aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2008-03-04KVM: MMU: Fix race when instantiating a shadow pteAvi Kivity
For improved concurrency, the guest walk is performed concurrently with other vcpus. This means that we need to revalidate the guest ptes once we have write-protected the guest page tables, at which point they can no longer be modified. The current code attempts to avoid this check if the shadow page table is not new, on the assumption that if it has existed before, the guest could not have modified the pte without the shadow lock. However the assumption is incorrect, as the racing vcpu could have modified the pte, then instantiated the shadow page, before our vcpu regains control: vcpu0 vcpu1 fault walk pte modify pte fault in same pagetable instantiate shadow page lookup shadow page conclude it is old instantiate spte based on stale guest pte We could do something clever with generation counters, but a test run by Marcelo suggests this is unnecessary and we can just do the revalidation unconditionally. The pte will be in the processor cache and the check can be quite fast. Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-04KVM: Route irq 0 to vcpu 0 exclusivelyAvi Kivity
Some Linux versions allow the timer interrupt to be processed by more than one cpu, leading to hangs due to tsc instability. Work around the issue by only disaptching the interrupt to vcpu 0. Problem analyzed (and patch tested) by Sheng Yang. Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-04KVM: Avoid infinite-frequency local apic timerAvi Kivity
If the local apic initial count is zero, don't start a an hrtimer with infinite frequency, locking up the host. Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-04KVM: make MMU_DEBUG compile againMarcelo Tosatti
the cr3 variable is now inside the vcpu->arch structure. Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-04KVM: move alloc_apic_access_page() outside of non-preemptable regionMarcelo Tosatti
alloc_apic_access_page() can sleep, while vmx_vcpu_setup is called inside a non preemptable region. Move it after put_cpu(). Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-04KVM: SVM: fix Windows XP 64 bit installation crashJoerg Roedel
While installing Windows XP 64 bit wants to access the DEBUGCTL and the last branch record (LBR) MSRs. Don't allowing this in KVM causes the installation to crash. This patch allow the access to these MSRs and fixes the issue. Signed-off-by: Joerg Roedel <joerg.roedel@amd.com> Signed-off-by: Markus Rechberger <markus.rechberger@amd.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-04KVM: remove the usage of the mmap_sem for the protection of the memory slots.Izik Eidus
This patch replaces the mmap_sem lock for the memory slots with a new kvm private lock, it is needed beacuse untill now there were cases where kvm accesses user memory while holding the mmap semaphore. Signed-off-by: Izik Eidus <izike@qumranet.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-03KVM: emulate access to MSR_IA32_MCG_CTLJoerg Roedel
Injecting an GP when accessing this MSR lets Windows crash when running some stress test tools in KVM. So this patch emulates access to this MSR. Signed-off-by: Joerg Roedel <joerg.roedel@amd.com> Signed-off-by: Markus Rechberger <markus.rechberger@amd.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-03KVM: Make the supported cpuid list a host property rather than a vm propertyAvi Kivity
One of the use cases for the supported cpuid list is to create a "greatest common denominator" of cpu capabilities in a server farm. As such, it is useful to be able to get the list without creating a virtual machine first. Since the code does not depend on the vm in any way, all that is needed is to move it to the device ioctl handler. The capability identifier is also changed so that binaries made against -rc1 will fail gracefully. Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-03KVM: Fix kvm_arch_vcpu_ioctl_set_sregs so that set_cr0 works properlyPaul Knowles
