Commit Graph

286924 Commits

Author SHA1 Message Date
Tyler Hicks 7f13350424 eCryptfs: Report errors in writes to /dev/ecryptfs
Errors in writes to /dev/ecryptfs were being incorrectly reported by
returning 0 or the value of the original write count.

This patch clears up the return code assignment in error paths.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
2012-01-25 14:43:39 -06:00
Tyler Hicks db10e55651 eCryptfs: Sanitize write counts of /dev/ecryptfs
A malicious count value specified when writing to /dev/ecryptfs may
result in a a very large kernel memory allocation.

This patch peeks at the specified packet payload size, adds that to the
size of the packet headers and compares the result with the write count
value. The resulting maximum memory allocation size is approximately 532
bytes.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Reported-by: Sasha Levin <levinsasha928@gmail.com>
Cc: <stable@vger.kernel.org>
2012-01-25 14:43:39 -06:00
Tim Gardner bb4503615d ecryptfs: Remove unnecessary variable initialization
Removes unneeded variable initialization in ecryptfs_read_metadata(). Also adds
a small comment to help explain metadata reading logic.

[tyhicks@canonical.com: Pulled out of for-stable patch and wrote commit msg]
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
2012-01-25 14:43:38 -06:00
Tim Gardner 30373dc0c8 ecryptfs: Improve metadata read failure logging
Print inode on metadata read failure. The only real
way of dealing with metadata read failures is to delete
the underlying file system file. Having the inode
allows one to 'find . -inum INODE`.

[tyhicks@canonical.com: Removed some minor not-for-stable parts]
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: stable@vger.kernel.org
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
2012-01-25 14:43:38 -06:00
Dustin Kirkland 140941987f MAINTAINERS: Update eCryptfs maintainer address
Update my email address in MAINTAINERS.

Signed-off-by: Dustin Kirkland <dustin.kirkland@gazzang.com>
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
2012-01-25 14:43:38 -06:00
Ben Skeggs 9f1feed2e1 drm/ttm: fix two regressions since move_notify changes
Both changes in dc97b3409a cause serious
regressions in the nouveau driver.

move_notify() was originally able to presume that bo->mem is the old node,
and new_mem is the new node.  The above commit moves the call to
move_notify() to after move() has been done, which means that now, sometimes,
new_mem isn't the new node at all, bo->mem is, and new_mem points at a
stale, possibly-just-been-killed-by-move node.

This is clearly not a good situation.  This patch reverts this change, and
replaces it with a cleanup in the move() failure path instead.

The second issue is that the call to move_notify() from cleanup_memtype_use()
causes the TTM ghost objects to get passed into the driver.  This is clearly
bad as the driver knows nothing about these "fake" TTM BOs, and ends up
accessing uninitialised memory.

I worked around this in nouveau's move_notify() hook by ensuring the BO
destructor was nouveau's.  I don't particularly like this solution, and
would rather TTM never pass the driver these objects.  However, I don't
clearly understand the reason why we're calling move_notify() here anyway
and am happy to work around the problem in nouveau instead of breaking the
behaviour expected by other drivers.

Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
Reviewed-by: Thomas Hellstrom <thellstrom@vmware.com>
Cc: Jerome Glisse <j.glisse@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-25 18:54:28 +00:00
Daniel Vetter 93b525dccf drm/i915: fixup forcewake spinlock fallout in drpc debugfs function
My forcewake spinlock patches have a functional conflict with Ben
Widawsky's gen6 drpc support for debugfs. Result was a benign warning
about trying to read an non-atomic variabla with atomic_read.

Note that the entire check is racy anyway and purely informational.
Also update it to reflect the forcewake voodoo changes, the kernel can
now also hold onto a forcewake reference for longer times.

Signed-Off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Reviewed-by: Ben Widawsky <ben@bwidawsk.net>
Signed-off-by: Keith Packard <keithp@keithp.com>
2012-01-25 09:15:33 -08:00
Jan Kara 9b025eb3a8 xfs: Fix missing xfs_iunlock() on error recovery path in xfs_readlink()
Commit b52a360b forgot to call xfs_iunlock() when it detected corrupted
symplink and bailed out. Fix it by jumping to 'out' instead of doing return.

