Most users by far do not care about the exact return value (they only
really care about whether the copy succeeded in its entirety or not),
but a few special core routines actually care deeply about exactly how
many bytes were copied from user space.
And the unrolled versions of the x86-64 user copy routines would
sometimes report that it had copied more bytes than it actually had.
Very few uses actually have partial copies to begin with, but to make
this bug even harder to trigger, most x86 CPU's use the "rep string"
instructions for normal user copies, and that version didn't have this
issue.
To make it even harder to hit, the one user of this that really cared
about the return value (and used the uncached version of the copy that
doesn't use the "rep string" instructions) was the generic write
routine, which pre-populated its source, once more hiding the problem by
avoiding the exception case that triggers the bug.
In other words, very special thanks to Bron Gondwana who not only
triggered this, but created a test-program to show it, and bisected the
behavior down to commit 08291429cf ("mm:
fix pagecache write deadlocks") which changed the access pattern just
enough that you can now trigger it with 'writev()' with multiple
iovec's.
That commit itself was not the cause of the bug, it just allowed all the
stars to align just right that you could trigger the problem.
[ Side note: this is just the minimal fix to make the copy routines
(with __copy_from_user_inatomic_nocache as the particular version that
was involved in showing this) have the right return values.
We really should improve on the exceptional case further - to make the
copy do a byte-accurate copy up to the exact page limit that causes it
to fail. As it is, the callers have to do extra work to handle the
limit case gracefully. ]
Reported-by: Bron Gondwana <brong@fastmail.fm>
Cc: Nick Piggin <npiggin@suse.de>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andi Kleen <andi@firstfloor.org>
Cc: Al Viro <viro@ZenIV.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(which didn't have this problem), and since
most users that do the carethis was very hard to trigger, but
* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mfasheh/ocfs2:
ocfs2: Remove ->hangup() from stack glue operations.
ocfs2: Move the call of ocfs2_hb_ctl into the stack glue.
ocfs2: Move the hb_ctl_path sysctl into the stack glue.
The ->hangup() call was only used to execute ocfs2_hb_ctl. Now that
the generic stack glue code handles this, the underlying stack drivers
don't need to know about it.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
Take o2hb_stop() out of the o2cb code and make it part of the generic
stack glue as ocfs2_leave_group(). This also allows us to remove the
ocfs2_get_hb_ctl_path() function - everything to do with hb_ctl is now
part of stackglue.c. o2cb no longer needs a ->hangup() function.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
ocfs2 needs to call out to the hb_ctl program at unmount for all cluster
stacks. The first step is to move the hb_ctl_path sysctl out of the
o2cb code and into the generic stack glue.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc: (21 commits)
[POWERPC] Turn on ATA_SFF so we get SATA_SVW back in defconfigs
[POWERPC] Remove ppc32's export of console_drivers
[POWERPC] Fix -Os kernel builds with newer gcc versions
[POWERPC] Fix bootwrapper builds with newer gcc versions
[POWERPC] Build fix for drivers/macintosh/mediabay.c
[POWERPC] Fix warning in pseries/eeh_driver.c
[POWERPC] Add missing of_node_put in drivers/macintosh/therm_adt746x.c
[POWERPC] Add missing of_node_put in drivers/macintosh/smu.c
[POWERPC] Add missing of_node_put in pseries/nvram.c
[POWERPC] Fix return value check logic in debugfs virq_mapping setup
[POWERPC] Fix rmb to order cacheable vs. noncacheable
powerpc/spufs: fix missed stop-and-signal event
powerpc/spufs: synchronize interaction between spu exception handling and time slicing
powerpc/spufs: remove class_0_dsisr from spu exception handling
powerpc/spufs: wait for stable spu status in spu_stopped()
[POWERPC] bootwrapper: add simpleImage* to list of boot targets
[POWERPC] 83xx: MPC837xRDB's VSC7385 ethernet switch isn't on the MDIO bus
[POWERPC] Updated Freescale PPC defconfigs
[POWERPC] 8610: Update defconfig for MPC8610 HPCD
[POWERPC] 85xx: MPC8548CDS - Fix size of PCIe IO space
...
