Commit Graph

441536 Commits

Author SHA1 Message Date
Roland Dreier
79d59d0808 iscsi-target: Fix wrong buffer / buffer overrun in iscsi_change_param_value()
In non-leading connection login, iscsi_login_non_zero_tsih_s1() calls
iscsi_change_param_value() with the buffer it uses to hold the login
PDU, not a temporary buffer.  This leads to the login header getting
corrupted and login failing for non-leading connections in MC/S.

Fix this by adding a wrapper iscsi_change_param_sprintf() that handles
the temporary buffer itself to avoid confusion.  Also handle sending a
reject in case of failure in the wrapper, which lets the calling code
get quite a bit smaller and easier to read.

Finally, bump the size of the temporary buffer from 32 to 64 bytes to be
safe, since "MaxRecvDataSegmentLength=" by itself is 25 bytes; with a
trailing NUL, a value >= 1M will lead to a buffer overrun.  (This isn't
the default but we don't need to run right at the ragged edge here)

Reported-by: Santosh Kulkarni <santosh.kulkarni@calsoftinc.com>
Signed-off-by: Roland Dreier <roland@purestorage.com>
Cc: stable@vger.kernel.org # 3.10+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-03 19:17:31 -07:00
Nicholas Bellinger
6cc44a6fb4 iser-target: Add missing target_put_sess_cmd for ImmedateData failure
This patch addresses a bug where an early exception for SCSI WRITE
with ImmediateData=Yes was missing the target_put_sess_cmd() call
to drop the extra se_cmd->cmd_kref reference obtained during the
normal iscsit_setup_scsi_cmd() codepath execution.

This bug was manifesting itself during session shutdown within
isert_cq_rx_comp_err() where target_wait_for_sess_cmds() would
end up waiting indefinately for the last se_cmd->cmd_kref put to
occur for the failed SCSI WRITE + ImmediateData descriptors.

This fix follows what traditional iscsi-target code already does
for the same failure case within iscsit_get_immediate_data().

Reported-by: Sagi Grimberg <sagig@dev.mellanox.co.il>
Cc: Sagi Grimberg <sagig@dev.mellanox.co.il>
Cc: Or Gerlitz <ogerlitz@mellanox.com>
Cc: stable@vger.kernel.org # 3.10+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-06-03 19:17:31 -07:00
Mikulas Patocka
1e1110c43b target: fix memory leak on XCOPY
On each processed XCOPY command, two "kmalloc-512" memory objects are
leaked. These represent two allocations of struct xcopy_pt_cmd in
target_core_xcopy.c.

The reason for the memory leak is that the cmd_kref field is not
initialized (thus, it is zero because the allocations were done with
kzalloc). When we decrement zero kref in target_put_sess_cmd, the result
is not zero, thus target_release_cmd_kref is not called.

This patch fixes the bug by moving kref initialization from
target_get_sess_cmd to transport_init_se_cmd (this function is called from
target_core_xcopy.c, so it will correctly initialize cmd_kref). It can be
easily verified that all code that calls target_get_sess_cmd also calls
transport_init_se_cmd earlier, thus moving kref_init shouldn't introduce
any new problems.

Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Cc: stable@vger.kernel.org	# 3.12+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-05-17 15:49:40 -07:00
Andy Grover
07b8dae38b target: Don't allow setting WC emulation if device doesn't support
Just like for pSCSI, if the transport sets get_write_cache, then it is
not valid to enable write cache emulation for it. Return an error.

see https://bugzilla.redhat.com/show_bug.cgi?id=1082675

Reviewed-by: Chris Leech <cleech@redhat.com>
Signed-off-by: Andy Grover <agrover@redhat.com>
Cc: stable@vger.kernel.org # 3.10+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-05-15 17:09:17 -07:00
Nicholas Bellinger
52d0aa7980 iscsi-target: Disable Immediate + Unsolicited Data with ISER Protection
This patch explicitly disables Immediate + Unsolicited Data for ISER
connections during login in iscsi_login_zero_tsih_s2() when protection
has been enabled for the session by the underlying hardware.

This is currently required because protection / signature memory regions
(MRs) expect T10 PI to occur on RDMA READs + RDMA WRITEs transfers, and
not on a immediate data payload associated with ISCSI_OP_SCSI_CMD, or
unsolicited data-out associated with a ISCSI_OP_SCSI_DATA_OUT.

v2 changes:
  - Add TARGET_PROT_DOUT_INSERT check (Sagi)
  - Add pr_debug noisemaker (Sagi)
  - Add goto to avoid early return from MRDSL check (nab)

Cc: Sagi Grimberg <sagig@mellanox.com>
Cc: Or Gerlitz <ogerlitz@mellanox.com>
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-05-15 17:09:12 -07:00
Nicholas Bellinger
ed8ec8f707 tcm_fc: Fix free-after-use regression in ft_free_cmd
This patch fixes a free-after-use regression in ft_free_cmd(), where
ft_sess_put() is called with cmd->sess after percpu_ida_free() has
already released the tag.

Fix this bug by saving the ft_sess pointer ahead of percpu_ida_free(),
and pass it directly to ft_sess_put().

The regression was originally introduced in v3.13-rc1 commit:

  commit 5f544cfac9
  Author: Nicholas Bellinger <nab@daterainc.com>
  Date:   Mon Sep 23 12:12:42 2013 -0700

      tcm_fc: Convert to per-cpu command map pre-allocation of ft_cmd

Reported-by: Jun Wu <jwu@stormojo.com>
Cc: Mark Rustad <mark.d.rustad@intel.com>
Cc: Robert Love <robert.w.love@intel.com>
Cc: <stable@vger.kernel.org> #3.13+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-05-15 17:09:12 -07:00
Nicholas Bellinger
7cbfcc9537 iscsi-target: Change BUG_ON to REJECT in iscsit_process_nop_out
This patch changes an incorrect use of BUG_ON to instead generate a
REJECT + PROTOCOL_ERROR in iscsit_process_nop_out() code.  This case
can occur with traditional TCP where a flood of zeros in the data
stream can reach this block for what is presumed to be a NOP-OUT with
a solicited reply, but without a valid iscsi_cmd pointer.

This incorrect BUG_ON was introduced during the v3.11-rc timeframe
with the following commit:

commit 778de36896
Author: Nicholas Bellinger <nab@linux-iscsi.org>
Date:   Fri Jun 14 16:07:47 2013 -0700

    iscsi/isert-target: Refactor ISCSI_OP_NOOP RX handling

Reported-by: Arshad Hussain <arshad.hussain@calsoftinc.com>
Cc: stable@vger.kernel.org # 3.11+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-05-15 17:09:11 -07:00
Sagi Grimberg
14f4b54fe3 Target/iscsi,iser: Avoid accepting transport connections during stop stage
When the target is in stop stage, iSER transport initiates RDMA disconnects.
The iSER initiator may wish to establish a new connection over the
still existing network portal. In this case iSER transport should not
accept and resume new RDMA connections. In order to learn that, iscsi_np
is added with enabled flag so the iSER transport can check when deciding
weather to accept and resume a new connection request.

The iscsi_np is enabled after successful transport setup, and disabled
before iscsi_np login threads are cleaned up.

Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Cc: stable@vger.kernel.org # 3.10+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-05-15 17:09:11 -07:00
Sagi Grimberg
531b7bf4bd Target/iser: Fix iscsit_accept_np and rdma_cm racy flow
RDMA CM and iSCSI target flows are asynchronous and completely
uncorrelated. Relying on the fact that iscsi_accept_np will be called
after CM connection request event and will wait for it is a mistake.

