1 From: Greg Kroah-Hartman <gregkh@suse.de>
2 Subject: Linux 2.6.27.8
4 Upstream 2.6.27.8 release from kernel.org
6 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
8 diff --git a/Documentation/filesystems/proc.txt b/Documentation/filesystems/proc.txt
9 index f566ad9..23f3edc 100644
10 --- a/Documentation/filesystems/proc.txt
11 +++ b/Documentation/filesystems/proc.txt
12 @@ -44,6 +44,7 @@ Table of Contents
13 2.14 /proc/<pid>/io - Display the IO accounting fields
14 2.15 /proc/<pid>/coredump_filter - Core dump filtering settings
15 2.16 /proc/<pid>/mountinfo - Information about mounts
16 + 2.17 /proc/sys/fs/epoll - Configuration options for the epoll interface
18 ------------------------------------------------------------------------------
20 @@ -2471,4 +2472,30 @@ For more information on mount propagation see:
22 Documentation/filesystems/sharedsubtree.txt
24 +2.17 /proc/sys/fs/epoll - Configuration options for the epoll interface
25 +--------------------------------------------------------
27 +This directory contains configuration options for the epoll(7) interface.
32 +This is the maximum number of epoll file descriptors that a single user can
33 +have open at a given time. The default value is 128, and should be enough
39 +Every epoll file descriptor can store a number of files to be monitored
40 +for event readiness. Each one of these monitored files constitutes a "watch".
41 +This configuration option sets the maximum number of "watches" that are
42 +allowed for each user.
43 +Each "watch" costs roughly 90 bytes on a 32bit kernel, and roughly 160 bytes
45 +The current default value for max_user_watches is the 1/32 of the available
46 +low memory, divided for the "watch" cost in bytes.
49 ------------------------------------------------------------------------------
51 diff --git a/Makefile b/Makefile
52 index b5f52f3..a629d7f 100644
61 NAME = Trembling Tortoise
64 diff --git a/arch/ia64/kernel/acpi.c b/arch/ia64/kernel/acpi.c
65 index 5d1eb7e..8a7e508 100644
66 --- a/arch/ia64/kernel/acpi.c
67 +++ b/arch/ia64/kernel/acpi.c
68 @@ -656,6 +656,30 @@ static int __init acpi_parse_fadt(struct acpi_table_header *table)
72 +int __init early_acpi_boot_init(void)
77 + * do a partial walk of MADT to determine how many CPUs
78 + * we have including offline CPUs
80 + if (acpi_table_parse(ACPI_SIG_MADT, acpi_parse_madt)) {
81 + printk(KERN_ERR PREFIX "Can't find MADT\n");
85 + ret = acpi_table_parse_madt(ACPI_MADT_TYPE_LOCAL_SAPIC,
86 + acpi_parse_lsapic, NR_CPUS);
88 + printk(KERN_ERR PREFIX
89 + "Error parsing MADT - no LAPIC entries\n");
96 int __init acpi_boot_init(void)
99 @@ -679,11 +703,6 @@ int __init acpi_boot_init(void)
100 printk(KERN_ERR PREFIX
101 "Error parsing LAPIC address override entry\n");
103 - if (acpi_table_parse_madt(ACPI_MADT_TYPE_LOCAL_SAPIC, acpi_parse_lsapic, NR_CPUS)
105 - printk(KERN_ERR PREFIX
106 - "Error parsing MADT - no LAPIC entries\n");
108 if (acpi_table_parse_madt(ACPI_MADT_TYPE_LOCAL_APIC_NMI, acpi_parse_lapic_nmi, 0)
110 printk(KERN_ERR PREFIX "Error parsing LAPIC NMI entry\n");
111 diff --git a/arch/ia64/kernel/setup.c b/arch/ia64/kernel/setup.c
112 index de636b2..6030236 100644
113 --- a/arch/ia64/kernel/setup.c
114 +++ b/arch/ia64/kernel/setup.c
115 @@ -549,8 +549,12 @@ setup_arch (char **cmdline_p)
117 /* Initialize the ACPI boot-time table parser */
119 + early_acpi_boot_init();
120 # ifdef CONFIG_ACPI_NUMA
122 +#ifdef CONFIG_ACPI_HOTPLUG_CPU
123 + prefill_possible_map();
125 per_cpu_scan_finalize((cpus_weight(early_cpu_possible_map) == 0 ?
126 32 : cpus_weight(early_cpu_possible_map)),
127 additional_cpus > 0 ? additional_cpus : 0);
128 @@ -841,9 +845,6 @@ void __init
129 setup_per_cpu_areas (void)
131 /* start_kernel() requires this... */
132 -#ifdef CONFIG_ACPI_HOTPLUG_CPU
133 - prefill_possible_map();
138 diff --git a/arch/parisc/kernel/traps.c b/arch/parisc/kernel/traps.c
139 index 675f1d0..4c771cd 100644
140 --- a/arch/parisc/kernel/traps.c
141 +++ b/arch/parisc/kernel/traps.c
143 #include <linux/init.h>
144 #include <linux/interrupt.h>
145 #include <linux/console.h>
146 -#include <linux/kallsyms.h>
147 #include <linux/bug.h>
149 #include <asm/assembly.h>
151 DEFINE_SPINLOCK(pa_dbit_lock);
154 -void parisc_show_stack(struct task_struct *t, unsigned long *sp,
155 +static void parisc_show_stack(struct task_struct *task, unsigned long *sp,
156 struct pt_regs *regs);
158 static int printbinary(char *buf, unsigned long x, int nbits)
159 @@ -121,18 +120,19 @@ static void print_fr(char *level, struct pt_regs *regs)
161 void show_regs(struct pt_regs *regs)
166 unsigned long cr30, cr31;
168 - level = user_mode(regs) ? KERN_DEBUG : KERN_CRIT;
169 + user = user_mode(regs);
170 + level = user ? KERN_DEBUG : KERN_CRIT;
172 print_gr(level, regs);
174 for (i = 0; i < 8; i += 4)
175 PRINTREGS(level, regs->sr, "sr", RFMT, i);
177 - if (user_mode(regs))
179 print_fr(level, regs);
182 @@ -145,14 +145,18 @@ void show_regs(struct pt_regs *regs)
183 printk("%s CPU: %8d CR30: " RFMT " CR31: " RFMT "\n",
184 level, current_thread_info()->cpu, cr30, cr31);
185 printk("%s ORIG_R28: " RFMT "\n", level, regs->orig_r28);
187 - print_symbol(" IAOQ[0]: %s\n", regs->iaoq[0]);
189 - print_symbol(" IAOQ[1]: %s\n", regs->iaoq[1]);
191 - print_symbol(" RP(r2): %s\n", regs->gr[2]);
193 - parisc_show_stack(current, NULL, regs);
196 + printk("%s IAOQ[0]: " RFMT "\n", level, regs->iaoq[0]);
197 + printk("%s IAOQ[1]: " RFMT "\n", level, regs->iaoq[1]);
198 + printk("%s RP(r2): " RFMT "\n", level, regs->gr[2]);
200 + printk("%s IAOQ[0]: %pS\n", level, (void *) regs->iaoq[0]);
201 + printk("%s IAOQ[1]: %pS\n", level, (void *) regs->iaoq[1]);
202 + printk("%s RP(r2): %pS\n", level, (void *) regs->gr[2]);
204 + parisc_show_stack(current, NULL, regs);
209 @@ -173,20 +177,15 @@ static void do_show_stack(struct unwind_frame_info *info)
212 if (__kernel_text_address(info->ip)) {
213 - printk("%s [<" RFMT ">] ", (i&0x3)==1 ? KERN_CRIT : "", info->ip);
214 -#ifdef CONFIG_KALLSYMS
215 - print_symbol("%s\n", info->ip);
217 - if ((i & 0x03) == 0)
220 + printk(KERN_CRIT " [<" RFMT ">] %pS\n",
221 + info->ip, (void *) info->ip);
226 + printk(KERN_CRIT "\n");
229 -void parisc_show_stack(struct task_struct *task, unsigned long *sp,
230 +static void parisc_show_stack(struct task_struct *task, unsigned long *sp,
231 struct pt_regs *regs)
233 struct unwind_frame_info info;
234 diff --git a/arch/powerpc/platforms/cell/spufs/file.c b/arch/powerpc/platforms/cell/spufs/file.c
235 index 010a51f..d5c3b45 100644
236 --- a/arch/powerpc/platforms/cell/spufs/file.c
237 +++ b/arch/powerpc/platforms/cell/spufs/file.c
238 @@ -390,6 +390,9 @@ static int spufs_ps_fault(struct vm_area_struct *vma,
239 if (offset >= ps_size)
240 return VM_FAULT_SIGBUS;
242 + if (fatal_signal_pending(current))
243 + return VM_FAULT_SIGBUS;
246 * Because we release the mmap_sem, the context may be destroyed while
247 * we're in spu_wait. Grab an extra reference so it isn't destroyed
248 diff --git a/arch/powerpc/platforms/cell/spufs/inode.c b/arch/powerpc/platforms/cell/spufs/inode.c
249 index 690ca7b..5c73b62 100644
250 --- a/arch/powerpc/platforms/cell/spufs/inode.c
251 +++ b/arch/powerpc/platforms/cell/spufs/inode.c
252 @@ -496,6 +496,8 @@ spufs_create_context(struct inode *inode, struct dentry *dentry,
253 ret = spufs_context_open(dget(dentry), mntget(mnt));
255 WARN_ON(spufs_rmdir(inode, dentry));
257 + mutex_unlock(&gang->aff_mutex);
258 mutex_unlock(&inode->i_mutex);
259 spu_forget(SPUFS_I(dentry->d_inode)->i_ctx);
261 diff --git a/arch/x86/kernel/acpi/boot.c b/arch/x86/kernel/acpi/boot.c
262 index c102af8..7d58e7f 100644
263 --- a/arch/x86/kernel/acpi/boot.c
264 +++ b/arch/x86/kernel/acpi/boot.c
265 @@ -1593,6 +1593,11 @@ static struct dmi_system_id __initdata acpi_dmi_table[] = {
266 DMI_MATCH(DMI_PRODUCT_NAME, "TravelMate 360"),
272 +/* second table for DMI checks that should run after early-quirks */
273 +static struct dmi_system_id __initdata acpi_dmi_table_late[] = {
275 * HP laptops which use a DSDT reporting as HP/SB400/10000,
276 * which includes some code which overrides all temperature
277 @@ -1721,6 +1726,9 @@ int __init early_acpi_boot_init(void)
279 int __init acpi_boot_init(void)
281 + /* those are executed after early-quirks are executed */
282 + dmi_check_system(acpi_dmi_table_late);
285 * If acpi_disabled, bail out
286 * One exception: acpi=ht continues far enough to enumerate LAPICs
287 diff --git a/arch/x86/kernel/cpu/cpufreq/powernow-k8.c b/arch/x86/kernel/cpu/cpufreq/powernow-k8.c
288 index 84bb395..20bda8c 100644
289 --- a/arch/x86/kernel/cpu/cpufreq/powernow-k8.c
290 +++ b/arch/x86/kernel/cpu/cpufreq/powernow-k8.c
291 @@ -116,9 +116,20 @@ static int query_current_values_with_pending_wait(struct powernow_k8_data *data)
294 if (cpu_family == CPU_HW_PSTATE) {
295 - rdmsr(MSR_PSTATE_STATUS, lo, hi);
296 - i = lo & HW_PSTATE_MASK;
297 - data->currpstate = i;
298 + if (data->currpstate == HW_PSTATE_INVALID) {
299 + /* read (initial) hw pstate if not yet set */
300 + rdmsr(MSR_PSTATE_STATUS, lo, hi);
301 + i = lo & HW_PSTATE_MASK;
304 + * a workaround for family 11h erratum 311 might cause
305 + * an "out-of-range Pstate if the core is in Pstate-0
307 + if (i >= data->numps)
308 + data->currpstate = HW_PSTATE_0;
310 + data->currpstate = i;
315 @@ -1117,6 +1128,7 @@ static int __cpuinit powernowk8_cpu_init(struct cpufreq_policy *pol)
318 data->cpu = pol->cpu;
319 + data->currpstate = HW_PSTATE_INVALID;
321 if (powernow_k8_cpu_init_acpi(data)) {
323 diff --git a/arch/x86/kernel/cpu/cpufreq/powernow-k8.h b/arch/x86/kernel/cpu/cpufreq/powernow-k8.h
324 index ab48cfe..65cfb5d 100644
325 --- a/arch/x86/kernel/cpu/cpufreq/powernow-k8.h
326 +++ b/arch/x86/kernel/cpu/cpufreq/powernow-k8.h
328 * http://www.gnu.org/licenses/gpl.html
333 + HW_PSTATE_INVALID = 0xff,
344 struct powernow_k8_data {
347 @@ -23,7 +36,9 @@ struct powernow_k8_data {
348 u32 exttype; /* extended interface = 1 */
350 /* keep track of the current fid / vid or pstate */
351 - u32 currvid, currfid, currpstate;
354 + enum pstate currpstate;
356 /* the powernow_table includes all frequency and vid/fid pairings:
357 * fid are the lower 8 bits of the index, vid are the upper 8 bits.
358 diff --git a/arch/x86/kernel/early-quirks.c b/arch/x86/kernel/early-quirks.c
359 index 6b839b1..1b894b7 100644
360 --- a/arch/x86/kernel/early-quirks.c
361 +++ b/arch/x86/kernel/early-quirks.c
362 @@ -95,7 +95,8 @@ static void __init nvidia_bugs(int num, int slot, int func)
366 -static u32 ati_ixp4x0_rev(int num, int slot, int func)
367 +#if defined(CONFIG_ACPI) && defined(CONFIG_X86_IO_APIC)
368 +static u32 __init ati_ixp4x0_rev(int num, int slot, int func)
372 @@ -115,7 +116,6 @@ static u32 ati_ixp4x0_rev(int num, int slot, int func)
374 static void __init ati_bugs(int num, int slot, int func)
376 -#if defined(CONFIG_ACPI) && defined (CONFIG_X86_IO_APIC)
380 @@ -138,9 +138,56 @@ static void __init ati_bugs(int num, int slot, int func)
381 printk(KERN_INFO "If you got timer trouble "
382 "try acpi_use_timer_override\n");
387 +static u32 __init ati_sbx00_rev(int num, int slot, int func)
391 + d = read_pci_config(num, slot, func, 0x70);
394 + write_pci_config(num, slot, func, 0x70, d);
395 + d = read_pci_config(num, slot, func, 0x8);
397 + write_pci_config(num, slot, func, 0x70, old);
402 +static void __init ati_bugs_contd(int num, int slot, int func)
406 + if (acpi_use_timer_override)
409 + rev = ati_sbx00_rev(num, slot, func);
413 + /* check for IRQ0 interrupt swap */
414 + d = read_pci_config(num, slot, func, 0x64);
415 + if (!(d & (1<<14)))
416 + acpi_skip_timer_override = 1;
418 + if (acpi_skip_timer_override) {
419 + printk(KERN_INFO "SB600 revision 0x%x\n", rev);
420 + printk(KERN_INFO "Ignoring ACPI timer override.\n");
421 + printk(KERN_INFO "If you got timer trouble "
422 + "try acpi_use_timer_override\n");
426 +static void __init ati_bugs(int num, int slot, int func)
430 +static void __init ati_bugs_contd(int num, int slot, int func)
435 #define QFLAG_APPLY_ONCE 0x1
436 #define QFLAG_APPLIED 0x2
437 #define QFLAG_DONE (QFLAG_APPLY_ONCE|QFLAG_APPLIED)
438 @@ -162,6 +209,8 @@ static struct chipset early_qrk[] __initdata = {
439 PCI_CLASS_BRIDGE_HOST, PCI_ANY_ID, 0, fix_hypertransport_config },
440 { PCI_VENDOR_ID_ATI, PCI_DEVICE_ID_ATI_IXP400_SMBUS,
441 PCI_CLASS_SERIAL_SMBUS, PCI_ANY_ID, 0, ati_bugs },
442 + { PCI_VENDOR_ID_ATI, PCI_DEVICE_ID_ATI_SBX00_SMBUS,
443 + PCI_CLASS_SERIAL_SMBUS, PCI_ANY_ID, 0, ati_bugs_contd },
447 diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
448 index 64b5c42..7667443 100644
449 --- a/arch/x86/kernel/setup.c
450 +++ b/arch/x86/kernel/setup.c
451 @@ -604,7 +604,7 @@ static struct dmi_system_id __initdata bad_bios_dmi_table[] = {
452 .callback = dmi_low_memory_corruption,
453 .ident = "Phoenix BIOS",
455 - DMI_MATCH(DMI_BIOS_VENDOR, "Phoenix Technologies, LTD"),
456 + DMI_MATCH(DMI_BIOS_VENDOR, "Phoenix Technologies"),
460 diff --git a/arch/x86/mm/discontig_32.c b/arch/x86/mm/discontig_32.c
461 index 62fa440..62aec7e 100644
462 --- a/arch/x86/mm/discontig_32.c
463 +++ b/arch/x86/mm/discontig_32.c
464 @@ -222,6 +222,41 @@ static void __init remap_numa_kva(void)
468 +#ifdef CONFIG_HIBERNATION
470 + * resume_map_numa_kva - add KVA mapping to the temporary page tables created
471 + * during resume from hibernation
472 + * @pgd_base - temporary resume page directory
474 +void resume_map_numa_kva(pgd_t *pgd_base)
478 + for_each_online_node(node) {
479 + unsigned long start_va, start_pfn, size, pfn;
481 + start_va = (unsigned long)node_remap_start_vaddr[node];
482 + start_pfn = node_remap_start_pfn[node];
483 + size = node_remap_size[node];
485 + printk(KERN_DEBUG "%s: node %d\n", __FUNCTION__, node);
487 + for (pfn = 0; pfn < size; pfn += PTRS_PER_PTE) {
488 + unsigned long vaddr = start_va + (pfn << PAGE_SHIFT);
489 + pgd_t *pgd = pgd_base + pgd_index(vaddr);
490 + pud_t *pud = pud_offset(pgd, vaddr);
491 + pmd_t *pmd = pmd_offset(pud, vaddr);
493 + set_pmd(pmd, pfn_pmd(start_pfn + pfn,
494 + PAGE_KERNEL_LARGE_EXEC));
496 + printk(KERN_DEBUG "%s: %08lx -> pfn %08lx\n",
497 + __FUNCTION__, vaddr, start_pfn + pfn);
503 static unsigned long calculate_numa_remap_pages(void)
506 diff --git a/arch/x86/power/hibernate_32.c b/arch/x86/power/hibernate_32.c
507 index f2b6e3f..81197c6 100644
508 --- a/arch/x86/power/hibernate_32.c
509 +++ b/arch/x86/power/hibernate_32.c
511 #include <asm/system.h>
512 #include <asm/page.h>
513 #include <asm/pgtable.h>
514 +#include <asm/mmzone.h>
516 /* Defined in hibernate_asm_32.S */
517 extern int restore_image(void);
518 @@ -127,6 +128,9 @@ static int resume_physical_mapping_init(pgd_t *pgd_base)
523 + resume_map_numa_kva(pgd_base);
528 diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c
529 index a4e201b..6bbcf8a 100644
530 --- a/arch/x86/xen/enlighten.c
531 +++ b/arch/x86/xen/enlighten.c
532 @@ -1413,7 +1413,7 @@ static void __init xen_reserve_top(void)
533 if (HYPERVISOR_xen_version(XENVER_platform_parameters, &pp) == 0)
536 - reserve_top_address(-top + 2 * PAGE_SIZE);
537 + reserve_top_address(-top);
538 #endif /* CONFIG_X86_32 */
541 diff --git a/drivers/acpi/ec.c b/drivers/acpi/ec.c
542 index 41b8e7c..9ab3fb9 100644
543 --- a/drivers/acpi/ec.c
544 +++ b/drivers/acpi/ec.c
545 @@ -219,7 +219,8 @@ static void gpe_transaction(struct acpi_ec *ec, u8 status)
548 /* false interrupt, state didn't change */
549 - ++ec->curr->irq_count;
550 + if (in_interrupt())
551 + ++ec->curr->irq_count;
553 spin_unlock_irqrestore(&ec->curr_lock, flags);
555 diff --git a/drivers/acpi/pci_slot.c b/drivers/acpi/pci_slot.c
556 index d5b4ef8..8d4a568 100644
557 --- a/drivers/acpi/pci_slot.c
558 +++ b/drivers/acpi/pci_slot.c
559 @@ -150,7 +150,7 @@ register_slot(acpi_handle handle, u32 lvl, void *context, void **rv)
562 snprintf(name, sizeof(name), "%u", (u32)sun);
563 - pci_slot = pci_create_slot(pci_bus, device, name);
564 + pci_slot = pci_create_slot(pci_bus, device, name, NULL);
565 if (IS_ERR(pci_slot)) {
566 err("pci_create_slot returned %ld\n", PTR_ERR(pci_slot));
568 diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c
569 index 8228ae3..b551cda 100644
570 --- a/drivers/ata/libata-core.c
571 +++ b/drivers/ata/libata-core.c
572 @@ -551,7 +551,7 @@ u64 ata_tf_read_block(struct ata_taskfile *tf, struct ata_device *dev)
573 if (tf->flags & ATA_TFLAG_LBA48) {
574 block |= (u64)tf->hob_lbah << 40;
575 block |= (u64)tf->hob_lbam << 32;
576 - block |= tf->hob_lbal << 24;
577 + block |= (u64)tf->hob_lbal << 24;
579 block |= (tf->device & 0xf) << 24;
581 @@ -1207,7 +1207,7 @@ u64 ata_tf_to_lba48(const struct ata_taskfile *tf)
583 sectors |= ((u64)(tf->hob_lbah & 0xff)) << 40;
584 sectors |= ((u64)(tf->hob_lbam & 0xff)) << 32;
585 - sectors |= (tf->hob_lbal & 0xff) << 24;
586 + sectors |= ((u64)(tf->hob_lbal & 0xff)) << 24;
587 sectors |= (tf->lbah & 0xff) << 16;
588 sectors |= (tf->lbam & 0xff) << 8;
589 sectors |= (tf->lbal & 0xff);
590 @@ -2428,6 +2428,13 @@ int ata_dev_configure(struct ata_device *dev)
594 + if ((dev->horkage & ATA_HORKAGE_FIRMWARE_WARN) && print_info) {
595 + ata_dev_printk(dev, KERN_WARNING, "WARNING: device requires "
596 + "firmware update to be fully functional.\n");
597 + ata_dev_printk(dev, KERN_WARNING, " contact the vendor "
598 + "or visit http://ata.wiki.kernel.org.\n");
604 @@ -3971,6 +3978,20 @@ static const struct ata_blacklist_entry ata_device_blacklist [] = {
605 { "ST380817AS", "3.42", ATA_HORKAGE_NONCQ },
606 { "ST3160023AS", "3.42", ATA_HORKAGE_NONCQ },
608 + /* Seagate NCQ + FLUSH CACHE firmware bug */
609 + { "ST31500341AS", "9JU138", ATA_HORKAGE_NONCQ |
610 + ATA_HORKAGE_FIRMWARE_WARN },
611 + { "ST31000333AS", "9FZ136", ATA_HORKAGE_NONCQ |
612 + ATA_HORKAGE_FIRMWARE_WARN },
613 + { "ST3640623AS", "9FZ164", ATA_HORKAGE_NONCQ |
614 + ATA_HORKAGE_FIRMWARE_WARN },
615 + { "ST3640323AS", "9FZ134", ATA_HORKAGE_NONCQ |
616 + ATA_HORKAGE_FIRMWARE_WARN },
617 + { "ST3320813AS", "9FZ182", ATA_HORKAGE_NONCQ |
618 + ATA_HORKAGE_FIRMWARE_WARN },
619 + { "ST3320613AS", "9FZ162", ATA_HORKAGE_NONCQ |
620 + ATA_HORKAGE_FIRMWARE_WARN },
622 /* Blacklist entries taken from Silicon Image 3124/3132
623 Windows driver .inf file - also several Linux problem reports */
624 { "HTS541060G9SA00", "MB3OC60D", ATA_HORKAGE_NONCQ, },
625 diff --git a/drivers/firewire/fw-sbp2.c b/drivers/firewire/fw-sbp2.c
626 index 4f73537..64142c1 100644
627 --- a/drivers/firewire/fw-sbp2.c
628 +++ b/drivers/firewire/fw-sbp2.c
629 @@ -365,6 +365,11 @@ static const struct {
632 .firmware_revision = 0x0a2700,
634 + .workarounds = SBP2_WORKAROUND_FIX_CAPACITY,
637 + .firmware_revision = 0x0a2700,
639 .workarounds = SBP2_WORKAROUND_FIX_CAPACITY,
641 diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c
642 index 59f6ad8..9ed5947 100644
643 --- a/drivers/gpio/gpiolib.c
644 +++ b/drivers/gpio/gpiolib.c
645 @@ -1049,7 +1049,7 @@ static void gpiolib_dbg_show(struct seq_file *s, struct gpio_chip *chip)
648 is_out = test_bit(FLAG_IS_OUT, &gdesc->flags);
649 - seq_printf(s, " gpio-%-3d (%-12s) %s %s",
650 + seq_printf(s, " gpio-%-3d (%-20.20s) %s %s",
652 is_out ? "out" : "in ",
654 diff --git a/drivers/ieee1394/sbp2.c b/drivers/ieee1394/sbp2.c
655 index 1d6ad34..bad46ea 100644
656 --- a/drivers/ieee1394/sbp2.c
657 +++ b/drivers/ieee1394/sbp2.c
658 @@ -402,6 +402,11 @@ static const struct {
661 .firmware_revision = 0x0a2700,
662 + .model_id = 0x000022,
663 + .workarounds = SBP2_WORKAROUND_FIX_CAPACITY,
666 + .firmware_revision = 0x0a2700,
667 .model_id = 0x000023,
668 .workarounds = SBP2_WORKAROUND_FIX_CAPACITY,
670 diff --git a/drivers/infiniband/hw/mlx4/cq.c b/drivers/infiniband/hw/mlx4/cq.c
671 index d0866a3..1830849 100644
672 --- a/drivers/infiniband/hw/mlx4/cq.c
673 +++ b/drivers/infiniband/hw/mlx4/cq.c
674 @@ -343,6 +343,7 @@ int mlx4_ib_resize_cq(struct ib_cq *ibcq, int entries, struct ib_udata *udata)
676 struct mlx4_ib_dev *dev = to_mdev(ibcq->device);
677 struct mlx4_ib_cq *cq = to_mcq(ibcq);
678 + struct mlx4_mtt mtt;
682 @@ -376,10 +377,13 @@ int mlx4_ib_resize_cq(struct ib_cq *ibcq, int entries, struct ib_udata *udata)
688 err = mlx4_cq_resize(dev->dev, &cq->mcq, entries, &cq->resize_buf->buf.mtt);
692 + mlx4_mtt_cleanup(dev->dev, &mtt);
694 cq->buf = cq->resize_buf->buf;
695 cq->ibcq.cqe = cq->resize_buf->cqe;
696 @@ -406,6 +410,7 @@ int mlx4_ib_resize_cq(struct ib_cq *ibcq, int entries, struct ib_udata *udata)
700 + mlx4_mtt_cleanup(dev->dev, &cq->resize_buf->buf.mtt);
702 mlx4_ib_free_cq_buf(dev, &cq->resize_buf->buf,
703 cq->resize_buf->cqe);
704 diff --git a/drivers/input/keyboard/atkbd.c b/drivers/input/keyboard/atkbd.c
705 index e32c24d..c694eaa 100644
706 --- a/drivers/input/keyboard/atkbd.c
707 +++ b/drivers/input/keyboard/atkbd.c
708 @@ -868,6 +868,22 @@ static void atkbd_hp_keymap_fixup(struct atkbd *atkbd)
712 + * Inventec system with broken key release on volume keys
714 +static void atkbd_inventec_keymap_fixup(struct atkbd *atkbd)
716 + const unsigned int forced_release_keys[] = {
721 + if (atkbd->set == 2)
722 + for (i = 0; i < ARRAY_SIZE(forced_release_keys); i++)
723 + __set_bit(forced_release_keys[i],
724 + atkbd->force_release_mask);
728 * atkbd_set_keycode_table() initializes keyboard's keycode table
729 * according to the selected scancode set
731 @@ -1478,6 +1494,15 @@ static struct dmi_system_id atkbd_dmi_quirk_table[] __initdata = {
732 .callback = atkbd_setup_fixup,
733 .driver_data = atkbd_hp_keymap_fixup,
736 + .ident = "Inventec Symphony",
738 + DMI_MATCH(DMI_SYS_VENDOR, "INVENTEC"),
739 + DMI_MATCH(DMI_PRODUCT_NAME, "SYMPHONY 6.0/7.0"),
741 + .callback = atkbd_setup_fixup,
742 + .driver_data = atkbd_inventec_keymap_fixup,
747 diff --git a/drivers/media/video/compat_ioctl32.c b/drivers/media/video/compat_ioctl32.c
748 index bd5d9de..e6ca401 100644
749 --- a/drivers/media/video/compat_ioctl32.c
750 +++ b/drivers/media/video/compat_ioctl32.c
751 @@ -867,6 +867,7 @@ long v4l_compat_ioctl32(struct file *file, unsigned int cmd, unsigned long arg)
752 case VIDIOC_STREAMON32:
753 case VIDIOC_STREAMOFF32:
755 + case VIDIOC_S_PARM:
759 @@ -885,6 +886,8 @@ long v4l_compat_ioctl32(struct file *file, unsigned int cmd, unsigned long arg)
760 case VIDIOC_S_INPUT32:
761 case VIDIOC_TRY_FMT32:
762 case VIDIOC_S_HW_FREQ_SEEK:
763 + case VIDIOC_ENUM_FRAMESIZES:
764 + case VIDIOC_ENUM_FRAMEINTERVALS:
765 ret = do_video_ioctl(file, cmd, arg);
768 diff --git a/drivers/net/atl1e/atl1e_hw.c b/drivers/net/atl1e/atl1e_hw.c
769 index 949e753..c0d5f7c 100644
770 --- a/drivers/net/atl1e/atl1e_hw.c
771 +++ b/drivers/net/atl1e/atl1e_hw.c
772 @@ -163,9 +163,6 @@ int atl1e_read_mac_addr(struct atl1e_hw *hw)
775 * set hash value for a multicast address
776 - * hash calcu processing :
777 - * 1. calcu 32bit CRC for multicast address
778 - * 2. reverse crc with MSB to LSB
780 u32 atl1e_hash_mc_addr(struct atl1e_hw *hw, u8 *mc_addr)
782 @@ -174,7 +171,6 @@ u32 atl1e_hash_mc_addr(struct atl1e_hw *hw, u8 *mc_addr)
785 crc32 = ether_crc_le(6, mc_addr);
787 for (i = 0; i < 32; i++)
788 value |= (((crc32 >> i) & 1) << (31 - i));
790 diff --git a/drivers/net/e1000/e1000_ethtool.c b/drivers/net/e1000/e1000_ethtool.c
791 index 6a3893a..c854c96 100644
792 --- a/drivers/net/e1000/e1000_ethtool.c
793 +++ b/drivers/net/e1000/e1000_ethtool.c
794 @@ -1774,7 +1774,8 @@ static void e1000_get_wol(struct net_device *netdev,
796 /* this function will set ->supported = 0 and return 1 if wol is not
797 * supported by this hardware */
798 - if (e1000_wol_exclusion(adapter, wol))
799 + if (e1000_wol_exclusion(adapter, wol) ||
800 + !device_can_wakeup(&adapter->pdev->dev))
803 /* apply any specific unsupported masks here */
804 @@ -1811,7 +1812,8 @@ static int e1000_set_wol(struct net_device *netdev, struct ethtool_wolinfo *wol)
805 if (wol->wolopts & (WAKE_PHY | WAKE_ARP | WAKE_MAGICSECURE))
808 - if (e1000_wol_exclusion(adapter, wol))
809 + if (e1000_wol_exclusion(adapter, wol) ||
810 + !device_can_wakeup(&adapter->pdev->dev))
811 return wol->wolopts ? -EOPNOTSUPP : 0;
813 switch (hw->device_id) {
814 @@ -1838,6 +1840,8 @@ static int e1000_set_wol(struct net_device *netdev, struct ethtool_wolinfo *wol)
815 if (wol->wolopts & WAKE_MAGIC)
816 adapter->wol |= E1000_WUFC_MAG;
818 + device_set_wakeup_enable(&adapter->pdev->dev, adapter->wol);
823 diff --git a/drivers/net/e1000/e1000_main.c b/drivers/net/e1000/e1000_main.c
824 index ad6da7b..872ea58 100644
825 --- a/drivers/net/e1000/e1000_main.c
826 +++ b/drivers/net/e1000/e1000_main.c
827 @@ -1180,6 +1180,7 @@ static int __devinit e1000_probe(struct pci_dev *pdev,
829 /* initialize the wol settings based on the eeprom settings */
830 adapter->wol = adapter->eeprom_wol;
831 + device_set_wakeup_enable(&adapter->pdev->dev, adapter->wol);
833 /* print bus type/speed/width info */
834 DPRINTK(PROBE, INFO, "(PCI%s:%s:%s) ",
835 diff --git a/drivers/net/e1000e/ethtool.c b/drivers/net/e1000e/ethtool.c
836 index 33a3ff1..e2a30dd 100644
837 --- a/drivers/net/e1000e/ethtool.c
838 +++ b/drivers/net/e1000e/ethtool.c
839 @@ -1681,7 +1681,8 @@ static void e1000_get_wol(struct net_device *netdev,
843 - if (!(adapter->flags & FLAG_HAS_WOL))
844 + if (!(adapter->flags & FLAG_HAS_WOL) ||
845 + !device_can_wakeup(&adapter->pdev->dev))
848 wol->supported = WAKE_UCAST | WAKE_MCAST |
849 @@ -1719,7 +1720,8 @@ static int e1000_set_wol(struct net_device *netdev,
850 if (wol->wolopts & WAKE_MAGICSECURE)
853 - if (!(adapter->flags & FLAG_HAS_WOL))
854 + if (!(adapter->flags & FLAG_HAS_WOL) ||
855 + !device_can_wakeup(&adapter->pdev->dev))
856 return wol->wolopts ? -EOPNOTSUPP : 0;
858 /* these settings will always override what we currently have */
859 @@ -1738,6 +1740,8 @@ static int e1000_set_wol(struct net_device *netdev,
860 if (wol->wolopts & WAKE_ARP)
861 adapter->wol |= E1000_WUFC_ARP;
863 + device_set_wakeup_enable(&adapter->pdev->dev, adapter->wol);
868 diff --git a/drivers/net/e1000e/netdev.c b/drivers/net/e1000e/netdev.c
869 index b81c423..660c85a 100644
870 --- a/drivers/net/e1000e/netdev.c
871 +++ b/drivers/net/e1000e/netdev.c
872 @@ -4616,6 +4616,7 @@ static int __devinit e1000_probe(struct pci_dev *pdev,
874 /* initialize the wol settings based on the eeprom settings */
875 adapter->wol = adapter->eeprom_wol;
876 + device_set_wakeup_enable(&adapter->pdev->dev, adapter->wol);
878 /* reset the hardware with the new settings */
879 e1000e_reset(adapter);
880 diff --git a/drivers/net/igb/igb_ethtool.c b/drivers/net/igb/igb_ethtool.c
881 index 58906c9..89964fa 100644
882 --- a/drivers/net/igb/igb_ethtool.c
883 +++ b/drivers/net/igb/igb_ethtool.c
884 @@ -1776,7 +1776,8 @@ static void igb_get_wol(struct net_device *netdev, struct ethtool_wolinfo *wol)
886 /* this function will set ->supported = 0 and return 1 if wol is not
887 * supported by this hardware */
888 - if (igb_wol_exclusion(adapter, wol))
889 + if (igb_wol_exclusion(adapter, wol) ||
890 + !device_can_wakeup(&adapter->pdev->dev))
893 /* apply any specific unsupported masks here */
894 @@ -1805,7 +1806,8 @@ static int igb_set_wol(struct net_device *netdev, struct ethtool_wolinfo *wol)
895 if (wol->wolopts & (WAKE_PHY | WAKE_ARP | WAKE_MAGICSECURE))
898 - if (igb_wol_exclusion(adapter, wol))
899 + if (igb_wol_exclusion(adapter, wol) ||
900 + !device_can_wakeup(&adapter->pdev->dev))
901 return wol->wolopts ? -EOPNOTSUPP : 0;
903 switch (hw->device_id) {
904 @@ -1825,6 +1827,8 @@ static int igb_set_wol(struct net_device *netdev, struct ethtool_wolinfo *wol)
905 if (wol->wolopts & WAKE_MAGIC)
906 adapter->wol |= E1000_WUFC_MAG;
908 + device_set_wakeup_enable(&adapter->pdev->dev, adapter->wol);
913 diff --git a/drivers/net/igb/igb_main.c b/drivers/net/igb/igb_main.c
914 index 634c4c9..11b5df3 100644
915 --- a/drivers/net/igb/igb_main.c
916 +++ b/drivers/net/igb/igb_main.c
917 @@ -1220,6 +1220,7 @@ static int __devinit igb_probe(struct pci_dev *pdev,
919 /* initialize the wol settings based on the eeprom settings */
920 adapter->wol = adapter->eeprom_wol;
921 + device_set_wakeup_enable(&adapter->pdev->dev, adapter->wol);
923 /* reset the hardware with the new settings */
925 diff --git a/drivers/net/pcmcia/axnet_cs.c b/drivers/net/pcmcia/axnet_cs.c
926 index 52bf11b..2f68295 100644
927 --- a/drivers/net/pcmcia/axnet_cs.c
928 +++ b/drivers/net/pcmcia/axnet_cs.c
929 @@ -787,6 +787,7 @@ static struct pcmcia_device_id axnet_ids[] = {
930 PCMCIA_DEVICE_PROD_ID12("IO DATA", "ETXPCM", 0x547e66dc, 0x233adac2),
931 PCMCIA_DEVICE_PROD_ID12("Linksys", "EtherFast 10/100 PC Card (PCMPC100 V3)", 0x0733cc81, 0x232019a8),
932 PCMCIA_DEVICE_PROD_ID12("MELCO", "LPC3-TX", 0x481e0094, 0xf91af609),
933 + PCMCIA_DEVICE_PROD_ID12("NETGEAR", "FA411", 0x9aa79dc3, 0x40fad875),
934 PCMCIA_DEVICE_PROD_ID12("PCMCIA", "100BASE", 0x281f1c5d, 0x7c2add04),
935 PCMCIA_DEVICE_PROD_ID12("PCMCIA", "FastEtherCard", 0x281f1c5d, 0x7ef26116),
936 PCMCIA_DEVICE_PROD_ID12("PCMCIA", "FEP501", 0x281f1c5d, 0x2e272058),
937 diff --git a/drivers/net/pcmcia/pcnet_cs.c b/drivers/net/pcmcia/pcnet_cs.c
938 index ebc1ae6..7d6cf02 100644
939 --- a/drivers/net/pcmcia/pcnet_cs.c
940 +++ b/drivers/net/pcmcia/pcnet_cs.c
941 @@ -1697,7 +1697,6 @@ static struct pcmcia_device_id pcnet_ids[] = {
942 PCMCIA_DEVICE_PROD_ID12("National Semiconductor", "InfoMover NE4100", 0x36e1191f, 0xa6617ec8),
943 PCMCIA_DEVICE_PROD_ID12("NEC", "PC-9801N-J12", 0x18df0ba0, 0xbc912d76),
944 PCMCIA_DEVICE_PROD_ID12("NETGEAR", "FA410TX", 0x9aa79dc3, 0x60e5bc0e),
945 - PCMCIA_DEVICE_PROD_ID12("NETGEAR", "FA411", 0x9aa79dc3, 0x40fad875),
946 PCMCIA_DEVICE_PROD_ID12("Network Everywhere", "Fast Ethernet 10/100 PC Card", 0x820a67b6, 0x31ed1a5f),
947 PCMCIA_DEVICE_PROD_ID12("NextCom K.K.", "Next Hawk", 0xaedaec74, 0xad050ef1),
948 PCMCIA_DEVICE_PROD_ID12("PCMCIA", "10/100Mbps Ethernet Card", 0x281f1c5d, 0x6e41773b),
949 diff --git a/drivers/net/wireless/ath9k/recv.c b/drivers/net/wireless/ath9k/recv.c
950 index 20ddb7a..0941589 100644
951 --- a/drivers/net/wireless/ath9k/recv.c
952 +++ b/drivers/net/wireless/ath9k/recv.c
953 @@ -52,7 +52,7 @@ static void ath_rx_buf_link(struct ath_softc *sc, struct ath_buf *bf)
954 /* setup rx descriptors */
955 ath9k_hw_setuprxdesc(ah,
957 - skb_tailroom(skb), /* buffer size */
961 if (sc->sc_rxlink == NULL)
962 @@ -1011,7 +1011,7 @@ int ath_rx_tasklet(struct ath_softc *sc, int flush)
964 pci_dma_sync_single_for_cpu(sc->pdev,
969 pci_unmap_single(sc->pdev,
971 @@ -1303,8 +1303,7 @@ dma_addr_t ath_skb_map_single(struct ath_softc *sc,
972 * NB: do NOT use skb->len, which is 0 on initialization.
