Eric Sandeen [Thu, 11 Aug 2011 14:54:31 +0000 (09:54 -0500)]
ext4: Properly count journal credits for long symlinks
Commit df5e6223407e ("ext4: fix deadlock in ext4_symlink() in ENOSPC
conditions") recalculated the number of credits needed for a long
symlink, in the process of splitting it into two transactions. However,
the first credit calculation under-counted because if selinux is
enabled, credits are needed to create the selinux xattr as well.
Overrunning the reservation will result in an OOPS in
jbd2_journal_dirty_metadata() due to this assert:
Eric Sandeen [Thu, 11 Aug 2011 14:51:46 +0000 (09:51 -0500)]
ext3: Properly count journal credits for long symlinks
Commit ae54870a1dc9 ("ext3: Fix lock inversion in ext3_symlink()")
recalculated the number of credits needed for a long symlink, in the
process of splitting it into two transactions. However, the first
credit calculation under-counted because if selinux is enabled, credits
are needed to create the selinux xattr as well.
Overrunning the reservation will result in an OOPS in
journal_dirty_metadata() due to this assert:
Peter Hurley [Fri, 5 Aug 2011 14:52:01 +0000 (10:52 -0400)]
Bluetooth: hidp: Don't release device ref if never held
When an hidp connection is added for a boot protocol input
device, don't release a device reference that was never
acquired. The device reference is acquired when the session
is linked to the session list (which hasn't happened yet when
hidp_setup_input is called).
Peter Hurley [Fri, 5 Aug 2011 14:51:50 +0000 (10:51 -0400)]
Bluetooth: hidp: Only free input device if failed register
When an hidp connection is added for a boot protocol input
device, only free the allocated device if device registration fails.
Subsequent failures should only unregister the device (the input
device api documents that unregister will also free the allocated
device).
Peter Hurley [Fri, 5 Aug 2011 14:44:21 +0000 (10:44 -0400)]
Bluetooth: cmtp: Fix deadlock in session deletion
Commit fada4ac339 introduced the usage of kthread API.
kthread_stop is a blocking function which returns only when
the thread exits. In this case, the thread can't exit because it's
waiting for the write lock, which is being held by cmtp_del_connection()
which is waiting for the thread to exit -- deadlock.
Revert cmtp_reset_ctr to its original behavior: non-blocking signalling
for the session to terminate.
Peter Hurley [Fri, 5 Aug 2011 14:41:35 +0000 (10:41 -0400)]
Bluetooth: bnep: Fix deadlock in session deletion
Commit f4d7cd4a4c introduced the usage of kthread API.
kthread_stop is a blocking function which returns only when
the thread exits. In this case, the thread can't exit because it's
waiting for the write lock, which is being held by bnep_del_connection()
which is waiting for the thread to exit -- deadlock.
Use atomic_t/wake_up_process instead to signal to the thread to exit.
Bluetooth: Don't use cmd_timer to timeout HCI reset command
No command should be send before Command Complete event for HCI
reset is received. This fix regression introduced by commit 6bd32326cda(Bluetooth: Use proper timer for hci command timout)
for chips whose reset command takes longer to complete (e.g. CSR)
resulting in next command being send before HCI reset completed.
Removed superfluous event handling which was used to signal
that the rfcomm kthread had been woken. This appears to have been
used to prevent lost wakeups. Correctly ordering when the task
state is set to TASK_INTERRUPTIBLE is sufficient to prevent lost wakeups.
To prevent wakeups which occurred prior to initially setting
TASK_INTERRUPTIBLE from being lost, the main work of the thread loop -
rfcomm_process_sessions() - is performed prior to sleeping.
Paul Bolle [Tue, 9 Aug 2011 15:16:28 +0000 (17:16 +0200)]
Bluetooth: btusb: be quiet on device disconnect
Disabling the bluetooth usb device embedded in (some) ThinkPads tends to
lead to errors like these:
btusb_bulk_complete: hci0 urb ffff88011b9bfd68 failed to resubmit (19)
btusb_intr_complete: hci0 urb ffff88011b46a318 failed to resubmit (19)
btusb_bulk_complete: hci0 urb ffff88011b46a000 failed to resubmit (19)
That is because usb_disconnect() doesn't "quiesces" pending urbs.
