes zero even as it has pages, truncate_inode_pages() returns without doing anything. Usually this is harmless except it may cause page leak, but garbage collection fairly infrequently sees a stale page remained in the btree node cache of DAT (i.e. disk address translation file of nilfs), and induces the corruption. I identified a missing initialization in btree node caches was the root cause. This corrects the bug. I've tested this for kernel 2.6.30 and 2.6.31. Reported-by: Yuri Chislov <yuri@itinteg.net> Signed-off-by: Ryusuke Konishi <konishi.ryusuke@lab.ntt.co.jp> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Alan Jenkins authored
commit 50fab076 upstream. "I recently (on a flight) I found out that when I boot with the hard-switch activated, so turning off all wireless activity on my laptop, the state is not correctly announced in /dev/rfkill (reading it with rfkill command, or my own gnome applet)... After turning off and on again the hard-switch the events were right." We can fix this by querying the firmware at load time and calling rfkill_set_hw_state(). Signed-off-by: Alan Jenkins <alan-jenkins@tuffmail.co.uk> Tested-by: Norbert Preining <preining@logic.at> Acked-by: Johannes Berg <johannes@sipsolutions.net> Acked-by: Mattia Dongili <malattia@linux.it> Signed-off-by: John W. Linville <linville@tuxdriver.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Rafael J. Wysocki authored
commit 0c570cde upstream. Since 2.6.29 the PCI PM core have been restoring the standard configuration registers of PCI devices in the early phase of resume. In particular, PCI devices without drivers have been handled this way since commit 355a72d7 (PCI: Rework default handling of suspend and resume). Unfortunately, this leads to post-resume problems with CardBus devices which cannot be accessed in the early phase of resume, because the sockets they are on have not been woken up yet at that point. To solve this problem, move the yenta socket resume to the early phase of resume and, analogously, move the suspend of it to the late phase of suspend. Additionally, remove some unnecessary PCI code from the yenta socket's resume routine. Fixes http://bugzilla.kernel.org/show_bug.cgi?id=13092, which is a post-2.6.28 regression. Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Reported-by: Florian <fs-kernelbugzilla@spline.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Rafael J. Wysocki authored
commit 827b4649 upstream. pcmcia_socket_dev_suspend() doesn't use its second argument, so it may be dropped safely. This change is necessary for the subsequent yenta suspend/resume fix. Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Wolfram Sang authored
commit 7a4b2310 upstream. Add ID as reported in: http://lists.infradead.org/pipermail/linux-pcmcia/2009-May/006127.htmlReported-by: Kenneth Moorman <KMoorman@transy.edu> Signed-off-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Eric Dumazet authored
commit a255a998 upstream. "perf top" cores dump on my dev machine, if run from a directory where vmlinux is present: *** glibc detected *** malloc(): memory corruption: 0x085670d0 *** Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> LKML-Reference: <4ABB6EB7.7000002@gmail.com> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Ian Schram authored
commit cdf8073d upstream. There is still some weird code in per_copy_attr(). Which supposedly checks that all bytes trailing a struct are zero. It doesn't seem to get pointer arithmetic right. Since it increments an iterating pointer by sizeof(unsigned long) rather than 1. Signed-off-by: Ian Schram <ischram@telenet.be> [ v2: clean up the messy PTR_ALIGN logic as well. ] Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Mike Galbraith <efault@gmx.de> Cc: Paul Mackerras <paulus@samba.org> Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: Frederic Weisbecker <fweisbec@gmail.com> LKML-Reference: <4AB3DEE2.3030600@telenet.be> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Jeremy Fitzhardinge authored
commit b75fe4e5 upstream. x86-64 assumes NX is available by default, so we need to explicitly check for it before using NX. Some first-generation Intel x86-64 processors didn't support NX, and even recent systems allow it to be disabled in BIOS. [ Impact: prevent Xen crash on NX-less 64-bit machines ] Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Yang Xiaowei authored
