1 From gregkh@mini.kroah.org Fri Jul 17 13:12:28 2009
2 Message-Id: <20090717201227.992856604@mini.kroah.org>
3 User-Agent: quilt/0.48-1
4 Date: Fri, 17 Jul 2009 13:08:52 -0700
5 From: Greg KH <gregkh@suse.de>
6 To: linux-kernel@vger.kernel.org,
8 Cc: stable-review@kernel.org,
9 torvalds@linux-foundation.org,
10 akpm@linux-foundation.org,
11 alan@lxorguk.ukuu.org.uk,
12 Eugene Teo <eugeneteo@kernel.sg>,
13 Eric Paris <eparis@redhat.com>,
14 Wang Cong <amwang@redhat.com>
15 Subject: [patch 01/24] Add -fno-delete-null-pointer-checks to gcc CFLAGS
16 References: <20090717200851.907421303@mini.kroah.org>
17 Content-Disposition: inline; filename=add-fno-delete-null-pointer-checks-to-gcc-cflags.patch
21 2.6.30-stable review patch. If anyone has any objections, please let us know.
25 From: Eugene Teo <eteo@redhat.com>
27 commit a3ca86aea507904148870946d599e07a340b39bf upstream.
29 Turning on this flag could prevent the compiler from optimising away
30 some "useless" checks for null pointers. Such bugs can sometimes become
31 exploitable at compile time because of the -O2 optimisation.
33 See http://gcc.gnu.org/onlinedocs/gcc-4.1.2/gcc/Optimize-Options.html
35 An example that clearly shows this 'problem' is commit 6bf67672.
37 static void __devexit agnx_pci_remove(struct pci_dev *pdev)
39 struct ieee80211_hw *dev = pci_get_drvdata(pdev);
40 - struct agnx_priv *priv = dev->priv;
41 + struct agnx_priv *priv;
48 By reverting this patch, and compile it with and without
49 -fno-delete-null-pointer-checks flag, we can see that the check for dev
53 - testq %r12, %r12 # dev
55 movq %r12, %rdi # dev,
57 Clearly the 'fix' is to stop using dev before it is tested, but building
58 with -fno-delete-null-pointer-checks flag at least makes it harder to
61 Signed-off-by: Eugene Teo <eugeneteo@kernel.sg>
62 Acked-by: Eric Paris <eparis@redhat.com>
63 Acked-by: Wang Cong <amwang@redhat.com>
64 Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
65 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
69 1 file changed, 2 insertions(+), 1 deletion(-)
73 @@ -351,7 +351,8 @@ KBUILD_CPPFLAGS := -D__KERNEL__
75 KBUILD_CFLAGS := -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs \
76 -fno-strict-aliasing -fno-common \
77 - -Werror-implicit-function-declaration
78 + -Werror-implicit-function-declaration \
79 + -fno-delete-null-pointer-checks
80 KBUILD_AFLAGS := -D__ASSEMBLY__
82 # Read KERNELRELEASE from include/config/kernel.release (if it exists)
85 From gregkh@mini.kroah.org Fri Jul 17 13:12:28 2009
86 Message-Id: <20090717201228.282566328@mini.kroah.org>
87 User-Agent: quilt/0.48-1
88 Date: Fri, 17 Jul 2009 13:08:53 -0700
89 From: Greg KH <gregkh@suse.de>
90 To: linux-kernel@vger.kernel.org,
92 Cc: stable-review@kernel.org,
93 torvalds@linux-foundation.org,
94 akpm@linux-foundation.org,
95 alan@lxorguk.ukuu.org.uk,
96 Christoph Lameter <cl@linux-foundation.org>,
97 Eric Paris <eparis@redhat.com>,
98 James Morris <jmorris@namei.org>
99 Subject: [patch 02/24] security: use mmap_min_addr indepedently of security models
100 References: <20090717200851.907421303@mini.kroah.org>
101 Content-Disposition: inline; filename=security-use-mmap_min_addr-indepedently-of-security-models.patch
105 2.6.30-stable review patch. If anyone has any objections, please let us know.
109 From: Christoph Lameter <cl@linux-foundation.org>
111 commit e0a94c2a63f2644826069044649669b5e7ca75d3 upstream.
113 This patch removes the dependency of mmap_min_addr on CONFIG_SECURITY.
114 It also sets a default mmap_min_addr of 4096.
116 mmapping of addresses below 4096 will only be possible for processes
119 Signed-off-by: Christoph Lameter <cl@linux-foundation.org>
120 Acked-by: Eric Paris <eparis@redhat.com>
121 Looks-ok-by: Linus Torvalds <torvalds@linux-foundation.org>
122 Signed-off-by: James Morris <jmorris@namei.org>
123 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
126 include/linux/mm.h | 2 --
127 include/linux/security.h | 2 ++
128 kernel/sysctl.c | 2 --
129 mm/Kconfig | 19 +++++++++++++++++++
131 security/Kconfig | 22 +---------------------
132 security/security.c | 3 ---
133 7 files changed, 25 insertions(+), 28 deletions(-)
135 --- a/include/linux/mm.h
136 +++ b/include/linux/mm.h
137 @@ -580,12 +580,10 @@ static inline void set_page_links(struct
139 static inline unsigned long round_hint_to_min(unsigned long hint)
141 -#ifdef CONFIG_SECURITY
143 if (((void *)hint != NULL) &&
144 (hint < mmap_min_addr))
145 return PAGE_ALIGN(mmap_min_addr);
150 --- a/include/linux/security.h
151 +++ b/include/linux/security.h
152 @@ -2197,6 +2197,8 @@ static inline int security_file_mmap(str
154 unsigned long addr_only)
156 + if ((addr < mmap_min_addr) && !capable(CAP_SYS_RAWIO))
161 --- a/kernel/sysctl.c
162 +++ b/kernel/sysctl.c
163 @@ -1225,7 +1225,6 @@ static struct ctl_table vm_table[] = {
164 .strategy = &sysctl_jiffies,
167 -#ifdef CONFIG_SECURITY
169 .ctl_name = CTL_UNNUMBERED,
170 .procname = "mmap_min_addr",
171 @@ -1234,7 +1233,6 @@ static struct ctl_table vm_table[] = {
173 .proc_handler = &proc_doulongvec_minmax,
178 .ctl_name = CTL_UNNUMBERED,
181 @@ -226,6 +226,25 @@ config HAVE_MLOCKED_PAGE_BIT
185 +config DEFAULT_MMAP_MIN_ADDR
186 + int "Low address space to protect from user allocation"
189 + This is the portion of low virtual memory which should be protected
190 + from userspace allocation. Keeping a user from writing to low pages
191 + can help reduce the impact of kernel NULL pointer bugs.
193 + For most ia64, ppc64 and x86 users with lots of address space
194 + a value of 65536 is reasonable and should cause no problems.
195 + On arm and other archs it should not be higher than 32768.
196 + Programs which use vm86 functionality would either need additional
197 + permissions from either the LSM or the capabilities module or have
198 + this protection disabled.
200 + This value can be changed after boot using the
201 + /proc/sys/vm/mmap_min_addr tunable.
204 config NOMMU_INITIAL_TRIM_EXCESS
205 int "Turn on mmap() excess space trimming before booting"
209 @@ -87,6 +87,9 @@ int sysctl_overcommit_ratio = 50; /* def
210 int sysctl_max_map_count __read_mostly = DEFAULT_MAX_MAP_COUNT;
211 struct percpu_counter vm_committed_as;
213 +/* amount of vm to protect from userspace access */
214 +unsigned long mmap_min_addr = CONFIG_DEFAULT_MMAP_MIN_ADDR;
217 * Check that a process has enough memory to allocate a new virtual
218 * mapping. 0 means there is enough memory for the allocation to
219 --- a/security/Kconfig
220 +++ b/security/Kconfig
221 @@ -110,28 +110,8 @@ config SECURITY_ROOTPLUG
223 See <http://www.linuxjournal.com/article.php?sid=6279> for
224 more information about this module.
226 - If you are unsure how to answer this question, answer N.
228 -config SECURITY_DEFAULT_MMAP_MIN_ADDR
229 - int "Low address space to protect from user allocation"
230 - depends on SECURITY
233 - This is the portion of low virtual memory which should be protected
234 - from userspace allocation. Keeping a user from writing to low pages
235 - can help reduce the impact of kernel NULL pointer bugs.
237 - For most ia64, ppc64 and x86 users with lots of address space
238 - a value of 65536 is reasonable and should cause no problems.
239 - On arm and other archs it should not be higher than 32768.
240 - Programs which use vm86 functionality would either need additional
241 - permissions from either the LSM or the capabilities module or have
242 - this protection disabled.
244 - This value can be changed after boot using the
245 - /proc/sys/vm/mmap_min_addr tunable.
247 + If you are unsure how to answer this question, answer N.
