Commit Graph

119569 Commits

Author SHA1 Message Date
Jean-Francois Moine
98522a7be9 V4L/DVB (9689): gspca: Memory leak when disconnect while streaming.
As a side effect, the sd routine stop0 is called on disconnect.
This permits the subdriver to free its resources.

Signed-off-by: Jean-Francois Moine <moinejf@free.fr>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2008-11-24 12:01:07 -02:00
Paul Mackerras
3f9b5d4dda Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/jk/spufs into merge 2008-11-24 11:54:08 +11:00
Paul Mackerras
be542fa56b Merge branch 'merge' of ssh://master.kernel.org/pub/scm/linux/kernel/git/jwboyer/powerpc-4xx into merge 2008-11-24 11:53:58 +11:00
Paul Mackerras
11bac8a026 Merge branch 'merge' of git://git.secretlab.ca/git/linux-2.6-mpc52xx into merge 2008-11-24 11:53:44 +11:00
Pekka Paalanen
fb91ee6cf5 tracing, doc: update mmiotrace documentation
Impact: update documentation

Update to reflect the current state of the tracing framework:

 - "none" tracer has been replaced by "nop" tracer
 - tracing_enabled must be toggled when changing buffer size

Signed-off-by: Pekka Paalanen <pq@iki.fi>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-11-23 20:33:24 +01:00
Pekka Paalanen
7ee1768ddb x86, mmiotrace: fix buffer overrun detection
Impact: fix mmiotrace overrun tracing

When ftrace framework moved to use the ring buffer facility, the buffer
overrun detection was broken after 2.6.27 by commit

| commit 3928a8a2d9
| Author: Steven Rostedt <rostedt@goodmis.org>
| Date:   Mon Sep 29 23:02:41 2008 -0400
|
|     ftrace: make work with new ring buffer
|
|     This patch ports ftrace over to the new ring buffer.

The detection is now fixed by using the ring buffer API.

When mmiotrace detects a buffer overrun, it will report the number of
lost events. People reading an mmiotrace log must know if something was
missed, otherwise the data may not make sense.

Signed-off-by: Pekka Paalanen <pq@iki.fi>
Acked-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-11-23 20:33:23 +01:00
Jaya Kumar
47fd6f7c94 [ARM] 5335/1: pxa25x_udc: Fix is_vbus_present to return 1 or 0
the use of is_blah() suggests a 1 or 0 return. This assumption is made in
pxa25x_udc code such as:
	dev->vbus = is_vbus_present();
where dev->vbus is a bitfield. This fix allows pxa25x_udc_probe to correctly
detect vbus. Other changes were to make its use consistent in the rest of
the code.

Signed-off-by: Jaya Kumar <jayakumar.lkml@gmail.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2008-11-23 15:49:59 +00:00
Ian Campbell
86bbc2c235 xen: pin correct PGD on suspend
Impact: fix Xen guest boot failure

commit eefb47f6a1 ("xen: use
spin_lock_nest_lock when pinning a pagetable") changed xen_pgd_walk to
walk over mm->pgd rather than taking pgd as an argument.

This breaks xen_mm_(un)pin_all() because it makes init_mm.pgd readonly
instead of the pgd we are interested in and therefore the pin subsequently
fails.

(XEN) mm.c:2280:d15 Bad type (saw 00000000e8000001 != exp 0000000060000000) for mfn bc464 (pfn 21ca7)
(XEN) mm.c:2665:d15 Error while pinning mfn bc464