973 * Use skb's entire data area instead.
975 - *pa = pci_map_single(sc->pdev, skb->data,
976 - skb_end_pointer(skb) - skb->head, direction);
977 + *pa = pci_map_single(sc->pdev, skb->data, sc->sc_rxbufsize, direction);
981 @@ -1314,6 +1313,5 @@ void ath_skb_unmap_single(struct ath_softc *sc,
984 /* Unmap skb's entire data area */
985 - pci_unmap_single(sc->pdev, *pa,
986 - skb_end_pointer(skb) - skb->head, direction);
987 + pci_unmap_single(sc->pdev, *pa, sc->sc_rxbufsize, direction);
989 diff --git a/drivers/net/wireless/rtl8187_dev.c b/drivers/net/wireless/rtl8187_dev.c
990 index 0cebbc4..1640096 100644
991 --- a/drivers/net/wireless/rtl8187_dev.c
992 +++ b/drivers/net/wireless/rtl8187_dev.c
993 @@ -33,10 +33,13 @@ MODULE_LICENSE("GPL");
994 static struct usb_device_id rtl8187_table[] __devinitdata = {
996 {USB_DEVICE(0x0b05, 0x171d), .driver_info = DEVICE_RTL8187},
998 + {USB_DEVICE(0x050d, 0x705e), .driver_info = DEVICE_RTL8187B},
1000 {USB_DEVICE(0x0bda, 0x8187), .driver_info = DEVICE_RTL8187},
1001 {USB_DEVICE(0x0bda, 0x8189), .driver_info = DEVICE_RTL8187B},
1002 {USB_DEVICE(0x0bda, 0x8197), .driver_info = DEVICE_RTL8187B},
1003 + {USB_DEVICE(0x0bda, 0x8198), .driver_info = DEVICE_RTL8187B},
1005 {USB_DEVICE(0x0846, 0x6100), .driver_info = DEVICE_RTL8187},
1006 {USB_DEVICE(0x0846, 0x6a00), .driver_info = DEVICE_RTL8187},
1007 diff --git a/drivers/parport/parport_serial.c b/drivers/parport/parport_serial.c
1008 index e2e95b3..101ed49 100644
1009 --- a/drivers/parport/parport_serial.c
1010 +++ b/drivers/parport/parport_serial.c
1011 @@ -70,6 +70,8 @@ static int __devinit netmos_parallel_init(struct pci_dev *dev, struct parport_pc
1012 * parallel ports and <S> is the number of serial ports.
1014 card->numports = (dev->subsystem_device & 0xf0) >> 4;
1015 + if (card->numports > ARRAY_SIZE(card->addr))
1016 + card->numports = ARRAY_SIZE(card->addr);
1020 diff --git a/drivers/pci/hotplug/acpiphp.h b/drivers/pci/hotplug/acpiphp.h
1021 index 5a58b07..f9e244d 100644
1022 --- a/drivers/pci/hotplug/acpiphp.h
1023 +++ b/drivers/pci/hotplug/acpiphp.h
1025 #define info(format, arg...) printk(KERN_INFO "%s: " format, MY_NAME , ## arg)
1026 #define warn(format, arg...) printk(KERN_WARNING "%s: " format, MY_NAME , ## arg)
1028 -/* name size which is used for entries in pcihpfs */
1029 -#define SLOT_NAME_SIZE 20 /* {_SUN} */
1031 struct acpiphp_bridge;
1032 struct acpiphp_slot;
1034 @@ -63,9 +60,13 @@ struct slot {
1035 struct hotplug_slot *hotplug_slot;
1036 struct acpiphp_slot *acpi_slot;
1037 struct hotplug_slot_info info;
1038 - char name[SLOT_NAME_SIZE];
1041 +static inline const char *slot_name(struct slot *slot)
1043 + return hotplug_slot_name(slot->hotplug_slot);
1047 * struct acpiphp_bridge - PCI bridge information
1049 diff --git a/drivers/pci/hotplug/acpiphp_core.c b/drivers/pci/hotplug/acpiphp_core.c
1050 index 0e496e8..95b536a 100644
1051 --- a/drivers/pci/hotplug/acpiphp_core.c
1052 +++ b/drivers/pci/hotplug/acpiphp_core.c
1055 #define MY_NAME "acpiphp"
1057 +/* name size which is used for entries in pcihpfs */
1058 +#define SLOT_NAME_SIZE 21 /* {_SUN} */
1063 @@ -84,7 +87,6 @@ static struct hotplug_slot_ops acpi_hotplug_slot_ops = {
1064 .get_adapter_status = get_adapter_status,
1069 * acpiphp_register_attention - set attention LED callback
1070 * @info: must be completely filled with LED callbacks
1071 @@ -136,7 +138,7 @@ static int enable_slot(struct hotplug_slot *hotplug_slot)
1073 struct slot *slot = hotplug_slot->private;
1075 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1076 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1078 /* enable the specified slot */
1079 return acpiphp_enable_slot(slot->acpi_slot);
1080 @@ -154,7 +156,7 @@ static int disable_slot(struct hotplug_slot *hotplug_slot)
1081 struct slot *slot = hotplug_slot->private;
1084 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1085 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1087 /* disable the specified slot */
1088 retval = acpiphp_disable_slot(slot->acpi_slot);
1089 @@ -177,7 +179,7 @@ static int disable_slot(struct hotplug_slot *hotplug_slot)
1091 int retval = -ENODEV;
1093 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1094 + dbg("%s - physical_slot = %s\n", __func__, hotplug_slot_name(hotplug_slot));
1096 if (attention_info && try_module_get(attention_info->owner)) {
1097 retval = attention_info->set_attn(hotplug_slot, status);
1098 @@ -200,7 +202,7 @@ static int get_power_status(struct hotplug_slot *hotplug_slot, u8 *value)
1100 struct slot *slot = hotplug_slot->private;
1102 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1103 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1105 *value = acpiphp_get_power_status(slot->acpi_slot);
1107 @@ -222,7 +224,7 @@ static int get_attention_status(struct hotplug_slot *hotplug_slot, u8 *value)
1109 int retval = -EINVAL;
1111 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1112 + dbg("%s - physical_slot = %s\n", __func__, hotplug_slot_name(hotplug_slot));
1114 if (attention_info && try_module_get(attention_info->owner)) {
1115 retval = attention_info->get_attn(hotplug_slot, value);
1116 @@ -245,7 +247,7 @@ static int get_latch_status(struct hotplug_slot *hotplug_slot, u8 *value)
1118 struct slot *slot = hotplug_slot->private;
1120 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1121 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1123 *value = acpiphp_get_latch_status(slot->acpi_slot);
1125 @@ -265,7 +267,7 @@ static int get_adapter_status(struct hotplug_slot *hotplug_slot, u8 *value)
1127 struct slot *slot = hotplug_slot->private;
1129 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1130 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1132 *value = acpiphp_get_adapter_status(slot->acpi_slot);
1134 @@ -299,7 +301,7 @@ static void release_slot(struct hotplug_slot *hotplug_slot)
1136 struct slot *slot = hotplug_slot->private;
1138 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1139 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1141 kfree(slot->hotplug_slot);
1143 @@ -310,6 +312,7 @@ int acpiphp_register_hotplug_slot(struct acpiphp_slot *acpiphp_slot)
1146 int retval = -ENOMEM;
1147 + char name[SLOT_NAME_SIZE];
1149 slot = kzalloc(sizeof(*slot), GFP_KERNEL);
1151 @@ -321,8 +324,6 @@ int acpiphp_register_hotplug_slot(struct acpiphp_slot *acpiphp_slot)
1153 slot->hotplug_slot->info = &slot->info;
1155 - slot->hotplug_slot->name = slot->name;
1157 slot->hotplug_slot->private = slot;
1158 slot->hotplug_slot->release = &release_slot;
1159 slot->hotplug_slot->ops = &acpi_hotplug_slot_ops;
1160 @@ -336,11 +337,12 @@ int acpiphp_register_hotplug_slot(struct acpiphp_slot *acpiphp_slot)
1161 slot->hotplug_slot->info->cur_bus_speed = PCI_SPEED_UNKNOWN;
1163 acpiphp_slot->slot = slot;
1164 - snprintf(slot->name, sizeof(slot->name), "%u", slot->acpi_slot->sun);
1165 + snprintf(name, SLOT_NAME_SIZE, "%u", slot->acpi_slot->sun);
1167 retval = pci_hp_register(slot->hotplug_slot,
1168 acpiphp_slot->bridge->pci_bus,
1169 - acpiphp_slot->device);
1170 + acpiphp_slot->device,
1172 if (retval == -EBUSY)
1175 @@ -348,7 +350,7 @@ int acpiphp_register_hotplug_slot(struct acpiphp_slot *acpiphp_slot)
1179 - info("Slot [%s] registered\n", slot->hotplug_slot->name);
1180 + info("Slot [%s] registered\n", slot_name(slot));
1184 @@ -365,7 +367,7 @@ void acpiphp_unregister_hotplug_slot(struct acpiphp_slot *acpiphp_slot)
1185 struct slot *slot = acpiphp_slot->slot;
1188 - info ("Slot [%s] unregistered\n", slot->hotplug_slot->name);
1189 + info("Slot [%s] unregistered\n", slot_name(slot));
1191 retval = pci_hp_deregister(slot->hotplug_slot);
1193 diff --git a/drivers/pci/hotplug/cpci_hotplug.h b/drivers/pci/hotplug/cpci_hotplug.h
1194 index d9769b3..9fff878 100644
1195 --- a/drivers/pci/hotplug/cpci_hotplug.h
1196 +++ b/drivers/pci/hotplug/cpci_hotplug.h
1199 #include <linux/types.h>
1200 #include <linux/pci.h>
1201 +#include <linux/pci_hotplug.h>
1203 /* PICMG 2.1 R2.0 HS CSR bits: */
1204 #define HS_CSR_INS 0x0080
1205 @@ -69,6 +70,11 @@ struct cpci_hp_controller {
1206 struct cpci_hp_controller_ops *ops;
1209 +static inline const char *slot_name(struct slot *slot)
1211 + return hotplug_slot_name(slot->hotplug_slot);
1214 extern int cpci_hp_register_controller(struct cpci_hp_controller *controller);
1215 extern int cpci_hp_unregister_controller(struct cpci_hp_controller *controller);
1216 extern int cpci_hp_register_bus(struct pci_bus *bus, u8 first, u8 last);
1217 diff --git a/drivers/pci/hotplug/cpci_hotplug_core.c b/drivers/pci/hotplug/cpci_hotplug_core.c
1218 index 9359479..de94f4f 100644
1219 --- a/drivers/pci/hotplug/cpci_hotplug_core.c
1220 +++ b/drivers/pci/hotplug/cpci_hotplug_core.c
1221 @@ -108,7 +108,7 @@ enable_slot(struct hotplug_slot *hotplug_slot)
1222 struct slot *slot = hotplug_slot->private;
1225 - dbg("%s - physical_slot = %s", __func__, hotplug_slot->name);
1226 + dbg("%s - physical_slot = %s", __func__, slot_name(slot));
1228 if (controller->ops->set_power)
1229 retval = controller->ops->set_power(slot, 1);
1230 @@ -121,25 +121,23 @@ disable_slot(struct hotplug_slot *hotplug_slot)
1231 struct slot *slot = hotplug_slot->private;
1234 - dbg("%s - physical_slot = %s", __func__, hotplug_slot->name);
1235 + dbg("%s - physical_slot = %s", __func__, slot_name(slot));
1237 down_write(&list_rwsem);
1239 /* Unconfigure device */
1240 - dbg("%s - unconfiguring slot %s",
1241 - __func__, slot->hotplug_slot->name);
1242 + dbg("%s - unconfiguring slot %s", __func__, slot_name(slot));
1243 if ((retval = cpci_unconfigure_slot(slot))) {
1244 err("%s - could not unconfigure slot %s",
1245 - __func__, slot->hotplug_slot->name);
1246 + __func__, slot_name(slot));
1249 - dbg("%s - finished unconfiguring slot %s",
1250 - __func__, slot->hotplug_slot->name);
1251 + dbg("%s - finished unconfiguring slot %s", __func__, slot_name(slot));
1253 /* Clear EXT (by setting it) */
1254 if (cpci_clear_ext(slot)) {
1255 err("%s - could not clear EXT for slot %s",
1256 - __func__, slot->hotplug_slot->name);
1257 + __func__, slot_name(slot));
1261 @@ -214,7 +212,6 @@ static void release_slot(struct hotplug_slot *hotplug_slot)
1262 struct slot *slot = hotplug_slot->private;
1264 kfree(slot->hotplug_slot->info);
1265 - kfree(slot->hotplug_slot->name);
1266 kfree(slot->hotplug_slot);
1268 pci_dev_put(slot->dev);
1269 @@ -222,12 +219,6 @@ static void release_slot(struct hotplug_slot *hotplug_slot)
1272 #define SLOT_NAME_SIZE 6
1274 -make_slot_name(struct slot *slot)
1276 - snprintf(slot->hotplug_slot->name,
1277 - SLOT_NAME_SIZE, "%02x:%02x", slot->bus->number, slot->number);
1281 cpci_hp_register_bus(struct pci_bus *bus, u8 first, u8 last)
1282 @@ -235,7 +226,7 @@ cpci_hp_register_bus(struct pci_bus *bus, u8 first, u8 last)
1284 struct hotplug_slot *hotplug_slot;
1285 struct hotplug_slot_info *info;
1287 + char name[SLOT_NAME_SIZE];
1288 int status = -ENOMEM;
1291 @@ -262,34 +253,31 @@ cpci_hp_register_bus(struct pci_bus *bus, u8 first, u8 last)
1293 hotplug_slot->info = info;
1295 - name = kmalloc(SLOT_NAME_SIZE, GFP_KERNEL);
1298 - hotplug_slot->name = name;
1302 slot->devfn = PCI_DEVFN(i, 0);
1304 + snprintf(name, SLOT_NAME_SIZE, "%02x:%02x", bus->number, i);
1306 hotplug_slot->private = slot;
1307 hotplug_slot->release = &release_slot;
1308 - make_slot_name(slot);
1309 hotplug_slot->ops = &cpci_hotplug_slot_ops;
1312 * Initialize the slot info structure with some known
1315 - dbg("initializing slot %s", slot->hotplug_slot->name);
1316 + dbg("initializing slot %s", name);
1317 info->power_status = cpci_get_power_status(slot);
1318 info->attention_status = cpci_get_attention_status(slot);
1320 - dbg("registering slot %s", slot->hotplug_slot->name);
1321 - status = pci_hp_register(slot->hotplug_slot, bus, i);
1322 + dbg("registering slot %s", name);
1323 + status = pci_hp_register(slot->hotplug_slot, bus, i, name);
1325 err("pci_hp_register failed with error %d", status);
1329 + dbg("slot registered with name: %s", slot_name(slot));
1331 /* Add slot to our internal list */
1332 down_write(&list_rwsem);
1333 @@ -298,8 +286,6 @@ cpci_hp_register_bus(struct pci_bus *bus, u8 first, u8 last)
1334 up_write(&list_rwsem);
1342 @@ -327,7 +313,7 @@ cpci_hp_unregister_bus(struct pci_bus *bus)
1343 list_del(&slot->slot_list);
1346 - dbg("deregistering slot %s", slot->hotplug_slot->name);
1347 + dbg("deregistering slot %s", slot_name(slot));
1348 status = pci_hp_deregister(slot->hotplug_slot);
1350 err("pci_hp_deregister failed with error %d",
1351 @@ -379,11 +365,10 @@ init_slots(int clear_ins)
1354 list_for_each_entry(slot, &slot_list, slot_list) {
1355 - dbg("%s - looking at slot %s",
1356 - __func__, slot->hotplug_slot->name);
1357 + dbg("%s - looking at slot %s", __func__, slot_name(slot));
1358 if (clear_ins && cpci_check_and_clear_ins(slot))
1359 dbg("%s - cleared INS for slot %s",
1360 - __func__, slot->hotplug_slot->name);
1361 + __func__, slot_name(slot));
1362 dev = pci_get_slot(slot->bus, PCI_DEVFN(slot->number, 0));
1364 if (update_adapter_status(slot->hotplug_slot, 1))
1365 @@ -414,8 +399,7 @@ check_slots(void)
1367 extracted = inserted = 0;
1368 list_for_each_entry(slot, &slot_list, slot_list) {
1369 - dbg("%s - looking at slot %s",
1370 - __func__, slot->hotplug_slot->name);
1371 + dbg("%s - looking at slot %s", __func__, slot_name(slot));
1372 if (cpci_check_and_clear_ins(slot)) {
1374 * Some broken hardware (e.g. PLX 9054AB) asserts
1375 @@ -423,35 +407,34 @@ check_slots(void)
1378 warn("slot %s already inserted",
1379 - slot->hotplug_slot->name);
1385 /* Process insertion */
1386 - dbg("%s - slot %s inserted",
1387 - __func__, slot->hotplug_slot->name);
1388 + dbg("%s - slot %s inserted", __func__, slot_name(slot));
1391 hs_csr = cpci_get_hs_csr(slot);
1392 dbg("%s - slot %s HS_CSR (1) = %04x",
1393 - __func__, slot->hotplug_slot->name, hs_csr);
1394 + __func__, slot_name(slot), hs_csr);
1396 /* Configure device */
1397 dbg("%s - configuring slot %s",
1398 - __func__, slot->hotplug_slot->name);
1399 + __func__, slot_name(slot));
1400 if (cpci_configure_slot(slot)) {
1401 err("%s - could not configure slot %s",
1402 - __func__, slot->hotplug_slot->name);
1403 + __func__, slot_name(slot));
1406 dbg("%s - finished configuring slot %s",
1407 - __func__, slot->hotplug_slot->name);
1408 + __func__, slot_name(slot));
1411 hs_csr = cpci_get_hs_csr(slot);
1412 dbg("%s - slot %s HS_CSR (2) = %04x",
1413 - __func__, slot->hotplug_slot->name, hs_csr);
1414 + __func__, slot_name(slot), hs_csr);
1416 if (update_latch_status(slot->hotplug_slot, 1))
1417 warn("failure to update latch file");
1418 @@ -464,18 +447,18 @@ check_slots(void)
1420 hs_csr = cpci_get_hs_csr(slot);
1421 dbg("%s - slot %s HS_CSR (3) = %04x",
1422 - __func__, slot->hotplug_slot->name, hs_csr);
1423 + __func__, slot_name(slot), hs_csr);
1426 } else if (cpci_check_ext(slot)) {
1427 /* Process extraction request */
1428 dbg("%s - slot %s extracted",
1429 - __func__, slot->hotplug_slot->name);
1430 + __func__, slot_name(slot));
1433 hs_csr = cpci_get_hs_csr(slot);
1434 dbg("%s - slot %s HS_CSR = %04x",
1435 - __func__, slot->hotplug_slot->name, hs_csr);
1436 + __func__, slot_name(slot), hs_csr);
1438 if (!slot->extracting) {
1439 if (update_latch_status(slot->hotplug_slot, 0)) {
1440 @@ -493,7 +476,7 @@ check_slots(void)
1441 * bother trying to tell the driver or not?
1443 err("card in slot %s was improperly removed",
1444 - slot->hotplug_slot->name);
1446 if (update_adapter_status(slot->hotplug_slot, 0))
1447 warn("failure to update adapter file");
1448 slot->extracting = 0;
1449 diff --git a/drivers/pci/hotplug/cpci_hotplug_pci.c b/drivers/pci/hotplug/cpci_hotplug_pci.c
1450 index df82b95..829c327 100644
1451 --- a/drivers/pci/hotplug/cpci_hotplug_pci.c
1452 +++ b/drivers/pci/hotplug/cpci_hotplug_pci.c
1453 @@ -209,7 +209,7 @@ int cpci_led_on(struct slot* slot)
1456 err("Could not set LOO for slot %s",
1457 - slot->hotplug_slot->name);
1458 + hotplug_slot_name(slot->hotplug_slot));
1462 @@ -238,7 +238,7 @@ int cpci_led_off(struct slot* slot)
1465 err("Could not clear LOO for slot %s",
1466 - slot->hotplug_slot->name);
1467 + hotplug_slot_name(slot->hotplug_slot));
1471 diff --git a/drivers/pci/hotplug/cpqphp.h b/drivers/pci/hotplug/cpqphp.h
1472 index b1decfa..afaf8f6 100644
1473 --- a/drivers/pci/hotplug/cpqphp.h
1474 +++ b/drivers/pci/hotplug/cpqphp.h
1475 @@ -449,6 +449,11 @@ extern u8 cpqhp_disk_irq;
1477 /* inline functions */
1479 +static inline char *slot_name(struct slot *slot)
1481 + return hotplug_slot_name(slot->hotplug_slot);
1487 @@ -696,14 +701,6 @@ static inline int get_presence_status(struct controller *ctrl, struct slot *slot
1488 return presence_save;
1491 -#define SLOT_NAME_SIZE 10
1493 -static inline void make_slot_name(char *buffer, int buffer_size, struct slot *slot)
1495 - snprintf(buffer, buffer_size, "%d", slot->number);
1499 static inline int wait_for_ctrl_irq(struct controller *ctrl)
1501 DECLARE_WAITQUEUE(wait, current);
1502 diff --git a/drivers/pci/hotplug/cpqphp_core.c b/drivers/pci/hotplug/cpqphp_core.c
1503 index 87a68d2..8514c3a 100644
1504 --- a/drivers/pci/hotplug/cpqphp_core.c
1505 +++ b/drivers/pci/hotplug/cpqphp_core.c
1506 @@ -315,14 +315,15 @@ static void release_slot(struct hotplug_slot *hotplug_slot)
1508 struct slot *slot = hotplug_slot->private;
1510 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1511 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1513 kfree(slot->hotplug_slot->info);
1514 - kfree(slot->hotplug_slot->name);
1515 kfree(slot->hotplug_slot);
1519 +#define SLOT_NAME_SIZE 10
1521 static int ctrl_slot_setup(struct controller *ctrl,
1522 void __iomem *smbios_start,
1523 void __iomem *smbios_table)
1524 @@ -335,6 +336,7 @@ static int ctrl_slot_setup(struct controller *ctrl,
1528 + char name[SLOT_NAME_SIZE];
1529 void __iomem *slot_entry= NULL;
1530 int result = -ENOMEM;
1532 @@ -363,16 +365,12 @@ static int ctrl_slot_setup(struct controller *ctrl,
1533 if (!hotplug_slot->info)
1535 hotplug_slot_info = hotplug_slot->info;
1536 - hotplug_slot->name = kmalloc(SLOT_NAME_SIZE, GFP_KERNEL);
1538 - if (!hotplug_slot->name)
1542 slot->bus = ctrl->bus;
1543 slot->device = slot_device;
1544 slot->number = slot_number;
1545 - dbg("slot->number = %d\n", slot->number);
1546 + dbg("slot->number = %u\n", slot->number);
1548 slot_entry = get_SMBIOS_entry(smbios_start, smbios_table, 9,
1550 @@ -418,9 +416,9 @@ static int ctrl_slot_setup(struct controller *ctrl,
1551 /* register this slot with the hotplug pci core */
1552 hotplug_slot->release = &release_slot;
1553 hotplug_slot->private = slot;
1554 - make_slot_name(hotplug_slot->name, SLOT_NAME_SIZE, slot);
1555 + snprintf(name, SLOT_NAME_SIZE, "%u", slot->number);
1556 hotplug_slot->ops = &cpqphp_hotplug_slot_ops;
1559 hotplug_slot_info->power_status = get_slot_enabled(ctrl, slot);
1560 hotplug_slot_info->attention_status =
1561 cpq_get_attention_status(ctrl, slot);
1562 @@ -436,10 +434,11 @@ static int ctrl_slot_setup(struct controller *ctrl,
1564 result = pci_hp_register(hotplug_slot,
1570 err("pci_hp_register failed with error %d\n", result);
1575 slot->next = ctrl->slot;
1576 @@ -451,8 +450,6 @@ static int ctrl_slot_setup(struct controller *ctrl,
1581 - kfree(hotplug_slot->name);
1583 kfree(hotplug_slot_info);
1585 @@ -638,7 +635,7 @@ static int set_attention_status (struct hotplug_slot *hotplug_slot, u8 status)
1589 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1590 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1592 if (cpqhp_get_bus_dev(ctrl, &bus, &devfn, slot->number) == -1)
1594 @@ -665,7 +662,7 @@ static int process_SI(struct hotplug_slot *hotplug_slot)
1598 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1599 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1601 if (cpqhp_get_bus_dev(ctrl, &bus, &devfn, slot->number) == -1)
1603 @@ -697,7 +694,7 @@ static int process_SS(struct hotplug_slot *hotplug_slot)
1607 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1608 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1610 if (cpqhp_get_bus_dev(ctrl, &bus, &devfn, slot->number) == -1)
1612 @@ -720,7 +717,7 @@ static int hardware_test(struct hotplug_slot *hotplug_slot, u32 value)
1613 struct slot *slot = hotplug_slot->private;
1614 struct controller *ctrl = slot->ctrl;
1616 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1617 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1619 return cpqhp_hardware_test(ctrl, value);
1621 @@ -731,7 +728,7 @@ static int get_power_status(struct hotplug_slot *hotplug_slot, u8 *value)
1622 struct slot *slot = hotplug_slot->private;
1623 struct controller *ctrl = slot->ctrl;
1625 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1626 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1628 *value = get_slot_enabled(ctrl, slot);
1630 @@ -742,7 +739,7 @@ static int get_attention_status(struct hotplug_slot *hotplug_slot, u8 *value)
1631 struct slot *slot = hotplug_slot->private;
1632 struct controller *ctrl = slot->ctrl;
1634 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1635 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1637 *value = cpq_get_attention_status(ctrl, slot);
1639 @@ -753,7 +750,7 @@ static int get_latch_status(struct hotplug_slot *hotplug_slot, u8 *value)
1640 struct slot *slot = hotplug_slot->private;
1641 struct controller *ctrl = slot->ctrl;
1643 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1644 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1646 *value = cpq_get_latch_status(ctrl, slot);
1648 @@ -765,7 +762,7 @@ static int get_adapter_status(struct hotplug_slot *hotplug_slot, u8 *value)
1649 struct slot *slot = hotplug_slot->private;
1650 struct controller *ctrl = slot->ctrl;
1652 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1653 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1655 *value = get_presence_status(ctrl, slot);
1657 @@ -777,7 +774,7 @@ static int get_max_bus_speed (struct hotplug_slot *hotplug_slot, enum pci_bus_sp
1658 struct slot *slot = hotplug_slot->private;
1659 struct controller *ctrl = slot->ctrl;
1661 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1662 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1664 *value = ctrl->speed_capability;
1666 @@ -789,7 +786,7 @@ static int get_cur_bus_speed (struct hotplug_slot *hotplug_slot, enum pci_bus_sp
1667 struct slot *slot = hotplug_slot->private;
1668 struct controller *ctrl = slot->ctrl;
1670 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
1671 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
1673 *value = ctrl->speed;
1675 diff --git a/drivers/pci/hotplug/fakephp.c b/drivers/pci/hotplug/fakephp.c
1676 index 146ca9c..24dcbf1 100644
1677 --- a/drivers/pci/hotplug/fakephp.c
1678 +++ b/drivers/pci/hotplug/fakephp.c
1679 @@ -66,7 +66,6 @@ struct dummy_slot {
1680 struct pci_dev *dev;
1681 struct work_struct remove_work;
1682 unsigned long removed;
1687 @@ -96,10 +95,13 @@ static void dummy_release(struct hotplug_slot *slot)
1691 +#define SLOT_NAME_SIZE 8
1693 static int add_slot(struct pci_dev *dev)
1695 struct dummy_slot *dslot;
1696 struct hotplug_slot *slot;
1697 + char name[SLOT_NAME_SIZE];
1698 int retval = -ENOMEM;
1699 static int count = 1;
1701 @@ -119,19 +121,18 @@ static int add_slot(struct pci_dev *dev)
1705 - slot->name = dslot->name;
1706 - snprintf(slot->name, sizeof(dslot->name), "fake%d", count++);
1707 - dbg("slot->name = %s\n", slot->name);
1708 + snprintf(name, SLOT_NAME_SIZE, "fake%d", count++);
1709 slot->ops = &dummy_hotplug_slot_ops;
1710 slot->release = &dummy_release;
1711 slot->private = dslot;
1713 - retval = pci_hp_register(slot, dev->bus, PCI_SLOT(dev->devfn));
1714 + retval = pci_hp_register(slot, dev->bus, PCI_SLOT(dev->devfn), name);
1716 err("pci_hp_register failed with error %d\n", retval);
1720 + dbg("slot->name = %s\n", hotplug_slot_name(slot));
1722 dslot->dev = pci_dev_get(dev);
1723 list_add (&dslot->node, &slot_list);
1724 @@ -167,10 +168,11 @@ static void remove_slot(struct dummy_slot *dslot)
1728 - dbg("removing slot %s\n", dslot->slot->name);
1729 + dbg("removing slot %s\n", hotplug_slot_name(dslot->slot));
1730 retval = pci_hp_deregister(dslot->slot);
1732 - err("Problem unregistering a slot %s\n", dslot->slot->name);
1733 + err("Problem unregistering a slot %s\n",
1734 + hotplug_slot_name(dslot->slot));
1737 /* called from the single-threaded workqueue handler to remove a slot */
1738 @@ -308,7 +310,7 @@ static int disable_slot(struct hotplug_slot *slot)
1740 dslot = slot->private;
1742 - dbg("%s - physical_slot = %s\n", __func__, slot->name);
1743 + dbg("%s - physical_slot = %s\n", __func__, hotplug_slot_name(slot));
1745 for (func = 7; func >= 0; func--) {
1746 dev = pci_get_slot(dslot->dev->bus, dslot->dev->devfn + func);
1747 diff --git a/drivers/pci/hotplug/ibmphp.h b/drivers/pci/hotplug/ibmphp.h
1748 index 612d963..a8d391a 100644
1749 --- a/drivers/pci/hotplug/ibmphp.h
1750 +++ b/drivers/pci/hotplug/ibmphp.h
1751 @@ -707,17 +707,16 @@ struct slot {
1754 u8 real_physical_slot_num;
1758 u8 supported_bus_mode;
1759 + u8 flag; /* this is for disable slot and polling */
1761 struct hotplug_slot *hotplug_slot;
1762 struct controller *ctrl;
1763 struct pci_func *func;
1765 - u8 flag; /* this is for disable slot and polling */
1766 int bit_mode; /* 0 = 32, 1 = 64 */
1768 struct bus_info *bus_on;
1769 struct list_head ibm_slot_list;
1771 diff --git a/drivers/pci/hotplug/ibmphp_ebda.c b/drivers/pci/hotplug/ibmphp_ebda.c
1772 index 8467d02..8431246 100644
1773 --- a/drivers/pci/hotplug/ibmphp_ebda.c
1774 +++ b/drivers/pci/hotplug/ibmphp_ebda.c
1775 @@ -620,11 +620,14 @@ static u8 calculate_first_slot (u8 slot_num)
1776 return first_slot + 1;
1780 +#define SLOT_NAME_SIZE 30
1782 static char *create_file_name (struct slot * slot_cur)
1784 struct opt_rio *opt_vg_ptr = NULL;
1785 struct opt_rio_lo *opt_lo_ptr = NULL;
1786 - static char str[30];
1787 + static char str[SLOT_NAME_SIZE];
1788 int which = 0; /* rxe = 1, chassis = 0 */
1789 u8 number = 1; /* either chassis or rxe # */
1791 @@ -736,7 +739,6 @@ static void release_slot(struct hotplug_slot *hotplug_slot)
1793 slot = hotplug_slot->private;
1794 kfree(slot->hotplug_slot->info);
1795 - kfree(slot->hotplug_slot->name);
1796 kfree(slot->hotplug_slot);
1798 slot->bus_on = NULL;
1799 @@ -768,6 +770,7 @@ static int __init ebda_rsrc_controller (void)
1801 struct slot *tmp_slot;
1802 struct list_head *list;
1803 + char name[SLOT_NAME_SIZE];
1805 addr = hpc_list_ptr->phys_addr;
1806 for (ctlr = 0; ctlr < hpc_list_ptr->num_ctlrs; ctlr++) {
1807 @@ -931,12 +934,6 @@ static int __init ebda_rsrc_controller (void)
1808 goto error_no_hp_info;
1811 - hp_slot_ptr->name = kmalloc(30, GFP_KERNEL);
1812 - if (!hp_slot_ptr->name) {
1814 - goto error_no_hp_name;
1817 tmp_slot = kzalloc(sizeof(*tmp_slot), GFP_KERNEL);
1820 @@ -1000,9 +997,9 @@ static int __init ebda_rsrc_controller (void)
1821 list_for_each (list, &ibmphp_slot_head) {
1822 tmp_slot = list_entry (list, struct slot, ibm_slot_list);
1824 - snprintf (tmp_slot->hotplug_slot->name, 30, "%s", create_file_name (tmp_slot));
1825 + snprintf(name, SLOT_NAME_SIZE, "%s", create_file_name(tmp_slot));
1826 pci_hp_register(tmp_slot->hotplug_slot,
1827 - pci_find_bus(0, tmp_slot->bus), tmp_slot->device);
1828 + pci_find_bus(0, tmp_slot->bus), tmp_slot->device, name);
1832 @@ -1012,8 +1009,6 @@ static int __init ebda_rsrc_controller (void)
1834 kfree (hp_slot_ptr->private);
1836 - kfree (hp_slot_ptr->name);
1838 kfree (hp_slot_ptr->info);
1840 kfree (hp_slot_ptr);
1841 diff --git a/drivers/pci/hotplug/pci_hotplug_core.c b/drivers/pci/hotplug/pci_hotplug_core.c
1842 index 5f85b1b..4871b96 100644
1843 --- a/drivers/pci/hotplug/pci_hotplug_core.c
1844 +++ b/drivers/pci/hotplug/pci_hotplug_core.c
1846 #include <linux/init.h>
1847 #include <linux/mount.h>
1848 #include <linux/namei.h>
1849 +#include <linux/mutex.h>
1850 #include <linux/pci.h>
1851 #include <linux/pci_hotplug.h>
1852 #include <asm/uaccess.h>
1853 @@ -61,7 +62,7 @@ static int debug;
1854 //////////////////////////////////////////////////////////////////
1856 static LIST_HEAD(pci_hotplug_slot_list);
1857 -static DEFINE_SPINLOCK(pci_hotplug_slot_list_lock);
1858 +static DEFINE_MUTEX(pci_hp_mutex);
1860 /* these strings match up with the values in pci_bus_speed */
1861 static char *pci_bus_speed_strings[] = {
1862 @@ -530,16 +531,12 @@ static struct hotplug_slot *get_slot_from_name (const char *name)
1863 struct hotplug_slot *slot;
1864 struct list_head *tmp;
1866 - spin_lock(&pci_hotplug_slot_list_lock);
1867 list_for_each (tmp, &pci_hotplug_slot_list) {
1868 slot = list_entry (tmp, struct hotplug_slot, slot_list);
1869 - if (strcmp(slot->name, name) == 0)
1871 + if (strcmp(hotplug_slot_name(slot), name) == 0)
1876 - spin_unlock(&pci_hotplug_slot_list_lock);
1882 @@ -547,13 +544,15 @@ out:
1883 * @bus: bus this slot is on
1884 * @slot: pointer to the &struct hotplug_slot to register
1885 * @slot_nr: slot number
1886 + * @name: name registered with kobject core
1888 * Registers a hotplug slot with the pci hotplug subsystem, which will allow
1889 * userspace interaction to the slot.