Disconnecting a device is a normal thing to happen so it's no big deal
that usb_submit_urb() returns -ENODEV. The simplest way to get rid of
these errors is to stop treating that return as an error. Trivial,
actually.
While we're at it, add comments to be explicit about the reasons we're
not complaining about -EPERM and -ENODEV.
Oops might happen because we check rt2x00queue_empty(queue) twice,
but this condition can change and we can process entry in
rt2800_txdone_entry(), which was already processed by
rt2800usb_txdone_entry_check() -> rt2x00lib_txdone_noinfo() and
has nullify entry->skb .
Modify flags in separate order in rt2x00usb_interrupt_txdone, to avoid
processing entries in _txdone with wrong flags or skip processing
ready entries.
Oops might happen because we perform parallel putting new entries in a
queue (rt2x00queue_write_tx_frame()) and removing entries after
finishing transmitting (rt2800usb_work_txdone()). There are cases when
_txdone may process an entry that was not fully send and nullify
entry->skb .
To fix check in _txdone if entry has flags that indicate pending
transmission and wait until flags get cleared.
Vasiliy Kulikov [Mon, 8 Aug 2011 15:02:04 +0000 (19:02 +0400)]
move RLIMIT_NPROC check from set_user() to do_execve_common()
The patch http://lkml.org/lkml/2003/7/13/226 introduced an RLIMIT_NPROC
check in set_user() to check for NPROC exceeding via setuid() and
similar functions.
Before the check there was a possibility to greatly exceed the allowed
number of processes by an unprivileged user if the program relied on
rlimit only. But the check created new security threat: many poorly
written programs simply don't check setuid() return code and believe it
cannot fail if executed with root privileges. So, the check is removed
in this patch because of too often privilege escalations related to
buggy programs.
The NPROC can still be enforced in the common code flow of daemons
spawning user processes. Most of daemons do fork()+setuid()+execve().
The check introduced in execve() (1) enforces the same limit as in
setuid() and (2) doesn't create similar security issues.
Neil Brown suggested to track what specific process has exceeded the
limit by setting PF_NPROC_EXCEEDED process flag. With the change only
this process would fail on execve(), and other processes' execve()
behaviour is not changed.
Solar Designer suggested to re-check whether NPROC limit is still
exceeded at the moment of execve(). If the process was sleeping for
days between set*uid() and execve(), and the NPROC counter step down
under the limit, the defered execve() failure because NPROC limit was
exceeded days ago would be unexpected. If the limit is not exceeded
anymore, we clear the flag on successful calls to execve() and fork().
The flag is also cleared on successful calls to set_user() as the limit
was exceeded for the previous user, not the current one.
Similar check was introduced in -ow patches (without the process flag).
v3 - clear PF_NPROC_EXCEEDED on successful calls to set_user().
cifs: Do not set cifs/ntfs acl using a file handle (try #4)
Set security descriptor using path name instead of a file handle.
We can't be sure that the file handle has adequate permission to
set a security descriptor (to modify DACL).
Function set_cifs_acl_by_fid() has been removed since we can't be
sure how a file was opened for writing, a valid request can fail
if the file was not opened with two above mentioned permissions.
We could have opted to add on WRITE_DAC and WRITE_OWNER permissions
to file opens and then use that file handle but adding addtional
permissions such as WRITE_DAC and WRITE_OWNER could cause an
any open to fail.
And it was incorrect to look for read file handle to set a
security descriptor anyway.
