Annotation of /trunk/kernel26-alx/patches-2.6.27-r3/0136-2.6.27.37-all-fixes.patch
Parent Directory
| 
Revision Log
Revision 1176 -
(hide annotations)
(download)
Thu Oct 14 15:11:06 2010 UTC (13 years, 8 months ago) by niro
File size: 10897 byte(s)
Thu Oct 14 15:11:06 2010 UTC (13 years, 8 months ago) by niro
File size: 10897 byte(s)
-2.6.27-alx-r3: new magellan 0.5.2 kernel
| 1 | niro | 1176 | diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S |
| 2 | index 5e65290..09b59b2 100644 | ||
| 3 | --- a/arch/x86/ia32/ia32entry.S | ||
| 4 | +++ b/arch/x86/ia32/ia32entry.S | ||
| 5 | @@ -21,8 +21,8 @@ | ||
| 6 | #define __AUDIT_ARCH_LE 0x40000000 | ||
| 7 | |||
| 8 | #ifndef CONFIG_AUDITSYSCALL | ||
| 9 | -#define sysexit_audit int_ret_from_sys_call | ||
| 10 | -#define sysretl_audit int_ret_from_sys_call | ||
| 11 | +#define sysexit_audit ia32_ret_from_sys_call | ||
| 12 | +#define sysretl_audit ia32_ret_from_sys_call | ||
| 13 | #endif | ||
| 14 | |||
| 15 | #define IA32_NR_syscalls ((ia32_syscall_end - ia32_sys_call_table)/8) | ||
| 16 | @@ -39,12 +39,12 @@ | ||
| 17 | .endm | ||
| 18 | |||
| 19 | /* clobbers %eax */ | ||
| 20 | - .macro CLEAR_RREGS | ||
| 21 | + .macro CLEAR_RREGS offset=0, _r9=rax | ||
| 22 | xorl %eax,%eax | ||
| 23 | - movq %rax,R11(%rsp) | ||
| 24 | - movq %rax,R10(%rsp) | ||
| 25 | - movq %rax,R9(%rsp) | ||
| 26 | - movq %rax,R8(%rsp) | ||
| 27 | + movq %rax,\offset+R11(%rsp) | ||
| 28 | + movq %rax,\offset+R10(%rsp) | ||
| 29 | + movq %\_r9,\offset+R9(%rsp) | ||
| 30 | + movq %rax,\offset+R8(%rsp) | ||
| 31 | .endm | ||
| 32 | |||
| 33 | /* | ||
| 34 | @@ -52,11 +52,10 @@ | ||
| 35 | * We don't reload %eax because syscall_trace_enter() returned | ||
| 36 | * the value it wants us to use in the table lookup. | ||
| 37 | */ | ||
| 38 | - .macro LOAD_ARGS32 offset | ||
| 39 | - movl \offset(%rsp),%r11d | ||
| 40 | - movl \offset+8(%rsp),%r10d | ||
| 41 | + .macro LOAD_ARGS32 offset, _r9=0 | ||
| 42 | + .if \_r9 | ||
| 43 | movl \offset+16(%rsp),%r9d | ||
| 44 | - movl \offset+24(%rsp),%r8d | ||
| 45 | + .endif | ||
| 46 | movl \offset+40(%rsp),%ecx | ||
| 47 | movl \offset+48(%rsp),%edx | ||
| 48 | movl \offset+56(%rsp),%esi | ||
| 49 | @@ -145,7 +144,7 @@ ENTRY(ia32_sysenter_target) | ||
| 50 | SAVE_ARGS 0,0,1 | ||
| 51 | /* no need to do an access_ok check here because rbp has been | ||
| 52 | 32bit zero extended */ | ||
| 53 | -1: movl (%rbp),%r9d | ||
| 54 | +1: movl (%rbp),%ebp | ||
| 55 | .section __ex_table,"a" | ||
| 56 | .quad 1b,ia32_badarg | ||
| 57 | .previous | ||
| 58 | @@ -157,7 +156,7 @@ ENTRY(ia32_sysenter_target) | ||
| 59 | cmpl $(IA32_NR_syscalls-1),%eax | ||
| 60 | ja ia32_badsys | ||
| 61 | sysenter_do_call: | ||
| 62 | - IA32_ARG_FIXUP 1 | ||
| 63 | + IA32_ARG_FIXUP | ||
| 64 | sysenter_dispatch: | ||
| 65 | call *ia32_sys_call_table(,%rax,8) | ||
| 66 | movq %rax,RAX-ARGOFFSET(%rsp) | ||
| 67 | @@ -173,6 +172,10 @@ sysexit_from_sys_call: | ||
| 68 | movl RIP-R11(%rsp),%edx /* User %eip */ | ||
| 69 | CFI_REGISTER rip,rdx | ||
| 70 | RESTORE_ARGS 1,24,1,1,1,1 | ||
| 71 | + xorq %r8,%r8 | ||
| 72 | + xorq %r9,%r9 | ||
| 73 | + xorq %r10,%r10 | ||
| 74 | + xorq %r11,%r11 | ||
| 75 | popfq | ||
| 76 | CFI_ADJUST_CFA_OFFSET -8 | ||
| 77 | /*CFI_RESTORE rflags*/ | ||
| 78 | @@ -203,7 +206,7 @@ sysexit_from_sys_call: | ||
| 79 | |||
| 80 | .macro auditsys_exit exit,ebpsave=RBP | ||
| 81 | testl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT),TI_flags(%r10) | ||
| 82 | - jnz int_ret_from_sys_call | ||
| 83 | + jnz ia32_ret_from_sys_call | ||
| 84 | TRACE_IRQS_ON | ||
| 85 | sti | ||
| 86 | movl %eax,%esi /* second arg, syscall return value */ | ||
| 87 | @@ -219,8 +222,9 @@ sysexit_from_sys_call: | ||
| 88 | cli | ||
| 89 | TRACE_IRQS_OFF | ||
| 90 | testl %edi,TI_flags(%r10) | ||
| 91 | - jnz int_with_check | ||
| 92 | - jmp \exit | ||
| 93 | + jz \exit | ||
| 94 | + CLEAR_RREGS -ARGOFFSET | ||
| 95 | + jmp int_with_check | ||
| 96 | .endm | ||
| 97 | |||
| 98 | sysenter_auditsys: | ||
| 99 | @@ -234,20 +238,17 @@ sysexit_audit: | ||
| 100 | #endif | ||
| 101 | |||
| 102 | sysenter_tracesys: | ||
| 103 | - xchgl %r9d,%ebp | ||
| 104 | #ifdef CONFIG_AUDITSYSCALL | ||
| 105 | testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT),TI_flags(%r10) | ||
| 106 | jz sysenter_auditsys | ||
| 107 | #endif | ||
| 108 | SAVE_REST | ||
| 109 | CLEAR_RREGS | ||
| 110 | - movq %r9,R9(%rsp) | ||
| 111 | movq $-ENOSYS,RAX(%rsp)/* ptrace can change this for a bad syscall */ | ||
| 112 | movq %rsp,%rdi /* &pt_regs -> arg1 */ | ||
| 113 | call syscall_trace_enter | ||
| 114 | LOAD_ARGS32 ARGOFFSET /* reload args from stack in case ptrace changed it */ | ||
| 115 | RESTORE_REST | ||
| 116 | - xchgl %ebp,%r9d | ||
| 117 | cmpl $(IA32_NR_syscalls-1),%eax | ||
| 118 | ja int_ret_from_sys_call /* sysenter_tracesys has set RAX(%rsp) */ | ||
| 119 | jmp sysenter_do_call | ||
| 120 | @@ -314,9 +315,9 @@ ENTRY(ia32_cstar_target) | ||
| 121 | testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%r10) | ||
| 122 | CFI_REMEMBER_STATE | ||
| 123 | jnz cstar_tracesys | ||
| 124 | -cstar_do_call: | ||
| 125 | cmpl $IA32_NR_syscalls-1,%eax | ||
| 126 | ja ia32_badsys | ||
