summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2014-11-03f2fs: avoid deadlock on init_inode_metadataJaegeuk Kim7-22/+157
Previously, init_inode_metadata does not hold any parent directory's inode page. So, f2fs_init_acl can grab its parent inode page without any problem. But, when we use inline_dentry, that page is grabbed during f2fs_add_link, so that we can fall into deadlock condition like below. INFO: task mknod:11006 blocked for more than 120 seconds. Tainted: G OE 3.17.0-rc1+ #13 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. mknod D ffff88003fc94580 0 11006 11004 0x00000000 ffff880007717b10 0000000000000002 ffff88003c323220 ffff880007717fd8 0000000000014580 0000000000014580 ffff88003daecb30 ffff88003c323220 ffff88003fc94e80 ffff88003ffbb4e8 ffff880007717ba0 0000000000000002 Call Trace: [<ffffffff8173dc40>] ? bit_wait+0x50/0x50 [<ffffffff8173d4cd>] io_schedule+0x9d/0x130 [<ffffffff8173dc6c>] bit_wait_io+0x2c/0x50 [<ffffffff8173da3b>] __wait_on_bit_lock+0x4b/0xb0 [<ffffffff811640a7>] __lock_page+0x67/0x70 [<ffffffff810acf50>] ? autoremove_wake_function+0x40/0x40 [<ffffffff811652cc>] pagecache_get_page+0x14c/0x1e0 [<ffffffffa029afa9>] get_node_page+0x59/0x130 [f2fs] [<ffffffffa02a63ad>] read_all_xattrs+0x24d/0x430 [f2fs] [<ffffffffa02a6ca2>] f2fs_getxattr+0x52/0xe0 [f2fs] [<ffffffffa02a7481>] f2fs_get_acl+0x41/0x2d0 [f2fs] [<ffffffff8122d847>] get_acl+0x47/0x70 [<ffffffff8122db5a>] posix_acl_create+0x5a/0x150 [<ffffffffa02a7759>] f2fs_init_acl+0x29/0xcb [f2fs] [<ffffffffa0286a8d>] init_inode_metadata+0x5d/0x340 [f2fs] [<ffffffffa029253a>] f2fs_add_inline_entry+0x12a/0x2e0 [f2fs] [<ffffffffa0286ea5>] __f2fs_add_link+0x45/0x4a0 [f2fs] [<ffffffffa028b5b6>] ? f2fs_new_inode+0x146/0x220 [f2fs] [<ffffffffa028b816>] f2fs_mknod+0x86/0xf0 [f2fs] [<ffffffff811e3ec1>] vfs_mknod+0xe1/0x160 [<ffffffff811e4b26>] SyS_mknod+0x1f6/0x200 [<ffffffff81741d7f>] tracesys+0xe1/0xe6 Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: fix to wait correct block typeJaegeuk Kim2-3/+4
The inode page needs to wait NODE block io. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: reuse find_in_block code for find_in_inline_dirJaegeuk Kim3-63/+65
This patch removes redundant copied code in find_in_inline_dir. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: reuse room_for_filename for inline dentry operationJaegeuk Kim3-37/+12
This patch introduces to reuse the existing room_for_filename for inline dentry operation. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: update f2fs documentation for inline dir supportChao Yu1-0/+4
This patch adds descriptions for the inline dir support in f2fs document. Signed-off-by: Chao Yu <chao2.yu@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: enable inline dir handlingChao Yu5-15/+58
Add inline dir functions into normal dir ops' function to handle inline ops. Besides, we enable inline dir mode when a new dir inode is created if inline_data option is on. Signed-off-by: Chao Yu <chao2.yu@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: add key function to handle inline dirChao Yu2-0/+355
Adds Functions to implement inline dir init/lookup/insert/delete/convert ops. Signed-off-by: Chao Yu <chao2.yu@samsung.com> [Jaegeuk Kim: remove needless reserved area copy, pointed by Dan Carpenter] Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: export dir operations for inline dirChao Yu4-37/+50
This patch exports some dir operations for inline dir, additionally introduces f2fs_drop_nlink from f2fs_delete_entry for reusing by inline dir function. Signed-off-by: Chao Yu <chao2.yu@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: add a new mount option for inline dirChao Yu1-0/+7
Adds a new mount option 'inline_dentry' for inline dir. Signed-off-by: Chao Yu <chao2.yu@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: add infra struct and helper for inline dirChao Yu2-2/+38
