linux.git
28 hours agoMerge branch 'for-3.17-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj... master torvalds/master
Linus Torvalds [Thu, 21 Aug 2014 21:26:27 +0000 (14:26 -0700)]
Merge branch 'for-3.17-fixes' of git://git./linux/kernel/git/tj/libata

Pull libata fixes from Tejun Heo:
 "Nothing drastic but pushing out early due to build breakage in the new
  tegra platform.

  Additionally:

   - M550 tagged trim blacklist pattern is widened so that it matches
     the new 1TB model

   - three controller specific fixes"

* 'for-3.17-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata:
  libata: widen Crucial M550 blacklist matching
  pata_scc: propagate return value of scc_wait_after_reset
  ata: ahci_tegra: Change include to fix compilation
  pata_samsung_cf: change ret type to signed
  ahci_xgene: Removing NCQ support from the APM X-Gene SoC AHCI SATA Host Controller driver.

28 hours agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid
Linus Torvalds [Thu, 21 Aug 2014 21:25:20 +0000 (14:25 -0700)]
Merge branch 'for-linus' of git://git./linux/kernel/git/jikos/hid

Pull HID fixes from Jiri Kosina:

 - fixes for a couple potential memory corruption problems (the HW would
   have to be manufactured to be deliberately evil to trigger those)
   found by Ben Hawkes
 - fix for potential infinite loop when using sysfs interface of
   logitech driver, from Simon Wood
 - a couple more simple driver fixes

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
  HID: fix a couple of off-by-ones
  HID: logitech: perform bounds checking on device_id early enough
  HID: logitech: fix bounds checking on LED report size
  HID: logitech: Prevent possibility of infinite loop when using /sys interface
  HID: rmi: print an error if F11 is not found instead of stopping the device
  HID: hid-sensor-hub: use devm_ functions consistently
  HID: huion: Use allocated buffer for DMA
  HID: huion: Fail on parameter retrieval errors

28 hours agoMerge tag 'sound-3.17-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai...
Linus Torvalds [Thu, 21 Aug 2014 21:24:40 +0000 (14:24 -0700)]
Merge tag 'sound-3.17-rc2' of git://git./linux/kernel/git/tiwai/sound

Pull sound fixes from Takashi Iwai:
 "A bunch of ASoC fixes with a few HD-audio fixes in this pull request.

  All fairly small, boring and device-specific fixes, in addition to
  MAINTAINERS update for better reviewing"

* tag 'sound-3.17-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
  ALSA: hda/hdmi - apply Valleyview fix-ups to Cherryview display codec
  ALSA: hda/hdmi - set depop_delay for haswell plus
  ALSA: hda - restore the gpio led after resume
  ALSA: hda/realtek - Avoid setting wrong COEF on ALC269 & co
  ASoC: pxa-ssp: drop SNDRV_PCM_FMTBIT_S24_LE
  ASoC: fsl-esai: Revert .xlate_tdm_slot_mask() support
  ASoC: mcasp: Fix implicit BLCK divider setting
  ASoC: arizona: Fix TDM slot length handling in arizona_hw_params
  ASoC: pcm512x: Correct Digital Playback control names
  ASoC: dapm: Fix uninitialized variable in snd_soc_dapm_get_enum_double()
  ASoC: Intel: Restore Baytrail ADSP streams only when ADSP was in reset
  ASoC: Intel: Wait Baytrail ADSP boot at resume_early stage
  ASoC: Intel: Merge Baytrail ADSP suspend_noirq into suspend_late
  MAINTAINERS: Add i.MX maintainers and paths to Freescale ASoC entry
  ASoC: Intel: Update Baytrail ADSP firmware name

28 hours agoMerge branch 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa...
Linus Torvalds [Thu, 21 Aug 2014 21:07:44 +0000 (14:07 -0700)]
Merge branch 'i2c/for-next' of git://git./linux/kernel/git/wsa/linux

Pull i2c fixes from Wolfram Sang:
 "Here is the fixup for the 'lowlight' of my last pull request.  I2C is
  not selected anymore by I2C_ACPI.  Instead, the code in question now
  depends on I2C=y.

  Also, Mika has agreed to support me and be the maintainer for I2C-ACPI
  related patches.  Finally, a new-ID-patch came along last week"

* 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
  MAINTAINERS: add maintainer for ACPI parts of I2C
  i2c: i801: Add PCI ID for Intel Braswell
  i2c: rework kernel config I2C_ACPI

28 hours agoMerge tag 'please-pull-memfd_create' of git://git.kernel.org/pub/scm/linux/kernel...
Linus Torvalds [Thu, 21 Aug 2014 21:06:56 +0000 (14:06 -0700)]
Merge tag 'please-pull-memfd_create' of git://git./linux/kernel/git/aegl/linux

Pull ia64 update from Tony Luck:
 "Add memfd_create syscall to ia64"

* tag 'please-pull-memfd_create' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux:
  [IA64] Wire up memfd_create() system call

28 hours agoMerge tag 'microblaze-3.17-rc2' of git://git.monstr.eu/linux-2.6-microblaze
Linus Torvalds [Thu, 21 Aug 2014 21:06:18 +0000 (14:06 -0700)]
Merge tag 'microblaze-3.17-rc2' of git://git.monstr.eu/linux-2.6-microblaze

Pull microblaze update from Michal Simek:
 "Wire-up seccomp/getrandom/memfd_create syscalls"

* tag 'microblaze-3.17-rc2' of git://git.monstr.eu/linux-2.6-microblaze:
  microblaze: Wire-up memfd_create syscall
  microblaze: Wire-up getrandom syscall
  microblaze: Wire-up seccomp syscall

33 hours agoHID: fix a couple of off-by-ones
Jiri Kosina [Thu, 21 Aug 2014 14:57:48 +0000 (09:57 -0500)]
HID: fix a couple of off-by-ones

There are a few very theoretical off-by-one bugs in report descriptor size
checking when performing a pre-parsing fixup. Fix those.

Cc: stable@vger.kernel.org
Reported-by: Ben Hawkes <hawkes@google.com>
Reviewed-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
33 hours agoHID: logitech: perform bounds checking on device_id early enough
Jiri Kosina [Thu, 21 Aug 2014 14:57:17 +0000 (09:57 -0500)]
HID: logitech: perform bounds checking on device_id early enough

device_index is a char type and the size of paired_dj_deivces is 7
elements, therefore proper bounds checking has to be applied to
device_index before it is used.

We are currently performing the bounds checking in
logi_dj_recv_add_djhid_device(), which is too late, as malicious device
could send REPORT_TYPE_NOTIF_DEVICE_UNPAIRED early enough and trigger the
problem in one of the report forwarding functions called from
logi_dj_raw_event().

Fix this by performing the check at the earliest possible ocasion in
logi_dj_raw_event().

Cc: stable@vger.kernel.org
Reported-by: Ben Hawkes <hawkes@google.com>
Reviewed-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
33 hours agoHID: logitech: fix bounds checking on LED report size
Jiri Kosina [Thu, 21 Aug 2014 14:56:47 +0000 (09:56 -0500)]
HID: logitech: fix bounds checking on LED report size

The check on report size for REPORT_TYPE_LEDS in logi_dj_ll_raw_request()
is wrong; the current check doesn't make any sense -- the report allocated
by HID core in hid_hw_raw_request() can be much larger than
DJREPORT_SHORT_LENGTH, and currently logi_dj_ll_raw_request() doesn't
handle this properly at all.

Fix the check by actually trimming down the report size properly if it is
too large.

Cc: stable@vger.kernel.org
Reported-by: Ben Hawkes <hawkes@google.com>
Reviewed-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
41 hours agomicroblaze: Wire-up memfd_create syscall
Michal Simek [Thu, 21 Aug 2014 08:19:28 +0000 (10:19 +0200)]
microblaze: Wire-up memfd_create syscall

Add new memfd_create syscall.

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
41 hours agomicroblaze: Wire-up getrandom syscall
Michal Simek [Thu, 7 Aug 2014 13:59:05 +0000 (15:59 +0200)]
microblaze: Wire-up getrandom syscall

Add new getrandom syscall.