CC: stable@kernel.org
CC: Carlos Maiolino <cmaiolino@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Reviewed-by: Alex Elder <elder@kernel.org>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Ben Myers <bpm@sgi.com>
2012-01-25 11:01:31 -06:00
Jerome Glisse 9fc04b503d drm/radeon: avoid deadlock if GPU lockup is detected in ib_pool_get
If GPU lockup is detected in ib_pool get we are holding the ib_pool
mutex that will be needed by the GPU reset code. As ib_pool code is
safe to be reentrant from GPU reset code we should not block if we
are trying to get the ib pool lock on the behalf of the same userspace
caller, thus use the radeon_mutex_lock helper.

Signed-off-by: Jerome Glisse <jglisse@redhat.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-25 09:42:06 +00:00
Jerome Glisse d54fbd49ef drm/radeon: silence out possible lock dependency warning
Silence out the lock dependency warning by moving bo allocation out
of ib mutex protected section. Might lead to useless temporary
allocation but it's not harmful as such things only happen at
initialization.

Signed-off-by: Jerome Glisse <jglisse@redhat.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-25 09:28:21 +00:00
Thomas Hellstrom 598781d711 drm: Fix authentication kernel crash
If the master tries to authenticate a client using drm_authmagic and
that client has already closed its drm file descriptor,
either wilfully or because it was terminated, the
call to drm_authmagic will dereference a stale pointer into kmalloc'ed memory
and corrupt it.

Typically this results in a hard system hang.

This patch fixes that problem by removing any authentication tokens
(struct drm_magic_entry) open for a file descriptor when that file
descriptor is closed.

Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: stable@vger.kernel.org
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-25 09:27:45 +00:00
Gustavo Maciel Dias Vieira a6a600d10a ALSA: hda: set mute led polarity for laptops with buggy BIOS based on SSID
HP laptop models with buggy BIOS are apparently frequent, including
machines with different codecs. Set the polarity of the mute led based
on the SSID and include an entry for the HP Mini 110-3100.

Signed-off-by: Gustavo Maciel Dias Vieira <gustavo@sagui.org>
Tested-by: Predrag Ivanovic <predivan@open.telekom.rs>
Cc: <stable@kernel.org> [v3.2+]
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2012-01-25 10:00:12 +01:00
Takashi Iwai 3b25eb690e ALSA: hda - Fix silent output on ASUS A6Rp
The refactoring of Realtek codec driver in 3.2 kernel caused a
regression for ASUS A6Rp laptop; it doesn't give any output.
The reason was that this machine has a secret master mute (or EAPD)
control via NID 0x0f VREF.  Setting VREF50 on this node makes the
sound working again.

Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=42588

Cc: <stable@kernel.org> [v3.2+]
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2012-01-25 09:59:57 +01:00
Linus Torvalds f8275f9694 Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux
Quoth Len:
 "This fixes a merge-window regression due to a conflict
  between error injection and preparation to remove atomicio.c
  Here we fix that regression and complete the removal
  of atomicio.c.

  This also re-orders some idle initialization code to
  complete the merge window series that allows cpuidle
  to cope with bringing processors on-line after boot."

* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux:
  Use acpi_os_map_memory() instead of ioremap() in einj driver
  ACPI, APEI, EINJ, cleanup 0 vs NULL confusion
  ACPI, APEI, EINJ Allow empty Trigger Error Action Table
  thermal: Rename generate_netlink_event
  ACPI / PM: Add Sony Vaio VPCCW29FX to nonvs blacklist.
  ACPI: Remove ./drivers/acpi/atomicio.[ch]
  ACPI, APEI: Add RAM mapping support to ACPI
  ACPI, APEI: Add 64-bit read/write support for APEI on i386
  ACPI processor hotplug: Delay acpi_processor_start() call for hotplugged cores
  ACPI processor hotplug: Split up acpi_processor_add
2012-01-24 22:05:44 -08:00
Linus Torvalds a86b4ad6da Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc:
  powerpc: Fix build on some non-freescale platforms
  powerpc/powernv: Fix PCI resource handling
  powerpc/crash: Fix build error without SMP
  powerpc/cpuidle: Make it a bool, not a tristate
  powerpc/85xx: Add dr_mode property in USB nodes
  powerpc/85xx: Enable USB2 controller node for P1020RDB
  powerpc/85xx: Fix cmd12 bug and add the chip compatible for eSDHC
  arch/powerpc/sysdev/fsl_pci.c: add missing iounmap
  powerpc: fix compile error with 85xx/p1022_ds.c
2012-01-24 21:17:51 -08:00
Benjamin Herrenschmidt 3493c85366 powerpc: Fix build on some non-freescale platforms
Commit 9deaa53ac7 broke build
on platforms that use legacy_serial.c without also having
CONFIG_SERIAL_8250_FSL enabled due to an unconditional code
to a routine in that module.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
2012-01-25 13:33:22 +11:00
Benjamin Herrenschmidt f7ea82beb2 powerpc/powernv: Fix PCI resource handling
Recent changes to the handling of PCI resources for host bridges
are breaking the PowerNV code for assigning resources on IODA.