Steve French [Tue, 9 Aug 2011 18:44:44 +0000 (18:44 +0000)]
[CIFS] Cleanup use of CONFIG_CIFS_STATS2 ifdef to make transport routines more readable
Christoph had requested that the stats related code (in
CONFIG_CIFS_STATS2) be moved into helpers to make code flow more
readable. This patch should help. For example the following
section from transport.c
Julia Lawall [Tue, 9 Aug 2011 15:10:56 +0000 (11:10 -0400)]
hwmon: (ibmaem) add missing kfree
rs_resp is dynamically allocated in aem_read_sensor(), so it should be freed
before exiting in every case. This collects the kfree and the return at
the end of the function.
hwmon: (pmbus/lm25066) Ignore byte writes to non-zero pages
pmbus_clear_faults() attempts to clear faults on non-existing real pages.
As a result, the command error bit in the status register is set, and faults
are not really cleared.
All byte writes to non-zero pages are requests to clear the status register
on that page. Since non-zero pages are virtual and do not exist on the chip,
there is nothing to do, and such requests have to be ignored. This fixes
above problem.
Axel Lin [Thu, 11 Aug 2011 16:22:45 +0000 (09:22 -0700)]
Input: tegra-kbc - correct call to input_free_device
If kzalloc for kbc fails, then we have NULL pointer dereference while
calling input_free_device(kbc->idev) in the error handling.
So it is safer to always use the original name, input_dev.
Linus Torvalds [Thu, 11 Aug 2011 16:03:48 +0000 (09:03 -0700)]
Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
perf symbols: Check '/tmp/perf-' symbol file ownership
perf sched: Usage leftover from trace -> script rename
perf sched: Do not delete session object prematurely
perf tools: Check $HOME/.perfconfig ownership
perf, x86: Add model 45 SandyBridge support
perf tools: Add support to install perf python extension
perf tools: do not look at ./config for configuration
perf tools: Make clean leaves some files
perf lock: Dropping unsupported ':r' modifier
perf probe: Fix coredump introduced by probe module option
jump label: Reduce the cycle count by changing the link order
perf report: Use ui__warning in some more places
perf python: Add PERF_RECORD_{LOST,READ,SAMPLE} routine tables
perf evlist: Introduce 'disable' method
trace events: Update version number reference to new 3.x scheme for EVENT_POWER_TRACING_DEPRECATED
perf buildid-cache: Zero out buffer of filenames when adding/removing buildid
It turns out that one was meant to be applied on top of the edac.git
tree in -next that has more i7core_edac changes, but that wasn't clear
in the original email.
Peng Tao [Wed, 10 Aug 2011 22:29:21 +0000 (18:29 -0400)]
NFS41: make PNFS_BLOCK selectable
PNFS_BLOCK needs BLK_DEV_DM/MD, which is not a dependency for other
pnfs layout drivers. Seperate it out so others can still build when
BLK_DEV_DM/MD is not enabled.
Also change select to depends on to avoid build failures.
Ralf Baechle [Wed, 10 Aug 2011 05:23:46 +0000 (05:23 +0000)]
PCnet: Fix section mismatch
Building MIPS mtx1_defconfig results in:
MODPOST 735 modules
WARNING: drivers/net/pcnet32.o(.devinit.text+0x11ec): Section mismatch in reference from the function pcnet32_probe_vlbus.constprop.22() to the variable .init.data:pcnet32_portlist
The function __devinit pcnet32_probe_vlbus.constprop.22() references
a variable __initdata pcnet32_portlist.
If pcnet32_portlist is only used by pcnet32_probe_vlbus.constprop.22 then
annotate pcnet32_portlist with a matching annotation.
As rt_iif represents input device even for packets
coming from loopback with output route, it is not an unique
key specific to input routes. Now rt_route_iif has such role,
it was fl.iif in 2.6.38, so better to change the checks at
some places to save CPU cycles and to restore 2.6.38 semantics.
