]> git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/log
mirror_ubuntu-hirsute-kernel.git
14 years agoBluetooth: fix not setting security level when creating a rfcomm session
Luiz Augusto von Dentz [Thu, 19 Aug 2010 11:06:10 +0000 (14:06 +0300)]
Bluetooth: fix not setting security level when creating a rfcomm session

This cause 'No Bonding' to be used if userspace has not yet been paired
with remote device since the l2cap socket used to create the rfcomm
session does not have any security level set.

Signed-off-by: Luiz Augusto von Dentz <luiz.dentz-von@nokia.com>
Acked-by: Ville Tervo <ville.tervo@nokia.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
14 years agoBluetooth: fix endianness conversion in L2CAP
Gustavo F. Padovan [Mon, 18 Oct 2010 16:25:53 +0000 (14:25 -0200)]
Bluetooth: fix endianness conversion in L2CAP

Last commit added a wrong endianness conversion. Fixing that.

Reported-by: Harvey Harrison <harvey.harrison@gmail.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
14 years agoBluetooth: fix unaligned access to l2cap conf data
steven miao [Sat, 16 Oct 2010 22:29:47 +0000 (18:29 -0400)]
Bluetooth: fix unaligned access to l2cap conf data

In function l2cap_get_conf_opt() and l2cap_add_conf_opt() the address of
opt->val sometimes is not at the edge of 2-bytes/4-bytes, so 2-bytes/4 bytes
access will cause data misalignment exeception.  Use get_unaligned_le16/32
and put_unaligned_le16/32 function to avoid data misalignment execption.

Signed-off-by: steven miao <realmz6@gmail.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
14 years agoBluetooth: Enable USB autosuspend by default on btusb
Matthew Garrett [Thu, 16 Sep 2010 17:58:15 +0000 (13:58 -0400)]
Bluetooth: Enable USB autosuspend by default on btusb

We've done this for a while in Fedora without any obvious problems other
than some interaction with input devices. Those should be fixed now, so
let's try this in mainline.

Signed-off-by: Matthew Garrett <mjg@redhat.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
14 years agoBluetooth: Fix non-SSP auth request for HIGH security level sockets
Johan Hedberg [Fri, 15 Oct 2010 07:46:09 +0000 (10:46 +0300)]
Bluetooth: Fix non-SSP auth request for HIGH security level sockets

When initiating dedicated bonding a L2CAP raw socket with HIGH security
level is used. The kernel is supposed to trigger the authentication
request in this case but this doesn't happen currently for non-SSP
(pre-2.1) devices. The reason is that the authentication request happens
in the remote extended features callback which never gets called for
non-SSP devices. This patch fixes the issue by requesting also
authentiation in the (normal) remote features callback in the case of
non-SSP devices.

This rule is applied only for HIGH security level which might at first
seem unintuitive since on the server socket side MEDIUM is already
enough for authentication. However, for the clients we really want to
prefer the server side to decide the authentication requrement in most
cases, and since most client sockets use MEDIUM it's better to be
avoided on the kernel side for these sockets. The important socket to
request it for is the dedicated bonding one and that socket uses HIGH
security level.

The patch is based on the initial investigation and patch proposal from
Andrei Emeltchenko <endrei.emeltchenko@nokia.com>.

Signed-off-by: Johan Hedberg <johan.hedberg@nokia.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
14 years agoBluetooth: fix hidp kconfig dependency warning
Randy Dunlap [Thu, 14 Oct 2010 01:16:52 +0000 (18:16 -0700)]
Bluetooth: fix hidp kconfig dependency warning

Fix kconfig dependency warning to satisfy dependencies:

warning: (BT_HIDP && NET && BT && BT_L2CAP && INPUT || USB_HID && HID_SUPPORT && USB && INPUT) selects HID which has unmet direct dependencies (HID_SUPPORT && INPUT)

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Acked-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
14 years agoath9k_hw: Fix memory leak on ath9k_hw_rf_alloc_ext_banks failure
Rajkumar Manoharan [Mon, 8 Nov 2010 15:10:53 +0000 (20:40 +0530)]
ath9k_hw: Fix memory leak on ath9k_hw_rf_alloc_ext_banks failure

The allocated externel radio banks have to be freed in
case of ath9k_hw_rf_alloc_ext_banks failure.

Cc: stable@kernel.org
Signed-off-by: Rajkumar Manoharan <rmanoharan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k_htc: Fix probe failure if CONFIG_USB_DEBUG enabled
Rajkumar Manoharan [Mon, 8 Nov 2010 07:19:12 +0000 (12:49 +0530)]
ath9k_htc: Fix probe failure if CONFIG_USB_DEBUG enabled

Since the endpoint descriptors (EP3 & EP4) were changed from Interrupt
to Bulk type by firmware, the urb submission done on Bulk pipes.
And the recent commit "check the endpoint type against the pipe type"
added aditional error checking against pipe types under CONFIG_USB_DEBUG.

So bmAttribute has to be updated for both EP3 & EP4 before submitting
urbs on that pipe. This patch resolves the following failure.

[ 2215.710936] usb 1-1: usb_probe_device
[ 2215.710945] usb 1-1: configuration #1 chosen from 1 choice
[ 2215.711152] usb 1-1: adding 1-1:1.0 (config #1, interface 0)
[ 2215.711252] ath9k_hif_usb 1-1:1.0: usb_probe_interface
[ 2215.711255] ath9k_hif_usb 1-1:1.0: usb_probe_interface - got id
[ 2215.712780] usb 1-1: BOGUS urb xfer, pipe 3 != type 1
[ 2215.713782] usb 1-1: ath9k_htc: Unable to allocate URBs
[ 2215.713801] ath9k_hif_usb: probe of 1-1:1.0 failed with error -22

Reported-by: Ming Lei <tom.leiming@gmail.com>
Signed-off-by: Rajkumar Manoharan <rmanoharan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k_htc: Add support for device ID 3346
Haitao Zhang [Sun, 7 Nov 2010 04:50:24 +0000 (12:50 +0800)]
ath9k_htc: Add support for device ID 3346

This patch adds support for USB dongle with device ID 3346 from IMC Networks.

Signed-off-by: Haitao Zhang <minipanda@linuxrobot.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k_hw: Fix AR9280 surprise removal during frequent idle on/off
Vasanthakumar Thiagarajan [Fri, 5 Nov 2010 00:41:25 +0000 (17:41 -0700)]
ath9k_hw: Fix AR9280 surprise removal during frequent idle on/off

Bit 22 of AR_WA should be set to fix the situation where chip reset
is asynchronous to clock of analog shift registers, such that when
reset is released, it could mess up the values of analog shift registers
and cause some hw issue on AR9280.

This bit is write only, but the driver does a read-modify-write
on AR_WA without setting bit 22 in ar9002_hw_configpcipowersave()
during radio disable. This causes surprise removal of hw. It can
never recover from this state and the hw will become usable only
after a power on/off cycle, and sometimes only during a cold reboot.

This issue can be triggered by doing frequent roaming with the
simple/test-roam script available from the wifi-test project [1]
when roaming between APs quickly. When roaming there is a is a high
possibility that the device being put into idle (radio disable) state
by mac80211 during AUTH->ASSOC. A device hardware reset would fail
and the kernel would output:

[40251.363799] ath: AWAKE -> FULL-SLEEP
[40251.363815] ieee80211 phy17: device no longer idle - working
[40251.363817] ath: Marking phy17 as not-idle
[40251.363819] ath: FULL-SLEEP -> AWAKE
[40251.415978] pciehp 0000:00:1c.3:pcie04: Card not present on Slot(3)
[40251.419896] ath: ah->misc_mode 0x4
[40251.428138] pciehp 0000:00:1c.3:pcie04: Card present on Slot(3)
[40251.532247] ath: timeout (100000 us) on reg 0x9860: 0xffffffff & 0x00000001 != 0x00000000
[40251.532250] ath: Unable to reset channel (2462 MHz), reset status -5
[40251.532422] ath: Set channel: 5745 MHz
[40251.540639] ath: Failed to stop TX DMA in 100 msec after killing last frame
[40251.548826] ath: Failed to stop TX DMA in 100 msec after killing last frame
[40251.557023] ath: Failed to stop TX DMA in 100 msec after killing last frame
[40251.565211] ath: Failed to stop TX DMA in 100 msec after killing last frame
[40251.573415] ath: Failed to stop TX DMA in 100 msec after killing last frame
[40251.581603] ath: Failed to stop TX DMA in 100 msec after killing last frame
[40251.581606] ath: Failed to stop TX DMA. Resetting hardware!
[40251.592679] ath: DMA failed to stop in 10 ms AR_CR=0xffffffff AR_DIAG_SW=0xffffffff
[40251.703330] ath: timeout (100000 us) on reg 0x7000: 0xffffffff & 0x00000003 != 0x00000000
[40251.703333] ath: RTC stuck in MAC reset
[40251.703334] ath: Chip reset failed
[40251.703335] ath: Unable to reset hardware; reset status -22

This is currently only reproducible with some HB92 (Half Mini-PCIE)
cards but the fix applies to all AR9280 cards. This patch fixes this
issue by setting bit 22 during radio disable.

This patch has fixes for all kernels that has ath9k.