1891 * Returns 0 if successful, anything else for an error.
1893 -int pci_hp_register(struct hotplug_slot *slot, struct pci_bus *bus, int slot_nr)
1894 +int pci_hp_register(struct hotplug_slot *slot, struct pci_bus *bus, int slot_nr,
1898 struct pci_slot *pci_slot;
1899 @@ -568,48 +567,29 @@ int pci_hp_register(struct hotplug_slot *slot, struct pci_bus *bus, int slot_nr)
1903 - /* Check if we have already registered a slot with the same name. */
1904 - if (get_slot_from_name(slot->name))
1906 + mutex_lock(&pci_hp_mutex);
1909 * No problems if we call this interface from both ACPI_PCI_SLOT
1910 * driver and call it here again. If we've already created the
1911 * pci_slot, the interface will simply bump the refcount.
1913 - pci_slot = pci_create_slot(bus, slot_nr, slot->name);
1914 - if (IS_ERR(pci_slot))
1915 - return PTR_ERR(pci_slot);
1917 - if (pci_slot->hotplug) {
1918 - dbg("%s: already claimed\n", __func__);
1919 - pci_destroy_slot(pci_slot);
1921 + pci_slot = pci_create_slot(bus, slot_nr, name, slot);
1922 + if (IS_ERR(pci_slot)) {
1923 + result = PTR_ERR(pci_slot);
1927 slot->pci_slot = pci_slot;
1928 pci_slot->hotplug = slot;
1931 - * Allow pcihp drivers to override the ACPI_PCI_SLOT name.
1933 - if (strcmp(kobject_name(&pci_slot->kobj), slot->name)) {
1934 - result = kobject_rename(&pci_slot->kobj, slot->name);
1936 - pci_destroy_slot(pci_slot);
1941 - spin_lock(&pci_hotplug_slot_list_lock);
1942 list_add(&slot->slot_list, &pci_hotplug_slot_list);
1943 - spin_unlock(&pci_hotplug_slot_list_lock);
1945 result = fs_add_slot(pci_slot);
1946 kobject_uevent(&pci_slot->kobj, KOBJ_ADD);
1947 - dbg("Added slot %s to the list\n", slot->name);
1950 + dbg("Added slot %s to the list\n", name);
1952 + mutex_unlock(&pci_hp_mutex);
1956 @@ -630,21 +610,23 @@ int pci_hp_deregister(struct hotplug_slot *hotplug)
1960 - temp = get_slot_from_name(hotplug->name);
1961 - if (temp != hotplug)
1962 + mutex_lock(&pci_hp_mutex);
1963 + temp = get_slot_from_name(hotplug_slot_name(hotplug));
1964 + if (temp != hotplug) {
1965 + mutex_unlock(&pci_hp_mutex);
1969 - spin_lock(&pci_hotplug_slot_list_lock);
1970 list_del(&hotplug->slot_list);
1971 - spin_unlock(&pci_hotplug_slot_list_lock);
1973 slot = hotplug->pci_slot;
1974 fs_remove_slot(slot);
1975 - dbg("Removed slot %s from the list\n", hotplug->name);
1976 + dbg("Removed slot %s from the list\n", hotplug_slot_name(hotplug));
1978 hotplug->release(hotplug);
1979 slot->hotplug = NULL;
1980 pci_destroy_slot(slot);
1981 + mutex_unlock(&pci_hp_mutex);
1985 diff --git a/drivers/pci/hotplug/pciehp.h b/drivers/pci/hotplug/pciehp.h
1986 index 9e6cec6..0187af7 100644
1987 --- a/drivers/pci/hotplug/pciehp.h
1988 +++ b/drivers/pci/hotplug/pciehp.h
1989 @@ -61,15 +61,13 @@ extern struct workqueue_struct *pciehp_wq;
1995 - struct timer_list task_event;
1998 struct controller *ctrl;
1999 struct hpc_ops *hpc_ops;
2000 struct hotplug_slot *hotplug_slot;
2001 struct list_head slot_list;
2002 - char name[SLOT_NAME_SIZE];
2003 unsigned long last_emi_toggle;
2004 struct delayed_work work; /* work for button event */
2006 @@ -161,6 +159,11 @@ int pciehp_enable_slot(struct slot *p_slot);
2007 int pciehp_disable_slot(struct slot *p_slot);
2008 int pcie_enable_notification(struct controller *ctrl);
2010 +static inline const char *slot_name(struct slot *slot)
2012 + return hotplug_slot_name(slot->hotplug_slot);
2015 static inline struct slot *pciehp_find_slot(struct controller *ctrl, u8 device)
2018 diff --git a/drivers/pci/hotplug/pciehp_core.c b/drivers/pci/hotplug/pciehp_core.c
2019 index 4fd5355..6e18736 100644
2020 --- a/drivers/pci/hotplug/pciehp_core.c
2021 +++ b/drivers/pci/hotplug/pciehp_core.c
2022 @@ -180,7 +180,8 @@ static struct hotplug_slot_attribute hotplug_slot_attr_lock = {
2024 static void release_slot(struct hotplug_slot *hotplug_slot)
2026 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2027 + dbg("%s - physical_slot = %s\n", __func__,
2028 + hotplug_slot_name(hotplug_slot));
2030 kfree(hotplug_slot->info);
2031 kfree(hotplug_slot);
2032 @@ -191,7 +192,7 @@ static int init_slots(struct controller *ctrl)
2034 struct hotplug_slot *hotplug_slot;
2035 struct hotplug_slot_info *info;
2037 + char name[SLOT_NAME_SIZE];
2038 int retval = -ENOMEM;
2040 list_for_each_entry(slot, &ctrl->slot_list, slot_list) {
2041 @@ -205,39 +206,27 @@ static int init_slots(struct controller *ctrl)
2043 /* register this slot with the hotplug pci core */
2044 hotplug_slot->info = info;
2045 - hotplug_slot->name = slot->name;
2046 hotplug_slot->private = slot;
2047 hotplug_slot->release = &release_slot;
2048 hotplug_slot->ops = &pciehp_hotplug_slot_ops;
2049 - get_power_status(hotplug_slot, &info->power_status);
2050 - get_attention_status(hotplug_slot, &info->attention_status);
2051 - get_latch_status(hotplug_slot, &info->latch_status);
2052 - get_adapter_status(hotplug_slot, &info->adapter_status);
2053 slot->hotplug_slot = hotplug_slot;
2054 + snprintf(name, SLOT_NAME_SIZE, "%u", slot->number);
2056 dbg("Registering bus=%x dev=%x hp_slot=%x sun=%x "
2057 "slot_device_offset=%x\n", slot->bus, slot->device,
2058 slot->hp_slot, slot->number, ctrl->slot_device_offset);
2060 retval = pci_hp_register(hotplug_slot,
2061 ctrl->pci_dev->subordinate,
2067 - * If slot N already exists, we'll try to create
2068 - * slot N-1, N-2 ... N-M, until we overflow.
2070 - if (retval == -EEXIST) {
2071 - len = snprintf(slot->name, SLOT_NAME_SIZE,
2072 - "%d-%d", slot->number, dup++);
2073 - if (len < SLOT_NAME_SIZE)
2074 - goto duplicate_name;
2076 - err("duplicate slot name overflow\n");
2078 err("pci_hp_register failed with error %d\n", retval);
2081 + get_power_status(hotplug_slot, &info->power_status);
2082 + get_attention_status(hotplug_slot, &info->attention_status);
2083 + get_latch_status(hotplug_slot, &info->latch_status);
2084 + get_adapter_status(hotplug_slot, &info->adapter_status);
2085 /* create additional sysfs entries */
2087 retval = sysfs_create_file(&hotplug_slot->pci_slot->kobj,
2088 @@ -278,7 +267,7 @@ static int set_attention_status(struct hotplug_slot *hotplug_slot, u8 status)
2090 struct slot *slot = hotplug_slot->private;
2092 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2093 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2095 hotplug_slot->info->attention_status = status;
2097 @@ -293,7 +282,7 @@ static int enable_slot(struct hotplug_slot *hotplug_slot)
2099 struct slot *slot = hotplug_slot->private;
2101 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2102 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2104 return pciehp_sysfs_enable_slot(slot);
2106 @@ -303,7 +292,7 @@ static int disable_slot(struct hotplug_slot *hotplug_slot)
2108 struct slot *slot = hotplug_slot->private;
2110 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2111 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2113 return pciehp_sysfs_disable_slot(slot);
2115 @@ -313,7 +302,7 @@ static int get_power_status(struct hotplug_slot *hotplug_slot, u8 *value)
2116 struct slot *slot = hotplug_slot->private;
2119 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2120 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2122 retval = slot->hpc_ops->get_power_status(slot, value);
2124 @@ -327,7 +316,7 @@ static int get_attention_status(struct hotplug_slot *hotplug_slot, u8 *value)
2125 struct slot *slot = hotplug_slot->private;
2128 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2129 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2131 retval = slot->hpc_ops->get_attention_status(slot, value);
2133 @@ -341,7 +330,7 @@ static int get_latch_status(struct hotplug_slot *hotplug_slot, u8 *value)
2134 struct slot *slot = hotplug_slot->private;
2137 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2138 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2140 retval = slot->hpc_ops->get_latch_status(slot, value);
2142 @@ -355,7 +344,7 @@ static int get_adapter_status(struct hotplug_slot *hotplug_slot, u8 *value)
2143 struct slot *slot = hotplug_slot->private;
2146 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2147 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2149 retval = slot->hpc_ops->get_adapter_status(slot, value);
2151 @@ -370,7 +359,7 @@ static int get_max_bus_speed(struct hotplug_slot *hotplug_slot,
2152 struct slot *slot = hotplug_slot->private;
2155 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2156 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2158 retval = slot->hpc_ops->get_max_bus_speed(slot, value);
2160 @@ -384,7 +373,7 @@ static int get_cur_bus_speed(struct hotplug_slot *hotplug_slot, enum pci_bus_spe
2161 struct slot *slot = hotplug_slot->private;
2164 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2165 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2167 retval = slot->hpc_ops->get_cur_bus_speed(slot, value);
2169 diff --git a/drivers/pci/hotplug/pciehp_ctrl.c b/drivers/pci/hotplug/pciehp_ctrl.c
2170 index 96a5d55..7266fbd 100644
2171 --- a/drivers/pci/hotplug/pciehp_ctrl.c
2172 +++ b/drivers/pci/hotplug/pciehp_ctrl.c
2173 @@ -65,7 +65,7 @@ u8 pciehp_handle_attention_button(struct slot *p_slot)
2175 * Button pressed - See if need to TAKE ACTION!!!
2177 - info("Button pressed on Slot(%s)\n", p_slot->name);
2178 + info("Button pressed on Slot(%s)\n", slot_name(p_slot));
2179 event_type = INT_BUTTON_PRESS;
2181 queue_interrupt_event(p_slot, event_type);
2182 @@ -86,13 +86,13 @@ u8 pciehp_handle_switch_change(struct slot *p_slot)
2186 - info("Latch open on Slot(%s)\n", p_slot->name);
2187 + info("Latch open on Slot(%s)\n", slot_name(p_slot));
2188 event_type = INT_SWITCH_OPEN;
2193 - info("Latch close on Slot(%s)\n", p_slot->name);
2194 + info("Latch close on Slot(%s)\n", slot_name(p_slot));
2195 event_type = INT_SWITCH_CLOSE;
2198 @@ -117,13 +117,13 @@ u8 pciehp_handle_presence_change(struct slot *p_slot)
2202 - info("Card present on Slot(%s)\n", p_slot->name);
2203 + info("Card present on Slot(%s)\n", slot_name(p_slot));
2204 event_type = INT_PRESENCE_ON;
2209 - info("Card not present on Slot(%s)\n", p_slot->name);
2210 + info("Card not present on Slot(%s)\n", slot_name(p_slot));
2211 event_type = INT_PRESENCE_OFF;
2214 @@ -143,13 +143,13 @@ u8 pciehp_handle_power_fault(struct slot *p_slot)
2216 * power fault Cleared
2218 - info("Power fault cleared on Slot(%s)\n", p_slot->name);
2219 + info("Power fault cleared on Slot(%s)\n", slot_name(p_slot));
2220 event_type = INT_POWER_FAULT_CLEAR;
2225 - info("Power fault on Slot(%s)\n", p_slot->name);
2226 + info("Power fault on Slot(%s)\n", slot_name(p_slot));
2227 event_type = INT_POWER_FAULT;
2228 info("power fault bit %x set\n", 0);
2230 @@ -404,11 +404,11 @@ static void handle_button_press_event(struct slot *p_slot)
2232 p_slot->state = BLINKINGOFF_STATE;
2233 info("PCI slot #%s - powering off due to button "
2234 - "press.\n", p_slot->name);
2235 + "press.\n", slot_name(p_slot));
2237 p_slot->state = BLINKINGON_STATE;
2238 info("PCI slot #%s - powering on due to button "
2239 - "press.\n", p_slot->name);
2240 + "press.\n", slot_name(p_slot));
2242 /* blink green LED and turn off amber */
2244 @@ -425,7 +425,7 @@ static void handle_button_press_event(struct slot *p_slot)
2245 * press the attention again before the 5 sec. limit
2246 * expires to cancel hot-add or hot-remove
2248 - info("Button cancel on Slot(%s)\n", p_slot->name);
2249 + info("Button cancel on Slot(%s)\n", slot_name(p_slot));
2250 dbg("%s: button cancel\n", __func__);
2251 cancel_delayed_work(&p_slot->work);
2252 if (p_slot->state == BLINKINGOFF_STATE) {
2253 @@ -438,7 +438,7 @@ static void handle_button_press_event(struct slot *p_slot)
2255 p_slot->hpc_ops->set_attention_status(p_slot, 0);
2256 info("PCI slot #%s - action canceled due to button press\n",
2258 + slot_name(p_slot));
2259 p_slot->state = STATIC_STATE;
2261 case POWEROFF_STATE:
2262 @@ -448,7 +448,7 @@ static void handle_button_press_event(struct slot *p_slot)
2263 * this means that the previous attention button action
2264 * to hot-add or hot-remove is undergoing
2266 - info("Button ignore on Slot(%s)\n", p_slot->name);
2267 + info("Button ignore on Slot(%s)\n", slot_name(p_slot));
2268 update_slot_info(p_slot);
2271 @@ -529,7 +529,7 @@ int pciehp_enable_slot(struct slot *p_slot)
2272 rc = p_slot->hpc_ops->get_adapter_status(p_slot, &getstatus);
2273 if (rc || !getstatus) {
2274 info("%s: no adapter on slot(%s)\n", __func__,
2276 + slot_name(p_slot));
2277 mutex_unlock(&p_slot->ctrl->crit_sect);
2280 @@ -537,7 +537,7 @@ int pciehp_enable_slot(struct slot *p_slot)
2281 rc = p_slot->hpc_ops->get_latch_status(p_slot, &getstatus);
2282 if (rc || getstatus) {
2283 info("%s: latch open on slot(%s)\n", __func__,
2285 + slot_name(p_slot));
2286 mutex_unlock(&p_slot->ctrl->crit_sect);
2289 @@ -547,7 +547,7 @@ int pciehp_enable_slot(struct slot *p_slot)
2290 rc = p_slot->hpc_ops->get_power_status(p_slot, &getstatus);
2291 if (rc || getstatus) {
2292 info("%s: already enabled on slot(%s)\n", __func__,
2294 + slot_name(p_slot));
2295 mutex_unlock(&p_slot->ctrl->crit_sect);
2298 @@ -582,7 +582,7 @@ int pciehp_disable_slot(struct slot *p_slot)
2299 ret = p_slot->hpc_ops->get_adapter_status(p_slot, &getstatus);
2300 if (ret || !getstatus) {
2301 info("%s: no adapter on slot(%s)\n", __func__,
2303 + slot_name(p_slot));
2304 mutex_unlock(&p_slot->ctrl->crit_sect);
2307 @@ -592,7 +592,7 @@ int pciehp_disable_slot(struct slot *p_slot)
2308 ret = p_slot->hpc_ops->get_latch_status(p_slot, &getstatus);
2309 if (ret || getstatus) {
2310 info("%s: latch open on slot(%s)\n", __func__,
2312 + slot_name(p_slot));
2313 mutex_unlock(&p_slot->ctrl->crit_sect);
2316 @@ -602,7 +602,7 @@ int pciehp_disable_slot(struct slot *p_slot)
2317 ret = p_slot->hpc_ops->get_power_status(p_slot, &getstatus);
2318 if (ret || !getstatus) {
2319 info("%s: already disabled slot(%s)\n", __func__,
2321 + slot_name(p_slot));
2322 mutex_unlock(&p_slot->ctrl->crit_sect);
2325 @@ -632,14 +632,14 @@ int pciehp_sysfs_enable_slot(struct slot *p_slot)
2328 info("Slot %s is already in powering on state\n",
2330 + slot_name(p_slot));
2332 case BLINKINGOFF_STATE:
2333 case POWEROFF_STATE:
2334 - info("Already enabled on slot %s\n", p_slot->name);
2335 + info("Already enabled on slot %s\n", slot_name(p_slot));
2338 - err("Not a valid state on slot %s\n", p_slot->name);
2339 + err("Not a valid state on slot %s\n", slot_name(p_slot));
2342 mutex_unlock(&p_slot->lock);
2343 @@ -664,14 +664,14 @@ int pciehp_sysfs_disable_slot(struct slot *p_slot)
2345 case POWEROFF_STATE:
2346 info("Slot %s is already in powering off state\n",
2348 + slot_name(p_slot));
2350 case BLINKINGON_STATE:
2352 - info("Already disabled on slot %s\n", p_slot->name);
2353 + info("Already disabled on slot %s\n", slot_name(p_slot));
2356 - err("Not a valid state on slot %s\n", p_slot->name);
2357 + err("Not a valid state on slot %s\n", slot_name(p_slot));
2360 mutex_unlock(&p_slot->lock);
2361 diff --git a/drivers/pci/hotplug/pciehp_hpc.c b/drivers/pci/hotplug/pciehp_hpc.c
2362 index 9d934dd..d3cf6f9 100644
2363 --- a/drivers/pci/hotplug/pciehp_hpc.c
2364 +++ b/drivers/pci/hotplug/pciehp_hpc.c
2365 @@ -1044,7 +1044,6 @@ static int pcie_init_slot(struct controller *ctrl)
2366 slot->device = ctrl->slot_device_offset + slot->hp_slot;
2367 slot->hpc_ops = ctrl->hpc_ops;
2368 slot->number = ctrl->first_slot;
2369 - snprintf(slot->name, SLOT_NAME_SIZE, "%d", slot->number);
2370 mutex_init(&slot->lock);
2371 INIT_DELAYED_WORK(&slot->work, pciehp_queue_pushbutton_work);
2372 list_add(&slot->slot_list, &ctrl->slot_list);
2373 diff --git a/drivers/pci/hotplug/rpaphp_slot.c b/drivers/pci/hotplug/rpaphp_slot.c
2374 index 9b714ea..23be8a2 100644
2375 --- a/drivers/pci/hotplug/rpaphp_slot.c
2376 +++ b/drivers/pci/hotplug/rpaphp_slot.c
2377 @@ -43,7 +43,7 @@ static void rpaphp_release_slot(struct hotplug_slot *hotplug_slot)
2378 void dealloc_slot_struct(struct slot *slot)
2380 kfree(slot->hotplug_slot->info);
2381 - kfree(slot->hotplug_slot->name);
2382 + kfree(slot->name);
2383 kfree(slot->hotplug_slot);
2386 @@ -63,11 +63,9 @@ struct slot *alloc_slot_struct(struct device_node *dn,
2388 if (!slot->hotplug_slot->info)
2390 - slot->hotplug_slot->name = kmalloc(strlen(drc_name) + 1, GFP_KERNEL);
2391 - if (!slot->hotplug_slot->name)
2392 + slot->name = kstrdup(drc_name, GFP_KERNEL);
2395 - slot->name = slot->hotplug_slot->name;
2396 - strcpy(slot->name, drc_name);
2398 slot->index = drc_index;
2399 slot->power_domain = power_domain;
2400 @@ -137,7 +135,7 @@ int rpaphp_register_slot(struct slot *slot)
2401 slotno = PCI_SLOT(PCI_DN(slot->dn->child)->devfn);
2404 - retval = pci_hp_register(php_slot, slot->bus, slotno);
2405 + retval = pci_hp_register(php_slot, slot->bus, slotno, slot->name);
2407 err("pci_hp_register failed with error %d\n", retval);
2409 diff --git a/drivers/pci/hotplug/sgi_hotplug.c b/drivers/pci/hotplug/sgi_hotplug.c
2410 index 410fe03..d748698 100644
2411 --- a/drivers/pci/hotplug/sgi_hotplug.c
2412 +++ b/drivers/pci/hotplug/sgi_hotplug.c
2413 @@ -161,7 +161,8 @@ static int sn_pci_bus_valid(struct pci_bus *pci_bus)
2416 static int sn_hp_slot_private_alloc(struct hotplug_slot *bss_hotplug_slot,
2417 - struct pci_bus *pci_bus, int device)
2418 + struct pci_bus *pci_bus, int device,
2421 struct pcibus_info *pcibus_info;
2423 @@ -173,15 +174,9 @@ static int sn_hp_slot_private_alloc(struct hotplug_slot *bss_hotplug_slot,
2425 bss_hotplug_slot->private = slot;
2427 - bss_hotplug_slot->name = kmalloc(SN_SLOT_NAME_SIZE, GFP_KERNEL);
2428 - if (!bss_hotplug_slot->name) {
2429 - kfree(bss_hotplug_slot->private);
2433 slot->device_num = device;
2434 slot->pci_bus = pci_bus;
2435 - sprintf(bss_hotplug_slot->name, "%04x:%02x:%02x",
2436 + sprintf(name, "%04x:%02x:%02x",
2437 pci_domain_nr(pci_bus),
2438 ((u16)pcibus_info->pbi_buscommon.bs_persist_busnum),
2440 @@ -608,7 +603,6 @@ static inline int get_power_status(struct hotplug_slot *bss_hotplug_slot,
2441 static void sn_release_slot(struct hotplug_slot *bss_hotplug_slot)
2443 kfree(bss_hotplug_slot->info);
2444 - kfree(bss_hotplug_slot->name);
2445 kfree(bss_hotplug_slot->private);
2446 kfree(bss_hotplug_slot);
2448 @@ -618,6 +612,7 @@ static int sn_hotplug_slot_register(struct pci_bus *pci_bus)
2450 struct pci_slot *pci_slot;
2451 struct hotplug_slot *bss_hotplug_slot;
2452 + char name[SN_SLOT_NAME_SIZE];
2456 @@ -645,15 +640,14 @@ static int sn_hotplug_slot_register(struct pci_bus *pci_bus)
2459 if (sn_hp_slot_private_alloc(bss_hotplug_slot,
2460 - pci_bus, device)) {
2461 + pci_bus, device, name)) {
2466 bss_hotplug_slot->ops = &sn_hotplug_slot_ops;
2467 bss_hotplug_slot->release = &sn_release_slot;
2469 - rc = pci_hp_register(bss_hotplug_slot, pci_bus, device);
2470 + rc = pci_hp_register(bss_hotplug_slot, pci_bus, device, name);
2474 diff --git a/drivers/pci/hotplug/shpchp.h b/drivers/pci/hotplug/shpchp.h
2475 index 8a026f7..4d9fed0 100644
2476 --- a/drivers/pci/hotplug/shpchp.h
2477 +++ b/drivers/pci/hotplug/shpchp.h
2478 @@ -69,15 +69,13 @@ struct slot {
2482 - struct timer_list task_event;
2484 struct controller *ctrl;
2485 struct hpc_ops *hpc_ops;
2486 struct hotplug_slot *hotplug_slot;
2487 struct list_head slot_list;
2488 - char name[SLOT_NAME_SIZE];
2489 struct delayed_work work; /* work for button event */
2495 @@ -169,6 +167,11 @@ extern void cleanup_slots(struct controller *ctrl);
2496 extern void shpchp_queue_pushbutton_work(struct work_struct *work);
2497 extern int shpc_init( struct controller *ctrl, struct pci_dev *pdev);
2499 +static inline const char *slot_name(struct slot *slot)
2501 + return hotplug_slot_name(slot->hotplug_slot);
2505 #include <linux/pci-acpi.h>
2506 static inline int get_hp_params_from_firmware(struct pci_dev *dev,
2507 diff --git a/drivers/pci/hotplug/shpchp_core.c b/drivers/pci/hotplug/shpchp_core.c
2508 index cc38615..7af9191 100644
2509 --- a/drivers/pci/hotplug/shpchp_core.c
2510 +++ b/drivers/pci/hotplug/shpchp_core.c
2511 @@ -89,7 +89,7 @@ static void release_slot(struct hotplug_slot *hotplug_slot)
2513 struct slot *slot = hotplug_slot->private;
2515 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2516 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2518 kfree(slot->hotplug_slot->info);
2519 kfree(slot->hotplug_slot);
2520 @@ -101,8 +101,9 @@ static int init_slots(struct controller *ctrl)
2522 struct hotplug_slot *hotplug_slot;
2523 struct hotplug_slot_info *info;
2524 + char name[SLOT_NAME_SIZE];
2525 int retval = -ENOMEM;
2526 - int i, len, dup = 1;
2529 for (i = 0; i < ctrl->num_slots; i++) {
2530 slot = kzalloc(sizeof(*slot), GFP_KERNEL);
2531 @@ -119,8 +120,6 @@ static int init_slots(struct controller *ctrl)
2533 hotplug_slot->info = info;
2535 - hotplug_slot->name = slot->name;
2539 slot->bus = ctrl->pci_dev->subordinate->number;
2540 @@ -133,37 +132,24 @@ static int init_slots(struct controller *ctrl)
2541 /* register this slot with the hotplug pci core */
2542 hotplug_slot->private = slot;
2543 hotplug_slot->release = &release_slot;
2544 - snprintf(slot->name, SLOT_NAME_SIZE, "%d", slot->number);
2545 + snprintf(name, SLOT_NAME_SIZE, "%d", slot->number);
2546 hotplug_slot->ops = &shpchp_hotplug_slot_ops;
2548 - get_power_status(hotplug_slot, &info->power_status);
2549 - get_attention_status(hotplug_slot, &info->attention_status);
2550 - get_latch_status(hotplug_slot, &info->latch_status);
2551 - get_adapter_status(hotplug_slot, &info->adapter_status);
2553 dbg("Registering bus=%x dev=%x hp_slot=%x sun=%x "
2554 "slot_device_offset=%x\n", slot->bus, slot->device,
2555 slot->hp_slot, slot->number, ctrl->slot_device_offset);
2557 retval = pci_hp_register(slot->hotplug_slot,
2558 - ctrl->pci_dev->subordinate, slot->device);
2559 + ctrl->pci_dev->subordinate, slot->device, name);
2562 - * If slot N already exists, we'll try to create
2563 - * slot N-1, N-2 ... N-M, until we overflow.
2565 - if (retval == -EEXIST) {
2566 - len = snprintf(slot->name, SLOT_NAME_SIZE,
2567 - "%d-%d", slot->number, dup++);
2568 - if (len < SLOT_NAME_SIZE)
2569 - goto duplicate_name;
2571 - err("duplicate slot name overflow\n");
2573 err("pci_hp_register failed with error %d\n", retval);
2577 + get_power_status(hotplug_slot, &info->power_status);
2578 + get_attention_status(hotplug_slot, &info->attention_status);
2579 + get_latch_status(hotplug_slot, &info->latch_status);
2580 + get_adapter_status(hotplug_slot, &info->adapter_status);
2582 list_add(&slot->slot_list, &ctrl->slot_list);
2585 @@ -201,7 +187,7 @@ static int set_attention_status (struct hotplug_slot *hotplug_slot, u8 status)
2587 struct slot *slot = get_slot(hotplug_slot);
2589 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2590 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2592 hotplug_slot->info->attention_status = status;
2593 slot->hpc_ops->set_attention_status(slot, status);
2594 @@ -213,7 +199,7 @@ static int enable_slot (struct hotplug_slot *hotplug_slot)
2596 struct slot *slot = get_slot(hotplug_slot);
2598 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2599 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2601 return shpchp_sysfs_enable_slot(slot);
2603 @@ -222,7 +208,7 @@ static int disable_slot (struct hotplug_slot *hotplug_slot)
2605 struct slot *slot = get_slot(hotplug_slot);
2607 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2608 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2610 return shpchp_sysfs_disable_slot(slot);
2612 @@ -232,7 +218,7 @@ static int get_power_status (struct hotplug_slot *hotplug_slot, u8 *value)
2613 struct slot *slot = get_slot(hotplug_slot);
2616 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2617 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2619 retval = slot->hpc_ops->get_power_status(slot, value);
2621 @@ -246,7 +232,7 @@ static int get_attention_status (struct hotplug_slot *hotplug_slot, u8 *value)
2622 struct slot *slot = get_slot(hotplug_slot);
2625 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2626 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2628 retval = slot->hpc_ops->get_attention_status(slot, value);
2630 @@ -260,7 +246,7 @@ static int get_latch_status (struct hotplug_slot *hotplug_slot, u8 *value)
2631 struct slot *slot = get_slot(hotplug_slot);
2634 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2635 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2637 retval = slot->hpc_ops->get_latch_status(slot, value);
2639 @@ -274,7 +260,7 @@ static int get_adapter_status (struct hotplug_slot *hotplug_slot, u8 *value)
2640 struct slot *slot = get_slot(hotplug_slot);
2643 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2644 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2646 retval = slot->hpc_ops->get_adapter_status(slot, value);
2648 @@ -289,7 +275,7 @@ static int get_max_bus_speed(struct hotplug_slot *hotplug_slot,
2649 struct slot *slot = get_slot(hotplug_slot);
2652 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2653 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2655 retval = slot->hpc_ops->get_max_bus_speed(slot, value);
2657 @@ -303,7 +289,7 @@ static int get_cur_bus_speed (struct hotplug_slot *hotplug_slot, enum pci_bus_sp
2658 struct slot *slot = get_slot(hotplug_slot);
2661 - dbg("%s - physical_slot = %s\n", __func__, hotplug_slot->name);
2662 + dbg("%s - physical_slot = %s\n", __func__, slot_name(slot));
2664 retval = slot->hpc_ops->get_cur_bus_speed(slot, value);
2666 diff --git a/drivers/pci/hotplug/shpchp_ctrl.c b/drivers/pci/hotplug/shpchp_ctrl.c
2667 index dfb5393..919b1ee 100644
2668 --- a/drivers/pci/hotplug/shpchp_ctrl.c
2669 +++ b/drivers/pci/hotplug/shpchp_ctrl.c
2670 @@ -70,7 +70,7 @@ u8 shpchp_handle_attention_button(u8 hp_slot, struct controller *ctrl)
2672 * Button pressed - See if need to TAKE ACTION!!!
2674 - info("Button pressed on Slot(%s)\n", p_slot->name);
2675 + info("Button pressed on Slot(%s)\n", slot_name(p_slot));
2676 event_type = INT_BUTTON_PRESS;
2678 queue_interrupt_event(p_slot, event_type);
2679 @@ -98,7 +98,7 @@ u8 shpchp_handle_switch_change(u8 hp_slot, struct controller *ctrl)
2683 - info("Latch open on Slot(%s)\n", p_slot->name);
2684 + info("Latch open on Slot(%s)\n", slot_name(p_slot));
2685 event_type = INT_SWITCH_OPEN;
2686 if (p_slot->pwr_save && p_slot->presence_save) {
2687 event_type = INT_POWER_FAULT;
2688 @@ -108,7 +108,7 @@ u8 shpchp_handle_switch_change(u8 hp_slot, struct controller *ctrl)
2692 - info("Latch close on Slot(%s)\n", p_slot->name);
2693 + info("Latch close on Slot(%s)\n", slot_name(p_slot));
2694 event_type = INT_SWITCH_CLOSE;
2697 @@ -135,13 +135,13 @@ u8 shpchp_handle_presence_change(u8 hp_slot, struct controller *ctrl)
2701 - info("Card present on Slot(%s)\n", p_slot->name);
2702 + info("Card present on Slot(%s)\n", slot_name(p_slot));
2703 event_type = INT_PRESENCE_ON;
2708 - info("Card not present on Slot(%s)\n", p_slot->name);
2709 + info("Card not present on Slot(%s)\n", slot_name(p_slot));
2710 event_type = INT_PRESENCE_OFF;
2713 @@ -164,14 +164,14 @@ u8 shpchp_handle_power_fault(u8 hp_slot, struct controller *ctrl)
2715 * Power fault Cleared
2717 - info("Power fault cleared on Slot(%s)\n", p_slot->name);
2718 + info("Power fault cleared on Slot(%s)\n", slot_name(p_slot));
2719 p_slot->status = 0x00;
2720 event_type = INT_POWER_FAULT_CLEAR;
2725 - info("Power fault on Slot(%s)\n", p_slot->name);
2726 + info("Power fault on Slot(%s)\n", slot_name(p_slot));
2727 event_type = INT_POWER_FAULT;
2728 /* set power fault status for this board */
2729 p_slot->status = 0xFF;
2730 @@ -493,11 +493,11 @@ static void handle_button_press_event(struct slot *p_slot)
2732 p_slot->state = BLINKINGOFF_STATE;
2733 info("PCI slot #%s - powering off due to button "
2734 - "press.\n", p_slot->name);
2735 + "press.\n", slot_name(p_slot));
2737 p_slot->state = BLINKINGON_STATE;
2738 info("PCI slot #%s - powering on due to button "
2739 - "press.\n", p_slot->name);
2740 + "press.\n", slot_name(p_slot));
2742 /* blink green LED and turn off amber */
2743 p_slot->hpc_ops->green_led_blink(p_slot);
2744 @@ -512,7 +512,7 @@ static void handle_button_press_event(struct slot *p_slot)
2745 * press the attention again before the 5 sec. limit
2746 * expires to cancel hot-add or hot-remove
2748 - info("Button cancel on Slot(%s)\n", p_slot->name);
2749 + info("Button cancel on Slot(%s)\n", slot_name(p_slot));
2750 dbg("%s: button cancel\n", __func__);
2751 cancel_delayed_work(&p_slot->work);
2752 if (p_slot->state == BLINKINGOFF_STATE)
2753 @@ -521,7 +521,7 @@ static void handle_button_press_event(struct slot *p_slot)
2754 p_slot->hpc_ops->green_led_off(p_slot);
2755 p_slot->hpc_ops->set_attention_status(p_slot, 0);
2756 info("PCI slot #%s - action canceled due to button press\n",
2758 + slot_name(p_slot));
2759 p_slot->state = STATIC_STATE;
2761 case POWEROFF_STATE:
2762 @@ -531,7 +531,7 @@ static void handle_button_press_event(struct slot *p_slot)
2763 * this means that the previous attention button action
2764 * to hot-add or hot-remove is undergoing
2766 - info("Button ignore on Slot(%s)\n", p_slot->name);
2767 + info("Button ignore on Slot(%s)\n", slot_name(p_slot));
2768 update_slot_info(p_slot);
2771 @@ -574,17 +574,17 @@ static int shpchp_enable_slot (struct slot *p_slot)
2772 mutex_lock(&p_slot->ctrl->crit_sect);
2773 rc = p_slot->hpc_ops->get_adapter_status(p_slot, &getstatus);
2774 if (rc || !getstatus) {
2775 - info("No adapter on slot(%s)\n", p_slot->name);
2776 + info("No adapter on slot(%s)\n", slot_name(p_slot));
2779 rc = p_slot->hpc_ops->get_latch_status(p_slot, &getstatus);
2780 if (rc || getstatus) {
2781 - info("Latch open on slot(%s)\n", p_slot->name);
2782 + info("Latch open on slot(%s)\n", slot_name(p_slot));
2785 rc = p_slot->hpc_ops->get_power_status(p_slot, &getstatus);
2786 if (rc || getstatus) {
2787 - info("Already enabled on slot(%s)\n", p_slot->name);
2788 + info("Already enabled on slot(%s)\n", slot_name(p_slot));
2792 @@ -633,17 +633,17 @@ static int shpchp_disable_slot (struct slot *p_slot)
2794 rc = p_slot->hpc_ops->get_adapter_status(p_slot, &getstatus);
2795 if (rc || !getstatus) {
2796 - info("No adapter on slot(%s)\n", p_slot->name);
2797 + info("No adapter on slot(%s)\n", slot_name(p_slot));
2800 rc = p_slot->hpc_ops->get_latch_status(p_slot, &getstatus);
2801 if (rc || getstatus) {
2802 - info("Latch open on slot(%s)\n", p_slot->name);
2803 + info("Latch open on slot(%s)\n", slot_name(p_slot));
2806 rc = p_slot->hpc_ops->get_power_status(p_slot, &getstatus);
2807 if (rc || !getstatus) {
2808 - info("Already disabled slot(%s)\n", p_slot->name);
2809 + info("Already disabled slot(%s)\n", slot_name(p_slot));
2813 @@ -671,14 +671,14 @@ int shpchp_sysfs_enable_slot(struct slot *p_slot)
2816 info("Slot %s is already in powering on state\n",
2818 + slot_name(p_slot));
2820 case BLINKINGOFF_STATE:
2821 case POWEROFF_STATE:
2822 - info("Already enabled on slot %s\n", p_slot->name);
2823 + info("Already enabled on slot %s\n", slot_name(p_slot));
2826 - err("Not a valid state on slot %s\n", p_slot->name);
2827 + err("Not a valid state on slot %s\n", slot_name(p_slot));
2830 mutex_unlock(&p_slot->lock);
2831 @@ -703,14 +703,14 @@ int shpchp_sysfs_disable_slot(struct slot *p_slot)
2833 case POWEROFF_STATE:
2834 info("Slot %s is already in powering off state\n",
2836 + slot_name(p_slot));
2838 case BLINKINGON_STATE:
2840 - info("Already disabled on slot %s\n", p_slot->name);
2841 + info("Already disabled on slot %s\n", slot_name(p_slot));
2844 - err("Not a valid state on slot %s\n", p_slot->name);
2845 + err("Not a valid state on slot %s\n", slot_name(p_slot));
2848 mutex_unlock(&p_slot->lock);
2849 diff --git a/drivers/pci/slot.c b/drivers/pci/slot.c
2850 index 7e5b85c..b703b09 100644
2851 --- a/drivers/pci/slot.c
2852 +++ b/drivers/pci/slot.c
2853 @@ -73,18 +73,100 @@ static struct kobj_type pci_slot_ktype = {
2854 .default_attrs = pci_slot_default_attrs,
2857 +static char *make_slot_name(const char *name)
2860 + int len, max, dup;
2862 + new_name = kstrdup(name, GFP_KERNEL);
2867 + * Make sure we hit the realloc case the first time through the
2868 + * loop. 'len' will be strlen(name) + 3 at that point which is
2869 + * enough space for "name-X" and the trailing NUL.
