Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Commits on May 1, 2006
  1. @gregkh

    Linux 2.6.16.12

    gregkh authored
  2. @gregkh

    [PATCH] i386: fix broken FP exception handling

    Chuck Ebbert authored gregkh committed
    The FXSAVE information leak patch introduced a bug in FP exception
    handling: it clears FP exceptions only when there are already
    none outstanding.  Mikael Pettersson reported that causes problems
    with the Erlang runtime and has tested this fix.
    
    Signed-off-by: Chuck Ebbert <76306.1226@compuserve.com>
    Acked-by: Mikael Pettersson <mikpe@it.uu.se>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  3. @treese @gregkh

    [PATCH] MIPS: Fix branch emulation for floating-point exceptions.

    treese authored gregkh committed
    In the branch emulation for floating-point exceptions, __compute_return_epc
    must determine for bc1f et al which condition code bit to test. This is
    based on bits <4:2> of the rt field. The switch statement to distinguish
    bc1f et al needs to use only the two low bits of rt, but the old code tests
    on the whole rt field.  This patch masks off the proper bits.
    
    Signed-off-by: Win Treese <treese@acm.org>
    Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  4. @gregkh

    [PATCH] MIPS: Fix tx49_blast_icache32_page_indexed.

    Atsushi Nemoto authored gregkh committed
    Fix the cache index value in tx49_blast_icache32_page_indexed().
    This is damage by de62893 commit.
    
    Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
    Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  5. @ralfbaechle @gregkh

    [PATCH] MIPS: R2 build fixes for gcc < 3.4.

    ralfbaechle authored gregkh committed
    Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  6. @ralfbaechle @gregkh

    [PATCH] MIPS: Use "R" constraint for cache_op.

    ralfbaechle authored gregkh committed
    Gcc might emit an absolute address for the the "m" constraint which
    gas unfortunately does not permit.
    
    Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  7. @sofar @gregkh

    [PATCH] NET: e1000: Update truesize with the length of the packet for…

    sofar authored gregkh committed
    … packet split
    
    Update skb with the real packet size.
    
    Signed-off-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
    Signed-off-by: Auke Kok <auke-jan.h.kok@intel.com>
    Signed-off-by: John Ronciak <john.ronciak@intel.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  8. @gregkh

    [PATCH] x86/PAE: Fix pte_clear for the >4GB RAM case

    Zachary Amsden authored gregkh committed
    Proposed fix for ptep_get_and_clear_full PAE bug.  Pte_clear had the same bug,
    so use the same fix for both.  Turns out pmd_clear had it as well, but pgds
    are not affected.
    
    The problem is rather intricate.  Page table entries in PAE mode are 64-bits
    wide, but the only atomic 8-byte write operation available in 32-bit mode is
    cmpxchg8b, which is expensive (at least on P4), and thus avoided.  But it can
    happen that the processor may prefetch entries into the TLB in the middle of an
    operation which clears a page table entry.  So one must always clear the P-bit
    in the low word of the page table entry first when clearing it.
    
    Since the sequence *ptep = __pte(0) leaves the order of the write dependent on
    the compiler, it must be coded explicitly as a clear of the low word followed
    by a clear of the high word.  Further, there must be a write memory barrier
    here to enforce proper ordering by the compiler (and, in the future, by the
    processor as well).
    
    On > 4GB memory machines, the implementation of pte_clear for PAE was clearly
    deficient, as it could leave virtual mappings of physical memory above 4GB
    aliased to memory below 4GB in the TLB.  The implementation of
    ptep_get_and_clear_full has a similar bug, although not nearly as likely to
    occur, since the mappings being cleared are in the process of being destroyed,
    and should never be dereferenced again.
    
    But, as luck would have it, it is possible to trigger bugs even without ever
    dereferencing these bogus TLB mappings, even if the clear is followed fairly
    soon after with a TLB flush or invalidation.  The problem is that memory above
    4GB may now be aliased into the first 4GB of memory, and in fact, may hit a
    region of memory with non-memory semantics.  These regions include AGP and PCI
    space.  As such, these memory regions are not cached by the processor.  This
    introduces the bug.
    
