Contents of /trunk/kernel26-magellan/patches-2.6.16-r6/0100-2.6.16-patch-2.6.16.9_fixed
Parent Directory
|
Revision Log
Revision 70 -
(show annotations)
(download)
Thu May 11 19:09:22 2006 UTC (18 years, 1 month ago) by niro
File size: 97769 byte(s)
Thu May 11 19:09:22 2006 UTC (18 years, 1 month ago) by niro
File size: 97769 byte(s)
import
1 | diff --git a/arch/alpha/kernel/setup.c b/arch/alpha/kernel/setup.c |
2 | index b4e5f8f..45308bd 100644 |
3 | --- a/arch/alpha/kernel/setup.c |
4 | +++ b/arch/alpha/kernel/setup.c |
5 | @@ -24,6 +24,7 @@ #include <linux/delay.h> |
6 | #include <linux/config.h> /* CONFIG_ALPHA_LCA etc */ |
7 | #include <linux/mc146818rtc.h> |
8 | #include <linux/console.h> |
9 | +#include <linux/cpu.h> |
10 | #include <linux/errno.h> |
11 | #include <linux/init.h> |
12 | #include <linux/string.h> |
13 | @@ -477,6 +478,22 @@ #undef PFN_DOWN |
14 | #undef PFN_PHYS |
15 | #undef PFN_MAX |
16 | |
17 | +static int __init |
18 | +register_cpus(void) |
19 | +{ |
20 | + int i; |
21 | + |
22 | + for_each_possible_cpu(i) { |
23 | + struct cpu *p = kzalloc(sizeof(*p), GFP_KERNEL); |
24 | + if (!p) |
25 | + return -ENOMEM; |
26 | + register_cpu(p, i, NULL); |
27 | + } |
28 | + return 0; |
29 | +} |
30 | + |
31 | +arch_initcall(register_cpus); |
32 | + |
33 | void __init |
34 | setup_arch(char **cmdline_p) |
35 | { |
36 | diff --git a/arch/alpha/kernel/smp.c b/arch/alpha/kernel/smp.c |
37 | index 02c2db0..1852554 100644 |
38 | --- a/arch/alpha/kernel/smp.c |
39 | +++ b/arch/alpha/kernel/smp.c |
40 | @@ -439,7 +439,7 @@ setup_smp(void) |
41 | if ((cpu->flags & 0x1cc) == 0x1cc) { |
42 | smp_num_probed++; |
43 | /* Assume here that "whami" == index */ |
44 | - cpu_set(i, cpu_possible_map); |
45 | + cpu_set(i, cpu_present_mask); |
46 | cpu->pal_revision = boot_cpu_palrev; |
47 | } |
48 | |
49 | @@ -450,9 +450,8 @@ setup_smp(void) |
50 | } |
51 | } else { |
52 | smp_num_probed = 1; |
53 | - cpu_set(boot_cpuid, cpu_possible_map); |
54 | + cpu_set(boot_cpuid, cpu_present_mask); |
55 | } |
56 | - cpu_present_mask = cpumask_of_cpu(boot_cpuid); |
57 | |
58 | printk(KERN_INFO "SMP: %d CPUs probed -- cpu_present_mask = %lx\n", |
59 | smp_num_probed, cpu_possible_map.bits[0]); |
60 | @@ -488,9 +487,8 @@ void __devinit |
61 | smp_prepare_boot_cpu(void) |
62 | { |
63 | /* |
64 | - * Mark the boot cpu (current cpu) as both present and online |
65 | + * Mark the boot cpu (current cpu) as online |
66 | */ |
67 | - cpu_set(smp_processor_id(), cpu_present_mask); |
68 | cpu_set(smp_processor_id(), cpu_online_map); |
69 | } |
70 | |
71 | diff --git a/arch/i386/kernel/cpu/amd.c b/arch/i386/kernel/cpu/amd.c |
72 | index 0810f81..d2d50cb 100644 |
73 | --- a/arch/i386/kernel/cpu/amd.c |
74 | +++ b/arch/i386/kernel/cpu/amd.c |
75 | @@ -207,6 +207,8 @@ #define CBAR_KEY (0X000000CB) |
76 | set_bit(X86_FEATURE_K7, c->x86_capability); |
77 | break; |
78 | } |
79 | + if (c->x86 >= 6) |
80 | + set_bit(X86_FEATURE_FXSAVE_LEAK, c->x86_capability); |
81 | |
82 | display_cacheinfo(c); |
83 | |
84 | diff --git a/arch/i386/kernel/cpu/cpufreq/Kconfig b/arch/i386/kernel/cpu/cpufreq/Kconfig |
85 | index 26892d2..16f2e35 100644 |
86 | --- a/arch/i386/kernel/cpu/cpufreq/Kconfig |
87 | +++ b/arch/i386/kernel/cpu/cpufreq/Kconfig |
88 | @@ -203,6 +203,7 @@ config X86_LONGRUN |
89 | config X86_LONGHAUL |
90 | tristate "VIA Cyrix III Longhaul" |
91 | select CPU_FREQ_TABLE |
92 | + depends on BROKEN |
93 | help |
94 | This adds the CPUFreq driver for VIA Samuel/CyrixIII, |
95 | VIA Cyrix Samuel/C3, VIA Cyrix Ezra and VIA Cyrix Ezra-T |
96 | diff --git a/arch/i386/kernel/cpu/cpufreq/p4-clockmod.c b/arch/i386/kernel/cpu/cpufreq/p4-clockmod.c |
97 | index cc73a7a..ebe1848 100644 |
98 | --- a/arch/i386/kernel/cpu/cpufreq/p4-clockmod.c |
99 | +++ b/arch/i386/kernel/cpu/cpufreq/p4-clockmod.c |
100 | @@ -244,7 +244,7 @@ #endif |
101 | for (i=1; (p4clockmod_table[i].frequency != CPUFREQ_TABLE_END); i++) { |
102 | if ((i<2) && (has_N44_O17_errata[policy->cpu])) |
103 | p4clockmod_table[i].frequency = CPUFREQ_ENTRY_INVALID; |
104 | - else if (has_N60_errata[policy->cpu] && p4clockmod_table[i].frequency < 2000000) |
105 | + else if (has_N60_errata[policy->cpu] && ((stock_freq * i)/8) < 2000000) |
106 | p4clockmod_table[i].frequency = CPUFREQ_ENTRY_INVALID; |
107 | else |
108 | p4clockmod_table[i].frequency = (stock_freq * i)/8; |
109 | diff --git a/arch/i386/kernel/cpu/cpufreq/speedstep-smi.c b/arch/i386/kernel/cpu/cpufreq/speedstep-smi.c |
110 | index 28cc5d5..cfc4276 100644 |
111 | --- a/arch/i386/kernel/cpu/cpufreq/speedstep-smi.c |
112 | +++ b/arch/i386/kernel/cpu/cpufreq/speedstep-smi.c |
113 | @@ -75,7 +75,9 @@ static int speedstep_smi_ownership (void |
114 | __asm__ __volatile__( |
115 | "out %%al, (%%dx)\n" |
116 | : "=D" (result) |
117 | - : "a" (command), "b" (function), "c" (0), "d" (smi_port), "D" (0), "S" (magic) |
118 | + : "a" (command), "b" (function), "c" (0), "d" (smi_port), |
119 | + "D" (0), "S" (magic) |
120 | + : "memory" |
121 | ); |
122 | |
123 | dprintk("result is %x\n", result); |
124 | diff --git a/arch/i386/kernel/dmi_scan.c b/arch/i386/kernel/dmi_scan.c |
125 | index 6a93d75..ca2a0cb 100644 |
126 | --- a/arch/i386/kernel/dmi_scan.c |
127 | +++ b/arch/i386/kernel/dmi_scan.c |
128 | @@ -106,7 +106,7 @@ static void __init dmi_save_devices(stru |
129 | struct dmi_device *dev; |
130 | |
131 | for (i = 0; i < count; i++) { |
132 | - char *d = ((char *) dm) + (i * 2); |
133 | + char *d = (char *)(dm + 1) + (i * 2); |
134 | |
135 | /* Skip disabled device */ |
136 | if ((*d & 0x80) == 0) |
137 | diff --git a/arch/m32r/kernel/m32r_ksyms.c b/arch/m32r/kernel/m32r_ksyms.c |
138 | index be8b711..6000950 100644 |
139 | --- a/arch/m32r/kernel/m32r_ksyms.c |
140 | +++ b/arch/m32r/kernel/m32r_ksyms.c |
141 | @@ -38,10 +38,6 @@ EXPORT_SYMBOL(__udelay); |
142 | EXPORT_SYMBOL(__delay); |
143 | EXPORT_SYMBOL(__const_udelay); |
144 | |
145 | -EXPORT_SYMBOL(__get_user_1); |
146 | -EXPORT_SYMBOL(__get_user_2); |
147 | -EXPORT_SYMBOL(__get_user_4); |
148 | - |
149 | EXPORT_SYMBOL(strpbrk); |
150 | EXPORT_SYMBOL(strstr); |
151 | |
152 | diff --git a/arch/m32r/kernel/setup.c b/arch/m32r/kernel/setup.c |
153 | index d742037..542ed93 100644 |
154 | --- a/arch/m32r/kernel/setup.c |
155 | +++ b/arch/m32r/kernel/setup.c |
156 | @@ -9,6 +9,7 @@ |
157 | |
158 | #include <linux/config.h> |
159 | #include <linux/init.h> |
160 | +#include <linux/kernel.h> |
161 | #include <linux/stddef.h> |
162 | #include <linux/fs.h> |
163 | #include <linux/sched.h> |
164 | @@ -218,8 +219,6 @@ #else /* CONFIG_DISCONTIGMEM */ |
165 | extern unsigned long setup_memory(void); |
166 | #endif /* CONFIG_DISCONTIGMEM */ |
167 | |
168 | -#define M32R_PCC_PCATCR 0x00ef7014 /* will move to m32r.h */ |
169 | - |
170 | void __init setup_arch(char **cmdline_p) |
171 | { |
172 | ROOT_DEV = old_decode_dev(ORIG_ROOT_DEV); |
173 | @@ -268,15 +267,14 @@ #endif /* CONFIG_DISCONTIGMEM */ |
174 | paging_init(); |
175 | } |
176 | |
177 | -static struct cpu cpu[NR_CPUS]; |
178 | +static struct cpu cpu_devices[NR_CPUS]; |
179 | |
180 | static int __init topology_init(void) |
181 | { |
182 | - int cpu_id; |
183 | + int i; |
184 | |
185 | - for (cpu_id = 0; cpu_id < NR_CPUS; cpu_id++) |
186 | - if (cpu_possible(cpu_id)) |
187 | - register_cpu(&cpu[cpu_id], cpu_id, NULL); |
188 | + for_each_present_cpu(i) |
189 | + register_cpu(&cpu_devices[i], i, NULL); |
190 | |
191 | return 0; |
192 | } |
193 | diff --git a/arch/m32r/kernel/smpboot.c b/arch/m32r/kernel/smpboot.c |
194 | index d7ec16e..840b434 100644 |
195 | --- a/arch/m32r/kernel/smpboot.c |
196 | +++ b/arch/m32r/kernel/smpboot.c |
197 | @@ -39,8 +39,10 @@ |
198 | * Martin J. Bligh : Added support for multi-quad systems |
199 | */ |
200 | |
201 | +#include <linux/module.h> |
202 | #include <linux/config.h> |
203 | #include <linux/init.h> |
204 | +#include <linux/kernel.h> |
205 | #include <linux/mm.h> |
206 | #include <linux/smp_lock.h> |
207 | #include <linux/irq.h> |
208 | @@ -72,11 +74,15 @@ physid_mask_t phys_cpu_present_map; |
209 | |
210 | /* Bitmask of currently online CPUs */ |
211 | cpumask_t cpu_online_map; |
212 | +EXPORT_SYMBOL(cpu_online_map); |
213 | |
214 | cpumask_t cpu_bootout_map; |
215 | cpumask_t cpu_bootin_map; |
216 | -cpumask_t cpu_callout_map; |
217 | static cpumask_t cpu_callin_map; |
218 | +cpumask_t cpu_callout_map; |
219 | +EXPORT_SYMBOL(cpu_callout_map); |
220 | +cpumask_t cpu_possible_map = CPU_MASK_ALL; |
221 | +EXPORT_SYMBOL(cpu_possible_map); |
222 | |
223 | /* Per CPU bogomips and other parameters */ |
224 | struct cpuinfo_m32r cpu_data[NR_CPUS] __cacheline_aligned; |
225 | @@ -110,7 +116,6 @@ static unsigned int calibration_result; |
226 | |
227 | void smp_prepare_boot_cpu(void); |
228 | void smp_prepare_cpus(unsigned int); |
229 | -static void smp_tune_scheduling(void); |
230 | static void init_ipi_lock(void); |
231 | static void do_boot_cpu(int); |
232 | int __cpu_up(unsigned int); |
233 | @@ -177,6 +182,9 @@ void __init smp_prepare_cpus(unsigned in |
234 | } |
235 | for (phys_id = 0 ; phys_id < nr_cpu ; phys_id++) |
236 | physid_set(phys_id, phys_cpu_present_map); |
237 | +#ifndef CONFIG_HOTPLUG_CPU |
238 | + cpu_present_map = cpu_possible_map; |
239 | +#endif |
240 | |
241 | show_mp_info(nr_cpu); |
242 | |
243 | @@ -186,7 +194,6 @@ void __init smp_prepare_cpus(unsigned in |
244 | * Setup boot CPU information |
245 | */ |
246 | smp_store_cpu_info(0); /* Final full version of the data */ |
247 | - smp_tune_scheduling(); |
248 | |
249 | /* |
250 | * If SMP should be disabled, then really disable it! |
251 | @@ -230,11 +237,6 @@ smp_done: |
252 | Dprintk("Boot done.\n"); |
253 | } |
254 | |
255 | -static void __init smp_tune_scheduling(void) |
256 | -{ |
257 | - /* Nothing to do. */ |
258 | -} |
259 | - |
260 | /* |
261 | * init_ipi_lock : Initialize IPI locks. |
262 | */ |
263 | @@ -629,4 +631,3 @@ static void __init unmap_cpu_to_physid(i |
264 | physid_2_cpu[phys_id] = -1; |
265 | cpu_2_physid[cpu_id] = -1; |
266 | } |
267 | - |
268 | diff --git a/arch/m32r/lib/Makefile b/arch/m32r/lib/Makefile |
269 | index e632d10..d16b4e4 100644 |
270 | --- a/arch/m32r/lib/Makefile |
271 | +++ b/arch/m32r/lib/Makefile |
272 | @@ -2,6 +2,6 @@ # |
273 | # Makefile for M32R-specific library files.. |
274 | # |
275 | |
276 | -lib-y := checksum.o ashxdi3.o memset.o memcpy.o getuser.o \ |
277 | - putuser.o delay.o strlen.o usercopy.o csum_partial_copy.o |
278 | +lib-y := checksum.o ashxdi3.o memset.o memcpy.o \ |
279 | + delay.o strlen.o usercopy.o csum_partial_copy.o |
280 | |
281 | diff --git a/arch/m32r/lib/getuser.S b/arch/m32r/lib/getuser.S |
282 | deleted file mode 100644 |
283 | index 58a0db0..0000000 |
284 | --- a/arch/m32r/lib/getuser.S |
285 | +++ /dev/null |
286 | @@ -1,88 +0,0 @@ |
287 | -/* |
288 | - * __get_user functions. |
289 | - * |
290 | - * (C) Copyright 2001 Hirokazu Takata |
291 | - * |
292 | - * These functions have a non-standard call interface |
293 | - * to make them more efficient, especially as they |
294 | - * return an error value in addition to the "real" |
295 | - * return value. |
296 | - */ |
297 | - |
298 | -#include <linux/config.h> |
299 | - |
300 | -/* |
301 | - * __get_user_X |
302 | - * |
303 | - * Inputs: r0 contains the address |
304 | - * |
305 | - * Outputs: r0 is error code (0 or -EFAULT) |
306 | - * r1 contains zero-extended value |
307 | - * |
308 | - * These functions should not modify any other registers, |
309 | - * as they get called from within inline assembly. |
310 | - */ |
311 | - |
312 | -#ifdef CONFIG_ISA_DUAL_ISSUE |
313 | - |
314 | - .text |
315 | - .balign 4 |
316 | - .globl __get_user_1 |
317 | -__get_user_1: |
318 | -1: ldub r1, @r0 || ldi r0, #0 |
319 | - jmp r14 |
320 | - |
321 | - .balign 4 |
322 | - .globl __get_user_2 |
323 | -__get_user_2: |
324 | -2: lduh r1, @r0 || ldi r0, #0 |
325 | - jmp r14 |
326 | - |
327 | - .balign 4 |
328 | - .globl __get_user_4 |
329 | -__get_user_4: |
330 | -3: ld r1, @r0 || ldi r0, #0 |
331 | - jmp r14 |
332 | - |
333 | -bad_get_user: |
334 | - ldi r1, #0 || ldi r0, #-14 |
335 | - jmp r14 |
336 | - |
337 | -#else /* not CONFIG_ISA_DUAL_ISSUE */ |
338 | - |
339 | - .text |
340 | - .balign 4 |
341 | - .globl __get_user_1 |
342 | -__get_user_1: |
343 | -1: ldub r1, @r0 |
344 | - ldi r0, #0 |
345 | - jmp r14 |
346 | - |
347 | - .balign 4 |
348 | - .globl __get_user_2 |
349 | -__get_user_2: |
350 | -2: lduh r1, @r0 |
351 | - ldi r0, #0 |
352 | - jmp r14 |
353 | - |
354 | - .balign 4 |
355 | - .globl __get_user_4 |
356 | -__get_user_4: |
357 | -3: ld r1, @r0 |
358 | - ldi r0, #0 |
359 | - jmp r14 |
360 | - |
361 | -bad_get_user: |
362 | - ldi r1, #0 |
363 | - ldi r0, #-14 |
364 | - jmp r14 |
365 | - |
366 | -#endif /* not CONFIG_ISA_DUAL_ISSUE */ |
367 | - |
368 | -.section __ex_table,"a" |
369 | - .long 1b,bad_get_user |
370 | - .long 2b,bad_get_user |
371 | - .long 3b,bad_get_user |
372 | -.previous |
373 | - |
374 | - .end |
375 | diff --git a/arch/m32r/lib/putuser.S b/arch/m32r/lib/putuser.S |
376 | deleted file mode 100644 |
377 | index 218154c..0000000 |
378 | --- a/arch/m32r/lib/putuser.S |
379 | +++ /dev/null |
380 | @@ -1,84 +0,0 @@ |
381 | -/* |
382 | - * __put_user functions. |
383 | - * |
384 | - * (C) Copyright 1998 Linus Torvalds |
385 | - * (C) Copyright 2001 Hirokazu Takata |
386 | - * |
387 | - * These functions have a non-standard call interface |
388 | - * to make them more efficient. |
389 | - */ |
390 | - |
391 | -#include <linux/config.h> |
392 | - |
393 | -/* |
394 | - * __put_user_X |
395 | - * |
396 | - * Inputs: r0 contains the address |
397 | - * r1 contains the value |
398 | - * |
399 | - * Outputs: r0 is error code (0 or -EFAULT) |
400 | - * r1 is corrupted (will contain "current_task"). |
401 | - * |
402 | - * These functions should not modify any other registers, |
403 | - * as they get called from within inline assembly. |
404 | - */ |
405 | - |
406 | -#ifdef CONFIG_ISA_DUAL_ISSUE |
407 | - |
408 | - .text |
409 | - .balign 4 |
410 | - .globl __put_user_1 |
411 | -__put_user_1: |
412 | -1: stb r1, @r0 || ldi r0, #0 |
413 | - jmp r14 |
414 | - |
415 | - .balign 4 |
416 | - .globl __put_user_2 |
417 | -__put_user_2: |
418 | -2: sth r1, @r0 || ldi r0, #0 |
419 | - jmp r14 |
420 | - |
421 | - .balign 4 |
422 | - .globl __put_user_4 |
423 | -__put_user_4: |
424 | -3: st r1, @r0 || ldi r0, #0 |
425 | - jmp r14 |
426 | - |
427 | -bad_put_user: |
428 | - ldi r0, #-14 || jmp r14 |
429 | - |
430 | -#else /* not CONFIG_ISA_DUAL_ISSUE */ |
431 | - |
432 | - .text |
433 | - .balign 4 |
434 | - .globl __put_user_1 |
435 | -__put_user_1: |
436 | -1: stb r1, @r0 |
437 | - ldi r0, #0 |
438 | - jmp r14 |
439 | - |
440 | - .balign 4 |
441 | - .globl __put_user_2 |
442 | -__put_user_2: |
443 | -2: sth r1, @r0 |
444 | - ldi r0, #0 |
445 | - jmp r14 |
446 | - |
447 | - .balign 4 |
448 | - .globl __put_user_4 |
449 | -__put_user_4: |
450 | -3: st r1, @r0 |
451 | - ldi r0, #0 |
452 | - jmp r14 |
453 | - |
454 | -bad_put_user: |
455 | - ldi r0, #-14 |
456 | - jmp r14 |
457 | - |
458 | -#endif /* not CONFIG_ISA_DUAL_ISSUE */ |
459 | - |
460 | -.section __ex_table,"a" |
461 | - .long 1b,bad_put_user |
462 | - .long 2b,bad_put_user |
463 | - .long 3b,bad_put_user |
464 | -.previous |
465 | diff --git a/arch/powerpc/kernel/pci_64.c b/arch/powerpc/kernel/pci_64.c |
466 | index ba92bab..4c4449b 100644 |
467 | --- a/arch/powerpc/kernel/pci_64.c |
468 | +++ b/arch/powerpc/kernel/pci_64.c |
469 | @@ -78,6 +78,7 @@ int global_phb_number; /* Global phb co |
470 | |
471 | /* Cached ISA bridge dev. */ |
472 | struct pci_dev *ppc64_isabridge_dev = NULL; |
473 | +EXPORT_SYMBOL_GPL(ppc64_isabridge_dev); |
474 | |
475 | static void fixup_broken_pcnet32(struct pci_dev* dev) |
476 | { |
477 | diff --git a/arch/powerpc/kernel/setup_64.c b/arch/powerpc/kernel/setup_64.c |
478 | index f96c49b..abd758f 100644 |
479 | --- a/arch/powerpc/kernel/setup_64.c |
480 | +++ b/arch/powerpc/kernel/setup_64.c |
481 | @@ -256,12 +256,10 @@ #endif |
482 | /* |
483 | * Initialize stab / SLB management except on iSeries |
484 | */ |
485 | - if (!firmware_has_feature(FW_FEATURE_ISERIES)) { |
486 | - if (cpu_has_feature(CPU_FTR_SLB)) |
487 | - slb_initialize(); |
488 | - else |
489 | - stab_initialize(lpaca->stab_real); |
490 | - } |
491 | + if (cpu_has_feature(CPU_FTR_SLB)) |
492 | + slb_initialize(); |
493 | + else if (!firmware_has_feature(FW_FEATURE_ISERIES)) |
494 | + stab_initialize(lpaca->stab_real); |
495 | |
496 | DBG(" <- early_setup()\n"); |
497 | } |
498 | diff --git a/arch/powerpc/kernel/signal_64.c b/arch/powerpc/kernel/signal_64.c |
499 | index 4324f8a..096dfdc 100644 |
500 | --- a/arch/powerpc/kernel/signal_64.c |
501 | +++ b/arch/powerpc/kernel/signal_64.c |
502 | @@ -213,7 +213,7 @@ static inline void __user * get_sigframe |
503 | /* Default to using normal stack */ |
504 | newsp = regs->gpr[1]; |
505 | |
506 | - if (ka->sa.sa_flags & SA_ONSTACK) { |
507 | + if ((ka->sa.sa_flags & SA_ONSTACK) && current->sas_ss_size) { |
508 | if (! on_sig_stack(regs->gpr[1])) |
509 | newsp = (current->sas_ss_sp + current->sas_ss_size); |
510 | } |
511 | diff --git a/arch/x86_64/kernel/entry.S b/arch/x86_64/kernel/entry.S |
512 | index 7c10e90..ab6e44d 100644 |
513 | --- a/arch/x86_64/kernel/entry.S |
514 | +++ b/arch/x86_64/kernel/entry.S |
515 | @@ -180,6 +180,10 @@ rff_trace: |
516 | * |
517 | * XXX if we had a free scratch register we could save the RSP into the stack frame |
518 | * and report it properly in ps. Unfortunately we haven't. |
519 | + * |
520 | + * When user can change the frames always force IRET. That is because |
521 | + * it deals with uncanonical addresses better. SYSRET has trouble |
522 | + * with them due to bugs in both AMD and Intel CPUs. |
523 | */ |
524 | |
525 | ENTRY(system_call) |
526 | @@ -254,7 +258,10 @@ sysret_signal: |
527 | xorl %esi,%esi # oldset -> arg2 |
528 | call ptregscall_common |
529 | 1: movl $_TIF_NEED_RESCHED,%edi |
530 | - jmp sysret_check |
531 | + /* Use IRET because user could have changed frame. This |
532 | + works because ptregscall_common has called FIXUP_TOP_OF_STACK. */ |
533 | + cli |
534 | + jmp int_with_check |
535 | |
536 | badsys: |
537 | movq $-ENOSYS,RAX-ARGOFFSET(%rsp) |
538 | @@ -280,7 +287,8 @@ tracesys: |
539 | call syscall_trace_leave |
540 | RESTORE_TOP_OF_STACK %rbx |
541 | RESTORE_REST |
542 | - jmp ret_from_sys_call |
543 | + /* Use IRET because user could have changed frame */ |
544 | + jmp int_ret_from_sys_call |
545 | CFI_ENDPROC |
546 | |
547 | /* |
548 | @@ -408,25 +416,9 @@ ENTRY(stub_execve) |
549 | CFI_ADJUST_CFA_OFFSET -8 |
550 | CFI_REGISTER rip, r11 |
551 | SAVE_REST |
552 | - movq %r11, %r15 |
553 | - CFI_REGISTER rip, r15 |
554 | FIXUP_TOP_OF_STACK %r11 |
555 | call sys_execve |
556 | - GET_THREAD_INFO(%rcx) |
557 | - bt $TIF_IA32,threadinfo_flags(%rcx) |
558 | - CFI_REMEMBER_STATE |
559 | - jc exec_32bit |
560 | RESTORE_TOP_OF_STACK %r11 |
561 | - movq %r15, %r11 |
562 | - CFI_REGISTER rip, r11 |
563 | - RESTORE_REST |
564 | - pushq %r11 |
565 | - CFI_ADJUST_CFA_OFFSET 8 |
566 | - CFI_REL_OFFSET rip, 0 |
567 | - ret |
568 | - |
569 | -exec_32bit: |
570 | - CFI_RESTORE_STATE |
571 | movq %rax,RAX(%rsp) |
572 | RESTORE_REST |
573 | jmp int_ret_from_sys_call |
574 | diff --git a/arch/x86_64/kernel/process.c b/arch/x86_64/kernel/process.c |
575 | index 22a05de..818ab9e 100644 |
576 | --- a/arch/x86_64/kernel/process.c |
577 | +++ b/arch/x86_64/kernel/process.c |
578 | @@ -527,8 +527,6 @@ __switch_to(struct task_struct *prev_p, |
579 | int cpu = smp_processor_id(); |
580 | struct tss_struct *tss = &per_cpu(init_tss, cpu); |
581 | |
582 | - unlazy_fpu(prev_p); |
583 | - |
584 | /* |
585 | * Reload esp0, LDT and the page table pointer: |
586 | */ |
587 | @@ -591,6 +589,12 @@ __switch_to(struct task_struct *prev_p, |
588 | prev->userrsp = read_pda(oldrsp); |
589 | write_pda(oldrsp, next->userrsp); |
590 | write_pda(pcurrent, next_p); |
591 | + |
592 | + /* This must be here to ensure both math_state_restore() and |
593 | + kernel_fpu_begin() work consistently. |
594 | + And the AMD workaround requires it to be after DS reload. */ |
595 | + unlazy_fpu(prev_p); |
596 | + |
597 | write_pda(kernelstack, |
598 | task_stack_page(next_p) + THREAD_SIZE - PDA_STACKOFFSET); |
599 | |
600 | diff --git a/arch/x86_64/kernel/setup.c b/arch/x86_64/kernel/setup.c |
601 | index aa55e3c..a4a0bb5 100644 |
602 | --- a/arch/x86_64/kernel/setup.c |
603 | +++ b/arch/x86_64/kernel/setup.c |
604 | @@ -909,6 +909,10 @@ #endif |
605 | if (c->x86 == 15 && ((level >= 0x0f48 && level < 0x0f50) || level >= 0x0f58)) |
606 | set_bit(X86_FEATURE_REP_GOOD, &c->x86_capability); |
607 | |
608 | + /* Enable workaround for FXSAVE leak */ |
609 | + if (c->x86 >= 6) |
610 | + set_bit(X86_FEATURE_FXSAVE_LEAK, &c->x86_capability); |
611 | + |
612 | r = get_model_name(c); |
613 | if (!r) { |
614 | switch (c->x86) { |
615 | diff --git a/drivers/base/cpu.c b/drivers/base/cpu.c |
616 | index 07a7f97..29f3d75 100644 |
617 | --- a/drivers/base/cpu.c |
618 | +++ b/drivers/base/cpu.c |
619 | @@ -141,7 +141,7 @@ #endif |
620 | return error; |
621 | } |
622 | |
623 | -struct sys_device *get_cpu_sysdev(int cpu) |
624 | +struct sys_device *get_cpu_sysdev(unsigned cpu) |
625 | { |
626 | if (cpu < NR_CPUS) |
627 | return cpu_sys_devices[cpu]; |
628 | diff --git a/drivers/base/firmware_class.c b/drivers/base/firmware_class.c |
629 | index e97e911..4723182 100644 |
630 | --- a/drivers/base/firmware_class.c |
631 | +++ b/drivers/base/firmware_class.c |
632 | @@ -211,18 +211,20 @@ static int |
633 | fw_realloc_buffer(struct firmware_priv *fw_priv, int min_size) |
634 | { |
635 | u8 *new_data; |
636 | + int new_size = fw_priv->alloc_size; |
637 | |
638 | if (min_size <= fw_priv->alloc_size) |
639 | return 0; |
640 | |
641 | - new_data = vmalloc(fw_priv->alloc_size + PAGE_SIZE); |
642 | + new_size = ALIGN(min_size, PAGE_SIZE); |
643 | + new_data = vmalloc(new_size); |
644 | if (!new_data) { |
645 | printk(KERN_ERR "%s: unable to alloc buffer\n", __FUNCTION__); |
646 | /* Make sure that we don't keep incomplete data */ |
647 | fw_load_abort(fw_priv); |
648 | return -ENOMEM; |
649 | } |
650 | - fw_priv->alloc_size += PAGE_SIZE; |
651 | + fw_priv->alloc_size = new_size; |
652 | if (fw_priv->fw->data) { |
653 | memcpy(new_data, fw_priv->fw->data, fw_priv->fw->size); |
654 | vfree(fw_priv->fw->data); |
655 | diff --git a/drivers/base/node.c b/drivers/base/node.c |
656 | index 16c513a..c80c3ae 100644 |
657 | --- a/drivers/base/node.c |
658 | +++ b/drivers/base/node.c |
659 | @@ -106,7 +106,7 @@ static ssize_t node_read_numastat(struct |
660 | other_node = 0; |
661 | for (i = 0; i < MAX_NR_ZONES; i++) { |
662 | struct zone *z = &pg->node_zones[i]; |
663 | - for (cpu = 0; cpu < NR_CPUS; cpu++) { |
664 | + for_each_online_cpu(cpu) { |
665 | struct per_cpu_pageset *ps = zone_pcp(z,cpu); |
666 | numa_hit += ps->numa_hit; |
667 | numa_miss += ps->numa_miss; |
668 | diff --git a/drivers/block/cciss.c b/drivers/block/cciss.c |
669 | index 0d65394..71552e1 100644 |
670 | --- a/drivers/block/cciss.c |
671 | +++ b/drivers/block/cciss.c |
672 | @@ -1181,6 +1181,53 @@ static int revalidate_allvol(ctlr_info_t |
673 | return 0; |
674 | } |
675 | |
676 | +static inline void complete_buffers(struct bio *bio, int status) |
677 | +{ |
678 | + while (bio) { |
679 | + struct bio *xbh = bio->bi_next; |
680 | + int nr_sectors = bio_sectors(bio); |
681 | + |
682 | + bio->bi_next = NULL; |
683 | + blk_finished_io(len); |
684 | + bio_endio(bio, nr_sectors << 9, status ? 0 : -EIO); |
685 | + bio = xbh; |
686 | + } |
687 | + |
688 | +} |
689 | + |
690 | +static void cciss_softirq_done(struct request *rq) |
691 | +{ |
692 | + CommandList_struct *cmd = rq->completion_data; |
693 | + ctlr_info_t *h = hba[cmd->ctlr]; |
694 | + unsigned long flags; |
695 | + u64bit temp64; |
696 | + int i, ddir; |
697 | + |
698 | + if (cmd->Request.Type.Direction == XFER_READ) |
699 | + ddir = PCI_DMA_FROMDEVICE; |
700 | + else |
701 | + ddir = PCI_DMA_TODEVICE; |
702 | + |
703 | + /* command did not need to be retried */ |
704 | + /* unmap the DMA mapping for all the scatter gather elements */ |
705 | + for(i=0; i<cmd->Header.SGList; i++) { |
706 | + temp64.val32.lower = cmd->SG[i].Addr.lower; |
707 | + temp64.val32.upper = cmd->SG[i].Addr.upper; |
708 | + pci_unmap_page(h->pdev, temp64.val, cmd->SG[i].Len, ddir); |
709 | + } |
710 | + |
711 | + complete_buffers(rq->bio, rq->errors); |
712 | + |
713 | +#ifdef CCISS_DEBUG |
714 | + printk("Done with %p\n", rq); |
715 | +#endif /* CCISS_DEBUG */ |
716 | + |
717 | + spin_lock_irqsave(&h->lock, flags); |
718 | + end_that_request_last(rq, rq->errors); |
719 | + cmd_free(h, cmd,1); |
720 | + spin_unlock_irqrestore(&h->lock, flags); |
721 | +} |
722 | + |
723 | /* This function will check the usage_count of the drive to be updated/added. |
724 | * If the usage_count is zero then the drive information will be updated and |
725 | * the disk will be re-registered with the kernel. If not then it will be |
726 | @@ -1249,6 +1296,8 @@ static void cciss_update_drive_info(int |
727 | |
728 | blk_queue_max_sectors(disk->queue, 512); |
729 | |
730 | + blk_queue_softirq_done(disk->queue, cciss_softirq_done); |
731 | + |
732 | disk->queue->queuedata = hba[ctlr]; |
733 | |
734 | blk_queue_hardsect_size(disk->queue, |
735 | @@ -2148,20 +2197,6 @@ static void start_io( ctlr_info_t *h) |
736 | addQ (&(h->cmpQ), c); |
737 | } |
738 | } |
739 | - |
740 | -static inline void complete_buffers(struct bio *bio, int status) |
741 | -{ |
742 | - while (bio) { |
743 | - struct bio *xbh = bio->bi_next; |
744 | - int nr_sectors = bio_sectors(bio); |
745 | - |
746 | - bio->bi_next = NULL; |
747 | - blk_finished_io(len); |
748 | - bio_endio(bio, nr_sectors << 9, status ? 0 : -EIO); |
749 | - bio = xbh; |
750 | - } |
751 | - |
752 | -} |
753 | /* Assumes that CCISS_LOCK(h->ctlr) is held. */ |
754 | /* Zeros out the error record and then resends the command back */ |
755 | /* to the controller */ |
756 | @@ -2179,39 +2214,6 @@ static inline void resend_cciss_cmd( ctl |
757 | start_io(h); |
758 | } |
759 | |
760 | -static void cciss_softirq_done(struct request *rq) |
761 | -{ |
762 | - CommandList_struct *cmd = rq->completion_data; |
763 | - ctlr_info_t *h = hba[cmd->ctlr]; |
764 | - unsigned long flags; |
765 | - u64bit temp64; |
766 | - int i, ddir; |
767 | - |
768 | - if (cmd->Request.Type.Direction == XFER_READ) |
769 | - ddir = PCI_DMA_FROMDEVICE; |
770 | - else |
771 | - ddir = PCI_DMA_TODEVICE; |
772 | - |
773 | - /* command did not need to be retried */ |
774 | - /* unmap the DMA mapping for all the scatter gather elements */ |
775 | - for(i=0; i<cmd->Header.SGList; i++) { |
776 | - temp64.val32.lower = cmd->SG[i].Addr.lower; |
777 | - temp64.val32.upper = cmd->SG[i].Addr.upper; |
778 | - pci_unmap_page(h->pdev, temp64.val, cmd->SG[i].Len, ddir); |
779 | - } |
780 | - |
781 | - complete_buffers(rq->bio, rq->errors); |
782 | - |
783 | -#ifdef CCISS_DEBUG |
784 | - printk("Done with %p\n", rq); |
785 | -#endif /* CCISS_DEBUG */ |
786 | - |
787 | - spin_lock_irqsave(&h->lock, flags); |
788 | - end_that_request_last(rq, rq->errors); |
789 | - cmd_free(h, cmd,1); |
790 | - spin_unlock_irqrestore(&h->lock, flags); |
791 | -} |
792 | - |
793 | /* checks the status of the job and calls complete buffers to mark all |
794 | * buffers for the completed job. Note that this function does not need |
795 | * to hold the hba/queue lock. |
796 | @@ -3269,8 +3271,8 @@ clean2: |
797 | unregister_blkdev(hba[i]->major, hba[i]->devname); |
798 | clean1: |
799 | release_io_mem(hba[i]); |
800 | - free_hba(i); |
801 | hba[i]->busy_initializing = 0; |
802 | + free_hba(i); |
803 | return(-1); |
804 | } |
805 | |
806 | diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig |
807 | index 05ba410..8b72a61 100644 |
808 | --- a/drivers/char/Kconfig |
809 | +++ b/drivers/char/Kconfig |
810 | @@ -187,6 +187,7 @@ config MOXA_SMARTIO |
811 | config ISI |
812 | tristate "Multi-Tech multiport card support (EXPERIMENTAL)" |
813 | depends on SERIAL_NONSTANDARD |
814 | + select FW_LOADER |
815 | help |
816 | This is a driver for the Multi-Tech cards which provide several |
817 | serial ports. The driver is experimental and can currently only be |
818 | diff --git a/drivers/char/tlclk.c b/drivers/char/tlclk.c |
819 | index 4c27218..f58ad7f 100644 |
820 | --- a/drivers/char/tlclk.c |
821 | +++ b/drivers/char/tlclk.c |
822 | @@ -327,7 +327,7 @@ static ssize_t store_received_ref_clk3a( |
823 | return strnlen(buf, count); |
824 | } |
825 | |
826 | -static DEVICE_ATTR(received_ref_clk3a, S_IWUGO, NULL, |
827 | +static DEVICE_ATTR(received_ref_clk3a, (S_IWUSR|S_IWGRP), NULL, |
828 | store_received_ref_clk3a); |
829 | |
830 | |
831 | @@ -349,7 +349,7 @@ static ssize_t store_received_ref_clk3b( |
832 | return strnlen(buf, count); |
833 | } |
834 | |
835 | -static DEVICE_ATTR(received_ref_clk3b, S_IWUGO, NULL, |
836 | +static DEVICE_ATTR(received_ref_clk3b, (S_IWUSR|S_IWGRP), NULL, |
837 | store_received_ref_clk3b); |
838 | |
839 | |
840 | @@ -371,7 +371,7 @@ static ssize_t store_enable_clk3b_output |
841 | return strnlen(buf, count); |
842 | } |
843 | |
844 | -static DEVICE_ATTR(enable_clk3b_output, S_IWUGO, NULL, |
845 | +static DEVICE_ATTR(enable_clk3b_output, (S_IWUSR|S_IWGRP), NULL, |
846 | store_enable_clk3b_output); |
847 | |
848 | static ssize_t store_enable_clk3a_output(struct device *d, |
849 | @@ -392,7 +392,7 @@ static ssize_t store_enable_clk3a_output |
850 | return strnlen(buf, count); |
851 | } |
852 | |
853 | -static DEVICE_ATTR(enable_clk3a_output, S_IWUGO, NULL, |
854 | +static DEVICE_ATTR(enable_clk3a_output, (S_IWUSR|S_IWGRP), NULL, |
855 | store_enable_clk3a_output); |
856 | |
857 | static ssize_t store_enable_clkb1_output(struct device *d, |
858 | @@ -413,7 +413,7 @@ static ssize_t store_enable_clkb1_output |
859 | return strnlen(buf, count); |
860 | } |
861 | |
862 | -static DEVICE_ATTR(enable_clkb1_output, S_IWUGO, NULL, |
863 | +static DEVICE_ATTR(enable_clkb1_output, (S_IWUSR|S_IWGRP), NULL, |
864 | store_enable_clkb1_output); |
865 | |
866 | |
867 | @@ -435,7 +435,7 @@ static ssize_t store_enable_clka1_output |
868 | return strnlen(buf, count); |
869 | } |
870 | |
871 | -static DEVICE_ATTR(enable_clka1_output, S_IWUGO, NULL, |
872 | +static DEVICE_ATTR(enable_clka1_output, (S_IWUSR|S_IWGRP), NULL, |
873 | store_enable_clka1_output); |
874 | |
875 | static ssize_t store_enable_clkb0_output(struct device *d, |
876 | @@ -456,7 +456,7 @@ static ssize_t store_enable_clkb0_output |
877 | return strnlen(buf, count); |
878 | } |
879 | |
880 | -static DEVICE_ATTR(enable_clkb0_output, S_IWUGO, NULL, |
881 | +static DEVICE_ATTR(enable_clkb0_output, (S_IWUSR|S_IWGRP), NULL, |
882 | store_enable_clkb0_output); |
883 | |
884 | static ssize_t store_enable_clka0_output(struct device *d, |
885 | @@ -477,7 +477,7 @@ static ssize_t store_enable_clka0_output |
886 | return strnlen(buf, count); |
887 | } |
888 | |
889 | -static DEVICE_ATTR(enable_clka0_output, S_IWUGO, NULL, |
890 | +static DEVICE_ATTR(enable_clka0_output, (S_IWUSR|S_IWGRP), NULL, |
891 | store_enable_clka0_output); |
892 | |
893 | static ssize_t store_select_amcb2_transmit_clock(struct device *d, |
894 | @@ -519,7 +519,7 @@ static ssize_t store_select_amcb2_transm |
895 | return strnlen(buf, count); |
896 | } |
897 | |
898 | -static DEVICE_ATTR(select_amcb2_transmit_clock, S_IWUGO, NULL, |
899 | +static DEVICE_ATTR(select_amcb2_transmit_clock, (S_IWUSR|S_IWGRP), NULL, |
900 | store_select_amcb2_transmit_clock); |
901 | |
902 | static ssize_t store_select_amcb1_transmit_clock(struct device *d, |
903 | @@ -560,7 +560,7 @@ static ssize_t store_select_amcb1_transm |
904 | return strnlen(buf, count); |
905 | } |
906 | |
907 | -static DEVICE_ATTR(select_amcb1_transmit_clock, S_IWUGO, NULL, |
908 | +static DEVICE_ATTR(select_amcb1_transmit_clock, (S_IWUSR|S_IWGRP), NULL, |
909 | store_select_amcb1_transmit_clock); |
910 | |
911 | static ssize_t store_select_redundant_clock(struct device *d, |
912 | @@ -581,7 +581,7 @@ static ssize_t store_select_redundant_cl |
913 | return strnlen(buf, count); |
914 | } |
915 | |
916 | -static DEVICE_ATTR(select_redundant_clock, S_IWUGO, NULL, |
917 | +static DEVICE_ATTR(select_redundant_clock, (S_IWUSR|S_IWGRP), NULL, |
918 | store_select_redundant_clock); |
919 | |
920 | static ssize_t store_select_ref_frequency(struct device *d, |
921 | @@ -602,7 +602,7 @@ static ssize_t store_select_ref_frequenc |
922 | return strnlen(buf, count); |
923 | } |
924 | |
925 | -static DEVICE_ATTR(select_ref_frequency, S_IWUGO, NULL, |
926 | +static DEVICE_ATTR(select_ref_frequency, (S_IWUSR|S_IWGRP), NULL, |
927 | store_select_ref_frequency); |
928 | |
929 | static ssize_t store_filter_select(struct device *d, |
930 | @@ -623,7 +623,7 @@ static ssize_t store_filter_select(struc |
931 | return strnlen(buf, count); |
932 | } |
933 | |
934 | -static DEVICE_ATTR(filter_select, S_IWUGO, NULL, store_filter_select); |
935 | +static DEVICE_ATTR(filter_select, (S_IWUSR|S_IWGRP), NULL, store_filter_select); |
936 | |
937 | static ssize_t store_hardware_switching_mode(struct device *d, |
938 | struct device_attribute *attr, const char *buf, size_t count) |
939 | @@ -643,7 +643,7 @@ static ssize_t store_hardware_switching_ |
940 | return strnlen(buf, count); |
941 | } |
942 | |
943 | -static DEVICE_ATTR(hardware_switching_mode, S_IWUGO, NULL, |
944 | +static DEVICE_ATTR(hardware_switching_mode, (S_IWUSR|S_IWGRP), NULL, |
945 | store_hardware_switching_mode); |
946 | |
947 | static ssize_t store_hardware_switching(struct device *d, |
948 | @@ -664,7 +664,7 @@ static ssize_t store_hardware_switching( |
949 | return strnlen(buf, count); |
950 | } |
951 | |
952 | -static DEVICE_ATTR(hardware_switching, S_IWUGO, NULL, |
953 | +static DEVICE_ATTR(hardware_switching, (S_IWUSR|S_IWGRP), NULL, |
954 | store_hardware_switching); |
955 | |
956 | static ssize_t store_refalign (struct device *d, |
957 | @@ -684,7 +684,7 @@ static ssize_t store_refalign (struct de |
958 | return strnlen(buf, count); |
959 | } |
960 | |
961 | -static DEVICE_ATTR(refalign, S_IWUGO, NULL, store_refalign); |
962 | +static DEVICE_ATTR(refalign, (S_IWUSR|S_IWGRP), NULL, store_refalign); |
963 | |
964 | static ssize_t store_mode_select (struct device *d, |
965 | struct device_attribute *attr, const char *buf, size_t count) |
966 | @@ -704,7 +704,7 @@ static ssize_t store_mode_select (struct |
967 | return strnlen(buf, count); |
968 | } |
969 | |
970 | -static DEVICE_ATTR(mode_select, S_IWUGO, NULL, store_mode_select); |
971 | +static DEVICE_ATTR(mode_select, (S_IWUSR|S_IWGRP), NULL, store_mode_select); |
972 | |
973 | static ssize_t store_reset (struct device *d, |
974 | struct device_attribute *attr, const char *buf, size_t count) |
975 | @@ -724,7 +724,7 @@ static ssize_t store_reset (struct devic |
976 | return strnlen(buf, count); |
977 | } |
978 | |
979 | -static DEVICE_ATTR(reset, S_IWUGO, NULL, store_reset); |
980 | +static DEVICE_ATTR(reset, (S_IWUSR|S_IWGRP), NULL, store_reset); |
981 | |
982 | static struct attribute *tlclk_sysfs_entries[] = { |
983 | &dev_attr_current_ref.attr, |
984 | @@ -767,6 +767,7 @@ static int __init tlclk_init(void) |
985 | printk(KERN_ERR "tlclk: can't get major %d.\n", tlclk_major); |
986 | return ret; |
987 | } |
988 | + tlclk_major = ret; |
989 | alarm_events = kzalloc( sizeof(struct tlclk_alarms), GFP_KERNEL); |
990 | if (!alarm_events) |
991 | goto out1; |
992 | diff --git a/drivers/edac/Kconfig b/drivers/edac/Kconfig |
993 | index 52f3eb4..7ecdb1e 100644 |
994 | --- a/drivers/edac/Kconfig |
995 | +++ b/drivers/edac/Kconfig |
996 | @@ -71,7 +71,7 @@ config EDAC_E7XXX |
997 | |
998 | config EDAC_E752X |
999 | tristate "Intel e752x (e7520, e7525, e7320)" |
1000 | - depends on EDAC_MM_EDAC && PCI |
1001 | + depends on EDAC_MM_EDAC && PCI && HOTPLUG |
1002 | help |
1003 | Support for error detection and correction on the Intel |
1004 | E7520, E7525, E7320 server chipsets. |
1005 | diff --git a/drivers/ieee1394/sbp2.c b/drivers/ieee1394/sbp2.c |
1006 | index eca92eb..d83248e 100644 |
1007 | --- a/drivers/ieee1394/sbp2.c |
1008 | +++ b/drivers/ieee1394/sbp2.c |
1009 | @@ -495,22 +495,17 @@ static struct sbp2_command_info *sbp2uti |
1010 | /* |
1011 | * This function finds the sbp2_command for a given outstanding SCpnt. |
1012 | * Only looks at the inuse list. |
1013 | + * Must be called with scsi_id->sbp2_command_orb_lock held. |
1014 | */ |
1015 | -static struct sbp2_command_info *sbp2util_find_command_for_SCpnt(struct scsi_id_instance_data *scsi_id, void *SCpnt) |
1016 | +static struct sbp2_command_info *sbp2util_find_command_for_SCpnt( |
1017 | + struct scsi_id_instance_data *scsi_id, void *SCpnt) |
1018 | { |
1019 | struct sbp2_command_info *command; |
1020 | - unsigned long flags; |
1021 | |
1022 | - spin_lock_irqsave(&scsi_id->sbp2_command_orb_lock, flags); |
1023 | - if (!list_empty(&scsi_id->sbp2_command_orb_inuse)) { |
1024 | - list_for_each_entry(command, &scsi_id->sbp2_command_orb_inuse, list) { |
1025 | - if (command->Current_SCpnt == SCpnt) { |
1026 | - spin_unlock_irqrestore(&scsi_id->sbp2_command_orb_lock, flags); |
1027 | + if (!list_empty(&scsi_id->sbp2_command_orb_inuse)) |
1028 | + list_for_each_entry(command, &scsi_id->sbp2_command_orb_inuse, list) |
1029 | + if (command->Current_SCpnt == SCpnt) |
1030 | return command; |
1031 | - } |
1032 | - } |
1033 | - } |
1034 | - spin_unlock_irqrestore(&scsi_id->sbp2_command_orb_lock, flags); |
1035 | return NULL; |
1036 | } |
1037 | |
1038 | @@ -579,17 +574,15 @@ static void sbp2util_free_command_dma(st |
1039 | |
1040 | /* |
1041 | * This function moves a command to the completed orb list. |
1042 | + * Must be called with scsi_id->sbp2_command_orb_lock held. |
1043 | */ |
1044 | -static void sbp2util_mark_command_completed(struct scsi_id_instance_data *scsi_id, |
1045 | - struct sbp2_command_info *command) |
1046 | +static void sbp2util_mark_command_completed( |
1047 | + struct scsi_id_instance_data *scsi_id, |
1048 | + struct sbp2_command_info *command) |
1049 | { |
1050 | - unsigned long flags; |
1051 | - |
1052 | - spin_lock_irqsave(&scsi_id->sbp2_command_orb_lock, flags); |
1053 | list_del(&command->list); |
1054 | sbp2util_free_command_dma(command); |
1055 | list_add_tail(&command->list, &scsi_id->sbp2_command_orb_completed); |
1056 | - spin_unlock_irqrestore(&scsi_id->sbp2_command_orb_lock, flags); |
1057 | } |
1058 | |
1059 | /* |
1060 | @@ -2177,7 +2170,9 @@ static int sbp2_handle_status_write(stru |
1061 | * Matched status with command, now grab scsi command pointers and check status |
1062 | */ |
1063 | SCpnt = command->Current_SCpnt; |
1064 | + spin_lock_irqsave(&scsi_id->sbp2_command_orb_lock, flags); |
1065 | sbp2util_mark_command_completed(scsi_id, command); |
1066 | + spin_unlock_irqrestore(&scsi_id->sbp2_command_orb_lock, flags); |
1067 | |
1068 | if (SCpnt) { |
1069 | |
1070 | @@ -2513,6 +2508,7 @@ static int sbp2scsi_abort(struct scsi_cm |
1071 | (struct scsi_id_instance_data *)SCpnt->device->host->hostdata[0]; |
1072 | struct sbp2scsi_host_info *hi = scsi_id->hi; |
1073 | struct sbp2_command_info *command; |
1074 | + unsigned long flags; |
1075 | |
1076 | SBP2_ERR("aborting sbp2 command"); |
1077 | scsi_print_command(SCpnt); |
1078 | @@ -2523,6 +2519,7 @@ static int sbp2scsi_abort(struct scsi_cm |
1079 | * Right now, just return any matching command structures |
1080 | * to the free pool. |
1081 | */ |
1082 | + spin_lock_irqsave(&scsi_id->sbp2_command_orb_lock, flags); |
1083 | command = sbp2util_find_command_for_SCpnt(scsi_id, SCpnt); |
1084 | if (command) { |
1085 | SBP2_DEBUG("Found command to abort"); |
1086 | @@ -2540,6 +2537,7 @@ static int sbp2scsi_abort(struct scsi_cm |
1087 | command->Current_done(command->Current_SCpnt); |
1088 | } |
1089 | } |
1090 | + spin_unlock_irqrestore(&scsi_id->sbp2_command_orb_lock, flags); |
1091 | |
1092 | /* |
1093 | * Initiate a fetch agent reset. |
1094 | diff --git a/drivers/md/dm.c b/drivers/md/dm.c |
1095 | index 745ca1f..d559569 100644 |
1096 | --- a/drivers/md/dm.c |
1097 | +++ b/drivers/md/dm.c |
1098 | @@ -533,30 +533,35 @@ static void __clone_and_map(struct clone |
1099 | |
1100 | } else { |
1101 | /* |
1102 | - * Create two copy bios to deal with io that has |
1103 | - * been split across a target. |
1104 | + * Handle a bvec that must be split between two or more targets. |
1105 | */ |
1106 | struct bio_vec *bv = bio->bi_io_vec + ci->idx; |
1107 | + sector_t remaining = to_sector(bv->bv_len); |
1108 | + unsigned int offset = 0; |
1109 | |
1110 | - clone = split_bvec(bio, ci->sector, ci->idx, |
1111 | - bv->bv_offset, max); |
1112 | - __map_bio(ti, clone, tio); |
1113 | + do { |
1114 | + if (offset) { |
1115 | + ti = dm_table_find_target(ci->map, ci->sector); |
1116 | + max = max_io_len(ci->md, ci->sector, ti); |
1117 | |
1118 | - ci->sector += max; |
1119 | - ci->sector_count -= max; |
1120 | - ti = dm_table_find_target(ci->map, ci->sector); |
1121 | - |
1122 | - len = to_sector(bv->bv_len) - max; |
1123 | - clone = split_bvec(bio, ci->sector, ci->idx, |
1124 | - bv->bv_offset + to_bytes(max), len); |
1125 | - tio = alloc_tio(ci->md); |
1126 | - tio->io = ci->io; |
1127 | - tio->ti = ti; |
1128 | - memset(&tio->info, 0, sizeof(tio->info)); |
1129 | - __map_bio(ti, clone, tio); |
1130 | + tio = alloc_tio(ci->md); |
1131 | + tio->io = ci->io; |
1132 | + tio->ti = ti; |
1133 | + memset(&tio->info, 0, sizeof(tio->info)); |
1134 | + } |
1135 | + |
1136 | + len = min(remaining, max); |
1137 | + |
1138 | + clone = split_bvec(bio, ci->sector, ci->idx, |
1139 | + bv->bv_offset + offset, len); |
1140 | + |
1141 | + __map_bio(ti, clone, tio); |
1142 | + |
1143 | + ci->sector += len; |
1144 | + ci->sector_count -= len; |
1145 | + offset += to_bytes(len); |
1146 | + } while (remaining -= len); |
1147 | |
1148 | - ci->sector += len; |
1149 | - ci->sector_count -= len; |
1150 | ci->idx++; |
1151 | } |
1152 | } |
1153 | diff --git a/drivers/media/video/Kconfig b/drivers/media/video/Kconfig |
1154 | index d82c8a3..ef42a26 100644 |
1155 | --- a/drivers/media/video/Kconfig |
1156 | +++ b/drivers/media/video/Kconfig |
1157 | @@ -349,6 +349,7 @@ config VIDEO_AUDIO_DECODER |
1158 | config VIDEO_DECODER |
1159 | tristate "Add support for additional video chipsets" |
1160 | depends on VIDEO_DEV && I2C && EXPERIMENTAL |
1161 | + select FW_LOADER |
1162 | ---help--- |
1163 | Say Y here to compile drivers for SAA7115, SAA7127 and CX25840 |
1164 | video decoders. |
1165 | diff --git a/drivers/media/video/tuner-types.c b/drivers/media/video/tuner-types.c |
1166 | index 6fe7817..5f3d46d 100644 |
1167 | --- a/drivers/media/video/tuner-types.c |
1168 | +++ b/drivers/media/video/tuner-types.c |
1169 | @@ -1087,8 +1087,8 @@ static struct tuner_params tuner_tnf_533 |
1170 | /* ------------ TUNER_SAMSUNG_TCPN_2121P30A - Samsung NTSC ------------ */ |
1171 | |
1172 | static struct tuner_range tuner_samsung_tcpn_2121p30a_ntsc_ranges[] = { |
1173 | - { 16 * 175.75 /*MHz*/, 0x01, }, |
1174 | - { 16 * 410.25 /*MHz*/, 0x02, }, |
1175 | + { 16 * 130.00 /*MHz*/, 0x01, }, |
1176 | + { 16 * 364.50 /*MHz*/, 0x02, }, |
1177 | { 16 * 999.99 , 0x08, }, |
1178 | }; |
1179 | |
1180 | diff --git a/drivers/net/irda/irda-usb.c b/drivers/net/irda/irda-usb.c |
1181 | index 8936058..6e2ec56 100644 |
1182 | --- a/drivers/net/irda/irda-usb.c |
1183 | +++ b/drivers/net/irda/irda-usb.c |
1184 | @@ -740,7 +740,7 @@ static void irda_usb_receive(struct urb |
1185 | struct sk_buff *newskb; |
1186 | struct sk_buff *dataskb; |
1187 | struct urb *next_urb; |
1188 | - int docopy; |
1189 | + unsigned int len, docopy; |
1190 | |
1191 | IRDA_DEBUG(2, "%s(), len=%d\n", __FUNCTION__, urb->actual_length); |
1192 | |
1193 | @@ -851,10 +851,11 @@ static void irda_usb_receive(struct urb |
1194 | dataskb->dev = self->netdev; |
1195 | dataskb->mac.raw = dataskb->data; |
1196 | dataskb->protocol = htons(ETH_P_IRDA); |
1197 | + len = dataskb->len; |
1198 | netif_rx(dataskb); |
1199 | |
1200 | /* Keep stats up to date */ |
1201 | - self->stats.rx_bytes += dataskb->len; |
1202 | + self->stats.rx_bytes += len; |
1203 | self->stats.rx_packets++; |
1204 | self->netdev->last_rx = jiffies; |
1205 | |
1206 | diff --git a/drivers/net/sky2.c b/drivers/net/sky2.c |
1207 | index 7326036..0618cd5 100644 |
1208 | --- a/drivers/net/sky2.c |
1209 | +++ b/drivers/net/sky2.c |
1210 | @@ -579,8 +579,8 @@ static void sky2_mac_init(struct sky2_hw |
1211 | reg = gma_read16(hw, port, GM_PHY_ADDR); |
1212 | gma_write16(hw, port, GM_PHY_ADDR, reg | GM_PAR_MIB_CLR); |
1213 | |
1214 | - for (i = 0; i < GM_MIB_CNT_SIZE; i++) |
1215 | - gma_read16(hw, port, GM_MIB_CNT_BASE + 8 * i); |
1216 | + for (i = GM_MIB_CNT_BASE; i <= GM_MIB_CNT_END; i += 4) |
1217 | + gma_read16(hw, port, i); |
1218 | gma_write16(hw, port, GM_PHY_ADDR, reg); |
1219 | |
1220 | /* transmit control */ |
1221 | diff --git a/drivers/net/sky2.h b/drivers/net/sky2.h |
1222 | index dce955c..c91e0a4 100644 |
1223 | --- a/drivers/net/sky2.h |
1224 | +++ b/drivers/net/sky2.h |
1225 | @@ -1380,6 +1380,7 @@ enum { |
1226 | /* MIB Counters */ |
1227 | #define GM_MIB_CNT_BASE 0x0100 /* Base Address of MIB Counters */ |
1228 | #define GM_MIB_CNT_SIZE 44 /* Number of MIB Counters */ |
1229 | +#define GM_MIB_CNT_END 0x025C /* Last MIB counter */ |
1230 | |
1231 | /* |
1232 | * MIB Counters base address definitions (low word) - |
1233 | diff --git a/drivers/net/wireless/Kconfig b/drivers/net/wireless/Kconfig |
1234 | index ef85d76..8101657 100644 |
1235 | --- a/drivers/net/wireless/Kconfig |
1236 | +++ b/drivers/net/wireless/Kconfig |
1237 | @@ -239,7 +239,8 @@ config IPW2200_DEBUG |
1238 | |
1239 | config AIRO |
1240 | tristate "Cisco/Aironet 34X/35X/4500/4800 ISA and PCI cards" |
1241 | - depends on NET_RADIO && ISA_DMA_API && CRYPTO && (PCI || BROKEN) |
1242 | + depends on NET_RADIO && ISA_DMA_API && (PCI || BROKEN) |
1243 | + select CRYPTO |
1244 | ---help--- |
1245 | This is the standard Linux driver to support Cisco/Aironet ISA and |
1246 | PCI 802.11 wireless cards. |
1247 | @@ -374,6 +375,7 @@ config PCMCIA_HERMES |
1248 | config PCMCIA_SPECTRUM |
1249 | tristate "Symbol Spectrum24 Trilogy PCMCIA card support" |
1250 | depends on NET_RADIO && PCMCIA && HERMES |
1251 | + select FW_LOADER |
1252 | ---help--- |
1253 | |
1254 | This is a driver for 802.11b cards using RAM-loadable Symbol |
1255 | @@ -387,6 +389,7 @@ config PCMCIA_SPECTRUM |
1256 | config AIRO_CS |
1257 | tristate "Cisco/Aironet 34X/35X/4500/4800 PCMCIA cards" |
1258 | depends on NET_RADIO && PCMCIA && (BROKEN || !M32R) |
1259 | + select CRYPTO |
1260 | ---help--- |
1261 | This is the standard Linux driver to support Cisco/Aironet PCMCIA |
1262 | 802.11 wireless cards. This driver is the same as the Aironet |
1263 | diff --git a/drivers/net/wireless/hostap/hostap_80211_tx.c b/drivers/net/wireless/hostap/hostap_80211_tx.c |
1264 | index 4a85e63..5f398bd 100644 |
1265 | --- a/drivers/net/wireless/hostap/hostap_80211_tx.c |
1266 | +++ b/drivers/net/wireless/hostap/hostap_80211_tx.c |
1267 | @@ -469,7 +469,7 @@ int hostap_master_start_xmit(struct sk_b |
1268 | } |
1269 | |
1270 | if (local->ieee_802_1x && meta->ethertype == ETH_P_PAE && tx.crypt && |
1271 | - !(fc & IEEE80211_FCTL_VERS)) { |
1272 | + !(fc & IEEE80211_FCTL_PROTECTED)) { |
1273 | no_encrypt = 1; |
1274 | PDEBUG(DEBUG_EXTRA2, "%s: TX: IEEE 802.1X - passing " |
1275 | "unencrypted EAPOL frame\n", dev->name); |
1276 | diff --git a/drivers/net/wireless/ipw2200.c b/drivers/net/wireless/ipw2200.c |
1277 | index 287676a..aa6f3a4 100644 |
1278 | --- a/drivers/net/wireless/ipw2200.c |
1279 | +++ b/drivers/net/wireless/ipw2200.c |
1280 | @@ -9956,9 +9956,8 @@ static int ipw_ethtool_set_eeprom(struct |
1281 | return -EINVAL; |
1282 | down(&p->sem); |
1283 | memcpy(&p->eeprom[eeprom->offset], bytes, eeprom->len); |
1284 | - for (i = IPW_EEPROM_DATA; |
1285 | - i < IPW_EEPROM_DATA + IPW_EEPROM_IMAGE_SIZE; i++) |
1286 | - ipw_write8(p, i, p->eeprom[i]); |
1287 | + for (i = 0; i < IPW_EEPROM_IMAGE_SIZE; i++) |
1288 | + ipw_write8(p, i + IPW_EEPROM_DATA, p->eeprom[i]); |
1289 | up(&p->sem); |
1290 | return 0; |
1291 | } |
1292 | diff --git a/drivers/pcmcia/ds.c b/drivers/pcmcia/ds.c |
1293 | index bb96ce1..a4333a8 100644 |
1294 | --- a/drivers/pcmcia/ds.c |
1295 | +++ b/drivers/pcmcia/ds.c |
1296 | @@ -546,7 +546,7 @@ static int pcmcia_device_query(struct pc |
1297 | tmp = vers1->str + vers1->ofs[i]; |
1298 | |
1299 | length = strlen(tmp) + 1; |
1300 | - if ((length < 3) || (length > 255)) |
1301 | + if ((length < 2) || (length > 255)) |
1302 | continue; |
1303 | |
1304 | p_dev->prod_id[i] = kmalloc(sizeof(char) * length, |
1305 | diff --git a/drivers/scsi/sata_mv.c b/drivers/scsi/sata_mv.c |
1306 | index 2770005..b00af08 100644 |
1307 | --- a/drivers/scsi/sata_mv.c |
1308 | +++ b/drivers/scsi/sata_mv.c |
1309 | @@ -1102,6 +1102,7 @@ static u8 mv_get_crpb_status(struct ata_ |
1310 | void __iomem *port_mmio = mv_ap_base(ap); |
1311 | struct mv_port_priv *pp = ap->private_data; |
1312 | u32 out_ptr; |
1313 | + u8 ata_status; |
1314 | |
1315 | out_ptr = readl(port_mmio + EDMA_RSP_Q_OUT_PTR_OFS); |
1316 | |
1317 | @@ -1109,6 +1110,8 @@ static u8 mv_get_crpb_status(struct ata_ |
1318 | assert(((out_ptr >> EDMA_RSP_Q_PTR_SHIFT) & MV_MAX_Q_DEPTH_MASK) == |
1319 | pp->rsp_consumer); |
1320 | |
1321 | + ata_status = pp->crpb[pp->rsp_consumer].flags >> CRPB_FLAG_STATUS_SHIFT; |
1322 | + |
1323 | /* increment our consumer index... */ |
1324 | pp->rsp_consumer = mv_inc_q_index(&pp->rsp_consumer); |
1325 | |
1326 | @@ -1123,7 +1126,7 @@ static u8 mv_get_crpb_status(struct ata_ |
1327 | writelfl(out_ptr, port_mmio + EDMA_RSP_Q_OUT_PTR_OFS); |
1328 | |
1329 | /* Return ATA status register for completed CRPB */ |
1330 | - return (pp->crpb[pp->rsp_consumer].flags >> CRPB_FLAG_STATUS_SHIFT); |
1331 | + return ata_status; |
1332 | } |
1333 | |
1334 | /** |
1335 | @@ -1192,7 +1195,6 @@ static void mv_host_intr(struct ata_host |
1336 | u32 hc_irq_cause; |
1337 | int shift, port, port0, hard_port, handled; |
1338 | unsigned int err_mask; |
1339 | - u8 ata_status = 0; |
1340 | |
1341 | if (hc == 0) { |
1342 | port0 = 0; |
1343 | @@ -1210,6 +1212,7 @@ static void mv_host_intr(struct ata_host |
1344 | hc,relevant,hc_irq_cause); |
1345 | |
1346 | for (port = port0; port < port0 + MV_PORTS_PER_HC; port++) { |
1347 | + u8 ata_status = 0; |
1348 | ap = host_set->ports[port]; |
1349 | hard_port = port & MV_PORT_MASK; /* range 0-3 */ |
1350 | handled = 0; /* ensure ata_status is set if handled++ */ |
1351 | diff --git a/drivers/usb/core/message.c b/drivers/usb/core/message.c |
1352 | index 7135e54..96cabeb 100644 |
1353 | --- a/drivers/usb/core/message.c |
1354 | +++ b/drivers/usb/core/message.c |
1355 | @@ -1388,11 +1388,13 @@ free_interfaces: |
1356 | if (dev->state != USB_STATE_ADDRESS) |
1357 | usb_disable_device (dev, 1); // Skip ep0 |
1358 | |
1359 | - i = dev->bus_mA - cp->desc.bMaxPower * 2; |
1360 | - if (i < 0) |
1361 | - dev_warn(&dev->dev, "new config #%d exceeds power " |
1362 | - "limit by %dmA\n", |
1363 | - configuration, -i); |
1364 | + if (cp) { |
1365 | + i = dev->bus_mA - cp->desc.bMaxPower * 2; |
1366 | + if (i < 0) |
1367 | + dev_warn(&dev->dev, "new config #%d exceeds power " |
1368 | + "limit by %dmA\n", |
1369 | + configuration, -i); |
1370 | + } |
1371 | |
1372 | if ((ret = usb_control_msg(dev, usb_sndctrlpipe(dev, 0), |
1373 | USB_REQ_SET_CONFIGURATION, 0, configuration, 0, |
1374 | diff --git a/drivers/usb/host/ehci-sched.c b/drivers/usb/host/ehci-sched.c |
1375 | index ebcca97..88419c6 100644 |
1376 | --- a/drivers/usb/host/ehci-sched.c |
1377 | +++ b/drivers/usb/host/ehci-sched.c |
1378 | @@ -707,6 +707,7 @@ iso_stream_init ( |
1379 | } else { |
1380 | u32 addr; |
1381 | int think_time; |
1382 | + int hs_transfers; |
1383 | |
1384 | addr = dev->ttport << 24; |
1385 | if (!ehci_is_TDI(ehci) |
1386 | @@ -719,6 +720,7 @@ iso_stream_init ( |
1387 | think_time = dev->tt ? dev->tt->think_time : 0; |
1388 | stream->tt_usecs = NS_TO_US (think_time + usb_calc_bus_time ( |
1389 | dev->speed, is_input, 1, maxp)); |
1390 | + hs_transfers = max (1u, (maxp + 187) / 188); |
1391 | if (is_input) { |
1392 | u32 tmp; |
1393 | |
1394 | @@ -727,12 +729,11 @@ iso_stream_init ( |
1395 | stream->usecs = HS_USECS_ISO (1); |
1396 | stream->raw_mask = 1; |
1397 | |
1398 | - /* pessimistic c-mask */ |
1399 | - tmp = usb_calc_bus_time (USB_SPEED_FULL, 1, 0, maxp) |
1400 | - / (125 * 1000); |
1401 | - stream->raw_mask |= 3 << (tmp + 9); |
1402 | + /* c-mask as specified in USB 2.0 11.18.4 3.c */ |
1403 | + tmp = (1 << (hs_transfers + 2)) - 1; |
1404 | + stream->raw_mask |= tmp << (8 + 2); |
1405 | } else |
1406 | - stream->raw_mask = smask_out [maxp / 188]; |
1407 | + stream->raw_mask = smask_out [hs_transfers - 1]; |
1408 | bandwidth = stream->usecs + stream->c_usecs; |
1409 | bandwidth /= 1 << (interval + 2); |
1410 | |
1411 | diff --git a/drivers/usb/serial/console.c b/drivers/usb/serial/console.c |
1412 | index 167f8ec..8023bb7 100644 |
1413 | --- a/drivers/usb/serial/console.c |
1414 | +++ b/drivers/usb/serial/console.c |
1415 | @@ -54,7 +54,7 @@ static struct console usbcons; |
1416 | * serial.c code, except that the specifier is "ttyUSB" instead |
1417 | * of "ttyS". |
1418 | */ |
1419 | -static int __init usb_console_setup(struct console *co, char *options) |
1420 | +static int usb_console_setup(struct console *co, char *options) |
1421 | { |
1422 | struct usbcons_info *info = &usbcons_info; |
1423 | int baud = 9600; |
1424 | diff --git a/drivers/usb/storage/Kconfig b/drivers/usb/storage/Kconfig |
1425 | index 92be101..be9eec2 100644 |
1426 | --- a/drivers/usb/storage/Kconfig |
1427 | +++ b/drivers/usb/storage/Kconfig |
1428 | @@ -48,7 +48,8 @@ config USB_STORAGE_FREECOM |
1429 | |
1430 | config USB_STORAGE_ISD200 |
1431 | bool "ISD-200 USB/ATA Bridge support" |
1432 | - depends on USB_STORAGE && BLK_DEV_IDE |
1433 | + depends on USB_STORAGE |
1434 | + depends on BLK_DEV_IDE=y || BLK_DEV_IDE=USB_STORAGE |
1435 | ---help--- |
1436 | Say Y here if you want to use USB Mass Store devices based |
1437 | on the In-Systems Design ISD-200 USB/ATA bridge. |
1438 | diff --git a/drivers/video/cfbimgblt.c b/drivers/video/cfbimgblt.c |
1439 | index 910e233..8ba6152 100644 |
1440 | --- a/drivers/video/cfbimgblt.c |
1441 | +++ b/drivers/video/cfbimgblt.c |
1442 | @@ -169,7 +169,7 @@ static inline void slow_imageblit(const |
1443 | |
1444 | while (j--) { |
1445 | l--; |
1446 | - color = (*s & 1 << (FB_BIT_NR(l))) ? fgcolor : bgcolor; |
1447 | + color = (*s & (1 << l)) ? fgcolor : bgcolor; |
1448 | val |= FB_SHIFT_HIGH(color, shift); |
1449 | |
1450 | /* Did the bitshift spill bits to the next long? */ |
1451 | diff --git a/drivers/video/i810/i810_main.c b/drivers/video/i810/i810_main.c |
1452 | index d8467c0..788297e 100644 |
1453 | --- a/drivers/video/i810/i810_main.c |
1454 | +++ b/drivers/video/i810/i810_main.c |
1455 | @@ -1508,7 +1508,7 @@ static int i810fb_cursor(struct fb_info |
1456 | int size = ((cursor->image.width + 7) >> 3) * |
1457 | cursor->image.height; |
1458 | int i; |
1459 | - u8 *data = kmalloc(64 * 8, GFP_KERNEL); |
1460 | + u8 *data = kmalloc(64 * 8, GFP_ATOMIC); |
1461 | |
1462 | if (data == NULL) |
1463 | return -ENOMEM; |
1464 | diff --git a/fs/9p/vfs_inode.c b/fs/9p/vfs_inode.c |
1465 | index 3ad8455..651a9e1 100644 |
1466 | --- a/fs/9p/vfs_inode.c |
1467 | +++ b/fs/9p/vfs_inode.c |
1468 | @@ -614,6 +614,7 @@ static struct dentry *v9fs_vfs_lookup(st |
1469 | |
1470 | sb = dir->i_sb; |
1471 | v9ses = v9fs_inode2v9ses(dir); |
1472 | + dentry->d_op = &v9fs_dentry_operations; |
1473 | dirfid = v9fs_fid_lookup(dentry->d_parent); |
1474 | |
1475 | if (!dirfid) { |
1476 | @@ -681,8 +682,6 @@ static struct dentry *v9fs_vfs_lookup(st |
1477 | goto FreeFcall; |
1478 | |
1479 | fid->qid = fcall->params.rstat.stat.qid; |
1480 | - |
1481 | - dentry->d_op = &v9fs_dentry_operations; |
1482 | v9fs_stat2inode(&fcall->params.rstat.stat, inode, inode->i_sb); |
1483 | |
1484 | d_add(dentry, inode); |
1485 | diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c |
1486 | index a2c2485..3f5e38c 100644 |
1487 | --- a/fs/cifs/cifsencrypt.c |
1488 | +++ b/fs/cifs/cifsencrypt.c |
1489 | @@ -56,9 +56,6 @@ int cifs_sign_smb(struct smb_hdr * cifs_ |
1490 | int rc = 0; |
1491 | char smb_signature[20]; |
1492 | |
1493 | - /* BB remember to initialize sequence number elsewhere and initialize mac_signing key elsewhere BB */ |
1494 | - /* BB remember to add code to save expected sequence number in midQ entry BB */ |
1495 | - |
1496 | if((cifs_pdu == NULL) || (server == NULL)) |
1497 | return -EINVAL; |
1498 | |
1499 | @@ -85,20 +82,33 @@ int cifs_sign_smb(struct smb_hdr * cifs_ |
1500 | static int cifs_calc_signature2(const struct kvec * iov, int n_vec, |
1501 | const char * key, char * signature) |
1502 | { |
1503 | - struct MD5Context context; |
1504 | - |
1505 | - if((iov == NULL) || (signature == NULL)) |
1506 | - return -EINVAL; |
1507 | + struct MD5Context context; |
1508 | + int i; |
1509 | |
1510 | - MD5Init(&context); |
1511 | - MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); |
1512 | + if((iov == NULL) || (signature == NULL)) |
1513 | + return -EINVAL; |
1514 | |
1515 | -/* MD5Update(&context,cifs_pdu->Protocol,cifs_pdu->smb_buf_length); */ /* BB FIXME BB */ |
1516 | + MD5Init(&context); |
1517 | + MD5Update(&context,key,CIFS_SESSION_KEY_SIZE+16); |
1518 | + for(i=0;i<n_vec;i++) { |
1519 | + if(iov[i].iov_base == NULL) { |
1520 | + cERROR(1,("null iovec entry")); |
1521 | + return -EIO; |
1522 | + } else if(iov[i].iov_len == 0) |
1523 | + break; /* bail out if we are sent nothing to sign */ |
1524 | + /* The first entry includes a length field (which does not get |
1525 | + signed that occupies the first 4 bytes before the header */ |
1526 | + if(i==0) { |
1527 | + if (iov[0].iov_len <= 8 ) /* cmd field at offset 9 */ |
1528 | + break; /* nothing to sign or corrupt header */ |
1529 | + MD5Update(&context,iov[0].iov_base+4, iov[0].iov_len-4); |
1530 | + } else |
1531 | + MD5Update(&context,iov[i].iov_base, iov[i].iov_len); |
1532 | + } |
1533 | |
1534 | - MD5Final(signature,&context); |
1535 | + MD5Final(signature,&context); |
1536 | |
1537 | - return -EOPNOTSUPP; |
1538 | -/* return 0; */ |
1539 | + return 0; |
1540 | } |
1541 | |
1542 | |
1543 | diff --git a/fs/ext3/resize.c b/fs/ext3/resize.c |
1544 | index 1041dab..14f5f6e 100644 |
1545 | --- a/fs/ext3/resize.c |
1546 | +++ b/fs/ext3/resize.c |
1547 | @@ -974,6 +974,7 @@ int ext3_group_extend(struct super_block |
1548 | if (o_blocks_count != le32_to_cpu(es->s_blocks_count)) { |
1549 | ext3_warning(sb, __FUNCTION__, |
1550 | "multiple resizers run on filesystem!"); |
1551 | + unlock_super(sb); |
1552 | err = -EBUSY; |
1553 | goto exit_put; |
1554 | } |
1555 | diff --git a/fs/fuse/file.c b/fs/fuse/file.c |
1556 | index 6f05379..ce93cf9 100644 |
1557 | --- a/fs/fuse/file.c |
1558 | +++ b/fs/fuse/file.c |
1559 | @@ -397,8 +397,12 @@ static int fuse_readpages(struct file *f |
1560 | return -EINTR; |
1561 | |
1562 | err = read_cache_pages(mapping, pages, fuse_readpages_fill, &data); |