249 source security/selinux/Kconfig
250 source security/smack/Kconfig
251 --- a/security/security.c
252 +++ b/security/security.c
253 @@ -26,9 +26,6 @@ extern void security_fixup_ops(struct se
255 struct security_operations *security_ops; /* Initialized to NULL */
257 -/* amount of vm to protect from userspace access */
258 -unsigned long mmap_min_addr = CONFIG_SECURITY_DEFAULT_MMAP_MIN_ADDR;
260 static inline int verify(struct security_operations *ops)
262 /* verify the security_operations structure exists */
265 From gregkh@mini.kroah.org Fri Jul 17 13:12:29 2009
266 Message-Id: <20090717201228.781324899@mini.kroah.org>
267 User-Agent: quilt/0.48-1
268 Date: Fri, 17 Jul 2009 13:08:54 -0700
269 From: Greg KH <gregkh@suse.de>
270 To: linux-kernel@vger.kernel.org,
272 Cc: stable-review@kernel.org,
273 torvalds@linux-foundation.org,
274 akpm@linux-foundation.org,
275 alan@lxorguk.ukuu.org.uk,
276 Mariusz Kozlowski <m.kozlowski@tuxland.pl>,
277 "David S. Miller" <davem@davemloft.net>
278 Subject: [patch 03/24] tun/tap: Fix crashes if open() /dev/net/tun and then poll() it. (CVE-2009-1897)
279 References: <20090717200851.907421303@mini.kroah.org>
280 Content-Disposition: inline; filename=tun-tap-fix-crashes-if-open-dev-net-tun-and-then-poll-it.patch
284 2.6.30-stable review patch. If anyone has any objections, please let us know.
288 From: Mariusz Kozlowski <m.kozlowski@tuxland.pl>
290 commit 3c8a9c63d5fd738c261bd0ceece04d9c8357ca13 upstream.
292 Fix NULL pointer dereference in tun_chr_pool() introduced by commit
293 33dccbb050bbe35b88ca8cf1228dcf3e4d4b3554 ("tun: Limit amount of queued
294 packets per device") and triggered by this code:
298 fd = open("/dev/net/tun", O_RDWR);
300 pfd.events = POLLIN | POLLOUT;
303 Reported-by: Eugene Kapun <abacabadabacaba@gmail.com>
304 Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl>
305 Signed-off-by: David S. Miller <davem@davemloft.net>
306 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
309 drivers/net/tun.c | 4 +++-
310 1 file changed, 3 insertions(+), 1 deletion(-)
312 --- a/drivers/net/tun.c
313 +++ b/drivers/net/tun.c
314 @@ -486,12 +486,14 @@ static unsigned int tun_chr_poll(struct
316 struct tun_file *tfile = file->private_data;
317 struct tun_struct *tun = __tun_get(tfile);
318 - struct sock *sk = tun->sk;
320 unsigned int mask = 0;
327 DBG(KERN_INFO "%s: tun_chr_poll\n", tun->dev->name);
329 poll_wait(file, &tun->socket.wait, wait);
332 From gregkh@mini.kroah.org Fri Jul 17 13:12:29 2009
333 Message-Id: <20090717201229.027381107@mini.kroah.org>
334 User-Agent: quilt/0.48-1
335 Date: Fri, 17 Jul 2009 13:08:55 -0700
336 From: Greg KH <gregkh@suse.de>
337 To: linux-kernel@vger.kernel.org,
339 Cc: stable-review@kernel.org,
340 torvalds@linux-foundation.org,
341 akpm@linux-foundation.org,
342 alan@lxorguk.ukuu.org.uk,
343 Julien Tinnes <jt@cr0.org>,
344 Tavis Ormandy <taviso@sdf.lonestar.org>,
345 Christoph Hellwig <hch@infradead.org>,
346 Kees Cook <kees@ubuntu.com>,
347 Eugene Teo <eugene@redhat.com>
348 Subject: [patch 04/24] personality: fix PER_CLEAR_ON_SETID (CVE-2009-1895)
349 References: <20090717200851.907421303@mini.kroah.org>
350 Content-Disposition: inline; filename=personality-fix-per_clear_on_setid.patch
354 2.6.30-stable review patch. If anyone has any objections, please let us know.
358 From: Julien Tinnes <jt@cr0.org>
360 commit f9fabcb58a6d26d6efde842d1703ac7cfa9427b6 upstream.
362 We have found that the current PER_CLEAR_ON_SETID mask on Linux doesn't
363 include neither ADDR_COMPAT_LAYOUT, nor MMAP_PAGE_ZERO.
365 The current mask is READ_IMPLIES_EXEC|ADDR_NO_RANDOMIZE.
367 We believe it is important to add MMAP_PAGE_ZERO, because by using this
368 personality it is possible to have the first page mapped inside a
369 process running as setuid root. This could be used in those scenarios:
371 - Exploiting a NULL pointer dereference issue in a setuid root binary
372 - Bypassing the mmap_min_addr restrictions of the Linux kernel: by
373 running a setuid binary that would drop privileges before giving us
374 control back (for instance by loading a user-supplied library), we
375 could get the first page mapped in a process we control. By further
376 using mremap and mprotect on this mapping, we can then completely
377 bypass the mmap_min_addr restrictions.
379 Less importantly, we believe ADDR_COMPAT_LAYOUT should also be added
380 since on x86 32bits it will in practice disable most of the address
381 space layout randomization (only the stack will remain randomized).
383 Signed-off-by: Julien Tinnes <jt@cr0.org>
384 Signed-off-by: Tavis Ormandy <taviso@sdf.lonestar.org>
385 Acked-by: Christoph Hellwig <hch@infradead.org>
386 Acked-by: Kees Cook <kees@ubuntu.com>
387 Acked-by: Eugene Teo <eugene@redhat.com>
388 [ Shortened lines and fixed whitespace as per Christophs' suggestion ]
389 Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
390 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
393 include/linux/personality.h | 5 ++++-
394 1 file changed, 4 insertions(+), 1 deletion(-)
396 --- a/include/linux/personality.h
397 +++ b/include/linux/personality.h
398 @@ -40,7 +40,10 @@ enum {
399 * Security-relevant compatibility flags that must be
400 * cleared upon setuid or setgid exec:
402 -#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC|ADDR_NO_RANDOMIZE)
403 +#define PER_CLEAR_ON_SETID (READ_IMPLIES_EXEC | \
404 + ADDR_NO_RANDOMIZE | \
405 + ADDR_COMPAT_LAYOUT | \
412 From gregkh@mini.kroah.org Fri Jul 17 13:12:29 2009
413 Message-Id: <20090717201229.279762270@mini.kroah.org>
414 User-Agent: quilt/0.48-1
415 Date: Fri, 17 Jul 2009 13:08:56 -0700
416 From: Greg KH <gregkh@suse.de>
417 To: linux-kernel@vger.kernel.org,
419 Cc: stable-review@kernel.org,
420 torvalds@linux-foundation.org,
421 akpm@linux-foundation.org,
422 alan@lxorguk.ukuu.org.uk,
423 Sonic Zhang <sonic.zhang@analog.com>,
424 Mike Frysinger <vapier@gentoo.org>
425 Subject: [patch 05/24] Blackfin: fix accidental reset in some boot modes
426 References: <20090717200851.907421303@mini.kroah.org>
427 Content-Disposition: inline; filename=blackfin-fix-accidental-reset-in-some-boot-modes.patch
431 2.6.30-stable review patch. If anyone has any objections, please let us know.
435 From: Sonic Zhang <sonic.zhang@analog.com>
437 commit 0de4adfb8c9674fa1572b0ff1371acc94b0be901 upstream.
439 We read the SWRST (Software Reset) register to get at the last reset
440 state, and then we may configure the DOUBLE_FAULT bit to control behavior
441 when a double fault occurs. But if the lower bits of the register is
442 already set (like UART boot mode on a BF54x), we inadvertently make the
443 system reset by writing to the SYSTEM_RESET field at the same time. So
444 make sure the lower 4 bits are always cleared.
446 Signed-off-by: Sonic Zhang <sonic.zhang@analog.com>
447 Signed-off-by: Mike Frysinger <vapier@gentoo.org>
448 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
451 arch/blackfin/kernel/setup.c | 3 ++-
452 1 file changed, 2 insertions(+), 1 deletion(-)
454 --- a/arch/blackfin/kernel/setup.c
455 +++ b/arch/blackfin/kernel/setup.c
456 @@ -831,7 +831,8 @@ void __init setup_arch(char **cmdline_p)
457 defined(CONFIG_BF538) || defined(CONFIG_BF539)
458 _bfin_swrst = bfin_read_SWRST();
460 - _bfin_swrst = bfin_read_SYSCR();
461 + /* Clear boot mode field */
462 + _bfin_swrst = bfin_read_SYSCR() & ~0xf;
465 #ifdef CONFIG_DEBUG_DOUBLEFAULT_PRINT
468 From gregkh@mini.kroah.org Fri Jul 17 13:12:30 2009
469 Message-Id: <20090717201229.825396140@mini.kroah.org>
470 User-Agent: quilt/0.48-1
471 Date: Fri, 17 Jul 2009 13:08:57 -0700
472 From: Greg KH <gregkh@suse.de>
473 To: linux-kernel@vger.kernel.org,
475 Cc: stable-review@kernel.org,
476 torvalds@linux-foundation.org,
477 akpm@linux-foundation.org,
478 alan@lxorguk.ukuu.org.uk,
479 Mike Frysinger <vapier@gentoo.org>
480 Subject: [patch 06/24] Blackfin: redo handling of bad irqs
481 References: <20090717200851.907421303@mini.kroah.org>
482 Content-Disposition: inline; filename=blackfin-redo-handling-of-bad-irqs.patch
486 2.6.30-stable review patch. If anyone has any objections, please let us know.
490 From: Mike Frysinger <vapier@gentoo.org>
492 commit 26579216f3cdf1ae05f0af8412b444870a167510 upstream.
494 With the common IRQ code initializing much more of the irq_desc state, we
495 can't blindly initialize it ourselves to the local bad_irq state. If we
496 do, we end up wrongly clobbering many fields. So punt most of the bad irq
497 code as the common layers will handle the default state, and simply call
498 handle_bad_irq() directly when the IRQ we are processing is invalid.
500 Signed-off-by: Mike Frysinger <vapier@gentoo.org>
501 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
504 arch/blackfin/kernel/irqchip.c | 50 +++++++++--------------------------------
505 1 file changed, 11 insertions(+), 39 deletions(-)
507 --- a/arch/blackfin/kernel/irqchip.c
508 +++ b/arch/blackfin/kernel/irqchip.c
512 static atomic_t irq_err_count;
513 -static spinlock_t irq_controller_lock;
516 - * Dummy mask/unmask handler
518 -void dummy_mask_unmask_irq(unsigned int irq)
522 void ack_bad_irq(unsigned int irq)
524 @@ -53,21 +45,9 @@ void ack_bad_irq(unsigned int irq)
525 printk(KERN_ERR "IRQ: spurious interrupt %d\n", irq);
528 -static struct irq_chip bad_chip = {
529 - .ack = dummy_mask_unmask_irq,
530 - .mask = dummy_mask_unmask_irq,
531 - .unmask = dummy_mask_unmask_irq,
534 static struct irq_desc bad_irq_desc = {
535 - .status = IRQ_DISABLED,
537 .handle_irq = handle_bad_irq,
539 .lock = __SPIN_LOCK_UNLOCKED(irq_desc->lock),
541 - .affinity = CPU_MASK_ALL
545 #ifdef CONFIG_CPUMASK_OFFSTACK
546 @@ -117,21 +97,13 @@ __attribute__((l1_text))
548 asmlinkage void asm_do_IRQ(unsigned int irq, struct pt_regs *regs)
550 - struct pt_regs *old_regs;
551 - struct irq_desc *desc = irq_desc + irq;
553 unsigned short pending, other_ints;
555 - old_regs = set_irq_regs(regs);
558 - * Some hardware gives randomly wrong interrupts. Rather
559 - * than crashing, do something sensible.
561 - if (irq >= NR_IRQS)
562 - desc = &bad_irq_desc;
563 + struct pt_regs *old_regs = set_irq_regs(regs);
567 #ifdef CONFIG_DEBUG_STACKOVERFLOW
568 /* Debugging check for stack overflow: is there less than STACK_WARN free? */
570 @@ -147,7 +119,15 @@ asmlinkage void asm_do_IRQ(unsigned int
574 - generic_handle_irq(irq);
577 + * Some hardware gives randomly wrong interrupts. Rather
578 + * than crashing, do something sensible.
580 + if (irq >= NR_IRQS)
581 + handle_bad_irq(irq, &bad_irq_desc);
583 + generic_handle_irq(irq);
587 @@ -171,14 +151,6 @@ asmlinkage void asm_do_IRQ(unsigned int
589 void __init init_IRQ(void)
591 - struct irq_desc *desc;
594 - spin_lock_init(&irq_controller_lock);
595 - for (irq = 0, desc = irq_desc; irq < NR_IRQS; irq++, desc++) {
596 - *desc = bad_irq_desc;
601 #ifdef CONFIG_DEBUG_BFIN_HWTRACE_EXPAND
604 From gregkh@mini.kroah.org Fri Jul 17 13:12:30 2009
605 Message-Id: <20090717201230.125985614@mini.kroah.org>
606 User-Agent: quilt/0.48-1
607 Date: Fri, 17 Jul 2009 13:08:58 -0700
608 From: Greg KH <gregkh@suse.de>
609 To: linux-kernel@vger.kernel.org,
611 Cc: stable-review@kernel.org,
612 torvalds@linux-foundation.org,
613 akpm@linux-foundation.org,
614 alan@lxorguk.ukuu.org.uk,
615 Sonic Zhang <sonic.zhang@analog.com>,
616 Mike Frysinger <vapier@gentoo.org>
617 Subject: [patch 07/24] Blackfin: fix deadlock in SMP IPI handler
618 References: <20090717200851.907421303@mini.kroah.org>
619 Content-Disposition: inline; filename=blackfin-fix-deadlock-in-smp-ipi-handler.patch
623 2.6.30-stable review patch. If anyone has any objections, please let us know.
627 From: Sonic Zhang <sonic.zhang@analog.com>
629 commit 86f2008bf546af9a434f480710e8d33891616bf5 upstream.
631 When a low priority interrupt (like ethernet) is triggered between 2 high
632 priority IPI messages, a deadlock in disable_irq() is hit by the second
633 IPI handler. This is because the second IPI message is queued within the
634 first IPI handler, but the handler doesn't process all messages, and new
635 ones are inserted rather than appended. So now we process all the pending
636 messages, and append new ones to the pending list.
638 URL: http://blackfin.uclinux.org/gf/tracker/5226
640 Signed-off-by: Sonic Zhang <sonic.zhang@analog.com>
641 Signed-off-by: Mike Frysinger <vapier@gentoo.org>
642 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
645 arch/blackfin/mach-common/smp.c | 13 +++++++------
646 1 file changed, 7 insertions(+), 6 deletions(-)
648 --- a/arch/blackfin/mach-common/smp.c
649 +++ b/arch/blackfin/mach-common/smp.c
650 @@ -139,7 +139,7 @@ static void ipi_call_function(unsigned i
652 static irqreturn_t ipi_handler(int irq, void *dev_instance)
654 - struct ipi_message *msg, *mg;
655 + struct ipi_message *msg;
656 struct ipi_message_queue *msg_queue;
657 unsigned int cpu = smp_processor_id();
659 @@ -149,7 +149,8 @@ static irqreturn_t ipi_handler(int irq,
662 spin_lock(&msg_queue->lock);
663 - list_for_each_entry_safe(msg, mg, &msg_queue->head, list) {
664 + while (!list_empty(&msg_queue->head)) {
665 + msg = list_entry(msg_queue->head.next, typeof(*msg), list);
666 list_del(&msg->list);
668 case BFIN_IPI_RESCHEDULE:
669 @@ -216,7 +217,7 @@ int smp_call_function(void (*func)(void
670 for_each_cpu_mask(cpu, callmap) {
671 msg_queue = &per_cpu(ipi_msg_queue, cpu);
672 spin_lock_irqsave(&msg_queue->lock, flags);
673 - list_add(&msg->list, &msg_queue->head);
674 + list_add_tail(&msg->list, &msg_queue->head);
675 spin_unlock_irqrestore(&msg_queue->lock, flags);
676 platform_send_ipi_cpu(cpu);
678 @@ -256,7 +257,7 @@ int smp_call_function_single(int cpuid,
680 msg_queue = &per_cpu(ipi_msg_queue, cpu);
681 spin_lock_irqsave(&msg_queue->lock, flags);
682 - list_add(&msg->list, &msg_queue->head);
683 + list_add_tail(&msg->list, &msg_queue->head);
684 spin_unlock_irqrestore(&msg_queue->lock, flags);
685 platform_send_ipi_cpu(cpu);
687 @@ -287,7 +288,7 @@ void smp_send_reschedule(int cpu)
689 msg_queue = &per_cpu(ipi_msg_queue, cpu);
690 spin_lock_irqsave(&msg_queue->lock, flags);
691 - list_add(&msg->list, &msg_queue->head);
692 + list_add_tail(&msg->list, &msg_queue->head);
693 spin_unlock_irqrestore(&msg_queue->lock, flags);
694 platform_send_ipi_cpu(cpu);
696 @@ -315,7 +316,7 @@ void smp_send_stop(void)
697 for_each_cpu_mask(cpu, callmap) {
698 msg_queue = &per_cpu(ipi_msg_queue, cpu);
699 spin_lock_irqsave(&msg_queue->lock, flags);
700 - list_add(&msg->list, &msg_queue->head);
701 + list_add_tail(&msg->list, &msg_queue->head);
702 spin_unlock_irqrestore(&msg_queue->lock, flags);
703 platform_send_ipi_cpu(cpu);
707 From gregkh@mini.kroah.org Fri Jul 17 13:12:30 2009
708 Message-Id: <20090717201230.590698517@mini.kroah.org>
709 User-Agent: quilt/0.48-1
710 Date: Fri, 17 Jul 2009 13:08:59 -0700
711 From: Greg KH <gregkh@suse.de>
712 To: linux-kernel@vger.kernel.org,
714 Cc: stable-review@kernel.org,
715 torvalds@linux-foundation.org,
716 akpm@linux-foundation.org,
717 alan@lxorguk.ukuu.org.uk,
718 Mike Frysinger <vapier@gentoo.org>
719 Subject: [patch 08/24] Blackfin: fix command line corruption with DEBUG_DOUBLEFAULT
720 References: <20090717200851.907421303@mini.kroah.org>
721 Content-Disposition: inline; filename=blackfin-fix-command-line-corruption-with-debug_doublefault.patch
725 2.6.30-stable review patch. If anyone has any objections, please let us know.
