75144 Commits

Author SHA1 Message Date
H. Peter Anvin
cb57a2b4cf x86-32: Export kernel_stack_pointer() for modules
Modules, in particular oprofile (and possibly other similar tools)
need kernel_stack_pointer(), so export it using EXPORT_SYMBOL_GPL().

Cc: Yang Wei <wei.yang@windriver.com>
Cc: Robert Richter <robert.richter@amd.com>
Cc: Jun Zhang <jun.zhang@intel.com>
Cc: <stable@vger.kernel.org>
Link: http://lkml.kernel.org/r/20120912135059.GZ8285@erda.amd.com
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2012-11-20 22:23:23 -08:00
Robert Richter
1022623842 x86-32: Fix invalid stack address while in softirq
In 32 bit the stack address provided by kernel_stack_pointer() may
point to an invalid range causing NULL pointer access or page faults
while in NMI (see trace below). This happens if called in softirq
context and if the stack is empty. The address at &regs->sp is then
out of range.

Fixing this by checking if regs and &regs->sp are in the same stack
context. Otherwise return the previous stack pointer stored in struct
thread_info. If that address is invalid too, return address of regs.

 BUG: unable to handle kernel NULL pointer dereference at 0000000a
 IP: [<c1004237>] print_context_stack+0x6e/0x8d
 *pde = 00000000
 Oops: 0000 [#1] SMP
 Modules linked in:
 Pid: 4434, comm: perl Not tainted 3.6.0-rc3-oprofile-i386-standard-g4411a05 #4 Hewlett-Packard HP xw9400 Workstation/0A1Ch
 EIP: 0060:[<c1004237>] EFLAGS: 00010093 CPU: 0
 EIP is at print_context_stack+0x6e/0x8d
 EAX: ffffe000 EBX: 0000000a ECX: f4435f94 EDX: 0000000a
 ESI: f4435f94 EDI: f4435f94 EBP: f5409ec0 ESP: f5409ea0
  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
 CR0: 8005003b CR2: 0000000a CR3: 34ac9000 CR4: 000007d0
 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
 DR6: ffff0ff0 DR7: 00000400
 Process perl (pid: 4434, ti=f5408000 task=f5637850 task.ti=f4434000)
 Stack:
  000003e8 ffffe000 00001ffc f4e39b00 00000000 0000000a f4435f94 c155198c
  f5409ef0 c1003723 c155198c f5409f04 00000000 f5409edc 00000000 00000000
  f5409ee8 f4435f94 f5409fc4 00000001 f5409f1c c12dce1c 00000000 c155198c
 Call Trace:
  [<c1003723>] dump_trace+0x7b/0xa1
  [<c12dce1c>] x86_backtrace+0x40/0x88
  [<c12db712>] ? oprofile_add_sample+0x56/0x84
  [<c12db731>] oprofile_add_sample+0x75/0x84
  [<c12ddb5b>] op_amd_check_ctrs+0x46/0x260
  [<c12dd40d>] profile_exceptions_notify+0x23/0x4c
  [<c1395034>] nmi_handle+0x31/0x4a
  [<c1029dc5>] ? ftrace_define_fields_irq_handler_entry+0x45/0x45
  [<c13950ed>] do_nmi+0xa0/0x2ff
  [<c1029dc5>] ? ftrace_define_fields_irq_handler_entry+0x45/0x45
  [<c13949e5>] nmi_stack_correct+0x28/0x2d
  [<c1029dc5>] ? ftrace_define_fields_irq_handler_entry+0x45/0x45
  [<c1003603>] ? do_softirq+0x4b/0x7f
  <IRQ>
  [<c102a06f>] irq_exit+0x35/0x5b
  [<c1018f56>] smp_apic_timer_interrupt+0x6c/0x7a
  [<c1394746>] apic_timer_interrupt+0x2a/0x30
 Code: 89 fe eb 08 31 c9 8b 45 0c ff 55 ec 83 c3 04 83 7d 10 00 74 0c 3b 5d 10 73 26 3b 5d e4 73 0c eb 1f 3b 5d f0 76 1a 3b 5d e8 73 15 <8b> 13 89 d0 89 55 e0 e8 ad 42 03 00 85 c0 8b 55 e0 75 a6 eb cc
 EIP: [<c1004237>] print_context_stack+0x6e/0x8d SS:ESP 0068:f5409ea0
 CR2: 000000000000000a
 ---[ end trace 62afee3481b00012 ]---
 Kernel panic - not syncing: Fatal exception in interrupt

V2:
* add comments to kernel_stack_pointer()
* always return a valid stack address by falling back to the address
  of regs

Reported-by: Yang Wei <wei.yang@windriver.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Robert Richter <robert.richter@amd.com>
Link: http://lkml.kernel.org/r/20120912135059.GZ8285@erda.amd.com
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Cc: Jun Zhang <jun.zhang@intel.com>
2012-11-20 22:23:20 -08:00
Linus Torvalds
99b6e1e723 Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc
Pull missed powerpc fixes from Benjamin Herrenschmidt:
 "Here are small 52xx fixes that Anatolij asked me to pull a while back
  and that I completely missed.  The stuff is local to that platform
  code, and was in next for a while, so it should still go into 3.7."

* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc:
  powerpc/mpc5200: move lpbfifo node and fix its interrupt property
  powerpc: 52xx: nop out unsupported critical IRQs
  powerpc/pcm030: add pcm030-audio-fabric to dts
2012-11-20 18:53:26 -10:00
Benjamin Herrenschmidt
d6dc24613c Merge remote-tracking branch 'agust/merge' into merge
Anatolij 52xx updates:

Patch for pcm030 device tree fixing the probe() in pcm030-audio-fabric
driver. Changes to this driver have been merged in 3.7-rc1 via ASoC
tree, but this required device tree patch was submitted separately to
the linux-ppc list and is still missing in mainline. Without this patch
the probe() in pcm030-audio-fabric driver wrongly returns -ENODEV.

A patch from Wolfram fixing wrong invalid critical irq warnings for
all mpc5200 boards.

Another patch for all mpc5200 device trees fixing wrong L1 cell in
the LPB FIFO interrupt property and moving the LPB FIFO node to the
common mpc5200b.dtsi file so that this common node will be present
in all mpc5200 device trees.
2012-11-21 13:24:49 +11:00
H. Peter Anvin
c1ddb48204 Merge commit 'efi-for-3.7-v2' into x86/urgent 2012-11-20 16:49:15 -08:00
Matt Fleming
0f905a43ce x86, efi: Fix processor-specific memcpy() build error
Building for Athlon/Duron/K7 results in the following build error,

arch/x86/boot/compressed/eboot.o: In function `__constant_memcpy3d':
eboot.c:(.text+0x385): undefined reference to `_mmx_memcpy'
arch/x86/boot/compressed/eboot.o: In function `efi_main':
eboot.c:(.text+0x1a22): undefined reference to `_mmx_memcpy'

because the boot stub code doesn't link with the kernel proper, and
therefore doesn't have access to the 3DNow version of memcpy. So,
follow the example of misc.c and #undef memcpy so that we use the
version provided by misc.c.

See https://bugzilla.kernel.org/show_bug.cgi?id=50391

Reported-by: Al Viro <viro@zeniv.linux.org.uk>
Reported-by: Ryan Underwood <nemesis@icequake.net>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: stable@vger.kernel.org
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
2012-11-20 20:52:07 +00:00
Cesar Eduardo Barros
caaa8c6339 x86: remove dummy long from EFI stub
Commit 2e064b1 (x86, efi: Fix issue of overlapping .reloc section for
EFI_STUB) removed a dummy reloc added by commit 291f363 (x86, efi: EFI
boot stub support), but forgot to remove the dummy long used by that
reloc.

Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Tested-by: Lee G Rosenbaum <lee.g.rosenbaum@intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Signed-off-by: Cesar Eduardo Barros <cesarb@cesarb.net>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
2012-11-20 20:17:48 +00:00
Bartlomiej Zolnierkiewicz
91280e755a ARM: EXYNOS: PL330 MDMA1 fix for revision 0 of Exynos4210 SOC
Commit 8214513 ("ARM: EXYNOS: fix address for EXYNOS4 MDMA1")
changed EXYNOS specific setup of PL330 DMA engine to use 'non-secure'
mdma1 address instead of 'secure' one (from 0x12840000 to 0x12850000)
to fix issue with some Exynos4212 SOCs.  Unfortunately it brakes
PL330 setup for revision 0 of Exynos4210 SOC (mdma1 device cannot
be found at 'non-secure' address):

[    0.566245] dma-pl330 dma-pl330.2: PERIPH_ID 0x0, PCELL_ID 0x0 !
[    0.566278] dma-pl330: probe of dma-pl330.2 failed with error -22

Fix it by using 'secure' mdma1 address on Exynos4210 revision 0 SOC.

Reviewed-by: Tomasz Figa <t.figa@samsung.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
Signed-off-by: Kukjin Kim <kgene.kim@samsung.com>
2012-11-20 20:39:39 +09:00
Lad, Prabhakar
e37212aa5d ARM: davinci: dm644x: fix out range signal for ED
Fix the video clock setting when custom timings are used with
pclock <= 27MHz. Existing video clock selection uses PLL2 mode
which results in a 54MHz clock whereas using the MXI mode results
in a 27MHz clock (which is the one actually desired).

This bug affects the Enhanced Definition (ED) support on DM644x.
Without this patch, out-range signals errors are were observed on
the TV when viewing ED. An out-of-range signal is often caused when
the field rate is above the rate that the television will handle.

Signed-off-by: Lad, Prabhakar <prabhakar.lad@ti.com>
Signed-off-by: Manjunath Hadli <manjunath.hadli@ti.com>
Cc: Sekhar Nori <nsekhar@ti.com>
[nsekhar@ti.com: reword commit message based on on-list discussion]
Signed-off-by: Sekhar Nori <nsekhar@ti.com>
2012-11-19 13:07:39 +05:30
Al Viro
fae2ae2a90 sparc64: not any error from do_sigaltstack() should fail rt_sigreturn()
If a signal handler is executed on altstack and another signal comes,
we will end up with rt_sigreturn() on return from the second handler
getting -EPERM from do_sigaltstack().  It's perfectly OK, since we
are not asking to change the settings; in fact, they couldn't have been
changed during the second handler execution exactly because we'd been
on altstack all along.  64bit sigreturn on sparc treats any error from
do_sigaltstack() as "SIGSEGV now"; we need to switch to the same semantics
we are using on other architectures.

Cc: stable@vger.kernel.org
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-18 22:27:03 -05:00
Linus Torvalds
8d938105e4 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull misc VFS fixes from Al Viro:
 "Remove a bogus BUG_ON() that can trigger spuriously + alpha bits of
  do_mount() constification I'd missed during the merge window."

This pull request came in a week ago, I missed it for some reason.

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
  kill bogus BUG_ON() in do_close_on_exec()
  missing const in alpha callers of do_mount()
2012-11-18 09:13:48 -10:00
Andreas Schwab
34fa78b59c m68k: fix sigset_t accessor functions
The sigaddset/sigdelset/sigismember functions that are implemented with
bitfield insn cannot allow the sigset argument to be placed in a data
register since the sigset is wider than 32 bits.  Remove the "d"
constraint from the asm statements.

The effect of the bug is that sending RT signals does not work, the signal
number is truncated modulo 32.

Signed-off-by: Andreas Schwab <schwab@linux-m68k.org>
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: stable@vger.kernel.org
2012-11-18 10:32:16 +01:00
Linus Torvalds
51844b0f04 Merge git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull KVM fix from Marcelo Tosatti:
 "A correction for oops on module init with older Intel hosts."

* git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: x86: Fix invalid secondary exec controls in vmx_cpuid_update()
2012-11-16 16:49:10 -08:00
Linus Torvalds
0cad3ff404 Merge branch 'akpm' (Fixes from Andrew)
Merge misc fixes from Andrew Morton.

* emailed patches from Andrew Morton <akpm@linux-foundation.org>: (12 patches)
  revert "mm: fix-up zone present pages"
  tmpfs: change final i_blocks BUG to WARNING
  tmpfs: fix shmem_getpage_gfp() VM_BUG_ON
  mm: highmem: don't treat PKMAP_ADDR(LAST_PKMAP) as a highmem address
  mm: revert "mm: vmscan: scale number of pages reclaimed by reclaim/compaction based on failures"
  rapidio: fix kernel-doc warnings
  swapfile: fix name leak in swapoff
  memcg: fix hotplugged memory zone oops
  mips, arc: fix build failure
  memcg: oom: fix totalpages calculation for memory.swappiness==0
  mm: fix build warning for uninitialized value
  mm: add anon_vma_lock to validate_mm()
2012-11-16 15:26:38 -08:00
Andrew Morton
5576646f3c revert "mm: fix-up zone present pages"
Revert commit 7f1290f2f2a4 ("mm: fix-up zone present pages")

That patch tried to fix a issue when calculating zone->present_pages,
but it caused a regression on 32bit systems with HIGHMEM.  With that
change, reset_zone_present_pages() resets all zone->present_pages to
zero, and fixup_zone_present_pages() is called to recalculate
zone->present_pages when the boot allocator frees core memory pages into
buddy allocator.  Because highmem pages are not freed by bootmem
allocator, all highmem zones' present_pages becomes zero.

Various options for improving the situation are being discussed but for
now, let's return to the 3.6 code.

Cc: Jianguo Wu <wujianguo@huawei.com>
Cc: Jiang Liu <jiang.liu@huawei.com>
Cc: Petr Tesarik <ptesarik@suse.cz>
Cc: "Luck, Tony" <tony.luck@intel.com>
Cc: Mel Gorman <mel@csn.ul.ie>
Cc: Yinghai Lu <yinghai@kernel.org>
Cc: Minchan Kim <minchan.kim@gmail.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: David Rientjes <rientjes@google.com>
Tested-by: Chris Clayton <chris2553@googlemail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-11-16 14:33:04 -08:00
David Rientjes
18f694271b mips, arc: fix build failure
Using a cross-compiler to fix another issue, the following build error
occurred for mips defconfig:

  arch/mips/fw/arc/misc.c: In function 'ArcHalt':
  arch/mips/fw/arc/misc.c:25:2: error: implicit declaration of function 'local_irq_disable'

Fix it up by including irqflags.h.

Signed-off-by: David Rientjes <rientjes@google.com>
Cc: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-11-16 14:33:04 -08:00
Takashi Iwai
29282fde80 KVM: x86: Fix invalid secondary exec controls in vmx_cpuid_update()
The commit [ad756a16: KVM: VMX: Implement PCID/INVPCID for guests with
EPT] introduced the unconditional access to SECONDARY_VM_EXEC_CONTROL,
and this triggers kernel warnings like below on old CPUs:

    vmwrite error: reg 401e value a0568000 (err 12)
    Pid: 13649, comm: qemu-kvm Not tainted 3.7.0-rc4-test2+ #154
    Call Trace:
     [<ffffffffa0558d86>] vmwrite_error+0x27/0x29 [kvm_intel]
     [<ffffffffa054e8cb>] vmcs_writel+0x1b/0x20 [kvm_intel]
     [<ffffffffa054f114>] vmx_cpuid_update+0x74/0x170 [kvm_intel]
     [<ffffffffa03629b6>] kvm_vcpu_ioctl_set_cpuid2+0x76/0x90 [kvm]
     [<ffffffffa0341c67>] kvm_arch_vcpu_ioctl+0xc37/0xed0 [kvm]
     [<ffffffff81143f7c>] ? __vunmap+0x9c/0x110
     [<ffffffffa0551489>] ? vmx_vcpu_load+0x39/0x1a0 [kvm_intel]
     [<ffffffffa0340ee2>] ? kvm_arch_vcpu_load+0x52/0x1a0 [kvm]
     [<ffffffffa032dcd4>] ? vcpu_load+0x74/0xd0 [kvm]
     [<ffffffffa032deb0>] kvm_vcpu_ioctl+0x110/0x5e0 [kvm]
     [<ffffffffa032e93d>] ? kvm_dev_ioctl+0x4d/0x4a0 [kvm]
     [<ffffffff8117dc6f>] do_vfs_ioctl+0x8f/0x530
     [<ffffffff81139d76>] ? remove_vma+0x56/0x60
     [<ffffffff8113b708>] ? do_munmap+0x328/0x400
     [<ffffffff81187c8c>] ? fget_light+0x4c/0x100
     [<ffffffff8117e1a1>] sys_ioctl+0x91/0xb0
     [<ffffffff815a942d>] system_call_fastpath+0x1a/0x1f

This patch adds a check for the availability of secondary exec
control to avoid these warnings.

