Commit Graph

51060 Commits

Author SHA1 Message Date
Adrian Bunk
e4ce837de9 [X25] x25_forward_call(): fix NULL dereferences
This patch fixes two NULL dereferences spotted by the Coverity checker.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-03-20 00:09:46 -07:00
Vlad Yasevich
749bf9215e [SCTP]: Reset some transport and association variables on restart
If the association has been restarted, we need to reset the
transport congestion variables as well as accumulated error
counts and CACC variables.  If we do not, the association
will use the wrong values and may terminate prematurely.

This was found with a scenario where the peer restarted
the association when lksctp was in the last HB timeout for
its association.  The restart happened, but the error counts
have not been reset and when the timeout occurred, a newly
restarted association was terminated due to excessive
retransmits.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-03-20 00:09:45 -07:00
Vlad Yasevich
fb78525ae1 [SCTP]: Increment error counters on user requested HBs.
2960bis states (Section 8.3):

   D) Request an on-demand HEARTBEAT on a specific destination transport
      address of a given association.

   The endpoint should increment the respective error counter of the
   destination transport address each time a HEARTBEAT is sent to that
   address and not acknowledged within one RTO.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-03-20 00:09:44 -07:00
Vlad Yasevich
0b58a81146 [SCTP]: Clean up stale data during association restart
During association restart we may have stale data sitting
on the ULP queue waiting for ordering or reassembly.  This
data may cause severe problems if not cleaned up.  In particular
stale data pending ordering may cause problems with receive
window exhaustion if our peer has decided to restart the
association.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-03-20 00:09:43 -07:00
Samuel Ortiz
c577c2b993 [IrDA]: Calling ppp_unregister_channel() from process context
We need to call ppp_unregister_channel() when IrNET disconnects, and this
must be done from a process context.

Bug reported and patch tested by Guennadi Liakhovetski.

Signed-off-by: Samuel Ortiz <samuel@sortiz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-03-20 00:09:42 -07:00
G. Liakhovetski
7bb1bbe615 [IrDA]: irttp_dup spin_lock initialisation
Without this initialization one gets

kernel BUG at kernel/rtmutex_common.h:80!

This patch should also be included in the -stable kernel.

Signed-off-by: G. Liakhovetski <gl@dsa-ac.de>
Signed-off-by: Samuel Ortiz <samuel@sortiz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-03-20 00:09:41 -07:00
Nigel Williams
2e360d81ea [IrDA]: Delay needed when uploading firmware chunks
With 42101001.sb firmwares, we need a 10 ms delay between firmware chunks
upload on irda-usb.

Patch from Nigel Williams <nigelw@elder-gods.net>
Signed-off-by: Samuel Ortiz <samuel@sortiz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-03-20 00:09:40 -07:00
Len Brown
0cd4554df0 ACPI: IA64: fix %ll build warnings
acpi_integer is 64-bits on all platforms, and so was defined as a u64.

i386 and x86_64 define u64 as unsigned long long.
ia64 defines u64 as long.

While these are all 64-bits, the kernel build warns about formating
a "long" with %ll:

drivers/ata/libata-acpi.c:176: warning: long long unsigned int format, acpi_integer arg (arg 5)

So skip using "u64" and define acpi_integer as "unsigned long long"
to make gcc happy with %ll.

Signed-off-by: Len Brown <len.brown@intel.com>
2007-03-19 23:51:36 -04:00
Len Brown
8140a90ec1 ACPI: IA64: fix allnoconfig build
The evils of Kconfig's select bite us once again...
ia64/Kconfig selects ACPI, which depends on PM.
But select ignores dependencies, allnoconfig
chooses CONFIG_PM=n, and thus the menu of sub-options
under ACPI vanish, which breaks the build.

Manually select PM along with ACPI for now.
Some day, we should delete them both, or fix select.