| 127 | +cstar_do_call: | ||
| 128 | IA32_ARG_FIXUP 1 | ||
| 129 | cstar_dispatch: | ||
| 130 | call *ia32_sys_call_table(,%rax,8) | ||
| 131 | @@ -333,6 +334,9 @@ sysretl_from_sys_call: | ||
| 132 | CFI_REGISTER rip,rcx | ||
| 133 | movl EFLAGS-ARGOFFSET(%rsp),%r11d | ||
| 134 | /*CFI_REGISTER rflags,r11*/ | ||
| 135 | + xorq %r10,%r10 | ||
| 136 | + xorq %r9,%r9 | ||
| 137 | + xorq %r8,%r8 | ||
| 138 | TRACE_IRQS_ON | ||
| 139 | movl RSP-ARGOFFSET(%rsp),%esp | ||
| 140 | CFI_RESTORE rsp | ||
| 141 | @@ -357,15 +361,13 @@ cstar_tracesys: | ||
| 142 | #endif | ||
| 143 | xchgl %r9d,%ebp | ||
| 144 | SAVE_REST | ||
| 145 | - CLEAR_RREGS | ||
| 146 | - movq %r9,R9(%rsp) | ||
| 147 | + CLEAR_RREGS 0, r9 | ||
| 148 | movq $-ENOSYS,RAX(%rsp) /* ptrace can change this for a bad syscall */ | ||
| 149 | movq %rsp,%rdi /* &pt_regs -> arg1 */ | ||
| 150 | call syscall_trace_enter | ||
| 151 | - LOAD_ARGS32 ARGOFFSET /* reload args from stack in case ptrace changed it */ | ||
| 152 | + LOAD_ARGS32 ARGOFFSET, 1 /* reload args from stack in case ptrace changed it */ | ||
| 153 | RESTORE_REST | ||
| 154 | xchgl %ebp,%r9d | ||
| 155 | - movl RSP-ARGOFFSET(%rsp), %r8d | ||
| 156 | cmpl $(IA32_NR_syscalls-1),%eax | ||
| 157 | ja int_ret_from_sys_call /* cstar_tracesys has set RAX(%rsp) */ | ||
| 158 | jmp cstar_do_call | ||
| 159 | @@ -431,6 +433,8 @@ ia32_do_call: | ||
| 160 | call *ia32_sys_call_table(,%rax,8) # xxx: rip relative | ||
| 161 | ia32_sysret: | ||
| 162 | movq %rax,RAX-ARGOFFSET(%rsp) | ||
| 163 | +ia32_ret_from_sys_call: | ||
| 164 | + CLEAR_RREGS -ARGOFFSET | ||
| 165 | jmp int_ret_from_sys_call | ||
| 166 | |||
| 167 | ia32_tracesys: | ||
| 168 | @@ -448,8 +452,8 @@ END(ia32_syscall) | ||
| 169 | |||
| 170 | ia32_badsys: | ||
| 171 | movq $0,ORIG_RAX-ARGOFFSET(%rsp) | ||
| 172 | - movq $-ENOSYS,RAX-ARGOFFSET(%rsp) | ||
| 173 | - jmp int_ret_from_sys_call | ||
| 174 | + movq $-ENOSYS,%rax | ||
| 175 | + jmp ia32_sysret | ||
| 176 | |||
| 177 | quiet_ni_syscall: | ||
| 178 | movq $-ENOSYS,%rax | ||
| 179 | diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c | ||
| 180 | index f7c7142..60ebfd7 100644 | ||
| 181 | --- a/arch/x86/kvm/x86.c | ||
| 182 | +++ b/arch/x86/kvm/x86.c | ||
| 183 | @@ -2571,6 +2571,11 @@ int kvm_emulate_hypercall(struct kvm_vcpu *vcpu) | ||
| 184 | a3 &= 0xFFFFFFFF; | ||
| 185 | } | ||
| 186 | |||
| 187 | + if (kvm_x86_ops->get_cpl(vcpu) != 0) { | ||
| 188 | + ret = -KVM_EPERM; | ||
| 189 | + goto out; | ||
| 190 | + } | ||
| 191 | + | ||
| 192 | switch (nr) { | ||
| 193 | case KVM_HC_VAPIC_POLL_IRQ: | ||
| 194 | ret = 0; | ||
