LPC32xx has "Standard" UARTs that are actually 16550A compatible but have
bigger FIFOs. Since the already supported 16X50 line still doesn't match here,
we agreed on adding a new type.
Signed-off-by: Roland Stigge <stigge@antcom.de>
Acked-by: Alan Cox <alan@linux.intel.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Currently, serial drivers don't report buffer overruns. When a buffer overrun
occurs, tty_insert_flip_char returns 0, and no attempt is made to insert that
same character again (i.e. it is lost). This patch reports buffer overruns via
the buf_overrun field in the port's icount structure.
Signed-off-by: Corbin Atkinson <corbin.atkinson@xxxxxx>
Cc: Jiri Slaby <jslaby@suse.cz>
Cc: Alan Cox <alan@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
port->baudclk_rate should be compared to the rate of port->baudclk,
because port->baudclk_rate was assigned as the rate of port->baudclk previously.
So to check that the current baudclk rate is same as previous rate,
the target of comparison sholud be the rate of port->baudclk.
Signed-off-by: Jun-Ho, Yoon <junho78.yoon@samsung.com>
Signed-off-by: Kyoungil Kim <ki0351.kim@samsung.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
- avoid a crash in dm-raid1 when discards coincide with mirror recovery;
- avoid discarding shared data that's still needed in dm-thin;
- don't guarantee that discarded blocks will be wiped in dm-raid1.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJQCV8qAAoJEK2W1qbAHj1niSAP/2K0RkgWvL0hwuaM+us0oh29
XFou6Tb9pH+//QfKOJuClHeSfZFoHYuevvJPtwTqPlHGONE2YXeBtVmyp0k+BS69
xoaQy+OoZFrEbhxyJFrg+lDcxVGRtvo7x9zegeRf++o/skRfRgAjzyLkI8bk4t3v
c3vSDTVBikJXlTxa+J7EQpeW29DBiky+tIHQQx0+98u2VSlaFFP6MdLr1ROeq7yF
+z3kEXk6qzwL9ZHTWuVCvhi7bw4i18UTrH0wxZuUXWRpz+Va5h7w+/zcQbau6D/s
K+BmlAW/fxzZOW4guFU6pCLlVGU4BsJxUXT55UaP4Dx9UuV59EtIPsDb8/Y/pGMX
t9xnC4GmSOjw52pW2VR2gUJwG/c5mJ9g/mdP6twQzcC4JJ+CYg4Q5lH88qzDqceS
VCrW681nIKIVoja5n1adv6gbZax8hlR/z8ElXrqELDmXk7nKBLOLdDVSXzZ9ceX1
RnvtAZE/zrxcslKHw52Sd37c8YRer/fgx3kQxhXd1nb096DgiWvE/taD/ixjWHQX
Eu1KrQIelvw63/BNNTKYRF7xS0dGKsGNaXWln7cMONG28CnrWG/8f+mp+KG73x5e
Fc8yCONHNbqmf95yx1N0MgfYlZFjBBw0+BtqmR7QVcnG3r4SaSug+F72SPb5nN/B
ZBmwNcSBaaC952+5pMZa
=gbLp
-----END PGP SIGNATURE-----
Merge tag 'dm-3.5-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-dm
Pull device-mapper discard fixes from Alasdair G Kergon:
- avoid a crash in dm-raid1 when discards coincide with mirror
recovery;
- avoid discarding shared data that's still needed in dm-thin;
- don't guarantee that discarded blocks will be wiped in dm-raid1.
* tag 'dm-3.5-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/agk/linux-dm:
dm raid1: set discard_zeroes_data_unsupported
dm thin: do not send discards to shared blocks
dm raid1: fix crash with mirror recovery and discard
We can't guarantee that REQ_DISCARD on dm-mirror zeroes the data even if
the underlying disks support zero on discard. So this patch sets
ti->discard_zeroes_data_unsupported.
For example, if the mirror is in the process of resynchronizing, it may
happen that kcopyd reads a piece of data, then discard is sent on the
same area and then kcopyd writes the piece of data to another leg.
Consequently, the data is not zeroed.
The flag was made available by commit 983c7db347
(dm crypt: always disable discard_zeroes_data).
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Cc: stable@kernel.org
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
When process_discard receives a partial discard that doesn't cover a
full block, it sends this discard down to that block. Unfortunately, the
block can be shared and the discard would corrupt the other snapshots
sharing this block.
This patch detects block sharing and ends the discard with success when
sending it to the shared block.
The above change means that if the device supports discard it can't be
guaranteed that a discard request zeroes data. Therefore, we set
ti->discard_zeroes_data_unsupported.
Thin target discard support with this bug arrived in commit
104655fd4d (dm thin: support discards).
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Cc: stable@kernel.org
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
This patch fixes a crash when a discard request is sent during mirror
recovery.
Firstly, some background. Generally, the following sequence happens during
mirror synchronization:
- function do_recovery is called
- do_recovery calls dm_rh_recovery_prepare
- dm_rh_recovery_prepare uses a semaphore to limit the number
simultaneously recovered regions (by default the semaphore value is 1,
so only one region at a time is recovered)
- dm_rh_recovery_prepare calls __rh_recovery_prepare,
__rh_recovery_prepare asks the log driver for the next region to
recover. Then, it sets the region state to DM_RH_RECOVERING. If there
are no pending I/Os on this region, the region is added to
quiesced_regions list. If there are pending I/Os, the region is not
added to any list. It is added to the quiesced_regions list later (by
dm_rh_dec function) when all I/Os finish.