2871 + len = strlen(name) + 2;
2876 + struct kobject *dup_slot;
2877 + dup_slot = kset_find_obj(pci_slots_kset, new_name);
2880 + kobject_put(dup_slot);
2885 + new_name = kmalloc(len, GFP_KERNEL);
2889 + sprintf(new_name, "%s-%d", name, dup++);
2895 +static int rename_slot(struct pci_slot *slot, const char *name)
2900 + if (strcmp(pci_slot_name(slot), name) == 0)
2903 + slot_name = make_slot_name(name);
2907 + result = kobject_rename(&slot->kobj, slot_name);
2913 +static struct pci_slot *get_slot(struct pci_bus *parent, int slot_nr)
2915 + struct pci_slot *slot;
2917 + * We already hold pci_bus_sem so don't worry
2919 + list_for_each_entry(slot, &parent->slots, list)
2920 + if (slot->number == slot_nr) {
2921 + kobject_get(&slot->kobj);
2929 * pci_create_slot - create or increment refcount for physical PCI slot
2930 * @parent: struct pci_bus of parent bridge
2931 * @slot_nr: PCI_SLOT(pci_dev->devfn) or -1 for placeholder
2932 * @name: user visible string presented in /sys/bus/pci/slots/<name>
2933 + * @hotplug: set if caller is hotplug driver, NULL otherwise
2935 * PCI slots have first class attributes such as address, speed, width,
2936 * and a &struct pci_slot is used to manage them. This interface will
2937 * either return a new &struct pci_slot to the caller, or if the pci_slot
2938 * already exists, its refcount will be incremented.
2940 - * Slots are uniquely identified by a @pci_bus, @slot_nr, @name tuple.
2941 + * Slots are uniquely identified by a @pci_bus, @slot_nr tuple.
2943 + * There are known platforms with broken firmware that assign the same
2944 + * name to multiple slots. Workaround these broken platforms by renaming
2945 + * the slots on behalf of the caller. If firmware assigns name N to
2948 + * The first slot is assigned N
2949 + * The second slot is assigned N-1
2950 + * The third slot is assigned N-2
2953 * Placeholder slots:
2954 * In most cases, @pci_bus, @slot_nr will be sufficient to uniquely identify
2955 @@ -93,12 +175,8 @@ static struct kobj_type pci_slot_ktype = {
2956 * the slot. In this scenario, the caller may pass -1 for @slot_nr.
2958 * The following semantics are imposed when the caller passes @slot_nr ==
2959 - * -1. First, the check for existing %struct pci_slot is skipped, as the
2960 - * caller may know about several unpopulated slots on a given %struct
2961 - * pci_bus, and each slot would have a @slot_nr of -1. Uniqueness for
2962 - * these slots is then determined by the @name parameter. We expect
2963 - * kobject_init_and_add() to warn us if the caller attempts to create
2964 - * multiple slots with the same name. The other change in semantics is
2965 + * -1. First, we no longer check for an existing %struct pci_slot, as there
2966 + * may be many slots with @slot_nr of -1. The other change in semantics is
2967 * user-visible, which is the 'address' parameter presented in sysfs will
2968 * consist solely of a dddd:bb tuple, where dddd is the PCI domain of the
2969 * %struct pci_bus and bb is the bus number. In other words, the devfn of
2970 @@ -106,47 +184,57 @@ static struct kobj_type pci_slot_ktype = {
2973 struct pci_slot *pci_create_slot(struct pci_bus *parent, int slot_nr,
2976 + struct hotplug_slot *hotplug)
2978 struct pci_slot *slot;
2981 + char *slot_name = NULL;
2983 down_write(&pci_bus_sem);
2988 - /* If we've already created this slot, bump refcount and return. */
2989 - list_for_each_entry(slot, &parent->slots, list) {
2990 - if (slot->number == slot_nr) {
2991 - kobject_get(&slot->kobj);
2992 - pr_debug("%s: inc refcount to %d on %04x:%02x:%02x\n",
2994 - atomic_read(&slot->kobj.kref.refcount),
2995 - pci_domain_nr(parent), parent->number,
2999 + * Hotplug drivers are allowed to rename an existing slot,
3000 + * but only if not already claimed.
3002 + slot = get_slot(parent, slot_nr);
3005 + if ((err = slot->hotplug ? -EBUSY : 0)
3006 + || (err = rename_slot(slot, name))) {
3007 + kobject_put(&slot->kobj);
3016 slot = kzalloc(sizeof(*slot), GFP_KERNEL);
3018 - slot = ERR_PTR(-ENOMEM);
3025 slot->number = slot_nr;
3027 slot->kobj.kset = pci_slots_kset;
3028 - err = kobject_init_and_add(&slot->kobj, &pci_slot_ktype, NULL,
3031 - printk(KERN_ERR "Unable to register kobject %s\n", name);
3032 + slot_name = make_slot_name(name);
3038 + err = kobject_init_and_add(&slot->kobj, &pci_slot_ktype, NULL,
3043 INIT_LIST_HEAD(&slot->list);
3044 list_add(&slot->list, &parent->slots);
3046 @@ -154,10 +242,10 @@ placeholder:
3047 pr_debug("%s: created pci_slot on %04x:%02x:%02x\n",
3048 __func__, pci_domain_nr(parent), parent->number, slot_nr);
3052 up_write(&pci_bus_sem);
3057 slot = ERR_PTR(err);
3059 @@ -203,7 +291,6 @@ EXPORT_SYMBOL_GPL(pci_update_slot_number);
3060 * just call kobject_put on its kobj and let our release methods do the
3064 void pci_destroy_slot(struct pci_slot *slot)
3066 pr_debug("%s: dec refcount to %d on %04x:%02x:%02x\n", __func__,
3067 diff --git a/drivers/spi/pxa2xx_spi.c b/drivers/spi/pxa2xx_spi.c
3068 index d47d363..b5fc978 100644
3069 --- a/drivers/spi/pxa2xx_spi.c
3070 +++ b/drivers/spi/pxa2xx_spi.c
3071 @@ -348,21 +348,21 @@ static int map_dma_buffers(struct driver_data *drv_data)
3073 drv_data->tx_map_len = drv_data->len;
3075 - /* Stream map the rx buffer */
3076 - drv_data->rx_dma = dma_map_single(dev, drv_data->rx,
3077 - drv_data->rx_map_len,
3079 - if (dma_mapping_error(dev, drv_data->rx_dma))
3082 - /* Stream map the tx buffer */
3083 + /* Stream map the tx buffer. Always do DMA_TO_DEVICE first
3084 + * so we flush the cache *before* invalidating it, in case
3085 + * the tx and rx buffers overlap.
3087 drv_data->tx_dma = dma_map_single(dev, drv_data->tx,
3088 - drv_data->tx_map_len,
3090 + drv_data->tx_map_len, DMA_TO_DEVICE);
3091 + if (dma_mapping_error(dev, drv_data->tx_dma))
3094 - if (dma_mapping_error(dev, drv_data->tx_dma)) {
3095 - dma_unmap_single(dev, drv_data->rx_dma,
3096 + /* Stream map the rx buffer */
3097 + drv_data->rx_dma = dma_map_single(dev, drv_data->rx,
3098 drv_data->rx_map_len, DMA_FROM_DEVICE);
3099 + if (dma_mapping_error(dev, drv_data->rx_dma)) {
3100 + dma_unmap_single(dev, drv_data->tx_dma,
3101 + drv_data->tx_map_len, DMA_TO_DEVICE);
3105 diff --git a/drivers/usb/gadget/f_rndis.c b/drivers/usb/gadget/f_rndis.c
3106 index 659b3d9..428b599 100644
3107 --- a/drivers/usb/gadget/f_rndis.c
3108 +++ b/drivers/usb/gadget/f_rndis.c
3109 @@ -172,7 +172,6 @@ static struct usb_interface_descriptor rndis_data_intf __initdata = {
3110 .bDescriptorType = USB_DT_INTERFACE,
3112 /* .bInterfaceNumber = DYNAMIC */
3113 - .bAlternateSetting = 1,
3115 .bInterfaceClass = USB_CLASS_CDC_DATA,
3116 .bInterfaceSubClass = 0,
3117 @@ -303,7 +302,7 @@ static void rndis_response_available(void *_rndis)
3118 __le32 *data = req->buf;
3121 - if (atomic_inc_return(&rndis->notify_count))
3122 + if (atomic_inc_return(&rndis->notify_count) != 1)
3125 /* Send RNDIS RESPONSE_AVAILABLE notification; a
3126 diff --git a/drivers/usb/host/ehci-pci.c b/drivers/usb/host/ehci-pci.c
3127 index c46a58f..36864f9 100644
3128 --- a/drivers/usb/host/ehci-pci.c
3129 +++ b/drivers/usb/host/ehci-pci.c
3130 @@ -66,6 +66,8 @@ static int ehci_pci_setup(struct usb_hcd *hcd)
3132 struct ehci_hcd *ehci = hcd_to_ehci(hcd);
3133 struct pci_dev *pdev = to_pci_dev(hcd->self.controller);
3134 + struct pci_dev *p_smbus;
3139 @@ -166,6 +168,28 @@ static int ehci_pci_setup(struct usb_hcd *hcd)
3140 pci_write_config_byte(pdev, 0x4b, tmp | 0x20);
3143 + case PCI_VENDOR_ID_ATI:
3144 + /* SB600 and old version of SB700 have a bug in EHCI controller,
3145 + * which causes usb devices lose response in some cases.
3147 + if ((pdev->device == 0x4386) || (pdev->device == 0x4396)) {
3148 + p_smbus = pci_get_device(PCI_VENDOR_ID_ATI,
3149 + PCI_DEVICE_ID_ATI_SBX00_SMBUS,
3153 + rev = p_smbus->revision;
3154 + if ((pdev->device == 0x4386) || (rev == 0x3a)
3155 + || (rev == 0x3b)) {
3157 + ehci_info(ehci, "applying AMD SB600/SB700 USB "
3158 + "freeze workaround\n");
3159 + pci_read_config_byte(pdev, 0x53, &tmp);
3160 + pci_write_config_byte(pdev, 0x53, tmp | (1<<3));
3162 + pci_dev_put(p_smbus);
3168 diff --git a/drivers/usb/mon/mon_bin.c b/drivers/usb/mon/mon_bin.c
3169 index 6566fc0..0ada0fc 100644
3170 --- a/drivers/usb/mon/mon_bin.c
3171 +++ b/drivers/usb/mon/mon_bin.c
3172 @@ -687,7 +687,10 @@ static ssize_t mon_bin_read(struct file *file, char __user *buf,
3175 if (rp->b_read >= sizeof(struct mon_bin_hdr)) {
3176 - step_len = min(nbytes, (size_t)ep->len_cap);
3177 + step_len = ep->len_cap;
3178 + step_len -= rp->b_read - sizeof(struct mon_bin_hdr);
3179 + if (step_len > nbytes)
3180 + step_len = nbytes;
3181 offset = rp->b_out + PKT_SIZE;
3182 offset += rp->b_read - sizeof(struct mon_bin_hdr);
3183 if (offset >= rp->b_size)
3184 diff --git a/drivers/video/fbmem.c b/drivers/video/fbmem.c
3185 index 98843c2..3f050e2 100644
3186 --- a/drivers/video/fbmem.c
3187 +++ b/drivers/video/fbmem.c
3188 @@ -232,7 +232,7 @@ static void fb_set_logo_directpalette(struct fb_info *info,
3189 greenshift = info->var.green.offset;
3190 blueshift = info->var.blue.offset;
3192 - for (i = 32; i < logo->clutsize; i++)
3193 + for (i = 32; i < 32 + logo->clutsize; i++)
3194 palette[i] = i << redshift | i << greenshift | i << blueshift;
3197 diff --git a/drivers/watchdog/hpwdt.c b/drivers/watchdog/hpwdt.c
3198 index a3765e0..763c1ea 100644
3199 --- a/drivers/watchdog/hpwdt.c
3200 +++ b/drivers/watchdog/hpwdt.c
3202 #include <linux/bootmem.h>
3203 #include <linux/slab.h>
3204 #include <asm/desc.h>
3205 +#include <asm/cacheflush.h>
3207 #define PCI_BIOS32_SD_VALUE 0x5F32335F /* "_32_" */
3208 #define CRU_BIOS_SIGNATURE_VALUE 0x55524324
3209 @@ -394,6 +395,8 @@ static void __devinit dmi_find_cru(const struct dmi_header *dm)
3210 smbios_cru64_ptr->double_offset;
3211 cru_rom_addr = ioremap(cru_physical_address,
3212 smbios_cru64_ptr->double_length);
3213 + set_memory_x((unsigned long)cru_rom_addr & PAGE_MASK,
3214 + smbios_cru64_ptr->double_length >> PAGE_SHIFT);
3218 @@ -482,7 +485,7 @@ static int hpwdt_pretimeout(struct notifier_block *nb, unsigned long ulReason,
3219 "Management Log for details.\n");
3222 - return NOTIFY_STOP;
3227 diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c
3228 index 69a12aa..490e34b 100644
3229 --- a/fs/cifs/cifs_debug.c
3230 +++ b/fs/cifs/cifs_debug.c
3231 @@ -107,12 +107,13 @@ void cifs_dump_mids(struct TCP_Server_Info *server)
3232 #ifdef CONFIG_PROC_FS
3233 static int cifs_debug_data_proc_show(struct seq_file *m, void *v)
3235 - struct list_head *tmp;
3236 - struct list_head *tmp1;
3237 + struct list_head *tmp1, *tmp2, *tmp3;
3238 struct mid_q_entry *mid_entry;
3239 + struct TCP_Server_Info *server;
3240 struct cifsSesInfo *ses;
3241 struct cifsTconInfo *tcon;
3247 "Display Internal CIFS Data Structures for Debugging\n"
3248 @@ -122,46 +123,78 @@ static int cifs_debug_data_proc_show(struct seq_file *m, void *v)
3249 seq_printf(m, "Servers:");
3252 - read_lock(&GlobalSMBSeslock);
3253 - list_for_each(tmp, &GlobalSMBSessionList) {
3254 + read_lock(&cifs_tcp_ses_lock);
3255 + list_for_each(tmp1, &cifs_tcp_ses_list) {
3256 + server = list_entry(tmp1, struct TCP_Server_Info,
3259 - ses = list_entry(tmp, struct cifsSesInfo, cifsSessionList);
3260 - if ((ses->serverDomain == NULL) || (ses->serverOS == NULL) ||
3261 - (ses->serverNOS == NULL)) {
3262 - seq_printf(m, "\nentry for %s not fully "
3263 - "displayed\n\t", ses->serverName);
3266 - "\n%d) Name: %s Domain: %s Mounts: %d OS:"
3267 - " %s \n\tNOS: %s\tCapability: 0x%x\n\tSMB"
3268 + list_for_each(tmp2, &server->smb_ses_list) {
3269 + ses = list_entry(tmp2, struct cifsSesInfo,
3271 + if ((ses->serverDomain == NULL) ||
3272 + (ses->serverOS == NULL) ||
3273 + (ses->serverNOS == NULL)) {
3274 + seq_printf(m, "\n%d) entry for %s not fully "
3275 + "displayed\n\t", i, ses->serverName);
3278 + "\n%d) Name: %s Domain: %s Uses: %d OS:"
3279 + " %s\n\tNOS: %s\tCapability: 0x%x\n\tSMB"
3280 " session status: %d\t",
3281 i, ses->serverName, ses->serverDomain,
3282 - atomic_read(&ses->inUse),
3283 - ses->serverOS, ses->serverNOS,
3284 + ses->ses_count, ses->serverOS, ses->serverNOS,
3285 ses->capabilities, ses->status);
3287 - if (ses->server) {
3289 seq_printf(m, "TCP status: %d\n\tLocal Users To "
3290 - "Server: %d SecMode: 0x%x Req On Wire: %d",
3291 - ses->server->tcpStatus,
3292 - atomic_read(&ses->server->socketUseCount),
3293 - ses->server->secMode,
3294 - atomic_read(&ses->server->inFlight));
3295 + "Server: %d SecMode: 0x%x Req On Wire: %d",
3296 + server->tcpStatus, server->srv_count,
3298 + atomic_read(&server->inFlight));
3300 #ifdef CONFIG_CIFS_STATS2
3301 seq_printf(m, " In Send: %d In MaxReq Wait: %d",
3302 - atomic_read(&ses->server->inSend),
3303 - atomic_read(&ses->server->num_waiters));
3304 + atomic_read(&server->inSend),
3305 + atomic_read(&server->num_waiters));
3308 - seq_puts(m, "\nMIDs:\n");
3309 + seq_puts(m, "\n\tShares:");
3311 + list_for_each(tmp3, &ses->tcon_list) {
3312 + tcon = list_entry(tmp3, struct cifsTconInfo,
3315 + dev_type = le32_to_cpu(tcon->fsDevInfo.DeviceType);
3316 + seq_printf(m, "\n\t%d) %s Mounts: %d ", j,
3317 + tcon->treeName, tcon->tc_count);
3318 + if (tcon->nativeFileSystem) {
3319 + seq_printf(m, "Type: %s ",
3320 + tcon->nativeFileSystem);
3322 + seq_printf(m, "DevInfo: 0x%x Attributes: 0x%x"
3323 + "\nPathComponentMax: %d Status: 0x%d",
3324 + le32_to_cpu(tcon->fsDevInfo.DeviceCharacteristics),
3325 + le32_to_cpu(tcon->fsAttrInfo.Attributes),
3326 + le32_to_cpu(tcon->fsAttrInfo.MaxPathNameComponentLength),
3328 + if (dev_type == FILE_DEVICE_DISK)
3329 + seq_puts(m, " type: DISK ");
3330 + else if (dev_type == FILE_DEVICE_CD_ROM)
3331 + seq_puts(m, " type: CDROM ");
3333 + seq_printf(m, " type: %d ", dev_type);
3335 + if (tcon->need_reconnect)
3336 + seq_puts(m, "\tDISCONNECTED ");
3337 + seq_putc(m, '\n');
3340 + seq_puts(m, "\n\tMIDs:\n");
3342 spin_lock(&GlobalMid_Lock);
3343 - list_for_each(tmp1, &ses->server->pending_mid_q) {
3344 - mid_entry = list_entry(tmp1, struct
3346 + list_for_each(tmp3, &server->pending_mid_q) {
3347 + mid_entry = list_entry(tmp3, struct mid_q_entry,
3349 - seq_printf(m, "State: %d com: %d pid:"
3350 + seq_printf(m, "\tState: %d com: %d pid:"
3351 " %d tsk: %p mid %d\n",
3352 mid_entry->midState,
3353 (int)mid_entry->command,
3354 @@ -171,44 +204,8 @@ static int cifs_debug_data_proc_show(struct seq_file *m, void *v)
3356 spin_unlock(&GlobalMid_Lock);
3360 - read_unlock(&GlobalSMBSeslock);
3361 - seq_putc(m, '\n');
3363 - seq_puts(m, "Shares:");
3366 - read_lock(&GlobalSMBSeslock);
3367 - list_for_each(tmp, &GlobalTreeConnectionList) {
3370 - tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList);
3371 - dev_type = le32_to_cpu(tcon->fsDevInfo.DeviceType);
3372 - seq_printf(m, "\n%d) %s Uses: %d ", i,
3373 - tcon->treeName, atomic_read(&tcon->useCount));
3374 - if (tcon->nativeFileSystem) {
3375 - seq_printf(m, "Type: %s ",
3376 - tcon->nativeFileSystem);
3378 - seq_printf(m, "DevInfo: 0x%x Attributes: 0x%x"
3379 - "\nPathComponentMax: %d Status: %d",
3380 - le32_to_cpu(tcon->fsDevInfo.DeviceCharacteristics),
3381 - le32_to_cpu(tcon->fsAttrInfo.Attributes),
3382 - le32_to_cpu(tcon->fsAttrInfo.MaxPathNameComponentLength),
3384 - if (dev_type == FILE_DEVICE_DISK)
3385 - seq_puts(m, " type: DISK ");
3386 - else if (dev_type == FILE_DEVICE_CD_ROM)
3387 - seq_puts(m, " type: CDROM ");
3389 - seq_printf(m, " type: %d ", dev_type);
3391 - if (tcon->tidStatus == CifsNeedReconnect)
3392 - seq_puts(m, "\tDISCONNECTED ");
3394 - read_unlock(&GlobalSMBSeslock);
3396 + read_unlock(&cifs_tcp_ses_lock);
3399 /* BB add code to dump additional info such as TCP session info now */
3400 @@ -234,7 +231,9 @@ static ssize_t cifs_stats_proc_write(struct file *file,
3404 - struct list_head *tmp;
3405 + struct list_head *tmp1, *tmp2, *tmp3;
3406 + struct TCP_Server_Info *server;
3407 + struct cifsSesInfo *ses;
3408 struct cifsTconInfo *tcon;
3410 rc = get_user(c, buffer);
3411 @@ -242,33 +241,42 @@ static ssize_t cifs_stats_proc_write(struct file *file,
3414 if (c == '1' || c == 'y' || c == 'Y' || c == '0') {
3415 - read_lock(&GlobalSMBSeslock);
3416 #ifdef CONFIG_CIFS_STATS2
3417 atomic_set(&totBufAllocCount, 0);
3418 atomic_set(&totSmBufAllocCount, 0);
3419 #endif /* CONFIG_CIFS_STATS2 */
3420 - list_for_each(tmp, &GlobalTreeConnectionList) {
3421 - tcon = list_entry(tmp, struct cifsTconInfo,
3422 - cifsConnectionList);
3423 - atomic_set(&tcon->num_smbs_sent, 0);
3424 - atomic_set(&tcon->num_writes, 0);
3425 - atomic_set(&tcon->num_reads, 0);
3426 - atomic_set(&tcon->num_oplock_brks, 0);
3427 - atomic_set(&tcon->num_opens, 0);
3428 - atomic_set(&tcon->num_closes, 0);
3429 - atomic_set(&tcon->num_deletes, 0);
3430 - atomic_set(&tcon->num_mkdirs, 0);
3431 - atomic_set(&tcon->num_rmdirs, 0);
3432 - atomic_set(&tcon->num_renames, 0);
3433 - atomic_set(&tcon->num_t2renames, 0);
3434 - atomic_set(&tcon->num_ffirst, 0);
3435 - atomic_set(&tcon->num_fnext, 0);
3436 - atomic_set(&tcon->num_fclose, 0);
3437 - atomic_set(&tcon->num_hardlinks, 0);
3438 - atomic_set(&tcon->num_symlinks, 0);
3439 - atomic_set(&tcon->num_locks, 0);
3440 + read_lock(&cifs_tcp_ses_lock);
3441 + list_for_each(tmp1, &cifs_tcp_ses_list) {
3442 + server = list_entry(tmp1, struct TCP_Server_Info,
3444 + list_for_each(tmp2, &server->smb_ses_list) {
3445 + ses = list_entry(tmp2, struct cifsSesInfo,
3447 + list_for_each(tmp3, &ses->tcon_list) {
3448 + tcon = list_entry(tmp3,
3449 + struct cifsTconInfo,
3451 + atomic_set(&tcon->num_smbs_sent, 0);
3452 + atomic_set(&tcon->num_writes, 0);
3453 + atomic_set(&tcon->num_reads, 0);
3454 + atomic_set(&tcon->num_oplock_brks, 0);
3455 + atomic_set(&tcon->num_opens, 0);
3456 + atomic_set(&tcon->num_closes, 0);
3457 + atomic_set(&tcon->num_deletes, 0);
3458 + atomic_set(&tcon->num_mkdirs, 0);
3459 + atomic_set(&tcon->num_rmdirs, 0);
3460 + atomic_set(&tcon->num_renames, 0);
3461 + atomic_set(&tcon->num_t2renames, 0);
3462 + atomic_set(&tcon->num_ffirst, 0);
3463 + atomic_set(&tcon->num_fnext, 0);
3464 + atomic_set(&tcon->num_fclose, 0);
3465 + atomic_set(&tcon->num_hardlinks, 0);
3466 + atomic_set(&tcon->num_symlinks, 0);
3467 + atomic_set(&tcon->num_locks, 0);
3471 - read_unlock(&GlobalSMBSeslock);
3472 + read_unlock(&cifs_tcp_ses_lock);
3476 @@ -277,7 +285,9 @@ static ssize_t cifs_stats_proc_write(struct file *file,
3477 static int cifs_stats_proc_show(struct seq_file *m, void *v)
3480 - struct list_head *tmp;
3481 + struct list_head *tmp1, *tmp2, *tmp3;
3482 + struct TCP_Server_Info *server;
3483 + struct cifsSesInfo *ses;
3484 struct cifsTconInfo *tcon;
3487 @@ -306,44 +316,55 @@ static int cifs_stats_proc_show(struct seq_file *m, void *v)
3488 GlobalCurrentXid, GlobalMaxActiveXid);
3491 - read_lock(&GlobalSMBSeslock);
3492 - list_for_each(tmp, &GlobalTreeConnectionList) {
3494 - tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList);
3495 - seq_printf(m, "\n%d) %s", i, tcon->treeName);
3496 - if (tcon->tidStatus == CifsNeedReconnect)
3497 - seq_puts(m, "\tDISCONNECTED ");
3498 - seq_printf(m, "\nSMBs: %d Oplock Breaks: %d",
3499 - atomic_read(&tcon->num_smbs_sent),
3500 - atomic_read(&tcon->num_oplock_brks));
3501 - seq_printf(m, "\nReads: %d Bytes: %lld",
3502 - atomic_read(&tcon->num_reads),
3503 - (long long)(tcon->bytes_read));
3504 - seq_printf(m, "\nWrites: %d Bytes: %lld",
3505 - atomic_read(&tcon->num_writes),
3506 - (long long)(tcon->bytes_written));
3508 - "\nLocks: %d HardLinks: %d Symlinks: %d",
3509 - atomic_read(&tcon->num_locks),
3510 - atomic_read(&tcon->num_hardlinks),
3511 - atomic_read(&tcon->num_symlinks));
3513 - seq_printf(m, "\nOpens: %d Closes: %d Deletes: %d",
3514 - atomic_read(&tcon->num_opens),
3515 - atomic_read(&tcon->num_closes),
3516 - atomic_read(&tcon->num_deletes));
3517 - seq_printf(m, "\nMkdirs: %d Rmdirs: %d",
3518 - atomic_read(&tcon->num_mkdirs),
3519 - atomic_read(&tcon->num_rmdirs));
3520 - seq_printf(m, "\nRenames: %d T2 Renames %d",
3521 - atomic_read(&tcon->num_renames),
3522 - atomic_read(&tcon->num_t2renames));
3523 - seq_printf(m, "\nFindFirst: %d FNext %d FClose %d",
3524 - atomic_read(&tcon->num_ffirst),
3525 - atomic_read(&tcon->num_fnext),
3526 - atomic_read(&tcon->num_fclose));
3527 + read_lock(&cifs_tcp_ses_lock);
3528 + list_for_each(tmp1, &cifs_tcp_ses_list) {
3529 + server = list_entry(tmp1, struct TCP_Server_Info,
3531 + list_for_each(tmp2, &server->smb_ses_list) {
3532 + ses = list_entry(tmp2, struct cifsSesInfo,
3534 + list_for_each(tmp3, &ses->tcon_list) {
3535 + tcon = list_entry(tmp3,
3536 + struct cifsTconInfo,
3539 + seq_printf(m, "\n%d) %s", i, tcon->treeName);
3540 + if (tcon->need_reconnect)
3541 + seq_puts(m, "\tDISCONNECTED ");
3542 + seq_printf(m, "\nSMBs: %d Oplock Breaks: %d",
3543 + atomic_read(&tcon->num_smbs_sent),
3544 + atomic_read(&tcon->num_oplock_brks));
3545 + seq_printf(m, "\nReads: %d Bytes: %lld",
3546 + atomic_read(&tcon->num_reads),
3547 + (long long)(tcon->bytes_read));
3548 + seq_printf(m, "\nWrites: %d Bytes: %lld",
3549 + atomic_read(&tcon->num_writes),
3550 + (long long)(tcon->bytes_written));
3551 + seq_printf(m, "\nLocks: %d HardLinks: %d "
3553 + atomic_read(&tcon->num_locks),
3554 + atomic_read(&tcon->num_hardlinks),
3555 + atomic_read(&tcon->num_symlinks));
3556 + seq_printf(m, "\nOpens: %d Closes: %d"
3558 + atomic_read(&tcon->num_opens),
3559 + atomic_read(&tcon->num_closes),
3560 + atomic_read(&tcon->num_deletes));
3561 + seq_printf(m, "\nMkdirs: %d Rmdirs: %d",
3562 + atomic_read(&tcon->num_mkdirs),
3563 + atomic_read(&tcon->num_rmdirs));
3564 + seq_printf(m, "\nRenames: %d T2 Renames %d",
3565 + atomic_read(&tcon->num_renames),
3566 + atomic_read(&tcon->num_t2renames));
3567 + seq_printf(m, "\nFindFirst: %d FNext %d "
3569 + atomic_read(&tcon->num_ffirst),
3570 + atomic_read(&tcon->num_fnext),
3571 + atomic_read(&tcon->num_fclose));
3575 - read_unlock(&GlobalSMBSeslock);
3576 + read_unlock(&cifs_tcp_ses_lock);
3580 diff --git a/fs/cifs/cifs_spnego.c b/fs/cifs/cifs_spnego.c
3581 index 117ef4b..d0758b2 100644
3582 --- a/fs/cifs/cifs_spnego.c
3583 +++ b/fs/cifs/cifs_spnego.c
3584 @@ -70,7 +70,8 @@ struct key_type cifs_spnego_key_type = {
3585 strlen("ver=0xFF") */
3586 #define MAX_MECH_STR_LEN 13 /* length of longest security mechanism name, eg
3587 in future could have strlen(";sec=ntlmsspi") */
3588 -#define MAX_IPV6_ADDR_LEN 42 /* eg FEDC:BA98:7654:3210:FEDC:BA98:7654:3210/60 */
3589 +/* max possible addr len eg FEDC:BA98:7654:3210:FEDC:BA98:7654:3210/128 */
3590 +#define MAX_IPV6_ADDR_LEN 43
3591 /* get a key struct with a SPNEGO security blob, suitable for session setup */
3593 cifs_get_spnego_key(struct cifsSesInfo *sesInfo)
3594 diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c
3595 index 25ecbd5..2fcc66c 100644
3596 --- a/fs/cifs/cifsfs.c
3597 +++ b/fs/cifs/cifsfs.c
3598 @@ -510,10 +510,11 @@ static void cifs_umount_begin(struct super_block *sb)
3599 tcon = cifs_sb->tcon;
3602 - down(&tcon->tconSem);
3603 - if (atomic_read(&tcon->useCount) == 1)
3605 + read_lock(&cifs_tcp_ses_lock);
3606 + if (tcon->tc_count == 1)
3607 tcon->tidStatus = CifsExiting;
3608 - up(&tcon->tconSem);
3609 + read_unlock(&cifs_tcp_ses_lock);
3611 /* cancel_brl_requests(tcon); */ /* BB mark all brl mids as exiting */
3612 /* cancel_notify_requests(tcon); */
3613 @@ -967,7 +968,7 @@ static int cifs_oplock_thread(void *dummyarg)
3614 not bother sending an oplock release if session
3615 to server still is disconnected since oplock
3616 already released by the server in that case */
3617 - if (pTcon->tidStatus != CifsNeedReconnect) {
3618 + if (!pTcon->need_reconnect) {
3619 rc = CIFSSMBLock(0, pTcon, netfid,
3620 0 /* len */ , 0 /* offset */, 0,
3621 0, LOCKING_ANDX_OPLOCK_RELEASE,
3622 @@ -985,24 +986,24 @@ static int cifs_oplock_thread(void *dummyarg)
3623 static int cifs_dnotify_thread(void *dummyarg)
3625 struct list_head *tmp;
3626 - struct cifsSesInfo *ses;
3627 + struct TCP_Server_Info *server;
3630 if (try_to_freeze())
3632 set_current_state(TASK_INTERRUPTIBLE);
3633 schedule_timeout(15*HZ);
3634 - read_lock(&GlobalSMBSeslock);
3635 /* check if any stuck requests that need
3636 to be woken up and wakeq so the
3637 thread can wake up and error out */
3638 - list_for_each(tmp, &GlobalSMBSessionList) {
3639 - ses = list_entry(tmp, struct cifsSesInfo,
3641 - if (ses->server && atomic_read(&ses->server->inFlight))
3642 - wake_up_all(&ses->server->response_q);
3643 + read_lock(&cifs_tcp_ses_lock);
3644 + list_for_each(tmp, &cifs_tcp_ses_list) {
3645 + server = list_entry(tmp, struct TCP_Server_Info,
3647 + if (atomic_read(&server->inFlight))
3648 + wake_up_all(&server->response_q);
3650 - read_unlock(&GlobalSMBSeslock);
3651 + read_unlock(&cifs_tcp_ses_lock);
3652 } while (!kthread_should_stop());
3655 @@ -1013,9 +1014,7 @@ init_cifs(void)
3659 -/* INIT_LIST_HEAD(&GlobalServerList);*/ /* BB not implemented yet */
3660 - INIT_LIST_HEAD(&GlobalSMBSessionList);
3661 - INIT_LIST_HEAD(&GlobalTreeConnectionList);
3662 + INIT_LIST_HEAD(&cifs_tcp_ses_list);
3663 INIT_LIST_HEAD(&GlobalOplock_Q);
3664 #ifdef CONFIG_CIFS_EXPERIMENTAL
3665 INIT_LIST_HEAD(&GlobalDnotifyReqList);
3666 @@ -1043,6 +1042,7 @@ init_cifs(void)
3667 GlobalMaxActiveXid = 0;
3668 memset(Local_System_Name, 0, 15);
3669 rwlock_init(&GlobalSMBSeslock);
3670 + rwlock_init(&cifs_tcp_ses_lock);
3671 spin_lock_init(&GlobalMid_Lock);
3673 if (cifs_max_pending < 2) {
3674 diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
3675 index 0d22479..1ae6314 100644
3676 --- a/fs/cifs/cifsglob.h
3677 +++ b/fs/cifs/cifsglob.h
3678 @@ -85,8 +85,7 @@ enum securityEnum {
3686 /* Netbios frames protocol not supported at this time */
3688 @@ -122,6 +121,9 @@ struct cifs_cred {
3691 struct TCP_Server_Info {
3692 + struct list_head tcp_ses_list;
3693 + struct list_head smb_ses_list;
3694 + int srv_count; /* reference counter */
3695 /* 15 character server name + 0x20 16th byte indicating type = srv */
3696 char server_RFC1001_name[SERVER_NAME_LEN_WITH_NULL];
3697 char unicode_server_Name[SERVER_NAME_LEN_WITH_NULL * 2];
3698 @@ -141,7 +143,8 @@ struct TCP_Server_Info {
3701 bool svlocal:1; /* local server or remote */
3702 - atomic_t socketUseCount; /* number of open cifs sessions on socket */
3703 + bool noblocksnd; /* use blocking sendmsg */
3704 + bool noautotune; /* do not autotune send buf sizes */
3705 atomic_t inFlight; /* number of requests on the wire to server */
3706 #ifdef CONFIG_CIFS_STATS2
3707 atomic_t inSend; /* requests trying to send */
3708 @@ -192,13 +195,14 @@ struct cifsUidInfo {
3709 * Session structure. One of these for each uid session with a particular host
3711 struct cifsSesInfo {
3712 - struct list_head cifsSessionList;
3713 + struct list_head smb_ses_list;
3714 + struct list_head tcon_list;
3715 struct semaphore sesSem;
3717 struct cifsUidInfo *uidInfo; /* pointer to user info */
3719 struct TCP_Server_Info *server; /* pointer to server info */
3720 - atomic_t inUse; /* # of mounts (tree connections) on this ses */
3721 + int ses_count; /* reference counter */
3722 enum statusEnum status;
3723 unsigned overrideSecFlg; /* if non-zero override global sec flags */
3724 __u16 ipc_tid; /* special tid for connection to IPC share */
3725 @@ -214,6 +218,7 @@ struct cifsSesInfo {
3726 char userName[MAX_USERNAME_SIZE + 1];
3729 + bool need_reconnect:1; /* connection reset, uid now invalid */
3731 /* no more than one of the following three session flags may be set */
3732 #define CIFS_SES_NT4 1
3733 @@ -228,16 +233,15 @@ struct cifsSesInfo {
3736 struct cifsTconInfo {
3737 - struct list_head cifsConnectionList;
3738 + struct list_head tcon_list;
3740 struct list_head openFileList;
3741 - struct semaphore tconSem;
3742 struct cifsSesInfo *ses; /* pointer to session associated with */
3743 char treeName[MAX_TREE_SIZE + 1]; /* UNC name of resource in ASCII */
3744 char *nativeFileSystem;
3745 __u16 tid; /* The 2 byte tree id */
3746 __u16 Flags; /* optional support bits */
3747 enum statusEnum tidStatus;
3748 - atomic_t useCount; /* how many explicit/implicit mounts to share */
3749 #ifdef CONFIG_CIFS_STATS
3750 atomic_t num_smbs_sent;
3751 atomic_t num_writes;
3752 @@ -285,6 +289,7 @@ struct cifsTconInfo {
3753 bool seal:1; /* transport encryption for this mounted share */
3754 bool unix_ext:1; /* if false disable Linux extensions to CIFS protocol
3755 for this mount even if server would support */
3756 + bool need_reconnect:1; /* connection reset, tid now invalid */
3757 /* BB add field for back pointer to sb struct(s)? */
3760 @@ -584,21 +589,21 @@ require use of the stronger protocol */
3764 - * The list of servers that did not respond with NT LM 0.12.