1563 | - if (!err) |
1564 | - fuse_send_readpages(data.req, file, inode); |
1565 | + if (!err) { |
1566 | + if (data.req->num_pages) |
1567 | + fuse_send_readpages(data.req, file, inode); |
1568 | + else |
1569 | + fuse_put_request(fc, data.req); |
1570 | + } |
1571 | return err; |
1572 | } |
1573 | |
1574 | diff --git a/fs/nfsd/nfs3proc.c b/fs/nfsd/nfs3proc.c |
1575 | index 6d2dfed..f61142a 100644 |
1576 | --- a/fs/nfsd/nfs3proc.c |
1577 | +++ b/fs/nfsd/nfs3proc.c |
1578 | @@ -682,7 +682,7 @@ static struct svc_procedure nfsd_proced |
1579 | PROC(lookup, dirop, dirop, fhandle2, RC_NOCACHE, ST+FH+pAT+pAT), |
1580 | PROC(access, access, access, fhandle, RC_NOCACHE, ST+pAT+1), |
1581 | PROC(readlink, readlink, readlink, fhandle, RC_NOCACHE, ST+pAT+1+NFS3_MAXPATHLEN/4), |
1582 | - PROC(read, read, read, fhandle, RC_NOCACHE, ST+pAT+4+NFSSVC_MAXBLKSIZE), |
1583 | + PROC(read, read, read, fhandle, RC_NOCACHE, ST+pAT+4+NFSSVC_MAXBLKSIZE/4), |
1584 | PROC(write, write, write, fhandle, RC_REPLBUFF, ST+WC+4), |
1585 | PROC(create, create, create, fhandle2, RC_REPLBUFF, ST+(1+FH+pAT)+WC), |
1586 | PROC(mkdir, mkdir, create, fhandle2, RC_REPLBUFF, ST+(1+FH+pAT)+WC), |
1587 | diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c |
1588 | index 6d63f1d..ca8a4c4 100644 |
1589 | --- a/fs/nfsd/nfs4proc.c |
1590 | +++ b/fs/nfsd/nfs4proc.c |
1591 | @@ -975,7 +975,7 @@ #define PROC(name, argt, rest, relt, cac |
1592 | */ |
1593 | static struct svc_procedure nfsd_procedures4[2] = { |
1594 | PROC(null, void, void, void, RC_NOCACHE, 1), |
1595 | - PROC(compound, compound, compound, compound, RC_NOCACHE, NFSD_BUFSIZE) |
1596 | + PROC(compound, compound, compound, compound, RC_NOCACHE, NFSD_BUFSIZE/4) |
1597 | }; |
1598 | |
1599 | struct svc_version nfsd_version4 = { |
1600 | diff --git a/fs/nfsd/nfsproc.c b/fs/nfsd/nfsproc.c |
1601 | index 3e6b75c..06cd0db 100644 |
1602 | --- a/fs/nfsd/nfsproc.c |
1603 | +++ b/fs/nfsd/nfsproc.c |
1604 | @@ -553,7 +553,7 @@ static struct svc_procedure nfsd_proced |
1605 | PROC(none, void, void, none, RC_NOCACHE, ST), |
1606 | PROC(lookup, diropargs, diropres, fhandle, RC_NOCACHE, ST+FH+AT), |
1607 | PROC(readlink, readlinkargs, readlinkres, none, RC_NOCACHE, ST+1+NFS_MAXPATHLEN/4), |
1608 | - PROC(read, readargs, readres, fhandle, RC_NOCACHE, ST+AT+1+NFSSVC_MAXBLKSIZE), |
1609 | + PROC(read, readargs, readres, fhandle, RC_NOCACHE, ST+AT+1+NFSSVC_MAXBLKSIZE/4), |
1610 | PROC(none, void, void, none, RC_NOCACHE, ST), |
1611 | PROC(write, writeargs, attrstat, fhandle, RC_REPLBUFF, ST+AT), |
1612 | PROC(create, createargs, diropres, fhandle, RC_REPLBUFF, ST+FH+AT), |
1613 | diff --git a/fs/partitions/check.c b/fs/partitions/check.c |
1614 | index f924f45..2ef03aa 100644 |
1615 | --- a/fs/partitions/check.c |
1616 | +++ b/fs/partitions/check.c |
1617 | @@ -345,6 +345,7 @@ static char *make_block_name(struct gend |
1618 | char *name; |
1619 | static char *block_str = "block:"; |
1620 | int size; |
1621 | + char *s; |
1622 | |
1623 | size = strlen(block_str) + strlen(disk->disk_name) + 1; |
1624 | name = kmalloc(size, GFP_KERNEL); |
1625 | @@ -352,6 +353,10 @@ static char *make_block_name(struct gend |
1626 | return NULL; |
1627 | strcpy(name, block_str); |
1628 | strcat(name, disk->disk_name); |
1629 | + /* ewww... some of these buggers have / in name... */ |
1630 | + s = strchr(name, '/'); |
1631 | + if (s) |
1632 | + *s = '!'; |
1633 | return name; |
1634 | } |
1635 | |
1636 | diff --git a/fs/proc/proc_misc.c b/fs/proc/proc_misc.c |
1637 | index 1d24fea..826c131 100644 |
1638 | --- a/fs/proc/proc_misc.c |
1639 | +++ b/fs/proc/proc_misc.c |
1640 | @@ -312,7 +312,7 @@ static void *devinfo_next(struct seq_fil |
1641 | case BLK_HDR: |
1642 | info->state = BLK_LIST; |
1643 | (*pos)++; |
1644 | - break; |
1645 | + /*fallthrough*/ |
1646 | case BLK_LIST: |
1647 | if (get_blkdev_info(info->blkdev,&idummy,&ndummy)) { |
1648 | /* |
1649 | diff --git a/fs/proc/vmcore.c b/fs/proc/vmcore.c |
1650 | index 4063fb3..164a7d0 100644 |
1651 | --- a/fs/proc/vmcore.c |
1652 | +++ b/fs/proc/vmcore.c |
1653 | @@ -103,8 +103,8 @@ static ssize_t read_vmcore(struct file * |
1654 | size_t buflen, loff_t *fpos) |
1655 | { |
1656 | ssize_t acc = 0, tmp; |
1657 | - size_t tsz, nr_bytes; |
1658 | - u64 start; |
1659 | + size_t tsz; |
1660 | + u64 start, nr_bytes; |
1661 | struct vmcore *curr_m = NULL; |
1662 | |
1663 | if (buflen == 0 || *fpos >= vmcore_size) |
1664 | diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c |
1665 | index 49bd219..cfd290d 100644 |
1666 | --- a/fs/sysfs/dir.c |
1667 | +++ b/fs/sysfs/dir.c |
1668 | @@ -302,6 +302,7 @@ void sysfs_remove_dir(struct kobject * k |
1669 | * Drop reference from dget() on entrance. |
1670 | */ |
1671 | dput(dentry); |
1672 | + kobj->dentry = NULL; |
1673 | } |
1674 | |
1675 | int sysfs_rename_dir(struct kobject * kobj, const char *new_name) |
1676 | diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c |
1677 | index d0e3d84..2ecc58c 100644 |
1678 | --- a/fs/sysfs/file.c |
1679 | +++ b/fs/sysfs/file.c |
1680 | @@ -183,7 +183,7 @@ fill_write_buffer(struct sysfs_buffer * |
1681 | return -ENOMEM; |
1682 | |
1683 | if (count >= PAGE_SIZE) |
1684 | - count = PAGE_SIZE; |
1685 | + count = PAGE_SIZE - 1; |
1686 | error = copy_from_user(buffer->page,buf,count); |
1687 | buffer->needs_read_fill = 1; |
1688 | return error ? -EFAULT : count; |
1689 | diff --git a/fs/sysfs/inode.c b/fs/sysfs/inode.c |
1690 | index 689f7bc..6beee6f 100644 |
1691 | --- a/fs/sysfs/inode.c |
1692 | +++ b/fs/sysfs/inode.c |
1693 | @@ -227,12 +227,16 @@ void sysfs_drop_dentry(struct sysfs_dire |
1694 | void sysfs_hash_and_remove(struct dentry * dir, const char * name) |
1695 | { |
1696 | struct sysfs_dirent * sd; |
1697 | - struct sysfs_dirent * parent_sd = dir->d_fsdata; |
1698 | + struct sysfs_dirent * parent_sd; |
1699 | + |
1700 | + if (!dir) |
1701 | + return; |
1702 | |
1703 | if (dir->d_inode == NULL) |
1704 | /* no inode means this hasn't been made visible yet */ |
1705 | return; |
1706 | |
1707 | + parent_sd = dir->d_fsdata; |
1708 | mutex_lock(&dir->d_inode->i_mutex); |
1709 | list_for_each_entry(sd, &parent_sd->s_children, s_sibling) { |
1710 | if (!sd->s_element) |
1711 | diff --git a/fs/sysfs/symlink.c b/fs/sysfs/symlink.c |
1712 | index e38d633..e5ce6e7 100644 |
1713 | --- a/fs/sysfs/symlink.c |
1714 | +++ b/fs/sysfs/symlink.c |
1715 | @@ -66,6 +66,7 @@ static int sysfs_add_link(struct dentry |
1716 | if (!error) |
1717 | return 0; |
1718 | |
1719 | + kobject_put(target); |
1720 | kfree(sl->link_name); |
1721 | exit2: |
1722 | kfree(sl); |
1723 | diff --git a/fs/xfs/linux-2.6/xfs_aops.c b/fs/xfs/linux-2.6/xfs_aops.c |
1724 | index 74d8be8..a980736 100644 |
1725 | --- a/fs/xfs/linux-2.6/xfs_aops.c |
1726 | +++ b/fs/xfs/linux-2.6/xfs_aops.c |
1727 | @@ -616,7 +616,7 @@ xfs_is_delayed_page( |
1728 | acceptable = (type == IOMAP_UNWRITTEN); |
1729 | else if (buffer_delay(bh)) |
1730 | acceptable = (type == IOMAP_DELAY); |
1731 | - else if (buffer_mapped(bh)) |
1732 | + else if (buffer_dirty(bh) && buffer_mapped(bh)) |
1733 | acceptable = (type == 0); |
1734 | else |
1735 | break; |
1736 | diff --git a/fs/xfs/linux-2.6/xfs_iops.c b/fs/xfs/linux-2.6/xfs_iops.c |
1737 | index d7f6f2d..43808e2 100644 |
1738 | --- a/fs/xfs/linux-2.6/xfs_iops.c |
1739 | +++ b/fs/xfs/linux-2.6/xfs_iops.c |
1740 | @@ -673,8 +673,7 @@ linvfs_setattr( |
1741 | if (ia_valid & ATTR_ATIME) { |
1742 | vattr.va_mask |= XFS_AT_ATIME; |
1743 | vattr.va_atime = attr->ia_atime; |
1744 | - if (ia_valid & ATTR_ATIME_SET) |
1745 | - inode->i_atime = attr->ia_atime; |
1746 | + inode->i_atime = attr->ia_atime; |
1747 | } |
1748 | if (ia_valid & ATTR_MTIME) { |
1749 | vattr.va_mask |= XFS_AT_MTIME; |
1750 | diff --git a/include/asm-i386/cpufeature.h b/include/asm-i386/cpufeature.h |
1751 | index c4ec2a4..9d15eec 100644 |
1752 | --- a/include/asm-i386/cpufeature.h |
1753 | +++ b/include/asm-i386/cpufeature.h |
1754 | @@ -70,6 +70,7 @@ #define X86_FEATURE_K7 (3*32+ 5) /* Ath |
1755 | #define X86_FEATURE_P3 (3*32+ 6) /* P3 */ |
1756 | #define X86_FEATURE_P4 (3*32+ 7) /* P4 */ |
1757 | #define X86_FEATURE_CONSTANT_TSC (3*32+ 8) /* TSC ticks at a constant rate */ |
1758 | +#define X86_FEATURE_FXSAVE_LEAK (3*32+10) /* FXSAVE leaks FOP/FIP/FOP */ |
1759 | |
1760 | /* Intel-defined CPU features, CPUID level 0x00000001 (ecx), word 4 */ |
1761 | #define X86_FEATURE_XMM3 (4*32+ 0) /* Streaming SIMD Extensions-3 */ |
1762 | diff --git a/include/asm-i386/i387.h b/include/asm-i386/i387.h |
1763 | index 152d0ba..7b1f011 100644 |
1764 | --- a/include/asm-i386/i387.h |
1765 | +++ b/include/asm-i386/i387.h |
1766 | @@ -13,6 +13,7 @@ #define __ASM_I386_I387_H |
1767 | |
1768 | #include <linux/sched.h> |
1769 | #include <linux/init.h> |
1770 | +#include <linux/kernel_stat.h> |
1771 | #include <asm/processor.h> |
1772 | #include <asm/sigcontext.h> |
1773 | #include <asm/user.h> |
1774 | @@ -38,17 +39,38 @@ #define restore_fpu(tsk) \ |
1775 | extern void kernel_fpu_begin(void); |
1776 | #define kernel_fpu_end() do { stts(); preempt_enable(); } while(0) |
1777 | |
1778 | +/* We need a safe address that is cheap to find and that is already |
1779 | + in L1 during context switch. The best choices are unfortunately |
1780 | + different for UP and SMP */ |
1781 | +#ifdef CONFIG_SMP |
1782 | +#define safe_address (__per_cpu_offset[0]) |
1783 | +#else |
1784 | +#define safe_address (kstat_cpu(0).cpustat.user) |
1785 | +#endif |
1786 | + |
1787 | /* |
1788 | * These must be called with preempt disabled |
1789 | */ |
1790 | static inline void __save_init_fpu( struct task_struct *tsk ) |
1791 | { |
1792 | + /* Use more nops than strictly needed in case the compiler |
1793 | + varies code */ |
1794 | alternative_input( |
1795 | - "fnsave %1 ; fwait ;" GENERIC_NOP2, |
1796 | - "fxsave %1 ; fnclex", |
1797 | + "fnsave %[fx] ;fwait;" GENERIC_NOP8 GENERIC_NOP4, |
1798 | + "fxsave %[fx]\n" |
1799 | + "bt $7,%[fsw] ; jc 1f ; fnclex\n1:", |
1800 | X86_FEATURE_FXSR, |
1801 | - "m" (tsk->thread.i387.fxsave) |
1802 | - :"memory"); |
1803 | + [fx] "m" (tsk->thread.i387.fxsave), |
1804 | + [fsw] "m" (tsk->thread.i387.fxsave.swd) : "memory"); |
1805 | + /* AMD K7/K8 CPUs don't save/restore FDP/FIP/FOP unless an exception |
1806 | + is pending. Clear the x87 state here by setting it to fixed |
1807 | + values. __per_cpu_offset[0] is a random variable that should be in L1 */ |
1808 | + alternative_input( |
1809 | + GENERIC_NOP8 GENERIC_NOP2, |
1810 | + "emms\n\t" /* clear stack tags */ |
1811 | + "fildl %[addr]", /* set F?P to defined value */ |
1812 | + X86_FEATURE_FXSAVE_LEAK, |
1813 | + [addr] "m" (safe_address)); |
1814 | task_thread_info(tsk)->status &= ~TS_USEDFPU; |
1815 | } |
1816 | |
1817 | diff --git a/include/asm-m32r/smp.h b/include/asm-m32r/smp.h |
1818 | index 7885b7d..1184293 100644 |
1819 | --- a/include/asm-m32r/smp.h |
1820 | +++ b/include/asm-m32r/smp.h |
1821 | @@ -67,7 +67,8 @@ #define cpu_to_physid(cpu_id) cpu_2_phys |
1822 | #define raw_smp_processor_id() (current_thread_info()->cpu) |
1823 | |
1824 | extern cpumask_t cpu_callout_map; |
1825 | -#define cpu_possible_map cpu_callout_map |
1826 | +extern cpumask_t cpu_possible_map; |
1827 | +extern cpumask_t cpu_present_map; |
1828 | |
1829 | static __inline__ int hard_smp_processor_id(void) |
1830 | { |
1831 | diff --git a/include/asm-m32r/uaccess.h b/include/asm-m32r/uaccess.h |
1832 | index e8ae619..819cc28 100644 |
1833 | --- a/include/asm-m32r/uaccess.h |
1834 | +++ b/include/asm-m32r/uaccess.h |
1835 | @@ -5,17 +5,9 @@ #define _ASM_M32R_UACCESS_H |
1836 | * linux/include/asm-m32r/uaccess.h |
1837 | * |
1838 | * M32R version. |
1839 | - * Copyright (C) 2004 Hirokazu Takata <takata at linux-m32r.org> |
1840 | + * Copyright (C) 2004, 2006 Hirokazu Takata <takata at linux-m32r.org> |
1841 | */ |
1842 | |
1843 | -#undef UACCESS_DEBUG |
1844 | - |
1845 | -#ifdef UACCESS_DEBUG |
1846 | -#define UAPRINTK(args...) printk(args) |
1847 | -#else |
1848 | -#define UAPRINTK(args...) |
1849 | -#endif /* UACCESS_DEBUG */ |
1850 | - |
1851 | /* |
1852 | * User space memory access functions |
1853 | */ |
1854 | @@ -38,27 +30,29 @@ #define VERIFY_WRITE 1 |
1855 | #define MAKE_MM_SEG(s) ((mm_segment_t) { (s) }) |
1856 | |
1857 | #ifdef CONFIG_MMU |
1858 | + |
1859 | #define KERNEL_DS MAKE_MM_SEG(0xFFFFFFFF) |
1860 | #define USER_DS MAKE_MM_SEG(PAGE_OFFSET) |
1861 | -#else |
1862 | -#define KERNEL_DS MAKE_MM_SEG(0xFFFFFFFF) |
1863 | -#define USER_DS MAKE_MM_SEG(0xFFFFFFFF) |
1864 | -#endif /* CONFIG_MMU */ |
1865 | - |
1866 | #define get_ds() (KERNEL_DS) |
1867 | -#ifdef CONFIG_MMU |
1868 | #define get_fs() (current_thread_info()->addr_limit) |
1869 | #define set_fs(x) (current_thread_info()->addr_limit = (x)) |
1870 | -#else |
1871 | + |
1872 | +#else /* not CONFIG_MMU */ |
1873 | + |
1874 | +#define KERNEL_DS MAKE_MM_SEG(0xFFFFFFFF) |
1875 | +#define USER_DS MAKE_MM_SEG(0xFFFFFFFF) |
1876 | +#define get_ds() (KERNEL_DS) |
1877 | + |
1878 | static inline mm_segment_t get_fs(void) |
1879 | { |
1880 | - return USER_DS; |
1881 | + return USER_DS; |
1882 | } |
1883 | |
1884 | static inline void set_fs(mm_segment_t s) |
1885 | { |
1886 | } |
1887 | -#endif /* CONFIG_MMU */ |
1888 | + |
1889 | +#endif /* not CONFIG_MMU */ |
1890 | |
1891 | #define segment_eq(a,b) ((a).seg == (b).seg) |
1892 | |
1893 | @@ -83,9 +77,9 @@ #define __range_ok(addr,size) ({ \ |
1894 | " subx %0, %0\n" \ |
1895 | " cmpu %4, %1\n" \ |
1896 | " subx %0, %5\n" \ |
1897 | - : "=&r"(flag), "=r"(sum) \ |
1898 | - : "1"(addr), "r"((int)(size)), \ |
1899 | - "r"(current_thread_info()->addr_limit.seg), "r"(0) \ |
1900 | + : "=&r" (flag), "=r" (sum) \ |
1901 | + : "1" (addr), "r" ((int)(size)), \ |
1902 | + "r" (current_thread_info()->addr_limit.seg), "r" (0) \ |
1903 | : "cbit" ); \ |
1904 | flag; }) |
1905 | |
1906 | @@ -113,10 +107,10 @@ #define access_ok(type,addr,size) (likel |
1907 | #else |
1908 | static inline int access_ok(int type, const void *addr, unsigned long size) |
1909 | { |
1910 | - extern unsigned long memory_start, memory_end; |
1911 | - unsigned long val = (unsigned long)addr; |
1912 | + extern unsigned long memory_start, memory_end; |
1913 | + unsigned long val = (unsigned long)addr; |
1914 | |
1915 | - return ((val >= memory_start) && ((val + size) < memory_end)); |
1916 | + return ((val >= memory_start) && ((val + size) < memory_end)); |
1917 | } |
1918 | #endif /* CONFIG_MMU */ |
1919 | |
1920 | @@ -155,39 +149,6 @@ extern int fixup_exception(struct pt_reg |
1921 | * accesses to the same area of user memory). |
1922 | */ |
1923 | |
1924 | -extern void __get_user_1(void); |
1925 | -extern void __get_user_2(void); |
1926 | -extern void __get_user_4(void); |
1927 | - |
1928 | -#ifndef MODULE |
1929 | -#define __get_user_x(size,ret,x,ptr) \ |