- when the region is on quiesced_regions list, there are no I/Os in
flight on this region. The region is popped from the list in
dm_rh_recovery_start function. Then, a kcopyd job is started in the
recover function.
- when the kcopyd job finishes, recovery_complete is called. It calls
dm_rh_recovery_end. dm_rh_recovery_end adds the region to
recovered_regions or failed_recovered_regions list (depending on
whether the copy operation was successful or not).
The above mechanism assumes that if the region is in DM_RH_RECOVERING
state, no new I/Os are started on this region. When I/O is started,
dm_rh_inc_pending is called, which increases reg->pending count. When
I/O is finished, dm_rh_dec is called. It decreases reg->pending count.
If the count is zero and the region was in DM_RH_RECOVERING state,
dm_rh_dec adds it to the quiesced_regions list.
Consequently, if we call dm_rh_inc_pending/dm_rh_dec while the region is
in DM_RH_RECOVERING state, it could be added to quiesced_regions list
multiple times or it could be added to this list when kcopyd is copying
data (it is assumed that the region is not on any list while kcopyd does
its jobs). This results in memory corruption and crash.
There already exist bypasses for REQ_FLUSH requests: REQ_FLUSH requests
do not belong to any region, so they are always added to the sync list
in do_writes. dm_rh_inc_pending does not increase count for REQ_FLUSH
requests. In mirror_end_io, dm_rh_dec is never called for REQ_FLUSH
requests. These bypasses avoid the crash possibility described above.
These bypasses were improperly implemented for REQ_DISCARD when
the mirror target gained discard support in commit
5fc2ffeabb (dm raid1: support discard).
In do_writes, REQ_DISCARD requests is always added to the sync queue and
immediately dispatched (even if the region is in DM_RH_RECOVERING). However,
dm_rh_inc and dm_rh_dec is called for REQ_DISCARD resusts. So it violates the
rule that no I/Os are started on DM_RH_RECOVERING regions, and causes the list
corruption described above.
This patch changes it so that REQ_DISCARD requests follow the same path
as REQ_FLUSH. This avoids the crash.
Reference: https://bugzilla.redhat.com/837607
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Cc: stable@kernel.org
Signed-off-by: Alasdair G Kergon <agk@redhat.com>
Pull last minute Ceph fixes from Sage Weil:
"The important one fixes a bug in the socket failure handling behavior
that was turned up in some recent failure injection testing. The
other two are minor bug fixes."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client:
rbd: endian bug in rbd_req_cb()
rbd: Fix ceph_snap_context size calculation
libceph: fix messenger retry
One of the bugs was introduced in 3.5-rc1. Others have
been there for longer.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
iQIVAwUAUAeiTznsnt1WYoG5AQLzcRAAqAIBtmGRzTpCTGzfJxF3ciDptQLfDKzx
JDwcKsmD3+70bjkKUsHhu22EK/Fgdi2T7XirjlJTnMZFtwfQFbRBNFe+6AneefzI
fJvTwEOsvgNBEJvEUtp9hboZBZBZBmujdXYuEf9NbSEoK+bOcxtTh6V+CwcCKAEI
ulreMNCBX/e9RRP/ayUsj33TJGvDGEJWmFOoEj/3sZ9soKC3GYFkr5I50FcRhrgh
J78mX64Qf1KCsIG2zwN5w/pE9Nnz5mJ4iBElhl3xQT6nDikhe4AZv2Z51s6UMQ9K
oQSVgJg9IkAH+Vl/IFzvK/4mU1/xnCydA/Q+CEXxLXor0kFnl9XxpSwHhjQTQ/Ag
l5cA+U5RR0wkCS7OGv0mxwY2rfw0wg7I+v9GQu9hg+XyeZTjWC4rU1EiANAWDHiE
eCoUTi4MkwAA5vkL+G7B2I9fXD11eigTPFbiHvm5a3SNzqiKklMQgh7SoonnRZ9L
iL3qfIBwhpQAbAChqTS92WofYvNKTfE6qTrQUfEomgr4EWtr2teiR36shDnfKRCw
vdmL7d+ql9qHbD83NfV7tE08clK4h5MtKDmJtHoOdeeGK1UUI+VmMhQQSHEX3UAW
TduJnL4bhaw5Z4QCrpS5IO5R/mTBX1VRrbzjcJl+Te4HrmRl/ccQKachvn1N597L
ah3SlO5LBy0=
=zpJG
-----END PGP SIGNATURE-----
Merge tag 'md-3.5-fixes' of git://neil.brown.name/md
Pull three md bugfixes from NeilBrown:
"One of the bugs was introduced in 3.5-rc1. Others have been there for
longer."
* tag 'md-3.5-fixes' of git://neil.brown.name/md:
md/raid1: close some possible races on write errors during resync
md: avoid crash when stopping md array races with closing other open fds.
md: fix bug in handling of new_data_offset
Pull HID update from Jiri Kosina:
"A final round of changes for HID for 3.5: just device ID additions."
* 'upstream-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
HID: hid-multitouch: add support for Zytronic panels
HID: add Sennheiser BTD500USB device support
HID: add battery quirk for Apple Wireless ANSI
The strcpy was being used to set the name of the board. Since the
destination char* was read-only and the name is set statically at
compile time; this was both wrong and redundant.
The type of char* is changed to const char* to prevent future errors.
Reported-by: Radek Masin <radek@masin.eu>
Signed-off-by: Ezequiel Garcia <elezegarcia@gmail.com>
[ Taking directly due to vacations - Linus ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
commit 4367af5561
md/raid1: clear bad-block record when write succeeds.
Added a 'reschedule_retry' call possibility at the end of
end_sync_write, but didn't add matching code at the end of
sync_request_write. So if the writes complete very quickly, or
scheduling makes it seem that way, then we can miss rescheduling
the request and the resync could hang.
Also commit 73d5c38a95
md: avoid races when stopping resync.
Fix a race condition in this same code in end_sync_write but didn't
make the change in sync_request_write.
This patch updates sync_request_write to fix both of those.
Patch is suitable for 3.1 and later kernels.
Reported-by: Alexander Lyakas <alex.bolshoy@gmail.com>
Original-version-by: Alexander Lyakas <alex.bolshoy@gmail.com>
Cc: stable@vger.kernel.org
Signed-off-by: NeilBrown <neilb@suse.de>
md will refuse to stop an array if any other fd (or mounted fs) is
using it.
When any fs is unmounted of when the last open fd is closed all
pending IO will be flushed (e.g. sync_blockdev call in __blkdev_put)
so there will be no pending IO to worry about when the array is
stopped.
However in order to send the STOP_ARRAY ioctl to stop the array one
must first get and open fd on the block device.
If some fd is being used to write to the block device and it is closed
after mdadm open the block device, but before mdadm issues the
STOP_ARRAY ioctl, then there will be no last-close on the md device so
__blkdev_put will not call sync_blockdev.
If this happens, then IO can still be in-flight while md tears down
the array and bad things can happen (use-after-free and subsequent
havoc).
So in the case where do_md_stop is being called from an open file
descriptor, call sync_block after taking the mutex to ensure there
will be no new openers.
This is needed when setting a read-write device to read-only too.
Cc: stable@vger.kernel.org
Reported-by: majianpeng <majianpeng@gmail.com>
Signed-off-by: NeilBrown <neilb@suse.de>
commit c6563a8c38
md: add possibility to change data-offset for devices.
introduced a 'new_data_offset' attribute which should normally
be the same as 'data_offset', but can be explicitly set to a different
value to allow a reshape operation to move the data.
Unfortunately when the 'data_offset' is explicitly set through
sysfs, the new_data_offset is not also set, so the two would become
out-of-sync incorrectly.
One result of this is that trying to set the 'size' after the
'data_offset' would fail because it is not permitted to set the size
when the 'data_offset' and 'new_data_offset' are different - as that
can be confusing.
Consequently when mdadm tried to do this while assembling an IMSM
array it would fail.
This bug was introduced in 3.5-rc1.
Reported-by: Brian Downing <bdowning@lavos.net>
Bisected-by: Brian Downing <bdowning@lavos.net>
Tested-by: Brian Downing <bdowning@lavos.net>
Signed-off-by: NeilBrown <neilb@suse.de>
Pull target fixes from Nicholas Bellinger:
"This includes a bugfix from MDR to address a NULL pointer OOPs with
FCoE aborts, along with a WRITE_SAME emulation bugfix for NOLB=0
cases, and persistent reservation return cleanups from Roland.
All three patches are CC'ed to stable."
* git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending:
target: Fix range calculation in WRITE SAME emulation when num blocks == 0
target: Clean up returning errors in PR handling code
tcm_fc: Fix crash seen with aborts and large reads
Commit a7a20d1039 ("sd: limit the scope of the async probe domain")
make the SCSI device probing run device discovery in it's own async
domain.
However, as a result, the partition detection was no longer synchronized
by async_synchronize_full() (which, despite the name, only synchronizes
the global async space, not all of them). Which in turn meant that
"wait_for_device_probe()" would not wait for the SCSI partitions to be
parsed.
And "wait_for_device_probe()" was what the boot time init code relied on
for mounting the root filesystem.
Now, most people never noticed this, because not only is it
timing-dependent, but modern distributions all use initrd. So the root
filesystem isn't actually on a disk at all. And then before they
actually mount the final disk filesystem, they will have loaded the
scsi-wait-scan module, which not only does the expected
wait_for_device_probe(), but also does scsi_complete_async_scans().
[ Side note: scsi_complete_async_scans() had also been partially broken,
but that was fixed in commit 43a8d39d01 ("fix async probe
regression"), so that same commit a7a20d1039 had actually broken
setups even if you used scsi-wait-scan explicitly ]
Solve this problem by just moving the scsi_complete_async_scans() call
into wait_for_device_probe(). Everybody who wants to wait for device
probing to finish really wants the SCSI probing to complete, so there's
no reason not to do this.
So now "wait_for_device_probe()" really does what the name implies, and
properly waits for device probing to finish. This also removes the now
unnecessary extra calls to scsi_complete_async_scans().
Reported-and-tested-by: Artem S. Tashkinov <t.artem@mailcity.com>
Cc: Dan Williams <dan.j.williams@gmail.com>
Cc: Alan Stern <stern@rowland.harvard.edu>
Cc: James Bottomley <jbottomley@parallels.com>
Cc: Borislav Petkov <bp@amd64.org>
Cc: linux-scsi <linux-scsi@vger.kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
The VIDIOC_DV_TIMINGS_CAP ioctl check wasn't added to determine_valid_ioctls().