When attempting to login to a few targets this flow is racy and
unpredictable, but for parallel login to dozens of targets will
race and hang every time.

The correct synchronizing mechanism in this case is pending on
a semaphore rather than a wait_for_event. We keep the pending
interruptible for iscsi_np cleanup stage.

(Squash patch to remove dead code into parent - nab)

Reported-by: Slava Shwartsman <valyushash@gmail.com>
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Cc: stable@vger.kernel.org # 3.10+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-05-15 17:09:10 -07:00
Sagi Grimberg
9fe63c88b1 Target/iser: Fix wrong connection requests list addition
Should be adding list_add_tail($new, $head) and not
the other way around.

Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Cc: stable@vger.kernel.org # 3.10+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-05-15 17:09:10 -07:00
Andy Grover
448ba90416 target: Allow non-supporting backends to set pi_prot_type to 0
Userspace tools assume if a value is read from configfs, it is valid
and will not cause an error if the same value is written back. The only
valid value for pi_prot_type for backends not supporting DIF is 0, so allow
this particular value to be set without returning an error.

Reported-by: Krzysztof Chojnowski <frirajder@gmail.com>
Signed-off-by: Andy Grover <agrover@redhat.com>
Reviewed-by: Sagi Grimberg <sagig@mellanox.com>
Cc: stable@vger.kernel.org # 3.14+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-05-15 17:08:51 -07:00
Linus Torvalds
d1db0eea85 Linux 3.15-rc3 2014-04-27 19:29:27 -07:00
Will Deacon
ec6931b281 word-at-a-time: avoid undefined behaviour in zero_bytemask macro
The asm-generic, big-endian version of zero_bytemask creates a mask of
bytes preceding the first zero-byte by left shifting ~0ul based on the
position of the first zero byte.

Unfortunately, if the first (top) byte is zero, the output of
prep_zero_mask has only the top bit set, resulting in undefined C
behaviour as we shift left by an amount equal to the width of the type.
As it happens, GCC doesn't manage to spot this through the call to fls(),
but the issue remains if architectures choose to implement their shift
instructions differently.

An example would be arch/arm/ (AArch32), where LSL Rd, Rn, #32 results
in Rd == 0x0, whilst on arch/arm64 (AArch64) LSL Xd, Xn, #64 results in
Xd == Xn.

Rather than check explicitly for the problematic shift, this patch adds
an extra shift by 1, replacing fls with __fls. Since zero_bytemask is
never called with a zero argument (has_zero() is used to check the data
first), we don't need to worry about calling __fls(0), which is
undefined.

Cc: <stable@vger.kernel.org>
Cc: Victor Kamensky <victor.kamensky@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-04-27 15:20:05 -07:00
Linus Torvalds
ac6c9e2bed Merge branch 'safe-dirty-tlb-flush'
This merges the patch to fix possible loss of dirty bit on munmap() or
madvice(DONTNEED).  If there are concurrent writers on other CPU's that
have the unmapped/unneeded page in their TLBs, their writes to the page
could possibly get lost if a third CPU raced with the TLB flush and did
a page_mkclean() before the page was fully written.

Admittedly, if you unmap() or madvice(DONTNEED) an area _while_ another
thread is still busy writing to it, you deserve all the lost writes you
could get.  But we kernel people hold ourselves to higher quality
standards than "crazy people deserve to lose", because, well, we've seen
people do all kinds of crazy things.

So let's get it right, just because we can, and we don't have to worry
about it.

* safe-dirty-tlb-flush:
  mm: split 'tlb_flush_mmu()' into tlb flushing and memory freeing parts
2014-04-27 15:08:12 -07:00
Linus Torvalds
33c0022f0e Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes from Chris Mason.

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs:
  Btrfs: limit the path size in send to PATH_MAX
  Btrfs: correctly set profile flags on seqlock retry
  Btrfs: use correct key when repeating search for extent item
  Btrfs: fix inode caching vs tree log
  Btrfs: fix possible memory leaks in open_ctree()
  Btrfs: avoid triggering bug_on() when we fail to start inode caching task
  Btrfs: move btrfs_{set,clear}_and_info() to ctree.h
  btrfs: replace error code from btrfs_drop_extents
  btrfs: Change the hole range to a more accurate value.
  btrfs: fix use-after-free in mount_subvol()
2014-04-27 13:26:28 -07:00
Linus Torvalds
2b9d1c050d Merge branch 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm
Pull arm fixes from Russell King:
 "A number of fixes for the PJ4/iwmmxt changes which arm-soc forced me
  to take during the merge window.  This stuff should have been better
  tested and sorted out *before* the merge window"

* 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
  ARM: 8042/1: iwmmxt: allow to build iWMMXt on Marvell PJ4B
  ARM: 8041/1: pj4: fix cpu_is_pj4 check
  ARM: 8040/1: pj4: properly detect existence of iWMMXt coprocessor
  ARM: 8039/1: pj4: enable iWMMXt only if CONFIG_IWMMXT is set
  ARM: 8038/1: iwmmxt: explicitly check for supported architectures
2014-04-27 12:55:04 -07:00
Linus Torvalds
afa3cad746 - compat renameat2 syscall wiring and __NR_compat_syscalls fix
- TLB fix for transparent huge pages following switch to generic
   mmu_gather
 - spinlock initialisation for init_mm's context
 - move of_clk_init() earlier
 - Kconfig duplicate entry fix
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.9 (GNU/Linux)
 
 iQIcBAABAgAGBQJTW4KqAAoJEGvWsS0AyF7xMpcQAIB7dERyKiHXMYtoJirwkaKJ
 Pi02y25a80n2Ru4Y8mWu3xf52BBJrKXTyek5i5ztkD7kmVNdjgnsTp3bAqgjYmH2
 08Q7UlGC4eWlGKiGe3h+1WLJdQYqBQWFXoyTBIhU3gdGldN4EphnHqxxIGLiflu8
 /bGRzsJDzKI8XVbXv0ZStHk4DI3mpzSbQolyAnxIvtLF9iMNP43h/0+yMgYvW2gs
 S1ShPl71Cf4aOCk73SgH0GXJinCC6v9w8TFcy+FGlJhULo0sc0EXzpvsRac08OGf
 QyADYx/yMrwI/DCh+uncoByuS54u5Z1MGIJ68Uvc6GMqjkfurvjUhBFFHxjFCI+g
 SVmIrItt0CQRVl/2LszFFQnQlLP5MwYNQnF5Gb8lZhZgy7AAE43h3iSeL5dHUuJK
 vhUxfCvNSLP09+crVfDwZsLR9aAjcRyIcYpFfXAePa/rtn2pX/ICWBCVOOw/j3ii
 9kWDnk+pqQLutu6FFO7Isu1QC7M5fxSlek5WqexSOJMa5VVUgYXz2cXm1V3I+WW8
 TVFM4PuM81PjgmtZHq9R8WC37lEuIS2Ib0ph/E20keztB8t/ggC7pFS4J9fqGmQp
 MYBpiAm6PVtWCuIdwkS3L4Xv1/63Za7/CZWIL+pVaQfv6Ruk8a0IWzuiF0E0w3ak
 gqAxd5erxudNADIxDfvo
 =cSni
 -----END PGP SIGNATURE-----

Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux

Pull arm64 fixes from Catalin Marinas:
 - compat renameat2 syscall wiring and __NR_compat_syscalls fix
 - TLB fix for transparent huge pages following switch to generic
   mmu_gather
 - spinlock initialisation for init_mm's context
 - move of_clk_init() earlier
 - Kconfig duplicate entry fix

* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
  arm64: init: Move of_clk_init to time_init
  arm64: initialize spinlock for init_mm's context
  arm64: debug: remove noisy, pointless warning
  arm64: mm: Add THP TLB entries to general mmu_gather
  arm64: add renameat2 compat syscall
  ARM64: Remove duplicated Kconfig entry for "kernel/power/Kconfig"
  arm64: __NR_compat_syscalls fix
2014-04-27 12:54:05 -07:00
Linus Torvalds
d9e9e8e2fe Merge branch 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull irq fixes from Thomas Gleixner:
 "A slighlty large fix for a subtle issue in the CPU hotplug code of
  certain ARM SoCs, where the not yet online cpu needs to setup the cpu
  local timer and needs to set the interrupt affinity to itself.
  Setting interrupt affinity to a not online cpu is prohibited and
  therefor the timer interrupt ends up on the wrong cpu, which leads to
  nasty complications.

