- 11 Jan, 2013 40 commits
-
-
Afzal Mohammed authored
commit d7554226 upstream. This reverts commit d8c3ef25. Above mentioned change was made along with multi usb phy change and adding DT support for nop transceiver. But other two changes did not make it to mainline. This in effect makes dsps musb wrapper unusable even for single instance. Hence revert it so that at least single instance can be supported. Signed-off-by:
Afzal Mohammed <afzal@ti.com> Signed-off-by:
Felipe Balbi <balbi@ti.com> Signed-off-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
Sergei Shtylyov authored
commit 8b416b0b upstream. Now that DaVinci glue layer can be modular, we must export cppi_interrupt() that it may call... Signed-off-by:
Sergei Shtylyov <sshtylyov@ru.mvista.com> Signed-off-by:
-
Thomas Gleixner authored
commit 04aa530e upstream. Sankara reported that the genirq core code fails to adjust the affinity of an interrupt thread in several cases: 1) On request/setup_irq() the call to setup_affinity() happens before the new action is registered, so the new thread is not notified. 2) For secondary shared interrupts nothing notifies the new thread to change its affinity. 3) Interrupts which have the IRQ_NO_BALANCE flag set are not moving the thread either. Fix this by setting the thread affinity flag right on thread creation time. This ensures that under all circumstances the thread moves to the right place. Requires a check in irq_thread_check_affinity for an existing affinity mask (CONFIG_CPU_MASK_OFFSTACK=y) Reported-and-tested-by:
Sankara Muthukrishnan <sankara.m@gmail.com> Link: http://lkml.kernel.org/r/alpine.LFD.2.02.1209041738200.2754@ionosSigned-off-by:
Thomas Gleixner <tglx@linutronix.de> Signed-off-by:
-
Dmitry Torokhov authored
commit e324ce61 upstream. If of_get_gpio_flags() returns an error (as in case when GPIO probe is deferred) the driver would attempt to claim invalid GPIO. It should propagate the error code up the stack instead so that the probe either fails or will be retried later (in case of -EPROBE_DEFER). Reported-by:
Gabor Juhos <juhosg@openwrt.org> Signed-off-by:
Dmitry Torokhov <dmitry.torokhov@gmail.com> Signed-off-by:
-
Gabor Juhos authored
commit d46329a7 upstream. If GPIO probing is deferred, the driver tries to claim an invalid GPIO line which leads to an error message like this: gpio-keys-polled buttons.2: unable to claim gpio 4294966779, err=-22 gpio-keys-polled: probe of buttons.2 failed with error -22 We should make sure that error code returned by of_get_gpio_flags (including -EPROBE_DEFER) is propagated up the stack. Signed-off-by:
-
Christophe TORDEUX authored
commit a2546165 upstream. Report only the position of the first finger as absolute non-MT coordinates, instead of reporting both fingers alternatively. Actual MT events are unaffected. This fixes horizontal and improves vertical scrolling with the touchpad. Signed-off-by:
Christophe TORDEUX <christophe@tordeux.net> Signed-off-by:
-
Diego Calleja authored
commit e12b3cec upstream. Commit f393ee2b forgot to add the touch_max property for Wacom Bamboo Fun CTH-461/S, ID 056a:00d2. This broke the touch functionality for that device. This patch, (done with help of Ping Cheng), adds the correct value and makes touch work again. Signed-off-by:
Diego Calleja <diegocg@gmail.com> Reviewed-by:
Ping Cheng <pinglinux@gmail.com> Signed-off-by:
-
Peter Popovec authored
commit a455e298 upstream. The driver's timer must be set up before enabling IRQ handler, otherwise bad things may happen. Reported-and-tested-by:
Fengguang Wu <fengguang.wu@intel.com> Signed-off-by:
Peter Popovec <popovec@fei.tuke.sk> Signed-off-by:
-
NeilBrown authored
commit b911a6bd upstream. NFS appears to use d_obtain_alias() to create the root dentry rather than d_make_root. This can cause 'prepend_path()' to complain that the root has a weird name if an NFS filesystem is lazily unmounted. e.g. if "/mnt" is an NFS mount then { cd /mnt; umount -l /mnt ; ls -l /proc/self/cwd; } will cause a WARN message like WARNING: at /home/git/linux/fs/dcache.c:2624 prepend_path+0x1d7/0x1e0() ... Root dentry has weird name <> to appear in kernel logs. So change d_obtain_alias() to use "/" rather than "" as the anonymous name. Signed-off-by:
NeilBrown <neilb@suse.de> Cc: Trond Myklebust <Trond.Myklebust@netapp.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
Al Viro <viro@zeniv.linux.org.uk> Signed-off-by:
-
Nickolai Zeldovich authored
commit ecf0eb9e upstream. Fix an inverted null pointer check in initiate_bulk_draining(). Signed-off-by:
Nickolai Zeldovich <nickolai@csail.mit.edu> Signed-off-by:
Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by:
-
Trond Myklebust authored
commit 6db6dd7d upstream. This patch ensures that we free the rpc_task after the cleanup callbacks are done in order to avoid a deadlock problem that can be triggered if the callback needs to wait for another workqueue item to complete. Signed-off-by:
-
Xi Wang authored
commit e25fbe38 upstream. The following null pointer check is broken. *option = match_strdup(args); return !option; The pointer `option' must be non-null, and thus `!option' is always false. Use `!*option' instead. The bug was introduced in commit c5cb09b6 ("Cleanup: Factor out some cut-and-paste code."). Signed-off-by:
Xi Wang <xi.wang@gmail.com> Signed-off-by:
-
Yanchuan Nian authored
commit 39e88fcf upstream. The layout will be set unusable if LAYOUTGET fails. Is it reasonable to increase the refcount iff LAYOUTGET fails the first time? Signed-off-by:
Yanchuan Nian <ycnian@gmail.com> Signed-off-by:
-
Weston Andros Adamson authored
commit f8d9a897 upstream. nfs_open_permission_mask() should only check MAY_EXEC for files that are opened with __FMODE_EXEC. Also fix NFSv4 access-in-open path in a similar way -- openflags must be used because fmode will not always have FMODE_EXEC set. This patch fixes https://bugzilla.kernel.org/show_bug.cgi?id=49101Signed-off-by:
Weston Andros Adamson <dros@netapp.com> Signed-off-by:
-
Neil Brown authored
commit 7007c90f upstream. With NFSv4, if we create a file then open it we explicit avoid checking the permissions on the file during the open because the fact that we created it ensures we should be allow to open it (the create and the open should appear to be a single operation). However if the reply to an EXCLUSIVE create gets lots and the client resends the create, the current code will perform the permission check - because it doesn't realise that it did the open already.. This patch should fix this. Note that I haven't actually seen this cause a problem. I was just looking at the code trying to figure out a different EXCLUSIVE open related issue, and this looked wrong. (Fix confirmed with pynfs 4.0 test OPEN4--bfields) Signed-off-by:
J. Bruce Fields <bfields@redhat.com> Signed-off-by:
-
J. Bruce Fields authored
commit d5f50b0c upstream. If the argument and reply together exceed the maximum payload size, then a reply with a read-like operation can overlow the rq_pages array. Signed-off-by:
-
J. Bruce Fields authored
commit 57d276d7 upstream. Very embarassing: 1091006c "nfsd: turn on reply cache for NFSv4" missed a line, effectively leaving the reply cache off in the v4 case. I thought I'd tested that, but I guess not. This time, wrote a pynfs test to confirm it works. Signed-off-by:
-
Yanchuan Nian authored
commit 3c40794b upstream. The object type in the cache of lockowner_slab is wrong, and it is better to fix it. Signed-off-by:
-
Trond Myklebust authored
commit ada8e20d upstream. The writeback code is already capable of passing errors back to user space by means of the open_context->error. In the case of ENOSPC, Neil Brown is reporting seeing 2 errors being returned. Neil writes: "e.g. if /mnt2/ if an nfs mounted filesystem that has no space then strace dd if=/dev/zero conv=fsync >> /mnt2/afile count=1 reported Input/output error and the relevant parts of the strace output are: write(1, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512 fsync(1) = -1 EIO (Input/output error) close(1) = -1 ENOSPC (No space left on device)" Neil then shows that the duplication of error messages appears to be due to the use of the PageError() mechanism, which causes filemap_fdatawait_range to return the extra EIO. The regression was introduced by commit 7b281ee0 (NFS: fsync() must exit with an error if page writeback failed). Fix this by removing the call to SetPageError(), and just relying on open_context->error reporting the ENOSPC back to fsync(). Reported-by:
-
Trond Myklebust authored
commit 1f018458 upstream. It is almost always wrong for NFS to call drop_nlink() after removing a file. What we really want is to mark the inode's attributes for revalidation, and we want to ensure that the VFS drops it if we're reasonably sure that this is the final unlink(). Do the former using the usual cache validity flags, and the latter by testing if inode->i_nlink == 1, and clearing it in that case. This also fixes the following warning reported by Neil Brown and Jeff Layton (among others). [634155.004438] WARNING: at /home/abuild/rpmbuild/BUILD/kernel-desktop-3.5.0/lin [634155.004442] Hardware name: Latitude E6510 [634155.004577] crc_itu_t crc32c_intel snd_hwdep snd_pcm snd_timer snd soundcor [634155.004609] Pid: 13402, comm: bash Tainted: G W 3.5.0-36-desktop # [634155.004611] Call Trace: [634155.004630] [<ffffffff8100444a>] dump_trace+0xaa/0x2b0 [634155.004641] [<ffffffff815a23dc>] dump_stack+0x69/0x6f [634155.004653] [<ffffffff81041a0b>] warn_slowpath_common+0x7b/0xc0 [634155.004662] [<ffffffff811832e4>] drop_nlink+0x34/0x40 [634155.004687] [<ffffffffa05bb6c3>] nfs_dentry_iput+0x33/0x70 [nfs] [634155.004714] [<ffffffff8118049e>] dput+0x12e/0x230 [634155.004726] [<ffffffff8116b230>] __fput+0x170/0x230 [634155.004735] [<ffffffff81167c0f>] filp_close+0x5f/0x90 [634155.004743] [<ffffffff81167cd7>] sys_close+0x97/0x100 [634155.004754] [<ffffffff815c3b39>] system_call_fastpath+0x16/0x1b [634155.004767] [<00007f2a73a0d110>] 0x7f2a73a0d10f Signed-off-by:
-
NeilBrown authored
commit f259613a upstream. In rare circumstances, nfs_clone_server() of a v2 or v3 server can get an error between setting server->destory (to nfs_destroy_server), and calling nfs_start_lockd (which will set server->nlm_host). If this happens, nfs_clone_server will call nfs_free_server which will call nfs_destroy_server and thence nlmclnt_done(NULL). This causes the NULL to be dereferenced. So add a guard to only call nlmclnt_done() if ->nlm_host is not NULL. The other guards there are irrelevant as nlm_host can only be non-NULL if one of these flags are set - so remove those tests. (Thanks to Trond for this suggestion). This is suitable for any stable kernel since 2.6.25. Signed-off-by:
-
Jeff Layton authored
commit 67fad106 upstream. Eryu provided a test program that would segfault when attempting to read past the EOF on file that was opened O_DIRECT. The buffer given to the read() call was on the stack, and when he attempted to read past it it would scribble over the rest of the stack page. If we hit the end of the file on a DIO READ request, then we don't want to zero out the rest of the buffer. These aren't pagecache pages after all, and there's no guarantee that the buffers that were passed in represent entire pages. Reported-by:
Eryu Guan <eguan@redhat.com> Cc: Fred Isaman <iisaman@netapp.com> Signed-off-by:
Jeff Layton <jlayton@redhat.com> Signed-off-by:
-
Sven Wegener authored
commit 7d3e91a8 upstream. Commit 1f1ea6c2 "NFSv4: Fix buffer overflow checking in __nfs4_get_acl_uncached" accidently dropped the checking for too small result buffer length. If someone uses getxattr on "system.nfs4_acl" on an NFSv4 mount supporting ACLs, the ACL has not been cached and the buffer suplied is too short, we still copy the complete ACL, resulting in kernel and user space memory corruption. Signed-off-by:
Sven Wegener <sven.wegener@stealer.net> Signed-off-by:
-
Jeff Layton authored
