Problem description:
--------------------
The problem reported by one of the customer was when a logical array
is deleted(from the SDK, from the GUI, from arcconf) then the
corresponding physical device (/dev/sdb, for example) is not removed
from the Linux namespace. So you end up with a "dead" device
entry. And some of the linux tools go slightly wonky.
Solution:
---------
Based on the notification from FW, the driver calls
"scsi_remove_device" for the DELETED drive. This call not only informs
the scsi device status to the SCSI mid layer and also it will remove
corresponding scsi device entries from the Linux sysfs.
Signed-off-by: Mahesh Rajashekhara <aacraid@adaptec.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Problem description:
--------------------
The issue reported by one of the customer was able to read LBA beyond
the array reported size with "sg_read" utility. If N is the last block
address reported, then should not be able to read past N,
i.e. N+1. But in their case, reported last LBA=143134719. So should
not have been able to read with LBA=143134720, but it is read without
failure, which means reported size to the OS is not correct and is
less than the actual last block address.
Solution:
---------
Firmware layer exposes lesser container capacity than the actual
one. It exposes [Actual size - Spitfire space(10MB)] to the OS, IO's
to the 10MB should be prohibited from the Linux driver. Driver checks
LBA boundary, if its greater than the array reported size then sets
sensekey to HARDWARE_ERROR and sends the notification to the MID
layer.
Signed-off-by: Mahesh Rajashekhara <aacraid@adaptec.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
There are two conditions for ATA pass thru command that falls into
'SRB_STATUS_ERROR' condition.
1. When the "CC" bit is set by the host in ATA pass-through CDB
- Even for the successful completion, SCSI target shall generate
check condition.
- Driver returns a result code of SAM_STAT_CHECK_CONDITION, with a
driver byte of DID_OK to the mid layer.
Below is the snippet of existing code which fills a result code
of SAM_STAT_CHECK_CONDITION:
***********************************
if (le32_to_cpu(srbreply->scsi_status) == SAM_STAT_CHECK_CONDITION) {
int len;
scsicmd->result |= SAM_STAT_CHECK_CONDITION;
..........
************************************
2. When the "CC" bit is reset by the host and if SCSI target generates
a check condition when an error occurs.
- Driver returns a result code of SAM_STAT_CHECK_CONDITION, with a
driver byte of DID_ERROR to the mid layer.
Signed-off-by: Mahesh Rajashekhara <aacraid@adaptec.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
The default driver setting is "expose_physicals=0", which means raw
physical drives are not exposed to OS. If the user wants to expose
connected physical drives, enable "expose_physicals" module parameter.
With the new JBOD firmware, physical drives are not available for
"expose_physicals>0". In function "aac_expose_phy_device", modified
to reset the appropriate bit in the first byte of inquiry data. This
fix exposes the connected physical drives.
Signed-off-by: Mahesh Rajashekhara <aacraid@adaptec.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Problem description:
--------------------
When the JBOD is created from the OS using Adaptec Storage Manager
utility device is not available under FDISK until a system restart is
done.
Solution:
---------
AIF handling: If there is a JBOD drive added to the system, identify
the old one with scsi_device_lookup() and remove it to enable a fresh
scsi_add_device(); else the new JBOD is not available until reboot.
Signed-off-by: Mahesh Rajashekhara <aacraid@adaptec.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Currently fcoe module ref count is used for tracking
active fcoe instances, it means each fcoe instance create
increments the count while destroy dec the count.
The dec is done only if fcoe instance is destroyed from
/sysfs but not if destroyed due to NETDEV_UNREGISTER event.
So this patch moves only module_put doing dec to common
fcoe_if_destroy function, so that dec would occur on ever
fcoe instance destroy.
Signed-off-by: Vasu Dev <vasu.dev@intel.com>
Signed-off-by: Robert Love <robert.w.love@intel.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
All VNports are sending FIP Keep-Alive messages with port_id and wwpn of the parent host instead of it's own port_id and wwpn. Standard FIP descriptor type 11 indicates to send own port_id and port_name.