  The SoC folks tried to hack around that in the SoC code in some more
  than nasty ways.  The proper solution is to have a way to enforce the
  affinity setting to a not online cpu.  The core patch to the genirq
  code provides that facility and the follow up patches make use of it
  in the GIC interrupt controller and the exynos timer driver.

  The change to the core code has no implications to existing users,
  except for the rename of the locked function and therefor the
  necessary fixup in mips/cavium.  Aside of that, no runtime impact is
  possible, as none of the existing interrupt chips implements anything
  which depends on the force argument of the irq_set_affinity()
  callback"

* 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  clocksource: Exynos_mct: Register clock event after request_irq()
  clocksource: Exynos_mct: Use irq_force_affinity() in cpu bringup
  irqchip: Gic: Support forced affinity setting
  genirq: Allow forcing cpu affinity of interrupts
2014-04-27 11:21:03 -07:00
Linus Torvalds
a8d706986c TTY/Serial fixes for 3.15-rc3
Here are a few tty/serial fixes for 3.15-rc3 that resolve a number of
 reported issues in the 8250 and samsung serial drivers, as well as a
 character loss fix for the tty core that was caused by the lock removal
 patches a release ago.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iEYEABECAAYFAlNcUDMACgkQMUfUDdst+ylZvgCgjeJTIxh+7Lpo/yqbFRZz05dc
 KZ4AoLBTof/1fV2UMczNm61vrp0+wvyi
 =FnZz
 -----END PGP SIGNATURE-----

Merge tag 'tty-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty

Pull tty/serial fixes from Greg KH:
 "Here are a few tty/serial fixes for 3.15-rc3 that resolve a number of
  reported issues in the 8250 and samsung serial drivers, as well as a
  character loss fix for the tty core that was caused by the lock
  removal patches a release ago"

* tag 'tty-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
  serial_core: fix uart PORT_UNKNOWN handling
  serial: samsung: Change barrier() to cpu_relax() in console output
  serial: samsung: don't check config for every character
  serial: samsung: Use the passed in "port", fixing kgdb w/ no console
  serial: 8250: Fix thread unsafe __dma_tx_complete function
  8250_core: Fix unwanted TX chars write
  tty: Fix race condition between __tty_buffer_request_room and flush_to_ldisc
2014-04-27 10:39:09 -07:00
Linus Torvalds
d0c15ad760 Staging / IIO driver fixes for 3.15-rc3
Here are some small staging and IIO driver fixes for 3.15-rc3.
 
 Nothing major at all, just some assorted issues that people have reported.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iEYEABECAAYFAlNcTrIACgkQMUfUDdst+ymTPACfQTyAgaXWKIOEAk2Ur8YeSqhr
 NxYAn0T1tgCRuNNtj6/TnGN8RxzaMqtZ
 =9ZEj
 -----END PGP SIGNATURE-----

Merge tag 'staging-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging

Pull staging / IIO driver fixes from Greg KH:
 "Here are some small staging and IIO driver fixes for 3.15-rc3.

  Nothing major at all, just some assorted issues that people have
  reported"

* tag 'staging-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
  staging: comedi: usbdux: bug fix for accessing 'ao_chanlist' in private data
  iio: adc: mxs-lradc: fix warning when buidling on avr32
  iio: cm36651: Fix i2c client leak and possible NULL pointer dereference
  iio: querying buffer scan_mask should return 0/1
  staging:iio:ad2s1200 fix a missing break
  iio: adc: at91_adc: correct default shtim value
  ARM: at91: at91sam9260: change at91_adc name
  ARM: at91: at91sam9g45: change at91_adc name
  iio: cm32181: Fix read integration time function
  iio: adc: at91_adc: Repair broken platform_data support
2014-04-27 10:34:29 -07:00
Linus Torvalds
005fbcd034 Driver core fixes for 3.15-rc3
Here are some kernfs fixes for 3.15-rc3 that resolve some reported
 problems.  Nothing huge, but all needed.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iEYEABECAAYFAlNcTwEACgkQMUfUDdst+yktKQCeOZdKHq6J2od49bnwsPIlne1J
 h2kAoKs1LpEBHI/2KH/6etP5Qjks5iuB
 =5BPH
 -----END PGP SIGNATURE-----

Merge tag 'driver-core-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core

Pull driver core fixes from Greg KH:
 "Here are some kernfs fixes for 3.15-rc3 that resolve some reported
  problems.  Nothing huge, but all needed"

* tag 'driver-core-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core:
  s390/ccwgroup: Fix memory corruption
  kernfs: add back missing error check in kernfs_fop_mmap()
  kernfs: fix a subdir count leak
2014-04-27 10:28:34 -07:00
Linus Torvalds
fefb82756e USB fixes for 3.15-rc3
Here are a number of USB fixes for 3.15-rc3.  The majority are gadget
 fixes, as we didn't get any of those in for 3.15-rc2.  The others are
 all over the place, and there's a number of new device id addtions as
 well.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iEYEABECAAYFAlNcUKIACgkQMUfUDdst+ynSsQCeKmkO1od6fPs5uHPSEwns+pqB
 +B4Anip6dHYATN5GCv+p3JWLZkQgT9lD
 =s4E0
 -----END PGP SIGNATURE-----

Merge tag 'usb-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb

Pull USB fixes from Greg KH:
 "Here are a number of USB fixes for 3.15-rc3.  The majority are gadget
  fixes, as we didn't get any of those in for 3.15-rc2.  The others are
  all over the place, and there's a number of new device id addtions as
  well."

* tag 'usb-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (35 commits)
  usb: option: add and update a number of CMOTech devices
  usb: option: add Alcatel L800MA
  usb: option: add Olivetti Olicard 500
  usb: qcserial: add Sierra Wireless MC7305/MC7355
  usb: qcserial: add Sierra Wireless MC73xx
  usb: qcserial: add Sierra Wireless EM7355
  USB: io_ti: fix firmware download on big-endian machines
  usb/xhci: fix compilation warning when !CONFIG_PCI && !CONFIG_PM
  xhci: extend quirk for Renesas cards
  xhci: Switch Intel Lynx Point ports to EHCI on shutdown.
  usb: xhci: Prefer endpoint context dequeue pointer over stopped_trb
  phy: core: make NULL a valid phy reference if !CONFIG_GENERIC_PHY
  phy: fix kernel oops in phy_lookup()
  phy: restore OMAP_CONTROL_PHY dependencies
  phy: exynos: fix building as a module
  USB: serial: fix sysfs-attribute removal deadlock
  usb: wusbcore: fix panic in wusbhc_chid_set
  usb: wusbcore: convert nested lock to use spin_lock instead of spin_lock_irq
  uwb: don't call spin_unlock_irq in a USB completion handler
  usb: chipidea: coordinate usb phy initialization for different phy type
  ...
2014-04-27 10:24:17 -07:00
Linus Torvalds
e9dba83764 ACPI and power management fixes for 3.15-rc3
- Fix for broken ACPI notifications on some systems caused by
    a recent ACPI hotplug commit that blocked the propagation of
    unknown type notifications to device drivers inadvertently.
 
