Re: GPL only modules [was Re: [GIT PATCH] more Driver core patches for 2.6.19]
It'll get in when the developers feel it is at a stage where it can be supported, at the moment (I'm not speaking for all the nouveau team only my own opinion) the API isn't stable and putting it into the kernel only means we've declared the API supportable, I know in theory marking it EXPERIMENTAL might work, in practice it will just cause us headaches at this stage, there isn't enough knowledgeable developers working on it both support users and continue development at a decent rate, so mainly ppl are concentrating on development until it can at least play Q3, and for me dualhead on my G5 :-) To what degree does it work on the G5? Can we already drive a desktop system with it? I'd like to play around with this on my Quad. 2D worked the last time I tested it and fixed up all the problems, it is slightly faster than nv, but may be more unstable, still only single head... 3D even on x86 doesn't work yet without pre-loading nvidia to set the hardware up correctly.. but it's coming along there are summary updates posted ~weekly on the nouveau wiki Dave. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] CodingStyle updates
David Weinehall wrote: On Thu, Dec 07, 2006 at 12:48:38AM -0800, Randy Dunlap wrote: [snip] +but no space after unary operators: + sizeof ++ --* + - ~ ! defined Uhm, that doesn't compute... If you don't put a space after sizeof, the program won't compile. int c; printf(%d, sizeofc); Uh, we prefer not to see sizeof c. IOW, we prefer to have the parentheses use all the time. Maybe I need to say that better? Options are: sizeof c sizeof(c) or sizeof (c) If you take sizeof the type rather than the variable, the options are sizeof(int) or sizeof (int) [snip] Regards: David Weinehall -- ~Randy - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: GPL only modules [was Re: [GIT PATCH] more Driver core patches for 2.6.19]
On Thursday 14 December 2006 23:39, Dave Airlie wrote: It'll get in when the developers feel it is at a stage where it can be supported, at the moment (I'm not speaking for all the nouveau team only my own opinion) the API isn't stable and putting it into the kernel only means we've declared the API supportable, I know in theory marking it EXPERIMENTAL might work, in practice it will just cause us headaches at this stage, there isn't enough knowledgeable developers working on it both support users and continue development at a decent rate, so mainly ppl are concentrating on development until it can at least play Q3, and for me dualhead on my G5 :-) To what degree does it work on the G5? Can we already drive a desktop system with it? I'd like to play around with this on my Quad. 2D worked the last time I tested it and fixed up all the problems, it is slightly faster than nv, but may be more unstable, still only single head... 3D even on x86 doesn't work yet without pre-loading nvidia to set the hardware up correctly.. but it's coming along there are summary updates posted ~weekly on the nouveau wiki Ok, that's nice to hear. :) Can't be much more pain than nv, heh. And as I only have singlehead, anyway, I'll give it a try. -- Greetings Michael. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
kernel.org lies about latest -mm kernel
Hi! [EMAIL PROTECTED]:/data/pavel$ finger @www.kernel.org [zeus-pub.kernel.org] ... The latest -mm patch to the stable Linux kernels is: 2.6.19-rc6-mm2 [EMAIL PROTECTED]:/data/pavel$ head /data/l/linux-mm/Makefile VERSION = 2 PATCHLEVEL = 6 SUBLEVEL = 19 EXTRAVERSION = -mm1 ... [EMAIL PROTECTED]:/data/pavel$ AFAICT 2.6.19-mm1 is newer than 2.6.19-rc6-mm2, but kernel.org does not understand that. Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] CodingStyle updates
On Thu, Dec 07, 2006 at 12:48:38AM -0800, Randy Dunlap wrote: [snip] +but no space after unary operators: + sizeof ++ --* + - ~ ! defined Uhm, that doesn't compute... If you don't put a space after sizeof, the program won't compile. int c; printf(%d, sizeofc); Options are: sizeof c sizeof(c) or sizeof (c) If you take sizeof the type rather than the variable, the options are sizeof(int) or sizeof (int) [snip] Regards: David Weinehall -- /) David Weinehall [EMAIL PROTECTED] /) Northern lights wander (\ // Maintainer of the v2.0 kernel // Dance across the winter sky // \) http://www.acc.umu.se/~tao/(/ Full colour fire (/ - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [GIT PATCH] more Driver core patches for 2.6.19
On Thu, 14 Dec 2006, Thomas Gleixner wrote: The kernel part of the UIO driver also knows how to shut the interrupt up, so where is the difference ? Thomas, you've been discussing some totally different and private Thomas-only thread than everybody else in this thread has been. The point is NO, THE UIO DRIVER DID NOT KNOW THAT AT ALL. Go and read the post that STARTED this whole thread. Go and read the example driver. The example driver was complete crap and drivel. Linus - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: kernel.org lies about latest -mm kernel
On Thu, 14 Dec 2006 23:37:18 +0100 Pavel Machek wrote: Hi! [EMAIL PROTECTED]:/data/pavel$ finger @www.kernel.org [zeus-pub.kernel.org] ... The latest -mm patch to the stable Linux kernels is: 2.6.19-rc6-mm2 [EMAIL PROTECTED]:/data/pavel$ head /data/l/linux-mm/Makefile VERSION = 2 PATCHLEVEL = 6 SUBLEVEL = 19 EXTRAVERSION = -mm1 ... [EMAIL PROTECTED]:/data/pavel$ AFAICT 2.6.19-mm1 is newer than 2.6.19-rc6-mm2, but kernel.org does not understand that. and 2.6.20-rc1 should also be listed there. --- ~Randy - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: lots of code could be simplified by using ARRAY_SIZE()
Robert P. J. Day wrote: On Thu, 14 Dec 2006, Zach Brown wrote: ... Indeed, there seems to be lots of potential clean-up there. Including duplicate macros like: ./drivers/ide/ide-cd.h:#define ARY_LEN(a) ((sizeof(a) / sizeof(a[0]))) not surprisingly, i have a script arraysize.sh: ... This could also come in the flavor sizeof(a) / sizeof(*a). I haven't checked if there are actual instances. -- Stefan Richter -=-=-==- ==-- - http://arcgraph.de/sr/ - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: lots of code could be simplified by using ARRAY_SIZE()
On 12/13/06, Robert P. J. Day [EMAIL PROTECTED] wrote: there are numerous places throughout the source tree that apparently calculate the size of an array using the construct sizeof(fubar)/sizeof(fubar[0]). see for yourself: $ grep -Er sizeof\((.*)\) ?/ ?sizeof\(\1\[0\]\) * but we already have, from include/linux/kernel.h: #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) Maybe *(x) instead of (x)[0]? -- Miguel Ojeda http://maxextreme.googlepages.com/index.htm - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: Linux 2.6.20-rc1
Nicolas Mailhot wrote: Alistair John Strachan s0348365 at sms.ed.ac.uk writes: `hddtemp' has stopped working on 2.6.20-rc1: → http://bugzilla.kernel.org/show_bug.cgi?id=7581 I'm not sure I quite follow your bug report. Are you saying that the patch you attached causes the problem? Jeff - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[Fwd: Re: [GIT PATCH] more Driver core patches for 2.6.19]
Linus Torvalds wrote: On Thu, 14 Dec 2006, Thomas Gleixner wrote: The kernel part of the UIO driver also knows how to shut the interrupt up, so where is the difference ? Thomas, you've been discussing some totally different and private Thomas-only thread than everybody else in this thread has been. The point is NO, THE UIO DRIVER DID NOT KNOW THAT AT ALL. Go and read the post that STARTED this whole thread. Go and read the example driver. The example driver was complete crap and drivel. OK the example driver was a bad example. A very bad example. Writing a driver with UIO does involve writing _some_ kernel code, just not much. Some of the kernel code you do have to write is the bit of the interrupt routine which shuts the device up. UIO doesn't really move the interrupt handling to userspace, more it moves the bottom-half work to userspace. If you are using UIO, a prerequisite is probably that your actual interrupt handler code is trivial, all work can be done in this form of userspace bottom-half. The example didn't show that, the docco shipped with the UIO patches does. Ben. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH 2.6.19.1] sunkbd.c: fix sunkbd_enable(sunkbd, 0); obvious
From: [EMAIL PROTECTED] Date: Thu, 14 Dec 2006 21:25:20 +0100 sunkbd_enable(sunkbd, 0); has no effect. Adding sunkbd-enabled = enable in sunkbd_enable (obvious) Signed-off-by: Fabrice Knevez [EMAIL PROTECTED] Applied, thanks. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH 2.6.19] tg3: replace kmalloc+memset with kzalloc
From: Michael Chan [EMAIL PROTECTED] Date: Tue, 12 Dec 2006 12:30:28 -0800 On Tue, 2006-12-12 at 21:10 +0200, Yan Burman wrote: Replace kmalloc+memset with kzalloc Signed-off-by: Yan Burman [EMAIL PROTECTED] Acked-by: Michael Chan [EMAIL PROTECTED] Applied, thanks everyone. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [GIT PATCH] more Driver core patches for 2.6.19
Linus, On Thu, 2006-12-14 at 14:59 -0800, Linus Torvalds wrote: The kernel part of the UIO driver also knows how to shut the interrupt up, so where is the difference ? Thomas, you've been discussing some totally different and private Thomas-only thread than everybody else in this thread has been. Yeah, I even looked at different code than others, until they noticed that email before coffee is bad. :) The point is NO, THE UIO DRIVER DID NOT KNOW THAT AT ALL. Go and read the post that STARTED this whole thread. Go and read the example driver. The example driver was complete crap and drivel. Sigh, I accept and also Greg has done this before, that the example driver based on the LPT port was not a fortunate choice. It was done to provide some example which is reproducible on COTS hardware. Real world drivers like the sercos example I provided - and I do it again - are aware of that problem: /* * The chip specific portion of the interrupt handler. The framework code * takes care of userspace notification when we return IRQ_HANDLED */ static irqreturn_t sercos_handler(int irq, void *dev_id, struct pt_regs *reg) { /* Check, if this interrupt is originated from the SERCOS chip */ if (!(sercos_read(IRQ_STATUS) SERCOS_INTERRUPT_MASK)) return IRQ_NONE; -^ Makes it safe for IRQ sharing /* Acknowledge the chip interrupts */ sercos_write(IRQ_ACK1, SERCOS_INTERRUPT_ACK1); sercos_write(IRQ_ACK2, SERCOS_INTERRUPT_ACK2); --^ Actually prevents the box is dead scenario, as it disables the interrupt from that device until it is reenabled from the user space driver code. This covers also the case where the user space driver dies, as the kernel still has the portion of code to shut this thing up for ever. return IRQ_HANDLED; } The concept requires, that - the interrupt handling is in the kernel _AND_ open source - the mapping of the device is done via the kernel controlled mapping function rather than by poking in the PCI regs I really regret that I ever came up with this LPT example, but cutting the whole discussion down to that ugly example driver does not get us anywhere. tglx - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] CodingStyle updates
Outside of comments, documentation and except in Kconfig, spaces are never used for indentation, and the above example is deliberately broken. --- I realize it isn't text you added, but what's that supposed to mean? Surely the 8-character indents are made up of spaces. Does it mean spaces other than 8-space blocks? In any case, how does it synch with the following chapter's statement that continuations are placed substantially to the right - isn't that done with spaces, too? Or am I just totally spacing out on what was meant? scott - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: Temporary random kernel hang
Andrew Morton wrote: No, I wasn't ignoring you for four days. Please, always do reply-to-all. I am using nabble's interface to post messages ( www.nabble.com ) and I am not subscribed to the mailing list, so it's possible that this is the cause of the direct mail. Andrew Morton wrote: It's certainly different. It is hard to work out what might be going on in there, but there's no obvious sign of misbehaviour. It could be that the application has simply gone berzerk and is doing a larger number or expensive system calls. The next step would be to try to catch one of these eposides with strace. I will try. Thank you. Regards, Horia -- View this message in context: http://www.nabble.com/Temporary-random-kernel-hang-tf2779860.html#a7883193 Sent from the linux-kernel mailing list archive at Nabble.com. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
2.6.19-git19, Intel 945 + ICH7 SATA - long delay in boot (30 seconds to a minute timeout).
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 still has 30+ second (up to a minute or more) delay in SATA init. It's a laptop - so such delays are costly. Okay - working from single: no real change in configuration from past. ipw3945 still broken - I'm not surprised... (I know - patience!) Still testing out synaptics driver... it's looking good! actually - the kernel seems to be working quite well otherwise. attached: dmesg and lspci If anyone has any debugging suggestions for this (SATA/Flash drive) - please let me know. (note: NO serial or parallel port on unit) - - Teunis -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFgd8abFT/SAfwLKMRAnE/AKCyRwMu6L/8Y8snOo4QHtoXAFMF8gCZAYWh 9io2aatGgG78SYcZUq+TB2U= =YcPK -END PGP SIGNATURE- : fec0 - fec01000 (reserved) BIOS-e820: fed2 - fed9b000 (reserved) BIOS-e820: feda - fedc (reserved) BIOS-e820: fee0 - fee01000 (reserved) BIOS-e820: ffb0 - ffc0 (reserved) BIOS-e820: fff0 - 0001 (reserved) 0MB HIGHMEM available. 759MB LOWMEM available. Entering add_active_range(0, 0, 194512) 0 entries of 256 used Zone PFN ranges: DMA 0 - 4096 Normal 4096 - 194512 HighMem194512 - 194512 early_node_map[1] active PFN ranges 0:0 - 194512 On node 0 totalpages: 194512 DMA zone: 32 pages used for memmap DMA zone: 0 pages reserved DMA zone: 4064 pages, LIFO batch:0 Normal zone: 1487 pages used for memmap Normal zone: 188929 pages, LIFO batch:31 HighMem zone: 0 pages used for memmap DMI 2.4 present. Using APIC driver default ACPI: RSDP (v000 HP) @ 0x000f7d70 ACPI: RSDT (v001 HP 30AA 0x28040620 HP 0x0001) @ 0x2f7e5684 ACPI: FADT (v002 HP 30AA 0x0002 HP 0x0001) @ 0x2f7e5600 ACPI: MADT (v001 HP 30AA 0x0001 HP 0x0001) @ 0x2f7e56c4 ACPI: MCFG (v001 HP 30AA 0x0001 HP 0x0001) @ 0x2f7e572c ACPI: TCPA (v002 HP 30AA 0x0001 HP 0x0001) @ 0x2f7e5768 ACPI: SSDT (v001 HP HPQSAT 0x0001 MSFT 0x010e) @ 0x2f7f4afc ACPI: SSDT (v001 HP Cpu0Cst 0x3001 INTL 0x20050624) @ 0x2f7f4e58 ACPI: SSDT (v001 HPCpuPm 0x3000 INTL 0x20050624) @ 0x2f7f5033 ACPI: DSDT (v001 HP nc6340 0x0001 MSFT 0x010e) @ 0x ACPI: PM-Timer IO Port: 0x1008 ACPI: Local APIC address 0xfee0 ACPI: LAPIC (acpi_id[0x01] lapic_id[0x00] enabled) Processor #0 6:14 APIC version 20 ACPI: LAPIC (acpi_id[0x02] lapic_id[0x01] disabled) ACPI: LAPIC_NMI (acpi_id[0x01] high edge lint[0x1]) ACPI: LAPIC_NMI (acpi_id[0x02] high edge lint[0x1]) ACPI: IOAPIC (id[0x01] address[0xfec0] gsi_base[0]) IOAPIC[0]: apic_id 1, version 32, address 0xfec0, GSI 0-23 ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) ACPI: IRQ0 used by override. ACPI: IRQ2 used by override. ACPI: IRQ9 used by override. Enabling APIC mode: Flat. Using 1 I/O APICs Using ACPI (MADT) for SMP configuration information Allocating PCI resources starting at 3000 (gap: 2f80:cf40) Detected 1463.105 MHz processor. Built 1 zonelists. Total pages: 192993 Kernel command line: root=/dev/mapper/crypt0 cryptopts=target=crypt0,source=/dev/mapper/Komodo-KMDOFS ro vga=791 single mapped APIC to d000 (fee0) mapped IOAPIC to c000 (fec0) Enabling fast FPU save and restore... done. Enabling unmasked SIMD FPU exception support... done. Initializing CPU#0 PID hash table entries: 4096 (order: 12, 16384 bytes) Console: colour dummy device 80x25 Dentry cache hash table entries: 131072 (order: 7, 524288 bytes) Inode-cache hash table entries: 65536 (order: 6, 262144 bytes) Memory: 758672k/778048k available (1952k kernel code, 18688k reserved, 812k data, 228k init, 0k highmem) virtual kernel memory layout: fixmap : 0xffe16000 - 0xf000 (1956 kB) pkmap : 0xff80 - 0xffc0 (4096 kB) vmalloc : 0xf000 - 0xff7fe000 ( 247 MB) lowmem : 0xc000 - 0xef7d ( 759 MB) .init : 0xc03ba000 - 0xc03f3000 ( 228 kB) .data : 0xc02e8269 - 0xc03b32f4 ( 812 kB) .text : 0xc010 - 0xc02e8269 (1952 kB) Checking if this processor honours the WP bit even in supervisor mode... Ok. Calibrating delay using timer specific routine.. 2928.22 BogoMIPS (lpj=1464112) Security Framework v1.0.0 initialized SELinux: Initializing. SELinux: Starting in permissive mode selinux_register_security: Registering secondary module capability Capability LSM initialized as secondary Mount-cache hash table entries: 512 CPU: After generic identify, caps: afe9fbff 0010 c109 monitor/mwait feature present. using mwait in idle threads. CPU: L1 I cache: 32K, L1 D cache: 32K CPU: L2
Re: amd64 agpgart aperture base value
Dave Jones wrote: On Wed, Dec 13, 2006 at 10:47:32PM -0500, Daniel Drake wrote: In amd64-agp.c, would it be dangerous to remove the aperture base 4G thing and instead simply only read the rightmost 7 bits to ensure the aperture base is always in range? (This is coming from someone with little AGPGART understanding...) Ignoring the high bits is the wrong thing to be doing. The BIOS placed the aperture in one place, and by masking bits, you're going to be assuming its somewhere else, and scribbling over who knows what. So, you think that the aperture moving to a different location on every boot is what the BIOS desires? Is it normal for it to move so much? The current patch drops the upper bits and results in the aperture always being in the same place, and this appears to work. If the BIOS did really put the aperture beyond 4GB but my patch is making Linux put it somewhere else, does it surprise you that things are still working smoothly? Is it even possible for the aperture to start beyond 4GB when the system has less than 4GB of RAM? If the aperture is placed above 4G, we should deal with it. Currently, we don't. (See the AGP patches Linus merged just before 2.6.19 was released that work around this for intel-agp). Just needs someone to find the time to write the code to do it, and test it. Looks like some understanding of AGP is required too. I'll have a closer look another time. Thanks, Daniel - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] CodingStyle updates
Scott Preece wrote: [1] Outside of comments, documentation and except in Kconfig, spaces are never used for indentation, and the above example is deliberately broken. --- I realize it isn't text you added, but what's that supposed to mean? Surely the 8-character indents are made up of spaces. Does it mean No, the 8-character indents are made of one ASCII TAB character. spaces other than 8-space blocks? In any case, how does it synch with the following chapter's statement that continuations are placed substantially to the right - isn't that done with spaces, too? That's usually (preferably) done with tab(s). Sometimes it is done with a few spaces instead. (and we put up with it :) Or am I just totally spacing out on what was meant? I take [1] to mean that this example: if (condition) do_this; do_something_everytime; is broken in at least 3 ways: 1/ do_this(); should be on a separate line; 2/ do_something_everytime() should not be indented more than the if above it; and 3/ *if* do_something_everytime() were to be indented more than it is, it should be done with a tab, not spaces. -- ~Randy - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: kernel.org lies about latest -mm kernel
kernel.org don't lie is not updated , this problem should be snd to webmaster isn't ? -- Sérgio M. B. On Thu, 2006-12-14 at 23:37 +0100, Pavel Machek wrote: Hi! [EMAIL PROTECTED]:/data/pavel$ finger @www.kernel.org [zeus-pub.kernel.org] ... The latest -mm patch to the stable Linux kernels is: 2.6.19-rc6-mm2 [EMAIL PROTECTED]:/data/pavel$ head /data/l/linux-mm/Makefile VERSION = 2 PATCHLEVEL = 6 SUBLEVEL = 19 EXTRAVERSION = -mm1 ... [EMAIL PROTECTED]:/data/pavel$ AFAICT 2.6.19-mm1 is newer than 2.6.19-rc6-mm2, but kernel.org does not understand that. Pavel - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [patch 1/1] oprofile: Add a special cookie for the VDSO region
On Mon, 11 Dec 2006 15:26:26 +0530 Amitabha Roy [EMAIL PROTECTED] wrote: Emit a special VDSO_COOKIE for VDSO regions instead of simply marking them as anon. Why? Signed-off-by: Amitabha Roy [EMAIL PROTECTED] --- diff --git a/drivers/oprofile/buffer_sync.c b/drivers/oprofile/buffer_sync.c index 78c2e6e..7f879db 100644 --- a/drivers/oprofile/buffer_sync.c +++ b/drivers/oprofile/buffer_sync.c @@ -250,7 +250,14 @@ static unsigned long lookup_dcookie(stru vma-vm_file-f_path.mnt); *offset = (vma-vm_pgoff PAGE_SHIFT) + addr - vma-vm_start; - } else { + } +#ifdef CONFIG_X86_32 + else if(mm-context.vdso==vma-vm_start){ +cookie = VDSO_COOKIE; + *offset = addr; + } +#endif + else { /* must be an anonymous map */ *offset = addr; } diff --git a/drivers/oprofile/event_buffer.h b/drivers/oprofile/event_buffer.h index 9241627..edc8ee2 100644 --- a/drivers/oprofile/event_buffer.h +++ b/drivers/oprofile/event_buffer.h @@ -35,6 +35,7 @@ #define CTX_TGID_CODE 7 #define TRACE_BEGIN_CODE 8 #define TRACE_END_CODE 9 +#define VDSO_COOKIE ~1UL #define INVALID_COOKIE ~0UL #define NO_COOKIE 0UL - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
RE: kref refcnt and false positives
-Original Message- From: Eric Dumazet [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 13, 2006 11:57 PM To: Andrew Morton Cc: Greg KH; Pallipadi, Venkatesh; Arjan; linux-kernel; Eric W. Biederman Subject: Re: kref refcnt and false positives I agree this 'optimization' is not good (I was the guy who suggested it http://lkml.org/lkml/2006/1/30/4 ) After Eric Biederman message (http://lkml.org/lkml/2006/1/30/292) I remember adding some stat counters and telling Greg to not put the patch in because kref_put() was mostly called with refcount=1. But the patch did its way. I *did* ask Greg to revert it, but cannot find this mail archived somewhere... But I believe Venkatesh problem comes from its release() function : It is supposed to free the object. If not, it should properly setup it so that further uses are OK. ie doing in release(kref) atomic_set(kref-count, 0); Agreed that setting kref refcnt to 0 in release will solve the probloem. But, once the optimization code is removed, we don't need to set it to zero as release will only be called after the count reaches zero anyway. Thanks, Venki - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: 2.6.19-mm1: gotemp: memset(..., 0) error
On Wed, Dec 13, 2006 at 02:05:59PM +0100, Adrian Bunk wrote: -- snip -- ... NOT FOR MAINLINE! This is for the driver tutorial I give. It will not be included in the mainline kernel tree ever. Use the ldusb driver that is already there instead for this device. This is only a teaching tool. ... + pkt = kmalloc(sizeof(*pkt), GFP_ATOMIC); + if (!pkt) + return -ENOMEM; + memset(pkt, sizeof(*pkt), 0x00); ... -- snip -- Lesson 1: Write an USB driver. Lesson 2: Correct the memset() argument order or use kzalloc(). Heh, thanks, I've now fixed that up in my tree. greg k-h - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: Linux 2.6.20-rc1
Le jeudi 14 décembre 2006 à 18:22 -0500, Jeff Garzik a écrit : Nicolas Mailhot wrote: Alistair John Strachan s0348365 at sms.ed.ac.uk writes: `hddtemp' has stopped working on 2.6.20-rc1: → http://bugzilla.kernel.org/show_bug.cgi?id=7581 I'm not sure I quite follow your bug report. Are you saying that the patch you attached causes the problem? No, I'm saying the hddtemp breakage people report against 2.6.20-rc1 also occurred between 2.6.19-rc5-mm2 and 2.6.19-rc6-mm1, as reported in this bug. Also this system sports two different (S)ATA controllers (SiI 3114 and CK804), disks on both stopped reporting temp at the same time so the change is not chipset-specific -- Nicolas Mailhot signature.asc Description: Ceci est une partie de message numériquement signée
Re: [PATCH/RFC] CodingStyle updates
On 12/14/06, Randy Dunlap [EMAIL PROTECTED] wrote: Scott Preece wrote: [1] Outside of comments, documentation and except in Kconfig, spaces are never used for indentation, and the above example is deliberately broken. --- I realize it isn't text you added, but what's that supposed to mean? Surely the 8-character indents are made up of spaces. Does it mean No, the 8-character indents are made of one ASCII TAB character. Probably should say so, then. As it is, the only way to figure that out (other than loking at code (:)) is to infer it from the .emacs example, which doesn't come until 8 chapters later in the document. Maybe: Outside of comments, documentation, and Kconfig, use TAB characters for indentation. Spaces are never used for indentation, and the above example is deliberately broken in several ways, including use of spaces. scott - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: amd64 agpgart aperture base value
On Thu, Dec 14, 2006 at 06:35:30PM -0500, Daniel Drake wrote: So, you think that the aperture moving to a different location on every boot is what the BIOS desires? Is it normal for it to move so much? Beats me. I gave up trying to understand BIOS authors motivations years ago. The current patch drops the upper bits and results in the aperture always being in the same place, and this appears to work. If the BIOS did really put the aperture beyond 4GB but my patch is making Linux put it somewhere else, does it surprise you that things are still working smoothly? Does it survive a run of testgart when masking out the high bits? It could be that you're right, and the upper bits being reported really are garbage. Is it even possible for the aperture to start beyond 4GB when the system has less than 4GB of RAM? The amount of RAM is irrelevant, it can appear anywhere in the address space, which on 64bit, is pretty darned huge. The aperture isn't backed by RAM, it's a 'virtual window' of sorts. When you write to an address in that range, it gets transparently remapped to somewhere else in the address space. The window is the 'aperture', where it remaps to is controlled by a translation table called the GATT (which does live in real memory). That's pretty much all there is to AGP. It's just a really dumb MMU of sorts. Dave -- http://www.codemonkey.org.uk - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] CodingStyle updates
On Thu, 14 Dec 2006, Randy Dunlap wrote: David Weinehall wrote: On Thu, Dec 07, 2006 at 12:48:38AM -0800, Randy Dunlap wrote: [snip] +but no space after unary operators: + sizeof ++ --* + - ~ ! defined Uhm, that doesn't compute... If you don't put a space after sizeof, the program won't compile. int c; printf(%d, sizeofc); Uh, we prefer not to see sizeof c. IOW, we prefer to have the parentheses use all the time. Maybe I need to say that better? here's a *really* rough first pass, i'm sure the end result would need some hand tweaking: = #!/bin/sh DIR=$1 # # Put in missing parentheses. # for f in $(grep -Erl sizeof [^\(] ${DIR}) ; do echo $f perl -pi -e s/sizeof ([*]?[A-Za-z0-9_\[\]\.-]+)( *)/sizeof\(\1\)\2/g $f done # # Delete possible space between sizeof and (. # for f in $(grep -rl sizeof ( ${DIR}) ; do perl -pi -e s/sizeof \(/sizeof\(/g $f done # # Delete obnoxious spaces inside parentheses. # for f in $(grep -rl sizeof( ${DIR}) ; do perl -pi -e s/sizeof\( *([^ \)]+) *\)/sizeof\(\1\)/g $f done === rday - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: data corruption with nvidia chipsets and IDE/SATA drives // memory hole mapping related bug?!