[   14.586913] 1 multicall(s) failed: cpu 0
[   14.586926] Pid: 14, comm: kstop/0 Not tainted 2.6.28-rc5-x86_32p-xenU-00172-gee2f6cc #200
[   14.586940] Call Trace:
[   14.586955]  [<c030c17a>] ? printk+0x18/0x1e
[   14.586972]  [<c0103df3>] xen_mc_flush+0x163/0x1d0
[   14.586986]  [<c0104bc1>] __xen_pgd_pin+0xa1/0x110
[   14.587000]  [<c015a330>] ? stop_cpu+0x0/0xf0
[   14.587015]  [<c0104d7b>] xen_mm_pin_all+0x4b/0x70
[   14.587029]  [<c022bcb9>] xen_suspend+0x39/0xe0
[   14.587042]  [<c015a330>] ? stop_cpu+0x0/0xf0
[   14.587054]  [<c015a3cd>] stop_cpu+0x9d/0xf0
[   14.587067]  [<c01417cd>] run_workqueue+0x8d/0x150
[   14.587080]  [<c030e4b3>] ? _spin_unlock_irqrestore+0x23/0x40
[   14.587094]  [<c014558a>] ? prepare_to_wait+0x3a/0x70
[   14.587107]  [<c0141918>] worker_thread+0x88/0xf0
[   14.587120]  [<c01453c0>] ? autoremove_wake_function+0x0/0x50
[   14.587133]  [<c0141890>] ? worker_thread+0x0/0xf0
[   14.587146]  [<c014509c>] kthread+0x3c/0x70
[   14.587157]  [<c0145060>] ? kthread+0x0/0x70
[   14.587170]  [<c0109d1b>] kernel_thread_helper+0x7/0x10
[   14.587181]   call  1/3: op=14 arg=[c0415000] result=0
[   14.587192]   call  2/3: op=14 arg=[e1ca2000] result=0
[   14.587204]   call  3/3: op=26 arg=[c1808860] result=-22

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-11-23 13:32:24 +01:00
Ingo Molnar
3d994e1076 Merge branch 'oprofile-for-tip' of git://git.kernel.org/pub/scm/linux/kernel/git/rric/oprofile into x86/urgent 2008-11-23 12:16:57 +01:00
Jiri Slaby
fde5be353e HID: remove setup mutex, fix possible deadlock
It causes recursive locking warning and is unneeded after
introduction of STARTED flag.

* Resume vs. stop is effectively solved by DISCONNECT flag.
* No problem in suspend vs. start -- urb is submitted even after open
  which is possible after connect which is called after start.
* Resume vs. start solved by STARTED flag.
* Suspend vs. stop -- no problem in killing urb and timer twice.

Reported-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2008-11-23 12:03:20 +01:00
Thomas Gleixner
a1967d6441 x86: revert irq number limitation
Impact: fix MSIx not enough irq numbers available regression

The manual revert of the sparse_irq patches missed to bring the number
of possible irqs back to the .27 status. This resulted in a regression
when two multichannel network cards were placed in a system with only
one IO_APIC - causing the networking driver to not have the right
IRQ and the device not coming up.

Remove the dynamic allocation logic leftovers and simply return
NR_IRQS in probe_nr_irqs() for now.

   Fixes: http://lkml.org/lkml/2008/11/19/354

Reported-by: Jesper Dangaard Brouer <hawk@diku.dk>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Jesper Dangaard Brouer <hawk@diku.dk>
Acked-by: Yinghai Lu <yinghai@kernel.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-11-23 11:59:52 +01:00
Randy Dunlap
2ed1cdcf9a irq.h: fix missing/extra kernel-doc
Impact: fix kernel-doc build

Fix missing & excess irq.h kernel-doc:

Warning(include/linux/irq.h:182): No description found for parameter 'irq'
Warning(include/linux/irq.h:182): Excess struct/union/enum/typedef member 'affinity_entry' description in 'irq_desc'

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-11-23 10:52:45 +01:00
Ingo Molnar
9f14416442 Merge commit 'v2.6.28-rc6' into irq/urgent 2008-11-23 10:52:33 +01:00
Robert Jarzmik
844c6f6a36 [ARM] pxa/MioA701: bluetooth resume fix
The G3IPL expects the value at RAM address 0xa020b020 to be
exactly 1 to setup the bluetooth GPIOs properly. The actual
code got a value from gpio_get_value() which was not 1, but
a "not equal to 0" integer.

Signed-off-by: Robert Jarzmik <robert.jarzmik@free.fr>
Acked-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Eric Miao <eric.miao@marvell.com>
2008-11-22 20:57:21 +08:00
Robert Jarzmik
999f633878 [ARM] pxa/MioA701: fix memory corruption.
In the resume bootstrap, the early disable address is wrong.
Fix it to RAM address 0xa020b000 instead of 0xa0200000, and
make it consistent with RESUME_ENABLE_ADDR in mioa701.c.

