Pavel Emelianov and Kirill Korotaev observe that fs and arch users of
security_vm_enough_memory tend to forget to vm_unacct_memory when a
failure occurs further down (typically in setup_arg_pages variants).
These are all users of insert_vm_struct, and that reservation will only
be unaccounted on exit if the vma is marked VM_ACCOUNT: which in some
cases it is (hidden inside VM_STACK_FLAGS) and in some cases it isn't.
So x86_64 32-bit and ppc64 vDSO ELFs have been leaking memory into
Committed_AS each time they're run. But don't add VM_ACCOUNT to them,
it's inappropriate to reserve against the very unlikely case that gdb
be used to COW a vDSO page - we ought to do something about that in
do_wp_page, but there are yet other inconsistencies to be resolved.
The safe and economical way to fix this is to let insert_vm_struct do
the security_vm_enough_memory check when it finds VM_ACCOUNT is set.
And the MIPS irix_brk has been calling security_vm_enough_memory before
calling do_brk which repeats it, doubly accounting and so also leaking.
Remove that, and all the fs and arch calls to security_vm_enough_memory:
give it a less misleading name later on.
Signed-off-by: Hugh Dickins <hugh@veritas.com>
Signed-Off-By: Kirill Korotaev <dev@sw.ru>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
It turns out that the BUG_ON() in fs/exec.c: de_thread() is unreliable
and can trigger due to the test itself being racy.
de_thread() does
while (atomic_read(&sig->count) > count) {
}
.....
.....
BUG_ON(!thread_group_empty(current));
but release_task does
write_lock_irq(&tasklist_lock)
__exit_signal
(this is where atomic_dec(&sig->count) is run)
__exit_sighand
__unhash_process
takes write lock on tasklist_lock
remove itself out of PIDTYPE_TGID list
write_unlock_irq(&tasklist_lock)
so there's a clear (although small) window between the
atomic_dec(&sig->count) and the actual PIDTYPE_TGID unhashing of the
thread.
And actually there is no need for all threads to have exited at this
point, so we simply kill the BUG_ON.
Big thanks to Marc Lehmann who provided the test-case.
Fixes Bug 5170 (http://bugme.osdl.org/show_bug.cgi?id=5170)
Signed-off-by: Alexander Nyberg <alexn@telia.com>
Cc: Roland McGrath <roland@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Ingo Molnar <mingo@elte.hu>
Acked-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Certain (SGI?) ia64 boxes object to having their PCI BARs
restored unless absolutely necessary. This patch restricts calling
pci_restore_bars from pci_set_power_state unless the current state
is PCI_UNKNOWN, the actual (i.e. physical) state of the device is
PCI_D3hot, and the device indicates that it will lose its configuration
when transitioning to PCI_D0.
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Jeff,
sorry if I have flooded your inbox, I had some problems with the
mail server here yesterday, but it seems to be fixed ...
Ok patch 3-4 have no dependencies on patch 2 since only qeth driver is
affected.Thus I have made a new patch 2 for ctc driver.
Thank you .
[patch 2/4] s390: ctc driver fixes
From: Peter Tiedemann <ptiedem@de.ibm.com>
- race condition fixed
- minor cleanup
Signed-off-by: Peter Tiedemann <ptiedem@de.ibm.com>
Signed-off-by: Frank Pavlic <pavlic@de.ibm.com>
diffstat:
ctcmain.c | 41 ++++++++++++++++++++++-------------------
1 files changed, 22 insertions(+), 19 deletions(-)
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
Merge of four previous patches and the Kconfig fix
* Remove debug printk's
* whitespace cleanup and version number change
* clear interrupts, reset phy, and reset hardware on shutdown
* ignore 64bit counter overflow interrupts
* fix a couple of places where second port could clobber state
of first port.
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
Do not count frames dropped by the hardware as part of rx_dropped.
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
Do not count non-error frames dropped by the hardware as
part of rx_dropped. Instead, count those frames dropped as
rx_missed_errors. Also, do not count other error frames as part of
rx_dropped. Finally, do not count oversized frames in rx_dropped
(since they are counted as part of rx_length_errors).
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
Do not count frames dropped by the hardware as part of rx_dropped.
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
this patch display the correct channel number with iwlist scan
Signed-off-by: Matthieu CASTET <castet.matthieu@free.fr>
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
This patch fixes a nasty typo I introduced in my previous patch (commit
f2c853bca5). The right offset of the
second port in pure sata mode is 64 and not 0x64.
Thanks to Martin Schuster for pointing this to me
Signed-off-by: Arnaud Patard <apatard@mandriva.com>
---
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
xircom_cb.c does #if CONFIG_NET_POLL_CONTROLLER instead of #ifdef,
resulting in drivers/net/tulip/xircom_cb.c:120:5: warning:
"CONFIG_NET_POLL_CONTROLLER" is not defined.
Signed-off-by: Keith Owens <kaos@sgi.com>
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
drivers/net/s2io.c: In function `init_shared_mem':
drivers/net/s2io.c:431: warning: cast from pointer to integer of different size
drivers/net/s2io.c: In function `free_shared_mem':
drivers/net/s2io.c:662: warning: cast from pointer to integer of different size
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Jeff Garzik <jgarzik@pobox.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
Fix PCI device id issues with sk98lin driver.
1. DLINK 530-T card has no Vital Product Data (VPD) area so the sk98lin
driver won't work. (skge does however)
2. Remove commented out Yukon2 stuff
3. Restrict Linksys card to revisions that don't conflict with r8169 version.
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
disable_timer_pin_1 needs IO-APIC, not just local APIC.
Signed-off-by: Cal Peake <cp@absolutedigital.net>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Eliciting a SYNCACK in response, we were handling SYNC packets
only in the DCCP_OPEN state, in dccp_rcv_established.
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
It is possible to receive more than one CLOSEREQ packet if the
CLOSE packet sent in response is somehow lost, change the state
to DCCP_CLOSING only on the first CLOSEREQ packet received.
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
Patch from George G. Davis
As pointed out be Matthew Klahn <MKLAHN@motorola.com>, some sys_ipc()
call options require six args, e.g. SEMTIMEDOP. This patch adds an ARM sys_ipc_wrapper to save the sys_ipc() 'fifth' arg on the stack.
Signed-off-by: George G. Davis <gdavis@mvista.com>
arch/arm/kernel/calls.S | 2 +-
arch/arm/kernel/entry-common.S | 5 +++++
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
In 2.6.13-rcX the MASQUERADE target was changed not to exclude local
packets for better source address consistency. This breaks DHCP clients
using UDP sockets when the DHCP requests are caught by a MASQUERADE rule
because the MASQUERADE target drops packets when no address is configured
on the outgoing interface. This patch makes it ignore packets with a
source address of 0.
Thanks to Rusty for this suggestion.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Don't parse the packet, the data is already available in the conntrack
structure.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
With large port numbers the helper_names buffer can overflow.
Noticed by Samir Bellabes <sbellabes@mandriva.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
fix up the runqueue lock owner only if we truly did a context-switch
with the runqueue lock held. Impacts ia64, mips, sparc64 and arm.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Masked FPU exceptions should obviously not happen in the first place,
but if they do, ignoring them seems to be the right thing to do.
Although there is no documentation available for Cyrix MII, I did find
erratum F-7 for Winchip C6, "FPU instruction may result in spurious
exception under certain conditions" which seems to indicate that this
can happen.
That would also explain the behaviour Ondrej Zary reported on the MII.
Signed-off-by: Chuck Ebbert <76306.1226@compuserve.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
My patch "Separate pci bits out of struct device_node" (commit
1635317fac) had the unfortunate
side-effect that it stopped eeh_init() from working correctly.
It needs the pointers set up by find_and_init_phbs(), but it was being
called just before find_and_init_phbs(). That meant that we didn't
enable EEH (pSeries PCI error recovery) on any devices, and that meant
that on POWER5 systems, the hypervisor wouldn't let us enable memory or
I/O space access to any devices, and their drivers got somewhat
confused.
This fixes it by moving the eeh_init call after find_and_init_phbs.
Tested on a POWER5 partition.
Signed-of-by: Paul Mackerras <paulus@samba.org>
Signed-of-by: Linus Torvalds <torvalds@osdl.org>
Like previously done for i386, get the x86_64 watchdog tick calculation
into a state where it can also be used on CPUs with frequencies beyond
4GHz.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
Acked-by: Andi Kleen <ak@muc.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
As written in Documentation/feature-removal-schedule.txt, remove the
io_remap_page_range() kernel API.
Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Added clarification on the root device format to be used for second kernel,
as well as specifying initrd if drivers are built as modules.
Signed-off-by: Kishore Sampathkumar <kishore.sampathkumar@hp.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Some adjustments to the matroxfb code, for one part preventing the display
to be disabled for longer than necessary, and for the other part to make
information about the frame buffer position available so that a kernel
debugger might obtain that before the initial mode change.
Finally, some return code corrections to fit the generic fb code.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
Acked-by: Petr Vandrovec <vandrove@vc.cvut.cz>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
const-ify the font control structures and data, to make somewhat better
guarantees that these are not modified anywhere in the kernel.
Specifically for a kernel debugger to share this information from the
normal kernel code, such a guarantee seems rather desirable.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
Cc: "Antonino A. Daplas" <adaplas@hotpop.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
An adjustment to the SM_DOWN case of fbcon_scroll to match the behavior of
SM_UP.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
Cc: "Antonino A. Daplas" <adaplas@hotpop.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Adds all defines, ioctls and structs needed for the sliced VBI API
VBI = Vertical Blank Interval.
It is related with the way TV signals work. It sends a line, then, it has a
retrace time to allow the tube to move electrons to the beginning of the next
line. This was the main reason at the beginning of analog B&W TV.
There is a lot of bandwidth lost on VBI. So, lots of TV systems use it to
send other information such as Closed Captions and Teletext. Also,
broadcasters uses this as a channel to exchange information from the content
producer to their subsidiaries at each city.
There's already a raw VBI interface on V4L2 api, used for Closed Captions and
Teletext. The decoding is doing at userlevel space and it is mostly for
analog TV signals, non encoded.
Encoded signals (MPEG, for example), may need also to transmit other
information (like, for example, display aspect, i.e. 4x3, widescreen...).
Sliced VBI interface is a method to allow the video stream to transmit this
kind of information.
Signed-off-by: Hans Verkuil <hverkuil@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab@brturbo.com.br>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Change a printk(KERN_WARNING to dprintk, and it is really only interesting
when trying to debug a problem, and can occur normally without error.
Remove various gratuitous gotos in surrounding code, and remove some
type-cast assignments from inside 'if' conditionals, as that is just
obscuring what it going on.
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
We could try to unlock the state lock here without having first locked it.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
In the case of a lock which introduces a new lockowner, the openowner's
sequence id should be incremented, even when the operation fails, if the
error is a sequence-id-mutating error. The current code fails to do that
in some cases. Fix this by using the same sequence-id-incrementing
mechanism that all other such operations use.
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
