Commit Graph

495850 Commits

Author SHA1 Message Date
David Howells
fb32c76d16 VFS: Convert file->f_dentry->d_inode to file_inode()
Convert file->f_dentry->d_inode to file_inode() so as to get layered
filesystems right.

Found with: git grep '[.>]f_dentry'

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2015-01-20 03:04:36 -05:00
Ewan D. Milne
91724c2061 scsi: Avoid crashing if device uses DIX but adapter does not support it
This can happen if a multipathed device uses DIX and another path is
added via an adapter that does not support it.  Multipath should not
allow this path to be added, but we should not depend upon that to avoid
crashing.

Signed-off-by: Ewan D. Milne <emilne@redhat.com>
Reviewed-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
2015-01-20 09:04:21 +01:00
Sasha Levin
99531e6063 scsi_debug: use atomic allocation in resp_rsup_opcodes
resp_rsup_opcodes() may get called from atomic context and would need to
use GFP_ATOMIC for allocations:

[ 1237.913419] BUG: sleeping function called from invalid context at mm/slub.c:1262
[ 1237.914865] in_atomic(): 1, irqs_disabled(): 0, pid: 7556, name: trinity-c311
[ 1237.916142] 3 locks held by trinity-c311/7556:
[ 1237.916981] #0: (sb_writers#5){.+.+.+}, at: do_readv_writev (include/linux/fs.h:2346 fs/read_write.c:844)
[ 1237.919713] #1: (&of->mutex){+.+.+.}, at: kernfs_fop_write (fs/kernfs/file.c:297)
[ 1237.922626] Mutex: counter: -1 owner: trinity-c311
[ 1237.924044] #2: (s_active#51){.+.+.+}, at: kernfs_fop_write (fs/kernfs/file.c:297)
[ 1237.925960] Preemption disabled blk_execute_rq_nowait (block/blk-exec.c:95)
[ 1237.927416]
[ 1237.927680] CPU: 24 PID: 7556 Comm: trinity-c311 Not tainted 3.19.0-rc4-next-20150116-sasha-00054-g4ad498c-dirty #1744
[ 1237.929603]  ffff8804fc9d8000 ffff8804d9bc3548 ffffffff9d439fb2 0000000000000000
[ 1237.931097]  0000000000000000 ffff8804d9bc3588 ffffffff9a18389a ffff8804d9bc3598
[ 1237.932466]  ffffffff9a1b1715 ffffffffa15935d8 ffffffff9e6f8cb1 00000000000004ee
[ 1237.933984] Call Trace:
[ 1237.934434] dump_stack (lib/dump_stack.c:52)
[ 1237.935323] ___might_sleep (kernel/sched/core.c:7339)
[ 1237.936259] ? mark_held_locks (kernel/locking/lockdep.c:2549)
[ 1237.937293] __might_sleep (kernel/sched/core.c:7305)
[ 1237.938272] __kmalloc (mm/slub.c:1262 mm/slub.c:2419 mm/slub.c:2491 mm/slub.c:3291)
[ 1237.939137] ? resp_rsup_opcodes (include/linux/slab.h:435 drivers/scsi/scsi_debug.c:1689)
[ 1237.940173] resp_rsup_opcodes (include/linux/slab.h:435 drivers/scsi/scsi_debug.c:1689)
[ 1237.941211] ? add_host_store (drivers/scsi/scsi_debug.c:1584)
[ 1237.942261] scsi_debug_queuecommand (drivers/scsi/scsi_debug.c:5276)
[ 1237.943404] ? blk_rq_map_sg (block/blk-merge.c:254)
[ 1237.944398] ? scsi_init_sgtable (drivers/scsi/scsi_lib.c:1095)
[ 1237.945402] sdebug_queuecommand_lock_or_not (drivers/scsi/scsi_debug.c:5300)
[ 1237.946735] scsi_dispatch_cmd (drivers/scsi/scsi_lib.c:1706)
[ 1237.947720] scsi_queue_rq (drivers/scsi/scsi_lib.c:1996)
[ 1237.948687] __blk_mq_run_hw_queue (block/blk-mq.c:816)
[ 1237.949796] blk_mq_run_hw_queue (block/blk-mq.c:896)
[ 1237.950903] ? _raw_spin_unlock (./arch/x86/include/asm/preempt.h:95 include/linux/spinlock_api_smp.h:154 kernel/locking/spinlock.c:183)
[ 1237.951862] blk_mq_insert_request (block/blk-mq.c:1037)
[ 1237.952876] blk_execute_rq_nowait (block/blk-exec.c:95)
[ 1237.953981] ? lockdep_init_map (kernel/locking/lockdep.c:3034)
[ 1237.954967] blk_execute_rq (block/blk-exec.c:131)
[ 1237.955929] ? blk_rq_bio_prep (block/blk-core.c:2835)
[ 1237.956913] scsi_execute (drivers/scsi/scsi_lib.c:252)
[ 1237.957821] scsi_execute_req_flags (drivers/scsi/scsi_lib.c:281)
[ 1237.958968] scsi_report_opcode (drivers/scsi/scsi.c:956)
[ 1237.960009] sd_revalidate_disk (drivers/scsi/sd.c:2707 drivers/scsi/sd.c:2792)
[ 1237.961139] revalidate_disk (fs/block_dev.c:1081)
[ 1237.962223] sd_rescan (drivers/scsi/sd.c:1532)
[ 1237.963142] scsi_rescan_device (drivers/scsi/scsi_scan.c:1579)
[ 1237.964165] store_rescan_field (drivers/scsi/scsi_sysfs.c:672)
[ 1237.965254] dev_attr_store (drivers/base/core.c:138)
[ 1237.966319] sysfs_kf_write (fs/sysfs/file.c:131)
[ 1237.967289] kernfs_fop_write (fs/kernfs/file.c:311)
[ 1237.968274] do_readv_writev (fs/read_write.c:722 fs/read_write.c:854)
[ 1237.969295] ? __acct_update_integrals (kernel/tsacct.c:145)
[ 1237.970452] ? kernfs_fop_open (fs/kernfs/file.c:271)
[ 1237.971505] ? _raw_spin_unlock (./arch/x86/include/asm/preempt.h:95 include/linux/spinlock_api_smp.h:154 kernel/locking/spinlock.c:183)
[ 1237.972512] ? context_tracking_user_exit (include/linux/vtime.h:89 include/linux/jump_label.h:114 include/trace/events/context_tracking.h:47 kernel/context_tracking.c:140)
[ 1237.973668] ? trace_hardirqs_on_caller (kernel/locking/lockdep.c:2578 kernel/locking/lockdep.c:2625)
[ 1237.974882] ? trace_hardirqs_on (kernel/locking/lockdep.c:2633)
[ 1237.975850] vfs_writev (fs/read_write.c:893)
[ 1237.976691] SyS_writev (fs/read_write.c:926 fs/read_write.c:917)
[ 1237.977538] system_call_fastpath (arch/x86/kernel/entry_64.S:423)

Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Acked-by: Douglas Gilbert <dgilbert@interlog.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
2015-01-20 09:04:21 +01:00
Fabio Estevam
7ecd0bde5b ARM: dts: imx25: Fix PWM "per" clocks
Currently PWM functionality is broken on mx25 due to the wrong assignment of the
PWM "per" clock.

According to Documentation/devicetree/bindings/clock/imx25-clock.txt:
	pwm_ipg_per		52

,so update the pwm "per" to use 'pwm_ipg_per' instead of 'per10' clock.

With this change PWM can work fine on mx25.

Cc: <stable@vger.kernel.org>
Reported-by: Carlos Soto <csotoalonso@gmail.com>
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Signed-off-by: Shawn Guo <shawn.guo@linaro.org>
2015-01-20 15:37:10 +08:00
Takashi Iwai
4d79fb1ed2 ALSA: line6: Drop line6_send_program() and line6_transmit_parameter()
Both functions are used nowhere.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:19:12 +01:00
Takashi Iwai
7372319028 ALSA: line6: Make line6_send_raw_message() static
It's used only locally.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:19:05 +01:00
Takashi Iwai
5a4753112a ALSA: line6: Sync PCM stop at disconnect
Call line6_pcm_disconnect() at disconnect to make sure that all URBs
are cleared.  Also reduce the superfluous snd_pcm_stop() calls from
the function (and remove the unused function) since the streams are
guaranteed to be stopped at this point via snd_card_disconnect().

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:18:44 +01:00
Takashi Iwai
31ca192139 ALSA: line6: Remove superfluous disconnect call in suspend handler
Calling line6_pcm_disconnect() at suspend callback is superfluous and
rather confusing.  Let's get rid of it.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:18:33 +01:00
Takashi Iwai
b2a3b02392 ALSA: line6: Remove CHECK_RETURN macro
Such a macro doesn't improve readability.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:18:27 +01:00
Takashi Iwai
10e3a023c9 ALSA: line6: Drop MISSING_CASE macro
Such a debug is needed in the core code, not in each lowlevel driver.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:18:20 +01:00
Takashi Iwai
2cd53fa9d3 ALSA: line6: Remove driver version string
This is rather useless for a driver that has been already merged into
the official tree.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:18:10 +01:00
Takashi Iwai
85a9339bec ALSA: line6: Reorganize card resource handling
This is a fairly big rewrite regarding the card resource management in
line6 drivers:

- The card creation is moved into line6_probe().  This adds the global
  destructor to private_free, so that each driver doesn't have to call
  it any longer.

- The USB disconnect callback handles the card release, thus each
  driver needs to concentrate on only its own resources.  No need to
  snd_card_*() call in the destructor.

