Contents of /trunk/kernel-magellan/patches-3.9/0104-3.9.5-all-fixes.patch
Parent Directory
| 
Revision Log
Revision 2197 -
(show annotations)
(download)
Mon Jun 10 18:41:52 2013 UTC (10 years, 10 months ago) by niro
File size: 176270 byte(s)
Mon Jun 10 18:41:52 2013 UTC (10 years, 10 months ago) by niro
File size: 176270 byte(s)
-linux-3.9.5
| 1 | diff --git a/Documentation/powerpc/transactional_memory.txt b/Documentation/powerpc/transactional_memory.txt |
| 2 | index c907be4..dc23e58 100644 |
| 3 | --- a/Documentation/powerpc/transactional_memory.txt |
| 4 | +++ b/Documentation/powerpc/transactional_memory.txt |
| 5 | @@ -147,6 +147,25 @@ Example signal handler: |
| 6 | fix_the_problem(ucp->dar); |
| 7 | } |
| 8 | |
| 9 | +When in an active transaction that takes a signal, we need to be careful with |
| 10 | +the stack. It's possible that the stack has moved back up after the tbegin. |
| 11 | +The obvious case here is when the tbegin is called inside a function that |
| 12 | +returns before a tend. In this case, the stack is part of the checkpointed |
| 13 | +transactional memory state. If we write over this non transactionally or in |
| 14 | +suspend, we are in trouble because if we get a tm abort, the program counter and |
| 15 | +stack pointer will be back at the tbegin but our in memory stack won't be valid |
| 16 | +anymore. |
| 17 | + |
| 18 | +To avoid this, when taking a signal in an active transaction, we need to use |
| 19 | +the stack pointer from the checkpointed state, rather than the speculated |
| 20 | +state. This ensures that the signal context (written tm suspended) will be |
| 21 | +written below the stack required for the rollback. The transaction is aborted |
| 22 | +becuase of the treclaim, so any memory written between the tbegin and the |
| 23 | +signal will be rolled back anyway. |
| 24 | + |
| 25 | +For signals taken in non-TM or suspended mode, we use the |
| 26 | +normal/non-checkpointed stack pointer. |
| 27 | + |
| 28 | |
| 29 | Failure cause codes used by kernel |
| 30 | ================================== |
| 31 | @@ -155,14 +174,18 @@ These are defined in <asm/reg.h>, and distinguish different reasons why the |
| 32 | kernel aborted a transaction: |
| 33 | |
| 34 | TM_CAUSE_RESCHED Thread was rescheduled. |
| 35 | + TM_CAUSE_TLBI Software TLB invalide. |
| 36 | TM_CAUSE_FAC_UNAV FP/VEC/VSX unavailable trap. |
| 37 | TM_CAUSE_SYSCALL Currently unused; future syscalls that must abort |
| 38 | transactions for consistency will use this. |
| 39 | TM_CAUSE_SIGNAL Signal delivered. |
| 40 | TM_CAUSE_MISC Currently unused. |
| 41 | + TM_CAUSE_ALIGNMENT Alignment fault. |
| 42 | + TM_CAUSE_EMULATE Emulation that touched memory. |
| 43 | |
| 44 | -These can be checked by the user program's abort handler as TEXASR[0:7]. |
| 45 | - |
| 46 | +These can be checked by the user program's abort handler as TEXASR[0:7]. If |
| 47 | +bit 7 is set, it indicates that the error is consider persistent. For example |
| 48 | +a TM_CAUSE_ALIGNMENT will be persistent while a TM_CAUSE_RESCHED will not.q |
| 49 | |
| 50 | GDB |
| 51 | === |
| 52 | diff --git a/arch/arc/include/asm/pgtable.h b/arch/arc/include/asm/pgtable.h |
| 53 | index b7e3668..8ca472c 100644 |
| 54 | --- a/arch/arc/include/asm/pgtable.h |
| 55 | +++ b/arch/arc/include/asm/pgtable.h |
| 56 | @@ -57,9 +57,9 @@ |
| 57 | |
| 58 | #define _PAGE_ACCESSED (1<<1) /* Page is accessed (S) */ |
| 59 | #define _PAGE_CACHEABLE (1<<2) /* Page is cached (H) */ |
| 60 | -#define _PAGE_EXECUTE (1<<3) /* Page has user execute perm (H) */ |
| 61 | -#define _PAGE_WRITE (1<<4) /* Page has user write perm (H) */ |
| 62 | -#define _PAGE_READ (1<<5) /* Page has user read perm (H) */ |
| 63 | +#define _PAGE_U_EXECUTE (1<<3) /* Page has user execute perm (H) */ |
| 64 | +#define _PAGE_U_WRITE (1<<4) /* Page has user write perm (H) */ |
| 65 | +#define _PAGE_U_READ (1<<5) /* Page has user read perm (H) */ |
| 66 | #define _PAGE_K_EXECUTE (1<<6) /* Page has kernel execute perm (H) */ |
| 67 | #define _PAGE_K_WRITE (1<<7) /* Page has kernel write perm (H) */ |
| 68 | #define _PAGE_K_READ (1<<8) /* Page has kernel perm (H) */ |
| 69 | @@ -72,9 +72,9 @@ |
| 70 | |
| 71 | /* PD1 */ |
| 72 | #define _PAGE_CACHEABLE (1<<0) /* Page is cached (H) */ |
| 73 | -#define _PAGE_EXECUTE (1<<1) /* Page has user execute perm (H) */ |
| 74 | -#define _PAGE_WRITE (1<<2) /* Page has user write perm (H) */ |
| 75 | -#define _PAGE_READ (1<<3) /* Page has user read perm (H) */ |
| 76 | +#define _PAGE_U_EXECUTE (1<<1) /* Page has user execute perm (H) */ |
| 77 | +#define _PAGE_U_WRITE (1<<2) /* Page has user write perm (H) */ |
| 78 | +#define _PAGE_U_READ (1<<3) /* Page has user read perm (H) */ |
| 79 | #define _PAGE_K_EXECUTE (1<<4) /* Page has kernel execute perm (H) */ |
| 80 | #define _PAGE_K_WRITE (1<<5) /* Page has kernel write perm (H) */ |
| 81 | #define _PAGE_K_READ (1<<6) /* Page has kernel perm (H) */ |
| 82 | @@ -93,7 +93,8 @@ |
| 83 | #endif |
| 84 | |
| 85 | /* Kernel allowed all permissions for all pages */ |
| 86 | -#define _K_PAGE_PERMS (_PAGE_K_EXECUTE | _PAGE_K_WRITE | _PAGE_K_READ) |
| 87 | +#define _K_PAGE_PERMS (_PAGE_K_EXECUTE | _PAGE_K_WRITE | _PAGE_K_READ | \ |
| 88 | + _PAGE_GLOBAL | _PAGE_PRESENT) |
| 89 | |
| 90 | #ifdef CONFIG_ARC_CACHE_PAGES |
| 91 | #define _PAGE_DEF_CACHEABLE _PAGE_CACHEABLE |
| 92 | @@ -106,7 +107,11 @@ |
| 93 | * -by default cached, unless config otherwise |
| 94 | * -present in memory |
| 95 | */ |
| 96 | -#define ___DEF (_PAGE_PRESENT | _K_PAGE_PERMS | _PAGE_DEF_CACHEABLE) |
| 97 | +#define ___DEF (_PAGE_PRESENT | _PAGE_DEF_CACHEABLE) |
| 98 | + |
| 99 | +#define _PAGE_READ (_PAGE_U_READ | _PAGE_K_READ) |
| 100 | +#define _PAGE_WRITE (_PAGE_U_WRITE | _PAGE_K_WRITE) |
| 101 | +#define _PAGE_EXECUTE (_PAGE_U_EXECUTE | _PAGE_K_EXECUTE) |
| 102 | |
| 103 | /* Set of bits not changed in pte_modify */ |
| 104 | #define _PAGE_CHG_MASK (PAGE_MASK | _PAGE_ACCESSED | _PAGE_MODIFIED) |
| 105 | @@ -125,11 +130,10 @@ |
| 106 | * kernel vaddr space - visible in all addr spaces, but kernel mode only |
| 107 | * Thus Global, all-kernel-access, no-user-access, cached |
| 108 | */ |
| 109 | -#define PAGE_KERNEL __pgprot(___DEF | _PAGE_GLOBAL) |
| 110 | +#define PAGE_KERNEL __pgprot(_K_PAGE_PERMS | _PAGE_DEF_CACHEABLE) |
| 111 | |
| 112 | /* ioremap */ |
| 113 | -#define PAGE_KERNEL_NO_CACHE __pgprot(_PAGE_PRESENT | _K_PAGE_PERMS | \ |
| 114 | - _PAGE_GLOBAL) |
| 115 | +#define PAGE_KERNEL_NO_CACHE __pgprot(_K_PAGE_PERMS) |
| 116 | |
| 117 | /************************************************************************** |
| 118 | * Mapping of vm_flags (Generic VM) to PTE flags (arch specific) |
| 119 | diff --git a/arch/arc/include/asm/tlb.h b/arch/arc/include/asm/tlb.h |
| 120 | index 3eb2ce0..5e0ee30 100644 |
| 121 | --- a/arch/arc/include/asm/tlb.h |
| 122 | +++ b/arch/arc/include/asm/tlb.h |
| 123 | @@ -16,7 +16,7 @@ |
| 124 | /* Masks for actual TLB "PD"s */ |
| 125 | #define PTE_BITS_IN_PD0 (_PAGE_GLOBAL | _PAGE_PRESENT) |
| 126 | #define PTE_BITS_IN_PD1 (PAGE_MASK | _PAGE_CACHEABLE | \ |
| 127 | - _PAGE_EXECUTE | _PAGE_WRITE | _PAGE_READ | \ |
| 128 | + _PAGE_U_EXECUTE | _PAGE_U_WRITE | _PAGE_U_READ | \ |
| 129 | _PAGE_K_EXECUTE | _PAGE_K_WRITE | _PAGE_K_READ) |
| 130 | |
| 131 | #ifndef __ASSEMBLY__ |
| 132 | diff --git a/arch/arc/mm/tlbex.S b/arch/arc/mm/tlbex.S |
| 133 | index 9df765d..3357d26 100644 |
| 134 | --- a/arch/arc/mm/tlbex.S |
| 135 | +++ b/arch/arc/mm/tlbex.S |
| 136 | @@ -277,7 +277,7 @@ ARC_ENTRY EV_TLBMissI |
| 137 | ;---------------------------------------------------------------- |
| 138 | ; VERIFY_PTE: Check if PTE permissions approp for executing code |
| 139 | cmp_s r2, VMALLOC_START |
| 140 | - mov.lo r2, (_PAGE_PRESENT | _PAGE_READ | _PAGE_EXECUTE) |
| 141 | + mov.lo r2, (_PAGE_PRESENT | _PAGE_U_READ | _PAGE_U_EXECUTE) |
| 142 | mov.hs r2, (_PAGE_PRESENT | _PAGE_K_READ | _PAGE_K_EXECUTE) |
| 143 | |
| 144 | and r3, r0, r2 ; Mask out NON Flag bits from PTE |
| 145 | @@ -320,9 +320,9 @@ ARC_ENTRY EV_TLBMissD |
| 146 | mov_s r2, 0 |
| 147 | lr r3, [ecr] |
| 148 | btst_s r3, ECR_C_BIT_DTLB_LD_MISS ; Read Access |
| 149 | - or.nz r2, r2, _PAGE_READ ; chk for Read flag in PTE |
| 150 | + or.nz r2, r2, _PAGE_U_READ ; chk for Read flag in PTE |
| 151 | btst_s r3, ECR_C_BIT_DTLB_ST_MISS ; Write Access |
| 152 | - or.nz r2, r2, _PAGE_WRITE ; chk for Write flag in PTE |
| 153 | + or.nz r2, r2, _PAGE_U_WRITE ; chk for Write flag in PTE |
| 154 | ; Above laddering takes care of XCHG access |
| 155 | ; which is both Read and Write |
| 156 | |
| 157 | diff --git a/arch/arm/boot/dts/at91sam9260.dtsi b/arch/arm/boot/dts/at91sam9260.dtsi |
| 158 | index 02b70a4..755a61e 100644 |
| 159 | --- a/arch/arm/boot/dts/at91sam9260.dtsi |
| 160 | +++ b/arch/arm/boot/dts/at91sam9260.dtsi |
| 161 | @@ -264,7 +264,7 @@ |
| 162 | atmel,pins = |
| 163 | <0 10 0x2 0x0 /* PA10 periph B */ |
| 164 | 0 11 0x2 0x0 /* PA11 periph B */ |
| 165 | - 0 24 0x2 0x0 /* PA24 periph B */ |
| 166 | + 0 22 0x2 0x0 /* PA22 periph B */ |
| 167 | 0 25 0x2 0x0 /* PA25 periph B */ |
| 168 | 0 26 0x2 0x0 /* PA26 periph B */ |
| 169 | 0 27 0x2 0x0 /* PA27 periph B */ |
| 170 | diff --git a/arch/arm/boot/dts/at91sam9x25ek.dts b/arch/arm/boot/dts/at91sam9x25ek.dts |
| 171 | index af907ea..80015b0 100644 |
| 172 | --- a/arch/arm/boot/dts/at91sam9x25ek.dts |
| 173 | +++ b/arch/arm/boot/dts/at91sam9x25ek.dts |
| 174 | @@ -11,6 +11,6 @@ |
| 175 | /include/ "at91sam9x5ek.dtsi" |
| 176 | |
| 177 | / { |
| 178 | - model = "Atmel AT91SAM9G25-EK"; |
| 179 | + model = "Atmel AT91SAM9X25-EK"; |
| 180 | compatible = "atmel,at91sam9x25ek", "atmel,at91sam9x5ek", "atmel,at91sam9x5", "atmel,at91sam9"; |
| 181 | }; |
| 182 | diff --git a/arch/arm/crypto/sha1-armv4-large.S b/arch/arm/crypto/sha1-armv4-large.S |
| 183 | index 92c6eed..99207c4 100644 |
| 184 | --- a/arch/arm/crypto/sha1-armv4-large.S |
| 185 | +++ b/arch/arm/crypto/sha1-armv4-large.S |
| 186 | @@ -195,6 +195,7 @@ ENTRY(sha1_block_data_order) |
| 187 | add r3,r3,r10 @ E+=F_00_19(B,C,D) |
| 188 | cmp r14,sp |
| 189 | bne .L_00_15 @ [((11+4)*5+2)*3] |
| 190 | + sub sp,sp,#25*4 |
| 191 | #if __ARM_ARCH__<7 |
| 192 | ldrb r10,[r1,#2] |
| 193 | ldrb r9,[r1,#3] |
| 194 | @@ -290,7 +291,6 @@ ENTRY(sha1_block_data_order) |
| 195 | add r3,r3,r10 @ E+=F_00_19(B,C,D) |
| 196 | |
| 197 | ldr r8,.LK_20_39 @ [+15+16*4] |
| 198 | - sub sp,sp,#25*4 |
| 199 | cmn sp,#0 @ [+3], clear carry to denote 20_39 |
| 200 | .L_20_39_or_60_79: |
| 201 | ldr r9,[r14,#15*4] |
| 202 | diff --git a/arch/arm/mach-at91/at91rm9200_time.c b/arch/arm/mach-at91/at91rm9200_time.c |
| 203 | index 2acdff4..180b302 100644 |
| 204 | --- a/arch/arm/mach-at91/at91rm9200_time.c |
| 205 | +++ b/arch/arm/mach-at91/at91rm9200_time.c |
| 206 | @@ -174,6 +174,7 @@ clkevt32k_next_event(unsigned long delta, struct clock_event_device *dev) |
| 207 | static struct clock_event_device clkevt = { |
| 208 | .name = "at91_tick", |
| 209 | .features = CLOCK_EVT_FEAT_PERIODIC | CLOCK_EVT_FEAT_ONESHOT, |
| 210 | + .shift = 32, |
| 211 | .rating = 150, |
| 212 | .set_next_event = clkevt32k_next_event, |
| 213 | .set_mode = clkevt32k_mode, |
| 214 | @@ -264,9 +265,11 @@ void __init at91rm9200_timer_init(void) |
| 215 | at91_st_write(AT91_ST_RTMR, 1); |
| 216 | |
| 217 | /* Setup timer clockevent, with minimum of two ticks (important!!) */ |
| 218 | + clkevt.mult = div_sc(AT91_SLOW_CLOCK, NSEC_PER_SEC, clkevt.shift); |
| 219 | + clkevt.max_delta_ns = clockevent_delta2ns(AT91_ST_ALMV, &clkevt); |
| 220 | + clkevt.min_delta_ns = clockevent_delta2ns(2, &clkevt) + 1; |
| 221 | clkevt.cpumask = cpumask_of(0); |
| 222 | - clockevents_config_and_register(&clkevt, AT91_SLOW_CLOCK, |
| 223 | - 2, AT91_ST_ALMV); |
| 224 | + clockevents_register_device(&clkevt); |
| 225 | |
| 226 | /* register clocksource */ |
| 227 | clocksource_register_hz(&clk32k, AT91_SLOW_CLOCK); |
| 228 | diff --git a/arch/arm/mach-kirkwood/ts219-setup.c b/arch/arm/mach-kirkwood/ts219-setup.c |
| 229 | index 283abff..e1267d6 100644 |
| 230 | --- a/arch/arm/mach-kirkwood/ts219-setup.c |
| 231 | +++ b/arch/arm/mach-kirkwood/ts219-setup.c |
| 232 | @@ -124,7 +124,7 @@ static void __init qnap_ts219_init(void) |
| 233 | static int __init ts219_pci_init(void) |
| 234 | { |
| 235 | if (machine_is_ts219()) |
| 236 | - kirkwood_pcie_init(KW_PCIE0); |
| 237 | + kirkwood_pcie_init(KW_PCIE1 | KW_PCIE0); |
| 238 | |
| 239 | return 0; |
| 240 | } |
| 241 | diff --git a/arch/arm/mach-omap2/cclock33xx_data.c b/arch/arm/mach-omap2/cclock33xx_data.c |
| 242 | index 476b820..8327721 100644 |
| 243 | --- a/arch/arm/mach-omap2/cclock33xx_data.c |
| 244 | +++ b/arch/arm/mach-omap2/cclock33xx_data.c |
| 245 | @@ -446,9 +446,29 @@ DEFINE_CLK_GATE(cefuse_fck, "sys_clkin_ck", &sys_clkin_ck, 0x0, |
| 246 | */ |
| 247 | DEFINE_CLK_FIXED_FACTOR(clkdiv32k_ck, "clk_24mhz", &clk_24mhz, 0x0, 1, 732); |
| 248 | |
| 249 | -DEFINE_CLK_GATE(clkdiv32k_ick, "clkdiv32k_ck", &clkdiv32k_ck, 0x0, |
| 250 | - AM33XX_CM_PER_CLKDIV32K_CLKCTRL, AM33XX_MODULEMODE_SWCTRL_SHIFT, |
| 251 | - 0x0, NULL); |
| 252 | +static struct clk clkdiv32k_ick; |
| 253 | + |
| 254 | +static const char *clkdiv32k_ick_parent_names[] = { |
| 255 | + "clkdiv32k_ck", |
| 256 | +}; |
| 257 | + |
| 258 | +static const struct clk_ops clkdiv32k_ick_ops = { |
| 259 | + .enable = &omap2_dflt_clk_enable, |
| 260 | + .disable = &omap2_dflt_clk_disable, |
| 261 | + .is_enabled = &omap2_dflt_clk_is_enabled, |
| 262 | + .init = &omap2_init_clk_clkdm, |
| 263 | +}; |
| 264 | + |
| 265 | +static struct clk_hw_omap clkdiv32k_ick_hw = { |
| 266 | + .hw = { |
| 267 | + .clk = &clkdiv32k_ick, |
| 268 | + }, |
| 269 | + .enable_reg = AM33XX_CM_PER_CLKDIV32K_CLKCTRL, |
| 270 | + .enable_bit = AM33XX_MODULEMODE_SWCTRL_SHIFT, |
| 271 | + .clkdm_name = "clk_24mhz_clkdm", |
| 272 | +}; |
| 273 | + |
| 274 | +DEFINE_STRUCT_CLK(clkdiv32k_ick, clkdiv32k_ick_parent_names, clkdiv32k_ick_ops); |
| 275 | |
| 276 | /* "usbotg_fck" is an additional clock and not really a modulemode */ |
| 277 | DEFINE_CLK_GATE(usbotg_fck, "dpll_per_ck", &dpll_per_ck, 0x0, |
| 278 | diff --git a/arch/arm/mach-omap2/omap_hwmod.c b/arch/arm/mach-omap2/omap_hwmod.c |
| 279 | index a202a47..3a750de 100644 |
| 280 | --- a/arch/arm/mach-omap2/omap_hwmod.c |
| 281 | +++ b/arch/arm/mach-omap2/omap_hwmod.c |
| 282 | @@ -2066,7 +2066,7 @@ static int _omap4_get_context_lost(struct omap_hwmod *oh) |
| 283 | * do so is present in the hwmod data, then call it and pass along the |
| 284 | * return value; otherwise, return 0. |
| 285 | */ |
| 286 | -static int __init _enable_preprogram(struct omap_hwmod *oh) |
| 287 | +static int _enable_preprogram(struct omap_hwmod *oh) |
| 288 | { |
| 289 | if (!oh->class->enable_preprogram) |
| 290 | return 0; |
| 291 | diff --git a/arch/arm/plat-orion/common.c b/arch/arm/plat-orion/common.c |
| 292 | index 2d4b641..7bb9619 100644 |
| 293 | --- a/arch/arm/plat-orion/common.c |
| 294 | +++ b/arch/arm/plat-orion/common.c |
| 295 | @@ -373,7 +373,7 @@ static struct resource orion_ge10_shared_resources[] = { |
| 296 | |
| 297 | static struct platform_device orion_ge10_shared = { |
| 298 | .name = MV643XX_ETH_SHARED_NAME, |
| 299 | - .id = 1, |
| 300 | + .id = 2, |
| 301 | .dev = { |
| 302 | .platform_data = &orion_ge10_shared_data, |
| 303 | }, |
| 304 | @@ -388,8 +388,8 @@ static struct resource orion_ge10_resources[] = { |
| 305 | |
| 306 | static struct platform_device orion_ge10 = { |
| 307 | .name = MV643XX_ETH_NAME, |
| 308 | - .id = 1, |
| 309 | - .num_resources = 2, |
| 310 | + .id = 2, |
| 311 | + .num_resources = 1, |
| 312 | .resource = orion_ge10_resources, |
| 313 | .dev = { |
| 314 | .coherent_dma_mask = DMA_BIT_MASK(32), |
| 315 | @@ -425,7 +425,7 @@ static struct resource orion_ge11_shared_resources[] = { |
| 316 | |
| 317 | static struct platform_device orion_ge11_shared = { |
| 318 | .name = MV643XX_ETH_SHARED_NAME, |
| 319 | - .id = 1, |
| 320 | + .id = 3, |
| 321 | .dev = { |
| 322 | .platform_data = &orion_ge11_shared_data, |
| 323 | }, |
| 324 | @@ -440,8 +440,8 @@ static struct resource orion_ge11_resources[] = { |
| 325 | |
| 326 | static struct platform_device orion_ge11 = { |
| 327 | .name = MV643XX_ETH_NAME, |
| 328 | - .id = 1, |
| 329 | - .num_resources = 2, |
| 330 | + .id = 3, |
| 331 | + .num_resources = 1, |
| 332 | .resource = orion_ge11_resources, |
| 333 | .dev = { |
| 334 | .coherent_dma_mask = DMA_BIT_MASK(32), |
| 335 | diff --git a/arch/arm/plat-samsung/setup-mipiphy.c b/arch/arm/plat-samsung/setup-mipiphy.c |
| 336 | index 1474593..66df315 100644 |
| 337 | --- a/arch/arm/plat-samsung/setup-mipiphy.c |
| 338 | +++ b/arch/arm/plat-samsung/setup-mipiphy.c |
| 339 | @@ -8,6 +8,7 @@ |
| 340 | * published by the Free Software Foundation. |
| 341 | */ |
| 342 | |
| 343 | +#include <linux/export.h> |
| 344 | #include <linux/kernel.h> |
| 345 | #include <linux/platform_device.h> |
| 346 | #include <linux/io.h> |
| 347 | @@ -50,8 +51,10 @@ int s5p_csis_phy_enable(int id, bool on) |
| 348 | { |
| 349 | return __s5p_mipi_phy_control(id, on, S5P_MIPI_DPHY_SRESETN); |
| 350 | } |
| 351 | +EXPORT_SYMBOL(s5p_csis_phy_enable); |
| 352 | |
| 353 | int s5p_dsim_phy_enable(struct platform_device *pdev, bool on) |
| 354 | { |
| 355 | return __s5p_mipi_phy_control(pdev->id, on, S5P_MIPI_DPHY_MRESETN); |
| 356 | } |
| 357 | +EXPORT_SYMBOL(s5p_dsim_phy_enable); |
| 358 | diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c |
| 359 | index b3c5f62..671136e 100644 |
| 360 | --- a/arch/arm64/kernel/traps.c |
| 361 | +++ b/arch/arm64/kernel/traps.c |
| 362 | @@ -317,14 +317,20 @@ asmlinkage long do_ni_syscall(struct pt_regs *regs) |
| 363 | */ |
| 364 | asmlinkage void bad_mode(struct pt_regs *regs, int reason, unsigned int esr) |
| 365 | { |
| 366 | + siginfo_t info; |
| 367 | + void __user *pc = (void __user *)instruction_pointer(regs); |
| 368 | console_verbose(); |
| 369 | |
| 370 | pr_crit("Bad mode in %s handler detected, code 0x%08x\n", |
| 371 | handler[reason], esr); |
| 372 | + __show_regs(regs); |
| 373 | + |
| 374 | + info.si_signo = SIGILL; |
| 375 | + info.si_errno = 0; |
| 376 | + info.si_code = ILL_ILLOPC; |
| 377 | + info.si_addr = pc; |
| 378 | |
| 379 | - die("Oops - bad mode", regs, 0); |
| 380 | - local_irq_disable(); |
| 381 | - panic("bad mode"); |
| 382 | + arm64_notify_die("Oops - bad mode", regs, &info, 0); |
| 383 | } |
| 384 | |
| 385 | void __pte_error(const char *file, int line, unsigned long val) |
| 386 | diff --git a/arch/avr32/kernel/module.c b/arch/avr32/kernel/module.c |
| 387 | index 596f730..2c94129 100644 |
| 388 | --- a/arch/avr32/kernel/module.c |
| 389 | +++ b/arch/avr32/kernel/module.c |
| 390 | @@ -264,7 +264,7 @@ int apply_relocate_add(Elf32_Shdr *sechdrs, const char *strtab, |
| 391 | break; |
| 392 | case R_AVR32_GOT18SW: |
| 393 | if ((relocation & 0xfffe0003) != 0 |
| 394 | - && (relocation & 0xfffc0003) != 0xffff0000) |
| 395 | + && (relocation & 0xfffc0000) != 0xfffc0000) |
| 396 | return reloc_overflow(module, "R_AVR32_GOT18SW", |
| 397 | relocation); |
| 398 | relocation >>= 2; |
| 399 | diff --git a/arch/m68k/kernel/head.S b/arch/m68k/kernel/head.S |
| 400 | index d197e7f..ac85f16 100644 |
| 401 | --- a/arch/m68k/kernel/head.S |
| 402 | +++ b/arch/m68k/kernel/head.S |
| 403 | @@ -2752,11 +2752,9 @@ func_return get_new_page |
| 404 | #ifdef CONFIG_MAC |
| 405 | |
| 406 | L(scc_initable_mac): |
| 407 | - .byte 9,12 /* Reset */ |
| 408 | .byte 4,0x44 /* x16, 1 stopbit, no parity */ |
| 409 | .byte 3,0xc0 /* receiver: 8 bpc */ |
| 410 | .byte 5,0xe2 /* transmitter: 8 bpc, assert dtr/rts */ |
| 411 | - .byte 9,0 /* no interrupts */ |
| 412 | .byte 10,0 /* NRZ */ |
| 413 | .byte 11,0x50 /* use baud rate generator */ |
| 414 | .byte 12,1,13,0 /* 38400 baud */ |
| 415 | @@ -2899,6 +2897,7 @@ func_start serial_init,%d0/%d1/%a0/%a1 |
| 416 | is_not_mac(L(serial_init_not_mac)) |
| 417 | |
| 418 | #ifdef SERIAL_DEBUG |
| 419 | + |
| 420 | /* You may define either or both of these. */ |
| 421 | #define MAC_USE_SCC_A /* Modem port */ |
| 422 | #define MAC_USE_SCC_B /* Printer port */ |
| 423 | @@ -2908,9 +2907,21 @@ func_start serial_init,%d0/%d1/%a0/%a1 |
| 424 | #define mac_scc_cha_b_data_offset 0x4 |
| 425 | #define mac_scc_cha_a_data_offset 0x6 |
| 426 | |
| 427 | +#if defined(MAC_USE_SCC_A) || defined(MAC_USE_SCC_B) |
| 428 | + movel %pc@(L(mac_sccbase)),%a0 |
| 429 | + /* Reset SCC device */ |
| 430 | + moveb #9,%a0@(mac_scc_cha_a_ctrl_offset) |
| 431 | + moveb #0xc0,%a0@(mac_scc_cha_a_ctrl_offset) |
| 432 | + /* Wait for 5 PCLK cycles, which is about 68 CPU cycles */ |
| 433 | + /* 5 / 3.6864 MHz = approx. 1.36 us = 68 / 50 MHz */ |
| 434 | + movel #35,%d0 |
| 435 | +5: |
| 436 | + subq #1,%d0 |
| 437 | + jne 5b |
| 438 | +#endif |
| 439 | + |
| 440 | #ifdef MAC_USE_SCC_A |
| 441 | /* Initialize channel A */ |
| 442 | - movel %pc@(L(mac_sccbase)),%a0 |
| 443 | lea %pc@(L(scc_initable_mac)),%a1 |
| 444 | 5: moveb %a1@+,%d0 |
| 445 | jmi 6f |
| 446 | @@ -2922,9 +2933,6 @@ func_start serial_init,%d0/%d1/%a0/%a1 |
| 447 | |
| 448 | #ifdef MAC_USE_SCC_B |
| 449 | /* Initialize channel B */ |
| 450 | -#ifndef MAC_USE_SCC_A /* Load mac_sccbase only if needed */ |
| 451 | - movel %pc@(L(mac_sccbase)),%a0 |
| 452 | -#endif /* MAC_USE_SCC_A */ |
| 453 | lea %pc@(L(scc_initable_mac)),%a1 |
| 454 | 7: moveb %a1@+,%d0 |
| 455 | jmi 8f |
| 456 | @@ -2933,6 +2941,7 @@ func_start serial_init,%d0/%d1/%a0/%a1 |
| 457 | jra 7b |
| 458 | 8: |
| 459 | #endif /* MAC_USE_SCC_B */ |
| 460 | + |
| 461 | #endif /* SERIAL_DEBUG */ |
| 462 | |
| 463 | jra L(serial_init_done) |
| 464 | @@ -3006,17 +3015,17 @@ func_start serial_putc,%d0/%d1/%a0/%a1 |
| 465 | |
| 466 | #ifdef SERIAL_DEBUG |
| 467 | |
| 468 | -#ifdef MAC_USE_SCC_A |
| 469 | +#if defined(MAC_USE_SCC_A) || defined(MAC_USE_SCC_B) |
| 470 | movel %pc@(L(mac_sccbase)),%a1 |
| 471 | +#endif |
| 472 | + |
| 473 | +#ifdef MAC_USE_SCC_A |
| 474 | 3: btst #2,%a1@(mac_scc_cha_a_ctrl_offset) |
| 475 | jeq 3b |
| 476 | moveb %d0,%a1@(mac_scc_cha_a_data_offset) |
| 477 | #endif /* MAC_USE_SCC_A */ |
| 478 | |
| 479 | #ifdef MAC_USE_SCC_B |
| 480 | -#ifndef MAC_USE_SCC_A /* Load mac_sccbase only if needed */ |
| 481 | - movel %pc@(L(mac_sccbase)),%a1 |
| 482 | -#endif /* MAC_USE_SCC_A */ |
| 483 | 4: btst #2,%a1@(mac_scc_cha_b_ctrl_offset) |
| 484 | jeq 4b |
| 485 | moveb %d0,%a1@(mac_scc_cha_b_data_offset) |
| 486 | diff --git a/arch/powerpc/include/asm/processor.h b/arch/powerpc/include/asm/processor.h |
| 487 | index 7ff9eaa..a7b42ca 100644 |
| 488 | --- a/arch/powerpc/include/asm/processor.h |
| 489 | +++ b/arch/powerpc/include/asm/processor.h |
| 490 | @@ -407,21 +407,16 @@ static inline void prefetchw(const void *x) |
| 491 | #endif |
| 492 | |
| 493 | #ifdef CONFIG_PPC64 |
| 494 | -static inline unsigned long get_clean_sp(struct pt_regs *regs, int is_32) |
| 495 | +static inline unsigned long get_clean_sp(unsigned long sp, int is_32) |
| 496 | { |
| 497 | - unsigned long sp; |
| 498 | - |
| 499 | if (is_32) |
| 500 | - sp = regs->gpr[1] & 0x0ffffffffUL; |
| 501 | - else |
| 502 | - sp = regs->gpr[1]; |
| 503 | - |
| 504 | + return sp & 0x0ffffffffUL; |
| 505 | return sp; |
| 506 | } |
| 507 | #else |
| 508 | -static inline unsigned long get_clean_sp(struct pt_regs *regs, int is_32) |
| 509 | +static inline unsigned long get_clean_sp(unsigned long sp, int is_32) |
| 510 | { |
| 511 | - return regs->gpr[1]; |
| 512 | + return sp; |
| 513 | } |
| 514 | #endif |
| 515 | |
| 516 | diff --git a/arch/powerpc/include/asm/reg.h b/arch/powerpc/include/asm/reg.h |
| 517 | index c9c67fc..3b097a8 100644 |
| 518 | --- a/arch/powerpc/include/asm/reg.h |
| 519 | +++ b/arch/powerpc/include/asm/reg.h |
| 520 | @@ -111,17 +111,6 @@ |
| 521 | #define MSR_TM_TRANSACTIONAL(x) (((x) & MSR_TS_MASK) == MSR_TS_T) |
| 522 | #define MSR_TM_SUSPENDED(x) (((x) & MSR_TS_MASK) == MSR_TS_S) |
| 523 | |
| 524 | -/* Reason codes describing kernel causes for transaction aborts. By |
| 525 | - convention, bit0 is copied to TEXASR[56] (IBM bit 7) which is set if |
| 526 | - the failure is persistent. |
| 527 | -*/ |
| 528 | -#define TM_CAUSE_RESCHED 0xfe |
| 529 | -#define TM_CAUSE_TLBI 0xfc |
| 530 | -#define TM_CAUSE_FAC_UNAV 0xfa |
| 531 | -#define TM_CAUSE_SYSCALL 0xf9 /* Persistent */ |
| 532 | -#define TM_CAUSE_MISC 0xf6 |
| 533 | -#define TM_CAUSE_SIGNAL 0xf4 |
| 534 | - |
| 535 | #if defined(CONFIG_PPC_BOOK3S_64) |
| 536 | #define MSR_64BIT MSR_SF |
| 537 | |
| 538 | diff --git a/arch/powerpc/include/asm/signal.h b/arch/powerpc/include/asm/signal.h |
| 539 | index fbe66c4..9322c28 100644 |
| 540 | --- a/arch/powerpc/include/asm/signal.h |
| 541 | +++ b/arch/powerpc/include/asm/signal.h |
| 542 | @@ -3,5 +3,8 @@ |
| 543 | |
| 544 | #define __ARCH_HAS_SA_RESTORER |
| 545 | #include <uapi/asm/signal.h> |
| 546 | +#include <uapi/asm/ptrace.h> |
| 547 | + |
| 548 | +extern unsigned long get_tm_stackpointer(struct pt_regs *regs); |
| 549 | |
| 550 | #endif /* _ASM_POWERPC_SIGNAL_H */ |
| 551 | diff --git a/arch/powerpc/include/asm/tm.h b/arch/powerpc/include/asm/tm.h |
| 552 | index 4b4449a..9dfbc34 100644 |
| 553 | --- a/arch/powerpc/include/asm/tm.h |
| 554 | +++ b/arch/powerpc/include/asm/tm.h |
| 555 | @@ -5,6 +5,8 @@ |
| 556 | * Copyright 2012 Matt Evans & Michael Neuling, IBM Corporation. |
| 557 | */ |
| 558 | |
| 559 | +#include <uapi/asm/tm.h> |
| 560 | + |
| 561 | #ifdef CONFIG_PPC_TRANSACTIONAL_MEM |
| 562 | extern void do_load_up_transact_fpu(struct thread_struct *thread); |
| 563 | extern void do_load_up_transact_altivec(struct thread_struct *thread); |
| 564 | diff --git a/arch/powerpc/include/uapi/asm/Kbuild b/arch/powerpc/include/uapi/asm/Kbuild |
| 565 | index f7bca63..5182c86 100644 |
| 566 | --- a/arch/powerpc/include/uapi/asm/Kbuild |
| 567 | +++ b/arch/powerpc/include/uapi/asm/Kbuild |
| 568 | @@ -40,6 +40,7 @@ header-y += statfs.h |
| 569 | header-y += swab.h |
| 570 | header-y += termbits.h |
| 571 | header-y += termios.h |
| 572 | +header-y += tm.h |
| 573 | header-y += types.h |
| 574 | header-y += ucontext.h |
| 575 | header-y += unistd.h |
| 576 | diff --git a/arch/powerpc/include/uapi/asm/tm.h b/arch/powerpc/include/uapi/asm/tm.h |
| 577 | new file mode 100644 |
| 578 | index 0000000..85059a0 |
| 579 | --- /dev/null |
| 580 | +++ b/arch/powerpc/include/uapi/asm/tm.h |
| 581 | @@ -0,0 +1,18 @@ |
| 582 | +#ifndef _ASM_POWERPC_TM_H |
| 583 | +#define _ASM_POWERPC_TM_H |
| 584 | + |
| 585 | +/* Reason codes describing kernel causes for transaction aborts. By |
| 586 | + * convention, bit0 is copied to TEXASR[56] (IBM bit 7) which is set if |
| 587 | + * the failure is persistent. PAPR saves 0xff-0xe0 for the hypervisor. |
| 588 | + */ |
| 589 | +#define TM_CAUSE_PERSISTENT 0x01 |
| 590 | +#define TM_CAUSE_RESCHED 0xde |
| 591 | +#define TM_CAUSE_TLBI 0xdc |
| 592 | +#define TM_CAUSE_FAC_UNAV 0xda |
| 593 | +#define TM_CAUSE_SYSCALL 0xd8 /* future use */ |
| 594 | +#define TM_CAUSE_MISC 0xd6 /* future use */ |
| 595 | +#define TM_CAUSE_SIGNAL 0xd4 |
| 596 | +#define TM_CAUSE_ALIGNMENT 0xd2 |
| 597 | +#define TM_CAUSE_EMULATE 0xd0 |
| 598 | + |
| 599 | +#endif |
| 600 | diff --git a/arch/powerpc/kernel/entry_32.S b/arch/powerpc/kernel/entry_32.S |
| 601 | index e514de5..4498467 100644 |
| 602 | --- a/arch/powerpc/kernel/entry_32.S |
| 603 | +++ b/arch/powerpc/kernel/entry_32.S |
| 604 | @@ -851,7 +851,7 @@ resume_kernel: |
| 605 | /* check current_thread_info, _TIF_EMULATE_STACK_STORE */ |
| 606 | CURRENT_THREAD_INFO(r9, r1) |
| 607 | lwz r8,TI_FLAGS(r9) |
| 608 | - andis. r8,r8,_TIF_EMULATE_STACK_STORE@h |
| 609 | + andis. r0,r8,_TIF_EMULATE_STACK_STORE@h |
| 610 | beq+ 1f |
| 611 | |
| 612 | addi r8,r1,INT_FRAME_SIZE /* Get the kprobed function entry */ |
| 613 | diff --git a/arch/powerpc/kernel/signal.c b/arch/powerpc/kernel/signal.c |
| 614 | index cf12eae..78760b8 100644 |
| 615 | --- a/arch/powerpc/kernel/signal.c |
| 616 | +++ b/arch/powerpc/kernel/signal.c |
| 617 | @@ -17,6 +17,7 @@ |
| 618 | #include <asm/uaccess.h> |
| 619 | #include <asm/unistd.h> |
| 620 | #include <asm/debug.h> |
| 621 | +#include <asm/tm.h> |
| 622 | |
| 623 | #include "signal.h" |
| 624 | |
| 625 | @@ -29,13 +30,13 @@ int show_unhandled_signals = 0; |
| 626 | /* |
| 627 | * Allocate space for the signal frame |
| 628 | */ |
| 629 | -void __user * get_sigframe(struct k_sigaction *ka, struct pt_regs *regs, |
| 630 | +void __user * get_sigframe(struct k_sigaction *ka, unsigned long sp, |
| 631 | size_t frame_size, int is_32) |
| 632 | { |
| 633 | unsigned long oldsp, newsp; |
| 634 | |
| 635 | /* Default to using normal stack */ |
| 636 | - oldsp = get_clean_sp(regs, is_32); |
| 637 | + oldsp = get_clean_sp(sp, is_32); |
| 638 | |
| 639 | /* Check for alt stack */ |
| 640 | if ((ka->sa.sa_flags & SA_ONSTACK) && |
| 641 | @@ -170,3 +171,38 @@ void do_notify_resume(struct pt_regs *regs, unsigned long thread_info_flags) |
| 642 | tracehook_notify_resume(regs); |
| 643 | } |
| 644 | } |
| 645 | + |
| 646 | +unsigned long get_tm_stackpointer(struct pt_regs *regs) |
| 647 | +{ |
| 648 | + /* When in an active transaction that takes a signal, we need to be |
| 649 | + * careful with the stack. It's possible that the stack has moved back |
| 650 | + * up after the tbegin. The obvious case here is when the tbegin is |
| 651 | + * called inside a function that returns before a tend. In this case, |
| 652 | + * the stack is part of the checkpointed transactional memory state. |
| 653 | + * If we write over this non transactionally or in suspend, we are in |
| 654 | + * trouble because if we get a tm abort, the program counter and stack |
| 655 | + * pointer will be back at the tbegin but our in memory stack won't be |
| 656 | + * valid anymore. |
| 657 | + * |
| 658 | + * To avoid this, when taking a signal in an active transaction, we |
| 659 | + * need to use the stack pointer from the checkpointed state, rather |
| 660 | + * than the speculated state. This ensures that the signal context |
| 661 | + * (written tm suspended) will be written below the stack required for |
| 662 | + * the rollback. The transaction is aborted becuase of the treclaim, |
| 663 | + * so any memory written between the tbegin and the signal will be |
| 664 | + * rolled back anyway. |
| 665 | + * |
| 666 | + * For signals taken in non-TM or suspended mode, we use the |
| 667 | + * normal/non-checkpointed stack pointer. |
| 668 | + */ |
| 669 | + |
| 670 | +#ifdef CONFIG_PPC_TRANSACTIONAL_MEM |
| 671 | + if (MSR_TM_ACTIVE(regs->msr)) { |
| 672 | + tm_enable(); |
| 673 | + tm_reclaim(¤t->thread, regs->msr, TM_CAUSE_SIGNAL); |
| 674 | + if (MSR_TM_TRANSACTIONAL(regs->msr)) |
| 675 | + return current->thread.ckpt_regs.gpr[1]; |
| 676 | + } |
| 677 | +#endif |
| 678 | + return regs->gpr[1]; |
| 679 | +} |
| 680 | diff --git a/arch/powerpc/kernel/signal.h b/arch/powerpc/kernel/signal.h |
| 681 | index ec84c90..c69b9ae 100644 |
| 682 | --- a/arch/powerpc/kernel/signal.h |
| 683 | +++ b/arch/powerpc/kernel/signal.h |
| 684 | @@ -12,7 +12,7 @@ |
| 685 | |
| 686 | extern void do_notify_resume(struct pt_regs *regs, unsigned long thread_info_flags); |
| 687 | |
| 688 | -extern void __user * get_sigframe(struct k_sigaction *ka, struct pt_regs *regs, |
| 689 | +extern void __user * get_sigframe(struct k_sigaction *ka, unsigned long sp, |
| 690 | size_t frame_size, int is_32); |
| 691 | |
| 692 | extern int handle_signal32(unsigned long sig, struct k_sigaction *ka, |
| 693 | diff --git a/arch/powerpc/kernel/signal_32.c b/arch/powerpc/kernel/signal_32.c |
| 694 | index 95068bf..201385c 100644 |
| 695 | --- a/arch/powerpc/kernel/signal_32.c |
| 696 | +++ b/arch/powerpc/kernel/signal_32.c |
| 697 | @@ -503,12 +503,6 @@ static int save_tm_user_regs(struct pt_regs *regs, |
| 698 | { |
| 699 | unsigned long msr = regs->msr; |
| 700 | |
| 701 | - /* tm_reclaim rolls back all reg states, updating thread.ckpt_regs, |
| 702 | - * thread.transact_fpr[], thread.transact_vr[], etc. |
| 703 | - */ |
| 704 | - tm_enable(); |
| 705 | - tm_reclaim(¤t->thread, msr, TM_CAUSE_SIGNAL); |
| 706 | - |
| 707 | /* Make sure floating point registers are stored in regs */ |
| 708 | flush_fp_to_thread(current); |
| 709 | |
| 710 | @@ -965,7 +959,7 @@ int handle_rt_signal32(unsigned long sig, struct k_sigaction *ka, |
| 711 | |
| 712 | /* Set up Signal Frame */ |
| 713 | /* Put a Real Time Context onto stack */ |
| 714 | - rt_sf = get_sigframe(ka, regs, sizeof(*rt_sf), 1); |
| 715 | + rt_sf = get_sigframe(ka, get_tm_stackpointer(regs), sizeof(*rt_sf), 1); |
| 716 | addr = rt_sf; |
| 717 | if (unlikely(rt_sf == NULL)) |
| 718 | goto badframe; |
| 719 | @@ -1403,7 +1397,7 @@ int handle_signal32(unsigned long sig, struct k_sigaction *ka, |
| 720 | unsigned long tramp; |
| 721 | |
| 722 | /* Set up Signal Frame */ |
| 723 | - frame = get_sigframe(ka, regs, sizeof(*frame), 1); |
| 724 | + frame = get_sigframe(ka, get_tm_stackpointer(regs), sizeof(*frame), 1); |
| 725 | if (unlikely(frame == NULL)) |
| 726 | goto badframe; |
| 727 | sc = (struct sigcontext __user *) &frame->sctx; |
| 728 | diff --git a/arch/powerpc/kernel/signal_64.c b/arch/powerpc/kernel/signal_64.c |
| 729 | index c179428..3459473 100644 |
| 730 | --- a/arch/powerpc/kernel/signal_64.c |
| 731 | +++ b/arch/powerpc/kernel/signal_64.c |
| 732 | @@ -154,11 +154,12 @@ static long setup_sigcontext(struct sigcontext __user *sc, struct pt_regs *regs, |
| 733 | * As above, but Transactional Memory is in use, so deliver sigcontexts |
| 734 | * containing checkpointed and transactional register states. |
| 735 | * |
| 736 | - * To do this, we treclaim to gather both sets of registers and set up the |
| 737 | - * 'normal' sigcontext registers with rolled-back register values such that a |
| 738 | - * simple signal handler sees a correct checkpointed register state. |
| 739 | - * If interested, a TM-aware sighandler can examine the transactional registers |
| 740 | - * in the 2nd sigcontext to determine the real origin of the signal. |
| 741 | + * To do this, we treclaim (done before entering here) to gather both sets of |
| 742 | + * registers and set up the 'normal' sigcontext registers with rolled-back |
| 743 | + * register values such that a simple signal handler sees a correct |
| 744 | + * checkpointed register state. If interested, a TM-aware sighandler can |
| 745 | + * examine the transactional registers in the 2nd sigcontext to determine the |
| 746 | + * real origin of the signal. |
| 747 | */ |
| 748 | static long setup_tm_sigcontexts(struct sigcontext __user *sc, |
| 749 | struct sigcontext __user *tm_sc, |
| 750 | @@ -184,16 +185,6 @@ static long setup_tm_sigcontexts(struct sigcontext __user *sc, |
| 751 | |
| 752 | BUG_ON(!MSR_TM_ACTIVE(regs->msr)); |
| 753 | |
| 754 | - /* tm_reclaim rolls back all reg states, saving checkpointed (older) |
| 755 | - * GPRs to thread.ckpt_regs and (if used) FPRs to (newer) |
| 756 | - * thread.transact_fp and/or VRs to (newer) thread.transact_vr. |
| 757 | - * THEN we save out FP/VRs, if necessary, to the checkpointed (older) |
| 758 | - * thread.fr[]/vr[]s. The transactional (newer) GPRs are on the |
| 759 | - * stack, in *regs. |
| 760 | - */ |
| 761 | - tm_enable(); |
| 762 | - tm_reclaim(¤t->thread, msr, TM_CAUSE_SIGNAL); |
| 763 | - |
| 764 | flush_fp_to_thread(current); |
| 765 | |
| 766 | #ifdef CONFIG_ALTIVEC |
| 767 | @@ -711,7 +702,7 @@ int handle_rt_signal64(int signr, struct k_sigaction *ka, siginfo_t *info, |
| 768 | unsigned long newsp = 0; |
| 769 | long err = 0; |
| 770 | |
| 771 | - frame = get_sigframe(ka, regs, sizeof(*frame), 0); |
| 772 | + frame = get_sigframe(ka, get_tm_stackpointer(regs), sizeof(*frame), 0); |
| 773 | if (unlikely(frame == NULL)) |
| 774 | goto badframe; |
| 775 | |
| 776 | diff --git a/arch/powerpc/kernel/traps.c b/arch/powerpc/kernel/traps.c |
| 777 | index 83efa2f..1c22b2d 100644 |
| 778 | --- a/arch/powerpc/kernel/traps.c |
| 779 | +++ b/arch/powerpc/kernel/traps.c |
| 780 | @@ -52,6 +52,7 @@ |
| 781 | #ifdef CONFIG_PPC64 |
| 782 | #include <asm/firmware.h> |
| 783 | #include <asm/processor.h> |
| 784 | +#include <asm/tm.h> |
| 785 | #endif |
| 786 | #include <asm/kexec.h> |
| 787 | #include <asm/ppc-opcode.h> |
| 788 | @@ -913,6 +914,28 @@ static int emulate_isel(struct pt_regs *regs, u32 instword) |
| 789 | return 0; |
| 790 | } |
| 791 | |
| 792 | +#ifdef CONFIG_PPC_TRANSACTIONAL_MEM |
| 793 | +static inline bool tm_abort_check(struct pt_regs *regs, int cause) |
| 794 | +{ |
| 795 | + /* If we're emulating a load/store in an active transaction, we cannot |
| 796 | + * emulate it as the kernel operates in transaction suspended context. |
| 797 | + * We need to abort the transaction. This creates a persistent TM |
| 798 | + * abort so tell the user what caused it with a new code. |
| 799 | + */ |
| 800 | + if (MSR_TM_TRANSACTIONAL(regs->msr)) { |
| 801 | + tm_enable(); |
| 802 | + tm_abort(cause); |
| 803 | + return true; |
| 804 | + } |
| 805 | + return false; |
| 806 | +} |
| 807 | +#else |
| 808 | +static inline bool tm_abort_check(struct pt_regs *regs, int reason) |
| 809 | +{ |
| 810 | + return false; |
| 811 | +} |
| 812 | +#endif |
| 813 | + |
| 814 | static int emulate_instruction(struct pt_regs *regs) |
| 815 | { |
| 816 | u32 instword; |
| 817 | @@ -952,6 +975,9 @@ static int emulate_instruction(struct pt_regs *regs) |
| 818 | |
| 819 | /* Emulate load/store string insn. */ |
| 820 | if ((instword & PPC_INST_STRING_GEN_MASK) == PPC_INST_STRING) { |
| 821 | + if (tm_abort_check(regs, |
| 822 | + TM_CAUSE_EMULATE | TM_CAUSE_PERSISTENT)) |
| 823 | + return -EINVAL; |
| 824 | PPC_WARN_EMULATED(string, regs); |
| 825 | return emulate_string_inst(regs, instword); |
| 826 | } |
| 827 | @@ -1124,6 +1150,9 @@ void alignment_exception(struct pt_regs *regs) |
| 828 | if (!arch_irq_disabled_regs(regs)) |
| 829 | local_irq_enable(); |
| 830 | |
| 831 | + if (tm_abort_check(regs, TM_CAUSE_ALIGNMENT | TM_CAUSE_PERSISTENT)) |
| 832 | + goto bail; |
| 833 | + |
| 834 | /* we don't implement logging of alignment exceptions */ |
| 835 | if (!(current->thread.align_ctl & PR_UNALIGN_SIGBUS)) |
| 836 | fixed = fix_alignment(regs); |
| 837 | diff --git a/arch/powerpc/platforms/pseries/Kconfig b/arch/powerpc/platforms/pseries/Kconfig |
| 838 | index 9a0941b..b9fd0d3 100644 |
| 839 | --- a/arch/powerpc/platforms/pseries/Kconfig |
| 840 | +++ b/arch/powerpc/platforms/pseries/Kconfig |
| 841 | @@ -18,6 +18,8 @@ config PPC_PSERIES |
| 842 | select PPC_PCI_CHOICE if EXPERT |
| 843 | select ZLIB_DEFLATE |
| 844 | select PPC_DOORBELL |
| 845 | + select HOTPLUG if SMP |
| 846 | + select HOTPLUG_CPU if SMP |
| 847 | default y |
| 848 | |
| 849 | config PPC_SPLPAR |
| 850 | diff --git a/arch/s390/include/asm/pgtable.h b/arch/s390/include/asm/pgtable.h |
| 851 | index 3cb47cf..fd80015 100644 |
| 852 | --- a/arch/s390/include/asm/pgtable.h |
| 853 | +++ b/arch/s390/include/asm/pgtable.h |
| 854 | @@ -637,7 +637,7 @@ static inline pgste_t pgste_update_all(pte_t *ptep, pgste_t pgste) |
| 855 | unsigned long address, bits; |
| 856 | unsigned char skey; |
| 857 | |
| 858 | - if (!pte_present(*ptep)) |
| 859 | + if (pte_val(*ptep) & _PAGE_INVALID) |
| 860 | return pgste; |
| 861 | address = pte_val(*ptep) & PAGE_MASK; |
| 862 | skey = page_get_storage_key(address); |
| 863 | @@ -671,7 +671,7 @@ static inline pgste_t pgste_update_young(pte_t *ptep, pgste_t pgste) |
| 864 | #ifdef CONFIG_PGSTE |
| 865 | int young; |
| 866 | |
| 867 | - if (!pte_present(*ptep)) |
| 868 | + if (pte_val(*ptep) & _PAGE_INVALID) |
| 869 | return pgste; |
| 870 | /* Get referenced bit from storage key */ |
| 871 | young = page_reset_referenced(pte_val(*ptep) & PAGE_MASK); |
| 872 | @@ -697,7 +697,7 @@ static inline void pgste_set_key(pte_t *ptep, pgste_t pgste, pte_t entry) |
| 873 | unsigned long address; |
| 874 | unsigned long okey, nkey; |
| 875 | |
| 876 | - if (!pte_present(entry)) |
| 877 | + if (pte_val(entry) & _PAGE_INVALID) |
| 878 | return; |
| 879 | address = pte_val(entry) & PAGE_MASK; |
| 880 | okey = nkey = page_get_storage_key(address); |
| 881 | @@ -1072,6 +1072,9 @@ static inline pte_t ptep_modify_prot_start(struct mm_struct *mm, |
| 882 | pte = *ptep; |
| 883 | if (!mm_exclusive(mm)) |
| 884 | __ptep_ipte(address, ptep); |
| 885 | + |
| 886 | + if (mm_has_pgste(mm)) |
| 887 | + pgste = pgste_update_all(&pte, pgste); |
| 888 | return pte; |
| 889 | } |
| 890 | |
| 891 | @@ -1079,9 +1082,13 @@ static inline void ptep_modify_prot_commit(struct mm_struct *mm, |
| 892 | unsigned long address, |
| 893 | pte_t *ptep, pte_t pte) |
| 894 | { |
| 895 | + pgste_t pgste; |
| 896 | + |
| 897 | if (mm_has_pgste(mm)) { |
| 898 | + pgste = *(pgste_t *)(ptep + PTRS_PER_PTE); |
| 899 | + pgste_set_key(ptep, pgste, pte); |
| 900 | pgste_set_pte(ptep, pte); |
| 901 | - pgste_set_unlock(ptep, *(pgste_t *)(ptep + PTRS_PER_PTE)); |
| 902 | + pgste_set_unlock(ptep, pgste); |
| 903 | } else |
| 904 | *ptep = pte; |
| 905 | } |
| 906 | diff --git a/arch/x86/crypto/crc32-pclmul_asm.S b/arch/x86/crypto/crc32-pclmul_asm.S |
| 907 | index c8335014..c18c398 100644 |
| 908 | --- a/arch/x86/crypto/crc32-pclmul_asm.S |
| 909 | +++ b/arch/x86/crypto/crc32-pclmul_asm.S |
| 910 | @@ -241,6 +241,6 @@ fold_64: |
| 911 | pand %xmm3, %xmm1 |
| 912 | PCLMULQDQ 0x00, CONSTANT, %xmm1 |
| 913 | pxor %xmm2, %xmm1 |
| 914 | - pextrd $0x01, %xmm1, %eax |
| 915 | + PEXTRD 0x01, %xmm1, %eax |
| 916 | |
| 917 | ret |
| 918 | diff --git a/arch/x86/include/asm/inst.h b/arch/x86/include/asm/inst.h |
| 919 | index 280bf7f..3e11527 100644 |
| 920 | --- a/arch/x86/include/asm/inst.h |
| 921 | +++ b/arch/x86/include/asm/inst.h |
| 922 | @@ -9,12 +9,68 @@ |
| 923 | |
| 924 | #define REG_NUM_INVALID 100 |
| 925 | |
| 926 | -#define REG_TYPE_R64 0 |
| 927 | -#define REG_TYPE_XMM 1 |
| 928 | +#define REG_TYPE_R32 0 |
| 929 | +#define REG_TYPE_R64 1 |
| 930 | +#define REG_TYPE_XMM 2 |
| 931 | #define REG_TYPE_INVALID 100 |
| 932 | |
| 933 | + .macro R32_NUM opd r32 |
| 934 | + \opd = REG_NUM_INVALID |
| 935 | + .ifc \r32,%eax |
| 936 | + \opd = 0 |
| 937 | + .endif |
| 938 | + .ifc \r32,%ecx |
| 939 | + \opd = 1 |
| 940 | + .endif |
| 941 | + .ifc \r32,%edx |
| 942 | + \opd = 2 |
| 943 | + .endif |
| 944 | + .ifc \r32,%ebx |
| 945 | + \opd = 3 |
| 946 | + .endif |
| 947 | + .ifc \r32,%esp |
| 948 | + \opd = 4 |
| 949 | + .endif |
| 950 | + .ifc \r32,%ebp |
| 951 | + \opd = 5 |
| 952 | + .endif |
| 953 | + .ifc \r32,%esi |
| 954 | + \opd = 6 |
| 955 | + .endif |
| 956 | + .ifc \r32,%edi |
| 957 | + \opd = 7 |
| 958 | + .endif |
| 959 | +#ifdef CONFIG_X86_64 |
| 960 | + .ifc \r32,%r8d |
| 961 | + \opd = 8 |
| 962 | + .endif |
| 963 | + .ifc \r32,%r9d |
| 964 | + \opd = 9 |
| 965 | + .endif |
| 966 | + .ifc \r32,%r10d |
| 967 | + \opd = 10 |
| 968 | + .endif |
| 969 | + .ifc \r32,%r11d |
| 970 | + \opd = 11 |
| 971 | + .endif |
| 972 | + .ifc \r32,%r12d |
| 973 | + \opd = 12 |
| 974 | + .endif |
| 975 | + .ifc \r32,%r13d |
| 976 | + \opd = 13 |
| 977 | + .endif |
| 978 | + .ifc \r32,%r14d |
| 979 | + \opd = 14 |
| 980 | + .endif |
| 981 | + .ifc \r32,%r15d |
| 982 | + \opd = 15 |
| 983 | + .endif |
| 984 | +#endif |
| 985 | + .endm |
| 986 | + |
| 987 | .macro R64_NUM opd r64 |
| 988 | \opd = REG_NUM_INVALID |
| 989 | +#ifdef CONFIG_X86_64 |
| 990 | .ifc \r64,%rax |
| 991 | \opd = 0 |
| 992 | .endif |
| 993 | @@ -63,6 +119,7 @@ |
| 994 | .ifc \r64,%r15 |
| 995 | \opd = 15 |
| 996 | .endif |
| 997 | +#endif |
| 998 | .endm |
| 999 | |
| 1000 | .macro XMM_NUM opd xmm |
| 1001 | @@ -118,10 +175,13 @@ |
| 1002 | .endm |
| 1003 | |
| 1004 | .macro REG_TYPE type reg |
| 1005 | + R32_NUM reg_type_r32 \reg |
| 1006 | R64_NUM reg_type_r64 \reg |
| 1007 | XMM_NUM reg_type_xmm \reg |
| 1008 | .if reg_type_r64 <> REG_NUM_INVALID |
| 1009 | \type = REG_TYPE_R64 |
| 1010 | + .elseif reg_type_r32 <> REG_NUM_INVALID |
| 1011 | + \type = REG_TYPE_R32 |
| 1012 | .elseif reg_type_xmm <> REG_NUM_INVALID |
| 1013 | \type = REG_TYPE_XMM |
| 1014 | .else |
| 1015 | @@ -162,6 +222,16 @@ |
| 1016 | .byte \imm8 |
| 1017 | .endm |
| 1018 | |
| 1019 | + .macro PEXTRD imm8 xmm gpr |
| 1020 | + R32_NUM extrd_opd1 \gpr |
| 1021 | + XMM_NUM extrd_opd2 \xmm |
| 1022 | + PFX_OPD_SIZE |
| 1023 | + PFX_REX extrd_opd1 extrd_opd2 |
| 1024 | + .byte 0x0f, 0x3a, 0x16 |
| 1025 | + MODRM 0xc0 extrd_opd1 extrd_opd2 |
| 1026 | + .byte \imm8 |
| 1027 | + .endm |
| 1028 | + |
| 1029 | .macro AESKEYGENASSIST rcon xmm1 xmm2 |
| 1030 | XMM_NUM aeskeygen_opd1 \xmm1 |
| 1031 | XMM_NUM aeskeygen_opd2 \xmm2 |
| 1032 | diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S |
| 1033 | index 08f7e80..321d65e 100644 |
| 1034 | --- a/arch/x86/kernel/head_64.S |
| 1035 | +++ b/arch/x86/kernel/head_64.S |
| 1036 | @@ -115,8 +115,10 @@ startup_64: |
| 1037 | movq %rdi, %rax |
| 1038 | shrq $PUD_SHIFT, %rax |
| 1039 | andl $(PTRS_PER_PUD-1), %eax |
| 1040 | - movq %rdx, (4096+0)(%rbx,%rax,8) |
| 1041 | - movq %rdx, (4096+8)(%rbx,%rax,8) |
| 1042 | + movq %rdx, 4096(%rbx,%rax,8) |
| 1043 | + incl %eax |
| 1044 | + andl $(PTRS_PER_PUD-1), %eax |
| 1045 | + movq %rdx, 4096(%rbx,%rax,8) |
| 1046 | |
| 1047 | addq $8192, %rbx |
| 1048 | movq %rdi, %rax |
| 1049 | diff --git a/arch/x86/kernel/i387.c b/arch/x86/kernel/i387.c |
| 1050 | index 245a71d..cb33909 100644 |
| 1051 | --- a/arch/x86/kernel/i387.c |
| 1052 | +++ b/arch/x86/kernel/i387.c |
| 1053 | @@ -22,23 +22,19 @@ |
| 1054 | /* |
| 1055 | * Were we in an interrupt that interrupted kernel mode? |
| 1056 | * |
| 1057 | - * For now, with eagerfpu we will return interrupted kernel FPU |
| 1058 | - * state as not-idle. TBD: Ideally we can change the return value |
| 1059 | - * to something like __thread_has_fpu(current). But we need to |
| 1060 | - * be careful of doing __thread_clear_has_fpu() before saving |
| 1061 | - * the FPU etc for supporting nested uses etc. For now, take |
| 1062 | - * the simple route! |
| 1063 | - * |
| 1064 | * On others, we can do a kernel_fpu_begin/end() pair *ONLY* if that |
| 1065 | * pair does nothing at all: the thread must not have fpu (so |
| 1066 | * that we don't try to save the FPU state), and TS must |
| 1067 | * be set (so that the clts/stts pair does nothing that is |
| 1068 | * visible in the interrupted kernel thread). |
| 1069 | + * |
| 1070 | + * Except for the eagerfpu case when we return 1 unless we've already |
| 1071 | + * been eager and saved the state in kernel_fpu_begin(). |
| 1072 | */ |
| 1073 | static inline bool interrupted_kernel_fpu_idle(void) |
| 1074 | { |
| 1075 | if (use_eager_fpu()) |
| 1076 | - return 0; |
| 1077 | + return __thread_has_fpu(current); |
| 1078 | |
| 1079 | return !__thread_has_fpu(current) && |
| 1080 | (read_cr0() & X86_CR0_TS); |
| 1081 | @@ -78,8 +74,8 @@ void __kernel_fpu_begin(void) |
| 1082 | struct task_struct *me = current; |
| 1083 | |
| 1084 | if (__thread_has_fpu(me)) { |
| 1085 | - __save_init_fpu(me); |
| 1086 | __thread_clear_has_fpu(me); |
| 1087 | + __save_init_fpu(me); |
| 1088 | /* We do 'stts()' in __kernel_fpu_end() */ |
| 1089 | } else if (!use_eager_fpu()) { |
| 1090 | this_cpu_write(fpu_owner_task, NULL); |
| 1091 | diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c |
| 1092 | index 59622c9..698eece 100644 |
| 1093 | --- a/arch/x86/kvm/emulate.c |
| 1094 | +++ b/arch/x86/kvm/emulate.c |
| 1095 | @@ -1239,9 +1239,12 @@ static int decode_modrm(struct x86_emulate_ctxt *ctxt, |
| 1096 | ctxt->modrm_seg = VCPU_SREG_DS; |
| 1097 | |
| 1098 | if (ctxt->modrm_mod == 3) { |
| 1099 | + int highbyte_regs = ctxt->rex_prefix == 0; |
| 1100 | + |
| 1101 | op->type = OP_REG; |
| 1102 | op->bytes = (ctxt->d & ByteOp) ? 1 : ctxt->op_bytes; |
| 1103 | - op->addr.reg = decode_register(ctxt, ctxt->modrm_rm, ctxt->d & ByteOp); |
| 1104 | + op->addr.reg = decode_register(ctxt, ctxt->modrm_rm, |
| 1105 | + highbyte_regs && (ctxt->d & ByteOp)); |
| 1106 | if (ctxt->d & Sse) { |
| 1107 | op->type = OP_XMM; |
| 1108 | op->bytes = 16; |
| 1109 | @@ -3987,7 +3990,8 @@ static const struct opcode twobyte_table[256] = { |
| 1110 | DI(ImplicitOps | Priv, invd), DI(ImplicitOps | Priv, wbinvd), N, N, |
| 1111 | N, D(ImplicitOps | ModRM), N, N, |
| 1112 | /* 0x10 - 0x1F */ |
| 1113 | - N, N, N, N, N, N, N, N, D(ImplicitOps | ModRM), N, N, N, N, N, N, N, |
| 1114 | + N, N, N, N, N, N, N, N, |
| 1115 | + D(ImplicitOps | ModRM), N, N, N, N, N, N, D(ImplicitOps | ModRM), |
| 1116 | /* 0x20 - 0x2F */ |
| 1117 | DIP(ModRM | DstMem | Priv | Op3264, cr_read, check_cr_read), |
| 1118 | DIP(ModRM | DstMem | Priv | Op3264, dr_read, check_dr_read), |
| 1119 | @@ -4825,6 +4829,7 @@ twobyte_insn: |
| 1120 | case 0x08: /* invd */ |
| 1121 | case 0x0d: /* GrpP (prefetch) */ |
| 1122 | case 0x18: /* Grp16 (prefetch/nop) */ |
| 1123 | + case 0x1f: /* nop */ |
| 1124 | break; |
| 1125 | case 0x20: /* mov cr, reg */ |
| 1126 | ctxt->dst.val = ops->get_cr(ctxt, ctxt->modrm_reg); |
| 1127 | diff --git a/drivers/acpi/Makefile b/drivers/acpi/Makefile |
| 1128 | index 474fcfe..eb8278a 100644 |
| 1129 | --- a/drivers/acpi/Makefile |
| 1130 | +++ b/drivers/acpi/Makefile |
| 1131 | @@ -24,7 +24,7 @@ acpi-y += nvs.o |
| 1132 | # Power management related files |
| 1133 | acpi-y += wakeup.o |
| 1134 | acpi-y += sleep.o |
| 1135 | -acpi-$(CONFIG_PM) += device_pm.o |
| 1136 | +acpi-y += device_pm.o |
| 1137 | acpi-$(CONFIG_ACPI_SLEEP) += proc.o |
| 1138 | |
| 1139 | |
| 1140 | diff --git a/drivers/acpi/device_pm.c b/drivers/acpi/device_pm.c |
| 1141 | index dd314ef..557e58d 100644 |
| 1142 | --- a/drivers/acpi/device_pm.c |
| 1143 | +++ b/drivers/acpi/device_pm.c |
| 1144 | @@ -37,68 +37,6 @@ |
| 1145 | #define _COMPONENT ACPI_POWER_COMPONENT |
| 1146 | ACPI_MODULE_NAME("device_pm"); |
| 1147 | |
| 1148 | -static DEFINE_MUTEX(acpi_pm_notifier_lock); |
| 1149 | - |
| 1150 | -/** |
| 1151 | - * acpi_add_pm_notifier - Register PM notifier for given ACPI device. |
| 1152 | - * @adev: ACPI device to add the notifier for. |
| 1153 | - * @context: Context information to pass to the notifier routine. |
| 1154 | - * |
| 1155 | - * NOTE: @adev need not be a run-wake or wakeup device to be a valid source of |
| 1156 | - * PM wakeup events. For example, wakeup events may be generated for bridges |
| 1157 | - * if one of the devices below the bridge is signaling wakeup, even if the |
| 1158 | - * bridge itself doesn't have a wakeup GPE associated with it. |
| 1159 | - */ |
| 1160 | -acpi_status acpi_add_pm_notifier(struct acpi_device *adev, |
| 1161 | - acpi_notify_handler handler, void *context) |
| 1162 | -{ |
| 1163 | - acpi_status status = AE_ALREADY_EXISTS; |
| 1164 | - |
| 1165 | - mutex_lock(&acpi_pm_notifier_lock); |
| 1166 | - |
| 1167 | - if (adev->wakeup.flags.notifier_present) |
| 1168 | - goto out; |
| 1169 | - |
| 1170 | - status = acpi_install_notify_handler(adev->handle, |
| 1171 | - ACPI_SYSTEM_NOTIFY, |
| 1172 | - handler, context); |
| 1173 | - if (ACPI_FAILURE(status)) |
| 1174 | - goto out; |
| 1175 | - |
| 1176 | - adev->wakeup.flags.notifier_present = true; |
| 1177 | - |
| 1178 | - out: |
| 1179 | - mutex_unlock(&acpi_pm_notifier_lock); |
| 1180 | - return status; |
| 1181 | -} |
| 1182 | - |
| 1183 | -/** |
| 1184 | - * acpi_remove_pm_notifier - Unregister PM notifier from given ACPI device. |
| 1185 | - * @adev: ACPI device to remove the notifier from. |
| 1186 | - */ |
| 1187 | -acpi_status acpi_remove_pm_notifier(struct acpi_device *adev, |
| 1188 | - acpi_notify_handler handler) |
| 1189 | -{ |
| 1190 | - acpi_status status = AE_BAD_PARAMETER; |
| 1191 | - |
| 1192 | - mutex_lock(&acpi_pm_notifier_lock); |
| 1193 | - |
| 1194 | - if (!adev->wakeup.flags.notifier_present) |
| 1195 | - goto out; |
| 1196 | - |
| 1197 | - status = acpi_remove_notify_handler(adev->handle, |
| 1198 | - ACPI_SYSTEM_NOTIFY, |
| 1199 | - handler); |
| 1200 | - if (ACPI_FAILURE(status)) |
| 1201 | - goto out; |
| 1202 | - |
| 1203 | - adev->wakeup.flags.notifier_present = false; |
| 1204 | - |
| 1205 | - out: |
| 1206 | - mutex_unlock(&acpi_pm_notifier_lock); |
| 1207 | - return status; |
| 1208 | -} |
| 1209 | - |
| 1210 | /** |
| 1211 | * acpi_power_state_string - String representation of ACPI device power state. |
| 1212 | * @state: ACPI device power state to return the string representation of. |
| 1213 | @@ -376,6 +314,69 @@ bool acpi_bus_power_manageable(acpi_handle handle) |
| 1214 | } |
| 1215 | EXPORT_SYMBOL(acpi_bus_power_manageable); |
| 1216 | |
| 1217 | +#ifdef CONFIG_PM |
| 1218 | +static DEFINE_MUTEX(acpi_pm_notifier_lock); |
| 1219 | + |
| 1220 | +/** |
| 1221 | + * acpi_add_pm_notifier - Register PM notifier for given ACPI device. |
| 1222 | + * @adev: ACPI device to add the notifier for. |
| 1223 | + * @context: Context information to pass to the notifier routine. |
| 1224 | + * |
| 1225 | + * NOTE: @adev need not be a run-wake or wakeup device to be a valid source of |
| 1226 | + * PM wakeup events. For example, wakeup events may be generated for bridges |
| 1227 | + * if one of the devices below the bridge is signaling wakeup, even if the |
| 1228 | + * bridge itself doesn't have a wakeup GPE associated with it. |
| 1229 | + */ |
| 1230 | +acpi_status acpi_add_pm_notifier(struct acpi_device *adev, |
| 1231 | + acpi_notify_handler handler, void *context) |
| 1232 | +{ |
| 1233 | + acpi_status status = AE_ALREADY_EXISTS; |
| 1234 | + |
| 1235 | + mutex_lock(&acpi_pm_notifier_lock); |
| 1236 | + |
| 1237 | + if (adev->wakeup.flags.notifier_present) |
| 1238 | + goto out; |
| 1239 | + |
| 1240 | + status = acpi_install_notify_handler(adev->handle, |
| 1241 | + ACPI_SYSTEM_NOTIFY, |
| 1242 | + handler, context); |
| 1243 | + if (ACPI_FAILURE(status)) |
| 1244 | + goto out; |
| 1245 | + |
| 1246 | + adev->wakeup.flags.notifier_present = true; |
| 1247 | + |
| 1248 | + out: |
| 1249 | + mutex_unlock(&acpi_pm_notifier_lock); |
| 1250 | + return status; |
| 1251 | +} |
| 1252 | + |
| 1253 | +/** |
| 1254 | + * acpi_remove_pm_notifier - Unregister PM notifier from given ACPI device. |
| 1255 | + * @adev: ACPI device to remove the notifier from. |
| 1256 | + */ |
| 1257 | +acpi_status acpi_remove_pm_notifier(struct acpi_device *adev, |
| 1258 | + acpi_notify_handler handler) |
| 1259 | +{ |
| 1260 | + acpi_status status = AE_BAD_PARAMETER; |
| 1261 | + |
| 1262 | + mutex_lock(&acpi_pm_notifier_lock); |
| 1263 | + |
| 1264 | + if (!adev->wakeup.flags.notifier_present) |
| 1265 | + goto out; |
| 1266 | + |
| 1267 | + status = acpi_remove_notify_handler(adev->handle, |
| 1268 | + ACPI_SYSTEM_NOTIFY, |
| 1269 | + handler); |
| 1270 | + if (ACPI_FAILURE(status)) |
| 1271 | + goto out; |
| 1272 | + |
| 1273 | + adev->wakeup.flags.notifier_present = false; |
| 1274 | + |
| 1275 | + out: |
| 1276 | + mutex_unlock(&acpi_pm_notifier_lock); |
| 1277 | + return status; |
| 1278 | +} |
| 1279 | + |
| 1280 | bool acpi_bus_can_wakeup(acpi_handle handle) |
| 1281 | { |
| 1282 | struct acpi_device *device; |
| 1283 | @@ -1014,3 +1015,4 @@ void acpi_dev_pm_remove_dependent(acpi_handle handle, struct device *depdev) |
| 1284 | mutex_unlock(&adev->physical_node_lock); |
| 1285 | } |
| 1286 | EXPORT_SYMBOL_GPL(acpi_dev_pm_remove_dependent); |
| 1287 | +#endif /* CONFIG_PM */ |
| 1288 | diff --git a/drivers/acpi/video_detect.c b/drivers/acpi/video_detect.c |
| 1289 | index 4ac2593..abcae69 100644 |
| 1290 | --- a/drivers/acpi/video_detect.c |
| 1291 | +++ b/drivers/acpi/video_detect.c |
| 1292 | @@ -164,6 +164,14 @@ static struct dmi_system_id video_detect_dmi_table[] = { |
| 1293 | DMI_MATCH(DMI_PRODUCT_NAME, "UL30VT"), |
| 1294 | }, |
| 1295 | }, |
| 1296 | + { |
| 1297 | + .callback = video_detect_force_vendor, |
| 1298 | + .ident = "Asus UL30A", |
| 1299 | + .matches = { |
| 1300 | + DMI_MATCH(DMI_SYS_VENDOR, "ASUSTeK Computer Inc."), |
| 1301 | + DMI_MATCH(DMI_PRODUCT_NAME, "UL30A"), |
| 1302 | + }, |
| 1303 | + }, |
| 1304 | { }, |
| 1305 | }; |
| 1306 | |
| 1307 | diff --git a/drivers/ata/ata_piix.c b/drivers/ata/ata_piix.c |
| 1308 | index 2f48123..93cb092 100644 |
| 1309 | --- a/drivers/ata/ata_piix.c |
| 1310 | +++ b/drivers/ata/ata_piix.c |