This caused this ioctl to always return -ENOTTY.
The cause for this was that for 3.5 two patch series were merged, one
changing V4L2 core ioctl handling and one adding new functionality, and
some of the new functionality wasn't handled by the new V4L2 core code.
Signed-off-by: Hans Verkuil <hans.verkuil@cisco.com>
[ Taking it directly due to vacations - Linus ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
These are arriving very late in the release cycle, but there has been
a change of maintainers on the SPEAr platform and they have needed a
while to get going.
The patch count is higher than I would like at this point, but they're
all relevant fixes and well-contained in their own platform code. I still
think it's suitable 3.5 material and I don't think it should increase
the need for a -rc8 since they are so contained.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJQBti2AAoJEIwa5zzehBx3ykIQAIHD8BAfgLXeAESb8dfP3yhv
4Ok0JEqydaF4WNaHA1vsvOUqEVsfXPuR2YxFE3mTNJCexu5XaTt0YEfVC3M+tB37
uE3HTGYffwMwc6ZuWX4LPWFHP2yNEIlW4ExfKKl76hdv1jbfhPezftuxAiQ8l4+j
fj5H9QhlUqEF0s0ZOihmmnsvKuR0/f8utUmMD8rFYofQSN4lOj26o5pfRrWDrmW7
yLxpW01C+SVfwBlvlBW3tVpY5AZ5AxA5C02l8e6+9dRXNIWy88IZXvYRFELI7g3o
vSQ5iKkTXn1r+T4OWvtAECpZA1/NAp49YnXJcI+qYddsrSP/gNwpCS887/kIXaQT
Z0poElua9GBTKykjetkhhnLAHuiJqxZO96hdFcsDFBHUKw8ovDl3vuCQgzE/9yYI
btHh4AnAyQGgLYdJd0xVVuCnbVY1JRyWW5/YIxKR58Zf/NAkBsvSmSX88duP3Iku
5YvnXHGNvvHr5O7QViNWkCZor/0ezQs39grl3008cYHAqnQA6TJqBYLjVANLfc6H
06MwyV0CAx6PMj/QZ3lRLhQFkfXpoJaKcOI5JvQxfj9lWYeticeCZVmCET/3wOng
Acn6QqpHd6TzP/xhUfe7mMuxxubz/DvNK7UgCbmX+YE8fdIXl8vzMBdZLXyekNC5
4iKzKeYvuAeFO5X3yP3K
=cBuT
-----END PGP SIGNATURE-----
Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
Pull ARM SoC fixes for SPEAr from Olof Johansson:
"These are arriving very late in the release cycle, but there has been
a change of maintainers on the SPEAr platform and they have needed a
while to get going.
The patch count is higher than I would like at this point, but they're
all relevant fixes and well-contained in their own platform code. I
still think it's suitable 3.5 material and I don't think it should
increase the need for a -rc8 since they are so contained."
* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
ARM: SPEAr600: Fix timer interrupt definition in spear600.dtsi
ARM: dts: SPEAr320: Boot the board in EXTENDED_MODE
ARM: dts: SPEAr320: Fix compatible string
Clk: SPEAr1340: Update sys clock parent array
clk: SPEAr1340: Fix clk enable register for uart1 and i2c1.
ARM: SPEAr13xx: Fix Interrupt bindings
Clk:spear6xx:Fix: Rename clk ids within predefined limit
Clk:spear3xx:Fix: Rename clk ids within predefined limit
clk:spear1310:Fix: Rename clk ids within predefined limit
clk:spear1340:Fix: Rename clk ids within predefined limit
sys_clk has multiple parents and selection of parent depends on sys_clk_ctrl
register bit no. 23:25, with following possibilities
0XX: pll1_clk
10X: sys_synth_clk
110: pll2_clk
111: pll3_clk
Out of several possibilities (h/w wise) to select same clock parent for
sys_clk, current clock implementation was considering just one value.
When bootloader programmed different (valid) value to select a clock
parent then Linux breaks.
Here, we try to include all possibilities which can lead to same
clock selection thus making Linux independent of bootloader selection
values.
Signed-off-by: Vipul Kumar Samar <vipulkumar.samar@st.com>
Signed-off-by: Shiraz Hashim <shiraz.hashim@st.com>
Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
This patch is to fix typing mistake of clk enable register of i2c1 and
uart1.
Signed-off-by: Vipul Kumar Samar <vipulkumar.samar@st.com>
Signed-off-by: Shiraz Hashim <shiraz.hashim@st.com>
Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
The max limit of con_id is 16 and dev_id is 20. As of now for spear6xx, many clk
ids are exceeding this predefined limit.
This patch is intended to rename clk ids like:
mux_clk -> _mclk
gate_clk -> _gclk
synth_clk -> syn_clk
ras_gen1_synth_gate_clk -> ras_syn1_gclk
pll3_48m -> pll3_
Signed-off-by: Vipul Kumar Samar <vipulkumar.samar@st.com>
Signed-off-by: Shiraz Hashim <shiraz.hashim@st.com>
Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
The max limit of con_id is 16 and dev_id is 20. As of now for spear3xx, many clk
ids are exceeding this predefined limit.
This patch is intended to rename clk ids like:
mux_clk -> _mclk
gate_clk -> _gclk
synth_clk -> syn_clk
ras_gen1_synth_gate_clk -> ras_syn1_gclk
ras_pll3_48m -> ras_pll3_
pll3_48m -> pll3_
Signed-off-by: Vipul Kumar Samar <vipulkumar.samar@st.com>
Signed-off-by: Shiraz Hashim <shiraz.hashim@st.com>
Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
The max limit of con_id is 16 and dev_id is 20. As of now for spear1310, many
clk ids are exceeding this predefined limit.
This patch is intended to rename clk ids like:
mux_clk -> _mclk
gate_clk -> _gclk
synth_clk -> syn_clk
gmac_phy -> phy_
gmii_125m_pad -> gmii_pad
Signed-off-by: Vipul Kumar Samar <vipulkumar.samar@st.com>
Signed-off-by: Shiraz Hashim <shiraz.hashim@st.com>
Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
The max limit of con_id is 16 and dev_id is 20. As of now for spear1340, many
clk ids are exceeding this predefined limit.
This patch rename clk ids like:
mux_clk -> _mclk
gate_clk -> _gclk
synth_clk -> syn_clk
gmac_phy -> phy_
gmii_125m_pad_ -> gmii_pad
Signed-off-by: Vipul Kumar Samar <vipulkumar.samar@st.com>
Signed-off-by: Shiraz Hashim <shiraz.hashim@st.com>
Acked-by: Viresh Kumar <viresh.kumar@linaro.org>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Sparse complains about this because:
drivers/block/rbd.c:996:20: warning: cast to restricted __le32
drivers/block/rbd.c:996:20: warning: cast from restricted __le16
These are set in osd_req_encode_op() and they are le16.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Alex Elder <elder@inktank.com>
(cherry picked from commit 895cfcc810)
ceph_snap_context->snaps is an u64 array
Signed-off-by: Zheng Yan <zheng.z.yan@intel.com>
Reviewed-by: Alex Elder <elder@inktank.com>
(cherry picked from commit f9f9a19044)
Pull networking fixes from David Miller:
1) IPVS oops'ers:
a) Should not reset skb->nf_bridge in forwarding hook (Lin Ming)
b) 3.4 commit can cause ip_vs_control_cleanup to be invoked after
the ipvs_core_ops are unregistered during rmmod (Julian ANastasov)
2) ixgbevf bringup failure can crash in TX descriptor cleanup
(Alexander Duyck)
3) AX25 switch missing break statement hoses ROSE sockets (Alan Cox)
4) CAIF accesses freed per-net memory (Sjur Brandeland)
5) Network cgroup code has out-or-bounds accesses (Eric DUmazet), and
accesses freed memory (Gao Feng)
6) Fix a crash in SCTP reported by Dave Jones caused by freeing an
association still on a list (Neil HOrman)
7) __netdev_alloc_skb() regresses on GFP_DMA using drivers because that
GFP flag is not being retained for the allocation (Eric Dumazet).
8) Missing NULL hceck in sch_sfb netlink message parsing (Alan Cox)
9) bnx2 crashes because TX index iteration is not bounded correctly
(Michael Chan)
10) IPoIB generates warnings in TCP queue collapsing (via
skb_try_coalesce) because it does not set skb->truesize correctly
(Eric Dumazet)
11) vlan_info objects leak for the implicit vlan with ID 0 (Amir
Hanania)
12) A fix for TX time stamp handling in gianfar does not transfer socket
ownership from one packet to another correctly, resulting in a
socket write space imbalance (Eric Dumazet)
13) Julia Lawall found several cases where we do a list iteration, and
then at the loop termination unconditionally assume we ended up with
real list object, rather than the list head itself (CNIC, RXRPC,
mISDN).
14) The bonding driver handles procfs moving incorrectly when a device
it manages is moved from one namespace to another (Eric Biederman)
15) Missing memory barriers in stmmac descriptor accesses result in
various crashes (Deepak Sikri)
16) Fix handling of broadcast packets in batman-adv (Simon Wunderlich)
17) Properly check the sanity of sendmsg() lengths in ieee802154's
dgram_sendmsg(). Dave Jones and others have hit and reported this
bug (Sasha Levin)
18) Some drivers (b44 and b43legacy) on 64-bit machines stopped working
because of how netdev_alloc_skb() was adjusted. Such drivers should
now use alloc_skb() for obtaining bounce buffers. (Eric Dumazet)
19) atl1c mis-managed it's link state in that it stops the queue by hand
on link down. The generic networking takes care of that and this
double stop locks the queue down. So simply removing the driver's
queue stop call fixes the problem (Cloud Ren)
20) Fix out-of-memory due to mis-accounting in net_em packet scheduler
(Eric Dumazet)
21) If DCB and SR-IOV are configured at the same time in IXGBE the chip
will hang because this is not supported (Alexander Duyck)
22) A commit to stop drivers using netdev->base_addr broke the CNIC
driver (Michael Chan)
23) Timeout regression in ipset caused by an attempt to fix an overflow
bug (Jozsef Kadlecsik).