  - intel_idle fix to make the IvyTown C-states handling (added
    recently) work as intended which now is broken due to missing
    braces.  From Christoph Jaeger.
 
  - ACPICA fix to make it allocate buffers of the right sizes for
    the Generic Serial Bus operation region access.  From Lv Zheng.
 
  - PM core fix unblocking cpuidle before entering the "freeze"
    sleep state which causes that state to be able to actually save
    more energy than runtime idle.
 
  - Configuration and build fixes for the highbank and powernv
    cpufreq drivers from Kefeng Wang and Srivatsa S Bhat.
 
  - Coccinelle warning fix related to error pointers for the
    unicore32 cpufreq driver from Duan Jiong.
 
  - Integer overflow fix for the ppc-corenet cpufreq driver from
    Geert Uytterhoeven.
 
  - Workaround for BIOSes that don't report the entire Intel MCH
    area in their ACPI tables from Bjorn Helgaas.
 
  - ACPI tools Makefile fix and cleanup from Thomas Renninger.
 
 /
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABCAAGBQJTWvQ7AAoJEILEb/54YlRxpf4P/R0yuUNC02E5zRD4VZdZ1fD7
 H/7xJ9XDDcZiqe8sEAr8DiatoHsuQGfB5Vs+Vv/RGzGN7xz+wQ7V73niBGjHWekI
 kl7DFcnM7aF4zy+hNQUKJiB0O19D+ttH3Jfow5Vpd4rQj7qIjp9s3okQn5HArrKS
 KsoU4g+Mvt3VP3egeXGBmR4WqHYpEK8AIkV8d8XnOP7eTP4Q/Ed2aSFGsuwVhlft
 63iBgB7yac+OSnTNTedsi5xxh+Bx/W6Q2SPSn0g2MVtzQICEMgGB6l+ftJZLBoI/
 YRD6CkcYyOAllNjy6EGNg5UfwtbSh4qlfQ+dQkrpKZCgjVBfgeheiwrjrt/20/4l
 QsEMVDhdoIBZEfJyT0o6LkRA7EHH+gykAhxJ35ocVgJxMbDzcJG2/aHnEs+zJIxc
 TKWidhQYqangqfPZeLN3fGCJ8959ohBUWFNUO+JZDGKpguBFjC4GrC1bDuR5tF78
 z5hm1QHGeJGrPZMg1qrAcRR2WMJv2tc/SBBeoNFzMy7Hi27bKJxPIktbUYWWD8NB
 jP93jRbg2eGnGJucidlZ1Xx31GWY7wzU4kMQ6jPEKhbn5lRSITvqrYPgEPeSaSyr
 xCUPGi+TrV18AD/OwSF+DJnIfgroKDETCtgBLponMr29Pa8bgTHu9HOe7/BbGf46
 EbRPpwx8p6eaob2c7n5F
 =yMFR
 -----END PGP SIGNATURE-----

Merge tag 'pm+acpi-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm

Pull ACPI and power management fixes from Rafael Wysocki:
 "These include a fix for a recent ACPI regression related to device
  notifications, intel_idle fix related to IvyTown support, fix for a
  buffer size issue in ACPICA, PM core fix related to the "freeze" sleep
  state, four fixes for various types of breakage in cpufreq drivers, a
  PNP workaround for a wrong memory region size in ACPI tables, and a
  fix and cleanup for the ACPI tools Makefile.

  Specifics:

   - Fix for broken ACPI notifications on some systems caused by a
     recent ACPI hotplug commit that blocked the propagation of unknown
     type notifications to device drivers inadvertently.

   - intel_idle fix to make the IvyTown C-states handling (added
     recently) work as intended which now is broken due to missing
     braces.  From Christoph Jaeger.

   - ACPICA fix to make it allocate buffers of the right sizes for the
     Generic Serial Bus operation region access.  From Lv Zheng.

   - PM core fix unblocking cpuidle before entering the "freeze" sleep
     state which causes that state to be able to actually save more
     energy than runtime idle.

   - Configuration and build fixes for the highbank and powernv cpufreq
     drivers from Kefeng Wang and Srivatsa S Bhat.

   - Coccinelle warning fix related to error pointers for the unicore32
     cpufreq driver from Duan Jiong.

   - Integer overflow fix for the ppc-corenet cpufreq driver from Geert
     Uytterhoeven.

   - Workaround for BIOSes that don't report the entire Intel MCH area
     in their ACPI tables from Bjorn Helgaas.

   - ACPI tools Makefile fix and cleanup from Thomas Renninger"

* tag 'pm+acpi-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
  ACPI / notify: Do not block unknown type notifications in root handler
  PNP: Work around BIOS defects in Intel MCH area reporting
  cpufreq: highbank: fix ARM_HIGHBANK_CPUFREQ dependency warning
  cpufreq: ppc: Fix integer overflow in expression
  cpufreq, powernv: Fix build failure on UP
  cpufreq: unicore32: replace IS_ERR and PTR_ERR with PTR_ERR_OR_ZERO
  PM / suspend: Make cpuidle work in the "freeze" state
  intel_idle: fix IVT idle state table setting
  ACPICA: Fix buffer allocation issue for generic_serial_bus region accesses.
  tools/power/acpi: Minor bugfixes
2014-04-27 10:19:06 -07:00
Chris Mason
cfd4a535b6 Btrfs: limit the path size in send to PATH_MAX
fs_path_ensure_buf is used to make sure our path buffers for
send are big enough for the path names as we construct them.
The buffer size is limited to 32K by the length field in
the struct.

But bugs in the path construction can end up trying to build
a huge buffer, and we'll do invalid memmmoves when the
buffer length field wraps.

This patch is step one, preventing the overflows.

Signed-off-by: Chris Mason <clm@fb.com>
2014-04-26 05:02:03 -07:00
Linus Torvalds
1cf35d4771 mm: split 'tlb_flush_mmu()' into tlb flushing and memory freeing parts
The mmu-gather operation 'tlb_flush_mmu()' has done two things: the
actual tlb flush operation, and the batched freeing of the pages that
the TLB entries pointed at.

This splits the operation into separate phases, so that the forced
batched flushing done by zap_pte_range() can now do the actual TLB flush
while still holding the page table lock, but delay the batched freeing
of all the pages to after the lock has been dropped.

This in turn allows us to avoid a race condition between
set_page_dirty() (as called by zap_pte_range() when it finds a dirty
shared memory pte) and page_mkclean(): because we now flush all the
dirty page data from the TLB's while holding the pte lock,
page_mkclean() will be held up walking the (recently cleaned) page
tables until after the TLB entries have been flushed from all CPU's.

