summaryrefslogtreecommitdiff
path: root/arch
AgeCommit message (Collapse)AuthorFilesLines
2013-02-15Merge tag 'stable/for-linus-3.8-rc7-tag-two' of ↵Linus Torvalds4-63/+32
git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen Pull xen fixes from Konrad Rzeszutek Wilk: "Two fixes: - A simple bug-fix for redundant NULL check. - CVE-2013-0228/XSA-42: x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS and two reverts: - Revert the PVonHVM kexec. The patch introduces a regression with older hypervisor stacks, such as Xen 4.1." * tag 'stable/for-linus-3.8-rc7-tag-two' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen: Revert "xen PVonHVM: use E820_Reserved area for shared_info" Revert "xen/PVonHVM: fix compile warning in init_hvm_pv_info" xen: remove redundant NULL check before unregister_and_remove_pcpu(). x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS.
2013-02-15Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparcLinus Torvalds4-13/+67
Pull sparc fixes from David Miller: "A couple small fixes for sparc including some THP brown-paper-bag material: 1) During the merging of all the THP support for various architectures, sparc missed adding a HAVE_ARCH_TRANSPARENT_HUGEPAGE to it's Kconfig, oops. 2) Sparc needs to be mindful of hugepages in get_user_pages_fast(). 3) Fix memory leak in SBUS probe, from Cong Ding. 4) The sunvdc virtual disk client driver has a test of the bitmask of vdisk server supported operations which was off by one bit" * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc: sunvdc: Fix off-by-one in generic_request(). sparc64: Fix get_user_pages_fast() wrt. THP. sparc64: Add missing HAVE_ARCH_TRANSPARENT_HUGEPAGE. sparc: kernel/sbus.c: fix memory leakage
2013-02-14Revert "xen PVonHVM: use E820_Reserved area for shared_info"Konrad Rzeszutek Wilk3-55/+24
This reverts commit 9d02b43dee0d7fb18dfb13a00915550b1a3daa9f. We are doing this b/c on 32-bit PVonHVM with older hypervisors (Xen 4.1) it ends up bothing up the start_info. This is bad b/c we use it for the time keeping, and the timekeeping code loops forever - as the version field never changes. Olaf says to revert it, so lets do that. Acked-by: Olaf Hering <olaf@aepfle.de> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2013-02-14Revert "xen/PVonHVM: fix compile warning in init_hvm_pv_info"Konrad Rzeszutek Wilk1-1/+1
This reverts commit a7be94ac8d69c037d08f0fd94b45a593f1d45176. Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2013-02-13efi: Clear EFI_RUNTIME_SERVICES rather than EFI_BOOT by "noefi" boot parameterSatoru Takeuchi1-1/+1
There was a serious problem in samsung-laptop that its platform driver is designed to run under BIOS and running under EFI can cause the machine to become bricked or can cause Machine Check Exceptions. Discussion about this problem: https://bugs.launchpad.net/ubuntu-cdimage/+bug/1040557 https://bugzilla.kernel.org/show_bug.cgi?id=47121 The patches to fix this problem: efi: Make 'efi_enabled' a function to query EFI facilities 83e68189745ad931c2afd45d8ee3303929233e7f samsung-laptop: Disable on EFI hardware e0094244e41c4d0c7ad69920681972fc45d8ce34 Unfortunately this problem comes back again if users specify "noefi" option. This parameter clears EFI_BOOT and that driver continues to run even if running under EFI. Refer to the document, this parameter should clear EFI_RUNTIME_SERVICES instead. Documentation/kernel-parameters.txt: =============================================================================== ... noefi [X86] Disable EFI runtime services support. ... =============================================================================== Documentation/x86/x86_64/uefi.txt: =============================================================================== ... - If some or all EFI runtime services don't work, you can try following kernel command line parameters to turn off some or all EFI runtime services. noefi turn off all EFI runtime services ... =============================================================================== Signed-off-by: Satoru Takeuchi <takeuchi_satoru@jp.fujitsu.com> Link: http://lkml.kernel.org/r/511C2C04.2070108@jp.fujitsu.com Cc: Matt Fleming <matt.fleming@intel.com> Cc: <stable@vger.kernel.org> Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2013-02-13x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS.Jan Beulich1-7/+7
This fixes CVE-2013-0228 / XSA-42 Drew Jones while working on CVE-2013-0190 found that that unprivileged guest user in 32bit PV guest can use to crash the > guest with the panic like this: ------------- general protection fault: 0000 [#1] SMP last sysfs file: /sys/devices/vbd-51712/block/xvda/dev Modules linked in: sunrpc ipt_REJECT nf_conntrack_ipv4 nf_defrag_ipv4 iptable_filter ip_tables ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack ip6table_filter ip6_tables ipv6 xen_netfront ext4 mbcache jbd2 xen_blkfront dm_mirror dm_region_hash dm_log dm_mod [last unloaded: scsi_wait_scan] Pid: 1250, comm: r Not tainted 2.6.32-356.el6.i686 #1 EIP: 0061:[<c0407462>] EFLAGS: 00010086 CPU: 0 EIP is at xen_iret+0x12/0x2b EAX: eb8d0000 EBX: 00000001 ECX: 08049860 EDX: 00000010 ESI: 00000000 EDI: 003d0f00 EBP: b77f8388 ESP: eb8d1fe0 DS: 0000 ES: 007b FS: 0000 GS: 00e0 SS: 0069 Process r (pid: 1250, ti=eb8d0000 task=c2953550 task.ti=eb8d0000) Stack: 00000000 0027f416 00000073 00000206 b77f8364 0000007b 00000000 00000000 Call Trace: Code: c3 8b 44 24 18 81 4c 24 38 00 02 00 00 8d 64 24 30 e9 03 00 00 00 8d 76 00 f7 44 24 08 00 00 02 80 75 33 50 b8 00 e0 ff ff 21 e0 <8b> 40 10 8b 04 85 a0 f6 ab c0 8b 80 0c b0 b3 c0 f6 44 24 0d 02 EIP: [<c0407462>] xen_iret+0x12/0x2b SS:ESP 0069:eb8d1fe0 general protection fault: 0000 [#2] ---[ end trace ab0d29a492dcd330 ]--- Kernel panic - not syncing: Fatal exception Pid: 1250, comm: r Tainted: G D --------------- 2.6.32-356.el6.i686 #1 Call Trace: [<c08476df>] ? panic+0x6e/0x122 [<c084b63c>] ? oops_end+0xbc/0xd0 [<c084b260>] ? do_general_protection+0x0/0x210 [<c084a9b7>] ? error_code+0x73/ ------------- Petr says: " I've analysed the bug and I think that xen_iret() cannot cope with mangled DS, in this case zeroed out (null selector/descriptor) by either xen_failsafe_callback() or RESTORE_REGS because the corresponding LDT entry was invalidated by the reproducer. " Jan took a look at the preliminary patch and came up a fix that solves this problem: "This code gets called after all registers other than those handled by IRET got already restored, hence a null selector in %ds or a non-null one that got loaded from a code or read-only data descriptor would cause a kernel mode fault (with the potential of crashing the kernel as a whole, if panic_on_oops is set)." The way to fix this is to realize that the we can only relay on the registers that IRET restores. The two that are guaranteed are the %cs and %ss as they are always fixed GDT selectors. Also they are inaccessible from user mode - so they cannot be altered. This is the approach taken in this patch. Another alternative option suggested by Jan would be to relay on the subtle realization that using the %ebp or %esp relative references uses the %ss segment. In which case we could switch from using %eax to %ebp and would not need the %ss over-rides. That would also require one extra instruction to compensate for the one place where the register is used as scaled index. However Andrew pointed out that is too subtle and if further work was to be done in this code-path it could escape folks attention and lead to accidents. Reviewed-by: Petr Matousek <pmatouse@redhat.com> Reported-by: Petr Matousek <pmatouse@redhat.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Signed-off-by: Jan Beulich <jbeulich@suse.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2013-02-13sparc64: Fix get_user_pages_fast() wrt. THP.David S. Miller2-10/+63
Mostly mirrors the s390 logic, as unlike x86 we don't need the SetPageReferenced() bits. On sparc64 we also lack a user/privileged bit in the huge PMDs. In order to make this work for THP and non-THP builds, some header file adjustments were necessary. Namely, provide the PMD_HUGE_* bit defines and the pmd_large() inline unconditionally rather than protected by TRANSPARENT_HUGEPAGE. Reported-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2013-02-13sparc64: Add missing HAVE_ARCH_TRANSPARENT_HUGEPAGE.David S. Miller1-0/+1
This got missed in the cleanups done for the S390 THP support. CC: Gerald Schaefer <gerald.schaefer@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2013-02-13Merge branch 'x86-urgent-for-linus' of ↵Linus Torvalds6-100/+108
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Peter Anvin: "One (hopefully) last batch of x86 fixes. You asked for the patch by patch justifications, so here they are: x86, MCE: Retract most UAPI exports This one unexports from userspace a bunch of definitions which should never have been exported. We really don't want to create an accidental legacy here. x86, doc: Add a bootloader ID for OVMF This is a documentation-only patch, just recording the official assignment of a boot loader ID. x86: Do not leak kernel page mapping locations Security: avoid making it needlessly easy for user space to probe the kernel memory layout. x86/mm: Check if PUD is large when validating a kernel address Prevent failures using /proc/kcore when using 1G pages. x86/apic: Work around boot failure on HP ProLiant DL980 G7 Server systems Works around a BIOS problem causing boot failures on affected hardware." * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mm: Check if PUD is large when validating a kernel address x86/apic: Work around boot failure on HP ProLiant DL980 G7 Server systems x86, doc: Add a bootloader ID for OVMF x86: Do not leak kernel page mapping locations x86, MCE: Retract most UAPI exports
2013-02-13x86/mm: Check if PUD is large when validating a kernel addressMel Gorman2-0/+8
A user reported the following oops when a backup process reads /proc/kcore: BUG: unable to handle kernel paging request at ffffbb00ff33b000 IP: [<ffffffff8103157e>] kern_addr_valid+0xbe/0x110 [...] Call Trace: [<ffffffff811b8aaa>] read_kcore+0x17a/0x370 [<ffffffff811ad847>] proc_reg_read+0x77/0xc0 [<ffffffff81151687>] vfs_read+0xc7/0x130 [<ffffffff811517f3>] sys_read+0x53/0xa0 [<ffffffff81449692>] system_call_fastpath+0x16/0x1b Investigation determined that the bug triggered when reading system RAM at the 4G mark. On this system, that was the first address using 1G pages for the virt->phys direct mapping so the PUD is pointing to a physical address, not a PMD page. The problem is that the page table walker in kern_addr_valid() is not checking pud_large() and treats the physical address as if it was a PMD. If it happens to look like pmd_none then it'll silently fail, probably returning zeros instead of real data. If the data happens to look like a present PMD though, it will be walked resulting in the oops above. This patch adds the necessary pud_large() check. Unfortunately the problem was not readily reproducible and now they are running the backup program without accessing /proc/kcore so the patch has not been validated but I think it makes sense. Signed-off-by: Mel Gorman <mgorman@suse.de> Reviewed-by: Rik van Riel <riel@redhat.coM> Reviewed-by: Michal Hocko <mhocko@suse.cz> Acked-by: Johannes Weiner <hannes@cmpxchg.org> Cc: stable@vger.kernel.org Cc: linux-mm@kvack.org Link: http://lkml.kernel.org/r/20130211145236.GX21389@suse.de Signed-off-by: Ingo Molnar <mingo@kernel.org>
2013-02-12Merge branch 'for-linus' of ↵Linus Torvalds1-0/+3
git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux into akpm Pull s390 regression fix from Martin Schwidefsky: "The recent fix for the s390 sched_clock() function uncovered yet another bug in s390_next_ktime which causes an endless loop in KVM. This regression should be fixed before v3.8. I keep the fingers crossed that this is the last one for v3.8." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390/timer: avoid overflow when programming clock comparator