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
[MIPS] Au1200: MMC resource size off by one
[MIPS] TANBAC: Update defconfig
[MIPS] Vr41xx: Initialize PCI io_map_base
[MIPS] Malta: Always compile MTD platform device registration code.
[MIPS] Malta: Fix build errors for 64-bit kernels
[MIPS] Lasat: sysctl fixup
[MIPS] Fix buggy use of kmap_coherent.
[MIPS] Lasat: bring back from the dead
[MIPS] vpe_id is required for VSMP and SMTC builds
[MIPS] Export smp_call_function and smp_call_function_single.
[MIPS] Bring the SWARM defconfig up to date
[MIPS] Sibyte: Build RTC support as an object
[MIPS] Fix the fix for divide by zero error in build_{clear,copy}_page
[MIPS] Fix build for PNX platforms.
[MIPS] Add RM200 with R5000 CPU to known ARC machines
[MIPS] Better load address for big endian SNI RM
[MIPS] SB1250: Initialize io_map_base
[MIPS] Alchemy: Add au1500 reserved interrupt
[MIPS] Export empty_zero_page for sake of the ext4 module.
This seems to have been removed accidentally in commit
ed7b1889da ("Unexport asm/page.h"), but
wasn't supposed to have been -- the original patch at
http://lkml.org/lkml/2007/10/30/144 just moved it from $(header-y) to
$(unifdef-y)
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Acked-by: Peter Korsgaard <jacmet@sunsite.dk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This file is only included where it makes sense now, so there's no need
for the CONFIG_ARCH_SUPPORTS_AOUT conditional -- and that conditional is
bad, because we want to export <linux/a.out.h> to userspace.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Acked-by: Peter Korsgaard <jacmet@sunsite.dk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
In commit d20894a237 ("Remove a.out
interpreter support in ELF loader"), Andi removed support for a.out
interpreters from the ELF loader, which was only ever needed for the
transition from a.out to ELF.
This removes the last traces of that support, in particular the
inclusion of <linux/a.out.h>.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Acked-by: Peter Korsgaard <jacmet@sunsite.dk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
We only need it for the /sbin/loader hack for OSF/1 executables, and we
don't want to include it otherwise.
While we're at it, remove the redundant '&& CONFIG_ARCH_SUPPORTS_AOUT'
in the ifdef around that code. It's already dependent on __alpha__, and
CONFIG_ARCH_SUPPORTS_AOUT is hard-coded to 'y' there.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Acked-by: Peter Korsgaard <jacmet@sunsite.dk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Fix build error in CONFIG_IA64_SGI_UV config. (GENERIC builds
are ok).
Signed-off-by: Jack Steiner <steiner@sgi.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
Au12x0 MMC platform device strangely claims 0x41 bytes for its
memory-mapped registers. Make it claim the whole 0x80000 instead according
to the memory map given in the datasheets.
Signed-off-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Fix 64-bit Malta by using CKSEG0ADDR and correct casts.
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
LASAT's sysctl interface was broken, it failed a check during boot because
a single entry had a sysctl number and the rest were unnumbered. When I
fixed it I noticed that the whole sysctl file needed a spring clean, it was
using mutexes where it wasn't needed (it's only needed to protect during
writes to the EEPROM), so I moved that stuff out and generally cleaned the
whole thing up.
So now, LASAT's sysctl/proc interface is working again.
Signed-off-by: Thomas Horsten <thomas@horsten.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Assuming the call of kmap_coherent in local_r4k_flush_cache_page doesn't
need fixing this was skipped in fcae549295bcae801ac48fc1c2030ab8cc487020.
Turns out it needed the same change after all.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
After the common MIPS CPU interrupt controller (for irq0-7) was introduced
the Lasat boards didn't get their interrupts right, so nothing worked. The
old routines need to be offset by the new 8 hardware interrupts common to
all MIPS CPU's.
Signed-off-by: Thomas Horsten <thomas@horsten.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
The SWARM defconfig file has not been regenerated for over a year now.
Here is a patch to bring the file up to date. Additionally some important
and sometimes confusing changes happened meanwhile. Here is the list of
notable corresponding updates to the configuration:
1. CPU_SB1_PASS_2_2 is now selected rather than CPU_SB1_PASS_1. The
latter requires a non-standard -msb1-pass1-workarounds option to be
supported by GCC and I am told is quite rare anyway.
