The seq_file conversion of /proc/pid/maps caused altered behaviour with
respect to 2.4.22.  Before the conversion, spaces and tabs in filenames were
displayed verbatim.  After the conversion they are escaped as \040, etc.

Also, if the mmapped file has been unlinked the output appears as

40017000-40018000 rw-p 00000000 03:02 1425800    /home/akpm/foo\040(deleted)

instead of

40017000-40018000 rw-p 00000000 03:02 1425800    /home/akpm/foo (deleted)

This could break applications which parse /proc/pid/maps (one person has
reported this).

The patch restores the 2.4.20 behaviour.

From: "Bryan O'Sullivan" <bos@pathscale.com>

The current version of modpost breaks if invoked from outside the build
tree.  This patch fixes that, and simplifies the code a bit while it's at
it.

From: john stultz <johnstul@us.ibm.com>

The patch arranges for each timesource type to have a name, and uses that to
tell the user which timesource is in use at bootup time.

zone->refill_counter is only there to provide decent levels of work batching:
don't call refill_inactive_zone() just for a couple of pages.

But the logic in there allows it to build up to huge values and it can
overflow (go negative) which will disable refilling altogether until it wraps
positive again.

Just reset it to zero whenever we decide to do some refilling.

From: Bjorn Helgaas <bjorn.helgaas@hp.com>

uart_set_options() can dereference a null pointer.  This happens if you
specify a console that hasn't previously been setup by early_serial_setup().

For example, on ia64, the HCDP typically tells us about line 0, so we calls
early_serial_setup() for it.  If the user specifies "console=ttyS3", we
machine-check when trying to follow the uninitialized port->ops pointer.

It's not entirely clear to me whether we should return 0 or -ENODEV or
something.  The advantage of returning zero is that if the user specifies
"console=ttyS0" and we just lack the HCDP, the console doesn't work as early
as usual, but it does start working after the serial driver detects the port
(though the baud/parity/etc from the command line are lost).  Returning
-ENODEV seems to prevent it from ever working.

From: Brian Gerst <bgerst@didntduck.org>

The current code disables sysenter when first entering vm86 mode, but does
not disable it again when coming back to a vm86 task after a task switch.

From: Adrian Bunk <bunk@fs.tum.de>

Allow the kernel to be built with `-Os'.

It requires CONFIG_EMBEDDED.  This is to make it "hard to get at" because
one gcc version (3.2.x I think) from RH9 generates crashy kernels with this
option set.

From: Manfred Spraul <manfred@colorfullife.com>

Fixes a race between proc_pid_lookup and sys_exit.

- The inodes and dentries for /proc/<pid>/whatever are cached in the dentry
  cache.  d_revalidate is used to protect against stale data: d_revalidate
  returns invalid if the task exited.

  Additionally, sys_exit flushes the dentries for the task that died -
  otherwise the dentries would stay around until they arrive at the end of
  the LRU, which could take some time.  But there is one race:

  - proc_pid_lookup finds a task and prepares new dentries for it. It must 
    drop all locks for that operation.
  - the process exits, and the /proc/ dentries are flushed. Nothing
    happens, because they are not yet in the hash tables.
  - proc_pid_lookup adds the task to the dentry cache.

  Result: dentry of a dead task in the hash tables.

  The patch fixes that problem by flushing again if proc_pid_lookup notices
  that the thread exited while it created the dentry.  The patch should go
  in, but it's not critical.


- task->proc_dentry must be the dentry of /proc/<pid>.  That way sys_exit
  can flush the whole subtree at exit time.  proc_task_lookup is a direct
  copy of proc_pid_lookup and handles /proc/<>/task/<pid>.  It contains the
  lines that set task->proc_dentry.  This is bogus, and must be removed.

  This hunk is much more critical, because creates a de-facto dentry leak
  (they are recovered after flushing real dentries from the cache).

From: Russell King <rmk@arm.linux.org.uk>

This oops has been caused by the need to register the class before
registering any objects against it.  Unfortunately, the class needs
to be registered asynchronously in a separate thread to avoid driver
model deadlock with yenta with cardbus cards inserted or standard
PCMCIA cards not being detected correctly due to a race.

I think the only real solution is to remove the class_device_create_file
calls from all socket drivers.  This is just a simple commenting out of
the calls, and should be suitable for the remainder of the -test kernels.

Due to the number of cases that we're encountering with PCMCIA, I'm
beginning to wonder if the driver model could be fixed to be more kind
to PCMCIA by avoiding some of these ordering dependencies.  None of this
would be a problem if the driver model would allow PCI device drivers to
register PCI devices while their probe or remove functions were executing.

From: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>

- use "select" instead of "depend"

- remove the unused SMB_NLS

- remove unneeded "default y" of CONFIG_NLS

- revert to postion of nls menu (middle of filessytem menus is strange)

- fix "#ifdef CONFIG_NLS" on UDF (should this add new one to Kconfig?)

This fixes the recently-reported "fsstress memory leak" problem.  It has been
there since November 2002.

shrink_dcache() has a heuristic to prevent the dcache (and hence icache) from
getting shrunk too far: it refuses to allow the dcache to shrink below
2*nr_used.

Problem is, _all_ non-leaf dentries (directories) count as used.  So when you
have really deep directory hierarchies (fsstress creates these), nr_used is
really high, and there is no upper bound to the amount of pinned dcache.

The patch just rips out the heuristic.  This means that dcache (and hence
icache (and hence pagecache)) will be shrunk more aggressively.  This could
be a problem, and tons of testing is needed - a new heuristic may be needed.

However I am not able to reproduce the problem which cause me to add this
heuristic in the first place:

   Simple testcase: run a huge `dd' while running a concurrent `watch -n1
   cat /proc/meminfo'.  The program text for `cat' gets loaded from disk once
   per second.

It is doing a set_fs(KERNEL_DS) for no obvious reason.

Spotted by margitsw@t-online.de (Margit Schubert-While)

Sometimes kjournald has to refile a huge number of buffers, because someone
else wrote them out beforehand - they are all clean.

This happens under a lock and scheduling latencies of 88 milliseconds on a
2.7GHx CPU were observed.

The patch forward-ports a little bit of the 2.4 low-latency patch to fix this
problem.

Worst-case on ext3 is now sub-half-millisecond, except for when the RCU
dentry reaping softirq cuts in :(

It calls __init functions anyway.

The cdrom driver does an order-4 allocation and the open will fail if that
allocation does not succeed.  This happened to me on an unstressed 900MB
machine.

So add the __GFP_REPEAT flag in there - this will cause the page allocator to
keep on freeing pages until the allocation succeeds.

It can in theory livelock but in practice I expect it is OK: the user should
just stop running dbench or whatever it is which is gobbling all the memory
and the mount/open will then succeed.

This tunable refers to the amount of free memory which the VM will attempt to
sustain.  It is mainly needed for atomic allocations (eg, networking
receive).

It is currently hardwired to 1024k, which is far too large for small machines
and too small for large machines.

Rework it to be 128k on tiny machines and 16M on huge machines.

It turns out that the int_sqrt() function in oom_kill.c gets it wrong.

But fb_sqrt() in fbmon.c gets its math right.  Move that function into
lib/int_sqrt.c, and consolidate.

(oom_kill.c fix from Thomas Schlichter <schlicht@uni-mannheim.de>)

From: Benjamin Herrenschmidt <benh@kernel.crashing.org>

I needed those for the G5 on ppc64, so here they are, I was only
able to test the SMBUS stuff though.

From: Matt Tolentino <metolent@snoqualmie.dp.intel.com>

Attached is a patch that enables EFI boot-up support in ia32 kernels.

In order to continue to determine whether the kernel should initialize using
EFI tables, I've temporarily added a check on the LOADER_TYPE boot parameter.
 Although I haven't requested that elilo be assigned an id for this yet, I've
used this to determine whether the kernel should use the EFI initialization
path as well as a check to see if the EFI_SYSTAB boot parameter contains
anything.  If someone has a better suggestion for determining this, I'm
open...

This patch also uses the existing ioremapping functions to map the efi tables
into kernel virtual address space.  I've added an option such that I could
use Dave Hansen's boot_ioremap() before paging_init().  After paging_init, I
then remap the efi memmap using bt_ioremap for use later.  This has
eliminated the need for several functions...thanks for the suggestions and
thanks for your help Dave.  Still this could use a look-see.

From: long <tlnguyen@snoqualmie.dp.intel.com>


Add support for Message Signalled Interrupt delivery on ia32.

With a fix from Zwane Mwaikambo <zwane@arm.linux.org.uk>

           text    data     bss     dec     hex filename
Before:    4674    1040    4100    9814    2656 kernel/futex.o
After:     4098    1176    4100    9374    249e kernel/futex.o

From: Chris Wright <chrisw@osdl.org>

Fix for CAN-2003-0461: /proc/tty/driver/serial in Linux 2.4.x reveals the
exact number of characters used in serial links, which could allow local
users to obtain potentially sensitive information such as the length of
passwords.

From: Chris Wright <chrisw@osdl.org>

Fix for CAN-2003-0501: The /proc filesystem in Linux allows local users to
obtain sensitive information by opening various entries in /proc/self
before executing a setuid program, which causes the program to fail to
change the ownership and permissions of those entries.

From: Chris Wright <chrisw@osdl.org>

Fix for CAN-2003-0462:  A race condition in the way env_start and
env_end pointers are initialized in the execve system call and used in
fs/proc/base.c on Linux 2.4 allows local users to cause a denial of
service (crash).

From: Chris Wright <chrisw@osdl.org>

Use the new steal_locks helper to steal the locks from the old files struct
left from unshare_files() when the new unshared struct files gets used.

From: Chris Wright <chrisw@osdl.org>

Add steal_locks helper for use in conjunction with unshare_files to make
sure POSIX file lock semantics aren't broken due to unshare_files.

From: Chris Wright <chrisw@osdl.org>

Use unshare_files during binary loading to eliminate potential leak of
the binary's fd installed during execve().  As is, this breaks
binfmt_som.c

From: Chris Wright <chrisw@osdl.org>

Introduce unshare_files as a helper for use during execve to eliminate
potential leak of the execve'd binary's fd.

into home.osdl.org:/home/torvalds/v2.5/linux

into kernel.bkbits.net:/home/davem/compat-aio-2.5

into home.osdl.org:/home/torvalds/v2.5/linux

into home.osdl.org:/home/torvalds/v2.5/linux

into home.osdl.org:/home/torvalds/v2.5/linux

into kernel.bkbits.net:/home/davem/sparc-2.5

Move some elements of task_struct into thread_info so that
these elements are locked into the TLB in the trap handlers
and thus will not cause a watchdog reset.

Use "sector_div()" to do the division, that's what it
exists for.

into nuts.ninka.net:/disk1/davem/BK/sparc-2.5

following my recent posts on libusb-devel and hidups, here's
a patch to disable hiddev support for MGE UPSs. It only
declares VID/PID as QUIRK_IGNORE in hid-core's blacklist.
This simply prevent hiddev to be loaded when plugging
an MGE UPS.

Adrian Bunk wrote:
> I observed the following small problem in 2.6:
>
> - MII depends on NET_ETHERNET
> - USB_PEGASUS and USB_USBNET select MII, but they depend only on NET
>
> The patch below lets USB_PEGASUS and USB_USBNET depend on NET_ETHERNET
> instead of NET to fix this issue.

Actually how about this one instead?  The PEGASUS bit is the same.
The difference is that MII (and CRC32) are only attributed to the
driver code that needs those ... AX8817X needs both, ZAURUS just
needs CRC32.  The core (which should eventually become a separate
module) shouldn't depend on those modules at all.

Also both CDCETHER and AX8817X are marked as non-experimental;
I recall Dave Hollis submitted a patch to do that for AX8817X,
and CDCETHER now seems to have gotten enough success reports too.

This patch just adds TC86c001 (goku) UDC support to
the "ether.c" gadget driver.  This hardware supports
a full speed CDC Ethernet interface.