user/sven/linux.git/kernel, branch v2.6.22.3

fix oops in __audit_signal_info()

2007-08-15T16:25:08Z

Check for audit_signals is misplaced and check for audit_dummy_context() is missing; as the result, if we send signal to auditd from task with NULL ->audit_context while we have audit_signals != 0 we end up with an oops. Signed-off-by: Al Viro Acked-by: James Morris Signed-off-by: Greg Kroah-Hartman

destroy_workqueue() can livelock

2007-08-09T21:27:41Z

Pointed out by Michal Schmidt . The bug was introduced in 2.6.22 by me. cleanup_workqueue_thread() does flush_cpu_workqueue(cwq) in a loop until ->worklist becomes empty. This is live-lockable, a re-niced caller can get CPU after wake_up() and insert a new barrier before the lower-priority cwq->thread has a chance to clear ->current_work. Change cleanup_workqueue_thread() to do flush_cpu_workqueue(cwq) only once. We can rely on the fact that run_workqueue() won't return until it flushes all works. So it is safe to call kthread_stop() after that, the "should stop" request won't be noticed until run_workqueue() returns. Signed-off-by: Oleg Nesterov Cc: Michal Schmidt Cc: Srivatsa Vaddagiri Signed-off-by: Andrew Morton Signed-off-by: Greg Kroah-Hartman

futex: pass nr_wake2 to futex_wake_op

2007-08-09T21:27:36Z

The fourth argument of sys_futex is ignored when op == FUTEX_WAKE_OP, but futex_wake_op expects it as its nr_wake2 parameter. The only user of this operation in glibc is always passing 1, so this bug had no consequences so far. Signed-off-by: Andreas Schwab Cc: Ingo Molnar Signed-off-by: Ulrich Drepper Signed-off-by: Andrew Morton Signed-off-by: Greg Kroah-Hartman

Fix leaks on /proc/{*/sched, sched_debug, timer_list, timer_stats}

2007-08-09T21:27:36Z

On every open/close one struct seq_operations leaks. Kudos to /proc/slab_allocators. Signed-off-by: Alexey Dobriyan Acked-by: Ingo Molnar Signed-off-by: Andrew Morton Signed-off-by: Greg Kroah-Hartman

Fix leak on /proc/lockdep_stats

2007-08-09T21:27:34Z

Signed-off-by: Alexey Dobriyan Signed-off-by: Andrew Morton Signed-off-by: Greg Kroah-Hartman

NTP: remove clock_was_set() call to prevent deadlock

2007-07-03T20:54:27Z

The clock_was_set() call in seconds_overflow() which happens only when leap seconds are inserted / deleted is wrong in two aspects: 1. it results in a call to on_each_cpu() with interrupts disabled 2. it is potential deadlock source vs. call_lock in smp_call_function() The only possible side effect of the removal might be, that an absolute CLOCK_REALTIME timer fires 1 second too late, in the rare case of leap second deletion and an absolute CLOCK_REALTIME timer which expires in the affected time frame. It will never fire too early. This was probably observed by the reporter of a June 30th -> July 1st hang: http://lkml.org/lkml/2007/7/3/103 A similar problem was observed by Dave Jones, who provided a screen shot with a lockdep back trace, which allowed to analyse the problem. Signed-off-by: Thomas Gleixner Acked-by: Ingo Molnar Signed-off-by: Linus Torvalds

PM: introduce set_target method in pm_ops

2007-07-01T19:29:44Z

Commit 52ade9b3b97fd3bea42842a056fe0786c28d0555 changed the suspend code ordering to execute pm_ops->prepare() after the device model per-device .suspend() calls in order to fix some ACPI-related issues. Unfortunately, it broke the at91 platform which assumed that pm_ops->prepare() would be called before suspending devices. at91 used pm_ops->prepare() to get notified of the target system sleep state, so that it could use this information while suspending devices. However, with the current suspend code ordering pm_ops->prepare() is called too late for this purpose. Thus, at91 needs an additional method in 'struct pm_ops' that will be used for notifying the platform of the target system sleep state. Moreover, in the future such a method will also be needed by ACPI. This patch adds the .set_target() method to 'struct pm_ops' and makes the suspend code call it, if implemented, before executing the device model per-device .suspend() calls. It also modifies the at91 code to use pm_ops->set_target() instead of pm_ops->prepare(). Signed-off-by: Rafael J. Wysocki Acked-by: David Brownell Cc: Pavel Machek Cc: Johannes Berg Cc: Len Brown Cc: Greg KH Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

relayfs: fix overwrites

2007-06-28T18:38:18Z

When I use relayfs with "overwrite" mode, read() still sets incorrect number of consumed bytes. Signed-off-by: Masami Hiramatsu Acked-by: Tom Zanussi Acked-by: David Wilder Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

relay file read: start-pos fix

2007-06-28T18:34:54Z

Fix a bug in the relay read interface causing the number of consumed bytes to be set incorrectly. Signed-off-by: Tom Zanussi Signed-off-by: David Wilder Cc: Masami Hiramatsu Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds

FUTEX: Restore the dropped ERSCH fix

2007-06-24T19:08:53Z

The return value of futex_find_get_task() needs to be -ESRCH in case that the search fails. This was part of the original futex fixes and got accidentally dropped, when the futex-tidy-up patch was split out. Signed-off-by: Thomas Gleixner Cc: Ingo Molnar Cc: Stable Team Signed-off-by: Linus Torvalds