Reported-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Tested-by: Dave Hansen <dave.hansen@intel.com>
Acked-by: Hugh Dickins <hughd@google.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Russell King - ARM Linux <linux@arm.linux.org.uk>
Cc: Tony Luck <tony.luck@intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-04-25 16:05:40 -07:00
Rafael J. Wysocki
d4c9c8a09c Merge branches 'pnp' and 'acpi-hotplug'
* pnp:
  PNP: Work around BIOS defects in Intel MCH area reporting

* acpi-hotplug:
  ACPI / notify: Do not block unknown type notifications in root handler
2014-04-26 00:40:25 +02:00
Linus Torvalds
9a60ee117b ltc2945: Don't unecessarily crash kernel on implementation error
vexpress: Fix 'name' and 'label' attributes
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJTWUHbAAoJEMsfJm/On5mBsgcP/A4jk0swIiD+pG8Rd19MleG+
 wY3fW4LGDisJ5yeHplkvkNpWt0RhYq3FECaPmEealmfmx0aDOhvXB9p4/vOGCP52
 ssK0/qhA5T+XbNLVxHT5Hpfm8Ri21VLns6RD1n8ACEzmn8CmI28kqBlHLrP684pa
 4wlg4sHtpZy7HJB0qP2dq93f0oF+cIwepBTWrDzFrpms7xDYgdPIbHWoaCIUPS5j
 DuBo9zLXz9X6td5xaVB5lCzT//PHFOiD4icnxl/tpslil6cAUn6gREMnIe7Lp042
 2JfuzU7947I07QttJbckvoe3ZLV+kWYFKRmcFYNHmhj9lu9PwYmZZrnjI/8lrIDq
 Jm1IvNuUkM20XwlftcaIqxHQCzg2jY57iH6OEN2F4RwhnaDs5gRyLsqqORu8hoIn
 yREH8COb+mW6e1pUgcx8eH1yztjad098xYXlm0876dRP5NN1H+iSOGZy7Chk2+Wx
 CH8x101Vm8TU5aEftzPsGVOfaBXnolB1KUuYSjZMfep5fWI2MZUQkbvSzQhOh1dA
 JdgISs/XedD8Y+Bnwn9bp3WYSFeBQsZAULcfzpvaYNfoPOL7fCIZ4QqaSABiueHo
 CfP55ElL/kR36k3/aarr4Po1S+ZOwvxaQt/rewOC2cTmT5INuV19XFGc15wneHuH
 +IgTR+iwGLTx/kW5L8ln
 =9IVK
 -----END PGP SIGNATURE-----

Merge tag 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging

Pull hwmon fixes from Guenter Roeck:
 - ltc2945: Don't unecessarily crash kernel on implementation error
 - vexpress: Fix 'name' and 'label' attributes

* tag 'hwmon-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
  hwmon: (ltc2945) Don't crash the kernel unnecessarily
  hwmon: (vexpress) Avoid creating non-existing attributes
  hwmon: (vexpress) Use legal hwmon device names
2014-04-25 13:12:25 -07:00
Linus Torvalds
6dda80ffa4 SCSI fixes on 20140425
This is a set of seven fixes, three (hpsa) and free'd command references
 correcting bugs in the last round of updates and the remaining four correcting
 problems within the SCSI error handler that was causing a deadlock within USB.
 
 Signed-off-by: James Bottomley <JBottomley@Parallels.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQEcBAABAgAGBQJTWnfJAAoJEDeqqVYsXL0MO/UH/RWKALNIMzMg8yUSlozPFXFj
 xgPgbp/DJdYq952wrAF0D+ewoukdXJS3QbF594aBb73iWUzEKFz8Z1naVrcV0+/9
 ob1Uo56yb4PP9Qd7vtx7g3RK2o5Oz7NXICuH/zhEzhiVle/U5b1M1IZ9XnqK1bFD
 gnplHz7UoKZskQKTSo6wxfAWJBD7V/JDpA6E2YbTtw1c0W4c1kgiSN2hOFjjiQEl
 E3/JJzLr3BqSKoh5+5LPclXIYsXy3DT4L9b2nedEDIAN0yGx1HMeQKR26ZobeCx6
 w5IkgQaRZJgoJgX7PyRtgdMh4TYZ4vKXFZ3jWqtQG7kCdWD2jwl9Dyruhj1vE8Q=
 =izXj
 -----END PGP SIGNATURE-----

Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:
 "This is a set of seven fixes, three (hpsa) and free'd command
  references correcting bugs in the last round of updates and the
  remaining four correcting problems within the SCSI error handler that
  was causing a deadlock within USB"

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
  [SCSI] More USB deadlock fixes
  [SCSI] Fix USB deadlock caused by SCSI error handling
  [SCSI] Fix command result state propagation
  [SCSI] Fix spurious request sense in error handling
  [SCSI] don't reference freed command in scsi_prep_return
  [SCSI] don't reference freed command in scsi_init_sgtable
  [SCSI] hpsa: fix NULL dereference in hpsa_put_ctlr_into_performant_mode()
2014-04-25 13:07:24 -07:00
Linus Torvalds
3fe89d2e76 ARM: SoC fixes for 3.15-rc3:
Since we didn't get around to collect fixes in time for -rc2 over
 the easter vacation, this one is unfortunately a bit larger than
 we'd like for an -rc3 merge. A large set of the changes is in the
 device tree sources, so I'm splitting out the description between
 code changes and DT changes. Aside from omap and versatile express,
 the actual code bugs are sporadic and trivial. Here is an overview:
 
   imx:
    - fix video clock settings
    - fix one clock refcounting bug
 
   omap:
    - update defconfig for renamed USB PHY driver
    - fix error handling in gpmc
    - fix N900 video initialization regression
    - fix reression in hwmod code from missing braces
    - fix am43xx and omap3 clocks
    - remove bogus write to voltage control register
 
   pxa:
    - fix build regression from 3.13 header cleanup
 
   rockchip:
    - fix a misleading printk string
 
   shmobile:
    - fix incorrect sound setting on multiple machines
 
   spear:
    - remove incorrect __init section annotation
 
   tegra:
    - remove a stale Kconfig entry
 
   u300:
    - update defconfig
 
   ux500:
    - enable common wireless and sensor drivers in defconfig
    - more defconfig updates
 
   vexpress:
    - fix voltage calculation for opp
    - fix reboot hang and warning
    - fix out-of-bounds array access
    - improve error handling in clock driver
 
   overall:
    - always select CLKSRC_OF in multiplatform builds
 
 And these are the devicetree related changes:
 
   imx:
    - add missing #clock-cell properties
    - fix pinctrl setting in imx6sl-evk
    - fix video endpoint on imx53
    - remove obsolete lvds-channel nodes (multiple patches)
    - add missing second stmpe node
    - fix usb host mode on dmo-edmqmx6 (multiple patches)
    - fix gic node #address-cells to match usage
    - add missing legacy IRQ map for PCIe
    - fix microsom pincontrol setting for rgmii
    - fix fatal typo in touchscreen DT usage for mx5
    - list all RAM present on m53evk and mx53qsb
 
   omap:
    - fix bug in DT handling of gpmc external bus
    - add DT for older revision of beagleboard
    - fix regression after DT node name fixes
    - remove obsolete properties for gpmc
    - fix pinmux comment to match DT it refers to
    - fix newly added dra7xx clock node data
    - add missing clock for USB PHY
 
   mvebu:
    - add missing clock for mdio node
    - fix nonstandard vendor prefixes on i2c nodes
 
   rockchip:
    - fix pin control setting for uart
 
   shmobile:
    - fix typo in DT data for pin control (multiple patches)
    - fix gic node #address-cells to match usage
 
   tegra:
    - fix clock and uart DT representation to match hardware
 
   zynq:
    - add DT nodes for newly added driver
    - add DT properties required for cpufreq-ondemand
 