| 1311 | @@ -151,6 +151,7 @@ enum piix_controller_ids { |
| 1312 | piix_pata_vmw, /* PIIX4 for VMware, spurious DMA_ERR */ |
| 1313 | ich8_sata_snb, |
| 1314 | ich8_2port_sata_snb, |
| 1315 | + ich8_2port_sata_byt, |
| 1316 | }; |
| 1317 | |
| 1318 | struct piix_map_db { |
| 1319 | @@ -334,6 +335,9 @@ static const struct pci_device_id piix_pci_tbl[] = { |
| 1320 | { 0x8086, 0x8d60, PCI_ANY_ID, PCI_ANY_ID, 0, 0, ich8_sata_snb }, |
| 1321 | /* SATA Controller IDE (Wellsburg) */ |
| 1322 | { 0x8086, 0x8d68, PCI_ANY_ID, PCI_ANY_ID, 0, 0, ich8_2port_sata }, |
| 1323 | + /* SATA Controller IDE (BayTrail) */ |
| 1324 | + { 0x8086, 0x0F20, PCI_ANY_ID, PCI_ANY_ID, 0, 0, ich8_2port_sata_byt }, |
| 1325 | + { 0x8086, 0x0F21, PCI_ANY_ID, PCI_ANY_ID, 0, 0, ich8_2port_sata_byt }, |
| 1326 | |
| 1327 | { } /* terminate list */ |
| 1328 | }; |
| 1329 | @@ -441,6 +445,7 @@ static const struct piix_map_db *piix_map_db_table[] = { |
| 1330 | [tolapai_sata] = &tolapai_map_db, |
| 1331 | [ich8_sata_snb] = &ich8_map_db, |
| 1332 | [ich8_2port_sata_snb] = &ich8_2port_map_db, |
| 1333 | + [ich8_2port_sata_byt] = &ich8_2port_map_db, |
| 1334 | }; |
| 1335 | |
| 1336 | static struct pci_bits piix_enable_bits[] = { |
| 1337 | @@ -1254,6 +1259,16 @@ static struct ata_port_info piix_port_info[] = { |
| 1338 | .udma_mask = ATA_UDMA6, |
| 1339 | .port_ops = &piix_sata_ops, |
| 1340 | }, |
| 1341 | + |
| 1342 | + [ich8_2port_sata_byt] = |
| 1343 | + { |
| 1344 | + .flags = PIIX_SATA_FLAGS | PIIX_FLAG_SIDPR | PIIX_FLAG_PIO16, |
| 1345 | + .pio_mask = ATA_PIO4, |
| 1346 | + .mwdma_mask = ATA_MWDMA2, |
| 1347 | + .udma_mask = ATA_UDMA6, |
| 1348 | + .port_ops = &piix_sata_ops, |
| 1349 | + }, |
| 1350 | + |
| 1351 | }; |
| 1352 | |
| 1353 | #define AHCI_PCI_BAR 5 |
| 1354 | diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c |
| 1355 | index 63c743b..cf15aee 100644 |
| 1356 | --- a/drivers/ata/libata-core.c |
| 1357 | +++ b/drivers/ata/libata-core.c |
| 1358 | @@ -1602,6 +1602,12 @@ unsigned ata_exec_internal_sg(struct ata_device *dev, |
| 1359 | qc->tf = *tf; |
| 1360 | if (cdb) |
| 1361 | memcpy(qc->cdb, cdb, ATAPI_CDB_LEN); |
| 1362 | + |
| 1363 | + /* some SATA bridges need us to indicate data xfer direction */ |
| 1364 | + if (tf->protocol == ATAPI_PROT_DMA && (dev->flags & ATA_DFLAG_DMADIR) && |
| 1365 | + dma_dir == DMA_FROM_DEVICE) |
| 1366 | + qc->tf.feature |= ATAPI_DMADIR; |
| 1367 | + |
| 1368 | qc->flags |= ATA_QCFLAG_RESULT_TF; |
| 1369 | qc->dma_dir = dma_dir; |
| 1370 | if (dma_dir != DMA_NONE) { |
| 1371 | diff --git a/drivers/ata/sata_rcar.c b/drivers/ata/sata_rcar.c |
| 1372 | index caf33f6..d7b77e0 100644 |
| 1373 | --- a/drivers/ata/sata_rcar.c |
| 1374 | +++ b/drivers/ata/sata_rcar.c |
| 1375 | @@ -548,6 +548,7 @@ static void sata_rcar_bmdma_start(struct ata_queued_cmd *qc) |
| 1376 | |
| 1377 | /* start host DMA transaction */ |
| 1378 | dmactl = ioread32(priv->base + ATAPI_CONTROL1_REG); |
| 1379 | + dmactl &= ~ATAPI_CONTROL1_STOP; |
| 1380 | dmactl |= ATAPI_CONTROL1_START; |
| 1381 | iowrite32(dmactl, priv->base + ATAPI_CONTROL1_REG); |
| 1382 | } |
| 1383 | @@ -617,17 +618,16 @@ static struct ata_port_operations sata_rcar_port_ops = { |
| 1384 | .bmdma_status = sata_rcar_bmdma_status, |
| 1385 | }; |
| 1386 | |
| 1387 | -static int sata_rcar_serr_interrupt(struct ata_port *ap) |
| 1388 | +static void sata_rcar_serr_interrupt(struct ata_port *ap) |
| 1389 | { |
| 1390 | struct sata_rcar_priv *priv = ap->host->private_data; |
| 1391 | struct ata_eh_info *ehi = &ap->link.eh_info; |
| 1392 | int freeze = 0; |
| 1393 | - int handled = 0; |
| 1394 | u32 serror; |
| 1395 | |
| 1396 | serror = ioread32(priv->base + SCRSERR_REG); |
| 1397 | if (!serror) |
| 1398 | - return 0; |
| 1399 | + return; |
| 1400 | |
| 1401 | DPRINTK("SError @host_intr: 0x%x\n", serror); |
| 1402 | |
| 1403 | @@ -640,7 +640,6 @@ static int sata_rcar_serr_interrupt(struct ata_port *ap) |
| 1404 | ata_ehi_push_desc(ehi, "%s", "hotplug"); |
| 1405 | |
| 1406 | freeze = serror & SERR_COMM_WAKE ? 0 : 1; |
| 1407 | - handled = 1; |
| 1408 | } |
| 1409 | |
| 1410 | /* freeze or abort */ |
| 1411 | @@ -648,11 +647,9 @@ static int sata_rcar_serr_interrupt(struct ata_port *ap) |
| 1412 | ata_port_freeze(ap); |
| 1413 | else |
| 1414 | ata_port_abort(ap); |
| 1415 | - |
| 1416 | - return handled; |
| 1417 | } |
| 1418 | |
| 1419 | -static int sata_rcar_ata_interrupt(struct ata_port *ap) |
| 1420 | +static void sata_rcar_ata_interrupt(struct ata_port *ap) |
| 1421 | { |
| 1422 | struct ata_queued_cmd *qc; |
| 1423 | int handled = 0; |
| 1424 | @@ -661,7 +658,9 @@ static int sata_rcar_ata_interrupt(struct ata_port *ap) |
| 1425 | if (qc) |
| 1426 | handled |= ata_bmdma_port_intr(ap, qc); |
| 1427 | |
| 1428 | - return handled; |
| 1429 | + /* be sure to clear ATA interrupt */ |
| 1430 | + if (!handled) |
| 1431 | + sata_rcar_check_status(ap); |
| 1432 | } |
| 1433 | |
| 1434 | static irqreturn_t sata_rcar_interrupt(int irq, void *dev_instance) |
| 1435 | @@ -676,20 +675,21 @@ static irqreturn_t sata_rcar_interrupt(int irq, void *dev_instance) |
| 1436 | spin_lock_irqsave(&host->lock, flags); |
| 1437 | |
| 1438 | sataintstat = ioread32(priv->base + SATAINTSTAT_REG); |
| 1439 | + sataintstat &= SATA_RCAR_INT_MASK; |
| 1440 | if (!sataintstat) |
| 1441 | goto done; |
| 1442 | /* ack */ |
| 1443 | - iowrite32(sataintstat & ~SATA_RCAR_INT_MASK, |
| 1444 | - priv->base + SATAINTSTAT_REG); |
| 1445 | + iowrite32(~sataintstat & 0x7ff, priv->base + SATAINTSTAT_REG); |
| 1446 | |
| 1447 | ap = host->ports[0]; |
| 1448 | |
| 1449 | if (sataintstat & SATAINTSTAT_ATA) |
| 1450 | - handled |= sata_rcar_ata_interrupt(ap); |
| 1451 | + sata_rcar_ata_interrupt(ap); |
| 1452 | |
| 1453 | if (sataintstat & SATAINTSTAT_SERR) |
| 1454 | - handled |= sata_rcar_serr_interrupt(ap); |
| 1455 | + sata_rcar_serr_interrupt(ap); |
| 1456 | |
| 1457 | + handled = 1; |
| 1458 | done: |
| 1459 | spin_unlock_irqrestore(&host->lock, flags); |
| 1460 | |
| 1461 | diff --git a/drivers/block/brd.c b/drivers/block/brd.c |
| 1462 | index 531ceb3..4e8213a 100644 |
| 1463 | --- a/drivers/block/brd.c |
| 1464 | +++ b/drivers/block/brd.c |
| 1465 | @@ -117,13 +117,13 @@ static struct page *brd_insert_page(struct brd_device *brd, sector_t sector) |
| 1466 | |
| 1467 | spin_lock(&brd->brd_lock); |
| 1468 | idx = sector >> PAGE_SECTORS_SHIFT; |
| 1469 | + page->index = idx; |
| 1470 | if (radix_tree_insert(&brd->brd_pages, idx, page)) { |
| 1471 | __free_page(page); |
| 1472 | page = radix_tree_lookup(&brd->brd_pages, idx); |
| 1473 | BUG_ON(!page); |
| 1474 | BUG_ON(page->index != idx); |
| 1475 | - } else |
| 1476 | - page->index = idx; |
| 1477 | + } |
| 1478 | spin_unlock(&brd->brd_lock); |
| 1479 | |
| 1480 | radix_tree_preload_end(); |
| 1481 | diff --git a/drivers/char/random.c b/drivers/char/random.c |
| 1482 | index 32a6c57..eccd7cc 100644 |
| 1483 | --- a/drivers/char/random.c |
| 1484 | +++ b/drivers/char/random.c |
| 1485 | @@ -865,16 +865,24 @@ static size_t account(struct entropy_store *r, size_t nbytes, int min, |
| 1486 | if (r->entropy_count / 8 < min + reserved) { |
| 1487 | nbytes = 0; |
| 1488 | } else { |
| 1489 | + int entropy_count, orig; |
| 1490 | +retry: |
| 1491 | + entropy_count = orig = ACCESS_ONCE(r->entropy_count); |
| 1492 | /* If limited, never pull more than available */ |
| 1493 | - if (r->limit && nbytes + reserved >= r->entropy_count / 8) |
| 1494 | - nbytes = r->entropy_count/8 - reserved; |
| 1495 | - |
| 1496 | - if (r->entropy_count / 8 >= nbytes + reserved) |
| 1497 | - r->entropy_count -= nbytes*8; |
| 1498 | - else |
| 1499 | - r->entropy_count = reserved; |
| 1500 | + if (r->limit && nbytes + reserved >= entropy_count / 8) |
| 1501 | + nbytes = entropy_count/8 - reserved; |
| 1502 | + |
| 1503 | + if (entropy_count / 8 >= nbytes + reserved) { |
| 1504 | + entropy_count -= nbytes*8; |
| 1505 | + if (cmpxchg(&r->entropy_count, orig, entropy_count) != orig) |
| 1506 | + goto retry; |
| 1507 | + } else { |
| 1508 | + entropy_count = reserved; |
| 1509 | + if (cmpxchg(&r->entropy_count, orig, entropy_count) != orig) |
| 1510 | + goto retry; |
| 1511 | + } |
| 1512 | |
| 1513 | - if (r->entropy_count < random_write_wakeup_thresh) |
| 1514 | + if (entropy_count < random_write_wakeup_thresh) |
| 1515 | wakeup_write = 1; |
| 1516 | } |
| 1517 | |
| 1518 | @@ -957,10 +965,23 @@ static ssize_t extract_entropy(struct entropy_store *r, void *buf, |
| 1519 | { |
| 1520 | ssize_t ret = 0, i; |
| 1521 | __u8 tmp[EXTRACT_SIZE]; |
| 1522 | + unsigned long flags; |
| 1523 | |
| 1524 | /* if last_data isn't primed, we need EXTRACT_SIZE extra bytes */ |
| 1525 | - if (fips_enabled && !r->last_data_init) |
| 1526 | - nbytes += EXTRACT_SIZE; |
| 1527 | + if (fips_enabled) { |
| 1528 | + spin_lock_irqsave(&r->lock, flags); |
| 1529 | + if (!r->last_data_init) { |
| 1530 | + r->last_data_init = true; |
| 1531 | + spin_unlock_irqrestore(&r->lock, flags); |
| 1532 | + trace_extract_entropy(r->name, EXTRACT_SIZE, |
| 1533 | + r->entropy_count, _RET_IP_); |
| 1534 | + xfer_secondary_pool(r, EXTRACT_SIZE); |
| 1535 | + extract_buf(r, tmp); |
| 1536 | + spin_lock_irqsave(&r->lock, flags); |
| 1537 | + memcpy(r->last_data, tmp, EXTRACT_SIZE); |
| 1538 | + } |
| 1539 | + spin_unlock_irqrestore(&r->lock, flags); |
| 1540 | + } |
| 1541 | |
| 1542 | trace_extract_entropy(r->name, nbytes, r->entropy_count, _RET_IP_); |
| 1543 | xfer_secondary_pool(r, nbytes); |
| 1544 | @@ -970,19 +991,6 @@ static ssize_t extract_entropy(struct entropy_store *r, void *buf, |
| 1545 | extract_buf(r, tmp); |
| 1546 | |
| 1547 | if (fips_enabled) { |
| 1548 | - unsigned long flags; |
| 1549 | - |
| 1550 | - |
| 1551 | - /* prime last_data value if need be, per fips 140-2 */ |
| 1552 | - if (!r->last_data_init) { |
| 1553 | - spin_lock_irqsave(&r->lock, flags); |
| 1554 | - memcpy(r->last_data, tmp, EXTRACT_SIZE); |
| 1555 | - r->last_data_init = true; |
| 1556 | - nbytes -= EXTRACT_SIZE; |
| 1557 | - spin_unlock_irqrestore(&r->lock, flags); |
| 1558 | - extract_buf(r, tmp); |
| 1559 | - } |
| 1560 | - |
| 1561 | spin_lock_irqsave(&r->lock, flags); |
| 1562 | if (!memcmp(tmp, r->last_data, EXTRACT_SIZE)) |
| 1563 | panic("Hardware RNG duplicated output!\n"); |
| 1564 | diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c |
| 1565 | index cf268b1..d482b12 100644 |
| 1566 | --- a/drivers/crypto/caam/caamalg.c |
| 1567 | +++ b/drivers/crypto/caam/caamalg.c |
| 1568 | @@ -1154,7 +1154,7 @@ static struct aead_edesc *aead_edesc_alloc(struct aead_request *req, |
| 1569 | dst_nents = sg_count(req->dst, req->cryptlen, &dst_chained); |
| 1570 | |
| 1571 | sgc = dma_map_sg_chained(jrdev, req->assoc, assoc_nents ? : 1, |
| 1572 | - DMA_BIDIRECTIONAL, assoc_chained); |
| 1573 | + DMA_TO_DEVICE, assoc_chained); |
| 1574 | if (likely(req->src == req->dst)) { |
| 1575 | sgc = dma_map_sg_chained(jrdev, req->src, src_nents ? : 1, |
| 1576 | DMA_BIDIRECTIONAL, src_chained); |
| 1577 | @@ -1336,7 +1336,7 @@ static struct aead_edesc *aead_giv_edesc_alloc(struct aead_givcrypt_request |
| 1578 | dst_nents = sg_count(req->dst, req->cryptlen, &dst_chained); |
| 1579 | |
| 1580 | sgc = dma_map_sg_chained(jrdev, req->assoc, assoc_nents ? : 1, |
| 1581 | - DMA_BIDIRECTIONAL, assoc_chained); |
| 1582 | + DMA_TO_DEVICE, assoc_chained); |
| 1583 | if (likely(req->src == req->dst)) { |
| 1584 | sgc = dma_map_sg_chained(jrdev, req->src, src_nents ? : 1, |
| 1585 | DMA_BIDIRECTIONAL, src_chained); |
| 1586 | diff --git a/drivers/gpu/drm/i915/i915_drv.c b/drivers/gpu/drm/i915/i915_drv.c |
| 1587 | index e9b5789..49393e5 100644 |
| 1588 | --- a/drivers/gpu/drm/i915/i915_drv.c |
| 1589 | +++ b/drivers/gpu/drm/i915/i915_drv.c |
| 1590 | @@ -359,40 +359,64 @@ static const struct pci_device_id pciidlist[] = { /* aka */ |
| 1591 | INTEL_VGA_DEVICE(0x016a, &intel_ivybridge_d_info), /* GT2 server */ |
| 1592 | INTEL_VGA_DEVICE(0x0402, &intel_haswell_d_info), /* GT1 desktop */ |
| 1593 | INTEL_VGA_DEVICE(0x0412, &intel_haswell_d_info), /* GT2 desktop */ |
| 1594 | - INTEL_VGA_DEVICE(0x0422, &intel_haswell_d_info), /* GT2 desktop */ |
| 1595 | + INTEL_VGA_DEVICE(0x0422, &intel_haswell_d_info), /* GT3 desktop */ |
| 1596 | INTEL_VGA_DEVICE(0x040a, &intel_haswell_d_info), /* GT1 server */ |
| 1597 | INTEL_VGA_DEVICE(0x041a, &intel_haswell_d_info), /* GT2 server */ |
| 1598 | - INTEL_VGA_DEVICE(0x042a, &intel_haswell_d_info), /* GT2 server */ |
| 1599 | + INTEL_VGA_DEVICE(0x042a, &intel_haswell_d_info), /* GT3 server */ |
| 1600 | INTEL_VGA_DEVICE(0x0406, &intel_haswell_m_info), /* GT1 mobile */ |
| 1601 | INTEL_VGA_DEVICE(0x0416, &intel_haswell_m_info), /* GT2 mobile */ |
| 1602 | INTEL_VGA_DEVICE(0x0426, &intel_haswell_m_info), /* GT2 mobile */ |
| 1603 | + INTEL_VGA_DEVICE(0x040B, &intel_haswell_d_info), /* GT1 reserved */ |
| 1604 | + INTEL_VGA_DEVICE(0x041B, &intel_haswell_d_info), /* GT2 reserved */ |
| 1605 | + INTEL_VGA_DEVICE(0x042B, &intel_haswell_d_info), /* GT3 reserved */ |
| 1606 | + INTEL_VGA_DEVICE(0x040E, &intel_haswell_d_info), /* GT1 reserved */ |
| 1607 | + INTEL_VGA_DEVICE(0x041E, &intel_haswell_d_info), /* GT2 reserved */ |
| 1608 | + INTEL_VGA_DEVICE(0x042E, &intel_haswell_d_info), /* GT3 reserved */ |
| 1609 | INTEL_VGA_DEVICE(0x0C02, &intel_haswell_d_info), /* SDV GT1 desktop */ |
| 1610 | INTEL_VGA_DEVICE(0x0C12, &intel_haswell_d_info), /* SDV GT2 desktop */ |
| 1611 | - INTEL_VGA_DEVICE(0x0C22, &intel_haswell_d_info), /* SDV GT2 desktop */ |
| 1612 | + INTEL_VGA_DEVICE(0x0C22, &intel_haswell_d_info), /* SDV GT3 desktop */ |
| 1613 | INTEL_VGA_DEVICE(0x0C0A, &intel_haswell_d_info), /* SDV GT1 server */ |
| 1614 | INTEL_VGA_DEVICE(0x0C1A, &intel_haswell_d_info), /* SDV GT2 server */ |
| 1615 | - INTEL_VGA_DEVICE(0x0C2A, &intel_haswell_d_info), /* SDV GT2 server */ |
| 1616 | + INTEL_VGA_DEVICE(0x0C2A, &intel_haswell_d_info), /* SDV GT3 server */ |
| 1617 | INTEL_VGA_DEVICE(0x0C06, &intel_haswell_m_info), /* SDV GT1 mobile */ |
| 1618 | INTEL_VGA_DEVICE(0x0C16, &intel_haswell_m_info), /* SDV GT2 mobile */ |
| 1619 | - INTEL_VGA_DEVICE(0x0C26, &intel_haswell_m_info), /* SDV GT2 mobile */ |
| 1620 | + INTEL_VGA_DEVICE(0x0C26, &intel_haswell_m_info), /* SDV GT3 mobile */ |
| 1621 | + INTEL_VGA_DEVICE(0x0C0B, &intel_haswell_d_info), /* SDV GT1 reserved */ |
| 1622 | + INTEL_VGA_DEVICE(0x0C1B, &intel_haswell_d_info), /* SDV GT2 reserved */ |
| 1623 | + INTEL_VGA_DEVICE(0x0C2B, &intel_haswell_d_info), /* SDV GT3 reserved */ |
| 1624 | + INTEL_VGA_DEVICE(0x0C0E, &intel_haswell_d_info), /* SDV GT1 reserved */ |
| 1625 | + INTEL_VGA_DEVICE(0x0C1E, &intel_haswell_d_info), /* SDV GT2 reserved */ |
| 1626 | + INTEL_VGA_DEVICE(0x0C2E, &intel_haswell_d_info), /* SDV GT3 reserved */ |
| 1627 | INTEL_VGA_DEVICE(0x0A02, &intel_haswell_d_info), /* ULT GT1 desktop */ |
| 1628 | INTEL_VGA_DEVICE(0x0A12, &intel_haswell_d_info), /* ULT GT2 desktop */ |
| 1629 | - INTEL_VGA_DEVICE(0x0A22, &intel_haswell_d_info), /* ULT GT2 desktop */ |
| 1630 | + INTEL_VGA_DEVICE(0x0A22, &intel_haswell_d_info), /* ULT GT3 desktop */ |
| 1631 | INTEL_VGA_DEVICE(0x0A0A, &intel_haswell_d_info), /* ULT GT1 server */ |
| 1632 | INTEL_VGA_DEVICE(0x0A1A, &intel_haswell_d_info), /* ULT GT2 server */ |
| 1633 | - INTEL_VGA_DEVICE(0x0A2A, &intel_haswell_d_info), /* ULT GT2 server */ |
| 1634 | + INTEL_VGA_DEVICE(0x0A2A, &intel_haswell_d_info), /* ULT GT3 server */ |
| 1635 | INTEL_VGA_DEVICE(0x0A06, &intel_haswell_m_info), /* ULT GT1 mobile */ |
| 1636 | INTEL_VGA_DEVICE(0x0A16, &intel_haswell_m_info), /* ULT GT2 mobile */ |
| 1637 | - INTEL_VGA_DEVICE(0x0A26, &intel_haswell_m_info), /* ULT GT2 mobile */ |
| 1638 | + INTEL_VGA_DEVICE(0x0A26, &intel_haswell_m_info), /* ULT GT3 mobile */ |
| 1639 | + INTEL_VGA_DEVICE(0x0A0B, &intel_haswell_d_info), /* ULT GT1 reserved */ |
| 1640 | + INTEL_VGA_DEVICE(0x0A1B, &intel_haswell_d_info), /* ULT GT2 reserved */ |
| 1641 | + INTEL_VGA_DEVICE(0x0A2B, &intel_haswell_d_info), /* ULT GT3 reserved */ |
| 1642 | + INTEL_VGA_DEVICE(0x0A0E, &intel_haswell_m_info), /* ULT GT1 reserved */ |
| 1643 | + INTEL_VGA_DEVICE(0x0A1E, &intel_haswell_m_info), /* ULT GT2 reserved */ |
| 1644 | + INTEL_VGA_DEVICE(0x0A2E, &intel_haswell_m_info), /* ULT GT3 reserved */ |
| 1645 | INTEL_VGA_DEVICE(0x0D02, &intel_haswell_d_info), /* CRW GT1 desktop */ |
| 1646 | INTEL_VGA_DEVICE(0x0D12, &intel_haswell_d_info), /* CRW GT2 desktop */ |
| 1647 | - INTEL_VGA_DEVICE(0x0D22, &intel_haswell_d_info), /* CRW GT2 desktop */ |
| 1648 | + INTEL_VGA_DEVICE(0x0D22, &intel_haswell_d_info), /* CRW GT3 desktop */ |
| 1649 | INTEL_VGA_DEVICE(0x0D0A, &intel_haswell_d_info), /* CRW GT1 server */ |
| 1650 | INTEL_VGA_DEVICE(0x0D1A, &intel_haswell_d_info), /* CRW GT2 server */ |
| 1651 | - INTEL_VGA_DEVICE(0x0D2A, &intel_haswell_d_info), /* CRW GT2 server */ |
| 1652 | + INTEL_VGA_DEVICE(0x0D2A, &intel_haswell_d_info), /* CRW GT3 server */ |
| 1653 | INTEL_VGA_DEVICE(0x0D06, &intel_haswell_m_info), /* CRW GT1 mobile */ |
| 1654 | INTEL_VGA_DEVICE(0x0D16, &intel_haswell_m_info), /* CRW GT2 mobile */ |
| 1655 | - INTEL_VGA_DEVICE(0x0D26, &intel_haswell_m_info), /* CRW GT2 mobile */ |
| 1656 | + INTEL_VGA_DEVICE(0x0D26, &intel_haswell_m_info), /* CRW GT3 mobile */ |
| 1657 | + INTEL_VGA_DEVICE(0x0D0B, &intel_haswell_d_info), /* CRW GT1 reserved */ |
| 1658 | + INTEL_VGA_DEVICE(0x0D1B, &intel_haswell_d_info), /* CRW GT2 reserved */ |
| 1659 | + INTEL_VGA_DEVICE(0x0D2B, &intel_haswell_d_info), /* CRW GT3 reserved */ |
| 1660 | + INTEL_VGA_DEVICE(0x0D0E, &intel_haswell_d_info), /* CRW GT1 reserved */ |
| 1661 | + INTEL_VGA_DEVICE(0x0D1E, &intel_haswell_d_info), /* CRW GT2 reserved */ |
| 1662 | + INTEL_VGA_DEVICE(0x0D2E, &intel_haswell_d_info), /* CRW GT3 reserved */ |
| 1663 | INTEL_VGA_DEVICE(0x0f30, &intel_valleyview_m_info), |
| 1664 | INTEL_VGA_DEVICE(0x0157, &intel_valleyview_m_info), |
| 1665 | INTEL_VGA_DEVICE(0x0155, &intel_valleyview_d_info), |
| 1666 | diff --git a/drivers/gpu/drm/nouveau/core/subdev/device/nvc0.c b/drivers/gpu/drm/nouveau/core/subdev/device/nvc0.c |
| 1667 | index 4393eb4..2391b1b 100644 |
| 1668 | --- a/drivers/gpu/drm/nouveau/core/subdev/device/nvc0.c |
| 1669 | +++ b/drivers/gpu/drm/nouveau/core/subdev/device/nvc0.c |
| 1670 | @@ -138,7 +138,6 @@ nvc0_identify(struct nouveau_device *device) |
| 1671 | device->oclass[NVDEV_ENGINE_BSP ] = &nvc0_bsp_oclass; |
| 1672 | device->oclass[NVDEV_ENGINE_PPP ] = &nvc0_ppp_oclass; |
| 1673 | device->oclass[NVDEV_ENGINE_COPY0 ] = &nvc0_copy0_oclass; |
| 1674 | - device->oclass[NVDEV_ENGINE_COPY1 ] = &nvc0_copy1_oclass; |
| 1675 | device->oclass[NVDEV_ENGINE_DISP ] = &nva3_disp_oclass; |
| 1676 | break; |
| 1677 | case 0xce: |
| 1678 | @@ -225,7 +224,6 @@ nvc0_identify(struct nouveau_device *device) |
| 1679 | device->oclass[NVDEV_ENGINE_BSP ] = &nvc0_bsp_oclass; |
| 1680 | device->oclass[NVDEV_ENGINE_PPP ] = &nvc0_ppp_oclass; |
| 1681 | device->oclass[NVDEV_ENGINE_COPY0 ] = &nvc0_copy0_oclass; |
| 1682 | - device->oclass[NVDEV_ENGINE_COPY1 ] = &nvc0_copy1_oclass; |
| 1683 | device->oclass[NVDEV_ENGINE_DISP ] = &nva3_disp_oclass; |
| 1684 | break; |
| 1685 | case 0xc8: |
| 1686 | diff --git a/drivers/gpu/drm/radeon/radeon_device.c b/drivers/gpu/drm/radeon/radeon_device.c |
| 1687 | index 44b8034..5073665 100644 |
| 1688 | --- a/drivers/gpu/drm/radeon/radeon_device.c |
| 1689 | +++ b/drivers/gpu/drm/radeon/radeon_device.c |
| 1690 | @@ -435,18 +435,17 @@ bool radeon_card_posted(struct radeon_device *rdev) |
| 1691 | return false; |
| 1692 | |
| 1693 | /* first check CRTCs */ |
| 1694 | - if (ASIC_IS_DCE41(rdev)) { |
| 1695 | + if (ASIC_IS_DCE4(rdev)) { |
| 1696 | reg = RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC0_REGISTER_OFFSET) | |
| 1697 | RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC1_REGISTER_OFFSET); |
| 1698 | - if (reg & EVERGREEN_CRTC_MASTER_EN) |
| 1699 | - return true; |
| 1700 | - } else if (ASIC_IS_DCE4(rdev)) { |
| 1701 | - reg = RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC0_REGISTER_OFFSET) | |
| 1702 | - RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC1_REGISTER_OFFSET) | |
| 1703 | - RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC2_REGISTER_OFFSET) | |
| 1704 | - RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC3_REGISTER_OFFSET) | |
| 1705 | - RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC4_REGISTER_OFFSET) | |
| 1706 | - RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC5_REGISTER_OFFSET); |
| 1707 | + if (rdev->num_crtc >= 4) { |
| 1708 | + reg |= RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC2_REGISTER_OFFSET) | |
| 1709 | + RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC3_REGISTER_OFFSET); |
| 1710 | + } |
| 1711 | + if (rdev->num_crtc >= 6) { |
| 1712 | + reg |= RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC4_REGISTER_OFFSET) | |
| 1713 | + RREG32(EVERGREEN_CRTC_CONTROL + EVERGREEN_CRTC5_REGISTER_OFFSET); |
| 1714 | + } |
| 1715 | if (reg & EVERGREEN_CRTC_MASTER_EN) |
| 1716 | return true; |
| 1717 | } else if (ASIC_IS_AVIVO(rdev)) { |
| 1718 | diff --git a/drivers/gpu/drm/radeon/si.c b/drivers/gpu/drm/radeon/si.c |
| 1719 | index 287248c..aefefd5 100644 |
| 1720 | --- a/drivers/gpu/drm/radeon/si.c |
| 1721 | +++ b/drivers/gpu/drm/radeon/si.c |
| 1722 | @@ -1645,7 +1645,7 @@ static void si_gpu_init(struct radeon_device *rdev) |
| 1723 | default: |
| 1724 | rdev->config.si.max_shader_engines = 1; |
| 1725 | rdev->config.si.max_tile_pipes = 4; |
| 1726 | - rdev->config.si.max_cu_per_sh = 2; |
| 1727 | + rdev->config.si.max_cu_per_sh = 5; |
| 1728 | rdev->config.si.max_sh_per_se = 2; |
| 1729 | rdev->config.si.max_backends_per_se = 4; |
| 1730 | rdev->config.si.max_texture_channel_caches = 4; |
| 1731 | diff --git a/drivers/hv/channel_mgmt.c b/drivers/hv/channel_mgmt.c |
| 1732 | index ff1be16..421d607 100644 |
| 1733 | --- a/drivers/hv/channel_mgmt.c |
| 1734 | +++ b/drivers/hv/channel_mgmt.c |
| 1735 | @@ -318,7 +318,7 @@ static u32 get_vp_index(uuid_le *type_guid) |
| 1736 | return 0; |
| 1737 | } |
| 1738 | cur_cpu = (++next_vp % max_cpus); |
| 1739 | - return cur_cpu; |
| 1740 | + return hv_context.vp_index[cur_cpu]; |
| 1741 | } |
| 1742 | |
| 1743 | /* |
| 1744 | diff --git a/drivers/infiniband/ulp/iser/iser_memory.c b/drivers/infiniband/ulp/iser/iser_memory.c |
| 1745 | index be1edb0..68ebb7f 100644 |
| 1746 | --- a/drivers/infiniband/ulp/iser/iser_memory.c |
| 1747 | +++ b/drivers/infiniband/ulp/iser/iser_memory.c |
| 1748 | @@ -416,8 +416,9 @@ int iser_reg_rdma_mem(struct iscsi_iser_task *iser_task, |
| 1749 | for (i=0 ; i<ib_conn->page_vec->length ; i++) |
| 1750 | iser_err("page_vec[%d] = 0x%llx\n", i, |
| 1751 | (unsigned long long) ib_conn->page_vec->pages[i]); |
| 1752 | - return err; |
| 1753 | } |
| 1754 | + if (err) |
| 1755 | + return err; |
| 1756 | } |
| 1757 | return 0; |
| 1758 | } |
| 1759 | diff --git a/drivers/infiniband/ulp/srpt/ib_srpt.c b/drivers/infiniband/ulp/srpt/ib_srpt.c |
| 1760 | index c09d41b..b4a76d1 100644 |
| 1761 | --- a/drivers/infiniband/ulp/srpt/ib_srpt.c |
| 1762 | +++ b/drivers/infiniband/ulp/srpt/ib_srpt.c |
| 1763 | @@ -2227,6 +2227,27 @@ static void srpt_close_ch(struct srpt_rdma_ch *ch) |
| 1764 | } |
| 1765 | |
| 1766 | /** |
| 1767 | + * srpt_shutdown_session() - Whether or not a session may be shut down. |
| 1768 | + */ |
| 1769 | +static int srpt_shutdown_session(struct se_session *se_sess) |
| 1770 | +{ |
| 1771 | + struct srpt_rdma_ch *ch = se_sess->fabric_sess_ptr; |
| 1772 | + unsigned long flags; |
| 1773 | + |
| 1774 | + spin_lock_irqsave(&ch->spinlock, flags); |
| 1775 | + if (ch->in_shutdown) { |
| 1776 | + spin_unlock_irqrestore(&ch->spinlock, flags); |
| 1777 | + return true; |
| 1778 | + } |
| 1779 | + |
| 1780 | + ch->in_shutdown = true; |
| 1781 | + target_sess_cmd_list_set_waiting(se_sess); |
| 1782 | + spin_unlock_irqrestore(&ch->spinlock, flags); |
| 1783 | + |
| 1784 | + return true; |
| 1785 | +} |
| 1786 | + |
| 1787 | +/** |
| 1788 | * srpt_drain_channel() - Drain a channel by resetting the IB queue pair. |
| 1789 | * @cm_id: Pointer to the CM ID of the channel to be drained. |
| 1790 | * |
| 1791 | @@ -2264,6 +2285,9 @@ static void srpt_drain_channel(struct ib_cm_id *cm_id) |
| 1792 | spin_unlock_irq(&sdev->spinlock); |
| 1793 | |
| 1794 | if (do_reset) { |
| 1795 | + if (ch->sess) |
| 1796 | + srpt_shutdown_session(ch->sess); |
| 1797 | + |
| 1798 | ret = srpt_ch_qp_err(ch); |
| 1799 | if (ret < 0) |
| 1800 | printk(KERN_ERR "Setting queue pair in error state" |
| 1801 | @@ -3467,14 +3491,6 @@ static void srpt_release_cmd(struct se_cmd *se_cmd) |
| 1802 | } |
| 1803 | |
| 1804 | /** |
| 1805 | - * srpt_shutdown_session() - Whether or not a session may be shut down. |
| 1806 | - */ |
| 1807 | -static int srpt_shutdown_session(struct se_session *se_sess) |
| 1808 | -{ |
| 1809 | - return true; |
| 1810 | -} |
| 1811 | - |
| 1812 | -/** |
| 1813 | * srpt_close_session() - Forcibly close a session. |
| 1814 | * |
| 1815 | * Callback function invoked by the TCM core to clean up sessions associated |
| 1816 | diff --git a/drivers/infiniband/ulp/srpt/ib_srpt.h b/drivers/infiniband/ulp/srpt/ib_srpt.h |
| 1817 | index 4caf55c..3dae156 100644 |
| 1818 | --- a/drivers/infiniband/ulp/srpt/ib_srpt.h |
| 1819 | +++ b/drivers/infiniband/ulp/srpt/ib_srpt.h |
| 1820 | @@ -325,6 +325,7 @@ struct srpt_rdma_ch { |
| 1821 | u8 sess_name[36]; |
| 1822 | struct work_struct release_work; |
| 1823 | struct completion *release_done; |
| 1824 | + bool in_shutdown; |
| 1825 | }; |
| 1826 | |
| 1827 | /** |
| 1828 | diff --git a/drivers/input/touchscreen/egalax_ts.c b/drivers/input/touchscreen/egalax_ts.c |
| 1829 | index 17c9097..39f3df8 100644 |
| 1830 | --- a/drivers/input/touchscreen/egalax_ts.c |
| 1831 | +++ b/drivers/input/touchscreen/egalax_ts.c |
| 1832 | @@ -216,7 +216,7 @@ static int egalax_ts_probe(struct i2c_client *client, |
| 1833 | input_set_abs_params(input_dev, |
| 1834 | ABS_MT_POSITION_X, 0, EGALAX_MAX_X, 0, 0); |
| 1835 | input_set_abs_params(input_dev, |
| 1836 | - ABS_MT_POSITION_X, 0, EGALAX_MAX_Y, 0, 0); |
| 1837 | + ABS_MT_POSITION_Y, 0, EGALAX_MAX_Y, 0, 0); |
| 1838 | input_mt_init_slots(input_dev, MAX_SUPPORT_POINTS, 0); |
| 1839 | |
| 1840 | input_set_drvdata(input_dev, ts); |
| 1841 | diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c |
| 1842 | index cbb1645..1a5285b 100644 |
| 1843 | --- a/drivers/iommu/amd_iommu.c |
| 1844 | +++ b/drivers/iommu/amd_iommu.c |
| 1845 | @@ -700,11 +700,23 @@ retry: |
| 1846 | |
| 1847 | static void iommu_poll_events(struct amd_iommu *iommu) |
| 1848 | { |
| 1849 | - u32 head, tail; |
| 1850 | + u32 head, tail, status; |
| 1851 | unsigned long flags; |
| 1852 | |
| 1853 | spin_lock_irqsave(&iommu->lock, flags); |
| 1854 | |
| 1855 | + /* enable event interrupts again */ |
| 1856 | + do { |
| 1857 | + /* |
| 1858 | + * Workaround for Erratum ERBT1312 |
| 1859 | + * Clearing the EVT_INT bit may race in the hardware, so read |
| 1860 | + * it again and make sure it was really cleared |
| 1861 | + */ |
| 1862 | + status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET); |
| 1863 | + writel(MMIO_STATUS_EVT_INT_MASK, |
| 1864 | + iommu->mmio_base + MMIO_STATUS_OFFSET); |
| 1865 | + } while (status & MMIO_STATUS_EVT_INT_MASK); |
| 1866 | + |
| 1867 | head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET); |
| 1868 | tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET); |
| 1869 | |
| 1870 | @@ -741,16 +753,25 @@ static void iommu_handle_ppr_entry(struct amd_iommu *iommu, u64 *raw) |
| 1871 | static void iommu_poll_ppr_log(struct amd_iommu *iommu) |
| 1872 | { |
| 1873 | unsigned long flags; |
| 1874 | - u32 head, tail; |
| 1875 | + u32 head, tail, status; |
| 1876 | |
| 1877 | if (iommu->ppr_log == NULL) |
| 1878 | return; |
| 1879 | |
| 1880 | - /* enable ppr interrupts again */ |
| 1881 | - writel(MMIO_STATUS_PPR_INT_MASK, iommu->mmio_base + MMIO_STATUS_OFFSET); |
| 1882 | - |
| 1883 | spin_lock_irqsave(&iommu->lock, flags); |
| 1884 | |
| 1885 | + /* enable ppr interrupts again */ |
