1 |
commit: cb29449ba86b1b7d605c9b24417178739547505b |
2 |
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Feb 5 16:21:29 2012 +0000 |
4 |
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Feb 5 16:21:29 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=cb29449b |
7 |
|
8 |
Grsec/PaX: 2.2.2-2.6.32.56-201202032051 + 2.2.2-3.2.4-201202032052 |
9 |
|
10 |
--- |
11 |
2.6.32/0000_README | 6 +- |
12 |
2.6.32/1055_linux-2.6.32.56.patch | 716 +++ |
13 |
..._grsecurity-2.2.2-2.6.32.56-201202032051.patch} | 620 +-- |
14 |
2.6.32/4425_grsec-pax-without-grsec.patch | 6 +- |
15 |
2.6.32/4430_grsec-kconfig-default-gids.patch | 14 +- |
16 |
2.6.32/4435_grsec-kconfig-gentoo.patch | 4 +- |
17 |
2.6.32/4437-grsec-kconfig-proc-user.patch | 4 +- |
18 |
2.6.32/4440_selinux-avc_audit-log-curr_ip.patch | 2 +- |
19 |
3.2.2/1001_linux-3.2.2.patch | 6552 -------------------- |
20 |
{3.2.2 => 3.2.4}/0000_README | 10 +- |
21 |
3.2.4/1002_linux-3.2.3.patch | 3760 +++++++++++ |
22 |
3.2.4/1003_linux-3.2.4.patch | 40 + |
23 |
.../4420_grsecurity-2.2.2-3.2.4-201202032052.patch | 996 ++-- |
24 |
.../4421_grsec-remove-localversion-grsec.patch | 0 |
25 |
{3.2.2 => 3.2.4}/4422_grsec-mute-warnings.patch | 0 |
26 |
.../4423_grsec-remove-protected-paths.patch | 0 |
27 |
.../4425_grsec-pax-without-grsec.patch | 0 |
28 |
.../4430_grsec-kconfig-default-gids.patch | 12 +- |
29 |
{3.2.2 => 3.2.4}/4435_grsec-kconfig-gentoo.patch | 2 +- |
30 |
.../4437-grsec-kconfig-proc-user.patch | 0 |
31 |
.../4440_selinux-avc_audit-log-curr_ip.patch | 2 +- |
32 |
{3.2.2 => 3.2.4}/4445_disable-compat_vdso.patch | 0 |
33 |
22 files changed, 5254 insertions(+), 7492 deletions(-) |
34 |
|
35 |
diff --git a/2.6.32/0000_README b/2.6.32/0000_README |
36 |
index c4e9b3d..f0c7190 100644 |
37 |
--- a/2.6.32/0000_README |
38 |
+++ b/2.6.32/0000_README |
39 |
@@ -14,7 +14,11 @@ Patch: 1054_linux-2.6.32.55.patch |
40 |
From: http://www.kernel.org |
41 |
Desc: Linux 2.6.32.55 |
42 |
|
43 |
-Patch: 4420_grsecurity-2.2.2-2.6.32.55-201201272054.patch |
44 |
+Patch: 1055_linux-2.6.32.56.patch |
45 |
+From: http://www.kernel.org |
46 |
+Desc: Linux 2.6.32.56 |
47 |
+ |
48 |
+Patch: 4420_grsecurity-2.2.2-2.6.32.56-201202032051.patch |
49 |
From: http://www.grsecurity.net |
50 |
Desc: hardened-sources base patch from upstream grsecurity |
51 |
|
52 |
|
53 |
diff --git a/2.6.32/1055_linux-2.6.32.56.patch b/2.6.32/1055_linux-2.6.32.56.patch |
54 |
new file mode 100644 |
55 |
index 0000000..53aba88 |
56 |
--- /dev/null |
57 |
+++ b/2.6.32/1055_linux-2.6.32.56.patch |
58 |
@@ -0,0 +1,716 @@ |
59 |
+diff --git a/block/scsi_ioctl.c b/block/scsi_ioctl.c |
60 |
+index 114ee29..2be0a97 100644 |
61 |
+--- a/block/scsi_ioctl.c |
62 |
++++ b/block/scsi_ioctl.c |
63 |
+@@ -24,6 +24,7 @@ |
64 |
+ #include <linux/capability.h> |
65 |
+ #include <linux/completion.h> |
66 |
+ #include <linux/cdrom.h> |
67 |
++#include <linux/ratelimit.h> |
68 |
+ #include <linux/slab.h> |
69 |
+ #include <linux/times.h> |
70 |
+ #include <asm/uaccess.h> |
71 |
+@@ -689,9 +690,53 @@ int scsi_cmd_ioctl(struct request_queue *q, struct gendisk *bd_disk, fmode_t mod |
72 |
+ } |
73 |
+ EXPORT_SYMBOL(scsi_cmd_ioctl); |
74 |
+ |
75 |
++int scsi_verify_blk_ioctl(struct block_device *bd, unsigned int cmd) |
76 |
++{ |
77 |
++ if (bd && bd == bd->bd_contains) |
78 |
++ return 0; |
79 |
++ |
80 |
++ /* Actually none of these is particularly useful on a partition, |
81 |
++ * but they are safe. |
82 |
++ */ |
83 |
++ switch (cmd) { |
84 |
++ case SCSI_IOCTL_GET_IDLUN: |
85 |
++ case SCSI_IOCTL_GET_BUS_NUMBER: |
86 |
++ case SCSI_IOCTL_GET_PCI: |
87 |
++ case SCSI_IOCTL_PROBE_HOST: |
88 |
++ case SG_GET_VERSION_NUM: |
89 |
++ case SG_SET_TIMEOUT: |
90 |
++ case SG_GET_TIMEOUT: |
91 |
++ case SG_GET_RESERVED_SIZE: |
92 |
++ case SG_SET_RESERVED_SIZE: |
93 |
++ case SG_EMULATED_HOST: |
94 |
++ return 0; |
95 |
++ case CDROM_GET_CAPABILITY: |
96 |
++ /* Keep this until we remove the printk below. udev sends it |
97 |
++ * and we do not want to spam dmesg about it. CD-ROMs do |
98 |
++ * not have partitions, so we get here only for disks. |
99 |
++ */ |
100 |
++ return -ENOTTY; |
101 |
++ default: |
102 |
++ break; |
103 |
++ } |
104 |
++ |
105 |
++ /* In particular, rule out all resets and host-specific ioctls. */ |
106 |
++ printk_ratelimited(KERN_WARNING |
107 |
++ "%s: sending ioctl %x to a partition!\n", current->comm, cmd); |
108 |
++ |
109 |
++ return capable(CAP_SYS_RAWIO) ? 0 : -ENOTTY; |
110 |
++} |
111 |
++EXPORT_SYMBOL(scsi_verify_blk_ioctl); |
112 |
++ |
113 |
+ int scsi_cmd_blk_ioctl(struct block_device *bd, fmode_t mode, |
114 |
+ unsigned int cmd, void __user *arg) |
115 |
+ { |
116 |
++ int ret; |
117 |
++ |
118 |
++ ret = scsi_verify_blk_ioctl(bd, cmd); |
119 |
++ if (ret < 0) |
120 |
++ return ret; |
121 |
++ |
122 |
+ return scsi_cmd_ioctl(bd->bd_disk->queue, bd->bd_disk, mode, cmd, arg); |
123 |
+ } |
124 |
+ EXPORT_SYMBOL(scsi_cmd_blk_ioctl); |
125 |
+diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c |
126 |
+index 9ed9f60..88f160b 100644 |
127 |
+--- a/crypto/sha512_generic.c |
128 |
++++ b/crypto/sha512_generic.c |
129 |
+@@ -21,8 +21,6 @@ |
130 |
+ #include <linux/percpu.h> |
131 |
+ #include <asm/byteorder.h> |
132 |
+ |
133 |
+-static DEFINE_PER_CPU(u64[80], msg_schedule); |
134 |
+- |
135 |
+ static inline u64 Ch(u64 x, u64 y, u64 z) |
136 |
+ { |
137 |
+ return z ^ (x & (y ^ z)); |
138 |
+@@ -80,7 +78,7 @@ static inline void LOAD_OP(int I, u64 *W, const u8 *input) |
139 |
+ |
140 |
+ static inline void BLEND_OP(int I, u64 *W) |
141 |
+ { |
142 |
+- W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16]; |
143 |
++ W[I % 16] += s1(W[(I-2) % 16]) + W[(I-7) % 16] + s0(W[(I-15) % 16]); |
144 |
+ } |
145 |
+ |
146 |
+ static void |
147 |
+@@ -89,38 +87,48 @@ sha512_transform(u64 *state, const u8 *input) |
148 |
+ u64 a, b, c, d, e, f, g, h, t1, t2; |
149 |
+ |
150 |
+ int i; |
151 |
+- u64 *W = get_cpu_var(msg_schedule); |
152 |
++ u64 W[16]; |
153 |
+ |
154 |
+ /* load the input */ |
155 |
+ for (i = 0; i < 16; i++) |
156 |
+ LOAD_OP(i, W, input); |
157 |
+ |
158 |
+- for (i = 16; i < 80; i++) { |
159 |
+- BLEND_OP(i, W); |
160 |
+- } |
161 |
+- |
162 |
+ /* load the state into our registers */ |
163 |
+ a=state[0]; b=state[1]; c=state[2]; d=state[3]; |
164 |
+ e=state[4]; f=state[5]; g=state[6]; h=state[7]; |
165 |
+ |
166 |
+- /* now iterate */ |
167 |
+- for (i=0; i<80; i+=8) { |
168 |
+- t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[i ]; |
169 |
+- t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; |
170 |
+- t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[i+1]; |
171 |
+- t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; |
172 |
+- t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[i+2]; |
173 |
+- t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; |
174 |
+- t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[i+3]; |
175 |
+- t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; |
176 |
+- t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[i+4]; |
177 |
+- t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; |
178 |
+- t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[i+5]; |
179 |
+- t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; |
180 |
+- t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[i+6]; |
181 |
+- t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; |
182 |
+- t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[i+7]; |
183 |
+- t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; |
184 |
++#define SHA512_0_15(i, a, b, c, d, e, f, g, h) \ |
185 |
++ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[i]; \ |
186 |
++ t2 = e0(a) + Maj(a, b, c); \ |
187 |
++ d += t1; \ |
188 |
++ h = t1 + t2 |
189 |
++ |
190 |
++#define SHA512_16_79(i, a, b, c, d, e, f, g, h) \ |
191 |
++ BLEND_OP(i, W); \ |
192 |
++ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[(i)%16]; \ |
193 |
++ t2 = e0(a) + Maj(a, b, c); \ |
194 |
++ d += t1; \ |
195 |
++ h = t1 + t2 |
196 |
++ |
197 |
++ for (i = 0; i < 16; i += 8) { |
198 |
++ SHA512_0_15(i, a, b, c, d, e, f, g, h); |
199 |
++ SHA512_0_15(i + 1, h, a, b, c, d, e, f, g); |
200 |
++ SHA512_0_15(i + 2, g, h, a, b, c, d, e, f); |
201 |
++ SHA512_0_15(i + 3, f, g, h, a, b, c, d, e); |
202 |
++ SHA512_0_15(i + 4, e, f, g, h, a, b, c, d); |
203 |
++ SHA512_0_15(i + 5, d, e, f, g, h, a, b, c); |
204 |
++ SHA512_0_15(i + 6, c, d, e, f, g, h, a, b); |
205 |
++ SHA512_0_15(i + 7, b, c, d, e, f, g, h, a); |
206 |
++ } |
207 |
++ for (i = 16; i < 80; i += 8) { |
208 |
++ SHA512_16_79(i, a, b, c, d, e, f, g, h); |
209 |
++ SHA512_16_79(i + 1, h, a, b, c, d, e, f, g); |
210 |
++ SHA512_16_79(i + 2, g, h, a, b, c, d, e, f); |
211 |
++ SHA512_16_79(i + 3, f, g, h, a, b, c, d, e); |
212 |
++ SHA512_16_79(i + 4, e, f, g, h, a, b, c, d); |
213 |
++ SHA512_16_79(i + 5, d, e, f, g, h, a, b, c); |
214 |
++ SHA512_16_79(i + 6, c, d, e, f, g, h, a, b); |
215 |
++ SHA512_16_79(i + 7, b, c, d, e, f, g, h, a); |
216 |
+ } |
217 |
+ |
218 |
+ state[0] += a; state[1] += b; state[2] += c; state[3] += d; |
219 |
+@@ -128,8 +136,6 @@ sha512_transform(u64 *state, const u8 *input) |
220 |
+ |
221 |
+ /* erase our data */ |
222 |
+ a = b = c = d = e = f = g = h = t1 = t2 = 0; |
223 |
+- memset(W, 0, sizeof(__get_cpu_var(msg_schedule))); |
224 |
+- put_cpu_var(msg_schedule); |
225 |
+ } |
226 |
+ |
227 |
+ static int |
228 |
+diff --git a/drivers/gpu/drm/drm_auth.c b/drivers/gpu/drm/drm_auth.c |
229 |
+index 932b5aa..d676d49 100644 |
230 |
+--- a/drivers/gpu/drm/drm_auth.c |
231 |
++++ b/drivers/gpu/drm/drm_auth.c |
232 |
+@@ -102,7 +102,7 @@ static int drm_add_magic(struct drm_master *master, struct drm_file *priv, |
233 |
+ * Searches and unlinks the entry in drm_device::magiclist with the magic |
234 |
+ * number hash key, while holding the drm_device::struct_mutex lock. |
235 |
+ */ |
236 |
+-static int drm_remove_magic(struct drm_master *master, drm_magic_t magic) |
237 |
++int drm_remove_magic(struct drm_master *master, drm_magic_t magic) |
238 |
+ { |
239 |
+ struct drm_magic_entry *pt; |
240 |
+ struct drm_hash_item *hash; |
241 |
+@@ -137,6 +137,8 @@ static int drm_remove_magic(struct drm_master *master, drm_magic_t magic) |
242 |
+ * If there is a magic number in drm_file::magic then use it, otherwise |
243 |
+ * searches an unique non-zero magic number and add it associating it with \p |
244 |
+ * file_priv. |
245 |
++ * This ioctl needs protection by the drm_global_mutex, which protects |
246 |
++ * struct drm_file::magic and struct drm_magic_entry::priv. |
247 |
+ */ |
248 |
+ int drm_getmagic(struct drm_device *dev, void *data, struct drm_file *file_priv) |
249 |
+ { |
250 |
+@@ -174,6 +176,8 @@ int drm_getmagic(struct drm_device *dev, void *data, struct drm_file *file_priv) |
251 |
+ * \return zero if authentication successed, or a negative number otherwise. |
252 |
+ * |
253 |
+ * Checks if \p file_priv is associated with the magic number passed in \arg. |
254 |
++ * This ioctl needs protection by the drm_global_mutex, which protects |
255 |
++ * struct drm_file::magic and struct drm_magic_entry::priv. |
256 |
+ */ |
257 |
+ int drm_authmagic(struct drm_device *dev, void *data, |
258 |
+ struct drm_file *file_priv) |
259 |
+diff --git a/drivers/gpu/drm/drm_fops.c b/drivers/gpu/drm/drm_fops.c |
260 |
+index ba14553..519161e 100644 |
261 |
+--- a/drivers/gpu/drm/drm_fops.c |
262 |
++++ b/drivers/gpu/drm/drm_fops.c |
263 |
+@@ -449,6 +449,11 @@ int drm_release(struct inode *inode, struct file *filp) |
264 |
+ (long)old_encode_dev(file_priv->minor->device), |
265 |
+ dev->open_count); |
266 |
+ |
267 |
++ /* Release any auth tokens that might point to this file_priv, |
268 |
++ (do that under the drm_global_mutex) */ |
269 |
++ if (file_priv->magic) |
270 |
++ (void) drm_remove_magic(file_priv->master, file_priv->magic); |
271 |
++ |
272 |
+ /* if the master has gone away we can't do anything with the lock */ |
273 |
+ if (file_priv->minor->master) |
274 |
+ drm_master_release(dev, filp); |
275 |
+diff --git a/drivers/hwmon/f71805f.c b/drivers/hwmon/f71805f.c |
276 |
+index 525a00b..15645ab 100644 |
277 |
+--- a/drivers/hwmon/f71805f.c |
278 |
++++ b/drivers/hwmon/f71805f.c |
279 |
+@@ -281,11 +281,11 @@ static inline long temp_from_reg(u8 reg) |
280 |
+ |
281 |
+ static inline u8 temp_to_reg(long val) |
282 |
+ { |
283 |
+- if (val < 0) |
284 |
+- val = 0; |
285 |
+- else if (val > 1000 * 0xff) |
286 |
+- val = 0xff; |
287 |
+- return ((val + 500) / 1000); |
288 |
++ if (val <= 0) |
289 |
++ return 0; |
290 |
++ if (val >= 1000 * 0xff) |
291 |
++ return 0xff; |
292 |
++ return (val + 500) / 1000; |
293 |
+ } |
294 |
+ |
295 |
+ /* |
296 |
+diff --git a/drivers/hwmon/sht15.c b/drivers/hwmon/sht15.c |
297 |
+index 2040507..740785e 100644 |
298 |
+--- a/drivers/hwmon/sht15.c |
299 |
++++ b/drivers/hwmon/sht15.c |
300 |
+@@ -515,7 +515,7 @@ static int sht15_invalidate_voltage(struct notifier_block *nb, |
301 |
+ |
302 |
+ static int __devinit sht15_probe(struct platform_device *pdev) |
303 |
+ { |
304 |
+- int ret = 0; |
305 |
++ int ret; |
306 |
+ struct sht15_data *data = kzalloc(sizeof(*data), GFP_KERNEL); |
307 |
+ |
308 |
+ if (!data) { |
309 |
+@@ -532,6 +532,7 @@ static int __devinit sht15_probe(struct platform_device *pdev) |
310 |
+ init_waitqueue_head(&data->wait_queue); |
311 |
+ |
312 |
+ if (pdev->dev.platform_data == NULL) { |
313 |
++ ret = -EINVAL; |
314 |
+ dev_err(&pdev->dev, "no platform data supplied"); |
315 |
+ goto err_free_data; |
316 |
+ } |
317 |
+diff --git a/drivers/md/dm-linear.c b/drivers/md/dm-linear.c |
318 |
+index 82f7d6e..7ab302d 100644 |
319 |
+--- a/drivers/md/dm-linear.c |
320 |
++++ b/drivers/md/dm-linear.c |
321 |
+@@ -116,7 +116,17 @@ static int linear_ioctl(struct dm_target *ti, unsigned int cmd, |
322 |
+ unsigned long arg) |
323 |
+ { |
324 |
+ struct linear_c *lc = (struct linear_c *) ti->private; |
325 |
+- return __blkdev_driver_ioctl(lc->dev->bdev, lc->dev->mode, cmd, arg); |
326 |
++ struct dm_dev *dev = lc->dev; |
327 |
++ int r = 0; |
328 |
++ |
329 |
++ /* |
330 |
++ * Only pass ioctls through if the device sizes match exactly. |
331 |
++ */ |
332 |
++ if (lc->start || |
333 |
++ ti->len != i_size_read(dev->bdev->bd_inode) >> SECTOR_SHIFT) |
334 |
++ r = scsi_verify_blk_ioctl(NULL, cmd); |
335 |
++ |
336 |
++ return r ? : __blkdev_driver_ioctl(dev->bdev, dev->mode, cmd, arg); |
337 |
+ } |
338 |
+ |
339 |
+ static int linear_merge(struct dm_target *ti, struct bvec_merge_data *bvm, |
340 |
+diff --git a/drivers/md/dm-mpath.c b/drivers/md/dm-mpath.c |
341 |
+index b03cd39..4ec5fe2 100644 |
342 |
+--- a/drivers/md/dm-mpath.c |
343 |
++++ b/drivers/md/dm-mpath.c |
344 |
+@@ -1464,6 +1464,12 @@ static int multipath_ioctl(struct dm_target *ti, unsigned int cmd, |
345 |
+ |
346 |
+ spin_unlock_irqrestore(&m->lock, flags); |
347 |
+ |
348 |
++ /* |
349 |
++ * Only pass ioctls through if the device sizes match exactly. |
350 |
++ */ |
351 |
++ if (!r && ti->len != i_size_read(bdev->bd_inode) >> SECTOR_SHIFT) |
352 |
++ r = scsi_verify_blk_ioctl(NULL, cmd); |
353 |
++ |
354 |
+ return r ? : __blkdev_driver_ioctl(bdev, mode, cmd, arg); |
355 |
+ } |
356 |
+ |
357 |
+diff --git a/drivers/mmc/host/mmci.c b/drivers/mmc/host/mmci.c |
358 |
+index 68d800f..705a589 100644 |
359 |
+--- a/drivers/mmc/host/mmci.c |
360 |
++++ b/drivers/mmc/host/mmci.c |
361 |
+@@ -232,12 +232,8 @@ mmci_cmd_irq(struct mmci_host *host, struct mmc_command *cmd, |
362 |
+ } |
363 |
+ |
364 |
+ if (!cmd->data || cmd->error) { |
365 |
+- if (host->data) { |
366 |
+- /* Terminate the DMA transfer */ |
367 |
+- if (dma_inprogress(host)) |
368 |
+- mmci_dma_data_error(host); |
369 |
++ if (host->data) |
370 |
+ mmci_stop_data(host); |
371 |
+- } |
372 |
+ mmci_request_end(host, cmd->mrq); |
373 |
+ } else if (!(cmd->data->flags & MMC_DATA_READ)) { |
374 |
+ mmci_start_data(host, cmd->data); |
375 |
+diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c |
376 |
+index 2dd1b73..a5b55fe 100644 |
377 |
+--- a/drivers/scsi/sd.c |
378 |
++++ b/drivers/scsi/sd.c |
379 |
+@@ -817,6 +817,10 @@ static int sd_ioctl(struct block_device *bdev, fmode_t mode, |
380 |
+ SCSI_LOG_IOCTL(1, printk("sd_ioctl: disk=%s, cmd=0x%x\n", |
381 |
+ disk->disk_name, cmd)); |
382 |
+ |
383 |
++ error = scsi_verify_blk_ioctl(bdev, cmd); |
384 |
++ if (error < 0) |
385 |
++ return error; |
386 |
++ |
387 |
+ /* |
388 |
+ * If we are in the middle of error recovery, don't let anyone |
389 |
+ * else try and use this device. Also, if error recovery fails, it |
390 |
+@@ -996,6 +1000,11 @@ static int sd_compat_ioctl(struct block_device *bdev, fmode_t mode, |
391 |
+ unsigned int cmd, unsigned long arg) |
392 |
+ { |
393 |
+ struct scsi_device *sdev = scsi_disk(bdev->bd_disk)->device; |
394 |
++ int ret; |
395 |
++ |
396 |
++ ret = scsi_verify_blk_ioctl(bdev, cmd); |
397 |
++ if (ret < 0) |
398 |
++ return -ENOIOCTLCMD; |
399 |
+ |
400 |
+ /* |
401 |
+ * If we are in the middle of error recovery, don't let anyone |
402 |
+@@ -1007,8 +1016,6 @@ static int sd_compat_ioctl(struct block_device *bdev, fmode_t mode, |
403 |
+ return -ENODEV; |
404 |
+ |
405 |
+ if (sdev->host->hostt->compat_ioctl) { |
406 |
+- int ret; |
407 |
+- |
408 |
+ ret = sdev->host->hostt->compat_ioctl(sdev, cmd, (void __user *)arg); |
409 |
+ |
410 |
+ return ret; |
411 |
+diff --git a/drivers/usb/class/cdc-wdm.c b/drivers/usb/class/cdc-wdm.c |
412 |
+index 696ca75f..d71514b 100644 |
413 |
+--- a/drivers/usb/class/cdc-wdm.c |
414 |
++++ b/drivers/usb/class/cdc-wdm.c |
415 |
+@@ -458,7 +458,9 @@ retry: |
416 |
+ for (i = 0; i < desc->length - cntr; i++) |
417 |
+ desc->ubuf[i] = desc->ubuf[i + cntr]; |
418 |
+ |
419 |
++ spin_lock_irq(&desc->iuspin); |
420 |
+ desc->length -= cntr; |
421 |
++ spin_unlock_irq(&desc->iuspin); |
422 |
+ /* in case we had outstanding data */ |
423 |
+ if (!desc->length) |
424 |
+ clear_bit(WDM_READ, &desc->flags); |
425 |
+diff --git a/drivers/usb/misc/usbsevseg.c b/drivers/usb/misc/usbsevseg.c |
426 |
+index cd8726c..6bc0bf3 100644 |
427 |
+--- a/drivers/usb/misc/usbsevseg.c |
428 |
++++ b/drivers/usb/misc/usbsevseg.c |
429 |
+@@ -24,7 +24,7 @@ |
430 |
+ |
431 |
+ #define VENDOR_ID 0x0fc5 |
432 |
+ #define PRODUCT_ID 0x1227 |
433 |
+-#define MAXLEN 6 |
434 |
++#define MAXLEN 8 |
435 |
+ |
436 |
+ /* table of devices that work with this driver */ |
437 |
+ static struct usb_device_id id_table[] = { |
438 |
+diff --git a/drivers/usb/serial/cp210x.c b/drivers/usb/serial/cp210x.c |
439 |
+index 8dcaf42..bb16725 100644 |
440 |
+--- a/drivers/usb/serial/cp210x.c |
441 |
++++ b/drivers/usb/serial/cp210x.c |
442 |
+@@ -140,6 +140,7 @@ static struct usb_device_id id_table [] = { |
443 |
+ { USB_DEVICE(0x1843, 0x0200) }, /* Vaisala USB Instrument Cable */ |
444 |
+ { USB_DEVICE(0x18EF, 0xE00F) }, /* ELV USB-I2C-Interface */ |
445 |
+ { USB_DEVICE(0x1BE3, 0x07A6) }, /* WAGO 750-923 USB Service Cable */ |
446 |
++ { USB_DEVICE(0x3195, 0xF190) }, /* Link Instruments MSO-19 */ |
447 |
+ { USB_DEVICE(0x413C, 0x9500) }, /* DW700 GPS USB interface */ |
448 |
+ { } /* Terminating Entry */ |
449 |
+ }; |
450 |
+@@ -360,8 +361,8 @@ static inline int cp210x_set_config_single(struct usb_serial_port *port, |
451 |
+ * Quantises the baud rate as per AN205 Table 1 |
452 |
+ */ |
453 |
+ static unsigned int cp210x_quantise_baudrate(unsigned int baud) { |
454 |
+- if (baud <= 56) baud = 0; |
455 |
+- else if (baud <= 300) baud = 300; |
456 |
++ if (baud <= 300) |
457 |
++ baud = 300; |
458 |
+ else if (baud <= 600) baud = 600; |
459 |
+ else if (baud <= 1200) baud = 1200; |
460 |
+ else if (baud <= 1800) baud = 1800; |
461 |
+diff --git a/drivers/usb/serial/ftdi_sio.c b/drivers/usb/serial/ftdi_sio.c |
462 |
+index 5ce2cb9..85d630e 100644 |
463 |
+--- a/drivers/usb/serial/ftdi_sio.c |
464 |
++++ b/drivers/usb/serial/ftdi_sio.c |
465 |
+@@ -798,6 +798,7 @@ static struct usb_device_id id_table_combined [] = { |
466 |
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
467 |
+ { USB_DEVICE(ADI_VID, ADI_GNICEPLUS_PID), |
468 |
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
469 |
++ { USB_DEVICE(HORNBY_VID, HORNBY_ELITE_PID) }, |
470 |
+ { USB_DEVICE(JETI_VID, JETI_SPC1201_PID) }, |
471 |
+ { USB_DEVICE(MARVELL_VID, MARVELL_SHEEVAPLUG_PID), |
472 |
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
473 |
+@@ -806,6 +807,8 @@ static struct usb_device_id id_table_combined [] = { |
474 |
+ { USB_DEVICE(BAYER_VID, BAYER_CONTOUR_CABLE_PID) }, |
475 |
+ { USB_DEVICE(FTDI_VID, MARVELL_OPENRD_PID), |
476 |
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
477 |
++ { USB_DEVICE(FTDI_VID, TI_XDS100V2_PID), |
478 |
++ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
479 |
+ { USB_DEVICE(FTDI_VID, HAMEG_HO820_PID) }, |
480 |
+ { USB_DEVICE(FTDI_VID, HAMEG_HO720_PID) }, |
481 |
+ { USB_DEVICE(FTDI_VID, HAMEG_HO730_PID) }, |
482 |
+@@ -842,6 +845,7 @@ static struct usb_device_id id_table_combined [] = { |
483 |
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
484 |
+ { USB_DEVICE(ST_VID, ST_STMCLT1030_PID), |
485 |
+ .driver_info = (kernel_ulong_t)&ftdi_stmclite_quirk }, |
486 |
++ { USB_DEVICE(FTDI_VID, FTDI_RF_R106) }, |
487 |
+ { }, /* Optional parameter entry */ |
488 |
+ { } /* Terminating entry */ |
489 |
+ }; |
490 |
+@@ -1351,8 +1355,7 @@ static int set_serial_info(struct tty_struct *tty, |
491 |
+ goto check_and_exit; |
492 |
+ } |
493 |
+ |
494 |
+- if ((new_serial.baud_base != priv->baud_base) && |
495 |
+- (new_serial.baud_base < 9600)) { |
496 |
++ if (new_serial.baud_base != priv->baud_base) { |
497 |
+ unlock_kernel(); |
498 |
+ return -EINVAL; |
499 |
+ } |
500 |
+@@ -1865,6 +1868,7 @@ static int ftdi_submit_read_urb(struct usb_serial_port *port, gfp_t mem_flags) |
501 |
+ |
502 |
+ static int ftdi_open(struct tty_struct *tty, struct usb_serial_port *port) |
503 |
+ { /* ftdi_open */ |
504 |
++ struct ktermios dummy; |
505 |
+ struct usb_device *dev = port->serial->dev; |
506 |
+ struct ftdi_private *priv = usb_get_serial_port_data(port); |
507 |
+ unsigned long flags; |
508 |
+@@ -1892,8 +1896,10 @@ static int ftdi_open(struct tty_struct *tty, struct usb_serial_port *port) |
509 |
+ This is same behaviour as serial.c/rs_open() - Kuba */ |
510 |
+ |
511 |
+ /* ftdi_set_termios will send usb control messages */ |
512 |
+- if (tty) |
513 |
+- ftdi_set_termios(tty, port, tty->termios); |
514 |
++ if (tty) { |
515 |
++ memset(&dummy, 0, sizeof(dummy)); |
516 |
++ ftdi_set_termios(tty, port, &dummy); |
517 |
++ } |
518 |
+ |
519 |
+ /* Not throttled */ |
520 |
+ spin_lock_irqsave(&port->lock, flags); |
521 |
+diff --git a/drivers/usb/serial/ftdi_sio_ids.h b/drivers/usb/serial/ftdi_sio_ids.h |
522 |
+index 8ce1bcb..212fc41 100644 |
523 |
+--- a/drivers/usb/serial/ftdi_sio_ids.h |
524 |
++++ b/drivers/usb/serial/ftdi_sio_ids.h |
525 |
+@@ -38,6 +38,13 @@ |
526 |
+ /* www.candapter.com Ewert Energy Systems CANdapter device */ |
527 |
+ #define FTDI_CANDAPTER_PID 0x9F80 /* Product Id */ |
528 |
+ |
529 |
++/* |
530 |
++ * Texas Instruments XDS100v2 JTAG / BeagleBone A3 |
531 |
++ * http://processors.wiki.ti.com/index.php/XDS100 |
532 |
++ * http://beagleboard.org/bone |
533 |
++ */ |
534 |
++#define TI_XDS100V2_PID 0xa6d0 |
535 |
++ |
536 |
+ #define FTDI_NXTCAM_PID 0xABB8 /* NXTCam for Mindstorms NXT */ |
537 |
+ |
538 |
+ /* US Interface Navigator (http://www.usinterface.com/) */ |
539 |
+@@ -524,6 +531,12 @@ |
540 |
+ #define ADI_GNICEPLUS_PID 0xF001 |
541 |
+ |
542 |
+ /* |
543 |
++ * Hornby Elite |
544 |
++ */ |
545 |
++#define HORNBY_VID 0x04D8 |
546 |
++#define HORNBY_ELITE_PID 0x000A |
547 |
++ |
548 |
++/* |
549 |
+ * RATOC REX-USB60F |
550 |
+ */ |
551 |
+ #define RATOC_VENDOR_ID 0x0584 |
552 |
+@@ -1173,3 +1186,9 @@ |
553 |
+ */ |
554 |
+ /* TagTracer MIFARE*/ |
555 |
+ #define FTDI_ZEITCONTROL_TAGTRACE_MIFARE_PID 0xF7C0 |
556 |
++ |
557 |
++/* |
558 |
++ * Rainforest Automation |
559 |
++ */ |
560 |
++/* ZigBee controller */ |
561 |
++#define FTDI_RF_R106 0x8A28 |
562 |
+diff --git a/drivers/usb/serial/io_ti.c b/drivers/usb/serial/io_ti.c |
563 |
+index fbdbac5..14d51e6 100644 |
564 |
+--- a/drivers/usb/serial/io_ti.c |
565 |
++++ b/drivers/usb/serial/io_ti.c |
566 |
+@@ -2664,15 +2664,7 @@ cleanup: |
567 |
+ |
568 |
+ static void edge_disconnect(struct usb_serial *serial) |
569 |
+ { |
570 |
+- int i; |
571 |
+- struct edgeport_port *edge_port; |
572 |
+- |
573 |
+ dbg("%s", __func__); |
574 |
+- |
575 |
+- for (i = 0; i < serial->num_ports; ++i) { |
576 |
+- edge_port = usb_get_serial_port_data(serial->port[i]); |
577 |
+- edge_remove_sysfs_attrs(edge_port->port); |
578 |
+- } |
579 |
+ } |
580 |
+ |
581 |
+ static void edge_release(struct usb_serial *serial) |
582 |
+@@ -2927,6 +2919,7 @@ static struct usb_serial_driver edgeport_1port_device = { |
583 |
+ .disconnect = edge_disconnect, |
584 |
+ .release = edge_release, |
585 |
+ .port_probe = edge_create_sysfs_attrs, |
586 |
++ .port_remove = edge_remove_sysfs_attrs, |
587 |
+ .ioctl = edge_ioctl, |
588 |
+ .set_termios = edge_set_termios, |
589 |
+ .tiocmget = edge_tiocmget, |
590 |
+@@ -2957,6 +2950,7 @@ static struct usb_serial_driver edgeport_2port_device = { |
591 |
+ .disconnect = edge_disconnect, |
592 |
+ .release = edge_release, |
593 |
+ .port_probe = edge_create_sysfs_attrs, |
594 |
++ .port_remove = edge_remove_sysfs_attrs, |
595 |
+ .ioctl = edge_ioctl, |
596 |
+ .set_termios = edge_set_termios, |
597 |
+ .tiocmget = edge_tiocmget, |
598 |
+diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c |
599 |
+index 443947f..7a5f1ac 100644 |
600 |
+--- a/fs/ecryptfs/crypto.c |
601 |
++++ b/fs/ecryptfs/crypto.c |
602 |
+@@ -1609,7 +1609,8 @@ int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry) |
603 |
+ rc = ecryptfs_read_xattr_region(page_virt, ecryptfs_inode); |
604 |
+ if (rc) { |
605 |
+ printk(KERN_DEBUG "Valid eCryptfs headers not found in " |
606 |
+- "file header region or xattr region\n"); |
607 |
++ "file header region or xattr region, inode %lu\n", |
608 |
++ ecryptfs_inode->i_ino); |
609 |
+ rc = -EINVAL; |
610 |
+ goto out; |
611 |
+ } |
612 |
+@@ -1618,7 +1619,8 @@ int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry) |
613 |
+ ECRYPTFS_DONT_VALIDATE_HEADER_SIZE); |
614 |
+ if (rc) { |
615 |
+ printk(KERN_DEBUG "Valid eCryptfs headers not found in " |
616 |
+- "file xattr region either\n"); |
617 |
++ "file xattr region either, inode %lu\n", |
618 |
++ ecryptfs_inode->i_ino); |
619 |
+ rc = -EINVAL; |
620 |
+ } |
621 |
+ if (crypt_stat->mount_crypt_stat->flags |
622 |
+@@ -1629,7 +1631,8 @@ int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry) |
623 |
+ "crypto metadata only in the extended attribute " |
624 |
+ "region, but eCryptfs was mounted without " |
625 |
+ "xattr support enabled. eCryptfs will not treat " |
626 |
+- "this like an encrypted file.\n"); |
627 |
++ "this like an encrypted file, inode %lu\n", |
628 |
++ ecryptfs_inode->i_ino); |
629 |
+ rc = -EINVAL; |
630 |
+ } |
631 |
+ } |
632 |
+diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c |
633 |
+index 4ec8f61..c4b0bc5 100644 |
634 |
+--- a/fs/ecryptfs/miscdev.c |
635 |
++++ b/fs/ecryptfs/miscdev.c |
636 |
+@@ -408,11 +408,47 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
637 |
+ ssize_t sz = 0; |
638 |
+ char *data; |
639 |
+ uid_t euid = current_euid(); |
640 |
++ unsigned char packet_size_peek[3]; |
641 |
+ int rc; |
642 |
+ |
643 |
+- if (count == 0) |
644 |
++ if (count == 0) { |
645 |
+ goto out; |
646 |
++ } else if (count == (1 + 4)) { |
647 |
++ /* Likely a harmless MSG_HELO or MSG_QUIT - no packet length */ |
648 |
++ goto memdup; |
649 |
++ } else if (count < (1 + 4 + 1) |
650 |
++ || count > (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
651 |
++ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES)) { |
652 |
++ printk(KERN_WARNING "%s: Acceptable packet size range is " |
653 |
++ "[%d-%lu], but amount of data written is [%zu].", |
654 |
++ __func__, (1 + 4 + 1), |
655 |
++ (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
656 |
++ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES), count); |
657 |
++ return -EINVAL; |
658 |
++ } |
659 |
++ |
660 |
++ if (copy_from_user(packet_size_peek, (buf + 1 + 4), |
661 |
++ sizeof(packet_size_peek))) { |
662 |
++ printk(KERN_WARNING "%s: Error while inspecting packet size\n", |
663 |
++ __func__); |
664 |
++ return -EFAULT; |
665 |
++ } |
666 |
++ |
667 |
++ rc = ecryptfs_parse_packet_length(packet_size_peek, &packet_size, |
668 |
++ &packet_size_length); |
669 |
++ if (rc) { |
670 |
++ printk(KERN_WARNING "%s: Error parsing packet length; " |
671 |
++ "rc = [%d]\n", __func__, rc); |
672 |
++ return rc; |
673 |
++ } |
674 |
++ |
675 |
++ if ((1 + 4 + packet_size_length + packet_size) != count) { |
676 |
++ printk(KERN_WARNING "%s: Invalid packet size [%zu]\n", __func__, |
677 |
++ packet_size); |
678 |
++ return -EINVAL; |
679 |
++ } |
680 |
+ |
681 |
++memdup: |
682 |
+ data = memdup_user(buf, count); |
683 |
+ if (IS_ERR(data)) { |
684 |
+ printk(KERN_ERR "%s: memdup_user returned error [%ld]\n", |
685 |
+@@ -434,23 +470,7 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
686 |
+ } |
687 |
+ memcpy(&counter_nbo, &data[i], 4); |
688 |
+ seq = be32_to_cpu(counter_nbo); |
689 |
+- i += 4; |
690 |
+- rc = ecryptfs_parse_packet_length(&data[i], &packet_size, |
691 |
+- &packet_size_length); |
692 |
+- if (rc) { |
693 |
+- printk(KERN_WARNING "%s: Error parsing packet length; " |
694 |
+- "rc = [%d]\n", __func__, rc); |
695 |
+- goto out_free; |
696 |
+- } |
697 |
+- i += packet_size_length; |
698 |
+- if ((1 + 4 + packet_size_length + packet_size) != count) { |
699 |
+- printk(KERN_WARNING "%s: (1 + packet_size_length([%zd])" |
700 |
+- " + packet_size([%zd]))([%zd]) != " |
701 |
+- "count([%zd]). Invalid packet format.\n", |
702 |
+- __func__, packet_size_length, packet_size, |
703 |
+- (1 + packet_size_length + packet_size), count); |
704 |
+- goto out_free; |
705 |
+- } |
706 |
++ i += 4 + packet_size_length; |
707 |
+ rc = ecryptfs_miscdev_response(&data[i], packet_size, |
708 |
+ euid, current_user_ns(), |
709 |
+ task_pid(current), seq); |
710 |
+diff --git a/fs/ecryptfs/read_write.c b/fs/ecryptfs/read_write.c |
711 |
+index 0cc4faf..6b78546 100644 |
712 |
+--- a/fs/ecryptfs/read_write.c |
713 |
++++ b/fs/ecryptfs/read_write.c |
714 |
+@@ -136,6 +136,11 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, |
715 |
+ size_t num_bytes = (PAGE_CACHE_SIZE - start_offset_in_page); |
716 |
+ size_t total_remaining_bytes = ((offset + size) - pos); |
717 |
+ |
718 |
++ if (fatal_signal_pending(current)) { |
719 |
++ rc = -EINTR; |
720 |
++ break; |
721 |
++ } |
722 |
++ |
723 |
+ if (num_bytes > total_remaining_bytes) |
724 |
+ num_bytes = total_remaining_bytes; |
725 |
+ if (pos < offset) { |
726 |
+@@ -197,15 +202,19 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, |
727 |
+ } |
728 |
+ pos += num_bytes; |
729 |
+ } |
730 |
+- if ((offset + size) > ecryptfs_file_size) { |
731 |
+- i_size_write(ecryptfs_inode, (offset + size)); |
732 |
++ if (pos > ecryptfs_file_size) { |
733 |
++ i_size_write(ecryptfs_inode, pos); |
734 |
+ if (crypt_stat->flags & ECRYPTFS_ENCRYPTED) { |
735 |
+- rc = ecryptfs_write_inode_size_to_metadata( |
736 |
++ int rc2; |
737 |
++ |
738 |
++ rc2 = ecryptfs_write_inode_size_to_metadata( |
739 |
+ ecryptfs_inode); |
740 |
+- if (rc) { |
741 |
++ if (rc2) { |
742 |
+ printk(KERN_ERR "Problem with " |
743 |
+ "ecryptfs_write_inode_size_to_metadata; " |
744 |
+- "rc = [%d]\n", rc); |
745 |
++ "rc = [%d]\n", rc2); |
746 |
++ if (!rc) |
747 |
++ rc = rc2; |
748 |
+ goto out; |
749 |
+ } |
750 |
+ } |
751 |
+diff --git a/include/drm/drmP.h b/include/drm/drmP.h |
752 |
+index 66713c6..ebab6a6 100644 |
753 |
+--- a/include/drm/drmP.h |
754 |
++++ b/include/drm/drmP.h |
755 |
+@@ -1221,6 +1221,7 @@ extern int drm_getmagic(struct drm_device *dev, void *data, |
756 |
+ struct drm_file *file_priv); |
757 |
+ extern int drm_authmagic(struct drm_device *dev, void *data, |
758 |
+ struct drm_file *file_priv); |
759 |
++extern int drm_remove_magic(struct drm_master *master, drm_magic_t magic); |
760 |
+ |
761 |
+ /* Cache management (drm_cache.c) */ |
762 |
+ void drm_clflush_pages(struct page *pages[], unsigned long num_pages); |
763 |
+diff --git a/include/linux/blkdev.h b/include/linux/blkdev.h |
764 |
+index 63070ad..5eb6cb0 100644 |
765 |
+--- a/include/linux/blkdev.h |
766 |
++++ b/include/linux/blkdev.h |
767 |
+@@ -777,6 +777,7 @@ extern void blk_plug_device(struct request_queue *); |
768 |
+ extern void blk_plug_device_unlocked(struct request_queue *); |
769 |
+ extern int blk_remove_plug(struct request_queue *); |
770 |
+ extern void blk_recount_segments(struct request_queue *, struct bio *); |
771 |
++extern int scsi_verify_blk_ioctl(struct block_device *, unsigned int); |
772 |
+ extern int scsi_cmd_blk_ioctl(struct block_device *, fmode_t, |
773 |
+ unsigned int, void __user *); |
774 |
+ extern int scsi_cmd_ioctl(struct request_queue *, struct gendisk *, fmode_t, |
775 |
|
776 |
diff --git a/2.6.32/4420_grsecurity-2.2.2-2.6.32.55-201201272054.patch b/2.6.32/4420_grsecurity-2.2.2-2.6.32.56-201202032051.patch |
777 |
similarity index 99% |
778 |
rename from 2.6.32/4420_grsecurity-2.2.2-2.6.32.55-201201272054.patch |
779 |
rename to 2.6.32/4420_grsecurity-2.2.2-2.6.32.56-201202032051.patch |
780 |
index 4b8b2b0..c0e9b3a 100644 |
781 |
--- a/2.6.32/4420_grsecurity-2.2.2-2.6.32.55-201201272054.patch |
782 |
+++ b/2.6.32/4420_grsecurity-2.2.2-2.6.32.56-201202032051.patch |
783 |
@@ -185,7 +185,7 @@ index c840e7d..f4c451c 100644 |
784 |
|
785 |
pcd. [PARIDE] |
786 |
diff --git a/Makefile b/Makefile |
787 |
-index 64d4fc6..3b32f7f 100644 |
788 |
+index 81ad738..cbdaeb0 100644 |
789 |
--- a/Makefile |
790 |
+++ b/Makefile |
791 |
@@ -221,8 +221,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
792 |
@@ -13949,10 +13949,18 @@ index ef3cd31..9d2f6ab 100644 |
793 |
.store = store, |
794 |
}; |
795 |
diff --git a/arch/x86/kernel/cpu/mcheck/p5.c b/arch/x86/kernel/cpu/mcheck/p5.c |
796 |
-index 5c0e653..1e82c7c 100644 |
797 |
+index 5c0e653..0882b0a 100644 |
798 |
--- a/arch/x86/kernel/cpu/mcheck/p5.c |
799 |
+++ b/arch/x86/kernel/cpu/mcheck/p5.c |
800 |
-@@ -50,7 +50,9 @@ void intel_p5_mcheck_init(struct cpuinfo_x86 *c) |
801 |
+@@ -12,6 +12,7 @@ |
802 |
+ #include <asm/system.h> |
803 |
+ #include <asm/mce.h> |
804 |
+ #include <asm/msr.h> |
805 |
++#include <asm/pgtable.h> |
806 |
+ |
807 |
+ /* By default disabled */ |
808 |
+ int mce_p5_enabled __read_mostly; |
809 |
+@@ -50,7 +51,9 @@ void intel_p5_mcheck_init(struct cpuinfo_x86 *c) |
810 |
if (!cpu_has(c, X86_FEATURE_MCE)) |
811 |
return; |
812 |
|
813 |
@@ -13963,10 +13971,18 @@ index 5c0e653..1e82c7c 100644 |
814 |
wmb(); |
815 |
|
816 |
diff --git a/arch/x86/kernel/cpu/mcheck/winchip.c b/arch/x86/kernel/cpu/mcheck/winchip.c |
817 |
-index 54060f5..e6ba93d 100644 |
818 |
+index 54060f5..c1a7577 100644 |
819 |
--- a/arch/x86/kernel/cpu/mcheck/winchip.c |
820 |
+++ b/arch/x86/kernel/cpu/mcheck/winchip.c |
821 |
-@@ -24,7 +24,9 @@ void winchip_mcheck_init(struct cpuinfo_x86 *c) |
822 |
+@@ -11,6 +11,7 @@ |
823 |
+ #include <asm/system.h> |
824 |
+ #include <asm/mce.h> |
825 |
+ #include <asm/msr.h> |
826 |
++#include <asm/pgtable.h> |
827 |
+ |
828 |
+ /* Machine check handler for WinChip C6: */ |
829 |
+ static void winchip_machine_check(struct pt_regs *regs, long error_code) |
830 |
+@@ -24,7 +25,9 @@ void winchip_mcheck_init(struct cpuinfo_x86 *c) |
831 |
{ |
832 |
u32 lo, hi; |
833 |
|
834 |
@@ -25343,7 +25359,7 @@ index 84e236c..69bd3f6 100644 |
835 |
|
836 |
return (void *)vaddr; |
837 |
diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c |
838 |
-index 2feb9bd..3646202 100644 |
839 |
+index 2feb9bd..ab91e7b 100644 |
840 |
--- a/arch/x86/mm/ioremap.c |
841 |
+++ b/arch/x86/mm/ioremap.c |
842 |
@@ -41,8 +41,8 @@ int page_is_ram(unsigned long pagenr) |
843 |
@@ -25373,7 +25389,17 @@ index 2feb9bd..3646202 100644 |
844 |
return NULL; |
845 |
WARN_ON_ONCE(is_ram); |
846 |
} |
847 |
-@@ -407,7 +404,7 @@ static int __init early_ioremap_debug_setup(char *str) |
848 |
+@@ -378,6 +375,9 @@ void *xlate_dev_mem_ptr(unsigned long phys) |
849 |
+ |
850 |
+ /* If page is RAM, we can use __va. Otherwise ioremap and unmap. */ |
851 |
+ if (page_is_ram(start >> PAGE_SHIFT)) |
852 |
++#ifdef CONFIG_HIGHMEM |
853 |
++ if ((start >> PAGE_SHIFT) < max_low_pfn) |
854 |
++#endif |
855 |
+ return __va(phys); |
856 |
+ |
857 |
+ addr = (void __force *)ioremap_default(start, PAGE_SIZE); |
858 |
+@@ -407,7 +407,7 @@ static int __init early_ioremap_debug_setup(char *str) |
859 |
early_param("early_ioremap_debug", early_ioremap_debug_setup); |
860 |
|
861 |
static __initdata int after_paging_init; |
862 |
@@ -25382,7 +25408,7 @@ index 2feb9bd..3646202 100644 |
863 |
|
864 |
static inline pmd_t * __init early_ioremap_pmd(unsigned long addr) |
865 |
{ |
866 |
-@@ -439,8 +436,7 @@ void __init early_ioremap_init(void) |
867 |
+@@ -439,8 +439,7 @@ void __init early_ioremap_init(void) |
868 |
slot_virt[i] = __fix_to_virt(FIX_BTMAP_BEGIN - NR_FIX_BTMAPS*i); |
869 |
|
870 |
pmd = early_ioremap_pmd(fix_to_virt(FIX_BTMAP_BEGIN)); |
871 |
@@ -27300,18 +27326,10 @@ index a847046..75a1746 100644 |
872 |
.store = elv_attr_store, |
873 |
}; |
874 |
diff --git a/block/scsi_ioctl.c b/block/scsi_ioctl.c |
875 |
-index 114ee29..d0efa50 100644 |
876 |
+index 2be0a97..bded3fd 100644 |
877 |
--- a/block/scsi_ioctl.c |
878 |
+++ b/block/scsi_ioctl.c |
879 |
-@@ -24,6 +24,7 @@ |
880 |
- #include <linux/capability.h> |
881 |
- #include <linux/completion.h> |
882 |
- #include <linux/cdrom.h> |
883 |
-+#include <linux/ratelimit.h> |
884 |
- #include <linux/slab.h> |
885 |
- #include <linux/times.h> |
886 |
- #include <asm/uaccess.h> |
887 |
-@@ -220,8 +221,20 @@ EXPORT_SYMBOL(blk_verify_command); |
888 |
+@@ -221,8 +221,20 @@ EXPORT_SYMBOL(blk_verify_command); |
889 |
static int blk_fill_sghdr_rq(struct request_queue *q, struct request *rq, |
890 |
struct sg_io_hdr *hdr, fmode_t mode) |
891 |
{ |
892 |
@@ -27333,7 +27351,7 @@ index 114ee29..d0efa50 100644 |
893 |
if (blk_verify_command(rq->cmd, mode & FMODE_WRITE)) |
894 |
return -EPERM; |
895 |
|
896 |
-@@ -430,6 +443,8 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, |
897 |
+@@ -431,6 +443,8 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, |
898 |
int err; |
899 |
unsigned int in_len, out_len, bytes, opcode, cmdlen; |
900 |
char *buffer = NULL, sense[SCSI_SENSE_BUFFERSIZE]; |
901 |
@@ -27342,7 +27360,7 @@ index 114ee29..d0efa50 100644 |
902 |
|
903 |
if (!sic) |
904 |
return -EINVAL; |
905 |
-@@ -463,9 +478,18 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, |
906 |
+@@ -464,9 +478,18 @@ int sg_scsi_ioctl(struct request_queue *q, struct gendisk *disk, fmode_t mode, |
907 |
*/ |
908 |
err = -EFAULT; |
909 |
rq->cmd_len = cmdlen; |
910 |
@@ -27362,61 +27380,6 @@ index 114ee29..d0efa50 100644 |
911 |
if (in_len && copy_from_user(buffer, sic->data + cmdlen, in_len)) |
912 |
goto error; |
913 |
|
914 |
-@@ -689,9 +713,54 @@ int scsi_cmd_ioctl(struct request_queue *q, struct gendisk *bd_disk, fmode_t mod |
915 |
- } |
916 |
- EXPORT_SYMBOL(scsi_cmd_ioctl); |
917 |
- |
918 |
-+int scsi_verify_blk_ioctl(struct block_device *bd, unsigned int cmd) |
919 |
-+{ |
920 |
-+ if (bd && bd == bd->bd_contains) |
921 |
-+ return 0; |
922 |
-+ |
923 |
-+ /* Actually none of these is particularly useful on a partition, |
924 |
-+ * but they are safe. |
925 |
-+ */ |
926 |
-+ switch (cmd) { |
927 |
-+ case SCSI_IOCTL_GET_IDLUN: |
928 |
-+ case SCSI_IOCTL_GET_BUS_NUMBER: |
929 |
-+ case SCSI_IOCTL_GET_PCI: |
930 |
-+ case SCSI_IOCTL_PROBE_HOST: |
931 |
-+ case SG_GET_VERSION_NUM: |
932 |
-+ case SG_SET_TIMEOUT: |
933 |
-+ case SG_GET_TIMEOUT: |
934 |
-+ case SG_GET_RESERVED_SIZE: |
935 |
-+ case SG_SET_RESERVED_SIZE: |
936 |
-+ case SG_EMULATED_HOST: |
937 |
-+ return 0; |
938 |
-+ case CDROM_GET_CAPABILITY: |
939 |
-+ /* Keep this until we remove the printk below. udev sends it |
940 |
-+ * and we do not want to spam dmesg about it. CD-ROMs do |
941 |
-+ * not have partitions, so we get here only for disks. |
942 |
-+ */ |
943 |
-+ return -ENOIOCTLCMD; |
944 |
-+ default: |
945 |
-+ break; |
946 |
-+ } |
947 |
-+ |
948 |
-+ /* In particular, rule out all resets and host-specific ioctls. */ |
949 |
-+ if (printk_ratelimit()) |
950 |
-+ printk(KERN_WARNING "%s: sending ioctl %x to a partition!\n", |
951 |
-+ current->comm, cmd); |
952 |
-+ |
953 |
-+ return capable(CAP_SYS_RAWIO) ? 0 : -ENOIOCTLCMD; |
954 |
-+} |
955 |
-+EXPORT_SYMBOL(scsi_verify_blk_ioctl); |
956 |
-+ |
957 |
- int scsi_cmd_blk_ioctl(struct block_device *bd, fmode_t mode, |
958 |
- unsigned int cmd, void __user *arg) |
959 |
- { |
960 |
-+ int ret; |
961 |
-+ |
962 |
-+ ret = scsi_verify_blk_ioctl(bd, cmd); |
963 |
-+ if (ret < 0) |
964 |
-+ return ret; |
965 |
-+ |
966 |
- return scsi_cmd_ioctl(bd->bd_disk->queue, bd->bd_disk, mode, cmd, arg); |
967 |
- } |
968 |
- EXPORT_SYMBOL(scsi_cmd_blk_ioctl); |
969 |
diff --git a/crypto/cryptd.c b/crypto/cryptd.c |
970 |
index 3533582..f143117 100644 |
971 |
--- a/crypto/cryptd.c |
972 |
@@ -27473,109 +27436,6 @@ index b651a55..023297d 100644 |
973 |
/* Copy key, add padding */ |
974 |
|
975 |
for (i = 0; i < keylen; ++i) |
976 |
-diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c |
977 |
-index 9ed9f60..88f160b 100644 |
978 |
---- a/crypto/sha512_generic.c |
979 |
-+++ b/crypto/sha512_generic.c |
980 |
-@@ -21,8 +21,6 @@ |
981 |
- #include <linux/percpu.h> |
982 |
- #include <asm/byteorder.h> |
983 |
- |
984 |
--static DEFINE_PER_CPU(u64[80], msg_schedule); |
985 |
-- |
986 |
- static inline u64 Ch(u64 x, u64 y, u64 z) |
987 |
- { |
988 |
- return z ^ (x & (y ^ z)); |
989 |
-@@ -80,7 +78,7 @@ static inline void LOAD_OP(int I, u64 *W, const u8 *input) |
990 |
- |
991 |
- static inline void BLEND_OP(int I, u64 *W) |
992 |
- { |
993 |
-- W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16]; |
994 |
-+ W[I % 16] += s1(W[(I-2) % 16]) + W[(I-7) % 16] + s0(W[(I-15) % 16]); |
995 |
- } |
996 |
- |
997 |
- static void |
998 |
-@@ -89,38 +87,48 @@ sha512_transform(u64 *state, const u8 *input) |
999 |
- u64 a, b, c, d, e, f, g, h, t1, t2; |
1000 |
- |
1001 |
- int i; |
1002 |
-- u64 *W = get_cpu_var(msg_schedule); |
1003 |
-+ u64 W[16]; |
1004 |
- |
1005 |
- /* load the input */ |
1006 |
- for (i = 0; i < 16; i++) |
1007 |
- LOAD_OP(i, W, input); |
1008 |
- |
1009 |
-- for (i = 16; i < 80; i++) { |
1010 |
-- BLEND_OP(i, W); |
1011 |
-- } |
1012 |
-- |
1013 |
- /* load the state into our registers */ |
1014 |
- a=state[0]; b=state[1]; c=state[2]; d=state[3]; |
1015 |
- e=state[4]; f=state[5]; g=state[6]; h=state[7]; |
1016 |
- |
1017 |
-- /* now iterate */ |
1018 |
-- for (i=0; i<80; i+=8) { |
1019 |
-- t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[i ]; |
1020 |
-- t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; |
1021 |
-- t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[i+1]; |
1022 |
-- t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; |
1023 |
-- t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[i+2]; |
1024 |
-- t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; |
1025 |
-- t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[i+3]; |
1026 |
-- t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; |
1027 |
-- t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[i+4]; |
1028 |
-- t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; |
1029 |
-- t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[i+5]; |
1030 |
-- t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; |
1031 |
-- t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[i+6]; |
1032 |
-- t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; |
1033 |
-- t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[i+7]; |
1034 |
-- t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; |
1035 |
-+#define SHA512_0_15(i, a, b, c, d, e, f, g, h) \ |
1036 |
-+ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[i]; \ |
1037 |
-+ t2 = e0(a) + Maj(a, b, c); \ |
1038 |
-+ d += t1; \ |
1039 |
-+ h = t1 + t2 |
1040 |
-+ |
1041 |
-+#define SHA512_16_79(i, a, b, c, d, e, f, g, h) \ |
1042 |
-+ BLEND_OP(i, W); \ |
1043 |
-+ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[(i)%16]; \ |
1044 |
-+ t2 = e0(a) + Maj(a, b, c); \ |
1045 |
-+ d += t1; \ |
1046 |
-+ h = t1 + t2 |
1047 |
-+ |
1048 |
-+ for (i = 0; i < 16; i += 8) { |
1049 |
-+ SHA512_0_15(i, a, b, c, d, e, f, g, h); |
1050 |
-+ SHA512_0_15(i + 1, h, a, b, c, d, e, f, g); |
1051 |
-+ SHA512_0_15(i + 2, g, h, a, b, c, d, e, f); |
1052 |
-+ SHA512_0_15(i + 3, f, g, h, a, b, c, d, e); |
1053 |
-+ SHA512_0_15(i + 4, e, f, g, h, a, b, c, d); |
1054 |
-+ SHA512_0_15(i + 5, d, e, f, g, h, a, b, c); |
1055 |
-+ SHA512_0_15(i + 6, c, d, e, f, g, h, a, b); |
1056 |
-+ SHA512_0_15(i + 7, b, c, d, e, f, g, h, a); |
1057 |
-+ } |
1058 |
-+ for (i = 16; i < 80; i += 8) { |
1059 |
-+ SHA512_16_79(i, a, b, c, d, e, f, g, h); |
1060 |
-+ SHA512_16_79(i + 1, h, a, b, c, d, e, f, g); |
1061 |
-+ SHA512_16_79(i + 2, g, h, a, b, c, d, e, f); |
1062 |
-+ SHA512_16_79(i + 3, f, g, h, a, b, c, d, e); |
1063 |
-+ SHA512_16_79(i + 4, e, f, g, h, a, b, c, d); |
1064 |
-+ SHA512_16_79(i + 5, d, e, f, g, h, a, b, c); |
1065 |
-+ SHA512_16_79(i + 6, c, d, e, f, g, h, a, b); |
1066 |
-+ SHA512_16_79(i + 7, b, c, d, e, f, g, h, a); |
1067 |
- } |
1068 |
- |
1069 |
- state[0] += a; state[1] += b; state[2] += c; state[3] += d; |
1070 |
-@@ -128,8 +136,6 @@ sha512_transform(u64 *state, const u8 *input) |
1071 |
- |
1072 |
- /* erase our data */ |
1073 |
- a = b = c = d = e = f = g = h = t1 = t2 = 0; |
1074 |
-- memset(W, 0, sizeof(__get_cpu_var(msg_schedule))); |
1075 |
-- put_cpu_var(msg_schedule); |
1076 |
- } |
1077 |
- |
1078 |
- static int |
1079 |
diff --git a/drivers/acpi/acpi_pad.c b/drivers/acpi/acpi_pad.c |
1080 |
index 0d2cdb8..d8de48d 100644 |
1081 |
--- a/drivers/acpi/acpi_pad.c |
1082 |
@@ -31876,9 +31736,18 @@ index bf2170f..ce8cab9 100644 |
1083 |
acpi_os_unmap_memory(virt, len); |
1084 |
return 0; |
1085 |
diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c |
1086 |
-index 123cedf..137edef 100644 |
1087 |
+index 123cedf..6664cb4 100644 |
1088 |
--- a/drivers/char/tty_io.c |
1089 |
+++ b/drivers/char/tty_io.c |
1090 |
+@@ -146,7 +146,7 @@ static int tty_open(struct inode *, struct file *); |
1091 |
+ static int tty_release(struct inode *, struct file *); |
1092 |
+ long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg); |
1093 |
+ #ifdef CONFIG_COMPAT |
1094 |
+-static long tty_compat_ioctl(struct file *file, unsigned int cmd, |
1095 |
++long tty_compat_ioctl(struct file *file, unsigned int cmd, |
1096 |
+ unsigned long arg); |
1097 |
+ #else |
1098 |
+ #define tty_compat_ioctl NULL |
1099 |
@@ -1774,6 +1774,7 @@ got_driver: |
1100 |
|
1101 |
if (IS_ERR(tty)) { |
1102 |
@@ -32792,7 +32661,7 @@ index 0e27d98..dec8768 100644 |
1103 |
|
1104 |
DRM_DEBUG("pid=%d, cmd=0x%02x, nr=0x%02x, dev 0x%lx, auth=%d\n", |
1105 |
diff --git a/drivers/gpu/drm/drm_fops.c b/drivers/gpu/drm/drm_fops.c |
1106 |
-index ba14553..182d0bb 100644 |
1107 |
+index 519161e..98c840c 100644 |
1108 |
--- a/drivers/gpu/drm/drm_fops.c |
1109 |
+++ b/drivers/gpu/drm/drm_fops.c |
1110 |
@@ -66,7 +66,7 @@ static int drm_setup(struct drm_device * dev) |
1111 |
@@ -32832,9 +32701,9 @@ index ba14553..182d0bb 100644 |
1112 |
- dev->open_count); |
1113 |
+ local_read(&dev->open_count)); |
1114 |
|
1115 |
- /* if the master has gone away we can't do anything with the lock */ |
1116 |
- if (file_priv->minor->master) |
1117 |
-@@ -524,9 +524,9 @@ int drm_release(struct inode *inode, struct file *filp) |
1118 |
+ /* Release any auth tokens that might point to this file_priv, |
1119 |
+ (do that under the drm_global_mutex) */ |
1120 |
+@@ -529,9 +529,9 @@ int drm_release(struct inode *inode, struct file *filp) |
1121 |
* End inline drm_release |
1122 |
*/ |
1123 |
|
1124 |
@@ -34105,7 +33974,7 @@ index 7cdd76f..fe0efdf 100644 |
1125 |
int ycalib; /* calibrated null value for y */ |
1126 |
int zcalib; /* calibrated null value for z */ |
1127 |
diff --git a/drivers/hwmon/sht15.c b/drivers/hwmon/sht15.c |
1128 |
-index 2040507..706ec1e 100644 |
1129 |
+index 740785e..5a5c6c6 100644 |
1130 |
--- a/drivers/hwmon/sht15.c |
1131 |
+++ b/drivers/hwmon/sht15.c |
1132 |
@@ -112,7 +112,7 @@ struct sht15_data { |
1133 |
@@ -41626,42 +41495,6 @@ index 21a045e..ec89e03 100644 |
1134 |
dev_set_name(&rport->dev, "port-%d:%d", shost->host_no, id); |
1135 |
|
1136 |
transport_setup_device(&rport->dev); |
1137 |
-diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c |
1138 |
-index 2dd1b73..fd8145f 100644 |
1139 |
---- a/drivers/scsi/sd.c |
1140 |
-+++ b/drivers/scsi/sd.c |
1141 |
-@@ -817,6 +817,10 @@ static int sd_ioctl(struct block_device *bdev, fmode_t mode, |
1142 |
- SCSI_LOG_IOCTL(1, printk("sd_ioctl: disk=%s, cmd=0x%x\n", |
1143 |
- disk->disk_name, cmd)); |
1144 |
- |
1145 |
-+ error = scsi_verify_blk_ioctl(bdev, cmd); |
1146 |
-+ if (error < 0) |
1147 |
-+ return error; |
1148 |
-+ |
1149 |
- /* |
1150 |
- * If we are in the middle of error recovery, don't let anyone |
1151 |
- * else try and use this device. Also, if error recovery fails, it |
1152 |
-@@ -996,6 +1000,11 @@ static int sd_compat_ioctl(struct block_device *bdev, fmode_t mode, |
1153 |
- unsigned int cmd, unsigned long arg) |
1154 |
- { |
1155 |
- struct scsi_device *sdev = scsi_disk(bdev->bd_disk)->device; |
1156 |
-+ int ret; |
1157 |
-+ |
1158 |
-+ ret = scsi_verify_blk_ioctl(bdev, cmd); |
1159 |
-+ if (ret < 0) |
1160 |
-+ return ret; |
1161 |
- |
1162 |
- /* |
1163 |
- * If we are in the middle of error recovery, don't let anyone |
1164 |
-@@ -1007,8 +1016,6 @@ static int sd_compat_ioctl(struct block_device *bdev, fmode_t mode, |
1165 |
- return -ENODEV; |
1166 |
- |
1167 |
- if (sdev->host->hostt->compat_ioctl) { |
1168 |
-- int ret; |
1169 |
-- |
1170 |
- ret = sdev->host->hostt->compat_ioctl(sdev, cmd, (void __user *)arg); |
1171 |
- |
1172 |
- return ret; |
1173 |
diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c |
1174 |
index 040f751..98a5ed2 100644 |
1175 |
--- a/drivers/scsi/sg.c |
1176 |
@@ -48429,6 +48262,22 @@ index 44c0aea..2529092 100644 |
1177 |
|
1178 |
dcache_init(); |
1179 |
inode_init(); |
1180 |
+diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c |
1181 |
+index 39c6ee8..dcee0f1 100644 |
1182 |
+--- a/fs/debugfs/inode.c |
1183 |
++++ b/fs/debugfs/inode.c |
1184 |
+@@ -269,7 +269,11 @@ EXPORT_SYMBOL_GPL(debugfs_create_file); |
1185 |
+ struct dentry *debugfs_create_dir(const char *name, struct dentry *parent) |
1186 |
+ { |
1187 |
+ return debugfs_create_file(name, |
1188 |
++#ifdef CONFIG_GRKERNSEC_SYSFS_RESTRICT |
1189 |
++ S_IFDIR | S_IRWXU, |
1190 |
++#else |
1191 |
+ S_IFDIR | S_IRWXU | S_IRUGO | S_IXUGO, |
1192 |
++#endif |
1193 |
+ parent, NULL, NULL); |
1194 |
+ } |
1195 |
+ EXPORT_SYMBOL_GPL(debugfs_create_dir); |
1196 |
diff --git a/fs/dlm/lockspace.c b/fs/dlm/lockspace.c |
1197 |
index c010ecf..a8d8c59 100644 |
1198 |
--- a/fs/dlm/lockspace.c |
1199 |
@@ -48443,7 +48292,7 @@ index c010ecf..a8d8c59 100644 |
1200 |
.store = dlm_attr_store, |
1201 |
}; |
1202 |
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c |
1203 |
-index 443947f..a871402 100644 |
1204 |
+index 7a5f1ac..205b034 100644 |
1205 |
--- a/fs/ecryptfs/crypto.c |
1206 |
+++ b/fs/ecryptfs/crypto.c |
1207 |
@@ -418,17 +418,6 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page, |
1208 |
@@ -48497,20 +48346,20 @@ index 443947f..a871402 100644 |
1209 |
rc = ecryptfs_decrypt_page_offset(crypt_stat, page, |
1210 |
(extent_offset |
1211 |
* crypt_stat->extent_size), |
1212 |
-@@ -569,6 +539,7 @@ static int ecryptfs_decrypt_extent(struct page *page, |
1213 |
+@@ -569,16 +539,6 @@ static int ecryptfs_decrypt_extent(struct page *page, |
1214 |
goto out; |
1215 |
} |
1216 |
rc = 0; |
1217 |
-+<<<<<<< HEAD |
1218 |
- if (unlikely(ecryptfs_verbosity > 0)) { |
1219 |
- ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16x]; " |
1220 |
- "rc = [%d]\n", (extent_base + extent_offset), |
1221 |
-@@ -579,6 +550,8 @@ static int ecryptfs_decrypt_extent(struct page *page, |
1222 |
- + (extent_offset |
1223 |
- * crypt_stat->extent_size)), 8); |
1224 |
- } |
1225 |
-+======= |
1226 |
-+>>>>>>> 58ded24... eCryptfs: Fix oops when printing debug info in extent crypto functions |
1227 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
1228 |
+- ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16x]; " |
1229 |
+- "rc = [%d]\n", (extent_base + extent_offset), |
1230 |
+- rc); |
1231 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " |
1232 |
+- "decryption:\n"); |
1233 |
+- ecryptfs_dump_hex((char *)(page_address(page) |
1234 |
+- + (extent_offset |
1235 |
+- * crypt_stat->extent_size)), 8); |
1236 |
+- } |
1237 |
out: |
1238 |
return rc; |
1239 |
} |
1240 |
@@ -48536,89 +48385,11 @@ index 88ba4d4..073f003 100644 |
1241 |
set_fs(old_fs); |
1242 |
if (rc < 0) |
1243 |
goto out_free; |
1244 |
-diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c |
1245 |
-index 4ec8f61..c4b0bc5 100644 |
1246 |
---- a/fs/ecryptfs/miscdev.c |
1247 |
-+++ b/fs/ecryptfs/miscdev.c |
1248 |
-@@ -408,11 +408,47 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
1249 |
- ssize_t sz = 0; |
1250 |
- char *data; |
1251 |
- uid_t euid = current_euid(); |
1252 |
-+ unsigned char packet_size_peek[3]; |
1253 |
- int rc; |
1254 |
- |
1255 |
-- if (count == 0) |
1256 |
-+ if (count == 0) { |
1257 |
- goto out; |
1258 |
-+ } else if (count == (1 + 4)) { |
1259 |
-+ /* Likely a harmless MSG_HELO or MSG_QUIT - no packet length */ |
1260 |
-+ goto memdup; |
1261 |
-+ } else if (count < (1 + 4 + 1) |
1262 |
-+ || count > (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
1263 |
-+ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES)) { |
1264 |
-+ printk(KERN_WARNING "%s: Acceptable packet size range is " |
1265 |
-+ "[%d-%lu], but amount of data written is [%zu].", |
1266 |
-+ __func__, (1 + 4 + 1), |
1267 |
-+ (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
1268 |
-+ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES), count); |
1269 |
-+ return -EINVAL; |
1270 |
-+ } |
1271 |
- |
1272 |
-+ if (copy_from_user(packet_size_peek, (buf + 1 + 4), |
1273 |
-+ sizeof(packet_size_peek))) { |
1274 |
-+ printk(KERN_WARNING "%s: Error while inspecting packet size\n", |
1275 |
-+ __func__); |
1276 |
-+ return -EFAULT; |
1277 |
-+ } |
1278 |
-+ |
1279 |
-+ rc = ecryptfs_parse_packet_length(packet_size_peek, &packet_size, |
1280 |
-+ &packet_size_length); |
1281 |
-+ if (rc) { |
1282 |
-+ printk(KERN_WARNING "%s: Error parsing packet length; " |
1283 |
-+ "rc = [%d]\n", __func__, rc); |
1284 |
-+ return rc; |
1285 |
-+ } |
1286 |
-+ |
1287 |
-+ if ((1 + 4 + packet_size_length + packet_size) != count) { |
1288 |
-+ printk(KERN_WARNING "%s: Invalid packet size [%zu]\n", __func__, |
1289 |
-+ packet_size); |
1290 |
-+ return -EINVAL; |
1291 |
-+ } |
1292 |
-+ |
1293 |
-+memdup: |
1294 |
- data = memdup_user(buf, count); |
1295 |
- if (IS_ERR(data)) { |
1296 |
- printk(KERN_ERR "%s: memdup_user returned error [%ld]\n", |
1297 |
-@@ -434,23 +470,7 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
1298 |
- } |
1299 |
- memcpy(&counter_nbo, &data[i], 4); |
1300 |
- seq = be32_to_cpu(counter_nbo); |
1301 |
-- i += 4; |
1302 |
-- rc = ecryptfs_parse_packet_length(&data[i], &packet_size, |
1303 |
-- &packet_size_length); |
1304 |
-- if (rc) { |
1305 |
-- printk(KERN_WARNING "%s: Error parsing packet length; " |
1306 |
-- "rc = [%d]\n", __func__, rc); |
1307 |
-- goto out_free; |
1308 |
-- } |
1309 |
-- i += packet_size_length; |
1310 |
-- if ((1 + 4 + packet_size_length + packet_size) != count) { |
1311 |
-- printk(KERN_WARNING "%s: (1 + packet_size_length([%zd])" |
1312 |
-- " + packet_size([%zd]))([%zd]) != " |
1313 |
-- "count([%zd]). Invalid packet format.\n", |
1314 |
-- __func__, packet_size_length, packet_size, |
1315 |
-- (1 + packet_size_length + packet_size), count); |
1316 |
-- goto out_free; |
1317 |
-- } |
1318 |
-+ i += 4 + packet_size_length; |
1319 |
- rc = ecryptfs_miscdev_response(&data[i], packet_size, |
1320 |
- euid, current_user_ns(), |
1321 |
- task_pid(current), seq); |
1322 |
diff --git a/fs/ecryptfs/read_write.c b/fs/ecryptfs/read_write.c |
1323 |
-index 0cc4faf..0404659 100644 |
1324 |
+index 6b78546..7ba3260 100644 |
1325 |
--- a/fs/ecryptfs/read_write.c |
1326 |
+++ b/fs/ecryptfs/read_write.c |
1327 |
-@@ -134,13 +134,18 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, |
1328 |
+@@ -134,7 +134,12 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, |
1329 |
pgoff_t ecryptfs_page_idx = (pos >> PAGE_CACHE_SHIFT); |
1330 |
size_t start_offset_in_page = (pos & ~PAGE_CACHE_MASK); |
1331 |
size_t num_bytes = (PAGE_CACHE_SIZE - start_offset_in_page); |
1332 |
@@ -48630,7 +48401,9 @@ index 0cc4faf..0404659 100644 |
1333 |
+ break; |
1334 |
+ } |
1335 |
|
1336 |
- if (num_bytes > total_remaining_bytes) |
1337 |
+ if (fatal_signal_pending(current)) { |
1338 |
+ rc = -EINTR; |
1339 |
+@@ -145,7 +150,7 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, |
1340 |
num_bytes = total_remaining_bytes; |
1341 |
if (pos < offset) { |
1342 |
/* remaining zeros to write, up to destination offset */ |
1343 |
@@ -48639,31 +48412,6 @@ index 0cc4faf..0404659 100644 |
1344 |
|
1345 |
if (num_bytes > total_remaining_zeros) |
1346 |
num_bytes = total_remaining_zeros; |
1347 |
-@@ -197,15 +202,19 @@ int ecryptfs_write(struct file *ecryptfs_file, char *data, loff_t offset, |
1348 |
- } |
1349 |
- pos += num_bytes; |
1350 |
- } |
1351 |
-- if ((offset + size) > ecryptfs_file_size) { |
1352 |
-- i_size_write(ecryptfs_inode, (offset + size)); |
1353 |
-+ if (pos > ecryptfs_file_size) { |
1354 |
-+ i_size_write(ecryptfs_inode, pos); |
1355 |
- if (crypt_stat->flags & ECRYPTFS_ENCRYPTED) { |
1356 |
-- rc = ecryptfs_write_inode_size_to_metadata( |
1357 |
-+ int rc2; |
1358 |
-+ |
1359 |
-+ rc2 = ecryptfs_write_inode_size_to_metadata( |
1360 |
- ecryptfs_inode); |
1361 |
-- if (rc) { |
1362 |
-+ if (rc2) { |
1363 |
- printk(KERN_ERR "Problem with " |
1364 |
- "ecryptfs_write_inode_size_to_metadata; " |
1365 |
-- "rc = [%d]\n", rc); |
1366 |
-+ "rc = [%d]\n", rc2); |
1367 |
-+ if (!rc) |
1368 |
-+ rc = rc2; |
1369 |
- goto out; |
1370 |
- } |
1371 |
- } |
1372 |
diff --git a/fs/exec.c b/fs/exec.c |
1373 |
index 86fafc6..5033350 100644 |
1374 |
--- a/fs/exec.c |
1375 |
@@ -54633,6 +54381,29 @@ index bb92b7c..5aa72b0 100644 |
1376 |
ret = -EAGAIN; |
1377 |
|
1378 |
pipe_unlock(ipipe); |
1379 |
+diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c |
1380 |
+index e020183..18d64b4 100644 |
1381 |
+--- a/fs/sysfs/dir.c |
1382 |
++++ b/fs/sysfs/dir.c |
1383 |
+@@ -678,6 +678,18 @@ static int create_dir(struct kobject *kobj, struct sysfs_dirent *parent_sd, |
1384 |
+ struct sysfs_dirent *sd; |
1385 |
+ int rc; |
1386 |
+ |
1387 |
++#ifdef CONFIG_GRKERNSEC_SYSFS_RESTRICT |
1388 |
++ const char *parent_name = parent_sd->s_name; |
1389 |
++ |
1390 |
++ mode = S_IFDIR | S_IRWXU; |
1391 |
++ |
1392 |
++ if ((!strcmp(parent_name, "") && (!strcmp(name, "devices") || !strcmp(name, "fs"))) || |
1393 |
++ (!strcmp(parent_name, "devices") && !strcmp(name, "system")) || |
1394 |
++ (!strcmp(parent_name, "fs") && (!strcmp(name, "selinux") || !strcmp(name, "fuse"))) || |
1395 |
++ (!strcmp(parent_name, "system") && !strcmp(name, "cpu"))) |
1396 |
++ mode = S_IFDIR | S_IRWXU | S_IRUGO | S_IXUGO; |
1397 |
++#endif |
1398 |
++ |
1399 |
+ /* allocate */ |
1400 |
+ sd = sysfs_new_dirent(name, mode, SYSFS_DIR); |
1401 |
+ if (!sd) |
1402 |
diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c |
1403 |
index 7118a38..70af853 100644 |
1404 |
--- a/fs/sysfs/file.c |
1405 |
@@ -54718,22 +54489,6 @@ index 7118a38..70af853 100644 |
1406 |
wake_up_interruptible(&od->poll); |
1407 |
} |
1408 |
|
1409 |
-diff --git a/fs/sysfs/mount.c b/fs/sysfs/mount.c |
1410 |
-index 4974995..c26609c 100644 |
1411 |
---- a/fs/sysfs/mount.c |
1412 |
-+++ b/fs/sysfs/mount.c |
1413 |
-@@ -36,7 +36,11 @@ struct sysfs_dirent sysfs_root = { |
1414 |
- .s_name = "", |
1415 |
- .s_count = ATOMIC_INIT(1), |
1416 |
- .s_flags = SYSFS_DIR, |
1417 |
-+#ifdef CONFIG_GRKERNSEC_SYSFS_RESTRICT |
1418 |
-+ .s_mode = S_IFDIR | S_IRWXU, |
1419 |
-+#else |
1420 |
- .s_mode = S_IFDIR | S_IRWXU | S_IRUGO | S_IXUGO, |
1421 |
-+#endif |
1422 |
- .s_ino = 1, |
1423 |
- }; |
1424 |
- |
1425 |
diff --git a/fs/sysfs/symlink.c b/fs/sysfs/symlink.c |
1426 |
index c5081ad..342ea86 100644 |
1427 |
--- a/fs/sysfs/symlink.c |
1428 |
@@ -55023,10 +54778,10 @@ index 8f32f50..b6a41e8 100644 |
1429 |
link[pathlen] = '\0'; |
1430 |
diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig |
1431 |
new file mode 100644 |
1432 |
-index 0000000..883b00b |
1433 |
+index 0000000..8cac8cb |
1434 |
--- /dev/null |
1435 |
+++ b/grsecurity/Kconfig |
1436 |
-@@ -0,0 +1,1064 @@ |
1437 |
+@@ -0,0 +1,1068 @@ |
1438 |
+# |
1439 |
+# grecurity configuration |
1440 |
+# |
1441 |
@@ -55496,15 +55251,19 @@ index 0000000..883b00b |
1442 |
+ depends on SYSFS |
1443 |
+ help |
1444 |
+ If you say Y here, sysfs (the pseudo-filesystem mounted at /sys) and |
1445 |
-+ any filesystem normally mounted under it (e.g. debugfs) will only |
1446 |
-+ be accessible by root. These filesystems generally provide access |
1447 |
++ any filesystem normally mounted under it (e.g. debugfs) will be |
1448 |
++ mostly accessible only by root. These filesystems generally provide access |
1449 |
+ to hardware and debug information that isn't appropriate for unprivileged |
1450 |
+ users of the system. Sysfs and debugfs have also become a large source |
1451 |
+ of new vulnerabilities, ranging from infoleaks to local compromise. |
1452 |
+ There has been very little oversight with an eye toward security involved |
1453 |
+ in adding new exporters of information to these filesystems, so their |
1454 |
+ use is discouraged. |
1455 |
-+ This option is equivalent to a chmod 0700 of the mount paths. |
1456 |
++ For reasons of compatibility, a few directories have been whitelisted |
1457 |
++ for access by non-root users: |
1458 |
++ /sys/fs/selinux |
1459 |
++ /sys/fs/fuse |
1460 |
++ /sys/devices/system/cpu |
1461 |
+ |
1462 |
+config GRKERNSEC_ROFS |
1463 |
+ bool "Runtime read-only mount protection" |
1464 |
@@ -64946,10 +64705,10 @@ index 0000000..0dc13c3 |
1465 |
+EXPORT_SYMBOL(gr_log_timechange); |
1466 |
diff --git a/grsecurity/grsec_tpe.c b/grsecurity/grsec_tpe.c |
1467 |
new file mode 100644 |
1468 |
-index 0000000..4a78774 |
1469 |
+index 0000000..a35ba33 |
1470 |
--- /dev/null |
1471 |
+++ b/grsecurity/grsec_tpe.c |
1472 |
-@@ -0,0 +1,39 @@ |
1473 |
+@@ -0,0 +1,73 @@ |
1474 |
+#include <linux/kernel.h> |
1475 |
+#include <linux/sched.h> |
1476 |
+#include <linux/file.h> |
1477 |
@@ -64964,25 +64723,59 @@ index 0000000..4a78774 |
1478 |
+#ifdef CONFIG_GRKERNSEC |
1479 |
+ struct inode *inode = file->f_path.dentry->d_parent->d_inode; |
1480 |
+ const struct cred *cred = current_cred(); |
1481 |
++ char *msg = NULL; |
1482 |
++ char *msg2 = NULL; |
1483 |
++ |
1484 |
++ // never restrict root |
1485 |
++ if (!cred->uid) |
1486 |
++ return 1; |
1487 |
+ |
1488 |
-+ if (cred->uid && ((grsec_enable_tpe && |
1489 |
++ if (grsec_enable_tpe) { |
1490 |
+#ifdef CONFIG_GRKERNSEC_TPE_INVERT |
1491 |
-+ ((grsec_enable_tpe_invert && !in_group_p(grsec_tpe_gid)) || |
1492 |
-+ (!grsec_enable_tpe_invert && in_group_p(grsec_tpe_gid))) |
1493 |
++ if (grsec_enable_tpe_invert && !in_group_p(grsec_tpe_gid)) |
1494 |
++ msg = "not being in trusted group"; |
1495 |
++ else if (!grsec_enable_tpe_invert && in_group_p(grsec_tpe_gid)) |
1496 |
++ msg = "being in untrusted group"; |
1497 |
+#else |
1498 |
-+ in_group_p(grsec_tpe_gid) |
1499 |
++ if (in_group_p(grsec_tpe_gid)) |
1500 |
++ msg = "being in untrusted group"; |
1501 |
+#endif |
1502 |
-+ ) || gr_acl_tpe_check()) && |
1503 |
-+ (inode->i_uid || (!inode->i_uid && ((inode->i_mode & S_IWGRP) || |
1504 |
-+ (inode->i_mode & S_IWOTH))))) { |
1505 |
-+ gr_log_fs_generic(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, file->f_path.dentry, file->f_path.mnt); |
1506 |
++ } |
1507 |
++ if (!msg && gr_acl_tpe_check()) |
1508 |
++ msg = "being in untrusted role"; |
1509 |
++ |
1510 |
++ // not in any affected group/role |
1511 |
++ if (!msg) |
1512 |
++ goto next_check; |
1513 |
++ |
1514 |
++ if (inode->i_uid) |
1515 |
++ msg2 = "file in non-root-owned directory"; |
1516 |
++ else if (inode->i_mode & S_IWOTH) |
1517 |
++ msg2 = "file in world-writable directory"; |
1518 |
++ else if (inode->i_mode & S_IWGRP) |
1519 |
++ msg2 = "file in group-writable directory"; |
1520 |
++ |
1521 |
++ if (msg && msg2) { |
1522 |
++ char fullmsg[64] = {0}; |
1523 |
++ snprintf(fullmsg, sizeof(fullmsg)-1, "%s and %s", msg, msg2); |
1524 |
++ gr_log_str_fs(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, fullmsg, file->f_path.dentry, file->f_path.mnt); |
1525 |
+ return 0; |
1526 |
+ } |
1527 |
++ msg = NULL; |
1528 |
++next_check: |
1529 |
+#ifdef CONFIG_GRKERNSEC_TPE_ALL |
1530 |
-+ if (cred->uid && grsec_enable_tpe && grsec_enable_tpe_all && |
1531 |
-+ ((inode->i_uid && (inode->i_uid != cred->uid)) || |
1532 |
-+ (inode->i_mode & S_IWGRP) || (inode->i_mode & S_IWOTH))) { |
1533 |
-+ gr_log_fs_generic(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, file->f_path.dentry, file->f_path.mnt); |
1534 |
++ if (!grsec_enable_tpe || !grsec_enable_tpe_all) |
1535 |
++ return 1; |
1536 |
++ |
1537 |
++ if (inode->i_uid && (inode->i_uid != cred->uid)) |
1538 |
++ msg = "directory not owned by user"; |
1539 |
++ else if (inode->i_mode & S_IWOTH) |
1540 |
++ msg = "file in world-writable directory"; |
1541 |
++ else if (inode->i_mode & S_IWGRP) |
1542 |
++ msg = "file in group-writable directory"; |
1543 |
++ |
1544 |
++ if (msg) { |
1545 |
++ gr_log_str_fs(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, msg, file->f_path.dentry, file->f_path.mnt); |
1546 |
+ return 0; |
1547 |
+ } |
1548 |
+#endif |
1549 |
@@ -65755,7 +65548,7 @@ index b6e818f..21aa58a 100644 |
1550 |
/** |
1551 |
* PERCPU - define output section for percpu area, simple version |
1552 |
diff --git a/include/drm/drmP.h b/include/drm/drmP.h |
1553 |
-index 66713c6..98c0460 100644 |
1554 |
+index ebab6a6..351dba1 100644 |
1555 |
--- a/include/drm/drmP.h |
1556 |
+++ b/include/drm/drmP.h |
1557 |
@@ -71,6 +71,7 @@ |
1558 |
@@ -65942,18 +65735,10 @@ index a3d802e..482f69c 100644 |
1559 |
int hasvdso; |
1560 |
}; |
1561 |
diff --git a/include/linux/blkdev.h b/include/linux/blkdev.h |
1562 |
-index 63070ad..a2906d2 100644 |
1563 |
+index 5eb6cb0..a2906d2 100644 |
1564 |
--- a/include/linux/blkdev.h |
1565 |
+++ b/include/linux/blkdev.h |
1566 |
-@@ -777,6 +777,7 @@ extern void blk_plug_device(struct request_queue *); |
1567 |
- extern void blk_plug_device_unlocked(struct request_queue *); |
1568 |
- extern int blk_remove_plug(struct request_queue *); |
1569 |
- extern void blk_recount_segments(struct request_queue *, struct bio *); |
1570 |
-+extern int scsi_verify_blk_ioctl(struct block_device *, unsigned int); |
1571 |
- extern int scsi_cmd_blk_ioctl(struct block_device *, fmode_t, |
1572 |
- unsigned int, void __user *); |
1573 |
- extern int scsi_cmd_ioctl(struct request_queue *, struct gendisk *, fmode_t, |
1574 |
-@@ -1280,7 +1281,7 @@ struct block_device_operations { |
1575 |
+@@ -1281,7 +1281,7 @@ struct block_device_operations { |
1576 |
int (*revalidate_disk) (struct gendisk *); |
1577 |
int (*getgeo)(struct block_device *, struct hd_geometry *); |
1578 |
struct module *owner; |
1579 |
@@ -67354,7 +67139,7 @@ index 0000000..3826b91 |
1580 |
+#endif |
1581 |
diff --git a/include/linux/grmsg.h b/include/linux/grmsg.h |
1582 |
new file mode 100644 |
1583 |
-index 0000000..dfb15ef |
1584 |
+index 0000000..b3347e2 |
1585 |
--- /dev/null |
1586 |
+++ b/include/linux/grmsg.h |
1587 |
@@ -0,0 +1,109 @@ |
1588 |
@@ -67392,7 +67177,7 @@ index 0000000..dfb15ef |
1589 |
+#define GR_UNSAFESHARE_EXEC_ACL_MSG "denied exec with cloned fs of %.950s by " |
1590 |
+#define GR_PTRACE_EXEC_ACL_MSG "denied ptrace of %.950s by " |
1591 |
+#define GR_EXEC_ACL_MSG "%s execution of %.950s by " |
1592 |
-+#define GR_EXEC_TPE_MSG "denied untrusted exec of %.950s by " |
1593 |
++#define GR_EXEC_TPE_MSG "denied untrusted exec (due to %.64s) of %.950s by " |
1594 |
+#define GR_SEGVSTART_ACL_MSG "possible exploit bruteforcing on " DEFAULTSECMSG " banning uid %u from login for %lu seconds" |
1595 |
+#define GR_SEGVNOSUID_ACL_MSG "possible exploit bruteforcing on " DEFAULTSECMSG " banning execution for %lu seconds" |
1596 |
+#define GR_MOUNT_CHROOT_MSG "denied mount of %.256s as %.930s from chroot by " |
1597 |
@@ -75211,7 +74996,7 @@ index 04a0252..580c512 100644 |
1598 |
struct tasklet_struct *list; |
1599 |
|
1600 |
diff --git a/kernel/sys.c b/kernel/sys.c |
1601 |
-index e9512b1..f07185f 100644 |
1602 |
+index e9512b1..8a10cb3 100644 |
1603 |
--- a/kernel/sys.c |
1604 |
+++ b/kernel/sys.c |
1605 |
@@ -133,6 +133,12 @@ static int set_one_prio(struct task_struct *p, int niceval, int error) |
1606 |
@@ -75333,7 +75118,29 @@ index e9512b1..f07185f 100644 |
1607 |
if (capable(CAP_SETUID)) { |
1608 |
new->suid = new->uid = uid; |
1609 |
if (uid != old->uid) { |
1610 |
-@@ -732,6 +761,9 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) |
1611 |
+@@ -721,9 +750,18 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) |
1612 |
+ |
1613 |
+ retval = -EPERM; |
1614 |
+ if (!capable(CAP_SETUID)) { |
1615 |
+- if (ruid != (uid_t) -1 && ruid != old->uid && |
1616 |
+- ruid != old->euid && ruid != old->suid) |
1617 |
+- goto error; |
1618 |
++ // if RBAC is enabled, require CAP_SETUID to change |
1619 |
++ // uid to euid (from a suid binary, for instance) |
1620 |
++ // this is a hardening of normal permissions, not |
1621 |
++ // weakening |
1622 |
++ if (gr_acl_is_enabled()) { |
1623 |
++ if (ruid != (uid_t) -1 && ruid != old->uid) |
1624 |
++ goto error; |
1625 |
++ } else { |
1626 |
++ if (ruid != (uid_t) -1 && ruid != old->uid && |
1627 |
++ ruid != old->euid && ruid != old->suid) |
1628 |
++ goto error; |
1629 |
++ } |
1630 |
+ if (euid != (uid_t) -1 && euid != old->uid && |
1631 |
+ euid != old->euid && euid != old->suid) |
1632 |
+ goto error; |
1633 |
+@@ -732,6 +770,9 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) |
1634 |
goto error; |
1635 |
} |
1636 |
|
1637 |
@@ -75343,7 +75150,29 @@ index e9512b1..f07185f 100644 |
1638 |
if (ruid != (uid_t) -1) { |
1639 |
new->uid = ruid; |
1640 |
if (ruid != old->uid) { |
1641 |
-@@ -800,6 +832,9 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) |
1642 |
+@@ -789,9 +830,18 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) |
1643 |
+ |
1644 |
+ retval = -EPERM; |
1645 |
+ if (!capable(CAP_SETGID)) { |
1646 |
+- if (rgid != (gid_t) -1 && rgid != old->gid && |
1647 |
+- rgid != old->egid && rgid != old->sgid) |
1648 |
+- goto error; |
1649 |
++ // if RBAC is enabled, require CAP_SETGID to change |
1650 |
++ // gid to egid (from a sgid binary, for instance) |
1651 |
++ // this is a hardening of normal permissions, not |
1652 |
++ // weakening |
1653 |
++ if (gr_acl_is_enabled()) { |
1654 |
++ if (rgid != (gid_t) -1 && rgid != old->gid) |
1655 |
++ goto error; |
1656 |
++ } else { |
1657 |
++ if (rgid != (gid_t) -1 && rgid != old->gid && |
1658 |
++ rgid != old->egid && rgid != old->sgid) |
1659 |
++ goto error; |
1660 |
++ } |
1661 |
+ if (egid != (gid_t) -1 && egid != old->gid && |
1662 |
+ egid != old->egid && egid != old->sgid) |
1663 |
+ goto error; |
1664 |
+@@ -800,6 +850,9 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) |
1665 |
goto error; |
1666 |
} |
1667 |
|
1668 |
@@ -75353,7 +75182,7 @@ index e9512b1..f07185f 100644 |
1669 |
if (rgid != (gid_t) -1) |
1670 |
new->gid = rgid; |
1671 |
if (egid != (gid_t) -1) |
1672 |
-@@ -849,6 +884,9 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) |
1673 |
+@@ -849,6 +902,9 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) |
1674 |
if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS) < 0) |
1675 |
goto error; |
1676 |
|
1677 |
@@ -75363,7 +75192,7 @@ index e9512b1..f07185f 100644 |
1678 |
if (uid == old->uid || uid == old->euid || |
1679 |
uid == old->suid || uid == old->fsuid || |
1680 |
capable(CAP_SETUID)) { |
1681 |
-@@ -889,6 +927,9 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) |
1682 |
+@@ -889,6 +945,9 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) |
1683 |
if (gid == old->gid || gid == old->egid || |
1684 |
gid == old->sgid || gid == old->fsgid || |
1685 |
capable(CAP_SETGID)) { |
1686 |
@@ -75373,7 +75202,7 @@ index e9512b1..f07185f 100644 |
1687 |
if (gid != old_fsgid) { |
1688 |
new->fsgid = gid; |
1689 |
goto change_okay; |
1690 |
-@@ -1454,7 +1495,7 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, |
1691 |
+@@ -1454,7 +1513,7 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, |
1692 |
error = get_dumpable(me->mm); |
1693 |
break; |
1694 |
case PR_SET_DUMPABLE: |
1695 |
@@ -84589,10 +84418,10 @@ index d52f7a0..269eb1b 100755 |
1696 |
rm -f tags |
1697 |
xtags ctags |
1698 |
diff --git a/security/Kconfig b/security/Kconfig |
1699 |
-index fb363cd..0524cf3 100644 |
1700 |
+index fb363cd..886ace4 100644 |
1701 |
--- a/security/Kconfig |
1702 |
+++ b/security/Kconfig |
1703 |
-@@ -4,6 +4,625 @@ |
1704 |
+@@ -4,6 +4,626 @@ |
1705 |
|
1706 |
menu "Security options" |
1707 |
|
1708 |
@@ -85100,6 +84929,7 @@ index fb363cd..0524cf3 100644 |
1709 |
+ |
1710 |
+config PAX_MEMORY_SANITIZE |
1711 |
+ bool "Sanitize all freed memory" |
1712 |
++ depends on !HIBERNATION |
1713 |
+ help |
1714 |
+ By saying Y here the kernel will erase memory pages as soon as they |
1715 |
+ are freed. This in turn reduces the lifetime of data stored in the |
1716 |
@@ -85218,7 +85048,7 @@ index fb363cd..0524cf3 100644 |
1717 |
config KEYS |
1718 |
bool "Enable access key retention support" |
1719 |
help |
1720 |
-@@ -146,7 +765,7 @@ config INTEL_TXT |
1721 |
+@@ -146,7 +766,7 @@ config INTEL_TXT |
1722 |
config LSM_MMAP_MIN_ADDR |
1723 |
int "Low address space for LSM to protect from user allocation" |
1724 |
depends on SECURITY && SECURITY_SELINUX |
1725 |
|
1726 |
diff --git a/2.6.32/4425_grsec-pax-without-grsec.patch b/2.6.32/4425_grsec-pax-without-grsec.patch |
1727 |
index bbb8671..0f87dc1 100644 |
1728 |
--- a/2.6.32/4425_grsec-pax-without-grsec.patch |
1729 |
+++ b/2.6.32/4425_grsec-pax-without-grsec.patch |
1730 |
@@ -36,7 +36,7 @@ diff -Naur a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c |
1731 |
diff -Naur a/fs/exec.c b/fs/exec.c |
1732 |
--- a/fs/exec.c 2011-04-17 18:15:55.000000000 -0400 |
1733 |
+++ b/fs/exec.c 2011-04-17 18:29:40.000000000 -0400 |
1734 |
-@@ -1807,9 +1807,11 @@ |
1735 |
+@@ -1812,9 +1812,11 @@ |
1736 |
} |
1737 |
up_read(&mm->mmap_sem); |
1738 |
} |
1739 |
@@ -48,7 +48,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c |
1740 |
printk(KERN_ERR "PAX: execution attempt in: %s, %08lx-%08lx %08lx\n", path_fault, start, end, offset); |
1741 |
printk(KERN_ERR "PAX: terminating task: %s(%s):%d, uid/euid: %u/%u, " |
1742 |
"PC: %p, SP: %p\n", path_exec, tsk->comm, task_pid_nr(tsk), |
1743 |
-@@ -1824,10 +1826,12 @@ |
1744 |
+@@ -1829,10 +1831,12 @@ |
1745 |
#ifdef CONFIG_PAX_REFCOUNT |
1746 |
void pax_report_refcount_overflow(struct pt_regs *regs) |
1747 |
{ |
1748 |
@@ -61,7 +61,7 @@ diff -Naur a/fs/exec.c b/fs/exec.c |
1749 |
printk(KERN_ERR "PAX: refcount overflow detected in: %s:%d, uid/euid: %u/%u\n", |
1750 |
current->comm, task_pid_nr(current), current_uid(), current_euid()); |
1751 |