The root of the problem is that the pci_bus attached to a host
bridge no longer has its "legacy" resource pointers populated
but only uses the newer list instead.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
2012-01-25 13:32:00 +11:00
Linus Torvalds 701b259f44 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Davem says:

1) Fix JIT code generation on x86-64 for divide by zero, from Eric Dumazet.

2) tg3 header length computation correction from Eric Dumazet.

3) More build and reference counting fixes for socket memory cgroup
   code from Glauber Costa.

4) module.h snuck back into a core header after all the hard work we
   did to remove that, from Paul Gortmaker and Jesper Dangaard Brouer.

5) Fix PHY naming regression and add some new PCI IDs in stmmac, from
   Alessandro Rubini.

6) Netlink message generation fix in new team driver, should only advertise
   the entries that changed during events, from Jiri Pirko.

7) SRIOV VF registration and unregistration fixes, and also add a
   missing PCI ID, from Roopa Prabhu.

8) Fix infinite loop in tx queue flush code of brcmsmac, from Stanislaw Gruszka.

9) ftgmac100/ftmac100 build fix, missing interrupt.h include.

10) Memory leak fix in net/hyperv do_set_mutlicast() handling, from Wei Yongjun.

11) Off by one fix in netem packet scheduler, from Vijay Subramanian.

12) TCP loss detection fix from Yuchung Cheng.

13) TCP reset packet MD5 calculation uses wrong address, fix from Shawn Lu.

14) skge carrier assertion and DMA mapping fixes from Stephen Hemminger.

15) Congestion recovery undo performed at the wrong spot in BIC and CUBIC
    congestion control modules, fix from Neal Cardwell.

16) Ethtool ETHTOOL_GSSET_INFO is unnecessarily restrictive, from Michał Mirosław.

17) Fix triggerable race in ipv6 sysctl handling, from Francesco Ruggeri.

18) Statistics bug fixes in mlx4 from Eugenia Emantayev.

19) rds locking bug fix during info dumps, from your's truly.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (67 commits)
  rds: Make rds_sock_lock BH rather than IRQ safe.
  netprio_cgroup.h: dont include module.h from other includes
  net: flow_dissector.c missing include linux/export.h
  team: send only changed options/ports via netlink
  net/hyperv: fix possible memory leak in do_set_multicast()
  drivers/net: dsa/mv88e6xxx.c files need linux/module.h
  stmmac: added PCI identifiers
  llc: Fix race condition in llc_ui_recvmsg
  stmmac: fix phy naming inconsistency
  dsa: Add reporting of silicon revision for Marvell 88E6123/88E6161/88E6165 switches.
  tg3: fix ipv6 header length computation
  skge: add byte queue limit support
  mv643xx_eth: Add Rx Discard and Rx Overrun statistics
  bnx2x: fix compilation error with SOE in fw_dump
  bnx2x: handle CHIP_REVISION during init_one
  bnx2x: allow user to change ring size in ISCSI SD mode
  bnx2x: fix Big-Endianess in ethtool -t
  bnx2x: fixed ethtool statistics for MF modes
  bnx2x: credit-leakage fixup on vlan_mac_del_all
  macvlan: fix a possible use after free
  ...
2012-01-24 15:51:40 -08:00
Christian Kujau 897e01a08c powerpc/crash: Fix build error without SMP
I could not find cpus_in_crash anywhere in the sourcetree, except for
arch/powerpc/kernel/crash.c. Moving the definition into the CONFIG_SMP
fixes it.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
2012-01-25 09:47:45 +11:00
Deepthi Dharwar f7aa554510 powerpc/cpuidle: Make it a bool, not a tristate
As pointed out, asm/system.h has empty inline implementations for
update_smt_snooze_delay and pseries_notify_cpuidle_add_cpu, which are
used when CONFIG_PSERIES_IDLE is undefined. Since those two functions
are used in core power architecture functions (store_smt_snooze_delay
at kernel/sysfs.c and smp_xics_setup_cpu at platforms/pseries/smp.c),

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
2012-01-25 09:43:06 +11:00
Benjamin Herrenschmidt 407a362f94 Merge remote-tracking branch 'kumar/merge' into merge 2012-01-25 09:40:34 +11:00
David S. Miller efc3dbc374 rds: Make rds_sock_lock BH rather than IRQ safe.
rds_sock_info() triggers locking warnings because we try to perform a
local_bh_enable() (via sock_i_ino()) while hardware interrupts are
disabled (via taking rds_sock_lock).

