commit 211a4d12abf86fe0df4cd68fc6327cbb58f56f81
Author: Johannes Berg <johannes@sipsolutions.net>
Date: Tue Oct 20 15:08:53 2009 +0900
cfg80211: sme: deauthenticate on assoc failure
introduced a potential NULL pointer dereference that
some people have been hitting for some reason -- the
params.bssid pointer is not guaranteed to be non-NULL
for what seems to be a race between various ways of
reaching the same thing.
While I'm trying to analyse the problem more let's
first fix the crash. I think the real fix may be to
avoid doing _anything_ if it ended up being NULL, but
right now I'm not sure yet.
I think
http://bugzilla.kernel.org/show_bug.cgi?id=14342
might also be this issue.
Reported-by: Parag Warudkar <parag.lkml@gmail.com>
Tested-by: Parag Warudkar <parag.lkml@gmail.com>
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6:
Revert "[IA64] fix percpu warnings"
[IA64] fix percpu warnings
[IA64] SMT friendly version of spin_unlock_wait()
[IA64] use printk_once() unaligned.c/io_common.c
[IA64] Require SAL 3.2 in order to do extended config space ops
[IA64] unsigned cannot be less than 0 in sn_hwperf_ioctl()
[IA64] Restore registers in the stack on INIT
[IA64] Re-implement spinaphores using ticket lock concepts
[IA64] Squeeze ticket locks back into 4 bytes.
This reverts commit d0646f7b63, as
requested by Eric Sandeen.
It can basically cause an ext4 filesystem to miss recovery (and thus get
mounted with errors) if the journal checksum does not match.
Quoth Eric:
"My hand-wavy hunch about what is happening is that we're finding a
bad checksum on the last partially-written transaction, which is
not surprising, but if we have a wrapped log and we're doing the
initial scan for head/tail, and we abort scanning on that bad
checksum, then we are essentially running an unrecovered filesystem.
But that's hand-wavy and I need to go look at the code.
We lived without journal checksums on by default until now, and at
this point they're doing more harm than good, so we should revert
the default-changing commit until we can fix it and do some good
power-fail testing with the fixes in place."
See
http://bugzilla.kernel.org/show_bug.cgi?id=14354
for all the gory details.
Requested-by: Eric Sandeen <sandeen@redhat.com>
Cc: Theodore Tso <tytso@mit.edu>
Cc: Alexey Fisher <bug-track@fisher-privat.net>
Cc: Maxim Levitsky <maximlevitsky@gmail.com>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Mathias Burén <mathias.buren@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* 'for-linus' of master.kernel.org:/home/rmk/linux-2.6-arm:
ARM: ensure initial page tables are setup for SMP systems
ARM: 5776/1: Check compiler version and EABI support when adding ARM unwind support.
ARM: 5774/1: Fix Realview ARM1176PB board reboot
ARM: Fix errata 411920 workarounds
ARM: Fix sparsemem with SPARSEMEM_EXTREME enabled
ARM: Use GFP_DMA only for masks _less_ than 32-bit
ARM: integrator: allow Integrator to be built with highmem
ARM: Fix signal restart issues with NX and OABI compat
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6:
ALSA: hda - Don't check invalid HP pin
ALSA: dummy - Fix descriptions of pcm_substreams parameter
ALSA: pcmcia: use dynamic debug infrastructure, deprecate CS_CHECK (sound)
ALSA: hda: Use quirk mask for Dell Inspiron Mini9/Vostro A90 using ALC268
sound: via82xx: deactivate DXS controls of inactive streams
ALSA: snd-usb-caiaq: Bump version number to 1.3.20
ALSA: snd-usb-caiaq: Lock on stream start/unpause
ALSA: snd-usb-caiaq: Missing lock around use of buffer positions
ALSA: sound/parisc: Move dereference after NULL test
ALSA: sound: Move dereference after NULL test and drop unnecessary NULL tests
ALSA: hda_intel: Add the Linux device ID for NVIDIA HDA controller
ALSA: pcsp - Fix nforce workaround
ALSA: SND_CS5535AUDIO: Remove the X86 platform dependency
ASoC: Amstrad Delta: add info about the line discipline requirement to Kconfig help text
ASoC: Fix possible codec_dai->ops NULL pointer problems
ALSA: hda - Fix capture source checks for ALC662/663 codecs
ASoC: Serialize access to dapm_power_widgets()
* 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
perf tools: Remove -Wcast-align
perf tools: Fix compatibility with libelf 0.8 and autodetect
perf events: Don't generate events for the idle task when exclude_idle is set
perf events: Fix swevent hrtimer sampling by keeping track of remaining time when enabling/disabling swevent hrtimers
* 'tracing-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
tracing: Remove cpu arg from the rb_time_stamp() function
tracing: Fix comment typo and documentation example
tracing: Fix trace_seq_printf() return value
tracing: Update *ppos instead of filp->f_pos
* 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
x86: Make EFI RTC function depend on 32bit again
x86-64: Fix register leak in 32-bit syscall audting
x86: crash_dump: Fix non-pae kdump kernel memory accesses
x86: Side-step lguest problem by only building cmpxchg8b_emu for pre-Pentium
x86: Remove STACKPROTECTOR_ALL
In try_to_unuse(), swcount is a local copy of *swap_map, including the
SWAP_HAS_CACHE bit; but a wrong comparison against swap_count(*swap_map),
which masks off the SWAP_HAS_CACHE bit, succeeded where it should fail.