Cc: <stable@vger.kernel.org> [v3.6+]
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2012-11-16 20:25:18 -02:00
Linus Torvalds
f4bcd79c88 ARM: SoC fixes for 3.7
We've been sitting on this longer than we meant to due to travel and
 other activities, but the number of patches is luckily not that high.
 
 Biggest changes are from a batch of OMAP bugfixes, but there are a
 few for the broader set of SoCs too (bcm2835, pxa, highbank, tegra,
 at91 and i.MX).
 
 The OMAP patches contain some fixes for MUSB/PHY on omap4 which
 ends up being a bit on the large side but needed for legacy (non-DT)
 platforms. Beyond that there are a handful of hwmod/pm changes.
 
 So, fairly noncontroversial stuff all in all, and as usual around this
 time the fixes are well targeted at specific problems.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJQpmQOAAoJEIwa5zzehBx37+YP/jzcKS1pU5Wf73GYIUcCPqO0
 iRwLziexucUkWXnqIIPLedUJ8Dze/8q1tSTnQ7/JSXy9SYtJf651aj5OAo8w/cXO
 d58+y1S+VTsFHbppKfQHbGpYq2n2f4PPvrL24ftp40OmomVl/ktqOB4fDN1/YuAw
 lfTeo0v8MNfyVni5ij21rCNS17IC0Tl4Mfth8zIILWe6qdqajpla7CoO7ppmUM08
 OAPi6NJL/l8vqfqNtGuk2x9cOca0jY1rdib/rfrL1LxrtLT//NP0d6h+wKaSxLWm
 Qvr9nAsnmZNV0pFnYjVxfSMwM6Gf2SBh0QG3lF0akwfe3bEXqfnG5muAtWEhpTlt
 MVx54UgKSWVBgfBH8/SsDkJ3UydxNO5XjHz9YOix1Sj390J2zpP3E24Y0vmYYaNn
 c2seHeH4SckMZ1mddZgy1NT8y7/zaXQ2OSRLyVigJ9wjKmduuOW013BpKUlHFI9E
 Uzh1GLpWe2Cwl3wKWlHRlhgp0NzpWEHhrPW254rOfai8P9xeFMMQH8eqUlSWZbDN
 GAzqUWZ4/F6NxPV1GPrVCZjrA9IYKKtZ5GkPwC1FibC9Kfyb0rp9kr7KM4mzWUY3
 7MxpFatMS4rdbJk5lXCQ1+EIIWF6xdNbURCyMAnoiaowMzdv+LkfBIW+17fDPDgI
 WAu7+QCKTQd+i/bvMsKh
 =aKWl
 -----END PGP SIGNATURE-----

Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM SoC fixes from Olof Johansson:
 "We've been sitting on this longer than we meant to due to travel and
  other activities, but the number of patches is luckily not that high.

  Biggest changes are from a batch of OMAP bugfixes, but there are a few
  for the broader set of SoCs too (bcm2835, pxa, highbank, tegra, at91
  and i.MX).

  The OMAP patches contain some fixes for MUSB/PHY on omap4 which ends
  up being a bit on the large side but needed for legacy (non-DT)
  platforms.  Beyond that there are a handful of hwmod/pm changes.

  So, fairly noncontroversial stuff all in all, and as usual around this
  time the fixes are well targeted at specific problems."

* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
  ARM: imx: ehci: fix host power mask bit
  ARM i.MX: fix error-valued pointer dereference in clk_register_gate2()
  ARM: at91/usbh: fix overcurrent gpio setup
  ARM: at91/AT91SAM9G45: fix crypto peripherals irq issue due to sparse irq support
  ARM: boot: Fix usage of kecho
  ARM: OMAP: ocp2scp: create omap device for ocp2scp
  ARM: OMAP4: add _dev_attr_ to ocp2scp for representing usb_phy
  drivers: bus: ocp2scp: add pdata support
  irqchip: irq-bcm2835: Add terminating entry for of_device_id table
  ARM: highbank: retry wfi on reset request
  ARM: OMAP4: PM: fix regulator name for VDD_MPU
  ARM: OMAP4: hwmod data: do not enable or reset the McPDM during kernel init
  ARM: OMAP2+: hwmod: add flag to prevent hwmod code from touching IP block during init
  ARM: dt: tegra: fix length of pad control and mux registers
  ARM: OMAP: hwmod: wait for sysreset complete after enabling hwmod
  ARM: OMAP2+: clockdomain: Fix OMAP4 ISS clk domain to support only SWSUP
  ARM: pxa/spitz_pm: Fix hang when resuming from STR
  ARM: pxa: hx4700: Fix backlight PWM device number
  ARM: OMAP2+: PM: add missing newline to VC warning message
2012-11-16 10:08:45 -08:00
Linus Torvalds
5a0c02ba1a AArch64 page permission bug fix. Without this fix, the CPU speculatively
accesses the interrupt controller memory causing random IRQ acknowledge.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.9 (GNU/Linux)
 
 iQIcBAABAgAGBQJQpmOeAAoJEGvWsS0AyF7xciUP/3Z9mQ7KYzD4zwg04HKjZTjL
 UmtZctjhtGCDh06gTMM31ZnzlEWZLAstnLtZn07SJmrNfEUbivWbWPsea2vHJV4h
 T6x2TZoRjHgjTKM1gOSGCbXq3Ryz4+4j30PCGybfRSUImwBGSGfG6UfEtRNFOd3E
 UjPca+ePCLMB1/Y7KHU+XICWKFVajwy3VtqmRkX+xvrfzgUCFElSNPazCPKch0Ql
 bIWG0rYBL7Na0Z/uhPElCE0OgZrg/JDnTJbKGFbO9V3SMos5is0ipQq3u11eTtiV
 kXvS0RKbBWLf23QSkOjI/ja5fwn/C9uTxb8GWVPEf4jLPC/agvv01v+noaTFOh79
 jx/MuWaeGYNXQrwyTqD47pNjDDIpJBT6iaSDJWBysfcoSZHcy1BRBG/J+HkiWRAP
 v8nBgHg4AEDwrCJzyFsh5J2mNUDBnZ4AyUzcM/VbaBFIC788dgbm4Fy+jsilj72B
 6jkfm5oLVDNZa4Xz97od8PqlBZPq7tfSh8diUCJ9z8Ses3i94fFzE09YRrLV4JbQ
 GRZPt0e92O1hF3DaD+u18XrrzPVAjPNuaUT+yQ1a3Ov780mnijx02BNfinVAw3uU
 Ia4R+u8Pbu69kiGQxHQMqvh0/2/N/HfShrRdP5WrkfPq6+do+tflCjD7oqDnnuK3
 jyji0z0PFm13kNeqXSDA
 =Ak+r
 -----END PGP SIGNATURE-----

Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/cmarinas/linux-aarch64

Pull arm64 bugfix from Catalin Marinas:
 "Arm64 page permission bug fix.

  Without this fix, the CPU speculatively accesses the interrupt
  controller memory causing random IRQ acknowledge."

* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/cmarinas/linux-aarch64:
  arm64: Distinguish between user and kernel XN bits
2012-11-16 08:32:07 -08:00
Catalin Marinas
8e620b0476 arm64: Distinguish between user and kernel XN bits
On AArch64, the meaning of the XN bit has changed to UXN (user). The PXN
(privileged) bit must be set to prevent kernel execution. Without the
PXN bit set, the CPU may speculatively access device memory. This patch
ensures that all the mappings that the kernel must not execute from
(including user mappings) have the PXN bit set.

Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2012-11-16 15:50:25 +00:00
Arnd Bergmann
6658d6a595 Two little fixes, one related to the move to sparse irq and
another one fixing the check of a GPIO for USB host overcurrent.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQEcBAABAgAGBQJQphQoAAoJEAf03oE53VmQDs0H/1SCQfdQY8iLNs+3WGYhGngG
 vMID1KWKmX6URrppi2gklr8weUoqYIVIA8I7+hLvr33tGrmSPRDrGV6vI5m0wAiJ
 nkDNAkcGJ6dh/hhotakjqqKLkNtD1xDdErHMOO77fAK811gQj1sVp+8S+UwDQUf7
 O1bbMpMar2/3c6cLb27GE7M4FrLwjmCnQxyQWyBrckPhPMzYNw3MbcW3CINXSYBY
 q/FtFX7nsl2cfPsz8M2KCB43SKZT/bizkPnnjA5QQDhUPlsyTQWdS2z1RAwP2SZn
 3WXoL4t4bNo1Ynusz416pB3djHqJwhxxWYxdMD91nIUXmmXkvIg+fWsdaNmaBI0=
 =wlxI
 -----END PGP SIGNATURE-----

Merge tag 'at91-fixes' of git://github.com/at91linux/linux-at91 into fixes

From Nicolas Ferre <nicolas.ferre@atmel.com>:

Two little fixes, one related to the move to sparse irq and
another one fixing the check of a GPIO for USB host overcurrent.

* tag 'at91-fixes' of git://github.com/at91linux/linux-at91:
  ARM: at91/usbh: fix overcurrent gpio setup
  ARM: at91/AT91SAM9G45: fix crypto peripherals irq issue due to sparse irq support

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2012-11-16 16:43:58 +01:00
Arnd Bergmann
57260e4088 ARM i.MX fixes for 3.7-rc
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIcBAABCAAGBQJQplk7AAoJEPFlmONMx+ezYSMP/2oG4bGXA3O0ktyTOC2VA63v
 VEoElBItx1ZdwKmVOMOQfH5IHHFUnOxrIBB27+67qr22/gfjlrUftpVMkiwpNhqP
 itYkPZWynkJ+1mZMpV7nJC9PEuyKdw5FKQJovsrsGYkwOfXfylx8kJWJH+zLwXRg
 wLcTsb33U+H+zyWz2TCLr8+SHEiepVcRrsBgjDp1PlIK1eMhZPztdQWVvD6zZjej
 vnB4ea+VUE8Q6HS7CwtBf++u97hsehD7ZZ1raEllhdiXi6SXtK0ARMKk0gSalQXU
 mg/tV2yU3blFZFFcebPG1Mdfow6E+5xzrboCJwB0X3LnkHkdBsUr5KA4AzqedDt9
 KmQqXj1vsLpDQaGMrT+icRkZmKgeBnNb84IxU69WJiEiStJeUNz7WWtGhmGcMn7L
 T9H33gaJbrYqcVj2NSiHP1XbHG0NKv79PgogzfPxQdR0oLXCVpFdw1cgy898bNFj
 Oche3MG1w9p2hTfDZbQpivJOSZWqh92ug8/yTPFR8EwoM6WHhROv13E1GdO22LF0
 QPQOcXtyiYsPlPB02rqpkfAC49At5o03i3IGcT5wn4wTbyEa8BQl5ZyDwAXg2ZAi
 MBMskQ2V4u5sbf8Ok0Vj7ji/OLgKz/k7D3IfQ6CyBaOtILIF6X96Mh+sWGsX82sj
 QTwkEhTr/Tgk5wtivn8i
 =3SGE
 -----END PGP SIGNATURE-----

Merge tag 'imx-fixes-rc' of git://git.pengutronix.de/git/imx/linux-2.6 into fixes

From Sascha Hauer <s.hauer@pengutronix.de>:

ARM i.MX fixes for 3.7-rc

* tag 'imx-fixes-rc' of git://git.pengutronix.de/git/imx/linux-2.6:
  ARM: imx: ehci: fix host power mask bit
  ARM i.MX: fix error-valued pointer dereference in clk_register_gate2()

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2012-11-16 16:42:59 +01:00
Linus Torvalds
62735e5231 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
Pull s390 patches from Martin Schwidefsky:
 "Some more bug fixes and a config change.

  The signal bug is nasty, if the clock_gettime vdso function is
  interrupted by a signal while in access-register-mode we end up with
  an endless signal loop until the signal stack is full.  The config
  change is for aligned struct pages, gives us 8% improvement with
  hackbench."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
  s390/3215: fix tty close handling
  s390/mm: have 16 byte aligned struct pages
  s390/gup: fix access_ok() usage in __get_user_pages_fast()
  s390/gup: add missing TASK_SIZE check to get_user_pages_fast()
  s390/topology: fix core id vs physical package id mix-up
  s390/signal: set correct address space control
2012-11-16 07:39:30 -08:00
Christoph Fritz
3d5e2abe6e ARM: imx: ehci: fix host power mask bit
This patch sets HPM (Host power mask bit) to bit 16 according to i.MX
Reference Manual. Falsely it was set to bit 8, but this controls pull-up
Impedance.

Reported-by: Michael Burkey <mdburkey@gmail.com>
Cc: Stable <stable@vger.kernel.org>
Signed-off-by: Christoph Fritz <chf.fritz@googlemail.com>
Acked-by: Eric Bénard <eric@eukrea.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
2012-11-16 15:55:05 +01:00
Wei Yongjun
ecf026dc34 ARM i.MX: fix error-valued pointer dereference in clk_register_gate2()
The error-valued pointer clk is used for the arg of kfree, it should be
kfree(gate) if clk_register() return ERR_PTR().

dpatch engine is used to auto generate this patch.
(https://github.com/weiyj/dpatch)

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
2012-11-16 15:53:57 +01:00
Johan Hovold
641f3ce64b ARM: at91/usbh: fix overcurrent gpio setup
Use gpio_is_valid also for overcurrent pins (which are currently
negative in many board files).

Signed-off-by: Johan Hovold <jhovold@gmail.com>
Acked-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Nicolas Ferre <nicolas.ferre@atmel.com>
2012-11-16 10:46:29 +01:00
Nicolas Royer
097965ee44 ARM: at91/AT91SAM9G45: fix crypto peripherals irq issue due to sparse irq support
Spare irq support introduced by commit 8fe82a5 (ARM: at91: sparse irq support)
involves to add the NR_IRQS_LEGACY offset to irq number.

Signed-off-by: Nicolas Royer <nicolas@eukrea.com>
Acked-by: Nicolas Ferre <nicolas.ferre@atmel.com>
Acked-by: Eric Bénard <eric@eukrea.com>
Tested-by: Eric Bénard <eric@eukrea.com>
Cc: stable@vger.kernel.org # 3.6
2012-11-16 10:41:51 +01:00
Linus Torvalds
c5e35d6c51 Git pull request for linus
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.10 (GNU/Linux)
 
 iQIbBAABAgAGBQJQnM18AAoJENFylnOm3dTbxh8P92lymakR2CUNk7pJINluS9ay
 fbXHor+2KS31gWD6M1oqtdH9KLsiqDBNraTiyQwhzC5i6XeNnABN3KW6tJmi6ntl
 p8q3ZjflmoW9tMziulUmFKQ1nuDG8ii4OnGj2CShcAVU7BCRJeqT905epV2jRf6V
 AL2TpdAkYAWpjYI9JLOWCzu3WWxYvnnaDXDTsbNYMGE77zHSkAP76Or9fKo4jcj4
 GORcgPumskB64W1RYqfGkvmhYCI5z0YaIVMTGLunrS+jXIbYsEsSyAP1zUudmkEI
 Mz/MQ3j8zyAXKGkGj2UW+LBs35T8UJeZVigkrieRS9trzWp9seNqx717CTVd1dro
 fwAj+pmeEYi1Z2NQ0DASBb/87t5QscWeeZU6k7FHhr1Ro84HJcZ16riknA3Zzd+i
 1kWup/TyeApY2uecAYHykK2LaxM4qrn62B9Lg/fl/iU5mrHsrm8hrcSkX7FhmdrR
 N+/TeCte6RZwZnm4ZmnQPrNctdBYdp1pCmfBZbQcdhsTBDs0+UkQBeANHnxQJxmf
 +y84SoC4O2V+LC+ee/zHc3DuaOwcTnAlrf7APYUGf8Y9pOGvT5E5LG8otVrzfyeT
 40YoN5fhddQfmKZksTvhTnBktg8eMr2MkBvg751qTgvX7zc7YpIvwc9T3k9fLy3M
 UAXx9XTmKGPLDPN1qvU=
 =de8m
 -----END PGP SIGNATURE-----

Merge tag 'for-linus' of git://github.com/gxt/linux

Pull unicore32 update from Guan Xuetao.