| 195 | @@ -2582,6 +2587,7 @@ int kvm_emulate_hypercall(struct kvm_vcpu *vcpu) | ||
| 196 | ret = -KVM_ENOSYS; | ||
| 197 | break; | ||
| 198 | } | ||
| 199 | +out: | ||
| 200 | vcpu->arch.regs[VCPU_REGS_RAX] = ret; | ||
| 201 | kvm_x86_ops->decache_regs(vcpu); | ||
| 202 | ++vcpu->stat.hypercalls; | ||
| 203 | diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c | ||
| 204 | index 56fe712..47dd8f5 100644 | ||
| 205 | --- a/arch/x86/mm/mmap.c | ||
| 206 | +++ b/arch/x86/mm/mmap.c | ||
| 207 | @@ -29,13 +29,26 @@ | ||
| 208 | #include <linux/random.h> | ||
| 209 | #include <linux/limits.h> | ||
| 210 | #include <linux/sched.h> | ||
| 211 | +#include <asm/elf.h> | ||
| 212 | + | ||
| 213 | +static unsigned int stack_maxrandom_size(void) | ||
| 214 | +{ | ||
| 215 | + unsigned int max = 0; | ||
| 216 | + if ((current->flags & PF_RANDOMIZE) && | ||
| 217 | + !(current->personality & ADDR_NO_RANDOMIZE)) { | ||
| 218 | + max = ((-1U) & STACK_RND_MASK) << PAGE_SHIFT; | ||
| 219 | + } | ||
| 220 | + | ||
| 221 | + return max; | ||
| 222 | +} | ||
| 223 | + | ||
| 224 | |||
| 225 | /* | ||
| 226 | * Top of mmap area (just below the process stack). | ||
| 227 | * | ||
| 228 | - * Leave an at least ~128 MB hole. | ||
| 229 | + * Leave an at least ~128 MB hole with possible stack randomization. | ||
| 230 | */ | ||
| 231 | -#define MIN_GAP (128*1024*1024) | ||
| 232 | +#define MIN_GAP (128*1024*1024UL + stack_maxrandom_size()) | ||
| 233 | #define MAX_GAP (TASK_SIZE/6*5) | ||
| 234 | |||
| 235 | /* | ||
| 236 | diff --git a/drivers/net/iseries_veth.c b/drivers/net/iseries_veth.c | ||
| 237 | index c46864d..e1db78a 100644 | ||
| 238 | --- a/drivers/net/iseries_veth.c | ||
| 239 | +++ b/drivers/net/iseries_veth.c | ||
| 240 | @@ -495,7 +495,7 @@ static void veth_take_cap_ack(struct veth_lpar_connection *cnx, | ||
| 241 | cnx->remote_lp); | ||
| 242 | } else { | ||
| 243 | memcpy(&cnx->cap_ack_event, event, | ||
| 244 | - sizeof(&cnx->cap_ack_event)); | ||
| 245 | + sizeof(cnx->cap_ack_event)); | ||
| 246 | cnx->state |= VETH_STATE_GOTCAPACK; | ||
| 247 | veth_kick_statemachine(cnx); | ||
| 248 | } | ||
| 249 | diff --git a/drivers/watchdog/hpwdt.c b/drivers/watchdog/hpwdt.c | ||
| 250 | index 763c1ea..dad4fe6 100644 | ||
| 251 | --- a/drivers/watchdog/hpwdt.c | ||
| 252 | +++ b/drivers/watchdog/hpwdt.c | ||
| 253 | @@ -47,6 +47,7 @@ | ||
| 254 | #define PCI_BIOS32_PARAGRAPH_LEN 16 | ||
| 255 | #define PCI_ROM_BASE1 0x000F0000 | ||
| 256 | #define ROM_SIZE 0x10000 | ||
| 257 | +#define HPWDT_VERSION "1.01" | ||
| 258 | |||
| 259 | struct bios32_service_dir { | ||