- Fix the potential stall in disconnection by removing
  snd_card_free().   It's replaced with snd_card_free_when_closed()
  for asynchronous release.

- The only remaining operation for the card in each driver is the call
  of snd_card_register().  All the rest are dealt in the common module
  by itself.

- These ended up with removal of audio.[ch] as a result of a reduction
  of one layer.  Each driver just needs to call line6_probe().

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:17:16 +01:00
Takashi Iwai
84ac9bb12e ALSA: line6: Drop superfluous irqsave/irqrestore in PCM trigger callback
The PCM trigger callback is guaranteed to be called already in
spinlock / irq-disabled context.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:16:18 +01:00
Takashi Iwai
7d70c81cca ALSA: line6: Don't handle PCM trigger for other cards
Otherwise it oopses.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:16:10 +01:00
Takashi Iwai
a019f5e8c5 ALSA: line6: Remove superfluous out-of-memory error messages
Kernel already shows the error in the common path.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:16:01 +01:00
Takashi Iwai
45a82f1891 ALSA: line6: Drop usb_device sysfs symlink
It's non-standard and rather superfluous.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:15:53 +01:00
Takashi Iwai
988d350aef ALSA: line6: Drop invalid SNDRV_PCM_INFO_RESUME flag
The line6 drivers don't support the full resume although they set
SNDRV_PCM_INFO_RESUME.  These flags have to be dropped to inform
properly to the user-space.

Also, drop the CONFIG_PM in trigger callbacks, too, which are rather
superfluous.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:15:38 +01:00
Takashi Iwai
aaa68d2f29 ALSA: line6: Drop superfluous snd_device for rawmidi
Like the previous fix for PCM, attach the card-specific resource into
rawmidi->private_data instead of handling in a snd_device object.
This simplifies the code and structure.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:15:02 +01:00
Takashi Iwai
b45a7c5654 ALSA: line6: Drop superfluous snd_device for PCM
Instead of handling the card-specific resource in snd_device, attach
it into pcm->private_data and release it directly in private_free.
This simplifies the code and structure.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:14:55 +01:00
Takashi Iwai
075587b723 ALSA: line6: Handle impulse response via control API
Instead of sysfs and the conditional build with Kconfig, implement the
handling of the impulse response controls via control API, and always
enable the build.  Two new controls, "Impulse Response Volume" and
"Impulse Response Period" are added as a replacement for the former
sysfs files.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:14:36 +01:00
Takashi Iwai
ccddbe4a99 ALSA: line6: Split to each driver
Split to each individual driver for POD, PODHD, TonePort and Variax
with a core LINE6 helper module.  The new modules follow the standard
ALSA naming rule with snd prefix: snd-usb-pod, snd-usb-podhd,
snd-usb-toneport and snd-usb-variax, together with the corresponding
CONFIG_SND_USB_* Kconfig items.

Tested-by: Chris Rorvick <chris@rorvick.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-20 08:14:17 +01:00
Linus Torvalds
eef8f4c2ac Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller:

 1) Socket addresses returned in the error queue need to be fully
    initialized before being passed on to userspace, fix from Willem de
    Bruijn.

 2) Interrupt handling fixes to davinci_emac driver from Tony Lindgren.

 3) Fix races between receive packet steering and cpu hotplug, from Eric
    Dumazet.

 4) Allowing netlink sockets to subscribe to unknown multicast groups
    leads to crashes, don't allow it.  From Johannes Berg.

 5) One to many socket races in SCTP fixed by Daniel Borkmann.

 6) Put in a guard against the mis-use of ipv6 atomic fragments, from
    Hagen Paul Pfeifer.

 7) Fix promisc mode and ethtool crashes in sh_eth driver, from Ben
    Hutchings.

 8) NULL deref and double kfree fix in sxgbe driver from Girish K.S and
    Byungho An.

 9) cfg80211 deadlock fix from Arik Nemtsov.

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (36 commits)
  s2io: use snprintf() as a safety feature
  r8152: remove sram_read
  r8152: remove generic_ocp_read before writing
  bgmac: activate irqs only if there is nothing to poll
  bgmac: register napi before the device
  sh_eth: Fix ethtool operation crash when net device is down
  sh_eth: Fix promiscuous mode on chips without TSU
  ipv6: stop sending PTB packets for MTU < 1280
  net: sctp: fix race for one-to-many sockets in sendmsg's auto associate
  genetlink: synchronize socket closing and family removal
  genetlink: disallow subscribing to unknown mcast groups
  genetlink: document parallel_ops
  net: rps: fix cpu unplug
  net: davinci_emac: Add support for emac on dm816x
  net: davinci_emac: Fix ioremap for devices with MDIO within the EMAC address space
  net: davinci_emac: Fix incomplete code for getting the phy from device tree
  net: davinci_emac: Free clock after checking the frequency
  net: davinci_emac: Fix runtime pm calls for davinci_emac
  net: davinci_emac: Fix hangs with interrupts
  ip: zero sockaddr returned on error queue
  ...
2015-01-20 18:19:31 +12:00
Linus Torvalds
2262889091 Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fix from Herbert Xu:
 "This fixes a regression that arose from the change to add a crypto
  prefix to module names which was done to prevent the loading of
  arbitrary modules through the Crypto API.