print_symbol(KERN_ERR "PAX: refcount overflow occured at: %s\n", instruction_pointer(regs)); |
1752 |
-@@ -1887,10 +1891,12 @@ |
1753 |
+@@ -1892,10 +1896,12 @@ |
1754 |
|
1755 |
NORET_TYPE void pax_report_usercopy(const void *ptr, unsigned long len, bool to, const char *type) |
1756 |
{ |
1757 |
|
1758 |
diff --git a/2.6.32/4430_grsec-kconfig-default-gids.patch b/2.6.32/4430_grsec-kconfig-default-gids.patch |
1759 |
index 2cd1c5a..763d845 100644 |
1760 |
--- a/2.6.32/4430_grsec-kconfig-default-gids.patch |
1761 |
+++ b/2.6.32/4430_grsec-kconfig-default-gids.patch |
1762 |
@@ -12,7 +12,7 @@ from shooting themselves in the foot. |
1763 |
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1764 |
--- a/grsecurity/Kconfig 2011-12-12 15:11:47.000000000 -0500 |
1765 |
+++ b/grsecurity/Kconfig 2011-12-12 15:13:17.000000000 -0500 |
1766 |
-@@ -431,7 +431,7 @@ |
1767 |
+@@ -433,7 +433,7 @@ |
1768 |
config GRKERNSEC_PROC_GID |
1769 |
int "GID for special group" |
1770 |
depends on GRKERNSEC_PROC_USERGROUP |
1771 |
@@ -21,7 +21,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1772 |
|
1773 |
config GRKERNSEC_PROC_ADD |
1774 |
bool "Additional restrictions" |
1775 |
-@@ -655,7 +655,7 @@ |
1776 |
+@@ -661,7 +661,7 @@ |
1777 |
config GRKERNSEC_AUDIT_GID |
1778 |
int "GID for auditing" |
1779 |
depends on GRKERNSEC_AUDIT_GROUP |
1780 |
@@ -30,7 +30,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1781 |
|
1782 |
config GRKERNSEC_EXECLOG |
1783 |
bool "Exec logging" |
1784 |
-@@ -833,7 +833,7 @@ |
1785 |
+@@ -865,7 +865,7 @@ |
1786 |
config GRKERNSEC_TPE_GID |
1787 |
int "GID for untrusted users" |
1788 |
depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT |
1789 |
@@ -39,7 +39,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1790 |
help |
1791 |
Setting this GID determines what group TPE restrictions will be |
1792 |
*enabled* for. If the sysctl option is enabled, a sysctl option |
1793 |
-@@ -842,7 +842,7 @@ |
1794 |
+@@ -874,7 +874,7 @@ |
1795 |
config GRKERNSEC_TPE_GID |
1796 |
int "GID for trusted users" |
1797 |
depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT |
1798 |
@@ -48,7 +48,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1799 |
help |
1800 |
Setting this GID determines what group TPE restrictions will be |
1801 |
*disabled* for. If the sysctl option is enabled, a sysctl option |
1802 |
-@@ -915,7 +915,7 @@ |
1803 |
+@@ -947,7 +947,7 @@ |
1804 |
config GRKERNSEC_SOCKET_ALL_GID |
1805 |
int "GID to deny all sockets for" |
1806 |
depends on GRKERNSEC_SOCKET_ALL |
1807 |
@@ -57,7 +57,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1808 |
help |
1809 |
Here you can choose the GID to disable socket access for. Remember to |
1810 |
add the users you want socket access disabled for to the GID |
1811 |
-@@ -936,7 +936,7 @@ |
1812 |
+@@ -968,7 +968,7 @@ |
1813 |
config GRKERNSEC_SOCKET_CLIENT_GID |
1814 |
int "GID to deny client sockets for" |
1815 |
depends on GRKERNSEC_SOCKET_CLIENT |
1816 |
@@ -66,7 +66,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1817 |
help |
1818 |
Here you can choose the GID to disable client socket access for. |
1819 |
Remember to add the users you want client socket access disabled for to |
1820 |
-@@ -954,7 +954,7 @@ |
1821 |
+@@ -986,7 +986,7 @@ |
1822 |
config GRKERNSEC_SOCKET_SERVER_GID |
1823 |
int "GID to deny server sockets for" |
1824 |
depends on GRKERNSEC_SOCKET_SERVER |
1825 |
|
1826 |
diff --git a/2.6.32/4435_grsec-kconfig-gentoo.patch b/2.6.32/4435_grsec-kconfig-gentoo.patch |
1827 |
index 7c9be0d..b7e7322 100644 |
1828 |
--- a/2.6.32/4435_grsec-kconfig-gentoo.patch |
1829 |
+++ b/2.6.32/4435_grsec-kconfig-gentoo.patch |
1830 |
@@ -27,7 +27,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1831 |
|
1832 |
config GRKERNSEC_LOW |
1833 |
bool "Low" |
1834 |
-@@ -190,6 +190,259 @@ |
1835 |
+@@ -192,6 +192,259 @@ |
1836 |
- Restricted sysfs/debugfs |
1837 |
- Active kernel exploit response |
1838 |
|
1839 |
@@ -341,7 +341,7 @@ diff -Naur a/security/Kconfig b/security/Kconfig |
1840 |
default "" |
1841 |
|
1842 |
config PAX_KERNEXEC_MODULE_TEXT |
1843 |
-@@ -553,8 +554,9 @@ |
1844 |
+@@ -554,8 +555,9 @@ |
1845 |
|
1846 |
config PAX_MEMORY_UDEREF |
1847 |
bool "Prevent invalid userland pointer dereference" |
1848 |
|
1849 |
diff --git a/2.6.32/4437-grsec-kconfig-proc-user.patch b/2.6.32/4437-grsec-kconfig-proc-user.patch |
1850 |
index d84eb57..ca88ef7 100644 |
1851 |
--- a/2.6.32/4437-grsec-kconfig-proc-user.patch |
1852 |
+++ b/2.6.32/4437-grsec-kconfig-proc-user.patch |
1853 |
@@ -6,7 +6,7 @@ in a different way to avoid bug #366019. This patch should eventually go upstre |
1854 |
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1855 |
--- a/grsecurity/Kconfig 2011-06-29 07:46:02.000000000 -0400 |
1856 |
+++ b/grsecurity/Kconfig 2011-06-29 07:47:20.000000000 -0400 |
1857 |
-@@ -665,7 +665,7 @@ |
1858 |
+@@ -667,7 +667,7 @@ |
1859 |
|
1860 |
config GRKERNSEC_PROC_USER |
1861 |
bool "Restrict /proc to user only" |
1862 |
@@ -15,7 +15,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1863 |
help |
1864 |
If you say Y here, non-root users will only be able to view their own |
1865 |
processes, and restricts them from viewing network-related information, |
1866 |
-@@ -673,7 +673,7 @@ |
1867 |
+@@ -675,7 +675,7 @@ |
1868 |
|
1869 |
config GRKERNSEC_PROC_USERGROUP |
1870 |
bool "Allow special group" |
1871 |
|
1872 |
diff --git a/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch b/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch |
1873 |
index 5bbfa24..0873c15 100644 |
1874 |
--- a/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch |
1875 |
+++ b/2.6.32/4440_selinux-avc_audit-log-curr_ip.patch |
1876 |
@@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@×××.org> |
1877 |
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
1878 |
--- a/grsecurity/Kconfig 2011-04-17 18:47:02.000000000 -0400 |
1879 |
+++ b/grsecurity/Kconfig 2011-04-17 18:51:15.000000000 -0400 |
1880 |
-@@ -1264,6 +1264,27 @@ |
1881 |
+@@ -1296,6 +1296,27 @@ |
1882 |
menu "Logging Options" |
1883 |
depends on GRKERNSEC |
1884 |
|
1885 |
|
1886 |
diff --git a/3.2.2/1001_linux-3.2.2.patch b/3.2.2/1001_linux-3.2.2.patch |
1887 |
deleted file mode 100644 |
1888 |
index ec16cce..0000000 |
1889 |
--- a/3.2.2/1001_linux-3.2.2.patch |
1890 |
+++ /dev/null |
1891 |
@@ -1,6552 +0,0 @@ |
1892 |
-diff --git a/Makefile b/Makefile |
1893 |
-index c5edffa..2f684da 100644 |
1894 |
---- a/Makefile |
1895 |
-+++ b/Makefile |
1896 |
-@@ -1,6 +1,6 @@ |
1897 |
- VERSION = 3 |
1898 |
- PATCHLEVEL = 2 |
1899 |
--SUBLEVEL = 1 |
1900 |
-+SUBLEVEL = 2 |
1901 |
- EXTRAVERSION = |
1902 |
- NAME = Saber-toothed Squirrel |
1903 |
- |
1904 |
-diff --git a/arch/ia64/kernel/acpi.c b/arch/ia64/kernel/acpi.c |
1905 |
-index bfb4d01..5207035 100644 |
1906 |
---- a/arch/ia64/kernel/acpi.c |
1907 |
-+++ b/arch/ia64/kernel/acpi.c |
1908 |
-@@ -429,22 +429,24 @@ static u32 __devinitdata pxm_flag[PXM_FLAG_LEN]; |
1909 |
- static struct acpi_table_slit __initdata *slit_table; |
1910 |
- cpumask_t early_cpu_possible_map = CPU_MASK_NONE; |
1911 |
- |
1912 |
--static int get_processor_proximity_domain(struct acpi_srat_cpu_affinity *pa) |
1913 |
-+static int __init |
1914 |
-+get_processor_proximity_domain(struct acpi_srat_cpu_affinity *pa) |
1915 |
- { |
1916 |
- int pxm; |
1917 |
- |
1918 |
- pxm = pa->proximity_domain_lo; |
1919 |
-- if (ia64_platform_is("sn2")) |
1920 |
-+ if (ia64_platform_is("sn2") || acpi_srat_revision >= 2) |
1921 |
- pxm += pa->proximity_domain_hi[0] << 8; |
1922 |
- return pxm; |
1923 |
- } |
1924 |
- |
1925 |
--static int get_memory_proximity_domain(struct acpi_srat_mem_affinity *ma) |
1926 |
-+static int __init |
1927 |
-+get_memory_proximity_domain(struct acpi_srat_mem_affinity *ma) |
1928 |
- { |
1929 |
- int pxm; |
1930 |
- |
1931 |
- pxm = ma->proximity_domain; |
1932 |
-- if (!ia64_platform_is("sn2")) |
1933 |
-+ if (!ia64_platform_is("sn2") && acpi_srat_revision <= 1) |
1934 |
- pxm &= 0xff; |
1935 |
- |
1936 |
- return pxm; |
1937 |
-diff --git a/arch/score/kernel/entry.S b/arch/score/kernel/entry.S |
1938 |
-index 577abba..83bb960 100644 |
1939 |
---- a/arch/score/kernel/entry.S |
1940 |
-+++ b/arch/score/kernel/entry.S |
1941 |
-@@ -408,7 +408,7 @@ ENTRY(handle_sys) |
1942 |
- sw r9, [r0, PT_EPC] |
1943 |
- |
1944 |
- cmpi.c r27, __NR_syscalls # check syscall number |
1945 |
-- bgtu illegal_syscall |
1946 |
-+ bgeu illegal_syscall |
1947 |
- |
1948 |
- slli r8, r27, 2 # get syscall routine |
1949 |
- la r11, sys_call_table |
1950 |
-diff --git a/arch/x86/include/asm/amd_nb.h b/arch/x86/include/asm/amd_nb.h |
1951 |
-index 8e41071..49ad773 100644 |
1952 |
---- a/arch/x86/include/asm/amd_nb.h |
1953 |
-+++ b/arch/x86/include/asm/amd_nb.h |
1954 |
-@@ -1,6 +1,7 @@ |
1955 |
- #ifndef _ASM_X86_AMD_NB_H |
1956 |
- #define _ASM_X86_AMD_NB_H |
1957 |
- |
1958 |
-+#include <linux/ioport.h> |
1959 |
- #include <linux/pci.h> |
1960 |
- |
1961 |
- struct amd_nb_bus_dev_range { |
1962 |
-@@ -13,6 +14,7 @@ extern const struct pci_device_id amd_nb_misc_ids[]; |
1963 |
- extern const struct amd_nb_bus_dev_range amd_nb_bus_dev_ranges[]; |
1964 |
- |
1965 |
- extern bool early_is_amd_nb(u32 value); |
1966 |
-+extern struct resource *amd_get_mmconfig_range(struct resource *res); |
1967 |
- extern int amd_cache_northbridges(void); |
1968 |
- extern void amd_flush_garts(void); |
1969 |
- extern int amd_numa_init(void); |
1970 |
-diff --git a/arch/x86/include/asm/uv/uv_bau.h b/arch/x86/include/asm/uv/uv_bau.h |
1971 |
-index 8e862aa..1b82f7e 100644 |
1972 |
---- a/arch/x86/include/asm/uv/uv_bau.h |
1973 |
-+++ b/arch/x86/include/asm/uv/uv_bau.h |
1974 |
-@@ -65,7 +65,7 @@ |
1975 |
- * UV2: Bit 19 selects between |
1976 |
- * (0): 10 microsecond timebase and |
1977 |
- * (1): 80 microseconds |
1978 |
-- * we're using 655us, similar to UV1: 65 units of 10us |
1979 |
-+ * we're using 560us, similar to UV1: 65 units of 10us |
1980 |
- */ |
1981 |
- #define UV1_INTD_SOFT_ACK_TIMEOUT_PERIOD (9UL) |
1982 |
- #define UV2_INTD_SOFT_ACK_TIMEOUT_PERIOD (15UL) |
1983 |
-@@ -167,6 +167,7 @@ |
1984 |
- #define FLUSH_RETRY_TIMEOUT 2 |
1985 |
- #define FLUSH_GIVEUP 3 |
1986 |
- #define FLUSH_COMPLETE 4 |
1987 |
-+#define FLUSH_RETRY_BUSYBUG 5 |
1988 |
- |
1989 |
- /* |
1990 |
- * tuning the action when the numalink network is extremely delayed |
1991 |
-@@ -235,10 +236,10 @@ struct bau_msg_payload { |
1992 |
- |
1993 |
- |
1994 |
- /* |
1995 |
-- * Message header: 16 bytes (128 bits) (bytes 0x30-0x3f of descriptor) |
1996 |
-+ * UV1 Message header: 16 bytes (128 bits) (bytes 0x30-0x3f of descriptor) |
1997 |
- * see table 4.2.3.0.1 in broacast_assist spec. |
1998 |
- */ |
1999 |
--struct bau_msg_header { |
2000 |
-+struct uv1_bau_msg_header { |
2001 |
- unsigned int dest_subnodeid:6; /* must be 0x10, for the LB */ |
2002 |
- /* bits 5:0 */ |
2003 |
- unsigned int base_dest_nasid:15; /* nasid of the first bit */ |
2004 |
-@@ -318,19 +319,87 @@ struct bau_msg_header { |
2005 |
- }; |
2006 |
- |
2007 |
- /* |
2008 |
-+ * UV2 Message header: 16 bytes (128 bits) (bytes 0x30-0x3f of descriptor) |
2009 |
-+ * see figure 9-2 of harp_sys.pdf |
2010 |
-+ */ |
2011 |
-+struct uv2_bau_msg_header { |
2012 |
-+ unsigned int base_dest_nasid:15; /* nasid of the first bit */ |
2013 |
-+ /* bits 14:0 */ /* in uvhub map */ |
2014 |
-+ unsigned int dest_subnodeid:5; /* must be 0x10, for the LB */ |
2015 |
-+ /* bits 19:15 */ |
2016 |
-+ unsigned int rsvd_1:1; /* must be zero */ |
2017 |
-+ /* bit 20 */ |
2018 |
-+ /* Address bits 59:21 */ |
2019 |
-+ /* bits 25:2 of address (44:21) are payload */ |
2020 |
-+ /* these next 24 bits become bytes 12-14 of msg */ |
2021 |
-+ /* bits 28:21 land in byte 12 */ |
2022 |
-+ unsigned int replied_to:1; /* sent as 0 by the source to |
2023 |
-+ byte 12 */ |
2024 |
-+ /* bit 21 */ |
2025 |
-+ unsigned int msg_type:3; /* software type of the |
2026 |
-+ message */ |
2027 |
-+ /* bits 24:22 */ |
2028 |
-+ unsigned int canceled:1; /* message canceled, resource |
2029 |
-+ is to be freed*/ |
2030 |
-+ /* bit 25 */ |
2031 |
-+ unsigned int payload_1:3; /* not currently used */ |
2032 |
-+ /* bits 28:26 */ |
2033 |
-+ |
2034 |
-+ /* bits 36:29 land in byte 13 */ |
2035 |
-+ unsigned int payload_2a:3; /* not currently used */ |
2036 |
-+ unsigned int payload_2b:5; /* not currently used */ |
2037 |
-+ /* bits 36:29 */ |
2038 |
-+ |
2039 |
-+ /* bits 44:37 land in byte 14 */ |
2040 |
-+ unsigned int payload_3:8; /* not currently used */ |
2041 |
-+ /* bits 44:37 */ |
2042 |
-+ |
2043 |
-+ unsigned int rsvd_2:7; /* reserved */ |
2044 |
-+ /* bits 51:45 */ |
2045 |
-+ unsigned int swack_flag:1; /* software acknowledge flag */ |
2046 |
-+ /* bit 52 */ |
2047 |
-+ unsigned int rsvd_3a:3; /* must be zero */ |
2048 |
-+ unsigned int rsvd_3b:8; /* must be zero */ |
2049 |
-+ unsigned int rsvd_3c:8; /* must be zero */ |
2050 |
-+ unsigned int rsvd_3d:3; /* must be zero */ |
2051 |
-+ /* bits 74:53 */ |
2052 |
-+ unsigned int fairness:3; /* usually zero */ |
2053 |
-+ /* bits 77:75 */ |
2054 |
-+ |
2055 |
-+ unsigned int sequence:16; /* message sequence number */ |
2056 |
-+ /* bits 93:78 Suppl_A */ |
2057 |
-+ unsigned int chaining:1; /* next descriptor is part of |
2058 |
-+ this activation*/ |
2059 |
-+ /* bit 94 */ |
2060 |
-+ unsigned int multilevel:1; /* multi-level multicast |
2061 |
-+ format */ |
2062 |
-+ /* bit 95 */ |
2063 |
-+ unsigned int rsvd_4:24; /* ordered / source node / |
2064 |
-+ source subnode / aging |
2065 |
-+ must be zero */ |
2066 |
-+ /* bits 119:96 */ |
2067 |
-+ unsigned int command:8; /* message type */ |
2068 |
-+ /* bits 127:120 */ |
2069 |
-+}; |
2070 |
-+ |
2071 |
-+/* |
2072 |
- * The activation descriptor: |
2073 |
- * The format of the message to send, plus all accompanying control |
2074 |
- * Should be 64 bytes |
2075 |
- */ |
2076 |
- struct bau_desc { |
2077 |
-- struct pnmask distribution; |
2078 |
-+ struct pnmask distribution; |
2079 |
- /* |
2080 |
- * message template, consisting of header and payload: |
2081 |
- */ |
2082 |
-- struct bau_msg_header header; |
2083 |
-- struct bau_msg_payload payload; |
2084 |
-+ union bau_msg_header { |
2085 |
-+ struct uv1_bau_msg_header uv1_hdr; |
2086 |
-+ struct uv2_bau_msg_header uv2_hdr; |
2087 |
-+ } header; |
2088 |
-+ |
2089 |
-+ struct bau_msg_payload payload; |
2090 |
- }; |
2091 |
--/* |
2092 |
-+/* UV1: |
2093 |
- * -payload-- ---------header------ |
2094 |
- * bytes 0-11 bits 41-56 bits 58-81 |
2095 |
- * A B (2) C (3) |
2096 |
-@@ -340,6 +409,16 @@ struct bau_desc { |
2097 |
- * bytes 0-11 bytes 12-14 bytes 16-17 (byte 15 filled in by hw as vector) |
2098 |
- * ------------payload queue----------- |
2099 |
- */ |
2100 |
-+/* UV2: |
2101 |
-+ * -payload-- ---------header------ |
2102 |
-+ * bytes 0-11 bits 70-78 bits 21-44 |
2103 |
-+ * A B (2) C (3) |
2104 |
-+ * |
2105 |
-+ * A/B/C are moved to: |
2106 |
-+ * A C B |
2107 |
-+ * bytes 0-11 bytes 12-14 bytes 16-17 (byte 15 filled in by hw as vector) |
2108 |
-+ * ------------payload queue----------- |
2109 |
-+ */ |
2110 |
- |
2111 |
- /* |
2112 |
- * The payload queue on the destination side is an array of these. |
2113 |
-@@ -385,7 +464,6 @@ struct bau_pq_entry { |
2114 |
- struct msg_desc { |
2115 |
- struct bau_pq_entry *msg; |
2116 |
- int msg_slot; |
2117 |
-- int swack_slot; |
2118 |
- struct bau_pq_entry *queue_first; |
2119 |
- struct bau_pq_entry *queue_last; |
2120 |
- }; |
2121 |
-@@ -439,6 +517,9 @@ struct ptc_stats { |
2122 |
- unsigned long s_retry_messages; /* retry broadcasts */ |
2123 |
- unsigned long s_bau_reenabled; /* for bau enable/disable */ |
2124 |
- unsigned long s_bau_disabled; /* for bau enable/disable */ |
2125 |
-+ unsigned long s_uv2_wars; /* uv2 workaround, perm. busy */ |
2126 |
-+ unsigned long s_uv2_wars_hw; /* uv2 workaround, hiwater */ |
2127 |
-+ unsigned long s_uv2_war_waits; /* uv2 workaround, long waits */ |
2128 |
- /* destination statistics */ |
2129 |
- unsigned long d_alltlb; /* times all tlb's on this |
2130 |
- cpu were flushed */ |
2131 |
-@@ -511,9 +592,12 @@ struct bau_control { |
2132 |
- short osnode; |
2133 |
- short uvhub_cpu; |
2134 |
- short uvhub; |
2135 |
-+ short uvhub_version; |
2136 |
- short cpus_in_socket; |
2137 |
- short cpus_in_uvhub; |
2138 |
- short partition_base_pnode; |
2139 |
-+ short using_desc; /* an index, like uvhub_cpu */ |
2140 |
-+ unsigned int inuse_map; |
2141 |
- unsigned short message_number; |
2142 |
- unsigned short uvhub_quiesce; |
2143 |
- short socket_acknowledge_count[DEST_Q_SIZE]; |
2144 |
-@@ -531,6 +615,7 @@ struct bau_control { |
2145 |
- int cong_response_us; |
2146 |
- int cong_reps; |
2147 |
- int cong_period; |
2148 |
-+ unsigned long clocks_per_100_usec; |
2149 |
- cycles_t period_time; |
2150 |
- long period_requests; |
2151 |
- struct hub_and_pnode *thp; |
2152 |
-@@ -591,6 +676,11 @@ static inline void write_mmr_sw_ack(unsigned long mr) |
2153 |
- uv_write_local_mmr(UVH_LB_BAU_INTD_SOFTWARE_ACKNOWLEDGE_ALIAS, mr); |
2154 |
- } |
2155 |
- |
2156 |
-+static inline void write_gmmr_sw_ack(int pnode, unsigned long mr) |
2157 |
-+{ |
2158 |
-+ write_gmmr(pnode, UVH_LB_BAU_INTD_SOFTWARE_ACKNOWLEDGE_ALIAS, mr); |
2159 |
-+} |
2160 |
-+ |
2161 |
- static inline unsigned long read_mmr_sw_ack(void) |
2162 |
- { |
2163 |
- return read_lmmr(UVH_LB_BAU_INTD_SOFTWARE_ACKNOWLEDGE); |
2164 |
-diff --git a/arch/x86/kernel/amd_nb.c b/arch/x86/kernel/amd_nb.c |
2165 |
-index 4c39baa..bae1efe 100644 |
2166 |
---- a/arch/x86/kernel/amd_nb.c |
2167 |
-+++ b/arch/x86/kernel/amd_nb.c |
2168 |
-@@ -119,6 +119,37 @@ bool __init early_is_amd_nb(u32 device) |
2169 |
- return false; |
2170 |
- } |
2171 |
- |
2172 |
-+struct resource *amd_get_mmconfig_range(struct resource *res) |
2173 |
-+{ |
2174 |
-+ u32 address; |
2175 |
-+ u64 base, msr; |
2176 |
-+ unsigned segn_busn_bits; |
2177 |
-+ |
2178 |
-+ if (boot_cpu_data.x86_vendor != X86_VENDOR_AMD) |
2179 |
-+ return NULL; |
2180 |
-+ |
2181 |
-+ /* assume all cpus from fam10h have mmconfig */ |
2182 |
-+ if (boot_cpu_data.x86 < 0x10) |
2183 |
-+ return NULL; |
2184 |
-+ |
2185 |
-+ address = MSR_FAM10H_MMIO_CONF_BASE; |
2186 |
-+ rdmsrl(address, msr); |
2187 |
-+ |
2188 |
-+ /* mmconfig is not enabled */ |
2189 |
-+ if (!(msr & FAM10H_MMIO_CONF_ENABLE)) |
2190 |
-+ return NULL; |
2191 |
-+ |
2192 |
-+ base = msr & (FAM10H_MMIO_CONF_BASE_MASK<<FAM10H_MMIO_CONF_BASE_SHIFT); |
2193 |
-+ |
2194 |
-+ segn_busn_bits = (msr >> FAM10H_MMIO_CONF_BUSRANGE_SHIFT) & |
2195 |
-+ FAM10H_MMIO_CONF_BUSRANGE_MASK; |
2196 |
-+ |
2197 |
-+ res->flags = IORESOURCE_MEM; |
2198 |
-+ res->start = base; |
2199 |
-+ res->end = base + (1ULL<<(segn_busn_bits + 20)) - 1; |
2200 |
-+ return res; |
2201 |
-+} |
2202 |
-+ |
2203 |
- int amd_get_subcaches(int cpu) |
2204 |
- { |
2205 |
- struct pci_dev *link = node_to_amd_nb(amd_get_nb_id(cpu))->link; |
2206 |
-diff --git a/arch/x86/kernel/apic/x2apic_uv_x.c b/arch/x86/kernel/apic/x2apic_uv_x.c |
2207 |
-index 9d59bba..79b05b8 100644 |
2208 |
---- a/arch/x86/kernel/apic/x2apic_uv_x.c |
2209 |
-+++ b/arch/x86/kernel/apic/x2apic_uv_x.c |
2210 |
-@@ -769,7 +769,12 @@ void __init uv_system_init(void) |
2211 |
- for(i = 0; i < UVH_NODE_PRESENT_TABLE_DEPTH; i++) |
2212 |
- uv_possible_blades += |
2213 |
- hweight64(uv_read_local_mmr( UVH_NODE_PRESENT_TABLE + i * 8)); |
2214 |
-- printk(KERN_DEBUG "UV: Found %d blades\n", uv_num_possible_blades()); |
2215 |
-+ |
2216 |
-+ /* uv_num_possible_blades() is really the hub count */ |
2217 |
-+ printk(KERN_INFO "UV: Found %d blades, %d hubs\n", |
2218 |
-+ is_uv1_hub() ? uv_num_possible_blades() : |
2219 |
-+ (uv_num_possible_blades() + 1) / 2, |
2220 |
-+ uv_num_possible_blades()); |
2221 |
- |
2222 |
- bytes = sizeof(struct uv_blade_info) * uv_num_possible_blades(); |
2223 |
- uv_blade_info = kzalloc(bytes, GFP_KERNEL); |
2224 |
-diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c |
2225 |
-index 4b5ba85..845df68 100644 |
2226 |
---- a/arch/x86/mm/mmap.c |
2227 |
-+++ b/arch/x86/mm/mmap.c |
2228 |
-@@ -75,9 +75,9 @@ static unsigned long mmap_rnd(void) |
2229 |
- */ |
2230 |
- if (current->flags & PF_RANDOMIZE) { |
2231 |
- if (mmap_is_ia32()) |
2232 |
-- rnd = (long)get_random_int() % (1<<8); |
2233 |
-+ rnd = get_random_int() % (1<<8); |
2234 |
- else |
2235 |
-- rnd = (long)(get_random_int() % (1<<28)); |
2236 |
-+ rnd = get_random_int() % (1<<28); |
2237 |
- } |
2238 |
- return rnd << PAGE_SHIFT; |
2239 |
- } |
2240 |
-diff --git a/arch/x86/mm/srat.c b/arch/x86/mm/srat.c |
2241 |
-index 81dbfde..7efd0c6 100644 |
2242 |
---- a/arch/x86/mm/srat.c |
2243 |
-+++ b/arch/x86/mm/srat.c |
2244 |
-@@ -104,6 +104,8 @@ acpi_numa_processor_affinity_init(struct acpi_srat_cpu_affinity *pa) |
2245 |
- if ((pa->flags & ACPI_SRAT_CPU_ENABLED) == 0) |
2246 |
- return; |
2247 |
- pxm = pa->proximity_domain_lo; |
2248 |
-+ if (acpi_srat_revision >= 2) |
2249 |
-+ pxm |= *((unsigned int*)pa->proximity_domain_hi) << 8; |
2250 |
- node = setup_node(pxm); |
2251 |
- if (node < 0) { |
2252 |
- printk(KERN_ERR "SRAT: Too many proximity domains %x\n", pxm); |
2253 |
-@@ -155,6 +157,8 @@ acpi_numa_memory_affinity_init(struct acpi_srat_mem_affinity *ma) |
2254 |
- start = ma->base_address; |
2255 |
- end = start + ma->length; |
2256 |
- pxm = ma->proximity_domain; |
2257 |
-+ if (acpi_srat_revision <= 1) |
2258 |
-+ pxm &= 0xff; |
2259 |
- node = setup_node(pxm); |
2260 |
- if (node < 0) { |
2261 |
- printk(KERN_ERR "SRAT: Too many proximity domains.\n"); |
2262 |
-diff --git a/arch/x86/pci/Makefile b/arch/x86/pci/Makefile |
2263 |
-index 6b8759f..d24d3da 100644 |
2264 |
---- a/arch/x86/pci/Makefile |
2265 |
-+++ b/arch/x86/pci/Makefile |
2266 |
-@@ -18,8 +18,9 @@ obj-$(CONFIG_X86_NUMAQ) += numaq_32.o |
2267 |
- obj-$(CONFIG_X86_MRST) += mrst.o |
2268 |
- |
2269 |
- obj-y += common.o early.o |
2270 |
--obj-y += amd_bus.o bus_numa.o |
2271 |
-+obj-y += bus_numa.o |
2272 |
- |
2273 |
-+obj-$(CONFIG_AMD_NB) += amd_bus.o |
2274 |
- obj-$(CONFIG_PCI_CNB20LE_QUIRK) += broadcom_bus.o |
2275 |
- |
2276 |
- ifeq ($(CONFIG_PCI_DEBUG),y) |
2277 |
-diff --git a/arch/x86/pci/acpi.c b/arch/x86/pci/acpi.c |
2278 |
-index 404f21a..f8348ab 100644 |
2279 |
---- a/arch/x86/pci/acpi.c |
2280 |
-+++ b/arch/x86/pci/acpi.c |
2281 |
-@@ -149,7 +149,7 @@ setup_resource(struct acpi_resource *acpi_res, void *data) |
2282 |
- struct acpi_resource_address64 addr; |
2283 |
- acpi_status status; |
2284 |
- unsigned long flags; |
2285 |
-- u64 start, end; |
2286 |
-+ u64 start, orig_end, end; |
2287 |
- |
2288 |
- status = resource_to_addr(acpi_res, &addr); |
2289 |
- if (!ACPI_SUCCESS(status)) |
2290 |
-@@ -165,7 +165,21 @@ setup_resource(struct acpi_resource *acpi_res, void *data) |
2291 |
- return AE_OK; |
2292 |
- |
2293 |
- start = addr.minimum + addr.translation_offset; |
2294 |
-- end = addr.maximum + addr.translation_offset; |
2295 |
-+ orig_end = end = addr.maximum + addr.translation_offset; |
2296 |
-+ |
2297 |
-+ /* Exclude non-addressable range or non-addressable portion of range */ |
2298 |
-+ end = min(end, (u64)iomem_resource.end); |
2299 |
-+ if (end <= start) { |
2300 |
-+ dev_info(&info->bridge->dev, |
2301 |
-+ "host bridge window [%#llx-%#llx] " |
2302 |
-+ "(ignored, not CPU addressable)\n", start, orig_end); |
2303 |
-+ return AE_OK; |
2304 |
-+ } else if (orig_end != end) { |
2305 |
-+ dev_info(&info->bridge->dev, |
2306 |
-+ "host bridge window [%#llx-%#llx] " |
2307 |
-+ "([%#llx-%#llx] ignored, not CPU addressable)\n", |
2308 |
-+ start, orig_end, end + 1, orig_end); |
2309 |
-+ } |
2310 |
- |
2311 |
- res = &info->res[info->res_num]; |
2312 |
- res->name = info->name; |
2313 |
-diff --git a/arch/x86/pci/amd_bus.c b/arch/x86/pci/amd_bus.c |
2314 |
-index 026e493..385a940 100644 |
2315 |
---- a/arch/x86/pci/amd_bus.c |
2316 |
-+++ b/arch/x86/pci/amd_bus.c |
2317 |
-@@ -30,34 +30,6 @@ static struct pci_hostbridge_probe pci_probes[] __initdata = { |
2318 |
- { 0, 0x18, PCI_VENDOR_ID_AMD, 0x1300 }, |
2319 |
- }; |
2320 |
- |
2321 |
--static u64 __initdata fam10h_mmconf_start; |
2322 |
--static u64 __initdata fam10h_mmconf_end; |
2323 |
--static void __init get_pci_mmcfg_amd_fam10h_range(void) |
2324 |
--{ |
2325 |
-- u32 address; |
2326 |
-- u64 base, msr; |
2327 |
-- unsigned segn_busn_bits; |
2328 |
-- |
2329 |
-- /* assume all cpus from fam10h have mmconf */ |
2330 |
-- if (boot_cpu_data.x86 < 0x10) |
2331 |
-- return; |
2332 |
-- |
2333 |
-- address = MSR_FAM10H_MMIO_CONF_BASE; |
2334 |
-- rdmsrl(address, msr); |
2335 |
-- |
2336 |
-- /* mmconfig is not enable */ |
2337 |
-- if (!(msr & FAM10H_MMIO_CONF_ENABLE)) |
2338 |
-- return; |
2339 |
-- |
2340 |
-- base = msr & (FAM10H_MMIO_CONF_BASE_MASK<<FAM10H_MMIO_CONF_BASE_SHIFT); |
2341 |
-- |
2342 |
-- segn_busn_bits = (msr >> FAM10H_MMIO_CONF_BUSRANGE_SHIFT) & |
2343 |
-- FAM10H_MMIO_CONF_BUSRANGE_MASK; |
2344 |
-- |
2345 |
-- fam10h_mmconf_start = base; |
2346 |
-- fam10h_mmconf_end = base + (1ULL<<(segn_busn_bits + 20)) - 1; |
2347 |
--} |
2348 |
-- |
2349 |
- #define RANGE_NUM 16 |
2350 |
- |
2351 |
- /** |
2352 |
-@@ -85,6 +57,9 @@ static int __init early_fill_mp_bus_info(void) |
2353 |
- u64 val; |
2354 |
- u32 address; |
2355 |
- bool found; |
2356 |
-+ struct resource fam10h_mmconf_res, *fam10h_mmconf; |
2357 |
-+ u64 fam10h_mmconf_start; |
2358 |
-+ u64 fam10h_mmconf_end; |
2359 |
- |
2360 |
- if (!early_pci_allowed()) |
2361 |
- return -1; |
2362 |
-@@ -211,12 +186,17 @@ static int __init early_fill_mp_bus_info(void) |
2363 |
- subtract_range(range, RANGE_NUM, 0, end); |
2364 |
- |
2365 |
- /* get mmconfig */ |
2366 |
-- get_pci_mmcfg_amd_fam10h_range(); |
2367 |
-+ fam10h_mmconf = amd_get_mmconfig_range(&fam10h_mmconf_res); |
2368 |
- /* need to take out mmconf range */ |
2369 |
-- if (fam10h_mmconf_end) { |
2370 |
-- printk(KERN_DEBUG "Fam 10h mmconf [%llx, %llx]\n", fam10h_mmconf_start, fam10h_mmconf_end); |
2371 |
-+ if (fam10h_mmconf) { |
2372 |
-+ printk(KERN_DEBUG "Fam 10h mmconf %pR\n", fam10h_mmconf); |
2373 |
-+ fam10h_mmconf_start = fam10h_mmconf->start; |
2374 |
-+ fam10h_mmconf_end = fam10h_mmconf->end; |
2375 |
- subtract_range(range, RANGE_NUM, fam10h_mmconf_start, |
2376 |
- fam10h_mmconf_end + 1); |
2377 |
-+ } else { |
2378 |
-+ fam10h_mmconf_start = 0; |
2379 |
-+ fam10h_mmconf_end = 0; |
2380 |
- } |
2381 |
- |
2382 |
- /* mmio resource */ |
2383 |
-diff --git a/arch/x86/platform/uv/tlb_uv.c b/arch/x86/platform/uv/tlb_uv.c |
2384 |
-index 5b55219..9010ca7 100644 |
2385 |
---- a/arch/x86/platform/uv/tlb_uv.c |
2386 |
-+++ b/arch/x86/platform/uv/tlb_uv.c |
2387 |
-@@ -157,13 +157,14 @@ static int __init uvhub_to_first_apicid(int uvhub) |
2388 |
- * clear of the Timeout bit (as well) will free the resource. No reply will |
2389 |
- * be sent (the hardware will only do one reply per message). |
2390 |
- */ |
2391 |
--static void reply_to_message(struct msg_desc *mdp, struct bau_control *bcp) |
2392 |
-+static void reply_to_message(struct msg_desc *mdp, struct bau_control *bcp, |
2393 |
-+ int do_acknowledge) |
2394 |
- { |
2395 |
- unsigned long dw; |
2396 |
- struct bau_pq_entry *msg; |
2397 |
- |
2398 |
- msg = mdp->msg; |
2399 |
-- if (!msg->canceled) { |
2400 |
-+ if (!msg->canceled && do_acknowledge) { |
2401 |
- dw = (msg->swack_vec << UV_SW_ACK_NPENDING) | msg->swack_vec; |
2402 |
- write_mmr_sw_ack(dw); |
2403 |
- } |
2404 |
-@@ -212,8 +213,8 @@ static void bau_process_retry_msg(struct msg_desc *mdp, |
2405 |
- if (mmr & (msg_res << UV_SW_ACK_NPENDING)) { |
2406 |
- unsigned long mr; |
2407 |
- /* |
2408 |
-- * is the resource timed out? |
2409 |
-- * make everyone ignore the cancelled message. |
2410 |
-+ * Is the resource timed out? |
2411 |
-+ * Make everyone ignore the cancelled message. |
2412 |
- */ |
2413 |
- msg2->canceled = 1; |
2414 |
- stat->d_canceled++; |
2415 |
-@@ -231,8 +232,8 @@ static void bau_process_retry_msg(struct msg_desc *mdp, |
2416 |
- * Do all the things a cpu should do for a TLB shootdown message. |
2417 |
- * Other cpu's may come here at the same time for this message. |
2418 |
- */ |
2419 |
--static void bau_process_message(struct msg_desc *mdp, |
2420 |
-- struct bau_control *bcp) |
2421 |
-+static void bau_process_message(struct msg_desc *mdp, struct bau_control *bcp, |
2422 |
-+ int do_acknowledge) |
2423 |
- { |
2424 |
- short socket_ack_count = 0; |
2425 |
- short *sp; |
2426 |
-@@ -284,8 +285,9 @@ static void bau_process_message(struct msg_desc *mdp, |
2427 |
- if (msg_ack_count == bcp->cpus_in_uvhub) { |
2428 |
- /* |
2429 |
- * All cpus in uvhub saw it; reply |
2430 |
-+ * (unless we are in the UV2 workaround) |
2431 |
- */ |
2432 |
-- reply_to_message(mdp, bcp); |
2433 |
-+ reply_to_message(mdp, bcp, do_acknowledge); |
2434 |
- } |
2435 |
- } |
2436 |
- |
2437 |
-@@ -491,27 +493,138 @@ static int uv1_wait_completion(struct bau_desc *bau_desc, |
2438 |
- /* |
2439 |
- * UV2 has an extra bit of status in the ACTIVATION_STATUS_2 register. |
2440 |
- */ |
2441 |
--static unsigned long uv2_read_status(unsigned long offset, int rshft, int cpu) |
2442 |
-+static unsigned long uv2_read_status(unsigned long offset, int rshft, int desc) |
2443 |
- { |
2444 |
- unsigned long descriptor_status; |
2445 |
- unsigned long descriptor_status2; |
2446 |
- |
2447 |
- descriptor_status = ((read_lmmr(offset) >> rshft) & UV_ACT_STATUS_MASK); |
2448 |
-- descriptor_status2 = (read_mmr_uv2_status() >> cpu) & 0x1UL; |
2449 |
-+ descriptor_status2 = (read_mmr_uv2_status() >> desc) & 0x1UL; |
2450 |
- descriptor_status = (descriptor_status << 1) | descriptor_status2; |
2451 |
- return descriptor_status; |
2452 |
- } |
2453 |
- |
2454 |
-+/* |
2455 |
-+ * Return whether the status of the descriptor that is normally used for this |
2456 |
-+ * cpu (the one indexed by its hub-relative cpu number) is busy. |
2457 |
-+ * The status of the original 32 descriptors is always reflected in the 64 |
2458 |
-+ * bits of UVH_LB_BAU_SB_ACTIVATION_STATUS_0. |
2459 |
-+ * The bit provided by the activation_status_2 register is irrelevant to |
2460 |
-+ * the status if it is only being tested for busy or not busy. |
2461 |
-+ */ |
2462 |
-+int normal_busy(struct bau_control *bcp) |
2463 |
-+{ |
2464 |
-+ int cpu = bcp->uvhub_cpu; |
2465 |
-+ int mmr_offset; |
2466 |
-+ int right_shift; |
2467 |
-+ |
2468 |
-+ mmr_offset = UVH_LB_BAU_SB_ACTIVATION_STATUS_0; |
2469 |
-+ right_shift = cpu * UV_ACT_STATUS_SIZE; |
2470 |
-+ return (((((read_lmmr(mmr_offset) >> right_shift) & |
2471 |
-+ UV_ACT_STATUS_MASK)) << 1) == UV2H_DESC_BUSY); |
2472 |
-+} |
2473 |
-+ |
2474 |
-+/* |
2475 |
-+ * Entered when a bau descriptor has gone into a permanent busy wait because |
2476 |
-+ * of a hardware bug. |
2477 |
-+ * Workaround the bug. |
2478 |
-+ */ |
2479 |
-+int handle_uv2_busy(struct bau_control *bcp) |
2480 |
-+{ |
2481 |
-+ int busy_one = bcp->using_desc; |
2482 |
-+ int normal = bcp->uvhub_cpu; |
2483 |
-+ int selected = -1; |
2484 |
-+ int i; |
2485 |
-+ unsigned long descriptor_status; |
2486 |
-+ unsigned long status; |
2487 |
-+ int mmr_offset; |
2488 |
-+ struct bau_desc *bau_desc_old; |
2489 |
-+ struct bau_desc *bau_desc_new; |
2490 |
-+ struct bau_control *hmaster = bcp->uvhub_master; |
2491 |
-+ struct ptc_stats *stat = bcp->statp; |
2492 |
-+ cycles_t ttm; |
2493 |
-+ |
2494 |
-+ stat->s_uv2_wars++; |
2495 |
-+ spin_lock(&hmaster->uvhub_lock); |
2496 |
-+ /* try for the original first */ |
2497 |
-+ if (busy_one != normal) { |
2498 |
-+ if (!normal_busy(bcp)) |
2499 |
-+ selected = normal; |
2500 |
-+ } |
2501 |
-+ if (selected < 0) { |
2502 |
-+ /* can't use the normal, select an alternate */ |
2503 |
-+ mmr_offset = UVH_LB_BAU_SB_ACTIVATION_STATUS_1; |
2504 |
-+ descriptor_status = read_lmmr(mmr_offset); |
2505 |
-+ |
2506 |
-+ /* scan available descriptors 32-63 */ |
2507 |
-+ for (i = 0; i < UV_CPUS_PER_AS; i++) { |
2508 |
-+ if ((hmaster->inuse_map & (1 << i)) == 0) { |
2509 |
-+ status = ((descriptor_status >> |
2510 |
-+ (i * UV_ACT_STATUS_SIZE)) & |
2511 |
-+ UV_ACT_STATUS_MASK) << 1; |
2512 |
-+ if (status != UV2H_DESC_BUSY) { |
2513 |
-+ selected = i + UV_CPUS_PER_AS; |
2514 |
-+ break; |
2515 |
-+ } |
2516 |
-+ } |
2517 |
-+ } |
2518 |
-+ } |
2519 |
-+ |
2520 |
-+ if (busy_one != normal) |
2521 |
-+ /* mark the busy alternate as not in-use */ |
2522 |
-+ hmaster->inuse_map &= ~(1 << (busy_one - UV_CPUS_PER_AS)); |
2523 |
-+ |
2524 |
-+ if (selected >= 0) { |
2525 |
-+ /* switch to the selected descriptor */ |
2526 |
-+ if (selected != normal) { |
2527 |
-+ /* set the selected alternate as in-use */ |
2528 |
-+ hmaster->inuse_map |= |
2529 |
-+ (1 << (selected - UV_CPUS_PER_AS)); |
2530 |
-+ if (selected > stat->s_uv2_wars_hw) |
2531 |
-+ stat->s_uv2_wars_hw = selected; |
2532 |
-+ } |
2533 |
-+ bau_desc_old = bcp->descriptor_base; |
2534 |
-+ bau_desc_old += (ITEMS_PER_DESC * busy_one); |
2535 |
-+ bcp->using_desc = selected; |
2536 |
-+ bau_desc_new = bcp->descriptor_base; |
2537 |
-+ bau_desc_new += (ITEMS_PER_DESC * selected); |
2538 |
-+ *bau_desc_new = *bau_desc_old; |
2539 |
-+ } else { |
2540 |
-+ /* |
2541 |
-+ * All are busy. Wait for the normal one for this cpu to |
2542 |
-+ * free up. |
2543 |
-+ */ |
2544 |
-+ stat->s_uv2_war_waits++; |
2545 |
-+ spin_unlock(&hmaster->uvhub_lock); |
2546 |
-+ ttm = get_cycles(); |
2547 |
-+ do { |
2548 |
-+ cpu_relax(); |
2549 |
-+ } while (normal_busy(bcp)); |
2550 |
-+ spin_lock(&hmaster->uvhub_lock); |
2551 |
-+ /* switch to the original descriptor */ |
2552 |
-+ bcp->using_desc = normal; |
2553 |
-+ bau_desc_old = bcp->descriptor_base; |
2554 |
-+ bau_desc_old += (ITEMS_PER_DESC * bcp->using_desc); |
2555 |
-+ bcp->using_desc = (ITEMS_PER_DESC * normal); |
2556 |
-+ bau_desc_new = bcp->descriptor_base; |
2557 |
-+ bau_desc_new += (ITEMS_PER_DESC * normal); |
2558 |
-+ *bau_desc_new = *bau_desc_old; /* copy the entire descriptor */ |
2559 |
-+ } |
2560 |
-+ spin_unlock(&hmaster->uvhub_lock); |
2561 |
-+ return FLUSH_RETRY_BUSYBUG; |
2562 |
-+} |
2563 |
-+ |
2564 |
- static int uv2_wait_completion(struct bau_desc *bau_desc, |
2565 |
- unsigned long mmr_offset, int right_shift, |
2566 |
- struct bau_control *bcp, long try) |
2567 |
- { |
2568 |
- unsigned long descriptor_stat; |
2569 |
- cycles_t ttm; |
2570 |
-- int cpu = bcp->uvhub_cpu; |
2571 |
-+ int desc = bcp->using_desc; |
2572 |
-+ long busy_reps = 0; |
2573 |
- struct ptc_stats *stat = bcp->statp; |
2574 |
- |
2575 |
-- descriptor_stat = uv2_read_status(mmr_offset, right_shift, cpu); |
2576 |
-+ descriptor_stat = uv2_read_status(mmr_offset, right_shift, desc); |
2577 |
- |
2578 |
- /* spin on the status MMR, waiting for it to go idle */ |
2579 |
- while (descriptor_stat != UV2H_DESC_IDLE) { |
2580 |
-@@ -542,12 +655,23 @@ static int uv2_wait_completion(struct bau_desc *bau_desc, |
2581 |
- bcp->conseccompletes = 0; |
2582 |
- return FLUSH_RETRY_TIMEOUT; |
2583 |
- } else { |
2584 |
-+ busy_reps++; |
2585 |
-+ if (busy_reps > 1000000) { |
2586 |
-+ /* not to hammer on the clock */ |
2587 |
-+ busy_reps = 0; |
2588 |
-+ ttm = get_cycles(); |
2589 |
-+ if ((ttm - bcp->send_message) > |
2590 |
-+ (bcp->clocks_per_100_usec)) { |
2591 |
-+ return handle_uv2_busy(bcp); |
2592 |
-+ } |
2593 |
-+ } |
2594 |
- /* |
2595 |
- * descriptor_stat is still BUSY |
2596 |
- */ |
2597 |
- cpu_relax(); |
2598 |
- } |
2599 |
-- descriptor_stat = uv2_read_status(mmr_offset, right_shift, cpu); |
2600 |
-+ descriptor_stat = uv2_read_status(mmr_offset, right_shift, |
2601 |
-+ desc); |
2602 |
- } |
2603 |
- bcp->conseccompletes++; |
2604 |
- return FLUSH_COMPLETE; |
2605 |
-@@ -563,17 +687,17 @@ static int wait_completion(struct bau_desc *bau_desc, |
2606 |
- { |
2607 |
- int right_shift; |
2608 |
- unsigned long mmr_offset; |
2609 |
-- int cpu = bcp->uvhub_cpu; |
2610 |
-+ int desc = bcp->using_desc; |
2611 |
- |
2612 |
-- if (cpu < UV_CPUS_PER_AS) { |
2613 |
-+ if (desc < UV_CPUS_PER_AS) { |
2614 |
- mmr_offset = UVH_LB_BAU_SB_ACTIVATION_STATUS_0; |
2615 |
-- right_shift = cpu * UV_ACT_STATUS_SIZE; |
2616 |
-+ right_shift = desc * UV_ACT_STATUS_SIZE; |
2617 |
- } else { |
2618 |
- mmr_offset = UVH_LB_BAU_SB_ACTIVATION_STATUS_1; |
2619 |
-- right_shift = ((cpu - UV_CPUS_PER_AS) * UV_ACT_STATUS_SIZE); |
2620 |
-+ right_shift = ((desc - UV_CPUS_PER_AS) * UV_ACT_STATUS_SIZE); |
2621 |
- } |
2622 |
- |
2623 |
-- if (is_uv1_hub()) |
2624 |
-+ if (bcp->uvhub_version == 1) |
2625 |
- return uv1_wait_completion(bau_desc, mmr_offset, right_shift, |
2626 |
- bcp, try); |
2627 |
- else |
2628 |
-@@ -752,19 +876,22 @@ static void handle_cmplt(int completion_status, struct bau_desc *bau_desc, |
2629 |
- * Returns 1 if it gives up entirely and the original cpu mask is to be |
2630 |
- * returned to the kernel. |
2631 |
- */ |
2632 |
--int uv_flush_send_and_wait(struct bau_desc *bau_desc, |
2633 |
-- struct cpumask *flush_mask, struct bau_control *bcp) |
2634 |
-+int uv_flush_send_and_wait(struct cpumask *flush_mask, struct bau_control *bcp) |
2635 |
- { |
2636 |
- int seq_number = 0; |
2637 |
- int completion_stat = 0; |
2638 |
-+ int uv1 = 0; |
2639 |
- long try = 0; |
2640 |
- unsigned long index; |
2641 |
- cycles_t time1; |
2642 |
- cycles_t time2; |
2643 |
- struct ptc_stats *stat = bcp->statp; |
2644 |
- struct bau_control *hmaster = bcp->uvhub_master; |
2645 |
-+ struct uv1_bau_msg_header *uv1_hdr = NULL; |
2646 |
-+ struct uv2_bau_msg_header *uv2_hdr = NULL; |
2647 |
-+ struct bau_desc *bau_desc; |
2648 |
- |
2649 |
-- if (is_uv1_hub()) |
2650 |
-+ if (bcp->uvhub_version == 1) |
2651 |
- uv1_throttle(hmaster, stat); |
2652 |
- |
2653 |
- while (hmaster->uvhub_quiesce) |
2654 |
-@@ -772,22 +899,39 @@ int uv_flush_send_and_wait(struct bau_desc *bau_desc, |
2655 |
- |
2656 |
- time1 = get_cycles(); |
2657 |
- do { |
2658 |
-- if (try == 0) { |
2659 |
-- bau_desc->header.msg_type = MSG_REGULAR; |
2660 |
-+ bau_desc = bcp->descriptor_base; |
2661 |
-+ bau_desc += (ITEMS_PER_DESC * bcp->using_desc); |
2662 |
-+ if (bcp->uvhub_version == 1) { |
2663 |
-+ uv1 = 1; |
2664 |
-+ uv1_hdr = &bau_desc->header.uv1_hdr; |
2665 |
-+ } else |
2666 |
-+ uv2_hdr = &bau_desc->header.uv2_hdr; |
2667 |
-+ if ((try == 0) || (completion_stat == FLUSH_RETRY_BUSYBUG)) { |
2668 |
-+ if (uv1) |
2669 |
-+ uv1_hdr->msg_type = MSG_REGULAR; |
2670 |
-+ else |
2671 |
-+ uv2_hdr->msg_type = MSG_REGULAR; |
2672 |
- seq_number = bcp->message_number++; |
2673 |
- } else { |
2674 |
-- bau_desc->header.msg_type = MSG_RETRY; |
2675 |
-+ if (uv1) |
2676 |
-+ uv1_hdr->msg_type = MSG_RETRY; |
2677 |
-+ else |
2678 |
-+ uv2_hdr->msg_type = MSG_RETRY; |
2679 |
- stat->s_retry_messages++; |
2680 |
- } |
2681 |
- |
2682 |
-- bau_desc->header.sequence = seq_number; |
2683 |
-- index = (1UL << AS_PUSH_SHIFT) | bcp->uvhub_cpu; |
2684 |
-+ if (uv1) |
2685 |
-+ uv1_hdr->sequence = seq_number; |
2686 |
-+ else |
2687 |
-+ uv2_hdr->sequence = seq_number; |
2688 |
-+ index = (1UL << AS_PUSH_SHIFT) | bcp->using_desc; |
2689 |
- bcp->send_message = get_cycles(); |
2690 |
- |
2691 |
- write_mmr_activation(index); |
2692 |
- |
2693 |
- try++; |
2694 |
- completion_stat = wait_completion(bau_desc, bcp, try); |
2695 |
-+ /* UV2: wait_completion() may change the bcp->using_desc */ |
2696 |
- |
2697 |
- handle_cmplt(completion_stat, bau_desc, bcp, hmaster, stat); |
2698 |
- |
2699 |
-@@ -798,6 +942,7 @@ int uv_flush_send_and_wait(struct bau_desc *bau_desc, |
2700 |
- } |
2701 |
- cpu_relax(); |
2702 |
- } while ((completion_stat == FLUSH_RETRY_PLUGGED) || |
2703 |
-+ (completion_stat == FLUSH_RETRY_BUSYBUG) || |
2704 |
- (completion_stat == FLUSH_RETRY_TIMEOUT)); |
2705 |
- |
2706 |
- time2 = get_cycles(); |
2707 |
-@@ -812,6 +957,7 @@ int uv_flush_send_and_wait(struct bau_desc *bau_desc, |
2708 |
- record_send_stats(time1, time2, bcp, stat, completion_stat, try); |
2709 |
- |
2710 |
- if (completion_stat == FLUSH_GIVEUP) |
2711 |
-+ /* FLUSH_GIVEUP will fall back to using IPI's for tlb flush */ |
2712 |
- return 1; |
2713 |
- return 0; |
2714 |
- } |
2715 |
-@@ -967,7 +1113,7 @@ const struct cpumask *uv_flush_tlb_others(const struct cpumask *cpumask, |
2716 |
- stat->s_ntargself++; |
2717 |
- |
2718 |
- bau_desc = bcp->descriptor_base; |
2719 |
-- bau_desc += ITEMS_PER_DESC * bcp->uvhub_cpu; |
2720 |
-+ bau_desc += (ITEMS_PER_DESC * bcp->using_desc); |
2721 |
- bau_uvhubs_clear(&bau_desc->distribution, UV_DISTRIBUTION_SIZE); |
2722 |
- if (set_distrib_bits(flush_mask, bcp, bau_desc, &locals, &remotes)) |
2723 |
- return NULL; |
2724 |
-@@ -980,13 +1126,86 @@ const struct cpumask *uv_flush_tlb_others(const struct cpumask *cpumask, |
2725 |
- * uv_flush_send_and_wait returns 0 if all cpu's were messaged, |
2726 |
- * or 1 if it gave up and the original cpumask should be returned. |
2727 |
- */ |
2728 |
-- if (!uv_flush_send_and_wait(bau_desc, flush_mask, bcp)) |
2729 |
-+ if (!uv_flush_send_and_wait(flush_mask, bcp)) |
2730 |
- return NULL; |
2731 |
- else |
2732 |
- return cpumask; |
2733 |
- } |
2734 |
- |
2735 |
- /* |
2736 |
-+ * Search the message queue for any 'other' message with the same software |
2737 |
-+ * acknowledge resource bit vector. |
2738 |
-+ */ |
2739 |
-+struct bau_pq_entry *find_another_by_swack(struct bau_pq_entry *msg, |
2740 |
-+ struct bau_control *bcp, unsigned char swack_vec) |
2741 |
-+{ |
2742 |
-+ struct bau_pq_entry *msg_next = msg + 1; |
2743 |
-+ |
2744 |
-+ if (msg_next > bcp->queue_last) |
2745 |
-+ msg_next = bcp->queue_first; |
2746 |
-+ while ((msg_next->swack_vec != 0) && (msg_next != msg)) { |
2747 |
-+ if (msg_next->swack_vec == swack_vec) |
2748 |
-+ return msg_next; |
2749 |
-+ msg_next++; |
2750 |
-+ if (msg_next > bcp->queue_last) |
2751 |
-+ msg_next = bcp->queue_first; |
2752 |
-+ } |
2753 |
-+ return NULL; |
2754 |
-+} |
2755 |
-+ |
2756 |
-+/* |
2757 |
-+ * UV2 needs to work around a bug in which an arriving message has not |
2758 |
-+ * set a bit in the UVH_LB_BAU_INTD_SOFTWARE_ACKNOWLEDGE register. |
2759 |
-+ * Such a message must be ignored. |
2760 |
-+ */ |
2761 |
-+void process_uv2_message(struct msg_desc *mdp, struct bau_control *bcp) |
2762 |
-+{ |
2763 |
-+ unsigned long mmr_image; |
2764 |
-+ unsigned char swack_vec; |
2765 |
-+ struct bau_pq_entry *msg = mdp->msg; |
2766 |
-+ struct bau_pq_entry *other_msg; |
2767 |
-+ |
2768 |
-+ mmr_image = read_mmr_sw_ack(); |
2769 |
-+ swack_vec = msg->swack_vec; |
2770 |
-+ |
2771 |
-+ if ((swack_vec & mmr_image) == 0) { |
2772 |
-+ /* |
2773 |
-+ * This message was assigned a swack resource, but no |
2774 |
-+ * reserved acknowlegment is pending. |
2775 |
-+ * The bug has prevented this message from setting the MMR. |
2776 |
-+ * And no other message has used the same sw_ack resource. |
2777 |
-+ * Do the requested shootdown but do not reply to the msg. |
2778 |
-+ * (the 0 means make no acknowledge) |
2779 |
-+ */ |
2780 |
-+ bau_process_message(mdp, bcp, 0); |
2781 |
-+ return; |
2782 |
-+ } |
2783 |
-+ |
2784 |
-+ /* |
2785 |
-+ * Some message has set the MMR 'pending' bit; it might have been |
2786 |
-+ * another message. Look for that message. |
2787 |
-+ */ |
2788 |
-+ other_msg = find_another_by_swack(msg, bcp, msg->swack_vec); |
2789 |
-+ if (other_msg) { |
2790 |
-+ /* There is another. Do not ack the current one. */ |
2791 |
-+ bau_process_message(mdp, bcp, 0); |
2792 |
-+ /* |
2793 |
-+ * Let the natural processing of that message acknowledge |
2794 |
-+ * it. Don't get the processing of sw_ack's out of order. |
2795 |
-+ */ |
2796 |
-+ return; |
2797 |
-+ } |
2798 |
-+ |
2799 |
-+ /* |
2800 |
-+ * There is no other message using this sw_ack, so it is safe to |
2801 |
-+ * acknowledge it. |
2802 |
-+ */ |
2803 |
-+ bau_process_message(mdp, bcp, 1); |
2804 |
-+ |
2805 |
-+ return; |
2806 |
-+} |
2807 |
-+ |
2808 |
-+/* |
2809 |
- * The BAU message interrupt comes here. (registered by set_intr_gate) |
2810 |
- * See entry_64.S |
2811 |
- * |
2812 |
-@@ -1022,9 +1241,11 @@ void uv_bau_message_interrupt(struct pt_regs *regs) |
2813 |
- count++; |
2814 |
- |
2815 |
- msgdesc.msg_slot = msg - msgdesc.queue_first; |
2816 |
-- msgdesc.swack_slot = ffs(msg->swack_vec) - 1; |
2817 |
- msgdesc.msg = msg; |
2818 |
-- bau_process_message(&msgdesc, bcp); |
2819 |
-+ if (bcp->uvhub_version == 2) |
2820 |
-+ process_uv2_message(&msgdesc, bcp); |
2821 |
-+ else |
2822 |
-+ bau_process_message(&msgdesc, bcp, 1); |
2823 |
- |
2824 |
- msg++; |
2825 |
- if (msg > msgdesc.queue_last) |
2826 |
-@@ -1083,7 +1304,7 @@ static void __init enable_timeouts(void) |
2827 |
- */ |
2828 |
- mmr_image |= (1L << SOFTACK_MSHIFT); |
2829 |
- if (is_uv2_hub()) { |
2830 |
-- mmr_image |= (1L << UV2_LEG_SHFT); |
2831 |
-+ mmr_image &= ~(1L << UV2_LEG_SHFT); |
2832 |
- mmr_image |= (1L << UV2_EXT_SHFT); |
2833 |
- } |
2834 |
- write_mmr_misc_control(pnode, mmr_image); |
2835 |
-@@ -1142,7 +1363,7 @@ static int ptc_seq_show(struct seq_file *file, void *data) |
2836 |
- seq_printf(file, |
2837 |
- "all one mult none retry canc nocan reset rcan "); |
2838 |
- seq_printf(file, |
2839 |
-- "disable enable\n"); |
2840 |
-+ "disable enable wars warshw warwaits\n"); |
2841 |
- } |
2842 |
- if (cpu < num_possible_cpus() && cpu_online(cpu)) { |
2843 |
- stat = &per_cpu(ptcstats, cpu); |
2844 |
-@@ -1173,8 +1394,10 @@ static int ptc_seq_show(struct seq_file *file, void *data) |
2845 |
- stat->d_nomsg, stat->d_retries, stat->d_canceled, |
2846 |
- stat->d_nocanceled, stat->d_resets, |
2847 |
- stat->d_rcanceled); |
2848 |
-- seq_printf(file, "%ld %ld\n", |
2849 |
-- stat->s_bau_disabled, stat->s_bau_reenabled); |
2850 |
-+ seq_printf(file, "%ld %ld %ld %ld %ld\n", |
2851 |
-+ stat->s_bau_disabled, stat->s_bau_reenabled, |
2852 |
-+ stat->s_uv2_wars, stat->s_uv2_wars_hw, |
2853 |
-+ stat->s_uv2_war_waits); |
2854 |
- } |
2855 |
- return 0; |
2856 |
- } |
2857 |
-@@ -1432,12 +1655,15 @@ static void activation_descriptor_init(int node, int pnode, int base_pnode) |
2858 |
- { |
2859 |
- int i; |
2860 |
- int cpu; |
2861 |
-+ int uv1 = 0; |
2862 |
- unsigned long gpa; |
2863 |
- unsigned long m; |
2864 |
- unsigned long n; |
2865 |
- size_t dsize; |
2866 |
- struct bau_desc *bau_desc; |
2867 |
- struct bau_desc *bd2; |
2868 |
-+ struct uv1_bau_msg_header *uv1_hdr; |
2869 |
-+ struct uv2_bau_msg_header *uv2_hdr; |
2870 |
- struct bau_control *bcp; |
2871 |
- |
2872 |
- /* |
2873 |
-@@ -1451,6 +1677,8 @@ static void activation_descriptor_init(int node, int pnode, int base_pnode) |
2874 |
- gpa = uv_gpa(bau_desc); |
2875 |
- n = uv_gpa_to_gnode(gpa); |
2876 |
- m = uv_gpa_to_offset(gpa); |
2877 |
-+ if (is_uv1_hub()) |
2878 |
-+ uv1 = 1; |
2879 |
- |
2880 |
- /* the 14-bit pnode */ |
2881 |
- write_mmr_descriptor_base(pnode, (n << UV_DESC_PSHIFT | m)); |
2882 |
-@@ -1461,21 +1689,33 @@ static void activation_descriptor_init(int node, int pnode, int base_pnode) |
2883 |
- */ |
2884 |
- for (i = 0, bd2 = bau_desc; i < (ADP_SZ * ITEMS_PER_DESC); i++, bd2++) { |
2885 |
- memset(bd2, 0, sizeof(struct bau_desc)); |
2886 |
-- bd2->header.swack_flag = 1; |
2887 |
-- /* |
2888 |
-- * The base_dest_nasid set in the message header is the nasid |
2889 |
-- * of the first uvhub in the partition. The bit map will |
2890 |
-- * indicate destination pnode numbers relative to that base. |
2891 |
-- * They may not be consecutive if nasid striding is being used. |
2892 |
-- */ |
2893 |
-- bd2->header.base_dest_nasid = UV_PNODE_TO_NASID(base_pnode); |
2894 |
-- bd2->header.dest_subnodeid = UV_LB_SUBNODEID; |
2895 |
-- bd2->header.command = UV_NET_ENDPOINT_INTD; |
2896 |
-- bd2->header.int_both = 1; |
2897 |
-- /* |
2898 |
-- * all others need to be set to zero: |
2899 |
-- * fairness chaining multilevel count replied_to |
2900 |
-- */ |
2901 |
-+ if (uv1) { |
2902 |
-+ uv1_hdr = &bd2->header.uv1_hdr; |
2903 |
-+ uv1_hdr->swack_flag = 1; |
2904 |
-+ /* |
2905 |
-+ * The base_dest_nasid set in the message header |
2906 |
-+ * is the nasid of the first uvhub in the partition. |
2907 |
-+ * The bit map will indicate destination pnode numbers |
2908 |
-+ * relative to that base. They may not be consecutive |
2909 |
-+ * if nasid striding is being used. |
2910 |
-+ */ |
2911 |
-+ uv1_hdr->base_dest_nasid = |
2912 |
-+ UV_PNODE_TO_NASID(base_pnode); |
2913 |
-+ uv1_hdr->dest_subnodeid = UV_LB_SUBNODEID; |
2914 |
-+ uv1_hdr->command = UV_NET_ENDPOINT_INTD; |
2915 |
-+ uv1_hdr->int_both = 1; |
2916 |
-+ /* |
2917 |
-+ * all others need to be set to zero: |
2918 |
-+ * fairness chaining multilevel count replied_to |
2919 |
-+ */ |
2920 |
-+ } else { |
2921 |
-+ uv2_hdr = &bd2->header.uv2_hdr; |
2922 |
-+ uv2_hdr->swack_flag = 1; |
2923 |
-+ uv2_hdr->base_dest_nasid = |
2924 |
-+ UV_PNODE_TO_NASID(base_pnode); |
2925 |
-+ uv2_hdr->dest_subnodeid = UV_LB_SUBNODEID; |
2926 |
-+ uv2_hdr->command = UV_NET_ENDPOINT_INTD; |
2927 |
-+ } |
2928 |
- } |
2929 |
- for_each_present_cpu(cpu) { |
2930 |
- if (pnode != uv_blade_to_pnode(uv_cpu_to_blade_id(cpu))) |
2931 |
-@@ -1531,6 +1771,7 @@ static void pq_init(int node, int pnode) |
2932 |
- write_mmr_payload_first(pnode, pn_first); |
2933 |
- write_mmr_payload_tail(pnode, first); |
2934 |
- write_mmr_payload_last(pnode, last); |
2935 |
-+ write_gmmr_sw_ack(pnode, 0xffffUL); |
2936 |
- |
2937 |
- /* in effect, all msg_type's are set to MSG_NOOP */ |
2938 |
- memset(pqp, 0, sizeof(struct bau_pq_entry) * DEST_Q_SIZE); |
2939 |
-@@ -1584,14 +1825,14 @@ static int calculate_destination_timeout(void) |
2940 |
- ts_ns = base * mult1 * mult2; |
2941 |
- ret = ts_ns / 1000; |
2942 |
- } else { |
2943 |
-- /* 4 bits 0/1 for 10/80us, 3 bits of multiplier */ |
2944 |
-- mmr_image = uv_read_local_mmr(UVH_AGING_PRESCALE_SEL); |
2945 |
-+ /* 4 bits 0/1 for 10/80us base, 3 bits of multiplier */ |
2946 |
-+ mmr_image = uv_read_local_mmr(UVH_LB_BAU_MISC_CONTROL); |
2947 |
- mmr_image = (mmr_image & UV_SA_MASK) >> UV_SA_SHFT; |
2948 |
- if (mmr_image & (1L << UV2_ACK_UNITS_SHFT)) |
2949 |
-- mult1 = 80; |
2950 |
-+ base = 80; |
2951 |
- else |
2952 |
-- mult1 = 10; |
2953 |
-- base = mmr_image & UV2_ACK_MASK; |
2954 |
-+ base = 10; |
2955 |
-+ mult1 = mmr_image & UV2_ACK_MASK; |
2956 |
- ret = mult1 * base; |
2957 |
- } |
2958 |
- return ret; |
2959 |
-@@ -1618,6 +1859,7 @@ static void __init init_per_cpu_tunables(void) |
2960 |
- bcp->cong_response_us = congested_respns_us; |
2961 |
- bcp->cong_reps = congested_reps; |
2962 |
- bcp->cong_period = congested_period; |
2963 |
-+ bcp->clocks_per_100_usec = usec_2_cycles(100); |
2964 |
- } |
2965 |
- } |
2966 |
- |
2967 |
-@@ -1728,8 +1970,17 @@ static int scan_sock(struct socket_desc *sdp, struct uvhub_desc *bdp, |
2968 |
- bcp->cpus_in_socket = sdp->num_cpus; |
2969 |
- bcp->socket_master = *smasterp; |
2970 |
- bcp->uvhub = bdp->uvhub; |
2971 |
-+ if (is_uv1_hub()) |
2972 |
-+ bcp->uvhub_version = 1; |
2973 |
-+ else if (is_uv2_hub()) |
2974 |
-+ bcp->uvhub_version = 2; |
2975 |
-+ else { |
2976 |
-+ printk(KERN_EMERG "uvhub version not 1 or 2\n"); |
2977 |
-+ return 1; |
2978 |
-+ } |
2979 |
- bcp->uvhub_master = *hmasterp; |
2980 |
- bcp->uvhub_cpu = uv_cpu_hub_info(cpu)->blade_processor_id; |
2981 |
-+ bcp->using_desc = bcp->uvhub_cpu; |
2982 |
- if (bcp->uvhub_cpu >= MAX_CPUS_PER_UVHUB) { |
2983 |
- printk(KERN_EMERG "%d cpus per uvhub invalid\n", |
2984 |
- bcp->uvhub_cpu); |
2985 |
-@@ -1845,6 +2096,8 @@ static int __init uv_bau_init(void) |
2986 |
- uv_base_pnode = uv_blade_to_pnode(uvhub); |
2987 |
- } |
2988 |
- |
2989 |
-+ enable_timeouts(); |
2990 |
-+ |
2991 |
- if (init_per_cpu(nuvhubs, uv_base_pnode)) { |
2992 |
- nobau = 1; |
2993 |
- return 0; |
2994 |
-@@ -1855,7 +2108,6 @@ static int __init uv_bau_init(void) |
2995 |
- if (uv_blade_nr_possible_cpus(uvhub)) |
2996 |
- init_uvhub(uvhub, vector, uv_base_pnode); |
2997 |
- |
2998 |
-- enable_timeouts(); |
2999 |
- alloc_intr_gate(vector, uv_bau_message_intr1); |
3000 |
- |
3001 |
- for_each_possible_blade(uvhub) { |
3002 |
-@@ -1867,7 +2119,8 @@ static int __init uv_bau_init(void) |
3003 |
- val = 1L << 63; |
3004 |
- write_gmmr_activation(pnode, val); |
3005 |
- mmr = 1; /* should be 1 to broadcast to both sockets */ |
3006 |
-- write_mmr_data_broadcast(pnode, mmr); |
3007 |
-+ if (!is_uv1_hub()) |
3008 |
-+ write_mmr_data_broadcast(pnode, mmr); |
3009 |
- } |
3010 |
- } |
3011 |
- |
3012 |
-diff --git a/block/scsi_ioctl.c b/block/scsi_ioctl.c |
3013 |
-index fbdf0d8..688be8a 100644 |
3014 |
---- a/block/scsi_ioctl.c |
3015 |
-+++ b/block/scsi_ioctl.c |
3016 |
-@@ -24,6 +24,7 @@ |
3017 |
- #include <linux/capability.h> |
3018 |
- #include <linux/completion.h> |
3019 |
- #include <linux/cdrom.h> |
3020 |
-+#include <linux/ratelimit.h> |
3021 |
- #include <linux/slab.h> |
3022 |
- #include <linux/times.h> |
3023 |
- #include <asm/uaccess.h> |
3024 |
-@@ -690,6 +691,57 @@ int scsi_cmd_ioctl(struct request_queue *q, struct gendisk *bd_disk, fmode_t mod |
3025 |
- } |
3026 |
- EXPORT_SYMBOL(scsi_cmd_ioctl); |
3027 |
- |
3028 |
-+int scsi_verify_blk_ioctl(struct block_device *bd, unsigned int cmd) |
3029 |
-+{ |
3030 |
-+ if (bd && bd == bd->bd_contains) |
3031 |
-+ return 0; |
3032 |
-+ |
3033 |
-+ /* Actually none of these is particularly useful on a partition, |
3034 |
-+ * but they are safe. |
3035 |
-+ */ |
3036 |
-+ switch (cmd) { |
3037 |
-+ case SCSI_IOCTL_GET_IDLUN: |
3038 |
-+ case SCSI_IOCTL_GET_BUS_NUMBER: |
3039 |
-+ case SCSI_IOCTL_GET_PCI: |
3040 |
-+ case SCSI_IOCTL_PROBE_HOST: |
3041 |
-+ case SG_GET_VERSION_NUM: |
3042 |
-+ case SG_SET_TIMEOUT: |
3043 |
-+ case SG_GET_TIMEOUT: |
3044 |
-+ case SG_GET_RESERVED_SIZE: |
3045 |
-+ case SG_SET_RESERVED_SIZE: |
3046 |
-+ case SG_EMULATED_HOST: |
3047 |
-+ return 0; |
3048 |
-+ case CDROM_GET_CAPABILITY: |
3049 |
-+ /* Keep this until we remove the printk below. udev sends it |
3050 |
-+ * and we do not want to spam dmesg about it. CD-ROMs do |
3051 |
-+ * not have partitions, so we get here only for disks. |
3052 |
-+ */ |
3053 |
-+ return -ENOTTY; |
3054 |
-+ default: |
3055 |
-+ break; |
3056 |
-+ } |
3057 |
-+ |
3058 |
-+ /* In particular, rule out all resets and host-specific ioctls. */ |
3059 |
-+ printk_ratelimited(KERN_WARNING |
3060 |
-+ "%s: sending ioctl %x to a partition!\n", current->comm, cmd); |
3061 |
-+ |
3062 |
-+ return capable(CAP_SYS_RAWIO) ? 0 : -ENOTTY; |
3063 |
-+} |
3064 |
-+EXPORT_SYMBOL(scsi_verify_blk_ioctl); |
3065 |
-+ |
3066 |
-+int scsi_cmd_blk_ioctl(struct block_device *bd, fmode_t mode, |
3067 |
-+ unsigned int cmd, void __user *arg) |
3068 |
-+{ |
3069 |
-+ int ret; |
3070 |
-+ |
3071 |
-+ ret = scsi_verify_blk_ioctl(bd, cmd); |
3072 |
-+ if (ret < 0) |
3073 |
-+ return ret; |
3074 |
-+ |
3075 |
-+ return scsi_cmd_ioctl(bd->bd_disk->queue, bd->bd_disk, mode, cmd, arg); |
3076 |
-+} |
3077 |
-+EXPORT_SYMBOL(scsi_cmd_blk_ioctl); |
3078 |
-+ |
3079 |
- static int __init blk_scsi_ioctl_init(void) |
3080 |
- { |
3081 |
- blk_set_cmd_filter_defaults(&blk_default_cmd_filter); |
3082 |
-diff --git a/drivers/acpi/acpica/dsargs.c b/drivers/acpi/acpica/dsargs.c |
3083 |
-index 8c7b997..42163d8 100644 |
3084 |
---- a/drivers/acpi/acpica/dsargs.c |
3085 |
-+++ b/drivers/acpi/acpica/dsargs.c |
3086 |
-@@ -387,5 +387,29 @@ acpi_status acpi_ds_get_region_arguments(union acpi_operand_object *obj_desc) |
3087 |
- status = acpi_ds_execute_arguments(node, node->parent, |
3088 |
- extra_desc->extra.aml_length, |
3089 |
- extra_desc->extra.aml_start); |
3090 |
-+ if (ACPI_FAILURE(status)) { |
3091 |
-+ return_ACPI_STATUS(status); |
3092 |
-+ } |
3093 |
-+ |
3094 |
-+ /* Validate the region address/length via the host OS */ |
3095 |
-+ |
3096 |
-+ status = acpi_os_validate_address(obj_desc->region.space_id, |
3097 |
-+ obj_desc->region.address, |
3098 |
-+ (acpi_size) obj_desc->region.length, |
3099 |
-+ acpi_ut_get_node_name(node)); |
3100 |
-+ |
3101 |
-+ if (ACPI_FAILURE(status)) { |
3102 |
-+ /* |
3103 |
-+ * Invalid address/length. We will emit an error message and mark |
3104 |
-+ * the region as invalid, so that it will cause an additional error if |
3105 |
-+ * it is ever used. Then return AE_OK. |
3106 |
-+ */ |
3107 |
-+ ACPI_EXCEPTION((AE_INFO, status, |
3108 |
-+ "During address validation of OpRegion [%4.4s]", |
3109 |
-+ node->name.ascii)); |
3110 |
-+ obj_desc->common.flags |= AOPOBJ_INVALID; |
3111 |
-+ status = AE_OK; |
3112 |
-+ } |
3113 |
-+ |
3114 |
- return_ACPI_STATUS(status); |
3115 |
- } |
3116 |
-diff --git a/drivers/acpi/numa.c b/drivers/acpi/numa.c |
3117 |
-index 3b5c318..e56f3be 100644 |
3118 |
---- a/drivers/acpi/numa.c |
3119 |
-+++ b/drivers/acpi/numa.c |
3120 |
-@@ -45,6 +45,8 @@ static int pxm_to_node_map[MAX_PXM_DOMAINS] |
3121 |
- static int node_to_pxm_map[MAX_NUMNODES] |
3122 |
- = { [0 ... MAX_NUMNODES - 1] = PXM_INVAL }; |
3123 |
- |
3124 |
-+unsigned char acpi_srat_revision __initdata; |
3125 |
-+ |
3126 |
- int pxm_to_node(int pxm) |
3127 |
- { |
3128 |
- if (pxm < 0) |
3129 |
-@@ -255,9 +257,13 @@ acpi_parse_memory_affinity(struct acpi_subtable_header * header, |
3130 |
- |
3131 |
- static int __init acpi_parse_srat(struct acpi_table_header *table) |
3132 |
- { |
3133 |
-+ struct acpi_table_srat *srat; |
3134 |
- if (!table) |
3135 |
- return -EINVAL; |
3136 |
- |
3137 |
-+ srat = (struct acpi_table_srat *)table; |
3138 |
-+ acpi_srat_revision = srat->header.revision; |
3139 |
-+ |
3140 |
- /* Real work done in acpi_table_parse_srat below. */ |
3141 |
- |
3142 |
- return 0; |
3143 |
-diff --git a/drivers/acpi/processor_core.c b/drivers/acpi/processor_core.c |
3144 |
-index 3a0428e..c850de4 100644 |
3145 |
---- a/drivers/acpi/processor_core.c |
3146 |
-+++ b/drivers/acpi/processor_core.c |
3147 |
-@@ -173,8 +173,30 @@ int acpi_get_cpuid(acpi_handle handle, int type, u32 acpi_id) |
3148 |
- apic_id = map_mat_entry(handle, type, acpi_id); |
3149 |
- if (apic_id == -1) |
3150 |
- apic_id = map_madt_entry(type, acpi_id); |
3151 |
-- if (apic_id == -1) |
3152 |
-- return apic_id; |
3153 |
-+ if (apic_id == -1) { |
3154 |
-+ /* |
3155 |
-+ * On UP processor, there is no _MAT or MADT table. |
3156 |
-+ * So above apic_id is always set to -1. |
3157 |
-+ * |
3158 |
-+ * BIOS may define multiple CPU handles even for UP processor. |
3159 |
-+ * For example, |
3160 |
-+ * |
3161 |
-+ * Scope (_PR) |
3162 |
-+ * { |
3163 |
-+ * Processor (CPU0, 0x00, 0x00000410, 0x06) {} |
3164 |
-+ * Processor (CPU1, 0x01, 0x00000410, 0x06) {} |
3165 |
-+ * Processor (CPU2, 0x02, 0x00000410, 0x06) {} |
3166 |
-+ * Processor (CPU3, 0x03, 0x00000410, 0x06) {} |
3167 |
-+ * } |
3168 |
-+ * |
3169 |
-+ * Ignores apic_id and always return 0 for CPU0's handle. |
3170 |
-+ * Return -1 for other CPU's handle. |
3171 |
-+ */ |
3172 |
-+ if (acpi_id == 0) |
3173 |
-+ return acpi_id; |
3174 |
-+ else |
3175 |
-+ return apic_id; |
3176 |
-+ } |
3177 |
- |
3178 |
- #ifdef CONFIG_SMP |
3179 |
- for_each_possible_cpu(i) { |
3180 |
-diff --git a/drivers/bcma/host_pci.c b/drivers/bcma/host_pci.c |
3181 |
-index 990f5a8..48e06be 100644 |
3182 |
---- a/drivers/bcma/host_pci.c |
3183 |
-+++ b/drivers/bcma/host_pci.c |
3184 |
-@@ -227,11 +227,14 @@ static void bcma_host_pci_remove(struct pci_dev *dev) |
3185 |
- #ifdef CONFIG_PM |
3186 |
- static int bcma_host_pci_suspend(struct pci_dev *dev, pm_message_t state) |
3187 |
- { |
3188 |
-+ struct bcma_bus *bus = pci_get_drvdata(dev); |
3189 |
-+ |
3190 |
- /* Host specific */ |
3191 |
- pci_save_state(dev); |
3192 |
- pci_disable_device(dev); |
3193 |
- pci_set_power_state(dev, pci_choose_state(dev, state)); |
3194 |
- |
3195 |
-+ bus->mapped_core = NULL; |
3196 |
- return 0; |
3197 |
- } |
3198 |
- |
3199 |
-diff --git a/drivers/block/cciss.c b/drivers/block/cciss.c |
3200 |
-index 587cce5..b0f553b 100644 |
3201 |
---- a/drivers/block/cciss.c |
3202 |
-+++ b/drivers/block/cciss.c |
3203 |
-@@ -1735,7 +1735,7 @@ static int cciss_ioctl(struct block_device *bdev, fmode_t mode, |
3204 |
- case CCISS_BIG_PASSTHRU: |
3205 |
- return cciss_bigpassthru(h, argp); |
3206 |
- |
3207 |
-- /* scsi_cmd_ioctl handles these, below, though some are not */ |
3208 |
-+ /* scsi_cmd_blk_ioctl handles these, below, though some are not */ |
3209 |
- /* very meaningful for cciss. SG_IO is the main one people want. */ |
3210 |
- |
3211 |
- case SG_GET_VERSION_NUM: |
3212 |
-@@ -1746,9 +1746,9 @@ static int cciss_ioctl(struct block_device *bdev, fmode_t mode, |
3213 |
- case SG_EMULATED_HOST: |
3214 |
- case SG_IO: |
3215 |
- case SCSI_IOCTL_SEND_COMMAND: |
3216 |
-- return scsi_cmd_ioctl(disk->queue, disk, mode, cmd, argp); |
3217 |
-+ return scsi_cmd_blk_ioctl(bdev, mode, cmd, argp); |
3218 |
- |
3219 |
-- /* scsi_cmd_ioctl would normally handle these, below, but */ |
3220 |
-+ /* scsi_cmd_blk_ioctl would normally handle these, below, but */ |
3221 |
- /* they aren't a good fit for cciss, as CD-ROMs are */ |
3222 |
- /* not supported, and we don't have any bus/target/lun */ |
3223 |
- /* which we present to the kernel. */ |
3224 |
-diff --git a/drivers/block/ub.c b/drivers/block/ub.c |
3225 |
-index 0e376d4..7333b9e 100644 |
3226 |
---- a/drivers/block/ub.c |
3227 |
-+++ b/drivers/block/ub.c |
3228 |
-@@ -1744,12 +1744,11 @@ static int ub_bd_release(struct gendisk *disk, fmode_t mode) |
3229 |
- static int ub_bd_ioctl(struct block_device *bdev, fmode_t mode, |
3230 |
- unsigned int cmd, unsigned long arg) |
3231 |
- { |
3232 |
-- struct gendisk *disk = bdev->bd_disk; |
3233 |
- void __user *usermem = (void __user *) arg; |
3234 |
- int ret; |
3235 |
- |
3236 |
- mutex_lock(&ub_mutex); |
3237 |
-- ret = scsi_cmd_ioctl(disk->queue, disk, mode, cmd, usermem); |
3238 |
-+ ret = scsi_cmd_blk_ioctl(bdev, mode, cmd, usermem); |
3239 |
- mutex_unlock(&ub_mutex); |
3240 |
- |
3241 |
- return ret; |
3242 |
-diff --git a/drivers/block/virtio_blk.c b/drivers/block/virtio_blk.c |
3243 |
-index 4d0b70a..e46f2f7 100644 |
3244 |
---- a/drivers/block/virtio_blk.c |
3245 |
-+++ b/drivers/block/virtio_blk.c |
3246 |
-@@ -243,8 +243,8 @@ static int virtblk_ioctl(struct block_device *bdev, fmode_t mode, |
3247 |
- if (!virtio_has_feature(vblk->vdev, VIRTIO_BLK_F_SCSI)) |
3248 |
- return -ENOTTY; |
3249 |
- |
3250 |
-- return scsi_cmd_ioctl(disk->queue, disk, mode, cmd, |
3251 |
-- (void __user *)data); |
3252 |
-+ return scsi_cmd_blk_ioctl(bdev, mode, cmd, |
3253 |
-+ (void __user *)data); |
3254 |
- } |
3255 |
- |
3256 |
- /* We provide getgeo only to please some old bootloader/partitioning tools */ |
3257 |
-diff --git a/drivers/cdrom/cdrom.c b/drivers/cdrom/cdrom.c |
3258 |
-index f997c27..cedb231 100644 |
3259 |
---- a/drivers/cdrom/cdrom.c |
3260 |
-+++ b/drivers/cdrom/cdrom.c |
3261 |
-@@ -2747,12 +2747,11 @@ int cdrom_ioctl(struct cdrom_device_info *cdi, struct block_device *bdev, |
3262 |
- { |
3263 |
- void __user *argp = (void __user *)arg; |
3264 |
- int ret; |
3265 |
-- struct gendisk *disk = bdev->bd_disk; |
3266 |
- |
3267 |
- /* |
3268 |
- * Try the generic SCSI command ioctl's first. |
3269 |
- */ |
3270 |
-- ret = scsi_cmd_ioctl(disk->queue, disk, mode, cmd, argp); |
3271 |
-+ ret = scsi_cmd_blk_ioctl(bdev, mode, cmd, argp); |
3272 |
- if (ret != -ENOTTY) |
3273 |
- return ret; |
3274 |
- |
3275 |
-diff --git a/drivers/gpu/drm/radeon/r100.c b/drivers/gpu/drm/radeon/r100.c |
3276 |
-index bfc08f6..31b0d1a 100644 |
3277 |
---- a/drivers/gpu/drm/radeon/r100.c |
3278 |
-+++ b/drivers/gpu/drm/radeon/r100.c |
3279 |
-@@ -2177,6 +2177,7 @@ bool r100_gpu_is_lockup(struct radeon_device *rdev) |
3280 |
- void r100_bm_disable(struct radeon_device *rdev) |
3281 |
- { |
3282 |
- u32 tmp; |
3283 |
-+ u16 tmp16; |
3284 |
- |
3285 |
- /* disable bus mastering */ |
3286 |
- tmp = RREG32(R_000030_BUS_CNTL); |
3287 |
-@@ -2187,8 +2188,8 @@ void r100_bm_disable(struct radeon_device *rdev) |
3288 |
- WREG32(R_000030_BUS_CNTL, (tmp & 0xFFFFFFFF) | 0x00000040); |
3289 |
- tmp = RREG32(RADEON_BUS_CNTL); |
3290 |
- mdelay(1); |
3291 |
-- pci_read_config_word(rdev->pdev, 0x4, (u16*)&tmp); |
3292 |
-- pci_write_config_word(rdev->pdev, 0x4, tmp & 0xFFFB); |
3293 |
-+ pci_read_config_word(rdev->pdev, 0x4, &tmp16); |
3294 |
-+ pci_write_config_word(rdev->pdev, 0x4, tmp16 & 0xFFFB); |
3295 |
- mdelay(1); |
3296 |
- } |
3297 |
- |
3298 |
-diff --git a/drivers/gpu/drm/radeon/r600_hdmi.c b/drivers/gpu/drm/radeon/r600_hdmi.c |
3299 |
-index f5ac7e7..c45d921 100644 |
3300 |
---- a/drivers/gpu/drm/radeon/r600_hdmi.c |
3301 |
-+++ b/drivers/gpu/drm/radeon/r600_hdmi.c |
3302 |
-@@ -196,6 +196,13 @@ static void r600_hdmi_videoinfoframe( |
3303 |
- frame[0xD] = (right_bar >> 8); |
3304 |
- |
3305 |
- r600_hdmi_infoframe_checksum(0x82, 0x02, 0x0D, frame); |
3306 |
-+ /* Our header values (type, version, length) should be alright, Intel |
3307 |
-+ * is using the same. Checksum function also seems to be OK, it works |
3308 |
-+ * fine for audio infoframe. However calculated value is always lower |
3309 |
-+ * by 2 in comparison to fglrx. It breaks displaying anything in case |
3310 |
-+ * of TVs that strictly check the checksum. Hack it manually here to |
3311 |
-+ * workaround this issue. */ |
3312 |
-+ frame[0x0] += 2; |
3313 |
- |
3314 |
- WREG32(offset+R600_HDMI_VIDEOINFOFRAME_0, |
3315 |
- frame[0x0] | (frame[0x1] << 8) | (frame[0x2] << 16) | (frame[0x3] << 24)); |
3316 |
-diff --git a/drivers/gpu/drm/radeon/radeon_device.c b/drivers/gpu/drm/radeon/radeon_device.c |
3317 |
-index c4d00a1..9b39145 100644 |
3318 |
---- a/drivers/gpu/drm/radeon/radeon_device.c |
3319 |
-+++ b/drivers/gpu/drm/radeon/radeon_device.c |
3320 |
-@@ -224,8 +224,11 @@ int radeon_wb_init(struct radeon_device *rdev) |
3321 |
- if (radeon_no_wb == 1) |
3322 |
- rdev->wb.enabled = false; |
3323 |
- else { |
3324 |
-- /* often unreliable on AGP */ |
3325 |
- if (rdev->flags & RADEON_IS_AGP) { |
3326 |
-+ /* often unreliable on AGP */ |
3327 |
-+ rdev->wb.enabled = false; |
3328 |
-+ } else if (rdev->family < CHIP_R300) { |
3329 |
-+ /* often unreliable on pre-r300 */ |
3330 |
- rdev->wb.enabled = false; |
3331 |
- } else { |
3332 |
- rdev->wb.enabled = true; |
3333 |
-diff --git a/drivers/gpu/drm/radeon/rs600.c b/drivers/gpu/drm/radeon/rs600.c |
3334 |
-index b1053d6..c259e21 100644 |
3335 |
---- a/drivers/gpu/drm/radeon/rs600.c |
3336 |
-+++ b/drivers/gpu/drm/radeon/rs600.c |
3337 |
-@@ -324,10 +324,10 @@ void rs600_hpd_fini(struct radeon_device *rdev) |
3338 |
- |
3339 |
- void rs600_bm_disable(struct radeon_device *rdev) |
3340 |
- { |
3341 |
-- u32 tmp; |
3342 |
-+ u16 tmp; |
3343 |
- |
3344 |
- /* disable bus mastering */ |
3345 |
-- pci_read_config_word(rdev->pdev, 0x4, (u16*)&tmp); |
3346 |
-+ pci_read_config_word(rdev->pdev, 0x4, &tmp); |
3347 |
- pci_write_config_word(rdev->pdev, 0x4, tmp & 0xFFFB); |
3348 |
- mdelay(1); |
3349 |
- } |
3350 |
-diff --git a/drivers/hid/Kconfig b/drivers/hid/Kconfig |
3351 |
-index 22a4a05..d21f6d0 100644 |
3352 |
---- a/drivers/hid/Kconfig |
3353 |
-+++ b/drivers/hid/Kconfig |
3354 |
-@@ -335,6 +335,7 @@ config HID_MULTITOUCH |
3355 |
- Say Y here if you have one of the following devices: |
3356 |
- - 3M PCT touch screens |
3357 |
- - ActionStar dual touch panels |
3358 |
-+ - Atmel panels |
3359 |
- - Cando dual touch panels |
3360 |
- - Chunghwa panels |
3361 |
- - CVTouch panels |
3362 |
-@@ -355,6 +356,7 @@ config HID_MULTITOUCH |
3363 |
- - Touch International Panels |
3364 |
- - Unitec Panels |
3365 |
- - XAT optical touch panels |
3366 |
-+ - Xiroku optical touch panels |
3367 |
- |
3368 |
- If unsure, say N. |
3369 |
- |
3370 |
-@@ -620,6 +622,7 @@ config HID_WIIMOTE |
3371 |
- depends on BT_HIDP |
3372 |
- depends on LEDS_CLASS |
3373 |
- select POWER_SUPPLY |
3374 |
-+ select INPUT_FF_MEMLESS |
3375 |
- ---help--- |
3376 |
- Support for the Nintendo Wii Remote bluetooth device. |
3377 |
- |
3378 |
-diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c |
3379 |
-index af35384..bb656d8 100644 |
3380 |
---- a/drivers/hid/hid-core.c |
3381 |
-+++ b/drivers/hid/hid-core.c |
3382 |
-@@ -362,7 +362,7 @@ static int hid_parser_global(struct hid_parser *parser, struct hid_item *item) |
3383 |
- |
3384 |
- case HID_GLOBAL_ITEM_TAG_REPORT_SIZE: |
3385 |
- parser->global.report_size = item_udata(item); |
3386 |
-- if (parser->global.report_size > 32) { |
3387 |
-+ if (parser->global.report_size > 96) { |
3388 |
- dbg_hid("invalid report_size %d\n", |
3389 |
- parser->global.report_size); |
3390 |
- return -1; |
3391 |
-@@ -1404,11 +1404,13 @@ static const struct hid_device_id hid_have_special_driver[] = { |
3392 |
- { HID_USB_DEVICE(USB_VENDOR_ID_CYPRESS, USB_DEVICE_ID_CYPRESS_TRUETOUCH) }, |
3393 |
- { HID_USB_DEVICE(USB_VENDOR_ID_DRAGONRISE, 0x0006) }, |
3394 |
- { HID_USB_DEVICE(USB_VENDOR_ID_DRAGONRISE, 0x0011) }, |
3395 |
-- { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH) }, |
3396 |
-- { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH1) }, |
3397 |
-- { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH2) }, |
3398 |
-- { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH3) }, |
3399 |
-- { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH4) }, |
3400 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_480D) }, |
3401 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_480E) }, |
3402 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_720C) }, |
3403 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_726B) }, |
3404 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_72A1) }, |
3405 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_7302) }, |
3406 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_DWAV, USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_A001) }, |
3407 |
- { HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_ELECOM, USB_DEVICE_ID_ELECOM_BM084) }, |
3408 |
- { HID_USB_DEVICE(USB_VENDOR_ID_ELO, USB_DEVICE_ID_ELO_TS2515) }, |
3409 |
- { HID_USB_DEVICE(USB_VENDOR_ID_EMS, USB_DEVICE_ID_EMS_TRIO_LINKER_PLUS_II) }, |
3410 |
-@@ -1423,6 +1425,7 @@ static const struct hid_device_id hid_have_special_driver[] = { |
3411 |
- { HID_USB_DEVICE(USB_VENDOR_ID_GYRATION, USB_DEVICE_ID_GYRATION_REMOTE_2) }, |
3412 |
- { HID_USB_DEVICE(USB_VENDOR_ID_GYRATION, USB_DEVICE_ID_GYRATION_REMOTE_3) }, |
3413 |
- { HID_USB_DEVICE(USB_VENDOR_ID_HANVON, USB_DEVICE_ID_HANVON_MULTITOUCH) }, |
3414 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_HANVON_ALT, USB_DEVICE_ID_HANVON_ALT_MULTITOUCH) }, |
3415 |
- { HID_USB_DEVICE(USB_VENDOR_ID_IDEACOM, USB_DEVICE_ID_IDEACOM_IDC6650) }, |
3416 |
- { HID_USB_DEVICE(USB_VENDOR_ID_HOLTEK, USB_DEVICE_ID_HOLTEK_ON_LINE_GRIP) }, |
3417 |
- { HID_USB_DEVICE(USB_VENDOR_ID_ILITEK, USB_DEVICE_ID_ILITEK_MULTITOUCH) }, |
3418 |
-@@ -1549,6 +1552,15 @@ static const struct hid_device_id hid_have_special_driver[] = { |
3419 |
- { HID_USB_DEVICE(USB_VENDOR_ID_WALTOP, USB_DEVICE_ID_WALTOP_MEDIA_TABLET_10_6_INCH) }, |
3420 |
- { HID_USB_DEVICE(USB_VENDOR_ID_WALTOP, USB_DEVICE_ID_WALTOP_MEDIA_TABLET_14_1_INCH) }, |
3421 |
- { HID_USB_DEVICE(USB_VENDOR_ID_XAT, USB_DEVICE_ID_XAT_CSR) }, |
3422 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, USB_DEVICE_ID_XIROKU_SPX) }, |
3423 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, USB_DEVICE_ID_XIROKU_MPX) }, |
3424 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, USB_DEVICE_ID_XIROKU_CSR) }, |
3425 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, USB_DEVICE_ID_XIROKU_SPX1) }, |
3426 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, USB_DEVICE_ID_XIROKU_MPX1) }, |
3427 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, USB_DEVICE_ID_XIROKU_CSR1) }, |
3428 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, USB_DEVICE_ID_XIROKU_SPX2) }, |
3429 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, USB_DEVICE_ID_XIROKU_MPX2) }, |
3430 |
-+ { HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, USB_DEVICE_ID_XIROKU_CSR2) }, |
3431 |
- { HID_USB_DEVICE(USB_VENDOR_ID_X_TENSIONS, USB_DEVICE_ID_SPEEDLINK_VAD_CEZANNE) }, |
3432 |
- { HID_USB_DEVICE(USB_VENDOR_ID_ZEROPLUS, 0x0005) }, |
3433 |
- { HID_USB_DEVICE(USB_VENDOR_ID_ZEROPLUS, 0x0030) }, |
3434 |
-diff --git a/drivers/hid/hid-ids.h b/drivers/hid/hid-ids.h |
3435 |
-index 4a441a6..00cabb3 100644 |
3436 |
---- a/drivers/hid/hid-ids.h |
3437 |
-+++ b/drivers/hid/hid-ids.h |
3438 |
-@@ -21,6 +21,7 @@ |
3439 |
- #define USB_VENDOR_ID_3M 0x0596 |
3440 |
- #define USB_DEVICE_ID_3M1968 0x0500 |
3441 |
- #define USB_DEVICE_ID_3M2256 0x0502 |
3442 |
-+#define USB_DEVICE_ID_3M3266 0x0506 |
3443 |
- |
3444 |
- #define USB_VENDOR_ID_A4TECH 0x09da |
3445 |
- #define USB_DEVICE_ID_A4TECH_WCP32PU 0x0006 |
3446 |
-@@ -145,6 +146,9 @@ |
3447 |
- #define USB_DEVICE_ID_ATEN_4PORTKVM 0x2205 |
3448 |
- #define USB_DEVICE_ID_ATEN_4PORTKVMC 0x2208 |
3449 |
- |
3450 |
-+#define USB_VENDOR_ID_ATMEL 0x03eb |
3451 |
-+#define USB_DEVICE_ID_ATMEL_MULTITOUCH 0x211c |
3452 |
-+ |
3453 |
- #define USB_VENDOR_ID_AVERMEDIA 0x07ca |
3454 |
- #define USB_DEVICE_ID_AVER_FM_MR800 0xb800 |
3455 |
- |
3456 |
-@@ -230,11 +234,14 @@ |
3457 |
- |
3458 |
- #define USB_VENDOR_ID_DWAV 0x0eef |
3459 |
- #define USB_DEVICE_ID_EGALAX_TOUCHCONTROLLER 0x0001 |
3460 |
--#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH 0x480d |
3461 |
--#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH1 0x720c |
3462 |
--#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH2 0x72a1 |
3463 |
--#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH3 0x480e |
3464 |
--#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH4 0x726b |
3465 |
-+#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_480D 0x480d |
3466 |
-+#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_480E 0x480e |
3467 |
-+#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_720C 0x720c |
3468 |
-+#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_726B 0x726b |
3469 |
-+#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_72A1 0x72a1 |
3470 |
-+#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_72FA 0x72fa |
3471 |
-+#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_7302 0x7302 |
3472 |
-+#define USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_A001 0xa001 |
3473 |
- |
3474 |
- #define USB_VENDOR_ID_ELECOM 0x056e |
3475 |
- #define USB_DEVICE_ID_ELECOM_BM084 0x0061 |
3476 |
-@@ -356,6 +363,9 @@ |
3477 |
- #define USB_VENDOR_ID_HANVON 0x20b3 |
3478 |
- #define USB_DEVICE_ID_HANVON_MULTITOUCH 0x0a18 |
3479 |
- |
3480 |
-+#define USB_VENDOR_ID_HANVON_ALT 0x22ed |
3481 |
-+#define USB_DEVICE_ID_HANVON_ALT_MULTITOUCH 0x1010 |
3482 |
-+ |
3483 |
- #define USB_VENDOR_ID_HAPP 0x078b |
3484 |
- #define USB_DEVICE_ID_UGCI_DRIVING 0x0010 |
3485 |
- #define USB_DEVICE_ID_UGCI_FLYING 0x0020 |
3486 |
-@@ -707,6 +717,17 @@ |
3487 |
- #define USB_VENDOR_ID_XAT 0x2505 |
3488 |
- #define USB_DEVICE_ID_XAT_CSR 0x0220 |
3489 |
- |
3490 |
-+#define USB_VENDOR_ID_XIROKU 0x1477 |
3491 |
-+#define USB_DEVICE_ID_XIROKU_SPX 0x1006 |
3492 |
-+#define USB_DEVICE_ID_XIROKU_MPX 0x1007 |
3493 |
-+#define USB_DEVICE_ID_XIROKU_CSR 0x100e |
3494 |
-+#define USB_DEVICE_ID_XIROKU_SPX1 0x1021 |
3495 |
-+#define USB_DEVICE_ID_XIROKU_CSR1 0x1022 |
3496 |
-+#define USB_DEVICE_ID_XIROKU_MPX1 0x1023 |
3497 |
-+#define USB_DEVICE_ID_XIROKU_SPX2 0x1024 |
3498 |
-+#define USB_DEVICE_ID_XIROKU_CSR2 0x1025 |
3499 |
-+#define USB_DEVICE_ID_XIROKU_MPX2 0x1026 |
3500 |
-+ |
3501 |
- #define USB_VENDOR_ID_YEALINK 0x6993 |
3502 |
- #define USB_DEVICE_ID_YEALINK_P1K_P4K_B2K 0xb001 |
3503 |
- |
3504 |
-diff --git a/drivers/hid/hid-multitouch.c b/drivers/hid/hid-multitouch.c |
3505 |
-index f1c909f..995fc4c 100644 |
3506 |
---- a/drivers/hid/hid-multitouch.c |
3507 |
-+++ b/drivers/hid/hid-multitouch.c |
3508 |
-@@ -609,12 +609,20 @@ static const struct hid_device_id mt_devices[] = { |
3509 |
- { .driver_data = MT_CLS_3M, |
3510 |
- HID_USB_DEVICE(USB_VENDOR_ID_3M, |
3511 |
- USB_DEVICE_ID_3M2256) }, |
3512 |
-+ { .driver_data = MT_CLS_3M, |
3513 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_3M, |
3514 |
-+ USB_DEVICE_ID_3M3266) }, |