There is no reason for rds_sock_lock to be a hardware IRQ disabling
lock, none of these access paths run in hardware interrupt context.

Therefore making it a BH disabling lock is safe and sufficient to
fix this bug.

Reported-by: Kumar Sanghvi <kumaras@chelsio.com>
Reported-by: Josh Boyer <jwboyer@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-24 17:03:44 -05:00
Paul Gortmaker 36a1211970 netprio_cgroup.h: dont include module.h from other includes
A considerable effort was invested in wiping out module.h
from being present in all the other standard includes.  This
one leaked back in, but once again isn't strictly necessary,
so remove it.

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-24 16:42:26 -05:00
Daniel Vetter 48467a9221 drm/i915: debugfs: show semaphore registers also on gen7
Corresponding changes to improve our error_state are pending
some other patches to clean up things first.

Signed-Off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Reviewed-by: Eugeni Dodonov <eugeni.dodonov@intel.com>
Reviewed-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
2012-01-24 13:30:26 -08:00
Daniel Vetter 075edca43b drm/i915: allow userspace forcewake references also on gen7
We need this to correctly access registers in the gt power well from
userspace.

Signed-Off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Reviewed-by: Eugeni Dodonov <eugeni.dodonov@intel.com>
Reviewed-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Keith Packard <keithp@keithp.com>
2012-01-24 13:29:25 -08:00
Eric Anholt 04115a9dee drm/i915: Re-enable gen7 RC6 and GPU turbo after resume.
Signed-off-by: Eric Anholt <eric@anholt.net>
Cc: stable@vger.kernel.org
Reviewed-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Eugeni Dodonov <eugeni.dodonov@intel.com>
Reviewed-by: Kenneth Graunke <kenneth@whitecape.org>
Signed-off-by: Keith Packard <keithp@keithp.com>
2012-01-24 13:25:10 -08:00
Eric Anholt fff24e21e1 drm/i915: Correct debugfs printout for RC1e.
We had two things in a row claiming to be RC6.

Signed-off-by: Eric Anholt <eric@anholt.net>
Reviewed-by: Keith Packard <keithp@keithp.com>
Reviewed-by: Ben Widawsky <ben@bwidawsk.net>
Reviewed-by: Eugeni Dodonov <eugeni.dodonov@intel.com>
Reviewed-by: Kenneth Graunke <kenneth@whitecape.org>
Signed-off-by: Keith Packard <keithp@keithp.com>
2012-01-24 13:23:11 -08:00
Jesper Dangaard Brouer c452ed7077 net: flow_dissector.c missing include linux/export.h
The file net/core/flow_dissector.c seems to be missing
including linux/export.h.

Signed-off-by: Jesper Dangaard Brouer <hawk@comx.dk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-24 16:03:33 -05:00
Jiri Pirko b82b9183d4 team: send only changed options/ports via netlink
This patch changes event message behaviour to send only updated records
instead of whole list. This fixes bug on which userspace receives non-actual
data in case multiple events occur in row.

Signed-off-by: Jiri Pirko <jpirko@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-24 15:51:00 -05:00
Wei Yongjun c11bf1c8ba net/hyperv: fix possible memory leak in do_set_multicast()
do_set_multicast() may not free the memory malloc in
netvsc_set_multicast_list().

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: Haiyang Zhang <haiyangz@microsoft.com>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-24 15:47:47 -05:00
Paul Gortmaker 2bbba277a5 drivers/net: dsa/mv88e6xxx.c files need linux/module.h
An implicit instance of module.h leaked back into existence
and was masking the fact that these drivers weren't calling
out the include for itself.  Fix the drivers before we remove
the implicit include path via net/netprio_cgroup.h file.

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-24 15:44:50 -05:00
Alessandro Rubini 5437f4b257 stmmac: added PCI identifiers
STM has a device ID within its own VENDOR space, and it is being
used in the STA2X11 I/O Hub.

Signed-off-by: Alessandro Rubini <rubini@gnudd.com>
Acked-by: Giancarlo Asnaghi <giancarlo.asnaghi@st.com>
Acked-by: Giuseppe Cavallaro <peppe.cavallaro@st.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-24 15:44:20 -05:00
Radu Iliescu 56ac11cf2f llc: Fix race condition in llc_ui_recvmsg
There is a race on sk_receive_queue between llc_ui_recvmsg and
sock_queue_rcv_skb.

Our current solution is to protect skb_eat in llc_ui_recvmsg
with the queue spinlock.

Signed-off-by: Radu Iliescu <riliescu@ixiacom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-24 15:33:19 -05:00
Alessandro Rubini 90b9a5454f stmmac: fix phy naming inconsistency
After commit "db8857b stmmac: use an unique MDIO bus name" my
device stopped being probed because two different names were being
used in different places. This fixes the inconsistency.

Signed-off-by: Alessandro Rubini <rubini@gnudd.com>
Acked-by: Giancarlo Asnaghi <giancarlo.asnaghi@st.com>
Cc: Giuseppe Cavallaro <peppe.cavallaro@st.com>
Cc: Florian Fainelli <florian@openwrt.org>
Acked-by: Florian Fainelli <florian@openwrt.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-24 15:29:42 -05:00
Linus Torvalds d2346963bf Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs:
  quota: Pass information that quota is stored in system file to userspace
  ext2: protect inode changes in the SETVERSION and SETFLAGS ioctls
  jbd: Issue cache flush after checkpointing
2012-01-24 12:12:40 -08:00
Mark Brown 4a7cbb56fd regulator: Fix documentation for of_node parameter of regulator_register()
Commit 5bc75a8863 ("kernel-doc: fix new warning in regulator core")
added documentation for of_node to address a warning but the
documentation didn't explain what the parameter is for so would be
likely to be unhelpful for users.  Clarify that.

Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-01-24 10:40:06 -08:00
Linus Torvalds 3496d9d6e6 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ALSA: hda - Fix silent outputs from docking-station jacks of Dell laptops
  ALSA: HDA: Use model=auto for Thinkpad T510
  ALSA: hda - Fix buffer-alignment regression with Nvidia HDMI
  ALSA: hda - Fix a unused variable warning
  snd-hda-intel: better Alienware M17x R3 quirk
  ALSA: hda/realtek - Remove use_jack_tbl field
  ALSA: hda/realtek - Avoid conflict of unsol-events with static quirks
  ALSA: hda/realtek - Avoid multi-ios conflicting with multi-speakers
2012-01-24 10:25:29 -08:00
Alan Cox e912b6d27c gma500: Fix shmem mapping
GMA500 did it the old way and it's been on the TODO list to fix.
Current kernels now blow up if we use the old way so we'd better
do the work!

Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-01-24 10:25:03 -08:00
Alan Cox 15b63d3526 gma500: Fix shmem mapping
GMA500 did it the old way and it's been on the TODO list to fix. Current kernels
now blow up if we use the old way so we'd better do the work !

Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-24 17:35:53 +00:00
Alex Deucher 9aa59993e2 drm/radeon/kms: refine TMDS dual link checks
HDMI 1.3 defines single link clocks up to 340 Mhz.
Refine the current dual link checks to only enable
dual link for DVI > 165 Mhz or HDMI > 340 Mhz if the
hw supports HDMI 1.3 (DCE3+).

Fixes:
https://bugs.freedesktop.org/show_bug.cgi?id=44755

Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-24 17:35:52 +00:00
Alex Deucher 27d9cc8428 drm/radeon/kms: use drm_detect_hdmi_monitor for picking encoder mode
We were previously just checking for audio.

Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-24 17:35:52 +00:00
Alex Deucher 3a47824d85 drm/radeon/kms: rework modeset sequence for DCE41 and DCE5
dig transmitter control table only has ENABLE/DISABLE actions
on DCE4.1/DCE5.

Fixes:
https://bugs.freedesktop.org/show_bug.cgi?id=44955

Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-24 17:35:51 +00:00
Alex Deucher 386d4d751e drm/radeon/kms: move panel mode setup into encoder mode set
Needs to happen earlier in the mode set.

Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-24 17:35:50 +00:00
Alex Deucher 3fa47d9efa drm/radeon/kms: move disp eng pll setup to init path
We really only need to set it up once on init or resume
rather than on every mode set.

Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-24 17:35:49 +00:00
Igor Murzov 211fa4fc4e drm/radeon: finish getting bios earlier
Return a number of bytes read in radeon_atrm_get_bios_chunk() and
properly check this value in radeon_atrm_get_bios().
If radeon_atrm_get_bios_chunk() read less bytes then were requested,
it means that it finished reading bios data.

Prior to this patch, condition in radeon_atrm_get_bios() was always
equivalent to "if (ATRM_BIOS_PAGE <= 0)", so it was always false,
thus radeon_atrm_get_bios() was trying to read past the bios data
wasting boot time.

On my lenovo ideapad u455 laptop this patch drops bios reading time
from ~5.5s to ~1.5s.

Signed-off-by: Igor Murzov <e-mail@date.by>
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-24 17:34:32 +00:00
Igor Murzov a3f83ab1a7 drm/radeon: fix invalid memory access in radeon_atrm_get_bios()
At a boot time I observed following bug:

 BUG: unable to handle kernel paging request at ffff8800a4244000
 IP: [<ffffffff81275b5b>] memcpy+0xb/0x120
 PGD 1816063 PUD 1fe7d067 PMD 1ff9f067 PTE 80000000a4244160
 Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
 CPU 0
 Modules linked in: btusb bluetooth brcmsmac brcmutil crc8 cordic b43 radeon(+)
  mac80211 cfg80211 ttm ohci_hcd drm_kms_helper rfkill drm ssb agpgart mmc_core
  sp5100_tco video battery ac thermal processor rtc_cmos thermal_sys snd_hda_codec_hdmi
  joydev snd_hda_codec_conexant button bcma pcmcia snd_hda_intel snd_hda_codec
  snd_hwdep snd_pcm shpchp pcmcia_core k8temp snd_timer atl1c snd psmouse hwmon
  i2c_piix4 i2c_algo_bit soundcore evdev i2c_core ehci_hcd sg serio_raw snd_page_alloc
  loop btrfs

 Pid: 1008, comm: modprobe Not tainted 3.3.0-rc1 #21 LENOVO 20046                           /AMD CRB
 RIP: 0010:[<ffffffff81275b5b>]  [<ffffffff81275b5b>] memcpy+0xb/0x120
 RSP: 0018:ffff8800aa72db00  EFLAGS: 00010246
 RAX: ffff8800a4150000 RBX: 0000000000001000 RCX: 0000000000000087
 RDX: 0000000000000000 RSI: ffff8800a4244000 RDI: ffff8800a4150bc8
 RBP: ffff8800aa72db78 R08: 0000000000000010 R09: ffffffff8174bbec
 R10: ffffffff812ee010 R11: 0000000000000001 R12: 0000000000001000
 R13: 0000000000010000 R14: ffff8800a4140000 R15: ffff8800aaba1800
 FS:  00007ff9a3bd4720(0000) GS:ffff8800afa00000(0000) knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
 CR2: ffff8800a4244000 CR3: 00000000a9c18000 CR4: 00000000000006f0
 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
 Process modprobe (pid: 1008, threadinfo ffff8800aa72c000, task ffff8800aa0e4000)
 Stack:
  ffffffffa04e7c7b 0000000000000001 0000000000010000 ffff8800aa72db28
  ffffffff00000001 0000000000001000 ffffffff8113cbef 0000000000000020
  ffff8800a4243420 ffff880000000002 ffff8800aa72db08 ffff8800a9d42000
 Call Trace:
  [<ffffffffa04e7c7b>] ? radeon_atrm_get_bios_chunk+0x8b/0xd0 [radeon]
  [<ffffffff8113cbef>] ? kmalloc_order_trace+0x3f/0xb0
  [<ffffffffa04a9298>] radeon_get_bios+0x68/0x2f0 [radeon]
  [<ffffffffa04c7a30>] rv770_init+0x40/0x280 [radeon]
  [<ffffffffa047d740>] radeon_device_init+0x560/0x600 [radeon]
  [<ffffffffa047ef4f>] radeon_driver_load_kms+0xaf/0x170 [radeon]
  [<ffffffffa043cdde>] drm_get_pci_dev+0x18e/0x2c0 [drm]
  [<ffffffffa04e7e95>] radeon_pci_probe+0xad/0xb5 [radeon]
  [<ffffffff81296c5f>] local_pci_probe+0x5f/0xd0
  [<ffffffff81297418>] pci_device_probe+0x88/0xb0
  [<ffffffff813417aa>] ? driver_sysfs_add+0x7a/0xb0
  [<ffffffff813418d8>] really_probe+0x68/0x180
  [<ffffffff81341be5>] driver_probe_device+0x45/0x70
  [<ffffffff81341cb3>] __driver_attach+0xa3/0xb0
  [<ffffffff81341c10>] ? driver_probe_device+0x70/0x70
  [<ffffffff813400ce>] bus_for_each_dev+0x5e/0x90
  [<ffffffff8134172e>] driver_attach+0x1e/0x20
  [<ffffffff81341298>] bus_add_driver+0xc8/0x280
  [<ffffffff813422c6>] driver_register+0x76/0x140
  [<ffffffff812976d6>] __pci_register_driver+0x66/0xe0
  [<ffffffffa043d021>] drm_pci_init+0x111/0x120 [drm]
  [<ffffffff8133c67a>] ? vga_switcheroo_register_handler+0x3a/0x60
  [<ffffffffa0229000>] ? 0xffffffffa0228fff
  [<ffffffffa02290ec>] radeon_init+0xec/0xee [radeon]
  [<ffffffff810002f2>] do_one_initcall+0x42/0x180
  [<ffffffff8109d8d2>] sys_init_module+0x92/0x1e0
  [<ffffffff815407a9>] system_call_fastpath+0x16/0x1b
 Code: 58 2a 43 50 88 43 4e 48 83 c4 08 5b c9 c3 66 90 e8 cb fd ff ff eb
  e6 90 90 90 90 90 90 90 90 90 48 89 f8 89 d1 c1 e9 03 83 e2 07 <f3> 48
  a5 89 d1 f3 a4 c3 20 48 83 ea 20 4c 8b 06 4c 8b 4e 08 4c
 RIP  [<ffffffff81275b5b>] memcpy+0xb/0x120
  RSP <ffff8800aa72db00>
 CR2: ffff8800a4244000
 ---[ end trace fcffa1599cf56382 ]---

Call to acpi_evaluate_object() not always returns 4096 bytes chunks,
on my system it can return 2048 bytes chunk, so pass the length of
retrieved chunk to memcpy(), not the length of the recieving buffer.

Signed-off-by: Igor Murzov <e-mail@date.by>
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
2012-01-24 17:34:02 +00:00
Jesper Juhl 769fab2a41 ALSA: Fix memory leak on error in snd_compr_set_params()
If copy_from_user() does not return 0 we'll leak the memory we
allocated for 'params' when that variable goes out of scope.

Also a small CodingStyle cleanup: Use braces on both branches of
if/else when one branch needs it.

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Acked-by: Vinod Koul <vinod.koul@linux.intel.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2012-01-24 15:29:32 +01:00
Raymond Yau 4d20bb1d5f ALSA: ymfpci - Don't create invalid PCM & mixers when AC97 doesn't support
- check SDAC bit of AC97 primary codec when create "rear" device 3,
  "4ch" device 2 and "4ch Duplication" switch as the card need a four channels
  AC97 codec to support surround40.

Signed-off-by: Raymond Yau <superquad.vortex2@gmail.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2012-01-24 15:28:05 +01:00
Jesper Juhl c83f1d7e71 ASoC: wm2000: Fix use-after-free - don't release_firmware() twice on error
In wm2000_i2c_probe(), if we take the true branch in

"
  ret = snd_soc_register_codec(&i2c->dev, &soc_codec_dev_wm2000,
                               NULL, 0);
  if (ret != 0)
          goto err_fw;
"

then we'll release_firmware(fw) at the 'err_fw' label. But we've already
done that just a few lines above. That's a use-after-free bug.

This patch restructures the code so that we always call
release_firmware(fw) before leaving the function, but only ever call
it once.
This means that we have to initialize 'fw' to NULL since some paths
may now end up calling it without having called request_firmware(),
but since request_firmware() deals gracefully with NULL pointers, we
are fine if we just NULL initialize it.

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
2012-01-24 11:34:19 +00:00
Stephen Rothwell c1aab02dac migrate_mode.h is not exported to user mode
so move its include into fs.h inside the __KERNEL__ protection.

Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-01-23 17:17:45 -08:00