user/sven/linux.git, branch v2.6.29.2 Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v2.6.29.2 2009-04-27T17:37:11Z Linux 2.6.29.2 2009-04-27T17:37:11Z Chris Wright chrisw@sous-sol.org 2009-04-27T17:37:11Z urn:sha1:e34454757fb87ecac1f76e4169cff6b74ba7ec44 Bonding: fix zero address hole bug in arp_ip_target list 2009-04-27T17:37:05Z Brian Haley brian.haley@hp.com 2009-04-13T07:11:30Z urn:sha1:5f9645212515279c4876ff0200fe7fa51dfb57ce upstream commit: 5a31bec014449dc9ca994e4c1dbf2802b7ca458a Fix a zero address hole bug in the bonding arp_ip_target list that was causing the bond to ignore ARP replies (bugz 13006). Instead of just setting the array entry to zero, we now copy any additional entries down one slot, putting the zero entry at the end. With this change we can now have all the loops that walk the array stop when they hit a zero since there will be no addresses after it. Changes are based in part on code fragment provided in kernel: bugzilla 13006: http://bugzilla.kernel.org/show_bug.cgi?id=13006 by Steve Howard <steve@astutenetworks.com> Signed-off-by: Brian Haley <brian.haley@hp.com> Signed-off-by: Jay Vosburgh <fubar@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Chris Wright <chrisw@sous-sol.org> skge: fix occasional BUG during MTU change 2009-04-27T17:37:05Z Michal Schmidt mschmidt@redhat.com 2009-04-14T22:16:55Z urn:sha1:9fc79ab9a371b45166d80ef18411ea47cf8e3195 upstream commit: d119b3927994e3d620d6adb0dd1ea6bf24427875 The BUG_ON(skge->tx_ring.to_use != skge->tx_ring.to_clean) in skge_up() was sometimes observed when setting MTU. skge_down() disables the TX queue, but then reenables it by mistake via skge_tx_clean(). Fix it by moving the waking of the queue from skge_tx_clean() to the other caller. And to make sure start_xmit is not in progress on another CPU, skge_down() should call netif_tx_disable(). The bug was reported to me by Jiri Jilek whose Debian system sometimes failed to boot. He tested the patch and the bug did not happen anymore. Signed-off-by: Michal Schmidt <mschmidt@redhat.com> Acked-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Chris Wright <chrisw@sous-sol.org> scsi: mpt: suppress debugobjects warning 2009-04-27T17:37:05Z Eric Paris eparis@parisplace.org 2009-04-21T21:20:02Z urn:sha1:24016c735e651f179692432f18176348caeb82b0 upstream commit: b298cecb3deddf76d60022473a57f1cb776cbdcd Addresses http://bugzilla.kernel.org/show_bug.cgi?id=13133 ODEBUG: object is on stack, but not annotated ------------[ cut here ]------------ WARNING: at lib/debugobjects.c:253 __debug_object_init+0x1f3/0x276() Hardware name: VMware Virtual Platform Modules linked in: mptspi(+) mptscsih mptbase scsi_transport_spi ext3 jbd mbcache Pid: 540, comm: insmod Not tainted 2.6.28-mm1 #2 Call Trace: [<c042c51c>] warn_slowpath+0x74/0x8a [<c0469600>] ? start_critical_timing+0x96/0xb7 [<c060c8ea>] ? _spin_unlock_irqrestore+0x2f/0x3c [<c0446fad>] ? trace_hardirqs_off_caller+0x18/0xaf [<c044704f>] ? trace_hardirqs_off+0xb/0xd [<c060c8ea>] ? _spin_unlock_irqrestore+0x2f/0x3c [<c042cb84>] ? release_console_sem+0x1a5/0x1ad [<c05013e6>] __debug_object_init+0x1f3/0x276 [<c0501494>] debug_object_init+0x13/0x17 [<c0433c56>] init_timer+0x10/0x1a [<e08e5b54>] mpt_config+0x1c1/0x2b7 [mptbase] [<e08e3b82>] ? kmalloc+0x8/0xa [mptbase] [<e08e3b82>] ? kmalloc+0x8/0xa [mptbase] [<e08e6fa2>] mpt_do_ioc_recovery+0x950/0x1212 [mptbase] [<c04496c2>] ? __lock_acquire+0xa69/0xacc [<c060c8f1>] ? _spin_unlock_irqrestore+0x36/0x3c [<c060c3af>] ? _spin_unlock_irq+0x22/0x26 [<c04f2d8b>] ? string+0x2b/0x76 [<c04f310e>] ? vsnprintf+0x338/0x7b3 [<c04496c2>] ? __lock_acquire+0xa69/0xacc [<c060c8ea>] ? _spin_unlock_irqrestore+0x2f/0x3c [<c04496c2>] ? __lock_acquire+0xa69/0xacc [<c044897d>] ? debug_check_no_locks_freed+0xeb/0x105 [<c060c8f1>] ? _spin_unlock_irqrestore+0x36/0x3c [<c04488bc>] ? debug_check_no_locks_freed+0x2a/0x105 [<c0446b8c>] ? lock_release_holdtime+0x43/0x48 [<c043f742>] ? up_read+0x16/0x29 [<c05076f8>] ? pci_get_slot+0x66/0x72 [<e08e89ca>] mpt_attach+0x881/0x9b1 [mptbase] [<e091c8e5>] mptspi_probe+0x11/0x354 [mptspi] Noticing that every caller of mpt_config has its CONFIGPARMS struct declared on the stack and thus the &pCfg->timer is always on the stack I changed init_timer() to init_timer_on_stack() and it seems to have shut up..... Cc: "Moore, Eric Dean" <Eric.Moore@lsil.com> Cc: James