729 From: Mike Frysinger <vapier@gentoo.org>
731 commit 37082511f06108129bd5f96d625a6fae2d5a4ab4 upstream.
733 Commit 6b3087c6 (which introduced Blackfin SMP) broke command line passing
734 when the DEBUG_DOUBLEFAULT config option was enabled. Switch the code to
735 using a scratch register and not R7 which holds the command line.
737 Signed-off-by: Mike Frysinger <vapier@gentoo.org>
738 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
741 arch/blackfin/mach-common/head.S | 16 ++++++++--------
742 1 file changed, 8 insertions(+), 8 deletions(-)
744 --- a/arch/blackfin/mach-common/head.S
745 +++ b/arch/blackfin/mach-common/head.S
746 @@ -126,25 +126,25 @@ ENTRY(__start)
750 - r7 = [p0 + PDA_RETX];
751 + r6 = [p0 + PDA_RETX];
752 p1.l = _init_saved_retx;
753 p1.h = _init_saved_retx;
757 - r7 = [p0 + PDA_DCPLB];
758 + r6 = [p0 + PDA_DCPLB];
759 p1.l = _init_saved_dcplb_fault_addr;
760 p1.h = _init_saved_dcplb_fault_addr;
764 - r7 = [p0 + PDA_ICPLB];
765 + r6 = [p0 + PDA_ICPLB];
766 p1.l = _init_saved_icplb_fault_addr;
767 p1.h = _init_saved_icplb_fault_addr;
771 - r7 = [p0 + PDA_SEQSTAT];
772 + r6 = [p0 + PDA_SEQSTAT];
773 p1.l = _init_saved_seqstat;
774 p1.h = _init_saved_seqstat;
779 /* Initialize stack pointer */
782 From gregkh@mini.kroah.org Fri Jul 17 13:12:31 2009
783 Message-Id: <20090717201231.001369907@mini.kroah.org>
784 User-Agent: quilt/0.48-1
785 Date: Fri, 17 Jul 2009 13:09:00 -0700
786 From: Greg KH <gregkh@suse.de>
787 To: linux-kernel@vger.kernel.org,
789 Greg KH <greg@kroah.com>
790 Cc: stable-review@kernel.org,
791 torvalds@linux-foundation.org,
792 akpm@linux-foundation.org,
793 alan@lxorguk.ukuu.org.uk,
794 Thomas Gleixner <tglx@linutronix.de>
795 Subject: [patch 09/24] futex: Fix the write access fault problem for real
796 References: <20090717200851.907421303@mini.kroah.org>
797 Content-Disposition: inline; filename=futex-fix-the-write-access-fault-problem-for-real.patch
801 2.6.30-stable review patch. If anyone has any objections, please let us know.
805 From: Thomas Gleixner <tglx@linutronix.de>
807 commit d0725992c8a6fb63a16bc9e8b2a50094cc4db3cd and aa715284b4d28cabde6c25c568d769a6be712bc8 upstream
809 commit 64d1304a64 (futex: setup writeable mapping for futex ops which
810 modify user space data) did address only half of the problem of write
813 The patch was made on two wrong assumptions:
815 1) access_ok(VERIFY_WRITE,...) would actually check write access.
817 On x86 it does _NOT_. It's a pure address range check.
819 2) a RW mapped region can not go away under us.
821 That's wrong as well. Nobody can prevent another thread to call
822 mprotect(PROT_READ) on that region where the futex resides. If that
823 call hits between the get_user_pages_fast() verification and the
824 actual write access in the atomic region we are toast again.
826 The solution is to not rely on access_ok and get_user() for any write
827 access related fault on private and shared futexes. Instead we need to
828 fault it in with verification of write access.
830 There is no generic non destructive write mechanism which would fault
831 the user page in trough a #PF, but as we already know that we will
832 fault we can as well call get_user_pages() directly and avoid the #PF
835 If get_user_pages() returns -EFAULT we know that we can not fix it
836 anymore and need to bail out to user space.
838 Remove a bunch of confusing comments on this issue as well.
840 Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
841 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
844 kernel/futex.c | 42 +++++++++++++++++++++++-------------------
845 1 file changed, 23 insertions(+), 19 deletions(-)
849 @@ -278,6 +278,25 @@ void put_futex_key(int fshared, union fu
850 drop_futex_key_refs(key);
854 + * fault_in_user_writeable - fault in user address and verify RW access
855 + * @uaddr: pointer to faulting user space address
857 + * Slow path to fixup the fault we just took in the atomic write
858 + * access to @uaddr.
860 + * We have no generic implementation of a non destructive write to the
861 + * user address. We know that we faulted in the atomic pagefault
862 + * disabled section so we can as well avoid the #PF overhead by
863 + * calling get_user_pages() right away.
865 +static int fault_in_user_writeable(u32 __user *uaddr)
867 + int ret = get_user_pages(current, current->mm, (unsigned long)uaddr,
868 + 1, 1, 0, NULL, NULL);
869 + return ret < 0 ? ret : 0;
872 static u32 cmpxchg_futex_value_locked(u32 __user *uaddr, u32 uval, u32 newval)
875 @@ -739,7 +758,6 @@ retry:
877 op_ret = futex_atomic_op_inuser(op, uaddr2);
878 if (unlikely(op_ret < 0)) {
881 double_unlock_hb(hb1, hb2);
883 @@ -757,7 +775,7 @@ retry_private:
887 - ret = get_user(dummy, uaddr2);
888 + ret = fault_in_user_writeable(uaddr2);
892 @@ -1097,7 +1115,7 @@ retry:
894 spin_unlock(q->lock_ptr);
896 - ret = get_user(uval, uaddr);
897 + ret = fault_in_user_writeable(uaddr);
899 spin_lock(q->lock_ptr);
901 @@ -1552,16 +1570,9 @@ out:
906 - * We have to r/w *(int __user *)uaddr, and we have to modify it
907 - * atomically. Therefore, if we continue to fault after get_user()
908 - * below, we need to handle the fault ourselves, while still holding
909 - * the mmap_sem. This can occur if the uaddr is under contention as
910 - * we have to drop the mmap_sem in order to call get_user().
912 queue_unlock(&q, hb);
914 - ret = get_user(uval, uaddr);
915 + ret = fault_in_user_writeable(uaddr);
919 @@ -1657,17 +1668,10 @@ out:
924 - * We have to r/w *(int __user *)uaddr, and we have to modify it
925 - * atomically. Therefore, if we continue to fault after get_user()
926 - * below, we need to handle the fault ourselves, while still holding
927 - * the mmap_sem. This can occur if the uaddr is under contention as
928 - * we have to drop the mmap_sem in order to call get_user().
930 spin_unlock(&hb->lock);
931 put_futex_key(fshared, &key);
933 - ret = get_user(uval, uaddr);
934 + ret = fault_in_user_writeable(uaddr);
940 From gregkh@mini.kroah.org Fri Jul 17 13:12:31 2009
941 Message-Id: <20090717201231.389120722@mini.kroah.org>
942 User-Agent: quilt/0.48-1
943 Date: Fri, 17 Jul 2009 13:09:01 -0700
944 From: Greg KH <gregkh@suse.de>
945 To: linux-kernel@vger.kernel.org,
947 Cc: stable-review@kernel.org,
948 torvalds@linux-foundation.org,
949 akpm@linux-foundation.org,
950 alan@lxorguk.ukuu.org.uk,
951 Sonny Rao <sonnyrao@us.ibm.com>,
952 Thomas Gleixner <tglx@linutronix.de>,
958 mikey@ozlabs.au.ibm.com,
959 Ingo Molnar <mingo@elte.hu>
960 Subject: [patch 10/24] futexes: Fix infinite loop in get_futex_key() on huge page
961 References: <20090717200851.907421303@mini.kroah.org>
962 Content-Disposition: inline; filename=futexes-fix-infinite-loop-in-get_futex_key-on-huge-page.patch
966 2.6.30-stable review patch. If anyone has any objections, please let us know.
970 From: Sonny Rao <sonnyrao@us.ibm.com>
972 commit ce2ae53b750abfaa012ce408e93da131a5b5649b upstream.
974 get_futex_key() can infinitely loop if it is called on a
975 virtual address that is within a huge page but not aligned to
976 the beginning of that page. The call to get_user_pages_fast
977 will return the struct page for a sub-page within the huge page
978 and the check for page->mapping will always fail.