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
41 hours agomicroblaze: Wire-up seccomp syscall
Michal Simek [Thu, 7 Aug 2014 13:57:41 +0000 (15:57 +0200)]
microblaze: Wire-up seccomp syscall

Add new seccomp syscall.

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
2 days agoMerge branch 'for-linus' of git://git.samba.org/sfrench/cifs-2.6
Linus Torvalds [Wed, 20 Aug 2014 23:33:21 +0000 (18:33 -0500)]
Merge branch 'for-linus' of git://git.samba.org/sfrench/cifs-2.6

Pull cifs fixes from Steve French:
 "Most important fixes in this set include three SMB3 fixes for stable
  (including fix for possible kernel oops), and a workaround to allow
  writes to Mac servers (only cifs dialect, not more current SMB2.1,
  worked to Mac servers).  Also fallocate support added, and lease fix
  from Jeff"

* 'for-linus' of git://git.samba.org/sfrench/cifs-2.6:
  [SMB3] Enable fallocate -z support for SMB3 mounts
  enable fallocate punch hole ("fallocate -p") for SMB3
  Incorrect error returned on setting file compressed on SMB2
  CIFS: Fix wrong directory attributes after rename
  CIFS: Fix SMB2 readdir error handling
  [CIFS] Possible null ptr deref in SMB2_tcon
  [CIFS] Workaround MacOS server problem with SMB2.1 write  response
  cifs: handle lease F_UNLCK requests properly
  Cleanup sparse file support by creating worker function for it
  Add sparse file support to SMB2/SMB3 mounts
  Add missing definitions for CIFS File System Attributes
  cifs: remove unused function cifs_oplock_break_wait

2 days agoMerge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
Linus Torvalds [Wed, 20 Aug 2014 23:32:16 +0000 (18:32 -0500)]
Merge branch 'for_linus' of git://git./linux/kernel/git/jack/linux-fs

Pull filesystem fixes from Jan Kara:
 "udf, isofs, and ext3 bug fixes"

* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs:
  ext3: Count internal journal as bsddf overhead in ext3_statfs
  isofs: Fix unbounded recursion when processing relocated directories
  udf: avoid unneeded up_write when fail to add entry in ->symlink

2 days agoMerge branch 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86
Linus Torvalds [Wed, 20 Aug 2014 23:23:06 +0000 (18:23 -0500)]
Merge branch 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86

Pull x86 platform driver revert from Matthew Garrett:
 "This clearly shouldn't have been merged.  No excuse on my part"

* 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86:
  Revert "platform/x86/toshiba-apci.c possible bad if test?"

2 days agoMerge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Linus Torvalds [Wed, 20 Aug 2014 23:22:10 +0000 (18:22 -0500)]
Merge tag 'for-linus' of git://git./virt/kvm/kvm

Pull KVM fixes from Paolo Bonzini:
 "Reverting a 3.16 patch, fixing two bugs in device assignment (one has
  a CVE), and fixing some problems introduced during the merge window
  (the CMA bug came in via Andrew, the x86 ones via yours truly)"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  virt/kvm/assigned-dev.c: Set 'dev->irq_source_id' to '-1' after free it
  Revert "KVM: x86: Increase the number of fixed MTRR regs to 10"
  KVM: x86: do not check CS.DPL against RPL during task switch
  KVM: x86: Avoid emulating instructions on #UD mistakenly
  PC, KVM, CMA: Fix regression caused by wrong get_order() use
  kvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601)

2 days agoMerge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
Linus Torvalds [Wed, 20 Aug 2014 23:20:50 +0000 (18:20 -0500)]
Merge tag 'scsi-fixes' of git://git./linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:
 "These are the two bug fixes I mentioned in the final merge window
  pull.  One is a reversed logic check in the device busy tests which
  can cause a nasty hang and another crash seen in the new SCSI pool
  support if the use count ever goes to zero"

[ The device busy test already got merged from a patch earlier, so is
  now duplicated.  ]

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
  [SCSI] save command pool address of Scsi_Host
  [SCSI] fix qemu boot hang problem

2 days agoRevert "platform/x86/toshiba-apci.c possible bad if test?"
Matthew Garrett [Wed, 20 Aug 2014 15:18:18 +0000 (08:18 -0700)]
Revert "platform/x86/toshiba-apci.c possible bad if test?"

This reverts commit bdc3ae7221213963f438faeaa69c8b4a2195f491.

Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
3 days agoext3: Count internal journal as bsddf overhead in ext3_statfs
Chin-Tsung Cheng [Fri, 15 Aug 2014 07:49:31 +0000 (15:49 +0800)]
ext3: Count internal journal as bsddf overhead in ext3_statfs

The journal blocks of external journal device should not
be counted as overhead.

Signed-off-by: Chin-Tsung Cheng <chintzung@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
3 days agoscsi: Fix qemu boot hang problem
Guenter Roeck [Sun, 10 Aug 2014 12:54:25 +0000 (05:54 -0700)]
scsi: Fix qemu boot hang problem

The latest kernel fails to boot qemu arm images when using scsi
for disk access. Boot gets stuck after the following messages.

brd: module loaded
sym53c8xx 0000:00:0c.0: enabling device (0100 -> 0103)
sym0: <895a> rev 0x0 at pci 0000:00:0c.0 irq 93
sym0: No NVRAM, ID 7, Fast-40, LVD, parity checking
sym0: SCSI BUS has been reset.
scsi host0: sym-2.2.3

Bisect points to commit 71e75c97f97a ("scsi: convert device_busy to
atomic_t"). Code inspection shows the following suspicious change
in scsi_request_fn.

out_delay:
-       if (sdev->device_busy == 0 && !scsi_device_blocked(sdev))
+       if (atomic_read(&sdev->device_busy) && !scsi_device_blocked(sdev))
blk_delay_queue(q, SCSI_QUEUE_DELAY);
}

'sdev->device_busy == 0' was replaced with 'atomic_read(&sdev->device_busy)',
meaning the logic was reversed. Changing this expression to
'!atomic_read(&sdev->device_busy)' fixes the problem.

Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Acked-by: Jens Axboe <axboe@fb.com>
Reviewed-by: Venkatesh Srinivas <venkateshs@google.com>
Reviewed-by: Webb Scales <webbnh@hp.com>
Cc: Christoph Hellwig <hch@lst.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
3 days agoisofs: Fix unbounded recursion when processing relocated directories
Jan Kara [Sun, 17 Aug 2014 09:49:57 +0000 (11:49 +0200)]
isofs: Fix unbounded recursion when processing relocated directories

We did not check relocated directory in any way when processing Rock
Ridge 'CL' tag. Thus a corrupted isofs image can possibly have a CL
entry pointing to another CL entry leading to possibly unbounded
recursion in kernel code and thus stack overflow or deadlocks (if there
is a loop created from CL entries).

Fix the problem by not allowing CL entry to point to a directory entry
with CL entry (such use makes no good sense anyway) and by checking
whether CL entry doesn't point to itself.

CC: stable@vger.kernel.org
Reported-by: Chris Evans <cevans@google.com>
Signed-off-by: Jan Kara <jack@suse.cz>
3 days agoudf: avoid unneeded up_write when fail to add entry in ->symlink
Chao Yu [Sat, 9 Aug 2014 01:49:31 +0000 (09:49 +0800)]
udf: avoid unneeded up_write when fail to add entry in ->symlink

We have released the ->i_data_sem before invoking udf_add_entry(),
so in following error path, we should not release this lock again.

Signed-off-by: Chao Yu <chao2.yu@samsung.com>
Signed-off-by: Jan Kara <jack@suse.cz>
3 days agoMAINTAINERS: add maintainer for ACPI parts of I2C
Wolfram Sang [Tue, 19 Aug 2014 15:08:35 +0000 (10:08 -0500)]
MAINTAINERS: add maintainer for ACPI parts of I2C

Mika has done great work in that field, so let people know.