24) mac80211 minstrel code allocates memory using incorrect size
(Thomas Huehn)
25) llcp_sock_getname() needs to check for a NULL device otherwise we
OOPS (Sasha Levin)
26) mwifiex leaks memory (Bing Zhao)
27) Propagate iwlwifi fix to iwlegacy, even when we're not associated
we need to monitor for stuck queues in the watchdog handler
(Stanislaw Geuszka)
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (44 commits)
ipvs: fix oops in ip_vs_dst_event on rmmod
ipvs: fix oops on NAT reply in br_nf context
ixgbevf: Fix panic when loading driver
ax25: Fix missing break
MAINTAINERS: reflect actual changes in IEEE 802.15.4 maintainership
caif: Fix access to freed pernet memory
net: cgroup: fix access the unallocated memory in netprio cgroup
ixgbevf: Prevent RX/TX statistics getting reset to zero
sctp: Fix list corruption resulting from freeing an association on a list
net: respect GFP_DMA in __netdev_alloc_skb()
e1000e: fix test for PHY being accessible on 82577/8/9 and I217
e1000e: Correct link check logic for 82571 serdes
sch_sfb: Fix missing NULL check
bnx2: Fix bug in bnx2_free_tx_skbs().
IPoIB: fix skb truesize underestimatiom
net: Fix memory leak - vlan_info struct
gianfar: fix potential sk_wmem_alloc imbalance
drivers/net/ethernet/broadcom/cnic.c: remove invalid reference to list iterator variable
net/rxrpc/ar-peer.c: remove invalid reference to list iterator variable
drivers/isdn/mISDN/stack.c: remove invalid reference to list iterator variable
...
eliminates the dependency on arbitrary initialization orders.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJQBUQoAAoJELLolMlTRIoMNJ8QAJpBXCsTpE4cZ/C4FkmAbZeJ
uk5rBqZEWZBtIxBXbcpL0bCFmBFoPdlrfg1F64As67c/R+eXBju2LykrsNWgIDqp
FOhQhDecdm3wFdpfulio6hd5AHSuwCmFAz0mZL3qGMTjfgnv6725cAoFJ06LkSWW
EajZGWXKNBFS9sddGim9anZxCVtbF5+b1wDgfhVUnrI4I3TKg65KZTIamg3LXRn9
fj5j97YVc0jCLKIjNkS9WVRS3E/lVEwVQXoWgFjvrwF+6b1E2dSzB+WOBYPzrP+h
lOBauKgQiD+XIELw7f4hcQzb294WIAW0YQmppmEnQe6u3V6q0uRJrv5cQHFDCU8w
zR7B+aAip264ADKdN5AaYH75k+oy/fsqCb1eZi6+GuxJG1jA3O3rM4UFzPC5bZxn
CMAGiChnWUWUWqn86trVtOyp/t4Gl55JMv+aGos9hNSI5fRCRcskzd3WqWowbVNQ
aVsYD6bG08g0ceFec6xE2O6+eMhMye/TzpITEtS0vz2X0e/nuR7ggwwb6bQnm+Ph
4cknnvQiKrbNUCgziCgsqx6Oe7RXha+qxA8lMY6Vl9WpMnLRQcSV0OVa4DjamUb+
VVSLB56s+MCPifQQECKZNMvj/NW+FyZ3VN927NH49luf5Zyv3pANxFuMHDhpIUkP
vO+z2vShV8p+rRXGXyee
=JsP6
-----END PGP SIGNATURE-----
Merge tag 'single-rpmsg-3.5-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/ohad/rpmsg
Pull rpmsg fix from Ohad Ben-Cohen:
"A single rpmsg fix for 3.5, coming from Federico Fuga, which
eliminates the dependency on arbitrary initialization orders."
* tag 'single-rpmsg-3.5-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/ohad/rpmsg:
rpmsg: fix dependency on initialization order
When rpmsg drivers are built into the kernel, they must not initialize
before the rpmsg bus does, otherwise they'd trigger a BUG() in
drivers/base/driver.c line 169 (driver_register()).
To fix that, and to stop depending on arbitrary linkage ordering of
those built-in rpmsg drivers, we make the rpmsg bus initialize at
subsys_initcall.
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Federico Fuga <fuga@studiofuga.com>
[ohad: rewrite the commit log]
Signed-off-by: Ohad Ben-Cohen <ohad@wizery.com>
This patch addresses a kernel panic seen when setting up the interface.
Specifically we see a NULL pointer dereference on the Tx descriptor cleanup
path when enabling interrupts. This change corrects that so it cannot
occur.
Signed-off-by: Alexander Duyck <alexander.h.duyck@intel.com>
Acked-by: Greg Rose <gregory.v.rose@intel.com>
Tested-by: Sibai Li <sibai.li@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Jeff Kirsher says:
====================
This series contains fixes to e1000e.
...
Bruce Allan (1):
e1000e: fix test for PHY being accessible on 82577/8/9 and I217
Tushar Dave (1):
e1000e: Correct link check logic for 82571 serdes
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
The commit 4197aa7bb8 implements 64 bit
per ring statistics. But the driver resets the 'total_bytes' and
'total_packets' from RX and TX rings in the RX and TX interrupt
handlers to zero. This results in statistics being lost and user space
reporting RX and TX statistics as zero. This patch addresses the
issue by preventing the resetting of RX and TX ring statistics to
zero.
Signed-off-by: Narendra K <narendra_k@dell.com>
Tested-by: Sibai Li <sibai.li@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
When NUMBER OF LOGICAL BLOCKS is 0, WRITE SAME is supposed to write
all the blocks from the specified LBA through the end of the device.