On Sat, 2006-12-02 at 01:56 +0100, Christoph Anton Mitterer wrote: Hi. Perhaps some of you have read my older two threads: http://marc.theaimsgroup.com/?t=11631244001r=1w=2 and the even older http://marc.theaimsgroup.com/?t=11629131451r=1w=2 The issue was basically the following: I found a severe bug mainly by fortune because it occurs very rarely. My test looks like the following: I have about 30GB of testing data on my harddisk,... I repeat verifying sha512 sums on these files and check if errors occur. One test pass verifies the 30GB 50 times,... about one to four differences are found in each pass. This sounds very similar to a corruption issue I was experiencing on my nforce4 based system. After replacing most of my hardware to no avail, I discovered that if increased the voltage for my RAM chips the corruption went away. Note that I was not overclocking at all. Worth a try. Dax Kelson - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH] [AGP] Fix detection of aperture size versus GTT size on G965.
From: Eric Anholt [EMAIL PROTECTED] On the G965, the GTT size may be larger than is required to cover the aperture. (In fact, on all hardware we've seen, the GTT is 512KB to the aperture's 256MB). A previous commit forced the aperture size to 512MB on G965 to match GTT, which would likely result in hangs at best if users tried to rely on agpgart's aperture size information. Instead, we use the resource length for the aperture size and the system's reported GTT size when available for the GTT size. Because the MSAC registers which had been read for aperture size detection on i9xx chips just cause a change in the resource size, we can use generic code for aperture detection on all i9xx. Signed-off-by: Eric Anholt [EMAIL PROTECTED] --- drivers/char/agp/agp.h |4 ++ drivers/char/agp/intel-agp.c | 110 ++ 2 files changed, 62 insertions(+), 52 deletions(-) diff --git a/drivers/char/agp/agp.h b/drivers/char/agp/agp.h index 8b3317f..1d59e2a 100644 --- a/drivers/char/agp/agp.h +++ b/drivers/char/agp/agp.h @@ -225,6 +225,10 @@ struct agp_bridge_data { #define I810_GMS_DISABLE 0x #define I810_PGETBL_CTL0x2020 #define I810_PGETBL_ENABLED0x0001 +#define I965_PGETBL_SIZE_MASK 0x000e +#define I965_PGETBL_SIZE_512KB (0 1) +#define I965_PGETBL_SIZE_256KB (1 1) +#define I965_PGETBL_SIZE_128KB (2 1) #define I810_DRAM_CTL 0x3000 #define I810_DRAM_ROW_00x0001 #define I810_DRAM_ROW_0_SDRAM 0x0001 diff --git a/drivers/char/agp/intel-agp.c b/drivers/char/agp/intel-agp.c index 555b3a8..c99082b 100644 --- a/drivers/char/agp/intel-agp.c +++ b/drivers/char/agp/intel-agp.c @@ -370,6 +370,11 @@ static struct _intel_i830_private { struct pci_dev *i830_dev; /* device one */ volatile u8 __iomem *registers; volatile u32 __iomem *gtt; /* I915G */ + /* gtt_entries is the number of gtt entries that are already mapped +* to stolen memory. Stolen memory is larger than the memory mapped +* through gtt_entries, as it includes some reserved space for the BIOS +* popup and for the GTT. +*/ int gtt_entries; } intel_i830_private; @@ -380,14 +385,41 @@ static void intel_i830_init_gtt_entries(void) u8 rdct; int local = 0; static const int ddt[4] = { 0, 16, 32, 64 }; - int size; + int size; /* reserved space (in kb) at the top of stolen memory */ pci_read_config_word(agp_bridge-dev,I830_GMCH_CTRL,gmch_ctrl); - /* We obtain the size of the GTT, which is also stored (for some -* reason) at the top of stolen memory. Then we add 4KB to that -* for the video BIOS popup, which is also stored in there. */ - size = agp_bridge-driver-fetch_size() + 4; + if (IS_I965) { + u32 pgetbl_ctl; + + pci_read_config_dword(agp_bridge-dev, I810_PGETBL_CTL, + pgetbl_ctl); + /* The 965 has a field telling us the size of the GTT, +* which may be larger than what is necessary to map the +* aperture. +*/ + switch (pgetbl_ctl I965_PGETBL_SIZE_MASK) { + case I965_PGETBL_SIZE_128KB: + size = 128; + break; + case I965_PGETBL_SIZE_256KB: + size = 256; + break; + case I965_PGETBL_SIZE_512KB: + size = 512; + break; + default: + printk(KERN_INFO PFX Unknown page table size, + assuming 512KB\n); + size = 512; + } + size += 4; /* add in BIOS popup space */ + } else { + /* On previous hardware, the GTT size was just what was +* required to map the aperture. +*/ + size = agp_bridge-driver-fetch_size() + 4; + } if (agp_bridge-dev-device == PCI_DEVICE_ID_INTEL_82830_HB || agp_bridge-dev-device == PCI_DEVICE_ID_INTEL_82845G_HB) { @@ -743,22 +775,27 @@ static int intel_i915_remove_entries(struct agp_memory *mem,off_t pg_start, return 0; } -static int intel_i915_fetch_size(void) +/* Return the aperture size by just checking the resource length. The effect + * described in the spec of the MSAC registers is just changing of the + * resource size. + */ +static int intel_i9xx_fetch_size(void) { - struct aper_size_info_fixed *values; - u32 temp, offset; + int num_sizes = sizeof(intel_i830_sizes) / sizeof(*intel_i830_sizes); + int aper_size; /* size in megabytes */ + int i; -#define I915_256MB_ADDRESS_MASK (127) + aper_size = pci_resource_len(intel_i830_private.i830_dev, 2) / MB(1); - values =
Re: kref refcnt and false positives
Pallipadi, Venkatesh [EMAIL PROTECTED] writes: But I believe Venkatesh problem comes from its release() function : It is supposed to free the object. If not, it should properly setup it so that further uses are OK. ie doing in release(kref) atomic_set(kref-count, 0); Agreed that setting kref refcnt to 0 in release will solve the probloem. But, once the optimization code is removed, we don't need to set it to zero as release will only be called after the count reaches zero anyway. The primary point of the optimization is to not write allocate a cache line unnecessarily. I don't know it's value, but it can have one especially on big way SMP machines. If the optimization is not performed setting the value to 0 immediately there after has not real cost as your cpu has the dirty cache line already. If the optimization is performed you still have to dirty the cache line but at least you don't have to allocate it. How that compares to the branch mispredict in cost I don't know, except that cache line misses are the only operation that is generally more expensive than branch misses. So I see no virtue in avoiding the atomic_set(kref-count, 0) if you are about to immediately reuse the data structure. Eric - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: lots of code could be simplified by using ARRAY_SIZE()
On Fri, 15 Dec 2006, Miguel Ojeda wrote: On 12/13/06, Robert P. J. Day [EMAIL PROTECTED] wrote: there are numerous places throughout the source tree that apparently calculate the size of an array using the construct sizeof(fubar)/sizeof(fubar[0]). see for yourself: $ grep -Er sizeof\((.*)\) ?/ ?sizeof\(\1\[0\]\) * but we already have, from include/linux/kernel.h: #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) Maybe *(x) instead of (x)[0]? yeah, there's a bunch of that, too: $ grep -Er sizeof\((.*)\) ?/ ?sizeof\(\*\1\) . easy enough to catch using the same technique. rday - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] CodingStyle updates
On Thu, 14 Dec 2006 19:07:27 -0500 (EST) Robert P. J. Day wrote: On Thu, 14 Dec 2006, Randy Dunlap wrote: David Weinehall wrote: On Thu, Dec 07, 2006 at 12:48:38AM -0800, Randy Dunlap wrote: [snip] +but no space after unary operators: + sizeof ++ --* + - ~ ! defined Uhm, that doesn't compute... If you don't put a space after sizeof, the program won't compile. int c; printf(%d, sizeofc); Uh, we prefer not to see sizeof c. IOW, we prefer to have the parentheses use all the time. Maybe I need to say that better? here's a *really* rough first pass, i'm sure the end result would need some hand tweaking: You can certainly send such (generated) patches to Andrew or other subsystem maintainers if you'd like, but I'm more interested in not adding more crud to the tree in the future. IOW, sure, we prefer sizeof(foo) to sizeof foo, but the latter isn't killing us. If someone is there making other changes, it would be OK to change that also. Compare: http://lkml.org/lkml/2006/12/7/191 --- ~Randy - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: kref refcnt and false positives
On Thu, 14 Dec 2006 17:19:55 -0700 [EMAIL PROTECTED] (Eric W. Biederman) wrote: Pallipadi, Venkatesh [EMAIL PROTECTED] writes: But I believe Venkatesh problem comes from its release() function : It is supposed to free the object. If not, it should properly setup it so that further uses are OK. ie doing in release(kref) atomic_set(kref-count, 0); Agreed that setting kref refcnt to 0 in release will solve the probloem. But, once the optimization code is removed, we don't need to set it to zero as release will only be called after the count reaches zero anyway. The primary point of the optimization is to not write allocate a cache line unnecessarily. I don't know it's value, but it can have one especially on big way SMP machines. Guys, we have about 100 reports of weirdo crashes, smashes, bashes and splats in the kref code. The last thing we need is some obscure, tricksy little optimisation which leads legitimate uses of the API to mysteriously fail. If we are allocating and freeing kref-counted objects at a sufficiently high frequency for this thing to make a difference then we should fix that instead of trying to suck faster. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: libata-pata with ICH4, rootfs
On Thu, 14 Dec 2006 18:32:50 + Alistair John Strachan [EMAIL PROTECTED] wrote: Correct me if I'm wrong, but SATA wasn't available on ICH4. Only 5 and greater. The kernel help text agrees with me. My IDE controller usually works with CONFIG_BLK_DEV_PIIX; I was interested in using your pata_xxx drivers in replacement, assuming there was support. The ata_piix driver does both SATA and PATA for the later chips. The reason for this is that the SATA ICH devices have PATA ports as well which are closely interlinked in how they operate. Since the ata_piix driver has to drive those and the PATA only ones from PIIX3 onward are similar it handles them all. Alan - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: Linux 2.6.20-rc1
On Thursday 14 December 2006 21:20, Jens Axboe wrote: On Thu, Dec 14 2006, Alistair John Strachan wrote: Hi Jens, On Thursday 14 December 2006 20:48, Jens Axboe wrote: On Thu, Dec 14 2006, Jens Axboe wrote: I'll do that if nobody comes up with anything obvious. If you can just test 2.6.19-git1, then we'll know if it's the SG_IO patch again. Actually, you should test 2.6.19-git1 with this patch applied as well. 2.6.19-git1 with FUJITA Tomonori's bio-leak fix doesn't break, and hddtemp continues to work fine: [root] 21:10 [~] hddtemp /dev/sda /dev/sdb /dev/sdc /dev/sdd /dev/sda: WDC WD2500KS-00MJB0: 29°C /dev/sdb: WDC WD2500KS-00MJB0: 27°C /dev/sdc: Maxtor 6B200M0: 28°C /dev/sdd: Maxtor 6B200M0: 26°C I've added the strace results to the URL previously posted, with the config. Then it is likely the sata updates, SG_IO is off the hook. I bisected all the way down to 0e75f9063f5c55fb0b0b546a7c356f8ec186825e, which git reckons is the culprit. I wasn't able to revert this commit to test, because it has conflicts. Any ideas? -- Cheers, Alistair. Final year Computer Science undergraduate. 1F2 55 South Clerk Street, Edinburgh, UK. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 4/4] Distinguish /proc/kmsg access from sys_syslog
Finally, add a new security class for access to /proc/kmsg, distinct from the class used for the read current messages operations on sys_syslog. The dummy and capability modules permit access to /proc/kmsg to any user (who has somehow acquired an open fd on it); SELinux is unchanged. This accomplishes what I was trying to do in the first place, i.e. enable running klogd unprivileged without a root shim, in a non-SELinux installation. Please remember that the default DAC permissions for /proc/kmsg restrict it to root, so unless you chmod it in your installation or modify klogd to open the file and then drop privs, the actual restrictions are unchanged. zw Index: linux-2.6/fs/proc/kmsg.c === --- linux-2.6.orig/fs/proc/kmsg.c 2006-12-13 16:36:56.0 -0800 +++ linux-2.6/fs/proc/kmsg.c2006-12-13 16:41:33.0 -0800 @@ -23,7 +23,7 @@ static int kmsg_open(struct inode * inode, struct file * file) { - int error = security_syslog(LSM_KLOG_READ); + int error = security_syslog(LSM_KLOG_READ_PROC); if (error) return error; return nonseekable_open(inode, file); @@ -37,7 +37,7 @@ static ssize_t kmsg_read(struct file *file, char __user *buf, size_t count, loff_t *ppos) { - int error = security_syslog(LSM_KLOG_READ); + int error = security_syslog(LSM_KLOG_READ_PROC); if (error) return error; return klog_read(buf, count, !(file-f_flags O_NONBLOCK)); @@ -45,7 +45,7 @@ static unsigned int kmsg_poll(struct file *file, poll_table *wait) { - int error = security_syslog(LSM_KLOG_READ); + int error = security_syslog(LSM_KLOG_READ_PROC); if (error) return error; return klog_poll(file, wait); Index: linux-2.6/security/commoncap.c === --- linux-2.6.orig/security/commoncap.c 2006-12-13 16:11:13.0 -0800 +++ linux-2.6/security/commoncap.c 2006-12-13 16:41:33.0 -0800 @@ -311,7 +311,14 @@ int cap_syslog (int type) { - if (type != LSM_KLOG_READHIST !capable(CAP_SYS_ADMIN)) + /* +* Reading history is allowed to any user, and so is reading +* current messages via /proc/kmsg (by default that file is +* only readable by root, but root is allowed to change that, +* or open it and hand the fd to an unprivileged process). +*/ + if (type != LSM_KLOG_READHIST type != LSM_KLOG_READ_PROC +!capable(CAP_SYS_ADMIN)) return -EPERM; return 0; } Index: linux-2.6/security/selinux/hooks.c === --- linux-2.6.orig/security/selinux/hooks.c 2006-12-13 16:11:41.0 -0800 +++ linux-2.6/security/selinux/hooks.c 2006-12-13 16:41:33.0 -0800 @@ -1515,7 +1515,14 @@ case LSM_KLOG_CONSOLE: return task_has_system(current, SYSTEM__SYSLOG_CONSOLE); + /* +* N.B. Unlike the default security model, with +* SELinux active you have to have SYSTEM__SYSLOG_MOD +* privilege to read current messages either with the +* system call or from /proc/kmsg. +*/ case LSM_KLOG_READ: + case LSM_KLOG_READ_PROC: case LSM_KLOG_CLEARHIST: default: return task_has_system(current, SYSTEM__SYSLOG_MOD); Index: linux-2.6/include/linux/security.h === --- linux-2.6.orig/include/linux/security.h 2006-12-13 16:41:45.0 -0800 +++ linux-2.6/include/linux/security.h 2006-12-13 16:42:26.0 -0800 @@ -94,6 +94,8 @@ #define LSM_KLOG_READHIST 1 /* read message history (dmesg) */ #define LSM_KLOG_CLEARHIST 2 /* clear message history (dmesg -c) */ #define LSM_KLOG_CONSOLE 3 /* set console log level */ +#define LSM_KLOG_READ_PROC 4 /* read current messages, but from /proc/kmsg + rather than the system call */ /* forward declares to avoid warnings */ struct nfsctl_arg; -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] CodingStyle updates
On Thu, 14 Dec 2006, Randy Dunlap wrote: On Thu, 14 Dec 2006 19:07:27 -0500 (EST) Robert P. J. Day wrote: On Thu, 14 Dec 2006, Randy Dunlap wrote: David Weinehall wrote: On Thu, Dec 07, 2006 at 12:48:38AM -0800, Randy Dunlap wrote: [snip] +but no space after unary operators: + sizeof ++ --* + - ~ ! defined Uhm, that doesn't compute... If you don't put a space after sizeof, the program won't compile. int c; printf(%d, sizeofc); Uh, we prefer not to see sizeof c. IOW, we prefer to have the parentheses use all the time. Maybe I need to say that better? here's a *really* rough first pass, i'm sure the end result would need some hand tweaking: You can certainly send such (generated) patches to Andrew or other subsystem maintainers if you'd like, but I'm more interested in not adding more crud to the tree in the future. IOW, sure, we prefer sizeof(foo) to sizeof foo, but the latter isn't killing us. If someone is there making other changes, it would be OK to change that also. the advantage to standardizing what's there is that it makes it easier to make subsequent changes. as a perfect example, because there are several variations to the use of sizeof, trying to catch every combination that might be replaceable by the use of ARRAY_SIZE() is just that much harder since you'd have to (as i had to) use regular expressions to check for every variant -- parentheses or no parentheses? space after the word or not? internal spaces within the parentheses? all that variation makes global changes for more useful stuff a real pain. rday - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 3/4] Refactor do_syslog interface
This patch breaks out the read operations in do_syslog() into their own functions (klog_read, klog_readhist) and adds a klog_poll. klog_read grows the ability to do a nonblocking read, which I expose in the sys_syslog interface because there doesn't seem to be any reason not to. do_syslog itself is folded into sys_syslog. The security checks remain there, not in the subfunctions. kmsg.c is then changed to use those functions instead of calling do_syslog and/or poll_wait itself.. This entails that it must call security_syslog as appropriate itself. In this patch I preserve the security checks exactly as they were with one exception: neither kmsg_close() nor sys_syslog(KLOG_CLOSE, ...) calls security_syslog at all anymore (close operations should never fail). Finally, I fixed a couple of minor bugs. __put_user error handling in klog_read was slightly off: if __put_user returns an error, that character should not be consumed from the kernel buffer; if it returns an error after some characters have already been copied successfully, the read operation should return the count of already-copied characters, not the error code. Seeking on /proc/kmsg has never been meaningful, so kmsg_open() should call nonseekable_open() to enforce that. Change from previous version of patch: proc/kmsg.c declares the kernel/printk.c interfaces itself, instead of getting them from klog.h which people want to be purely userspace-visible constants. kmsg.c has always had private declarations of printk.c functions (before, there were declarations of do_syslog and a wait queue there); as it is unlikely that more users of these functions will appear, I think this will do fine. (It might be reasonable to put declarations in console.h.) zw Index: linux-2.6/fs/proc/kmsg.c === --- linux-2.6.orig/fs/proc/kmsg.c 2006-12-13 16:04:46.0 -0800 +++ linux-2.6/fs/proc/kmsg.c2006-12-13 16:36:56.0 -0800 @@ -12,40 +12,43 @@ #include linux/poll.h #include linux/fs.h #include linux/klog.h +#include linux/security.h #include asm/uaccess.h #include asm/io.h -extern wait_queue_head_t log_wait; - -extern int do_syslog(int type, char __user *bug, int count); +/* interfaces from kernel/printk.c */ +extern int klog_read(char __user *, int, int); +extern unsigned int klog_poll(struct file *, poll_table *); static int kmsg_open(struct inode * inode, struct file * file) { - return do_syslog(KLOG_OPEN,NULL,0); + int error = security_syslog(LSM_KLOG_READ); + if (error) + return error; + return nonseekable_open(inode, file); } static int kmsg_release(struct inode * inode, struct file * file) { - (void) do_syslog(KLOG_CLOSE,NULL,0); return 0; } static ssize_t kmsg_read(struct file *file, char __user *buf, size_t count, loff_t *ppos) { - if ((file-f_flags O_NONBLOCK) -!do_syslog(KLOG_GET_UNREAD, NULL, 0)) - return -EAGAIN; - return do_syslog(KLOG_READ, buf, count); + int error = security_syslog(LSM_KLOG_READ); + if (error) + return error; + return klog_read(buf, count, !(file-f_flags O_NONBLOCK)); } static unsigned int kmsg_poll(struct file *file, poll_table *wait) { - poll_wait(file, log_wait, wait); - if (do_syslog(KLOG_GET_UNREAD, NULL, 0)) - return POLLIN | POLLRDNORM; - return 0; + int error = security_syslog(LSM_KLOG_READ); + if (error) + return error; + return klog_poll(file, wait); } Index: linux-2.6/include/linux/klog.h === --- linux-2.6.orig/include/linux/klog.h 2006-12-13 16:12:43.0 -0800 +++ linux-2.6/include/linux/klog.h 2006-12-13 16:33:09.0 -0800 @@ -20,7 +20,9 @@ * printed to console */ KLOG_GET_UNREAD = 9, /* return number of unread characters */ - KLOG_GET_SIZE= 10 /* return size of log buffer */ + KLOG_GET_SIZE= 10, /* return size of log buffer */ + KLOG_READ_NONBLOCK = 11, /* read from log, don't block if empty + * -- new in 2.6.20 */ }; #endif /* klog.h */ Index: linux-2.6/kernel/printk.c === --- linux-2.6.orig/kernel/printk.c 2006-12-13 16:08:30.0 -0800 +++ linux-2.6/kernel/printk.c 2006-12-13 16:39:24.0 -0800 @@ -33,6 +33,7 @@ #include linux/syscalls.h #include linux/jiffies.h #include linux/klog.h +#include linux/poll.h #include asm/uaccess.h @@ -45,7 +46,7 @@ #define MINIMUM_CONSOLE_LOGLEVEL 1 /* Minimum loglevel we let people use */ #define DEFAULT_CONSOLE_LOGLEVEL 7 /* anything MORE serious than KERN_DEBUG */ -DECLARE_WAIT_QUEUE_HEAD(log_wait); +static DECLARE_WAIT_QUEUE_HEAD(log_wait); int
[patch 2/4] permission mapping for sys_syslog operations