Whilst working on getting a VM to initialize in to IA32e mode I found this issue. set_cr0 relies on comparing the old cr0 to the new one to work correctly. Move the assignment below so the compare can work. Signed-off-by: Paul Knowles <paul@transitive.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-03KVM: SVM: set NM intercept when enabling CR0.TS in the guestJoerg Roedel
Explicitly enable the NM intercept in svm_set_cr0 if we enable TS in the guest copy of CR0 for lazy FPU switching. This fixes guest SMP with Linux under SVM. Without that patch Linux deadlocks or panics right after trying to boot the other CPUs. Signed-off-by: Joerg Roedel <joerg.roedel@amd.com> Signed-off-by: Markus Rechberger <markus.rechberger@amd.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-03KVM: SVM: Fix lazy FPU switchingJoerg Roedel
If the guest writes to cr0 and leaves the TS flag at 0 while vcpu->fpu_active is also 0, the TS flag in the guest's cr0 gets lost. This leads to corrupt FPU state an causes Windows Vista 64bit to crash very soon after boot. This patch fixes this bug. Signed-off-by: Joerg Roedel <joerg.roedel@amd.com> Signed-off-by: Markus Rechberger <markus.rechberger@amd.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-03-02Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6: firewire: fix crash in automatic module unloading firewire: potentially invalid pointers used in fw_card_bm_work firewire: fw-sbp2: better fix for NULL pointer dereference in scsi_remove_device
2008-03-02firewire: fix crash in automatic module unloadingStefan Richter
"modprobe firewire-ohci; sleep .1; modprobe -r firewire-ohci" used to result in crashes like this: BUG: unable to handle kernel paging request at ffffffff8807b455 IP: [<ffffffff8807b455>] PGD 203067 PUD 207063 PMD 7c170067 PTE 0 Oops: 0010 [1] PREEMPT SMP CPU 0 Modules linked in: i915 drm cpufreq_ondemand acpi_cpufreq freq_table applesmc input_polldev led_class coretemp hwmon eeprom snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss button thermal processor sg snd_hda_intel snd_pcm snd_timer snd snd_page_alloc sky2 i2c_i801 rtc [last unloaded: crc_itu_t] Pid: 9, comm: events/0 Not tainted 2.6.25-rc2 #3 RIP: 0010:[<ffffffff8807b455>] [<ffffffff8807b455>] RSP: 0018:ffff81007dcdde88 EFLAGS: 00010246 RAX: ffff81007dc95040 RBX: ffff81007dee5390 RCX: 0000000000005e13 RDX: 0000000000008c8b RSI: 0000000000000001 RDI: ffff81007dee5388 RBP: ffff81007dc5eb40 R08: 0000000000000002 R09: ffffffff8022d05c R10: ffffffff8023b34c R11: ffffffff8041a353 R12: ffff81007dee5388 R13: ffffffff8807b455 R14: ffffffff80593bc0 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffffffff8055a000(0000) knlGS:0000000000000000 CS: 0010 DS: 0018 ES: 0018 CR0: 000000008005003b CR2: ffffffff8807b455 CR3: 0000000000201000 CR4: 00000000000006e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Process events/0 (pid: 9, threadinfo ffff81007dcdc000, task ffff81007dc95040) Stack: ffffffff8023b396 ffffffff88082524 0000000000000000 ffffffff8807d9ae ffff81007dc5eb40 ffff81007dc9dce0 ffff81007dc5eb40 ffff81007dc5eb80 ffff81007dc9dce0 ffffffffffffffff ffffffff8023be87 0000000000000000 Call Trace: [<ffffffff8023b396>] ? run_workqueue+0xdf/0x1df [<ffffffff8023be87>] ? worker_thread+0xd8/0xe3 [<ffffffff8023e917>] ? autoremove_wake_function+0x0/0x2e [<ffffffff8023bdaf>] ? worker_thread+0x0/0xe3 [<ffffffff8023e813>] ? kthread+0x47/0x74 [<ffffffff804198e0>] ? trace_hardirqs_on_thunk+0x35/0x3a [<ffffffff8020c008>] ? child_rip+0xa/0x12 [<ffffffff8020b6e3>] ? restore_args+0x0/0x3d [<ffffffff8023e68a>] ? kthreadd+0x14c/0x171 [<ffffffff8023e68a>] ? kthreadd+0x14c/0x171 [<ffffffff8023e7cc>] ? kthread+0x0/0x74 [<ffffffff8020bffe>] ? child_rip+0x0/0x12 Code: Bad RIP value. RIP [<ffffffff8807b455>] RSP <ffff81007dcdde88> CR2: ffffffff8807b455 ---[ end trace c7366c6657fe5bed ]--- Note that this crash happened _after_ firewire-core was unloaded. The shared workqueue tried to run firewire-core's device initialization jobs or similar jobs. The fix makes sure that firewire-ohci and hence firewire-core is not unloaded before all device shutdown jobs have been completed. This is determined by the count of device initializations minus device releases. Also skip useless retries in the node initialization job if the node is to be shut down. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Signed-off-by: Jarod Wilson <jwilson@redhat.com>