3515 |
- |
3516 |
- /* ActionStar panels */ |
3517 |
- { .driver_data = MT_CLS_DEFAULT, |
3518 |
- HID_USB_DEVICE(USB_VENDOR_ID_ACTIONSTAR, |
3519 |
- USB_DEVICE_ID_ACTIONSTAR_1011) }, |
3520 |
- |
3521 |
-+ /* Atmel panels */ |
3522 |
-+ { .driver_data = MT_CLS_SERIAL, |
3523 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_ATMEL, |
3524 |
-+ USB_DEVICE_ID_ATMEL_MULTITOUCH) }, |
3525 |
-+ |
3526 |
- /* Cando panels */ |
3527 |
- { .driver_data = MT_CLS_DUAL_INRANGE_CONTACTNUMBER, |
3528 |
- HID_USB_DEVICE(USB_VENDOR_ID_CANDO, |
3529 |
-@@ -645,23 +653,32 @@ static const struct hid_device_id mt_devices[] = { |
3530 |
- USB_DEVICE_ID_CYPRESS_TRUETOUCH) }, |
3531 |
- |
3532 |
- /* eGalax devices (resistive) */ |
3533 |
-- { .driver_data = MT_CLS_EGALAX, |
3534 |
-+ { .driver_data = MT_CLS_EGALAX, |
3535 |
- HID_USB_DEVICE(USB_VENDOR_ID_DWAV, |
3536 |
-- USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH) }, |
3537 |
-- { .driver_data = MT_CLS_EGALAX, |
3538 |
-+ USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_480D) }, |
3539 |
-+ { .driver_data = MT_CLS_EGALAX, |
3540 |
- HID_USB_DEVICE(USB_VENDOR_ID_DWAV, |
3541 |
-- USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH3) }, |
3542 |
-+ USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_480E) }, |
3543 |
- |
3544 |
- /* eGalax devices (capacitive) */ |
3545 |
-- { .driver_data = MT_CLS_EGALAX, |
3546 |
-+ { .driver_data = MT_CLS_EGALAX, |
3547 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_DWAV, |
3548 |
-+ USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_720C) }, |
3549 |
-+ { .driver_data = MT_CLS_EGALAX, |
3550 |
- HID_USB_DEVICE(USB_VENDOR_ID_DWAV, |
3551 |
-- USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH1) }, |
3552 |
-- { .driver_data = MT_CLS_EGALAX, |
3553 |
-+ USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_726B) }, |
3554 |
-+ { .driver_data = MT_CLS_EGALAX, |
3555 |
- HID_USB_DEVICE(USB_VENDOR_ID_DWAV, |
3556 |
-- USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH2) }, |
3557 |
-- { .driver_data = MT_CLS_EGALAX, |
3558 |
-+ USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_72A1) }, |
3559 |
-+ { .driver_data = MT_CLS_EGALAX, |
3560 |
- HID_USB_DEVICE(USB_VENDOR_ID_DWAV, |
3561 |
-- USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH4) }, |
3562 |
-+ USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_72FA) }, |
3563 |
-+ { .driver_data = MT_CLS_EGALAX, |
3564 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_DWAV, |
3565 |
-+ USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_7302) }, |
3566 |
-+ { .driver_data = MT_CLS_EGALAX, |
3567 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_DWAV, |
3568 |
-+ USB_DEVICE_ID_DWAV_EGALAX_MULTITOUCH_A001) }, |
3569 |
- |
3570 |
- /* Elo TouchSystems IntelliTouch Plus panel */ |
3571 |
- { .driver_data = MT_CLS_DUAL_NSMU_CONTACTID, |
3572 |
-@@ -678,6 +695,11 @@ static const struct hid_device_id mt_devices[] = { |
3573 |
- HID_USB_DEVICE(USB_VENDOR_ID_GOODTOUCH, |
3574 |
- USB_DEVICE_ID_GOODTOUCH_000f) }, |
3575 |
- |
3576 |
-+ /* Hanvon panels */ |
3577 |
-+ { .driver_data = MT_CLS_DUAL_INRANGE_CONTACTID, |
3578 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_HANVON_ALT, |
3579 |
-+ USB_DEVICE_ID_HANVON_ALT_MULTITOUCH) }, |
3580 |
-+ |
3581 |
- /* Ideacom panel */ |
3582 |
- { .driver_data = MT_CLS_SERIAL, |
3583 |
- HID_USB_DEVICE(USB_VENDOR_ID_IDEACOM, |
3584 |
-@@ -758,6 +780,35 @@ static const struct hid_device_id mt_devices[] = { |
3585 |
- HID_USB_DEVICE(USB_VENDOR_ID_XAT, |
3586 |
- USB_DEVICE_ID_XAT_CSR) }, |
3587 |
- |
3588 |
-+ /* Xiroku */ |
3589 |
-+ { .driver_data = MT_CLS_DEFAULT, |
3590 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, |
3591 |
-+ USB_DEVICE_ID_XIROKU_SPX) }, |
3592 |
-+ { .driver_data = MT_CLS_DEFAULT, |
3593 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, |
3594 |
-+ USB_DEVICE_ID_XIROKU_MPX) }, |
3595 |
-+ { .driver_data = MT_CLS_DEFAULT, |
3596 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, |
3597 |
-+ USB_DEVICE_ID_XIROKU_CSR) }, |
3598 |
-+ { .driver_data = MT_CLS_DEFAULT, |
3599 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, |
3600 |
-+ USB_DEVICE_ID_XIROKU_SPX1) }, |
3601 |
-+ { .driver_data = MT_CLS_DEFAULT, |
3602 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, |
3603 |
-+ USB_DEVICE_ID_XIROKU_MPX1) }, |
3604 |
-+ { .driver_data = MT_CLS_DEFAULT, |
3605 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, |
3606 |
-+ USB_DEVICE_ID_XIROKU_CSR1) }, |
3607 |
-+ { .driver_data = MT_CLS_DEFAULT, |
3608 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, |
3609 |
-+ USB_DEVICE_ID_XIROKU_SPX2) }, |
3610 |
-+ { .driver_data = MT_CLS_DEFAULT, |
3611 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, |
3612 |
-+ USB_DEVICE_ID_XIROKU_MPX2) }, |
3613 |
-+ { .driver_data = MT_CLS_DEFAULT, |
3614 |
-+ HID_USB_DEVICE(USB_VENDOR_ID_XIROKU, |
3615 |
-+ USB_DEVICE_ID_XIROKU_CSR2) }, |
3616 |
-+ |
3617 |
- { } |
3618 |
- }; |
3619 |
- MODULE_DEVICE_TABLE(hid, mt_devices); |
3620 |
-diff --git a/drivers/i2c/busses/i2c-ali1535.c b/drivers/i2c/busses/i2c-ali1535.c |
3621 |
-index b6807db..5b667e5 100644 |
3622 |
---- a/drivers/i2c/busses/i2c-ali1535.c |
3623 |
-+++ b/drivers/i2c/busses/i2c-ali1535.c |
3624 |
-@@ -140,7 +140,7 @@ static unsigned short ali1535_smba; |
3625 |
- defined to make the transition easier. */ |
3626 |
- static int __devinit ali1535_setup(struct pci_dev *dev) |
3627 |
- { |
3628 |
-- int retval = -ENODEV; |
3629 |
-+ int retval; |
3630 |
- unsigned char temp; |
3631 |
- |
3632 |
- /* Check the following things: |
3633 |
-@@ -155,6 +155,7 @@ static int __devinit ali1535_setup(struct pci_dev *dev) |
3634 |
- if (ali1535_smba == 0) { |
3635 |
- dev_warn(&dev->dev, |
3636 |
- "ALI1535_smb region uninitialized - upgrade BIOS?\n"); |
3637 |
-+ retval = -ENODEV; |
3638 |
- goto exit; |
3639 |
- } |
3640 |
- |
3641 |
-@@ -167,6 +168,7 @@ static int __devinit ali1535_setup(struct pci_dev *dev) |
3642 |
- ali1535_driver.name)) { |
3643 |
- dev_err(&dev->dev, "ALI1535_smb region 0x%x already in use!\n", |
3644 |
- ali1535_smba); |
3645 |
-+ retval = -EBUSY; |
3646 |
- goto exit; |
3647 |
- } |
3648 |
- |
3649 |
-@@ -174,6 +176,7 @@ static int __devinit ali1535_setup(struct pci_dev *dev) |
3650 |
- pci_read_config_byte(dev, SMBCFG, &temp); |
3651 |
- if ((temp & ALI1535_SMBIO_EN) == 0) { |
3652 |
- dev_err(&dev->dev, "SMB device not enabled - upgrade BIOS?\n"); |
3653 |
-+ retval = -ENODEV; |
3654 |
- goto exit_free; |
3655 |
- } |
3656 |
- |
3657 |
-@@ -181,6 +184,7 @@ static int __devinit ali1535_setup(struct pci_dev *dev) |
3658 |
- pci_read_config_byte(dev, SMBHSTCFG, &temp); |
3659 |
- if ((temp & 1) == 0) { |
3660 |
- dev_err(&dev->dev, "SMBus controller not enabled - upgrade BIOS?\n"); |
3661 |
-+ retval = -ENODEV; |
3662 |
- goto exit_free; |
3663 |
- } |
3664 |
- |
3665 |
-@@ -198,12 +202,11 @@ static int __devinit ali1535_setup(struct pci_dev *dev) |
3666 |
- dev_dbg(&dev->dev, "SMBREV = 0x%X\n", temp); |
3667 |
- dev_dbg(&dev->dev, "ALI1535_smba = 0x%X\n", ali1535_smba); |
3668 |
- |
3669 |
-- retval = 0; |
3670 |
--exit: |
3671 |
-- return retval; |
3672 |
-+ return 0; |
3673 |
- |
3674 |
- exit_free: |
3675 |
- release_region(ali1535_smba, ALI1535_SMB_IOSIZE); |
3676 |
-+exit: |
3677 |
- return retval; |
3678 |
- } |
3679 |
- |
3680 |
-diff --git a/drivers/i2c/busses/i2c-eg20t.c b/drivers/i2c/busses/i2c-eg20t.c |
3681 |
-index 18936ac..730215e 100644 |
3682 |
---- a/drivers/i2c/busses/i2c-eg20t.c |
3683 |
-+++ b/drivers/i2c/busses/i2c-eg20t.c |
3684 |
-@@ -243,7 +243,7 @@ static void pch_i2c_init(struct i2c_algo_pch_data *adap) |
3685 |
- if (pch_clk > PCH_MAX_CLK) |
3686 |
- pch_clk = 62500; |
3687 |
- |
3688 |
-- pch_i2cbc = (pch_clk + (pch_i2c_speed * 4)) / pch_i2c_speed * 8; |
3689 |
-+ pch_i2cbc = (pch_clk + (pch_i2c_speed * 4)) / (pch_i2c_speed * 8); |
3690 |
- /* Set transfer speed in I2CBC */ |
3691 |
- iowrite32(pch_i2cbc, p + PCH_I2CBC); |
3692 |
- |
3693 |
-diff --git a/drivers/i2c/busses/i2c-nforce2.c b/drivers/i2c/busses/i2c-nforce2.c |
3694 |
-index ff1e127..4853b52 100644 |
3695 |
---- a/drivers/i2c/busses/i2c-nforce2.c |
3696 |
-+++ b/drivers/i2c/busses/i2c-nforce2.c |
3697 |
-@@ -356,7 +356,7 @@ static int __devinit nforce2_probe_smb (struct pci_dev *dev, int bar, |
3698 |
- error = acpi_check_region(smbus->base, smbus->size, |
3699 |
- nforce2_driver.name); |
3700 |
- if (error) |
3701 |
-- return -1; |
3702 |
-+ return error; |
3703 |
- |
3704 |
- if (!request_region(smbus->base, smbus->size, nforce2_driver.name)) { |
3705 |
- dev_err(&smbus->adapter.dev, "Error requesting region %02x .. %02X for %s\n", |
3706 |
-diff --git a/drivers/i2c/busses/i2c-omap.c b/drivers/i2c/busses/i2c-omap.c |
3707 |
-index fa23faa..257c1a5 100644 |
3708 |
---- a/drivers/i2c/busses/i2c-omap.c |
3709 |
-+++ b/drivers/i2c/busses/i2c-omap.c |
3710 |
-@@ -235,7 +235,7 @@ static const u8 reg_map_ip_v2[] = { |
3711 |
- [OMAP_I2C_BUF_REG] = 0x94, |
3712 |
- [OMAP_I2C_CNT_REG] = 0x98, |
3713 |
- [OMAP_I2C_DATA_REG] = 0x9c, |
3714 |
-- [OMAP_I2C_SYSC_REG] = 0x20, |
3715 |
-+ [OMAP_I2C_SYSC_REG] = 0x10, |
3716 |
- [OMAP_I2C_CON_REG] = 0xa4, |
3717 |
- [OMAP_I2C_OA_REG] = 0xa8, |
3718 |
- [OMAP_I2C_SA_REG] = 0xac, |
3719 |
-diff --git a/drivers/i2c/busses/i2c-sis5595.c b/drivers/i2c/busses/i2c-sis5595.c |
3720 |
-index 4375866..6d60284 100644 |
3721 |
---- a/drivers/i2c/busses/i2c-sis5595.c |
3722 |
-+++ b/drivers/i2c/busses/i2c-sis5595.c |
3723 |
-@@ -147,7 +147,7 @@ static int __devinit sis5595_setup(struct pci_dev *SIS5595_dev) |
3724 |
- u16 a; |
3725 |
- u8 val; |
3726 |
- int *i; |
3727 |
-- int retval = -ENODEV; |
3728 |
-+ int retval; |
3729 |
- |
3730 |
- /* Look for imposters */ |
3731 |
- for (i = blacklist; *i != 0; i++) { |
3732 |
-@@ -223,7 +223,7 @@ static int __devinit sis5595_setup(struct pci_dev *SIS5595_dev) |
3733 |
- |
3734 |
- error: |
3735 |
- release_region(sis5595_base + SMB_INDEX, 2); |
3736 |
-- return retval; |
3737 |
-+ return -ENODEV; |
3738 |
- } |
3739 |
- |
3740 |
- static int sis5595_transaction(struct i2c_adapter *adap) |
3741 |
-diff --git a/drivers/i2c/busses/i2c-sis630.c b/drivers/i2c/busses/i2c-sis630.c |
3742 |
-index e6f539e..b617fd0 100644 |
3743 |
---- a/drivers/i2c/busses/i2c-sis630.c |
3744 |
-+++ b/drivers/i2c/busses/i2c-sis630.c |
3745 |
-@@ -393,7 +393,7 @@ static int __devinit sis630_setup(struct pci_dev *sis630_dev) |
3746 |
- { |
3747 |
- unsigned char b; |
3748 |
- struct pci_dev *dummy = NULL; |
3749 |
-- int retval = -ENODEV, i; |
3750 |
-+ int retval, i; |
3751 |
- |
3752 |
- /* check for supported SiS devices */ |
3753 |
- for (i=0; supported[i] > 0 ; i++) { |
3754 |
-@@ -418,18 +418,21 @@ static int __devinit sis630_setup(struct pci_dev *sis630_dev) |
3755 |
- */ |
3756 |
- if (pci_read_config_byte(sis630_dev, SIS630_BIOS_CTL_REG,&b)) { |
3757 |
- dev_err(&sis630_dev->dev, "Error: Can't read bios ctl reg\n"); |
3758 |
-+ retval = -ENODEV; |
3759 |
- goto exit; |
3760 |
- } |
3761 |
- /* if ACPI already enabled , do nothing */ |
3762 |
- if (!(b & 0x80) && |
3763 |
- pci_write_config_byte(sis630_dev, SIS630_BIOS_CTL_REG, b | 0x80)) { |
3764 |
- dev_err(&sis630_dev->dev, "Error: Can't enable ACPI\n"); |
3765 |
-+ retval = -ENODEV; |
3766 |
- goto exit; |
3767 |
- } |
3768 |
- |
3769 |
- /* Determine the ACPI base address */ |
3770 |
- if (pci_read_config_word(sis630_dev,SIS630_ACPI_BASE_REG,&acpi_base)) { |
3771 |
- dev_err(&sis630_dev->dev, "Error: Can't determine ACPI base address\n"); |
3772 |
-+ retval = -ENODEV; |
3773 |
- goto exit; |
3774 |
- } |
3775 |
- |
3776 |
-@@ -445,6 +448,7 @@ static int __devinit sis630_setup(struct pci_dev *sis630_dev) |
3777 |
- sis630_driver.name)) { |
3778 |
- dev_err(&sis630_dev->dev, "SMBus registers 0x%04x-0x%04x already " |
3779 |
- "in use!\n", acpi_base + SMB_STS, acpi_base + SMB_SAA); |
3780 |
-+ retval = -EBUSY; |
3781 |
- goto exit; |
3782 |
- } |
3783 |
- |
3784 |
-diff --git a/drivers/i2c/busses/i2c-viapro.c b/drivers/i2c/busses/i2c-viapro.c |
3785 |
-index 0b012f1..58261d4 100644 |
3786 |
---- a/drivers/i2c/busses/i2c-viapro.c |
3787 |
-+++ b/drivers/i2c/busses/i2c-viapro.c |
3788 |
-@@ -324,7 +324,7 @@ static int __devinit vt596_probe(struct pci_dev *pdev, |
3789 |
- const struct pci_device_id *id) |
3790 |
- { |
3791 |
- unsigned char temp; |
3792 |
-- int error = -ENODEV; |
3793 |
-+ int error; |
3794 |
- |
3795 |
- /* Determine the address of the SMBus areas */ |
3796 |
- if (force_addr) { |
3797 |
-@@ -390,6 +390,7 @@ found: |
3798 |
- dev_err(&pdev->dev, "SMBUS: Error: Host SMBus " |
3799 |
- "controller not enabled! - upgrade BIOS or " |
3800 |
- "use force=1\n"); |
3801 |
-+ error = -ENODEV; |
3802 |
- goto release_region; |
3803 |
- } |
3804 |
- } |
3805 |
-@@ -422,9 +423,11 @@ found: |
3806 |
- "SMBus Via Pro adapter at %04x", vt596_smba); |
3807 |
- |
3808 |
- vt596_pdev = pci_dev_get(pdev); |
3809 |
-- if (i2c_add_adapter(&vt596_adapter)) { |
3810 |
-+ error = i2c_add_adapter(&vt596_adapter); |
3811 |
-+ if (error) { |
3812 |
- pci_dev_put(vt596_pdev); |
3813 |
- vt596_pdev = NULL; |
3814 |
-+ goto release_region; |
3815 |
- } |
3816 |
- |
3817 |
- /* Always return failure here. This is to allow other drivers to bind |
3818 |
-diff --git a/drivers/ide/ide-floppy_ioctl.c b/drivers/ide/ide-floppy_ioctl.c |
3819 |
-index d267b7a..a22ca84 100644 |
3820 |
---- a/drivers/ide/ide-floppy_ioctl.c |
3821 |
-+++ b/drivers/ide/ide-floppy_ioctl.c |
3822 |
-@@ -292,8 +292,7 @@ int ide_floppy_ioctl(ide_drive_t *drive, struct block_device *bdev, |
3823 |
- * and CDROM_SEND_PACKET (legacy) ioctls |
3824 |
- */ |
3825 |
- if (cmd != CDROM_SEND_PACKET && cmd != SCSI_IOCTL_SEND_COMMAND) |
3826 |
-- err = scsi_cmd_ioctl(bdev->bd_disk->queue, bdev->bd_disk, |
3827 |
-- mode, cmd, argp); |
3828 |
-+ err = scsi_cmd_blk_ioctl(bdev, mode, cmd, argp); |
3829 |
- |
3830 |
- if (err == -ENOTTY) |
3831 |
- err = generic_ide_ioctl(drive, bdev, cmd, arg); |
3832 |
-diff --git a/drivers/idle/intel_idle.c b/drivers/idle/intel_idle.c |
3833 |
-index 5d2f8e1..5b39216 100644 |
3834 |
---- a/drivers/idle/intel_idle.c |
3835 |
-+++ b/drivers/idle/intel_idle.c |
3836 |
-@@ -348,7 +348,8 @@ static int intel_idle_probe(void) |
3837 |
- cpuid(CPUID_MWAIT_LEAF, &eax, &ebx, &ecx, &mwait_substates); |
3838 |
- |
3839 |
- if (!(ecx & CPUID5_ECX_EXTENSIONS_SUPPORTED) || |
3840 |
-- !(ecx & CPUID5_ECX_INTERRUPT_BREAK)) |
3841 |
-+ !(ecx & CPUID5_ECX_INTERRUPT_BREAK) || |
3842 |
-+ !mwait_substates) |
3843 |
- return -ENODEV; |
3844 |
- |
3845 |
- pr_debug(PREFIX "MWAIT substates: 0x%x\n", mwait_substates); |
3846 |
-@@ -394,7 +395,7 @@ static int intel_idle_probe(void) |
3847 |
- if (boot_cpu_has(X86_FEATURE_ARAT)) /* Always Reliable APIC Timer */ |
3848 |
- lapic_timer_reliable_states = LAPIC_TIMER_ALWAYS_RELIABLE; |
3849 |
- else { |
3850 |
-- smp_call_function(__setup_broadcast_timer, (void *)true, 1); |
3851 |
-+ on_each_cpu(__setup_broadcast_timer, (void *)true, 1); |
3852 |
- register_cpu_notifier(&setup_broadcast_notifier); |
3853 |
- } |
3854 |
- |
3855 |
-@@ -471,7 +472,7 @@ static int intel_idle_cpuidle_driver_init(void) |
3856 |
- } |
3857 |
- |
3858 |
- if (auto_demotion_disable_flags) |
3859 |
-- smp_call_function(auto_demotion_disable, NULL, 1); |
3860 |
-+ on_each_cpu(auto_demotion_disable, NULL, 1); |
3861 |
- |
3862 |
- return 0; |
3863 |
- } |
3864 |
-@@ -568,7 +569,7 @@ static void __exit intel_idle_exit(void) |
3865 |
- cpuidle_unregister_driver(&intel_idle_driver); |
3866 |
- |
3867 |
- if (lapic_timer_reliable_states != LAPIC_TIMER_ALWAYS_RELIABLE) { |
3868 |
-- smp_call_function(__setup_broadcast_timer, (void *)false, 1); |
3869 |
-+ on_each_cpu(__setup_broadcast_timer, (void *)false, 1); |
3870 |
- unregister_cpu_notifier(&setup_broadcast_notifier); |
3871 |
- } |
3872 |
- |
3873 |
-diff --git a/drivers/md/dm-flakey.c b/drivers/md/dm-flakey.c |
3874 |
-index f84c080..9fb18c1 100644 |
3875 |
---- a/drivers/md/dm-flakey.c |
3876 |
-+++ b/drivers/md/dm-flakey.c |
3877 |
-@@ -368,8 +368,17 @@ static int flakey_status(struct dm_target *ti, status_type_t type, |
3878 |
- static int flakey_ioctl(struct dm_target *ti, unsigned int cmd, unsigned long arg) |
3879 |
- { |
3880 |
- struct flakey_c *fc = ti->private; |
3881 |
-+ struct dm_dev *dev = fc->dev; |
3882 |
-+ int r = 0; |
3883 |
- |
3884 |
-- return __blkdev_driver_ioctl(fc->dev->bdev, fc->dev->mode, cmd, arg); |
3885 |
-+ /* |
3886 |
-+ * Only pass ioctls through if the device sizes match exactly. |
3887 |
-+ */ |
3888 |
-+ if (fc->start || |
3889 |
-+ ti->len != i_size_read(dev->bdev->bd_inode) >> SECTOR_SHIFT) |
3890 |
-+ r = scsi_verify_blk_ioctl(NULL, cmd); |
3891 |
-+ |
3892 |
-+ return r ? : __blkdev_driver_ioctl(dev->bdev, dev->mode, cmd, arg); |
3893 |
- } |
3894 |
- |
3895 |
- static int flakey_merge(struct dm_target *ti, struct bvec_merge_data *bvm, |
3896 |
-diff --git a/drivers/md/dm-linear.c b/drivers/md/dm-linear.c |
3897 |
-index 3921e3b..9728839 100644 |
3898 |
---- a/drivers/md/dm-linear.c |
3899 |
-+++ b/drivers/md/dm-linear.c |
3900 |
-@@ -116,7 +116,17 @@ static int linear_ioctl(struct dm_target *ti, unsigned int cmd, |
3901 |
- unsigned long arg) |
3902 |
- { |
3903 |
- struct linear_c *lc = (struct linear_c *) ti->private; |
3904 |
-- return __blkdev_driver_ioctl(lc->dev->bdev, lc->dev->mode, cmd, arg); |
3905 |
-+ struct dm_dev *dev = lc->dev; |
3906 |
-+ int r = 0; |
3907 |
-+ |
3908 |
-+ /* |
3909 |
-+ * Only pass ioctls through if the device sizes match exactly. |
3910 |
-+ */ |
3911 |
-+ if (lc->start || |
3912 |
-+ ti->len != i_size_read(dev->bdev->bd_inode) >> SECTOR_SHIFT) |
3913 |
-+ r = scsi_verify_blk_ioctl(NULL, cmd); |
3914 |
-+ |
3915 |
-+ return r ? : __blkdev_driver_ioctl(dev->bdev, dev->mode, cmd, arg); |
3916 |
- } |
3917 |
- |
3918 |
- static int linear_merge(struct dm_target *ti, struct bvec_merge_data *bvm, |
3919 |
-diff --git a/drivers/md/dm-mpath.c b/drivers/md/dm-mpath.c |
3920 |
-index 5e0090e..801d92d 100644 |
3921 |
---- a/drivers/md/dm-mpath.c |
3922 |
-+++ b/drivers/md/dm-mpath.c |
3923 |
-@@ -1520,6 +1520,12 @@ static int multipath_ioctl(struct dm_target *ti, unsigned int cmd, |
3924 |
- |
3925 |
- spin_unlock_irqrestore(&m->lock, flags); |
3926 |
- |
3927 |
-+ /* |
3928 |
-+ * Only pass ioctls through if the device sizes match exactly. |
3929 |
-+ */ |
3930 |
-+ if (!r && ti->len != i_size_read(bdev->bd_inode) >> SECTOR_SHIFT) |
3931 |
-+ r = scsi_verify_blk_ioctl(NULL, cmd); |
3932 |
-+ |
3933 |
- return r ? : __blkdev_driver_ioctl(bdev, mode, cmd, arg); |
3934 |
- } |
3935 |
- |
3936 |
-diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c |
3937 |
-index ede2461..7d9e071 100644 |
3938 |
---- a/drivers/md/raid1.c |
3939 |
-+++ b/drivers/md/raid1.c |
3940 |
-@@ -525,8 +525,17 @@ static int read_balance(struct r1conf *conf, struct r1bio *r1_bio, int *max_sect |
3941 |
- if (test_bit(WriteMostly, &rdev->flags)) { |
3942 |
- /* Don't balance among write-mostly, just |
3943 |
- * use the first as a last resort */ |
3944 |
-- if (best_disk < 0) |
3945 |
-+ if (best_disk < 0) { |
3946 |
-+ if (is_badblock(rdev, this_sector, sectors, |
3947 |
-+ &first_bad, &bad_sectors)) { |
3948 |
-+ if (first_bad < this_sector) |
3949 |
-+ /* Cannot use this */ |
3950 |
-+ continue; |
3951 |
-+ best_good_sectors = first_bad - this_sector; |
3952 |
-+ } else |
3953 |
-+ best_good_sectors = sectors; |
3954 |
- best_disk = disk; |
3955 |
-+ } |
3956 |
- continue; |
3957 |
- } |
3958 |
- /* This is a reasonable device to use. It might |
3959 |
-diff --git a/drivers/media/video/cx23885/cx23885-dvb.c b/drivers/media/video/cx23885/cx23885-dvb.c |
3960 |
-index bcb45be..f0482b2 100644 |
3961 |
---- a/drivers/media/video/cx23885/cx23885-dvb.c |
3962 |
-+++ b/drivers/media/video/cx23885/cx23885-dvb.c |
3963 |
-@@ -940,6 +940,11 @@ static int dvb_register(struct cx23885_tsport *port) |
3964 |
- |
3965 |
- fe = dvb_attach(xc4000_attach, fe0->dvb.frontend, |
3966 |
- &dev->i2c_bus[1].i2c_adap, &cfg); |
3967 |
-+ if (!fe) { |
3968 |
-+ printk(KERN_ERR "%s/2: xc4000 attach failed\n", |
3969 |
-+ dev->name); |
3970 |
-+ goto frontend_detach; |
3971 |
-+ } |
3972 |
- } |
3973 |
- break; |
3974 |
- case CX23885_BOARD_TBS_6920: |
3975 |
-diff --git a/drivers/media/video/cx88/cx88-cards.c b/drivers/media/video/cx88/cx88-cards.c |
3976 |
-index 0d719fa..3929d93 100644 |
3977 |
---- a/drivers/media/video/cx88/cx88-cards.c |
3978 |
-+++ b/drivers/media/video/cx88/cx88-cards.c |
3979 |
-@@ -1573,8 +1573,8 @@ static const struct cx88_board cx88_boards[] = { |
3980 |
- .name = "Pinnacle Hybrid PCTV", |
3981 |
- .tuner_type = TUNER_XC2028, |
3982 |
- .tuner_addr = 0x61, |
3983 |
-- .radio_type = TUNER_XC2028, |
3984 |
-- .radio_addr = 0x61, |
3985 |
-+ .radio_type = UNSET, |
3986 |
-+ .radio_addr = ADDR_UNSET, |
3987 |
- .input = { { |
3988 |
- .type = CX88_VMUX_TELEVISION, |
3989 |
- .vmux = 0, |
3990 |
-@@ -1611,8 +1611,8 @@ static const struct cx88_board cx88_boards[] = { |
3991 |
- .name = "Leadtek TV2000 XP Global", |
3992 |
- .tuner_type = TUNER_XC2028, |
3993 |
- .tuner_addr = 0x61, |
3994 |
-- .radio_type = TUNER_XC2028, |
3995 |
-- .radio_addr = 0x61, |
3996 |
-+ .radio_type = UNSET, |
3997 |
-+ .radio_addr = ADDR_UNSET, |
3998 |
- .input = { { |
3999 |
- .type = CX88_VMUX_TELEVISION, |
4000 |
- .vmux = 0, |
4001 |
-@@ -2043,8 +2043,8 @@ static const struct cx88_board cx88_boards[] = { |
4002 |
- .name = "Terratec Cinergy HT PCI MKII", |
4003 |
- .tuner_type = TUNER_XC2028, |
4004 |
- .tuner_addr = 0x61, |
4005 |
-- .radio_type = TUNER_XC2028, |
4006 |
-- .radio_addr = 0x61, |
4007 |
-+ .radio_type = UNSET, |
4008 |
-+ .radio_addr = ADDR_UNSET, |
4009 |
- .input = { { |
4010 |
- .type = CX88_VMUX_TELEVISION, |
4011 |
- .vmux = 0, |
4012 |
-@@ -2082,9 +2082,9 @@ static const struct cx88_board cx88_boards[] = { |
4013 |
- [CX88_BOARD_WINFAST_DTV1800H] = { |
4014 |
- .name = "Leadtek WinFast DTV1800 Hybrid", |
4015 |
- .tuner_type = TUNER_XC2028, |
4016 |
-- .radio_type = TUNER_XC2028, |
4017 |
-+ .radio_type = UNSET, |
4018 |
- .tuner_addr = 0x61, |
4019 |
-- .radio_addr = 0x61, |
4020 |
-+ .radio_addr = ADDR_UNSET, |
4021 |
- /* |
4022 |
- * GPIO setting |
4023 |
- * |
4024 |
-@@ -2123,9 +2123,9 @@ static const struct cx88_board cx88_boards[] = { |
4025 |
- [CX88_BOARD_WINFAST_DTV1800H_XC4000] = { |
4026 |
- .name = "Leadtek WinFast DTV1800 H (XC4000)", |
4027 |
- .tuner_type = TUNER_XC4000, |
4028 |
-- .radio_type = TUNER_XC4000, |
4029 |
-+ .radio_type = UNSET, |
4030 |
- .tuner_addr = 0x61, |
4031 |
-- .radio_addr = 0x61, |
4032 |
-+ .radio_addr = ADDR_UNSET, |
4033 |
- /* |
4034 |
- * GPIO setting |
4035 |
- * |
4036 |
-@@ -2164,9 +2164,9 @@ static const struct cx88_board cx88_boards[] = { |
4037 |
- [CX88_BOARD_WINFAST_DTV2000H_PLUS] = { |
4038 |
- .name = "Leadtek WinFast DTV2000 H PLUS", |
4039 |
- .tuner_type = TUNER_XC4000, |
4040 |
-- .radio_type = TUNER_XC4000, |
4041 |
-+ .radio_type = UNSET, |
4042 |
- .tuner_addr = 0x61, |
4043 |
-- .radio_addr = 0x61, |
4044 |
-+ .radio_addr = ADDR_UNSET, |
4045 |
- /* |
4046 |
- * GPIO |
4047 |
- * 2: 1: mute audio |
4048 |
-diff --git a/drivers/media/video/uvc/uvc_v4l2.c b/drivers/media/video/uvc/uvc_v4l2.c |
4049 |
-index dadf11f..cf7788f 100644 |
4050 |
---- a/drivers/media/video/uvc/uvc_v4l2.c |
4051 |
-+++ b/drivers/media/video/uvc/uvc_v4l2.c |
4052 |
-@@ -58,6 +58,15 @@ static int uvc_ioctl_ctrl_map(struct uvc_video_chain *chain, |
4053 |
- break; |
4054 |
- |
4055 |
- case V4L2_CTRL_TYPE_MENU: |
4056 |
-+ /* Prevent excessive memory consumption, as well as integer |
4057 |
-+ * overflows. |
4058 |
-+ */ |
4059 |
-+ if (xmap->menu_count == 0 || |
4060 |
-+ xmap->menu_count > UVC_MAX_CONTROL_MENU_ENTRIES) { |
4061 |
-+ ret = -EINVAL; |
4062 |
-+ goto done; |
4063 |
-+ } |
4064 |
-+ |
4065 |
- size = xmap->menu_count * sizeof(*map->menu_info); |
4066 |
- map->menu_info = kmalloc(size, GFP_KERNEL); |
4067 |
- if (map->menu_info == NULL) { |
4068 |
-diff --git a/drivers/media/video/uvc/uvcvideo.h b/drivers/media/video/uvc/uvcvideo.h |
4069 |
-index 4c1392e..bc446ba 100644 |
4070 |
---- a/drivers/media/video/uvc/uvcvideo.h |
4071 |
-+++ b/drivers/media/video/uvc/uvcvideo.h |
4072 |
-@@ -113,6 +113,7 @@ |
4073 |
- |
4074 |
- /* Maximum allowed number of control mappings per device */ |
4075 |
- #define UVC_MAX_CONTROL_MAPPINGS 1024 |
4076 |
-+#define UVC_MAX_CONTROL_MENU_ENTRIES 32 |
4077 |
- |
4078 |
- /* Devices quirks */ |
4079 |
- #define UVC_QUIRK_STATUS_INTERVAL 0x00000001 |
4080 |
-diff --git a/drivers/media/video/v4l2-ioctl.c b/drivers/media/video/v4l2-ioctl.c |
4081 |
-index e1da8fc..639abee 100644 |
4082 |
---- a/drivers/media/video/v4l2-ioctl.c |
4083 |
-+++ b/drivers/media/video/v4l2-ioctl.c |
4084 |
-@@ -2226,6 +2226,10 @@ static int check_array_args(unsigned int cmd, void *parg, size_t *array_size, |
4085 |
- struct v4l2_ext_controls *ctrls = parg; |
4086 |
- |
4087 |
- if (ctrls->count != 0) { |
4088 |
-+ if (ctrls->count > V4L2_CID_MAX_CTRLS) { |
4089 |
-+ ret = -EINVAL; |
4090 |
-+ break; |
4091 |
-+ } |
4092 |
- *user_ptr = (void __user *)ctrls->controls; |
4093 |
- *kernel_ptr = (void *)&ctrls->controls; |
4094 |
- *array_size = sizeof(struct v4l2_ext_control) |
4095 |
-diff --git a/drivers/mmc/core/mmc.c b/drivers/mmc/core/mmc.c |
4096 |
-index d240427..fb7c27f 100644 |
4097 |
---- a/drivers/mmc/core/mmc.c |
4098 |
-+++ b/drivers/mmc/core/mmc.c |
4099 |
-@@ -1048,7 +1048,7 @@ static int mmc_init_card(struct mmc_host *host, u32 ocr, |
4100 |
- * |
4101 |
- * WARNING: eMMC rules are NOT the same as SD DDR |
4102 |
- */ |
4103 |
-- if (ddr == EXT_CSD_CARD_TYPE_DDR_1_2V) { |
4104 |
-+ if (ddr == MMC_1_2V_DDR_MODE) { |
4105 |
- err = mmc_set_signal_voltage(host, |
4106 |
- MMC_SIGNAL_VOLTAGE_120, 0); |
4107 |
- if (err) |
4108 |
-diff --git a/drivers/mmc/host/sdhci.c b/drivers/mmc/host/sdhci.c |
4109 |
-index 19ed580..6ce32a7 100644 |
4110 |
---- a/drivers/mmc/host/sdhci.c |
4111 |
-+++ b/drivers/mmc/host/sdhci.c |
4112 |
-@@ -1364,8 +1364,7 @@ static void sdhci_do_set_ios(struct sdhci_host *host, struct mmc_ios *ios) |
4113 |
- if ((ios->timing == MMC_TIMING_UHS_SDR50) || |
4114 |
- (ios->timing == MMC_TIMING_UHS_SDR104) || |
4115 |
- (ios->timing == MMC_TIMING_UHS_DDR50) || |
4116 |
-- (ios->timing == MMC_TIMING_UHS_SDR25) || |
4117 |
-- (ios->timing == MMC_TIMING_UHS_SDR12)) |
4118 |
-+ (ios->timing == MMC_TIMING_UHS_SDR25)) |
4119 |
- ctrl |= SDHCI_CTRL_HISPD; |
4120 |
- |
4121 |
- ctrl_2 = sdhci_readw(host, SDHCI_HOST_CONTROL2); |
4122 |
-@@ -2336,9 +2335,8 @@ int sdhci_suspend_host(struct sdhci_host *host) |
4123 |
- /* Disable tuning since we are suspending */ |
4124 |
- if (host->version >= SDHCI_SPEC_300 && host->tuning_count && |
4125 |
- host->tuning_mode == SDHCI_TUNING_MODE_1) { |
4126 |
-+ del_timer_sync(&host->tuning_timer); |
4127 |
- host->flags &= ~SDHCI_NEEDS_RETUNING; |
4128 |
-- mod_timer(&host->tuning_timer, jiffies + |
4129 |
-- host->tuning_count * HZ); |
4130 |
- } |
4131 |
- |
4132 |
- ret = mmc_suspend_host(host->mmc); |
4133 |
-diff --git a/drivers/mtd/mtd_blkdevs.c b/drivers/mtd/mtd_blkdevs.c |
4134 |
-index ed8b5e7..424ca5f 100644 |
4135 |
---- a/drivers/mtd/mtd_blkdevs.c |
4136 |
-+++ b/drivers/mtd/mtd_blkdevs.c |
4137 |
-@@ -215,7 +215,7 @@ static int blktrans_open(struct block_device *bdev, fmode_t mode) |
4138 |
- |
4139 |
- mutex_lock(&dev->lock); |
4140 |
- |
4141 |
-- if (dev->open++) |
4142 |
-+ if (dev->open) |
4143 |
- goto unlock; |
4144 |
- |
4145 |
- kref_get(&dev->ref); |
4146 |
-@@ -235,6 +235,7 @@ static int blktrans_open(struct block_device *bdev, fmode_t mode) |
4147 |
- goto error_release; |
4148 |
- |
4149 |
- unlock: |
4150 |
-+ dev->open++; |
4151 |
- mutex_unlock(&dev->lock); |
4152 |
- blktrans_dev_put(dev); |
4153 |
- return ret; |
4154 |
-diff --git a/drivers/mtd/mtdoops.c b/drivers/mtd/mtdoops.c |
4155 |
-index 1e2fa62..f3cdce9 100644 |
4156 |
---- a/drivers/mtd/mtdoops.c |
4157 |
-+++ b/drivers/mtd/mtdoops.c |
4158 |
-@@ -253,6 +253,9 @@ static void find_next_position(struct mtdoops_context *cxt) |
4159 |
- size_t retlen; |
4160 |
- |
4161 |
- for (page = 0; page < cxt->oops_pages; page++) { |
4162 |
-+ if (mtd->block_isbad && |
4163 |
-+ mtd->block_isbad(mtd, page * record_size)) |
4164 |
-+ continue; |
4165 |
- /* Assume the page is used */ |
4166 |
- mark_page_used(cxt, page); |
4167 |
- ret = mtd->read(mtd, page * record_size, MTDOOPS_HEADER_SIZE, |
4168 |
-@@ -369,7 +372,7 @@ static void mtdoops_notify_add(struct mtd_info *mtd) |
4169 |
- |
4170 |
- /* oops_page_used is a bit field */ |
4171 |
- cxt->oops_page_used = vmalloc(DIV_ROUND_UP(mtdoops_pages, |
4172 |
-- BITS_PER_LONG)); |
4173 |
-+ BITS_PER_LONG) * sizeof(unsigned long)); |
4174 |
- if (!cxt->oops_page_used) { |
4175 |
- printk(KERN_ERR "mtdoops: could not allocate page array\n"); |
4176 |
- return; |
4177 |
-diff --git a/drivers/mtd/tests/mtd_stresstest.c b/drivers/mtd/tests/mtd_stresstest.c |
4178 |
-index 52ffd91..811642f 100644 |
4179 |
---- a/drivers/mtd/tests/mtd_stresstest.c |
4180 |
-+++ b/drivers/mtd/tests/mtd_stresstest.c |
4181 |
-@@ -284,6 +284,12 @@ static int __init mtd_stresstest_init(void) |
4182 |
- (unsigned long long)mtd->size, mtd->erasesize, |
4183 |
- pgsize, ebcnt, pgcnt, mtd->oobsize); |
4184 |
- |
4185 |
-+ if (ebcnt < 2) { |
4186 |
-+ printk(PRINT_PREF "error: need at least 2 eraseblocks\n"); |
4187 |
-+ err = -ENOSPC; |
4188 |
-+ goto out_put_mtd; |
4189 |
-+ } |
4190 |
-+ |
4191 |
- /* Read or write up 2 eraseblocks at a time */ |
4192 |
- bufsize = mtd->erasesize * 2; |
4193 |
- |
4194 |
-@@ -322,6 +328,7 @@ out: |
4195 |
- kfree(bbt); |
4196 |
- vfree(writebuf); |
4197 |
- vfree(readbuf); |
4198 |
-+out_put_mtd: |
4199 |
- put_mtd_device(mtd); |
4200 |
- if (err) |
4201 |
- printk(PRINT_PREF "error %d occurred\n", err); |
4202 |
-diff --git a/drivers/mtd/ubi/cdev.c b/drivers/mtd/ubi/cdev.c |
4203 |
-index 3320a50..ad76592 100644 |
4204 |
---- a/drivers/mtd/ubi/cdev.c |
4205 |
-+++ b/drivers/mtd/ubi/cdev.c |
4206 |
-@@ -632,6 +632,9 @@ static int verify_mkvol_req(const struct ubi_device *ubi, |
4207 |
- if (req->alignment != 1 && n) |
4208 |
- goto bad; |
4209 |
- |
4210 |
-+ if (!req->name[0] || !req->name_len) |
4211 |
-+ goto bad; |
4212 |
-+ |
4213 |
- if (req->name_len > UBI_VOL_NAME_MAX) { |
4214 |
- err = -ENAMETOOLONG; |
4215 |
- goto bad; |
4216 |
-diff --git a/drivers/mtd/ubi/debug.h b/drivers/mtd/ubi/debug.h |
4217 |
-index 64fbb00..ead2cd1 100644 |
4218 |
---- a/drivers/mtd/ubi/debug.h |
4219 |
-+++ b/drivers/mtd/ubi/debug.h |
4220 |
-@@ -43,7 +43,10 @@ |
4221 |
- pr_debug("UBI DBG " type ": " fmt "\n", ##__VA_ARGS__) |
4222 |
- |
4223 |
- /* Just a debugging messages not related to any specific UBI subsystem */ |
4224 |
--#define dbg_msg(fmt, ...) ubi_dbg_msg("msg", fmt, ##__VA_ARGS__) |
4225 |
-+#define dbg_msg(fmt, ...) \ |
4226 |
-+ printk(KERN_DEBUG "UBI DBG (pid %d): %s: " fmt "\n", \ |
4227 |
-+ current->pid, __func__, ##__VA_ARGS__) |
4228 |
-+ |
4229 |
- /* General debugging messages */ |
4230 |
- #define dbg_gen(fmt, ...) ubi_dbg_msg("gen", fmt, ##__VA_ARGS__) |
4231 |
- /* Messages from the eraseblock association sub-system */ |
4232 |
-diff --git a/drivers/mtd/ubi/eba.c b/drivers/mtd/ubi/eba.c |
4233 |
-index fb7f19b..cd26da8 100644 |
4234 |
---- a/drivers/mtd/ubi/eba.c |
4235 |
-+++ b/drivers/mtd/ubi/eba.c |
4236 |
-@@ -1028,12 +1028,14 @@ int ubi_eba_copy_leb(struct ubi_device *ubi, int from, int to, |
4237 |
- * 'ubi_wl_put_peb()' function on the @ubi->move_mutex. In turn, we are |
4238 |
- * holding @ubi->move_mutex and go sleep on the LEB lock. So, if the |
4239 |
- * LEB is already locked, we just do not move it and return |
4240 |
-- * %MOVE_CANCEL_RACE, which means that UBI will re-try, but later. |
4241 |
-+ * %MOVE_RETRY. Note, we do not return %MOVE_CANCEL_RACE here because |
4242 |
-+ * we do not know the reasons of the contention - it may be just a |
4243 |
-+ * normal I/O on this LEB, so we want to re-try. |
4244 |
- */ |
4245 |
- err = leb_write_trylock(ubi, vol_id, lnum); |
4246 |
- if (err) { |
4247 |
- dbg_wl("contention on LEB %d:%d, cancel", vol_id, lnum); |
4248 |
-- return MOVE_CANCEL_RACE; |
4249 |
-+ return MOVE_RETRY; |
4250 |
- } |
4251 |
- |
4252 |
- /* |
4253 |
-diff --git a/drivers/mtd/ubi/ubi.h b/drivers/mtd/ubi/ubi.h |
4254 |
-index dc64c76..d51d75d 100644 |
4255 |
---- a/drivers/mtd/ubi/ubi.h |
4256 |
-+++ b/drivers/mtd/ubi/ubi.h |
4257 |
-@@ -120,6 +120,7 @@ enum { |
4258 |
- * PEB |
4259 |
- * MOVE_CANCEL_BITFLIPS: canceled because a bit-flip was detected in the |
4260 |
- * target PEB |
4261 |
-+ * MOVE_RETRY: retry scrubbing the PEB |
4262 |
- */ |
4263 |
- enum { |
4264 |
- MOVE_CANCEL_RACE = 1, |
4265 |
-@@ -127,6 +128,7 @@ enum { |
4266 |
- MOVE_TARGET_RD_ERR, |
4267 |
- MOVE_TARGET_WR_ERR, |
4268 |
- MOVE_CANCEL_BITFLIPS, |
4269 |
-+ MOVE_RETRY, |
4270 |
- }; |
4271 |
- |
4272 |
- /** |
4273 |
-diff --git a/drivers/mtd/ubi/vtbl.c b/drivers/mtd/ubi/vtbl.c |
4274 |
-index 9ad18da..890754c 100644 |
4275 |
---- a/drivers/mtd/ubi/vtbl.c |
4276 |
-+++ b/drivers/mtd/ubi/vtbl.c |
4277 |
-@@ -306,7 +306,7 @@ static int create_vtbl(struct ubi_device *ubi, struct ubi_scan_info *si, |
4278 |
- int copy, void *vtbl) |
4279 |
- { |
4280 |
- int err, tries = 0; |
4281 |
-- static struct ubi_vid_hdr *vid_hdr; |
4282 |
-+ struct ubi_vid_hdr *vid_hdr; |
4283 |
- struct ubi_scan_leb *new_seb; |
4284 |
- |
4285 |
- ubi_msg("create volume table (copy #%d)", copy + 1); |
4286 |
-diff --git a/drivers/mtd/ubi/wl.c b/drivers/mtd/ubi/wl.c |
4287 |
-index 42c684c..0696e36 100644 |
4288 |
---- a/drivers/mtd/ubi/wl.c |
4289 |
-+++ b/drivers/mtd/ubi/wl.c |
4290 |
-@@ -795,7 +795,10 @@ static int wear_leveling_worker(struct ubi_device *ubi, struct ubi_work *wrk, |
4291 |
- protect = 1; |
4292 |
- goto out_not_moved; |
4293 |
- } |
4294 |
-- |
4295 |
-+ if (err == MOVE_RETRY) { |
4296 |
-+ scrubbing = 1; |
4297 |
-+ goto out_not_moved; |
4298 |
-+ } |
4299 |
- if (err == MOVE_CANCEL_BITFLIPS || err == MOVE_TARGET_WR_ERR || |
4300 |
- err == MOVE_TARGET_RD_ERR) { |
4301 |
- /* |
4302 |
-@@ -1049,7 +1052,6 @@ static int erase_worker(struct ubi_device *ubi, struct ubi_work *wl_wrk, |
4303 |
- |
4304 |
- ubi_err("failed to erase PEB %d, error %d", pnum, err); |
4305 |
- kfree(wl_wrk); |
4306 |
-- kmem_cache_free(ubi_wl_entry_slab, e); |
4307 |
- |
4308 |
- if (err == -EINTR || err == -ENOMEM || err == -EAGAIN || |
4309 |
- err == -EBUSY) { |
4310 |
-@@ -1062,14 +1064,16 @@ static int erase_worker(struct ubi_device *ubi, struct ubi_work *wl_wrk, |
4311 |
- goto out_ro; |
4312 |
- } |
4313 |
- return err; |
4314 |
-- } else if (err != -EIO) { |
4315 |
-+ } |
4316 |
-+ |
4317 |
-+ kmem_cache_free(ubi_wl_entry_slab, e); |
4318 |
-+ if (err != -EIO) |
4319 |
- /* |
4320 |
- * If this is not %-EIO, we have no idea what to do. Scheduling |
4321 |
- * this physical eraseblock for erasure again would cause |
4322 |
- * errors again and again. Well, lets switch to R/O mode. |
4323 |
- */ |
4324 |
- goto out_ro; |
4325 |
-- } |
4326 |
- |
4327 |
- /* It is %-EIO, the PEB went bad */ |
4328 |
- |
4329 |
-diff --git a/drivers/net/usb/asix.c b/drivers/net/usb/asix.c |
4330 |
-index dd2625a..f5e063a 100644 |
4331 |
---- a/drivers/net/usb/asix.c |
4332 |
-+++ b/drivers/net/usb/asix.c |
4333 |
-@@ -974,6 +974,7 @@ static int ax88772_link_reset(struct usbnet *dev) |
4334 |
- |
4335 |
- static int ax88772_reset(struct usbnet *dev) |
4336 |
- { |
4337 |
-+ struct asix_data *data = (struct asix_data *)&dev->data; |
4338 |
- int ret, embd_phy; |
4339 |
- u16 rx_ctl; |
4340 |
- |
4341 |
-@@ -1051,6 +1052,13 @@ static int ax88772_reset(struct usbnet *dev) |
4342 |
- goto out; |
4343 |
- } |
4344 |
- |
4345 |
-+ /* Rewrite MAC address */ |
4346 |
-+ memcpy(data->mac_addr, dev->net->dev_addr, ETH_ALEN); |
4347 |
-+ ret = asix_write_cmd(dev, AX_CMD_WRITE_NODE_ID, 0, 0, ETH_ALEN, |
4348 |
-+ data->mac_addr); |
4349 |
-+ if (ret < 0) |
4350 |
-+ goto out; |
4351 |
-+ |
4352 |
- /* Set RX_CTL to default values with 2k buffer, and enable cactus */ |
4353 |
- ret = asix_write_rx_ctl(dev, AX_DEFAULT_RX_CTL); |
4354 |
- if (ret < 0) |
4355 |
-@@ -1316,6 +1324,13 @@ static int ax88178_reset(struct usbnet *dev) |
4356 |
- if (ret < 0) |
4357 |
- return ret; |
4358 |
- |
4359 |
-+ /* Rewrite MAC address */ |
4360 |
-+ memcpy(data->mac_addr, dev->net->dev_addr, ETH_ALEN); |
4361 |
-+ ret = asix_write_cmd(dev, AX_CMD_WRITE_NODE_ID, 0, 0, ETH_ALEN, |
4362 |
-+ data->mac_addr); |
4363 |
-+ if (ret < 0) |
4364 |
-+ return ret; |
4365 |
-+ |
4366 |
- ret = asix_write_rx_ctl(dev, AX_DEFAULT_RX_CTL); |
4367 |
- if (ret < 0) |
4368 |
- return ret; |
4369 |
-diff --git a/drivers/net/wireless/ath/ath9k/ar9003_mac.c b/drivers/net/wireless/ath/ath9k/ar9003_mac.c |
4370 |
-index ccde784..f5ae3c6 100644 |
4371 |
---- a/drivers/net/wireless/ath/ath9k/ar9003_mac.c |
4372 |
-+++ b/drivers/net/wireless/ath/ath9k/ar9003_mac.c |
4373 |
-@@ -526,10 +526,11 @@ int ath9k_hw_process_rxdesc_edma(struct ath_hw *ah, struct ath_rx_status *rxs, |
4374 |
- rxs->rs_status |= ATH9K_RXERR_DECRYPT; |
4375 |
- else if (rxsp->status11 & AR_MichaelErr) |
4376 |
- rxs->rs_status |= ATH9K_RXERR_MIC; |
4377 |
-- if (rxsp->status11 & AR_KeyMiss) |
4378 |
-- rxs->rs_status |= ATH9K_RXERR_KEYMISS; |
4379 |
- } |
4380 |
- |
4381 |
-+ if (rxsp->status11 & AR_KeyMiss) |
4382 |
-+ rxs->rs_status |= ATH9K_RXERR_KEYMISS; |
4383 |
-+ |
4384 |
- return 0; |
4385 |
- } |
4386 |
- EXPORT_SYMBOL(ath9k_hw_process_rxdesc_edma); |
4387 |
-diff --git a/drivers/net/wireless/ath/ath9k/calib.c b/drivers/net/wireless/ath/ath9k/calib.c |
4388 |
-index 9953881..8ddef3e 100644 |
4389 |
---- a/drivers/net/wireless/ath/ath9k/calib.c |
4390 |
-+++ b/drivers/net/wireless/ath/ath9k/calib.c |
4391 |
-@@ -402,6 +402,7 @@ bool ath9k_hw_getnf(struct ath_hw *ah, struct ath9k_channel *chan) |
4392 |
- ah->noise = ath9k_hw_getchan_noise(ah, chan); |
4393 |
- return true; |
4394 |
- } |
4395 |
-+EXPORT_SYMBOL(ath9k_hw_getnf); |
4396 |
- |
4397 |
- void ath9k_init_nfcal_hist_buffer(struct ath_hw *ah, |
4398 |
- struct ath9k_channel *chan) |
4399 |
-diff --git a/drivers/net/wireless/ath/ath9k/mac.c b/drivers/net/wireless/ath/ath9k/mac.c |
4400 |
-index ecdb6fd..bbcb777 100644 |
4401 |
---- a/drivers/net/wireless/ath/ath9k/mac.c |
4402 |
-+++ b/drivers/net/wireless/ath/ath9k/mac.c |
4403 |
-@@ -621,10 +621,11 @@ int ath9k_hw_rxprocdesc(struct ath_hw *ah, struct ath_desc *ds, |
4404 |
- rs->rs_status |= ATH9K_RXERR_DECRYPT; |
4405 |
- else if (ads.ds_rxstatus8 & AR_MichaelErr) |
4406 |
- rs->rs_status |= ATH9K_RXERR_MIC; |
4407 |
-- if (ads.ds_rxstatus8 & AR_KeyMiss) |
4408 |
-- rs->rs_status |= ATH9K_RXERR_KEYMISS; |
4409 |
- } |
4410 |
- |
4411 |
-+ if (ads.ds_rxstatus8 & AR_KeyMiss) |
4412 |
-+ rs->rs_status |= ATH9K_RXERR_KEYMISS; |
4413 |
-+ |
4414 |
- return 0; |
4415 |
- } |
4416 |
- EXPORT_SYMBOL(ath9k_hw_rxprocdesc); |
4417 |
-diff --git a/drivers/net/wireless/ath/ath9k/main.c b/drivers/net/wireless/ath/ath9k/main.c |
4418 |
-index a9c5ae7..f76a814 100644 |
4419 |
---- a/drivers/net/wireless/ath/ath9k/main.c |
4420 |
-+++ b/drivers/net/wireless/ath/ath9k/main.c |
4421 |
-@@ -1667,7 +1667,6 @@ static int ath9k_config(struct ieee80211_hw *hw, u32 changed) |
4422 |
- |
4423 |
- if (changed & IEEE80211_CONF_CHANGE_CHANNEL) { |
4424 |
- struct ieee80211_channel *curchan = hw->conf.channel; |
4425 |
-- struct ath9k_channel old_chan; |
4426 |
- int pos = curchan->hw_value; |
4427 |
- int old_pos = -1; |
4428 |
- unsigned long flags; |
4429 |
-@@ -1693,11 +1692,8 @@ static int ath9k_config(struct ieee80211_hw *hw, u32 changed) |
4430 |
- * Preserve the current channel values, before updating |
4431 |
- * the same channel |
4432 |
- */ |
4433 |
-- if (old_pos == pos) { |
4434 |
-- memcpy(&old_chan, &sc->sc_ah->channels[pos], |
4435 |
-- sizeof(struct ath9k_channel)); |
4436 |
-- ah->curchan = &old_chan; |
4437 |
-- } |
4438 |
-+ if (ah->curchan && (old_pos == pos)) |
4439 |
-+ ath9k_hw_getnf(ah, ah->curchan); |
4440 |
- |
4441 |
- ath9k_cmn_update_ichannel(&sc->sc_ah->channels[pos], |
4442 |
- curchan, conf->channel_type); |
4443 |
-diff --git a/drivers/net/wireless/iwlegacy/iwl3945-base.c b/drivers/net/wireless/iwlegacy/iwl3945-base.c |
4444 |
-index b282d86..05f2ad1 100644 |
4445 |
---- a/drivers/net/wireless/iwlegacy/iwl3945-base.c |
4446 |
-+++ b/drivers/net/wireless/iwlegacy/iwl3945-base.c |
4447 |
-@@ -2656,14 +2656,13 @@ int iwl3945_request_scan(struct iwl_priv *priv, struct ieee80211_vif *vif) |
4448 |
- IWL_WARN(priv, "Invalid scan band\n"); |
4449 |
- return -EIO; |
4450 |
- } |
4451 |
-- |
4452 |
- /* |
4453 |
-- * If active scaning is requested but a certain channel |
4454 |
-- * is marked passive, we can do active scanning if we |
4455 |
-- * detect transmissions. |
4456 |
-+ * If active scaning is requested but a certain channel is marked |
4457 |
-+ * passive, we can do active scanning if we detect transmissions. For |
4458 |
-+ * passive only scanning disable switching to active on any channel. |
4459 |
- */ |
4460 |
- scan->good_CRC_th = is_active ? IWL_GOOD_CRC_TH_DEFAULT : |
4461 |
-- IWL_GOOD_CRC_TH_DISABLED; |
4462 |
-+ IWL_GOOD_CRC_TH_NEVER; |
4463 |
- |
4464 |
- len = iwl_legacy_fill_probe_req(priv, (struct ieee80211_mgmt *)scan->data, |
4465 |
- vif->addr, priv->scan_request->ie, |
4466 |
-diff --git a/drivers/net/wireless/iwlwifi/iwl-agn-lib.c b/drivers/net/wireless/iwlwifi/iwl-agn-lib.c |
4467 |
-index 1a52ed2..6465983 100644 |
4468 |
---- a/drivers/net/wireless/iwlwifi/iwl-agn-lib.c |
4469 |
-+++ b/drivers/net/wireless/iwlwifi/iwl-agn-lib.c |
4470 |
-@@ -827,6 +827,7 @@ static int iwl_get_idle_rx_chain_count(struct iwl_priv *priv, int active_cnt) |
4471 |
- case IEEE80211_SMPS_STATIC: |
4472 |
- case IEEE80211_SMPS_DYNAMIC: |
4473 |
- return IWL_NUM_IDLE_CHAINS_SINGLE; |
4474 |
-+ case IEEE80211_SMPS_AUTOMATIC: |
4475 |
- case IEEE80211_SMPS_OFF: |
4476 |
- return active_cnt; |
4477 |
- default: |
4478 |
-diff --git a/drivers/net/wireless/iwlwifi/iwl-agn-rxon.c b/drivers/net/wireless/iwlwifi/iwl-agn-rxon.c |
4479 |
-index 5c7c17c..d552fa3 100644 |
4480 |
---- a/drivers/net/wireless/iwlwifi/iwl-agn-rxon.c |
4481 |
-+++ b/drivers/net/wireless/iwlwifi/iwl-agn-rxon.c |
4482 |
-@@ -559,6 +559,9 @@ int iwlagn_mac_config(struct ieee80211_hw *hw, u32 changed) |
4483 |
- |
4484 |
- mutex_lock(&priv->shrd->mutex); |
4485 |
- |
4486 |
-+ if (test_bit(STATUS_EXIT_PENDING, &priv->shrd->status)) |
4487 |
-+ goto out; |
4488 |
-+ |
4489 |
- if (unlikely(test_bit(STATUS_SCANNING, &priv->shrd->status))) { |
4490 |
- IWL_DEBUG_MAC80211(priv, "leave - scanning\n"); |
4491 |
- goto out; |
4492 |
-diff --git a/drivers/net/wireless/rt2x00/rt2800pci.c b/drivers/net/wireless/rt2x00/rt2800pci.c |
4493 |
-index da48c8a..837b460 100644 |
4494 |
---- a/drivers/net/wireless/rt2x00/rt2800pci.c |
4495 |
-+++ b/drivers/net/wireless/rt2x00/rt2800pci.c |
4496 |
-@@ -422,7 +422,6 @@ static int rt2800pci_init_queues(struct rt2x00_dev *rt2x00dev) |
4497 |
- static void rt2800pci_toggle_irq(struct rt2x00_dev *rt2x00dev, |
4498 |
- enum dev_state state) |
4499 |
- { |
4500 |
-- int mask = (state == STATE_RADIO_IRQ_ON); |
4501 |
- u32 reg; |
4502 |
- unsigned long flags; |
4503 |
- |
4504 |
-@@ -436,25 +435,14 @@ static void rt2800pci_toggle_irq(struct rt2x00_dev *rt2x00dev, |
4505 |
- } |
4506 |
- |
4507 |
- spin_lock_irqsave(&rt2x00dev->irqmask_lock, flags); |
4508 |
-- rt2x00pci_register_read(rt2x00dev, INT_MASK_CSR, ®); |
4509 |
-- rt2x00_set_field32(®, INT_MASK_CSR_RXDELAYINT, 0); |
4510 |
-- rt2x00_set_field32(®, INT_MASK_CSR_TXDELAYINT, 0); |
4511 |
-- rt2x00_set_field32(®, INT_MASK_CSR_RX_DONE, mask); |
4512 |
-- rt2x00_set_field32(®, INT_MASK_CSR_AC0_DMA_DONE, 0); |
4513 |
-- rt2x00_set_field32(®, INT_MASK_CSR_AC1_DMA_DONE, 0); |
4514 |
-- rt2x00_set_field32(®, INT_MASK_CSR_AC2_DMA_DONE, 0); |
4515 |
-- rt2x00_set_field32(®, INT_MASK_CSR_AC3_DMA_DONE, 0); |
4516 |
-- rt2x00_set_field32(®, INT_MASK_CSR_HCCA_DMA_DONE, 0); |
4517 |
-- rt2x00_set_field32(®, INT_MASK_CSR_MGMT_DMA_DONE, 0); |
4518 |
-- rt2x00_set_field32(®, INT_MASK_CSR_MCU_COMMAND, 0); |
4519 |
-- rt2x00_set_field32(®, INT_MASK_CSR_RXTX_COHERENT, 0); |
4520 |
-- rt2x00_set_field32(®, INT_MASK_CSR_TBTT, mask); |
4521 |
-- rt2x00_set_field32(®, INT_MASK_CSR_PRE_TBTT, mask); |
4522 |
-- rt2x00_set_field32(®, INT_MASK_CSR_TX_FIFO_STATUS, mask); |
4523 |
-- rt2x00_set_field32(®, INT_MASK_CSR_AUTO_WAKEUP, mask); |
4524 |
-- rt2x00_set_field32(®, INT_MASK_CSR_GPTIMER, 0); |
4525 |
-- rt2x00_set_field32(®, INT_MASK_CSR_RX_COHERENT, 0); |
4526 |
-- rt2x00_set_field32(®, INT_MASK_CSR_TX_COHERENT, 0); |
4527 |
-+ reg = 0; |
4528 |
-+ if (state == STATE_RADIO_IRQ_ON) { |
4529 |
-+ rt2x00_set_field32(®, INT_MASK_CSR_RX_DONE, 1); |
4530 |
-+ rt2x00_set_field32(®, INT_MASK_CSR_TBTT, 1); |
4531 |
-+ rt2x00_set_field32(®, INT_MASK_CSR_PRE_TBTT, 1); |
4532 |
-+ rt2x00_set_field32(®, INT_MASK_CSR_TX_FIFO_STATUS, 1); |
4533 |
-+ rt2x00_set_field32(®, INT_MASK_CSR_AUTO_WAKEUP, 1); |
4534 |
-+ } |
4535 |
- rt2x00pci_register_write(rt2x00dev, INT_MASK_CSR, reg); |
4536 |
- spin_unlock_irqrestore(&rt2x00dev->irqmask_lock, flags); |
4537 |
- |
4538 |
-diff --git a/drivers/net/wireless/rtlwifi/rtl8192se/fw.c b/drivers/net/wireless/rtlwifi/rtl8192se/fw.c |
4539 |
-index 6f91a14..3fda6b1 100644 |
4540 |
---- a/drivers/net/wireless/rtlwifi/rtl8192se/fw.c |
4541 |
-+++ b/drivers/net/wireless/rtlwifi/rtl8192se/fw.c |
4542 |
-@@ -196,6 +196,8 @@ static bool _rtl92s_firmware_downloadcode(struct ieee80211_hw *hw, |
4543 |
- /* Allocate skb buffer to contain firmware */ |
4544 |
- /* info and tx descriptor info. */ |
4545 |
- skb = dev_alloc_skb(frag_length); |
4546 |
-+ if (!skb) |
4547 |
-+ return false; |
4548 |
- skb_reserve(skb, extra_descoffset); |
4549 |
- seg_ptr = (u8 *)skb_put(skb, (u32)(frag_length - |
4550 |
- extra_descoffset)); |
4551 |
-@@ -573,6 +575,8 @@ static bool _rtl92s_firmware_set_h2c_cmd(struct ieee80211_hw *hw, u8 h2c_cmd, |
4552 |
- |
4553 |
- len = _rtl92s_get_h2c_cmdlen(MAX_TRANSMIT_BUFFER_SIZE, 1, &cmd_len); |
4554 |
- skb = dev_alloc_skb(len); |
4555 |
-+ if (!skb) |
4556 |
-+ return false; |
4557 |
- cb_desc = (struct rtl_tcb_desc *)(skb->cb); |
4558 |
- cb_desc->queue_index = TXCMD_QUEUE; |
4559 |
- cb_desc->cmd_or_init = DESC_PACKET_TYPE_NORMAL; |
4560 |
-diff --git a/drivers/pci/msi.c b/drivers/pci/msi.c |
4561 |
-index 0e6d04d..e3efb43 100644 |
4562 |
---- a/drivers/pci/msi.c |
4563 |
-+++ b/drivers/pci/msi.c |
4564 |
-@@ -870,5 +870,15 @@ EXPORT_SYMBOL(pci_msi_enabled); |
4565 |
- |
4566 |
- void pci_msi_init_pci_dev(struct pci_dev *dev) |
4567 |
- { |
4568 |
-+ int pos; |
4569 |
- INIT_LIST_HEAD(&dev->msi_list); |
4570 |
-+ |
4571 |
-+ /* Disable the msi hardware to avoid screaming interrupts |
4572 |
-+ * during boot. This is the power on reset default so |
4573 |
-+ * usually this should be a noop. |
4574 |
-+ */ |
4575 |
-+ pos = pci_find_capability(dev, PCI_CAP_ID_MSI); |
4576 |
-+ if (pos) |
4577 |
-+ msi_set_enable(dev, pos, 0); |
4578 |
-+ msix_set_enable(dev, 0); |
4579 |
- } |
4580 |
-diff --git a/drivers/pnp/quirks.c b/drivers/pnp/quirks.c |
4581 |
-index dfbd5a6..258fef2 100644 |
4582 |
---- a/drivers/pnp/quirks.c |
4583 |
-+++ b/drivers/pnp/quirks.c |
4584 |
-@@ -295,6 +295,45 @@ static void quirk_system_pci_resources(struct pnp_dev *dev) |
4585 |
- } |
4586 |
- } |
4587 |
- |
4588 |
-+#ifdef CONFIG_AMD_NB |
4589 |
-+ |
4590 |
-+#include <asm/amd_nb.h> |
4591 |
-+ |
4592 |
-+static void quirk_amd_mmconfig_area(struct pnp_dev *dev) |
4593 |
-+{ |
4594 |
-+ resource_size_t start, end; |
4595 |
-+ struct pnp_resource *pnp_res; |
4596 |
-+ struct resource *res; |
4597 |
-+ struct resource mmconfig_res, *mmconfig; |
4598 |
-+ |
4599 |
-+ mmconfig = amd_get_mmconfig_range(&mmconfig_res); |
4600 |
-+ if (!mmconfig) |
4601 |
-+ return; |
4602 |
-+ |
4603 |
-+ list_for_each_entry(pnp_res, &dev->resources, list) { |
4604 |
-+ res = &pnp_res->res; |
4605 |
-+ if (res->end < mmconfig->start || res->start > mmconfig->end || |
4606 |
-+ (res->start == mmconfig->start && res->end == mmconfig->end)) |
4607 |
-+ continue; |
4608 |
-+ |
4609 |
-+ dev_info(&dev->dev, FW_BUG |
4610 |
-+ "%pR covers only part of AMD MMCONFIG area %pR; adding more reservations\n", |
4611 |
-+ res, mmconfig); |
4612 |
-+ if (mmconfig->start < res->start) { |
4613 |
-+ start = mmconfig->start; |
4614 |
-+ end = res->start - 1; |
4615 |
-+ pnp_add_mem_resource(dev, start, end, 0); |
4616 |
-+ } |
4617 |
-+ if (mmconfig->end > res->end) { |
4618 |
-+ start = res->end + 1; |
4619 |
-+ end = mmconfig->end; |
4620 |
-+ pnp_add_mem_resource(dev, start, end, 0); |
4621 |
-+ } |
4622 |
-+ break; |
4623 |
-+ } |
4624 |
-+} |
4625 |
-+#endif |
4626 |
-+ |
4627 |
- /* |
4628 |
- * PnP Quirks |
4629 |
- * Cards or devices that need some tweaking due to incomplete resource info |
4630 |
-@@ -322,6 +361,9 @@ static struct pnp_fixup pnp_fixups[] = { |
4631 |
- /* PnP resources that might overlap PCI BARs */ |
4632 |
- {"PNP0c01", quirk_system_pci_resources}, |
4633 |
- {"PNP0c02", quirk_system_pci_resources}, |
4634 |
-+#ifdef CONFIG_AMD_NB |
4635 |
-+ {"PNP0c01", quirk_amd_mmconfig_area}, |
4636 |
-+#endif |
4637 |
- {""} |
4638 |
- }; |
4639 |
- |
4640 |
-diff --git a/drivers/rtc/interface.c b/drivers/rtc/interface.c |
4641 |
-index 8e28625..8a1c031 100644 |
4642 |
---- a/drivers/rtc/interface.c |
4643 |
-+++ b/drivers/rtc/interface.c |
4644 |
-@@ -228,11 +228,11 @@ int __rtc_read_alarm(struct rtc_device *rtc, struct rtc_wkalrm *alarm) |
4645 |
- alarm->time.tm_hour = now.tm_hour; |
4646 |
- |
4647 |
- /* For simplicity, only support date rollover for now */ |
4648 |
-- if (alarm->time.tm_mday == -1) { |
4649 |
-+ if (alarm->time.tm_mday < 1 || alarm->time.tm_mday > 31) { |
4650 |
- alarm->time.tm_mday = now.tm_mday; |
4651 |
- missing = day; |
4652 |
- } |
4653 |
-- if (alarm->time.tm_mon == -1) { |
4654 |
-+ if ((unsigned)alarm->time.tm_mon >= 12) { |
4655 |
- alarm->time.tm_mon = now.tm_mon; |
4656 |
- if (missing == none) |
4657 |
- missing = month; |
4658 |
-diff --git a/drivers/scsi/mpt2sas/mpt2sas_base.c b/drivers/scsi/mpt2sas/mpt2sas_base.c |
4659 |
-index beda04a..0794c72 100644 |
4660 |
---- a/drivers/scsi/mpt2sas/mpt2sas_base.c |
4661 |
-+++ b/drivers/scsi/mpt2sas/mpt2sas_base.c |
4662 |
-@@ -65,6 +65,8 @@ static MPT_CALLBACK mpt_callbacks[MPT_MAX_CALLBACKS]; |
4663 |
- |
4664 |
- #define FAULT_POLLING_INTERVAL 1000 /* in milliseconds */ |
4665 |
- |
4666 |
-+#define MAX_HBA_QUEUE_DEPTH 30000 |
4667 |
-+#define MAX_CHAIN_DEPTH 100000 |
4668 |
- static int max_queue_depth = -1; |
4669 |
- module_param(max_queue_depth, int, 0); |
4670 |
- MODULE_PARM_DESC(max_queue_depth, " max controller queue depth "); |
4671 |
-@@ -2311,8 +2313,6 @@ _base_release_memory_pools(struct MPT2SAS_ADAPTER *ioc) |
4672 |
- } |
4673 |
- if (ioc->chain_dma_pool) |
4674 |
- pci_pool_destroy(ioc->chain_dma_pool); |
4675 |
-- } |
4676 |
-- if (ioc->chain_lookup) { |
4677 |
- free_pages((ulong)ioc->chain_lookup, ioc->chain_pages); |
4678 |
- ioc->chain_lookup = NULL; |
4679 |
- } |
4680 |
-@@ -2330,9 +2330,7 @@ static int |
4681 |
- _base_allocate_memory_pools(struct MPT2SAS_ADAPTER *ioc, int sleep_flag) |
4682 |
- { |
4683 |
- struct mpt2sas_facts *facts; |
4684 |
-- u32 queue_size, queue_diff; |
4685 |
- u16 max_sge_elements; |
4686 |
-- u16 num_of_reply_frames; |
4687 |
- u16 chains_needed_per_io; |
4688 |
- u32 sz, total_sz, reply_post_free_sz; |
4689 |
- u32 retry_sz; |
4690 |
-@@ -2359,7 +2357,8 @@ _base_allocate_memory_pools(struct MPT2SAS_ADAPTER *ioc, int sleep_flag) |
4691 |
- max_request_credit = (max_queue_depth < facts->RequestCredit) |
4692 |
- ? max_queue_depth : facts->RequestCredit; |
4693 |
- else |
4694 |
-- max_request_credit = facts->RequestCredit; |
4695 |
-+ max_request_credit = min_t(u16, facts->RequestCredit, |
4696 |
-+ MAX_HBA_QUEUE_DEPTH); |
4697 |
- |
4698 |
- ioc->hba_queue_depth = max_request_credit; |
4699 |
- ioc->hi_priority_depth = facts->HighPriorityCredit; |
4700 |
-@@ -2400,50 +2399,25 @@ _base_allocate_memory_pools(struct MPT2SAS_ADAPTER *ioc, int sleep_flag) |
4701 |
- } |
4702 |
- ioc->chains_needed_per_io = chains_needed_per_io; |
4703 |
- |
4704 |
-- /* reply free queue sizing - taking into account for events */ |
4705 |
-- num_of_reply_frames = ioc->hba_queue_depth + 32; |
4706 |
-- |
4707 |
-- /* number of replies frames can't be a multiple of 16 */ |
4708 |
-- /* decrease number of reply frames by 1 */ |
4709 |
-- if (!(num_of_reply_frames % 16)) |
4710 |
-- num_of_reply_frames--; |
4711 |
-- |
4712 |
-- /* calculate number of reply free queue entries |
4713 |
-- * (must be multiple of 16) |
4714 |
-- */ |
4715 |
-- |
4716 |
-- /* (we know reply_free_queue_depth is not a multiple of 16) */ |
4717 |
-- queue_size = num_of_reply_frames; |
4718 |
-- queue_size += 16 - (queue_size % 16); |
4719 |
-- ioc->reply_free_queue_depth = queue_size; |
4720 |
-- |
4721 |
-- /* reply descriptor post queue sizing */ |
4722 |
-- /* this size should be the number of request frames + number of reply |
4723 |
-- * frames |
4724 |
-- */ |
4725 |
-- |
4726 |
-- queue_size = ioc->hba_queue_depth + num_of_reply_frames + 1; |
4727 |
-- /* round up to 16 byte boundary */ |
4728 |
-- if (queue_size % 16) |
4729 |
-- queue_size += 16 - (queue_size % 16); |
4730 |
-- |
4731 |
-- /* check against IOC maximum reply post queue depth */ |
4732 |
-- if (queue_size > facts->MaxReplyDescriptorPostQueueDepth) { |
4733 |
-- queue_diff = queue_size - |
4734 |
-- facts->MaxReplyDescriptorPostQueueDepth; |
4735 |
-+ /* reply free queue sizing - taking into account for 64 FW events */ |
4736 |
-+ ioc->reply_free_queue_depth = ioc->hba_queue_depth + 64; |
4737 |
- |
4738 |
-- /* round queue_diff up to multiple of 16 */ |
4739 |
-- if (queue_diff % 16) |
4740 |
-- queue_diff += 16 - (queue_diff % 16); |
4741 |
-- |
4742 |
-- /* adjust hba_queue_depth, reply_free_queue_depth, |
4743 |
-- * and queue_size |
4744 |
-- */ |
4745 |
-- ioc->hba_queue_depth -= (queue_diff / 2); |
4746 |
-- ioc->reply_free_queue_depth -= (queue_diff / 2); |
4747 |
-- queue_size = facts->MaxReplyDescriptorPostQueueDepth; |
4748 |
-+ /* align the reply post queue on the next 16 count boundary */ |
4749 |
-+ if (!ioc->reply_free_queue_depth % 16) |
4750 |
-+ ioc->reply_post_queue_depth = ioc->reply_free_queue_depth + 16; |
4751 |
-+ else |
4752 |
-+ ioc->reply_post_queue_depth = ioc->reply_free_queue_depth + |
4753 |
-+ 32 - (ioc->reply_free_queue_depth % 16); |
4754 |
-+ if (ioc->reply_post_queue_depth > |
4755 |
-+ facts->MaxReplyDescriptorPostQueueDepth) { |
4756 |
-+ ioc->reply_post_queue_depth = min_t(u16, |
4757 |
-+ (facts->MaxReplyDescriptorPostQueueDepth - |
4758 |
-+ (facts->MaxReplyDescriptorPostQueueDepth % 16)), |
4759 |
-+ (ioc->hba_queue_depth - (ioc->hba_queue_depth % 16))); |
4760 |
-+ ioc->reply_free_queue_depth = ioc->reply_post_queue_depth - 16; |
4761 |
-+ ioc->hba_queue_depth = ioc->reply_free_queue_depth - 64; |
4762 |
- } |
4763 |
-- ioc->reply_post_queue_depth = queue_size; |
4764 |
-+ |
4765 |
- |
4766 |
- dinitprintk(ioc, printk(MPT2SAS_INFO_FMT "scatter gather: " |
4767 |
- "sge_in_main_msg(%d), sge_per_chain(%d), sge_per_io(%d), " |
4768 |
-@@ -2529,15 +2503,12 @@ _base_allocate_memory_pools(struct MPT2SAS_ADAPTER *ioc, int sleep_flag) |
4769 |
- "depth(%d)\n", ioc->name, ioc->request, |
4770 |
- ioc->scsiio_depth)); |
4771 |
- |
4772 |
-- /* loop till the allocation succeeds */ |
4773 |
-- do { |
4774 |
-- sz = ioc->chain_depth * sizeof(struct chain_tracker); |
4775 |
-- ioc->chain_pages = get_order(sz); |
4776 |
-- ioc->chain_lookup = (struct chain_tracker *)__get_free_pages( |
4777 |
-- GFP_KERNEL, ioc->chain_pages); |
4778 |
-- if (ioc->chain_lookup == NULL) |
4779 |
-- ioc->chain_depth -= 100; |
4780 |
-- } while (ioc->chain_lookup == NULL); |
4781 |
-+ ioc->chain_depth = min_t(u32, ioc->chain_depth, MAX_CHAIN_DEPTH); |
4782 |
-+ sz = ioc->chain_depth * sizeof(struct chain_tracker); |
4783 |
-+ ioc->chain_pages = get_order(sz); |
4784 |
-+ |
4785 |
-+ ioc->chain_lookup = (struct chain_tracker *)__get_free_pages( |
4786 |
-+ GFP_KERNEL, ioc->chain_pages); |
4787 |
- ioc->chain_dma_pool = pci_pool_create("chain pool", ioc->pdev, |
4788 |
- ioc->request_sz, 16, 0); |
4789 |
- if (!ioc->chain_dma_pool) { |
4790 |
-diff --git a/drivers/scsi/mpt2sas/mpt2sas_scsih.c b/drivers/scsi/mpt2sas/mpt2sas_scsih.c |
4791 |
-index d570573..9bc6fb2 100644 |
4792 |
---- a/drivers/scsi/mpt2sas/mpt2sas_scsih.c |
4793 |
-+++ b/drivers/scsi/mpt2sas/mpt2sas_scsih.c |
4794 |
-@@ -1007,8 +1007,8 @@ _scsih_get_chain_buffer_tracker(struct MPT2SAS_ADAPTER *ioc, u16 smid) |
4795 |
- spin_lock_irqsave(&ioc->scsi_lookup_lock, flags); |
4796 |
- if (list_empty(&ioc->free_chain_list)) { |
4797 |
- spin_unlock_irqrestore(&ioc->scsi_lookup_lock, flags); |
4798 |
-- printk(MPT2SAS_WARN_FMT "chain buffers not available\n", |
4799 |
-- ioc->name); |
4800 |
-+ dfailprintk(ioc, printk(MPT2SAS_WARN_FMT "chain buffers not " |
4801 |
-+ "available\n", ioc->name)); |
4802 |
- return NULL; |
4803 |
- } |
4804 |
- chain_req = list_entry(ioc->free_chain_list.next, |
4805 |
-@@ -6714,6 +6714,7 @@ _scsih_mark_responding_raid_device(struct MPT2SAS_ADAPTER *ioc, u64 wwid, |
4806 |
- } else |
4807 |
- sas_target_priv_data = NULL; |
4808 |
- raid_device->responding = 1; |
4809 |
-+ spin_unlock_irqrestore(&ioc->raid_device_lock, flags); |
4810 |
- starget_printk(KERN_INFO, raid_device->starget, |
4811 |
- "handle(0x%04x), wwid(0x%016llx)\n", handle, |
4812 |
- (unsigned long long)raid_device->wwid); |
4813 |
-@@ -6724,16 +6725,16 @@ _scsih_mark_responding_raid_device(struct MPT2SAS_ADAPTER *ioc, u64 wwid, |
4814 |
- */ |
4815 |
- _scsih_init_warpdrive_properties(ioc, raid_device); |
4816 |
- if (raid_device->handle == handle) |
4817 |
-- goto out; |
4818 |
-+ return; |
4819 |
- printk(KERN_INFO "\thandle changed from(0x%04x)!!!\n", |
4820 |
- raid_device->handle); |
4821 |
- raid_device->handle = handle; |
4822 |
- if (sas_target_priv_data) |
4823 |
- sas_target_priv_data->handle = handle; |
4824 |
-- goto out; |
4825 |
-+ return; |
4826 |
- } |
4827 |
- } |
4828 |
-- out: |
4829 |
-+ |
4830 |
- spin_unlock_irqrestore(&ioc->raid_device_lock, flags); |
4831 |
- } |
4832 |
- |
4833 |
-diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c |
4834 |
-index fa3a591..4b63c73 100644 |
4835 |
---- a/drivers/scsi/sd.c |
4836 |
-+++ b/drivers/scsi/sd.c |
4837 |
-@@ -1074,6 +1074,10 @@ static int sd_ioctl(struct block_device *bdev, fmode_t mode, |
4838 |
- SCSI_LOG_IOCTL(1, sd_printk(KERN_INFO, sdkp, "sd_ioctl: disk=%s, " |
4839 |
- "cmd=0x%x\n", disk->disk_name, cmd)); |
4840 |
- |
4841 |
-+ error = scsi_verify_blk_ioctl(bdev, cmd); |
4842 |
-+ if (error < 0) |
4843 |
-+ return error; |
4844 |
-+ |
4845 |
- /* |
4846 |
- * If we are in the middle of error recovery, don't let anyone |
4847 |
- * else try and use this device. Also, if error recovery fails, it |
4848 |
-@@ -1096,7 +1100,7 @@ static int sd_ioctl(struct block_device *bdev, fmode_t mode, |
4849 |
- error = scsi_ioctl(sdp, cmd, p); |
4850 |
- break; |
4851 |
- default: |
4852 |
-- error = scsi_cmd_ioctl(disk->queue, disk, mode, cmd, p); |
4853 |
-+ error = scsi_cmd_blk_ioctl(bdev, mode, cmd, p); |
4854 |
- if (error != -ENOTTY) |
4855 |
- break; |
4856 |
- error = scsi_ioctl(sdp, cmd, p); |
4857 |
-@@ -1266,6 +1270,11 @@ static int sd_compat_ioctl(struct block_device *bdev, fmode_t mode, |
4858 |
- unsigned int cmd, unsigned long arg) |
4859 |
- { |
4860 |
- struct scsi_device *sdev = scsi_disk(bdev->bd_disk)->device; |
4861 |
-+ int ret; |
4862 |
-+ |
4863 |
-+ ret = scsi_verify_blk_ioctl(bdev, cmd); |
4864 |
-+ if (ret < 0) |
4865 |
-+ return -ENOIOCTLCMD; |
4866 |
- |
4867 |
- /* |
4868 |
- * If we are in the middle of error recovery, don't let anyone |
4869 |
-@@ -1277,8 +1286,6 @@ static int sd_compat_ioctl(struct block_device *bdev, fmode_t mode, |
4870 |
- return -ENODEV; |
4871 |
- |
4872 |
- if (sdev->host->hostt->compat_ioctl) { |
4873 |
-- int ret; |
4874 |
-- |
4875 |
- ret = sdev->host->hostt->compat_ioctl(sdev, cmd, (void __user *)arg); |
4876 |
- |
4877 |
- return ret; |
4878 |
-diff --git a/drivers/scsi/sym53c8xx_2/sym_glue.c b/drivers/scsi/sym53c8xx_2/sym_glue.c |
4879 |
-index b4543f5..36d1ed7 100644 |
4880 |
---- a/drivers/scsi/sym53c8xx_2/sym_glue.c |
4881 |
-+++ b/drivers/scsi/sym53c8xx_2/sym_glue.c |
4882 |
-@@ -839,6 +839,10 @@ static void sym53c8xx_slave_destroy(struct scsi_device *sdev) |
4883 |
- struct sym_lcb *lp = sym_lp(tp, sdev->lun); |
4884 |
- unsigned long flags; |
4885 |
- |
4886 |
-+ /* if slave_alloc returned before allocating a sym_lcb, return */ |
4887 |
-+ if (!lp) |
4888 |
-+ return; |
4889 |
-+ |
4890 |
- spin_lock_irqsave(np->s.host->host_lock, flags); |
4891 |
- |
4892 |
- if (lp->busy_itlq || lp->busy_itl) { |
4893 |
-diff --git a/drivers/target/target_core_cdb.c b/drivers/target/target_core_cdb.c |
4894 |
-index 831468b..2e8c1be 100644 |
4895 |
---- a/drivers/target/target_core_cdb.c |
4896 |
-+++ b/drivers/target/target_core_cdb.c |
4897 |
-@@ -94,6 +94,18 @@ target_emulate_inquiry_std(struct se_cmd *cmd) |
4898 |
- buf[2] = dev->transport->get_device_rev(dev); |
4899 |
- |
4900 |
- /* |
4901 |
-+ * NORMACA and HISUP = 0, RESPONSE DATA FORMAT = 2 |
4902 |
-+ * |
4903 |
-+ * SPC4 says: |
4904 |
-+ * A RESPONSE DATA FORMAT field set to 2h indicates that the |
4905 |
-+ * standard INQUIRY data is in the format defined in this |
4906 |
-+ * standard. Response data format values less than 2h are |
4907 |
-+ * obsolete. Response data format values greater than 2h are |
4908 |
-+ * reserved. |
4909 |
-+ */ |
4910 |
-+ buf[3] = 2; |
4911 |
-+ |
4912 |
-+ /* |
4913 |
- * Enable SCCS and TPGS fields for Emulated ALUA |
4914 |
- */ |
4915 |
- if (dev->se_sub_dev->t10_alua.alua_type == SPC3_ALUA_EMULATED) |
4916 |
-diff --git a/drivers/target/target_core_transport.c b/drivers/target/target_core_transport.c |
4917 |
-index 0257658..e87d0eb 100644 |
4918 |
---- a/drivers/target/target_core_transport.c |
4919 |
-+++ b/drivers/target/target_core_transport.c |
4920 |
-@@ -4353,6 +4353,7 @@ int transport_send_check_condition_and_sense( |
4921 |
- case TCM_NON_EXISTENT_LUN: |
4922 |
- /* CURRENT ERROR */ |
4923 |
- buffer[offset] = 0x70; |
4924 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
4925 |
- /* ILLEGAL REQUEST */ |
4926 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST; |
4927 |
- /* LOGICAL UNIT NOT SUPPORTED */ |
4928 |
-@@ -4362,6 +4363,7 @@ int transport_send_check_condition_and_sense( |
4929 |
- case TCM_SECTOR_COUNT_TOO_MANY: |
4930 |
- /* CURRENT ERROR */ |
4931 |
- buffer[offset] = 0x70; |
4932 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
4933 |
- /* ILLEGAL REQUEST */ |
4934 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST; |
4935 |
- /* INVALID COMMAND OPERATION CODE */ |
4936 |
-@@ -4370,6 +4372,7 @@ int transport_send_check_condition_and_sense( |
4937 |
- case TCM_UNKNOWN_MODE_PAGE: |
4938 |
- /* CURRENT ERROR */ |
4939 |
- buffer[offset] = 0x70; |
4940 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
4941 |
- /* ILLEGAL REQUEST */ |
4942 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST; |
4943 |
- /* INVALID FIELD IN CDB */ |
4944 |
-@@ -4378,6 +4381,7 @@ int transport_send_check_condition_and_sense( |
4945 |
- case TCM_CHECK_CONDITION_ABORT_CMD: |
4946 |
- /* CURRENT ERROR */ |
4947 |
- buffer[offset] = 0x70; |
4948 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
4949 |
- /* ABORTED COMMAND */ |
4950 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; |
4951 |
- /* BUS DEVICE RESET FUNCTION OCCURRED */ |
4952 |
-@@ -4387,6 +4391,7 @@ int transport_send_check_condition_and_sense( |
4953 |
- case TCM_INCORRECT_AMOUNT_OF_DATA: |
4954 |
- /* CURRENT ERROR */ |
4955 |
- buffer[offset] = 0x70; |
4956 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
4957 |
- /* ABORTED COMMAND */ |
4958 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; |
4959 |
- /* WRITE ERROR */ |
4960 |
-@@ -4397,6 +4402,7 @@ int transport_send_check_condition_and_sense( |
4961 |
- case TCM_INVALID_CDB_FIELD: |
4962 |
- /* CURRENT ERROR */ |
4963 |
- buffer[offset] = 0x70; |
4964 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
4965 |
- /* ABORTED COMMAND */ |
4966 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; |
4967 |
- /* INVALID FIELD IN CDB */ |
4968 |
-@@ -4405,6 +4411,7 @@ int transport_send_check_condition_and_sense( |
4969 |
- case TCM_INVALID_PARAMETER_LIST: |
4970 |
- /* CURRENT ERROR */ |
4971 |
- buffer[offset] = 0x70; |
4972 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
4973 |
- /* ABORTED COMMAND */ |
4974 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; |
4975 |
- /* INVALID FIELD IN PARAMETER LIST */ |
4976 |
-@@ -4413,6 +4420,7 @@ int transport_send_check_condition_and_sense( |
4977 |
- case TCM_UNEXPECTED_UNSOLICITED_DATA: |
4978 |
- /* CURRENT ERROR */ |
4979 |
- buffer[offset] = 0x70; |
4980 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
4981 |
- /* ABORTED COMMAND */ |
4982 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; |
4983 |
- /* WRITE ERROR */ |
4984 |
-@@ -4423,6 +4431,7 @@ int transport_send_check_condition_and_sense( |
4985 |
- case TCM_SERVICE_CRC_ERROR: |
4986 |
- /* CURRENT ERROR */ |
4987 |
- buffer[offset] = 0x70; |
4988 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
4989 |
- /* ABORTED COMMAND */ |
4990 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; |
4991 |
- /* PROTOCOL SERVICE CRC ERROR */ |
4992 |
-@@ -4433,6 +4442,7 @@ int transport_send_check_condition_and_sense( |
4993 |
- case TCM_SNACK_REJECTED: |
4994 |
- /* CURRENT ERROR */ |
4995 |
- buffer[offset] = 0x70; |
4996 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
4997 |
- /* ABORTED COMMAND */ |
4998 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND; |
4999 |
- /* READ ERROR */ |
5000 |
-@@ -4443,6 +4453,7 @@ int transport_send_check_condition_and_sense( |
5001 |
- case TCM_WRITE_PROTECTED: |
5002 |
- /* CURRENT ERROR */ |
5003 |
- buffer[offset] = 0x70; |
5004 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
5005 |
- /* DATA PROTECT */ |
5006 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = DATA_PROTECT; |
5007 |
- /* WRITE PROTECTED */ |
5008 |
-@@ -4451,6 +4462,7 @@ int transport_send_check_condition_and_sense( |
5009 |
- case TCM_CHECK_CONDITION_UNIT_ATTENTION: |
5010 |
- /* CURRENT ERROR */ |
5011 |
- buffer[offset] = 0x70; |
5012 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
5013 |
- /* UNIT ATTENTION */ |
5014 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = UNIT_ATTENTION; |
5015 |
- core_scsi3_ua_for_check_condition(cmd, &asc, &ascq); |
5016 |
-@@ -4460,6 +4472,7 @@ int transport_send_check_condition_and_sense( |
5017 |
- case TCM_CHECK_CONDITION_NOT_READY: |
5018 |
- /* CURRENT ERROR */ |
5019 |
- buffer[offset] = 0x70; |
5020 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
5021 |
- /* Not Ready */ |
5022 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = NOT_READY; |
5023 |
- transport_get_sense_codes(cmd, &asc, &ascq); |
5024 |
-@@ -4470,6 +4483,7 @@ int transport_send_check_condition_and_sense( |
5025 |
- default: |
5026 |
- /* CURRENT ERROR */ |
5027 |
- buffer[offset] = 0x70; |
5028 |
-+ buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10; |
5029 |
- /* ILLEGAL REQUEST */ |
5030 |
- buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST; |
5031 |
- /* LOGICAL UNIT COMMUNICATION FAILURE */ |
5032 |
-diff --git a/drivers/xen/xenbus/xenbus_xs.c b/drivers/xen/xenbus/xenbus_xs.c |
5033 |
-index ede860f..a580b17 100644 |
5034 |
---- a/drivers/xen/xenbus/xenbus_xs.c |
5035 |
-+++ b/drivers/xen/xenbus/xenbus_xs.c |
5036 |
-@@ -801,6 +801,12 @@ static int process_msg(void) |
5037 |
- goto out; |
5038 |
- } |
5039 |
- |
5040 |
-+ if (msg->hdr.len > XENSTORE_PAYLOAD_MAX) { |
5041 |
-+ kfree(msg); |
5042 |
-+ err = -EINVAL; |
5043 |
-+ goto out; |
5044 |
-+ } |
5045 |
-+ |
5046 |
- body = kmalloc(msg->hdr.len + 1, GFP_NOIO | __GFP_HIGH); |
5047 |
- if (body == NULL) { |
5048 |
- kfree(msg); |
5049 |
-diff --git a/fs/aio.c b/fs/aio.c |
5050 |
-index 78c514c..969beb0 100644 |
5051 |
---- a/fs/aio.c |
5052 |
-+++ b/fs/aio.c |
5053 |
-@@ -476,14 +476,21 @@ static void kiocb_batch_init(struct kiocb_batch *batch, long total) |
5054 |
- batch->count = total; |
5055 |
- } |
5056 |
- |
5057 |
--static void kiocb_batch_free(struct kiocb_batch *batch) |
5058 |
-+static void kiocb_batch_free(struct kioctx *ctx, struct kiocb_batch *batch) |
5059 |
- { |
5060 |
- struct kiocb *req, *n; |
5061 |
- |
5062 |
-+ if (list_empty(&batch->head)) |
5063 |
-+ return; |
5064 |
-+ |
5065 |
-+ spin_lock_irq(&ctx->ctx_lock); |
5066 |
- list_for_each_entry_safe(req, n, &batch->head, ki_batch) { |
5067 |
- list_del(&req->ki_batch); |
5068 |
-+ list_del(&req->ki_list); |
5069 |
- kmem_cache_free(kiocb_cachep, req); |
5070 |
-+ ctx->reqs_active--; |
5071 |
- } |
5072 |
-+ spin_unlock_irq(&ctx->ctx_lock); |
5073 |
- } |
5074 |
- |
5075 |
- /* |
5076 |
-@@ -1742,7 +1749,7 @@ long do_io_submit(aio_context_t ctx_id, long nr, |
5077 |
- } |
5078 |
- blk_finish_plug(&plug); |
5079 |
- |
5080 |
-- kiocb_batch_free(&batch); |
5081 |
-+ kiocb_batch_free(ctx, &batch); |
5082 |
- put_ioctx(ctx); |
5083 |
- return i ? i : ret; |
5084 |
- } |
5085 |
-diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c |
5086 |
-index f3670cf..63e4be4 100644 |
5087 |
---- a/fs/cifs/connect.c |
5088 |
-+++ b/fs/cifs/connect.c |
5089 |
-@@ -2914,18 +2914,33 @@ void cifs_setup_cifs_sb(struct smb_vol *pvolume_info, |
5090 |
- #define CIFS_DEFAULT_IOSIZE (1024 * 1024) |
5091 |
- |
5092 |
- /* |
5093 |
-- * Windows only supports a max of 60k reads. Default to that when posix |
5094 |
-- * extensions aren't in force. |
5095 |
-+ * Windows only supports a max of 60kb reads and 65535 byte writes. Default to |
5096 |
-+ * those values when posix extensions aren't in force. In actuality here, we |
5097 |
-+ * use 65536 to allow for a write that is a multiple of 4k. Most servers seem |
5098 |
-+ * to be ok with the extra byte even though Windows doesn't send writes that |
5099 |
-+ * are that large. |
5100 |
-+ * |
5101 |
-+ * Citation: |
5102 |
-+ * |
5103 |
-+ * http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx |
5104 |
- */ |
5105 |
- #define CIFS_DEFAULT_NON_POSIX_RSIZE (60 * 1024) |
5106 |
-+#define CIFS_DEFAULT_NON_POSIX_WSIZE (65536) |
5107 |
- |
5108 |
- static unsigned int |
5109 |
- cifs_negotiate_wsize(struct cifs_tcon *tcon, struct smb_vol *pvolume_info) |
5110 |
- { |
5111 |
- __u64 unix_cap = le64_to_cpu(tcon->fsUnixInfo.Capability); |
5112 |
- struct TCP_Server_Info *server = tcon->ses->server; |
5113 |
-- unsigned int wsize = pvolume_info->wsize ? pvolume_info->wsize : |
5114 |
-- CIFS_DEFAULT_IOSIZE; |
5115 |
-+ unsigned int wsize; |
5116 |
-+ |
5117 |
-+ /* start with specified wsize, or default */ |
5118 |
-+ if (pvolume_info->wsize) |
5119 |
-+ wsize = pvolume_info->wsize; |
5120 |
-+ else if (tcon->unix_ext && (unix_cap & CIFS_UNIX_LARGE_WRITE_CAP)) |
5121 |
-+ wsize = CIFS_DEFAULT_IOSIZE; |
5122 |
-+ else |
5123 |
-+ wsize = CIFS_DEFAULT_NON_POSIX_WSIZE; |
5124 |
- |
5125 |
- /* can server support 24-bit write sizes? (via UNIX extensions) */ |
5126 |
- if (!tcon->unix_ext || !(unix_cap & CIFS_UNIX_LARGE_WRITE_CAP)) |
5127 |
-diff --git a/fs/dcache.c b/fs/dcache.c |
5128 |
-index 89509b5..f7908ae 100644 |
5129 |
---- a/fs/dcache.c |
5130 |
-+++ b/fs/dcache.c |
5131 |
-@@ -242,6 +242,7 @@ static void dentry_lru_add(struct dentry *dentry) |
5132 |
- static void __dentry_lru_del(struct dentry *dentry) |
5133 |
- { |
5134 |
- list_del_init(&dentry->d_lru); |
5135 |
-+ dentry->d_flags &= ~DCACHE_SHRINK_LIST; |
5136 |
- dentry->d_sb->s_nr_dentry_unused--; |
5137 |
- dentry_stat.nr_unused--; |
5138 |
- } |
5139 |
-@@ -275,15 +276,15 @@ static void dentry_lru_prune(struct dentry *dentry) |
5140 |
- } |
5141 |
- } |
5142 |
- |
5143 |
--static void dentry_lru_move_tail(struct dentry *dentry) |
5144 |
-+static void dentry_lru_move_list(struct dentry *dentry, struct list_head *list) |
5145 |
- { |
5146 |
- spin_lock(&dcache_lru_lock); |
5147 |
- if (list_empty(&dentry->d_lru)) { |
5148 |
-- list_add_tail(&dentry->d_lru, &dentry->d_sb->s_dentry_lru); |
5149 |
-+ list_add_tail(&dentry->d_lru, list); |
5150 |
- dentry->d_sb->s_nr_dentry_unused++; |
5151 |
- dentry_stat.nr_unused++; |
5152 |
- } else { |
5153 |
-- list_move_tail(&dentry->d_lru, &dentry->d_sb->s_dentry_lru); |
5154 |
-+ list_move_tail(&dentry->d_lru, list); |
5155 |
- } |
5156 |
- spin_unlock(&dcache_lru_lock); |
5157 |
- } |
5158 |
-@@ -769,14 +770,18 @@ static void shrink_dentry_list(struct list_head *list) |
5159 |
- } |
5160 |
- |
5161 |
- /** |
5162 |
-- * __shrink_dcache_sb - shrink the dentry LRU on a given superblock |
5163 |
-- * @sb: superblock to shrink dentry LRU. |
5164 |
-- * @count: number of entries to prune |
5165 |
-- * @flags: flags to control the dentry processing |
5166 |
-+ * prune_dcache_sb - shrink the dcache |
5167 |
-+ * @sb: superblock |
5168 |
-+ * @count: number of entries to try to free |
5169 |
-+ * |
5170 |
-+ * Attempt to shrink the superblock dcache LRU by @count entries. This is |
5171 |
-+ * done when we need more memory an called from the superblock shrinker |
5172 |
-+ * function. |
5173 |
- * |
5174 |
-- * If flags contains DCACHE_REFERENCED reference dentries will not be pruned. |
5175 |
-+ * This function may fail to free any resources if all the dentries are in |
5176 |
-+ * use. |
5177 |
- */ |
5178 |
--static void __shrink_dcache_sb(struct super_block *sb, int count, int flags) |
5179 |
-+void prune_dcache_sb(struct super_block *sb, int count) |
5180 |
- { |
5181 |
- struct dentry *dentry; |
5182 |
- LIST_HEAD(referenced); |
5183 |
-@@ -795,18 +800,13 @@ relock: |
5184 |
- goto relock; |
5185 |
- } |
5186 |
- |
5187 |
-- /* |
5188 |
-- * If we are honouring the DCACHE_REFERENCED flag and the |
5189 |
-- * dentry has this flag set, don't free it. Clear the flag |
5190 |
-- * and put it back on the LRU. |
5191 |
-- */ |
5192 |
-- if (flags & DCACHE_REFERENCED && |
5193 |
-- dentry->d_flags & DCACHE_REFERENCED) { |
5194 |
-+ if (dentry->d_flags & DCACHE_REFERENCED) { |
5195 |
- dentry->d_flags &= ~DCACHE_REFERENCED; |
5196 |
- list_move(&dentry->d_lru, &referenced); |
5197 |
- spin_unlock(&dentry->d_lock); |
5198 |
- } else { |
5199 |
- list_move_tail(&dentry->d_lru, &tmp); |
5200 |
-+ dentry->d_flags |= DCACHE_SHRINK_LIST; |
5201 |
- spin_unlock(&dentry->d_lock); |
5202 |
- if (!--count) |
5203 |
- break; |
5204 |
-@@ -821,23 +821,6 @@ relock: |
5205 |
- } |
5206 |
- |
5207 |
- /** |
5208 |
-- * prune_dcache_sb - shrink the dcache |
5209 |
-- * @sb: superblock |
5210 |
-- * @nr_to_scan: number of entries to try to free |
5211 |
-- * |
5212 |
-- * Attempt to shrink the superblock dcache LRU by @nr_to_scan entries. This is |
5213 |
-- * done when we need more memory an called from the superblock shrinker |
5214 |
-- * function. |
5215 |
-- * |
5216 |
-- * This function may fail to free any resources if all the dentries are in |
5217 |
-- * use. |
5218 |
-- */ |
5219 |
--void prune_dcache_sb(struct super_block *sb, int nr_to_scan) |
5220 |
--{ |
5221 |
-- __shrink_dcache_sb(sb, nr_to_scan, DCACHE_REFERENCED); |
5222 |
--} |
5223 |
-- |
5224 |
--/** |
5225 |
- * shrink_dcache_sb - shrink dcache for a superblock |
5226 |
- * @sb: superblock |
5227 |
- * |
5228 |
-@@ -1091,7 +1074,7 @@ EXPORT_SYMBOL(have_submounts); |
5229 |
- * drop the lock and return early due to latency |
5230 |
- * constraints. |
5231 |
- */ |
5232 |
--static int select_parent(struct dentry * parent) |
