Commit Graph

180140 Commits

Author SHA1 Message Date
Martin Schwidefsky
0b4d78903b [S390] use set_current_state in sigsuspend
Use set_current_state instead of a direct assignment to set the
task state of the current process.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2010-01-27 10:12:49 +01:00
Heiko Carstens
428aecf67c [S390] irqflags: add missing types.h include
Add missing types.h include. Otherwise would cause build breakages on
hw breakpoint support, because of undefined BITS_PER_LONG.
Also fix up the copyright line and remove the superfluous __KERNEL__
ifdef.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2010-01-27 10:12:49 +01:00
Stefan Haberland
294001a80c [S390] dasd: fix possible NULL pointer errors
Fix possible NULL pointer in DASD messages and correct discipline
checking.

Signed-off-by: Stefan Haberland <stefan.haberland@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2010-01-27 10:12:48 +01:00
Russ Anderson
da482474b8 x86, msr/cpuid: Pass the number of minors when unregistering MSR and CPUID drivers.
Pass the number of minors when unregistering MSR and CPUID drivers.

Reported-by: Dean Nelson <dnelson@redhat.com>
Signed-off-by: Dean Nelson <dnelson@redhat.com>
LKML-Reference: <20100127023722.GA22305@sgi.com>
Signed-off-by: Russ Anderson <rja@sgi.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2010-01-26 23:52:38 -08:00
Oleg Nesterov
48d5067417 lockdep: Fix check_usage_backwards() error message
Lockdep has found the real bug, but the output doesn't look right to me:

> =========================================================
> [ INFO: possible irq lock inversion dependency detected ]
> 2.6.33-rc5 #77
> ---------------------------------------------------------
> emacs/1609 just changed the state of lock:
>  (&(&tty->ctrl_lock)->rlock){+.....}, at: [<ffffffff8127c648>] tty_fasync+0xe8/0x190
> but this lock took another, HARDIRQ-unsafe lock in the past:
>  (&(&sighand->siglock)->rlock){-.....}

"HARDIRQ-unsafe" and "this lock took another" looks wrong, afaics.

>   ... key      at: [<ffffffff81c054a4>] __key.46539+0x0/0x8
>   ... acquired at:
>    [<ffffffff81089af6>] __lock_acquire+0x1056/0x15a0
>    [<ffffffff8108a0df>] lock_acquire+0x9f/0x120
>    [<ffffffff81423012>] _raw_spin_lock_irqsave+0x52/0x90
>    [<ffffffff8127c1be>] __proc_set_tty+0x3e/0x150
>    [<ffffffff8127e01d>] tty_open+0x51d/0x5e0

The stack-trace shows that this lock (ctrl_lock) was taken under
->siglock (which is hopefully irq-safe).

This is a clear typo in check_usage_backwards() where we tell the print a
fancy routine we're forwards.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
LKML-Reference: <20100126181641.GA10460@redhat.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2010-01-27 08:34:02 +01:00
Al Viro
12e9a45609 Fix failure exit in ipathfs
deactivate_locked_super() will be done by caller of fill_super, doing
it there as well is b0rken.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2010-01-26 22:22:27 -05:00
Al Viro
083c73c253 fix oops in fs/9p late mount failure
if 9P ->get_sb() fails late (at root inode or root dentry
allocation), we'll hit its ->kill_sb() with NULL ->s_root

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2010-01-26 22:22:27 -05:00
Al Viro
7e32b7bb73 fix leak in romfs_fill_super()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2010-01-26 22:22:26 -05:00
Al Viro
ef52c75e4b get rid of pointless checks after simple_pin_fs()
if we'd just got success from it, vfsmount won't be NULL

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2010-01-26 22:22:26 -05:00
Al Viro
5998649f77 Fix failure exits in bfs_fill_super()
double iput(), leaks...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2010-01-26 22:22:25 -05:00
Al Viro
217686e983 fix affs parse_options()
Error handling in that sucker got broken back in 2003.  If function
returns 0 on failure, it's not nice to add return -EINVAL into it.
Adding return 1 on other failure exits is also not a good thing (and
yes, original success exits with 1 and some of failure exits with 0
are still there; so's the original logics in callers).