Signed-off-by: Robert Jarzmik <robert.jarzmik@free.fr>
Acked-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Eric Miao <eric.miao@marvell.com>
2008-11-22 20:57:21 +08:00
Ingo Molnar
57550b27ff Merge commit 'v2.6.28-rc6' into x86/urgent 2008-11-21 20:55:09 +01:00
Li Zefan
b0788caf7a lockdep: consistent alignement for lockdep info
Impact: prettify /proc/lockdep_info

Just feel odd that not all lines of lockdep info are aligned.

Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-11-21 08:59:40 +01:00
Liming Wang
522a110b42 function tracing: fix wrong position computing of stack_trace
Impact: make output of stack_trace complete if buffer overruns

When read buffer overruns, the output of stack_trace isn't complete.

When printing records with seq_printf in t_show, if the read buffer
has overruned by the current record, then this record won't be
printed to user space through read buffer, it will just be dropped in
this printing.

When next printing, t_start should return the "*pos"th record, which
is the one dropped by previous printing, but it just returns
(m->private + *pos)th record.

Here we use a more sane method to implement seq_operations which can
be found in kernel code. Thus we needn't initialize m->private.

About testing, it's not easy to overrun read buffer, but we can use
seq_printf to print more padding bytes in t_show, then it's easy to
check whether or not records are lost.

This commit has been tested on both condition of overrun and non
overrun.

Signed-off-by: Liming Wang <liming.wang@windriver.com>
Acked-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-11-21 08:49:52 +01:00
Takashi Iwai
c879c634c9 Merge branches 'topic/fix/hda' and 'topic/fix/sound-core' into for-linus 2008-11-21 08:39:36 +01:00
Takashi Iwai
b0fc5e0434 ALSA: hda - Add a quirk for Dell Studio 15
Added the matching model=dell-m6 for Dell Studio 15 laptop.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-11-21 08:37:03 +01:00
Matthew Ranostay
3a7abfd2ba ALSA: hda: Add STAC_DELL_M4_3 quirk
Added STAC_DELL_M4_3 quirk for Dell systems, also reorganized the
board config switch to assign number of digital muxes, microphones,
and SPDIF muxes via the PCI quirk defined.

Signed-off-by: Matthew Ranostay <mranostay@embeddedalley.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-11-21 08:17:00 +01:00
Hannes Eder
a39c4ad108 sound/sound_core: Fix sparse warnings
Fix the following sparse warnings:

sound/sound_core.c:460:2: warning: returning void-valued expression
sound/sound_core.c:477:2: warning: returning void-valued expression
sound/sound_core.c:510:5: warning: symbol 'soundcore_open' was not
declared. Should it be static?

Signed-off-by: Hannes Eder <hannes@hanneseder.net>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-11-21 08:13:15 +01:00
Linus Torvalds
ed313489ba Merge master.kernel.org:/home/rmk/linux-2.6-arm
* master.kernel.org:/home/rmk/linux-2.6-arm:
  [ARM] 5330/1: mach-pxa: Fixup reset for systems using reboot=cold or other strings
  [ARM] pxa: fix incorrect PCMCIA PSKTSEL pin configuration for spitz
  [ARM] pxa: fix I2C controller device being registered twice on Akita
  pxafb: only initialize the smart panel thread when dealing with a smartpanel
  pxafb: introduce LCD_TYPE_MASK and use it.
2008-11-20 18:08:09 -08:00
Linus Torvalds
13d428afc0 Linux 2.6.28-rc6 2008-11-20 15:19:22 -08:00
Jeremy Kerr
606572634c powerpc/spufs: Fix spinning in spufs_ps_fault on signal
Currently, we can end up in an infinite loop if we get a signal
while the kernel has faulted in spufs_ps_fault. Eg:

 alarm(1);

 write(fd, some_spu_psmap_register_address, 4);

- the write's copy_from_user will fault on the ps mapping, and
signal_pending will be non-zero. Because returning from the fault
handler will never clear TIF_SIGPENDING, so we'll just keep faulting,
resulting in an unkillable process using 100% of CPU.

This change returns VM_FAULT_SIGBUS if there's a fatal signal pending,
letting us escape the loop.

Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
2008-11-21 10:14:16 +11:00
Linus Torvalds
906430a99e Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6:
  [IA64] xen: fix xen_get_eflags.
  [IA64] ia64/pv_ops/pv_cpu_ops: fix _IA64_REG_IP case.
  [IA64] remove duplicate include iommu.h
  [IA64] use mprintk instead of printk, in ia64_mca_modify_original_stack
  [IA64] Rationalize kernel mode alignment checking
2008-11-20 15:07:40 -08:00
Linus Torvalds
ba721d318b Merge git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6:
  USB: ACE1001 patch for cp2101.c
  USB: usbmon: fix read(2)
  USB: gadget rndis: send notifications
  USB: gadget rndis: stop windows self-immolation
  USB: storage: update unusual_devs entries for Nokia 5300 and 5310
  USB: storage: updates unusual_devs entry for the Nokia 6300
  usb: musb: fix bug in musb_schedule
  USB: fix SB700 usb subsystem hang bug
2008-11-20 13:53:21 -08:00
Isaku Yamahata
0090d481ee [IA64] xen: fix xen_get_eflags.
fix xen_get_eflags. It doesn't take any argument.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-11-20 13:43:01 -08:00
Isaku Yamahata
93fe10b670 [IA64] ia64/pv_ops/pv_cpu_ops: fix _IA64_REG_IP case.
pv_cpu_ops.getreg(_IA64_REG_IP) returned constant.
But the returned ip valued should be the one in the caller, not of the callee.
This patch fixes that.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-11-20 13:41:20 -08:00
Huang Weiyi
d596410776 [IA64] remove duplicate include iommu.h
arch/ia64/kernel/pci-dma.c only needs to include iommu once.

Signed-off-by: Huang Weiyi <weiyi.huang@gmail.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-11-20 13:38:16 -08:00
Hidetoshi Seto
ef23cdbefc [IA64] use mprintk instead of printk, in ia64_mca_modify_original_stack
Using printk from MCA/INIT context is unsafe since it can cause deadlock.
The ia64_mca_modify_original_stack is called from both of mca handler and
init handler, so it should use mprintk instead of printk.

Signed-off-by: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-11-20 13:31:10 -08:00
Tony Luck
b704882e70 [IA64] Rationalize kernel mode alignment checking
Itanium processors can handle some misaligned data accesses. They
also provide a mode where all such accesses are forced to trap. The
kernel was schizophrenic about use of this mode:

* Base kernel code ran in permissive mode where the only traps
  generated were from those cases that the h/w could not handle.
* Interrupt, syscall and trap code ran in strict mode where all
  unaligned accesses caused traps to the 0x5a00 unaligned reference
  vector.

Use strict alignment checking throughout the kernel, but make
sure that we continue to let user mode use more relaxed mode
as the default.

Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-11-20 13:27:12 -08:00
Matthew Wilcox
0ca4b6b001 x86: Fix interrupt leak due to migration
When we migrate an interrupt from one CPU to another, we set the
move_in_progress flag and clean up the vectors later once they're not
being used.  If you're unlucky and call destroy_irq() before the vectors
become un-used, the move_in_progress flag is never cleared, which causes
the interrupt to become unusable.

This was discovered by Jesse Brandeburg for whom it manifested as an
MSI-X device refusing to use MSI-X mode when the driver was unloaded
and reloaded repeatedly.

Signed-off-by: Matthew Wilcox <willy@linux.intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-11-20 13:17:40 -08:00
Trond Myklebust
23918b0306 SUNRPC: Fix a performance regression in the RPC authentication code
Fix a regression reported by Max Kellermann whereby kernel profiling
showed that his clients were spending 45% of their time in
rpcauth_lookup_credcache.

It turns out that although his processes had identical uid/gid/groups,
generic_match() was failing to detect this, because the task->group_info
pointers were not shared. This again lead to the creation of a huge number
of identical credentials at the RPC layer.