compare_keys:
- input routes: only rt_route_iif matters, rt_iif is same
- output routes: only rt_oif matters, rt_iif is not
used for matching in __ip_route_output_key
- now we are back to 2.6.38 state
ip_route_input_common:
- matching rt_route_iif implies input route
- compared to 2.6.38 we eliminated one rth->fl.oif check
because it was not needed even for 2.6.38
compare_hash_inputs:
Only the change here is not an optimization, it has
effect only for output routes. I assume I'm restoring
the original intention to ignore oif, it was using fl.iif
- now we are back to 2.6.38 state
Call cipso_v4_doi_putdef in the case of the failure of the allocation of
entry. Reverse the order of the error handling code at the end of the
function and insert more labels in order to reduce the number of
unnecessary calls to kfree.
sh_sir.c: In function 'sh_sir_write':
sh_sir.c:127:2: error: implicit declaration of function 'iowrite16'
sh_sir.c: In function 'sh_sir_read':
sh_sir.c:132:2: error: implicit declaration of function 'ioread16'
sh_sir.c: At top level:
sh_sir.c:561:20: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'sh_sir_irq'
sh_sir.c: In function 'sh_sir_probe':
sh_sir.c:727:2: error: implicit declaration of function 'ioremap_nocache'
sh_sir.c:727:16: warning: assignment makes pointer from integer without a cast
sh_sir.c:762:2: error: implicit declaration of function 'request_irq'
sh_sir.c:762:23: error: 'sh_sir_irq' undeclared (first use in this function)
sh_sir.c:762:23: note: each undeclared identifier is reported only once for each function it appears in
sh_sir.c:762:35: error: 'IRQF_DISABLED' undeclared (first use in this function)
sh_sir.c:776:2: error: implicit declaration of function 'iounmap'
sh_sir.c: At top level:
sh_sir.c:436:13: warning: 'sh_sir_clear_all_err' defined but not used
sh_sir.c:474:12: warning: 'sh_sir_is_which_phase' defined but not used
sh_sir.c:490:13: warning: 'sh_sir_tx' defined but not used
sh_sir.c:540:13: warning: 'sh_sir_rx' defined but not used
sh_irda.c: In function 'sh_irda_write':
sh_irda.c:174: error: implicit declaration of function 'iowrite16'
sh_irda.c: In function 'sh_irda_read':
sh_irda.c:184: error: implicit declaration of function 'ioread16'
sh_irda.c: At top level:
sh_irda.c:492: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'sh_irda_irq'
sh_irda.c: In function 'sh_irda_probe':
sh_irda.c:776: error: implicit declaration of function 'ioremap_nocache'
sh_irda.c:776: warning: assignment makes pointer from integer without a cast
sh_irda.c:811: error: implicit declaration of function 'request_irq'
sh_irda.c:811: error: 'sh_irda_irq' undeclared (first use in this function)
sh_irda.c:811: error: (Each undeclared identifier is reported only once
sh_irda.c:811: error: for each function it appears in.)
sh_irda.c:811: error: 'IRQF_DISABLED' undeclared (first use in this function)
sh_irda.c:825: error: implicit declaration of function 'iounmap'
Jiri Olsa [Wed, 1 Jun 2011 19:43:46 +0000 (21:43 +0200)]
perf report: Use properly build_id kernel binaries
If we bring the recorded perf data together with kernel binary from another
machine using:
on server A:
perf archive
on server B:
tar xjvf perf.data.tar.bz2 -C ~/.debug
the build_id kernel dso is not properly recognized during the "perf report"
command on server B.
The reason is, that build_id dsos are added during the session initialization,
while the kernel maps are created during the sample event processing.
The machine__create_kernel_maps functions ends up creating new dso object for
kernel, but it does not check if we already have one added by build_id
processing.
Also the build_id reading ABI quirk added in commit:
populates the "struct build_id_event::pid" with 0, which
is later interpreted as DEFAULT_GUEST_KERNEL_ID.
This is not always correct, so it's better to guess the pid
value based on the "struct build_id_event::header::misc" value.
- Tested with data generated on x86 kernel version v2.6.34
and reported back on x86_64 current kernel.
- Not tested for guest kernel case.
Note the problem stays for PERF_RECORD_MMAP events recorded by perf that
does not use proper pid (HOST_KERNEL_ID/DEFAULT_GUEST_KERNEL_ID). They are
misinterpreted within the current perf code. Probably there's not much we
can do about that.