As suggested by Stephen Smalley: map the various sys_syslog operations to a smaller set of privilege codes before calling security modules. This patch changes the security module interface! There should be no change in the actual security semantics enforced by dummy, capability, nor SELinux (with one exception, clearly marked in sys_syslog). Change from previous version of patch: the privilege codes are now in linux/security.h instead of linux/klog.h, and use the LSM_* naming convention used for other such constants in that file. zw Index: linux-2.6/kernel/printk.c === --- linux-2.6.orig/kernel/printk.c 2006-12-13 16:06:22.0 -0800 +++ linux-2.6/kernel/printk.c 2006-12-13 16:08:30.0 -0800 @@ -164,6 +164,12 @@ __setup(log_buf_len=, log_buf_len_setup); +#define security_syslog_or_fail(type) do { \ + int error = security_syslog(type); \ + if (error) \ + return error; \ + } while (0) + /* See linux/klog.h for the command numbers passed as the first argument. */ int do_syslog(int type, char __user *buf, int len) { @@ -172,16 +178,15 @@ char c; int error = 0; - error = security_syslog(type); - if (error) - return error; - switch (type) { case KLOG_CLOSE: + security_syslog_or_fail(LSM_KLOG_READ); break; case KLOG_OPEN: + security_syslog_or_fail(LSM_KLOG_READ); break; case KLOG_READ: + security_syslog_or_fail(LSM_KLOG_READ); error = -EINVAL; if (!buf || len 0) goto out; @@ -213,9 +218,11 @@ error = i; break; case KLOG_READ_CLEAR_HIST: + security_syslog_or_fail(LSM_KLOG_CLEARHIST); do_clear = 1; /* FALL THRU */ case KLOG_READ_HIST: + security_syslog_or_fail(LSM_KLOG_READHIST); error = -EINVAL; if (!buf || len 0) goto out; @@ -269,15 +276,19 @@ } break; case KLOG_CLEAR_HIST: + security_syslog_or_fail(LSM_KLOG_CLEARHIST); logged_chars = 0; break; case KLOG_DISABLE_CONSOLE: + security_syslog_or_fail(LSM_KLOG_CONSOLE); console_loglevel = minimum_console_loglevel; break; case KLOG_ENABLE_CONSOLE: + security_syslog_or_fail(LSM_KLOG_CONSOLE); console_loglevel = default_console_loglevel; break; case KLOG_SET_CONSOLE_LVL: + security_syslog_or_fail(LSM_KLOG_CONSOLE); error = -EINVAL; if (len 1 || len 8) goto out; @@ -287,9 +298,18 @@ error = 0; break; case KLOG_GET_UNREAD: + security_syslog_or_fail(LSM_KLOG_READ); error = log_end - log_start; break; case KLOG_GET_SIZE: + /* This one is allowed if you have _either_ + LSM_KLOG_READ or LSM_KLOG_READHIST. */ + error = security_syslog(LSM_KLOG_READ); + if (error) + error = security_syslog(LSM_KLOG_READHIST); + if (error) + break; + error = log_buf_len; break; default: Index: linux-2.6/security/commoncap.c === --- linux-2.6.orig/security/commoncap.c 2006-12-13 16:06:22.0 -0800 +++ linux-2.6/security/commoncap.c 2006-12-13 16:11:13.0 -0800 @@ -311,7 +311,7 @@ int cap_syslog (int type) { - if ((type != 3 type != 10) !capable(CAP_SYS_ADMIN)) + if (type != LSM_KLOG_READHIST !capable(CAP_SYS_ADMIN)) return -EPERM; return 0; } Index: linux-2.6/security/dummy.c === --- linux-2.6.orig/security/dummy.c 2006-12-13 16:06:22.0 -0800 +++ linux-2.6/security/dummy.c 2006-12-13 16:11:31.0 -0800 @@ -96,7 +96,7 @@ static int dummy_syslog (int type) { - if ((type != 3 type != 10) current-euid) + if (type != LSM_KLOG_READHIST current-euid) return -EPERM; return 0; } Index: linux-2.6/security/selinux/hooks.c === --- linux-2.6.orig/security/selinux/hooks.c 2006-12-13 16:06:22.0 -0800 +++ linux-2.6/security/selinux/hooks.c 2006-12-13 16:11:41.0 -0800 @@ -1509,25 +1509,17 @@ return rc; switch (type) { - case 3: /*
[patch 0/4] /proc/kmsg permissions, take three
Here's a re-revised version of my patch set to allow klogd to drop privileges and continue reading from /proc/kmsg (currently, even if klogd has a legitimately opened fd on /proc/kmsg, it cannot read from it unless it has CAP_SYS_ADMIN asserted). SELinux's pickier and finer-grained privilege rules for /proc/kmsg are unchanged. The major change from the previous patchset [q.v. http://comments.gmane.org/gmane.linux.kernel/466034 ] is that, as Arjan van de Ven requested, the new header linux/klog.h contains only userspace-visible definitions (the constants for sys_syslog()). Thanks to Alexey Dobriyan for telling me the proper place to put the KLOGSEC_* constants (now renamed LSM_KLOG_* in keeping with other such constants). They have also been rediffed versus yesterday's git. They should be applied in sequence; each step compiles, and the complete set has been booted and tested to work as intended. Any comments, as usual, appreciated. I would very much like to see this in 2.6.20. zw - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 1/4] Add linux/klog.h
This patch introduces linux/klog.h with symbolic constants for the various sys_syslog() opcodes, and changes all in-kernel references to those opcodes to use the constants. The header is added to the set of user/kernel interface headers. (Unlike the previous revision of this patch series, no kernel-private additions to this file are contemplated.) zw Index: linux-2.6/include/linux/Kbuild === --- linux-2.6.orig/include/linux/Kbuild 2006-12-13 15:58:13.0 -0800 +++ linux-2.6/include/linux/Kbuild 2006-12-13 16:06:57.0 -0800 @@ -100,6 +100,7 @@ header-y += ixjuser.h header-y += jffs2.h header-y += keyctl.h +header-y += klog.h header-y += limits.h header-y += lock_dlm_plock.h header-y += magic.h Index: linux-2.6/include/linux/klog.h === --- /dev/null 1970-01-01 00:00:00.0 + +++ linux-2.6/include/linux/klog.h 2006-12-13 16:06:22.0 -0800 @@ -0,0 +1,26 @@ +#ifndef _LINUX_KLOG_H +#define _LINUX_KLOG_H + +/* + * Constants for the first argument to the syslog() system call + * (aka klogctl()). These numbers are part of the user space ABI! + */ +enum { + KLOG_CLOSE = 0, /* close log */ + KLOG_OPEN= 1, /* open log */ + KLOG_READ= 2, /* read from log (klogd) */ + + KLOG_READ_HIST = 3, /* read history of log messages (dmesg) */ + KLOG_READ_CLEAR_HIST = 4, /* read and clear history */ + KLOG_CLEAR_HIST = 5, /* just clear history */ + + KLOG_DISABLE_CONSOLE = 6, /* disable printk to console */ + KLOG_ENABLE_CONSOLE = 7, /* enable printk to console */ + KLOG_SET_CONSOLE_LVL = 8, /* set minimum severity of messages to be + * printed to console */ + + KLOG_GET_UNREAD = 9, /* return number of unread characters */ + KLOG_GET_SIZE= 10 /* return size of log buffer */ +}; + +#endif /* klog.h */ Index: linux-2.6/kernel/printk.c === --- linux-2.6.orig/kernel/printk.c 2006-12-13 15:58:16.0 -0800 +++ linux-2.6/kernel/printk.c 2006-12-13 16:06:22.0 -0800 @@ -32,6 +32,7 @@ #include linux/bootmem.h #include linux/syscalls.h #include linux/jiffies.h +#include linux/klog.h #include asm/uaccess.h @@ -163,21 +164,7 @@ __setup(log_buf_len=, log_buf_len_setup); -/* - * Commands to do_syslog: - * - * 0 -- Close the log. Currently a NOP. - * 1 -- Open the log. Currently a NOP. - * 2 -- Read from the log. - * 3 -- Read all messages remaining in the ring buffer. - * 4 -- Read and clear all messages remaining in the ring buffer - * 5 -- Clear ring buffer. - * 6 -- Disable printk's to console - * 7 -- Enable printk's to console - * 8 -- Set level of messages printed to console - * 9 -- Return number of unread characters in the log buffer - * 10 -- Return size of the log buffer - */ +/* See linux/klog.h for the command numbers passed as the first argument. */ int do_syslog(int type, char __user *buf, int len) { unsigned long i, j, limit, count; @@ -190,11 +177,11 @@ return error; switch (type) { - case 0: /* Close log */ + case KLOG_CLOSE: break; - case 1: /* Open log */ + case KLOG_OPEN: break; - case 2: /* Read from log */ + case KLOG_READ: error = -EINVAL; if (!buf || len 0) goto out; @@ -225,10 +212,10 @@ if (!error) error = i; break; - case 4: /* Read/clear last kernel messages */ + case KLOG_READ_CLEAR_HIST: do_clear = 1; /* FALL THRU */ - case 3: /* Read last kernel messages */ + case KLOG_READ_HIST: error = -EINVAL; if (!buf || len 0) goto out; @@ -281,16 +268,16 @@ } } break; - case 5: /* Clear ring buffer */ + case KLOG_CLEAR_HIST: logged_chars = 0; break; - case 6: /* Disable logging to console */ + case KLOG_DISABLE_CONSOLE: console_loglevel = minimum_console_loglevel; break; - case 7: /* Enable logging to console */ + case KLOG_ENABLE_CONSOLE: console_loglevel = default_console_loglevel; break; - case 8: /* Set level of messages printed to console */ + case KLOG_SET_CONSOLE_LVL: error = -EINVAL; if (len 1 || len 8) goto out; @@ -299,10 +286,10 @@ console_loglevel = len;
Re: [PATCH] Fix help text for CONFIG_ATA_PIIX
Thanks for clarifying Bill, and sorry Alan. ata_piix does indeed work correctly. The help text is a bit confusing: The help text is out of date - thanks that is a real bug - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: kref refcnt and false positives
Andrew Morton [EMAIL PROTECTED] writes: Guys, we have about 100 reports of weirdo crashes, smashes, bashes and splats in the kref code. The last thing we need is some obscure, tricksy little optimisation which leads legitimate uses of the API to mysteriously fail. If we are allocating and freeing kref-counted objects at a sufficiently high frequency for this thing to make a difference then we should fix that instead of trying to suck faster. Agreed. Correct code maintenance certainly trumps performance. For the same reason someone reusing the data structure shouldn't assume the kref code left it in any particular state. So both sides should be liberal in what they accept. Eric - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [patch 1/4] Add linux/klog.h
On Thu, 14 Dec 2006 16:16:40 -0800 Zack Weinberg wrote: This patch introduces linux/klog.h with symbolic constants for the various sys_syslog() opcodes, and changes all in-kernel references to those opcodes to use the constants. The header is added to the set of user/kernel interface headers. (Unlike the previous revision of this patch series, no kernel-private additions to this file are contemplated.) Hi Zack, This patch looks good except for one nit: --- linux-2.6.orig/fs/proc/kmsg.c 2006-12-13 15:53:29.0 -0800 +++ linux-2.6/fs/proc/kmsg.c 2006-12-13 16:04:46.0 -0800 @@ -21,27 +22,28 @@ static int kmsg_open(struct inode * inode, struct file * file) { - return do_syslog(1,NULL,0); + return do_syslog(KLOG_OPEN,NULL,0); } static int kmsg_release(struct inode * inode, struct file * file) { - (void) do_syslog(0,NULL,0); + (void) do_syslog(KLOG_CLOSE,NULL,0); return 0; } Please use a space after the commas (even though you just left it as it already was). --- ~Randy - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: Abolishing the DMCA (was GPL only modules)
The best ways to get rich corporations on our side in fighting the DMCA is to use the DMCA to hurt their profits. Companies that rely on binary drivers would have several options: 1) Lobby politicians to repeal the DMCA, They already are. The tech industry is mostly anti DMCA and there are plenty of deeply proprietary companies who fought against the DMCA, are fighting the US broadcast flag idiocy and so on. So you'd be fighting the wrong people. Alan - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: 2.6.19-git20 cciss: cmd f7b00000 timedout
On Thu, Dec 14, 2006 at 04:16:39PM -0600, Miller, Mike (OS Dev) wrote: H. Dann, did you see this on 32-bit Debian? yep - all reports I've seen so far are on i386 - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH] procfs: Fix race between proc_readdir and remove_proc_entry
Hi, While running a insmod/rmmod loop with the mptsas driver (vanilla 2.6.19, IBM Intellistation Z30, SAS1064E controller if it matters), I encountered the following messages from the kernel: [53092.441412] general protection fault: [1] PREEMPT SMP [53092.447058] CPU 4 [53092.449108] Modules linked in: mptbase scsi_transport_sas ext2 ext3 jbd mbcache nbd acpi_cpufreq processor cpufreq_userspace cpufreq_stats cpufreq_powersave cpufreq_ondemand freq_table cpufreq_conservative dm_mod md_mod ipv6 fuse ata_generic sg sd_mod ata_piix libata mousedev ts dev serio_raw evdev floppy rtc snd_hda_intel snd_hda_codec snd_pcm_oss snd_mixer_oss snd_pcm ohci1394 generic ieee1394 piix scsi_mod snd_time r ide_core ehci_hcd uhci_hcd snd usbcore soundcore snd_page_alloc shpchp pci_hotplug unix [53092.495003] Pid: 570, comm: udevd Not tainted 2.6.19-dic64 #6 [53092.500753] RIP: 0010:[801fafc5] [801fafc5] proc_readdir+0x110/0x186 [53092.508968] RSP: 0018:8100be829e78 EFLAGS: 00010246 [53092.514289] RAX: RBX: 6b6b6b6b6b6b6b6b RCX: 2218b2b5 [53092.521429] RDX: 801fafc5 RSI: 0001 RDI: 810092cf7e48 [53092.528564] RBP: 8100be829eb8 R08: 0002 R09: [53092.535700] R10: 810092cf7e48 R11: 0028 R12: 810005934a08 [53092.542836] R13: 0002 R14: 810092cf7e48 R15: 8013b9e6 [53092.549972] FS: 2b19f2a14d70() GS:8100059b3898() knlGS: [53092.558067] CS: 0010 DS: ES: CR0: 8005003b [53092.563817] CR2: 0051108c CR3: bedb9000 CR4: 06e0 [53092.570954] Process udevd (pid: 570, threadinfo 8100be828000, task 8100befc0080) [53092.579048] Stack: 0246 8100be829f38 80474ea0 [53092.587179] 810092cf7e48 8013b9e6 8100be829f38 8013b9e6 [53092.594679] 8100be829ee8 8014e93e 810092cf7e48 81000593a8a8 [53092.601971] Call Trace: [53092.604644] [8014e93e] proc_root_readdir+0x32/0x68 [53092.610397] [80135abb] vfs_readdir+0x65/0x9a [53092.615628] [801d966b] sys_getdents64+0x7a/0xc1 [53092.621123] [8015e11e] system_call+0x7e/0x83 [53092.627195] DWARF2 unwinder stuck at system_call+0x7e/0x83 [53092.632681] [53092.634189] Leftover inexact backtrace: [53092.634191] [53092.643162] [53092.644663] [53092.644665] Code: 44 8b 4b 10 0f b7 53 04 44 8b 03 49 8b 4e 38 48 8b 73 08 48 [53092.653935] RIP [801fafc5] proc_readdir+0x110/0x186 [53092.659798] RSP 8100be829e78 The slab poison value in %rbx is suspicious, so I dug into the relevant code: 0x801fafc5 proc_readdir+272: mov0x10(%rbx),%r9d 0x801fafc9 proc_readdir+276: movzwl 0x4(%rbx),%edx 0x801fafcd proc_readdir+280: mov(%rbx),%r8d 0x801fafd0 proc_readdir+283: mov0x38(%r14),%rcx 0x801fafd4 proc_readdir+287: mov0x8(%rbx),%rsi 0x801fafd8 proc_readdir+291: mov0xffc8(%rbp),%rdi 0x801fafdc proc_readdir+295: shr$0xc,%r9d 0x801fafe0 proc_readdir+299: callq *%r15 This corresponds to this code in proc_readdir near fs/proc/generic.c:480. It looks like %rbx corresponds to the de pointer: spin_unlock(proc_subdir_lock); if (filldir(dirent, de-name, de-namelen, filp-f_pos, de-low_ino, de-mode 12) 0) goto out; spin_lock(proc_subdir_lock); filp-f_pos++; de = de-next; I believe what's happening here is that proc_readdir drops proc_subdir_lock to call filldir() on the /proc/mpt directory at the same time mptbase is being unloaded. The unload causes the removal of /proc/mpt, which means that de is overwritten with the slab poison value as it is being freed. We reacquire the lock and try to grab the next value of de, but by then the next pointer has been lost, and we crash. I think an acceptable fix is to de_get() the proc_dir_entry count before the unlock and de_put() it after the unlock. Signed-off-by: Darrick J. Wong [EMAIL PROTECTED] --- fs/proc/generic.c |7 +-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/fs/proc/generic.c b/fs/proc/generic.c index 4ba0300..7e77d7e 100644 --- a/fs/proc/generic.c +++ b/fs/proc/generic.c @@ -429,7 +429,7 @@ struct dentry *proc_lookup(struct inode int proc_readdir(struct file * filp, void * dirent, filldir_t filldir) { - struct proc_dir_entry * de; + struct proc_dir_entry * de, *next; unsigned int ino; int i; struct inode *inode = filp-f_dentry-d_inode; @@ -477,13 +477,16 @@ int proc_readdir(struct file * filp, do { /* filldir passes info to user space */ + de_get(de); spin_unlock(proc_subdir_lock); if (filldir(dirent, de-name, de-namelen, filp-f_pos,
Re: [patch 2/4] permission mapping for sys_syslog operations
On Thu, 14 Dec 2006 16:16:41 -0800 Zack Weinberg wrote: As suggested by Stephen Smalley: map the various sys_syslog operations to a smaller set of privilege codes before calling security modules. This patch changes the security module interface! There should be no change in the actual security semantics enforced by dummy, capability, nor SELinux (with one exception, clearly marked in sys_syslog). Change from previous version of patch: the privilege codes are now in linux/security.h instead of linux/klog.h, and use the LSM_* naming convention used for other such constants in that file. Index: linux-2.6/kernel/printk.c === --- linux-2.6.orig/kernel/printk.c2006-12-13 16:06:22.0 -0800 +++ linux-2.6/kernel/printk.c 2006-12-13 16:08:30.0 -0800 @@ -164,6 +164,12 @@ __setup(log_buf_len=, log_buf_len_setup); +#define security_syslog_or_fail(type) do { \ + int error = security_syslog(type); \ + if (error) \ + return error; \ + } while (0) + From Documentation/CodingStyle: Things to avoid when using macros: 1) macros that affect control flow: ... /* See linux/klog.h for the command numbers passed as the first argument. */ int do_syslog(int type, char __user *buf, int len) { @@ -172,16 +178,15 @@ char c; int error = 0; - error = security_syslog(type); - if (error) - return error; - switch (type) { case KLOG_CLOSE: + security_syslog_or_fail(LSM_KLOG_READ); break; case KLOG_OPEN: + security_syslog_or_fail(LSM_KLOG_READ); break; case KLOG_READ: + security_syslog_or_fail(LSM_KLOG_READ); error = -EINVAL; if (!buf || len 0) goto out; @@ -213,9 +218,11 @@ error = i; break; case KLOG_READ_CLEAR_HIST: + security_syslog_or_fail(LSM_KLOG_CLEARHIST); do_clear = 1; /* FALL THRU */ case KLOG_READ_HIST: + security_syslog_or_fail(LSM_KLOG_READHIST); error = -EINVAL; if (!buf || len 0) goto out; @@ -269,15 +276,19 @@ } break; case KLOG_CLEAR_HIST: + security_syslog_or_fail(LSM_KLOG_CLEARHIST); logged_chars = 0; break; case KLOG_DISABLE_CONSOLE: + security_syslog_or_fail(LSM_KLOG_CONSOLE); console_loglevel = minimum_console_loglevel; break; case KLOG_ENABLE_CONSOLE: + security_syslog_or_fail(LSM_KLOG_CONSOLE); console_loglevel = default_console_loglevel; break; case KLOG_SET_CONSOLE_LVL: + security_syslog_or_fail(LSM_KLOG_CONSOLE); error = -EINVAL; if (len 1 || len 8) goto out; @@ -287,9 +298,18 @@ error = 0; break; case KLOG_GET_UNREAD: + security_syslog_or_fail(LSM_KLOG_READ); error = log_end - log_start; break; --- ~Randy - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: Linux 2.6.20-rc1
Alistair John Strachan wrote: I bisected all the way down to 0e75f9063f5c55fb0b0b546a7c356f8ec186825e, which git reckons is the culprit. I wasn't able to revert this commit to test, because it has conflicts. Any ideas? That would be this one I assume? [PATCH] block: support larger block pc requests author Mike Christie [EMAIL PROTECTED] Fri, 1 Dec 2006 09:40:55 + (10:40 +0100) committer Jens Axboe [EMAIL PROTECTED] Fri, 1 Dec 2006 09:40:55 + (10:40 +0100) commit 0e75f9063f5c55fb0b0b546a7c356f8ec186825e treedb138f641175403546c2147def4b405f3ff453a8 parent ad2d7225709b11da47e092634cbdf0591829ae9c [PATCH] block: support larger block pc requests This patch modifies blk_rq_map/unmap_user() and the cdrom and scsi_ioctl.c users so that it supports requests larger than bio by chaining them together. Signed-off-by: Mike Christie [EMAIL PROTECTED] Signed-off-by: Jens Axboe [EMAIL PROTECTED] -- Robert Hancock Saskatoon, SK, Canada To email, remove nospam from [EMAIL PROTECTED] Home Page: http://www.roberthancock.com/ - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Problem in EHCI 2.6.15
Hi all, I am working on a ARM based SOV and i am tryig to add glue logic for EHCI controller. But i am facing some problem. I want to know ,are there any known problem in 2.6.15? Thanks Ashwini - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [patch 2/4] permission mapping for sys_syslog operations
On 12/14/06, Randy Dunlap [EMAIL PROTECTED] wrote: +#define security_syslog_or_fail(type) do { \ + int error = security_syslog(type); \ + if (error) \ + return error; \ + } while (0) + From Documentation/CodingStyle: Things to avoid when using macros: 1) macros that affect control flow: ... It says avoid, not never use. If you can think of another way to code this function that won't completely obscure the actual operations with the security checks, I will be happy to change it. zw - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [patch 1/4] Add linux/klog.h
On 12/14/06, Randy Dunlap [EMAIL PROTECTED] wrote: - (void) do_syslog(0,NULL,0); + (void) do_syslog(KLOG_CLOSE,NULL,0); Please use a space after the commas (even though you just left it as it already was). Will change for the next revision. zw - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [patch 00/24] -stable review
patch roll-up is available at: http://www.kernel.org/pub/linux/kernel/people/chrisw/stable/patch-2.6.18.6-rc1.{gz,bz2} once mirroring has completed. thanks, -chris - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 10/24] SUNHME: Fix for sunhme failures on x86
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Jurij Smakov [EMAIL PROTECTED] The following patch fixes the failure of sunhme drivers on x86 hosts due to missing pci_enable_device() and pci_set_master() calls, lost during code refactoring. It has been filed as bugzilla bug #7502 [0] and Debian bug #397460 [1]. [0] http://bugzilla.kernel.org/show_bug.cgi?id=7502 [1] http://bugs.debian.org/397460 Signed-off-by: Jurij Smakov [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- drivers/net/sunhme.c |5 + 1 file changed, 5 insertions(+) --- linux-2.6.18.5.orig/drivers/net/sunhme.c +++ linux-2.6.18.5/drivers/net/sunhme.c @@ -3012,6 +3012,11 @@ static int __devinit happy_meal_pci_prob #endif err = -ENODEV; + + if (pci_enable_device(pdev)) + goto err_out; + pci_set_master(pdev); + if (!strcmp(prom_name, SUNW,qfe) || !strcmp(prom_name, qfe)) { qp = quattro_pci_find(pdev); if (qp == NULL) -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 01/24] softmac: remove netif_tx_disable when scanning
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Michael Buesch [EMAIL PROTECTED] In the scan section of ieee80211softmac, network transmits are disabled. When SoftMAC re-enables transmits, it may override the wishes of a driver that may have very good reasons for disabling transmits. At least one failure in bcm43xx can be traced to this problem. In addition, several unexplained problems may arise from the unexpected enabling of transmits. Signed-off-by: Michael Buesch [EMAIL PROTECTED] Signed-off-by: Larry Finger [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- net/ieee80211/softmac/ieee80211softmac_scan.c |2 -- 1 file changed, 2 deletions(-) --- linux-2.6.18.5.orig/net/ieee80211/softmac/ieee80211softmac_scan.c +++ linux-2.6.18.5/net/ieee80211/softmac/ieee80211softmac_scan.c @@ -47,7 +47,6 @@ ieee80211softmac_start_scan(struct ieee8 sm-scanning = 1; spin_unlock_irqrestore(sm-lock, flags); - netif_tx_disable(sm-ieee-dev); ret = sm-start_scan(sm-dev); if (ret) { spin_lock_irqsave(sm-lock, flags); @@ -248,7 +247,6 @@ void ieee80211softmac_scan_finished(stru if (net) sm-set_channel(sm-dev, net-channel); } - netif_wake_queue(sm-ieee-dev); ieee80211softmac_call_events(sm, IEEE80211SOFTMAC_EVENT_SCAN_FINISHED, NULL); } EXPORT_SYMBOL_GPL(ieee80211softmac_scan_finished); -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 12/24] dm snapshot: fix freeing pending exception