  In particular, a number of modules were missing the crypto prefix
  which meant that they could no longer be autoloaded"

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: add missing crypto module aliases
2015-01-20 18:17:34 +12:00
Rusty Russell
c749637909 module: fix race in kallsyms resolution during module load success.
The kallsyms routines (module_symbol_name, lookup_module_* etc) disable
preemption to walk the modules rather than taking the module_mutex:
this is because they are used for symbol resolution during oopses.

This works because there are synchronize_sched() and synchronize_rcu()
in the unload and failure paths.  However, there's one case which doesn't
have that: the normal case where module loading succeeds, and we free
the init section.

We don't want a synchronize_rcu() there, because it would slow down
module loading: this bug was introduced in 2009 to speed module
loading in the first place.

Thus, we want to do the free in an RCU callback.  We do this in the
simplest possible way by allocating a new rcu_head: if we put it in
the module structure we'd have to worry about that getting freed.

Reported-by: Rui Xiang <rui.xiang@huawei.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-01-20 11:38:34 +10:30
Rusty Russell
be1f221c04 module: remove mod arg from module_free, rename module_memfree().
Nothing needs the module pointer any more, and the next patch will
call it from RCU, where the module itself might no longer exist.
Removing the arg is the safest approach.

This just codifies the use of the module_alloc/module_free pattern
which ftrace and bpf use.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Cc: Mikael Starvik <starvik@axis.com>
Cc: Jesper Nilsson <jesper.nilsson@axis.com>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Ley Foon Tan <lftan@altera.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Chris Metcalf <cmetcalf@ezchip.com>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: x86@kernel.org
Cc: Ananth N Mavinakayanahalli <ananth@in.ibm.com>
Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Cc: linux-cris-kernel@axis.com
Cc: linux-kernel@vger.kernel.org
Cc: linux-mips@linux-mips.org
Cc: nios2-dev@lists.rocketboards.org
Cc: linuxppc-dev@lists.ozlabs.org
Cc: sparclinux@vger.kernel.org
Cc: netdev@vger.kernel.org
2015-01-20 11:38:33 +10:30
Rusty Russell
d453cded05 module_arch_freeing_init(): new hook for archs before module->module_init freed.
Archs have been abusing module_free() to clean up their arch-specific
allocations.  Since module_free() is also (ab)used by BPF and trace code,
let's keep it to simple allocations, and provide a hook called before
that.

This means that avr32, ia64, parisc and s390 no longer need to implement
their own module_free() at all.  avr32 doesn't need module_finalize()
either.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Cc: Chris Metcalf <cmetcalf@ezchip.com>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>
Cc: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: "James E.J. Bottomley" <jejb@parisc-linux.org>
Cc: Helge Deller <deller@gmx.de>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: linux-kernel@vger.kernel.org
Cc: linux-ia64@vger.kernel.org
Cc: linux-parisc@vger.kernel.org
Cc: linux-s390@vger.kernel.org
2015-01-20 11:38:32 +10:30
Rusty Russell
c772be5231 param: fix uninitialized read with CONFIG_DEBUG_LOCK_ALLOC
ignore_lockdep is uninitialized, and sysfs_attr_init() doesn't initialize
it, so memset to 0.

Reported-by: Huang Ying <ying.huang@intel.com>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2015-01-20 11:38:31 +10:30
Dan Carpenter
a8c1d28ac3 s2io: use snprintf() as a safety feature
"sp->desc[i]" has 25 characters.  "dev->name" has 15 characters.  If we
used all 15 characters then the sprintf() would overflow.

I changed the "sprintf(sp->name, "%s Neterion %s"" to snprintf(), as
well, even though it can't overflow just to be consistent.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-19 19:42:21 -05:00
Olof Johansson
07bf328350 A rather urgent pull request to fix omap4 legacy interrupts.
The legacy interrupts on omap4 got broken when gic got changed to
 use irq_domain_add_linear() instead of the irq_domain_add_legacy(). We
 still have the hardcoded legacy IRQ numbers in use in several places,
 most notably the in the legacy DMA. It took a while to figure out
 what the problem was and how it should be fixed for the -rc series.
 