Signed-off-by: Wolfram Sang <wsa@the-dreams.de>
Acked-by: Mika Westerberg <mika.westerberg@linux.intel.com>
3 days agoi2c: i801: Add PCI ID for Intel Braswell
Alan Cox [Tue, 19 Aug 2014 14:37:28 +0000 (17:37 +0300)]
i2c: i801: Add PCI ID for Intel Braswell

The SMBus host controller is the same as used in Baytrail so add the new
PCI ID to the driver's list of supported IDs.

Signed-off-by: Alan Cox <alan@linux.intel.com>
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Signed-off-by: Wolfram Sang <wsa@the-dreams.de>
3 days agoi2c: rework kernel config I2C_ACPI
Lan Tianyu [Fri, 15 Aug 2014 05:38:59 +0000 (13:38 +0800)]
i2c: rework kernel config I2C_ACPI

Commit da3c6647(I2C/ACPI: Clean up I2C ACPI code and Add CONFIG_I2C_ACPI
config) adds a new kernel config I2C_ACPI and make I2C core built in
when the config is selected. This is wrong because distributions
etc generally compile I2C as a module and the commit broken that.
This patch is to rename I2C_ACPI to ACPI_I2C_OPREGION. New config
only controls ACPI I2C operation region code and depends on I2C=y.

Signed-off-by: Lan Tianyu <tianyu.lan@intel.com>
Reviewed-by: Mika Westerberg <mika.westerberg@linux.intel.com>
[wsa: removed unrelated change for Kconfig]
Signed-off-by: Wolfram Sang <wsa@the-dreams.de>
3 days agoMerge tag 'md/3.17-fixes' of git://neil.brown.name/md
Linus Torvalds [Tue, 19 Aug 2014 14:47:01 +0000 (09:47 -0500)]
Merge tag 'md/3.17-fixes' of git://neil.brown.name/md

Pull md bugfixes from Neil Brown:
 "Here are the bug-fixes I promised :-)

  Funny how you start looking for one and other start appearing.

   - raid6 data corruption during recovery
   - raid6 livelock
   - raid10 memory leaks"

* tag 'md/3.17-fixes' of git://neil.brown.name/md:
  md/raid10: always initialise ->state on newly allocated r10_bio
  md/raid10: avoid memory leak on error path during reshape.
  md/raid10: Fix memory leak when raid10 reshape completes.
  md/raid10: fix memory leak when reshaping a RAID10.
  md/raid6: avoid data corruption during recovery of double-degraded RAID6
  md/raid5: avoid livelock caused by non-aligned writes.

3 days agoMerge tag 'pci-v3.17-changes-3' of git://git.kernel.org/pub/scm/linux/kernel/git...
Linus Torvalds [Tue, 19 Aug 2014 14:45:31 +0000 (09:45 -0500)]
Merge tag 'pci-v3.17-changes-3' of git://git./linux/kernel/git/helgaas/pci

Pull PCI changes from Bjorn Helgaas:
 "Marvell MVEBU
    - Remove ARCH_KIRKWOOD dependency (Andrew Lunn)

  NVIDIA Tegra
    - Add debugfs support (Thierry Reding)

  Synopsys DesignWare
    - Look for configuration space in 'reg', not 'ranges' (Kishon Vijay Abraham I)
    - Program ATU with untranslated address (Kishon Vijay Abraham I)
    - Add config access-related pcie_host_ops for v3.65 hardware (Murali Karicheri)
    - Add MSI-related pcie_host_ops for v3.65 hardware (Murali Karicheri)

  TI DRA7xx
    - Add TI DR7xx PCIe driver (Kishon Vijay Abraham I)"

* tag 'pci-v3.17-changes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
  PCI: designware: Add MSI-related pcie_host_ops for v3.65 hardware
  PCI: designware: Add config access-related pcie_host_ops for v3.65 hardware
  PCI: dra7xx: Add TI DRA7xx PCIe driver
  PCI: designware: Program ATU with untranslated address
  PCI: designware: Look for configuration space in 'reg', not 'ranges'
  PCI: tegra: Add debugfs support
  PCI: mvebu: Remove ARCH_KIRKWOOD dependency

3 days agoMerge tag 'devicetree-for-linus' of git://git.secretlab.ca/git/linux
Linus Torvalds [Tue, 19 Aug 2014 14:43:48 +0000 (09:43 -0500)]
Merge tag 'devicetree-for-linus' of git://git.secretlab.ca/git/linux

Pull devicetree fixes from Grant Likely:
 "Three more commits needed for v3.17: A bug fix for reserved regions
  based at address zero, a clarification on how to interpret existence
  of both interrupts and interrupts-extended properties, and a fix to
  allow device tree testcases to run on any platform"

* tag 'devicetree-for-linus' of git://git.secretlab.ca/git/linux:
  of/irq: Fix lookup to use 'interrupts-extended' property first
  Enabling OF selftest to run without machine's devicetree
  of: Allow mem_reserve of memory with a base address of zero

3 days agofrv: Define cpu_relax_lowlatency()
Davidlohr Bueso [Mon, 18 Aug 2014 20:00:39 +0000 (13:00 -0700)]
frv: Define cpu_relax_lowlatency()

3a6bfbc91df0 "(arch,locking: Ciao arch_mutex_cpu_relax()") broke
building the frv arch.  Fixes errors such as:

  kernel/locking/mcs_spinlock.h:87:2: error: implicit declaration of function 'cpu_relax_lowlatency'

Signed-off-by: Davidlohr Bueso <davidlohr@hp.com>
Compile-tested-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
3 days agovirt/kvm/assigned-dev.c: Set 'dev->irq_source_id' to '-1' after free it
Chen Gang [Fri, 8 Aug 2014 15:37:59 +0000 (23:37 +0800)]
virt/kvm/assigned-dev.c: Set 'dev->irq_source_id' to '-1' after free it

As a generic function, deassign_guest_irq() assumes it can be called
even if assign_guest_irq() is not be called successfully (which can be
triggered by ioctl from user mode, indirectly).

So for assign_guest_irq() failure process, need set 'dev->irq_source_id'
to -1 after free 'dev->irq_source_id', or deassign_guest_irq() may free
it again.

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 days agoRevert "KVM: x86: Increase the number of fixed MTRR regs to 10"
Paolo Bonzini [Mon, 18 Aug 2014 14:39:48 +0000 (16:39 +0200)]
Revert "KVM: x86: Increase the number of fixed MTRR regs to 10"

This reverts commit 682367c494869008eb89ef733f196e99415ae862,
which causes 32-bit SMP Windows 7 guests to panic.

SeaBIOS has a limit on the number of MTRRs that it can handle,
and this patch exceeded the limit.  Better revert it.
Thanks to Nadav Amit for debugging the cause.

Cc: stable@nongnu.org
Reported-by: Wanpeng Li <wanpeng.li@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 days agoKVM: x86: do not check CS.DPL against RPL during task switch
Paolo Bonzini [Mon, 18 Aug 2014 11:15:51 +0000 (13:15 +0200)]
KVM: x86: do not check CS.DPL against RPL during task switch

This reverts the check added by commit 5045b468037d (KVM: x86: check CS.DPL
against RPL during task switch, 2014-05-15).  Although the CS.DPL=CS.RPL
check is mentioned in table 7-1 of the SDM as causing a #TSS exception,
it is not mentioned in table 6-6 that lists "invalid TSS conditions"
which cause #TSS exceptions. In fact it causes some tests to fail, which
pass on bare-metal.

Keep the rest of the commit, since we will find new uses for it in 3.18.

Reported-by: Nadav Amit <namit@cs.technion.ac.il>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 days agoKVM: x86: Avoid emulating instructions on #UD mistakenly
Nadav Amit [Wed, 13 Aug 2014 13:50:13 +0000 (16:50 +0300)]
KVM: x86: Avoid emulating instructions on #UD mistakenly

Commit d40a6898e5 mistakenly caused instructions which are not marked as
EmulateOnUD to be emulated upon #UD exception. The commit caused the check of
whether the instruction flags include EmulateOnUD to never be evaluated. As a
result instructions whose emulation is broken may be emulated.  This fix moves
the evaluation of EmulateOnUD so it would be evaluated.