Signed-off-by: Kaladhar Musunuru <kmusunuru@juniper.net>
Acked-by: Joe Eykholt <jeykholt@cisco.com>
Signed-off-by: Robert Love <robert.w.love@intel.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Fix typo in memset. Incorrect length parameter to memset resulting non-zero MAC address in FPMA messages.
Signed-off-by: Kaladhar Musunuru <kmusunuru@juniper.net>
Acked-by: Joe Eykholt <jeykholt@cisco.com>
Signed-off-by: Robert Love <robert.w.love@intel.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Currently rtnl mutex is grabbed during fcoe create, destroy, enable
and disable operations while sysfs s_active read mutex is already
held, but simultaneously other networking events could try grabbing
write s_active mutex while rtnl is already held and that is causing
circular lock warning, its detailed log pasted at end.
In this log, the rtnl was held before write s_active during device
renaming but there are more such cases as Joe reported another
instance with tg3 open at:-
http://www.open-fcoe.org/pipermail/devel/2010-February/008263.html
This patch fixes this issue by not waiting for rtnl mutex during
fcoe ops, that means if rtnl mutex is not immediately available
then restart_syscall() to allow others waiting in line to
grab s_active along with rtnl mutex to finish their work first
under these mutex.
Currently rtnl mutex was grabbed twice during fcoe_destroy call flow,
second grab was from fcoe_if_destroy called from fcoe_destroy after
dropping rtnl mutex before calling fcoe_if_destroy, so instead made
fcoe_if_destroy always called with rtnl mutex held to have this mutex
grabbed only once in this code path.
However left matching rtnl_unlock as-is in its original place as it was
dropped there for good reason since very next call causes synchronous
fip worker flush and if rtnl mutex is still held before flush
then that would cause new circular warning between fip->recv_work and
rtnl mutex, I've added detailed comment for this on fcoe_if_destroy
calling and rtnl muxtes unlocking.
=======================================================
[ INFO: possible circular locking dependency detected ]
2.6.33.1linux-stable-2.6.33 #1
-------------------------------------------------------
fcoemon/18823 is trying to acquire lock:
(fcoe_config_mutex){+.+.+.}, at: [<ffffffffa02ba5fc>] fcoe_create+0x27/0x4f7
[fcoe]
but task is already holding lock:
(s_active){++++.+}, at: [<ffffffff8115ef93>] sysfs_get_active_two+0x31/0x48
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #2 (s_active){++++.+}:
[<ffffffff81077bdb>] __lock_acquire+0xb73/0xd2b
[<ffffffff81077e60>] lock_acquire+0xcd/0xf1
[<ffffffff8115e5df>] sysfs_deactivate+0x8b/0xe0
[<ffffffff8115edfb>] sysfs_addrm_finish+0x36/0x55
[<ffffffff8115d0cc>] sysfs_hash_and_remove+0x53/0x6a
[<ffffffff8115f353>] sysfs_remove_link+0x21/0x23
[<ffffffff812b6c93>] device_rename+0x99/0xcb
[<ffffffff8138dbf0>] dev_change_name+0xd5/0x1d2
[<ffffffff8138deee>] dev_ifsioc+0x201/0x2ac
[<ffffffff8138e4ba>] dev_ioctl+0x521/0x632