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Milan Broz [EMAIL PROTECTED] Fix oops when removing full snapshot kernel bugzilla bug 7040 If a snapshot became invalid (full) while there is outstanding pending_exception, pending_complete() forgets to remove the corresponding exception from its exception table before freeing it. Already fixed in 2.6.19. Signed-off-by: Milan Broz [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- drivers/md/dm-snap.c |1 + 1 file changed, 1 insertion(+) --- linux-2.6.18.5.orig/drivers/md/dm-snap.c +++ linux-2.6.18.5/drivers/md/dm-snap.c @@ -691,6 +691,7 @@ static void pending_complete(struct pend free_exception(e); + remove_exception(pe-e); error_snapshot_bios(pe); goto out; } -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 00/24] -stable review
This is the start of the stable review cycle for the 2.6.18.6 release. There are 24 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let us know. If anyone is a maintainer of the proper subsystem, and wants to add a Signed-off-by: line to the patch, please respond with it. These patches are sent out with a number of different people on the Cc: line. If you wish to be a reviewer, please email [EMAIL PROTECTED] to add your name to the list. If you want to be off the reviewer list, also email us. Responses should be made by Sun Dec 17 01:30 UTC. Anything received after that time might be too late. thanks, the -stable release team -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 07/24] dm crypt: Fix data corruption with dm-crypt over RAID5
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Christophe Saout [EMAIL PROTECTED] Fix corruption issue with dm-crypt on top of software raid5. Cancelled readahead bio's that report no error, just have BIO_UPTODATE cleared were reported as successful reads to the higher layers (and leaving random content in the buffer cache). Already fixed in 2.6.19. Signed-off-by: Christophe Saout [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- drivers/md/dm-crypt.c |6 -- 1 file changed, 4 insertions(+), 2 deletions(-) --- linux-2.6.18.5.orig/drivers/md/dm-crypt.c +++ linux-2.6.18.5/drivers/md/dm-crypt.c @@ -717,13 +717,15 @@ static int crypt_endio(struct bio *bio, if (bio-bi_size) return 1; + if (!bio_flagged(bio, BIO_UPTODATE) !error) + error = -EIO; + bio_put(bio); /* * successful reads are decrypted by the worker thread */ - if ((bio_data_dir(bio) == READ) -bio_flagged(bio, BIO_UPTODATE)) { + if (bio_data_dir(io-bio) == READ !error) { kcryptd_queue_io(io); return 0; } -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 15/24] bonding: incorrect bonding state reported via ioctl
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Andy Gospodarek [EMAIL PROTECTED] This is a small fix-up to finish out the work done by Jay Vosburgh to add carrier-state support for bonding devices. The output in /proc/net/bonding/bondX was correct, but when collecting the same info via an iotcl it could still be incorrect. Signed-off-by: Andy Gospodarek [EMAIL PROTECTED] Cc: Jeff Garzik [EMAIL PROTECTED] Cc: Stephen Hemminger [EMAIL PROTECTED] Signed-off-by: Andrew Morton [EMAIL PROTECTED] Signed-off-by: Jeff Garzik [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- drivers/net/bonding/bond_main.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- linux-2.6.18.5.orig/drivers/net/bonding/bond_main.c +++ linux-2.6.18.5/drivers/net/bonding/bond_main.c @@ -3547,7 +3547,7 @@ static int bond_do_ioctl(struct net_devi mii-val_out = 0; read_lock_bh(bond-lock); read_lock(bond-curr_slave_lock); - if (bond-curr_active_slave) { + if (netif_carrier_ok(bond-dev)) { mii-val_out = BMSR_LSTATUS; } read_unlock(bond-curr_slave_lock); -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 22/24] m32r: make userspace headers platform-independent
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Hirokazu Takata [EMAIL PROTECTED] The m32r kernel 2.6.18-rc1 or after cause build errors of unknown isa configuration for userspace application programs, such as glibc, gdb, etc. This is because the recent kernel do not include linux/config.h not to expose kernel headers for userspace. To fix the above compile errors, this patch fixes two headers ptrace.h and sigcontext.h for m32r and makes them platform-independent. Signed-off-by: Hirokazu Takata [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Signed-off-by: Andrew Morton [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- arch/m32r/kernel/entry.S | 65 ++ include/asm-m32r/ptrace.h | 28 ++ include/asm-m32r/sigcontext.h | 13 +--- 3 files changed, 35 insertions(+), 71 deletions(-) --- linux-2.6.18.5.orig/arch/m32r/kernel/entry.S +++ linux-2.6.18.5/arch/m32r/kernel/entry.S @@ -23,35 +23,35 @@ * updated in fork.c:copy_thread, signal.c:do_signal, * ptrace.c and ptrace.h * - * M32Rx/M32R2 M32R - * @(sp) - r4 ditto - * @(0x04,sp) - r5 ditto - * @(0x08,sp) - r6 ditto - * @(0x0c,sp) - *pt_regs ditto - * @(0x10,sp) - r0 ditto - * @(0x14,sp) - r1 ditto - * @(0x18,sp) - r2 ditto - * @(0x1c,sp) - r3 ditto - * @(0x20,sp) - r7 ditto - * @(0x24,sp) - r8 ditto - * @(0x28,sp) - r9 ditto - * @(0x2c,sp) - r10 ditto - * @(0x30,sp) - r11 ditto - * @(0x34,sp) - r12 ditto - * @(0x38,sp) - syscall_nr ditto - * @(0x3c,sp) - acc0h@(0x3c,sp) - acch - * @(0x40,sp) - acc0l@(0x40,sp) - accl - * @(0x44,sp) - acc1h@(0x44,sp) - dummy_acc1h - * @(0x48,sp) - acc1l@(0x48,sp) - dummy_acc1l - * @(0x4c,sp) - psw ditto - * @(0x50,sp) - bpc ditto - * @(0x54,sp) - bbpswditto - * @(0x58,sp) - bbpc ditto - * @(0x5c,sp) - spu (cr3)ditto - * @(0x60,sp) - fp (r13) ditto - * @(0x64,sp) - lr (r14) ditto - * @(0x68,sp) - spi (cr2)ditto - * @(0x6c,sp) - orig_r0 ditto + * M32R/M32Rx/M32R2 + * @(sp) - r4 + * @(0x04,sp) - r5 + * @(0x08,sp) - r6 + * @(0x0c,sp) - *pt_regs + * @(0x10,sp) - r0 + * @(0x14,sp) - r1 + * @(0x18,sp) - r2 + * @(0x1c,sp) - r3 + * @(0x20,sp) - r7 + * @(0x24,sp) - r8 + * @(0x28,sp) - r9 + * @(0x2c,sp) - r10 + * @(0x30,sp) - r11 + * @(0x34,sp) - r12 + * @(0x38,sp) - syscall_nr + * @(0x3c,sp) - acc0h + * @(0x40,sp) - acc0l + * @(0x44,sp) - acc1h; ISA_DSP_LEVEL2 only + * @(0x48,sp) - acc1l; ISA_DSP_LEVEL2 only + * @(0x4c,sp) - psw + * @(0x50,sp) - bpc + * @(0x54,sp) - bbpsw + * @(0x58,sp) - bbpc + * @(0x5c,sp) - spu (cr3) + * @(0x60,sp) - fp (r13) + * @(0x64,sp) - lr (r14) + * @(0x68,sp) - spi (cr2) + * @(0x6c,sp) - orig_r0 */ #include linux/linkage.h @@ -95,17 +95,10 @@ #define R11(reg) @(0x30,reg) #define R12(reg) @(0x34,reg) #define SYSCALL_NR(reg)@(0x38,reg) -#if defined(CONFIG_ISA_M32R2) defined(CONFIG_ISA_DSP_LEVEL2) #define ACC0H(reg) @(0x3C,reg) #define ACC0L(reg) @(0x40,reg) #define ACC1H(reg) @(0x44,reg) #define ACC1L(reg) @(0x48,reg) -#elif defined(CONFIG_ISA_M32R2) || defined(CONFIG_ISA_M32R) -#define ACCH(reg) @(0x3C,reg) -#define ACCL(reg) @(0x40,reg) -#else -#error unknown isa configuration -#endif #define PSW(reg) @(0x4C,reg) #define BPC(reg) @(0x50,reg) #define BBPSW(reg) @(0x54,reg) --- linux-2.6.18.5.orig/include/asm-m32r/ptrace.h +++ linux-2.6.18.5/include/asm-m32r/ptrace.h @@ -33,21 +33,10 @@ #define PT_R15 PT_SP /* processor status and miscellaneous context registers. */ -#if defined(CONFIG_ISA_M32R2) defined(CONFIG_ISA_DSP_LEVEL2) #define PT_ACC0H 15 #define PT_ACC0L 16 -#define PT_ACC1H 17 -#define PT_ACC1L 18 -#define PT_ACCHPT_ACC0H -#define PT_ACCLPT_ACC0L -#elif defined(CONFIG_ISA_M32R2) || defined(CONFIG_ISA_M32R) -#define PT_ACCH15 -#define PT_ACCL16 -#define PT_DUMMY_ACC1H 17 -#define PT_DUMMY_ACC1L 18 -#else -#error unknown isa conifiguration -#endif +#define PT_ACC1H 17 /* ISA_DSP_LEVEL2 only */ +#define PT_ACC1L 18 /*
[patch 13/24] IPSEC: Fix inetpeer leak in ipv4 xfrm dst entries.
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: David Miller [EMAIL PROTECTED] We grab a reference to the route's inetpeer entry but forget to release it in xfrm4_dst_destroy(). Bug discovered by Kazunori MIYAZAWA [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- commit 26db167702756d0022f8ea5f1f30cad3018cfe31 Author: David S. Miller [EMAIL PROTECTED] Date: Wed Dec 6 23:45:15 2006 -0800 net/ipv4/xfrm4_policy.c |2 ++ 1 file changed, 2 insertions(+) --- linux-2.6.18.5.orig/net/ipv4/xfrm4_policy.c +++ linux-2.6.18.5/net/ipv4/xfrm4_policy.c @@ -252,6 +252,8 @@ static void xfrm4_dst_destroy(struct dst if (likely(xdst-u.rt.idev)) in_dev_put(xdst-u.rt.idev); + if (likely(xdst-u.rt.peer)) + inet_putpeer(xdst-u.rt.peer); xfrm_dst_destroy(xdst); } -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: Linux 2.6.20-rc1
On Friday 15 December 2006 00:48, Alistair John Strachan wrote: On Thursday 14 December 2006 21:20, Jens Axboe wrote: On Thu, Dec 14 2006, Alistair John Strachan wrote: Hi Jens, On Thursday 14 December 2006 20:48, Jens Axboe wrote: On Thu, Dec 14 2006, Jens Axboe wrote: I'll do that if nobody comes up with anything obvious. If you can just test 2.6.19-git1, then we'll know if it's the SG_IO patch again. Actually, you should test 2.6.19-git1 with this patch applied as well. 2.6.19-git1 with FUJITA Tomonori's bio-leak fix doesn't break, and hddtemp continues to work fine: [root] 21:10 [~] hddtemp /dev/sda /dev/sdb /dev/sdc /dev/sdd /dev/sda: WDC WD2500KS-00MJB0: 29°C /dev/sdb: WDC WD2500KS-00MJB0: 27°C /dev/sdc: Maxtor 6B200M0: 28°C /dev/sdd: Maxtor 6B200M0: 26°C I've added the strace results to the URL previously posted, with the config. Then it is likely the sata updates, SG_IO is off the hook. I bisected all the way down to 0e75f9063f5c55fb0b0b546a7c356f8ec186825e, which git reckons is the culprit. I wasn't able to revert this commit to test, because it has conflicts. Whatever the change is, it's subtle. I don't see the problem in git1+patch, but I know this kernel _includes_ this changeset. In total isolation, v2.6.19..0e75f9063f5c55fb0b0b546a7c356f8ec186825e it breaks. Reverting just 0e75f9063f5c55fb0b0b546a7c356f8ec186825e, it works again. So I think this is the source, but I can't explain why it goes away before git1 and comes back before 2.6.20-rc1. -- Cheers, Alistair. Final year Computer Science undergraduate. 1F2 55 South Clerk Street, Edinburgh, UK. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 19/24] ARM: Add sys_*at syscalls
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Russell King [EMAIL PROTECTED] Later glibc requires the *at syscalls. Add them. Signed-off-by: Russell King [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- arch/arm/kernel/calls.S | 13 + include/asm-arm/unistd.h | 13 + 2 files changed, 26 insertions(+) bca0b8e75f6b7cf52cf52c967286b72d84f9b37e --- linux-2.6.18.5.orig/arch/arm/kernel/calls.S +++ linux-2.6.18.5/arch/arm/kernel/calls.S @@ -331,6 +331,19 @@ CALL(sys_mbind) /* 320 */ CALL(sys_get_mempolicy) CALL(sys_set_mempolicy) + CALL(sys_openat) + CALL(sys_mkdirat) + CALL(sys_mknodat) +/* 325 */ CALL(sys_fchownat) + CALL(sys_futimesat) + CALL(sys_fstatat64) + CALL(sys_unlinkat) + CALL(sys_renameat) +/* 330 */ CALL(sys_linkat) + CALL(sys_symlinkat) + CALL(sys_readlinkat) + CALL(sys_fchmodat) + CALL(sys_faccessat) #ifndef syscalls_counted .equ syscalls_padding, ((NR_syscalls + 3) ~3) - NR_syscalls #define syscalls_counted --- linux-2.6.18.5.orig/include/asm-arm/unistd.h +++ linux-2.6.18.5/include/asm-arm/unistd.h @@ -347,6 +347,19 @@ #define __NR_mbind (__NR_SYSCALL_BASE+319) #define __NR_get_mempolicy (__NR_SYSCALL_BASE+320) #define __NR_set_mempolicy (__NR_SYSCALL_BASE+321) +#define __NR_openat(__NR_SYSCALL_BASE+322) +#define __NR_mkdirat (__NR_SYSCALL_BASE+323) +#define __NR_mknodat (__NR_SYSCALL_BASE+324) +#define __NR_fchownat (__NR_SYSCALL_BASE+325) +#define __NR_futimesat (__NR_SYSCALL_BASE+326) +#define __NR_fstatat64 (__NR_SYSCALL_BASE+327) +#define __NR_unlinkat (__NR_SYSCALL_BASE+328) +#define __NR_renameat (__NR_SYSCALL_BASE+329) +#define __NR_linkat(__NR_SYSCALL_BASE+330) +#define __NR_symlinkat (__NR_SYSCALL_BASE+331) +#define __NR_readlinkat(__NR_SYSCALL_BASE+332) +#define __NR_fchmodat (__NR_SYSCALL_BASE+333) +#define __NR_faccessat (__NR_SYSCALL_BASE+334) /* * The following SWIs are ARM private. -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 16/24] DVB: lgdt330x: fix signal / lock status detection bug
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Michael Krufky [EMAIL PROTECTED] In some cases when using VSB, the AGC status register has been known to falsely report no signal when in fact there is a carrier lock. The datasheet labels these status flags as QAM only, yet the lgdt330x module is using these flags for both QAM and VSB. This patch allows for the carrier recovery lock status register to be tested, even if the agc signal status register falsely reports no signal. Thanks to jcrews from #linuxtv in irc, for initially reporting this bug. Signed-off-by: Michael Krufky [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- drivers/media/dvb/frontends/lgdt330x.c |6 -- 1 file changed, 6 deletions(-) --- linux-2.6.18.5.orig/drivers/media/dvb/frontends/lgdt330x.c +++ linux-2.6.18.5/drivers/media/dvb/frontends/lgdt330x.c @@ -435,9 +435,6 @@ static int lgdt3302_read_status(struct d /* Test signal does not exist flag */ /* as well as the AGC lock flag. */ *status |= FE_HAS_SIGNAL; - } else { - /* Without a signal all other status bits are meaningless */ - return 0; } /* @@ -500,9 +497,6 @@ static int lgdt3303_read_status(struct d /* Test input signal does not exist flag */ /* as well as the AGC lock flag. */ *status |= FE_HAS_SIGNAL; - } else { - /* Without a signal all other status bits are meaningless */ - return 0; } /* Carrier Recovery Lock Status Register */ -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 02/24] EBTABLES: Fix wraparounds in ebt_entries verification.
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Al Viro [EMAIL PROTECTED] We need to verify that a) we are not too close to the end of buffer to dereference b) next entry we'll be checking won't be _before_ our While we are at it, don't subtract unrelated pointers... Signed-off-by: Al Viro [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- net/bridge/netfilter/ebtables.c | 23 --- 1 file changed, 16 insertions(+), 7 deletions(-) --- linux-2.6.18.5.orig/net/bridge/netfilter/ebtables.c +++ linux-2.6.18.5/net/bridge/netfilter/ebtables.c @@ -423,13 +423,17 @@ ebt_check_entry_size_and_hooks(struct eb struct ebt_entries **hook_entries, unsigned int *n, unsigned int *cnt, unsigned int *totalcnt, unsigned int *udc_cnt, unsigned int valid_hooks) { + unsigned int offset = (char *)e - newinfo-entries; + size_t left = (limit - base) - offset; int i; + if (left sizeof(unsigned int)) + goto Esmall; + for (i = 0; i NF_BR_NUMHOOKS; i++) { if ((valid_hooks (1 i)) == 0) continue; - if ( (char *)hook_entries[i] - base == - (char *)e - newinfo-entries) + if ((char *)hook_entries[i] == base + offset) break; } /* beginning of a new chain @@ -450,11 +454,8 @@ ebt_check_entry_size_and_hooks(struct eb return -EINVAL; } /* before we look at the struct, be sure it is not too big */ - if ((char *)hook_entries[i] + sizeof(struct ebt_entries) - limit) { - BUGPRINT(entries_size too small\n); - return -EINVAL; - } + if (left sizeof(struct ebt_entries)) + goto Esmall; if (((struct ebt_entries *)e)-policy != EBT_DROP ((struct ebt_entries *)e)-policy != EBT_ACCEPT) { /* only RETURN from udc */ @@ -477,6 +478,8 @@ ebt_check_entry_size_and_hooks(struct eb return 0; } /* a plain old entry, heh */ + if (left sizeof(struct ebt_entry)) + goto Esmall; if (sizeof(struct ebt_entry) e-watchers_offset || e-watchers_offset e-target_offset || e-target_offset = e-next_offset) { @@ -488,10 +491,16 @@ ebt_check_entry_size_and_hooks(struct eb BUGPRINT(target size too small\n); return -EINVAL; } + if (left e-next_offset) + goto Esmall; (*cnt)++; (*totalcnt)++; return 0; + +Esmall: + BUGPRINT(entries_size too small\n); + return -EINVAL; } struct ebt_cl_stack -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 17/24] V4L: Fix broken TUNER_LG_NTSC_TAPE radio support
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Hans Verkuil [EMAIL PROTECTED] The TUNER_LG_NTSC_TAPE is identical in all respects to the TUNER_PHILIPS_FM1236_MK3. So use the params struct for the Philips tuner. Also add this LG_NTSC_TAPE tuner to the switches where radio specific parameters are set so it behaves like a TUNER_PHILIPS_FM1236_MK3. This change fixes the radio support for this tuner (the wrong bandswitch byte was used). Thanks to Andy Walls [EMAIL PROTECTED] for finding this bug. Signed-off-by: Hans Verkuil [EMAIL PROTECTED] Signed-off-by: Mauro Carvalho Chehab [EMAIL PROTECTED] Signed-off-by: Michael Krufky [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- drivers/media/video/tuner-simple.c |2 ++ drivers/media/video/tuner-types.c | 14 ++ 2 files changed, 4 insertions(+), 12 deletions(-) --- linux-2.6.18.5.orig/drivers/media/video/tuner-simple.c +++ linux-2.6.18.5/drivers/media/video/tuner-simple.c @@ -108,6 +108,7 @@ static int tuner_stereo(struct i2c_clien case TUNER_PHILIPS_FM1216ME_MK3: case TUNER_PHILIPS_FM1236_MK3: case TUNER_PHILIPS_FM1256_IH3: + case TUNER_LG_NTSC_TAPE: stereo = ((status TUNER_SIGNAL) == TUNER_STEREO_MK3); break; default: @@ -419,6 +420,7 @@ static void default_set_radio_freq(struc case TUNER_PHILIPS_FM1216ME_MK3: case TUNER_PHILIPS_FM1236_MK3: case TUNER_PHILIPS_FMD1216ME_MK3: + case TUNER_LG_NTSC_TAPE: buffer[3] = 0x19; break; case TUNER_TNF_5335MF: --- linux-2.6.18.5.orig/drivers/media/video/tuner-types.c +++ linux-2.6.18.5/drivers/media/video/tuner-types.c @@ -671,16 +671,6 @@ static struct tuner_params tuner_panason }, }; -/* TUNER_LG_NTSC_TAPE - LGINNOTEK NTSC */ - -static struct tuner_params tuner_lg_ntsc_tape_params[] = { - { - .type = TUNER_PARAM_TYPE_NTSC, - .ranges = tuner_fm1236_mk3_ntsc_ranges, - .count = ARRAY_SIZE(tuner_fm1236_mk3_ntsc_ranges), - }, -}; - /* TUNER_TNF_8831BGFF - Philips PAL */ static struct tuner_range tuner_tnf_8831bgff_pal_ranges[] = { @@ -1331,8 +1321,8 @@ struct tunertype tuners[] = { }, [TUNER_LG_NTSC_TAPE] = { /* LGINNOTEK NTSC */ .name = LG NTSC (TAPE series), - .params = tuner_lg_ntsc_tape_params, - .count = ARRAY_SIZE(tuner_lg_ntsc_tape_params), + .params = tuner_fm1236_mk3_params, + .count = ARRAY_SIZE(tuner_fm1236_mk3_params), }, [TUNER_TNF_8831BGFF] = { /* Philips PAL */ .name = Tenna TNF 8831 BGFF), -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 24/24] Bluetooth: Add packet size checks for CAPI messages (CVE-2006-6106)
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Marcel Holtmann [EMAIL PROTECTED] With malformed packets it might be possible to overwrite internal CMTP and CAPI data structures. This patch adds additional length checks to prevent these kinds of remote attacks. Signed-off-by: Marcel Holtmann [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- net/bluetooth/cmtp/capi.c | 39 +-- 1 file changed, 33 insertions(+), 6 deletions(-) --- linux-2.6.18.5.orig/net/bluetooth/cmtp/capi.c +++ linux-2.6.18.5/net/bluetooth/cmtp/capi.c @@ -196,6 +196,9 @@ static void cmtp_recv_interopmsg(struct switch (CAPIMSG_SUBCOMMAND(skb-data)) { case CAPI_CONF: + if (skb-len CAPI_MSG_BASELEN + 10) + break; + func = CAPIMSG_U16(skb-data, CAPI_MSG_BASELEN + 5); info = CAPIMSG_U16(skb-data, CAPI_MSG_BASELEN + 8); @@ -226,6 +229,9 @@ static void cmtp_recv_interopmsg(struct break; case CAPI_FUNCTION_GET_PROFILE: + if (skb-len CAPI_MSG_BASELEN + 11 + sizeof(capi_profile)) + break; + controller = CAPIMSG_U16(skb-data, CAPI_MSG_BASELEN + 11); msgnum = CAPIMSG_MSGID(skb-data); @@ -246,17 +252,26 @@ static void cmtp_recv_interopmsg(struct break; case CAPI_FUNCTION_GET_MANUFACTURER: + if (skb-len CAPI_MSG_BASELEN + 15) + break; + controller = CAPIMSG_U32(skb-data, CAPI_MSG_BASELEN + 10); if (!info ctrl) { + int len = min_t(uint, CAPI_MANUFACTURER_LEN, + skb-data[CAPI_MSG_BASELEN + 14]); + + memset(ctrl-manu, 0, CAPI_MANUFACTURER_LEN); strncpy(ctrl-manu, - skb-data + CAPI_MSG_BASELEN + 15, - skb-data[CAPI_MSG_BASELEN + 14]); + skb-data + CAPI_MSG_BASELEN + 15, len); } break; case CAPI_FUNCTION_GET_VERSION: + if (skb-len CAPI_MSG_BASELEN + 32) + break; + controller = CAPIMSG_U32(skb-data, CAPI_MSG_BASELEN + 12); if (!info ctrl) { @@ -269,13 +284,18 @@ static void cmtp_recv_interopmsg(struct break; case CAPI_FUNCTION_GET_SERIAL_NUMBER: + if (skb-len CAPI_MSG_BASELEN + 17) + break; + controller = CAPIMSG_U32(skb-data, CAPI_MSG_BASELEN + 12); if (!info ctrl) { + int len = min_t(uint, CAPI_SERIAL_LEN, + skb-data[CAPI_MSG_BASELEN + 16]); + memset(ctrl-serial, 0, CAPI_SERIAL_LEN); strncpy(ctrl-serial, - skb-data + CAPI_MSG_BASELEN + 17, - skb-data[CAPI_MSG_BASELEN + 16]); + skb-data + CAPI_MSG_BASELEN + 17, len); } break; @@ -284,14 +304,18 @@ static void cmtp_recv_interopmsg(struct break; case CAPI_IND: + if (skb-len CAPI_MSG_BASELEN + 6) + break; + func = CAPIMSG_U16(skb-data, CAPI_MSG_BASELEN + 3); if (func == CAPI_FUNCTION_LOOPBACK) { + int len = min_t(uint, skb-len - CAPI_MSG_BASELEN - 6, + skb-data[CAPI_MSG_BASELEN + 5]); appl = CAPIMSG_APPID(skb-data); msgnum = CAPIMSG_MSGID(skb-data); cmtp_send_interopmsg(session, CAPI_RESP, appl, msgnum, func, - skb-data + CAPI_MSG_BASELEN + 6, - skb-data[CAPI_MSG_BASELEN + 5]); + skb-data + CAPI_MSG_BASELEN + 6, len); } break; @@ -309,6 +333,9 @@ void cmtp_recv_capimsg(struct cmtp_sessi BT_DBG(session %p skb %p len %d, session, skb, skb-len); + if (skb-len CAPI_MSG_BASELEN) + return; + if (CAPIMSG_COMMAND(skb-data) == CAPI_INTEROPERABILITY) { cmtp_recv_interopmsg(session, skb); return; -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a
[patch 03/24] EBTABLES: Verify that ebt_entries have zero -distinguisher.