Shaohua Li [Thu, 11 Aug 2011 08:39:04 +0000 (10:39 +0200)]
block: improve rq_affinity placement
This patch reverts commit 35ae66e0a09ab70ed(block: Make rq_affinity = 1
work as expected). The purpose is to avoid an unnecessary IPI.
Let's take an example. My test box has cpu 0-7, one socket. Say request is
added from CPU 1, blk_complete_request() occurs at CPU 7. Without the reverted
patch, softirq will be done at CPU 7. With it, an IPI will be directed to CPU
0, and softirq will be done at CPU 0. In this case, doing softirq at CPU 0 and
CPU 7 have no difference from cache sharing point view and we can avoid an
ipi if doing it in CPU 7.
An immediate concern is this is just like QUEUE_FLAG_SAME_FORCE, but actually
not. blk_complete_request() is running in interrupt handler, and currently
I/O controller doesn't support multiple interrupts (I checked several LSI
cards and AHCI), so only one CPU can run blk_complete_request(). This is
still quite different as QUEUE_FLAG_SAME_FORCE.
Since only one CPU runs softirq, the only difference with below patch is
softirq not always runs at the first CPU of a group.
Namhyung Kim [Thu, 11 Aug 2011 08:36:05 +0000 (10:36 +0200)]
blktrace: add FLUSH/FUA support
Add FLUSH/FUA support to blktrace. As FLUSH precedes WRITE and/or
FUA follows WRITE, use the same 'F' flag for both cases and
distinguish them by their (relative) position. The end results
look like (other flags might be shown also):
Note that we reuse TC_BARRIER due to lack of bit space of act_mask
so that the older versions of blktrace tools will report flush
requests as barriers from now on.
Mike Waychison [Thu, 11 Aug 2011 04:59:57 +0000 (21:59 -0700)]
tcp: initialize variable ecn_ok in syncookies path
Using a gcc 4.4.3, warnings are emitted for a possibly uninitialized use
of ecn_ok.
This can happen if cookie_check_timestamp() returns due to not having
seen a timestamp. Defaulting to ecn off seems like a reasonable thing
to do in this case, so initialized ecn_ok to false.
ARM: mmp: Change the way we use timer 0 as clockevent timer.
Instead of setting up a match interrupt for 'current_time + delta'
on ->set_next_event(), program timer 0 to count down from 'delta - 1'
and trigger an interrupt when it reaches zero.
Currently, arch-mmp/time.c uses timer 0 both as a clocksource timer
and as a clockevent timer, the latter by setting up a comparator
interrupt to match on 'current_time + delta'. This is problematic
if delta is small enough, as that can lead to 'current_time + delta'
already being in the past when comparator setup has finished, leading
to the requested event not triggering.
As there is also a silicon issue that requires stopping a timer's
counter while writing to one of its match registers, we'll switch to
using two separate timers -- timer 0 as clockevent timer, which we'll
start and stop on every invocation of ->set_next_event(), and timer 1
as clocksource timer, which will be free-running.
This first patch enables timer 1 on boot, so that we can use it as
clocksource timer.
Linus Torvalds [Thu, 11 Aug 2011 00:37:17 +0000 (17:37 -0700)]
Merge branch 'fixes' of master.kernel.org:/home/rmk/linux-2.6-arm
* 'fixes' of master.kernel.org:/home/rmk/linux-2.6-arm:
ARM: drop experimental status for ARM_PATCH_PHYS_VIRT
ARM: 7008/1: alignment: Make SIGBUS sent to userspace POSIXly correct
ARM: 7007/1: alignment: Prevent ignoring of faults with ARMv6 unaligned access model
ARM: 7010/1: mm: fix invalid loop for poison_init_mem
ARM: 7005/1: freshen up mm/proc-arm946.S
dmaengine: PL08x: Fix trivial build error
ARM: Fix build error for SMP=n builds
Andy Lutomirski [Wed, 10 Aug 2011 15:15:32 +0000 (11:15 -0400)]
x86-64: Rework vsyscall emulation and add vsyscall= parameter
There are three choices:
vsyscall=native: Vsyscalls are native code that issues the
corresponding syscalls.