[<ffffffff81379e43>] sock_do_ioctl+0x3d/0x47
[<ffffffff8137a254>] sock_ioctl+0x213/0x222
[<ffffffff81114614>] vfs_ioctl+0x32/0xa6
[<ffffffff81114b94>] do_vfs_ioctl+0x490/0x4d6
[<ffffffff81114c30>] sys_ioctl+0x56/0x79
[<ffffffff81009b42>] system_call_fastpath+0x16/0x1b
-> #1 (rtnl_mutex){+.+.+.}:
[<ffffffff81077bdb>] __lock_acquire+0xb73/0xd2b
[<ffffffff81077e60>] lock_acquire+0xcd/0xf1
[<ffffffff8142f343>] __mutex_lock_common+0x4b/0x383
[<ffffffff8142f73f>] mutex_lock_nested+0x3e/0x43
[<ffffffff813959f9>] rtnl_lock+0x17/0x19
[<ffffffff8138ccae>] register_netdevice_notifier+0x1e/0x19b
[<ffffffffa02580c1>] 0xffffffffa02580c1
[<ffffffff81002069>] do_one_initcall+0x5e/0x15e
[<ffffffff81084094>] sys_init_module+0xd8/0x23a
[<ffffffff81009b42>] system_call_fastpath+0x16/0x1b
-> #0 (fcoe_config_mutex){+.+.+.}:
[<ffffffff81077a85>] __lock_acquire+0xa1d/0xd2b
[<ffffffff81077e60>] lock_acquire+0xcd/0xf1
[<ffffffff8142f343>] __mutex_lock_common+0x4b/0x383
[<ffffffff8142f73f>] mutex_lock_nested+0x3e/0x43
[<ffffffffa02ba5fc>] fcoe_create+0x27/0x4f7 [fcoe]
[<ffffffff810635b1>] param_attr_store+0x27/0x35
[<ffffffff81063619>] module_attr_store+0x26/0x2a
[<ffffffff8115dae3>] sysfs_write_file+0x108/0x144
[<ffffffff81107bd1>] vfs_write+0xae/0x10b
[<ffffffff81107cee>] sys_write+0x4a/0x6e
[<ffffffff81009b42>] system_call_fastpath+0x16/0x1b
other info that might help us debug this:
3 locks held by fcoemon/18823:
#0: (&buffer->mutex){+.+.+.}, at: [<ffffffff8115da17>]
sysfs_write_file+0x3c/0x144
#1: (s_active){++++.+}, at: [<ffffffff8115ef86>]
sysfs_get_active_two+0x24/0x48
#2: (s_active){++++.+}, at: [<ffffffff8115ef93>]
sysfs_get_active_two+0x31/0x48
stack backtrace:
Pid: 18823, comm: fcoemon Tainted: G W 2.6.33.1linux-stable-2.6.33 #1
Call Trace:
[<ffffffff81076c38>] print_circular_bug+0xa8/0xb6
[<ffffffff81077a85>] __lock_acquire+0xa1d/0xd2b
[<ffffffffa02ba5fc>] ? fcoe_create+0x27/0x4f7 [fcoe]
[<ffffffff81077e60>] lock_acquire+0xcd/0xf1
[<ffffffffa02ba5fc>] ? fcoe_create+0x27/0x4f7 [fcoe]
[<ffffffffa02ba5fc>] ? fcoe_create+0x27/0x4f7 [fcoe]
[<ffffffff8142f343>] __mutex_lock_common+0x4b/0x383
[<ffffffffa02ba5fc>] ? fcoe_create+0x27/0x4f7 [fcoe]
[<ffffffff8106ac70>] ? cpu_clock+0x43/0x5e
[<ffffffff81074e12>] ? lockstat_clock+0x11/0x13
[<ffffffff81074e40>] ? lock_release_holdtime+0x2c/0x127
[<ffffffff8115ef93>] ? sysfs_get_active_two+0x31/0x48
[<ffffffff8142f73f>] mutex_lock_nested+0x3e/0x43
[<ffffffffa02ba5fc>] fcoe_create+0x27/0x4f7 [fcoe]
[<ffffffff810635b1>] param_attr_store+0x27/0x35
[<ffffffff81063619>] module_attr_store+0x26/0x2a
[<ffffffff8115dae3>] sysfs_write_file+0x108/0x144
[<ffffffff81107bd1>] vfs_write+0xae/0x10b
[<ffffffff81076596>] ? trace_hardirqs_on_caller+0x125/0x150
[<ffffffff81107cee>] sys_write+0x4a/0x6e
[<ffffffff81009b42>] system_call_fastpath+0x16/0x1b
Signed-off-by: Vasu Dev <vasu.dev@intel.com>
Signed-off-by: Robert Love <robert.w.love@intel.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
This patch creates a port_id member in struct fc_lport.