Bottomley <James.Bottomley@HansenPartnership.com> Cc: Thomas Gleixner <tglx@linutronix.de> Acked-by: "Desai, Kashyap" <Kashyap.Desai@lsi.com> Cc: <stable@kernel.org> [2.6.29.x] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Chris Wright <chrisw@sous-sol.org> hugetlbfs: return negative error code for bad mount option 2009-04-27T17:37:05Z Akinobu Mita akinobu.mita@gmail.com 2009-04-21T21:20:04Z urn:sha1:5a9b5af39e948919f272867516faa61c093124f6 upstream commit: c12ddba09394c60e1120e6997794fa6ed52da884 This fixes the following BUG: # mount -o size=MM -t hugetlbfs none /huge hugetlbfs: Bad value 'MM' for mount option 'size=MM' ------------[ cut here ]------------ kernel BUG at fs/super.c:996! Due to BUG_ON(!mnt->mnt_sb); in vfs_kern_mount(). Also, remove unused #include <linux/quotaops.h> Cc: William Irwin <wli@holomorphy.com> Cc: <stable@kernel.org> Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Chris Wright <chrisw@sous-sol.org> NFS: Fix the XDR iovec calculation in nfs3_xdr_setaclargs 2009-04-27T17:37:05Z Trond Myklebust Trond.Myklebust@netapp.com 2009-04-21T21:20:08Z urn:sha1:52f8cf35ef8716fbcb00ffe3a680d2a4c54e412d upstream commit: 8340437210390676f687633a80e3748c40885dc8 Commit ae46141ff08f1965b17c531b571953c39ce8b9e2 (NFSv3: Fix posix ACL code) introduces a bug in the calculation of the XDR header iovec. In the case where we are inlining the acls, we need to adjust the length of the iovec req->rq_svec, in addition to adjusting the total buffer length. Tested-by: Leonardo Chiquitto <leonardo.lists@gmail.com> Tested-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Cc: stable@kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Chris Wright <chrisw@sous-sol.org> gso: Fix support for linear packets 2009-04-27T17:37:05Z Herbert Xu herbert@gondor.apana.org.au 2009-04-21T11:31:50Z urn:sha1:d6af2381754182d727fb4682e785f56ae8508210 upstream commit: 2f181855a0b3c2b39314944add7b41c15647cf86 When GRO/frag_list support was added to GSO, I made an error which broke the support for segmenting linear GSO packets (GSO packets are normally non-linear in the payload). These days most of these packets are constructed by the tun driver, which prefers to allocate linear memory if possible. This is fixed in the latest kernel, but for 2.6.29 and earlier it is still the norm. Therefore this bug causes failures with GSO when used with tun in 2.6.29. Reported-by: James Huang <jamesclhuang@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Chris Wright <chrisw@sous-sol.org> agp: zero pages before sending to userspace 2009-04-27T17:37:05Z Shaohua Li shaohua.li@intel.com 2009-04-20T00:08:35Z urn:sha1:0702b646e5bdc16af64ef6f663e5275a02bf40cd upstream commit: 59de2bebabc5027f93df999d59cc65df591c3e6e CVE-2009-1192 AGP pages might be mapped into userspace finally, so the pages should be set to zero before userspace can use it. Otherwise there is potential information leakage. Signed-off-by: Shaohua Li <shaohua.li@intel.com> Signed-off-by: Dave Airlie <airlied@redhat.com> Signed-off-by: Chris Wright <chrisw@sous-sol.org> virtio: fix suspend when using virtio_balloon 2009-04-27T17:37:04Z Marcelo Tosatti mtosatti@redhat.com 2009-04-19T18:05:04Z urn:sha1:7b0e3850488bbd218b6ea4cc0e5c6e549995a6f7 upstream commit: 84a139a985300901dfad99bd93c7345d180af860 Break out of wait_event_interruptible() if freezing has been requested, in the vballoon thread. Without this change vballoon refuses to stop and the system can't suspend. Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Cc: stable@kernel.org Signed-off-by: Chris Wright <chrisw@sous-sol.org> Revert "console ASCII glyph 1:1 mapping" 2009-04-27T17:37:04Z Samuel Thibault samuel.thibault@ens-lyon.org 2009-04-19T18:05:02Z urn:sha1:cbe8fe4ae7f8bcc410c105810b263abf24439a53 upstream commit: c0b7988200a82290287c6f4cd49585007f73175a This reverts commit 1c55f18717304100a5f624c923f7cb6511b4116d. Ingo Brueckl was assuming that reverting to 1:1 mapping for chars >= 128 was not useful, but it happens to be: due to the limitations of the Linux console, when a blind user wants to read BIG5 on it, he has no other way than loading a font without SFM and let the 1:1 mapping permit the screen reader to get the BIG5 encoding. Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Cc: stable@kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Chris Wright <chrisw@sous-sol.org>