[Ralf: Afaik -msb1-pass1-workarounds is available only in Monta Vista's
special Sibyte gcc 3.0 variant and gcc 3.0 is too old to build a modern
kernel anyway.]
2. PHYLIB and BROADCOM_PHY are both built in and NETDEV_1000 enabled as
required by SB1250_MAC.
3. USB and USB_OHCI_HCD are enabled as there is an OHCI chip onboard.
4. TMPFS is enabled, because I use it. ;-)
Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Build the SWARM platform library is as an object rather than an archive
so that files which only contain symbols used by initcalls and do not
provide any symbols that would pull them from an archive still work.
Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
RM200 with R5ks have a little bit different arcname.
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Use better load address for big endian kernels to avoid clashes with
PROM / SASH.
Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Correctly initialize io_map_base for the SB1250 PCI controller as required
for proper iomap support. Based on a proposal from Daniel Jacobowitz.
Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
In the conversion done in the commits
95c4eb3ef4484ca85da5c98780d358cffd546b90
9d360ab4a7
[MIPS] Alchemy: Renumber interrupts so irq_cpu can work.
one reserved interrupt on au1500 was missed. this broke the au1000 ethernet
driver.
Signed-off-by: Bruno Randolf <br1@einfach.org>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Check that model->control_filter is set before trying to call it.
Signed-off-by: Clemens Ladisch <clemens@ladisch.de>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
This enables CONFIG_ATA_SFF in the defconfigs that are intended to
work on a G5 powermac, i.e. g5_defconfig and ppc64_defconfig. Since
the support for the SATA cell in the K2 chipset is provided by the
sata_svw.c driver, and that depends on CONFIG_ATA_SFF, we need to turn
that and CONFIG_SATA_SVW back on so we can get to the hard disk on G5s.
Signed-off-by: Paul Mackerras <paulus@samba.org>
There are no in-tree uses of the export any more and in linux-next there
is a change that exports it globally which causes warnings:
WARNING: vmlinux: 'console_drivers' exported twice. Previous export was in vmlinux
and in one case (mpc85xx_defconfig) a build error:
kernel/built-in.o: In function `__crc_console_drivers':
(*ABS*+0x1eb0e6f5): multiple definition of `__crc_console_drivers'
So remove the export now. Also, there is no longer any need to include
linux/console.h.
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Paul Mackerras <paulus@samba.org>
GCC 4.4.x looks to be adding support for generating out-of-line register
saves/restores based on:
http://gcc.gnu.org/ml/gcc-patches/2008-04/msg01678.html
This breaks the kernel if we enable CONFIG_CC_OPTIMIZE_FOR_SIZE. To fix
this we add the use the save/restore code from gcc and simplified it down
for our needs (integer only).
Additionally, we have to link this code into each module. The other
solution was to add EXPORT_SYMBOL() which meant going through the
trampoline which seemed nonsensical for these out-of-line routines.
Finally, we add some checks to prom_init_check.sh to ignore the
out-of-line save/restore functions.
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
Signed-off-by: Paul Mackerras <paulus@samba.org>
GCC 4.4.x looks to be adding support for generating out-of-line register
saves/restores based on:
http://gcc.gnu.org/ml/gcc-patches/2008-04/msg01678.html
This breaks the bootwrapper as we'd need to link with libgcc to get the
implementation of the register save/restores.
To workaround this issue, we just stole the save/restore code from gcc
and simplified it down for our needs (integer only).
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
Signed-off-by: Paul Mackerras <paulus@samba.org>
This fixes the following build error with CONFIG_BLK_DEV_IDE_PMAC=n:
<-- snip -->
...
CC drivers/macintosh/mediabay.o
/home/bunk/linux/kernel-2.6/git/linux-2.6/drivers/macintosh/mediabay.c: In function 'check_media_bay':
/home/bunk/linux/kernel-2.6/git/linux-2.6/drivers/macintosh/mediabay.c:428: error: 'struct media_bay_info' has no member named 'cd_index'
make[3]: *** [drivers/macintosh/mediabay.o] Error 1
<-- snip -->
Reported-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: Paul Mackerras <paulus@samba.org>
Fix this:
/usr/src/devel/arch/powerpc/platforms/pseries/eeh_driver.c: In function 'print_device_node_tree':
/usr/src/devel/arch/powerpc/platforms/pseries/eeh_driver.c:55: warning: ISO C90 forbids mixed declarations and code
also make that function look like it's part of Linux.