This allows libfc to just deal with fc_lport instances
instead of calling into the fc_host to get the port_id.
This change helps in only using symbols necessary for
operation from the libfc structures. libfc still needs
to change the fc_host_port_id() if the port_id changes
so the presentation layer (scsi_transport_fc) can provide
the user with the correct value, but libfc shouldn't
rely on the presentation layer for operational values.
Signed-off-by: Robert Love <robert.w.love@intel.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
It doesn't make sense to update the link speed in the is_link_ok()
routine. Move it to it's own routine and acquire the device speed
when we're configuring the device initially as well as if there are
any netdev events received.
Signed-off-by: Robert Love <robert.w.love@intel.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
The fcf pointer is checked again after this verification
making the first check redundant. Remote the first check.
Signed-off-by: Robert Love <robert.w.love@intel.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
fcoe_create exits using out_nodev label when module is not
yet LIVE but this exit path unlocks the rtnl_lock though
rtnl lock was not held in this case.
So this patch replaces out_nodev with out_nomod to exit
w/o unlocking rtnl_lock.
Signed-off-by: Vasu Dev <vasu.dev@intel.com>
Signed-off-by: Robert Love <robert.w.love@intel.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
After the recent patch "fixes unnecessary seq id jump"
the SCST module fcst stopped working because multi-sequence
write data wasn't finding the sequence after the first frame.
Add back the setting of the seq_id when the first frame arrives.
Also fix indentation on two lines.
Signed-off-by: Joe Eykholt <jeykholt@cisco.com>
Signed-off-by: Robert Love <robert.w.love@intel.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
1) Allow transition to NEED RESET state only from READY state for ISP82xx.
2) Avoid infinite ISP aborts when chip reset fails.
3) Code cleanup to remove some of the unused debug code.
Signed-off-by: Lalit Chandivade <lalit.chandivade@qlogic.com>
Signed-off-by: Santosh Vernekar <santosh.vernekar@qlogic.com>
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
The problem occurring is a hw-race where there's an outstanding read-flash
operation occurring while the chip is being reset (done via an sg_reset script).
After the chip is paused, the read-flash operation never completes and the
DPC thread, while trying to complete the reset, is never able to recover,
as the HW appears to be hung...
The fix is to wait for outstanding flash operation prior to doing a sg_reset -h.
And to wait for reset to complete before any flash operations.
Note, during the wait, if any of the operation (reset/flash) does not complete,
failure is returned to the upper layer. The upper layer either need to
fail or retry.
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
The qla2xxx driver uses a port_id_t to mark the start of its enumerations. gcc
is complaining that wrap.b24 may be used uninitialized, but this doesn't look
to be possible. Silence it.
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Currently we can only issue the task management (TM)
commands via the mailbox mechanism. This is a limitation,
since only one mailbox command can be issued at a time.
The purpose of this effort is to provide support for
issuing and processing the respose to TM and Marker
IOCBs asynchronously. Towards achieving this, the
consolidated srb architecture that is currently used for
BSG and IOCB/Logio commands has been enhanced and used.
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Currently, BSG and IOCB/Logio commands have a different
framework (srb structs). The purpose of this effort is to
consolidate them into a generalized framework for these
as well as other asynchronous operations in the future.
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Migrate to a consistent set of debug entries during status-IOCB
handling:
* group CS_TIMEOUT handling with CS_PORT_UNAVAILABLE and the like
(more regrouping of common behaviour).
* drop CS_DATA_OVERRUN handling as it now falls into the
'default' case (still returns DID_ERROR).