    The processor can speculate memory operations, including memory writes, as long
    as they are committed with the proper ordering.  Speculating a memory write to
    a linear address that has a bogus TLB mapping is possible.  Normally, the
    speculation is harmless.  But for cached memory, it does leave the falsely
    speculated cacheline unmodified, but in a dirty state.  This cache line will be
    eventually written back.  If this cacheline happens to intersect a region of
    memory that is not protected by the cache coherency protocol, it can corrupt
    data in I/O memory, which is generally a very bad thing to do, and can cause
    total system failure or just plain undefined behavior.
    
    These bugs are extremely unlikely, but the severity is of such magnitude, and
    the fix so simple that I think fixing them immediately is justified.  Also,
    they are nearly impossible to debug.
    
    Signed-off-by: Zachary Amsden <zach@vmware.com>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  9. @gregkh

    [PATCH] LSM: add missing hook to do_compat_readv_writev()

    James Morris authored gregkh committed
    This patch addresses a flaw in LSM, where there is no mediation of readv()
    and writev() in for 32-bit compatible apps using a 64-bit kernel.
    
    This bug was discovered and fixed initially in the native readv/writev
    code [1], but was not fixed in the compat code.  Thanks to Al for spotting
    this one.
    
      [1] http://lwn.net/Articles/154282/
    
    Signed-off-by: James Morris <jmorris@namei.org>
    Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    Signed-off-by: Chris Wright <chrisw@sous-sol.org>
  10. @gregkh

    [PATCH] Alpha: strncpy() fix

    Ivan Kokshaysky authored gregkh committed
    As it turned out after recent SCSI changes, strncpy() was broken -
    it mixed up the return values from __stxncpy() in registers $24 and $27.
    
    Thanks to Mathieu Chouquet-Stringer for tracking down the problem
    and providing an excellent test case.
    
    Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  11. @gregkh

    [PATCH] Altix snsc: duplicate kobject fix

    Greg Howard authored gregkh committed
    Fix Altix system controller (snsc) device names to include the slot number
    of the blade whose associated system controller is the target of the device
    interface.  Including the slot number avoids a problem we're currently
    having where slots within the same enclosure are attempting to create
    multiple kobjects with identical names.
    
    Signed-off-by: Greg Howard <ghoward@sgi.com>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  12. @jankara @gregkh

    [PATCH] Fix reiserfs deadlock

    jankara authored gregkh committed
    reiserfs_cache_default_acl() should return whether we successfully found
    the acl or not.  We have to return correct value even if reiserfs_get_acl()
    returns error code and not just 0.  Otherwise callers such as
    reiserfs_mkdir() can unnecessarily lock the xattrs and later functions such
    as reiserfs_new_inode() fail to notice that we have already taken the lock
    and try to take it again with obvious consequences.
    
    Signed-off-by: Jan Kara <jack@suse.cz>
    Cc: <reiserfs-dev@namesys.com>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  13. @gregkh

    [PATCH] Simplify proc/devices and fix early termination regression

    Andrew Morton authored gregkh committed
    Repair /proc/devices early-termination regression.
    
    2.6.16 broke /proc/devices.  An application often gets an
    EOF before the end of data is reached, if that application
    uses a series of short read(2)s to access the data.  I have
    used read buffers of varying sizes with varying degrees
    of unsuccess (larger sizes get further into the data than
    smaller sizes, following a simple pattern).  It appears
    that the only safe way to get the data is to use a single
    read buffer larger than all the data in /proc/devices.
    
    The following example demonstates the problem:
    
        # dd if=/proc/devices bs=1
        Character devices:
          1 mem
        27+0 records in
        27+0 records out
    
    This patch is a backport of the fix recently accepted to
    Linus's tree:
    
        commit 68eef3b
        [PATCH] Simplify proc/devices and fix early termination regression
    
    It replaces the complex, state-machine algorithm introduced
    in 2.6.16 with a simple algorithm, modeled on the implementation
    of /proc/interrupts.
    