Cc: Tony Luck <tony.luck@intel.com>
Signed-off-by: Len Brown <len.brown@intel.com>
2007-03-19 23:41:51 -04:00
Linus Torvalds
0a14fe6e5e Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6:
  [SPARC64]: store-init needs trailing membar.
2007-03-19 20:20:56 -07:00
Linus Torvalds
a9cf7cd0d7 Merge master.kernel.org:/pub/scm/linux/kernel/git/gregkh/usb-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/gregkh/usb-2.6:
  USB: new Novatel device ids for option driver
  USB: berry_charge: correct dbg string for second magic command
  usblp: quirk flag and device entry for Seiko Epson M129C printer
  airprime: USB ID for Novatel EV620 mini PCI-E card
  USB: necessary update for mos7720 driver
  USB: RAZR v3i unusual_devs
  USB: two more device ids for dm9601 usbnet driver
  USB: fix usb-serial regression
2007-03-19 20:14:23 -07:00
Linus Torvalds
62b6e9ff08 Merge branch 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
  [MIPS] Export except_vec_vi_{mori,lui,ori} as text symbols.
  [MIPS] mips-boards: More liberal check for mips-board console
  [MIPS] Misc fixes for plat_irq_dispatch functions
  [MIPS] Qemu: Fix Symmetric Uniprocessor support.
  [MIPS] VI: TRACE_IRQS_OFF clobbers $v0, so save & restore around call.
2007-03-19 20:13:56 -07:00
Linus Torvalds
8718d75ef2 Merge branch 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/libata-dev
* 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/libata-dev:
  pata_ixp4xx_cf: fix interrupt
  pata_ixp4xx_cf: fix oops on detach
  libata: kernel-doc fix
  sata_inic162x: kill double region requests
  drivers/ata/Kconfig: PATA_SCC depends on wrong platform
  sata_sil24: Add Adaptec 1220SA PCI ID
  libata: don't whine if ->prereset() returns -ENOENT
2007-03-19 20:12:25 -07:00
Linus Torvalds
f32e355583 Merge master.kernel.org:/home/rmk/linux-2.6-arm
* master.kernel.org:/home/rmk/linux-2.6-arm:
  [ARM] 4264/1: ldrex/strex syntax errors with recent compilers
  [ARM] Fix breakage caused by 72486f1f8f
2007-03-19 20:05:16 -07:00
Linus Torvalds
511b00a319 Merge branch 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6
* 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6:
  [S390] zcrypt: fix possible race when unloading zcrypt driver modules
  [S390] zcrypt: fix possible dead lock in AP bus module
  [S390] Wire up sys_utimes.
  [S390] reboot from and dump to SCSI under z/VM fails.
  [S390] Wire up compat_sys_epoll_pwait.
  [S390] strlcpy is smart enough
  [S390] memory detection: fix off by one bug.
  [S390] cio: qdio slsb setup
2007-03-19 20:04:26 -07:00
Greg Kroah-Hartman
69806d5631 USB: new Novatel device ids for option driver
This moves all of the Novatel device ids to the option driver, where
they belong.

Thanks to Novatel for providing a list of all supported devices.

Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-19 13:39:51 -07:00
David S. Miller
24d559cac4 [SPARC64]: store-init needs trailing membar.
The manual says that it is required and we actually have crash reports
where loads see stale data due to not having membars here.

In one case the networking does:

	memset(skb, 0, offsetof(struct sk_buff, truesize));

and then some code later checks skb->nohdr for zero, but it's still
the value that was there before the memset().

Note that arch/sparc64/lib/xor.S already got this right.

Signed-off-by: David S. Miller <davem@davemloft.net>
2007-03-19 13:27:33 -07:00
Ralf Baechle
7df4246117 [MIPS] Export except_vec_vi_{mori,lui,ori} as text symbols.
Otherwise objdump will screw up disassembly.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2007-03-19 20:22:44 +00:00
Thiemo Seufer
43e3c885d0 [MIPS] mips-boards: More liberal check for mips-board console
Allows overriding the MALTA/ATLAS/etc. default console setting with
non-serial console devices.

Signed-Off-By: Thiemo Seufer <ths@networkno.de>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2007-03-19 20:22:43 +00:00
Thiemo Seufer
119537c092 [MIPS] Misc fixes for plat_irq_dispatch functions
o adds missing ST0_IM masks, which caused the logging of valid interrupts
   as spurious
 o stops pnx8550 to log every interrupt as spurious
 o adds cause register masks for ip22/ip32, which caused handling of masked
   interrupts
 o removes some superfluous parentheses in the SNI interrupt code

Signed-Off-By: Thiemo Seufer <ths@networkno.de>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2007-03-19 20:22:43 +00:00
Atsushi Nemoto
72ede9b189 [MIPS] Qemu: Fix Symmetric Uniprocessor support.
Might be useful for SMP debugging.

Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>

[Rewritten Kconfig bits to deal better fit in the usual pattern of doing
things - Ralf]

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2007-03-19 20:22:43 +00:00
Ralf Baechle
8c3644350f [MIPS] VI: TRACE_IRQS_OFF clobbers $v0, so save & restore around call.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2007-03-19 20:22:43 +00:00
Ken L Johnson
774f78cf3b USB: berry_charge: correct dbg string for second magic command
I was testing the berry_charge module with my Blackberry 8700c and had
great success, thanks. Looking at the code for my own learning I noticed
the following cut and paste error... just a nit.

Signed-off-by: Ken L Johnson <ken@novell.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-19 13:22:19 -07:00
Alan Stern
5ec71db59a usblp: quirk flag and device entry for Seiko Epson M129C printer
This patch (as872) adds a device table entry and a new quirk flag to
the usblp driver for the Seiko Epson Receipt printer.  This printer
returns Vendor-Specific values for bInterfaceClass and
bInterfaceSubClass, but the bInterfaceProtocol value is valid and it
works with usblp.  The new quirks flag tells the driver to ignore the
Class and SubClass values in the interface descriptor.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Cc: Vojtech Pavlik <vojtech@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-19 13:22:18 -07:00
Mark Glines
e5740b5d75 airprime: USB ID for Novatel EV620 mini PCI-E card
Add an ID to recognise the Novatel EV620 wireless adapter.
http://www.novatelwireless.com/products/expedite/ev620.html

It looks like a mini PCI-Express adapter.  The mPCIE connector includes USB
pins... the card shows up to the system as a USB device, and powers itself
from the PCI bus.

The card I have isn't activated yet, so I can't get a PPP session up yet, but
I have tested basic serial communication successfully in both 2.6.18 and
2.6.20 kernels, once the product ID was added.  (the driver changed quite a
bit between the two revs.)  In both drivers, it responds to AT commands and
such.

Signed-off-by: Mark Glines <mark@glines.org>
Cc: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-19 13:22:18 -07:00
Oliver Neukum
e8e30c765c USB: necessary update for mos7720 driver
these devices have a shared interrupt endpoint. For serialcore to pass
an interrupt endpoint to a subdriver, the subdriver must define and
_export_ a fitting callback. The mos7720 driver failed to do so. This led
invariably to an oops upon open. This patch fixes it. The driver is useless
without it. Please try to get this into 2.6.21 and the stable kernels that
have this driver.

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-19 13:22:18 -07:00
Pete Zaitcev
a7f3dd5d4b USB: RAZR v3i unusual_devs
This adds an unusual_devs entry for the Motorola RAZR 3vi.

From: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Phil Dibowitz <phil@ipom.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-19 13:22:18 -07:00
Jon Dowland
6dc477f3e4 USB: two more device ids for dm9601 usbnet driver
This patch for the linux-usb-devel tree adds two more
product ids to the dm9601 driver. These ids were found on
rebadged dm9601 devices in the wild.

Signed-off-by: Jon Dowland <jon@alcopop.org>
Acked-by: Peter Korsgaard <jacmet@sunsite.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-19 13:22:18 -07:00
Jim Radford
521b85ae66 USB: fix usb-serial regression
This patch reverts d9a7ecacac since it
breaks drivers that need to access the ->port[] array in shutdown
(most of them).

Signed-Off: Jim Radford <radford@blackbean.org>
Acked-by: Mark Lord <mlord@pobox.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-19 13:22:18 -07:00
Alessandro Zummo
282c6b9c7a pata_ixp4xx_cf: fix interrupt
As per compact flash specifications, the default
 irq mode upon cf insertion is pulse mode. this patch fixes
 the driver to cope with that.