However, dev->transport->get_blocks(dev) (perhaps confusingly) returns
the last valid LBA rather than the number of blocks, so the correct
number of blocks to write starting with lba is
dev->transport->get_blocks(dev) - lba + 1
(nab: Backport roland's for-3.6 patch to for-3.5)
Signed-off-by: Roland Dreier <roland@purestorage.com>
Cc: Cc: <stable@vger.kernel.org>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
- instead of (PTR_ERR(file) < 0) just use IS_ERR(file)
- return -EINVAL instead of EINVAL
- all other error returns in target_scsi3_emulate_pr_out() use
"goto out" -- get rid of the one remaining straight "return."
Signed-off-by: Roland Dreier <roland@purestorage.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Merge gma500 patches from Alan Cox.
* Merge emailed patches from Alan Cox <alan@lxorguk.ukuu.org.uk>: (3 commits)
gma500,cdv: Fix the brightness base
gma500: move the ASLE enable
gma500: Fix lid related crash
Some desktop environments carefully save and restore the brightness
settings from the previous boot. Unfortunately they don't all check to
see if the range has changed. The end result is that they restore a
brightness of 100/lots not 100/100.
As the old driver and the non-free GMA36xx driver both use 0-100 we thus
need to go back doing the same thing to avoid users getting a mysterious
black screen after boot.
Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Otherwise we end up getting the masks wrong, can get events before we
are doing power control and other ungood things. Again this is a
regression fix where the ordering of handling was disturbed by other
work, and the user experience on some boxes is a blank screen.
Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
We now set up the lid timer before we set up the backlight. On some
devices that causes a crash as we do a backlight change before or during
the setup.
As this fixes a crash on boot regression on some setups it ought to go
in ASAP, especially as all the user gets is a blank screen.
Signed-off-by: Alan Cox <alan@linux.intel.com>
Tested-by: Mattia Dongili <malattia@linux.it>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Pull x86 platform tree fixes from Matthew Garrett:
"Small fixes to a couple of drivers plus a slightly larger number for
sony-laptop that the maintainer thinks are appropriate, most of which
fix problems with the earlier 3.5 updates. These have been in -next
for a while without complaint."
* 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86:
intel_ips: blacklist HP ProBook laptops
ideapad: uninitialized data in ideapad_acpi_add()
sony-laptop: correct find_snc_handle failure checks
sony-laptop: fix a couple signedness bugs
sony-laptop: fix sony_nc_sysfs_store()
sony-laptop: input initialization should be done before SNC
sony-laptop: add lid backlight support for handle 0x143
sony-laptop: store battery care limits on batteries
sony-laptop: notify userspace of GFX switch position changes
sony-laptop: use an enum for SNC event types
- Two fixes to the i.MX driver
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAABAgAGBQJQAfMcAAoJEEEQszewGV1z1rYP/2bYOSSQOvL5Gpxai/IT+meT
ztG7KWujoWL6ds6k0LB7V+NPelQf+6i/7bkaSDoL8ANvkOGWBUtF/6ElCVMpW/U2
/IYvKXxSkW46psBFZPdqZdsE2VOo16x5S5x0kNZNKwaTvX4bitKTCd7JxKaqQRxT
L6b/5qQvr96ezhN8VPafuNIftYkjqui4XMZLke4FCqnpEBUg/ShWXXnRH8MpfPF/
rpRyXfLjev/QMMSlIw6mcaBqxVHVuL6DXU9Lb2X36j2pnNATIriHS8i0pmR5RaeC
7QnYXnggrpl8SR0qHjaseYUYWHibYt3EXIoHR50z5yG6HFIAxZhWnQC/nJlLaP23
h1G+OuxiHUjmCD3AMa+su2zcrZl181hjvPxN8pdBboRxTGvY8xc65wlfEkg2LSAV
AEP77KAyGc9TUSmW2KJEaIjRuxXCtc45TKwlFHyvN8AeaZRVno/FEXekmt+XDNgC
hPPl/aL60iAGEYoDbo2tAA6vfbpF/AYk6Y61aTVBRyBPbhbfpTvCPssh4EiQtqIB
qH0oFf5Q8NjWg5XlbU5IRStb4SgvLsSNpxT7XTp8hbvjSsOdZPiHqXOIRmPzndyO
QLcCsES6Zc/0obj2eG4TaqruevpWAHTKbObRAJIRPzb1jQ9C8P9tkehXCvPk7Awu
bdLMHzwj1JmFExZo3sz8
=ucSC
-----END PGP SIGNATURE-----
Merge tag 'fixes-for-v3.5-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl
Pull late pinctrl fixes from Linus Walleij:
- Two fixes to the i.MX driver
* tag 'fixes-for-v3.5-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl:
pinctrl: pinctrl-imx6q: add missed mux function for USBOTG_ID
pinctrl: pinctrl-imx: only print debug message when DEBUG is defined
The idr_pre_get() function never returns a value < 0. It returns 0 (no
memory) or 1 (OK).
Reported-by: Silva Paulo <psdasilva@yahoo.com>
[ Rewrote Silva's patch, but attributing it to Silva anyway - Linus ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This patch fixes a crash seen when large reads have their exchange
aborted by either timing out or being reset. Because the exchange
abort results in the seq pointer being set to NULL, because the
sequence is no longer valid, it must not be dereferenced. This
patch changes the function ft_get_task_tag to return ~0 if it is
unable to get the tag for this reason. Because the get_task_tag
interface provides no means of returning an error, this seems
like the best way to fix this issue at the moment.