This patch defines macro/inline dentry structure, and adds some helpers for inline dir infrastructure. Signed-off-by: Chao Yu <chao2.yu@samsung.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: avoid infinite loop at cp_errorJaegeuk Kim1-0/+3
This patch avoids an infinite loop in sync_dirty_inode_page when -EIO was detected. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: avoid build warningJaegeuk Kim1-1/+1
This patch removes build warning. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: fix to call f2fs_unlock_opJaegeuk Kim1-1/+2
This patch fixes to call f2fs_unlock_op, which was missing before. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: avoid to allocate when inline_data was writtenJaegeuk Kim2-13/+45
The sceanrio is like this. inline_data i_size page write_begin/vm_page_mkwrite X 30 dirty_page X 30 write to #4096 position X 30 get_dnode_of_data wait for get_dnode_of_data O 30 write inline_data O 30 get_dnode_of_data O 30 reserve data block .. In this case, we have #0 = NEW_ADDR and inline_data as well. We should not allow this condition for further access. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: use highmem for directory pagesJaegeuk Kim2-2/+3
This patch fixes to use highmem for directory pages. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: fix race conditon on truncation with inline_dataJaegeuk Kim1-0/+6
Let's consider the following scenario. blkaddr[0] inline_data i_size i_blocks writepage truncate NEW X 4096 2 dirty page #0 NEW X 0 change i_size NEW X 0 2 f2fs_write_inline_data NEW X 0 2 get_dnode_of_data NEW X 0 2 truncate_data_blocks_range NULL O 0 1 memcpy(inline_data) NULL O 0 1 f2fs_put_dnode NULL O 0 1 f2fs_truncate NULL O 0 1 get_dnode_of_data NULL O 0 1 *invalid block addr* This patch adds checking inline_data flag during f2fs_truncate not to refer corrupted block indices. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: should truncate any allocated block for inline_data writeJaegeuk Kim1-7/+8
When trying to write inline_data, we should truncate any data block allocated and pointed by the inode block. We should consider the data index is not 0. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: invalidate inmemory pageJaegeuk Kim3-0/+20
If user truncates file's data, we should truncate inmemory pages too. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03f2fs: do not make dirty any inmemory pagesJaegeuk Kim4-5/+22
This patch let inmemory pages be clean all the time. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
2014-11-03Merge branch 'for-linus' of ↵Linus Torvalds3-1/+3
git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k Pull m68k update from Geert Uytterhoeven. Just wiring up the bpf system call. * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k: m68k: Wire up bpf
2014-11-03Merge tag 'armsoc-for-rc3' of ↵Linus Torvalds9-50/+46
git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc Pull ARM SoC fixes from Olof Johansson: "A surprisingly small batch of fixes for -rc3. Suspiciously small, I'd say. Anyway, most of this are a few defconfig updates. Some for omap to deal with kernel binary size (moving ipv6 to module, etc). A larger one for socfpga that refreshes with some churn, but also turns on a few options that makes the newly-added board in my bootfarm usable for testing. OMAP3 will also now warn when booted with legacy (non-DT) boot protocols, hopefully encouraging those who still care about some of those platforms to submit DT support and report bugs where needed. Nothing stops working though, this is just to warn for future deprecation. Beyond this, very few actual bugfixes. A PXA fix for DEBUG_LL boot hangs, a missing terminting entry in a dt_match array on RealView a MTD fix on OMAP with NAND" [ Obviously missed rc3, will make rc4 instead ;) ] * tag 'armsoc-for-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: MAINTAINERS: drop list entry for davinci ARM: OMAP2+: Warn about deprecated legacy booting mode ARM: omap2plus_defconfig: Fix errors with NAND BCH ARM: multi_v7_defconfig: fix support for APQ8084 soc: versatile: Add terminating entry for realview_soc_of_match ARM: ixp4xx: remove compilation warnings in io.h MAINTAINERS: Add Soren as reviewer for Zynq ARM: omap2plus_defconfig: Fix bloat caused by having ipv6 built-in ARM: socfpga_defconfig: Update defconfig for SoCFPGA ARM: pxa: fix hang on startup with DEBUG_LL