1930 | - __asm__ __volatile__( \ |
1931 | - " mv r0, %0\n" \ |
1932 | - " mv r1, %1\n" \ |
1933 | - " bl __get_user_" #size "\n" \ |
1934 | - " mv %0, r0\n" \ |
1935 | - " mv %1, r1\n" \ |
1936 | - : "=r"(ret), "=r"(x) \ |
1937 | - : "0"(ptr) \ |
1938 | - : "r0", "r1", "r14" ) |
1939 | -#else /* MODULE */ |
1940 | -/* |
1941 | - * Use "jl" instead of "bl" for MODULE |
1942 | - */ |
1943 | -#define __get_user_x(size,ret,x,ptr) \ |
1944 | - __asm__ __volatile__( \ |
1945 | - " mv r0, %0\n" \ |
1946 | - " mv r1, %1\n" \ |
1947 | - " seth lr, #high(__get_user_" #size ")\n" \ |
1948 | - " or3 lr, lr, #low(__get_user_" #size ")\n" \ |
1949 | - " jl lr\n" \ |
1950 | - " mv %0, r0\n" \ |
1951 | - " mv %1, r1\n" \ |
1952 | - : "=r"(ret), "=r"(x) \ |
1953 | - : "0"(ptr) \ |
1954 | - : "r0", "r1", "r14" ) |
1955 | -#endif |
1956 | - |
1957 | /* Careful: we have to cast the result to the type of the pointer for sign |
1958 | reasons */ |
1959 | /** |
1960 | @@ -208,20 +169,7 @@ #endif |
1961 | * On error, the variable @x is set to zero. |
1962 | */ |
1963 | #define get_user(x,ptr) \ |
1964 | -({ int __ret_gu; \ |
1965 | - unsigned long __val_gu; \ |
1966 | - __chk_user_ptr(ptr); \ |
1967 | - switch(sizeof (*(ptr))) { \ |
1968 | - case 1: __get_user_x(1,__ret_gu,__val_gu,ptr); break; \ |
1969 | - case 2: __get_user_x(2,__ret_gu,__val_gu,ptr); break; \ |
1970 | - case 4: __get_user_x(4,__ret_gu,__val_gu,ptr); break; \ |
1971 | - default: __get_user_x(X,__ret_gu,__val_gu,ptr); break; \ |
1972 | - } \ |
1973 | - (x) = (__typeof__(*(ptr)))__val_gu; \ |
1974 | - __ret_gu; \ |
1975 | -}) |
1976 | - |
1977 | -extern void __put_user_bad(void); |
1978 | + __get_user_check((x),(ptr),sizeof(*(ptr))) |
1979 | |
1980 | /** |
1981 | * put_user: - Write a simple value into user space. |
1982 | @@ -240,8 +188,7 @@ extern void __put_user_bad(void); |
1983 | * Returns zero on success, or -EFAULT on error. |
1984 | */ |
1985 | #define put_user(x,ptr) \ |
1986 | - __put_user_check((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr))) |
1987 | - |
1988 | + __put_user_check((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr))) |
1989 | |
1990 | /** |
1991 | * __get_user: - Get a simple variable from user space, with less checking. |
1992 | @@ -264,8 +211,64 @@ #define put_user(x,ptr) \ |
1993 | * On error, the variable @x is set to zero. |
1994 | */ |
1995 | #define __get_user(x,ptr) \ |
1996 | - __get_user_nocheck((x),(ptr),sizeof(*(ptr))) |
1997 | + __get_user_nocheck((x),(ptr),sizeof(*(ptr))) |
1998 | |
1999 | +#define __get_user_nocheck(x,ptr,size) \ |
2000 | +({ \ |
2001 | + long __gu_err = 0; \ |
2002 | + unsigned long __gu_val; \ |
2003 | + might_sleep(); \ |
2004 | + __get_user_size(__gu_val,(ptr),(size),__gu_err); \ |
2005 | + (x) = (__typeof__(*(ptr)))__gu_val; \ |
2006 | + __gu_err; \ |
2007 | +}) |
2008 | + |
2009 | +#define __get_user_check(x,ptr,size) \ |
2010 | +({ \ |
2011 | + long __gu_err = -EFAULT; \ |
2012 | + unsigned long __gu_val = 0; \ |
2013 | + const __typeof__(*(ptr)) __user *__gu_addr = (ptr); \ |
2014 | + might_sleep(); \ |
2015 | + if (access_ok(VERIFY_READ,__gu_addr,size)) \ |
2016 | + __get_user_size(__gu_val,__gu_addr,(size),__gu_err); \ |
2017 | + (x) = (__typeof__(*(ptr)))__gu_val; \ |
2018 | + __gu_err; \ |
2019 | +}) |
2020 | + |
2021 | +extern long __get_user_bad(void); |
2022 | + |
2023 | +#define __get_user_size(x,ptr,size,retval) \ |
2024 | +do { \ |
2025 | + retval = 0; \ |
2026 | + __chk_user_ptr(ptr); \ |
2027 | + switch (size) { \ |
2028 | + case 1: __get_user_asm(x,ptr,retval,"ub"); break; \ |
2029 | + case 2: __get_user_asm(x,ptr,retval,"uh"); break; \ |
2030 | + case 4: __get_user_asm(x,ptr,retval,""); break; \ |
2031 | + default: (x) = __get_user_bad(); \ |
2032 | + } \ |
2033 | +} while (0) |
2034 | + |
2035 | +#define __get_user_asm(x, addr, err, itype) \ |
2036 | + __asm__ __volatile__( \ |
2037 | + " .fillinsn\n" \ |
2038 | + "1: ld"itype" %1,@%2\n" \ |
2039 | + " .fillinsn\n" \ |
2040 | + "2:\n" \ |
2041 | + ".section .fixup,\"ax\"\n" \ |
2042 | + " .balign 4\n" \ |
2043 | + "3: ldi %0,%3\n" \ |
2044 | + " seth r14,#high(2b)\n" \ |
2045 | + " or3 r14,r14,#low(2b)\n" \ |
2046 | + " jmp r14\n" \ |
2047 | + ".previous\n" \ |
2048 | + ".section __ex_table,\"a\"\n" \ |
2049 | + " .balign 4\n" \ |
2050 | + " .long 1b,3b\n" \ |
2051 | + ".previous" \ |
2052 | + : "=&r" (err), "=&r" (x) \ |
2053 | + : "r" (addr), "i" (-EFAULT), "0" (err) \ |
2054 | + : "r14", "memory") |
2055 | |
2056 | /** |
2057 | * __put_user: - Write a simple value into user space, with less checking. |
2058 | @@ -287,11 +290,13 @@ #define __get_user(x,ptr) \ |
2059 | * Returns zero on success, or -EFAULT on error. |
2060 | */ |
2061 | #define __put_user(x,ptr) \ |
2062 | - __put_user_nocheck((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr))) |
2063 | + __put_user_nocheck((__typeof__(*(ptr)))(x),(ptr),sizeof(*(ptr))) |
2064 | + |
2065 | |
2066 | #define __put_user_nocheck(x,ptr,size) \ |
2067 | ({ \ |
2068 | long __pu_err; \ |
2069 | + might_sleep(); \ |
2070 | __put_user_size((x),(ptr),(size),__pu_err); \ |
2071 | __pu_err; \ |
2072 | }) |
2073 | @@ -308,28 +313,28 @@ ({ \ |
2074 | }) |
2075 | |
2076 | #if defined(__LITTLE_ENDIAN__) |
2077 | -#define __put_user_u64(x, addr, err) \ |
2078 | - __asm__ __volatile__( \ |
2079 | - " .fillinsn\n" \ |
2080 | - "1: st %L1,@%2\n" \ |
2081 | - " .fillinsn\n" \ |
2082 | - "2: st %H1,@(4,%2)\n" \ |
2083 | - " .fillinsn\n" \ |
2084 | - "3:\n" \ |
2085 | - ".section .fixup,\"ax\"\n" \ |
2086 | - " .balign 4\n" \ |
2087 | - "4: ldi %0,%3\n" \ |
2088 | - " seth r14,#high(3b)\n" \ |
2089 | - " or3 r14,r14,#low(3b)\n" \ |
2090 | - " jmp r14\n" \ |
2091 | - ".previous\n" \ |
2092 | - ".section __ex_table,\"a\"\n" \ |
2093 | - " .balign 4\n" \ |
2094 | - " .long 1b,4b\n" \ |
2095 | - " .long 2b,4b\n" \ |
2096 | - ".previous" \ |
2097 | - : "=&r"(err) \ |
2098 | - : "r"(x), "r"(addr), "i"(-EFAULT), "0"(err) \ |
2099 | +#define __put_user_u64(x, addr, err) \ |
2100 | + __asm__ __volatile__( \ |
2101 | + " .fillinsn\n" \ |
2102 | + "1: st %L1,@%2\n" \ |
2103 | + " .fillinsn\n" \ |
2104 | + "2: st %H1,@(4,%2)\n" \ |
2105 | + " .fillinsn\n" \ |
2106 | + "3:\n" \ |
2107 | + ".section .fixup,\"ax\"\n" \ |
2108 | + " .balign 4\n" \ |
2109 | + "4: ldi %0,%3\n" \ |
2110 | + " seth r14,#high(3b)\n" \ |
2111 | + " or3 r14,r14,#low(3b)\n" \ |
2112 | + " jmp r14\n" \ |
2113 | + ".previous\n" \ |
2114 | + ".section __ex_table,\"a\"\n" \ |
2115 | + " .balign 4\n" \ |
2116 | + " .long 1b,4b\n" \ |
2117 | + " .long 2b,4b\n" \ |
2118 | + ".previous" \ |
2119 | + : "=&r" (err) \ |
2120 | + : "r" (x), "r" (addr), "i" (-EFAULT), "0" (err) \ |
2121 | : "r14", "memory") |
2122 | |
2123 | #elif defined(__BIG_ENDIAN__) |
2124 | @@ -353,13 +358,15 @@ #define __put_user_u64(x, addr, err) |
2125 | " .long 1b,4b\n" \ |
2126 | " .long 2b,4b\n" \ |
2127 | ".previous" \ |
2128 | - : "=&r"(err) \ |
2129 | - : "r"(x), "r"(addr), "i"(-EFAULT), "0"(err) \ |
2130 | + : "=&r" (err) \ |
2131 | + : "r" (x), "r" (addr), "i" (-EFAULT), "0" (err) \ |
2132 | : "r14", "memory") |
2133 | #else |
2134 | #error no endian defined |
2135 | #endif |
2136 | |
2137 | +extern void __put_user_bad(void); |
2138 | + |
2139 | #define __put_user_size(x,ptr,size,retval) \ |
2140 | do { \ |
2141 | retval = 0; \ |
2142 | @@ -398,52 +405,8 @@ #define __put_user_asm(x, addr, err, ity |
2143 | " .balign 4\n" \ |
2144 | " .long 1b,3b\n" \ |
2145 | ".previous" \ |
2146 | - : "=&r"(err) \ |
2147 | - : "r"(x), "r"(addr), "i"(-EFAULT), "0"(err) \ |
2148 | - : "r14", "memory") |
2149 | - |
2150 | -#define __get_user_nocheck(x,ptr,size) \ |
2151 | -({ \ |
2152 | - long __gu_err; \ |
2153 | - unsigned long __gu_val; \ |
2154 | - __get_user_size(__gu_val,(ptr),(size),__gu_err); \ |
2155 | - (x) = (__typeof__(*(ptr)))__gu_val; \ |
2156 | - __gu_err; \ |
2157 | -}) |
2158 | - |
2159 | -extern long __get_user_bad(void); |
2160 | - |
2161 | -#define __get_user_size(x,ptr,size,retval) \ |
2162 | -do { \ |
2163 | - retval = 0; \ |
2164 | - __chk_user_ptr(ptr); \ |
2165 | - switch (size) { \ |
2166 | - case 1: __get_user_asm(x,ptr,retval,"ub"); break; \ |
2167 | - case 2: __get_user_asm(x,ptr,retval,"uh"); break; \ |
2168 | - case 4: __get_user_asm(x,ptr,retval,""); break; \ |
2169 | - default: (x) = __get_user_bad(); \ |
2170 | - } \ |
2171 | -} while (0) |
2172 | - |
2173 | -#define __get_user_asm(x, addr, err, itype) \ |
2174 | - __asm__ __volatile__( \ |
2175 | - " .fillinsn\n" \ |
2176 | - "1: ld"itype" %1,@%2\n" \ |
2177 | - " .fillinsn\n" \ |
2178 | - "2:\n" \ |
2179 | - ".section .fixup,\"ax\"\n" \ |
2180 | - " .balign 4\n" \ |
2181 | - "3: ldi %0,%3\n" \ |
2182 | - " seth r14,#high(2b)\n" \ |
2183 | - " or3 r14,r14,#low(2b)\n" \ |
2184 | - " jmp r14\n" \ |
2185 | - ".previous\n" \ |
2186 | - ".section __ex_table,\"a\"\n" \ |
2187 | - " .balign 4\n" \ |
2188 | - " .long 1b,3b\n" \ |
2189 | - ".previous" \ |
2190 | - : "=&r"(err), "=&r"(x) \ |
2191 | - : "r"(addr), "i"(-EFAULT), "0"(err) \ |
2192 | + : "=&r" (err) \ |
2193 | + : "r" (x), "r" (addr), "i" (-EFAULT), "0" (err) \ |
2194 | : "r14", "memory") |
2195 | |
2196 | /* |
2197 | @@ -453,7 +416,6 @@ #define __get_user_asm(x, addr, err, ity |
2198 | * anything, so this is accurate. |
2199 | */ |
2200 | |
2201 | - |
2202 | /* |
2203 | * Copy To/From Userspace |
2204 | */ |
2205 | @@ -511,8 +473,9 @@ do { \ |
2206 | " .long 2b,9b\n" \ |
2207 | " .long 3b,9b\n" \ |
2208 | ".previous\n" \ |
2209 | - : "=&r"(__dst), "=&r"(__src), "=&r"(size), "=&r"(__c) \ |
2210 | - : "0"(to), "1"(from), "2"(size), "3"(size / 4) \ |
2211 | + : "=&r" (__dst), "=&r" (__src), "=&r" (size), \ |
2212 | + "=&r" (__c) \ |
2213 | + : "0" (to), "1" (from), "2" (size), "3" (size / 4) \ |
2214 | : "r14", "memory"); \ |
2215 | } while (0) |
2216 | |
2217 | @@ -573,8 +536,9 @@ do { \ |
2218 | " .long 2b,7b\n" \ |
2219 | " .long 3b,7b\n" \ |
2220 | ".previous\n" \ |
2221 | - : "=&r"(__dst), "=&r"(__src), "=&r"(size), "=&r"(__c) \ |
2222 | - : "0"(to), "1"(from), "2"(size), "3"(size / 4) \ |
2223 | + : "=&r" (__dst), "=&r" (__src), "=&r" (size), \ |
2224 | + "=&r" (__c) \ |
2225 | + : "0" (to), "1" (from), "2" (size), "3" (size / 4) \ |
2226 | : "r14", "memory"); \ |
2227 | } while (0) |
2228 | |
2229 | @@ -676,7 +640,7 @@ #define __copy_from_user(to,from,n) \ |
2230 | #define copy_from_user(to,from,n) \ |
2231 | ({ \ |
2232 | might_sleep(); \ |
2233 | -__generic_copy_from_user((to),(from),(n)); \ |
2234 | + __generic_copy_from_user((to),(from),(n)); \ |
2235 | }) |
2236 | |
2237 | long __must_check strncpy_from_user(char *dst, const char __user *src, |
2238 | diff --git a/include/asm-powerpc/floppy.h b/include/asm-powerpc/floppy.h |
2239 | index e258778..608164c 100644 |
2240 | --- a/include/asm-powerpc/floppy.h |
2241 | +++ b/include/asm-powerpc/floppy.h |
2242 | @@ -35,6 +35,7 @@ #define fd_free_irq() free_irq |
2243 | #ifdef CONFIG_PCI |
2244 | |
2245 | #include <linux/pci.h> |
2246 | +#include <asm/ppc-pci.h> /* for ppc64_isabridge_dev */ |
2247 | |
2248 | #define fd_dma_setup(addr,size,mode,io) powerpc_fd_dma_setup(addr,size,mode,io) |
2249 | |
2250 | @@ -52,12 +53,12 @@ static __inline__ int powerpc_fd_dma_set |
2251 | if (bus_addr |
2252 | && (addr != prev_addr || size != prev_size || dir != prev_dir)) { |
2253 | /* different from last time -- unmap prev */ |
2254 | - pci_unmap_single(NULL, bus_addr, prev_size, prev_dir); |
2255 | + pci_unmap_single(ppc64_isabridge_dev, bus_addr, prev_size, prev_dir); |
2256 | bus_addr = 0; |
2257 | } |
2258 | |
2259 | if (!bus_addr) /* need to map it */ |
2260 | - bus_addr = pci_map_single(NULL, addr, size, dir); |
2261 | + bus_addr = pci_map_single(ppc64_isabridge_dev, addr, size, dir); |
2262 | |
2263 | /* remember this one as prev */ |
2264 | prev_addr = addr; |
2265 | diff --git a/include/asm-x86_64/cpufeature.h b/include/asm-x86_64/cpufeature.h |
2266 | index 76bb619..662964b 100644 |
2267 | --- a/include/asm-x86_64/cpufeature.h |
2268 | +++ b/include/asm-x86_64/cpufeature.h |
2269 | @@ -64,6 +64,7 @@ #define X86_FEATURE_CENTAUR_MCR (3*32+ 3 |
2270 | #define X86_FEATURE_REP_GOOD (3*32+ 4) /* rep microcode works well on this CPU */ |
2271 | #define X86_FEATURE_CONSTANT_TSC (3*32+5) /* TSC runs at constant rate */ |
2272 | #define X86_FEATURE_SYNC_RDTSC (3*32+6) /* RDTSC syncs CPU core */ |
2273 | +#define X86_FEATURE_FXSAVE_LEAK (3*32+7) /* FIP/FOP/FDP leaks through FXSAVE */ |
2274 | |
2275 | /* Intel-defined CPU features, CPUID level 0x00000001 (ecx), word 4 */ |
2276 | #define X86_FEATURE_XMM3 (4*32+ 0) /* Streaming SIMD Extensions-3 */ |
2277 | diff --git a/include/asm-x86_64/i387.h b/include/asm-x86_64/i387.h |
2278 | index 876eb9a..cba8a3b 100644 |
2279 | --- a/include/asm-x86_64/i387.h |
2280 | +++ b/include/asm-x86_64/i387.h |
2281 | @@ -72,6 +72,23 @@ #define set_fpu_cwd(t,val) ((t)->thread. |
2282 | #define set_fpu_swd(t,val) ((t)->thread.i387.fxsave.swd = (val)) |
2283 | #define set_fpu_fxsr_twd(t,val) ((t)->thread.i387.fxsave.twd = (val)) |
2284 | |
2285 | +#define X87_FSW_ES (1 << 7) /* Exception Summary */ |
2286 | + |
2287 | +/* AMD CPUs don't save/restore FDP/FIP/FOP unless an exception |
2288 | + is pending. Clear the x87 state here by setting it to fixed |
2289 | + values. The kernel data segment can be sometimes 0 and sometimes |
2290 | + new user value. Both should be ok. |
2291 | + Use the PDA as safe address because it should be already in L1. */ |
2292 | +static inline void clear_fpu_state(struct i387_fxsave_struct *fx) |
2293 | +{ |
2294 | + if (unlikely(fx->swd & X87_FSW_ES)) |
2295 | + asm volatile("fnclex"); |
2296 | + alternative_input(ASM_NOP8 ASM_NOP2, |
2297 | + " emms\n" /* clear stack tags */ |
2298 | + " fildl %%gs:0", /* load to clear state */ |
2299 | + X86_FEATURE_FXSAVE_LEAK); |
2300 | +} |
2301 | + |
2302 | static inline int restore_fpu_checking(struct i387_fxsave_struct *fx) |
2303 | { |
2304 | int err; |
2305 | @@ -119,6 +136,7 @@ #else |
2306 | #endif |
2307 | if (unlikely(err)) |
2308 | __clear_user(fx, sizeof(struct i387_fxsave_struct)); |
2309 | + /* No need to clear here because the caller clears USED_MATH */ |
2310 | return err; |
2311 | } |
2312 | |
2313 | @@ -149,7 +167,7 @@ #else |
2314 | "i" (offsetof(__typeof__(*tsk), |
2315 | thread.i387.fxsave))); |
2316 | #endif |
2317 | - __asm__ __volatile__("fnclex"); |
2318 | + clear_fpu_state(&tsk->thread.i387.fxsave); |
2319 | } |
2320 | |
2321 | static inline void kernel_fpu_begin(void) |
2322 | diff --git a/include/linux/cpu.h b/include/linux/cpu.h |
2323 | index 0ed1d48..d612b89 100644 |
2324 | --- a/include/linux/cpu.h |
2325 | +++ b/include/linux/cpu.h |
2326 | @@ -32,7 +32,7 @@ struct cpu { |
2327 | }; |
2328 | |
2329 | extern int register_cpu(struct cpu *, int, struct node *); |
2330 | -extern struct sys_device *get_cpu_sysdev(int cpu); |
2331 | +extern struct sys_device *get_cpu_sysdev(unsigned cpu); |
2332 | #ifdef CONFIG_HOTPLUG_CPU |
2333 | extern void unregister_cpu(struct cpu *, struct node *); |
2334 | #endif |
2335 | diff --git a/include/linux/fb.h b/include/linux/fb.h |
2336 | index 2cb19e6..2fdd8ae 100644 |
2337 | --- a/include/linux/fb.h |
2338 | +++ b/include/linux/fb.h |
2339 | @@ -839,12 +839,10 @@ #if defined (__BIG_ENDIAN) |
2340 | #define FB_LEFT_POS(bpp) (32 - bpp) |
2341 | #define FB_SHIFT_HIGH(val, bits) ((val) >> (bits)) |
2342 | #define FB_SHIFT_LOW(val, bits) ((val) << (bits)) |
2343 | -#define FB_BIT_NR(b) (7 - (b)) |
2344 | #else |
2345 | #define FB_LEFT_POS(bpp) (0) |
2346 | #define FB_SHIFT_HIGH(val, bits) ((val) << (bits)) |
2347 | #define FB_SHIFT_LOW(val, bits) ((val) >> (bits)) |
2348 | -#define FB_BIT_NR(b) (b) |
2349 | #endif |
2350 | |
2351 | /* |
2352 | diff --git a/include/linux/mm.h b/include/linux/mm.h |
2353 | index 498ff87..279446e 100644 |
2354 | --- a/include/linux/mm.h |
2355 | +++ b/include/linux/mm.h |
2356 | @@ -229,10 +229,9 @@ struct page { |
2357 | unsigned long private; /* Mapping-private opaque data: |
2358 | * usually used for buffer_heads |
2359 | * if PagePrivate set; used for |
2360 | - * swp_entry_t if PageSwapCache. |
2361 | - * When page is free, this |
2362 | + * swp_entry_t if PageSwapCache; |
2363 | * indicates order in the buddy |
2364 | - * system. |
2365 | + * system if PG_buddy is set. |
2366 | */ |
2367 | struct address_space *mapping; /* If low bit clear, points to |
2368 | * inode address_space, or NULL. |
2369 | diff --git a/include/linux/page-flags.h b/include/linux/page-flags.h |
2370 | index d52999c..d7ce72e 100644 |
2371 | --- a/include/linux/page-flags.h |
2372 | +++ b/include/linux/page-flags.h |
2373 | @@ -74,7 +74,9 @@ #define PG_swapcache 15 /* Swap page: s |
2374 | #define PG_mappedtodisk 16 /* Has blocks allocated on-disk */ |
2375 | #define PG_reclaim 17 /* To be reclaimed asap */ |
2376 | #define PG_nosave_free 18 /* Free, should not be written */ |
2377 | -#define PG_uncached 19 /* Page has been mapped as uncached */ |
2378 | +#define PG_buddy 19 /* Page is free, on buddy lists */ |
2379 | + |
2380 | +#define PG_uncached 20 /* Page has been mapped as uncached */ |
2381 | |
2382 | /* |
2383 | * Global page accounting. One instance per CPU. Only unsigned longs are |
2384 | @@ -319,6 +321,10 @@ #define PageNosaveFree(page) test_bit(PG |
2385 | #define SetPageNosaveFree(page) set_bit(PG_nosave_free, &(page)->flags) |
2386 | #define ClearPageNosaveFree(page) clear_bit(PG_nosave_free, &(page)->flags) |
2387 | |
2388 | +#define PageBuddy(page) test_bit(PG_buddy, &(page)->flags) |
2389 | +#define __SetPageBuddy(page) __set_bit(PG_buddy, &(page)->flags) |
2390 | +#define __ClearPageBuddy(page) __clear_bit(PG_buddy, &(page)->flags) |
2391 | + |
2392 | #define PageMappedToDisk(page) test_bit(PG_mappedtodisk, &(page)->flags) |
2393 | #define SetPageMappedToDisk(page) set_bit(PG_mappedtodisk, &(page)->flags) |
2394 | #define ClearPageMappedToDisk(page) clear_bit(PG_mappedtodisk, &(page)->flags) |
2395 | diff --git a/include/linux/proc_fs.h b/include/linux/proc_fs.h |
2396 | index aa6322d..6c1e347 100644 |
2397 | --- a/include/linux/proc_fs.h |
2398 | +++ b/include/linux/proc_fs.h |
2399 | @@ -78,7 +78,7 @@ struct kcore_list { |
2400 | struct vmcore { |
2401 | struct list_head list; |
2402 | unsigned long long paddr; |
2403 | - unsigned long size; |
2404 | + unsigned long long size; |
2405 | loff_t offset; |
2406 | }; |
2407 | |
2408 | diff --git a/include/linux/raid/raid1.h b/include/linux/raid/raid1.h |
2409 | index 9d5494a..3009c81 100644 |
2410 | --- a/include/linux/raid/raid1.h |
2411 | +++ b/include/linux/raid/raid1.h |
2412 | @@ -130,6 +130,6 @@ #define R1BIO_BarrierRetry 5 |
2413 | * with failure when last write completes (and all failed). |
2414 | * Record that bi_end_io was called with this flag... |
2415 | */ |
2416 | -#define R1BIO_Returned 4 |
2417 | +#define R1BIO_Returned 6 |
2418 | |
2419 | #endif |
2420 | diff --git a/include/linux/rtc.h b/include/linux/rtc.h |
2421 | index 0b2ba67..b739ac1 100644 |
2422 | --- a/include/linux/rtc.h |
2423 | +++ b/include/linux/rtc.h |
2424 | @@ -11,8 +11,6 @@ |
2425 | #ifndef _LINUX_RTC_H_ |
2426 | #define _LINUX_RTC_H_ |
2427 | |
2428 | -#include <linux/interrupt.h> |
2429 | - |
2430 | /* |
2431 | * The struct used to pass data via the following ioctl. Similar to the |
2432 | * struct tm in <time.h>, but it needs to be here so that the kernel |
2433 | @@ -95,6 +93,8 @@ #define RTC_PLL_SET _IOW('p', 0x12, stru |
2434 | |
2435 | #ifdef __KERNEL__ |
2436 | |
2437 | +#include <linux/interrupt.h> |
2438 | + |
2439 | typedef struct rtc_task { |
2440 | void (*func)(void *private_data); |
2441 | void *private_data; |
2442 | diff --git a/include/net/ip.h b/include/net/ip.h |
2443 | index fab3d5b..ed84d04 100644 |
2444 | --- a/include/net/ip.h |
2445 | +++ b/include/net/ip.h |
2446 | @@ -95,6 +95,7 @@ extern int ip_local_deliver(struct sk_b |
2447 | extern int ip_mr_input(struct sk_buff *skb); |
2448 | extern int ip_output(struct sk_buff *skb); |
2449 | extern int ip_mc_output(struct sk_buff *skb); |
2450 | +extern int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *)); |
2451 | extern int ip_do_nat(struct sk_buff *skb); |
2452 | extern void ip_send_check(struct iphdr *ip); |
2453 | extern int ip_queue_xmit(struct sk_buff *skb, int ipfragok); |
2454 | diff --git a/ipc/shm.c b/ipc/shm.c |
2455 | index 9162123..f409726 100644 |
2456 | --- a/ipc/shm.c |
2457 | +++ b/ipc/shm.c |
2458 | @@ -161,6 +161,8 @@ static int shm_mmap(struct file * file, |
2459 | ret = shmem_mmap(file, vma); |
2460 | if (ret == 0) { |
2461 | vma->vm_ops = &shm_vm_ops; |
2462 | + if (!(vma->vm_flags & VM_WRITE)) |
2463 | + vma->vm_flags &= ~VM_MAYWRITE; |
2464 | shm_inc(file->f_dentry->d_inode->i_ino); |
2465 | } |
2466 | |
2467 | diff --git a/kernel/exec_domain.c b/kernel/exec_domain.c |
2468 | index 867d6db..c01cead 100644 |
2469 | --- a/kernel/exec_domain.c |
2470 | +++ b/kernel/exec_domain.c |
2471 | @@ -140,6 +140,7 @@ __set_personality(u_long personality) |
2472 | ep = lookup_exec_domain(personality); |
2473 | if (ep == current_thread_info()->exec_domain) { |
2474 | current->personality = personality; |
2475 | + module_put(ep->module); |
2476 | return 0; |
2477 | } |
2478 | |
2479 | diff --git a/kernel/fork.c b/kernel/fork.c |
2480 | index b373322..9d4e0d8 100644 |
2481 | --- a/kernel/fork.c |
2482 | +++ b/kernel/fork.c |
2483 | @@ -720,7 +720,7 @@ out_release: |
2484 | free_fdset (new_fdt->open_fds, new_fdt->max_fdset); |
2485 | free_fd_array(new_fdt->fd, new_fdt->max_fds); |
2486 | kmem_cache_free(files_cachep, newf); |
2487 | - goto out; |
2488 | + return NULL; |
2489 | } |
2490 | |
2491 | static int copy_files(unsigned long clone_flags, struct task_struct * tsk) |
2492 | diff --git a/kernel/power/process.c b/kernel/power/process.c |
2493 | index 28de118..67b2cdd 100644 |
2494 | --- a/kernel/power/process.c |
2495 | +++ b/kernel/power/process.c |
2496 | @@ -25,8 +25,7 @@ static inline int freezeable(struct task |
2497 | (p->flags & PF_NOFREEZE) || |
2498 | (p->exit_state == EXIT_ZOMBIE) || |
2499 | (p->exit_state == EXIT_DEAD) || |
2500 | - (p->state == TASK_STOPPED) || |
2501 | - (p->state == TASK_TRACED)) |
2502 | + (p->state == TASK_STOPPED)) |
2503 | return 0; |
2504 | return 1; |
2505 | } |
2506 | diff --git a/kernel/ptrace.c b/kernel/ptrace.c |
2507 | index d95a72c..b5eaeb9 100644 |
2508 | --- a/kernel/ptrace.c |
2509 | +++ b/kernel/ptrace.c |
2510 | @@ -57,10 +57,6 @@ void ptrace_untrace(task_t *child) |
2511 | signal_wake_up(child, 1); |
2512 | } |
2513 | } |
2514 | - if (child->signal->flags & SIGNAL_GROUP_EXIT) { |
2515 | - sigaddset(&child->pending.signal, SIGKILL); |
2516 | - signal_wake_up(child, 1); |
2517 | - } |
2518 | spin_unlock(&child->sighand->siglock); |
2519 | } |
2520 | |
2521 | @@ -82,7 +78,8 @@ void __ptrace_unlink(task_t *child) |
2522 | SET_LINKS(child); |
2523 | } |
2524 | |
2525 | - ptrace_untrace(child); |
2526 | + if (child->state == TASK_TRACED) |
2527 | + ptrace_untrace(child); |
2528 | } |
2529 | |
2530 | /* |
2531 | diff --git a/kernel/sched.c b/kernel/sched.c |
2532 | index 4d46e90..4e7efac 100644 |
2533 | --- a/kernel/sched.c |
2534 | +++ b/kernel/sched.c |
2535 | @@ -237,6 +237,7 @@ #ifdef CONFIG_SMP |
2536 | |
2537 | task_t *migration_thread; |
2538 | struct list_head migration_queue; |
2539 | + int cpu; |
2540 | #endif |
2541 | |
2542 | #ifdef CONFIG_SCHEDSTATS |
2543 | @@ -1660,6 +1661,9 @@ #ifdef CONFIG_SMP |
2544 | /* |
2545 | * double_rq_lock - safely lock two runqueues |
2546 | * |
2547 | + * We must take them in cpu order to match code in |
2548 | + * dependent_sleeper and wake_dependent_sleeper. |
2549 | + * |
2550 | * Note this does not disable interrupts like task_rq_lock, |
2551 | * you need to do so manually before calling. |
2552 | */ |
2553 | @@ -1671,7 +1675,7 @@ static void double_rq_lock(runqueue_t *r |
2554 | spin_lock(&rq1->lock); |
2555 | __acquire(rq2->lock); /* Fake it out ;) */ |
2556 | } else { |
2557 | - if (rq1 < rq2) { |
2558 | + if (rq1->cpu < rq2->cpu) { |
2559 | spin_lock(&rq1->lock); |
2560 | spin_lock(&rq2->lock); |
2561 | } else { |
2562 | @@ -1707,7 +1711,7 @@ static void double_lock_balance(runqueue |
2563 | __acquires(this_rq->lock) |
2564 | { |
2565 | if (unlikely(!spin_trylock(&busiest->lock))) { |
2566 | - if (busiest < this_rq) { |
2567 | + if (busiest->cpu < this_rq->cpu) { |
2568 | spin_unlock(&this_rq->lock); |
2569 | spin_lock(&busiest->lock); |
2570 | spin_lock(&this_rq->lock); |
2571 | @@ -6035,6 +6039,7 @@ #ifdef CONFIG_SMP |
2572 | rq->push_cpu = 0; |
2573 | rq->migration_thread = NULL; |
2574 | INIT_LIST_HEAD(&rq->migration_queue); |
2575 | + rq->cpu = i; |
2576 | #endif |
2577 | atomic_set(&rq->nr_iowait, 0); |
2578 | |
2579 | diff --git a/kernel/signal.c b/kernel/signal.c |
2580 | index ea15410..acbccf7 100644 |
2581 | --- a/kernel/signal.c |
2582 | +++ b/kernel/signal.c |
2583 | @@ -975,7 +975,6 @@ __group_complete_signal(int sig, struct |
2584 | if (t == NULL) |
2585 | /* restart balancing at this thread */ |
2586 | t = p->signal->curr_target = p; |
2587 | - BUG_ON(t->tgid != p->tgid); |
2588 | |
2589 | while (!wants_signal(sig, t)) { |
2590 | t = next_thread(t); |
2591 | @@ -1689,6 +1688,7 @@ static void ptrace_stop(int exit_code, i |
2592 | /* Let the debugger run. */ |
2593 | set_current_state(TASK_TRACED); |
2594 | spin_unlock_irq(¤t->sighand->siglock); |
2595 | + try_to_freeze(); |
2596 | read_lock(&tasklist_lock); |
2597 | if (likely(current->ptrace & PT_PTRACED) && |
2598 | likely(current->parent != current->real_parent || |
2599 | @@ -1942,9 +1942,9 @@ relock: |
2600 | /* Let the debugger run. */ |
2601 | ptrace_stop(signr, signr, info); |
2602 | |
2603 | - /* We're back. Did the debugger cancel the sig or group_exit? */ |
2604 | + /* We're back. Did the debugger cancel the sig? */ |
2605 | signr = current->exit_code; |
2606 | - if (signr == 0 || current->signal->flags & SIGNAL_GROUP_EXIT) |
2607 | + if (signr == 0) |
2608 | continue; |
2609 | |
2610 | current->exit_code = 0; |
2611 | diff --git a/kernel/sys.c b/kernel/sys.c |
2612 | index f91218a..105e102 100644 |
2613 | --- a/kernel/sys.c |
2614 | +++ b/kernel/sys.c |
2615 | @@ -1657,7 +1657,19 @@ asmlinkage long sys_setrlimit(unsigned i |
2616 | (cputime_eq(current->signal->it_prof_expires, cputime_zero) || |
2617 | new_rlim.rlim_cur <= cputime_to_secs( |
2618 | current->signal->it_prof_expires))) { |
2619 | - cputime_t cputime = secs_to_cputime(new_rlim.rlim_cur); |
2620 | + unsigned long rlim_cur = new_rlim.rlim_cur; |
2621 | + cputime_t cputime; |
2622 | + |
2623 | + if (rlim_cur == 0) { |
2624 | + /* |
2625 | + * The caller is asking for an immediate RLIMIT_CPU |
2626 | + * expiry. But we use the zero value to mean "it was |
2627 | + * never set". So let's cheat and make it one second |
2628 | + * instead |
2629 | + */ |
2630 | + rlim_cur = 1; |
2631 | + } |
2632 | + cputime = secs_to_cputime(rlim_cur); |
2633 | read_lock(&tasklist_lock); |
2634 | spin_lock_irq(¤t->sighand->siglock); |
2635 | set_process_cpu_timer(current, CPUCLOCK_PROF, |
2636 | diff --git a/mm/madvise.c b/mm/madvise.c |
2637 | index af3d573..4e19615 100644 |
2638 | --- a/mm/madvise.c |
2639 | +++ b/mm/madvise.c |
2640 | @@ -168,6 +168,9 @@ static long madvise_remove(struct vm_are |
2641 | return -EINVAL; |
2642 | } |
2643 | |
2644 | + if ((vma->vm_flags & (VM_SHARED|VM_WRITE)) != (VM_SHARED|VM_WRITE)) |
2645 | + return -EACCES; |
2646 | + |
2647 | mapping = vma->vm_file->f_mapping; |
2648 | |
2649 | offset = (loff_t)(start - vma->vm_start) |
2650 | diff --git a/mm/page_alloc.c b/mm/page_alloc.c |
2651 | index 234bd48..61de222 100644 |
2652 | --- a/mm/page_alloc.c |
2653 | +++ b/mm/page_alloc.c |
2654 | @@ -153,7 +153,8 @@ static void bad_page(struct page *page) |
2655 | 1 << PG_reclaim | |
2656 | 1 << PG_slab | |
2657 | 1 << PG_swapcache | |
2658 | - 1 << PG_writeback ); |
2659 | + 1 << PG_writeback | |
2660 | + 1 << PG_buddy ); |
2661 | set_page_count(page, 0); |
2662 | reset_page_mapcount(page); |
2663 | page->mapping = NULL; |
2664 | @@ -224,12 +225,12 @@ static inline unsigned long page_order(s |
2665 | |
2666 | static inline void set_page_order(struct page *page, int order) { |
2667 | set_page_private(page, order); |
2668 | - __SetPagePrivate(page); |
2669 | + __SetPageBuddy(page); |
2670 | } |
2671 | |
2672 | static inline void rmv_page_order(struct page *page) |
2673 | { |
2674 | - __ClearPagePrivate(page); |
2675 | + __ClearPageBuddy(page); |
2676 | set_page_private(page, 0); |
2677 | } |
2678 | |
2679 | @@ -268,11 +269,13 @@ __find_combined_index(unsigned long page |
2680 | * This function checks whether a page is free && is the buddy |
2681 | * we can do coalesce a page and its buddy if |
2682 | * (a) the buddy is not in a hole && |
2683 | - * (b) the buddy is free && |
2684 | - * (c) the buddy is on the buddy system && |
2685 | - * (d) a page and its buddy have the same order. |
2686 | - * for recording page's order, we use page_private(page) and PG_private. |
2687 | + * (b) the buddy is in the buddy system && |
2688 | + * (c) a page and its buddy have the same order. |
2689 | + * |
2690 | + * For recording whether a page is in the buddy system, we use PG_buddy. |
2691 | + * Setting, clearing, and testing PG_buddy is serialized by zone->lock. |
2692 | * |
2693 | + * For recording page's order, we use page_private(page). |
2694 | */ |
2695 | static inline int page_is_buddy(struct page *page, int order) |
2696 | { |
2697 | @@ -281,10 +284,10 @@ #ifdef CONFIG_HOLES_IN_ZONE |
2698 | return 0; |
2699 | #endif |
2700 | |
2701 | - if (PagePrivate(page) && |
2702 | - (page_order(page) == order) && |
2703 | - page_count(page) == 0) |
2704 | + if (PageBuddy(page) && page_order(page) == order) { |
2705 | + BUG_ON(page_count(page) != 0); |
2706 | return 1; |
2707 | + } |
2708 | return 0; |
2709 | } |
2710 | |
2711 | @@ -301,7 +304,7 @@ #endif |
2712 | * as necessary, plus some accounting needed to play nicely with other |
2713 | * parts of the VM system. |
2714 | * At each level, we keep a list of pages, which are heads of continuous |
2715 | - * free pages of length of (1 << order) and marked with PG_Private.Page's |
2716 | + * free pages of length of (1 << order) and marked with PG_buddy. Page's |
2717 | * order is recorded in page_private(page) field. |
2718 | * So when we are allocating or freeing one, we can derive the state of the |
2719 | * other. That is, if we allocate a small block, and both were |
2720 | @@ -364,7 +367,8 @@ static inline int free_pages_check(struc |
2721 | 1 << PG_slab | |
2722 | 1 << PG_swapcache | |
2723 | 1 << PG_writeback | |
2724 | - 1 << PG_reserved )))) |
2725 | + 1 << PG_reserved | |
2726 | + 1 << PG_buddy )))) |
2727 | bad_page(page); |
2728 | if (PageDirty(page)) |
2729 | __ClearPageDirty(page); |
2730 | @@ -522,7 +526,8 @@ static int prep_new_page(struct page *pa |
2731 | 1 << PG_slab | |
2732 | 1 << PG_swapcache | |
2733 | 1 << PG_writeback | |
2734 | - 1 << PG_reserved )))) |
2735 | + 1 << PG_reserved | |
2736 | + 1 << PG_buddy )))) |
2737 | bad_page(page); |
2738 | |
2739 | /* |
2740 | diff --git a/net/atm/clip.c b/net/atm/clip.c |
2741 | index 73370de..1842a4e 100644 |
2742 | --- a/net/atm/clip.c |
2743 | +++ b/net/atm/clip.c |
2744 | @@ -613,12 +613,19 @@ static int clip_create(int number) |
2745 | |
2746 | |
2747 | static int clip_device_event(struct notifier_block *this,unsigned long event, |
2748 | - void *dev) |
2749 | + void *arg) |
2750 | { |
2751 | + struct net_device *dev = arg; |
2752 | + |
2753 | + if (event == NETDEV_UNREGISTER) { |
2754 | + neigh_ifdown(&clip_tbl, dev); |
2755 | + return NOTIFY_DONE; |
2756 | + } |
2757 | + |
2758 | /* ignore non-CLIP devices */ |
2759 | - if (((struct net_device *) dev)->type != ARPHRD_ATM || |
2760 | - ((struct net_device *) dev)->hard_start_xmit != clip_start_xmit) |
2761 | + if (dev->type != ARPHRD_ATM || dev->hard_start_xmit != clip_start_xmit) |
2762 | return NOTIFY_DONE; |
2763 | + |
2764 | switch (event) { |
2765 | case NETDEV_UP: |
2766 | DPRINTK("clip_device_event NETDEV_UP\n"); |
2767 | @@ -686,14 +693,12 @@ static struct notifier_block clip_inet_n |
2768 | static void atmarpd_close(struct atm_vcc *vcc) |
2769 | { |
2770 | DPRINTK("atmarpd_close\n"); |
2771 | - atmarpd = NULL; /* assumed to be atomic */ |
2772 | - barrier(); |
2773 | - unregister_inetaddr_notifier(&clip_inet_notifier); |
2774 | - unregister_netdevice_notifier(&clip_dev_notifier); |
2775 | - if (skb_peek(&sk_atm(vcc)->sk_receive_queue)) |
2776 | - printk(KERN_ERR "atmarpd_close: closing with requests " |
2777 | - "pending\n"); |
2778 | + |
2779 | + rtnl_lock(); |
2780 | + atmarpd = NULL; |
2781 | skb_queue_purge(&sk_atm(vcc)->sk_receive_queue); |
2782 | + rtnl_unlock(); |
2783 | + |
2784 | DPRINTK("(done)\n"); |
2785 | module_put(THIS_MODULE); |
2786 | } |
2787 | @@ -714,7 +719,12 @@ static struct atm_dev atmarpd_dev = { |
2788 | |
2789 | static int atm_init_atmarp(struct atm_vcc *vcc) |
2790 | { |
2791 | - if (atmarpd) return -EADDRINUSE; |
2792 | + rtnl_lock(); |
2793 | + if (atmarpd) { |
2794 | + rtnl_unlock(); |
2795 | + return -EADDRINUSE; |
2796 | + } |
2797 | + |
2798 | if (start_timer) { |
2799 | start_timer = 0; |
2800 | init_timer(&idle_timer); |
2801 | @@ -731,10 +741,7 @@ static int atm_init_atmarp(struct atm_vc |
2802 | vcc->push = NULL; |
2803 | vcc->pop = NULL; /* crash */ |
2804 | vcc->push_oam = NULL; /* crash */ |
2805 | - if (register_netdevice_notifier(&clip_dev_notifier)) |
2806 | - printk(KERN_ERR "register_netdevice_notifier failed\n"); |
2807 | - if (register_inetaddr_notifier(&clip_inet_notifier)) |
2808 | - printk(KERN_ERR "register_inetaddr_notifier failed\n"); |
2809 | + rtnl_unlock(); |
2810 | return 0; |
2811 | } |
2812 | |
2813 | @@ -992,6 +999,8 @@ static int __init atm_clip_init(void) |
2814 | |
2815 | clip_tbl_hook = &clip_tbl; |
2816 | register_atm_ioctl(&clip_ioctl_ops); |
2817 | + register_netdevice_notifier(&clip_dev_notifier); |
2818 | + register_inetaddr_notifier(&clip_inet_notifier); |
2819 | |
2820 | #ifdef CONFIG_PROC_FS |
2821 | { |
2822 | @@ -1012,6 +1021,9 @@ static void __exit atm_clip_exit(void) |
2823 | |
2824 | remove_proc_entry("arp", atm_proc_root); |
2825 | |
2826 | + unregister_inetaddr_notifier(&clip_inet_notifier); |
2827 | + unregister_netdevice_notifier(&clip_dev_notifier); |
2828 | + |
2829 | deregister_atm_ioctl(&clip_ioctl_ops); |
2830 | |
2831 | /* First, stop the idle timer, so it stops banging |
2832 | diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c |
2833 | index e060aad..9e27373 100644 |
2834 | --- a/net/bridge/br_netfilter.c |
2835 | +++ b/net/bridge/br_netfilter.c |
2836 | @@ -739,6 +739,15 @@ out: |
2837 | return NF_STOLEN; |
2838 | } |
2839 | |
2840 | +static int br_nf_dev_queue_xmit(struct sk_buff *skb) |
2841 | +{ |
2842 | + if (skb->protocol == htons(ETH_P_IP) && |
2843 | + skb->len > skb->dev->mtu && |
2844 | + !(skb_shinfo(skb)->ufo_size || skb_shinfo(skb)->tso_size)) |
2845 | + return ip_fragment(skb, br_dev_queue_push_xmit); |
2846 | + else |
2847 | + return br_dev_queue_push_xmit(skb); |
2848 | +} |
2849 | |
2850 | /* PF_BRIDGE/POST_ROUTING ********************************************/ |
2851 | static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb, |
2852 | @@ -798,7 +807,7 @@ #if defined(CONFIG_VLAN_8021Q) || define |
2853 | realoutdev = nf_bridge->netoutdev; |
2854 | #endif |
2855 | NF_HOOK(pf, NF_IP_POST_ROUTING, skb, NULL, realoutdev, |
2856 | - br_dev_queue_push_xmit); |
2857 | + br_nf_dev_queue_xmit); |
2858 | |
2859 | return NF_STOLEN; |
2860 | |
2861 | @@ -843,7 +852,7 @@ static unsigned int ip_sabotage_out(unsi |
2862 | if ((out->hard_start_xmit == br_dev_xmit && |
2863 | okfn != br_nf_forward_finish && |
2864 | okfn != br_nf_local_out_finish && |
2865 | - okfn != br_dev_queue_push_xmit) |
2866 | + okfn != br_nf_dev_queue_xmit) |
2867 | #if defined(CONFIG_VLAN_8021Q) || defined(CONFIG_VLAN_8021Q_MODULE) |
2868 | || ((out->priv_flags & IFF_802_1Q_VLAN) && |
2869 | VLAN_DEV_INFO(out)->real_dev->hard_start_xmit == br_dev_xmit) |
2870 | diff --git a/net/core/sock.c b/net/core/sock.c |
2871 | index 6e00811..5621198 100644 |
2872 | --- a/net/core/sock.c |
2873 | +++ b/net/core/sock.c |
2874 | @@ -404,8 +404,9 @@ #ifdef CONFIG_NETDEVICES |
2875 | if (!valbool) { |
2876 | sk->sk_bound_dev_if = 0; |
2877 | } else { |
2878 | - if (optlen > IFNAMSIZ) |
2879 | - optlen = IFNAMSIZ; |
2880 | + if (optlen > IFNAMSIZ - 1) |
2881 | + optlen = IFNAMSIZ - 1; |
2882 | + memset(devname, 0, sizeof(devname)); |
2883 | if (copy_from_user(devname, optval, optlen)) { |
2884 | ret = -EFAULT; |
2885 | break; |
2886 | diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c |
2887 | index e320b32..24009be 100644 |
2888 | --- a/net/ipv4/fib_trie.c |
2889 | +++ b/net/ipv4/fib_trie.c |
2890 | @@ -314,11 +314,6 @@ static void __leaf_free_rcu(struct rcu_h |
2891 | kfree(container_of(head, struct leaf, rcu)); |
2892 | } |
2893 | |
2894 | -static inline void free_leaf(struct leaf *leaf) |
2895 | -{ |
2896 | - call_rcu(&leaf->rcu, __leaf_free_rcu); |
2897 | -} |
2898 | - |
2899 | static void __leaf_info_free_rcu(struct rcu_head *head) |
2900 | { |
2901 | kfree(container_of(head, struct leaf_info, rcu)); |
2902 | @@ -357,7 +352,12 @@ static void __tnode_free_rcu(struct rcu_ |
2903 | |
2904 | static inline void tnode_free(struct tnode *tn) |
2905 | { |
2906 | - call_rcu(&tn->rcu, __tnode_free_rcu); |
2907 | + if(IS_LEAF(tn)) { |
2908 | + struct leaf *l = (struct leaf *) tn; |
2909 | + call_rcu_bh(&l->rcu, __leaf_free_rcu); |
2910 | + } |
2911 | + else |
2912 | + call_rcu(&tn->rcu, __tnode_free_rcu); |
2913 | } |
2914 | |
2915 | static struct leaf *leaf_new(void) |
2916 | diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c |
2917 | index 8ee4d01..8dcba38 100644 |
2918 | --- a/net/ipv4/ip_output.c |
2919 | +++ b/net/ipv4/ip_output.c |
2920 | @@ -86,8 +86,6 @@ #include <linux/tcp.h> |
2921 | |
2922 | int sysctl_ip_default_ttl = IPDEFTTL; |
2923 | |
2924 | -static int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*)); |
2925 | - |
2926 | /* Generate a checksum for an outgoing IP datagram. */ |
2927 | __inline__ void ip_send_check(struct iphdr *iph) |
2928 | { |
2929 | @@ -421,7 +419,7 @@ #endif |
2930 | * single device frame, and queue such a frame for sending. |
2931 | */ |
2932 | |
2933 | -static int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*)) |
2934 | +int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*)) |
2935 | { |
2936 | struct iphdr *iph; |
2937 | int raw = 0; |
2938 | @@ -673,6 +671,8 @@ fail: |
2939 | return err; |
2940 | } |
2941 | |
2942 | +EXPORT_SYMBOL(ip_fragment); |
2943 | + |
2944 | int |
2945 | ip_generic_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb) |
2946 | { |
2947 | @@ -1249,11 +1249,7 @@ int ip_push_pending_frames(struct sock * |
2948 | iph->tos = inet->tos; |
2949 | iph->tot_len = htons(skb->len); |
2950 | iph->frag_off = df; |
2951 | - if (!df) { |
2952 | - __ip_select_ident(iph, &rt->u.dst, 0); |
2953 | - } else { |
2954 | - iph->id = htons(inet->id++); |
2955 | - } |
2956 | + ip_select_ident(iph, &rt->u.dst, sk); |
2957 | iph->ttl = ttl; |
2958 | iph->protocol = sk->sk_protocol; |
2959 | iph->saddr = rt->rt_src; |
2960 | diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c |
2961 | index e0b5926..d4e6d0a 100644 |
2962 | --- a/net/ipv4/netfilter/ip_conntrack_netlink.c |
2963 | +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c |
2964 | @@ -1619,7 +1619,7 @@ static void __exit ctnetlink_exit(void) |
2965 | printk("ctnetlink: unregistering from nfnetlink.\n"); |
2966 | |
2967 | #ifdef CONFIG_IP_NF_CONNTRACK_EVENTS |
2968 | - ip_conntrack_unregister_notifier(&ctnl_notifier_exp); |
2969 | + ip_conntrack_expect_unregister_notifier(&ctnl_notifier_exp); |
2970 | ip_conntrack_unregister_notifier(&ctnl_notifier); |
2971 | #endif |
2972 | |
2973 | diff --git a/net/ipv4/route.c b/net/ipv4/route.c |
2974 | index fca5fe0..a67955e 100644 |
2975 | --- a/net/ipv4/route.c |
2976 | +++ b/net/ipv4/route.c |
2977 | @@ -2750,7 +2750,10 @@ int inet_rtm_getroute(struct sk_buff *in |
2978 | /* Reserve room for dummy headers, this skb can pass |
2979 | through good chunk of routing engine. |
2980 | */ |
2981 | - skb->mac.raw = skb->data; |
2982 | + skb->mac.raw = skb->nh.raw = skb->data; |
2983 | + |
2984 | + /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */ |
2985 | + skb->nh.iph->protocol = IPPROTO_ICMP; |
2986 | skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr)); |
2987 | |
2988 | if (rta[RTA_SRC - 1]) |
2989 | diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c |
2990 | index 9ff3463..40edeef 100644 |
2991 | --- a/net/netfilter/nf_conntrack_netlink.c |
2992 | +++ b/net/netfilter/nf_conntrack_netlink.c |
2993 | @@ -1641,7 +1641,7 @@ static void __exit ctnetlink_exit(void) |
2994 | printk("ctnetlink: unregistering from nfnetlink.\n"); |
2995 | |
2996 | #ifdef CONFIG_NF_CONNTRACK_EVENTS |
2997 | - nf_conntrack_unregister_notifier(&ctnl_notifier_exp); |
2998 | + nf_conntrack_expect_unregister_notifier(&ctnl_notifier_exp); |
2999 | nf_conntrack_unregister_notifier(&ctnl_notifier); |
3000 | #endif |
3001 | |
3002 | diff --git a/security/keys/key.c b/security/keys/key.c |
3003 | index 99781b7..0e2584e 100644 |
3004 | --- a/security/keys/key.c |
3005 | +++ b/security/keys/key.c |
3006 | @@ -785,6 +785,10 @@ key_ref_t key_create_or_update(key_ref_t |
3007 | |
3008 | key_check(keyring); |
3009 | |
3010 | + key_ref = ERR_PTR(-ENOTDIR); |
3011 | + if (keyring->type != &key_type_keyring) |
3012 | + goto error_2; |
3013 | + |
3014 | down_write(&keyring->sem); |
3015 | |
3016 | /* if we're going to allocate a new key, we're going to have |
3017 | diff --git a/security/keys/keyring.c b/security/keys/keyring.c |
3018 | index d65a180..bffa924 100644 |
3019 | --- a/security/keys/keyring.c |
3020 | +++ b/security/keys/keyring.c |
3021 | @@ -437,6 +437,7 @@ EXPORT_SYMBOL(keyring_search); |
3022 | /* |
3023 | * search the given keyring only (no recursion) |
3024 | * - keyring must be locked by caller |
3025 | + * - caller must guarantee that the keyring is a keyring |
3026 | */ |
3027 | key_ref_t __keyring_search_one(key_ref_t keyring_ref, |
3028 | const struct key_type *ktype, |
3029 | diff --git a/sound/isa/opti9xx/opti92x-ad1848.c b/sound/isa/opti9xx/opti92x-ad1848.c |
3030 | index 63d96be..65b28cb 100644 |
3031 | --- a/sound/isa/opti9xx/opti92x-ad1848.c |
3032 | +++ b/sound/isa/opti9xx/opti92x-ad1848.c |
3033 | @@ -2088,9 +2088,11 @@ static int __init alsa_card_opti9xx_init |
3034 | int error; |
3035 | struct platform_device *device; |
3036 | |
3037 | +#ifdef CONFIG_PNP |
3038 | pnp_register_card_driver(&opti9xx_pnpc_driver); |
3039 | if (snd_opti9xx_pnp_is_probed) |
3040 | return 0; |
3041 | +#endif |
3042 | if (! is_isapnp_selected()) { |
3043 | error = platform_driver_register(&snd_opti9xx_driver); |
3044 | if (error < 0) |
3045 | @@ -2102,7 +2104,9 @@ static int __init alsa_card_opti9xx_init |
3046 | } |
3047 | platform_driver_unregister(&snd_opti9xx_driver); |
3048 | } |
3049 | +#ifdef CONFIG_PNP |
3050 | pnp_unregister_card_driver(&opti9xx_pnpc_driver); |
3051 | +#endif |
3052 | #ifdef MODULE |
3053 | printk(KERN_ERR "no OPTi " CHIP_NAME " soundcard found\n"); |
3054 | #endif |
3055 | @@ -2115,7 +2119,9 @@ static void __exit alsa_card_opti9xx_exi |
3056 | platform_device_unregister(snd_opti9xx_platform_device); |
3057 | platform_driver_unregister(&snd_opti9xx_driver); |
3058 | } |
3059 | +#ifdef CONFIG_PNP |
3060 | pnp_unregister_card_driver(&opti9xx_pnpc_driver); |
3061 | +#endif |
3062 | } |
3063 | |
3064 | module_init(alsa_card_opti9xx_init) |
3065 | diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c |
3066 | index b767552..d5cd3a1 100644 |
3067 | --- a/sound/pci/hda/patch_realtek.c |
3068 | +++ b/sound/pci/hda/patch_realtek.c |
3069 | @@ -2948,6 +2948,8 @@ static struct hda_board_config alc260_cf |
3070 | { .modelname = "basic", .config = ALC260_BASIC }, |
3071 | { .pci_subvendor = 0x104d, .pci_subdevice = 0x81bb, |
3072 | .config = ALC260_BASIC }, /* Sony VAIO */ |
3073 | + { .pci_subvendor = 0x152d, .pci_subdevice = 0x0729, |
3074 | + .config = ALC260_BASIC }, /* CTL Travel Master U553W */ |
3075 | { .modelname = "hp", .config = ALC260_HP }, |
3076 | { .pci_subvendor = 0x103c, .pci_subdevice = 0x3010, .config = ALC260_HP }, |
3077 | { .pci_subvendor = 0x103c, .pci_subdevice = 0x3011, .config = ALC260_HP }, |