   overall:
    - restore alphabetic order in Makefile
    - grammar fixes in bindings
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIVAwUAU1pK92CrR//JCVInAQLerA/9GwLHJIBU6osKnZtIWDYPhYj81uRxgF5Q
 qtaUdsSoDQmIiW8tzJL0VUBJQfSpPtf4hsIPh5dMKclalx+0kca3zpPepo58rvEP
 zG39OIK/fBsmD/eVkz0y3lG5BUu9/1gkpnM8jSEmkDWqcNX8wQoOeHSrWXWzEk1G
 2eZlXsYr9OVuIGRx14wnINvPuD2Z75zEXA7KDbDuYqauQvVojj5wH6s8R7Ujy7e1
 +NGCThkLJUF2wid+6QmVk9D6tQXyVxmf+cr080n58LmOmoVnoFkCjs5gaUUIP8Zb
 nM97PQly0s1JIRn+9jF7+U0KNyp9eec7Ogc00tpvvBmQI2kVfHfSRROLq+tDGu1t
 nEEy52X/QVgWWY+1qUl+gqIWWmMTpniDF1pd/5jP3jKXUc/sM7OfLGQaTP4O7sR6
 5MlfvqvSO/EaMeWEvX4e8+Z+2dY1qFZUYk7VtamqmOegzkcDjAiJ3aQNozuqq9JH
 TTHbA2Em9VGC1LlAMAg7h46rM//npCeJ0Q5yjuFk093UBEbAF4HWO2PFNrdohKzC
 Yz/R+vkvGeQ98K/4jj4UIyjcB4PUX+DRrozC10i2XCQh+UIYdgC4dFQz1nH/4iQS
 CrdSRmDvpZDjSFV5m4+QVkaEsTJnXX6vV62VBVRcSLkqyfPABWj1y9c2L3K8kfBJ
 6nbficflFqE=
 =PPo/
 -----END PGP SIGNATURE-----

Merge tag 'fixes-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM SoC fixes from Arnd Bergmann:
 "Since we didn't get around to collect fixes in time for -rc2 over the
  easter vacation, this one is unfortunately a bit larger than we'd like
  for an -rc3 merge.

  A large set of the changes is in the device tree sources, so I'm
  splitting out the description between code changes and DT changes.
  Aside from omap and versatile express, the actual code bugs are and
  trivial.  Here is an overview:

  imx:
   - fix video clock settings
   - fix one clock refcounting bug

  omap:
   - update defconfig for renamed USB PHY driver
   - fix error handling in gpmc
   - fix N900 video initialization regression
   - fix reression in hwmod code from missing braces
   - fix am43xx and omap3 clocks
   - remove bogus write to voltage control register

  pxa:
   - fix build regression from 3.13 header cleanup

  rockchip:
   - fix a misleading printk string

  shmobile:
   - fix incorrect sound setting on multiple machines

  spear:
   - remove incorrect __init section annotation

  tegra:
   - remove a stale Kconfig entry

  u300:
   - update defconfig

  ux500:
   - enable common wireless and sensor drivers in defconfig
   - more defconfig updates

  vexpress:
   - fix voltage calculation for opp
   - fix reboot hang and warning
   - fix out-of-bounds array access
   - improve error handling in clock driver

  overall:
   - always select CLKSRC_OF in multiplatform builds

  And these are the devicetree related changes:

  imx:
   - add missing #clock-cell properties
   - fix pinctrl setting in imx6sl-evk
   - fix video endpoint on imx53
   - remove obsolete lvds-channel nodes (multiple patches)
   - add missing second stmpe node
   - fix usb host mode on dmo-edmqmx6 (multiple patches)
   - fix gic node #address-cells to match usage
   - add missing legacy IRQ map for PCIe
   - fix microsom pincontrol setting for rgmii
   - fix fatal typo in touchscreen DT usage for mx5
   - list all RAM present on m53evk and mx53qsb

  omap:
   - fix bug in DT handling of gpmc external bus
   - add DT for older revision of beagleboard
   - fix regression after DT node name fixes
   - remove obsolete properties for gpmc
   - fix pinmux comment to match DT it refers to
   - fix newly added dra7xx clock node data
   - add missing clock for USB PHY

  mvebu:
   - add missing clock for mdio node
   - fix nonstandard vendor prefixes on i2c nodes

  rockchip:
   - fix pin control setting for uart

  shmobile:
   - fix typo in DT data for pin control (multiple patches)
   - fix gic node #address-cells to match usage

  tegra:
   - fix clock and uart DT representation to match hardware

  zynq:
   - add DT nodes for newly added driver
   - add DT properties required for cpufreq-ondemand

  overall:
   - restore alphabetic order in Makefile
   - grammar fixes in bindings"

* tag 'fixes-3.15-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (66 commits)
  ARM: vexpress/TC2: Convert OPP voltage to uV before storing
  power/reset: vexpress: Fix restart/power off operation
  dt: tegra: remove non-existent clock IDs
  clk: tegra: remove non-existent clocks
  ARM: tegra: remove UART5/UARTE from tegra124.dtsi
  ARM: tegra: remove TEGRA_EMC_SCALING_ENABLE
  ARM: Tidy up DTB Makefile entries
  ARM: fix missing CLKSRC_OF on multi-platform
  ARM: spear: add __init to spear_clocksource_init()
  ARM: pxa: hx4700.h: include "irqs.h" for PXA_NR_BUILTIN_GPIO
  arm/mach-vexpress: array accessed out of bounds
  clk: vexpress: NULL dereference on error path
  ARM: OMAP2+: Fix GPMC remap for devices using an offset
  ARM: zynq: dt: Add I2C nodes to Zynq device tree
  ARM: zynq: DT: Add 'clock-latency' property
  ARM: OMAP2+: Fix oops for GPMC free
  ARM: dts: Add support for the BeagleBoard xM A/B
  ARM: dts: Grammar /that will/it will/
  ARM: dts: Grammar /is uses/ is used/
  ARM: OMAP2+: Fix config name for USB3 PHY
  ...
2014-04-25 13:02:02 -07:00
Linus Torvalds
625bba662c File locking related bugfixes for v3.15 (pile #2)
- fix for a long-standing bug in __break_lease that can cause soft lockups
 - renaming of file-private locks to "open file description" locks, and the
   command macros to more visually distinct names.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJTWB/iAAoJEAAOaEEZVoIV2tUP/A1c9YUmgt+LdOJIA2k3Uh9C
 nNdZss2hj8s91qCRe1Mb7L9UjzTEEiYILYqmXMRW9yUpPI7Oxr5sjqZEqlK5lTso
 447QEow93wSE/WIKwwzdbKS+CMRNvIba6EjzQ7h0kU3ExMnFMXwD2QK7eGT2pEko
 kaQMq5BbxxIaTYmp/tKioacBPbpO3TQpS6ZWv2kZDCk4l1wCdsBNL7h3eqM63L/L
 A05zA88e3//wxVSPLA5JpQJ5fYkZrz7sqZYd+H80VXn34YQY7/7Kq16fiCprhntq
 tZb9LWOIJmSruN7r39KJgf43++fpSrv5XPfqsL4TDdwGcYwBAznhItrfOUC0Ja1+
 ZY227gHbxBwSeN9jj3zc4peOpzNPdIMnw0CEZVGn/AgssFFh/Ja8PrIQCxjI5djP
 eLqiiBBznt9HaZWPslWxaKqhdINFyuMp9LbEJ71nXwLQVYY32rOS828FAna982F3
 i0A48tPbrGpA1elGnVcsiAmJtAbZA9X6Y5M+gQGU2vWgX5GxiLeXOmEd+kVOaTmu
 2WVlwvEc3jTlxg9naGAKsfXwaOKqEIPJDoahWTpSRtNOntNwiPjg0cW80abq+Ybx
 WaPFhDLyd7290QyOASjyC4TwXMA2XvtQMQ8P+SMWkc2ZscjtuMBfEK9TBalg8tZV
 vHNrZpqnftIX7u6Y/fuT
 =rrtj
 -----END PGP SIGNATURE-----

Merge tag 'locks-v3.15-2' of git://git.samba.org/jlayton/linux

Pull file locking fixes from Jeff Layton:
 "File locking related bugfixes for v3.15 (pile #2)

   - fix for a long-standing bug in __break_lease that can cause soft
     lockups
   - renaming of file-private locks to "open file description" locks,
     and the command macros to more visually distinct names

  The fix for __break_lease is also in the pile of patches for which
  Bruce sent a pull request, but I assume that your merge procedure will
  handle that correctly.

