user/sven/linux.git, branch v2.6.28.1

Linux 2.6.28.1

2009-01-18T18:45:37Z

XFS: truncate readdir offsets to signed 32 bit values

2009-01-18T18:44:06Z

commit 15440319767942a363f282d6585303d3d75088ba upstream. John Stanley reported EOVERFLOW errors in readdir from his self-build glibc. I traced this down to glibc enabling d_off overflow checks in one of the about five million different getdents implementations. In 2.6.28 Dave Woodhouse moved our readdir double buffering required for NFS4 readdirplus into nfsd and at that point we lost the capping of the directory offsets to 32 bit signed values. Johns glibc used getdents64 to even implement readdir for normal 32 bit offset dirents, and failed with EOVERFLOW only if this happens on the first dirent in a getdents call. I managed to come up with a testcase that uses raw getdents and does the EOVERFLOW check manually. We always hit it with our last entry due to the special end of directory marker. The patch below is a dumb version of just putting back the masking, to make sure we have the same behavior as in 2.6.27 and earlier. I will work on a better and cleaner fix for 2.6.30. Reported-by: John Stanley Tested-by: John Stanley Signed-off-by: Christoph Hellwig Reviewed-by: Dave Chinner Signed-off-by: Lachlan McIlroy Signed-off-by: Greg Kroah-Hartman

mm: fix assertion

2009-01-18T18:44:06Z

commit 18e6959c385f3edf3991fa6662a53dac4eb10d5b upstream. This assertion is incorrect for lockless pagecache. By definition if we have an unpinned page that we are trying to take a speculative reference to, it may become the tail of a compound page at any time (if it is freed, then reallocated as a compound page). It was still a valid assertion for the vmscan.c LRU isolation case, but it doesn't seem incredibly helpful... if somebody wants it, they can put it back directly where it applies in the vmscan code. Signed-off-by: Nick Piggin Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman

ath5k: ignore the return value of ath5k_hw_noise_floor_calibration

2009-01-18T18:44:05Z

commit 8b0162a3dc5c30e862b7a73da29e32de3170f5e4 upstream. Noise floor calibration occasionally fails on Atheros hardware. This is not fatal and can happen if there's simply too much noise on the air. Ignoring the calibration error is the right thing to do here, because when the error is ignored, the hardware will still work, whereas if the error causes the driver to bail out of a bigger configuration function and does not configure the tx queues or the IMR (as is the case in reset.c), the hw no longer works properly until the next reset. Signed-off-by: Felix Fietkau Signed-off-by: John W. Linville Cc: Bob Copeland Signed-off-by: Greg Kroah-Hartman

getrusage: RUSAGE_THREAD should return ru_utime and ru_stime

2009-01-18T18:44:05Z

commit 8916edef5888c5d8fe283714416a9ca95b4c3431 upstream. Impact: task stats regression fix Original getrusage(RUSAGE_THREAD) implementation can return ru_utime and ru_stime. But commit "f06febc: timers: fix itimer/many thread hang" broke it. this patch restores it. Signed-off-by: KOSAKI Motohiro Acked-by: Roland McGrath Signed-off-by: Ingo Molnar Signed-off-by: Greg Kroah-Hartman

ibmvfc: Improve async event handling

2009-01-18T18:44:05Z

commit d2131b33c7e07c2905ee2f2321cc4dae1928c483 upstream. While doing various error injection testing, such as cable pulls and target moves, some issues were observed in handling these events. This patch improves the way these events are handled by increasing the delay waiting for the fabric to settle and also changes the behavior of Link Up to break the CRQ to ensure everything gets cleaned up properly on the VIOS. Signed-off-by: Brian King Signed-off-by: James Bottomley Signed-off-by: Greg Kroah-Hartman