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Al Viro [EMAIL PROTECTED] We need that for iterator to work; existing check had been too weak. Signed-off-by: Al Viro [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- net/bridge/netfilter/ebtables.c | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) --- linux-2.6.18.5.orig/net/bridge/netfilter/ebtables.c +++ linux-2.6.18.5/net/bridge/netfilter/ebtables.c @@ -439,7 +439,7 @@ ebt_check_entry_size_and_hooks(struct eb /* beginning of a new chain if i == NF_BR_NUMHOOKS it must be a user defined chain */ if (i != NF_BR_NUMHOOKS || !(e-bitmask EBT_ENTRY_OR_ENTRIES)) { - if ((e-bitmask EBT_ENTRY_OR_ENTRIES) != 0) { + if (e-bitmask != 0) { /* we make userspace set this right, so there is no misunderstanding */ BUGPRINT(EBT_ENTRY_OR_ENTRIES shouldn't be set @@ -522,7 +522,7 @@ ebt_get_udc_positions(struct ebt_entry * int i; /* we're only interested in chain starts */ - if (e-bitmask EBT_ENTRY_OR_ENTRIES) + if (e-bitmask) return 0; for (i = 0; i NF_BR_NUMHOOKS; i++) { if ((valid_hooks (1 i)) == 0) @@ -572,7 +572,7 @@ ebt_cleanup_entry(struct ebt_entry *e, u { struct ebt_entry_target *t; - if ((e-bitmask EBT_ENTRY_OR_ENTRIES) == 0) + if (e-bitmask == 0) return 0; /* we're done */ if (cnt (*cnt)-- == 0) @@ -598,7 +598,7 @@ ebt_check_entry(struct ebt_entry *e, str int ret; /* don't mess with the struct ebt_entries */ - if ((e-bitmask EBT_ENTRY_OR_ENTRIES) == 0) + if (e-bitmask == 0) return 0; if (e-bitmask ~EBT_F_MASK) { @@ -1316,7 +1316,7 @@ static inline int ebt_make_names(struct char *hlp; struct ebt_entry_target *t; - if ((e-bitmask EBT_ENTRY_OR_ENTRIES) == 0) + if (e-bitmask == 0) return 0; hlp = ubase - base + (char *)e + e-target_offset; -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 23/24] forcedeth: Disable INTx when enabling MSI in forcedeth
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Daniel Barkalow [EMAIL PROTECTED] At least some nforce cards continue to send legacy interrupts when MSI is enabled, and these interrupts are treated as unhandled by the kernel. This patch disables legacy interrupts explicitly when enabling MSI mode. The correct fix is to change the MSI infrastructure to disable legacy interrupts when enabling MSI, but this is potentially risky if the device isn't PCI-2.3 or is quirky, so the correct fix is going into mainline, while patches like this one go into -stable. Legend has it that it is most correct to disable legacy interrupts before enabling MSI, but the mainline patch does it in the other order, and this patch is obviously the same as mainline. Signed-off-by: Daniel Barkalow [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- The general patch got into mainline last night, and this patch is clearly the same as that one, limited to the case of forcedeth (the pci_intx() calls are lifted from {enable,disable}_msi_mode to all of the indirect callers in forcedeth). drivers/net/forcedeth.c |3 +++ 1 file changed, 3 insertions(+) --- linux-2.6.18.5.orig/drivers/net/forcedeth.c +++ linux-2.6.18.5/drivers/net/forcedeth.c @@ -2692,11 +2692,13 @@ static int nv_request_irq(struct net_dev } if (ret != 0 np-msi_flags NV_MSI_CAPABLE) { if ((ret = pci_enable_msi(np-pci_dev)) == 0) { + pci_intx(np-pci_dev, 0); np-msi_flags |= NV_MSI_ENABLED; if ((!intr_test request_irq(np-pci_dev-irq, nv_nic_irq, IRQF_SHARED, dev-name, dev) != 0) || (intr_test request_irq(np-pci_dev-irq, nv_nic_irq_test, IRQF_SHARED, dev-name, dev) != 0)) { printk(KERN_INFO forcedeth: request_irq failed %d\n, ret); pci_disable_msi(np-pci_dev); + pci_intx(np-pci_dev, 1); np-msi_flags = ~NV_MSI_ENABLED; goto out_err; } @@ -2739,6 +2741,7 @@ static void nv_free_irq(struct net_devic free_irq(np-pci_dev-irq, dev); if (np-msi_flags NV_MSI_ENABLED) { pci_disable_msi(np-pci_dev); + pci_intx(np-pci_dev, 1); np-msi_flags = ~NV_MSI_ENABLED; } } -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 18/24] ieee1394: ohci1394: add PPC_PMAC platform code to driver probe
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Stefan Richter [EMAIL PROTECTED] Fixes http://bugzilla.kernel.org/show_bug.cgi?id=7431 iBook G3 threw a machine check exception and put the display backlight to full brightness after ohci1394 was unloaded and reloaded. Signed-off-by: Stefan Richter [EMAIL PROTECTED] [EMAIL PROTECTED]: also added missing if condition, commit 63cca59e89892497e95e1e9c7156d3345fb7e2e8] Signed-off-by: Daniel Drake [EMAIL PROTECTED] Acked-by: Stefan Richter [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- It fixes a kernel oops which occurs when the ohci1394 driver is reloaded on PPC http://bugs.gentoo.org/154851 drivers/ieee1394/ohci1394.c | 21 - 1 file changed, 16 insertions(+), 5 deletions(-) --- linux-2.6.18.5.orig/drivers/ieee1394/ohci1394.c +++ linux-2.6.18.5/drivers/ieee1394/ohci1394.c @@ -3218,6 +3218,19 @@ static int __devinit ohci1394_pci_probe( struct ti_ohci *ohci; /* shortcut to currently handled device */ resource_size_t ohci_base; +#ifdef CONFIG_PPC_PMAC + /* Necessary on some machines if ohci1394 was loaded/ unloaded before */ + if (machine_is(powermac)) { + struct device_node *of_node = pci_device_to_OF_node(dev); + + if (of_node) { + pmac_call_feature(PMAC_FTR_1394_CABLE_POWER, of_node, + 0, 1); + pmac_call_feature(PMAC_FTR_1394_ENABLE, of_node, 0, 1); + } + } +#endif /* CONFIG_PPC_PMAC */ + if (pci_enable_device(dev)) FAIL(-ENXIO, Failed to enable OHCI hardware); pci_set_master(dev); @@ -3506,11 +3519,9 @@ static void ohci1394_pci_remove(struct p #endif #ifdef CONFIG_PPC_PMAC - /* On UniNorth, power down the cable and turn off the chip -* clock when the module is removed to save power on -* laptops. Turning it back ON is done by the arch code when -* pci_enable_device() is called */ - { + /* On UniNorth, power down the cable and turn off the chip clock +* to save power on laptops */ + if (machine_is(powermac)) { struct device_node* of_node; of_node = pci_device_to_OF_node(ohci-dev); -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 06/24] NET_SCHED: policer: restore compatibility with old iproute binaries
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Patrick McHardy [EMAIL PROTECTED] The tc actions increased the size of struct tc_police, which broke compatibility with old iproute binaries since both the act_police and the old NET_CLS_POLICE code check for an exact size match. Since the new members are not even used, the simple fix is to also accept the size of the old structure. Dumping is not affected since old userspace will receive a bigger structure, which is handled fine. Signed-off-by: Patrick McHardy [EMAIL PROTECTED] Acked-by: Jamal Hadi Salim [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- net/sched/act_police.c | 26 ++ 1 file changed, 22 insertions(+), 4 deletions(-) --- linux-2.6.18.5.orig/net/sched/act_police.c +++ linux-2.6.18.5/net/sched/act_police.c @@ -44,6 +44,18 @@ static struct tcf_police *tcf_police_ht[ /* Policer hash table lock */ static DEFINE_RWLOCK(police_lock); +/* old policer structure from before tc actions */ +struct tc_police_compat +{ + u32 index; + int action; + u32 limit; + u32 burst; + u32 mtu; + struct tc_ratespec rate; + struct tc_ratespec peakrate; +}; + /* Each policer is serialized by its individual spinlock */ static __inline__ unsigned tcf_police_hash(u32 index) @@ -169,12 +181,15 @@ static int tcf_act_police_locate(struct struct tc_police *parm; struct tcf_police *p; struct qdisc_rate_table *R_tab = NULL, *P_tab = NULL; + int size; if (rta == NULL || rtattr_parse_nested(tb, TCA_POLICE_MAX, rta) 0) return -EINVAL; - if (tb[TCA_POLICE_TBF-1] == NULL || - RTA_PAYLOAD(tb[TCA_POLICE_TBF-1]) != sizeof(*parm)) + if (tb[TCA_POLICE_TBF-1] == NULL) + return -EINVAL; + size = RTA_PAYLOAD(tb[TCA_POLICE_TBF-1]); + if (size != sizeof(*parm) size != sizeof(struct tc_police_compat)) return -EINVAL; parm = RTA_DATA(tb[TCA_POLICE_TBF-1]); @@ -413,12 +428,15 @@ struct tcf_police * tcf_police_locate(st struct tcf_police *p; struct rtattr *tb[TCA_POLICE_MAX]; struct tc_police *parm; + int size; if (rtattr_parse_nested(tb, TCA_POLICE_MAX, rta) 0) return NULL; - if (tb[TCA_POLICE_TBF-1] == NULL || - RTA_PAYLOAD(tb[TCA_POLICE_TBF-1]) != sizeof(*parm)) + if (tb[TCA_POLICE_TBF-1] == NULL) + return NULL; + size = RTA_PAYLOAD(tb[TCA_POLICE_TBF-1]); + if (size != sizeof(*parm) size != sizeof(struct tc_police_compat)) return NULL; parm = RTA_DATA(tb[TCA_POLICE_TBF-1]); -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 20/24] skip data conversion in compat_sys_mount when data_page is NULL
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Andrey Mirkin [EMAIL PROTECTED] OpenVZ Linux kernel team has found a problem with mounting in compat mode. Simple command mount -t smbfs ... on Fedora Core 5 distro in 32-bit mode leads to oops: Unable to handle kernel NULL pointer dereference at RIP: [802bc7c6] compat_sys_mount+0xd6/0x290 PGD 34d48067 PUD 34d03067 PMD 0 Oops: [1] SMP CPU: 0 Modules linked in: iptable_nat simfs smbfs ip_nat ip_conntrack vzdquota parport_pc lp parport 8021q bridge llc vznetdev vzmon nfs lockd sunrpc vzdev iptable_filter af_packet xt_length ipt_ttl xt_tcpmss ipt_TCPMSS iptable_mangle xt_limit ipt_tos ipt_REJECT ip_tables x_tables thermal processor fan button battery asus_acpi ac uhci_hcd ehci_hcd usbcore i2c_i801 i2c_core e100 mii floppy ide_cd cdrom Pid: 14656, comm: mount RIP: 0060:[802bc7c6] [802bc7c6] compat_sys_mount+0xd6/0x290 RSP: :810034d31f38 EFLAGS: 00010292 RAX: 002c RBX: RCX: RDX: 810034c86bc0 RSI: 0096 RDI: 8061fc90 RBP: 810034d31f78 R08: R09: 000d R10: 810034d31e58 R11: 0001 R12: 810039dc3000 R13: 0805ea48 R14: R15: c0ed FS: () GS:80749000(0033) knlGS:b7d556b0 CS: 0060 DS: 007b ES: 007b CR0: 8005003b CR2: CR3: 34d43000 CR4: 06e0 Process mount (pid: 14656, veid=300, threadinfo 810034d3, task 810034c86bc0) Stack: 810034dd 810034e4a000 0805ea48 0805ea48 8021e64e Call Trace: [8021e64e] ia32_sysret+0x0/0xa Code: 83 3b 06 0f 85 41 01 00 00 0f b7 43 0c 89 43 14 0f b7 43 0a RIP [802bc7c6] compat_sys_mount+0xd6/0x290 RSP 810034d31f38 CR2: The problem is that data_page pointer can be NULL, so we should skip data conversion in this case. Signed-off-by: Andrey Mirkin [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Signed-off-by: Andrew Morton [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- fs/compat.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- linux-2.6.18.5.orig/fs/compat.c +++ linux-2.6.18.5/fs/compat.c @@ -873,7 +873,7 @@ asmlinkage long compat_sys_mount(char __ retval = -EINVAL; - if (type_page) { + if (type_page data_page) { if (!strcmp((char *)type_page, SMBFS_NAME)) { do_smb_super_data_conv((void *)data_page); } else if (!strcmp((char *)type_page, NCPFS_NAME)) { -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 05/24] EBTABLES: Prevent wraparounds in checks for entry components sizes.
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Al Viro [EMAIL PROTECTED] --- net/bridge/netfilter/ebtables.c | 17 + 1 file changed, 9 insertions(+), 8 deletions(-) --- linux-2.6.18.5.orig/net/bridge/netfilter/ebtables.c +++ linux-2.6.18.5/net/bridge/netfilter/ebtables.c @@ -360,10 +360,11 @@ ebt_check_match(struct ebt_entry_match * const char *name, unsigned int hookmask, unsigned int *cnt) { struct ebt_match *match; + size_t left = ((char *)e + e-watchers_offset) - (char *)m; int ret; - if (((char *)m) + m-match_size + sizeof(struct ebt_entry_match) - ((char *)e) + e-watchers_offset) + if (left sizeof(struct ebt_entry_match) || + left - sizeof(struct ebt_entry_match) m-match_size) return -EINVAL; match = find_match_lock(m-u.name, ret, ebt_mutex); if (!match) @@ -389,10 +390,11 @@ ebt_check_watcher(struct ebt_entry_watch const char *name, unsigned int hookmask, unsigned int *cnt) { struct ebt_watcher *watcher; + size_t left = ((char *)e + e-target_offset) - (char *)w; int ret; - if (((char *)w) + w-watcher_size + sizeof(struct ebt_entry_watcher) - ((char *)e) + e-target_offset) + if (left sizeof(struct ebt_entry_watcher) || + left - sizeof(struct ebt_entry_watcher) w-watcher_size) return -EINVAL; watcher = find_watcher_lock(w-u.name, ret, ebt_mutex); if (!watcher) @@ -595,6 +597,7 @@ ebt_check_entry(struct ebt_entry *e, str struct ebt_entry_target *t; struct ebt_target *target; unsigned int i, j, hook = 0, hookmask = 0; + size_t gap = e-next_offset - e-target_offset; int ret; /* don't mess with the struct ebt_entries */ @@ -656,8 +659,7 @@ ebt_check_entry(struct ebt_entry *e, str t-u.target = target; if (t-u.target == ebt_standard_target) { - if (e-target_offset + sizeof(struct ebt_standard_target) - e-next_offset) { + if (gap sizeof(struct ebt_standard_target)) { BUGPRINT(Standard target size too big\n); ret = -EFAULT; goto cleanup_watchers; @@ -668,8 +670,7 @@ ebt_check_entry(struct ebt_entry *e, str ret = -EFAULT; goto cleanup_watchers; } - } else if ((e-target_offset + t-target_size + - sizeof(struct ebt_entry_target) e-next_offset) || + } else if (t-target_size gap - sizeof(struct ebt_entry_target) || (t-u.target-check t-u.target-check(name, hookmask, e, t-data, t-target_size) != 0)){ module_put(t-u.target-me); -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 04/24] EBTABLES: Deal with the worst-case behaviour in loop checks.