Signed-off-by: Nadav Amit <namit@cs.technion.ac.il>
[Tweak operand order in &&, remove EmulateOnUD where it's now superfluous.
 - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 days agoPC, KVM, CMA: Fix regression caused by wrong get_order() use
Alexey Kardashevskiy [Thu, 14 Aug 2014 05:03:07 +0000 (15:03 +1000)]
PC, KVM, CMA: Fix regression caused by wrong get_order() use

fc95ca7284bc54953165cba76c3228bd2cdb9591 claims that there is no
functional change but this is not true as it calls get_order() (which
takes bytes) where it should have called order_base_2() and the kernel
stops on VM_BUG_ON().

This replaces get_order() with order_base_2() (round-up version of ilog2).

Suggested-by: Paul Mackerras <paulus@samba.org>
Cc: Alexander Graf <agraf@suse.de>
Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 days agokvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601)
Michael S. Tsirkin [Tue, 19 Aug 2014 11:14:50 +0000 (19:14 +0800)]
kvm: iommu: fix the third parameter of kvm_iommu_put_pages (CVE-2014-3601)

The third parameter of kvm_iommu_put_pages is wrong,
It should be 'gfn - slot->base_gfn'.

By making gfn very large, malicious guest or userspace can cause kvm to
go to this error path, and subsequently to pass a huge value as size.
Alternatively if gfn is small, then pages would be pinned but never
unpinned, causing host memory leak and local DOS.

Passing a reasonable but large value could be the most dangerous case,
because it would unpin a page that should have stayed pinned, and thus
allow the device to DMA into arbitrary memory.  However, this cannot
happen because of the condition that can trigger the error:

- out of memory (where you can't allocate even a single page)
  should not be possible for the attacker to trigger

- when exceeding the iommu's address space, guest pages after gfn
  will also exceed the iommu's address space, and inside
  kvm_iommu_put_pages() the iommu_iova_to_phys() will fail.  The
  page thus would not be unpinned at all.

Reported-by: Jack Morgenstein <jackm@mellanox.com>
Cc: stable@vger.kernel.org
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 days agoALSA: hda/hdmi - apply Valleyview fix-ups to Cherryview display codec
Libin Yang [Tue, 19 Aug 2014 08:20:12 +0000 (16:20 +0800)]
ALSA: hda/hdmi - apply Valleyview fix-ups to Cherryview display codec

Valleyview and Cherryview have the same behavior on display audio. So this patch
defines is_valleyview_plus() to include codecs for both Valleyview and its successor
Cherryview, and apply Valleyview fix-ups to Cherryview.

Signed-off-by: Libin Yang <libin.yang@intel.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
3 days agoALSA: hda/hdmi - set depop_delay for haswell plus
Libin Yang [Tue, 19 Aug 2014 08:20:11 +0000 (16:20 +0800)]
ALSA: hda/hdmi - set depop_delay for haswell plus

Both Haswell and Broadwell need set depop_delay to 0. So apply this
setting to haswell plus.

Signed-off-by: Libin Yang <libin.yang@intel.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
3 days agomd/raid10: always initialise ->state on newly allocated r10_bio
NeilBrown [Mon, 18 Aug 2014 04:38:45 +0000 (14:38 +1000)]
md/raid10: always initialise ->state on newly allocated r10_bio

Most places which allocate an r10_bio zero the ->state, some don't.
As the r10_bio comes from a mempool, and the allocation function uses
kzalloc it is often zero anyway.  But sometimes it isn't and it is
best to be safe.

I only noticed this because of the bug fixed by an earlier patch
where the r10_bios allocated for a reshape were left around to
be used by a subsequent resync.  In that case the R10BIO_IsReshape
flag caused problems.

Signed-off-by: NeilBrown <neilb@suse.de>
3 days agomd/raid10: avoid memory leak on error path during reshape.
NeilBrown [Mon, 18 Aug 2014 04:48:54 +0000 (14:48 +1000)]
md/raid10: avoid memory leak on error path during reshape.

If raid10 reshape fails to find somewhere to read a block
from, it returns without freeing memory...

Signed-off-by: NeilBrown <neilb@suse.de>
3 days agomd/raid10: Fix memory leak when raid10 reshape completes.
NeilBrown [Mon, 18 Aug 2014 03:59:50 +0000 (13:59 +1000)]
md/raid10: Fix memory leak when raid10 reshape completes.

When a raid10 commences a resync/recovery/reshape it allocates
some buffer space.
When a resync/recovery completes the buffer space is freed.  But not
when the reshape completes.
This can result in a small memory leak.

There is a subtle side-effect of this bug.  When a RAID10 is reshaped
to a larger array (more devices), the reshape is immediately followed
by a "resync" of the new space.  This "resync" will use the buffer
space which was allocated for "reshape".  This can cause problems
including a "BUG" in the SCSI layer.  So this is suitable for -stable.

Cc: stable@vger.kernel.org (v3.5+)
Fixes: 3ea7daa5d7fde47cd41f4d56c2deb949114da9d6
Signed-off-by: NeilBrown <neilb@suse.de>
3 days agomd/raid10: fix memory leak when reshaping a RAID10.
NeilBrown [Mon, 18 Aug 2014 03:56:38 +0000 (13:56 +1000)]
md/raid10: fix memory leak when reshaping a RAID10.

raid10 reshape clears unwanted bits from a bio->bi_flags using
a method which, while clumsy, worked until 3.10 when BIO_OWNS_VEC
was added.
Since then it clears that bit but shouldn't.  This results in a
memory leak.

So change to used the approved method of clearing unwanted bits.

As this causes a memory leak which can consume all of memory
the fix is suitable for -stable.

Fixes: a38352e0ac02dbbd4fa464dc22d1352b5fbd06fd
Cc: stable@vger.kernel.org (v3.10+)
Reported-by: mdraid.pkoch@dfgh.net (Peter Koch)
Signed-off-by: NeilBrown <neilb@suse.de>
3 days agoALSA: hda - restore the gpio led after resume
Hui Wang [Tue, 19 Aug 2014 04:07:03 +0000 (12:07 +0800)]
ALSA: hda - restore the gpio led after resume

On some HP laptops, the mute led is controlled by codec gpio.

When some machine resume from s3/s4, the codec gpio data will be
cleared to 0 by BIOS:
Before suspend:
  IO[3]: enable=1, dir=1, wake=0, sticky=0, data=1, unsol=0
After resume:
  IO[3]: enable=1, dir=1, wake=0, sticky=0, data=0, unsol=0

To skip the AFG node to enter D3 can't fix this problem.

A workaround is to restore the gpio data when the system resume
back from s3/s4. It is safe even on the machines without this
problem.

BugLink: https://bugs.launchpad.net/bugs/1358116
Tested-by: Franz Hsieh <franz.hsieh@canonical.com>
Cc: stable@vger.kernel.org
Signed-off-by: Hui Wang <hui.wang@canonical.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
4 days agolibata: widen Crucial M550 blacklist matching
Tejun Heo [Mon, 18 Aug 2014 21:40:09 +0000 (17:40 -0400)]
libata: widen Crucial M550 blacklist matching

Crucial M550 may cause data corruption on queued trims and is
blacklisted.  The pattern used for it fails to match 1TB one as the
capacity section will be four chars instead of three.  Widen the
pattern.

Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Charles Reiss <woggling@gmail.com>
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=81071
Cc: stable@vger.kernel.org
4 days ago[IA64] Wire up memfd_create() system call
Tony Luck [Mon, 18 Aug 2014 17:29:52 +0000 (10:29 -0700)]
[IA64] Wire up memfd_create() system call

Yet another system call. This one added by:

   commit 9183df25fe7b194563db3fec6dc3202a5855839c
   shm: add memfd_create() syscall

Signed-off-by: Tony Luck <tony.luck@intel.com>
4 days agopata_scc: propagate return value of scc_wait_after_reset
Arjun Sreedharan [Sun, 17 Aug 2014 14:30:09 +0000 (20:00 +0530)]
pata_scc: propagate return value of scc_wait_after_reset

scc_bus_softreset not necessarily should return zero.
Propagate the error code.