commit 2496afbf upstream. We need to have a stronger barrier between releasing the lock and checking for any waiting spinners. A compiler barrier is not sufficient because the CPU's ordering rules do not prevent the read xl->spinners from happening before the unlock assignment, as they are different memory locations. We need to have an explicit barrier to enforce the write-read ordering to different memory locations. Because of it, I can't bring up > 4 HVM guests on one SMP machine. [ Code and commit comments expanded -J ] [ Impact: avoid deadlock when using Xen PV spinlocks ] Signed-off-by: Yang Xiaowei <xiaowei.yang@intel.com> Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Jeremy Fitzhardinge authored
commit 4d576b57 upstream. Where possible we enable interrupts while waiting for a spinlock to become free, in order to reduce big latency spikes in interrupt handling. However, at present if we manage to pick up the spinlock just before blocking, we'll end up holding the lock with interrupts enabled for a while. This will cause a deadlock if we recieve an interrupt in that window, and the interrupt handler tries to take the lock too. Solve this by shrinking the interrupt-enabled region to just around the blocking call. [ Impact: avoid race/deadlock when using Xen PV spinlocks ] Reported-by: "Yang, Xiaowei" <xiaowei.yang@intel.com> Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Jeremy Fitzhardinge authored
commit 577eebea upstream. -fstack-protector uses a special per-cpu "stack canary" value. gcc generates special code in each function to test the canary to make sure that the function's stack hasn't been overrun. On x86-64, this is simply an offset of %gs, which is the usual per-cpu base segment register, so setting it up simply requires loading %gs's base as normal. On i386, the stack protector segment is %gs (rather than the usual kernel percpu %fs segment register). This requires setting up the full kernel GDT and then loading %gs accordingly. We also need to make sure %gs is initialized when bringing up secondary cpus too. To keep things consistent, we do the full GDT/segment register setup on both architectures. Because we need to avoid -fstack-protected code before setting up the GDT and because there's no way to disable it on a per-function basis, several files need to have stack-protector inhibited. [ Impact: allow Xen booting with stack-protector enabled ] Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Chuck Ebbert authored
commit 20d1752f upstream. commit ac683924 ("[CIFS] Allow raw ntlmssp code to be enabled with sec=ntlmssp") added a new bit to the allowed security flags mask but seems to have inadvertently removed Lanman security from the allowed flags. Add it back. Signed-off-by: Chuck Ebbert <cebbert@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Tyler Hicks authored
commit 9c2d2056 upstream. When calling vfs_unlink() on the lower dentry, d_delete() turns the dentry into a negative dentry when the d_count is 1. This eventually caused a NULL pointer deref when a read() or write() was done and the negative dentry's d_inode was dereferenced in ecryptfs_read_update_atime() or ecryptfs_getxattr(). Placing mutt's tmpdir in an eCryptfs mount is what initially triggered the oops and I was able to reproduce it with the following sequence: open("/tmp/upper/foo", O_RDWR|O_CREAT|O_EXCL|O_NOFOLLOW, 0600) = 3 link("/tmp/upper/foo", "/tmp/upper/bar") = 0 unlink("/tmp/upper/foo") = 0 open("/tmp/upper/bar", O_RDWR|O_CREAT|O_NOFOLLOW, 0600) = 4 unlink("/tmp/upper/bar") = 0 write(4, "eCryptfs test\n"..., 14 <unfinished ...> +++ killed by SIGKILL +++ https://bugs.launchpad.net/ecryptfs/+bug/387073Reported-by: Loïc Minier <loic.minier@canonical.com> Cc: Serge Hallyn <serue@us.ibm.com> Cc: Dave Kleikamp <shaggy@linux.vnet.ibm.com> Cc: ecryptfs-devel@lists.launchpad.net Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Tyler Hicks authored
commit 38919598 upstream. When searching through the global authentication tokens for a given key signature, verify that a matching key has not been revoked and has not expired. This allows the `keyctl revoke` command to be properly used on keys in use by eCryptfs. Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: ecryptfs-devel@lists.launchpad.net Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Tyler Hicks authored
commit df6ad33b upstream. Returns -ENOTSUPP when attempting to use filename encryption with something other than a password authentication token, such as a private token from openssl. Using filename encryption with a userspace eCryptfs key module is a future goal. Until then, this patch handles the situation a little better than simply using a BUG_ON(). Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: ecryptfs-devel@lists.launchpad.net Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-