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Al Viro [EMAIL PROTECTED] No need to revisit a chain we'd already finished with during the check for current hook. It's either instant loop (which we'd just detected) or a duplicate work. Signed-off-by: Al Viro [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- net/bridge/netfilter/ebtables.c |4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- linux-2.6.18.5.orig/net/bridge/netfilter/ebtables.c +++ linux-2.6.18.5/net/bridge/netfilter/ebtables.c @@ -739,7 +739,9 @@ static int check_chainloops(struct ebt_e BUGPRINT(loop\n); return -1; } - /* this can't be 0, so the above test is correct */ + if (cl_s[i].hookmask (1 hooknr)) + goto letscontinue; + /* this can't be 0, so the loop test is correct */ cl_s[i].cs.n = pos + 1; pos = 0; cl_s[i].cs.e = ((void *)e + e-next_offset); -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH] procfs: Fix race between proc_readdir and remove_proc_entry
Oops, sent a corrupt and old version of the patch. Here's the correct patch. While running a insmod/rmmod loop with the mptsas driver (vanilla 2.6.19, IBM Intellistation Z30, SAS1064E controller if it matters), I encountered a bad dereference of the pointer de: spin_unlock(proc_subdir_lock); if (filldir(dirent, de-name, de-namelen, filp-f_pos, de-low_ino, de-mode 12) 0) goto out; spin_lock(proc_subdir_lock); filp-f_pos++; de = de-next; I believe what's happening here is that proc_readdir drops proc_subdir_lock to call filldir() on the /proc/mpt directory at the same time mptbase is being unloaded. The unload causes the removal of /proc/mpt, which means that de is overwritten with the slab poison value as it is being freed. We reacquire the lock and try to grab the next value of de, but by then the next pointer has been lost, and we crash. Signed-off-by: Darrick J. Wong [EMAIL PROTECTED] --- fs/proc/generic.c |7 +-- fs/proc/inode.c|4 ++-- fs/proc/internal.h |3 +++ 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/fs/proc/generic.c b/fs/proc/generic.c index 4ba0300..7e77d7e 100644 --- a/fs/proc/generic.c +++ b/fs/proc/generic.c @@ -429,7 +429,7 @@ struct dentry *proc_lookup(struct inode int proc_readdir(struct file * filp, void * dirent, filldir_t filldir) { - struct proc_dir_entry * de; + struct proc_dir_entry * de, *next; unsigned int ino; int i; struct inode *inode = filp-f_dentry-d_inode; @@ -477,13 +477,16 @@ int proc_readdir(struct file * filp, do { /* filldir passes info to user space */ + de_get(de); spin_unlock(proc_subdir_lock); if (filldir(dirent, de-name, de-namelen, filp-f_pos, de-low_ino, de-mode 12) 0) goto out; spin_lock(proc_subdir_lock); filp-f_pos++; - de = de-next; + next = de-next; + de_put(de); + de = next; } while (de); spin_unlock(proc_subdir_lock); } diff --git a/fs/proc/inode.c b/fs/proc/inode.c index 49dfb2a..4b5a61c 100644 --- a/fs/proc/inode.c +++ b/fs/proc/inode.c @@ -21,7 +21,7 @@ #include asm/uaccess.h #include internal.h -static inline struct proc_dir_entry * de_get(struct proc_dir_entry *de) +struct proc_dir_entry * de_get(struct proc_dir_entry *de) { if (de) atomic_inc(de-count); @@ -31,7 +31,7 @@ static inline struct proc_dir_entry * de /* * Decrements the use count and checks for deferred deletion. */ -static void de_put(struct proc_dir_entry *de) +void de_put(struct proc_dir_entry *de) { if (de) { lock_kernel(); diff --git a/fs/proc/internal.h b/fs/proc/internal.h index 987c773..f4751ac 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -65,3 +65,6 @@ static inline int proc_fd(struct inode * { return PROC_I(inode)-fd; } + +struct proc_dir_entry * de_get(struct proc_dir_entry *de); +void de_put(struct proc_dir_entry *de); - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 08/24] NETFILTER: ip_tables: revision support for compat code
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Patrick McHardy [EMAIL PROTECTED] --- commit 79030ed07de673e8451a03aecb9ada9f4d75d491 tree 4ba8bd843c8bc95db0ea6877880b73d06da620e5 parent bec71b162747708d4b45b0cd399b484f52f2901a author Patrick McHardy [EMAIL PROTECTED] Wed, 20 Sep 2006 12:05:08 -0700 committer David S. Miller [EMAIL PROTECTED] Fri, 22 Sep 2006 15:20:00 -0700 net/ipv4/netfilter/ip_tables.c |5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) --- linux-2.6.18.5.orig/net/ipv4/netfilter/ip_tables.c +++ linux-2.6.18.5/net/ipv4/netfilter/ip_tables.c @@ -1989,6 +1989,8 @@ compat_get_entries(struct compat_ipt_get return ret; } +static int do_ipt_get_ctl(struct sock *, int, void __user *, int *); + static int compat_do_ipt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) { @@ -2005,8 +2007,7 @@ compat_do_ipt_get_ctl(struct sock *sk, i ret = compat_get_entries(user, len); break; default: - duprintf(compat_do_ipt_get_ctl: unknown request %i\n, cmd); - ret = -EINVAL; + ret = do_ipt_get_ctl(sk, cmd, user, len); } return ret; } -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 14/24] IrDA: Incorrect TTP header reservation
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Jeet Chaudhuri [EMAIL PROTECTED] We must reserve SAR + MAX_HEADER bytes for IrLMP to fit in. This fixes an oops reported (and fixed) by Jeet Chaudhuri, when max_sdu_size is greater than 0. Signed-off-by: Samuel Ortiz [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- net/irda/irttp.c |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- linux-2.6.18.5.orig/net/irda/irttp.c +++ linux-2.6.18.5/net/irda/irttp.c @@ -1098,7 +1098,7 @@ int irttp_connect_request(struct tsap_cb return -ENOMEM; /* Reserve space for MUX_CONTROL and LAP header */ - skb_reserve(tx_skb, TTP_MAX_HEADER); + skb_reserve(tx_skb, TTP_MAX_HEADER + TTP_SAR_HEADER); } else { tx_skb = userdata; /* @@ -1346,7 +1346,7 @@ int irttp_connect_response(struct tsap_c return -ENOMEM; /* Reserve space for MUX_CONTROL and LAP header */ - skb_reserve(tx_skb, TTP_MAX_HEADER); + skb_reserve(tx_skb, TTP_MAX_HEADER + TTP_SAR_HEADER); } else { tx_skb = userdata; /* -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 11/24] XFRM: Use output device disable_xfrm for forwarded packets
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: David Miller [EMAIL PROTECTED] Currently the behaviour of disable_xfrm is inconsistent between locally generated and forwarded packets. For locally generated packets disable_xfrm disables the policy lookup if it is set on the output device, for forwarded traffic however it looks at the input device. This makes it impossible to disable xfrm on all devices but a dummy device and use normal routing to direct traffic to that device. Always use the output device when checking disable_xfrm. Signed-off-by: Patrick McHardy [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- commit 9be2b4e36fb04bbc968693ef95a75acc17cf2931 Author: Patrick McHardy [EMAIL PROTECTED] Date: Mon Dec 4 19:59:00 2006 -0800 net/ipv4/route.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- linux-2.6.18.5.orig/net/ipv4/route.c +++ linux-2.6.18.5/net/ipv4/route.c @@ -1775,7 +1775,7 @@ static inline int __mkroute_input(struct #endif if (in_dev-cnf.no_policy) rth-u.dst.flags |= DST_NOPOLICY; - if (in_dev-cnf.no_xfrm) + if (out_dev-cnf.no_xfrm) rth-u.dst.flags |= DST_NOXFRM; rth-fl.fl4_dst = daddr; rth-rt_dst = daddr; -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 21/24] softirq: remove BUG_ONs which can incorrectly trigger
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: Zachary Amsden [EMAIL PROTECTED] It is possible to have tasklets get scheduled before softirqd has had a chance to spawn on all CPUs. This is totally harmless; after success during action CPU_UP_PREPARE, action CPU_ONLINE will be called, which immediately wakes softirqd on the appropriate CPU to process the already pending tasklets. So there is no danger of having a missed wakeup for any tasklets that were already pending. In particular, i386 is affected by this during startup, and is visible when using a very large initrd; during the time it takes for the initrd to be decompressed, a timer IRQ can come in and schedule RCU callbacks. It is also possible that resending of a hardware IRQ via a softirq triggers the same bug. Because of different timing conditions, this shows up in all emulators and virtual machines tested, including Xen, VMware, Virtual PC, and Qemu. It is also possible to trigger on native hardware with a large enough initrd, although I don't have a reliable case demonstrating that. Signed-off-by: Zachary Amsden [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Cc: Ingo Molnar [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Signed-off-by: Andrew Morton [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- kernel/softirq.c |2 -- 1 file changed, 2 deletions(-) --- linux-2.6.18.5.orig/kernel/softirq.c +++ linux-2.6.18.5/kernel/softirq.c @@ -574,8 +574,6 @@ static int __cpuinit cpu_callback(struct switch (action) { case CPU_UP_PREPARE: - BUG_ON(per_cpu(tasklet_vec, hotcpu).list); - BUG_ON(per_cpu(tasklet_hi_vec, hotcpu).list); p = kthread_create(ksoftirqd, hcpu, ksoftirqd/%d, hotcpu); if (IS_ERR(p)) { printk(ksoftirqd for %i failed\n, hotcpu); -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[patch 09/24] PKT_SCHED act_gact: division by zero
2.6.18-stable review patch. If anyone has any objections, please let us know. -- From: David Miller [EMAIL PROTECTED] Not returning -EINVAL, because someone might want to use the value zero in some future gact_prob algorithm? Signed-off-by: Kim Nordlund [EMAIL PROTECTED] Signed-off-by: David S. Miller [EMAIL PROTECTED] Signed-off-by: Chris Wright [EMAIL PROTECTED] --- net/sched/act_gact.c |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- linux-2.6.18.5.orig/net/sched/act_gact.c +++ linux-2.6.18.5/net/sched/act_gact.c @@ -54,14 +54,14 @@ static DEFINE_RWLOCK(gact_lock); #ifdef CONFIG_GACT_PROB static int gact_net_rand(struct tcf_gact *p) { - if (net_random()%p-pval) + if (!p-pval || net_random()%p-pval) return p-action; return p-paction; } static int gact_determ(struct tcf_gact *p) { - if (p-bstats.packets%p-pval) + if (!p-pval || p-bstats.packets%p-pval) return p-action; return p-paction; } -- - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[git patches] libata updates
Includes some pre-window-closing stuff (new drivers), but I was waiting on some bug fixes before pushing. Please pull from 'upstream-linus' branch of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/libata-dev.git upstream-linus to receive the following updates: drivers/ata/Kconfig| 20 ++- drivers/ata/Makefile |2 + drivers/ata/ahci.c |2 - drivers/ata/ata_piix.c | 24 ++- drivers/ata/libata-core.c | 16 +- drivers/ata/libata-scsi.c |4 +- drivers/ata/pata_ali.c |4 +- drivers/ata/pata_cs5520.c |2 +- drivers/ata/pata_cs5530.c |8 +- drivers/ata/pata_hpt366.c |2 +- drivers/ata/pata_hpt37x.c |4 +- drivers/ata/pata_hpt3x3.c |2 +- drivers/ata/pata_it8213.c | 354 + drivers/ata/pata_jmicron.c |2 +- drivers/ata/pata_marvell.c |4 +- drivers/ata/pata_mpc52xx.c | 563 drivers/ata/pata_serverworks.c |2 +- drivers/ata/pata_sil680.c |2 +- drivers/ata/pata_sis.c |2 +- drivers/ata/pata_via.c | 10 +- drivers/ata/pata_winbond.c | 16 +- drivers/ata/sata_nv.c | 18 +- drivers/ata/sata_sis.c | 79 -- drivers/ata/sata_svw.c | 41 +++- drivers/ata/sata_via.c |2 +- include/linux/libata.h |2 +- include/linux/pci_ids.h|1 + 27 files changed, 1099 insertions(+), 89 deletions(-) create mode 100644 drivers/ata/pata_it8213.c create mode 100644 drivers/ata/pata_mpc52xx.c Alan (1): pata_it8213: Add new driver for the IT8213 card Jason Gaston (1): ata_piix: IDE mode SATA patch for Intel ICH9 Jeff Garzik (3): [libata] use kmap_atomic(KM_IRQ0) in SCSI simulator [libata] trim trailing whitespace [libata] sata_svw: Disable ATAPI DMA on current boards (errata workaround) Sylvain Munaut (1): libata: Add support for the MPC52xx ATA controller Tejun Heo (3): ata_piix: use piix_host_stop() in ich_pata_ops libata: don't initialize sg in ata_exec_internal() if DMA_NONE (take #2) ahci: do not mangle saved HOST_CAP while resetting controller Uwe Koziolek (1): sata_sis: support SiS966/966L diff --git a/drivers/ata/Kconfig b/drivers/ata/Kconfig index 984ab28..fb1de86 100644 --- a/drivers/ata/Kconfig +++ b/drivers/ata/Kconfig @@ -292,7 +292,7 @@ config PATA_ISAPNP If unsure, say N. config PATA_IT821X - tristate IT821x PATA support (Experimental) + tristate IT8211/2 PATA support (Experimental) depends on PCI EXPERIMENTAL help This option enables support for the ITE 8211 and 8212 @@ -301,6 +301,15 @@ config PATA_IT821X If unsure, say N. +config PATA_IT8213 + tristate IT8213 PATA support (Experimental) + depends on PCI EXPERIMENTAL + help + This option enables support for the ITE 821 PATA + controllers via the new ATA layer. + + If unsure, say N. + config PATA_JMICRON tristate JMicron PATA support depends on PCI @@ -337,6 +346,15 @@ config PATA_MARVELL If unsure, say N. +config PATA_MPC52xx + tristate Freescale MPC52xx SoC internal IDE + depends on PPC_MPC52xx + help + This option enables support for integrated IDE controller + of the Freescale MPC52xx SoC. + + If unsure, say N. + config PATA_MPIIX tristate Intel PATA MPIIX support depends on PCI diff --git a/drivers/ata/Makefile b/drivers/ata/Makefile index bc3d81a..a0df15d 100644 --- a/drivers/ata/Makefile +++ b/drivers/ata/Makefile @@ -33,11 +33,13 @@ obj-$(CONFIG_PATA_HPT3X2N) += pata_hpt3x2n.o obj-$(CONFIG_PATA_HPT3X3) += pata_hpt3x3.o obj-$(CONFIG_PATA_ISAPNP) += pata_isapnp.o obj-$(CONFIG_PATA_IT821X) += pata_it821x.o +obj-$(CONFIG_PATA_IT8213) += pata_it8213.o obj-$(CONFIG_PATA_JMICRON) += pata_jmicron.o obj-$(CONFIG_PATA_NETCELL) += pata_netcell.o obj-$(CONFIG_PATA_NS87410) += pata_ns87410.o obj-$(CONFIG_PATA_OPTI)+= pata_opti.o obj-$(CONFIG_PATA_OPTIDMA) += pata_optidma.o +obj-$(CONFIG_PATA_MPC52xx) += pata_mpc52xx.o obj-$(CONFIG_PATA_MARVELL) += pata_marvell.o obj-$(CONFIG_PATA_MPIIX) += pata_mpiix.o obj-$(CONFIG_PATA_OLDPIIX) += pata_oldpiix.o diff --git a/drivers/ata/ahci.c b/drivers/ata/ahci.c index f36da48..dbae6d9 100644 --- a/drivers/ata/ahci.c +++ b/drivers/ata/ahci.c @@ -645,8 +645,6 @@ static int ahci_reset_controller(void __iomem *mmio, struct pci_dev *pdev) u32 cap_save, impl_save, tmp; cap_save = readl(mmio + HOST_CAP); - cap_save = ( (128) | (117) ); - cap_save |= (1 27); impl_save = readl(mmio + HOST_PORTS_IMPL); /* global controller reset */ diff --git a/drivers/ata/ata_piix.c b/drivers/ata/ata_piix.c index c7de0bb..7959e4c 100644 ---
Re: [PATCH] ata_piix: use piix_host_stop() in ich_pata_ops
On 13/12/06, Catalin Marinas [EMAIL PROTECTED] wrote: On 11/12/06, Tejun Heo [EMAIL PROTECTED] wrote: piix_init_one() allocates host private data which should be freed by piix_host_stop(). ich_pata_ops wasn't converted to piix_host_stop() while merging, leaking 4 bytes on driver detach. Fix it. I tried your patch last night but the leak is still reported. I need to investigate further and put some printk's in the piix_host_stop function to check whether the freeing really takes place. The piix_host_stop() isn't actually called on my machine, so this is not the cause of the leak. What causes the leak seem to be the error returned by ata_pci_init_one() called from piix_init_one(). These are the related kernel messages: ata_piix :00:1f.1: version 2.00ac7 ACPI: PCI Interrupt :00:1f.1[A] - GSI 16 (level, low) - IRQ 18 PCI: Unable to reserve I/O region #1:[EMAIL PROTECTED] for device :00:1f.1 ata_piix: probe of :00:1f.1 failed with error -16 I think the call to ata_pci_init_one() should be followed by some clean-up in case it fails. There is also another return without clean-up in piix_init_one() after the call to piix_disable_ahci(). I don't have time to try this now. -- Catalin - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[RFC: 2.6 patch] simplify drivers/md/md.c:update_size()
While looking at commit 8ddeeae51f2f197b4fafcba117ee8191b49d843e, I got the impression that this commit couldn't fix anything, since the size variable can't be changed before fit gets used. Is there any big thinko, or is the patch below that slightly simplifies update_size() semantically equivalent to the current code? Signed-off-by: Adrian Bunk [EMAIL PROTECTED] --- drivers/md/md.c |3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) --- linux-2.6.19-mm1/drivers/md/md.c.old2006-12-15 00:57:05.0 +0100 +++ linux-2.6.19-mm1/drivers/md/md.c2006-12-15 00:57:42.0 +0100 @@ -4039,57 +4039,56 @@ * Generate a 128 bit UUID */ get_random_bytes(mddev-uuid, 16); mddev-new_level = mddev-level; mddev-new_chunk = mddev-chunk_size; mddev-new_layout = mddev-layout; mddev-delta_disks = 0; mddev-dead = 0; return 0; } static int update_size(mddev_t *mddev, unsigned long size) { mdk_rdev_t * rdev; int rv; struct list_head *tmp; - int fit = (size == 0); if (mddev-pers-resize == NULL) return -EINVAL; /* The size is the amount of each device that is used. * This can only make sense for arrays with redundancy. * linear and raid0 always use whatever space is available * We can only consider changing the size if no resync * or reconstruction is happening, and if the new size * is acceptable. It must fit before the sb_offset or, * if that is data_offset, it must fit before the * size of each device. * If size is zero, we find the largest size that fits. */ if (mddev-sync_thread) return -EBUSY; ITERATE_RDEV(mddev,rdev,tmp) { sector_t avail; avail = rdev-size * 2; - if (fit (size == 0 || size avail/2)) + if (size == 0) size = avail/2; if (avail ((sector_t)size 1)) return -ENOSPC; } rv = mddev-pers-resize(mddev, (sector_t)size *2); if (!rv) { struct block_device *bdev; bdev = bdget_disk(mddev-gendisk, 0); if (bdev) { mutex_lock(bdev-bd_inode-i_mutex); i_size_write(bdev-bd_inode, (loff_t)mddev-array_size 10); mutex_unlock(bdev-bd_inode-i_mutex); bdput(bdev); } } return rv; } - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [RFC: 2.6 patch] simplify drivers/md/md.c:update_size()
On Fri, 2006-12-15 at 01:19 +0100, Adrian Bunk wrote: While looking at commit 8ddeeae51f2f197b4fafcba117ee8191b49d843e, I got the impression that this commit couldn't fix anything, since the size variable can't be changed before fit gets used. Is there any big thinko, or is the patch below that slightly simplifies update_size() semantically equivalent to the current code? No, this patch is broken. Where it fails is specifically the case where you want to autofit the largest possible size, you have different size devices, and the first device is not the smallest. When you hit the first device, you will set size, then as you repeat the ITERATE_RDEV loop, when you hit the smaller device, size will be non-0 and you'll then trigger the later if and return -ENOSPC. In the case of autofit, you have to preserve the fit variable instead of looking at size so you know whether or not to modify the size when you hit a smaller device later in the list. Signed-off-by: Adrian Bunk [EMAIL PROTECTED] --- drivers/md/md.c |3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) --- linux-2.6.19-mm1/drivers/md/md.c.old 2006-12-15 00:57:05.0 +0100 +++ linux-2.6.19-mm1/drivers/md/md.c 2006-12-15 00:57:42.0 +0100 @@ -4039,57 +4039,56 @@ * Generate a 128 bit UUID */ get_random_bytes(mddev-uuid, 16); mddev-new_level = mddev-level; mddev-new_chunk = mddev-chunk_size; mddev-new_layout = mddev-layout; mddev-delta_disks = 0; mddev-dead = 0; return 0; } static int update_size(mddev_t *mddev, unsigned long size) { mdk_rdev_t * rdev; int rv; struct list_head *tmp; - int fit = (size == 0); if (mddev-pers-resize == NULL) return -EINVAL; /* The size is the amount of each device that is used. * This can only make sense for arrays with redundancy. * linear and raid0 always use whatever space is available * We can only consider changing the size if no resync * or reconstruction is happening, and if the new size * is acceptable. It must fit before the sb_offset or, * if that is data_offset, it must fit before the * size of each device. * If size is zero, we find the largest size that fits. */ if (mddev-sync_thread) return -EBUSY; ITERATE_RDEV(mddev,rdev,tmp) { sector_t avail; avail = rdev-size * 2; - if (fit (size == 0 || size avail/2)) + if (size == 0) size = avail/2; if (avail ((sector_t)size 1)) return -ENOSPC; } rv = mddev-pers-resize(mddev, (sector_t)size *2); if (!rv) { struct block_device *bdev; bdev = bdget_disk(mddev-gendisk, 0); if (bdev) { mutex_lock(bdev-bd_inode-i_mutex); i_size_write(bdev-bd_inode, (loff_t)mddev-array_size 10); mutex_unlock(bdev-bd_inode-i_mutex); bdput(bdev); } } return rv; } -- Doug Ledford [EMAIL PROTECTED] GPG KeyID: CFBFF194 http://people.redhat.com/dledford Infiniband specific RPMs available at http://people.redhat.com/dledford/Infiniband signature.asc Description: This is a digitally signed message part
Re: [RFC: 2.6 patch] simplify drivers/md/md.c:update_size()