vsyscall=emulate (default): Vsyscalls are emulated by instruction
fault traps, tested in the bad_area path. The actual contents of
the vsyscall page is the same as the vsyscall=native case except
that it's marked NX. This way programs that make assumptions about
what the code in the page does will not be confused when they read
that code.
vsyscall=none: Trying to execute a vsyscall will segfault.
Andy Lutomirski [Wed, 10 Aug 2011 15:15:31 +0000 (11:15 -0400)]
x86-64: Wire up getcpu syscall
getcpu is available as a vdso entry and an emulated vsyscall.
Programs that for some reason don't want to use the vdso should
still be able to call getcpu without relying on the slow emulated
vsyscall. It costs almost nothing to expose it as a real syscall.
We also need this for the following patch in vsyscall=native mode.
x86-64: Move vread_tsc and vread_hpet into the vDSO
user code no longer directly calls into code in arch/x86/kernel/, so
we don't need compile flag hacks to make it safe. All vdso code is
in the vdso directory now.
John Stultz [Fri, 22 Jul 2011 09:12:51 +0000 (09:12 +0000)]
rtc: Fix RTC PIE frequency limit
Thomas earlier submitted a fix to limit the RTC PIE freq, but
picked 5000Hz out of the air. Willy noticed that we should
instead use the 8192Hz max from the rtc man documentation.
rtc: rtc-twl: Remove lockdep related local_irq_enable()
Now that the irq is properly threaded (due to it needing i2c access)
we should also remove the local_irq_enable() call in twl_rtc_interrupt.
Testing this with Pandaboard, the RTC is still working.
[Reworked commit message -jstultz] Signed-off-by: John Stultz <[email protected]>
Axel Lin [Wed, 10 Aug 2011 13:11:26 +0000 (21:11 +0800)]
rtc: ep93xx: Fix 'rtc' may be used uninitialized warning
commit 92d921c5d "rtc: ep93xx: Initialize drvdata before registering device"
ensures the drvdata is initialized prior to registering the rtc device.
But it set the drvdata to an uninitialized pointer.
Thus calling platform_get_drvdata in ep93xx_rtc_remove does not get correct address.
This patch fixes below warning by adding struct rtc_device *rtc to struct ep93xx_rtc.
Then set platform drvdata to ep93xx_rtc instead of rtc.
CC drivers/rtc/rtc-ep93xx.o
drivers/rtc/rtc-ep93xx.c: In function 'ep93xx_rtc_probe':
drivers/rtc/rtc-ep93xx.c:154: warning: 'rtc' may be used uninitialized in this function
Given that xfs_bwrite actually does the shutdown already after
waiting for the b_iodone completion and given that we actually
found that calling xfs_force_shutdown from inside
xfs_buf_iodone_callbacks was a major contributor the problem
it better to drop this call.
Linus Torvalds [Wed, 10 Aug 2011 19:36:45 +0000 (12:36 -0700)]
Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc:
powerpc: Really fix build without CONFIG_PCI
powerpc: Fix build without CONFIG_PCI
powerpc/4xx: Fix build of PCI code on 405
powerpc/pseries: Simplify vpa deregistration functions
powerpc/pseries: Cleanup VPA registration and deregistration errors
powerpc/pseries: Fix kexec on recent firmware versions
MAINTAINERS: change maintainership of mpc5xxx
powerpc: Make KVM_GUEST default to n
powerpc/kvm: Fix build errors with older toolchains
powerpc: Lack of ibm,io-events not that important!