Signed-off-by: Alessandro Zummo <a.zummo@towertech.it>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
2007-03-19 11:58:01 -04:00
Tejun Heo
2ab302b357 pata_ixp4xx_cf: fix oops on detach
pata_ixp4xx_cf dodged dont-clear-drvdata-in-LLD bombing run as it used
platform_set_drvdata() instead of dev_set_drvdata().  This causes OOPS
on devres host release.  Kill it.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
2007-03-19 11:56:59 -04:00
Randy Dunlap
cc261267df libata: kernel-doc fix
Warning(linux-2621-rc3g7/drivers/ata/libata-core.c:842): No description found for parameter 'unknown'

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
2007-03-19 11:56:59 -04:00
Tejun Heo
e1251d0145 sata_inic162x: kill double region requests
Regions are requested twice during initialization causing the second
one to fail.  This is regression introduced during iomap conversion.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
2007-03-19 11:56:59 -04:00
Akira Iguchi
aeb9362a48 drivers/ata/Kconfig: PATA_SCC depends on wrong platform
PATA_SCC depends on PPC_CELLEB. (not PPC_IBM_CELL_BLADE)

Signed-off-by: Kou Ishizaki <kou.ishizaki@toshiba.co.jp>
Signed-off-by: Akira Iguchi <akira2.iguchi@toshiba.co.jp>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
2007-03-19 11:56:59 -04:00
Jamie Clark
722d67b620 sata_sil24: Add Adaptec 1220SA PCI ID
Add Adaptec 1220SA (SIL3132) to devices claimed by sata_sil24
Patch generated against 2.6.20.2

Signed-off-by: Jamie Clark <jclark@metaparadigm.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
2007-03-19 11:56:59 -04:00
Tejun Heo
4aa9ab67fb libata: don't whine if ->prereset() returns -ENOENT
->prereset() returns -ENOENT to tell libata that the port is empty and
reset sequencing should be stopped.  This is not an error condition.
Update ata_eh_reset() such that it sets device classes to ATA_DEV_NONE
and return success in on -ENOENT.  This makes spurious error message
go away.

Signed-off-by: Tejun Heo <htejun@gmail.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
2007-03-19 11:55:43 -04:00
Ralph Wuerthner
43a867a2d2 [S390] zcrypt: fix possible race when unloading zcrypt driver modules
Move try_module_get() call into spin protected block to prevent zcrypt
driver module unload while submitting a request to driver.

Signed-off-by: Ralph Wuerthner <rwuerthn@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2007-03-19 13:19:19 +01:00
Ralph Wuerthner
cf352ce0b9 [S390] zcrypt: fix possible dead lock in AP bus module
AP bus module uses bus_for_each_dev() in software interrupt context to
poll for completed requests which might cause dead locks. Solution: use
private AP device list for polling in software interrupt context.

Signed-off-by: Ralph Wuerthner <rwuerthn@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2007-03-19 13:19:14 +01:00
Heiko Carstens
fb1c171992 [S390] Wire up sys_utimes.
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2007-03-19 13:19:07 +01:00
Michael Holzheu
fbb04f38cf [S390] reboot from and dump to SCSI under z/VM fails.
We used wrong length values for ipl and dump hardware structures.
Since z/VM checks the ipl parameters more accurately than LPAR,
the operations fail there.

Signed-off-by: Michael Holzheu <holzheu@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2007-03-19 13:19:03 +01:00
Heiko Carstens
10c16a37e3 [S390] Wire up compat_sys_epoll_pwait.
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2007-03-19 13:18:56 +01:00
Jean Delvare
20cb9e79b9 [S390] strlcpy is smart enough
strlcpy already accounts for the trailing zero in its length
computation, so there is no need to substract one to the buffer size.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2007-03-19 13:18:53 +01:00
Heiko Carstens
257c6e1ce8 [S390] memory detection: fix off by one bug.
diag 260 returns the address of the last addressable byte and not the
size of memory. Since we want the size we have to add 1 to the return
value.
Disable diag 260 for non z/Arch mode since it doesn't work there
anyway.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2007-03-19 13:18:50 +01:00
Ursula Braun
dcc49d460c [S390] cio: qdio slsb setup
Make sure set_slsb problems are handled correctly in
qdio_do_qdio_fill_input() and qdio_do_qdio_fill_output.