2014-11-02Linux 3.18-rc3v3.18-rc3Linus Torvalds1-2/+2
2014-11-02Merge tag 'for-linus-20141102' of git://git.infradead.org/linux-mtdLinus Torvalds6-39/+73
Pull MTD fixes from Brian Norris: "Three main MTD fixes for 3.18: - A regression from 3.16 which was noticed in 3.17. With the restructuring of the m25p80.c driver and the SPI NOR library framework, we omitted proper listing of the SPI device IDs. This means m25p80.c wouldn't auto-load (modprobe) properly when built as a module. For now, we duplicate the device IDs into both modules. - The OMAP / ELM modules were depending on an implicit link ordering. Use deferred probing so that the new link order (in 3.18-rc) can still allow for successful probing. - Fix suspend/resume support for LH28F640BF NOR flash" * tag 'for-linus-20141102' of git://git.infradead.org/linux-mtd: mtd: cfi_cmdset_0001.c: fix resume for LH28F640BF chips mtd: omap: fix mtd devices not showing up mtd: m25p80,spi-nor: Fix module aliases for m25p80 mtd: spi-nor: make spi_nor_scan() take a chip type name, not spi_device_id mtd: m25p80: get rid of spi_get_device_id
2014-11-02Merge tag 'scsi-for-linus' of ↵Linus Torvalds6-19/+53
git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi Pull SCSI fixes from James Bottomley: "This is a set of six patches consisting of: - two MAINTAINER updates - two scsi-mq fixs for the old parallel interface (not every request is tagged and we need to set the right flags to populate the SPI tag message) - a fix for a memory leak in scatterlist traversal caused by a preallocation update in 3.17 - an ipv6 fix for cxgbi" [ The scatterlist fix also came in separately through the block layer tree ] * tag 'scsi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: MAINTAINERS: ufs - remove self MAINTAINERS: change hpsa and cciss maintainer libcxgbi : support ipv6 address host_param scsi: set REQ_QUEUE for the blk-mq case Revert "block: all blk-mq requests are tagged" lib/scatterlist: fix memory leak with scsi-mq
2014-11-02Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linuxLinus Torvalds22-83/+116
Pull drm fixes from Dave Airlie: "Nothing too astounding or major: radeon, i915, vmwgfx, armada and exynos. Biggest ones: - vmwgfx has one big locking regression fix - i915 has come displayport fixes - radeon has some stability and a memory alloc failure - armada and exynos have some vblank fixes" * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: (24 commits) drm/exynos: correct connector->dpms field before resuming drm/exynos: enable vblank after DPMS on drm/exynos: init kms poll at the end of initialization drm/exynos: propagate plane initialization errors drm/exynos: vidi: fix build warning drm/exynos: remove explicit encoder/connector de-initialization drm/exynos: init vblank with real number of crtcs drm/vmwgfx: Filter out modes those cannot be supported by the current VRAM size. drm/vmwgfx: Fix hash key computation drm/vmwgfx: fix lock breakage drm/i915/dp: only use training pattern 3 on platforms that support it drm/radeon: remove some buggy dead code drm/i915: Ignore VBT backlight check on Macbook 2, 1 drm/radeon: remove invalid pci id drm/radeon: dpm fixes for asrock systems radeon: clean up coding style differences in radeon_get_bios() drm/radeon: Use drm_malloc_ab instead of kmalloc_array drm/radeon/dpm: disable ulv support on SI drm/i915: Fix GMBUSFREQ on vlv/chv drm/i915: Ignore long hpds on eDP ports ...