2013-02-12Merge branch 'for-linus' of ↵Linus Torvalds1-1/+0
git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu into akpm Pull m68knommu fix from Greg Ungerer: "This contains a single critical fix for the non-MMU m68k platforms. The change of the kernel exec code path has revealed a problem in the start thread code that causes crashing on boot. This is the fix for it." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu: m68knommu: fix trap on execing /bin/init
2013-02-12Merge branch 'stable' of ↵Linus Torvalds14-393/+410
git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile into akpm Pull tile bugfixes from Chris Metcalf: "This includes a variety of minor bug fixes, mostly to do with testing "make allyesconfig", "make allmodconfig", "make allnoconfig", inspired to Tejun Heo's observation about Kconfig.freezer not being included. The largest changes are just syntax changes removing the tile-specific use of a macro named INT_MASK, which is way too commonly redefined throughout driver code" * 'stable' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile: tile: tag some code with #ifdef CONFIG_COMPAT tile: fix memcpy_*io functions for allnoconfig tile: export a handful of symbols appropriately drm: fix compile failure by including <linux/swiotlb.h> tile: avoid defining INT_MASK macro in <arch/interrupts.h> tile: provide "screen_info" when enabling VT drivers/input/joystick/analog.c: enable precise timer tile: include kernel/Kconfig.freezer in tile Kconfig tile: remove an unused variable in copy_thread()
2013-02-11x86/apic: Work around boot failure on HP ProLiant DL980 G7 Server systemsStoney Wang1-10/+11
When a HP ProLiant DL980 G7 Server boots a regular kernel, there will be intermittent lost interrupts which could result in a hang or (in extreme cases) data loss. The reason is that this system only supports x2apic physical mode, while the kernel boots with a logical-cluster default setting. This bug can be worked around by specifying the "x2apic_phys" or "nox2apic" boot option, but we want to handle this system without requiring manual workarounds. The BIOS sets ACPI_FADT_APIC_PHYSICAL in FADT table. As all apicids are smaller than 255, BIOS need to pass the control to the OS with xapic mode, according to x2apic-spec, chapter 2.9. Current code handle x2apic when BIOS pass with xapic mode enabled: When user specifies x2apic_phys, or FADT indicates PHYSICAL: 1. During madt oem check, apic driver is set with xapic logical or xapic phys driver at first. 2. enable_IR_x2apic() will enable x2apic_mode. 3. if user specifies x2apic_phys on the boot line, x2apic_phys_probe() will install the correct x2apic phys driver and use x2apic phys mode. Otherwise it will skip the driver will let x2apic_cluster_probe to take over to install x2apic cluster driver (wrong one) even though FADT indicates PHYSICAL, because x2apic_phys_probe does not check FADT PHYSICAL. Add checking x2apic_fadt_phys in x2apic_phys_probe() to fix the problem. Signed-off-by: Stoney Wang <song-bo.wang@hp.com> [ updated the changelog and simplified the code ] Signed-off-by: Yinghai Lu <yinghai@kernel.org> Cc: stable@kernel.org Link: http://lkml.kernel.org/r/1360263182-16226-1-git-send-email-yinghai@kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org>
2013-02-09Merge tag 'highbank-fixes-for-3.8' of git://sources.calxeda.com/kernel/linux ↵Olof Johansson4-5/+12
into fixes From Rob Herring: highbank fixes for 3.8 -Compile fix for !SMP -More cpu cluster id related fixes * tag 'highbank-fixes-for-3.8' of git://sources.calxeda.com/kernel/linux: ARM: highbank: mask cluster id from cpu_logical_map ARM: scu: mask cluster id from cpu_logical_map ARM: scu: add empty scu_enable for !CONFIG_SMP
2013-02-09Merge branch 'fixes' of git://git.linaro.org/people/rmk/linux-armLinus Torvalds4-5/+26
Pull ARM fixes from Russell King: "I was going to hold these off until v3.8 was out, and send them with a stable tag, but as everyone else is pushing much bigger fixes which Linus is accepting, let's save people from the hastle of having to patch v3.8 back into working or use a stable kernel. Looking at the diffstat, this really is high value for its size; this is miniscule compared to how the -rc6 to tip diffstat currently looks. So, four patches in this set: - Punit Agrawal reports that the kernel no longer boots on MPCore due to a new assumption made in the GIC code which isn't true of earlier GIC designs. This is the biggest change in this set. - Punit's boot log also revealed a bunch of WARN_ON() dumps caused by the DT-ification of the GIC support without fixing up non-DT Realview - which now sees a greater number of interrupts than it did before. - A fix for the DMA coherent code from Marek which uses the wrong check for atomic allocations; this can result in spinlock lockups or other nasty effects. - A fix from Will, which will affect all Android based platforms if not applied (which use the 2G:2G VM split) - this causes particularly 'make' to misbehave unless this bug is fixed." * 'fixes' of git://git.linaro.org/people/rmk/linux-arm: ARM: 7641/1: memory: fix broken mmap by ensuring TASK_UNMAPPED_BASE is aligned ARM: DMA mapping: fix bad atomic test ARM: realview: ensure that we have sufficient IRQs available ARM: GIC: fix GIC cpumask initialization
2013-02-08tile: tag some code with #ifdef CONFIG_COMPATChris Metcalf1-0/+4
This allows us to disable COMPAT mode without a link error. Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
2013-02-08tile: fix memcpy_*io functions for allnoconfigChris Metcalf1-1/+5
On tilepro without CONFIG_PCI, we can't provide inlines of these functions, as we don't have readl/writel. In addition, fix memset_io() signature to take a volatile void *. Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
2013-02-08tile: export a handful of symbols appropriatelyChris Metcalf6-0/+10