5233 |
-+static int select_parent(struct dentry *parent, struct list_head *dispose) |
5234 |
- { |
5235 |
- struct dentry *this_parent; |
5236 |
- struct list_head *next; |
5237 |
-@@ -1113,17 +1096,21 @@ resume: |
5238 |
- |
5239 |
- spin_lock_nested(&dentry->d_lock, DENTRY_D_LOCK_NESTED); |
5240 |
- |
5241 |
-- /* |
5242 |
-- * move only zero ref count dentries to the end |
5243 |
-- * of the unused list for prune_dcache |
5244 |
-+ /* |
5245 |
-+ * move only zero ref count dentries to the dispose list. |
5246 |
-+ * |
5247 |
-+ * Those which are presently on the shrink list, being processed |
5248 |
-+ * by shrink_dentry_list(), shouldn't be moved. Otherwise the |
5249 |
-+ * loop in shrink_dcache_parent() might not make any progress |
5250 |
-+ * and loop forever. |
5251 |
- */ |
5252 |
-- if (!dentry->d_count) { |
5253 |
-- dentry_lru_move_tail(dentry); |
5254 |
-- found++; |
5255 |
-- } else { |
5256 |
-+ if (dentry->d_count) { |
5257 |
- dentry_lru_del(dentry); |
5258 |
-+ } else if (!(dentry->d_flags & DCACHE_SHRINK_LIST)) { |
5259 |
-+ dentry_lru_move_list(dentry, dispose); |
5260 |
-+ dentry->d_flags |= DCACHE_SHRINK_LIST; |
5261 |
-+ found++; |
5262 |
- } |
5263 |
-- |
5264 |
- /* |
5265 |
- * We can return to the caller if we have found some (this |
5266 |
- * ensures forward progress). We'll be coming back to find |
5267 |
-@@ -1180,14 +1167,13 @@ rename_retry: |
5268 |
- * |
5269 |
- * Prune the dcache to remove unused children of the parent dentry. |
5270 |
- */ |
5271 |
-- |
5272 |
- void shrink_dcache_parent(struct dentry * parent) |
5273 |
- { |
5274 |
-- struct super_block *sb = parent->d_sb; |
5275 |
-+ LIST_HEAD(dispose); |
5276 |
- int found; |
5277 |
- |
5278 |
-- while ((found = select_parent(parent)) != 0) |
5279 |
-- __shrink_dcache_sb(sb, found, 0); |
5280 |
-+ while ((found = select_parent(parent, &dispose)) != 0) |
5281 |
-+ shrink_dentry_list(&dispose); |
5282 |
- } |
5283 |
- EXPORT_SYMBOL(shrink_dcache_parent); |
5284 |
- |
5285 |
-diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c |
5286 |
-index a567968..ab25f57 100644 |
5287 |
---- a/fs/ext4/ioctl.c |
5288 |
-+++ b/fs/ext4/ioctl.c |
5289 |
-@@ -182,19 +182,22 @@ setversion_out: |
5290 |
- if (err) |
5291 |
- return err; |
5292 |
- |
5293 |
-- if (get_user(n_blocks_count, (__u32 __user *)arg)) |
5294 |
-- return -EFAULT; |
5295 |
-+ if (get_user(n_blocks_count, (__u32 __user *)arg)) { |
5296 |
-+ err = -EFAULT; |
5297 |
-+ goto group_extend_out; |
5298 |
-+ } |
5299 |
- |
5300 |
- if (EXT4_HAS_RO_COMPAT_FEATURE(sb, |
5301 |
- EXT4_FEATURE_RO_COMPAT_BIGALLOC)) { |
5302 |
- ext4_msg(sb, KERN_ERR, |
5303 |
- "Online resizing not supported with bigalloc"); |
5304 |
-- return -EOPNOTSUPP; |
5305 |
-+ err = -EOPNOTSUPP; |
5306 |
-+ goto group_extend_out; |
5307 |
- } |
5308 |
- |
5309 |
- err = mnt_want_write(filp->f_path.mnt); |
5310 |
- if (err) |
5311 |
-- return err; |
5312 |
-+ goto group_extend_out; |
5313 |
- |
5314 |
- err = ext4_group_extend(sb, EXT4_SB(sb)->s_es, n_blocks_count); |
5315 |
- if (EXT4_SB(sb)->s_journal) { |
5316 |
-@@ -204,9 +207,10 @@ setversion_out: |
5317 |
- } |
5318 |
- if (err == 0) |
5319 |
- err = err2; |
5320 |
-+ |
5321 |
- mnt_drop_write(filp->f_path.mnt); |
5322 |
-+group_extend_out: |
5323 |
- ext4_resize_end(sb); |
5324 |
-- |
5325 |
- return err; |
5326 |
- } |
5327 |
- |
5328 |
-@@ -267,19 +271,22 @@ mext_out: |
5329 |
- return err; |
5330 |
- |
5331 |
- if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg, |
5332 |
-- sizeof(input))) |
5333 |
-- return -EFAULT; |
5334 |
-+ sizeof(input))) { |
5335 |
-+ err = -EFAULT; |
5336 |
-+ goto group_add_out; |
5337 |
-+ } |
5338 |
- |
5339 |
- if (EXT4_HAS_RO_COMPAT_FEATURE(sb, |
5340 |
- EXT4_FEATURE_RO_COMPAT_BIGALLOC)) { |
5341 |
- ext4_msg(sb, KERN_ERR, |
5342 |
- "Online resizing not supported with bigalloc"); |
5343 |
-- return -EOPNOTSUPP; |
5344 |
-+ err = -EOPNOTSUPP; |
5345 |
-+ goto group_add_out; |
5346 |
- } |
5347 |
- |
5348 |
- err = mnt_want_write(filp->f_path.mnt); |
5349 |
- if (err) |
5350 |
-- return err; |
5351 |
-+ goto group_add_out; |
5352 |
- |
5353 |
- err = ext4_group_add(sb, &input); |
5354 |
- if (EXT4_SB(sb)->s_journal) { |
5355 |
-@@ -289,9 +296,10 @@ mext_out: |
5356 |
- } |
5357 |
- if (err == 0) |
5358 |
- err = err2; |
5359 |
-+ |
5360 |
- mnt_drop_write(filp->f_path.mnt); |
5361 |
-+group_add_out: |
5362 |
- ext4_resize_end(sb); |
5363 |
-- |
5364 |
- return err; |
5365 |
- } |
5366 |
- |
5367 |
-diff --git a/fs/ext4/super.c b/fs/ext4/super.c |
5368 |
-index 3e1329e..9281dbe 100644 |
5369 |
---- a/fs/ext4/super.c |
5370 |
-+++ b/fs/ext4/super.c |
5371 |
-@@ -2006,17 +2006,16 @@ static int ext4_fill_flex_info(struct super_block *sb) |
5372 |
- struct ext4_group_desc *gdp = NULL; |
5373 |
- ext4_group_t flex_group_count; |
5374 |
- ext4_group_t flex_group; |
5375 |
-- int groups_per_flex = 0; |
5376 |
-+ unsigned int groups_per_flex = 0; |
5377 |
- size_t size; |
5378 |
- int i; |
5379 |
- |
5380 |
- sbi->s_log_groups_per_flex = sbi->s_es->s_log_groups_per_flex; |
5381 |
-- groups_per_flex = 1 << sbi->s_log_groups_per_flex; |
5382 |
-- |
5383 |
-- if (groups_per_flex < 2) { |
5384 |
-+ if (sbi->s_log_groups_per_flex < 1 || sbi->s_log_groups_per_flex > 31) { |
5385 |
- sbi->s_log_groups_per_flex = 0; |
5386 |
- return 1; |
5387 |
- } |
5388 |
-+ groups_per_flex = 1 << sbi->s_log_groups_per_flex; |
5389 |
- |
5390 |
- /* We allocate both existing and potentially added groups */ |
5391 |
- flex_group_count = ((sbi->s_groups_count + groups_per_flex - 1) + |
5392 |
-diff --git a/fs/nfs/blocklayout/blocklayout.c b/fs/nfs/blocklayout/blocklayout.c |
5393 |
-index 281ae95..3db6b82 100644 |
5394 |
---- a/fs/nfs/blocklayout/blocklayout.c |
5395 |
-+++ b/fs/nfs/blocklayout/blocklayout.c |
5396 |
-@@ -146,14 +146,19 @@ static struct bio *bl_alloc_init_bio(int npg, sector_t isect, |
5397 |
- { |
5398 |
- struct bio *bio; |
5399 |
- |
5400 |
-+ npg = min(npg, BIO_MAX_PAGES); |
5401 |
- bio = bio_alloc(GFP_NOIO, npg); |
5402 |
-- if (!bio) |
5403 |
-- return NULL; |
5404 |
-+ if (!bio && (current->flags & PF_MEMALLOC)) { |
5405 |
-+ while (!bio && (npg /= 2)) |
5406 |
-+ bio = bio_alloc(GFP_NOIO, npg); |
5407 |
-+ } |
5408 |
- |
5409 |
-- bio->bi_sector = isect - be->be_f_offset + be->be_v_offset; |
5410 |
-- bio->bi_bdev = be->be_mdev; |
5411 |
-- bio->bi_end_io = end_io; |
5412 |
-- bio->bi_private = par; |
5413 |
-+ if (bio) { |
5414 |
-+ bio->bi_sector = isect - be->be_f_offset + be->be_v_offset; |
5415 |
-+ bio->bi_bdev = be->be_mdev; |
5416 |
-+ bio->bi_end_io = end_io; |
5417 |
-+ bio->bi_private = par; |
5418 |
-+ } |
5419 |
- return bio; |
5420 |
- } |
5421 |
- |
5422 |
-@@ -779,16 +784,13 @@ bl_cleanup_layoutcommit(struct nfs4_layoutcommit_data *lcdata) |
5423 |
- static void free_blk_mountid(struct block_mount_id *mid) |
5424 |
- { |
5425 |
- if (mid) { |
5426 |
-- struct pnfs_block_dev *dev; |
5427 |
-- spin_lock(&mid->bm_lock); |
5428 |
-- while (!list_empty(&mid->bm_devlist)) { |
5429 |
-- dev = list_first_entry(&mid->bm_devlist, |
5430 |
-- struct pnfs_block_dev, |
5431 |
-- bm_node); |
5432 |
-+ struct pnfs_block_dev *dev, *tmp; |
5433 |
-+ |
5434 |
-+ /* No need to take bm_lock as we are last user freeing bm_devlist */ |
5435 |
-+ list_for_each_entry_safe(dev, tmp, &mid->bm_devlist, bm_node) { |
5436 |
- list_del(&dev->bm_node); |
5437 |
- bl_free_block_dev(dev); |
5438 |
- } |
5439 |
-- spin_unlock(&mid->bm_lock); |
5440 |
- kfree(mid); |
5441 |
- } |
5442 |
- } |
5443 |
-diff --git a/fs/nfs/blocklayout/extents.c b/fs/nfs/blocklayout/extents.c |
5444 |
-index 19fa7b0..c69682a 100644 |
5445 |
---- a/fs/nfs/blocklayout/extents.c |
5446 |
-+++ b/fs/nfs/blocklayout/extents.c |
5447 |
-@@ -139,11 +139,13 @@ static int _set_range(struct my_tree *tree, int32_t tag, u64 s, u64 length) |
5448 |
- } |
5449 |
- |
5450 |
- /* Ensure that future operations on given range of tree will not malloc */ |
5451 |
--static int _preload_range(struct my_tree *tree, u64 offset, u64 length) |
5452 |
-+static int _preload_range(struct pnfs_inval_markings *marks, |
5453 |
-+ u64 offset, u64 length) |
5454 |
- { |
5455 |
- u64 start, end, s; |
5456 |
- int count, i, used = 0, status = -ENOMEM; |
5457 |
- struct pnfs_inval_tracking **storage; |
5458 |
-+ struct my_tree *tree = &marks->im_tree; |
5459 |
- |
5460 |
- dprintk("%s(%llu, %llu) enter\n", __func__, offset, length); |
5461 |
- start = normalize(offset, tree->mtt_step_size); |
5462 |
-@@ -161,12 +163,11 @@ static int _preload_range(struct my_tree *tree, u64 offset, u64 length) |
5463 |
- goto out_cleanup; |
5464 |
- } |
5465 |
- |
5466 |
-- /* Now need lock - HOW??? */ |
5467 |
-- |
5468 |
-+ spin_lock(&marks->im_lock); |
5469 |
- for (s = start; s < end; s += tree->mtt_step_size) |
5470 |
- used += _add_entry(tree, s, INTERNAL_EXISTS, storage[used]); |
5471 |
-+ spin_unlock(&marks->im_lock); |
5472 |
- |
5473 |
-- /* Unlock - HOW??? */ |
5474 |
- status = 0; |
5475 |
- |
5476 |
- out_cleanup: |
5477 |
-@@ -286,7 +287,7 @@ int bl_mark_sectors_init(struct pnfs_inval_markings *marks, |
5478 |
- |
5479 |
- start = normalize(offset, marks->im_block_size); |
5480 |
- end = normalize_up(offset + length, marks->im_block_size); |
5481 |
-- if (_preload_range(&marks->im_tree, start, end - start)) |
5482 |
-+ if (_preload_range(marks, start, end - start)) |
5483 |
- goto outerr; |
5484 |
- |
5485 |
- spin_lock(&marks->im_lock); |
5486 |
-diff --git a/fs/nfs/callback_proc.c b/fs/nfs/callback_proc.c |
5487 |
-index 43926ad..54cea8a 100644 |
5488 |
---- a/fs/nfs/callback_proc.c |
5489 |
-+++ b/fs/nfs/callback_proc.c |
5490 |
-@@ -339,7 +339,7 @@ validate_seqid(struct nfs4_slot_table *tbl, struct cb_sequenceargs * args) |
5491 |
- dprintk("%s enter. slotid %d seqid %d\n", |
5492 |
- __func__, args->csa_slotid, args->csa_sequenceid); |
5493 |
- |
5494 |
-- if (args->csa_slotid > NFS41_BC_MAX_CALLBACKS) |
5495 |
-+ if (args->csa_slotid >= NFS41_BC_MAX_CALLBACKS) |
5496 |
- return htonl(NFS4ERR_BADSLOT); |
5497 |
- |
5498 |
- slot = tbl->slots + args->csa_slotid; |
5499 |
-diff --git a/fs/nfs/file.c b/fs/nfs/file.c |
5500 |
-index 606ef0f..c43a452 100644 |
5501 |
---- a/fs/nfs/file.c |
5502 |
-+++ b/fs/nfs/file.c |
5503 |
-@@ -272,13 +272,13 @@ nfs_file_fsync(struct file *file, loff_t start, loff_t end, int datasync) |
5504 |
- datasync); |
5505 |
- |
5506 |
- ret = filemap_write_and_wait_range(inode->i_mapping, start, end); |
5507 |
-- if (ret) |
5508 |
-- return ret; |
5509 |
- mutex_lock(&inode->i_mutex); |
5510 |
- |
5511 |
- nfs_inc_stats(inode, NFSIOS_VFSFSYNC); |
5512 |
- have_error = test_and_clear_bit(NFS_CONTEXT_ERROR_WRITE, &ctx->flags); |
5513 |
- status = nfs_commit_inode(inode, FLUSH_SYNC); |
5514 |
-+ if (status >= 0 && ret < 0) |
5515 |
-+ status = ret; |
5516 |
- have_error |= test_bit(NFS_CONTEXT_ERROR_WRITE, &ctx->flags); |
5517 |
- if (have_error) |
5518 |
- ret = xchg(&ctx->error, 0); |
5519 |
-diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c |
5520 |
-index d9f4d78..055d702 100644 |
5521 |
---- a/fs/nfs/nfs4proc.c |
5522 |
-+++ b/fs/nfs/nfs4proc.c |
5523 |
-@@ -3430,19 +3430,6 @@ static inline int nfs4_server_supports_acls(struct nfs_server *server) |
5524 |
- */ |
5525 |
- #define NFS4ACL_MAXPAGES (XATTR_SIZE_MAX >> PAGE_CACHE_SHIFT) |
5526 |
- |
5527 |
--static void buf_to_pages(const void *buf, size_t buflen, |
5528 |
-- struct page **pages, unsigned int *pgbase) |
5529 |
--{ |
5530 |
-- const void *p = buf; |
5531 |
-- |
5532 |
-- *pgbase = offset_in_page(buf); |
5533 |
-- p -= *pgbase; |
5534 |
-- while (p < buf + buflen) { |
5535 |
-- *(pages++) = virt_to_page(p); |
5536 |
-- p += PAGE_CACHE_SIZE; |
5537 |
-- } |
5538 |
--} |
5539 |
-- |
5540 |
- static int buf_to_pages_noslab(const void *buf, size_t buflen, |
5541 |
- struct page **pages, unsigned int *pgbase) |
5542 |
- { |
5543 |
-@@ -3539,9 +3526,19 @@ out: |
5544 |
- nfs4_set_cached_acl(inode, acl); |
5545 |
- } |
5546 |
- |
5547 |
-+/* |
5548 |
-+ * The getxattr API returns the required buffer length when called with a |
5549 |
-+ * NULL buf. The NFSv4 acl tool then calls getxattr again after allocating |
5550 |
-+ * the required buf. On a NULL buf, we send a page of data to the server |
5551 |
-+ * guessing that the ACL request can be serviced by a page. If so, we cache |
5552 |
-+ * up to the page of ACL data, and the 2nd call to getxattr is serviced by |
5553 |
-+ * the cache. If not so, we throw away the page, and cache the required |
5554 |
-+ * length. The next getxattr call will then produce another round trip to |
5555 |
-+ * the server, this time with the input buf of the required size. |
5556 |
-+ */ |
5557 |
- static ssize_t __nfs4_get_acl_uncached(struct inode *inode, void *buf, size_t buflen) |
5558 |
- { |
5559 |
-- struct page *pages[NFS4ACL_MAXPAGES]; |
5560 |
-+ struct page *pages[NFS4ACL_MAXPAGES] = {NULL, }; |
5561 |
- struct nfs_getaclargs args = { |
5562 |
- .fh = NFS_FH(inode), |
5563 |
- .acl_pages = pages, |
5564 |
-@@ -3556,41 +3553,60 @@ static ssize_t __nfs4_get_acl_uncached(struct inode *inode, void *buf, size_t bu |
5565 |
- .rpc_argp = &args, |
5566 |
- .rpc_resp = &res, |
5567 |
- }; |
5568 |
-- struct page *localpage = NULL; |
5569 |
-- int ret; |
5570 |
-+ int ret = -ENOMEM, npages, i, acl_len = 0; |
5571 |
- |
5572 |
-- if (buflen < PAGE_SIZE) { |
5573 |
-- /* As long as we're doing a round trip to the server anyway, |
5574 |
-- * let's be prepared for a page of acl data. */ |
5575 |
-- localpage = alloc_page(GFP_KERNEL); |
5576 |
-- resp_buf = page_address(localpage); |
5577 |
-- if (localpage == NULL) |
5578 |
-- return -ENOMEM; |
5579 |
-- args.acl_pages[0] = localpage; |
5580 |
-- args.acl_pgbase = 0; |
5581 |
-- args.acl_len = PAGE_SIZE; |
5582 |
-- } else { |
5583 |
-- resp_buf = buf; |
5584 |
-- buf_to_pages(buf, buflen, args.acl_pages, &args.acl_pgbase); |
5585 |
-+ npages = (buflen + PAGE_SIZE - 1) >> PAGE_SHIFT; |
5586 |
-+ /* As long as we're doing a round trip to the server anyway, |
5587 |
-+ * let's be prepared for a page of acl data. */ |
5588 |
-+ if (npages == 0) |
5589 |
-+ npages = 1; |
5590 |
-+ |
5591 |
-+ for (i = 0; i < npages; i++) { |
5592 |
-+ pages[i] = alloc_page(GFP_KERNEL); |
5593 |
-+ if (!pages[i]) |
5594 |
-+ goto out_free; |
5595 |
-+ } |
5596 |
-+ if (npages > 1) { |
5597 |
-+ /* for decoding across pages */ |
5598 |
-+ args.acl_scratch = alloc_page(GFP_KERNEL); |
5599 |
-+ if (!args.acl_scratch) |
5600 |
-+ goto out_free; |
5601 |
- } |
5602 |
-- ret = nfs4_call_sync(NFS_SERVER(inode)->client, NFS_SERVER(inode), &msg, &args.seq_args, &res.seq_res, 0); |
5603 |
-+ args.acl_len = npages * PAGE_SIZE; |
5604 |
-+ args.acl_pgbase = 0; |
5605 |
-+ /* Let decode_getfacl know not to fail if the ACL data is larger than |
5606 |
-+ * the page we send as a guess */ |
5607 |
-+ if (buf == NULL) |
5608 |
-+ res.acl_flags |= NFS4_ACL_LEN_REQUEST; |
5609 |
-+ resp_buf = page_address(pages[0]); |
5610 |
-+ |
5611 |
-+ dprintk("%s buf %p buflen %ld npages %d args.acl_len %ld\n", |
5612 |
-+ __func__, buf, buflen, npages, args.acl_len); |
5613 |
-+ ret = nfs4_call_sync(NFS_SERVER(inode)->client, NFS_SERVER(inode), |
5614 |
-+ &msg, &args.seq_args, &res.seq_res, 0); |
5615 |
- if (ret) |
5616 |
- goto out_free; |
5617 |
-- if (res.acl_len > args.acl_len) |
5618 |
-- nfs4_write_cached_acl(inode, NULL, res.acl_len); |
5619 |
-+ |
5620 |
-+ acl_len = res.acl_len - res.acl_data_offset; |
5621 |
-+ if (acl_len > args.acl_len) |
5622 |
-+ nfs4_write_cached_acl(inode, NULL, acl_len); |
5623 |
- else |
5624 |
-- nfs4_write_cached_acl(inode, resp_buf, res.acl_len); |
5625 |
-+ nfs4_write_cached_acl(inode, resp_buf + res.acl_data_offset, |
5626 |
-+ acl_len); |
5627 |
- if (buf) { |
5628 |
- ret = -ERANGE; |
5629 |
-- if (res.acl_len > buflen) |
5630 |
-+ if (acl_len > buflen) |
5631 |
- goto out_free; |
5632 |
-- if (localpage) |
5633 |
-- memcpy(buf, resp_buf, res.acl_len); |
5634 |
-+ _copy_from_pages(buf, pages, res.acl_data_offset, |
5635 |
-+ res.acl_len); |
5636 |
- } |
5637 |
-- ret = res.acl_len; |
5638 |
-+ ret = acl_len; |
5639 |
- out_free: |
5640 |
-- if (localpage) |
5641 |
-- __free_page(localpage); |
5642 |
-+ for (i = 0; i < npages; i++) |
5643 |
-+ if (pages[i]) |
5644 |
-+ __free_page(pages[i]); |
5645 |
-+ if (args.acl_scratch) |
5646 |
-+ __free_page(args.acl_scratch); |
5647 |
- return ret; |
5648 |
- } |
5649 |
- |
5650 |
-@@ -3621,6 +3637,8 @@ static ssize_t nfs4_proc_get_acl(struct inode *inode, void *buf, size_t buflen) |
5651 |
- nfs_zap_acl_cache(inode); |
5652 |
- ret = nfs4_read_cached_acl(inode, buf, buflen); |
5653 |
- if (ret != -ENOENT) |
5654 |
-+ /* -ENOENT is returned if there is no ACL or if there is an ACL |
5655 |
-+ * but no cached acl data, just the acl length */ |
5656 |
- return ret; |
5657 |
- return nfs4_get_acl_uncached(inode, buf, buflen); |
5658 |
- } |
5659 |
-diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c |
5660 |
-index e6161b2..dcaf693 100644 |
5661 |
---- a/fs/nfs/nfs4xdr.c |
5662 |
-+++ b/fs/nfs/nfs4xdr.c |
5663 |
-@@ -2517,11 +2517,13 @@ static void nfs4_xdr_enc_getacl(struct rpc_rqst *req, struct xdr_stream *xdr, |
5664 |
- encode_compound_hdr(xdr, req, &hdr); |
5665 |
- encode_sequence(xdr, &args->seq_args, &hdr); |
5666 |
- encode_putfh(xdr, args->fh, &hdr); |
5667 |
-- replen = hdr.replen + op_decode_hdr_maxsz + nfs4_fattr_bitmap_maxsz + 1; |
5668 |
-+ replen = hdr.replen + op_decode_hdr_maxsz + 1; |
5669 |
- encode_getattr_two(xdr, FATTR4_WORD0_ACL, 0, &hdr); |
5670 |
- |
5671 |
- xdr_inline_pages(&req->rq_rcv_buf, replen << 2, |
5672 |
- args->acl_pages, args->acl_pgbase, args->acl_len); |
5673 |
-+ xdr_set_scratch_buffer(xdr, page_address(args->acl_scratch), PAGE_SIZE); |
5674 |
-+ |
5675 |
- encode_nops(&hdr); |
5676 |
- } |
5677 |
- |
5678 |
-@@ -4957,17 +4959,18 @@ decode_restorefh(struct xdr_stream *xdr) |
5679 |
- } |
5680 |
- |
5681 |
- static int decode_getacl(struct xdr_stream *xdr, struct rpc_rqst *req, |
5682 |
-- size_t *acl_len) |
5683 |
-+ struct nfs_getaclres *res) |
5684 |
- { |
5685 |
-- __be32 *savep; |
5686 |
-+ __be32 *savep, *bm_p; |
5687 |
- uint32_t attrlen, |
5688 |
- bitmap[3] = {0}; |
5689 |
- struct kvec *iov = req->rq_rcv_buf.head; |
5690 |
- int status; |
5691 |
- |
5692 |
-- *acl_len = 0; |
5693 |
-+ res->acl_len = 0; |
5694 |
- if ((status = decode_op_hdr(xdr, OP_GETATTR)) != 0) |
5695 |
- goto out; |
5696 |
-+ bm_p = xdr->p; |
5697 |
- if ((status = decode_attr_bitmap(xdr, bitmap)) != 0) |
5698 |
- goto out; |
5699 |
- if ((status = decode_attr_length(xdr, &attrlen, &savep)) != 0) |
5700 |
-@@ -4979,18 +4982,30 @@ static int decode_getacl(struct xdr_stream *xdr, struct rpc_rqst *req, |
5701 |
- size_t hdrlen; |
5702 |
- u32 recvd; |
5703 |
- |
5704 |
-+ /* The bitmap (xdr len + bitmaps) and the attr xdr len words |
5705 |
-+ * are stored with the acl data to handle the problem of |
5706 |
-+ * variable length bitmaps.*/ |
5707 |
-+ xdr->p = bm_p; |
5708 |
-+ res->acl_data_offset = be32_to_cpup(bm_p) + 2; |
5709 |
-+ res->acl_data_offset <<= 2; |
5710 |
-+ |
5711 |
- /* We ignore &savep and don't do consistency checks on |
5712 |
- * the attr length. Let userspace figure it out.... */ |
5713 |
- hdrlen = (u8 *)xdr->p - (u8 *)iov->iov_base; |
5714 |
-+ attrlen += res->acl_data_offset; |
5715 |
- recvd = req->rq_rcv_buf.len - hdrlen; |
5716 |
- if (attrlen > recvd) { |
5717 |
-- dprintk("NFS: server cheating in getattr" |
5718 |
-- " acl reply: attrlen %u > recvd %u\n", |
5719 |
-+ if (res->acl_flags & NFS4_ACL_LEN_REQUEST) { |
5720 |
-+ /* getxattr interface called with a NULL buf */ |
5721 |
-+ res->acl_len = attrlen; |
5722 |
-+ goto out; |
5723 |
-+ } |
5724 |
-+ dprintk("NFS: acl reply: attrlen %u > recvd %u\n", |
5725 |
- attrlen, recvd); |
5726 |
- return -EINVAL; |
5727 |
- } |
5728 |
- xdr_read_pages(xdr, attrlen); |
5729 |
-- *acl_len = attrlen; |
5730 |
-+ res->acl_len = attrlen; |
5731 |
- } else |
5732 |
- status = -EOPNOTSUPP; |
5733 |
- |
5734 |
-@@ -6028,7 +6043,7 @@ nfs4_xdr_dec_getacl(struct rpc_rqst *rqstp, struct xdr_stream *xdr, |
5735 |
- status = decode_putfh(xdr); |
5736 |
- if (status) |
5737 |
- goto out; |
5738 |
-- status = decode_getacl(xdr, rqstp, &res->acl_len); |
5739 |
-+ status = decode_getacl(xdr, rqstp, res); |
5740 |
- |
5741 |
- out: |
5742 |
- return status; |
5743 |
-diff --git a/fs/nfs/objlayout/objio_osd.c b/fs/nfs/objlayout/objio_osd.c |
5744 |
-index c807ab9..55d0128 100644 |
5745 |
---- a/fs/nfs/objlayout/objio_osd.c |
5746 |
-+++ b/fs/nfs/objlayout/objio_osd.c |
5747 |
-@@ -551,7 +551,8 @@ static const struct nfs_pageio_ops objio_pg_write_ops = { |
5748 |
- static struct pnfs_layoutdriver_type objlayout_type = { |
5749 |
- .id = LAYOUT_OSD2_OBJECTS, |
5750 |
- .name = "LAYOUT_OSD2_OBJECTS", |
5751 |
-- .flags = PNFS_LAYOUTRET_ON_SETATTR, |
5752 |
-+ .flags = PNFS_LAYOUTRET_ON_SETATTR | |
5753 |
-+ PNFS_LAYOUTRET_ON_ERROR, |
5754 |
- |
5755 |
- .alloc_layout_hdr = objlayout_alloc_layout_hdr, |
5756 |
- .free_layout_hdr = objlayout_free_layout_hdr, |
5757 |
-diff --git a/fs/nfs/objlayout/objlayout.c b/fs/nfs/objlayout/objlayout.c |
5758 |
-index 72074e3..b3c2903 100644 |
5759 |
---- a/fs/nfs/objlayout/objlayout.c |
5760 |
-+++ b/fs/nfs/objlayout/objlayout.c |
5761 |
-@@ -254,6 +254,8 @@ objlayout_read_done(struct objlayout_io_res *oir, ssize_t status, bool sync) |
5762 |
- oir->status = rdata->task.tk_status = status; |
5763 |
- if (status >= 0) |
5764 |
- rdata->res.count = status; |
5765 |
-+ else |
5766 |
-+ rdata->pnfs_error = status; |
5767 |
- objlayout_iodone(oir); |
5768 |
- /* must not use oir after this point */ |
5769 |
- |
5770 |
-@@ -334,6 +336,8 @@ objlayout_write_done(struct objlayout_io_res *oir, ssize_t status, bool sync) |
5771 |
- if (status >= 0) { |
5772 |
- wdata->res.count = status; |
5773 |
- wdata->verf.committed = oir->committed; |
5774 |
-+ } else { |
5775 |
-+ wdata->pnfs_error = status; |
5776 |
- } |
5777 |
- objlayout_iodone(oir); |
5778 |
- /* must not use oir after this point */ |
5779 |
-diff --git a/fs/nfs/pnfs.c b/fs/nfs/pnfs.c |
5780 |
-index 8e672a2..f881a63 100644 |
5781 |
---- a/fs/nfs/pnfs.c |
5782 |
-+++ b/fs/nfs/pnfs.c |
5783 |
-@@ -1178,6 +1178,15 @@ void pnfs_ld_write_done(struct nfs_write_data *data) |
5784 |
- put_lseg(data->lseg); |
5785 |
- data->lseg = NULL; |
5786 |
- dprintk("pnfs write error = %d\n", data->pnfs_error); |
5787 |
-+ if (NFS_SERVER(data->inode)->pnfs_curr_ld->flags & |
5788 |
-+ PNFS_LAYOUTRET_ON_ERROR) { |
5789 |
-+ /* Don't lo_commit on error, Server will needs to |
5790 |
-+ * preform a file recovery. |
5791 |
-+ */ |
5792 |
-+ clear_bit(NFS_INO_LAYOUTCOMMIT, |
5793 |
-+ &NFS_I(data->inode)->flags); |
5794 |
-+ pnfs_return_layout(data->inode); |
5795 |
-+ } |
5796 |
- } |
5797 |
- data->mds_ops->rpc_release(data); |
5798 |
- } |
5799 |
-@@ -1267,6 +1276,9 @@ static void pnfs_ld_handle_read_error(struct nfs_read_data *data) |
5800 |
- put_lseg(data->lseg); |
5801 |
- data->lseg = NULL; |
5802 |
- dprintk("pnfs write error = %d\n", data->pnfs_error); |
5803 |
-+ if (NFS_SERVER(data->inode)->pnfs_curr_ld->flags & |
5804 |
-+ PNFS_LAYOUTRET_ON_ERROR) |
5805 |
-+ pnfs_return_layout(data->inode); |
5806 |
- |
5807 |
- nfs_pageio_init_read_mds(&pgio, data->inode); |
5808 |
- |
5809 |
-diff --git a/fs/nfs/pnfs.h b/fs/nfs/pnfs.h |
5810 |
-index 1509530..53d593a 100644 |
5811 |
---- a/fs/nfs/pnfs.h |
5812 |
-+++ b/fs/nfs/pnfs.h |
5813 |
-@@ -68,6 +68,7 @@ enum { |
5814 |
- enum layoutdriver_policy_flags { |
5815 |
- /* Should the pNFS client commit and return the layout upon a setattr */ |
5816 |
- PNFS_LAYOUTRET_ON_SETATTR = 1 << 0, |
5817 |
-+ PNFS_LAYOUTRET_ON_ERROR = 1 << 1, |
5818 |
- }; |
5819 |
- |
5820 |
- struct nfs4_deviceid_node; |
5821 |
-diff --git a/fs/nfs/super.c b/fs/nfs/super.c |
5822 |
-index 1347774..3ada13c 100644 |
5823 |
---- a/fs/nfs/super.c |
5824 |
-+++ b/fs/nfs/super.c |
5825 |
-@@ -909,10 +909,24 @@ static struct nfs_parsed_mount_data *nfs_alloc_parsed_mount_data(unsigned int ve |
5826 |
- data->auth_flavor_len = 1; |
5827 |
- data->version = version; |
5828 |
- data->minorversion = 0; |
5829 |
-+ security_init_mnt_opts(&data->lsm_opts); |
5830 |
- } |
5831 |
- return data; |
5832 |
- } |
5833 |
- |
5834 |
-+static void nfs_free_parsed_mount_data(struct nfs_parsed_mount_data *data) |
5835 |
-+{ |
5836 |
-+ if (data) { |
5837 |
-+ kfree(data->client_address); |
5838 |
-+ kfree(data->mount_server.hostname); |
5839 |
-+ kfree(data->nfs_server.export_path); |
5840 |
-+ kfree(data->nfs_server.hostname); |
5841 |
-+ kfree(data->fscache_uniq); |
5842 |
-+ security_free_mnt_opts(&data->lsm_opts); |
5843 |
-+ kfree(data); |
5844 |
-+ } |
5845 |
-+} |
5846 |
-+ |
5847 |
- /* |
5848 |
- * Sanity-check a server address provided by the mount command. |
5849 |
- * |
5850 |
-@@ -2220,9 +2234,7 @@ static struct dentry *nfs_fs_mount(struct file_system_type *fs_type, |
5851 |
- data = nfs_alloc_parsed_mount_data(NFS_DEFAULT_VERSION); |
5852 |
- mntfh = nfs_alloc_fhandle(); |
5853 |
- if (data == NULL || mntfh == NULL) |
5854 |
-- goto out_free_fh; |
5855 |
-- |
5856 |
-- security_init_mnt_opts(&data->lsm_opts); |
5857 |
-+ goto out; |
5858 |
- |
5859 |
- /* Validate the mount data */ |
5860 |
- error = nfs_validate_mount_data(raw_data, data, mntfh, dev_name); |
5861 |
-@@ -2234,8 +2246,6 @@ static struct dentry *nfs_fs_mount(struct file_system_type *fs_type, |
5862 |
- #ifdef CONFIG_NFS_V4 |
5863 |
- if (data->version == 4) { |
5864 |
- mntroot = nfs4_try_mount(flags, dev_name, data); |
5865 |
-- kfree(data->client_address); |
5866 |
-- kfree(data->nfs_server.export_path); |
5867 |
- goto out; |
5868 |
- } |
5869 |
- #endif /* CONFIG_NFS_V4 */ |
5870 |
-@@ -2290,13 +2300,8 @@ static struct dentry *nfs_fs_mount(struct file_system_type *fs_type, |
5871 |
- s->s_flags |= MS_ACTIVE; |
5872 |
- |
5873 |
- out: |
5874 |
-- kfree(data->nfs_server.hostname); |
5875 |
-- kfree(data->mount_server.hostname); |
5876 |
-- kfree(data->fscache_uniq); |
5877 |
-- security_free_mnt_opts(&data->lsm_opts); |
5878 |
--out_free_fh: |
5879 |
-+ nfs_free_parsed_mount_data(data); |
5880 |
- nfs_free_fhandle(mntfh); |
5881 |
-- kfree(data); |
5882 |
- return mntroot; |
5883 |
- |
5884 |
- out_err_nosb: |
5885 |
-@@ -2623,9 +2628,7 @@ nfs4_remote_mount(struct file_system_type *fs_type, int flags, |
5886 |
- |
5887 |
- mntfh = nfs_alloc_fhandle(); |
5888 |
- if (data == NULL || mntfh == NULL) |
5889 |
-- goto out_free_fh; |
5890 |
-- |
5891 |
-- security_init_mnt_opts(&data->lsm_opts); |
5892 |
-+ goto out; |
5893 |
- |
5894 |
- /* Get a volume representation */ |
5895 |
- server = nfs4_create_server(data, mntfh); |
5896 |
-@@ -2677,13 +2680,10 @@ nfs4_remote_mount(struct file_system_type *fs_type, int flags, |
5897 |
- |
5898 |
- s->s_flags |= MS_ACTIVE; |
5899 |
- |
5900 |
-- security_free_mnt_opts(&data->lsm_opts); |
5901 |
- nfs_free_fhandle(mntfh); |
5902 |
- return mntroot; |
5903 |
- |
5904 |
- out: |
5905 |
-- security_free_mnt_opts(&data->lsm_opts); |
5906 |
--out_free_fh: |
5907 |
- nfs_free_fhandle(mntfh); |
5908 |
- return ERR_PTR(error); |
5909 |
- |
5910 |
-@@ -2838,7 +2838,7 @@ static struct dentry *nfs4_mount(struct file_system_type *fs_type, |
5911 |
- |
5912 |
- data = nfs_alloc_parsed_mount_data(4); |
5913 |
- if (data == NULL) |
5914 |
-- goto out_free_data; |
5915 |
-+ goto out; |
5916 |
- |
5917 |
- /* Validate the mount data */ |
5918 |
- error = nfs4_validate_mount_data(raw_data, data, dev_name); |
5919 |
-@@ -2852,12 +2852,7 @@ static struct dentry *nfs4_mount(struct file_system_type *fs_type, |
5920 |
- error = PTR_ERR(res); |
5921 |
- |
5922 |
- out: |
5923 |
-- kfree(data->client_address); |
5924 |
-- kfree(data->nfs_server.export_path); |
5925 |
-- kfree(data->nfs_server.hostname); |
5926 |
-- kfree(data->fscache_uniq); |
5927 |
--out_free_data: |
5928 |
-- kfree(data); |
5929 |
-+ nfs_free_parsed_mount_data(data); |
5930 |
- dprintk("<-- nfs4_mount() = %d%s\n", error, |
5931 |
- error != 0 ? " [error]" : ""); |
5932 |
- return res; |
5933 |
-diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c |
5934 |
-index 62f3b90..5f312ab 100644 |
5935 |
---- a/fs/nfsd/export.c |
5936 |
-+++ b/fs/nfsd/export.c |
5937 |
-@@ -87,7 +87,7 @@ static int expkey_parse(struct cache_detail *cd, char *mesg, int mlen) |
5938 |
- struct svc_expkey key; |
5939 |
- struct svc_expkey *ek = NULL; |
5940 |
- |
5941 |
-- if (mesg[mlen-1] != '\n') |
5942 |
-+ if (mlen < 1 || mesg[mlen-1] != '\n') |
5943 |
- return -EINVAL; |
5944 |
- mesg[mlen-1] = 0; |
5945 |
- |
5946 |
-diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c |
5947 |
-index 47e94e3..5abced7 100644 |
5948 |
---- a/fs/nfsd/nfs4state.c |
5949 |
-+++ b/fs/nfsd/nfs4state.c |
5950 |
-@@ -3809,16 +3809,29 @@ nevermind: |
5951 |
- deny->ld_type = NFS4_WRITE_LT; |
5952 |
- } |
5953 |
- |
5954 |
-+static bool same_lockowner_ino(struct nfs4_lockowner *lo, struct inode *inode, clientid_t *clid, struct xdr_netobj *owner) |
5955 |
-+{ |
5956 |
-+ struct nfs4_ol_stateid *lst; |
5957 |
-+ |
5958 |
-+ if (!same_owner_str(&lo->lo_owner, owner, clid)) |
5959 |
-+ return false; |
5960 |
-+ lst = list_first_entry(&lo->lo_owner.so_stateids, |
5961 |
-+ struct nfs4_ol_stateid, st_perstateowner); |
5962 |
-+ return lst->st_file->fi_inode == inode; |
5963 |
-+} |
5964 |
-+ |
5965 |
- static struct nfs4_lockowner * |
5966 |
- find_lockowner_str(struct inode *inode, clientid_t *clid, |
5967 |
- struct xdr_netobj *owner) |
5968 |
- { |
5969 |
- unsigned int hashval = lock_ownerstr_hashval(inode, clid->cl_id, owner); |
5970 |
-+ struct nfs4_lockowner *lo; |
5971 |
- struct nfs4_stateowner *op; |
5972 |
- |
5973 |
- list_for_each_entry(op, &lock_ownerstr_hashtbl[hashval], so_strhash) { |
5974 |
-- if (same_owner_str(op, owner, clid)) |
5975 |
-- return lockowner(op); |
5976 |
-+ lo = lockowner(op); |
5977 |
-+ if (same_lockowner_ino(lo, inode, clid, owner)) |
5978 |
-+ return lo; |
5979 |
- } |
5980 |
- return NULL; |
5981 |
- } |
5982 |
-diff --git a/fs/notify/mark.c b/fs/notify/mark.c |
5983 |
-index e14587d..f104d56 100644 |
5984 |
---- a/fs/notify/mark.c |
5985 |
-+++ b/fs/notify/mark.c |
5986 |
-@@ -135,9 +135,6 @@ void fsnotify_destroy_mark(struct fsnotify_mark *mark) |
5987 |
- |
5988 |
- mark->flags &= ~FSNOTIFY_MARK_FLAG_ALIVE; |
5989 |
- |
5990 |
-- /* 1 from caller and 1 for being on i_list/g_list */ |
5991 |
-- BUG_ON(atomic_read(&mark->refcnt) < 2); |
5992 |
-- |
5993 |
- spin_lock(&group->mark_lock); |
5994 |
- |
5995 |
- if (mark->flags & FSNOTIFY_MARK_FLAG_INODE) { |
5996 |
-@@ -182,6 +179,11 @@ void fsnotify_destroy_mark(struct fsnotify_mark *mark) |
5997 |
- iput(inode); |
5998 |
- |
5999 |
- /* |
6000 |
-+ * We don't necessarily have a ref on mark from caller so the above iput |
6001 |
-+ * may have already destroyed it. Don't touch from now on. |
6002 |
-+ */ |
6003 |
-+ |
6004 |
-+ /* |
6005 |
- * it's possible that this group tried to destroy itself, but this |
6006 |
- * this mark was simultaneously being freed by inode. If that's the |
6007 |
- * case, we finish freeing the group here. |
6008 |
-diff --git a/fs/proc/base.c b/fs/proc/base.c |
6009 |
-index 851ba3d..1fc1dca 100644 |
6010 |
---- a/fs/proc/base.c |
6011 |
-+++ b/fs/proc/base.c |
6012 |
-@@ -194,65 +194,7 @@ static int proc_root_link(struct inode *inode, struct path *path) |
6013 |
- return result; |
6014 |
- } |
6015 |
- |
6016 |
--static struct mm_struct *__check_mem_permission(struct task_struct *task) |
6017 |
--{ |
6018 |
-- struct mm_struct *mm; |
6019 |
-- |
6020 |
-- mm = get_task_mm(task); |
6021 |
-- if (!mm) |
6022 |
-- return ERR_PTR(-EINVAL); |
6023 |
-- |
6024 |
-- /* |
6025 |
-- * A task can always look at itself, in case it chooses |
6026 |
-- * to use system calls instead of load instructions. |
6027 |
-- */ |
6028 |
-- if (task == current) |
6029 |
-- return mm; |
6030 |
-- |
6031 |
-- /* |
6032 |
-- * If current is actively ptrace'ing, and would also be |
6033 |
-- * permitted to freshly attach with ptrace now, permit it. |
6034 |
-- */ |
6035 |
-- if (task_is_stopped_or_traced(task)) { |
6036 |
-- int match; |
6037 |
-- rcu_read_lock(); |
6038 |
-- match = (ptrace_parent(task) == current); |
6039 |
-- rcu_read_unlock(); |
6040 |
-- if (match && ptrace_may_access(task, PTRACE_MODE_ATTACH)) |
6041 |
-- return mm; |
6042 |
-- } |
6043 |
-- |
6044 |
-- /* |
6045 |
-- * No one else is allowed. |
6046 |
-- */ |
6047 |
-- mmput(mm); |
6048 |
-- return ERR_PTR(-EPERM); |
6049 |
--} |
6050 |
-- |
6051 |
--/* |
6052 |
-- * If current may access user memory in @task return a reference to the |
6053 |
-- * corresponding mm, otherwise ERR_PTR. |
6054 |
-- */ |
6055 |
--static struct mm_struct *check_mem_permission(struct task_struct *task) |
6056 |
--{ |
6057 |
-- struct mm_struct *mm; |
6058 |
-- int err; |
6059 |
-- |
6060 |
-- /* |
6061 |
-- * Avoid racing if task exec's as we might get a new mm but validate |
6062 |
-- * against old credentials. |
6063 |
-- */ |
6064 |
-- err = mutex_lock_killable(&task->signal->cred_guard_mutex); |
6065 |
-- if (err) |
6066 |
-- return ERR_PTR(err); |
6067 |
-- |
6068 |
-- mm = __check_mem_permission(task); |
6069 |
-- mutex_unlock(&task->signal->cred_guard_mutex); |
6070 |
-- |
6071 |
-- return mm; |
6072 |
--} |
6073 |
-- |
6074 |
--struct mm_struct *mm_for_maps(struct task_struct *task) |
6075 |
-+static struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) |
6076 |
- { |
6077 |
- struct mm_struct *mm; |
6078 |
- int err; |
6079 |
-@@ -263,7 +205,7 @@ struct mm_struct *mm_for_maps(struct task_struct *task) |
6080 |
- |
6081 |
- mm = get_task_mm(task); |
6082 |
- if (mm && mm != current->mm && |
6083 |
-- !ptrace_may_access(task, PTRACE_MODE_READ)) { |
6084 |
-+ !ptrace_may_access(task, mode)) { |
6085 |
- mmput(mm); |
6086 |
- mm = ERR_PTR(-EACCES); |
6087 |
- } |
6088 |
-@@ -272,6 +214,11 @@ struct mm_struct *mm_for_maps(struct task_struct *task) |
6089 |
- return mm; |
6090 |
- } |
6091 |
- |
6092 |
-+struct mm_struct *mm_for_maps(struct task_struct *task) |
6093 |
-+{ |
6094 |
-+ return mm_access(task, PTRACE_MODE_READ); |
6095 |
-+} |
6096 |
-+ |
6097 |
- static int proc_pid_cmdline(struct task_struct *task, char * buffer) |
6098 |
- { |
6099 |
- int res = 0; |
6100 |
-@@ -816,38 +763,39 @@ static const struct file_operations proc_single_file_operations = { |
6101 |
- |
6102 |
- static int mem_open(struct inode* inode, struct file* file) |
6103 |
- { |
6104 |
-- file->private_data = (void*)((long)current->self_exec_id); |
6105 |
-+ struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode); |
6106 |
-+ struct mm_struct *mm; |
6107 |
-+ |
6108 |
-+ if (!task) |
6109 |
-+ return -ESRCH; |
6110 |
-+ |
6111 |
-+ mm = mm_access(task, PTRACE_MODE_ATTACH); |
6112 |
-+ put_task_struct(task); |
6113 |
-+ |
6114 |
-+ if (IS_ERR(mm)) |
6115 |
-+ return PTR_ERR(mm); |
6116 |
-+ |
6117 |
- /* OK to pass negative loff_t, we can catch out-of-range */ |
6118 |
- file->f_mode |= FMODE_UNSIGNED_OFFSET; |
6119 |
-+ file->private_data = mm; |
6120 |
-+ |
6121 |
- return 0; |
6122 |
- } |
6123 |
- |
6124 |
- static ssize_t mem_read(struct file * file, char __user * buf, |
6125 |
- size_t count, loff_t *ppos) |
6126 |
- { |
6127 |
-- struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode); |
6128 |
-+ int ret; |
6129 |
- char *page; |
6130 |
- unsigned long src = *ppos; |
6131 |
-- int ret = -ESRCH; |
6132 |
-- struct mm_struct *mm; |
6133 |
-+ struct mm_struct *mm = file->private_data; |
6134 |
- |
6135 |
-- if (!task) |
6136 |
-- goto out_no_task; |
6137 |
-+ if (!mm) |
6138 |
-+ return 0; |
6139 |
- |
6140 |
-- ret = -ENOMEM; |
6141 |
- page = (char *)__get_free_page(GFP_TEMPORARY); |
6142 |
- if (!page) |
6143 |
-- goto out; |
6144 |
-- |
6145 |
-- mm = check_mem_permission(task); |
6146 |
-- ret = PTR_ERR(mm); |
6147 |
-- if (IS_ERR(mm)) |
6148 |
-- goto out_free; |
6149 |
-- |
6150 |
-- ret = -EIO; |
6151 |
-- |
6152 |
-- if (file->private_data != (void*)((long)current->self_exec_id)) |
6153 |
-- goto out_put; |
6154 |
-+ return -ENOMEM; |
6155 |
- |
6156 |
- ret = 0; |
6157 |
- |
6158 |
-@@ -874,13 +822,7 @@ static ssize_t mem_read(struct file * file, char __user * buf, |
6159 |
- } |
6160 |
- *ppos = src; |
6161 |
- |
6162 |
--out_put: |
6163 |
-- mmput(mm); |
6164 |
--out_free: |
6165 |
- free_page((unsigned long) page); |
6166 |
--out: |
6167 |
-- put_task_struct(task); |
6168 |
--out_no_task: |
6169 |
- return ret; |
6170 |
- } |
6171 |
- |
6172 |
-@@ -889,27 +831,15 @@ static ssize_t mem_write(struct file * file, const char __user *buf, |
6173 |
- { |
6174 |
- int copied; |
6175 |
- char *page; |
6176 |
-- struct task_struct *task = get_proc_task(file->f_path.dentry->d_inode); |
6177 |
- unsigned long dst = *ppos; |
6178 |
-- struct mm_struct *mm; |
6179 |
-+ struct mm_struct *mm = file->private_data; |
6180 |
- |
6181 |
-- copied = -ESRCH; |
6182 |
-- if (!task) |
6183 |
-- goto out_no_task; |
6184 |
-+ if (!mm) |
6185 |
-+ return 0; |
6186 |
- |
6187 |
-- copied = -ENOMEM; |
6188 |
- page = (char *)__get_free_page(GFP_TEMPORARY); |
6189 |
- if (!page) |
6190 |
-- goto out_task; |
6191 |
-- |
6192 |
-- mm = check_mem_permission(task); |
6193 |
-- copied = PTR_ERR(mm); |
6194 |
-- if (IS_ERR(mm)) |
6195 |
-- goto out_free; |
6196 |
-- |
6197 |
-- copied = -EIO; |
6198 |
-- if (file->private_data != (void *)((long)current->self_exec_id)) |
6199 |
-- goto out_mm; |
6200 |
-+ return -ENOMEM; |
6201 |
- |
6202 |
- copied = 0; |
6203 |
- while (count > 0) { |
6204 |
-@@ -933,13 +863,7 @@ static ssize_t mem_write(struct file * file, const char __user *buf, |
6205 |
- } |
6206 |
- *ppos = dst; |
6207 |
- |
6208 |
--out_mm: |
6209 |
-- mmput(mm); |
6210 |
--out_free: |
6211 |
- free_page((unsigned long) page); |
6212 |
--out_task: |
6213 |
-- put_task_struct(task); |
6214 |
--out_no_task: |
6215 |
- return copied; |
6216 |
- } |
6217 |
- |
6218 |
-@@ -959,11 +883,20 @@ loff_t mem_lseek(struct file *file, loff_t offset, int orig) |
6219 |
- return file->f_pos; |
6220 |
- } |
6221 |
- |
6222 |
-+static int mem_release(struct inode *inode, struct file *file) |
6223 |
-+{ |
6224 |
-+ struct mm_struct *mm = file->private_data; |
6225 |
-+ |
6226 |
-+ mmput(mm); |
6227 |
-+ return 0; |
6228 |
-+} |
6229 |
-+ |
6230 |
- static const struct file_operations proc_mem_operations = { |
6231 |
- .llseek = mem_lseek, |
6232 |
- .read = mem_read, |
6233 |
- .write = mem_write, |
6234 |
- .open = mem_open, |
6235 |
-+ .release = mem_release, |
6236 |
- }; |
6237 |
- |
6238 |
- static ssize_t environ_read(struct file *file, char __user *buf, |
6239 |
-diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c |
6240 |
-index e418c5a..7dcd2a2 100644 |
6241 |
---- a/fs/proc/task_mmu.c |
6242 |
-+++ b/fs/proc/task_mmu.c |
6243 |
-@@ -518,6 +518,9 @@ static int clear_refs_pte_range(pmd_t *pmd, unsigned long addr, |
6244 |
- if (!page) |
6245 |
- continue; |
6246 |
- |
6247 |
-+ if (PageReserved(page)) |
6248 |
-+ continue; |
6249 |
-+ |
6250 |
- /* Clear accessed and referenced bits. */ |
6251 |
- ptep_test_and_clear_young(vma, addr, pte); |
6252 |
- ClearPageReferenced(page); |
6253 |
-diff --git a/fs/proc/uptime.c b/fs/proc/uptime.c |
6254 |
-index 766b1d4..29166ec 100644 |
6255 |
---- a/fs/proc/uptime.c |
6256 |
-+++ b/fs/proc/uptime.c |
6257 |
-@@ -11,15 +11,20 @@ static int uptime_proc_show(struct seq_file *m, void *v) |
6258 |
- { |
6259 |
- struct timespec uptime; |
6260 |
- struct timespec idle; |
6261 |
-+ cputime64_t idletime; |
6262 |
-+ u64 nsec; |
6263 |
-+ u32 rem; |
6264 |
- int i; |
6265 |
-- cputime_t idletime = cputime_zero; |
6266 |
- |
6267 |
-+ idletime = 0; |
6268 |
- for_each_possible_cpu(i) |
6269 |
- idletime = cputime64_add(idletime, kstat_cpu(i).cpustat.idle); |
6270 |
- |
6271 |
- do_posix_clock_monotonic_gettime(&uptime); |
6272 |
- monotonic_to_bootbased(&uptime); |
6273 |
-- cputime_to_timespec(idletime, &idle); |
6274 |
-+ nsec = cputime64_to_jiffies64(idletime) * TICK_NSEC; |
6275 |
-+ idle.tv_sec = div_u64_rem(nsec, NSEC_PER_SEC, &rem); |
6276 |
-+ idle.tv_nsec = rem; |
6277 |
- seq_printf(m, "%lu.%02lu %lu.%02lu\n", |
6278 |
- (unsigned long) uptime.tv_sec, |
6279 |
- (uptime.tv_nsec / (NSEC_PER_SEC / 100)), |
6280 |
-diff --git a/fs/ubifs/debug.h b/fs/ubifs/debug.h |
6281 |
-index 8d9c468..c9d2941 100644 |
6282 |
---- a/fs/ubifs/debug.h |
6283 |
-+++ b/fs/ubifs/debug.h |
6284 |
-@@ -175,22 +175,23 @@ const char *dbg_key_str1(const struct ubifs_info *c, |
6285 |
- const union ubifs_key *key); |
6286 |
- |
6287 |
- /* |
6288 |
-- * DBGKEY macros require @dbg_lock to be held, which it is in the dbg message |
6289 |
-- * macros. |
6290 |
-+ * TODO: these macros are now broken because there is no locking around them |
6291 |
-+ * and we use a global buffer for the key string. This means that in case of |
6292 |
-+ * concurrent execution we will end up with incorrect and messy key strings. |
6293 |
- */ |
6294 |
- #define DBGKEY(key) dbg_key_str0(c, (key)) |
6295 |
- #define DBGKEY1(key) dbg_key_str1(c, (key)) |
6296 |
- |
6297 |
- extern spinlock_t dbg_lock; |
6298 |
- |
6299 |
--#define ubifs_dbg_msg(type, fmt, ...) do { \ |
6300 |
-- spin_lock(&dbg_lock); \ |
6301 |
-- pr_debug("UBIFS DBG " type ": " fmt "\n", ##__VA_ARGS__); \ |
6302 |
-- spin_unlock(&dbg_lock); \ |
6303 |
--} while (0) |
6304 |
-+#define ubifs_dbg_msg(type, fmt, ...) \ |
6305 |
-+ pr_debug("UBIFS DBG " type ": " fmt "\n", ##__VA_ARGS__) |
6306 |
- |
6307 |
- /* Just a debugging messages not related to any specific UBIFS subsystem */ |
6308 |
--#define dbg_msg(fmt, ...) ubifs_dbg_msg("msg", fmt, ##__VA_ARGS__) |
6309 |
-+#define dbg_msg(fmt, ...) \ |
6310 |
-+ printk(KERN_DEBUG "UBIFS DBG (pid %d): %s: " fmt "\n", current->pid, \ |
6311 |
-+ __func__, ##__VA_ARGS__) |
6312 |
-+ |
6313 |
- /* General messages */ |
6314 |
- #define dbg_gen(fmt, ...) ubifs_dbg_msg("gen", fmt, ##__VA_ARGS__) |
6315 |
- /* Additional journal messages */ |
6316 |
-diff --git a/fs/xfs/xfs_discard.c b/fs/xfs/xfs_discard.c |
6317 |
-index 8a24f0c..286a051 100644 |
6318 |
---- a/fs/xfs/xfs_discard.c |
6319 |
-+++ b/fs/xfs/xfs_discard.c |
6320 |
-@@ -68,7 +68,7 @@ xfs_trim_extents( |
6321 |
- * Look up the longest btree in the AGF and start with it. |
6322 |
- */ |
6323 |
- error = xfs_alloc_lookup_le(cur, 0, |
6324 |
-- XFS_BUF_TO_AGF(agbp)->agf_longest, &i); |
6325 |
-+ be32_to_cpu(XFS_BUF_TO_AGF(agbp)->agf_longest), &i); |
6326 |
- if (error) |
6327 |
- goto out_del_cursor; |
6328 |
- |
6329 |
-@@ -84,7 +84,7 @@ xfs_trim_extents( |
6330 |
- if (error) |
6331 |
- goto out_del_cursor; |
6332 |
- XFS_WANT_CORRUPTED_GOTO(i == 1, out_del_cursor); |
6333 |
-- ASSERT(flen <= XFS_BUF_TO_AGF(agbp)->agf_longest); |
6334 |
-+ ASSERT(flen <= be32_to_cpu(XFS_BUF_TO_AGF(agbp)->agf_longest)); |
6335 |
- |
6336 |
- /* |
6337 |
- * Too small? Give up. |
6338 |
-diff --git a/include/acpi/acpi_numa.h b/include/acpi/acpi_numa.h |
6339 |
-index 1739726..451823c 100644 |
6340 |
---- a/include/acpi/acpi_numa.h |
6341 |
-+++ b/include/acpi/acpi_numa.h |
6342 |
-@@ -15,6 +15,7 @@ extern int pxm_to_node(int); |
6343 |
- extern int node_to_pxm(int); |
6344 |
- extern void __acpi_map_pxm_to_node(int, int); |
6345 |
- extern int acpi_map_pxm_to_node(int); |
6346 |
-+extern unsigned char acpi_srat_revision; |
6347 |
- |
6348 |
- #endif /* CONFIG_ACPI_NUMA */ |
6349 |
- #endif /* __ACP_NUMA_H */ |
6350 |
-diff --git a/include/linux/blkdev.h b/include/linux/blkdev.h |
6351 |
-index 94acd81..0ed1eb0 100644 |
6352 |
---- a/include/linux/blkdev.h |
6353 |
-+++ b/include/linux/blkdev.h |
6354 |
-@@ -675,6 +675,9 @@ extern int blk_insert_cloned_request(struct request_queue *q, |
6355 |
- struct request *rq); |
6356 |
- extern void blk_delay_queue(struct request_queue *, unsigned long); |
6357 |
- extern void blk_recount_segments(struct request_queue *, struct bio *); |
6358 |
-+extern int scsi_verify_blk_ioctl(struct block_device *, unsigned int); |
6359 |
-+extern int scsi_cmd_blk_ioctl(struct block_device *, fmode_t, |
6360 |
-+ unsigned int, void __user *); |
6361 |
- extern int scsi_cmd_ioctl(struct request_queue *, struct gendisk *, fmode_t, |
6362 |
- unsigned int, void __user *); |
6363 |
- extern int sg_scsi_ioctl(struct request_queue *, struct gendisk *, fmode_t, |
6364 |
-diff --git a/include/linux/crash_dump.h b/include/linux/crash_dump.h |
6365 |
-index 5c4abce..b936763 100644 |
6366 |
---- a/include/linux/crash_dump.h |
6367 |
-+++ b/include/linux/crash_dump.h |
6368 |
-@@ -5,6 +5,7 @@ |
6369 |
- #include <linux/kexec.h> |
6370 |
- #include <linux/device.h> |
6371 |
- #include <linux/proc_fs.h> |
6372 |
-+#include <linux/elf.h> |
6373 |
- |
6374 |
- #define ELFCORE_ADDR_MAX (-1ULL) |
6375 |
- #define ELFCORE_ADDR_ERR (-2ULL) |
6376 |
-diff --git a/include/linux/dcache.h b/include/linux/dcache.h |
6377 |
-index ed9f74f..4eb8c80 100644 |
6378 |
---- a/include/linux/dcache.h |
6379 |
-+++ b/include/linux/dcache.h |
6380 |
-@@ -203,6 +203,7 @@ struct dentry_operations { |
6381 |
- |
6382 |
- #define DCACHE_CANT_MOUNT 0x0100 |
6383 |
- #define DCACHE_GENOCIDE 0x0200 |
6384 |
-+#define DCACHE_SHRINK_LIST 0x0400 |
6385 |
- |
6386 |
- #define DCACHE_NFSFS_RENAMED 0x1000 |
6387 |
- /* this dentry has been "silly renamed" and has to be deleted on the last |
6388 |
-diff --git a/include/linux/memcontrol.h b/include/linux/memcontrol.h |
6389 |
-index b87068a..81572af 100644 |
6390 |
---- a/include/linux/memcontrol.h |
6391 |
-+++ b/include/linux/memcontrol.h |
6392 |
-@@ -119,6 +119,8 @@ struct zone_reclaim_stat* |
6393 |
- mem_cgroup_get_reclaim_stat_from_page(struct page *page); |
6394 |
- extern void mem_cgroup_print_oom_info(struct mem_cgroup *memcg, |
6395 |
- struct task_struct *p); |
6396 |
-+extern void mem_cgroup_replace_page_cache(struct page *oldpage, |
6397 |
-+ struct page *newpage); |
6398 |
- |
6399 |
- #ifdef CONFIG_CGROUP_MEM_RES_CTLR_SWAP |
6400 |
- extern int do_swap_account; |
6401 |
-@@ -366,6 +368,10 @@ static inline |
6402 |
- void mem_cgroup_count_vm_event(struct mm_struct *mm, enum vm_event_item idx) |
6403 |
- { |
6404 |
- } |
6405 |
-+static inline void mem_cgroup_replace_page_cache(struct page *oldpage, |
6406 |
-+ struct page *newpage) |
6407 |
-+{ |
6408 |
-+} |
6409 |
- #endif /* CONFIG_CGROUP_MEM_CONT */ |
6410 |
- |
6411 |
- #if !defined(CONFIG_CGROUP_MEM_RES_CTLR) || !defined(CONFIG_DEBUG_VM) |
6412 |
-diff --git a/include/linux/nfs_xdr.h b/include/linux/nfs_xdr.h |
6413 |
-index 2a7c533..6c898af 100644 |
6414 |
---- a/include/linux/nfs_xdr.h |
6415 |
-+++ b/include/linux/nfs_xdr.h |
6416 |
-@@ -602,11 +602,16 @@ struct nfs_getaclargs { |
6417 |
- size_t acl_len; |
6418 |
- unsigned int acl_pgbase; |
6419 |
- struct page ** acl_pages; |
6420 |
-+ struct page * acl_scratch; |
6421 |
- struct nfs4_sequence_args seq_args; |
6422 |
- }; |
6423 |
- |
6424 |
-+/* getxattr ACL interface flags */ |
6425 |
-+#define NFS4_ACL_LEN_REQUEST 0x0001 /* zero length getxattr buffer */ |
6426 |
- struct nfs_getaclres { |
6427 |
- size_t acl_len; |
6428 |
-+ size_t acl_data_offset; |
6429 |
-+ int acl_flags; |
6430 |
- struct nfs4_sequence_res seq_res; |
6431 |
- }; |
6432 |
- |
6433 |
-diff --git a/include/linux/pci_regs.h b/include/linux/pci_regs.h |
6434 |
-index b5d9657..411c412 100644 |
6435 |
---- a/include/linux/pci_regs.h |
6436 |
-+++ b/include/linux/pci_regs.h |
6437 |
-@@ -392,7 +392,7 @@ |
6438 |
- #define PCI_EXP_TYPE_DOWNSTREAM 0x6 /* Downstream Port */ |
6439 |
- #define PCI_EXP_TYPE_PCI_BRIDGE 0x7 /* PCI/PCI-X Bridge */ |
6440 |
- #define PCI_EXP_TYPE_RC_END 0x9 /* Root Complex Integrated Endpoint */ |
6441 |
--#define PCI_EXP_TYPE_RC_EC 0x10 /* Root Complex Event Collector */ |
6442 |
-+#define PCI_EXP_TYPE_RC_EC 0xa /* Root Complex Event Collector */ |
6443 |
- #define PCI_EXP_FLAGS_SLOT 0x0100 /* Slot implemented */ |
6444 |
- #define PCI_EXP_FLAGS_IRQ 0x3e00 /* Interrupt message number */ |
6445 |
- #define PCI_EXP_DEVCAP 4 /* Device capabilities */ |
6446 |
-diff --git a/include/linux/shmem_fs.h b/include/linux/shmem_fs.h |
6447 |
-index 9291ac3..6f10c9c 100644 |
6448 |
---- a/include/linux/shmem_fs.h |
6449 |
-+++ b/include/linux/shmem_fs.h |
6450 |
-@@ -48,6 +48,7 @@ extern struct file *shmem_file_setup(const char *name, |
6451 |
- loff_t size, unsigned long flags); |
6452 |
- extern int shmem_zero_setup(struct vm_area_struct *); |
6453 |
- extern int shmem_lock(struct file *file, int lock, struct user_struct *user); |
6454 |
-+extern void shmem_unlock_mapping(struct address_space *mapping); |
6455 |
- extern struct page *shmem_read_mapping_page_gfp(struct address_space *mapping, |
6456 |
- pgoff_t index, gfp_t gfp_mask); |
6457 |
- extern void shmem_truncate_range(struct inode *inode, loff_t start, loff_t end); |
6458 |
-diff --git a/include/linux/sunrpc/svcsock.h b/include/linux/sunrpc/svcsock.h |
6459 |
-index 85c50b4..c84e974 100644 |
6460 |
---- a/include/linux/sunrpc/svcsock.h |
6461 |
-+++ b/include/linux/sunrpc/svcsock.h |
6462 |
-@@ -34,7 +34,7 @@ struct svc_sock { |
6463 |
- /* |
6464 |
- * Function prototypes. |
6465 |
- */ |
6466 |
--void svc_close_all(struct list_head *); |
6467 |
-+void svc_close_all(struct svc_serv *); |
6468 |
- int svc_recv(struct svc_rqst *, long); |
6469 |
- int svc_send(struct svc_rqst *); |
6470 |
- void svc_drop(struct svc_rqst *); |
6471 |
-diff --git a/include/linux/sunrpc/xdr.h b/include/linux/sunrpc/xdr.h |
6472 |
-index a20970e..af70af3 100644 |
6473 |
---- a/include/linux/sunrpc/xdr.h |
6474 |
-+++ b/include/linux/sunrpc/xdr.h |
6475 |
-@@ -191,6 +191,8 @@ extern int xdr_decode_array2(struct xdr_buf *buf, unsigned int base, |
6476 |
- struct xdr_array2_desc *desc); |
6477 |
- extern int xdr_encode_array2(struct xdr_buf *buf, unsigned int base, |
6478 |
- struct xdr_array2_desc *desc); |
6479 |
-+extern void _copy_from_pages(char *p, struct page **pages, size_t pgbase, |
6480 |
-+ size_t len); |
6481 |
- |
6482 |
- /* |
6483 |
- * Provide some simple tools for XDR buffer overflow-checking etc. |
6484 |
-diff --git a/include/linux/swap.h b/include/linux/swap.h |
6485 |
-index 1e22e12..67b3fa3 100644 |
6486 |
---- a/include/linux/swap.h |
6487 |
-+++ b/include/linux/swap.h |
6488 |
-@@ -272,7 +272,7 @@ static inline int zone_reclaim(struct zone *z, gfp_t mask, unsigned int order) |
6489 |
- #endif |
6490 |
- |
6491 |
- extern int page_evictable(struct page *page, struct vm_area_struct *vma); |
6492 |
--extern void scan_mapping_unevictable_pages(struct address_space *); |
6493 |
-+extern void check_move_unevictable_pages(struct page **, int nr_pages); |
6494 |
- |
6495 |
- extern unsigned long scan_unevictable_pages; |
6496 |
- extern int scan_unevictable_handler(struct ctl_table *, int, |
6497 |
-diff --git a/include/linux/videodev2.h b/include/linux/videodev2.h |
6498 |
-index 4b752d5..45a7698 100644 |
6499 |
---- a/include/linux/videodev2.h |
6500 |
-+++ b/include/linux/videodev2.h |
6501 |
-@@ -1131,6 +1131,7 @@ struct v4l2_querymenu { |
6502 |
- #define V4L2_CTRL_FLAG_NEXT_CTRL 0x80000000 |
6503 |
- |
6504 |
- /* User-class control IDs defined by V4L2 */ |
6505 |
-+#define V4L2_CID_MAX_CTRLS 1024 |
6506 |
- #define V4L2_CID_BASE (V4L2_CTRL_CLASS_USER | 0x900) |
6507 |
- #define V4L2_CID_USER_BASE V4L2_CID_BASE |
6508 |
- /* IDs reserved for driver specific controls */ |
6509 |
-diff --git a/include/media/tuner.h b/include/media/tuner.h |
6510 |
-index 89c290b..29e1920 100644 |
6511 |
---- a/include/media/tuner.h |
6512 |
-+++ b/include/media/tuner.h |
6513 |
-@@ -127,7 +127,6 @@ |
6514 |
- #define TUNER_PHILIPS_FMD1216MEX_MK3 78 |
6515 |
- #define TUNER_PHILIPS_FM1216MK5 79 |
6516 |
- #define TUNER_PHILIPS_FQ1216LME_MK3 80 /* Active loopthrough, no FM */ |
6517 |
--#define TUNER_XC4000 81 /* Xceive Silicon Tuner */ |
6518 |
- |
6519 |
- #define TUNER_PARTSNIC_PTI_5NF05 81 |
6520 |
- #define TUNER_PHILIPS_CU1216L 82 |
6521 |
-@@ -136,6 +135,8 @@ |
6522 |
- #define TUNER_PHILIPS_FQ1236_MK5 85 /* NTSC, TDA9885, no FM radio */ |
6523 |
- #define TUNER_TENA_TNF_5337 86 |
6524 |
- |
6525 |
-+#define TUNER_XC4000 87 /* Xceive Silicon Tuner */ |
6526 |
-+ |
6527 |
- /* tv card specific */ |
6528 |
- #define TDA9887_PRESENT (1<<0) |
6529 |
- #define TDA9887_PORT1_INACTIVE (1<<1) |
6530 |
-diff --git a/include/target/target_core_base.h b/include/target/target_core_base.h |
6531 |
-index 6873c7d..a79886c 100644 |
6532 |
---- a/include/target/target_core_base.h |
6533 |
-+++ b/include/target/target_core_base.h |
6534 |
-@@ -34,6 +34,7 @@ |
6535 |
- #define TRANSPORT_SENSE_BUFFER SCSI_SENSE_BUFFERSIZE |
6536 |
- /* Used by transport_send_check_condition_and_sense() */ |
6537 |
- #define SPC_SENSE_KEY_OFFSET 2 |
6538 |
-+#define SPC_ADD_SENSE_LEN_OFFSET 7 |
6539 |
- #define SPC_ASC_KEY_OFFSET 12 |
6540 |
- #define SPC_ASCQ_KEY_OFFSET 13 |
6541 |
- #define TRANSPORT_IQN_LEN 224 |
6542 |
-diff --git a/include/xen/interface/io/xs_wire.h b/include/xen/interface/io/xs_wire.h |
6543 |
-index f6f07aa..7cdfca2 100644 |
6544 |
---- a/include/xen/interface/io/xs_wire.h |
6545 |
-+++ b/include/xen/interface/io/xs_wire.h |
6546 |
-@@ -87,4 +87,7 @@ struct xenstore_domain_interface { |
6547 |
- XENSTORE_RING_IDX rsp_cons, rsp_prod; |
6548 |
- }; |
6549 |
- |
6550 |
-+/* Violating this is very bad. See docs/misc/xenstore.txt. */ |
6551 |
-+#define XENSTORE_PAYLOAD_MAX 4096 |
6552 |
-+ |
6553 |
- #endif /* _XS_WIRE_H */ |
6554 |
-diff --git a/init/do_mounts.c b/init/do_mounts.c |
6555 |
-index 0f6e1d9..db6e5ee 100644 |
6556 |
---- a/init/do_mounts.c |
6557 |
-+++ b/init/do_mounts.c |
6558 |
-@@ -398,15 +398,42 @@ out: |
6559 |
- } |
6560 |
- |
6561 |
- #ifdef CONFIG_ROOT_NFS |
6562 |
-+ |
6563 |
-+#define NFSROOT_TIMEOUT_MIN 5 |
6564 |
-+#define NFSROOT_TIMEOUT_MAX 30 |
6565 |
-+#define NFSROOT_RETRY_MAX 5 |
6566 |
-+ |
6567 |
- static int __init mount_nfs_root(void) |
6568 |
- { |
6569 |
- char *root_dev, *root_data; |
6570 |
-+ unsigned int timeout; |
6571 |
-+ int try, err; |
6572 |
- |
6573 |
-- if (nfs_root_data(&root_dev, &root_data) != 0) |
6574 |
-- return 0; |
6575 |
-- if (do_mount_root(root_dev, "nfs", root_mountflags, root_data) != 0) |
6576 |
-+ err = nfs_root_data(&root_dev, &root_data); |
6577 |
-+ if (err != 0) |
6578 |
- return 0; |
6579 |
-- return 1; |
6580 |
-+ |
6581 |
-+ /* |
6582 |
-+ * The server or network may not be ready, so try several |
6583 |
-+ * times. Stop after a few tries in case the client wants |
6584 |
-+ * to fall back to other boot methods. |
6585 |
-+ */ |
6586 |
-+ timeout = NFSROOT_TIMEOUT_MIN; |
6587 |
-+ for (try = 1; ; try++) { |
6588 |
-+ err = do_mount_root(root_dev, "nfs", |
6589 |
-+ root_mountflags, root_data); |
6590 |
-+ if (err == 0) |
6591 |
-+ return 1; |
6592 |
-+ if (try > NFSROOT_RETRY_MAX) |
6593 |
-+ break; |
6594 |
-+ |
6595 |
-+ /* Wait, in case the server refused us immediately */ |
6596 |
-+ ssleep(timeout); |
6597 |
-+ timeout <<= 1; |
6598 |
-+ if (timeout > NFSROOT_TIMEOUT_MAX) |
6599 |
-+ timeout = NFSROOT_TIMEOUT_MAX; |
6600 |
-+ } |
6601 |
-+ return 0; |
6602 |
- } |
6603 |
- #endif |
6604 |
- |
6605 |
-diff --git a/ipc/shm.c b/ipc/shm.c |
6606 |
-index 02ecf2c..b76be5b 100644 |
6607 |
---- a/ipc/shm.c |
6608 |
-+++ b/ipc/shm.c |
6609 |
-@@ -870,9 +870,7 @@ SYSCALL_DEFINE3(shmctl, int, shmid, int, cmd, struct shmid_ds __user *, buf) |
6610 |
- case SHM_LOCK: |
6611 |
- case SHM_UNLOCK: |
6612 |
- { |
6613 |
-- struct file *uninitialized_var(shm_file); |
6614 |
-- |
6615 |
-- lru_add_drain_all(); /* drain pagevecs to lru lists */ |
6616 |
-+ struct file *shm_file; |
6617 |
- |
6618 |
- shp = shm_lock_check(ns, shmid); |
6619 |
- if (IS_ERR(shp)) { |
6620 |
-@@ -895,22 +893,31 @@ SYSCALL_DEFINE3(shmctl, int, shmid, int, cmd, struct shmid_ds __user *, buf) |
6621 |
- err = security_shm_shmctl(shp, cmd); |
6622 |
- if (err) |
6623 |
- goto out_unlock; |
6624 |
-- |
6625 |
-- if(cmd==SHM_LOCK) { |
6626 |
-+ |
6627 |
-+ shm_file = shp->shm_file; |
6628 |
-+ if (is_file_hugepages(shm_file)) |
6629 |
-+ goto out_unlock; |
6630 |
-+ |
6631 |
-+ if (cmd == SHM_LOCK) { |
6632 |
- struct user_struct *user = current_user(); |
6633 |
-- if (!is_file_hugepages(shp->shm_file)) { |
6634 |
-- err = shmem_lock(shp->shm_file, 1, user); |
6635 |
-- if (!err && !(shp->shm_perm.mode & SHM_LOCKED)){ |
6636 |
-- shp->shm_perm.mode |= SHM_LOCKED; |
6637 |
-- shp->mlock_user = user; |
6638 |
-- } |
6639 |
-+ err = shmem_lock(shm_file, 1, user); |
6640 |
-+ if (!err && !(shp->shm_perm.mode & SHM_LOCKED)) { |
6641 |
-+ shp->shm_perm.mode |= SHM_LOCKED; |
6642 |
-+ shp->mlock_user = user; |
6643 |
- } |
6644 |
-- } else if (!is_file_hugepages(shp->shm_file)) { |
6645 |
-- shmem_lock(shp->shm_file, 0, shp->mlock_user); |
6646 |
-- shp->shm_perm.mode &= ~SHM_LOCKED; |
6647 |
-- shp->mlock_user = NULL; |
6648 |
-+ goto out_unlock; |
6649 |
- } |
6650 |
-+ |
6651 |
-+ /* SHM_UNLOCK */ |
6652 |
-+ if (!(shp->shm_perm.mode & SHM_LOCKED)) |
6653 |
-+ goto out_unlock; |
6654 |
-+ shmem_lock(shm_file, 0, shp->mlock_user); |
6655 |
-+ shp->shm_perm.mode &= ~SHM_LOCKED; |
6656 |
-+ shp->mlock_user = NULL; |
6657 |
-+ get_file(shm_file); |
6658 |
- shm_unlock(shp); |
6659 |
-+ shmem_unlock_mapping(shm_file->f_mapping); |
6660 |
-+ fput(shm_file); |
6661 |
- goto out; |
6662 |
- } |
6663 |
- case IPC_RMID: |
6664 |
-diff --git a/kernel/kprobes.c b/kernel/kprobes.c |
6665 |
-index e5d8464..52fd049 100644 |
6666 |
---- a/kernel/kprobes.c |
6667 |
-+++ b/kernel/kprobes.c |
6668 |
-@@ -1077,6 +1077,7 @@ void __kprobes kprobe_flush_task(struct task_struct *tk) |
6669 |
- /* Early boot. kretprobe_table_locks not yet initialized. */ |
6670 |
- return; |
6671 |
- |
6672 |
-+ INIT_HLIST_HEAD(&empty_rp); |
6673 |
- hash = hash_ptr(tk, KPROBE_HASH_BITS); |
6674 |
- head = &kretprobe_inst_table[hash]; |
6675 |
- kretprobe_table_lock(hash, &flags); |
6676 |
-@@ -1085,7 +1086,6 @@ void __kprobes kprobe_flush_task(struct task_struct *tk) |
6677 |
- recycle_rp_inst(ri, &empty_rp); |
6678 |
- } |
6679 |
- kretprobe_table_unlock(hash, &flags); |
6680 |
-- INIT_HLIST_HEAD(&empty_rp); |
6681 |
- hlist_for_each_entry_safe(ri, node, tmp, &empty_rp, hlist) { |
6682 |
- hlist_del(&ri->hlist); |
6683 |
- kfree(ri); |
6684 |
-diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c |
6685 |
-index b1e8943..25b4f4d 100644 |
6686 |
---- a/kernel/trace/ftrace.c |
6687 |
-+++ b/kernel/trace/ftrace.c |
6688 |
-@@ -948,7 +948,7 @@ struct ftrace_func_probe { |
6689 |
- }; |
6690 |
- |
6691 |
- enum { |
6692 |
-- FTRACE_ENABLE_CALLS = (1 << 0), |
6693 |
-+ FTRACE_UPDATE_CALLS = (1 << 0), |
6694 |
- FTRACE_DISABLE_CALLS = (1 << 1), |
6695 |
- FTRACE_UPDATE_TRACE_FUNC = (1 << 2), |
6696 |
- FTRACE_START_FUNC_RET = (1 << 3), |
6697 |
-@@ -1519,7 +1519,7 @@ int ftrace_text_reserved(void *start, void *end) |
6698 |
- |
6699 |
- |
6700 |
- static int |
6701 |
--__ftrace_replace_code(struct dyn_ftrace *rec, int enable) |
6702 |
-+__ftrace_replace_code(struct dyn_ftrace *rec, int update) |
6703 |
- { |
6704 |
- unsigned long ftrace_addr; |
6705 |
- unsigned long flag = 0UL; |
6706 |
-@@ -1527,17 +1527,17 @@ __ftrace_replace_code(struct dyn_ftrace *rec, int enable) |
6707 |
- ftrace_addr = (unsigned long)FTRACE_ADDR; |
6708 |
- |
6709 |
- /* |
6710 |
-- * If we are enabling tracing: |
6711 |
-+ * If we are updating calls: |
6712 |
- * |
6713 |
- * If the record has a ref count, then we need to enable it |
6714 |
- * because someone is using it. |
6715 |
- * |
6716 |
- * Otherwise we make sure its disabled. |
6717 |
- * |
6718 |
-- * If we are disabling tracing, then disable all records that |
6719 |
-+ * If we are disabling calls, then disable all records that |
6720 |
- * are enabled. |
6721 |
- */ |
6722 |
-- if (enable && (rec->flags & ~FTRACE_FL_MASK)) |
6723 |
-+ if (update && (rec->flags & ~FTRACE_FL_MASK)) |
6724 |
- flag = FTRACE_FL_ENABLED; |
6725 |
- |
6726 |
- /* If the state of this record hasn't changed, then do nothing */ |
6727 |
-@@ -1553,7 +1553,7 @@ __ftrace_replace_code(struct dyn_ftrace *rec, int enable) |
6728 |
- return ftrace_make_nop(NULL, rec, ftrace_addr); |
6729 |
- } |
6730 |
- |
6731 |
--static void ftrace_replace_code(int enable) |
6732 |
-+static void ftrace_replace_code(int update) |
6733 |
- { |
6734 |
- struct dyn_ftrace *rec; |
6735 |
- struct ftrace_page *pg; |
6736 |
-@@ -1567,7 +1567,7 @@ static void ftrace_replace_code(int enable) |
6737 |
- if (rec->flags & FTRACE_FL_FREE) |
6738 |
- continue; |
6739 |
- |
6740 |
-- failed = __ftrace_replace_code(rec, enable); |
6741 |
-+ failed = __ftrace_replace_code(rec, update); |
6742 |
- if (failed) { |
6743 |
- ftrace_bug(failed, rec->ip); |
6744 |
- /* Stop processing */ |
6745 |
-@@ -1623,7 +1623,7 @@ static int __ftrace_modify_code(void *data) |
6746 |
- */ |
6747 |
- function_trace_stop++; |
6748 |
- |
6749 |
-- if (*command & FTRACE_ENABLE_CALLS) |
6750 |
-+ if (*command & FTRACE_UPDATE_CALLS) |
6751 |
- ftrace_replace_code(1); |
6752 |
- else if (*command & FTRACE_DISABLE_CALLS) |
6753 |
- ftrace_replace_code(0); |
6754 |
-@@ -1691,7 +1691,7 @@ static int ftrace_startup(struct ftrace_ops *ops, int command) |
6755 |
- return -ENODEV; |
6756 |
- |
6757 |
- ftrace_start_up++; |
6758 |
-- command |= FTRACE_ENABLE_CALLS; |
6759 |
-+ command |= FTRACE_UPDATE_CALLS; |
6760 |
- |
6761 |
- /* ops marked global share the filter hashes */ |
6762 |
- if (ops->flags & FTRACE_OPS_FL_GLOBAL) { |
6763 |
-@@ -1743,8 +1743,7 @@ static void ftrace_shutdown(struct ftrace_ops *ops, int command) |
6764 |
- if (ops != &global_ops || !global_start_up) |
6765 |
- ops->flags &= ~FTRACE_OPS_FL_ENABLED; |
6766 |
- |
6767 |
-- if (!ftrace_start_up) |
6768 |
-- command |= FTRACE_DISABLE_CALLS; |
6769 |
-+ command |= FTRACE_UPDATE_CALLS; |
6770 |
- |
6771 |
- if (saved_ftrace_func != ftrace_trace_function) { |
6772 |
- saved_ftrace_func = ftrace_trace_function; |
6773 |
-@@ -1766,7 +1765,7 @@ static void ftrace_startup_sysctl(void) |
6774 |
- saved_ftrace_func = NULL; |
6775 |
- /* ftrace_start_up is true if we want ftrace running */ |
6776 |
- if (ftrace_start_up) |
6777 |
-- ftrace_run_update_code(FTRACE_ENABLE_CALLS); |
6778 |
-+ ftrace_run_update_code(FTRACE_UPDATE_CALLS); |
6779 |
- } |
6780 |
- |
6781 |
- static void ftrace_shutdown_sysctl(void) |
6782 |
-@@ -2919,7 +2918,7 @@ ftrace_set_regex(struct ftrace_ops *ops, unsigned char *buf, int len, |
6783 |
- ret = ftrace_hash_move(ops, enable, orig_hash, hash); |
6784 |
- if (!ret && ops->flags & FTRACE_OPS_FL_ENABLED |
6785 |
- && ftrace_enabled) |
6786 |
-- ftrace_run_update_code(FTRACE_ENABLE_CALLS); |
6787 |
-+ ftrace_run_update_code(FTRACE_UPDATE_CALLS); |
6788 |
- |
6789 |
- mutex_unlock(&ftrace_lock); |
6790 |
- |
6791 |
-@@ -3107,7 +3106,7 @@ ftrace_regex_release(struct inode *inode, struct file *file) |
6792 |
- orig_hash, iter->hash); |
6793 |
- if (!ret && (iter->ops->flags & FTRACE_OPS_FL_ENABLED) |
6794 |
- && ftrace_enabled) |
6795 |
-- ftrace_run_update_code(FTRACE_ENABLE_CALLS); |
6796 |
-+ ftrace_run_update_code(FTRACE_UPDATE_CALLS); |
6797 |
- |
6798 |
- mutex_unlock(&ftrace_lock); |
6799 |
- } |
6800 |
-diff --git a/kernel/tracepoint.c b/kernel/tracepoint.c |
6801 |
-index db110b8..f1539de 100644 |
6802 |
---- a/kernel/tracepoint.c |
6803 |
-+++ b/kernel/tracepoint.c |
6804 |
-@@ -634,10 +634,11 @@ static int tracepoint_module_coming(struct module *mod) |
6805 |
- int ret = 0; |
6806 |
- |
6807 |
- /* |
6808 |
-- * We skip modules that tain the kernel, especially those with different |
6809 |
-- * module header (for forced load), to make sure we don't cause a crash. |
6810 |
-+ * We skip modules that taint the kernel, especially those with different |
6811 |
-+ * module headers (for forced load), to make sure we don't cause a crash. |
6812 |
-+ * Staging and out-of-tree GPL modules are fine. |
6813 |
- */ |
6814 |
-- if (mod->taints) |
6815 |
-+ if (mod->taints & ~((1 << TAINT_OOT_MODULE) | (1 << TAINT_CRAP))) |
6816 |
- return 0; |
6817 |
- mutex_lock(&tracepoints_mutex); |
6818 |
- tp_mod = kmalloc(sizeof(struct tp_module), GFP_KERNEL); |
6819 |
-diff --git a/mm/filemap.c b/mm/filemap.c |
6820 |
-index 5f0a3c9..90286a4 100644 |
6821 |
---- a/mm/filemap.c |
6822 |
-+++ b/mm/filemap.c |
6823 |
-@@ -393,24 +393,11 @@ EXPORT_SYMBOL(filemap_write_and_wait_range); |
6824 |
- int replace_page_cache_page(struct page *old, struct page *new, gfp_t gfp_mask) |
6825 |
- { |
6826 |
- int error; |
6827 |
-- struct mem_cgroup *memcg = NULL; |
6828 |
- |
6829 |
- VM_BUG_ON(!PageLocked(old)); |
6830 |
- VM_BUG_ON(!PageLocked(new)); |
6831 |
- VM_BUG_ON(new->mapping); |
6832 |
- |
6833 |
-- /* |
6834 |
-- * This is not page migration, but prepare_migration and |
6835 |
-- * end_migration does enough work for charge replacement. |
6836 |
-- * |
6837 |
-- * In the longer term we probably want a specialized function |
6838 |
-- * for moving the charge from old to new in a more efficient |
6839 |
-- * manner. |
6840 |
-- */ |
6841 |
-- error = mem_cgroup_prepare_migration(old, new, &memcg, gfp_mask); |
6842 |
-- if (error) |
6843 |
-- return error; |
6844 |
-- |
6845 |
- error = radix_tree_preload(gfp_mask & ~__GFP_HIGHMEM); |
6846 |
- if (!error) { |
6847 |
- struct address_space *mapping = old->mapping; |
6848 |
-@@ -432,13 +419,12 @@ int replace_page_cache_page(struct page *old, struct page *new, gfp_t gfp_mask) |
6849 |
- if (PageSwapBacked(new)) |
6850 |
- __inc_zone_page_state(new, NR_SHMEM); |
6851 |
- spin_unlock_irq(&mapping->tree_lock); |
6852 |
-+ /* mem_cgroup codes must not be called under tree_lock */ |
6853 |
-+ mem_cgroup_replace_page_cache(old, new); |
6854 |
- radix_tree_preload_end(); |
6855 |
- if (freepage) |
6856 |
- freepage(old); |
6857 |
- page_cache_release(old); |
6858 |
-- mem_cgroup_end_migration(memcg, old, new, true); |
6859 |
-- } else { |
6860 |
-- mem_cgroup_end_migration(memcg, old, new, false); |
6861 |
- } |
6862 |
- |
6863 |
- return error; |
6864 |
-diff --git a/mm/memcontrol.c b/mm/memcontrol.c |
6865 |
-index b63f5f7..f538e9b 100644 |
6866 |
---- a/mm/memcontrol.c |
6867 |
-+++ b/mm/memcontrol.c |
6868 |
-@@ -3366,6 +3366,50 @@ void mem_cgroup_end_migration(struct mem_cgroup *memcg, |
6869 |
- cgroup_release_and_wakeup_rmdir(&memcg->css); |
6870 |
- } |
6871 |
- |
6872 |
-+/* |
6873 |
-+ * At replace page cache, newpage is not under any memcg but it's on |
6874 |
-+ * LRU. So, this function doesn't touch res_counter but handles LRU |
6875 |
-+ * in correct way. Both pages are locked so we cannot race with uncharge. |
6876 |
-+ */ |
6877 |
-+void mem_cgroup_replace_page_cache(struct page *oldpage, |
6878 |
-+ struct page *newpage) |
6879 |
-+{ |
6880 |
-+ struct mem_cgroup *memcg; |
6881 |
-+ struct page_cgroup *pc; |
6882 |
-+ struct zone *zone; |
6883 |
-+ enum charge_type type = MEM_CGROUP_CHARGE_TYPE_CACHE; |
6884 |
-+ unsigned long flags; |
6885 |
-+ |
6886 |
-+ if (mem_cgroup_disabled()) |
6887 |
-+ return; |
6888 |
-+ |
6889 |
-+ pc = lookup_page_cgroup(oldpage); |
6890 |
-+ /* fix accounting on old pages */ |
6891 |
-+ lock_page_cgroup(pc); |
6892 |
-+ memcg = pc->mem_cgroup; |
6893 |
-+ mem_cgroup_charge_statistics(memcg, PageCgroupCache(pc), -1); |
6894 |
-+ ClearPageCgroupUsed(pc); |
6895 |
-+ unlock_page_cgroup(pc); |
6896 |
-+ |
6897 |
-+ if (PageSwapBacked(oldpage)) |
6898 |
-+ type = MEM_CGROUP_CHARGE_TYPE_SHMEM; |
6899 |
-+ |
6900 |
-+ zone = page_zone(newpage); |
6901 |
-+ pc = lookup_page_cgroup(newpage); |
6902 |
-+ /* |
6903 |
-+ * Even if newpage->mapping was NULL before starting replacement, |
6904 |
-+ * the newpage may be on LRU(or pagevec for LRU) already. We lock |
6905 |
-+ * LRU while we overwrite pc->mem_cgroup. |
6906 |
-+ */ |
6907 |
-+ spin_lock_irqsave(&zone->lru_lock, flags); |
6908 |
-+ if (PageLRU(newpage)) |
6909 |
-+ del_page_from_lru_list(zone, newpage, page_lru(newpage)); |
6910 |
-+ __mem_cgroup_commit_charge(memcg, newpage, 1, pc, type); |
6911 |
-+ if (PageLRU(newpage)) |
6912 |
-+ add_page_to_lru_list(zone, newpage, page_lru(newpage)); |
6913 |
-+ spin_unlock_irqrestore(&zone->lru_lock, flags); |
6914 |
-+} |
6915 |
-+ |
6916 |
- #ifdef CONFIG_DEBUG_VM |
6917 |
- static struct page_cgroup *lookup_page_cgroup_used(struct page *page) |
6918 |
- { |
6919 |
-diff --git a/mm/page_alloc.c b/mm/page_alloc.c |
6920 |
-index 2b8ba3a..485be89 100644 |
6921 |
---- a/mm/page_alloc.c |
6922 |
-+++ b/mm/page_alloc.c |
6923 |
-@@ -5608,6 +5608,17 @@ __count_immobile_pages(struct zone *zone, struct page *page, int count) |
6924 |
- bool is_pageblock_removable_nolock(struct page *page) |
6925 |
- { |
6926 |
- struct zone *zone = page_zone(page); |
6927 |
-+ unsigned long pfn = page_to_pfn(page); |
6928 |
-+ |
6929 |
-+ /* |
6930 |
-+ * We have to be careful here because we are iterating over memory |
6931 |
-+ * sections which are not zone aware so we might end up outside of |
6932 |
-+ * the zone but still within the section. |
6933 |
-+ */ |
6934 |
-+ if (!zone || zone->zone_start_pfn > pfn || |
6935 |
-+ zone->zone_start_pfn + zone->spanned_pages <= pfn) |
6936 |
-+ return false; |
6937 |
-+ |
6938 |
- return __count_immobile_pages(zone, page, 0); |
6939 |
- } |
6940 |
- |
6941 |
-diff --git a/mm/shmem.c b/mm/shmem.c |
6942 |
-index d672250..6c253f7 100644 |
6943 |
---- a/mm/shmem.c |
6944 |
-+++ b/mm/shmem.c |
6945 |
-@@ -379,7 +379,7 @@ static int shmem_free_swap(struct address_space *mapping, |
6946 |
- /* |
6947 |
- * Pagevec may contain swap entries, so shuffle up pages before releasing. |
6948 |
- */ |
6949 |
--static void shmem_pagevec_release(struct pagevec *pvec) |
6950 |
-+static void shmem_deswap_pagevec(struct pagevec *pvec) |
6951 |
- { |
6952 |
- int i, j; |
6953 |
- |
6954 |
-@@ -389,7 +389,36 @@ static void shmem_pagevec_release(struct pagevec *pvec) |
6955 |
- pvec->pages[j++] = page; |
6956 |
- } |
6957 |
- pvec->nr = j; |
6958 |
-- pagevec_release(pvec); |
6959 |
-+} |
6960 |
-+ |
6961 |
-+/* |
6962 |
-+ * SysV IPC SHM_UNLOCK restore Unevictable pages to their evictable lists. |
6963 |
-+ */ |
6964 |
-+void shmem_unlock_mapping(struct address_space *mapping) |
6965 |
-+{ |
6966 |
-+ struct pagevec pvec; |
6967 |
-+ pgoff_t indices[PAGEVEC_SIZE]; |
6968 |
-+ pgoff_t index = 0; |
6969 |
-+ |
6970 |
-+ pagevec_init(&pvec, 0); |
6971 |
-+ /* |
6972 |
-+ * Minor point, but we might as well stop if someone else SHM_LOCKs it. |
6973 |
-+ */ |
6974 |
-+ while (!mapping_unevictable(mapping)) { |
6975 |
-+ /* |
6976 |
-+ * Avoid pagevec_lookup(): find_get_pages() returns 0 as if it |
6977 |
-+ * has finished, if it hits a row of PAGEVEC_SIZE swap entries. |
6978 |
-+ */ |
6979 |
-+ pvec.nr = shmem_find_get_pages_and_swap(mapping, index, |
6980 |
-+ PAGEVEC_SIZE, pvec.pages, indices); |
6981 |
-+ if (!pvec.nr) |
6982 |
-+ break; |
6983 |
-+ index = indices[pvec.nr - 1] + 1; |
6984 |
-+ shmem_deswap_pagevec(&pvec); |
6985 |
-+ check_move_unevictable_pages(pvec.pages, pvec.nr); |
6986 |
-+ pagevec_release(&pvec); |
6987 |
-+ cond_resched(); |
6988 |
-+ } |
6989 |
- } |
6990 |
- |
6991 |
- /* |
6992 |
-@@ -440,7 +469,8 @@ void shmem_truncate_range(struct inode *inode, loff_t lstart, loff_t lend) |
6993 |
- } |
6994 |
- unlock_page(page); |
6995 |
- } |
6996 |
-- shmem_pagevec_release(&pvec); |
6997 |
-+ shmem_deswap_pagevec(&pvec); |
6998 |
-+ pagevec_release(&pvec); |
6999 |
- mem_cgroup_uncharge_end(); |
7000 |
- cond_resched(); |
7001 |
- index++; |
7002 |
-@@ -470,7 +500,8 @@ void shmem_truncate_range(struct inode *inode, loff_t lstart, loff_t lend) |
7003 |
- continue; |
7004 |
- } |
7005 |
- if (index == start && indices[0] > end) { |
7006 |
-- shmem_pagevec_release(&pvec); |
7007 |
-+ shmem_deswap_pagevec(&pvec); |
7008 |
-+ pagevec_release(&pvec); |
7009 |
- break; |
7010 |
- } |
7011 |
- mem_cgroup_uncharge_start(); |
7012 |
-@@ -494,7 +525,8 @@ void shmem_truncate_range(struct inode *inode, loff_t lstart, loff_t lend) |
7013 |
- } |
7014 |
- unlock_page(page); |
7015 |
- } |
7016 |
-- shmem_pagevec_release(&pvec); |
7017 |
-+ shmem_deswap_pagevec(&pvec); |
7018 |
-+ pagevec_release(&pvec); |
7019 |
- mem_cgroup_uncharge_end(); |
7020 |
- index++; |
7021 |
- } |
7022 |
-@@ -1068,13 +1100,6 @@ int shmem_lock(struct file *file, int lock, struct user_struct *user) |
7023 |
- user_shm_unlock(inode->i_size, user); |
7024 |
- info->flags &= ~VM_LOCKED; |
7025 |
- mapping_clear_unevictable(file->f_mapping); |
7026 |
-- /* |
7027 |
-- * Ensure that a racing putback_lru_page() can see |
7028 |
-- * the pages of this mapping are evictable when we |
7029 |
-- * skip them due to !PageLRU during the scan. |
7030 |
-- */ |
7031 |
-- smp_mb__after_clear_bit(); |
7032 |
-- scan_mapping_unevictable_pages(file->f_mapping); |
7033 |
- } |
7034 |
- retval = 0; |
7035 |
- |
7036 |
-@@ -2446,6 +2471,10 @@ int shmem_lock(struct file *file, int lock, struct user_struct *user) |
7037 |
- return 0; |
7038 |
- } |
7039 |
- |
7040 |
-+void shmem_unlock_mapping(struct address_space *mapping) |
7041 |
-+{ |
7042 |
-+} |
7043 |
-+ |
7044 |
- void shmem_truncate_range(struct inode *inode, loff_t lstart, loff_t lend) |
7045 |
- { |
7046 |
- truncate_inode_pages_range(inode->i_mapping, lstart, lend); |
7047 |
-diff --git a/mm/slub.c b/mm/slub.c |
7048 |
-index ed3334d..1a919f0 100644 |
7049 |
---- a/mm/slub.c |
7050 |
-+++ b/mm/slub.c |
7051 |
-@@ -2166,6 +2166,11 @@ redo: |
7052 |
- goto new_slab; |
7053 |
- } |
7054 |
- |
7055 |
-+ /* must check again c->freelist in case of cpu migration or IRQ */ |
7056 |
-+ object = c->freelist; |
7057 |
-+ if (object) |
7058 |
-+ goto load_freelist; |
7059 |
-+ |
7060 |
- stat(s, ALLOC_SLOWPATH); |
7061 |
- |
7062 |
- do { |
7063 |
-diff --git a/mm/vmscan.c b/mm/vmscan.c |
7064 |
-index f54a05b..cb33d9c 100644 |
7065 |
---- a/mm/vmscan.c |
7066 |
-+++ b/mm/vmscan.c |
7067 |
-@@ -636,7 +636,7 @@ redo: |
7068 |
- * When racing with an mlock or AS_UNEVICTABLE clearing |
7069 |
- * (page is unlocked) make sure that if the other thread |
7070 |
- * does not observe our setting of PG_lru and fails |
7071 |
-- * isolation/check_move_unevictable_page, |
7072 |
-+ * isolation/check_move_unevictable_pages, |
7073 |
- * we see PG_mlocked/AS_UNEVICTABLE cleared below and move |
7074 |
- * the page back to the evictable list. |
7075 |
- * |
7076 |
-@@ -3353,97 +3353,59 @@ int page_evictable(struct page *page, struct vm_area_struct *vma) |
7077 |
- return 1; |
7078 |
- } |
7079 |
- |
7080 |
-+#ifdef CONFIG_SHMEM |
7081 |
- /** |
7082 |
-- * check_move_unevictable_page - check page for evictability and move to appropriate zone lru list |
7083 |
-- * @page: page to check evictability and move to appropriate lru list |
7084 |
-- * @zone: zone page is in |
7085 |
-+ * check_move_unevictable_pages - check pages for evictability and move to appropriate zone lru list |
7086 |
-+ * @pages: array of pages to check |
7087 |
-+ * @nr_pages: number of pages to check |
7088 |
- * |
7089 |
-- * Checks a page for evictability and moves the page to the appropriate |
7090 |
-- * zone lru list. |
7091 |
-+ * Checks pages for evictability and moves them to the appropriate lru list. |
7092 |
- * |
7093 |
-- * Restrictions: zone->lru_lock must be held, page must be on LRU and must |
7094 |
-- * have PageUnevictable set. |
7095 |
-+ * This function is only used for SysV IPC SHM_UNLOCK. |
7096 |
- */ |
7097 |
--static void check_move_unevictable_page(struct page *page, struct zone *zone) |
7098 |
-+void check_move_unevictable_pages(struct page **pages, int nr_pages) |
7099 |
- { |
7100 |
-- VM_BUG_ON(PageActive(page)); |
7101 |
-- |
7102 |
--retry: |
7103 |
-- ClearPageUnevictable(page); |
7104 |
-- if (page_evictable(page, NULL)) { |
7105 |
-- enum lru_list l = page_lru_base_type(page); |
7106 |
-+ struct zone *zone = NULL; |
7107 |
-+ int pgscanned = 0; |
7108 |
-+ int pgrescued = 0; |
7109 |
-+ int i; |
7110 |
- |
7111 |
-- __dec_zone_state(zone, NR_UNEVICTABLE); |
7112 |
-- list_move(&page->lru, &zone->lru[l].list); |
7113 |
-- mem_cgroup_move_lists(page, LRU_UNEVICTABLE, l); |
7114 |
-- __inc_zone_state(zone, NR_INACTIVE_ANON + l); |
7115 |
-- __count_vm_event(UNEVICTABLE_PGRESCUED); |
7116 |
-- } else { |
7117 |
-- /* |
7118 |
-- * rotate unevictable list |
7119 |
-- */ |
7120 |
-- SetPageUnevictable(page); |
7121 |
-- list_move(&page->lru, &zone->lru[LRU_UNEVICTABLE].list); |
7122 |
-- mem_cgroup_rotate_lru_list(page, LRU_UNEVICTABLE); |
7123 |
-- if (page_evictable(page, NULL)) |
7124 |
-- goto retry; |
7125 |
-- } |
7126 |
--} |
7127 |
-+ for (i = 0; i < nr_pages; i++) { |
7128 |
-+ struct page *page = pages[i]; |
7129 |
-+ struct zone *pagezone; |
7130 |
- |
7131 |
--/** |
7132 |
-- * scan_mapping_unevictable_pages - scan an address space for evictable pages |
7133 |
-- * @mapping: struct address_space to scan for evictable pages |
7134 |
-- * |
7135 |
-- * Scan all pages in mapping. Check unevictable pages for |
7136 |
-- * evictability and move them to the appropriate zone lru list. |
7137 |
-- */ |
7138 |
--void scan_mapping_unevictable_pages(struct address_space *mapping) |
7139 |
--{ |
7140 |
-- pgoff_t next = 0; |
7141 |
-- pgoff_t end = (i_size_read(mapping->host) + PAGE_CACHE_SIZE - 1) >> |
7142 |
-- PAGE_CACHE_SHIFT; |
7143 |
-- struct zone *zone; |
7144 |
-- struct pagevec pvec; |
7145 |
-+ pgscanned++; |
7146 |
-+ pagezone = page_zone(page); |
7147 |
-+ if (pagezone != zone) { |
7148 |
-+ if (zone) |
7149 |
-+ spin_unlock_irq(&zone->lru_lock); |
7150 |
-+ zone = pagezone; |
7151 |
-+ spin_lock_irq(&zone->lru_lock); |
7152 |
-+ } |
7153 |
- |
7154 |
-- if (mapping->nrpages == 0) |
7155 |
-- return; |
7156 |
-+ if (!PageLRU(page) || !PageUnevictable(page)) |
7157 |
-+ continue; |
7158 |
- |
7159 |
-- pagevec_init(&pvec, 0); |
7160 |
-- while (next < end && |
7161 |
-- pagevec_lookup(&pvec, mapping, next, PAGEVEC_SIZE)) { |
7162 |
-- int i; |
7163 |
-- int pg_scanned = 0; |
7164 |
-- |
7165 |
-- zone = NULL; |
7166 |
-- |
7167 |
-- for (i = 0; i < pagevec_count(&pvec); i++) { |
7168 |
-- struct page *page = pvec.pages[i]; |
7169 |
-- pgoff_t page_index = page->index; |
7170 |
-- struct zone *pagezone = page_zone(page); |
7171 |
-- |
7172 |
-- pg_scanned++; |
7173 |
-- if (page_index > next) |
7174 |
-- next = page_index; |
7175 |
-- next++; |
7176 |
-- |
7177 |
-- if (pagezone != zone) { |
7178 |
-- if (zone) |
7179 |
-- spin_unlock_irq(&zone->lru_lock); |
7180 |
-- zone = pagezone; |
7181 |
-- spin_lock_irq(&zone->lru_lock); |
7182 |
-- } |
7183 |
-+ if (page_evictable(page, NULL)) { |
7184 |
-+ enum lru_list lru = page_lru_base_type(page); |
7185 |
- |
7186 |
-- if (PageLRU(page) && PageUnevictable(page)) |
7187 |
-- check_move_unevictable_page(page, zone); |
7188 |
-+ VM_BUG_ON(PageActive(page)); |
7189 |
-+ ClearPageUnevictable(page); |
7190 |
-+ __dec_zone_state(zone, NR_UNEVICTABLE); |
7191 |
-+ list_move(&page->lru, &zone->lru[lru].list); |
7192 |
-+ mem_cgroup_move_lists(page, LRU_UNEVICTABLE, lru); |
7193 |
-+ __inc_zone_state(zone, NR_INACTIVE_ANON + lru); |
7194 |
-+ pgrescued++; |
7195 |
- } |
7196 |
-- if (zone) |
7197 |
-- spin_unlock_irq(&zone->lru_lock); |
7198 |
-- pagevec_release(&pvec); |
7199 |
-- |
7200 |
-- count_vm_events(UNEVICTABLE_PGSCANNED, pg_scanned); |
7201 |
- } |
7202 |
- |
7203 |
-+ if (zone) { |
7204 |
-+ __count_vm_events(UNEVICTABLE_PGRESCUED, pgrescued); |
7205 |
-+ __count_vm_events(UNEVICTABLE_PGSCANNED, pgscanned); |
7206 |
-+ spin_unlock_irq(&zone->lru_lock); |
7207 |
-+ } |
7208 |
- } |
7209 |
-+#endif /* CONFIG_SHMEM */ |
7210 |
- |
7211 |
- static void warn_scan_unevictable_pages(void) |
7212 |
- { |
7213 |
-diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h |
7214 |
-index ea10a51..73495f1 100644 |
7215 |
---- a/net/mac80211/ieee80211_i.h |
7216 |
-+++ b/net/mac80211/ieee80211_i.h |
7217 |
-@@ -702,6 +702,8 @@ struct tpt_led_trigger { |
7218 |
- * well be on the operating channel |
7219 |
- * @SCAN_HW_SCANNING: The hardware is scanning for us, we have no way to |
7220 |
- * determine if we are on the operating channel or not |
7221 |
-+ * @SCAN_OFF_CHANNEL: We're off our operating channel for scanning, |
7222 |
-+ * gets only set in conjunction with SCAN_SW_SCANNING |
7223 |
- * @SCAN_COMPLETED: Set for our scan work function when the driver reported |
7224 |
- * that the scan completed. |
7225 |
- * @SCAN_ABORTED: Set for our scan work function when the driver reported |
7226 |
-@@ -710,6 +712,7 @@ struct tpt_led_trigger { |
7227 |
- enum { |
7228 |
- SCAN_SW_SCANNING, |
7229 |
- SCAN_HW_SCANNING, |
7230 |
-+ SCAN_OFF_CHANNEL, |
7231 |
- SCAN_COMPLETED, |
7232 |
- SCAN_ABORTED, |
7233 |
- }; |
7234 |
-@@ -1140,14 +1143,10 @@ int ieee80211_request_sched_scan_stop(struct ieee80211_sub_if_data *sdata); |
7235 |
- void ieee80211_sched_scan_stopped_work(struct work_struct *work); |
7236 |
- |
7237 |
- /* off-channel helpers */ |
7238 |
--bool ieee80211_cfg_on_oper_channel(struct ieee80211_local *local); |
7239 |
--void ieee80211_offchannel_enable_all_ps(struct ieee80211_local *local, |
7240 |
-- bool tell_ap); |
7241 |
--void ieee80211_offchannel_stop_vifs(struct ieee80211_local *local, |
7242 |
-- bool offchannel_ps_enable); |
7243 |
-+void ieee80211_offchannel_stop_beaconing(struct ieee80211_local *local); |
7244 |
-+void ieee80211_offchannel_stop_station(struct ieee80211_local *local); |
7245 |
- void ieee80211_offchannel_return(struct ieee80211_local *local, |
7246 |
-- bool enable_beaconing, |
7247 |
-- bool offchannel_ps_disable); |
7248 |
-+ bool enable_beaconing); |
7249 |
- void ieee80211_hw_roc_setup(struct ieee80211_local *local); |
7250 |
- |
7251 |
- /* interface handling */ |
7252 |
-diff --git a/net/mac80211/main.c b/net/mac80211/main.c |
7253 |
-index cae4435..a7536fd 100644 |
7254 |
---- a/net/mac80211/main.c |
7255 |
-+++ b/net/mac80211/main.c |
7256 |
-@@ -92,47 +92,6 @@ static void ieee80211_reconfig_filter(struct work_struct *work) |
7257 |
- ieee80211_configure_filter(local); |
7258 |
- } |
7259 |
- |
7260 |
--/* |
7261 |
-- * Returns true if we are logically configured to be on |
7262 |
-- * the operating channel AND the hardware-conf is currently |
7263 |
-- * configured on the operating channel. Compares channel-type |
7264 |
-- * as well. |
7265 |
-- */ |
7266 |
--bool ieee80211_cfg_on_oper_channel(struct ieee80211_local *local) |
7267 |
--{ |
7268 |
-- struct ieee80211_channel *chan, *scan_chan; |
7269 |
-- enum nl80211_channel_type channel_type; |
7270 |
-- |
7271 |
-- /* This logic needs to match logic in ieee80211_hw_config */ |
7272 |
-- if (local->scan_channel) { |
7273 |
-- chan = local->scan_channel; |
7274 |
-- /* If scanning on oper channel, use whatever channel-type |
7275 |
-- * is currently in use. |
7276 |
-- */ |
7277 |
-- if (chan == local->oper_channel) |
7278 |
-- channel_type = local->_oper_channel_type; |
7279 |
-- else |
7280 |
-- channel_type = NL80211_CHAN_NO_HT; |
7281 |
-- } else if (local->tmp_channel) { |
7282 |
-- chan = scan_chan = local->tmp_channel; |
7283 |
-- channel_type = local->tmp_channel_type; |
7284 |
-- } else { |
7285 |
-- chan = local->oper_channel; |
7286 |
-- channel_type = local->_oper_channel_type; |
7287 |
-- } |
7288 |
-- |
7289 |
-- if (chan != local->oper_channel || |
7290 |
-- channel_type != local->_oper_channel_type) |
7291 |
-- return false; |
7292 |
-- |
7293 |
-- /* Check current hardware-config against oper_channel. */ |
7294 |
-- if ((local->oper_channel != local->hw.conf.channel) || |
7295 |
-- (local->_oper_channel_type != local->hw.conf.channel_type)) |
7296 |
-- return false; |
7297 |
-- |
7298 |
-- return true; |
7299 |
--} |
7300 |
-- |
7301 |
- int ieee80211_hw_config(struct ieee80211_local *local, u32 changed) |
7302 |
- { |
7303 |
- struct ieee80211_channel *chan, *scan_chan; |
7304 |
-@@ -145,9 +104,6 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed) |
7305 |
- |
7306 |
- scan_chan = local->scan_channel; |
7307 |
- |
7308 |
-- /* If this off-channel logic ever changes, ieee80211_on_oper_channel |
7309 |
-- * may need to change as well. |
7310 |
-- */ |
7311 |
- offchannel_flag = local->hw.conf.flags & IEEE80211_CONF_OFFCHANNEL; |
7312 |
- if (scan_chan) { |
7313 |
- chan = scan_chan; |
7314 |
-@@ -158,19 +114,17 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed) |
7315 |
- channel_type = local->_oper_channel_type; |
7316 |
- else |
7317 |
- channel_type = NL80211_CHAN_NO_HT; |
7318 |
-- } else if (local->tmp_channel) { |
7319 |
-+ local->hw.conf.flags |= IEEE80211_CONF_OFFCHANNEL; |
7320 |
-+ } else if (local->tmp_channel && |
7321 |
-+ local->oper_channel != local->tmp_channel) { |
7322 |
- chan = scan_chan = local->tmp_channel; |
7323 |
- channel_type = local->tmp_channel_type; |
7324 |
-+ local->hw.conf.flags |= IEEE80211_CONF_OFFCHANNEL; |
7325 |
- } else { |
7326 |
- chan = local->oper_channel; |
7327 |
- channel_type = local->_oper_channel_type; |
7328 |
-- } |
7329 |
-- |
7330 |
-- if (chan != local->oper_channel || |
7331 |
-- channel_type != local->_oper_channel_type) |
7332 |
-- local->hw.conf.flags |= IEEE80211_CONF_OFFCHANNEL; |
7333 |
-- else |
7334 |
- local->hw.conf.flags &= ~IEEE80211_CONF_OFFCHANNEL; |
7335 |
-+ } |
7336 |
- |
7337 |
- offchannel_flag ^= local->hw.conf.flags & IEEE80211_CONF_OFFCHANNEL; |
7338 |
- |
7339 |
-@@ -279,7 +233,7 @@ void ieee80211_bss_info_change_notify(struct ieee80211_sub_if_data *sdata, |
7340 |
- |
7341 |
- if (changed & BSS_CHANGED_BEACON_ENABLED) { |
7342 |
- if (local->quiescing || !ieee80211_sdata_running(sdata) || |
7343 |
-- test_bit(SDATA_STATE_OFFCHANNEL, &sdata->state)) { |
7344 |
-+ test_bit(SCAN_SW_SCANNING, &local->scanning)) { |
7345 |
- sdata->vif.bss_conf.enable_beacon = false; |
7346 |
- } else { |
7347 |
- /* |
7348 |
-diff --git a/net/mac80211/offchannel.c b/net/mac80211/offchannel.c |
7349 |
-index 3d41441..1b239be 100644 |
7350 |
---- a/net/mac80211/offchannel.c |
7351 |
-+++ b/net/mac80211/offchannel.c |
7352 |
-@@ -18,14 +18,10 @@ |
7353 |
- #include "driver-trace.h" |
7354 |
- |
7355 |
- /* |
7356 |
-- * Tell our hardware to disable PS. |
7357 |
-- * Optionally inform AP that we will go to sleep so that it will buffer |
7358 |
-- * the frames while we are doing off-channel work. This is optional |
7359 |
-- * because we *may* be doing work on-operating channel, and want our |
7360 |
-- * hardware unconditionally awake, but still let the AP send us normal frames. |
7361 |
-+ * inform AP that we will go to sleep so that it will buffer the frames |
7362 |
-+ * while we scan |
7363 |
- */ |
7364 |
--static void ieee80211_offchannel_ps_enable(struct ieee80211_sub_if_data *sdata, |
7365 |
-- bool tell_ap) |
7366 |
-+static void ieee80211_offchannel_ps_enable(struct ieee80211_sub_if_data *sdata) |
7367 |
- { |
7368 |
- struct ieee80211_local *local = sdata->local; |
7369 |
- struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; |
7370 |
-@@ -46,8 +42,8 @@ static void ieee80211_offchannel_ps_enable(struct ieee80211_sub_if_data *sdata, |
7371 |
- ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); |
7372 |
- } |
7373 |
- |
7374 |
-- if (tell_ap && (!local->offchannel_ps_enabled || |
7375 |
-- !(local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK))) |
7376 |
-+ if (!(local->offchannel_ps_enabled) || |
7377 |
-+ !(local->hw.flags & IEEE80211_HW_PS_NULLFUNC_STACK)) |
7378 |
- /* |
7379 |
- * If power save was enabled, no need to send a nullfunc |
7380 |
- * frame because AP knows that we are sleeping. But if the |
7381 |
-@@ -82,9 +78,6 @@ static void ieee80211_offchannel_ps_disable(struct ieee80211_sub_if_data *sdata) |
7382 |
- * we are sleeping, let's just enable power save mode in |
7383 |
- * hardware. |
7384 |
- */ |
7385 |
-- /* TODO: Only set hardware if CONF_PS changed? |
7386 |
-- * TODO: Should we set offchannel_ps_enabled to false? |
7387 |
-- */ |
7388 |
- local->hw.conf.flags |= IEEE80211_CONF_PS; |
7389 |
- ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS); |
7390 |
- } else if (local->hw.conf.dynamic_ps_timeout > 0) { |
7391 |
-@@ -103,61 +96,63 @@ static void ieee80211_offchannel_ps_disable(struct ieee80211_sub_if_data *sdata) |
7392 |
- ieee80211_sta_reset_conn_monitor(sdata); |
7393 |
- } |
7394 |
- |
7395 |
--void ieee80211_offchannel_stop_vifs(struct ieee80211_local *local, |
7396 |
-- bool offchannel_ps_enable) |
7397 |
-+void ieee80211_offchannel_stop_beaconing(struct ieee80211_local *local) |
7398 |
- { |
7399 |
- struct ieee80211_sub_if_data *sdata; |
7400 |
- |
7401 |
-- /* |
7402 |
-- * notify the AP about us leaving the channel and stop all |
7403 |
-- * STA interfaces. |
7404 |
-- */ |
7405 |
- mutex_lock(&local->iflist_mtx); |
7406 |
- list_for_each_entry(sdata, &local->interfaces, list) { |
7407 |
- if (!ieee80211_sdata_running(sdata)) |
7408 |
- continue; |
7409 |
- |
7410 |
-- if (sdata->vif.type != NL80211_IFTYPE_MONITOR) |
7411 |
-- set_bit(SDATA_STATE_OFFCHANNEL, &sdata->state); |
7412 |
-- |
7413 |
-- /* Check to see if we should disable beaconing. */ |
7414 |
-+ /* disable beaconing */ |
7415 |
- if (sdata->vif.type == NL80211_IFTYPE_AP || |
7416 |
- sdata->vif.type == NL80211_IFTYPE_ADHOC || |
7417 |
- sdata->vif.type == NL80211_IFTYPE_MESH_POINT) |
7418 |
- ieee80211_bss_info_change_notify( |
7419 |
- sdata, BSS_CHANGED_BEACON_ENABLED); |
7420 |
- |
7421 |
-- if (sdata->vif.type != NL80211_IFTYPE_MONITOR) { |
7422 |
-+ /* |
7423 |
-+ * only handle non-STA interfaces here, STA interfaces |
7424 |
-+ * are handled in ieee80211_offchannel_stop_station(), |
7425 |
-+ * e.g., from the background scan state machine. |
7426 |
-+ * |
7427 |
-+ * In addition, do not stop monitor interface to allow it to be |
7428 |
-+ * used from user space controlled off-channel operations. |
7429 |
-+ */ |
7430 |
-+ if (sdata->vif.type != NL80211_IFTYPE_STATION && |
7431 |
-+ sdata->vif.type != NL80211_IFTYPE_MONITOR) { |
7432 |
-+ set_bit(SDATA_STATE_OFFCHANNEL, &sdata->state); |
7433 |
- netif_tx_stop_all_queues(sdata->dev); |
7434 |
-- if (offchannel_ps_enable && |
7435 |
-- (sdata->vif.type == NL80211_IFTYPE_STATION) && |
7436 |
-- sdata->u.mgd.associated) |
7437 |
-- ieee80211_offchannel_ps_enable(sdata, true); |
7438 |
- } |
7439 |
- } |
7440 |
- mutex_unlock(&local->iflist_mtx); |
7441 |
- } |
7442 |
- |
7443 |
--void ieee80211_offchannel_enable_all_ps(struct ieee80211_local *local, |
7444 |
-- bool tell_ap) |
7445 |
-+void ieee80211_offchannel_stop_station(struct ieee80211_local *local) |
7446 |
- { |
7447 |
- struct ieee80211_sub_if_data *sdata; |
7448 |
- |
7449 |
-+ /* |
7450 |
-+ * notify the AP about us leaving the channel and stop all STA interfaces |
7451 |
-+ */ |
7452 |
- mutex_lock(&local->iflist_mtx); |
7453 |
- list_for_each_entry(sdata, &local->interfaces, list) { |
7454 |
- if (!ieee80211_sdata_running(sdata)) |
7455 |
- continue; |
7456 |
- |
7457 |
-- if (sdata->vif.type == NL80211_IFTYPE_STATION && |
7458 |
-- sdata->u.mgd.associated) |
7459 |
-- ieee80211_offchannel_ps_enable(sdata, tell_ap); |
7460 |
-+ if (sdata->vif.type == NL80211_IFTYPE_STATION) { |
7461 |
-+ set_bit(SDATA_STATE_OFFCHANNEL, &sdata->state); |
7462 |
-+ netif_tx_stop_all_queues(sdata->dev); |
7463 |
-+ if (sdata->u.mgd.associated) |
7464 |
-+ ieee80211_offchannel_ps_enable(sdata); |
7465 |
-+ } |
7466 |
- } |
7467 |
- mutex_unlock(&local->iflist_mtx); |
7468 |
- } |
7469 |
- |
7470 |
- void ieee80211_offchannel_return(struct ieee80211_local *local, |
7471 |
-- bool enable_beaconing, |
7472 |
-- bool offchannel_ps_disable) |
7473 |
-+ bool enable_beaconing) |
7474 |
- { |
7475 |
- struct ieee80211_sub_if_data *sdata; |
7476 |
- |
7477 |
-@@ -167,8 +162,7 @@ void ieee80211_offchannel_return(struct ieee80211_local *local, |
7478 |
- continue; |
7479 |
- |
7480 |
- /* Tell AP we're back */ |
7481 |
-- if (offchannel_ps_disable && |
7482 |
-- sdata->vif.type == NL80211_IFTYPE_STATION) { |
7483 |
-+ if (sdata->vif.type == NL80211_IFTYPE_STATION) { |
7484 |
- if (sdata->u.mgd.associated) |
7485 |
- ieee80211_offchannel_ps_disable(sdata); |
7486 |
- } |
7487 |
-@@ -188,7 +182,7 @@ void ieee80211_offchannel_return(struct ieee80211_local *local, |
7488 |
- netif_tx_wake_all_queues(sdata->dev); |
7489 |
- } |
7490 |
- |
7491 |
-- /* Check to see if we should re-enable beaconing */ |
7492 |
-+ /* re-enable beaconing */ |
7493 |
- if (enable_beaconing && |
7494 |
- (sdata->vif.type == NL80211_IFTYPE_AP || |
7495 |
- sdata->vif.type == NL80211_IFTYPE_ADHOC || |
7496 |
-diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c |
7497 |
-index fb123e2..5c51607 100644 |
7498 |
---- a/net/mac80211/rx.c |
7499 |
-+++ b/net/mac80211/rx.c |
7500 |
-@@ -421,10 +421,16 @@ ieee80211_rx_h_passive_scan(struct ieee80211_rx_data *rx) |
7501 |
- return RX_CONTINUE; |
7502 |
- |
7503 |
- if (test_bit(SCAN_HW_SCANNING, &local->scanning) || |
7504 |
-- test_bit(SCAN_SW_SCANNING, &local->scanning) || |
7505 |
- local->sched_scanning) |
7506 |
- return ieee80211_scan_rx(rx->sdata, skb); |
7507 |
- |
7508 |
-+ if (test_bit(SCAN_SW_SCANNING, &local->scanning)) { |
7509 |
-+ /* drop all the other packets during a software scan anyway */ |
7510 |
-+ if (ieee80211_scan_rx(rx->sdata, skb) != RX_QUEUED) |
7511 |
-+ dev_kfree_skb(skb); |
7512 |
-+ return RX_QUEUED; |
7513 |
-+ } |
7514 |
-+ |
7515 |
- /* scanning finished during invoking of handlers */ |
7516 |
- I802_DEBUG_INC(local->rx_handlers_drop_passive_scan); |
7517 |
- return RX_DROP_UNUSABLE; |
7518 |
-@@ -2858,7 +2864,7 @@ static void __ieee80211_rx_handle_packet(struct ieee80211_hw *hw, |
7519 |
- local->dot11ReceivedFragmentCount++; |
7520 |
- |
7521 |
- if (unlikely(test_bit(SCAN_HW_SCANNING, &local->scanning) || |
7522 |
-- test_bit(SCAN_SW_SCANNING, &local->scanning))) |
7523 |
-+ test_bit(SCAN_OFF_CHANNEL, &local->scanning))) |
7524 |
- status->rx_flags |= IEEE80211_RX_IN_SCAN; |
7525 |
- |
7526 |
- if (ieee80211_is_mgmt(fc)) |
7527 |
-diff --git a/net/mac80211/scan.c b/net/mac80211/scan.c |
7528 |
-index 105436d..5279300 100644 |
7529 |
---- a/net/mac80211/scan.c |
7530 |
-+++ b/net/mac80211/scan.c |
7531 |
-@@ -213,14 +213,6 @@ ieee80211_scan_rx(struct ieee80211_sub_if_data *sdata, struct sk_buff *skb) |
7532 |
- if (bss) |
7533 |
- ieee80211_rx_bss_put(sdata->local, bss); |
7534 |
- |
7535 |
-- /* If we are on-operating-channel, and this packet is for the |
7536 |
-- * current channel, pass the pkt on up the stack so that |
7537 |
-- * the rest of the stack can make use of it. |
7538 |
-- */ |
7539 |
-- if (ieee80211_cfg_on_oper_channel(sdata->local) |
7540 |
-- && (channel == sdata->local->oper_channel)) |
7541 |
-- return RX_CONTINUE; |
7542 |
-- |
7543 |
- dev_kfree_skb(skb); |
7544 |
- return RX_QUEUED; |
7545 |
- } |
7546 |
-@@ -264,8 +256,6 @@ static void __ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted, |
7547 |
- bool was_hw_scan) |
7548 |
- { |
7549 |
- struct ieee80211_local *local = hw_to_local(hw); |
7550 |
-- bool on_oper_chan; |
7551 |
-- bool enable_beacons = false; |
7552 |
- |
7553 |
- lockdep_assert_held(&local->mtx); |
7554 |
- |
7555 |
-@@ -298,25 +288,11 @@ static void __ieee80211_scan_completed(struct ieee80211_hw *hw, bool aborted, |
7556 |
- local->scanning = 0; |
7557 |
- local->scan_channel = NULL; |
7558 |
- |
7559 |
-- on_oper_chan = ieee80211_cfg_on_oper_channel(local); |
7560 |
-- |
7561 |
-- if (was_hw_scan || !on_oper_chan) |
7562 |
-- ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); |
7563 |
-- else |
7564 |
-- /* Set power back to normal operating levels. */ |
7565 |
-- ieee80211_hw_config(local, 0); |
7566 |
-- |
7567 |
-+ ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); |
7568 |
- if (!was_hw_scan) { |
7569 |
-- bool on_oper_chan2; |
7570 |
- ieee80211_configure_filter(local); |
7571 |
- drv_sw_scan_complete(local); |
7572 |
-- on_oper_chan2 = ieee80211_cfg_on_oper_channel(local); |
7573 |
-- /* We should always be on-channel at this point. */ |
7574 |
-- WARN_ON(!on_oper_chan2); |
7575 |
-- if (on_oper_chan2 && (on_oper_chan != on_oper_chan2)) |
7576 |
-- enable_beacons = true; |
7577 |
-- |
7578 |
-- ieee80211_offchannel_return(local, enable_beacons, true); |
7579 |
-+ ieee80211_offchannel_return(local, true); |
7580 |
- } |
7581 |
- |
7582 |
- ieee80211_recalc_idle(local); |
7583 |
-@@ -357,15 +333,13 @@ static int ieee80211_start_sw_scan(struct ieee80211_local *local) |
7584 |
- */ |
7585 |
- drv_sw_scan_start(local); |
7586 |
- |
7587 |
-+ ieee80211_offchannel_stop_beaconing(local); |
7588 |
-+ |
7589 |
- local->leave_oper_channel_time = 0; |
7590 |
- local->next_scan_state = SCAN_DECISION; |
7591 |
- local->scan_channel_idx = 0; |
7592 |
- |
7593 |
-- /* We always want to use off-channel PS, even if we |
7594 |
-- * are not really leaving oper-channel. Don't |
7595 |
-- * tell the AP though, as long as we are on-channel. |
7596 |
-- */ |
7597 |
-- ieee80211_offchannel_enable_all_ps(local, false); |
7598 |
-+ drv_flush(local, false); |
7599 |
- |
7600 |
- ieee80211_configure_filter(local); |
7601 |
- |
7602 |
-@@ -508,20 +482,7 @@ static void ieee80211_scan_state_decision(struct ieee80211_local *local, |
7603 |
- } |
7604 |
- mutex_unlock(&local->iflist_mtx); |
7605 |
- |
7606 |
-- next_chan = local->scan_req->channels[local->scan_channel_idx]; |
7607 |
-- |
7608 |
-- if (ieee80211_cfg_on_oper_channel(local)) { |
7609 |
-- /* We're currently on operating channel. */ |
7610 |
-- if (next_chan == local->oper_channel) |
7611 |
-- /* We don't need to move off of operating channel. */ |
7612 |
-- local->next_scan_state = SCAN_SET_CHANNEL; |
7613 |
-- else |
7614 |
-- /* |
7615 |
-- * We do need to leave operating channel, as next |
7616 |
-- * scan is somewhere else. |
7617 |
-- */ |
7618 |
-- local->next_scan_state = SCAN_LEAVE_OPER_CHANNEL; |
7619 |
-- } else { |
7620 |
-+ if (local->scan_channel) { |
7621 |
- /* |
7622 |
- * we're currently scanning a different channel, let's |
7623 |
- * see if we can scan another channel without interfering |
7624 |
-@@ -537,6 +498,7 @@ static void ieee80211_scan_state_decision(struct ieee80211_local *local, |
7625 |
- * |
7626 |
- * Otherwise switch back to the operating channel. |
7627 |
- */ |
7628 |
-+ next_chan = local->scan_req->channels[local->scan_channel_idx]; |
7629 |
- |
7630 |
- bad_latency = time_after(jiffies + |
7631 |
- ieee80211_scan_get_channel_time(next_chan), |
7632 |
-@@ -554,6 +516,12 @@ static void ieee80211_scan_state_decision(struct ieee80211_local *local, |
7633 |
- local->next_scan_state = SCAN_ENTER_OPER_CHANNEL; |
7634 |
- else |
7635 |
- local->next_scan_state = SCAN_SET_CHANNEL; |
7636 |
-+ } else { |
7637 |
-+ /* |
7638 |
-+ * we're on the operating channel currently, let's |
7639 |
-+ * leave that channel now to scan another one |
7640 |
-+ */ |
7641 |
-+ local->next_scan_state = SCAN_LEAVE_OPER_CHANNEL; |
7642 |
- } |
7643 |
- |
7644 |
- *next_delay = 0; |
7645 |
-@@ -562,10 +530,9 @@ static void ieee80211_scan_state_decision(struct ieee80211_local *local, |
7646 |
- static void ieee80211_scan_state_leave_oper_channel(struct ieee80211_local *local, |
7647 |
- unsigned long *next_delay) |
7648 |
- { |
7649 |
-- /* PS will already be in off-channel mode, |
7650 |
-- * we do that once at the beginning of scanning. |
7651 |
-- */ |
7652 |
-- ieee80211_offchannel_stop_vifs(local, false); |
7653 |
-+ ieee80211_offchannel_stop_station(local); |
7654 |
-+ |
7655 |
-+ __set_bit(SCAN_OFF_CHANNEL, &local->scanning); |
7656 |
- |
7657 |
- /* |
7658 |
- * What if the nullfunc frames didn't arrive? |
7659 |
-@@ -588,15 +555,15 @@ static void ieee80211_scan_state_enter_oper_channel(struct ieee80211_local *loca |
7660 |
- { |
7661 |
- /* switch back to the operating channel */ |
7662 |
- local->scan_channel = NULL; |
7663 |
-- if (!ieee80211_cfg_on_oper_channel(local)) |
7664 |
-- ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); |
7665 |
-+ ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_CHANNEL); |
7666 |
- |
7667 |
- /* |
7668 |
-- * Re-enable vifs and beaconing. Leave PS |
7669 |
-- * in off-channel state..will put that back |
7670 |
-- * on-channel at the end of scanning. |
7671 |
-+ * Only re-enable station mode interface now; beaconing will be |
7672 |
-+ * re-enabled once the full scan has been completed. |
7673 |
- */ |
7674 |
-- ieee80211_offchannel_return(local, true, false); |
7675 |
-+ ieee80211_offchannel_return(local, false); |
7676 |
-+ |
7677 |
-+ __clear_bit(SCAN_OFF_CHANNEL, &local->scanning); |
7678 |
- |
7679 |
- *next_delay = HZ / 5; |
7680 |
- local->next_scan_state = SCAN_DECISION; |
7681 |
-diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c |
7682 |
-index 1f8b120..eff1f4e 100644 |
7683 |
---- a/net/mac80211/tx.c |
7684 |
-+++ b/net/mac80211/tx.c |
7685 |
-@@ -259,8 +259,7 @@ ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx) |
7686 |
- if (unlikely(info->flags & IEEE80211_TX_CTL_INJECTED)) |
7687 |
- return TX_CONTINUE; |
7688 |
- |
7689 |
-- if (unlikely(test_bit(SCAN_SW_SCANNING, &tx->local->scanning)) && |
7690 |
-- test_bit(SDATA_STATE_OFFCHANNEL, &tx->sdata->state) && |
7691 |
-+ if (unlikely(test_bit(SCAN_OFF_CHANNEL, &tx->local->scanning)) && |
7692 |
- !ieee80211_is_probe_req(hdr->frame_control) && |
7693 |
- !ieee80211_is_nullfunc(hdr->frame_control)) |
7694 |
- /* |
7695 |
-diff --git a/net/mac80211/work.c b/net/mac80211/work.c |
7696 |
-index 6c53b6d..99165ef 100644 |
7697 |
---- a/net/mac80211/work.c |
7698 |
-+++ b/net/mac80211/work.c |
7699 |
-@@ -899,26 +899,6 @@ static bool ieee80211_work_ct_coexists(enum nl80211_channel_type wk_ct, |
7700 |
- return false; |
7701 |
- } |
7702 |
- |
7703 |
--static enum nl80211_channel_type |
7704 |
--ieee80211_calc_ct(enum nl80211_channel_type wk_ct, |
7705 |
-- enum nl80211_channel_type oper_ct) |
7706 |
--{ |
7707 |
-- switch (wk_ct) { |
7708 |
-- case NL80211_CHAN_NO_HT: |
7709 |
-- return oper_ct; |
7710 |
-- case NL80211_CHAN_HT20: |
7711 |
-- if (oper_ct != NL80211_CHAN_NO_HT) |
7712 |
-- return oper_ct; |
7713 |
-- return wk_ct; |
7714 |
-- case NL80211_CHAN_HT40MINUS: |
7715 |
-- case NL80211_CHAN_HT40PLUS: |
7716 |
-- return wk_ct; |
7717 |
-- } |
7718 |
-- WARN_ON(1); /* shouldn't get here */ |
7719 |
-- return wk_ct; |
7720 |
--} |
7721 |
-- |
7722 |
-- |
7723 |
- static void ieee80211_work_timer(unsigned long data) |
7724 |
- { |
7725 |
- struct ieee80211_local *local = (void *) data; |
7726 |
-@@ -969,52 +949,18 @@ static void ieee80211_work_work(struct work_struct *work) |
7727 |
- } |
7728 |
- |
7729 |
- if (!started && !local->tmp_channel) { |
7730 |
-- bool on_oper_chan; |
7731 |
-- bool tmp_chan_changed = false; |
7732 |
-- bool on_oper_chan2; |
7733 |
-- enum nl80211_channel_type wk_ct; |
7734 |
-- on_oper_chan = ieee80211_cfg_on_oper_channel(local); |
7735 |
-- |
7736 |
-- /* Work with existing channel type if possible. */ |
7737 |
-- wk_ct = wk->chan_type; |
7738 |
-- if (wk->chan == local->hw.conf.channel) |
7739 |
-- wk_ct = ieee80211_calc_ct(wk->chan_type, |
7740 |
-- local->hw.conf.channel_type); |
7741 |
-- |
7742 |
-- if (local->tmp_channel) |
7743 |
-- if ((local->tmp_channel != wk->chan) || |
7744 |
-- (local->tmp_channel_type != wk_ct)) |
7745 |
-- tmp_chan_changed = true; |
7746 |
-- |
7747 |
-- local->tmp_channel = wk->chan; |
7748 |
-- local->tmp_channel_type = wk_ct; |
7749 |
- /* |
7750 |
-- * Leave the station vifs in awake mode if they |
7751 |
-- * happen to be on the same channel as |
7752 |
-- * the requested channel. |
7753 |
-+ * TODO: could optimize this by leaving the |
7754 |
-+ * station vifs in awake mode if they |
7755 |
-+ * happen to be on the same channel as |
7756 |
-+ * the requested channel |
7757 |
- */ |
7758 |
-- on_oper_chan2 = ieee80211_cfg_on_oper_channel(local); |
7759 |
-- if (on_oper_chan != on_oper_chan2) { |
7760 |
-- if (on_oper_chan2) { |
7761 |
-- /* going off oper channel, PS too */ |
7762 |
-- ieee80211_offchannel_stop_vifs(local, |
7763 |
-- true); |
7764 |
-- ieee80211_hw_config(local, 0); |
7765 |
-- } else { |
7766 |
-- /* going on channel, but leave PS |
7767 |
-- * off-channel. */ |
7768 |
-- ieee80211_hw_config(local, 0); |
7769 |
-- ieee80211_offchannel_return(local, |
7770 |
-- true, |
7771 |
-- false); |
7772 |
-- } |
7773 |
-- } else if (tmp_chan_changed) |
7774 |
-- /* Still off-channel, but on some other |
7775 |
-- * channel, so update hardware. |
7776 |
-- * PS should already be off-channel. |
7777 |
-- */ |
7778 |
-- ieee80211_hw_config(local, 0); |
7779 |
-+ ieee80211_offchannel_stop_beaconing(local); |
7780 |
-+ ieee80211_offchannel_stop_station(local); |
7781 |
- |
7782 |
-+ local->tmp_channel = wk->chan; |
7783 |
-+ local->tmp_channel_type = wk->chan_type; |
7784 |
-+ ieee80211_hw_config(local, 0); |
7785 |
- started = true; |
7786 |
- wk->timeout = jiffies; |
7787 |
- } |
7788 |
-@@ -1100,8 +1046,7 @@ static void ieee80211_work_work(struct work_struct *work) |
7789 |
- * we still need to do a hardware config. Currently, |
7790 |
- * we cannot be here while scanning, however. |
7791 |
- */ |
7792 |
-- if (!ieee80211_cfg_on_oper_channel(local)) |
7793 |
-- ieee80211_hw_config(local, 0); |
7794 |
-+ ieee80211_hw_config(local, 0); |
7795 |
- |
7796 |
- /* At the least, we need to disable offchannel_ps, |
7797 |
- * so just go ahead and run the entire offchannel |
7798 |
-@@ -1109,7 +1054,7 @@ static void ieee80211_work_work(struct work_struct *work) |
7799 |
- * beaconing if we were already on-oper-channel |
7800 |
- * as a future optimization. |
7801 |
- */ |
7802 |
-- ieee80211_offchannel_return(local, true, true); |
7803 |
-+ ieee80211_offchannel_return(local, true); |
7804 |
- |
7805 |
- /* give connection some time to breathe */ |
7806 |
- run_again(local, jiffies + HZ/2); |
7807 |
-diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c |
7808 |
-index f614ce7..28a39bb 100644 |
7809 |
---- a/net/mac80211/wpa.c |
7810 |
-+++ b/net/mac80211/wpa.c |
7811 |
-@@ -106,7 +106,7 @@ ieee80211_rx_h_michael_mic_verify(struct ieee80211_rx_data *rx) |
7812 |
- if (status->flag & RX_FLAG_MMIC_ERROR) |
7813 |
- goto mic_fail; |
7814 |
- |
7815 |
-- if (!(status->flag & RX_FLAG_IV_STRIPPED)) |
7816 |
-+ if (!(status->flag & RX_FLAG_IV_STRIPPED) && rx->key) |
7817 |
- goto update_iv; |
7818 |
- |
7819 |
- return RX_CONTINUE; |
7820 |
-diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c |
7821 |
-index 6e03888..d4ad50e 100644 |
7822 |
---- a/net/sunrpc/svc.c |
7823 |
-+++ b/net/sunrpc/svc.c |
7824 |
-@@ -167,6 +167,7 @@ svc_pool_map_alloc_arrays(struct svc_pool_map *m, unsigned int maxpools) |
7825 |
- |
7826 |
- fail_free: |
7827 |
- kfree(m->to_pool); |
7828 |
-+ m->to_pool = NULL; |
7829 |
- fail: |
7830 |
- return -ENOMEM; |
7831 |
- } |
7832 |
-@@ -287,7 +288,9 @@ svc_pool_map_put(void) |
7833 |
- if (!--m->count) { |
7834 |
- m->mode = SVC_POOL_DEFAULT; |
7835 |
- kfree(m->to_pool); |
7836 |
-+ m->to_pool = NULL; |
7837 |
- kfree(m->pool_to); |
7838 |
-+ m->pool_to = NULL; |
7839 |
- m->npools = 0; |
7840 |
- } |
7841 |
- |
7842 |
-@@ -527,17 +530,20 @@ svc_destroy(struct svc_serv *serv) |
7843 |
- printk("svc_destroy: no threads for serv=%p!\n", serv); |
7844 |
- |
7845 |
- del_timer_sync(&serv->sv_temptimer); |
7846 |
-- |
7847 |
-- svc_close_all(&serv->sv_tempsocks); |
7848 |
-+ /* |
7849 |
-+ * The set of xprts (contained in the sv_tempsocks and |
7850 |
-+ * sv_permsocks lists) is now constant, since it is modified |
7851 |
-+ * only by accepting new sockets (done by service threads in |
7852 |
-+ * svc_recv) or aging old ones (done by sv_temptimer), or |
7853 |
-+ * configuration changes (excluded by whatever locking the |
7854 |
-+ * caller is using--nfsd_mutex in the case of nfsd). So it's |
7855 |
-+ * safe to traverse those lists and shut everything down: |
7856 |
-+ */ |
7857 |
-+ svc_close_all(serv); |
7858 |
- |
7859 |
- if (serv->sv_shutdown) |
7860 |
- serv->sv_shutdown(serv); |
7861 |
- |
7862 |
-- svc_close_all(&serv->sv_permsocks); |
7863 |
-- |
7864 |
-- BUG_ON(!list_empty(&serv->sv_permsocks)); |
7865 |
-- BUG_ON(!list_empty(&serv->sv_tempsocks)); |
7866 |
-- |
7867 |
- cache_clean_deferred(serv); |
7868 |
- |
7869 |
- if (svc_serv_is_pooled(serv)) |
7870 |
-diff --git a/net/sunrpc/svc_xprt.c b/net/sunrpc/svc_xprt.c |
7871 |
-index 447cd0e..9ed2cd0 100644 |
7872 |
---- a/net/sunrpc/svc_xprt.c |
7873 |
-+++ b/net/sunrpc/svc_xprt.c |
7874 |
-@@ -893,14 +893,7 @@ void svc_delete_xprt(struct svc_xprt *xprt) |
7875 |
- spin_lock_bh(&serv->sv_lock); |
7876 |
- if (!test_and_set_bit(XPT_DETACHED, &xprt->xpt_flags)) |
7877 |
- list_del_init(&xprt->xpt_list); |
7878 |
-- /* |
7879 |
-- * The only time we're called while xpt_ready is still on a list |
7880 |
-- * is while the list itself is about to be destroyed (in |
7881 |
-- * svc_destroy). BUT svc_xprt_enqueue could still be attempting |
7882 |
-- * to add new entries to the sp_sockets list, so we can't leave |
7883 |
-- * a freed xprt on it. |
7884 |
-- */ |
7885 |
-- list_del_init(&xprt->xpt_ready); |
7886 |
-+ BUG_ON(!list_empty(&xprt->xpt_ready)); |
7887 |
- if (test_bit(XPT_TEMP, &xprt->xpt_flags)) |
7888 |
- serv->sv_tmpcnt--; |
7889 |
- spin_unlock_bh(&serv->sv_lock); |
7890 |
-@@ -928,22 +921,48 @@ void svc_close_xprt(struct svc_xprt *xprt) |
7891 |
- } |
7892 |
- EXPORT_SYMBOL_GPL(svc_close_xprt); |
7893 |
- |
7894 |
--void svc_close_all(struct list_head *xprt_list) |
7895 |
-+static void svc_close_list(struct list_head *xprt_list) |
7896 |
-+{ |
7897 |
-+ struct svc_xprt *xprt; |
7898 |
-+ |
7899 |
-+ list_for_each_entry(xprt, xprt_list, xpt_list) { |
7900 |
-+ set_bit(XPT_CLOSE, &xprt->xpt_flags); |
7901 |
-+ set_bit(XPT_BUSY, &xprt->xpt_flags); |
7902 |
-+ } |
7903 |
-+} |
7904 |
-+ |
7905 |
-+void svc_close_all(struct svc_serv *serv) |
7906 |
- { |
7907 |
-+ struct svc_pool *pool; |
7908 |
- struct svc_xprt *xprt; |
7909 |
- struct svc_xprt *tmp; |
7910 |
-+ int i; |
7911 |
-+ |
7912 |
-+ svc_close_list(&serv->sv_tempsocks); |
7913 |
-+ svc_close_list(&serv->sv_permsocks); |
7914 |
- |
7915 |
-+ for (i = 0; i < serv->sv_nrpools; i++) { |
7916 |
-+ pool = &serv->sv_pools[i]; |
7917 |
-+ |
7918 |
-+ spin_lock_bh(&pool->sp_lock); |
7919 |
-+ while (!list_empty(&pool->sp_sockets)) { |
7920 |
-+ xprt = list_first_entry(&pool->sp_sockets, struct svc_xprt, xpt_ready); |
7921 |
-+ list_del_init(&xprt->xpt_ready); |
7922 |
-+ } |
7923 |
-+ spin_unlock_bh(&pool->sp_lock); |
7924 |
-+ } |
7925 |
- /* |
7926 |
-- * The server is shutting down, and no more threads are running. |
7927 |
-- * svc_xprt_enqueue() might still be running, but at worst it |
7928 |
-- * will re-add the xprt to sp_sockets, which will soon get |
7929 |
-- * freed. So we don't bother with any more locking, and don't |
7930 |
-- * leave the close to the (nonexistent) server threads: |
7931 |
-+ * At this point the sp_sockets lists will stay empty, since |
7932 |
-+ * svc_enqueue will not add new entries without taking the |
7933 |
-+ * sp_lock and checking XPT_BUSY. |
7934 |
- */ |
7935 |
-- list_for_each_entry_safe(xprt, tmp, xprt_list, xpt_list) { |
7936 |
-- set_bit(XPT_CLOSE, &xprt->xpt_flags); |
7937 |
-+ list_for_each_entry_safe(xprt, tmp, &serv->sv_tempsocks, xpt_list) |
7938 |
- svc_delete_xprt(xprt); |
7939 |
-- } |
7940 |
-+ list_for_each_entry_safe(xprt, tmp, &serv->sv_permsocks, xpt_list) |
7941 |
-+ svc_delete_xprt(xprt); |
7942 |
-+ |
7943 |
-+ BUG_ON(!list_empty(&serv->sv_permsocks)); |
7944 |
-+ BUG_ON(!list_empty(&serv->sv_tempsocks)); |
7945 |
- } |
7946 |
- |
7947 |
- /* |
7948 |
-diff --git a/net/sunrpc/xdr.c b/net/sunrpc/xdr.c |
7949 |
-index 277ebd4..593f4c6 100644 |
7950 |
---- a/net/sunrpc/xdr.c |
7951 |
-+++ b/net/sunrpc/xdr.c |
7952 |
-@@ -296,7 +296,7 @@ _copy_to_pages(struct page **pages, size_t pgbase, const char *p, size_t len) |
7953 |
- * Copies data into an arbitrary memory location from an array of pages |
7954 |
- * The copy is assumed to be non-overlapping. |
7955 |
- */ |
7956 |
--static void |
7957 |
-+void |
7958 |
- _copy_from_pages(char *p, struct page **pages, size_t pgbase, size_t len) |
7959 |
- { |
7960 |
- struct page **pgfrom; |
7961 |
-@@ -324,6 +324,7 @@ _copy_from_pages(char *p, struct page **pages, size_t pgbase, size_t len) |
7962 |
- |
7963 |
- } while ((len -= copy) != 0); |
7964 |
- } |
7965 |
-+EXPORT_SYMBOL_GPL(_copy_from_pages); |
7966 |
- |
7967 |
- /* |
7968 |
- * xdr_shrink_bufhead |
7969 |
-diff --git a/scripts/kconfig/streamline_config.pl b/scripts/kconfig/streamline_config.pl |
7970 |
-index ec7afce..bccf07d 100644 |
7971 |
---- a/scripts/kconfig/streamline_config.pl |
7972 |
-+++ b/scripts/kconfig/streamline_config.pl |
7973 |
-@@ -250,33 +250,61 @@ if ($kconfig) { |
7974 |
- read_kconfig($kconfig); |
7975 |
- } |
7976 |
- |
7977 |
-+sub convert_vars { |
7978 |
-+ my ($line, %vars) = @_; |
7979 |
-+ |
7980 |
-+ my $process = ""; |
7981 |
-+ |
7982 |
-+ while ($line =~ s/^(.*?)(\$\((.*?)\))//) { |
7983 |
-+ my $start = $1; |
7984 |
-+ my $variable = $2; |
7985 |
-+ my $var = $3; |
7986 |
-+ |
7987 |
-+ if (defined($vars{$var})) { |
7988 |
-+ $process .= $start . $vars{$var}; |
7989 |
-+ } else { |
7990 |
-+ $process .= $start . $variable; |
7991 |
-+ } |
7992 |
-+ } |
7993 |
-+ |
7994 |
-+ $process .= $line; |
7995 |
-+ |
7996 |
-+ return $process; |
7997 |
-+} |
7998 |
-+ |
7999 |
- # Read all Makefiles to map the configs to the objects |
8000 |
- foreach my $makefile (@makefiles) { |
8001 |
- |
8002 |
-- my $cont = 0; |
8003 |
-+ my $line = ""; |
8004 |
-+ my %make_vars; |
8005 |
- |
8006 |
- open(MIN,$makefile) || die "Can't open $makefile"; |
8007 |
- while (<MIN>) { |
8008 |
-+ # if this line ends with a backslash, continue |
8009 |
-+ chomp; |
8010 |
-+ if (/^(.*)\\$/) { |
8011 |
-+ $line .= $1; |
8012 |
-+ next; |
8013 |
-+ } |
8014 |
-+ |
8015 |
-+ $line .= $_; |
8016 |
-+ $_ = $line; |
8017 |
-+ $line = ""; |
8018 |
-+ |
8019 |
- my $objs; |
8020 |
- |
8021 |
-- # is this a line after a line with a backslash? |
8022 |
-- if ($cont && /(\S.*)$/) { |
8023 |
-- $objs = $1; |
8024 |
-- } |
8025 |
-- $cont = 0; |
8026 |
-+ $_ = convert_vars($_, %make_vars); |
8027 |
- |
8028 |
- # collect objects after obj-$(CONFIG_FOO_BAR) |
8029 |
- if (/obj-\$\((CONFIG_[^\)]*)\)\s*[+:]?=\s*(.*)/) { |
8030 |
- $var = $1; |
8031 |
- $objs = $2; |
8032 |
-+ |
8033 |
-+ # check if variables are set |
8034 |
-+ } elsif (/^\s*(\S+)\s*[:]?=\s*(.*\S)/) { |
8035 |
-+ $make_vars{$1} = $2; |
8036 |
- } |
8037 |
- if (defined($objs)) { |
8038 |
-- # test if the line ends with a backslash |
8039 |
-- if ($objs =~ m,(.*)\\$,) { |
8040 |
-- $objs = $1; |
8041 |
-- $cont = 1; |
8042 |
-- } |
8043 |
-- |
8044 |
- foreach my $obj (split /\s+/,$objs) { |
8045 |
- $obj =~ s/-/_/g; |
8046 |
- if ($obj =~ /(.*)\.o$/) { |
8047 |
-diff --git a/scripts/recordmcount.h b/scripts/recordmcount.h |
8048 |
-index f40a6af6..54e35c1 100644 |
8049 |
---- a/scripts/recordmcount.h |
8050 |
-+++ b/scripts/recordmcount.h |
8051 |
-@@ -462,7 +462,7 @@ __has_rel_mcount(Elf_Shdr const *const relhdr, /* is SHT_REL or SHT_RELA */ |
8052 |
- succeed_file(); |
8053 |
- } |
8054 |
- if (w(txthdr->sh_type) != SHT_PROGBITS || |
8055 |
-- !(w(txthdr->sh_flags) & SHF_EXECINSTR)) |
8056 |
-+ !(_w(txthdr->sh_flags) & SHF_EXECINSTR)) |
8057 |
- return NULL; |
8058 |
- return txtname; |
8059 |
- } |
8060 |
-diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c |
8061 |
-index 0d50df0..88a2788 100644 |
8062 |
---- a/security/integrity/ima/ima_api.c |
8063 |
-+++ b/security/integrity/ima/ima_api.c |
8064 |
-@@ -178,8 +178,8 @@ void ima_store_measurement(struct integrity_iint_cache *iint, |
8065 |
- strncpy(entry->template.file_name, filename, IMA_EVENT_NAME_LEN_MAX); |
8066 |
- |
8067 |
- result = ima_store_template(entry, violation, inode); |
8068 |
-- if (!result) |
8069 |
-+ if (!result || result == -EEXIST) |
8070 |
- iint->flags |= IMA_MEASURED; |
8071 |
-- else |
8072 |
-+ if (result < 0) |
8073 |
- kfree(entry); |
8074 |
- } |
8075 |
-diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c |
8076 |
-index 8e28f04..55a6271 100644 |
8077 |
---- a/security/integrity/ima/ima_queue.c |
8078 |
-+++ b/security/integrity/ima/ima_queue.c |
8079 |
-@@ -23,6 +23,8 @@ |
8080 |
- #include <linux/slab.h> |
8081 |
- #include "ima.h" |
8082 |
- |
8083 |
-+#define AUDIT_CAUSE_LEN_MAX 32 |
8084 |
-+ |
8085 |
- LIST_HEAD(ima_measurements); /* list of all measurements */ |
8086 |
- |
8087 |
- /* key: inode (before secure-hashing a file) */ |
8088 |
-@@ -94,7 +96,8 @@ static int ima_pcr_extend(const u8 *hash) |
8089 |
- |
8090 |
- result = tpm_pcr_extend(TPM_ANY_NUM, CONFIG_IMA_MEASURE_PCR_IDX, hash); |
8091 |
- if (result != 0) |
8092 |
-- pr_err("IMA: Error Communicating to TPM chip\n"); |
8093 |
-+ pr_err("IMA: Error Communicating to TPM chip, result: %d\n", |
8094 |
-+ result); |
8095 |
- return result; |
8096 |
- } |
8097 |
- |
8098 |
-@@ -106,14 +109,16 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation, |
8099 |
- { |
8100 |
- u8 digest[IMA_DIGEST_SIZE]; |
8101 |
- const char *audit_cause = "hash_added"; |
8102 |
-+ char tpm_audit_cause[AUDIT_CAUSE_LEN_MAX]; |
8103 |
- int audit_info = 1; |
8104 |
-- int result = 0; |
8105 |
-+ int result = 0, tpmresult = 0; |
8106 |
- |
8107 |
- mutex_lock(&ima_extend_list_mutex); |
8108 |
- if (!violation) { |
8109 |
- memcpy(digest, entry->digest, sizeof digest); |
8110 |
- if (ima_lookup_digest_entry(digest)) { |
8111 |
- audit_cause = "hash_exists"; |
8112 |
-+ result = -EEXIST; |
8113 |
- goto out; |
8114 |
- } |
8115 |
- } |
8116 |
-@@ -128,9 +133,11 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation, |
8117 |
- if (violation) /* invalidate pcr */ |
8118 |
- memset(digest, 0xff, sizeof digest); |
8119 |
- |
8120 |
-- result = ima_pcr_extend(digest); |
8121 |
-- if (result != 0) { |
8122 |
-- audit_cause = "TPM error"; |
8123 |
-+ tpmresult = ima_pcr_extend(digest); |
8124 |
-+ if (tpmresult != 0) { |
8125 |
-+ snprintf(tpm_audit_cause, AUDIT_CAUSE_LEN_MAX, "TPM_error(%d)", |
8126 |
-+ tpmresult); |
8127 |
-+ audit_cause = tpm_audit_cause; |
8128 |
- audit_info = 0; |
8129 |
- } |
8130 |
- out: |
8131 |
-diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c |
8132 |
-index 4a9b4b2..867558c 100644 |
8133 |
---- a/security/tomoyo/util.c |
8134 |
-+++ b/security/tomoyo/util.c |
8135 |
-@@ -492,13 +492,13 @@ static bool tomoyo_correct_word2(const char *string, size_t len) |
8136 |
- if (d < '0' || d > '7' || e < '0' || e > '7') |
8137 |
- break; |
8138 |
- c = tomoyo_make_byte(c, d, e); |
8139 |
-- if (tomoyo_invalid(c)) |
8140 |
-- continue; /* pattern is not \000 */ |
8141 |
-+ if (c <= ' ' || c >= 127) |
8142 |
-+ continue; |
8143 |
- } |
8144 |
- goto out; |
8145 |
- } else if (in_repetition && c == '/') { |
8146 |
- goto out; |
8147 |
-- } else if (tomoyo_invalid(c)) { |
8148 |
-+ } else if (c <= ' ' || c >= 127) { |
8149 |
- goto out; |
8150 |
- } |
8151 |
- } |
8152 |
-diff --git a/sound/pci/hda/hda_intel.c b/sound/pci/hda/hda_intel.c |
8153 |
-index c2f79e6..5b2b75b 100644 |
8154 |
---- a/sound/pci/hda/hda_intel.c |
8155 |
-+++ b/sound/pci/hda/hda_intel.c |
8156 |
-@@ -2509,6 +2509,7 @@ static struct snd_pci_quirk position_fix_list[] __devinitdata = { |
8157 |
- SND_PCI_QUIRK(0x1043, 0x81e7, "ASUS M2V", POS_FIX_LPIB), |
8158 |
- SND_PCI_QUIRK(0x1043, 0x83ce, "ASUS 1101HA", POS_FIX_LPIB), |
8159 |
- SND_PCI_QUIRK(0x104d, 0x9069, "Sony VPCS11V9E", POS_FIX_LPIB), |
8160 |
-+ SND_PCI_QUIRK(0x10de, 0xcb89, "Macbook Pro 7,1", POS_FIX_LPIB), |
8161 |
- SND_PCI_QUIRK(0x1297, 0x3166, "Shuttle", POS_FIX_LPIB), |
8162 |
- SND_PCI_QUIRK(0x1458, 0xa022, "ga-ma770-ud3", POS_FIX_LPIB), |
8163 |
- SND_PCI_QUIRK(0x1462, 0x1002, "MSI Wind U115", POS_FIX_LPIB), |
8164 |
-diff --git a/sound/pci/hda/hda_local.h b/sound/pci/hda/hda_local.h |
8165 |
-index 618ddad..368f0c5 100644 |
8166 |
---- a/sound/pci/hda/hda_local.h |
8167 |
-+++ b/sound/pci/hda/hda_local.h |
8168 |
-@@ -487,7 +487,12 @@ static inline u32 get_wcaps(struct hda_codec *codec, hda_nid_t nid) |
8169 |
- } |
8170 |
- |
8171 |
- /* get the widget type from widget capability bits */ |
8172 |
--#define get_wcaps_type(wcaps) (((wcaps) & AC_WCAP_TYPE) >> AC_WCAP_TYPE_SHIFT) |
8173 |
-+static inline int get_wcaps_type(unsigned int wcaps) |
8174 |
-+{ |
8175 |
-+ if (!wcaps) |
8176 |
-+ return -1; /* invalid type */ |
8177 |
-+ return (wcaps & AC_WCAP_TYPE) >> AC_WCAP_TYPE_SHIFT; |
8178 |
-+} |
8179 |
- |
8180 |
- static inline unsigned int get_wcaps_channels(u32 wcaps) |
8181 |
- { |
8182 |
-diff --git a/sound/pci/hda/hda_proc.c b/sound/pci/hda/hda_proc.c |
8183 |
-index 2c981b5..254ab52 100644 |
8184 |
---- a/sound/pci/hda/hda_proc.c |
8185 |
-+++ b/sound/pci/hda/hda_proc.c |
8186 |
-@@ -54,6 +54,8 @@ static const char *get_wid_type_name(unsigned int wid_value) |
8187 |
- [AC_WID_BEEP] = "Beep Generator Widget", |
8188 |
- [AC_WID_VENDOR] = "Vendor Defined Widget", |
8189 |
- }; |
8190 |
-+ if (wid_value == -1) |
8191 |
-+ return "UNKNOWN Widget"; |
8192 |
- wid_value &= 0xf; |
8193 |
- if (names[wid_value]) |
8194 |
- return names[wid_value]; |
8195 |
-diff --git a/sound/pci/hda/patch_cirrus.c b/sound/pci/hda/patch_cirrus.c |
8196 |
-index 70a7abd..5b0a9bb 100644 |
8197 |
---- a/sound/pci/hda/patch_cirrus.c |
8198 |
-+++ b/sound/pci/hda/patch_cirrus.c |
8199 |
-@@ -920,16 +920,14 @@ static void cs_automute(struct hda_codec *codec) |
8200 |
- |
8201 |
- /* mute speakers if spdif or hp jack is plugged in */ |
8202 |
- for (i = 0; i < cfg->speaker_outs; i++) { |
8203 |
-+ int pin_ctl = hp_present ? 0 : PIN_OUT; |
8204 |
-+ /* detect on spdif is specific to CS421x */ |
8205 |
-+ if (spdif_present && (spec->vendor_nid == CS421X_VENDOR_NID)) |
8206 |
-+ pin_ctl = 0; |
8207 |
-+ |
8208 |
- nid = cfg->speaker_pins[i]; |
8209 |
- snd_hda_codec_write(codec, nid, 0, |
8210 |
-- AC_VERB_SET_PIN_WIDGET_CONTROL, |
8211 |
-- hp_present ? 0 : PIN_OUT); |
8212 |
-- /* detect on spdif is specific to CS421x */ |
8213 |
-- if (spec->vendor_nid == CS421X_VENDOR_NID) { |
8214 |
-- snd_hda_codec_write(codec, nid, 0, |
8215 |
-- AC_VERB_SET_PIN_WIDGET_CONTROL, |
8216 |
-- spdif_present ? 0 : PIN_OUT); |
8217 |
-- } |
8218 |
-+ AC_VERB_SET_PIN_WIDGET_CONTROL, pin_ctl); |
8219 |
- } |
8220 |
- if (spec->gpio_eapd_hp) { |
8221 |
- unsigned int gpio = hp_present ? |
8222 |
-@@ -1771,30 +1769,19 @@ static int build_cs421x_output(struct hda_codec *codec) |
8223 |
- struct auto_pin_cfg *cfg = &spec->autocfg; |
8224 |
- struct snd_kcontrol *kctl; |
8225 |
- int err; |
8226 |
-- char *name = "HP/Speakers"; |
8227 |
-+ char *name = "Master"; |
8228 |
- |
8229 |
- fix_volume_caps(codec, dac); |
8230 |
-- if (!spec->vmaster_sw) { |
8231 |
-- err = add_vmaster(codec, dac); |
8232 |
-- if (err < 0) |
8233 |
-- return err; |
8234 |
-- } |
8235 |
- |
8236 |
- err = add_mute(codec, name, 0, |
8237 |
- HDA_COMPOSE_AMP_VAL(dac, 3, 0, HDA_OUTPUT), 0, &kctl); |
8238 |
- if (err < 0) |
8239 |
- return err; |
8240 |
-- err = snd_ctl_add_slave(spec->vmaster_sw, kctl); |
8241 |
-- if (err < 0) |
8242 |
-- return err; |
8243 |
- |
8244 |
- err = add_volume(codec, name, 0, |
8245 |
- HDA_COMPOSE_AMP_VAL(dac, 3, 0, HDA_OUTPUT), 0, &kctl); |
8246 |
- if (err < 0) |
8247 |
- return err; |
8248 |
-- err = snd_ctl_add_slave(spec->vmaster_vol, kctl); |
8249 |
-- if (err < 0) |
8250 |
-- return err; |
8251 |
- |
8252 |
- if (cfg->speaker_outs) { |
8253 |
- err = snd_hda_ctl_add(codec, 0, |
8254 |
-diff --git a/sound/pci/hda/patch_conexant.c b/sound/pci/hda/patch_conexant.c |
8255 |
-index 0de2119..7072251 100644 |
8256 |
---- a/sound/pci/hda/patch_conexant.c |
8257 |
-+++ b/sound/pci/hda/patch_conexant.c |
8258 |
-@@ -1120,8 +1120,6 @@ static const char * const cxt5045_models[CXT5045_MODELS] = { |
8259 |
- |
8260 |
- static const struct snd_pci_quirk cxt5045_cfg_tbl[] = { |
8261 |
- SND_PCI_QUIRK(0x103c, 0x30d5, "HP 530", CXT5045_LAPTOP_HP530), |
8262 |
-- SND_PCI_QUIRK_MASK(0x103c, 0xff00, 0x3000, "HP DV Series", |
8263 |
-- CXT5045_LAPTOP_HPSENSE), |
8264 |
- SND_PCI_QUIRK(0x1179, 0xff31, "Toshiba P105", CXT5045_LAPTOP_MICSENSE), |
8265 |
- SND_PCI_QUIRK(0x152d, 0x0753, "Benq R55E", CXT5045_BENQ), |
8266 |
- SND_PCI_QUIRK(0x1734, 0x10ad, "Fujitsu Si1520", CXT5045_LAPTOP_MICSENSE), |
8267 |
-diff --git a/sound/pci/hda/patch_sigmatel.c b/sound/pci/hda/patch_sigmatel.c |
8268 |
-index 616678f..f3c73a9 100644 |
8269 |
---- a/sound/pci/hda/patch_sigmatel.c |
8270 |
-+++ b/sound/pci/hda/patch_sigmatel.c |
8271 |
-@@ -1631,7 +1631,7 @@ static const struct snd_pci_quirk stac92hd73xx_cfg_tbl[] = { |
8272 |
- SND_PCI_QUIRK(PCI_VENDOR_ID_DELL, 0x02bd, |
8273 |
- "Dell Studio 1557", STAC_DELL_M6_DMIC), |
8274 |
- SND_PCI_QUIRK(PCI_VENDOR_ID_DELL, 0x02fe, |
8275 |
-- "Dell Studio XPS 1645", STAC_DELL_M6_BOTH), |
8276 |
-+ "Dell Studio XPS 1645", STAC_DELL_M6_DMIC), |
8277 |
- SND_PCI_QUIRK(PCI_VENDOR_ID_DELL, 0x0413, |
8278 |
- "Dell Studio 1558", STAC_DELL_M6_DMIC), |
8279 |
- {} /* terminator */ |
8280 |
-@@ -4326,6 +4326,27 @@ static void stac_store_hints(struct hda_codec *codec) |
8281 |
- } |
8282 |
- } |
8283 |
- |
8284 |
-+static void stac_issue_unsol_events(struct hda_codec *codec, int num_pins, |
8285 |
-+ const hda_nid_t *pins) |
8286 |
-+{ |
8287 |
-+ while (num_pins--) |
8288 |
-+ stac_issue_unsol_event(codec, *pins++); |
8289 |
-+} |
8290 |
-+ |
8291 |
-+/* fake event to set up pins */ |
8292 |
-+static void stac_fake_hp_events(struct hda_codec *codec) |
8293 |
-+{ |
8294 |
-+ struct sigmatel_spec *spec = codec->spec; |
8295 |
-+ |
8296 |
-+ if (spec->autocfg.hp_outs) |
8297 |
-+ stac_issue_unsol_events(codec, spec->autocfg.hp_outs, |
8298 |
-+ spec->autocfg.hp_pins); |
8299 |
-+ if (spec->autocfg.line_outs && |
8300 |
-+ spec->autocfg.line_out_pins[0] != spec->autocfg.hp_pins[0]) |
8301 |
-+ stac_issue_unsol_events(codec, spec->autocfg.line_outs, |
8302 |
-+ spec->autocfg.line_out_pins); |
8303 |
-+} |
8304 |
-+ |
8305 |
- static int stac92xx_init(struct hda_codec *codec) |
8306 |
- { |
8307 |
- struct sigmatel_spec *spec = codec->spec; |
8308 |
-@@ -4376,10 +4397,7 @@ static int stac92xx_init(struct hda_codec *codec) |
8309 |
- stac92xx_auto_set_pinctl(codec, spec->autocfg.line_out_pins[0], |
8310 |
- AC_PINCTL_OUT_EN); |
8311 |
- /* fake event to set up pins */ |
8312 |
-- if (cfg->hp_pins[0]) |
8313 |
-- stac_issue_unsol_event(codec, cfg->hp_pins[0]); |
8314 |
-- else if (cfg->line_out_pins[0]) |
8315 |
-- stac_issue_unsol_event(codec, cfg->line_out_pins[0]); |
8316 |
-+ stac_fake_hp_events(codec); |
8317 |
- } else { |
8318 |
- stac92xx_auto_init_multi_out(codec); |
8319 |
- stac92xx_auto_init_hp_out(codec); |
8320 |
-@@ -5028,19 +5046,11 @@ static void stac927x_proc_hook(struct snd_info_buffer *buffer, |
8321 |
- #ifdef CONFIG_PM |
8322 |
- static int stac92xx_resume(struct hda_codec *codec) |
8323 |
- { |
8324 |
-- struct sigmatel_spec *spec = codec->spec; |
8325 |
-- |
8326 |
- stac92xx_init(codec); |
8327 |
- snd_hda_codec_resume_amp(codec); |
8328 |
- snd_hda_codec_resume_cache(codec); |
8329 |
- /* fake event to set up pins again to override cached values */ |
8330 |
-- if (spec->hp_detect) { |
8331 |
-- if (spec->autocfg.hp_pins[0]) |
8332 |
-- stac_issue_unsol_event(codec, spec->autocfg.hp_pins[0]); |
8333 |
-- else if (spec->autocfg.line_out_pins[0]) |
8334 |
-- stac_issue_unsol_event(codec, |
8335 |
-- spec->autocfg.line_out_pins[0]); |
8336 |
-- } |
8337 |
-+ stac_fake_hp_events(codec); |
8338 |
- return 0; |
8339 |
- } |
8340 |
- |
8341 |
-diff --git a/sound/pci/hda/patch_via.c b/sound/pci/hda/patch_via.c |
8342 |
-index b513762..8d69e59 100644 |
8343 |
---- a/sound/pci/hda/patch_via.c |
8344 |
-+++ b/sound/pci/hda/patch_via.c |
8345 |
-@@ -2200,7 +2200,10 @@ static int via_auto_create_loopback_switch(struct hda_codec *codec) |
8346 |
- { |
8347 |
- struct via_spec *spec = codec->spec; |
8348 |
- |
8349 |
-- if (!spec->aa_mix_nid || !spec->out_mix_path.depth) |
8350 |
-+ if (!spec->aa_mix_nid) |
8351 |
-+ return 0; /* no loopback switching available */ |
8352 |
-+ if (!(spec->out_mix_path.depth || spec->hp_mix_path.depth || |
8353 |
-+ spec->speaker_path.depth)) |
8354 |
- return 0; /* no loopback switching available */ |
8355 |
- if (!via_clone_control(spec, &via_aamix_ctl_enum)) |
8356 |
- return -ENOMEM; |
8357 |
-diff --git a/sound/pci/ice1712/amp.c b/sound/pci/ice1712/amp.c |
8358 |
-index e328cfb..e525da2 100644 |
8359 |
---- a/sound/pci/ice1712/amp.c |
8360 |
-+++ b/sound/pci/ice1712/amp.c |
8361 |
-@@ -68,8 +68,11 @@ static int __devinit snd_vt1724_amp_init(struct snd_ice1712 *ice) |
8362 |
- |
8363 |
- static int __devinit snd_vt1724_amp_add_controls(struct snd_ice1712 *ice) |
8364 |
- { |
8365 |
-- /* we use pins 39 and 41 of the VT1616 for left and right read outputs */ |
8366 |
-- snd_ac97_write_cache(ice->ac97, 0x5a, snd_ac97_read(ice->ac97, 0x5a) & ~0x8000); |
8367 |
-+ if (ice->ac97) |
8368 |
-+ /* we use pins 39 and 41 of the VT1616 for left and right |
8369 |
-+ read outputs */ |
8370 |
-+ snd_ac97_write_cache(ice->ac97, 0x5a, |
8371 |
-+ snd_ac97_read(ice->ac97, 0x5a) & ~0x8000); |
8372 |
- return 0; |
8373 |
- } |
8374 |
- |
8375 |
-diff --git a/sound/pci/oxygen/xonar_wm87x6.c b/sound/pci/oxygen/xonar_wm87x6.c |
8376 |
-index 42d1ab1..915546a 100644 |
8377 |
---- a/sound/pci/oxygen/xonar_wm87x6.c |
8378 |
-+++ b/sound/pci/oxygen/xonar_wm87x6.c |
8379 |
-@@ -177,6 +177,7 @@ static void wm8776_registers_init(struct oxygen *chip) |
8380 |
- struct xonar_wm87x6 *data = chip->model_data; |
8381 |
- |
8382 |
- wm8776_write(chip, WM8776_RESET, 0); |
8383 |
-+ wm8776_write(chip, WM8776_PHASESWAP, WM8776_PH_MASK); |
8384 |
- wm8776_write(chip, WM8776_DACCTRL1, WM8776_DZCEN | |
8385 |
- WM8776_PL_LEFT_LEFT | WM8776_PL_RIGHT_RIGHT); |
8386 |
- wm8776_write(chip, WM8776_DACMUTE, chip->dac_mute ? WM8776_DMUTE : 0); |
8387 |
-diff --git a/sound/usb/endpoint.c b/sound/usb/endpoint.c |
8388 |
-index 81c6ede..08dcce5 100644 |
8389 |
---- a/sound/usb/endpoint.c |
8390 |
-+++ b/sound/usb/endpoint.c |
8391 |
-@@ -17,6 +17,7 @@ |
8392 |
- |
8393 |
- #include <linux/gfp.h> |
8394 |
- #include <linux/init.h> |
8395 |
-+#include <linux/ratelimit.h> |
8396 |
- #include <linux/usb.h> |
8397 |
- #include <linux/usb/audio.h> |
8398 |
- |
8399 |
-@@ -458,8 +459,8 @@ static int retire_capture_urb(struct snd_usb_substream *subs, |
8400 |
- |
8401 |
- for (i = 0; i < urb->number_of_packets; i++) { |
8402 |
- cp = (unsigned char *)urb->transfer_buffer + urb->iso_frame_desc[i].offset; |
8403 |
-- if (urb->iso_frame_desc[i].status) { |
8404 |
-- snd_printd(KERN_ERR "frame %d active: %d\n", i, urb->iso_frame_desc[i].status); |
8405 |
-+ if (urb->iso_frame_desc[i].status && printk_ratelimit()) { |
8406 |
-+ snd_printdd("frame %d active: %d\n", i, urb->iso_frame_desc[i].status); |
8407 |
- // continue; |
8408 |
- } |
8409 |
- bytes = urb->iso_frame_desc[i].actual_length; |
8410 |
-diff --git a/sound/usb/usx2y/usb_stream.c b/sound/usb/usx2y/usb_stream.c |
8411 |
-index c400ade..1e7a47a 100644 |
8412 |
---- a/sound/usb/usx2y/usb_stream.c |
8413 |
-+++ b/sound/usb/usx2y/usb_stream.c |
8414 |
-@@ -674,7 +674,7 @@ dotry: |
8415 |
- inurb->transfer_buffer_length = |
8416 |
- inurb->number_of_packets * |
8417 |
- inurb->iso_frame_desc[0].length; |
8418 |
-- preempt_disable(); |
8419 |
-+ |
8420 |
- if (u == 0) { |
8421 |
- int now; |
8422 |
- struct usb_device *dev = inurb->dev; |
8423 |
-@@ -686,19 +686,17 @@ dotry: |
8424 |
- } |
8425 |
- err = usb_submit_urb(inurb, GFP_ATOMIC); |
8426 |
- if (err < 0) { |
8427 |
-- preempt_enable(); |
8428 |
- snd_printk(KERN_ERR"usb_submit_urb(sk->inurb[%i])" |
8429 |
- " returned %i\n", u, err); |
8430 |
- return err; |
8431 |
- } |
8432 |
- err = usb_submit_urb(outurb, GFP_ATOMIC); |
8433 |
- if (err < 0) { |
8434 |
-- preempt_enable(); |
8435 |
- snd_printk(KERN_ERR"usb_submit_urb(sk->outurb[%i])" |
8436 |
- " returned %i\n", u, err); |
8437 |
- return err; |
8438 |
- } |
8439 |
-- preempt_enable(); |
8440 |
-+ |
8441 |
- if (inurb->start_frame != outurb->start_frame) { |
8442 |
- snd_printd(KERN_DEBUG |
8443 |
- "u[%i] start_frames differ in:%u out:%u\n", |
8444 |
|
8445 |
diff --git a/3.2.2/0000_README b/3.2.4/0000_README |
8446 |
similarity index 90% |
8447 |
rename from 3.2.2/0000_README |
8448 |
rename to 3.2.4/0000_README |
8449 |
index a38ba28..97fce67 100644 |
8450 |
--- a/3.2.2/0000_README |
8451 |
+++ b/3.2.4/0000_README |
8452 |
@@ -2,11 +2,15 @@ README |
8453 |
----------------------------------------------------------------------------- |
8454 |
Individual Patch Descriptions: |
8455 |
----------------------------------------------------------------------------- |
8456 |
-Patch: 1001_linux-3.2.2.patch |
8457 |
+Patch: 1002_linux-3.2.3.patch |
8458 |
From: http://www.kernel.org |
8459 |
-Desc: Linux 3.2.2 |
8460 |
+Desc: Linux 3.2.3 |
8461 |
|
8462 |
-Patch: 4420_grsecurity-2.2.2-3.2.2-201201272014.patch |
8463 |
+Patch: 1003_linux-3.2.4.patch |
8464 |
+From: http://www.kernel.org |
8465 |
+Desc: Linux 3.2.4 |
8466 |
+ |
8467 |
+Patch: 4420_grsecurity-2.2.2-3.2.4-201202032052.patch |
8468 |
From: http://www.grsecurity.net |
8469 |
Desc: hardened-sources base patch from upstream grsecurity |
8470 |
|
8471 |
|
8472 |
diff --git a/3.2.4/1002_linux-3.2.3.patch b/3.2.4/1002_linux-3.2.3.patch |
8473 |
new file mode 100644 |
8474 |
index 0000000..98925b0 |
8475 |
--- /dev/null |
8476 |
+++ b/3.2.4/1002_linux-3.2.3.patch |
8477 |
@@ -0,0 +1,3760 @@ |
8478 |
+diff --git a/Makefile b/Makefile |
8479 |
+index 2f684da..d45e887 100644 |
8480 |
+--- a/Makefile |
8481 |
++++ b/Makefile |
8482 |
+@@ -1,6 +1,6 @@ |
8483 |
+ VERSION = 3 |
8484 |
+ PATCHLEVEL = 2 |
8485 |
+-SUBLEVEL = 2 |
8486 |
++SUBLEVEL = 3 |
8487 |
+ EXTRAVERSION = |
8488 |
+ NAME = Saber-toothed Squirrel |
8489 |
+ |
8490 |
+diff --git a/arch/arm/mach-at91/setup.c b/arch/arm/mach-at91/setup.c |
8491 |
+index aa64294..f5bbe0ef 100644 |
8492 |
+--- a/arch/arm/mach-at91/setup.c |
8493 |
++++ b/arch/arm/mach-at91/setup.c |
8494 |
+@@ -27,9 +27,12 @@ EXPORT_SYMBOL(at91_soc_initdata); |
8495 |
+ void __init at91rm9200_set_type(int type) |
8496 |
+ { |
8497 |
+ if (type == ARCH_REVISON_9200_PQFP) |
8498 |
+- at91_soc_initdata.subtype = AT91_SOC_RM9200_BGA; |
8499 |
+- else |
8500 |
+ at91_soc_initdata.subtype = AT91_SOC_RM9200_PQFP; |
8501 |
++ else |
8502 |
++ at91_soc_initdata.subtype = AT91_SOC_RM9200_BGA; |
8503 |
++ |
8504 |
++ pr_info("AT91: filled in soc subtype: %s\n", |
8505 |
++ at91_get_soc_subtype(&at91_soc_initdata)); |
8506 |
+ } |
8507 |
+ |
8508 |
+ void __init at91_init_irq_default(void) |
8509 |
+diff --git a/arch/arm/mach-ux500/Kconfig b/arch/arm/mach-ux500/Kconfig |
8510 |
+index a3e0c86..52af004 100644 |
8511 |
+--- a/arch/arm/mach-ux500/Kconfig |
8512 |
++++ b/arch/arm/mach-ux500/Kconfig |
8513 |
+@@ -7,6 +7,7 @@ config UX500_SOC_COMMON |
8514 |
+ select HAS_MTU |
8515 |
+ select ARM_ERRATA_753970 |
8516 |
+ select ARM_ERRATA_754322 |
8517 |
++ select ARM_ERRATA_764369 |
8518 |
+ |
8519 |
+ menu "Ux500 SoC" |
8520 |
+ |
8521 |
+diff --git a/arch/arm/mach-ux500/board-mop500-sdi.c b/arch/arm/mach-ux500/board-mop500-sdi.c |
8522 |
+index 6826fae..306cff0 100644 |
8523 |
+--- a/arch/arm/mach-ux500/board-mop500-sdi.c |
8524 |
++++ b/arch/arm/mach-ux500/board-mop500-sdi.c |
8525 |
+@@ -233,6 +233,8 @@ void __init snowball_sdi_init(void) |
8526 |
+ { |
8527 |
+ u32 periphid = 0x10480180; |
8528 |
+ |
8529 |
++ /* On Snowball MMC_CAP_SD_HIGHSPEED isn't supported on sdi0 */ |
8530 |
++ mop500_sdi0_data.capabilities &= ~MMC_CAP_SD_HIGHSPEED; |
8531 |
+ mop500_sdi2_data.capabilities |= MMC_CAP_MMC_HIGHSPEED; |
8532 |
+ |
8533 |
+ /* On-board eMMC */ |
8534 |
+diff --git a/arch/arm/mm/proc-v7.S b/arch/arm/mm/proc-v7.S |
8535 |
+index e70a737..40cc7aa 100644 |
8536 |
+--- a/arch/arm/mm/proc-v7.S |
8537 |
++++ b/arch/arm/mm/proc-v7.S |
8538 |
+@@ -271,10 +271,6 @@ ENDPROC(cpu_v7_do_resume) |
8539 |
+ * Initialise TLB, Caches, and MMU state ready to switch the MMU |
8540 |
+ * on. Return in r0 the new CP15 C1 control register setting. |
8541 |
+ * |
8542 |
+- * We automatically detect if we have a Harvard cache, and use the |
8543 |
+- * Harvard cache control instructions insead of the unified cache |
8544 |
+- * control instructions. |
8545 |
+- * |
8546 |
+ * This should be able to cover all ARMv7 cores. |
8547 |
+ * |
8548 |
+ * It is assumed that: |
8549 |
+@@ -373,9 +369,7 @@ __v7_setup: |
8550 |
+ #endif |
8551 |
+ |
8552 |
+ 3: mov r10, #0 |
8553 |
+-#ifdef HARVARD_CACHE |
8554 |
+ mcr p15, 0, r10, c7, c5, 0 @ I+BTB cache invalidate |
8555 |
+-#endif |
8556 |
+ dsb |
8557 |
+ #ifdef CONFIG_MMU |
8558 |
+ mcr p15, 0, r10, c8, c7, 0 @ invalidate I + D TLBs |
8559 |
+diff --git a/arch/m68k/atari/config.c b/arch/m68k/atari/config.c |
8560 |
+index 4203d10..c4ac15c 100644 |
8561 |
+--- a/arch/m68k/atari/config.c |
8562 |
++++ b/arch/m68k/atari/config.c |
8563 |
+@@ -414,9 +414,9 @@ void __init config_atari(void) |
8564 |
+ * FDC val = 4 -> Supervisor only */ |
8565 |
+ asm volatile ("\n" |
8566 |
+ " .chip 68030\n" |
8567 |
+- " pmove %0@,%/tt1\n" |
8568 |
++ " pmove %0,%/tt1\n" |
8569 |
+ " .chip 68k" |
8570 |
+- : : "a" (&tt1_val)); |
8571 |
++ : : "m" (tt1_val)); |
8572 |
+ } else { |
8573 |
+ asm volatile ("\n" |
8574 |
+ " .chip 68040\n" |
8575 |
+@@ -569,10 +569,10 @@ static void atari_reset(void) |
8576 |
+ : "d0"); |
8577 |
+ } else |
8578 |
+ asm volatile ("\n" |
8579 |
+- " pmove %0@,%%tc\n" |
8580 |
++ " pmove %0,%%tc\n" |
8581 |
+ " jmp %1@" |
8582 |
+ : /* no outputs */ |
8583 |
+- : "a" (&tc_val), "a" (reset_addr)); |
8584 |
++ : "m" (tc_val), "a" (reset_addr)); |
8585 |
+ } |
8586 |
+ |
8587 |
+ |
8588 |
+diff --git a/arch/m68k/kernel/process_mm.c b/arch/m68k/kernel/process_mm.c |
8589 |
+index 1bc223a..aa4ffb8 100644 |
8590 |
+--- a/arch/m68k/kernel/process_mm.c |
8591 |
++++ b/arch/m68k/kernel/process_mm.c |
8592 |
+@@ -189,8 +189,8 @@ void flush_thread(void) |
8593 |
+ current->thread.fs = __USER_DS; |
8594 |
+ if (!FPU_IS_EMU) |
8595 |
+ asm volatile (".chip 68k/68881\n\t" |
8596 |
+- "frestore %0@\n\t" |
8597 |
+- ".chip 68k" : : "a" (&zero)); |
8598 |
++ "frestore %0\n\t" |
8599 |
++ ".chip 68k" : : "m" (zero)); |
8600 |
+ } |
8601 |
+ |
8602 |
+ /* |
8603 |
+diff --git a/arch/m68k/kernel/process_no.c b/arch/m68k/kernel/process_no.c |
8604 |
+index 69c1803..5e1078c 100644 |
8605 |
+--- a/arch/m68k/kernel/process_no.c |
8606 |
++++ b/arch/m68k/kernel/process_no.c |
8607 |
+@@ -163,8 +163,8 @@ void flush_thread(void) |
8608 |
+ #ifdef CONFIG_FPU |
8609 |
+ if (!FPU_IS_EMU) |
8610 |
+ asm volatile (".chip 68k/68881\n\t" |
8611 |
+- "frestore %0@\n\t" |
8612 |
+- ".chip 68k" : : "a" (&zero)); |
8613 |
++ "frestore %0\n\t" |
8614 |
++ ".chip 68k" : : "m" (zero)); |
8615 |
+ #endif |
8616 |
+ } |
8617 |
+ |
8618 |
+diff --git a/arch/m68k/kernel/traps.c b/arch/m68k/kernel/traps.c |
8619 |
+index 89362f2..eb67469 100644 |
8620 |
+--- a/arch/m68k/kernel/traps.c |
8621 |
++++ b/arch/m68k/kernel/traps.c |
8622 |
+@@ -552,13 +552,13 @@ static inline void bus_error030 (struct frame *fp) |
8623 |
+ |
8624 |
+ #ifdef DEBUG |
8625 |
+ asm volatile ("ptestr %3,%2@,#7,%0\n\t" |
8626 |
+- "pmove %%psr,%1@" |
8627 |
+- : "=a&" (desc) |
8628 |
+- : "a" (&temp), "a" (addr), "d" (ssw)); |
8629 |
++ "pmove %%psr,%1" |
8630 |
++ : "=a&" (desc), "=m" (temp) |
8631 |
++ : "a" (addr), "d" (ssw)); |
8632 |
+ #else |
8633 |
+ asm volatile ("ptestr %2,%1@,#7\n\t" |
8634 |
+- "pmove %%psr,%0@" |
8635 |
+- : : "a" (&temp), "a" (addr), "d" (ssw)); |
8636 |
++ "pmove %%psr,%0" |
8637 |
++ : "=m" (temp) : "a" (addr), "d" (ssw)); |
8638 |
+ #endif |
8639 |
+ mmusr = temp; |
8640 |
+ |
8641 |
+@@ -605,20 +605,18 @@ static inline void bus_error030 (struct frame *fp) |
8642 |
+ !(ssw & RW) ? "write" : "read", addr, |
8643 |
+ fp->ptregs.pc, ssw); |
8644 |
+ asm volatile ("ptestr #1,%1@,#0\n\t" |
8645 |
+- "pmove %%psr,%0@" |
8646 |
+- : /* no outputs */ |
8647 |
+- : "a" (&temp), "a" (addr)); |
8648 |
++ "pmove %%psr,%0" |
8649 |
++ : "=m" (temp) |
8650 |
++ : "a" (addr)); |
8651 |
+ mmusr = temp; |
8652 |
+ |
8653 |
+ printk ("level 0 mmusr is %#x\n", mmusr); |
8654 |
+ #if 0 |
8655 |
+- asm volatile ("pmove %%tt0,%0@" |
8656 |
+- : /* no outputs */ |
8657 |
+- : "a" (&tlong)); |
8658 |
++ asm volatile ("pmove %%tt0,%0" |
8659 |
++ : "=m" (tlong)); |
8660 |
+ printk("tt0 is %#lx, ", tlong); |
8661 |
+- asm volatile ("pmove %%tt1,%0@" |
8662 |
+- : /* no outputs */ |
8663 |
+- : "a" (&tlong)); |
8664 |
++ asm volatile ("pmove %%tt1,%0" |
8665 |
++ : "=m" (tlong)); |
8666 |
+ printk("tt1 is %#lx\n", tlong); |
8667 |
+ #endif |
8668 |
+ #ifdef DEBUG |
8669 |
+@@ -668,13 +666,13 @@ static inline void bus_error030 (struct frame *fp) |
8670 |
+ |
8671 |
+ #ifdef DEBUG |
8672 |
+ asm volatile ("ptestr #1,%2@,#7,%0\n\t" |
8673 |
+- "pmove %%psr,%1@" |
8674 |
+- : "=a&" (desc) |
8675 |
+- : "a" (&temp), "a" (addr)); |
8676 |
++ "pmove %%psr,%1" |
8677 |
++ : "=a&" (desc), "=m" (temp) |
8678 |
++ : "a" (addr)); |
8679 |
+ #else |
8680 |
+ asm volatile ("ptestr #1,%1@,#7\n\t" |
8681 |
+- "pmove %%psr,%0@" |
8682 |
+- : : "a" (&temp), "a" (addr)); |
8683 |
++ "pmove %%psr,%0" |
8684 |
++ : "=m" (temp) : "a" (addr)); |
8685 |
+ #endif |
8686 |
+ mmusr = temp; |
8687 |
+ |
8688 |
+diff --git a/arch/m68k/mm/cache.c b/arch/m68k/mm/cache.c |
8689 |
+index 5437fff..5550aa4 100644 |
8690 |
+--- a/arch/m68k/mm/cache.c |
8691 |
++++ b/arch/m68k/mm/cache.c |
8692 |
+@@ -52,9 +52,9 @@ static unsigned long virt_to_phys_slow(unsigned long vaddr) |
8693 |
+ unsigned long *descaddr; |
8694 |
+ |
8695 |
+ asm volatile ("ptestr %3,%2@,#7,%0\n\t" |
8696 |
+- "pmove %%psr,%1@" |
8697 |
+- : "=a&" (descaddr) |
8698 |
+- : "a" (&mmusr), "a" (vaddr), "d" (get_fs().seg)); |
8699 |
++ "pmove %%psr,%1" |
8700 |
++ : "=a&" (descaddr), "=m" (mmusr) |
8701 |
++ : "a" (vaddr), "d" (get_fs().seg)); |
8702 |
+ if (mmusr & (MMU_I|MMU_B|MMU_L)) |
8703 |
+ return 0; |
8704 |
+ descaddr = phys_to_virt((unsigned long)descaddr); |
8705 |
+diff --git a/arch/x86/include/asm/uv/uv_hub.h b/arch/x86/include/asm/uv/uv_hub.h |
8706 |
+index 54a13aa..21f7385 100644 |
8707 |
+--- a/arch/x86/include/asm/uv/uv_hub.h |
8708 |
++++ b/arch/x86/include/asm/uv/uv_hub.h |
8709 |
+@@ -318,13 +318,13 @@ uv_gpa_in_mmr_space(unsigned long gpa) |
8710 |
+ /* UV global physical address --> socket phys RAM */ |
8711 |
+ static inline unsigned long uv_gpa_to_soc_phys_ram(unsigned long gpa) |
8712 |
+ { |
8713 |
+- unsigned long paddr = gpa & uv_hub_info->gpa_mask; |
8714 |
++ unsigned long paddr; |
8715 |
+ unsigned long remap_base = uv_hub_info->lowmem_remap_base; |
8716 |
+ unsigned long remap_top = uv_hub_info->lowmem_remap_top; |
8717 |
+ |
8718 |
+ gpa = ((gpa << uv_hub_info->m_shift) >> uv_hub_info->m_shift) | |
8719 |
+ ((gpa >> uv_hub_info->n_lshift) << uv_hub_info->m_val); |
8720 |
+- gpa = gpa & uv_hub_info->gpa_mask; |
8721 |
++ paddr = gpa & uv_hub_info->gpa_mask; |
8722 |
+ if (paddr >= remap_base && paddr < remap_base + remap_top) |
8723 |
+ paddr -= remap_base; |
8724 |
+ return paddr; |
8725 |
+diff --git a/arch/x86/kernel/microcode_amd.c b/arch/x86/kernel/microcode_amd.c |
8726 |
+index d494799..ac52c15 100644 |
8727 |
+--- a/arch/x86/kernel/microcode_amd.c |
8728 |
++++ b/arch/x86/kernel/microcode_amd.c |
8729 |
+@@ -300,13 +300,33 @@ free_table: |
8730 |
+ return state; |
8731 |
+ } |
8732 |
+ |
8733 |
++/* |
8734 |
++ * AMD microcode firmware naming convention, up to family 15h they are in |
8735 |
++ * the legacy file: |
8736 |
++ * |
8737 |
++ * amd-ucode/microcode_amd.bin |
8738 |
++ * |
8739 |
++ * This legacy file is always smaller than 2K in size. |
8740 |
++ * |
8741 |
++ * Starting at family 15h they are in family specific firmware files: |
8742 |
++ * |
8743 |
++ * amd-ucode/microcode_amd_fam15h.bin |
8744 |
++ * amd-ucode/microcode_amd_fam16h.bin |
8745 |
++ * ... |
8746 |
++ * |
8747 |
++ * These might be larger than 2K. |
8748 |
++ */ |
8749 |
+ static enum ucode_state request_microcode_amd(int cpu, struct device *device) |
8750 |
+ { |
8751 |
+- const char *fw_name = "amd-ucode/microcode_amd.bin"; |
8752 |
++ char fw_name[36] = "amd-ucode/microcode_amd.bin"; |
8753 |
+ const struct firmware *fw; |
8754 |
+ enum ucode_state ret = UCODE_NFOUND; |
8755 |
++ struct cpuinfo_x86 *c = &cpu_data(cpu); |
8756 |
++ |
8757 |
++ if (c->x86 >= 0x15) |
8758 |
++ snprintf(fw_name, sizeof(fw_name), "amd-ucode/microcode_amd_fam%.2xh.bin", c->x86); |
8759 |
+ |
8760 |
+- if (request_firmware(&fw, fw_name, device)) { |
8761 |
++ if (request_firmware(&fw, (const char *)fw_name, device)) { |
8762 |
+ pr_err("failed to load file %s\n", fw_name); |
8763 |
+ goto out; |
8764 |
+ } |
8765 |
+diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c |
8766 |
+index 7b65f75..7c1b765 100644 |
8767 |
+--- a/arch/x86/net/bpf_jit_comp.c |
8768 |
++++ b/arch/x86/net/bpf_jit_comp.c |
8769 |
+@@ -151,17 +151,18 @@ void bpf_jit_compile(struct sk_filter *fp) |
8770 |
+ cleanup_addr = proglen; /* epilogue address */ |
8771 |
+ |
8772 |
+ for (pass = 0; pass < 10; pass++) { |
8773 |
++ u8 seen_or_pass0 = (pass == 0) ? (SEEN_XREG | SEEN_DATAREF | SEEN_MEM) : seen; |
8774 |
+ /* no prologue/epilogue for trivial filters (RET something) */ |
8775 |
+ proglen = 0; |
8776 |
+ prog = temp; |
8777 |
+ |
8778 |
+- if (seen) { |
8779 |
++ if (seen_or_pass0) { |
8780 |
+ EMIT4(0x55, 0x48, 0x89, 0xe5); /* push %rbp; mov %rsp,%rbp */ |
8781 |
+ EMIT4(0x48, 0x83, 0xec, 96); /* subq $96,%rsp */ |
8782 |
+ /* note : must save %rbx in case bpf_error is hit */ |
8783 |
+- if (seen & (SEEN_XREG | SEEN_DATAREF)) |
8784 |
++ if (seen_or_pass0 & (SEEN_XREG | SEEN_DATAREF)) |
8785 |
+ EMIT4(0x48, 0x89, 0x5d, 0xf8); /* mov %rbx, -8(%rbp) */ |
8786 |
+- if (seen & SEEN_XREG) |
8787 |
++ if (seen_or_pass0 & SEEN_XREG) |
8788 |
+ CLEAR_X(); /* make sure we dont leek kernel memory */ |
8789 |
+ |
8790 |
+ /* |
8791 |
+@@ -170,7 +171,7 @@ void bpf_jit_compile(struct sk_filter *fp) |
8792 |
+ * r9 = skb->len - skb->data_len |
8793 |
+ * r8 = skb->data |
8794 |
+ */ |
8795 |
+- if (seen & SEEN_DATAREF) { |
8796 |
++ if (seen_or_pass0 & SEEN_DATAREF) { |
8797 |
+ if (offsetof(struct sk_buff, len) <= 127) |
8798 |
+ /* mov off8(%rdi),%r9d */ |
8799 |
+ EMIT4(0x44, 0x8b, 0x4f, offsetof(struct sk_buff, len)); |
8800 |
+@@ -260,9 +261,14 @@ void bpf_jit_compile(struct sk_filter *fp) |
8801 |
+ case BPF_S_ALU_DIV_X: /* A /= X; */ |
8802 |
+ seen |= SEEN_XREG; |
8803 |
+ EMIT2(0x85, 0xdb); /* test %ebx,%ebx */ |
8804 |
+- if (pc_ret0 != -1) |
8805 |
+- EMIT_COND_JMP(X86_JE, addrs[pc_ret0] - (addrs[i] - 4)); |
8806 |
+- else { |
8807 |
++ if (pc_ret0 > 0) { |
8808 |
++ /* addrs[pc_ret0 - 1] is start address of target |
8809 |
++ * (addrs[i] - 4) is the address following this jmp |
8810 |
++ * ("xor %edx,%edx; div %ebx" being 4 bytes long) |
8811 |
++ */ |
8812 |
++ EMIT_COND_JMP(X86_JE, addrs[pc_ret0 - 1] - |
8813 |
++ (addrs[i] - 4)); |
8814 |
++ } else { |
8815 |
+ EMIT_COND_JMP(X86_JNE, 2 + 5); |
8816 |
+ CLEAR_A(); |
8817 |
+ EMIT1_off32(0xe9, cleanup_addr - (addrs[i] - 4)); /* jmp .+off32 */ |
8818 |
+@@ -335,12 +341,12 @@ void bpf_jit_compile(struct sk_filter *fp) |
8819 |
+ } |
8820 |
+ /* fallinto */ |
8821 |
+ case BPF_S_RET_A: |
8822 |
+- if (seen) { |
8823 |
++ if (seen_or_pass0) { |
8824 |
+ if (i != flen - 1) { |
8825 |
+ EMIT_JMP(cleanup_addr - addrs[i]); |
8826 |
+ break; |
8827 |
+ } |
8828 |
+- if (seen & SEEN_XREG) |
8829 |
++ if (seen_or_pass0 & SEEN_XREG) |
8830 |
+ EMIT4(0x48, 0x8b, 0x5d, 0xf8); /* mov -8(%rbp),%rbx */ |
8831 |
+ EMIT1(0xc9); /* leaveq */ |
8832 |
+ } |
8833 |
+@@ -483,8 +489,9 @@ common_load: seen |= SEEN_DATAREF; |
8834 |
+ goto common_load; |
8835 |
+ case BPF_S_LDX_B_MSH: |
8836 |
+ if ((int)K < 0) { |
8837 |
+- if (pc_ret0 != -1) { |
8838 |
+- EMIT_JMP(addrs[pc_ret0] - addrs[i]); |
8839 |
++ if (pc_ret0 > 0) { |
8840 |
++ /* addrs[pc_ret0 - 1] is the start address */ |
8841 |
++ EMIT_JMP(addrs[pc_ret0 - 1] - addrs[i]); |
8842 |
+ break; |
8843 |
+ } |
8844 |
+ CLEAR_A(); |
8845 |
+@@ -599,13 +606,14 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; |
8846 |
+ * use it to give the cleanup instruction(s) addr |
8847 |
+ */ |
8848 |
+ cleanup_addr = proglen - 1; /* ret */ |
8849 |
+- if (seen) |
8850 |
++ if (seen_or_pass0) |
8851 |
+ cleanup_addr -= 1; /* leaveq */ |
8852 |
+- if (seen & SEEN_XREG) |
8853 |
++ if (seen_or_pass0 & SEEN_XREG) |
8854 |
+ cleanup_addr -= 4; /* mov -8(%rbp),%rbx */ |
8855 |
+ |
8856 |
+ if (image) { |
8857 |
+- WARN_ON(proglen != oldproglen); |
8858 |
++ if (proglen != oldproglen) |
8859 |
++ pr_err("bpb_jit_compile proglen=%u != oldproglen=%u\n", proglen, oldproglen); |
8860 |
+ break; |
8861 |
+ } |
8862 |
+ if (proglen == oldproglen) { |
8863 |
+diff --git a/arch/x86/platform/uv/tlb_uv.c b/arch/x86/platform/uv/tlb_uv.c |
8864 |
+index 9010ca7..81aee5a 100644 |
8865 |
+--- a/arch/x86/platform/uv/tlb_uv.c |
8866 |
++++ b/arch/x86/platform/uv/tlb_uv.c |
8867 |
+@@ -1860,6 +1860,8 @@ static void __init init_per_cpu_tunables(void) |
8868 |
+ bcp->cong_reps = congested_reps; |
8869 |
+ bcp->cong_period = congested_period; |
8870 |
+ bcp->clocks_per_100_usec = usec_2_cycles(100); |
8871 |
++ spin_lock_init(&bcp->queue_lock); |
8872 |
++ spin_lock_init(&bcp->uvhub_lock); |
8873 |
+ } |
8874 |
+ } |
8875 |
+ |
8876 |
+diff --git a/arch/x86/platform/uv/uv_irq.c b/arch/x86/platform/uv/uv_irq.c |
8877 |
+index 374a05d..f25c276 100644 |
8878 |
+--- a/arch/x86/platform/uv/uv_irq.c |
8879 |
++++ b/arch/x86/platform/uv/uv_irq.c |
8880 |
+@@ -25,7 +25,7 @@ struct uv_irq_2_mmr_pnode{ |
8881 |
+ int irq; |
8882 |
+ }; |
8883 |
+ |
8884 |
+-static spinlock_t uv_irq_lock; |
8885 |
++static DEFINE_SPINLOCK(uv_irq_lock); |
8886 |
+ static struct rb_root uv_irq_root; |
8887 |
+ |
8888 |
+ static int uv_set_irq_affinity(struct irq_data *, const struct cpumask *, bool); |
8889 |
+diff --git a/arch/x86/xen/spinlock.c b/arch/x86/xen/spinlock.c |
8890 |
+index cc9b1e1..d69cc6c 100644 |
8891 |
+--- a/arch/x86/xen/spinlock.c |
8892 |
++++ b/arch/x86/xen/spinlock.c |
8893 |
+@@ -116,9 +116,26 @@ static inline void spin_time_accum_blocked(u64 start) |
8894 |
+ } |
8895 |
+ #endif /* CONFIG_XEN_DEBUG_FS */ |
8896 |
+ |
8897 |
++/* |
8898 |
++ * Size struct xen_spinlock so it's the same as arch_spinlock_t. |
8899 |
++ */ |
8900 |
++#if NR_CPUS < 256 |
8901 |
++typedef u8 xen_spinners_t; |
8902 |
++# define inc_spinners(xl) \ |
8903 |
++ asm(LOCK_PREFIX " incb %0" : "+m" ((xl)->spinners) : : "memory"); |
8904 |
++# define dec_spinners(xl) \ |
8905 |
++ asm(LOCK_PREFIX " decb %0" : "+m" ((xl)->spinners) : : "memory"); |
8906 |
++#else |
8907 |
++typedef u16 xen_spinners_t; |
8908 |
++# define inc_spinners(xl) \ |
8909 |
++ asm(LOCK_PREFIX " incw %0" : "+m" ((xl)->spinners) : : "memory"); |
8910 |
++# define dec_spinners(xl) \ |
8911 |
++ asm(LOCK_PREFIX " decw %0" : "+m" ((xl)->spinners) : : "memory"); |
8912 |
++#endif |
8913 |
++ |
8914 |
+ struct xen_spinlock { |
8915 |
+ unsigned char lock; /* 0 -> free; 1 -> locked */ |
8916 |
+- unsigned short spinners; /* count of waiting cpus */ |
8917 |
++ xen_spinners_t spinners; /* count of waiting cpus */ |
8918 |
+ }; |
8919 |
+ |
8920 |
+ static int xen_spin_is_locked(struct arch_spinlock *lock) |
8921 |
+@@ -164,8 +181,7 @@ static inline struct xen_spinlock *spinning_lock(struct xen_spinlock *xl) |
8922 |
+ |
8923 |
+ wmb(); /* set lock of interest before count */ |
8924 |
+ |
8925 |
+- asm(LOCK_PREFIX " incw %0" |
8926 |
+- : "+m" (xl->spinners) : : "memory"); |
8927 |
++ inc_spinners(xl); |
8928 |
+ |
8929 |
+ return prev; |
8930 |
+ } |
8931 |
+@@ -176,8 +192,7 @@ static inline struct xen_spinlock *spinning_lock(struct xen_spinlock *xl) |
8932 |
+ */ |
8933 |
+ static inline void unspinning_lock(struct xen_spinlock *xl, struct xen_spinlock *prev) |