* tag 'for-linus' of git://github.com/gxt/linux:
  arch/unicore32: remove CONFIG_EXPERIMENTAL
  unicore32: switch to generic sys_execve()
  unicore32: switch to generic kernel_thread()/kernel_execve()
  unicore32: Use Kbuild infrastructure for kvm_para.h
  UAPI: (Scripted) Disintegrate arch/unicore32/include/asm
  UniCore32-bugfix: Remove definitions in asm/bug.h to solve difference between native and cross compiler
  UniCore32-bugfix: fix mismatch return value of __xchg_bad_pointer
  UniCore32 bugfix: add missed CONFIG_ZONE_DMA
  unicore32/mm/fault.c: Port OOM changes to do_pf
2012-11-15 11:34:45 -08:00
James Bottomley
949a05d034 [PARISC] fix virtual aliasing issue in get_shared_area()
On Thu, 2012-11-01 at 16:45 -0700, Michel Lespinasse wrote:
> Looking at the arch/parisc/kernel/sys_parisc.c implementation of
> get_shared_area(), I do have a concern though. The function basically
> ignores the pgoff argument, so that if one creates a shared mapping of
> pages 0-N of a file, and then a separate shared mapping of pages 1-N
> of that same file, both will have the same cache offset for their
> starting address.
>
> This looks like this would create obvious aliasing issues. Am I
> misreading this ? I can't understand how this could work good enough
> to be undetected, so there must be something I'm missing here ???

This turns out to be correct and we need to pay attention to the pgoff as
well as the address when creating the virtual address for the area.
Fortunately, the bug is rarely triggered as most applications which use pgoff
tend to use large values (git being the primary one, and it uses pgoff in
multiples of 16MB) which are larger than our cache coherency modulus, so the
problem isn't often seen in practise.

Reported-by: Michel Lespinasse <walken@google.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
2012-11-15 05:49:34 -08:00
Joonsoo Kim
ddd32b4289 x86, mm: Correct vmflag test for checking VM_HUGETLB
commit 611ae8e3f5204f7480b3b405993b3352cfa16662('enable tlb flush range
support for x86') change flush_tlb_mm_range() considerably. After this,
we test whether vmflag equal to VM_HUGETLB and it may be always failed,
because vmflag usually has other flags simultaneously.
Our intention is to check whether this vma is for hughtlb, so correct it
according to this purpose.

Signed-off-by: Joonsoo Kim <js1304@gmail.com>
Acked-by: Alex Shi <alex.shi@intel.com>
Link: http://lkml.kernel.org/r/1352740656-19417-1-git-send-email-js1304@gmail.com
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2012-11-14 15:03:20 -08:00
Linus Torvalds
f0c391131a Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus
Pull MIPS update from Ralf Baechle:
 "To avoid unnecessary risk and work the preemption fixes are combined
  with some preparatory work that isn't strictly required.  So it's
  really just 3 fixes:

   - Get is_compat_task() to do the right thing while simplifying it.
     The unnecessary complexity hid a rarely striking bug which could be
     triggered by ext3/ext4 under certain circumstances.
   - Resolve a preemption issue in the irqflags.h functions for kernels
     built to support pre-MIPS32 / pre-MIPS64 Release 2 processors.
   - Fix the interrupt number of the MIPS Malta's CBUS UART."

* 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus:
  MIPS: Malta: Fix interupt number of CBUS UART.
  MIPS: Make irqflags.h functions preempt-safe for non-mipsr2 cpus
  MIPS: Remove irqflags.h dependency from bitops.h
  MIPS: bitops.h: Change use of 'unsigned short' to 'int'
  MIPS: compat: Delete now unused TIF_32BIT.
  MIPS: compat: Implement is_compat_task() by testing for 32-bit address space.
  MIPS: compat: Fix use of TIF_32BIT_ADDR vs _TIF_32BIT_ADDR
2012-11-14 13:45:23 -08:00
Paul Walmsley
9aadd70aed Revert "ARM: OMAP: convert I2C driver to PM QoS for MPU latency constraints"
This reverts commit 3db11feffc1ad2ab9dea27789e6b5b3032827adc
(ARM: OMAP: convert I2C driver to PM QoS for MPU latency constraints).
This commit causes I2C timeouts to appear on several OMAP3430/3530-based
boards:

  http://marc.info/?l=linux-arm-kernel&m=135071372426971&w=2
  http://marc.info/?l=linux-arm-kernel&m=135067558415214&w=2
  http://marc.info/?l=linux-arm-kernel&m=135216013608196&w=2

and appears to have been sent for merging before one of its prerequisites
was merged:

  http://marc.info/?l=linux-arm-kernel&m=135219411617621&w=2

Signed-off-by: Paul Walmsley <paul@pwsan.com>
Acked-by: Jean Pihet <j-pihet@ti.com>
Signed-off-by: Wolfram Sang <w.sang@pengutronix.de>
2012-11-14 11:54:41 +01:00
Ingo Molnar
226f69a4b7 Fix problem in CMCI rediscovery code that was illegally
migrating worker threads to other cpus.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.11 (GNU/Linux)
 
 iQIcBAABAgAGBQJQkEqpAAoJEKurIx+X31iBZk0P/2h4IkLYz7DspI9gxVMXfMEm
 0lIWWIEaqAbOkFsi8VuGjlNrgU+7PabKs/2/++tfbq+hJdQYCCxyAKCGeWbdBw/R
 fUSTiyQYH84DEFySg6G1AJQwVB8nnRLNWm5wrUtMgX9/2E6D5dpFB0F301XLF+kg
 OMY7RaFPWJRiWwlOnWWnbY3czNMragaTAyHIudj7ZvsgwBNWw3bgGY/sjIjJ3yy5
 kyz0gYEsanOizSjT6Udr2MPFY2ol11co1MT6Ro4r7ORCvX2wSUTChUks2kZBzJ7l
 Jf9g22ymVlvAo2qsCs/DBzRwXw/Ck0MlUMH8QehvMPLD39yoBiUYDeEqRpadmsQE
 FLDyKBoxaH6nRzGCDJlTzD2FogHnChQaUtQ9nnyoSBNOjYt2lI8Dc3jEnXwWprim
 3P2giL10Gf4LRdHSjHZp/6+kXzbTKqNIs1qfSMPz0GDcujAmTYJ8edyHI7fme5So
 BgoSTBtjorxShNQjtg7fBVl3dp3oOnAFyOxDwToLUHWAVZKcXewQh5HkbgIawul4
 YoiAsveP2FBCKbJA2xBEbI2S3hMKgRauAvh33JNucgZOM7RqPwkCpiAARzbD6mpR
 tDNqhgXJZ+0F/3prIm4MzapaIivrlQ+LLxvVDTOYQtZyJi1Ba914zw+yUY2VMMHM
 IvWy1qsmB77XxhmvgWj5
 =tv13
 -----END PGP SIGNATURE-----

Merge tag 'please-pull-tangchen' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras into x86/urgent

Pull MCE fix from Tony Luck:

   "Fix problem in CMCI rediscovery code that was illegally
    migrating worker threads to other cpus."

Signed-off-by: Ingo Molnar <mingo@kernel.org>
2012-11-13 19:01:01 +01:00
Ralf Baechle
225ae5fd9a MIPS: Malta: Fix interupt number of CBUS UART.
The CBUS UART's interrupt number was wrong conflicting with the interrupt
being tied to the Intel PIIX4.  Since the PIIX4's interrupt is registered
before the CBUS UART which is not being used on most systems this would
not be noticed.