This was shown up by running with "allmodconfig". I used EXPORT_SYMBOL() to match existing conventions in files that were already exporting symbols, or that were exported that way by other architectures, and otherwise EXPORT_SYMBOL_GPL(). Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
2013-02-08ARM: 7641/1: memory: fix broken mmap by ensuring TASK_UNMAPPED_BASE is alignedWill Deacon1-1/+1
We have received multiple reports of mmap failures when running with a 2:2 vm split. These manifest as either -EINVAL with a non page-aligned address (ending 0xaaa) or a SEGV, depending on the application. The issue is commonly observed in children of make, which appears to use bottom-up mmap (assumedly because it changes the stack rlimit). Further investigation reveals that this regression was triggered by 394ef6403abc ("mm: use vm_unmapped_area() on arm architecture"), whereby TASK_UNMAPPED_BASE is no longer page-aligned for bottom-up mmap, causing get_unmapped_area to choke on misaligned addressed. This patch fixes the problem by defining TASK_UNMAPPED_BASE in terms of TASK_SIZE and explicitly aligns the result to 16M, matching the other end of the heap. Acked-by: Nicolas Pitre <nico@linaro.org> Reported-by: Steve Capper <steve.capper@arm.com> Reported-by: Jean-Francois Moine <moinejf@free.fr> Reported-by: Christoffer Dall <cdall@cs.columbia.edu> Signed-off-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2013-02-08ARM: DMA mapping: fix bad atomic testRussell King1-1/+1
Realview fails to boot with this warning: BUG: spinlock lockup suspected on CPU#0, init/1 lock: 0xcf8bde10, .magic: dead4ead, .owner: init/1, .owner_cpu: 0 Backtrace: [<c00185d8>] (dump_backtrace+0x0/0x10c) from [<c03294e8>] (dump_stack+0x18/0x1c) r6:cf8bde10 r5:cf83d1c0 r4:cf8bde10 r3:cf83d1c0 [<c03294d0>] (dump_stack+0x0/0x1c) from [<c018926c>] (spin_dump+0x84/0x98) [<c01891e8>] (spin_dump+0x0/0x98) from [<c0189460>] (do_raw_spin_lock+0x100/0x198) [<c0189360>] (do_raw_spin_lock+0x0/0x198) from [<c032cbac>] (_raw_spin_lock+0x3c/0x44) [<c032cb70>] (_raw_spin_lock+0x0/0x44) from [<c01c9224>] (pl011_console_write+0xe8/0x11c) [<c01c913c>] (pl011_console_write+0x0/0x11c) from [<c002aea8>] (call_console_drivers.clone.7+0xdc/0x104) [<c002adcc>] (call_console_drivers.clone.7+0x0/0x104) from [<c002b320>] (console_unlock+0x2e8/0x454) [<c002b038>] (console_unlock+0x0/0x454) from [<c002b8b4>] (vprintk_emit+0x2d8/0x594) [<c002b5dc>] (vprintk_emit+0x0/0x594) from [<c0329718>] (printk+0x3c/0x44) [<c03296dc>] (printk+0x0/0x44) from [<c002929c>] (warn_slowpath_common+0x28/0x6c) [<c0029274>] (warn_slowpath_common+0x0/0x6c) from [<c0029304>] (warn_slowpath_null+0x24/0x2c) [<c00292e0>] (warn_slowpath_null+0x0/0x2c) from [<c0070ab0>] (lockdep_trace_alloc+0xd8/0xf0) [<c00709d8>] (lockdep_trace_alloc+0x0/0xf0) from [<c00c0850>] (kmem_cache_alloc+0x24/0x11c) [<c00c082c>] (kmem_cache_alloc+0x0/0x11c) from [<c00bb044>] (__get_vm_area_node.clone.24+0x7c/0x16c) [<c00bafc8>] (__get_vm_area_node.clone.24+0x0/0x16c) from [<c00bb7b8>] (get_vm_area_caller+0x48/0x54) [<c00bb770>] (get_vm_area_caller+0x0/0x54) from [<c0020064>] (__alloc_remap_buffer.clone.15+0x38/0xb8) [<c002002c>] (__alloc_remap_buffer.clone.15+0x0/0xb8) from [<c0020244>] (__dma_alloc+0x160/0x2c8) [<c00200e4>] (__dma_alloc+0x0/0x2c8) from [<c00204d8>] (arm_dma_alloc+0x88/0xa0)[<c0020450>] (arm_dma_alloc+0x0/0xa0) from [<c00beb00>] (dma_pool_alloc+0xcc/0x1a8) [<c00bea34>] (dma_pool_alloc+0x0/0x1a8) from [<c01a9d14>] (pl08x_fill_llis_for_desc+0x28/0x568) [<c01a9cec>] (pl08x_fill_llis_for_desc+0x0/0x568) from [<c01aab8c>] (pl08x_prep_slave_sg+0x258/0x3b0) [<c01aa934>] (pl08x_prep_slave_sg+0x0/0x3b0) from [<c01c9f74>] (pl011_dma_tx_refill+0x140/0x288) [<c01c9e34>] (pl011_dma_tx_refill+0x0/0x288) from [<c01ca748>] (pl011_start_tx+0xe4/0x120) [<c01ca664>] (pl011_start_tx+0x0/0x120) from [<c01c54a4>] (__uart_start+0x48/0x4c) [<c01c545c>] (__uart_start+0x0/0x4c) from [<c01c632c>] (uart_start+0x2c/0x3c) [<c01c6300>] (uart_start+0x0/0x3c) from [<c01c795c>] (uart_write+0xcc/0xf4) [<c01c7890>] (uart_write+0x0/0xf4) from [<c01b0384>] (n_tty_write+0x1c0/0x3e4) [<c01b01c4>] (n_tty_write+0x0/0x3e4) from [<c01acfe8>] (tty_write+0x144/0x240) [<c01acea4>] (tty_write+0x0/0x240) from [<c01ad17c>] (redirected_tty_write+0x98/0xac) [<c01ad0e4>] (redirected_tty_write+0x0/0xac) from [<c00c371c>] (vfs_write+0xbc/0x150) [<c00c3660>] (vfs_write+0x0/0x150) from [<c00c39c0>] (sys_write+0x4c/0x78) [<c00c3974>] (sys_write+0x0/0x78) from [<c0014460>] (ret_fast_syscall+0x0/0x3c) This happens because the DMA allocation code is not respecting atomic allocations correctly. GFP flags should not be tested for GFP_ATOMIC to determine if an atomic allocation is being requested. GFP_ATOMIC is not a flag but a value. The GFP bitmask flags are all prefixed with __GFP_. The rest of the kernel tests for __GFP_WAIT not being set to indicate an atomic allocation. We need to do the same. Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2013-02-08ARM: realview: ensure that we have sufficient IRQs availableRussell King1-1/+1
Realview EB with a rev B MPcore tile results in lots of warnings at boot because it can't allocate enough IRQs. Fix this by increasing the number of available IRQs. WARNING: at /home/rmk/git/linux-rmk/arch/arm/common/gic.c:757 gic_init_bases+0x12c/0x2ec() Cannot allocate irq_descs @ IRQ96, assuming pre-allocated Modules linked in: Backtrace: [<c00185d8>] (dump_backtrace+0x0/0x10c) from [<c03294e8>] (dump_stack+0x18/0x1c) r6:000002f5 r5:c042c62c r4:c044ff40 r3:c045f240 [<c03294d0>] (dump_stack+0x0/0x1c) from [<c00292c8>] (warn_slowpath_common+0x54/0x6c) [<c0029274>] (warn_slowpath_common+0x0/0x6c) from [<c0029384>] (warn_slowpath_fmt+0x38/0x40) [<c002934c>] (warn_slowpath_fmt+0x0/0x40) from [<c042c62c>] (gic_init_bases+0x12c/0x2ec) [<c042c500>] (gic_init_bases+0x0/0x2ec) from [<c042cdc8>] (gic_init_irq+0x8c/0xd8) [<c042cd3c>] (gic_init_irq+0x0/0xd8) from [<c042827c>] (init_IRQ+0x1c/0x24) [<c0428260>] (init_IRQ+0x0/0x24) from [<c04256c8>] (start_kernel+0x1a4/0x300) [<c0425524>] (start_kernel+0x0/0x300) from [<70008070>] (0x70008070) ---[ end trace 1b75b31a2719ed1c ]--- ------------[ cut here ]------------ WARNING: at /home/rmk/git/linux-rmk/kernel/irq/irqdomain.c:234 irq_domain_add_legacy+0x80/0x140() Modules linked in: Backtrace: [<c00185d8>] (dump_backtrace+0x0/0x10c) from [<c03294e8>] (dump_stack+0x18/0x1c) r6:000000ea r5:c0081a38 r4:00000000 r3:c045f240 [<c03294d0>] (dump_stack+0x0/0x1c) from [<c00292c8>] (warn_slowpath_common+0x54/0x6c) [<c0029274>] (warn_slowpath_common+0x0/0x6c) from [<c0029304>] (warn_slowpath_null+0x24/0x2c) [<c00292e0>] (warn_slowpath_null+0x0/0x2c) from [<c0081a38>] (irq_domain_add_legacy+0x80/0x140) [<c00819b8>] (irq_domain_add_legacy+0x0/0x140) from [<c042c64c>] (gic_init_bases+0x14c/0x2ec) [<c042c500>] (gic_init_bases+0x0/0x2ec) from [<c042cdc8>] (gic_init_irq+0x8c/0xd8) [<c042cd3c>] (gic_init_irq+0x0/0xd8) from [<c042827c>] (init_IRQ+0x1c/0x24) [<c0428260>] (init_IRQ+0x0/0x24) from [<c04256c8>] (start_kernel+0x1a4/0x300) [<c0425524>] (start_kernel+0x0/0x300) from [<70008070>] (0x70008070) ---[ end trace 1b75b31a2719ed1d ]--- ------------[ cut here ]------------ WARNING: at /home/rmk/git/linux-rmk/arch/arm/common/gic.c:762 gic_init_bases+0x170/0x2ec() Modules linked in: Backtrace: [<c00185d8>] (dump_backtrace+0x0/0x10c) from [<c03294e8>] (dump_stack+0x18/0x1c) r6:000002fa r5:c042c670 r4:00000000 r3:c045f240 [<c03294d0>] (dump_stack+0x0/0x1c) from [<c00292c8>] (warn_slowpath_common+0x54/0x6c) [<c0029274>] (warn_slowpath_common+0x0/0x6c) from [<c0029304>] (warn_slowpath_null+0x24/0x2c) [<c00292e0>] (warn_slowpath_null+0x0/0x2c) from [<c042c670>] (gic_init_bases+0x170/0x2ec) [<c042c500>] (gic_init_bases+0x0/0x2ec) from [<c042cdc8>] (gic_init_irq+0x8c/0xd8) [<c042cd3c>] (gic_init_irq+0x0/0xd8) from [<c042827c>] (init_IRQ+0x1c/0x24) [<c0428260>] (init_IRQ+0x0/0x24) from [<c04256c8>] (start_kernel+0x1a4/0x300) [<c0425524>] (start_kernel+0x0/0x300) from [<70008070>] (0x70008070) ---[ end trace 1b75b31a2719ed1e ]--- Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2013-02-08ARM: GIC: fix GIC cpumask initializationRussell King1-2/+23
Punit Agrawal reports: > I was trying to boot 3.8-rc5 on Realview EB 11MPCore using > realview-smp_defconfig as a starting point but the kernel failed to > progress past the log below (config attached). > > Pawel suggested I try reverting 384a290283f - "ARM: gic: use a private > mapping for CPU target interfaces" that you've authored. With this > commit reverted the kernel boots. > > I am not quite sure why the commit breaks 11MPCore but Pawel (cc'd) > might be able to shed light on that. Some early GIC implementations return zero for the first distributor CPU routing register. This means we can't rely on that telling us which CPU interface we're connected to. We know that these platforms implement PPIs for IRQs 29-31 - but we shouldn't assume that these will always be populated. So, instead, scan for a non-zero CPU routing register in the first 32 IRQs and use that as our CPU mask. Reported-by: Punit Agrawal <punit.agrawal@arm.com> Reviewed-by: Nicolas Pitre <nico@linaro.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2013-02-08Merge tag 'pinctrl-for-v3.8-late' of ↵Linus Torvalds1-1/+1
git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl Pull late pinctrl fixes from Linus Walleij: "Two patches appeared as of late, one was completely news to me, the other one was rotated in -next for the next merge window but turned out to be a showstopper. - Exynos Kconfig fixup - SIRF DT translation bug" * tag 'pinctrl-for-v3.8-late' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl: pinctrl: sirf: replace of_gpio_simple_xlate by sirf specific of_xlate pinctrl: exynos: change PINCTRL_EXYNOS option
2013-02-07x86: Do not leak kernel page mapping locationsKees Cook1-3/+5
Without this patch, it is trivial to determine kernel page mappings by examining the error code reported to dmesg[1]. Instead, declare the entire kernel memory space as a violation of a present page. Additionally, since show_unhandled_signals is enabled by default, switch branch hinting to the more realistic expectation, and unobfuscate the setting of the PF_PROT bit to improve readability. [1] http://vulnfactory.org/blog/2013/02/06/a-linux-memory-trick/ Reported-by: Dan Rosenberg <dan.j.rosenberg@gmail.com> Suggested-by: Brad Spengler <spender@grsecurity.net> Signed-off-by: Kees Cook <keescook@chromium.org> Cc: stable@vger.kernel.org Acked-by: H. Peter Anvin <hpa@zytor.com> Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Cc: Frederic Weisbecker <fweisbec@gmail.com> Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Peter Zijlstra <a.p.zijlstra@chello.nl> Link: http://lkml.kernel.org/r/20130207174413.GA12485@www.outflux.net Signed-off-by: Ingo Molnar <mingo@kernel.org>
2013-02-06Merge tag 'ras_for_3.8' into x86/urgentH. Peter Anvin2-87/+84
Retract MCE-specific UAPI exports which are unused and shouldn't be used. Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2013-02-06m68knommu: fix trap on execing /bin/initGreg Ungerer1-1/+0
As of commit fea82210 ("m68k: switch to saner kernel_execve() semantics") the non-mmu m68k targets have trapped on booting. The execing of /bin/init causes the exec path to try and return through a 0x0 return address - thus trapping or otherwise hanging or crashing. The problem isn't in the exec path as such though, but rather in the m68knommu start_thread() macro. It is trying to clear the a6 register that it assumes is part of a struct switch_stack below the thread registers on our stack. But that is not what the stack frames look like when this is run. So it ends up corrupting our call stack and zeroing out a function return address that is sitting there. The clearing of a6 was introduced many years ago in commit 7bf9a37d8d ("m68knommu: force stack alignment on ColdFire"). It used to work because the kernel init exec code path had a short cut back to the exception return code, and it didn't need to return through the calls on the stack. Signed-off-by: Greg Ungerer <gerg@uclinux.org>