[1] http://wireless.kernel.org/en/developers/Testing/wifi-test

Cc: kyungwan.nam@atheros.com
Cc: amod.bodas@atheros.com
Cc: david.quan@atheros.com
Cc: stable@kernel.org
Signed-off-by: Vasanthakumar Thiagarajan <vasanth@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agolibertas: terminate scan when stopping interface
Daniel Drake [Thu, 4 Nov 2010 21:21:52 +0000 (21:21 +0000)]
libertas: terminate scan when stopping interface

There are currently no provisions in place to ensure that the scanning
task has been stopped when the interface is stopped or removed.

This can result in a WARNING at net/wireless/core.c:643 and other badness
when you remove the module while a scan is happening.

Terminate the scanning task during interface stop.

Signed-off-by: Daniel Drake <dsd@laptop.org>
Acked-by: Dan Williams <dcbw@redhat.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agomac80211: unset SDATA_STATE_OFFCHANNEL when cancelling a scan
Brian Cavagnolo [Thu, 4 Nov 2010 23:59:28 +0000 (16:59 -0700)]
mac80211: unset SDATA_STATE_OFFCHANNEL when cancelling a scan

For client STA interfaces, ieee80211_do_stop unsets the relevant
interface's SDATA_STATE_RUNNING state bit prior to cancelling an
interrupted scan.  When ieee80211_offchannel_return is invoked as
part of cancelling the scan, it doesn't bother unsetting the
SDATA_STATE_OFFCHANNEL bit because it sees that the interface is
down.  Normally this doesn't matter because when the client STA
interface is brought back up, it will probably issue a scan.  But
in some cases (e.g., the user changes the interface type while it
is down), the SDATA_STATE_OFFCHANNEL bit will remain set.  This
prevents the interface queues from being started.  So we
cancel the scan before unsetting the SDATA_STATE_RUNNING bit.

Signed-off-by: Brian Cavagnolo <brian@cozybit.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: check old power mode before clearing cycle counters
Felix Fietkau [Wed, 3 Nov 2010 00:36:51 +0000 (01:36 +0100)]
ath9k: check old power mode before clearing cycle counters

ath9k_ps_wakeup() clears the cycle counters after waking up the
hardware using ath9k_hw_setpower, however if power save is disabled,
then the counters will contain useful data, which then gets discarded.
Fix this by checking the old power mode before discarding any data.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agocfg80211: fix a crash in dev lookup on dump commands
Felix Fietkau [Sun, 31 Oct 2010 14:31:54 +0000 (15:31 +0100)]
cfg80211: fix a crash in dev lookup on dump commands

IS_ERR and PTR_ERR were called with the wrong pointer, leading to a
crash when cfg80211_get_dev_from_ifindex fails.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agocarl9170: usbid table updates
Christian Lamparter [Sat, 30 Oct 2010 17:46:37 +0000 (19:46 +0200)]
carl9170: usbid table updates

This patch includes the following updates:
 * add D-Link DWA-130 Rev D
 * Netgear has three WNDA3100 versions.
   the original WNDA3100 is now called WNDA3100v1.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: Fix a DMA latency issue for Intel Pinetrail platforms.
Vivek Natarajan [Sat, 30 Oct 2010 16:35:13 +0000 (22:05 +0530)]
ath9k: Fix a DMA latency issue for Intel Pinetrail platforms.

Throughput was severely affected in Intel Pinetrail platforms
because of a DMA problem in C3 state. This patch fixes this
issue.

Signed-off-by: Vivek Natarajan <vnatarajan@atheros.com>
CC: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: Avoid HW opmode overridden on monitor mode changes
Rajkumar Manoharan [Wed, 27 Oct 2010 13:01:15 +0000 (18:31 +0530)]
ath9k: Avoid HW opmode overridden on monitor mode changes

The HW opmode is blindly set to monitor type on monitor mode
change notification. This overrides the opmode when one of the
interfaces is still running as non-monitor iftype. So the monitoring
information needs to be maintained seperately.

Signed-off-by: Rajkumar Manoharan <rmanoharan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agolibipw: fix proc entry removal
Linus Torvalds [Mon, 8 Nov 2010 21:27:12 +0000 (16:27 -0500)]
libipw: fix proc entry removal

This bug seems to be due to commit 27ae60f8f7aac ("ipw2x00: replace
"ieee80211" with "libipw" where appropriate"), where Pavel did this:

-       libipw_proc = proc_mkdir(DRV_NAME, init_net.proc_net);
+       libipw_proc = proc_mkdir("ieee80211", init_net.proc_net);

but then the cleanup was kept as

        remove_proc_entry(DRV_NAME, init_net.proc_net);

in both places (both in the failure case and in the unload case). The
error string is also total crap, and says

     "Unable to create " DRV_NAME " proc directory\n");

Even though it doesn't actually create a proc directory named DRV_NAME at all.

So that patch looks like total and utter crap to me. The commit message says

  "Keep /proc/net/ieee80211 under the original name to avoid breaking user
    interface."

but the thing is, it really didn't fix anything but that one create
thing. It needs to fix all the other cases too.

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Tested-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agob43: Fix warning at drivers/mmc/core/core.c:237 in mmc_wait_for_cmd
Larry Finger [Thu, 28 Oct 2010 15:43:26 +0000 (10:43 -0500)]
b43: Fix warning at drivers/mmc/core/core.c:237 in mmc_wait_for_cmd

On module removal, the sdio version of b43 generates the following warning:

[  851.560519] ------------[ cut here ]------------
[  851.560531] WARNING: at drivers/mmc/core/core.c:237 mmc_wait_for_cmd+0x88/0x90()
[  851.560534] Hardware name: 20552PG
[  851.560536] Modules linked in: b43(-) ssb mmc_block binfmt_misc rfcomm sco bnep ppdev l2cap ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT xt_tcpudp iptable_filter ip_tables x_tables bridge stp kvm_intel kvm arc4 iwlagn snd_hda_codec_conexant snd_hda_intel snd_hda_codec iwlcore snd_hwdep snd_pcm thinkpad_acpi mac80211 snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq r852 joydev snd_timer sm_common pcmcia nand snd_seq_device cfg80211 sdhci_pci btusb psmouse tpm_tis yenta_socket nand_ids lp snd pcmcia_rsrc nand_ecc bluetooth sdhci tpm pcmcia_core parport mtd snd_page_alloc serio_raw tpm_bios soundcore nvram led_class sha256_generic aes_i586 aes_generic dm_crypt i915 drm_kms_helper drm ahci intel_agp i2c_algo_bit intel_gtt e1000e libahci video agpgart output
[  851.560620] Pid: 2504, comm: rmmod Not tainted 2.6.36-titan0+ #1
[  851.560622] Call Trace:
[  851.560631]  [<c014a102>] warn_slowpath_common+0x72/0xa0
[  851.560636]  [<c04d94c8>] ? mmc_wait_for_cmd+0x88/0x90
[  851.560641]  [<c04d94c8>] ? mmc_wait_for_cmd+0x88/0x90
[  851.560645]  [<c014a152>] warn_slowpath_null+0x22/0x30
[  851.560649]  [<c04d94c8>] mmc_wait_for_cmd+0x88/0x90
[  851.560655]  [<c0401585>] ? device_release+0x25/0x80
[  851.560660]  [<c04df210>] mmc_io_rw_direct_host+0xa0/0x150
[  851.560665]  [<c04df370>] mmc_io_rw_direct+0x30/0x40
[  851.560669]  [<c04e06e7>] sdio_disable_func+0x37/0xa0
[  851.560683]  [<f8dfcb80>] b43_sdio_remove+0x30/0x50 [b43]
[  851.560687]  [<c04df8cc>] sdio_bus_remove+0x1c/0x60
[  851.560692]  [<c016d39f>] ? blocking_notifier_call_chain+0x1f/0x30
[  851.560697]  [<c0404991>] __device_release_driver+0x51/0xb0
[  851.560701]  [<c0404a7f>] driver_detach+0x8f/0xa0
[  851.560705]  [<c0403c83>] bus_remove_driver+0x63/0xa0
[  851.560709]  [<c0405039>] driver_unregister+0x49/0x80
[  851.560713]  [<c0405039>] ? driver_unregister+0x49/0x80
[  851.560718]  [<c04dfad7>] sdio_unregister_driver+0x17/0x20
[  851.560727]  [<f8dfcb42>] b43_sdio_exit+0x12/0x20 [b43]
[  851.560734]  [<f8dfe76f>] b43_exit+0x17/0x3c [b43]
[  851.560740]  [<c017fb8d>] sys_delete_module+0x13d/0x200
[  851.560747]  [<c01fd7d2>] ? do_munmap+0x212/0x300
[  851.560752]  [<c010311f>] sysenter_do_call+0x12/0x28
[  851.560757] ---[ end trace 31e14488072d2f7d ]---
[  851.560759] ------------[ cut here ]------------

The warning is caused by b43 not claiming the device before calling
sdio_disable_func().

Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Reported-by: Arnd Hannemann <arnd@arndnet.de>
Tested-by: Arnd Hannemann <arnd@arndnet.de>
Cc: Stable <stable@kernel.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agomac80211: fix failure to check kmalloc return value in key_key_read
Jesper Juhl [Fri, 29 Oct 2010 14:10:26 +0000 (16:10 +0200)]
mac80211: fix failure to check kmalloc return value in key_key_read

I noticed two small issues in mac80211/debugfs_key.c::key_key_read while
reading through the code. Patch below.

The key_key_read() function returns ssize_t and the value that's actually
returned is the return value of simple_read_from_buffer() which also
returns ssize_t, so let's hold the return value in a ssize_t local
variable rather than a int one.