Attempts to open the ttyS2 CBUS UART would result in:

genirq: Flags mismatch irq 18. 00000000 (serial) vs. 00010000 (XT-PIC cascade)
serial_link_irq_chain: request failed: -16 for irq: 18

Qemu was written to match the kernel so will need to be fixed also.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2012-11-13 14:50:15 +01:00
Heiko Carstens
4bffbb3455 s390/mm: have 16 byte aligned struct pages
Select HAVE_ALIGNED_STRUCT_PAGE on s390, so that the slub allocator can make
use of compare and swap double for lockless updates. This increases the size
of struct page to 64 bytes (instead of 56 bytes), however the performance gain
justifies the increased size:

- now excactly four struct pages fit into a single cache line; the
  case that accessing a struct page causes two cache line loads
  does not exist anymore.
- calculating the offset of a struct page within the memmap array
  is only a simple shift instead of a more expensive multiplication.

A "hackbench 200 process 200" run on a 32 cpu system did show an 8% runtime
improvement.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2012-11-13 11:03:09 +01:00
Heiko Carstens
516bad44b9 s390/gup: fix access_ok() usage in __get_user_pages_fast()
access_ok() returns always "true" on s390. Therefore all access_ok()
invocations are rather pointless.
However when walking page tables we need to make sure that everything
is within bounds of the ASCE limit of the task's address space.
So remove the access_ok() call and add the same check we have in
get_user_pages_fast().

Reviewed-by: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2012-11-13 11:02:28 +01:00
Heiko Carstens
d55c4c613f s390/gup: add missing TASK_SIZE check to get_user_pages_fast()
When walking page tables we need to make sure that everything
is within bounds of the ASCE limit of the task's address space.
Otherwise we might calculate e.g. a pud pointer which is not
within a pud and dereference it.
So check against TASK_SIZE (which is the ASCE limit) before
walking page tables.

Reviewed-by: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Cc: stable@vger.kernel.org
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2012-11-13 11:02:26 +01:00
Linus Torvalds
9924a1992a Merge git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull KVM fix from Marcelo Tosatti:
 "A correction for user triggerable oops"

* git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: x86: invalid opcode oops on SET_SREGS with OSXSAVE bit set (CVE-2012-4461)
2012-11-12 17:37:53 -08:00
Petr Matousek
6d1068b3a9 KVM: x86: invalid opcode oops on SET_SREGS with OSXSAVE bit set (CVE-2012-4461)
On hosts without the XSAVE support unprivileged local user can trigger
oops similar to the one below by setting X86_CR4_OSXSAVE bit in guest
cr4 register using KVM_SET_SREGS ioctl and later issuing KVM_RUN
ioctl.

invalid opcode: 0000 [#2] SMP
Modules linked in: tun ip6table_filter ip6_tables ebtable_nat ebtables
...
Pid: 24935, comm: zoog_kvm_monito Tainted: G      D      3.2.0-3-686-pae
EIP: 0060:[<f8b9550c>] EFLAGS: 00210246 CPU: 0
EIP is at kvm_arch_vcpu_ioctl_run+0x92a/0xd13 [kvm]
EAX: 00000001 EBX: 000f387e ECX: 00000000 EDX: 00000000
ESI: 00000000 EDI: 00000000 EBP: ef5a0060 ESP: d7c63e70
 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Process zoog_kvm_monito (pid: 24935, ti=d7c62000 task=ed84a0c0
task.ti=d7c62000)
Stack:
 00000001 f70a1200 f8b940a9 ef5a0060 00000000 00200202 f8769009 00000000
 ef5a0060 000f387e eda5c020 8722f9c8 00015bae 00000000 ed84a0c0 ed84a0c0
 c12bf02d 0000ae80 ef7f8740 fffffffb f359b740 ef5a0060 f8b85dc1 0000ae80
Call Trace:
 [<f8b940a9>] ? kvm_arch_vcpu_ioctl_set_sregs+0x2fe/0x308 [kvm]
...
 [<c12bfb44>] ? syscall_call+0x7/0xb
Code: 89 e8 e8 14 ee ff ff ba 00 00 04 00 89 e8 e8 98 48 ff ff 85 c0 74
1e 83 7d 48 00 75 18 8b 85 08 07 00 00 31 c9 8b 95 0c 07 00 00 <0f> 01
d1 c7 45 48 01 00 00 00 c7 45 1c 01 00 00 00 0f ae f0 89
EIP: [<f8b9550c>] kvm_arch_vcpu_ioctl_run+0x92a/0xd13 [kvm] SS:ESP
0068:d7c63e70

QEMU first retrieves the supported features via KVM_GET_SUPPORTED_CPUID
and then sets them later. So guest's X86_FEATURE_XSAVE should be masked
out on hosts without X86_FEATURE_XSAVE, making kvm_set_cr4 with
X86_CR4_OSXSAVE fail. Userspaces that allow specifying guest cpuid with
X86_FEATURE_XSAVE even on hosts that do not support it, might be
susceptible to this attack from inside the guest as well.

Allow setting X86_CR4_OSXSAVE bit only if host has XSAVE support.

Signed-off-by: Petr Matousek <pmatouse@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
2012-11-12 21:16:45 -02:00
Fabio Estevam
2d4d07b97c ARM: boot: Fix usage of kecho
Since commit edc88ceb0 (ARM: be really quiet when building with 'make -s') the
following output is generated when building a kernel for ARM:

echo '  Kernel: arch/arm/boot/Image is ready'
  Kernel: arch/arm/boot/Image is ready
  Building modules, stage 2.
echo '  Kernel: arch/arm/boot/zImage is ready'
  Kernel: arch/arm/boot/zImage is ready

As per Documentation/kbuild/makefiles.txt the correct way of using kecho is
'@$(kecho)'.

Make this change so no more unwanted 'echo' messages are displayed.

Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2012-11-12 23:22:54 +01:00
Kevin Hilman
1ef43369c6 ARM: OMAP4: TWL: mux sys_drm_msecure as output for PMIC
On OMAP4 boards using the TWL6030 PMIC, the sys_drm_msecure is
connected to the MSECURE input of the TWL6030 PMIC.  This signal
controls the secure-mode operation of the PMIC.  If its not mux'd
correctly, some functionality of the PMIC will not be accessible since
the PMIC will be in secure mode.

For example, if the TWL RTC is in secure mode, most of its registers
are read-only, meaning (re)programming the RTC (e.g. for wakeup from
suspend) will fail.

To fix, ensure the signal is properly mux'd as output when TWL is
intialized.

This fix is required when using recent versions of u-boot (>= v2012.04.01)
since u-boot is no longer setting the default mux for this pin.

Signed-off-by: Kevin Hilman <khilman@ti.com>
Signed-off-by: Tony Lindgren <tony@atomide.com>
2012-11-12 14:11:47 -08:00
Arnd Bergmann
c9af5b76ef Minor OMAP PM and hwmod fixes for v3.7-rc series via
Kevin Hilman and Paul Walmsley.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIcBAABAgAGBQJQmXAHAAoJEBvUPslcq6Vz3GUP/RRDpRcsJUh0wQMA+MYDdPJf
 dVcYYczUPn7LCZEXsWVHiwOA0BxR+TQ1N7trUyGkj1cgGo3ImUatDHT9Czy1zZQs
 8fpb+2kkNoxhEeWkxYT6LZZ+RuwGfo6mruJSCX1ZCf8oblW8QqduNLjCJGViEc/J
 WFuuFb+ucSvqJWsD5L3Bma4/rkYhAx20MjoLWEh69WUUdVip1/YTZCT9ui7wRFin
 afvq2USSEacQBaPbY+rMOOJU13YK9pNLU5+kgiRyoQ63BIoI4Wl1smDa0NoyYoFO
 S8cIekRtXZQTUCp+r4IDz5ZTJ24Lu7ywMaawrQlHuKShxLaPTHJZAKSxcCg0pEdc
 gDj1FJ65PczSMryos6WR6M0kqInfJK8SGlGVUe9y3wV5kFKOrc/G3e1Vi8/xbBFn
 J9dkriQJ5Xf0w4VpfY4yy1TAQAWnHPunucFUMLKUXWwAnk4eSxRgz/zZBvj7xbey
 6oNre4W/fHXnF8YE1wLIsrqQJq9pOIQc9jz22/knjF0jjhQU1alFyJ6MhyINIH0o
 gJv1rO+VWfhsG/ECYd01E7ChG+9bATWjJpPHHB6brC24VLNgcDUlrJurvuGhNU8d
 5P+/6OKenBj+hHWuiWIpFY+jIkG9NRcq2QIPEkFVIvfDHZ34H5FTB89d1Kw3hLSX
 /0h4NvAA4aK8oJuItOhI
 =pyxl
 -----END PGP SIGNATURE-----

Merge tag 'omap-for-v3.7-rc4/fixes-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into fixes

From Tony Lindgren <tony@atomide.com>:

Minor OMAP PM and hwmod fixes for v3.7-rc series via
Kevin Hilman and Paul Walmsley.

