1 |
commit: b09ce05600fc4d3a5dbb532e7c2d0c20ee67feff |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Nov 27 13:40:39 2012 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Nov 27 13:40:39 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=b09ce056 |
7 |
|
8 |
Grsec/PaX: 2.9.1-{2.6.32.60,3.2.34,3.6.8}-201211261714 |
9 |
|
10 |
--- |
11 |
2.6.32/0000_README | 2 +- |
12 |
..._grsecurity-2.9.1-2.6.32.60-201211261713.patch} | 204 ++- |
13 |
3.2.34/0000_README | 2 +- |
14 |
...420_grsecurity-2.9.1-3.2.34-201211251859.patch} | 162 +- |
15 |
3.6.7/1006_linux-3.6.7.patch | 3082 -------------------- |
16 |
{3.6.7 => 3.6.8}/0000_README | 6 +- |
17 |
.../4420_grsecurity-2.9.1-3.6.8-201211261714.patch | 312 +-- |
18 |
{3.6.7 => 3.6.8}/4425-tmpfs-user-namespace.patch | 0 |
19 |
.../4430_grsec-remove-localversion-grsec.patch | 0 |
20 |
{3.6.7 => 3.6.8}/4435_grsec-mute-warnings.patch | 0 |
21 |
.../4440_grsec-remove-protected-paths.patch | 0 |
22 |
.../4450_grsec-kconfig-default-gids.patch | 0 |
23 |
.../4465_selinux-avc_audit-log-curr_ip.patch | 0 |
24 |
{3.6.7 => 3.6.8}/4470_disable-compat_vdso.patch | 0 |
25 |
14 files changed, 451 insertions(+), 3319 deletions(-) |
26 |
|
27 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
28 |
index 424bb70..05d6bef 100644 |
29 |
--- a/2.6.32/0000_README |
30 |
+++ b/2.6.32/0000_README |
31 |
@@ -34,7 +34,7 @@ Patch: 1059_linux-2.6.32.60.patch |
32 |
From: http://www.kernel.org |
33 |
Desc: Linux 2.6.32.59 |
34 |
|
35 |
-Patch: 4420_grsecurity-2.9.1-2.6.32.60-201211220959.patch |
36 |
+Patch: 4420_grsecurity-2.9.1-2.6.32.60-201211261713.patch |
37 |
From: http://www.grsecurity.net |
38 |
Desc: hardened-sources base patch from upstream grsecurity |
39 |
|
40 |
|
41 |
diff --git a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201211220959.patch b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201211261713.patch |
42 |
similarity index 99% |
43 |
rename from 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201211220959.patch |
44 |
rename to 2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201211261713.patch |
45 |
index 8492134..6c95f6c 100644 |
46 |
--- a/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201211220959.patch |
47 |
+++ b/2.6.32/4420_grsecurity-2.9.1-2.6.32.60-201211261713.patch |
48 |
@@ -3574,6 +3574,30 @@ index 2120746..8d70a5e 100644 |
49 |
|
50 |
DEBUGP("register_unwind_table(), sect = %d at 0x%p - 0x%p (gp=0x%lx)\n", |
51 |
me->arch.unwind_section, table, end, gp); |
52 |
+diff --git a/arch/parisc/kernel/signal32.c b/arch/parisc/kernel/signal32.c |
53 |
+index fb59852..32d43e7 100644 |
54 |
+--- a/arch/parisc/kernel/signal32.c |
55 |
++++ b/arch/parisc/kernel/signal32.c |
56 |
+@@ -68,7 +68,8 @@ put_sigset32(compat_sigset_t __user *up, sigset_t *set, size_t sz) |
57 |
+ { |
58 |
+ compat_sigset_t s; |
59 |
+ |
60 |
+- if (sz != sizeof *set) panic("put_sigset32()"); |
61 |
++ if (sz != sizeof *set) |
62 |
++ return -EINVAL; |
63 |
+ sigset_64to32(&s, set); |
64 |
+ |
65 |
+ return copy_to_user(up, &s, sizeof s); |
66 |
+@@ -80,7 +81,8 @@ get_sigset32(compat_sigset_t __user *up, sigset_t *set, size_t sz) |
67 |
+ compat_sigset_t s; |
68 |
+ int r; |
69 |
+ |
70 |
+- if (sz != sizeof *set) panic("put_sigset32()"); |
71 |
++ if (sz != sizeof *set) |
72 |
++ return -EINVAL; |
73 |
+ |
74 |
+ if ((r = copy_from_user(&s, up, sz)) == 0) { |
75 |
+ sigset_32to64(set, &s); |
76 |
diff --git a/arch/parisc/kernel/sys_parisc.c b/arch/parisc/kernel/sys_parisc.c |
77 |
index 9147391..f3d949a 100644 |
78 |
--- a/arch/parisc/kernel/sys_parisc.c |
79 |
@@ -76721,7 +76745,7 @@ index ff57421..f65f88a 100644 |
80 |
|
81 |
out_free_fd: |
82 |
diff --git a/fs/exec.c b/fs/exec.c |
83 |
-index 86fafc6..25f0d1a 100644 |
84 |
+index 86fafc6..ab06586 100644 |
85 |
--- a/fs/exec.c |
86 |
+++ b/fs/exec.c |
87 |
@@ -56,12 +56,33 @@ |
88 |
@@ -76746,7 +76770,7 @@ index 86fafc6..25f0d1a 100644 |
89 |
+#ifdef CONFIG_PAX_HAVE_ACL_FLAGS |
90 |
+void __weak pax_set_initial_flags(struct linux_binprm *bprm) |
91 |
+{ |
92 |
-+ WARN_ONCE(1, "PAX: PAX_HAVE_ACL_FLAGS was enabled without providing the pax_set_initial_flags callback, this is probably not what you wanted.\n"); |
93 |
++ printk_once(KERN_WARNING "PAX: PAX_HAVE_ACL_FLAGS was enabled without providing the pax_set_initial_flags callback, this is probably not what you wanted.\n"); |
94 |
+} |
95 |
+#endif |
96 |
+ |
97 |
@@ -96993,50 +97017,68 @@ index 4c4e57d..f3c5303 100644 |
98 |
and pointers */ |
99 |
#endif |
100 |
diff --git a/include/linux/init.h b/include/linux/init.h |
101 |
-index ff8bde5..0296174 100644 |
102 |
+index ff8bde5..c7815d8 100644 |
103 |
--- a/include/linux/init.h |
104 |
+++ b/include/linux/init.h |
105 |
-@@ -38,9 +38,15 @@ |
106 |
+@@ -38,9 +38,33 @@ |
107 |
* Also note, that this data cannot be "const". |
108 |
*/ |
109 |
|
110 |
+#ifdef MODULE |
111 |
-+#define add_latent_entropy |
112 |
++#define add_init_latent_entropy |
113 |
++#else |
114 |
++#define add_init_latent_entropy __latent_entropy |
115 |
++#endif |
116 |
++ |
117 |
++#ifdef CONFIG_HOTPLUG |
118 |
++#define add_devinit_latent_entropy |
119 |
++#else |
120 |
++#define add_devinit_latent_entropy __latent_entropy |
121 |
++#endif |
122 |
++ |
123 |
++#ifdef CONFIG_HOTPLUG_CPU |
124 |
++#define add_cpuinit_latent_entropy |
125 |
++#else |
126 |
++#define add_cpuinit_latent_entropy __latent_entropy |
127 |
++#endif |
128 |
++ |
129 |
++#ifdef CONFIG_MEMORY_HOTPLUG |
130 |
++#define add_meminit_latent_entropy |
131 |
+#else |
132 |
-+#define add_latent_entropy __latent_entropy |
133 |
++#define add_meminit_latent_entropy __latent_entropy |
134 |
+#endif |
135 |
+ |
136 |
/* These are for everybody (although not all archs will actually |
137 |
discard it in modules) */ |
138 |
-#define __init __section(.init.text) __cold notrace |
139 |
-+#define __init __section(.init.text) __cold notrace add_latent_entropy |
140 |
++#define __init __section(.init.text) __cold notrace add_init_latent_entropy |
141 |
#define __initdata __section(.init.data) |
142 |
#define __initconst __section(.init.rodata) |
143 |
#define __exitdata __section(.exit.data) |
144 |
-@@ -75,7 +81,7 @@ |
145 |
+@@ -75,7 +99,7 @@ |
146 |
#define __exit __section(.exit.text) __exitused __cold |
147 |
|
148 |
/* Used for HOTPLUG */ |
149 |
-#define __devinit __section(.devinit.text) __cold |
150 |
-+#define __devinit __section(.devinit.text) __cold add_latent_entropy |
151 |
++#define __devinit __section(.devinit.text) __cold add_devinit_latent_entropy |
152 |
#define __devinitdata __section(.devinit.data) |
153 |
#define __devinitconst __section(.devinit.rodata) |
154 |
#define __devexit __section(.devexit.text) __exitused __cold |
155 |
-@@ -83,7 +89,7 @@ |
156 |
+@@ -83,7 +107,7 @@ |
157 |
#define __devexitconst __section(.devexit.rodata) |
158 |
|
159 |
/* Used for HOTPLUG_CPU */ |
160 |
-#define __cpuinit __section(.cpuinit.text) __cold |
161 |
-+#define __cpuinit __section(.cpuinit.text) __cold add_latent_entropy |
162 |
++#define __cpuinit __section(.cpuinit.text) __cold add_cpuinit_latent_entropy |
163 |
#define __cpuinitdata __section(.cpuinit.data) |
164 |
#define __cpuinitconst __section(.cpuinit.rodata) |
165 |
#define __cpuexit __section(.cpuexit.text) __exitused __cold |
166 |
-@@ -91,7 +97,7 @@ |
167 |
+@@ -91,7 +115,7 @@ |
168 |
#define __cpuexitconst __section(.cpuexit.rodata) |
169 |
|
170 |
/* Used for MEMORY_HOTPLUG */ |
171 |
-#define __meminit __section(.meminit.text) __cold |
172 |
-+#define __meminit __section(.meminit.text) __cold add_latent_entropy |
173 |
++#define __meminit __section(.meminit.text) __cold add_meminit_latent_entropy |
174 |
#define __meminitdata __section(.meminit.data) |
175 |
#define __meminitconst __section(.meminit.rodata) |
176 |
#define __memexit __section(.memexit.text) __exitused __cold |
177 |
@@ -101969,7 +102011,7 @@ index c28f804..96ea6cb 100644 |
178 |
else |
179 |
new_fs = fs; |
180 |
diff --git a/kernel/futex.c b/kernel/futex.c |
181 |
-index 9c5ffe1..05b7eb1 100644 |
182 |
+index 9c5ffe1..abe0820 100644 |
183 |
--- a/kernel/futex.c |
184 |
+++ b/kernel/futex.c |
185 |
@@ -54,6 +54,7 @@ |
186 |
@@ -101992,7 +102034,105 @@ index 9c5ffe1..05b7eb1 100644 |
187 |
/* |
188 |
* The futex address must be "naturally" aligned. |
189 |
*/ |
190 |
-@@ -1831,6 +1837,8 @@ static int futex_wait(u32 __user *uaddr, int fshared, |
191 |
+@@ -665,8 +671,8 @@ static int futex_lock_pi_atomic(u32 __user *uaddr, struct futex_hash_bucket *hb, |
192 |
+ struct futex_pi_state **ps, |
193 |
+ struct task_struct *task, int set_waiters) |
194 |
+ { |
195 |
+- int lock_taken, ret, ownerdied = 0; |
196 |
+- u32 uval, newval, curval; |
197 |
++ int lock_taken, ret, force_take = 0; |
198 |
++ u32 uval, newval, curval, vpid = task_pid_vnr(task); |
199 |
+ |
200 |
+ retry: |
201 |
+ ret = lock_taken = 0; |
202 |
+@@ -676,7 +682,7 @@ retry: |
203 |
+ * (by doing a 0 -> TID atomic cmpxchg), while holding all |
204 |
+ * the locks. It will most likely not succeed. |
205 |
+ */ |
206 |
+- newval = task_pid_vnr(task); |
207 |
++ newval = vpid; |
208 |
+ if (set_waiters) |
209 |
+ newval |= FUTEX_WAITERS; |
210 |
+ |
211 |
+@@ -688,7 +694,7 @@ retry: |
212 |
+ /* |
213 |
+ * Detect deadlocks. |
214 |
+ */ |
215 |
+- if ((unlikely((curval & FUTEX_TID_MASK) == task_pid_vnr(task)))) |
216 |
++ if ((unlikely((curval & FUTEX_TID_MASK) == vpid))) |
217 |
+ return -EDEADLK; |
218 |
+ |
219 |
+ /* |
220 |
+@@ -706,17 +712,15 @@ retry: |
221 |
+ newval = curval | FUTEX_WAITERS; |
222 |
+ |
223 |
+ /* |
224 |
+- * There are two cases, where a futex might have no owner (the |
225 |
+- * owner TID is 0): OWNER_DIED. We take over the futex in this |
226 |
+- * case. We also do an unconditional take over, when the owner |
227 |
+- * of the futex died. |
228 |
+- * |
229 |
+- * This is safe as we are protected by the hash bucket lock ! |
230 |
++ * Should we force take the futex? See below. |
231 |
+ */ |
232 |
+- if (unlikely(ownerdied || !(curval & FUTEX_TID_MASK))) { |
233 |
+- /* Keep the OWNER_DIED bit */ |
234 |
+- newval = (curval & ~FUTEX_TID_MASK) | task_pid_vnr(task); |
235 |
+- ownerdied = 0; |
236 |
++ if (unlikely(force_take)) { |
237 |
++ /* |
238 |
++ * Keep the OWNER_DIED and the WAITERS bit and set the |
239 |
++ * new TID value. |
240 |
++ */ |
241 |
++ newval = (curval & ~FUTEX_TID_MASK) | vpid; |
242 |
++ force_take = 0; |
243 |
+ lock_taken = 1; |
244 |
+ } |
245 |
+ |
246 |
+@@ -728,7 +732,7 @@ retry: |
247 |
+ goto retry; |
248 |
+ |
249 |
+ /* |
250 |
+- * We took the lock due to owner died take over. |
251 |
++ * We took the lock due to forced take over. |
252 |
+ */ |
253 |
+ if (unlikely(lock_taken)) |
254 |
+ return 1; |
255 |
+@@ -743,20 +747,25 @@ retry: |
256 |
+ switch (ret) { |
257 |
+ case -ESRCH: |
258 |
+ /* |
259 |
+- * No owner found for this futex. Check if the |
260 |
+- * OWNER_DIED bit is set to figure out whether |
261 |
+- * this is a robust futex or not. |
262 |
++ * We failed to find an owner for this |
263 |
++ * futex. So we have no pi_state to block |
264 |
++ * on. This can happen in two cases: |
265 |
++ * |
266 |
++ * 1) The owner died |
267 |
++ * 2) A stale FUTEX_WAITERS bit |
268 |
++ * |
269 |
++ * Re-read the futex value. |
270 |
+ */ |
271 |
+ if (get_futex_value_locked(&curval, uaddr)) |
272 |
+ return -EFAULT; |
273 |
+ |
274 |
+ /* |
275 |
+- * We simply start over in case of a robust |
276 |
+- * futex. The code above will take the futex |
277 |
+- * and return happy. |
278 |
++ * If the owner died or we have a stale |
279 |
++ * WAITERS bit the owner TID in the user space |
280 |
++ * futex is 0. |
281 |
+ */ |
282 |
+- if (curval & FUTEX_OWNER_DIED) { |
283 |
+- ownerdied = 1; |
284 |
++ if (!(curval & FUTEX_TID_MASK)) { |
285 |
++ force_take = 1; |
286 |
+ goto retry; |
287 |
+ } |
288 |
+ default: |
289 |
+@@ -1831,6 +1840,8 @@ static int futex_wait(u32 __user *uaddr, int fshared, |
290 |
struct futex_q q; |
291 |
int ret; |
292 |
|
293 |
@@ -102001,7 +102141,7 @@ index 9c5ffe1..05b7eb1 100644 |
294 |
if (!bitset) |
295 |
return -EINVAL; |
296 |
|
297 |
-@@ -1883,7 +1891,7 @@ retry: |
298 |
+@@ -1883,7 +1894,7 @@ retry: |
299 |
|
300 |
restart = ¤t_thread_info()->restart_block; |
301 |
restart->fn = futex_wait_restart; |
302 |
@@ -102010,7 +102150,7 @@ index 9c5ffe1..05b7eb1 100644 |
303 |
restart->futex.val = val; |
304 |
restart->futex.time = abs_time->tv64; |
305 |
restart->futex.bitset = bitset; |
306 |
-@@ -2245,6 +2253,8 @@ static int futex_wait_requeue_pi(u32 __user *uaddr, int fshared, |
307 |
+@@ -2245,6 +2256,8 @@ static int futex_wait_requeue_pi(u32 __user *uaddr, int fshared, |
308 |
struct futex_q q; |
309 |
int res, ret; |
310 |
|
311 |
@@ -102019,7 +102159,7 @@ index 9c5ffe1..05b7eb1 100644 |
312 |
if (uaddr == uaddr2) |
313 |
return -EINVAL; |
314 |
|
315 |
-@@ -2438,6 +2448,10 @@ SYSCALL_DEFINE3(get_robust_list, int, pid, |
316 |
+@@ -2438,6 +2451,10 @@ SYSCALL_DEFINE3(get_robust_list, int, pid, |
317 |
if (!p) |
318 |
goto err_unlock; |
319 |
ret = -EPERM; |
320 |
@@ -102030,7 +102170,7 @@ index 9c5ffe1..05b7eb1 100644 |
321 |
pcred = __task_cred(p); |
322 |
if (cred->euid != pcred->euid && |
323 |
cred->euid != pcred->uid && |
324 |
-@@ -2504,7 +2518,7 @@ retry: |
325 |
+@@ -2504,7 +2521,7 @@ retry: |
326 |
*/ |
327 |
static inline int fetch_robust_entry(struct robust_list __user **entry, |
328 |
struct robust_list __user * __user *head, |
329 |
@@ -102039,7 +102179,7 @@ index 9c5ffe1..05b7eb1 100644 |
330 |
{ |
331 |
unsigned long uentry; |
332 |
|
333 |
-@@ -2685,6 +2699,7 @@ static int __init futex_init(void) |
334 |
+@@ -2685,6 +2702,7 @@ static int __init futex_init(void) |
335 |
{ |
336 |
u32 curval; |
337 |
int i; |
338 |
@@ -102047,7 +102187,7 @@ index 9c5ffe1..05b7eb1 100644 |
339 |
|
340 |
/* |
341 |
* This will fail and we want it. Some arch implementations do |
342 |
-@@ -2696,7 +2711,10 @@ static int __init futex_init(void) |
343 |
+@@ -2696,7 +2714,10 @@ static int __init futex_init(void) |
344 |
* implementation, the non functional ones will return |
345 |
* -ENOSYS. |
346 |
*/ |
347 |
@@ -106312,10 +106452,10 @@ index 9ecd6e8..12c94c1 100644 |
348 |
|
349 |
if (atomic_dec_and_test(&kref->refcount)) { |
350 |
diff --git a/lib/list_debug.c b/lib/list_debug.c |
351 |
-index 1a39f4e..c2714ca 100644 |
352 |
+index 1a39f4e..745720b 100644 |
353 |
--- a/lib/list_debug.c |
354 |
+++ b/lib/list_debug.c |
355 |
-@@ -20,14 +20,15 @@ void __list_add(struct list_head *new, |
356 |
+@@ -20,14 +20,18 @@ void __list_add(struct list_head *new, |
357 |
struct list_head *prev, |
358 |
struct list_head *next) |
359 |
{ |
360 |
@@ -106330,12 +106470,15 @@ index 1a39f4e..c2714ca 100644 |
361 |
"list_add corruption. prev->next should be " |
362 |
"next (%p), but was %p. (prev=%p).\n", |
363 |
- next, prev->next, prev); |
364 |
-+ next, prev->next, prev)) |
365 |
++ next, prev->next, prev) || |
366 |
++ WARN(new == prev || new == next, |
367 |
++ "list_add double add: new=%p, prev=%p, next=%p.\n", |
368 |
++ new, prev, next)) |
369 |
+ return; |
370 |
next->prev = new; |
371 |
new->next = next; |
372 |
new->prev = prev; |
373 |
-@@ -43,12 +44,13 @@ EXPORT_SYMBOL(__list_add); |
374 |
+@@ -43,12 +47,13 @@ EXPORT_SYMBOL(__list_add); |
375 |
*/ |
376 |
void list_del(struct list_head *entry) |
377 |
{ |
378 |
@@ -118864,10 +119007,10 @@ index 0000000..a86e422 |
379 |
+} |
380 |
diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c |
381 |
new file mode 100644 |
382 |
-index 0000000..98011fa |
383 |
+index 0000000..8856202 |
384 |
--- /dev/null |
385 |
+++ b/tools/gcc/kernexec_plugin.c |
386 |
-@@ -0,0 +1,427 @@ |
387 |
+@@ -0,0 +1,432 @@ |
388 |
+/* |
389 |
+ * Copyright 2011 by the PaX Team <pageexec@××××××××.hu> |
390 |
+ * Licensed under the GPL v2 |
391 |
@@ -118908,6 +119051,10 @@ index 0000000..98011fa |
392 |
+extern void print_gimple_stmt(FILE *, gimple, int, int); |
393 |
+extern rtx emit_move_insn(rtx x, rtx y); |
394 |
+ |
395 |
++#if BUILDING_GCC_VERSION <= 4006 |
396 |
++#define ANY_RETURN_P(rtx) (GET_CODE(rtx) == RETURN) |
397 |
++#endif |
398 |
++ |
399 |
+int plugin_is_GPL_compatible; |
400 |
+ |
401 |
+static struct plugin_info kernexec_plugin_info = { |
402 |
@@ -119212,6 +119359,7 @@ index 0000000..98011fa |
403 |
+ for (insn = get_insns(); insn; insn = NEXT_INSN(insn)) { |
404 |
+ // rtl match: (jump_insn 41 40 42 2 (return) fptr.c:42 634 {return_internal} (nil)) |
405 |
+ // (jump_insn 12 9 11 2 (parallel [ (return) (unspec [ (0) ] UNSPEC_REP) ]) fptr.c:46 635 {return_internal_long} (nil)) |
406 |
++ // (jump_insn 97 96 98 6 (simple_return) fptr.c:50 -1 (nil) -> simple_return) |
407 |
+ rtx body; |
408 |
+ |
409 |
+ // is it a retn |
410 |
@@ -119220,7 +119368,7 @@ index 0000000..98011fa |
411 |
+ body = PATTERN(insn); |
412 |
+ if (GET_CODE(body) == PARALLEL) |
413 |
+ body = XVECEXP(body, 0, 0); |
414 |
-+ if (GET_CODE(body) != RETURN) |
415 |
++ if (!ANY_RETURN_P(body)) |
416 |
+ continue; |
417 |
+ kernexec_instrument_retaddr(insn); |
418 |
+ } |
419 |
|
420 |
diff --git a/3.2.34/0000_README b/3.2.34/0000_README |
421 |
index 5f22bbb..3c72d25 100644 |
422 |
--- a/3.2.34/0000_README |
423 |
+++ b/3.2.34/0000_README |
424 |
@@ -54,7 +54,7 @@ Patch: 1033_linux-3.2.34.patch |
425 |
From: http://www.kernel.org |
426 |
Desc: Linux 3.2.34 |
427 |
|
428 |
-Patch: 4420_grsecurity-2.9.1-3.2.34-201211220959.patch |
429 |
+Patch: 4420_grsecurity-2.9.1-3.2.34-201211251859.patch |
430 |
From: http://www.grsecurity.net |
431 |
Desc: hardened-sources base patch from upstream grsecurity |
432 |
|
433 |
|
434 |
diff --git a/3.2.34/4420_grsecurity-2.9.1-3.2.34-201211220959.patch b/3.2.34/4420_grsecurity-2.9.1-3.2.34-201211251859.patch |
435 |
similarity index 99% |
436 |
rename from 3.2.34/4420_grsecurity-2.9.1-3.2.34-201211220959.patch |
437 |
rename to 3.2.34/4420_grsecurity-2.9.1-3.2.34-201211251859.patch |
438 |
index f917c5d..a958ea6 100644 |
439 |
--- a/3.2.34/4420_grsecurity-2.9.1-3.2.34-201211220959.patch |
440 |
+++ b/3.2.34/4420_grsecurity-2.9.1-3.2.34-201211251859.patch |
441 |
@@ -3515,6 +3515,30 @@ index 5e34ccf..672bc9c 100644 |
442 |
|
443 |
DEBUGP("register_unwind_table(), sect = %d at 0x%p - 0x%p (gp=0x%lx)\n", |
444 |
me->arch.unwind_section, table, end, gp); |
445 |
+diff --git a/arch/parisc/kernel/signal32.c b/arch/parisc/kernel/signal32.c |
446 |
+index e141324..d0ea054 100644 |
447 |
+--- a/arch/parisc/kernel/signal32.c |
448 |
++++ b/arch/parisc/kernel/signal32.c |
449 |
+@@ -67,7 +67,8 @@ put_sigset32(compat_sigset_t __user *up, sigset_t *set, size_t sz) |
450 |
+ { |
451 |
+ compat_sigset_t s; |
452 |
+ |
453 |
+- if (sz != sizeof *set) panic("put_sigset32()"); |
454 |
++ if (sz != sizeof *set) |
455 |
++ return -EINVAL; |
456 |
+ sigset_64to32(&s, set); |
457 |
+ |
458 |
+ return copy_to_user(up, &s, sizeof s); |
459 |
+@@ -79,7 +80,8 @@ get_sigset32(compat_sigset_t __user *up, sigset_t *set, size_t sz) |
460 |
+ compat_sigset_t s; |
461 |
+ int r; |
462 |
+ |
463 |
+- if (sz != sizeof *set) panic("put_sigset32()"); |
464 |
++ if (sz != sizeof *set) |
465 |
++ return -EINVAL; |
466 |
+ |
467 |
+ if ((r = copy_from_user(&s, up, sz)) == 0) { |
468 |
+ sigset_32to64(set, &s); |
469 |
diff --git a/arch/parisc/kernel/sys_parisc.c b/arch/parisc/kernel/sys_parisc.c |
470 |
index c9b9322..02d8940 100644 |
471 |
--- a/arch/parisc/kernel/sys_parisc.c |
472 |
@@ -45336,7 +45360,7 @@ index a6f3763..f38ed00 100644 |
473 |
|
474 |
out_free_fd: |
475 |
diff --git a/fs/exec.c b/fs/exec.c |
476 |
-index 121ccae..c12bdc7 100644 |
477 |
+index 121ccae..d0404a2 100644 |
478 |
--- a/fs/exec.c |
479 |
+++ b/fs/exec.c |
480 |
@@ -55,12 +55,33 @@ |
481 |
@@ -45361,7 +45385,7 @@ index 121ccae..c12bdc7 100644 |
482 |
+#ifdef CONFIG_PAX_HAVE_ACL_FLAGS |
483 |
+void __weak pax_set_initial_flags(struct linux_binprm *bprm) |
484 |
+{ |
485 |
-+ WARN_ONCE(1, "PAX: PAX_HAVE_ACL_FLAGS was enabled without providing the pax_set_initial_flags callback, this is probably not what you wanted.\n"); |
486 |
++ pr_warn_once("PAX: PAX_HAVE_ACL_FLAGS was enabled without providing the pax_set_initial_flags callback, this is probably not what you wanted.\n"); |
487 |
+} |
488 |
+#endif |
489 |
+ |
490 |
@@ -64036,50 +64060,68 @@ index a6deef4..c56a7f2 100644 |
491 |
and pointers */ |
492 |
#endif |
493 |
diff --git a/include/linux/init.h b/include/linux/init.h |
494 |
-index 9146f39..5c80baf 100644 |
495 |
+index 9146f39..0963f76 100644 |
496 |
--- a/include/linux/init.h |
497 |
+++ b/include/linux/init.h |
498 |
-@@ -38,9 +38,15 @@ |
499 |
+@@ -38,9 +38,33 @@ |
500 |
* Also note, that this data cannot be "const". |
501 |
*/ |
502 |
|
503 |
+#ifdef MODULE |
504 |
-+#define add_latent_entropy |
505 |
++#define add_init_latent_entropy |
506 |
++#else |
507 |
++#define add_init_latent_entropy __latent_entropy |
508 |
++#endif |
509 |
++ |
510 |
++#ifdef CONFIG_HOTPLUG |
511 |
++#define add_devinit_latent_entropy |
512 |
+#else |
513 |
-+#define add_latent_entropy __latent_entropy |
514 |
++#define add_devinit_latent_entropy __latent_entropy |
515 |
++#endif |
516 |
++ |
517 |
++#ifdef CONFIG_HOTPLUG_CPU |
518 |
++#define add_cpuinit_latent_entropy |
519 |
++#else |
520 |
++#define add_cpuinit_latent_entropy __latent_entropy |
521 |
++#endif |
522 |
++ |
523 |
++#ifdef CONFIG_MEMORY_HOTPLUG |
524 |
++#define add_meminit_latent_entropy |
525 |
++#else |
526 |
++#define add_meminit_latent_entropy __latent_entropy |
527 |
+#endif |
528 |
+ |
529 |
/* These are for everybody (although not all archs will actually |
530 |
discard it in modules) */ |
531 |
-#define __init __section(.init.text) __cold notrace |
532 |
-+#define __init __section(.init.text) __cold notrace add_latent_entropy |
533 |
++#define __init __section(.init.text) __cold notrace add_init_latent_entropy |
534 |
#define __initdata __section(.init.data) |
535 |
#define __initconst __section(.init.rodata) |
536 |
#define __exitdata __section(.exit.data) |
537 |
-@@ -82,7 +88,7 @@ |
538 |
+@@ -82,7 +106,7 @@ |
539 |
#define __exit __section(.exit.text) __exitused __cold notrace |
540 |
|
541 |
/* Used for HOTPLUG */ |
542 |
-#define __devinit __section(.devinit.text) __cold notrace |
543 |
-+#define __devinit __section(.devinit.text) __cold notrace add_latent_entropy |
544 |
++#define __devinit __section(.devinit.text) __cold notrace add_devinit_latent_entropy |
545 |
#define __devinitdata __section(.devinit.data) |
546 |
#define __devinitconst __section(.devinit.rodata) |
547 |
#define __devexit __section(.devexit.text) __exitused __cold notrace |
548 |
-@@ -90,7 +96,7 @@ |
549 |
+@@ -90,7 +114,7 @@ |
550 |
#define __devexitconst __section(.devexit.rodata) |
551 |
|
552 |
/* Used for HOTPLUG_CPU */ |
553 |
-#define __cpuinit __section(.cpuinit.text) __cold notrace |
554 |
-+#define __cpuinit __section(.cpuinit.text) __cold notrace add_latent_entropy |
555 |
++#define __cpuinit __section(.cpuinit.text) __cold notrace add_cpuinit_latent_entropy |
556 |
#define __cpuinitdata __section(.cpuinit.data) |
557 |
#define __cpuinitconst __section(.cpuinit.rodata) |
558 |
#define __cpuexit __section(.cpuexit.text) __exitused __cold notrace |
559 |
-@@ -98,7 +104,7 @@ |
560 |
+@@ -98,7 +122,7 @@ |
561 |
#define __cpuexitconst __section(.cpuexit.rodata) |
562 |
|
563 |
/* Used for MEMORY_HOTPLUG */ |
564 |
-#define __meminit __section(.meminit.text) __cold notrace |
565 |
-+#define __meminit __section(.meminit.text) __cold notrace add_latent_entropy |
566 |
++#define __meminit __section(.meminit.text) __cold notrace add_meminit_latent_entropy |
567 |
#define __meminitdata __section(.meminit.data) |
568 |
#define __meminitconst __section(.meminit.rodata) |
569 |
#define __memexit __section(.memexit.text) __exitused __cold notrace |
570 |
@@ -68764,7 +68806,7 @@ index 222457a..de637ca 100644 |
571 |
else |
572 |
new_fs = fs; |
573 |
diff --git a/kernel/futex.c b/kernel/futex.c |
574 |
-index 80fb1c6..23d88d8 100644 |
575 |
+index 80fb1c6..2238366 100644 |
576 |
--- a/kernel/futex.c |
577 |
+++ b/kernel/futex.c |
578 |
@@ -54,6 +54,7 @@ |
579 |
@@ -68787,7 +68829,84 @@ index 80fb1c6..23d88d8 100644 |
580 |
/* |
581 |
* The futex address must be "naturally" aligned. |
582 |
*/ |
583 |
-@@ -2724,6 +2730,7 @@ static int __init futex_init(void) |
584 |
+@@ -716,7 +722,7 @@ static int futex_lock_pi_atomic(u32 __user *uaddr, struct futex_hash_bucket *hb, |
585 |
+ struct futex_pi_state **ps, |
586 |
+ struct task_struct *task, int set_waiters) |
587 |
+ { |
588 |
+- int lock_taken, ret, ownerdied = 0; |
589 |
++ int lock_taken, ret, force_take = 0; |
590 |
+ u32 uval, newval, curval, vpid = task_pid_vnr(task); |
591 |
+ |
592 |
+ retry: |
593 |
+@@ -755,17 +761,15 @@ retry: |
594 |
+ newval = curval | FUTEX_WAITERS; |
595 |
+ |
596 |
+ /* |
597 |
+- * There are two cases, where a futex might have no owner (the |