3765 - * This list helps improve performance and eliminate the messages indicating
3766 - * that we had a communications error talking to the server in this list.
3767 + * the list of TCP_Server_Info structures, ie each of the sockets
3768 + * connecting our client to a distinct server (ip address), is
3769 + * chained together by cifs_tcp_ses_list. The list of all our SMB
3770 + * sessions (and from that the tree connections) can be found
3771 + * by iterating over cifs_tcp_ses_list
3773 -/* Feature not supported */
3774 -/* GLOBAL_EXTERN struct servers_not_supported *NotSuppList; */
3775 +GLOBAL_EXTERN struct list_head cifs_tcp_ses_list;
3778 - * The following is a hash table of all the users we know about.
3779 + * This lock protects the cifs_tcp_ses_list, the list of smb sessions per
3780 + * tcp session, and the list of tcon's per smb session. It also protects
3781 + * the reference counters for the server, smb session, and tcon. Finally,
3782 + * changes to the tcon->tidStatus should be done while holding this lock.
3784 -GLOBAL_EXTERN struct smbUidInfo *GlobalUidList[UID_HASH];
3786 -/* GLOBAL_EXTERN struct list_head GlobalServerList; BB not implemented yet */
3787 -GLOBAL_EXTERN struct list_head GlobalSMBSessionList;
3788 -GLOBAL_EXTERN struct list_head GlobalTreeConnectionList;
3789 +GLOBAL_EXTERN rwlock_t cifs_tcp_ses_lock;
3790 GLOBAL_EXTERN rwlock_t GlobalSMBSeslock; /* protects list inserts on 3 above */
3792 GLOBAL_EXTERN struct list_head GlobalOplock_Q;
3793 diff --git a/fs/cifs/cifsproto.h b/fs/cifs/cifsproto.h
3794 index a729d08..ca91f16 100644
3795 --- a/fs/cifs/cifsproto.h
3796 +++ b/fs/cifs/cifsproto.h
3797 @@ -36,7 +36,7 @@ extern void cifs_buf_release(void *);
3798 extern struct smb_hdr *cifs_small_buf_get(void);
3799 extern void cifs_small_buf_release(void *);
3800 extern int smb_send(struct socket *, struct smb_hdr *,
3801 - unsigned int /* length */ , struct sockaddr *);
3802 + unsigned int /* length */ , struct sockaddr *, bool);
3803 extern unsigned int _GetXid(void);
3804 extern void _FreeXid(unsigned int);
3805 #define GetXid() (int)_GetXid(); cFYI(1,("CIFS VFS: in %s as Xid: %d with uid: %d",__func__, xid,current->fsuid));
3806 diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
3807 index 77a0d1f..8f0f86d 100644
3808 --- a/fs/cifs/cifssmb.c
3809 +++ b/fs/cifs/cifssmb.c
3810 @@ -190,10 +190,10 @@ small_smb_init(int smb_command, int wct, struct cifsTconInfo *tcon,
3811 /* need to prevent multiple threads trying to
3812 simultaneously reconnect the same SMB session */
3813 down(&tcon->ses->sesSem);
3814 - if (tcon->ses->status == CifsNeedReconnect)
3815 + if (tcon->ses->need_reconnect)
3816 rc = cifs_setup_session(0, tcon->ses,
3818 - if (!rc && (tcon->tidStatus == CifsNeedReconnect)) {
3819 + if (!rc && (tcon->need_reconnect)) {
3820 mark_open_files_invalid(tcon);
3821 rc = CIFSTCon(0, tcon->ses, tcon->treeName,
3822 tcon, nls_codepage);
3823 @@ -337,10 +337,10 @@ smb_init(int smb_command, int wct, struct cifsTconInfo *tcon,
3824 /* need to prevent multiple threads trying to
3825 simultaneously reconnect the same SMB session */
3826 down(&tcon->ses->sesSem);
3827 - if (tcon->ses->status == CifsNeedReconnect)
3828 + if (tcon->ses->need_reconnect)
3829 rc = cifs_setup_session(0, tcon->ses,
3831 - if (!rc && (tcon->tidStatus == CifsNeedReconnect)) {
3832 + if (!rc && (tcon->need_reconnect)) {
3833 mark_open_files_invalid(tcon);
3834 rc = CIFSTCon(0, tcon->ses, tcon->treeName,
3835 tcon, nls_codepage);
3836 @@ -664,8 +664,9 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
3841 - if (server->socketUseCount.counter > 1) {
3842 + read_lock(&cifs_tcp_ses_lock);
3843 + if (server->srv_count > 1) {
3844 + read_unlock(&cifs_tcp_ses_lock);
3845 if (memcmp(server->server_GUID,
3846 pSMBr->u.extended_response.
3848 @@ -674,9 +675,11 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
3849 pSMBr->u.extended_response.GUID,
3854 + read_unlock(&cifs_tcp_ses_lock);
3855 memcpy(server->server_GUID,
3856 pSMBr->u.extended_response.GUID, 16);
3860 server->secType = RawNTLMSSP;
3861 @@ -739,50 +742,31 @@ CIFSSMBTDis(const int xid, struct cifsTconInfo *tcon)
3864 cFYI(1, ("In tree disconnect"));
3866 - * If last user of the connection and
3867 - * connection alive - disconnect it
3868 - * If this is the last connection on the server session disconnect it
3869 - * (and inside session disconnect we should check if tcp socket needs
3870 - * to be freed and kernel thread woken up).
3873 - down(&tcon->tconSem);
3877 - atomic_dec(&tcon->useCount);
3878 - if (atomic_read(&tcon->useCount) > 0) {
3879 - up(&tcon->tconSem);
3882 + /* BB: do we need to check this? These should never be NULL. */
3883 + if ((tcon->ses == NULL) || (tcon->ses->server == NULL))
3886 - /* No need to return error on this operation if tid invalidated and
3887 - closed on server already e.g. due to tcp session crashing */
3888 - if (tcon->tidStatus == CifsNeedReconnect) {
3889 - up(&tcon->tconSem);
3891 + * No need to return error on this operation if tid invalidated and
3892 + * closed on server already e.g. due to tcp session crashing. Also,
3893 + * the tcon is no longer on the list, so no need to take lock before
3896 + if (tcon->need_reconnect)
3900 - if ((tcon->ses == NULL) || (tcon->ses->server == NULL)) {
3901 - up(&tcon->tconSem);
3904 rc = small_smb_init(SMB_COM_TREE_DISCONNECT, 0, tcon,
3905 (void **)&smb_buffer);
3907 - up(&tcon->tconSem);
3912 rc = SendReceiveNoRsp(xid, tcon->ses, smb_buffer, 0);
3914 cFYI(1, ("Tree disconnect failed %d", rc));
3916 - up(&tcon->tconSem);
3918 /* No need to return error on this operation if tid invalidated and
3919 - closed on server already e.g. due to tcp session crashing */
3920 + closed on server already e.g. due to tcp session crashing */
3924 @@ -796,43 +780,36 @@ CIFSSMBLogoff(const int xid, struct cifsSesInfo *ses)
3927 cFYI(1, ("In SMBLogoff for session disconnect"));
3929 - down(&ses->sesSem);
3933 + * BB: do we need to check validity of ses and server? They should
3934 + * always be valid since we have an active reference. If not, that
3935 + * should probably be a BUG()
3937 + if (!ses || !ses->server)
3940 - atomic_dec(&ses->inUse);
3941 - if (atomic_read(&ses->inUse) > 0) {
3945 + down(&ses->sesSem);
3946 + if (ses->need_reconnect)
3947 + goto session_already_dead; /* no need to send SMBlogoff if uid
3948 + already closed due to reconnect */
3949 rc = small_smb_init(SMB_COM_LOGOFF_ANDX, 2, NULL, (void **)&pSMB);
3955 - if (ses->server) {
3956 - pSMB->hdr.Mid = GetNextMid(ses->server);
3957 + pSMB->hdr.Mid = GetNextMid(ses->server);
3959 - if (ses->server->secMode &
3960 + if (ses->server->secMode &
3961 (SECMODE_SIGN_REQUIRED | SECMODE_SIGN_ENABLED))
3962 pSMB->hdr.Flags2 |= SMBFLG2_SECURITY_SIGNATURE;
3965 pSMB->hdr.Uid = ses->Suid;
3967 pSMB->AndXCommand = 0xFF;
3968 rc = SendReceiveNoRsp(xid, ses, (struct smb_hdr *) pSMB, 0);
3969 - if (ses->server) {
3970 - atomic_dec(&ses->server->socketUseCount);
3971 - if (atomic_read(&ses->server->socketUseCount) == 0) {
3972 - spin_lock(&GlobalMid_Lock);
3973 - ses->server->tcpStatus = CifsExiting;
3974 - spin_unlock(&GlobalMid_Lock);
3978 +session_already_dead:
3981 /* if session dead then we do not need to do ulogoff,
3982 @@ -1534,7 +1511,7 @@ CIFSSMBWrite(const int xid, struct cifsTconInfo *tcon,
3986 - /* cFYI(1,("write at %lld %d bytes",offset,count));*/
3987 + /* cFYI(1, ("write at %lld %d bytes",offset,count));*/
3988 if (tcon->ses == NULL)
3989 return -ECONNABORTED;
3991 diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
3992 index 4c13bcd..6e2be4a 100644
3993 --- a/fs/cifs/connect.c
3994 +++ b/fs/cifs/connect.c
3995 @@ -90,6 +90,8 @@ struct smb_vol {
3996 bool nocase:1; /* request case insensitive filenames */
3997 bool nobrl:1; /* disable sending byte range locks to srv */
3998 bool seal:1; /* request transport encryption on share */
3999 + bool noblocksnd:1;
4000 + bool noautotune:1;
4003 unsigned int sockopt;
4004 @@ -100,9 +102,11 @@ struct smb_vol {
4005 static int ipv4_connect(struct sockaddr_in *psin_server,
4006 struct socket **csocket,
4008 - char *server_netb_name);
4009 + char *server_netb_name,
4011 + bool nosndbuf); /* ipv6 never set sndbuf size */
4012 static int ipv6_connect(struct sockaddr_in6 *psin_server,
4013 - struct socket **csocket);
4014 + struct socket **csocket, bool noblocksnd);
4018 @@ -118,7 +122,7 @@ static int
4019 cifs_reconnect(struct TCP_Server_Info *server)
4022 - struct list_head *tmp;
4023 + struct list_head *tmp, *tmp2;
4024 struct cifsSesInfo *ses;
4025 struct cifsTconInfo *tcon;
4026 struct mid_q_entry *mid_entry;
4027 @@ -138,23 +142,17 @@ cifs_reconnect(struct TCP_Server_Info *server)
4029 /* before reconnecting the tcp session, mark the smb session (uid)
4030 and the tid bad so they are not used until reconnected */
4031 - read_lock(&GlobalSMBSeslock);
4032 - list_for_each(tmp, &GlobalSMBSessionList) {
4033 - ses = list_entry(tmp, struct cifsSesInfo, cifsSessionList);
4034 - if (ses->server) {
4035 - if (ses->server == server) {
4036 - ses->status = CifsNeedReconnect;
4039 + read_lock(&cifs_tcp_ses_lock);
4040 + list_for_each(tmp, &server->smb_ses_list) {
4041 + ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
4042 + ses->need_reconnect = true;
4044 + list_for_each(tmp2, &ses->tcon_list) {
4045 + tcon = list_entry(tmp2, struct cifsTconInfo, tcon_list);
4046 + tcon->need_reconnect = true;
4048 - /* else tcp and smb sessions need reconnection */
4050 - list_for_each(tmp, &GlobalTreeConnectionList) {
4051 - tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList);
4052 - if ((tcon->ses) && (tcon->ses->server == server))
4053 - tcon->tidStatus = CifsNeedReconnect;
4055 - read_unlock(&GlobalSMBSeslock);
4056 + read_unlock(&cifs_tcp_ses_lock);
4057 /* do not want to be sending data on a socket we are freeing */
4058 down(&server->tcpSem);
4059 if (server->ssocket) {
4060 @@ -186,14 +184,15 @@ cifs_reconnect(struct TCP_Server_Info *server)
4062 while ((!kthread_should_stop()) && (server->tcpStatus != CifsGood)) {
4064 - if (server->protocolType == IPV6) {
4065 + if (server->addr.sockAddr6.sin6_family == AF_INET6) {
4066 rc = ipv6_connect(&server->addr.sockAddr6,
4067 - &server->ssocket);
4068 + &server->ssocket, server->noautotune);
4070 rc = ipv4_connect(&server->addr.sockAddr,
4072 server->workstation_RFC1001_name,
4073 - server->server_RFC1001_name);
4074 + server->server_RFC1001_name,
4075 + server->noblocksnd, server->noautotune);
4078 cFYI(1, ("reconnect error %d", rc));
4079 @@ -409,8 +408,14 @@ incomplete_rcv:
4080 msleep(1); /* minimum sleep to prevent looping
4081 allowing socket to clear and app threads to set
4082 tcpStatus CifsNeedReconnect if server hung */
4083 - if (pdu_length < 4)
4084 + if (pdu_length < 4) {
4085 + iov.iov_base = (4 - pdu_length) +
4086 + (char *)smb_buffer;
4087 + iov.iov_len = pdu_length;
4088 + smb_msg.msg_control = NULL;
4089 + smb_msg.msg_controllen = 0;
4090 goto incomplete_rcv;
4094 } else if (length <= 0) {
4095 @@ -646,6 +651,11 @@ multi_t2_fnd:
4097 } /* end while !EXITING */
4099 + /* take it off the list, if it's not already */
4100 + write_lock(&cifs_tcp_ses_lock);
4101 + list_del_init(&server->tcp_ses_list);
4102 + write_unlock(&cifs_tcp_ses_lock);
4104 spin_lock(&GlobalMid_Lock);
4105 server->tcpStatus = CifsExiting;
4106 spin_unlock(&GlobalMid_Lock);
4107 @@ -686,29 +696,29 @@ multi_t2_fnd:
4108 if (smallbuf) /* no sense logging a debug message if NULL */
4109 cifs_small_buf_release(smallbuf);
4111 - read_lock(&GlobalSMBSeslock);
4113 + * BB: we shouldn't have to do any of this. It shouldn't be
4114 + * possible to exit from the thread with active SMB sessions
4116 + read_lock(&cifs_tcp_ses_lock);
4117 if (list_empty(&server->pending_mid_q)) {
4118 /* loop through server session structures attached to this and
4120 - list_for_each(tmp, &GlobalSMBSessionList) {
4122 - list_entry(tmp, struct cifsSesInfo,
4124 - if (ses->server == server) {
4125 - ses->status = CifsExiting;
4126 - ses->server = NULL;
4128 + list_for_each(tmp, &server->smb_ses_list) {
4129 + ses = list_entry(tmp, struct cifsSesInfo,
4131 + ses->status = CifsExiting;
4132 + ses->server = NULL;
4134 - read_unlock(&GlobalSMBSeslock);
4135 + read_unlock(&cifs_tcp_ses_lock);
4137 /* although we can not zero the server struct pointer yet,
4138 since there are active requests which may depnd on them,
4139 mark the corresponding SMB sessions as exiting too */
4140 - list_for_each(tmp, &GlobalSMBSessionList) {
4141 + list_for_each(tmp, &server->smb_ses_list) {
4142 ses = list_entry(tmp, struct cifsSesInfo,
4144 - if (ses->server == server)
4145 - ses->status = CifsExiting;
4147 + ses->status = CifsExiting;
4150 spin_lock(&GlobalMid_Lock);
4151 @@ -723,7 +733,7 @@ multi_t2_fnd:
4154 spin_unlock(&GlobalMid_Lock);
4155 - read_unlock(&GlobalSMBSeslock);
4156 + read_unlock(&cifs_tcp_ses_lock);
4157 /* 1/8th of sec is more than enough time for them to exit */
4160 @@ -745,14 +755,13 @@ multi_t2_fnd:
4161 if there are any pointing to this (e.g
4162 if a crazy root user tried to kill cifsd
4163 kernel thread explicitly this might happen) */
4164 - write_lock(&GlobalSMBSeslock);
4165 - list_for_each(tmp, &GlobalSMBSessionList) {
4166 - ses = list_entry(tmp, struct cifsSesInfo,
4168 - if (ses->server == server)
4169 - ses->server = NULL;
4170 + /* BB: This shouldn't be necessary, see above */
4171 + read_lock(&cifs_tcp_ses_lock);
4172 + list_for_each(tmp, &server->smb_ses_list) {
4173 + ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
4174 + ses->server = NULL;
4176 - write_unlock(&GlobalSMBSeslock);
4177 + read_unlock(&cifs_tcp_ses_lock);
4179 kfree(server->hostname);
4181 @@ -1186,6 +1195,10 @@ cifs_parse_mount_options(char *options, const char *devname,
4183 } else if (strnicmp(data, "rw", 2) == 0) {
4185 + } else if (strnicmp(data, "noblocksnd", 11) == 0) {
4186 + vol->noblocksnd = true;
4187 + } else if (strnicmp(data, "noautotune", 10) == 0) {
4188 + vol->noautotune = true;
4189 } else if ((strnicmp(data, "suid", 4) == 0) ||
4190 (strnicmp(data, "nosuid", 6) == 0) ||
4191 (strnicmp(data, "exec", 4) == 0) ||
4192 @@ -1331,94 +1344,158 @@ cifs_parse_mount_options(char *options, const char *devname,
4196 -static struct cifsSesInfo *
4197 -cifs_find_tcp_session(struct in_addr *target_ip_addr,
4198 - struct in6_addr *target_ip6_addr,
4199 - char *userName, struct TCP_Server_Info **psrvTcp)
4200 +static struct TCP_Server_Info *
4201 +cifs_find_tcp_session(struct sockaddr *addr)
4203 struct list_head *tmp;
4204 - struct cifsSesInfo *ses;
4207 + struct TCP_Server_Info *server;
4208 + struct sockaddr_in *addr4 = (struct sockaddr_in *) addr;
4209 + struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) addr;
4211 + write_lock(&cifs_tcp_ses_lock);
4212 + list_for_each(tmp, &cifs_tcp_ses_list) {
4213 + server = list_entry(tmp, struct TCP_Server_Info,
4216 + * the demux thread can exit on its own while still in CifsNew
4217 + * so don't accept any sockets in that state. Since the
4218 + * tcpStatus never changes back to CifsNew it's safe to check
4219 + * for this without a lock.
4221 + if (server->tcpStatus == CifsNew)
4224 - read_lock(&GlobalSMBSeslock);
4225 - list_for_each(tmp, &GlobalSMBSessionList) {
4226 - ses = list_entry(tmp, struct cifsSesInfo, cifsSessionList);
4228 + if (addr->sa_family == AF_INET &&
4229 + (addr4->sin_addr.s_addr !=
4230 + server->addr.sockAddr.sin_addr.s_addr))
4232 + else if (addr->sa_family == AF_INET6 &&
4233 + memcmp(&server->addr.sockAddr6.sin6_addr,
4234 + &addr6->sin6_addr, sizeof(addr6->sin6_addr)))
4237 - if (target_ip_addr &&
4238 - ses->server->addr.sockAddr.sin_addr.s_addr != target_ip_addr->s_addr)
4240 - else if (target_ip6_addr &&
4241 - memcmp(&ses->server->addr.sockAddr6.sin6_addr,
4242 - target_ip6_addr, sizeof(*target_ip6_addr)))
4244 - /* BB lock server and tcp session; increment use count here?? */
4245 + ++server->srv_count;
4246 + write_unlock(&cifs_tcp_ses_lock);
4247 + cFYI(1, ("Existing tcp session with server found"));
4250 + write_unlock(&cifs_tcp_ses_lock);
4254 - /* found a match on the TCP session */
4255 - *psrvTcp = ses->server;
4257 +cifs_put_tcp_session(struct TCP_Server_Info *server)
4259 + struct task_struct *task;
4261 - /* BB check if reconnection needed */
4262 - if (strncmp(ses->userName, userName, MAX_USERNAME_SIZE) == 0) {
4263 - read_unlock(&GlobalSMBSeslock);
4264 - /* Found exact match on both TCP and
4268 - /* else tcp and smb sessions need reconnection */
4269 + write_lock(&cifs_tcp_ses_lock);
4270 + if (--server->srv_count > 0) {
4271 + write_unlock(&cifs_tcp_ses_lock);
4274 - read_unlock(&GlobalSMBSeslock);
4277 + list_del_init(&server->tcp_ses_list);
4278 + write_unlock(&cifs_tcp_ses_lock);
4280 + spin_lock(&GlobalMid_Lock);
4281 + server->tcpStatus = CifsExiting;
4282 + spin_unlock(&GlobalMid_Lock);
4284 + task = xchg(&server->tsk, NULL);
4286 + force_sig(SIGKILL, task);
4289 -static struct cifsTconInfo *
4290 -find_unc(__be32 new_target_ip_addr, char *uncName, char *userName)
4291 +static struct cifsSesInfo *
4292 +cifs_find_smb_ses(struct TCP_Server_Info *server, char *username)
4294 struct list_head *tmp;
4295 - struct cifsTconInfo *tcon;
4298 - read_lock(&GlobalSMBSeslock);
4299 + struct cifsSesInfo *ses;
4301 - list_for_each(tmp, &GlobalTreeConnectionList) {
4302 - cFYI(1, ("Next tcon"));
4303 - tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList);
4304 - if (!tcon->ses || !tcon->ses->server)
4305 + write_lock(&cifs_tcp_ses_lock);
4306 + list_for_each(tmp, &server->smb_ses_list) {
4307 + ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
4308 + if (strncmp(ses->userName, username, MAX_USERNAME_SIZE))
4311 - old_ip = tcon->ses->server->addr.sockAddr.sin_addr.s_addr;
4312 - cFYI(1, ("old ip addr: %x == new ip %x ?",
4313 - old_ip, new_target_ip_addr));
4315 + write_unlock(&cifs_tcp_ses_lock);
4318 + write_unlock(&cifs_tcp_ses_lock);
4322 - if (old_ip != new_target_ip_addr)
4325 +cifs_put_smb_ses(struct cifsSesInfo *ses)
4328 + struct TCP_Server_Info *server = ses->server;
4330 - /* BB lock tcon, server, tcp session and increment use count? */
4331 - /* found a match on the TCP session */
4332 - /* BB check if reconnection needed */
4333 - cFYI(1, ("IP match, old UNC: %s new: %s",
4334 - tcon->treeName, uncName));
4335 + write_lock(&cifs_tcp_ses_lock);
4336 + if (--ses->ses_count > 0) {
4337 + write_unlock(&cifs_tcp_ses_lock);
4341 - if (strncmp(tcon->treeName, uncName, MAX_TREE_SIZE))
4343 + list_del_init(&ses->smb_ses_list);
4344 + write_unlock(&cifs_tcp_ses_lock);
4346 + if (ses->status == CifsGood) {
4348 + CIFSSMBLogoff(xid, ses);
4352 + cifs_put_tcp_session(server);
4355 - cFYI(1, ("and old usr: %s new: %s",
4356 - tcon->treeName, uncName));
4357 +static struct cifsTconInfo *
4358 +cifs_find_tcon(struct cifsSesInfo *ses, const char *unc)
4360 + struct list_head *tmp;
4361 + struct cifsTconInfo *tcon;
4363 - if (strncmp(tcon->ses->userName, userName, MAX_USERNAME_SIZE))
4364 + write_lock(&cifs_tcp_ses_lock);
4365 + list_for_each(tmp, &ses->tcon_list) {
4366 + tcon = list_entry(tmp, struct cifsTconInfo, tcon_list);
4367 + if (tcon->tidStatus == CifsExiting)
4369 + if (strncmp(tcon->treeName, unc, MAX_TREE_SIZE))
4372 - /* matched smb session (user name) */
4373 - read_unlock(&GlobalSMBSeslock);
4375 + write_unlock(&cifs_tcp_ses_lock);
4379 - read_unlock(&GlobalSMBSeslock);
4380 + write_unlock(&cifs_tcp_ses_lock);
4385 +cifs_put_tcon(struct cifsTconInfo *tcon)
4388 + struct cifsSesInfo *ses = tcon->ses;
4390 + write_lock(&cifs_tcp_ses_lock);
4391 + if (--tcon->tc_count > 0) {
4392 + write_unlock(&cifs_tcp_ses_lock);
4396 + list_del_init(&tcon->tcon_list);
4397 + write_unlock(&cifs_tcp_ses_lock);
4400 + CIFSSMBTDis(xid, tcon);
4403 + DeleteTconOplockQEntries(tcon);
4404 + tconInfoFree(tcon);
4405 + cifs_put_smb_ses(ses);
4409 get_dfs_path(int xid, struct cifsSesInfo *pSesInfo, const char *old_path,
4410 const struct nls_table *nls_codepage, unsigned int *pnum_referrals,
4411 @@ -1506,7 +1583,8 @@ static void rfc1002mangle(char *target, char *source, unsigned int length)
4414 ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket,
4415 - char *netbios_name, char *target_name)
4416 + char *netbios_name, char *target_name,
4417 + bool noblocksnd, bool noautotune)
4421 @@ -1578,11 +1656,15 @@ ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket,
4422 (*csocket)->sk->sk_sndbuf,
4423 (*csocket)->sk->sk_rcvbuf, (*csocket)->sk->sk_rcvtimeo));
4424 (*csocket)->sk->sk_rcvtimeo = 7 * HZ;
4426 + (*csocket)->sk->sk_sndtimeo = 3 * HZ;
4427 /* make the bufsizes depend on wsize/rsize and max requests */
4428 - if ((*csocket)->sk->sk_sndbuf < (200 * 1024))
4429 - (*csocket)->sk->sk_sndbuf = 200 * 1024;
4430 - if ((*csocket)->sk->sk_rcvbuf < (140 * 1024))
4431 - (*csocket)->sk->sk_rcvbuf = 140 * 1024;
4433 + if ((*csocket)->sk->sk_sndbuf < (200 * 1024))
4434 + (*csocket)->sk->sk_sndbuf = 200 * 1024;
4435 + if ((*csocket)->sk->sk_rcvbuf < (140 * 1024))
4436 + (*csocket)->sk->sk_rcvbuf = 140 * 1024;
4439 /* send RFC1001 sessinit */
4440 if (psin_server->sin_port == htons(RFC1001_PORT)) {
4441 @@ -1619,7 +1701,7 @@ ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket,
4442 /* sizeof RFC1002_SESSION_REQUEST with no scope */
4443 smb_buf->smb_buf_length = 0x81000044;
4444 rc = smb_send(*csocket, smb_buf, 0x44,
4445 - (struct sockaddr *)psin_server);
4446 + (struct sockaddr *)psin_server, noblocksnd);
4447 kfree(ses_init_buf);
4448 msleep(1); /* RFC1001 layer in at least one server
4449 requires very short break before negprot
4450 @@ -1639,7 +1721,8 @@ ipv4_connect(struct sockaddr_in *psin_server, struct socket **csocket,
4454 -ipv6_connect(struct sockaddr_in6 *psin_server, struct socket **csocket)
4455 +ipv6_connect(struct sockaddr_in6 *psin_server, struct socket **csocket,
4460 @@ -1708,6 +1791,8 @@ ipv6_connect(struct sockaddr_in6 *psin_server, struct socket **csocket)
4461 the default. sock_setsockopt not used because it expects
4462 user space buffer */
4463 (*csocket)->sk->sk_rcvtimeo = 7 * HZ;
4465 + (*csocket)->sk->sk_sndtimeo = 3 * HZ;
4469 @@ -1845,19 +1930,104 @@ convert_delimiter(char *path, char delim)
4473 +static void setup_cifs_sb(struct smb_vol *pvolume_info,
4474 + struct cifs_sb_info *cifs_sb)
4476 + if (pvolume_info->rsize > CIFSMaxBufSize) {
4477 + cERROR(1, ("rsize %d too large, using MaxBufSize",
4478 + pvolume_info->rsize));
4479 + cifs_sb->rsize = CIFSMaxBufSize;
4480 + } else if ((pvolume_info->rsize) &&
4481 + (pvolume_info->rsize <= CIFSMaxBufSize))
4482 + cifs_sb->rsize = pvolume_info->rsize;
4483 + else /* default */
4484 + cifs_sb->rsize = CIFSMaxBufSize;
4486 + if (pvolume_info->wsize > PAGEVEC_SIZE * PAGE_CACHE_SIZE) {
4487 + cERROR(1, ("wsize %d too large, using 4096 instead",
4488 + pvolume_info->wsize));
4489 + cifs_sb->wsize = 4096;
4490 + } else if (pvolume_info->wsize)
4491 + cifs_sb->wsize = pvolume_info->wsize;
4493 + cifs_sb->wsize = min_t(const int,
4494 + PAGEVEC_SIZE * PAGE_CACHE_SIZE,
4496 + /* old default of CIFSMaxBufSize was too small now
4497 + that SMB Write2 can send multiple pages in kvec.
4498 + RFC1001 does not describe what happens when frame
4499 + bigger than 128K is sent so use that as max in
4500 + conjunction with 52K kvec constraint on arch with 4K
4503 + if (cifs_sb->rsize < 2048) {
4504 + cifs_sb->rsize = 2048;
4505 + /* Windows ME may prefer this */
4506 + cFYI(1, ("readsize set to minimum: 2048"));
4508 + /* calculate prepath */
4509 + cifs_sb->prepath = pvolume_info->prepath;
4510 + if (cifs_sb->prepath) {
4511 + cifs_sb->prepathlen = strlen(cifs_sb->prepath);
4512 + /* we can not convert the / to \ in the path
4513 + separators in the prefixpath yet because we do not
4514 + know (until reset_cifs_unix_caps is called later)
4515 + whether POSIX PATH CAP is available. We normalize
4516 + the / to \ after reset_cifs_unix_caps is called */
4517 + pvolume_info->prepath = NULL;
4519 + cifs_sb->prepathlen = 0;
4520 + cifs_sb->mnt_uid = pvolume_info->linux_uid;
4521 + cifs_sb->mnt_gid = pvolume_info->linux_gid;
4522 + cifs_sb->mnt_file_mode = pvolume_info->file_mode;
4523 + cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
4524 + cFYI(1, ("file mode: 0x%x dir mode: 0x%x",
4525 + cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode));
4527 + if (pvolume_info->noperm)
4528 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
4529 + if (pvolume_info->setuids)
4530 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
4531 + if (pvolume_info->server_ino)
4532 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
4533 + if (pvolume_info->remap)
4534 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
4535 + if (pvolume_info->no_xattr)
4536 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
4537 + if (pvolume_info->sfu_emul)
4538 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
4539 + if (pvolume_info->nobrl)
4540 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
4541 + if (pvolume_info->cifs_acl)
4542 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
4543 + if (pvolume_info->override_uid)
4544 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
4545 + if (pvolume_info->override_gid)
4546 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
4547 + if (pvolume_info->dynperm)
4548 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
4549 + if (pvolume_info->direct_io) {
4550 + cFYI(1, ("mounting share using direct i/o"));
4551 + cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
4554 + if ((pvolume_info->cifs_acl) && (pvolume_info->dynperm))
4555 + cERROR(1, ("mount option dynperm ignored if cifsacl "
4556 + "mount option supported"));
4560 cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
4561 char *mount_data, const char *devname)
4565 - int address_type = AF_INET;
4566 struct socket *csocket = NULL;
4567 - struct sockaddr_in sin_server;
4568 - struct sockaddr_in6 sin_server6;
4569 + struct sockaddr addr;
4570 + struct sockaddr_in *sin_server = (struct sockaddr_in *) &addr;
4571 + struct sockaddr_in6 *sin_server6 = (struct sockaddr_in6 *) &addr;
4572 struct smb_vol volume_info;
4573 struct cifsSesInfo *pSesInfo = NULL;
4574 - struct cifsSesInfo *existingCifsSes = NULL;
4575 struct cifsTconInfo *tcon = NULL;
4576 struct TCP_Server_Info *srvTcp = NULL;
4578 @@ -1865,6 +2035,7 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
4580 /* cFYI(1, ("Entering cifs_mount. Xid: %d with: %s", xid, mount_data)); */
4582 + memset(&addr, 0, sizeof(struct sockaddr));
4583 memset(&volume_info, 0, sizeof(struct smb_vol));
4584 if (cifs_parse_mount_options(mount_data, devname, &volume_info)) {
4586 @@ -1887,16 +2058,16 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
4588 if (volume_info.UNCip && volume_info.UNC) {
4589 rc = cifs_inet_pton(AF_INET, volume_info.UNCip,
4590 - &sin_server.sin_addr.s_addr);
4591 + &sin_server->sin_addr.s_addr);
4594 /* not ipv4 address, try ipv6 */
4595 rc = cifs_inet_pton(AF_INET6, volume_info.UNCip,
4596 - &sin_server6.sin6_addr.in6_u);
4597 + &sin_server6->sin6_addr.in6_u);
4599 - address_type = AF_INET6;
4600 + addr.sa_family = AF_INET6;
4602 - address_type = AF_INET;
4603 + addr.sa_family = AF_INET;
4607 @@ -1936,38 +2107,25 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
4611 - if (address_type == AF_INET)
4612 - existingCifsSes = cifs_find_tcp_session(&sin_server.sin_addr,
4613 - NULL /* no ipv6 addr */,
4614 - volume_info.username, &srvTcp);
4615 - else if (address_type == AF_INET6) {
4616 - cFYI(1, ("looking for ipv6 address"));
4617 - existingCifsSes = cifs_find_tcp_session(NULL /* no ipv4 addr */,
4618 - &sin_server6.sin6_addr,
4619 - volume_info.username, &srvTcp);
4626 - cFYI(1, ("Existing tcp session with server found"));
4627 - } else { /* create socket */
4628 - if (volume_info.port)
4629 - sin_server.sin_port = htons(volume_info.port);
4631 - sin_server.sin_port = 0;
4632 - if (address_type == AF_INET6) {
4633 + srvTcp = cifs_find_tcp_session(&addr);
4634 + if (!srvTcp) { /* create socket */
4635 + if (addr.sa_family == AF_INET6) {
4636 cFYI(1, ("attempting ipv6 connect"));
4637 /* BB should we allow ipv6 on port 139? */
4638 /* other OS never observed in Wild doing 139 with v6 */
4639 - rc = ipv6_connect(&sin_server6, &csocket);
4641 - rc = ipv4_connect(&sin_server, &csocket,
4642 - volume_info.source_rfc1001_name,
4643 - volume_info.target_rfc1001_name);
4644 + sin_server6->sin6_port = htons(volume_info.port);
4645 + rc = ipv6_connect(sin_server6, &csocket,
4646 + volume_info.noblocksnd);
4648 + sin_server->sin_port = htons(volume_info.port);
4649 + rc = ipv4_connect(sin_server, &csocket,
4650 + volume_info.source_rfc1001_name,
4651 + volume_info.target_rfc1001_name,
4652 + volume_info.noblocksnd,
4653 + volume_info.noautotune);
4656 - cERROR(1, ("Error connecting to IPv4 socket. "
4657 + cERROR(1, ("Error connecting to socket. "
4658 "Aborting operation"));
4659 if (csocket != NULL)
4660 sock_release(csocket);
4661 @@ -1980,12 +2138,17 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
4662 sock_release(csocket);
4665 - memcpy(&srvTcp->addr.sockAddr, &sin_server,
4666 - sizeof(struct sockaddr_in));
4667 + srvTcp->noblocksnd = volume_info.noblocksnd;
4668 + srvTcp->noautotune = volume_info.noautotune;
4669 + if (addr.sa_family == AF_INET6)
4670 + memcpy(&srvTcp->addr.sockAddr6, sin_server6,
4671 + sizeof(struct sockaddr_in6));
4673 + memcpy(&srvTcp->addr.sockAddr, sin_server,
4674 + sizeof(struct sockaddr_in));
4675 atomic_set(&srvTcp->inFlight, 0);
4676 /* BB Add code for ipv6 case too */
4677 srvTcp->ssocket = csocket;
4678 - srvTcp->protocolType = IPV4;
4679 srvTcp->hostname = extract_hostname(volume_info.UNC);
4680 if (IS_ERR(srvTcp->hostname)) {
4681 rc = PTR_ERR(srvTcp->hostname);
4682 @@ -2015,15 +2178,28 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
4683 memcpy(srvTcp->server_RFC1001_name,
4684 volume_info.target_rfc1001_name, 16);
4685 srvTcp->sequence_number = 0;
4686 + INIT_LIST_HEAD(&srvTcp->tcp_ses_list);
4687 + INIT_LIST_HEAD(&srvTcp->smb_ses_list);
4688 + ++srvTcp->srv_count;
4689 + write_lock(&cifs_tcp_ses_lock);
4690 + list_add(&srvTcp->tcp_ses_list,
4691 + &cifs_tcp_ses_list);
4692 + write_unlock(&cifs_tcp_ses_lock);
4696 - if (existingCifsSes) {
4697 - pSesInfo = existingCifsSes;
4698 + pSesInfo = cifs_find_smb_ses(srvTcp, volume_info.username);
4700 cFYI(1, ("Existing smb sess found (status=%d)",
4703 + * The existing SMB session already has a reference to srvTcp,
4704 + * so we can put back the extra one we got before
4706 + cifs_put_tcp_session(srvTcp);
4708 down(&pSesInfo->sesSem);
4709 - if (pSesInfo->status == CifsNeedReconnect) {
4710 + if (pSesInfo->need_reconnect) {
4711 cFYI(1, ("Session needs reconnect"));
4712 rc = cifs_setup_session(xid, pSesInfo,
4713 cifs_sb->local_nls);
4714 @@ -2032,180 +2208,94 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
4716 cFYI(1, ("Existing smb sess not found"));
4717 pSesInfo = sesInfoAlloc();
4718 - if (pSesInfo == NULL)
4719 + if (pSesInfo == NULL) {
4722 - pSesInfo->server = srvTcp;
4723 - sprintf(pSesInfo->serverName, "%u.%u.%u.%u",
4724 - NIPQUAD(sin_server.sin_addr.s_addr));
4726 + goto mount_fail_check;
4729 + /* new SMB session uses our srvTcp ref */
4730 + pSesInfo->server = srvTcp;
4731 + sprintf(pSesInfo->serverName, "%u.%u.%u.%u",
4732 + NIPQUAD(sin_server->sin_addr.s_addr));
4734 + write_lock(&cifs_tcp_ses_lock);
4735 + list_add(&pSesInfo->smb_ses_list, &srvTcp->smb_ses_list);
4736 + write_unlock(&cifs_tcp_ses_lock);
4738 + /* volume_info.password freed at unmount */
4739 + if (volume_info.password) {
4740 + pSesInfo->password = volume_info.password;
4741 + /* set to NULL to prevent freeing on exit */
4742 + volume_info.password = NULL;
4744 + if (volume_info.username)
4745 + strncpy(pSesInfo->userName, volume_info.username,
4746 + MAX_USERNAME_SIZE);
4747 + if (volume_info.domainname) {
4748 + int len = strlen(volume_info.domainname);
4749 + pSesInfo->domainName = kmalloc(len + 1, GFP_KERNEL);
4750 + if (pSesInfo->domainName)
4751 + strcpy(pSesInfo->domainName,
4752 + volume_info.domainname);
4754 + pSesInfo->linux_uid = volume_info.linux_uid;
4755 + pSesInfo->overrideSecFlg = volume_info.secFlg;
4756 + down(&pSesInfo->sesSem);
4759 - /* volume_info.password freed at unmount */
4760 - if (volume_info.password) {
4761 - pSesInfo->password = volume_info.password;
4762 - /* set to NULL to prevent freeing on exit */
4763 - volume_info.password = NULL;
4765 - if (volume_info.username)
4766 - strncpy(pSesInfo->userName,
4767 - volume_info.username,
4768 - MAX_USERNAME_SIZE);
4769 - if (volume_info.domainname) {
4770 - int len = strlen(volume_info.domainname);
4771 - pSesInfo->domainName =
4772 - kmalloc(len + 1, GFP_KERNEL);
4773 - if (pSesInfo->domainName)
4774 - strcpy(pSesInfo->domainName,
4775 - volume_info.domainname);
4777 - pSesInfo->linux_uid = volume_info.linux_uid;
4778 - pSesInfo->overrideSecFlg = volume_info.secFlg;
4779 - down(&pSesInfo->sesSem);
4780 - /* BB FIXME need to pass vol->secFlgs BB */
4781 - rc = cifs_setup_session(xid, pSesInfo,
4782 - cifs_sb->local_nls);
4783 - up(&pSesInfo->sesSem);
4785 - atomic_inc(&srvTcp->socketUseCount);
4787 + /* BB FIXME need to pass vol->secFlgs BB */
4788 + rc = cifs_setup_session(xid, pSesInfo,
4789 + cifs_sb->local_nls);
4790 + up(&pSesInfo->sesSem);
4793 /* search for existing tcon to this server share */
4795 - if (volume_info.rsize > CIFSMaxBufSize) {
4796 - cERROR(1, ("rsize %d too large, using MaxBufSize",
4797 - volume_info.rsize));
4798 - cifs_sb->rsize = CIFSMaxBufSize;
4799 - } else if ((volume_info.rsize) &&
4800 - (volume_info.rsize <= CIFSMaxBufSize))
4801 - cifs_sb->rsize = volume_info.rsize;
4802 - else /* default */
4803 - cifs_sb->rsize = CIFSMaxBufSize;
4805 - if (volume_info.wsize > PAGEVEC_SIZE * PAGE_CACHE_SIZE) {
4806 - cERROR(1, ("wsize %d too large, using 4096 instead",
4807 - volume_info.wsize));
4808 - cifs_sb->wsize = 4096;
4809 - } else if (volume_info.wsize)
4810 - cifs_sb->wsize = volume_info.wsize;
4813 - min_t(const int, PAGEVEC_SIZE * PAGE_CACHE_SIZE,
4815 - /* old default of CIFSMaxBufSize was too small now
4816 - that SMB Write2 can send multiple pages in kvec.