* tag 'omap-for-v3.7-rc4/fixes-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
  ARM: OMAP4: PM: fix regulator name for VDD_MPU
  ARM: OMAP4: hwmod data: do not enable or reset the McPDM during kernel init
  ARM: OMAP2+: hwmod: add flag to prevent hwmod code from touching IP block during init
  ARM: OMAP: hwmod: wait for sysreset complete after enabling hwmod
  ARM: OMAP2+: clockdomain: Fix OMAP4 ISS clk domain to support only SWSUP
  ARM: OMAP2+: PM: add missing newline to VC warning message

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2012-11-12 22:41:39 +01:00
Arnd Bergmann
69178dfeb1 This series fixes an annoying regression to make MUSB working
on omap4 again. Although it's getting rather late for these
 changes for the -rc cycle, it is important as many devices
 are using MUSB for charging and connectivity.
 
 With the USB PHY changes, MUSB started using the newly added
 drivers/usb/phy/omap-usb2.c driver introduced by commit
 657b306a (usb: phy: add a new driver for omap usb2 phy)
 that is using the newly introduced drivers/bus/omap-ocp2scp.c
 introduced by commit 26a84b3e (drivers: bus: add a new driver
 for omap-ocp2scp).
 
 These changes allowed dropping a lot of PHY related code from
 arch/arm/mach-omap2/omap_phy_internal.c and have it live in
 the device driver like it should with commit c9e4412a (arm: omap:
 phy: remove unused functions from omap-phy-internal.c).
 
 However, MUSB on omap4 broke with these changes for legacy
 platform data boot, and now only works with device tree for
 omap4. Unfortunately we are still few critical bindings away
 from being able to make omap4 usbale with device tree.
 
 Fix the regression properly by adding platform data support
 to the ocp2scp driver so we can avoid adding back the driver
 code to arch/arm/mach-omap2.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQIcBAABAgAGBQJQmqakAAoJEBvUPslcq6VzBjcQANthvtvNsUrR3X3lB5GRwtIJ
 uGcOVqdrI9Y6seHQMqCiwa9JNlBHu+ABLYV4UGSNtHLAlaI+pilaqby7cUndFmBo
 O7FMPAK6EmrUqXewkQh3W3yx/JEy4zu7Kup5rK8p9kPBmqblrjdtfmlrIKjBBhbA
 4ZBQC82GSDg/UtLcVxjXgb2aJnLim5L2WU1drCSHgclyBWueg8ijFsTl9l7R9Zwh
 x6FV6DYHZyxFzvuXlB+83iZ1sJ6qpkD92hPe+Lj3jyxpW6+b6Mx5d/268743+Nde
 xzCxQ09JGYN+h/N+QX6SRhurHjlXGFwmAhYofdO+r7OdLrT12VHiOptRKh0N9DfX
 s1Mtk+X6f5iwKo8O//5DXkZPDLW8fI1GNs6QNsw71yM1mDP7tCamYUsSpLLJLcYo
 bB/O77HdQDWAWBOwbu+GY4eICTgh/Chj3LYe0Aic8F1jm8kzQm5CJMgxyAeMUrHX
 2O0yGUUIIqWkNdn/iluVHVs0nHwjfDZsRN4cAdMbjkqF4cJRkH2lIjrSSYlJxYmL
 cymFrkR0Evj2fmGXhEcX8pGgymlSp1Aj1tnaQ6I06XEjrlbtRpAsibniSx4OCcB2
 3sMZOpvmUYD/FecaZRatoOLQC6aNMY8ape0ghLFAklz1By7c2ytzGRQsoDqMoXql
 hl44QO9QKIYBYb2pPcDj
 =bbq5
 -----END PGP SIGNATURE-----

Merge tag 'omap-for-v3.7-rc4/musb-regression-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into fixes

From Tony Lindgren <tony@atomide.com>:

This series fixes an annoying regression to make MUSB working
on omap4 again. Although it's getting rather late for these
changes for the -rc cycle, it is important as many devices
are using MUSB for charging and connectivity.

With the USB PHY changes, MUSB started using the newly added
drivers/usb/phy/omap-usb2.c driver introduced by commit
657b306a (usb: phy: add a new driver for omap usb2 phy)
that is using the newly introduced drivers/bus/omap-ocp2scp.c
introduced by commit 26a84b3e (drivers: bus: add a new driver
for omap-ocp2scp).

These changes allowed dropping a lot of PHY related code from
arch/arm/mach-omap2/omap_phy_internal.c and have it live in
the device driver like it should with commit c9e4412a (arm: omap:
phy: remove unused functions from omap-phy-internal.c).

However, MUSB on omap4 broke with these changes for legacy
platform data boot, and now only works with device tree for
omap4. Unfortunately we are still few critical bindings away
from being able to make omap4 usbale with device tree.

Fix the regression properly by adding platform data support
to the ocp2scp driver so we can avoid adding back the driver
code to arch/arm/mach-omap2.

* tag 'omap-for-v3.7-rc4/musb-regression-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
  ARM: OMAP: ocp2scp: create omap device for ocp2scp
  ARM: OMAP4: add _dev_attr_ to ocp2scp for representing usb_phy
  drivers: bus: ocp2scp: add pdata support

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2012-11-12 17:19:29 +01:00
Heiko Carstens
658e5ce705 s390/topology: fix core id vs physical package id mix-up
The current topology code confuses core id vs physical package id.

In other words /sys/devices/system/cpu/cpuX/topology/core_id
displays the physical_package_id (aka socket id) instead of the
core id.
The physical_package_id sysfs attribute always displays "-1"
instead of the socket id.

Fix this mix-up with a small patch which defines and initializes
topology_physical_package_id correctly and fixes the broken
core id handling.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2012-11-12 16:24:38 +01:00
Martin Schwidefsky
fa968ee215 s390/signal: set correct address space control
If user space is running in primary mode it can switch to secondary
or access register mode, this is used e.g. in the clock_gettime code
of the vdso. If a signal is delivered to the user space process while
it has been running in access register mode the signal handler is
executed in access register mode as well which will result in a crash
most of the time.

Set the address space control bits in the PSW to the default for the
execution of the signal handler and make sure that the previous
address space control is restored on signal return. Take care
that user space can not switch to the kernel address space by
modifying the registers in the signal frame.

Cc: stable@vger.kernel.org
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2012-11-12 16:24:38 +01:00
Nicolas Pitre
2b6e204f84 ARM: 7572/1: proc-v6.S: fix comment
Signed-off-by: Nicolas Pitre <nico@linaro.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2012-11-12 10:01:12 +00:00
Josh Cartwright
6722df86ba ARM: 7570/1: quiet down the non make -s output
Commit edc88ceb0c7d285b9f58bc29a638cd8163b59989 silenced the make -s build, but
inadvertently made louder the non-silent build.  Fix by prepending '@' to each
of the added $(kecho) statements.

