From: Trond Myklebust <Trond.Myklebust@netapp.com>
We're presently running lock_kernel() under fs_lock via nfs's ->permission
handler. That's a ranking bug and sometimes a sleep-in-spinlock bug. This
problem was introduced in the openat() patchset.
We should not need to hold the current->fs->lock for a codepath that doesn't
use current->fs.
[vsu@altlinux.ru: fix error path]
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Cc: Al Viro <viro@ftp.linux.org.uk>
Signed-off-by: Sergey Vlasov <vsu@altlinux.ru>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
From: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
After removal of fixup_cpu_present_map() function Alpha ended up with an empty
cpu_present_map, so secondary CPUs on SMP systems are not being started.
Worse, on some platforms we route interrupts to secondary CPUs using
cpu_possible_map which is still populated properly. As a result, these
interrupts go nowhere so the machines like DP264 aren't able to boot even with
a primary CPU.
Fixed basically by s/cpu_present_mask/cpu_present_map/.
Thanks to Ernst Herzberg for reporting the bug and testing the fix.
Cc: Ernst Herzberg <list-lkml@net4u.de>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
From: Stephen Smalley <sds@tycho.nsa.gov>
Fix unsafe nesting of sb_lock inside sb_security_lock in
selinux_complete_init. Detected by the kernel locking validator.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
From: Ralf Baechle <ralf@linux-mips.org>
<linux/mmzone.h> uses PAGE_SIZE, PAGE_SHIFT from <asm/page.h> without
including that header itself. For some sparsemem configurations this may
result in build errors like:
CC init/initramfs.o
In file included from include/linux/gfp.h:4,
from include/linux/slab.h:15,
from include/linux/percpu.h:4,
from include/linux/rcupdate.h:41,
from include/linux/dcache.h:10,
from include/linux/fs.h:226,
from init/initramfs.c:2:
include/linux/mmzone.h:498:22: warning: "PAGE_SHIFT" is not defined
In file included from include/linux/gfp.h:4,
from include/linux/slab.h:15,
from include/linux/percpu.h:4,
from include/linux/rcupdate.h:41,
from include/linux/dcache.h:10,
from include/linux/fs.h:226,
from init/initramfs.c:2:
include/linux/mmzone.h:526: error: `PAGE_SIZE' undeclared here (not in a function)
include/linux/mmzone.h: In function `__pfn_to_section':
include/linux/mmzone.h:573: error: `PAGE_SHIFT' undeclared (first use in this function)
include/linux/mmzone.h:573: error: (Each undeclared identifier is reported only once
include/linux/mmzone.h:573: error: for each function it appears in.)
include/linux/mmzone.h: In function `pfn_valid':
include/linux/mmzone.h:578: error: `PAGE_SHIFT' undeclared (first use in this function)
make[1]: *** [init/initramfs.o] Error 1
make: *** [init] Error 2
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Seems-reasonable-to: Andy Whitcroft <apw@shadowen.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
From: Peter Oberparleiter <peter.oberparleiter@de.ibm.com>
The path grouping can fail due to non-unique pathgroup-IDs. The source for
the CPU-ID part of the ID was incorrectly specified on 64 bit systems.
Additionally, the length of the ID was too large due to incorrect data packing
declaration. Fix CPU-ID lowcore address and add missing packing declaration.
Signed-off-by: Peter Oberparleiter <peter.oberparleiter@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
From: Florin Malita <fmalita@gmail.com>
The skb may be gone after netif_rx(), we can't use 'skb->len' to update the
stats. 'pkt_len' should work instead.
Coverity CID: 911.
Signed-off-by: Florin Malita <fmalita@gmail.com>
Cc: Dominik Brodowski <linux@dominikbrodowski.net>
Acked-by: Jeff Garzik <jeff@garzik.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Patch from Steve Yang
MACHINE_START struct doesn't have any bootargs location for the
mainstone. Result is no kernel command args get passed; no serial driver
is selected for console and results in a silent boot failure.
Signed-off-by: Steve Yang <steve.yang@windriver.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
When ipoib_stop() is called it first calls netif_stop_queue() to stop
the kernel from passing more packets to the network driver. However,
the completion handler may call netif_wake_queue() re-enabling packet
transfer.
This might result in leaks (we see AH leaks which we think can be
attributed to this bug) as new packets get posted while the interface
is going down.
Signed-off-by: Eli Cohen <eli@mellanox.co.il>
Signed-off-by: Michael Tsirkin <mst@mellanox.co.il>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
Replacing mistyped "buad" with "baud" where applicable.
Signed-off-by: Horst Schirmeier <horst@schirmeier.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Both csum_partial() and the csum_partial_copy*() family of routines
forget to do a final fold on the computed checksum value on sparc64.
So do the standard Sparc "add + set condition codes, add carry"
sequence, then make sure the high 32-bits of the return value are
clear.
Based upon some excellent detective work and debugging done by
Richard Braun and Samuel Thibault.