| 260 | u32 signature; | ||
| 261 | @@ -130,12 +131,8 @@ static void *cru_rom_addr; | ||
| 262 | static struct cmn_registers cmn_regs; | ||
| 263 | |||
| 264 | static struct pci_device_id hpwdt_devices[] = { | ||
| 265 | - { | ||
| 266 | - .vendor = PCI_VENDOR_ID_COMPAQ, | ||
| 267 | - .device = 0xB203, | ||
| 268 | - .subvendor = PCI_ANY_ID, | ||
| 269 | - .subdevice = PCI_ANY_ID, | ||
| 270 | - }, | ||
| 271 | + { PCI_DEVICE(PCI_VENDOR_ID_COMPAQ, 0xB203) }, | ||
| 272 | + { PCI_DEVICE(PCI_VENDOR_ID_HP, 0x3306) }, | ||
| 273 | {0}, /* terminate list */ | ||
| 274 | }; | ||
| 275 | MODULE_DEVICE_TABLE(pci, hpwdt_devices); | ||
| 276 | @@ -704,10 +701,11 @@ static int __devinit hpwdt_init_one(struct pci_dev *dev, | ||
| 277 | } | ||
| 278 | |||
| 279 | printk(KERN_INFO | ||
| 280 | - "hp Watchdog Timer Driver: 1.00" | ||
| 281 | + "hp Watchdog Timer Driver: %s" | ||
| 282 | ", timer margin: %d seconds (nowayout=%d)" | ||
| 283 | ", allow kernel dump: %s (default = 0/OFF).\n", | ||
| 284 | - soft_margin, nowayout, (allow_kdump == 0) ? "OFF" : "ON"); | ||
| 285 | + HPWDT_VERSION, soft_margin, nowayout, | ||
| 286 | + (allow_kdump == 0) ? "OFF" : "ON"); | ||
| 287 | |||
| 288 | return 0; | ||
| 289 | |||
| 290 | @@ -757,6 +755,7 @@ static int __init hpwdt_init(void) | ||
| 291 | MODULE_AUTHOR("Tom Mingarelli"); | ||
| 292 | MODULE_DESCRIPTION("hp watchdog driver"); | ||
| 293 | MODULE_LICENSE("GPL"); | ||
| 294 | +MODULE_VERSION(HPWDT_VERSION); | ||
| 295 | MODULE_ALIAS_MISCDEV(WATCHDOG_MINOR); | ||
| 296 | |||
| 297 | module_param(soft_margin, int, 0); | ||
| 298 | diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c | ||
| 299 | index 5e78fc1..1c1220e 100644 | ||
| 300 | --- a/fs/ecryptfs/inode.c | ||
| 301 | +++ b/fs/ecryptfs/inode.c | ||
| 302 | @@ -443,6 +443,7 @@ static int ecryptfs_unlink(struct inode *dir, struct dentry *dentry) | ||
| 303 | struct inode *lower_dir_inode = ecryptfs_inode_to_lower(dir); | ||
| 304 | struct dentry *lower_dir_dentry; | ||
| 305 | |||
| 306 | + dget(lower_dentry); | ||
| 307 | lower_dir_dentry = lock_parent(lower_dentry); | ||
| 308 | rc = vfs_unlink(lower_dir_inode, lower_dentry); | ||
| 309 | if (rc) { | ||
| 310 | @@ -456,6 +457,7 @@ static int ecryptfs_unlink(struct inode *dir, struct dentry *dentry) | ||
| 311 | d_drop(dentry); | ||
| 312 | out_unlock: | ||
| 313 | unlock_dir(lower_dir_dentry); | ||
| 314 | + dput(lower_dentry); | ||
| 315 | return rc; | ||
| 316 | } | ||
| 317 | |||
| 318 | diff --git a/include/asm-x86/elf.h b/include/asm-x86/elf.h | ||
| 319 | index 7be4733..36343b6 100644 | ||