4817 - RFC1001 does not describe what happens when frame
4818 - bigger than 128K is sent so use that as max in
4819 - conjunction with 52K kvec constraint on arch with 4K
4822 - if (cifs_sb->rsize < 2048) {
4823 - cifs_sb->rsize = 2048;
4824 - /* Windows ME may prefer this */
4825 - cFYI(1, ("readsize set to minimum: 2048"));
4827 - /* calculate prepath */
4828 - cifs_sb->prepath = volume_info.prepath;
4829 - if (cifs_sb->prepath) {
4830 - cifs_sb->prepathlen = strlen(cifs_sb->prepath);
4831 - /* we can not convert the / to \ in the path
4832 - separators in the prefixpath yet because we do not
4833 - know (until reset_cifs_unix_caps is called later)
4834 - whether POSIX PATH CAP is available. We normalize
4835 - the / to \ after reset_cifs_unix_caps is called */
4836 - volume_info.prepath = NULL;
4838 - cifs_sb->prepathlen = 0;
4839 - cifs_sb->mnt_uid = volume_info.linux_uid;
4840 - cifs_sb->mnt_gid = volume_info.linux_gid;
4841 - cifs_sb->mnt_file_mode = volume_info.file_mode;
4842 - cifs_sb->mnt_dir_mode = volume_info.dir_mode;
4843 - cFYI(1, ("file mode: 0x%x dir mode: 0x%x",
4844 - cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode));
4846 - if (volume_info.noperm)
4847 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_PERM;
4848 - if (volume_info.setuids)
4849 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SET_UID;
4850 - if (volume_info.server_ino)
4851 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_SERVER_INUM;
4852 - if (volume_info.remap)
4853 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_MAP_SPECIAL_CHR;
4854 - if (volume_info.no_xattr)
4855 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_XATTR;
4856 - if (volume_info.sfu_emul)
4857 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_UNX_EMUL;
4858 - if (volume_info.nobrl)
4859 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_NO_BRL;
4860 - if (volume_info.cifs_acl)
4861 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
4862 - if (volume_info.override_uid)
4863 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
4864 - if (volume_info.override_gid)
4865 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_GID;
4866 - if (volume_info.dynperm)
4867 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DYNPERM;
4868 - if (volume_info.direct_io) {
4869 - cFYI(1, ("mounting share using direct i/o"));
4870 - cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_DIRECT_IO;
4873 - if ((volume_info.cifs_acl) && (volume_info.dynperm))
4874 - cERROR(1, ("mount option dynperm ignored if cifsacl "
4875 - "mount option supported"));
4878 - find_unc(sin_server.sin_addr.s_addr, volume_info.UNC,
4879 - volume_info.username);
4880 + setup_cifs_sb(&volume_info, cifs_sb);
4881 + tcon = cifs_find_tcon(pSesInfo, volume_info.UNC);
4883 cFYI(1, ("Found match on UNC path"));
4884 - /* we can have only one retry value for a connection
4885 - to a share so for resources mounted more than once
4886 - to the same server share the last value passed in
4887 - for the retry flag is used */
4888 - tcon->retry = volume_info.retry;
4889 - tcon->nocase = volume_info.nocase;
4890 + /* existing tcon already has a reference */
4891 + cifs_put_smb_ses(pSesInfo);
4892 if (tcon->seal != volume_info.seal)
4893 cERROR(1, ("transport encryption setting "
4894 "conflicts with existing tid"));
4896 tcon = tconInfoAlloc();
4898 + if (tcon == NULL) {
4901 - /* check for null share name ie connecting to
4904 - /* BB check if this works for exactly length
4905 - * three strings */
4906 - if ((strchr(volume_info.UNC + 3, '\\') == NULL)
4907 - && (strchr(volume_info.UNC + 3, '/') ==
4909 -/* rc = connect_to_dfs_path(xid, pSesInfo,
4910 - "", cifs_sb->local_nls,
4911 - cifs_sb->mnt_cifs_flags &
4912 - CIFS_MOUNT_MAP_SPECIAL_CHR);*/
4913 - cFYI(1, ("DFS root not supported"));
4917 - /* BB Do we need to wrap sesSem around
4918 - * this TCon call and Unix SetFS as
4919 - * we do on SessSetup and reconnect? */
4920 - rc = CIFSTCon(xid, pSesInfo,
4922 - tcon, cifs_sb->local_nls);
4923 - cFYI(1, ("CIFS Tcon rc = %d", rc));
4926 - atomic_inc(&pSesInfo->inUse);
4927 - tcon->retry = volume_info.retry;
4928 - tcon->nocase = volume_info.nocase;
4929 - tcon->seal = volume_info.seal;
4931 + goto mount_fail_check;
4933 + tcon->ses = pSesInfo;
4935 + /* check for null share name ie connect to dfs root */
4936 + if ((strchr(volume_info.UNC + 3, '\\') == NULL)
4937 + && (strchr(volume_info.UNC + 3, '/') == NULL)) {
4938 + /* rc = connect_to_dfs_path(...) */
4939 + cFYI(1, ("DFS root not supported"));
4941 + goto mount_fail_check;
4943 + /* BB Do we need to wrap sesSem around
4944 + * this TCon call and Unix SetFS as
4945 + * we do on SessSetup and reconnect? */
4946 + rc = CIFSTCon(xid, pSesInfo, volume_info.UNC,
4947 + tcon, cifs_sb->local_nls);
4948 + cFYI(1, ("CIFS Tcon rc = %d", rc));
4951 + goto mount_fail_check;
4952 + tcon->seal = volume_info.seal;
4953 + write_lock(&cifs_tcp_ses_lock);
4954 + list_add(&tcon->tcon_list, &pSesInfo->tcon_list);
4955 + write_unlock(&cifs_tcp_ses_lock);
4958 + /* we can have only one retry value for a connection
4959 + to a share so for resources mounted more than once
4960 + to the same server share the last value passed in
4961 + for the retry flag is used */
4962 + tcon->retry = volume_info.retry;
4963 + tcon->nocase = volume_info.nocase;
4966 if (pSesInfo->capabilities & CAP_LARGE_FILES) {
4967 @@ -2217,91 +2307,49 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
4968 /* BB FIXME fix time_gran to be larger for LANMAN sessions */
4969 sb->s_time_gran = 100;
4971 -/* on error free sesinfo and tcon struct if needed */
4972 + /* on error free sesinfo and tcon struct if needed */
4975 - /* if session setup failed, use count is zero but
4976 - we still need to free cifsd thread */
4977 - if (atomic_read(&srvTcp->socketUseCount) == 0) {
4978 - spin_lock(&GlobalMid_Lock);
4979 - srvTcp->tcpStatus = CifsExiting;
4980 - spin_unlock(&GlobalMid_Lock);
4981 - if (srvTcp->tsk) {
4982 - /* If we could verify that kthread_stop would
4983 - always wake up processes blocked in
4984 - tcp in recv_mesg then we could remove the
4986 - force_sig(SIGKILL, srvTcp->tsk);
4987 - kthread_stop(srvTcp->tsk);
4990 /* If find_unc succeeded then rc == 0 so we can not end */
4991 - if (tcon) /* up accidently freeing someone elses tcon struct */
4992 - tconInfoFree(tcon);
4993 - if (existingCifsSes == NULL) {
4995 - if ((pSesInfo->server) &&
4996 - (pSesInfo->status == CifsGood)) {
4998 - temp_rc = CIFSSMBLogoff(xid, pSesInfo);
4999 - /* if the socketUseCount is now zero */
5000 - if ((temp_rc == -ESHUTDOWN) &&
5001 - (pSesInfo->server) &&
5002 - (pSesInfo->server->tsk)) {
5003 - force_sig(SIGKILL,
5004 - pSesInfo->server->tsk);
5005 - kthread_stop(pSesInfo->server->tsk);
5008 - cFYI(1, ("No session or bad tcon"));
5009 - if ((pSesInfo->server) &&
5010 - (pSesInfo->server->tsk)) {
5011 - force_sig(SIGKILL,
5012 - pSesInfo->server->tsk);
5013 - kthread_stop(pSesInfo->server->tsk);
5016 - sesInfoFree(pSesInfo);
5017 - /* pSesInfo = NULL; */
5021 - atomic_inc(&tcon->useCount);
5022 - cifs_sb->tcon = tcon;
5023 - tcon->ses = pSesInfo;
5025 - /* do not care if following two calls succeed - informational */
5027 - CIFSSMBQFSDeviceInfo(xid, tcon);
5028 - CIFSSMBQFSAttributeInfo(xid, tcon);
5031 - /* tell server which Unix caps we support */
5032 - if (tcon->ses->capabilities & CAP_UNIX)
5033 - /* reset of caps checks mount to see if unix extensions
5034 - disabled for just this mount */
5035 - reset_cifs_unix_caps(xid, tcon, sb, &volume_info);
5036 + /* up accidently freeing someone elses tcon struct */
5038 + cifs_put_tcon(tcon);
5039 + else if (pSesInfo)
5040 + cifs_put_smb_ses(pSesInfo);
5042 - tcon->unix_ext = 0; /* server does not support them */
5043 + cifs_put_tcp_session(srvTcp);
5046 + cifs_sb->tcon = tcon;
5048 - /* convert forward to back slashes in prepath here if needed */
5049 - if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
5050 - convert_delimiter(cifs_sb->prepath,
5051 - CIFS_DIR_SEP(cifs_sb));
5052 + /* do not care if following two calls succeed - informational */
5054 + CIFSSMBQFSDeviceInfo(xid, tcon);
5055 + CIFSSMBQFSAttributeInfo(xid, tcon);
5058 - if ((tcon->unix_ext == 0) && (cifs_sb->rsize > (1024 * 127))) {
5059 - cifs_sb->rsize = 1024 * 127;
5061 - ("no very large read support, rsize now 127K"));
5063 - if (!(tcon->ses->capabilities & CAP_LARGE_WRITE_X))
5064 - cifs_sb->wsize = min(cifs_sb->wsize,
5065 - (tcon->ses->server->maxBuf -
5066 - MAX_CIFS_HDR_SIZE));
5067 - if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
5068 - cifs_sb->rsize = min(cifs_sb->rsize,
5069 - (tcon->ses->server->maxBuf -
5070 - MAX_CIFS_HDR_SIZE));
5071 + /* tell server which Unix caps we support */
5072 + if (tcon->ses->capabilities & CAP_UNIX)
5073 + /* reset of caps checks mount to see if unix extensions
5074 + disabled for just this mount */
5075 + reset_cifs_unix_caps(xid, tcon, sb, &volume_info);
5077 + tcon->unix_ext = 0; /* server does not support them */
5079 + /* convert forward to back slashes in prepath here if needed */
5080 + if ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS) == 0)
5081 + convert_delimiter(cifs_sb->prepath, CIFS_DIR_SEP(cifs_sb));
5083 + if ((tcon->unix_ext == 0) && (cifs_sb->rsize > (1024 * 127))) {
5084 + cifs_sb->rsize = 1024 * 127;
5085 + cFYI(DBG2, ("no very large read support, rsize now 127K"));
5087 + if (!(tcon->ses->capabilities & CAP_LARGE_WRITE_X))
5088 + cifs_sb->wsize = min(cifs_sb->wsize,
5089 + (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
5090 + if (!(tcon->ses->capabilities & CAP_LARGE_READ_X))
5091 + cifs_sb->rsize = min(cifs_sb->rsize,
5092 + (tcon->ses->server->maxBuf - MAX_CIFS_HDR_SIZE));
5094 /* volume_info.password is freed above when existing session found
5095 (in which case it is not needed anymore) but when new sesion is created
5096 @@ -3471,6 +3519,7 @@ CIFSTCon(unsigned int xid, struct cifsSesInfo *ses,
5097 /* above now done in SendReceive */
5098 if ((rc == 0) && (tcon != NULL)) {
5099 tcon->tidStatus = CifsGood;
5100 + tcon->need_reconnect = false;
5101 tcon->tid = smb_buffer_response->Tid;
5102 bcc_ptr = pByteArea(smb_buffer_response);
5103 length = strnlen(bcc_ptr, BCC(smb_buffer_response) - 2);
5104 @@ -3542,52 +3591,17 @@ int
5105 cifs_umount(struct super_block *sb, struct cifs_sb_info *cifs_sb)
5109 - struct cifsSesInfo *ses = NULL;
5110 - struct task_struct *cifsd_task;
5115 - if (cifs_sb->tcon) {
5116 - ses = cifs_sb->tcon->ses; /* save ptr to ses before delete tcon!*/
5117 - rc = CIFSSMBTDis(xid, cifs_sb->tcon);
5118 - if (rc == -EBUSY) {
5122 - DeleteTconOplockQEntries(cifs_sb->tcon);
5123 - tconInfoFree(cifs_sb->tcon);
5124 - if ((ses) && (ses->server)) {
5125 - /* save off task so we do not refer to ses later */
5126 - cifsd_task = ses->server->tsk;
5127 - cFYI(1, ("About to do SMBLogoff "));
5128 - rc = CIFSSMBLogoff(xid, ses);
5129 - if (rc == -EBUSY) {
5132 - } else if (rc == -ESHUTDOWN) {
5133 - cFYI(1, ("Waking up socket by sending signal"));
5135 - force_sig(SIGKILL, cifsd_task);
5136 - kthread_stop(cifsd_task);
5139 - } /* else - we have an smb session
5140 - left on this socket do not kill cifsd */
5142 - cFYI(1, ("No session or bad tcon"));
5144 + if (cifs_sb->tcon)
5145 + cifs_put_tcon(cifs_sb->tcon);
5147 cifs_sb->tcon = NULL;
5148 tmp = cifs_sb->prepath;
5149 cifs_sb->prepathlen = 0;
5150 cifs_sb->prepath = NULL;
5159 @@ -3702,6 +3716,7 @@ int cifs_setup_session(unsigned int xid, struct cifsSesInfo *pSesInfo,
5161 cFYI(1, ("CIFS Session Established successfully"));
5162 pSesInfo->status = CifsGood;
5163 + pSesInfo->need_reconnect = false;
5167 diff --git a/fs/cifs/file.c b/fs/cifs/file.c
5168 index cbefe1f..042b122 100644
5169 --- a/fs/cifs/file.c
5170 +++ b/fs/cifs/file.c
5171 @@ -493,7 +493,7 @@ int cifs_close(struct inode *inode, struct file *file)
5173 /* no sense reconnecting to close a file that is
5175 - if (pTcon->tidStatus != CifsNeedReconnect) {
5176 + if (!pTcon->need_reconnect) {
5178 while ((atomic_read(&pSMBFile->wrtPending) != 0)
5179 && (timeout <= 2048)) {
5180 @@ -1396,7 +1396,10 @@ retry:
5181 if ((wbc->nr_to_write -= n_iov) <= 0)
5186 + /* Need to re-find the pages we skipped */
5187 + index = pvec.pages[0]->index + 1;
5189 pagevec_release(&pvec);
5191 if (!scanned && !done) {
5192 @@ -1813,7 +1816,7 @@ static int cifs_readpages(struct file *file, struct address_space *mapping,
5193 pTcon = cifs_sb->tcon;
5195 pagevec_init(&lru_pvec, 0);
5196 - cFYI(DBG2, ("rpages: num pages %d", num_pages));
5197 + cFYI(DBG2, ("rpages: num pages %d", num_pages));
5198 for (i = 0; i < num_pages; ) {
5199 unsigned contig_pages;
5200 struct page *tmp_page;
5201 diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
5202 index 4b17f8f..b891553 100644
5203 --- a/fs/cifs/misc.c
5204 +++ b/fs/cifs/misc.c
5205 @@ -75,12 +75,12 @@ sesInfoAlloc(void)
5207 ret_buf = kzalloc(sizeof(struct cifsSesInfo), GFP_KERNEL);
5209 - write_lock(&GlobalSMBSeslock);
5210 atomic_inc(&sesInfoAllocCount);
5211 ret_buf->status = CifsNew;
5212 - list_add(&ret_buf->cifsSessionList, &GlobalSMBSessionList);
5213 + ++ret_buf->ses_count;
5214 + INIT_LIST_HEAD(&ret_buf->smb_ses_list);
5215 + INIT_LIST_HEAD(&ret_buf->tcon_list);
5216 init_MUTEX(&ret_buf->sesSem);
5217 - write_unlock(&GlobalSMBSeslock);
5221 @@ -93,10 +93,7 @@ sesInfoFree(struct cifsSesInfo *buf_to_free)
5225 - write_lock(&GlobalSMBSeslock);
5226 atomic_dec(&sesInfoAllocCount);
5227 - list_del(&buf_to_free->cifsSessionList);
5228 - write_unlock(&GlobalSMBSeslock);
5229 kfree(buf_to_free->serverOS);
5230 kfree(buf_to_free->serverDomain);
5231 kfree(buf_to_free->serverNOS);
5232 @@ -111,17 +108,14 @@ tconInfoAlloc(void)
5233 struct cifsTconInfo *ret_buf;
5234 ret_buf = kzalloc(sizeof(struct cifsTconInfo), GFP_KERNEL);
5236 - write_lock(&GlobalSMBSeslock);
5237 atomic_inc(&tconInfoAllocCount);
5238 - list_add(&ret_buf->cifsConnectionList,
5239 - &GlobalTreeConnectionList);
5240 ret_buf->tidStatus = CifsNew;
5241 + ++ret_buf->tc_count;
5242 INIT_LIST_HEAD(&ret_buf->openFileList);
5243 - init_MUTEX(&ret_buf->tconSem);
5244 + INIT_LIST_HEAD(&ret_buf->tcon_list);
5245 #ifdef CONFIG_CIFS_STATS
5246 spin_lock_init(&ret_buf->stat_lock);
5248 - write_unlock(&GlobalSMBSeslock);
5252 @@ -133,10 +127,7 @@ tconInfoFree(struct cifsTconInfo *buf_to_free)
5253 cFYI(1, ("Null buffer passed to tconInfoFree"));
5256 - write_lock(&GlobalSMBSeslock);
5257 atomic_dec(&tconInfoAllocCount);
5258 - list_del(&buf_to_free->cifsConnectionList);
5259 - write_unlock(&GlobalSMBSeslock);
5260 kfree(buf_to_free->nativeFileSystem);
5263 @@ -354,9 +345,9 @@ header_assemble(struct smb_hdr *buffer, char smb_command /* command */ ,
5264 if (current->fsuid != treeCon->ses->linux_uid) {
5265 cFYI(1, ("Multiuser mode and UID "
5266 "did not match tcon uid"));
5267 - read_lock(&GlobalSMBSeslock);
5268 - list_for_each(temp_item, &GlobalSMBSessionList) {
5269 - ses = list_entry(temp_item, struct cifsSesInfo, cifsSessionList);
5270 + read_lock(&cifs_tcp_ses_lock);
5271 + list_for_each(temp_item, &treeCon->ses->server->smb_ses_list) {
5272 + ses = list_entry(temp_item, struct cifsSesInfo, smb_ses_list);
5273 if (ses->linux_uid == current->fsuid) {
5274 if (ses->server == treeCon->ses->server) {
5275 cFYI(1, ("found matching uid substitute right smb_uid"));
5276 @@ -368,7 +359,7 @@ header_assemble(struct smb_hdr *buffer, char smb_command /* command */ ,
5280 - read_unlock(&GlobalSMBSeslock);
5281 + read_unlock(&cifs_tcp_ses_lock);
5285 @@ -501,9 +492,10 @@ bool
5286 is_valid_oplock_break(struct smb_hdr *buf, struct TCP_Server_Info *srv)
5288 struct smb_com_lock_req *pSMB = (struct smb_com_lock_req *)buf;
5289 - struct list_head *tmp;
5290 - struct list_head *tmp1;
5291 + struct list_head *tmp, *tmp1, *tmp2;
5292 + struct cifsSesInfo *ses;
5293 struct cifsTconInfo *tcon;
5294 + struct cifsInodeInfo *pCifsInode;
5295 struct cifsFileInfo *netfile;
5297 cFYI(1, ("Checking for oplock break or dnotify response"));
5298 @@ -558,42 +550,42 @@ is_valid_oplock_break(struct smb_hdr *buf, struct TCP_Server_Info *srv)
5301 /* look up tcon based on tid & uid */
5302 - read_lock(&GlobalSMBSeslock);
5303 - list_for_each(tmp, &GlobalTreeConnectionList) {
5304 - tcon = list_entry(tmp, struct cifsTconInfo, cifsConnectionList);
5305 - if ((tcon->tid == buf->Tid) && (srv == tcon->ses->server)) {
5306 + read_lock(&cifs_tcp_ses_lock);
5307 + list_for_each(tmp, &srv->smb_ses_list) {
5308 + ses = list_entry(tmp, struct cifsSesInfo, smb_ses_list);
5309 + list_for_each(tmp1, &ses->tcon_list) {
5310 + tcon = list_entry(tmp1, struct cifsTconInfo, tcon_list);
5311 + if (tcon->tid != buf->Tid)
5314 cifs_stats_inc(&tcon->num_oplock_brks);
5315 - list_for_each(tmp1, &tcon->openFileList) {
5316 - netfile = list_entry(tmp1, struct cifsFileInfo,
5317 + list_for_each(tmp2, &tcon->openFileList) {
5318 + netfile = list_entry(tmp2, struct cifsFileInfo,
5320 - if (pSMB->Fid == netfile->netfid) {
5321 - struct cifsInodeInfo *pCifsInode;
5322 - read_unlock(&GlobalSMBSeslock);
5324 - ("file id match, oplock break"));
5326 - CIFS_I(netfile->pInode);
5327 - pCifsInode->clientCanCacheAll = false;
5328 - if (pSMB->OplockLevel == 0)
5329 - pCifsInode->clientCanCacheRead
5331 - pCifsInode->oplockPending = true;
5332 - AllocOplockQEntry(netfile->pInode,
5336 - ("about to wake up oplock thread"));
5338 - wake_up_process(oplockThread);
5341 + if (pSMB->Fid != netfile->netfid)
5344 + read_unlock(&cifs_tcp_ses_lock);
5345 + cFYI(1, ("file id match, oplock break"));
5346 + pCifsInode = CIFS_I(netfile->pInode);
5347 + pCifsInode->clientCanCacheAll = false;
5348 + if (pSMB->OplockLevel == 0)
5349 + pCifsInode->clientCanCacheRead = false;
5350 + pCifsInode->oplockPending = true;
5351 + AllocOplockQEntry(netfile->pInode,
5352 + netfile->netfid, tcon);
5353 + cFYI(1, ("about to wake up oplock thread"));
5355 + wake_up_process(oplockThread);
5359 - read_unlock(&GlobalSMBSeslock);
5360 + read_unlock(&cifs_tcp_ses_lock);
5361 cFYI(1, ("No matching file for oplock break"));
5365 - read_unlock(&GlobalSMBSeslock);
5366 + read_unlock(&cifs_tcp_ses_lock);
5367 cFYI(1, ("Can not process oplock break for non-existent connection"));
5370 diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c
5371 index e286db9..bb0f329 100644
5372 --- a/fs/cifs/transport.c
5373 +++ b/fs/cifs/transport.c
5374 @@ -162,7 +162,7 @@ void DeleteTconOplockQEntries(struct cifsTconInfo *tcon)
5377 smb_send(struct socket *ssocket, struct smb_hdr *smb_buffer,
5378 - unsigned int smb_buf_length, struct sockaddr *sin)
5379 + unsigned int smb_buf_length, struct sockaddr *sin, bool noblocksnd)
5383 @@ -179,7 +179,10 @@ smb_send(struct socket *ssocket, struct smb_hdr *smb_buffer,
5384 smb_msg.msg_namelen = sizeof(struct sockaddr);
5385 smb_msg.msg_control = NULL;
5386 smb_msg.msg_controllen = 0;
5387 - smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL; /* BB add more flags?*/
5389 + smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
5391 + smb_msg.msg_flags = MSG_NOSIGNAL;
5393 /* smb header is converted in header_assemble. bcc and rest of SMB word
5394 area, and byte area if necessary, is converted to littleendian in
5395 @@ -230,8 +233,8 @@ smb_send(struct socket *ssocket, struct smb_hdr *smb_buffer,
5399 -smb_send2(struct socket *ssocket, struct kvec *iov, int n_vec,
5400 - struct sockaddr *sin)
5401 +smb_send2(struct TCP_Server_Info *server, struct kvec *iov, int n_vec,
5402 + struct sockaddr *sin, bool noblocksnd)
5406 @@ -241,6 +244,7 @@ smb_send2(struct socket *ssocket, struct kvec *iov, int n_vec,
5407 unsigned int total_len;
5409 unsigned int smb_buf_length = smb_buffer->smb_buf_length;
5410 + struct socket *ssocket = server->ssocket;
5412 if (ssocket == NULL)
5413 return -ENOTSOCK; /* BB eventually add reconnect code here */
5414 @@ -249,7 +253,10 @@ smb_send2(struct socket *ssocket, struct kvec *iov, int n_vec,
5415 smb_msg.msg_namelen = sizeof(struct sockaddr);
5416 smb_msg.msg_control = NULL;
5417 smb_msg.msg_controllen = 0;
5418 - smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL; /* BB add more flags?*/
5420 + smb_msg.msg_flags = MSG_DONTWAIT + MSG_NOSIGNAL;
5422 + smb_msg.msg_flags = MSG_NOSIGNAL;
5424 /* smb header is converted in header_assemble. bcc and rest of SMB word
5425 area, and byte area if necessary, is converted to littleendian in
5426 @@ -284,8 +291,11 @@ smb_send2(struct socket *ssocket, struct kvec *iov, int n_vec,
5430 - if (rc >= total_len) {
5431 - WARN_ON(rc > total_len);
5432 + if (rc == total_len) {
5435 + } else if (rc > total_len) {
5436 + cERROR(1, ("sent %d requested %d", rc, total_len));
5440 @@ -313,6 +323,16 @@ smb_send2(struct socket *ssocket, struct kvec *iov, int n_vec,
5441 i = 0; /* in case we get ENOSPC on the next send */
5444 + if ((total_len > 0) && (total_len != smb_buf_length + 4)) {
5445 + cFYI(1, ("partial send (%d remaining), terminating session",
5447 + /* If we have only sent part of an SMB then the next SMB
5448 + could be taken as the remainder of this one. We need
5449 + to kill the socket so the server throws away the partial
5451 + server->tcpStatus = CifsNeedReconnect;
5455 cERROR(1, ("Error %d sending data on socket to server", rc));
5457 @@ -519,8 +539,9 @@ SendReceive2(const unsigned int xid, struct cifsSesInfo *ses,
5458 #ifdef CONFIG_CIFS_STATS2
5459 atomic_inc(&ses->server->inSend);
5461 - rc = smb_send2(ses->server->ssocket, iov, n_vec,
5462 - (struct sockaddr *) &(ses->server->addr.sockAddr));
5463 + rc = smb_send2(ses->server, iov, n_vec,
5464 + (struct sockaddr *) &(ses->server->addr.sockAddr),
5465 + ses->server->noblocksnd);
5466 #ifdef CONFIG_CIFS_STATS2
5467 atomic_dec(&ses->server->inSend);
5468 midQ->when_sent = jiffies;
5469 @@ -712,7 +733,8 @@ SendReceive(const unsigned int xid, struct cifsSesInfo *ses,
5470 atomic_inc(&ses->server->inSend);
5472 rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
5473 - (struct sockaddr *) &(ses->server->addr.sockAddr));
5474 + (struct sockaddr *) &(ses->server->addr.sockAddr),
5475 + ses->server->noblocksnd);
5476 #ifdef CONFIG_CIFS_STATS2
5477 atomic_dec(&ses->server->inSend);
5478 midQ->when_sent = jiffies;
5479 @@ -852,7 +874,8 @@ send_nt_cancel(struct cifsTconInfo *tcon, struct smb_hdr *in_buf,
5482 rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
5483 - (struct sockaddr *) &(ses->server->addr.sockAddr));
5484 + (struct sockaddr *) &(ses->server->addr.sockAddr),
5485 + ses->server->noblocksnd);
5486 up(&ses->server->tcpSem);
5489 @@ -942,7 +965,8 @@ SendReceiveBlockingLock(const unsigned int xid, struct cifsTconInfo *tcon,
5490 atomic_inc(&ses->server->inSend);
5492 rc = smb_send(ses->server->ssocket, in_buf, in_buf->smb_buf_length,
5493 - (struct sockaddr *) &(ses->server->addr.sockAddr));
5494 + (struct sockaddr *) &(ses->server->addr.sockAddr),
5495 + ses->server->noblocksnd);
5496 #ifdef CONFIG_CIFS_STATS2
5497 atomic_dec(&ses->server->inSend);
5498 midQ->when_sent = jiffies;
5499 diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
5500 index f5b76a3..59b9833 100644
5501 --- a/fs/ecryptfs/keystore.c
5502 +++ b/fs/ecryptfs/keystore.c
5503 @@ -1037,17 +1037,14 @@ static int
5504 decrypt_passphrase_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
5505 struct ecryptfs_crypt_stat *crypt_stat)
5507 - struct scatterlist dst_sg;
5508 - struct scatterlist src_sg;
5509 + struct scatterlist dst_sg[2];
5510 + struct scatterlist src_sg[2];
5511 struct mutex *tfm_mutex;
5512 struct blkcipher_desc desc = {
5513 .flags = CRYPTO_TFM_REQ_MAY_SLEEP
5517 - sg_init_table(&dst_sg, 1);
5518 - sg_init_table(&src_sg, 1);
5520 if (unlikely(ecryptfs_verbosity > 0)) {
5522 KERN_DEBUG, "Session key encryption key (size [%d]):\n",
5523 @@ -1066,8 +1063,8 @@ decrypt_passphrase_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
5525 rc = virt_to_scatterlist(auth_tok->session_key.encrypted_key,
5526 auth_tok->session_key.encrypted_key_size,
5530 + if (rc < 1 || rc > 2) {
5531 printk(KERN_ERR "Internal error whilst attempting to convert "
5532 "auth_tok->session_key.encrypted_key to scatterlist; "
5533 "expected rc = 1; got rc = [%d]. "
5534 @@ -1079,8 +1076,8 @@ decrypt_passphrase_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
5535 auth_tok->session_key.encrypted_key_size;
5536 rc = virt_to_scatterlist(auth_tok->session_key.decrypted_key,
5537 auth_tok->session_key.decrypted_key_size,
5541 + if (rc < 1 || rc > 2) {
5542 printk(KERN_ERR "Internal error whilst attempting to convert "
5543 "auth_tok->session_key.decrypted_key to scatterlist; "
5544 "expected rc = 1; got rc = [%d]\n", rc);
5545 @@ -1096,7 +1093,7 @@ decrypt_passphrase_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
5549 - rc = crypto_blkcipher_decrypt(&desc, &dst_sg, &src_sg,
5550 + rc = crypto_blkcipher_decrypt(&desc, dst_sg, src_sg,
5551 auth_tok->session_key.encrypted_key_size);
5552 mutex_unlock(tfm_mutex);
5554 @@ -1541,8 +1538,8 @@ write_tag_3_packet(char *dest, size_t *remaining_bytes,
5556 size_t encrypted_session_key_valid = 0;
5557 char session_key_encryption_key[ECRYPTFS_MAX_KEY_BYTES];
5558 - struct scatterlist dst_sg;
5559 - struct scatterlist src_sg;
5560 + struct scatterlist dst_sg[2];
5561 + struct scatterlist src_sg[2];
5562 struct mutex *tfm_mutex = NULL;
5564 size_t packet_size_length;
5565 @@ -1621,8 +1618,8 @@ write_tag_3_packet(char *dest, size_t *remaining_bytes,
5566 ecryptfs_dump_hex(session_key_encryption_key, 16);
5568 rc = virt_to_scatterlist(crypt_stat->key, key_rec->enc_key_size,
5572 + if (rc < 1 || rc > 2) {
5573 ecryptfs_printk(KERN_ERR, "Error generating scatterlist "
5574 "for crypt_stat session key; expected rc = 1; "
5575 "got rc = [%d]. key_rec->enc_key_size = [%d]\n",
5576 @@ -1631,8 +1628,8 @@ write_tag_3_packet(char *dest, size_t *remaining_bytes,
5579 rc = virt_to_scatterlist(key_rec->enc_key, key_rec->enc_key_size,
5583 + if (rc < 1 || rc > 2) {
5584 ecryptfs_printk(KERN_ERR, "Error generating scatterlist "
5585 "for crypt_stat encrypted session key; "
5586 "expected rc = 1; got rc = [%d]. "
5587 @@ -1653,7 +1650,7 @@ write_tag_3_packet(char *dest, size_t *remaining_bytes,
5589 ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes of the key\n",
5590 crypt_stat->key_size);
5591 - rc = crypto_blkcipher_encrypt(&desc, &dst_sg, &src_sg,
5592 + rc = crypto_blkcipher_encrypt(&desc, dst_sg, src_sg,
5593 (*key_rec).enc_key_size);
5594 mutex_unlock(tfm_mutex);
5596 diff --git a/fs/eventpoll.c b/fs/eventpoll.c
5597 index 7cc0eb7..c8cec49 100644
5598 --- a/fs/eventpoll.c
5599 +++ b/fs/eventpoll.c
5602 #define EP_UNACTIVE_PTR ((void *) -1L)
5604 +#define EP_ITEM_COST (sizeof(struct epitem) + sizeof(struct eppoll_entry))
5606 struct epoll_filefd {
5609 @@ -200,6 +202,9 @@ struct eventpoll {
5612 struct epitem *ovflist;
5614 + /* The user that created the eventpoll descriptor */
5615 + struct user_struct *user;
5618 /* Wait structure used by the poll hooks */
5619 @@ -227,9 +232,17 @@ struct ep_pqueue {
5623 + * Configuration options available inside /proc/sys/fs/epoll/
5625 +/* Maximum number of epoll devices, per user */
5626 +static int max_user_instances __read_mostly;
5627 +/* Maximum number of epoll watched descriptors, per user */
5628 +static int max_user_watches __read_mostly;
5631 * This mutex is used to serialize ep_free() and eventpoll_release_file().