commit 81d9bce5 upstream. Jian reported that the following sequence would leave "testfile" with corrupt data: # mount localhost:/export /mnt/nfs/ -o vers=3 # echo abc > /mnt/nfs/testfile; echo def >> /export/testfile; echo ghi >> /mnt/nfs/testfile # cat -v /export/testfile abc ^@^@^@^@ghi While there's no locking involved here, the operations are serialized, so CTO should prevent corruption. The first write to the file is fine and writes 4 bytes. The file is then extended on the server. When it's reopened a GETATTR is issued and the size change is noticed. This causes NFS_INO_INVALID_DATA to be set on the file. Because the file is opened for write only, nfs_want_read_modify_write() returns 0 to nfs_write_begin(). nfs_updatepage then calls nfs_write_pageuptodate() to see if it should extend the nfs_page to cover the whole page. NFS_INO_INVALID_DATA is still set on the file at that point, but that flag is ignored and nfs_pageuptodate erroneously extends the write to cover the whole page, with the write done on the server side filled in with zeroes. This patch just has that function check for NFS_INO_INVALID_DATA in addition to NFS_INO_REVAL_PAGECACHE. This fixes the bug, but looking over the code, I wonder if we might have a similar bug in nfs_revalidate_size(). The difference between those two flags is very subtle, so it seems like we ought to be checking for NFS_INO_INVALID_DATA in most of the places that we look for NFS_INO_REVAL_PAGECACHE. I believe this is regression introduced by commit 8d197a56. The code did check for NFS_INO_INVALID_DATA prior to that patch. Original bug report is here: https://bugzilla.redhat.com/show_bug.cgi?id=885743Reported-by:
Jian Li <jiali@redhat.com> Signed-off-by:
-
Bryan Schumaker authored
commit 6bdb5f21 upstream. If I mount an NFS v4.1 server to a single client multiple times and then run xfstests over each mountpoint I usually get the client into a state where recovery deadlocks. The server informs the client of a cb_path_down sequence error, the client then does a bind_connection_to_session and checks the status of the lease. I found that bind_connection_to_session sets the NFS4_SESSION_DRAINING flag on the client, but this flag is never unset before nfs4_check_lease() reaches nfs4_proc_sequence(). This causes the client to deadlock, halting all NFS activity to the server. nfs4_proc_sequence() is only called by the state manager, so I can change it to run in privileged mode to bypass the NFS4_SESSION_DRAINING check and avoid the deadlock. Signed-off-by:
Bryan Schumaker <bjschuma@netapp.com> Signed-off-by:
-
Rafael J. Wysocki authored
commit 4f5f64cf upstream. At one point acpi_device_set_id() checks if acpi_device_hid(device) returns NULL, but that never happens, so system bus devices with an empty list of PNP IDs are given the dummy HID ("device") instead of the "system bus HID" ("LNXSYBUS"). Fix the code to use the right check. Signed-off-by:
Rafael J. Wysocki <rafael.j.wysocki@intel.com> Signed-off-by:
-
Aaron Lu authored
commit 0d0cdb02 upstream. Commit 66fa7f21 "libata-acpi: improve ACPI disabling" introdcued the behaviour of disabling ATA ACPI if ata_acpi_on_devcfg failed the 2nd time, but commit 30dcf76a dropped this behaviour and this caused problem for Dimitris Damigos, where his laptop can not resume correctly. The bugzilla page for it is: https://bugzilla.kernel.org/show_bug.cgi?id=49331 The problem is, ata_dev_push_id will fail the 2nd time it is invoked, and due to disabling ACPI code is dropped, ata_acpi_on_devcfg which calls ata_dev_push_id will keep failing and eventually made the device disabled. This patch restores the original behaviour, if acpi failed the 2nd time, disable acpi functionality for the device(and we do not event need to add a debug message for this as it is still there ;-). Reported-by:
Dimitris Damigos <damigos@freemail.gr> Signed-off-by:
Aaron Lu <aaron.lu@intel.com> Signed-off-by:
Jeff Garzik <jgarzik@redhat.com> Signed-off-by:
-
Zhang Rui authored
commit 0ac1b1d7 upstream. The current acpisleep DMI checks only run when CONFIG_SUSPEND is set. And this may break hibernation on some platforms when CONFIG_SUSPEND is cleared. Move acpisleep DMI check into #ifdef CONFIG_ACPI_SLEEP instead. [rjw: Added acpi_sleep_dmi_check() and rebased on top of earlier patches adding entries to acpisleep_dmi_table[].] References: https://bugzilla.kernel.org/show_bug.cgi?id=45921Signed-off-by:
Zhang Rui <rui.zhang@intel.com> Signed-off-by:
-
Sebastian Andrzej Siewior authored