598 |
+- * owner TID is 0): OWNER_DIED. We take over the futex in this |
599 |
+- * case. We also do an unconditional take over, when the owner |
600 |
+- * of the futex died. |
601 |
+- * |
602 |
+- * This is safe as we are protected by the hash bucket lock ! |
603 |
++ * Should we force take the futex? See below. |
604 |
+ */ |
605 |
+- if (unlikely(ownerdied || !(curval & FUTEX_TID_MASK))) { |
606 |
+- /* Keep the OWNER_DIED bit */ |
607 |
++ if (unlikely(force_take)) { |
608 |
++ /* |
609 |
++ * Keep the OWNER_DIED and the WAITERS bit and set the |
610 |
++ * new TID value. |
611 |
++ */ |
612 |
+ newval = (curval & ~FUTEX_TID_MASK) | vpid; |
613 |
+- ownerdied = 0; |
614 |
++ force_take = 0; |
615 |
+ lock_taken = 1; |
616 |
+ } |
617 |
+ |
618 |
+@@ -775,7 +779,7 @@ retry: |
619 |
+ goto retry; |
620 |
+ |
621 |
+ /* |
622 |
+- * We took the lock due to owner died take over. |
623 |
++ * We took the lock due to forced take over. |
624 |
+ */ |
625 |
+ if (unlikely(lock_taken)) |
626 |
+ return 1; |
627 |
+@@ -790,20 +794,25 @@ retry: |
628 |
+ switch (ret) { |
629 |
+ case -ESRCH: |
630 |
+ /* |
631 |
+- * No owner found for this futex. Check if the |
632 |
+- * OWNER_DIED bit is set to figure out whether |
633 |
+- * this is a robust futex or not. |
634 |
++ * We failed to find an owner for this |
635 |
++ * futex. So we have no pi_state to block |
636 |
++ * on. This can happen in two cases: |
637 |
++ * |
638 |
++ * 1) The owner died |
639 |
++ * 2) A stale FUTEX_WAITERS bit |
640 |
++ * |
641 |
++ * Re-read the futex value. |
642 |
+ */ |
643 |
+ if (get_futex_value_locked(&curval, uaddr)) |
644 |
+ return -EFAULT; |
645 |
+ |
646 |
+ /* |
647 |
+- * We simply start over in case of a robust |
648 |
+- * futex. The code above will take the futex |
649 |
+- * and return happy. |
650 |
++ * If the owner died or we have a stale |
651 |
++ * WAITERS bit the owner TID in the user space |
652 |
++ * futex is 0. |
653 |
+ */ |
654 |
+- if (curval & FUTEX_OWNER_DIED) { |
655 |
+- ownerdied = 1; |
656 |
++ if (!(curval & FUTEX_TID_MASK)) { |
657 |
++ force_take = 1; |
658 |
+ goto retry; |
659 |
+ } |
660 |
+ default: |
661 |
+@@ -2724,6 +2733,7 @@ static int __init futex_init(void) |
662 |
{ |
663 |
u32 curval; |
664 |
int i; |
665 |
@@ -68795,7 +68914,7 @@ index 80fb1c6..23d88d8 100644 |
666 |
|
667 |
/* |
668 |
* This will fail and we want it. Some arch implementations do |
669 |
-@@ -2735,8 +2742,11 @@ static int __init futex_init(void) |
670 |
+@@ -2735,8 +2745,11 @@ static int __init futex_init(void) |
671 |
* implementation, the non-functional ones will return |
672 |
* -ENOSYS. |
673 |
*/ |
674 |
@@ -85101,10 +85220,10 @@ index 0000000..a86e422 |
675 |
+} |
676 |
diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c |
677 |
new file mode 100644 |
678 |
-index 0000000..98011fa |
679 |
+index 0000000..8856202 |
680 |
--- /dev/null |
681 |
+++ b/tools/gcc/kernexec_plugin.c |
682 |
-@@ -0,0 +1,427 @@ |
683 |
+@@ -0,0 +1,432 @@ |
684 |
+/* |
685 |
+ * Copyright 2011 by the PaX Team <pageexec@××××××××.hu> |
686 |
+ * Licensed under the GPL v2 |
687 |
@@ -85145,6 +85264,10 @@ index 0000000..98011fa |
688 |
+extern void print_gimple_stmt(FILE *, gimple, int, int); |
689 |
+extern rtx emit_move_insn(rtx x, rtx y); |
690 |
+ |
691 |
++#if BUILDING_GCC_VERSION <= 4006 |
692 |
++#define ANY_RETURN_P(rtx) (GET_CODE(rtx) == RETURN) |
693 |
++#endif |
694 |
++ |
695 |
+int plugin_is_GPL_compatible; |
696 |
+ |
697 |
+static struct plugin_info kernexec_plugin_info = { |
698 |
@@ -85449,6 +85572,7 @@ index 0000000..98011fa |
699 |
+ for (insn = get_insns(); insn; insn = NEXT_INSN(insn)) { |
700 |
+ // rtl match: (jump_insn 41 40 42 2 (return) fptr.c:42 634 {return_internal} (nil)) |
701 |
+ // (jump_insn 12 9 11 2 (parallel [ (return) (unspec [ (0) ] UNSPEC_REP) ]) fptr.c:46 635 {return_internal_long} (nil)) |
702 |
++ // (jump_insn 97 96 98 6 (simple_return) fptr.c:50 -1 (nil) -> simple_return) |
703 |
+ rtx body; |
704 |
+ |
705 |
+ // is it a retn |
706 |
@@ -85457,7 +85581,7 @@ index 0000000..98011fa |
707 |
+ body = PATTERN(insn); |
708 |
+ if (GET_CODE(body) == PARALLEL) |
709 |
+ body = XVECEXP(body, 0, 0); |
710 |
-+ if (GET_CODE(body) != RETURN) |
711 |
++ if (!ANY_RETURN_P(body)) |
712 |
+ continue; |
713 |
+ kernexec_instrument_retaddr(insn); |
714 |
+ } |
715 |
|
716 |
diff --git a/3.6.7/1006_linux-3.6.7.patch b/3.6.7/1006_linux-3.6.7.patch |
717 |
deleted file mode 100644 |
718 |
index 4b496eb..0000000 |
719 |
--- a/3.6.7/1006_linux-3.6.7.patch |
720 |
+++ /dev/null |
721 |
@@ -1,3082 +0,0 @@ |
722 |
-diff --git a/Makefile b/Makefile |
723 |
-index 471b83c..07f2308 100644 |
724 |
---- a/Makefile |
725 |
-+++ b/Makefile |
726 |
-@@ -1,6 +1,6 @@ |
727 |
- VERSION = 3 |
728 |
- PATCHLEVEL = 6 |
729 |
--SUBLEVEL = 6 |
730 |
-+SUBLEVEL = 7 |
731 |
- EXTRAVERSION = |
732 |
- NAME = Terrified Chipmunk |
733 |
- |
734 |
-diff --git a/arch/x86/xen/mmu.c b/arch/x86/xen/mmu.c |
735 |
-index 5141d80..dde1a3f 100644 |
736 |
---- a/arch/x86/xen/mmu.c |
737 |
-+++ b/arch/x86/xen/mmu.c |
738 |
-@@ -1215,6 +1215,25 @@ unsigned long xen_read_cr2_direct(void) |
739 |
- return this_cpu_read(xen_vcpu_info.arch.cr2); |
740 |
- } |
741 |
- |
742 |
-+void xen_flush_tlb_all(void) |
743 |
-+{ |
744 |
-+ struct mmuext_op *op; |
745 |
-+ struct multicall_space mcs; |
746 |
-+ |
747 |
-+ trace_xen_mmu_flush_tlb_all(0); |
748 |
-+ |
749 |
-+ preempt_disable(); |
750 |
-+ |
751 |
-+ mcs = xen_mc_entry(sizeof(*op)); |
752 |
-+ |
753 |
-+ op = mcs.args; |
754 |
-+ op->cmd = MMUEXT_TLB_FLUSH_ALL; |
755 |
-+ MULTI_mmuext_op(mcs.mc, op, 1, NULL, DOMID_SELF); |
756 |
-+ |
757 |
-+ xen_mc_issue(PARAVIRT_LAZY_MMU); |
758 |
-+ |
759 |
-+ preempt_enable(); |
760 |
-+} |
761 |
- static void xen_flush_tlb(void) |
762 |
- { |
763 |
- struct mmuext_op *op; |
764 |
-@@ -2366,7 +2385,7 @@ int xen_remap_domain_mfn_range(struct vm_area_struct *vma, |
765 |
- err = 0; |
766 |
- out: |
767 |
- |
768 |
-- flush_tlb_all(); |
769 |
-+ xen_flush_tlb_all(); |
770 |
- |
771 |
- return err; |
772 |
- } |
773 |
-diff --git a/drivers/gpu/drm/drm_fops.c b/drivers/gpu/drm/drm_fops.c |
774 |
-index 5062eec..7aff5c7 100644 |
775 |
---- a/drivers/gpu/drm/drm_fops.c |
776 |
-+++ b/drivers/gpu/drm/drm_fops.c |
777 |
-@@ -121,6 +121,8 @@ int drm_open(struct inode *inode, struct file *filp) |
778 |
- int minor_id = iminor(inode); |
779 |
- struct drm_minor *minor; |
780 |
- int retcode = 0; |
781 |
-+ int need_setup = 0; |
782 |
-+ struct address_space *old_mapping; |
783 |
- |
784 |
- minor = idr_find(&drm_minors_idr, minor_id); |
785 |
- if (!minor) |
786 |
-@@ -132,23 +134,37 @@ int drm_open(struct inode *inode, struct file *filp) |
787 |
- if (drm_device_is_unplugged(dev)) |
788 |
- return -ENODEV; |
789 |
- |
790 |
-+ if (!dev->open_count++) |
791 |
-+ need_setup = 1; |
792 |
-+ mutex_lock(&dev->struct_mutex); |
793 |
-+ old_mapping = dev->dev_mapping; |
794 |
-+ if (old_mapping == NULL) |
795 |
-+ dev->dev_mapping = &inode->i_data; |
796 |
-+ /* ihold ensures nobody can remove inode with our i_data */ |
797 |
-+ ihold(container_of(dev->dev_mapping, struct inode, i_data)); |
798 |
-+ inode->i_mapping = dev->dev_mapping; |
799 |
-+ filp->f_mapping = dev->dev_mapping; |
800 |
-+ mutex_unlock(&dev->struct_mutex); |
801 |
-+ |
802 |
- retcode = drm_open_helper(inode, filp, dev); |
803 |
-- if (!retcode) { |
804 |
-- atomic_inc(&dev->counts[_DRM_STAT_OPENS]); |
805 |
-- if (!dev->open_count++) |
806 |
-- retcode = drm_setup(dev); |
807 |
-- } |
808 |
-- if (!retcode) { |
809 |
-- mutex_lock(&dev->struct_mutex); |
810 |
-- if (dev->dev_mapping == NULL) |
811 |
-- dev->dev_mapping = &inode->i_data; |
812 |
-- /* ihold ensures nobody can remove inode with our i_data */ |
813 |
-- ihold(container_of(dev->dev_mapping, struct inode, i_data)); |
814 |
-- inode->i_mapping = dev->dev_mapping; |
815 |
-- filp->f_mapping = dev->dev_mapping; |
816 |
-- mutex_unlock(&dev->struct_mutex); |
817 |
-+ if (retcode) |
818 |
-+ goto err_undo; |
819 |
-+ atomic_inc(&dev->counts[_DRM_STAT_OPENS]); |
820 |
-+ if (need_setup) { |
821 |
-+ retcode = drm_setup(dev); |
822 |
-+ if (retcode) |
823 |
-+ goto err_undo; |
824 |
- } |
825 |
-+ return 0; |
826 |
- |
827 |
-+err_undo: |
828 |
-+ mutex_lock(&dev->struct_mutex); |
829 |
-+ filp->f_mapping = old_mapping; |
830 |
-+ inode->i_mapping = old_mapping; |
831 |
-+ iput(container_of(dev->dev_mapping, struct inode, i_data)); |
832 |
-+ dev->dev_mapping = old_mapping; |
833 |
-+ mutex_unlock(&dev->struct_mutex); |
834 |
-+ dev->open_count--; |
835 |
- return retcode; |
836 |
- } |
837 |
- EXPORT_SYMBOL(drm_open); |
838 |
-diff --git a/drivers/gpu/drm/i915/i915_dma.c b/drivers/gpu/drm/i915/i915_dma.c |
839 |
-index 914c0df..0969a7c 100644 |
840 |
---- a/drivers/gpu/drm/i915/i915_dma.c |
841 |
-+++ b/drivers/gpu/drm/i915/i915_dma.c |
842 |
-@@ -1484,7 +1484,8 @@ int i915_driver_load(struct drm_device *dev, unsigned long flags) |
843 |
- goto put_gmch; |
844 |
- } |
845 |
- |
846 |
-- i915_kick_out_firmware_fb(dev_priv); |
847 |
-+ if (drm_core_check_feature(dev, DRIVER_MODESET)) |
848 |
-+ i915_kick_out_firmware_fb(dev_priv); |
849 |
- |
850 |
- pci_set_master(dev->pdev); |
851 |
- |
852 |
-diff --git a/drivers/gpu/drm/i915/intel_overlay.c b/drivers/gpu/drm/i915/intel_overlay.c |
853 |
-index 830d0dd..cf49a57 100644 |
854 |
---- a/drivers/gpu/drm/i915/intel_overlay.c |
855 |
-+++ b/drivers/gpu/drm/i915/intel_overlay.c |
856 |
-@@ -431,9 +431,17 @@ static int intel_overlay_off(struct intel_overlay *overlay) |
857 |
- intel_ring_emit(ring, flip_addr); |
858 |
- intel_ring_emit(ring, MI_WAIT_FOR_EVENT | MI_WAIT_FOR_OVERLAY_FLIP); |
859 |
- /* turn overlay off */ |
860 |
-- intel_ring_emit(ring, MI_OVERLAY_FLIP | MI_OVERLAY_OFF); |
861 |
-- intel_ring_emit(ring, flip_addr); |
862 |
-- intel_ring_emit(ring, MI_WAIT_FOR_EVENT | MI_WAIT_FOR_OVERLAY_FLIP); |
863 |
-+ if (IS_I830(dev)) { |
864 |
-+ /* Workaround: Don't disable the overlay fully, since otherwise |
865 |
-+ * it dies on the next OVERLAY_ON cmd. */ |
866 |
-+ intel_ring_emit(ring, MI_NOOP); |
867 |
-+ intel_ring_emit(ring, MI_NOOP); |
868 |
-+ intel_ring_emit(ring, MI_NOOP); |
869 |
-+ } else { |
870 |
-+ intel_ring_emit(ring, MI_OVERLAY_FLIP | MI_OVERLAY_OFF); |
871 |
-+ intel_ring_emit(ring, flip_addr); |
872 |
-+ intel_ring_emit(ring, MI_WAIT_FOR_EVENT | MI_WAIT_FOR_OVERLAY_FLIP); |
873 |
-+ } |
874 |
- intel_ring_advance(ring); |
875 |
- |
876 |
- return intel_overlay_do_wait_request(overlay, request, |
877 |
-diff --git a/drivers/gpu/drm/i915/intel_sdvo.c b/drivers/gpu/drm/i915/intel_sdvo.c |
878 |
-index 123afd3..20cb52d 100644 |
879 |
---- a/drivers/gpu/drm/i915/intel_sdvo.c |
880 |
-+++ b/drivers/gpu/drm/i915/intel_sdvo.c |
881 |
-@@ -882,6 +882,45 @@ static void intel_sdvo_dump_hdmi_buf(struct intel_sdvo *intel_sdvo) |
882 |
- } |
883 |
- #endif |
884 |
- |
885 |
-+static bool intel_sdvo_write_infoframe(struct intel_sdvo *intel_sdvo, |
886 |
-+ unsigned if_index, uint8_t tx_rate, |
887 |
-+ uint8_t *data, unsigned length) |
888 |
-+{ |
889 |
-+ uint8_t set_buf_index[2] = { if_index, 0 }; |
890 |
-+ uint8_t hbuf_size, tmp[8]; |
891 |
-+ int i; |
892 |
-+ |
893 |
-+ if (!intel_sdvo_set_value(intel_sdvo, |
894 |
-+ SDVO_CMD_SET_HBUF_INDEX, |
895 |
-+ set_buf_index, 2)) |
896 |
-+ return false; |
897 |
-+ |
898 |
-+ if (!intel_sdvo_get_value(intel_sdvo, SDVO_CMD_GET_HBUF_INFO, |
899 |
-+ &hbuf_size, 1)) |
900 |
-+ return false; |
901 |
-+ |
902 |
-+ /* Buffer size is 0 based, hooray! */ |
903 |
-+ hbuf_size++; |
904 |
-+ |
905 |
-+ DRM_DEBUG_KMS("writing sdvo hbuf: %i, hbuf_size %i, hbuf_size: %i\n", |
906 |
-+ if_index, length, hbuf_size); |
907 |
-+ |
908 |
-+ for (i = 0; i < hbuf_size; i += 8) { |
909 |
-+ memset(tmp, 0, 8); |
910 |
-+ if (i < length) |
911 |
-+ memcpy(tmp, data + i, min_t(unsigned, 8, length - i)); |
912 |
-+ |
913 |
-+ if (!intel_sdvo_set_value(intel_sdvo, |
914 |
-+ SDVO_CMD_SET_HBUF_DATA, |
915 |
-+ tmp, 8)) |
916 |
-+ return false; |
917 |
-+ } |
918 |
-+ |
919 |
-+ return intel_sdvo_set_value(intel_sdvo, |
920 |
-+ SDVO_CMD_SET_HBUF_TXRATE, |
921 |
-+ &tx_rate, 1); |
922 |
-+} |
923 |
-+ |
924 |
- static bool intel_sdvo_set_avi_infoframe(struct intel_sdvo *intel_sdvo) |
925 |
- { |
926 |
- struct dip_infoframe avi_if = { |
927 |
-@@ -889,11 +928,7 @@ static bool intel_sdvo_set_avi_infoframe(struct intel_sdvo *intel_sdvo) |
928 |
- .ver = DIP_VERSION_AVI, |
929 |
- .len = DIP_LEN_AVI, |
930 |
- }; |
931 |
-- uint8_t tx_rate = SDVO_HBUF_TX_VSYNC; |
932 |
-- uint8_t set_buf_index[2] = { 1, 0 }; |
933 |
- uint8_t sdvo_data[4 + sizeof(avi_if.body.avi)]; |
934 |
-- uint64_t *data = (uint64_t *)sdvo_data; |
935 |
-- unsigned i; |
936 |
- |
937 |
- intel_dip_infoframe_csum(&avi_if); |
938 |
- |
939 |
-@@ -903,22 +938,9 @@ static bool intel_sdvo_set_avi_infoframe(struct intel_sdvo *intel_sdvo) |
940 |
- sdvo_data[3] = avi_if.checksum; |
941 |
- memcpy(&sdvo_data[4], &avi_if.body, sizeof(avi_if.body.avi)); |
942 |
- |
943 |
-- if (!intel_sdvo_set_value(intel_sdvo, |
944 |
-- SDVO_CMD_SET_HBUF_INDEX, |
945 |
-- set_buf_index, 2)) |
946 |
-- return false; |
947 |
-- |
948 |
-- for (i = 0; i < sizeof(sdvo_data); i += 8) { |
949 |
-- if (!intel_sdvo_set_value(intel_sdvo, |
950 |
-- SDVO_CMD_SET_HBUF_DATA, |
951 |
-- data, 8)) |
952 |
-- return false; |
953 |
-- data++; |
954 |
-- } |
955 |
-- |
956 |
-- return intel_sdvo_set_value(intel_sdvo, |
957 |
-- SDVO_CMD_SET_HBUF_TXRATE, |
958 |
-- &tx_rate, 1); |
959 |
-+ return intel_sdvo_write_infoframe(intel_sdvo, SDVO_HBUF_INDEX_AVI_IF, |
960 |
-+ SDVO_HBUF_TX_VSYNC, |
961 |
-+ sdvo_data, sizeof(sdvo_data)); |
962 |
- } |
963 |
- |
964 |
- static bool intel_sdvo_set_tv_format(struct intel_sdvo *intel_sdvo) |
965 |
-diff --git a/drivers/gpu/drm/i915/intel_sdvo_regs.h b/drivers/gpu/drm/i915/intel_sdvo_regs.h |
966 |
-index 9d03014..770bdd6 100644 |
967 |
---- a/drivers/gpu/drm/i915/intel_sdvo_regs.h |
968 |
-+++ b/drivers/gpu/drm/i915/intel_sdvo_regs.h |
969 |
-@@ -708,6 +708,8 @@ struct intel_sdvo_enhancements_arg { |
970 |
- #define SDVO_CMD_SET_AUDIO_STAT 0x91 |
971 |
- #define SDVO_CMD_GET_AUDIO_STAT 0x92 |
972 |
- #define SDVO_CMD_SET_HBUF_INDEX 0x93 |
973 |
-+ #define SDVO_HBUF_INDEX_ELD 0 |
974 |
-+ #define SDVO_HBUF_INDEX_AVI_IF 1 |
975 |
- #define SDVO_CMD_GET_HBUF_INDEX 0x94 |
976 |
- #define SDVO_CMD_GET_HBUF_INFO 0x95 |
977 |
- #define SDVO_CMD_SET_HBUF_AV_SPLIT 0x96 |
978 |
-diff --git a/drivers/gpu/drm/radeon/evergreen_cs.c b/drivers/gpu/drm/radeon/evergreen_cs.c |
979 |
-index e932810..4a33cdc 100644 |
980 |
---- a/drivers/gpu/drm/radeon/evergreen_cs.c |
981 |
-+++ b/drivers/gpu/drm/radeon/evergreen_cs.c |
982 |
-@@ -2725,6 +2725,9 @@ static bool evergreen_vm_reg_valid(u32 reg) |
983 |
- /* check config regs */ |
984 |
- switch (reg) { |
985 |
- case GRBM_GFX_INDEX: |
986 |
-+ case CP_STRMOUT_CNTL: |
987 |
-+ case CP_COHER_CNTL: |
988 |
-+ case CP_COHER_SIZE: |
989 |
- case VGT_VTX_VECT_EJECT_REG: |
990 |
- case VGT_CACHE_INVALIDATION: |
991 |
- case VGT_GS_VERTEX_REUSE: |
992 |
-diff --git a/drivers/gpu/drm/radeon/evergreend.h b/drivers/gpu/drm/radeon/evergreend.h |
993 |
-index 7934785..302af4f 100644 |
994 |
---- a/drivers/gpu/drm/radeon/evergreend.h |
995 |
-+++ b/drivers/gpu/drm/radeon/evergreend.h |
996 |
-@@ -87,6 +87,10 @@ |
997 |
- |
998 |
- #define CONFIG_MEMSIZE 0x5428 |
999 |
- |
1000 |
-+#define CP_STRMOUT_CNTL 0x84FC |
1001 |
-+ |
1002 |
-+#define CP_COHER_CNTL 0x85F0 |
1003 |
-+#define CP_COHER_SIZE 0x85F4 |
1004 |
- #define CP_COHER_BASE 0x85F8 |
1005 |
- #define CP_STALLED_STAT1 0x8674 |
1006 |
- #define CP_STALLED_STAT2 0x8678 |
1007 |
-diff --git a/drivers/gpu/drm/radeon/radeon_legacy_encoders.c b/drivers/gpu/drm/radeon/radeon_legacy_encoders.c |
1008 |
-index d16f50f..dd402bb 100644 |
1009 |
---- a/drivers/gpu/drm/radeon/radeon_legacy_encoders.c |
1010 |
-+++ b/drivers/gpu/drm/radeon/radeon_legacy_encoders.c |
1011 |
-@@ -651,6 +651,7 @@ static enum drm_connector_status radeon_legacy_primary_dac_detect(struct drm_enc |
1012 |
- tmp |= RADEON_DAC_RANGE_CNTL_PS2 | RADEON_DAC_CMP_EN; |
1013 |
- WREG32(RADEON_DAC_CNTL, tmp); |
1014 |
- |
1015 |
-+ tmp = dac_macro_cntl; |
1016 |
- tmp &= ~(RADEON_DAC_PDWN_R | |
1017 |
- RADEON_DAC_PDWN_G | |
1018 |
- RADEON_DAC_PDWN_B); |
1019 |
-diff --git a/drivers/gpu/drm/radeon/si.c b/drivers/gpu/drm/radeon/si.c |
1020 |
-index 0139e22..6ab4a90 100644 |
1021 |
---- a/drivers/gpu/drm/radeon/si.c |
1022 |
-+++ b/drivers/gpu/drm/radeon/si.c |
1023 |
-@@ -2472,6 +2472,7 @@ static bool si_vm_reg_valid(u32 reg) |
1024 |
- /* check config regs */ |
1025 |
- switch (reg) { |
1026 |
- case GRBM_GFX_INDEX: |
1027 |
-+ case CP_STRMOUT_CNTL: |
1028 |
- case VGT_VTX_VECT_EJECT_REG: |
1029 |
- case VGT_CACHE_INVALIDATION: |
1030 |
- case VGT_ESGS_RING_SIZE: |
1031 |
-diff --git a/drivers/gpu/drm/radeon/sid.h b/drivers/gpu/drm/radeon/sid.h |
1032 |
-index ef4815c..6f0083a 100644 |
1033 |
---- a/drivers/gpu/drm/radeon/sid.h |
1034 |
-+++ b/drivers/gpu/drm/radeon/sid.h |
1035 |
-@@ -424,6 +424,7 @@ |
1036 |
- # define RDERR_INT_ENABLE (1 << 0) |
1037 |
- # define GUI_IDLE_INT_ENABLE (1 << 19) |
1038 |
- |
1039 |
-+#define CP_STRMOUT_CNTL 0x84FC |
1040 |
- #define SCRATCH_REG0 0x8500 |
1041 |
- #define SCRATCH_REG1 0x8504 |
1042 |
- #define SCRATCH_REG2 0x8508 |
1043 |
-diff --git a/drivers/gpu/drm/udl/udl_drv.h b/drivers/gpu/drm/udl/udl_drv.h |
1044 |
-index fccd361..87aa5f5 100644 |
1045 |
---- a/drivers/gpu/drm/udl/udl_drv.h |
1046 |
-+++ b/drivers/gpu/drm/udl/udl_drv.h |
1047 |
-@@ -104,7 +104,7 @@ udl_fb_user_fb_create(struct drm_device *dev, |
1048 |
- |
1049 |
- int udl_render_hline(struct drm_device *dev, int bpp, struct urb **urb_ptr, |
1050 |
- const char *front, char **urb_buf_ptr, |
1051 |
-- u32 byte_offset, u32 byte_width, |
1052 |
-+ u32 byte_offset, u32 device_byte_offset, u32 byte_width, |
1053 |
- int *ident_ptr, int *sent_ptr); |
1054 |
- |
1055 |
- int udl_dumb_create(struct drm_file *file_priv, |
1056 |
-diff --git a/drivers/gpu/drm/udl/udl_fb.c b/drivers/gpu/drm/udl/udl_fb.c |
1057 |
-index ce9a611..6f6ca50 100644 |
1058 |
---- a/drivers/gpu/drm/udl/udl_fb.c |
1059 |
-+++ b/drivers/gpu/drm/udl/udl_fb.c |
1060 |
-@@ -114,9 +114,10 @@ static void udlfb_dpy_deferred_io(struct fb_info *info, |
1061 |
- list_for_each_entry(cur, &fbdefio->pagelist, lru) { |
1062 |
- |
1063 |
- if (udl_render_hline(dev, (ufbdev->ufb.base.bits_per_pixel / 8), |
1064 |
-- &urb, (char *) info->fix.smem_start, |
1065 |
-- &cmd, cur->index << PAGE_SHIFT, |
1066 |
-- PAGE_SIZE, &bytes_identical, &bytes_sent)) |
1067 |
-+ &urb, (char *) info->fix.smem_start, |
1068 |
-+ &cmd, cur->index << PAGE_SHIFT, |
1069 |
-+ cur->index << PAGE_SHIFT, |
1070 |
-+ PAGE_SIZE, &bytes_identical, &bytes_sent)) |
1071 |
- goto error; |
1072 |
- bytes_rendered += PAGE_SIZE; |
1073 |
- } |
1074 |
-@@ -187,10 +188,11 @@ int udl_handle_damage(struct udl_framebuffer *fb, int x, int y, |
1075 |
- for (i = y; i < y + height ; i++) { |
1076 |
- const int line_offset = fb->base.pitches[0] * i; |
1077 |
- const int byte_offset = line_offset + (x * bpp); |
1078 |
-- |
1079 |
-+ const int dev_byte_offset = (fb->base.width * bpp * i) + (x * bpp); |
1080 |
- if (udl_render_hline(dev, bpp, &urb, |
1081 |
- (char *) fb->obj->vmapping, |
1082 |
-- &cmd, byte_offset, width * bpp, |
1083 |
-+ &cmd, byte_offset, dev_byte_offset, |
1084 |
-+ width * bpp, |
1085 |
- &bytes_identical, &bytes_sent)) |
1086 |
- goto error; |
1087 |
- } |
1088 |
-diff --git a/drivers/gpu/drm/udl/udl_transfer.c b/drivers/gpu/drm/udl/udl_transfer.c |
1089 |
-index b9320e2..fc11344 100644 |
1090 |
---- a/drivers/gpu/drm/udl/udl_transfer.c |
1091 |
-+++ b/drivers/gpu/drm/udl/udl_transfer.c |
1092 |
-@@ -213,11 +213,12 @@ static void udl_compress_hline16( |
1093 |
- */ |
1094 |
- int udl_render_hline(struct drm_device *dev, int bpp, struct urb **urb_ptr, |
1095 |
- const char *front, char **urb_buf_ptr, |
1096 |
-- u32 byte_offset, u32 byte_width, |
1097 |
-+ u32 byte_offset, u32 device_byte_offset, |
1098 |
-+ u32 byte_width, |
1099 |
- int *ident_ptr, int *sent_ptr) |
1100 |
- { |
1101 |
- const u8 *line_start, *line_end, *next_pixel; |
1102 |
-- u32 base16 = 0 + (byte_offset / bpp) * 2; |
1103 |
-+ u32 base16 = 0 + (device_byte_offset / bpp) * 2; |
1104 |
- struct urb *urb = *urb_ptr; |
1105 |
- u8 *cmd = *urb_buf_ptr; |
1106 |
- u8 *cmd_end = (u8 *) urb->transfer_buffer + urb->transfer_buffer_length; |
1107 |
-diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_dmabuf.c b/drivers/gpu/drm/vmwgfx/vmwgfx_dmabuf.c |
1108 |
-index 3fa884d..27151f7 100644 |
1109 |
---- a/drivers/gpu/drm/vmwgfx/vmwgfx_dmabuf.c |
1110 |
-+++ b/drivers/gpu/drm/vmwgfx/vmwgfx_dmabuf.c |
1111 |
-@@ -306,7 +306,7 @@ void vmw_bo_pin(struct ttm_buffer_object *bo, bool pin) |
1112 |
- |
1113 |
- BUG_ON(!atomic_read(&bo->reserved)); |
1114 |
- BUG_ON(old_mem_type != TTM_PL_VRAM && |
1115 |
-- old_mem_type != VMW_PL_FLAG_GMR); |
1116 |
-+ old_mem_type != VMW_PL_GMR); |
1117 |
- |
1118 |
- pl_flags = TTM_PL_FLAG_VRAM | VMW_PL_FLAG_GMR | TTM_PL_FLAG_CACHED; |
1119 |
- if (pin) |
1120 |
-diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_drv.c b/drivers/gpu/drm/vmwgfx/vmwgfx_drv.c |
1121 |
-index ba2c35d..4a04ae0 100644 |
1122 |
---- a/drivers/gpu/drm/vmwgfx/vmwgfx_drv.c |
1123 |
-+++ b/drivers/gpu/drm/vmwgfx/vmwgfx_drv.c |
1124 |
-@@ -1099,6 +1099,11 @@ static void vmw_pm_complete(struct device *kdev) |
1125 |
- struct drm_device *dev = pci_get_drvdata(pdev); |
1126 |
- struct vmw_private *dev_priv = vmw_priv(dev); |
1127 |
- |
1128 |
-+ mutex_lock(&dev_priv->hw_mutex); |
1129 |
-+ vmw_write(dev_priv, SVGA_REG_ID, SVGA_ID_2); |
1130 |
-+ (void) vmw_read(dev_priv, SVGA_REG_ID); |
1131 |
-+ mutex_unlock(&dev_priv->hw_mutex); |
1132 |
-+ |
1133 |
- /** |
1134 |
- * Reclaim 3d reference held by fbdev and potentially |
1135 |
- * start fifo. |
1136 |
-diff --git a/drivers/hwmon/w83627ehf.c b/drivers/hwmon/w83627ehf.c |
1137 |
-index 1821b74..de3c7e0 100644 |
1138 |
---- a/drivers/hwmon/w83627ehf.c |
1139 |
-+++ b/drivers/hwmon/w83627ehf.c |
1140 |
-@@ -2083,6 +2083,7 @@ static int __devinit w83627ehf_probe(struct platform_device *pdev) |
1141 |
- mutex_init(&data->lock); |
1142 |
- mutex_init(&data->update_lock); |
1143 |
- data->name = w83627ehf_device_names[sio_data->kind]; |
1144 |
-+ data->bank = 0xff; /* Force initial bank selection */ |
1145 |
- platform_set_drvdata(pdev, data); |
1146 |
- |
1147 |
- /* 627EHG and 627EHF have 10 voltage inputs; 627DHG and 667HG have 9 */ |
1148 |
-diff --git a/drivers/input/touchscreen/tsc40.c b/drivers/input/touchscreen/tsc40.c |
1149 |
-index 63209aa..eb96f16 100644 |
1150 |
---- a/drivers/input/touchscreen/tsc40.c |
1151 |
-+++ b/drivers/input/touchscreen/tsc40.c |
1152 |
-@@ -107,7 +107,6 @@ static int tsc_connect(struct serio *serio, struct serio_driver *drv) |
1153 |
- __set_bit(BTN_TOUCH, input_dev->keybit); |
1154 |
- input_set_abs_params(ptsc->dev, ABS_X, 0, 0x3ff, 0, 0); |
1155 |
- input_set_abs_params(ptsc->dev, ABS_Y, 0, 0x3ff, 0, 0); |
1156 |
-- input_set_abs_params(ptsc->dev, ABS_PRESSURE, 0, 0, 0, 0); |
1157 |
- |
1158 |
- serio_set_drvdata(serio, ptsc); |
1159 |
- |
1160 |
-diff --git a/drivers/mmc/host/sdhci.c b/drivers/mmc/host/sdhci.c |
1161 |
-index 9a11dc3..b1facf9 100644 |
1162 |
---- a/drivers/mmc/host/sdhci.c |
1163 |
-+++ b/drivers/mmc/host/sdhci.c |
1164 |
-@@ -1307,16 +1307,19 @@ static void sdhci_request(struct mmc_host *mmc, struct mmc_request *mrq) |
1165 |
- */ |
1166 |
- if ((host->flags & SDHCI_NEEDS_RETUNING) && |
1167 |
- !(present_state & (SDHCI_DOING_WRITE | SDHCI_DOING_READ))) { |
1168 |
-- /* eMMC uses cmd21 while sd and sdio use cmd19 */ |
1169 |
-- tuning_opcode = mmc->card->type == MMC_TYPE_MMC ? |
1170 |
-- MMC_SEND_TUNING_BLOCK_HS200 : |
1171 |
-- MMC_SEND_TUNING_BLOCK; |
1172 |
-- spin_unlock_irqrestore(&host->lock, flags); |
1173 |
-- sdhci_execute_tuning(mmc, tuning_opcode); |
1174 |
-- spin_lock_irqsave(&host->lock, flags); |
1175 |
-- |
1176 |
-- /* Restore original mmc_request structure */ |
1177 |
-- host->mrq = mrq; |
1178 |
-+ if (mmc->card) { |
1179 |
-+ /* eMMC uses cmd21 but sd and sdio use cmd19 */ |
1180 |
-+ tuning_opcode = |
1181 |
-+ mmc->card->type == MMC_TYPE_MMC ? |
1182 |
-+ MMC_SEND_TUNING_BLOCK_HS200 : |
1183 |
-+ MMC_SEND_TUNING_BLOCK; |
1184 |
-+ spin_unlock_irqrestore(&host->lock, flags); |
1185 |
-+ sdhci_execute_tuning(mmc, tuning_opcode); |
1186 |
-+ spin_lock_irqsave(&host->lock, flags); |
1187 |
-+ |
1188 |
-+ /* Restore original mmc_request structure */ |
1189 |
-+ host->mrq = mrq; |
1190 |
-+ } |
1191 |
- } |
1192 |
- |
1193 |
- if (mrq->sbc && !(host->flags & SDHCI_AUTO_CMD23)) |
1194 |
-diff --git a/drivers/mmc/host/sh_mmcif.c b/drivers/mmc/host/sh_mmcif.c |
1195 |
-index ba0e493..9058d21 100644 |
1196 |