2014-11-02Merge tag 'fixes-against-v3.18-rc2' of ↵Olof Johansson453-4850/+14972
git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into fixes Merge "omap fixes against v3.18-rc2" from Tony Lindgren: Few fixes for omaps to enable NAND BCH so devices won't produce errors when booted with omap2plus_defconfig, and reduce bloat by making IPV6 a loadable module. Also let's add a warning about legacy boot being deprecated for omap3. We now have things working with device tree, and only omap3 is still booting in legacy mode. So hopefully this warning will help move the remaining legacy mode users to boot with device tree. As the total reduction of code and static data is somewhere around 20000 lines of code once we remove omap3 legacy mode booting, we really do want to make omap3 to boot also in device tree mode only over the next few merge cycles. * tag 'fixes-against-v3.18-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap: (407 commits) ARM: OMAP2+: Warn about deprecated legacy booting mode ARM: omap2plus_defconfig: Fix errors with NAND BCH ARM: omap2plus_defconfig: Fix bloat caused by having ipv6 built-in + Linux 3.18-rc2 Signed-off-by: Olof Johansson <olof@lixom.net>
2014-11-02Merge branch 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-armLinus Torvalds5-9/+23
Pull ARM fixes from Russell King: - add the new bpf syscall to ARM. - drop a redundant return statement in __iommu_alloc_remap() - fix a performance issue noticed by Thomas Petazzoni with kmap_atomic(). - fix an issue with the L2 cache OF parsing code which caused it to incorrectly print warnings on each boot, and make the warning text more consistent with the rest of the code * 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm: ARM: 8180/1: mm: implement no-highmem fast path in kmap_atomic_pfn() ARM: 8183/1: l2c: Improve l2c310_of_parse() error message ARM: 8181/1: Drop extra return statement ARM: 8182/1: l2c: Make l2x0_cache_size_of_parse() return 'int' ARM: enable bpf syscall
2014-11-02Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvmLinus Torvalds2-16/+45
Pull kvm fixes from Paolo Bonzini: "A small set of x86 fixes. The most serious is an SRCU lockdep fix. A bit late - needed some time to test the SRCU fix, which only came in on Friday" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: KVM: vmx: defer load of APIC access page address during reset KVM: nVMX: Disable preemption while reading from shadow VMCS KVM: x86: Fix far-jump to non-canonical check KVM: emulator: fix execution close to the segment limit KVM: emulator: fix error code for __linearize
2014-11-03Merge branch 'exynos-drm-fixes' of ↵Dave Airlie7-42/+29
git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos into drm-fixes This pull-request includes some bug fixes and code cleanups. Especially, this fixes the bind failure issue occurred when it tries to re-bind Exynos drm driver after unbound, and the modetest failure issue incurred by not having a pair to vblank on and off requests. * 'exynos-drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos: drm/exynos: correct connector->dpms field before resuming drm/exynos: enable vblank after DPMS on drm/exynos: init kms poll at the end of initialization drm/exynos: propagate plane initialization errors drm/exynos: vidi: fix build warning drm/exynos: remove explicit encoder/connector de-initialization drm/exynos: init vblank with real number of crtcs
2014-11-02Merge branch 'for-linus' of ↵Linus Torvalds9-58/+50
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull VFS fixes from Al Viro: "A bunch of assorted fixes, most of them followups to overlayfs merge" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: ovl: initialize ->is_cursor Return short read or 0 at end of a raw device, not EIO isofs: don't bother with ->d_op for normal case isofs_cmp(): we'll never see a dentry for . or .. overlayfs: fix lockdep misannotation ovl: fix check for cursor overlayfs: barriers for opening upper-layer directory rcu: Provide counterpart to rcu_dereference() for non-RCU situations staging: android: logger: Fix log corruption regression
2014-11-02irda: stop calling sk_prot->disconnect() on connection failureLinus Torvalds1-2/+0
The sk_prot is irda's own set of protocol handlers, so irda should statically know what that function is anyway, without using an indirect pointer. And as it happens, we know *exactly* what that pointer is statically: it's NULL, because irda doesn't define a disconnect operation. So calling that function is doubly wrong, and will just cause an oops. Reported-by: Martin Lang <mlg.hessigheim@gmail.com> Cc: Samuel Ortiz <samuel@sortiz.org> Cc: David Miller <davem@davemloft.net> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-11-03drm/exynos: correct connector->dpms field before resumingAndrzej Hajda1-2/+6
During system suspend after connector switch off its dpms field is set to connector previous dpms state. To properly resume dpms field should be set to its actual state (off) before resuming to previous dpms state. Signed-off-by: Andrzej Hajda <a.hajda@samsung.com> Signed-off-by: Inki Dae <inki.dae@samsung.com>
2014-11-03drm/exynos: enable vblank after DPMS onAndrzej Hajda1-1/+4
Before DPMS off driver disables vblank. It should be balanced by vblank enable after DPMS on. The patch fixes issue with page_flip ioctl not being able to acquire vblank counter introduced by patch: drm: Always reject drm_vblank_get() after drm_vblank_off() Signed-off-by: Andrzej Hajda <a.hajda@samsung.com> Signed-off-by: Inki Dae <inki.dae@samsung.com>
2014-11-03drm/exynos: init kms poll at the end of initializationAndrzej Hajda1-6/+6
HPD events can be generated by components even if drm_dev is not fully initialized, to skip such events kms poll initialization should be performed at the end of load callback followed directly by forced connection detection. Signed-off-by: Andrzej Hajda <a.hajda@samsung.com> Signed-off-by: Inki Dae <inki.dae@samsung.com>
2014-11-03drm/exynos: propagate plane initialization errorsAndrzej Hajda1-2/+5
In case of error during plane initialization load callback incorrectly return success, this patch fixes it. Signed-off-by: Andrzej Hajda <a.hajda@samsung.com> Signed-off-by: Inki Dae <inki.dae@samsung.com>
2014-11-03drm/exynos: vidi: fix build warningInki Dae1-1/+0
encoder object isn't used anymore so remove it. Signed-off-by: Inki Dae <inki.dae@samsung.com>
2014-11-03drm/exynos: remove explicit encoder/connector de-initializationAndrzej Hajda5-22/+0
All KMS objects are destroyed by drm_mode_config_cleanup in proper order so component drivers should not care about it. Signed-off-by: Andrzej Hajda <a.hajda@samsung.com> Signed-off-by: Inki Dae <inki.dae@samsung.com>
2014-11-03drm/exynos: init vblank with real number of crtcsAndrzej Hajda1-9/+9
Initialization of vblank with MAX_CRTC caused attempts to disabling vblanks for non-existing crtcs in case drm used fewer crtcs. The patch fixes it. Signed-off-by: Andrzej Hajda <a.hajda@samsung.com> Signed-off-by: Inki Dae <inki.dae@samsung.com>
2014-11-02KVM: vmx: defer load of APIC access page address during resetPaolo Bonzini1-1/+1
Most call paths to vmx_vcpu_reset do not hold the SRCU lock. Defer loading the APIC access page to the next vmentry. This avoids the following lockdep splat: [ INFO: suspicious RCU usage. ] 3.18.0-rc2-test2+ #70 Not tainted ------------------------------- include/linux/kvm_host.h:474 suspicious rcu_dereference_check() usage! other info that might help us debug this: rcu_scheduler_active = 1, debug_locks = 0 1 lock held by qemu-system-x86/2371: #0: (&vcpu->mutex){+.+...}, at: [<ffffffffa037d800>] vcpu_load+0x20/0xd0 [kvm] stack backtrace: CPU: 4 PID: 2371 Comm: qemu-system-x86 Not tainted 3.18.0-rc2-test2+ #70 Hardware name: Dell Inc. OptiPlex 9010/0M9KCM, BIOS A12 01/10/2013 0000000000000001 ffff880209983ca8 ffffffff816f514f 0000000000000000 ffff8802099b8990 ffff880209983cd8 ffffffff810bd687 00000000000fee00 ffff880208a2c000 ffff880208a10000 ffff88020ef50040 ffff880209983d08 Call Trace: [<ffffffff816f514f>] dump_stack+0x4e/0x71 [<ffffffff810bd687>] lockdep_rcu_suspicious+0xe7/0x120 [<ffffffffa037d055>] gfn_to_memslot+0xd5/0xe0 [kvm] [<ffffffffa03807d3>] __gfn_to_pfn+0x33/0x60 [kvm] [<ffffffffa0380885>] gfn_to_page+0x25/0x90 [kvm] [<ffffffffa038aeec>] kvm_vcpu_reload_apic_access_page+0x3c/0x80 [kvm] [<ffffffffa08f0a9c>] vmx_vcpu_reset+0x20c/0x460 [kvm_intel] [<ffffffffa039ab8e>] kvm_vcpu_reset+0x15e/0x1b0 [kvm] [<ffffffffa039ac0c>] kvm_arch_vcpu_setup+0x2c/0x50 [kvm] [<ffffffffa037f7e0>] kvm_vm_ioctl+0x1d0/0x780 [kvm] [<ffffffff810bc664>] ? __lock_is_held+0x54/0x80 [<ffffffff812231f0>] do_vfs_ioctl+0x300/0x520 [<ffffffff8122ee45>] ? __fget+0x5/0x250 [<ffffffff8122f0fa>] ? __fget_light+0x2a/0xe0 [<ffffffff81223491>] SyS_ioctl+0x81/0xa0 [<ffffffff816fed6d>] system_call_fastpath+0x16/0x1b Reported-by: Takashi Iwai <tiwai@suse.de> Reported-by: Alexei Starovoitov <alexei.starovoitov@gmail.com> Reviewed-by: Wanpeng Li <wanpeng.li@linux.intel.com> Tested-by: Wanpeng Li <wanpeng.li@linux.intel.com> Fixes: 38b9917350cb2946e368ba684cfc33d1672f104e Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-11-02KVM: nVMX: Disable preemption while reading from shadow VMCSJan Kiszka1-0/+4
In order to access the shadow VMCS, we need to load it. At this point, vmx->loaded_vmcs->vmcs and the actually loaded one start to differ. If we now get preempted by Linux, vmx_vcpu_put and, on return, the vmx_vcpu_load will work against the wrong vmcs. That can cause copy_shadow_to_vmcs12 to corrupt the vmcs12 state. Fix the issue by disabling preemption during the copy operation. copy_vmcs12_to_shadow is safe from this issue as it is executed by vmx_vcpu_run when preemption is already disabled before vmentry. This bug is exposed by running Jailhouse within KVM on CPUs with shadow VMCS support. Jailhouse never expects an interrupt pending vmexit, but the bug can cause it if, after copy_shadow_to_vmcs12 is preempted, the active VMCS happens to have the virtual interrupt pending flag set in the CPU-based execution controls. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-11-02KVM: x86: Fix far-jump to non-canonical checkNadav Amit1-3/+5
Commit d1442d85cc30 ("KVM: x86: Handle errors when RIP is set during far jumps") introduced a bug that caused the fix to be incomplete. Due to incorrect evaluation, far jump to segment with L bit cleared (i.e., 32-bit segment) and RIP with any of the high bits set (i.e, RIP[63:32] != 0) set may not trigger #GP. As we know, this imposes a security problem. In addition, the condition for two warnings was incorrect. Fixes: d1442d85cc30ea75f7d399474ca738e0bc96f715 Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Nadav Amit <namit@cs.technion.ac.il> [Add #ifdef CONFIG_X86_64 to avoid complaints of undefined behavior. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-11-02Merge branch 'vmwgfx-fixes-3.18' of git://people.freedesktop.org/~thomash/linuxDave Airlie3-9/+24
A critical 3.18 regression fix from Rob, (thanks!) A fix to avoid advertizing modes we can't support from Sinclair (welcome Sinclair!) and a fix for an incorrect hash key computation from me that is completely harmless, but can wait 'til the next merge window if necessary. (I can't really bother stable with this one). * 'vmwgfx-fixes-3.18' of git://people.freedesktop.org/~thomash/linux: drm/vmwgfx: Filter out modes those cannot be supported by the current VRAM size. drm/vmwgfx: Fix hash key computation drm/vmwgfx: fix lock breakage
2014-11-01Merge tag 'staging-3.18-rc3' of ↵Linus Torvalds6-28/+31
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging Pull staging fixes from Greg KH: "Here are some staging driver fixes for 3.18-rc3. Mostly iio and comedi driver fixes for issues reported by people. All of these have been in linux-next for a while with no reported issues" * tag 'staging-3.18-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: staging: comedi: fix memory leak / bad pointer freeing for chanlist staging: comedi: Kconfig: fix config COMEDI_ADDI_APCI_3120 dependants staging: comedi: widen subdevice number argument in ioctl handlers staging: rtl8723au: Fix alignment of mac_addr for ether_addr_copy() usage drivers/staging/comedi/Kconfig: Let COMEDI_II_PCI20KC depend on HAS_IOMEM staging: comedi: (regression) channel list must be set for COMEDI_CMD ioctl iio: adc: mxs-lradc: Disable the clock on probe failure iio: st_sensors: Fix buffer copy staging:iio:ad5933: Drop "raw" from channel names staging:iio:ad5933: Fix NULL pointer deref when enabling buffer
2014-11-01Merge tag 'usb-3.18-rc3' of ↵Linus Torvalds32-173/+319