* consolidate CS_RESET and CS_ABORTED handling, as we the only
functional difference was a printk() (still returns DID_RESET).
* dropped all the earlier inconsistent [qla_]printk()s sprinkled
throught the needlessly large case-statement. Failure case
I/Os are now logged with a 'standard' format:
<command failure details>
<command generic details>
so, for example a dropped-frame is logged as:
qla2xxx 0000:13:00.0: scsi(16:0:0) Dropped frame(s) detected (4000 of 4000 bytes).
qla2xxx 0000:13:00.0: scsi(16:0:0) FCP command status: 0x15-0x18 (70018) \
oxid=78 ser=76 cdb=280000 len=4000 rsp_info=0 resid=0 fw_resid=4000
which should now convey all relevant information.
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
The driver should not be unloaded if any application is using it.
To disallow driver unload, driver use count must be incremented.
Application uses this char device as handle and increases driver
use count to avoid possible driver unload.
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Currently error status is cleared only after the uncorrectable fatal errors
in the qla2xxx_pci_slot_reset. This fix is added to clear the error status in
qla2xxx_pci_resume. This way for both fatal and non-fatal errors the error
status gets cleared properly.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=572258
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
With qla2xxx using mid-layer async-scsi-scanning, the link state for
disconnected port is displayed wrong. Additional check for cable presence
is considered to display proper link state.
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
commit 70b25f890c
Author: Tejun Heo <tj@kernel.org>
Date: Thu Apr 15 09:00:08 2010 +0900
[SCSI] fix locking around blk_abort_request()
Introduced a reference before check problem, fix this by moving the
lock shorthand code to be right at the point of actual use.
Reported-by: Dan Carpenter <error27@gmail.com>
Acked-by: Tejun Heo <tj@kernel.org>
Cc: Stable Tree <stable@kernel.org>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6:
rtnetlink: make SR-IOV VF interface symmetric
sctp: delete active ICMP proto unreachable timer when free transport
tcp: fix MD5 (RFC2385) support
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
MIPS: Oprofile: Fix Loongson irq handler
MIPS: N32: Use compat version for sys_ppoll.
MIPS FPU emulator: allow Cause bits of FCSR to be writeable by ctc1
Now we have a set of nested attributes:
IFLA_VFINFO_LIST (NESTED)
IFLA_VF_INFO (NESTED)
IFLA_VF_MAC
IFLA_VF_VLAN
IFLA_VF_TX_RATE
This allows a single set to operate on multiple attributes if desired.
Among other things, it means a dump can be replayed to set state.
The current interface has yet to be released, so this seems like
something to consider for 2.6.34.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
transport may be free before ICMP proto unreachable timer expire, so
we should delete active ICMP proto unreachable timer when transport
is going away.
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Acked-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
TCP MD5 support uses percpu data for temporary storage. It currently
disables preemption so that same storage cannot be reclaimed by another
thread on same cpu.
We also have to make sure a softirq handler wont try to use also same
context. Various bug reports demonstrated corruptions.
Fix is to disable preemption and BH.
Reported-by: Bhaskar Dutta <bhaskie@gmail.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The interrupt enable bit for the performance counters is in the Control
Register $24, not in the counter register.
loongson2_perfcount_handler(), we need to use
Reported-by: Xu Hengyang <hengyang@mail.ustc.edu.cn>
Signed-off-by: Wu Zhangjin <wuzhangjin@gmail.com>
Cc: linux-mips@linux-mips.org
Patchwork: http://patchwork.linux-mips.org/patch/1198/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
---
The sys_ppoll() takes struct 'struct timespec'. This is different for the
N32 and N64 ABIs. Use the compat version to do the proper conversions.