---- a/drivers/mmc/host/sh_mmcif.c |
1197 |
-+++ b/drivers/mmc/host/sh_mmcif.c |
1198 |
-@@ -1464,9 +1464,9 @@ static int __devexit sh_mmcif_remove(struct platform_device *pdev) |
1199 |
- |
1200 |
- platform_set_drvdata(pdev, NULL); |
1201 |
- |
1202 |
-+ clk_disable(host->hclk); |
1203 |
- mmc_free_host(host->mmc); |
1204 |
- pm_runtime_put_sync(&pdev->dev); |
1205 |
-- clk_disable(host->hclk); |
1206 |
- pm_runtime_disable(&pdev->dev); |
1207 |
- |
1208 |
- return 0; |
1209 |
-diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c |
1210 |
-index 56b20d1..116f0e9 100644 |
1211 |
---- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c |
1212 |
-+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c |
1213 |
-@@ -2673,6 +2673,9 @@ static int ixgbe_get_ts_info(struct net_device *dev, |
1214 |
- case ixgbe_mac_X540: |
1215 |
- case ixgbe_mac_82599EB: |
1216 |
- info->so_timestamping = |
1217 |
-+ SOF_TIMESTAMPING_TX_SOFTWARE | |
1218 |
-+ SOF_TIMESTAMPING_RX_SOFTWARE | |
1219 |
-+ SOF_TIMESTAMPING_SOFTWARE | |
1220 |
- SOF_TIMESTAMPING_TX_HARDWARE | |
1221 |
- SOF_TIMESTAMPING_RX_HARDWARE | |
1222 |
- SOF_TIMESTAMPING_RAW_HARDWARE; |
1223 |
-diff --git a/drivers/net/ethernet/nxp/lpc_eth.c b/drivers/net/ethernet/nxp/lpc_eth.c |
1224 |
-index 53743f7..af8b414 100644 |
1225 |
---- a/drivers/net/ethernet/nxp/lpc_eth.c |
1226 |
-+++ b/drivers/net/ethernet/nxp/lpc_eth.c |
1227 |
-@@ -1524,6 +1524,7 @@ static int lpc_eth_drv_remove(struct platform_device *pdev) |
1228 |
- pldat->dma_buff_base_p); |
1229 |
- free_irq(ndev->irq, ndev); |
1230 |
- iounmap(pldat->net_base); |
1231 |
-+ mdiobus_unregister(pldat->mii_bus); |
1232 |
- mdiobus_free(pldat->mii_bus); |
1233 |
- clk_disable(pldat->clk); |
1234 |
- clk_put(pldat->clk); |
1235 |
-diff --git a/drivers/net/usb/usbnet.c b/drivers/net/usb/usbnet.c |
1236 |
-index fc9f578..9c382b5 100644 |
1237 |
---- a/drivers/net/usb/usbnet.c |
1238 |
-+++ b/drivers/net/usb/usbnet.c |
1239 |
-@@ -1158,6 +1158,7 @@ netdev_tx_t usbnet_start_xmit (struct sk_buff *skb, |
1240 |
- usb_anchor_urb(urb, &dev->deferred); |
1241 |
- /* no use to process more packets */ |
1242 |
- netif_stop_queue(net); |
1243 |
-+ usb_put_urb(urb); |
1244 |
- spin_unlock_irqrestore(&dev->txq.lock, flags); |
1245 |
- netdev_dbg(dev->net, "Delaying transmission for resumption\n"); |
1246 |
- goto deferred; |
1247 |
-@@ -1310,6 +1311,8 @@ void usbnet_disconnect (struct usb_interface *intf) |
1248 |
- |
1249 |
- cancel_work_sync(&dev->kevent); |
1250 |
- |
1251 |
-+ usb_scuttle_anchored_urbs(&dev->deferred); |
1252 |
-+ |
1253 |
- if (dev->driver_info->unbind) |
1254 |
- dev->driver_info->unbind (dev, intf); |
1255 |
- |
1256 |
-diff --git a/drivers/net/wireless/ath/ath9k/xmit.c b/drivers/net/wireless/ath/ath9k/xmit.c |
1257 |
-index 423a9f3..88b6acc 100644 |
1258 |
---- a/drivers/net/wireless/ath/ath9k/xmit.c |
1259 |
-+++ b/drivers/net/wireless/ath/ath9k/xmit.c |
1260 |
-@@ -312,6 +312,7 @@ static struct ath_buf *ath_tx_get_buffer(struct ath_softc *sc) |
1261 |
- } |
1262 |
- |
1263 |
- bf = list_first_entry(&sc->tx.txbuf, struct ath_buf, list); |
1264 |
-+ bf->bf_next = NULL; |
1265 |
- list_del(&bf->list); |
1266 |
- |
1267 |
- spin_unlock_bh(&sc->tx.txbuflock); |
1268 |
-@@ -393,7 +394,7 @@ static void ath_tx_complete_aggr(struct ath_softc *sc, struct ath_txq *txq, |
1269 |
- u16 seq_st = 0, acked_cnt = 0, txfail_cnt = 0, seq_first; |
1270 |
- u32 ba[WME_BA_BMP_SIZE >> 5]; |
1271 |
- int isaggr, txfail, txpending, sendbar = 0, needreset = 0, nbad = 0; |
1272 |
-- bool rc_update = true; |
1273 |
-+ bool rc_update = true, isba; |
1274 |
- struct ieee80211_tx_rate rates[4]; |
1275 |
- struct ath_frame_info *fi; |
1276 |
- int nframes; |
1277 |
-@@ -437,13 +438,17 @@ static void ath_tx_complete_aggr(struct ath_softc *sc, struct ath_txq *txq, |
1278 |
- tidno = ieee80211_get_qos_ctl(hdr)[0] & IEEE80211_QOS_CTL_TID_MASK; |
1279 |
- tid = ATH_AN_2_TID(an, tidno); |
1280 |
- seq_first = tid->seq_start; |
1281 |
-+ isba = ts->ts_flags & ATH9K_TX_BA; |
1282 |
- |
1283 |
- /* |
1284 |
- * The hardware occasionally sends a tx status for the wrong TID. |
1285 |
- * In this case, the BA status cannot be considered valid and all |
1286 |
- * subframes need to be retransmitted |
1287 |
-+ * |
1288 |
-+ * Only BlockAcks have a TID and therefore normal Acks cannot be |
1289 |
-+ * checked |
1290 |
- */ |
1291 |
-- if (tidno != ts->tid) |
1292 |
-+ if (isba && tidno != ts->tid) |
1293 |
- txok = false; |
1294 |
- |
1295 |
- isaggr = bf_isaggr(bf); |
1296 |
-@@ -1774,6 +1779,7 @@ static void ath_tx_send_normal(struct ath_softc *sc, struct ath_txq *txq, |
1297 |
- list_add_tail(&bf->list, &bf_head); |
1298 |
- bf->bf_state.bf_type = 0; |
1299 |
- |
1300 |
-+ bf->bf_next = NULL; |
1301 |
- bf->bf_lastbf = bf; |
1302 |
- ath_tx_fill_desc(sc, bf, txq, fi->framelen); |
1303 |
- ath_tx_txqaddbuf(sc, txq, &bf_head, false); |
1304 |
-diff --git a/drivers/net/wireless/rt2x00/rt2800lib.c b/drivers/net/wireless/rt2x00/rt2800lib.c |
1305 |
-index b93516d..1345bdd 100644 |
1306 |
---- a/drivers/net/wireless/rt2x00/rt2800lib.c |
1307 |
-+++ b/drivers/net/wireless/rt2x00/rt2800lib.c |
1308 |
-@@ -2395,7 +2395,7 @@ static int rt2800_get_gain_calibration_delta(struct rt2x00_dev *rt2x00dev) |
1309 |
- /* |
1310 |
- * Check if temperature compensation is supported. |
1311 |
- */ |
1312 |
-- if (tssi_bounds[4] == 0xff) |
1313 |
-+ if (tssi_bounds[4] == 0xff || step == 0xff) |
1314 |
- return 0; |
1315 |
- |
1316 |
- /* |
1317 |
-diff --git a/drivers/target/iscsi/iscsi_target.c b/drivers/target/iscsi/iscsi_target.c |
1318 |
-index dd4fce2..6b6f50a 100644 |
1319 |
---- a/drivers/target/iscsi/iscsi_target.c |
1320 |
-+++ b/drivers/target/iscsi/iscsi_target.c |
1321 |
-@@ -3735,7 +3735,9 @@ restart: |
1322 |
- */ |
1323 |
- iscsit_thread_check_cpumask(conn, current, 1); |
1324 |
- |
1325 |
-- schedule_timeout_interruptible(MAX_SCHEDULE_TIMEOUT); |
1326 |
-+ wait_event_interruptible(conn->queues_wq, |
1327 |
-+ !iscsit_conn_all_queues_empty(conn) || |
1328 |
-+ ts->status == ISCSI_THREAD_SET_RESET); |
1329 |
- |
1330 |
- if ((ts->status == ISCSI_THREAD_SET_RESET) || |
1331 |
- signal_pending(current)) |
1332 |
-diff --git a/drivers/target/iscsi/iscsi_target_core.h b/drivers/target/iscsi/iscsi_target_core.h |
1333 |
-index a90294f..1d63d56 100644 |
1334 |
---- a/drivers/target/iscsi/iscsi_target_core.h |
1335 |
-+++ b/drivers/target/iscsi/iscsi_target_core.h |
1336 |
-@@ -486,6 +486,7 @@ struct iscsi_tmr_req { |
1337 |
- }; |
1338 |
- |
1339 |
- struct iscsi_conn { |
1340 |
-+ wait_queue_head_t queues_wq; |
1341 |
- /* Authentication Successful for this connection */ |
1342 |
- u8 auth_complete; |
1343 |
- /* State connection is currently in */ |
1344 |
-diff --git a/drivers/target/iscsi/iscsi_target_login.c b/drivers/target/iscsi/iscsi_target_login.c |
1345 |
-index 6aba439..7b643ab 100644 |
1346 |
---- a/drivers/target/iscsi/iscsi_target_login.c |
1347 |
-+++ b/drivers/target/iscsi/iscsi_target_login.c |
1348 |
-@@ -45,6 +45,7 @@ extern spinlock_t sess_idr_lock; |
1349 |
- |
1350 |
- static int iscsi_login_init_conn(struct iscsi_conn *conn) |
1351 |
- { |
1352 |
-+ init_waitqueue_head(&conn->queues_wq); |
1353 |
- INIT_LIST_HEAD(&conn->conn_list); |
1354 |
- INIT_LIST_HEAD(&conn->conn_cmd_list); |
1355 |
- INIT_LIST_HEAD(&conn->immed_queue_list); |
1356 |
-diff --git a/drivers/target/iscsi/iscsi_target_util.c b/drivers/target/iscsi/iscsi_target_util.c |
1357 |
-index b42cdeb..552f45a 100644 |
1358 |
---- a/drivers/target/iscsi/iscsi_target_util.c |
1359 |
-+++ b/drivers/target/iscsi/iscsi_target_util.c |
1360 |
-@@ -488,7 +488,7 @@ void iscsit_add_cmd_to_immediate_queue( |
1361 |
- atomic_set(&conn->check_immediate_queue, 1); |
1362 |
- spin_unlock_bh(&conn->immed_queue_lock); |
1363 |
- |
1364 |
-- wake_up_process(conn->thread_set->tx_thread); |
1365 |
-+ wake_up(&conn->queues_wq); |
1366 |
- } |
1367 |
- |
1368 |
- struct iscsi_queue_req *iscsit_get_cmd_from_immediate_queue(struct iscsi_conn *conn) |
1369 |
-@@ -562,7 +562,7 @@ void iscsit_add_cmd_to_response_queue( |
1370 |
- atomic_inc(&cmd->response_queue_count); |
1371 |
- spin_unlock_bh(&conn->response_queue_lock); |
1372 |
- |
1373 |
-- wake_up_process(conn->thread_set->tx_thread); |
1374 |
-+ wake_up(&conn->queues_wq); |
1375 |
- } |
1376 |
- |
1377 |
- struct iscsi_queue_req *iscsit_get_cmd_from_response_queue(struct iscsi_conn *conn) |
1378 |
-@@ -616,6 +616,24 @@ static void iscsit_remove_cmd_from_response_queue( |
1379 |
- } |
1380 |
- } |
1381 |
- |
1382 |
-+bool iscsit_conn_all_queues_empty(struct iscsi_conn *conn) |
1383 |
-+{ |
1384 |
-+ bool empty; |
1385 |
-+ |
1386 |
-+ spin_lock_bh(&conn->immed_queue_lock); |
1387 |
-+ empty = list_empty(&conn->immed_queue_list); |
1388 |
-+ spin_unlock_bh(&conn->immed_queue_lock); |
1389 |
-+ |
1390 |
-+ if (!empty) |
1391 |
-+ return empty; |
1392 |
-+ |
1393 |
-+ spin_lock_bh(&conn->response_queue_lock); |
1394 |
-+ empty = list_empty(&conn->response_queue_list); |
1395 |
-+ spin_unlock_bh(&conn->response_queue_lock); |
1396 |
-+ |
1397 |
-+ return empty; |
1398 |
-+} |
1399 |
-+ |
1400 |
- void iscsit_free_queue_reqs_for_conn(struct iscsi_conn *conn) |
1401 |
- { |
1402 |
- struct iscsi_queue_req *qr, *qr_tmp; |
1403 |
-diff --git a/drivers/target/iscsi/iscsi_target_util.h b/drivers/target/iscsi/iscsi_target_util.h |
1404 |
-index e1c729b..2ff9bbc 100644 |
1405 |
---- a/drivers/target/iscsi/iscsi_target_util.h |
1406 |
-+++ b/drivers/target/iscsi/iscsi_target_util.h |
1407 |
-@@ -25,6 +25,7 @@ extern struct iscsi_queue_req *iscsit_get_cmd_from_immediate_queue(struct iscsi_ |
1408 |
- extern void iscsit_add_cmd_to_response_queue(struct iscsi_cmd *, struct iscsi_conn *, u8); |
1409 |
- extern struct iscsi_queue_req *iscsit_get_cmd_from_response_queue(struct iscsi_conn *); |
1410 |
- extern void iscsit_remove_cmd_from_tx_queues(struct iscsi_cmd *, struct iscsi_conn *); |
1411 |
-+extern bool iscsit_conn_all_queues_empty(struct iscsi_conn *); |
1412 |
- extern void iscsit_free_queue_reqs_for_conn(struct iscsi_conn *); |
1413 |
- extern void iscsit_release_cmd(struct iscsi_cmd *); |
1414 |
- extern void iscsit_free_cmd(struct iscsi_cmd *); |
1415 |
-diff --git a/drivers/target/target_core_configfs.c b/drivers/target/target_core_configfs.c |
1416 |
-index 06aca11..ac0b69f 100644 |
1417 |
---- a/drivers/target/target_core_configfs.c |
1418 |
-+++ b/drivers/target/target_core_configfs.c |
1419 |
-@@ -3214,7 +3214,8 @@ static int __init target_core_init_configfs(void) |
1420 |
- if (ret < 0) |
1421 |
- goto out; |
1422 |
- |
1423 |
-- if (core_dev_setup_virtual_lun0() < 0) |
1424 |
-+ ret = core_dev_setup_virtual_lun0(); |
1425 |
-+ if (ret < 0) |
1426 |
- goto out; |
1427 |
- |
1428 |
- return 0; |
1429 |
-diff --git a/drivers/target/target_core_device.c b/drivers/target/target_core_device.c |
1430 |
-index 9fc9a60..68d4c10 100644 |
1431 |
---- a/drivers/target/target_core_device.c |
1432 |
-+++ b/drivers/target/target_core_device.c |
1433 |
-@@ -850,20 +850,20 @@ int se_dev_check_shutdown(struct se_device *dev) |
1434 |
- |
1435 |
- static u32 se_dev_align_max_sectors(u32 max_sectors, u32 block_size) |
1436 |
- { |
1437 |
-- u32 tmp, aligned_max_sectors; |
1438 |
-+ u32 aligned_max_sectors; |
1439 |
-+ u32 alignment; |
1440 |
- /* |
1441 |
- * Limit max_sectors to a PAGE_SIZE aligned value for modern |
1442 |
- * transport_allocate_data_tasks() operation. |
1443 |
- */ |
1444 |
-- tmp = rounddown((max_sectors * block_size), PAGE_SIZE); |
1445 |
-- aligned_max_sectors = (tmp / block_size); |
1446 |
-- if (max_sectors != aligned_max_sectors) { |
1447 |
-- printk(KERN_INFO "Rounding down aligned max_sectors from %u" |
1448 |
-- " to %u\n", max_sectors, aligned_max_sectors); |
1449 |
-- return aligned_max_sectors; |
1450 |
-- } |
1451 |
-+ alignment = max(1ul, PAGE_SIZE / block_size); |
1452 |
-+ aligned_max_sectors = rounddown(max_sectors, alignment); |
1453 |
-+ |
1454 |
-+ if (max_sectors != aligned_max_sectors) |
1455 |
-+ pr_info("Rounding down aligned max_sectors from %u to %u\n", |
1456 |
-+ max_sectors, aligned_max_sectors); |
1457 |
- |
1458 |
-- return max_sectors; |
1459 |
-+ return aligned_max_sectors; |
1460 |
- } |
1461 |
- |
1462 |
- void se_dev_set_default_attribs( |
1463 |
-diff --git a/drivers/target/target_core_spc.c b/drivers/target/target_core_spc.c |
1464 |
-index 9229bd9..6fd434d 100644 |
1465 |
---- a/drivers/target/target_core_spc.c |
1466 |
-+++ b/drivers/target/target_core_spc.c |
1467 |
-@@ -605,6 +605,8 @@ static int spc_emulate_inquiry(struct se_cmd *cmd) |
1468 |
- unsigned char buf[SE_INQUIRY_BUF]; |
1469 |
- int p, ret; |
1470 |
- |
1471 |
-+ memset(buf, 0, SE_INQUIRY_BUF); |
1472 |
-+ |
1473 |
- if (dev == tpg->tpg_virt_lun0.lun_se_dev) |
1474 |
- buf[0] = 0x3f; /* Not connected */ |
1475 |
- else |
1476 |
-diff --git a/drivers/target/target_core_tmr.c b/drivers/target/target_core_tmr.c |
1477 |
-index 1c59a3c..be75c43 100644 |
1478 |
---- a/drivers/target/target_core_tmr.c |
1479 |
-+++ b/drivers/target/target_core_tmr.c |
1480 |
-@@ -140,15 +140,15 @@ void core_tmr_abort_task( |
1481 |
- printk("ABORT_TASK: Found referenced %s task_tag: %u\n", |
1482 |
- se_cmd->se_tfo->get_fabric_name(), ref_tag); |
1483 |
- |
1484 |
-- spin_lock_irq(&se_cmd->t_state_lock); |
1485 |
-+ spin_lock(&se_cmd->t_state_lock); |
1486 |
- if (se_cmd->transport_state & CMD_T_COMPLETE) { |
1487 |
- printk("ABORT_TASK: ref_tag: %u already complete, skipping\n", ref_tag); |
1488 |
-- spin_unlock_irq(&se_cmd->t_state_lock); |
1489 |
-+ spin_unlock(&se_cmd->t_state_lock); |
1490 |
- spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags); |
1491 |
- goto out; |
1492 |
- } |
1493 |
- se_cmd->transport_state |= CMD_T_ABORTED; |
1494 |
-- spin_unlock_irq(&se_cmd->t_state_lock); |
1495 |
-+ spin_unlock(&se_cmd->t_state_lock); |
1496 |
- |
1497 |
- list_del_init(&se_cmd->se_cmd_list); |
1498 |
- kref_get(&se_cmd->cmd_kref); |
1499 |
-diff --git a/drivers/xen/gntdev.c b/drivers/xen/gntdev.c |
1500 |
-index 7f12416..9a113b7 100644 |
1501 |
---- a/drivers/xen/gntdev.c |
1502 |
-+++ b/drivers/xen/gntdev.c |
1503 |
-@@ -105,6 +105,21 @@ static void gntdev_print_maps(struct gntdev_priv *priv, |
1504 |
- #endif |
1505 |
- } |
1506 |
- |
1507 |
-+static void gntdev_free_map(struct grant_map *map) |
1508 |
-+{ |
1509 |
-+ if (map == NULL) |
1510 |
-+ return; |
1511 |
-+ |
1512 |
-+ if (map->pages) |
1513 |
-+ free_xenballooned_pages(map->count, map->pages); |
1514 |
-+ kfree(map->pages); |
1515 |
-+ kfree(map->grants); |
1516 |
-+ kfree(map->map_ops); |
1517 |
-+ kfree(map->unmap_ops); |
1518 |
-+ kfree(map->kmap_ops); |
1519 |
-+ kfree(map); |
1520 |
-+} |
1521 |
-+ |
1522 |
- static struct grant_map *gntdev_alloc_map(struct gntdev_priv *priv, int count) |
1523 |
- { |
1524 |
- struct grant_map *add; |
1525 |
-@@ -142,12 +157,7 @@ static struct grant_map *gntdev_alloc_map(struct gntdev_priv *priv, int count) |
1526 |
- return add; |
1527 |
- |
1528 |
- err: |
1529 |
-- kfree(add->pages); |
1530 |
-- kfree(add->grants); |
1531 |
-- kfree(add->map_ops); |
1532 |
-- kfree(add->unmap_ops); |
1533 |
-- kfree(add->kmap_ops); |
1534 |
-- kfree(add); |
1535 |
-+ gntdev_free_map(add); |
1536 |
- return NULL; |
1537 |
- } |
1538 |
- |
1539 |
-@@ -198,17 +208,9 @@ static void gntdev_put_map(struct grant_map *map) |
1540 |
- evtchn_put(map->notify.event); |
1541 |
- } |
1542 |
- |
1543 |
-- if (map->pages) { |
1544 |
-- if (!use_ptemod) |
1545 |
-- unmap_grant_pages(map, 0, map->count); |
1546 |
-- |
1547 |
-- free_xenballooned_pages(map->count, map->pages); |
1548 |
-- } |
1549 |
-- kfree(map->pages); |
1550 |
-- kfree(map->grants); |
1551 |
-- kfree(map->map_ops); |
1552 |
-- kfree(map->unmap_ops); |
1553 |
-- kfree(map); |
1554 |
-+ if (map->pages && !use_ptemod) |
1555 |
-+ unmap_grant_pages(map, 0, map->count); |
1556 |
-+ gntdev_free_map(map); |
1557 |
- } |
1558 |
- |
1559 |
- /* ------------------------------------------------------------------ */ |
1560 |
-diff --git a/fs/gfs2/lops.c b/fs/gfs2/lops.c |
1561 |
-index 8ff95a2..0967d0c 100644 |
1562 |
---- a/fs/gfs2/lops.c |
1563 |
-+++ b/fs/gfs2/lops.c |
1564 |
-@@ -393,12 +393,10 @@ static void buf_lo_add(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) |
1565 |
- struct gfs2_meta_header *mh; |
1566 |
- struct gfs2_trans *tr; |
1567 |
- |
1568 |
-- lock_buffer(bd->bd_bh); |
1569 |
-- gfs2_log_lock(sdp); |
1570 |
- tr = current->journal_info; |
1571 |
- tr->tr_touched = 1; |
1572 |
- if (!list_empty(&bd->bd_list)) |
1573 |
-- goto out; |
1574 |
-+ return; |
1575 |
- set_bit(GLF_LFLUSH, &bd->bd_gl->gl_flags); |
1576 |
- set_bit(GLF_DIRTY, &bd->bd_gl->gl_flags); |
1577 |
- mh = (struct gfs2_meta_header *)bd->bd_bh->b_data; |
1578 |
-@@ -414,9 +412,6 @@ static void buf_lo_add(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) |
1579 |
- sdp->sd_log_num_buf++; |
1580 |
- list_add(&bd->bd_list, &sdp->sd_log_le_buf); |
1581 |
- tr->tr_num_buf_new++; |
1582 |
--out: |
1583 |
-- gfs2_log_unlock(sdp); |
1584 |
-- unlock_buffer(bd->bd_bh); |
1585 |
- } |
1586 |
- |
1587 |
- static void gfs2_check_magic(struct buffer_head *bh) |
1588 |
-@@ -777,12 +772,10 @@ static void databuf_lo_add(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) |
1589 |
- struct address_space *mapping = bd->bd_bh->b_page->mapping; |
1590 |
- struct gfs2_inode *ip = GFS2_I(mapping->host); |
1591 |
- |
1592 |
-- lock_buffer(bd->bd_bh); |
1593 |
-- gfs2_log_lock(sdp); |
1594 |
- if (tr) |
1595 |
- tr->tr_touched = 1; |
1596 |
- if (!list_empty(&bd->bd_list)) |
1597 |
-- goto out; |
1598 |
-+ return; |
1599 |
- set_bit(GLF_LFLUSH, &bd->bd_gl->gl_flags); |
1600 |
- set_bit(GLF_DIRTY, &bd->bd_gl->gl_flags); |
1601 |
- if (gfs2_is_jdata(ip)) { |
1602 |
-@@ -793,9 +786,6 @@ static void databuf_lo_add(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) |
1603 |
- } else { |
1604 |
- list_add_tail(&bd->bd_list, &sdp->sd_log_le_ordered); |
1605 |
- } |
1606 |
--out: |
1607 |
-- gfs2_log_unlock(sdp); |
1608 |
-- unlock_buffer(bd->bd_bh); |
1609 |
- } |
1610 |
- |
1611 |
- /** |
1612 |
-diff --git a/fs/gfs2/trans.c b/fs/gfs2/trans.c |
1613 |
-index adbd278..4136270 100644 |
1614 |
---- a/fs/gfs2/trans.c |
1615 |
-+++ b/fs/gfs2/trans.c |
1616 |
-@@ -155,14 +155,22 @@ void gfs2_trans_add_bh(struct gfs2_glock *gl, struct buffer_head *bh, int meta) |
1617 |
- struct gfs2_sbd *sdp = gl->gl_sbd; |
1618 |
- struct gfs2_bufdata *bd; |
1619 |
- |
1620 |
-+ lock_buffer(bh); |
1621 |
-+ gfs2_log_lock(sdp); |
1622 |
- bd = bh->b_private; |
1623 |
- if (bd) |
1624 |
- gfs2_assert(sdp, bd->bd_gl == gl); |
1625 |
- else { |
1626 |
-+ gfs2_log_unlock(sdp); |
1627 |
-+ unlock_buffer(bh); |
1628 |
- gfs2_attach_bufdata(gl, bh, meta); |
1629 |
- bd = bh->b_private; |
1630 |
-+ lock_buffer(bh); |
1631 |
-+ gfs2_log_lock(sdp); |
1632 |
- } |
1633 |
- lops_add(sdp, bd); |
1634 |
-+ gfs2_log_unlock(sdp); |
1635 |
-+ unlock_buffer(bh); |
1636 |
- } |
1637 |
- |
1638 |
- void gfs2_trans_add_revoke(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) |
1639 |
-diff --git a/fs/nfs/dns_resolve.c b/fs/nfs/dns_resolve.c |
1640 |
-index 31c26c4..ca4b11e 100644 |
1641 |
---- a/fs/nfs/dns_resolve.c |
1642 |
-+++ b/fs/nfs/dns_resolve.c |
1643 |
-@@ -217,7 +217,7 @@ static int nfs_dns_parse(struct cache_detail *cd, char *buf, int buflen) |
1644 |
- { |
1645 |
- char buf1[NFS_DNS_HOSTNAME_MAXLEN+1]; |
1646 |
- struct nfs_dns_ent key, *item; |
1647 |
-- unsigned long ttl; |
1648 |
-+ unsigned int ttl; |
1649 |
- ssize_t len; |
1650 |
- int ret = -EINVAL; |
1651 |
- |
1652 |
-@@ -240,7 +240,8 @@ static int nfs_dns_parse(struct cache_detail *cd, char *buf, int buflen) |
1653 |
- key.namelen = len; |
1654 |
- memset(&key.h, 0, sizeof(key.h)); |
1655 |
- |
1656 |
-- ttl = get_expiry(&buf); |
1657 |
-+ if (get_uint(&buf, &ttl) < 0) |
1658 |
-+ goto out; |
1659 |
- if (ttl == 0) |
1660 |
- goto out; |
1661 |
- key.h.expiry_time = ttl + seconds_since_boot(); |
1662 |
-diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h |
1663 |
-index 31fdb03..e794dee 100644 |
1664 |
---- a/fs/nfs/internal.h |
1665 |
-+++ b/fs/nfs/internal.h |
1666 |
-@@ -353,8 +353,9 @@ extern void nfs_sb_active(struct super_block *sb); |
1667 |
- extern void nfs_sb_deactive(struct super_block *sb); |
1668 |
- |
1669 |
- /* namespace.c */ |
1670 |
-+#define NFS_PATH_CANONICAL 1 |
1671 |
- extern char *nfs_path(char **p, struct dentry *dentry, |
1672 |
-- char *buffer, ssize_t buflen); |
1673 |
-+ char *buffer, ssize_t buflen, unsigned flags); |
1674 |
- extern struct vfsmount *nfs_d_automount(struct path *path); |
1675 |
- struct vfsmount *nfs_submount(struct nfs_server *, struct dentry *, |
1676 |
- struct nfs_fh *, struct nfs_fattr *); |
1677 |
-@@ -491,7 +492,7 @@ static inline char *nfs_devname(struct dentry *dentry, |
1678 |
- char *buffer, ssize_t buflen) |
1679 |
- { |
1680 |
- char *dummy; |
1681 |
-- return nfs_path(&dummy, dentry, buffer, buflen); |
1682 |
-+ return nfs_path(&dummy, dentry, buffer, buflen, NFS_PATH_CANONICAL); |
1683 |
- } |
1684 |
- |
1685 |
- /* |
1686 |
-diff --git a/fs/nfs/mount_clnt.c b/fs/nfs/mount_clnt.c |
1687 |
-index 8e65c7f..015f71f 100644 |
1688 |
---- a/fs/nfs/mount_clnt.c |
1689 |
-+++ b/fs/nfs/mount_clnt.c |
1690 |
-@@ -181,7 +181,7 @@ int nfs_mount(struct nfs_mount_request *info) |
1691 |
- else |
1692 |
- msg.rpc_proc = &mnt_clnt->cl_procinfo[MOUNTPROC_MNT]; |
1693 |
- |
1694 |
-- status = rpc_call_sync(mnt_clnt, &msg, 0); |
1695 |
-+ status = rpc_call_sync(mnt_clnt, &msg, RPC_TASK_SOFT|RPC_TASK_TIMEOUT); |
1696 |
- rpc_shutdown_client(mnt_clnt); |
1697 |
- |
1698 |
- if (status < 0) |
1699 |
-diff --git a/fs/nfs/namespace.c b/fs/nfs/namespace.c |
1700 |
-index 6559253..dd057bc 100644 |
1701 |
---- a/fs/nfs/namespace.c |
1702 |
-+++ b/fs/nfs/namespace.c |
1703 |
-@@ -33,6 +33,7 @@ int nfs_mountpoint_expiry_timeout = 500 * HZ; |
1704 |
- * @dentry - pointer to dentry |
1705 |
- * @buffer - result buffer |
1706 |
- * @buflen - length of buffer |
1707 |
-+ * @flags - options (see below) |
1708 |
- * |
1709 |
- * Helper function for constructing the server pathname |
1710 |
- * by arbitrary hashed dentry. |
1711 |
-@@ -40,8 +41,14 @@ int nfs_mountpoint_expiry_timeout = 500 * HZ; |
1712 |
- * This is mainly for use in figuring out the path on the |
1713 |
- * server side when automounting on top of an existing partition |
1714 |
- * and in generating /proc/mounts and friends. |
1715 |
-+ * |
1716 |
-+ * Supported flags: |
1717 |
-+ * NFS_PATH_CANONICAL: ensure there is exactly one slash after |
1718 |
-+ * the original device (export) name |
1719 |
-+ * (if unset, the original name is returned verbatim) |
1720 |
- */ |
1721 |
--char *nfs_path(char **p, struct dentry *dentry, char *buffer, ssize_t buflen) |
1722 |
-+char *nfs_path(char **p, struct dentry *dentry, char *buffer, ssize_t buflen, |
1723 |
-+ unsigned flags) |
1724 |
- { |
1725 |
- char *end; |
1726 |
- int namelen; |
1727 |
-@@ -74,7 +81,7 @@ rename_retry: |
1728 |
- rcu_read_unlock(); |
1729 |
- goto rename_retry; |
1730 |
- } |
1731 |
-- if (*end != '/') { |
1732 |
-+ if ((flags & NFS_PATH_CANONICAL) && *end != '/') { |
1733 |
- if (--buflen < 0) { |
1734 |
- spin_unlock(&dentry->d_lock); |
1735 |
- rcu_read_unlock(); |
1736 |
-@@ -91,9 +98,11 @@ rename_retry: |
1737 |
- return end; |
1738 |
- } |
1739 |
- namelen = strlen(base); |
1740 |
-- /* Strip off excess slashes in base string */ |
1741 |
-- while (namelen > 0 && base[namelen - 1] == '/') |
1742 |
-- namelen--; |
1743 |
-+ if (flags & NFS_PATH_CANONICAL) { |
1744 |
-+ /* Strip off excess slashes in base string */ |
1745 |
-+ while (namelen > 0 && base[namelen - 1] == '/') |
1746 |
-+ namelen--; |
1747 |
-+ } |
1748 |
- buflen -= namelen; |
1749 |
- if (buflen < 0) { |
1750 |
- spin_unlock(&dentry->d_lock); |
1751 |
-diff --git a/fs/nfs/nfs4namespace.c b/fs/nfs/nfs4namespace.c |
1752 |
-index 017b4b0..c077b25 100644 |
1753 |
---- a/fs/nfs/nfs4namespace.c |
1754 |
-+++ b/fs/nfs/nfs4namespace.c |
1755 |
-@@ -81,7 +81,8 @@ static char *nfs_path_component(const char *nfspath, const char *end) |
1756 |
- static char *nfs4_path(struct dentry *dentry, char *buffer, ssize_t buflen) |
1757 |
- { |
1758 |
- char *limit; |
1759 |
-- char *path = nfs_path(&limit, dentry, buffer, buflen); |
1760 |
-+ char *path = nfs_path(&limit, dentry, buffer, buflen, |
1761 |
-+ NFS_PATH_CANONICAL); |
1762 |
- if (!IS_ERR(path)) { |
1763 |
- char *path_component = nfs_path_component(path, limit); |
1764 |
- if (path_component) |
1765 |
-diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c |
1766 |
-index d5a0cf1..7bff871 100644 |
1767 |
---- a/fs/nfs/nfs4proc.c |
1768 |
-+++ b/fs/nfs/nfs4proc.c |
1769 |
-@@ -331,8 +331,7 @@ static int nfs4_handle_exception(struct nfs_server *server, int errorcode, struc |
1770 |
