From: Greg Kroah-Hartman <gregkh@suse.de>
Date: Thu, 5 Aug 2010 23:01:05 +0000 (-0700)
Subject: .34 patches
X-Git-Tag: v2.6.27.50~14
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7027808219b749ec08520ca4ee89297c255fcc96;p=thirdparty%2Fkernel%2Fstable-queue.git

.34 patches
---

diff --git a/queue-2.6.34/gfs2-rename-causes-kernel-oops.patch b/queue-2.6.34/gfs2-rename-causes-kernel-oops.patch
new file mode 100644
index 00000000000..7e6f4195c0d
--- /dev/null
+++ b/queue-2.6.34/gfs2-rename-causes-kernel-oops.patch
@@ -0,0 +1,67 @@
+From 728a756b8fcd22d80e2dbba8117a8a3aafd3f203 Mon Sep 17 00:00:00 2001
+From: Bob Peterson <rpeterso@redhat.com>
+Date: Wed, 14 Jul 2010 18:12:26 -0400
+Subject: GFS2: rename causes kernel Oops
+
+From: Bob Peterson <rpeterso@redhat.com>
+
+commit 728a756b8fcd22d80e2dbba8117a8a3aafd3f203 upstream.
+
+This patch fixes a kernel Oops in the GFS2 rename code.
+
+The problem was in the way the gfs2 directory code was trying
+to re-use sentinel directory entries.
+
+In the failing case, gfs2's rename function was renaming a
+file to another name that had the same non-trivial length.
+The file being renamed happened to be the first directory
+entry on the leaf block.
+
+First, the rename code (gfs2_rename in ops_inode.c) found the
+original directory entry and decided it could do its job by
+simply replacing the directory entry with another.  Therefore
+it determined correctly that no block allocations were needed.
+
+Next, the rename code deleted the old directory entry prior to
+replacing it with the new name.  Therefore, the soon-to-be
+replaced directory entry was temporarily made into a directory
+entry "sentinel" or a place holder at the start of a leaf block.
+
+Lastly, it went to re-add the replacement directory entry in
+that leaf block.  However, when gfs2_dirent_find_space was
+looking for space in the leaf block, it used the wrong value
+for the sentinel.  That threw off its calculations so later
+it decides it can't really re-use the sentinel and therefore
+must allocate a new leaf block.  But because it previously decided
+to re-use the directory entry, it didn't waste the time to
+grab a new block allocation for the inode.  Therefore, the
+inode's i_alloc pointer was still NULL and it crashes trying to
+reference it.
+
+In the case of sentinel directory entries, the entire dirent is
+reused, not just the "free space" portion of it, and therefore
+the function gfs2_dirent_find_space should use the value 0
+rather than GFS2_DIRENT_SIZE(0) for the actual dirent size.
+
+Fixing this calculation enables the reproducer programs to work
+properly.
+
+Signed-off-by: Bob Peterson <rpeterso@redhat.com>
+Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ fs/gfs2/dir.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/fs/gfs2/dir.c
++++ b/fs/gfs2/dir.c
+@@ -392,7 +392,7 @@ static int gfs2_dirent_find_space(const
+ 	unsigned totlen = be16_to_cpu(dent->de_rec_len);
+ 
+ 	if (gfs2_dirent_sentinel(dent))
+-		actual = GFS2_DIRENT_SIZE(0);
++		actual = 0;
+ 	if (totlen - actual >= required)
+ 		return 1;
+ 	return 0;
diff --git a/queue-2.6.34/kvm-mmu-flush-remote-tlbs-when-overwriting-spte-with-different-pfn.patch b/queue-2.6.34/kvm-mmu-flush-remote-tlbs-when-overwriting-spte-with-different-pfn.patch
new file mode 100644
index 00000000000..324af299abc
--- /dev/null
+++ b/queue-2.6.34/kvm-mmu-flush-remote-tlbs-when-overwriting-spte-with-different-pfn.patch
@@ -0,0 +1,30 @@
+From 7348ddc13edf4dacbde631e3223ebf42a5b91525 Mon Sep 17 00:00:00 2001
+From: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
+Date: Wed, 30 Jun 2010 16:04:06 +0800
+Subject: KVM: MMU: flush remote tlbs when overwriting spte with different pfn
+
+From: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
+
+(cherry picked from commit 91546356d0e550fa23abf7f4b04a903c2855761f)
+
+After remove a rmap, we should flush all vcpu's tlb
+
+Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
+Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/x86/kvm/mmu.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/arch/x86/kvm/mmu.c
++++ b/arch/x86/kvm/mmu.c
+@@ -1901,6 +1901,8 @@ static void mmu_set_spte(struct kvm_vcpu
+ 			pgprintk("hfn old %lx new %lx\n",
+ 				 spte_to_pfn(*sptep), pfn);
+ 			rmap_remove(vcpu->kvm, sptep);
++			__set_spte(sptep, shadow_trap_nonpresent_pte);
++			kvm_flush_remote_tlbs(vcpu->kvm);
+ 		} else
+ 			was_rmapped = 1;
+ 	}
diff --git a/queue-2.6.34/scsi-enclosure-fix-error-path-actually-return-err_ptr-on-error.patch b/queue-2.6.34/scsi-enclosure-fix-error-path-actually-return-err_ptr-on-error.patch
new file mode 100644
index 00000000000..3809bdeaca0
--- /dev/null
+++ b/queue-2.6.34/scsi-enclosure-fix-error-path-actually-return-err_ptr-on-error.patch
@@ -0,0 +1,35 @@
+From a91c1be21704113b023919826c6d531da46656ef Mon Sep 17 00:00:00 2001
+From: James Bottomley <James.Bottomley@suse.de>
+Date: Fri, 12 Mar 2010 16:14:42 -0600
+Subject: SCSI: enclosure: fix error path - actually return ERR_PTR() on error
+
+From: James Bottomley <James.Bottomley@suse.de>
+
+commit a91c1be21704113b023919826c6d531da46656ef upstream.