Signed-off-by: David S. Miller <davem@davemloft.net>
The driver is selectable on other than Au1200 Alchemy systems but won't
build nor work - there is no MMC hw.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
* master.kernel.org:/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6:
[SCSI] scsi_lib.c: properly count the number of pages in scsi_req_map_sg()
[SCSI] scsi_transport_sas: make write attrs writeable
[SCSI] scsi_transport_sas; fix user_scan
[SCSI] ppa: fix for machines with highmem
[SCSI] mptspi: reset handler shouldn't be called for other bus protocols
[SCSI] Blacklist entry for HP dat changer
When snd_cwnd is smaller than 38 and the connection is in
congestion avoidance phase (snd_cwnd > snd_ssthresh), the snd_cwnd
seems to stop growing.
The additive increase was confused because C array's are 0 based.
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
* master.kernel.org:/home/rmk/linux-2.6-arm:
[ARM] 3540/1: ixp23xx: deal with gap in interrupt bitmasks
[ARM] 3539/1: ixp23xx: fix __arch_ixp23xx_is_coherent() for A1 stepping
* master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6:
[SPARC64]: Fix D-cache corruption in mremap
[SPARC64]: Make smp_processor_id() functional before start_kernel()
Patch from Lennert Buytenhek
On the ixp23xx, the microengine thread interrupt sources are numbered
56..119, but their mask/status bits are located in bit positions 64..127
in the various registers in the interrupt controller (bit positions
56..63 are unused.)
We don't deal with this, so currently, when asked to enable IRQ 64, we
will enable IRQ 56 instead.
The only interrupts >= 64 are the thread interrupt sources, and there
are no in-tree users of those yet, so this is fortunately not a big
problem, but this needs fixing anyway.
Signed-off-by: Lennert Buytenhek <buytenh@wantstofly.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Patch from Lennert Buytenhek
The current __ixp23xx_arch_is_coherent() check assumes that the
lower byte of IXP23XX_PRODUCT_ID is identical to the lower byte of
processor_id, but this is not the case, and because of this we were
incorrectly enabling coherency on A1 stepping CPUs.
Stepping A1 of the ixp2350, which has a PRODUCT_ID of 0x401, has '02'
in the lower byte of processor_id, while A2, with a PRODUCT_ID of
0x402, has '04' in the lower byte of processor_id.
So, to check for >= A2, we really need to check the lower byte of
processor_id against >= 4.
Signed-off-by: Lennert Buytenhek <buytenh@wantstofly.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
mm/slab.c's offlab_limit logic is totally broken.
Firstly, "offslab_limit" is a global variable while it should either be
calculated in situ or should be passed in as a parameter.
Secondly, the more serious problem with it is that the condition for
calculating it:
if (!(OFF_SLAB(sizes->cs_cachep))) {
offslab_limit = sizes->cs_size - sizeof(struct slab);
offslab_limit /= sizeof(kmem_bufctl_t);
is in total disconnect with the condition that makes use of it:
/* More than offslab_limit objects will cause problems */
if ((flags & CFLGS_OFF_SLAB) && num > offslab_limit)
break;
but due to offslab_limit being a global variable this breakage was
hidden.
Up until lockdep came along and perturbed the slab sizes sufficiently so
that the first off-slab cache would still see a (non-calculated) zero
value for offslab_limit and would panic with:
kmem_cache_create: couldn't create cache size-512.
Call Trace:
[<ffffffff8020a5b9>] show_trace+0x96/0x1c8
[<ffffffff8020a8f0>] dump_stack+0x13/0x15
[<ffffffff8022994f>] panic+0x39/0x21a
[<ffffffff80270814>] kmem_cache_create+0x5a0/0x5d0
[<ffffffff80aced62>] kmem_cache_init+0x193/0x379
[<ffffffff80abf779>] start_kernel+0x17f/0x218
[<ffffffff80abf263>] _sinittext+0x263/0x26a
Kernel panic - not syncing: kmem_cache_create(): failed to create slab `size-512'
Paolo Ornati's config on x86_64 managed to trigger it.
The fix is to move the calculation to the place that makes use of it.
This also makes slab.o 54 bytes smaller.
Btw., the check itself is quite silly. Its intention is to test whether
the number of objects per slab would be higher than the number of slab
control pointers possible. In theory it could be triggered: if someone
tried to allocate 4-byte objects cache and explicitly requested with
CFLGS_OFF_SLAB. So i kept the check.
Out of historic interest i checked how old this bug was and it's
ancient, 10 years old! It is the oldest hidden and then truly triggering
bugs i ever saw being fixed in the kernel!
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Update documentation to match reality. INPCK controls whether input
parity checking is enabled.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
If we move a mapping from one virtual address to another,
and this changes the virtual color of the mapping to those
pages, we can see corrupt data due to D-cache aliasing.
Check for and deal with this by overriding the move_pte()
macro. Set things up so that other platforms can cleanly
override the move_pte() macro too.
Signed-off-by: David S. Miller <davem@davemloft.net>
Fix the incorrect calculation of how much to zero out in struct cm4000_dev
on device initialization.
Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
The result of pcmcia_get_socket() may be NULL but ds_event() uses it
without checking.
Coverity CID: 436.
Signed-off-by: Florin Malita <fmalita@gmail.com>
Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
Now that we select busy_rr for possible service, insert entries at the
back of that list instead of at the front.