2008-03-02firewire: potentially invalid pointers used in fw_card_bm_workStefan Richter
The bus management workqueue job was in danger to dereference NULL pointers. Also, after having temporarily lifted card->lock, a few node pointers and a device pointer may have become invalid. Add NULL pointer checks and get the necessary references. Also, move card->local_node out of fw_card_bm_work's sight during shutdown of the card. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Signed-off-by: Jarod Wilson <jwilson@redhat.com>
2008-03-02firewire: fw-sbp2: better fix for NULL pointer dereference in scsi_remove_deviceStefan Richter
Patch "firewire: fw-sbp2: fix NULL pointer deref. in scsi_remove_device" had the unintended effect that firewire-sbp2 could not be unloaded anymore until all SBP-2 devices were unplugged. We now fix the NULL pointer bug by reacquiring a reference to the sdev instead of holding a reference to the sdev (and to the module) all the time. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Tested-by: Jarod Wilson <jwilson@redhat.com>
2008-03-01[PATCH] drop EOE records from printkSteve Grubb
Hi, While we are looking at the printk issue, I see that its printk'ing the EOE (end of event) records which is really not something that we need in syslog. Its really intended for the realtime audit event stream handled by the audit daemon. So, lets avoid printk'ing that record type. Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-03-01[RFC] AUDIT: do not panic when printk loses messagesEric Paris
On the latest kernels if one was to load about 15 rules, set the failure state to panic, and then run service auditd stop the kernel will panic. This is because auditd stops, then the script deletes all of the rules. These deletions are sent as audit messages out of the printk kernel interface which is already known to be lossy. These will overun the default kernel rate limiting (10 really fast messages) and will call audit_panic(). The same effect can happen if a slew of avc's come through while auditd is stopped. This can be fixed a number of ways but this patch fixes the problem by just not panicing if auditd is not running. We know printk is lossy and if the user chooses to set the failure mode to panic and tries to use printk we can't make any promises no matter how hard we try, so why try? At least in this way we continue to get lost message accounting and will eventually know that things went bad. The other change is to add a new call to audit_log_lost() if auditd disappears. We already pulled the skb off the queue and couldn't send it so that message is lost. At least this way we will account for the last message and panic if the machine is configured to panic. This code path should only be run if auditd dies for unforeseen reasons. If auditd closes correctly audit_pid will get set to 0 and we won't walk this code path. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-03-01[PATCH] Audit: Fix the format type for size_t variablesPaul Moore
Fix the following compiler warning by using "%zu" as defined in C99. CC kernel/auditsc.o kernel/auditsc.c: In function 'audit_log_single_execve_arg': kernel/auditsc.c:1074: warning: format '%ld' expects type 'long int', but argument 4 has type 'size_t' Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-02-29Merge branch 'upstream-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev * 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev: [libata] wrap kmap_atomic(KM_IRQ0) with local_irq_save/restore() sata_svw: Add support for HT1100 SATA controller
2008-02-29[libata] wrap kmap_atomic(KM_IRQ0) with local_irq_save/restore()Jeff Garzik