- dprintk("%s ERROR: %d Reset session\n", __func__, |
1771 |
- errorcode); |
1772 |
- nfs4_schedule_session_recovery(clp->cl_session, errorcode); |
1773 |
-- exception->retry = 1; |
1774 |
-- break; |
1775 |
-+ goto wait_on_recovery; |
1776 |
- #endif /* defined(CONFIG_NFS_V4_1) */ |
1777 |
- case -NFS4ERR_FILE_OPEN: |
1778 |
- if (exception->timeout > HZ) { |
1779 |
-@@ -1499,9 +1498,11 @@ static void nfs4_open_prepare(struct rpc_task *task, void *calldata) |
1780 |
- data->timestamp = jiffies; |
1781 |
- if (nfs4_setup_sequence(data->o_arg.server, |
1782 |
- &data->o_arg.seq_args, |
1783 |
-- &data->o_res.seq_res, task)) |
1784 |
-- return; |
1785 |
-- rpc_call_start(task); |
1786 |
-+ &data->o_res.seq_res, |
1787 |
-+ task) != 0) |
1788 |
-+ nfs_release_seqid(data->o_arg.seqid); |
1789 |
-+ else |
1790 |
-+ rpc_call_start(task); |
1791 |
- return; |
1792 |
- unlock_no_action: |
1793 |
- rcu_read_unlock(); |
1794 |
-@@ -2182,9 +2183,10 @@ static void nfs4_close_prepare(struct rpc_task *task, void *data) |
1795 |
- if (nfs4_setup_sequence(NFS_SERVER(calldata->inode), |
1796 |
- &calldata->arg.seq_args, |
1797 |
- &calldata->res.seq_res, |
1798 |
-- task)) |
1799 |
-- goto out; |
1800 |
-- rpc_call_start(task); |
1801 |
-+ task) != 0) |
1802 |
-+ nfs_release_seqid(calldata->arg.seqid); |
1803 |
-+ else |
1804 |
-+ rpc_call_start(task); |
1805 |
- out: |
1806 |
- dprintk("%s: done!\n", __func__); |
1807 |
- } |
1808 |
-@@ -4390,6 +4392,7 @@ static void nfs4_locku_done(struct rpc_task *task, void *data) |
1809 |
- if (nfs4_async_handle_error(task, calldata->server, NULL) == -EAGAIN) |
1810 |
- rpc_restart_call_prepare(task); |
1811 |
- } |
1812 |
-+ nfs_release_seqid(calldata->arg.seqid); |
1813 |
- } |
1814 |
- |
1815 |
- static void nfs4_locku_prepare(struct rpc_task *task, void *data) |
1816 |
-@@ -4406,9 +4409,11 @@ static void nfs4_locku_prepare(struct rpc_task *task, void *data) |
1817 |
- calldata->timestamp = jiffies; |
1818 |
- if (nfs4_setup_sequence(calldata->server, |
1819 |
- &calldata->arg.seq_args, |
1820 |
-- &calldata->res.seq_res, task)) |
1821 |
-- return; |
1822 |
-- rpc_call_start(task); |
1823 |
-+ &calldata->res.seq_res, |
1824 |
-+ task) != 0) |
1825 |
-+ nfs_release_seqid(calldata->arg.seqid); |
1826 |
-+ else |
1827 |
-+ rpc_call_start(task); |
1828 |
- } |
1829 |
- |
1830 |
- static const struct rpc_call_ops nfs4_locku_ops = { |
1831 |
-@@ -4553,7 +4558,7 @@ static void nfs4_lock_prepare(struct rpc_task *task, void *calldata) |
1832 |
- /* Do we need to do an open_to_lock_owner? */ |
1833 |
- if (!(data->arg.lock_seqid->sequence->flags & NFS_SEQID_CONFIRMED)) { |
1834 |
- if (nfs_wait_on_sequence(data->arg.open_seqid, task) != 0) |
1835 |
-- return; |
1836 |
-+ goto out_release_lock_seqid; |
1837 |
- data->arg.open_stateid = &state->stateid; |
1838 |
- data->arg.new_lock_owner = 1; |
1839 |
- data->res.open_seqid = data->arg.open_seqid; |
1840 |
-@@ -4562,10 +4567,15 @@ static void nfs4_lock_prepare(struct rpc_task *task, void *calldata) |
1841 |
- data->timestamp = jiffies; |
1842 |
- if (nfs4_setup_sequence(data->server, |
1843 |
- &data->arg.seq_args, |
1844 |
-- &data->res.seq_res, task)) |
1845 |
-+ &data->res.seq_res, |
1846 |
-+ task) == 0) { |
1847 |
-+ rpc_call_start(task); |
1848 |
- return; |
1849 |
-- rpc_call_start(task); |
1850 |
-- dprintk("%s: done!, ret = %d\n", __func__, data->rpc_status); |
1851 |
-+ } |
1852 |
-+ nfs_release_seqid(data->arg.open_seqid); |
1853 |
-+out_release_lock_seqid: |
1854 |
-+ nfs_release_seqid(data->arg.lock_seqid); |
1855 |
-+ dprintk("%s: done!, ret = %d\n", __func__, task->tk_status); |
1856 |
- } |
1857 |
- |
1858 |
- static void nfs4_recover_lock_prepare(struct rpc_task *task, void *calldata) |
1859 |
-diff --git a/fs/nfs/super.c b/fs/nfs/super.c |
1860 |
-index b8eda70..d8d7396 100644 |
1861 |
---- a/fs/nfs/super.c |
1862 |
-+++ b/fs/nfs/super.c |
1863 |
-@@ -765,7 +765,7 @@ int nfs_show_devname(struct seq_file *m, struct dentry *root) |
1864 |
- int err = 0; |
1865 |
- if (!page) |
1866 |
- return -ENOMEM; |
1867 |
-- devname = nfs_path(&dummy, root, page, PAGE_SIZE); |
1868 |
-+ devname = nfs_path(&dummy, root, page, PAGE_SIZE, 0); |
1869 |
- if (IS_ERR(devname)) |
1870 |
- err = PTR_ERR(devname); |
1871 |
- else |
1872 |
-diff --git a/fs/xfs/xfs_buf_item.c b/fs/xfs/xfs_buf_item.c |
1873 |
-index a8d0ed9..becf4a9 100644 |
1874 |
---- a/fs/xfs/xfs_buf_item.c |
1875 |
-+++ b/fs/xfs/xfs_buf_item.c |
1876 |
-@@ -526,7 +526,25 @@ xfs_buf_item_unpin( |
1877 |
- } |
1878 |
- xfs_buf_relse(bp); |
1879 |
- } else if (freed && remove) { |
1880 |
-+ /* |
1881 |
-+ * There are currently two references to the buffer - the active |
1882 |
-+ * LRU reference and the buf log item. What we are about to do |
1883 |
-+ * here - simulate a failed IO completion - requires 3 |
1884 |
-+ * references. |
1885 |
-+ * |
1886 |
-+ * The LRU reference is removed by the xfs_buf_stale() call. The |
1887 |
-+ * buf item reference is removed by the xfs_buf_iodone() |
1888 |
-+ * callback that is run by xfs_buf_do_callbacks() during ioend |
1889 |
-+ * processing (via the bp->b_iodone callback), and then finally |
1890 |
-+ * the ioend processing will drop the IO reference if the buffer |
1891 |
-+ * is marked XBF_ASYNC. |
1892 |
-+ * |
1893 |
-+ * Hence we need to take an additional reference here so that IO |
1894 |
-+ * completion processing doesn't free the buffer prematurely. |
1895 |
-+ */ |
1896 |
- xfs_buf_lock(bp); |
1897 |
-+ xfs_buf_hold(bp); |
1898 |
-+ bp->b_flags |= XBF_ASYNC; |
1899 |
- xfs_buf_ioerror(bp, EIO); |
1900 |
- XFS_BUF_UNDONE(bp); |
1901 |
- xfs_buf_stale(bp); |
1902 |
-diff --git a/fs/xfs/xfs_log_recover.c b/fs/xfs/xfs_log_recover.c |
1903 |
-index 5da3ace..d308749 100644 |
1904 |
---- a/fs/xfs/xfs_log_recover.c |
1905 |
-+++ b/fs/xfs/xfs_log_recover.c |
1906 |
-@@ -3541,7 +3541,7 @@ xlog_do_recovery_pass( |
1907 |
- * - order is important. |
1908 |
- */ |
1909 |
- error = xlog_bread_offset(log, 0, |
1910 |
-- bblks - split_bblks, hbp, |
1911 |
-+ bblks - split_bblks, dbp, |
1912 |
- offset + BBTOB(split_bblks)); |
1913 |
- if (error) |
1914 |
- goto bread_err2; |
1915 |
-diff --git a/include/net/cfg80211.h b/include/net/cfg80211.h |
1916 |
-index f10553c..fb5204b 100644 |
1917 |
---- a/include/net/cfg80211.h |
1918 |
-+++ b/include/net/cfg80211.h |
1919 |
-@@ -2633,6 +2633,15 @@ unsigned int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb); |
1920 |
- unsigned int __attribute_const__ ieee80211_hdrlen(__le16 fc); |
1921 |
- |
1922 |
- /** |
1923 |
-+ * ieee80211_get_mesh_hdrlen - get mesh extension header length |
1924 |
-+ * @meshhdr: the mesh extension header, only the flags field |
1925 |
-+ * (first byte) will be accessed |
1926 |
-+ * Returns the length of the extension header, which is always at |
1927 |
-+ * least 6 bytes and at most 18 if address 5 and 6 are present. |
1928 |
-+ */ |
1929 |
-+unsigned int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr); |
1930 |
-+ |
1931 |
-+/** |
1932 |
- * DOC: Data path helpers |
1933 |
- * |
1934 |
- * In addition to generic utilities, cfg80211 also offers |
1935 |
-diff --git a/include/sound/core.h b/include/sound/core.h |
1936 |
-index bc05668..93896ad 100644 |
1937 |
---- a/include/sound/core.h |
1938 |
-+++ b/include/sound/core.h |
1939 |
-@@ -132,6 +132,7 @@ struct snd_card { |
1940 |
- int shutdown; /* this card is going down */ |
1941 |
- int free_on_last_close; /* free in context of file_release */ |
1942 |
- wait_queue_head_t shutdown_sleep; |
1943 |
-+ atomic_t refcount; /* refcount for disconnection */ |
1944 |
- struct device *dev; /* device assigned to this card */ |
1945 |
- struct device *card_dev; /* cardX object for sysfs */ |
1946 |
- |
1947 |
-@@ -189,6 +190,7 @@ struct snd_minor { |
1948 |
- const struct file_operations *f_ops; /* file operations */ |
1949 |
- void *private_data; /* private data for f_ops->open */ |
1950 |
- struct device *dev; /* device for sysfs */ |
1951 |
-+ struct snd_card *card_ptr; /* assigned card instance */ |
1952 |
- }; |
1953 |
- |
1954 |
- /* return a device pointer linked to each sound device as a parent */ |
1955 |
-@@ -295,6 +297,7 @@ int snd_card_info_done(void); |
1956 |
- int snd_component_add(struct snd_card *card, const char *component); |
1957 |
- int snd_card_file_add(struct snd_card *card, struct file *file); |
1958 |
- int snd_card_file_remove(struct snd_card *card, struct file *file); |
1959 |
-+void snd_card_unref(struct snd_card *card); |
1960 |
- |
1961 |
- #define snd_card_set_dev(card, devptr) ((card)->dev = (devptr)) |
1962 |
- |
1963 |
-diff --git a/include/trace/events/xen.h b/include/trace/events/xen.h |
1964 |
-index 15ba03b..d06b6da 100644 |
1965 |
---- a/include/trace/events/xen.h |
1966 |
-+++ b/include/trace/events/xen.h |
1967 |
-@@ -377,6 +377,14 @@ DECLARE_EVENT_CLASS(xen_mmu_pgd, |
1968 |
- DEFINE_XEN_MMU_PGD_EVENT(xen_mmu_pgd_pin); |
1969 |
- DEFINE_XEN_MMU_PGD_EVENT(xen_mmu_pgd_unpin); |
1970 |
- |
1971 |
-+TRACE_EVENT(xen_mmu_flush_tlb_all, |
1972 |
-+ TP_PROTO(int x), |
1973 |
-+ TP_ARGS(x), |
1974 |
-+ TP_STRUCT__entry(__array(char, x, 0)), |
1975 |
-+ TP_fast_assign((void)x), |
1976 |
-+ TP_printk("%s", "") |
1977 |
-+ ); |
1978 |
-+ |
1979 |
- TRACE_EVENT(xen_mmu_flush_tlb, |
1980 |
- TP_PROTO(int x), |
1981 |
- TP_ARGS(x), |
1982 |
-diff --git a/kernel/futex.c b/kernel/futex.c |
1983 |
-index 3717e7b..20ef219 100644 |
1984 |
---- a/kernel/futex.c |
1985 |
-+++ b/kernel/futex.c |
1986 |
-@@ -716,7 +716,7 @@ static int futex_lock_pi_atomic(u32 __user *uaddr, struct futex_hash_bucket *hb, |
1987 |
- struct futex_pi_state **ps, |
1988 |
- struct task_struct *task, int set_waiters) |
1989 |
- { |
1990 |
-- int lock_taken, ret, ownerdied = 0; |
1991 |
-+ int lock_taken, ret, force_take = 0; |
1992 |
- u32 uval, newval, curval, vpid = task_pid_vnr(task); |
1993 |
- |
1994 |
- retry: |
1995 |
-@@ -755,17 +755,15 @@ retry: |
1996 |
- newval = curval | FUTEX_WAITERS; |
1997 |
- |
1998 |
- /* |
1999 |
-- * There are two cases, where a futex might have no owner (the |
2000 |
-- * owner TID is 0): OWNER_DIED. We take over the futex in this |
2001 |
-- * case. We also do an unconditional take over, when the owner |
2002 |
-- * of the futex died. |
2003 |
-- * |
2004 |
-- * This is safe as we are protected by the hash bucket lock ! |
2005 |
-+ * Should we force take the futex? See below. |
2006 |
- */ |
2007 |
-- if (unlikely(ownerdied || !(curval & FUTEX_TID_MASK))) { |
2008 |
-- /* Keep the OWNER_DIED bit */ |
2009 |
-+ if (unlikely(force_take)) { |
2010 |
-+ /* |
2011 |
-+ * Keep the OWNER_DIED and the WAITERS bit and set the |
2012 |
-+ * new TID value. |
2013 |
-+ */ |
2014 |
- newval = (curval & ~FUTEX_TID_MASK) | vpid; |
2015 |
-- ownerdied = 0; |
2016 |
-+ force_take = 0; |
2017 |
- lock_taken = 1; |
2018 |
- } |
2019 |
- |
2020 |
-@@ -775,7 +773,7 @@ retry: |
2021 |
- goto retry; |
2022 |
- |
2023 |
- /* |
2024 |
-- * We took the lock due to owner died take over. |
2025 |
-+ * We took the lock due to forced take over. |
2026 |
- */ |
2027 |
- if (unlikely(lock_taken)) |
2028 |
- return 1; |
2029 |
-@@ -790,20 +788,25 @@ retry: |
2030 |
- switch (ret) { |
2031 |
- case -ESRCH: |
2032 |
- /* |
2033 |
-- * No owner found for this futex. Check if the |
2034 |
-- * OWNER_DIED bit is set to figure out whether |
2035 |
-- * this is a robust futex or not. |
2036 |
-+ * We failed to find an owner for this |
2037 |
-+ * futex. So we have no pi_state to block |
2038 |
-+ * on. This can happen in two cases: |
2039 |
-+ * |
2040 |
-+ * 1) The owner died |
2041 |
-+ * 2) A stale FUTEX_WAITERS bit |
2042 |
-+ * |
2043 |
-+ * Re-read the futex value. |
2044 |
- */ |
2045 |
- if (get_futex_value_locked(&curval, uaddr)) |
2046 |
- return -EFAULT; |
2047 |
- |
2048 |
- /* |
2049 |
-- * We simply start over in case of a robust |
2050 |
-- * futex. The code above will take the futex |
2051 |
-- * and return happy. |
2052 |
-+ * If the owner died or we have a stale |
2053 |
-+ * WAITERS bit the owner TID in the user space |
2054 |
-+ * futex is 0. |
2055 |
- */ |
2056 |
-- if (curval & FUTEX_OWNER_DIED) { |
2057 |
-- ownerdied = 1; |
2058 |
-+ if (!(curval & FUTEX_TID_MASK)) { |
2059 |
-+ force_take = 1; |
2060 |
- goto retry; |
2061 |
- } |
2062 |
- default: |
2063 |
-diff --git a/net/batman-adv/bridge_loop_avoidance.c b/net/batman-adv/bridge_loop_avoidance.c |
2064 |
-index 6705d35..e7b5777 100644 |
2065 |
---- a/net/batman-adv/bridge_loop_avoidance.c |
2066 |
-+++ b/net/batman-adv/bridge_loop_avoidance.c |
2067 |
-@@ -1205,8 +1205,8 @@ int batadv_bla_init(struct batadv_priv *bat_priv) |
2068 |
- /** |
2069 |
- * batadv_bla_check_bcast_duplist |
2070 |
- * @bat_priv: the bat priv with all the soft interface information |
2071 |
-- * @bcast_packet: originator mac address |
2072 |
-- * @hdr_size: maximum length of the frame |
2073 |
-+ * @bcast_packet: encapsulated broadcast frame plus batman header |
2074 |
-+ * @bcast_packet_len: length of encapsulated broadcast frame plus batman header |
2075 |
- * |
2076 |
- * check if it is on our broadcast list. Another gateway might |
2077 |
- * have sent the same packet because it is connected to the same backbone, |
2078 |
-@@ -1219,14 +1219,14 @@ int batadv_bla_init(struct batadv_priv *bat_priv) |
2079 |
- */ |
2080 |
- int batadv_bla_check_bcast_duplist(struct batadv_priv *bat_priv, |
2081 |
- struct batadv_bcast_packet *bcast_packet, |
2082 |
-- int hdr_size) |
2083 |
-+ int bcast_packet_len) |
2084 |
- { |
2085 |
- int i, length, curr; |
2086 |
- uint8_t *content; |
2087 |
- uint16_t crc; |
2088 |
- struct batadv_bcast_duplist_entry *entry; |
2089 |
- |
2090 |
-- length = hdr_size - sizeof(*bcast_packet); |
2091 |
-+ length = bcast_packet_len - sizeof(*bcast_packet); |
2092 |
- content = (uint8_t *)bcast_packet; |
2093 |
- content += sizeof(*bcast_packet); |
2094 |
- |
2095 |
-diff --git a/net/batman-adv/routing.c b/net/batman-adv/routing.c |
2096 |
-index bc2b88b..f861b7c 100644 |
2097 |
---- a/net/batman-adv/routing.c |
2098 |
-+++ b/net/batman-adv/routing.c |
2099 |
-@@ -1136,8 +1136,14 @@ int batadv_recv_bcast_packet(struct sk_buff *skb, |
2100 |
- |
2101 |
- spin_unlock_bh(&orig_node->bcast_seqno_lock); |
2102 |
- |
2103 |
-+ /* keep skb linear for crc calculation */ |
2104 |
-+ if (skb_linearize(skb) < 0) |
2105 |
-+ goto out; |
2106 |
-+ |
2107 |
-+ bcast_packet = (struct batadv_bcast_packet *)skb->data; |
2108 |
-+ |
2109 |
- /* check whether this has been sent by another originator before */ |
2110 |
-- if (batadv_bla_check_bcast_duplist(bat_priv, bcast_packet, hdr_size)) |
2111 |
-+ if (batadv_bla_check_bcast_duplist(bat_priv, bcast_packet, skb->len)) |
2112 |
- goto out; |
2113 |
- |
2114 |
- /* rebroadcast packet */ |
2115 |
-diff --git a/net/core/dev.c b/net/core/dev.c |
2116 |
-index 2fb9f59..aed87a4 100644 |
2117 |
---- a/net/core/dev.c |
2118 |
-+++ b/net/core/dev.c |
2119 |
-@@ -1644,7 +1644,7 @@ static inline int deliver_skb(struct sk_buff *skb, |
2120 |
- |
2121 |
- static inline bool skb_loop_sk(struct packet_type *ptype, struct sk_buff *skb) |
2122 |
- { |
2123 |
-- if (ptype->af_packet_priv == NULL) |
2124 |
-+ if (!ptype->af_packet_priv || !skb->sk) |
2125 |
- return false; |
2126 |
- |
2127 |
- if (ptype->id_match) |
2128 |
-diff --git a/net/core/skbuff.c b/net/core/skbuff.c |
2129 |
-index ef172af..9708777 100644 |
2130 |
---- a/net/core/skbuff.c |
2131 |
-+++ b/net/core/skbuff.c |
2132 |
-@@ -3384,10 +3384,12 @@ EXPORT_SYMBOL(__skb_warn_lro_forwarding); |
2133 |
- |
2134 |
- void kfree_skb_partial(struct sk_buff *skb, bool head_stolen) |
2135 |
- { |
2136 |
-- if (head_stolen) |
2137 |
-+ if (head_stolen) { |
2138 |
-+ skb_release_head_state(skb); |
2139 |
- kmem_cache_free(skbuff_head_cache, skb); |
2140 |
-- else |
2141 |
-+ } else { |
2142 |
- __kfree_skb(skb); |
2143 |
-+ } |
2144 |
- } |
2145 |
- EXPORT_SYMBOL(kfree_skb_partial); |
2146 |
- |
2147 |
-diff --git a/net/ipv4/inet_diag.c b/net/ipv4/inet_diag.c |
2148 |
-index 570e61f..6405a44 100644 |
2149 |
---- a/net/ipv4/inet_diag.c |
2150 |
-+++ b/net/ipv4/inet_diag.c |
2151 |
-@@ -883,13 +883,16 @@ static int __inet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb, |
2152 |
- struct inet_diag_req_v2 *r, struct nlattr *bc) |
2153 |
- { |
2154 |
- const struct inet_diag_handler *handler; |
2155 |
-+ int err = 0; |
2156 |
- |
2157 |
- handler = inet_diag_lock_handler(r->sdiag_protocol); |
2158 |
- if (!IS_ERR(handler)) |
2159 |
- handler->dump(skb, cb, r, bc); |
2160 |
-+ else |
2161 |
-+ err = PTR_ERR(handler); |
2162 |
- inet_diag_unlock_handler(handler); |
2163 |
- |
2164 |
-- return skb->len; |
2165 |
-+ return err ? : skb->len; |
2166 |
- } |
2167 |
- |
2168 |
- static int inet_diag_dump(struct sk_buff *skb, struct netlink_callback *cb) |
2169 |
-diff --git a/net/ipv4/route.c b/net/ipv4/route.c |
2170 |
-index 2a1383c..c017cb1 100644 |
2171 |
---- a/net/ipv4/route.c |
2172 |
-+++ b/net/ipv4/route.c |
2173 |
-@@ -1166,8 +1166,12 @@ static bool rt_bind_exception(struct rtable *rt, struct fib_nh_exception *fnhe, |
2174 |
- spin_lock_bh(&fnhe_lock); |
2175 |
- |
2176 |
- if (daddr == fnhe->fnhe_daddr) { |
2177 |
-- struct rtable *orig; |
2178 |
-- |
2179 |
-+ struct rtable *orig = rcu_dereference(fnhe->fnhe_rth); |
2180 |
-+ if (orig && rt_is_expired(orig)) { |
2181 |
-+ fnhe->fnhe_gw = 0; |
2182 |
-+ fnhe->fnhe_pmtu = 0; |
2183 |
-+ fnhe->fnhe_expires = 0; |
2184 |
-+ } |
2185 |
- if (fnhe->fnhe_pmtu) { |
2186 |
- unsigned long expires = fnhe->fnhe_expires; |
2187 |
- unsigned long diff = expires - jiffies; |
2188 |
-@@ -1184,7 +1188,6 @@ static bool rt_bind_exception(struct rtable *rt, struct fib_nh_exception *fnhe, |
2189 |
- } else if (!rt->rt_gateway) |
2190 |
- rt->rt_gateway = daddr; |
2191 |
- |
2192 |
-- orig = rcu_dereference(fnhe->fnhe_rth); |
2193 |
- rcu_assign_pointer(fnhe->fnhe_rth, rt); |
2194 |
- if (orig) |
2195 |
- rt_free(orig); |
2196 |
-diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c |
2197 |
-index 5f64193..49dd993 100644 |
2198 |
---- a/net/ipv4/tcp.c |
2199 |
-+++ b/net/ipv4/tcp.c |
2200 |
-@@ -548,14 +548,12 @@ int tcp_ioctl(struct sock *sk, int cmd, unsigned long arg) |
2201 |
- !tp->urg_data || |
2202 |
- before(tp->urg_seq, tp->copied_seq) || |
2203 |
- !before(tp->urg_seq, tp->rcv_nxt)) { |
2204 |
-- struct sk_buff *skb; |
2205 |
- |
2206 |
- answ = tp->rcv_nxt - tp->copied_seq; |
2207 |
- |
2208 |
-- /* Subtract 1, if FIN is in queue. */ |
2209 |
-- skb = skb_peek_tail(&sk->sk_receive_queue); |
2210 |
-- if (answ && skb) |
2211 |
-- answ -= tcp_hdr(skb)->fin; |
2212 |
-+ /* Subtract 1, if FIN was received */ |
2213 |
-+ if (answ && sock_flag(sk, SOCK_DONE)) |
2214 |
-+ answ--; |
2215 |
- } else |
2216 |
- answ = tp->urg_seq - tp->copied_seq; |
2217 |
- release_sock(sk); |
2218 |
-diff --git a/net/ipv4/tcp_illinois.c b/net/ipv4/tcp_illinois.c |
2219 |
-index 813b43a..834857f 100644 |
2220 |
---- a/net/ipv4/tcp_illinois.c |
2221 |
-+++ b/net/ipv4/tcp_illinois.c |
2222 |
-@@ -313,11 +313,13 @@ static void tcp_illinois_info(struct sock *sk, u32 ext, |
2223 |
- .tcpv_rttcnt = ca->cnt_rtt, |
2224 |
- .tcpv_minrtt = ca->base_rtt, |
2225 |
- }; |
2226 |
-- u64 t = ca->sum_rtt; |
2227 |
- |
2228 |
-- do_div(t, ca->cnt_rtt); |
2229 |
-- info.tcpv_rtt = t; |
2230 |
-+ if (info.tcpv_rttcnt > 0) { |
2231 |
-+ u64 t = ca->sum_rtt; |
2232 |
- |
2233 |
-+ do_div(t, info.tcpv_rttcnt); |
2234 |
-+ info.tcpv_rtt = t; |
2235 |
-+ } |
2236 |
- nla_put(skb, INET_DIAG_VEGASINFO, sizeof(info), &info); |
2237 |
- } |
2238 |
- } |
2239 |
-diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c |
2240 |
-index d377f48..c92c4da 100644 |
2241 |
---- a/net/ipv4/tcp_input.c |
2242 |
-+++ b/net/ipv4/tcp_input.c |
2243 |
-@@ -4556,6 +4556,9 @@ int tcp_send_rcvq(struct sock *sk, struct msghdr *msg, size_t size) |
2244 |
- struct tcphdr *th; |
2245 |
- bool fragstolen; |
2246 |
- |
2247 |
-+ if (size == 0) |
2248 |
-+ return 0; |
2249 |
-+ |
2250 |
- skb = alloc_skb(size + sizeof(*th), sk->sk_allocation); |
2251 |
- if (!skb) |
2252 |
- goto err; |
2253 |
-diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c |
2254 |
-index ff36194..2edce30 100644 |
2255 |
---- a/net/ipv6/ndisc.c |
2256 |
-+++ b/net/ipv6/ndisc.c |
2257 |
-@@ -535,7 +535,7 @@ static void ndisc_send_unsol_na(struct net_device *dev) |
2258 |
- { |
2259 |
- struct inet6_dev *idev; |
2260 |
- struct inet6_ifaddr *ifa; |
2261 |
-- struct in6_addr mcaddr; |
2262 |
-+ struct in6_addr mcaddr = IN6ADDR_LINKLOCAL_ALLNODES_INIT; |
2263 |
- |
2264 |
- idev = in6_dev_get(dev); |
2265 |
- if (!idev) |
2266 |
-@@ -543,7 +543,6 @@ static void ndisc_send_unsol_na(struct net_device *dev) |
2267 |
- |
2268 |
- read_lock_bh(&idev->lock); |
2269 |
- list_for_each_entry(ifa, &idev->addr_list, if_list) { |
2270 |
-- addrconf_addr_solict_mult(&ifa->addr, &mcaddr); |
2271 |
- ndisc_send_na(dev, NULL, &mcaddr, &ifa->addr, |
2272 |
- /*router=*/ !!idev->cnf.forwarding, |
2273 |
- /*solicited=*/ false, /*override=*/ true, |
2274 |
-diff --git a/net/ipv6/route.c b/net/ipv6/route.c |
2275 |
-index 46eff42..070a3ce 100644 |
2276 |
---- a/net/ipv6/route.c |
2277 |
-+++ b/net/ipv6/route.c |
2278 |
-@@ -219,7 +219,7 @@ static struct dst_ops ip6_dst_blackhole_ops = { |
2279 |
- }; |
2280 |
- |
2281 |
- static const u32 ip6_template_metrics[RTAX_MAX] = { |
2282 |
-- [RTAX_HOPLIMIT - 1] = 255, |
2283 |
-+ [RTAX_HOPLIMIT - 1] = 0, |
2284 |
- }; |
2285 |
- |
2286 |
- static struct rt6_info ip6_null_entry_template = { |
2287 |
-@@ -1241,7 +1241,7 @@ struct dst_entry *icmp6_dst_alloc(struct net_device *dev, |
2288 |
- rt->rt6i_dst.addr = fl6->daddr; |
2289 |
- rt->rt6i_dst.plen = 128; |
2290 |
- rt->rt6i_idev = idev; |
2291 |
-- dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 255); |
2292 |
-+ dst_metric_set(&rt->dst, RTAX_HOPLIMIT, 0); |
2293 |
- |
2294 |
- spin_lock_bh(&icmp6_dst_lock); |
2295 |
- rt->dst.next = icmp6_dst_gc_list; |
2296 |
-diff --git a/net/l2tp/l2tp_eth.c b/net/l2tp/l2tp_eth.c |
2297 |
-index 3bfb34a..69bf48d 100644 |
2298 |
---- a/net/l2tp/l2tp_eth.c |
2299 |
-+++ b/net/l2tp/l2tp_eth.c |
2300 |
-@@ -290,6 +290,7 @@ static int l2tp_eth_create(struct net *net, u32 tunnel_id, u32 session_id, u32 p |
2301 |
- |
2302 |
- out_del_dev: |
2303 |
- free_netdev(dev); |
2304 |
-+ spriv->dev = NULL; |
2305 |
- out_del_session: |
2306 |
- l2tp_session_delete(session); |
2307 |
- out: |
2308 |
-diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c |
2309 |
-index 5746d62..327aa07 100644 |
2310 |
---- a/net/mac80211/ibss.c |
2311 |
-+++ b/net/mac80211/ibss.c |
2312 |
-@@ -1074,7 +1074,7 @@ int ieee80211_ibss_join(struct ieee80211_sub_if_data *sdata, |
2313 |
- sdata->u.ibss.state = IEEE80211_IBSS_MLME_SEARCH; |
2314 |
- sdata->u.ibss.ibss_join_req = jiffies; |
2315 |
- |
2316 |
-- memcpy(sdata->u.ibss.ssid, params->ssid, IEEE80211_MAX_SSID_LEN); |
2317 |
-+ memcpy(sdata->u.ibss.ssid, params->ssid, params->ssid_len); |
2318 |
- sdata->u.ibss.ssid_len = params->ssid_len; |
2319 |
- |
2320 |
- mutex_unlock(&sdata->u.ibss.mtx); |
2321 |
-diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c |
2322 |
-index 0cb4ede..37fe5ce 100644 |
2323 |
---- a/net/mac80211/rx.c |
2324 |
-+++ b/net/mac80211/rx.c |
2325 |
-@@ -491,6 +491,11 @@ ieee80211_rx_mesh_check(struct ieee80211_rx_data *rx) |
2326 |
- |
2327 |
- if (ieee80211_is_action(hdr->frame_control)) { |
2328 |
- u8 category; |
2329 |
-+ |
2330 |
-+ /* make sure category field is present */ |
2331 |
-+ if (rx->skb->len < IEEE80211_MIN_ACTION_SIZE) |
2332 |
-+ return RX_DROP_MONITOR; |
2333 |
-+ |
2334 |
- mgmt = (struct ieee80211_mgmt *)hdr; |
2335 |
- category = mgmt->u.action.category; |
2336 |
- if (category != WLAN_CATEGORY_MESH_ACTION && |
2337 |
-@@ -843,14 +848,16 @@ ieee80211_rx_h_check(struct ieee80211_rx_data *rx) |
2338 |
- */ |
2339 |
- if (rx->sta && rx->sdata->vif.type == NL80211_IFTYPE_STATION && |
2340 |
- ieee80211_is_data_present(hdr->frame_control)) { |
2341 |
-- u16 ethertype; |
2342 |
-- u8 *payload; |
2343 |
-- |
2344 |
-- payload = rx->skb->data + |
2345 |
-- ieee80211_hdrlen(hdr->frame_control); |
2346 |
-- ethertype = (payload[6] << 8) | payload[7]; |
2347 |
-- if (cpu_to_be16(ethertype) == |
2348 |
-- rx->sdata->control_port_protocol) |
2349 |
-+ unsigned int hdrlen; |
2350 |
-+ __be16 ethertype; |
2351 |
-+ |
2352 |
-+ hdrlen = ieee80211_hdrlen(hdr->frame_control); |
2353 |
-+ |
2354 |
-+ if (rx->skb->len < hdrlen + 8) |
2355 |
-+ return RX_DROP_MONITOR; |
2356 |
-+ |
2357 |
-+ skb_copy_bits(rx->skb, hdrlen + 6, ðertype, 2); |
2358 |
-+ if (ethertype == rx->sdata->control_port_protocol) |
2359 |
- return RX_CONTINUE; |
2360 |
- } |
2361 |
- |
2362 |
-@@ -1422,11 +1429,14 @@ ieee80211_rx_h_defragment(struct ieee80211_rx_data *rx) |
2363 |
- |
2364 |
- hdr = (struct ieee80211_hdr *)rx->skb->data; |
2365 |
- fc = hdr->frame_control; |
2366 |
-+ |
2367 |
-+ if (ieee80211_is_ctl(fc)) |
2368 |
-+ return RX_CONTINUE; |
2369 |
-+ |
2370 |
- sc = le16_to_cpu(hdr->seq_ctrl); |
2371 |
- frag = sc & IEEE80211_SCTL_FRAG; |
2372 |
- |
2373 |
- if (likely((!ieee80211_has_morefrags(fc) && frag == 0) || |
2374 |
-- (rx->skb)->len < 24 || |
2375 |
- is_multicast_ether_addr(hdr->addr1))) { |
2376 |
- /* not fragmented */ |
2377 |
- goto out; |
2378 |
-@@ -1849,6 +1859,20 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx) |
2379 |
- |
2380 |
- hdr = (struct ieee80211_hdr *) skb->data; |
2381 |
- hdrlen = ieee80211_hdrlen(hdr->frame_control); |
2382 |
-+ |
2383 |
-+ /* make sure fixed part of mesh header is there, also checks skb len */ |
2384 |
-+ if (!pskb_may_pull(rx->skb, hdrlen + 6)) |
2385 |
-+ return RX_DROP_MONITOR; |
2386 |
-+ |
2387 |
-+ mesh_hdr = (struct ieee80211s_hdr *) (skb->data + hdrlen); |
2388 |
-+ |
2389 |
-+ /* make sure full mesh header is there, also checks skb len */ |
2390 |
-+ if (!pskb_may_pull(rx->skb, |
2391 |
-+ hdrlen + ieee80211_get_mesh_hdrlen(mesh_hdr))) |
2392 |
-+ return RX_DROP_MONITOR; |
2393 |
-+ |
2394 |
-+ /* reload pointers */ |
2395 |
-+ hdr = (struct ieee80211_hdr *) skb->data; |
2396 |
- mesh_hdr = (struct ieee80211s_hdr *) (skb->data + hdrlen); |
2397 |
- |
2398 |
- /* frame is in RMC, don't forward */ |
2399 |
-@@ -1857,7 +1881,8 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx) |
2400 |
- mesh_rmc_check(hdr->addr3, mesh_hdr, rx->sdata)) |
2401 |
- return RX_DROP_MONITOR; |
2402 |
- |
2403 |
-- if (!ieee80211_is_data(hdr->frame_control)) |
2404 |
-+ if (!ieee80211_is_data(hdr->frame_control) || |
2405 |
-+ !(status->rx_flags & IEEE80211_RX_RA_MATCH)) |
2406 |
- return RX_CONTINUE; |
2407 |
- |
2408 |
- if (!mesh_hdr->ttl) |
2409 |
-@@ -1871,9 +1896,12 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx) |
2410 |
- if (is_multicast_ether_addr(hdr->addr1)) { |
2411 |
- mpp_addr = hdr->addr3; |
2412 |
- proxied_addr = mesh_hdr->eaddr1; |
2413 |
-- } else { |
2414 |
-+ } else if (mesh_hdr->flags & MESH_FLAGS_AE_A5_A6) { |
2415 |
-+ /* has_a4 already checked in ieee80211_rx_mesh_check */ |
2416 |
- mpp_addr = hdr->addr4; |
2417 |
- proxied_addr = mesh_hdr->eaddr2; |
2418 |
-+ } else { |
2419 |
-+ return RX_DROP_MONITOR; |
2420 |
- } |
2421 |
- |
2422 |
- rcu_read_lock(); |
2423 |
-@@ -1901,9 +1929,6 @@ ieee80211_rx_h_mesh_fwding(struct ieee80211_rx_data *rx) |
2424 |
- } |
2425 |
- skb_set_queue_mapping(skb, q); |
2426 |
- |
2427 |
-- if (!(status->rx_flags & IEEE80211_RX_RA_MATCH)) |
2428 |
-- goto out; |
2429 |
-- |
2430 |
- if (!--mesh_hdr->ttl) { |
2431 |
- IEEE80211_IFSTA_MESH_CTR_INC(ifmsh, dropped_frames_ttl); |
2432 |
- return RX_DROP_MONITOR; |
2433 |
-@@ -2313,6 +2338,10 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx) |
2434 |
- } |
2435 |
- break; |
2436 |
- case WLAN_CATEGORY_SELF_PROTECTED: |
2437 |
-+ if (len < (IEEE80211_MIN_ACTION_SIZE + |
2438 |
-+ sizeof(mgmt->u.action.u.self_prot.action_code))) |
2439 |
-+ break; |
2440 |
-+ |
2441 |
- switch (mgmt->u.action.u.self_prot.action_code) { |
2442 |
- case WLAN_SP_MESH_PEERING_OPEN: |
2443 |
- case WLAN_SP_MESH_PEERING_CLOSE: |
2444 |
-@@ -2331,6 +2360,10 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx) |
2445 |
- } |
2446 |
- break; |
2447 |
- case WLAN_CATEGORY_MESH_ACTION: |
2448 |
-+ if (len < (IEEE80211_MIN_ACTION_SIZE + |
2449 |
-+ sizeof(mgmt->u.action.u.mesh_action.action_code))) |
2450 |
-+ break; |
2451 |
-+ |
2452 |
- if (!ieee80211_vif_is_mesh(&sdata->vif)) |
2453 |
- break; |
2454 |
- if (mesh_action_is_path_sel(mgmt) && |
2455 |
-@@ -2865,10 +2898,15 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw, |
2456 |
- if (ieee80211_is_data(fc) || ieee80211_is_mgmt(fc)) |
2457 |
- local->dot11ReceivedFragmentCount++; |
2458 |
- |
2459 |
-- if (ieee80211_is_mgmt(fc)) |
2460 |
-- err = skb_linearize(skb); |
2461 |
-- else |
2462 |
-+ if (ieee80211_is_mgmt(fc)) { |
2463 |
-+ /* drop frame if too short for header */ |
2464 |
-+ if (skb->len < ieee80211_hdrlen(fc)) |
2465 |
-+ err = -ENOBUFS; |
2466 |
-+ else |
2467 |
-+ err = skb_linearize(skb); |
2468 |
-+ } else { |
2469 |
- err = !pskb_may_pull(skb, ieee80211_hdrlen(fc)); |
2470 |
-+ } |
2471 |
- |
2472 |
- if (err) { |
2473 |
- dev_kfree_skb(skb); |
2474 |
-diff --git a/net/mac80211/util.c b/net/mac80211/util.c |
2475 |
-index c9b52f7..1cfe6d5 100644 |
2476 |
---- a/net/mac80211/util.c |
2477 |
-+++ b/net/mac80211/util.c |
2478 |
-@@ -637,13 +637,41 @@ u32 ieee802_11_parse_elems_crc(u8 *start, size_t len, |
2479 |
- break; |
2480 |
- } |
2481 |
- |
2482 |
-- if (id != WLAN_EID_VENDOR_SPECIFIC && |
2483 |
-- id != WLAN_EID_QUIET && |
2484 |
-- test_bit(id, seen_elems)) { |
2485 |
-- elems->parse_error = true; |
2486 |
-- left -= elen; |
2487 |
-- pos += elen; |
2488 |
-- continue; |
2489 |
-+ switch (id) { |
2490 |
-+ case WLAN_EID_SSID: |
2491 |
-+ case WLAN_EID_SUPP_RATES: |
2492 |
-+ case WLAN_EID_FH_PARAMS: |
2493 |
-+ case WLAN_EID_DS_PARAMS: |
2494 |
-+ case WLAN_EID_CF_PARAMS: |
2495 |
-+ case WLAN_EID_TIM: |
2496 |
-+ case WLAN_EID_IBSS_PARAMS: |
2497 |
-+ case WLAN_EID_CHALLENGE: |
2498 |
-+ case WLAN_EID_RSN: |
2499 |
-+ case WLAN_EID_ERP_INFO: |
2500 |
-+ case WLAN_EID_EXT_SUPP_RATES: |
2501 |
-+ case WLAN_EID_HT_CAPABILITY: |
2502 |
-+ case WLAN_EID_HT_OPERATION: |
2503 |
-+ case WLAN_EID_VHT_CAPABILITY: |
2504 |
-+ case WLAN_EID_VHT_OPERATION: |
2505 |
-+ case WLAN_EID_MESH_ID: |
2506 |
-+ case WLAN_EID_MESH_CONFIG: |
2507 |
-+ case WLAN_EID_PEER_MGMT: |
2508 |
-+ case WLAN_EID_PREQ: |
2509 |
-+ case WLAN_EID_PREP: |
2510 |
-+ case WLAN_EID_PERR: |
2511 |
-+ case WLAN_EID_RANN: |
2512 |
-+ case WLAN_EID_CHANNEL_SWITCH: |
2513 |
-+ case WLAN_EID_EXT_CHANSWITCH_ANN: |
2514 |
-+ case WLAN_EID_COUNTRY: |
2515 |
-+ case WLAN_EID_PWR_CONSTRAINT: |
2516 |
-+ case WLAN_EID_TIMEOUT_INTERVAL: |
2517 |
-+ if (test_bit(id, seen_elems)) { |
2518 |
-+ elems->parse_error = true; |
2519 |
-+ left -= elen; |
2520 |
-+ pos += elen; |
2521 |
-+ continue; |
2522 |
-+ } |
2523 |
-+ break; |
2524 |
- } |
2525 |
- |
2526 |
- if (calc_crc && id < 64 && (filter & (1ULL << id))) |
2527 |
-diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c |
2528 |
-index 9172179..0426b67 100644 |
2529 |
---- a/net/netlink/af_netlink.c |
2530 |
-+++ b/net/netlink/af_netlink.c |
2531 |
-@@ -138,6 +138,8 @@ static int netlink_dump(struct sock *sk); |
2532 |
- static DEFINE_RWLOCK(nl_table_lock); |
2533 |
- static atomic_t nl_table_users = ATOMIC_INIT(0); |
2534 |
- |
2535 |
-+#define nl_deref_protected(X) rcu_dereference_protected(X, lockdep_is_held(&nl_table_lock)); |
2536 |
-+ |
2537 |
- static ATOMIC_NOTIFIER_HEAD(netlink_chain); |
2538 |
- |
2539 |
- static inline u32 netlink_group_mask(u32 group) |
2540 |
-@@ -345,6 +347,11 @@ netlink_update_listeners(struct sock *sk) |
2541 |
- struct hlist_node *node; |
2542 |
- unsigned long mask; |
2543 |
- unsigned int i; |
2544 |
-+ struct listeners *listeners; |
2545 |
-+ |
2546 |
-+ listeners = nl_deref_protected(tbl->listeners); |
2547 |
-+ if (!listeners) |
2548 |
-+ return; |
2549 |
- |
2550 |
- for (i = 0; i < NLGRPLONGS(tbl->groups); i++) { |
2551 |
- mask = 0; |
2552 |
-@@ -352,7 +359,7 @@ netlink_update_listeners(struct sock *sk) |
2553 |
- if (i < NLGRPLONGS(nlk_sk(sk)->ngroups)) |
2554 |
- mask |= nlk_sk(sk)->groups[i]; |
2555 |
- } |
2556 |
-- tbl->listeners->masks[i] = mask; |
2557 |
-+ listeners->masks[i] = mask; |
2558 |
- } |
2559 |
- /* this function is only called with the netlink table "grabbed", which |
2560 |
- * makes sure updates are visible before bind or setsockopt return. */ |
2561 |
-@@ -536,7 +543,11 @@ static int netlink_release(struct socket *sock) |
2562 |
- if (netlink_is_kernel(sk)) { |
2563 |
- BUG_ON(nl_table[sk->sk_protocol].registered == 0); |
2564 |
- if (--nl_table[sk->sk_protocol].registered == 0) { |
2565 |
-- kfree(nl_table[sk->sk_protocol].listeners); |
2566 |
-+ struct listeners *old; |
2567 |
-+ |
2568 |
-+ old = nl_deref_protected(nl_table[sk->sk_protocol].listeners); |
2569 |
-+ RCU_INIT_POINTER(nl_table[sk->sk_protocol].listeners, NULL); |
2570 |
-+ kfree_rcu(old, rcu); |
2571 |
- nl_table[sk->sk_protocol].module = NULL; |
2572 |
- nl_table[sk->sk_protocol].registered = 0; |
2573 |
- } |
2574 |
-@@ -978,7 +989,7 @@ int netlink_has_listeners(struct sock *sk, unsigned int group) |
2575 |
- rcu_read_lock(); |
2576 |
- listeners = rcu_dereference(nl_table[sk->sk_protocol].listeners); |
2577 |
- |
2578 |
-- if (group - 1 < nl_table[sk->sk_protocol].groups) |
2579 |
-+ if (listeners && group - 1 < nl_table[sk->sk_protocol].groups) |
2580 |
- res = test_bit(group - 1, listeners->masks); |
2581 |
- |
2582 |
- rcu_read_unlock(); |
2583 |
-@@ -1620,7 +1631,7 @@ int __netlink_change_ngroups(struct sock *sk, unsigned int groups) |
2584 |
- new = kzalloc(sizeof(*new) + NLGRPSZ(groups), GFP_ATOMIC); |
2585 |
- if (!new) |
2586 |
- return -ENOMEM; |
2587 |
-- old = rcu_dereference_protected(tbl->listeners, 1); |
2588 |
-+ old = nl_deref_protected(tbl->listeners); |
2589 |
- memcpy(new->masks, old->masks, NLGRPSZ(tbl->groups)); |
2590 |
- rcu_assign_pointer(tbl->listeners, new); |
2591 |
- |
2592 |
-diff --git a/net/sctp/sm_sideeffect.c b/net/sctp/sm_sideeffect.c |
2593 |
-index fe99628..b1c5be3 100644 |
2594 |
---- a/net/sctp/sm_sideeffect.c |
2595 |
-+++ b/net/sctp/sm_sideeffect.c |
2596 |
-@@ -1634,8 +1634,9 @@ static int sctp_cmd_interpreter(sctp_event_t event_type, |
2597 |
- asoc->outqueue.outstanding_bytes; |
2598 |
- sackh.num_gap_ack_blocks = 0; |
2599 |
- sackh.num_dup_tsns = 0; |
2600 |
-+ chunk->subh.sack_hdr = &sackh; |
2601 |
- sctp_add_cmd_sf(commands, SCTP_CMD_PROCESS_SACK, |
2602 |
-- SCTP_SACKH(&sackh)); |
2603 |
-+ SCTP_CHUNK(chunk)); |
2604 |
- break; |
2605 |
- |
2606 |
- case SCTP_CMD_DISCARD_PACKET: |
2607 |
-diff --git a/net/wireless/core.c b/net/wireless/core.c |
2608 |
-index dcd64d5..5797032 100644 |
2609 |
---- a/net/wireless/core.c |
2610 |
-+++ b/net/wireless/core.c |
2611 |
-@@ -506,8 +506,7 @@ int wiphy_register(struct wiphy *wiphy) |
2612 |
- for (i = 0; i < sband->n_channels; i++) { |
2613 |
- sband->channels[i].orig_flags = |
2614 |
- sband->channels[i].flags; |
2615 |
-- sband->channels[i].orig_mag = |
2616 |
-- sband->channels[i].max_antenna_gain; |
2617 |
-+ sband->channels[i].orig_mag = INT_MAX; |
2618 |
- sband->channels[i].orig_mpwr = |
2619 |
- sband->channels[i].max_power; |
2620 |
- sband->channels[i].band = band; |
2621 |
-diff --git a/net/wireless/util.c b/net/wireless/util.c |
2622 |
-index 994e2f0..09afde7 100644 |
2623 |
---- a/net/wireless/util.c |
2624 |
-+++ b/net/wireless/util.c |
2625 |
-@@ -309,23 +309,21 @@ unsigned int ieee80211_get_hdrlen_from_skb(const struct sk_buff *skb) |
2626 |
- } |
2627 |
- EXPORT_SYMBOL(ieee80211_get_hdrlen_from_skb); |
2628 |
- |
2629 |
--static int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr) |
2630 |
-+unsigned int ieee80211_get_mesh_hdrlen(struct ieee80211s_hdr *meshhdr) |
2631 |
- { |
2632 |
- int ae = meshhdr->flags & MESH_FLAGS_AE; |
2633 |
-- /* 7.1.3.5a.2 */ |
2634 |
-+ /* 802.11-2012, 8.2.4.7.3 */ |
2635 |
- switch (ae) { |
2636 |
-+ default: |
2637 |
- case 0: |
2638 |
- return 6; |
2639 |
- case MESH_FLAGS_AE_A4: |
2640 |
- return 12; |
2641 |
- case MESH_FLAGS_AE_A5_A6: |
2642 |
- return 18; |
2643 |
-- case (MESH_FLAGS_AE_A4 | MESH_FLAGS_AE_A5_A6): |
2644 |
-- return 24; |
2645 |
-- default: |
2646 |
-- return 6; |
2647 |
- } |
2648 |
- } |
2649 |
-+EXPORT_SYMBOL(ieee80211_get_mesh_hdrlen); |
2650 |
- |
2651 |
- int ieee80211_data_to_8023(struct sk_buff *skb, const u8 *addr, |
2652 |
- enum nl80211_iftype iftype) |
2653 |
-@@ -373,6 +371,8 @@ int ieee80211_data_to_8023(struct sk_buff *skb, const u8 *addr, |
2654 |
- /* make sure meshdr->flags is on the linear part */ |
2655 |
- if (!pskb_may_pull(skb, hdrlen + 1)) |
2656 |
- return -1; |
2657 |
-+ if (meshdr->flags & MESH_FLAGS_AE_A4) |
2658 |
-+ return -1; |
2659 |
- if (meshdr->flags & MESH_FLAGS_AE_A5_A6) { |
2660 |
- skb_copy_bits(skb, hdrlen + |
2661 |
- offsetof(struct ieee80211s_hdr, eaddr1), |
2662 |
-@@ -397,6 +397,8 @@ int ieee80211_data_to_8023(struct sk_buff *skb, const u8 *addr, |
2663 |
- /* make sure meshdr->flags is on the linear part */ |
2664 |
- if (!pskb_may_pull(skb, hdrlen + 1)) |
2665 |
- return -1; |
2666 |
-+ if (meshdr->flags & MESH_FLAGS_AE_A5_A6) |
2667 |
-+ return -1; |
2668 |
- if (meshdr->flags & MESH_FLAGS_AE_A4) |
2669 |
- skb_copy_bits(skb, hdrlen + |
2670 |
- offsetof(struct ieee80211s_hdr, eaddr1), |
2671 |
-diff --git a/sound/core/compress_offload.c b/sound/core/compress_offload.c |
2672 |
-index eb60cb8..d5103f7 100644 |
2673 |
---- a/sound/core/compress_offload.c |
2674 |
-+++ b/sound/core/compress_offload.c |
2675 |
-@@ -100,12 +100,15 @@ static int snd_compr_open(struct inode *inode, struct file *f) |
2676 |
- |
2677 |
- if (dirn != compr->direction) { |
2678 |
- pr_err("this device doesn't support this direction\n"); |
2679 |
-+ snd_card_unref(compr->card); |
2680 |
- return -EINVAL; |
2681 |
- } |
2682 |
- |
2683 |
- data = kzalloc(sizeof(*data), GFP_KERNEL); |
2684 |
-- if (!data) |
2685 |
-+ if (!data) { |
2686 |
-+ snd_card_unref(compr->card); |
2687 |
- return -ENOMEM; |
2688 |
-+ } |
2689 |
- data->stream.ops = compr->ops; |
2690 |
- data->stream.direction = dirn; |
2691 |
- data->stream.private_data = compr->private_data; |
2692 |
-@@ -113,6 +116,7 @@ static int snd_compr_open(struct inode *inode, struct file *f) |
2693 |
- runtime = kzalloc(sizeof(*runtime), GFP_KERNEL); |
2694 |
- if (!runtime) { |
2695 |
- kfree(data); |
2696 |
-+ snd_card_unref(compr->card); |
2697 |
- return -ENOMEM; |
2698 |
- } |
2699 |
- runtime->state = SNDRV_PCM_STATE_OPEN; |
2700 |
-@@ -126,7 +130,8 @@ static int snd_compr_open(struct inode *inode, struct file *f) |
2701 |
- kfree(runtime); |
2702 |
- kfree(data); |
2703 |
- } |
2704 |
-- return ret; |
2705 |
-+ snd_card_unref(compr->card); |
2706 |
-+ return 0; |
2707 |
- } |
2708 |
- |
2709 |
- static int snd_compr_free(struct inode *inode, struct file *f) |
2710 |
-diff --git a/sound/core/control.c b/sound/core/control.c |
2711 |
-index 2487a6b..daa4fc8 100644 |
2712 |
---- a/sound/core/control.c |
2713 |
-+++ b/sound/core/control.c |
2714 |
-@@ -86,6 +86,7 @@ static int snd_ctl_open(struct inode *inode, struct file *file) |
2715 |
- write_lock_irqsave(&card->ctl_files_rwlock, flags); |
2716 |
- list_add_tail(&ctl->list, &card->ctl_files); |
2717 |
- write_unlock_irqrestore(&card->ctl_files_rwlock, flags); |
2718 |
-+ snd_card_unref(card); |
2719 |
- return 0; |
2720 |
- |
2721 |
- __error: |
2722 |
-@@ -93,6 +94,8 @@ static int snd_ctl_open(struct inode *inode, struct file *file) |
2723 |
- __error2: |
2724 |
- snd_card_file_remove(card, file); |
2725 |
- __error1: |
2726 |
-+ if (card) |
2727 |
-+ snd_card_unref(card); |
2728 |
- return err; |
2729 |
- } |
2730 |
- |
2731 |
-@@ -1433,6 +1436,8 @@ static ssize_t snd_ctl_read(struct file *file, char __user *buffer, |
2732 |
- spin_unlock_irq(&ctl->read_lock); |
2733 |
- schedule(); |
2734 |
- remove_wait_queue(&ctl->change_sleep, &wait); |
2735 |
-+ if (ctl->card->shutdown) |
2736 |
-+ return -ENODEV; |
2737 |
- if (signal_pending(current)) |
2738 |
- return -ERESTARTSYS; |
2739 |
- spin_lock_irq(&ctl->read_lock); |
2740 |
-diff --git a/sound/core/hwdep.c b/sound/core/hwdep.c |
2741 |
-index 75ea16f..3f7f662 100644 |
2742 |
---- a/sound/core/hwdep.c |
2743 |
-+++ b/sound/core/hwdep.c |
2744 |
-@@ -100,8 +100,10 @@ static int snd_hwdep_open(struct inode *inode, struct file * file) |
2745 |
- if (hw == NULL) |
2746 |
- return -ENODEV; |
2747 |
- |
2748 |
-- if (!try_module_get(hw->card->module)) |
2749 |
-+ if (!try_module_get(hw->card->module)) { |
2750 |
-+ snd_card_unref(hw->card); |
2751 |
- return -EFAULT; |
2752 |
-+ } |
2753 |
- |
2754 |
- init_waitqueue_entry(&wait, current); |
2755 |
- add_wait_queue(&hw->open_wait, &wait); |
2756 |
-@@ -129,6 +131,10 @@ static int snd_hwdep_open(struct inode *inode, struct file * file) |
2757 |
- mutex_unlock(&hw->open_mutex); |
2758 |
- schedule(); |
2759 |
- mutex_lock(&hw->open_mutex); |
2760 |
-+ if (hw->card->shutdown) { |
2761 |
-+ err = -ENODEV; |
2762 |
-+ break; |
2763 |
-+ } |
2764 |
- if (signal_pending(current)) { |
2765 |
- err = -ERESTARTSYS; |
2766 |
- break; |
2767 |
-@@ -148,6 +154,7 @@ static int snd_hwdep_open(struct inode *inode, struct file * file) |
2768 |
- mutex_unlock(&hw->open_mutex); |
2769 |
- if (err < 0) |
2770 |
- module_put(hw->card->module); |
2771 |
-+ snd_card_unref(hw->card); |
2772 |
- return err; |
2773 |
- } |
2774 |
- |
2775 |
-@@ -459,12 +466,15 @@ static int snd_hwdep_dev_disconnect(struct snd_device *device) |
2776 |
- mutex_unlock(®ister_mutex); |
2777 |
- return -EINVAL; |
2778 |
- } |
2779 |
-+ mutex_lock(&hwdep->open_mutex); |
2780 |
-+ wake_up(&hwdep->open_wait); |
2781 |
- #ifdef CONFIG_SND_OSSEMUL |
2782 |
- if (hwdep->ossreg) |
2783 |
- snd_unregister_oss_device(hwdep->oss_type, hwdep->card, hwdep->device); |
2784 |
- #endif |
2785 |
- snd_unregister_device(SNDRV_DEVICE_TYPE_HWDEP, hwdep->card, hwdep->device); |
2786 |
- list_del_init(&hwdep->list); |
2787 |
-+ mutex_unlock(&hwdep->open_mutex); |
2788 |
- mutex_unlock(®ister_mutex); |
2789 |
- return 0; |
2790 |
- } |
2791 |
-diff --git a/sound/core/init.c b/sound/core/init.c |
2792 |
-index d8ec849..7b012d1 100644 |
2793 |
---- a/sound/core/init.c |
2794 |
-+++ b/sound/core/init.c |
2795 |
-@@ -213,6 +213,7 @@ int snd_card_create(int idx, const char *xid, |
2796 |
- spin_lock_init(&card->files_lock); |
2797 |
- INIT_LIST_HEAD(&card->files_list); |
2798 |
- init_waitqueue_head(&card->shutdown_sleep); |
2799 |
-+ atomic_set(&card->refcount, 0); |
2800 |
- #ifdef CONFIG_PM |
2801 |
- mutex_init(&card->power_lock); |
2802 |
- init_waitqueue_head(&card->power_sleep); |
2803 |
-@@ -446,21 +447,36 @@ static int snd_card_do_free(struct snd_card *card) |
2804 |
- return 0; |
2805 |
- } |
2806 |
- |
2807 |
-+/** |
2808 |
-+ * snd_card_unref - release the reference counter |
2809 |
-+ * @card: the card instance |
2810 |
-+ * |
2811 |
-+ * Decrements the reference counter. When it reaches to zero, wake up |
2812 |
-+ * the sleeper and call the destructor if needed. |
2813 |
-+ */ |
2814 |
-+void snd_card_unref(struct snd_card *card) |
2815 |
-+{ |
2816 |
-+ if (atomic_dec_and_test(&card->refcount)) { |
2817 |
-+ wake_up(&card->shutdown_sleep); |
2818 |
-+ if (card->free_on_last_close) |
2819 |
-+ snd_card_do_free(card); |
2820 |
-+ } |
2821 |
-+} |
2822 |
-+EXPORT_SYMBOL(snd_card_unref); |
2823 |
-+ |
2824 |
- int snd_card_free_when_closed(struct snd_card *card) |
2825 |
- { |
2826 |
-- int free_now = 0; |
2827 |
-- int ret = snd_card_disconnect(card); |
2828 |
-- if (ret) |
2829 |
-- return ret; |
2830 |
-+ int ret; |
2831 |
- |
2832 |
-- spin_lock(&card->files_lock); |
2833 |
-- if (list_empty(&card->files_list)) |
2834 |
-- free_now = 1; |
2835 |
-- else |
2836 |
-- card->free_on_last_close = 1; |
2837 |
-- spin_unlock(&card->files_lock); |
2838 |
-+ atomic_inc(&card->refcount); |
2839 |
-+ ret = snd_card_disconnect(card); |
2840 |
-+ if (ret) { |
2841 |
-+ atomic_dec(&card->refcount); |
2842 |
-+ return ret; |
2843 |
-+ } |
2844 |
- |
2845 |
-- if (free_now) |
2846 |
-+ card->free_on_last_close = 1; |
2847 |
-+ if (atomic_dec_and_test(&card->refcount)) |
2848 |
- snd_card_do_free(card); |
2849 |
- return 0; |
2850 |
- } |
2851 |
-@@ -474,7 +490,7 @@ int snd_card_free(struct snd_card *card) |
2852 |
- return ret; |
2853 |
- |
2854 |
- /* wait, until all devices are ready for the free operation */ |
2855 |
-- wait_event(card->shutdown_sleep, list_empty(&card->files_list)); |
2856 |
-+ wait_event(card->shutdown_sleep, !atomic_read(&card->refcount)); |
2857 |
- snd_card_do_free(card); |
2858 |
- return 0; |
2859 |
- } |
2860 |
-@@ -886,6 +902,7 @@ int snd_card_file_add(struct snd_card *card, struct file *file) |
2861 |
- return -ENODEV; |
2862 |
- } |
2863 |
- list_add(&mfile->list, &card->files_list); |
2864 |
-+ atomic_inc(&card->refcount); |
2865 |
- spin_unlock(&card->files_lock); |
2866 |
- return 0; |
2867 |
- } |
2868 |
-@@ -908,7 +925,6 @@ EXPORT_SYMBOL(snd_card_file_add); |
2869 |
- int snd_card_file_remove(struct snd_card *card, struct file *file) |
2870 |
- { |
2871 |
- struct snd_monitor_file *mfile, *found = NULL; |
2872 |
-- int last_close = 0; |
2873 |
- |
2874 |
- spin_lock(&card->files_lock); |
2875 |
- list_for_each_entry(mfile, &card->files_list, list) { |
2876 |
-@@ -923,19 +939,13 @@ int snd_card_file_remove(struct snd_card *card, struct file *file) |
2877 |
- break; |
2878 |
- } |
2879 |
- } |
2880 |
-- if (list_empty(&card->files_list)) |
2881 |
-- last_close = 1; |
2882 |
- spin_unlock(&card->files_lock); |
2883 |
-- if (last_close) { |
2884 |
-- wake_up(&card->shutdown_sleep); |
2885 |
-- if (card->free_on_last_close) |
2886 |
-- snd_card_do_free(card); |
2887 |
-- } |
2888 |
- if (!found) { |
2889 |
- snd_printk(KERN_ERR "ALSA card file remove problem (%p)\n", file); |
2890 |
- return -ENOENT; |
2891 |
- } |
2892 |
- kfree(found); |
2893 |
-+ snd_card_unref(card); |
2894 |
- return 0; |
2895 |
- } |
2896 |
- |
2897 |
-diff --git a/sound/core/oss/mixer_oss.c b/sound/core/oss/mixer_oss.c |
2898 |
-index 18297f7..c353768 100644 |
2899 |
---- a/sound/core/oss/mixer_oss.c |
2900 |
-+++ b/sound/core/oss/mixer_oss.c |
2901 |
-@@ -52,14 +52,19 @@ static int snd_mixer_oss_open(struct inode *inode, struct file *file) |
2902 |
- SNDRV_OSS_DEVICE_TYPE_MIXER); |
2903 |
- if (card == NULL) |
2904 |
- return -ENODEV; |
2905 |
-- if (card->mixer_oss == NULL) |
2906 |
-+ if (card->mixer_oss == NULL) { |
2907 |
-+ snd_card_unref(card); |
2908 |
- return -ENODEV; |
2909 |
-+ } |
2910 |
- err = snd_card_file_add(card, file); |
2911 |
-- if (err < 0) |
2912 |
-+ if (err < 0) { |
2913 |
-+ snd_card_unref(card); |
2914 |
- return err; |
2915 |
-+ } |
2916 |
- fmixer = kzalloc(sizeof(*fmixer), GFP_KERNEL); |
2917 |
- if (fmixer == NULL) { |
2918 |
- snd_card_file_remove(card, file); |
2919 |
-+ snd_card_unref(card); |
2920 |
- return -ENOMEM; |
2921 |
- } |
2922 |
- fmixer->card = card; |
2923 |
-@@ -68,8 +73,10 @@ static int snd_mixer_oss_open(struct inode *inode, struct file *file) |
2924 |
- if (!try_module_get(card->module)) { |
2925 |
- kfree(fmixer); |
2926 |
- snd_card_file_remove(card, file); |
2927 |
-+ snd_card_unref(card); |
2928 |
- return -EFAULT; |
2929 |
- } |
2930 |
-+ snd_card_unref(card); |
2931 |
- return 0; |
2932 |
- } |
2933 |
- |
2934 |
-diff --git a/sound/core/oss/pcm_oss.c b/sound/core/oss/pcm_oss.c |
2935 |
-index 08fde00..4c1cc51 100644 |
2936 |
---- a/sound/core/oss/pcm_oss.c |
2937 |
-+++ b/sound/core/oss/pcm_oss.c |
2938 |
-@@ -2441,6 +2441,10 @@ static int snd_pcm_oss_open(struct inode *inode, struct file *file) |
2939 |
- mutex_unlock(&pcm->open_mutex); |
2940 |
- schedule(); |
2941 |
- mutex_lock(&pcm->open_mutex); |
2942 |
-+ if (pcm->card->shutdown) { |
2943 |
-+ err = -ENODEV; |
2944 |
-+ break; |
2945 |
-+ } |
2946 |
- if (signal_pending(current)) { |
2947 |
- err = -ERESTARTSYS; |
2948 |
- break; |
2949 |
-@@ -2450,6 +2454,7 @@ static int snd_pcm_oss_open(struct inode *inode, struct file *file) |
2950 |
- mutex_unlock(&pcm->open_mutex); |
2951 |
- if (err < 0) |
2952 |
- goto __error; |
2953 |
-+ snd_card_unref(pcm->card); |
2954 |
- return err; |
2955 |
- |
2956 |
- __error: |
2957 |
-@@ -2457,6 +2462,8 @@ static int snd_pcm_oss_open(struct inode *inode, struct file *file) |
2958 |
- __error2: |
2959 |
- snd_card_file_remove(pcm->card, file); |
2960 |
- __error1: |
2961 |
-+ if (pcm) |
2962 |
-+ snd_card_unref(pcm->card); |
2963 |
- return err; |
2964 |
- } |
2965 |
- |
2966 |
-diff --git a/sound/core/pcm.c b/sound/core/pcm.c |
2967 |
-index 1a3070b..e30e1be 100644 |
2968 |
---- a/sound/core/pcm.c |
2969 |
-+++ b/sound/core/pcm.c |
2970 |
-@@ -1086,11 +1086,19 @@ static int snd_pcm_dev_disconnect(struct snd_device *device) |
2971 |
- if (list_empty(&pcm->list)) |
2972 |
- goto unlock; |
2973 |
- |
2974 |
-+ mutex_lock(&pcm->open_mutex); |
2975 |
-+ wake_up(&pcm->open_wait); |
2976 |
- list_del_init(&pcm->list); |
2977 |
- for (cidx = 0; cidx < 2; cidx++) |
2978 |
-- for (substream = pcm->streams[cidx].substream; substream; substream = substream->next) |
2979 |
-- if (substream->runtime) |
2980 |
-+ for (substream = pcm->streams[cidx].substream; substream; substream = substream->next) { |
2981 |
-+ snd_pcm_stream_lock_irq(substream); |
2982 |
-+ if (substream->runtime) { |
2983 |
- substream->runtime->status->state = SNDRV_PCM_STATE_DISCONNECTED; |
2984 |
-+ wake_up(&substream->runtime->sleep); |
2985 |
-+ wake_up(&substream->runtime->tsleep); |
2986 |
-+ } |
2987 |
-+ snd_pcm_stream_unlock_irq(substream); |
2988 |
-+ } |
2989 |
- list_for_each_entry(notify, &snd_pcm_notify_list, list) { |
2990 |