powerpc: Move kdump default base address to half RMO size on 64bit
powerpc/perf: Disable pagefaults during callchain stack read
ppc: Remove duplicate definition of PV_POWER7
powerpc: pseries: Fix kexec on machines with more than 4TB of RAM
powerpc: Jump label misalignment causes oops at boot
powerpc: Clean up some panic messages in prom_init
powerpc: Fix device tree claim code
powerpc: Return the_cpu_ spec from identify_cpu
powerpc: mtspr/mtmsr should take an unsigned long
Randy Dunlap [Wed, 10 Aug 2011 18:22:42 +0000 (11:22 -0700)]
xen: xen-selfballoon.c needs more header files
Fix build errors (found when CONFIG_SYSFS is not enabled):
drivers/xen/xen-selfballoon.c:446: warning: data definition has no type or storage class
drivers/xen/xen-selfballoon.c:446: warning: type defaults to 'int' in declaration of 'EXPORT_SYMBOL'
drivers/xen/xen-selfballoon.c:446: warning: parameter names (without types) in function declaration
drivers/xen/xen-selfballoon.c:485: error: expected declaration specifiers or '...' before string constant
drivers/xen/xen-selfballoon.c:485: warning: data definition has no type or storage class
drivers/xen/xen-selfballoon.c:485: warning: type defaults to 'int' in declaration of 'MODULE_LICENSE'
drivers/xen/xen-selfballoon.c:485: warning: function declaration isn't a prototype
x = \(kmalloc\|kzalloc\|kcalloc\)(...);
...
if (x == NULL) S
<... when != x
when != if (...) { <+...kfree(x)...+> }
when any
when != true x == NULL
x->fl
...>
(
if (x == NULL) S1
|
if (...) { ... when != x
when forall
(
return \(0\|<+...x...+>\|ptr\);
|
* return ...;
)
}
)
// </smpl>
Daniel Mack [Fri, 5 Aug 2011 11:49:52 +0000 (13:49 +0200)]
ALSA: snd-usb-caiaq: Correct offset fields of outbound iso_frame_desc
This fixes faulty outbount packets in case the inbound packets
received from the hardware are fragmented and contain bogus input
iso frames. The bug has been there for ages, but for some strange
reasons, it was only triggered by newer machines in 64bit mode.
Borislav Petkov [Wed, 10 Aug 2011 12:43:30 +0000 (14:43 +0200)]
EDAC: Correct Kconfig dependencies
Both AMD and Intel i7 EDAC drivers use MCE features and are thus
dependent of this functionality present in the kernel. Express this in
Kconfig so that randconfig builds don't break.
John Stultz [Wed, 10 Aug 2011 17:26:09 +0000 (10:26 -0700)]
alarmtimers: Avoid possible denial of service with high freq periodic timers
Its possible to jam up the alarm timers by setting very small interval
timers, which will cause the alarmtimer subsystem to spend all of its time
firing and restarting timers. This can effectivly lock up a box.
A deeper fix is needed, closely mimicking the hrtimer code, but for now
just cap the interval to 100us to avoid userland hanging the system.
Linus Walleij [Fri, 5 Aug 2011 10:24:44 +0000 (12:24 +0200)]
mach-sa1100: fix PCI build problem
The PCI nanoengine driver in the SA1100 machine probably has not
been building for some time. It probably dragged hardware.h
in implicitly and now it doesn't anymore. After this an SA1100
build selecting all system variants will build successfully.
Describes RSS, RPS, RFS, accelerated RFS, and XPS.
This version incorporates comments by Randy Dunlap and Rick Jones.
Besides text cleanup, it adds an explicit "Suggested Configuration"
heading to each section.
Hemant Pedanekar [Wed, 10 Aug 2011 13:19:35 +0000 (13:19 +0000)]
omap: timer: Set dmtimer used as clocksource in autoreload mode
If CONFIG_OMAP_32K_TIMER is not selected and dmtimer is used as clocksource, the
timer stops counting once overflow occurs as it was not set in autoreload mode.
This results into timekeeping failure: for example, 'sleep 1' at the shell after
the timer counter overflow would hang.
This patch sets up autoreload when starting the clocksource timer which fixes
the above issue.
projects / linux.git / log