Vlad Yasevich [Wed, 4 Jun 2008 19:38:43 +0000 (12:38 -0700)]
sctp: Correctly implement Fast Recovery cwnd manipulations.
Correctly keep track of Fast Recovery state and do not reduce
congestion window multiple times during sucht state.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Tested-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Gui Jianfeng [Wed, 4 Jun 2008 19:38:07 +0000 (12:38 -0700)]
sctp: Move sctp_v4_dst_saddr out of loop
There's no need to execute sctp_v4_dst_saddr() for each
iteration, just move it out of loop.
Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Gui Jianfeng [Wed, 4 Jun 2008 19:37:33 +0000 (12:37 -0700)]
sctp: retran_path update bug fix
If the current retran_path is the only active one, it should
update it to the the next inactive one.
Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Ilpo Järvinen [Wed, 4 Jun 2008 19:07:44 +0000 (12:07 -0700)]
tcp: fix skb vs fack_count out-of-sync condition
This bug is able to corrupt fackets_out in very rare cases.
In order for this to cause corruption:
1) DSACK in the middle of previous SACK block must be generated.
2) In order to take that particular branch, part or all of the
DSACKed segment must already be SACKed so that we have that
in cache in the first place.
3) The new info must be top enough so that fackets_out will be
updated on this iteration.
...then fack_count is updated while skb wasn't, then we walk again
that particular segment thus updating fack_count twice for
a single skb and finally that value is assigned to fackets_out
by tcp_sacktag_one.
It is safe to call tcp_sacktag_one just once for a segment (at
DSACK), no need to call again for plain SACK.
Potential problem of the miscount are limited to premature entry
to recovery and to inflated reordering metric (which could even
cancel each other out in the most the luckiest scenarios :-)).
Both are quite insignificant in worst case too and there exists
also code to reset them (fackets_out once sacked_out becomes zero
and reordering metric on RTO).
This has been reported by a number of people, because it occurred
quite rarely, it has been very evasive. Andy Furniss was able to
get it to occur couple of times so that a bit more info was
collected about the problem using a debug patch, though it still
required lot of checking around. Thanks also to others who have
tried to help here.
This is listed as Bugzilla #10346. The bug was introduced by
me in commit 68f8353b48 ([TCP]: Rewrite SACK block processing &
sack_recv_cache use), I probably thought back then that there's
need to scan that entry twice or didn't dare to make it go
through it just once there. Going through twice would have
required restoring fack_count after the walk but as noted above,
I chose to drop the additional walk step altogether here.
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
This patch fixes the usage of RIPEMD-160 in xfrm_algo which in turn
allows hmac(rmd160) to be used as authentication mechanism in IPsec
ESP and AH (see RFC 2857).
Signed-off-by: Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Denis V. Lunev [Wed, 4 Jun 2008 11:49:07 +0000 (15:49 +0400)]
[IPV6]: inet_sk(sk)->cork.opt leak
IPv6 UDP sockets wth IPv4 mapped address use udp_sendmsg to send the data
actually. In this case ip_flush_pending_frames should be called instead
of ip6_flush_pending_frames.
Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
[IPV6]: Check outgoing interface even if source address is unspecified.
The outgoing interface index (ipi6_ifindex) in IPV6_PKTINFO
ancillary data, is not checked if the source address (ipi6_addr)
is unspecified. If the ipi6_ifindex is the not-exist interface,
it should be fail.
Based on patch from Shan Wei <shanwei@cn.fujitsu.com> and
Brian Haley <brian.haley@hp.com>.
Yang Hongyang [Wed, 28 May 2008 08:27:28 +0000 (16:27 +0800)]
[IPV6]: Fix the data length of get destination options with short length
If get destination options with length which is not enough for that
option,getsockopt() will still return the real length of the option,
which is larger then the buffer space.
This is because ipv6_getsockopt_sticky() returns the real length of
the option.
This patch fix this problem.
Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Yang Hongyang [Wed, 28 May 2008 08:23:47 +0000 (16:23 +0800)]
[IPV6]: Fix the return value of get destination options with NULL data pointer
If we pass NULL data buffer to getsockopt(), it will return 0,
and the option length is set to -EFAULT:
getsockopt(sk, IPPROTO_IPV6, IPV6_DSTOPTS, NULL, &len);
This is because ipv6_getsockopt_sticky() will return -EFAULT or
-EINVAL if some error occur.
This patch fix this problem.
Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
[IPV6] ADDRCONF: Allow longer lifetime on 64bit archs.
- Allow longer lifetimes (>= 0x7fffffff/HZ) on 64bit archs
by using unsigned long.
- Shadow this arithmetic overflow workaround by introducing
helper functions: addrconf_timeout_fixup() and
addrconf_finite_timeout().
Colin [Mon, 26 May 2008 16:04:43 +0000 (00:04 +0800)]
[IPV6] TUNNEL6: Fix incoming packet length check for inter-protocol tunnel.
I discover a strange behavior in [ipv4 in ipv6] tunnel. When IPv6 tunnel
payload is less than 40(0x28), packet can be sent to network, received in
physical interface, but not seen in IP tunnel interface. No counter increase
in tunnel interface.
Thomas Graf [Wed, 28 May 2008 14:54:22 +0000 (16:54 +0200)]
[IPV6] ADDRCONF: Check range of prefix length
As of now, the prefix length is not vaildated when adding or deleting
addresses. The value is passed directly into the inet6_ifaddr structure
and later passed on to memcmp() as length indicator which relies on
the value never to exceed 128 (bits).
Due to the missing check, the currently code allows for any 8 bit
value to be passed on as prefix length while using the netlink
interface, and any 32 bit value while using the ioctl interface.
[Use unsigned int instead to generate better code - yoshfuji]
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Commit 7cbca67c073263c179f605bdbbdc565ab29d801d ("[IPV6]: Support
Source Address Selection API (RFC5014)") introduced NULL dereference
of asoc to sctp_v6_get_saddr in net/sctp/ipv6.c.
Pointed out by Johann Felix Soden <johfel@users.sourceforge.net>.
Ilpo Järvinen [Wed, 4 Jun 2008 18:34:22 +0000 (11:34 -0700)]
tcp: Fix inconsistency source (CA_Open only when !tcp_left_out(tp))
It is possible that this skip path causes TCP to end up into an
invalid state where ca_state was left to CA_Open while some
segments already came into sacked_out. If next valid ACK doesn't
contain new SACK information TCP fails to enter into
tcp_fastretrans_alert(). Thus at least high_seq is set
incorrectly to a too high seqno because some new data segments
could be sent in between (and also, limited transmit is not
being correctly invoked there). Reordering in both directions
can easily cause this situation to occur.
I guess we would want to use tcp_moderate_cwnd(tp) there as well
as it may be possible to use this to trigger oversized burst to
network by sending an old ACK with huge amount of SACK info, but
I'm a bit unsure about its effects (mainly to FlightSize), so to
be on the safe side I just currently fixed it minimally to keep
TCP's state consistent (obviously, such nasty ACKs have been
possible this far). Though it seems that FlightSize is already
underestimated by some amount, so probably on the long term we
might want to trigger recovery there too, if appropriate, to make
FlightSize calculation to resemble reality at the time when the
losses where discovered (but such change scares me too much now
and requires some more thinking anyway how to do that as it
likely involves some code shuffling).
This bug was found by Brian Vowell while running my TCP debug
patch to find cause of another TCP issue (fackets_out
miscount).
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
According to this and another similar lockdep report inet_fragment
locks are taken from nf_ct_frag6_gather() with softirqs enabled, but
these locks are mainly used in softirq context, so disabling BHs is
necessary.
Reported-and-tested-by: Eric Sesterhenn <snakebyte@gmx.de> Signed-off-by: Jarek Poplawski <jarkao2@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Dong Wei [Wed, 4 Jun 2008 16:57:51 +0000 (09:57 -0700)]
netfilter: xt_connlimit: fix accouning when receive RST packet in ESTABLISHED state
In xt_connlimit match module, the counter of an IP is decreased when
the TCP packet is go through the chain with ip_conntrack state TW.
