* 'mantis' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6: (117 commits)
V4L/DVB (13851): Fix Input dependency for Mantis
V4L/DVB(13824a): mantis: Fix __devexit bad annotations
V4L/DVB (13808b): mantis: replace DMA_nnBIT_MASK to DMA_BIT_MASK(32)
V4L/DVB (13808): [Mantis/Hopper] Build update for Mantis/Hopper based cards
V4L/DVB(13808a): mantis: convert it to the new ir-core register/unregister functions
V4L/DVB (13812): [Mantis/Hopper] Update Copyright header
V4L/DVB (13811): [MB86A16] Update Copyright header
V4L/DVB (13810): [MB86A16] Use DVB_* macros
V4L/DVB (13809): Fix Checkpatch violations
V4L/DVB (13807): Fix: Free device in the device registration failure case
V4L/DVB (13806): Register and Initialize Remote control
V4L/DVB (13805): Fix: Unregister the frontend before detaching
V4L/DVB (13804): Remove unused I2C Adapter ID
V4L/DVB (13803): Remove unused dependency on CU1216
V4L/DVB (13802): [Mantis/Hopper] Fix all build related warnings
V4L/DVB (13801): [MB86A16] Use the search callback
V4L/DVB (13800): [Mantis] I2C optimization. Required delay is much lesser than 1mS.
V4L/DVB (13799): [Mantis] Unregister frontend
V4L/DVB (13798): [Mantis] Enable power for all cards, use byte mode only on relevant devices
V4L/DVB (13797): [Mantis/Hopper/TDA665x] Large overhaul,
...
* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6: (23 commits)
V4L/DVB (13966): DVB-T regression fix for saa7134 cards
V4L/DVB (13955): cx25821: fix double unlock in medusa_video_init()
MAINTAINERS: ivtv-devel is moderated
MAINTAINERS: Andy Walls is the new ivtv maintainer
V4L/DVB (13941): rj54n1cb0c: remove compiler warning
V4L/DVB sh_mobile_ceu: don't check platform_get_irq's return value against zero
V4L/DVB mx1_camera: don't check platform_get_irq's return value against zero
V4L/DVB (13934): tda8290: Fix FM radio easy programming standard selection for TDA8295
V4L/DVB (13900): gspca - sunplus: Fix bridge exchanges.
V4L/DVB (13887): tda8290: add autodetection support for TDA8295c2
V4L/DVB (13882): gspca - stv06xx-vv6410: Ensure register STV_SCAN_RATE is zero
V4L/DVB (13880): gspca - m5602-s5k4aa: Add vflip quirk for the Amilo Xi 2428
V4L/DVB (13875): gspca - vc032x: Fix a possible crash with the vc0321 bridge.
V4L/DVB (13868): gspca - sn9c20x: Fix test of unsigned.
V4L/DVB (13858): ir-keytable: use the right header
feature-removal-schedule: Add v4l1 drivers obsoleted by gspca sub drivers
V4L/DVB (13622): gspca - ov534: Fix a compilation warning.
V4L/DVB (13834): dib8000: fix compilation if !DVB_DIB8000
V4L/DVB (13831): uvcvideo: Fix oops caused by a race condition in buffer dequeuing
V4L/DVB (13829): uvcvideo: Fix alternate setting selection in isochronous mode
...
This patch adds the Intel Cougar Point and PCH DeviceIDs for iTCO Watchdog.
Signed-off-by: Seth Heasley <seth.heasley@intel.com>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
Yasuhiro ABE <yadiary@gmail.com> reported success in sourceforge zd1211-dev list.
The device is a NEC Aterm WL54GU usb wireless stick.