980 The fix is to call compound_head on the page before checking
983 Signed-off-by: Sonny Rao <sonnyrao@us.ibm.com>
984 Acked-by: Thomas Gleixner <tglx@linutronix.de>
986 Cc: rajamony@us.ibm.com
987 Cc: speight@us.ibm.com
988 Cc: mstephen@us.ibm.com
990 Cc: mikey@ozlabs.au.ibm.com
991 LKML-Reference: <20090710231313.GA23572@us.ibm.com>
992 Signed-off-by: Ingo Molnar <mingo@elte.hu>
993 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
997 1 file changed, 1 insertion(+)
1000 +++ b/kernel/futex.c
1001 @@ -241,6 +241,7 @@ again:
1005 + page = compound_head(page);
1007 if (!page->mapping) {
1011 From gregkh@mini.kroah.org Fri Jul 17 13:12:32 2009
1012 Message-Id: <20090717201231.896581307@mini.kroah.org>
1013 User-Agent: quilt/0.48-1
1014 Date: Fri, 17 Jul 2009 13:09:02 -0700
1015 From: Greg KH <gregkh@suse.de>
1016 To: linux-kernel@vger.kernel.org,
1018 Cc: stable-review@kernel.org,
1019 torvalds@linux-foundation.org,
1020 akpm@linux-foundation.org,
1021 alan@lxorguk.ukuu.org.uk,
1022 Zhang Rui <rui.zhang@intel.com>,
1023 Pierre Ossman <drzeus@drzeus.cx>,
1024 Jesse Barnes <jbarnes@virtuousgeek.org>
1025 Subject: [patch 11/24] kernel/resource.c: fix sign extension in reserve_setup()
1026 References: <20090717200851.907421303@mini.kroah.org>
1027 Content-Disposition: inline; filename=kernel-resource.c-fix-sign-extension-in-reserve_setup.patch
1028 Content-Length: 1127
1031 2.6.30-stable review patch. If anyone has any objections, please let us know.
1035 From: Zhang Rui <rui.zhang@intel.com>
1037 commit 8bc1ad7dd301b7ca7454013519fa92e8c53655ff upstream.
1039 When the 32-bit signed quantities get assigned to the u64 resource_size_t,
1040 they are incorrectly sign-extended.
1042 Addresses http://bugzilla.kernel.org/show_bug.cgi?id=13253
1043 Addresses http://bugzilla.kernel.org/show_bug.cgi?id=9905
1045 Signed-off-by: Zhang Rui <rui.zhang@intel.com>
1046 Reported-by: Leann Ogasawara <leann@ubuntu.com>
1047 Cc: Pierre Ossman <drzeus@drzeus.cx>
1048 Reported-by: <pablomme@googlemail.com>
1049 Tested-by: <pablomme@googlemail.com>
1050 Cc: Jesse Barnes <jbarnes@virtuousgeek.org>
1051 Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
1052 Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1053 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1056 kernel/resource.c | 2 +-
1057 1 file changed, 1 insertion(+), 1 deletion(-)
1059 --- a/kernel/resource.c
1060 +++ b/kernel/resource.c
1061 @@ -787,7 +787,7 @@ static int __init reserve_setup(char *st
1062 static struct resource reserve[MAXRESERVE];
1065 - int io_start, io_num;
1066 + unsigned int io_start, io_num;
1069 if (get_option (&str, &io_start) != 2)
1072 From gregkh@mini.kroah.org Fri Jul 17 13:12:32 2009
1073 Message-Id: <20090717201232.491501823@mini.kroah.org>
1074 User-Agent: quilt/0.48-1
1075 Date: Fri, 17 Jul 2009 13:09:03 -0700
1076 From: Greg KH <gregkh@suse.de>
1077 To: linux-kernel@vger.kernel.org,
1079 Cc: stable-review@kernel.org,
1080 torvalds@linux-foundation.org,
1081 akpm@linux-foundation.org,
1082 alan@lxorguk.ukuu.org.uk,
1083 Tejun Heo <tj@kernel.org>,
1084 Ivan Kokshaysky <ink@jurassic.park.msu.ru>,
1085 Richard Henderson <rth@twiddle.net>
1086 Subject: [patch 12/24] alpha: fix percpu build breakage
1087 References: <20090717200851.907421303@mini.kroah.org>
1088 Content-Disposition: inline; filename=alpha-fix-percpu-build-breakage.patch
1089 Content-Length: 3110
1092 2.6.30-stable review patch. If anyone has any objections, please let us know.
1096 From: Tejun Heo <tj@kernel.org>
1098 commit b01e8dc34379f4ba2f454390e340a025edbaaa7e upstream.
1100 alpha percpu access requires custom SHIFT_PERCPU_PTR() definition for
1101 modules to work around addressing range limitation. This is done via
1102 generating inline assembly using C preprocessing which forces the
1103 assembler to generate external reference. This happens behind the
1104 compiler's back and makes the compiler think that static percpu variables
1105 in modules are unused.
1107 This used to be worked around by using __unused attribute for percpu
1108 variables which prevent the compiler from omitting the variable; however,
1109 recent declare/definition attribute unification change broke this as
1110 __used can't be used for declaration. Also, in the process,
1111 PER_CPU_ATTRIBUTES definition in alpha percpu.h got broken.
1113 This patch adds PER_CPU_DEF_ATTRIBUTES which is only used for definitions
1114 and make alpha use it to add __used for percpu variables in modules. This
1115 also fixes the PER_CPU_ATTRIBUTES double definition bug.
1117 Signed-off-by: Tejun Heo <tj@kernel.org>
1118 Tested-by: maximilian attems <max@stro.at>
1119 Acked-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
1120 Cc: Richard Henderson <rth@twiddle.net>
1121 Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
1122 Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1123 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1126 arch/alpha/include/asm/percpu.h | 6 +++---
1127 include/asm-generic/percpu.h | 4 ++++
1128 include/linux/percpu-defs.h | 3 ++-
1129 3 files changed, 9 insertions(+), 4 deletions(-)
1131 --- a/arch/alpha/include/asm/percpu.h
1132 +++ b/arch/alpha/include/asm/percpu.h
1133 @@ -30,7 +30,7 @@ extern unsigned long __per_cpu_offset[NR
1136 #define SHIFT_PERCPU_PTR(var, offset) RELOC_HIDE(&per_cpu_var(var), (offset))
1137 -#define PER_CPU_ATTRIBUTES
1138 +#define PER_CPU_DEF_ATTRIBUTES
1141 * To calculate addresses of locally defined variables, GCC uses 32-bit
1142 @@ -49,7 +49,7 @@ extern unsigned long __per_cpu_offset[NR
1143 : "=&r"(__ptr), "=&r"(tmp_gp)); \
1144 (typeof(&per_cpu_var(var)))(__ptr + (offset)); })
1146 -#define PER_CPU_ATTRIBUTES __used
1147 +#define PER_CPU_DEF_ATTRIBUTES __used
1151 @@ -71,7 +71,7 @@ extern unsigned long __per_cpu_offset[NR
1152 #define __get_cpu_var(var) per_cpu_var(var)
1153 #define __raw_get_cpu_var(var) per_cpu_var(var)
1155 -#define PER_CPU_ATTRIBUTES
1156 +#define PER_CPU_DEF_ATTRIBUTES
1160 --- a/include/asm-generic/percpu.h
1161 +++ b/include/asm-generic/percpu.h
1162 @@ -97,4 +97,8 @@ extern void setup_per_cpu_areas(void);
1163 #define PER_CPU_ATTRIBUTES
1166 +#ifndef PER_CPU_DEF_ATTRIBUTES
1167 +#define PER_CPU_DEF_ATTRIBUTES
1170 #endif /* _ASM_GENERIC_PERCPU_H_ */
1171 --- a/include/linux/percpu-defs.h
1172 +++ b/include/linux/percpu-defs.h
1175 #define DEFINE_PER_CPU_SECTION(type, name, section) \
1176 __attribute__((__section__(PER_CPU_BASE_SECTION section))) \
1177 - PER_CPU_ATTRIBUTES __typeof__(type) per_cpu__##name
1178 + PER_CPU_ATTRIBUTES PER_CPU_DEF_ATTRIBUTES \
1179 + __typeof__(type) per_cpu__##name
1182 * Variant on the per-CPU variable declaration/definition theme used for
1185 From gregkh@mini.kroah.org Fri Jul 17 13:12:33 2009
1186 Message-Id: <20090717201232.906038306@mini.kroah.org>
1187 User-Agent: quilt/0.48-1
1188 Date: Fri, 17 Jul 2009 13:09:04 -0700
1189 From: Greg KH <gregkh@suse.de>
1190 To: linux-kernel@vger.kernel.org,
1192 Cc: stable-review@kernel.org,
1193 torvalds@linux-foundation.org,
1194 akpm@linux-foundation.org,
1195 alan@lxorguk.ukuu.org.uk,
1196 Joerg Roedel <joerg.roedel@amd.com>
1197 Subject: [patch 13/24] dma-debug: fix off-by-one error in overlap function
1198 References: <20090717200851.907421303@mini.kroah.org>
1199 Content-Disposition: inline; filename=dma-debug-fix-off-by-one-error-in-overlap-function.patch
1203 2.6.30-stable review patch. If anyone has any objections, please let us know.
1207 From: Joerg Roedel <joerg.roedel@amd.com>
1209 commit c79ee4e466dd12347f112e2af306dca35198458f upstream.