    [akpm@osdl.org: cleanups, simplifications]
    
    Signed-off-by: Joe Korty <joe.korty@ccur.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  14. @gregkh

    [PATCH] dm flush queue EINTR

    Jun'ichi Nomura authored gregkh committed
    If dm_suspend() is cancelled, bios already added to the deferred list need to
    be submitted.  Otherwise they remain 'in limbo' until there's a dm_resume().
    
    Signed-off-by: Jun'ichi Nomura <j-nomura@ce.jp.nec.com>
    Signed-off-by: Alasdair G Kergon <agk@redhat.com>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  15. @gregkh

    [PATCH] dm snapshot: fix kcopyd destructor

    Alasdair G Kergon authored gregkh committed
    Before removing a snapshot, wait for the completion of any kcopyd jobs using
    it.
    
    Do this by maintaining a count (nr_jobs) of how many outstanding jobs each
    kcopyd_client has.
    
    The snapshot destructor first unregisters the snapshot so that no new kcopyd
    jobs (created by writes to the origin) will reference that particular
    snapshot.  kcopyd_client_destroy() is now run next to wait for the completion
    of any outstanding jobs before the snapshot exception structures (that those
    jobs reference) are freed.
    
    Signed-off-by: Alasdair G Kergon <agk@redhat.com>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  16. @mkrufky @gregkh

    [PATCH] cxusb-bluebird: bug-fix: power down corrupts frontend

    mkrufky authored gregkh committed
    This patch prevents a bug where the frontend is unable to tune after waking
    from powered down state. Now, the device remains powered on until it is
    disconnected, just like the windows driver. It seems that the bluebird
    firmware is unable to successfully handle tuning after a powered down state.
    
    This patch fixes all of the FusionHDTV Bluebird USB2 devices. The Medion
    MD95700 will still behave as before, since it was unaffected by this bug.
    
    Signed-off-by: Michael Krufky <mkrufky@linuxtv.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  17. @gregkh

    [PATCH] fix saa7129 support in saa7127 module for pvr350 tv out

    Jose Alberto Reguero authored gregkh committed
    This patch fixes tv-out support for the newer model of
    the pvr350, which has a saa7129 instead of a saa7127
    video encoder.
    
    Signed-off-by: Jose Alberto Reguero <jareguero@telefonica.net>
    Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
    Signed-off-by: Hans Verkuil <hverkuil@xs4all.nl>
    Signed-off-by: Michael Krufky <mkrufky@linuxtv.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  18. @gregkh

    [PATCH] for_each_possible_cpu

    Andrew Morton authored gregkh committed
    Backport for_each_possible_cpu() into 2.6.16.  Fixes the alpha build, and any
    future occurrences.
    
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  19. @mkrufky @gregkh

    [PATCH] get_dvb_firmware: download nxt2002 firmware from new driver l…

    mkrufky authored gregkh committed
    …ocation
    
    BBTI has updated their driver, and removed the old one from their website.
    This patch updates the get_dvb_firmware script to download the firmware
    from the new driver location.
    
    Signed-off-by: Michael Krufky <mkrufky@linuxtv.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  20. @gregkh

    [PATCH] tipar oops fix

    Daniel Drake authored gregkh committed
    If compiled into the kernel, parport_register_driver() is called before the
    parport driver has been initalised.
    
    This means that it is expected that tp_count is 0 after the
    parport_register_driver() call() - tipar's attach function will not be
    called until later during bootup.
    
    Signed-off-by: Daniel Drake <dsd@gentoo.org>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  21. @SesterhennEric @gregkh

    [PATCH] USB: fix array overrun in drivers/usb/serial/option.c

    SesterhennEric authored gregkh committed
    since the arrays are declared as in_urbs[N_IN_URB]
    and out_urbs[N_OUT_URB] both for loops, go one
    over the end of the array. This fixes coverity id #555
    
    This patch was already included in Linus' tree.
    
    Signed-off-by: Eric Sesterhenn <snakebyte@gmx.de>
    Signed-off-by: Adrian Bunk <bunk@stusta.de>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  22. @gregkh

    [PATCH] x86_64: Fix a race in the free_iommu path.