| 1886 | + do { |
| 1887 | + /* |
| 1888 | + * Workaround for Erratum ERBT1312 |
| 1889 | + * Clearing the PPR_INT bit may race in the hardware, so read |
| 1890 | + * it again and make sure it was really cleared |
| 1891 | + */ |
| 1892 | + status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET); |
| 1893 | + writel(MMIO_STATUS_PPR_INT_MASK, |
| 1894 | + iommu->mmio_base + MMIO_STATUS_OFFSET); |
| 1895 | + } while (status & MMIO_STATUS_PPR_INT_MASK); |
| 1896 | + |
| 1897 | head = readl(iommu->mmio_base + MMIO_PPR_HEAD_OFFSET); |
| 1898 | tail = readl(iommu->mmio_base + MMIO_PPR_TAIL_OFFSET); |
| 1899 | |
| 1900 | diff --git a/drivers/iommu/amd_iommu_types.h b/drivers/iommu/amd_iommu_types.h |
| 1901 | index e38ab43..083f98c 100644 |
| 1902 | --- a/drivers/iommu/amd_iommu_types.h |
| 1903 | +++ b/drivers/iommu/amd_iommu_types.h |
| 1904 | @@ -99,6 +99,7 @@ |
| 1905 | #define PASID_MASK 0x000fffff |
| 1906 | |
| 1907 | /* MMIO status bits */ |
| 1908 | +#define MMIO_STATUS_EVT_INT_MASK (1 << 1) |
| 1909 | #define MMIO_STATUS_COM_WAIT_INT_MASK (1 << 2) |
| 1910 | #define MMIO_STATUS_PPR_INT_MASK (1 << 6) |
| 1911 | |
| 1912 | diff --git a/drivers/leds/leds-gpio.c b/drivers/leds/leds-gpio.c |
| 1913 | index a0d931b..b02b679 100644 |
| 1914 | --- a/drivers/leds/leds-gpio.c |
| 1915 | +++ b/drivers/leds/leds-gpio.c |
| 1916 | @@ -107,6 +107,10 @@ static int create_gpio_led(const struct gpio_led *template, |
| 1917 | return 0; |
| 1918 | } |
| 1919 | |
| 1920 | + ret = devm_gpio_request(parent, template->gpio, template->name); |
| 1921 | + if (ret < 0) |
| 1922 | + return ret; |
| 1923 | + |
| 1924 | led_dat->cdev.name = template->name; |
| 1925 | led_dat->cdev.default_trigger = template->default_trigger; |
| 1926 | led_dat->gpio = template->gpio; |
| 1927 | @@ -126,10 +130,7 @@ static int create_gpio_led(const struct gpio_led *template, |
| 1928 | if (!template->retain_state_suspended) |
| 1929 | led_dat->cdev.flags |= LED_CORE_SUSPENDRESUME; |
| 1930 | |
| 1931 | - ret = devm_gpio_request_one(parent, template->gpio, |
| 1932 | - (led_dat->active_low ^ state) ? |
| 1933 | - GPIOF_OUT_INIT_HIGH : GPIOF_OUT_INIT_LOW, |
| 1934 | - template->name); |
| 1935 | + ret = gpio_direction_output(led_dat->gpio, led_dat->active_low ^ state); |
| 1936 | if (ret < 0) |
| 1937 | return ret; |
| 1938 | |
| 1939 | diff --git a/drivers/leds/leds-ot200.c b/drivers/leds/leds-ot200.c |
| 1940 | index ee14662..98cae52 100644 |
| 1941 | --- a/drivers/leds/leds-ot200.c |
| 1942 | +++ b/drivers/leds/leds-ot200.c |
| 1943 | @@ -47,37 +47,37 @@ static struct ot200_led leds[] = { |
| 1944 | { |
| 1945 | .name = "led_1", |
| 1946 | .port = 0x49, |
| 1947 | - .mask = BIT(7), |
| 1948 | + .mask = BIT(6), |
| 1949 | }, |
| 1950 | { |
| 1951 | .name = "led_2", |
| 1952 | .port = 0x49, |
| 1953 | - .mask = BIT(6), |
| 1954 | + .mask = BIT(5), |
| 1955 | }, |
| 1956 | { |
| 1957 | .name = "led_3", |
| 1958 | .port = 0x49, |
| 1959 | - .mask = BIT(5), |
| 1960 | + .mask = BIT(4), |
| 1961 | }, |
| 1962 | { |
| 1963 | .name = "led_4", |
| 1964 | .port = 0x49, |
| 1965 | - .mask = BIT(4), |
| 1966 | + .mask = BIT(3), |
| 1967 | }, |
| 1968 | { |
| 1969 | .name = "led_5", |
| 1970 | .port = 0x49, |
| 1971 | - .mask = BIT(3), |
| 1972 | + .mask = BIT(2), |
| 1973 | }, |
| 1974 | { |
| 1975 | .name = "led_6", |
| 1976 | .port = 0x49, |
| 1977 | - .mask = BIT(2), |
| 1978 | + .mask = BIT(1), |
| 1979 | }, |
| 1980 | { |
| 1981 | .name = "led_7", |
| 1982 | .port = 0x49, |
| 1983 | - .mask = BIT(1), |
| 1984 | + .mask = BIT(0), |
| 1985 | } |
| 1986 | }; |
| 1987 | |
| 1988 | diff --git a/drivers/net/can/usb/kvaser_usb.c b/drivers/net/can/usb/kvaser_usb.c |
| 1989 | index 45cb9f3..3b95465 100644 |
| 1990 | --- a/drivers/net/can/usb/kvaser_usb.c |
| 1991 | +++ b/drivers/net/can/usb/kvaser_usb.c |
| 1992 | @@ -136,6 +136,9 @@ |
| 1993 | #define KVASER_CTRL_MODE_SELFRECEPTION 3 |
| 1994 | #define KVASER_CTRL_MODE_OFF 4 |
| 1995 | |
| 1996 | +/* log message */ |
| 1997 | +#define KVASER_EXTENDED_FRAME BIT(31) |
| 1998 | + |
| 1999 | struct kvaser_msg_simple { |
| 2000 | u8 tid; |
| 2001 | u8 channel; |
| 2002 | @@ -817,8 +820,13 @@ static void kvaser_usb_rx_can_msg(const struct kvaser_usb *dev, |
| 2003 | priv = dev->nets[channel]; |
| 2004 | stats = &priv->netdev->stats; |
| 2005 | |
| 2006 | - if (msg->u.rx_can.flag & (MSG_FLAG_ERROR_FRAME | MSG_FLAG_NERR | |
| 2007 | - MSG_FLAG_OVERRUN)) { |
| 2008 | + if ((msg->u.rx_can.flag & MSG_FLAG_ERROR_FRAME) && |
| 2009 | + (msg->id == CMD_LOG_MESSAGE)) { |
| 2010 | + kvaser_usb_rx_error(dev, msg); |
| 2011 | + return; |
| 2012 | + } else if (msg->u.rx_can.flag & (MSG_FLAG_ERROR_FRAME | |
| 2013 | + MSG_FLAG_NERR | |
| 2014 | + MSG_FLAG_OVERRUN)) { |
| 2015 | kvaser_usb_rx_can_err(priv, msg); |
| 2016 | return; |
| 2017 | } else if (msg->u.rx_can.flag & ~MSG_FLAG_REMOTE_FRAME) { |
| 2018 | @@ -834,22 +842,40 @@ static void kvaser_usb_rx_can_msg(const struct kvaser_usb *dev, |
| 2019 | return; |
| 2020 | } |
| 2021 | |
| 2022 | - cf->can_id = ((msg->u.rx_can.msg[0] & 0x1f) << 6) | |
| 2023 | - (msg->u.rx_can.msg[1] & 0x3f); |
| 2024 | - cf->can_dlc = get_can_dlc(msg->u.rx_can.msg[5]); |
| 2025 | + if (msg->id == CMD_LOG_MESSAGE) { |
| 2026 | + cf->can_id = le32_to_cpu(msg->u.log_message.id); |
| 2027 | + if (cf->can_id & KVASER_EXTENDED_FRAME) |
| 2028 | + cf->can_id &= CAN_EFF_MASK | CAN_EFF_FLAG; |
| 2029 | + else |
| 2030 | + cf->can_id &= CAN_SFF_MASK; |
| 2031 | |
| 2032 | - if (msg->id == CMD_RX_EXT_MESSAGE) { |
| 2033 | - cf->can_id <<= 18; |
| 2034 | - cf->can_id |= ((msg->u.rx_can.msg[2] & 0x0f) << 14) | |
| 2035 | - ((msg->u.rx_can.msg[3] & 0xff) << 6) | |
| 2036 | - (msg->u.rx_can.msg[4] & 0x3f); |
| 2037 | - cf->can_id |= CAN_EFF_FLAG; |
| 2038 | - } |
| 2039 | + cf->can_dlc = get_can_dlc(msg->u.log_message.dlc); |
| 2040 | |
| 2041 | - if (msg->u.rx_can.flag & MSG_FLAG_REMOTE_FRAME) |
| 2042 | - cf->can_id |= CAN_RTR_FLAG; |
| 2043 | - else |
| 2044 | - memcpy(cf->data, &msg->u.rx_can.msg[6], cf->can_dlc); |
| 2045 | + if (msg->u.log_message.flags & MSG_FLAG_REMOTE_FRAME) |
| 2046 | + cf->can_id |= CAN_RTR_FLAG; |
| 2047 | + else |
| 2048 | + memcpy(cf->data, &msg->u.log_message.data, |
| 2049 | + cf->can_dlc); |
| 2050 | + } else { |
| 2051 | + cf->can_id = ((msg->u.rx_can.msg[0] & 0x1f) << 6) | |
| 2052 | + (msg->u.rx_can.msg[1] & 0x3f); |
| 2053 | + |
| 2054 | + if (msg->id == CMD_RX_EXT_MESSAGE) { |
| 2055 | + cf->can_id <<= 18; |
| 2056 | + cf->can_id |= ((msg->u.rx_can.msg[2] & 0x0f) << 14) | |
| 2057 | + ((msg->u.rx_can.msg[3] & 0xff) << 6) | |
| 2058 | + (msg->u.rx_can.msg[4] & 0x3f); |
| 2059 | + cf->can_id |= CAN_EFF_FLAG; |
| 2060 | + } |
| 2061 | + |
| 2062 | + cf->can_dlc = get_can_dlc(msg->u.rx_can.msg[5]); |
| 2063 | + |
| 2064 | + if (msg->u.rx_can.flag & MSG_FLAG_REMOTE_FRAME) |
| 2065 | + cf->can_id |= CAN_RTR_FLAG; |
| 2066 | + else |
| 2067 | + memcpy(cf->data, &msg->u.rx_can.msg[6], |
| 2068 | + cf->can_dlc); |
| 2069 | + } |
| 2070 | |
| 2071 | netif_rx(skb); |
| 2072 | |
| 2073 | @@ -911,6 +937,7 @@ static void kvaser_usb_handle_message(const struct kvaser_usb *dev, |
| 2074 | |
| 2075 | case CMD_RX_STD_MESSAGE: |
| 2076 | case CMD_RX_EXT_MESSAGE: |
| 2077 | + case CMD_LOG_MESSAGE: |
| 2078 | kvaser_usb_rx_can_msg(dev, msg); |
| 2079 | break; |
| 2080 | |
| 2081 | @@ -919,11 +946,6 @@ static void kvaser_usb_handle_message(const struct kvaser_usb *dev, |
| 2082 | kvaser_usb_rx_error(dev, msg); |
| 2083 | break; |
| 2084 | |
| 2085 | - case CMD_LOG_MESSAGE: |
| 2086 | - if (msg->u.log_message.flags & MSG_FLAG_ERROR_FRAME) |
| 2087 | - kvaser_usb_rx_error(dev, msg); |
| 2088 | - break; |
| 2089 | - |
| 2090 | case CMD_TX_ACKNOWLEDGE: |
| 2091 | kvaser_usb_tx_acknowledge(dev, msg); |
| 2092 | break; |
| 2093 | diff --git a/drivers/net/ethernet/broadcom/tg3.c b/drivers/net/ethernet/broadcom/tg3.c |
| 2094 | index 17a9727..6f42e57 100644 |
| 2095 | --- a/drivers/net/ethernet/broadcom/tg3.c |
| 2096 | +++ b/drivers/net/ethernet/broadcom/tg3.c |
| 2097 | @@ -2921,6 +2921,31 @@ static int tg3_5700_link_polarity(struct tg3 *tp, u32 speed) |
| 2098 | return 0; |
| 2099 | } |
| 2100 | |
| 2101 | +static bool tg3_phy_power_bug(struct tg3 *tp) |
| 2102 | +{ |
| 2103 | + switch (tg3_asic_rev(tp)) { |
| 2104 | + case ASIC_REV_5700: |
| 2105 | + case ASIC_REV_5704: |
| 2106 | + return true; |
| 2107 | + case ASIC_REV_5780: |
| 2108 | + if (tp->phy_flags & TG3_PHYFLG_MII_SERDES) |
| 2109 | + return true; |
| 2110 | + return false; |
| 2111 | + case ASIC_REV_5717: |
| 2112 | + if (!tp->pci_fn) |
| 2113 | + return true; |
| 2114 | + return false; |
| 2115 | + case ASIC_REV_5719: |
| 2116 | + case ASIC_REV_5720: |
| 2117 | + if ((tp->phy_flags & TG3_PHYFLG_PHY_SERDES) && |
| 2118 | + !tp->pci_fn) |
| 2119 | + return true; |
| 2120 | + return false; |
| 2121 | + } |
| 2122 | + |
| 2123 | + return false; |
| 2124 | +} |
| 2125 | + |
| 2126 | static void tg3_power_down_phy(struct tg3 *tp, bool do_low_power) |
| 2127 | { |
| 2128 | u32 val; |
| 2129 | @@ -2977,12 +3002,7 @@ static void tg3_power_down_phy(struct tg3 *tp, bool do_low_power) |
| 2130 | /* The PHY should not be powered down on some chips because |
| 2131 | * of bugs. |
| 2132 | */ |
| 2133 | - if (tg3_asic_rev(tp) == ASIC_REV_5700 || |
| 2134 | - tg3_asic_rev(tp) == ASIC_REV_5704 || |
| 2135 | - (tg3_asic_rev(tp) == ASIC_REV_5780 && |
| 2136 | - (tp->phy_flags & TG3_PHYFLG_MII_SERDES)) || |
| 2137 | - (tg3_asic_rev(tp) == ASIC_REV_5717 && |
| 2138 | - !tp->pci_fn)) |
| 2139 | + if (tg3_phy_power_bug(tp)) |
| 2140 | return; |
| 2141 | |
| 2142 | if (tg3_chip_rev(tp) == CHIPREV_5784_AX || |
| 2143 | @@ -7058,6 +7078,20 @@ static inline int tg3_4g_overflow_test(dma_addr_t mapping, int len) |
| 2144 | return (base > 0xffffdcc0) && (base + len + 8 < base); |
| 2145 | } |
| 2146 | |
| 2147 | +/* Test for TSO DMA buffers that cross into regions which are within MSS bytes |
| 2148 | + * of any 4GB boundaries: 4G, 8G, etc |
| 2149 | + */ |
| 2150 | +static inline int tg3_4g_tso_overflow_test(struct tg3 *tp, dma_addr_t mapping, |
| 2151 | + u32 len, u32 mss) |
| 2152 | +{ |
| 2153 | + if (tg3_asic_rev(tp) == ASIC_REV_5762 && mss) { |
| 2154 | + u32 base = (u32) mapping & 0xffffffff; |
| 2155 | + |
| 2156 | + return ((base + len + (mss & 0x3fff)) < base); |
| 2157 | + } |
| 2158 | + return 0; |
| 2159 | +} |
| 2160 | + |
| 2161 | /* Test for DMA addresses > 40-bit */ |
| 2162 | static inline int tg3_40bit_overflow_test(struct tg3 *tp, dma_addr_t mapping, |
| 2163 | int len) |
| 2164 | @@ -7094,6 +7128,9 @@ static bool tg3_tx_frag_set(struct tg3_napi *tnapi, u32 *entry, u32 *budget, |
| 2165 | if (tg3_4g_overflow_test(map, len)) |
| 2166 | hwbug = true; |
| 2167 | |
| 2168 | + if (tg3_4g_tso_overflow_test(tp, map, len, mss)) |
| 2169 | + hwbug = true; |
| 2170 | + |
| 2171 | if (tg3_40bit_overflow_test(tp, map, len)) |
| 2172 | hwbug = true; |
| 2173 | |
| 2174 | @@ -9056,6 +9093,14 @@ static void tg3_rss_write_indir_tbl(struct tg3 *tp) |
| 2175 | } |
| 2176 | } |
| 2177 | |
| 2178 | +static inline u32 tg3_lso_rd_dma_workaround_bit(struct tg3 *tp) |
| 2179 | +{ |
| 2180 | + if (tg3_asic_rev(tp) == ASIC_REV_5719) |
| 2181 | + return TG3_LSO_RD_DMA_TX_LENGTH_WA_5719; |
| 2182 | + else |
| 2183 | + return TG3_LSO_RD_DMA_TX_LENGTH_WA_5720; |
| 2184 | +} |
| 2185 | + |
| 2186 | /* tp->lock is held. */ |
| 2187 | static int tg3_reset_hw(struct tg3 *tp, int reset_phy) |
| 2188 | { |
| 2189 | @@ -9735,16 +9780,17 @@ static int tg3_reset_hw(struct tg3 *tp, int reset_phy) |
| 2190 | tw32_f(RDMAC_MODE, rdmac_mode); |
| 2191 | udelay(40); |
| 2192 | |
| 2193 | - if (tg3_asic_rev(tp) == ASIC_REV_5719) { |
| 2194 | + if (tg3_asic_rev(tp) == ASIC_REV_5719 || |
| 2195 | + tg3_asic_rev(tp) == ASIC_REV_5720) { |
| 2196 | for (i = 0; i < TG3_NUM_RDMA_CHANNELS; i++) { |
| 2197 | if (tr32(TG3_RDMA_LENGTH + (i << 2)) > TG3_MAX_MTU(tp)) |
| 2198 | break; |
| 2199 | } |
| 2200 | if (i < TG3_NUM_RDMA_CHANNELS) { |
| 2201 | val = tr32(TG3_LSO_RD_DMA_CRPTEN_CTRL); |
| 2202 | - val |= TG3_LSO_RD_DMA_TX_LENGTH_WA; |
| 2203 | + val |= tg3_lso_rd_dma_workaround_bit(tp); |
| 2204 | tw32(TG3_LSO_RD_DMA_CRPTEN_CTRL, val); |
| 2205 | - tg3_flag_set(tp, 5719_RDMA_BUG); |
| 2206 | + tg3_flag_set(tp, 5719_5720_RDMA_BUG); |
| 2207 | } |
| 2208 | } |
| 2209 | |
| 2210 | @@ -10101,15 +10147,15 @@ static void tg3_periodic_fetch_stats(struct tg3 *tp) |
| 2211 | TG3_STAT_ADD32(&sp->tx_ucast_packets, MAC_TX_STATS_UCAST); |
| 2212 | TG3_STAT_ADD32(&sp->tx_mcast_packets, MAC_TX_STATS_MCAST); |
| 2213 | TG3_STAT_ADD32(&sp->tx_bcast_packets, MAC_TX_STATS_BCAST); |
| 2214 | - if (unlikely(tg3_flag(tp, 5719_RDMA_BUG) && |
| 2215 | + if (unlikely(tg3_flag(tp, 5719_5720_RDMA_BUG) && |
| 2216 | (sp->tx_ucast_packets.low + sp->tx_mcast_packets.low + |
| 2217 | sp->tx_bcast_packets.low) > TG3_NUM_RDMA_CHANNELS)) { |
| 2218 | u32 val; |
| 2219 | |
| 2220 | val = tr32(TG3_LSO_RD_DMA_CRPTEN_CTRL); |
| 2221 | - val &= ~TG3_LSO_RD_DMA_TX_LENGTH_WA; |
| 2222 | + val &= ~tg3_lso_rd_dma_workaround_bit(tp); |
| 2223 | tw32(TG3_LSO_RD_DMA_CRPTEN_CTRL, val); |
| 2224 | - tg3_flag_clear(tp, 5719_RDMA_BUG); |
| 2225 | + tg3_flag_clear(tp, 5719_5720_RDMA_BUG); |
| 2226 | } |
| 2227 | |
| 2228 | TG3_STAT_ADD32(&sp->rx_octets, MAC_RX_STATS_OCTETS); |
| 2229 | diff --git a/drivers/net/ethernet/broadcom/tg3.h b/drivers/net/ethernet/broadcom/tg3.h |
| 2230 | index 8d7d4c2..25309bf 100644 |
| 2231 | --- a/drivers/net/ethernet/broadcom/tg3.h |
| 2232 | +++ b/drivers/net/ethernet/broadcom/tg3.h |
| 2233 | @@ -1422,7 +1422,8 @@ |
| 2234 | #define TG3_LSO_RD_DMA_CRPTEN_CTRL 0x00004910 |
| 2235 | #define TG3_LSO_RD_DMA_CRPTEN_CTRL_BLEN_BD_4K 0x00030000 |
| 2236 | #define TG3_LSO_RD_DMA_CRPTEN_CTRL_BLEN_LSO_4K 0x000c0000 |
| 2237 | -#define TG3_LSO_RD_DMA_TX_LENGTH_WA 0x02000000 |
| 2238 | +#define TG3_LSO_RD_DMA_TX_LENGTH_WA_5719 0x02000000 |
| 2239 | +#define TG3_LSO_RD_DMA_TX_LENGTH_WA_5720 0x00200000 |
| 2240 | /* 0x4914 --> 0x4be0 unused */ |
| 2241 | |
| 2242 | #define TG3_NUM_RDMA_CHANNELS 4 |
| 2243 | @@ -3043,7 +3044,7 @@ enum TG3_FLAGS { |
| 2244 | TG3_FLAG_APE_HAS_NCSI, |
| 2245 | TG3_FLAG_TX_TSTAMP_EN, |
| 2246 | TG3_FLAG_4K_FIFO_LIMIT, |
| 2247 | - TG3_FLAG_5719_RDMA_BUG, |
| 2248 | + TG3_FLAG_5719_5720_RDMA_BUG, |
| 2249 | TG3_FLAG_RESET_TASK_PENDING, |
| 2250 | TG3_FLAG_PTP_CAPABLE, |
| 2251 | TG3_FLAG_5705_PLUS, |
| 2252 | diff --git a/drivers/net/wireless/ath/ath9k/ar9003_calib.c b/drivers/net/wireless/ath/ath9k/ar9003_calib.c |
| 2253 | index f76c3ca..21fa267 100644 |
| 2254 | --- a/drivers/net/wireless/ath/ath9k/ar9003_calib.c |
| 2255 | +++ b/drivers/net/wireless/ath/ath9k/ar9003_calib.c |
| 2256 | @@ -965,7 +965,7 @@ static void ar9003_hw_do_manual_peak_cal(struct ath_hw *ah, |
| 2257 | { |
| 2258 | int i; |
| 2259 | |
| 2260 | - if (!AR_SREV_9462(ah) && !AR_SREV_9565(ah)) |
| 2261 | + if (!AR_SREV_9462(ah) && !AR_SREV_9565(ah) && !AR_SREV_9485(ah)) |
| 2262 | return; |
| 2263 | |
| 2264 | for (i = 0; i < AR9300_MAX_CHAINS; i++) { |
| 2265 | diff --git a/drivers/net/wireless/ath/ath9k/ar9003_eeprom.h b/drivers/net/wireless/ath/ath9k/ar9003_eeprom.h |
| 2266 | index 54ba42f..874f657 100644 |
| 2267 | --- a/drivers/net/wireless/ath/ath9k/ar9003_eeprom.h |
| 2268 | +++ b/drivers/net/wireless/ath/ath9k/ar9003_eeprom.h |
| 2269 | @@ -68,13 +68,16 @@ |
| 2270 | #define AR9300_BASE_ADDR 0x3ff |
| 2271 | #define AR9300_BASE_ADDR_512 0x1ff |
| 2272 | |
| 2273 | -#define AR9300_OTP_BASE (AR_SREV_9340(ah) ? 0x30000 : 0x14000) |
| 2274 | -#define AR9300_OTP_STATUS (AR_SREV_9340(ah) ? 0x30018 : 0x15f18) |
| 2275 | +#define AR9300_OTP_BASE \ |
| 2276 | + ((AR_SREV_9340(ah) || AR_SREV_9550(ah)) ? 0x30000 : 0x14000) |
| 2277 | +#define AR9300_OTP_STATUS \ |
| 2278 | + ((AR_SREV_9340(ah) || AR_SREV_9550(ah)) ? 0x30018 : 0x15f18) |
| 2279 | #define AR9300_OTP_STATUS_TYPE 0x7 |
| 2280 | #define AR9300_OTP_STATUS_VALID 0x4 |
| 2281 | #define AR9300_OTP_STATUS_ACCESS_BUSY 0x2 |
| 2282 | #define AR9300_OTP_STATUS_SM_BUSY 0x1 |
| 2283 | -#define AR9300_OTP_READ_DATA (AR_SREV_9340(ah) ? 0x3001c : 0x15f1c) |
| 2284 | +#define AR9300_OTP_READ_DATA \ |
| 2285 | + ((AR_SREV_9340(ah) || AR_SREV_9550(ah)) ? 0x3001c : 0x15f1c) |
| 2286 | |
| 2287 | enum targetPowerHTRates { |
| 2288 | HT_TARGET_RATE_0_8_16, |
| 2289 | diff --git a/drivers/net/wireless/ath/ath9k/ar9485_initvals.h b/drivers/net/wireless/ath/ath9k/ar9485_initvals.h |
| 2290 | index 712f415..88ff1d7 100644 |
| 2291 | --- a/drivers/net/wireless/ath/ath9k/ar9485_initvals.h |
| 2292 | +++ b/drivers/net/wireless/ath/ath9k/ar9485_initvals.h |
| 2293 | @@ -1020,7 +1020,7 @@ static const u32 ar9485_1_1_baseband_postamble[][5] = { |
| 2294 | {0x0000a284, 0x00000000, 0x00000000, 0x000002a0, 0x000002a0}, |
| 2295 | {0x0000a288, 0x00000000, 0x00000000, 0x00000000, 0x00000000}, |
| 2296 | {0x0000a28c, 0x00000000, 0x00000000, 0x00000000, 0x00000000}, |
| 2297 | - {0x0000a2c4, 0x00158d18, 0x00158d18, 0x00158d18, 0x00158d18}, |
| 2298 | + {0x0000a2c4, 0x00158d18, 0x00158d18, 0x00058d18, 0x00058d18}, |
| 2299 | {0x0000a2d0, 0x00071981, 0x00071981, 0x00071982, 0x00071982}, |
| 2300 | {0x0000a2d8, 0xf999a83a, 0xf999a83a, 0xf999a83a, 0xf999a83a}, |
| 2301 | {0x0000a358, 0x00000000, 0x00000000, 0x00000000, 0x00000000}, |
| 2302 | diff --git a/drivers/net/wireless/ath/ath9k/debug.c b/drivers/net/wireless/ath/ath9k/debug.c |
| 2303 | index 3714b97..f25a320 100644 |
| 2304 | --- a/drivers/net/wireless/ath/ath9k/debug.c |
| 2305 | +++ b/drivers/net/wireless/ath/ath9k/debug.c |
| 2306 | @@ -2003,6 +2003,14 @@ void ath9k_get_et_stats(struct ieee80211_hw *hw, |
| 2307 | WARN_ON(i != ATH9K_SSTATS_LEN); |
| 2308 | } |
| 2309 | |
| 2310 | +void ath9k_deinit_debug(struct ath_softc *sc) |
| 2311 | +{ |
| 2312 | + if (config_enabled(CONFIG_ATH9K_DEBUGFS) && sc->rfs_chan_spec_scan) { |
| 2313 | + relay_close(sc->rfs_chan_spec_scan); |
| 2314 | + sc->rfs_chan_spec_scan = NULL; |
| 2315 | + } |
| 2316 | +} |
| 2317 | + |
| 2318 | int ath9k_init_debug(struct ath_hw *ah) |
| 2319 | { |
| 2320 | struct ath_common *common = ath9k_hw_common(ah); |
| 2321 | diff --git a/drivers/net/wireless/ath/ath9k/debug.h b/drivers/net/wireless/ath/ath9k/debug.h |
| 2322 | index 410d6d8..f939457 100644 |
| 2323 | --- a/drivers/net/wireless/ath/ath9k/debug.h |
| 2324 | +++ b/drivers/net/wireless/ath/ath9k/debug.h |
| 2325 | @@ -302,6 +302,7 @@ struct ath9k_debug { |
| 2326 | }; |
| 2327 | |
| 2328 | int ath9k_init_debug(struct ath_hw *ah); |
| 2329 | +void ath9k_deinit_debug(struct ath_softc *sc); |
| 2330 | |
| 2331 | void ath_debug_stat_interrupt(struct ath_softc *sc, enum ath9k_int status); |
| 2332 | void ath_debug_stat_tx(struct ath_softc *sc, struct ath_buf *bf, |
| 2333 | @@ -337,6 +338,10 @@ static inline int ath9k_init_debug(struct ath_hw *ah) |
| 2334 | return 0; |
| 2335 | } |
| 2336 | |
| 2337 | +static inline void ath9k_deinit_debug(struct ath_softc *sc) |
| 2338 | +{ |
| 2339 | +} |
| 2340 | + |
| 2341 | static inline void ath_debug_stat_interrupt(struct ath_softc *sc, |
| 2342 | enum ath9k_int status) |
| 2343 | { |
| 2344 | diff --git a/drivers/net/wireless/ath/ath9k/init.c b/drivers/net/wireless/ath/ath9k/init.c |
| 2345 | index af932c9..26db547 100644 |
| 2346 | --- a/drivers/net/wireless/ath/ath9k/init.c |
| 2347 | +++ b/drivers/net/wireless/ath/ath9k/init.c |
| 2348 | @@ -885,7 +885,7 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc, |
| 2349 | if (!ath_is_world_regd(reg)) { |
| 2350 | error = regulatory_hint(hw->wiphy, reg->alpha2); |
| 2351 | if (error) |
| 2352 | - goto unregister; |
| 2353 | + goto debug_cleanup; |
| 2354 | } |
| 2355 | |
| 2356 | ath_init_leds(sc); |
| 2357 | @@ -893,6 +893,8 @@ int ath9k_init_device(u16 devid, struct ath_softc *sc, |
| 2358 | |
| 2359 | return 0; |
| 2360 | |
| 2361 | +debug_cleanup: |
| 2362 | + ath9k_deinit_debug(sc); |
| 2363 | unregister: |
| 2364 | ieee80211_unregister_hw(hw); |
| 2365 | rx_cleanup: |
| 2366 | @@ -921,11 +923,6 @@ static void ath9k_deinit_softc(struct ath_softc *sc) |
| 2367 | sc->dfs_detector->exit(sc->dfs_detector); |
| 2368 | |
| 2369 | ath9k_eeprom_release(sc); |
| 2370 | - |
| 2371 | - if (config_enabled(CONFIG_ATH9K_DEBUGFS) && sc->rfs_chan_spec_scan) { |
| 2372 | - relay_close(sc->rfs_chan_spec_scan); |
| 2373 | - sc->rfs_chan_spec_scan = NULL; |
| 2374 | - } |
| 2375 | } |
| 2376 | |
| 2377 | void ath9k_deinit_device(struct ath_softc *sc) |
| 2378 | @@ -939,6 +936,7 @@ void ath9k_deinit_device(struct ath_softc *sc) |
| 2379 | |
| 2380 | ath9k_ps_restore(sc); |
| 2381 | |
| 2382 | + ath9k_deinit_debug(sc); |
| 2383 | ieee80211_unregister_hw(hw); |
| 2384 | ath_rx_cleanup(sc); |
| 2385 | ath9k_deinit_softc(sc); |
| 2386 | diff --git a/drivers/net/wireless/iwlwifi/dvm/sta.c b/drivers/net/wireless/iwlwifi/dvm/sta.c |
| 2387 | index db183b4..c3c13ce 100644 |
| 2388 | --- a/drivers/net/wireless/iwlwifi/dvm/sta.c |
| 2389 | +++ b/drivers/net/wireless/iwlwifi/dvm/sta.c |
| 2390 | @@ -735,7 +735,7 @@ void iwl_restore_stations(struct iwl_priv *priv, struct iwl_rxon_context *ctx) |
| 2391 | memcpy(&lq, priv->stations[i].lq, |
| 2392 | sizeof(struct iwl_link_quality_cmd)); |
| 2393 | |
| 2394 | - if (!memcmp(&lq, &zero_lq, sizeof(lq))) |
| 2395 | + if (memcmp(&lq, &zero_lq, sizeof(lq))) |
| 2396 | send_lq = true; |
| 2397 | } |
| 2398 | spin_unlock_bh(&priv->sta_lock); |
| 2399 | diff --git a/drivers/net/wireless/iwlwifi/mvm/fw-api.h b/drivers/net/wireless/iwlwifi/mvm/fw-api.h |
| 2400 | index 2adb61f..4464382 100644 |
| 2401 | --- a/drivers/net/wireless/iwlwifi/mvm/fw-api.h |
| 2402 | +++ b/drivers/net/wireless/iwlwifi/mvm/fw-api.h |
| 2403 | @@ -165,6 +165,8 @@ enum { |
| 2404 | REPLY_DEBUG_CMD = 0xf0, |
| 2405 | DEBUG_LOG_MSG = 0xf7, |
| 2406 | |
| 2407 | + MCAST_FILTER_CMD = 0xd0, |
| 2408 | + |
| 2409 | /* D3 commands/notifications */ |
| 2410 | D3_CONFIG_CMD = 0xd3, |
| 2411 | PROT_OFFLOAD_CONFIG_CMD = 0xd4, |
| 2412 | @@ -951,4 +953,29 @@ struct iwl_set_calib_default_cmd { |
| 2413 | u8 data[0]; |
| 2414 | } __packed; /* PHY_CALIB_OVERRIDE_VALUES_S */ |
| 2415 | |
| 2416 | +#define MAX_PORT_ID_NUM 2 |
| 2417 | + |
| 2418 | +/** |
| 2419 | + * struct iwl_mcast_filter_cmd - configure multicast filter. |
| 2420 | + * @filter_own: Set 1 to filter out multicast packets sent by station itself |
| 2421 | + * @port_id: Multicast MAC addresses array specifier. This is a strange way |
| 2422 | + * to identify network interface adopted in host-device IF. |
| 2423 | + * It is used by FW as index in array of addresses. This array has |
| 2424 | + * MAX_PORT_ID_NUM members. |
| 2425 | + * @count: Number of MAC addresses in the array |
| 2426 | + * @pass_all: Set 1 to pass all multicast packets. |
| 2427 | + * @bssid: current association BSSID. |
| 2428 | + * @addr_list: Place holder for array of MAC addresses. |
| 2429 | + * IMPORTANT: add padding if necessary to ensure DWORD alignment. |
| 2430 | + */ |
| 2431 | +struct iwl_mcast_filter_cmd { |
| 2432 | + u8 filter_own; |
| 2433 | + u8 port_id; |
| 2434 | + u8 count; |
| 2435 | + u8 pass_all; |
| 2436 | + u8 bssid[6]; |
| 2437 | + u8 reserved[2]; |
| 2438 | + u8 addr_list[0]; |
| 2439 | +} __packed; /* MCAST_FILTERING_CMD_API_S_VER_1 */ |
| 2440 | + |
| 2441 | #endif /* __fw_api_h__ */ |
| 2442 | diff --git a/drivers/net/wireless/iwlwifi/mvm/mac-ctxt.c b/drivers/net/wireless/iwlwifi/mvm/mac-ctxt.c |
| 2443 | index 341dbc0..bf76b17 100644 |
| 2444 | --- a/drivers/net/wireless/iwlwifi/mvm/mac-ctxt.c |
| 2445 | +++ b/drivers/net/wireless/iwlwifi/mvm/mac-ctxt.c |
| 2446 | @@ -586,10 +586,12 @@ static int iwl_mvm_mac_ctxt_send_cmd(struct iwl_mvm *mvm, |
| 2447 | */ |
| 2448 | static void iwl_mvm_mac_ctxt_cmd_fill_sta(struct iwl_mvm *mvm, |
| 2449 | struct ieee80211_vif *vif, |
| 2450 | - struct iwl_mac_data_sta *ctxt_sta) |
| 2451 | + struct iwl_mac_data_sta *ctxt_sta, |
| 2452 | + bool force_assoc_off) |
| 2453 | { |
| 2454 | /* We need the dtim_period to set the MAC as associated */ |
| 2455 | - if (vif->bss_conf.assoc && vif->bss_conf.dtim_period) { |
| 2456 | + if (vif->bss_conf.assoc && vif->bss_conf.dtim_period && |
| 2457 | + !force_assoc_off) { |
| 2458 | u32 dtim_offs; |
| 2459 | |
| 2460 | /* |
| 2461 | @@ -652,7 +654,8 @@ static int iwl_mvm_mac_ctxt_cmd_station(struct iwl_mvm *mvm, |
| 2462 | iwl_mvm_mac_ctxt_cmd_common(mvm, vif, &cmd, action); |
| 2463 | |
| 2464 | /* Fill the data specific for station mode */ |
| 2465 | - iwl_mvm_mac_ctxt_cmd_fill_sta(mvm, vif, &cmd.sta); |
| 2466 | + iwl_mvm_mac_ctxt_cmd_fill_sta(mvm, vif, &cmd.sta, |
| 2467 | + action == FW_CTXT_ACTION_ADD); |
| 2468 | |
| 2469 | return iwl_mvm_mac_ctxt_send_cmd(mvm, &cmd); |
| 2470 | } |
| 2471 | @@ -669,7 +672,8 @@ static int iwl_mvm_mac_ctxt_cmd_p2p_client(struct iwl_mvm *mvm, |
| 2472 | iwl_mvm_mac_ctxt_cmd_common(mvm, vif, &cmd, action); |
| 2473 | |
| 2474 | /* Fill the data specific for station mode */ |
| 2475 | - iwl_mvm_mac_ctxt_cmd_fill_sta(mvm, vif, &cmd.p2p_sta.sta); |
| 2476 | + iwl_mvm_mac_ctxt_cmd_fill_sta(mvm, vif, &cmd.p2p_sta.sta, |
| 2477 | + action == FW_CTXT_ACTION_ADD); |
| 2478 | |
| 2479 | cmd.p2p_sta.ctwin = cpu_to_le32(vif->bss_conf.p2p_ctwindow); |
| 2480 | |
| 2481 | diff --git a/drivers/net/wireless/iwlwifi/mvm/mac80211.c b/drivers/net/wireless/iwlwifi/mvm/mac80211.c |
| 2482 | index 7e169b0..8572358 100644 |
| 2483 | --- a/drivers/net/wireless/iwlwifi/mvm/mac80211.c |
| 2484 | +++ b/drivers/net/wireless/iwlwifi/mvm/mac80211.c |
| 2485 | @@ -82,15 +82,6 @@ static const struct ieee80211_iface_limit iwl_mvm_limits[] = { |
| 2486 | .types = BIT(NL80211_IFTYPE_STATION) | |
| 2487 | BIT(NL80211_IFTYPE_AP), |
| 2488 | }, |
| 2489 | - { |
| 2490 | - .max = 1, |
| 2491 | - .types = BIT(NL80211_IFTYPE_P2P_CLIENT) | |
| 2492 | - BIT(NL80211_IFTYPE_P2P_GO), |
| 2493 | - }, |
| 2494 | - { |
| 2495 | - .max = 1, |
| 2496 | - .types = BIT(NL80211_IFTYPE_P2P_DEVICE), |
| 2497 | - }, |
| 2498 | }; |
| 2499 | |
| 2500 | static const struct ieee80211_iface_combination iwl_mvm_iface_combinations[] = { |
| 2501 | @@ -136,10 +127,7 @@ int iwl_mvm_mac_setup_register(struct iwl_mvm *mvm) |
| 2502 | hw->chanctx_data_size = sizeof(struct iwl_mvm_phy_ctxt); |
| 2503 | |
| 2504 | hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) | |
| 2505 | - BIT(NL80211_IFTYPE_P2P_CLIENT) | |
| 2506 | - BIT(NL80211_IFTYPE_AP) | |
| 2507 | - BIT(NL80211_IFTYPE_P2P_GO) | |
| 2508 | - BIT(NL80211_IFTYPE_P2P_DEVICE); |
| 2509 | + BIT(NL80211_IFTYPE_AP); |
| 2510 | |
| 2511 | hw->wiphy->flags |= WIPHY_FLAG_CUSTOM_REGULATORY | |
| 2512 | WIPHY_FLAG_DISABLE_BEACON_HINTS | |
| 2513 | @@ -657,6 +645,20 @@ static void iwl_mvm_configure_filter(struct ieee80211_hw *hw, |
| 2514 | *total_flags = 0; |
| 2515 | } |
| 2516 | |
| 2517 | +static int iwl_mvm_configure_mcast_filter(struct iwl_mvm *mvm, |
| 2518 | + struct ieee80211_vif *vif) |
| 2519 | +{ |
| 2520 | + struct iwl_mcast_filter_cmd mcast_filter_cmd = { |
| 2521 | + .pass_all = 1, |
| 2522 | + }; |
| 2523 | + |
| 2524 | + memcpy(mcast_filter_cmd.bssid, vif->bss_conf.bssid, ETH_ALEN); |
| 2525 | + |
| 2526 | + return iwl_mvm_send_cmd_pdu(mvm, MCAST_FILTER_CMD, CMD_SYNC, |
| 2527 | + sizeof(mcast_filter_cmd), |
| 2528 | + &mcast_filter_cmd); |
| 2529 | +} |
| 2530 | + |
| 2531 | static void iwl_mvm_bss_info_changed_station(struct iwl_mvm *mvm, |
| 2532 | struct ieee80211_vif *vif, |
| 2533 | struct ieee80211_bss_conf *bss_conf, |
| 2534 | @@ -677,6 +679,7 @@ static void iwl_mvm_bss_info_changed_station(struct iwl_mvm *mvm, |
| 2535 | IWL_ERR(mvm, "failed to update quotas\n"); |
| 2536 | return; |
| 2537 | } |
| 2538 | + iwl_mvm_configure_mcast_filter(mvm, vif); |
| 2539 | } else if (mvmvif->ap_sta_id != IWL_MVM_STATION_COUNT) { |
| 2540 | /* remove AP station now that the MAC is unassoc */ |
| 2541 | ret = iwl_mvm_rm_sta_id(mvm, vif, mvmvif->ap_sta_id); |
| 2542 | @@ -886,7 +889,7 @@ static void iwl_mvm_mac_sta_notify(struct ieee80211_hw *hw, |
| 2543 | |
| 2544 | switch (cmd) { |
| 2545 | case STA_NOTIFY_SLEEP: |
| 2546 | - if (atomic_read(&mvmsta->pending_frames) > 0) |