| 320 | --- a/include/asm-x86/elf.h | ||
| 321 | +++ b/include/asm-x86/elf.h | ||
| 322 | @@ -287,6 +287,8 @@ do { \ | ||
| 323 | |||
| 324 | #ifdef CONFIG_X86_32 | ||
| 325 | |||
| 326 | +#define STACK_RND_MASK (0x7ff) | ||
| 327 | + | ||
| 328 | #define VDSO_HIGH_BASE (__fix_to_virt(FIX_VDSO)) | ||
| 329 | |||
| 330 | #define ARCH_DLINFO ARCH_DLINFO_IA32(vdso_enabled) | ||
| 331 | diff --git a/include/linux/kvm_para.h b/include/linux/kvm_para.h | ||
| 332 | index 3ddce03..d731092 100644 | ||
| 333 | --- a/include/linux/kvm_para.h | ||
| 334 | +++ b/include/linux/kvm_para.h | ||
| 335 | @@ -13,6 +13,7 @@ | ||
| 336 | #define KVM_ENOSYS 1000 | ||
| 337 | #define KVM_EFAULT EFAULT | ||
| 338 | #define KVM_E2BIG E2BIG | ||
| 339 | +#define KVM_EPERM EPERM | ||
| 340 | |||
| 341 | #define KVM_HC_VAPIC_POLL_IRQ 1 | ||
| 342 | #define KVM_HC_MMU_OP 2 | ||
| 343 | diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c | ||
| 344 | index 521960b..6e22c16 100644 | ||
| 345 | --- a/kernel/time/timekeeping.c | ||
| 346 | +++ b/kernel/time/timekeeping.c | ||
| 347 | @@ -477,6 +477,28 @@ void update_wall_time(void) | ||
| 348 | /* correct the clock when NTP error is too big */ | ||
| 349 | clocksource_adjust(offset); | ||
| 350 | |||
| 351 | + /* | ||
| 352 | + * Since in the loop above, we accumulate any amount of time | ||
| 353 | + * in xtime_nsec over a second into xtime.tv_sec, its possible for | ||
| 354 | + * xtime_nsec to be fairly small after the loop. Further, if we're | ||
| 355 | + * slightly speeding the clocksource up in clocksource_adjust(), | ||
| 356 | + * its possible the required corrective factor to xtime_nsec could | ||
| 357 | + * cause it to underflow. | ||
| 358 | + * | ||
| 359 | + * Now, we cannot simply roll the accumulated second back, since | ||
| 360 | + * the NTP subsystem has been notified via second_overflow. So | ||
| 361 | + * instead we push xtime_nsec forward by the amount we underflowed, | ||
| 362 | + * and add that amount into the error. | ||
| 363 | + * | ||
| 364 | + * We'll correct this error next time through this function, when | ||
| 365 | + * xtime_nsec is not as small. | ||
| 366 | + */ | ||
| 367 | + if (unlikely((s64)clock->xtime_nsec < 0)) { | ||
| 368 | + s64 neg = -(s64)clock->xtime_nsec; | ||
| 369 | + clock->xtime_nsec = 0; | ||
| 370 | + clock->error += neg << (NTP_SCALE_SHIFT - clock->shift); | ||
| 371 | + } | ||
| 372 | + | ||
| 373 | /* store full nanoseconds into xtime */ | ||
| 374 | xtime.tv_nsec = (s64)clock->xtime_nsec >> clock->shift; | ||
| 375 | clock->xtime_nsec -= (s64)xtime.tv_nsec << clock->shift; |