    Mike Waychison authored gregkh committed
    We do this by removing a micro-optimization that tries to avoid grabbing
    the iommu_bitmap_lock spinlock and using a bus-locked operation.
    
    This still races with other simultaneous alloc_iommu or free_iommu(size
    > 1) which both use bus-unlocked operations.
    
    The end result of this race is eventually ending
    up with an iommu_gart_bitmap that has bits errornously set all over,
    making large contiguous iommu space allocations fail with 'PCI-DMA:
    Out of IOMMU space'.
    
    Signed-off-by: Mike Waychison <mikew@google.com>
    Signed-off-by: Andi Kleen <ak@suse.de>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  23. @gregkh

    [PATCH] x86_64: Pass -32 to the assembler when compiling the 32bit vs…

    Andi Kleen authored gregkh committed
    …yscall pages
    
    This quietens warnings and actually fixes a bug. The unwind tables would
    come out wrong without -32, causing pthread cancellation during them
    to crash in the gcc runtime.
    
    The problem seems to only happen with newer binutils
    (it doesn't happen with 2.16.91.0.2 but happens wit 2.16.91.0.5)
    
    Thanks to Brian Baker @ HP for test case and initial analysis.
    
    Cc: brian.b@hp.com
    
    Signed-off-by: Andi Kleen <ak@suse.de>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  24. @jibaron @gregkh

    [PATCH] make vm86 call audit_syscall_exit

    jibaron authored gregkh committed
    hi,
    
    The motivation behind the patch below was to address messages in
    /var/log/messages such as:
    
    Jan 31 10:54:15 mets kernel: audit(:0): major=252 name_count=0: freeing
    multiple contexts (1)
    Jan 31 10:54:15 mets kernel: audit(:0): major=113 name_count=0: freeing
    multiple contexts (2)
    
    I can reproduce by running 'get-edid' from:
    http://john.fremlin.de/programs/linux/read-edid/.
    
    These messages come about in the log b/c the vm86 calls do not exit via
    the normal system call exit paths and thus do not call
    'audit_syscall_exit'. The next system call will then free the context for
    itself and for the vm86 context, thus generating the above messages. This
    patch addresses the issue by simply adding a call to 'audit_syscall_exit'
    from the vm86 code.
    
    Besides fixing the above error messages the patch also now allows vm86
    system calls to become auditable. This is useful since strace does not
    appear to properly record the return values from sys_vm86.
    
    I think this patch is also a step in the right direction in terms of
    cleaning up some core auditing code. If we can correct any other paths
    that do not properly call the audit exit and entries points, then we can
    also eliminate the notion of context chaining.
    
    I've tested this patch by verifying that the log messages no longer
    appear, and that the audit records for sys_vm86 appear to be correct.
    Also, 'read_edid' produces itentical output.
    
    thanks,
    
    -Jason
    
    Signed-off-by: Jason Baron <jbaron@redhat.com>
    Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  25. @thayumanavar77 @gregkh

    [PATCH] cs5535_gpio.c: call cdev_del() during module_exit to unmap ko…

    thayumanavar77 authored gregkh committed
    …bject references and other cleanups
    
    During module unloading, cdev_del() must be called to unmap cdev related
    kobject references and other cleanups(such as inode->i_cdev being set to
    NULL) which prevents the OOPS upon subsequent loading, usage and unloading
    of modules(as seen in the mail thread
    http://marc.theaimsgroup.com/?l=linux-kernel&m=114533640609018&w=2).
    
    Also, remove unneeded test of gpio_base.
    
    Signed-off-by: Thayumanavar Sachithanantham <thayumk@gmail.com>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  26. @gregkh

    [PATCH] sonypi: correct detection of new ICH7-based laptops

    Arnaud MAZIN authored gregkh committed
    Add a test to detect the ICH7 based Core Duo SONY laptops (such as the SZ1)
    as type3 models.
    