| 2547 | + if (atomic_read(&mvm->pending_frames[mvmsta->sta_id]) > 0) |
| 2548 | ieee80211_sta_block_awake(hw, sta, true); |
| 2549 | /* |
| 2550 | * The fw updates the STA to be asleep. Tx packets on the Tx |
| 2551 | diff --git a/drivers/net/wireless/iwlwifi/mvm/mvm.h b/drivers/net/wireless/iwlwifi/mvm/mvm.h |
| 2552 | index bdae700..dc59ef5 100644 |
| 2553 | --- a/drivers/net/wireless/iwlwifi/mvm/mvm.h |
| 2554 | +++ b/drivers/net/wireless/iwlwifi/mvm/mvm.h |
| 2555 | @@ -293,6 +293,7 @@ struct iwl_mvm { |
| 2556 | struct ieee80211_sta __rcu *fw_id_to_mac_id[IWL_MVM_STATION_COUNT]; |
| 2557 | struct work_struct sta_drained_wk; |
| 2558 | unsigned long sta_drained[BITS_TO_LONGS(IWL_MVM_STATION_COUNT)]; |
| 2559 | + atomic_t pending_frames[IWL_MVM_STATION_COUNT]; |
| 2560 | |
| 2561 | /* configured by mac80211 */ |
| 2562 | u32 rts_threshold; |
| 2563 | diff --git a/drivers/net/wireless/iwlwifi/mvm/ops.c b/drivers/net/wireless/iwlwifi/mvm/ops.c |
| 2564 | index d0f9c1e..ddac833 100644 |
| 2565 | --- a/drivers/net/wireless/iwlwifi/mvm/ops.c |
| 2566 | +++ b/drivers/net/wireless/iwlwifi/mvm/ops.c |
| 2567 | @@ -293,6 +293,7 @@ static const char *iwl_mvm_cmd_strings[REPLY_MAX] = { |
| 2568 | CMD(NET_DETECT_PROFILES_CMD), |
| 2569 | CMD(NET_DETECT_HOTSPOTS_CMD), |
| 2570 | CMD(NET_DETECT_HOTSPOTS_QUERY_CMD), |
| 2571 | + CMD(MCAST_FILTER_CMD), |
| 2572 | }; |
| 2573 | #undef CMD |
| 2574 | |
| 2575 | diff --git a/drivers/net/wireless/iwlwifi/mvm/scan.c b/drivers/net/wireless/iwlwifi/mvm/scan.c |
| 2576 | index 9b21b92..5c52faa 100644 |
| 2577 | --- a/drivers/net/wireless/iwlwifi/mvm/scan.c |
| 2578 | +++ b/drivers/net/wireless/iwlwifi/mvm/scan.c |
| 2579 | @@ -298,6 +298,12 @@ int iwl_mvm_scan_request(struct iwl_mvm *mvm, |
| 2580 | else |
| 2581 | cmd->type = cpu_to_le32(SCAN_TYPE_FORCED); |
| 2582 | |
| 2583 | + /* |
| 2584 | + * TODO: This is a WA due to a bug in the FW AUX framework that does not |
| 2585 | + * properly handle time events that fail to be scheduled |
| 2586 | + */ |
| 2587 | + cmd->type = cpu_to_le32(SCAN_TYPE_FORCED); |
| 2588 | + |
| 2589 | cmd->repeats = cpu_to_le32(1); |
| 2590 | |
| 2591 | /* |
| 2592 | diff --git a/drivers/net/wireless/iwlwifi/mvm/sta.c b/drivers/net/wireless/iwlwifi/mvm/sta.c |
| 2593 | index 274f44e..7b8644e 100644 |
| 2594 | --- a/drivers/net/wireless/iwlwifi/mvm/sta.c |
| 2595 | +++ b/drivers/net/wireless/iwlwifi/mvm/sta.c |
| 2596 | @@ -172,7 +172,7 @@ int iwl_mvm_add_sta(struct iwl_mvm *mvm, |
| 2597 | mvm_sta->max_agg_bufsize = LINK_QUAL_AGG_FRAME_LIMIT_DEF; |
| 2598 | |
| 2599 | /* HW restart, don't assume the memory has been zeroed */ |
| 2600 | - atomic_set(&mvm_sta->pending_frames, 0); |
| 2601 | + atomic_set(&mvm->pending_frames[sta_id], 0); |
| 2602 | mvm_sta->tid_disable_agg = 0; |
| 2603 | mvm_sta->tfd_queue_msk = 0; |
| 2604 | for (i = 0; i < IEEE80211_NUM_ACS; i++) |
| 2605 | @@ -360,14 +360,21 @@ int iwl_mvm_rm_sta(struct iwl_mvm *mvm, |
| 2606 | } |
| 2607 | |
| 2608 | /* |
| 2609 | + * Make sure that the tx response code sees the station as -EBUSY and |
| 2610 | + * calls the drain worker. |
| 2611 | + */ |
| 2612 | + spin_lock_bh(&mvm_sta->lock); |
| 2613 | + /* |
| 2614 | * There are frames pending on the AC queues for this station. |
| 2615 | * We need to wait until all the frames are drained... |
| 2616 | */ |
| 2617 | - if (atomic_read(&mvm_sta->pending_frames)) { |
| 2618 | - ret = iwl_mvm_drain_sta(mvm, mvm_sta, true); |
| 2619 | + if (atomic_read(&mvm->pending_frames[mvm_sta->sta_id])) { |
| 2620 | rcu_assign_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id], |
| 2621 | ERR_PTR(-EBUSY)); |
| 2622 | + spin_unlock_bh(&mvm_sta->lock); |
| 2623 | + ret = iwl_mvm_drain_sta(mvm, mvm_sta, true); |
| 2624 | } else { |
| 2625 | + spin_unlock_bh(&mvm_sta->lock); |
| 2626 | ret = iwl_mvm_rm_sta_common(mvm, mvm_sta->sta_id); |
| 2627 | rcu_assign_pointer(mvm->fw_id_to_mac_id[mvm_sta->sta_id], NULL); |
| 2628 | } |
| 2629 | diff --git a/drivers/net/wireless/iwlwifi/mvm/sta.h b/drivers/net/wireless/iwlwifi/mvm/sta.h |
| 2630 | index 896f88a..2dbf7ba 100644 |
| 2631 | --- a/drivers/net/wireless/iwlwifi/mvm/sta.h |
| 2632 | +++ b/drivers/net/wireless/iwlwifi/mvm/sta.h |
| 2633 | @@ -273,7 +273,6 @@ struct iwl_mvm_tid_data { |
| 2634 | * @max_agg_bufsize: the maximal size of the AGG buffer for this station |
| 2635 | * @lock: lock to protect the whole struct. Since %tid_data is access from Tx |
| 2636 | * and from Tx response flow, it needs a spinlock. |
| 2637 | - * @pending_frames: number of frames for this STA on the shared Tx queues. |
| 2638 | * @tid_data: per tid data. Look at %iwl_mvm_tid_data. |
| 2639 | * |
| 2640 | * When mac80211 creates a station it reserves some space (hw->sta_data_size) |
| 2641 | @@ -288,7 +287,6 @@ struct iwl_mvm_sta { |
| 2642 | u16 tid_disable_agg; |
| 2643 | u8 max_agg_bufsize; |
| 2644 | spinlock_t lock; |
| 2645 | - atomic_t pending_frames; |
| 2646 | struct iwl_mvm_tid_data tid_data[IWL_MAX_TID_COUNT]; |
| 2647 | struct iwl_lq_sta lq_sta; |
| 2648 | struct ieee80211_vif *vif; |
| 2649 | diff --git a/drivers/net/wireless/iwlwifi/mvm/tx.c b/drivers/net/wireless/iwlwifi/mvm/tx.c |
| 2650 | index 6645efe..44f26f4 100644 |
| 2651 | --- a/drivers/net/wireless/iwlwifi/mvm/tx.c |
| 2652 | +++ b/drivers/net/wireless/iwlwifi/mvm/tx.c |
| 2653 | @@ -416,9 +416,8 @@ int iwl_mvm_tx_skb(struct iwl_mvm *mvm, struct sk_buff *skb, |
| 2654 | |
| 2655 | spin_unlock(&mvmsta->lock); |
| 2656 | |
| 2657 | - if (mvmsta->vif->type == NL80211_IFTYPE_AP && |
| 2658 | - txq_id < IWL_FIRST_AMPDU_QUEUE) |
| 2659 | - atomic_inc(&mvmsta->pending_frames); |
| 2660 | + if (txq_id < IWL_FIRST_AMPDU_QUEUE) |
| 2661 | + atomic_inc(&mvm->pending_frames[mvmsta->sta_id]); |
| 2662 | |
| 2663 | return 0; |
| 2664 | |
| 2665 | @@ -678,16 +677,41 @@ static void iwl_mvm_rx_tx_cmd_single(struct iwl_mvm *mvm, |
| 2666 | /* |
| 2667 | * If the txq is not an AMPDU queue, there is no chance we freed |
| 2668 | * several skbs. Check that out... |
| 2669 | - * If there are no pending frames for this STA, notify mac80211 that |
| 2670 | - * this station can go to sleep in its STA table. |
| 2671 | */ |
| 2672 | - if (txq_id < IWL_FIRST_AMPDU_QUEUE && mvmsta && |
| 2673 | - !WARN_ON(skb_freed > 1) && |
| 2674 | - mvmsta->vif->type == NL80211_IFTYPE_AP && |
| 2675 | - atomic_sub_and_test(skb_freed, &mvmsta->pending_frames)) { |
| 2676 | - ieee80211_sta_block_awake(mvm->hw, sta, false); |
| 2677 | - set_bit(sta_id, mvm->sta_drained); |
| 2678 | - schedule_work(&mvm->sta_drained_wk); |
| 2679 | + if (txq_id < IWL_FIRST_AMPDU_QUEUE && !WARN_ON(skb_freed > 1) && |
| 2680 | + atomic_sub_and_test(skb_freed, &mvm->pending_frames[sta_id])) { |
| 2681 | + if (mvmsta) { |
| 2682 | + /* |
| 2683 | + * If there are no pending frames for this STA, notify |
| 2684 | + * mac80211 that this station can go to sleep in its |
| 2685 | + * STA table. |
| 2686 | + */ |
| 2687 | + if (mvmsta->vif->type == NL80211_IFTYPE_AP) |
| 2688 | + ieee80211_sta_block_awake(mvm->hw, sta, false); |
| 2689 | + /* |
| 2690 | + * We might very well have taken mvmsta pointer while |
| 2691 | + * the station was being removed. The remove flow might |
| 2692 | + * have seen a pending_frame (because we didn't take |
| 2693 | + * the lock) even if now the queues are drained. So make |
| 2694 | + * really sure now that this the station is not being |
| 2695 | + * removed. If it is, run the drain worker to remove it. |
| 2696 | + */ |
| 2697 | + spin_lock_bh(&mvmsta->lock); |
| 2698 | + sta = rcu_dereference(mvm->fw_id_to_mac_id[sta_id]); |
| 2699 | + if (IS_ERR_OR_NULL(sta)) { |
| 2700 | + /* |
| 2701 | + * Station disappeared in the meantime: |
| 2702 | + * so we are draining. |
| 2703 | + */ |
| 2704 | + set_bit(sta_id, mvm->sta_drained); |
| 2705 | + schedule_work(&mvm->sta_drained_wk); |
| 2706 | + } |
| 2707 | + spin_unlock_bh(&mvmsta->lock); |
| 2708 | + } else if (!mvmsta) { |
| 2709 | + /* Tx response without STA, so we are draining */ |
| 2710 | + set_bit(sta_id, mvm->sta_drained); |
| 2711 | + schedule_work(&mvm->sta_drained_wk); |
| 2712 | + } |
| 2713 | } |
| 2714 | |
| 2715 | rcu_read_unlock(); |
| 2716 | diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c |
| 2717 | index cffdf4f..2b49f48 100644 |
| 2718 | --- a/drivers/net/wireless/mac80211_hwsim.c |
| 2719 | +++ b/drivers/net/wireless/mac80211_hwsim.c |
| 2720 | @@ -2118,7 +2118,6 @@ static const struct ieee80211_iface_limit hwsim_if_limits[] = { |
| 2721 | #endif |
| 2722 | BIT(NL80211_IFTYPE_AP) | |
| 2723 | BIT(NL80211_IFTYPE_P2P_GO) }, |
| 2724 | - { .max = 1, .types = BIT(NL80211_IFTYPE_P2P_DEVICE) }, |
| 2725 | }; |
| 2726 | |
| 2727 | static struct ieee80211_iface_combination hwsim_if_comb = { |
| 2728 | @@ -2230,8 +2229,7 @@ static int __init init_mac80211_hwsim(void) |
| 2729 | BIT(NL80211_IFTYPE_P2P_CLIENT) | |
| 2730 | BIT(NL80211_IFTYPE_P2P_GO) | |
| 2731 | BIT(NL80211_IFTYPE_ADHOC) | |
| 2732 | - BIT(NL80211_IFTYPE_MESH_POINT) | |
| 2733 | - BIT(NL80211_IFTYPE_P2P_DEVICE); |
| 2734 | + BIT(NL80211_IFTYPE_MESH_POINT); |
| 2735 | |
| 2736 | hw->flags = IEEE80211_HW_MFP_CAPABLE | |
| 2737 | IEEE80211_HW_SIGNAL_DBM | |
| 2738 | diff --git a/drivers/net/xen-netback/netback.c b/drivers/net/xen-netback/netback.c |
| 2739 | index cd49ba9..8099e9d 100644 |
| 2740 | --- a/drivers/net/xen-netback/netback.c |
| 2741 | +++ b/drivers/net/xen-netback/netback.c |
| 2742 | @@ -47,11 +47,33 @@ |
| 2743 | #include <asm/xen/hypercall.h> |
| 2744 | #include <asm/xen/page.h> |
| 2745 | |
| 2746 | +/* |
| 2747 | + * This is the maximum slots a skb can have. If a guest sends a skb |
| 2748 | + * which exceeds this limit it is considered malicious. |
| 2749 | + */ |
| 2750 | +#define FATAL_SKB_SLOTS_DEFAULT 20 |
| 2751 | +static unsigned int fatal_skb_slots = FATAL_SKB_SLOTS_DEFAULT; |
| 2752 | +module_param(fatal_skb_slots, uint, 0444); |
| 2753 | + |
| 2754 | +/* |
| 2755 | + * To avoid confusion, we define XEN_NETBK_LEGACY_SLOTS_MAX indicating |
| 2756 | + * the maximum slots a valid packet can use. Now this value is defined |
| 2757 | + * to be XEN_NETIF_NR_SLOTS_MIN, which is supposed to be supported by |
| 2758 | + * all backend. |
| 2759 | + */ |
| 2760 | +#define XEN_NETBK_LEGACY_SLOTS_MAX XEN_NETIF_NR_SLOTS_MIN |
| 2761 | + |
| 2762 | +typedef unsigned int pending_ring_idx_t; |
| 2763 | +#define INVALID_PENDING_RING_IDX (~0U) |
| 2764 | + |
| 2765 | struct pending_tx_info { |
| 2766 | - struct xen_netif_tx_request req; |
| 2767 | + struct xen_netif_tx_request req; /* coalesced tx request */ |
| 2768 | struct xenvif *vif; |
| 2769 | + pending_ring_idx_t head; /* head != INVALID_PENDING_RING_IDX |
| 2770 | + * if it is head of one or more tx |
| 2771 | + * reqs |
| 2772 | + */ |
| 2773 | }; |
| 2774 | -typedef unsigned int pending_ring_idx_t; |
| 2775 | |
| 2776 | struct netbk_rx_meta { |
| 2777 | int id; |
| 2778 | @@ -102,7 +124,11 @@ struct xen_netbk { |
| 2779 | atomic_t netfront_count; |
| 2780 | |
| 2781 | struct pending_tx_info pending_tx_info[MAX_PENDING_REQS]; |
| 2782 | - struct gnttab_copy tx_copy_ops[MAX_PENDING_REQS]; |
| 2783 | + /* Coalescing tx requests before copying makes number of grant |
| 2784 | + * copy ops greater or equal to number of slots required. In |
| 2785 | + * worst case a tx request consumes 2 gnttab_copy. |
| 2786 | + */ |
| 2787 | + struct gnttab_copy tx_copy_ops[2*MAX_PENDING_REQS]; |
| 2788 | |
| 2789 | u16 pending_ring[MAX_PENDING_REQS]; |
| 2790 | |
| 2791 | @@ -118,6 +144,16 @@ struct xen_netbk { |
| 2792 | static struct xen_netbk *xen_netbk; |
| 2793 | static int xen_netbk_group_nr; |
| 2794 | |
| 2795 | +/* |
| 2796 | + * If head != INVALID_PENDING_RING_IDX, it means this tx request is head of |
| 2797 | + * one or more merged tx requests, otherwise it is the continuation of |
| 2798 | + * previous tx request. |
| 2799 | + */ |
| 2800 | +static inline int pending_tx_is_head(struct xen_netbk *netbk, RING_IDX idx) |
| 2801 | +{ |
| 2802 | + return netbk->pending_tx_info[idx].head != INVALID_PENDING_RING_IDX; |
| 2803 | +} |
| 2804 | + |
| 2805 | void xen_netbk_add_xenvif(struct xenvif *vif) |
| 2806 | { |
| 2807 | int i; |
| 2808 | @@ -250,6 +286,7 @@ static int max_required_rx_slots(struct xenvif *vif) |
| 2809 | { |
| 2810 | int max = DIV_ROUND_UP(vif->dev->mtu, PAGE_SIZE); |
| 2811 | |
| 2812 | + /* XXX FIXME: RX path dependent on MAX_SKB_FRAGS */ |
| 2813 | if (vif->can_sg || vif->gso || vif->gso_prefix) |
| 2814 | max += MAX_SKB_FRAGS + 1; /* extra_info + frags */ |
| 2815 | |
| 2816 | @@ -657,6 +694,7 @@ static void xen_netbk_rx_action(struct xen_netbk *netbk) |
| 2817 | __skb_queue_tail(&rxq, skb); |
| 2818 | |
| 2819 | /* Filled the batch queue? */ |
| 2820 | + /* XXX FIXME: RX path dependent on MAX_SKB_FRAGS */ |
| 2821 | if (count + MAX_SKB_FRAGS >= XEN_NETIF_RX_RING_SIZE) |
| 2822 | break; |
| 2823 | } |
| 2824 | @@ -902,47 +940,99 @@ static int netbk_count_requests(struct xenvif *vif, |
| 2825 | int work_to_do) |
| 2826 | { |
| 2827 | RING_IDX cons = vif->tx.req_cons; |
| 2828 | - int frags = 0; |
| 2829 | + int slots = 0; |
| 2830 | + int drop_err = 0; |
| 2831 | + int more_data; |
| 2832 | |
| 2833 | if (!(first->flags & XEN_NETTXF_more_data)) |
| 2834 | return 0; |
| 2835 | |
| 2836 | do { |
| 2837 | - if (frags >= work_to_do) { |
| 2838 | - netdev_err(vif->dev, "Need more frags\n"); |
| 2839 | + struct xen_netif_tx_request dropped_tx = { 0 }; |
| 2840 | + |
| 2841 | + if (slots >= work_to_do) { |
| 2842 | + netdev_err(vif->dev, |
| 2843 | + "Asked for %d slots but exceeds this limit\n", |
| 2844 | + work_to_do); |
| 2845 | netbk_fatal_tx_err(vif); |
| 2846 | return -ENODATA; |
| 2847 | } |
| 2848 | |
| 2849 | - if (unlikely(frags >= MAX_SKB_FRAGS)) { |
| 2850 | - netdev_err(vif->dev, "Too many frags\n"); |
| 2851 | + /* This guest is really using too many slots and |
| 2852 | + * considered malicious. |
| 2853 | + */ |
| 2854 | + if (unlikely(slots >= fatal_skb_slots)) { |
| 2855 | + netdev_err(vif->dev, |
| 2856 | + "Malicious frontend using %d slots, threshold %u\n", |
| 2857 | + slots, fatal_skb_slots); |
| 2858 | netbk_fatal_tx_err(vif); |
| 2859 | return -E2BIG; |
| 2860 | } |
| 2861 | |
| 2862 | - memcpy(txp, RING_GET_REQUEST(&vif->tx, cons + frags), |
| 2863 | + /* Xen network protocol had implicit dependency on |
| 2864 | + * MAX_SKB_FRAGS. XEN_NETBK_LEGACY_SLOTS_MAX is set to |
| 2865 | + * the historical MAX_SKB_FRAGS value 18 to honor the |
| 2866 | + * same behavior as before. Any packet using more than |
| 2867 | + * 18 slots but less than fatal_skb_slots slots is |
| 2868 | + * dropped |
| 2869 | + */ |
| 2870 | + if (!drop_err && slots >= XEN_NETBK_LEGACY_SLOTS_MAX) { |
| 2871 | + if (net_ratelimit()) |
| 2872 | + netdev_dbg(vif->dev, |
| 2873 | + "Too many slots (%d) exceeding limit (%d), dropping packet\n", |
| 2874 | + slots, XEN_NETBK_LEGACY_SLOTS_MAX); |
| 2875 | + drop_err = -E2BIG; |
| 2876 | + } |
| 2877 | + |
| 2878 | + if (drop_err) |
| 2879 | + txp = &dropped_tx; |
| 2880 | + |
| 2881 | + memcpy(txp, RING_GET_REQUEST(&vif->tx, cons + slots), |
| 2882 | sizeof(*txp)); |
| 2883 | - if (txp->size > first->size) { |
| 2884 | - netdev_err(vif->dev, "Frag is bigger than frame.\n"); |
| 2885 | - netbk_fatal_tx_err(vif); |
| 2886 | - return -EIO; |
| 2887 | + |
| 2888 | + /* If the guest submitted a frame >= 64 KiB then |
| 2889 | + * first->size overflowed and following slots will |
| 2890 | + * appear to be larger than the frame. |
| 2891 | + * |
| 2892 | + * This cannot be fatal error as there are buggy |
| 2893 | + * frontends that do this. |
| 2894 | + * |
| 2895 | + * Consume all slots and drop the packet. |
| 2896 | + */ |
| 2897 | + if (!drop_err && txp->size > first->size) { |
| 2898 | + if (net_ratelimit()) |
| 2899 | + netdev_dbg(vif->dev, |
| 2900 | + "Invalid tx request, slot size %u > remaining size %u\n", |
| 2901 | + txp->size, first->size); |
| 2902 | + drop_err = -EIO; |
| 2903 | } |
| 2904 | |
| 2905 | first->size -= txp->size; |
| 2906 | - frags++; |
| 2907 | + slots++; |
| 2908 | |
| 2909 | if (unlikely((txp->offset + txp->size) > PAGE_SIZE)) { |
| 2910 | - netdev_err(vif->dev, "txp->offset: %x, size: %u\n", |
| 2911 | + netdev_err(vif->dev, "Cross page boundary, txp->offset: %x, size: %u\n", |
| 2912 | txp->offset, txp->size); |
| 2913 | netbk_fatal_tx_err(vif); |
| 2914 | return -EINVAL; |
| 2915 | } |
| 2916 | - } while ((txp++)->flags & XEN_NETTXF_more_data); |
| 2917 | - return frags; |
| 2918 | + |
| 2919 | + more_data = txp->flags & XEN_NETTXF_more_data; |
| 2920 | + |
| 2921 | + if (!drop_err) |
| 2922 | + txp++; |
| 2923 | + |
| 2924 | + } while (more_data); |
| 2925 | + |
| 2926 | + if (drop_err) { |
| 2927 | + netbk_tx_err(vif, first, cons + slots); |
| 2928 | + return drop_err; |
| 2929 | + } |
| 2930 | + |
| 2931 | + return slots; |
| 2932 | } |
| 2933 | |
| 2934 | static struct page *xen_netbk_alloc_page(struct xen_netbk *netbk, |
| 2935 | - struct sk_buff *skb, |
| 2936 | u16 pending_idx) |
| 2937 | { |
| 2938 | struct page *page; |
| 2939 | @@ -963,48 +1053,114 @@ static struct gnttab_copy *xen_netbk_get_requests(struct xen_netbk *netbk, |
| 2940 | struct skb_shared_info *shinfo = skb_shinfo(skb); |
| 2941 | skb_frag_t *frags = shinfo->frags; |
| 2942 | u16 pending_idx = *((u16 *)skb->data); |
| 2943 | - int i, start; |
| 2944 | + u16 head_idx = 0; |
| 2945 | + int slot, start; |
| 2946 | + struct page *page; |
| 2947 | + pending_ring_idx_t index, start_idx = 0; |
| 2948 | + uint16_t dst_offset; |
| 2949 | + unsigned int nr_slots; |
| 2950 | + struct pending_tx_info *first = NULL; |
| 2951 | + |
| 2952 | + /* At this point shinfo->nr_frags is in fact the number of |
| 2953 | + * slots, which can be as large as XEN_NETBK_LEGACY_SLOTS_MAX. |
| 2954 | + */ |
| 2955 | + nr_slots = shinfo->nr_frags; |
| 2956 | |
| 2957 | /* Skip first skb fragment if it is on same page as header fragment. */ |
| 2958 | start = (frag_get_pending_idx(&shinfo->frags[0]) == pending_idx); |
| 2959 | |
| 2960 | - for (i = start; i < shinfo->nr_frags; i++, txp++) { |
| 2961 | - struct page *page; |
| 2962 | - pending_ring_idx_t index; |
| 2963 | + /* Coalesce tx requests, at this point the packet passed in |
| 2964 | + * should be <= 64K. Any packets larger than 64K have been |
| 2965 | + * handled in netbk_count_requests(). |
| 2966 | + */ |
| 2967 | + for (shinfo->nr_frags = slot = start; slot < nr_slots; |
| 2968 | + shinfo->nr_frags++) { |
| 2969 | struct pending_tx_info *pending_tx_info = |
| 2970 | netbk->pending_tx_info; |
| 2971 | |
| 2972 | - index = pending_index(netbk->pending_cons++); |
| 2973 | - pending_idx = netbk->pending_ring[index]; |
| 2974 | - page = xen_netbk_alloc_page(netbk, skb, pending_idx); |
| 2975 | + page = alloc_page(GFP_KERNEL|__GFP_COLD); |
| 2976 | if (!page) |
| 2977 | goto err; |
| 2978 | |
| 2979 | - gop->source.u.ref = txp->gref; |
| 2980 | - gop->source.domid = vif->domid; |
| 2981 | - gop->source.offset = txp->offset; |
| 2982 | - |
| 2983 | - gop->dest.u.gmfn = virt_to_mfn(page_address(page)); |
| 2984 | - gop->dest.domid = DOMID_SELF; |
| 2985 | - gop->dest.offset = txp->offset; |
| 2986 | - |
| 2987 | - gop->len = txp->size; |
| 2988 | - gop->flags = GNTCOPY_source_gref; |
| 2989 | + dst_offset = 0; |
| 2990 | + first = NULL; |
| 2991 | + while (dst_offset < PAGE_SIZE && slot < nr_slots) { |
| 2992 | + gop->flags = GNTCOPY_source_gref; |
| 2993 | + |
| 2994 | + gop->source.u.ref = txp->gref; |
| 2995 | + gop->source.domid = vif->domid; |
| 2996 | + gop->source.offset = txp->offset; |
| 2997 | + |
| 2998 | + gop->dest.domid = DOMID_SELF; |
| 2999 | + |
| 3000 | + gop->dest.offset = dst_offset; |
| 3001 | + gop->dest.u.gmfn = virt_to_mfn(page_address(page)); |
| 3002 | + |
| 3003 | + if (dst_offset + txp->size > PAGE_SIZE) { |
| 3004 | + /* This page can only merge a portion |
| 3005 | + * of tx request. Do not increment any |
| 3006 | + * pointer / counter here. The txp |
| 3007 | + * will be dealt with in future |
| 3008 | + * rounds, eventually hitting the |
| 3009 | + * `else` branch. |
| 3010 | + */ |
| 3011 | + gop->len = PAGE_SIZE - dst_offset; |
| 3012 | + txp->offset += gop->len; |
| 3013 | + txp->size -= gop->len; |
| 3014 | + dst_offset += gop->len; /* quit loop */ |
| 3015 | + } else { |
| 3016 | + /* This tx request can be merged in the page */ |
| 3017 | + gop->len = txp->size; |
| 3018 | + dst_offset += gop->len; |
| 3019 | + |
| 3020 | + index = pending_index(netbk->pending_cons++); |
| 3021 | + |
| 3022 | + pending_idx = netbk->pending_ring[index]; |
| 3023 | + |
| 3024 | + memcpy(&pending_tx_info[pending_idx].req, txp, |
| 3025 | + sizeof(*txp)); |
| 3026 | + xenvif_get(vif); |
| 3027 | + |
| 3028 | + pending_tx_info[pending_idx].vif = vif; |
| 3029 | + |
| 3030 | + /* Poison these fields, corresponding |
| 3031 | + * fields for head tx req will be set |
| 3032 | + * to correct values after the loop. |
| 3033 | + */ |
| 3034 | + netbk->mmap_pages[pending_idx] = (void *)(~0UL); |
| 3035 | + pending_tx_info[pending_idx].head = |
| 3036 | + INVALID_PENDING_RING_IDX; |
| 3037 | + |
| 3038 | + if (!first) { |
| 3039 | + first = &pending_tx_info[pending_idx]; |
| 3040 | + start_idx = index; |
| 3041 | + head_idx = pending_idx; |
| 3042 | + } |
| 3043 | + |
| 3044 | + txp++; |
| 3045 | + slot++; |
| 3046 | + } |
| 3047 | |
| 3048 | - gop++; |
| 3049 | + gop++; |
| 3050 | + } |
| 3051 | |
| 3052 | - memcpy(&pending_tx_info[pending_idx].req, txp, sizeof(*txp)); |
| 3053 | - xenvif_get(vif); |
| 3054 | - pending_tx_info[pending_idx].vif = vif; |
| 3055 | - frag_set_pending_idx(&frags[i], pending_idx); |
| 3056 | + first->req.offset = 0; |
| 3057 | + first->req.size = dst_offset; |
| 3058 | + first->head = start_idx; |
| 3059 | + set_page_ext(page, netbk, head_idx); |
| 3060 | + netbk->mmap_pages[head_idx] = page; |
| 3061 | + frag_set_pending_idx(&frags[shinfo->nr_frags], head_idx); |
| 3062 | } |
| 3063 | |
| 3064 | + BUG_ON(shinfo->nr_frags > MAX_SKB_FRAGS); |
| 3065 | + |
| 3066 | return gop; |
| 3067 | err: |
| 3068 | /* Unwind, freeing all pages and sending error responses. */ |
| 3069 | - while (i-- > start) { |
| 3070 | - xen_netbk_idx_release(netbk, frag_get_pending_idx(&frags[i]), |
| 3071 | - XEN_NETIF_RSP_ERROR); |
| 3072 | + while (shinfo->nr_frags-- > start) { |
| 3073 | + xen_netbk_idx_release(netbk, |
| 3074 | + frag_get_pending_idx(&frags[shinfo->nr_frags]), |
| 3075 | + XEN_NETIF_RSP_ERROR); |
| 3076 | } |
| 3077 | /* The head too, if necessary. */ |
| 3078 | if (start) |
| 3079 | @@ -1020,8 +1176,10 @@ static int xen_netbk_tx_check_gop(struct xen_netbk *netbk, |
| 3080 | struct gnttab_copy *gop = *gopp; |
| 3081 | u16 pending_idx = *((u16 *)skb->data); |
| 3082 | struct skb_shared_info *shinfo = skb_shinfo(skb); |
| 3083 | + struct pending_tx_info *tx_info; |
| 3084 | int nr_frags = shinfo->nr_frags; |
| 3085 | int i, err, start; |
| 3086 | + u16 peek; /* peek into next tx request */ |
| 3087 | |
| 3088 | /* Check status of header. */ |
| 3089 | err = gop->status; |
| 3090 | @@ -1033,11 +1191,20 @@ static int xen_netbk_tx_check_gop(struct xen_netbk *netbk, |
| 3091 | |
| 3092 | for (i = start; i < nr_frags; i++) { |
| 3093 | int j, newerr; |
| 3094 | + pending_ring_idx_t head; |
| 3095 | |
| 3096 | pending_idx = frag_get_pending_idx(&shinfo->frags[i]); |
| 3097 | + tx_info = &netbk->pending_tx_info[pending_idx]; |
| 3098 | + head = tx_info->head; |
| 3099 | |
| 3100 | /* Check error status: if okay then remember grant handle. */ |
| 3101 | - newerr = (++gop)->status; |
| 3102 | + do { |
| 3103 | + newerr = (++gop)->status; |
| 3104 | + if (newerr) |
| 3105 | + break; |
| 3106 | + peek = netbk->pending_ring[pending_index(++head)]; |
| 3107 | + } while (!pending_tx_is_head(netbk, peek)); |
| 3108 | + |
| 3109 | if (likely(!newerr)) { |
| 3110 | /* Had a previous error? Invalidate this fragment. */ |
| 3111 | if (unlikely(err)) |
| 3112 | @@ -1262,11 +1429,12 @@ static unsigned xen_netbk_tx_build_gops(struct xen_netbk *netbk) |
| 3113 | struct sk_buff *skb; |
| 3114 | int ret; |
| 3115 | |
| 3116 | - while (((nr_pending_reqs(netbk) + MAX_SKB_FRAGS) < MAX_PENDING_REQS) && |
| 3117 | + while ((nr_pending_reqs(netbk) + XEN_NETBK_LEGACY_SLOTS_MAX |
| 3118 | + < MAX_PENDING_REQS) && |
| 3119 | !list_empty(&netbk->net_schedule_list)) { |
| 3120 | struct xenvif *vif; |
| 3121 | struct xen_netif_tx_request txreq; |
| 3122 | - struct xen_netif_tx_request txfrags[MAX_SKB_FRAGS]; |
| 3123 | + struct xen_netif_tx_request txfrags[XEN_NETBK_LEGACY_SLOTS_MAX]; |
| 3124 | struct page *page; |
| 3125 | struct xen_netif_extra_info extras[XEN_NETIF_EXTRA_TYPE_MAX-1]; |
| 3126 | u16 pending_idx; |
| 3127 | @@ -1354,7 +1522,7 @@ static unsigned xen_netbk_tx_build_gops(struct xen_netbk *netbk) |
| 3128 | pending_idx = netbk->pending_ring[index]; |
| 3129 | |
| 3130 | data_len = (txreq.size > PKT_PROT_LEN && |
| 3131 | - ret < MAX_SKB_FRAGS) ? |
| 3132 | + ret < XEN_NETBK_LEGACY_SLOTS_MAX) ? |
| 3133 | PKT_PROT_LEN : txreq.size; |
| 3134 | |
| 3135 | skb = alloc_skb(data_len + NET_SKB_PAD + NET_IP_ALIGN, |
| 3136 | @@ -1381,7 +1549,7 @@ static unsigned xen_netbk_tx_build_gops(struct xen_netbk *netbk) |
| 3137 | } |
| 3138 | |
| 3139 | /* XXX could copy straight to head */ |
| 3140 | - page = xen_netbk_alloc_page(netbk, skb, pending_idx); |
| 3141 | + page = xen_netbk_alloc_page(netbk, pending_idx); |
| 3142 | if (!page) { |
| 3143 | kfree_skb(skb); |
| 3144 | netbk_tx_err(vif, &txreq, idx); |
| 3145 | @@ -1404,6 +1572,7 @@ static unsigned xen_netbk_tx_build_gops(struct xen_netbk *netbk) |
| 3146 | memcpy(&netbk->pending_tx_info[pending_idx].req, |
| 3147 | &txreq, sizeof(txreq)); |
| 3148 | netbk->pending_tx_info[pending_idx].vif = vif; |
| 3149 | + netbk->pending_tx_info[pending_idx].head = index; |
| 3150 | *((u16 *)skb->data) = pending_idx; |
| 3151 | |
| 3152 | __skb_put(skb, data_len); |
| 3153 | @@ -1531,7 +1700,10 @@ static void xen_netbk_idx_release(struct xen_netbk *netbk, u16 pending_idx, |
| 3154 | { |
| 3155 | struct xenvif *vif; |
| 3156 | struct pending_tx_info *pending_tx_info; |
| 3157 | - pending_ring_idx_t index; |
| 3158 | + pending_ring_idx_t head; |
| 3159 | + u16 peek; /* peek into next tx request */ |
| 3160 | + |
| 3161 | + BUG_ON(netbk->mmap_pages[pending_idx] == (void *)(~0UL)); |
| 3162 | |
| 3163 | /* Already complete? */ |
| 3164 | if (netbk->mmap_pages[pending_idx] == NULL) |
| 3165 | @@ -1540,19 +1712,40 @@ static void xen_netbk_idx_release(struct xen_netbk *netbk, u16 pending_idx, |
| 3166 | pending_tx_info = &netbk->pending_tx_info[pending_idx]; |
| 3167 | |
| 3168 | vif = pending_tx_info->vif; |
| 3169 | + head = pending_tx_info->head; |
| 3170 | + |
| 3171 | + BUG_ON(!pending_tx_is_head(netbk, head)); |
| 3172 | + BUG_ON(netbk->pending_ring[pending_index(head)] != pending_idx); |
| 3173 | |
| 3174 | - make_tx_response(vif, &pending_tx_info->req, status); |
| 3175 | + do { |
| 3176 | + pending_ring_idx_t index; |
| 3177 | + pending_ring_idx_t idx = pending_index(head); |
| 3178 | + u16 info_idx = netbk->pending_ring[idx]; |
| 3179 | |
| 3180 | - index = pending_index(netbk->pending_prod++); |
| 3181 | - netbk->pending_ring[index] = pending_idx; |
| 3182 | + pending_tx_info = &netbk->pending_tx_info[info_idx]; |
| 3183 | + make_tx_response(vif, &pending_tx_info->req, status); |
| 3184 | |
| 3185 | - xenvif_put(vif); |
| 3186 | + /* Setting any number other than |
| 3187 | + * INVALID_PENDING_RING_IDX indicates this slot is |
| 3188 | + * starting a new packet / ending a previous packet. |
| 3189 | + */ |
| 3190 | + pending_tx_info->head = 0; |
| 3191 | + |
| 3192 | + index = pending_index(netbk->pending_prod++); |
| 3193 | + netbk->pending_ring[index] = netbk->pending_ring[info_idx]; |
| 3194 | + |
| 3195 | + xenvif_put(vif); |
| 3196 | + |
| 3197 | + peek = netbk->pending_ring[pending_index(++head)]; |
| 3198 | + |
| 3199 | + } while (!pending_tx_is_head(netbk, peek)); |
| 3200 | |
| 3201 | netbk->mmap_pages[pending_idx]->mapping = 0; |