8934 |
+ { |
8935 |
+- asm(LOCK_PREFIX " decw %0" |
8936 |
+- : "+m" (xl->spinners) : : "memory"); |
8937 |
++ dec_spinners(xl); |
8938 |
+ wmb(); /* decrement count before restoring lock */ |
8939 |
+ __this_cpu_write(lock_spinners, prev); |
8940 |
+ } |
8941 |
+@@ -373,6 +388,8 @@ void xen_uninit_lock_cpu(int cpu) |
8942 |
+ |
8943 |
+ void __init xen_init_spinlocks(void) |
8944 |
+ { |
8945 |
++ BUILD_BUG_ON(sizeof(struct xen_spinlock) > sizeof(arch_spinlock_t)); |
8946 |
++ |
8947 |
+ pv_lock_ops.spin_is_locked = xen_spin_is_locked; |
8948 |
+ pv_lock_ops.spin_is_contended = xen_spin_is_contended; |
8949 |
+ pv_lock_ops.spin_lock = xen_spin_lock; |
8950 |
+diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c |
8951 |
+index 9ed9f60..88f160b 100644 |
8952 |
+--- a/crypto/sha512_generic.c |
8953 |
++++ b/crypto/sha512_generic.c |
8954 |
+@@ -21,8 +21,6 @@ |
8955 |
+ #include <linux/percpu.h> |
8956 |
+ #include <asm/byteorder.h> |
8957 |
+ |
8958 |
+-static DEFINE_PER_CPU(u64[80], msg_schedule); |
8959 |
+- |
8960 |
+ static inline u64 Ch(u64 x, u64 y, u64 z) |
8961 |
+ { |
8962 |
+ return z ^ (x & (y ^ z)); |
8963 |
+@@ -80,7 +78,7 @@ static inline void LOAD_OP(int I, u64 *W, const u8 *input) |
8964 |
+ |
8965 |
+ static inline void BLEND_OP(int I, u64 *W) |
8966 |
+ { |
8967 |
+- W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16]; |
8968 |
++ W[I % 16] += s1(W[(I-2) % 16]) + W[(I-7) % 16] + s0(W[(I-15) % 16]); |
8969 |
+ } |
8970 |
+ |
8971 |
+ static void |
8972 |
+@@ -89,38 +87,48 @@ sha512_transform(u64 *state, const u8 *input) |
8973 |
+ u64 a, b, c, d, e, f, g, h, t1, t2; |
8974 |
+ |
8975 |
+ int i; |
8976 |
+- u64 *W = get_cpu_var(msg_schedule); |
8977 |
++ u64 W[16]; |
8978 |
+ |
8979 |
+ /* load the input */ |
8980 |
+ for (i = 0; i < 16; i++) |
8981 |
+ LOAD_OP(i, W, input); |
8982 |
+ |
8983 |
+- for (i = 16; i < 80; i++) { |
8984 |
+- BLEND_OP(i, W); |
8985 |
+- } |
8986 |
+- |
8987 |
+ /* load the state into our registers */ |
8988 |
+ a=state[0]; b=state[1]; c=state[2]; d=state[3]; |
8989 |
+ e=state[4]; f=state[5]; g=state[6]; h=state[7]; |
8990 |
+ |
8991 |
+- /* now iterate */ |
8992 |
+- for (i=0; i<80; i+=8) { |
8993 |
+- t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[i ]; |
8994 |
+- t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; |
8995 |
+- t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[i+1]; |
8996 |
+- t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; |
8997 |
+- t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[i+2]; |
8998 |
+- t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; |
8999 |
+- t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[i+3]; |
9000 |
+- t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; |
9001 |
+- t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[i+4]; |
9002 |
+- t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; |
9003 |
+- t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[i+5]; |
9004 |
+- t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; |
9005 |
+- t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[i+6]; |
9006 |
+- t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; |
9007 |
+- t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[i+7]; |
9008 |
+- t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; |
9009 |
++#define SHA512_0_15(i, a, b, c, d, e, f, g, h) \ |
9010 |
++ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[i]; \ |
9011 |
++ t2 = e0(a) + Maj(a, b, c); \ |
9012 |
++ d += t1; \ |
9013 |
++ h = t1 + t2 |
9014 |
++ |
9015 |
++#define SHA512_16_79(i, a, b, c, d, e, f, g, h) \ |
9016 |
++ BLEND_OP(i, W); \ |
9017 |
++ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[(i)%16]; \ |
9018 |
++ t2 = e0(a) + Maj(a, b, c); \ |
9019 |
++ d += t1; \ |
9020 |
++ h = t1 + t2 |
9021 |
++ |
9022 |
++ for (i = 0; i < 16; i += 8) { |
9023 |
++ SHA512_0_15(i, a, b, c, d, e, f, g, h); |
9024 |
++ SHA512_0_15(i + 1, h, a, b, c, d, e, f, g); |
9025 |
++ SHA512_0_15(i + 2, g, h, a, b, c, d, e, f); |
9026 |
++ SHA512_0_15(i + 3, f, g, h, a, b, c, d, e); |
9027 |
++ SHA512_0_15(i + 4, e, f, g, h, a, b, c, d); |
9028 |
++ SHA512_0_15(i + 5, d, e, f, g, h, a, b, c); |
9029 |
++ SHA512_0_15(i + 6, c, d, e, f, g, h, a, b); |
9030 |
++ SHA512_0_15(i + 7, b, c, d, e, f, g, h, a); |
9031 |
++ } |
9032 |
++ for (i = 16; i < 80; i += 8) { |
9033 |
++ SHA512_16_79(i, a, b, c, d, e, f, g, h); |
9034 |
++ SHA512_16_79(i + 1, h, a, b, c, d, e, f, g); |
9035 |
++ SHA512_16_79(i + 2, g, h, a, b, c, d, e, f); |
9036 |
++ SHA512_16_79(i + 3, f, g, h, a, b, c, d, e); |
9037 |
++ SHA512_16_79(i + 4, e, f, g, h, a, b, c, d); |
9038 |
++ SHA512_16_79(i + 5, d, e, f, g, h, a, b, c); |
9039 |
++ SHA512_16_79(i + 6, c, d, e, f, g, h, a, b); |
9040 |
++ SHA512_16_79(i + 7, b, c, d, e, f, g, h, a); |
9041 |
+ } |
9042 |
+ |
9043 |
+ state[0] += a; state[1] += b; state[2] += c; state[3] += d; |
9044 |
+@@ -128,8 +136,6 @@ sha512_transform(u64 *state, const u8 *input) |
9045 |
+ |
9046 |
+ /* erase our data */ |
9047 |
+ a = b = c = d = e = f = g = h = t1 = t2 = 0; |
9048 |
+- memset(W, 0, sizeof(__get_cpu_var(msg_schedule))); |
9049 |
+- put_cpu_var(msg_schedule); |
9050 |
+ } |
9051 |
+ |
9052 |
+ static int |
9053 |
+diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c |
9054 |
+index 3f4051a..c7e5282 100644 |
9055 |
+--- a/drivers/char/tpm/tpm_tis.c |
9056 |
++++ b/drivers/char/tpm/tpm_tis.c |
9057 |
+@@ -432,6 +432,9 @@ static int probe_itpm(struct tpm_chip *chip) |
9058 |
+ out: |
9059 |
+ itpm = rem_itpm; |
9060 |
+ tpm_tis_ready(chip); |
9061 |
++ /* some TPMs need a break here otherwise they will not work |
9062 |
++ * correctly on the immediately subsequent command */ |
9063 |
++ msleep(chip->vendor.timeout_b); |
9064 |
+ release_locality(chip, chip->vendor.locality, 0); |
9065 |
+ |
9066 |
+ return rc; |
9067 |
+diff --git a/drivers/gpu/drm/drm_auth.c b/drivers/gpu/drm/drm_auth.c |
9068 |
+index 3f46772..ba23790 100644 |
9069 |
+--- a/drivers/gpu/drm/drm_auth.c |
9070 |
++++ b/drivers/gpu/drm/drm_auth.c |
9071 |
+@@ -101,7 +101,7 @@ static int drm_add_magic(struct drm_master *master, struct drm_file *priv, |
9072 |
+ * Searches and unlinks the entry in drm_device::magiclist with the magic |
9073 |
+ * number hash key, while holding the drm_device::struct_mutex lock. |
9074 |
+ */ |
9075 |
+-static int drm_remove_magic(struct drm_master *master, drm_magic_t magic) |
9076 |
++int drm_remove_magic(struct drm_master *master, drm_magic_t magic) |
9077 |
+ { |
9078 |
+ struct drm_magic_entry *pt; |
9079 |
+ struct drm_hash_item *hash; |
9080 |
+@@ -136,6 +136,8 @@ static int drm_remove_magic(struct drm_master *master, drm_magic_t magic) |
9081 |
+ * If there is a magic number in drm_file::magic then use it, otherwise |
9082 |
+ * searches an unique non-zero magic number and add it associating it with \p |
9083 |
+ * file_priv. |
9084 |
++ * This ioctl needs protection by the drm_global_mutex, which protects |
9085 |
++ * struct drm_file::magic and struct drm_magic_entry::priv. |
9086 |
+ */ |
9087 |
+ int drm_getmagic(struct drm_device *dev, void *data, struct drm_file *file_priv) |
9088 |
+ { |
9089 |
+@@ -173,6 +175,8 @@ int drm_getmagic(struct drm_device *dev, void *data, struct drm_file *file_priv) |
9090 |
+ * \return zero if authentication successed, or a negative number otherwise. |
9091 |
+ * |
9092 |
+ * Checks if \p file_priv is associated with the magic number passed in \arg. |
9093 |
++ * This ioctl needs protection by the drm_global_mutex, which protects |
9094 |
++ * struct drm_file::magic and struct drm_magic_entry::priv. |
9095 |
+ */ |
9096 |
+ int drm_authmagic(struct drm_device *dev, void *data, |
9097 |
+ struct drm_file *file_priv) |
9098 |
+diff --git a/drivers/gpu/drm/drm_fops.c b/drivers/gpu/drm/drm_fops.c |
9099 |
+index 4911e1d..828bf65 100644 |
9100 |
+--- a/drivers/gpu/drm/drm_fops.c |
9101 |
++++ b/drivers/gpu/drm/drm_fops.c |
9102 |
+@@ -487,6 +487,11 @@ int drm_release(struct inode *inode, struct file *filp) |
9103 |
+ (long)old_encode_dev(file_priv->minor->device), |
9104 |
+ dev->open_count); |
9105 |
+ |
9106 |
++ /* Release any auth tokens that might point to this file_priv, |
9107 |
++ (do that under the drm_global_mutex) */ |
9108 |
++ if (file_priv->magic) |
9109 |
++ (void) drm_remove_magic(file_priv->master, file_priv->magic); |
9110 |
++ |
9111 |
+ /* if the master has gone away we can't do anything with the lock */ |
9112 |
+ if (file_priv->minor->master) |
9113 |
+ drm_master_release(dev, filp); |
9114 |
+diff --git a/drivers/gpu/drm/i915/i915_suspend.c b/drivers/gpu/drm/i915/i915_suspend.c |
9115 |
+index 7886e4f..43cbafe 100644 |
9116 |
+--- a/drivers/gpu/drm/i915/i915_suspend.c |
9117 |
++++ b/drivers/gpu/drm/i915/i915_suspend.c |
9118 |
+@@ -822,7 +822,7 @@ int i915_save_state(struct drm_device *dev) |
9119 |
+ |
9120 |
+ if (IS_IRONLAKE_M(dev)) |
9121 |
+ ironlake_disable_drps(dev); |
9122 |
+- if (IS_GEN6(dev)) |
9123 |
++ if (INTEL_INFO(dev)->gen >= 6) |
9124 |
+ gen6_disable_rps(dev); |
9125 |
+ |
9126 |
+ /* Cache mode state */ |
9127 |
+@@ -881,7 +881,7 @@ int i915_restore_state(struct drm_device *dev) |
9128 |
+ intel_init_emon(dev); |
9129 |
+ } |
9130 |
+ |
9131 |
+- if (IS_GEN6(dev)) { |
9132 |
++ if (INTEL_INFO(dev)->gen >= 6) { |
9133 |
+ gen6_enable_rps(dev_priv); |
9134 |
+ gen6_update_ring_freq(dev_priv); |
9135 |
+ } |
9136 |
+diff --git a/drivers/gpu/drm/i915/intel_ringbuffer.c b/drivers/gpu/drm/i915/intel_ringbuffer.c |
9137 |
+index ca70e2f..30a9af9 100644 |
9138 |
+--- a/drivers/gpu/drm/i915/intel_ringbuffer.c |
9139 |
++++ b/drivers/gpu/drm/i915/intel_ringbuffer.c |
9140 |
+@@ -631,6 +631,19 @@ render_ring_add_request(struct intel_ring_buffer *ring, |
9141 |
+ } |
9142 |
+ |
9143 |
+ static u32 |
9144 |
++gen6_ring_get_seqno(struct intel_ring_buffer *ring) |
9145 |
++{ |
9146 |
++ struct drm_device *dev = ring->dev; |
9147 |
++ |
9148 |
++ /* Workaround to force correct ordering between irq and seqno writes on |
9149 |
++ * ivb (and maybe also on snb) by reading from a CS register (like |
9150 |
++ * ACTHD) before reading the status page. */ |
9151 |
++ if (IS_GEN7(dev)) |
9152 |
++ intel_ring_get_active_head(ring); |
9153 |
++ return intel_read_status_page(ring, I915_GEM_HWS_INDEX); |
9154 |
++} |
9155 |
++ |
9156 |
++static u32 |
9157 |
+ ring_get_seqno(struct intel_ring_buffer *ring) |
9158 |
+ { |
9159 |
+ return intel_read_status_page(ring, I915_GEM_HWS_INDEX); |
9160 |
+@@ -795,6 +808,12 @@ gen6_ring_get_irq(struct intel_ring_buffer *ring, u32 gflag, u32 rflag) |
9161 |
+ if (!dev->irq_enabled) |
9162 |
+ return false; |
9163 |
+ |
9164 |
++ /* It looks like we need to prevent the gt from suspending while waiting |
9165 |
++ * for an notifiy irq, otherwise irqs seem to get lost on at least the |
9166 |
++ * blt/bsd rings on ivb. */ |
9167 |
++ if (IS_GEN7(dev)) |
9168 |
++ gen6_gt_force_wake_get(dev_priv); |
9169 |
++ |
9170 |
+ spin_lock(&ring->irq_lock); |
9171 |
+ if (ring->irq_refcount++ == 0) { |
9172 |
+ ring->irq_mask &= ~rflag; |
9173 |
+@@ -819,6 +838,9 @@ gen6_ring_put_irq(struct intel_ring_buffer *ring, u32 gflag, u32 rflag) |
9174 |
+ ironlake_disable_irq(dev_priv, gflag); |
9175 |
+ } |
9176 |
+ spin_unlock(&ring->irq_lock); |
9177 |
++ |
9178 |
++ if (IS_GEN7(dev)) |
9179 |
++ gen6_gt_force_wake_put(dev_priv); |
9180 |
+ } |
9181 |
+ |
9182 |
+ static bool |
9183 |
+@@ -1316,7 +1338,7 @@ static const struct intel_ring_buffer gen6_bsd_ring = { |
9184 |
+ .write_tail = gen6_bsd_ring_write_tail, |
9185 |
+ .flush = gen6_ring_flush, |
9186 |
+ .add_request = gen6_add_request, |
9187 |
+- .get_seqno = ring_get_seqno, |
9188 |
++ .get_seqno = gen6_ring_get_seqno, |
9189 |
+ .irq_get = gen6_bsd_ring_get_irq, |
9190 |
+ .irq_put = gen6_bsd_ring_put_irq, |
9191 |
+ .dispatch_execbuffer = gen6_ring_dispatch_execbuffer, |
9192 |
+@@ -1451,7 +1473,7 @@ static const struct intel_ring_buffer gen6_blt_ring = { |
9193 |
+ .write_tail = ring_write_tail, |
9194 |
+ .flush = blt_ring_flush, |
9195 |
+ .add_request = gen6_add_request, |
9196 |
+- .get_seqno = ring_get_seqno, |
9197 |
++ .get_seqno = gen6_ring_get_seqno, |
9198 |
+ .irq_get = blt_ring_get_irq, |
9199 |
+ .irq_put = blt_ring_put_irq, |
9200 |
+ .dispatch_execbuffer = gen6_ring_dispatch_execbuffer, |
9201 |
+@@ -1474,6 +1496,7 @@ int intel_init_render_ring_buffer(struct drm_device *dev) |
9202 |
+ ring->flush = gen6_render_ring_flush; |
9203 |
+ ring->irq_get = gen6_render_ring_get_irq; |
9204 |
+ ring->irq_put = gen6_render_ring_put_irq; |
9205 |
++ ring->get_seqno = gen6_ring_get_seqno; |
9206 |
+ } else if (IS_GEN5(dev)) { |
9207 |
+ ring->add_request = pc_render_add_request; |
9208 |
+ ring->get_seqno = pc_render_get_seqno; |
9209 |
+diff --git a/drivers/gpu/drm/i915/intel_sdvo.c b/drivers/gpu/drm/i915/intel_sdvo.c |
9210 |
+index f7b9268..e334ec3 100644 |
9211 |
+--- a/drivers/gpu/drm/i915/intel_sdvo.c |
9212 |
++++ b/drivers/gpu/drm/i915/intel_sdvo.c |
9213 |
+@@ -1066,15 +1066,13 @@ static void intel_sdvo_mode_set(struct drm_encoder *encoder, |
9214 |
+ |
9215 |
+ /* Set the SDVO control regs. */ |
9216 |
+ if (INTEL_INFO(dev)->gen >= 4) { |
9217 |
+- sdvox = 0; |
9218 |
++ /* The real mode polarity is set by the SDVO commands, using |
9219 |
++ * struct intel_sdvo_dtd. */ |
9220 |
++ sdvox = SDVO_VSYNC_ACTIVE_HIGH | SDVO_HSYNC_ACTIVE_HIGH; |
9221 |
+ if (intel_sdvo->is_hdmi) |
9222 |
+ sdvox |= intel_sdvo->color_range; |
9223 |
+ if (INTEL_INFO(dev)->gen < 5) |
9224 |
+ sdvox |= SDVO_BORDER_ENABLE; |
9225 |
+- if (adjusted_mode->flags & DRM_MODE_FLAG_PVSYNC) |
9226 |
+- sdvox |= SDVO_VSYNC_ACTIVE_HIGH; |
9227 |
+- if (adjusted_mode->flags & DRM_MODE_FLAG_PHSYNC) |
9228 |
+- sdvox |= SDVO_HSYNC_ACTIVE_HIGH; |
9229 |
+ } else { |
9230 |
+ sdvox = I915_READ(intel_sdvo->sdvo_reg); |
9231 |
+ switch (intel_sdvo->sdvo_reg) { |
9232 |
+diff --git a/drivers/gpu/drm/radeon/atombios_dp.c b/drivers/gpu/drm/radeon/atombios_dp.c |
9233 |
+index 6fb335a..a71557c 100644 |
9234 |
+--- a/drivers/gpu/drm/radeon/atombios_dp.c |
9235 |
++++ b/drivers/gpu/drm/radeon/atombios_dp.c |
9236 |
+@@ -549,8 +549,8 @@ bool radeon_dp_getdpcd(struct radeon_connector *radeon_connector) |
9237 |
+ return false; |
9238 |
+ } |
9239 |
+ |
9240 |
+-static void radeon_dp_set_panel_mode(struct drm_encoder *encoder, |
9241 |
+- struct drm_connector *connector) |
9242 |
++int radeon_dp_get_panel_mode(struct drm_encoder *encoder, |
9243 |
++ struct drm_connector *connector) |
9244 |
+ { |
9245 |
+ struct drm_device *dev = encoder->dev; |
9246 |
+ struct radeon_device *rdev = dev->dev_private; |
9247 |
+@@ -558,7 +558,7 @@ static void radeon_dp_set_panel_mode(struct drm_encoder *encoder, |
9248 |
+ int panel_mode = DP_PANEL_MODE_EXTERNAL_DP_MODE; |
9249 |
+ |
9250 |
+ if (!ASIC_IS_DCE4(rdev)) |
9251 |
+- return; |
9252 |
++ return panel_mode; |
9253 |
+ |
9254 |
+ if (radeon_connector_encoder_get_dp_bridge_encoder_id(connector) == |
9255 |
+ ENCODER_OBJECT_ID_NUTMEG) |
9256 |
+@@ -572,14 +572,7 @@ static void radeon_dp_set_panel_mode(struct drm_encoder *encoder, |
9257 |
+ panel_mode = DP_PANEL_MODE_INTERNAL_DP2_MODE; |
9258 |
+ } |
9259 |
+ |
9260 |
+- atombios_dig_encoder_setup(encoder, |
9261 |
+- ATOM_ENCODER_CMD_SETUP_PANEL_MODE, |
9262 |
+- panel_mode); |
9263 |
+- |
9264 |
+- if ((connector->connector_type == DRM_MODE_CONNECTOR_eDP) && |
9265 |
+- (panel_mode == DP_PANEL_MODE_INTERNAL_DP2_MODE)) { |
9266 |
+- radeon_write_dpcd_reg(radeon_connector, DP_EDP_CONFIGURATION_SET, 1); |
9267 |
+- } |
9268 |
++ return panel_mode; |
9269 |
+ } |
9270 |
+ |
9271 |
+ void radeon_dp_set_link_config(struct drm_connector *connector, |
9272 |
+@@ -717,6 +710,8 @@ static void radeon_dp_set_tp(struct radeon_dp_link_train_info *dp_info, int tp) |
9273 |
+ |
9274 |
+ static int radeon_dp_link_train_init(struct radeon_dp_link_train_info *dp_info) |
9275 |
+ { |
9276 |
++ struct radeon_encoder *radeon_encoder = to_radeon_encoder(dp_info->encoder); |
9277 |
++ struct radeon_encoder_atom_dig *dig = radeon_encoder->enc_priv; |
9278 |
+ u8 tmp; |
9279 |
+ |
9280 |
+ /* power up the sink */ |
9281 |
+@@ -732,7 +727,10 @@ static int radeon_dp_link_train_init(struct radeon_dp_link_train_info *dp_info) |
9282 |
+ radeon_write_dpcd_reg(dp_info->radeon_connector, |
9283 |
+ DP_DOWNSPREAD_CTRL, 0); |
9284 |
+ |
9285 |
+- radeon_dp_set_panel_mode(dp_info->encoder, dp_info->connector); |
9286 |
++ if ((dp_info->connector->connector_type == DRM_MODE_CONNECTOR_eDP) && |
9287 |
++ (dig->panel_mode == DP_PANEL_MODE_INTERNAL_DP2_MODE)) { |
9288 |
++ radeon_write_dpcd_reg(dp_info->radeon_connector, DP_EDP_CONFIGURATION_SET, 1); |
9289 |
++ } |
9290 |
+ |
9291 |
+ /* set the lane count on the sink */ |
9292 |
+ tmp = dp_info->dp_lane_count; |
9293 |
+diff --git a/drivers/gpu/drm/radeon/atombios_encoders.c b/drivers/gpu/drm/radeon/atombios_encoders.c |
9294 |
+index 39c04c1..0f8eb48 100644 |
9295 |
+--- a/drivers/gpu/drm/radeon/atombios_encoders.c |
9296 |
++++ b/drivers/gpu/drm/radeon/atombios_encoders.c |
9297 |
+@@ -1352,7 +1352,8 @@ radeon_atom_encoder_dpms_dig(struct drm_encoder *encoder, int mode) |
9298 |
+ switch (mode) { |
9299 |
+ case DRM_MODE_DPMS_ON: |
9300 |
+ /* some early dce3.2 boards have a bug in their transmitter control table */ |
9301 |
+- if ((rdev->family == CHIP_RV710) || (rdev->family == CHIP_RV730)) |
9302 |
++ if ((rdev->family == CHIP_RV710) || (rdev->family == CHIP_RV730) || |
9303 |
++ ASIC_IS_DCE41(rdev) || ASIC_IS_DCE5(rdev)) |
9304 |
+ atombios_dig_transmitter_setup(encoder, ATOM_TRANSMITTER_ACTION_ENABLE, 0, 0); |
9305 |
+ else |
9306 |
+ atombios_dig_transmitter_setup(encoder, ATOM_TRANSMITTER_ACTION_ENABLE_OUTPUT, 0, 0); |
9307 |
+@@ -1362,8 +1363,6 @@ radeon_atom_encoder_dpms_dig(struct drm_encoder *encoder, int mode) |
9308 |
+ ATOM_TRANSMITTER_ACTION_POWER_ON); |
9309 |
+ radeon_dig_connector->edp_on = true; |
9310 |
+ } |
9311 |
+- if (ASIC_IS_DCE4(rdev)) |
9312 |
+- atombios_dig_encoder_setup(encoder, ATOM_ENCODER_CMD_DP_VIDEO_OFF, 0); |
9313 |
+ radeon_dp_link_train(encoder, connector); |
9314 |
+ if (ASIC_IS_DCE4(rdev)) |
9315 |
+ atombios_dig_encoder_setup(encoder, ATOM_ENCODER_CMD_DP_VIDEO_ON, 0); |
9316 |
+@@ -1374,7 +1373,10 @@ radeon_atom_encoder_dpms_dig(struct drm_encoder *encoder, int mode) |
9317 |
+ case DRM_MODE_DPMS_STANDBY: |
9318 |
+ case DRM_MODE_DPMS_SUSPEND: |
9319 |
+ case DRM_MODE_DPMS_OFF: |
9320 |
+- atombios_dig_transmitter_setup(encoder, ATOM_TRANSMITTER_ACTION_DISABLE_OUTPUT, 0, 0); |
9321 |
++ if (ASIC_IS_DCE41(rdev) || ASIC_IS_DCE5(rdev)) |
9322 |
++ atombios_dig_transmitter_setup(encoder, ATOM_TRANSMITTER_ACTION_DISABLE, 0, 0); |
9323 |
++ else |
9324 |
++ atombios_dig_transmitter_setup(encoder, ATOM_TRANSMITTER_ACTION_DISABLE_OUTPUT, 0, 0); |
9325 |
+ if (ENCODER_MODE_IS_DP(atombios_get_encoder_mode(encoder)) && connector) { |
9326 |
+ if (ASIC_IS_DCE4(rdev)) |
9327 |
+ atombios_dig_encoder_setup(encoder, ATOM_ENCODER_CMD_DP_VIDEO_OFF, 0); |
9328 |
+@@ -1821,7 +1823,21 @@ radeon_atom_encoder_mode_set(struct drm_encoder *encoder, |
9329 |
+ case ENCODER_OBJECT_ID_INTERNAL_UNIPHY1: |
9330 |
+ case ENCODER_OBJECT_ID_INTERNAL_UNIPHY2: |
9331 |
+ case ENCODER_OBJECT_ID_INTERNAL_KLDSCP_LVTMA: |
9332 |
+- if (ASIC_IS_DCE4(rdev)) { |
9333 |
++ if (ASIC_IS_DCE41(rdev) || ASIC_IS_DCE5(rdev)) { |
9334 |
++ struct drm_connector *connector = radeon_get_connector_for_encoder(encoder); |
9335 |
++ struct radeon_encoder_atom_dig *dig = radeon_encoder->enc_priv; |
9336 |
++ |
9337 |
++ if (!connector) |
9338 |
++ dig->panel_mode = DP_PANEL_MODE_EXTERNAL_DP_MODE; |
9339 |
++ else |
9340 |
++ dig->panel_mode = radeon_dp_get_panel_mode(encoder, connector); |
9341 |
++ |
9342 |
++ /* setup and enable the encoder */ |
9343 |
++ atombios_dig_encoder_setup(encoder, ATOM_ENCODER_CMD_SETUP, 0); |
9344 |
++ atombios_dig_encoder_setup(encoder, |
9345 |
++ ATOM_ENCODER_CMD_SETUP_PANEL_MODE, |
9346 |
++ dig->panel_mode); |
9347 |
++ } else if (ASIC_IS_DCE4(rdev)) { |
9348 |
+ /* disable the transmitter */ |
9349 |
+ atombios_dig_transmitter_setup(encoder, ATOM_TRANSMITTER_ACTION_DISABLE, 0, 0); |
9350 |
+ /* setup and enable the encoder */ |
9351 |
+diff --git a/drivers/gpu/drm/radeon/radeon_irq_kms.c b/drivers/gpu/drm/radeon/radeon_irq_kms.c |
9352 |
+index 8f86aeb..e7ddb49 100644 |
9353 |
+--- a/drivers/gpu/drm/radeon/radeon_irq_kms.c |
9354 |
++++ b/drivers/gpu/drm/radeon/radeon_irq_kms.c |
9355 |
+@@ -134,6 +134,12 @@ static bool radeon_msi_ok(struct radeon_device *rdev) |
9356 |
+ /* Dell RS690 only seems to work with MSIs. */ |
9357 |
+ if ((rdev->pdev->device == 0x791f) && |
9358 |
+ (rdev->pdev->subsystem_vendor == 0x1028) && |
9359 |
++ (rdev->pdev->subsystem_device == 0x01fc)) |
9360 |
++ return true; |
9361 |
++ |
9362 |
++ /* Dell RS690 only seems to work with MSIs. */ |
9363 |
++ if ((rdev->pdev->device == 0x791f) && |
9364 |
++ (rdev->pdev->subsystem_vendor == 0x1028) && |
9365 |
+ (rdev->pdev->subsystem_device == 0x01fd)) |
9366 |
+ return true; |
9367 |
+ |
9368 |
+diff --git a/drivers/gpu/drm/radeon/radeon_mode.h b/drivers/gpu/drm/radeon/radeon_mode.h |
9369 |
+index 2c2e75e..8254d5a 100644 |
9370 |
+--- a/drivers/gpu/drm/radeon/radeon_mode.h |
9371 |
++++ b/drivers/gpu/drm/radeon/radeon_mode.h |
9372 |
+@@ -362,6 +362,7 @@ struct radeon_encoder_atom_dig { |
9373 |
+ struct backlight_device *bl_dev; |
9374 |
+ int dpms_mode; |
9375 |
+ uint8_t backlight_level; |
9376 |
++ int panel_mode; |
9377 |
+ }; |
9378 |
+ |
9379 |
+ struct radeon_encoder_atom_dac { |
9380 |
+@@ -482,6 +483,8 @@ extern void radeon_dp_link_train(struct drm_encoder *encoder, |
9381 |
+ extern bool radeon_dp_needs_link_train(struct radeon_connector *radeon_connector); |
9382 |
+ extern u8 radeon_dp_getsinktype(struct radeon_connector *radeon_connector); |
9383 |
+ extern bool radeon_dp_getdpcd(struct radeon_connector *radeon_connector); |
9384 |
++extern int radeon_dp_get_panel_mode(struct drm_encoder *encoder, |
9385 |
++ struct drm_connector *connector); |
9386 |
+ extern void atombios_dig_encoder_setup(struct drm_encoder *encoder, int action, int panel_mode); |
9387 |
+ extern void radeon_atom_encoder_init(struct radeon_device *rdev); |
9388 |
+ extern void atombios_dig_transmitter_setup(struct drm_encoder *encoder, |
9389 |
+diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_kms.c b/drivers/gpu/drm/vmwgfx/vmwgfx_kms.c |
9390 |
+index f94b33a..7c88f1f 100644 |
9391 |
+--- a/drivers/gpu/drm/vmwgfx/vmwgfx_kms.c |
9392 |
++++ b/drivers/gpu/drm/vmwgfx/vmwgfx_kms.c |
9393 |
+@@ -378,7 +378,7 @@ int vmw_framebuffer_create_handle(struct drm_framebuffer *fb, |
9394 |
+ unsigned int *handle) |
9395 |
+ { |
9396 |
+ if (handle) |
9397 |
+- handle = 0; |
9398 |
++ *handle = 0; |
9399 |
+ |
9400 |
+ return 0; |
9401 |
+ } |
9402 |
+diff --git a/drivers/hwmon/f71805f.c b/drivers/hwmon/f71805f.c |
9403 |
+index 92f9497..6dbfd3e 100644 |
9404 |
+--- a/drivers/hwmon/f71805f.c |
9405 |
++++ b/drivers/hwmon/f71805f.c |
9406 |
+@@ -283,11 +283,11 @@ static inline long temp_from_reg(u8 reg) |
9407 |
+ |
9408 |
+ static inline u8 temp_to_reg(long val) |
9409 |
+ { |
9410 |
+- if (val < 0) |
9411 |
+- val = 0; |
9412 |
+- else if (val > 1000 * 0xff) |
9413 |
+- val = 0xff; |
9414 |
+- return ((val + 500) / 1000); |
9415 |
++ if (val <= 0) |
9416 |
++ return 0; |
9417 |
++ if (val >= 1000 * 0xff) |
9418 |
++ return 0xff; |
9419 |
++ return (val + 500) / 1000; |
9420 |
+ } |
9421 |
+ |
9422 |
+ /* |
9423 |
+diff --git a/drivers/hwmon/sht15.c b/drivers/hwmon/sht15.c |
9424 |
+index fe4104c..5357925 100644 |
9425 |
+--- a/drivers/hwmon/sht15.c |
9426 |
++++ b/drivers/hwmon/sht15.c |
9427 |
+@@ -883,7 +883,7 @@ static int sht15_invalidate_voltage(struct notifier_block *nb, |
9428 |
+ |
9429 |
+ static int __devinit sht15_probe(struct platform_device *pdev) |
9430 |
+ { |
9431 |
+- int ret = 0; |
9432 |
++ int ret; |
9433 |
+ struct sht15_data *data = kzalloc(sizeof(*data), GFP_KERNEL); |
9434 |
+ u8 status = 0; |
9435 |
+ |
9436 |
+@@ -901,6 +901,7 @@ static int __devinit sht15_probe(struct platform_device *pdev) |
9437 |
+ init_waitqueue_head(&data->wait_queue); |
9438 |
+ |
9439 |
+ if (pdev->dev.platform_data == NULL) { |
9440 |
++ ret = -EINVAL; |
9441 |
+ dev_err(&pdev->dev, "no platform data supplied\n"); |
9442 |
+ goto err_free_data; |
9443 |
+ } |
9444 |
+diff --git a/drivers/hwmon/w83627ehf.c b/drivers/hwmon/w83627ehf.c |
9445 |
+index 93f5fc7..4b57ab6 100644 |
9446 |
+--- a/drivers/hwmon/w83627ehf.c |
9447 |
++++ b/drivers/hwmon/w83627ehf.c |
9448 |
+@@ -1319,6 +1319,7 @@ store_pwm_mode(struct device *dev, struct device_attribute *attr, |
9449 |
+ { |
9450 |
+ struct w83627ehf_data *data = dev_get_drvdata(dev); |
9451 |
+ struct sensor_device_attribute *sensor_attr = to_sensor_dev_attr(attr); |
9452 |
++ struct w83627ehf_sio_data *sio_data = dev->platform_data; |
9453 |
+ int nr = sensor_attr->index; |
9454 |
+ unsigned long val; |
9455 |
+ int err; |
9456 |
+@@ -1330,6 +1331,11 @@ store_pwm_mode(struct device *dev, struct device_attribute *attr, |
9457 |
+ |
9458 |
+ if (val > 1) |
9459 |
+ return -EINVAL; |
9460 |
++ |
9461 |
++ /* On NCT67766F, DC mode is only supported for pwm1 */ |
9462 |
++ if (sio_data->kind == nct6776 && nr && val != 1) |
9463 |
++ return -EINVAL; |
9464 |
++ |
9465 |
+ mutex_lock(&data->update_lock); |
9466 |
+ reg = w83627ehf_read_value(data, W83627EHF_REG_PWM_ENABLE[nr]); |
9467 |
+ data->pwm_mode[nr] = val; |
9468 |
+diff --git a/drivers/net/bonding/bond_alb.c b/drivers/net/bonding/bond_alb.c |
9469 |
+index 106b88a..30431d8 100644 |
9470 |
+--- a/drivers/net/bonding/bond_alb.c |
9471 |
++++ b/drivers/net/bonding/bond_alb.c |
9472 |
+@@ -871,16 +871,12 @@ static void alb_send_learning_packets(struct slave *slave, u8 mac_addr[]) |
9473 |
+ } |
9474 |
+ } |
9475 |
+ |
9476 |
+-/* hw is a boolean parameter that determines whether we should try and |
9477 |
+- * set the hw address of the device as well as the hw address of the |
9478 |
+- * net_device |
9479 |
+- */ |
9480 |
+-static int alb_set_slave_mac_addr(struct slave *slave, u8 addr[], int hw) |
9481 |
++static int alb_set_slave_mac_addr(struct slave *slave, u8 addr[]) |
9482 |
+ { |
9483 |
+ struct net_device *dev = slave->dev; |
9484 |
+ struct sockaddr s_addr; |
9485 |
+ |
9486 |
+- if (!hw) { |
9487 |
++ if (slave->bond->params.mode == BOND_MODE_TLB) { |
9488 |
+ memcpy(dev->dev_addr, addr, dev->addr_len); |
9489 |
+ return 0; |
9490 |
+ } |
9491 |
+@@ -910,8 +906,8 @@ static void alb_swap_mac_addr(struct bonding *bond, struct slave *slave1, struct |
9492 |
+ u8 tmp_mac_addr[ETH_ALEN]; |
9493 |
+ |
9494 |
+ memcpy(tmp_mac_addr, slave1->dev->dev_addr, ETH_ALEN); |
9495 |
+- alb_set_slave_mac_addr(slave1, slave2->dev->dev_addr, bond->alb_info.rlb_enabled); |
9496 |
+- alb_set_slave_mac_addr(slave2, tmp_mac_addr, bond->alb_info.rlb_enabled); |
9497 |
++ alb_set_slave_mac_addr(slave1, slave2->dev->dev_addr); |
9498 |
++ alb_set_slave_mac_addr(slave2, tmp_mac_addr); |
9499 |
+ |
9500 |
+ } |
9501 |
+ |
9502 |
+@@ -1058,8 +1054,7 @@ static int alb_handle_addr_collision_on_attach(struct bonding *bond, struct slav |
9503 |
+ |
9504 |
+ /* Try setting slave mac to bond address and fall-through |
9505 |
+ to code handling that situation below... */ |
9506 |
+- alb_set_slave_mac_addr(slave, bond->dev->dev_addr, |
9507 |
+- bond->alb_info.rlb_enabled); |
9508 |
++ alb_set_slave_mac_addr(slave, bond->dev->dev_addr); |
9509 |
+ } |
9510 |
+ |
9511 |
+ /* The slave's address is equal to the address of the bond. |
9512 |
+@@ -1095,8 +1090,7 @@ static int alb_handle_addr_collision_on_attach(struct bonding *bond, struct slav |
9513 |
+ } |
9514 |
+ |
9515 |
+ if (free_mac_slave) { |
9516 |
+- alb_set_slave_mac_addr(slave, free_mac_slave->perm_hwaddr, |
9517 |
+- bond->alb_info.rlb_enabled); |
9518 |
++ alb_set_slave_mac_addr(slave, free_mac_slave->perm_hwaddr); |
9519 |
+ |
9520 |
+ pr_warning("%s: Warning: the hw address of slave %s is in use by the bond; giving it the hw address of %s\n", |
9521 |
+ bond->dev->name, slave->dev->name, |
9522 |
+@@ -1451,8 +1445,7 @@ int bond_alb_init_slave(struct bonding *bond, struct slave *slave) |
9523 |
+ { |
9524 |
+ int res; |
9525 |
+ |
9526 |
+- res = alb_set_slave_mac_addr(slave, slave->perm_hwaddr, |
9527 |
+- bond->alb_info.rlb_enabled); |
9528 |
++ res = alb_set_slave_mac_addr(slave, slave->perm_hwaddr); |
9529 |
+ if (res) { |
9530 |
+ return res; |
9531 |
+ } |
9532 |
+@@ -1603,8 +1596,7 @@ void bond_alb_handle_active_change(struct bonding *bond, struct slave *new_slave |
9533 |
+ alb_swap_mac_addr(bond, swap_slave, new_slave); |
9534 |
+ } else { |
9535 |
+ /* set the new_slave to the bond mac address */ |
9536 |
+- alb_set_slave_mac_addr(new_slave, bond->dev->dev_addr, |
9537 |
+- bond->alb_info.rlb_enabled); |
9538 |
++ alb_set_slave_mac_addr(new_slave, bond->dev->dev_addr); |
9539 |
+ } |
9540 |
+ |
9541 |
+ if (swap_slave) { |
9542 |
+@@ -1664,8 +1656,7 @@ int bond_alb_set_mac_address(struct net_device *bond_dev, void *addr) |
9543 |
+ alb_swap_mac_addr(bond, swap_slave, bond->curr_active_slave); |
9544 |
+ alb_fasten_mac_swap(bond, swap_slave, bond->curr_active_slave); |
9545 |
+ } else { |
9546 |
+- alb_set_slave_mac_addr(bond->curr_active_slave, bond_dev->dev_addr, |
9547 |
+- bond->alb_info.rlb_enabled); |
9548 |
++ alb_set_slave_mac_addr(bond->curr_active_slave, bond_dev->dev_addr); |
9549 |
+ |
9550 |
+ read_lock(&bond->lock); |
9551 |
+ alb_send_learning_packets(bond->curr_active_slave, bond_dev->dev_addr); |
9552 |
+diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c |
9553 |
+index 7413497..959d448 100644 |
9554 |
+--- a/drivers/net/macvlan.c |
9555 |
++++ b/drivers/net/macvlan.c |
9556 |
+@@ -172,6 +172,7 @@ static rx_handler_result_t macvlan_handle_frame(struct sk_buff **pskb) |
9557 |
+ skb = ip_check_defrag(skb, IP_DEFRAG_MACVLAN); |
9558 |
+ if (!skb) |
9559 |
+ return RX_HANDLER_CONSUMED; |
9560 |
++ eth = eth_hdr(skb); |
9561 |
+ src = macvlan_hash_lookup(port, eth->h_source); |
9562 |
+ if (!src) |
9563 |
+ /* frame comes from an external address */ |
9564 |
+diff --git a/drivers/net/wireless/brcm80211/brcmsmac/main.c b/drivers/net/wireless/brcm80211/brcmsmac/main.c |
9565 |
+index 510e9bb..453f58e 100644 |
9566 |
+--- a/drivers/net/wireless/brcm80211/brcmsmac/main.c |
9567 |
++++ b/drivers/net/wireless/brcm80211/brcmsmac/main.c |
9568 |
+@@ -8217,13 +8217,21 @@ int brcms_c_get_curband(struct brcms_c_info *wlc) |
9569 |
+ |
9570 |
+ void brcms_c_wait_for_tx_completion(struct brcms_c_info *wlc, bool drop) |
9571 |
+ { |
9572 |
++ int timeout = 20; |
9573 |
++ |
9574 |
+ /* flush packet queue when requested */ |
9575 |
+ if (drop) |
9576 |
+ brcmu_pktq_flush(&wlc->pkt_queue->q, false, NULL, NULL); |
9577 |
+ |
9578 |
+ /* wait for queue and DMA fifos to run dry */ |
9579 |
+- while (!pktq_empty(&wlc->pkt_queue->q) || brcms_txpktpendtot(wlc) > 0) |
9580 |
++ while (!pktq_empty(&wlc->pkt_queue->q) || brcms_txpktpendtot(wlc) > 0) { |
9581 |
+ brcms_msleep(wlc->wl, 1); |
9582 |
++ |
9583 |
++ if (--timeout == 0) |
9584 |
++ break; |
9585 |
++ } |
9586 |
++ |
9587 |
++ WARN_ON_ONCE(timeout == 0); |
9588 |
+ } |
9589 |
+ |
9590 |
+ void brcms_c_set_beacon_listen_interval(struct brcms_c_info *wlc, u8 interval) |
9591 |
+diff --git a/drivers/net/wireless/iwlwifi/iwl-trans-pcie-rx.c b/drivers/net/wireless/iwlwifi/iwl-trans-pcie-rx.c |
9592 |
+index 1920237..1daf01e 100644 |
9593 |
+--- a/drivers/net/wireless/iwlwifi/iwl-trans-pcie-rx.c |
9594 |
++++ b/drivers/net/wireless/iwlwifi/iwl-trans-pcie-rx.c |
9595 |
+@@ -957,11 +957,11 @@ void iwl_irq_tasklet(struct iwl_trans *trans) |
9596 |
+ } |
9597 |
+ #endif |
9598 |
+ |
9599 |
+- spin_unlock_irqrestore(&trans->shrd->lock, flags); |
9600 |
+- |
9601 |
+ /* saved interrupt in inta variable now we can reset trans_pcie->inta */ |
9602 |
+ trans_pcie->inta = 0; |
9603 |
+ |
9604 |
++ spin_unlock_irqrestore(&trans->shrd->lock, flags); |
9605 |
++ |
9606 |
+ /* Now service all interrupt bits discovered above. */ |
9607 |
+ if (inta & CSR_INT_BIT_HW_ERR) { |
9608 |
+ IWL_ERR(trans, "Hardware error detected. Restarting.\n"); |
9609 |
+diff --git a/drivers/scsi/mpt2sas/mpt2sas_base.c b/drivers/scsi/mpt2sas/mpt2sas_base.c |
9610 |
+index 0794c72..b1ddfef 100644 |
9611 |
+--- a/drivers/scsi/mpt2sas/mpt2sas_base.c |
9612 |
++++ b/drivers/scsi/mpt2sas/mpt2sas_base.c |
9613 |
+@@ -4033,7 +4033,8 @@ _base_make_ioc_operational(struct MPT2SAS_ADAPTER *ioc, int sleep_flag) |
9614 |
+ ioc->reply_free[i] = cpu_to_le32(reply_address); |
9615 |
+ |
9616 |
+ /* initialize reply queues */ |
9617 |
+- _base_assign_reply_queues(ioc); |
9618 |
++ if (ioc->is_driver_loading) |
9619 |
++ _base_assign_reply_queues(ioc); |
9620 |
+ |
9621 |
+ /* initialize Reply Post Free Queue */ |
9622 |
+ reply_post_free = (long)ioc->reply_post_free; |
9623 |
+@@ -4081,24 +4082,17 @@ _base_make_ioc_operational(struct MPT2SAS_ADAPTER *ioc, int sleep_flag) |
9624 |
+ |
9625 |
+ |
9626 |
+ if (ioc->is_driver_loading) { |
9627 |
+- |
9628 |
+- |
9629 |
+- |
9630 |
+- ioc->wait_for_discovery_to_complete = |
9631 |
+- _base_determine_wait_on_discovery(ioc); |
9632 |
+- return r; /* scan_start and scan_finished support */ |
9633 |
+- } |
9634 |
+- |
9635 |
+- |
9636 |
+- if (ioc->wait_for_discovery_to_complete && ioc->is_warpdrive) { |
9637 |
+- if (ioc->manu_pg10.OEMIdentifier == 0x80) { |
9638 |
++ if (ioc->is_warpdrive && ioc->manu_pg10.OEMIdentifier |
9639 |
++ == 0x80) { |
9640 |
+ hide_flag = (u8) (ioc->manu_pg10.OEMSpecificFlags0 & |
9641 |
+ MFG_PAGE10_HIDE_SSDS_MASK); |
9642 |
+ if (hide_flag != MFG_PAGE10_HIDE_SSDS_MASK) |
9643 |
+ ioc->mfg_pg10_hide_flag = hide_flag; |
9644 |
+ } |
9645 |
++ ioc->wait_for_discovery_to_complete = |
9646 |
++ _base_determine_wait_on_discovery(ioc); |
9647 |
++ return r; /* scan_start and scan_finished support */ |
9648 |
+ } |
9649 |
+- |
9650 |
+ r = _base_send_port_enable(ioc, sleep_flag); |
9651 |
+ if (r) |
9652 |
+ return r; |
9653 |
+diff --git a/drivers/scsi/mpt2sas/mpt2sas_scsih.c b/drivers/scsi/mpt2sas/mpt2sas_scsih.c |
9654 |
+index 9bc6fb2..2824a90 100644 |
9655 |
+--- a/drivers/scsi/mpt2sas/mpt2sas_scsih.c |
9656 |
++++ b/drivers/scsi/mpt2sas/mpt2sas_scsih.c |
9657 |
+@@ -8001,7 +8001,6 @@ _scsih_probe(struct pci_dev *pdev, const struct pci_device_id *id) |
9658 |
+ goto out_attach_fail; |
9659 |
+ } |
9660 |
+ |
9661 |
+- scsi_scan_host(shost); |
9662 |
+ if (ioc->is_warpdrive) { |
9663 |
+ if (ioc->mfg_pg10_hide_flag == MFG_PAGE10_EXPOSE_ALL_DISKS) |
9664 |
+ ioc->hide_drives = 0; |
9665 |
+@@ -8015,8 +8014,8 @@ _scsih_probe(struct pci_dev *pdev, const struct pci_device_id *id) |
9666 |
+ } |
9667 |
+ } else |
9668 |
+ ioc->hide_drives = 0; |
9669 |
++ scsi_scan_host(shost); |
9670 |
+ |
9671 |
+- _scsih_probe_devices(ioc); |
9672 |
+ return 0; |
9673 |
+ |
9674 |
+ out_attach_fail: |
9675 |
+diff --git a/drivers/tty/serial/amba-pl011.c b/drivers/tty/serial/amba-pl011.c |
9676 |
+index 00233af..8e00926 100644 |
9677 |
+--- a/drivers/tty/serial/amba-pl011.c |
9678 |
++++ b/drivers/tty/serial/amba-pl011.c |
9679 |
+@@ -1740,9 +1740,19 @@ pl011_console_write(struct console *co, const char *s, unsigned int count) |
9680 |
+ { |
9681 |
+ struct uart_amba_port *uap = amba_ports[co->index]; |
9682 |
+ unsigned int status, old_cr, new_cr; |
9683 |
++ unsigned long flags; |
9684 |
++ int locked = 1; |
9685 |
+ |
9686 |
+ clk_enable(uap->clk); |
9687 |
+ |
9688 |
++ local_irq_save(flags); |
9689 |
++ if (uap->port.sysrq) |
9690 |
++ locked = 0; |
9691 |
++ else if (oops_in_progress) |
9692 |
++ locked = spin_trylock(&uap->port.lock); |
9693 |
++ else |
9694 |
++ spin_lock(&uap->port.lock); |
9695 |
++ |
9696 |
+ /* |
9697 |
+ * First save the CR then disable the interrupts |
9698 |
+ */ |
9699 |
+@@ -1762,6 +1772,10 @@ pl011_console_write(struct console *co, const char *s, unsigned int count) |
9700 |
+ } while (status & UART01x_FR_BUSY); |
9701 |
+ writew(old_cr, uap->port.membase + UART011_CR); |
9702 |
+ |
9703 |
++ if (locked) |
9704 |
++ spin_unlock(&uap->port.lock); |
9705 |
++ local_irq_restore(flags); |
9706 |
++ |
9707 |
+ clk_disable(uap->clk); |
9708 |
+ } |
9709 |
+ |
9710 |
+diff --git a/drivers/tty/serial/jsm/jsm_driver.c b/drivers/tty/serial/jsm/jsm_driver.c |
9711 |
+index 7c867a0..7545fe1 100644 |
9712 |
+--- a/drivers/tty/serial/jsm/jsm_driver.c |
9713 |
++++ b/drivers/tty/serial/jsm/jsm_driver.c |
9714 |
+@@ -251,6 +251,7 @@ static void jsm_io_resume(struct pci_dev *pdev) |
9715 |
+ struct jsm_board *brd = pci_get_drvdata(pdev); |
9716 |
+ |
9717 |
+ pci_restore_state(pdev); |
9718 |
++ pci_save_state(pdev); |
9719 |
+ |
9720 |
+ jsm_uart_port_init(brd); |
9721 |
+ } |
9722 |
+diff --git a/drivers/tty/tty_port.c b/drivers/tty/tty_port.c |
9723 |
+index ef9dd62..bf6e238 100644 |
9724 |
+--- a/drivers/tty/tty_port.c |
9725 |
++++ b/drivers/tty/tty_port.c |
9726 |
+@@ -227,7 +227,6 @@ int tty_port_block_til_ready(struct tty_port *port, |
9727 |
+ int do_clocal = 0, retval; |
9728 |
+ unsigned long flags; |
9729 |
+ DEFINE_WAIT(wait); |
9730 |
+- int cd; |
9731 |
+ |
9732 |
+ /* block if port is in the process of being closed */ |
9733 |
+ if (tty_hung_up_p(filp) || port->flags & ASYNC_CLOSING) { |
9734 |
+@@ -284,11 +283,14 @@ int tty_port_block_til_ready(struct tty_port *port, |
9735 |
+ retval = -ERESTARTSYS; |
9736 |
+ break; |
9737 |
+ } |
9738 |
+- /* Probe the carrier. For devices with no carrier detect this |
9739 |
+- will always return true */ |
9740 |
+- cd = tty_port_carrier_raised(port); |
9741 |
++ /* |
9742 |
++ * Probe the carrier. For devices with no carrier detect |
9743 |
++ * tty_port_carrier_raised will always return true. |
9744 |
++ * Never ask drivers if CLOCAL is set, this causes troubles |
9745 |
++ * on some hardware. |
9746 |
++ */ |
9747 |
+ if (!(port->flags & ASYNC_CLOSING) && |
9748 |
+- (do_clocal || cd)) |
9749 |
++ (do_clocal || tty_port_carrier_raised(port))) |
9750 |
+ break; |
9751 |
+ if (signal_pending(current)) { |
9752 |
+ retval = -ERESTARTSYS; |
9753 |
+diff --git a/drivers/usb/class/cdc-wdm.c b/drivers/usb/class/cdc-wdm.c |
9754 |
+index efe6849..fd4aee1 100644 |
9755 |
+--- a/drivers/usb/class/cdc-wdm.c |
9756 |
++++ b/drivers/usb/class/cdc-wdm.c |
9757 |
+@@ -57,6 +57,8 @@ MODULE_DEVICE_TABLE (usb, wdm_ids); |
9758 |
+ |
9759 |
+ #define WDM_MAX 16 |
9760 |
+ |
9761 |
++/* CDC-WMC r1.1 requires wMaxCommand to be "at least 256 decimal (0x100)" */ |
9762 |
++#define WDM_DEFAULT_BUFSIZE 256 |
9763 |
+ |
9764 |
+ static DEFINE_MUTEX(wdm_mutex); |
9765 |
+ |
9766 |
+@@ -88,7 +90,8 @@ struct wdm_device { |
9767 |
+ int count; |
9768 |
+ dma_addr_t shandle; |
9769 |
+ dma_addr_t ihandle; |
9770 |
+- struct mutex lock; |
9771 |
++ struct mutex wlock; |
9772 |
++ struct mutex rlock; |
9773 |
+ wait_queue_head_t wait; |
9774 |
+ struct work_struct rxwork; |
9775 |
+ int werr; |
9776 |
+@@ -323,7 +326,7 @@ static ssize_t wdm_write |
9777 |
+ } |
9778 |
+ |
9779 |
+ /* concurrent writes and disconnect */ |
9780 |
+- r = mutex_lock_interruptible(&desc->lock); |
9781 |
++ r = mutex_lock_interruptible(&desc->wlock); |
9782 |
+ rv = -ERESTARTSYS; |
9783 |
+ if (r) { |
9784 |
+ kfree(buf); |
9785 |
+@@ -386,7 +389,7 @@ static ssize_t wdm_write |
9786 |
+ out: |
9787 |
+ usb_autopm_put_interface(desc->intf); |
9788 |
+ outnp: |
9789 |
+- mutex_unlock(&desc->lock); |
9790 |
++ mutex_unlock(&desc->wlock); |
9791 |
+ outnl: |
9792 |
+ return rv < 0 ? rv : count; |
9793 |
+ } |
9794 |
+@@ -399,7 +402,7 @@ static ssize_t wdm_read |
9795 |
+ struct wdm_device *desc = file->private_data; |
9796 |
+ |
9797 |
+ |
9798 |
+- rv = mutex_lock_interruptible(&desc->lock); /*concurrent reads */ |
9799 |
++ rv = mutex_lock_interruptible(&desc->rlock); /*concurrent reads */ |
9800 |
+ if (rv < 0) |
9801 |
+ return -ERESTARTSYS; |
9802 |
+ |
9803 |
+@@ -467,14 +470,16 @@ retry: |
9804 |
+ for (i = 0; i < desc->length - cntr; i++) |
9805 |
+ desc->ubuf[i] = desc->ubuf[i + cntr]; |
9806 |
+ |
9807 |
++ spin_lock_irq(&desc->iuspin); |
9808 |
+ desc->length -= cntr; |
9809 |
++ spin_unlock_irq(&desc->iuspin); |
9810 |
+ /* in case we had outstanding data */ |
9811 |
+ if (!desc->length) |
9812 |
+ clear_bit(WDM_READ, &desc->flags); |
9813 |
+ rv = cntr; |
9814 |
+ |
9815 |
+ err: |
9816 |
+- mutex_unlock(&desc->lock); |
9817 |
++ mutex_unlock(&desc->rlock); |
9818 |
+ return rv; |
9819 |
+ } |
9820 |
+ |
9821 |
+@@ -540,7 +545,8 @@ static int wdm_open(struct inode *inode, struct file *file) |
9822 |
+ } |
9823 |
+ intf->needs_remote_wakeup = 1; |
9824 |
+ |
9825 |
+- mutex_lock(&desc->lock); |
9826 |
++ /* using write lock to protect desc->count */ |
9827 |
++ mutex_lock(&desc->wlock); |
9828 |
+ if (!desc->count++) { |
9829 |
+ desc->werr = 0; |
9830 |
+ desc->rerr = 0; |
9831 |
+@@ -553,7 +559,7 @@ static int wdm_open(struct inode *inode, struct file *file) |
9832 |
+ } else { |
9833 |
+ rv = 0; |
9834 |
+ } |
9835 |
+- mutex_unlock(&desc->lock); |
9836 |
++ mutex_unlock(&desc->wlock); |
9837 |
+ usb_autopm_put_interface(desc->intf); |
9838 |
+ out: |
9839 |
+ mutex_unlock(&wdm_mutex); |
9840 |
+@@ -565,9 +571,11 @@ static int wdm_release(struct inode *inode, struct file *file) |
9841 |
+ struct wdm_device *desc = file->private_data; |
9842 |
+ |
9843 |
+ mutex_lock(&wdm_mutex); |
9844 |
+- mutex_lock(&desc->lock); |
9845 |
++ |
9846 |
++ /* using write lock to protect desc->count */ |
9847 |
++ mutex_lock(&desc->wlock); |
9848 |
+ desc->count--; |
9849 |
+- mutex_unlock(&desc->lock); |
9850 |
++ mutex_unlock(&desc->wlock); |
9851 |
+ |
9852 |
+ if (!desc->count) { |
9853 |
+ dev_dbg(&desc->intf->dev, "wdm_release: cleanup"); |
9854 |
+@@ -630,7 +638,7 @@ static int wdm_probe(struct usb_interface *intf, const struct usb_device_id *id) |
9855 |
+ struct usb_cdc_dmm_desc *dmhd; |
9856 |
+ u8 *buffer = intf->altsetting->extra; |
9857 |
+ int buflen = intf->altsetting->extralen; |
9858 |
+- u16 maxcom = 0; |
9859 |
++ u16 maxcom = WDM_DEFAULT_BUFSIZE; |
9860 |
+ |
9861 |
+ if (!buffer) |
9862 |
+ goto out; |
9863 |
+@@ -665,7 +673,8 @@ next_desc: |
9864 |
+ desc = kzalloc(sizeof(struct wdm_device), GFP_KERNEL); |
9865 |
+ if (!desc) |
9866 |
+ goto out; |
9867 |
+- mutex_init(&desc->lock); |
9868 |
++ mutex_init(&desc->rlock); |
9869 |
++ mutex_init(&desc->wlock); |
9870 |
+ spin_lock_init(&desc->iuspin); |
9871 |
+ init_waitqueue_head(&desc->wait); |
9872 |
+ desc->wMaxCommand = maxcom; |
9873 |
+@@ -716,7 +725,7 @@ next_desc: |
9874 |
+ goto err; |
9875 |
+ |
9876 |
+ desc->inbuf = usb_alloc_coherent(interface_to_usbdev(intf), |
9877 |
+- desc->bMaxPacketSize0, |
9878 |
++ desc->wMaxCommand, |
9879 |
+ GFP_KERNEL, |
9880 |
+ &desc->response->transfer_dma); |
9881 |
+ if (!desc->inbuf) |
9882 |
+@@ -779,11 +788,13 @@ static void wdm_disconnect(struct usb_interface *intf) |
9883 |
+ /* to terminate pending flushes */ |
9884 |
+ clear_bit(WDM_IN_USE, &desc->flags); |
9885 |
+ spin_unlock_irqrestore(&desc->iuspin, flags); |
9886 |
+- mutex_lock(&desc->lock); |
9887 |
++ wake_up_all(&desc->wait); |
9888 |
++ mutex_lock(&desc->rlock); |
9889 |
++ mutex_lock(&desc->wlock); |
9890 |
+ kill_urbs(desc); |
9891 |
+ cancel_work_sync(&desc->rxwork); |
9892 |
+- mutex_unlock(&desc->lock); |
9893 |
+- wake_up_all(&desc->wait); |
9894 |
++ mutex_unlock(&desc->wlock); |
9895 |
++ mutex_unlock(&desc->rlock); |
9896 |
+ if (!desc->count) |
9897 |
+ cleanup(desc); |
9898 |
+ mutex_unlock(&wdm_mutex); |
9899 |
+@@ -798,8 +809,10 @@ static int wdm_suspend(struct usb_interface *intf, pm_message_t message) |
9900 |
+ dev_dbg(&desc->intf->dev, "wdm%d_suspend\n", intf->minor); |
9901 |
+ |
9902 |
+ /* if this is an autosuspend the caller does the locking */ |
9903 |
+- if (!PMSG_IS_AUTO(message)) |
9904 |
+- mutex_lock(&desc->lock); |
9905 |
++ if (!PMSG_IS_AUTO(message)) { |
9906 |
++ mutex_lock(&desc->rlock); |
9907 |
++ mutex_lock(&desc->wlock); |
9908 |
++ } |
9909 |
+ spin_lock_irq(&desc->iuspin); |
9910 |
+ |
9911 |
+ if (PMSG_IS_AUTO(message) && |
9912 |
+@@ -815,8 +828,10 @@ static int wdm_suspend(struct usb_interface *intf, pm_message_t message) |
9913 |
+ kill_urbs(desc); |
9914 |
+ cancel_work_sync(&desc->rxwork); |
9915 |
+ } |
9916 |
+- if (!PMSG_IS_AUTO(message)) |
9917 |
+- mutex_unlock(&desc->lock); |
9918 |
++ if (!PMSG_IS_AUTO(message)) { |
9919 |
++ mutex_unlock(&desc->wlock); |
9920 |
++ mutex_unlock(&desc->rlock); |
9921 |
++ } |
9922 |
+ |
9923 |
+ return rv; |
9924 |
+ } |
9925 |
+@@ -854,7 +869,8 @@ static int wdm_pre_reset(struct usb_interface *intf) |
9926 |
+ { |
9927 |
+ struct wdm_device *desc = usb_get_intfdata(intf); |
9928 |
+ |
9929 |
+- mutex_lock(&desc->lock); |
9930 |
++ mutex_lock(&desc->rlock); |
9931 |
++ mutex_lock(&desc->wlock); |
9932 |
+ kill_urbs(desc); |
9933 |
+ |
9934 |
+ /* |
9935 |
+@@ -876,7 +892,8 @@ static int wdm_post_reset(struct usb_interface *intf) |
9936 |
+ int rv; |
9937 |
+ |
9938 |
+ rv = recover_from_urb_loss(desc); |
9939 |
+- mutex_unlock(&desc->lock); |
9940 |
++ mutex_unlock(&desc->wlock); |
9941 |
++ mutex_unlock(&desc->rlock); |
9942 |
+ return 0; |
9943 |
+ } |
9944 |
+ |
9945 |
+diff --git a/drivers/usb/dwc3/ep0.c b/drivers/usb/dwc3/ep0.c |
9946 |
+index 69a4e43..27bd50a 100644 |
9947 |
+--- a/drivers/usb/dwc3/ep0.c |
9948 |
++++ b/drivers/usb/dwc3/ep0.c |
9949 |
+@@ -149,20 +149,14 @@ static int __dwc3_gadget_ep0_queue(struct dwc3_ep *dep, |
9950 |
+ |
9951 |
+ direction = !!(dep->flags & DWC3_EP0_DIR_IN); |
9952 |
+ |
9953 |
+- if (dwc->ep0state == EP0_STATUS_PHASE) { |
9954 |
+- type = dwc->three_stage_setup |
9955 |
+- ? DWC3_TRBCTL_CONTROL_STATUS3 |
9956 |
+- : DWC3_TRBCTL_CONTROL_STATUS2; |
9957 |
+- } else if (dwc->ep0state == EP0_DATA_PHASE) { |
9958 |
+- type = DWC3_TRBCTL_CONTROL_DATA; |
9959 |
+- } else { |
9960 |
+- /* should never happen */ |
9961 |
+- WARN_ON(1); |
9962 |
++ if (dwc->ep0state != EP0_DATA_PHASE) { |
9963 |
++ dev_WARN(dwc->dev, "Unexpected pending request\n"); |
9964 |
+ return 0; |
9965 |
+ } |
9966 |
+ |
9967 |
+ ret = dwc3_ep0_start_trans(dwc, direction, |
9968 |
+- req->request.dma, req->request.length, type); |
9969 |
++ req->request.dma, req->request.length, |
9970 |
++ DWC3_TRBCTL_CONTROL_DATA); |
9971 |
+ dep->flags &= ~(DWC3_EP_PENDING_REQUEST | |
9972 |
+ DWC3_EP0_DIR_IN); |
9973 |
+ } |
9974 |
+diff --git a/drivers/usb/gadget/langwell_udc.c b/drivers/usb/gadget/langwell_udc.c |
9975 |
+index c9fa3bf..6ad0ad6 100644 |
9976 |
+--- a/drivers/usb/gadget/langwell_udc.c |
9977 |
++++ b/drivers/usb/gadget/langwell_udc.c |
9978 |
+@@ -1522,8 +1522,7 @@ static void langwell_udc_stop(struct langwell_udc *dev) |
9979 |
+ |
9980 |
+ |
9981 |
+ /* stop all USB activities */ |
9982 |
+-static void stop_activity(struct langwell_udc *dev, |
9983 |
+- struct usb_gadget_driver *driver) |
9984 |
++static void stop_activity(struct langwell_udc *dev) |
9985 |
+ { |
9986 |
+ struct langwell_ep *ep; |
9987 |
+ dev_dbg(&dev->pdev->dev, "---> %s()\n", __func__); |
9988 |
+@@ -1535,9 +1534,9 @@ static void stop_activity(struct langwell_udc *dev, |
9989 |
+ } |
9990 |
+ |
9991 |
+ /* report disconnect; the driver is already quiesced */ |
9992 |
+- if (driver) { |
9993 |
++ if (dev->driver) { |
9994 |
+ spin_unlock(&dev->lock); |
9995 |
+- driver->disconnect(&dev->gadget); |
9996 |
++ dev->driver->disconnect(&dev->gadget); |
9997 |
+ spin_lock(&dev->lock); |
9998 |
+ } |
9999 |
+ |
10000 |
+@@ -1925,11 +1924,10 @@ static int langwell_stop(struct usb_gadget *g, |
10001 |
+ |
10002 |
+ /* stop all usb activities */ |
10003 |
+ dev->gadget.speed = USB_SPEED_UNKNOWN; |
10004 |
+- stop_activity(dev, driver); |
10005 |
+- spin_unlock_irqrestore(&dev->lock, flags); |
10006 |
+- |
10007 |
+ dev->gadget.dev.driver = NULL; |
10008 |
+ dev->driver = NULL; |
10009 |
++ stop_activity(dev); |
10010 |
++ spin_unlock_irqrestore(&dev->lock, flags); |
10011 |
+ |
10012 |
+ device_remove_file(&dev->pdev->dev, &dev_attr_function); |
10013 |
+ |
10014 |
+@@ -2733,7 +2731,7 @@ static void handle_usb_reset(struct langwell_udc *dev) |
10015 |
+ dev->bus_reset = 1; |
10016 |
+ |
10017 |
+ /* reset all the queues, stop all USB activities */ |
10018 |
+- stop_activity(dev, dev->driver); |
10019 |
++ stop_activity(dev); |
10020 |
+ dev->usb_state = USB_STATE_DEFAULT; |
10021 |
+ } else { |
10022 |
+ dev_vdbg(&dev->pdev->dev, "device controller reset\n"); |
10023 |
+@@ -2741,7 +2739,7 @@ static void handle_usb_reset(struct langwell_udc *dev) |
10024 |
+ langwell_udc_reset(dev); |
10025 |
+ |
10026 |
+ /* reset all the queues, stop all USB activities */ |
10027 |
+- stop_activity(dev, dev->driver); |
10028 |
++ stop_activity(dev); |
10029 |
+ |
10030 |
+ /* reset ep0 dQH and endptctrl */ |
10031 |
+ ep0_reset(dev); |
10032 |
+@@ -3367,7 +3365,7 @@ static int langwell_udc_suspend(struct pci_dev *pdev, pm_message_t state) |
10033 |
+ |
10034 |
+ spin_lock_irq(&dev->lock); |
10035 |
+ /* stop all usb activities */ |
10036 |
+- stop_activity(dev, dev->driver); |
10037 |
++ stop_activity(dev); |
10038 |
+ spin_unlock_irq(&dev->lock); |
10039 |
+ |
10040 |
+ /* free dTD dma_pool and dQH */ |
10041 |
+diff --git a/drivers/usb/gadget/storage_common.c b/drivers/usb/gadget/storage_common.c |
10042 |
+index c7f291a..85ea14e 100644 |
10043 |
+--- a/drivers/usb/gadget/storage_common.c |
10044 |
++++ b/drivers/usb/gadget/storage_common.c |
10045 |
+@@ -598,16 +598,16 @@ static __maybe_unused struct usb_ss_cap_descriptor fsg_ss_cap_desc = { |
10046 |
+ | USB_5GBPS_OPERATION), |
10047 |
+ .bFunctionalitySupport = USB_LOW_SPEED_OPERATION, |
10048 |
+ .bU1devExitLat = USB_DEFAULT_U1_DEV_EXIT_LAT, |
10049 |
+- .bU2DevExitLat = USB_DEFAULT_U2_DEV_EXIT_LAT, |
10050 |
++ .bU2DevExitLat = cpu_to_le16(USB_DEFAULT_U2_DEV_EXIT_LAT), |
10051 |
+ }; |
10052 |
+ |
10053 |
+ static __maybe_unused struct usb_bos_descriptor fsg_bos_desc = { |
10054 |
+ .bLength = USB_DT_BOS_SIZE, |
10055 |
+ .bDescriptorType = USB_DT_BOS, |
10056 |
+ |
10057 |
+- .wTotalLength = USB_DT_BOS_SIZE |
10058 |
++ .wTotalLength = cpu_to_le16(USB_DT_BOS_SIZE |
10059 |
+ + USB_DT_USB_EXT_CAP_SIZE |
10060 |
+- + USB_DT_USB_SS_CAP_SIZE, |
10061 |
++ + USB_DT_USB_SS_CAP_SIZE), |
10062 |
+ |
10063 |
+ .bNumDeviceCaps = 2, |
10064 |
+ }; |
10065 |
+diff --git a/drivers/usb/host/ehci-fsl.c b/drivers/usb/host/ehci-fsl.c |
10066 |
+index e90344a..b556a72 100644 |
10067 |
+--- a/drivers/usb/host/ehci-fsl.c |
10068 |
++++ b/drivers/usb/host/ehci-fsl.c |
10069 |
+@@ -125,7 +125,7 @@ static int usb_hcd_fsl_probe(const struct hc_driver *driver, |
10070 |
+ */ |
10071 |
+ if (pdata->init && pdata->init(pdev)) { |
10072 |
+ retval = -ENODEV; |
10073 |
+- goto err3; |
10074 |
++ goto err4; |
10075 |
+ } |
10076 |
+ |
10077 |
+ /* Enable USB controller, 83xx or 8536 */ |
10078 |
+diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c |
10079 |
+index d28c586..ae92dc4 100644 |
10080 |
+--- a/drivers/usb/host/xhci-ring.c |
10081 |
++++ b/drivers/usb/host/xhci-ring.c |
10082 |
+@@ -1215,6 +1215,7 @@ static void handle_vendor_event(struct xhci_hcd *xhci, |
10083 |
+ * |
10084 |
+ * Returns a zero-based port number, which is suitable for indexing into each of |
10085 |
+ * the split roothubs' port arrays and bus state arrays. |
10086 |
++ * Add one to it in order to call xhci_find_slot_id_by_port. |
10087 |
+ */ |
10088 |
+ static unsigned int find_faked_portnum_from_hw_portnum(struct usb_hcd *hcd, |
10089 |
+ struct xhci_hcd *xhci, u32 port_id) |
10090 |
+@@ -1335,7 +1336,7 @@ static void handle_port_status(struct xhci_hcd *xhci, |
10091 |
+ xhci_set_link_state(xhci, port_array, faked_port_index, |
10092 |
+ XDEV_U0); |
10093 |
+ slot_id = xhci_find_slot_id_by_port(hcd, xhci, |
10094 |
+- faked_port_index); |
10095 |
++ faked_port_index + 1); |
10096 |
+ if (!slot_id) { |
10097 |
+ xhci_dbg(xhci, "slot_id is zero\n"); |
10098 |
+ goto cleanup; |
10099 |
+@@ -3372,7 +3373,8 @@ static int xhci_queue_isoc_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
10100 |
+ /* Check TD length */ |
10101 |
+ if (running_total != td_len) { |
10102 |
+ xhci_err(xhci, "ISOC TD length unmatch\n"); |
10103 |
+- return -EINVAL; |
10104 |
++ ret = -EINVAL; |
10105 |
++ goto cleanup; |
10106 |
+ } |
10107 |
+ } |
10108 |
+ |
10109 |
+diff --git a/drivers/usb/misc/usbsevseg.c b/drivers/usb/misc/usbsevseg.c |
10110 |
+index 417b8f2..59689fa 100644 |
10111 |
+--- a/drivers/usb/misc/usbsevseg.c |
10112 |
++++ b/drivers/usb/misc/usbsevseg.c |
10113 |
+@@ -24,7 +24,7 @@ |
10114 |
+ |
10115 |
+ #define VENDOR_ID 0x0fc5 |
10116 |
+ #define PRODUCT_ID 0x1227 |
10117 |
+-#define MAXLEN 6 |
10118 |
++#define MAXLEN 8 |
10119 |
+ |
10120 |
+ /* table of devices that work with this driver */ |
10121 |
+ static const struct usb_device_id id_table[] = { |
10122 |
+diff --git a/drivers/usb/musb/davinci.c b/drivers/usb/musb/davinci.c |
10123 |
+index f9a3f62..7c569f5 100644 |
10124 |
+--- a/drivers/usb/musb/davinci.c |
10125 |
++++ b/drivers/usb/musb/davinci.c |
10126 |
+@@ -33,9 +33,6 @@ |
10127 |
+ #include <linux/platform_device.h> |
10128 |
+ #include <linux/dma-mapping.h> |
10129 |
+ |
10130 |
+-#include <mach/hardware.h> |
10131 |
+-#include <mach/memory.h> |
10132 |
+-#include <asm/gpio.h> |
10133 |
+ #include <mach/cputype.h> |
10134 |
+ |
10135 |
+ #include <asm/mach-types.h> |
10136 |
+diff --git a/drivers/usb/serial/cp210x.c b/drivers/usb/serial/cp210x.c |
10137 |
+index a1a324b..a515237 100644 |
10138 |
+--- a/drivers/usb/serial/cp210x.c |
10139 |
++++ b/drivers/usb/serial/cp210x.c |
10140 |
+@@ -39,6 +39,8 @@ static void cp210x_get_termios(struct tty_struct *, |
10141 |
+ struct usb_serial_port *port); |
10142 |
+ static void cp210x_get_termios_port(struct usb_serial_port *port, |
10143 |
+ unsigned int *cflagp, unsigned int *baudp); |
10144 |
++static void cp210x_change_speed(struct tty_struct *, struct usb_serial_port *, |
10145 |
++ struct ktermios *); |
10146 |
+ static void cp210x_set_termios(struct tty_struct *, struct usb_serial_port *, |
10147 |
+ struct ktermios*); |
10148 |
+ static int cp210x_tiocmget(struct tty_struct *); |
10149 |
+@@ -138,6 +140,7 @@ static const struct usb_device_id id_table[] = { |
10150 |
+ { USB_DEVICE(0x1843, 0x0200) }, /* Vaisala USB Instrument Cable */ |
10151 |
+ { USB_DEVICE(0x18EF, 0xE00F) }, /* ELV USB-I2C-Interface */ |
10152 |
+ { USB_DEVICE(0x1BE3, 0x07A6) }, /* WAGO 750-923 USB Service Cable */ |
10153 |
++ { USB_DEVICE(0x3195, 0xF190) }, /* Link Instruments MSO-19 */ |
10154 |
+ { USB_DEVICE(0x413C, 0x9500) }, /* DW700 GPS USB interface */ |
10155 |
+ { } /* Terminating Entry */ |
10156 |
+ }; |
10157 |
+@@ -201,6 +204,8 @@ static struct usb_serial_driver cp210x_device = { |
10158 |
+ #define CP210X_EMBED_EVENTS 0x15 |
10159 |
+ #define CP210X_GET_EVENTSTATE 0x16 |
10160 |
+ #define CP210X_SET_CHARS 0x19 |
10161 |
++#define CP210X_GET_BAUDRATE 0x1D |
10162 |
++#define CP210X_SET_BAUDRATE 0x1E |
10163 |
+ |
10164 |
+ /* CP210X_IFC_ENABLE */ |
10165 |
+ #define UART_ENABLE 0x0001 |
10166 |
+@@ -354,8 +359,8 @@ static inline int cp210x_set_config_single(struct usb_serial_port *port, |
10167 |
+ * Quantises the baud rate as per AN205 Table 1 |
10168 |
+ */ |
10169 |
+ static unsigned int cp210x_quantise_baudrate(unsigned int baud) { |
10170 |
+- if (baud <= 56) baud = 0; |
10171 |
+- else if (baud <= 300) baud = 300; |
10172 |
++ if (baud <= 300) |
10173 |
++ baud = 300; |
10174 |
+ else if (baud <= 600) baud = 600; |
10175 |
+ else if (baud <= 1200) baud = 1200; |
10176 |
+ else if (baud <= 1800) baud = 1800; |
10177 |
+@@ -383,17 +388,15 @@ static unsigned int cp210x_quantise_baudrate(unsigned int baud) { |
10178 |
+ else if (baud <= 491520) baud = 460800; |
10179 |
+ else if (baud <= 567138) baud = 500000; |
10180 |
+ else if (baud <= 670254) baud = 576000; |
10181 |
+- else if (baud <= 1053257) baud = 921600; |
10182 |
+- else if (baud <= 1474560) baud = 1228800; |
10183 |
+- else if (baud <= 2457600) baud = 1843200; |
10184 |
+- else baud = 3686400; |
10185 |
++ else if (baud < 1000000) |
10186 |
++ baud = 921600; |
10187 |
++ else if (baud > 2000000) |
10188 |
++ baud = 2000000; |
10189 |
+ return baud; |
10190 |
+ } |
10191 |
+ |
10192 |
+ static int cp210x_open(struct tty_struct *tty, struct usb_serial_port *port) |
10193 |
+ { |
10194 |
+- int result; |
10195 |
+- |
10196 |
+ dbg("%s - port %d", __func__, port->number); |
10197 |
+ |
10198 |
+ if (cp210x_set_config_single(port, CP210X_IFC_ENABLE, UART_ENABLE)) { |
10199 |
+@@ -402,13 +405,14 @@ static int cp210x_open(struct tty_struct *tty, struct usb_serial_port *port) |
10200 |
+ return -EPROTO; |
10201 |
+ } |
10202 |
+ |
10203 |
+- result = usb_serial_generic_open(tty, port); |
10204 |
+- if (result) |
10205 |
+- return result; |
10206 |
+- |
10207 |
+ /* Configure the termios structure */ |
10208 |
+ cp210x_get_termios(tty, port); |
10209 |
+- return 0; |
10210 |
++ |
10211 |
++ /* The baud rate must be initialised on cp2104 */ |
10212 |
++ if (tty) |
10213 |
++ cp210x_change_speed(tty, port, NULL); |
10214 |
++ |
10215 |
++ return usb_serial_generic_open(tty, port); |
10216 |
+ } |
10217 |
+ |
10218 |
+ static void cp210x_close(struct usb_serial_port *port) |
10219 |
+@@ -460,10 +464,7 @@ static void cp210x_get_termios_port(struct usb_serial_port *port, |
10220 |
+ |
10221 |
+ dbg("%s - port %d", __func__, port->number); |
10222 |
+ |
10223 |
+- cp210x_get_config(port, CP210X_GET_BAUDDIV, &baud, 2); |
10224 |
+- /* Convert to baudrate */ |
10225 |
+- if (baud) |
10226 |
+- baud = cp210x_quantise_baudrate((BAUD_RATE_GEN_FREQ + baud/2)/ baud); |
10227 |
++ cp210x_get_config(port, CP210X_GET_BAUDRATE, &baud, 4); |
10228 |
+ |
10229 |
+ dbg("%s - baud rate = %d", __func__, baud); |
10230 |
+ *baudp = baud; |
10231 |
+@@ -577,11 +578,64 @@ static void cp210x_get_termios_port(struct usb_serial_port *port, |
10232 |
+ *cflagp = cflag; |
10233 |
+ } |
10234 |
+ |
10235 |
++/* |
10236 |
++ * CP2101 supports the following baud rates: |
10237 |
++ * |
10238 |
++ * 300, 600, 1200, 1800, 2400, 4800, 7200, 9600, 14400, 19200, 28800, |
10239 |
++ * 38400, 56000, 57600, 115200, 128000, 230400, 460800, 921600 |
10240 |
++ * |
10241 |
++ * CP2102 and CP2103 support the following additional rates: |
10242 |
++ * |
10243 |
++ * 4000, 16000, 51200, 64000, 76800, 153600, 250000, 256000, 500000, |
10244 |
++ * 576000 |
10245 |
++ * |
10246 |
++ * The device will map a requested rate to a supported one, but the result |
10247 |
++ * of requests for rates greater than 1053257 is undefined (see AN205). |
10248 |
++ * |
10249 |
++ * CP2104, CP2105 and CP2110 support most rates up to 2M, 921k and 1M baud, |
10250 |
++ * respectively, with an error less than 1%. The actual rates are determined |
10251 |
++ * by |
10252 |
++ * |
10253 |
++ * div = round(freq / (2 x prescale x request)) |
10254 |
++ * actual = freq / (2 x prescale x div) |
10255 |
++ * |
10256 |
++ * For CP2104 and CP2105 freq is 48Mhz and prescale is 4 for request <= 365bps |
10257 |
++ * or 1 otherwise. |
10258 |
++ * For CP2110 freq is 24Mhz and prescale is 4 for request <= 300bps or 1 |
10259 |
++ * otherwise. |
10260 |
++ */ |
10261 |
++static void cp210x_change_speed(struct tty_struct *tty, |
10262 |
++ struct usb_serial_port *port, struct ktermios *old_termios) |
10263 |
++{ |
10264 |
++ u32 baud; |
10265 |
++ |
10266 |
++ baud = tty->termios->c_ospeed; |
10267 |
++ |
10268 |
++ /* This maps the requested rate to a rate valid on cp2102 or cp2103, |
10269 |
++ * or to an arbitrary rate in [1M,2M]. |
10270 |
++ * |
10271 |
++ * NOTE: B0 is not implemented. |
10272 |
++ */ |
10273 |
++ baud = cp210x_quantise_baudrate(baud); |
10274 |
++ |
10275 |
++ dbg("%s - setting baud rate to %u", __func__, baud); |
10276 |
++ if (cp210x_set_config(port, CP210X_SET_BAUDRATE, &baud, |
10277 |
++ sizeof(baud))) { |
10278 |
++ dev_warn(&port->dev, "failed to set baud rate to %u\n", baud); |
10279 |
++ if (old_termios) |
10280 |
++ baud = old_termios->c_ospeed; |
10281 |
++ else |
10282 |
++ baud = 9600; |
10283 |
++ } |
10284 |
++ |
10285 |
++ tty_encode_baud_rate(tty, baud, baud); |
10286 |
++} |
10287 |
++ |
10288 |
+ static void cp210x_set_termios(struct tty_struct *tty, |
10289 |
+ struct usb_serial_port *port, struct ktermios *old_termios) |
10290 |
+ { |
10291 |
+ unsigned int cflag, old_cflag; |
10292 |
+- unsigned int baud = 0, bits; |
10293 |
++ unsigned int bits; |
10294 |
+ unsigned int modem_ctl[4]; |
10295 |
+ |
10296 |
+ dbg("%s - port %d", __func__, port->number); |
10297 |
+@@ -592,20 +646,9 @@ static void cp210x_set_termios(struct tty_struct *tty, |
10298 |
+ tty->termios->c_cflag &= ~CMSPAR; |
10299 |
+ cflag = tty->termios->c_cflag; |
10300 |
+ old_cflag = old_termios->c_cflag; |
10301 |
+- baud = cp210x_quantise_baudrate(tty_get_baud_rate(tty)); |
10302 |
+- |
10303 |
+- /* If the baud rate is to be updated*/ |
10304 |
+- if (baud != tty_termios_baud_rate(old_termios) && baud != 0) { |
10305 |
+- dbg("%s - Setting baud rate to %d baud", __func__, |
10306 |
+- baud); |
10307 |
+- if (cp210x_set_config_single(port, CP210X_SET_BAUDDIV, |
10308 |
+- ((BAUD_RATE_GEN_FREQ + baud/2) / baud))) { |
10309 |
+- dbg("Baud rate requested not supported by device"); |
10310 |
+- baud = tty_termios_baud_rate(old_termios); |
10311 |
+- } |
10312 |
+- } |
10313 |
+- /* Report back the resulting baud rate */ |
10314 |
+- tty_encode_baud_rate(tty, baud, baud); |
10315 |
++ |
10316 |
++ if (tty->termios->c_ospeed != old_termios->c_ospeed) |
10317 |
++ cp210x_change_speed(tty, port, old_termios); |
10318 |
+ |
10319 |
+ /* If the number of data bits is to be updated */ |
10320 |
+ if ((cflag & CSIZE) != (old_cflag & CSIZE)) { |
10321 |
+diff --git a/drivers/usb/serial/ftdi_sio.c b/drivers/usb/serial/ftdi_sio.c |
10322 |
+index ff3db5d..058b92c 100644 |
10323 |
+--- a/drivers/usb/serial/ftdi_sio.c |
10324 |
++++ b/drivers/usb/serial/ftdi_sio.c |
10325 |
+@@ -797,6 +797,7 @@ static struct usb_device_id id_table_combined [] = { |
10326 |
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
10327 |
+ { USB_DEVICE(ADI_VID, ADI_GNICEPLUS_PID), |
10328 |
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
10329 |
++ { USB_DEVICE(HORNBY_VID, HORNBY_ELITE_PID) }, |
10330 |
+ { USB_DEVICE(JETI_VID, JETI_SPC1201_PID) }, |
10331 |
+ { USB_DEVICE(MARVELL_VID, MARVELL_SHEEVAPLUG_PID), |
10332 |
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
10333 |
+@@ -805,6 +806,8 @@ static struct usb_device_id id_table_combined [] = { |
10334 |
+ { USB_DEVICE(BAYER_VID, BAYER_CONTOUR_CABLE_PID) }, |
10335 |
+ { USB_DEVICE(FTDI_VID, MARVELL_OPENRD_PID), |
10336 |
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
10337 |
++ { USB_DEVICE(FTDI_VID, TI_XDS100V2_PID), |
10338 |
++ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
10339 |
+ { USB_DEVICE(FTDI_VID, HAMEG_HO820_PID) }, |
10340 |
+ { USB_DEVICE(FTDI_VID, HAMEG_HO720_PID) }, |
10341 |
+ { USB_DEVICE(FTDI_VID, HAMEG_HO730_PID) }, |
10342 |
+@@ -841,6 +844,7 @@ static struct usb_device_id id_table_combined [] = { |
10343 |
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
10344 |
+ { USB_DEVICE(ST_VID, ST_STMCLT1030_PID), |
10345 |
+ .driver_info = (kernel_ulong_t)&ftdi_stmclite_quirk }, |
10346 |
++ { USB_DEVICE(FTDI_VID, FTDI_RF_R106) }, |
10347 |
+ { }, /* Optional parameter entry */ |
10348 |
+ { } /* Terminating entry */ |
10349 |
+ }; |
10350 |
+@@ -1333,8 +1337,7 @@ static int set_serial_info(struct tty_struct *tty, |
10351 |
+ goto check_and_exit; |
10352 |
+ } |
10353 |
+ |
10354 |
+- if ((new_serial.baud_base != priv->baud_base) && |
10355 |
+- (new_serial.baud_base < 9600)) { |
10356 |
++ if (new_serial.baud_base != priv->baud_base) { |
10357 |
+ mutex_unlock(&priv->cfg_lock); |
10358 |
+ return -EINVAL; |
10359 |
+ } |
10360 |
+@@ -1824,6 +1827,7 @@ static int ftdi_sio_port_remove(struct usb_serial_port *port) |
10361 |
+ |
10362 |
+ static int ftdi_open(struct tty_struct *tty, struct usb_serial_port *port) |
10363 |
+ { |
10364 |
++ struct ktermios dummy; |
10365 |
+ struct usb_device *dev = port->serial->dev; |
10366 |
+ struct ftdi_private *priv = usb_get_serial_port_data(port); |
10367 |
+ int result; |
10368 |
+@@ -1842,8 +1846,10 @@ static int ftdi_open(struct tty_struct *tty, struct usb_serial_port *port) |
10369 |
+ This is same behaviour as serial.c/rs_open() - Kuba */ |
10370 |
+ |
10371 |
+ /* ftdi_set_termios will send usb control messages */ |
10372 |
+- if (tty) |
10373 |
+- ftdi_set_termios(tty, port, tty->termios); |
10374 |
++ if (tty) { |
10375 |
++ memset(&dummy, 0, sizeof(dummy)); |
10376 |
++ ftdi_set_termios(tty, port, &dummy); |
10377 |
++ } |
10378 |
+ |
10379 |
+ /* Start reading from the device */ |
10380 |
+ result = usb_serial_generic_open(tty, port); |
10381 |
+diff --git a/drivers/usb/serial/ftdi_sio_ids.h b/drivers/usb/serial/ftdi_sio_ids.h |
10382 |
+index 055b64e..76d4f31 100644 |
10383 |
+--- a/drivers/usb/serial/ftdi_sio_ids.h |
10384 |
++++ b/drivers/usb/serial/ftdi_sio_ids.h |
10385 |
+@@ -39,6 +39,13 @@ |
10386 |
+ /* www.candapter.com Ewert Energy Systems CANdapter device */ |
10387 |
+ #define FTDI_CANDAPTER_PID 0x9F80 /* Product Id */ |
10388 |
+ |
10389 |
++/* |
10390 |
++ * Texas Instruments XDS100v2 JTAG / BeagleBone A3 |
10391 |
++ * http://processors.wiki.ti.com/index.php/XDS100 |
10392 |
++ * http://beagleboard.org/bone |
10393 |
++ */ |
10394 |
++#define TI_XDS100V2_PID 0xa6d0 |
10395 |
++ |
10396 |
+ #define FTDI_NXTCAM_PID 0xABB8 /* NXTCam for Mindstorms NXT */ |
10397 |
+ |
10398 |
+ /* US Interface Navigator (http://www.usinterface.com/) */ |
10399 |
+@@ -525,6 +532,12 @@ |
10400 |
+ #define ADI_GNICEPLUS_PID 0xF001 |
10401 |
+ |
10402 |
+ /* |
10403 |
++ * Hornby Elite |
10404 |
++ */ |
10405 |
++#define HORNBY_VID 0x04D8 |
10406 |
++#define HORNBY_ELITE_PID 0x000A |
10407 |
++ |
10408 |
++/* |
10409 |
+ * RATOC REX-USB60F |
10410 |
+ */ |
10411 |
+ #define RATOC_VENDOR_ID 0x0584 |
10412 |
+@@ -1168,3 +1181,9 @@ |
10413 |
+ */ |
10414 |
+ /* TagTracer MIFARE*/ |
10415 |
+ #define FTDI_ZEITCONTROL_TAGTRACE_MIFARE_PID 0xF7C0 |
10416 |
++ |
10417 |
++/* |
10418 |
++ * Rainforest Automation |
10419 |
++ */ |
10420 |
++/* ZigBee controller */ |
10421 |
++#define FTDI_RF_R106 0x8A28 |
10422 |
+diff --git a/drivers/usb/serial/io_ti.c b/drivers/usb/serial/io_ti.c |
10423 |
+index 0aac00a..8a90d58 100644 |
10424 |
+--- a/drivers/usb/serial/io_ti.c |
10425 |
++++ b/drivers/usb/serial/io_ti.c |
10426 |
+@@ -2677,15 +2677,7 @@ cleanup: |
10427 |
+ |
10428 |
+ static void edge_disconnect(struct usb_serial *serial) |
10429 |
+ { |
10430 |
+- int i; |
10431 |
+- struct edgeport_port *edge_port; |
10432 |
+- |
10433 |
+ dbg("%s", __func__); |
10434 |
+- |
10435 |
+- for (i = 0; i < serial->num_ports; ++i) { |
10436 |
+- edge_port = usb_get_serial_port_data(serial->port[i]); |
10437 |
+- edge_remove_sysfs_attrs(edge_port->port); |
10438 |
+- } |
10439 |
+ } |
10440 |
+ |
10441 |
+ static void edge_release(struct usb_serial *serial) |
10442 |
+@@ -2764,6 +2756,7 @@ static struct usb_serial_driver edgeport_1port_device = { |
10443 |
+ .disconnect = edge_disconnect, |
10444 |
+ .release = edge_release, |
10445 |
+ .port_probe = edge_create_sysfs_attrs, |
10446 |
++ .port_remove = edge_remove_sysfs_attrs, |
10447 |
+ .ioctl = edge_ioctl, |
10448 |
+ .set_termios = edge_set_termios, |
10449 |
+ .tiocmget = edge_tiocmget, |
10450 |
+@@ -2795,6 +2788,7 @@ static struct usb_serial_driver edgeport_2port_device = { |
10451 |
+ .disconnect = edge_disconnect, |
10452 |
+ .release = edge_release, |
10453 |
+ .port_probe = edge_create_sysfs_attrs, |
10454 |
++ .port_remove = edge_remove_sysfs_attrs, |
10455 |
+ .ioctl = edge_ioctl, |
10456 |
+ .set_termios = edge_set_termios, |
10457 |
+ .tiocmget = edge_tiocmget, |
10458 |
+diff --git a/drivers/usb/serial/option.c b/drivers/usb/serial/option.c |
10459 |
+index c96b6b6..2a9ed6e 100644 |
10460 |
+--- a/drivers/usb/serial/option.c |
10461 |
++++ b/drivers/usb/serial/option.c |
10462 |
+@@ -480,6 +480,10 @@ static void option_instat_callback(struct urb *urb); |
10463 |
+ #define ZD_VENDOR_ID 0x0685 |
10464 |
+ #define ZD_PRODUCT_7000 0x7000 |
10465 |
+ |
10466 |
++/* LG products */ |
10467 |
++#define LG_VENDOR_ID 0x1004 |
10468 |
++#define LG_PRODUCT_L02C 0x618f |
10469 |
++ |
10470 |
+ /* some devices interfaces need special handling due to a number of reasons */ |
10471 |
+ enum option_blacklist_reason { |
10472 |
+ OPTION_BLACKLIST_NONE = 0, |
10473 |
+@@ -1183,6 +1187,7 @@ static const struct usb_device_id option_ids[] = { |
10474 |
+ { USB_DEVICE(YUGA_VENDOR_ID, YUGA_PRODUCT_CLU526) }, |
10475 |
+ { USB_DEVICE_AND_INTERFACE_INFO(VIETTEL_VENDOR_ID, VIETTEL_PRODUCT_VT1000, 0xff, 0xff, 0xff) }, |
10476 |
+ { USB_DEVICE_AND_INTERFACE_INFO(ZD_VENDOR_ID, ZD_PRODUCT_7000, 0xff, 0xff, 0xff) }, |
10477 |
++ { USB_DEVICE(LG_VENDOR_ID, LG_PRODUCT_L02C) }, /* docomo L-02C modem */ |
10478 |
+ { } /* Terminating entry */ |
10479 |
+ }; |
10480 |
+ MODULE_DEVICE_TABLE(usb, option_ids); |
10481 |
+diff --git a/drivers/usb/serial/qcaux.c b/drivers/usb/serial/qcaux.c |
10482 |
+index 30b73e6..a348198 100644 |
10483 |
+--- a/drivers/usb/serial/qcaux.c |
10484 |
++++ b/drivers/usb/serial/qcaux.c |
10485 |
+@@ -36,6 +36,7 @@ |
10486 |
+ #define UTSTARCOM_PRODUCT_UM175_V1 0x3712 |
10487 |
+ #define UTSTARCOM_PRODUCT_UM175_V2 0x3714 |
10488 |
+ #define UTSTARCOM_PRODUCT_UM175_ALLTEL 0x3715 |
10489 |
++#define PANTECH_PRODUCT_UML190_VZW 0x3716 |
10490 |
+ #define PANTECH_PRODUCT_UML290_VZW 0x3718 |
10491 |
+ |
10492 |
+ /* CMOTECH devices */ |
10493 |
+@@ -67,7 +68,11 @@ static struct usb_device_id id_table[] = { |
10494 |
+ { USB_DEVICE_AND_INTERFACE_INFO(LG_VENDOR_ID, LG_PRODUCT_VX4400_6000, 0xff, 0xff, 0x00) }, |
10495 |
+ { USB_DEVICE_AND_INTERFACE_INFO(SANYO_VENDOR_ID, SANYO_PRODUCT_KATANA_LX, 0xff, 0xff, 0x00) }, |
10496 |
+ { USB_DEVICE_AND_INTERFACE_INFO(SAMSUNG_VENDOR_ID, SAMSUNG_PRODUCT_U520, 0xff, 0x00, 0x00) }, |
10497 |
+- { USB_DEVICE_AND_INTERFACE_INFO(UTSTARCOM_VENDOR_ID, PANTECH_PRODUCT_UML290_VZW, 0xff, 0xff, 0xff) }, |
10498 |
++ { USB_DEVICE_AND_INTERFACE_INFO(UTSTARCOM_VENDOR_ID, PANTECH_PRODUCT_UML190_VZW, 0xff, 0xff, 0xff) }, |
10499 |
++ { USB_DEVICE_AND_INTERFACE_INFO(UTSTARCOM_VENDOR_ID, PANTECH_PRODUCT_UML190_VZW, 0xff, 0xfe, 0xff) }, |
10500 |
++ { USB_DEVICE_AND_INTERFACE_INFO(UTSTARCOM_VENDOR_ID, PANTECH_PRODUCT_UML290_VZW, 0xff, 0xfd, 0xff) }, /* NMEA */ |
10501 |
++ { USB_DEVICE_AND_INTERFACE_INFO(UTSTARCOM_VENDOR_ID, PANTECH_PRODUCT_UML290_VZW, 0xff, 0xfe, 0xff) }, /* WMC */ |
10502 |
++ { USB_DEVICE_AND_INTERFACE_INFO(UTSTARCOM_VENDOR_ID, PANTECH_PRODUCT_UML290_VZW, 0xff, 0xff, 0xff) }, /* DIAG */ |
10503 |
+ { }, |
10504 |
+ }; |
10505 |
+ MODULE_DEVICE_TABLE(usb, id_table); |
10506 |
+diff --git a/drivers/usb/storage/realtek_cr.c b/drivers/usb/storage/realtek_cr.c |
10507 |
+index 0ce5f79..32c93d7 100644 |
10508 |
+--- a/drivers/usb/storage/realtek_cr.c |
10509 |
++++ b/drivers/usb/storage/realtek_cr.c |
10510 |
+@@ -791,7 +791,7 @@ static void rts51x_suspend_timer_fn(unsigned long data) |
10511 |
+ rts51x_set_stat(chip, RTS51X_STAT_SS); |
10512 |
+ /* ignore mass storage interface's children */ |
10513 |
+ pm_suspend_ignore_children(&us->pusb_intf->dev, true); |
10514 |
+- usb_autopm_put_interface(us->pusb_intf); |
10515 |
++ usb_autopm_put_interface_async(us->pusb_intf); |
10516 |
+ US_DEBUGP("%s: RTS51X_STAT_SS 01," |
10517 |
+ "intf->pm_usage_cnt:%d, power.usage:%d\n", |
10518 |
+ __func__, |
10519 |
+diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c |
10520 |
+index 2a83425..68b19ab 100644 |
10521 |
+--- a/fs/ecryptfs/crypto.c |
10522 |
++++ b/fs/ecryptfs/crypto.c |
10523 |
+@@ -417,17 +417,6 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page, |
10524 |
+ (unsigned long long)(extent_base + extent_offset), rc); |
10525 |
+ goto out; |
10526 |
+ } |
10527 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
10528 |
+- ecryptfs_printk(KERN_DEBUG, "Encrypting extent " |
10529 |
+- "with iv:\n"); |
10530 |
+- ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); |
10531 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " |
10532 |
+- "encryption:\n"); |
10533 |
+- ecryptfs_dump_hex((char *) |
10534 |
+- (page_address(page) |
10535 |
+- + (extent_offset * crypt_stat->extent_size)), |
10536 |
+- 8); |
10537 |
+- } |
10538 |
+ rc = ecryptfs_encrypt_page_offset(crypt_stat, enc_extent_page, 0, |
10539 |
+ page, (extent_offset |
10540 |
+ * crypt_stat->extent_size), |
10541 |
+@@ -440,14 +429,6 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page, |
10542 |
+ goto out; |
10543 |
+ } |
10544 |
+ rc = 0; |
10545 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
10546 |
+- ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16llx]; " |
10547 |
+- "rc = [%d]\n", |
10548 |
+- (unsigned long long)(extent_base + extent_offset), rc); |
10549 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " |
10550 |
+- "encryption:\n"); |
10551 |
+- ecryptfs_dump_hex((char *)(page_address(enc_extent_page)), 8); |
10552 |
+- } |
10553 |
+ out: |
10554 |
+ return rc; |
10555 |
+ } |
10556 |
+@@ -543,17 +524,6 @@ static int ecryptfs_decrypt_extent(struct page *page, |
10557 |
+ (unsigned long long)(extent_base + extent_offset), rc); |
10558 |
+ goto out; |
10559 |
+ } |
10560 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
10561 |
+- ecryptfs_printk(KERN_DEBUG, "Decrypting extent " |
10562 |
+- "with iv:\n"); |
10563 |
+- ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); |
10564 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " |
10565 |
+- "decryption:\n"); |
10566 |
+- ecryptfs_dump_hex((char *) |
10567 |
+- (page_address(enc_extent_page) |
10568 |
+- + (extent_offset * crypt_stat->extent_size)), |
10569 |
+- 8); |
10570 |
+- } |
10571 |
+ rc = ecryptfs_decrypt_page_offset(crypt_stat, page, |
10572 |
+ (extent_offset |
10573 |
+ * crypt_stat->extent_size), |
10574 |
+@@ -567,16 +537,6 @@ static int ecryptfs_decrypt_extent(struct page *page, |
10575 |
+ goto out; |
10576 |
+ } |
10577 |
+ rc = 0; |
10578 |
+- if (unlikely(ecryptfs_verbosity > 0)) { |
10579 |
+- ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16llx]; " |
10580 |
+- "rc = [%d]\n", |
10581 |
+- (unsigned long long)(extent_base + extent_offset), rc); |
10582 |
+- ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " |
10583 |
+- "decryption:\n"); |
10584 |
+- ecryptfs_dump_hex((char *)(page_address(page) |
10585 |
+- + (extent_offset |
10586 |
+- * crypt_stat->extent_size)), 8); |
10587 |
+- } |
10588 |
+ out: |
10589 |
+ return rc; |
10590 |
+ } |
10591 |
+@@ -1620,7 +1580,8 @@ int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry) |
10592 |
+ rc = ecryptfs_read_xattr_region(page_virt, ecryptfs_inode); |
10593 |
+ if (rc) { |
10594 |
+ printk(KERN_DEBUG "Valid eCryptfs headers not found in " |
10595 |
+- "file header region or xattr region\n"); |
10596 |
++ "file header region or xattr region, inode %lu\n", |
10597 |
++ ecryptfs_inode->i_ino); |
10598 |
+ rc = -EINVAL; |
10599 |
+ goto out; |
10600 |
+ } |
10601 |
+@@ -1629,7 +1590,8 @@ int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry) |
10602 |
+ ECRYPTFS_DONT_VALIDATE_HEADER_SIZE); |
10603 |
+ if (rc) { |
10604 |
+ printk(KERN_DEBUG "Valid eCryptfs headers not found in " |
10605 |
+- "file xattr region either\n"); |
10606 |
++ "file xattr region either, inode %lu\n", |
10607 |
++ ecryptfs_inode->i_ino); |
10608 |
+ rc = -EINVAL; |
10609 |
+ } |
10610 |
+ if (crypt_stat->mount_crypt_stat->flags |
10611 |
+@@ -1640,7 +1602,8 @@ int ecryptfs_read_metadata(struct dentry *ecryptfs_dentry) |
10612 |
+ "crypto metadata only in the extended attribute " |
10613 |
+ "region, but eCryptfs was mounted without " |
10614 |
+ "xattr support enabled. eCryptfs will not treat " |