Signed-off-by: Mark Rustad <mark.d.rustad@intel.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
The original pin registers table is derived from u-boot mainline,
but somehow it was found missing some mux functions for USBOTG_ID.
We added it at the bottom by following the exist pin function ids,
then it will not break the exist using of pin function id in dts file.
Reported-by: Richard Zhao <richard.zhao@freescale.com>
Signed-off-by: Dong Aisheng <dong.aisheng@linaro.org>
Fix regression for commit 3a86a5f8 (pinctrl: pinctrl-imx: free allocated
pinctrl_map structure only once and use kernel facilities for IMX_PMX_DUMP)
introduced in 3.5-rc3.
With above commit, the debug code will alway be excuted.
Change to excute it only when DEBUG is defined.
Signed-off-by: Dong Aisheng <dong.aisheng@linaro.org>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Pull ACPI patch from Len Brown.
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux:
ACPICA: Fix possible fault in return package object repair code
This fixes a regression preventing the ACPI cpufreq driver from loading on some
systems where it worked previously without any problems.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
iQIcBAABAgAGBQJQAWv6AAoJEKhOf7ml8uNsUXcQAINIZmqe/VCYC3jsYwn0OURQ
Ua9g51czYvyFS+9tDc5V6b4DrG6B6rIjOBywO1qTXQkRyfpbEx4CVvCOij/0sApg
Jw/VwImYlIL88uqfGniFv/LW1qUA4v1QcfyDcdbsBGGTwvQwekeYomLRwYWthqkO
VEC/hYXtTAkfHnJJSWG2PtYpUbicmOdVDwh2SQuf/dmXVZXmMmljQFVvyPHNMwbd
X6ENqhYiTr5tJ5k0e9mAGwfpRmG7YoXQE7pM1hl4kcv0CgdN3U71WEK3LfxJBeTW
lGawcA0pu/4o/+X9NYJHo1QosXQAHAeqMkn38pv8K4EwqnnXqLK35+wTYBf00kdg
lJHGNvg1kuQEp32nXT3y4kzASNHHnTV2IU2YbERZ61+2x3sU3DSLjNo2ZL/kqd8k
fxN+RWXEBA1lI5TRL4ENENT0c/m+RDQCJkHXwAEOwTZwMZDUKWfiaZwoRcs1xTEC
JjcBIe1wMmHJDxH+fh4KBdqjFiPDoBqHi4AWWIavJJG/W+LJLrd/i90o99GOHZ/0
q/pouYurt05ec7dwX3rMqlLGQz8hVkp6flg0DgrJCe0tGaQarZ0bkp6RaQpEAfxi
y1eIgYbCy61YvUMxhBp/SWoD9/wAoYuWZFtq1CgwYmkRJ25lT6zoOFiJAn3GF5PG
2thM5M0vuLVhG/BPZMo3
=XZHs
-----END PGP SIGNATURE-----
Merge tag 'cpufreq-for-3.5-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull cpufreq fix from Rafael Wysocki:
"This fixes a regression preventing the ACPI cpufreq driver from
loading on some systems where it worked previously without any
problems."
* tag 'cpufreq-for-3.5-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
cpufreq / ACPI: Fix not loading acpi-cpufreq driver regression
Fixes a problem that can occur when a lone package object is
wrapped with an outer package object in order to conform to
the ACPI specification. Can affect these predefined names:
_ALR,_MLS,_PSS,_TRT,_TSS,_PRT,_HPX,_DLM,_CSD,_PSD,_TSD
https://bugzilla.kernel.org/show_bug.cgi?id=44171
This problem was introduced in 3.4-rc1 by commit
6a99b1c94d
(ACPICA: Object repair code: Support to add Package wrappers)
Reported-by: Vlastimil Babka <caster@gentoo.org>
Signed-off-by: Bob Moore <robert.moore@intel.com>
Signed-off-by: Lin Ming <ming.m.lin@intel.com>
Cc: <stable@vger.kernel.org> # 3.4
Signed-off-by: Len Brown <len.brown@intel.com>
Occasionally, the PHY can be initially inaccessible when the first read of
a PHY register, e.g. PHY_ID1, happens (signified by the returned value
0xFFFF) but subsequent accesses of the PHY work as expected. Add a retry
counter similar to how it is done in the generic e1000_get_phy_id().
Also, when the PHY is completely inaccessible (i.e. when subsequent reads
of the PHY_IDx registers returns all F's) and the MDIO access mode must be
set to slow before attempting to read the PHY ID again, the functions that
do these latter two actions expect the SW/FW/HW semaphore is not already
set so the semaphore must be released before and re-acquired after calling
them otherwise there is an unnecessarily inordinate amount of delay during
device initialization.
Reported-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
Signed-off-by: Bruce Allan <bruce.w.allan@intel.com>
Tested-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
Tested-by: Aaron Brown <aaron.f.brown@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
SYNCH bit and IV bit of RXCW register are sticky. Before examining these bits,
RXCW should be read twice to filter out one-time false events and have correct
values for these bits. Incorrect values of these bits in link check logic can
cause weird link stability issues if auto-negotiation fails.
CC: stable <stable@vger.kernel.org> [2.6.38+]
Reported-by: Dean Nelson <dnelson@redhat.com>
Signed-off-by: Tushar Dave <tushar.n.dave@intel.com>
Reviewed-by: Bruce Allan <bruce.w.allan@intel.com>
Tested-by: Jeff Pieper <jeffrey.e.pieper@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>