ibmvfc: Delay NPIV login retry and add retries

2009-01-18T18:44:05Z

commit 1c41fa8288277e76785acb50f52bb2f39509f903 upstream. Adds a delay prior to retrying a failed NPIV login. This fixes a scenario if the backing fibre channel adapter is getting reset due to an EEH event, NPIV login will fail. Currently, ibmvfc retries three times very quickly, resets the CRQ and tries one more time. If the adapter is getting reset due to EEH, this isn't enough time. This adds a delay prior to retrying a failed NPIV login and also increments the number of retries. Signed-off-by: Brian King Signed-off-by: James Bottomley Signed-off-by: Greg Kroah-Hartman

powerpc: Disable Collaborative Memory Manager for kdump

2009-01-18T18:44:05Z

commit 2218108e182fd8a6d9106077833ed7ad05fc8e75 upstream. When running Active Memory Sharing, the Collaborative Memory Manager (CMM) may mark some pages as "loaned" with the hypervisor. Periodically, the CMM will query the hypervisor for a loan request, which is a single signed value. When kexec'ing into a kdump kernel, the CMM driver in the kdump kernel is not aware of the pages the previous kernel had marked as "loaned", so the hypervisor and the CMM driver are out of sync. This results in the CMM driver getting a negative loan request, which can then get treated as a large unsigned value and can cause kdump to hang due to the CMM driver inflating too large. Since there really is no clean way for the CMM driver in the kdump kernel to clean this up, simply disable CMM in the kdump kernel. This fixes hangs we were seeing doing kdump with AMS. Signed-off-by: Brian King Signed-off-by: Paul Mackerras Signed-off-by: Greg Kroah-Hartman

mm lockless pagecache barrier fix

2009-01-18T18:44:04Z

commit e8c82c2e23e3527e0c9dc195e432c16784d270fa upstream. An XFS workload showed up a bug in the lockless pagecache patch. Basically it would go into an "infinite" loop, although it would sometimes be able to break out of the loop! The reason is a missing compiler barrier in the "increment reference count unless it was zero" case of the lockless pagecache protocol in the gang lookup functions. This would cause the compiler to use a cached value of struct page pointer to retry the operation with, rather than reload it. So the page might have been removed from pagecache and freed (refcount==0) but the lookup would not correctly notice the page is no longer in pagecache, and keep attempting to increment the refcount and failing, until the page gets reallocated for something else. This isn't a data corruption because the condition will be detected if the page has been reallocated. However it can result in a lockup. Linus points out that ACCESS_ONCE is also required in that pointer load, even if it's absence is not causing a bug on our particular build. The most general way to solve this is just to put an rcu_dereference in radix_tree_deref_slot. Assembly of find_get_pages, before: .L220: movq (%rbx), %rax #* ivtmp.1162, tmp82 movq (%rax), %rdi #, prephitmp.1149 .L218: testb $1, %dil #, prephitmp.1149 jne .L217 #, testq %rdi, %rdi # prephitmp.1149 je .L203 #, cmpq $-1, %rdi #, prephitmp.1149 je .L217 #, movl 8(%rdi), %esi # ._count.counter, c testl %esi, %esi # c je .L218 #, after: .L212: movq (%rbx), %rax #* ivtmp.1109, tmp81 movq (%rax), %rdi #, ret testb $1, %dil #, ret jne .L211 #, testq %rdi, %rdi # ret je .L197 #, cmpq $-1, %rdi #, ret je .L211 #, movl 8(%rdi), %esi # ._count.counter, c testl %esi, %esi # c je .L212 #, (notice the obvious infinite loop in the first example, if page->count remains 0) Signed-off-by: Nick Piggin Reviewed-by: Paul E. McKenney Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman

ath9k: enable RXing of beacons on STA/IBSS

2009-01-18T18:44:04Z

commit ffb826767bffda61426d964a8fc24a216a14b0bd upstream. This enables beacons to come through on STA/IBSS. It should fix sporadic connection issues. Right now mac80211 expect beacons so give it beacons. Signed-off-by: Luis R. Rodriguez Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman