linux-toradex.git, branch v2.6.26.5 Linux kernel for Apalis and Colibri modules Linux 2.6.26.5 2008-09-08T17:40:20+00:00 Greg Kroah-Hartman gregkh@suse.de 2008-09-08T17:40:20+00:00 c02a79dedc7f3c3d4fdbb5eb2000cacea5df4cde 






NET: fix build error caused by Greg K-H
2008-09-08T17:17:15+00:00

Greg Kroah-Hartman
gregkh@suse.de

2008-09-08T17:17:15+00:00

656ec3fd521a87963343315a506bae94c4a74266

This resolves the build error introduced in
97348238e1f470b200d4b810becaaa4147c6db51 due to Greg applying the the
incorrect patch.

Thanks to Randy Dunlap for reporting this.

Tested-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>





This resolves the build error introduced in
97348238e1f470b200d4b810becaaa4147c6db51 due to Greg applying the the
incorrect patch.

Thanks to Randy Dunlap for reporting this.

Tested-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>







Linux 2.6.26.4
2008-09-08T11:44:46+00:00

Greg Kroah-Hartman
gregkh@suse.de

2008-09-08T11:44:46+00:00

5a608116a56a9d8aee95a14856c8ff82b730e78f












sata_mv: don't issue two DMA commands concurrently
2008-09-08T11:44:32+00:00

Tejun Heo
htejun@gmail.com

2008-08-13T11:24:16+00:00

a52f94cf0b2a82420921257f97674756adb9c760

commit 4bdee6c5103696a2729d3db2f235d202191788e4 upstream

sata_mv allowed issuing two DMA commands concurrently which the
hardware allows.  Unfortunately, libata core layer isn't ready for
this yet and spews ugly warning message and malfunctions on this.
Don't allow concurrent DMA commands for now.

Signed-off-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Cc: Martin Michlmayr <tbm@cyrius.com>
Cc: Mark Lord <liml@rtr.ca>
Cc: Artem Bokhan <aptem@ngs.ru>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>






commit 4bdee6c5103696a2729d3db2f235d202191788e4 upstream

sata_mv allowed issuing two DMA commands concurrently which the
hardware allows.  Unfortunately, libata core layer isn't ready for
this yet and spews ugly warning message and malfunctions on this.
Don't allow concurrent DMA commands for now.

Signed-off-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Cc: Martin Michlmayr <tbm@cyrius.com>
Cc: Mark Lord <liml@rtr.ca>
Cc: Artem Bokhan <aptem@ngs.ru>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>








KVM: MMU: Fix torn shadow pte
2008-09-08T11:44:32+00:00

Avi Kivity
avi@qumranet.com

2008-08-26T08:05:28+00:00

b6908a04c2ad87725659a1df481921891e3516bc

(cherry picked from commit cd5998ebfbc9e6cb44408efa217c15d7eea13675)

The shadow code assigns a pte directly in one place, which is nonatomic on
i386 can can cause random memory references.  Fix by using an atomic setter.

Signed-off-by: Avi Kivity <avi@qumranet.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>






(cherry picked from commit cd5998ebfbc9e6cb44408efa217c15d7eea13675)

The shadow code assigns a pte directly in one place, which is nonatomic on
i386 can can cause random memory references.  Fix by using an atomic setter.

Signed-off-by: Avi Kivity <avi@qumranet.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>








x86: work around MTRR mask setting, v2
2008-09-08T11:44:32+00:00

Ingo Molnar
mingo@elte.hu

2008-09-03T00:54:10+00:00

06a27e265d6be92db8ef6e4abbef33c45453b2cb

commit 9754a5b840a209bc1f192d59f63e81b698a55ac8 upstream

x86: work around MTRR mask setting, v2

improve the debug printout:

- make it actually display something
- print it only once

would be nice to have a WARN_ONCE() facility, to feed such things to
kerneloops.org.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Cc: Yinghai Lu <yhlu.kernel@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>






commit 9754a5b840a209bc1f192d59f63e81b698a55ac8 upstream

x86: work around MTRR mask setting, v2

improve the debug printout:

- make it actually display something
- print it only once

would be nice to have a WARN_ONCE() facility, to feed such things to
kerneloops.org.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Cc: Yinghai Lu <yhlu.kernel@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>








nfsd: fix buffer overrun decoding NFSv4 acl
2008-09-08T11:44:32+00:00

J. Bruce Fields
bfields@citi.umich.edu

2008-09-01T18:51:02+00:00

ee69675af511022b8a324c4a208a91f901f0a6c4

commit 91b80969ba466ba4b915a4a1d03add8c297add3f upstream

The array we kmalloc() here is not large enough.

Thanks to Johann Dahm and David Richter for bug report and testing.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Cc: David Richter <richterd@citi.umich.edu>
Tested-by: Johann Dahm <jdahm@umich.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>






commit 91b80969ba466ba4b915a4a1d03add8c297add3f upstream

The array we kmalloc() here is not large enough.

Thanks to Johann Dahm and David Richter for bug report and testing.

Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Cc: David Richter <richterd@citi.umich.edu>
Tested-by: Johann Dahm <jdahm@umich.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>








sunrpc: fix possible overrun on read of /proc/sys/sunrpc/transports
2008-09-08T11:44:30+00:00

Cyrill Gorcunov
gorcunov@gmail.com

2008-09-01T18:51:01+00:00

94d5272a13ad73b0960826c61f3944cf7eb7286a

commit 27df6f25ff218072e0e879a96beeb398a79cdbc8 upstream

Vegard Nossum reported
----------------------
> I noticed that something weird is going on with /proc/sys/sunrpc/transports.
> This file is generated in net/sunrpc/sysctl.c, function proc_do_xprt(). When
> I "cat" this file, I get the expected output:
>    $ cat /proc/sys/sunrpc/transports
>    tcp 1048576
>    udp 32768

> But I think that it does not check the length of the buffer supplied by
> userspace to read(). With my original program, I found that the stack was
> being overwritten by the characters above, even when the length given to
> read() was just 1.

David Wagner added (among other things) that copy_to_user could be
probably used here.

Ingo Oeser suggested to use simple_read_from_buffer() here.

The conclusion is that proc_do_xprt doesn't check for userside buffer
size indeed so fix this by using Ingo's suggestion.

Reported-by: Vegard Nossum <vegard.nossum@gmail.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
CC: Ingo Oeser <ioe-lkml@rameria.de>
Cc: Neil Brown <neilb@suse.de>
Cc: Chuck Lever <chuck.lever@oracle.com>
Cc: Greg Banks <gnb@sgi.com>
Cc: Tom Tucker <tom@opengridcomputing.com>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>






commit 27df6f25ff218072e0e879a96beeb398a79cdbc8 upstream

Vegard Nossum reported
----------------------
> I noticed that something weird is going on with /proc/sys/sunrpc/transports.
> This file is generated in net/sunrpc/sysctl.c, function proc_do_xprt(). When
> I "cat" this file, I get the expected output:
>    $ cat /proc/sys/sunrpc/transports
>    tcp 1048576
>    udp 32768

> But I think that it does not check the length of the buffer supplied by
> userspace to read(). With my original program, I found that the stack was
> being overwritten by the characters above, even when the length given to
> read() was just 1.

David Wagner added (among other things) that copy_to_user could be
probably used here.

Ingo Oeser suggested to use simple_read_from_buffer() here.

The conclusion is that proc_do_xprt doesn't check for userside buffer
size indeed so fix this by using Ingo's suggestion.

Reported-by: Vegard Nossum <vegard.nossum@gmail.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
CC: Ingo Oeser <ioe-lkml@rameria.de>
Cc: Neil Brown <neilb@suse.de>
Cc: Chuck Lever <chuck.lever@oracle.com>
Cc: Greg Banks <gnb@sgi.com>
Cc: Tom Tucker <tom@opengridcomputing.com>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>








r8169: balance pci_map / pci_unmap pair
2008-09-08T11:44:30+00:00

Francois Romieu
romieu@fr.zoreil.com

2008-08-28T20:55:33+00:00

b815a62f9cc72aeda7c49187451bcfbb7800c067

commit a866bbf6aacf95f849810079442a20be118ce905 upstream

The leak hurts with swiotlb and jumbo frames.

Fix http://bugzilla.kernel.org/show_bug.cgi?id=9468.

Heavily hinted by Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>.

Signed-off-by: Francois Romieu <romieu@fr.zoreil.com>
Tested-by: Alistair John Strachan <alistair@devzero.co.uk>
Tested-by: Timothy J Fontaine <tjfontaine@atxconsulting.com>
Cc: Edward Hsu <edward_hsu@realtek.com.tw>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>






commit a866bbf6aacf95f849810079442a20be118ce905 upstream

The leak hurts with swiotlb and jumbo frames.

Fix http://bugzilla.kernel.org/show_bug.cgi?id=9468.

Heavily hinted by Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>.

Signed-off-by: Francois Romieu <romieu@fr.zoreil.com>
Tested-by: Alistair John Strachan <alistair@devzero.co.uk>
Tested-by: Timothy J Fontaine <tjfontaine@atxconsulting.com>
Cc: Edward Hsu <edward_hsu@realtek.com.tw>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>








tg3: Fix firmware event timeouts
2008-09-08T11:44:30+00:00

Matt Carlson
mcarlson@broadcom.com

2008-08-15T21:10:04+00:00

a5096008726d745ff5b85bc9cc9b7e14c83d9be7

patch 4ba526ced990f4d61ee8d65fe8a6f0745e8e455c upstream

The git commit 7c5026aa9b81dd45df8d3f4e0be73e485976a8b6 ("tg3: Add
link state reporting to UMP firmware") introduced code that waits for
previous firmware events to be serviced before attempting to submit a
new event.  Unfortunately that patch contained a bug that cause the
driver to wait 2.5 seconds, rather than 2.5 milliseconds as intended.
This patch fixes that bug.

This bug revealed that not all firmware versions service driver events
though.  Since we do not know which versions of the firmware do and don't
service these events, the driver needs some way to minimize the effects
of the delay.  This patch solves the problem by recording a jiffies
timestamp when it submits an event to the hardware.  If the jiffies
counter shows that 2.5 milliseconds have already passed, a wait is not
needed and the driver can proceed to submit a new event.

Signed-off-by: Matt Carlson <mcarlson@broadcom.com>
Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>






patch 4ba526ced990f4d61ee8d65fe8a6f0745e8e455c upstream

The git commit 7c5026aa9b81dd45df8d3f4e0be73e485976a8b6 ("tg3: Add
link state reporting to UMP firmware") introduced code that waits for
previous firmware events to be serviced before attempting to submit a
new event.  Unfortunately that patch contained a bug that cause the
driver to wait 2.5 seconds, rather than 2.5 milliseconds as intended.
This patch fixes that bug.

This bug revealed that not all firmware versions service driver events
though.  Since we do not know which versions of the firmware do and don't
service these events, the driver needs some way to minimize the effects
of the delay.  This patch solves the problem by recording a jiffies
timestamp when it submits an event to the hardware.  If the jiffies
counter shows that 2.5 milliseconds have already passed, a wait is not
needed and the driver can proceed to submit a new event.

Signed-off-by: Matt Carlson <mcarlson@broadcom.com>
Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>