10615 |
+- "this like an encrypted file.\n"); |
10616 |
++ "this like an encrypted file, inode %lu\n", |
10617 |
++ ecryptfs_inode->i_ino); |
10618 |
+ rc = -EINVAL; |
10619 |
+ } |
10620 |
+ } |
10621 |
+diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c |
10622 |
+index 32f90a3..d2039ca 100644 |
10623 |
+--- a/fs/ecryptfs/inode.c |
10624 |
++++ b/fs/ecryptfs/inode.c |
10625 |
+@@ -841,18 +841,6 @@ static int truncate_upper(struct dentry *dentry, struct iattr *ia, |
10626 |
+ size_t num_zeros = (PAGE_CACHE_SIZE |
10627 |
+ - (ia->ia_size & ~PAGE_CACHE_MASK)); |
10628 |
+ |
10629 |
+- |
10630 |
+- /* |
10631 |
+- * XXX(truncate) this should really happen at the begginning |
10632 |
+- * of ->setattr. But the code is too messy to that as part |
10633 |
+- * of a larger patch. ecryptfs is also totally missing out |
10634 |
+- * on the inode_change_ok check at the beginning of |
10635 |
+- * ->setattr while would include this. |
10636 |
+- */ |
10637 |
+- rc = inode_newsize_ok(inode, ia->ia_size); |
10638 |
+- if (rc) |
10639 |
+- goto out; |
10640 |
+- |
10641 |
+ if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { |
10642 |
+ truncate_setsize(inode, ia->ia_size); |
10643 |
+ lower_ia->ia_size = ia->ia_size; |
10644 |
+@@ -902,6 +890,28 @@ out: |
10645 |
+ return rc; |
10646 |
+ } |
10647 |
+ |
10648 |
++static int ecryptfs_inode_newsize_ok(struct inode *inode, loff_t offset) |
10649 |
++{ |
10650 |
++ struct ecryptfs_crypt_stat *crypt_stat; |
10651 |
++ loff_t lower_oldsize, lower_newsize; |
10652 |
++ |
10653 |
++ crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat; |
10654 |
++ lower_oldsize = upper_size_to_lower_size(crypt_stat, |
10655 |
++ i_size_read(inode)); |
10656 |
++ lower_newsize = upper_size_to_lower_size(crypt_stat, offset); |
10657 |
++ if (lower_newsize > lower_oldsize) { |
10658 |
++ /* |
10659 |
++ * The eCryptfs inode and the new *lower* size are mixed here |
10660 |
++ * because we may not have the lower i_mutex held and/or it may |
10661 |
++ * not be appropriate to call inode_newsize_ok() with inodes |
10662 |
++ * from other filesystems. |
10663 |
++ */ |
10664 |
++ return inode_newsize_ok(inode, lower_newsize); |
10665 |
++ } |
10666 |
++ |
10667 |
++ return 0; |
10668 |
++} |
10669 |
++ |
10670 |
+ /** |
10671 |
+ * ecryptfs_truncate |
10672 |
+ * @dentry: The ecryptfs layer dentry |
10673 |
+@@ -918,6 +928,10 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) |
10674 |
+ struct iattr lower_ia = { .ia_valid = 0 }; |
10675 |
+ int rc; |
10676 |
+ |
10677 |
++ rc = ecryptfs_inode_newsize_ok(dentry->d_inode, new_length); |
10678 |
++ if (rc) |
10679 |
++ return rc; |
10680 |
++ |
10681 |
+ rc = truncate_upper(dentry, &ia, &lower_ia); |
10682 |
+ if (!rc && lower_ia.ia_valid & ATTR_SIZE) { |
10683 |
+ struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry); |
10684 |
+@@ -997,6 +1011,16 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia) |
10685 |
+ } |
10686 |
+ } |
10687 |
+ mutex_unlock(&crypt_stat->cs_mutex); |
10688 |
++ |
10689 |
++ rc = inode_change_ok(inode, ia); |
10690 |
++ if (rc) |
10691 |
++ goto out; |
10692 |
++ if (ia->ia_valid & ATTR_SIZE) { |
10693 |
++ rc = ecryptfs_inode_newsize_ok(inode, ia->ia_size); |
10694 |
++ if (rc) |
10695 |
++ goto out; |
10696 |
++ } |
10697 |
++ |
10698 |
+ if (S_ISREG(inode->i_mode)) { |
10699 |
+ rc = filemap_write_and_wait(inode->i_mapping); |
10700 |
+ if (rc) |
10701 |
+diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c |
10702 |
+index 940a82e..0dc5a3d 100644 |
10703 |
+--- a/fs/ecryptfs/miscdev.c |
10704 |
++++ b/fs/ecryptfs/miscdev.c |
10705 |
+@@ -409,11 +409,47 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
10706 |
+ ssize_t sz = 0; |
10707 |
+ char *data; |
10708 |
+ uid_t euid = current_euid(); |
10709 |
++ unsigned char packet_size_peek[3]; |
10710 |
+ int rc; |
10711 |
+ |
10712 |
+- if (count == 0) |
10713 |
++ if (count == 0) { |
10714 |
+ goto out; |
10715 |
++ } else if (count == (1 + 4)) { |
10716 |
++ /* Likely a harmless MSG_HELO or MSG_QUIT - no packet length */ |
10717 |
++ goto memdup; |
10718 |
++ } else if (count < (1 + 4 + 1) |
10719 |
++ || count > (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
10720 |
++ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES)) { |
10721 |
++ printk(KERN_WARNING "%s: Acceptable packet size range is " |
10722 |
++ "[%d-%lu], but amount of data written is [%zu].", |
10723 |
++ __func__, (1 + 4 + 1), |
10724 |
++ (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
10725 |
++ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES), count); |
10726 |
++ return -EINVAL; |
10727 |
++ } |
10728 |
++ |
10729 |
++ if (copy_from_user(packet_size_peek, (buf + 1 + 4), |
10730 |
++ sizeof(packet_size_peek))) { |
10731 |
++ printk(KERN_WARNING "%s: Error while inspecting packet size\n", |
10732 |
++ __func__); |
10733 |
++ return -EFAULT; |
10734 |
++ } |
10735 |
++ |
10736 |
++ rc = ecryptfs_parse_packet_length(packet_size_peek, &packet_size, |
10737 |
++ &packet_size_length); |
10738 |
++ if (rc) { |
10739 |
++ printk(KERN_WARNING "%s: Error parsing packet length; " |
10740 |
++ "rc = [%d]\n", __func__, rc); |
10741 |
++ return rc; |
10742 |
++ } |
10743 |
++ |
10744 |
++ if ((1 + 4 + packet_size_length + packet_size) != count) { |
10745 |
++ printk(KERN_WARNING "%s: Invalid packet size [%zu]\n", __func__, |
10746 |
++ packet_size); |
10747 |
++ return -EINVAL; |
10748 |
++ } |
10749 |
+ |
10750 |
++memdup: |
10751 |
+ data = memdup_user(buf, count); |
10752 |
+ if (IS_ERR(data)) { |
10753 |
+ printk(KERN_ERR "%s: memdup_user returned error [%ld]\n", |
10754 |
+@@ -435,23 +471,7 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
10755 |
+ } |
10756 |
+ memcpy(&counter_nbo, &data[i], 4); |
10757 |
+ seq = be32_to_cpu(counter_nbo); |
10758 |
+- i += 4; |
10759 |
+- rc = ecryptfs_parse_packet_length(&data[i], &packet_size, |
10760 |
+- &packet_size_length); |
10761 |
+- if (rc) { |
10762 |
+- printk(KERN_WARNING "%s: Error parsing packet length; " |
10763 |
+- "rc = [%d]\n", __func__, rc); |
10764 |
+- goto out_free; |
10765 |
+- } |
10766 |
+- i += packet_size_length; |
10767 |
+- if ((1 + 4 + packet_size_length + packet_size) != count) { |
10768 |
+- printk(KERN_WARNING "%s: (1 + packet_size_length([%zd])" |
10769 |
+- " + packet_size([%zd]))([%zd]) != " |
10770 |
+- "count([%zd]). Invalid packet format.\n", |
10771 |
+- __func__, packet_size_length, packet_size, |
10772 |
+- (1 + packet_size_length + packet_size), count); |
10773 |
+- goto out_free; |
10774 |
+- } |
10775 |
++ i += 4 + packet_size_length; |
10776 |
+ rc = ecryptfs_miscdev_response(&data[i], packet_size, |
10777 |
+ euid, current_user_ns(), |
10778 |
+ task_pid(current), seq); |
10779 |
+diff --git a/fs/ecryptfs/read_write.c b/fs/ecryptfs/read_write.c |
10780 |
+index 3745f7c..54eb14c 100644 |
10781 |
+--- a/fs/ecryptfs/read_write.c |
10782 |
++++ b/fs/ecryptfs/read_write.c |
10783 |
+@@ -132,6 +132,11 @@ int ecryptfs_write(struct inode *ecryptfs_inode, char *data, loff_t offset, |
10784 |
+ size_t num_bytes = (PAGE_CACHE_SIZE - start_offset_in_page); |
10785 |
+ size_t total_remaining_bytes = ((offset + size) - pos); |
10786 |
+ |
10787 |
++ if (fatal_signal_pending(current)) { |
10788 |
++ rc = -EINTR; |
10789 |
++ break; |
10790 |
++ } |
10791 |
++ |
10792 |
+ if (num_bytes > total_remaining_bytes) |
10793 |
+ num_bytes = total_remaining_bytes; |
10794 |
+ if (pos < offset) { |
10795 |
+@@ -193,15 +198,19 @@ int ecryptfs_write(struct inode *ecryptfs_inode, char *data, loff_t offset, |
10796 |
+ } |
10797 |
+ pos += num_bytes; |
10798 |
+ } |
10799 |
+- if ((offset + size) > ecryptfs_file_size) { |
10800 |
+- i_size_write(ecryptfs_inode, (offset + size)); |
10801 |
++ if (pos > ecryptfs_file_size) { |
10802 |
++ i_size_write(ecryptfs_inode, pos); |
10803 |
+ if (crypt_stat->flags & ECRYPTFS_ENCRYPTED) { |
10804 |
+- rc = ecryptfs_write_inode_size_to_metadata( |
10805 |
++ int rc2; |
10806 |
++ |
10807 |
++ rc2 = ecryptfs_write_inode_size_to_metadata( |
10808 |
+ ecryptfs_inode); |
10809 |
+- if (rc) { |
10810 |
++ if (rc2) { |
10811 |
+ printk(KERN_ERR "Problem with " |
10812 |
+ "ecryptfs_write_inode_size_to_metadata; " |
10813 |
+- "rc = [%d]\n", rc); |
10814 |
++ "rc = [%d]\n", rc2); |
10815 |
++ if (!rc) |
10816 |
++ rc = rc2; |
10817 |
+ goto out; |
10818 |
+ } |
10819 |
+ } |
10820 |
+diff --git a/fs/jbd/checkpoint.c b/fs/jbd/checkpoint.c |
10821 |
+index f94fc48..5c93ffc 100644 |
10822 |
+--- a/fs/jbd/checkpoint.c |
10823 |
++++ b/fs/jbd/checkpoint.c |
10824 |
+@@ -453,8 +453,6 @@ out: |
10825 |
+ * |
10826 |
+ * Return <0 on error, 0 on success, 1 if there was nothing to clean up. |
10827 |
+ * |
10828 |
+- * Called with the journal lock held. |
10829 |
+- * |
10830 |
+ * This is the only part of the journaling code which really needs to be |
10831 |
+ * aware of transaction aborts. Checkpointing involves writing to the |
10832 |
+ * main filesystem area rather than to the journal, so it can proceed |
10833 |
+@@ -472,13 +470,14 @@ int cleanup_journal_tail(journal_t *journal) |
10834 |
+ if (is_journal_aborted(journal)) |
10835 |
+ return 1; |
10836 |
+ |
10837 |
+- /* OK, work out the oldest transaction remaining in the log, and |
10838 |
++ /* |
10839 |
++ * OK, work out the oldest transaction remaining in the log, and |
10840 |
+ * the log block it starts at. |
10841 |
+ * |
10842 |
+ * If the log is now empty, we need to work out which is the |
10843 |
+ * next transaction ID we will write, and where it will |
10844 |
+- * start. */ |
10845 |
+- |
10846 |
++ * start. |
10847 |
++ */ |
10848 |
+ spin_lock(&journal->j_state_lock); |
10849 |
+ spin_lock(&journal->j_list_lock); |
10850 |
+ transaction = journal->j_checkpoint_transactions; |
10851 |
+@@ -504,7 +503,25 @@ int cleanup_journal_tail(journal_t *journal) |
10852 |
+ spin_unlock(&journal->j_state_lock); |
10853 |
+ return 1; |
10854 |
+ } |
10855 |
++ spin_unlock(&journal->j_state_lock); |
10856 |
++ |
10857 |
++ /* |
10858 |
++ * We need to make sure that any blocks that were recently written out |
10859 |
++ * --- perhaps by log_do_checkpoint() --- are flushed out before we |
10860 |
++ * drop the transactions from the journal. It's unlikely this will be |
10861 |
++ * necessary, especially with an appropriately sized journal, but we |
10862 |
++ * need this to guarantee correctness. Fortunately |
10863 |
++ * cleanup_journal_tail() doesn't get called all that often. |
10864 |
++ */ |
10865 |
++ if (journal->j_flags & JFS_BARRIER) |
10866 |
++ blkdev_issue_flush(journal->j_fs_dev, GFP_KERNEL, NULL); |
10867 |
+ |
10868 |
++ spin_lock(&journal->j_state_lock); |
10869 |
++ if (!tid_gt(first_tid, journal->j_tail_sequence)) { |
10870 |
++ spin_unlock(&journal->j_state_lock); |
10871 |
++ /* Someone else cleaned up journal so return 0 */ |
10872 |
++ return 0; |
10873 |
++ } |
10874 |
+ /* OK, update the superblock to recover the freed space. |
10875 |
+ * Physical blocks come first: have we wrapped beyond the end of |
10876 |
+ * the log? */ |
10877 |
+diff --git a/fs/jbd/recovery.c b/fs/jbd/recovery.c |
10878 |
+index 5b43e96..008bf06 100644 |
10879 |
+--- a/fs/jbd/recovery.c |
10880 |
++++ b/fs/jbd/recovery.c |
10881 |
+@@ -20,6 +20,7 @@ |
10882 |
+ #include <linux/fs.h> |
10883 |
+ #include <linux/jbd.h> |
10884 |
+ #include <linux/errno.h> |
10885 |
++#include <linux/blkdev.h> |
10886 |
+ #endif |
10887 |
+ |
10888 |
+ /* |
10889 |
+@@ -263,6 +264,9 @@ int journal_recover(journal_t *journal) |
10890 |
+ err2 = sync_blockdev(journal->j_fs_dev); |
10891 |
+ if (!err) |
10892 |
+ err = err2; |
10893 |
++ /* Flush disk caches to get replayed data on the permanent storage */ |
10894 |
++ if (journal->j_flags & JFS_BARRIER) |
10895 |
++ blkdev_issue_flush(journal->j_fs_dev, GFP_KERNEL, NULL); |
10896 |
+ |
10897 |
+ return err; |
10898 |
+ } |
10899 |
+diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c |
10900 |
+index d4e6080b..779789a 100644 |
10901 |
+--- a/fs/sysfs/file.c |
10902 |
++++ b/fs/sysfs/file.c |
10903 |
+@@ -493,6 +493,12 @@ int sysfs_attr_ns(struct kobject *kobj, const struct attribute *attr, |
10904 |
+ const void *ns = NULL; |
10905 |
+ int err; |
10906 |
+ |
10907 |
++ if (!dir_sd) { |
10908 |
++ WARN(1, KERN_ERR "sysfs: kobject %s without dirent\n", |
10909 |
++ kobject_name(kobj)); |
10910 |
++ return -ENOENT; |
10911 |
++ } |
10912 |
++ |
10913 |
+ err = 0; |
10914 |
+ if (!sysfs_ns_type(dir_sd)) |
10915 |
+ goto out; |
10916 |
+diff --git a/fs/sysfs/inode.c b/fs/sysfs/inode.c |
10917 |
+index c81b22f..deb804b 100644 |
10918 |
+--- a/fs/sysfs/inode.c |
10919 |
++++ b/fs/sysfs/inode.c |
10920 |
+@@ -318,8 +318,11 @@ int sysfs_hash_and_remove(struct sysfs_dirent *dir_sd, const void *ns, const cha |
10921 |
+ struct sysfs_addrm_cxt acxt; |
10922 |
+ struct sysfs_dirent *sd; |
10923 |
+ |
10924 |
+- if (!dir_sd) |
10925 |
++ if (!dir_sd) { |
10926 |
++ WARN(1, KERN_WARNING "sysfs: can not remove '%s', no directory\n", |
10927 |
++ name); |
10928 |
+ return -ENOENT; |
10929 |
++ } |
10930 |
+ |
10931 |
+ sysfs_addrm_start(&acxt, dir_sd); |
10932 |
+ |
10933 |
+diff --git a/fs/xfs/xfs_vnodeops.c b/fs/xfs/xfs_vnodeops.c |
10934 |
+index ce9268a..ee98d0b 100644 |
10935 |
+--- a/fs/xfs/xfs_vnodeops.c |
10936 |
++++ b/fs/xfs/xfs_vnodeops.c |
10937 |
+@@ -131,7 +131,8 @@ xfs_readlink( |
10938 |
+ __func__, (unsigned long long) ip->i_ino, |
10939 |
+ (long long) pathlen); |
10940 |
+ ASSERT(0); |
10941 |
+- return XFS_ERROR(EFSCORRUPTED); |
10942 |
++ error = XFS_ERROR(EFSCORRUPTED); |
10943 |
++ goto out; |
10944 |
+ } |
10945 |
+ |
10946 |
+ |
10947 |
+diff --git a/include/drm/drmP.h b/include/drm/drmP.h |
10948 |
+index 1f9e951..bf4b2dc 100644 |
10949 |
+--- a/include/drm/drmP.h |
10950 |
++++ b/include/drm/drmP.h |
10951 |
+@@ -1328,6 +1328,7 @@ extern int drm_getmagic(struct drm_device *dev, void *data, |
10952 |
+ struct drm_file *file_priv); |
10953 |
+ extern int drm_authmagic(struct drm_device *dev, void *data, |
10954 |
+ struct drm_file *file_priv); |
10955 |
++extern int drm_remove_magic(struct drm_master *master, drm_magic_t magic); |
10956 |
+ |
10957 |
+ /* Cache management (drm_cache.c) */ |
10958 |
+ void drm_clflush_pages(struct page *pages[], unsigned long num_pages); |
10959 |
+diff --git a/include/net/netns/generic.h b/include/net/netns/generic.h |
10960 |
+index 3419bf5..d55f434 100644 |
10961 |
+--- a/include/net/netns/generic.h |
10962 |
++++ b/include/net/netns/generic.h |
10963 |
+@@ -41,6 +41,7 @@ static inline void *net_generic(const struct net *net, int id) |
10964 |
+ ptr = ng->ptr[id - 1]; |
10965 |
+ rcu_read_unlock(); |
10966 |
+ |
10967 |
++ BUG_ON(!ptr); |
10968 |
+ return ptr; |
10969 |
+ } |
10970 |
+ #endif |
10971 |
+diff --git a/net/caif/caif_dev.c b/net/caif/caif_dev.c |
10972 |
+index f1fa1f6..68223e4 100644 |
10973 |
+--- a/net/caif/caif_dev.c |
10974 |
++++ b/net/caif/caif_dev.c |
10975 |
+@@ -53,7 +53,6 @@ struct cfcnfg *get_cfcnfg(struct net *net) |
10976 |
+ struct caif_net *caifn; |
10977 |
+ BUG_ON(!net); |
10978 |
+ caifn = net_generic(net, caif_net_id); |
10979 |
+- BUG_ON(!caifn); |
10980 |
+ return caifn->cfg; |
10981 |
+ } |
10982 |
+ EXPORT_SYMBOL(get_cfcnfg); |
10983 |
+@@ -63,7 +62,6 @@ static struct caif_device_entry_list *caif_device_list(struct net *net) |
10984 |
+ struct caif_net *caifn; |
10985 |
+ BUG_ON(!net); |
10986 |
+ caifn = net_generic(net, caif_net_id); |
10987 |
+- BUG_ON(!caifn); |
10988 |
+ return &caifn->caifdevs; |
10989 |
+ } |
10990 |
+ |
10991 |
+@@ -92,7 +90,6 @@ static struct caif_device_entry *caif_device_alloc(struct net_device *dev) |
10992 |
+ struct caif_device_entry *caifd; |
10993 |
+ |
10994 |
+ caifdevs = caif_device_list(dev_net(dev)); |
10995 |
+- BUG_ON(!caifdevs); |
10996 |
+ |
10997 |
+ caifd = kzalloc(sizeof(*caifd), GFP_KERNEL); |
10998 |
+ if (!caifd) |
10999 |
+@@ -112,7 +109,7 @@ static struct caif_device_entry *caif_get(struct net_device *dev) |
11000 |
+ struct caif_device_entry_list *caifdevs = |
11001 |
+ caif_device_list(dev_net(dev)); |
11002 |
+ struct caif_device_entry *caifd; |
11003 |
+- BUG_ON(!caifdevs); |
11004 |
++ |
11005 |
+ list_for_each_entry_rcu(caifd, &caifdevs->list, list) { |
11006 |
+ if (caifd->netdev == dev) |
11007 |
+ return caifd; |
11008 |
+@@ -353,7 +350,7 @@ static struct notifier_block caif_device_notifier = { |
11009 |
+ static int caif_init_net(struct net *net) |
11010 |
+ { |
11011 |
+ struct caif_net *caifn = net_generic(net, caif_net_id); |
11012 |
+- BUG_ON(!caifn); |
11013 |
++ |
11014 |
+ INIT_LIST_HEAD(&caifn->caifdevs.list); |
11015 |
+ mutex_init(&caifn->caifdevs.lock); |
11016 |
+ |
11017 |
+@@ -418,7 +415,7 @@ static int __init caif_device_init(void) |
11018 |
+ { |
11019 |
+ int result; |
11020 |
+ |
11021 |
+- result = register_pernet_device(&caif_net_ops); |
11022 |
++ result = register_pernet_subsys(&caif_net_ops); |
11023 |
+ |
11024 |
+ if (result) |
11025 |
+ return result; |
11026 |
+@@ -431,7 +428,7 @@ static int __init caif_device_init(void) |
11027 |
+ |
11028 |
+ static void __exit caif_device_exit(void) |
11029 |
+ { |
11030 |
+- unregister_pernet_device(&caif_net_ops); |
11031 |
++ unregister_pernet_subsys(&caif_net_ops); |
11032 |
+ unregister_netdevice_notifier(&caif_device_notifier); |
11033 |
+ dev_remove_pack(&caif_packet_type); |
11034 |
+ } |
11035 |
+diff --git a/net/caif/cfcnfg.c b/net/caif/cfcnfg.c |
11036 |
+index 00523ec..86ff37c 100644 |
11037 |
+--- a/net/caif/cfcnfg.c |
11038 |
++++ b/net/caif/cfcnfg.c |
11039 |
+@@ -309,7 +309,6 @@ int caif_connect_client(struct net *net, struct caif_connect_request *conn_req, |
11040 |
+ int err; |
11041 |
+ struct cfctrl_link_param param; |
11042 |
+ struct cfcnfg *cfg = get_cfcnfg(net); |
11043 |
+- caif_assert(cfg != NULL); |
11044 |
+ |
11045 |
+ rcu_read_lock(); |
11046 |
+ err = caif_connect_req_to_link_param(cfg, conn_req, ¶m); |
11047 |
+diff --git a/net/core/net-sysfs.c b/net/core/net-sysfs.c |
11048 |
+index 385aefe..0329404 100644 |
11049 |
+--- a/net/core/net-sysfs.c |
11050 |
++++ b/net/core/net-sysfs.c |
11051 |
+@@ -990,9 +990,9 @@ static ssize_t store_xps_map(struct netdev_queue *queue, |
11052 |
+ nonempty = 1; |
11053 |
+ } |
11054 |
+ |
11055 |
+- if (nonempty) |
11056 |
+- RCU_INIT_POINTER(dev->xps_maps, new_dev_maps); |
11057 |
+- else { |
11058 |
++ if (nonempty) { |
11059 |
++ rcu_assign_pointer(dev->xps_maps, new_dev_maps); |
11060 |
++ } else { |
11061 |
+ kfree(new_dev_maps); |
11062 |
+ RCU_INIT_POINTER(dev->xps_maps, NULL); |
11063 |
+ } |
11064 |
+diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c |
11065 |
+index aefcd7a..0e950fd 100644 |
11066 |
+--- a/net/core/net_namespace.c |
11067 |
++++ b/net/core/net_namespace.c |
11068 |
+@@ -30,6 +30,20 @@ EXPORT_SYMBOL(init_net); |
11069 |
+ |
11070 |
+ #define INITIAL_NET_GEN_PTRS 13 /* +1 for len +2 for rcu_head */ |
11071 |
+ |
11072 |
++static unsigned int max_gen_ptrs = INITIAL_NET_GEN_PTRS; |
11073 |
++ |
11074 |
++static struct net_generic *net_alloc_generic(void) |
11075 |
++{ |
11076 |
++ struct net_generic *ng; |
11077 |
++ size_t generic_size = offsetof(struct net_generic, ptr[max_gen_ptrs]); |
11078 |
++ |
11079 |
++ ng = kzalloc(generic_size, GFP_KERNEL); |
11080 |
++ if (ng) |
11081 |
++ ng->len = max_gen_ptrs; |
11082 |
++ |
11083 |
++ return ng; |
11084 |
++} |
11085 |
++ |
11086 |
+ static int net_assign_generic(struct net *net, int id, void *data) |
11087 |
+ { |
11088 |
+ struct net_generic *ng, *old_ng; |
11089 |
+@@ -43,8 +57,7 @@ static int net_assign_generic(struct net *net, int id, void *data) |
11090 |
+ if (old_ng->len >= id) |
11091 |
+ goto assign; |
11092 |
+ |
11093 |
+- ng = kzalloc(sizeof(struct net_generic) + |
11094 |
+- id * sizeof(void *), GFP_KERNEL); |
11095 |
++ ng = net_alloc_generic(); |
11096 |
+ if (ng == NULL) |
11097 |
+ return -ENOMEM; |
11098 |
+ |
11099 |
+@@ -59,7 +72,6 @@ static int net_assign_generic(struct net *net, int id, void *data) |
11100 |
+ * the old copy for kfree after a grace period. |
11101 |
+ */ |
11102 |
+ |
11103 |
+- ng->len = id; |
11104 |
+ memcpy(&ng->ptr, &old_ng->ptr, old_ng->len * sizeof(void*)); |
11105 |
+ |
11106 |
+ rcu_assign_pointer(net->gen, ng); |
11107 |
+@@ -161,18 +173,6 @@ out_undo: |
11108 |
+ goto out; |
11109 |
+ } |
11110 |
+ |
11111 |
+-static struct net_generic *net_alloc_generic(void) |
11112 |
+-{ |
11113 |
+- struct net_generic *ng; |
11114 |
+- size_t generic_size = sizeof(struct net_generic) + |
11115 |
+- INITIAL_NET_GEN_PTRS * sizeof(void *); |
11116 |
+- |
11117 |
+- ng = kzalloc(generic_size, GFP_KERNEL); |
11118 |
+- if (ng) |
11119 |
+- ng->len = INITIAL_NET_GEN_PTRS; |
11120 |
+- |
11121 |
+- return ng; |
11122 |
+-} |
11123 |
+ |
11124 |
+ #ifdef CONFIG_NET_NS |
11125 |
+ static struct kmem_cache *net_cachep; |
11126 |
+@@ -483,6 +483,7 @@ again: |
11127 |
+ } |
11128 |
+ return error; |
11129 |
+ } |
11130 |
++ max_gen_ptrs = max_t(unsigned int, max_gen_ptrs, *ops->id); |
11131 |
+ } |
11132 |
+ error = __register_pernet_operations(list, ops); |
11133 |
+ if (error) { |
11134 |
+diff --git a/net/core/netpoll.c b/net/core/netpoll.c |
11135 |
+index cf64c1f..5d4d896 100644 |
11136 |
+--- a/net/core/netpoll.c |
11137 |
++++ b/net/core/netpoll.c |
11138 |
+@@ -763,7 +763,7 @@ int __netpoll_setup(struct netpoll *np) |
11139 |
+ } |
11140 |
+ |
11141 |
+ /* last thing to do is link it to the net device structure */ |
11142 |
+- RCU_INIT_POINTER(ndev->npinfo, npinfo); |
11143 |
++ rcu_assign_pointer(ndev->npinfo, npinfo); |
11144 |
+ |
11145 |
+ return 0; |
11146 |
+ |
11147 |
+diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c |
11148 |
+index 2ab16e1..74d321a 100644 |
11149 |
+--- a/net/decnet/dn_dev.c |
11150 |
++++ b/net/decnet/dn_dev.c |
11151 |
+@@ -388,7 +388,7 @@ static int dn_dev_insert_ifa(struct dn_dev *dn_db, struct dn_ifaddr *ifa) |
11152 |
+ } |
11153 |
+ |
11154 |
+ ifa->ifa_next = dn_db->ifa_list; |
11155 |
+- RCU_INIT_POINTER(dn_db->ifa_list, ifa); |
11156 |
++ rcu_assign_pointer(dn_db->ifa_list, ifa); |
11157 |
+ |
11158 |
+ dn_ifaddr_notify(RTM_NEWADDR, ifa); |
11159 |
+ blocking_notifier_call_chain(&dnaddr_chain, NETDEV_UP, ifa); |
11160 |
+@@ -1093,7 +1093,7 @@ static struct dn_dev *dn_dev_create(struct net_device *dev, int *err) |
11161 |
+ |
11162 |
+ memcpy(&dn_db->parms, p, sizeof(struct dn_dev_parms)); |
11163 |
+ |
11164 |
+- RCU_INIT_POINTER(dev->dn_ptr, dn_db); |
11165 |
++ rcu_assign_pointer(dev->dn_ptr, dn_db); |
11166 |
+ dn_db->dev = dev; |
11167 |
+ init_timer(&dn_db->timer); |
11168 |
+ |
11169 |
+diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c |
11170 |
+index 65f01dc..e41c40f 100644 |
11171 |
+--- a/net/ipv4/devinet.c |
11172 |
++++ b/net/ipv4/devinet.c |
11173 |
+@@ -258,7 +258,7 @@ static struct in_device *inetdev_init(struct net_device *dev) |
11174 |
+ ip_mc_up(in_dev); |
11175 |
+ |
11176 |
+ /* we can receive as soon as ip_ptr is set -- do this last */ |
11177 |
+- RCU_INIT_POINTER(dev->ip_ptr, in_dev); |
11178 |
++ rcu_assign_pointer(dev->ip_ptr, in_dev); |
11179 |
+ out: |
11180 |
+ return in_dev; |
11181 |
+ out_kfree: |
11182 |
+diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c |
11183 |
+index 37b6711..3ce23f9 100644 |
11184 |
+--- a/net/ipv4/fib_trie.c |
11185 |
++++ b/net/ipv4/fib_trie.c |
11186 |
+@@ -205,7 +205,7 @@ static inline struct tnode *node_parent_rcu(const struct rt_trie_node *node) |
11187 |
+ return (struct tnode *)(parent & ~NODE_TYPE_MASK); |
11188 |
+ } |
11189 |
+ |
11190 |
+-/* Same as RCU_INIT_POINTER |
11191 |
++/* Same as rcu_assign_pointer |
11192 |
+ * but that macro() assumes that value is a pointer. |
11193 |
+ */ |
11194 |
+ static inline void node_set_parent(struct rt_trie_node *node, struct tnode *ptr) |
11195 |
+@@ -529,7 +529,7 @@ static void tnode_put_child_reorg(struct tnode *tn, int i, struct rt_trie_node * |
11196 |
+ if (n) |
11197 |
+ node_set_parent(n, tn); |
11198 |
+ |
11199 |
+- RCU_INIT_POINTER(tn->child[i], n); |
11200 |
++ rcu_assign_pointer(tn->child[i], n); |
11201 |
+ } |
11202 |
+ |
11203 |
+ #define MAX_WORK 10 |
11204 |
+@@ -1015,7 +1015,7 @@ static void trie_rebalance(struct trie *t, struct tnode *tn) |
11205 |
+ |
11206 |
+ tp = node_parent((struct rt_trie_node *) tn); |
11207 |
+ if (!tp) |
11208 |
+- RCU_INIT_POINTER(t->trie, (struct rt_trie_node *)tn); |
11209 |
++ rcu_assign_pointer(t->trie, (struct rt_trie_node *)tn); |
11210 |
+ |
11211 |
+ tnode_free_flush(); |
11212 |
+ if (!tp) |
11213 |
+@@ -1027,7 +1027,7 @@ static void trie_rebalance(struct trie *t, struct tnode *tn) |
11214 |
+ if (IS_TNODE(tn)) |
11215 |
+ tn = (struct tnode *)resize(t, (struct tnode *)tn); |
11216 |
+ |
11217 |
+- RCU_INIT_POINTER(t->trie, (struct rt_trie_node *)tn); |
11218 |
++ rcu_assign_pointer(t->trie, (struct rt_trie_node *)tn); |
11219 |
+ tnode_free_flush(); |
11220 |
+ } |
11221 |
+ |
11222 |
+@@ -1164,7 +1164,7 @@ static struct list_head *fib_insert_node(struct trie *t, u32 key, int plen) |
11223 |
+ put_child(t, (struct tnode *)tp, cindex, |
11224 |
+ (struct rt_trie_node *)tn); |
11225 |
+ } else { |
11226 |
+- RCU_INIT_POINTER(t->trie, (struct rt_trie_node *)tn); |
11227 |
++ rcu_assign_pointer(t->trie, (struct rt_trie_node *)tn); |
11228 |
+ tp = tn; |
11229 |
+ } |
11230 |
+ } |
11231 |
+diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c |
11232 |
+index c3cc64c..c8989a7 100644 |
11233 |
+--- a/net/ipv4/igmp.c |
11234 |
++++ b/net/ipv4/igmp.c |
11235 |
+@@ -1244,7 +1244,7 @@ void ip_mc_inc_group(struct in_device *in_dev, __be32 addr) |
11236 |
+ |
11237 |
+ im->next_rcu = in_dev->mc_list; |
11238 |
+ in_dev->mc_count++; |
11239 |
+- RCU_INIT_POINTER(in_dev->mc_list, im); |
11240 |
++ rcu_assign_pointer(in_dev->mc_list, im); |
11241 |
+ |
11242 |
+ #ifdef CONFIG_IP_MULTICAST |
11243 |
+ igmpv3_del_delrec(in_dev, im->multiaddr); |
11244 |
+@@ -1816,7 +1816,7 @@ int ip_mc_join_group(struct sock *sk , struct ip_mreqn *imr) |
11245 |
+ iml->next_rcu = inet->mc_list; |
11246 |
+ iml->sflist = NULL; |
11247 |
+ iml->sfmode = MCAST_EXCLUDE; |
11248 |
+- RCU_INIT_POINTER(inet->mc_list, iml); |
11249 |
++ rcu_assign_pointer(inet->mc_list, iml); |
11250 |
+ ip_mc_inc_group(in_dev, addr); |
11251 |
+ err = 0; |
11252 |
+ done: |
11253 |
+@@ -2003,7 +2003,7 @@ int ip_mc_source(int add, int omode, struct sock *sk, struct |
11254 |
+ atomic_sub(IP_SFLSIZE(psl->sl_max), &sk->sk_omem_alloc); |
11255 |
+ kfree_rcu(psl, rcu); |
11256 |
+ } |
11257 |
+- RCU_INIT_POINTER(pmc->sflist, newpsl); |
11258 |
++ rcu_assign_pointer(pmc->sflist, newpsl); |
11259 |
+ psl = newpsl; |
11260 |
+ } |
11261 |
+ rv = 1; /* > 0 for insert logic below if sl_count is 0 */ |
11262 |
+@@ -2106,7 +2106,7 @@ int ip_mc_msfilter(struct sock *sk, struct ip_msfilter *msf, int ifindex) |
11263 |
+ } else |
11264 |
+ (void) ip_mc_del_src(in_dev, &msf->imsf_multiaddr, pmc->sfmode, |
11265 |
+ 0, NULL, 0); |
11266 |
+- RCU_INIT_POINTER(pmc->sflist, newpsl); |
11267 |
++ rcu_assign_pointer(pmc->sflist, newpsl); |
11268 |
+ pmc->sfmode = msf->imsf_fmode; |
11269 |
+ err = 0; |
11270 |
+ done: |
11271 |
+diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c |
11272 |
+index 0b2e732..17ad951 100644 |
11273 |
+--- a/net/ipv4/ipip.c |
11274 |
++++ b/net/ipv4/ipip.c |
11275 |
+@@ -231,7 +231,7 @@ static void ipip_tunnel_unlink(struct ipip_net *ipn, struct ip_tunnel *t) |
11276 |
+ (iter = rtnl_dereference(*tp)) != NULL; |
11277 |
+ tp = &iter->next) { |
11278 |
+ if (t == iter) { |
11279 |
+- RCU_INIT_POINTER(*tp, t->next); |
11280 |
++ rcu_assign_pointer(*tp, t->next); |
11281 |
+ break; |
11282 |
+ } |
11283 |
+ } |
11284 |
+@@ -241,8 +241,8 @@ static void ipip_tunnel_link(struct ipip_net *ipn, struct ip_tunnel *t) |
11285 |
+ { |
11286 |
+ struct ip_tunnel __rcu **tp = ipip_bucket(ipn, t); |
11287 |
+ |
11288 |
+- RCU_INIT_POINTER(t->next, rtnl_dereference(*tp)); |
11289 |
+- RCU_INIT_POINTER(*tp, t); |
11290 |
++ rcu_assign_pointer(t->next, rtnl_dereference(*tp)); |
11291 |
++ rcu_assign_pointer(*tp, t); |
11292 |
+ } |
11293 |
+ |
11294 |
+ static struct ip_tunnel * ipip_tunnel_locate(struct net *net, |
11295 |
+@@ -792,7 +792,7 @@ static int __net_init ipip_fb_tunnel_init(struct net_device *dev) |
11296 |
+ return -ENOMEM; |
11297 |
+ |
11298 |
+ dev_hold(dev); |
11299 |
+- RCU_INIT_POINTER(ipn->tunnels_wc[0], tunnel); |
11300 |
++ rcu_assign_pointer(ipn->tunnels_wc[0], tunnel); |
11301 |
+ return 0; |
11302 |
+ } |
11303 |
+ |
11304 |
+diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c |
11305 |
+index 76a7f07..d2aae27 100644 |
11306 |
+--- a/net/ipv4/ipmr.c |
11307 |
++++ b/net/ipv4/ipmr.c |
11308 |
+@@ -1225,7 +1225,7 @@ int ip_mroute_setsockopt(struct sock *sk, int optname, char __user *optval, unsi |
11309 |
+ |
11310 |
+ ret = ip_ra_control(sk, 1, mrtsock_destruct); |
11311 |
+ if (ret == 0) { |
11312 |
+- RCU_INIT_POINTER(mrt->mroute_sk, sk); |
11313 |
++ rcu_assign_pointer(mrt->mroute_sk, sk); |
11314 |
+ IPV4_DEVCONF_ALL(net, MC_FORWARDING)++; |
11315 |
+ } |
11316 |
+ rtnl_unlock(); |
11317 |
+diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c |
11318 |
+index a9db4b1..c89e354 100644 |
11319 |
+--- a/net/ipv4/tcp_ipv4.c |
11320 |
++++ b/net/ipv4/tcp_ipv4.c |
11321 |
+@@ -630,7 +630,7 @@ static void tcp_v4_send_reset(struct sock *sk, struct sk_buff *skb) |
11322 |
+ arg.iov[0].iov_len = sizeof(rep.th); |
11323 |
+ |
11324 |
+ #ifdef CONFIG_TCP_MD5SIG |
11325 |
+- key = sk ? tcp_v4_md5_do_lookup(sk, ip_hdr(skb)->daddr) : NULL; |
11326 |
++ key = sk ? tcp_v4_md5_do_lookup(sk, ip_hdr(skb)->saddr) : NULL; |
11327 |
+ if (key) { |
11328 |
+ rep.opt[0] = htonl((TCPOPT_NOP << 24) | |
11329 |
+ (TCPOPT_NOP << 16) | |
11330 |
+diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c |
11331 |
+index 63170e2..097e0c7 100644 |
11332 |
+--- a/net/ipv4/tcp_output.c |
11333 |
++++ b/net/ipv4/tcp_output.c |
11334 |
+@@ -1138,11 +1138,9 @@ int tcp_trim_head(struct sock *sk, struct sk_buff *skb, u32 len) |
11335 |
+ sk_mem_uncharge(sk, len); |
11336 |
+ sock_set_flag(sk, SOCK_QUEUE_SHRUNK); |
11337 |
+ |
11338 |
+- /* Any change of skb->len requires recalculation of tso |
11339 |
+- * factor and mss. |
11340 |
+- */ |
11341 |
++ /* Any change of skb->len requires recalculation of tso factor. */ |
11342 |
+ if (tcp_skb_pcount(skb) > 1) |
11343 |
+- tcp_set_skb_tso_segs(sk, skb, tcp_current_mss(sk)); |
11344 |
++ tcp_set_skb_tso_segs(sk, skb, tcp_skb_mss(skb)); |
11345 |
+ |
11346 |
+ return 0; |
11347 |
+ } |
11348 |
+diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c |
11349 |
+index 36806de..836c4ea 100644 |
11350 |
+--- a/net/ipv6/addrconf.c |
11351 |
++++ b/net/ipv6/addrconf.c |
11352 |
+@@ -429,7 +429,7 @@ static struct inet6_dev * ipv6_add_dev(struct net_device *dev) |
11353 |
+ ndev->tstamp = jiffies; |
11354 |
+ addrconf_sysctl_register(ndev); |
11355 |
+ /* protected by rtnl_lock */ |
11356 |
+- RCU_INIT_POINTER(dev->ip6_ptr, ndev); |
11357 |
++ rcu_assign_pointer(dev->ip6_ptr, ndev); |
11358 |
+ |
11359 |
+ /* Join all-node multicast group */ |
11360 |
+ ipv6_dev_mc_inc(dev, &in6addr_linklocal_allnodes); |
11361 |
+diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c |
11362 |
+index 4e2e9ff..d19f499 100644 |
11363 |
+--- a/net/ipv6/ip6_tunnel.c |
11364 |
++++ b/net/ipv6/ip6_tunnel.c |
11365 |
+@@ -218,8 +218,8 @@ ip6_tnl_link(struct ip6_tnl_net *ip6n, struct ip6_tnl *t) |
11366 |
+ { |
11367 |
+ struct ip6_tnl __rcu **tp = ip6_tnl_bucket(ip6n, &t->parms); |
11368 |
+ |
11369 |
+- RCU_INIT_POINTER(t->next , rtnl_dereference(*tp)); |
11370 |
+- RCU_INIT_POINTER(*tp, t); |
11371 |
++ rcu_assign_pointer(t->next , rtnl_dereference(*tp)); |
11372 |
++ rcu_assign_pointer(*tp, t); |
11373 |
+ } |
11374 |
+ |
11375 |
+ /** |
11376 |
+@@ -237,7 +237,7 @@ ip6_tnl_unlink(struct ip6_tnl_net *ip6n, struct ip6_tnl *t) |
11377 |
+ (iter = rtnl_dereference(*tp)) != NULL; |
11378 |
+ tp = &iter->next) { |
11379 |
+ if (t == iter) { |
11380 |
+- RCU_INIT_POINTER(*tp, t->next); |
11381 |
++ rcu_assign_pointer(*tp, t->next); |
11382 |
+ break; |
11383 |
+ } |
11384 |
+ } |
11385 |
+@@ -1450,7 +1450,7 @@ static int __net_init ip6_fb_tnl_dev_init(struct net_device *dev) |
11386 |
+ |
11387 |
+ t->parms.proto = IPPROTO_IPV6; |
11388 |
+ dev_hold(dev); |
11389 |
+- RCU_INIT_POINTER(ip6n->tnls_wc[0], t); |
11390 |
++ rcu_assign_pointer(ip6n->tnls_wc[0], t); |
11391 |
+ return 0; |
11392 |
+ } |
11393 |
+ |
11394 |
+diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c |
11395 |
+index 331af3b..361ebf3 100644 |
11396 |
+--- a/net/ipv6/raw.c |
11397 |
++++ b/net/ipv6/raw.c |
11398 |
+@@ -131,7 +131,7 @@ static mh_filter_t __rcu *mh_filter __read_mostly; |
11399 |
+ |
11400 |
+ int rawv6_mh_filter_register(mh_filter_t filter) |
11401 |
+ { |
11402 |
+- RCU_INIT_POINTER(mh_filter, filter); |
11403 |
++ rcu_assign_pointer(mh_filter, filter); |
11404 |
+ return 0; |
11405 |
+ } |
11406 |
+ EXPORT_SYMBOL(rawv6_mh_filter_register); |
11407 |
+diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c |
11408 |
+index 96f3623..72a939d 100644 |
11409 |
+--- a/net/ipv6/sit.c |
11410 |
++++ b/net/ipv6/sit.c |
11411 |
+@@ -182,7 +182,7 @@ static void ipip6_tunnel_unlink(struct sit_net *sitn, struct ip_tunnel *t) |
11412 |
+ (iter = rtnl_dereference(*tp)) != NULL; |
11413 |
+ tp = &iter->next) { |
11414 |
+ if (t == iter) { |
11415 |
+- RCU_INIT_POINTER(*tp, t->next); |
11416 |
++ rcu_assign_pointer(*tp, t->next); |
11417 |
+ break; |
11418 |
+ } |
11419 |
+ } |
11420 |
+@@ -192,8 +192,8 @@ static void ipip6_tunnel_link(struct sit_net *sitn, struct ip_tunnel *t) |
11421 |
+ { |
11422 |
+ struct ip_tunnel __rcu **tp = ipip6_bucket(sitn, t); |
11423 |
+ |
11424 |
+- RCU_INIT_POINTER(t->next, rtnl_dereference(*tp)); |
11425 |
+- RCU_INIT_POINTER(*tp, t); |
11426 |
++ rcu_assign_pointer(t->next, rtnl_dereference(*tp)); |
11427 |
++ rcu_assign_pointer(*tp, t); |
11428 |
+ } |
11429 |
+ |
11430 |
+ static void ipip6_tunnel_clone_6rd(struct net_device *dev, struct sit_net *sitn) |
11431 |
+@@ -393,7 +393,7 @@ ipip6_tunnel_add_prl(struct ip_tunnel *t, struct ip_tunnel_prl *a, int chg) |
11432 |
+ p->addr = a->addr; |
11433 |
+ p->flags = a->flags; |
11434 |
+ t->prl_count++; |
11435 |
+- RCU_INIT_POINTER(t->prl, p); |
11436 |
++ rcu_assign_pointer(t->prl, p); |
11437 |
+ out: |
11438 |
+ return err; |
11439 |
+ } |
11440 |
+@@ -1177,7 +1177,7 @@ static int __net_init ipip6_fb_tunnel_init(struct net_device *dev) |
11441 |
+ if (!dev->tstats) |
11442 |
+ return -ENOMEM; |
11443 |
+ dev_hold(dev); |
11444 |
+- RCU_INIT_POINTER(sitn->tunnels_wc[0], tunnel); |
11445 |
++ rcu_assign_pointer(sitn->tunnels_wc[0], tunnel); |
11446 |
+ return 0; |
11447 |
+ } |
11448 |
+ |
11449 |
+diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c |
11450 |
+index 2dea4bb..b859e4a 100644 |
11451 |
+--- a/net/ipv6/tcp_ipv6.c |
11452 |
++++ b/net/ipv6/tcp_ipv6.c |
11453 |
+@@ -1084,7 +1084,7 @@ static void tcp_v6_send_reset(struct sock *sk, struct sk_buff *skb) |
11454 |
+ |
11455 |
+ #ifdef CONFIG_TCP_MD5SIG |
11456 |
+ if (sk) |
11457 |
+- key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr); |
11458 |
++ key = tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr); |
11459 |
+ #endif |
11460 |
+ |
11461 |
+ if (th->ack) |
11462 |
+diff --git a/net/l2tp/l2tp_ip.c b/net/l2tp/l2tp_ip.c |
11463 |
+index d21e7eb..55670ec 100644 |
11464 |
+--- a/net/l2tp/l2tp_ip.c |
11465 |
++++ b/net/l2tp/l2tp_ip.c |
11466 |
+@@ -393,11 +393,6 @@ static int l2tp_ip_backlog_recv(struct sock *sk, struct sk_buff *skb) |
11467 |
+ { |
11468 |
+ int rc; |
11469 |
+ |
11470 |
+- if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb)) |
11471 |
+- goto drop; |
11472 |
+- |
11473 |
+- nf_reset(skb); |
11474 |
+- |
11475 |
+ /* Charge it to the socket, dropping if the queue is full. */ |
11476 |
+ rc = sock_queue_rcv_skb(sk, skb); |
11477 |
+ if (rc < 0) |
11478 |
+diff --git a/net/mac80211/agg-rx.c b/net/mac80211/agg-rx.c |
11479 |
+index 93b2434..41c2310 100644 |
11480 |
+--- a/net/mac80211/agg-rx.c |
11481 |
++++ b/net/mac80211/agg-rx.c |
11482 |
+@@ -326,7 +326,7 @@ void ieee80211_process_addba_request(struct ieee80211_local *local, |
11483 |
+ status = WLAN_STATUS_SUCCESS; |
11484 |
+ |
11485 |
+ /* activate it for RX */ |
11486 |
+- RCU_INIT_POINTER(sta->ampdu_mlme.tid_rx[tid], tid_agg_rx); |
11487 |
++ rcu_assign_pointer(sta->ampdu_mlme.tid_rx[tid], tid_agg_rx); |
11488 |
+ |
11489 |
+ if (timeout) |
11490 |
+ mod_timer(&tid_agg_rx->session_timer, TU_TO_EXP_TIME(timeout)); |
11491 |
+diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c |
11492 |
+index d06c65f..11cee76 100644 |
11493 |
+--- a/net/mac80211/cfg.c |
11494 |
++++ b/net/mac80211/cfg.c |
11495 |
+@@ -575,7 +575,7 @@ static int ieee80211_config_beacon(struct ieee80211_sub_if_data *sdata, |
11496 |
+ |
11497 |
+ sdata->vif.bss_conf.dtim_period = new->dtim_period; |
11498 |
+ |
11499 |
+- RCU_INIT_POINTER(sdata->u.ap.beacon, new); |
11500 |
++ rcu_assign_pointer(sdata->u.ap.beacon, new); |
11501 |
+ |
11502 |
+ synchronize_rcu(); |
11503 |
+ |
11504 |
+@@ -922,7 +922,7 @@ static int ieee80211_change_station(struct wiphy *wiphy, |
11505 |
+ return -EBUSY; |
11506 |
+ } |
11507 |
+ |
11508 |
+- RCU_INIT_POINTER(vlansdata->u.vlan.sta, sta); |
11509 |
++ rcu_assign_pointer(vlansdata->u.vlan.sta, sta); |
11510 |
+ } |
11511 |
+ |
11512 |
+ sta->sdata = vlansdata; |
11513 |
+diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c |
11514 |
+index ede9a8b..3ece106 100644 |
11515 |
+--- a/net/mac80211/ibss.c |
11516 |
++++ b/net/mac80211/ibss.c |
11517 |
+@@ -184,7 +184,7 @@ static void __ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, |
11518 |
+ *pos++ = 0; /* U-APSD no in use */ |
11519 |
+ } |
11520 |
+ |
11521 |
+- RCU_INIT_POINTER(ifibss->presp, skb); |
11522 |
++ rcu_assign_pointer(ifibss->presp, skb); |
11523 |
+ |
11524 |
+ sdata->vif.bss_conf.beacon_int = beacon_int; |
11525 |
+ sdata->vif.bss_conf.basic_rates = basic_rates; |
11526 |
+diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c |
11527 |
+index b1b1bb3..9da8626 100644 |
11528 |
+--- a/net/mac80211/mlme.c |
11529 |
++++ b/net/mac80211/mlme.c |
11530 |
+@@ -2719,7 +2719,6 @@ int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata, |
11531 |
+ { |
11532 |
+ struct ieee80211_local *local = sdata->local; |
11533 |
+ struct ieee80211_if_managed *ifmgd = &sdata->u.mgd; |
11534 |
+- struct ieee80211_work *wk; |
11535 |
+ u8 bssid[ETH_ALEN]; |
11536 |
+ bool assoc_bss = false; |
11537 |
+ |
11538 |
+@@ -2732,30 +2731,47 @@ int ieee80211_mgd_deauth(struct ieee80211_sub_if_data *sdata, |
11539 |
+ assoc_bss = true; |
11540 |
+ } else { |
11541 |
+ bool not_auth_yet = false; |
11542 |
++ struct ieee80211_work *tmp, *wk = NULL; |
11543 |
+ |
11544 |
+ mutex_unlock(&ifmgd->mtx); |
11545 |
+ |
11546 |
+ mutex_lock(&local->mtx); |
11547 |
+- list_for_each_entry(wk, &local->work_list, list) { |
11548 |
+- if (wk->sdata != sdata) |
11549 |
++ list_for_each_entry(tmp, &local->work_list, list) { |
11550 |
++ if (tmp->sdata != sdata) |
11551 |
+ continue; |
11552 |
+ |
11553 |
+- if (wk->type != IEEE80211_WORK_DIRECT_PROBE && |
11554 |
+- wk->type != IEEE80211_WORK_AUTH && |
11555 |
+- wk->type != IEEE80211_WORK_ASSOC && |
11556 |
+- wk->type != IEEE80211_WORK_ASSOC_BEACON_WAIT) |
11557 |
++ if (tmp->type != IEEE80211_WORK_DIRECT_PROBE && |
11558 |
++ tmp->type != IEEE80211_WORK_AUTH && |
11559 |
++ tmp->type != IEEE80211_WORK_ASSOC && |
11560 |
++ tmp->type != IEEE80211_WORK_ASSOC_BEACON_WAIT) |
11561 |
+ continue; |
11562 |
+ |
11563 |
+- if (memcmp(req->bss->bssid, wk->filter_ta, ETH_ALEN)) |
11564 |
++ if (memcmp(req->bss->bssid, tmp->filter_ta, ETH_ALEN)) |
11565 |
+ continue; |
11566 |
+ |
11567 |
+- not_auth_yet = wk->type == IEEE80211_WORK_DIRECT_PROBE; |
11568 |
+- list_del_rcu(&wk->list); |
11569 |
+- free_work(wk); |
11570 |
++ not_auth_yet = tmp->type == IEEE80211_WORK_DIRECT_PROBE; |
11571 |
++ list_del_rcu(&tmp->list); |
11572 |
++ synchronize_rcu(); |
11573 |
++ wk = tmp; |
11574 |
+ break; |
11575 |
+ } |
11576 |
+ mutex_unlock(&local->mtx); |
11577 |
+ |
11578 |
++ if (wk && wk->type == IEEE80211_WORK_ASSOC) { |
11579 |
++ /* clean up dummy sta & TX sync */ |
11580 |
++ sta_info_destroy_addr(wk->sdata, wk->filter_ta); |
11581 |
++ if (wk->assoc.synced) |
11582 |
++ drv_finish_tx_sync(local, wk->sdata, |
11583 |
++ wk->filter_ta, |
11584 |
++ IEEE80211_TX_SYNC_ASSOC); |
11585 |
++ } else if (wk && wk->type == IEEE80211_WORK_AUTH) { |
11586 |
++ if (wk->probe_auth.synced) |
11587 |
++ drv_finish_tx_sync(local, wk->sdata, |
11588 |
++ wk->filter_ta, |
11589 |
++ IEEE80211_TX_SYNC_AUTH); |
11590 |
++ } |
11591 |
++ kfree(wk); |
11592 |
++ |
11593 |
+ /* |
11594 |
+ * If somebody requests authentication and we haven't |
11595 |
+ * sent out an auth frame yet there's no need to send |
11596 |
+diff --git a/net/mac80211/sta_info.c b/net/mac80211/sta_info.c |
11597 |
+index 8eaa746..1fdd8ff 100644 |
11598 |
+--- a/net/mac80211/sta_info.c |
11599 |
++++ b/net/mac80211/sta_info.c |
11600 |
+@@ -73,7 +73,7 @@ static int sta_info_hash_del(struct ieee80211_local *local, |
11601 |
+ if (!s) |
11602 |
+ return -ENOENT; |
11603 |
+ if (s == sta) { |
11604 |
+- RCU_INIT_POINTER(local->sta_hash[STA_HASH(sta->sta.addr)], |
11605 |
++ rcu_assign_pointer(local->sta_hash[STA_HASH(sta->sta.addr)], |
11606 |
+ s->hnext); |
11607 |
+ return 0; |
11608 |
+ } |
11609 |
+@@ -83,7 +83,7 @@ static int sta_info_hash_del(struct ieee80211_local *local, |
11610 |
+ s = rcu_dereference_protected(s->hnext, |
11611 |
+ lockdep_is_held(&local->sta_lock)); |
11612 |
+ if (rcu_access_pointer(s->hnext)) { |
11613 |
+- RCU_INIT_POINTER(s->hnext, sta->hnext); |
11614 |
++ rcu_assign_pointer(s->hnext, sta->hnext); |
11615 |
+ return 0; |
11616 |
+ } |
11617 |
+ |
11618 |
+@@ -232,7 +232,7 @@ static void sta_info_hash_add(struct ieee80211_local *local, |
11619 |
+ struct sta_info *sta) |
11620 |
+ { |
11621 |
+ sta->hnext = local->sta_hash[STA_HASH(sta->sta.addr)]; |
11622 |
+- RCU_INIT_POINTER(local->sta_hash[STA_HASH(sta->sta.addr)], sta); |
11623 |
++ rcu_assign_pointer(local->sta_hash[STA_HASH(sta->sta.addr)], sta); |
11624 |
+ } |
11625 |
+ |
11626 |
+ static void sta_unblock(struct work_struct *wk) |
11627 |
+diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c |
11628 |
+index 7202b06..1d15193 100644 |
11629 |
+--- a/net/netfilter/nf_conntrack_core.c |
11630 |
++++ b/net/netfilter/nf_conntrack_core.c |
11631 |
+@@ -776,7 +776,7 @@ init_conntrack(struct net *net, struct nf_conn *tmpl, |
11632 |
+ if (exp->helper) { |
11633 |
+ help = nf_ct_helper_ext_add(ct, GFP_ATOMIC); |
11634 |
+ if (help) |
11635 |
+- RCU_INIT_POINTER(help->helper, exp->helper); |
11636 |
++ rcu_assign_pointer(help->helper, exp->helper); |
11637 |
+ } |
11638 |
+ |
11639 |
+ #ifdef CONFIG_NF_CONNTRACK_MARK |
11640 |
+diff --git a/net/netfilter/nf_conntrack_ecache.c b/net/netfilter/nf_conntrack_ecache.c |
11641 |
+index b62c414..14af632 100644 |
11642 |
+--- a/net/netfilter/nf_conntrack_ecache.c |
11643 |
++++ b/net/netfilter/nf_conntrack_ecache.c |
11644 |
+@@ -91,7 +91,7 @@ int nf_conntrack_register_notifier(struct net *net, |
11645 |
+ ret = -EBUSY; |
11646 |
+ goto out_unlock; |
11647 |
+ } |
11648 |
+- RCU_INIT_POINTER(net->ct.nf_conntrack_event_cb, new); |
11649 |
++ rcu_assign_pointer(net->ct.nf_conntrack_event_cb, new); |
11650 |
+ mutex_unlock(&nf_ct_ecache_mutex); |
11651 |
+ return ret; |
11652 |
+ |
11653 |
+@@ -128,7 +128,7 @@ int nf_ct_expect_register_notifier(struct net *net, |
11654 |
+ ret = -EBUSY; |
11655 |
+ goto out_unlock; |
11656 |
+ } |
11657 |
+- RCU_INIT_POINTER(net->ct.nf_expect_event_cb, new); |
11658 |
++ rcu_assign_pointer(net->ct.nf_expect_event_cb, new); |
11659 |
+ mutex_unlock(&nf_ct_ecache_mutex); |
11660 |
+ return ret; |
11661 |
+ |
11662 |
+diff --git a/net/netfilter/nf_conntrack_extend.c b/net/netfilter/nf_conntrack_extend.c |
11663 |
+index 4605c94..641ff5f 100644 |
11664 |
+--- a/net/netfilter/nf_conntrack_extend.c |
11665 |
++++ b/net/netfilter/nf_conntrack_extend.c |
11666 |
+@@ -169,7 +169,7 @@ int nf_ct_extend_register(struct nf_ct_ext_type *type) |
11667 |
+ before updating alloc_size */ |
11668 |
+ type->alloc_size = ALIGN(sizeof(struct nf_ct_ext), type->align) |
11669 |
+ + type->len; |
11670 |
+- RCU_INIT_POINTER(nf_ct_ext_types[type->id], type); |
11671 |
++ rcu_assign_pointer(nf_ct_ext_types[type->id], type); |
11672 |
+ update_alloc_size(type); |
11673 |
+ out: |
11674 |
+ mutex_unlock(&nf_ct_ext_type_mutex); |
11675 |
+diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c |
11676 |
+index 93c4bdb..bbe23ba 100644 |
11677 |
+--- a/net/netfilter/nf_conntrack_helper.c |
11678 |
++++ b/net/netfilter/nf_conntrack_helper.c |
11679 |
+@@ -145,7 +145,7 @@ int __nf_ct_try_assign_helper(struct nf_conn *ct, struct nf_conn *tmpl, |
11680 |
+ memset(&help->help, 0, sizeof(help->help)); |
11681 |
+ } |
11682 |
+ |
11683 |
+- RCU_INIT_POINTER(help->helper, helper); |
11684 |
++ rcu_assign_pointer(help->helper, helper); |
11685 |
+ out: |
11686 |
+ return ret; |
11687 |
+ } |
11688 |
+diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c |
11689 |
+index 257e772..782cdcd 100644 |
11690 |
+--- a/net/netfilter/nf_conntrack_netlink.c |
11691 |
++++ b/net/netfilter/nf_conntrack_netlink.c |
11692 |
+@@ -1163,7 +1163,7 @@ ctnetlink_change_helper(struct nf_conn *ct, const struct nlattr * const cda[]) |
11693 |
+ return -EOPNOTSUPP; |
11694 |
+ } |
11695 |
+ |
11696 |
+- RCU_INIT_POINTER(help->helper, helper); |
11697 |
++ rcu_assign_pointer(help->helper, helper); |
11698 |
+ |
11699 |
+ return 0; |
11700 |
+ } |
11701 |
+diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c |
11702 |
+index ce0c406..957374a 100644 |
11703 |
+--- a/net/netfilter/nf_log.c |
11704 |
++++ b/net/netfilter/nf_log.c |
11705 |
+@@ -55,7 +55,7 @@ int nf_log_register(u_int8_t pf, struct nf_logger *logger) |
11706 |
+ llog = rcu_dereference_protected(nf_loggers[pf], |
11707 |
+ lockdep_is_held(&nf_log_mutex)); |
11708 |
+ if (llog == NULL) |
11709 |
+- RCU_INIT_POINTER(nf_loggers[pf], logger); |
11710 |
++ rcu_assign_pointer(nf_loggers[pf], logger); |
11711 |
+ } |
11712 |
+ |
11713 |
+ mutex_unlock(&nf_log_mutex); |
11714 |
+@@ -92,7 +92,7 @@ int nf_log_bind_pf(u_int8_t pf, const struct nf_logger *logger) |
11715 |
+ mutex_unlock(&nf_log_mutex); |
11716 |
+ return -ENOENT; |
11717 |
+ } |
11718 |
+- RCU_INIT_POINTER(nf_loggers[pf], logger); |
11719 |
++ rcu_assign_pointer(nf_loggers[pf], logger); |
11720 |
+ mutex_unlock(&nf_log_mutex); |
11721 |
+ return 0; |
11722 |
+ } |
11723 |
+@@ -250,7 +250,7 @@ static int nf_log_proc_dostring(ctl_table *table, int write, |
11724 |
+ mutex_unlock(&nf_log_mutex); |
11725 |
+ return -ENOENT; |
11726 |
+ } |
11727 |
+- RCU_INIT_POINTER(nf_loggers[tindex], logger); |
11728 |
++ rcu_assign_pointer(nf_loggers[tindex], logger); |
11729 |
+ mutex_unlock(&nf_log_mutex); |
11730 |
+ } else { |
11731 |
+ mutex_lock(&nf_log_mutex); |
11732 |
+diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c |
11733 |
+index 99ffd28..b3a7db6 100644 |
11734 |
+--- a/net/netfilter/nf_queue.c |
11735 |
++++ b/net/netfilter/nf_queue.c |
11736 |
+@@ -40,7 +40,7 @@ int nf_register_queue_handler(u_int8_t pf, const struct nf_queue_handler *qh) |
11737 |
+ else if (old) |
11738 |
+ ret = -EBUSY; |
11739 |
+ else { |
11740 |
+- RCU_INIT_POINTER(queue_handler[pf], qh); |
11741 |
++ rcu_assign_pointer(queue_handler[pf], qh); |
11742 |
+ ret = 0; |
11743 |
+ } |
11744 |
+ mutex_unlock(&queue_handler_mutex); |
11745 |
+diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c |
11746 |
+index c879c1a..b4f8d84 100644 |
11747 |
+--- a/net/netfilter/nfnetlink.c |
11748 |
++++ b/net/netfilter/nfnetlink.c |
11749 |
+@@ -59,7 +59,7 @@ int nfnetlink_subsys_register(const struct nfnetlink_subsystem *n) |
11750 |
+ nfnl_unlock(); |
11751 |
+ return -EBUSY; |
11752 |
+ } |
11753 |
+- RCU_INIT_POINTER(subsys_table[n->subsys_id], n); |
11754 |
++ rcu_assign_pointer(subsys_table[n->subsys_id], n); |
11755 |
+ nfnl_unlock(); |
11756 |
+ |
11757 |
+ return 0; |
11758 |
+@@ -210,7 +210,7 @@ static int __net_init nfnetlink_net_init(struct net *net) |
11759 |
+ if (!nfnl) |
11760 |
+ return -ENOMEM; |
11761 |
+ net->nfnl_stash = nfnl; |
11762 |
+- RCU_INIT_POINTER(net->nfnl, nfnl); |
11763 |
++ rcu_assign_pointer(net->nfnl, nfnl); |
11764 |
+ return 0; |
11765 |
+ } |
11766 |
+ |
11767 |
+diff --git a/net/netlabel/netlabel_domainhash.c b/net/netlabel/netlabel_domainhash.c |
11768 |
+index 3f905e5..e5330ed 100644 |
11769 |
+--- a/net/netlabel/netlabel_domainhash.c |
11770 |
++++ b/net/netlabel/netlabel_domainhash.c |
11771 |
+@@ -282,7 +282,7 @@ int __init netlbl_domhsh_init(u32 size) |
11772 |
+ INIT_LIST_HEAD(&hsh_tbl->tbl[iter]); |
11773 |
+ |
11774 |
+ spin_lock(&netlbl_domhsh_lock); |
11775 |
+- RCU_INIT_POINTER(netlbl_domhsh, hsh_tbl); |
11776 |
++ rcu_assign_pointer(netlbl_domhsh, hsh_tbl); |
11777 |
+ spin_unlock(&netlbl_domhsh_lock); |
11778 |
+ |
11779 |
+ return 0; |
11780 |
+@@ -330,7 +330,7 @@ int netlbl_domhsh_add(struct netlbl_dom_map *entry, |
11781 |
+ &rcu_dereference(netlbl_domhsh)->tbl[bkt]); |
11782 |
+ } else { |
11783 |
+ INIT_LIST_HEAD(&entry->list); |
11784 |
+- RCU_INIT_POINTER(netlbl_domhsh_def, entry); |
11785 |
++ rcu_assign_pointer(netlbl_domhsh_def, entry); |
11786 |
+ } |
11787 |
+ |
11788 |
+ if (entry->type == NETLBL_NLTYPE_ADDRSELECT) { |
11789 |
+diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c |
11790 |
+index e251c2c..d463f5a 100644 |
11791 |
+--- a/net/netlabel/netlabel_unlabeled.c |
11792 |
++++ b/net/netlabel/netlabel_unlabeled.c |
11793 |
+@@ -354,7 +354,7 @@ static struct netlbl_unlhsh_iface *netlbl_unlhsh_add_iface(int ifindex) |
11794 |
+ INIT_LIST_HEAD(&iface->list); |
11795 |
+ if (netlbl_unlhsh_rcu_deref(netlbl_unlhsh_def) != NULL) |
11796 |
+ goto add_iface_failure; |
11797 |
+- RCU_INIT_POINTER(netlbl_unlhsh_def, iface); |
11798 |
++ rcu_assign_pointer(netlbl_unlhsh_def, iface); |
11799 |
+ } |
11800 |
+ spin_unlock(&netlbl_unlhsh_lock); |
11801 |
+ |
11802 |
+@@ -1447,11 +1447,9 @@ int __init netlbl_unlabel_init(u32 size) |
11803 |
+ for (iter = 0; iter < hsh_tbl->size; iter++) |
11804 |
+ INIT_LIST_HEAD(&hsh_tbl->tbl[iter]); |
11805 |
+ |
11806 |
+- rcu_read_lock(); |
11807 |
+ spin_lock(&netlbl_unlhsh_lock); |
11808 |
+- RCU_INIT_POINTER(netlbl_unlhsh, hsh_tbl); |
11809 |
++ rcu_assign_pointer(netlbl_unlhsh, hsh_tbl); |
11810 |
+ spin_unlock(&netlbl_unlhsh_lock); |
11811 |
+- rcu_read_unlock(); |
11812 |
+ |
11813 |
+ register_netdevice_notifier(&netlbl_unlhsh_netdev_notifier); |
11814 |
+ |
11815 |
+diff --git a/net/phonet/af_phonet.c b/net/phonet/af_phonet.c |
11816 |
+index bf10ea8..d65f699 100644 |
11817 |
+--- a/net/phonet/af_phonet.c |
11818 |
++++ b/net/phonet/af_phonet.c |
11819 |
+@@ -480,7 +480,7 @@ int __init_or_module phonet_proto_register(unsigned int protocol, |
11820 |
+ if (proto_tab[protocol]) |
11821 |
+ err = -EBUSY; |
11822 |
+ else |
11823 |
+- RCU_INIT_POINTER(proto_tab[protocol], pp); |
11824 |
++ rcu_assign_pointer(proto_tab[protocol], pp); |
11825 |
+ mutex_unlock(&proto_tab_lock); |
11826 |
+ |
11827 |
+ return err; |
11828 |
+diff --git a/net/phonet/pn_dev.c b/net/phonet/pn_dev.c |
11829 |
+index c582761..9b9a85e 100644 |
11830 |
+--- a/net/phonet/pn_dev.c |
11831 |
++++ b/net/phonet/pn_dev.c |
11832 |
+@@ -390,7 +390,7 @@ int phonet_route_add(struct net_device *dev, u8 daddr) |
11833 |
+ daddr = daddr >> 2; |
11834 |
+ mutex_lock(&routes->lock); |
11835 |
+ if (routes->table[daddr] == NULL) { |
11836 |
+- RCU_INIT_POINTER(routes->table[daddr], dev); |
11837 |
++ rcu_assign_pointer(routes->table[daddr], dev); |
11838 |
+ dev_hold(dev); |
11839 |
+ err = 0; |
11840 |
+ } |
11841 |
+diff --git a/net/phonet/socket.c b/net/phonet/socket.c |
11842 |
+index 3f8d0b1..4c7eff3 100644 |
11843 |
+--- a/net/phonet/socket.c |
11844 |
++++ b/net/phonet/socket.c |
11845 |
+@@ -680,7 +680,7 @@ int pn_sock_bind_res(struct sock *sk, u8 res) |
11846 |
+ mutex_lock(&resource_mutex); |
11847 |
+ if (pnres.sk[res] == NULL) { |
11848 |
+ sock_hold(sk); |
11849 |
+- RCU_INIT_POINTER(pnres.sk[res], sk); |
11850 |
++ rcu_assign_pointer(pnres.sk[res], sk); |
11851 |
+ ret = 0; |
11852 |
+ } |
11853 |
+ mutex_unlock(&resource_mutex); |
11854 |
+diff --git a/net/rds/af_rds.c b/net/rds/af_rds.c |
11855 |
+index bb6ad81..424ff62 100644 |
11856 |
+--- a/net/rds/af_rds.c |
11857 |
++++ b/net/rds/af_rds.c |
11858 |
+@@ -68,7 +68,6 @@ static int rds_release(struct socket *sock) |
11859 |
+ { |
11860 |
+ struct sock *sk = sock->sk; |
11861 |
+ struct rds_sock *rs; |
11862 |
+- unsigned long flags; |
11863 |
+ |
11864 |
+ if (!sk) |
11865 |
+ goto out; |
11866 |
+@@ -94,10 +93,10 @@ static int rds_release(struct socket *sock) |
11867 |
+ rds_rdma_drop_keys(rs); |
11868 |
+ rds_notify_queue_get(rs, NULL); |
11869 |
+ |
11870 |
+- spin_lock_irqsave(&rds_sock_lock, flags); |
11871 |
++ spin_lock_bh(&rds_sock_lock); |
11872 |
+ list_del_init(&rs->rs_item); |
11873 |
+ rds_sock_count--; |
11874 |
+- spin_unlock_irqrestore(&rds_sock_lock, flags); |
11875 |
++ spin_unlock_bh(&rds_sock_lock); |
11876 |
+ |
11877 |
+ rds_trans_put(rs->rs_transport); |
11878 |
+ |
11879 |
+@@ -409,7 +408,6 @@ static const struct proto_ops rds_proto_ops = { |
11880 |
+ |
11881 |
+ static int __rds_create(struct socket *sock, struct sock *sk, int protocol) |
11882 |
+ { |
11883 |
+- unsigned long flags; |
11884 |
+ struct rds_sock *rs; |
11885 |
+ |
11886 |
+ sock_init_data(sock, sk); |
11887 |
+@@ -426,10 +424,10 @@ static int __rds_create(struct socket *sock, struct sock *sk, int protocol) |
11888 |
+ spin_lock_init(&rs->rs_rdma_lock); |
11889 |
+ rs->rs_rdma_keys = RB_ROOT; |
11890 |
+ |
11891 |
+- spin_lock_irqsave(&rds_sock_lock, flags); |
11892 |
++ spin_lock_bh(&rds_sock_lock); |
11893 |
+ list_add_tail(&rs->rs_item, &rds_sock_list); |
11894 |
+ rds_sock_count++; |
11895 |
+- spin_unlock_irqrestore(&rds_sock_lock, flags); |
11896 |
++ spin_unlock_bh(&rds_sock_lock); |
11897 |
+ |
11898 |
+ return 0; |
11899 |
+ } |
11900 |
+@@ -471,12 +469,11 @@ static void rds_sock_inc_info(struct socket *sock, unsigned int len, |
11901 |
+ { |
11902 |
+ struct rds_sock *rs; |
11903 |
+ struct rds_incoming *inc; |
11904 |
+- unsigned long flags; |
11905 |
+ unsigned int total = 0; |
11906 |
+ |
11907 |
+ len /= sizeof(struct rds_info_message); |
11908 |
+ |
11909 |
+- spin_lock_irqsave(&rds_sock_lock, flags); |
11910 |
++ spin_lock_bh(&rds_sock_lock); |
11911 |
+ |
11912 |
+ list_for_each_entry(rs, &rds_sock_list, rs_item) { |
11913 |
+ read_lock(&rs->rs_recv_lock); |
11914 |
+@@ -492,7 +489,7 @@ static void rds_sock_inc_info(struct socket *sock, unsigned int len, |
11915 |
+ read_unlock(&rs->rs_recv_lock); |
11916 |
+ } |
11917 |
+ |
11918 |
+- spin_unlock_irqrestore(&rds_sock_lock, flags); |
11919 |
++ spin_unlock_bh(&rds_sock_lock); |
11920 |
+ |
11921 |
+ lens->nr = total; |
11922 |
+ lens->each = sizeof(struct rds_info_message); |
11923 |
+@@ -504,11 +501,10 @@ static void rds_sock_info(struct socket *sock, unsigned int len, |
11924 |
+ { |
11925 |
+ struct rds_info_socket sinfo; |
11926 |
+ struct rds_sock *rs; |
11927 |
+- unsigned long flags; |
11928 |
+ |
11929 |
+ len /= sizeof(struct rds_info_socket); |
11930 |
+ |
11931 |
+- spin_lock_irqsave(&rds_sock_lock, flags); |
11932 |
++ spin_lock_bh(&rds_sock_lock); |
11933 |
+ |
11934 |
+ if (len < rds_sock_count) |
11935 |
+ goto out; |
11936 |
+@@ -529,7 +525,7 @@ out: |
11937 |
+ lens->nr = rds_sock_count; |
11938 |
+ lens->each = sizeof(struct rds_info_socket); |
11939 |
+ |
11940 |
+- spin_unlock_irqrestore(&rds_sock_lock, flags); |
11941 |
++ spin_unlock_bh(&rds_sock_lock); |
11942 |
+ } |
11943 |
+ |
11944 |
+ static void rds_exit(void) |
11945 |
+diff --git a/net/socket.c b/net/socket.c |
11946 |
+index 2877647..2dce67a 100644 |
11947 |
+--- a/net/socket.c |
11948 |
++++ b/net/socket.c |
11949 |
+@@ -2472,7 +2472,7 @@ int sock_register(const struct net_proto_family *ops) |
11950 |
+ lockdep_is_held(&net_family_lock))) |
11951 |
+ err = -EEXIST; |
11952 |
+ else { |
11953 |
+- RCU_INIT_POINTER(net_families[ops->family], ops); |
11954 |
++ rcu_assign_pointer(net_families[ops->family], ops); |
11955 |
+ err = 0; |
11956 |
+ } |
11957 |
+ spin_unlock(&net_family_lock); |
11958 |
+diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c |
11959 |
+index afb5655..db0efde 100644 |
11960 |
+--- a/net/sunrpc/auth_gss/auth_gss.c |
11961 |
++++ b/net/sunrpc/auth_gss/auth_gss.c |
11962 |
+@@ -122,7 +122,7 @@ gss_cred_set_ctx(struct rpc_cred *cred, struct gss_cl_ctx *ctx) |
11963 |
+ if (!test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags)) |
11964 |
+ return; |
11965 |
+ gss_get_ctx(ctx); |
11966 |
+- RCU_INIT_POINTER(gss_cred->gc_ctx, ctx); |
11967 |
++ rcu_assign_pointer(gss_cred->gc_ctx, ctx); |
11968 |
+ set_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags); |
11969 |
+ smp_mb__before_clear_bit(); |
11970 |
+ clear_bit(RPCAUTH_CRED_NEW, &cred->cr_flags); |
11971 |
+diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c |
11972 |
+index b595a3d..d99678a 100644 |
11973 |
+--- a/net/unix/af_unix.c |
11974 |
++++ b/net/unix/af_unix.c |
11975 |
+@@ -1915,7 +1915,7 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, |
11976 |
+ struct sk_buff *skb; |
11977 |
+ |
11978 |
+ unix_state_lock(sk); |
11979 |
+- skb = skb_dequeue(&sk->sk_receive_queue); |
11980 |
++ skb = skb_peek(&sk->sk_receive_queue); |
11981 |
+ if (skb == NULL) { |
11982 |
+ unix_sk(sk)->recursion_level = 0; |
11983 |
+ if (copied >= target) |
11984 |
+@@ -1955,11 +1955,8 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, |
11985 |
+ if (check_creds) { |
11986 |
+ /* Never glue messages from different writers */ |
11987 |
+ if ((UNIXCB(skb).pid != siocb->scm->pid) || |
11988 |
+- (UNIXCB(skb).cred != siocb->scm->cred)) { |
11989 |
+- skb_queue_head(&sk->sk_receive_queue, skb); |
11990 |
+- sk->sk_data_ready(sk, skb->len); |
11991 |
++ (UNIXCB(skb).cred != siocb->scm->cred)) |
11992 |
+ break; |
11993 |
+- } |
11994 |
+ } else { |
11995 |
+ /* Copy credentials */ |
11996 |
+ scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).cred); |
11997 |
+@@ -1974,8 +1971,6 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, |
11998 |
+ |
11999 |
+ chunk = min_t(unsigned int, skb->len, size); |
12000 |
+ if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) { |
12001 |
+- skb_queue_head(&sk->sk_receive_queue, skb); |
12002 |
+- sk->sk_data_ready(sk, skb->len); |
12003 |
+ if (copied == 0) |
12004 |
+ copied = -EFAULT; |
12005 |
+ break; |
12006 |
+@@ -1990,13 +1985,10 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, |
12007 |
+ if (UNIXCB(skb).fp) |
12008 |
+ unix_detach_fds(siocb->scm, skb); |
12009 |
+ |
12010 |
+- /* put the skb back if we didn't use it up.. */ |
12011 |
+- if (skb->len) { |
12012 |
+- skb_queue_head(&sk->sk_receive_queue, skb); |
12013 |
+- sk->sk_data_ready(sk, skb->len); |
12014 |
++ if (skb->len) |
12015 |
+ break; |
12016 |
+- } |
12017 |
+ |
12018 |
++ skb_unlink(skb, &sk->sk_receive_queue); |
12019 |
+ consume_skb(skb); |
12020 |
+ |
12021 |
+ if (siocb->scm->fp) |
12022 |
+@@ -2007,9 +1999,6 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock, |
12023 |
+ if (UNIXCB(skb).fp) |
12024 |
+ siocb->scm->fp = scm_fp_dup(UNIXCB(skb).fp); |
12025 |
+ |
12026 |
+- /* put message back and return */ |
12027 |
+- skb_queue_head(&sk->sk_receive_queue, skb); |
12028 |
+- sk->sk_data_ready(sk, skb->len); |
12029 |
+ break; |
12030 |
+ } |
12031 |
+ } while (size); |
12032 |
+diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c |
12033 |
+index d0a42df..7cae73e 100644 |
12034 |
+--- a/net/xfrm/xfrm_user.c |
12035 |
++++ b/net/xfrm/xfrm_user.c |
12036 |
+@@ -2927,7 +2927,7 @@ static int __net_init xfrm_user_net_init(struct net *net) |
12037 |
+ if (nlsk == NULL) |
12038 |
+ return -ENOMEM; |
12039 |
+ net->xfrm.nlsk_stash = nlsk; /* Don't set to NULL */ |
12040 |
+- RCU_INIT_POINTER(net->xfrm.nlsk, nlsk); |
12041 |
++ rcu_assign_pointer(net->xfrm.nlsk, nlsk); |
12042 |
+ return 0; |
12043 |
+ } |
12044 |
+ |
12045 |
+diff --git a/sound/pci/hda/hda_intel.c b/sound/pci/hda/hda_intel.c |
12046 |
+index 5b2b75b..192e6c0 100644 |
12047 |
+--- a/sound/pci/hda/hda_intel.c |
12048 |
++++ b/sound/pci/hda/hda_intel.c |
12049 |
+@@ -461,6 +461,7 @@ struct azx { |
12050 |
+ unsigned int irq_pending_warned :1; |
12051 |
+ unsigned int probing :1; /* codec probing phase */ |
12052 |
+ unsigned int snoop:1; |
12053 |
++ unsigned int align_buffer_size:1; |
12054 |
+ |
12055 |
+ /* for debugging */ |
12056 |
+ unsigned int last_cmd[AZX_MAX_CODECS]; |
12057 |
+@@ -1697,7 +1698,7 @@ static int azx_pcm_open(struct snd_pcm_substream *substream) |
12058 |
+ runtime->hw.rates = hinfo->rates; |
12059 |
+ snd_pcm_limit_hw_rates(runtime); |
12060 |
+ snd_pcm_hw_constraint_integer(runtime, SNDRV_PCM_HW_PARAM_PERIODS); |
12061 |
+- if (align_buffer_size) |
12062 |
++ if (chip->align_buffer_size) |
12063 |
+ /* constrain buffer sizes to be multiple of 128 |
12064 |
+ bytes. This is more efficient in terms of memory |
12065 |
+ access but isn't required by the HDA spec and |
12066 |
+@@ -2753,8 +2754,9 @@ static int __devinit azx_create(struct snd_card *card, struct pci_dev *pci, |
12067 |
+ } |
12068 |
+ |
12069 |
+ /* disable buffer size rounding to 128-byte multiples if supported */ |
12070 |
++ chip->align_buffer_size = align_buffer_size; |
12071 |
+ if (chip->driver_caps & AZX_DCAPS_BUFSIZE) |
12072 |
+- align_buffer_size = 0; |
12073 |
++ chip->align_buffer_size = 0; |
12074 |
+ |
12075 |
+ /* allow 64bit DMA address if supported by H/W */ |
12076 |
+ if ((gcap & ICH6_GCAP_64OK) && !pci_set_dma_mask(pci, DMA_BIT_MASK(64))) |
12077 |
+diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c |
12078 |
+index 1d07e8f..5f03c40 100644 |
12079 |
+--- a/sound/pci/hda/patch_realtek.c |
12080 |
++++ b/sound/pci/hda/patch_realtek.c |
12081 |
+@@ -5223,6 +5223,7 @@ static const struct hda_amp_list alc861_loopbacks[] = { |
12082 |
+ /* Pin config fixes */ |
12083 |
+ enum { |
12084 |
+ PINFIX_FSC_AMILO_PI1505, |
12085 |
++ PINFIX_ASUS_A6RP, |
12086 |
+ }; |
12087 |
+ |
12088 |
+ static const struct alc_fixup alc861_fixups[] = { |
12089 |
+@@ -5234,9 +5235,19 @@ static const struct alc_fixup alc861_fixups[] = { |
12090 |
+ { } |
12091 |
+ } |
12092 |
+ }, |
12093 |
++ [PINFIX_ASUS_A6RP] = { |
12094 |
++ .type = ALC_FIXUP_VERBS, |
12095 |
++ .v.verbs = (const struct hda_verb[]) { |
12096 |
++ /* node 0x0f VREF seems controlling the master output */ |
12097 |
++ { 0x0f, AC_VERB_SET_PIN_WIDGET_CONTROL, PIN_VREF50 }, |
12098 |
++ { } |
12099 |
++ }, |
12100 |
++ }, |
12101 |
+ }; |
12102 |
+ |
12103 |
+ static const struct snd_pci_quirk alc861_fixup_tbl[] = { |
12104 |
++ SND_PCI_QUIRK(0x1043, 0x1393, "ASUS A6Rp", PINFIX_ASUS_A6RP), |
12105 |
++ SND_PCI_QUIRK(0x1584, 0x2b01, "Haier W18", PINFIX_ASUS_A6RP), |
12106 |
+ SND_PCI_QUIRK(0x1734, 0x10c7, "FSC Amilo Pi1505", PINFIX_FSC_AMILO_PI1505), |
12107 |
+ {} |
12108 |
+ }; |
12109 |
+diff --git a/sound/pci/hda/patch_sigmatel.c b/sound/pci/hda/patch_sigmatel.c |
12110 |
+index f3c73a9..ccdac27 100644 |
12111 |
+--- a/sound/pci/hda/patch_sigmatel.c |
12112 |
++++ b/sound/pci/hda/patch_sigmatel.c |
12113 |
+@@ -4253,13 +4253,15 @@ static int enable_pin_detect(struct hda_codec *codec, hda_nid_t nid, |
12114 |
+ return 1; |
12115 |
+ } |
12116 |
+ |
12117 |
+-static int is_nid_hp_pin(struct auto_pin_cfg *cfg, hda_nid_t nid) |
12118 |
++static int is_nid_out_jack_pin(struct auto_pin_cfg *cfg, hda_nid_t nid) |
12119 |
+ { |
12120 |
+ int i; |
12121 |
+ for (i = 0; i < cfg->hp_outs; i++) |
12122 |
+ if (cfg->hp_pins[i] == nid) |
12123 |
+ return 1; /* nid is a HP-Out */ |
12124 |
+- |
12125 |
++ for (i = 0; i < cfg->line_outs; i++) |
12126 |
++ if (cfg->line_out_pins[i] == nid) |
12127 |
++ return 1; /* nid is a line-Out */ |
12128 |
+ return 0; /* nid is not a HP-Out */ |
12129 |
+ }; |
12130 |
+ |
12131 |
+@@ -4465,7 +4467,7 @@ static int stac92xx_init(struct hda_codec *codec) |
12132 |
+ continue; |
12133 |
+ } |
12134 |
+ |
12135 |
+- if (is_nid_hp_pin(cfg, nid)) |
12136 |
++ if (is_nid_out_jack_pin(cfg, nid)) |
12137 |
+ continue; /* already has an unsol event */ |
12138 |
+ |
12139 |
+ pinctl = snd_hda_codec_read(codec, nid, 0, |
12140 |
+@@ -4950,7 +4952,14 @@ static int find_mute_led_gpio(struct hda_codec *codec, int default_polarity) |
12141 |
+ /* BIOS bug: unfilled OEM string */ |
12142 |
+ if (strstr(dev->name, "HP_Mute_LED_P_G")) { |
12143 |
+ set_hp_led_gpio(codec); |
12144 |
+- spec->gpio_led_polarity = 1; |
12145 |
++ switch (codec->subsystem_id) { |
12146 |
++ case 0x103c148a: |
12147 |
++ spec->gpio_led_polarity = 0; |
12148 |
++ break; |
12149 |
++ default: |
12150 |
++ spec->gpio_led_polarity = 1; |
12151 |
++ break; |
12152 |
++ } |
12153 |
+ return 1; |
12154 |
+ } |
12155 |
+ } |
12156 |
+diff --git a/sound/soc/codecs/wm5100.c b/sound/soc/codecs/wm5100.c |
12157 |
+index 42d9039..d0beeec 100644 |
12158 |
+--- a/sound/soc/codecs/wm5100.c |
12159 |
++++ b/sound/soc/codecs/wm5100.c |
12160 |
+@@ -1379,6 +1379,7 @@ static int wm5100_set_bias_level(struct snd_soc_codec *codec, |
12161 |
+ |
12162 |
+ switch (wm5100->rev) { |
12163 |
+ case 0: |
12164 |
++ regcache_cache_bypass(wm5100->regmap, true); |
12165 |
+ snd_soc_write(codec, 0x11, 0x3); |
12166 |
+ snd_soc_write(codec, 0x203, 0xc); |
12167 |
+ snd_soc_write(codec, 0x206, 0); |
12168 |
+@@ -1394,6 +1395,7 @@ static int wm5100_set_bias_level(struct snd_soc_codec *codec, |
12169 |
+ snd_soc_write(codec, |
12170 |
+ wm5100_reva_patches[i].reg, |
12171 |
+ wm5100_reva_patches[i].val); |
12172 |
++ regcache_cache_bypass(wm5100->regmap, false); |
12173 |
+ break; |
12174 |
+ default: |
12175 |
+ break; |
12176 |
+@@ -1404,6 +1406,7 @@ static int wm5100_set_bias_level(struct snd_soc_codec *codec, |
12177 |
+ break; |
12178 |
+ |
12179 |
+ case SND_SOC_BIAS_OFF: |
12180 |
++ regcache_cache_only(wm5100->regmap, true); |
12181 |
+ if (wm5100->pdata.ldo_ena) |
12182 |
+ gpio_set_value_cansleep(wm5100->pdata.ldo_ena, 0); |
12183 |
+ regulator_bulk_disable(ARRAY_SIZE(wm5100->core_supplies), |
12184 |
+diff --git a/sound/soc/codecs/wm8996.c b/sound/soc/codecs/wm8996.c |
12185 |
+index a33b04d..6d98a57 100644 |
12186 |
+--- a/sound/soc/codecs/wm8996.c |
12187 |
++++ b/sound/soc/codecs/wm8996.c |
12188 |
+@@ -1049,7 +1049,8 @@ SND_SOC_DAPM_SUPPLY_S("SYSCLK", 1, WM8996_AIF_CLOCKING_1, 0, 0, NULL, 0), |
12189 |
+ SND_SOC_DAPM_SUPPLY_S("SYSDSPCLK", 2, WM8996_CLOCKING_1, 1, 0, NULL, 0), |
12190 |
+ SND_SOC_DAPM_SUPPLY_S("AIFCLK", 2, WM8996_CLOCKING_1, 2, 0, NULL, 0), |
12191 |
+ SND_SOC_DAPM_SUPPLY_S("Charge Pump", 2, WM8996_CHARGE_PUMP_1, 15, 0, cp_event, |
12192 |
+- SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_POST_PMD), |
12193 |
++ SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_POST_PMU | |
12194 |
++ SND_SOC_DAPM_POST_PMD), |
12195 |
+ SND_SOC_DAPM_SUPPLY("Bandgap", SND_SOC_NOPM, 0, 0, bg_event, |
12196 |
+ SND_SOC_DAPM_PRE_PMU | SND_SOC_DAPM_POST_PMD), |
12197 |
+ SND_SOC_DAPM_SUPPLY("LDO2", WM8996_POWER_MANAGEMENT_2, 1, 0, NULL, 0), |
12198 |
+@@ -1932,6 +1933,7 @@ static int wm8996_set_sysclk(struct snd_soc_dai *dai, |
12199 |
+ struct wm8996_priv *wm8996 = snd_soc_codec_get_drvdata(codec); |
12200 |
+ int lfclk = 0; |
12201 |
+ int ratediv = 0; |
12202 |
++ int sync = WM8996_REG_SYNC; |
12203 |
+ int src; |
12204 |
+ int old; |
12205 |
+ |
12206 |
+@@ -1976,6 +1978,7 @@ static int wm8996_set_sysclk(struct snd_soc_dai *dai, |
12207 |
+ case 32000: |
12208 |
+ case 32768: |
12209 |
+ lfclk = WM8996_LFCLK_ENA; |
12210 |
++ sync = 0; |
12211 |
+ break; |
12212 |
+ default: |
12213 |
+ dev_warn(codec->dev, "Unsupported clock rate %dHz\n", |
12214 |
+@@ -1989,6 +1992,8 @@ static int wm8996_set_sysclk(struct snd_soc_dai *dai, |
12215 |
+ WM8996_SYSCLK_SRC_MASK | WM8996_SYSCLK_DIV_MASK, |
12216 |
+ src << WM8996_SYSCLK_SRC_SHIFT | ratediv); |
12217 |
+ snd_soc_update_bits(codec, WM8996_CLOCKING_1, WM8996_LFCLK_ENA, lfclk); |
12218 |
++ snd_soc_update_bits(codec, WM8996_CONTROL_INTERFACE_1, |
12219 |
++ WM8996_REG_SYNC, sync); |
12220 |
+ snd_soc_update_bits(codec, WM8996_AIF_CLOCKING_1, |
12221 |
+ WM8996_SYSCLK_ENA, old); |
12222 |
+ |
12223 |
+diff --git a/sound/soc/codecs/wm8996.h b/sound/soc/codecs/wm8996.h |
12224 |
+index 0fde643..de9ac3e 100644 |
12225 |
+--- a/sound/soc/codecs/wm8996.h |
12226 |
++++ b/sound/soc/codecs/wm8996.h |
12227 |
+@@ -1567,6 +1567,10 @@ int wm8996_detect(struct snd_soc_codec *codec, struct snd_soc_jack *jack, |
12228 |
+ /* |
12229 |
+ * R257 (0x101) - Control Interface (1) |
12230 |
+ */ |
12231 |
++#define WM8996_REG_SYNC 0x8000 /* REG_SYNC */ |
12232 |
++#define WM8996_REG_SYNC_MASK 0x8000 /* REG_SYNC */ |
12233 |
++#define WM8996_REG_SYNC_SHIFT 15 /* REG_SYNC */ |
12234 |
++#define WM8996_REG_SYNC_WIDTH 1 /* REG_SYNC */ |
12235 |
+ #define WM8996_AUTO_INC 0x0004 /* AUTO_INC */ |
12236 |
+ #define WM8996_AUTO_INC_MASK 0x0004 /* AUTO_INC */ |
12237 |
+ #define WM8996_AUTO_INC_SHIFT 2 /* AUTO_INC */ |
12238 |
|
12239 |
diff --git a/3.2.4/1003_linux-3.2.4.patch b/3.2.4/1003_linux-3.2.4.patch |
12240 |
new file mode 100644 |
12241 |
index 0000000..e49de55 |
12242 |
--- /dev/null |
12243 |
+++ b/3.2.4/1003_linux-3.2.4.patch |
12244 |
@@ -0,0 +1,40 @@ |
12245 |
+diff --git a/Makefile b/Makefile |
12246 |
+index d45e887..c8e187e 100644 |
12247 |
+--- a/Makefile |
12248 |
++++ b/Makefile |
12249 |
+@@ -1,6 +1,6 @@ |
12250 |
+ VERSION = 3 |
12251 |
+ PATCHLEVEL = 2 |
12252 |
+-SUBLEVEL = 3 |
12253 |
++SUBLEVEL = 4 |
12254 |
+ EXTRAVERSION = |
12255 |
+ NAME = Saber-toothed Squirrel |
12256 |
+ |
12257 |
+diff --git a/sound/soc/codecs/wm5100.c b/sound/soc/codecs/wm5100.c |
12258 |
+index d0beeec..42d9039 100644 |
12259 |
+--- a/sound/soc/codecs/wm5100.c |
12260 |
++++ b/sound/soc/codecs/wm5100.c |
12261 |
+@@ -1379,7 +1379,6 @@ static int wm5100_set_bias_level(struct snd_soc_codec *codec, |
12262 |
+ |
12263 |
+ switch (wm5100->rev) { |
12264 |
+ case 0: |
12265 |
+- regcache_cache_bypass(wm5100->regmap, true); |
12266 |
+ snd_soc_write(codec, 0x11, 0x3); |
12267 |
+ snd_soc_write(codec, 0x203, 0xc); |
12268 |
+ snd_soc_write(codec, 0x206, 0); |
12269 |
+@@ -1395,7 +1394,6 @@ static int wm5100_set_bias_level(struct snd_soc_codec *codec, |
12270 |
+ snd_soc_write(codec, |
12271 |
+ wm5100_reva_patches[i].reg, |
12272 |
+ wm5100_reva_patches[i].val); |
12273 |
+- regcache_cache_bypass(wm5100->regmap, false); |
12274 |
+ break; |
12275 |
+ default: |
12276 |
+ break; |
12277 |
+@@ -1406,7 +1404,6 @@ static int wm5100_set_bias_level(struct snd_soc_codec *codec, |
12278 |
+ break; |
12279 |
+ |
12280 |
+ case SND_SOC_BIAS_OFF: |
12281 |
+- regcache_cache_only(wm5100->regmap, true); |
12282 |
+ if (wm5100->pdata.ldo_ena) |
12283 |
+ gpio_set_value_cansleep(wm5100->pdata.ldo_ena, 0); |
12284 |
+ regulator_bulk_disable(ARRAY_SIZE(wm5100->core_supplies), |
12285 |
|
12286 |
diff --git a/3.2.2/4420_grsecurity-2.2.2-3.2.2-201201272014.patch b/3.2.4/4420_grsecurity-2.2.2-3.2.4-201202032052.patch |
12287 |
similarity index 99% |
12288 |
rename from 3.2.2/4420_grsecurity-2.2.2-3.2.2-201201272014.patch |
12289 |
rename to 3.2.4/4420_grsecurity-2.2.2-3.2.4-201202032052.patch |
12290 |
index 3f6029d..9b95205 100644 |
12291 |
--- a/3.2.2/4420_grsecurity-2.2.2-3.2.2-201201272014.patch |
12292 |
+++ b/3.2.4/4420_grsecurity-2.2.2-3.2.4-201202032052.patch |
12293 |
@@ -186,7 +186,7 @@ index 81c287f..d456d02 100644 |
12294 |
|
12295 |
pcd. [PARIDE] |
12296 |
diff --git a/Makefile b/Makefile |
12297 |
-index 2f684da..bf21f8d 100644 |
12298 |
+index c8e187e..c445af7 100644 |
12299 |
--- a/Makefile |
12300 |
+++ b/Makefile |
12301 |
@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
12302 |
@@ -12223,19 +12223,18 @@ index 2af127d..8ff7ac0 100644 |
12303 |
atomic_set(&mce_callin, 0); |
12304 |
atomic_set(&global_nwo, 0); |
12305 |
diff --git a/arch/x86/kernel/cpu/mcheck/p5.c b/arch/x86/kernel/cpu/mcheck/p5.c |
12306 |
-index 5c0e653..51ddf2c 100644 |
12307 |
+index 5c0e653..0882b0a 100644 |
12308 |
--- a/arch/x86/kernel/cpu/mcheck/p5.c |
12309 |
+++ b/arch/x86/kernel/cpu/mcheck/p5.c |
12310 |
-@@ -11,7 +11,7 @@ |
12311 |
- #include <asm/processor.h> |
12312 |
+@@ -12,6 +12,7 @@ |
12313 |
#include <asm/system.h> |
12314 |
#include <asm/mce.h> |
12315 |
--#include <asm/msr.h> |
12316 |
+ #include <asm/msr.h> |
12317 |
+#include <asm/pgtable.h> |
12318 |
|
12319 |
/* By default disabled */ |
12320 |
int mce_p5_enabled __read_mostly; |
12321 |
-@@ -50,7 +50,9 @@ void intel_p5_mcheck_init(struct cpuinfo_x86 *c) |
12322 |
+@@ -50,7 +51,9 @@ void intel_p5_mcheck_init(struct cpuinfo_x86 *c) |
12323 |
if (!cpu_has(c, X86_FEATURE_MCE)) |
12324 |
return; |
12325 |
|
12326 |
@@ -22963,7 +22962,7 @@ index 7b179b4..6bd1777 100644 |
12327 |
|
12328 |
return (void *)vaddr; |
12329 |
diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c |
12330 |
-index be1ef57..9680edc 100644 |
12331 |
+index be1ef57..55f0160 100644 |
12332 |
--- a/arch/x86/mm/ioremap.c |
12333 |
+++ b/arch/x86/mm/ioremap.c |
12334 |
@@ -97,7 +97,7 @@ static void __iomem *__ioremap_caller(resource_size_t phys_addr, |
12335 |
@@ -22975,7 +22974,17 @@ index be1ef57..9680edc 100644 |
12336 |
return NULL; |
12337 |
WARN_ON_ONCE(is_ram); |
12338 |
} |
12339 |
-@@ -344,7 +344,7 @@ static int __init early_ioremap_debug_setup(char *str) |
12340 |
+@@ -315,6 +315,9 @@ void *xlate_dev_mem_ptr(unsigned long phys) |
12341 |
+ |
12342 |
+ /* If page is RAM, we can use __va. Otherwise ioremap and unmap. */ |
12343 |
+ if (page_is_ram(start >> PAGE_SHIFT)) |
12344 |
++#ifdef CONFIG_HIGHMEM |
12345 |
++ if ((start >> PAGE_SHIFT) < max_low_pfn) |
12346 |
++#endif |
12347 |
+ return __va(phys); |
12348 |
+ |
12349 |
+ addr = (void __force *)ioremap_cache(start, PAGE_SIZE); |
12350 |
+@@ -344,7 +347,7 @@ static int __init early_ioremap_debug_setup(char *str) |
12351 |
early_param("early_ioremap_debug", early_ioremap_debug_setup); |
12352 |
|
12353 |
static __initdata int after_paging_init; |
12354 |
@@ -22984,7 +22993,7 @@ index be1ef57..9680edc 100644 |
12355 |
|
12356 |
static inline pmd_t * __init early_ioremap_pmd(unsigned long addr) |
12357 |
{ |
12358 |
-@@ -381,8 +381,7 @@ void __init early_ioremap_init(void) |
12359 |
+@@ -381,8 +384,7 @@ void __init early_ioremap_init(void) |
12360 |
slot_virt[i] = __fix_to_virt(FIX_BTMAP_BEGIN - NR_FIX_BTMAPS*i); |
12361 |
|
12362 |
pmd = early_ioremap_pmd(fix_to_virt(FIX_BTMAP_BEGIN)); |
12363 |
@@ -23725,7 +23734,7 @@ index 6687022..ceabcfa 100644 |
12364 |
+ pax_force_retaddr |
12365 |
ret |
12366 |
diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c |
12367 |
-index 7b65f75..63097f6 100644 |
12368 |
+index 7c1b765..180e3b2 100644 |
12369 |
--- a/arch/x86/net/bpf_jit_comp.c |
12370 |
+++ b/arch/x86/net/bpf_jit_comp.c |
12371 |
@@ -117,6 +117,10 @@ static inline void bpf_flush_icache(void *start, void *end) |
12372 |
@@ -23750,7 +23759,7 @@ index 7b65f75..63097f6 100644 |
12373 |
/* Before first pass, make a rough estimation of addrs[] |
12374 |
* each bpf instruction is translated to less than 64 bytes |
12375 |
*/ |
12376 |
-@@ -585,11 +593,12 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; |
12377 |
+@@ -592,11 +600,12 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; |
12378 |
if (image) { |
12379 |
if (unlikely(proglen + ilen > oldproglen)) { |
12380 |
pr_err("bpb_jit_compile fatal error\n"); |
12381 |
@@ -23766,7 +23775,7 @@ index 7b65f75..63097f6 100644 |
12382 |
} |
12383 |
proglen += ilen; |
12384 |
addrs[i] = proglen; |
12385 |
-@@ -609,7 +618,7 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; |
12386 |
+@@ -617,7 +626,7 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; |
12387 |
break; |
12388 |
} |
12389 |
if (proglen == oldproglen) { |
12390 |
@@ -23775,7 +23784,7 @@ index 7b65f75..63097f6 100644 |
12391 |
proglen, |
12392 |
sizeof(struct work_struct))); |
12393 |
if (!image) |
12394 |
-@@ -631,24 +640,27 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; |
12395 |
+@@ -639,24 +648,27 @@ cond_branch: f_offset = addrs[i + filter[i].jf] - addrs[i]; |
12396 |
fp->bpf_func = (void *)image; |
12397 |
} |
12398 |
out: |
12399 |
@@ -24994,109 +25003,6 @@ index 671d4d6..5f24030 100644 |
12400 |
|
12401 |
static void cryptd_queue_worker(struct work_struct *work); |
12402 |
|
12403 |
-diff --git a/crypto/sha512_generic.c b/crypto/sha512_generic.c |
12404 |
-index 9ed9f60..88f160b 100644 |
12405 |
---- a/crypto/sha512_generic.c |
12406 |
-+++ b/crypto/sha512_generic.c |
12407 |
-@@ -21,8 +21,6 @@ |
12408 |
- #include <linux/percpu.h> |
12409 |
- #include <asm/byteorder.h> |
12410 |
- |
12411 |
--static DEFINE_PER_CPU(u64[80], msg_schedule); |
12412 |
-- |
12413 |
- static inline u64 Ch(u64 x, u64 y, u64 z) |
12414 |
- { |
12415 |
- return z ^ (x & (y ^ z)); |
12416 |
-@@ -80,7 +78,7 @@ static inline void LOAD_OP(int I, u64 *W, const u8 *input) |
12417 |
- |
12418 |
- static inline void BLEND_OP(int I, u64 *W) |
12419 |
- { |
12420 |
-- W[I] = s1(W[I-2]) + W[I-7] + s0(W[I-15]) + W[I-16]; |
12421 |
-+ W[I % 16] += s1(W[(I-2) % 16]) + W[(I-7) % 16] + s0(W[(I-15) % 16]); |
12422 |
- } |
12423 |
- |
12424 |
- static void |
12425 |
-@@ -89,38 +87,48 @@ sha512_transform(u64 *state, const u8 *input) |
12426 |
- u64 a, b, c, d, e, f, g, h, t1, t2; |
12427 |
- |
12428 |
- int i; |
12429 |
-- u64 *W = get_cpu_var(msg_schedule); |
12430 |
-+ u64 W[16]; |
12431 |
- |
12432 |
- /* load the input */ |
12433 |
- for (i = 0; i < 16; i++) |
12434 |
- LOAD_OP(i, W, input); |
12435 |
- |
12436 |
-- for (i = 16; i < 80; i++) { |
12437 |
-- BLEND_OP(i, W); |
12438 |
-- } |
12439 |
-- |
12440 |
- /* load the state into our registers */ |
12441 |
- a=state[0]; b=state[1]; c=state[2]; d=state[3]; |
12442 |
- e=state[4]; f=state[5]; g=state[6]; h=state[7]; |
12443 |
- |
12444 |
-- /* now iterate */ |
12445 |
-- for (i=0; i<80; i+=8) { |
12446 |
-- t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[i ]; |
12447 |
-- t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; |
12448 |
-- t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[i+1]; |
12449 |
-- t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; |
12450 |
-- t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[i+2]; |
12451 |
-- t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; |
12452 |
-- t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[i+3]; |
12453 |
-- t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; |
12454 |
-- t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[i+4]; |
12455 |
-- t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; |
12456 |
-- t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[i+5]; |
12457 |
-- t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; |
12458 |
-- t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[i+6]; |
12459 |
-- t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; |
12460 |
-- t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[i+7]; |
12461 |
-- t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; |
12462 |
-+#define SHA512_0_15(i, a, b, c, d, e, f, g, h) \ |
12463 |
-+ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[i]; \ |
12464 |
-+ t2 = e0(a) + Maj(a, b, c); \ |
12465 |
-+ d += t1; \ |
12466 |
-+ h = t1 + t2 |
12467 |
-+ |
12468 |
-+#define SHA512_16_79(i, a, b, c, d, e, f, g, h) \ |
12469 |
-+ BLEND_OP(i, W); \ |
12470 |
-+ t1 = h + e1(e) + Ch(e, f, g) + sha512_K[i] + W[(i)%16]; \ |
12471 |
-+ t2 = e0(a) + Maj(a, b, c); \ |
12472 |
-+ d += t1; \ |
12473 |
-+ h = t1 + t2 |
12474 |
-+ |
12475 |
-+ for (i = 0; i < 16; i += 8) { |
12476 |
-+ SHA512_0_15(i, a, b, c, d, e, f, g, h); |
12477 |
-+ SHA512_0_15(i + 1, h, a, b, c, d, e, f, g); |
12478 |
-+ SHA512_0_15(i + 2, g, h, a, b, c, d, e, f); |
12479 |
-+ SHA512_0_15(i + 3, f, g, h, a, b, c, d, e); |
12480 |
-+ SHA512_0_15(i + 4, e, f, g, h, a, b, c, d); |
12481 |
-+ SHA512_0_15(i + 5, d, e, f, g, h, a, b, c); |
12482 |
-+ SHA512_0_15(i + 6, c, d, e, f, g, h, a, b); |
12483 |
-+ SHA512_0_15(i + 7, b, c, d, e, f, g, h, a); |
12484 |
-+ } |
12485 |
-+ for (i = 16; i < 80; i += 8) { |
12486 |
-+ SHA512_16_79(i, a, b, c, d, e, f, g, h); |
12487 |
-+ SHA512_16_79(i + 1, h, a, b, c, d, e, f, g); |
12488 |
-+ SHA512_16_79(i + 2, g, h, a, b, c, d, e, f); |
12489 |
-+ SHA512_16_79(i + 3, f, g, h, a, b, c, d, e); |
12490 |
-+ SHA512_16_79(i + 4, e, f, g, h, a, b, c, d); |
12491 |
-+ SHA512_16_79(i + 5, d, e, f, g, h, a, b, c); |
12492 |
-+ SHA512_16_79(i + 6, c, d, e, f, g, h, a, b); |
12493 |
-+ SHA512_16_79(i + 7, b, c, d, e, f, g, h, a); |
12494 |
- } |
12495 |
- |
12496 |
- state[0] += a; state[1] += b; state[2] += c; state[3] += d; |
12497 |
-@@ -128,8 +136,6 @@ sha512_transform(u64 *state, const u8 *input) |
12498 |
- |
12499 |
- /* erase our data */ |
12500 |
- a = b = c = d = e = f = g = h = t1 = t2 = 0; |
12501 |
-- memset(W, 0, sizeof(__get_cpu_var(msg_schedule))); |
12502 |
-- put_cpu_var(msg_schedule); |
12503 |
- } |
12504 |
- |
12505 |
- static int |
12506 |
diff --git a/drivers/acpi/apei/cper.c b/drivers/acpi/apei/cper.c |
12507 |
index 5d41894..22021e4 100644 |
12508 |
--- a/drivers/acpi/apei/cper.c |
12509 |
@@ -27943,7 +27849,7 @@ index 40c187c..5746164 100644 |
12510 |
|
12511 |
DRM_DEBUG("pid=%d, cmd=0x%02x, nr=0x%02x, dev 0x%lx, auth=%d\n", |
12512 |
diff --git a/drivers/gpu/drm/drm_fops.c b/drivers/gpu/drm/drm_fops.c |
12513 |
-index 4911e1d..484c8a3 100644 |
12514 |
+index 828bf65..cdaa0e9 100644 |
12515 |
--- a/drivers/gpu/drm/drm_fops.c |
12516 |
+++ b/drivers/gpu/drm/drm_fops.c |
12517 |
@@ -71,7 +71,7 @@ static int drm_setup(struct drm_device * dev) |
12518 |
@@ -27982,9 +27888,9 @@ index 4911e1d..484c8a3 100644 |
12519 |
- dev->open_count); |
12520 |
+ local_read(&dev->open_count)); |
12521 |
|
12522 |
- /* if the master has gone away we can't do anything with the lock */ |
12523 |
- if (file_priv->minor->master) |
12524 |
-@@ -566,8 +566,8 @@ int drm_release(struct inode *inode, struct file *filp) |
12525 |
+ /* Release any auth tokens that might point to this file_priv, |
12526 |
+ (do that under the drm_global_mutex) */ |
12527 |
+@@ -571,8 +571,8 @@ int drm_release(struct inode *inode, struct file *filp) |
12528 |
* End inline drm_release |
12529 |
*/ |
12530 |
|
12531 |
@@ -29164,7 +29070,7 @@ index 66f6729..2d6de0a 100644 |
12532 |
mutex_lock(&resource->lock); |
12533 |
resource->trip[attr->index - 7] = temp; |
12534 |
diff --git a/drivers/hwmon/sht15.c b/drivers/hwmon/sht15.c |
12535 |
-index fe4104c..346febb 100644 |
12536 |
+index 5357925..6cf0418 100644 |
12537 |
--- a/drivers/hwmon/sht15.c |
12538 |
+++ b/drivers/hwmon/sht15.c |
12539 |
@@ -166,7 +166,7 @@ struct sht15_data { |
12540 |
@@ -41403,80 +41309,24 @@ index f7908ae..920a680 100644 |
12541 |
|
12542 |
dcache_init(); |
12543 |
inode_init(); |
12544 |
-diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c |
12545 |
-index 2a83425..b082cec 100644 |
12546 |
---- a/fs/ecryptfs/crypto.c |
12547 |
-+++ b/fs/ecryptfs/crypto.c |
12548 |
-@@ -417,17 +417,6 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page, |
12549 |
- (unsigned long long)(extent_base + extent_offset), rc); |
12550 |
- goto out; |
12551 |
- } |
12552 |
-- if (unlikely(ecryptfs_verbosity > 0)) { |
12553 |
-- ecryptfs_printk(KERN_DEBUG, "Encrypting extent " |
12554 |
-- "with iv:\n"); |
12555 |
-- ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); |
12556 |
-- ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " |
12557 |
-- "encryption:\n"); |
12558 |
-- ecryptfs_dump_hex((char *) |
12559 |
-- (page_address(page) |
12560 |
-- + (extent_offset * crypt_stat->extent_size)), |
12561 |
-- 8); |
12562 |
-- } |
12563 |
- rc = ecryptfs_encrypt_page_offset(crypt_stat, enc_extent_page, 0, |
12564 |
- page, (extent_offset |
12565 |
- * crypt_stat->extent_size), |
12566 |
-@@ -440,14 +429,6 @@ static int ecryptfs_encrypt_extent(struct page *enc_extent_page, |
12567 |
- goto out; |
12568 |
- } |
12569 |
- rc = 0; |
12570 |
-- if (unlikely(ecryptfs_verbosity > 0)) { |
12571 |
-- ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16llx]; " |
12572 |
-- "rc = [%d]\n", |
12573 |
-- (unsigned long long)(extent_base + extent_offset), rc); |
12574 |
-- ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " |
12575 |
-- "encryption:\n"); |
12576 |
-- ecryptfs_dump_hex((char *)(page_address(enc_extent_page)), 8); |
12577 |
-- } |
12578 |
- out: |
12579 |
- return rc; |
12580 |
- } |
12581 |
-@@ -543,17 +524,6 @@ static int ecryptfs_decrypt_extent(struct page *page, |
12582 |
- (unsigned long long)(extent_base + extent_offset), rc); |
12583 |
- goto out; |
12584 |
- } |
12585 |
-- if (unlikely(ecryptfs_verbosity > 0)) { |
12586 |
-- ecryptfs_printk(KERN_DEBUG, "Decrypting extent " |
12587 |
-- "with iv:\n"); |
12588 |
-- ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); |
12589 |
-- ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " |
12590 |
-- "decryption:\n"); |
12591 |
-- ecryptfs_dump_hex((char *) |
12592 |
-- (page_address(enc_extent_page) |
12593 |
-- + (extent_offset * crypt_stat->extent_size)), |
12594 |
-- 8); |
12595 |
-- } |
12596 |
- rc = ecryptfs_decrypt_page_offset(crypt_stat, page, |
12597 |
- (extent_offset |
12598 |
- * crypt_stat->extent_size), |
12599 |
-@@ -567,16 +537,6 @@ static int ecryptfs_decrypt_extent(struct page *page, |
12600 |
- goto out; |
12601 |
- } |
12602 |
- rc = 0; |
12603 |
-- if (unlikely(ecryptfs_verbosity > 0)) { |
12604 |
-- ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16llx]; " |
12605 |
-- "rc = [%d]\n", |
12606 |
-- (unsigned long long)(extent_base + extent_offset), rc); |
12607 |
-- ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " |
12608 |
-- "decryption:\n"); |
12609 |
-- ecryptfs_dump_hex((char *)(page_address(page) |
12610 |
-- + (extent_offset |
12611 |
-- * crypt_stat->extent_size)), 8); |
12612 |
-- } |
12613 |
- out: |
12614 |
- return rc; |
12615 |
+diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c |
12616 |
+index f3a257d..715ac0f 100644 |
12617 |
+--- a/fs/debugfs/inode.c |
12618 |
++++ b/fs/debugfs/inode.c |
12619 |
+@@ -261,7 +261,11 @@ EXPORT_SYMBOL_GPL(debugfs_create_file); |
12620 |
+ struct dentry *debugfs_create_dir(const char *name, struct dentry *parent) |
12621 |
+ { |
12622 |
+ return debugfs_create_file(name, |
12623 |
++#ifdef CONFIG_GRKERNSEC_SYSFS_RESTRICT |
12624 |
++ S_IFDIR | S_IRWXU, |
12625 |
++#else |
12626 |
+ S_IFDIR | S_IRWXU | S_IRUGO | S_IXUGO, |
12627 |
++#endif |
12628 |
+ parent, NULL, NULL); |
12629 |
} |
12630 |
+ EXPORT_SYMBOL_GPL(debugfs_create_dir); |
12631 |
diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c |
12632 |
-index 32f90a3..a766407 100644 |
12633 |
+index d2039ca..a766407 100644 |
12634 |
--- a/fs/ecryptfs/inode.c |
12635 |
+++ b/fs/ecryptfs/inode.c |
12636 |
@@ -691,7 +691,7 @@ static int ecryptfs_readlink_lower(struct dentry *dentry, char **buf, |
12637 |
@@ -41506,84 +41356,8 @@ index 32f90a3..a766407 100644 |
12638 |
if (!IS_ERR(buf)) { |
12639 |
/* Free the char* */ |
12640 |
kfree(buf); |
12641 |
-@@ -841,18 +841,6 @@ static int truncate_upper(struct dentry *dentry, struct iattr *ia, |
12642 |
- size_t num_zeros = (PAGE_CACHE_SIZE |
12643 |
- - (ia->ia_size & ~PAGE_CACHE_MASK)); |
12644 |
- |
12645 |
-- |
12646 |
-- /* |
12647 |
-- * XXX(truncate) this should really happen at the begginning |
12648 |
-- * of ->setattr. But the code is too messy to that as part |
12649 |
-- * of a larger patch. ecryptfs is also totally missing out |
12650 |
-- * on the inode_change_ok check at the beginning of |
12651 |
-- * ->setattr while would include this. |
12652 |
-- */ |
12653 |
-- rc = inode_newsize_ok(inode, ia->ia_size); |
12654 |
-- if (rc) |
12655 |
-- goto out; |
12656 |
-- |
12657 |
- if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { |
12658 |
- truncate_setsize(inode, ia->ia_size); |
12659 |
- lower_ia->ia_size = ia->ia_size; |
12660 |
-@@ -902,6 +890,28 @@ out: |
12661 |
- return rc; |
12662 |
- } |
12663 |
- |
12664 |
-+static int ecryptfs_inode_newsize_ok(struct inode *inode, loff_t offset) |
12665 |
-+{ |
12666 |
-+ struct ecryptfs_crypt_stat *crypt_stat; |
12667 |
-+ loff_t lower_oldsize, lower_newsize; |
12668 |
-+ |
12669 |
-+ crypt_stat = &ecryptfs_inode_to_private(inode)->crypt_stat; |
12670 |
-+ lower_oldsize = upper_size_to_lower_size(crypt_stat, |
12671 |
-+ i_size_read(inode)); |
12672 |
-+ lower_newsize = upper_size_to_lower_size(crypt_stat, offset); |
12673 |
-+ if (lower_newsize > lower_oldsize) { |
12674 |
-+ /* |
12675 |
-+ * The eCryptfs inode and the new *lower* size are mixed here |
12676 |
-+ * because we may not have the lower i_mutex held and/or it may |
12677 |
-+ * not be appropriate to call inode_newsize_ok() with inodes |
12678 |
-+ * from other filesystems. |
12679 |
-+ */ |
12680 |
-+ return inode_newsize_ok(inode, lower_newsize); |
12681 |
-+ } |
12682 |
-+ |
12683 |
-+ return 0; |
12684 |
-+} |
12685 |
-+ |
12686 |
- /** |
12687 |
- * ecryptfs_truncate |
12688 |
- * @dentry: The ecryptfs layer dentry |
12689 |
-@@ -918,6 +928,10 @@ int ecryptfs_truncate(struct dentry *dentry, loff_t new_length) |
12690 |
- struct iattr lower_ia = { .ia_valid = 0 }; |
12691 |
- int rc; |
12692 |
- |
12693 |
-+ rc = ecryptfs_inode_newsize_ok(dentry->d_inode, new_length); |
12694 |
-+ if (rc) |
12695 |
-+ return rc; |
12696 |
-+ |
12697 |
- rc = truncate_upper(dentry, &ia, &lower_ia); |
12698 |
- if (!rc && lower_ia.ia_valid & ATTR_SIZE) { |
12699 |
- struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry); |
12700 |
-@@ -997,6 +1011,16 @@ static int ecryptfs_setattr(struct dentry *dentry, struct iattr *ia) |
12701 |
- } |
12702 |
- } |
12703 |
- mutex_unlock(&crypt_stat->cs_mutex); |
12704 |
-+ |
12705 |
-+ rc = inode_change_ok(inode, ia); |
12706 |
-+ if (rc) |
12707 |
-+ goto out; |
12708 |
-+ if (ia->ia_valid & ATTR_SIZE) { |
12709 |
-+ rc = ecryptfs_inode_newsize_ok(inode, ia->ia_size); |
12710 |
-+ if (rc) |
12711 |
-+ goto out; |
12712 |
-+ } |
12713 |
-+ |
12714 |
- if (S_ISREG(inode->i_mode)) { |
12715 |
- rc = filemap_write_and_wait(inode->i_mapping); |
12716 |
- if (rc) |
12717 |
diff --git a/fs/ecryptfs/miscdev.c b/fs/ecryptfs/miscdev.c |
12718 |
-index 940a82e..d3cdeea 100644 |
12719 |
+index 0dc5a3d..d3cdeea 100644 |
12720 |
--- a/fs/ecryptfs/miscdev.c |
12721 |
+++ b/fs/ecryptfs/miscdev.c |
12722 |
@@ -328,7 +328,7 @@ check_list: |
12723 |
@@ -41595,82 +41369,8 @@ index 940a82e..d3cdeea 100644 |
12724 |
goto out_unlock_msg_ctx; |
12725 |
i += packet_length_size; |
12726 |
if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size)) |
12727 |
-@@ -409,11 +409,47 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
12728 |
- ssize_t sz = 0; |
12729 |
- char *data; |
12730 |
- uid_t euid = current_euid(); |
12731 |
-+ unsigned char packet_size_peek[3]; |
12732 |
- int rc; |
12733 |
- |
12734 |
-- if (count == 0) |
12735 |
-+ if (count == 0) { |
12736 |
- goto out; |
12737 |
-+ } else if (count == (1 + 4)) { |
12738 |
-+ /* Likely a harmless MSG_HELO or MSG_QUIT - no packet length */ |
12739 |
-+ goto memdup; |
12740 |
-+ } else if (count < (1 + 4 + 1) |
12741 |
-+ || count > (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
12742 |
-+ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES)) { |
12743 |
-+ printk(KERN_WARNING "%s: Acceptable packet size range is " |
12744 |
-+ "[%d-%lu], but amount of data written is [%zu].", |
12745 |
-+ __func__, (1 + 4 + 1), |
12746 |
-+ (1 + 4 + 2 + sizeof(struct ecryptfs_message) + 4 |
12747 |
-+ + ECRYPTFS_MAX_ENCRYPTED_KEY_BYTES), count); |
12748 |
-+ return -EINVAL; |
12749 |
-+ } |
12750 |
- |
12751 |
-+ if (copy_from_user(packet_size_peek, (buf + 1 + 4), |
12752 |
-+ sizeof(packet_size_peek))) { |
12753 |
-+ printk(KERN_WARNING "%s: Error while inspecting packet size\n", |
12754 |
-+ __func__); |
12755 |
-+ return -EFAULT; |
12756 |
-+ } |
12757 |
-+ |
12758 |
-+ rc = ecryptfs_parse_packet_length(packet_size_peek, &packet_size, |
12759 |
-+ &packet_size_length); |
12760 |
-+ if (rc) { |
12761 |
-+ printk(KERN_WARNING "%s: Error parsing packet length; " |
12762 |
-+ "rc = [%d]\n", __func__, rc); |
12763 |
-+ return rc; |
12764 |
-+ } |
12765 |
-+ |
12766 |
-+ if ((1 + 4 + packet_size_length + packet_size) != count) { |
12767 |
-+ printk(KERN_WARNING "%s: Invalid packet size [%zu]\n", __func__, |
12768 |
-+ packet_size); |
12769 |
-+ return -EINVAL; |
12770 |
-+ } |
12771 |
-+ |
12772 |
-+memdup: |
12773 |
- data = memdup_user(buf, count); |
12774 |
- if (IS_ERR(data)) { |
12775 |
- printk(KERN_ERR "%s: memdup_user returned error [%ld]\n", |
12776 |
-@@ -435,23 +471,7 @@ ecryptfs_miscdev_write(struct file *file, const char __user *buf, |
12777 |
- } |
12778 |
- memcpy(&counter_nbo, &data[i], 4); |
12779 |
- seq = be32_to_cpu(counter_nbo); |
12780 |
-- i += 4; |
12781 |
-- rc = ecryptfs_parse_packet_length(&data[i], &packet_size, |
12782 |
-- &packet_size_length); |
12783 |
-- if (rc) { |
12784 |
-- printk(KERN_WARNING "%s: Error parsing packet length; " |
12785 |
-- "rc = [%d]\n", __func__, rc); |
12786 |
-- goto out_free; |
12787 |
-- } |
12788 |
-- i += packet_size_length; |
12789 |
-- if ((1 + 4 + packet_size_length + packet_size) != count) { |
12790 |
-- printk(KERN_WARNING "%s: (1 + packet_size_length([%zd])" |
12791 |
-- " + packet_size([%zd]))([%zd]) != " |
12792 |
-- "count([%zd]). Invalid packet format.\n", |
12793 |
-- __func__, packet_size_length, packet_size, |
12794 |
-- (1 + packet_size_length + packet_size), count); |
12795 |
-- goto out_free; |
12796 |
-- } |
12797 |
-+ i += 4 + packet_size_length; |
12798 |
- rc = ecryptfs_miscdev_response(&data[i], packet_size, |
12799 |
- euid, current_user_ns(), |
12800 |
- task_pid(current), seq); |
12801 |
diff --git a/fs/ecryptfs/read_write.c b/fs/ecryptfs/read_write.c |
12802 |
-index 3745f7c..7d040a8 100644 |
12803 |
+index 54eb14c..e51b453 100644 |
12804 |
--- a/fs/ecryptfs/read_write.c |
12805 |
+++ b/fs/ecryptfs/read_write.c |
12806 |
@@ -48,7 +48,7 @@ int ecryptfs_write_lower(struct inode *ecryptfs_inode, char *data, |
12807 |
@@ -41682,7 +41382,7 @@ index 3745f7c..7d040a8 100644 |
12808 |
set_fs(fs_save); |
12809 |
mark_inode_dirty_sync(ecryptfs_inode); |
12810 |
return rc; |
12811 |
-@@ -130,13 +130,18 @@ int ecryptfs_write(struct inode *ecryptfs_inode, char *data, loff_t offset, |
12812 |
+@@ -130,7 +130,12 @@ int ecryptfs_write(struct inode *ecryptfs_inode, char *data, loff_t offset, |
12813 |
pgoff_t ecryptfs_page_idx = (pos >> PAGE_CACHE_SHIFT); |
12814 |
size_t start_offset_in_page = (pos & ~PAGE_CACHE_MASK); |
12815 |
size_t num_bytes = (PAGE_CACHE_SIZE - start_offset_in_page); |
12816 |
@@ -41694,7 +41394,9 @@ index 3745f7c..7d040a8 100644 |
12817 |
+ break; |
12818 |
+ } |
12819 |
|
12820 |
- if (num_bytes > total_remaining_bytes) |
12821 |
+ if (fatal_signal_pending(current)) { |
12822 |
+ rc = -EINTR; |
12823 |
+@@ -141,7 +146,7 @@ int ecryptfs_write(struct inode *ecryptfs_inode, char *data, loff_t offset, |
12824 |
num_bytes = total_remaining_bytes; |
12825 |
if (pos < offset) { |
12826 |
/* remaining zeros to write, up to destination offset */ |
12827 |
@@ -41703,32 +41405,7 @@ index 3745f7c..7d040a8 100644 |
12828 |
|
12829 |
if (num_bytes > total_remaining_zeros) |
12830 |
num_bytes = total_remaining_zeros; |
12831 |
-@@ -193,15 +198,19 @@ int ecryptfs_write(struct inode *ecryptfs_inode, char *data, loff_t offset, |
12832 |
- } |
12833 |
- pos += num_bytes; |
12834 |
- } |
12835 |
-- if ((offset + size) > ecryptfs_file_size) { |
12836 |
-- i_size_write(ecryptfs_inode, (offset + size)); |
12837 |
-+ if (pos > ecryptfs_file_size) { |
12838 |
-+ i_size_write(ecryptfs_inode, pos); |
12839 |
- if (crypt_stat->flags & ECRYPTFS_ENCRYPTED) { |
12840 |
-- rc = ecryptfs_write_inode_size_to_metadata( |
12841 |
-+ int rc2; |
12842 |
-+ |
12843 |
-+ rc2 = ecryptfs_write_inode_size_to_metadata( |
12844 |
- ecryptfs_inode); |
12845 |
-- if (rc) { |
12846 |
-+ if (rc2) { |
12847 |
- printk(KERN_ERR "Problem with " |
12848 |
- "ecryptfs_write_inode_size_to_metadata; " |
12849 |
-- "rc = [%d]\n", rc); |
12850 |
-+ "rc = [%d]\n", rc2); |
12851 |
-+ if (!rc) |
12852 |
-+ rc = rc2; |
12853 |
- goto out; |
12854 |
- } |
12855 |
- } |
12856 |
-@@ -235,7 +244,7 @@ int ecryptfs_read_lower(char *data, loff_t offset, size_t size, |
12857 |
+@@ -244,7 +249,7 @@ int ecryptfs_read_lower(char *data, loff_t offset, size_t size, |
12858 |
return -EIO; |
12859 |
fs_save = get_fs(); |
12860 |
set_fs(get_ds()); |
12861 |
@@ -45585,7 +45262,7 @@ index 3a1dafd..d41fc37 100644 |
12862 |
+} |
12863 |
+#endif |
12864 |
diff --git a/fs/proc/base.c b/fs/proc/base.c |
12865 |
-index 1fc1dca..813fd0b 100644 |
12866 |
+index 1fc1dca..357b933 100644 |
12867 |
--- a/fs/proc/base.c |
12868 |
+++ b/fs/proc/base.c |
12869 |
@@ -107,6 +107,22 @@ struct pid_entry { |
12870 |
@@ -45611,24 +45288,34 @@ index 1fc1dca..813fd0b 100644 |
12871 |
#define NOD(NAME, MODE, IOP, FOP, OP) { \ |
12872 |
.name = (NAME), \ |
12873 |
.len = sizeof(NAME) - 1, \ |
12874 |
-@@ -204,10 +220,12 @@ static struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) |
12875 |
- return ERR_PTR(err); |
12876 |
+@@ -194,26 +210,6 @@ static int proc_root_link(struct inode *inode, struct path *path) |
12877 |
+ return result; |
12878 |
+ } |
12879 |
|
12880 |
- mm = get_task_mm(task); |
12881 |
+-static struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) |
12882 |
+-{ |
12883 |
+- struct mm_struct *mm; |
12884 |
+- int err; |
12885 |
+- |
12886 |
+- err = mutex_lock_killable(&task->signal->cred_guard_mutex); |
12887 |
+- if (err) |
12888 |
+- return ERR_PTR(err); |
12889 |
+- |
12890 |
+- mm = get_task_mm(task); |
12891 |
- if (mm && mm != current->mm && |
12892 |
- !ptrace_may_access(task, mode)) { |
12893 |
- mmput(mm); |
12894 |
- mm = ERR_PTR(-EACCES); |
12895 |
-+ if (mm) { |
12896 |
-+ if ((mm != current->mm && !ptrace_may_access(task, mode)) || |
12897 |
-+ (mode == PTRACE_MODE_ATTACH && (gr_handle_proc_ptrace(task) || gr_acl_handle_procpidmem(task)))) { |
12898 |
-+ mmput(mm); |
12899 |
-+ mm = ERR_PTR(-EACCES); |
12900 |
-+ } |
12901 |
- } |
12902 |
- mutex_unlock(&task->signal->cred_guard_mutex); |
12903 |
- |
12904 |
-@@ -229,6 +247,9 @@ static int proc_pid_cmdline(struct task_struct *task, char * buffer) |
12905 |
+- } |
12906 |
+- mutex_unlock(&task->signal->cred_guard_mutex); |
12907 |
+- |
12908 |
+- return mm; |
12909 |
+-} |
12910 |
+- |
12911 |
+ struct mm_struct *mm_for_maps(struct task_struct *task) |
12912 |
+ { |
12913 |
+ return mm_access(task, PTRACE_MODE_READ); |
12914 |
+@@ -229,6 +225,9 @@ static int proc_pid_cmdline(struct task_struct *task, char * buffer) |
12915 |
if (!mm->arg_end) |
12916 |
goto out_mm; /* Shh! No looking before we're done */ |
12917 |
|
12918 |
@@ -45638,7 +45325,7 @@ index 1fc1dca..813fd0b 100644 |
12919 |
len = mm->arg_end - mm->arg_start; |
12920 |
|
12921 |
if (len > PAGE_SIZE) |
12922 |
-@@ -256,12 +277,28 @@ out: |
12923 |
+@@ -256,12 +255,28 @@ out: |
12924 |
return res; |
12925 |
} |
12926 |
|
12927 |
@@ -45667,7 +45354,7 @@ index 1fc1dca..813fd0b 100644 |
12928 |
do { |
12929 |
nwords += 2; |
12930 |
} while (mm->saved_auxv[nwords - 2] != 0); /* AT_NULL */ |
12931 |
-@@ -275,7 +312,7 @@ static int proc_pid_auxv(struct task_struct *task, char *buffer) |
12932 |
+@@ -275,7 +290,7 @@ static int proc_pid_auxv(struct task_struct *task, char *buffer) |
12933 |
} |
12934 |
|
12935 |
|
12936 |
@@ -45676,7 +45363,7 @@ index 1fc1dca..813fd0b 100644 |
12937 |
/* |
12938 |
* Provides a wchan file via kallsyms in a proper one-value-per-file format. |
12939 |
* Returns the resolved symbol. If that fails, simply return the address. |
12940 |
-@@ -314,7 +351,7 @@ static void unlock_trace(struct task_struct *task) |
12941 |
+@@ -314,7 +329,7 @@ static void unlock_trace(struct task_struct *task) |
12942 |
mutex_unlock(&task->signal->cred_guard_mutex); |
12943 |
} |
12944 |
|
12945 |
@@ -45685,7 +45372,7 @@ index 1fc1dca..813fd0b 100644 |
12946 |
|
12947 |
#define MAX_STACK_TRACE_DEPTH 64 |
12948 |
|
12949 |
-@@ -505,7 +542,7 @@ static int proc_pid_limits(struct task_struct *task, char *buffer) |
12950 |
+@@ -505,7 +520,7 @@ static int proc_pid_limits(struct task_struct *task, char *buffer) |
12951 |
return count; |
12952 |
} |
12953 |
|
12954 |
@@ -45694,7 +45381,7 @@ index 1fc1dca..813fd0b 100644 |
12955 |
static int proc_pid_syscall(struct task_struct *task, char *buffer) |
12956 |
{ |
12957 |
long nr; |
12958 |
-@@ -534,7 +571,7 @@ static int proc_pid_syscall(struct task_struct *task, char *buffer) |
12959 |
+@@ -534,7 +549,7 @@ static int proc_pid_syscall(struct task_struct *task, char *buffer) |
12960 |
/************************************************************************/ |
12961 |
|
12962 |
/* permission checks */ |
12963 |
@@ -45703,7 +45390,7 @@ index 1fc1dca..813fd0b 100644 |
12964 |
{ |
12965 |
struct task_struct *task; |
12966 |
int allowed = 0; |
12967 |
-@@ -544,7 +581,10 @@ static int proc_fd_access_allowed(struct inode *inode) |
12968 |
+@@ -544,7 +559,10 @@ static int proc_fd_access_allowed(struct inode *inode) |
12969 |
*/ |
12970 |
task = get_proc_task(inode); |
12971 |
if (task) { |
12972 |
@@ -45715,26 +45402,164 @@ index 1fc1dca..813fd0b 100644 |
12973 |
put_task_struct(task); |
12974 |
} |
12975 |
return allowed; |
12976 |
-@@ -826,6 +866,10 @@ static ssize_t mem_read(struct file * file, char __user * buf, |
12977 |
- return ret; |
12978 |
- } |
12979 |
+@@ -775,6 +793,13 @@ static int mem_open(struct inode* inode, struct file* file) |
12980 |
+ if (IS_ERR(mm)) |
12981 |
+ return PTR_ERR(mm); |
12982 |
|
12983 |
-+#define mem_write NULL |
12984 |
++ if (mm) { |
12985 |
++ /* ensure this mm_struct can't be freed */ |
12986 |
++ atomic_inc(&mm->mm_count); |
12987 |
++ /* but do not pin its memory */ |
12988 |
++ mmput(mm); |
12989 |
++ } |
12990 |
+ |
12991 |
-+#ifndef mem_write |
12992 |
-+/* They were right the first time */ |
12993 |
- static ssize_t mem_write(struct file * file, const char __user *buf, |
12994 |
- size_t count, loff_t *ppos) |
12995 |
+ /* OK to pass negative loff_t, we can catch out-of-range */ |
12996 |
+ file->f_mode |= FMODE_UNSIGNED_OFFSET; |
12997 |
+ file->private_data = mm; |
12998 |
+@@ -782,57 +807,18 @@ static int mem_open(struct inode* inode, struct file* file) |
12999 |
+ return 0; |
13000 |
+ } |
13001 |
+ |
13002 |
+-static ssize_t mem_read(struct file * file, char __user * buf, |
13003 |
+- size_t count, loff_t *ppos) |
13004 |
++static ssize_t mem_rw(struct file *file, char __user *buf, |
13005 |
++ size_t count, loff_t *ppos, int write) |
13006 |
{ |
13007 |
-@@ -866,6 +910,7 @@ static ssize_t mem_write(struct file * file, const char __user *buf, |
13008 |
+- int ret; |
13009 |
+- char *page; |
13010 |
+- unsigned long src = *ppos; |
13011 |
+ struct mm_struct *mm = file->private_data; |
13012 |
+- |
13013 |
+- if (!mm) |
13014 |
+- return 0; |
13015 |
+- |
13016 |
+- page = (char *)__get_free_page(GFP_TEMPORARY); |
13017 |
+- if (!page) |
13018 |
+- return -ENOMEM; |
13019 |
+- |
13020 |
+- ret = 0; |
13021 |
+- |
13022 |
+- while (count > 0) { |
13023 |
+- int this_len, retval; |
13024 |
+- |
13025 |
+- this_len = (count > PAGE_SIZE) ? PAGE_SIZE : count; |
13026 |
+- retval = access_remote_vm(mm, src, page, this_len, 0); |
13027 |
+- if (!retval) { |
13028 |
+- if (!ret) |
13029 |
+- ret = -EIO; |
13030 |
+- break; |
13031 |
+- } |
13032 |
+- |
13033 |
+- if (copy_to_user(buf, page, retval)) { |
13034 |
+- ret = -EFAULT; |
13035 |
+- break; |
13036 |
+- } |
13037 |
+- |
13038 |
+- ret += retval; |
13039 |
+- src += retval; |
13040 |
+- buf += retval; |
13041 |
+- count -= retval; |
13042 |
+- } |
13043 |
+- *ppos = src; |
13044 |
+- |
13045 |
+- free_page((unsigned long) page); |
13046 |
+- return ret; |
13047 |
+-} |
13048 |
+- |
13049 |
+-static ssize_t mem_write(struct file * file, const char __user *buf, |
13050 |
+- size_t count, loff_t *ppos) |
13051 |
+-{ |
13052 |
+- int copied; |
13053 |
++ unsigned long addr = *ppos; |
13054 |
++ ssize_t copied; |
13055 |
+ char *page; |
13056 |
+- unsigned long dst = *ppos; |
13057 |
+- struct mm_struct *mm = file->private_data; |
13058 |
++ |
13059 |
++#ifdef CONFIG_GRKERNSEC |
13060 |
++ if (write) |
13061 |
++ return -EPERM; |
13062 |
++#endif |
13063 |
+ |
13064 |
+ if (!mm) |
13065 |
+ return 0; |
13066 |
+@@ -842,31 +828,54 @@ static ssize_t mem_write(struct file * file, const char __user *buf, |
13067 |
+ return -ENOMEM; |
13068 |
+ |
13069 |
+ copied = 0; |
13070 |
++ if (!atomic_inc_not_zero(&mm->mm_users)) |
13071 |
++ goto free; |
13072 |
++ |
13073 |
+ while (count > 0) { |
13074 |
+- int this_len, retval; |
13075 |
++ int this_len = min_t(int, count, PAGE_SIZE); |
13076 |
+ |
13077 |
+- this_len = (count > PAGE_SIZE) ? PAGE_SIZE : count; |
13078 |
+- if (copy_from_user(page, buf, this_len)) { |
13079 |
++ if (write && copy_from_user(page, buf, this_len)) { |
13080 |
+ copied = -EFAULT; |
13081 |
+ break; |
13082 |
+ } |
13083 |
+- retval = access_remote_vm(mm, dst, page, this_len, 1); |
13084 |
+- if (!retval) { |
13085 |
++ |
13086 |
++ this_len = access_remote_vm(mm, addr, page, this_len, write); |
13087 |
++ if (!this_len) { |
13088 |
+ if (!copied) |
13089 |
+ copied = -EIO; |
13090 |
+ break; |
13091 |
+ } |
13092 |
+- copied += retval; |
13093 |
+- buf += retval; |
13094 |
+- dst += retval; |
13095 |
+- count -= retval; |
13096 |
++ |
13097 |
++ if (!write && copy_to_user(buf, page, this_len)) { |
13098 |
++ copied = -EFAULT; |
13099 |
++ break; |
13100 |
++ } |
13101 |
++ |
13102 |
++ buf += this_len; |
13103 |
++ addr += this_len; |
13104 |
++ copied += this_len; |
13105 |
++ count -= this_len; |
13106 |
+ } |
13107 |
+- *ppos = dst; |
13108 |
++ *ppos = addr; |
13109 |
+ |
13110 |
++ mmput(mm); |
13111 |
++free: |
13112 |
free_page((unsigned long) page); |
13113 |
return copied; |
13114 |
} |
13115 |
-+#endif |
13116 |
|
13117 |
++static ssize_t mem_read(struct file *file, char __user *buf, |
13118 |
++ size_t count, loff_t *ppos) |
13119 |
++{ |
13120 |
++ return mem_rw(file, buf, count, ppos, 0); |
13121 |
++} |
13122 |
++ |
13123 |
++static ssize_t mem_write(struct file *file, const char __user *buf, |
13124 |
++ size_t count, loff_t *ppos) |
13125 |
++{ |
13126 |
++ return mem_rw(file, (char __user*)buf, count, ppos, 1); |
13127 |
++} |
13128 |
++ |
13129 |
loff_t mem_lseek(struct file *file, loff_t offset, int orig) |
13130 |
{ |
13131 |
-@@ -911,6 +956,9 @@ static ssize_t environ_read(struct file *file, char __user *buf, |
13132 |
+ switch (orig) { |
13133 |
+@@ -886,8 +895,8 @@ loff_t mem_lseek(struct file *file, loff_t offset, int orig) |
13134 |
+ static int mem_release(struct inode *inode, struct file *file) |
13135 |
+ { |
13136 |
+ struct mm_struct *mm = file->private_data; |
13137 |
+- |
13138 |
+- mmput(mm); |
13139 |
++ if (mm) |
13140 |
++ mmdrop(mm); |
13141 |
+ return 0; |
13142 |
+ } |
13143 |
+ |
13144 |
+@@ -911,6 +920,9 @@ static ssize_t environ_read(struct file *file, char __user *buf, |
13145 |
if (!task) |
13146 |
goto out_no_task; |
13147 |
|
13148 |
@@ -45744,7 +45569,7 @@ index 1fc1dca..813fd0b 100644 |
13149 |
ret = -ENOMEM; |
13150 |
page = (char *)__get_free_page(GFP_TEMPORARY); |
13151 |
if (!page) |
13152 |
-@@ -1533,7 +1581,7 @@ static void *proc_pid_follow_link(struct dentry *dentry, struct nameidata *nd) |
13153 |
+@@ -1533,7 +1545,7 @@ static void *proc_pid_follow_link(struct dentry *dentry, struct nameidata *nd) |
13154 |
path_put(&nd->path); |
13155 |
|
13156 |
/* Are we allowed to snoop on the tasks file descriptors? */ |
13157 |
@@ -45753,7 +45578,7 @@ index 1fc1dca..813fd0b 100644 |
13158 |
goto out; |
13159 |
|
13160 |
error = PROC_I(inode)->op.proc_get_link(inode, &nd->path); |
13161 |
-@@ -1572,8 +1620,18 @@ static int proc_pid_readlink(struct dentry * dentry, char __user * buffer, int b |
13162 |
+@@ -1572,8 +1584,18 @@ static int proc_pid_readlink(struct dentry * dentry, char __user * buffer, int b |
13163 |
struct path path; |
13164 |
|
13165 |
/* Are we allowed to snoop on the tasks file descriptors? */ |
13166 |
@@ -45774,7 +45599,7 @@ index 1fc1dca..813fd0b 100644 |
13167 |
|
13168 |
error = PROC_I(inode)->op.proc_get_link(inode, &path); |
13169 |
if (error) |
13170 |
-@@ -1638,7 +1696,11 @@ struct inode *proc_pid_make_inode(struct super_block * sb, struct task_struct *t |
13171 |
+@@ -1638,7 +1660,11 @@ struct inode *proc_pid_make_inode(struct super_block * sb, struct task_struct *t |
13172 |
rcu_read_lock(); |
13173 |
cred = __task_cred(task); |
13174 |
inode->i_uid = cred->euid; |
13175 |
@@ -45786,7 +45611,7 @@ index 1fc1dca..813fd0b 100644 |
13176 |
rcu_read_unlock(); |
13177 |
} |
13178 |
security_task_to_inode(task, inode); |
13179 |
-@@ -1656,6 +1718,9 @@ int pid_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat) |
13180 |
+@@ -1656,6 +1682,9 @@ int pid_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat) |
13181 |
struct inode *inode = dentry->d_inode; |
13182 |
struct task_struct *task; |
13183 |
const struct cred *cred; |
13184 |
@@ -45796,7 +45621,7 @@ index 1fc1dca..813fd0b 100644 |
13185 |
|
13186 |
generic_fillattr(inode, stat); |
13187 |
|
13188 |
-@@ -1663,13 +1728,41 @@ int pid_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat) |
13189 |
+@@ -1663,13 +1692,41 @@ int pid_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat) |
13190 |
stat->uid = 0; |
13191 |
stat->gid = 0; |
13192 |
task = pid_task(proc_pid(inode), PIDTYPE_PID); |
13193 |
@@ -45839,7 +45664,7 @@ index 1fc1dca..813fd0b 100644 |
13194 |
} |
13195 |
rcu_read_unlock(); |
13196 |
return 0; |
13197 |
-@@ -1706,11 +1799,20 @@ int pid_revalidate(struct dentry *dentry, struct nameidata *nd) |
13198 |
+@@ -1706,11 +1763,20 @@ int pid_revalidate(struct dentry *dentry, struct nameidata *nd) |
13199 |
|
13200 |
if (task) { |
13201 |
if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) || |
13202 |
@@ -45860,7 +45685,7 @@ index 1fc1dca..813fd0b 100644 |
13203 |
rcu_read_unlock(); |
13204 |
} else { |
13205 |
inode->i_uid = 0; |
13206 |
-@@ -1828,7 +1930,8 @@ static int proc_fd_info(struct inode *inode, struct path *path, char *info) |
13207 |
+@@ -1828,7 +1894,8 @@ static int proc_fd_info(struct inode *inode, struct path *path, char *info) |
13208 |
int fd = proc_fd(inode); |
13209 |
|
13210 |
if (task) { |
13211 |
@@ -45870,7 +45695,7 @@ index 1fc1dca..813fd0b 100644 |
13212 |
put_task_struct(task); |
13213 |
} |
13214 |
if (files) { |
13215 |
-@@ -2096,11 +2199,21 @@ static const struct file_operations proc_fd_operations = { |
13216 |
+@@ -2096,11 +2163,21 @@ static const struct file_operations proc_fd_operations = { |
13217 |
*/ |
13218 |
static int proc_fd_permission(struct inode *inode, int mask) |
13219 |
{ |
13220 |
@@ -45894,7 +45719,7 @@ index 1fc1dca..813fd0b 100644 |
13221 |
return rv; |
13222 |
} |
13223 |
|
13224 |
-@@ -2210,6 +2323,9 @@ static struct dentry *proc_pident_lookup(struct inode *dir, |
13225 |
+@@ -2210,6 +2287,9 @@ static struct dentry *proc_pident_lookup(struct inode *dir, |
13226 |
if (!task) |
13227 |
goto out_no_task; |
13228 |
|
13229 |
@@ -45904,7 +45729,7 @@ index 1fc1dca..813fd0b 100644 |
13230 |
/* |
13231 |
* Yes, it does not scale. And it should not. Don't add |
13232 |
* new entries into /proc/<tgid>/ without very good reasons. |
13233 |
-@@ -2254,6 +2370,9 @@ static int proc_pident_readdir(struct file *filp, |
13234 |
+@@ -2254,6 +2334,9 @@ static int proc_pident_readdir(struct file *filp, |
13235 |
if (!task) |
13236 |
goto out_no_task; |
13237 |
|
13238 |
@@ -45914,7 +45739,7 @@ index 1fc1dca..813fd0b 100644 |
13239 |
ret = 0; |
13240 |
i = filp->f_pos; |
13241 |
switch (i) { |
13242 |
-@@ -2524,7 +2643,7 @@ static void *proc_self_follow_link(struct dentry *dentry, struct nameidata *nd) |
13243 |
+@@ -2524,7 +2607,7 @@ static void *proc_self_follow_link(struct dentry *dentry, struct nameidata *nd) |
13244 |
static void proc_self_put_link(struct dentry *dentry, struct nameidata *nd, |
13245 |
void *cookie) |
13246 |
{ |
13247 |
@@ -45923,7 +45748,7 @@ index 1fc1dca..813fd0b 100644 |
13248 |
if (!IS_ERR(s)) |
13249 |
__putname(s); |
13250 |
} |
13251 |
-@@ -2722,7 +2841,7 @@ static const struct pid_entry tgid_base_stuff[] = { |
13252 |
+@@ -2722,7 +2805,7 @@ static const struct pid_entry tgid_base_stuff[] = { |
13253 |
REG("autogroup", S_IRUGO|S_IWUSR, proc_pid_sched_autogroup_operations), |
13254 |
#endif |
13255 |
REG("comm", S_IRUGO|S_IWUSR, proc_pid_set_comm_operations), |
13256 |
@@ -45932,7 +45757,7 @@ index 1fc1dca..813fd0b 100644 |
13257 |
INF("syscall", S_IRUGO, proc_pid_syscall), |
13258 |
#endif |
13259 |
INF("cmdline", S_IRUGO, proc_pid_cmdline), |
13260 |
-@@ -2747,10 +2866,10 @@ static const struct pid_entry tgid_base_stuff[] = { |
13261 |
+@@ -2747,10 +2830,10 @@ static const struct pid_entry tgid_base_stuff[] = { |
13262 |
#ifdef CONFIG_SECURITY |
13263 |
DIR("attr", S_IRUGO|S_IXUGO, proc_attr_dir_inode_operations, proc_attr_dir_operations), |
13264 |
#endif |
13265 |
@@ -45945,7 +45770,7 @@ index 1fc1dca..813fd0b 100644 |
13266 |
ONE("stack", S_IRUGO, proc_pid_stack), |
13267 |
#endif |
13268 |
#ifdef CONFIG_SCHEDSTATS |
13269 |
-@@ -2784,6 +2903,9 @@ static const struct pid_entry tgid_base_stuff[] = { |
13270 |
+@@ -2784,6 +2867,9 @@ static const struct pid_entry tgid_base_stuff[] = { |
13271 |
#ifdef CONFIG_HARDWALL |
13272 |
INF("hardwall", S_IRUGO, proc_pid_hardwall), |
13273 |
#endif |
13274 |
@@ -45955,7 +45780,7 @@ index 1fc1dca..813fd0b 100644 |
13275 |
}; |
13276 |
|
13277 |
static int proc_tgid_base_readdir(struct file * filp, |
13278 |
-@@ -2909,7 +3031,14 @@ static struct dentry *proc_pid_instantiate(struct inode *dir, |
13279 |
+@@ -2909,7 +2995,14 @@ static struct dentry *proc_pid_instantiate(struct inode *dir, |
13280 |
if (!inode) |
13281 |
goto out; |
13282 |
|
13283 |
@@ -45970,7 +45795,7 @@ index 1fc1dca..813fd0b 100644 |
13284 |
inode->i_op = &proc_tgid_base_inode_operations; |
13285 |
inode->i_fop = &proc_tgid_base_operations; |
13286 |
inode->i_flags|=S_IMMUTABLE; |
13287 |
-@@ -2951,7 +3080,11 @@ struct dentry *proc_pid_lookup(struct inode *dir, struct dentry * dentry, struct |
13288 |
+@@ -2951,7 +3044,11 @@ struct dentry *proc_pid_lookup(struct inode *dir, struct dentry * dentry, struct |
13289 |
if (!task) |
13290 |
goto out; |
13291 |
|
13292 |
@@ -45982,7 +45807,7 @@ index 1fc1dca..813fd0b 100644 |
13293 |
put_task_struct(task); |
13294 |
out: |
13295 |
return result; |
13296 |
-@@ -3016,6 +3149,11 @@ int proc_pid_readdir(struct file * filp, void * dirent, filldir_t filldir) |
13297 |
+@@ -3016,6 +3113,11 @@ int proc_pid_readdir(struct file * filp, void * dirent, filldir_t filldir) |
13298 |
{ |
13299 |
unsigned int nr; |
13300 |
struct task_struct *reaper; |
13301 |
@@ -45994,7 +45819,7 @@ index 1fc1dca..813fd0b 100644 |
13302 |
struct tgid_iter iter; |
13303 |
struct pid_namespace *ns; |
13304 |
|
13305 |
-@@ -3039,8 +3177,27 @@ int proc_pid_readdir(struct file * filp, void * dirent, filldir_t filldir) |
13306 |
+@@ -3039,8 +3141,27 @@ int proc_pid_readdir(struct file * filp, void * dirent, filldir_t filldir) |
13307 |
for (iter = next_tgid(ns, iter); |
13308 |
iter.task; |
13309 |
iter.tgid += 1, iter = next_tgid(ns, iter)) { |
13310 |
@@ -46023,7 +45848,7 @@ index 1fc1dca..813fd0b 100644 |
13311 |
put_task_struct(iter.task); |
13312 |
goto out; |
13313 |
} |
13314 |
-@@ -3068,7 +3225,7 @@ static const struct pid_entry tid_base_stuff[] = { |
13315 |
+@@ -3068,7 +3189,7 @@ static const struct pid_entry tid_base_stuff[] = { |
13316 |
REG("sched", S_IRUGO|S_IWUSR, proc_pid_sched_operations), |
13317 |
#endif |
13318 |
REG("comm", S_IRUGO|S_IWUSR, proc_pid_set_comm_operations), |
13319 |
@@ -46032,7 +45857,7 @@ index 1fc1dca..813fd0b 100644 |
13320 |
INF("syscall", S_IRUGO, proc_pid_syscall), |
13321 |
#endif |
13322 |
INF("cmdline", S_IRUGO, proc_pid_cmdline), |
13323 |
-@@ -3092,10 +3249,10 @@ static const struct pid_entry tid_base_stuff[] = { |
13324 |
+@@ -3092,10 +3213,10 @@ static const struct pid_entry tid_base_stuff[] = { |
13325 |
#ifdef CONFIG_SECURITY |
13326 |
DIR("attr", S_IRUGO|S_IXUGO, proc_attr_dir_inode_operations, proc_attr_dir_operations), |
13327 |
#endif |
13328 |
@@ -46894,8 +46719,31 @@ index fa2defa..8601650 100644 |
13329 |
ret = -EAGAIN; |
13330 |
|
13331 |
pipe_unlock(ipipe); |
13332 |
+diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c |
13333 |
+index 7fdf6a7..e6cd8ad 100644 |
13334 |
+--- a/fs/sysfs/dir.c |
13335 |
++++ b/fs/sysfs/dir.c |
13336 |
+@@ -642,6 +642,18 @@ static int create_dir(struct kobject *kobj, struct sysfs_dirent *parent_sd, |
13337 |
+ struct sysfs_dirent *sd; |
13338 |
+ int rc; |
13339 |
+ |
13340 |
++#ifdef CONFIG_GRKERNSEC_SYSFS_RESTRICT |
13341 |
++ const char *parent_name = parent_sd->s_name; |
13342 |
++ |
13343 |
++ mode = S_IFDIR | S_IRWXU; |
13344 |
++ |
13345 |
++ if ((!strcmp(parent_name, "") && (!strcmp(name, "devices") || !strcmp(name, "fs"))) || |
13346 |
++ (!strcmp(parent_name, "devices") && !strcmp(name, "system")) || |
13347 |
++ (!strcmp(parent_name, "fs") && (!strcmp(name, "selinux") || !strcmp(name, "fuse"))) || |
13348 |
++ (!strcmp(parent_name, "system") && !strcmp(name, "cpu"))) |
13349 |
++ mode = S_IFDIR | S_IRWXU | S_IRUGO | S_IXUGO; |
13350 |
++#endif |
13351 |
++ |
13352 |
+ /* allocate */ |
13353 |
+ sd = sysfs_new_dirent(name, mode, SYSFS_DIR); |
13354 |
+ if (!sd) |
13355 |
diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c |
13356 |
-index d4e6080b..0e58b99 100644 |
13357 |
+index 779789a..f58193c 100644 |
13358 |
--- a/fs/sysfs/file.c |
13359 |
+++ b/fs/sysfs/file.c |
13360 |
@@ -37,7 +37,7 @@ static DEFINE_SPINLOCK(sysfs_open_dirent_lock); |
13361 |
@@ -46943,22 +46791,6 @@ index d4e6080b..0e58b99 100644 |
13362 |
wake_up_interruptible(&od->poll); |
13363 |
} |
13364 |
|
13365 |
-diff --git a/fs/sysfs/mount.c b/fs/sysfs/mount.c |
13366 |
-index e34f0d9..740ea7b 100644 |
13367 |
---- a/fs/sysfs/mount.c |
13368 |
-+++ b/fs/sysfs/mount.c |
13369 |
-@@ -36,7 +36,11 @@ struct sysfs_dirent sysfs_root = { |
13370 |
- .s_name = "", |
13371 |
- .s_count = ATOMIC_INIT(1), |
13372 |
- .s_flags = SYSFS_DIR | (KOBJ_NS_TYPE_NONE << SYSFS_NS_TYPE_SHIFT), |
13373 |
-+#ifdef CONFIG_GRKERNSEC_SYSFS_RESTRICT |
13374 |
-+ .s_mode = S_IFDIR | S_IRWXU, |
13375 |
-+#else |
13376 |
- .s_mode = S_IFDIR | S_IRWXU | S_IRUGO | S_IXUGO, |
13377 |
-+#endif |
13378 |
- .s_ino = 1, |
13379 |
- }; |
13380 |
- |
13381 |
diff --git a/fs/sysfs/symlink.c b/fs/sysfs/symlink.c |
13382 |
index a7ac78f..02158e1 100644 |
13383 |
--- a/fs/sysfs/symlink.c |
13384 |
@@ -47151,26 +46983,12 @@ index 23ce927..e274cc1 100644 |
13385 |
|
13386 |
if (!IS_ERR(s)) |
13387 |
kfree(s); |
13388 |
-diff --git a/fs/xfs/xfs_vnodeops.c b/fs/xfs/xfs_vnodeops.c |
13389 |
-index ce9268a..ee98d0b 100644 |
13390 |
---- a/fs/xfs/xfs_vnodeops.c |
13391 |
-+++ b/fs/xfs/xfs_vnodeops.c |
13392 |
-@@ -131,7 +131,8 @@ xfs_readlink( |
13393 |
- __func__, (unsigned long long) ip->i_ino, |
13394 |
- (long long) pathlen); |
13395 |
- ASSERT(0); |
13396 |
-- return XFS_ERROR(EFSCORRUPTED); |
13397 |
-+ error = XFS_ERROR(EFSCORRUPTED); |
13398 |
-+ goto out; |
13399 |
- } |
13400 |
- |
13401 |
- |
13402 |
diff --git a/grsecurity/Kconfig b/grsecurity/Kconfig |
13403 |
new file mode 100644 |
13404 |
-index 0000000..ab77366 |
13405 |
+index 0000000..dfd3d34 |
13406 |
--- /dev/null |
13407 |
+++ b/grsecurity/Kconfig |
13408 |
-@@ -0,0 +1,1065 @@ |
13409 |
+@@ -0,0 +1,1069 @@ |
13410 |
+# |
13411 |
+# grecurity configuration |
13412 |
+# |
13413 |
@@ -47641,15 +47459,19 @@ index 0000000..ab77366 |
13414 |
+ depends on SYSFS |
13415 |
+ help |
13416 |
+ If you say Y here, sysfs (the pseudo-filesystem mounted at /sys) and |
13417 |
-+ any filesystem normally mounted under it (e.g. debugfs) will only |
13418 |
-+ be accessible by root. These filesystems generally provide access |
13419 |
++ any filesystem normally mounted under it (e.g. debugfs) will be |
13420 |
++ mostly accessible only by root. These filesystems generally provide access |
13421 |
+ to hardware and debug information that isn't appropriate for unprivileged |
13422 |
+ users of the system. Sysfs and debugfs have also become a large source |
13423 |
+ of new vulnerabilities, ranging from infoleaks to local compromise. |
13424 |
+ There has been very little oversight with an eye toward security involved |
13425 |
+ in adding new exporters of information to these filesystems, so their |
13426 |
+ use is discouraged. |
13427 |
-+ This option is equivalent to a chmod 0700 of the mount paths. |
13428 |
++ For reasons of compatibility, a few directories have been whitelisted |
13429 |
++ for access by non-root users: |
13430 |
++ /sys/fs/selinux |
13431 |
++ /sys/fs/fuse |
13432 |
++ /sys/devices/system/cpu |
13433 |
+ |
13434 |
+config GRKERNSEC_ROFS |
13435 |
+ bool "Runtime read-only mount protection" |
13436 |
@@ -56948,10 +56770,10 @@ index 0000000..0dc13c3 |
13437 |
+EXPORT_SYMBOL(gr_log_timechange); |
13438 |
diff --git a/grsecurity/grsec_tpe.c b/grsecurity/grsec_tpe.c |
13439 |
new file mode 100644 |
13440 |
-index 0000000..4a78774 |
13441 |
+index 0000000..a35ba33 |
13442 |
--- /dev/null |
13443 |
+++ b/grsecurity/grsec_tpe.c |
13444 |
-@@ -0,0 +1,39 @@ |
13445 |
+@@ -0,0 +1,73 @@ |
13446 |
+#include <linux/kernel.h> |
13447 |
+#include <linux/sched.h> |
13448 |
+#include <linux/file.h> |
13449 |
@@ -56966,25 +56788,59 @@ index 0000000..4a78774 |
13450 |
+#ifdef CONFIG_GRKERNSEC |
13451 |
+ struct inode *inode = file->f_path.dentry->d_parent->d_inode; |
13452 |
+ const struct cred *cred = current_cred(); |
13453 |
++ char *msg = NULL; |
13454 |
++ char *msg2 = NULL; |
13455 |
++ |
13456 |
++ // never restrict root |
13457 |
++ if (!cred->uid) |
13458 |
++ return 1; |
13459 |
+ |
13460 |
-+ if (cred->uid && ((grsec_enable_tpe && |
13461 |
++ if (grsec_enable_tpe) { |
13462 |
+#ifdef CONFIG_GRKERNSEC_TPE_INVERT |
13463 |
-+ ((grsec_enable_tpe_invert && !in_group_p(grsec_tpe_gid)) || |
13464 |
-+ (!grsec_enable_tpe_invert && in_group_p(grsec_tpe_gid))) |
13465 |
++ if (grsec_enable_tpe_invert && !in_group_p(grsec_tpe_gid)) |
13466 |
++ msg = "not being in trusted group"; |
13467 |
++ else if (!grsec_enable_tpe_invert && in_group_p(grsec_tpe_gid)) |
13468 |
++ msg = "being in untrusted group"; |
13469 |
+#else |
13470 |
-+ in_group_p(grsec_tpe_gid) |
13471 |
++ if (in_group_p(grsec_tpe_gid)) |
13472 |
++ msg = "being in untrusted group"; |
13473 |
+#endif |
13474 |
-+ ) || gr_acl_tpe_check()) && |
13475 |
-+ (inode->i_uid || (!inode->i_uid && ((inode->i_mode & S_IWGRP) || |
13476 |
-+ (inode->i_mode & S_IWOTH))))) { |
13477 |
-+ gr_log_fs_generic(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, file->f_path.dentry, file->f_path.mnt); |
13478 |
++ } |
13479 |
++ if (!msg && gr_acl_tpe_check()) |
13480 |
++ msg = "being in untrusted role"; |
13481 |
++ |
13482 |
++ // not in any affected group/role |
13483 |
++ if (!msg) |
13484 |
++ goto next_check; |
13485 |
++ |
13486 |
++ if (inode->i_uid) |
13487 |
++ msg2 = "file in non-root-owned directory"; |
13488 |
++ else if (inode->i_mode & S_IWOTH) |
13489 |
++ msg2 = "file in world-writable directory"; |
13490 |
++ else if (inode->i_mode & S_IWGRP) |
13491 |
++ msg2 = "file in group-writable directory"; |
13492 |
++ |
13493 |
++ if (msg && msg2) { |
13494 |
++ char fullmsg[64] = {0}; |
13495 |
++ snprintf(fullmsg, sizeof(fullmsg)-1, "%s and %s", msg, msg2); |
13496 |
++ gr_log_str_fs(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, fullmsg, file->f_path.dentry, file->f_path.mnt); |
13497 |
+ return 0; |
13498 |
+ } |
13499 |
++ msg = NULL; |
13500 |
++next_check: |
13501 |
+#ifdef CONFIG_GRKERNSEC_TPE_ALL |
13502 |
-+ if (cred->uid && grsec_enable_tpe && grsec_enable_tpe_all && |
13503 |
-+ ((inode->i_uid && (inode->i_uid != cred->uid)) || |
13504 |
-+ (inode->i_mode & S_IWGRP) || (inode->i_mode & S_IWOTH))) { |
13505 |
-+ gr_log_fs_generic(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, file->f_path.dentry, file->f_path.mnt); |
13506 |
++ if (!grsec_enable_tpe || !grsec_enable_tpe_all) |
13507 |
++ return 1; |
13508 |
++ |
13509 |
++ if (inode->i_uid && (inode->i_uid != cred->uid)) |
13510 |
++ msg = "directory not owned by user"; |
13511 |
++ else if (inode->i_mode & S_IWOTH) |
13512 |
++ msg = "file in world-writable directory"; |
13513 |
++ else if (inode->i_mode & S_IWGRP) |
13514 |
++ msg = "file in group-writable directory"; |
13515 |
++ |
13516 |
++ if (msg) { |
13517 |
++ gr_log_str_fs(GR_DONT_AUDIT, GR_EXEC_TPE_MSG, msg, file->f_path.dentry, file->f_path.mnt); |
13518 |
+ return 0; |
13519 |
+ } |
13520 |
+#endif |
13521 |
@@ -57589,7 +57445,7 @@ index b5e2e4c..6a5373e 100644 |
13522 |
/** |
13523 |
* PERCPU_SECTION - define output section for percpu area, simple version |
13524 |
diff --git a/include/drm/drmP.h b/include/drm/drmP.h |
13525 |
-index 1f9e951..14ef517 100644 |
13526 |
+index bf4b2dc..2d0762f 100644 |
13527 |
--- a/include/drm/drmP.h |
13528 |
+++ b/include/drm/drmP.h |
13529 |
@@ -72,6 +72,7 @@ |
13530 |
@@ -59014,7 +58870,7 @@ index 0000000..da390f1 |
13531 |
+#endif |
13532 |
diff --git a/include/linux/grmsg.h b/include/linux/grmsg.h |
13533 |
new file mode 100644 |
13534 |
-index 0000000..dfb15ef |
13535 |
+index 0000000..b3347e2 |
13536 |
--- /dev/null |
13537 |
+++ b/include/linux/grmsg.h |
13538 |
@@ -0,0 +1,109 @@ |
13539 |
@@ -59052,7 +58908,7 @@ index 0000000..dfb15ef |
13540 |
+#define GR_UNSAFESHARE_EXEC_ACL_MSG "denied exec with cloned fs of %.950s by " |
13541 |
+#define GR_PTRACE_EXEC_ACL_MSG "denied ptrace of %.950s by " |
13542 |
+#define GR_EXEC_ACL_MSG "%s execution of %.950s by " |
13543 |
-+#define GR_EXEC_TPE_MSG "denied untrusted exec of %.950s by " |
13544 |
++#define GR_EXEC_TPE_MSG "denied untrusted exec (due to %.64s) of %.950s by " |
13545 |
+#define GR_SEGVSTART_ACL_MSG "possible exploit bruteforcing on " DEFAULTSECMSG " banning uid %u from login for %lu seconds" |
13546 |
+#define GR_SEGVNOSUID_ACL_MSG "possible exploit bruteforcing on " DEFAULTSECMSG " banning execution for %lu seconds" |
13547 |
+#define GR_MOUNT_CHROOT_MSG "denied mount of %.256s as %.930s from chroot by " |
13548 |
@@ -60435,7 +60291,7 @@ index 2148b12..519b820 100644 |
13549 |
|
13550 |
static inline void anon_vma_merge(struct vm_area_struct *vma, |
13551 |
diff --git a/include/linux/sched.h b/include/linux/sched.h |
13552 |
-index 1c4f3e9..c5b241a 100644 |
13553 |
+index 1c4f3e9..f29cbeb 100644 |
13554 |
--- a/include/linux/sched.h |
13555 |
+++ b/include/linux/sched.h |
13556 |
@@ -101,6 +101,7 @@ struct bio_list; |
13557 |
@@ -60639,7 +60495,20 @@ index 1c4f3e9..c5b241a 100644 |
13558 |
extern struct task_struct *find_task_by_pid_ns(pid_t nr, |
13559 |
struct pid_namespace *ns); |
13560 |
|
13561 |
-@@ -2251,7 +2343,7 @@ extern void __cleanup_sighand(struct sighand_struct *); |
13562 |
+@@ -2235,6 +2327,12 @@ static inline void mmdrop(struct mm_struct * mm) |
13563 |
+ extern void mmput(struct mm_struct *); |
13564 |
+ /* Grab a reference to a task's mm, if it is not already going away */ |
13565 |
+ extern struct mm_struct *get_task_mm(struct task_struct *task); |
13566 |
++/* |
13567 |
++ * Grab a reference to a task's mm, if it is not already going away |
13568 |
++ * and ptrace_may_access with the mode parameter passed to it |
13569 |
++ * succeeds. |
13570 |
++ */ |
13571 |
++extern struct mm_struct *mm_access(struct task_struct *task, unsigned int mode); |
13572 |
+ /* Remove the current tasks stale references to the old mm_struct */ |
13573 |
+ extern void mm_release(struct task_struct *, struct mm_struct *); |
13574 |
+ /* Allocate a new mm structure and copy contents from tsk->mm */ |
13575 |
+@@ -2251,7 +2349,7 @@ extern void __cleanup_sighand(struct sighand_struct *); |
13576 |
extern void exit_itimers(struct signal_struct *); |
13577 |
extern void flush_itimer_signals(void); |
13578 |
|
13579 |
@@ -60648,7 +60517,7 @@ index 1c4f3e9..c5b241a 100644 |
13580 |
|
13581 |
extern void daemonize(const char *, ...); |
13582 |
extern int allow_signal(int); |
13583 |
-@@ -2416,13 +2508,17 @@ static inline unsigned long *end_of_stack(struct task_struct *p) |
13584 |
+@@ -2416,13 +2514,17 @@ static inline unsigned long *end_of_stack(struct task_struct *p) |
13585 |
|
13586 |
#endif |
13587 |
|
13588 |
@@ -63319,7 +63188,7 @@ index e6e01b9..619f837 100644 |
13589 |
|
13590 |
if (group_dead) |
13591 |
diff --git a/kernel/fork.c b/kernel/fork.c |
13592 |
-index da4a6a1..c04943c 100644 |
13593 |
+index da4a6a1..0973380 100644 |
13594 |
--- a/kernel/fork.c |
13595 |
+++ b/kernel/fork.c |
13596 |
@@ -280,7 +280,7 @@ static struct task_struct *dup_task_struct(struct task_struct *orig) |
13597 |
@@ -63536,7 +63405,34 @@ index da4a6a1..c04943c 100644 |
13598 |
} |
13599 |
|
13600 |
static inline int mm_alloc_pgd(struct mm_struct *mm) |
13601 |
-@@ -829,13 +866,14 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) |
13602 |
+@@ -644,6 +681,26 @@ struct mm_struct *get_task_mm(struct task_struct *task) |
13603 |
+ } |
13604 |
+ EXPORT_SYMBOL_GPL(get_task_mm); |
13605 |
+ |
13606 |
++struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) |
13607 |
++{ |
13608 |
++ struct mm_struct *mm; |
13609 |
++ int err; |
13610 |
++ |
13611 |
++ err = mutex_lock_killable(&task->signal->cred_guard_mutex); |
13612 |
++ if (err) |
13613 |
++ return ERR_PTR(err); |
13614 |
++ |
13615 |
++ mm = get_task_mm(task); |
13616 |
++ if (mm && ((mm != current->mm && !ptrace_may_access(task, mode)) || |
13617 |
++ (mode == PTRACE_MODE_ATTACH && (gr_handle_proc_ptrace(task) || gr_acl_handle_procpidmem(task))))) { |
13618 |
++ mmput(mm); |
13619 |
++ mm = ERR_PTR(-EACCES); |
13620 |
++ } |
13621 |
++ mutex_unlock(&task->signal->cred_guard_mutex); |
13622 |
++ |
13623 |
++ return mm; |
13624 |
++} |
13625 |
++ |
13626 |
+ /* Please note the differences between mmput and mm_release. |
13627 |
+ * mmput is called whenever we stop holding onto a mm_struct, |
13628 |
+ * error success whatever. |
13629 |
+@@ -829,13 +886,14 @@ static int copy_fs(unsigned long clone_flags, struct task_struct *tsk) |
13630 |
spin_unlock(&fs->lock); |
13631 |
return -EAGAIN; |
13632 |
} |
13633 |
@@ -63552,7 +63448,7 @@ index da4a6a1..c04943c 100644 |
13634 |
return 0; |
13635 |
} |
13636 |
|
13637 |
-@@ -1097,6 +1135,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, |
13638 |
+@@ -1097,6 +1155,9 @@ static struct task_struct *copy_process(unsigned long clone_flags, |
13639 |
DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled); |
13640 |
#endif |
13641 |
retval = -EAGAIN; |
13642 |
@@ -63562,7 +63458,7 @@ index da4a6a1..c04943c 100644 |
13643 |
if (atomic_read(&p->real_cred->user->processes) >= |
13644 |
task_rlimit(p, RLIMIT_NPROC)) { |
13645 |
if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) && |
13646 |
-@@ -1256,6 +1297,8 @@ static struct task_struct *copy_process(unsigned long clone_flags, |
13647 |
+@@ -1256,6 +1317,8 @@ static struct task_struct *copy_process(unsigned long clone_flags, |
13648 |
if (clone_flags & CLONE_THREAD) |
13649 |
p->tgid = current->tgid; |
13650 |
|
13651 |
@@ -63571,7 +63467,7 @@ index da4a6a1..c04943c 100644 |
13652 |
p->set_child_tid = (clone_flags & CLONE_CHILD_SETTID) ? child_tidptr : NULL; |
13653 |
/* |
13654 |
* Clear TID on mm_release()? |
13655 |
-@@ -1418,6 +1461,8 @@ bad_fork_cleanup_count: |
13656 |
+@@ -1418,6 +1481,8 @@ bad_fork_cleanup_count: |
13657 |
bad_fork_free: |
13658 |
free_task(p); |
13659 |
fork_out: |
13660 |
@@ -63580,7 +63476,7 @@ index da4a6a1..c04943c 100644 |
13661 |
return ERR_PTR(retval); |
13662 |
} |
13663 |
|
13664 |
-@@ -1518,6 +1563,8 @@ long do_fork(unsigned long clone_flags, |
13665 |
+@@ -1518,6 +1583,8 @@ long do_fork(unsigned long clone_flags, |
13666 |
if (clone_flags & CLONE_PARENT_SETTID) |
13667 |
put_user(nr, parent_tidptr); |
13668 |
|
13669 |
@@ -63589,7 +63485,7 @@ index da4a6a1..c04943c 100644 |
13670 |
if (clone_flags & CLONE_VFORK) { |
13671 |
p->vfork_done = &vfork; |
13672 |
init_completion(&vfork); |
13673 |
-@@ -1627,7 +1674,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) |
13674 |
+@@ -1627,7 +1694,7 @@ static int unshare_fs(unsigned long unshare_flags, struct fs_struct **new_fsp) |
13675 |
return 0; |
13676 |
|
13677 |
/* don't need lock here; in the worst case we'll do useless copy */ |
13678 |
@@ -63598,7 +63494,7 @@ index da4a6a1..c04943c 100644 |
13679 |
return 0; |
13680 |
|
13681 |
*new_fsp = copy_fs_struct(fs); |
13682 |
-@@ -1716,7 +1763,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) |
13683 |
+@@ -1716,7 +1783,8 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) |
13684 |
fs = current->fs; |
13685 |
spin_lock(&fs->lock); |
13686 |
current->fs = new_fs; |
13687 |
@@ -66227,7 +66123,7 @@ index 2c71d91..1021f81 100644 |
13688 |
struct tasklet_struct *list; |
13689 |
|
13690 |
diff --git a/kernel/sys.c b/kernel/sys.c |
13691 |
-index 481611f..0754d86 100644 |
13692 |
+index 481611f..4665125 100644 |
13693 |
--- a/kernel/sys.c |
13694 |
+++ b/kernel/sys.c |
13695 |
@@ -158,6 +158,12 @@ static int set_one_prio(struct task_struct *p, int niceval, int error) |
13696 |
@@ -66296,7 +66192,29 @@ index 481611f..0754d86 100644 |
13697 |
if (nsown_capable(CAP_SETUID)) { |
13698 |
new->suid = new->uid = uid; |
13699 |
if (uid != old->uid) { |
13700 |
-@@ -786,6 +808,9 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) |
13701 |
+@@ -775,9 +797,18 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) |
13702 |
+ |
13703 |
+ retval = -EPERM; |
13704 |
+ if (!nsown_capable(CAP_SETUID)) { |
13705 |
+- if (ruid != (uid_t) -1 && ruid != old->uid && |
13706 |
+- ruid != old->euid && ruid != old->suid) |
13707 |
+- goto error; |
13708 |
++ // if RBAC is enabled, require CAP_SETUID to change |
13709 |
++ // uid to euid (from a suid binary, for instance) |
13710 |
++ // this is a hardening of normal permissions, not |
13711 |
++ // weakening |
13712 |
++ if (gr_acl_is_enabled()) { |
13713 |
++ if (ruid != (uid_t) -1 && ruid != old->uid) |
13714 |
++ goto error; |
13715 |
++ } else { |
13716 |
++ if (ruid != (uid_t) -1 && ruid != old->uid && |
13717 |
++ ruid != old->euid && ruid != old->suid) |
13718 |
++ goto error; |
13719 |
++ } |
13720 |
+ if (euid != (uid_t) -1 && euid != old->uid && |
13721 |
+ euid != old->euid && euid != old->suid) |
13722 |
+ goto error; |
13723 |
+@@ -786,6 +817,9 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) |
13724 |
goto error; |
13725 |
} |
13726 |
|
13727 |
@@ -66306,7 +66224,29 @@ index 481611f..0754d86 100644 |
13728 |
if (ruid != (uid_t) -1) { |
13729 |
new->uid = ruid; |
13730 |
if (ruid != old->uid) { |
13731 |
-@@ -850,6 +875,9 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) |
13732 |
+@@ -839,9 +873,18 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) |
13733 |
+ |
13734 |
+ retval = -EPERM; |
13735 |
+ if (!nsown_capable(CAP_SETGID)) { |
13736 |
+- if (rgid != (gid_t) -1 && rgid != old->gid && |
13737 |
+- rgid != old->egid && rgid != old->sgid) |
13738 |
+- goto error; |
13739 |
++ // if RBAC is enabled, require CAP_SETGID to change |
13740 |
++ // gid to egid (from a sgid binary, for instance) |
13741 |
++ // this is a hardening of normal permissions, not |
13742 |
++ // weakening |
13743 |
++ if (gr_acl_is_enabled()) { |
13744 |
++ if (rgid != (gid_t) -1 && rgid != old->gid) |
13745 |
++ goto error; |
13746 |
++ } else { |
13747 |
++ if (rgid != (gid_t) -1 && rgid != old->gid && |
13748 |
++ rgid != old->egid && rgid != old->sgid) |
13749 |
++ goto error; |
13750 |
++ } |
13751 |
+ if (egid != (gid_t) -1 && egid != old->gid && |
13752 |
+ egid != old->egid && egid != old->sgid) |
13753 |
+ goto error; |
13754 |
+@@ -850,6 +893,9 @@ SYSCALL_DEFINE3(setresgid, gid_t, rgid, gid_t, egid, gid_t, sgid) |
13755 |
goto error; |
13756 |
} |
13757 |
|
13758 |
@@ -66316,7 +66256,7 @@ index 481611f..0754d86 100644 |
13759 |
if (rgid != (gid_t) -1) |
13760 |
new->gid = rgid; |
13761 |
if (egid != (gid_t) -1) |
13762 |
-@@ -896,6 +924,9 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) |
13763 |
+@@ -896,6 +942,9 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) |
13764 |
old = current_cred(); |
13765 |
old_fsuid = old->fsuid; |
13766 |
|
13767 |
@@ -66326,7 +66266,7 @@ index 481611f..0754d86 100644 |
13768 |
if (uid == old->uid || uid == old->euid || |
13769 |
uid == old->suid || uid == old->fsuid || |
13770 |
nsown_capable(CAP_SETUID)) { |
13771 |
-@@ -906,6 +937,7 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) |
13772 |
+@@ -906,6 +955,7 @@ SYSCALL_DEFINE1(setfsuid, uid_t, uid) |
13773 |
} |
13774 |
} |
13775 |
|
13776 |
@@ -66334,7 +66274,7 @@ index 481611f..0754d86 100644 |
13777 |
abort_creds(new); |
13778 |
return old_fsuid; |
13779 |
|
13780 |
-@@ -932,12 +964,16 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) |
13781 |
+@@ -932,12 +982,16 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid) |
13782 |
if (gid == old->gid || gid == old->egid || |
13783 |
gid == old->sgid || gid == old->fsgid || |
13784 |
nsown_capable(CAP_SETGID)) { |
13785 |
@@ -66351,7 +66291,7 @@ index 481611f..0754d86 100644 |
13786 |
abort_creds(new); |
13787 |
return old_fsgid; |
13788 |
|
13789 |
-@@ -1189,7 +1225,10 @@ static int override_release(char __user *release, int len) |
13790 |
+@@ -1189,7 +1243,10 @@ static int override_release(char __user *release, int len) |
13791 |
} |
13792 |
v = ((LINUX_VERSION_CODE >> 8) & 0xff) + 40; |
13793 |
snprintf(buf, len, "2.6.%u%s", v, rest); |
13794 |
@@ -66363,7 +66303,7 @@ index 481611f..0754d86 100644 |
13795 |
} |
13796 |
return ret; |
13797 |
} |
13798 |
-@@ -1243,19 +1282,19 @@ SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) |
13799 |
+@@ -1243,19 +1300,19 @@ SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) |
13800 |
return -EFAULT; |
13801 |
|
13802 |
down_read(&uts_sem); |
13803 |
@@ -66388,7 +66328,7 @@ index 481611f..0754d86 100644 |
13804 |
__OLD_UTS_LEN); |
13805 |
error |= __put_user(0, name->machine + __OLD_UTS_LEN); |
13806 |
up_read(&uts_sem); |
13807 |
-@@ -1720,7 +1759,7 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, |
13808 |
+@@ -1720,7 +1777,7 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3, |
13809 |
error = get_dumpable(me->mm); |
13810 |
break; |
13811 |
case PR_SET_DUMPABLE: |
13812 |
@@ -70360,7 +70300,7 @@ index 716eb4a..8d10419 100644 |
13813 |
|
13814 |
static const int *pcpu_unit_map __read_mostly; /* cpu -> unit */ |
13815 |
diff --git a/mm/process_vm_access.c b/mm/process_vm_access.c |
13816 |
-index e920aa3..78fe584 100644 |
13817 |
+index e920aa3..137702a 100644 |
13818 |
--- a/mm/process_vm_access.c |
13819 |
+++ b/mm/process_vm_access.c |
13820 |
@@ -13,6 +13,7 @@ |
13821 |
@@ -70398,21 +70338,40 @@ index e920aa3..78fe584 100644 |
13822 |
} |
13823 |
|
13824 |
if (nr_pages == 0) |
13825 |
-@@ -298,8 +299,13 @@ static ssize_t process_vm_rw_core(pid_t pid, const struct iovec *lvec, |
13826 |
+@@ -298,23 +299,23 @@ static ssize_t process_vm_rw_core(pid_t pid, const struct iovec *lvec, |
13827 |
goto free_proc_pages; |
13828 |
} |
13829 |
|
13830 |
-+ if (gr_handle_ptrace(task, vm_write ? PTRACE_POKETEXT : PTRACE_ATTACH)) { |
13831 |
-+ rc = -EPERM; |
13832 |
-+ goto put_task_struct; |
13833 |
-+ } |
13834 |
-+ |
13835 |
- task_lock(task); |
13836 |
+- task_lock(task); |
13837 |
- if (__ptrace_may_access(task, PTRACE_MODE_ATTACH)) { |
13838 |
-+ if (ptrace_may_access_nolock(task, PTRACE_MODE_ATTACH)) { |
13839 |
- task_unlock(task); |
13840 |
+- task_unlock(task); |
13841 |
++ if (gr_handle_ptrace(task, vm_write ? PTRACE_POKETEXT : PTRACE_ATTACH)) { |
13842 |
rc = -EPERM; |
13843 |
goto put_task_struct; |
13844 |
+ } |
13845 |
+- mm = task->mm; |
13846 |
+ |
13847 |
+- if (!mm || (task->flags & PF_KTHREAD)) { |
13848 |
+- task_unlock(task); |
13849 |
+- rc = -EINVAL; |
13850 |
++ mm = mm_access(task, PTRACE_MODE_ATTACH); |
13851 |
++ if (!mm || IS_ERR(mm)) { |
13852 |
++ rc = IS_ERR(mm) ? PTR_ERR(mm) : -ESRCH; |
13853 |
++ /* |
13854 |
++ * Explicitly map EACCES to EPERM as EPERM is a more a |
13855 |
++ * appropriate error code for process_vw_readv/writev |
13856 |
++ */ |
13857 |
++ if (rc == -EACCES) |
13858 |
++ rc = -EPERM; |
13859 |
+ goto put_task_struct; |
13860 |
+ } |
13861 |
+ |
13862 |
+- atomic_inc(&mm->mm_users); |
13863 |
+- task_unlock(task); |
13864 |
+- |
13865 |
+ for (i = 0; i < riovcnt && iov_l_curr_idx < liovcnt; i++) { |
13866 |
+ rc = process_vm_rw_single_vec( |
13867 |
+ (unsigned long)rvec[i].iov_base, rvec[i].iov_len, |
13868 |
diff --git a/mm/rmap.c b/mm/rmap.c |
13869 |
index a4fd368..e0ffec7 100644 |
13870 |
--- a/mm/rmap.c |
13871 |
@@ -72994,7 +72953,7 @@ index 94cdbc5..0cb0063 100644 |
13872 |
ts = peer->tcp_ts; |
13873 |
tsage = get_seconds() - peer->tcp_ts_stamp; |
13874 |
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c |
13875 |
-index a9db4b1..3c03301 100644 |
13876 |
+index c89e354..8bd55c8 100644 |
13877 |
--- a/net/ipv4/tcp_ipv4.c |
13878 |
+++ b/net/ipv4/tcp_ipv4.c |
13879 |
@@ -87,6 +87,9 @@ int sysctl_tcp_tw_reuse __read_mostly; |
13880 |
@@ -73277,7 +73236,7 @@ index 5a65eea..bd913a1 100644 |
13881 |
|
13882 |
int udp4_seq_show(struct seq_file *seq, void *v) |
13883 |
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c |
13884 |
-index 36806de..b86f74c 100644 |
13885 |
+index 836c4ea..cbb74dc 100644 |
13886 |
--- a/net/ipv6/addrconf.c |
13887 |
+++ b/net/ipv6/addrconf.c |
13888 |
@@ -2149,7 +2149,7 @@ int addrconf_set_dstaddr(struct net *net, void __user *arg) |
13889 |
@@ -73325,7 +73284,7 @@ index 26cb08c..8af9877 100644 |
13890 |
msg.msg_flags = flags; |
13891 |
|
13892 |
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c |
13893 |
-index 331af3b..7789844 100644 |
13894 |
+index 361ebf3..d5628fb 100644 |
13895 |
--- a/net/ipv6/raw.c |
13896 |
+++ b/net/ipv6/raw.c |
13897 |
@@ -377,7 +377,7 @@ static inline int rawv6_rcv_skb(struct sock *sk, struct sk_buff *skb) |
13898 |
@@ -73415,7 +73374,7 @@ index 331af3b..7789844 100644 |
13899 |
|
13900 |
static int raw6_seq_show(struct seq_file *seq, void *v) |
13901 |
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c |
13902 |
-index 2dea4bb..dca8ac5 100644 |
13903 |
+index b859e4a..f9d1589 100644 |
13904 |
--- a/net/ipv6/tcp_ipv6.c |
13905 |
+++ b/net/ipv6/tcp_ipv6.c |
13906 |
@@ -93,6 +93,10 @@ static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(struct sock *sk, |
13907 |
@@ -74282,7 +74241,7 @@ index d9d4970..d5a6a68 100644 |
13908 |
return 0; |
13909 |
} |
13910 |
diff --git a/net/phonet/af_phonet.c b/net/phonet/af_phonet.c |
13911 |
-index bf10ea8..aeb4c3e 100644 |
13912 |
+index d65f699..05aa6ce 100644 |
13913 |
--- a/net/phonet/af_phonet.c |
13914 |
+++ b/net/phonet/af_phonet.c |
13915 |
@@ -41,7 +41,7 @@ static struct phonet_protocol *phonet_proto_get(unsigned int protocol) |
13916 |
@@ -74335,7 +74294,7 @@ index 2ba6e9f..409573f 100644 |
13917 |
break; |
13918 |
} |
13919 |
diff --git a/net/phonet/socket.c b/net/phonet/socket.c |
13920 |
-index 3f8d0b1..74635e0 100644 |
13921 |
+index 4c7eff3..59c727f 100644 |
13922 |
--- a/net/phonet/socket.c |
13923 |
+++ b/net/phonet/socket.c |
13924 |
@@ -613,8 +613,13 @@ static int pn_sock_seq_show(struct seq_file *seq, void *v) |
13925 |
@@ -74795,7 +74754,7 @@ index 54a7cd2..944edae 100644 |
13926 |
to += addrlen; |
13927 |
cnt++; |
13928 |
diff --git a/net/socket.c b/net/socket.c |
13929 |
-index 2877647..08e2fde 100644 |
13930 |
+index 2dce67a..1e91168 100644 |
13931 |
--- a/net/socket.c |
13932 |
+++ b/net/socket.c |
13933 |
@@ -88,6 +88,7 @@ |
13934 |
@@ -75360,7 +75319,7 @@ index 1983717..4d6102c 100644 |
13935 |
|
13936 |
sub->evt.event = htohl(event, sub->swap); |
13937 |
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c |
13938 |
-index b595a3d..b1cd354 100644 |
13939 |
+index d99678a..3514a21 100644 |
13940 |
--- a/net/unix/af_unix.c |
13941 |
+++ b/net/unix/af_unix.c |
13942 |
@@ -767,6 +767,12 @@ static struct sock *unix_find_other(struct net *net, |
13943 |
@@ -75851,10 +75810,10 @@ index 5c11312..72742b5 100644 |
13944 |
write_hex_cnt = 0; |
13945 |
for (i = 0; i < logo_clutsize; i++) { |
13946 |
diff --git a/security/Kconfig b/security/Kconfig |
13947 |
-index 51bd5a0..8465ae6 100644 |
13948 |
+index 51bd5a0..eeabc9f 100644 |
13949 |
--- a/security/Kconfig |
13950 |
+++ b/security/Kconfig |
13951 |
-@@ -4,6 +4,626 @@ |
13952 |
+@@ -4,6 +4,627 @@ |
13953 |
|
13954 |
menu "Security options" |
13955 |
|
13956 |
@@ -76364,6 +76323,7 @@ index 51bd5a0..8465ae6 100644 |
13957 |
+ |
13958 |
+config PAX_MEMORY_SANITIZE |
13959 |
+ bool "Sanitize all freed memory" |
13960 |
++ depends on !HIBERNATION |
13961 |
+ help |
13962 |
+ By saying Y here the kernel will erase memory pages as soon as they |
13963 |
+ are freed. This in turn reduces the lifetime of data stored in the |
13964 |
@@ -76481,7 +76441,7 @@ index 51bd5a0..8465ae6 100644 |
13965 |
config KEYS |
13966 |
bool "Enable access key retention support" |
13967 |
help |
13968 |
-@@ -169,7 +789,7 @@ config INTEL_TXT |
13969 |
+@@ -169,7 +790,7 @@ config INTEL_TXT |
13970 |
config LSM_MMAP_MIN_ADDR |
13971 |
int "Low address space for LSM to protect from user allocation" |
13972 |
depends on SECURITY && SECURITY_SELINUX |
13973 |
|
13974 |
diff --git a/3.2.2/4421_grsec-remove-localversion-grsec.patch b/3.2.4/4421_grsec-remove-localversion-grsec.patch |
13975 |
similarity index 100% |
13976 |
rename from 3.2.2/4421_grsec-remove-localversion-grsec.patch |
13977 |
rename to 3.2.4/4421_grsec-remove-localversion-grsec.patch |
13978 |
|
13979 |
diff --git a/3.2.2/4422_grsec-mute-warnings.patch b/3.2.4/4422_grsec-mute-warnings.patch |
13980 |
similarity index 100% |
13981 |
rename from 3.2.2/4422_grsec-mute-warnings.patch |
13982 |
rename to 3.2.4/4422_grsec-mute-warnings.patch |
13983 |
|
13984 |
diff --git a/3.2.2/4423_grsec-remove-protected-paths.patch b/3.2.4/4423_grsec-remove-protected-paths.patch |
13985 |
similarity index 100% |
13986 |
rename from 3.2.2/4423_grsec-remove-protected-paths.patch |
13987 |
rename to 3.2.4/4423_grsec-remove-protected-paths.patch |
13988 |
|
13989 |
diff --git a/3.2.2/4425_grsec-pax-without-grsec.patch b/3.2.4/4425_grsec-pax-without-grsec.patch |
13990 |
similarity index 100% |
13991 |
rename from 3.2.2/4425_grsec-pax-without-grsec.patch |
13992 |
rename to 3.2.4/4425_grsec-pax-without-grsec.patch |
13993 |
|
13994 |
diff --git a/3.2.2/4430_grsec-kconfig-default-gids.patch b/3.2.4/4430_grsec-kconfig-default-gids.patch |
13995 |
similarity index 95% |
13996 |
rename from 3.2.2/4430_grsec-kconfig-default-gids.patch |
13997 |
rename to 3.2.4/4430_grsec-kconfig-default-gids.patch |
13998 |
index 3c76d91..0807a4e 100644 |
13999 |
--- a/3.2.2/4430_grsec-kconfig-default-gids.patch |
14000 |
+++ b/3.2.4/4430_grsec-kconfig-default-gids.patch |
14001 |
@@ -21,7 +21,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
14002 |
|
14003 |
config GRKERNSEC_PROC_ADD |
14004 |
bool "Additional restrictions" |
14005 |
-@@ -658,7 +658,7 @@ |
14006 |
+@@ -662,7 +662,7 @@ |
14007 |
config GRKERNSEC_AUDIT_GID |
14008 |
int "GID for auditing" |
14009 |
depends on GRKERNSEC_AUDIT_GROUP |
14010 |
@@ -30,7 +30,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
14011 |
|
14012 |
config GRKERNSEC_EXECLOG |
14013 |
bool "Exec logging" |
14014 |
-@@ -864,7 +864,7 @@ |
14015 |
+@@ -866,7 +866,7 @@ |
14016 |
config GRKERNSEC_TPE_GID |
14017 |
int "GID for untrusted users" |
14018 |
depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT |
14019 |
@@ -39,7 +39,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
14020 |
help |
14021 |
Setting this GID determines what group TPE restrictions will be |
14022 |
*enabled* for. If the sysctl option is enabled, a sysctl option |
14023 |
-@@ -873,7 +873,7 @@ |
14024 |
+@@ -875,7 +875,7 @@ |
14025 |
config GRKERNSEC_TPE_GID |
14026 |
int "GID for trusted users" |
14027 |
depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT |
14028 |
@@ -48,7 +48,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
14029 |
help |
14030 |
Setting this GID determines what group TPE restrictions will be |
14031 |
*disabled* for. If the sysctl option is enabled, a sysctl option |
14032 |
-@@ -946,7 +946,7 @@ |
14033 |
+@@ -948,7 +948,7 @@ |
14034 |
config GRKERNSEC_SOCKET_ALL_GID |
14035 |
int "GID to deny all sockets for" |
14036 |
depends on GRKERNSEC_SOCKET_ALL |
14037 |
@@ -57,7 +57,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
14038 |
help |
14039 |
Here you can choose the GID to disable socket access for. Remember to |
14040 |
add the users you want socket access disabled for to the GID |
14041 |
-@@ -967,7 +967,7 @@ |
14042 |
+@@ -969,7 +969,7 @@ |
14043 |
config GRKERNSEC_SOCKET_CLIENT_GID |
14044 |
int "GID to deny client sockets for" |
14045 |
depends on GRKERNSEC_SOCKET_CLIENT |
14046 |
@@ -66,7 +66,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
14047 |
help |
14048 |
Here you can choose the GID to disable client socket access for. |
14049 |
Remember to add the users you want client socket access disabled for to |
14050 |
-@@ -985,7 +985,7 @@ |
14051 |
+@@ -987,7 +987,7 @@ |
14052 |
config GRKERNSEC_SOCKET_SERVER_GID |
14053 |
int "GID to deny server sockets for" |
14054 |
depends on GRKERNSEC_SOCKET_SERVER |
14055 |
|
14056 |
diff --git a/3.2.2/4435_grsec-kconfig-gentoo.patch b/3.2.4/4435_grsec-kconfig-gentoo.patch |
14057 |
similarity index 99% |
14058 |
rename from 3.2.2/4435_grsec-kconfig-gentoo.patch |
14059 |
rename to 3.2.4/4435_grsec-kconfig-gentoo.patch |
14060 |
index 1e145df..587b7d9 100644 |
14061 |
--- a/3.2.2/4435_grsec-kconfig-gentoo.patch |
14062 |
+++ b/3.2.4/4435_grsec-kconfig-gentoo.patch |
14063 |
@@ -341,7 +341,7 @@ diff -Naur a/security/Kconfig b/security/Kconfig |
14064 |
default "" |
14065 |
|
14066 |
config PAX_KERNEXEC_MODULE_TEXT |
14067 |
-@@ -555,8 +556,9 @@ |
14068 |
+@@ -556,8 +557,9 @@ |
14069 |
|
14070 |
config PAX_MEMORY_UDEREF |
14071 |
bool "Prevent invalid userland pointer dereference" |
14072 |
|
14073 |
diff --git a/3.2.2/4437-grsec-kconfig-proc-user.patch b/3.2.4/4437-grsec-kconfig-proc-user.patch |
14074 |
similarity index 100% |
14075 |
rename from 3.2.2/4437-grsec-kconfig-proc-user.patch |
14076 |
rename to 3.2.4/4437-grsec-kconfig-proc-user.patch |
14077 |
|
14078 |
diff --git a/3.2.2/4440_selinux-avc_audit-log-curr_ip.patch b/3.2.4/4440_selinux-avc_audit-log-curr_ip.patch |
14079 |
similarity index 99% |
14080 |
rename from 3.2.2/4440_selinux-avc_audit-log-curr_ip.patch |
14081 |
rename to 3.2.4/4440_selinux-avc_audit-log-curr_ip.patch |
14082 |
index f9f62df..7c9894c 100644 |
14083 |
--- a/3.2.2/4440_selinux-avc_audit-log-curr_ip.patch |
14084 |
+++ b/3.2.4/4440_selinux-avc_audit-log-curr_ip.patch |
14085 |
@@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@×××.org> |
14086 |
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig |
14087 |
--- a/grsecurity/Kconfig 2011-04-17 19:25:54.000000000 -0400 |
14088 |
+++ b/grsecurity/Kconfig 2011-04-17 19:32:53.000000000 -0400 |
14089 |
-@@ -1295,6 +1295,27 @@ |
14090 |
+@@ -1297,6 +1297,27 @@ |
14091 |
menu "Logging Options" |
14092 |
depends on GRKERNSEC |
14093 |
|
14094 |
|
14095 |
diff --git a/3.2.2/4445_disable-compat_vdso.patch b/3.2.4/4445_disable-compat_vdso.patch |
14096 |
similarity index 100% |
14097 |
rename from 3.2.2/4445_disable-compat_vdso.patch |
14098 |
rename to 3.2.4/4445_disable-compat_vdso.patch |