The regression is fixed by comparing the contents of task->group_info
if the actual pointers are not identical.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-11-20 13:17:40 -08:00
Linus Torvalds
0cb39aa0ac Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6:
  [CIFS] Do not attempt to close invalidated file handles
  [CIFS] fix check for dead tcon in smb_init
2008-11-20 13:14:16 -08:00
Linus Torvalds
c93fc2873e Merge branch 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
  MIPS: csrc-r4k: Fix declaration depending on the wrong CONFIG_ symbol.
  MIPS: csrc-r4k: Fix spelling mistake.
  MIPS: RB532: Provide functions for gpio configuration
  MIPS: IP22: Make indy_sc_ops variable static
  MIPS: RB532: GPIO register offsets are relative to GPIOBASE
  MIPS: Malta: Fix include paths in malta-amon.c
2008-11-20 13:13:48 -08:00
Linus Torvalds
e3b4ae79e9 Merge branch 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
* 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  intel-iommu: fix compile warnings
2008-11-20 13:13:03 -08:00
Linus Torvalds
4dd61d92d7 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (23 commits)
  net: fix tiny output corruption of /proc/net/snmp6
  atl2: don't request irq on resume if netif running
  ipv6: use seq_release_private for ip6mr.c /proc entries
  pkt_sched: fix missing check for packet overrun in qdisc_dump_stab()
  smc911x: Fix printf format typo in smc911x driver.
  asix: Fix asix-based cards connecting to 10/100Mbs LAN.
  mv643xx_eth: fix recycle check bound
  mv643xx_eth: fix the order of mdiobus_{unregister, free}() calls
  sh: sh_eth: Update to change of mii_bus
  TPROXY: supply a struct flowi->flags argument in inet_sk_rebuild_header()
  TPROXY: fill struct flowi->flags in udp_sendmsg()
  net: ipg.c fix bracing on endian swapping
  phylib: Fix auto-negotiation restart avoidance
  net: jme.c rxdesc.flags is __le16, other missing endian swaps
  phylib: fix phy name example in documentation
  net: Do not fire linkwatch events until the device is registered.
  phonet: fix compilation with gcc-3.4
  ixgbe: fix compilation with gcc-3.4
  pktgen: fix multiple queue warning
  net: fix ip_mr_init() error path
  ...
2008-11-20 13:12:14 -08:00
Linus Torvalds
95763dd52b Merge branch 'tracing-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
* 'tracing-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  ftrace: fix dyn ftrace filter selection
  ftrace: make filtered functions effective on setting
  ftrace: fix set_ftrace_filter
  trace: introduce missing mutex_unlock()
  tracing: kernel/trace/trace.c: introduce missing kfree()
2008-11-20 13:11:21 -08:00
Linus Torvalds
0260da162f Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
* 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
  x86: uaccess_64: fix return value in __copy_from_user()
  x86: quirk for reboot stalls on a Dell Optiplex 330
2008-11-20 13:09:32 -08:00
Helge Deller
ed79b86d8a parisc: fix bug in compat_arch_ptrace
Commit 81e192d6ce ("parisc: convert to
generic compat_sys_ptrace") introduced a bug which segfaults the parisc
64bit kernel when stracing 32bit applications:

  Kernel Fault: Code=15 regs=00000000bafa42b0 (Addr=00000001baf5ab57)
       YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI
  PSW: 00001000000001101111111100001011 Tainted: G        W
  r00-03  000000ff0806ff0b 000000004068edc0 00000000401203f8 00000000fb3e2508
  r04-07  0000000040686dc0 00000000baf5a800 fffffffffffffffc fffffffffb3e2508
  r08-11  00000000baf5a800 000000000004b068 00000000000402b0 0000000000040d68
  r12-15  0000000000042a9c 0000000000040a9c 0000000000040d60 0000000000042e9c
  r16-19  000000000004b060 000000000004b058 0000000000042d9c ffffffffffffffff
  r20-23  000000000800000b 0000000000000000 000000000800000b fffffffffb3e2508
  r24-27  00000000fffffffc 0000000000000003 00000000fffffffc 0000000040686dc0
  r28-31  00000001baf5a7ff 00000000bafa4280 00000000bafa42b0 00000000000001d7
  sr00-03  0000000000fca000 0000000000000000 0000000000000000 0000000000fca000
  sr04-07  0000000000000000 0000000000000000 0000000000000000 0000000000000000

  IASQ: 0000000000000000 0000000000000000 IAOQ: 0000000040120400 0000000040120404
   IIR: 4b9a06b0    ISR: 0000000000000000  IOR: 00000001baf5ab57
   CPU:        0   CR30: 00000000bafa4000 CR31: 00000000d22344e0
   ORIG_R28: 00000000fb3e2248
   IAOQ[0]: compat_arch_ptrace+0xb8/0x160
   IAOQ[1]: compat_arch_ptrace+0xbc/0x160
   RP(r2): compat_arch_ptrace+0xb0/0x160
  Backtrace:
   [<00000000401612ac>] compat_sys_ptrace+0x15c/0x180
   [<0000000040104ef8>] syscall_exit+0x0/0x14

The problem is that compat_arch_ptrace() enters with an addr value of
type compat_ulong_t and calls translate_usr_offset() to translate the
address offset into a struct pt_regs offset like this:

	addr = translate_usr_offset(addr)

this means that any return value of translate_usr_offset() is stored
back as compat_ulong_t type into the addr variable.