 Also include is a regression fix for the dra7 dwc3 suspend.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJUvY51AAoJEBvUPslcq6VzWEoP/1eH0XFWFUFz0A7f7bq2DRgM
 O7KHNwBhVDWBMfpwzycfu2wlfWCe++T5R/DjtzIPzZG28rHmq/0A8q9ZSFmIsLLv
 6Fbl0NbYZcQbgb7SfoCXvoTcUkv4rUTRbFblMNUHES1lm/JbDkKIxGU0iQDoL1oE
 6wo1mcF/+0VdrCtTaVtrQcO2+hnvQCDS4Qxcwgdz3FHPhkMGWqkuLqzNh4WrVp+r
 Ma3UOeyM/gHWfG1SV6C4Y5H7ADp+Vmo7Wvhl/KMrr5L4SFCJ0AryWP1LZpcuwbeD
 IN+fcVBG7tIKaN4BtPedUAuigAhOgAtRo0JcdWc00V+sfgyWGiYtK/5ZFuMx1Fc8
 yzLgFInlEf67DrSgMGAZbLBDWNmVVblPbcPH1PmYIoD7YWocFikAY1c3kw8KXAqR
 sZf5uXDRrBSYF5F1AvMX1ktWiKMWFoQ032BoifWZ6b/PF4LY/GEA/IJj8zxHBmDW
 +1PD3LxtuawUce7g0gD2/pvIRvSbZ7I5wOPMX8bug1Pgnla3p7lGZQ0dlYBQxn80
 SD7liN5T+GzxXhtjv1ly5le3uz8a0M5BKXsuWLzCsPBO7DERVKcjv0a3/TIVQONB
 EUT2sNGPwTfqvpj1GDvMtAMWat444V094zf/HgXANDe5+q+HUBMqoZCK4LDsFq8n
 dxVJ4XpWVo24mn70gIv3
 =lpO3
 -----END PGP SIGNATURE-----

Merge tag 'omap-for-v3.19/gic-regression-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into fixes

Merge "Urgent omap4 legacy interrupt regression fix for v3.19-rc series" from
Tony Lindgren:

A rather urgent pull request to fix omap4 legacy interrupts.

The legacy interrupts on omap4 got broken when gic got changed to
use irq_domain_add_linear() instead of the irq_domain_add_legacy(). We
still have the hardcoded legacy IRQ numbers in use in several places,
most notably the in the legacy DMA. It took a while to figure out
what the problem was and how it should be fixed for the -rc series.

Also include is a regression fix for the dra7 dwc3 suspend.

* tag 'omap-for-v3.19/gic-regression-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
  ARM: OMAP: Work around hardcoded interrupts
  arm: boot: dts: dra7: enable dwc3 suspend PHY quirk

Signed-off-by: Olof Johansson <olof@lixom.net>
2015-01-19 16:23:01 -08:00
Andrew Lunn
38bdf45f4a bus: mvebu-mbus: fix support of MBus window 13
On Armada XP, 375 and 38x the MBus window 13 has the remap capability,
like windows 0 to 7. However, the mvebu-mbus driver isn't currently
taking into account this special case, which means that when window 13
is actually used, the remap registers are left to 0, making the device
using this MBus window unavailable.

As a minimal fix for stable, don't use window 13. A full fix will
follow later.

Fixes: fddddb52a6 ("bus: introduce an Marvell EBU MBus driver")
Cc: <stable@vger.kernel.org> # v3.10+
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Andrew Lunn <andrew@lunn.ch>
2015-01-19 15:40:53 -06:00
David S. Miller
ef5a1ba145 Merge branch 'r8152'
Hayes Wang says:

====================
r8152: couldn't read OCP_SRAM_DATA

Read OCP_SRAM_DATA would read additional bytes and may let
the hw abnormal.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-19 16:16:36 -05:00
hayeswang
b4d99def09 r8152: remove sram_read
Read OCP register 0xa43a~0xa43b would clear some flags which the hw
would use, and it may let the device lost. However, the unit of
reading is 4 bytes. That is, it would read 0xa438~0xa43b when calling
sram_read() to read OCP_SRAM_DATA.

Signed-off-by: Hayes Wang <hayeswang@realtek.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-19 16:16:32 -05:00
hayeswang
8cb3db24c8 r8152: remove generic_ocp_read before writing
For ocp_write_word() and ocp_write_byte(), there is a generic_ocp_read()
which is used to read the whole 4 byte data, keep the unchanged bytes,
and modify the expected bytes. However, the "byen" could be used to
determine which bytes of the 4 bytes to write, so the action could be
removed.

Signed-off-by: Hayes Wang <hayeswang@realtek.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-19 16:16:32 -05:00
Satoru Takeuchi
6e1103a6e9 btrfs: fix state->private cast on 32 bit machines
Suppress the following warning displayed on building 32bit (i686) kernel.