On Thu, Dec 14, 2006 at 07:36:35PM -0500, Doug Ledford wrote: On Fri, 2006-12-15 at 01:19 +0100, Adrian Bunk wrote: While looking at commit 8ddeeae51f2f197b4fafcba117ee8191b49d843e, I got the impression that this commit couldn't fix anything, since the size variable can't be changed before fit gets used. Is there any big thinko, or is the patch below that slightly simplifies update_size() semantically equivalent to the current code? No, this patch is broken. Where it fails is specifically the case where you want to autofit the largest possible size, you have different size devices, and the first device is not the smallest. When you hit the first device, you will set size, then as you repeat the ITERATE_RDEV loop, when you hit the smaller device, size will be non-0 and you'll then trigger the later if and return -ENOSPC. In the case of autofit, you have to preserve the fit variable instead of looking at size so you know whether or not to modify the size when you hit a smaller device later in the list. ... OK, sorry, I've got my thinko: ITERATE_RDEV() is a loop. That's what I missed. cu Adrian -- Is there not promise of rain? Ling Tan asked suddenly out of the darkness. There had been need of rain for many days. Only a promise, Lao Er said. Pearl S. Buck - Dragon Seed - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [git patches] libata updates
+config PATA_IT8213 + tristate IT8213 PATA support (Experimental) + depends on PCI EXPERIMENTAL + help + This option enables support for the ITE 821 PATA Typo (IT8213) - probably my fault but only just noticed it - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH v4 06/13] Completion Queues
Functions to manipulate CQs. Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/hw/cxgb3/iwch_cq.c | 231 + 1 files changed, 231 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/hw/cxgb3/iwch_cq.c b/drivers/infiniband/hw/cxgb3/iwch_cq.c new file mode 100644 index 000..9d82df4 --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/iwch_cq.c @@ -0,0 +1,231 @@ +/* + * Copyright (c) 2006 Chelsio, Inc. All rights reserved. + * Copyright (c) 2006 Open Grid Computing, Inc. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + *copyright notice, this list of conditions and the following + *disclaimer. + * + * - Redistributions in binary form must reproduce the above + *copyright notice, this list of conditions and the following + *disclaimer in the documentation and/or other materials + *provided with the distribution. + * + * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +#include iwch_provider.h +#include iwch.h + +/* + * Get one cq entry from cxio and map it to openib. + * + * Returns: + * 0 EMPTY; + * 1 cqe returned + * -EAGAIN caller must try again + * any other -errnofatal error + */ +int iwch_poll_cq_one(struct iwch_dev *rhp, struct iwch_cq *chp, +struct ib_wc *wc) +{ + struct iwch_qp *qhp = NULL; + struct t3_cqe cqe, *rd_cqe; + struct t3_wq *wq; + u32 credit = 0; + u8 cqe_flushed; + u64 cookie; + int ret = 1; + + rd_cqe = cxio_next_cqe(chp-cq); + + if (!rd_cqe) + return 0; + + qhp = get_qhp(rhp, CQE_QPID(*rd_cqe)); + if (!qhp) + wq = NULL; + else { + spin_lock(qhp-lock); + wq = (qhp-wq); + } + ret = cxio_poll_cq(wq, (chp-cq), cqe, cqe_flushed, cookie, + credit); + if (t3a_device(chp-rhp) credit) { + PDBG(%s updating %d cq credits on id %d\n, __FUNCTION__, +credit, chp-cq.cqid); + cxio_hal_cq_op(rhp-rdev, chp-cq, CQ_CREDIT_UPDATE, credit); + } + + if (ret) { + ret = -EAGAIN; + goto out; + } + ret = 1; + + wc-wr_id = cookie; + wc-qp_num = qhp-wq.qpid; + wc-vendor_err = CQE_STATUS(cqe); + + PDBG(%s qpid 0x%x type %d opcode %d status 0x%x wrid hi 0x%x +lo 0x%x cookie 0x%llx\n, __FUNCTION__, +CQE_QPID(cqe), CQE_TYPE(cqe), +CQE_OPCODE(cqe), CQE_STATUS(cqe), CQE_WRID_HI(cqe), +CQE_WRID_LOW(cqe), cookie); + + if (CQE_TYPE(cqe) == 0) { + if (!CQE_STATUS(cqe)) + wc-byte_len = CQE_LEN(cqe); + else + wc-byte_len = 0; + wc-opcode = IB_WC_RECV; + } else { + switch (CQE_OPCODE(cqe)) { + case T3_RDMA_WRITE: + wc-opcode = IB_WC_RDMA_WRITE; + break; + case T3_READ_REQ: + wc-opcode = IB_WC_RDMA_READ; + wc-byte_len = CQE_LEN(cqe); + break; + case T3_SEND: + case T3_SEND_WITH_SE: + wc-opcode = IB_WC_SEND; + break; + case T3_BIND_MW: + wc-opcode = IB_WC_BIND_MW; + break; + + /* these aren't supported yet */ + case T3_SEND_WITH_INV: + case T3_SEND_WITH_SE_INV: + case T3_LOCAL_INV: + case T3_FAST_REGISTER: + default: + printk(KERN_ERR MOD Unexpected opcode %d + in the CQE received for QPID=0x%0x\n, + CQE_OPCODE(cqe), CQE_QPID(cqe)); + ret = -EINVAL; +
[PATCH v4 07/13] Async Event Handler
Code to handle async events coming from the T3 RDMA Core. Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/hw/cxgb3/iwch_ev.c | 231 + 1 files changed, 231 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/hw/cxgb3/iwch_ev.c b/drivers/infiniband/hw/cxgb3/iwch_ev.c new file mode 100644 index 000..b0bd014 --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/iwch_ev.c @@ -0,0 +1,231 @@ +/* + * Copyright (c) 2006 Chelsio, Inc. All rights reserved. + * Copyright (c) 2006 Open Grid Computing, Inc. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + *copyright notice, this list of conditions and the following + *disclaimer. + * + * - Redistributions in binary form must reproduce the above + *copyright notice, this list of conditions and the following + *disclaimer in the documentation and/or other materials + *provided with the distribution. + * + * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +#include linux/slab.h +#include linux/mman.h +#include net/sock.h +#include iwch_provider.h +#include iwch.h +#include iwch_cm.h +#include cxio_hal.h +#include cxio_wr.h + +static void post_qp_event(struct iwch_dev *rnicp, struct iwch_cq *chp, + struct respQ_msg_t *rsp_msg, + enum ib_event_type ib_event, + int send_term) +{ + struct ib_event event; + struct iwch_qp_attributes attrs; + struct iwch_qp *qhp; + + printk(KERN_ERR %s - AE qpid 0x%x opcode %d status 0x%x + type %d wrid.hi 0x%x wrid.lo 0x%x \n, __FUNCTION__, + CQE_QPID(rsp_msg-cqe), CQE_OPCODE(rsp_msg-cqe), + CQE_STATUS(rsp_msg-cqe), CQE_TYPE(rsp_msg-cqe), + CQE_WRID_HI(rsp_msg-cqe), CQE_WRID_LOW(rsp_msg-cqe)); + + spin_lock(rnicp-lock); + qhp = get_qhp(rnicp, CQE_QPID(rsp_msg-cqe)); + + if (!qhp) { + printk(KERN_ERR %s unaffiliated error 0x%x qpid 0x%x\n, + __FUNCTION__, CQE_STATUS(rsp_msg-cqe), + CQE_QPID(rsp_msg-cqe)); + spin_unlock(rnicp-lock); + return; + } + + if ((qhp-attr.state == IWCH_QP_STATE_ERROR) || + (qhp-attr.state == IWCH_QP_STATE_TERMINATE)) { + PDBG(%s AE received after RTS - +qp state %d qpid 0x%x status 0x%x\n, __FUNCTION__, +qhp-attr.state, qhp-wq.qpid, CQE_STATUS(rsp_msg-cqe)); + spin_unlock(rnicp-lock); + return; + } + + atomic_inc(qhp-refcnt); + spin_unlock(rnicp-lock); + + event.event = ib_event; + event.device = chp-ibcq.device; + if (ib_event == IB_EVENT_CQ_ERR) + event.element.cq = chp-ibcq; + else + event.element.qp = qhp-ibqp; + + if (qhp-ibqp.event_handler) + (*qhp-ibqp.event_handler)(event, qhp-ibqp.qp_context); + + if (qhp-attr.state == IWCH_QP_STATE_RTS) { + attrs.next_state = IWCH_QP_STATE_TERMINATE; + iwch_modify_qp(qhp-rhp, qhp, IWCH_QP_ATTR_NEXT_STATE, + attrs, 1); + if (send_term) + iwch_post_terminate(qhp, rsp_msg); + } + + if (atomic_dec_and_test(qhp-refcnt)) + wake_up(qhp-wait); +} + +void iwch_ev_dispatch(struct cxio_rdev *rdev_p, struct sk_buff *skb) +{ + struct iwch_dev *rnicp; + struct respQ_msg_t *rsp_msg = (struct respQ_msg_t *) skb-data; + struct iwch_cq *chp; + struct iwch_qp *qhp; + u32 cqid = RSPQ_CQID(rsp_msg); + + rnicp = (struct iwch_dev *) rdev_p-ulp; + spin_lock(rnicp-lock); + chp = get_chp(rnicp, cqid); + qhp = get_qhp(rnicp, CQE_QPID(rsp_msg-cqe)); + if (!chp || !qhp) { + printk(KERN_ERR MOD BAD AE cqid 0x%x qpid 0x%x opcode %d + status 0x%x type %d wrid.hi 0x%x wrid.lo 0x%x \n, +
[PATCH v4 02/13] Device Discovery and ULLD Linkage
Code to discover all the T3 devices and register them with the T3 RDMA Core and the Linux RDMA Core. Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/hw/cxgb3/iwch.c | 189 drivers/infiniband/hw/cxgb3/iwch.h | 175 + 2 files changed, 364 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/hw/cxgb3/iwch.c b/drivers/infiniband/hw/cxgb3/iwch.c new file mode 100644 index 000..acbe449 --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/iwch.c @@ -0,0 +1,189 @@ +/* + * Copyright (c) 2006 Chelsio, Inc. All rights reserved. + * Copyright (c) 2006 Open Grid Computing, Inc. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + *copyright notice, this list of conditions and the following + *disclaimer. + * + * - Redistributions in binary form must reproduce the above + *copyright notice, this list of conditions and the following + *disclaimer in the documentation and/or other materials + *provided with the distribution. + * + * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +#include linux/module.h +#include linux/moduleparam.h + +#include rdma/ib_verbs.h + +#include cxgb3_offload.h +#include iwch_provider.h +#include iwch_user.h +#include iwch.h +#include iwch_cm.h + +#define DRV_VERSION 1.1 + +MODULE_AUTHOR(Boyd Faulkner, Steve Wise); +MODULE_DESCRIPTION(Chelsio T3 RDMA Driver); +MODULE_LICENSE(Dual BSD/GPL); +MODULE_VERSION(DRV_VERSION); + +cxgb3_cpl_handler_func t3c_handlers[NUM_CPL_CMDS]; + +static void open_rnic_dev(struct t3cdev *); +static void close_rnic_dev(struct t3cdev *); + +struct cxgb3_client t3c_client = { + .name = iw_cxgb3, + .add = open_rnic_dev, + .remove = close_rnic_dev, + .handlers = t3c_handlers, + .redirect = iwch_ep_redirect +}; + +static LIST_HEAD(dev_list); +static DEFINE_MUTEX(dev_mutex); + +static void rnic_init(struct iwch_dev *rnicp) +{ + PDBG(%s iwch_dev %p\n, __FUNCTION__, rnicp); + idr_init(rnicp-cqidr); + idr_init(rnicp-qpidr); + idr_init(rnicp-mmidr); + spin_lock_init(rnicp-lock); + + rnicp-attr.vendor_id = 0x168; + rnicp-attr.vendor_part_id = 7; + rnicp-attr.max_qps = T3_MAX_NUM_QP - 32; + rnicp-attr.max_wrs = (1UL 24) - 1; + rnicp-attr.max_sge_per_wr = T3_MAX_SGE; + rnicp-attr.max_sge_per_rdma_write_wr = T3_MAX_SGE; + rnicp-attr.max_cqs = T3_MAX_NUM_CQ - 1; + rnicp-attr.max_cqes_per_cq = (1UL 24) - 1; + rnicp-attr.max_mem_regs = cxio_num_stags(rnicp-rdev); + rnicp-attr.max_phys_buf_entries = T3_MAX_PBL_SIZE; + rnicp-attr.max_pds = T3_MAX_NUM_PD - 1; + rnicp-attr.mem_pgsizes_bitmask = 0x7FFF; /* 4KB-128MB */ + rnicp-attr.can_resize_wq = 0; + rnicp-attr.max_rdma_reads_per_qp = 8; + rnicp-attr.max_rdma_read_resources = + rnicp-attr.max_rdma_reads_per_qp * rnicp-attr.max_qps; + rnicp-attr.max_rdma_read_qp_depth = 8; /* IRD */ + rnicp-attr.max_rdma_read_depth = + rnicp-attr.max_rdma_read_qp_depth * rnicp-attr.max_qps; + rnicp-attr.rq_overflow_handled = 0; + rnicp-attr.can_modify_ird = 0; + rnicp-attr.can_modify_ord = 0; + rnicp-attr.max_mem_windows = rnicp-attr.max_mem_regs - 1; + rnicp-attr.stag0_value = 1; + rnicp-attr.zbva_support = 1; + rnicp-attr.local_invalidate_fence = 1; + rnicp-attr.cq_overflow_detection = 1; + return; +} + +static void open_rnic_dev(struct t3cdev *tdev) +{ + struct iwch_dev *rnicp; + static int vers_printed; + + PDBG(%s t3cdev %p\n, __FUNCTION__, tdev); + if (!vers_printed++) + printk(KERN_INFO MOD Chelsio T3 RDMA Driver - version %s\n, + DRV_VERSION); + rnicp = (struct iwch_dev *)ib_alloc_device(sizeof(*rnicp)); + if (!rnicp) { + printk(KERN_ERR MOD Cannot allocate ib device\n); + return; + } + rnicp-rdev.ulp =
[PATCH v4 05/13] Queue Pairs
Code to manipulate the QP. Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/hw/cxgb3/iwch_qp.c | 1007 + 1 files changed, 1007 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/hw/cxgb3/iwch_qp.c b/drivers/infiniband/hw/cxgb3/iwch_qp.c new file mode 100644 index 000..9f6b251 --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/iwch_qp.c @@ -0,0 +1,1007 @@ +/* + * Copyright (c) 2006 Chelsio, Inc. All rights reserved. + * Copyright (c) 2006 Open Grid Computing, Inc. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + *copyright notice, this list of conditions and the following + *disclaimer. + * + * - Redistributions in binary form must reproduce the above + *copyright notice, this list of conditions and the following + *disclaimer in the documentation and/or other materials + *provided with the distribution. + * + * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +#include iwch_provider.h +#include iwch.h +#include iwch_cm.h +#include cxio_hal.h + +#define NO_SUPPORT -1 + +static inline int iwch_build_rdma_send(union t3_wr *wqe, struct ib_send_wr *wr, + u8 * flit_cnt) +{ + int i; + u32 plen; + + switch (wr-opcode) { + case IB_WR_SEND: + case IB_WR_SEND_WITH_IMM: + if (wr-send_flags IB_SEND_SOLICITED) + wqe-send.rdmaop = T3_SEND_WITH_SE; + else + wqe-send.rdmaop = T3_SEND; + wqe-send.rem_stag = 0; + break; +#if 0 /* Not currently supported */ + case TYPE_SEND_INVALIDATE: + case TYPE_SEND_INVALIDATE_IMMEDIATE: + wqe-send.rdmaop = T3_SEND_WITH_INV; + wqe-send.rem_stag = cpu_to_be32(wr-wr.rdma.rkey); + break; + case TYPE_SEND_SE_INVALIDATE: + wqe-send.rdmaop = T3_SEND_WITH_SE_INV; + wqe-send.rem_stag = cpu_to_be32(wr-wr.rdma.rkey); + break; +#endif + default: + break; + } + if (wr-num_sge T3_MAX_SGE) + return -EINVAL; + wqe-send.reserved[0] = 0; + wqe-send.reserved[1] = 0; + wqe-send.reserved[2] = 0; + if (wr-opcode == IB_WR_SEND_WITH_IMM) { + plen = 4; + wqe-send.sgl[0].stag = wr-imm_data; + wqe-send.sgl[0].len = __constant_cpu_to_be32(0); + wqe-send.num_sgle = __constant_cpu_to_be32(0); + *flit_cnt = 5; + } else { + plen = 0; + for (i = 0; i wr-num_sge; i++) { + if ((plen + wr-sg_list[i].length) plen) { + return -EMSGSIZE; + } + plen += wr-sg_list[i].length; + wqe-send.sgl[i].stag = + cpu_to_be32(wr-sg_list[i].lkey); + wqe-send.sgl[i].len = + cpu_to_be32(wr-sg_list[i].length); + wqe-send.sgl[i].to = cpu_to_be64(wr-sg_list[i].addr); + } + wqe-send.num_sgle = cpu_to_be32(wr-num_sge); + *flit_cnt = 4 + ((wr-num_sge) 1); + } + wqe-send.plen = cpu_to_be32(plen); + return 0; +} + +static inline int iwch_build_rdma_write(union t3_wr *wqe, struct ib_send_wr *wr, + u8 *flit_cnt) +{ + int i; + u32 plen; + if (wr-num_sge T3_MAX_SGE) + return -EINVAL; + wqe-write.rdmaop = T3_RDMA_WRITE; + wqe-write.reserved[0] = 0; + wqe-write.reserved[1] = 0; + wqe-write.reserved[2] = 0; + wqe-write.stag_sink = cpu_to_be32(wr-wr.rdma.rkey); + wqe-write.to_sink = cpu_to_be64(wr-wr.rdma.remote_addr); + + if (wr-opcode == IB_WR_RDMA_WRITE_WITH_IMM) { + plen = 4; + wqe-write.sgl[0].stag = wr-imm_data; +
[PATCH v4 03/13] Provider Methods and Data Structures
Provider methods to support the Linux RDMA verbs. Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/hw/cxgb3/iwch_provider.c | 1171 +++ drivers/infiniband/hw/cxgb3/iwch_provider.h | 363 drivers/infiniband/hw/cxgb3/iwch_user.h | 68 ++ 3 files changed, 1602 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/hw/cxgb3/iwch_provider.c b/drivers/infiniband/hw/cxgb3/iwch_provider.c new file mode 100644 index 000..e9721b1 --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/iwch_provider.c @@ -0,0 +1,1171 @@ +/* + * Copyright (c) 2006 Chelsio, Inc. All rights reserved. + * Copyright (c) 2006 Open Grid Computing, Inc. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + *copyright notice, this list of conditions and the following + *disclaimer. + * + * - Redistributions in binary form must reproduce the above + *copyright notice, this list of conditions and the following + *disclaimer in the documentation and/or other materials + *provided with the distribution. + * + * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +#include linux/module.h +#include linux/moduleparam.h +#include linux/device.h +#include linux/netdevice.h +#include linux/etherdevice.h +#include linux/delay.h +#include linux/errno.h +#include linux/list.h +#include linux/spinlock.h +#include linux/ethtool.h + +#include asm/io.h +#include asm/irq.h +#include asm/byteorder.h + +#include rdma/iw_cm.h +#include rdma/ib_verbs.h +#include rdma/ib_smi.h +#include rdma/ib_user_verbs.h + +#include cxio_hal.h +#include iwch.h +#include iwch_provider.h +#include iwch_cm.h +#include iwch_user.h + +static int iwch_modify_port(struct ib_device *ibdev, + u8 port, int port_modify_mask, + struct ib_port_modify *props) +{ + return -ENOSYS; +} + +static struct ib_ah *iwch_ah_create(struct ib_pd *pd, + struct ib_ah_attr *ah_attr) +{ + return ERR_PTR(-ENOSYS); +} + +static int iwch_ah_destroy(struct ib_ah *ah) +{ + return -ENOSYS; +} + +static int iwch_multicast_attach(struct ib_qp *ibqp, union ib_gid *gid, u16 lid) +{ + return -ENOSYS; +} + +static int iwch_multicast_detach(struct ib_qp *ibqp, union ib_gid *gid, u16 lid) +{ + return -ENOSYS; +} + +static int iwch_process_mad(struct ib_device *ibdev, + int mad_flags, + u8 port_num, + struct ib_wc *in_wc, + struct ib_grh *in_grh, + struct ib_mad *in_mad, struct ib_mad *out_mad) +{ + return -ENOSYS; +} + +static int iwch_dealloc_ucontext(struct ib_ucontext *context) +{ + struct iwch_dev *rhp = to_iwch_dev(context-device); + struct iwch_ucontext *ucontext = to_iwch_ucontext(context); + PDBG(%s context %p\n, __FUNCTION__, context); + cxio_release_ucontext(rhp-rdev, ucontext-uctx); + kfree(ucontext); + return 0; +} + +static struct ib_ucontext *iwch_alloc_ucontext(struct ib_device *ibdev, + struct ib_udata *udata) +{ + struct iwch_ucontext *context; + struct iwch_dev *rhp = to_iwch_dev(ibdev); + + PDBG(%s ibdev %p\n, __FUNCTION__, ibdev); + context = kmalloc(sizeof(*context), GFP_KERNEL); + if (!context) + return ERR_PTR(-ENOMEM); + cxio_init_ucontext(rhp-rdev, context-uctx); + INIT_LIST_HEAD(context-mmaps); + spin_lock_init(context-mmap_lock); + return context-ibucontext; +} + +static int iwch_destroy_cq(struct ib_cq *ib_cq) +{ + struct iwch_cq *chp; + + PDBG(%s ib_cq %p\n, __FUNCTION__, ib_cq); + chp = to_iwch_cq(ib_cq); + + remove_handle(chp-rhp, chp-rhp-cqidr, chp-cq.cqid); + atomic_dec(chp-refcnt); + wait_event(chp-wait, !atomic_read(chp-refcnt)); + + cxio_destroy_cq(chp-rhp-rdev, chp-cq); + kfree(chp); + return 0;
[PATCH v4 00/13] 2.6.20 Chelsio T3 RDMA Driver
Roland, I think this is ready to go once the ethernet driver is pulled in. Version 4 changes: - Cleaned up spacing in the Kconfig file - Remove locking.txt file - its not needed - Remove -O1 from the debug config option - BugFix: support new LLD interface for dual-port adapters Version 3 changes: - BugFix: Don't use mutex inside of the mmap function. - BugFix: Move QP to TERMINATE when TERMINATE AE is processed - Support the new work queue design - Merged up to linus's tree as of 12/8/2006 - Misc nits Version 2 changes: - Make code sparse endian clean - Use IDRs for mapping QP and CQ IDs to structure pointers instead of arrays - Clean up confusing bitfields - Use random32() instead of local random function - Use krefs to track endpoint reference counts - Misc nits - The following series implements the Chelsio T3 iWARP/RDMA Driver to be considered for inclusion in 2.6.20. It depends on the Chelsio T3 Ethernet driver which is also under review now for 2.6.20. The latest Chelsio T3 Ethernet driver patch can be pulled from: http://service.chelsio.com/kernel.org/cxgb3.patch.bz2 A complete GIT kernel tree with all the T3 drivers can be pulled from: git://staging.openfabrics.org/~swise/cxgb3.git Thanks, Steve. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH v4 13/13] Kconfig/Makefile
Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/Kconfig |1 + drivers/infiniband/Makefile |1 + drivers/infiniband/hw/cxgb3/Kconfig | 27 +++ drivers/infiniband/hw/cxgb3/Makefile | 12 4 files changed, 41 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/Kconfig b/drivers/infiniband/Kconfig index 59b3932..06453ab 100644 --- a/drivers/infiniband/Kconfig +++ b/drivers/infiniband/Kconfig @@ -38,6 +38,7 @@ source drivers/infiniband/hw/mthca/Kcon source drivers/infiniband/hw/ipath/Kconfig source drivers/infiniband/hw/ehca/Kconfig source drivers/infiniband/hw/amso1100/Kconfig +source drivers/infiniband/hw/cxgb3/Kconfig source drivers/infiniband/ulp/ipoib/Kconfig diff --git a/drivers/infiniband/Makefile b/drivers/infiniband/Makefile index 570b30a..69bdd55 100644 --- a/drivers/infiniband/Makefile +++ b/drivers/infiniband/Makefile @@ -3,6 +3,7 @@ obj-$(CONFIG_INFINIBAND_MTHCA) += hw/mt obj-$(CONFIG_INFINIBAND_IPATH) += hw/ipath/ obj-$(CONFIG_INFINIBAND_EHCA) += hw/ehca/ obj-$(CONFIG_INFINIBAND_AMSO1100) += hw/amso1100/ +obj-$(CONFIG_INFINIBAND_CXGB3) += hw/cxgb3/ obj-$(CONFIG_INFINIBAND_IPOIB) += ulp/ipoib/ obj-$(CONFIG_INFINIBAND_SRP) += ulp/srp/ obj-$(CONFIG_INFINIBAND_ISER) += ulp/iser/ diff --git a/drivers/infiniband/hw/cxgb3/Kconfig b/drivers/infiniband/hw/cxgb3/Kconfig new file mode 100644 index 000..d3db264 --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/Kconfig @@ -0,0 +1,27 @@ +config INFINIBAND_CXGB3 + tristate Chelsio RDMA Driver + depends on CHELSIO_T3 INFINIBAND + select GENERIC_ALLOCATOR + ---help--- + This is an iWARP/RDMA driver for the Chelsio T3 1GbE and + 10GbE adapters. + + For general information about Chelsio and our products, visit + our website at http://www.chelsio.com. + + For customer support, please visit our customer support page at + http://www.chelsio.com/support.htm. + + Please send feedback to [EMAIL PROTECTED]. + + To compile this driver as a module, choose M here: the module + will be called iw_cxgb3. + +config INFINIBAND_CXGB3_DEBUG + bool Verbose debugging output + depends on INFINIBAND_CXGB3 + default n + ---help--- + This option causes the Chelsio RDMA driver to produce copious + amounts of debug messages. Select this if you are developing + the driver or trying to diagnose a problem. diff --git a/drivers/infiniband/hw/cxgb3/Makefile b/drivers/infiniband/hw/cxgb3/Makefile new file mode 100644 index 000..7a89f6d --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/Makefile @@ -0,0 +1,12 @@ +EXTRA_CFLAGS += -I$(TOPDIR)/drivers/net/cxgb3 \ + -I$(TOPDIR)/drivers/infiniband/hw/cxgb3/core + +obj-$(CONFIG_INFINIBAND_CXGB3) += iw_cxgb3.o + +iw_cxgb3-y := iwch_cm.o iwch_ev.o iwch_cq.o iwch_qp.o iwch_mem.o \ + iwch_provider.o iwch.o core/cxio_hal.o core/cxio_resource.o + +ifdef CONFIG_INFINIBAND_CXGB3_DEBUG +EXTRA_CFLAGS += -DDEBUG -g +iw_cxgb3-y += core/cxio_dbg.o +endif - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH v4 12/13] Core Debug functions