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Paul Mackerras <paulus@samba.org>
of_node_put is needed before discarding a value received from
of_find_node_by_name, eg in error handling code.
The semantic patch that makes the change is as follows:
(http://www.emn.fr/x-info/coccinelle/)
// <smpl>
@@
struct device_node *n;
struct device_node *n1;
statement S;
identifier f;
expression E;
constant C;
@@
n = of_find_node_by_name(...)
...
if (!n) S
... when != of_node_put(n)
when != n1 = f(n,...)
when != E = n
when any
when strict
(
+ of_node_put(n);
return -C;
|
of_node_put(n);
|
n1 = f(n,...)
|
E = n
|
return ...;
)
// </smpl>
Signed-off-by: Julia Lawall <julia@diku.dk>
Acked-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Paul Mackerras <paulus@samba.org>
of_node_put is needed before discarding a value received from
of_find_node_by_type, eg in error handling code.
The semantic patch that makes the change is as follows:
(http://www.emn.fr/x-info/coccinelle/)
// <smpl>
@@
struct device_node *n;
struct device_node *n1;
struct device_node *n2;
statement S;
identifier f1,f2;
expression E1,E2;
constant C;
@@
n = of_find_node_by_type(...)
...
if (!n) S
... when != of_node_put(n)
when != n1 = f1(n,...)
when != E1 = n
when any
when strict
(
+ of_node_put(n);
return -C;
|
of_node_put(n);
|
n2 = f2(n,...)
|
E2 = n
|
return ...;
)
// </smpl>
Signed-off-by: Julia Lawall <julia@diku.dk>
Acked-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Paul Mackerras <paulus@samba.org>
of_node_put is needed before discarding a value received from
of_find_node_by_type, eg in error handling code.
The semantic patch that makes the change is as follows:
(http://www.emn.fr/x-info/coccinelle/)
// <smpl>
@@
struct device_node *n;
struct device_node *n1;
struct device_node *n2;
statement S;
identifier f1,f2;
expression E1,E2;
constant C;
@@
n = of_find_node_by_type(...)
...
if (!n) S
... when != of_node_put(n)
when != n1 = f1(n,...)
when != E1 = n
when any
when strict
(
+ of_node_put(n);
return -C;
|
of_node_put(n);
|
n2 = f2(n,...)
|
E2 = n
|
return ...;
)
// </smpl>
Signed-off-by: Julia Lawall <julia@diku.dk>
Acked-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Paul Mackerras <paulus@samba.org>
debugfs_create_file() returns a non-NULL (non-zero) value in case of
success, not a NULL value.
This fixes this non-critical boot-time debugging error message:
[ 1.316386] calling irq_debugfs_init+0x0/0x50
[ 1.316399] initcall irq_debugfs_init+0x0/0x50 returned -12 after 0 msecs
[ 1.316411] initcall irq_debugfs_init+0x0/0x50 returned with error code -12
Signed-off-by: Emil Medve <Emilian.Medve@Freescale.com>
Acked-by: Michael Ellerman <michael@ellerman.id.au>
Signed-off-by: Paul Mackerras <paulus@samba.org>
lwsync is explicitly defined not to have any effect on the ordering of
accesses to device memory, so it cannot be used for rmb(). sync appears
to be the only barrier which fits the bill.
Signed-off-by: Nick Piggin <npiggin@suse.de>
Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Paul Mackerras <paulus@samba.org>
There is a delay in the transition to the stopped state for class 2
interrupts. In some cases, the controlling thread detects the state of
the spu as running, and goes back to sleep resulting in a hung
application as the event is missed.
This change detects the stop condition and re-generates the wakeup event
after a context save.
Signed-off-by: Luke Browning <lukebrowning@us.ibm.com>
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Time slicing can occur at the same time as spu exception handling
resulting in the wakeup of the wrong thread.
This change uses the the spu's register_lock to enforce synchronization
between bind/unbind and spu exception handling so that they are
mutually exclusive.
Signed-off-by: Luke Browning <lukebrowning@us.ibm.com>
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>