===============================================================================
...
   CC [M]  fs/btrfs/extent_io.o
fs/btrfs/extent_io.c: In function ‘btrfs_free_io_failure_record’:
fs/btrfs/extent_io.c:2193:13: warning: cast to pointer from integer of
different size [-Wint-to-pointer-cast]
    failrec = (struct io_failure_record *)state->private;
...
===============================================================================

Signed-off-by: Satoru Takeuchi <takeuchi_satoru@jp.fujitsu.com>
Reported-by: Chris Murphy <chris@colorremedies.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-01-19 13:06:06 -08:00
Filipe Manana
75c68e9fbb Btrfs: fix race deleting block group from space_info->ro_bgs list
When removing a block group we were deleting it from its space_info's
ro_bgs list without the correct protection - the space info's spinlock.
Fix this by doing the list delete while holding the spinlock of the
corresponding space info, which is the correct lock for any operation
on that list.

This issue was introduced in the 3.19 kernel by the following change:

    Btrfs: move read only block groups onto their own list V2
    commit 633c0aad4c

I ran into a kernel crash while a task was running statfs, which iterates
the space_info->ro_bgs list while holding the space info's spinlock,
and another task was deleting it from the same list, without holding that
spinlock, as part of the block group remove operation (while running the
function btrfs_remove_block_group). This happened often when running the
stress test xfstests/generic/038 I recently made.

Signed-off-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-01-19 13:05:45 -08:00
Tsutomu Itoh
379d6854a2 Btrfs: fix incorrect freeing in scrub_stripe
The address that should be freed is not 'ppath' but 'path'.

Signed-off-by: Tsutomu Itoh <t-itoh@jp.fujitsu.com>
Reviewed-by: Miao Xie <miaoxie@huawei.com>
Signed-off-by: Chris Mason <clm@fb.com>
2015-01-19 13:05:44 -08:00
David Sterba
98bd5c547e btrfs: sync ioctl, handle errors after transaction start
The version merged to 3.19 did not handle errors from start_trancaction
and could pass an invalid pointer to commit_transaction.

Fixes: 6b5fe46dfa ("btrfs: do commit in sync_fs if there are pending changes")
Reported-by: Filipe Manana <fdmanana@suse.com>
Signed-off-by: David Sterba <dsterba@suse.cz>
Signed-off-by: Chris Mason <clm@fb.com>
2015-01-19 13:05:44 -08:00
David S. Miller
e60bf80615 Merge branch 'bgmac'
Hauke Mehrtens says:

====================
bgmac: some fixes to napi usage

I compared the napi documentation with the bgmac driver and found some
problems in that driver. These two patches should fix the problems.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-19 16:00:02 -05:00
Hauke Mehrtens
43f159c60a bgmac: activate irqs only if there is nothing to poll
IRQs should only get activated when there is nothing to poll in the
queue any more and to after every poll.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-19 15:59:57 -05:00
Hauke Mehrtens
6216642f20 bgmac: register napi before the device
napi should get registered before the netdev and not after.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-19 15:59:57 -05:00
David S. Miller
852c5d9c98 Merge branch 'sh_eth'
Ben Hutchings says:

====================
sh_eth fixes

I'm currently looking at Ethernet support on the R-Car H2 chip,
reviewing and testing the sh_eth driver.  Here are fixes for two fairly
obvious bugs in the driver; I will probably have some more later.

These are not tested on any of the other supported chips.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-19 15:37:44 -05:00
Ben Hutchings
4f9dce230b sh_eth: Fix ethtool operation crash when net device is down
The driver connects and disconnects the PHY device whenever the
net device is brought up and down.  The ethtool get_settings,
set_settings and nway_reset operations will dereference a null
or dangling pointer if called while it is down.

I think it would be preferable to keep the PHY connected, but there
may be good reasons not to.

As an immediate fix for this bug:
- Set the phydev pointer to NULL after disconnecting the PHY
- Change those three operations to return -ENODEV while the PHY is
  not connected

Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-19 15:37:40 -05:00
Ben Hutchings
b37feed7c2 sh_eth: Fix promiscuous mode on chips without TSU
Currently net_device_ops::set_rx_mode is only implemented for
chips with a TSU (multiple address table).  However we do need
to turn the PRM (promiscuous) flag on and off for other chips.

- Remove the unlikely() from the TSU functions that we may safely
  call for chips without a TSU
- Make setting of the MCT flag conditional on the tsu capability flag
- Rename sh_eth_set_multicast_list() to sh_eth_set_rx_mode() and plumb
  it into both net_device_ops structures
- Remove the previously-unreachable branch in sh_eth_rx_mode() that
  would otherwise reset the flags to defaults for non-TSU chips

Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-19 15:37:40 -05:00
Hagen Paul Pfeifer
9d289715eb ipv6: stop sending PTB packets for MTU < 1280
Reduce the attack vector and stop generating IPv6 Fragment Header for
paths with an MTU smaller than the minimum required IPv6 MTU
size (1280 byte) - called atomic fragments.

