With commit ab144f5ec6 the patching code
now collects the complete new instruction stream into a temp buffer
before finally patching in the new insns. In some cases the paravirt
patchers will choose to leave the patch site unpatched (length mismatch,
clobbers mismatch, etc).
This causes the new patching code to copy an uninitialized temp buffer,
i.e. garbage, to the callsite. Simply make sure to always initialize
the buffer with the original instruction stream. A better fix is to
audit all the patchers and return proper length so that apply_paravirt()
can skip copies when we leave the patch site untouched.
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Very old 64bit binutils have .cfi_startproc/endproc, but
no .cfi_rel_offset. Check for .cfi_rel_offset too.
Cc: Jan Beulich <jbeulich@novell.com>
Cc: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Very old binutils (2.12.90...) seem to have trouble with newlines
in assembler macro invocation. They put them into the resulting
argument expansion. In this case this lead to a parse error because
a .rept expression ended up spread over multiple lines. Change the PMDS()
invocation to a single line.
Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Fixed wrong expression which enabled watchdogs even if nmi_watchdog kernel
parameter wasn't set. This regression got slightly introduced with commit
b7471c6da9.
Introduced NMI_DISABLED (-1) which allows to switch the value of NMI_DEFAULT
without breaking the APIC NMI watchdog code (again).
Fixes:
https://bugzilla.novell.com/show_bug.cgi?id=298084http://bugzilla.kernel.org/show_bug.cgi?id=7839
And likely some more nmi_watchdog=0 related issues.
Signed-off-by: Daniel Gollub <dgollub@suse.de>
Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This should fix an oops with PCMCIA PATA devices
http://bugzilla.kernel.org/show_bug.cgi?id=8424
This is not a full fix for the problem, but probably
still the right thing to do.
[ I'm almost certain it's *not* the right thing to do, but it avoids an
oops, and I want comments from others on what the right thing would
actually be.. I suspect we should just remove the use of dma_mask
entirely in this function, and just use coherent_dma_mask. - Linus ]
Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
If the forcedeth driver receives too much work in an interrupt, it
assumes it has a broken hardware with stuck IRQ. It works around the
problem by disabling interrupts on the nic but makes a printk while
holding device spinlog - which isn't smart thing to do if you have
netconsole on the same nic.
This patch moves the printk's out of the spinlock protected area.
Without this patch the machine hangs hard. With this patch everything
still works even when there is significant increase on CPU usage while
using the nic.
Signed-off-by: Timo Jantunen <jeti@iki.fi>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Use cpu_relax() in the busy loops, as atomic_read() doesn't automatically
imply volatility for i386 and x86_64. x86_64 doesn't have this issue because
it open-codes the while loop in smpboot.c:smp_callin() itself that already
uses cpu_relax().
For i386, however, smpboot.c:smp_callin() calls wait_for_init_deassert()
which is buggy for mach-default and mach-es7000 cases.
[ I test-built a kernel -- smp_callin() itself got inlined in its only
callsite, smpboot.c:start_secondary() -- and the relevant piece of
code disassembles to the following:
0xc1019704 <start_secondary+12>: mov 0xc144c4c8,%eax
0xc1019709 <start_secondary+17>: test %eax,%eax
0xc101970b <start_secondary+19>: je 0xc1019709 <start_secondary+17>
init_deasserted (at 0xc144c4c8) gets fetched into %eax only once and
then we loop over the test of the stale value in the register only,
so these look like real bugs to me. With the fix below, this becomes:
0xc1019706 <start_secondary+14>: pause
0xc1019708 <start_secondary+16>: cmpl $0x0,0xc144c4c8
0xc101970f <start_secondary+23>: je 0xc1019706 <start_secondary+14>
which looks nice and healthy. ]
Thanks to Heiko Carstens for noticing this.
Signed-off-by: Satyam Sharma <satyam@infradead.org>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
The lguest block device only requests one minor, which means
partitions don't work (eg "root=/dev/lgba1").