Also, memory is allocated dynamically with kmalloc() which can fail, but
the return value of kmalloc() is not checked, so we may end up operating
on a null pointer further on. So check for a NULL return and bail out with
-ENOMEM in that case.

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agolibertas: Fix sd8686 firmware reload
Paul Fox [Fri, 29 Oct 2010 13:57:28 +0000 (14:57 +0100)]
libertas: Fix sd8686 firmware reload

For the SD8686, we cannot rely on the scratch register to read the firmware
load status, because the same register is used for storing RX packet length.
Broaden the check to account for this.

The module can now be unloaded/reloaded successfully.

Based on the implementation from libertas_tf.

Signed-off-by: Daniel Drake <dsd@laptop.org>
Acked-by: Dan Williams <dcbw@redhat.com>
Signed-off-by: Steve deRosier <steve@cozybit.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: Fix incorrect access of rate flags in RC
Mohammed Shafi Shajakhan [Thu, 28 Oct 2010 14:21:47 +0000 (19:51 +0530)]
ath9k: Fix incorrect access of rate flags in RC

The index variable to access the rate flags should be obtained from the
inner loop counter which corresponds to the rate table structure.This
fixes the invalid rate selection i.e when the supported basic rate is
invalid on a particular band and also the following warning message.
Thanks to Raj for finding this out.

Call Trace:

 [<ffffffff8104ee4a>] warn_slowpath_common+0x7a/0xb0

 [<ffffffff8104ee95>] warn_slowpath_null+0x15/0x20

 [<ffffffffa0583c45>] ath_get_rate+0x595/0x5b0 [ath9k]

 [<ffffffff811a0636>] ? cpumask_next_and+0x36/0x50

 [<ffffffffa0405186>] rate_control_get_rate+0x86/0x160 [mac80211]

 [<ffffffffa040dfac>] invoke_tx_handlers+0x81c/0x12d0 [mac80211]

 [<ffffffffa040eae9>] ieee80211_tx+0x89/0x2b0 [mac80211]

 [<ffffffff812891bc>] ? pskb_expand_head+0x1cc/0x1f0

 [<ffffffffa040edc5>] ieee80211_xmit+0xb5/0x1c0 [mac80211]

 [<ffffffffa041026f>] ieee80211_tx_skb+0x4f/0x60 [mac80211]

 [<ffffffffa03fe016>] ieee80211_send_nullfunc+0x46/0x60 [mac80211]

 [<ffffffffa03f91d7>] ieee80211_offchannel_stop_station+0x107/0x150
[mac80211]

 [<ffffffff812891bc>] ? pskb_expand_head+0x1cc/0x1f0

 [<ffffffffa040edc5>] ieee80211_xmit+0xb5/0x1c0 [mac80211]

 [<ffffffffa041026f>] ieee80211_tx_skb+0x4f/0x60 [mac80211]

 [<ffffffffa03fe016>] ieee80211_send_nullfunc+0x46/0x60 [mac80211]

 [<ffffffffa03f91d7>] ieee80211_offchannel_stop_station+0x107/0x150
[mac80211]

 [<ffffffffa03f8896>] ieee80211_scan_work+0x146/0x600 [mac80211]

 [<ffffffff8133a375>] ? schedule+0x2f5/0x8e0

 [<ffffffffa03f8750>] ? ieee80211_scan_work+0x0/0x600 [mac80211]

 [<ffffffff81064fcf>] process_one_work+0x10f/0x380

 [<ffffffff81066bc2>] worker_thread+0x162/0x340

 [<ffffffff81066a60>] ? worker_thread+0x0/0x340

Cc: stable@kernel.org
Signed-off-by: Mohammed Shafi Shajakhan <mshajakhan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath5k: Fix double free on hw attach error path
Jones Desougi [Wed, 27 Oct 2010 17:38:34 +0000 (19:38 +0200)]
ath5k: Fix double free on hw attach error path

If ath5k_hw_attach fails it will free sc->ah (local variable ah) before
returning. However, when it reports failure the caller (ath5k_pci_probe)
will also free sc->ah. Let the caller handle the deallocation, it does
so on further errors as well.

Signed-off-by: Jones Desougi <jones.desougi@27m.se>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agomac80211: Fix scan_ies_len to include DS Params
Jouni Malinen [Wed, 27 Oct 2010 10:40:33 +0000 (13:40 +0300)]
mac80211: Fix scan_ies_len to include DS Params

Commit 651b52254fc061f02d965524e71de4333a009a5a added DS Parameter Set
information into Probe Request frames that are transmitted on 2.4 GHz
band, but it failed to increment local->scan_ies_len to cover this new
information. This variable needs to be updated to match the maximum IE
data length so that the extra buffer need gets reduced from the driver
limit.

Signed-off-by: Jouni Malinen <j@w1.fi>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k_htc: Set proper firmware offset for Netgear WNDA3200
Rajkumar Manoharan [Wed, 27 Oct 2010 06:32:54 +0000 (12:02 +0530)]
ath9k_htc: Set proper firmware offset for Netgear WNDA3200

Netgear WNDA3200 device uses ar7010 firmware but it is failed to set
correct firmware offset on firmware download which causes device initialization
failure.

Cc: stable@kernel.org
Signed-off-by: Rajkumar Manoharan <rmanoharan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: fix tx aggregation flush on AR9003
Felix Fietkau [Wed, 27 Oct 2010 00:15:05 +0000 (02:15 +0200)]
ath9k: fix tx aggregation flush on AR9003

Completing aggregate frames can lead to new buffers being pushed into
the tid queues due to software retransmission.
When the tx queues are being drained, all pending aggregates must be
completed before the tid queues get drained, otherwise buffers might be
leaked.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Cc: stable@kernel.org
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: lock reset and PCU start/stopping
Luis R. Rodriguez [Wed, 20 Oct 2010 23:07:06 +0000 (16:07 -0700)]
ath9k: lock reset and PCU start/stopping

Apart from locking the start and stop PCU we need
to ensure we also content starting and stopping the PCU
between hardware resets.

This is part of a series that will help resolve the bug:

https://bugzilla.kernel.org/show_bug.cgi?id=14624

For more details about this issue refer to:

http://marc.info/?l=linux-wireless&m=128629803703756&w=2

Cc: stable@kernel.org
Cc: Ben Greear <greearb@candelatech.com>
Cc: Kyungwan Nam <kyungwan.nam@atheros.com>
Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
Tested-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: rename rxflushlock to pcu_lock
Luis R. Rodriguez [Wed, 20 Oct 2010 23:07:05 +0000 (16:07 -0700)]
ath9k: rename rxflushlock to pcu_lock

The real way to lock RX is to contend on the PCU
and reset, this will be fixed in the next patch but for
now just do the renames so that the next patch which changes
the locking order is crystal clear.

This is part of a series that will help resolve the bug:

https://bugzilla.kernel.org/show_bug.cgi?id=14624

For more details about this issue refer to:

http://marc.info/?l=linux-wireless&m=128629803703756&w=2

Cc: stable@kernel.org
Cc: Ben Greear <greearb@candelatech.com>
Cc: Kyungwan Nam <kyungwan.nam@atheros.com>
Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
Tested-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: add locking for starting the PCU on RX
Luis R. Rodriguez [Wed, 20 Oct 2010 23:07:04 +0000 (16:07 -0700)]
ath9k: add locking for starting the PCU on RX

There was some locking for starting some parts of
RX but not for starting the PCU. Include this otherwise
we can content against stopping the PCU.

This can potentially lead to races against different
buffers on the PCU which can lead to to the DMA RX
engine writing to buffers which are already freed.

This is part of a series that will help resolve the bug:

https://bugzilla.kernel.org/show_bug.cgi?id=14624

For more details about this issue refer to:

http://marc.info/?l=linux-wireless&m=128629803703756&w=2

Cc: stable@kernel.org
Cc: Ben Greear <greearb@candelatech.com>
Cc: Kyungwan Nam <kyungwan.nam@atheros.com>
Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
Tested-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: add locking for stopping RX
Luis R. Rodriguez [Wed, 20 Oct 2010 23:07:03 +0000 (16:07 -0700)]
ath9k: add locking for stopping RX

ath9k locks for starting RX but not for stopping RX. We could
potentially run into a situation where tried to stop RX
but immediately started RX. This allows for races on the
the RX engine deciding what buffer we last left off on
and could potentially cause ath9k to DMA into already
free'd memory or in the worst case at a later time to
already given memory to other drivers.

Fix this by locking stopping RX.

This is part of a series that will help resolve the bug:

https://bugzilla.kernel.org/show_bug.cgi?id=14624

For more details about this issue refer to:

http://marc.info/?l=linux-wireless&m=128629803703756&w=2

Cc: stable@kernel.org
Cc: Ben Greear <greearb@candelatech.com>
Cc: Kyungwan Nam <kyungwan.nam@atheros.com>
Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
Tested-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoiwlwifi: quiet a noisy printk
Don Fry [Sat, 23 Oct 2010 16:02:50 +0000 (09:02 -0700)]
iwlwifi: quiet a noisy printk

Timing issues in microcode for some devices can cause a compressed BA to
be sent to the driver prior to returning any a-MPDU notification.
Traces show RTS-CTS is exchanged and then the timer fires which causes an
empty BA to be sent which acknowledges nothing.  This results in a noisy
printk. Only print the message if the bitmap is non-zero.

Signed-off-by: Don Fry <donald.h.fry@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: resume aggregation immediately after a hardware reset
Felix Fietkau [Sat, 23 Oct 2010 15:45:38 +0000 (17:45 +0200)]
ath9k: resume aggregation immediately after a hardware reset

Since aggregation is usually triggered by tx completion, a hardware
reset (because of beacon stuck, tx hang or baseband hang) can
significantly delay the transmission of the next AMPDU (until the next
tx completion event).
Fix this by rescheduling aggregation after such a reset.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Cc: stable@kernel.org
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agocarl9170: fix scheduling while atomic
Christian Lamparter [Sat, 23 Oct 2010 13:02:02 +0000 (15:02 +0200)]
carl9170: fix scheduling while atomic

This patch fixes the following mishap:

BUG: scheduling while atomic: wpa_supplicant/4164/0x00000002
Modules linked in: carl9170 mac80211 [...]
Pid: 4164, comm: wpa_supplicant Not tainted 2.6.36-wl+ #119
Call Trace:
 [<c13779a9>] ? schedule+0x349/0x4c0
 [<c13780d6>] ? schedule_timeout+0x106/0x1e0
 [<c1037f50>] ? process_timeout+0x0/0x10
 [<c1377e8d>] ? wait_for_common+0x9d/0x140
 [<c1029110>] ? default_wake_function+0x0/0x10
 [<f80c6080>] ? carl9170_exec_cmd+0xf0/0x250 [carl9170]
 [<f80c695e>] ? carl9170_set_mac_reg+0x5e/0x70 [carl9170]
 [<f80c3f76>] ? carl9170_op_add_interface+0x176/0x310 [carl9170]
 [...]

rcu_read_unlock() call was erroneously placed after the
sync. function carl9170_mod_virtual_mac.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agomac80211: Fix ibss station got expired immediately
Rajkumar Manoharan [Sat, 23 Oct 2010 05:29:57 +0000 (10:59 +0530)]
mac80211: Fix ibss station got expired immediately

Station addition in ieee80211_ibss_rx_queued_mgmt is not updating
sta->last_rx which is causing station expiry in ieee80211_ibss_work
path. So sta addition and deletion happens repeatedly.

CC: stable@kernel.org
Signed-off-by: Rajkumar Manoharan <rmanoharan@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agob43: N-PHY: fix infinite-loop-typo
Rafał Miłecki [Fri, 22 Oct 2010 15:43:45 +0000 (17:43 +0200)]
b43: N-PHY: fix infinite-loop-typo

Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agowl1251: fix module names
Grazvydas Ignotas [Thu, 21 Oct 2010 23:23:08 +0000 (02:23 +0300)]
wl1251: fix module names

The wl1251 move accidently renamed wl1251_sdio and wl1251_spi
modules to just sdio and spi. Restore proper module names.

Signed-off-by: Grazvydas Ignotas <notasas@gmail.com>
Acked-by: Kalle Valo <kvalo@adurom.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: fix handling of rate control probe frames
Felix Fietkau [Thu, 21 Oct 2010 00:47:24 +0000 (02:47 +0200)]
ath9k: fix handling of rate control probe frames

The ath9k aggregation code was already checking the rate control probe flag
to prevent starting an aggregate frame with a sampling rate. What was missing
was closing an aggregate before adding a probing frame to it.
Without that, rate control cannot have precise control over probing, which
delays using faster rates when the channel conditions improve.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: fix crash in ath_update_survey_stats
Felix Fietkau [Wed, 20 Oct 2010 13:59:28 +0000 (15:59 +0200)]
ath9k: fix crash in ath_update_survey_stats

If ah->curchan is uninitialized, the channel index is bogus, which leads
to invalid memory access when the cycle counters are updated.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k_hw: Fix divide by zero cases in paprd.
Senthil Balasubramanian [Tue, 19 Oct 2010 14:31:41 +0000 (20:01 +0530)]
ath9k_hw: Fix divide by zero cases in paprd.

We are not handling all divide by zero cases in paprd.
Add additional checks for divide by zero cases in papard.

This patch has fixes intended for kernel 2.6.36.

Cc: stable@kernel.org
Signed-off-by: Senthil Balasubramanian <senthilkumar@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k_hw: Fix TX carrier leakage for IEEE compliance on AR9003 2.2
Luis R. Rodriguez [Tue, 19 Oct 2010 05:47:54 +0000 (22:47 -0700)]
ath9k_hw: Fix TX carrier leakage for IEEE compliance on AR9003 2.2

This updates the initvals for the AR9003 2.2 chipsets. The initvals
are the initial register values we use for our registers upon hardware
reset. This synchs up the initvals to match what our latest recommendation
from our systems engineering team.

The description of changes in this update:

        Improves ability to support very strong Rx conditions.
        Enhances DFS support for AP-mode.
        Improves performance of Tx carrier leak calibration.
        Adds support for Japan channel 14 Tx filtering requirements.
        Improves Tx power accuracy.

Impact:

        Update required to address degraded throughput at very short range.
        Update required for AP-mode DFS certification.
        Update required to comply to IEEE Tx carrier leak specification.
        May not meet expected +/- 2 dB Tx power accuracy without update.

The most important fix here would be the TX carrier leakage required
to comply with IEEE 802.11 specifications. The group of changes have
been tested all together in one release.

References:

Osprey 2.2 header file ver #33

Checksums:

$ ./initvals -f ar9003-2p2
0x000000004a488fc7        ar9300_2p2_radio_postamble
0x0000000046cb1300        ar9300Modes_lowest_ob_db_tx_gain_table_2p2
0x00000000e912711f        ar9300Modes_fast_clock_2p2
0x0000000037ac0ee8        ar9300_2p2_radio_core
0x00000000047a7700        ar9300Common_rx_gain_table_merlin_2p2
0x0000000003f783bb        ar9300_2p2_mac_postamble
0x00000000301fc841        ar9300_2p2_soc_postamble
0x000000005ec8075f        ar9200_merlin_2p2_radio_core
0x0000000083372ffa        ar9300_2p2_baseband_postamble
0x00000000c4f59974        ar9300_2p2_baseband_core
0x00000000e20d2e72        ar9300Modes_high_power_tx_gain_table_2p2
0x000000007fd55c70        ar9300Modes_high_ob_db_tx_gain_table_2p2
0x0000000029495000        ar9300Common_rx_gain_table_2p2
0x0000000042cb1300        ar9300Modes_low_ob_db_tx_gain_table_2p2
0x00000000c4739cd6        ar9300_2p2_mac_core
0x000000003521a300        ar9300Common_wo_xlna_rx_gain_table_2p2
0x00000000a15ccf1b        ar9300_2p2_soc_preamble
0x0000000029734396        ar9300PciePhy_pll_on_clkreq_disable_L1_2p2
0x000000002d834396        ar9300PciePhy_clkreq_enable_L1_2p2
0x0000000029834396        ar9300PciePhy_clkreq_disable_L1_2p2

$ ./initvals -f ar9003-2p2 | sha1sum
0ceddb5cf66737610fb51f04cf3e9ff71870c7b4  -

Cc: stable@kernel.org
Cc: Yixiang Li <yixiang.li@atheros.com>
Cc: Don Breslin <don.breslin@atheros.com>
Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agocfg80211: fix regression on processing country IEs
Luis R. Rodriguez [Tue, 19 Oct 2010 00:44:51 +0000 (17:44 -0700)]
cfg80211: fix regression on processing country IEs

The patch 4f366c5:

wireless: only use alpha2 regulatory information from country IE

removed some complex intersection we were always doing between the AP's
country IE info and what we got from CRDA. When CRDA sent us back a
regulatory domain we would do some sanity checks on that regulatory
domain response we just got. Part of these sanity checks included
checking that we already had performed an intersection for the
request of NL80211_REGDOM_SET_BY_COUNTRY_IE type.

This mean that cfg80211 was only processing country IEs for cases
where we already had an intersection, but since we removed enforcing
this this is no longer required, we should just apply the country
IE country hint with the data received from CRDA.

This patch has fixes intended for kernels >= 2.6.36.

Cc: stable@kernel.org
Reported-by: Easwar Krishnan <easwar.krishnan@atheros.com>
Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agocarl9170: fix memory leak issue in async cmd macro wrappers
Christian Lamparter [Sat, 16 Oct 2010 18:47:50 +0000 (20:47 +0200)]
carl9170: fix memory leak issue in async cmd macro wrappers

This patch continues where the previous commit:
"carl9170: fix async command buffer leak"
left off.

Similar to carl9170_reboot/carl9170_powersave, the
carl9170_async_regwrite* macros would leak the
temporary command buffer, if __carl9170_exec_cmd
fails to upload the command to the device.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agomac80211: don't sanitize invalid rates
Christian Lamparter [Sat, 16 Oct 2010 16:49:15 +0000 (18:49 +0200)]
mac80211: don't sanitize invalid rates

I found this bug while poking around with a pure-gn AP.

Commit:
cfg80211/mac80211: Use more generic bitrate mask for rate control

Added some sanity checks to ensure that each tx rate index
is included in the configured mask and it would change any
rate indexes if it wasn't.

But, the current implementation doesn't take into account
that the invalid rate index "-1" has a special meaning
(= no further attempts) and it should not be "changed".

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Cc: stable@kernel.org
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agocarl9170: fix async command buffer leak
Christian Lamparter [Fri, 15 Oct 2010 23:38:46 +0000 (01:38 +0200)]
carl9170: fix async command buffer leak

If __carl9170_exec_cmd fails to upload an asynchronous
command to the device, the functions: carl9170_reboot
and carl9170_powersave will leak the temporary command
assembly buffer.

Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath5k: Properly initialize ath_common->cc_lock.
Ben Greear [Fri, 15 Oct 2010 22:51:32 +0000 (15:51 -0700)]
ath5k: Properly initialize ath_common->cc_lock.

Otherwise, lockdep splats, at the least:

INFO: trying to register non-static key.
the code is fine but needs lockdep annotation.
turning off the locking correctness validator.
Pid: 0, comm: swapper Not tainted 2.6.36-rc8-wl+ #32
Call Trace:
 [<c075d940>] ? printk+0xf/0x17
 [<c045507a>] register_lock_class+0x5a/0x29e
 [<c0456af5>] __lock_acquire+0xa2/0xb8c
 [<c0455be2>] ? mark_lock+0x1e/0x1de
 [<c041a540>] ? acpi_get_override_irq+0x85/0x8c
 [<c0455536>] ? trace_hardirqs_off+0xb/0xd
 [<c0457639>] lock_acquire+0x5a/0x78
 [<f8126835>] ? ath5k_ani_calibration+0x24/0x52b [ath5k]
 [<c075f6ed>] _raw_spin_lock_bh+0x20/0x2f
 [<f8126835>] ? ath5k_ani_calibration+0x24/0x52b [ath5k]
 [<f8126835>] ath5k_ani_calibration+0x24/0x52b [ath5k]
 [<c0438f99>] ? tasklet_action+0x3b/0xc6
 [<f8123c2b>] ath5k_tasklet_ani+0x18/0x22 [ath5k]
 [<c0438fd1>] tasklet_action+0x73/0xc6
 [<c043945f>] __do_softirq+0x86/0x111
 [<c0439520>] do_softirq+0x36/0x5a
 [<c0439659>] irq_exit+0x35/0x69
 [<c0403fb9>] do_IRQ+0x86/0x9a
 [<c04034ee>] common_interrupt+0x2e/0x40
 [<c045007b>] ? do_adjtimex+0x223/0x55e
 [<c0408245>] ? mwait_idle+0x5c/0x6c
 [<c040227f>] cpu_idle+0x4e/0x6b
 [<c074b6e9>] rest_init+0x8d/0x92
 [<c09758ea>] start_kernel+0x320/0x325
 [<c09750d0>] i386_start_kernel+0xd0/0xd7

Signed-off-by: Ben Greear <greearb@candelatech.com>
Acked-by: Bruno Randolf <br1@einfach.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoath9k: Properly initialize ath_common->cc_lock.
Ben Greear [Fri, 15 Oct 2010 22:04:09 +0000 (15:04 -0700)]
ath9k: Properly initialize ath_common->cc_lock.

Otherwise, lockdep splats, at the least:

INFO: trying to register non-static key.
the code is fine but needs lockdep annotation.
turning off the locking correctness validator.
Pid: 2240, comm: ip Not tainted 2.6.36-rc8-wl+ #32
Call Trace:
 [<c075d940>] ? printk+0xf/0x17
 [<c045507a>] register_lock_class+0x5a/0x29e
 [<c0455be2>] ? mark_lock+0x1e/0x1de
 [<c0456af5>] __lock_acquire+0xa2/0xb8c
 [<c0455be2>] ? mark_lock+0x1e/0x1de
 [<c0457639>] lock_acquire+0x5a/0x78
 [<f8c5115b>] ? ath9k_config+0x274/0x3d8 [ath9k]
 [<c075f602>] _raw_spin_lock_irqsave+0x2f/0x3f
 [<f8c5115b>] ? ath9k_config+0x274/0x3d8 [ath9k]
 [<f8c5115b>] ath9k_config+0x274/0x3d8 [ath9k]
 [<f8c0ba2e>] ieee80211_hw_config+0x11b/0x125 [mac80211]
 [<f8c17edf>] ieee80211_do_open+0x3c5/0x466 [mac80211]
 [<f8c171d6>] ? ieee80211_check_concurrent_iface+0x21/0x13a [mac80211]
 [<f8c17fdb>] ieee80211_open+0x5b/0x5e [mac80211]
 [<c06ce76b>] __dev_open+0x80/0xae
 [<c06cc99b>] __dev_change_flags+0xa0/0x115
 [<c06ce6bf>] dev_change_flags+0x13/0x3f
 [<c06d7e78>] do_setlink+0x23a/0x51b
 [<c0455037>] ? register_lock_class+0x17/0x29e
 [<c06d847c>] rtnl_newlink+0x269/0x431
 [<c06d8291>] ? rtnl_newlink+0x7e/0x431
 [<c0455be2>] ? mark_lock+0x1e/0x1de
 [<c0455de9>] ? mark_held_locks+0x47/0x5f
 [<c075ebcf>] ? __mutex_lock_common+0x2bb/0x2d6
 [<c0456045>] ? trace_hardirqs_on_caller+0x104/0x125
 [<c075ebe0>] ? __mutex_lock_common+0x2cc/0x2d6
 [<c06d8213>] ? rtnl_newlink+0x0/0x431
 [<c06d79e2>] rtnetlink_rcv_msg+0x182/0x198
 [<c06d7860>] ? rtnetlink_rcv_msg+0x0/0x198
 [<c06e503c>] netlink_rcv_skb+0x30/0x77
 [<c06d7859>] rtnetlink_rcv+0x1b/0x22
 [<c06e4e77>] netlink_unicast+0xbe/0x119
 [<c06e5a15>] netlink_sendmsg+0x234/0x24c
 [<c06bf93a>] __sock_sendmsg+0x51/0x5a
 [<c06bfba4>] sock_sendmsg+0x93/0xa7
 [<c04968cf>] ? might_fault+0x47/0x81
 [<c0496904>] ? might_fault+0x7c/0x81
 [<c06c7904>] ? copy_from_user+0x8/0xa
 [<c06c7c2d>] ? verify_iovec+0x3e/0x6d
 [<c06bfd8c>] sys_sendmsg+0x149/0x193
 [<c0455037>] ? register_lock_class+0x17/0x29e
 [<c0455be2>] ? mark_lock+0x1e/0x1de
 [<c0498d7a>] ? __do_fault+0x1fc/0x3a5
 [<c048690a>] ? unlock_page+0x40/0x43
 [<c0498ef7>] ? __do_fault+0x379/0x3a5
 [<c04576dd>] ? lock_release_non_nested+0x86/0x1d8
 [<c04968cf>] ? might_fault+0x47/0x81
 [<c04968cf>] ? might_fault+0x47/0x81
 [<c06c148b>] sys_socketcall+0x15e/0x1a5
 [<c0402f1c>] sysenter_do_call+0x12/0x38

Signed-off-by: Ben Greear <greearb@candelatech.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agomac80211: cancel restart_work explicitly instead of depending on flush_scheduled_work()
Tejun Heo [Fri, 15 Oct 2010 15:35:28 +0000 (17:35 +0200)]
mac80211: cancel restart_work explicitly instead of depending on flush_scheduled_work()

iee80211_hw->restart_work is the only work which uses the system
workqueue.  Instead of calling flush_scheduled_work() during
iee80211_exit(), cancel the work during unregistration.

This is to prepare for the deprecation and removal of
flush_scheduled_work().

Signed-off-by: Tejun Heo <tj@kernel.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
14 years agoMerge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
Linus Torvalds [Sun, 24 Oct 2010 20:41:39 +0000 (13:41 -0700)]
Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial

* 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (39 commits)
  Update broken web addresses in arch directory.
  Update broken web addresses in the kernel.
  Revert "drivers/usb: Remove unnecessary return's from void functions" for musb gadget
  Revert "Fix typo: configuation => configuration" partially
  ida: document IDA_BITMAP_LONGS calculation
  ext2: fix a typo on comment in ext2/inode.c
  drivers/scsi: Remove unnecessary casts of private_data
  drivers/s390: Remove unnecessary casts of private_data
  net/sunrpc/rpc_pipe.c: Remove unnecessary casts of private_data
  drivers/infiniband: Remove unnecessary casts of private_data
  drivers/gpu/drm: Remove unnecessary casts of private_data
  kernel/pm_qos_params.c: Remove unnecessary casts of private_data
  fs/ecryptfs: Remove unnecessary casts of private_data
  fs/seq_file.c: Remove unnecessary casts of private_data
  arm: uengine.c: remove C99 comments
  arm: scoop.c: remove C99 comments
  Fix typo configue => configure in comments
  Fix typo: configuation => configuration
  Fix typo interrest[ing|ed] => interest[ing|ed]
  Fix various typos of valid in comments
  ...

Fix up trivial conflicts in:
drivers/char/ipmi/ipmi_si_intf.c
drivers/usb/gadget/rndis.c
net/irda/irnet/irnet_ppp.c

14 years agoMerge branch 'devel' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/edac
Linus Torvalds [Sun, 24 Oct 2010 20:06:57 +0000 (13:06 -0700)]
Merge branch 'devel' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/edac

* 'devel' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/edac: (25 commits)
  i7300_edac: Properly initialize per-csrow memory size
  V4L/DVB: i7300_edac: better initialize page counts
  MAINTAINERS: Add maintainer for i7300-edac driver
  i7300-edac: CodingStyle cleanup
  i7300_edac: Improve comments
  i7300_edac: Cleanup: reorganize the file contents
  i7300_edac: Properly detect channel on CE errors
  i7300_edac: enrich FBD error info for corrected errors
  i7300_edac: enrich FBD error info for fatal errors
  i7300_edac: pre-allocate a buffer used to prepare err messages
  i7300_edac: Fix MTR x4/x8 detection logic
  i7300_edac: Make the debug messages coherent with the others
  i7300_edac: Cleanup: remove get_error_info logic
  i7300_edac: Add a code to cleanup error registers
  i7300_edac: Add support for reporting FBD errors
  i7300_edac: Properly detect the type of error correction
  i7300_edac: Detect if the device is on single mode
  i7300_edac: Adds detection for enhanced scrub mode on x8
  i7300_edac: Clear the error bit after reading
  i7300_edac: Add error detection code for global errors
  ...

14 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg...
Linus Torvalds [Sun, 24 Oct 2010 19:47:55 +0000 (12:47 -0700)]
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg/slab-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg/slab-2.6: (27 commits)
  SLUB: Fix memory hotplug with !NUMA
  slub: Move functions to reduce #ifdefs
  slub: Enable sysfs support for !CONFIG_SLUB_DEBUG
  SLUB: Optimize slab_free() debug check
  slub: Move NUMA-related functions under CONFIG_NUMA
  slub: Add lock release annotation
  slub: Fix signedness warnings
  slub: extract common code to remove objects from partial list without locking
  SLUB: Pass active and inactive redzone flags instead of boolean to debug functions
  slub: reduce differences between SMP and NUMA
  Revert "Slub: UP bandaid"
  percpu: clear memory allocated with the km allocator
  percpu: use percpu allocator on UP too
  percpu: reduce PCPU_MIN_UNIT_SIZE to 32k
  vmalloc: pcpu_get/free_vm_areas() aren't needed on UP
  SLUB: Fix merged slab cache names
  Slub: UP bandaid
  slub: fix SLUB_RESILIENCY_TEST for dynamic kmalloc caches
  slub: Fix up missing kmalloc_cache -> kmem_cache_node case for memoryhotplug
  slub: Add dummy functions for the !SLUB_DEBUG case
  ...

14 years agoMerge branch 'kvm-updates/2.6.37' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Linus Torvalds [Sun, 24 Oct 2010 19:47:25 +0000 (12:47 -0700)]
Merge branch 'kvm-updates/2.6.37' of git://git.kernel.org/pub/scm/virt/kvm/kvm

* 'kvm-updates/2.6.37' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (321 commits)
  KVM: Drop CONFIG_DMAR dependency around kvm_iommu_map_pages
  KVM: Fix signature of kvm_iommu_map_pages stub
  KVM: MCE: Send SRAR SIGBUS directly
  KVM: MCE: Add MCG_SER_P into KVM_MCE_CAP_SUPPORTED
  KVM: fix typo in copyright notice
  KVM: Disable interrupts around get_kernel_ns()
  KVM: MMU: Avoid sign extension in mmu_alloc_direct_roots() pae root address
  KVM: MMU: move access code parsing to FNAME(walk_addr) function
  KVM: MMU: audit: check whether have unsync sps after root sync
  KVM: MMU: audit: introduce audit_printk to cleanup audit code
  KVM: MMU: audit: unregister audit tracepoints before module unloaded
  KVM: MMU: audit: fix vcpu's spte walking
  KVM: MMU: set access bit for direct mapping
  KVM: MMU: cleanup for error mask set while walk guest page table
  KVM: MMU: update 'root_hpa' out of loop in PAE shadow path
  KVM: x86 emulator: Eliminate compilation warning in x86_decode_insn()
  KVM: x86: Fix constant type in kvm_get_time_scale
  KVM: VMX: Add AX to list of registers clobbered by guest switch
  KVM guest: Move a printk that's using the clock before it's ready
  KVM: x86: TSC catchup mode
  ...

14 years agoMerge branch 'i2c-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvar...
Linus Torvalds [Sun, 24 Oct 2010 19:46:24 +0000 (12:46 -0700)]
Merge branch 'i2c-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging

* 'i2c-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging:
  i2c-viapro: Don't log nacks
  i2c/pca954x: Remove __devinit and __devexit from probe and remove functions
  MAINTAINERS: Add maintainer for PCA9541 I2C bus master selector driver
  i2c/mux: Driver for PCA9541 I2C Master Selector
  i2c: Optimize function i2c_detect()
  i2c: Discard warning message on device instantiation from user-space
  i2c-amd8111: Add proper error handling
  i2c: Change to new flag variable
  i2c: Remove unneeded inclusions of <linux/i2c-id.h>
  i2c: Let i2c_parent_is_i2c_adapter return the parent adapter
  i2c: Simplify i2c_parent_is_i2c_adapter
  i2c-pca-platform: Change device name of request_irq
  i2c: Fix Kconfig dependencies

14 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid
Linus Torvalds [Sun, 24 Oct 2010 19:44:59 +0000 (12:44 -0700)]
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid: (47 commits)
  HID: fix mismerge in hid-lg
  HID: hidraw: fix window in hidraw_release
  HID: hid-sony: override usbhid_output_raw_report for Sixaxis
  HID: add absolute axis resolution calculation
  HID: force feedback support for Logitech RumblePad gamepad
  HID: support STmicroelectronics and Sitronix with hid-stantuml driver
  HID: magicmouse: Adjust major / minor axes to scale
  HID: Fix for problems with eGalax/DWAV multi-touch-screen
  HID: waltop: add support for Waltop Slim Tablet 12.1 inch
  HID: add NOGET quirk for AXIS 295 Video Surveillance Joystick
  HID: usbhid: remove unused hiddev_driver
  HID: magicmouse: Use hid-input parsing rather than bypassing it
  HID: trivial formatting fix
  HID: Add support for Logitech Speed Force Wireless gaming wheel
  HID: don't Send Feature Reports on Interrupt Endpoint
  HID: 3m: Adjust major / minor axes to scale
  HID: 3m: Correct touchscreen emulation
  HID: 3m: Convert to MT slots
  HID: 3m: Output proper orientation range
  HID: 3m: Adjust to sequential MT HID protocol
  ...

14 years agoMerge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Linus Torvalds [Sun, 24 Oct 2010 19:44:34 +0000 (12:44 -0700)]
Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: Makefile - replace the use of <module>-objs with <module>-y
  crypto: hifn_795x - use cancel_delayed_work_sync()
  crypto: talitos - sparse check endian fixes
  crypto: talitos - fix checkpatch warning
  crypto: talitos - fix warning: 'alg' may be used uninitialized in this function
  crypto: cryptd - Adding the AEAD interface type support to cryptd
  crypto: n2_crypto - Niagara2 driver needs to depend upon CRYPTO_DES
  crypto: Kconfig - update broken web addresses
  crypto: omap-sham - Adjust DMA parameters
  crypto: fips - FIPS requires algorithm self-tests
  crypto: omap-aes - OMAP2/3 AES hw accelerator driver
  crypto: updates to enable omap aes
  padata: add missing __percpu markup in include/linux/padata.h
  MAINTAINERS: Add maintainer entries for padata/pcrypt

14 years agoMerge branch 'master' into for-linus
Pekka Enberg [Sun, 24 Oct 2010 16:57:05 +0000 (19:57 +0300)]
Merge branch 'master' into for-linus

Conflicts:
include/linux/percpu.h
mm/percpu.c

14 years agoi2c-viapro: Don't log nacks
Jean Delvare [Sun, 24 Oct 2010 16:16:59 +0000 (18:16 +0200)]
i2c-viapro: Don't log nacks

Transactions not acked can happen every now and then, in particular
during device detection, and various transaction types can be used for
this purpose. So stop logging this event, except when debugging is
enabled. This is what other similar drivers (e.g. i2c-i801 or
i2c-piix4) do.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
14 years agoi2c/pca954x: Remove __devinit and __devexit from probe and remove functions
Guenter Roeck [Sun, 24 Oct 2010 16:16:59 +0000 (18:16 +0200)]
i2c/pca954x: Remove __devinit and __devexit from probe and remove functions

The underlying I2C adapter may or may not be present when this driver
gets initialized, and may disappear later, so there is no safe time at
which the probe and remove functions can be discarded.

Signed-off-by: Guenter Roeck <guenter.roeck@ericsson.com>
Signed-off-by: Jean Delvare <khali@linux-fr.org>
14 years agoMAINTAINERS: Add maintainer for PCA9541 I2C bus master selector driver
Guenter Roeck [Sun, 24 Oct 2010 16:16:59 +0000 (18:16 +0200)]
MAINTAINERS: Add maintainer for PCA9541 I2C bus master selector driver

Signed-off-by: Guenter Roeck <guenter.roeck@ericsson.com>
Signed-off-by: Jean Delvare <khali@linux-fr.org>
14 years agoi2c/mux: Driver for PCA9541 I2C Master Selector
Guenter Roeck [Sun, 24 Oct 2010 16:16:58 +0000 (18:16 +0200)]
i2c/mux: Driver for PCA9541 I2C Master Selector

This patch adds support for PCA9541, an I2C Bus Master Selector.
The driver is modeled as single channel I2C Multiplexer to be able to utilize
the I2C multiplexer framework.

Signed-off-by: Guenter Roeck <guenter.roeck@ericsson.com>
Reviewed-by: Tom Grennan <tom.grennan@ericsson.com>
Acked-by: Jean Delvare <khali@linux-fr.org>
14 years agoi2c: Optimize function i2c_detect()
Jean Delvare [Sun, 24 Oct 2010 16:16:58 +0000 (18:16 +0200)]
i2c: Optimize function i2c_detect()

Check the class flags before allocating the temporary i2c_client
structure, to avoid allocating it when we don't need it.

Also optimize the inner loop a bit.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Cc: Jacob Pan <jacob.jun.pan@linux.intel.com>
14 years agoi2c: Discard warning message on device instantiation from user-space
Jean Delvare [Sun, 24 Oct 2010 16:16:58 +0000 (18:16 +0200)]
i2c: Discard warning message on device instantiation from user-space

The "new_device" sysfs interface has been there for quite some time
now, nobody complained about it so it must be good enough. Time to
remove the warning and call it stable.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Acked-by: Michael Lawnick <ml.lawnick@gmx.de>
14 years agoi2c-amd8111: Add proper error handling
Julia Lawall [Sun, 24 Oct 2010 16:16:58 +0000 (18:16 +0200)]
i2c-amd8111: Add proper error handling

The functions the functions amd_ec_wait_write and amd_ec_wait_read have an
unsigned return type, but return a negative constant to indicate an error
condition.

A sematic match that finds this problem is as follows:
(http://coccinelle.lip6.fr/)

// <smpl>
@exists@
identifier f;
constant C;
@@

 unsigned f(...)
 { <+...
*  return -C;
 ...+> }
// </smpl>

Fixing amd_ec_wait_write and amd_ec_wait_read leads to the need to adjust
the return type of the functions amd_ec_write and amd_ec_read, which are
the only functions that call amd_ec_wait_write and amd_ec_wait_read.
amd_ec_write and amd_ec_read, in turn, are only called from within the
function amd8111_access, which already returns a signed typed value.  Each
of the calls to amd_ec_write and amd_ec_read are updated using the
following semantic patch:

// <smpl>
@@
@@

+ status = amd_ec_write
- amd_ec_write
  (...);
+ if (status) return status;

@@
@@

+ status = amd_ec_read
- amd_ec_read
  (...);
+ if (status) return status;
// </smpl>

The patch also adds the declaration of the status variable.

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Jean Delvare <khali@linux-fr.org>
14 years agoi2c: Change to new flag variable
matt mooney [Sun, 24 Oct 2010 16:16:58 +0000 (18:16 +0200)]
i2c: Change to new flag variable

Replace EXTRA_CFLAGS with ccflags-y.

Signed-off-by: matt mooney <mfm@muteddisk.com>
Signed-off-by: Jean Delvare <khali@linux-fr.org>
14 years agoi2c: Remove unneeded inclusions of <linux/i2c-id.h>
Jean Delvare [Sun, 24 Oct 2010 16:16:58 +0000 (18:16 +0200)]
i2c: Remove unneeded inclusions of <linux/i2c-id.h>

These drivers don't use anything which is defined in <linux/i2c-id.h>.
This header file was never meant to be included directly anyway, and
will be deleted soon.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Acked-by: Ben Dooks <ben-linux@fluff.org>
Acked-by: Dave Airlie <airlied@linux.ie>
Cc: Hans Verkuil <hverkuil@xs4all.nl>
14 years agoi2c: Let i2c_parent_is_i2c_adapter return the parent adapter
Jean Delvare [Sun, 24 Oct 2010 16:16:57 +0000 (18:16 +0200)]
i2c: Let i2c_parent_is_i2c_adapter return the parent adapter

This makes the calling site's code clearer IMHO.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Acked-by: Michael Lawnick <ml.lawnick@gmx.de>
14 years agoi2c: Simplify i2c_parent_is_i2c_adapter
Jean Delvare [Sun, 24 Oct 2010 16:16:57 +0000 (18:16 +0200)]
i2c: Simplify i2c_parent_is_i2c_adapter

Only i2c devices can have their type set to i2c_adapter_type, so
testing the bus type is redundant.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Cc: Michael Lawnick <ml.lawnick@gmx.de>
14 years agoi2c-pca-platform: Change device name of request_irq
Nobuhiro Iwamatsu [Sun, 24 Oct 2010 16:16:57 +0000 (18:16 +0200)]
i2c-pca-platform: Change device name of request_irq

i2c->adap.name shouldn't be used in request_irq.
Instead the driver name "i2c-pca-platform" should be used.

Signed-off-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@renesas.com>
Acked-by: Wolfram Sang <w.sang@pengutronix.de>
Cc: stable@kernel.org
Signed-off-by: Jean Delvare <khali@linux-fr.org>
14 years agoi2c: Fix Kconfig dependencies
Jean Delvare [Sun, 24 Oct 2010 16:16:57 +0000 (18:16 +0200)]
i2c: Fix Kconfig dependencies

drivers/i2c/algos/Kconfig makes all the algorithms dependent on
!I2C_HELPER_AUTO, which triggers a Kconfig warning about broken
dependencies when some driver selects one of the algorithms. Ideally
we would make only the prompts dependent on !I2C_HELPER_AUTO, however
Kconfig doesn't currently support that. So we have to redefine the
symbols separately for the I2C_HELPER_AUTO=y case.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Acked-by: Michal Marek <mmarek@suse.cz>
14 years agoKVM: Drop CONFIG_DMAR dependency around kvm_iommu_map_pages
Jan Kiszka [Mon, 18 Oct 2010 13:38:40 +0000 (15:38 +0200)]
KVM: Drop CONFIG_DMAR dependency around kvm_iommu_map_pages

We also have to call kvm_iommu_map_pages for CONFIG_AMD_IOMMU. So drop
the dependency on Intel IOMMU, kvm_iommu_map_pages will be a nop anyway
if CONFIG_IOMMU_API is not defined.

KVM-Stable-Tag.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: Fix signature of kvm_iommu_map_pages stub
Jan Kiszka [Thu, 14 Oct 2010 11:59:04 +0000 (13:59 +0200)]
KVM: Fix signature of kvm_iommu_map_pages stub

Breaks otherwise if CONFIG_IOMMU_API is not set.

KVM-Stable-Tag.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: MCE: Send SRAR SIGBUS directly
Huang Ying [Fri, 8 Oct 2010 08:24:15 +0000 (16:24 +0800)]
KVM: MCE: Send SRAR SIGBUS directly

Originally, SRAR SIGBUS is sent to QEMU-KVM via touching the poisoned
page. But commit 96054569190bdec375fe824e48ca1f4e3b53dd36 prevents the
signal from being sent. So now the signal is sent via
force_sig_info_fault directly.

[marcelo: use send_sig_info instead]

Reported-by: Dean Nelson <dnelson@redhat.com>
Signed-off-by: Huang Ying <ying.huang@intel.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: MCE: Add MCG_SER_P into KVM_MCE_CAP_SUPPORTED
Huang Ying [Fri, 8 Oct 2010 08:24:14 +0000 (16:24 +0800)]
KVM: MCE: Add MCG_SER_P into KVM_MCE_CAP_SUPPORTED

Now we have MCG_SER_P (and corresponding SRAO/SRAR MCE) support in
kernel and QEMU-KVM, the MCG_SER_P should be added into
KVM_MCE_CAP_SUPPORTED to make all these code really works.

Reported-by: Dean Nelson <dnelson@redhat.com>
Signed-off-by: Huang Ying <ying.huang@intel.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: fix typo in copyright notice
Nicolas Kaiser [Wed, 6 Oct 2010 12:23:22 +0000 (14:23 +0200)]
KVM: fix typo in copyright notice

Fix typo in copyright notice.

Signed-off-by: Nicolas Kaiser <nikai@nikai.net>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: Disable interrupts around get_kernel_ns()
Avi Kivity [Mon, 4 Oct 2010 10:55:49 +0000 (12:55 +0200)]
KVM: Disable interrupts around get_kernel_ns()

get_kernel_ns() wants preemption disabled.  It doesn't make a lot of sense
during the get/set ioctls (no way to make them non-racy) but the callee wants
it.

Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: MMU: Avoid sign extension in mmu_alloc_direct_roots() pae root address
Avi Kivity [Sun, 3 Oct 2010 16:51:39 +0000 (18:51 +0200)]
KVM: MMU: Avoid sign extension in mmu_alloc_direct_roots() pae root address

Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: MMU: move access code parsing to FNAME(walk_addr) function
Xiao Guangrong [Tue, 28 Sep 2010 09:03:14 +0000 (17:03 +0800)]
KVM: MMU: move access code parsing to FNAME(walk_addr) function

Move access code parsing from caller site to FNAME(walk_addr) function

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: MMU: audit: check whether have unsync sps after root sync
Xiao Guangrong [Mon, 27 Sep 2010 10:09:29 +0000 (18:09 +0800)]
KVM: MMU: audit: check whether have unsync sps after root sync

After root synced, all unsync sps are synced, this patch add a check to make
sure it's no unsync sps in VCPU's page table

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: MMU: audit: introduce audit_printk to cleanup audit code
Xiao Guangrong [Mon, 27 Sep 2010 10:07:59 +0000 (18:07 +0800)]
KVM: MMU: audit: introduce audit_printk to cleanup audit code

Introduce audit_printk, and record audit point instead audit name

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: MMU: audit: unregister audit tracepoints before module unloaded
Xiao Guangrong [Mon, 27 Sep 2010 10:07:07 +0000 (18:07 +0800)]
KVM: MMU: audit: unregister audit tracepoints before module unloaded

fix:

Call Trace:
 [<ffffffffa01e46ba>] ? kvm_mmu_pte_write+0x229/0x911 [kvm]
 [<ffffffffa01c6ba9>] ? gfn_to_memslot+0x39/0xa0 [kvm]
 [<ffffffffa01c6c26>] ? mark_page_dirty+0x16/0x2e [kvm]
 [<ffffffffa01c6d6f>] ? kvm_write_guest_page+0x67/0x7f [kvm]
 [<ffffffff81066fbd>] ? local_clock+0x2a/0x3b
 [<ffffffffa01d52ce>] emulator_write_phys+0x46/0x54 [kvm]
 ......
Code:  Bad RIP value.
RIP  [<ffffffffa0172056>] 0xffffffffa0172056
 RSP <ffff880134f69a70>
CR2: ffffffffa0172056

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: MMU: audit: fix vcpu's spte walking
Xiao Guangrong [Mon, 27 Sep 2010 10:06:16 +0000 (18:06 +0800)]
KVM: MMU: audit: fix vcpu's spte walking

After nested nested paging, it may using long mode to shadow 32/PAE paging
guest, so this patch fix it

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: MMU: set access bit for direct mapping
Xiao Guangrong [Mon, 27 Sep 2010 10:05:00 +0000 (18:05 +0800)]
KVM: MMU: set access bit for direct mapping

Set access bit while setup up direct page table if it's nonpaing or npt enabled,
it's good for CPU's speculate access

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: MMU: cleanup for error mask set while walk guest page table
Xiao Guangrong [Mon, 27 Sep 2010 10:03:27 +0000 (18:03 +0800)]
KVM: MMU: cleanup for error mask set while walk guest page table

Small cleanup for set page fault error code

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: MMU: update 'root_hpa' out of loop in PAE shadow path
Xiao Guangrong [Mon, 27 Sep 2010 10:02:12 +0000 (18:02 +0800)]
KVM: MMU: update 'root_hpa' out of loop in PAE shadow path

The value of 'vcpu->arch.mmu.pae_root' is not modified, so we can update
'root_hpa' out of the loop.

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: x86 emulator: Eliminate compilation warning in x86_decode_insn()
Sheng Yang [Tue, 28 Sep 2010 08:33:32 +0000 (16:33 +0800)]
KVM: x86 emulator: Eliminate compilation warning in x86_decode_insn()

Eliminate:
arch/x86/kvm/emulate.c:801: warning: ‘sv’ may be used uninitialized in this
function

on gcc 4.1.2

Signed-off-by: Sheng Yang <sheng@linux.intel.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: x86: Fix constant type in kvm_get_time_scale
Jan Kiszka [Sun, 26 Sep 2010 11:00:53 +0000 (13:00 +0200)]
KVM: x86: Fix constant type in kvm_get_time_scale

Older gcc versions complain about the improper type (for x86-32), 4.5
seems to fix this silently. However, we should better use the right type
initially.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: VMX: Add AX to list of registers clobbered by guest switch
Jan Kiszka [Tue, 28 Sep 2010 14:37:42 +0000 (16:37 +0200)]
KVM: VMX: Add AX to list of registers clobbered by guest switch

By chance this caused no harm so far. We overwrite AX during switch
to/from guest context, so we must declare this.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM guest: Move a printk that's using the clock before it's ready
Arjan Koers [Mon, 2 Aug 2010 21:35:28 +0000 (23:35 +0200)]
KVM guest: Move a printk that's using the clock before it's ready

Fix a hang during SMP kernel boot on KVM that showed up
after commit 489fb490dbf8dab0249ad82b56688ae3842a79e8
(2.6.35) and 59aab522154a2f17b25335b63c1cf68a51fb6ae0
(2.6.34.1). The problem only occurs when
CONFIG_PRINTK_TIME is set.

KVM-Stable-Tag.
Signed-off-by: Arjan Koers <0h61vkll2ly8@xutrox.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
14 years agoKVM: x86: TSC catchup mode
Zachary Amsden [Sun, 19 Sep 2010 00:38:15 +0000 (14:38 -1000)]
KVM: x86: TSC catchup mode

Negate the effects of AN TYM spell while kvm thread is preempted by tracking
conversion factor to the highest TSC rate and catching the TSC up when it has
fallen behind the kernel view of time.  Note that once triggered, we don't
turn off catchup mode.

A slightly more clever version of this is possible, which only does catchup
when TSC rate drops, and which specifically targets only CPUs with broken
TSC, but since these all are considered unstable_tsc(), this patch covers
all necessary cases.

Signed-off-by: Zachary Amsden <zamsden@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: x86: Rename timer function
Zachary Amsden [Sun, 19 Sep 2010 00:38:14 +0000 (14:38 -1000)]
KVM: x86: Rename timer function

This just changes some names to better reflect the usage they
will be given.  Separated out to keep confusion to a minimum.

Signed-off-by: Zachary Amsden <zamsden@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: x86: Make math work for other scales
Zachary Amsden [Sun, 19 Sep 2010 00:38:13 +0000 (14:38 -1000)]
KVM: x86: Make math work for other scales

The math in kvm_get_time_scale relies on the fact that
NSEC_PER_SEC < 2^32.  To use the same function to compute
arbitrary time scales, we must extend the first reduction
step to shrink the base rate to a 32-bit value, and
possibly reduce the scaled rate into a 32-bit as well.

Note we must take care to avoid an arithmetic overflow
when scaling up the tps32 value (this could not happen
with the fixed scaled value of NSEC_PER_SEC, but can
happen with scaled rates above 2^31.

Signed-off-by: Zachary Amsden <zamsden@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: cpu_relax() during spin waiting for reboot
Avi Kivity [Tue, 21 Sep 2010 17:59:44 +0000 (19:59 +0200)]
KVM: cpu_relax() during spin waiting for reboot

It doesn't really matter, but if we spin, we should spin in a more relaxed
manner.  This way, if something goes wrong at least it won't contribute to
global warming.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: VMX: Respect interrupt window in big real mode
Avi Kivity [Sun, 19 Sep 2010 12:34:08 +0000 (14:34 +0200)]
KVM: VMX: Respect interrupt window in big real mode

If an interrupt is pending, we need to stop emulation so we
can inject it.

Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: VMX: Emulated real mode interrupt injection
Mohammed Gamal [Sun, 19 Sep 2010 12:34:07 +0000 (14:34 +0200)]
KVM: VMX: Emulated real mode interrupt injection

Replace the inject-as-software-interrupt hack we currently have with
emulated injection.

Signed-off-by: Mohammed Gamal <m.gamal005@gmail.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: Add kvm_inject_realmode_interrupt() wrapper
Mohammed Gamal [Sun, 19 Sep 2010 12:34:06 +0000 (14:34 +0200)]
KVM: Add kvm_inject_realmode_interrupt() wrapper

This adds a wrapper function kvm_inject_realmode_interrupt() around the
emulator function emulate_int_real() to allow real mode interrupt injection.

[avi: initialize operand and address sizes before emulating interrupts]
[avi: initialize rip for real mode interrupt injection]
[avi: clear interrupt pending flag after emulating interrupt injection]

Signed-off-by: Mohammed Gamal <m.gamal005@gmail.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: x86 emulator: Expose emulate_int_real()
Mohammed Gamal [Sun, 19 Sep 2010 12:34:05 +0000 (14:34 +0200)]
KVM: x86 emulator: Expose emulate_int_real()

Signed-off-by: Mohammed Gamal <m.gamal005@gmail.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: MMU: fix counting of rmap entries in rmap_add()
Hillf Danton [Sat, 18 Sep 2010 00:41:02 +0000 (08:41 +0800)]
KVM: MMU: fix counting of rmap entries in rmap_add()

It seems that rmap entries are under counted.

Signed-off-by: Hillf Danton <dhillf@gmail.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: document 'kvm.mmu_audit' parameter
Xiao Guangrong [Mon, 20 Sep 2010 14:17:48 +0000 (22:17 +0800)]
KVM: document 'kvm.mmu_audit' parameter

Document this parameter into Documentation/kernel-parameters.txt

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: fix the description of kvm-amd.nested in documentation
Xiao Guangrong [Mon, 20 Sep 2010 14:16:45 +0000 (22:16 +0800)]
KVM: fix the description of kvm-amd.nested in documentation

The default state of 'kvm-amd.nested' is enabled now, so fix the documentation

Signed-off-by: Xiao Guangrong <xiaoguangrong@cn.fujitsu.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: SVM: do not generate "external interrupt exit" if other exit is pending
Gleb Natapov [Mon, 20 Sep 2010 08:15:32 +0000 (10:15 +0200)]
KVM: SVM: do not generate "external interrupt exit" if other exit is pending

Nested SVM checks for external interrupt after injecting nested exception.
In case there is external interrupt pending the code generates "external
interrupt exit" and overwrites previous exit info. If previously injected
exception already generated exit it will be lost.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Acked-by: Joerg Roedel <joerg.roedel@amd.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
14 years agoKVM: Convert PIC lock from raw spinlock to ordinary spinlock
Avi Kivity [Sun, 19 Sep 2010 16:44:07 +0000 (18:44 +0200)]
KVM: Convert PIC lock from raw spinlock to ordinary spinlock

The PIC code used to be called from preempt_disable() context, which
wasn't very good for PREEMPT_RT.  That is no longer the case, so move
back from raw_spinlock_t to spinlock_t.

Signed-off-by: Avi Kivity <avi@redhat.com>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>