5633 -static struct mutex epmutex;
5634 +static DEFINE_MUTEX(epmutex);
5636 /* Safe wake up implementation */
5637 static struct poll_safewake psw;
5638 @@ -240,6 +253,33 @@ static struct kmem_cache *epi_cache __read_mostly;
5639 /* Slab cache used to allocate "struct eppoll_entry" */
5640 static struct kmem_cache *pwq_cache __read_mostly;
5642 +#ifdef CONFIG_SYSCTL
5644 +#include <linux/sysctl.h>
5648 +ctl_table epoll_table[] = {
5650 + .procname = "max_user_instances",
5651 + .data = &max_user_instances,
5652 + .maxlen = sizeof(int),
5654 + .proc_handler = &proc_dointvec_minmax,
5658 + .procname = "max_user_watches",
5659 + .data = &max_user_watches,
5660 + .maxlen = sizeof(int),
5662 + .proc_handler = &proc_dointvec_minmax,
5667 +#endif /* CONFIG_SYSCTL */
5670 /* Setup the structure that is used as key for the RB tree */
5671 static inline void ep_set_ffd(struct epoll_filefd *ffd,
5672 @@ -402,6 +442,8 @@ static int ep_remove(struct eventpoll *ep, struct epitem *epi)
5673 /* At this point it is safe to free the eventpoll item */
5674 kmem_cache_free(epi_cache, epi);
5676 + atomic_dec(&ep->user->epoll_watches);
5678 DNPRINTK(3, (KERN_INFO "[%p] eventpoll: ep_remove(%p, %p)\n",
5679 current, ep, file));
5681 @@ -449,6 +491,8 @@ static void ep_free(struct eventpoll *ep)
5683 mutex_unlock(&epmutex);
5684 mutex_destroy(&ep->mtx);
5685 + atomic_dec(&ep->user->epoll_devs);
5686 + free_uid(ep->user);
5690 @@ -532,10 +576,19 @@ void eventpoll_release_file(struct file *file)
5692 static int ep_alloc(struct eventpoll **pep)
5694 - struct eventpoll *ep = kzalloc(sizeof(*ep), GFP_KERNEL);
5696 + struct user_struct *user;
5697 + struct eventpoll *ep;
5701 + user = get_current_user();
5703 + if (unlikely(atomic_read(&user->epoll_devs) >=
5704 + max_user_instances))
5707 + ep = kzalloc(sizeof(*ep), GFP_KERNEL);
5708 + if (unlikely(!ep))
5711 spin_lock_init(&ep->lock);
5712 mutex_init(&ep->mtx);
5713 @@ -544,12 +597,17 @@ static int ep_alloc(struct eventpoll **pep)
5714 INIT_LIST_HEAD(&ep->rdllist);
5716 ep->ovflist = EP_UNACTIVE_PTR;
5721 DNPRINTK(3, (KERN_INFO "[%p] eventpoll: ep_alloc() ep=%p\n",
5731 @@ -703,9 +761,11 @@ static int ep_insert(struct eventpoll *ep, struct epoll_event *event,
5733 struct ep_pqueue epq;
5736 + if (unlikely(atomic_read(&ep->user->epoll_watches) >=
5737 + max_user_watches))
5739 if (!(epi = kmem_cache_alloc(epi_cache, GFP_KERNEL)))
5740 - goto error_return;
5743 /* Item initialization follow here ... */
5744 INIT_LIST_HEAD(&epi->rdllink);
5745 @@ -735,6 +795,7 @@ static int ep_insert(struct eventpoll *ep, struct epoll_event *event,
5746 * install process. Namely an allocation for a wait queue failed due
5747 * high memory pressure.
5751 goto error_unregister;
5753 @@ -765,6 +826,8 @@ static int ep_insert(struct eventpoll *ep, struct epoll_event *event,
5755 spin_unlock_irqrestore(&ep->lock, flags);
5757 + atomic_inc(&ep->user->epoll_watches);
5759 /* We have to call this outside the lock */
5761 ep_poll_safewake(&psw, &ep->poll_wait);
5762 @@ -789,7 +852,7 @@ error_unregister:
5763 spin_unlock_irqrestore(&ep->lock, flags);
5765 kmem_cache_free(epi_cache, epi);
5771 @@ -1074,6 +1137,7 @@ asmlinkage long sys_epoll_create1(int flags)
5775 + atomic_inc(&ep->user->epoll_devs);
5778 DNPRINTK(3, (KERN_INFO "[%p] eventpoll: sys_epoll_create(%d) = %d\n",
5779 @@ -1295,7 +1359,12 @@ asmlinkage long sys_epoll_pwait(int epfd, struct epoll_event __user *events,
5781 static int __init eventpoll_init(void)
5783 - mutex_init(&epmutex);
5784 + struct sysinfo si;
5787 + max_user_instances = 128;
5788 + max_user_watches = (((si.totalram - si.totalhigh) / 32) << PAGE_SHIFT) /
5791 /* Initialize the structure used to perform safe poll wait head wake ups */
5792 ep_poll_safewake_init(&psw);
5793 diff --git a/fs/ext2/balloc.c b/fs/ext2/balloc.c
5794 index 10bb02c..6dac7ba 100644
5795 --- a/fs/ext2/balloc.c
5796 +++ b/fs/ext2/balloc.c
5797 @@ -1295,6 +1295,7 @@ retry_alloc:
5798 * turn off reservation for this allocation
5800 if (my_rsv && (free_blocks < windowsz)
5801 + && (free_blocks > 0)
5802 && (rsv_is_empty(&my_rsv->rsv_window)))
5805 @@ -1332,7 +1333,7 @@ retry_alloc:
5806 * free blocks is less than half of the reservation
5809 - if (free_blocks <= (windowsz/2))
5810 + if (my_rsv && (free_blocks <= (windowsz/2)))
5814 diff --git a/fs/ext3/balloc.c b/fs/ext3/balloc.c
5815 index 92fd033..f5b57a2 100644
5816 --- a/fs/ext3/balloc.c
5817 +++ b/fs/ext3/balloc.c
5818 @@ -1547,6 +1547,7 @@ retry_alloc:
5819 * turn off reservation for this allocation
5821 if (my_rsv && (free_blocks < windowsz)
5822 + && (free_blocks > 0)
5823 && (rsv_is_empty(&my_rsv->rsv_window)))
5826 @@ -1585,7 +1586,7 @@ retry_alloc:
5827 * free blocks is less than half of the reservation
5830 - if (free_blocks <= (windowsz/2))
5831 + if (my_rsv && (free_blocks <= (windowsz/2)))
5835 diff --git a/fs/ext3/dir.c b/fs/ext3/dir.c
5836 index 1b80f1c..5853f44 100644
5839 @@ -414,7 +414,7 @@ static int call_filldir(struct file * filp, void * dirent,
5840 get_dtype(sb, fname->file_type));
5842 filp->f_pos = curr_pos;
5843 - info->extra_fname = fname->next;
5844 + info->extra_fname = fname;
5847 fname = fname->next;
5848 @@ -453,11 +453,12 @@ static int ext3_dx_readdir(struct file * filp,
5849 * If there are any leftover names on the hash collision
5850 * chain, return them first.
5852 - if (info->extra_fname &&
5853 - call_filldir(filp, dirent, filldir, info->extra_fname))
5856 - if (!info->curr_node)
5857 + if (info->extra_fname) {
5858 + if (call_filldir(filp, dirent, filldir, info->extra_fname))
5860 + info->extra_fname = NULL;
5862 + } else if (!info->curr_node)
5863 info->curr_node = rb_first(&info->root);
5866 @@ -488,9 +489,14 @@ static int ext3_dx_readdir(struct file * filp,
5867 info->curr_minor_hash = fname->minor_hash;
5868 if (call_filldir(filp, dirent, filldir, fname))
5872 info->curr_node = rb_next(info->curr_node);
5873 - if (!info->curr_node) {
5874 + if (info->curr_node) {
5875 + fname = rb_entry(info->curr_node, struct fname,
5877 + info->curr_hash = fname->hash;
5878 + info->curr_minor_hash = fname->minor_hash;
5880 if (info->next_hash == ~0) {
5881 filp->f_pos = EXT3_HTREE_EOF;
5883 diff --git a/fs/ext3/resize.c b/fs/ext3/resize.c
5884 index 77278e9..78fdf38 100644
5885 --- a/fs/ext3/resize.c
5886 +++ b/fs/ext3/resize.c
5887 @@ -790,7 +790,8 @@ int ext3_group_add(struct super_block *sb, struct ext3_new_group_data *input)
5889 if (reserved_gdb || gdb_off == 0) {
5890 if (!EXT3_HAS_COMPAT_FEATURE(sb,
5891 - EXT3_FEATURE_COMPAT_RESIZE_INODE)){
5892 + EXT3_FEATURE_COMPAT_RESIZE_INODE)
5893 + || !le16_to_cpu(es->s_reserved_gdt_blocks)) {
5894 ext3_warning(sb, __func__,
5895 "No reserved GDT blocks, can't resize");
5897 diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c
5898 index d1d6487..e45d086 100644
5901 @@ -458,17 +458,8 @@ static int ext4_dx_readdir(struct file * filp,
5902 if (info->extra_fname) {
5903 if (call_filldir(filp, dirent, filldir, info->extra_fname))
5906 info->extra_fname = NULL;
5907 - info->curr_node = rb_next(info->curr_node);
5908 - if (!info->curr_node) {
5909 - if (info->next_hash == ~0) {
5910 - filp->f_pos = EXT4_HTREE_EOF;
5913 - info->curr_hash = info->next_hash;
5914 - info->curr_minor_hash = 0;
5917 } else if (!info->curr_node)
5918 info->curr_node = rb_first(&info->root);
5920 @@ -500,9 +491,14 @@ static int ext4_dx_readdir(struct file * filp,
5921 info->curr_minor_hash = fname->minor_hash;
5922 if (call_filldir(filp, dirent, filldir, fname))
5926 info->curr_node = rb_next(info->curr_node);
5927 - if (!info->curr_node) {
5928 + if (info->curr_node) {
5929 + fname = rb_entry(info->curr_node, struct fname,
5931 + info->curr_hash = fname->hash;
5932 + info->curr_minor_hash = fname->minor_hash;
5934 if (info->next_hash == ~0) {
5935 filp->f_pos = EXT4_HTREE_EOF;
5937 diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
5938 index 2950032..4829dac 100644
5939 --- a/fs/ext4/ext4.h
5940 +++ b/fs/ext4/ext4.h
5941 @@ -291,8 +291,6 @@ struct ext4_new_group_data {
5942 #define EXT4_IOC_SETFLAGS FS_IOC_SETFLAGS
5943 #define EXT4_IOC_GETVERSION _IOR('f', 3, long)
5944 #define EXT4_IOC_SETVERSION _IOW('f', 4, long)
5945 -#define EXT4_IOC_GROUP_EXTEND _IOW('f', 7, unsigned long)
5946 -#define EXT4_IOC_GROUP_ADD _IOW('f', 8,struct ext4_new_group_input)
5947 #define EXT4_IOC_GETVERSION_OLD FS_IOC_GETVERSION
5948 #define EXT4_IOC_SETVERSION_OLD FS_IOC_SETVERSION
5949 #ifdef CONFIG_JBD2_DEBUG
5950 @@ -300,7 +298,10 @@ struct ext4_new_group_data {
5952 #define EXT4_IOC_GETRSVSZ _IOR('f', 5, long)
5953 #define EXT4_IOC_SETRSVSZ _IOW('f', 6, long)
5954 -#define EXT4_IOC_MIGRATE _IO('f', 7)
5955 +#define EXT4_IOC_GROUP_EXTEND _IOW('f', 7, unsigned long)
5956 +#define EXT4_IOC_GROUP_ADD _IOW('f', 8, struct ext4_new_group_input)
5957 +#define EXT4_IOC_MIGRATE _IO('f', 9)
5958 + /* note ioctl 11 reserved for filesystem-independent FIEMAP ioctl */
5961 * ioctl commands in 32 bit emulation
5962 @@ -1083,8 +1084,7 @@ extern long ext4_ioctl(struct file *, unsigned int, unsigned long);
5963 extern long ext4_compat_ioctl (struct file *, unsigned int, unsigned long);
5966 -extern int ext4_ext_migrate(struct inode *, struct file *, unsigned int,
5968 +extern int ext4_ext_migrate(struct inode *);
5970 extern int ext4_orphan_add(handle_t *, struct inode *);
5971 extern int ext4_orphan_del(handle_t *, struct inode *);
5972 diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c
5973 index f344834..9805924 100644
5974 --- a/fs/ext4/ialloc.c
5975 +++ b/fs/ext4/ialloc.c
5976 @@ -715,6 +715,8 @@ got:
5977 gdp->bg_flags &= cpu_to_le16(~EXT4_BG_BLOCK_UNINIT);
5978 free = ext4_free_blocks_after_init(sb, group, gdp);
5979 gdp->bg_free_blocks_count = cpu_to_le16(free);
5980 + gdp->bg_checksum = ext4_group_desc_csum(sbi, group,
5983 spin_unlock(sb_bgl_lock(sbi, group));
5985 diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
5986 index 7e91913..846a790 100644
5987 --- a/fs/ext4/inode.c
5988 +++ b/fs/ext4/inode.c
5989 @@ -2242,6 +2242,8 @@ static int ext4_da_writepage(struct page *page,
5993 + /* now mark the buffer_heads as dirty and uptodate */
5994 + block_commit_write(page, 0, PAGE_CACHE_SIZE);
5997 if (test_opt(inode->i_sb, NOBH) && ext4_should_writeback_data(inode))
5998 @@ -4444,9 +4446,10 @@ static int ext4_indirect_trans_blocks(struct inode *inode, int nrblocks,
5999 static int ext4_index_trans_blocks(struct inode *inode, int nrblocks, int chunk)
6001 if (!(EXT4_I(inode)->i_flags & EXT4_EXTENTS_FL))
6002 - return ext4_indirect_trans_blocks(inode, nrblocks, 0);
6003 - return ext4_ext_index_trans_blocks(inode, nrblocks, 0);
6004 + return ext4_indirect_trans_blocks(inode, nrblocks, chunk);
6005 + return ext4_ext_index_trans_blocks(inode, nrblocks, chunk);
6009 * Account for index blocks, block groups bitmaps and block group
6010 * descriptor blocks if modify datablocks and index blocks
6011 diff --git a/fs/ext4/ioctl.c b/fs/ext4/ioctl.c
6012 index 7a6c2f1..306bfd4 100644
6013 --- a/fs/ext4/ioctl.c
6014 +++ b/fs/ext4/ioctl.c
6015 @@ -267,7 +267,26 @@ setversion_out:
6018 case EXT4_IOC_MIGRATE:
6019 - return ext4_ext_migrate(inode, filp, cmd, arg);
6022 + if (!is_owner_or_cap(inode))
6025 + err = mnt_want_write(filp->f_path.mnt);
6029 + * inode_mutex prevent write and truncate on the file.
6030 + * Read still goes through. We take i_data_sem in
6031 + * ext4_ext_swap_inode_data before we switch the
6032 + * inode format to prevent read.
6034 + mutex_lock(&(inode->i_mutex));
6035 + err = ext4_ext_migrate(inode);
6036 + mutex_unlock(&(inode->i_mutex));
6037 + mnt_drop_write(filp->f_path.mnt);
6043 diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
6044 index e0e3a5e..ba86b56 100644
6045 --- a/fs/ext4/mballoc.c
6046 +++ b/fs/ext4/mballoc.c
6047 @@ -2575,7 +2575,7 @@ static void ext4_mb_cleanup_pa(struct ext4_group_info *grp)
6048 pa = list_entry(cur, struct ext4_prealloc_space, pa_group_list);
6049 list_del(&pa->pa_group_list);
6052 + kmem_cache_free(ext4_pspace_cachep, pa);
6055 mb_debug("mballoc: %u PAs left\n", count);
6056 @@ -2785,14 +2785,20 @@ static int ext4_mb_init_per_dev_proc(struct super_block *sb)
6057 mode_t mode = S_IFREG | S_IRUGO | S_IWUSR;
6058 struct ext4_sb_info *sbi = EXT4_SB(sb);
6059 struct proc_dir_entry *proc;
6061 + char devname[BDEVNAME_SIZE], *p;
6063 if (proc_root_ext4 == NULL) {
6064 sbi->s_mb_proc = NULL;
6067 bdevname(sb->s_bdev, devname);
6069 + while ((p = strchr(p, '/')))
6072 sbi->s_mb_proc = proc_mkdir(devname, proc_root_ext4);
6073 + if (!sbi->s_mb_proc)
6074 + goto err_create_dir;
6076 MB_PROC_HANDLER(EXT4_MB_STATS_NAME, stats);
6077 MB_PROC_HANDLER(EXT4_MB_MAX_TO_SCAN_NAME, max_to_scan);
6078 @@ -2804,7 +2810,6 @@ static int ext4_mb_init_per_dev_proc(struct super_block *sb)
6082 - printk(KERN_ERR "EXT4-fs: Unable to create %s\n", devname);
6083 remove_proc_entry(EXT4_MB_GROUP_PREALLOC, sbi->s_mb_proc);
6084 remove_proc_entry(EXT4_MB_STREAM_REQ, sbi->s_mb_proc);
6085 remove_proc_entry(EXT4_MB_ORDER2_REQ, sbi->s_mb_proc);
6086 @@ -2813,6 +2818,8 @@ err_out:
6087 remove_proc_entry(EXT4_MB_STATS_NAME, sbi->s_mb_proc);
6088 remove_proc_entry(devname, proc_root_ext4);
6089 sbi->s_mb_proc = NULL;
6091 + printk(KERN_ERR "EXT4-fs: Unable to create %s\n", devname);
6095 @@ -2820,12 +2827,15 @@ err_out:
6096 static int ext4_mb_destroy_per_dev_proc(struct super_block *sb)
6098 struct ext4_sb_info *sbi = EXT4_SB(sb);
6100 + char devname[BDEVNAME_SIZE], *p;
6102 if (sbi->s_mb_proc == NULL)
6105 bdevname(sb->s_bdev, devname);
6107 + while ((p = strchr(p, '/')))
6109 remove_proc_entry(EXT4_MB_GROUP_PREALLOC, sbi->s_mb_proc);
6110 remove_proc_entry(EXT4_MB_STREAM_REQ, sbi->s_mb_proc);
6111 remove_proc_entry(EXT4_MB_ORDER2_REQ, sbi->s_mb_proc);
6112 diff --git a/fs/ext4/migrate.c b/fs/ext4/migrate.c
6113 index 46fc0b5..f2a9cf4 100644
6114 --- a/fs/ext4/migrate.c
6115 +++ b/fs/ext4/migrate.c
6116 @@ -447,8 +447,7 @@ static int free_ext_block(handle_t *handle, struct inode *inode)
6120 -int ext4_ext_migrate(struct inode *inode, struct file *filp,
6121 - unsigned int cmd, unsigned long arg)
6122 +int ext4_ext_migrate(struct inode *inode)
6126 @@ -516,12 +515,6 @@ int ext4_ext_migrate(struct inode *inode, struct file *filp,
6127 * when we add extents we extent the journal
6130 - * inode_mutex prevent write and truncate on the file. Read still goes
6131 - * through. We take i_data_sem in ext4_ext_swap_inode_data before we
6132 - * switch the inode format to prevent read.
6134 - mutex_lock(&(inode->i_mutex));
6136 * Even though we take i_mutex we can still cause block allocation
6137 * via mmap write to holes. If we have allocated new blocks we fail
6138 * migrate. New block allocation will clear EXT4_EXT_MIGRATE flag.
6139 @@ -623,7 +616,6 @@ err_out:
6140 tmp_inode->i_nlink = 0;
6142 ext4_journal_stop(handle);
6143 - mutex_unlock(&(inode->i_mutex));
6147 diff --git a/fs/ext4/resize.c b/fs/ext4/resize.c
6148 index b3d3560..3922a8b 100644
6149 --- a/fs/ext4/resize.c
6150 +++ b/fs/ext4/resize.c
6151 @@ -929,6 +929,15 @@ int ext4_group_add(struct super_block *sb, struct ext4_new_group_data *input)
6152 percpu_counter_add(&sbi->s_freeinodes_counter,
6153 EXT4_INODES_PER_GROUP(sb));
6155 + if (EXT4_HAS_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_FLEX_BG)) {
6156 + ext4_group_t flex_group;
6157 + flex_group = ext4_flex_group(sbi, input->group);
6158 + sbi->s_flex_groups[flex_group].free_blocks +=
6159 + input->free_blocks_count;
6160 + sbi->s_flex_groups[flex_group].free_inodes +=
6161 + EXT4_INODES_PER_GROUP(sb);
6164 ext4_journal_dirty_metadata(handle, sbi->s_sbh);
6167 diff --git a/fs/ext4/super.c b/fs/ext4/super.c
6168 index 566344b..7726e8e 100644
6169 --- a/fs/ext4/super.c
6170 +++ b/fs/ext4/super.c
6171 @@ -1504,8 +1504,10 @@ static int ext4_fill_flex_info(struct super_block *sb)
6172 sbi->s_log_groups_per_flex = sbi->s_es->s_log_groups_per_flex;
6173 groups_per_flex = 1 << sbi->s_log_groups_per_flex;
6175 - flex_group_count = (sbi->s_groups_count + groups_per_flex - 1) /
6177 + /* We allocate both existing and potentially added groups */
6178 + flex_group_count = ((sbi->s_groups_count + groups_per_flex - 1) +
6179 + ((le16_to_cpu(sbi->s_es->s_reserved_gdt_blocks) + 1) <<
6180 + EXT4_DESC_PER_BLOCK_BITS(sb))) / groups_per_flex;
6181 sbi->s_flex_groups = kzalloc(flex_group_count *
6182 sizeof(struct flex_groups), GFP_KERNEL);
6183 if (sbi->s_flex_groups == NULL) {
6184 @@ -1623,8 +1625,10 @@ static int ext4_check_descriptors(struct super_block *sb)
6185 "Checksum for group %lu failed (%u!=%u)\n",
6186 i, le16_to_cpu(ext4_group_desc_csum(sbi, i,
6187 gdp)), le16_to_cpu(gdp->bg_checksum));
6188 - if (!(sb->s_flags & MS_RDONLY))
6189 + if (!(sb->s_flags & MS_RDONLY)) {
6190 + spin_unlock(sb_bgl_lock(sbi, i));
6194 spin_unlock(sb_bgl_lock(sbi, i));
6196 @@ -2444,6 +2448,21 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
6200 + if (test_opt(sb, DATA_FLAGS) == EXT4_MOUNT_JOURNAL_DATA) {
6201 + printk(KERN_WARNING "EXT4-fs: Ignoring delalloc option - "
6202 + "requested data journaling mode\n");
6203 + clear_opt(sbi->s_mount_opt, DELALLOC);
6204 + } else if (test_opt(sb, DELALLOC))
6205 + printk(KERN_INFO "EXT4-fs: delayed allocation enabled\n");
6207 + ext4_ext_init(sb);
6208 + err = ext4_mb_init(sb, needs_recovery);
6210 + printk(KERN_ERR "EXT4-fs: failed to initalize mballoc (%d)\n",
6212 + goto failed_mount4;
6216 * akpm: core read_super() calls in here with the superblock locked.
6217 * That deadlocks, because orphan cleanup needs to lock the superblock
6218 @@ -2463,16 +2482,6 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
6219 test_opt(sb, DATA_FLAGS) == EXT4_MOUNT_ORDERED_DATA ? "ordered":
6222 - if (test_opt(sb, DATA_FLAGS) == EXT4_MOUNT_JOURNAL_DATA) {
6223 - printk(KERN_WARNING "EXT4-fs: Ignoring delalloc option - "
6224 - "requested data journaling mode\n");
6225 - clear_opt(sbi->s_mount_opt, DELALLOC);
6226 - } else if (test_opt(sb, DELALLOC))
6227 - printk(KERN_INFO "EXT4-fs: delayed allocation enabled\n");
6229 - ext4_ext_init(sb);
6230 - ext4_mb_init(sb, needs_recovery);
6235 @@ -2799,13 +2808,34 @@ static void ext4_commit_super(struct super_block *sb,
6239 + if (buffer_write_io_error(sbh)) {
6241 + * Oh, dear. A previous attempt to write the
6242 + * superblock failed. This could happen because the
6243 + * USB device was yanked out. Or it could happen to
6244 + * be a transient write error and maybe the block will
6245 + * be remapped. Nothing we can do but to retry the
6246 + * write and hope for the best.
6248 + printk(KERN_ERR "ext4: previous I/O error to "
6249 + "superblock detected for %s.\n", sb->s_id);
6250 + clear_buffer_write_io_error(sbh);
6251 + set_buffer_uptodate(sbh);
6253 es->s_wtime = cpu_to_le32(get_seconds());
6254 ext4_free_blocks_count_set(es, ext4_count_free_blocks(sb));
6255 es->s_free_inodes_count = cpu_to_le32(ext4_count_free_inodes(sb));
6256 BUFFER_TRACE(sbh, "marking dirty");
6257 mark_buffer_dirty(sbh);
6260 sync_dirty_buffer(sbh);
6261 + if (buffer_write_io_error(sbh)) {
6262 + printk(KERN_ERR "ext4: I/O error while writing "
6263 + "superblock for %s.\n", sb->s_id);
6264 + clear_buffer_write_io_error(sbh);
6265 + set_buffer_uptodate(sbh);
6271 @@ -2890,12 +2920,9 @@ int ext4_force_commit(struct super_block *sb)
6273 * Ext4 always journals updates to the superblock itself, so we don't
6274 * have to propagate any other updates to the superblock on disk at this
6275 - * point. Just start an async writeback to get the buffers on their way
6278 - * This implicitly triggers the writebehind on sync().
6279 + * point. (We can probably nuke this function altogether, and remove
6280 + * any mention to sb->s_dirt in all of fs/ext4; eventual cleanup...)
6283 static void ext4_write_super(struct super_block *sb)
6285 if (mutex_trylock(&sb->s_lock) != 0)
6286 @@ -2905,14 +2932,14 @@ static void ext4_write_super(struct super_block *sb)
6288 static int ext4_sync_fs(struct super_block *sb, int wait)
6294 - if (jbd2_journal_start_commit(EXT4_SB(sb)->s_journal, &target)) {
6296 - jbd2_log_wait_commit(EXT4_SB(sb)->s_journal, target);
6300 + ret = ext4_force_commit(sb);
6302 + jbd2_journal_start_commit(EXT4_SB(sb)->s_journal, NULL);
6307 diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c
6308 index 8954208..362b0ed 100644
6309 --- a/fs/ext4/xattr.c
6310 +++ b/fs/ext4/xattr.c
6311 @@ -959,6 +959,7 @@ ext4_xattr_set_handle(handle_t *handle, struct inode *inode, int name_index,
6312 struct ext4_xattr_block_find bs = {
6313 .s = { .not_found = -ENODATA, },
6315 + unsigned long no_expand;
6319 @@ -966,6 +967,9 @@ ext4_xattr_set_handle(handle_t *handle, struct inode *inode, int name_index,
6320 if (strlen(name) > 255)
6322 down_write(&EXT4_I(inode)->xattr_sem);
6323 + no_expand = EXT4_I(inode)->i_state & EXT4_STATE_NO_EXPAND;
6324 + EXT4_I(inode)->i_state |= EXT4_STATE_NO_EXPAND;
6326 error = ext4_get_inode_loc(inode, &is.iloc);
6329 @@ -1042,6 +1046,8 @@ ext4_xattr_set_handle(handle_t *handle, struct inode *inode, int name_index,
6333 + if (no_expand == 0)
6334 + EXT4_I(inode)->i_state &= ~EXT4_STATE_NO_EXPAND;
6335 up_write(&EXT4_I(inode)->xattr_sem);
6338 diff --git a/fs/inotify.c b/fs/inotify.c
6339 index 690e725..7bbed1b 100644
6342 @@ -106,6 +106,20 @@ void get_inotify_watch(struct inotify_watch *watch)
6344 EXPORT_SYMBOL_GPL(get_inotify_watch);
6346 +int pin_inotify_watch(struct inotify_watch *watch)
6348 + struct super_block *sb = watch->inode->i_sb;
6349 + spin_lock(&sb_lock);
6350 + if (sb->s_count >= S_BIAS) {
6351 + atomic_inc(&sb->s_active);
6352 + spin_unlock(&sb_lock);
6353 + atomic_inc(&watch->count);
6356 + spin_unlock(&sb_lock);
6361 * put_inotify_watch - decrements the ref count on a given watch. cleans up
6362 * watch references if the count reaches zero. inotify_watch is freed by
6363 @@ -124,6 +138,13 @@ void put_inotify_watch(struct inotify_watch *watch)
6365 EXPORT_SYMBOL_GPL(put_inotify_watch);
6367 +void unpin_inotify_watch(struct inotify_watch *watch)
6369 + struct super_block *sb = watch->inode->i_sb;
6370 + put_inotify_watch(watch);
6371 + deactivate_super(sb);
6375 * inotify_handle_get_wd - returns the next WD for use by the given handle
6377 @@ -479,6 +500,112 @@ void inotify_init_watch(struct inotify_watch *watch)
6379 EXPORT_SYMBOL_GPL(inotify_init_watch);
6382 + * Watch removals suck violently. To kick the watch out we need (in this
6383 + * order) inode->inotify_mutex and ih->mutex. That's fine if we have
6384 + * a hold on inode; however, for all other cases we need to make damn sure
6385 + * we don't race with umount. We can *NOT* just grab a reference to a
6386 + * watch - inotify_unmount_inodes() will happily sail past it and we'll end
6387 + * with reference to inode potentially outliving its superblock. Ideally
6388 + * we just want to grab an active reference to superblock if we can; that
6389 + * will make sure we won't go into inotify_umount_inodes() until we are
6390 + * done. Cleanup is just deactivate_super(). However, that leaves a messy
6391 + * case - what if we *are* racing with umount() and active references to
6392 + * superblock can't be acquired anymore? We can bump ->s_count, grab
6393 + * ->s_umount, which will almost certainly wait until the superblock is shut
6394 + * down and the watch in question is pining for fjords. That's fine, but
6395 + * there is a problem - we might have hit the window between ->s_active
6396 + * getting to 0 / ->s_count - below S_BIAS (i.e. the moment when superblock
6397 + * is past the point of no return and is heading for shutdown) and the
6398 + * moment when deactivate_super() acquires ->s_umount. We could just do
6399 + * drop_super() yield() and retry, but that's rather antisocial and this
6400 + * stuff is luser-triggerable. OTOH, having grabbed ->s_umount and having
6401 + * found that we'd got there first (i.e. that ->s_root is non-NULL) we know
6402 + * that we won't race with inotify_umount_inodes(). So we could grab a
6403 + * reference to watch and do the rest as above, just with drop_super() instead
6404 + * of deactivate_super(), right? Wrong. We had to drop ih->mutex before we
6405 + * could grab ->s_umount. So the watch could've been gone already.
6407 + * That still can be dealt with - we need to save watch->wd, do idr_find()
6408 + * and compare its result with our pointer. If they match, we either have
6409 + * the damn thing still alive or we'd lost not one but two races at once,
6410 + * the watch had been killed and a new one got created with the same ->wd
6411 + * at the same address. That couldn't have happened in inotify_destroy(),
6412 + * but inotify_rm_wd() could run into that. Still, "new one got created"
6413 + * is not a problem - we have every right to kill it or leave it alone,
6414 + * whatever's more convenient.
6416 + * So we can use idr_find(...) == watch && watch->inode->i_sb == sb as
6417 + * "grab it and kill it" check. If it's been our original watch, we are
6418 + * fine, if it's a newcomer - nevermind, just pretend that we'd won the
6419 + * race and kill the fscker anyway; we are safe since we know that its
6420 + * superblock won't be going away.
6422 + * And yes, this is far beyond mere "not very pretty"; so's the entire
6423 + * concept of inotify to start with.
6427 + * pin_to_kill - pin the watch down for removal
6428 + * @ih: inotify handle
6429 + * @watch: watch to kill
6431 + * Called with ih->mutex held, drops it. Possible return values:
6432 + * 0 - nothing to do, it has died
6433 + * 1 - remove it, drop the reference and deactivate_super()
6434 + * 2 - remove it, drop the reference and drop_super(); we tried hard to avoid
6435 + * that variant, since it involved a lot of PITA, but that's the best that
6436 + * could've been done.
6438 +static int pin_to_kill(struct inotify_handle *ih, struct inotify_watch *watch)
6440 + struct super_block *sb = watch->inode->i_sb;
6441 + s32 wd = watch->wd;
6443 + spin_lock(&sb_lock);
6444 + if (sb->s_count >= S_BIAS) {
6445 + atomic_inc(&sb->s_active);
6446 + spin_unlock(&sb_lock);
6447 + get_inotify_watch(watch);
6448 + mutex_unlock(&ih->mutex);
6449 + return 1; /* the best outcome */
6452 + spin_unlock(&sb_lock);
6453 + mutex_unlock(&ih->mutex); /* can't grab ->s_umount under it */
6454 + down_read(&sb->s_umount);
6455 + if (likely(!sb->s_root)) {
6456 + /* fs is already shut down; the watch is dead */
6460 + /* raced with the final deactivate_super() */
6461 + mutex_lock(&ih->mutex);
6462 + if (idr_find(&ih->idr, wd) != watch || watch->inode->i_sb != sb) {
6463 + /* the watch is dead */
6464 + mutex_unlock(&ih->mutex);
6468 + /* still alive or freed and reused with the same sb and wd; kill */
6469 + get_inotify_watch(watch);
6470 + mutex_unlock(&ih->mutex);
6474 +static void unpin_and_kill(struct inotify_watch *watch, int how)
6476 + struct super_block *sb = watch->inode->i_sb;
6477 + put_inotify_watch(watch);
6480 + deactivate_super(sb);
6488 * inotify_destroy - clean up and destroy an inotify instance
6489 * @ih: inotify handle
6490 @@ -490,11 +617,15 @@ void inotify_destroy(struct inotify_handle *ih)
6491 * pretty. We cannot do a simple iteration over the list, because we
6492 * do not know the inode until we iterate to the watch. But we need to
6493 * hold inode->inotify_mutex before ih->mutex. The following works.
6495 + * AV: it had to become even uglier to start working ;-/
6498 struct inotify_watch *watch;
6499 struct list_head *watches;
6500 + struct super_block *sb;
6501 struct inode *inode;
6504 mutex_lock(&ih->mutex);
6505 watches = &ih->watches;
6506 @@ -503,8 +634,10 @@ void inotify_destroy(struct inotify_handle *ih)
6509 watch = list_first_entry(watches, struct inotify_watch, h_list);
6510 - get_inotify_watch(watch);
6511 - mutex_unlock(&ih->mutex);
6512 + sb = watch->inode->i_sb;
6513 + how = pin_to_kill(ih, watch);
6517 inode = watch->inode;
6518 mutex_lock(&inode->inotify_mutex);
6519 @@ -518,7 +651,7 @@ void inotify_destroy(struct inotify_handle *ih)
6521 mutex_unlock(&ih->mutex);
6522 mutex_unlock(&inode->inotify_mutex);
6523 - put_inotify_watch(watch);
6524 + unpin_and_kill(watch, how);
6527 /* free this handle: the put matching the get in inotify_init() */
6528 @@ -719,7 +852,9 @@ void inotify_evict_watch(struct inotify_watch *watch)
6529 int inotify_rm_wd(struct inotify_handle *ih, u32 wd)
6531 struct inotify_watch *watch;
6532 + struct super_block *sb;
6533 struct inode *inode;
6536 mutex_lock(&ih->mutex);
6537 watch = idr_find(&ih->idr, wd);
6538 @@ -727,9 +862,12 @@ int inotify_rm_wd(struct inotify_handle *ih, u32 wd)
6539 mutex_unlock(&ih->mutex);
6542 - get_inotify_watch(watch);
6543 + sb = watch->inode->i_sb;
6544 + how = pin_to_kill(ih, watch);
6548 inode = watch->inode;
6549 - mutex_unlock(&ih->mutex);
6551 mutex_lock(&inode->inotify_mutex);
6552 mutex_lock(&ih->mutex);
6553 @@ -740,7 +878,7 @@ int inotify_rm_wd(struct inotify_handle *ih, u32 wd)
6555 mutex_unlock(&ih->mutex);
6556 mutex_unlock(&inode->inotify_mutex);
6557 - put_inotify_watch(watch);
6558 + unpin_and_kill(watch, how);
6562 diff --git a/fs/jbd/transaction.c b/fs/jbd/transaction.c
6563 index 0540ca2..d15cd6e 100644
6564 --- a/fs/jbd/transaction.c
6565 +++ b/fs/jbd/transaction.c
6566 @@ -954,9 +954,10 @@ int journal_dirty_data(handle_t *handle, struct buffer_head *bh)
6567 journal_t *journal = handle->h_transaction->t_journal;
6568 int need_brelse = 0;
6569 struct journal_head *jh;
6572 if (is_handle_aborted(handle))
6576 jh = journal_add_journal_head(bh);
6577 JBUFFER_TRACE(jh, "entry");
6578 @@ -1067,7 +1068,16 @@ int journal_dirty_data(handle_t *handle, struct buffer_head *bh)
6579 time if it is redirtied */
6582 - /* journal_clean_data_list() may have got there first */
6584 + * We cannot remove the buffer with io error from the
6585 + * committing transaction, because otherwise it would
6586 + * miss the error and the commit would not abort.