Signed-off-by: Ursula Braun <braunu@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2007-03-19 13:18:12 +01:00
Linus Torvalds
fbeb1f1922 Merge master.kernel.org:/pub/scm/linux/kernel/git/lethal/sh-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/lethal/sh-2.6:
  serial: Fix sh-sci break interrupt/sysrq handling.
  sh: Fix bogus regs pointer in do_IRQ().
  sh: Fix SH-3 cache entry_mask and way_size calculation.
  sh: Convert struct ioctls to static defines.
  sh: Define missing __NR_readahead.
  sh: Fix PCI BAR address-space wraparound.
2007-03-18 16:07:27 -07:00
Ralf Baechle
5851fadce8 [PATCH] Fix build error due to not including <linux/errno.h>
Since d9a9cdfb07 <linux/sysfs.h> is using
ENOSYS without including <linux/errno.h> if CONFIG_SYSFS is disabled.

Fixed by including <linux/errno.h>.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-03-18 13:40:06 -07:00
Eric W. Biederman
d9c1e9a8ff [PATCH] tty: Fix two reported pid leaks
These leaks were reported by: Catalin Marinas <catalin.marians@gmail.com>
and I have been able to very by inspection they are possible.

When converting tty_io.c to store pids as struct pid pointers instead
of pid_t values it appears I overlooked two places where we stop using
the pid value.  The very obvious one is in do_tty_hangup, and the one
the less obvious one in __proc_set_tty.

When looking into the code __proc_set_tty only has pids that need to
be put because of failures of other parts of the code to properly
perform hangup processing.   Fixing the leak here in __proc_set_tty
is easy and obviously correct so I am doing that first.

Fixing the places that should be performing hangup processing is much
less obviously correct.  So those I'm aiming those patches at -mm.
for now, so the can age a while before they are merged.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-03-18 13:40:06 -07:00
David Brownell
aeb3f6d10e [PATCH] gpio_direction_output-needs-an-initial-value fix
Build fix:  sa1100/generic.c should already have included <asm/gpio.h>,
but it didn't ... causing a build problem with a recent patch.

Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Cc: Russell King <rmk@arm.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-03-18 11:35:08 -07:00
Thomas Gleixner
ca1b940ce6 [PATCH] i386: trust the PM-Timer calibration of the local APIC timer
When PM-Timer is available for local APIC timer calibration we can skip the
verification of the calibrated time value.  The resulting error is quite
small on a bunch of evaluated platforms and is less harming than the
observed false positives.

We need to keep the verification on systems, which have no PM-Timer to
avoid bogus local APIC timer calibrations in the range of factor 2-10,
which can be observed when swicthing off the PM-timer support in the kernel
configuration.

The wrong calibration values are probably caused by SMM code trying to
emulate a PS/2 keyboard from a (maybe connected or not) USB keyboard.  This
prohibits the accurate delivery of PIT interrupts, which are used to
calibrate the local APIC timer.  Unfortunately we have no way to disable
this BIOS misfeature in the early boot process.

Add also the dropped cpu_relax() back to the wait loops.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Ingo Molnar <mingo@elte.hu>
Acked-by: Andi Kleen <ak@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-03-18 11:35:08 -07:00
Mathieu Desnoyers
303cd1535f [PATCH] Fix atomicity of TIF update in flush_thread() for x86_64
Fix atomicity of TIF update in flush_thread() for x86_64

Race :

parent process executing :
sys_ptrace()
 (lock_kernel())
 (ptrace_get_task_struct(pid))
 arch_ptrace()
   ptrace_detach()
     ptrace_disable(child);
       clear_singlestep(child);
         clear_tsk_thread_flag(child, TIF_SINGLESTEP);
         (which clears the TIF_SINGLESTEP flag atomically from a different
	  process)
 (put_task_struct(child))
 (unlock_kernel())

And at the same time, in the child process :
sys_execve()
 do_execve()
   search_binary_handler()
     load_elf_binary()
       flush_old_exec()
         flush_thread()
           doing a non-atomic thread flag update

Signed-off-by: Rebecca Schultz <rschultz@google.com>
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca>
Acked-by: Andi Kleen <ak@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-03-18 11:35:08 -07:00