2013-02-06Merge branch 'fixes-for-v3.8-rc7' of ↵Linus Torvalds9-0/+115
git://git.linaro.org/people/mszyprowski/linux-dma-mapping Pull DMA mapping fixes from Marek Szyprowski: "This pull request contains important bugfix patches for 9 architectures, which finally fixes broken allmodconfig builds introduced in v3.8-rc1. Those architectures don't use dma_map_ops based implementation and require manual update or additional dummy implementations of the missing new dma-mapping api functions: dma_mmap_coherent and dma_get_sgtable." * 'fixes-for-v3.8-rc7' of git://git.linaro.org/people/mszyprowski/linux-dma-mapping: xtensa: Provide dummy dma_mmap_coherent() and dma_get_sgtable() parisc: Provide dummy dma_mmap_coherent() and dma_get_sgtable() mn10300: Provide dummy dma_mmap_coherent() and dma_get_sgtable() m68k: Provide dma_mmap_coherent() and dma_get_sgtable() frv: Provide dummy dma_mmap_coherent() and dma_get_sgtable() cris: Provide dma_mmap_coherent() and dma_get_sgtable() c6x: Provide dummy dma_mmap_coherent() and dma_get_sgtable() blackfin: Provide dma_mmap_coherent() and dma_get_sgtable() avr32: Provide dma_mmap_coherent() and dma_get_sgtable()
2013-02-05pinctrl: exynos: change PINCTRL_EXYNOS optionKukjin Kim1-1/+1
Since pinctrl-exynos can support exynos4 and exynos5 so changed the option name to PINCTRL_EXYNOS for more clarity. Cc: Thomas Abraham <Thomas.abraham@linaro.org> Cc: Linus Walleij <linus.walleij@linaro.org> Cc: Grant Likely <grant.likely@secretlab.ca> Signed-off-by: Kukjin Kim <kgene.kim@samsung.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2013-02-05Merge branch 'x86-urgent-for-linus' of ↵Linus Torvalds2-6/+5
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Ingo Molnar: "Three small fixlets" * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/intel/cacheinfo: Shut up annoying warning x86, doc: Boot protocol 2.12 is in 3.8 x86-64: Replace left over sti/cli in ia32 audit exit code
2013-02-05Merge branch 'perf-urgent-for-linus' of ↵Linus Torvalds3-4/+14
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull perf fixes from Ingo Molnar: "Three fixlets and two small (and low risk) hw-enablement changes" * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: perf: Fix event group context move x86/perf: Add IvyBridge EP support perf/x86: Fix P6 driver section warning arch/x86/tools/insn_sanity.c: Identify source of messages perf/x86: Enable Intel Lincroft/Penwell/Cloverview Atom support
2013-02-04tile: avoid defining INT_MASK macro in <arch/interrupts.h>Chris Metcalf4-391/+383
Unfortunately, this name conflicts with a different use of the name in various places through the tree, so don't provide it for the kernel. We preserve it for userspace to avoid breaking any userspace code that relies on this definition. This fixes a number of compile errors for various drivers that are enabled by "allyesconfig". Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
2013-02-04tile: provide "screen_info" when enabling VTChris Metcalf1-0/+5
This avoids a link-time failure when building allyesconfig. Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
2013-02-04x86/intel/cacheinfo: Shut up annoying warningBorislav Petkov1-4/+3
I've been getting the following warning when doing randbuilds since forever. Now it finally pissed me off just the perfect amount so that I can fix it. arch/x86/kernel/cpu/intel_cacheinfo.c:489:27: warning: ‘cache_disable_0’ defined but not used [-Wunused-variable] arch/x86/kernel/cpu/intel_cacheinfo.c:491:27: warning: ‘cache_disable_1’ defined but not used [-Wunused-variable] arch/x86/kernel/cpu/intel_cacheinfo.c:524:27: warning: ‘subcaches’ defined but not used [-Wunused-variable] It happens because in randconfigs where CONFIG_SYSFS is not set, the whole sysfs-interface to L3 cache index disabling is remaining unused and gcc correctly warns about it. Make it optional, depending on CONFIG_SYSFS too, as is the case with other sysfs-related machinery in this file. Signed-off-by: Borislav Petkov <bp@suse.de> Cc: Andreas Herrmann <andreas.herrmann3@amd.com> Link: http://lkml.kernel.org/r/1359969195-27362-1-git-send-email-bp@alien8.de Signed-off-by: Ingo Molnar <mingo@kernel.org>
2013-02-04Merge branch 'merge' of ↵Linus Torvalds1-27/+35
git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc Pull powerpc update from Benjamin Herrenschmidt: "Just so that you don't get too bored on your Island here's a patch for 3.8 fixing a nasty bug that affects the new 64T support that was merged in 3.7. Please apply whenever you have a chance (and an internet connection!)" * 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc: powerpc/mm: Fix hash computation function
2013-02-04powerpc/mm: Fix hash computation functionAneesh Kumar K.V1-27/+35
The ASM version of hash computation function was truncating the upper bit. Make the ASM version similar to hpt_hash function. Remove masking vsid bits. Without this patch, we observed hang during bootup due to not satisfying page fault request correctly. The fault handler used wrong hash values to update the HPTE. Hence we kept looping with page fault. hash_page(ea=000001003e260008, access=203, trap=300 ip=3fff91787134 dsisr 42000000 The computed value of hash 000000000f22f390 update: avpnv=4003e46054003e00, hash=000000000722f390, f=80000006, psize: 2 ... BenH: The over-masking has been there for ever but only hurts with the new 64T support introduced in 3.7 Reported-by: Mike Qiu <qiudayu@linux.vnet.ibm.com> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Tested-by: Mike Qiu <qiudayu@linux.vnet.ibm.com> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> CC: <stable@vger.kernel.org> [v3.7]
2013-02-01tile: include kernel/Kconfig.freezer in tile KconfigChris Metcalf1-0/+2
Suggested by Tejun Heo <tj@kernel.org> to fix "allyesconfig" compile failure. Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
2013-02-01tile: remove an unused variable in copy_thread()Chris Metcalf1-1/+1
Signed-off-by: Chris Metcalf <cmetcalf@tilera.com>
2013-01-31Merge tag 'v3.8-rc6' into x86/urgentH. Peter Anvin107-394/+584
Linux 3.8-rc6 Merged in order to add a documentation update versus new code in upstream. Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2013-02-01Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linusLinus Torvalds18-22/+67
Pull MIPS updates from Ralf Baechle: "A number of fixes all across the MIPS tree. No area is particularly standing out and things have cooled down quite nicely for a release." * 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus: MIPS: Function tracer: Fix broken function tracing mips: Move __virt_addr_valid() to a place for MIPS 64 MIPS: Netlogic: Fix UP compilation on XLR MIPS: AR71xx: Fix AR71XX_PCI_MEM_SIZE MIPS: AR724x: Fix AR724X_PCI_MEM_SIZE MIPS: Lantiq: Fix cp0_perfcount_irq mapping MIPS: DSP: Fix DSP mask for registers. MIPS: Fix build failure by adding definition of pfn_pmd(). MIPS: Octeon: Fix warning. MIPS: delay.c: Check BITS_PER_LONG instead of __SIZEOF_LONG__ MIPS: PNX833x: Fix comment. MIPS: Add struct p_format to union mips_instruction. MIPS: Export <asm/break.h>. MIPS: BCM47xx: Enable SSB prerequisite SSB_DRIVER_PCICORE. MIPS: BCM47xx: Select GPIOLIB for BCMA on bcm47xx platform MIPS: vpe.c: Fix null pointer dereference in print arguments.
2013-01-31ARM: highbank: mask cluster id from cpu_logical_mapRob Herring2-3/+4
With commit a0ae0240 (ARM: kernel: add device tree init map function), the cpu id value may include the cluster id and is no longer 0-3, so we need to mask it now to get the right hard cpu index. Signed-off-by: Rob Herring <rob.herring@calxeda.com>
2013-01-31ARM: scu: mask cluster id from cpu_logical_mapRob Herring1-1/+1
With commit a0ae0240 (ARM: kernel: add device tree init map function), the cpu id value may include the cluster id and is no longer 0-3, so we need to mask it in scu_power_mode to get the local cpu number. Since we are only dealing with the cpu we are running on, the cluster id should not ever be needed. Signed-off-by: Rob Herring <rob.herring@calxeda.com>
2013-01-31ARM: scu: add empty scu_enable for !CONFIG_SMPRob Herring1-1/+7
Add an empty version of scu_enable for !SMP builds. This fixes compile error for highbank suspend code on !SMP builds. Signed-off-by: Rob Herring <rob.herring@calxeda.com>
2013-01-31MIPS: Function tracer: Fix broken function tracingAl Cooper2-4/+39
Function tracing is currently broken for all 32 bit MIPS platforms. When tracing is enabled, the kernel immediately hangs on boot. This is a result of commit b732d439cb43336cd6d7e804ecb2c81193ef63b0 that changes the kernel/trace/Kconfig file so that is no longer forces FRAME_POINTER when FUNCTION_TRACING is enabled. MIPS frame pointers are generally considered to be useless because they cannot be used to unwind the stack. Unfortunately the MIPS function tracing code has bugs that are masked by the use of frame pointers. This commit fixes the bugs so that MIPS frame pointers don't need to be enabled. The bugs are a result of the odd calling sequence used to call the trace routine. This calling sequence is inserted into every traceable function when the tracing CONFIG option is enabled. This sequence is generated for 32bit MIPS platforms by the compiler via the "-pg" flag. Part of the sequence is "addiu sp,sp,-8" in the delay slot after every call to the trace routine "_mcount" (some legacy thing where 2 arguments used to be pushed on the stack). The _mcount routine is expected to adjust the sp by +8 before returning. So when not disabled, the original jalr and addiu will be there, so _mcount has to adjust sp. The problem is that when tracing is disabled for a function, the "jalr _mcount" instruction is replaced with a nop, but the "addiu sp,sp,-8" is still executed and the stack pointer is left trashed. When frame pointers are enabled the problem is masked because any access to the stack is done through the frame pointer and the stack pointer is restored from the frame pointer when the function returns. This patch writes two nops starting at the address of the "jalr _mcount" instruction whenever tracing is disabled. This means that the "addiu sp,sp.-8" will be converted to a nop along with the "jalr". When disabled, there will be two nops. This is SMP safe because the first time this happens is during ftrace_init() which is before any other processor has been started. Subsequent calls to enable/disable tracing when other CPUs ARE running will still be safe because the enable will only change the first nop to a "jalr" and the disable, while writing 2 nops, will only be changing the "jalr". This patch also stops using stop_machine() to call the tracer enable/disable routines and calls them directly because the routines are SMP safe. When the kernel first boots we have to be able to handle the gcc generated jalr, addui sequence until ftrace_init gets a chance to run and change the sequence. At this point mcount just adjusts the stack and returns. When ftrace_init runs, we convert the jalr/addui to nops. Then whenever tracing is enabled we convert the first nop to a "jalr mcount+8". The mcount+8 entry point skips the stack adjust. [ralf@linux-mips.org: Folded in Steven Rostedt's build fix.] Signed-off-by: Al Cooper <alcooperx@gmail.com> Cc: rostedt@goodmis.org Cc: ddaney.cavm@gmail.com Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/4806/ Patchwork: https://patchwork.linux-mips.org/patch/4841/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2013-01-31mips: Move __virt_addr_valid() to a place for MIPS 64Steven Rostedt2-6/+6
Commit d3ce88431892 "MIPS: Fix modpost error in modules attepting to use virt_addr_valid()" moved __virt_addr_valid() from a macro in a header file to a function in ioremap.c. But ioremap.c is only compiled for MIPS 32, and not for MIPS 64. When compiling for my yeeloong2, which supposedly supports hibernation, which compiles kernel/power/snapshot.c which calls virt_addr_valid(), I got this error: LD init/built-in.o kernel/built-in.o: In function `memory_bm_free': snapshot.c:(.text+0x4c9c4): undefined reference to `__virt_addr_valid' snapshot.c:(.text+0x4ca58): undefined reference to `__virt_addr_valid' kernel/built-in.o: In function `snapshot_write_next': (.text+0x4e44c): undefined reference to `__virt_addr_valid' kernel/built-in.o: In function `snapshot_write_next': (.text+0x4e890): undefined reference to `__virt_addr_valid' make[1]: *** [vmlinux] Error 1 make: *** [sub-make] Error 2 I suspect that __virt_addr_valid() is fine for mips 64. I moved it to mmap.c such that it gets compiled for mips 64 and 32. Signed-off-by: Steven Rostedt <rostedt@goodmis.org> Cc: linux-kernel@vger.kernel.org Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/4842/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2013-01-31s390/timer: avoid overflow when programming clock comparatorHeiko Carstens1-0/+3
Since ed4f209 "s390/time: fix sched_clock() overflow" a new helper function is used to avoid overflows when converting TOD format values to nanosecond values. The kvm interrupt code formerly however only worked by accident because of an overflow. It tried to program a timer that would expire in more than ~29 years. Because of the old TOD-to-nanoseconds overflow bug the real expiry value however was much smaller, but now it isn't anymore. This however triggers yet another bug in the function that programs the clock comparator s390_next_ktime(): if the absolute "expires" value is after 2042 this will result in an overflow and the programmed value is lower than the current TOD value which immediatly triggers a clock comparator (= timer) interrupt. Since the timer isn't expired it will be programmed immediately again and so on... the result is a dead system. To fix this simply program the maximum possible value if an overflow is detected. Reported-by: Christian Borntraeger <borntraeger@de.ibm.com> Tested-by: Christian Borntraeger <borntraeger@de.ibm.com> Cc: stable@vger.kernel.org # v3.3+ Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
2013-01-31x86-64: Replace left over sti/cli in ia32 audit exit codeJan Beulich1-2/+2
For some reason they didn't get replaced so far by their paravirt equivalents, resulting in code to be run with interrupts disabled that doesn't expect so (causing, in the observed case, a BUG_ON() to trigger) when syscall auditing is enabled. David (Cc-ed) came up with an identical fix, so likely this can be taken to count as an ack from him. Reported-by: Peter Moody <pmoody@google.com> Signed-off-by: Jan Beulich <jbeulich@suse.com> Cc: David Vrabel <david.vrabel@citrix.com> Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Link: http://lkml.kernel.org/r/5108E01902000078000BA9C5@nat28.tlf.novell.com Signed-off-by: Ingo Molnar <mingo@kernel.org> Cc: stable@vger.kernel.org Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Cc: David Vrabel <david.vrabel@citrix.com> Tested-by: Peter Moody <pmoody@google.com>
2013-01-31Merge branch 'x86-efi-for-linus' of ↵Linus Torvalds11-73/+183
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 EFI fixes from Peter Anvin: "This is a collection of fixes for the EFI support. The controversial bit here is a set of patches which bumps the boot protocol version as part of fixing some serious problems with the EFI handover protocol, used when booting under EFI using a bootloader as opposed to directly from EFI. These changes should also make it a lot saner to support cross-mode 32/64-bit EFI booting in the future. Getting these changes into 3.8 means we avoid presenting an inconsistent ABI to bootloaders. Other changes are display detection and fixing efivarfs." * 'x86-efi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86, efi: remove attribute check from setup_efi_pci x86, build: Dynamically find entry points in compressed startup code x86, efi: Fix PCI ROM handing in EFI boot stub, in 32-bit mode x86, efi: Fix 32-bit EFI handover protocol entry point x86, efi: Fix display detection in EFI boot stub x86, boot: Define the 2.12 bzImage boot protocol x86/boot: Fix minor fd leakage in tools/relocs.c x86, efi: Set runtime_version to the EFI spec revision x86, efi: fix 32-bit warnings in setup_efi_pci() efivarfs: Delete dentry from dcache in efivarfs_file_write() efivarfs: Never return ENOENT from firmware efi, x86: Pass a proper identity mapping in efi_call_phys_prelog efivarfs: Drop link count of the right inode
2013-01-31Merge branch 'x86-urgent-for-linus' of ↵Linus Torvalds11-49/+73
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Peter Anvin: "This is a collection of miscellaneous fixes, the most important one is the fix for the Samsung laptop bricking issue (auto-blacklisting the samsung-laptop driver); the efi_enabled() changes you see below are prerequisites for that fix. The other issues fixed are booting on OLPC XO-1.5, an UV fix, NMI debugging, and requiring CAP_SYS_RAWIO for MSR references, just as with I/O port references." * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: samsung-laptop: Disable on EFI hardware efi: Make 'efi_enabled' a function to query EFI facilities smp: Fix SMP function call empty cpu mask race x86/msr: Add capabilities check x86/dma-debug: Bump PREALLOC_DMA_DEBUG_ENTRIES x86/olpc: Fix olpc-xo1-sci.c build errors arch/x86/platform/uv: Fix incorrect tlb flush all issue x86-64: Fix unwind annotations in recent NMI changes x86-32: Start out cr0 clean, disable paging before modifying cr3/4
2013-01-30Merge tag 'efi-for-3.8' into x86/efiH. Peter Anvin3-13/+22
Various urgent EFI fixes and some warning cleanups for v3.8 * EFI boot stub fix for Macbook Pro's from Maarten Lankhorst * Fix an oops in efivarfs from Lingzhu Xiang * 32-bit warning cleanups from Jan Beulich * Patch to Boot on >512GB RAM systems from Nathan Zimmer * Set efi.runtime_version correctly * efivarfs updates Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>