Signed-off-by: Arjun Sreedharan <arjun024@gmail.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: stable@vger.kernel.org
4 days agomd/raid6: avoid data corruption during recovery of double-degraded RAID6
NeilBrown [Tue, 12 Aug 2014 23:57:07 +0000 (09:57 +1000)]
md/raid6: avoid data corruption during recovery of double-degraded RAID6

During recovery of a double-degraded RAID6 it is possible for
some blocks not to be recovered properly, leading to corruption.

If a write happens to one block in a stripe that would be written to a
missing device, and at the same time that stripe is recovering data
to the other missing device, then that recovered data may not be written.

This patch skips, in the double-degraded case, an optimisation that is
only safe for single-degraded arrays.

Bug was introduced in 2.6.32 and fix is suitable for any kernel since
then.  In an older kernel with separate handle_stripe5() and
handle_stripe6() functions the patch must change handle_stripe6().

Cc: stable@vger.kernel.org (2.6.32+)
Fixes: 6c0069c0ae9659e3a91b68eaed06a5c6c37f45c8
Cc: Yuri Tikhonov <yur@emcraft.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Reported-by: "Manibalan P" <pmanibalan@amiindia.co.in>
Tested-by: "Manibalan P" <pmanibalan@amiindia.co.in>
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1090423
Signed-off-by: NeilBrown <neilb@suse.de>
Acked-by: Dan Williams <dan.j.williams@intel.com>
4 days agomd/raid5: avoid livelock caused by non-aligned writes.
NeilBrown [Tue, 12 Aug 2014 23:48:45 +0000 (09:48 +1000)]
md/raid5: avoid livelock caused by non-aligned writes.

If a stripe in a raid6 array received a write to each data block while
the array is degraded, and if any of these writes to a missing device
are not page-aligned, then a live-lock happens.

In this case the P and Q blocks need to be read so that the part of
the missing block which is *not* being updated by the write can be
constructed.  Due to a logic error, these blocks are not loaded, so
the update cannot proceed and the stripe is 'handled' repeatedly in an
infinite loop.

This bug is unlikely as most writes are page aligned.  However as it
can lead to a livelock it is suitable for -stable.  It was introduced
in 3.16.

Cc: stable@vger.kernel.org (v3.16)
Fixed: 67f455486d2ea20b2d94d6adf5b9b783d079e321
Signed-off-by: NeilBrown <neilb@suse.de>
5 days ago[SMB3] Enable fallocate -z support for SMB3 mounts
Steve French [Sun, 17 Aug 2014 23:16:40 +0000 (18:16 -0500)]
[SMB3] Enable fallocate -z support for SMB3 mounts

fallocate -z (FALLOC_FL_ZERO_RANGE) can map to SMB3
FSCTL_SET_ZERO_DATA SMB3 FSCTL but FALLOC_FL_ZERO_RANGE
when called without the FALLOC_FL_KEEPSIZE flag set could want
the file size changed so we can not support that subcase unless
the file is cached (and thus we know the file size).

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Pavel Shilovsky <pshilovsky@samba.org>
5 days agoenable fallocate punch hole ("fallocate -p") for SMB3
Steve French [Sun, 17 Aug 2014 13:38:47 +0000 (08:38 -0500)]
enable fallocate punch hole ("fallocate -p") for SMB3

Implement FALLOC_FL_PUNCH_HOLE (which does not change the file size
fortunately so this matches the behavior of the equivalent SMB3
fsctl call) for SMB3 mounts.  This allows "fallocate -p" to work.
It requires that the server support setting files as sparse
(which Windows allows).

Signed-off-by: Steve French <smfrench@gmail.com>
5 days agoIncorrect error returned on setting file compressed on SMB2
Steve French [Sun, 17 Aug 2014 11:43:58 +0000 (06:43 -0500)]
Incorrect error returned on setting file compressed on SMB2

When the server (for an SMB2 or SMB3 mount) doesn't support
an ioctl (such as setting the compressed flag
on a file) we were incorrectly returning EIO instead
of EOPNOTSUPP, this is confusing e.g. doing chattr +c to a file
on a non-btrfs Samba partition, now the error returned is more
intuitive to the user.  Also fixes error mapping on setting
hardlink to servers which don't support that.

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: David Disseldorp <ddiss@suse.de>
5 days agoata: ahci_tegra: Change include to fix compilation
Mikko Perttunen [Mon, 11 Aug 2014 10:17:48 +0000 (13:17 +0300)]
ata: ahci_tegra: Change include to fix compilation

Before this patch, the driver included <linux/tegra-powergate.h>,
which was effectively renamed to <soc/tegra/pmc.h> at about the same
time the ahci_tegra series landed. Fix the include path so that the
driver compiles.

Signed-off-by: Mikko Perttunen <mperttunen@nvidia.com>
Acked-by: Thierry Reding <treding@nvidia.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
5 days agopata_samsung_cf: change ret type to signed
Arjun Sreedharan [Sat, 16 Aug 2014 13:08:34 +0000 (18:38 +0530)]
pata_samsung_cf: change ret type to signed

Change return type to signed int since it could be
a negative errno.

Signed-off-by: Arjun Sreedharan <arjun024@gmail.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
5 days agoahci_xgene: Removing NCQ support from the APM X-Gene SoC AHCI SATA Host Controller...
Suman Tripathi [Fri, 8 Aug 2014 16:14:25 +0000 (21:44 +0530)]
ahci_xgene: Removing NCQ support from the APM X-Gene SoC AHCI SATA Host Controller driver.

This patch removes the NCQ support from the APM X-Gene SoC AHCI
Host Controller driver as it doesn't support it.

Signed-off-by: Loc Ho <lho@apm.com>
Signed-off-by: Suman Tripathi <stripathi@apm.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: stable@vger.kernel.org
5 days agoCIFS: Fix wrong directory attributes after rename
Pavel Shilovsky [Mon, 18 Aug 2014 16:49:58 +0000 (20:49 +0400)]
CIFS: Fix wrong directory attributes after rename

When we requests rename we also need to update attributes
of both source and target parent directories. Not doing it
causes generic/309 xfstest to fail on SMB2 mounts. Fix this
by marking these directories for force revalidating.

Cc: <stable@vger.kernel.org>
Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steve French <smfrench@gmail.com>
5 days agoCIFS: Fix SMB2 readdir error handling
Pavel Shilovsky [Mon, 18 Aug 2014 16:49:57 +0000 (20:49 +0400)]
CIFS: Fix SMB2 readdir error handling

SMB2 servers indicates the end of a directory search with
STATUS_NO_MORE_FILE error code that is not processed now.
This causes generic/257 xfstest to fail. Fix this by triggering
the end of search by this error code in SMB2_query_directory.

Also when negotiating CIFS protocol we tell the server to close
the search automatically at the end and there is no need to do
it itself. In the case of SMB2 protocol, we need to close it
explicitly - separate close directory checks for different
protocols.

Cc: <stable@vger.kernel.org>
Signed-off-by: Pavel Shilovsky <pshilovsky@samba.org>
Signed-off-by: Steve French <smfrench@gmail.com>
5 days ago[CIFS] Possible null ptr deref in SMB2_tcon
Steve French [Sun, 17 Aug 2014 05:22:24 +0000 (00:22 -0500)]
[CIFS] Possible null ptr deref in SMB2_tcon

As Raphael Geissert pointed out, tcon_error_exit can dereference tcon
and there is one path in which tcon can be null.

Signed-off-by: Steve French <smfrench@gmail.com>
CC: Stable <stable@vger.kernel.org> # v3.7+
Reported-by: Raphael Geissert <geissert@debian.org>
6 days agoLinux 3.17-rc1 v3.17-rc1
Linus Torvalds [Sat, 16 Aug 2014 16:40:26 +0000 (10:40 -0600)]
Linux 3.17-rc1

6 days agoMerge branch 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86
Linus Torvalds [Sat, 16 Aug 2014 15:32:27 +0000 (09:32 -0600)]
Merge branch 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86

Pull x86 platform driver updates from Matthew Garrett:
 "A moderate number of changes, but nothing awfully significant.

  A lot of const cleanups, some reworking and additions to the rfkill
  quirks in the asus driver, a new driver for generating falling laptop
  events on Toshibas and some misc fixes.