That had the effect of resetting the mm from which to start searching
for the next swap page, to an irrelevant mm instead of to an mm in which
this swap page had been found: which may increase search time by ~20%.
But we're used to swapoff being slow, so never noticed the slowdown.
Remove that one spurious use of swap_count(): Bo Liu thought it merely
redundant, Hugh rewrote the description since it was measurably wrong.
Signed-off-by: Bo Liu <bo-liu@hotmail.com>
Signed-off-by: Hugh Dickins <hugh.dickins@tiscali.co.uk>
Reviewed-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
In commit c1c7af6089 ("drm/i915: force
mode set at lid open time") the intel graphics driver was taught to
restore the LVDS mode on lid open.
That caused problems with interaction with the suspend/resume code,
which commonly runs at the same time (suspend is often caused by the lid
close event, while lid open is commonly a resume event), which was
worked around with in commit 06891e27a9
("drm/i915: fix suspend/resume breakage in lid notifier").
However, in the meantime the lid event code had also grown a user event
notifier (commit 06324194ee: "drm/i915:
generate a KMS uevent at lid open/close time"), and now _that_ causes
problems with suspend/resume and some versions of Xorg reacting to those
uevents by setting the mode.
So this effectively reverts that commit 06324194ee, and makes the lid
open protection logic against suspend/resume more explicit. This fixes
at least one laptop. See
http://bugzilla.kernel.org/show_bug.cgi?id=14484
for more details.
Acked-by: Jesse Barnes <jbarnes@virtuousgeek.org>
Cc: Riccardo Magliocchetti <riccardo.magliocchetti@gmail.com>
Cc: Eric Anholt <eric@anholt.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This reverts commit b94b08081f.
genksyms currently cannot handle complicated types for exported
percpu variables. Drop this patch for now as it prevents a
module from being loaded on sn2 systems:
xpc: no symbol version for per_cpu____sn_cnodeid_to_nasid
xpc: Unknown symbol per_cpu____sn_cnodeid_to_nasid
Signed-off-by: Tony Luck <tony.luck@intel.com>
Mapping the same memory using two different attributes (memory
type, shareability, cacheability) is unpredictable. During boot,
we encounter a situation when we're updating the kernel's page
tables which can lead to dirty cache lines existing in the cache
which are subsequently missed. This causes stack corruption,
and therefore a crash.
Therefore, ensure that the shared and cacheability settings
matches the configuration that will be used later; this together
with the restriction in early_cachepolicy() ensures that we won't
create a mismatch during boot.
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
ARM unwind is known to compile only with EABI and not-buggy compilers.
The problem is not the unwinding information but the -fno-frame-pointer
option added as a result of !CONFIG_FRAME_POINTER. Now we check the
compiler and raise a #warning in case of wrong compiler.
Signed-off-by: Claudio Scordino <claudio@evidence.eu.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
I got a boot crash when forcing cpumasks offstack on 32 bit,
because find_new_ilb() returned 3 on my UP system (nohz.cpu_mask
wasn't zeroed).
AFAICT the others need to be zeroed too: only
nohz.ilb_grp_nohz_mask is initialized before use.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Cc: Peter Zijlstra <peterz@infradead.org>
LKML-Reference: <200911022037.21282.rusty@rustcorp.com.au>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Reboot does not work out of the box on my "Early 2009" Mac mini
(3,1). Detect this machine via DMI as we do for recent MacBooks.
Signed-off-by: Gottfried Haider <gottfried.haider@gmail.com>
Cc: Ozan Çağlayan <ozan@pardus.org.tr>
Cc: Paul Mackerras <paulus@samba.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
The patch below also addresses a couple of other corner cases in readdir
seen with a large (e.g. 64k) msize. I'm not sure what people think of
my co-opting of fid->aux here. I'd be happy to rework if there's a better
way.
When the size of the user supplied buffer passed to readdir is smaller
than the data returned in one go by the 9P read request, v9fs_dir_readdir()
currently discards extra data so that, on the next call, a 9P read
request will be issued with offset < previous offset + bytes returned,
which voilates the constraint described in paragraph 3 of read(5) description.
This patch preseves the leftover data in fid->aux for use in the next call.
Signed-off-by: Jim Garlick <garlick@llnl.gov>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
I do not know if you've looked on the patch, but unfortunately it is
incorrect. A suggested better version is in this email (the old
version didn't work in case the user provided buffer was not long
enough - it incorrectly appended null byte on a position of last char,
and thus broke the contract of the readlink method). However, I'm
still not sure this is 100% correct thing to do, I think readlink is
supposed to return buffer without last null byte in all cases, but we
do return last null byte (even the old version).. on the other hand it
is likely unspecified what is in the remaining part of the buffer, so
null character may be fine there ;):
Signed-off-by: Martin Stava <martin.stava@gmail.com>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
Here is a proposed patch for bug in readdir. Listing of dirs with
many files fails without this patch.