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb Pull USB fixes from Greg KH: "Here are a bunch of USB fixes for 3.18-rc3. Mostly usb-serial device ids and gadget fixes for issues that have been reported. Full details are in the shortlog. All of these have been in linux-next for a while" * tag 'usb-3.18-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (42 commits) usb: chipidea: Fix oops when removing the ci_hdrc module usb: gadget: function: Fixed the return value on error path usb: dwc2: gadget: disable phy before turning off power regulators usb: gadget: function: Remove redundant usb_free_all_descriptors usb: dwc3: gadget: Properly initialize LINK TRB usb: dwc2: gadget: fix gadget unregistration in udc_stop() function usb: dwc2: Bits in bitfield should add up to 32 usb: dwc2: gadget: sparse warning of context imbalance usb: gadget: udc: core: fix kernel oops with soft-connect usb: musb: musb_dsps: fix NULL pointer in suspend usb: musb: dsps: start OTG timer on resume again usb: gadget: loopback: don't queue requests to bogus endpoints usb: ffs: fix regression when quirk_ep_out_aligned_size flag is set usb: gadget: f_fs: remove redundant ffs_data_get() usb: gadget: udc: USB_GADGET_XILINX should depend on HAS_DMA Revert "usb: dwc3: dwc3-omap: Disable/Enable only wrapper interrupts in prepare/complete" usb: gadget: composite: enable BESL support usb: musb: cppi41: restart hrtimer only if not yet done usb: dwc3: ep0: fix Data Phase for transfer sizes aligned to wMaxPacketSize usb: serial: ftdi_sio: add "bricked" FTDI device PID ...
2014-11-01Merge branch 'for-linus' of ↵Linus Torvalds5-39/+27
git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs Pull btrfs fixes from Chris Mason: "Filipe is nailing down some problems with our skinny extent variation, and Dave's patch fixes endian problems in the new super block checks" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: Btrfs: fix race that makes btrfs_lookup_extent_info miss skinny extent items Btrfs: properly clean up btrfs_end_io_wq_cache Btrfs: fix invalid leaf slot access in btrfs_lookup_extent() btrfs: use macro accessors in superblock validation checks
2014-10-31Merge branch 'for-linus' of ↵Linus Torvalds12-29/+302
git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input Pull input updates from Dmitry Torokhov: "A bunch of fixes for minor defects reported by Coverity, a few driver fixups and revert of i8042.nomux change so that we are once again enable active MUX mode if box claims to support it" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Revert "Input: i8042 - disable active multiplexing by default" Input: altera_ps2 - use correct type for irq return value Input: altera_ps2 - write to correct register when disabling interrupts Input: max77693-haptic - fix potential overflow Input: psmouse - remove unneeded check in psmouse_reconnect() Input: vsxxxaa - fix code dropping bytes from queue Input: ims-pcu - fix dead code in ims_pcu_ofn_reg_addr_store() Input: opencores-kbd - fix error handling Input: wm97xx - adapt parameters to tosa touchscreen. Input: i8042 - quirks for Fujitsu Lifebook A544 and Lifebook AH544 Input: stmpe-keypad - fix valid key line bitmask Input: soc_button_array - update calls to gpiod_get*()
2014-10-31Merge tag 'pm+acpi-3.18-rc3' of ↵Linus Torvalds5-53/+126
git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull ACPI and power management fixes from Rafael Wysocki: "These are fixes received after my previous pull request plus one that has been in the works for quite a while, but its previous version caused problems to happen, so it's been deferred till now. Fixed are two recent regressions (MFD enumeration and cpufreq-dt), ACPI EC regression introduced in 3.17, system suspend error code path regression introduced in 3.15, an older bug related to recovery from failing resume from hibernation and a cpufreq-dt driver issue related to operation performance points. Specifics: - Fix a crash on r8a7791/koelsch during resume from system suspend caused by a recent cpufreq-dt commit (Geert Uytterhoeven). - Fix an MFD enumeration problem introduced by a recent commit adding ACPI support to the MFD subsystem that exposed a weakness in the ACPI core causing ACPI enumeration to be applied to all devices associated with one ACPI companion object, although it should be used for one of them only (Mika Westerberg). - Fix an ACPI EC regression introduced during the 3.17 cycle causing some Samsung laptops to misbehave as a result of a workaround targeted at some Acer machines. That includes a revert of a commit that went too far and a quirk for the Acer machines in question. From Lv Zheng. - Fix a regression in the system suspend error code path introduced during the 3.15 cycle that causes it to fail to take errors from asychronous execution of "late" suspend callbacks into account (Imre Deak). - Fix a long-standing bug in the hibernation resume error code path that fails to roll back everything correcty on "freeze" callback errors and leaves some devices in a "suspended" state causing more breakage to happen subsequently (Imre Deak). - Make the cpufreq-dt driver disable operation performance points that are not supported by the VR connected to the CPU voltage plane with acceptable tolerance instead of constantly failing voltage scaling later on (Lucas Stach)" * tag 'pm+acpi-3.18-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: ACPI / EC: Fix regression due to conflicting firmware behavior between Samsung and Acer. Revert "ACPI / EC: Add support to disallow QR_EC to be issued before completing previous QR_EC" cpufreq: cpufreq-dt: Restore default cpumask_setall(policy->cpus) PM / Sleep: fix recovery during resuming from hibernation PM / Sleep: fix async suspend_late/freeze_late error handling ACPI: Use ACPI companion to match only the first physical device cpufreq: cpufreq-dt: disable unsupported OPPs
2014-10-31Merge tag 'pci-v3.18-fixes-1' of ↵Linus Torvalds3-14/+14
git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci Pull PCI fixes from Bjorn Helgaas: "These changes, intended for v3.18, fix: Sysfs - Fix "enable" filename change (Greg Kroah-Hartman) An unintentional sysfs filename change in commit 5136b2da770d ("PCI: convert bus code to use dev_groups"), which appeared in v3.13, changed "enable" to "enabled", and this changes it back. Old users of "enable" are currently broken and will be helped by this change. Anything that started to use "enabled" after v3.13 will be broken by this change. If necessary, we can add a symlink to make both work, but this patch doesn't do that. PCI device hotplug - Revert duplicate merge (Kamal Mostafa) A mistaken duplicate merge that added a check twice. Nothing's broken; this just removes the unnecessary code. Freescale i.MX6 - Wait for clocks to stabilize after ref_en (Richard Zhu) An i.MX6 clock problem that prevents mx6 nitrogen boards from booting" * tag 'pci-v3.18-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci: PCI: Rename sysfs 'enabled' file back to 'enable' PCI: imx6: Wait for clocks to stabilize after ref_en Revert duplicate "PCI: pciehp: Prevent NULL dereference during probe"
2014-10-31x86_64, entry: Fix out of bounds read on sysenterAndy Lutomirski1-1/+1
Rusty noticed a Really Bad Bug (tm) in my NT fix. The entry code reads out of bounds, causing the NT fix to be unreliable. But, and this is much, much worse, if your stack is somehow just below the top of the direct map (or a hole), you read out of bounds and crash. Excerpt from the crash: [ 1.129513] RSP: 0018:ffff88001da4bf88 EFLAGS: 00010296 2b:* f7 84 24 90 00 00 00 testl $0x4000,0x90(%rsp) That read is deterministically above the top of the stack. I thought I even single-stepped through this code when I wrote it to check the offset, but I clearly screwed it up. Fixes: 8c7aa698baca ("x86_64, entry: Filter RFLAGS.NT on entry from userspace") Reported-by: Rusty Russell <rusty@ozlabs.org> Cc: stable@vger.kernel.org Signed-off-by: Andy Lutomirski <luto@amacapital.net> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-10-31Merge tag 'ext4_for_linus_stable' of ↵Linus Torvalds8-28/+51
git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 Pull ext4 bugfixes from Ted Ts'o: "A set of miscellaneous ext4 bug fixes for 3.18" * tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: ext4: make ext4_ext_convert_to_initialized() return proper number of blocks ext4: bail early when clearing inode journal flag fails ext4: bail out from make_indexed_dir() on first error jbd2: use a better hash function for the revoke table ext4: prevent bugon on race between write/fcntl ext4: remove extent status procfs files if journal load fails ext4: disallow changing journal_csum option during remount ext4: enable journal checksum when metadata checksum feature enabled ext4: fix oops when loading block bitmap failed ext4: fix overflow when updating superblock backups after resize