But since translate_usr_offset() returns -1 for invalid offsets, addr
can now get the value 0xffffffff which then fails the next return-value
sanity check and thus the kernel tries to access invalid memory:

	if (addr < 0)
		break;

Fix this bug by modifying translate_usr_offset() to take and return
values of type compat_ulong_t, and by returning the value
"sizeof(struct pt_regs)" as an error indicator.

Additionally change the sanity check to check for return values
for >= sizeof(struct pt_regs).

This patch survived my compile and run-tests.

Signed-off-by: Helge Deller <deller@gmx.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-11-20 13:09:17 -08:00
Steve French
ddb4cbfc53 [CIFS] Do not attempt to close invalidated file handles
If a connection with open file handles has gone down
and come back up and reconnected without reopening
the file handle yet, do not attempt to send an SMB close
request for this handle in cifs_close.  We were
checking for the connection being invalid in cifs_close
but since the connection may have been reconnected
we also need to check whether the file handle
was marked invalid (otherwise we could close the
wrong file handle by accident).

Acked-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-11-20 20:14:13 +00:00
Mauro Carvalho Chehab
818a557eeb V4L/DVB (9668): em28xx: fix a race condition with hald
Newer versions of hald tries to open it to call QUERYCAP.

Due to the lack of a proper locking, it is possible to open the device
before it finishes initialization.

This patch adds a lock to avoid this risk, and to protect the list of
em28xx devices.

While here, remove the uneeded BKL lock.

Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2008-11-20 18:12:02 -02:00
Jose Alberto Reguero
cce257109f V4L/DVB (9664): af9015: don't reconnect device in USB-bus
Don't reconnect device in the USB-bus. Reconnect command was not
executed every time by device firmware and that causes harm.
Reconnection is not needed so remove it.

Signed-off-by: Jose Alberto Reguero <jareguero@telefonica.net>
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2008-11-20 18:07:31 -02:00
Ralf Baechle
a24e849c01 MIPS: csrc-r4k: Fix declaration depending on the wrong CONFIG_ symbol.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2008-11-20 19:42:33 +00:00
Ralf Baechle
664c4bbb73 MIPS: csrc-r4k: Fix spelling mistake.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2008-11-20 19:42:33 +00:00
Phil Sutter
2e373952cc MIPS: RB532: Provide functions for gpio configuration
As gpiolib doesn't support pin multiplexing, it provides no way to
access the GPIOFUNC register. Also there is no support for setting
interrupt status and level. These functions provide access to them and
are needed by the CompactFlash driver.

Signed-off-by: Phil Sutter <n0-1@freewrt.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2008-11-20 19:42:33 +00:00
Dmitri Vorobiev
f43909dfb3 MIPS: IP22: Make indy_sc_ops variable static
The indy_sc_ops variable in arch/mips/mm/sc-ip22.c is needlessly defined
global, and this patch makes it static.

Signed-off-by: Dmitri Vorobiev <dmitri.vorobiev@movial.fi>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
---
2008-11-20 19:42:33 +00:00
Florian Fainelli
1b432840d0 MIPS: RB532: GPIO register offsets are relative to GPIOBASE
This patch fixes the wrong use of GPIO register offsets
in devices.c. To avoid further problems, use gpio_get_value
to return the NAND status instead of our own expanded code.

Also define the zero offset of the alternate function register to allow
consistent access.

Signed-off-by: Florian Fainelli <florian@openwrt.org>
Signed-off-by: Phil Sutter <n0-1@freewrt.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2008-11-20 19:42:32 +00:00
David Daney
9e86786a4b MIPS: Malta: Fix include paths in malta-amon.c
On linux-queue, malta doesn't build after the include file relocation.
This should fix it.

There some occurrences of 'asm-mips' in the comments of quite a few
files, but this is the only place I found it in any code.

Signed-off-by: David Daney <ddaney@avtrex.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2008-11-20 19:42:32 +00:00