  For the other patches, I don't like the fact that we need to rename
  this stuff at this late stage, but it should be settled now
  (hopefully)"

* tag 'locks-v3.15-2' of git://git.samba.org/jlayton/linux:
  locks: rename FL_FILE_PVT and IS_FILE_PVT to use "*_OFDLCK" instead
  locks: rename file-private locks to "open file description locks"
  locks: allow __break_lease to sleep even when break_time is 0
2014-04-25 12:40:32 -07:00
Linus Torvalds
b8e6dece37 Merge branch 'for-3.15' of git://linux-nfs.org/~bfields/linux
Pull nfsd bugfixes from Bruce Fields:
 "Three small nfsd bugfixes (including one locks.c fix for a bug
  triggered only from nfsd).

  Jeff's patches are for long-existing problems that became easier to
  trigger since the addition of vfs delegation support"

* 'for-3.15' of git://linux-nfs.org/~bfields/linux:
  Revert "nfsd4: fix nfs4err_resource in 4.1 case"
  nfsd: set timeparms.to_maxval in setup_callback_client
  locks: allow __break_lease to sleep even when break_time is 0
2014-04-25 12:39:05 -07:00
Christian Borntraeger
0c8c77d355 s390/ccwgroup: Fix memory corruption
commit 0b60f9ead5 (s390: use
device_remove_file_self() instead of device_schedule_callback())

caused random memory corruption on my s390 box. Turns out that the
last element of the ccwgroup structure is of dynamic size, so we
must move the newly introduced work structure _before_ the zero
length array.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
CC: Tejun Heo <tj@kernel.org>
CC: Martin Schwidefsky <schwidefsky@de.ibm.com>
CC: Heiko Carstens <heiko.carstens@de.ibm.com>
CC: Sebastian Ott <sebott@linux.vnet.ibm.com>
CC: Peter Oberparleiter <oberpar@linux.vnet.ibm.com>
Acked-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 12:25:14 -07:00
Tejun Heo
b44b214026 kernfs: add back missing error check in kernfs_fop_mmap()
While updating how mmap enabled kernfs files are handled by lockdep,
9b2db6e189 ("sysfs: bail early from kernfs_file_mmap() to avoid
spurious lockdep warning") inadvertently dropped error return check
from kernfs_file_mmap().  The intention was just dropping "if
(ops->mmap)" check as the control won't reach the point if the mmap
callback isn't implemented, but I mistakenly removed the error return
check together with it.

This led to Xorg crash on i810 which was reported and bisected to the
commit and then to the specific change by Tobias.

Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-and-bisected-by: Tobias Powalowski <tobias.powalowski@googlemail.com>
Tested-by: Tobias Powalowski <tobias.powalowski@googlemail.com>
References: http://lkml.kernel.org/g/533D01BD.1010200@googlemail.com
Cc: stable <stable@vger.kernel.org> # 3.14
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 12:25:13 -07:00
Jianyu Zhan
c1befb8859 kernfs: fix a subdir count leak
Currently kernfs_link_sibling() increates parent->dir.subdirs before
adding the node into parent's chidren rb tree.

Because it is possible that kernfs_link_sibling() couldn't find
a suitable slot and bail out, this leads to a mismatch between
elevated subdir count with actual children node numbers.

This patches fix this problem, by moving the subdir accouting
after the actual addtion happening.

Signed-off-by: Jianyu Zhan <nasa4836@gmail.com>
Acked-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 12:25:13 -07:00
Bjørn Mork
34f972d615 usb: option: add and update a number of CMOTech devices
A number of older CMOTech modems are based on Qualcomm
chips.  The blacklisted interfaces are QMI/wwan.

Reported-by: Lars Melin <larsm17@gmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 11:35:04 -07:00
Bjørn Mork
dd6b48ecec usb: option: add Alcatel L800MA
Device interface layout:
0: ff/ff/ff - serial
1: ff/00/00 - serial AT+PPP
2: ff/ff/ff - QMI/wwan
3: 08/06/50 - storage

Cc: <stable@vger.kernel.org>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 11:35:04 -07:00
Bjørn Mork
533b399461 usb: option: add Olivetti Olicard 500
Device interface layout:
0: ff/ff/ff - serial
1: ff/ff/ff - serial AT+PPP
2: 08/06/50 - storage
3: ff/ff/ff - serial
4: ff/ff/ff - QMI/wwan

Cc: <stable@vger.kernel.org>
Reported-by: Julio Araujo <julio.araujo@wllctel.com.br>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 11:35:04 -07:00
Bjørn Mork
bce4f588f1 usb: qcserial: add Sierra Wireless MC7305/MC7355
Cc: <stable@vger.kernel.org>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 11:35:04 -07:00
Bjørn Mork
70a3615fc0 usb: qcserial: add Sierra Wireless MC73xx
Cc: <stable@vger.kernel.org>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 11:35:04 -07:00
Bjørn Mork
a00986f811 usb: qcserial: add Sierra Wireless EM7355
Cc: <stable@vger.kernel.org>
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 11:35:04 -07:00
Chanho Min
bc3ee18a7a arm64: init: Move of_clk_init to time_init
Clock providers should be initialized before clocksource_of_init.
If not, Clock source initialization can be fail to get the clock.

Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Chanho Min <chanho.min@lge.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2014-04-25 18:15:56 +01:00
Johan Hovold
5509076d1b USB: io_ti: fix firmware download on big-endian machines
During firmware download the device expects memory addresses in
big-endian byte order. As the wIndex parameter which hold the address is
sent in little-endian byte order regardless of host byte order, we need
to use swab16 rather than cpu_to_be16.

Also make sure to handle the struct ti_i2c_desc size parameter which is
returned in little-endian byte order.

Reported-by: Ludovic Drolez <ldrolez@debian.org>
Tested-by: Ludovic Drolez <ldrolez@debian.org>
Cc: stable@vger.kernel.org
Signed-off-by: Johan Hovold <jhovold@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 09:34:10 -07:00
David Cohen
01bb59ebff usb/xhci: fix compilation warning when !CONFIG_PCI && !CONFIG_PM
When CONFIG_PCI and CONFIG_PM are not selected, xhci.c gets this
warning:
drivers/usb/host/xhci.c:409:13: warning: ‘xhci_msix_sync_irqs’ defined
but not used [-Wunused-function]

Instead of creating nested #ifdefs, this patch fixes it by defining the
xHCI PCI stubs as inline.