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2010-01-26 22:22:25 -05:00
Al Viro
29333920a5 Fix remount races with symlink handling in affs
A couple of fields in affs_sb_info is used in follow_link() and
symlink() for handling AFFS "absolute" symlinks.  Need locking
against affs_remount() updates.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2010-01-26 22:22:24 -05:00
Al Viro
afc70ed05a Fix a leak in affs_fill_super()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2010-01-26 22:22:24 -05:00
Greg Kroah-Hartman
b04da8bfdf fnctl: f_modown should call write_lock_irqsave/restore
Commit 7036251180 exposed that f_modown()
should call write_lock_irqsave instead of just write_lock_irq so that
because a caller could have a spinlock held and it would not be good to
renable interrupts.

Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Al Viro <viro@ZenIV.linux.org.uk>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Tavis Ormandy <taviso@google.com>
Cc: stable <stable@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2010-01-26 17:25:38 -08:00
Mike Frysinger
0368897034 tracing/documentation: Cover new frame pointer semantics
Update the graph tracer examples to cover the new frame pointer semantics
(in terms of passing it along).  Move the HAVE_FUNCTION_GRAPH_FP_TEST docs
out of the Kconfig, into the right place, and expand on the details.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
LKML-Reference: <1264165967-18938-1-git-send-email-vapier@gentoo.org>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
2010-01-26 17:00:39 -05:00
Yang Hongyang
6993b1bb1e tracing/documentation: Fix a typo in ftrace.txt
'ftrace' is no longer the name of the function tracer, to activate
the function trace 'echo function > current_tracer' is to be used instead
of 'echo ftrace > current_tracer'. Update the documentation to reflect
the current implementation.

Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com>
LKML-Reference: <4B5D0BA8.20106@cn.fujitsu.com>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
2010-01-26 16:59:33 -05:00
Steven Rostedt
3c05d74827 ring-buffer: Check for end of page in iterator
If the iterator comes to an empty page for some reason, or if
the page is emptied by a consuming read. The iterator code currently
does not check if the iterator is pass the contents, and may
return a false entry.

This patch adds a check to the ring buffer iterator to test if the
current page has been completely read and sets the iterator to the
next page if necessary.

Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
2010-01-26 16:14:08 -05:00
Steven Rostedt
492a74f421 ring-buffer: Check if ring buffer iterator has stale data
Usually reads of the ring buffer is performed by a single task.
There are two types of reads from the ring buffer.

One is a consuming read which will consume the entry that was read
and the next read will be the entry that follows.

The other is an iterator that will let the user read the contents of
the ring buffer without modifying it. When an iterator is allocated,
writes to the ring buffer are disabled to protect the iterator.

The problem exists when consuming reads happen while an iterator is
allocated. Specifically, the kind of read that swaps out an entire
page (used by splice) and replaces it with a new read. If the iterator
is on the page that is swapped out, then the next read may read
from this swapped out page and return garbage.

This patch adds a check when reading the iterator to make sure that
the iterator contents are still valid. If a consuming read has taken
place, the iterator is reset.

Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
2010-01-26 16:09:30 -05:00
Stefan Richter
281e20323a firewire: core: fix use-after-free regression in FCP handler
Commit db5d247a "firewire: fix use of multiple AV/C devices, allow
multiple FCP listeners" introduced a regression into 2.6.33-rc3:
The core freed payloads of incoming requests to FCP_Request or
FCP_Response before a userspace driver accessed them.

We need to copy such payloads for each registered userspace client
and free the copies according to the lifetime rules of non-FCP client
request resources.

(This could possibly be optimized by reference counts instead of
copies.)

The presently only kernelspace driver which listens for FCP requests,
firedtv, was not affected because it already copies FCP frames into an
own buffer before returning to firewire-core's FCP handler dispatcher.

Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
2010-01-26 20:54:50 +01:00
Stefan Richter
6d3faf6f43 firewire: cdev: add_descriptor documentation fix
struct fw_cdev_add_descriptor.length is in quadlets, not in bytes.
Also remove any doubts about the endianess of descriptor data.

Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
2010-01-26 20:54:50 +01:00
Stefan Richter
e300839da4 firewire: core: add_descriptor size check
Presently, firewire-core only checks whether descriptors that are to be
added by userspace drivers to the local node's config ROM do not exceed
a size of 256 quadlets.  However, the sum of the bare minimum ROM plus
all descriptors (from firewire-core, from firewire-net, from userspace)
must not exceed 256 quadlets.

Otherwise, the bounds of a statically allocated buffer will be
overwritten.  If the kernel survives that, firewire-core will
subsequently be unable to parse the local node's config ROM.