Interrupts must be disabled if using kmap_atomic(KM_IRQ0), but that was not the case in a few code paths coming directly from ATA driver interrupt handlers (which use spin_lock rather than spin_lock_irqsave). Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2008-02-29Merge branch 'for-linus' of master.kernel.org:/home/rmk/linux-2.6-armLinus Torvalds
* 'for-linus' of master.kernel.org:/home/rmk/linux-2.6-arm: [ARM] 4843/1: Add GCR_CLKBPB for PXA3xx [ARM] 4842/1: pxa: remove redundant IRQ saving/restoring in clk_pxa3xx_cken_* [ARM] 4841/1: pxa: fix typo in LCD platform data definition code for zylonite [ARM] 4840/1: pxa: fix the typo in get_irqnr_and_base [ARM] 4839/1: fixes kernel Oops in /dev/mem device driver for memory map with PHYS_OFF [ARM] eliminate MODULE_PARM() usage [ARM] 4838/1: Fix kexec for SA1100 machines [ARM] 4837/1: make __get_unaligned_*() return unsigned types [ARM] 4836/1: Make ATAGS_PROC depend on KEXEC
2008-02-29[ARM] 4843/1: Add GCR_CLKBPB for PXA3xxMark Brown
The PXA3xx AC97 controller has an additional control bit GCR_CLKBPB which must be used during cold reset. Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com> Acked-by: eric miao <eric.miao@marvell.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2008-02-29[ARM] 4842/1: pxa: remove redundant IRQ saving/restoring in clk_pxa3xx_cken_*eric miao
This is unnecessary since it is already protected by spin_lock_irq{save, restore} in clock.c. Signed-off-by: eric miao <eric.miao@marvell.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2008-02-29[ARM] 4841/1: pxa: fix typo in LCD platform data definition code for zyloniteeric miao
Signed-off-by: eric miao <eric.miao@marvell.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2008-02-29[ARM] 4840/1: pxa: fix the typo in get_irqnr_and_baseeric miao
This typo causes the incorrect calculation of the IRQ numbers in the ICIP2 registers. Signed-off-by: eric miao <eric.miao@marvell.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2008-02-29[ARM] 4839/1: fixes kernel Oops in /dev/mem device driver for memory map ↵Alexandre Rusev
with PHYS_OFF "cat /dev/mem" may cause kernel Oops for boards with PHYS_OFFSET != 0 because character device is mapped to addresses starting from zero and there is no protection against such situation. Patch just add this. Signed-off-by: Alexandre Rusev <arusev@ru.mvista.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2008-02-29[ARM] eliminate MODULE_PARM() usageRandy Dunlap
Convert debug-only (and removed) MODULE_PARM() to module_param(). Compiles cleanly (with DEBUG=1). Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2008-02-29[ARM] 4838/1: Fix kexec for SA1100 machinesThomas Kunze
This patch sets KEXEC_CONTROL_MEMORY_LIMIT to (-1)UL. As the value is compared with physical addresses TASK_SIZE makes no sense. Machines where the RAM addresses start above TASK_SIZE kexecs eats all memory and crashes the kernel without this patch. Signed-off-by: Thomas Kunze <thommycheck@gmx.de> Acked-by: Richard Purdie <rpurdie@rpsys.net> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2008-02-29[ARM] 4837/1: make __get_unaligned_*() return unsigned typesLennert Buytenhek
Eric Sandeen tracked an XFS on ARM corruption bug down to a function under fs/xfs/ involving some get_unaligned() calls on u64 pointers. As it turns out, calling ARM's get_unaligned() on a u64 pointer pointing to the following byte sequence: 80 81 82 83 84 85 86 87 would return ffffffff83828180 (LE mode.) This turns out to be because of implicit u8 -> int promotion in ARM's implementation of various helpers for get_unaligned(), causing them to accidentally return signed instead of unsigned values, which in turn caused the subsequent casts to unsigned long long in __get_unaligned_8_[bl]e() to sign-extend the lower words. Fix by casting the return values of __get_unaligned_[24]_[bl]e() to unsigned int. Cc: Eric Sandeen <sandeen@sandeen.net> Cc: Rabeeh Khoury <rabeeh@marvell.com> Cc: Nicolas Pitre <nico@marvell.com> Signed-off-by: Lennert Buytenhek <buytenh@marvell.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2008-02-29[ARM] 4836/1: Make ATAGS_PROC depend on KEXECUli Luckas