Signed-off-by: David Daney <ddaney@caviumnetworks.com>
To: linux-mips@linux-mips.org
Patchwork: http://patchwork.linux-mips.org/patch/1210/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
---
In the FPU emulator code of the MIPS, the Cause bits of the FCSR register
are not currently writeable by the ctc1 instruction. In odd corner cases,
this can cause problems. For example, a case existed where a divide-by-zero
exception was generated by the FPU, and the signal handler attempted to
restore the FPU registers to their state before the exception occurred. In
this particular setup, writing the old value to the FCSR register would
cause another divide-by-zero exception to occur immediately. The solution
is to change the ctc1 instruction emulator code to allow the Cause bits of
the FCSR register to be writeable. This is the behaviour of the hardware
that the code is emulating.
This problem was found by Shane McDonald, but the credit for the fix goes
to Kevin Kissell. In Kevin's words:
I submit that the bug is indeed in that ctc_op: case of the emulator. The
Cause bits (17:12) are supposed to be writable by that instruction, but the
CTC1 emulation won't let them be updated by the instruction. I think that
actually if you just completely removed lines 387-388 [...] things would
work a good deal better. At least, it would be a more accurate emulation of
the architecturally defined FPU. If I wanted to be really, really pedantic
(which I sometimes do), I'd also protect the reserved bits that aren't
necessarily writable.
Signed-off-by: Shane McDonald <mcdonald.shane@gmail.com>
To: anemo@mba.ocn.ne.jp
To: kevink@paralogos.com
To: sshtylyov@mvista.com
Patchwork: http://patchwork.linux-mips.org/patch/1205/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
---
As we were using an internal dma flushing routine, this patch changes to
the DMA API flush_kernel_dcache_page(). Driver is able to compile now.
[akpm@linux-foundation.org: flush_kernel_dcache_page() comes before kunmap_atomic()]
Signed-off-by: Nicolas Ferre <nicolas.ferre@atmel.com>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:
JFS: Free sbi memory in error path
fs/sysv: dereferencing ERR_PTR()
Fix double-free in logfs
Fix the regression created by "set S_DEAD on unlink()..." commit
* 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
perf record: Add a fallback to the reference relocation symbol
I spotted the missing kfree() while removing the BKL.
[akpm@linux-foundation.org: avoid multiple returns so it doesn't happen again]
Signed-off-by: Jan Blunck <jblunck@suse.de>
Cc: Dave Kleikamp <shaggy@austin.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
I moved the dir_put_page() inside the if condition so we don't dereference
"page", if it's an ERR_PTR().
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
1) i_flags simply doesn't work for mount/unlink race prevention;
we may have many links to file and rm on one of those obviously
shouldn't prevent bind on top of another later on. To fix it
right way we need to mark _dentry_ as unsuitable for mounting
upon; new flag (DCACHE_CANT_MOUNT) is protected by d_flags and
i_mutex on the inode in question. Set it (with dont_mount(dentry))
in unlink/rmdir/etc., check (with cant_mount(dentry)) in places
in namespace.c that used to check for S_DEAD. Setting S_DEAD
is still needed in places where we used to set it (for directories
getting killed), since we rely on it for readdir/rmdir race
prevention.
2) rename()/mount() protection has another bogosity - we unhash
the target before we'd checked that it's not a mountpoint. Fixed.
3) ancient bogosity in pivot_root() - we locked i_mutex on the
right directory, but checked S_DEAD on the different (and wrong)
one. Noticed and fixed.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* master.kernel.org:/home/rmk/linux-2.6-arm:
ARM: 6126/1: ARM mpcore_wdt: fix build failure and other fixes
ARM: 6125/1: ARM TWD: move TWD registers to common header
ARM: 6110/1: Fix Thumb-2 kernel builds when UACCESS_WITH_MEMCPY is enabled
ARM: 6112/1: Use the Inner Shareable I-cache and BTB ops on ARMv7 SMP
ARM: 6111/1: Implement read/write for ownership in the ARMv6 DMA cache ops
ARM: 6106/1: Implement copy_to_user_page() for noMMU
ARM: 6105/1: Fix the __arm_ioremap_caller() definition in nommu.c