1211 This patch fixes a bug in the overlap function which returned true if
1212 one region ends exactly before the second region begins. This is no
1213 overlap but the function returned true in that case.
1215 Reported-by: Andrew Randrianasulu <randrik@mail.ru>
1216 Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
1217 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1220 lib/dma-debug.c | 2 +-
1221 1 file changed, 1 insertion(+), 1 deletion(-)
1223 --- a/lib/dma-debug.c
1224 +++ b/lib/dma-debug.c
1225 @@ -599,7 +599,7 @@ static inline bool overlap(void *addr, u
1227 return ((addr >= start && addr < end) ||
1228 (addr2 >= start && addr2 < end) ||
1229 - ((addr < start) && (addr2 >= end)));
1230 + ((addr < start) && (addr2 > end)));
1233 static void check_for_illegal_area(struct device *dev, void *addr, u64 size)
1236 From gregkh@mini.kroah.org Fri Jul 17 13:12:33 2009
1237 Message-Id: <20090717201233.513527878@mini.kroah.org>
1238 User-Agent: quilt/0.48-1
1239 Date: Fri, 17 Jul 2009 13:09:05 -0700
1240 From: Greg KH <gregkh@suse.de>
1241 To: linux-kernel@vger.kernel.org,
1243 Cc: stable-review@kernel.org,
1244 torvalds@linux-foundation.org,
1245 akpm@linux-foundation.org,
1246 alan@lxorguk.ukuu.org.uk,
1247 Ken Milmore <ken.milmore@googlemail.com>,
1248 NeilBrown <neilb@suse.de>,
1249 Jens Axboe <jens.axboe@oracle.com>
1250 Subject: [patch 14/24] blocK: Restore barrier support for md and probably other virtual devices.
1251 References: <20090717200851.907421303@mini.kroah.org>
1252 Content-Disposition: inline; filename=block-restore-barrier-support-for-md-and-probably-other-virtual-devices.patch
1253 Content-Length: 1590
1256 2.6.30-stable review patch. If anyone has any objections, please let us know.
1260 From: NeilBrown <neilb@suse.de>
1262 commit db64f680ba4b5c56c4be59f0698000df89ff0281 upstream.
1264 The next_ordered flag is only meaningful for devices that use __make_request.
1265 So move the test against next_ordered out of generic code and in to
1268 Since this test was added, barriers have not worked on md or any
1269 devices that don't use __make_request and so don't bother to set
1270 next_ordered. (dm explicitly sets something other than
1271 QUEUE_ORDERED_NONE since
1272 commit 99360b4c18f7675b50d283301d46d755affe75fd
1273 but notes in the comments that it is otherwise meaningless).
1275 Cc: Ken Milmore <ken.milmore@googlemail.com>
1276 Signed-off-by: NeilBrown <neilb@suse.de>
1277 Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
1278 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1281 block/blk-core.c | 10 +++++-----
1282 1 file changed, 5 insertions(+), 5 deletions(-)
1284 --- a/block/blk-core.c
1285 +++ b/block/blk-core.c
1286 @@ -1158,6 +1158,11 @@ static int __make_request(struct request
1288 nr_sectors = bio_sectors(bio);
1290 + if (bio_barrier(bio) && bio_has_data(bio) &&
1291 + (q->next_ordered == QUEUE_ORDERED_NONE)) {
1292 + bio_endio(bio, -EOPNOTSUPP);
1296 * low level driver can indicate that it wants pages above a
1297 * certain limit bounced to low memory (ie for highmem, or even
1298 @@ -1461,11 +1466,6 @@ static inline void __generic_make_reques
1302 - if (bio_barrier(bio) && bio_has_data(bio) &&
1303 - (q->next_ordered == QUEUE_ORDERED_NONE)) {
1304 - err = -EOPNOTSUPP;
1308 ret = q->make_request_fn(q, bio);
1312 From gregkh@mini.kroah.org Fri Jul 17 13:12:34 2009
1313 Message-Id: <20090717201234.071675916@mini.kroah.org>
1314 User-Agent: quilt/0.48-1
1315 Date: Fri, 17 Jul 2009 13:09:06 -0700
1316 From: Greg KH <gregkh@suse.de>
1317 To: linux-kernel@vger.kernel.org,
1319 Cc: stable-review@kernel.org,
1320 torvalds@linux-foundation.org,
1321 akpm@linux-foundation.org,
1322 alan@lxorguk.ukuu.org.uk,
1323 NeilBrown <neilb@suse.de>
1324 Subject: [patch 15/24] md/raid5: suspend shouldnt affect read requests.
1325 References: <20090717200851.907421303@mini.kroah.org>
1326 Content-Disposition: inline; filename=md-raid5-suspend-shouldn-t-affect-read-requests.patch
1330 2.6.30-stable review patch. If anyone has any objections, please let us know.
1334 From: NeilBrown <neilb@suse.de>
1336 commit a5c308d4d1659b1f4833b863394e3e24cdbdfc6e upstream.
1338 md allows write to regions on an array to be suspended temporarily.
1339 This allows user-space to participate is aspects of reshape.
1340 In particular, data can be copied with not risk of a race.
1341 We should not be blocking read requests though, so don't.
1343 Signed-off-by: NeilBrown <neilb@suse.de>
1344 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1346 --- a/drivers/md/raid5.c
1347 +++ b/drivers/md/raid5.c
1348 @@ -3702,7 +3702,8 @@ static int make_request(struct request_queue *q, struct bio * bi)
1349 /* FIXME what if we get a false positive because these
1350 * are being updated.
1352 - if (logical_sector >= mddev->suspend_lo &&
1353 + if (bio_data_dir(bi) == WRITE &&
1354 + logical_sector >= mddev->suspend_lo &&
1355 logical_sector < mddev->suspend_hi) {
1360 From gregkh@mini.kroah.org Fri Jul 17 13:12:34 2009
1361 Message-Id: <20090717201234.451772052@mini.kroah.org>
1362 User-Agent: quilt/0.48-1
1363 Date: Fri, 17 Jul 2009 13:09:07 -0700
1364 From: Greg KH <gregkh@suse.de>
1365 To: linux-kernel@vger.kernel.org,
1367 Cc: stable-review@kernel.org,
1368 torvalds@linux-foundation.org,
1369 akpm@linux-foundation.org,
1370 alan@lxorguk.ukuu.org.uk,
1371 NeilBrown <neilb@suse.de>
1372 Subject: [patch 16/24] md: fix error path when duplicate name is found on md device creation.
1373 References: <20090717200851.907421303@mini.kroah.org>
1374 Content-Disposition: inline; filename=md-fix-error-path-when-duplicate-name-is-found-on-md-device-creation.patch
1378 2.6.30-stable review patch. If anyone has any objections, please let us know.
1382 From: NeilBrown <neilb@suse.de>
1384 commit 1ec22eb2b4a2e1a763106bce36b11c02eaa84e61 upstream.
1386 When an md device is created by name (rather than number) we need to
1387 check that the name is not already in use. If this check finds a
1388 duplicate, we return an error without dropping the lock or freeing
1389 the newly create mddev.
1390 This patch fixes that.
1392 Found-by: Jiri Slaby <jirislaby@gmail.com>
1393 Signed-off-by: NeilBrown <neilb@suse.de>
1394 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1397 drivers/md/md.c | 2 ++
1398 1 file changed, 2 insertions(+)
1400 --- a/drivers/md/md.c
1401 +++ b/drivers/md/md.c
1402 @@ -3876,6 +3876,8 @@ static int md_alloc(dev_t dev, char *nam
1403 if (mddev2->gendisk &&
1404 strcmp(mddev2->gendisk->disk_name, name) == 0) {
1405 spin_unlock(&all_mddevs_lock);
1406 + mutex_unlock(&disks_mutex);
1410 spin_unlock(&all_mddevs_lock);
1413 From gregkh@mini.kroah.org Fri Jul 17 13:12:35 2009
1414 Message-Id: <20090717201235.020571302@mini.kroah.org>
1415 User-Agent: quilt/0.48-1
1416 Date: Fri, 17 Jul 2009 13:09:08 -0700
1417 From: Greg KH <gregkh@suse.de>
1418 To: linux-kernel@vger.kernel.org,
1420 Cc: stable-review@kernel.org,
1421 torvalds@linux-foundation.org,
1422 akpm@linux-foundation.org,
1423 alan@lxorguk.ukuu.org.uk,
1424 NeilBrown <neilb@suse.de>
1425 Subject: [patch 17/24] md: avoid dereferencing NULL pointer when accessing suspend_* sysfs attributes.
1426 References: <20090717200851.907421303@mini.kroah.org>
1427 Content-Disposition: inline; filename=md-avoid-dereferencing-null-pointer-when-accessing-suspend_-sysfs-attributes.patch
1428 Content-Length: 1085
1431 2.6.30-stable review patch. If anyone has any objections, please let us know.
1435 From: NeilBrown <neilb@suse.de>
1437 commit b8d966efd9a46a9a35beac50cbff6e30565125ef upstream.
1439 If we try to modify one of the md/ sysfs files
1440 suspend_lo or suspend_hi
1441 when the array is not active, we dereference a NULL.