See IETF I-D "Deprecating the Generation of IPv6 Atomic Fragments" [1]
for more information and how this "feature" can be misused.

[1] https://tools.ietf.org/html/draft-ietf-6man-deprecate-atomfrag-generation-00

Signed-off-by: Fernando Gont <fgont@si6networks.com>
Signed-off-by: Hagen Paul Pfeifer <hagen@jauu.net>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-01-19 14:52:07 -05:00
David Jeffery
ce75145267 libata: prevent HSM state change race between ISR and PIO
It is possible for ata_sff_flush_pio_task() to set ap->hsm_task_state to
HSM_ST_IDLE in between the time __ata_sff_port_intr() checks for HSM_ST_IDLE
and before it calls ata_sff_hsm_move() causing ata_sff_hsm_move() to BUG().

This problem is hard to reproduce making this patch hard to verify, but this
fix will prevent the race.

I have not been able to reproduce the problem, but here is a crash dump from
a 2.6.32 kernel.

On examining the ata port's state, its hsm_task_state field has a value of HSM_ST_IDLE:

crash> struct ata_port.hsm_task_state ffff881c1121c000
  hsm_task_state = 0

Normally, this should not be possible as ata_sff_hsm_move() was called from ata_sff_host_intr(),
which checks hsm_task_state and won't call ata_sff_hsm_move() if it has a HSM_ST_IDLE value.

PID: 11053  TASK: ffff8816e846cae0  CPU: 0   COMMAND: "sshd"
 #0 [ffff88008ba03960] machine_kexec at ffffffff81038f3b
 #1 [ffff88008ba039c0] crash_kexec at ffffffff810c5d92
 #2 [ffff88008ba03a90] oops_end at ffffffff8152b510
 #3 [ffff88008ba03ac0] die at ffffffff81010e0b
 #4 [ffff88008ba03af0] do_trap at ffffffff8152ad74
 #5 [ffff88008ba03b50] do_invalid_op at ffffffff8100cf95
 #6 [ffff88008ba03bf0] invalid_op at ffffffff8100bf9b
    [exception RIP: ata_sff_hsm_move+317]
    RIP: ffffffff813a77ad  RSP: ffff88008ba03ca0  RFLAGS: 00010097
    RAX: 0000000000000000  RBX: ffff881c1121dc60  RCX: 0000000000000000
    RDX: ffff881c1121dd10  RSI: ffff881c1121dc60  RDI: ffff881c1121c000
    RBP: ffff88008ba03d00   R8: 0000000000000000   R9: 000000000000002e
    R10: 000000000001003f  R11: 000000000000009b  R12: ffff881c1121c000
    R13: 0000000000000000  R14: 0000000000000050  R15: ffff881c1121dd78
    ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018
 #7 [ffff88008ba03d08] ata_sff_host_intr at ffffffff813a7fbd
 #8 [ffff88008ba03d38] ata_sff_interrupt at ffffffff813a821e
 #9 [ffff88008ba03d78] handle_IRQ_event at ffffffff810e6ec0
--- <IRQ stack> ---
    [exception RIP: pipe_poll+48]
    RIP: ffffffff81192780  RSP: ffff880f26d459b8  RFLAGS: 00000246
    RAX: 0000000000000000  RBX: ffff880f26d459c8  RCX: 0000000000000000
    RDX: 0000000000000001  RSI: 0000000000000000  RDI: ffff881a0539fa80
    RBP: ffffffff8100bb8e   R8: ffff8803b23324a0   R9: 0000000000000000
    R10: ffff880f26d45dd0  R11: 0000000000000008  R12: ffffffff8109b646
    R13: ffff880f26d45948  R14: 0000000000000246  R15: 0000000000000246
    ORIG_RAX: ffffffffffffff10  CS: 0010  SS: 0018
    RIP: 00007f26017435c3  RSP: 00007fffe020c420  RFLAGS: 00000206
    RAX: 0000000000000017  RBX: ffffffff8100b072  RCX: 00007fffe020c45c
    RDX: 00007f2604a3f120  RSI: 00007f2604a3f140  RDI: 000000000000000d
    RBP: 0000000000000000   R8: 00007fffe020e570   R9: 0101010101010101
    R10: 0000000000000000  R11: 0000000000000246  R12: 00007fffe020e5f0
    R13: 00007fffe020e5f4  R14: 00007f26045f373c  R15: 00007fffe020e5e0
    ORIG_RAX: 0000000000000017  CS: 0033  SS: 002b

Somewhere between the ata_sff_hsm_move() check and the ata_sff_host_intr() check, the value changed.
On examining the other cpus to see what else was running, another cpu was running the error handler
routines:

PID: 326    TASK: ffff881c11014aa0  CPU: 1   COMMAND: "scsi_eh_1"
 #0 [ffff88008ba27e90] crash_nmi_callback at ffffffff8102fee6
 #1 [ffff88008ba27ea0] notifier_call_chain at ffffffff8152d515
 #2 [ffff88008ba27ee0] atomic_notifier_call_chain at ffffffff8152d57a
 #3 [ffff88008ba27ef0] notify_die at ffffffff810a154e
 #4 [ffff88008ba27f20] do_nmi at ffffffff8152b1db
 #5 [ffff88008ba27f50] nmi at ffffffff8152aaa0
    [exception RIP: _spin_lock_irqsave+47]
    RIP: ffffffff8152a1ff  RSP: ffff881c11a73aa0  RFLAGS: 00000006
    RAX: 0000000000000001  RBX: ffff881c1121deb8  RCX: 0000000000000000
    RDX: 0000000000000246  RSI: 0000000000000020  RDI: ffff881c122612d8
    RBP: ffff881c11a73aa0   R8: ffff881c17083800   R9: 0000000000000000
    R10: 0000000000000000  R11: 0000000000000000  R12: ffff881c1121c000
    R13: 000000000000001f  R14: ffff881c1121dd50  R15: ffff881c1121dc60
    ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0000
--- <NMI exception stack> ---
 #6 [ffff881c11a73aa0] _spin_lock_irqsave at ffffffff8152a1ff
 #7 [ffff881c11a73aa8] ata_exec_internal_sg at ffffffff81396fb5
 #8 [ffff881c11a73b58] ata_exec_internal at ffffffff81397109
 #9 [ffff881c11a73bd8] atapi_eh_request_sense at ffffffff813a34eb

Before it tried to acquire a spinlock, ata_exec_internal_sg() called ata_sff_flush_pio_task().
This function will set ap->hsm_task_state to HSM_ST_IDLE, and has no locking around setting this
value. ata_sff_flush_pio_task() can then race with the interrupt handler and potentially set
HSM_ST_IDLE at a fatal moment, which will trigger a kernel BUG.

v2: Fixup comment in ata_sff_flush_pio_task()

tj: Further updated comment.  Use ap->lock instead of shost lock and
    use the [un]lock_irq variant instead of the irqsave/restore one.

Signed-off-by: David Milburn <dmilburn@redhat.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: stable@vger.kernel.org
2015-01-19 14:11:23 -05:00
Michael Karcher
1caf6aaaa4 scripts/recordmcount.pl: There is no -m32 gcc option on Super-H anymore
Compiling SH with gcc-4.8 fails due to the -m32 option not being
supported.

From http://buildd.debian-ports.org/status/fetch.php?pkg=linux&arch=sh4&ver=3.16.7-ckt4-1&stamp=1421425783

      CC      init/main.o
    gcc-4.8: error: unrecognized command line option '-m32'
    ld: cannot find init/.tmp_mc_main.o: No such file or directory
    objcopy: 'init/.tmp_mx_main.o': No such file
    rm: cannot remove 'init/.tmp_mx_main.o': No such file or directory
    rm: cannot remove 'init/.tmp_mc_main.o': No such file or directory

Link: http://lkml.kernel.org/r/1421537778-29001-1-git-send-email-kernel@mkarcher.dialup.fu-berlin.de
Link: http://lkml.kernel.org/r/54BCBDD4.10102@physik.fu-berlin.de

Cc: stable@vger.kernel.org
Cc: Matt Fleming <matt@console-pimps.org>
Reported-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Signed-off-by: Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
2015-01-19 12:10:47 -05:00
Dan Williams
72dd299d50 libata: allow sata_sil24 to opt-out of tag ordered submission
Ronny reports: https://bugzilla.kernel.org/show_bug.cgi?id=87101
    "Since commit 8a4aeec8d "libata/ahci: accommodate tag ordered
    controllers" the access to the harddisk on the first SATA-port is
    failing on its first access. The access to the harddisk on the
    second port is working normal.

    When reverting the above commit, access to both harddisks is working
    fine again."

Maintain tag ordered submission as the default, but allow sata_sil24 to
continue with the old behavior.

Cc: <stable@vger.kernel.org>
Cc: Tejun Heo <tj@kernel.org>
Reported-by: Ronny Hegewald <Ronny.Hegewald@online.de>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
2015-01-19 09:10:07 -05:00
Takashi Iwai
0f2524b347 ALSA: line6: Use setup_timer() and mod_timer()
No functional change, refactoring with the standard helpers.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-19 11:46:02 +01:00
Takashi Iwai
28e237a9b7 ALSA: usb-audio: Use setup_timer() and mod_timer()
No functional change, refactoring with the standard helpers.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-19 11:43:50 +01:00
Takashi Iwai
abd083526a ALSA: emux: Use setup_timer() and mod_timer()
No functional change, refactoring with the standard helpers.

Signed-off-by: Takashi Iwai <tiwai@suse.de>
2015-01-19 11:41:13 +01:00