Signed-off-by: Jens Axboe <axboe@suse.de>
The calculation of nr_pages in scsi_req_map_sg() doesn't account for
the fact that the first page could have an offset that pushes the end
of the buffer onto a new page.
Signed-off-by: Bryan Holty <lgeek@frontiernet.net>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
There's a small window from when the timer is entered and we grab
the queue lock, where cfq_set_active_queue() could be rearming the
timer for us. Seen in the wild on a 12-way ppc box. Fix this by
just using mod_timer(), which will do the right thing for us.
Signed-off-by: Jens Axboe <axboe@suse.de>
If the hardware is doing real queueing, decide that it's worthless to
idle the hardware. It does reasonable simultaneous io in that case
anyways, and the idling hurts some work loads.
Signed-off-by: Jens Axboe <axboe@suse.de>
If we are anticipating a sync request from this process and we are
waiting for that and see an async request come in, expire that slice
and move on.
Signed-off-by: Jens Axboe <axboe@suse.de>
For just one busy queue (like async write out), we often overlooked
that we could queue more io and decided we were idle instead. This causes
us quite a bit of performance loss.
Signed-off-by: Jens Axboe <axboe@suse.de>
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
[MIPS] Treat R14000 like R10000.
[MIPS] Remove EXPERIMENTAL from PAGE_SIZE_16KB
[MIPS] Update/Fix instruction definitions
[MIPS] DSP and MDMX share the same config flag bit.
[MIPS] Fix deadlock on MP with cache aliases.
[MIPS] Use generic STABS_DEBUG macro.
[MIPS] Create consistency in "system type" selection.
[MIPS] Use generic DWARF_DEBUG
[MIPS] Fix kgdb exception handler from user mode.
[MIPS] Update struct sigcontext member names
[MIPS] Update/fix futex assembly
[MIPS] Remove support for sysmips(2) SETNAME and MIPS_RDNVRAM operations.
[MIPS] Fix detection and handling of the 74K processor.
[MIPS] Add missing 34K processor IDs
[MIPS] Fix marking buddy of pte global for MIPS32 w/36-bit physical address
[MIPS] AU1xxx mips_timer_interrupt() fixes
[MIPS] Fix typo
A small bugfix for up to now unused instruction definitions, and a
somewhat larger update to cover MIPS32R2 instructions.
Signed-off-by: Thiemo Seufer <ths@networkno.de>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
A proper fix would involve introducing the notion of shared caches but
at this stage of 2.6.17 that's going to be too intrusive and not needed
for current hardware; aside I think some discussion will be needed.
So for now on the affected SMP configurations which happen to suffer from
cache aliases we make use of the fact that a single cache will be shared
by all processors. This solves the deadlock issue and will improve
performance by getting rid of the smp_call_function overhead.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
The "system type" Kconfig options on MIPS are not consistent. For
some platforms, only the name is listed while other entries are
prepended with "Support for". Remove this as it doesn't make sense
when describing the "system type".
Signed-off-by: Martin Michlmayr <tbm@cyrius.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
When debugging a kernel compiled by gcc 4.1 with gdb 6.4, gdb could
not show filename, linenumber, etc. It seems fixed if I used generic
DWARF_DEBUG macro. Although gcc 3.x seems work without this change,
it would be better to use the generic macro unless there were
something MIPS specific.
Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Rename the 64-bit sc_hi and sc_lo arrays to use the same names
as the 32-bit struct sigcontext (sc_mdhi, sc_hi1, et cetera).
Signed-off-by: Daniel Jacobowitz <dan@codesourcery.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
o Implement futex_atomic_op_inuser() operation
o Don't use the R10000-ll/sc bug workaround version for every processor.
branch likely is deprecated and some historic ll/sc processors don't
implement it. In any case it's slow.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
SETNAME only had a minor defect but probably never had a user and
MIPS_RDNVRAM was unimplemented anyway.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Nothing exciting; Linux just didn't know it yet so this is most adding
a value to a case statement.
Signed-off-by: Chris Dearman <chris@mips.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
In case of CONFIG_64BIT_PHYS_ADDR, set_pte() and pte_clear() functions
only set _PAGE_GLOBAL bit in the pte_low field of the buddy PTEs,
forgetting to propagate ito to pte_high. Thus, the both pages might not
really be made global for the CPU (since it AND's the G-bit of the
odd / even PTEs together to decide whether they're global or not). Thus,
if only a single page is allocated via vmalloc() or ioremap(), it's not
really global for CPU (and it must be, since this is kernel mapping),
and thus its ASID is compared against the current process' one -- so,
we'll get into trouble sooner or later... Also, pte_none() will fail
on global pages because _PAGE_GLOBAL bit is set in both pte_low and
pte_high, and pte_val() will return u64 value consisting of those fields
concateneted.
Signed-off-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
common/au1000/irq.c was missing a mips_timer_interrupt() prototype,
whereas in common/au1000/time.c the actual mips_timer_interrupt()
implementation was missing an irq_exit() invocation, causing a
preempt_count() leak.
Signed-off-by: Herbert Valerio Riedel <hvr@hvrlab.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>