1442 Protect against that.
1444 Signed-off-by: NeilBrown <neilb@suse.de>
1445 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1448 drivers/md/md.c | 6 ++++--
1449 1 file changed, 4 insertions(+), 2 deletions(-)
1451 --- a/drivers/md/md.c
1452 +++ b/drivers/md/md.c
1453 @@ -3589,7 +3589,8 @@ suspend_lo_store(mddev_t *mddev, const c
1455 unsigned long long new = simple_strtoull(buf, &e, 10);
1457 - if (mddev->pers->quiesce == NULL)
1458 + if (mddev->pers == NULL ||
1459 + mddev->pers->quiesce == NULL)
1461 if (buf == e || (*e && *e != '\n'))
1463 @@ -3617,7 +3618,8 @@ suspend_hi_store(mddev_t *mddev, const c
1465 unsigned long long new = simple_strtoull(buf, &e, 10);
1467 - if (mddev->pers->quiesce == NULL)
1468 + if (mddev->pers == NULL ||
1469 + mddev->pers->quiesce == NULL)
1471 if (buf == e || (*e && *e != '\n'))
1475 From gregkh@mini.kroah.org Fri Jul 17 13:12:35 2009
1476 Message-Id: <20090717201235.532748898@mini.kroah.org>
1477 User-Agent: quilt/0.48-1
1478 Date: Fri, 17 Jul 2009 13:09:09 -0700
1479 From: Greg KH <gregkh@suse.de>
1480 To: linux-kernel@vger.kernel.org,
1482 Cc: stable-review@kernel.org,
1483 torvalds@linux-foundation.org,
1484 akpm@linux-foundation.org,
1485 alan@lxorguk.ukuu.org.uk,
1486 "Eric W. Biederman" <ebiederm@aristanetworks.com>,
1487 "David S. Miller" <davem@davemloft.net>
1488 Subject: [patch 18/24] Revert "ipv4: arp announce, arp_proxy and windows ip conflict verification"
1489 References: <20090717200851.907421303@mini.kroah.org>
1490 Content-Disposition: inline; filename=revert-ipv4-arp-announce-arp_proxy-and-windows-ip-conflict-verification.patch
1491 Content-Length: 1477
1494 2.6.30-stable review patch. If anyone has any objections, please let us know.
1498 From: Eric W. Biederman <ebiederm@xmission.com>
1500 commit f8a68e752bc4e39644843403168137663c984524 upstream.
1502 This reverts commit 73ce7b01b4496a5fbf9caf63033c874be692333f.
1504 After discovering that we don't listen to gratuitious arps in 2.6.30
1505 I tracked the failure down to this commit.
1507 The patch makes absolutely no sense. RFC2131 RFC3927 and RFC5227.
1508 are all in agreement that an arp request with sip == 0 should be used
1509 for the probe (to prevent learning) and an arp request with sip == tip
1510 should be used for the gratitous announcement that people can learn
1513 It appears the author of the broken patch got those two cases confused
1514 and modified the code to drop all gratuitous arp traffic. Ouch!
1516 Signed-off-by: Eric W. Biederman <ebiederm@aristanetworks.com>
1517 Signed-off-by: David S. Miller <davem@davemloft.net>
1518 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1521 net/ipv4/arp.c | 7 ++-----
1522 1 file changed, 2 insertions(+), 5 deletions(-)
1524 --- a/net/ipv4/arp.c
1525 +++ b/net/ipv4/arp.c
1526 @@ -801,11 +801,8 @@ static int arp_process(struct sk_buff *s
1531 - * Special case: IPv4 duplicate address detection packet (RFC2131)
1532 - * and Gratuitous ARP/ARP Announce. (RFC3927, Section 2.4)
1534 - if (sip == 0 || tip == sip) {
1535 + /* Special case: IPv4 duplicate address detection packet (RFC2131) */
1537 if (arp->ar_op == htons(ARPOP_REQUEST) &&
1538 inet_addr_type(net, tip) == RTN_LOCAL &&
1539 !arp_ignore(in_dev, sip, tip))
1542 From gregkh@mini.kroah.org Fri Jul 17 13:12:36 2009
1543 Message-Id: <20090717201236.180300826@mini.kroah.org>
1544 User-Agent: quilt/0.48-1
1545 Date: Fri, 17 Jul 2009 13:09:10 -0700
1546 From: Greg KH <gregkh@suse.de>
1547 To: linux-kernel@vger.kernel.org,
1549 Cc: stable-review@kernel.org,
1550 torvalds@linux-foundation.org,
1551 akpm@linux-foundation.org,
1552 alan@lxorguk.ukuu.org.uk,
1553 Jiri Slaby <jirislaby@gmail.com>,
1554 Jens Axboe <jens.axboe@oracle.com>
1555 Subject: [patch 19/24] floppy: fix lock imbalance
1556 References: <20090717200851.907421303@mini.kroah.org>
1557 Content-Disposition: inline; filename=floppy-fix-lock-imbalance.patch
1561 2.6.30-stable review patch. If anyone has any objections, please let us know.
1565 From: Jiri Slaby <jirislaby@gmail.com>
1567 commit 8516a500029890a72622d245f8ed32c4e30969b7 upstream.
1569 A crappy macro prevents us unlocking on a fail path.
1571 Expand the macro and unlock appropriatelly.
1573 Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
1574 Cc: Jens Axboe <jens.axboe@oracle.com>
1575 Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
1576 Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1577 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1580 drivers/block/floppy.c | 5 ++++-
1581 1 file changed, 4 insertions(+), 1 deletion(-)
1583 --- a/drivers/block/floppy.c
1584 +++ b/drivers/block/floppy.c
1585 @@ -3327,7 +3327,10 @@ static inline int set_geometry(unsigned
1586 if (!capable(CAP_SYS_ADMIN))
1588 mutex_lock(&open_lock);
1589 - LOCK_FDC(drive, 1);
1590 + if (lock_fdc(drive, 1)) {
1591 + mutex_unlock(&open_lock);
1594 floppy_type[type] = *g;
1595 floppy_type[type].name = "user format";
1596 for (cnt = type << 2; cnt < (type << 2) + 4; cnt++)
1599 From gregkh@mini.kroah.org Fri Jul 17 13:12:36 2009
1600 Message-Id: <20090717201236.713006028@mini.kroah.org>
1601 User-Agent: quilt/0.48-1
1602 Date: Fri, 17 Jul 2009 13:09:11 -0700
1603 From: Greg KH <gregkh@suse.de>
1604 To: linux-kernel@vger.kernel.org,
1606 Cc: stable-review@kernel.org,
1607 torvalds@linux-foundation.org,
1608 akpm@linux-foundation.org,
1609 alan@lxorguk.ukuu.org.uk,
1610 David Woodhouse <David.Woodhouse@intel.com>
1611 Subject: [patch 20/24] Fix pci_unmap_addr() et al on i386.
1612 References: <20090717200851.907421303@mini.kroah.org>
1613 Content-Disposition: inline; filename=fix-pci_unmap_addr-et-al-on-i386.patch
1614 Content-Length: 1127
1617 2.6.30-stable review patch. If anyone has any objections, please let us know.
1621 From: David Woodhouse <dwmw2@infradead.org>
1623 commit 788d84bba47ea3eb377f7a3ae4fd1ee84b84877b upstream.
1625 We can run a 32-bit kernel on boxes with an IOMMU, so we need
1626 pci_unmap_addr() etc. to work -- without it, drivers will leak mappings.
1628 To be honest, this whole thing looks like it's more pain than it's
1629 worth; I'm half inclined to remove the no-op #else case altogether.
1631 But this is the minimal fix, which just does the right thing if
1634 Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
1635 Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1636 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1639 arch/x86/include/asm/pci.h | 2 +-
1640 1 file changed, 1 insertion(+), 1 deletion(-)
1642 --- a/arch/x86/include/asm/pci.h
1643 +++ b/arch/x86/include/asm/pci.h
1644 @@ -91,7 +91,7 @@ extern void pci_iommu_alloc(void);
1646 #define PCI_DMA_BUS_IS_PHYS (dma_ops->is_phys)
1648 -#if defined(CONFIG_X86_64) || defined(CONFIG_DMA_API_DEBUG)
1649 +#if defined(CONFIG_X86_64) || defined(CONFIG_DMAR) || defined(CONFIG_DMA_API_DEBUG)
1651 #define DECLARE_PCI_UNMAP_ADDR(ADDR_NAME) \
1652 dma_addr_t ADDR_NAME;
1655 From gregkh@mini.kroah.org Fri Jul 17 13:12:37 2009
1656 Message-Id: <20090717201237.072896951@mini.kroah.org>
1657 User-Agent: quilt/0.48-1
1658 Date: Fri, 17 Jul 2009 13:09:12 -0700
1659 From: Greg KH <gregkh@suse.de>
1660 To: linux-kernel@vger.kernel.org,
1662 Cc: stable-review@kernel.org,
1663 torvalds@linux-foundation.org,
1664 akpm@linux-foundation.org,
1665 alan@lxorguk.ukuu.org.uk,
1666 David Woodhouse <David.Woodhouse@intel.com>,
1667 mark gross <mgross@linux.intel.com>
1668 Subject: [patch 21/24] Fix iommu address space allocation
1669 References: <20090717200851.907421303@mini.kroah.org>
1670 Content-Disposition: inline; filename=fix-iommu-address-space-allocation.patch
1671 Content-Length: 2426
1674 2.6.30-stable review patch. If anyone has any objections, please let us know.