Let's follow the crowd and ask for 16.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6:
Cross-compilation between e.g. i386 -> 64bit could break -> work around it
[IA64] Enable early console for Ski simulator
[IA64] forbid ptrace changes psr.ri to 3
[IA64] Failure to grow RBS
[IA64] Fix processor_get_freq
[IA64] SGI Altix : fix a force_interrupt bug on altix
[IA64] Update arch/ia64/configs/* s/SLAB/SLUB/
[IA64] get back PT_IA_64_UNWIND program header
[IA64] need NOTES in vmlinux.lds.S
[IA64] make unwinder stop at last frame of the bootloader
[IA64] Clean up CPE handler registration
[IA64] Include Kconfig.preempt
[IA64] SN2 needs platform specific irq_to_vector() function.
[IA64] Use atomic64_read to read an atomic64_t.
[IA64] disable irq's and check need_resched before safe_halt
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband:
IB/mlx4: Incorrect semicolon after if statement
mlx4_core: Wait 1 second after reset before accessing device
IPoIB: Fix leak in ipoib_transport_dev_init() error path
IB/mlx4: Fix opcode returned in RDMA read completion
IB/srp: Add OUI for new Cisco targets
IB/srp: Wrap OUI checking for workarounds in helper functions
RDMA/cxgb3: Always call low level send function via cxgb3_ofld_send()
IB: Move the macro IB_UMEM_MAX_PAGE_CHUNK() to umem.c
IB: Include <linux/list.h> and <linux/rwsem.h> from <rdma/ib_verbs.h>
IB: Include <linux/list.h> from <rdma/ib_mad.h>
IB/mad: Fix address handle leak in mad_rmpp
IB/mad: agent_send_response() should be void
IB/mad: Fix memory leak in switch handling in ib_mad_recv_done_handler()
IB/mad: Fix error path if response alloc fails in ib_mad_recv_done_handler()
IB/sa: Don't need to check for default P_Key twice
IB/core: Ignore membership bit in ib_find_pkey()
* 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6:
[MATH-EMU]: Fix underflow exception reporting.
[SPARC64]: Create a HWCAP_SPARC_N2 and report it to userspace on Niagara-2.
[SPARC64]: SMP trampoline needs to avoid %tick_cmpr on sun4v too.
[SPARC64]: Do not touch %tick_cmpr on sun4v cpus.
[SPARC64]: Niagara-2 optimized copies.
[SPARC64]: Allow userspace to get at the machine description.
[SPARC32]: Remove superfluous 'kernel_end' alignment on sun4c.
[SPARC32]: Fix bogus ramdisk image location check.
[SPARC32]: Remove iommu from struct sbus_bus and use archdata like sparc64.
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc:
[POWERPC] Fix invalid semicolon after if statement
[POWERPC] ps3: Fix no storage devices found
[POWERPC] Fix for assembler -g
[POWERPC] Fix small race in 44x tlbie function
[POWERPC] Remove unused code causing a compile warning
[POWERPC] cell: Fix errno for modular spufs_create with invalid neighbour
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/hpa/linux-2.6-x86setup:
[x86 setup] edd.c: make sure MBR signatures actually get reported
[x86 setup] Don't use EDD to get the MBR signature
[x86 setup] The current display page is returned in %bh, not %bl
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6:
[CIFS] Check return code on failed alloc
[CIFS] Update CIFS project web site
[CIFS] Fix hang in find_writable_file
This fixes a vulnerability in the "parent process death signal"
implementation discoverd by Wojciech Purczynski of COSEINC PTE Ltd.
and iSEC Security Research.
http://marc.info/?l=bugtraq&m=118711306802632&w=2
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Adrian Bunk: scripts/mod/file2alias.c is compiled with HOSTCC and ensures that
kernel_ulong_t is correct, but it can't cope with different padding on
different architectures.
Signed-off-by: Thomas Renninger <trenn@suse.de>
Signed-off-by: Tony Luck <tony.luck@intel.com>
When using Ski to debug early startup, it's a bit of a pain not to
have printk.
This patch enables the simulated console very early.