commit e79cc615 upstream. I think this is wrong since 72c973dd ("usb: gadget: add usb_endpoint_descriptor to struct usb_ep"). If we fail to allocate an ep or bail out early we shouldn't check for the descriptor which is assigned at ep_enable() time. Signed-off-by:
Sebastian Andrzej Siewior <bigeasy@linutronix.de> Cc: Tatyana Brokhman <tlinder@codeaurora.org> Signed-off-by:
-
Sebastian Andrzej Siewior authored
commit 0f9df939 upstream. The "video->minor = -1" assigment is done in V4L2 by video_register_device() so it is removed here. Now. uvc_function_bind() calls in error case uvc_function_unbind() for cleanup. The problem is that uvc_function_unbind() frees the uvc struct and uvc_bind_config() does as well in error case of usb_add_function(). Removing kfree() in usb_add_function() would make the patch smaller but it would look odd because the new allocated memory is not cleaned up. However it is not guaranteed that if we call usb_add_function() we also get to the bind function. Therefore the patch extracts the conditional cleanup from uvc_function_unbind() applies to uvc_function_bind(). uvc_function_unbind() now contains only the complete cleanup which is required once everything has been registrated. Signed-off-by:
-
Sebastian Andrzej Siewior authored
commit fad8deb2 upstream. The descriptor list for FS speed was not NULL terminated. This patch fixes this. While here one of the twe two bAlternateSetting assignments for the BOT interface. Both assign 0, one is enough. Signed-off-by:
-
Sebastian Andrzej Siewior authored
commit d0eca719 upstream. Signed-off-by:
-
Sebastian Andrzej Siewior authored
commit d185039f upstream. The HS descriptors are only created if HS is supported by the UDC but we never free them. Signed-off-by:
-
Lothar Waßmann authored
commit 98c35534 upstream. The pointer to a platform_device struct must not be dereferenced after the device has been unregistered. This bug produces a crash when unloading the ci13xxx kernel module compiled with CONFIG_PAGE_POISONING enabled. Signed-off-by:
Lothar Waßmann <LW@KARO-electronics.de> Acked-by:
Alexander Shishkin <alexander.shishkin@linux.intel.com> Signed-off-by:
-
Christian Lamparter authored
commit 4010fe21 upstream. This patch adds USBIDs for: - DrayTek Vigor 530 - Zoom 4410a It also adds a note about Gemtek WUBI-100GW and SparkLAN WL-682 USBID conflict [WUBI-100GW is a ISL3886+NET2280 (LM86 firmare) solution, whereas WL-682 is a ISL3887 (LM87 firmware)] device. Source: <http://www.wikidevi.com/wiki/Intersil/p54/usb/windows> Signed-off-by:
Christian Lamparter <chunkeey@googlemail.com> Signed-off-by:
John W. Linville <linville@tuxdriver.com> Signed-off-by:
-
Tomasz Guszkowski authored
commit 3194b7fc upstream. Added USB ID for T-Com Sinus 154 data II. Signed-off-by:
Tomasz Guszkowski <tsg@o2.pl> Acked-by:
-
Jussi Kivilinna authored
commit 4c3de592 upstream. Incorrect use of usb_alloc_coherent memory as input buffer to usb_control_msg can cause problems in arch DMA code, for example kernel BUG at 'arch/arm/include/asm/dma-mapping.h:321' on ARM (linux-3.4). Change _usb_writeN_sync use kmalloc'd buffer instead. Signed-off-by:
Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Acked-by:
Larry Finger <Larry.Finger@lwfinger.net> Signed-off-by:
-
Dan Williams authored
commit 0370acd4 upstream. Signed-off-by:
Dan Williams <dcbw@redhat.com> Acked-by:
Bjørn Mork <bjorn@mork.no> Signed-off-by:
David S. Miller <davem@davemloft.net> Signed-off-by:
-
David Henningsson authored
commit 6d3cd5d4 upstream. The mute LED is in this case connected to the Mic1 VREF. The machine also exposes the following string in BIOS: "HP_Mute_LED_0_A", so if more machines are coming, it probably makes sense to try to do something more generic, like for the IDT codec. BugLink: https://bugs.launchpad.net/bugs/1096789Signed-off-by:
David Henningsson <david.henningsson@canonical.com> Signed-off-by:
Takashi Iwai <tiwai@suse.de> Signed-off-by:
-
Takashi Iwai authored
commit 8ae5865e upstream. Fix the quirk entry for HP Pavilion dv7 in order to make the bass speaker working. Reported-and-tested-by:
Tomas Pospisek <tpo2@sourcepole.ch> Signed-off-by:
-