Build with edc88ceb0c7d285b9f58bc29a638cd8163b59989:

  CHK     include/generated/compile.h
echo '  Kernel: arch/arm/boot/Image is ready'
  Kernel: arch/arm/boot/Image is ready
  LD      arch/arm/boot/compressed/vmlinux
  OBJCOPY arch/arm/boot/zImage
echo '  Kernel: arch/arm/boot/zImage is ready'
  Kernel: arch/arm/boot/zImage is ready

Build with this fix:
  CHK     include/generated/compile.h
  Kernel: arch/arm/boot/Image is ready
  LD      arch/arm/boot/compressed/vmlinux
  OBJCOPY arch/arm/boot/zImage
  Kernel: arch/arm/boot/zImage is ready

Signed-off-by: Josh Cartwright <josh.cartwright@ni.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2012-11-12 10:00:45 +00:00
Linus Torvalds
2b1768f39a Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc
Pull sparc fixes from David Miller:
 "Several build/bug fixes for sparc, including:

  1) Configuring a mix of static vs.  modular sparc64 crypto modules
     didn't work, remove an ill-conceived attempt to only have to build
     the device match table for these drivers once to fix the problem.

     Reported by Meelis Roos.

  2) Make the montgomery multiple/square and mpmul instructions actually
     usable in 32-bit tasks.  Essentially this involves providing 32-bit
     userspace with a way to use a 64-bit stack when it needs to.

  3) Our sparc64 atomic backoffs don't yield cpu strands properly on
     Niagara chips.  Use pause instruction when available to achieve
     this, otherwise use a benign instruction we know blocks the strand
     for some time.

  4) Wire up kcmp

  5) Fix the build of various drivers by removing the unnecessary
     blocking of OF_GPIO when SPARC.

  6) Fix unintended regression wherein of_address_to_resource stopped
     being provided.  Fix from Andreas Larsson.

  7) Fix NULL dereference in leon_handle_ext_irq(), also from Andreas
     Larsson."

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc:
  sparc64: Fix build with mix of modular vs. non-modular crypto drivers.
  sparc: Support atomic64_dec_if_positive properly.
  of/address: sparc: Declare of_address_to_resource() as an extern function for sparc again
  sparc32, leon: Check for existent irq_map entry in leon_handle_ext_irq
  sparc: Add sparc support for platform_get_irq()
  sparc: Allow OF_GPIO on sparc.
  qlogicpti: Fix build warning.
  sparc: Wire up sys_kcmp.
  sparc64: Improvde documentation and readability of atomic backoff code.
  sparc64: Use pause instruction when available.
  sparc64: Fix cpu strand yielding.
  sparc64: Make montmul/montsqr/mpmul usable in 32-bit threads.
2012-11-10 21:58:34 +01:00
Linus Torvalds
487bda54d7 AArch64 kernel fixes:
- correct argument type (pgprot_t) when calling __ioremap()
 - PCI_IOBASE virtual address change
 - use architected event for CPU cycle counter
 - fix ELF core dumping
 - select CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION
 - missing completion for secondary CPU boot
 - booting on systems with all memory beyond 4GB
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.9 (GNU/Linux)
 
 iQIcBAABAgAGBQJQnTIQAAoJEGvWsS0AyF7xZEgP+wf6dEFzL+bt3sccyzjB0THu
 ir5y99EHN2vDQ74tiQK+SbSDV8zqXs4vgXK+osxz3ooQdU+Ep8JMUSGjRg8j72yj
 XcQBOxW5Hu79ArYJPaD8KMARBnk0QbnoRZyLGHXzVQgsLli+xpXoigmL2IlhElOh
 h+A5jpDfaoGCO9e6xVXp9s9GJ/Ho8uoXuIAeWvELP1kvixTT+c4oWn+iD+N9FA/C
 kiVFMZOHrJ6478se0uqqEktPeszF0vXTW84aTscA5xPA7R145tMJYPRQGhb2+QL1
 mC43Ya9KtONbr0REoQFca0w4bqSNRCv9fLtV/xizUI6mZImSF9ZQ+hAaqbBPrMZ+
 sx3ohZ8fri4rS5leGAd/bN88Xxue7GNHxo4auNGPxrbMzb7opyNL3bhawhfNPlag
 ZhCpXQDVkGYuHIgi4Z7VEVQuwg+l57kK2HdXlwlEDVixQHJ0YFAeI2A7goXJofxQ
 /4mdcoWQpt75GlON4V0wGk9rACp/rEBbpu35Vv6FfBDa3fSlQAVvkBG/HOyp/OFm
 Gyw6aY4Qk6psIIfmQVXQVVd5svkhkKRBpHHRPdfArZdny2UMOl9NG15zZGqr3nBX
 ELGndcc8POUaKw9ia5QGP1QmfOrzznZ68jDUz58rwQiZpzMveS9C381kHnkIRunu
 gDAVjjZCFwHuGzF1uV7S
 =g5mZ
 -----END PGP SIGNATURE-----

Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/cmarinas/linux-aarch64

Pull arm64 fixes from Catalin Marinas:
 - correct argument type (pgprot_t) when calling __ioremap()
 - PCI_IOBASE virtual address change
 - use architected event for CPU cycle counter
 - fix ELF core dumping
 - select CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION
 - missing completion for secondary CPU boot
 - booting on systems with all memory beyond 4GB

* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/cmarinas/linux-aarch64:
  arm64: mm: fix booting on systems with no memory below 4GB
  arm64: smp: add missing completion for secondary boot
  arm64: compat: select CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION
  arm64: elf: fix core dumping definitions for GP and FP registers
  arm64: perf: use architected event for CPU cycle counter
  arm64: Move PCI_IOBASE closer to MODULES_VADDR
  arm64: Use pgprot_t as the last argument when invoking __ioremap()
2012-11-10 06:58:20 +01:00
Linus Torvalds
0020dd0b8c Bug-fixes:
* Fix compile issues on ARM.
  * Fix hypercall fallback code for old hypervisors.
  * Print out which HVM parameter failed if it fails.
  * Fix idle notifier call after irq_enter.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.12 (GNU/Linux)
 
 iQEcBAABAgAGBQJQnQdGAAoJEFjIrFwIi8fJPBAIAMX1HRx3udqhv7fziynZvFTb
 hj47XYIJHOK7P4fK7vZoSNgMHjL6LW5cUqC8VN67G3zUSkX9JYFsPBj6v4bWn+rG
 b9CS+MW7hS80LGbbqkh1F+YSEfZ863RlF9PPX2acaHTw49MlIgIqwhxIo6hy+Nm6
 thu6SlbEIJkSUdhbYMOAmy5aH/3+UuuQg+oq3P7mzV8fZjEihnrrF0NlT4wOZK1o
 gsfrKYKJLVT526W9PF/L23/A/MCHMpvjNStpaDLOGNjV9sBMpJI8JRax6+657+q1
 0kXvN5mAwTKWOaXBl4LEC9R8n1IKB91TgOY6HJAcXkb1eoP5KAeNSmU8RbsZ2T0=
 =XZ+0
 -----END PGP SIGNATURE-----

Merge tag 'stable/for-linus-3.7-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen

Pull Xen fixes from Konrad Rzeszutek Wilk:
 "There are three ARM compile fixes (we forgot to export certain
  functions and if the drivers are built as an module - we go belly-up).

  There is also an mismatch of irq_enter() / exit_idle() calls sequence
  which were fixed some time ago in other piece of codes, but failed to
  appear in the Xen code.

  Lastly a fix for to help in the field with troubleshooting in case we
  cannot get the appropriate parameter and also fallback code when
  working with very old hypervisors."

Bug-fixes:
 - Fix compile issues on ARM.
 - Fix hypercall fallback code for old hypervisors.
 - Print out which HVM parameter failed if it fails.
 - Fix idle notifier call after irq_enter.

* tag 'stable/for-linus-3.7-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
  xen/arm: Fix compile errors when drivers are compiled as modules (export more).
  xen/arm: Fix compile errors when drivers are compiled as modules.
  xen/generic: Disable fallback build on ARM.
  xen/events: fix RCU warning, or Call idle notifier after irq_enter()
  xen/hvm: If we fail to fetch an HVM parameter print out which flag it is.
  xen/hypercall: fix hypercall fallback code for very old hypervisors
2012-11-10 06:56:21 +01:00