| 3202 | put_page(netbk->mmap_pages[pending_idx]); |
| 3203 | netbk->mmap_pages[pending_idx] = NULL; |
| 3204 | } |
| 3205 | |
| 3206 | + |
| 3207 | static void make_tx_response(struct xenvif *vif, |
| 3208 | struct xen_netif_tx_request *txp, |
| 3209 | s8 st) |
| 3210 | @@ -1605,8 +1798,9 @@ static inline int rx_work_todo(struct xen_netbk *netbk) |
| 3211 | static inline int tx_work_todo(struct xen_netbk *netbk) |
| 3212 | { |
| 3213 | |
| 3214 | - if (((nr_pending_reqs(netbk) + MAX_SKB_FRAGS) < MAX_PENDING_REQS) && |
| 3215 | - !list_empty(&netbk->net_schedule_list)) |
| 3216 | + if ((nr_pending_reqs(netbk) + XEN_NETBK_LEGACY_SLOTS_MAX |
| 3217 | + < MAX_PENDING_REQS) && |
| 3218 | + !list_empty(&netbk->net_schedule_list)) |
| 3219 | return 1; |
| 3220 | |
| 3221 | return 0; |
| 3222 | @@ -1689,6 +1883,13 @@ static int __init netback_init(void) |
| 3223 | if (!xen_domain()) |
| 3224 | return -ENODEV; |
| 3225 | |
| 3226 | + if (fatal_skb_slots < XEN_NETBK_LEGACY_SLOTS_MAX) { |
| 3227 | + printk(KERN_INFO |
| 3228 | + "xen-netback: fatal_skb_slots too small (%d), bump it to XEN_NETBK_LEGACY_SLOTS_MAX (%d)\n", |
| 3229 | + fatal_skb_slots, XEN_NETBK_LEGACY_SLOTS_MAX); |
| 3230 | + fatal_skb_slots = XEN_NETBK_LEGACY_SLOTS_MAX; |
| 3231 | + } |
| 3232 | + |
| 3233 | xen_netbk_group_nr = num_online_cpus(); |
| 3234 | xen_netbk = vzalloc(sizeof(struct xen_netbk) * xen_netbk_group_nr); |
| 3235 | if (!xen_netbk) |
| 3236 | diff --git a/drivers/net/xen-netfront.c b/drivers/net/xen-netfront.c |
| 3237 | index 7ffa43b..1f57423 100644 |
| 3238 | --- a/drivers/net/xen-netfront.c |
| 3239 | +++ b/drivers/net/xen-netfront.c |
| 3240 | @@ -36,7 +36,7 @@ |
| 3241 | #include <linux/skbuff.h> |
| 3242 | #include <linux/ethtool.h> |
| 3243 | #include <linux/if_ether.h> |
| 3244 | -#include <linux/tcp.h> |
| 3245 | +#include <net/tcp.h> |
| 3246 | #include <linux/udp.h> |
| 3247 | #include <linux/moduleparam.h> |
| 3248 | #include <linux/mm.h> |
| 3249 | @@ -548,6 +548,16 @@ static int xennet_start_xmit(struct sk_buff *skb, struct net_device *dev) |
| 3250 | unsigned int len = skb_headlen(skb); |
| 3251 | unsigned long flags; |
| 3252 | |
| 3253 | + /* If skb->len is too big for wire format, drop skb and alert |
| 3254 | + * user about misconfiguration. |
| 3255 | + */ |
| 3256 | + if (unlikely(skb->len > XEN_NETIF_MAX_TX_SIZE)) { |
| 3257 | + net_alert_ratelimited( |
| 3258 | + "xennet: skb->len = %u, too big for wire format\n", |
| 3259 | + skb->len); |
| 3260 | + goto drop; |
| 3261 | + } |
| 3262 | + |
| 3263 | slots = DIV_ROUND_UP(offset + len, PAGE_SIZE) + |
| 3264 | xennet_count_skb_frag_slots(skb); |
| 3265 | if (unlikely(slots > MAX_SKB_FRAGS + 1)) { |
| 3266 | @@ -1064,7 +1074,8 @@ err: |
| 3267 | |
| 3268 | static int xennet_change_mtu(struct net_device *dev, int mtu) |
| 3269 | { |
| 3270 | - int max = xennet_can_sg(dev) ? 65535 - ETH_HLEN : ETH_DATA_LEN; |
| 3271 | + int max = xennet_can_sg(dev) ? |
| 3272 | + XEN_NETIF_MAX_TX_SIZE - MAX_TCP_HEADER : ETH_DATA_LEN; |
| 3273 | |
| 3274 | if (mtu > max) |
| 3275 | return -EINVAL; |
| 3276 | @@ -1368,6 +1379,8 @@ static struct net_device *xennet_create_dev(struct xenbus_device *dev) |
| 3277 | SET_ETHTOOL_OPS(netdev, &xennet_ethtool_ops); |
| 3278 | SET_NETDEV_DEV(netdev, &dev->dev); |
| 3279 | |
| 3280 | + netif_set_gso_max_size(netdev, XEN_NETIF_MAX_TX_SIZE - MAX_TCP_HEADER); |
| 3281 | + |
| 3282 | np->netdev = netdev; |
| 3283 | |
| 3284 | netif_carrier_off(netdev); |
| 3285 | diff --git a/drivers/rapidio/devices/tsi721.c b/drivers/rapidio/devices/tsi721.c |
| 3286 | index 6faba40..a8b2c23 100644 |
| 3287 | --- a/drivers/rapidio/devices/tsi721.c |
| 3288 | +++ b/drivers/rapidio/devices/tsi721.c |
| 3289 | @@ -471,6 +471,10 @@ static irqreturn_t tsi721_irqhandler(int irq, void *ptr) |
| 3290 | u32 intval; |
| 3291 | u32 ch_inte; |
| 3292 | |
| 3293 | + /* For MSI mode disable all device-level interrupts */ |
| 3294 | + if (priv->flags & TSI721_USING_MSI) |
| 3295 | + iowrite32(0, priv->regs + TSI721_DEV_INTE); |
| 3296 | + |
| 3297 | dev_int = ioread32(priv->regs + TSI721_DEV_INT); |
| 3298 | if (!dev_int) |
| 3299 | return IRQ_NONE; |
| 3300 | @@ -560,6 +564,14 @@ static irqreturn_t tsi721_irqhandler(int irq, void *ptr) |
| 3301 | } |
| 3302 | } |
| 3303 | #endif |
| 3304 | + |
| 3305 | + /* For MSI mode re-enable device-level interrupts */ |
| 3306 | + if (priv->flags & TSI721_USING_MSI) { |
| 3307 | + dev_int = TSI721_DEV_INT_SR2PC_CH | TSI721_DEV_INT_SRIO | |
| 3308 | + TSI721_DEV_INT_SMSG_CH | TSI721_DEV_INT_BDMA_CH; |
| 3309 | + iowrite32(dev_int, priv->regs + TSI721_DEV_INTE); |
| 3310 | + } |
| 3311 | + |
| 3312 | return IRQ_HANDLED; |
| 3313 | } |
| 3314 | |
| 3315 | diff --git a/drivers/regulator/palmas-regulator.c b/drivers/regulator/palmas-regulator.c |
| 3316 | index 39cf146..149fad4 100644 |
| 3317 | --- a/drivers/regulator/palmas-regulator.c |
| 3318 | +++ b/drivers/regulator/palmas-regulator.c |
| 3319 | @@ -677,7 +677,7 @@ static int palmas_probe(struct platform_device *pdev) |
| 3320 | pmic->desc[id].vsel_mask = SMPS10_VSEL; |
| 3321 | pmic->desc[id].enable_reg = |
| 3322 | PALMAS_BASE_TO_REG(PALMAS_SMPS_BASE, |
| 3323 | - PALMAS_SMPS10_STATUS); |
| 3324 | + PALMAS_SMPS10_CTRL); |
| 3325 | pmic->desc[id].enable_mask = SMPS10_BOOST_EN; |
| 3326 | pmic->desc[id].min_uV = 3750000; |
| 3327 | pmic->desc[id].uV_step = 1250000; |
| 3328 | diff --git a/drivers/scsi/ipr.c b/drivers/scsi/ipr.c |
| 3329 | index 2197b57..7e64546 100644 |
| 3330 | --- a/drivers/scsi/ipr.c |
| 3331 | +++ b/drivers/scsi/ipr.c |
| 3332 | @@ -4777,7 +4777,7 @@ static int ipr_eh_host_reset(struct scsi_cmnd *cmd) |
| 3333 | ioa_cfg = (struct ipr_ioa_cfg *) cmd->device->host->hostdata; |
| 3334 | spin_lock_irqsave(ioa_cfg->host->host_lock, lock_flags); |
| 3335 | |
| 3336 | - if (!ioa_cfg->in_reset_reload) { |
| 3337 | + if (!ioa_cfg->in_reset_reload && !ioa_cfg->hrrq[IPR_INIT_HRRQ].ioa_is_dead) { |
| 3338 | ipr_initiate_ioa_reset(ioa_cfg, IPR_SHUTDOWN_ABBREV); |
| 3339 | dev_err(&ioa_cfg->pdev->dev, |
| 3340 | "Adapter being reset as a result of error recovery.\n"); |
| 3341 | @@ -6739,6 +6739,7 @@ static int ipr_invalid_adapter(struct ipr_ioa_cfg *ioa_cfg) |
| 3342 | static int ipr_ioa_bringdown_done(struct ipr_cmnd *ipr_cmd) |
| 3343 | { |
| 3344 | struct ipr_ioa_cfg *ioa_cfg = ipr_cmd->ioa_cfg; |
| 3345 | + int i; |
| 3346 | |
| 3347 | ENTER; |
| 3348 | if (!ioa_cfg->hrrq[IPR_INIT_HRRQ].removing_ioa) { |
| 3349 | @@ -6750,6 +6751,13 @@ static int ipr_ioa_bringdown_done(struct ipr_cmnd *ipr_cmd) |
| 3350 | |
| 3351 | ioa_cfg->in_reset_reload = 0; |
| 3352 | ioa_cfg->reset_retries = 0; |
| 3353 | + for (i = 0; i < ioa_cfg->hrrq_num; i++) { |
| 3354 | + spin_lock(&ioa_cfg->hrrq[i]._lock); |
| 3355 | + ioa_cfg->hrrq[i].ioa_is_dead = 1; |
| 3356 | + spin_unlock(&ioa_cfg->hrrq[i]._lock); |
| 3357 | + } |
| 3358 | + wmb(); |
| 3359 | + |
| 3360 | list_add_tail(&ipr_cmd->queue, &ipr_cmd->hrrq->hrrq_free_q); |
| 3361 | wake_up_all(&ioa_cfg->reset_wait_q); |
| 3362 | LEAVE; |
| 3363 | @@ -8651,7 +8659,7 @@ static void ipr_pci_perm_failure(struct pci_dev *pdev) |
| 3364 | spin_lock_irqsave(ioa_cfg->host->host_lock, flags); |
| 3365 | if (ioa_cfg->sdt_state == WAIT_FOR_DUMP) |
| 3366 | ioa_cfg->sdt_state = ABORT_DUMP; |
| 3367 | - ioa_cfg->reset_retries = IPR_NUM_RESET_RELOAD_RETRIES; |
| 3368 | + ioa_cfg->reset_retries = IPR_NUM_RESET_RELOAD_RETRIES - 1; |
| 3369 | ioa_cfg->in_ioa_bringdown = 1; |
| 3370 | for (i = 0; i < ioa_cfg->hrrq_num; i++) { |
| 3371 | spin_lock(&ioa_cfg->hrrq[i]._lock); |
| 3372 | diff --git a/drivers/staging/vt6656/hostap.c b/drivers/staging/vt6656/hostap.c |
| 3373 | index bc5e9da..a94e66f 100644 |
| 3374 | --- a/drivers/staging/vt6656/hostap.c |
| 3375 | +++ b/drivers/staging/vt6656/hostap.c |
| 3376 | @@ -133,7 +133,7 @@ static int hostap_disable_hostapd(struct vnt_private *pDevice, int rtnl_locked) |
| 3377 | DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO "%s: Netdevice %s unregistered\n", |
| 3378 | pDevice->dev->name, pDevice->apdev->name); |
| 3379 | } |
| 3380 | - kfree(pDevice->apdev); |
| 3381 | + free_netdev(pDevice->apdev); |
| 3382 | pDevice->apdev = NULL; |
| 3383 | pDevice->bEnable8021x = false; |
| 3384 | pDevice->bEnableHostWEP = false; |
| 3385 | diff --git a/drivers/staging/vt6656/iwctl.c b/drivers/staging/vt6656/iwctl.c |
| 3386 | index 69971f3..60b50d0 100644 |
| 3387 | --- a/drivers/staging/vt6656/iwctl.c |
| 3388 | +++ b/drivers/staging/vt6656/iwctl.c |
| 3389 | @@ -1348,9 +1348,12 @@ int iwctl_siwpower(struct net_device *dev, struct iw_request_info *info, |
| 3390 | return rc; |
| 3391 | } |
| 3392 | |
| 3393 | + spin_lock_irq(&pDevice->lock); |
| 3394 | + |
| 3395 | if (wrq->disabled) { |
| 3396 | pDevice->ePSMode = WMAC_POWER_CAM; |
| 3397 | PSvDisablePowerSaving(pDevice); |
| 3398 | + spin_unlock_irq(&pDevice->lock); |
| 3399 | return rc; |
| 3400 | } |
| 3401 | if ((wrq->flags & IW_POWER_TYPE) == IW_POWER_TIMEOUT) { |
| 3402 | @@ -1361,6 +1364,9 @@ int iwctl_siwpower(struct net_device *dev, struct iw_request_info *info, |
| 3403 | pDevice->ePSMode = WMAC_POWER_FAST; |
| 3404 | PSvEnablePowerSaving((void *)pDevice, pMgmt->wListenInterval); |
| 3405 | } |
| 3406 | + |
| 3407 | + spin_unlock_irq(&pDevice->lock); |
| 3408 | + |
| 3409 | switch (wrq->flags & IW_POWER_MODE) { |
| 3410 | case IW_POWER_UNICAST_R: |
| 3411 | DBG_PRT(MSG_LEVEL_DEBUG, KERN_INFO " SIOCSIWPOWER: IW_POWER_UNICAST_R \n"); |
| 3412 | diff --git a/drivers/target/iscsi/iscsi_target_parameters.c b/drivers/target/iscsi/iscsi_target_parameters.c |
| 3413 | index ca2be40..93ae910 100644 |
| 3414 | --- a/drivers/target/iscsi/iscsi_target_parameters.c |
| 3415 | +++ b/drivers/target/iscsi/iscsi_target_parameters.c |
| 3416 | @@ -712,9 +712,9 @@ static int iscsi_add_notunderstood_response( |
| 3417 | } |
| 3418 | INIT_LIST_HEAD(&extra_response->er_list); |
| 3419 | |
| 3420 | - strncpy(extra_response->key, key, strlen(key) + 1); |
| 3421 | - strncpy(extra_response->value, NOTUNDERSTOOD, |
| 3422 | - strlen(NOTUNDERSTOOD) + 1); |
| 3423 | + strlcpy(extra_response->key, key, sizeof(extra_response->key)); |
| 3424 | + strlcpy(extra_response->value, NOTUNDERSTOOD, |
| 3425 | + sizeof(extra_response->value)); |
| 3426 | |
| 3427 | list_add_tail(&extra_response->er_list, |
| 3428 | ¶m_list->extra_response_list); |
| 3429 | @@ -1583,8 +1583,6 @@ int iscsi_decode_text_input( |
| 3430 | |
| 3431 | if (phase & PHASE_SECURITY) { |
| 3432 | if (iscsi_check_for_auth_key(key) > 0) { |
| 3433 | - char *tmpptr = key + strlen(key); |
| 3434 | - *tmpptr = '='; |
| 3435 | kfree(tmpbuf); |
| 3436 | return 1; |
| 3437 | } |
| 3438 | diff --git a/drivers/target/iscsi/iscsi_target_parameters.h b/drivers/target/iscsi/iscsi_target_parameters.h |
| 3439 | index 1e1b750..2c536a0 100644 |
| 3440 | --- a/drivers/target/iscsi/iscsi_target_parameters.h |
| 3441 | +++ b/drivers/target/iscsi/iscsi_target_parameters.h |
| 3442 | @@ -1,8 +1,10 @@ |
| 3443 | #ifndef ISCSI_PARAMETERS_H |
| 3444 | #define ISCSI_PARAMETERS_H |
| 3445 | |
| 3446 | +#include <scsi/iscsi_proto.h> |
| 3447 | + |
| 3448 | struct iscsi_extra_response { |
| 3449 | - char key[64]; |
| 3450 | + char key[KEY_MAXLEN]; |
| 3451 | char value[32]; |
| 3452 | struct list_head er_list; |
| 3453 | } ____cacheline_aligned; |
| 3454 | diff --git a/drivers/target/target_core_file.c b/drivers/target/target_core_file.c |
| 3455 | index ca4b219..12191d8 100644 |
| 3456 | --- a/drivers/target/target_core_file.c |
| 3457 | +++ b/drivers/target/target_core_file.c |
| 3458 | @@ -150,6 +150,7 @@ static int fd_configure_device(struct se_device *dev) |
| 3459 | if (S_ISBLK(inode->i_mode)) { |
| 3460 | unsigned long long dev_size; |
| 3461 | |
| 3462 | + fd_dev->fd_block_size = bdev_logical_block_size(inode->i_bdev); |
| 3463 | /* |
| 3464 | * Determine the number of bytes from i_size_read() minus |
| 3465 | * one (1) logical sector from underlying struct block_device |
| 3466 | @@ -168,11 +169,11 @@ static int fd_configure_device(struct se_device *dev) |
| 3467 | " block_device\n"); |
| 3468 | goto fail; |
| 3469 | } |
| 3470 | - } |
| 3471 | |
| 3472 | - fd_dev->fd_block_size = dev->dev_attrib.hw_block_size; |
| 3473 | + fd_dev->fd_block_size = FD_BLOCKSIZE; |
| 3474 | + } |
| 3475 | |
| 3476 | - dev->dev_attrib.hw_block_size = FD_BLOCKSIZE; |
| 3477 | + dev->dev_attrib.hw_block_size = fd_dev->fd_block_size; |
| 3478 | dev->dev_attrib.hw_max_sectors = FD_MAX_SECTORS; |
| 3479 | dev->dev_attrib.hw_queue_depth = FD_MAX_DEVICE_QUEUE_DEPTH; |
| 3480 | |
| 3481 | @@ -583,11 +584,12 @@ static sector_t fd_get_blocks(struct se_device *dev) |
| 3482 | * to handle underlying block_device resize operations. |
| 3483 | */ |
| 3484 | if (S_ISBLK(i->i_mode)) |
| 3485 | - dev_size = (i_size_read(i) - fd_dev->fd_block_size); |
| 3486 | + dev_size = i_size_read(i); |
| 3487 | else |
| 3488 | dev_size = fd_dev->fd_dev_size; |
| 3489 | |
| 3490 | - return div_u64(dev_size, dev->dev_attrib.block_size); |
| 3491 | + return div_u64(dev_size - dev->dev_attrib.block_size, |
| 3492 | + dev->dev_attrib.block_size); |
| 3493 | } |
| 3494 | |
| 3495 | static struct sbc_ops fd_sbc_ops = { |
| 3496 | diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c |
| 3497 | index 0d46276..fc9a5a0 100644 |
| 3498 | --- a/drivers/target/target_core_transport.c |
| 3499 | +++ b/drivers/target/target_core_transport.c |
| 3500 | @@ -222,6 +222,7 @@ struct se_session *transport_init_session(void) |
| 3501 | INIT_LIST_HEAD(&se_sess->sess_list); |
| 3502 | INIT_LIST_HEAD(&se_sess->sess_acl_list); |
| 3503 | INIT_LIST_HEAD(&se_sess->sess_cmd_list); |
| 3504 | + INIT_LIST_HEAD(&se_sess->sess_wait_list); |
| 3505 | spin_lock_init(&se_sess->sess_cmd_lock); |
| 3506 | kref_init(&se_sess->sess_kref); |
| 3507 | |
| 3508 | @@ -2252,11 +2253,14 @@ void target_sess_cmd_list_set_waiting(struct se_session *se_sess) |
| 3509 | unsigned long flags; |
| 3510 | |
| 3511 | spin_lock_irqsave(&se_sess->sess_cmd_lock, flags); |
| 3512 | - |
| 3513 | - WARN_ON(se_sess->sess_tearing_down); |
| 3514 | + if (se_sess->sess_tearing_down) { |
| 3515 | + spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); |
| 3516 | + return; |
| 3517 | + } |
| 3518 | se_sess->sess_tearing_down = 1; |
| 3519 | + list_splice_init(&se_sess->sess_cmd_list, &se_sess->sess_wait_list); |
| 3520 | |
| 3521 | - list_for_each_entry(se_cmd, &se_sess->sess_cmd_list, se_cmd_list) |
| 3522 | + list_for_each_entry(se_cmd, &se_sess->sess_wait_list, se_cmd_list) |
| 3523 | se_cmd->cmd_wait_set = 1; |
| 3524 | |
| 3525 | spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); |
| 3526 | @@ -2273,9 +2277,10 @@ void target_wait_for_sess_cmds( |
| 3527 | { |
| 3528 | struct se_cmd *se_cmd, *tmp_cmd; |
| 3529 | bool rc = false; |
| 3530 | + unsigned long flags; |
| 3531 | |
| 3532 | list_for_each_entry_safe(se_cmd, tmp_cmd, |
| 3533 | - &se_sess->sess_cmd_list, se_cmd_list) { |
| 3534 | + &se_sess->sess_wait_list, se_cmd_list) { |
| 3535 | list_del(&se_cmd->se_cmd_list); |
| 3536 | |
| 3537 | pr_debug("Waiting for se_cmd: %p t_state: %d, fabric state:" |
| 3538 | @@ -2303,6 +2308,11 @@ void target_wait_for_sess_cmds( |
| 3539 | |
| 3540 | se_cmd->se_tfo->release_cmd(se_cmd); |
| 3541 | } |
| 3542 | + |
| 3543 | + spin_lock_irqsave(&se_sess->sess_cmd_lock, flags); |
| 3544 | + WARN_ON(!list_empty(&se_sess->sess_cmd_list)); |
| 3545 | + spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); |
| 3546 | + |
| 3547 | } |
| 3548 | EXPORT_SYMBOL(target_wait_for_sess_cmds); |
| 3549 | |
| 3550 | diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c |
| 3551 | index 05e72be..1f8cba6 100644 |
| 3552 | --- a/drivers/tty/n_tty.c |
| 3553 | +++ b/drivers/tty/n_tty.c |
| 3554 | @@ -1588,6 +1588,14 @@ static void n_tty_set_termios(struct tty_struct *tty, struct ktermios *old) |
| 3555 | ldata->real_raw = 0; |
| 3556 | } |
| 3557 | n_tty_set_room(tty); |
| 3558 | + /* |
| 3559 | + * Fix tty hang when I_IXON(tty) is cleared, but the tty |
| 3560 | + * been stopped by STOP_CHAR(tty) before it. |
| 3561 | + */ |
| 3562 | + if (!I_IXON(tty) && old && (old->c_iflag & IXON) && !tty->flow_stopped) { |
| 3563 | + start_tty(tty); |
| 3564 | + } |
| 3565 | + |
| 3566 | /* The termios change make the tty ready for I/O */ |
| 3567 | wake_up_interruptible(&tty->write_wait); |
| 3568 | wake_up_interruptible(&tty->read_wait); |
| 3569 | diff --git a/drivers/usb/atm/cxacru.c b/drivers/usb/atm/cxacru.c |
| 3570 | index b7eb86a..8a7eb77 100644 |
| 3571 | --- a/drivers/usb/atm/cxacru.c |
| 3572 | +++ b/drivers/usb/atm/cxacru.c |
| 3573 | @@ -686,7 +686,8 @@ static int cxacru_cm_get_array(struct cxacru_data *instance, enum cxacru_cm_requ |
| 3574 | { |
| 3575 | int ret, len; |
| 3576 | __le32 *buf; |
| 3577 | - int offb, offd; |
| 3578 | + int offb; |
| 3579 | + unsigned int offd; |
| 3580 | const int stride = CMD_PACKET_SIZE / (4 * 2) - 1; |
| 3581 | int buflen = ((size - 1) / stride + 1 + size * 2) * 4; |
| 3582 | |
| 3583 | diff --git a/drivers/usb/chipidea/Kconfig b/drivers/usb/chipidea/Kconfig |
| 3584 | index 608a2ae..b2df442 100644 |
| 3585 | --- a/drivers/usb/chipidea/Kconfig |
| 3586 | +++ b/drivers/usb/chipidea/Kconfig |
| 3587 | @@ -20,7 +20,7 @@ config USB_CHIPIDEA_UDC |
| 3588 | config USB_CHIPIDEA_HOST |
| 3589 | bool "ChipIdea host controller" |
| 3590 | depends on USB=y || USB=USB_CHIPIDEA |
| 3591 | - depends on USB_EHCI_HCD |
| 3592 | + depends on USB_EHCI_HCD=y |
| 3593 | select USB_EHCI_ROOT_HUB_TT |
| 3594 | help |
| 3595 | Say Y here to enable host controller functionality of the |
| 3596 | diff --git a/drivers/usb/core/quirks.c b/drivers/usb/core/quirks.c |
| 3597 | index 3113c1d..e14346a 100644 |
| 3598 | --- a/drivers/usb/core/quirks.c |
| 3599 | +++ b/drivers/usb/core/quirks.c |
| 3600 | @@ -88,6 +88,9 @@ static const struct usb_device_id usb_quirk_list[] = { |
| 3601 | /* Edirol SD-20 */ |
| 3602 | { USB_DEVICE(0x0582, 0x0027), .driver_info = USB_QUIRK_RESET_RESUME }, |
| 3603 | |
| 3604 | + /* Alcor Micro Corp. Hub */ |
| 3605 | + { USB_DEVICE(0x058f, 0x9254), .driver_info = USB_QUIRK_RESET_RESUME }, |
| 3606 | + |
| 3607 | /* appletouch */ |
| 3608 | { USB_DEVICE(0x05ac, 0x021a), .driver_info = USB_QUIRK_RESET_RESUME }, |
| 3609 | |
| 3610 | diff --git a/drivers/usb/host/ohci-hcd.c b/drivers/usb/host/ohci-hcd.c |
| 3611 | index 180a2b0..007137f 100644 |
| 3612 | --- a/drivers/usb/host/ohci-hcd.c |
| 3613 | +++ b/drivers/usb/host/ohci-hcd.c |
| 3614 | @@ -233,14 +233,14 @@ static int ohci_urb_enqueue ( |
| 3615 | urb->start_frame = frame; |
| 3616 | } |
| 3617 | } else if (ed->type == PIPE_ISOCHRONOUS) { |
| 3618 | - u16 next = ohci_frame_no(ohci) + 2; |
| 3619 | + u16 next = ohci_frame_no(ohci) + 1; |
| 3620 | u16 frame = ed->last_iso + ed->interval; |
| 3621 | |
| 3622 | /* Behind the scheduling threshold? */ |
| 3623 | if (unlikely(tick_before(frame, next))) { |
| 3624 | |
| 3625 | /* USB_ISO_ASAP: Round up to the first available slot */ |
| 3626 | - if (urb->transfer_flags & URB_ISO_ASAP) |
| 3627 | + if (urb->transfer_flags & URB_ISO_ASAP) { |
| 3628 | frame += (next - frame + ed->interval - 1) & |
| 3629 | -ed->interval; |
| 3630 | |
| 3631 | @@ -248,21 +248,25 @@ static int ohci_urb_enqueue ( |
| 3632 | * Not ASAP: Use the next slot in the stream. If |
| 3633 | * the entire URB falls before the threshold, fail. |
| 3634 | */ |
| 3635 | - else if (tick_before(frame + ed->interval * |
| 3636 | + } else { |
| 3637 | + if (tick_before(frame + ed->interval * |
| 3638 | (urb->number_of_packets - 1), next)) { |
| 3639 | - retval = -EXDEV; |
| 3640 | - usb_hcd_unlink_urb_from_ep(hcd, urb); |
| 3641 | - goto fail; |
| 3642 | - } |
| 3643 | + retval = -EXDEV; |
| 3644 | + usb_hcd_unlink_urb_from_ep(hcd, urb); |
| 3645 | + goto fail; |
| 3646 | + } |
| 3647 | |
| 3648 | - /* |
| 3649 | - * Some OHCI hardware doesn't handle late TDs |
| 3650 | - * correctly. After retiring them it proceeds to |
| 3651 | - * the next ED instead of the next TD. Therefore |
| 3652 | - * we have to omit the late TDs entirely. |
| 3653 | - */ |
| 3654 | - urb_priv->td_cnt = DIV_ROUND_UP(next - frame, |
| 3655 | - ed->interval); |
| 3656 | + /* |
| 3657 | + * Some OHCI hardware doesn't handle late TDs |
| 3658 | + * correctly. After retiring them it proceeds |
| 3659 | + * to the next ED instead of the next TD. |
| 3660 | + * Therefore we have to omit the late TDs |
| 3661 | + * entirely. |
| 3662 | + */ |
| 3663 | + urb_priv->td_cnt = DIV_ROUND_UP( |
| 3664 | + (u16) (next - frame), |
| 3665 | + ed->interval); |
| 3666 | + } |
| 3667 | } |
| 3668 | urb->start_frame = frame; |
| 3669 | } |
| 3670 | diff --git a/drivers/usb/host/uhci-hub.c b/drivers/usb/host/uhci-hub.c |
| 3671 | index f87bee6..9189bc9 100644 |
| 3672 | --- a/drivers/usb/host/uhci-hub.c |
| 3673 | +++ b/drivers/usb/host/uhci-hub.c |
| 3674 | @@ -225,7 +225,8 @@ static int uhci_hub_status_data(struct usb_hcd *hcd, char *buf) |
| 3675 | /* auto-stop if nothing connected for 1 second */ |
| 3676 | if (any_ports_active(uhci)) |
| 3677 | uhci->rh_state = UHCI_RH_RUNNING; |
| 3678 | - else if (time_after_eq(jiffies, uhci->auto_stop_time)) |
| 3679 | + else if (time_after_eq(jiffies, uhci->auto_stop_time) && |
| 3680 | + !uhci->wait_for_hp) |
| 3681 | suspend_rh(uhci, UHCI_RH_AUTO_STOPPED); |
| 3682 | break; |
| 3683 | |
| 3684 | diff --git a/drivers/usb/host/uhci-q.c b/drivers/usb/host/uhci-q.c |
| 3685 | index f0976d8..041c6dd 100644 |
| 3686 | --- a/drivers/usb/host/uhci-q.c |
| 3687 | +++ b/drivers/usb/host/uhci-q.c |
| 3688 | @@ -1287,7 +1287,7 @@ static int uhci_submit_isochronous(struct uhci_hcd *uhci, struct urb *urb, |
| 3689 | return -EINVAL; /* Can't change the period */ |
| 3690 | |
| 3691 | } else { |
| 3692 | - next = uhci->frame_number + 2; |
| 3693 | + next = uhci->frame_number + 1; |
| 3694 | |
| 3695 | /* Find the next unused frame */ |
| 3696 | if (list_empty(&qh->queue)) { |
| 3697 | diff --git a/drivers/usb/host/xhci-mem.c b/drivers/usb/host/xhci-mem.c |
| 3698 | index 6dc238c..fd26470e428 100644 |
| 3699 | --- a/drivers/usb/host/xhci-mem.c |
| 3700 | +++ b/drivers/usb/host/xhci-mem.c |
| 3701 | @@ -1423,15 +1423,17 @@ int xhci_endpoint_init(struct xhci_hcd *xhci, |
| 3702 | ep_ctx->ep_info2 |= cpu_to_le32(xhci_get_endpoint_type(udev, ep)); |
| 3703 | |
| 3704 | /* Set the max packet size and max burst */ |
| 3705 | + max_packet = GET_MAX_PACKET(usb_endpoint_maxp(&ep->desc)); |
| 3706 | + max_burst = 0; |
| 3707 | switch (udev->speed) { |
| 3708 | case USB_SPEED_SUPER: |
| 3709 | - max_packet = usb_endpoint_maxp(&ep->desc); |
| 3710 | - ep_ctx->ep_info2 |= cpu_to_le32(MAX_PACKET(max_packet)); |
| 3711 | /* dig out max burst from ep companion desc */ |
| 3712 | - max_packet = ep->ss_ep_comp.bMaxBurst; |
| 3713 | - ep_ctx->ep_info2 |= cpu_to_le32(MAX_BURST(max_packet)); |
| 3714 | + max_burst = ep->ss_ep_comp.bMaxBurst; |
| 3715 | break; |
| 3716 | case USB_SPEED_HIGH: |
| 3717 | + /* Some devices get this wrong */ |
| 3718 | + if (usb_endpoint_xfer_bulk(&ep->desc)) |
| 3719 | + max_packet = 512; |
| 3720 | /* bits 11:12 specify the number of additional transaction |
| 3721 | * opportunities per microframe (USB 2.0, section 9.6.6) |
| 3722 | */ |
| 3723 | @@ -1439,17 +1441,16 @@ int xhci_endpoint_init(struct xhci_hcd *xhci, |
| 3724 | usb_endpoint_xfer_int(&ep->desc)) { |
| 3725 | max_burst = (usb_endpoint_maxp(&ep->desc) |
| 3726 | & 0x1800) >> 11; |
| 3727 | - ep_ctx->ep_info2 |= cpu_to_le32(MAX_BURST(max_burst)); |
| 3728 | } |
| 3729 | - /* Fall through */ |
| 3730 | + break; |
| 3731 | case USB_SPEED_FULL: |
| 3732 | case USB_SPEED_LOW: |
| 3733 | - max_packet = GET_MAX_PACKET(usb_endpoint_maxp(&ep->desc)); |
| 3734 | - ep_ctx->ep_info2 |= cpu_to_le32(MAX_PACKET(max_packet)); |
| 3735 | break; |
| 3736 | default: |
| 3737 | BUG(); |
| 3738 | } |
| 3739 | + ep_ctx->ep_info2 |= cpu_to_le32(MAX_PACKET(max_packet) | |
| 3740 | + MAX_BURST(max_burst)); |
| 3741 | max_esit_payload = xhci_get_max_esit_payload(xhci, udev, ep); |
| 3742 | ep_ctx->tx_info = cpu_to_le32(MAX_ESIT_PAYLOAD_FOR_EP(max_esit_payload)); |
| 3743 | |
| 3744 | diff --git a/drivers/usb/serial/ftdi_sio.c b/drivers/usb/serial/ftdi_sio.c |
| 3745 | index be2dcb0..266ece7 100644 |
| 3746 | --- a/drivers/usb/serial/ftdi_sio.c |
| 3747 | +++ b/drivers/usb/serial/ftdi_sio.c |
| 3748 | @@ -191,6 +191,8 @@ static struct usb_device_id id_table_combined [] = { |
| 3749 | { USB_DEVICE(FTDI_VID, FTDI_OPENDCC_GBM_PID) }, |
| 3750 | { USB_DEVICE(FTDI_VID, FTDI_OPENDCC_GBM_BOOST_PID) }, |
| 3751 | { USB_DEVICE(NEWPORT_VID, NEWPORT_AGILIS_PID) }, |
| 3752 | + { USB_DEVICE(NEWPORT_VID, NEWPORT_CONEX_CC_PID) }, |
| 3753 | + { USB_DEVICE(NEWPORT_VID, NEWPORT_CONEX_AGP_PID) }, |
| 3754 | { USB_DEVICE(INTERBIOMETRICS_VID, INTERBIOMETRICS_IOBOARD_PID) }, |
| 3755 | { USB_DEVICE(INTERBIOMETRICS_VID, INTERBIOMETRICS_MINI_IOBOARD_PID) }, |
| 3756 | { USB_DEVICE(FTDI_VID, FTDI_SPROG_II) }, |
| 3757 | diff --git a/drivers/usb/serial/ftdi_sio_ids.h b/drivers/usb/serial/ftdi_sio_ids.h |
| 3758 | index 9852827..6dd7925 100644 |
| 3759 | --- a/drivers/usb/serial/ftdi_sio_ids.h |
| 3760 | +++ b/drivers/usb/serial/ftdi_sio_ids.h |
| 3761 | @@ -772,6 +772,8 @@ |
| 3762 | */ |
| 3763 | #define NEWPORT_VID 0x104D |
| 3764 | #define NEWPORT_AGILIS_PID 0x3000 |
| 3765 | +#define NEWPORT_CONEX_CC_PID 0x3002 |
| 3766 | +#define NEWPORT_CONEX_AGP_PID 0x3006 |
| 3767 | |
| 3768 | /* Interbiometrics USB I/O Board */ |
| 3769 | /* Developed for Interbiometrics by Rudolf Gugler */ |
| 3770 | diff --git a/drivers/usb/serial/option.c b/drivers/usb/serial/option.c |
| 3771 | index bff059a..87181be 100644 |
| 3772 | --- a/drivers/usb/serial/option.c |
| 3773 | +++ b/drivers/usb/serial/option.c |
| 3774 | @@ -196,6 +196,7 @@ static void option_instat_callback(struct urb *urb); |
| 3775 | |
| 3776 | #define DELL_PRODUCT_5800_MINICARD_VZW 0x8195 /* Novatel E362 */ |
| 3777 | #define DELL_PRODUCT_5800_V2_MINICARD_VZW 0x8196 /* Novatel E362 */ |
| 3778 | +#define DELL_PRODUCT_5804_MINICARD_ATT 0x819b /* Novatel E371 */ |
| 3779 | |
| 3780 | #define KYOCERA_VENDOR_ID 0x0c88 |
| 3781 | #define KYOCERA_PRODUCT_KPC650 0x17da |
| 3782 | @@ -341,8 +342,8 @@ static void option_instat_callback(struct urb *urb); |
| 3783 | #define CINTERION_PRODUCT_EU3_E 0x0051 |
| 3784 | #define CINTERION_PRODUCT_EU3_P 0x0052 |
| 3785 | #define CINTERION_PRODUCT_PH8 0x0053 |
| 3786 | -#define CINTERION_PRODUCT_AH6 0x0055 |
| 3787 | -#define CINTERION_PRODUCT_PLS8 0x0060 |
| 3788 | +#define CINTERION_PRODUCT_AHXX 0x0055 |
| 3789 | +#define CINTERION_PRODUCT_PLXX 0x0060 |
| 3790 | |
| 3791 | /* Olivetti products */ |
| 3792 | #define OLIVETTI_VENDOR_ID 0x0b3c |
| 3793 | @@ -771,6 +772,7 @@ static const struct usb_device_id option_ids[] = { |
| 3794 | { USB_DEVICE(DELL_VENDOR_ID, DELL_PRODUCT_5730_MINICARD_VZW) }, /* Dell Wireless 5730 Mobile Broadband EVDO/HSPA Mini-Card */ |
| 3795 | { USB_DEVICE_AND_INTERFACE_INFO(DELL_VENDOR_ID, DELL_PRODUCT_5800_MINICARD_VZW, 0xff, 0xff, 0xff) }, |
| 3796 | { USB_DEVICE_AND_INTERFACE_INFO(DELL_VENDOR_ID, DELL_PRODUCT_5800_V2_MINICARD_VZW, 0xff, 0xff, 0xff) }, |
| 3797 | + { USB_DEVICE_AND_INTERFACE_INFO(DELL_VENDOR_ID, DELL_PRODUCT_5804_MINICARD_ATT, 0xff, 0xff, 0xff) }, |
| 3798 | { USB_DEVICE(ANYDATA_VENDOR_ID, ANYDATA_PRODUCT_ADU_E100A) }, /* ADU-E100, ADU-310 */ |
| 3799 | { USB_DEVICE(ANYDATA_VENDOR_ID, ANYDATA_PRODUCT_ADU_500A) }, |
| 3800 | { USB_DEVICE(ANYDATA_VENDOR_ID, ANYDATA_PRODUCT_ADU_620UW) }, |
| 3801 | @@ -966,6 +968,8 @@ static const struct usb_device_id option_ids[] = { |
| 3802 | .driver_info = (kernel_ulong_t)&net_intf4_blacklist }, |
| 3803 | { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0330, 0xff, 0xff, 0xff) }, |
| 3804 | { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0395, 0xff, 0xff, 0xff) }, |
| 3805 | + { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0412, 0xff, 0xff, 0xff), /* Telewell TW-LTE 4G */ |
| 3806 | + .driver_info = (kernel_ulong_t)&net_intf4_blacklist }, |
| 3807 | { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0414, 0xff, 0xff, 0xff) }, |