On Wed, Feb 20, 2008 at 11:50:33AM +0100, Guennadi Liakhovetski wrote: > arch/arm/kernel/atags.c uses for some reason the > KEXEC_BOOT_PARAMS_SIZE macro, which is only defined if CONFIG_KEXEC > is set. So, either this macro should be defined always, or another > macro should be used, or ATAGS_PROC should depend on KEXEC. As the procfs export of ATAGS is not meant as a stable, general purpose ABI it shouldn't be an independent, general configuration option. This patch make ATAGS_PROC depend on KEXEC Signed-off-by: Uli Luckas <u.luckas@road.de> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2008-02-29rcupreempt: remove never-migrates assumption from rcu_process_callbacks()Paul E. McKenney
This patch fixes a potentially invalid access to a per-CPU variable in rcu_process_callbacks(). This per-CPU access needs to be done in such a way as to guarantee that the code using it cannot move to some other CPU before all uses of the value accessed have completed. Even though this code is currently only invoked from softirq context, which currrently cannot migrate to some other CPU, life would be better if this code did not silently make such an assumption. Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29rcupreempt: fix hibernate/resume in presence of PREEMPT_RCU and hotplugPaul E. McKenney
This fixes a oops encountered when doing hibernate/resume in presence of PREEMPT_RCU. The problem was that the code failed to disable preemption when accessing a per-CPU variable. This is OK when called from code that already has preemption disabled, but such is not the case from the suspend/resume code path. Reported-by: Dave Young <hidave.darkstar@gmail.com> Tested-by: Dave Young <hidave.darkstar@gmail.com> Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29Merge git://git.kernel.org/pub/scm/linux/kernel/git/mingo/linux-2.6-schedLinus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/mingo/linux-2.6-sched: softlockup: fix task state setting rcu: add support for dynamic ticks and preempt rcu
2008-02-29xen: mask out SEP from CPUIDJeremy Fitzhardinge
Fix 32-on-64 pvops kernel: we don't want userspace using syscall/sysenter, even if the hypervisor supports it, so mask it out from CPUID. Signed-off-by: Jeremy Fitzhardinge <jeremy@xensource.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29x86 ptrace: fix ptrace_bts_config structure declarationDave Anderson
The 2.6.25 ptrace_bts_config structure in asm-x86/ptrace-abi.h is defined with u32 types: #include <asm/types.h> /* configuration/status structure used in PTRACE_BTS_CONFIG and PTRACE_BTS_STATUS commands. */ struct ptrace_bts_config { /* requested or actual size of BTS buffer in bytes */ u32 size; /* bitmask of below flags */ u32 flags; /* buffer overflow signal */ u32 signal; /* actual size of bts_struct in bytes */ u32 bts_size; }; #endif But u32 is only accessible in asm-x86/types.h if __KERNEL__, leading to compile errors when ptrace.h is included from user-space. The double-underscore versions that are exported to user-space in asm-x86/types.h should be used instead. Signed-off-by: Dave Anderson <anderson@redhat.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29x86: disable BTS ptrace extensions for nowIngo Molnar
revert the BTS ptrace extension for now. based on general objections from Roland McGrath: http://lkml.org/lkml/2008/2/21/323 we'll let the BTS functionality cook some more and re-enable it in v2.6.26. We'll leave the dead code around to help the development of this code. (X86_BTS is not defined at the moment) Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29x86: CPA: avoid split of alias mappingsThomas Gleixner
avoid over-eager large page splitup. When the target area needs to be split or is split already (ioremap) then the current code enforces the split of large mappings in the alias regions even if we could avoid it. Use a separate variable processed in the cpa_data structure to carry the number of pages which have been processed instead of reusing the numpages variable. This keeps numpages intact and gives the alias code a chance to keep large mappings intact. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29x86: delay the export removal of init_mmIngo Molnar