  Maybe vendors have stopped inventing things"

* 'for_linus' of git://cavan.codon.org.uk/platform-drivers-x86: (41 commits)
  platform/x86: Enable build support for toshiba_haps
  Documentation: Add file about toshiba_haps module
  platform/x86: Toshiba HDD Active Protection Sensor
  asus-nb-wmi: Add wapf4 quirk for the U32U
  alienware-wmi: make hdmi_mux enabled on case-by-case basis
  ideapad-laptop: Constify DMI table and other r/o variables
  asus-nb-wmi.c: Rename x401u quirk to wapf4
  compal-laptop: correct invalid hwmon name
  toshiba_acpi: Add Qosmio X75-A to the alt keymap dmi list
  toshiba_acpi: Add extra check to backlight code
  Fix log message about future removal of interface
  ideapad-laptop: Disable touchpad interface on Yoga models
  asus-nb-wmi: Add wapf4 quirk for the X550CC
  intel_ips: Make ips_mcp_limits variables static
  thinkpad_acpi: Mark volume_alsa_control_{vol,mute} as __initdata
  fujitsu-laptop: Mark fujitsu_dmi_table[] DMI table as __initconst
  hp-wmi: Add missing __init annotations to initialization code
  hp_accel: Constify ACPI and DMI tables
  fujitsu-tablet: Mark DMI callbacks as __init code
  dell-laptop: Mark dell_quirks[] DMI table as __initconst
  ...

6 days agoMerge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux
Linus Torvalds [Sat, 16 Aug 2014 15:25:34 +0000 (09:25 -0600)]
Merge branch 'release' of git://git./linux/kernel/git/lenb/linux

Pull idle update from Len Brown:
 "Two Intel-platform-specific updates to intel_idle, and a cosmetic
  tweak to the turbostat utility"

* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux:
  tools/power turbostat: tweak whitespace in output format
  intel_idle: Broadwell support
  intel_idle: Disable Baytrail Core and Module C6 auto-demotion

6 days agoMerge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty...
Linus Torvalds [Sat, 16 Aug 2014 15:24:41 +0000 (09:24 -0600)]
Merge tag 'fixes-for-linus' of git://git./linux/kernel/git/rusty/linux

Pull module fix from Rusty Russell:
 "Nasty potential bug if someone uses a known module param with an
  invalid value (we don't fail unknown module params any more, just
  warn)"

* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux:
  module: Clean up ro/nx after early module load failures

6 days agoMerge branch 'rng-queue' of git://git.kernel.org/pub/scm/linux/kernel/git/amit/virtio
Linus Torvalds [Sat, 16 Aug 2014 15:23:15 +0000 (09:23 -0600)]
Merge branch 'rng-queue' of git://git./linux/kernel/git/amit/virtio

Pull virtio-rng update from Amit Shah:
 "Add derating factor for use by hwrng core

  Sending directly to you with the commit log changes Ted Ts'o pointed
  out.  Not sure if Rusty's back after his travel, but this already has
  his s-o-b"

* 'rng-queue' of git://git.kernel.org/pub/scm/linux/kernel/git/amit/virtio:
  virtio: rng: add derating factor for use by hwrng core

6 days agoMerge branch 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/mason...
Linus Torvalds [Sat, 16 Aug 2014 15:06:55 +0000 (09:06 -0600)]
Merge branch 'for-linus2' of git://git./linux/kernel/git/mason/linux-btrfs

Pull btrfs updates from Chris Mason:
 "These are all fixes I'd like to get out to a broader audience.

  The biggest of the bunch is Mark's quota fix, which is also in the
  SUSE kernel, and makes our subvolume quotas dramatically more
  accurate.

  I've been running xfstests with these against your current git
  overnight, but I'm queueing up longer tests as well"

* 'for-linus2' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs:
  btrfs: disable strict file flushes for renames and truncates
  Btrfs: fix csum tree corruption, duplicate and outdated checksums
  Btrfs: Fix memory corruption by ulist_add_merge() on 32bit arch
  Btrfs: fix compressed write corruption on enospc
  btrfs: correctly handle return from ulist_add
  btrfs: qgroup: account shared subtrees during snapshot delete
  Btrfs: read lock extent buffer while walking backrefs
  Btrfs: __btrfs_mod_ref should always use no_quota
  btrfs: adjust statfs calculations according to raid profiles

6 days agoMerge tag 'locks-v3.17-2' of git://git.samba.org/jlayton/linux
Linus Torvalds [Sat, 16 Aug 2014 14:58:47 +0000 (08:58 -0600)]
Merge tag 'locks-v3.17-2' of git://git.samba.org/jlayton/linux

Pull file locking bugfixes from Jeff Layton:
 "Most of these patches are to fix a long-standing regression that crept
  in when the BKL was removed from the file-locking code.  The code was
  converted to use a conventional spinlock, but some fl_release_private
  ops can block and you can end up sleeping inside the lock.

  There's also a patch to make /proc/locks show delegations as 'DELEG'"

* tag 'locks-v3.17-2' of git://git.samba.org/jlayton/linux:
  locks: update Locking documentation to clarify fl_release_private behavior
  locks: move locks_free_lock calls in do_fcntl_add_lease outside spinlock
  locks: defer freeing locks in locks_delete_lock until after i_lock has been dropped
  locks: don't reuse file_lock in __posix_lock_file
  locks: don't call locks_release_private from locks_copy_lock
  locks: show delegations as "DELEG" in /proc/locks

6 days agoMerge git://git.kvack.org/~bcrl/aio-next
Linus Torvalds [Sat, 16 Aug 2014 14:56:27 +0000 (08:56 -0600)]
Merge git://git.kvack.org/~bcrl/aio-next

Pull aio updates from Ben LaHaise.

* git://git.kvack.org/~bcrl/aio-next:
  aio: use iovec array rather than the single one
  aio: fix some comments
  aio: use the macro rather than the inline magic number
  aio: remove the needless registration of ring file's private_data
  aio: remove no longer needed preempt_disable()
  aio: kill the misleading rcu read locks in ioctx_add_table() and kill_ioctx()
  aio: change exit_aio() to load mm->ioctx_table once and avoid rcu_read_lock()

6 days agoplatform/x86: Enable build support for toshiba_haps
Azael Avalos [Thu, 14 Aug 2014 15:55:40 +0000 (09:55 -0600)]
platform/x86: Enable build support for toshiba_haps

Makefile and Kconfig build support patch for the newly introduced
kernel module toshiba_haps.

Signed-off-by: Azael Avalos <coproscefalo@gmail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoDocumentation: Add file about toshiba_haps module
Azael Avalos [Thu, 14 Aug 2014 15:55:39 +0000 (09:55 -0600)]
Documentation: Add file about toshiba_haps module

This patch provides information about the Toshiba HDD
Active Protection Sensor driver module toshiba_haps.

Signed-off-by: Azael Avalos <coproscefalo@gmail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoplatform/x86: Toshiba HDD Active Protection Sensor
Azael Avalos [Thu, 14 Aug 2014 15:55:38 +0000 (09:55 -0600)]
platform/x86: Toshiba HDD Active Protection Sensor

This driver adds support for the built-in accelereometer found
on recent Toshiba laptops with HID TOS620A.

This driver receives ACPI notify events 0x80 when the sensor
detects a sudden move or a harsh vibration, as well as an
ACPI notify event 0x81 whenever the movement or vibration has
been stabilized.

Also provides sysfs entries to get/set the desired protection
level and reseting the HDD protection interface.

Signed-off-by: Azael Avalos <coproscefalo@gmail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoasus-nb-wmi: Add wapf4 quirk for the U32U
Hans de Goede [Tue, 29 Jul 2014 09:59:57 +0000 (11:59 +0200)]
asus-nb-wmi: Add wapf4 quirk for the U32U

As reported here: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1173681
the U32U needs wapf=4 too.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoalienware-wmi: make hdmi_mux enabled on case-by-case basis
Mario Limonciello [Thu, 24 Jul 2014 04:19:23 +0000 (23:19 -0500)]
alienware-wmi: make hdmi_mux enabled on case-by-case basis

Not all HW supporting WMAX method will support the HDMI mux feature.
Explicitly quirk the HW that does support it.