| 3808 | { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0417, 0xff, 0xff, 0xff) }, |
| 3809 | { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x1008, 0xff, 0xff, 0xff), |
| 3810 | @@ -1264,8 +1268,9 @@ static const struct usb_device_id option_ids[] = { |
| 3811 | { USB_DEVICE(CINTERION_VENDOR_ID, CINTERION_PRODUCT_EU3_E) }, |
| 3812 | { USB_DEVICE(CINTERION_VENDOR_ID, CINTERION_PRODUCT_EU3_P) }, |
| 3813 | { USB_DEVICE(CINTERION_VENDOR_ID, CINTERION_PRODUCT_PH8) }, |
| 3814 | - { USB_DEVICE(CINTERION_VENDOR_ID, CINTERION_PRODUCT_AH6) }, |
| 3815 | - { USB_DEVICE(CINTERION_VENDOR_ID, CINTERION_PRODUCT_PLS8) }, |
| 3816 | + { USB_DEVICE(CINTERION_VENDOR_ID, CINTERION_PRODUCT_AHXX) }, |
| 3817 | + { USB_DEVICE(CINTERION_VENDOR_ID, CINTERION_PRODUCT_PLXX), |
| 3818 | + .driver_info = (kernel_ulong_t)&net_intf4_blacklist }, |
| 3819 | { USB_DEVICE(CINTERION_VENDOR_ID, CINTERION_PRODUCT_HC28_MDM) }, |
| 3820 | { USB_DEVICE(CINTERION_VENDOR_ID, CINTERION_PRODUCT_HC28_MDMNET) }, |
| 3821 | { USB_DEVICE(SIEMENS_VENDOR_ID, CINTERION_PRODUCT_HC25_MDM) }, |
| 3822 | diff --git a/fs/cifs/cifs_dfs_ref.c b/fs/cifs/cifs_dfs_ref.c |
| 3823 | index 210fce2..47c1155 100644 |
| 3824 | --- a/fs/cifs/cifs_dfs_ref.c |
| 3825 | +++ b/fs/cifs/cifs_dfs_ref.c |
| 3826 | @@ -18,6 +18,7 @@ |
| 3827 | #include <linux/slab.h> |
| 3828 | #include <linux/vfs.h> |
| 3829 | #include <linux/fs.h> |
| 3830 | +#include <linux/inet.h> |
| 3831 | #include "cifsglob.h" |
| 3832 | #include "cifsproto.h" |
| 3833 | #include "cifsfs.h" |
| 3834 | @@ -150,7 +151,8 @@ char *cifs_compose_mount_options(const char *sb_mountdata, |
| 3835 | * assuming that we have 'unc=' and 'ip=' in |
| 3836 | * the original sb_mountdata |
| 3837 | */ |
| 3838 | - md_len = strlen(sb_mountdata) + rc + strlen(ref->node_name) + 12; |
| 3839 | + md_len = strlen(sb_mountdata) + rc + strlen(ref->node_name) + 12 + |
| 3840 | + INET6_ADDRSTRLEN; |
| 3841 | mountdata = kzalloc(md_len+1, GFP_KERNEL); |
| 3842 | if (mountdata == NULL) { |
| 3843 | rc = -ENOMEM; |
| 3844 | diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c |
| 3845 | index 20887bf..cb88429 100644 |
| 3846 | --- a/fs/cifs/inode.c |
| 3847 | +++ b/fs/cifs/inode.c |
| 3848 | @@ -169,7 +169,8 @@ cifs_fattr_to_inode(struct inode *inode, struct cifs_fattr *fattr) |
| 3849 | |
| 3850 | if (fattr->cf_flags & CIFS_FATTR_DFS_REFERRAL) |
| 3851 | inode->i_flags |= S_AUTOMOUNT; |
| 3852 | - cifs_set_ops(inode); |
| 3853 | + if (inode->i_state & I_NEW) |
| 3854 | + cifs_set_ops(inode); |
| 3855 | } |
| 3856 | |
| 3857 | void |
| 3858 | diff --git a/fs/fat/inode.c b/fs/fat/inode.c |
| 3859 | index acf6e47..e7a7fde 100644 |
| 3860 | --- a/fs/fat/inode.c |
| 3861 | +++ b/fs/fat/inode.c |
| 3862 | @@ -1223,6 +1223,19 @@ static int fat_read_root(struct inode *inode) |
| 3863 | return 0; |
| 3864 | } |
| 3865 | |
| 3866 | +static unsigned long calc_fat_clusters(struct super_block *sb) |
| 3867 | +{ |
| 3868 | + struct msdos_sb_info *sbi = MSDOS_SB(sb); |
| 3869 | + |
| 3870 | + /* Divide first to avoid overflow */ |
| 3871 | + if (sbi->fat_bits != 12) { |
| 3872 | + unsigned long ent_per_sec = sb->s_blocksize * 8 / sbi->fat_bits; |
| 3873 | + return ent_per_sec * sbi->fat_length; |
| 3874 | + } |
| 3875 | + |
| 3876 | + return sbi->fat_length * sb->s_blocksize * 8 / sbi->fat_bits; |
| 3877 | +} |
| 3878 | + |
| 3879 | /* |
| 3880 | * Read the super block of an MS-DOS FS. |
| 3881 | */ |
| 3882 | @@ -1427,7 +1440,7 @@ int fat_fill_super(struct super_block *sb, void *data, int silent, int isvfat, |
| 3883 | sbi->dirty = b->fat16.state & FAT_STATE_DIRTY; |
| 3884 | |
| 3885 | /* check that FAT table does not overflow */ |
| 3886 | - fat_clusters = sbi->fat_length * sb->s_blocksize * 8 / sbi->fat_bits; |
| 3887 | + fat_clusters = calc_fat_clusters(sb); |
| 3888 | total_clusters = min(total_clusters, fat_clusters - FAT_START_ENT); |
| 3889 | if (total_clusters > MAX_FAT(sb)) { |
| 3890 | if (!silent) |
| 3891 | diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c |
| 3892 | index ff15522..185c479 100644 |
| 3893 | --- a/fs/fuse/dir.c |
| 3894 | +++ b/fs/fuse/dir.c |
| 3895 | @@ -180,6 +180,8 @@ u64 fuse_get_attr_version(struct fuse_conn *fc) |
| 3896 | static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags) |
| 3897 | { |
| 3898 | struct inode *inode; |
| 3899 | + struct dentry *parent; |
| 3900 | + struct fuse_conn *fc; |
| 3901 | |
| 3902 | inode = ACCESS_ONCE(entry->d_inode); |
| 3903 | if (inode && is_bad_inode(inode)) |
| 3904 | @@ -187,10 +189,8 @@ static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags) |
| 3905 | else if (fuse_dentry_time(entry) < get_jiffies_64()) { |
| 3906 | int err; |
| 3907 | struct fuse_entry_out outarg; |
| 3908 | - struct fuse_conn *fc; |
| 3909 | struct fuse_req *req; |
| 3910 | struct fuse_forget_link *forget; |
| 3911 | - struct dentry *parent; |
| 3912 | u64 attr_version; |
| 3913 | |
| 3914 | /* For negative dentries, always do a fresh lookup */ |
| 3915 | @@ -241,8 +241,14 @@ static int fuse_dentry_revalidate(struct dentry *entry, unsigned int flags) |
| 3916 | entry_attr_timeout(&outarg), |
| 3917 | attr_version); |
| 3918 | fuse_change_entry_timeout(entry, &outarg); |
| 3919 | + } else if (inode) { |
| 3920 | + fc = get_fuse_conn(inode); |
| 3921 | + if (fc->readdirplus_auto) { |
| 3922 | + parent = dget_parent(entry); |
| 3923 | + fuse_advise_use_readdirplus(parent->d_inode); |
| 3924 | + dput(parent); |
| 3925 | + } |
| 3926 | } |
| 3927 | - fuse_advise_use_readdirplus(inode); |
| 3928 | return 1; |
| 3929 | } |
| 3930 | |
| 3931 | diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c |
| 3932 | index 137185c..a215d22 100644 |
| 3933 | --- a/fs/fuse/inode.c |
| 3934 | +++ b/fs/fuse/inode.c |
| 3935 | @@ -864,10 +864,11 @@ static void process_init_reply(struct fuse_conn *fc, struct fuse_req *req) |
| 3936 | fc->dont_mask = 1; |
| 3937 | if (arg->flags & FUSE_AUTO_INVAL_DATA) |
| 3938 | fc->auto_inval_data = 1; |
| 3939 | - if (arg->flags & FUSE_DO_READDIRPLUS) |
| 3940 | + if (arg->flags & FUSE_DO_READDIRPLUS) { |
| 3941 | fc->do_readdirplus = 1; |
| 3942 | - if (arg->flags & FUSE_READDIRPLUS_AUTO) |
| 3943 | - fc->readdirplus_auto = 1; |
| 3944 | + if (arg->flags & FUSE_READDIRPLUS_AUTO) |
| 3945 | + fc->readdirplus_auto = 1; |
| 3946 | + } |
| 3947 | } else { |
| 3948 | ra_pages = fc->max_read / PAGE_CACHE_SIZE; |
| 3949 | fc->no_lock = 1; |
| 3950 | diff --git a/fs/jfs/inode.c b/fs/jfs/inode.c |
| 3951 | index b7dc47b..77554b6 100644 |
| 3952 | --- a/fs/jfs/inode.c |
| 3953 | +++ b/fs/jfs/inode.c |
| 3954 | @@ -125,7 +125,7 @@ int jfs_write_inode(struct inode *inode, struct writeback_control *wbc) |
| 3955 | { |
| 3956 | int wait = wbc->sync_mode == WB_SYNC_ALL; |
| 3957 | |
| 3958 | - if (test_cflag(COMMIT_Nolink, inode)) |
| 3959 | + if (inode->i_nlink == 0) |
| 3960 | return 0; |
| 3961 | /* |
| 3962 | * If COMMIT_DIRTY is not set, the inode isn't really dirty. |
| 3963 | diff --git a/fs/jfs/jfs_logmgr.c b/fs/jfs/jfs_logmgr.c |
| 3964 | index 2eb952c..cbe48ea 100644 |
| 3965 | --- a/fs/jfs/jfs_logmgr.c |
| 3966 | +++ b/fs/jfs/jfs_logmgr.c |
| 3967 | @@ -1058,7 +1058,8 @@ static int lmLogSync(struct jfs_log * log, int hard_sync) |
| 3968 | */ |
| 3969 | void jfs_syncpt(struct jfs_log *log, int hard_sync) |
| 3970 | { LOG_LOCK(log); |
| 3971 | - lmLogSync(log, hard_sync); |
| 3972 | + if (!test_bit(log_QUIESCE, &log->flag)) |
| 3973 | + lmLogSync(log, hard_sync); |
| 3974 | LOG_UNLOCK(log); |
| 3975 | } |
| 3976 | |
| 3977 | diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c |
| 3978 | index 0086401..261e9b9 100644 |
| 3979 | --- a/fs/nfs/nfs4proc.c |
| 3980 | +++ b/fs/nfs/nfs4proc.c |
| 3981 | @@ -1022,7 +1022,7 @@ static struct nfs4_state *nfs4_try_open_cached(struct nfs4_opendata *opendata) |
| 3982 | struct nfs4_state *state = opendata->state; |
| 3983 | struct nfs_inode *nfsi = NFS_I(state->inode); |
| 3984 | struct nfs_delegation *delegation; |
| 3985 | - int open_mode = opendata->o_arg.open_flags & (O_EXCL|O_TRUNC); |
| 3986 | + int open_mode = opendata->o_arg.open_flags; |
| 3987 | fmode_t fmode = opendata->o_arg.fmode; |
| 3988 | nfs4_stateid stateid; |
| 3989 | int ret = -EAGAIN; |
| 3990 | diff --git a/fs/nilfs2/inode.c b/fs/nilfs2/inode.c |
| 3991 | index 6b49f14..734c93f 100644 |
| 3992 | --- a/fs/nilfs2/inode.c |
| 3993 | +++ b/fs/nilfs2/inode.c |
| 3994 | @@ -202,13 +202,32 @@ static int nilfs_writepage(struct page *page, struct writeback_control *wbc) |
| 3995 | |
| 3996 | static int nilfs_set_page_dirty(struct page *page) |
| 3997 | { |
| 3998 | - int ret = __set_page_dirty_buffers(page); |
| 3999 | + int ret = __set_page_dirty_nobuffers(page); |
| 4000 | |
| 4001 | - if (ret) { |
| 4002 | + if (page_has_buffers(page)) { |
| 4003 | struct inode *inode = page->mapping->host; |
| 4004 | - unsigned nr_dirty = 1 << (PAGE_SHIFT - inode->i_blkbits); |
| 4005 | + unsigned nr_dirty = 0; |
| 4006 | + struct buffer_head *bh, *head; |
| 4007 | |
| 4008 | - nilfs_set_file_dirty(inode, nr_dirty); |
| 4009 | + /* |
| 4010 | + * This page is locked by callers, and no other thread |
| 4011 | + * concurrently marks its buffers dirty since they are |
| 4012 | + * only dirtied through routines in fs/buffer.c in |
| 4013 | + * which call sites of mark_buffer_dirty are protected |
| 4014 | + * by page lock. |
| 4015 | + */ |
| 4016 | + bh = head = page_buffers(page); |
| 4017 | + do { |
| 4018 | + /* Do not mark hole blocks dirty */ |
| 4019 | + if (buffer_dirty(bh) || !buffer_mapped(bh)) |
| 4020 | + continue; |
| 4021 | + |
| 4022 | + set_buffer_dirty(bh); |
| 4023 | + nr_dirty++; |
| 4024 | + } while (bh = bh->b_this_page, bh != head); |
| 4025 | + |
| 4026 | + if (nr_dirty) |
| 4027 | + nilfs_set_file_dirty(inode, nr_dirty); |
| 4028 | } |
| 4029 | return ret; |
| 4030 | } |
| 4031 | diff --git a/fs/ocfs2/extent_map.c b/fs/ocfs2/extent_map.c |
| 4032 | index 1c39efb..2487116 100644 |
| 4033 | --- a/fs/ocfs2/extent_map.c |
| 4034 | +++ b/fs/ocfs2/extent_map.c |
| 4035 | @@ -790,7 +790,7 @@ int ocfs2_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo, |
| 4036 | &hole_size, &rec, &is_last); |
| 4037 | if (ret) { |
| 4038 | mlog_errno(ret); |
| 4039 | - goto out; |
| 4040 | + goto out_unlock; |
| 4041 | } |
| 4042 | |
| 4043 | if (rec.e_blkno == 0ULL) { |
| 4044 | diff --git a/fs/reiserfs/dir.c b/fs/reiserfs/dir.c |
| 4045 | index 66c53b6..6c2d136 100644 |
| 4046 | --- a/fs/reiserfs/dir.c |
| 4047 | +++ b/fs/reiserfs/dir.c |
| 4048 | @@ -204,6 +204,8 @@ int reiserfs_readdir_dentry(struct dentry *dentry, void *dirent, |
| 4049 | next_pos = deh_offset(deh) + 1; |
| 4050 | |
| 4051 | if (item_moved(&tmp_ih, &path_to_entry)) { |
| 4052 | + set_cpu_key_k_offset(&pos_key, |
| 4053 | + next_pos); |
| 4054 | goto research; |
| 4055 | } |
| 4056 | } /* for */ |
| 4057 | diff --git a/fs/reiserfs/inode.c b/fs/reiserfs/inode.c |
| 4058 | index ea5061f..c3a9de6 100644 |
| 4059 | --- a/fs/reiserfs/inode.c |
| 4060 | +++ b/fs/reiserfs/inode.c |
| 4061 | @@ -1810,11 +1810,16 @@ int reiserfs_new_inode(struct reiserfs_transaction_handle *th, |
| 4062 | TYPE_STAT_DATA, SD_SIZE, MAX_US_INT); |
| 4063 | memcpy(INODE_PKEY(inode), &(ih.ih_key), KEY_SIZE); |
| 4064 | args.dirid = le32_to_cpu(ih.ih_key.k_dir_id); |
| 4065 | - if (insert_inode_locked4(inode, args.objectid, |
| 4066 | - reiserfs_find_actor, &args) < 0) { |
| 4067 | + |
| 4068 | + reiserfs_write_unlock(inode->i_sb); |
| 4069 | + err = insert_inode_locked4(inode, args.objectid, |
| 4070 | + reiserfs_find_actor, &args); |
| 4071 | + reiserfs_write_lock(inode->i_sb); |
| 4072 | + if (err) { |
| 4073 | err = -EINVAL; |
| 4074 | goto out_bad_inode; |
| 4075 | } |
| 4076 | + |
| 4077 | if (old_format_only(sb)) |
| 4078 | /* not a perfect generation count, as object ids can be reused, but |
| 4079 | ** this is as good as reiserfs can do right now. |
| 4080 | diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c |
| 4081 | index 4cce1d9..821bcf7 100644 |
| 4082 | --- a/fs/reiserfs/xattr.c |
| 4083 | +++ b/fs/reiserfs/xattr.c |
| 4084 | @@ -318,7 +318,19 @@ static int delete_one_xattr(struct dentry *dentry, void *data) |
| 4085 | static int chown_one_xattr(struct dentry *dentry, void *data) |
| 4086 | { |
| 4087 | struct iattr *attrs = data; |
| 4088 | - return reiserfs_setattr(dentry, attrs); |
| 4089 | + int ia_valid = attrs->ia_valid; |
| 4090 | + int err; |
| 4091 | + |
| 4092 | + /* |
| 4093 | + * We only want the ownership bits. Otherwise, we'll do |
| 4094 | + * things like change a directory to a regular file if |
| 4095 | + * ATTR_MODE is set. |
| 4096 | + */ |
| 4097 | + attrs->ia_valid &= (ATTR_UID|ATTR_GID); |
| 4098 | + err = reiserfs_setattr(dentry, attrs); |
| 4099 | + attrs->ia_valid = ia_valid; |
| 4100 | + |
| 4101 | + return err; |
| 4102 | } |
| 4103 | |
| 4104 | /* No i_mutex, but the inode is unconnected. */ |
| 4105 | diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c |
| 4106 | index d7c01ef..6c8767f 100644 |
| 4107 | --- a/fs/reiserfs/xattr_acl.c |
| 4108 | +++ b/fs/reiserfs/xattr_acl.c |
| 4109 | @@ -443,6 +443,9 @@ int reiserfs_acl_chmod(struct inode *inode) |
| 4110 | int depth; |
| 4111 | int error; |
| 4112 | |
| 4113 | + if (IS_PRIVATE(inode)) |
| 4114 | + return 0; |
| 4115 | + |
| 4116 | if (S_ISLNK(inode->i_mode)) |
| 4117 | return -EOPNOTSUPP; |
| 4118 | |
| 4119 | diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c |
| 4120 | index d82efaa..ca9ecaa 100644 |
| 4121 | --- a/fs/xfs/xfs_iops.c |
| 4122 | +++ b/fs/xfs/xfs_iops.c |
| 4123 | @@ -455,6 +455,28 @@ xfs_vn_getattr( |
| 4124 | return 0; |
| 4125 | } |
| 4126 | |
| 4127 | +static void |
| 4128 | +xfs_setattr_mode( |
| 4129 | + struct xfs_trans *tp, |
| 4130 | + struct xfs_inode *ip, |
| 4131 | + struct iattr *iattr) |
| 4132 | +{ |
| 4133 | + struct inode *inode = VFS_I(ip); |
| 4134 | + umode_t mode = iattr->ia_mode; |
| 4135 | + |
| 4136 | + ASSERT(tp); |
| 4137 | + ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); |
| 4138 | + |
| 4139 | + if (!in_group_p(inode->i_gid) && !capable(CAP_FSETID)) |
| 4140 | + mode &= ~S_ISGID; |
| 4141 | + |
| 4142 | + ip->i_d.di_mode &= S_IFMT; |
| 4143 | + ip->i_d.di_mode |= mode & ~S_IFMT; |
| 4144 | + |
| 4145 | + inode->i_mode &= S_IFMT; |
| 4146 | + inode->i_mode |= mode & ~S_IFMT; |
| 4147 | +} |
| 4148 | + |
| 4149 | int |
| 4150 | xfs_setattr_nonsize( |
| 4151 | struct xfs_inode *ip, |
| 4152 | @@ -606,18 +628,8 @@ xfs_setattr_nonsize( |
| 4153 | /* |
| 4154 | * Change file access modes. |
| 4155 | */ |
| 4156 | - if (mask & ATTR_MODE) { |
| 4157 | - umode_t mode = iattr->ia_mode; |
| 4158 | - |
| 4159 | - if (!in_group_p(inode->i_gid) && !capable(CAP_FSETID)) |
| 4160 | - mode &= ~S_ISGID; |
| 4161 | - |
| 4162 | - ip->i_d.di_mode &= S_IFMT; |
| 4163 | - ip->i_d.di_mode |= mode & ~S_IFMT; |
| 4164 | - |
| 4165 | - inode->i_mode &= S_IFMT; |
| 4166 | - inode->i_mode |= mode & ~S_IFMT; |
| 4167 | - } |
| 4168 | + if (mask & ATTR_MODE) |
| 4169 | + xfs_setattr_mode(tp, ip, iattr); |
| 4170 | |
| 4171 | /* |
| 4172 | * Change file access or modified times. |
| 4173 | @@ -714,9 +726,8 @@ xfs_setattr_size( |
| 4174 | return XFS_ERROR(error); |
| 4175 | |
| 4176 | ASSERT(S_ISREG(ip->i_d.di_mode)); |
| 4177 | - ASSERT((mask & (ATTR_MODE|ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET| |
| 4178 | - ATTR_MTIME_SET|ATTR_KILL_SUID|ATTR_KILL_SGID| |
| 4179 | - ATTR_KILL_PRIV|ATTR_TIMES_SET)) == 0); |
| 4180 | + ASSERT((mask & (ATTR_UID|ATTR_GID|ATTR_ATIME|ATTR_ATIME_SET| |
| 4181 | + ATTR_MTIME_SET|ATTR_KILL_PRIV|ATTR_TIMES_SET)) == 0); |
| 4182 | |
| 4183 | if (!(flags & XFS_ATTR_NOLOCK)) { |
| 4184 | lock_flags |= XFS_IOLOCK_EXCL; |
| 4185 | @@ -860,6 +871,12 @@ xfs_setattr_size( |
| 4186 | xfs_inode_clear_eofblocks_tag(ip); |
| 4187 | } |
| 4188 | |
| 4189 | + /* |
| 4190 | + * Change file access modes. |
| 4191 | + */ |
| 4192 | + if (mask & ATTR_MODE) |
| 4193 | + xfs_setattr_mode(tp, ip, iattr); |
| 4194 | + |
| 4195 | if (mask & ATTR_CTIME) { |
| 4196 | inode->i_ctime = iattr->ia_ctime; |
| 4197 | ip->i_d.di_ctime.t_sec = iattr->ia_ctime.tv_sec; |
| 4198 | diff --git a/include/acpi/acpi_bus.h b/include/acpi/acpi_bus.h |
| 4199 | index 22ba56e..fc93bd3d 100644 |
| 4200 | --- a/include/acpi/acpi_bus.h |
| 4201 | +++ b/include/acpi/acpi_bus.h |
| 4202 | @@ -352,7 +352,6 @@ acpi_status acpi_bus_get_status_handle(acpi_handle handle, |
| 4203 | unsigned long long *sta); |
| 4204 | int acpi_bus_get_status(struct acpi_device *device); |
| 4205 | |
| 4206 | -#ifdef CONFIG_PM |
| 4207 | int acpi_bus_set_power(acpi_handle handle, int state); |
| 4208 | const char *acpi_power_state_string(int state); |
| 4209 | int acpi_device_get_power(struct acpi_device *device, int *state); |
| 4210 | @@ -360,41 +359,12 @@ int acpi_device_set_power(struct acpi_device *device, int state); |
| 4211 | int acpi_bus_init_power(struct acpi_device *device); |
| 4212 | int acpi_bus_update_power(acpi_handle handle, int *state_p); |
| 4213 | bool acpi_bus_power_manageable(acpi_handle handle); |
| 4214 | + |
| 4215 | +#ifdef CONFIG_PM |
| 4216 | bool acpi_bus_can_wakeup(acpi_handle handle); |
| 4217 | -#else /* !CONFIG_PM */ |
| 4218 | -static inline int acpi_bus_set_power(acpi_handle handle, int state) |
| 4219 | -{ |
| 4220 | - return 0; |
| 4221 | -} |
| 4222 | -static inline const char *acpi_power_state_string(int state) |
| 4223 | -{ |
| 4224 | - return "D0"; |
| 4225 | -} |
| 4226 | -static inline int acpi_device_get_power(struct acpi_device *device, int *state) |
| 4227 | -{ |
| 4228 | - return 0; |
| 4229 | -} |
| 4230 | -static inline int acpi_device_set_power(struct acpi_device *device, int state) |
| 4231 | -{ |
| 4232 | - return 0; |
| 4233 | -} |
| 4234 | -static inline int acpi_bus_init_power(struct acpi_device *device) |
| 4235 | -{ |
| 4236 | - return 0; |
| 4237 | -} |
| 4238 | -static inline int acpi_bus_update_power(acpi_handle handle, int *state_p) |
| 4239 | -{ |
| 4240 | - return 0; |
| 4241 | -} |
| 4242 | -static inline bool acpi_bus_power_manageable(acpi_handle handle) |
| 4243 | -{ |
| 4244 | - return false; |
| 4245 | -} |
| 4246 | -static inline bool acpi_bus_can_wakeup(acpi_handle handle) |
| 4247 | -{ |
| 4248 | - return false; |
| 4249 | -} |
| 4250 | -#endif /* !CONFIG_PM */ |
| 4251 | +#else |
| 4252 | +static inline bool acpi_bus_can_wakeup(acpi_handle handle) { return false; } |
| 4253 | +#endif |
| 4254 | |
| 4255 | #ifdef CONFIG_ACPI_PROC_EVENT |
| 4256 | int acpi_bus_generate_proc_event(struct acpi_device *device, u8 type, int data); |
| 4257 | diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h |
| 4258 | index 16d4d09..6ae7d2c 100644 |
| 4259 | --- a/include/linux/cgroup.h |
| 4260 | +++ b/include/linux/cgroup.h |
| 4261 | @@ -570,7 +570,7 @@ struct cgroup *cgroup_rightmost_descendant(struct cgroup *pos); |
| 4262 | * |
| 4263 | * If a subsystem synchronizes against the parent in its ->css_online() and |
| 4264 | * before starting iterating, and synchronizes against @pos on each |
| 4265 | - * iteration, any descendant cgroup which finished ->css_offline() is |
| 4266 | + * iteration, any descendant cgroup which finished ->css_online() is |
| 4267 | * guaranteed to be visible in the future iterations. |
| 4268 | * |
| 4269 | * In other words, the following guarantees that a descendant can't escape |
| 4270 | diff --git a/include/linux/wait.h b/include/linux/wait.h |
| 4271 | index 7cb64d4..30194a6 100644 |
| 4272 | --- a/include/linux/wait.h |
| 4273 | +++ b/include/linux/wait.h |
| 4274 | @@ -217,6 +217,8 @@ do { \ |
| 4275 | if (!ret) \ |
| 4276 | break; \ |
| 4277 | } \ |
| 4278 | + if (!ret && (condition)) \ |
| 4279 | + ret = 1; \ |
| 4280 | finish_wait(&wq, &__wait); \ |
| 4281 | } while (0) |
| 4282 | |
| 4283 | @@ -233,8 +235,9 @@ do { \ |
| 4284 | * wake_up() has to be called after changing any variable that could |
| 4285 | * change the result of the wait condition. |
| 4286 | * |
| 4287 | - * The function returns 0 if the @timeout elapsed, and the remaining |
| 4288 | - * jiffies if the condition evaluated to true before the timeout elapsed. |
| 4289 | + * The function returns 0 if the @timeout elapsed, or the remaining |
| 4290 | + * jiffies (at least 1) if the @condition evaluated to %true before |
| 4291 | + * the @timeout elapsed. |
| 4292 | */ |
| 4293 | #define wait_event_timeout(wq, condition, timeout) \ |
| 4294 | ({ \ |
| 4295 | @@ -302,6 +305,8 @@ do { \ |
| 4296 | ret = -ERESTARTSYS; \ |
| 4297 | break; \ |
| 4298 | } \ |
| 4299 | + if (!ret && (condition)) \ |
| 4300 | + ret = 1; \ |
| 4301 | finish_wait(&wq, &__wait); \ |
| 4302 | } while (0) |
| 4303 | |
| 4304 | @@ -318,9 +323,10 @@ do { \ |
| 4305 | * wake_up() has to be called after changing any variable that could |
| 4306 | * change the result of the wait condition. |
| 4307 | * |
| 4308 | - * The function returns 0 if the @timeout elapsed, -ERESTARTSYS if it |
| 4309 | - * was interrupted by a signal, and the remaining jiffies otherwise |
| 4310 | - * if the condition evaluated to true before the timeout elapsed. |
| 4311 | + * Returns: |
| 4312 | + * 0 if the @timeout elapsed, -%ERESTARTSYS if it was interrupted by |
| 4313 | + * a signal, or the remaining jiffies (at least 1) if the @condition |
| 4314 | + * evaluated to %true before the @timeout elapsed. |
| 4315 | */ |
| 4316 | #define wait_event_interruptible_timeout(wq, condition, timeout) \ |
| 4317 | ({ \ |
| 4318 | diff --git a/include/target/target_core_base.h b/include/target/target_core_base.h |
| 4319 | index c4af592..f8640f3 100644 |
| 4320 | --- a/include/target/target_core_base.h |
| 4321 | +++ b/include/target/target_core_base.h |
| 4322 | @@ -544,6 +544,7 @@ struct se_session { |
| 4323 | struct list_head sess_list; |
| 4324 | struct list_head sess_acl_list; |
| 4325 | struct list_head sess_cmd_list; |
| 4326 | + struct list_head sess_wait_list; |
| 4327 | spinlock_t sess_cmd_lock; |
| 4328 | struct kref sess_kref; |
| 4329 | }; |
| 4330 | diff --git a/include/xen/interface/io/netif.h b/include/xen/interface/io/netif.h |
| 4331 | index 9dfc120..3ef3fe0 100644 |
| 4332 | --- a/include/xen/interface/io/netif.h |
| 4333 | +++ b/include/xen/interface/io/netif.h |
| 4334 | @@ -13,6 +13,24 @@ |
| 4335 | #include <xen/interface/grant_table.h> |
| 4336 | |
| 4337 | /* |
| 4338 | + * Older implementation of Xen network frontend / backend has an |
| 4339 | + * implicit dependency on the MAX_SKB_FRAGS as the maximum number of |
| 4340 | + * ring slots a skb can use. Netfront / netback may not work as |
| 4341 | + * expected when frontend and backend have different MAX_SKB_FRAGS. |
| 4342 | + * |
| 4343 | + * A better approach is to add mechanism for netfront / netback to |
| 4344 | + * negotiate this value. However we cannot fix all possible |
| 4345 | + * frontends, so we need to define a value which states the minimum |
| 4346 | + * slots backend must support. |
| 4347 | + * |
| 4348 | + * The minimum value derives from older Linux kernel's MAX_SKB_FRAGS |
| 4349 | + * (18), which is proved to work with most frontends. Any new backend |
| 4350 | + * which doesn't negotiate with frontend should expect frontend to |
| 4351 | + * send a valid packet using slots up to this value. |
| 4352 | + */ |
| 4353 | +#define XEN_NETIF_NR_SLOTS_MIN 18 |
| 4354 | + |
| 4355 | +/* |
| 4356 | * Notifications after enqueuing any type of message should be conditional on |
| 4357 | * the appropriate req_event or rsp_event field in the shared ring. |
| 4358 | * If the client sends notification for rx requests then it should specify |
| 4359 | @@ -47,6 +65,7 @@ |
| 4360 | #define _XEN_NETTXF_extra_info (3) |
| 4361 | #define XEN_NETTXF_extra_info (1U<<_XEN_NETTXF_extra_info) |
| 4362 | |
| 4363 | +#define XEN_NETIF_MAX_TX_SIZE 0xFFFF |
| 4364 | struct xen_netif_tx_request { |
| 4365 | grant_ref_t gref; /* Reference to buffer page */ |
| 4366 | uint16_t offset; /* Offset within buffer page */ |
| 4367 | diff --git a/kernel/cgroup.c b/kernel/cgroup.c |
| 4368 | index ba1f977..a48de6a 100644 |
| 4369 | --- a/kernel/cgroup.c |
| 4370 | +++ b/kernel/cgroup.c |
| 4371 | @@ -2747,13 +2747,14 @@ static int cgroup_add_file(struct cgroup *cgrp, struct cgroup_subsys *subsys, |
| 4372 | goto out; |
| 4373 | } |
| 4374 | |
| 4375 | + cfe->type = (void *)cft; |
| 4376 | + cfe->dentry = dentry; |
| 4377 | + dentry->d_fsdata = cfe; |
| 4378 | + simple_xattrs_init(&cfe->xattrs); |
| 4379 | + |
| 4380 | mode = cgroup_file_mode(cft); |
| 4381 | error = cgroup_create_file(dentry, mode | S_IFREG, cgrp->root->sb); |
| 4382 | if (!error) { |
| 4383 | - cfe->type = (void *)cft; |
| 4384 | - cfe->dentry = dentry; |
| 4385 | - dentry->d_fsdata = cfe; |
| 4386 | - simple_xattrs_init(&cfe->xattrs); |
| 4387 | list_add_tail(&cfe->node, &parent->files); |
| 4388 | cfe = NULL; |
| 4389 | } |
| 4390 | @@ -2999,11 +3000,8 @@ struct cgroup *cgroup_next_descendant_pre(struct cgroup *pos, |
| 4391 | WARN_ON_ONCE(!rcu_read_lock_held()); |
| 4392 | |
| 4393 | /* if first iteration, pretend we just visited @cgroup */ |
| 4394 | - if (!pos) { |
| 4395 | - if (list_empty(&cgroup->children)) |
| 4396 | - return NULL; |
| 4397 | + if (!pos) |
| 4398 | pos = cgroup; |
| 4399 | - } |
| 4400 | |
| 4401 | /* visit the first child if exists */ |
| 4402 | next = list_first_or_null_rcu(&pos->children, struct cgroup, sibling); |
| 4403 | @@ -3011,14 +3009,14 @@ struct cgroup *cgroup_next_descendant_pre(struct cgroup *pos, |
| 4404 | return next; |
| 4405 | |
| 4406 | /* no child, visit my or the closest ancestor's next sibling */ |
| 4407 | - do { |
| 4408 | + while (pos != cgroup) { |
| 4409 | next = list_entry_rcu(pos->sibling.next, struct cgroup, |
| 4410 | sibling); |
| 4411 | if (&next->sibling != &pos->parent->children) |
| 4412 | return next; |
| 4413 | |
| 4414 | pos = pos->parent; |
| 4415 | - } while (pos != cgroup); |
| 4416 | + } |
| 4417 | |
| 4418 | return NULL; |
| 4419 | } |
| 4420 | diff --git a/kernel/module.c b/kernel/module.c |
| 4421 | index 0925c9a..97f202c 100644 |
| 4422 | --- a/kernel/module.c |
| 4423 | +++ b/kernel/module.c |
| 4424 | @@ -1861,12 +1861,12 @@ static void free_module(struct module *mod) |
| 4425 | { |
| 4426 | trace_module_free(mod); |
| 4427 | |
| 4428 | - /* Delete from various lists */ |
| 4429 | - mutex_lock(&module_mutex); |
| 4430 | - stop_machine(__unlink_module, mod, NULL); |
| 4431 | - mutex_unlock(&module_mutex); |
| 4432 | mod_sysfs_teardown(mod); |
| 4433 | |
| 4434 | + /* We leave it in list to prevent duplicate loads, but make sure |
| 4435 | + * that noone uses it while it's being deconstructed. */ |
| 4436 | + mod->state = MODULE_STATE_UNFORMED; |
| 4437 | + |
| 4438 | /* Remove dynamic debug info */ |
| 4439 | ddebug_remove_module(mod->name); |
| 4440 | |
| 4441 | @@ -1879,6 +1879,11 @@ static void free_module(struct module *mod) |
| 4442 | /* Free any allocated parameters. */ |
| 4443 | destroy_params(mod->kp, mod->num_kp); |
| 4444 | |
| 4445 | + /* Now we can delete it from the lists */ |
| 4446 | + mutex_lock(&module_mutex); |
| 4447 | + stop_machine(__unlink_module, mod, NULL); |
| 4448 | + mutex_unlock(&module_mutex); |
| 4449 | + |
| 4450 | /* This may be NULL, but that's OK */ |
| 4451 | unset_module_init_ro_nx(mod); |
| 4452 | module_free(mod, mod->module_init); |
| 4453 | diff --git a/kernel/range.c b/kernel/range.c |
| 4454 | index 9b8ae2d..98883ed 100644 |
| 4455 | --- a/kernel/range.c |
| 4456 | +++ b/kernel/range.c |
| 4457 | @@ -48,9 +48,11 @@ int add_range_with_merge(struct range *range, int az, int nr_range, |
| 4458 | final_start = min(range[i].start, start); |
| 4459 | final_end = max(range[i].end, end); |
| 4460 | |
| 4461 | - range[i].start = final_start; |
| 4462 | - range[i].end = final_end; |
| 4463 | - return nr_range; |
| 4464 | + /* clear it and add it back for further merge */ |
| 4465 | + range[i].start = 0; |
| 4466 | + range[i].end = 0; |
| 4467 | + return add_range_with_merge(range, az, nr_range, |
| 4468 | + final_start, final_end); |