It may be worth conditionalising on the command line... but this is
enough for now.
Signed-off-by: Peter Chubb <peterc@gelato.unsw.edu.au>
Signed-off-by: Tony Luck <tony.luck@intel.com>
The "ri" field in the processor status register only has defined
values of 0, 1, 2. Do not let ptrace set this to 3. As with
other reserved fields in registers we silently discard the value.
Signed-off-by: Shaohua Li <shaohua.li@intel.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
CC arch/powerpc/sysdev/commproc.o
arch/powerpc/sysdev/fsl_soc.c: In function fsl_pcmcia_of_init:
arch/powerpc/sysdev/fsl_soc.c:1109: error: implicit declaration of function of_platform_device_create
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
Reserved MCSR bits on FSL BookE parts may have spurious values
when mcheck occurs. Mask these off when printing the MCSR to
avoid confusion. Also, get rid of the MCSR_GL_CI bit defined
for e500 - this bit doesn't actually have any meaning.
Signed-off-by: Becky Bruce <becky.bruce@freescale.com>
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
The interrupt routing in the device trees for the ULI M1575 was
inproperly using the interrupt line field as pci function. Fixed
up the device tree's to actual conform for to specification and
changed the interrupt mapping code so it just uses a static mapping
setup as follows:
PIRQA - IRQ9
PIRQB - IRQ10
PIRQC - IRQ11
PIRQD - IRQ12
USB 1.1 OCHI (1c.0) - IRQ12
USB 1.1 OCHI (1c.1) - IRQ9
USB 1.1 OCHI (1c.2) - IRQ10
USB 1.1 ECHI (1c.3) - IRQ11
LAN (1b.0) - IRQ6
AC97 (1d.0) - IRQ6
Modem (1d.1) - IRQ6
HD Audio (1d.2) - IRQ6
SATA (1f.1) - IRQ5
SMB (1e.1) - IRQ7
PMU (1e.2) - IRQ7
PATA (1f.0) - IRQ14/15
Took the oppurtunity to refactor the code into a single file so we
don't have to duplicate these fixes on the two current boards in the
tree and several forth coming boards that will also need the code.
Fixed RTC support that requires a dummy memory read on the P2P bridge
to unlock the RTC and setup the default of the RTC alarm registers to
match with a basic x86 style CMOS RTC.
Moved code that poked ISA registers to a FIXUP_FINAL quirk to ensure
the PCI IO space has been setup properly before we start poking ISA
registers at random locations.
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
The RTC CMOS driver expects the interrupt to be a resource of the platform
device. Use a fixed interrupt value of 8 since on PPC if we are using this
its off an i8259 which we ensure has interrupt numbers 0..15.
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
The underflow exception cases were wrong.
This is one weird area of ieee1754 handling in that the underflow
behavior changes based upon whether underflow is enabled in the trap
enable mask of the FPU control register. As a specific case the Sparc
V9 manual gives us the following description:
--------------------
If UFM = 0: Underflow occurs if a nonzero result is tiny and a
loss of accuracy occurs. Tininess may be detected
before or after rounding. Loss of accuracy may be
either a denormalization loss or an inexact result.
If UFM = 1: Underflow occurs if a nonzero result is tiny.
Tininess may be detected before or after rounding.
--------------------
What this amounts to in the packing case is if we go subnormal,
we set underflow if any of the following are true:
1) rounding sets inexact
2) we ended up rounding back up to normal (this is the case where
we set the exponent to 1 and set the fraction to zero), this
should set inexact too
3) underflow is set in FPU control register trap-enable mask
The initially discovered example was "DBL_MIN / 16.0" which
incorrectly generated an underflow. It should not, unless underflow
is set in the trap-enable mask of the FPU csr.
Another example, "0x0.0000000000001p-1022 / 16.0", should signal both
inexact and underflow. The cpu implementations and ieee1754
literature is very clear about this. This is case #2 above.
However, if underflow is set in the trap enable mask, only underflow
should be set and reported as a trap. That is handled properly by the
prioritization logic in
arch/sparc{,64}/math-emu/math.c:record_exception().
Based upon a report and test case from Jakub Jelinek.
Signed-off-by: David S. Miller <davem@davemloft.net>
A similar fix to netfilter from Eric Dumazet inspired me to
look around a bit by using some grep/sed stuff as looking for
this kind of bugs seemed easy to automate. This is one of them
I found where it looks like this semicolon is not valid.
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Paul Mackerras <paulus@samba.org>
There is a bug in the ia64_do_page_fault code that can cause a failure
to grow the register backing store, or any mapping that is marked as
VM_GROWSUP if the mapping is the highest mapped area of memory.
When the address accessed is below the first mapping the previous mapping
is returned as NULL, and this case is handled. However, when the address
accessed is above the highest mapping the vma returned is NULL, this
case is not handled correctly, and it fails to spot that this access
might require an existing mapping to grow upwards.
Signed-off-by: Andrew Burgess <andrew@transitive.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
It seems we have gained an extraneous trailing ';' on one of the
wait loops in scif_sercon_putc(). Although this is completely
benign as the apparent payload is also the empty statement, it
invites error in the future. Clean it up now.
Signed-off-by: Andy Whitcroft <apw@shadowen.org>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Corrects an error code so that it is valid to pass to userspace.
Signed-off-by: Steve Grubb <linux_4ever@yahoo.com>
Signed-off-by: James Morris <jmorris@halo.namei>
This register is not a part of the sun4v architecture.
Niagara 1 and 2 happened to leave it around.
Signed-off-by: David S. Miller <davem@davemloft.net>
Like the OF device tree, it's useful to let userland get
at the machine description so it can pretty print the
graph etc.
The implementation is a simple MISC device with a read method.
Signed-off-by: David S. Miller <davem@davemloft.net>
A stray semicolon makes us inadvertently ignore the value of err.
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
A similar fix to netfilter from Eric Dumazet inspired me to
look around a bit by using some grep/sed stuff as looking for
this kind of bugs seemed easy to automate. This is one of them
I found where it looks like this semicolon is not valid.
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
The recent RCU work created an unbalanced rcu_read_unlock
in __sock_create. This patch fixes that. Reported by
oleg 123.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
The core cpufreq code doesn't appear to understand returning -EAGAIN
for the get() function of the cpufreq_driver. If PAL_GET_PSTATE returns
-1, such as when running on Xen, scaling_cur_freq is happy to return
4294967285 kHz (ie. (unsigned)-11). The other drivers appear to return
0 for a failure, and doing so gives me the max frequency from
scaling_cur_frequency and "<unknown>" from cpuinfo_cur_frequency. I
believe that's the desired behavior.
Signed-off-by: Alex Williamson <alex.williamson@hp.com>
Acked-by: Venkatesh Pallipadi <venkatesh.pallipadi@intel.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
Add empty definition of mmiowb() since some drivers need it. Uncached
writes are strongly ordered on AVR32. They may be delayed if the
dcache is busy doing a writeback, but AFAICT that's not what this
macro is supposed to deal with, at least on UP systems.
We might have to revisit this definition when a SMP-capable AVR32 CPU
comes along, depending on how the busses and cache coherency stuff
end up being implemented.
Signed-off-by: Haavard Skinnemoen <hskinnemoen@atmel.com>
The current definition of pte_page() masks out valid bits from the
physical address, causing vmalloc_to_page() to misbehave. This may
lead to everything from mmap() silently accessing the wrong data to
"invalid pte" errors dumped by the kernel.
Also remove the now-unused definition of PTE_PHYS_MASK.
Thanks to Matteo Vit for discovering this bug.
Signed-off-by: Haavard Skinnemoen <hskinnemoen@atmel.com>
There's really no need to retry an allocation with __GFP_REPEAT set.
Also, use get_zeroed_page() and __GFP_ZERO to eliminate the extra call
to clear_page() afterwards.
Signed-off-by: Haavard Skinnemoen <hskinnemoen@atmel.com>