+
+we also need to clean up and free the cdev.
+
+Reported-by: Jani Nikula <ext-jani.1.nikula@nokia.com>
+Signed-off-by: James Bottomley <James.Bottomley@suse.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/misc/enclosure.c |    7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+--- a/drivers/misc/enclosure.c
++++ b/drivers/misc/enclosure.c
+@@ -285,8 +285,11 @@ enclosure_component_register(struct encl
+ 	cdev->groups = enclosure_groups;
+ 
+ 	err = device_register(cdev);
+-	if (err)
+-		ERR_PTR(err);
++	if (err) {
++		ecomp->number = -1;
++		put_device(cdev);
++		return ERR_PTR(err);
++	}
+ 
+ 	return ecomp;
+ }
diff --git a/queue-2.6.34/series b/queue-2.6.34/series
index b903d5f2b93..c15fdd05cbd 100644
--- a/queue-2.6.34/series
+++ b/queue-2.6.34/series
@@ -21,3 +21,7 @@ iwlwifi-fix-scan-abort.patch
 cfg80211-ignore-spurious-deauth.patch
 cfg80211-don-t-get-expired-bsses.patch
 mac80211-avoid-scheduling-while-atomic-in-mesh_rx_plink_frame.patch
+scsi-enclosure-fix-error-path-actually-return-err_ptr-on-error.patch
+gfs2-rename-causes-kernel-oops.patch
+kvm-mmu-flush-remote-tlbs-when-overwriting-spte-with-different-pfn.patch
+xen-drop-xen_sched_clock-in-favour-of-using-plain-wallclock-time.patch
diff --git a/queue-2.6.34/xen-drop-xen_sched_clock-in-favour-of-using-plain-wallclock-time.patch b/queue-2.6.34/xen-drop-xen_sched_clock-in-favour-of-using-plain-wallclock-time.patch
new file mode 100644
index 00000000000..358bd90f4c9
--- /dev/null
+++ b/queue-2.6.34/xen-drop-xen_sched_clock-in-favour-of-using-plain-wallclock-time.patch
@@ -0,0 +1,86 @@
+From 8a22b9996b001c88f2bfb54c6de6a05fc39e177a Mon Sep 17 00:00:00 2001
+From: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
+Date: Mon, 12 Jul 2010 11:49:59 -0700
+Subject: xen: drop xen_sched_clock in favour of using plain wallclock time
+
+From: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
+
+commit 8a22b9996b001c88f2bfb54c6de6a05fc39e177a upstream.
+
+xen_sched_clock only counts unstolen time.  In principle this should
+be useful to the Linux scheduler so that it knows how much time a process
+actually consumed.  But in practice this doesn't work very well as the
+scheduler expects the sched_clock time to be synchronized between
+cpus.  It also uses sched_clock to measure the time a task spends
+sleeping, in which case "unstolen time" isn't meaningful.
+
+So just use plain xen_clocksource_read to return wallclock nanoseconds
+for sched_clock.
+
+Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/x86/xen/enlighten.c |    2 +-
+ arch/x86/xen/time.c      |   39 ---------------------------------------
+ 2 files changed, 1 insertion(+), 40 deletions(-)
+
+--- a/arch/x86/xen/enlighten.c
++++ b/arch/x86/xen/enlighten.c
+@@ -927,7 +927,7 @@ static const struct pv_init_ops xen_init
+ };
+ 
+ static const struct pv_time_ops xen_time_ops __initdata = {
+-	.sched_clock = xen_sched_clock,
++	.sched_clock = xen_clocksource_read,
+ };
+ 
+ static const struct pv_cpu_ops xen_cpu_ops __initdata = {
+--- a/arch/x86/xen/time.c
++++ b/arch/x86/xen/time.c
+@@ -155,45 +155,6 @@ static void do_stolen_accounting(void)
+ 	account_idle_ticks(ticks);
+ }
+ 
+-/*
+- * Xen sched_clock implementation.  Returns the number of unstolen
+- * nanoseconds, which is nanoseconds the VCPU spent in RUNNING+BLOCKED
+- * states.
+- */
+-unsigned long long xen_sched_clock(void)
+-{
+-	struct vcpu_runstate_info state;
+-	cycle_t now;
+-	u64 ret;
+-	s64 offset;
+-
+-	/*
+-	 * Ideally sched_clock should be called on a per-cpu basis
+-	 * anyway, so preempt should already be disabled, but that's
+-	 * not current practice at the moment.
+-	 */
+-	preempt_disable();
+-
+-	now = xen_clocksource_read();
+-
+-	get_runstate_snapshot(&state);
+-
+-	WARN_ON(state.state != RUNSTATE_running);
+-
+-	offset = now - state.state_entry_time;
+-	if (offset < 0)
+-		offset = 0;
+-
+-	ret = state.time[RUNSTATE_blocked] +
+-		state.time[RUNSTATE_running] +
+-		offset;
+-
+-	preempt_enable();
+-
+-	return ret;
+-}
+-
+-
+ /* Get the TSC speed from Xen */
+ unsigned long xen_tsc_khz(void)
+ {