Signed-off-by: Martin Stava <martin.stava@gmail.com>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
alc_automute_pin() might be called even if any HP pin is defined, and
it will result in verbs with NID=0.
This patch adds a check for the validity of HP widget before issuing
any verbs.
Signed-off-by: Takashi Iwai <tiwai@suse.de>
sys_ppoll syscall needs to use a compat handler on 64bit kernels with o32
user-space.
Signed-off-by: Arnaud Patard <apatard@mandriva.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Unify the naming method between kernel and the user-space oprofile tool.
Because loongson is used instead of godson in most of the places, we agreed
to use loongson instead, which will simplify future maintenance.
Signed-off-by: Wu Zhangjin <wuzhangjin@gmail.com>
Acked-by: Robert Richter <robert.richter@amd.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
The handle_edge_irq() flowhandler disables edge int sources which occur
too fast (i.e. another edge comes in before the irq handler function
had a chance to finish). Currently, the mask_ack() callback does not
ack the edges in hardware, leading to an endless loop in the flowhandler
where it tries to shut up the irq source.
When I rewrote the alchemy IRQ code I wrongly assumed the mask_ack()
callback was only used by the level flowhandler, hence it omitted the
(at the time pointless) edge acks. Turned out I was wrong; so here
is a complete mask_ack implementation for Alchemy IC, which fixes
the above mentioned problem.
Signed-off-by: Manuel Lauss <manuel.lauss@gmail.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
For consistency with other BCM63xx SoC set the CPU name to "Broadcom
BCM6338" when actually running on that system.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Loongson 2 does not have dcache aliases when is using 16k pages. and the
And because Loongson 2 doesn't do SMP , cpu_icache_snoops_remote_store does
not matter here.
Signed-off-by: Zhang Le <r0bertz@gentoo.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
set_saved_sp reads Context register. Avoid reading stale value from
earlier incomplete write.
Issue found and fixed for head.S by Chris Dearman <chris@mips.com>.
Signed-off-by: Chris Dearman <chris@mips.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Some newer Octeon chips have registers that allow lockless operation of
the interrupt controller. Take advantage of them.
Signed-off-by: David Daney <ddaney@caviumnetworks.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Since the locks are used from interrupt context we need the
irqsave/irqrestore versions of the locking functions.
Signed-off-by: David Daney <ddaney@caviumnetworks.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
This patch ensures that the sign bit is always updated for NaN operands.
Signed-off-by: Chris Dearman <chris@mips.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
This fixes the remaining problems introduced by
f197465384 (incorrect access length &
byteswapping in bigendian mode)
Signed-off-by: Chris Dearman <chris@mips.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
On an SMP system with cache aliases, the following sequence of events may
happen:
1) copy_user_highpage() runs on CPU0, invoking kmap_coherent() to create a
temporary mapping in the fixmap region
2) copy_page() starts on CPU0
3) CPU1 sends CPU0 an IPI asking CPU0 to run local_r4k_flush_cache_page()
4) CPU0 takes the interrupt, interrupting copy_page()
5) local_r4k_flush_cache_page() on CPU0 calls kmap_coherent() again
6) The second invocation of kmap_coherent() on CPU0 tries to use the
same fixmap virtual address that was being used by copy_user_highpage()
7) CPU0 throws a machine check exception for the TLB address conflict
Fixed by creating an extra set of fixmap entries for use in interrupt
handlers. This prevents fixmap VA conflicts between copy_user_highpage()
running in user context, and local_r4k_flush_cache_page() invoked from an
SMP IPI.
Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
This patch checks if the watchdog enable bit is set in the DCL register
meaning that the hardware watchdog actually works and if so, register the
ar7_wdt platform_device.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
This patch prepares the board code to register a bcm63xx_wdt
platform_device that we are going to use in a subsequent patch.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
This patch removes the calls to bcm63xx_uart_register in board_bcm963xx.c
and make bcm63xx_uart_register an initfunc. Allows us to remove
bcm63xx_dev_uart.h which was there to make checkpatch.pl happy.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
This patch fixes the following warning, which becomes an error due to
-Werror to be turned on:
CC arch/mips/alchemy/common/gpiolib-au1000.o
cc1: warnings being treated as errors
arch/mips/alchemy/common/gpiolib-au1000.c: In function 'au1100_gpio2_to_irq':
/home/florian/dev/kernel/linux-queue/arch/mips/include/asm/mach-au1x00/gpio-au1000.h:107: warning: control reaches end of non-void function
Signed-off-by: Florian Fainelli <florian@openwrt.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
This patch fixes a lockup on BCM6345 where setting the PLL soft reset bit
will also lock the other blocks including UART. Instead of setting only
the PLL soft reset bit in the software reset register, set this bit but do
not touch the others.
Signed-off-by: Florian Fainelli <florian@openwrt.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>