The brand and retail product name
NEC, Aterm PA-WL54GU
The USB ID's (duh)
ID 0409:0248
The chip ID string
zd1211rw 1-1:1.0: zd1211b chip 0409:0248 v4810 high 00-1b-8b AL2230S_RF pa0 g--N-
The FCC ID
unknown
Signed-off-by: Hin-Tak Leung <htl10@users.sourceforge.net>
Signed-off-by: Yasuhiro ABE <yadiary@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
A long time ago, a user reported several crashes due to
data corruptions which are likely the result of a
not-100%-supported, or faulty? PCI bridge.
( http://patchwork.kernel.org/patch/53004/ )
This patch fixes entry #1.
"1. p54p_check_rx_ring - skb_over_panic: Under a ping flood
or just left running for a bit would panic with a skb_over_panic."
As described in the mail: The invalid frame length causes
skb_put to bailout and trigger a crash.
Note:
Simply dropping the frame is problematic, because if its content
contains a tx feedback we would lose some portion of the device
memory space.... And the driver/mac80211 should handle all other
invalid data.
Reported-by: Quintin Pitts <geek4linux@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
While testing the pid rate controller in mac80211_hwsim, I noticed
that once the controller reached 54 Mbit rates, it would fail to
lower the rate when necessary. The debug log shows:
1945 186786 pf_sample 50 3534 3577 50
My interpretation is that the fixed point scaling of the target
error value (pf) is incorrect: the error value of 50 compared to
a target of 14 case should result in a scaling value of
(14-50) = -36 * 256 or -9216, but instead it is (14 * 256)-50, or
3534.
Correct this by doing fixed point scaling after subtraction.
Signed-off-by: Bob Copeland <me@bobcopeland.com>
Acked-by: Stefano Brivio <stefano.brivio@polimi.it>
Acked-by: Mattias Nissler <mattias.nissler@gmx.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Similar to 6000 and 1000 series, RTS/CTS is the recommended protection
mechanism for 5000 series in HT mode based on the HW design.
Using RTS/CTS will better protect the inner exchange from interference,
especially in highly-congested environment, it also prevent uCode encounter
TX FIFO underrun and other HT mode related performance issues.
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
CC: stable@kernel.org
Signed-off-by: John W. Linville <linville@tuxdriver.com>
When truncating an UBI volume, UBI should allocates a PEB-sized
buffer but does not release it, which leads to memory leaks.
This patch fixes the issue.
Reported-by: Marek Skuczynski <mareksk7@gmail.com>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Tested-by: Marek Skuczynski <mareksk7@gmail.com>
Cc: stable@kernel.org
This reverts commit 14f0aa3593.
That commit was needed earlier because system call restarting for
OABI (compat) required an executable stack and thus had problems
with NX. Since ab72b00734 ("ARM: Fix signal restart issues
with NX and OABI compat") has reworked the code to not require an
executable stack anymore, we can re-enable NX support for kernels
with OABI (compat) support.
Signed-off-by: Rabin Vincent <rabin@rab.in>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Marc reported that the BUG_ON in clockevents_notify() triggers on his
system. This happens because the kernel tries to remove an active
clock event device (used for broadcasting) from the device list.
The handling of devices which can be used as per cpu device and as a
global broadcast device is suboptimal.
The simplest solution for now (and for stable) is to check whether the
device is used as global broadcast device, but this needs to be
revisited.
[ tglx: restored the cpuweight check and massaged the changelog ]
Reported-by: Marc Dionne <marc.c.dionne@gmail.com>
Tested-by: Marc Dionne <marc.c.dionne@gmail.com>
Signed-off-by: Xiaotian Feng <dfeng@redhat.com>
LKML-Reference: <1262834564-13033-1-git-send-email-dfeng@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@kernel.org
When a card instance with a higher card number is registered, warning
messages are spewed eventually with stack traces due to the invalid minor
number for OSS device registration. For example, thinkpad-acpi registers
the card number 29 as default, and you'll see always these messages.
This is rather confusing (and worries users), thus better to return
simply the error code.
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Because of the include of the decompress_inflate.c file from
boot/compress/misc.c, there are different flush() defines:
In file included from arch/arm/boot/compressed/misc.c:249:
arch/arm/boot/compressed/../../../../lib/decompress_inflate.c:138:29: error: macro "flush" passed 2 arguments, but takes just 0
Fix this by removing the define of flush() in misc.c for
CONFIG_DEBUG_ICEDCC as it's already defined in mach/uncompress.h,
and that is being included unconditionally.
Also use a static inline function instead of define
for mach-mxc and mach-gemini to avoid similar bug
for those platforms.
Signed-off-by: Tony Lindgren <tony@atomide.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
This converts the cpu_relax() to a udelay(1), which fixes up issues with
the EEPROM polling occasionally timing out.
Signed-off-by: Kuninori Morimoto <morimoto.kuninori@renesas.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
With this, mc13783 subsystems drivers can configure the mc13783 chip
reading and writing registers.
Signed-off-by: Alberto Panizzo <maramaopercheseimorto@gmail.com>
Acked-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
No need to set the security key when writing to it.
Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Cc: stable@kernel.org
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
This patch abstracts out the CNF area code from tmio_mmc which
is not present in all hardware that can use this driver. This
is required so that we can support non-toshiba based hardware.
ASIC3 support by Philipp Zabel
Signed-off-by: Ian Molton <ian@mnementh.co.uk>
Signed-off-by: Magnus Damm <damm@opensource.se>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
If irq == WM8350_NUM_IRQ that would put us past the end of the array.
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
The constants used to specify ISINK ramp times for WM835x had the
wrong shifts so that the on times applied to the off ramp and vice
versa. The masks for the bitfields are correct.
Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Cc: stable@kernel.org
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
/proc/net/rt_acct is not created if NET_CLS_ROUTE=n.
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
We can race with the unmount of an fs and the stopping of a kthread where we
will free the block group before we're done using it. The reason for this is
because we do not hold a reference on the block group while its caching, since
the allocator drops its reference once it exits or moves on to the next block
group. This patch fixes the problem by taking a reference to the block group
before we start caching and dropping it when we're done to make sure all
accesses to the block group are safe. Thanks,
Signed-off-by: Josef Bacik <josef@redhat.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
It is legal for btrfs_set_acl to be sent a NULL acl. This
makes sure we don't dereference it. A similar patch was sent by
Johannes Hirte <johannes.hirte@fem.tu-ilmenau.de>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
Currently orphan cleanup only ever gets triggered if we cross subvolumes during
a lookup, which means that if we just mount a plain jane fs that has orphans in
it, they will never get cleaned up. This results in panic's like these
http://www.kerneloops.org/oops.php?number=1109085
where adding an orphan entry results in -EEXIST being returned and we panic. In
order to fix this, we check to see on lookup if our root has had the orphan
cleanup done, and if not go ahead and do it. This is easily reproduceable by
running this testcase
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#include <stdio.h>
int main(int argc, char **argv)
{
char data[4096];
char newdata[4096];
int fd1, fd2;
memset(data, 'a', 4096);
memset(newdata, 'b', 4096);
while (1) {
int i;
fd1 = creat("file1", 0666);
if (fd1 < 0)
break;
for (i = 0; i < 512; i++)
write(fd1, data, 4096);
fsync(fd1);
close(fd1);
fd2 = creat("file2", 0666);
if (fd2 < 0)
break;
ftruncate(fd2, 4096 * 512);
for (i = 0; i < 512; i++)
write(fd2, newdata, 4096);
close(fd2);
i = rename("file2", "file1");
unlink("file1");
}
return 0;
}
and then pulling the power on the box, and then trying to run that test again
when the box comes back up. I've tested this locally and it fixes the problem.
Thanks to Tomas Carnecky for helping me track this down initially.
Signed-off-by: Josef Bacik <josef@redhat.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
Fix bug reported by Johannes Hirte. The reason of that bug
is btrfs_del_items is called after btrfs_duplicate_item and
btrfs_del_items triggers tree balance. The fix is check that
case and call btrfs_search_slot when needed.
Signed-off-by: Yan Zheng <zheng.yan@oracle.com>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
Stanse found 2 memory leaks in relocate_block_group and
__btrfs_map_block. cluster and multi are not freed/assigned on all
paths. Fix that.
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Cc: linux-btrfs@vger.kernel.org
Signed-off-by: Chris Mason <chris.mason@oracle.com>
Some callers of btrfs_ordered_update_i_size can now pass in
a NULL for the ordered extent to update against. This makes
sure we properly align the offset they pass in when deciding
how much to bump the on disk i_size.
Signed-off-by: Chris Mason <chris.mason@oracle.com>
parent 49313cdac7b34c9f7ecbb1780cfc648b1c082cd7 (v2.6.32-1-g49313cd)
commit ff48c08e1c05c67e8348ab6f8a24de8034e0e34d
Author: Jan Engelhardt <jengelh@medozas.de>
Date: Wed Dec 9 22:57:36 2009 +0100
Btrfs: fix missing last-entry in readdir(3)
When one does a 32-bit readdir(3), the last entry of a directory is
missing. This is however not due to passing a large value to filldir,
but it seems to have to do with glibc doing telldir or something
quirky. In any case, this patch fixes it in practice.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
On most cards the DisplayPort connector is created with 2 encoders sharing
a single SOR (for native DP, and for DVI-over-DP). The previous logic
for turning off unused encoders didn't take into account that we could
have multiple drm_encoders on a single hw encoder and ended up turning off
encoders that were actually being used still.
This patch fixes that issue. We probably want to look at something a bit
better later on, and only expose one drm_encoder per hw encoder block.
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
GPU pointer to the structure is shifted right by 10 bits, so we need to
align to 1024 bytes, not 256.
Reported-by: Maarten Maathuis <madman2003@gmail.com>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
Currently, we take down the sgdma engine without evicting all buffers
from VRAM.
The TTM device release will try to evict anything in VRAM to GART
memory, but this will fail since sgdma has already been taken down.
This causes an infinite loop in kernel mode on module unload.
It usually doesn't happen because there aren't any buffer on close.
However, if the GPU is locked up, this condition is easily triggered.
This patch fixes it in the simplest way possible by cleaning VRAM
right before cleaning SGDMA memory.
Signed-off-by: Luca Barbieri <luca@luca-barbieri.com>
Signed-off-by: Francisco Jerez <currojerez@riseup.net>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
Currently Nouveau is unable to dismiss DMA_VTX_PROTECTION errors,
which results in an infinite loop in the interrupt handler.
These errors are caused both by bugs in the Gallium driver and by
user-specified index buffers with out of bounds indices.
By mmio-tracing the nVidia drivers, I found out how this is done.
On DMA_VTX_PROTECTION, The nVidia driver reads the register 0x402000,
always getting the value 4, and then writes 4 back to 0x402000.
This patch adds that logic by reading 0x402000 and writing the same
value back.
It's unclear what should happen if the value read is not 4, and
the current approach might not be the correct one.
To test this, modify mesa/progs/trivial/vbo-drawrange.c, defining
ELTOBJ to 1 and replacing indices with huge out of bounds integers.
Without this patch, the GPU and/or kernel should lock up.
With this patch, it should misrender as expected but not lock up.
The errors are still logged since they are useful for development.
This has been tested on NV49 and may not work on other cards.
To find out how things work on other cards, run the aforementioned
test using the blob with mmiotrace and grep for a read of the PGRAPH
source register.
Signed-off-by: Luca Barbieri <luca@luca-barbieri.com>
Signed-off-by: Francisco Jerez <currojerez@riseup.net>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
Can be triggered easily on certain cards (NV46 and NV50 of mine) by
running "dmesg", the DRM's channel will lockup.
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:
do_add_mount() should sanitize mnt_flags
CIFS shouldn't make mountpoints shrinkable
mnt_flags fixes in do_remount()
attach_recursive_mnt() needs to hold vfsmount_lock over set_mnt_shared()
may_umount() needs namespace_sem
Fix configfs leak
Fix the -ESTALE handling in do_filp_open()
ecryptfs: Fix refcnt leak on ecryptfs_follow_link() error path
Fix ACC_MODE() for real
Unrot uml mconsole a bit
hppfs: handle ->put_link()
Kill 9p readlink()
fix autofs/afs/etc. magic mountpoint breakage
The sym_is() compares a symbol in an attempt to automatically skip symbol
prefixes. It does this first by searching the real symbol with the normal
unprefixed symbol. But then it uses the length of the original symbol to
check the end of the substring instead of the length of the symbol it is
looking for. On non-prefixed arches, this is effectively the same thing,
so there is no problem. On prefixed-arches, since this is exceeds by just
one byte, a crash is rare and it is usually a NUL byte anyways. But every
once in a blue moon, you get the right page alignment and it segfaults.
For example, on the Blackfin arch, sym_is() will be called with the real
symbol "___mod_usb_device_table" as "symbol" when looking for the normal
symbol "__mod_usb_device_table" as "name". The substring will thus return
one byte into "symbol" and store it into "match". But then "match" will
be indexed with the length of "symbol" instead of "name" and so we will
exceed the storage. i.e. the code ends up doing:
char foo[] = "abc"; return foo[strlen(foo)+1] == '\0';
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
When removing several devices aic79xx will occasionally Oops
in ahd_handle_nonpkt_busfree during rescan. Looking at the
code I found that we're indeed not checking if the scb in
question is NULL. So check for it before accessing it.
Signed-off-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
The hardware used with zfcp provides a timer for CT and ELS requests
instead of an abort capability for these commands. To correctly handle
the FC BSG timeouts, pass the timeout from the BSG requests to the
hardware.
Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Introduce a zfcp callback for timeouts triggered from FC BSG. With
zfcp, the underlying hardware cannot abort CT or ELS requests, so
there is nothing to do when the block layer timeout expires. To avoid
interference with the block layer timeout, simply indicate that the
block layer timer should be reset. The timer running in the hardware
for the pending CT or ELS request will return the request when it
expires.
Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Signed-off-by: Christof Schmitt <christof.schmitt@de.ibm.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
The hardware used with zfcp cannot abort a currently pending CT or ELS
request. Therefore we need the option to postpone the timeout
triggered request abort within the fc layer, since there is nothing
zfcp can do to stop the request at this point.
Cc: James Smart <James.Smart@emulex.com>
Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Signed-off-by: Christof Schmitt <christof.schmitt@de.ibm.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
Advance the correct pointer when inserting the linebreak for the HBA
trace. It was missing in the output since the pointer to the output
buffer was never advanced, and the linebreak character was overwritten
later.
Reviewed-by: Swen Schillig <swen@vnet.ibm.com>
Signed-off-by: Christof Schmitt <christof.schmitt@de.ibm.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
The patch "zfcp: Simplify handling of ct and els requests"
accidentally removed the call to zfcp_fc_wka_port_put for FC CT BSG
requests, thus not issuing a "close" request for the WKA ports.
Introduce a CT specific handler to first call zfcp_fc_wka_port_put and
then continue with the generic handler when returning from FC CT BSG
requests.
Reviewed-by: Swen Schillig <swen@vnet.ibm.com>
Signed-off-by: Christof Schmitt <christof.schmitt@de.ibm.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
The 32bit kernel does not add padding bytes in the fc_bsg_request structure
whereas the 64bit kernel adds padding bytes in the fc_bsg_request structure.
Due to this, structure elements gets mismatched with 32bit application and
64bit kernel.To resolve this, used packed modifier to avoid adding padding bytes.
Signed-off-by: Giridhar Malavali <giridhar.malavali@qlogic.com>
Signed-off-by: James Bottomley <James.Bottomley@suse.de>