| 4469 | } |
| 4470 | |
| 4471 | /* Need to add it: */ |
| 4472 | diff --git a/lib/klist.c b/lib/klist.c |
| 4473 | index 0874e41..358a368 100644 |
| 4474 | --- a/lib/klist.c |
| 4475 | +++ b/lib/klist.c |
| 4476 | @@ -193,10 +193,10 @@ static void klist_release(struct kref *kref) |
| 4477 | if (waiter->node != n) |
| 4478 | continue; |
| 4479 | |
| 4480 | + list_del(&waiter->list); |
| 4481 | waiter->woken = 1; |
| 4482 | mb(); |
| 4483 | wake_up_process(waiter->process); |
| 4484 | - list_del(&waiter->list); |
| 4485 | } |
| 4486 | spin_unlock(&klist_remove_lock); |
| 4487 | knode_set_klist(n, NULL); |
| 4488 | diff --git a/mm/huge_memory.c b/mm/huge_memory.c |
| 4489 | index e2f7f5aa..a4510d4 100644 |
| 4490 | --- a/mm/huge_memory.c |
| 4491 | +++ b/mm/huge_memory.c |
| 4492 | @@ -2318,7 +2318,12 @@ static void collapse_huge_page(struct mm_struct *mm, |
| 4493 | pte_unmap(pte); |
| 4494 | spin_lock(&mm->page_table_lock); |
| 4495 | BUG_ON(!pmd_none(*pmd)); |
| 4496 | - set_pmd_at(mm, address, pmd, _pmd); |
| 4497 | + /* |
| 4498 | + * We can only use set_pmd_at when establishing |
| 4499 | + * hugepmds and never for establishing regular pmds that |
| 4500 | + * points to regular pagetables. Use pmd_populate for that |
| 4501 | + */ |
| 4502 | + pmd_populate(mm, pmd, pmd_pgtable(_pmd)); |
| 4503 | spin_unlock(&mm->page_table_lock); |
| 4504 | anon_vma_unlock_write(vma->anon_vma); |
| 4505 | goto out; |
| 4506 | diff --git a/mm/memcontrol.c b/mm/memcontrol.c |
| 4507 | index 2b55222..9630d58 100644 |
| 4508 | --- a/mm/memcontrol.c |
| 4509 | +++ b/mm/memcontrol.c |
| 4510 | @@ -3991,8 +3991,6 @@ __mem_cgroup_uncharge_common(struct page *page, enum charge_type ctype, |
| 4511 | if (mem_cgroup_disabled()) |
| 4512 | return NULL; |
| 4513 | |
| 4514 | - VM_BUG_ON(PageSwapCache(page)); |
| 4515 | - |
| 4516 | if (PageTransHuge(page)) { |
| 4517 | nr_pages <<= compound_order(page); |
| 4518 | VM_BUG_ON(!PageTransHuge(page)); |
| 4519 | @@ -4088,6 +4086,18 @@ void mem_cgroup_uncharge_page(struct page *page) |
| 4520 | if (page_mapped(page)) |
| 4521 | return; |
| 4522 | VM_BUG_ON(page->mapping && !PageAnon(page)); |
| 4523 | + /* |
| 4524 | + * If the page is in swap cache, uncharge should be deferred |
| 4525 | + * to the swap path, which also properly accounts swap usage |
| 4526 | + * and handles memcg lifetime. |
| 4527 | + * |
| 4528 | + * Note that this check is not stable and reclaim may add the |
| 4529 | + * page to swap cache at any time after this. However, if the |
| 4530 | + * page is not in swap cache by the time page->mapcount hits |
| 4531 | + * 0, there won't be any page table references to the swap |
| 4532 | + * slot, and reclaim will free it and not actually write the |
| 4533 | + * page to disk. |
| 4534 | + */ |
| 4535 | if (PageSwapCache(page)) |
| 4536 | return; |
| 4537 | __mem_cgroup_uncharge_common(page, MEM_CGROUP_CHARGE_TYPE_ANON, false); |
| 4538 | diff --git a/mm/migrate.c b/mm/migrate.c |
| 4539 | index 3bbaf5d..22ed5c1 100644 |
| 4540 | --- a/mm/migrate.c |
| 4541 | +++ b/mm/migrate.c |
| 4542 | @@ -165,7 +165,7 @@ static int remove_migration_pte(struct page *new, struct vm_area_struct *vma, |
| 4543 | pte = arch_make_huge_pte(pte, vma, new, 0); |
| 4544 | } |
| 4545 | #endif |
| 4546 | - flush_cache_page(vma, addr, pte_pfn(pte)); |
| 4547 | + flush_dcache_page(new); |
| 4548 | set_pte_at(mm, addr, ptep, pte); |
| 4549 | |
| 4550 | if (PageHuge(new)) { |
| 4551 | diff --git a/mm/mmu_notifier.c b/mm/mmu_notifier.c |
| 4552 | index be04122..6725ff1 100644 |
| 4553 | --- a/mm/mmu_notifier.c |
| 4554 | +++ b/mm/mmu_notifier.c |
| 4555 | @@ -40,48 +40,44 @@ void __mmu_notifier_release(struct mm_struct *mm) |
| 4556 | int id; |
| 4557 | |
| 4558 | /* |
| 4559 | - * srcu_read_lock() here will block synchronize_srcu() in |
| 4560 | - * mmu_notifier_unregister() until all registered |
| 4561 | - * ->release() callouts this function makes have |
| 4562 | - * returned. |
| 4563 | + * SRCU here will block mmu_notifier_unregister until |
| 4564 | + * ->release returns. |
| 4565 | */ |
| 4566 | id = srcu_read_lock(&srcu); |
| 4567 | + hlist_for_each_entry_rcu(mn, &mm->mmu_notifier_mm->list, hlist) |
| 4568 | + /* |
| 4569 | + * If ->release runs before mmu_notifier_unregister it must be |
| 4570 | + * handled, as it's the only way for the driver to flush all |
| 4571 | + * existing sptes and stop the driver from establishing any more |
| 4572 | + * sptes before all the pages in the mm are freed. |
| 4573 | + */ |
| 4574 | + if (mn->ops->release) |
| 4575 | + mn->ops->release(mn, mm); |
| 4576 | + srcu_read_unlock(&srcu, id); |
| 4577 | + |
| 4578 | spin_lock(&mm->mmu_notifier_mm->lock); |
| 4579 | while (unlikely(!hlist_empty(&mm->mmu_notifier_mm->list))) { |
| 4580 | mn = hlist_entry(mm->mmu_notifier_mm->list.first, |
| 4581 | struct mmu_notifier, |
| 4582 | hlist); |
| 4583 | - |
| 4584 | /* |
| 4585 | - * Unlink. This will prevent mmu_notifier_unregister() |
| 4586 | - * from also making the ->release() callout. |
| 4587 | + * We arrived before mmu_notifier_unregister so |
| 4588 | + * mmu_notifier_unregister will do nothing other than to wait |
| 4589 | + * for ->release to finish and for mmu_notifier_unregister to |
| 4590 | + * return. |
| 4591 | */ |
| 4592 | hlist_del_init_rcu(&mn->hlist); |
| 4593 | - spin_unlock(&mm->mmu_notifier_mm->lock); |
| 4594 | - |
| 4595 | - /* |
| 4596 | - * Clear sptes. (see 'release' description in mmu_notifier.h) |
| 4597 | - */ |
| 4598 | - if (mn->ops->release) |
| 4599 | - mn->ops->release(mn, mm); |
| 4600 | - |
| 4601 | - spin_lock(&mm->mmu_notifier_mm->lock); |
| 4602 | } |
| 4603 | spin_unlock(&mm->mmu_notifier_mm->lock); |
| 4604 | |
| 4605 | /* |
| 4606 | - * All callouts to ->release() which we have done are complete. |
| 4607 | - * Allow synchronize_srcu() in mmu_notifier_unregister() to complete |
| 4608 | - */ |
| 4609 | - srcu_read_unlock(&srcu, id); |
| 4610 | - |
| 4611 | - /* |
| 4612 | - * mmu_notifier_unregister() may have unlinked a notifier and may |
| 4613 | - * still be calling out to it. Additionally, other notifiers |
| 4614 | - * may have been active via vmtruncate() et. al. Block here |
| 4615 | - * to ensure that all notifier callouts for this mm have been |
| 4616 | - * completed and the sptes are really cleaned up before returning |
| 4617 | - * to exit_mmap(). |
| 4618 | + * synchronize_srcu here prevents mmu_notifier_release from returning to |
| 4619 | + * exit_mmap (which would proceed with freeing all pages in the mm) |
| 4620 | + * until the ->release method returns, if it was invoked by |
| 4621 | + * mmu_notifier_unregister. |
| 4622 | + * |
| 4623 | + * The mmu_notifier_mm can't go away from under us because one mm_count |
| 4624 | + * is held by exit_mmap. |
| 4625 | */ |
| 4626 | synchronize_srcu(&srcu); |
| 4627 | } |
| 4628 | @@ -292,31 +288,34 @@ void mmu_notifier_unregister(struct mmu_notifier *mn, struct mm_struct *mm) |
| 4629 | { |
| 4630 | BUG_ON(atomic_read(&mm->mm_count) <= 0); |
| 4631 | |
| 4632 | - spin_lock(&mm->mmu_notifier_mm->lock); |
| 4633 | if (!hlist_unhashed(&mn->hlist)) { |
| 4634 | + /* |
| 4635 | + * SRCU here will force exit_mmap to wait for ->release to |
| 4636 | + * finish before freeing the pages. |
| 4637 | + */ |
| 4638 | int id; |
| 4639 | |
| 4640 | + id = srcu_read_lock(&srcu); |
| 4641 | /* |
| 4642 | - * Ensure we synchronize up with __mmu_notifier_release(). |
| 4643 | + * exit_mmap will block in mmu_notifier_release to guarantee |
| 4644 | + * that ->release is called before freeing the pages. |
| 4645 | */ |
| 4646 | - id = srcu_read_lock(&srcu); |
| 4647 | - |
| 4648 | - hlist_del_rcu(&mn->hlist); |
| 4649 | - spin_unlock(&mm->mmu_notifier_mm->lock); |
| 4650 | - |
| 4651 | if (mn->ops->release) |
| 4652 | mn->ops->release(mn, mm); |
| 4653 | + srcu_read_unlock(&srcu, id); |
| 4654 | |
| 4655 | + spin_lock(&mm->mmu_notifier_mm->lock); |
| 4656 | /* |
| 4657 | - * Allow __mmu_notifier_release() to complete. |
| 4658 | + * Can not use list_del_rcu() since __mmu_notifier_release |
| 4659 | + * can delete it before we hold the lock. |
| 4660 | */ |
| 4661 | - srcu_read_unlock(&srcu, id); |
| 4662 | - } else |
| 4663 | + hlist_del_init_rcu(&mn->hlist); |
| 4664 | spin_unlock(&mm->mmu_notifier_mm->lock); |
| 4665 | + } |
| 4666 | |
| 4667 | /* |
| 4668 | - * Wait for any running method to finish, including ->release() if it |
| 4669 | - * was run by __mmu_notifier_release() instead of us. |
| 4670 | + * Wait for any running method to finish, of course including |
| 4671 | + * ->release if it was run by mmu_notifier_relase instead of us. |
| 4672 | */ |
| 4673 | synchronize_srcu(&srcu); |
| 4674 | |
| 4675 | diff --git a/mm/pagewalk.c b/mm/pagewalk.c |
| 4676 | index 35aa294..5da2cbc 100644 |
| 4677 | --- a/mm/pagewalk.c |
| 4678 | +++ b/mm/pagewalk.c |
| 4679 | @@ -127,28 +127,7 @@ static int walk_hugetlb_range(struct vm_area_struct *vma, |
| 4680 | return 0; |
| 4681 | } |
| 4682 | |
| 4683 | -static struct vm_area_struct* hugetlb_vma(unsigned long addr, struct mm_walk *walk) |
| 4684 | -{ |
| 4685 | - struct vm_area_struct *vma; |
| 4686 | - |
| 4687 | - /* We don't need vma lookup at all. */ |
| 4688 | - if (!walk->hugetlb_entry) |
| 4689 | - return NULL; |
| 4690 | - |
| 4691 | - VM_BUG_ON(!rwsem_is_locked(&walk->mm->mmap_sem)); |
| 4692 | - vma = find_vma(walk->mm, addr); |
| 4693 | - if (vma && vma->vm_start <= addr && is_vm_hugetlb_page(vma)) |
| 4694 | - return vma; |
| 4695 | - |
| 4696 | - return NULL; |
| 4697 | -} |
| 4698 | - |
| 4699 | #else /* CONFIG_HUGETLB_PAGE */ |
| 4700 | -static struct vm_area_struct* hugetlb_vma(unsigned long addr, struct mm_walk *walk) |
| 4701 | -{ |
| 4702 | - return NULL; |
| 4703 | -} |
| 4704 | - |
| 4705 | static int walk_hugetlb_range(struct vm_area_struct *vma, |
| 4706 | unsigned long addr, unsigned long end, |
| 4707 | struct mm_walk *walk) |
| 4708 | @@ -198,30 +177,53 @@ int walk_page_range(unsigned long addr, unsigned long end, |
| 4709 | if (!walk->mm) |
| 4710 | return -EINVAL; |
| 4711 | |
| 4712 | + VM_BUG_ON(!rwsem_is_locked(&walk->mm->mmap_sem)); |
| 4713 | + |
| 4714 | pgd = pgd_offset(walk->mm, addr); |
| 4715 | do { |
| 4716 | - struct vm_area_struct *vma; |
| 4717 | + struct vm_area_struct *vma = NULL; |
| 4718 | |
| 4719 | next = pgd_addr_end(addr, end); |
| 4720 | |
| 4721 | /* |
| 4722 | - * handle hugetlb vma individually because pagetable walk for |
| 4723 | - * the hugetlb page is dependent on the architecture and |
| 4724 | - * we can't handled it in the same manner as non-huge pages. |
| 4725 | + * This function was not intended to be vma based. |
| 4726 | + * But there are vma special cases to be handled: |
| 4727 | + * - hugetlb vma's |
| 4728 | + * - VM_PFNMAP vma's |
| 4729 | */ |
| 4730 | - vma = hugetlb_vma(addr, walk); |
| 4731 | + vma = find_vma(walk->mm, addr); |
| 4732 | if (vma) { |
| 4733 | - if (vma->vm_end < next) |
| 4734 | + /* |
| 4735 | + * There are no page structures backing a VM_PFNMAP |
| 4736 | + * range, so do not allow split_huge_page_pmd(). |
| 4737 | + */ |
| 4738 | + if ((vma->vm_start <= addr) && |
| 4739 | + (vma->vm_flags & VM_PFNMAP)) { |
| 4740 | next = vma->vm_end; |
| 4741 | + pgd = pgd_offset(walk->mm, next); |
| 4742 | + continue; |
| 4743 | + } |
| 4744 | /* |
| 4745 | - * Hugepage is very tightly coupled with vma, so |
| 4746 | - * walk through hugetlb entries within a given vma. |
| 4747 | + * Handle hugetlb vma individually because pagetable |
| 4748 | + * walk for the hugetlb page is dependent on the |
| 4749 | + * architecture and we can't handled it in the same |
| 4750 | + * manner as non-huge pages. |
| 4751 | */ |
| 4752 | - err = walk_hugetlb_range(vma, addr, next, walk); |
| 4753 | - if (err) |
| 4754 | - break; |
| 4755 | - pgd = pgd_offset(walk->mm, next); |
| 4756 | - continue; |
| 4757 | + if (walk->hugetlb_entry && (vma->vm_start <= addr) && |
| 4758 | + is_vm_hugetlb_page(vma)) { |
| 4759 | + if (vma->vm_end < next) |
| 4760 | + next = vma->vm_end; |
| 4761 | + /* |
| 4762 | + * Hugepage is very tightly coupled with vma, |
| 4763 | + * so walk through hugetlb entries within a |
| 4764 | + * given vma. |
| 4765 | + */ |
| 4766 | + err = walk_hugetlb_range(vma, addr, next, walk); |
| 4767 | + if (err) |
| 4768 | + break; |
| 4769 | + pgd = pgd_offset(walk->mm, next); |
| 4770 | + continue; |
| 4771 | + } |
| 4772 | } |
| 4773 | |
| 4774 | if (pgd_none_or_clear_bad(pgd)) { |
| 4775 | diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c |
| 4776 | index d51ca9d..9cbebc2 100644 |
| 4777 | --- a/net/mac80211/iface.c |
| 4778 | +++ b/net/mac80211/iface.c |
| 4779 | @@ -1649,6 +1649,15 @@ void ieee80211_remove_interfaces(struct ieee80211_local *local) |
| 4780 | |
| 4781 | ASSERT_RTNL(); |
| 4782 | |
| 4783 | + /* |
| 4784 | + * Close all AP_VLAN interfaces first, as otherwise they |
| 4785 | + * might be closed while the AP interface they belong to |
| 4786 | + * is closed, causing unregister_netdevice_many() to crash. |
| 4787 | + */ |
| 4788 | + list_for_each_entry(sdata, &local->interfaces, list) |
| 4789 | + if (sdata->vif.type == NL80211_IFTYPE_AP_VLAN) |
| 4790 | + dev_close(sdata->dev); |
| 4791 | + |
| 4792 | mutex_lock(&local->iflist_mtx); |
| 4793 | list_for_each_entry_safe(sdata, tmp, &local->interfaces, list) { |
| 4794 | list_del(&sdata->list); |
| 4795 | diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c |
| 4796 | index 346ad4c..0a60f40 100644 |
| 4797 | --- a/net/mac80211/mlme.c |
| 4798 | +++ b/net/mac80211/mlme.c |
| 4799 | @@ -3182,10 +3182,6 @@ static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata) |
| 4800 | if (WARN_ON_ONCE(!auth_data)) |
| 4801 | return -EINVAL; |
| 4802 | |
| 4803 | - if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) |
| 4804 | - tx_flags = IEEE80211_TX_CTL_REQ_TX_STATUS | |
| 4805 | - IEEE80211_TX_INTFL_MLME_CONN_TX; |
| 4806 | - |
| 4807 | auth_data->tries++; |
| 4808 | |
| 4809 | if (auth_data->tries > IEEE80211_AUTH_MAX_TRIES) { |
| 4810 | @@ -3219,6 +3215,10 @@ static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata) |
| 4811 | auth_data->expected_transaction = trans; |
| 4812 | } |
| 4813 | |
| 4814 | + if (local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS) |
| 4815 | + tx_flags = IEEE80211_TX_CTL_REQ_TX_STATUS | |
| 4816 | + IEEE80211_TX_INTFL_MLME_CONN_TX; |
| 4817 | + |
| 4818 | ieee80211_send_auth(sdata, trans, auth_data->algorithm, status, |
| 4819 | auth_data->data, auth_data->data_len, |
| 4820 | auth_data->bss->bssid, |
| 4821 | @@ -3242,12 +3242,12 @@ static int ieee80211_probe_auth(struct ieee80211_sub_if_data *sdata) |
| 4822 | * will not answer to direct packet in unassociated state. |
| 4823 | */ |
| 4824 | ieee80211_send_probe_req(sdata, NULL, ssidie + 2, ssidie[1], |
| 4825 | - NULL, 0, (u32) -1, true, tx_flags, |
| 4826 | + NULL, 0, (u32) -1, true, 0, |
| 4827 | auth_data->bss->channel, false); |
| 4828 | rcu_read_unlock(); |
| 4829 | } |
| 4830 | |
| 4831 | - if (!(local->hw.flags & IEEE80211_HW_REPORTS_TX_ACK_STATUS)) { |
| 4832 | + if (tx_flags == 0) { |
| 4833 | auth_data->timeout = jiffies + IEEE80211_AUTH_TIMEOUT; |
| 4834 | ifmgd->auth_data->timeout_started = true; |
| 4835 | run_again(ifmgd, auth_data->timeout); |
| 4836 | diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c |
| 4837 | index c6844ad..bb0b457 100644 |
| 4838 | --- a/net/mac80211/rx.c |
| 4839 | +++ b/net/mac80211/rx.c |
| 4840 | @@ -3032,6 +3032,9 @@ static int prepare_for_handlers(struct ieee80211_rx_data *rx, |
| 4841 | * and location updates. Note that mac80211 |
| 4842 | * itself never looks at these frames. |
| 4843 | */ |
| 4844 | + if (!multicast && |
| 4845 | + !ether_addr_equal(sdata->vif.addr, hdr->addr1)) |
| 4846 | + return 0; |
| 4847 | if (ieee80211_is_public_action(hdr, skb->len)) |
| 4848 | return 1; |
| 4849 | if (!ieee80211_is_beacon(hdr->frame_control)) |
| 4850 | diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c |
| 4851 | index 3ed801d..124b1fd 100644 |
| 4852 | --- a/net/mac80211/tkip.c |
| 4853 | +++ b/net/mac80211/tkip.c |
| 4854 | @@ -208,10 +208,10 @@ void ieee80211_get_tkip_p2k(struct ieee80211_key_conf *keyconf, |
| 4855 | u32 iv32 = get_unaligned_le32(&data[4]); |
| 4856 | u16 iv16 = data[2] | (data[0] << 8); |
| 4857 | |
| 4858 | - spin_lock_bh(&key->u.tkip.txlock); |
| 4859 | + spin_lock(&key->u.tkip.txlock); |
| 4860 | ieee80211_compute_tkip_p1k(key, iv32); |
| 4861 | tkip_mixing_phase2(tk, ctx, iv16, p2k); |
| 4862 | - spin_unlock_bh(&key->u.tkip.txlock); |
| 4863 | + spin_unlock(&key->u.tkip.txlock); |
| 4864 | } |
| 4865 | EXPORT_SYMBOL(ieee80211_get_tkip_p2k); |
| 4866 | |
| 4867 | diff --git a/net/sunrpc/sched.c b/net/sunrpc/sched.c |
| 4868 | index f8529fc..5356b12 100644 |
| 4869 | --- a/net/sunrpc/sched.c |
| 4870 | +++ b/net/sunrpc/sched.c |
| 4871 | @@ -324,11 +324,17 @@ EXPORT_SYMBOL_GPL(__rpc_wait_for_completion_task); |
| 4872 | * Note: If the task is ASYNC, and is being made runnable after sitting on an |
| 4873 | * rpc_wait_queue, this must be called with the queue spinlock held to protect |
| 4874 | * the wait queue operation. |
| 4875 | + * Note the ordering of rpc_test_and_set_running() and rpc_clear_queued(), |
| 4876 | + * which is needed to ensure that __rpc_execute() doesn't loop (due to the |
| 4877 | + * lockless RPC_IS_QUEUED() test) before we've had a chance to test |
| 4878 | + * the RPC_TASK_RUNNING flag. |
| 4879 | */ |
| 4880 | static void rpc_make_runnable(struct rpc_task *task) |
| 4881 | { |
| 4882 | + bool need_wakeup = !rpc_test_and_set_running(task); |
| 4883 | + |
| 4884 | rpc_clear_queued(task); |
| 4885 | - if (rpc_test_and_set_running(task)) |
| 4886 | + if (!need_wakeup) |
| 4887 | return; |
| 4888 | if (RPC_IS_ASYNC(task)) { |
| 4889 | INIT_WORK(&task->u.tk_work, rpc_async_schedule); |
| 4890 | diff --git a/net/sunrpc/svcauth_unix.c b/net/sunrpc/svcauth_unix.c |
| 4891 | index c3f9e1e..06bdf5a 100644 |
| 4892 | --- a/net/sunrpc/svcauth_unix.c |
| 4893 | +++ b/net/sunrpc/svcauth_unix.c |
| 4894 | @@ -810,11 +810,15 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp) |
| 4895 | goto badcred; |
| 4896 | argv->iov_base = (void*)((__be32*)argv->iov_base + slen); /* skip machname */ |
| 4897 | argv->iov_len -= slen*4; |
| 4898 | - |
| 4899 | + /* |
| 4900 | + * Note: we skip uid_valid()/gid_valid() checks here for |
| 4901 | + * backwards compatibility with clients that use -1 id's. |
| 4902 | + * Instead, -1 uid or gid is later mapped to the |
| 4903 | + * (export-specific) anonymous id by nfsd_setuser. |
| 4904 | + * Supplementary gid's will be left alone. |
| 4905 | + */ |
| 4906 | cred->cr_uid = make_kuid(&init_user_ns, svc_getnl(argv)); /* uid */ |
| 4907 | cred->cr_gid = make_kgid(&init_user_ns, svc_getnl(argv)); /* gid */ |
| 4908 | - if (!uid_valid(cred->cr_uid) || !gid_valid(cred->cr_gid)) |
| 4909 | - goto badcred; |
| 4910 | slen = svc_getnl(argv); /* gids length */ |
| 4911 | if (slen > 16 || (len -= (slen + 2)*4) < 0) |
| 4912 | goto badcred; |
| 4913 | @@ -823,8 +827,6 @@ svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp) |
| 4914 | return SVC_CLOSE; |
| 4915 | for (i = 0; i < slen; i++) { |
| 4916 | kgid_t kgid = make_kgid(&init_user_ns, svc_getnl(argv)); |
| 4917 | - if (!gid_valid(kgid)) |
| 4918 | - goto badcred; |
| 4919 | GROUP_AT(cred->cr_group_info, i) = kgid; |
| 4920 | } |
| 4921 | if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) { |
| 4922 | diff --git a/net/wireless/core.c b/net/wireless/core.c |
| 4923 | index 6ddf74f..ed56e2b 100644 |
| 4924 | --- a/net/wireless/core.c |
| 4925 | +++ b/net/wireless/core.c |
| 4926 | @@ -638,17 +638,21 @@ int wiphy_register(struct wiphy *wiphy) |
| 4927 | * cfg80211_mutex lock |
| 4928 | */ |
| 4929 | res = rfkill_register(rdev->rfkill); |
| 4930 | - if (res) |
| 4931 | - goto out_rm_dev; |
| 4932 | + if (res) { |
| 4933 | + device_del(&rdev->wiphy.dev); |
| 4934 | + |
| 4935 | + mutex_lock(&cfg80211_mutex); |
| 4936 | + debugfs_remove_recursive(rdev->wiphy.debugfsdir); |
| 4937 | + list_del_rcu(&rdev->list); |
| 4938 | + wiphy_regulatory_deregister(wiphy); |
| 4939 | + mutex_unlock(&cfg80211_mutex); |
| 4940 | + return res; |
| 4941 | + } |
| 4942 | |
| 4943 | rtnl_lock(); |
| 4944 | rdev->wiphy.registered = true; |
| 4945 | rtnl_unlock(); |
| 4946 | return 0; |
| 4947 | - |
| 4948 | -out_rm_dev: |
| 4949 | - device_del(&rdev->wiphy.dev); |
| 4950 | - return res; |
| 4951 | } |
| 4952 | EXPORT_SYMBOL(wiphy_register); |
| 4953 | |
| 4954 | diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c |
| 4955 | index 58e13a8..34ef522 100644 |
| 4956 | --- a/net/wireless/nl80211.c |
| 4957 | +++ b/net/wireless/nl80211.c |
| 4958 | @@ -7177,6 +7177,8 @@ static int nl80211_send_wowlan_tcp(struct sk_buff *msg, |
| 4959 | &tcp->payload_tok)) |
| 4960 | return -ENOBUFS; |
| 4961 | |
| 4962 | + nla_nest_end(msg, nl_tcp); |
| 4963 | + |
| 4964 | return 0; |
| 4965 | } |
| 4966 | |
| 4967 | diff --git a/net/wireless/sme.c b/net/wireless/sme.c |
| 4968 | index 482c70e..5b2d0a0 100644 |
| 4969 | --- a/net/wireless/sme.c |
| 4970 | +++ b/net/wireless/sme.c |
| 4971 | @@ -227,6 +227,9 @@ void cfg80211_conn_work(struct work_struct *work) |
| 4972 | mutex_lock(&rdev->sched_scan_mtx); |
| 4973 | |
| 4974 | list_for_each_entry(wdev, &rdev->wdev_list, list) { |
| 4975 | + if (!wdev->netdev) |
| 4976 | + continue; |
| 4977 | + |
| 4978 | wdev_lock(wdev); |
| 4979 | if (!netif_running(wdev->netdev)) { |
| 4980 | wdev_unlock(wdev); |
| 4981 | diff --git a/net/wireless/trace.h b/net/wireless/trace.h |
| 4982 | index 7586de7..3cdf17c 100644 |
| 4983 | --- a/net/wireless/trace.h |
| 4984 | +++ b/net/wireless/trace.h |
| 4985 | @@ -2386,6 +2386,7 @@ TRACE_EVENT(cfg80211_report_wowlan_wakeup, |
| 4986 | TP_STRUCT__entry( |
| 4987 | WIPHY_ENTRY |
| 4988 | WDEV_ENTRY |
| 4989 | + __field(bool, non_wireless) |
| 4990 | __field(bool, disconnect) |
| 4991 | __field(bool, magic_pkt) |
| 4992 | __field(bool, gtk_rekey_failure) |
| 4993 | @@ -2394,20 +2395,22 @@ TRACE_EVENT(cfg80211_report_wowlan_wakeup, |
| 4994 | __field(bool, rfkill_release) |
| 4995 | __field(s32, pattern_idx) |
| 4996 | __field(u32, packet_len) |
| 4997 | - __dynamic_array(u8, packet, wakeup->packet_present_len) |
| 4998 | + __dynamic_array(u8, packet, |
| 4999 | + wakeup ? wakeup->packet_present_len : 0) |
| 5000 | ), |
| 5001 | TP_fast_assign( |
| 5002 | WIPHY_ASSIGN; |
| 5003 | WDEV_ASSIGN; |
| 5004 | - __entry->disconnect = wakeup->disconnect; |
| 5005 | - __entry->magic_pkt = wakeup->magic_pkt; |
| 5006 | - __entry->gtk_rekey_failure = wakeup->gtk_rekey_failure; |
| 5007 | - __entry->eap_identity_req = wakeup->eap_identity_req; |
| 5008 | - __entry->four_way_handshake = wakeup->four_way_handshake; |
| 5009 | - __entry->rfkill_release = wakeup->rfkill_release; |
| 5010 | - __entry->pattern_idx = wakeup->pattern_idx; |
| 5011 | - __entry->packet_len = wakeup->packet_len; |
| 5012 | - if (wakeup->packet && wakeup->packet_present_len) |
| 5013 | + __entry->non_wireless = !wakeup; |
| 5014 | + __entry->disconnect = wakeup ? wakeup->disconnect : false; |
| 5015 | + __entry->magic_pkt = wakeup ? wakeup->magic_pkt : false; |
| 5016 | + __entry->gtk_rekey_failure = wakeup ? wakeup->gtk_rekey_failure : false; |
| 5017 | + __entry->eap_identity_req = wakeup ? wakeup->eap_identity_req : false; |
| 5018 | + __entry->four_way_handshake = wakeup ? wakeup->four_way_handshake : false; |
| 5019 | + __entry->rfkill_release = wakeup ? wakeup->rfkill_release : false; |
| 5020 | + __entry->pattern_idx = wakeup ? wakeup->pattern_idx : false; |
| 5021 | + __entry->packet_len = wakeup ? wakeup->packet_len : false; |
| 5022 | + if (wakeup && wakeup->packet && wakeup->packet_present_len) |
| 5023 | memcpy(__get_dynamic_array(packet), wakeup->packet, |
| 5024 | wakeup->packet_present_len); |
| 5025 | ), |
| 5026 | diff --git a/sound/soc/codecs/cs42l52.c b/sound/soc/codecs/cs42l52.c |
| 5027 | index 0f6f481..c92a056 100644 |
| 5028 | --- a/sound/soc/codecs/cs42l52.c |
| 5029 | +++ b/sound/soc/codecs/cs42l52.c |
| 5030 | @@ -86,7 +86,7 @@ static const struct reg_default cs42l52_reg_defaults[] = { |
| 5031 | { CS42L52_BEEP_VOL, 0x00 }, /* r1D Beep Volume off Time */ |
| 5032 | { CS42L52_BEEP_TONE_CTL, 0x00 }, /* r1E Beep Tone Cfg. */ |
| 5033 | { CS42L52_TONE_CTL, 0x00 }, /* r1F Tone Ctl */ |
| 5034 | - { CS42L52_MASTERA_VOL, 0x88 }, /* r20 Master A Volume */ |
| 5035 | + { CS42L52_MASTERA_VOL, 0x00 }, /* r20 Master A Volume */ |
| 5036 | { CS42L52_MASTERB_VOL, 0x00 }, /* r21 Master B Volume */ |
| 5037 | { CS42L52_HPA_VOL, 0x00 }, /* r22 Headphone A Volume */ |
| 5038 | { CS42L52_HPB_VOL, 0x00 }, /* r23 Headphone B Volume */ |
| 5039 | diff --git a/sound/soc/codecs/wm5110.c b/sound/soc/codecs/wm5110.c |
| 5040 | index cdeb301..eaeab83 100644 |
| 5041 | --- a/sound/soc/codecs/wm5110.c |
| 5042 | +++ b/sound/soc/codecs/wm5110.c |
| 5043 | @@ -190,7 +190,7 @@ ARIZONA_MIXER_CONTROLS("DSP2R", ARIZONA_DSP2RMIX_INPUT_1_SOURCE), |
| 5044 | ARIZONA_MIXER_CONTROLS("DSP3L", ARIZONA_DSP3LMIX_INPUT_1_SOURCE), |
| 5045 | ARIZONA_MIXER_CONTROLS("DSP3R", ARIZONA_DSP3RMIX_INPUT_1_SOURCE), |
| 5046 | ARIZONA_MIXER_CONTROLS("DSP4L", ARIZONA_DSP4LMIX_INPUT_1_SOURCE), |
| 5047 | -ARIZONA_MIXER_CONTROLS("DSP5R", ARIZONA_DSP4RMIX_INPUT_1_SOURCE), |
| 5048 | +ARIZONA_MIXER_CONTROLS("DSP4R", ARIZONA_DSP4RMIX_INPUT_1_SOURCE), |
| 5049 | |
| 5050 | ARIZONA_MIXER_CONTROLS("Mic", ARIZONA_MICMIX_INPUT_1_SOURCE), |
| 5051 | ARIZONA_MIXER_CONTROLS("Noise", ARIZONA_NOISEMIX_INPUT_1_SOURCE), |
| 5052 | diff --git a/sound/soc/davinci/davinci-mcasp.c b/sound/soc/davinci/davinci-mcasp.c |
| 5053 | index 9321e5c..4eee59d 100644 |
| 5054 | --- a/sound/soc/davinci/davinci-mcasp.c |
| 5055 | +++ b/sound/soc/davinci/davinci-mcasp.c |
| 5056 | @@ -626,7 +626,8 @@ static int davinci_config_channel_size(struct davinci_audio_dev *dev, |
| 5057 | int word_length) |
| 5058 | { |
| 5059 | u32 fmt; |
| 5060 | - u32 rotate = (word_length / 4) & 0x7; |
| 5061 | + u32 tx_rotate = (word_length / 4) & 0x7; |
| 5062 | + u32 rx_rotate = (32 - word_length) / 4; |
| 5063 | u32 mask = (1ULL << word_length) - 1; |
| 5064 | |
| 5065 | /* |
| 5066 | @@ -647,9 +648,9 @@ static int davinci_config_channel_size(struct davinci_audio_dev *dev, |
| 5067 | RXSSZ(fmt), RXSSZ(0x0F)); |
| 5068 | mcasp_mod_bits(dev->base + DAVINCI_MCASP_TXFMT_REG, |
| 5069 | TXSSZ(fmt), TXSSZ(0x0F)); |
| 5070 | - mcasp_mod_bits(dev->base + DAVINCI_MCASP_TXFMT_REG, TXROT(rotate), |
| 5071 | + mcasp_mod_bits(dev->base + DAVINCI_MCASP_TXFMT_REG, TXROT(tx_rotate), |
| 5072 | TXROT(7)); |
| 5073 | - mcasp_mod_bits(dev->base + DAVINCI_MCASP_RXFMT_REG, RXROT(rotate), |
| 5074 | + mcasp_mod_bits(dev->base + DAVINCI_MCASP_RXFMT_REG, RXROT(rx_rotate), |
| 5075 | RXROT(7)); |
| 5076 | mcasp_set_reg(dev->base + DAVINCI_MCASP_TXMASK_REG, mask); |
| 5077 | mcasp_set_reg(dev->base + DAVINCI_MCASP_RXMASK_REG, mask); |
| 5078 | diff --git a/tools/perf/scripts/python/net_dropmonitor.py b/tools/perf/scripts/python/net_dropmonitor.py |
| 5079 | index a4ffc95..4c11605 100755 |
| 5080 | --- a/tools/perf/scripts/python/net_dropmonitor.py |
| 5081 | +++ b/tools/perf/scripts/python/net_dropmonitor.py |
| 5082 | @@ -40,9 +40,9 @@ def get_kallsyms_table(): |
| 5083 | |
| 5084 | def get_sym(sloc): |
| 5085 | loc = int(sloc) |
| 5086 | - for i in kallsyms: |
| 5087 | - if (i['loc'] >= loc): |
| 5088 | - return (i['name'], i['loc']-loc) |
| 5089 | + for i in kallsyms[::-1]: |
| 5090 | + if loc >= i['loc']: |
| 5091 | + return (i['name'], loc - i['loc']) |
| 5092 | return (None, 0) |
| 5093 | |
| 5094 | def print_drop_table(): |
| 5095 | @@ -64,7 +64,7 @@ def trace_end(): |
| 5096 | |
| 5097 | # called from perf, when it finds a correspoinding event |
| 5098 | def skb__kfree_skb(name, context, cpu, sec, nsec, pid, comm, |
| 5099 | - skbaddr, protocol, location): |
| 5100 | + skbaddr, location, protocol): |
| 5101 | slocation = str(location) |
| 5102 | try: |
| 5103 | drop_log[slocation] = drop_log[slocation] + 1 |