This warning has been in since 3.2 kernel and was
caused by commit 421aa841a1
"usb/xhci: hide MSI code behind PCI bars", but wasn't noticed
until 3.13 when a configuration with these options was tried

Signed-off-by: David Cohen <david.a.cohen@linux.intel.com>
Cc: stable@vger.kernel.org # 3.2
Signed-off-by: Mathias Nyman <mathias.nyman@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 09:34:10 -07:00
Igor Gnatenko
6db249ebef xhci: extend quirk for Renesas cards
After suspend another Renesas PCI-X USB 3.0 card doesn't work.
[root@fedora-20 ~]# lspci -vmnnd 1912:
Device:	03:00.0
Class:	USB controller [0c03]
Vendor:	Renesas Technology Corp. [1912]
Device:	uPD720202 USB 3.0 Host Controller [0015]
SVendor:	Renesas Technology Corp. [1912]
SDevice:	uPD720202 USB 3.0 Host Controller [0015]
Rev:	02
ProgIf:	30

This patch should be applied to stable kernel 3.14 that contain
the commit 1aa9578c1a
"xhci: Fix resume issues on Renesas chips in Samsung laptops"

Reported-and-tested-by: Anatoly Kharchenko <rfr-bugs@yandex.ru>
Reference: http://redmine.russianfedora.pro/issues/1315
Signed-off-by: Igor Gnatenko <i.gnatenko.brain@gmail.com>
Cc: stable@vger.kernel.org # 3.14
Signed-off-by: Mathias Nyman <mathias.nyman@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 09:34:10 -07:00
Denis Turischev
c09ec25d36 xhci: Switch Intel Lynx Point ports to EHCI on shutdown.
The same issue like with Panther Point chipsets. If the USB ports are
switched to xHCI on shutdown, the xHCI host will send a spurious interrupt,
which will wake the system. Some BIOS have work around for this, but not all.
One example is Compulab's mini-desktop, the Intense-PC2.

The bug can be avoided if the USB ports are switched back to EHCI on
shutdown.

This patch should be backported to stable kernels as old as 3.12,
that contain the commit 638298dc66
"xhci: Fix spurious wakeups after S5 on Haswell"

Signed-off-by: Denis Turischev <denis@compulab.co.il>
Cc: stable@vger.kernel.org
Signed-off-by: Mathias Nyman <mathias.nyman@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 09:34:10 -07:00
Julius Werner
1f81b6d22a usb: xhci: Prefer endpoint context dequeue pointer over stopped_trb
We have observed a rare cycle state desync bug after Set TR Dequeue
Pointer commands on Intel LynxPoint xHCs (resulting in an endpoint that
doesn't fetch new TRBs and thus an unresponsive USB device). It always
triggers when a previous Set TR Dequeue Pointer command has set the
pointer to the final Link TRB of a segment, and then another URB gets
enqueued and cancelled again before it can be completed. Further
investigation showed that the xHC had returned the Link TRB in the TRB
Pointer field of the Transfer Event (CC == Stopped -- Length Invalid),
but when xhci_find_new_dequeue_state() later accesses the Endpoint
Context's TR Dequeue Pointer field it is set to the first TRB of the
next segment.

The driver expects those two values to be the same in this situation,
and uses the cycle state of the latter together with the address of the
former. This should be fine according to the XHCI specification, since
the endpoint ring should be stopped when returning the Transfer Event
and thus should not advance over the Link TRB before it gets restarted.
However, real-world XHCI implementations apparently don't really care
that much about these details, so the driver should follow a more
defensive approach to try to work around HC spec violations.

This patch removes the stopped_trb variable that had been used to store
the TRB Pointer from the last Transfer Event of a stopped TRB. Instead,
xhci_find_new_dequeue_state() now relies only on the Endpoint Context,
requiring a small amount of additional processing to find the virtual
address corresponding to the TR Dequeue Pointer. Some other parts of the
function were slightly rearranged to better fit into this model.

This patch should be backported to kernels as old as 2.6.31 that contain
the commit ae63674714 "USB: xhci: URB
cancellation support."

Signed-off-by: Julius Werner <jwerner@chromium.org>
Cc: stable@vger.kernel.org
Signed-off-by: Mathias Nyman <mathias.nyman@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-04-25 09:34:10 -07:00
Leo Yan
8f0712037b arm64: initialize spinlock for init_mm's context
ARM64 has defined the spinlock for init_mm's context, so need initialize
the spinlock structure; otherwise during the suspend flow it will dump
the info for spinlock's bad magic warning as below:

[   39.084394] Disabling non-boot CPUs ...
[   39.092871] BUG: spinlock bad magic on CPU#1, swapper/1/0
[   39.092896]  lock: init_mm+0x338/0x3e0, .magic: 00000000, .owner: <none>/-1, .owner_cpu: 0
[   39.092907] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G           O 3.10.33 #125
[   39.092912] Call trace:
[   39.092927] [<ffffffc000087e64>] dump_backtrace+0x0/0x16c
[   39.092934] [<ffffffc000087fe0>] show_stack+0x10/0x1c
[   39.092947] [<ffffffc000765334>] dump_stack+0x1c/0x28
[   39.092953] [<ffffffc0007653b8>] spin_dump+0x78/0x88
[   39.092960] [<ffffffc0007653ec>] spin_bug+0x24/0x34
[   39.092971] [<ffffffc000300a28>] do_raw_spin_lock+0x98/0x17c
[   39.092979] [<ffffffc00076cf08>] _raw_spin_lock_irqsave+0x4c/0x60
[   39.092990] [<ffffffc000094044>] set_mm_context+0x1c/0x6c
[   39.092996] [<ffffffc0000941c8>] __new_context+0x94/0x10c
[   39.093007] [<ffffffc0000d63d4>] idle_task_exit+0x104/0x1b0
[   39.093014] [<ffffffc00008d91c>] cpu_die+0x14/0x74
[   39.093021] [<ffffffc000084f74>] arch_cpu_idle_dead+0x8/0x14
[   39.093030] [<ffffffc0000e7f18>] cpu_startup_entry+0x1ec/0x258
[   39.093036] [<ffffffc00008d810>] secondary_start_kernel+0x114/0x124

Signed-off-by: Leo Yan <leoy@marvell.com>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2014-04-25 16:46:51 +01:00
Will Deacon
43683afbcb arm64: debug: remove noisy, pointless warning
Sending a SIGTRAP to a user task after execution of a BRK instruction at
EL0 is fundamental to the way in which software breakpoints work and
doesn't deserve a warning to be logged in dmesg. Whilst the warning can
be justified from EL1, do_debug_exception will already do the right thing,
so simply remove the code altogether.

Cc: Sandeepa Prabhu <sandeepa.prabhu@linaro.org>
Reported-by: Kyrylo Tkachov <kyrylo.tkachov@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2014-04-25 16:46:50 +01:00
Steve Capper
2eb835e058 arm64: mm: Add THP TLB entries to general mmu_gather
When arm64 moved over to the core mmu_gather, it lost the logic to
flush THP TLB entries (tlb_remove_pmd_tlb_entry was removed and the
core implementation only signals that the mmu_gather needs a flush).

This patch ensures that tlb_add_flush is called for THP TLB entries.

Signed-off-by: Steve Capper <steve.capper@linaro.org>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2014-04-25 16:46:49 +01:00
Sebastian Hesselbarth
d93003e8e4 ARM: 8042/1: iwmmxt: allow to build iWMMXt on Marvell PJ4B
Some Marvell PJ4B CPUs also implement iWMMXt extensions. With a
proper check for iWMMXt coprocessors now in place, enable it by
default on PJ4B. While at it, also allow to manually select
the corresponding Kconfig option.

Signed-off-by: Sebastian Hesselbarth <sebastian.hesselbarth@gmail.com>
Tested-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Tested-by: Kevin Hilman <khilman@linaro.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2014-04-25 12:07:35 +01:00