delay the removal of this symbol export by one more kernel release, giving external modules such as VirtualBox a chance to stop using it. Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29x86: fix leak un ioremap_page_range() failureIngo Molnar
Jan Beulich noticed it during code review that if a driver's ioremap() fails (say due to -ENOMEM) then we might leak the struct vm_area. Free it properly. Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29x86 vdso: fix build locale dependencyRoland McGrath
Priit Laes discovered that the sed command processing nm output was sensitive to locale settings. This was addressed in commit 03994f01e8b72b3d01fd3d09d1cc7c9f421a727c by using [:alnum:] in place of [a-zA-Z0-9]. But that solution too is locale-dependent and may not always match the identifiers it needs to. The better fix is just to run sed et al with a fixed locale setting in all builds. Signed-off-by: Roland McGrath <roland@redhat.com> CC: Priit Laes <plaes@plaes.org> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29x86: restore vsyscall64 prochandlerThomas Gleixner
a recent fix: commit ce28b9864b853803320c3f1d8de1b81aa4120b14 Author: Thomas Gleixner <tglx@linutronix.de> Date: Wed Feb 20 23:57:30 2008 +0100 x86: fix vsyscall wreckage removed the broken /kernel/vsyscall64 handler completely. This triggers the following debug check: sysctl table check failed: /kernel/vsyscall64 No proc_handler Restore the sane part of the proc handler. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29x86: fix pmd_bad and pud_bad to support huge pagesHans Rosenfeld
I recently stumbled upon a problem in the support for huge pages. If a program using huge pages does not explicitly unmap them, they remain mapped (and therefore, are lost) after the program exits. I observed that the free huge page count in /proc/meminfo decreased when running my program, and it did not increase after the program exited. After running the program a few times, no more huge pages could be allocated. The reason for this seems to be that the x86 pmd_bad and pud_bad consider pmd/pud entries having the PSE bit set invalid. I think there is nothing wrong with this bit being set, it just indicates that the lowest level of translation has been reached. This bit has to be (and is) checked after the basic validity of the entry has been checked, like in this fragment from follow_page() in mm/memory.c: if (pmd_none(*pmd) || unlikely(pmd_bad(*pmd))) goto no_page_table; if (pmd_huge(*pmd)) { BUG_ON(flags & FOLL_GET); page = follow_huge_pmd(mm, address, pmd, flags & FOLL_WRITE); goto out; } Note that this code currently doesn't work as intended if the pmd refers to a huge page, the pmd_huge() check can not be reached if the page is huge. Extending pmd_bad() (and, for future 1GB page support, pud_bad()) to allow for the PSE bit being set fixes this. For similar reasons, allowing the NX bit being set is necessary, too. I have seen huge pages having the NX bit set in their pmd entry, which would cause the same problem. Signed-Off-By: Hans Rosenfeld <hans.rosenfeld@amd.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29x86: tls prevent_tail_callRoland McGrath
Fix a kernel bug (vmware boot problem) reported by Tomasz Grobelny, which occurs with certain .config variants and gccs. The x86 TLS cleanup in commit efd1ca52d04d2f6df337a3332cee56cd60e6d4c4 made the sys_set_thread_area and sys_get_thread_area functions ripe for tail call optimization. If the compiler chooses to use it for them, it can clobber the user trap frame because these are asmlinkage functions. Reported-by: Tomasz Grobelny <tomasz@grobelny.oswiecenia.net> Signed-off-by: Roland McGrath <roland@redhat.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29softlockup: fix task state settingDmitry Adamushko
kthread_stop() can be called when a 'watchdog' thread is executing after kthread_should_stop() but before set_task_state(TASK_INTERRUPTIBLE). Signed-off-by: Dmitry Adamushko <dmitry.adamushko@gmail.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29rcu: add support for dynamic ticks and preempt rcuSteven Rostedt