Well, it's very natural that the server and client close the socket
with FIN packet. But when the client/server close the socket with RST
packet(using so_linger), the counter for this connection still exsit.
The following patch can fix it which is based on linux-2.6.25.4
Signed-off-by: Dong Wei <dwei.zh@gmail.com> Acked-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Thomas Graf [Tue, 3 Jun 2008 23:37:33 +0000 (16:37 -0700)]
route: Remove unused ifa_anycast field
The field was supposed to allow the creation of an anycast route by
assigning an anycast address to an address prefix. It was never
implemented so this field is unused and serves no purpose. Remove it.
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
Brice Goglin [Tue, 3 Jun 2008 23:07:45 +0000 (16:07 -0700)]
net_dma: remove duplicate assignment in dma_skb_copy_datagram_iovec
No need to compute copy twice in the frags loop in
dma_skb_copy_datagram_iovec().
Signed-off-by: Brice Goglin <Brice.Goglin@inria.fr> Acked-by: Shannon Nelson <shannon.nelson@intel.com> Signed-off-by: Maciej Sosnowski <maciej.sosnowski@intel.com> Signed-off-by: Dan Williams <dan.j.williams@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
The neighbor table time of last use information is returned in the
incorrect unit. Kernel to user space ABI's need to use USER_HZ (or
milliseconds), otherwise the application has to try and discover the
real system HZ value which is problematic. Linux has standardized on
keeping USER_HZ consistent (100hz) even when kernel is running
internally at some other value.
This change is small, but it breaks the ABI for older version of
iproute2 utilities. But these utilities are already broken since they
are looking at the psched_hz values which are completely different. So
let's just go ahead and fix both kernel and user space. Older
utilities will just print wrong values.
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Jarek Poplawski [Tue, 3 Jun 2008 21:53:46 +0000 (14:53 -0700)]
ax25: Fix NULL pointer dereference and lockup.
From: Jarek Poplawski <jarkao2@gmail.com>
There is only one function in AX25 calling skb_append(), and it really
looks suspicious: appends skb after previously enqueued one, but in
the meantime this previous skb could be removed from the queue.
This patch Fixes it the simple way, so this is not fully compatible with
the current method, but testing hasn't shown any problems.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: David S. Miller <davem@davemloft.net>
In rfcomm_dev_state_change, it's possible that rfcomm_dev_put try to
take the dlc lock, then we will deadlock.
Here fixed it by unlock dlc before rfcomm_dev_get in
rfcomm_dev_state_change.
why not unlock just before rfcomm_dev_put? it's because there's
another problem. rfcomm_dev_get/rfcomm_dev_del will take
rfcomm_dev_lock, but in rfcomm_dev_add the lock order is :
rfcomm_dev_lock --> dlc lock
so I unlock dlc before the taken of rfcomm_dev_lock.
Actually it's a regression caused by commit 1905f6c736cb618e07eca0c96e60e3c024023428 ("bluetooth :
__rfcomm_dlc_close lock fix"), the dlc state_change could be two
callbacks : rfcomm_sk_state_change and rfcomm_dev_state_change. I
missed the rfcomm_sk_state_change that time.
Thanks Arjan van de Ven <arjan@linux.intel.com> for the effort in
commit 4c8411f8c115def968820a4df6658ccfd55d7f1a ("bluetooth: fix
locking bug in the rfcomm socket cleanup handling") but he missed the
rfcomm_dev_state_change lock issue.
Signed-off-by: Dave Young <hidave.darkstar@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Anton Vorontsov [Sun, 1 Jun 2008 09:49:32 +0000 (11:49 +0200)]
mmc_spi: mmc_spi.h should include linux/interrupts.h
Since mmc_spi.h uses irqreturn_t type, it should include appropriate
header, otherwise build will break if users didn't include it (some of
them do not use interrupts).
Signed-off-by: Anton Vorontsov <avorontsov@ru.mvista.com> Signed-off-by: Pierre Ossman <drzeus@drzeus.cx> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Linus Torvalds [Mon, 2 Jun 2008 22:25:27 +0000 (15:25 -0700)]
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/blackfin-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/blackfin-2.6:
8250 Serial Driver: revert extra IRQ flag definition patch
Blackfin arch: update anomaly headers from toolchain trunk
Blackfin arch: Remove bad and usless code
Blackfin arch: Fix bug - set corret SSEL and IRQ to enable AD7877 on BF527
Blackfin arch: Fix typo. it should be _outsw_8
Blackfin arch: Cleanup no functional changes
Bryan Wu [Sat, 31 May 2008 08:10:04 +0000 (16:10 +0800)]
8250 Serial Driver: revert extra IRQ flag definition patch
As Russell pointed out, original patch will break some serial configurations
because of the dependency of the <asm/serial.h> header file.
Revert it first and try to find out other solution later
Cc: Javier Herrero <jherrero@hvsistemas.es> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Cc: Russell King <rmk+lkml@arm.linux.org.uk> Signed-off-by: Bryan Wu <cooloney@kernel.org>
Bryan Wu [Sat, 31 May 2008 07:17:25 +0000 (15:17 +0800)]
Blackfin arch: Fix bug - set corret SSEL and IRQ to enable AD7877 on BF527
AD7877 use SSEL_2 (P9.9) and IRQ_PF8 (P9.14) on BF527
- populating JP3 to enable STAMP
- disable SW11.2 to disconnect SSEL_2/PF12 from Rotary NAND
- disable SW18.1 to disconnect SSEL_2 from MAX1233 touchscreen chip
Gcc might re-order MMIO accessors vs. surrounding consistent
memory accesses, which is a "bad thing", and could break drivers.
This fixes it by adding a "memory" clobber to the MMIO accessors,
which should prevent gcc from doing that reordering.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Paul Mackerras <paulus@samba.org>
Alexey Dobriyan [Thu, 22 May 2008 22:00:25 +0000 (02:00 +0400)]
atl1: fix 4G memory corruption bug
When using 4+ GB RAM and SWIOTLB is active, the driver corrupts
memory by writing an skb after the relevant DMA page has been
unmapped. Although this doesn't happen when *not* using bounce
buffers, clearing the pointer to the DMA page after unmapping
it fixes the problem.
Li Yang [Fri, 23 May 2008 10:11:27 +0000 (18:11 +0800)]
ucc_geth_ethtool: Add a missing HW stats counter
Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se> Signed-off-by: Li Yang <leoli@freescale.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Joakim Tjernlund [Fri, 23 May 2008 10:11:26 +0000 (18:11 +0800)]
ucc_geth_ethtool: Fix typo
Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se> Signed-off-by: Li Yang <leoli@freescale.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Rusty Russell [Mon, 26 May 2008 07:48:13 +0000 (17:48 +1000)]
virtio: fix delayed xmit of packet and freeing of old packets.
Because we cache the last failed-to-xmit packet, if there are no
packets queued behind that one we may never send it (reproduced here
as TCP stalls, "cured" by an outgoing ping).
Cc: Mark McLoughlin <markmc@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Rusty Russell [Mon, 26 May 2008 07:42:42 +0000 (17:42 +1000)]
virtio: fix virtio_net xmit of freed skb bug
If we fail to transmit a packet, we assume the queue is full and put
the skb into last_xmit_skb. However, if more space frees up before we
xmit it, we loop, and the result can be transmitting the same skb twice.
Fix is simple: set skb to NULL if we've used it in some way, and check
before sending.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Joel Becker [Sat, 10 May 2008 01:49:29 +0000 (18:49 -0700)]
ocfs2: Rename 'user_stack' plugin structure to 'ocfs2_user_plugin'
The static structure describing the userspace cluster plugin for ocfs2
was named 'user_stack', which is a real pain when people are grep(1)ing
the tree for the program stack object 'user_stack'. Change the name to
something distinct and namespaced.
Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
* git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus:
lguest: notify on empty
virtio: force callback on empty.
virtio_blk: fix endianess annotations
virtio_config: fix len calculation of config elements
virtio_net: another race with virtio_net and enable_cb
virtio: An entropy device, as suggested by hpa.
virtio_blk: allow read-only disks
lguest: fix ugly <NULL> in /proc/interrupts
virtio: set device index in common code.
virtio: virtio_pci should not set bus_id.
virtio: bus_id for devices should contain 'virtio'
Fix crash in virtio_blk during modprobe ; rmmod ; modprobe
lguest: use ioremap_cache, not ioremap
Ingo Molnar [Fri, 30 May 2008 15:02:50 +0000 (17:02 +0200)]
drivers/watchdog/geodewdt.c: build fix
* Wim Van Sebroeck <wim@iguana.be> wrote:
> Author: Jordan Crouse <jordan.crouse@amd.com>
> Date: Mon Jan 21 10:07:00 2008 -0700
>
> [WATCHDOG] Add a watchdog driver based on the CS5535/CS5536 MFGPT timers
-tip testing found the following build failure on latest -git:
drivers/watchdog/geodewdt.c: In function 'geodewdt_probe':
drivers/watchdog/geodewdt.c:225: error: too many arguments to function 'geode_mfgpt_alloc_timer'
make[1]: *** [drivers/watchdog/geodewdt.o] Error 1
make: *** [drivers/watchdog/geodewdt.o] Error 2
When Greg "fixed" the sysfs usage of that driver a while back, he seem
to have introduced a bug where the quotes are added around the name of
our specific sysfs files, thus breaking the user space tool.
This fixes it. Tested DLPAR operations on a POWER6 machine successfully.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
peerchen [Mon, 19 May 2008 06:44:57 +0000 (14:44 +0800)]
ahci: change the Device IDs of nvidia MCP7B AHCI controller in ahci.c
Change the partial Device IDs of nvidia MCP7B AHCI controller in ahci.c,
as the actual PCI IDs deployed in the field differed from the forecasted ones
preemptively placed in the driver.
Signed-off-by: Peer Chen <peerchen@gmail.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Broke the sata_fsl.c driver in 2.6.26-rc. I know the following patch fixes
the issue, it clearly also adds port multipler support. The current
2.6.26-rc driver is broken.
On boot with debug enabled we get something like (w/o this patch):
spurious interrupt!!, CC = 0x1
interrupt status 0x1
xx_scr_read, reg_in = 1
spurious interrupt!!, CC = 0x1
interrupt status 0x1
xx_scr_read, reg_in = 1
spurious interrupt!!, CC = 0x1
interrupt status 0x1
xx_scr_read, reg_in = 1
.. continues for ever.
This change fixes this as a side effect of adding port multiplier support.
Signed-off-by: Ashish Kalra <ashish.kalra@freescale.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Tejun Heo [Wed, 21 May 2008 05:11:24 +0000 (14:11 +0900)]
libata: SRST can't be trusted on PMP sil3726
As in sil4726, SRST can't be trusted on sil3726 causing detection
problems under certain configuraitons. I thought it was from the
Config Disk device but apparently not.
Signed-off-by: Tejun Heo <htejun@gmail.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Randy Dunlap [Wed, 30 Apr 2008 19:57:00 +0000 (12:57 -0700)]
libata: fix libata-scsi kernel-doc notation
Fix libata-scsi kernel-doc notation:
Warning(linux-2.6.25-git15//drivers/ata/libata-scsi.c:1659): No description found for parameter 'cmd'
Warning(linux-2.6.25-git15//drivers/ata/libata-scsi.c:1971): No description found for parameter 'buf'
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Tejun Heo [Thu, 29 May 2008 13:04:22 +0000 (22:04 +0900)]
ata_piix: fix macbook ich8m problems
ICH8M on macbooks are peculiar in that some of them lock up when the
second port is enabled, some return bogus values on SIDPR access while
yet others hang on SIDPR access. Also, the ich8m_apple_sata entry was
wrongly added below generic ich8m entry making it virtually useless.
This patch works around macbook ich8m problems by
* moving ich8m_apple_sata entry above generic ich8m entry
* dropping PIIX_FLAG_SIDPR from ich8m_apple_sata
* adding subsystem 106b:00a1 as ich8m_apple_sata
Mark Lord [Tue, 27 May 2008 21:58:56 +0000 (17:58 -0400)]
sata_mv: nuke unreleased GenIIe revisions
The only public release of the 6042/7042 chips was/is revision "B0".
Remove code that attempted to deal with earlier, non-released revs.
This matches the logic of the current Marvell "proprietary" driver.
Also, bump up the sata_mv version number, to reflect this batch of erratas.
Signed-off-by: Mark Lord <mlord@pobox.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Mark Lord [Tue, 27 May 2008 21:54:48 +0000 (17:54 -0400)]
sata_mv: move SOC_FLAG to hpriv
Convert the System-on-Chip flag from a host flag to an hpriv flag,
for better consistency with other chip-rev flags, and for easier use
in errata fixes etc.
Also change the related "HAS_PCI()" into "!IS_SOC()" for better consistency
of naming/use (everything else SOC-related already uses "SOC").
There are no functionality changes in this patch.
Signed-off-by: Mark Lord <mlord@pobox.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Linus Torvalds [Fri, 30 May 2008 14:44:19 +0000 (07:44 -0700)]
Merge branch 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6
* 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6:
[S390] Update default configuration.
[S390] disassembler: fix idte instruction format.
[S390] tape: fix race with stack local wait_queue_head_t.
[S390] 3270: fix race with stack local wait_queue_head_t.
[S390] dasd: use a generic wait_queue for sleep_on
[S390] sclp_vt220: fix scheduling while atomic bug.
[S390] showmem: Only walk spanned pages.
[S390] appldata: prevent cpu hotplug when walking cpu_online_map.
[S390] Fix section mismatch warnings.
[S390] s390 types: make dma_addr_t 64 bit capable
[S390] tape: Fix race condition in tape block device driver
[S390] fix sparsemem related compile error with allnoconfig on s390
Harvey Harrison [Fri, 30 May 2008 00:51:57 +0000 (17:51 -0700)]
acpi: fix sparse const errors
In this case we want a constant pointer to constant chars:
drivers/misc/thinkpad_acpi.c:3824:19: error: Just how const do you want this type to be?
Like the error says.
drivers/misc/thinkpad_acpi.c:3863:19: error: Just how const do you want this type to be?
drivers/misc/thinkpad_acpi.c:3864:19: error: Just how const do you want this type to be?
drivers/misc/thinkpad_acpi.c:3865:19: error: Just how const do you want this type to be?
drivers/misc/thinkpad_acpi.c:3866:19: error: Just how const do you want this type to be?
Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Acked-by: Henrique de Moraes Holschuh <hmh@hmh.eng.br> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
The SW_RADIO code for EV_SW events has a name that is not descriptive
enough of its intended function, and could induce someone to think
KEY_RADIO is its EV_KEY counterpart, which is false.
Rename it to SW_RFKILL_ALL, and document what this event is for. Keep
the old name around, to avoid userspace ABI breaks.
The SW_RFKILL_ALL event is meant to be used by rfkill master switches. It
is not bound to a particular radio switch type, and usually applies to all
types. It is semantically tied to master rfkill switches that enable or
disable every radio in a system.
Signed-off-by: Henrique de Moraes Holschuh <hmh@hmh.eng.br> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
llc_sap_rcv was being preceded by skb_set_owner_r, then calling
llc_state_process that calls sock_queue_rcv_skb, that in turn calls
skb_set_owner_r again making the space allowed to be used by the socket to be
leaked, making the socket to get stuck.
Fix it by setting skb->sk at llc_sap_rcv and leave the accounting to be done
only at sock_queue_rcv_skb.
Reported-by: Dmitry Petukhov <dmgenp@gmail.com> Tested-by: Dmitry Petukhov <dmgenp@gmail.com> Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
[S390] tape: fix race with stack local wait_queue_head_t.