Debug code to dump various data structs, some of which are in adapter memory. Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/hw/cxgb3/core/cxio_dbg.c | 205 +++ 1 files changed, 205 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/hw/cxgb3/core/cxio_dbg.c b/drivers/infiniband/hw/cxgb3/core/cxio_dbg.c new file mode 100644 index 000..22f4f75 --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/core/cxio_dbg.c @@ -0,0 +1,205 @@ +/* + * Copyright (c) 2006 Chelsio, Inc. All rights reserved. + * Copyright (c) 2006 Open Grid Computing, Inc. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + *copyright notice, this list of conditions and the following + *disclaimer. + * + * - Redistributions in binary form must reproduce the above + *copyright notice, this list of conditions and the following + *disclaimer in the documentation and/or other materials + *provided with the distribution. + * + * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +#ifdef DEBUG +#include linux/types.h +#include common.h +#include cxgb3_ioctl.h +#include cxio_hal.h +#include cxio_wr.h + +void cxio_dump_tpt(struct cxio_rdev *rdev, u32 stag) +{ + struct ch_mem_range *m; + u64 *data; + int rc; + int size = 32; + + m = kmalloc(sizeof(*m) + size, GFP_ATOMIC); + if (!m) { + PDBG(%s couldn't allocate memory.\n, __FUNCTION__); + return; + } + m-mem_id = MEM_PMRX; + m-addr = (stag8) * 32 + rdev-rnic_info.tpt_base; + m-len = size; + PDBG(%s TPT addr 0x%x len %d\n, __FUNCTION__, m-addr, m-len); + rc = rdev-t3cdev_p-ctl(rdev-t3cdev_p, RDMA_GET_MEM, m); + if (rc) { + PDBG(%s toectl returned error %d\n, __FUNCTION__, rc); + kfree(m); + return; + } + + data = (u64 *)m-buf; + while (size 0) { + PDBG(TPT %08x: %016llx\n, m-addr, (u64)*data); + size -= 8; + data++; + m-addr += 8; + } + kfree(m); +} + +void cxio_dump_pbl(struct cxio_rdev *rdev, u32 pbl_addr, uint len, u8 shift) +{ + struct ch_mem_range *m; + u64 *data; + int rc; + int size, npages; + + shift += 12; + npages = (len + (1ULL shift) - 1) shift; + size = npages * sizeof(u64); + + m = kmalloc(sizeof(*m) + size, GFP_ATOMIC); + if (!m) { + PDBG(%s couldn't allocate memory.\n, __FUNCTION__); + return; + } + m-mem_id = MEM_PMRX; + m-addr = pbl_addr; + m-len = size; + PDBG(%s PBL addr 0x%x len %d depth %d\n, + __FUNCTION__, m-addr, m-len, npages); + rc = rdev-t3cdev_p-ctl(rdev-t3cdev_p, RDMA_GET_MEM, m); + if (rc) { + PDBG(%s toectl returned error %d\n, __FUNCTION__, rc); + kfree(m); + return; + } + + data = (u64 *)m-buf; + while (size 0) { + PDBG(PBL %08x: %016llx\n, m-addr, (u64)*data); + size -= 8; + data++; + m-addr += 8; + } + kfree(m); +} + +void cxio_dump_wqe(union t3_wr *wqe) +{ + __be64 *data = (__be64 *)wqe; + uint size = (uint)(be64_to_cpu(*data) 0xff); + + if (size == 0) + size = 8; + while (size 0) { + PDBG(WQE %p: %016llx\n, data, be64_to_cpu(*data)); + size--; + data++; + } +} + +void cxio_dump_wce(struct t3_cqe *wce) +{ + __be64 *data = (__be64 *)wce; + int size = sizeof(*wce); + + while (size 0) { + PDBG(WCE %p: %016llx\n, data, be64_to_cpu(*data)); + size -= 8; + data++; + } +} + +void cxio_dump_rqt(struct cxio_rdev *rdev, u32 hwtid, int nents) +{ + struct ch_mem_range *m; + int size = nents * 64; + u64 *data; + int rc; + + m = kmalloc(sizeof(*m) + size,
[PATCH v4 10/13] Core HAL
The RDMA Core interfaces with the T3 HW and ULLD providing a low level RDMA interface. Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/hw/cxgb3/core/cxio_hal.c | 1302 +++ drivers/infiniband/hw/cxgb3/core/cxio_hal.h | 201 2 files changed, 1503 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/hw/cxgb3/core/cxio_hal.c b/drivers/infiniband/hw/cxgb3/core/cxio_hal.c new file mode 100644 index 000..ffc4ec0 --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/core/cxio_hal.c @@ -0,0 +1,1302 @@ +/* + * Copyright (c) 2006 Chelsio, Inc. All rights reserved. + * Copyright (c) 2006 Open Grid Computing, Inc. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + *copyright notice, this list of conditions and the following + *disclaimer. + * + * - Redistributions in binary form must reproduce the above + *copyright notice, this list of conditions and the following + *disclaimer in the documentation and/or other materials + *provided with the distribution. + * + * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +#include asm/semaphore.h +#include asm/delay.h + +#include linux/netdevice.h +#include linux/sched.h +#include linux/spinlock.h +#include linux/pci.h + +#include cxio_resource.h +#include cxio_hal.h +#include cxgb3_offload.h +#include sge_defs.h + +static struct cxio_rdev *rdev_tbl[T3_MAX_NUM_RNIC]; +static cxio_hal_ev_callback_func_t cxio_ev_cb = NULL; + +static inline struct cxio_rdev *cxio_hal_find_rdev_by_name(char *dev_name) +{ + int i; + for (i = 0; i T3_MAX_NUM_RNIC; i++) + if (rdev_tbl[i]) + if (!strcmp(rdev_tbl[i]-dev_name, dev_name)) + return rdev_tbl[i]; + return NULL; +} + +static inline struct cxio_rdev *cxio_hal_find_rdev_by_t3cdev(struct t3cdev +*tdev) +{ + int i; + for (i = 0; i T3_MAX_NUM_RNIC; i++) + if (rdev_tbl[i]) + if (rdev_tbl[i]-t3cdev_p == tdev) + return rdev_tbl[i]; + return NULL; +} + +static inline int cxio_hal_add_rdev(struct cxio_rdev *rdev_p) +{ + int i; + for (i = 0; i T3_MAX_NUM_RNIC; i++) + if (!rdev_tbl[i]) { + rdev_tbl[i] = rdev_p; + break; + } + return (i == T3_MAX_NUM_RNIC); +} + +static inline void cxio_hal_delete_rdev(struct cxio_rdev *rdev_p) +{ + int i; + for (i = 0; i T3_MAX_NUM_RNIC; i++) + if (rdev_tbl[i] == rdev_p) { + rdev_tbl[i] = NULL; + break; + } +} + +int cxio_hal_cq_op(struct cxio_rdev *rdev_p, struct t3_cq *cq, + enum t3_cq_opcode op, u32 credit) +{ + int ret; + struct t3_cqe *cqe; + u32 rptr; + + struct rdma_cq_op setup; + setup.id = cq-cqid; + setup.credits = (op == CQ_CREDIT_UPDATE) ? credit : 0; + setup.op = op; + ret = rdev_p-t3cdev_p-ctl(rdev_p-t3cdev_p, RDMA_CQ_OP, setup); + + if ((ret 0) || (op == CQ_CREDIT_UPDATE)) + return ret; + + /* +* If the rearm returned an index other than our current index, +* then there might be CQE's in flight (being DMA'd). We must wait +* here for them to complete or the consumer can miss a notification. +*/ + if (Q_PTR2IDX((cq-rptr), cq-size_log2) != ret) { + int i=0; + + rptr = cq-rptr; + + /* +* Keep the generation correct by bumping rptr until it +* matches the index returned by the rearm - 1. +*/ + while (Q_PTR2IDX((rptr+1), cq-size_log2) != ret) + rptr++; + + /* +* Now rptr is the index for the (last) cqe that was +* in-flight at the time the HW rearmed the CQ. We
[PATCH v4 01/13] Linux RDMA Core Changes
Support provider-specific data in ib_uverbs_cmd_req_notify_cq(). The Chelsio iwarp provider library needs to pass information to the kernel verb for re-arming the CQ. Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/core/uverbs_cmd.c |9 +++-- drivers/infiniband/hw/amso1100/c2.h |2 +- drivers/infiniband/hw/amso1100/c2_cq.c|3 ++- drivers/infiniband/hw/ehca/ehca_iverbs.h |3 ++- drivers/infiniband/hw/ehca/ehca_reqs.c|3 ++- drivers/infiniband/hw/ipath/ipath_cq.c|4 +++- drivers/infiniband/hw/ipath/ipath_verbs.h |3 ++- drivers/infiniband/hw/mthca/mthca_cq.c|6 -- drivers/infiniband/hw/mthca/mthca_dev.h |4 ++-- include/rdma/ib_verbs.h |5 +++-- 10 files changed, 28 insertions(+), 14 deletions(-) diff --git a/drivers/infiniband/core/uverbs_cmd.c b/drivers/infiniband/core/uverbs_cmd.c index 743247e..5dd1de9 100644 --- a/drivers/infiniband/core/uverbs_cmd.c +++ b/drivers/infiniband/core/uverbs_cmd.c @@ -959,6 +959,7 @@ ssize_t ib_uverbs_req_notify_cq(struct i int out_len) { struct ib_uverbs_req_notify_cq cmd; + struct ib_udata udata; struct ib_cq *cq; if (copy_from_user(cmd, buf, sizeof cmd)) @@ -968,8 +969,12 @@ ssize_t ib_uverbs_req_notify_cq(struct i if (!cq) return -EINVAL; - ib_req_notify_cq(cq, cmd.solicited_only ? -IB_CQ_SOLICITED : IB_CQ_NEXT_COMP); + INIT_UDATA(udata, buf + sizeof cmd, 0, + in_len - sizeof cmd, 0); + + cq-device-req_notify_cq(cq, cmd.solicited_only ? + IB_CQ_SOLICITED : IB_CQ_NEXT_COMP, + udata); put_cq_read(cq); diff --git a/drivers/infiniband/hw/amso1100/c2.h b/drivers/infiniband/hw/amso1100/c2.h index 04a9db5..9a76869 100644 --- a/drivers/infiniband/hw/amso1100/c2.h +++ b/drivers/infiniband/hw/amso1100/c2.h @@ -519,7 +519,7 @@ extern void c2_free_cq(struct c2_dev *c2 extern void c2_cq_event(struct c2_dev *c2dev, u32 mq_index); extern void c2_cq_clean(struct c2_dev *c2dev, struct c2_qp *qp, u32 mq_index); extern int c2_poll_cq(struct ib_cq *ibcq, int num_entries, struct ib_wc *entry); -extern int c2_arm_cq(struct ib_cq *ibcq, enum ib_cq_notify notify); +extern int c2_arm_cq(struct ib_cq *ibcq, enum ib_cq_notify notify, struct ib_udata *udata); /* CM */ extern int c2_llp_connect(struct iw_cm_id *cm_id, diff --git a/drivers/infiniband/hw/amso1100/c2_cq.c b/drivers/infiniband/hw/amso1100/c2_cq.c index 05c9154..7ce8bca 100644 --- a/drivers/infiniband/hw/amso1100/c2_cq.c +++ b/drivers/infiniband/hw/amso1100/c2_cq.c @@ -217,7 +217,8 @@ int c2_poll_cq(struct ib_cq *ibcq, int n return npolled; } -int c2_arm_cq(struct ib_cq *ibcq, enum ib_cq_notify notify) +int c2_arm_cq(struct ib_cq *ibcq, enum ib_cq_notify notify, + struct ib_udata *udata) { struct c2_mq_shared __iomem *shared; struct c2_cq *cq; diff --git a/drivers/infiniband/hw/ehca/ehca_iverbs.h b/drivers/infiniband/hw/ehca/ehca_iverbs.h index 3720e30..566b30c 100644 --- a/drivers/infiniband/hw/ehca/ehca_iverbs.h +++ b/drivers/infiniband/hw/ehca/ehca_iverbs.h @@ -135,7 +135,8 @@ int ehca_poll_cq(struct ib_cq *cq, int n int ehca_peek_cq(struct ib_cq *cq, int wc_cnt); -int ehca_req_notify_cq(struct ib_cq *cq, enum ib_cq_notify cq_notify); +int ehca_req_notify_cq(struct ib_cq *cq, enum ib_cq_notify cq_notify, + struct ib_udata *udata); struct ib_qp *ehca_create_qp(struct ib_pd *pd, struct ib_qp_init_attr *init_attr, diff --git a/drivers/infiniband/hw/ehca/ehca_reqs.c b/drivers/infiniband/hw/ehca/ehca_reqs.c index b46bda1..3ed6992 100644 --- a/drivers/infiniband/hw/ehca/ehca_reqs.c +++ b/drivers/infiniband/hw/ehca/ehca_reqs.c @@ -634,7 +634,8 @@ poll_cq_exit0: return ret; } -int ehca_req_notify_cq(struct ib_cq *cq, enum ib_cq_notify cq_notify) +int ehca_req_notify_cq(struct ib_cq *cq, enum ib_cq_notify cq_notify, + struct ib_udata *udata) { struct ehca_cq *my_cq = container_of(cq, struct ehca_cq, ib_cq); diff --git a/drivers/infiniband/hw/ipath/ipath_cq.c b/drivers/infiniband/hw/ipath/ipath_cq.c index 87462e0..27ba4db 100644 --- a/drivers/infiniband/hw/ipath/ipath_cq.c +++ b/drivers/infiniband/hw/ipath/ipath_cq.c @@ -307,13 +307,15 @@ int ipath_destroy_cq(struct ib_cq *ibcq) * ipath_req_notify_cq - change the notification type for a completion queue * @ibcq: the completion queue * @notify: the type of notification to request + * @udata: user data * * Returns 0 for success. * * This may be called from interrupt context. Also called by * ib_req_notify_cq() in the generic verbs code. */ -int ipath_req_notify_cq(struct ib_cq *ibcq, enum ib_cq_notify notify) +int ipath_req_notify_cq(struct ib_cq
[PATCH v4 08/13] Memory Registration
Functions to register memory regions. Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/hw/cxgb3/iwch_mem.c | 170 1 files changed, 170 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/hw/cxgb3/iwch_mem.c b/drivers/infiniband/hw/cxgb3/iwch_mem.c new file mode 100644 index 000..774d11e --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/iwch_mem.c @@ -0,0 +1,170 @@ +/* + * Copyright (c) 2006 Chelsio, Inc. All rights reserved. + * Copyright (c) 2006 Open Grid Computing, Inc. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + *copyright notice, this list of conditions and the following + *disclaimer. + * + * - Redistributions in binary form must reproduce the above + *copyright notice, this list of conditions and the following + *disclaimer in the documentation and/or other materials + *provided with the distribution. + * + * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +#include asm/byteorder.h + +#include rdma/iw_cm.h +#include rdma/ib_verbs.h + +#include cxio_hal.h +#include iwch.h +#include iwch_provider.h + +int iwch_register_mem(struct iwch_dev *rhp, struct iwch_pd *php, + struct iwch_mr *mhp, + int shift, + __be64 *page_list) +{ + u32 stag; + u32 mmid; + + + if (cxio_register_phys_mem(rhp-rdev, + stag, mhp-attr.pdid, + mhp-attr.perms, + mhp-attr.zbva, + mhp-attr.va_fbo, + mhp-attr.len, + shift-12, + page_list, + mhp-attr.pbl_size, mhp-attr.pbl_addr)) + return -ENOMEM; + mhp-attr.state = 1; + mhp-attr.stag = stag; + mmid = stag 8; + mhp-ibmr.rkey = mhp-ibmr.lkey = stag; + insert_handle(rhp, rhp-mmidr, mhp, mmid); + PDBG(%s mmid 0x%x mhp %p\n, __FUNCTION__, mmid, mhp); + return 0; +} + +int iwch_reregister_mem(struct iwch_dev *rhp, struct iwch_pd *php, + struct iwch_mr *mhp, + int shift, + __be64 *page_list, + int npages) +{ + u32 stag; + u32 mmid; + + + /* We could support this... */ + if (npages mhp-attr.pbl_size) + return -ENOMEM; + + stag = mhp-attr.stag; + if (cxio_reregister_phys_mem(rhp-rdev, + stag, mhp-attr.pdid, + mhp-attr.perms, + mhp-attr.zbva, + mhp-attr.va_fbo, + mhp-attr.len, + shift-12, + page_list, + mhp-attr.pbl_size, mhp-attr.pbl_addr)) + return -ENOMEM; + mhp-attr.state = 1; + mhp-attr.stag = stag; + mmid = stag 8; + mhp-ibmr.rkey = mhp-ibmr.lkey = stag; + insert_handle(rhp, rhp-mmidr, mhp, mmid); + PDBG(%s mmid 0x%x mhp %p\n, __FUNCTION__, mmid, mhp); + return 0; +} + +int build_phys_page_list(struct ib_phys_buf *buffer_list, + int num_phys_buf, + u64 *iova_start, + u64 *total_size, + int *npages, + int *shift, + __be64 **page_list) +{ + u64 mask; + int i, j, n; + + mask = 0; + *total_size = 0; + for (i = 0; i num_phys_buf; ++i) { + if (i != 0 buffer_list[i].addr ~PAGE_MASK) +
[PATCH v4 09/13] Core WQE/CQE Types
T3 WQE and CQE structures, defines, etc... Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/hw/cxgb3/core/cxio_wr.h | 685 1 files changed, 685 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/hw/cxgb3/core/cxio_wr.h b/drivers/infiniband/hw/cxgb3/core/cxio_wr.h new file mode 100644 index 000..45870be --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/core/cxio_wr.h @@ -0,0 +1,685 @@ +/* + * Copyright (c) 2006 Chelsio, Inc. All rights reserved. + * Copyright (c) 2006 Open Grid Computing, Inc. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + *copyright notice, this list of conditions and the following + *disclaimer. + * + * - Redistributions in binary form must reproduce the above + *copyright notice, this list of conditions and the following + *disclaimer in the documentation and/or other materials + *provided with the distribution. + * + * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +#ifndef __CXIO_WR_H__ +#define __CXIO_WR_H__ + +#include asm/io.h +#include linux/pci.h +#include linux/timer.h +#include firmware_exports.h + +#define T3_MAX_SGE 4 + +#define Q_EMPTY(rptr,wptr) ((rptr)==(wptr)) +#define Q_FULL(rptr,wptr,size_log2) ( (((wptr)-(rptr))(size_log2)) \ + ((rptr)!=(wptr)) ) +#define Q_GENBIT(ptr,size_log2) (!(((ptr)size_log2)0x1)) +#define Q_FREECNT(rptr,wptr,size_log2) ((1ULsize_log2)-((wptr)-(rptr))) +#define Q_COUNT(rptr,wptr) ((wptr)-(rptr)) +#define Q_PTR2IDX(ptr,size_log2) (ptr ((1ULsize_log2)-1)) + +static inline void ring_doorbell(void __iomem *doorbell, u32 qpid) +{ + writel(((131) | qpid), doorbell); +} + +#define SEQ32_GE(x,y) (!( (((u32) (x)) - ((u32) (y))) 0x8000 )) + +enum t3_wr_flags { + T3_COMPLETION_FLAG = 0x01, + T3_NOTIFY_FLAG = 0x02, + T3_SOLICITED_EVENT_FLAG = 0x04, + T3_READ_FENCE_FLAG = 0x08, + T3_LOCAL_FENCE_FLAG = 0x10 +} __attribute__ ((packed)); + +enum t3_wr_opcode { + T3_WR_BP = FW_WROPCODE_RI_BYPASS, + T3_WR_SEND = FW_WROPCODE_RI_SEND, + T3_WR_WRITE = FW_WROPCODE_RI_RDMA_WRITE, + T3_WR_READ = FW_WROPCODE_RI_RDMA_READ, + T3_WR_INV_STAG = FW_WROPCODE_RI_LOCAL_INV, + T3_WR_BIND = FW_WROPCODE_RI_BIND_MW, + T3_WR_RCV = FW_WROPCODE_RI_RECEIVE, + T3_WR_INIT = FW_WROPCODE_RI_RDMA_INIT, + T3_WR_QP_MOD = FW_WROPCODE_RI_MODIFY_QP +} __attribute__ ((packed)); + +enum t3_rdma_opcode { + T3_RDMA_WRITE, /* IETF RDMAP v1.0 ... */ + T3_READ_REQ, + T3_READ_RESP, + T3_SEND, + T3_SEND_WITH_INV, + T3_SEND_WITH_SE, + T3_SEND_WITH_SE_INV, + T3_TERMINATE, + T3_RDMA_INIT, /* CHELSIO RI specific ... */ + T3_BIND_MW, + T3_FAST_REGISTER, + T3_LOCAL_INV, + T3_QP_MOD, + T3_BYPASS +} __attribute__ ((packed)); + +static inline enum t3_rdma_opcode wr2opcode(enum t3_wr_opcode wrop) +{ + switch (wrop) { + case T3_WR_BP: return T3_BYPASS; + case T3_WR_SEND: return T3_SEND; + case T3_WR_WRITE: return T3_RDMA_WRITE; + case T3_WR_READ: return T3_READ_REQ; + case T3_WR_INV_STAG: return T3_LOCAL_INV; + case T3_WR_BIND: return T3_BIND_MW; + case T3_WR_INIT: return T3_RDMA_INIT; + case T3_WR_QP_MOD: return T3_QP_MOD; + default: break; + } + return -1; +} + + +/* Work request id */ +union t3_wrid { + struct { + u32 hi; + u32 low; + } id0; + u64 id1; +}; + +#define WRID(wrid) (wrid.id1) +#define WRID_GEN(wrid) (wrid.id0.wr_gen) +#define WRID_IDX(wrid) (wrid.id0.wr_idx) +#define WRID_LO(wrid) (wrid.id0.wr_lo) + +struct fw_riwrh { + __be32 op_seop_flags; + __be32 gen_tid_len; +}; + +#define S_FW_RIWR_OP 24 +#define M_FW_RIWR_OP 0xff +#define V_FW_RIWR_OP(x)
[PATCH v4 11/13] Core Resource Allocation
Core functions to carve up adapter memory, stag, qp, and cq IDs. Signed-off-by: Steve Wise [EMAIL PROTECTED] --- drivers/infiniband/hw/cxgb3/core/cxio_resource.c | 331 ++ drivers/infiniband/hw/cxgb3/core/cxio_resource.h | 70 + 2 files changed, 401 insertions(+), 0 deletions(-) diff --git a/drivers/infiniband/hw/cxgb3/core/cxio_resource.c b/drivers/infiniband/hw/cxgb3/core/cxio_resource.c new file mode 100644 index 000..444df15 --- /dev/null +++ b/drivers/infiniband/hw/cxgb3/core/cxio_resource.c @@ -0,0 +1,331 @@ +/* + * Copyright (c) 2006 Chelsio, Inc. All rights reserved. + * Copyright (c) 2006 Open Grid Computing, Inc. All rights reserved. + * + * This software is available to you under a choice of one of two + * licenses. You may choose to be licensed under the terms of the GNU + * General Public License (GPL) Version 2, available from the file + * COPYING in the main directory of this source tree, or the + * OpenIB.org BSD license below: + * + * Redistribution and use in source and binary forms, with or + * without modification, are permitted provided that the following + * conditions are met: + * + * - Redistributions of source code must retain the above + *copyright notice, this list of conditions and the following + *disclaimer. + * + * - Redistributions in binary form must reproduce the above + *copyright notice, this list of conditions and the following + *disclaimer in the documentation and/or other materials + *provided with the distribution. + * + * THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ +/* Crude resource management */ +#include linux/kernel.h +#include linux/random.h +#include linux/slab.h +#include linux/kfifo.h +#include linux/spinlock.h +#include linux/errno.h +#include cxio_resource.h +#include cxio_hal.h + +static struct kfifo *rhdl_fifo; +static spinlock_t rhdl_fifo_lock; + +#define RANDOM_SIZE 16 + +static int __cxio_init_resource_fifo(struct kfifo **fifo, + spinlock_t *fifo_lock, + u32 nr, u32 skip_low, + u32 skip_high, + int random) +{ + u32 i, j, entry = 0, idx; + u32 random_bytes; + u32 rarray[16]; + spin_lock_init(fifo_lock); + + *fifo = kfifo_alloc(nr * sizeof(u32), GFP_KERNEL, fifo_lock); + if (IS_ERR(*fifo)) + return -ENOMEM; + + for (i = 0; i skip_low + skip_high; i++) + __kfifo_put(*fifo, (unsigned char *) entry, sizeof(u32)); + if (random) { + j = 0; + random_bytes = random32(); + for (i = 0; i RANDOM_SIZE; i++) + rarray[i] = i + skip_low; + for (i = skip_low + RANDOM_SIZE; i nr - skip_high; i++) { + if (j = RANDOM_SIZE) { + j = 0; + random_bytes = random32(); + } + idx = (random_bytes (j * 2)) 0xF; + __kfifo_put(*fifo, + (unsigned char *) rarray[idx], + sizeof(u32)); + rarray[idx] = i; + j++; + } + for (i = 0; i RANDOM_SIZE; i++) + __kfifo_put(*fifo, + (unsigned char *) rarray[i], + sizeof(u32)); + } else + for (i = skip_low; i nr - skip_high; i++) + __kfifo_put(*fifo, (unsigned char *) i, sizeof(u32)); + + for (i = 0; i skip_low + skip_high; i++) + kfifo_get(*fifo, (unsigned char *) entry, sizeof(u32)); + return 0; +} + +static int cxio_init_resource_fifo(struct kfifo **fifo, spinlock_t * fifo_lock, + u32 nr, u32 skip_low, u32 skip_high) +{ + return (__cxio_init_resource_fifo(fifo, fifo_lock, nr, skip_low, + skip_high, 0)); +} + +static int cxio_init_resource_fifo_random(struct kfifo **fifo, + spinlock_t * fifo_lock, + u32 nr, u32 skip_low, u32 skip_high) +{ + + return (__cxio_init_resource_fifo(fifo, fifo_lock, nr, skip_low, + skip_high, 1)); +} + +static int cxio_init_qpid_fifo(struct cxio_rdev *rdev_p) +{ + u32 i;
Re: [PATCH 2.6.19-git19] BUG due to bad argument to ieee80211softmac_assoc_work
On Wed, 2006-12-13 at 13:17 -0500, Michael Bommarito wrote: Attached is a patch that fixes this (the actual change is two lines but context provided in patch for review). The dmesg containing call trace is attached to the bugzilla entry above. You forgot to attach the patch but IIRC it's been found and fixed already. johannes signature.asc Description: This is a digitally signed message part