- notify->n_disconnect(pcm); |
2991 |
- } |
2992 |
-@@ -1106,6 +1114,7 @@ static int snd_pcm_dev_disconnect(struct snd_device *device) |
2993 |
- } |
2994 |
- snd_unregister_device(devtype, pcm->card, pcm->device); |
2995 |
- } |
2996 |
-+ mutex_unlock(&pcm->open_mutex); |
2997 |
- unlock: |
2998 |
- mutex_unlock(®ister_mutex); |
2999 |
- return 0; |
3000 |
-diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c |
3001 |
-index 53b5ada..bf3bf43 100644 |
3002 |
---- a/sound/core/pcm_native.c |
3003 |
-+++ b/sound/core/pcm_native.c |
3004 |
-@@ -369,6 +369,14 @@ static int period_to_usecs(struct snd_pcm_runtime *runtime) |
3005 |
- return usecs; |
3006 |
- } |
3007 |
- |
3008 |
-+static void snd_pcm_set_state(struct snd_pcm_substream *substream, int state) |
3009 |
-+{ |
3010 |
-+ snd_pcm_stream_lock_irq(substream); |
3011 |
-+ if (substream->runtime->status->state != SNDRV_PCM_STATE_DISCONNECTED) |
3012 |
-+ substream->runtime->status->state = state; |
3013 |
-+ snd_pcm_stream_unlock_irq(substream); |
3014 |
-+} |
3015 |
-+ |
3016 |
- static int snd_pcm_hw_params(struct snd_pcm_substream *substream, |
3017 |
- struct snd_pcm_hw_params *params) |
3018 |
- { |
3019 |
-@@ -452,7 +460,7 @@ static int snd_pcm_hw_params(struct snd_pcm_substream *substream, |
3020 |
- runtime->boundary *= 2; |
3021 |
- |
3022 |
- snd_pcm_timer_resolution_change(substream); |
3023 |
-- runtime->status->state = SNDRV_PCM_STATE_SETUP; |
3024 |
-+ snd_pcm_set_state(substream, SNDRV_PCM_STATE_SETUP); |
3025 |
- |
3026 |
- if (pm_qos_request_active(&substream->latency_pm_qos_req)) |
3027 |
- pm_qos_remove_request(&substream->latency_pm_qos_req); |
3028 |
-@@ -464,7 +472,7 @@ static int snd_pcm_hw_params(struct snd_pcm_substream *substream, |
3029 |
- /* hardware might be unusable from this time, |
3030 |
- so we force application to retry to set |
3031 |
- the correct hardware parameter settings */ |
3032 |
-- runtime->status->state = SNDRV_PCM_STATE_OPEN; |
3033 |
-+ snd_pcm_set_state(substream, SNDRV_PCM_STATE_OPEN); |
3034 |
- if (substream->ops->hw_free != NULL) |
3035 |
- substream->ops->hw_free(substream); |
3036 |
- return err; |
3037 |
-@@ -512,7 +520,7 @@ static int snd_pcm_hw_free(struct snd_pcm_substream *substream) |
3038 |
- return -EBADFD; |
3039 |
- if (substream->ops->hw_free) |
3040 |
- result = substream->ops->hw_free(substream); |
3041 |
-- runtime->status->state = SNDRV_PCM_STATE_OPEN; |
3042 |
-+ snd_pcm_set_state(substream, SNDRV_PCM_STATE_OPEN); |
3043 |
- pm_qos_remove_request(&substream->latency_pm_qos_req); |
3044 |
- return result; |
3045 |
- } |
3046 |
-@@ -1320,7 +1328,7 @@ static void snd_pcm_post_prepare(struct snd_pcm_substream *substream, int state) |
3047 |
- { |
3048 |
- struct snd_pcm_runtime *runtime = substream->runtime; |
3049 |
- runtime->control->appl_ptr = runtime->status->hw_ptr; |
3050 |
-- runtime->status->state = SNDRV_PCM_STATE_PREPARED; |
3051 |
-+ snd_pcm_set_state(substream, SNDRV_PCM_STATE_PREPARED); |
3052 |
- } |
3053 |
- |
3054 |
- static struct action_ops snd_pcm_action_prepare = { |
3055 |
-@@ -1510,6 +1518,10 @@ static int snd_pcm_drain(struct snd_pcm_substream *substream, |
3056 |
- down_read(&snd_pcm_link_rwsem); |
3057 |
- snd_pcm_stream_lock_irq(substream); |
3058 |
- remove_wait_queue(&to_check->sleep, &wait); |
3059 |
-+ if (card->shutdown) { |
3060 |
-+ result = -ENODEV; |
3061 |
-+ break; |
3062 |
-+ } |
3063 |
- if (tout == 0) { |
3064 |
- if (substream->runtime->status->state == SNDRV_PCM_STATE_SUSPENDED) |
3065 |
- result = -ESTRPIPE; |
3066 |
-@@ -1633,6 +1645,7 @@ static int snd_pcm_link(struct snd_pcm_substream *substream, int fd) |
3067 |
- write_unlock_irq(&snd_pcm_link_rwlock); |
3068 |
- up_write(&snd_pcm_link_rwsem); |
3069 |
- _nolock: |
3070 |
-+ snd_card_unref(substream1->pcm->card); |
3071 |
- fput(file); |
3072 |
- if (res < 0) |
3073 |
- kfree(group); |
3074 |
-@@ -2107,7 +2120,10 @@ static int snd_pcm_playback_open(struct inode *inode, struct file *file) |
3075 |
- return err; |
3076 |
- pcm = snd_lookup_minor_data(iminor(inode), |
3077 |
- SNDRV_DEVICE_TYPE_PCM_PLAYBACK); |
3078 |
-- return snd_pcm_open(file, pcm, SNDRV_PCM_STREAM_PLAYBACK); |
3079 |
-+ err = snd_pcm_open(file, pcm, SNDRV_PCM_STREAM_PLAYBACK); |
3080 |
-+ if (pcm) |
3081 |
-+ snd_card_unref(pcm->card); |
3082 |
-+ return err; |
3083 |
- } |
3084 |
- |
3085 |
- static int snd_pcm_capture_open(struct inode *inode, struct file *file) |
3086 |
-@@ -2118,7 +2134,10 @@ static int snd_pcm_capture_open(struct inode *inode, struct file *file) |
3087 |
- return err; |
3088 |
- pcm = snd_lookup_minor_data(iminor(inode), |
3089 |
- SNDRV_DEVICE_TYPE_PCM_CAPTURE); |
3090 |
-- return snd_pcm_open(file, pcm, SNDRV_PCM_STREAM_CAPTURE); |
3091 |
-+ err = snd_pcm_open(file, pcm, SNDRV_PCM_STREAM_CAPTURE); |
3092 |
-+ if (pcm) |
3093 |
-+ snd_card_unref(pcm->card); |
3094 |
-+ return err; |
3095 |
- } |
3096 |
- |
3097 |
- static int snd_pcm_open(struct file *file, struct snd_pcm *pcm, int stream) |
3098 |
-@@ -2155,6 +2174,10 @@ static int snd_pcm_open(struct file *file, struct snd_pcm *pcm, int stream) |
3099 |
- mutex_unlock(&pcm->open_mutex); |
3100 |
- schedule(); |
3101 |
- mutex_lock(&pcm->open_mutex); |
3102 |
-+ if (pcm->card->shutdown) { |
3103 |
-+ err = -ENODEV; |
3104 |
-+ break; |
3105 |
-+ } |
3106 |
- if (signal_pending(current)) { |
3107 |
- err = -ERESTARTSYS; |
3108 |
- break; |
3109 |
-diff --git a/sound/core/rawmidi.c b/sound/core/rawmidi.c |
3110 |
-index ebf6e49..1bb95ae 100644 |
3111 |
---- a/sound/core/rawmidi.c |
3112 |
-+++ b/sound/core/rawmidi.c |
3113 |
-@@ -379,8 +379,10 @@ static int snd_rawmidi_open(struct inode *inode, struct file *file) |
3114 |
- if (rmidi == NULL) |
3115 |
- return -ENODEV; |
3116 |
- |
3117 |
-- if (!try_module_get(rmidi->card->module)) |
3118 |
-+ if (!try_module_get(rmidi->card->module)) { |
3119 |
-+ snd_card_unref(rmidi->card); |
3120 |
- return -ENXIO; |
3121 |
-+ } |
3122 |
- |
3123 |
- mutex_lock(&rmidi->open_mutex); |
3124 |
- card = rmidi->card; |
3125 |
-@@ -422,6 +424,10 @@ static int snd_rawmidi_open(struct inode *inode, struct file *file) |
3126 |
- mutex_unlock(&rmidi->open_mutex); |
3127 |
- schedule(); |
3128 |
- mutex_lock(&rmidi->open_mutex); |
3129 |
-+ if (rmidi->card->shutdown) { |
3130 |
-+ err = -ENODEV; |
3131 |
-+ break; |
3132 |
-+ } |
3133 |
- if (signal_pending(current)) { |
3134 |
- err = -ERESTARTSYS; |
3135 |
- break; |
3136 |
-@@ -440,6 +446,7 @@ static int snd_rawmidi_open(struct inode *inode, struct file *file) |
3137 |
- #endif |
3138 |
- file->private_data = rawmidi_file; |
3139 |
- mutex_unlock(&rmidi->open_mutex); |
3140 |
-+ snd_card_unref(rmidi->card); |
3141 |
- return 0; |
3142 |
- |
3143 |
- __error: |
3144 |
-@@ -447,6 +454,7 @@ static int snd_rawmidi_open(struct inode *inode, struct file *file) |
3145 |
- __error_card: |
3146 |
- mutex_unlock(&rmidi->open_mutex); |
3147 |
- module_put(rmidi->card->module); |
3148 |
-+ snd_card_unref(rmidi->card); |
3149 |
- return err; |
3150 |
- } |
3151 |
- |
3152 |
-@@ -991,6 +999,8 @@ static ssize_t snd_rawmidi_read(struct file *file, char __user *buf, size_t coun |
3153 |
- spin_unlock_irq(&runtime->lock); |
3154 |
- schedule(); |
3155 |
- remove_wait_queue(&runtime->sleep, &wait); |
3156 |
-+ if (rfile->rmidi->card->shutdown) |
3157 |
-+ return -ENODEV; |
3158 |
- if (signal_pending(current)) |
3159 |
- return result > 0 ? result : -ERESTARTSYS; |
3160 |
- if (!runtime->avail) |
3161 |
-@@ -1234,6 +1244,8 @@ static ssize_t snd_rawmidi_write(struct file *file, const char __user *buf, |
3162 |
- spin_unlock_irq(&runtime->lock); |
3163 |
- timeout = schedule_timeout(30 * HZ); |
3164 |
- remove_wait_queue(&runtime->sleep, &wait); |
3165 |
-+ if (rfile->rmidi->card->shutdown) |
3166 |
-+ return -ENODEV; |
3167 |
- if (signal_pending(current)) |
3168 |
- return result > 0 ? result : -ERESTARTSYS; |
3169 |
- if (!runtime->avail && !timeout) |
3170 |
-@@ -1609,9 +1621,20 @@ static int snd_rawmidi_dev_register(struct snd_device *device) |
3171 |
- static int snd_rawmidi_dev_disconnect(struct snd_device *device) |
3172 |
- { |
3173 |
- struct snd_rawmidi *rmidi = device->device_data; |
3174 |
-+ int dir; |
3175 |
- |
3176 |
- mutex_lock(®ister_mutex); |
3177 |
-+ mutex_lock(&rmidi->open_mutex); |
3178 |
-+ wake_up(&rmidi->open_wait); |
3179 |
- list_del_init(&rmidi->list); |
3180 |
-+ for (dir = 0; dir < 2; dir++) { |
3181 |
-+ struct snd_rawmidi_substream *s; |
3182 |
-+ list_for_each_entry(s, &rmidi->streams[dir].substreams, list) { |
3183 |
-+ if (s->runtime) |
3184 |
-+ wake_up(&s->runtime->sleep); |
3185 |
-+ } |
3186 |
-+ } |
3187 |
-+ |
3188 |
- #ifdef CONFIG_SND_OSSEMUL |
3189 |
- if (rmidi->ossreg) { |
3190 |
- if ((int)rmidi->device == midi_map[rmidi->card->number]) { |
3191 |
-@@ -1626,6 +1649,7 @@ static int snd_rawmidi_dev_disconnect(struct snd_device *device) |
3192 |
- } |
3193 |
- #endif /* CONFIG_SND_OSSEMUL */ |
3194 |
- snd_unregister_device(SNDRV_DEVICE_TYPE_RAWMIDI, rmidi->card, rmidi->device); |
3195 |
-+ mutex_unlock(&rmidi->open_mutex); |
3196 |
- mutex_unlock(®ister_mutex); |
3197 |
- return 0; |
3198 |
- } |
3199 |
-diff --git a/sound/core/sound.c b/sound/core/sound.c |
3200 |
-index 28f3559..3700d96 100644 |
3201 |
---- a/sound/core/sound.c |
3202 |
-+++ b/sound/core/sound.c |
3203 |
-@@ -99,6 +99,10 @@ static void snd_request_other(int minor) |
3204 |
- * |
3205 |
- * Checks that a minor device with the specified type is registered, and returns |
3206 |
- * its user data pointer. |
3207 |
-+ * |
3208 |
-+ * This function increments the reference counter of the card instance |
3209 |
-+ * if an associated instance with the given minor number and type is found. |
3210 |
-+ * The caller must call snd_card_unref() appropriately later. |
3211 |
- */ |
3212 |
- void *snd_lookup_minor_data(unsigned int minor, int type) |
3213 |
- { |
3214 |
-@@ -109,9 +113,11 @@ void *snd_lookup_minor_data(unsigned int minor, int type) |
3215 |
- return NULL; |
3216 |
- mutex_lock(&sound_mutex); |
3217 |
- mreg = snd_minors[minor]; |
3218 |
-- if (mreg && mreg->type == type) |
3219 |
-+ if (mreg && mreg->type == type) { |
3220 |
- private_data = mreg->private_data; |
3221 |
-- else |
3222 |
-+ if (private_data && mreg->card_ptr) |
3223 |
-+ atomic_inc(&mreg->card_ptr->refcount); |
3224 |
-+ } else |
3225 |
- private_data = NULL; |
3226 |
- mutex_unlock(&sound_mutex); |
3227 |
- return private_data; |
3228 |
-@@ -276,6 +282,7 @@ int snd_register_device_for_dev(int type, struct snd_card *card, int dev, |
3229 |
- preg->device = dev; |
3230 |
- preg->f_ops = f_ops; |
3231 |
- preg->private_data = private_data; |
3232 |
-+ preg->card_ptr = card; |
3233 |
- mutex_lock(&sound_mutex); |
3234 |
- #ifdef CONFIG_SND_DYNAMIC_MINORS |
3235 |
- minor = snd_find_free_minor(type); |
3236 |
-diff --git a/sound/core/sound_oss.c b/sound/core/sound_oss.c |
3237 |
-index e952833..726a49a 100644 |
3238 |
---- a/sound/core/sound_oss.c |
3239 |
-+++ b/sound/core/sound_oss.c |
3240 |
-@@ -40,6 +40,9 @@ |
3241 |
- static struct snd_minor *snd_oss_minors[SNDRV_OSS_MINORS]; |
3242 |
- static DEFINE_MUTEX(sound_oss_mutex); |
3243 |
- |
3244 |
-+/* NOTE: This function increments the refcount of the associated card like |
3245 |
-+ * snd_lookup_minor_data(); the caller must call snd_card_unref() appropriately |
3246 |
-+ */ |
3247 |
- void *snd_lookup_oss_minor_data(unsigned int minor, int type) |
3248 |
- { |
3249 |
- struct snd_minor *mreg; |
3250 |
-@@ -49,9 +52,11 @@ void *snd_lookup_oss_minor_data(unsigned int minor, int type) |
3251 |
- return NULL; |
3252 |
- mutex_lock(&sound_oss_mutex); |
3253 |
- mreg = snd_oss_minors[minor]; |
3254 |
-- if (mreg && mreg->type == type) |
3255 |
-+ if (mreg && mreg->type == type) { |
3256 |
- private_data = mreg->private_data; |
3257 |
-- else |
3258 |
-+ if (private_data && mreg->card_ptr) |
3259 |
-+ atomic_inc(&mreg->card_ptr->refcount); |
3260 |
-+ } else |
3261 |
- private_data = NULL; |
3262 |
- mutex_unlock(&sound_oss_mutex); |
3263 |
- return private_data; |
3264 |
-@@ -123,6 +128,7 @@ int snd_register_oss_device(int type, struct snd_card *card, int dev, |
3265 |
- preg->device = dev; |
3266 |
- preg->f_ops = f_ops; |
3267 |
- preg->private_data = private_data; |
3268 |
-+ preg->card_ptr = card; |
3269 |
- mutex_lock(&sound_oss_mutex); |
3270 |
- snd_oss_minors[minor] = preg; |
3271 |
- minor_unit = SNDRV_MINOR_OSS_DEVICE(minor); |
3272 |
-diff --git a/sound/usb/card.c b/sound/usb/card.c |
3273 |
-index 4a469f0..b3f5ad4 100644 |
3274 |
---- a/sound/usb/card.c |
3275 |
-+++ b/sound/usb/card.c |
3276 |
-@@ -339,7 +339,7 @@ static int snd_usb_audio_create(struct usb_device *dev, int idx, |
3277 |
- } |
3278 |
- |
3279 |
- mutex_init(&chip->mutex); |
3280 |
-- mutex_init(&chip->shutdown_mutex); |
3281 |
-+ init_rwsem(&chip->shutdown_rwsem); |
3282 |
- chip->index = idx; |
3283 |
- chip->dev = dev; |
3284 |
- chip->card = card; |
3285 |
-@@ -559,9 +559,11 @@ static void snd_usb_audio_disconnect(struct usb_device *dev, |
3286 |
- return; |
3287 |
- |
3288 |
- card = chip->card; |
3289 |
-- mutex_lock(®ister_mutex); |
3290 |
-- mutex_lock(&chip->shutdown_mutex); |
3291 |
-+ down_write(&chip->shutdown_rwsem); |
3292 |
- chip->shutdown = 1; |
3293 |
-+ up_write(&chip->shutdown_rwsem); |
3294 |
-+ |
3295 |
-+ mutex_lock(®ister_mutex); |
3296 |
- chip->num_interfaces--; |
3297 |
- if (chip->num_interfaces <= 0) { |
3298 |
- snd_card_disconnect(card); |
3299 |
-@@ -582,11 +584,9 @@ static void snd_usb_audio_disconnect(struct usb_device *dev, |
3300 |
- snd_usb_mixer_disconnect(p); |
3301 |
- } |
3302 |
- usb_chip[chip->index] = NULL; |
3303 |
-- mutex_unlock(&chip->shutdown_mutex); |
3304 |
- mutex_unlock(®ister_mutex); |
3305 |
- snd_card_free_when_closed(card); |
3306 |
- } else { |
3307 |
-- mutex_unlock(&chip->shutdown_mutex); |
3308 |
- mutex_unlock(®ister_mutex); |
3309 |
- } |
3310 |
- } |
3311 |
-@@ -618,16 +618,20 @@ int snd_usb_autoresume(struct snd_usb_audio *chip) |
3312 |
- { |
3313 |
- int err = -ENODEV; |
3314 |
- |
3315 |
-+ down_read(&chip->shutdown_rwsem); |
3316 |
- if (!chip->shutdown && !chip->probing) |
3317 |
- err = usb_autopm_get_interface(chip->pm_intf); |
3318 |
-+ up_read(&chip->shutdown_rwsem); |
3319 |
- |
3320 |
- return err; |
3321 |
- } |
3322 |
- |
3323 |
- void snd_usb_autosuspend(struct snd_usb_audio *chip) |
3324 |
- { |
3325 |
-+ down_read(&chip->shutdown_rwsem); |
3326 |
- if (!chip->shutdown && !chip->probing) |
3327 |
- usb_autopm_put_interface(chip->pm_intf); |
3328 |
-+ up_read(&chip->shutdown_rwsem); |
3329 |
- } |
3330 |
- |
3331 |
- static int usb_audio_suspend(struct usb_interface *intf, pm_message_t message) |
3332 |
-diff --git a/sound/usb/card.h b/sound/usb/card.h |
3333 |
-index d9d2b5a..6e262c5 100644 |
3334 |
---- a/sound/usb/card.h |
3335 |
-+++ b/sound/usb/card.h |
3336 |
-@@ -125,6 +125,7 @@ struct snd_usb_substream { |
3337 |
- struct snd_usb_endpoint *data_endpoint; |
3338 |
- struct snd_usb_endpoint *sync_endpoint; |
3339 |
- unsigned long flags; |
3340 |
-+ unsigned int speed; /* USB_SPEED_XXX */ |
3341 |
- |
3342 |
- u64 formats; /* format bitmasks (all or'ed) */ |
3343 |
- unsigned int num_formats; /* number of supported audio formats (list) */ |
3344 |
-diff --git a/sound/usb/mixer.c b/sound/usb/mixer.c |
3345 |
-index fe56c9d..298070e 100644 |
3346 |
---- a/sound/usb/mixer.c |
3347 |
-+++ b/sound/usb/mixer.c |
3348 |
-@@ -287,25 +287,32 @@ static int get_ctl_value_v1(struct usb_mixer_elem_info *cval, int request, int v |
3349 |
- unsigned char buf[2]; |
3350 |
- int val_len = cval->val_type >= USB_MIXER_S16 ? 2 : 1; |
3351 |
- int timeout = 10; |
3352 |
-- int err; |
3353 |
-+ int idx = 0, err; |
3354 |
- |
3355 |
- err = snd_usb_autoresume(cval->mixer->chip); |
3356 |
- if (err < 0) |
3357 |
- return -EIO; |
3358 |
-+ down_read(&chip->shutdown_rwsem); |
3359 |
- while (timeout-- > 0) { |
3360 |
-+ if (chip->shutdown) |
3361 |
-+ break; |
3362 |
-+ idx = snd_usb_ctrl_intf(chip) | (cval->id << 8); |
3363 |
- if (snd_usb_ctl_msg(chip->dev, usb_rcvctrlpipe(chip->dev, 0), request, |
3364 |
- USB_RECIP_INTERFACE | USB_TYPE_CLASS | USB_DIR_IN, |
3365 |
-- validx, snd_usb_ctrl_intf(chip) | (cval->id << 8), |
3366 |
-- buf, val_len) >= val_len) { |
3367 |
-+ validx, idx, buf, val_len) >= val_len) { |
3368 |
- *value_ret = convert_signed_value(cval, snd_usb_combine_bytes(buf, val_len)); |
3369 |
-- snd_usb_autosuspend(cval->mixer->chip); |
3370 |
-- return 0; |
3371 |
-+ err = 0; |
3372 |
-+ goto out; |
3373 |
- } |
3374 |
- } |
3375 |
-- snd_usb_autosuspend(cval->mixer->chip); |
3376 |
- snd_printdd(KERN_ERR "cannot get ctl value: req = %#x, wValue = %#x, wIndex = %#x, type = %d\n", |
3377 |
-- request, validx, snd_usb_ctrl_intf(chip) | (cval->id << 8), cval->val_type); |
3378 |
-- return -EINVAL; |
3379 |
-+ request, validx, idx, cval->val_type); |
3380 |
-+ err = -EINVAL; |
3381 |
-+ |
3382 |
-+ out: |
3383 |
-+ up_read(&chip->shutdown_rwsem); |
3384 |
-+ snd_usb_autosuspend(cval->mixer->chip); |
3385 |
-+ return err; |
3386 |
- } |
3387 |
- |
3388 |
- static int get_ctl_value_v2(struct usb_mixer_elem_info *cval, int request, int validx, int *value_ret) |
3389 |
-@@ -313,7 +320,7 @@ static int get_ctl_value_v2(struct usb_mixer_elem_info *cval, int request, int v |
3390 |
- struct snd_usb_audio *chip = cval->mixer->chip; |
3391 |
- unsigned char buf[2 + 3*sizeof(__u16)]; /* enough space for one range */ |
3392 |
- unsigned char *val; |
3393 |
-- int ret, size; |
3394 |
-+ int idx = 0, ret, size; |
3395 |
- __u8 bRequest; |
3396 |
- |
3397 |
- if (request == UAC_GET_CUR) { |
3398 |
-@@ -330,16 +337,22 @@ static int get_ctl_value_v2(struct usb_mixer_elem_info *cval, int request, int v |
3399 |
- if (ret) |
3400 |
- goto error; |
3401 |
- |
3402 |
-- ret = snd_usb_ctl_msg(chip->dev, usb_rcvctrlpipe(chip->dev, 0), bRequest, |
3403 |
-+ down_read(&chip->shutdown_rwsem); |
3404 |
-+ if (chip->shutdown) |
3405 |
-+ ret = -ENODEV; |
3406 |
-+ else { |
3407 |
-+ idx = snd_usb_ctrl_intf(chip) | (cval->id << 8); |
3408 |
-+ ret = snd_usb_ctl_msg(chip->dev, usb_rcvctrlpipe(chip->dev, 0), bRequest, |
3409 |
- USB_RECIP_INTERFACE | USB_TYPE_CLASS | USB_DIR_IN, |
3410 |
-- validx, snd_usb_ctrl_intf(chip) | (cval->id << 8), |
3411 |
-- buf, size); |
3412 |
-+ validx, idx, buf, size); |
3413 |
-+ } |
3414 |
-+ up_read(&chip->shutdown_rwsem); |
3415 |
- snd_usb_autosuspend(chip); |
3416 |
- |
3417 |
- if (ret < 0) { |
3418 |
- error: |
3419 |
- snd_printk(KERN_ERR "cannot get ctl value: req = %#x, wValue = %#x, wIndex = %#x, type = %d\n", |
3420 |
-- request, validx, snd_usb_ctrl_intf(chip) | (cval->id << 8), cval->val_type); |
3421 |
-+ request, validx, idx, cval->val_type); |
3422 |
- return ret; |
3423 |
- } |
3424 |
- |
3425 |
-@@ -417,7 +430,7 @@ int snd_usb_mixer_set_ctl_value(struct usb_mixer_elem_info *cval, |
3426 |
- { |
3427 |
- struct snd_usb_audio *chip = cval->mixer->chip; |
3428 |
- unsigned char buf[2]; |
3429 |
-- int val_len, err, timeout = 10; |
3430 |
-+ int idx = 0, val_len, err, timeout = 10; |
3431 |
- |
3432 |
- if (cval->mixer->protocol == UAC_VERSION_1) { |
3433 |
- val_len = cval->val_type >= USB_MIXER_S16 ? 2 : 1; |
3434 |
-@@ -440,19 +453,27 @@ int snd_usb_mixer_set_ctl_value(struct usb_mixer_elem_info *cval, |
3435 |
- err = snd_usb_autoresume(chip); |
3436 |
- if (err < 0) |
3437 |
- return -EIO; |
3438 |
-- while (timeout-- > 0) |
3439 |
-+ down_read(&chip->shutdown_rwsem); |
3440 |
-+ while (timeout-- > 0) { |
3441 |
-+ if (chip->shutdown) |
3442 |
-+ break; |
3443 |
-+ idx = snd_usb_ctrl_intf(chip) | (cval->id << 8); |
3444 |
- if (snd_usb_ctl_msg(chip->dev, |
3445 |
- usb_sndctrlpipe(chip->dev, 0), request, |
3446 |
- USB_RECIP_INTERFACE | USB_TYPE_CLASS | USB_DIR_OUT, |
3447 |
-- validx, snd_usb_ctrl_intf(chip) | (cval->id << 8), |
3448 |
-- buf, val_len) >= 0) { |
3449 |
-- snd_usb_autosuspend(chip); |
3450 |
-- return 0; |
3451 |
-+ validx, idx, buf, val_len) >= 0) { |
3452 |
-+ err = 0; |
3453 |
-+ goto out; |
3454 |
- } |
3455 |
-- snd_usb_autosuspend(chip); |
3456 |
-+ } |
3457 |
- snd_printdd(KERN_ERR "cannot set ctl value: req = %#x, wValue = %#x, wIndex = %#x, type = %d, data = %#x/%#x\n", |
3458 |
-- request, validx, snd_usb_ctrl_intf(chip) | (cval->id << 8), cval->val_type, buf[0], buf[1]); |
3459 |
-- return -EINVAL; |
3460 |
-+ request, validx, idx, cval->val_type, buf[0], buf[1]); |
3461 |
-+ err = -EINVAL; |
3462 |
-+ |
3463 |
-+ out: |
3464 |
-+ up_read(&chip->shutdown_rwsem); |
3465 |
-+ snd_usb_autosuspend(chip); |
3466 |
-+ return err; |
3467 |
- } |
3468 |
- |
3469 |
- static int set_cur_ctl_value(struct usb_mixer_elem_info *cval, int validx, int value) |
3470 |
-diff --git a/sound/usb/mixer_quirks.c b/sound/usb/mixer_quirks.c |
3471 |
-index 690000d..ae2b714 100644 |
3472 |
---- a/sound/usb/mixer_quirks.c |
3473 |
-+++ b/sound/usb/mixer_quirks.c |
3474 |
-@@ -283,6 +283,11 @@ static int snd_audigy2nx_led_put(struct snd_kcontrol *kcontrol, struct snd_ctl_e |
3475 |
- if (value > 1) |
3476 |
- return -EINVAL; |
3477 |
- changed = value != mixer->audigy2nx_leds[index]; |
3478 |
-+ down_read(&mixer->chip->shutdown_rwsem); |
3479 |
-+ if (mixer->chip->shutdown) { |
3480 |
-+ err = -ENODEV; |
3481 |
-+ goto out; |
3482 |
-+ } |
3483 |
- if (mixer->chip->usb_id == USB_ID(0x041e, 0x3042)) |
3484 |
- err = snd_usb_ctl_msg(mixer->chip->dev, |
3485 |
- usb_sndctrlpipe(mixer->chip->dev, 0), 0x24, |
3486 |
-@@ -299,6 +304,8 @@ static int snd_audigy2nx_led_put(struct snd_kcontrol *kcontrol, struct snd_ctl_e |
3487 |
- usb_sndctrlpipe(mixer->chip->dev, 0), 0x24, |
3488 |
- USB_DIR_OUT | USB_TYPE_VENDOR | USB_RECIP_OTHER, |
3489 |
- value, index + 2, NULL, 0); |
3490 |
-+ out: |
3491 |
-+ up_read(&mixer->chip->shutdown_rwsem); |
3492 |
- if (err < 0) |
3493 |
- return err; |
3494 |
- mixer->audigy2nx_leds[index] = value; |
3495 |
-@@ -392,11 +399,16 @@ static void snd_audigy2nx_proc_read(struct snd_info_entry *entry, |
3496 |
- |
3497 |
- for (i = 0; jacks[i].name; ++i) { |
3498 |
- snd_iprintf(buffer, "%s: ", jacks[i].name); |
3499 |
-- err = snd_usb_ctl_msg(mixer->chip->dev, |
3500 |
-+ down_read(&mixer->chip->shutdown_rwsem); |
3501 |
-+ if (mixer->chip->shutdown) |
3502 |
-+ err = 0; |
3503 |
-+ else |
3504 |
-+ err = snd_usb_ctl_msg(mixer->chip->dev, |
3505 |
- usb_rcvctrlpipe(mixer->chip->dev, 0), |
3506 |
- UAC_GET_MEM, USB_DIR_IN | USB_TYPE_CLASS | |
3507 |
- USB_RECIP_INTERFACE, 0, |
3508 |
- jacks[i].unitid << 8, buf, 3); |
3509 |
-+ up_read(&mixer->chip->shutdown_rwsem); |
3510 |
- if (err == 3 && (buf[0] == 3 || buf[0] == 6)) |
3511 |
- snd_iprintf(buffer, "%02x %02x\n", buf[1], buf[2]); |
3512 |
- else |
3513 |
-@@ -426,10 +438,15 @@ static int snd_xonar_u1_switch_put(struct snd_kcontrol *kcontrol, |
3514 |
- else |
3515 |
- new_status = old_status & ~0x02; |
3516 |
- changed = new_status != old_status; |
3517 |
-- err = snd_usb_ctl_msg(mixer->chip->dev, |
3518 |
-+ down_read(&mixer->chip->shutdown_rwsem); |
3519 |
-+ if (mixer->chip->shutdown) |
3520 |
-+ err = -ENODEV; |
3521 |
-+ else |
3522 |
-+ err = snd_usb_ctl_msg(mixer->chip->dev, |
3523 |
- usb_sndctrlpipe(mixer->chip->dev, 0), 0x08, |
3524 |
- USB_DIR_OUT | USB_TYPE_VENDOR | USB_RECIP_OTHER, |
3525 |
- 50, 0, &new_status, 1); |
3526 |
-+ up_read(&mixer->chip->shutdown_rwsem); |
3527 |
- if (err < 0) |
3528 |
- return err; |
3529 |
- mixer->xonar_u1_status = new_status; |
3530 |
-@@ -468,11 +485,17 @@ static int snd_nativeinstruments_control_get(struct snd_kcontrol *kcontrol, |
3531 |
- u8 bRequest = (kcontrol->private_value >> 16) & 0xff; |
3532 |
- u16 wIndex = kcontrol->private_value & 0xffff; |
3533 |
- u8 tmp; |
3534 |
-+ int ret; |
3535 |
- |
3536 |
-- int ret = usb_control_msg(dev, usb_rcvctrlpipe(dev, 0), bRequest, |
3537 |
-+ down_read(&mixer->chip->shutdown_rwsem); |
3538 |
-+ if (mixer->chip->shutdown) |
3539 |
-+ ret = -ENODEV; |
3540 |
-+ else |
3541 |
-+ ret = usb_control_msg(dev, usb_rcvctrlpipe(dev, 0), bRequest, |
3542 |
- USB_TYPE_VENDOR | USB_RECIP_DEVICE | USB_DIR_IN, |
3543 |
- 0, cpu_to_le16(wIndex), |
3544 |
- &tmp, sizeof(tmp), 1000); |
3545 |
-+ up_read(&mixer->chip->shutdown_rwsem); |
3546 |
- |
3547 |
- if (ret < 0) { |
3548 |
- snd_printk(KERN_ERR |
3549 |
-@@ -493,11 +516,17 @@ static int snd_nativeinstruments_control_put(struct snd_kcontrol *kcontrol, |
3550 |
- u8 bRequest = (kcontrol->private_value >> 16) & 0xff; |
3551 |
- u16 wIndex = kcontrol->private_value & 0xffff; |
3552 |
- u16 wValue = ucontrol->value.integer.value[0]; |
3553 |
-+ int ret; |
3554 |
- |
3555 |
-- int ret = usb_control_msg(dev, usb_sndctrlpipe(dev, 0), bRequest, |
3556 |
-+ down_read(&mixer->chip->shutdown_rwsem); |
3557 |
-+ if (mixer->chip->shutdown) |
3558 |
-+ ret = -ENODEV; |
3559 |
-+ else |
3560 |
-+ ret = usb_control_msg(dev, usb_sndctrlpipe(dev, 0), bRequest, |