Signed-off-by: Mario Limonciello <mario_limonciello@dell.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoideapad-laptop: Constify DMI table and other r/o variables
Mathias Krause [Wed, 16 Jul 2014 17:43:15 +0000 (19:43 +0200)]
ideapad-laptop: Constify DMI table and other r/o variables

Constify the rfkill_blacklist[] DMI table, the ideapad_rfk_data[] table
and the ideapad_attribute_group attribute group. There's no need to have
them writeable during runtime.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Ike Panhc <ike.pan@canonical.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoasus-nb-wmi.c: Rename x401u quirk to wapf4
Hans de Goede [Mon, 14 Jul 2014 07:14:34 +0000 (09:14 +0200)]
asus-nb-wmi.c: Rename x401u quirk to wapf4

The actual x401u does not use the so named x401u quirk but the x55u quirk.
All that the x401u quirk does it setting wapf to 4, so rename it to wapf4 to
stop the confusion.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agocompal-laptop: correct invalid hwmon name
Roald Frederickx [Wed, 13 Aug 2014 20:40:14 +0000 (13:40 -0700)]
compal-laptop: correct invalid hwmon name

Change the name of the hwmon interface from "compal-laptop" to "compal".
A dash is an invalid character for a hwmon name and caused the call to
hwmon_device_register_with_groups() to fail.

Signed-off-by: Roald Frederickx <roald.frederickx@gmail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agotoshiba_acpi: Add Qosmio X75-A to the alt keymap dmi list
Azael Avalos [Mon, 4 Aug 2014 15:21:02 +0000 (09:21 -0600)]
toshiba_acpi: Add Qosmio X75-A to the alt keymap dmi list

The Toshiba Qosmio X75-A series models also come with
the new keymap layout.

This patch adds this model to the alt_keymap_dmi list,
along with an extra key found on these models.

Signed-off-by: Azael Avalos <coproscefalo@gmail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agotoshiba_acpi: Add extra check to backlight code
Azael Avalos [Mon, 4 Aug 2014 15:21:01 +0000 (09:21 -0600)]
toshiba_acpi: Add extra check to backlight code

Some Toshiba models (most notably Qosmios) come with an
incomplete backlight method where the AML code doesn't
check for write or read commands and always returns
HCI_SUCCESS and the actual brightness (and in some
cases the max brightness), thus allowing the backlight
interface to be registered without write support.

This patch changes the set_lcd_brightness function,
checking the returned values for values greater than
zero to avoid registering a broken backlight interface.

Signed-off-by: Azael Avalos <coproscefalo@gmail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoFix log message about future removal of interface
Martin Kepplinger [Sat, 26 Jul 2014 15:46:06 +0000 (17:46 +0200)]
Fix log message about future removal of interface

If this is going away, it won't be in 2012.

Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoideapad-laptop: Disable touchpad interface on Yoga models
Hans de Goede [Fri, 18 Jul 2014 10:21:47 +0000 (12:21 +0200)]
ideapad-laptop: Disable touchpad interface on Yoga models

Yoga models don't offer touchpad ctrl through the ideapad interface, causing
ideapad_sync_touchpad_state to send wrong touchpad enable/disable events.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoasus-nb-wmi: Add wapf4 quirk for the X550CC
Hans de Goede [Fri, 18 Jul 2014 10:15:09 +0000 (12:15 +0200)]
asus-nb-wmi: Add wapf4 quirk for the X550CC

As reported here: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1173681
the X550CC needs wapf=4 too.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agointel_ips: Make ips_mcp_limits variables static
Mathias Krause [Wed, 16 Jul 2014 17:43:16 +0000 (19:43 +0200)]
intel_ips: Make ips_mcp_limits variables static

These variables don't need to be visible outside of this compilation
unit, make them static.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agothinkpad_acpi: Mark volume_alsa_control_{vol,mute} as __initdata
Mathias Krause [Wed, 16 Jul 2014 17:43:17 +0000 (19:43 +0200)]
thinkpad_acpi: Mark volume_alsa_control_{vol,mute} as __initdata

Mark volume_alsa_control_vol and volume_alsa_control_mute as __initdata,
as snd_ctl_new1() will copy the relevant parts, so there is no need to
keep the master copies around after initialization.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Henrique de Moraes Holschuh <ibm-acpi@hmh.eng.br>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agofujitsu-laptop: Mark fujitsu_dmi_table[] DMI table as __initconst
Mathias Krause [Wed, 16 Jul 2014 17:43:11 +0000 (19:43 +0200)]
fujitsu-laptop: Mark fujitsu_dmi_table[] DMI table as __initconst

The DMI table is only ever used during initialization. Mark it as
__initconst so its memory can be released afterwards -- roughly 1.5 kB.
In turn, the callback functions can be marked with __init, too.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Jonathan Woithe <jwoithe@just42.net>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agohp-wmi: Add missing __init annotations to initialization code
Mathias Krause [Wed, 16 Jul 2014 17:43:13 +0000 (19:43 +0200)]
hp-wmi: Add missing __init annotations to initialization code

These functions are only called from other initialization routines, so
can be marked __init, too.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agohp_accel: Constify ACPI and DMI tables
Mathias Krause [Wed, 16 Jul 2014 17:43:14 +0000 (19:43 +0200)]
hp_accel: Constify ACPI and DMI tables

Constify the lis3lv02d_device_ids[] ACPI and the lis3lv02d_dmi_ids[] DMI
tables. There's no need to have them writeable during runtime.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Eric Piel <eric.piel@tremplin-utc.net>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agofujitsu-tablet: Mark DMI callbacks as __init code
Mathias Krause [Wed, 16 Jul 2014 17:43:12 +0000 (19:43 +0200)]
fujitsu-tablet: Mark DMI callbacks as __init code

The DMI table is already marked as __initconst, so can be the callback
functions as they're only used in that context.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Robert Gerlach <khnz@gmx.de>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agodell-laptop: Mark dell_quirks[] DMI table as __initconst
Mathias Krause [Wed, 16 Jul 2014 17:43:09 +0000 (19:43 +0200)]
dell-laptop: Mark dell_quirks[] DMI table as __initconst

The dell_quirks[] DMI table is only ever used during initialization.
Mark it as __initconst so its memory can be released afterwards --
roughly 5.7 kB. In turn, the callback function can be marked with
__init, too.

Also the touchpad_led_init() function can be marked __init as it's only
referenced from dell_init() -- an __init function.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoeeepc-wmi: Constify asus_quirks[] DMI table
Mathias Krause [Wed, 16 Jul 2014 17:43:10 +0000 (19:43 +0200)]
eeepc-wmi: Constify asus_quirks[] DMI table

Constify the asus_quirks[] DMI table. There's no need to have it
writeable during runtime.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Corentin Chary <corentin.chary@gmail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoacer-wmi: Mark init data and code as such
Mathias Krause [Wed, 16 Jul 2014 17:43:04 +0000 (19:43 +0200)]
acer-wmi: Mark init data and code as such

Quite a lot of code and data of acer-wmi.c is only ever used during
initialization. Mark those accordingly -- and constify, where
appropriate -- so the memory can be released afterwards.