A wait_event call with a stack local wait_queue_head_t structure that is
used to do the wake up for the wait_event is inherently racy. After the
wait_event finished the wake_up call might not have completed yet.
Replace the stack local wait_queue_head_t in tape_do_io and
tape_do_io_interruptible with a per device wait queue.
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
[S390] 3270: fix race with stack local wait_queue_head_t.
A wait_event call with a stack local wait_queue_head_t structure that is
used to do the wake up for the wait_event is inherently racy. After the
wait_event finished the wake_up call might not have completed yet.
Remove the stack local wait_queue_head_t from raw3270_start_init and
use the global raw3270_wait_queue instead.
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Stefan Haberland [Fri, 30 May 2008 08:03:31 +0000 (10:03 +0200)]
[S390] dasd: use a generic wait_queue for sleep_on
Use a generic wait_queue to prevent the wait_queue in dasd_sleep_on_
functions from being referenced by callback_data while it does not
exist any more.
Signed-off-by: Stefan Haberland <stefan.haberland@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Heiko Carstens [Fri, 30 May 2008 08:03:30 +0000 (10:03 +0200)]
[S390] sclp_vt220: fix scheduling while atomic bug.
The driver incorrectly assumed that putchar will only be called from
schedulable process context and therefore blocked and waited if no
free output buffers where available.
Since putchar may also be called from BH context this may lead to
deadlocks.
To fix this just return the number of characters accepted and let the
upper layer handle the rest.
The console write function will busy wait (sclp_sync_wait) until a
buffer is available again.
Cc: Peter Oberparleiter <peter.oberparleiter@de.ibm.com> Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Heiko Carstens [Fri, 30 May 2008 08:03:29 +0000 (10:03 +0200)]
[S390] showmem: Only walk spanned pages.
Convert show_mem() so its nearly the same as on x86/powerpc.
Gives us proper locking and we get also rid of the only use of max_mapnr.
Also the number of pages was contained in an int which might not be
sufficient not too far in the future.
Cc: Johannes Weiner <hannes@saeurebad.de> Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Heiko Carstens [Fri, 30 May 2008 08:03:27 +0000 (10:03 +0200)]
[S390] Fix section mismatch warnings.
This fixes the last remaining section mismatch warnings in s390
architecture code. It reveals also a real bug introduced by... me
with git commit 2069e978d5a6e7b45d58027e3de7f879b8c5e488
("[S390] sparsemem vmemmap: initialize memmap.")
Calling the generic vmemmap_alloc_block() function to get initialized
memory is a nice idea, however that function is __meminit annotated
and therefore the function might be gone if we try to call it later.
This can happen if a DCSS segment gets added.
So basically revert the patch and clear the memmap explicitly to fix
the original bug.
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
virtio tests with guests larger than 4 GB revealed that the dma_addr_t
definition for s390 did not make it into the 64bit world.
This patch changes the definition on s390 to have an u64 on 64bit and
u32 on 32bit systems.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Michael Holzheu [Fri, 30 May 2008 08:03:25 +0000 (10:03 +0200)]
[S390] tape: Fix race condition in tape block device driver
Due to incorrect function call sequence it can happen that a tape block
request is finished before the request is taken from the block request queue.
The following sequence leads to that condition:
* tapeblock_start_request() -> start CCW program
* Request finishes -> IO interrupt
* tapeblock_end_request()
* end_that_request_last()
If blkdev_dequeue_request() has not been called before end_that_request_last(),
a kernel bug is triggered in end_that_request_last() because the request is
still queued. To solve that problem blkdev_dequeue_request() has to be called
before starting the CCW program.
Signed-off-by: Michael Holzheu <holzheu@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Rusty Russell [Fri, 30 May 2008 20:09:46 +0000 (15:09 -0500)]
lguest: notify on empty
This is the lguest implementation of the VIRTIO_F_NOTIFY_ON_EMPTY feature.
It is currently only published for network devices, but it is turned on for
everyone.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>