1678 From: David Woodhouse <dwmw2@infradead.org>
1680 commit a15a519ed6e5e644f5a33c213c00b0c1d3cfe683 upstream.
1682 This fixes kernel.org bug #13584. The IOVA code attempted to optimise
1683 the insertion of new ranges into the rbtree, with the unfortunate result
1684 that some ranges just didn't get inserted into the tree at all. Then
1685 those ranges would be handed out more than once, and things kind of go
1686 downhill from there.
1688 Introduced after 2.6.25 by ddf02886cbe665d67ca750750196ea5bf524b10b
1689 ("PCI: iova RB tree setup tweak").
1691 Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
1692 Cc: mark gross <mgross@linux.intel.com>
1693 Cc: Andrew Morton <akpm@linux-foundation.org>
1694 Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1695 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1698 drivers/pci/iova.c | 26 ++++++++++++++++++++++----
1699 1 file changed, 22 insertions(+), 4 deletions(-)
1701 --- a/drivers/pci/iova.c
1702 +++ b/drivers/pci/iova.c
1705 - * Copyright (c) 2006, Intel Corporation.
1706 + * Copyright © 2006-2009, Intel Corporation.
1708 - * This file is released under the GPLv2.
1709 + * This program is free software; you can redistribute it and/or modify it
1710 + * under the terms and conditions of the GNU General Public License,
1711 + * version 2, as published by the Free Software Foundation.
1713 + * This program is distributed in the hope it will be useful, but WITHOUT
1714 + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
1715 + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
1718 + * You should have received a copy of the GNU General Public License along with
1719 + * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
1720 + * Place - Suite 330, Boston, MA 02111-1307 USA.
1722 - * Copyright (C) 2006-2008 Intel Corporation
1723 * Author: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
1726 @@ -123,7 +133,15 @@ move_left:
1727 /* Insert the new_iova into domain rbtree by holding writer lock */
1728 /* Add new node and rebalance tree. */
1730 - struct rb_node **entry = &((prev)), *parent = NULL;
1731 + struct rb_node **entry, *parent = NULL;
1733 + /* If we have 'prev', it's a valid place to start the
1734 + insertion. Otherwise, start from the root. */
1738 + entry = &iovad->rbroot.rb_node;
1740 /* Figure out where to put new node */
1742 struct iova *this = container_of(*entry,
1745 From gregkh@mini.kroah.org Fri Jul 17 13:12:37 2009
1746 Message-Id: <20090717201237.635913901@mini.kroah.org>
1747 User-Agent: quilt/0.48-1
1748 Date: Fri, 17 Jul 2009 13:09:13 -0700
1749 From: Greg KH <gregkh@suse.de>
1750 To: linux-kernel@vger.kernel.org,
1752 Cc: stable-review@kernel.org,
1753 torvalds@linux-foundation.org,
1754 akpm@linux-foundation.org,
1755 alan@lxorguk.ukuu.org.uk,
1756 Miklos Szeredi <mszeredi@suse.cz>
1757 Subject: [patch 22/24] fuse: fix bad return value in fuse_file_poll()
1758 References: <20090717200851.907421303@mini.kroah.org>
1759 Content-Disposition: inline; filename=fuse-fix-bad-return-value-in-fuse_file_poll.patch
1763 2.6.30-stable review patch. If anyone has any objections, please let us know.
1767 From: Miklos Szeredi <mszeredi@suse.cz>
1769 commit 201fa69a2849536ef2912e8e971ec0b01c04eff4 upstream.
1771 Fix fuse_file_poll() which returned a -errno value instead of a poll
1774 Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
1775 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1778 fs/fuse/file.c | 2 +-
1779 1 file changed, 1 insertion(+), 1 deletion(-)
1781 --- a/fs/fuse/file.c
1782 +++ b/fs/fuse/file.c
1783 @@ -1867,7 +1867,7 @@ static unsigned fuse_file_poll(struct fi
1785 req = fuse_get_req(fc);
1787 - return PTR_ERR(req);
1790 req->in.h.opcode = FUSE_POLL;
1791 req->in.h.nodeid = get_node_id(inode);
1794 From gregkh@mini.kroah.org Fri Jul 17 13:12:38 2009
1795 Message-Id: <20090717201237.955389551@mini.kroah.org>
1796 User-Agent: quilt/0.48-1
1797 Date: Fri, 17 Jul 2009 13:09:14 -0700
1798 From: Greg KH <gregkh@suse.de>
1799 To: linux-kernel@vger.kernel.org,
1801 Cc: stable-review@kernel.org,
1802 torvalds@linux-foundation.org,
1803 akpm@linux-foundation.org,
1804 alan@lxorguk.ukuu.org.uk,
1805 Miklos Szeredi <mszeredi@suse.cz>
1806 Subject: [patch 23/24] fuse: fix return value of fuse_dev_write()
1807 References: <20090717200851.907421303@mini.kroah.org>
1808 Content-Disposition: inline; filename=fuse-fix-return-value-of-fuse_dev_write.patch
1812 2.6.30-stable review patch. If anyone has any objections, please let us know.
1816 From: Csaba Henk <csaba@gluster.com>
1818 commit b4c458b3a23d76936e76678f2074b1528f129f7a upstream.
1820 On 64 bit systems -- where sizeof(ssize_t) > sizeof(int) -- the following test
1821 exposes a bug due to a non-careful return of an int or unsigned value:
1823 implement a FUSE filesystem which sends an unsolicited notification to
1824 the kernel with invalid opcode. The respective write to /dev/fuse
1825 will return (1 << 32) - EINVAL with errno == 0 instead of -1 with
1828 Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
1829 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1832 fs/fuse/dev.c | 2 +-
1833 1 file changed, 1 insertion(+), 1 deletion(-)
1837 @@ -904,7 +904,7 @@ static ssize_t fuse_dev_write(struct kio
1838 unsigned long nr_segs, loff_t pos)
1841 - unsigned nbytes = iov_length(iov, nr_segs);
1842 + size_t nbytes = iov_length(iov, nr_segs);
1843 struct fuse_req *req;
1844 struct fuse_out_header oh;
1845 struct fuse_copy_state cs;
1848 From gregkh@mini.kroah.org Fri Jul 17 13:12:38 2009
1849 Message-Id: <20090717201238.142701426@mini.kroah.org>
1850 User-Agent: quilt/0.48-1
1851 Date: Fri, 17 Jul 2009 13:09:15 -0700
1852 From: Greg KH <gregkh@suse.de>
1853 To: linux-kernel@vger.kernel.org,
1855 Cc: stable-review@kernel.org,
1856 torvalds@linux-foundation.org,
1857 akpm@linux-foundation.org,
1858 alan@lxorguk.ukuu.org.uk
1859 Subject: [patch 24/24] Dont use -fwrapv compiler option: its buggy in gcc-4.1.x
1860 References: <20090717200851.907421303@mini.kroah.org>
1861 Content-Disposition: inline; filename=don-t-use-fwrapv-compiler-option-it-s-buggy-in-gcc-4.1.x.patch
1862 Content-Length: 1581
1865 2.6.30-stable review patch. If anyone has any objections, please let us know.
1869 From: Linus Torvalds <torvalds@linux-foundation.org>
1871 commit a137802ee839ace40079bebde24cfb416f73208a upstream.
1873 This causes kernel images that don't run init to completion with certain
1874 broken gcc versions.
1876 This fixes kernel bugzilla entry:
1877 http://bugzilla.kernel.org/show_bug.cgi?id=13012
1879 I suspect the gcc problem is this:
1880 http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28230
1882 Fix the problem by using the -fno-strict-overflow flag instead, which
1883 not only does not exist in the known-to-be-broken versions of gcc (it
1884 was introduced later than fwrapv), but seems to be much less disturbing
1885 to gcc too: the difference in the generated code by -fno-strict-overflow
1886 are smaller (compared to using neither flag) than when using -fwrapv.
1888 Reported-by: Barry K. Nathan <barryn@pobox.com>
1889 Pushed-by: Frans Pop <elendil@planet.nl>
1890 Cc: Andrew Morton <akpm@linux-foundation.org>
1891 Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1892 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
1896 1 file changed, 1 insertion(+), 1 deletion(-)
1900 @@ -574,7 +574,7 @@ KBUILD_CFLAGS += $(call cc-option,-Wdecl
1901 KBUILD_CFLAGS += $(call cc-option,-Wno-pointer-sign,)
1903 # disable invalid "can't wrap" optimizations for signed / pointers
1904 -KBUILD_CFLAGS += $(call cc-option,-fwrapv)
1905 +KBUILD_CFLAGS += $(call cc-option,-fno-strict-overflow)
1907 # revert to pre-gcc-4.4 behaviour of .eh_frame
1908 KBUILD_CFLAGS += $(call cc-option,-fno-dwarf2-cfi-asm)