(Note, userspace drivers can add descriptors only through device files
of local nodes.  These are usually only accessible by root, unlike
device files of remote nodes which may be accessible to lesser
privileged users.)

Therefore add a test which takes the actual present and required ROM
size into account for all descriptors of kernelspace and userspace
drivers.

Cc: stable@kernel.org
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
2010-01-26 20:54:50 +01:00
Thomas Gleixner
7b7422a566 clocksource: Prevent potential kgdb dead lock
commit 0f8e8ef7 (clocksource: Simplify clocksource watchdog resume
logic) introduced a potential kgdb dead lock. When the kernel is
stopped by kgdb inside code which holds watchdog_lock then kgdb dead
locks in clocksource_resume_watchdog().

clocksource_resume_watchdog() is called from kbdg via
clocksource_touch_watchdog() to avoid that the clock source watchdog
marks TSC unstable after the kernel has been stopped.

Solve this by replacing spin_lock with a spin_trylock and just return
in case the lock is held. Not resetting the watchdog might result in
TSC becoming marked unstable, but that's an acceptable penalty for
using kgdb.

The timekeeping is anyway easily screwed up by kgdb when the system
uses either jiffies or a clock source which wraps in short intervals
(e.g. pm_timer wraps about every 4.6s), so we really do not have to
worry about that occasional TSC marked unstable side effect.

The second caller of clocksource_resume_watchdog() is
clocksource_resume(). The trylock is safe here as well because the
system is UP at this point, interrupts are disabled and nothing else
can hold watchdog_lock().

Reported-by: Jason Wessel <jason.wessel@windriver.com>
LKML-Reference: <1264480000-6997-4-git-send-email-jason.wessel@windriver.com>
Cc: kgdb-bugreport@lists.sourceforge.net
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: John Stultz <johnstul@us.ibm.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2010-01-26 14:53:16 +01:00
David S. Miller
6abce7711f sparc64: Fix UP build.
Can't reference irq_desc[].affinity when !SMP.

Reported-by: Alexander Beregalov <a.beregalov@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-01-26 04:16:49 -08:00
Linus Torvalds
9a3cbe3265 Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
  ext4: Drop EXT4_GET_BLOCKS_UPDATE_RESERVE_SPACE flag
  ext4: Fix quota accounting error with fallocate
  ext4: Handle -EDQUOT error on write
2010-01-25 19:05:06 -08:00
Linus Torvalds
01974ea61f Merge git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog
* git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog:
  [WATCHDOG] sbc_fitpc2_wdt: fix I/O space access technique.
  [WATCHDOG] ixp2000: Fix build failure caused by missing include
2010-01-25 19:03:58 -08:00
Linus Torvalds
7c1c05afdd Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6:
  ASoC: fix a memory-leak in wm8903
  ALSA: hda - add possibility to choose speakers configuration for 4930g
  ALSA: hda - Fix HP T5735 automute
  ALSA: hda - Turn on EAPD only if available for Realtek codecs
  ALSA: hda - Fix parsing pin node 0x21 on ALC259
2010-01-25 19:03:45 -08:00
Linus Torvalds
486d35e222 Merge branch 'kvm-updates/2.6.33' of git://git.kernel.org/pub/scm/virt/kvm/kvm
* 'kvm-updates/2.6.33' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: x86: Fix leak of free lapic date in kvm_arch_vcpu_init()
  KVM: x86: Fix probable memory leak of vcpu->arch.mce_banks
  KVM: S390: fix potential array overrun in intercept handling
  KVM: fix spurious interrupt with irqfd
  eventfd - allow atomic read and waitqueue remove
  KVM: MMU: bail out pagewalk on kvm_read_guest error
  KVM: properly check max PIC pin in irq route setup
  KVM: only allow one gsi per fd
  KVM: x86: Fix host_mapping_level()
  KVM: powerpc: Show timing option only on embedded
  KVM: Fix race between APIC TMR and IRR
2010-01-25 19:02:31 -08:00
Linus Torvalds
a8d0b6666e Merge branch 'linux-next' of git://git.infradead.org/ubi-2.6
* 'linux-next' of git://git.infradead.org/ubi-2.6:
  UBI: fix memory leak in update path
  UBI: add more checks to chdev open
  UBI: initialise update marker
2010-01-25 19:02:06 -08:00
Linus Torvalds
c799d15333 Merge branch 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging
* 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging:
  hwmon: (fschmd) Fix a memleak on multiple opens of /dev/watchdog
  hwmon: (asus_atk0110) Do not fail if MBIF is missing
  hwmon: (amc6821) Double unlock bug
  hwmon: (smsc47m1) Fix section mismatch
2010-01-25 19:00:56 -08:00
Linus Torvalds
abefedd538 Merge branch 'drm-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6
* 'drm-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6: (95 commits)
  drm/radeon/kms: preface warning printk with driver name
  drm/radeon/kms: drop unnecessary printks.
  drm: fix regression in fb blank handling
  drm/radeon/kms: make hibernate work on IGPs
  drm/vmwgfx: Optimize memory footprint for DMA buffers.
  drm/ttm: Allow system memory as a busy placement.
  drm/ttm: Fix race condition in ttm_bo_delayed_delete (v3, final)
  drm/nv50: prevent switching off SOR when in use for DVI-over-DP
  drm/nv50: fail auxch transaction if reply count not what we expect
  drm/nouveau: fix failure path if userspace specifies no valid memtypes
  drm/nouveau: report LVDS as disconnected if lid closed
  drm/radeon/kms: fix legacy get_engine/memory clock
  drm/radeon/kms/atom: atom parser fixes
  drm/radeon/kms: clean up atombios pll code
  drm/radeon/kms: clean up pll struct
  drm/radeon/kms/atom: fix crtc lock ordering
  drm/radeon: r6xx/r7xx possible security issue, system ram access
  drm/radeon/kms: r600/r700 don't test ib if ib initialization fails
  drm/radeon/kms: Forbid creation of framebuffer with no valid GEM object
  drm/radeon/kms: r600 handle irq vector ring overflow
  ...
2010-01-25 18:59:47 -08:00
Linus Torvalds
840f51ffe1 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6:
  sparc64: Fix IRQ ->set_affinity() methods.
  sparc: cpumask_of_node() should handle -1 as a node
  sparc64: Update defconfig.
  sparc: Add missing SW perf fault events.
  sparc64: Fully support both performance counters.
  sparc64: Add perf callchain support.
  sparc: convert to arch_gettimeoffset()
  sparc: leds_resource.end assigned to itself in clock_board_probe()
  sparc32: Fix page_to_phys().
  sparc: Simplify param.h by simply including <asm-generic/param.h>
  sparc32: Update defconfig.
  SPARC: use helpers for rlimits
  sparc: copy_from_user() should not return -EFAULT
2010-01-25 18:57:25 -08:00
Linus Torvalds
e2197787ef Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (42 commits)
  virtio_net: Make delayed refill more reliable
  sfc: Use fixed-size buffers for MCDI NVRAM requests
  sfc: Add workspace for GMAC bug workaround to MCDI MAC_STATS buffer
  tcp_probe: avoid modulus operation and wrap fix
  qlge: Only free resources if they were allocated
  netns xfrm: deal with dst entries in netns
  sky2: revert config space change
  vlan: fix vlan_skb_recv()
  netns xfrm: fix "ip xfrm state|policy count" misreport
  sky2: Enable/disable WOL per hardware device
  net: Fix IPv6 GSO type checks in Intel ethernet drivers
  igb/igbvf: cleanup exception handling in tx_map_adv
  MAINTAINERS: Add Intel igbvf maintainer
  e1000/e1000e: don't use small hardware rx buffers
  fmvj18x_cs: add new id (Panasonic lan & modem card)
  be2net: swap only first 2 fields of mcc_wrb
  Please add support for Microsoft MN-120 PCMCIA network card
  be2net: fix bug in rx page posting
  wimax/i2400m: Add support for more i6x50 SKUs
  e1000e: enhance frame fragment detection
  ...
2010-01-25 18:57:07 -08:00
Linus Torvalds
4f4e65d248 Merge branch 'omap-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap-2.6
* 'omap-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap-2.6: (25 commits)
  OMAP2/3: DMTIMER: Clear pending interrupts when stopping a timer
  PM debug: Fix warning when no CONFIG_DEBUG_FS
  OMAP3: PM: DSS PM_WKEN to refill DMA
  OMAP: timekeeping: time should not stop during suspend
  OMAP3: PM: Force write last pad config register into save area
  OMAP: omap3_pm_get_suspend_state() error ignored in pwrdm_suspend_get()
  OMAP3: PM: Enable wake-up from McBSP2, 3 and 4 modules
  OMAP3: PM debug: fix build error when !CONFIG_DEBUG_FS
  OMAP3: PM: Removing redundant and potentially dangerous PRCM configration
  OMAP3: Fixed ARM aux ctrl register save/restore
  OMAP3: CPUidle: Fixed timer resolution
  OMAP3: PM: Remove duplicate code blocks
  OMAP3: PM: Disable interrupt controller AUTOIDLE before WFI
  OMAP3: PM: Enable system control module autoidle
  OMAP3: PM: Ack pending interrupts before entering suspend
  omap: Enable GPMC clock in gpmc_init
  OMAP1 clock: fix for "BUG: spinlock lockup on CPU#0"
  OMAP4: clocks: Fix the clksel_rate struct DPLL divs
  OMAP4: PRCM: Fix the base address for CHIRONSS reg defines
  OMAP: dma_chan[lch_head].flag & OMAP_DMA_ACTIVE tested twice in omap_dma_unlink_lch()
  ...
2010-01-25 18:56:12 -08:00
Herbert Xu
39d3215774 virtio_net: Make delayed refill more reliable
I have seen RX stalls on a machine that experienced a suspected
OOM.  After the stall, the RX buffer is empty on the guest side
and there are exactly 16 entries available on the host side.  As
the number of entries is less than that required by a maximal
skb, the host cannot proceed.

The guest did not have a refill job scheduled.

My diagnosis is that an OOM had occured, with the delayed refill
job scheduled.  The job was able to allocate at least one skb, but
not enough to overcome the minimum required by the host to proceed.

As the refill job would only reschedule itself if it failed completely
to allocate any skbs, this would lead to an RX stall.

The following patch removes this stall possibility by always
rescheduling the refill job until the ring is totally refilled.

Testing has shown that the RX stall no longer occurs whereas
previously it would occur within a day.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-01-25 15:51:01 -08:00
Ben Hutchings
5a27e86bab sfc: Use fixed-size buffers for MCDI NVRAM requests
The low-level MCDI code always uses 32-bit MMIO operations, and
callers must pad input and output buffers to multiples of 4 bytes.
The MCDI NVRAM functions are not doing this.  Also, their buffers are
declared as variable-length arrays with no explicit maximum length.

Switch to a fixed buffer size based on the chunk size used by the
MTD driver (which is a multiple of 4).

Signed-off-by: Ben Hutchings <bhutchings@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-01-25 15:49:59 -08:00
Guido Barzini
8704a2c8e9 sfc: Add workspace for GMAC bug workaround to MCDI MAC_STATS buffer
Due to a hardware bug in the SFC9000 family, the firmware must
transfer raw GMAC statistics to host memory before aggregating them
into the cooked (speed-independent) MAC statistics.  Extend the stats
buffer to support this.

The length of the buffer is explicit in the MAC_STATS command, so this
change is backward-compatible on both sides.

Signed-off-by: Ben Hutchings <bhutchings@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-01-25 15:49:19 -08:00
Stephen Hemminger
f81074f861 tcp_probe: avoid modulus operation and wrap fix
By rounding up the buffer size to power of 2, several expensive
modulus operations can be avoided.  This patch also solves a bug where
the gap need when ring gets full was not being accounted for.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-01-25 15:47:50 -08:00
Breno Leitao
4f9a91c812 qlge: Only free resources if they were allocated
Currently qlge tries to release regions even if they were not allocated.
This causes messages like the following in the kernel log

Trying to free nonexistent resource <00000000006af400-00000000006af4ff>
Trying to free nonexistent resource <00003c04ff9f4000-00003c04ff9f7fff>
Trying to free nonexistent resource <00003c04ffc00000-00003c04ffcfffff>

This patch fixes the goto logic in order to not release the resources
if they were not allocated.

Signed-off-by: Breno Leitao <leitao@linux.vnet.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-01-25 15:46:58 -08:00
Steven Rostedt
74bf4076f2 tracing: Prevent kernel oops with corrupted buffer
If the contents of the ftrace ring buffer gets corrupted and the trace
file is read, it could create a kernel oops (usualy just killing the user
task thread). This is caused by the checking of the pid in the buffer.
If the pid is negative, it still references the cmdline cache array,
which could point to an invalid address.

The simple fix is to test for negative PIDs.

Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
2010-01-25 15:11:53 -05:00
Denis Turischev
ef39a1bf3c [WATCHDOG] sbc_fitpc2_wdt: fix I/O space access technique.
The mdelay function was used between I/O access commands, that causes peak
in CPU usage. Fix it by substitution mdelay to msleep.

Expand usage on fitPC2 compatible boards according to DMI identification.

Signed-off-by: Denis Turischev <denis@compulab.co.il>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
2010-01-25 19:48:49 +00:00
Andrew Patterson
bd1f46deba PCI: fix nested spinlock hang in aer_inject
The aer_inject module hangs in aer_inject() when checking the device's
error masks.  The hang is due to a recursive use of the aer_inject lock.
The aer_inject() routine grabs the lock while processing the error and then
calls pci_read_config_dword to read the masks. The pci_read_config_dword
routine is earlier overridden by pci_read_aer, which among other things,
grabs the aer_inject lock.

Fixed by moving the pci_read_config_dword calls to read the masks to before
the lock is taken.

Acked-by: Huang Ying <ying.huang@intel.com>
Signed-off-by: Andrew Patterson <andrew.patterson@hp.com>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
2010-01-25 10:42:52 -08:00
Takashi Iwai
86f2ce0347 Merge branch 'fix/hda' into for-linus 2010-01-25 17:00:01 +01:00
Guennadi Liakhovetski
40aa7030e5 ASoC: fix a memory-leak in wm8903
Remember to free the temporary register-cache.

Signed-off-by: Guennadi Liakhovetski <g.liakhovetski@gmx.de>
Acked-by: Liam Girdwood <lrg@slimlogic.co.uk>
Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Cc: stable@kernel.org
2010-01-25 14:41:05 +00:00
Andi Kleen
e83e452b06 oprofile/x86: add Xeon 7500 series support
Add Xeon 7500 series support to oprofile.

Straight forward: it's the same as Core i7, so just detect
the model number. No user space changes needed.

Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Robert Richter <robert.richter@amd.com>
2010-01-25 15:34:53 +01:00
Suravee Suthikulpanit
d8cc108f4f oprofile/x86: fix crash when profiling more than 28 events
With multiplexing enabled oprofile crashs when profiling more than 28
events. This patch fixes this.

Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
Signed-off-by: Robert Richter <robert.richter@amd.com>
2010-01-25 15:34:53 +01:00
Wei Yongjun
443c39bc9e KVM: x86: Fix leak of free lapic date in kvm_arch_vcpu_init()
In function kvm_arch_vcpu_init(), if the memory malloc for
vcpu->arch.mce_banks is fail, it does not free the memory
of lapic date. This patch fixed it.

Cc: stable@kernel.org
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2010-01-25 12:26:40 -02:00
Wei Yongjun
36cb93fd6b KVM: x86: Fix probable memory leak of vcpu->arch.mce_banks
vcpu->arch.mce_banks is malloc in kvm_arch_vcpu_init(), but
never free in any place, this may cause memory leak. So this
patch fixed to free it in kvm_arch_vcpu_uninit().

Cc: stable@kernel.org
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2010-01-25 12:26:40 -02:00
Christian Borntraeger
062d5e9b0d KVM: S390: fix potential array overrun in intercept handling
kvm_handle_sie_intercept uses a jump table to get the intercept handler
for a SIE intercept. Static code analysis revealed a potential problem:
the intercept_funcs jump table was defined to contain (0x48 >> 2) entries,
but we only checked for code > 0x48 which would cause an off-by-one
array overflow if code == 0x48.

Use the compiler and ARRAY_SIZE to automatically set the limits.

Cc: stable@kernel.org
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2010-01-25 12:26:39 -02:00
Michael S. Tsirkin
b6a114d272 KVM: fix spurious interrupt with irqfd
kvm didn't clear irqfd counter on deassign, as a result we could get a
spurious interrupt when irqfd is assigned back. this leads to poor
performance and, in theory, guest crash.

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
2010-01-25 12:26:39 -02:00
Davide Libenzi
cb289d6244 eventfd - allow atomic read and waitqueue remove
KVM needs a wait to atomically remove themselves from the eventfd ->poll()
wait queue head, in order to handle correctly their IRQfd deassign
operation.

This patch introduces such API, plus a way to read an eventfd from its
context.

Signed-off-by: Davide Libenzi <davidel@xmailserver.org>
Signed-off-by: Avi Kivity <avi@redhat.com>
2010-01-25 12:26:38 -02:00