1. 16 Nov, 2012 1 commit
    • Michel Lespinasse's avatar
      mm: add anon_vma_lock to validate_mm() · 63c3b902
      Michel Lespinasse authored
      Iterating over the vma->anon_vma_chain without anon_vma_lock may cause
      NULL ptr deref in anon_vma_interval_tree_verify(), because the node in the
      chain might have been removed.
      
        BUG: unable to handle kernel paging request at fffffffffffffff0
        IP: [<ffffffff8122c29c>] anon_vma_interval_tree_verify+0xc/0xa0
        PGD 4e28067 PUD 4e29067 PMD 0
        Oops: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
        CPU 0
        Pid: 9050, comm: trinity-child64 Tainted: G        W    3.7.0-rc2-next-20121025-sasha-00001-g673f98e-dirty #77
        RIP: 0010: anon_vma_interval_tree_verify+0xc/0xa0
        Process trinity-child64 (pid: 9050, threadinfo ffff880045f80000, task ffff880048eb0000)
        Call Trace:
          validate_mm+0x58/0x1e0
          vma_adjust+0x635/0x6b0
          __split_vma.isra.22+0x161/0x220
          split_vma+0x24/0x30
          sys_madvise+0x5da/0x7b0
          tracesys+0xe1/0xe6
        RIP  anon_vma_interval_tree_verify+0xc/0xa0
        CR2: fffffffffffffff0
      
      Figured out by Bob Liu.
      Reported-by: default avatarSasha Levin <sasha.levin@oracle.com>
      Cc: Bob Liu <lliubbo@gmail.com>
      Signed-off-by: default avatarMichel Lespinasse <walken@google.com>
      Reviewed-by: default avatarRik van Riel <riel@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      63c3b902
  2. 15 Nov, 2012 9 commits
  3. 14 Nov, 2012 6 commits
  4. 13 Nov, 2012 11 commits
  5. 12 Nov, 2012 7 commits
  6. 11 Nov, 2012 2 commits
    • Nathan Lynch's avatar
      ledtrig-cpu: kill useless mutex to fix sleep in atomic context · 0b8728d6
      Nathan Lynch authored
      Seeing the following every time the CPU enters or leaves idle on a
      Beagleboard:
      
      BUG: sleeping function called from invalid context at kernel/mutex.c:269
      in_atomic(): 1, irqs_disabled(): 0, pid: 0, name: swapper/0
      no locks held by swapper/0/0.
      [<c001659c>] (unwind_backtrace+0x0/0xf8) from [<c05aaa7c>] (mutex_lock_nested+0x24/0x380)
      [<c05aaa7c>] (mutex_lock_nested+0x24/0x380) from [<c043bd1c>] (ledtrig_cpu+0x38/0x88)
      [<c043bd1c>] (ledtrig_cpu+0x38/0x88) from [<c000f4b0>] (cpu_idle+0xf4/0x120)
      [<c000f4b0>] (cpu_idle+0xf4/0x120) from [<c07e47c8>] (start_kernel+0x2bc/0x30c)
      
      Miles Lane has reported seeing similar splats during system suspend.
      
      The mutex in struct led_trigger_cpu appears to have no function: it
      resides in a per-cpu data structure which never changes after the
      trigger is registered.  So just remove it.
      Reported-by: default avatarMiles Lane <miles.lane@gmail.com>
      Signed-off-by: default avatarNathan Lynch <ntl@pobox.com>
      Signed-off-by: default avatarBryan Wu <roc@roc-samos.(none)>
      0b8728d6
    • Linus Torvalds's avatar
      Linux 3.7-rc5 · 77b67063
      Linus Torvalds authored
      77b67063
  7. 10 Nov, 2012 4 commits
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net · b251f0f3
      Linus Torvalds authored
      Pull networking fixes from David Miller:
       "Bug fixes galore, mostly in drivers as is often the case:
      
        1) USB gadget and cdc_eem drivers need adjustments to their frame size
           lengths in order to handle VLANs correctly.  From Ian Coolidge.
      
        2) TIPC and several network drivers erroneously call tasklet_disable
           before tasklet_kill, fix from Xiaotian Feng.
      
        3) r8169 driver needs to apply the WOL suspend quirk to more chipsets,
           fix from Cyril Brulebois.
      
        4) Fix multicast filters on RTL_GIGA_MAC_VER_35 r8169 chips, from
           Nathan Walp.
      
        5) FDB netlink dumps should use RTM_NEWNEIGH as the message type, not
           zero.  From John Fastabend.
      
        6) Fix smsc95xx tx checksum offload on big-endian, from Steve
           Glendinning.
      
        7) __inet_diag_dump() needs to repsect and report the error value
           returned from inet_diag_lock_handler() rather than ignore it.
           Otherwise if an inet diag handler is not available for a particular
           protocol, we essentially report success instead of giving an error
           indication.  Fix from Cyrill Gorcunov.
      
        8) When the QFQ packet scheduler sees TSO/GSO packets it does not
           handle things properly, and in fact ends up corrupting it's
           datastructures as well as mis-schedule packets.  Fix from Paolo
           Valente.
      
        9) Fix oopser in skb_loop_sk(), from Eric Leblond.
      
        10) CXGB4 passes partially uninitialized datastructures in to FW
            commands, fix from Vipul Pandya.
      
        11) When we send unsolicited ipv6 neighbour advertisements, we should
            send them to the link-local allnodes multicast address, as per
            RFC4861.  Fix from Hannes Frederic Sowa.
      
        12) There is some kind of bug in the usbnet's kevent deferral
            mechanism, but more immediately when it triggers an uncontrolled
            stream of kernel messages spam the log.  Rate limit the error log
            message triggered when this problem occurs, as sending thousands
            of error messages into the kernel log doesn't help matters at all,
            and in fact makes further diagnosis more difficult.
      
            From Steve Glendinning.
      
        13) Fix gianfar restore from hibernation, from Wang Dongsheng.
      
        14) The netlink message attribute sizes are wrong in the ipv6 GRE
            driver, it was using the size of ipv4 addresses instead of ipv6
            ones :-) Fix from Nicolas Dichtel."
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
        gre6: fix rtnl dump messages
        gianfar: ethernet vanishes after restoring from hibernation
        usbnet: ratelimit kevent may have been dropped warnings
        ipv6: send unsolicited neighbour advertisements to all-nodes
        net: usb: cdc_eem: Fix rx skb allocation for 802.1Q VLANs
        usb: gadget: g_ether: fix frame size check for 802.1Q
        cxgb4: Fix initialization of SGE_CONTROL register
        isdn: Make CONFIG_ISDN depend on CONFIG_NETDEVICES
        cxgb4: Initialize data structures before using.
        af-packet: fix oops when socket is not present
        pkt_sched: enable QFQ to support TSO/GSO
        net: inet_diag -- Return error code if protocol handler is missed
        net: bnx2x: Fix typo in bnx2x driver
        smsc95xx: fix tx checksum offload for big endian
        rtnetlink: Use nlmsg type RTM_NEWNEIGH from dflt fdb dump
        ptp: update adjfreq callback description
        r8169: allow multicast packets on sub-8168f chipset.
        r8169: Fix WoL on RTL8168d/8111d.
        drivers/net: use tasklet_kill in device remove/close process
        tipc: do not use tasklet_disable before tasklet_kill
      b251f0f3
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc · 2b1768f3
      Linus Torvalds authored
      Pull sparc fixes from David Miller:
       "Several build/bug fixes for sparc, including:
      
        1) Configuring a mix of static vs.  modular sparc64 crypto modules
           didn't work, remove an ill-conceived attempt to only have to build
           the device match table for these drivers once to fix the problem.
      
           Reported by Meelis Roos.
      
        2) Make the montgomery multiple/square and mpmul instructions actually
           usable in 32-bit tasks.  Essentially this involves providing 32-bit
           userspace with a way to use a 64-bit stack when it needs to.
      
        3) Our sparc64 atomic backoffs don't yield cpu strands properly on
           Niagara chips.  Use pause instruction when available to achieve
           this, otherwise use a benign instruction we know blocks the strand
           for some time.
      
        4) Wire up kcmp
      
        5) Fix the build of various drivers by removing the unnecessary
           blocking of OF_GPIO when SPARC.
      
        6) Fix unintended regression wherein of_address_to_resource stopped
           being provided.  Fix from Andreas Larsson.
      
        7) Fix NULL dereference in leon_handle_ext_irq(), also from Andreas
           Larsson."
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc:
        sparc64: Fix build with mix of modular vs. non-modular crypto drivers.
        sparc: Support atomic64_dec_if_positive properly.
        of/address: sparc: Declare of_address_to_resource() as an extern function for sparc again
        sparc32, leon: Check for existent irq_map entry in leon_handle_ext_irq
        sparc: Add sparc support for platform_get_irq()
        sparc: Allow OF_GPIO on sparc.
        qlogicpti: Fix build warning.
        sparc: Wire up sys_kcmp.
        sparc64: Improvde documentation and readability of atomic backoff code.
        sparc64: Use pause instruction when available.
        sparc64: Fix cpu strand yielding.
        sparc64: Make montmul/montsqr/mpmul usable in 32-bit threads.
      2b1768f3
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.samba.org/sfrench/cifs-2.6 · affd9a8d
      Linus Torvalds authored
      Pull cifs fixes from Jeff Layton.
      
      * 'for-linus' of git://git.samba.org/sfrench/cifs-2.6:
        cifs: Do not lookup hashed negative dentry in cifs_atomic_open
        cifs: fix potential buffer overrun in cifs.idmap handling code
      affd9a8d
    • Linus Torvalds's avatar
      Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/cmarinas/linux-aarch64 · 487bda54
      Linus Torvalds authored
      Pull arm64 fixes from Catalin Marinas:
       - correct argument type (pgprot_t) when calling __ioremap()
       - PCI_IOBASE virtual address change
       - use architected event for CPU cycle counter
       - fix ELF core dumping
       - select CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION
       - missing completion for secondary CPU boot
       - booting on systems with all memory beyond 4GB
      
      * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/cmarinas/linux-aarch64:
        arm64: mm: fix booting on systems with no memory below 4GB
        arm64: smp: add missing completion for secondary boot
        arm64: compat: select CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION
        arm64: elf: fix core dumping definitions for GP and FP registers
        arm64: perf: use architected event for CPU cycle counter
        arm64: Move PCI_IOBASE closer to MODULES_VADDR
        arm64: Use pgprot_t as the last argument when invoking __ioremap()
      487bda54