The PREEMPT-RCU can get stuck if a CPU goes idle and NO_HZ is set. The idle CPU will not progress the RCU through its grace period and a synchronize_rcu my get stuck. Without this patch I have a box that will not boot when PREEMPT_RCU and NO_HZ are set. That same box boots fine with this patch. This patch comes from the -rt kernel where it has been tested for several months. Signed-off-by: Steven Rostedt <srostedt@redhat.com> Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-02-29Merge git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/alsa-fix-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/alsa-fix-2.6: [ALSA] intel8x0 - Add quirk for Compaq Deskpro EN [ALSA] hda-codec - Adapt eeepc p701 mixer for virtual master control [ALSA] sound: ice1712: unused structs [ALSA] ASoC: Fix WM9712 mixer_event DAPM widget function type [ALSA] ASoC: Fix DAPM widget function types in pxa machine drivers [ALSA] hda-codec - Fix mixer names of realtek codecs to adapt mater controls [ALSA] intel8x0 - Add quirk for Acer Travelmate 2310 [ALSA] hda_intel - Add model quirk for Albatron KI690-AM2 motherboard [ALSA] oxygen: add owner field [ALSA] hda-codec - Add Fujitsu Lifebook E8410 to quirk table [ALSA] hda-codec - Fix AD1988 capture elements [ALSA] sb8: fix SB 1.0 capture DMA programming [ALSA] usb-audio: add workaround for broken E-Mu frequency feedback [ALSA] ASoC: Fix TLV320AIC3X PLL divider table for 64 kHz rate [ALSA] hda-codec - Fix Master volume on HP dv8000
2008-02-29Merge branch 'avr32-fixes' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/hskinnemoen/avr32-2.6 * 'avr32-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/hskinnemoen/avr32-2.6: avr32: Fix OCD refcounting bug avr32: Call tick_nohz_{stop,restart}_sched_tick() in idle loop avr32: Use correct config symbol in atstk1004 board code avr32: Fix broken pte dump code in do_page_fault() AVR32: Define PAGE_SHARED
2008-02-29Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/blackfin-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/blackfin-2.6: (35 commits) Blackfin Serial Driver: Fix bug - Only insert UART rx char in timer task. Blackfin Serial Driver: Fix bug - update tx dma buffer tail before wake up processes. Blackfin Serial Driver: Fix bug - Increase buffer tail immediately before starting tx dma. [Blackfin] serial driver: Add flow control support to bf54x [Blackfin] serial driver: Fix bug Poll RTS/CTS status in DMA mode as well [Blackfin] serial driver: ADSP-BF52x arch/mach support [Blackfin] serial driver: use simpler comment headers and strip out information that is maintained in the scm's log [Blackfin] serial driver: rework break flood anomaly handling to be more robust/realistic about what we can actually work around [Blackfin] serial driver: fix bug - cache the bits of the LSR on systems where the LSR is read-to-clear [Blackfin] serial driver: fix bug - should not wait for the TFI bit, just clear it when tx stop. [Blackfin] serial driver: Fix bug serial driver in DMA mode spams history to console on shell restart [Blackfin] serial driver: Fix bug Free rx dma buffer in shutdown. [Blackfin] serial driver: Clean up UART DMA code. Blackfin Serial driver: Fix bug - serial driver in PIO mode cant handle input very quickly [Blackfin] arch: kill section mismatch warnings [Blackfin] arch: handle the most common L1 shrinkage case (L1 does not exist for a part) so that any parts labeled for L1 instead get placed into external memory sections [Blackfin] arch: add bfin_clear_PPIx_STATUS() helper funcs like we have for other parts [Blackfin] arch: make sure we have proper description/copyright/license lines [Blackfin] arch: Fix CONFIG_PM support for BF561 [Blackfin] arch: Remove DPMC char driver option ...
2008-02-29Merge branch 'for-linus' of git://oss.sgi.com:8090/xfs/xfs-2.6Linus Torvalds
* 'for-linus' of git://oss.sgi.com:8090/xfs/xfs-2.6: [XFS] If you mount an XFS filesystem with no mount options at all, then