6588 + if (unlikely(!buffer_uptodate(bh))) {
6593 if (jh->b_transaction != NULL) {
6594 JBUFFER_TRACE(jh, "unfile from commit");
6595 __journal_temp_unlink_buffer(jh);
6596 @@ -1108,7 +1118,7 @@ no_journal:
6598 JBUFFER_TRACE(jh, "exit");
6599 journal_put_journal_head(jh);
6605 diff --git a/fs/jbd2/checkpoint.c b/fs/jbd2/checkpoint.c
6606 index 91389c8..77255a3 100644
6607 --- a/fs/jbd2/checkpoint.c
6608 +++ b/fs/jbd2/checkpoint.c
6609 @@ -114,7 +114,7 @@ static int __try_to_free_cp_buf(struct journal_head *jh)
6611 void __jbd2_log_wait_for_space(journal_t *journal)
6614 + int nblocks, space_left;
6615 assert_spin_locked(&journal->j_state_lock);
6617 nblocks = jbd_space_needed(journal);
6618 @@ -126,14 +126,47 @@ void __jbd2_log_wait_for_space(journal_t *journal)
6621 * Test again, another process may have checkpointed while we
6622 - * were waiting for the checkpoint lock
6623 + * were waiting for the checkpoint lock. If there are no
6624 + * transactions ready to be checkpointed, try to recover
6625 + * journal space by calling cleanup_journal_tail(), and if
6626 + * that doesn't work, by waiting for the currently committing
6627 + * transaction to complete. If there is absolutely no way
6628 + * to make progress, this is either a BUG or corrupted
6629 + * filesystem, so abort the journal and leave a stack
6630 + * trace for forensic evidence.
6632 spin_lock(&journal->j_state_lock);
6633 + spin_lock(&journal->j_list_lock);
6634 nblocks = jbd_space_needed(journal);
6635 - if (__jbd2_log_space_left(journal) < nblocks) {
6636 + space_left = __jbd2_log_space_left(journal);
6637 + if (space_left < nblocks) {
6638 + int chkpt = journal->j_checkpoint_transactions != NULL;
6641 + if (journal->j_committing_transaction)
6642 + tid = journal->j_committing_transaction->t_tid;
6643 + spin_unlock(&journal->j_list_lock);
6644 spin_unlock(&journal->j_state_lock);
6645 - jbd2_log_do_checkpoint(journal);
6647 + jbd2_log_do_checkpoint(journal);
6648 + } else if (jbd2_cleanup_journal_tail(journal) == 0) {
6649 + /* We were able to recover space; yay! */
6652 + jbd2_log_wait_commit(journal, tid);
6654 + printk(KERN_ERR "%s: needed %d blocks and "
6655 + "only had %d space available\n",
6656 + __func__, nblocks, space_left);
6657 + printk(KERN_ERR "%s: no way to get more "
6658 + "journal space in %s\n", __func__,
6659 + journal->j_devname);
6661 + jbd2_journal_abort(journal, 0);
6663 spin_lock(&journal->j_state_lock);
6665 + spin_unlock(&journal->j_list_lock);
6667 mutex_unlock(&journal->j_checkpoint_mutex);
6669 diff --git a/fs/jbd2/commit.c b/fs/jbd2/commit.c
6670 index f2ad061..6caf22d 100644
6671 --- a/fs/jbd2/commit.c
6672 +++ b/fs/jbd2/commit.c
6673 @@ -126,8 +126,7 @@ static int journal_submit_commit_record(journal_t *journal,
6675 JBUFFER_TRACE(descriptor, "submit commit block");
6678 - set_buffer_dirty(bh);
6679 + clear_buffer_dirty(bh);
6680 set_buffer_uptodate(bh);
6681 bh->b_end_io = journal_end_buffer_io_sync;
6683 @@ -160,7 +159,7 @@ static int journal_submit_commit_record(journal_t *journal,
6684 /* And try again, without the barrier */
6686 set_buffer_uptodate(bh);
6687 - set_buffer_dirty(bh);
6688 + clear_buffer_dirty(bh);
6689 ret = submit_bh(WRITE, bh);
6692 diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c
6693 index 8207a01..52d2bee 100644
6694 --- a/fs/jbd2/journal.c
6695 +++ b/fs/jbd2/journal.c
6696 @@ -901,10 +901,7 @@ static struct proc_dir_entry *proc_jbd2_stats;
6698 static void jbd2_stats_proc_init(journal_t *journal)
6700 - char name[BDEVNAME_SIZE];
6702 - bdevname(journal->j_dev, name);
6703 - journal->j_proc_entry = proc_mkdir(name, proc_jbd2_stats);
6704 + journal->j_proc_entry = proc_mkdir(journal->j_devname, proc_jbd2_stats);
6705 if (journal->j_proc_entry) {
6706 proc_create_data("history", S_IRUGO, journal->j_proc_entry,
6707 &jbd2_seq_history_fops, journal);
6708 @@ -915,12 +912,9 @@ static void jbd2_stats_proc_init(journal_t *journal)
6710 static void jbd2_stats_proc_exit(journal_t *journal)
6712 - char name[BDEVNAME_SIZE];
6714 - bdevname(journal->j_dev, name);
6715 remove_proc_entry("info", journal->j_proc_entry);
6716 remove_proc_entry("history", journal->j_proc_entry);
6717 - remove_proc_entry(name, proc_jbd2_stats);
6718 + remove_proc_entry(journal->j_devname, proc_jbd2_stats);
6721 static void journal_init_stats(journal_t *journal)
6722 @@ -1018,6 +1012,7 @@ journal_t * jbd2_journal_init_dev(struct block_device *bdev,
6724 journal_t *journal = journal_init_common();
6725 struct buffer_head *bh;
6730 @@ -1039,6 +1034,10 @@ journal_t * jbd2_journal_init_dev(struct block_device *bdev,
6731 journal->j_fs_dev = fs_dev;
6732 journal->j_blk_offset = start;
6733 journal->j_maxlen = len;
6734 + bdevname(journal->j_dev, journal->j_devname);
6735 + p = journal->j_devname;
6736 + while ((p = strchr(p, '/')))
6738 jbd2_stats_proc_init(journal);
6740 bh = __getblk(journal->j_dev, start, journal->j_blocksize);
6741 @@ -1061,6 +1060,7 @@ journal_t * jbd2_journal_init_inode (struct inode *inode)
6743 struct buffer_head *bh;
6744 journal_t *journal = journal_init_common();
6748 unsigned long long blocknr;
6749 @@ -1070,6 +1070,12 @@ journal_t * jbd2_journal_init_inode (struct inode *inode)
6751 journal->j_dev = journal->j_fs_dev = inode->i_sb->s_bdev;
6752 journal->j_inode = inode;
6753 + bdevname(journal->j_dev, journal->j_devname);
6754 + p = journal->j_devname;
6755 + while ((p = strchr(p, '/')))
6757 + p = journal->j_devname + strlen(journal->j_devname);
6758 + sprintf(p, ":%lu", journal->j_inode->i_ino);
6760 "journal %p: inode %s/%ld, size %Ld, bits %d, blksize %ld\n",
6761 journal, inode->i_sb->s_id, inode->i_ino,
6762 @@ -1253,6 +1259,22 @@ void jbd2_journal_update_superblock(journal_t *journal, int wait)
6766 + if (buffer_write_io_error(bh)) {
6768 + * Oh, dear. A previous attempt to write the journal
6769 + * superblock failed. This could happen because the
6770 + * USB device was yanked out. Or it could happen to
6771 + * be a transient write error and maybe the block will
6772 + * be remapped. Nothing we can do but to retry the
6773 + * write and hope for the best.
6775 + printk(KERN_ERR "JBD2: previous I/O error detected "
6776 + "for journal superblock update for %s.\n",
6777 + journal->j_devname);
6778 + clear_buffer_write_io_error(bh);
6779 + set_buffer_uptodate(bh);
6782 spin_lock(&journal->j_state_lock);
6783 jbd_debug(1,"JBD: updating superblock (start %ld, seq %d, errno %d)\n",
6784 journal->j_tail, journal->j_tail_sequence, journal->j_errno);
6785 @@ -1264,9 +1286,16 @@ void jbd2_journal_update_superblock(journal_t *journal, int wait)
6787 BUFFER_TRACE(bh, "marking dirty");
6788 mark_buffer_dirty(bh);
6791 sync_dirty_buffer(bh);
6793 + if (buffer_write_io_error(bh)) {
6794 + printk(KERN_ERR "JBD2: I/O error detected "
6795 + "when updating journal superblock for %s.\n",
6796 + journal->j_devname);
6797 + clear_buffer_write_io_error(bh);
6798 + set_buffer_uptodate(bh);
6801 ll_rw_block(SWRITE, 1, &bh);
6804 diff --git a/include/asm-x86/mmzone_32.h b/include/asm-x86/mmzone_32.h
6805 index 5862e64..eb77583 100644
6806 --- a/include/asm-x86/mmzone_32.h
6807 +++ b/include/asm-x86/mmzone_32.h
6808 @@ -34,10 +34,14 @@ static inline void get_memcfg_numa(void)
6810 extern int early_pfn_to_nid(unsigned long pfn);
6812 +extern void resume_map_numa_kva(pgd_t *pgd);
6814 #else /* !CONFIG_NUMA */
6816 #define get_memcfg_numa get_memcfg_numa_flat
6818 +static inline void resume_map_numa_kva(pgd_t *pgd) {}
6820 #endif /* CONFIG_NUMA */
6822 #ifdef CONFIG_DISCONTIGMEM
6823 diff --git a/include/asm-x86/pci_64.h b/include/asm-x86/pci_64.h
6824 index f330234..50d3df5 100644
6825 --- a/include/asm-x86/pci_64.h
6826 +++ b/include/asm-x86/pci_64.h
6827 @@ -34,8 +34,6 @@ extern void pci_iommu_alloc(void);
6829 #define PCI_DMA_BUS_IS_PHYS (dma_ops->is_phys)
6831 -#if defined(CONFIG_GART_IOMMU) || defined(CONFIG_CALGARY_IOMMU)
6833 #define DECLARE_PCI_UNMAP_ADDR(ADDR_NAME) \
6834 dma_addr_t ADDR_NAME;
6835 #define DECLARE_PCI_UNMAP_LEN(LEN_NAME) \
6836 @@ -49,18 +47,6 @@ extern void pci_iommu_alloc(void);
6837 #define pci_unmap_len_set(PTR, LEN_NAME, VAL) \
6838 (((PTR)->LEN_NAME) = (VAL))
6843 -#define DECLARE_PCI_UNMAP_ADDR(ADDR_NAME)
6844 -#define DECLARE_PCI_UNMAP_LEN(LEN_NAME)
6845 -#define pci_unmap_addr(PTR, ADDR_NAME) (0)
6846 -#define pci_unmap_addr_set(PTR, ADDR_NAME, VAL) do { } while (0)
6847 -#define pci_unmap_len(PTR, LEN_NAME) (0)
6848 -#define pci_unmap_len_set(PTR, LEN_NAME, VAL) do { } while (0)
6852 #endif /* __KERNEL__ */
6854 #endif /* __x8664_PCI_H */
6855 diff --git a/include/linux/idr.h b/include/linux/idr.h
6856 index fa035f9..dd846df 100644
6857 --- a/include/linux/idr.h
6858 +++ b/include/linux/idr.h
6859 @@ -52,13 +52,14 @@ struct idr_layer {
6860 unsigned long bitmap; /* A zero bit means "space here" */
6861 struct idr_layer *ary[1<<IDR_BITS];
6862 int count; /* When zero, we can release it */
6863 + int layer; /* distance from leaf */
6864 struct rcu_head rcu_head;
6868 struct idr_layer *top;
6869 struct idr_layer *id_free;
6871 + int layers; /* only valid without concurrent changes */
6875 diff --git a/include/linux/inotify.h b/include/linux/inotify.h
6876 index bd57857..37ea289 100644
6877 --- a/include/linux/inotify.h
6878 +++ b/include/linux/inotify.h
6879 @@ -134,6 +134,8 @@ extern void inotify_remove_watch_locked(struct inotify_handle *,
6880 struct inotify_watch *);
6881 extern void get_inotify_watch(struct inotify_watch *);
6882 extern void put_inotify_watch(struct inotify_watch *);
6883 +extern int pin_inotify_watch(struct inotify_watch *);
6884 +extern void unpin_inotify_watch(struct inotify_watch *);
6888 @@ -228,6 +230,15 @@ static inline void put_inotify_watch(struct inotify_watch *watch)
6892 +extern inline int pin_inotify_watch(struct inotify_watch *watch)
6897 +extern inline void unpin_inotify_watch(struct inotify_watch *watch)
6901 #endif /* CONFIG_INOTIFY */
6903 #endif /* __KERNEL __ */
6904 diff --git a/include/linux/jbd2.h b/include/linux/jbd2.h
6905 index 3dd2090..66c3499 100644
6906 --- a/include/linux/jbd2.h
6907 +++ b/include/linux/jbd2.h
6908 @@ -850,7 +850,8 @@ struct journal_s
6910 struct block_device *j_dev;
6912 - unsigned long long j_blk_offset;
6913 + unsigned long long j_blk_offset;
6914 + char j_devname[BDEVNAME_SIZE+24];
6917 * Device which holds the client fs. For internal journal this will be
6918 diff --git a/include/linux/libata.h b/include/linux/libata.h
6919 index 225bfc5..25062ac 100644
6920 --- a/include/linux/libata.h
6921 +++ b/include/linux/libata.h
6922 @@ -364,6 +364,7 @@ enum {
6923 ATA_HORKAGE_IPM = (1 << 7), /* Link PM problems */
6924 ATA_HORKAGE_IVB = (1 << 8), /* cbl det validity bit bugs */
6925 ATA_HORKAGE_STUCK_ERR = (1 << 9), /* stuck ERR on next PACKET */
6926 + ATA_HORKAGE_FIRMWARE_WARN = (1 << 12), /* firwmare update warning */
6928 /* DMA mask for user DMA control: User visible values; DO NOT
6930 diff --git a/include/linux/pci.h b/include/linux/pci.h
6931 index 98dc624..426e029 100644
6932 --- a/include/linux/pci.h
6933 +++ b/include/linux/pci.h
6934 @@ -64,6 +64,11 @@ struct pci_slot {
6935 struct kobject kobj;
6938 +static inline const char *pci_slot_name(const struct pci_slot *slot)
6940 + return kobject_name(&slot->kobj);
6943 /* File state for mmap()s on /proc/bus/pci/X/Y */
6944 enum pci_mmap_state {
6946 @@ -509,7 +514,8 @@ struct pci_bus *pci_create_bus(struct device *parent, int bus,
6947 struct pci_bus *pci_add_new_bus(struct pci_bus *parent, struct pci_dev *dev,
6949 struct pci_slot *pci_create_slot(struct pci_bus *parent, int slot_nr,
6950 - const char *name);
6952 + struct hotplug_slot *hotplug);
6953 void pci_destroy_slot(struct pci_slot *slot);
6954 void pci_update_slot_number(struct pci_slot *slot, int slot_nr);
6955 int pci_scan_slot(struct pci_bus *bus, int devfn);
6956 diff --git a/include/linux/pci_hotplug.h b/include/linux/pci_hotplug.h
6957 index a08cd06..a00bd1a 100644
6958 --- a/include/linux/pci_hotplug.h
6959 +++ b/include/linux/pci_hotplug.h
6960 @@ -142,8 +142,6 @@ struct hotplug_slot_info {
6963 * struct hotplug_slot - used to register a physical slot with the hotplug pci core
6964 - * @name: the name of the slot being registered. This string must
6965 - * be unique amoung slots registered on this system.
6966 * @ops: pointer to the &struct hotplug_slot_ops to be used for this slot
6967 * @info: pointer to the &struct hotplug_slot_info for the initial values for
6969 @@ -153,7 +151,6 @@ struct hotplug_slot_info {
6972 struct hotplug_slot {
6974 struct hotplug_slot_ops *ops;
6975 struct hotplug_slot_info *info;
6976 void (*release) (struct hotplug_slot *slot);
6977 @@ -165,7 +162,13 @@ struct hotplug_slot {
6979 #define to_hotplug_slot(n) container_of(n, struct hotplug_slot, kobj)
6981 -extern int pci_hp_register(struct hotplug_slot *, struct pci_bus *, int nr);
6982 +static inline const char *hotplug_slot_name(const struct hotplug_slot *slot)
6984 + return pci_slot_name(slot->pci_slot);
6987 +extern int pci_hp_register(struct hotplug_slot *, struct pci_bus *, int nr,
6988 + const char *name);
6989 extern int pci_hp_deregister(struct hotplug_slot *slot);
6990 extern int __must_check pci_hp_change_slot_info (struct hotplug_slot *slot,
6991 struct hotplug_slot_info *info);
6992 diff --git a/include/linux/sched.h b/include/linux/sched.h
6993 index 6bfb849..086f5e1 100644
6994 --- a/include/linux/sched.h
6995 +++ b/include/linux/sched.h
6996 @@ -587,6 +587,10 @@ struct user_struct {
6997 atomic_t inotify_watches; /* How many inotify watches does this user have? */
6998 atomic_t inotify_devs; /* How many inotify devs does this user have opened? */
7000 +#ifdef CONFIG_EPOLL
7001 + atomic_t epoll_devs; /* The number of epoll descriptors currently open */
7002 + atomic_t epoll_watches; /* The number of file descriptors currently watched */
7004 #ifdef CONFIG_POSIX_MQUEUE
7005 /* protected by mq_lock */
7006 unsigned long mq_bytes; /* How many bytes can be allocated to mqueue? */
7007 diff --git a/include/net/af_unix.h b/include/net/af_unix.h
7008 index c29ff1d..1614d78 100644
7009 --- a/include/net/af_unix.h
7010 +++ b/include/net/af_unix.h
7012 extern void unix_inflight(struct file *fp);
7013 extern void unix_notinflight(struct file *fp);
7014 extern void unix_gc(void);
7015 +extern void wait_for_unix_gc(void);
7017 #define UNIX_HASH_SIZE 256
7019 diff --git a/ipc/util.c b/ipc/util.c
7020 index 49b3ea6..361fd1c 100644
7023 @@ -266,9 +266,17 @@ int ipc_addid(struct ipc_ids* ids, struct kern_ipc_perm* new, int size)
7024 if (ids->in_use >= size)
7027 + spin_lock_init(&new->lock);
7030 + spin_lock(&new->lock);
7032 err = idr_get_new(&ids->ipcs_idr, new, &id);
7035 + spin_unlock(&new->lock);
7036 + rcu_read_unlock();
7042 @@ -280,10 +288,6 @@ int ipc_addid(struct ipc_ids* ids, struct kern_ipc_perm* new, int size)
7045 new->id = ipc_buildid(id, new->seq);
7046 - spin_lock_init(&new->lock);
7049 - spin_lock(&new->lock);
7053 diff --git a/kernel/Makefile b/kernel/Makefile
7054 index 4e1d7df..143e8b6 100644
7055 --- a/kernel/Makefile
7056 +++ b/kernel/Makefile
7057 @@ -11,8 +11,6 @@ obj-y = sched.o fork.o exec_domain.o panic.o printk.o \
7058 hrtimer.o rwsem.o nsproxy.o srcu.o semaphore.o \
7059 notifier.o ksysfs.o pm_qos_params.o sched_clock.o
7061 -CFLAGS_REMOVE_sched.o = -mno-spe
7064 # Do not trace debug files and internal ftrace files
7065 CFLAGS_REMOVE_lockdep.o = -pg
7066 @@ -21,7 +19,7 @@ CFLAGS_REMOVE_mutex-debug.o = -pg
7067 CFLAGS_REMOVE_rtmutex-debug.o = -pg
7068 CFLAGS_REMOVE_cgroup-debug.o = -pg
7069 CFLAGS_REMOVE_sched_clock.o = -pg
7070 -CFLAGS_REMOVE_sched.o = -mno-spe -pg
7071 +CFLAGS_REMOVE_sched.o = -pg
7074 obj-$(CONFIG_PROFILING) += profile.o
7075 diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c
7076 index f7921a2..894b599 100644
7077 --- a/kernel/audit_tree.c
7078 +++ b/kernel/audit_tree.c
7079 @@ -24,6 +24,7 @@ struct audit_chunk {
7080 struct list_head trees; /* with root here */
7083 + atomic_long_t refs;
7084 struct rcu_head head;
7086 struct list_head list;
7087 @@ -56,7 +57,8 @@ static LIST_HEAD(prune_list);
7088 * tree is refcounted; one reference for "some rules on rules_list refer to
7089 * it", one for each chunk with pointer to it.
7091 - * chunk is refcounted by embedded inotify_watch.
7092 + * chunk is refcounted by embedded inotify_watch + .refs (non-zero refcount
7093 + * of watch contributes 1 to .refs).
7095 * node.index allows to get from node.list to containing chunk.
7096 * MSB of that sucker is stolen to mark taggings that we might have to
7097 @@ -121,6 +123,7 @@ static struct audit_chunk *alloc_chunk(int count)
7098 INIT_LIST_HEAD(&chunk->hash);
7099 INIT_LIST_HEAD(&chunk->trees);
7100 chunk->count = count;
7101 + atomic_long_set(&chunk->refs, 1);
7102 for (i = 0; i < count; i++) {
7103 INIT_LIST_HEAD(&chunk->owners[i].list);
7104 chunk->owners[i].index = i;
7105 @@ -129,9 +132,8 @@ static struct audit_chunk *alloc_chunk(int count)
7109 -static void __free_chunk(struct rcu_head *rcu)
7110 +static void free_chunk(struct audit_chunk *chunk)
7112 - struct audit_chunk *chunk = container_of(rcu, struct audit_chunk, head);
7115 for (i = 0; i < chunk->count; i++) {
7116 @@ -141,14 +143,16 @@ static void __free_chunk(struct rcu_head *rcu)
7120 -static inline void free_chunk(struct audit_chunk *chunk)
7121 +void audit_put_chunk(struct audit_chunk *chunk)
7123 - call_rcu(&chunk->head, __free_chunk);
7124 + if (atomic_long_dec_and_test(&chunk->refs))
7125 + free_chunk(chunk);
7128 -void audit_put_chunk(struct audit_chunk *chunk)
7129 +static void __put_chunk(struct rcu_head *rcu)
7131 - put_inotify_watch(&chunk->watch);
7132 + struct audit_chunk *chunk = container_of(rcu, struct audit_chunk, head);
7133 + audit_put_chunk(chunk);
7136 enum {HASH_SIZE = 128};
7137 @@ -176,7 +180,7 @@ struct audit_chunk *audit_tree_lookup(const struct inode *inode)
7139 list_for_each_entry_rcu(p, list, hash) {
7140 if (p->watch.inode == inode) {
7141 - get_inotify_watch(&p->watch);
7142 + atomic_long_inc(&p->refs);
7146 @@ -194,17 +198,49 @@ int audit_tree_match(struct audit_chunk *chunk, struct audit_tree *tree)
7148 /* tagging and untagging inodes with trees */
7150 -static void untag_chunk(struct audit_chunk *chunk, struct node *p)
7151 +static struct audit_chunk *find_chunk(struct node *p)
7153 + int index = p->index & ~(1U<<31);
7155 + return container_of(p, struct audit_chunk, owners[0]);
7158 +static void untag_chunk(struct node *p)
7160 + struct audit_chunk *chunk = find_chunk(p);
7161 struct audit_chunk *new;
7162 struct audit_tree *owner;
7163 int size = chunk->count - 1;
7166 + if (!pin_inotify_watch(&chunk->watch)) {
7168 + * Filesystem is shutting down; all watches are getting
7169 + * evicted, just take it off the node list for this
7170 + * tree and let the eviction logics take care of the
7174 + if (owner->root == chunk) {
7175 + list_del_init(&owner->same_root);
7176 + owner->root = NULL;
7178 + list_del_init(&p->list);
7184 + spin_unlock(&hash_lock);
7187 + * pin_inotify_watch() succeeded, so the watch won't go away
7190 mutex_lock(&chunk->watch.inode->inotify_mutex);
7192 mutex_unlock(&chunk->watch.inode->inotify_mutex);
7198 @@ -221,7 +257,7 @@ static void untag_chunk(struct audit_chunk *chunk, struct node *p)
7199 inotify_evict_watch(&chunk->watch);
7200 mutex_unlock(&chunk->watch.inode->inotify_mutex);
7201 put_inotify_watch(&chunk->watch);
7206 new = alloc_chunk(size);
7207 @@ -263,7 +299,7 @@ static void untag_chunk(struct audit_chunk *chunk, struct node *p)
7208 inotify_evict_watch(&chunk->watch);
7209 mutex_unlock(&chunk->watch.inode->inotify_mutex);
7210 put_inotify_watch(&chunk->watch);
7215 // do the best we can
7216 @@ -277,6 +313,9 @@ Fallback:
7218 spin_unlock(&hash_lock);
7219 mutex_unlock(&chunk->watch.inode->inotify_mutex);
7221 + unpin_inotify_watch(&chunk->watch);
7222 + spin_lock(&hash_lock);
7225 static int create_chunk(struct inode *inode, struct audit_tree *tree)
7226 @@ -387,13 +426,6 @@ static int tag_chunk(struct inode *inode, struct audit_tree *tree)
7230 -static struct audit_chunk *find_chunk(struct node *p)
7232 - int index = p->index & ~(1U<<31);
7234 - return container_of(p, struct audit_chunk, owners[0]);
7237 static void kill_rules(struct audit_tree *tree)
7239 struct audit_krule *rule, *next;
7240 @@ -431,17 +463,10 @@ static void prune_one(struct audit_tree *victim)
7241 spin_lock(&hash_lock);
7242 while (!list_empty(&victim->chunks)) {
7244 - struct audit_chunk *chunk;
7246 p = list_entry(victim->chunks.next, struct node, list);
7247 - chunk = find_chunk(p);
7248 - get_inotify_watch(&chunk->watch);
7249 - spin_unlock(&hash_lock);
7251 - untag_chunk(chunk, p);
7253 - put_inotify_watch(&chunk->watch);
7254 - spin_lock(&hash_lock);
7257 spin_unlock(&hash_lock);
7259 @@ -469,7 +494,6 @@ static void trim_marked(struct audit_tree *tree)
7261 while (!list_empty(&tree->chunks)) {
7263 - struct audit_chunk *chunk;
7265 node = list_entry(tree->chunks.next, struct node, list);
7267 @@ -477,14 +501,7 @@ static void trim_marked(struct audit_tree *tree)
7268 if (!(node->index & (1U<<31)))
7271 - chunk = find_chunk(node);
7272 - get_inotify_watch(&chunk->watch);
7273 - spin_unlock(&hash_lock);
7275 - untag_chunk(chunk, node);
7277 - put_inotify_watch(&chunk->watch);
7278 - spin_lock(&hash_lock);
7279 + untag_chunk(node);
7281 if (!tree->root && !tree->goner) {
7283 @@ -878,7 +895,7 @@ static void handle_event(struct inotify_watch *watch, u32 wd, u32 mask,
7284 static void destroy_watch(struct inotify_watch *watch)
7286 struct audit_chunk *chunk = container_of(watch, struct audit_chunk, watch);
7287 - free_chunk(chunk);
7288 + call_rcu(&chunk->head, __put_chunk);
7291 static const struct inotify_operations rtree_inotify_ops = {
7292 diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
7293 index b7d354e..9fd85a4 100644
7294 --- a/kernel/auditfilter.c
7295 +++ b/kernel/auditfilter.c
7296 @@ -1094,8 +1094,8 @@ static void audit_inotify_unregister(struct list_head *in_list)
7297 list_for_each_entry_safe(p, n, in_list, ilist) {
7298 list_del(&p->ilist);
7299 inotify_rm_watch(audit_ih, &p->wdata);
7300 - /* the put matching the get in audit_do_del_rule() */
7301 - put_inotify_watch(&p->wdata);
7302 + /* the unpin matching the pin in audit_do_del_rule() */
7303 + unpin_inotify_watch(&p->wdata);
7307 @@ -1389,9 +1389,13 @@ static inline int audit_del_rule(struct audit_entry *entry,
7308 /* Put parent on the inotify un-registration
7309 * list. Grab a reference before releasing
7310 * audit_filter_mutex, to be released in
7311 - * audit_inotify_unregister(). */
7312 - list_add(&parent->ilist, &inotify_list);
7313 - get_inotify_watch(&parent->wdata);
7314 + * audit_inotify_unregister().
7315 + * If filesystem is going away, just leave
7316 + * the sucker alone, eviction will take
7319 + if (pin_inotify_watch(&parent->wdata))
7320 + list_add(&parent->ilist, &inotify_list);
7324 diff --git a/kernel/cgroup.c b/kernel/cgroup.c
7325 index d68bf2b..0ba3a5a 100644
7326 --- a/kernel/cgroup.c
7327 +++ b/kernel/cgroup.c
7328 @@ -2045,10 +2045,13 @@ int cgroupstats_build(struct cgroupstats *stats, struct dentry *dentry)
7329 struct cgroup *cgrp;
7330 struct cgroup_iter it;
7331 struct task_struct *tsk;
7334 - * Validate dentry by checking the superblock operations
7335 + * Validate dentry by checking the superblock operations,
7336 + * and make sure it's a directory.
7338 - if (dentry->d_sb->s_op != &cgroup_ops)
7339 + if (dentry->d_sb->s_op != &cgroup_ops ||
7340 + !S_ISDIR(dentry->d_inode->i_mode))
7344 diff --git a/kernel/cpuset.c b/kernel/cpuset.c
7345 index 827cd9a..fbda85d 100644
7346 --- a/kernel/cpuset.c
7347 +++ b/kernel/cpuset.c
7348 @@ -587,7 +587,6 @@ static int generate_sched_domains(cpumask_t **domains,
7349 int ndoms; /* number of sched domains in result */
7350 int nslot; /* next empty doms[] cpumask_t slot */
7356 @@ -674,10 +673,8 @@ restart:
7357 * Convert <csn, csa> to <ndoms, doms> and populate cpu masks.
7359 doms = kmalloc(ndoms * sizeof(cpumask_t), GFP_KERNEL);
7367 * The rest of the code, including the scheduler, can deal with
7368 @@ -732,6 +729,13 @@ restart:
7373 + * Fallback to the default domain if kmalloc() failed.
7374 + * See comments in partition_sched_domains().
7380 *attributes = dattr;
7382 diff --git a/kernel/sched.c b/kernel/sched.c
7383 index ad1962d..a992cbe 100644
7384 --- a/kernel/sched.c
7385 +++ b/kernel/sched.c
7386 @@ -7692,13 +7692,14 @@ static int dattrs_equal(struct sched_domain_attr *cur, int idx_cur,
7388 * The passed in 'doms_new' should be kmalloc'd. This routine takes
7389 * ownership of it and will kfree it when done with it. If the caller
7390 - * failed the kmalloc call, then it can pass in doms_new == NULL,
7391 - * and partition_sched_domains() will fallback to the single partition
7392 - * 'fallback_doms', it also forces the domains to be rebuilt.
7393 + * failed the kmalloc call, then it can pass in doms_new == NULL &&
7394 + * ndoms_new == 1, and partition_sched_domains() will fallback to
7395 + * the single partition 'fallback_doms', it also forces the domains
7398 - * If doms_new==NULL it will be replaced with cpu_online_map.
7399 - * ndoms_new==0 is a special case for destroying existing domains.
7400 - * It will not create the default domain.
7401 + * If doms_new == NULL it will be replaced with cpu_online_map.
7402 + * ndoms_new == 0 is a special case for destroying existing domains,
7403 + * and it will not create the default domain.
7405 * Call with hotplug lock held
7407 diff --git a/kernel/sysctl.c b/kernel/sysctl.c
7408 index 50ec088..6ffbed2 100644
7409 --- a/kernel/sysctl.c
7410 +++ b/kernel/sysctl.c
7411 @@ -179,6 +179,9 @@ extern struct ctl_table random_table[];
7412 #ifdef CONFIG_INOTIFY_USER
7413 extern struct ctl_table inotify_table[];
7415 +#ifdef CONFIG_EPOLL
7416 +extern struct ctl_table epoll_table[];
7419 #ifdef HAVE_ARCH_PICK_MMAP_LAYOUT
7420 int sysctl_legacy_va_layout;
7421 @@ -1313,6 +1316,13 @@ static struct ctl_table fs_table[] = {
7422 .child = inotify_table,
7425 +#ifdef CONFIG_EPOLL
7427 + .procname = "epoll",
7429 + .child = epoll_table,
7434 .ctl_name = KERN_SETUID_DUMPABLE,
7435 diff --git a/lib/idr.c b/lib/idr.c
7436 index e728c7f..7a785a0 100644
7439 @@ -185,6 +185,7 @@ static int sub_alloc(struct idr *idp, int *starting_id, struct idr_layer **pa)
7440 new = get_from_free_list(idp);
7444 rcu_assign_pointer(p->ary[m], new);
7447 @@ -210,6 +211,7 @@ build_up:
7449 if (!(p = get_from_free_list(idp)))
7455 @@ -237,6 +239,7 @@ build_up:
7459 + new->layer = layers-1;
7460 if (p->bitmap == IDR_FULL)
7461 __set_bit(0, &new->bitmap);
7463 @@ -493,17 +496,21 @@ void *idr_find(struct idr *idp, int id)
7465 struct idr_layer *p;
7467 - n = idp->layers * IDR_BITS;
7468 p = rcu_dereference(idp->top);
7471 + n = (p->layer+1) * IDR_BITS;
7473 /* Mask off upper bits we don't use for the search. */
7480 while (n > 0 && p) {
7482 + BUG_ON(n != p->layer*IDR_BITS);
7483 p = rcu_dereference(p->ary[(id >> n) & IDR_MASK]);
7486 @@ -582,8 +589,11 @@ void *idr_replace(struct idr *idp, void *ptr, int id)
7488 struct idr_layer *p, *old_p;
7490 - n = idp->layers * IDR_BITS;
7493 + return ERR_PTR(-EINVAL);
7495 + n = (p->layer+1) * IDR_BITS;
7499 diff --git a/lib/scatterlist.c b/lib/scatterlist.c
7500 index 8d2688f..b7b449d 100644
7501 --- a/lib/scatterlist.c
7502 +++ b/lib/scatterlist.c
7503 @@ -395,7 +395,7 @@ void sg_miter_stop(struct sg_mapping_iter *miter)
7504 WARN_ON(!irqs_disabled());
7505 kunmap_atomic(miter->addr, KM_BIO_SRC_IRQ);
7507 - kunmap(miter->addr);
7508 + kunmap(miter->page);
7512 diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
7513 index 8bde9bf..b0785ef 100644
7514 --- a/net/unix/af_unix.c
7515 +++ b/net/unix/af_unix.c
7516 @@ -1341,6 +1341,7 @@ static int unix_dgram_sendmsg(struct kiocb *kiocb, struct socket *sock,
7518 if (NULL == siocb->scm)
7519 siocb->scm = &tmp_scm;
7520 + wait_for_unix_gc();
7521 err = scm_send(sock, msg, siocb->scm);
7524 @@ -1491,6 +1492,7 @@ static int unix_stream_sendmsg(struct kiocb *kiocb, struct socket *sock,
7526 if (NULL == siocb->scm)
7527 siocb->scm = &tmp_scm;
7528 + wait_for_unix_gc();
7529 err = scm_send(sock, msg, siocb->scm);
7532 diff --git a/net/unix/garbage.c b/net/unix/garbage.c
7533 index 6d4a9a8..abb3ab3 100644
7534 --- a/net/unix/garbage.c
7535 +++ b/net/unix/garbage.c
7537 #include <linux/file.h>
7538 #include <linux/proc_fs.h>
7539 #include <linux/mutex.h>
7540 +#include <linux/wait.h>
7542 #include <net/sock.h>
7543 #include <net/af_unix.h>
7545 static LIST_HEAD(gc_inflight_list);
7546 static LIST_HEAD(gc_candidates);
7547 static DEFINE_SPINLOCK(unix_gc_lock);
7548 +static DECLARE_WAIT_QUEUE_HEAD(unix_gc_wait);
7550 unsigned int unix_tot_inflight;
7552 @@ -266,12 +268,16 @@ static void inc_inflight_move_tail(struct unix_sock *u)
7553 list_move_tail(&u->link, &gc_candidates);
7556 -/* The external entry point: unix_gc() */
7557 +static bool gc_in_progress = false;
7560 +void wait_for_unix_gc(void)
7562 - static bool gc_in_progress = false;
7563 + wait_event(unix_gc_wait, gc_in_progress == false);
7566 +/* The external entry point: unix_gc() */
7569 struct unix_sock *u;
7570 struct unix_sock *next;
7571 struct sk_buff_head hitlist;
7572 @@ -376,6 +382,7 @@ void unix_gc(void)
7573 /* All candidates should have been detached by now. */
7574 BUG_ON(!list_empty(&gc_candidates));
7575 gc_in_progress = false;
7576 + wake_up(&unix_gc_wait);
7579 spin_unlock(&unix_gc_lock);
projects / ipfire-2.x.git / blob