All in all those changes move ~10 kB of code and data to the .init
sections, marking them for release after initialization has finished.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: "Lee, Chun-Yi" <jlee@suse.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoasus-nb-wmi: Constify asus_quirks[] DMI table
Mathias Krause [Wed, 16 Jul 2014 17:43:08 +0000 (19:43 +0200)]
asus-nb-wmi: Constify asus_quirks[] DMI table

Constify the asus_quirks[] DMI table. There's no need to have it
writeable during runtime.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Corentin Chary <corentin.chary@gmail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoalienware-wmi: Mark DMI table as __initconst
Mathias Krause [Wed, 16 Jul 2014 17:43:07 +0000 (19:43 +0200)]
alienware-wmi: Mark DMI table as __initconst

The DMI table is only ever used during initialization. Mark it as
__initconst so its memory can be released appropriately. In turn, the
callback function can be marked with __init, too.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoacer-wmi: Hide acer_{suspend,resume} for !CONFIG_PM_SLEEP
Mathias Krause [Wed, 16 Jul 2014 17:43:06 +0000 (19:43 +0200)]
acer-wmi: Hide acer_{suspend,resume} for !CONFIG_PM_SLEEP

Encapsulate acer_suspend() and acer_resume with #ifdef CONFIG_PM_SLEEP
to get rid of the following warnings:

  ../acer-wmi.c:2046:12: warning: ‘acer_suspend’ defined but not used [-Wunused-function]
  ../acer-wmi.c:2068:12: warning: ‘acer_resume’ defined but not used [-Wunused-function]

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: "Lee, Chun-Yi" <jlee@suse.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoacer-wmi: Mark acer_wmi_keymap[] as __initconst
Mathias Krause [Wed, 16 Jul 2014 17:43:05 +0000 (19:43 +0200)]
acer-wmi: Mark acer_wmi_keymap[] as __initconst

sparse_keymap_setup() will make a copy of the keymap, so we can release
the master copy after initialization.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: "Lee, Chun-Yi" <jlee@suse.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoMAINTAINERS: Update git URL for x86 platform drivers
Mathias Krause [Wed, 16 Jul 2014 17:43:03 +0000 (19:43 +0200)]
MAINTAINERS: Update git URL for x86 platform drivers

The repo on kernel.org is no longer available but has a replacement at
cavan.codon.org.uk.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoWMI: Remove unnecessary null test
Himangi Saraogi [Tue, 15 Jul 2014 17:19:11 +0000 (22:49 +0530)]
WMI: Remove unnecessary null test

This patch removes the null test on block. block is initialized at the
beginning of the function to &wblock->gblock. Since wblock is
dereferenced prior to the null test, wblock must be a valid pointer,
and &wblock->gblock cannot be null.

The following Coccinelle script is used for detecting the change:

@r@
expression e,f;
identifier g,y;
statement S1,S2;
@@

*e = &f->g
<+...
 f->y
 ...+>
*if (e != NULL || ...)
 S1 else S2

Signed-off-by: Himangi Saraogi <himangi774@gmail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agodrivers/platform/x86/thinkpad_acpi.c: don't test unsigned int for negativity
Andrey Utkin [Mon, 14 Jul 2014 22:56:21 +0000 (01:56 +0300)]
drivers/platform/x86/thinkpad_acpi.c: don't test unsigned int for negativity

Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=80231
Reported-by: David Binderman <dcb314@hotmail.com>
Signed-off-by: Andrey Utkin <andrey.krieger.utkin@gmail.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoasus-nb-wmi: Add wapf4 quirk for the X550CL
Hans de Goede [Mon, 14 Jul 2014 07:14:35 +0000 (09:14 +0200)]
asus-nb-wmi: Add wapf4 quirk for the X550CL

As reported here: https://bugs.launchpad.net/bugs/1277959
the X550CL needs wapf=4 too.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoasus-nb-wmi: Add ASUSTeK COMPUTER INC. X200CA
AceLan Kao [Wed, 9 Jul 2014 08:18:19 +0000 (16:18 +0800)]
asus-nb-wmi: Add ASUSTeK COMPUTER INC. X200CA

BIOS won't light on the wifi-led after S3, so asus-wmi driver needs to
control the wifi and wifi-led status.
But, it'll lead to bt status error if asus-wmi driver controls bt as well.
So, for X200CA, asus-wmi driver controls wifi status only and have to set
wapf to 1.

Signed-off-by: AceLan Kao <acelan.kao@canonical.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoasus-wmi: control wlan-led if wapf > 0
AceLan Kao [Wed, 9 Jul 2014 08:18:18 +0000 (16:18 +0800)]
asus-wmi: control wlan-led if wapf > 0

Wifi will be controlled by asus-wmi driver when wapf > 0
So, controls the wifi-led when wapf > 0

Signed-off-by: AceLan Kao <acelan.kao@canonical.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoasus-wmi: backlight_init: Stop treating -ENODEV as if its not an error
Hans de Goede [Tue, 8 Jul 2014 08:47:22 +0000 (10:47 +0200)]
asus-wmi: backlight_init: Stop treating -ENODEV as if its not an error

When bl_power support got added to asus-wmi, the error handling for it was
written to ignore -ENODEV, to avoid not registering a backlight interface for
models which have no bl_power control, but do have brightness control.

At the same time the error handling for brightness_max was modified to do the
same, this is wrong, when there is no brightness_max asus-wmi should not
register a backlight interface.

Note the caller of asus_wmi_backlight_init already special cases -ENODEV,
and will not cause the wmi driver regristration to fail because of a
-ENODEV return from asus_wmi_backlight_init.

https://bugzilla.redhat.com/show_bug.cgi?id=1097436

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoasus-wmi: Disable acpi-video backlight on desktop machines
Hans de Goede [Tue, 8 Jul 2014 08:47:21 +0000 (10:47 +0200)]
asus-wmi: Disable acpi-video backlight on desktop machines

Some Asus motherboards for desktop PC-s export an acpi-video interface
advertising backlight support. Test the dmi chassis-type and tell acpi-video
to not register a backlight interface on desktops.

https://bugzilla.redhat.com/show_bug.cgi?id=1097436

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agoideapad-laptop: Change Lenovo Yoga 2 series rfkill handling
Hans de Goede [Mon, 23 Jun 2014 14:45:51 +0000 (16:45 +0200)]
ideapad-laptop: Change Lenovo Yoga 2 series rfkill handling

It seems that the same problems which lead to adding an rfkill blacklist and
putting the Lenovo Yoga 2 11 on it are also present on the Lenovo Yoga 2 13
and Lenovo Yoga 2 Pro too:
https://bugzilla.redhat.com/show_bug.cgi?id=1021036
https://forums.lenovo.com/t5/Linux-Discussion/Yoga-2-13-not-Pro-Linux-Warning/m-p/1517612

Testing has shown that the firmware rfkill settings are persistent over
reboots. So blacklisting the driver is not good enough, if the wifi is blocked
at the firmware level the wifi needs to be explictly unblocked through the
ideapad-laptop interface.

And at least on the Lenovo Yoga 2 13 the VPCCMD_RF register which on devices
with hardware kill switch reports the hardware switch state, needs to be
explictly set to 1 (radio enabled / not blocked).

So this patch does 3 things to get proper rfkill handling on these models:

1) Instead of blacklisting the rfkill functionality, which means that people
with a firmware blocked wifi get stuck in that situation, ignore the value
reported by the not present hardware rfkill switch, as this is what is causing
ideapad-laptop to wrongly report all radios as hardware blocks. But do register
the rfkill interfaces so that the user can soft [un]block them.

2) On models without a hardware rfkill switch, explictly set VPCCMD_RF to 1

3) Drop the " 11" postfix from the dmi match string, as the entire Yoga 2
series is affected.

Yoga 2 11:
Reported-and-tested-by: Vincent Gerris <vgerris@gmail.com>
Yoga 2 13:
Tested-by: madls05 <http://ubuntuforums.org/showthread.php?t=2215044>
Yoga 2 Pro:
Reported-and-tested-by: Peter F. Patel-Schneider <pfpschneider@gmail.com>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
6 days agothinkpad_acpi: Update mapping for F12 hotkey on *40 models to KEY_FILE
Hans de Goede [Mon, 23 Jun 2014 11:38:23 +0000 (13:38 +0200)]
thinkpad_acpi: Update mapping for F12 hotkey on *40 models to KEY_FILE

The new keyboard found on the *40 models is also being sold as a standalone
keyboard (with trackpoint):
http://shop.lenovo.com/us/en/itemdetails/0B47189/460/60AC6A0372B14F5BA7B12F1FF88E33C7

This uses a standard HUT code for the F12 key with the 6 square boxes on it,
which gets mapped to KEY_FILE by the kernel. Change the mapping done of
identical laptop key done by thinkpad_acpi to also send KEY_FILE for
consistency.

Cc: Jamie Lentin <jm@lentin.co.uk>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>