3561 |
- USB_TYPE_VENDOR | USB_RECIP_DEVICE | USB_DIR_OUT, |
3562 |
- cpu_to_le16(wValue), cpu_to_le16(wIndex), |
3563 |
- NULL, 0, 1000); |
3564 |
-+ up_read(&mixer->chip->shutdown_rwsem); |
3565 |
- |
3566 |
- if (ret < 0) { |
3567 |
- snd_printk(KERN_ERR |
3568 |
-@@ -656,11 +685,16 @@ static int snd_ftu_eff_switch_get(struct snd_kcontrol *kctl, |
3569 |
- return -EINVAL; |
3570 |
- |
3571 |
- |
3572 |
-- err = snd_usb_ctl_msg(chip->dev, |
3573 |
-+ down_read(&mixer->chip->shutdown_rwsem); |
3574 |
-+ if (mixer->chip->shutdown) |
3575 |
-+ err = -ENODEV; |
3576 |
-+ else |
3577 |
-+ err = snd_usb_ctl_msg(chip->dev, |
3578 |
- usb_rcvctrlpipe(chip->dev, 0), UAC_GET_CUR, |
3579 |
- USB_RECIP_INTERFACE | USB_TYPE_CLASS | USB_DIR_IN, |
3580 |
- validx << 8, snd_usb_ctrl_intf(chip) | (id << 8), |
3581 |
- value, val_len); |
3582 |
-+ up_read(&mixer->chip->shutdown_rwsem); |
3583 |
- if (err < 0) |
3584 |
- return err; |
3585 |
- |
3586 |
-@@ -703,11 +737,16 @@ static int snd_ftu_eff_switch_put(struct snd_kcontrol *kctl, |
3587 |
- |
3588 |
- if (!pval->is_cached) { |
3589 |
- /* Read current value */ |
3590 |
-- err = snd_usb_ctl_msg(chip->dev, |
3591 |
-+ down_read(&mixer->chip->shutdown_rwsem); |
3592 |
-+ if (mixer->chip->shutdown) |
3593 |
-+ err = -ENODEV; |
3594 |
-+ else |
3595 |
-+ err = snd_usb_ctl_msg(chip->dev, |
3596 |
- usb_rcvctrlpipe(chip->dev, 0), UAC_GET_CUR, |
3597 |
- USB_RECIP_INTERFACE | USB_TYPE_CLASS | USB_DIR_IN, |
3598 |
- validx << 8, snd_usb_ctrl_intf(chip) | (id << 8), |
3599 |
- value, val_len); |
3600 |
-+ up_read(&mixer->chip->shutdown_rwsem); |
3601 |
- if (err < 0) |
3602 |
- return err; |
3603 |
- |
3604 |
-@@ -719,11 +758,16 @@ static int snd_ftu_eff_switch_put(struct snd_kcontrol *kctl, |
3605 |
- if (cur_val != new_val) { |
3606 |
- value[0] = new_val; |
3607 |
- value[1] = 0; |
3608 |
-- err = snd_usb_ctl_msg(chip->dev, |
3609 |
-+ down_read(&mixer->chip->shutdown_rwsem); |
3610 |
-+ if (mixer->chip->shutdown) |
3611 |
-+ err = -ENODEV; |
3612 |
-+ else |
3613 |
-+ err = snd_usb_ctl_msg(chip->dev, |
3614 |
- usb_sndctrlpipe(chip->dev, 0), UAC_SET_CUR, |
3615 |
- USB_RECIP_INTERFACE | USB_TYPE_CLASS | USB_DIR_OUT, |
3616 |
- validx << 8, snd_usb_ctrl_intf(chip) | (id << 8), |
3617 |
- value, val_len); |
3618 |
-+ up_read(&mixer->chip->shutdown_rwsem); |
3619 |
- if (err < 0) |
3620 |
- return err; |
3621 |
- |
3622 |
-diff --git a/sound/usb/pcm.c b/sound/usb/pcm.c |
3623 |
-index f782ce1..ee3c15c 100644 |
3624 |
---- a/sound/usb/pcm.c |
3625 |
-+++ b/sound/usb/pcm.c |
3626 |
-@@ -71,6 +71,8 @@ static snd_pcm_uframes_t snd_usb_pcm_pointer(struct snd_pcm_substream *substream |
3627 |
- unsigned int hwptr_done; |
3628 |
- |
3629 |
- subs = (struct snd_usb_substream *)substream->runtime->private_data; |
3630 |
-+ if (subs->stream->chip->shutdown) |
3631 |
-+ return SNDRV_PCM_POS_XRUN; |
3632 |
- spin_lock(&subs->lock); |
3633 |
- hwptr_done = subs->hwptr_done; |
3634 |
- substream->runtime->delay = snd_usb_pcm_delay(subs, |
3635 |
-@@ -471,8 +473,14 @@ static int snd_usb_hw_params(struct snd_pcm_substream *substream, |
3636 |
- changed = subs->cur_audiofmt != fmt || |
3637 |
- subs->period_bytes != params_period_bytes(hw_params) || |
3638 |
- subs->cur_rate != rate; |
3639 |
-+ |
3640 |
-+ down_read(&subs->stream->chip->shutdown_rwsem); |
3641 |
-+ if (subs->stream->chip->shutdown) { |
3642 |
-+ ret = -ENODEV; |
3643 |
-+ goto unlock; |
3644 |
-+ } |
3645 |
- if ((ret = set_format(subs, fmt)) < 0) |
3646 |
-- return ret; |
3647 |
-+ goto unlock; |
3648 |
- |
3649 |
- if (subs->cur_rate != rate) { |
3650 |
- struct usb_host_interface *alts; |
3651 |
-@@ -481,12 +489,11 @@ static int snd_usb_hw_params(struct snd_pcm_substream *substream, |
3652 |
- alts = &iface->altsetting[fmt->altset_idx]; |
3653 |
- ret = snd_usb_init_sample_rate(subs->stream->chip, fmt->iface, alts, fmt, rate); |
3654 |
- if (ret < 0) |
3655 |
-- return ret; |
3656 |
-+ goto unlock; |
3657 |
- subs->cur_rate = rate; |
3658 |
- } |
3659 |
- |
3660 |
- if (changed) { |
3661 |
-- mutex_lock(&subs->stream->chip->shutdown_mutex); |
3662 |
- /* format changed */ |
3663 |
- stop_endpoints(subs, 0, 0, 0); |
3664 |
- ret = snd_usb_endpoint_set_params(subs->data_endpoint, hw_params, fmt, |
3665 |
-@@ -497,8 +504,6 @@ static int snd_usb_hw_params(struct snd_pcm_substream *substream, |
3666 |
- if (subs->sync_endpoint) |
3667 |
- ret = snd_usb_endpoint_set_params(subs->sync_endpoint, |
3668 |
- hw_params, fmt, NULL); |
3669 |
--unlock: |
3670 |
-- mutex_unlock(&subs->stream->chip->shutdown_mutex); |
3671 |
- } |
3672 |
- |
3673 |
- if (ret == 0) { |
3674 |
-@@ -506,6 +511,8 @@ unlock: |
3675 |
- subs->altset_idx = fmt->altset_idx; |
3676 |
- } |
3677 |
- |
3678 |
-+unlock: |
3679 |
-+ up_read(&subs->stream->chip->shutdown_rwsem); |
3680 |
- return ret; |
3681 |
- } |
3682 |
- |
3683 |
-@@ -521,10 +528,12 @@ static int snd_usb_hw_free(struct snd_pcm_substream *substream) |
3684 |
- subs->cur_audiofmt = NULL; |
3685 |
- subs->cur_rate = 0; |
3686 |
- subs->period_bytes = 0; |
3687 |
-- mutex_lock(&subs->stream->chip->shutdown_mutex); |
3688 |
-- stop_endpoints(subs, 0, 1, 1); |
3689 |
-- deactivate_endpoints(subs); |
3690 |
-- mutex_unlock(&subs->stream->chip->shutdown_mutex); |
3691 |
-+ down_read(&subs->stream->chip->shutdown_rwsem); |
3692 |
-+ if (!subs->stream->chip->shutdown) { |
3693 |
-+ stop_endpoints(subs, 0, 1, 1); |
3694 |
-+ deactivate_endpoints(subs); |
3695 |
-+ } |
3696 |
-+ up_read(&subs->stream->chip->shutdown_rwsem); |
3697 |
- return snd_pcm_lib_free_vmalloc_buffer(substream); |
3698 |
- } |
3699 |
- |
3700 |
-@@ -537,14 +546,22 @@ static int snd_usb_pcm_prepare(struct snd_pcm_substream *substream) |
3701 |
- { |
3702 |
- struct snd_pcm_runtime *runtime = substream->runtime; |
3703 |
- struct snd_usb_substream *subs = runtime->private_data; |
3704 |
-+ int ret = 0; |
3705 |
- |
3706 |
- if (! subs->cur_audiofmt) { |
3707 |
- snd_printk(KERN_ERR "usbaudio: no format is specified!\n"); |
3708 |
- return -ENXIO; |
3709 |
- } |
3710 |
- |
3711 |
-- if (snd_BUG_ON(!subs->data_endpoint)) |
3712 |
-- return -EIO; |
3713 |
-+ down_read(&subs->stream->chip->shutdown_rwsem); |
3714 |
-+ if (subs->stream->chip->shutdown) { |
3715 |
-+ ret = -ENODEV; |
3716 |
-+ goto unlock; |
3717 |
-+ } |
3718 |
-+ if (snd_BUG_ON(!subs->data_endpoint)) { |
3719 |
-+ ret = -EIO; |
3720 |
-+ goto unlock; |
3721 |
-+ } |
3722 |
- |
3723 |
- /* some unit conversions in runtime */ |
3724 |
- subs->data_endpoint->maxframesize = |
3725 |
-@@ -562,9 +579,11 @@ static int snd_usb_pcm_prepare(struct snd_pcm_substream *substream) |
3726 |
- /* for playback, submit the URBs now; otherwise, the first hwptr_done |
3727 |
- * updates for all URBs would happen at the same time when starting */ |
3728 |
- if (subs->direction == SNDRV_PCM_STREAM_PLAYBACK) |
3729 |
-- return start_endpoints(subs, 1); |
3730 |
-+ ret = start_endpoints(subs, 1); |
3731 |
- |
3732 |
-- return 0; |
3733 |
-+ unlock: |
3734 |
-+ up_read(&subs->stream->chip->shutdown_rwsem); |
3735 |
-+ return ret; |
3736 |
- } |
3737 |
- |
3738 |
- static struct snd_pcm_hardware snd_usb_hardware = |
3739 |
-@@ -617,7 +636,7 @@ static int hw_check_valid_format(struct snd_usb_substream *subs, |
3740 |
- return 0; |
3741 |
- } |
3742 |
- /* check whether the period time is >= the data packet interval */ |
3743 |
-- if (snd_usb_get_speed(subs->dev) != USB_SPEED_FULL) { |
3744 |
-+ if (subs->speed != USB_SPEED_FULL) { |
3745 |
- ptime = 125 * (1 << fp->datainterval); |
3746 |
- if (ptime > pt->max || (ptime == pt->max && pt->openmax)) { |
3747 |
- hwc_debug(" > check: ptime %u > max %u\n", ptime, pt->max); |
3748 |
-@@ -895,7 +914,7 @@ static int setup_hw_info(struct snd_pcm_runtime *runtime, struct snd_usb_substre |
3749 |
- return err; |
3750 |
- |
3751 |
- param_period_time_if_needed = SNDRV_PCM_HW_PARAM_PERIOD_TIME; |
3752 |
-- if (snd_usb_get_speed(subs->dev) == USB_SPEED_FULL) |
3753 |
-+ if (subs->speed == USB_SPEED_FULL) |
3754 |
- /* full speed devices have fixed data packet interval */ |
3755 |
- ptmin = 1000; |
3756 |
- if (ptmin == 1000) |
3757 |
-diff --git a/sound/usb/proc.c b/sound/usb/proc.c |
3758 |
-index ebc1a5b..d218f76 100644 |
3759 |
---- a/sound/usb/proc.c |
3760 |
-+++ b/sound/usb/proc.c |
3761 |
-@@ -108,7 +108,7 @@ static void proc_dump_substream_formats(struct snd_usb_substream *subs, struct s |
3762 |
- } |
3763 |
- snd_iprintf(buffer, "\n"); |
3764 |
- } |
3765 |
-- if (snd_usb_get_speed(subs->dev) != USB_SPEED_FULL) |
3766 |
-+ if (subs->speed != USB_SPEED_FULL) |
3767 |
- snd_iprintf(buffer, " Data packet interval: %d us\n", |
3768 |
- 125 * (1 << fp->datainterval)); |
3769 |
- // snd_iprintf(buffer, " Max Packet Size = %d\n", fp->maxpacksize); |
3770 |
-@@ -124,7 +124,7 @@ static void proc_dump_ep_status(struct snd_usb_substream *subs, |
3771 |
- return; |
3772 |
- snd_iprintf(buffer, " Packet Size = %d\n", ep->curpacksize); |
3773 |
- snd_iprintf(buffer, " Momentary freq = %u Hz (%#x.%04x)\n", |
3774 |
-- snd_usb_get_speed(subs->dev) == USB_SPEED_FULL |
3775 |
-+ subs->speed == USB_SPEED_FULL |
3776 |
- ? get_full_speed_hz(ep->freqm) |
3777 |
- : get_high_speed_hz(ep->freqm), |
3778 |
- ep->freqm >> 16, ep->freqm & 0xffff); |
3779 |
-diff --git a/sound/usb/stream.c b/sound/usb/stream.c |
3780 |
-index 083ed81..1de0c8c 100644 |
3781 |
---- a/sound/usb/stream.c |
3782 |
-+++ b/sound/usb/stream.c |
3783 |
-@@ -90,6 +90,7 @@ static void snd_usb_init_substream(struct snd_usb_stream *as, |
3784 |
- subs->direction = stream; |
3785 |
- subs->dev = as->chip->dev; |
3786 |
- subs->txfr_quirk = as->chip->txfr_quirk; |
3787 |
-+ subs->speed = snd_usb_get_speed(subs->dev); |
3788 |
- |
3789 |
- snd_usb_set_pcm_ops(as->pcm, stream); |
3790 |
- |
3791 |
-diff --git a/sound/usb/usbaudio.h b/sound/usb/usbaudio.h |
3792 |
-index b8233eb..ef42797 100644 |
3793 |
---- a/sound/usb/usbaudio.h |
3794 |
-+++ b/sound/usb/usbaudio.h |
3795 |
-@@ -37,7 +37,7 @@ struct snd_usb_audio { |
3796 |
- struct usb_interface *pm_intf; |
3797 |
- u32 usb_id; |
3798 |
- struct mutex mutex; |
3799 |
-- struct mutex shutdown_mutex; |
3800 |
-+ struct rw_semaphore shutdown_rwsem; |
3801 |
- unsigned int shutdown:1; |
3802 |
- unsigned int probing:1; |
3803 |
- unsigned int autosuspended:1; |
3804 |
|
3805 |
diff --git a/3.6.7/0000_README b/3.6.8/0000_README |
3806 |
similarity index 91% |
3807 |
rename from 3.6.7/0000_README |
3808 |
rename to 3.6.8/0000_README |
3809 |
index 05b1561..f24acf7 100644 |
3810 |
--- a/3.6.7/0000_README |
3811 |
+++ b/3.6.8/0000_README |
3812 |
@@ -2,11 +2,7 @@ README |
3813 |
----------------------------------------------------------------------------- |
3814 |
Individual Patch Descriptions: |
3815 |
----------------------------------------------------------------------------- |
3816 |
-Patch: 1006_linux-3.6.7.patch |
3817 |
-From: http://www.kernel.org |
3818 |
-Desc: Linux 3.6.7 |
3819 |
- |
3820 |
-Patch: 4420_grsecurity-2.9.1-3.6.7-201211221000.patch |
3821 |
+Patch: 4420_grsecurity-2.9.1-3.6.8-201211261714.patch |
3822 |
From: http://www.grsecurity.net |
3823 |
Desc: hardened-sources base patch from upstream grsecurity |
3824 |
|
3825 |
|
3826 |
diff --git a/3.6.7/4420_grsecurity-2.9.1-3.6.7-201211221000.patch b/3.6.8/4420_grsecurity-2.9.1-3.6.8-201211261714.patch |
3827 |
similarity index 99% |
3828 |
rename from 3.6.7/4420_grsecurity-2.9.1-3.6.7-201211221000.patch |
3829 |
rename to 3.6.8/4420_grsecurity-2.9.1-3.6.8-201211261714.patch |
3830 |
index cdc60ce..13615ed 100644 |
3831 |
--- a/3.6.7/4420_grsecurity-2.9.1-3.6.7-201211221000.patch |
3832 |
+++ b/3.6.8/4420_grsecurity-2.9.1-3.6.8-201211261714.patch |
3833 |
@@ -251,7 +251,7 @@ index ad7e2e5..199f49e 100644 |
3834 |
|
3835 |
pcd. [PARIDE] |
3836 |
diff --git a/Makefile b/Makefile |
3837 |
-index 07f2308..7271d99 100644 |
3838 |
+index c5cc2f0..6570abb 100644 |
3839 |
--- a/Makefile |
3840 |
+++ b/Makefile |
3841 |
@@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
3842 |
@@ -3470,6 +3470,30 @@ index 5e34ccf..672bc9c 100644 |
3843 |
|
3844 |
DEBUGP("register_unwind_table(), sect = %d at 0x%p - 0x%p (gp=0x%lx)\n", |
3845 |
me->arch.unwind_section, table, end, gp); |
3846 |
+diff --git a/arch/parisc/kernel/signal32.c b/arch/parisc/kernel/signal32.c |
3847 |
+index fd49aed..5dede04 100644 |
3848 |
+--- a/arch/parisc/kernel/signal32.c |
3849 |
++++ b/arch/parisc/kernel/signal32.c |
3850 |
+@@ -65,7 +65,8 @@ put_sigset32(compat_sigset_t __user *up, sigset_t *set, size_t sz) |
3851 |
+ { |
3852 |
+ compat_sigset_t s; |
3853 |
+ |
3854 |
+- if (sz != sizeof *set) panic("put_sigset32()"); |
3855 |
++ if (sz != sizeof *set) |
3856 |
++ return -EINVAL; |
3857 |
+ sigset_64to32(&s, set); |
3858 |
+ |
3859 |
+ return copy_to_user(up, &s, sizeof s); |
3860 |
+@@ -77,7 +78,8 @@ get_sigset32(compat_sigset_t __user *up, sigset_t *set, size_t sz) |
3861 |
+ compat_sigset_t s; |
3862 |
+ int r; |
3863 |
+ |
3864 |
+- if (sz != sizeof *set) panic("put_sigset32()"); |
3865 |
++ if (sz != sizeof *set) |
3866 |
++ return -EINVAL; |
3867 |
+ |
3868 |
+ if ((r = copy_from_user(&s, up, sz)) == 0) { |
3869 |
+ sigset_32to64(set, &s); |
3870 |
diff --git a/arch/parisc/kernel/sys_parisc.c b/arch/parisc/kernel/sys_parisc.c |
3871 |
index 7426e40..30c8dbe 100644 |
3872 |
--- a/arch/parisc/kernel/sys_parisc.c |
3873 |
@@ -20537,7 +20561,7 @@ index baead95..90feeb4 100644 |
3874 |
|
3875 |
local_irq_disable(); |
3876 |
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c |
3877 |
-index b1eb202..254e292 100644 |
3878 |
+index ff66a3b..48ad872 100644 |
3879 |
--- a/arch/x86/kvm/vmx.c |
3880 |
+++ b/arch/x86/kvm/vmx.c |
3881 |
@@ -1331,7 +1331,11 @@ static void reload_tss(void) |
3882 |
@@ -28017,7 +28041,7 @@ index 9a87daa..fb17486 100644 |
3883 |
goto error; |
3884 |
|
3885 |
diff --git a/crypto/cryptd.c b/crypto/cryptd.c |
3886 |
-index 671d4d6..afec999 100644 |
3887 |
+index 7bdd61b..afec999 100644 |
3888 |
--- a/crypto/cryptd.c |
3889 |
+++ b/crypto/cryptd.c |
3890 |
@@ -63,7 +63,7 @@ struct cryptd_blkcipher_ctx { |
3891 |
@@ -28038,28 +28062,6 @@ index 671d4d6..afec999 100644 |
3892 |
|
3893 |
static void cryptd_queue_worker(struct work_struct *work); |
3894 |
|
3895 |
-@@ -137,13 +137,18 @@ static void cryptd_queue_worker(struct work_struct *work) |
3896 |
- struct crypto_async_request *req, *backlog; |
3897 |
- |
3898 |
- cpu_queue = container_of(work, struct cryptd_cpu_queue, work); |
3899 |
-- /* Only handle one request at a time to avoid hogging crypto |
3900 |
-- * workqueue. preempt_disable/enable is used to prevent |
3901 |
-- * being preempted by cryptd_enqueue_request() */ |
3902 |
-+ /* |
3903 |
-+ * Only handle one request at a time to avoid hogging crypto workqueue. |
3904 |
-+ * preempt_disable/enable is used to prevent being preempted by |
3905 |
-+ * cryptd_enqueue_request(). local_bh_disable/enable is used to prevent |
3906 |
-+ * cryptd_enqueue_request() being accessed from software interrupts. |
3907 |
-+ */ |
3908 |
-+ local_bh_disable(); |
3909 |
- preempt_disable(); |
3910 |
- backlog = crypto_get_backlog(&cpu_queue->queue); |
3911 |
- req = crypto_dequeue_request(&cpu_queue->queue); |
3912 |
- preempt_enable(); |
3913 |
-+ local_bh_enable(); |
3914 |
- |
3915 |
- if (!req) |
3916 |
- return; |
3917 |
diff --git a/drivers/acpi/apei/cper.c b/drivers/acpi/apei/cper.c |
3918 |
index e6defd8..c26a225 100644 |
3919 |
--- a/drivers/acpi/apei/cper.c |
3920 |
@@ -31555,7 +31557,7 @@ index 3b663fc..57850f4 100644 |
3921 |
if (rdev->pm.max_bandwidth.full > rdev->pm.k8_bandwidth.full && |
3922 |
rdev->pm.k8_bandwidth.full) |
3923 |
diff --git a/drivers/gpu/drm/ttm/ttm_page_alloc.c b/drivers/gpu/drm/ttm/ttm_page_alloc.c |
3924 |
-index ebc6fac..a8313ed 100644 |
3925 |
+index 578207e..1073f25 100644 |
3926 |
--- a/drivers/gpu/drm/ttm/ttm_page_alloc.c |
3927 |
+++ b/drivers/gpu/drm/ttm/ttm_page_alloc.c |
3928 |
@@ -394,9 +394,9 @@ static int ttm_pool_get_num_unused_pages(void) |
3929 |
@@ -35596,7 +35598,7 @@ index 4a518a3..936b334 100644 |
3930 |
#define VXGE_HW_VIRTUAL_PATH_HANDLE(vpath) \ |
3931 |
((struct __vxge_hw_vpath_handle *)(vpath)->vpath_handles.next) |
3932 |
diff --git a/drivers/net/ethernet/realtek/r8169.c b/drivers/net/ethernet/realtek/r8169.c |
3933 |
-index b47d5b3..273a516 100644 |
3934 |
+index df7bbba..162f850 100644 |
3935 |
--- a/drivers/net/ethernet/realtek/r8169.c |
3936 |
+++ b/drivers/net/ethernet/realtek/r8169.c |
3937 |
@@ -745,22 +745,22 @@ struct rtl8169_private { |
3938 |
@@ -36581,10 +36583,10 @@ index 61859d0..124539e 100644 |
3939 |
/* No printks while decoding is disabled! */ |
3940 |
if (!dev->mmio_always_on) { |
3941 |
diff --git a/drivers/pci/proc.c b/drivers/pci/proc.c |
3942 |
-index 27911b5..5b6db88 100644 |
3943 |
+index af028c7..654cdfc 100644 |
3944 |
--- a/drivers/pci/proc.c |
3945 |
+++ b/drivers/pci/proc.c |
3946 |
-@@ -476,7 +476,16 @@ static const struct file_operations proc_bus_pci_dev_operations = { |
3947 |
+@@ -484,7 +484,16 @@ static const struct file_operations proc_bus_pci_dev_operations = { |
3948 |
static int __init pci_proc_init(void) |
3949 |
{ |
3950 |
struct pci_dev *dev = NULL; |
3951 |
@@ -42932,22 +42934,6 @@ index 88714ae..16c2e11 100644 |
3952 |
|
3953 |
|
3954 |
static inline u32 get_pll_internal_frequency(u32 ref_freq, |
3955 |
-diff --git a/drivers/virtio/virtio.c b/drivers/virtio/virtio.c |
3956 |
-index c3b3f7f..abd47c7 100644 |
3957 |
---- a/drivers/virtio/virtio.c |
3958 |
-+++ b/drivers/virtio/virtio.c |
3959 |
-@@ -225,8 +225,10 @@ EXPORT_SYMBOL_GPL(register_virtio_device); |
3960 |
- |
3961 |
- void unregister_virtio_device(struct virtio_device *dev) |
3962 |
- { |
3963 |
-+ int index = dev->index; /* save for after device release */ |
3964 |
-+ |
3965 |
- device_unregister(&dev->dev); |
3966 |
-- ida_simple_remove(&virtio_index_ida, dev->index); |
3967 |
-+ ida_simple_remove(&virtio_index_ida, index); |
3968 |
- } |
3969 |
- EXPORT_SYMBOL_GPL(unregister_virtio_device); |
3970 |
- |
3971 |
diff --git a/drivers/virtio/virtio_mmio.c b/drivers/virtio/virtio_mmio.c |
3972 |
index 453db0c..604973e 100644 |
3973 |
--- a/drivers/virtio/virtio_mmio.c |
3974 |
@@ -45203,7 +45189,7 @@ index b2a34a1..162fa69 100644 |
3975 |
return rc; |
3976 |
} |
3977 |
diff --git a/fs/exec.c b/fs/exec.c |
3978 |
-index fab2c6d..4fa20c0 100644 |
3979 |
+index fab2c6d..6a13dff 100644 |
3980 |
--- a/fs/exec.c |
3981 |
+++ b/fs/exec.c |
3982 |
@@ -55,6 +55,15 @@ |
3983 |
@@ -45229,7 +45215,7 @@ index fab2c6d..4fa20c0 100644 |
3984 |
+#ifdef CONFIG_PAX_HAVE_ACL_FLAGS |
3985 |
+void __weak pax_set_initial_flags(struct linux_binprm *bprm) |
3986 |
+{ |
3987 |
-+ WARN_ONCE(1, "PAX: PAX_HAVE_ACL_FLAGS was enabled without providing the pax_set_initial_flags callback, this is probably not what you wanted.\n"); |
3988 |
++ pr_warn_once("PAX: PAX_HAVE_ACL_FLAGS was enabled without providing the pax_set_initial_flags callback, this is probably not what you wanted.\n"); |
3989 |
+} |
3990 |
+#endif |
3991 |
+ |
3992 |
@@ -46042,7 +46028,7 @@ index cf18217..8f6b9c3 100644 |
3993 |
if (free_clusters >= (nclusters + dirty_clusters)) |
3994 |
return 1; |
3995 |
diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h |
3996 |
-index 5c69f2b..05dec7f 100644 |
3997 |
+index b686b43..4b46d01 100644 |
3998 |
--- a/fs/ext4/ext4.h |
3999 |
+++ b/fs/ext4/ext4.h |
4000 |
@@ -1248,19 +1248,19 @@ struct ext4_sb_info { |
4001 |
@@ -48755,18 +48741,6 @@ index a9269f1..5490437 100644 |
4002 |
set_fs(oldfs); |
4003 |
|
4004 |
if (host_err < 0) |
4005 |
-diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c |
4006 |
-index f35794b..a506360 100644 |
4007 |
---- a/fs/notify/fanotify/fanotify.c |
4008 |
-+++ b/fs/notify/fanotify/fanotify.c |
4009 |
-@@ -21,6 +21,7 @@ static bool should_merge(struct fsnotify_event *old, struct fsnotify_event *new) |
4010 |
- if ((old->path.mnt == new->path.mnt) && |
4011 |
- (old->path.dentry == new->path.dentry)) |
4012 |
- return true; |
4013 |
-+ break; |
4014 |
- case (FSNOTIFY_EVENT_NONE): |
4015 |
- return true; |
4016 |
- default: |
4017 |
diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c |
4018 |
index d438036..0ecadde 100644 |
4019 |
--- a/fs/notify/fanotify/fanotify_user.c |
4020 |
@@ -50397,25 +50371,6 @@ index 1ccfa53..0848f95 100644 |
4021 |
} else if (mm) { |
4022 |
pid_t tid = vm_is_stack(priv->task, vma, is_pid); |
4023 |
|
4024 |
-diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c |
4025 |
-index 29996e8..2d1e0f3 100644 |
4026 |
---- a/fs/pstore/platform.c |
4027 |
-+++ b/fs/pstore/platform.c |
4028 |
-@@ -161,12 +161,13 @@ static void pstore_console_write(struct console *con, const char *s, unsigned c) |
4029 |
- |
4030 |
- while (s < e) { |
4031 |
- unsigned long flags; |
4032 |
-+ u64 id; |
4033 |
- |
4034 |
- if (c > psinfo->bufsize) |
4035 |
- c = psinfo->bufsize; |
4036 |
- spin_lock_irqsave(&psinfo->buf_lock, flags); |
4037 |
- memcpy(psinfo->buf, s, c); |
4038 |
-- psinfo->write(PSTORE_TYPE_CONSOLE, 0, NULL, 0, c, psinfo); |
4039 |
-+ psinfo->write(PSTORE_TYPE_CONSOLE, 0, &id, 0, c, psinfo); |
4040 |
- spin_unlock_irqrestore(&psinfo->buf_lock, flags); |
4041 |
- s += c; |
4042 |
- c = e - s; |
4043 |
diff --git a/fs/quota/netlink.c b/fs/quota/netlink.c |
4044 |
index d67908b..d13f6a6 100644 |
4045 |
--- a/fs/quota/netlink.c |
4046 |
@@ -63486,50 +63441,68 @@ index aa2e167..84024ce 100644 |
4047 |
}; |
4048 |
|
4049 |
diff --git a/include/linux/init.h b/include/linux/init.h |
4050 |
-index 5e664f6..0a1225c 100644 |
4051 |
+index 5e664f6..15ae326 100644 |
4052 |
--- a/include/linux/init.h |
4053 |
+++ b/include/linux/init.h |
4054 |
-@@ -39,9 +39,15 @@ |
4055 |
+@@ -39,9 +39,33 @@ |
4056 |
* Also note, that this data cannot be "const". |
4057 |
*/ |
4058 |
|
4059 |
+#ifdef MODULE |
4060 |
-+#define add_latent_entropy |
4061 |
++#define add_init_latent_entropy |
4062 |
+#else |
4063 |
-+#define add_latent_entropy __latent_entropy |
4064 |
++#define add_init_latent_entropy __latent_entropy |
4065 |
++#endif |
4066 |
++ |
4067 |
++#ifdef CONFIG_HOTPLUG |
4068 |
++#define add_devinit_latent_entropy |
4069 |
++#else |
4070 |
++#define add_devinit_latent_entropy __latent_entropy |
4071 |
++#endif |
4072 |
++ |
4073 |
++#ifdef CONFIG_HOTPLUG_CPU |
4074 |
++#define add_cpuinit_latent_entropy |
4075 |
++#else |
4076 |
++#define add_cpuinit_latent_entropy __latent_entropy |
4077 |
++#endif |
4078 |
++ |
4079 |
++#ifdef CONFIG_MEMORY_HOTPLUG |
4080 |
++#define add_meminit_latent_entropy |
4081 |
++#else |
4082 |
++#define add_meminit_latent_entropy __latent_entropy |
4083 |
+#endif |
4084 |
+ |
4085 |
/* These are for everybody (although not all archs will actually |
4086 |
discard it in modules) */ |
4087 |
-#define __init __section(.init.text) __cold notrace |
4088 |
-+#define __init __section(.init.text) __cold notrace add_latent_entropy |
4089 |
++#define __init __section(.init.text) __cold notrace add_init_latent_entropy |
4090 |
#define __initdata __section(.init.data) |
4091 |
#define __initconst __section(.init.rodata) |
4092 |
#define __exitdata __section(.exit.data) |
4093 |
-@@ -83,7 +89,7 @@ |
4094 |
+@@ -83,7 +107,7 @@ |
4095 |
#define __exit __section(.exit.text) __exitused __cold notrace |
4096 |
|
4097 |
/* Used for HOTPLUG */ |
4098 |
-#define __devinit __section(.devinit.text) __cold notrace |
4099 |
-+#define __devinit __section(.devinit.text) __cold notrace add_latent_entropy |
4100 |
++#define __devinit __section(.devinit.text) __cold notrace add_devinit_latent_entropy |
4101 |
#define __devinitdata __section(.devinit.data) |
4102 |
#define __devinitconst __section(.devinit.rodata) |
4103 |
#define __devexit __section(.devexit.text) __exitused __cold notrace |
4104 |
-@@ -91,7 +97,7 @@ |
4105 |
+@@ -91,7 +115,7 @@ |
4106 |
#define __devexitconst __section(.devexit.rodata) |
4107 |
|
4108 |
/* Used for HOTPLUG_CPU */ |
4109 |
-#define __cpuinit __section(.cpuinit.text) __cold notrace |
4110 |
-+#define __cpuinit __section(.cpuinit.text) __cold notrace add_latent_entropy |
4111 |
++#define __cpuinit __section(.cpuinit.text) __cold notrace add_cpuinit_latent_entropy |
4112 |
#define __cpuinitdata __section(.cpuinit.data) |
4113 |
#define __cpuinitconst __section(.cpuinit.rodata) |
4114 |
#define __cpuexit __section(.cpuexit.text) __exitused __cold notrace |
4115 |
-@@ -99,7 +105,7 @@ |
4116 |
+@@ -99,7 +123,7 @@ |
4117 |
#define __cpuexitconst __section(.cpuexit.rodata) |
4118 |
|
4119 |
/* Used for MEMORY_HOTPLUG */ |
4120 |
-#define __meminit __section(.meminit.text) __cold notrace |
4121 |
-+#define __meminit __section(.meminit.text) __cold notrace add_latent_entropy |
4122 |
++#define __meminit __section(.meminit.text) __cold notrace add_meminit_latent_entropy |
4123 |
#define __meminitdata __section(.meminit.data) |
4124 |
#define __meminitconst __section(.meminit.rodata) |
4125 |
#define __memexit __section(.memexit.text) __exitused __cold notrace |
4126 |
@@ -64011,7 +63984,7 @@ index 1d1b1e1..2a13c78 100644 |
4127 |
|
4128 |
#define pmdp_clear_flush_notify(__vma, __address, __pmdp) \ |
4129 |
diff --git a/include/linux/mmzone.h b/include/linux/mmzone.h |
4130 |
-index 2daa54f..bfdf2f5 100644 |
4131 |
+index a16d929..860ae00 100644 |
4132 |
--- a/include/linux/mmzone.h |
4133 |
+++ b/include/linux/mmzone.h |
4134 |
@@ -414,7 +414,7 @@ struct zone { |
4135 |
@@ -68560,7 +68533,7 @@ index 91c32a0..7b88d63 100644 |
4136 |
seq_printf(m, "%40s %14lu %29s %pS\n", |
4137 |
name, stats->contending_point[i], |
4138 |
diff --git a/kernel/module.c b/kernel/module.c |
4139 |
-index 9ad9ee9..731c128 100644 |
4140 |
+index 2a15c59..731c128 100644 |
4141 |
--- a/kernel/module.c |
4142 |
+++ b/kernel/module.c |
4143 |
@@ -58,6 +58,7 @@ |
4144 |
@@ -68849,7 +68822,7 @@ index 9ad9ee9..731c128 100644 |
4145 |
} |
4146 |
} |
4147 |
|
4148 |
-@@ -2266,28 +2284,33 @@ static void layout_symtab(struct module *mod, struct load_info *info) |
4149 |
+@@ -2266,7 +2284,7 @@ static void layout_symtab(struct module *mod, struct load_info *info) |
4150 |
|
4151 |
/* Put symbol section at end of init part of module. */ |
4152 |
symsect->sh_flags |= SHF_ALLOC; |
4153 |
@@ -68858,23 +68831,8 @@ index 9ad9ee9..731c128 100644 |
4154 |
info->index.sym) | INIT_OFFSET_MASK; |
4155 |
pr_debug("\t%s\n", info->secstrings + symsect->sh_name); |
4156 |
|
4157 |
- src = (void *)info->hdr + symsect->sh_offset; |
4158 |
- nsrc = symsect->sh_size / sizeof(*src); |
4159 |
- |
4160 |
-+ /* strtab always starts with a nul, so offset 0 is the empty string. */ |
4161 |
-+ strtab_size = 1; |
4162 |
-+ |
4163 |
- /* Compute total space required for the core symbols' strtab. */ |
4164 |
-- for (ndst = i = strtab_size = 1; i < nsrc; ++i, ++src) |
4165 |
-- if (is_core_symbol(src, info->sechdrs, info->hdr->e_shnum)) { |
4166 |
-- strtab_size += strlen(&info->strtab[src->st_name]) + 1; |
4167 |
-+ for (ndst = i = 0; i < nsrc; i++) { |
4168 |
-+ if (i == 0 || |
4169 |
-+ is_core_symbol(src+i, info->sechdrs, info->hdr->e_shnum)) { |
4170 |
-+ strtab_size += strlen(&info->strtab[src[i].st_name])+1; |
4171 |
- ndst++; |
4172 |
- } |
4173 |
-+ } |
4174 |
+@@ -2286,13 +2304,13 @@ static void layout_symtab(struct module *mod, struct load_info *info) |
4175 |
+ } |
4176 |
|
4177 |
/* Append room for core symbols at end of core part. */ |
4178 |
- info->symoffs = ALIGN(mod->core_size, symsect->sh_addralign ?: 1); |
4179 |
@@ -68891,7 +68849,7 @@ index 9ad9ee9..731c128 100644 |
4180 |
info->index.str) | INIT_OFFSET_MASK; |
4181 |
pr_debug("\t%s\n", info->secstrings + strsect->sh_name); |
4182 |
} |
4183 |
-@@ -2305,24 +2328,28 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) |
4184 |
+@@ -2310,12 +2328,14 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) |
4185 |
/* Make sure we get permanent strtab: don't use info->strtab. */ |
4186 |
mod->strtab = (void *)info->sechdrs[info->index.str].sh_addr; |
4187 |
|
4188 |
@@ -68906,23 +68864,10 @@ index 9ad9ee9..731c128 100644 |
4189 |
+ mod->core_symtab = dst = mod->module_core_rx + info->symoffs; |
4190 |
+ mod->core_strtab = s = mod->module_core_rx + info->stroffs; |
4191 |
src = mod->symtab; |
4192 |
-- *dst = *src; |
4193 |
*s++ = 0; |
4194 |
-- for (ndst = i = 1; i < mod->num_symtab; ++i, ++src) { |
4195 |
-- if (!is_core_symbol(src, info->sechdrs, info->hdr->e_shnum)) |
4196 |
-- continue; |
4197 |
-- |
4198 |
-- dst[ndst] = *src; |
4199 |
-- dst[ndst++].st_name = s - mod->core_strtab; |
4200 |
-- s += strlcpy(s, &mod->strtab[src->st_name], KSYM_NAME_LEN) + 1; |
4201 |
-+ for (ndst = i = 0; i < mod->num_symtab; i++) { |
4202 |
-+ if (i == 0 || |
4203 |
-+ is_core_symbol(src+i, info->sechdrs, info->hdr->e_shnum)) { |
4204 |
-+ dst[ndst] = src[i]; |
4205 |
-+ dst[ndst++].st_name = s - mod->core_strtab; |
4206 |
-+ s += strlcpy(s, &mod->strtab[src[i].st_name], |
4207 |
-+ KSYM_NAME_LEN) + 1; |
4208 |
-+ } |
4209 |
+ for (ndst = i = 0; i < mod->num_symtab; i++) { |
4210 |
+@@ -2328,6 +2348,8 @@ static void add_kallsyms(struct module *mod, const struct load_info *info) |
4211 |
+ } |
4212 |
} |
4213 |
mod->core_num_syms = ndst; |
4214 |
+ |
4215 |
@@ -68930,7 +68875,7 @@ index 9ad9ee9..731c128 100644 |
4216 |
} |
4217 |
#else |
4218 |
static inline void layout_symtab(struct module *mod, struct load_info *info) |
4219 |
-@@ -2356,17 +2383,33 @@ void * __weak module_alloc(unsigned long size) |
4220 |
+@@ -2361,17 +2383,33 @@ void * __weak module_alloc(unsigned long size) |
4221 |
return size == 0 ? NULL : vmalloc_exec(size); |
4222 |
} |
4223 |
|
4224 |
@@ -68969,7 +68914,7 @@ index 9ad9ee9..731c128 100644 |
4225 |
mutex_unlock(&module_mutex); |
4226 |
} |
4227 |
return ret; |
4228 |
-@@ -2544,8 +2587,14 @@ static struct module *setup_load_info(struct load_info *info) |
4229 |
+@@ -2549,8 +2587,14 @@ static struct module *setup_load_info(struct load_info *info) |
4230 |
static int check_modinfo(struct module *mod, struct load_info *info) |
4231 |
{ |
4232 |
const char *modmagic = get_modinfo(info, "vermagic"); |
4233 |
@@ -68984,7 +68929,7 @@ index 9ad9ee9..731c128 100644 |
4234 |
/* This is allowed: modprobe --force will invalidate it. */ |
4235 |
if (!modmagic) { |
4236 |
err = try_to_force_load(mod, "bad vermagic"); |
4237 |
-@@ -2568,7 +2617,7 @@ static int check_modinfo(struct module *mod, struct load_info *info) |
4238 |
+@@ -2573,7 +2617,7 @@ static int check_modinfo(struct module *mod, struct load_info *info) |
4239 |
} |
4240 |
|
4241 |
/* Set up license info based on the info section */ |
4242 |
@@ -68993,7 +68938,7 @@ index 9ad9ee9..731c128 100644 |
4243 |
|
4244 |
return 0; |
4245 |
} |
4246 |
-@@ -2662,7 +2711,7 @@ static int move_module(struct module *mod, struct load_info *info) |
4247 |
+@@ -2667,7 +2711,7 @@ static int move_module(struct module *mod, struct load_info *info) |
4248 |
void *ptr; |
4249 |
|
4250 |
/* Do the allocs. */ |
4251 |
@@ -69002,7 +68947,7 @@ index 9ad9ee9..731c128 100644 |
4252 |
/* |
4253 |
* The pointer to this block is stored in the module structure |
4254 |
* which is inside the block. Just mark it as not being a |
4255 |
-@@ -2672,23 +2721,50 @@ static int move_module(struct module *mod, struct load_info *info) |
4256 |
+@@ -2677,23 +2721,50 @@ static int move_module(struct module *mod, struct load_info *info) |
4257 |
if (!ptr) |
4258 |
return -ENOMEM; |
4259 |
|
4260 |
@@ -69061,7 +69006,7 @@ index 9ad9ee9..731c128 100644 |
4261 |
|
4262 |
/* Transfer each section which specifies SHF_ALLOC */ |
4263 |
pr_debug("final section addresses:\n"); |
4264 |
-@@ -2699,16 +2775,45 @@ static int move_module(struct module *mod, struct load_info *info) |
4265 |
+@@ -2704,16 +2775,45 @@ static int move_module(struct module *mod, struct load_info *info) |
4266 |
if (!(shdr->sh_flags & SHF_ALLOC)) |
4267 |
continue; |
4268 |
|
4269 |
@@ -69114,7 +69059,7 @@ index 9ad9ee9..731c128 100644 |
4270 |
pr_debug("\t0x%lx %s\n", |
4271 |
(long)shdr->sh_addr, info->secstrings + shdr->sh_name); |
4272 |
} |
4273 |
-@@ -2763,12 +2868,12 @@ static void flush_module_icache(const struct module *mod) |
4274 |
+@@ -2768,12 +2868,12 @@ static void flush_module_icache(const struct module *mod) |
4275 |
* Do it before processing of module parameters, so the module |
4276 |
* can provide parameter accessor functions of its own. |
4277 |
*/ |
4278 |
@@ -69133,7 +69078,7 @@ index 9ad9ee9..731c128 100644 |
4279 |
|
4280 |
set_fs(old_fs); |
4281 |
} |
4282 |
-@@ -2838,8 +2943,10 @@ out: |
4283 |
+@@ -2843,8 +2943,10 @@ out: |
4284 |
static void module_deallocate(struct module *mod, struct load_info *info) |
4285 |
{ |
4286 |
percpu_modfree(mod); |
4287 |
@@ -69146,7 +69091,7 @@ index 9ad9ee9..731c128 100644 |
4288 |
} |
4289 |
|
4290 |
int __weak module_finalize(const Elf_Ehdr *hdr, |
4291 |
-@@ -2852,7 +2959,9 @@ int __weak module_finalize(const Elf_Ehdr *hdr, |
4292 |
+@@ -2857,7 +2959,9 @@ int __weak module_finalize(const Elf_Ehdr *hdr, |
4293 |
static int post_relocation(struct module *mod, const struct load_info *info) |
4294 |
{ |
4295 |
/* Sort exception table now relocations are done. */ |
4296 |
@@ -69156,7 +69101,7 @@ index 9ad9ee9..731c128 100644 |
4297 |
|
4298 |
/* Copy relocated percpu area over. */ |
4299 |
percpu_modcopy(mod, (void *)info->sechdrs[info->index.pcpu].sh_addr, |
4300 |
-@@ -2903,9 +3012,38 @@ static struct module *load_module(void __user *umod, |
4301 |
+@@ -2908,9 +3012,38 @@ static struct module *load_module(void __user *umod, |
4302 |
if (err) |
4303 |
goto free_unload; |
4304 |
|
4305 |
@@ -69195,7 +69140,7 @@ index 9ad9ee9..731c128 100644 |
4306 |
/* Fix up syms, so that st_value is a pointer to location. */ |
4307 |
err = simplify_symbols(mod, &info); |
4308 |
if (err < 0) |
4309 |
-@@ -2921,13 +3059,6 @@ static struct module *load_module(void __user *umod, |
4310 |
+@@ -2926,13 +3059,6 @@ static struct module *load_module(void __user *umod, |
4311 |
|
4312 |
flush_module_icache(mod); |
4313 |
|
4314 |
@@ -69209,7 +69154,7 @@ index 9ad9ee9..731c128 100644 |
4315 |
/* Mark state as coming so strong_try_module_get() ignores us. */ |
4316 |
mod->state = MODULE_STATE_COMING; |
4317 |
|
4318 |
-@@ -2985,11 +3116,10 @@ static struct module *load_module(void __user *umod, |
4319 |
+@@ -2990,11 +3116,10 @@ static struct module *load_module(void __user *umod, |
4320 |
unlock: |
4321 |
mutex_unlock(&module_mutex); |
4322 |
synchronize_sched(); |
4323 |
@@ -69222,7 +69167,7 @@ index 9ad9ee9..731c128 100644 |
4324 |
free_unload: |
4325 |
module_unload_free(mod); |
4326 |
free_module: |
4327 |
-@@ -3030,16 +3160,16 @@ SYSCALL_DEFINE3(init_module, void __user *, umod, |
4328 |
+@@ -3035,16 +3160,16 @@ SYSCALL_DEFINE3(init_module, void __user *, umod, |
4329 |
MODULE_STATE_COMING, mod); |
4330 |
|
4331 |
/* Set RO and NX regions for core */ |
4332 |
@@ -69247,7 +69192,7 @@ index 9ad9ee9..731c128 100644 |
4333 |
|
4334 |
do_mod_ctors(mod); |
4335 |
/* Start the module */ |
4336 |
-@@ -3085,11 +3215,12 @@ SYSCALL_DEFINE3(init_module, void __user *, umod, |
4337 |
+@@ -3090,11 +3215,12 @@ SYSCALL_DEFINE3(init_module, void __user *, umod, |
4338 |
mod->strtab = mod->core_strtab; |
4339 |
#endif |
4340 |
unset_module_init_ro_nx(mod); |
4341 |
@@ -69265,7 +69210,7 @@ index 9ad9ee9..731c128 100644 |
4342 |
mutex_unlock(&module_mutex); |
4343 |
|
4344 |
return 0; |
4345 |
-@@ -3120,10 +3251,16 @@ static const char *get_ksymbol(struct module *mod, |
4346 |
+@@ -3125,10 +3251,16 @@ static const char *get_ksymbol(struct module *mod, |
4347 |
unsigned long nextval; |
4348 |
|
4349 |
/* At worse, next value is at end of module */ |
4350 |
@@ -69285,7 +69230,7 @@ index 9ad9ee9..731c128 100644 |
4351 |
|
4352 |
/* Scan for closest preceding symbol, and next symbol. (ELF |
4353 |
starts real symbols at 1). */ |
4354 |
-@@ -3358,7 +3495,7 @@ static int m_show(struct seq_file *m, void *p) |
4355 |
+@@ -3363,7 +3495,7 @@ static int m_show(struct seq_file *m, void *p) |
4356 |
char buf[8]; |
4357 |
|
4358 |
seq_printf(m, "%s %u", |
4359 |
@@ -69294,7 +69239,7 @@ index 9ad9ee9..731c128 100644 |
4360 |
print_unload_info(m, mod); |
4361 |
|
4362 |
/* Informative for users. */ |
4363 |
-@@ -3367,7 +3504,7 @@ static int m_show(struct seq_file *m, void *p) |
4364 |
+@@ -3372,7 +3504,7 @@ static int m_show(struct seq_file *m, void *p) |
4365 |
mod->state == MODULE_STATE_COMING ? "Loading": |
4366 |
"Live"); |
4367 |
/* Used by oprofile and other similar tools. */ |
4368 |
@@ -69303,7 +69248,7 @@ index 9ad9ee9..731c128 100644 |
4369 |
|
4370 |
/* Taints info */ |
4371 |
if (mod->taints) |
4372 |
-@@ -3403,7 +3540,17 @@ static const struct file_operations proc_modules_operations = { |
4373 |
+@@ -3408,7 +3540,17 @@ static const struct file_operations proc_modules_operations = { |
4374 |
|
4375 |
static int __init proc_modules_init(void) |
4376 |
{ |
4377 |
@@ -69321,7 +69266,7 @@ index 9ad9ee9..731c128 100644 |
4378 |
return 0; |
4379 |
} |
4380 |
module_init(proc_modules_init); |
4381 |
-@@ -3462,12 +3609,12 @@ struct module *__module_address(unsigned long addr) |
4382 |
+@@ -3467,12 +3609,12 @@ struct module *__module_address(unsigned long addr) |
4383 |
{ |
4384 |
struct module *mod; |
4385 |
|
4386 |
@@ -69337,7 +69282,7 @@ index 9ad9ee9..731c128 100644 |
4387 |
return mod; |
4388 |
return NULL; |
4389 |
} |
4390 |
-@@ -3501,11 +3648,20 @@ bool is_module_text_address(unsigned long addr) |
4391 |
+@@ -3506,11 +3648,20 @@ bool is_module_text_address(unsigned long addr) |
4392 |
*/ |
4393 |
struct module *__module_text_address(unsigned long addr) |
4394 |
{ |
4395 |
@@ -72090,9 +72035,18 @@ index 9ed4fd4..c42648d 100644 |
4396 |
* Make sure the vma is shared, that it supports prefaulting, |
4397 |
* and that the remapped range is valid and fully within |
4398 |
diff --git a/mm/highmem.c b/mm/highmem.c |
4399 |
-index d517cd1..006a1c5 100644 |
4400 |
+index d517cd1..9568fec 100644 |
4401 |
--- a/mm/highmem.c |
4402 |
+++ b/mm/highmem.c |
4403 |
+@@ -98,7 +98,7 @@ struct page *kmap_to_page(void *vaddr) |
4404 |
+ { |
4405 |
+ unsigned long addr = (unsigned long)vaddr; |
4406 |
+ |
4407 |
+- if (addr >= PKMAP_ADDR(0) && addr <= PKMAP_ADDR(LAST_PKMAP)) { |
4408 |
++ if (addr >= PKMAP_ADDR(0) && addr < PKMAP_ADDR(LAST_PKMAP)) { |
4409 |
+ int i = (addr - PKMAP_ADDR(0)) >> PAGE_SHIFT; |
4410 |
+ return pte_page(pkmap_page_table[i]); |
4411 |
+ } |
4412 |
@@ -137,9 +137,10 @@ static void flush_all_zero_pkmaps(void) |
4413 |
* So no dangers, even with speculative execution. |
4414 |
*/ |
4415 |
@@ -74900,7 +74854,7 @@ index d4b0c10..ed421b5 100644 |
4416 |
new->vm_region = region; |
4417 |
|
4418 |
diff --git a/mm/page_alloc.c b/mm/page_alloc.c |
4419 |
-index c13ea75..081ab2c 100644 |
4420 |
+index d2d8f54..be2a87c 100644 |
4421 |
--- a/mm/page_alloc.c |
4422 |
+++ b/mm/page_alloc.c |
4423 |
@@ -340,7 +340,7 @@ out: |
4424 |
@@ -75116,7 +75070,7 @@ index aa95e59..b681a63 100644 |
4425 |
struct anon_vma_chain *avc; |
4426 |
struct anon_vma *anon_vma; |
4427 |
diff --git a/mm/shmem.c b/mm/shmem.c |
4428 |
-index d2eeca1..92f3123 100644 |
4429 |
+index 31e1506..dbf3647 100644 |
4430 |
--- a/mm/shmem.c |
4431 |
+++ b/mm/shmem.c |
4432 |
@@ -31,7 +31,7 @@ |
4433 |
@@ -75137,7 +75091,7 @@ index d2eeca1..92f3123 100644 |
4434 |
|
4435 |
struct shmem_xattr { |
4436 |
struct list_head list; /* anchored by shmem_inode_info->xattr_list */ |
4437 |
-@@ -2207,6 +2207,11 @@ static const struct xattr_handler *shmem_xattr_handlers[] = { |
4438 |
+@@ -2219,6 +2219,11 @@ static const struct xattr_handler *shmem_xattr_handlers[] = { |
4439 |
static int shmem_xattr_validate(const char *name) |
4440 |
{ |
4441 |
struct { const char *prefix; size_t len; } arr[] = { |
4442 |
@@ -75149,7 +75103,7 @@ index d2eeca1..92f3123 100644 |
4443 |
{ XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN }, |
4444 |
{ XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN } |
4445 |
}; |
4446 |
-@@ -2260,6 +2265,15 @@ static int shmem_setxattr(struct dentry *dentry, const char *name, |
4447 |
+@@ -2272,6 +2277,15 @@ static int shmem_setxattr(struct dentry *dentry, const char *name, |
4448 |
if (err) |
4449 |
return err; |
4450 |
|
4451 |
@@ -75165,7 +75119,7 @@ index d2eeca1..92f3123 100644 |
4452 |
if (size == 0) |
4453 |
value = ""; /* empty EA, do not remove */ |
4454 |
|
4455 |
-@@ -2594,8 +2608,7 @@ int shmem_fill_super(struct super_block *sb, void *data, int silent) |
4456 |
+@@ -2606,8 +2620,7 @@ int shmem_fill_super(struct super_block *sb, void *data, int silent) |
4457 |
int err = -ENOMEM; |
4458 |
|
4459 |
/* Round up to L1_CACHE_BYTES to resist false sharing */ |
4460 |
@@ -76354,19 +76308,6 @@ index 2bb90b1..3795e47 100644 |
4461 |
v->addr, v->addr + v->size, v->size); |
4462 |
|
4463 |
if (v->caller) |
4464 |
-diff --git a/mm/vmscan.c b/mm/vmscan.c |
4465 |
-index 99b434b..a018dfc 100644 |
4466 |
---- a/mm/vmscan.c |
4467 |
-+++ b/mm/vmscan.c |
4468 |
-@@ -2953,6 +2953,8 @@ static int kswapd(void *p) |
4469 |
- &balanced_classzone_idx); |
4470 |
- } |
4471 |
- } |
4472 |
-+ |
4473 |
-+ current->reclaim_state = NULL; |
4474 |
- return 0; |
4475 |
- } |
4476 |
- |
4477 |
diff --git a/mm/vmstat.c b/mm/vmstat.c |
4478 |
index df7a674..8b4a4f3 100644 |
4479 |
--- a/mm/vmstat.c |
4480 |
@@ -77052,7 +76993,7 @@ index 0337e2b..47914a0 100644 |
4481 |
|
4482 |
return err; |
4483 |
diff --git a/net/core/dev.c b/net/core/dev.c |
4484 |
-index aed87a4..72cc526 100644 |
4485 |
+index 1dce5b5..363a522 100644 |
4486 |
--- a/net/core/dev.c |
4487 |
+++ b/net/core/dev.c |
4488 |
@@ -1138,9 +1138,13 @@ void dev_load(struct net *net, const char *name) |
4489 |
@@ -77096,7 +77037,7 @@ index aed87a4..72cc526 100644 |
4490 |
|
4491 |
#define DEV_GSO_CB(skb) ((struct dev_gso_cb *)(skb)->cb) |
4492 |
|
4493 |
-@@ -2928,7 +2932,7 @@ enqueue: |
4494 |
+@@ -2930,7 +2934,7 @@ enqueue: |
4495 |
|
4496 |
local_irq_restore(flags); |
4497 |
|
4498 |
@@ -77105,7 +77046,7 @@ index aed87a4..72cc526 100644 |
4499 |
kfree_skb(skb); |
4500 |
return NET_RX_DROP; |
4501 |
} |
4502 |
-@@ -3000,7 +3004,7 @@ int netif_rx_ni(struct sk_buff *skb) |
4503 |
+@@ -3002,7 +3006,7 @@ int netif_rx_ni(struct sk_buff *skb) |
4504 |
} |
4505 |
EXPORT_SYMBOL(netif_rx_ni); |
4506 |
|
4507 |
@@ -77114,7 +77055,7 @@ index aed87a4..72cc526 100644 |
4508 |
{ |
4509 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
4510 |
|
4511 |
-@@ -3331,7 +3335,7 @@ ncls: |
4512 |
+@@ -3333,7 +3337,7 @@ ncls: |
4513 |
ret = pt_prev->func(skb, skb->dev, pt_prev, orig_dev); |
4514 |
} else { |
4515 |
drop: |
4516 |
@@ -77123,7 +77064,7 @@ index aed87a4..72cc526 100644 |
4517 |
kfree_skb(skb); |
4518 |
/* Jamal, now you will not able to escape explaining |
4519 |
* me how you were going to use this. :-) |
4520 |
-@@ -3898,7 +3902,7 @@ void netif_napi_del(struct napi_struct *napi) |
4521 |
+@@ -3900,7 +3904,7 @@ void netif_napi_del(struct napi_struct *napi) |
4522 |
} |
4523 |
EXPORT_SYMBOL(netif_napi_del); |
4524 |
|
4525 |
@@ -77132,7 +77073,7 @@ index aed87a4..72cc526 100644 |
4526 |
{ |
4527 |
struct softnet_data *sd = &__get_cpu_var(softnet_data); |
4528 |
unsigned long time_limit = jiffies + 2; |
4529 |
-@@ -4368,8 +4372,13 @@ static int ptype_seq_show(struct seq_file *seq, void *v) |
4530 |
+@@ -4370,8 +4374,13 @@ static int ptype_seq_show(struct seq_file *seq, void *v) |
4531 |
else |
4532 |
seq_printf(seq, "%04x", ntohs(pt->type)); |
4533 |
|
4534 |
@@ -77146,7 +77087,7 @@ index aed87a4..72cc526 100644 |
4535 |
} |
4536 |
|
4537 |
return 0; |
4538 |
-@@ -5922,7 +5931,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
4539 |
+@@ -5924,7 +5933,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, |
4540 |
} else { |
4541 |
netdev_stats_to_stats64(storage, &dev->stats); |
4542 |
} |
4543 |
@@ -77520,10 +77461,10 @@ index 8d07c97..d0812ef 100644 |
4544 |
|
4545 |
rc = qp->q.fragments && (end - start) > max; |
4546 |
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c |
4547 |
-index 5eea4a8..49819c2 100644 |
4548 |
+index 14bbfcf..644f472 100644 |
4549 |
--- a/net/ipv4/ip_sockglue.c |
4550 |
+++ b/net/ipv4/ip_sockglue.c |
4551 |
-@@ -1142,7 +1142,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, |
4552 |
+@@ -1151,7 +1151,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, |
4553 |
len = min_t(unsigned int, len, opt->optlen); |
4554 |
if (put_user(len, optlen)) |
4555 |
return -EFAULT; |
4556 |
@@ -77533,7 +77474,7 @@ index 5eea4a8..49819c2 100644 |
4557 |
return -EFAULT; |
4558 |
return 0; |
4559 |
} |
4560 |
-@@ -1273,7 +1274,7 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, |
4561 |
+@@ -1282,7 +1283,7 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname, |
4562 |
if (sk->sk_type != SOCK_STREAM) |
4563 |
return -ENOPROTOOPT; |
4564 |
|
4565 |
@@ -78078,10 +78019,10 @@ index b10374d..0baa1f9 100644 |
4566 |
if (ops->ndo_do_ioctl) { |
4567 |
mm_segment_t oldfs = get_fs(); |
4568 |
diff --git a/net/ipv6/ipv6_sockglue.c b/net/ipv6/ipv6_sockglue.c |
4569 |
-index ba6d13d..6899122 100644 |
4570 |
+index e02faed..9780f28 100644 |
4571 |
--- a/net/ipv6/ipv6_sockglue.c |
4572 |
+++ b/net/ipv6/ipv6_sockglue.c |
4573 |
-@@ -989,7 +989,7 @@ static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, |
4574 |
+@@ -990,7 +990,7 @@ static int do_ipv6_getsockopt(struct sock *sk, int level, int optname, |
4575 |
if (sk->sk_type != SOCK_STREAM) |
4576 |
return -ENOPROTOOPT; |
4577 |
|
4578 |
@@ -78561,7 +78502,7 @@ index 34e4185..8823368 100644 |
4579 |
return res; |
4580 |
} |
4581 |
diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h |
4582 |
-index bb61f77..3788d63 100644 |
4583 |
+index 642a2a3..9dcc3dd 100644 |
4584 |
--- a/net/mac80211/ieee80211_i.h |
4585 |
+++ b/net/mac80211/ieee80211_i.h |
4586 |
@@ -28,6 +28,7 @@ |
4587 |
@@ -78719,7 +78660,7 @@ index c97a065..ff61928 100644 |
4588 |
|
4589 |
return p; |
4590 |
diff --git a/net/mac80211/util.c b/net/mac80211/util.c |
4591 |
-index 1cfe6d5..c428ba3 100644 |
4592 |
+index 7883449..17c6a9a 100644 |
4593 |
--- a/net/mac80211/util.c |
4594 |
+++ b/net/mac80211/util.c |
4595 |
@@ -1279,7 +1279,7 @@ int ieee80211_reconfig(struct ieee80211_local *local) |
4596 |
@@ -83594,10 +83535,10 @@ index 0000000..a86e422 |
4597 |
+} |
4598 |
diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c |
4599 |
new file mode 100644 |
4600 |
-index 0000000..98011fa |
4601 |
+index 0000000..8856202 |
4602 |
--- /dev/null |
4603 |
+++ b/tools/gcc/kernexec_plugin.c |
4604 |
-@@ -0,0 +1,427 @@ |
4605 |
+@@ -0,0 +1,432 @@ |
4606 |
+/* |
4607 |
+ * Copyright 2011 by the PaX Team <pageexec@××××××××.hu> |
4608 |
+ * Licensed under the GPL v2 |
4609 |
@@ -83638,6 +83579,10 @@ index 0000000..98011fa |
4610 |
+extern void print_gimple_stmt(FILE *, gimple, int, int); |
4611 |
+extern rtx emit_move_insn(rtx x, rtx y); |
4612 |
+ |
4613 |
++#if BUILDING_GCC_VERSION <= 4006 |
4614 |
++#define ANY_RETURN_P(rtx) (GET_CODE(rtx) == RETURN) |
4615 |
++#endif |
4616 |
++ |
4617 |
+int plugin_is_GPL_compatible; |
4618 |
+ |
4619 |
+static struct plugin_info kernexec_plugin_info = { |
4620 |
@@ -83942,6 +83887,7 @@ index 0000000..98011fa |
4621 |
+ for (insn = get_insns(); insn; insn = NEXT_INSN(insn)) { |
4622 |
+ // rtl match: (jump_insn 41 40 42 2 (return) fptr.c:42 634 {return_internal} (nil)) |
4623 |
+ // (jump_insn 12 9 11 2 (parallel [ (return) (unspec [ (0) ] UNSPEC_REP) ]) fptr.c:46 635 {return_internal_long} (nil)) |
4624 |
++ // (jump_insn 97 96 98 6 (simple_return) fptr.c:50 -1 (nil) -> simple_return) |
4625 |
+ rtx body; |
4626 |
+ |
4627 |
+ // is it a retn |
4628 |
@@ -83950,7 +83896,7 @@ index 0000000..98011fa |
4629 |
+ body = PATTERN(insn); |
4630 |
+ if (GET_CODE(body) == PARALLEL) |
4631 |
+ body = XVECEXP(body, 0, 0); |
4632 |
-+ if (GET_CODE(body) != RETURN) |
4633 |
++ if (!ANY_RETURN_P(body)) |
4634 |
+ continue; |
4635 |
+ kernexec_instrument_retaddr(insn); |
4636 |
+ } |
4637 |
|
4638 |
diff --git a/3.6.7/4425-tmpfs-user-namespace.patch b/3.6.8/4425-tmpfs-user-namespace.patch |
4639 |
similarity index 100% |
4640 |
rename from 3.6.7/4425-tmpfs-user-namespace.patch |
4641 |
rename to 3.6.8/4425-tmpfs-user-namespace.patch |
4642 |
|
4643 |
diff --git a/3.6.7/4430_grsec-remove-localversion-grsec.patch b/3.6.8/4430_grsec-remove-localversion-grsec.patch |
4644 |
similarity index 100% |
4645 |
rename from 3.6.7/4430_grsec-remove-localversion-grsec.patch |
4646 |
rename to 3.6.8/4430_grsec-remove-localversion-grsec.patch |
4647 |
|
4648 |
diff --git a/3.6.7/4435_grsec-mute-warnings.patch b/3.6.8/4435_grsec-mute-warnings.patch |
4649 |
similarity index 100% |
4650 |
rename from 3.6.7/4435_grsec-mute-warnings.patch |
4651 |
rename to 3.6.8/4435_grsec-mute-warnings.patch |
4652 |
|
4653 |
diff --git a/3.6.7/4440_grsec-remove-protected-paths.patch b/3.6.8/4440_grsec-remove-protected-paths.patch |
4654 |
similarity index 100% |
4655 |
rename from 3.6.7/4440_grsec-remove-protected-paths.patch |
4656 |
rename to 3.6.8/4440_grsec-remove-protected-paths.patch |
4657 |
|
4658 |
diff --git a/3.6.7/4450_grsec-kconfig-default-gids.patch b/3.6.8/4450_grsec-kconfig-default-gids.patch |
4659 |
similarity index 100% |
4660 |
rename from 3.6.7/4450_grsec-kconfig-default-gids.patch |
4661 |
rename to 3.6.8/4450_grsec-kconfig-default-gids.patch |
4662 |
|
4663 |
diff --git a/3.6.7/4465_selinux-avc_audit-log-curr_ip.patch b/3.6.8/4465_selinux-avc_audit-log-curr_ip.patch |
4664 |
similarity index 100% |
4665 |
rename from 3.6.7/4465_selinux-avc_audit-log-curr_ip.patch |
4666 |
rename to 3.6.8/4465_selinux-avc_audit-log-curr_ip.patch |
4667 |
|
4668 |
diff --git a/3.6.7/4470_disable-compat_vdso.patch b/3.6.8/4470_disable-compat_vdso.patch |
4669 |
similarity index 100% |
4670 |
rename from 3.6.7/4470_disable-compat_vdso.patch |
4671 |
rename to 3.6.8/4470_disable-compat_vdso.patch |