    Signed-off-by: Arnaud MAZIN <arnaud.mazin@gmail.com>
    Acked-by: Stelian Pop <stelian@poppies.net>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Commits on Apr 24, 2006
  1. @gregkh

    Linux 2.6.16.11

    gregkh authored
  2. @gregkh

    [PATCH] Don't allow a backslash in a path component (CVE-2006-1863)

    Steve French authored gregkh committed
    Unless Posix paths have been negotiated, the backslash, "\", is not a valid
    character in a path component.
    
    Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
    Signed-off-by: Steve French  <sfrench@us.ibm.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  3. @gregkh

    Linux 2.6.16.10

    gregkh authored
  4. @gregkh

    [PATCH] IPC: access to unmapped vmalloc area in grow_ary()

    Alexey Kuznetsov authored gregkh committed
    grow_ary() should not copy struct ipc_id_ary (it copies new->p, not
    new). Due to this, memcpy() src pointer could hit unmapped vmalloc page
    when near page boundary.
    
    Found during OpenVZ stress testing
    
    Signed-off-by: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
    Signed-off-by: Kirill Korotaev <dev@openvz.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  5. @OGAWAHirofumi @gregkh

    [PATCH] Add more prevent_tail_call()

    OGAWAHirofumi authored gregkh committed
    Those also break userland regs like following.
    
       00000000 <sys_chown16>:
          0:	0f b7 44 24 0c       	movzwl 0xc(%esp),%eax
          5:	83 ca ff             	or     $0xffffffff,%edx
          8:	0f b7 4c 24 08       	movzwl 0x8(%esp),%ecx
          d:	66 83 f8 ff          	cmp    $0xffffffff,%ax
         11:	0f 44 c2             	cmove  %edx,%eax
         14:	66 83 f9 ff          	cmp    $0xffffffff,%cx
         18:	0f 45 d1             	cmovne %ecx,%edx
         1b:	89 44 24 0c          	mov    %eax,0xc(%esp)
         1f:	89 54 24 08          	mov    %edx,0x8(%esp)
         23:	e9 fc ff ff ff       	jmp    24 <sys_chown16+0x24>
    
    where the tailcall at the end overwrites the incoming stack-frame.
    
    Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  6. @gregkh

    [PATCH] alim15x3: ULI M-1573 south Bridge support

    KAI.HSU authored gregkh committed
    >From http://bugzilla.kernel.org/show_bug.cgi?id=6358
    
    The alim15x3.c havn't been update for 3 years.  Recently when we use this
    "ULI M1573" south bridge chip found that can't mount CDROM(VCD) smoothly,
    must waiting for a long time.  After I check the "ULI M1573" south bridge
    datasheet, I found the reason.  The reason is the "ULI M1573" version in
    the Linux is "0xC7" not "0xC4" anymore So I was modified the source than it
    was successed.
    
    Cc: Bartlomiej Zolnierkiewicz <B.Zolnierkiewicz@elka.pw.edu.pl>
    Acked-by: Alan Cox <alan@lxorguk.ukuu.org.uk>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  7. @sthibaul @gregkh

    [PATCH] apm: fix Armada laptops again

    sthibaul authored gregkh committed
    Fix the "apm: set display: Interface not engaged" error on Armada laptops
    again.
    
    Jordan said:
    
      I think this is fine.  It seems to me that this may be the fault of one or
      both of the APM solutions handling this situation in a non-standard way, but
      since APM is used very little on the Geode, and I have direct access to our
      BIOS folks, if this problem comes up with a customer again, we'll solve it
      from the firmware.
    
    Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
    Cc: "Jordan Crouse" <jordan.crouse@amd.com>
    Cc: Zachary Amsden <zach@vmware.com>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  8. @gregkh

    [PATCH] fbdev: Fix return error of fb_write

    Antonino A. Daplas authored gregkh committed
    Fix return code of fb_write():
    
    If at least 1 byte was transferred to the device, return number of bytes,
    otherwise:
    
        - return -EFBIG - if file offset is past the maximum allowable offset or
          size is greater than framebuffer length
        - return -ENOSPC - if size is greater than framebuffer length - offset
    
    Signed-off-by: Antonino Daplas <adaplas@pol.net>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  9. @gregkh

    [PATCH] Fix file lookup without ref

    Dipankar Sarma authored gregkh committed
    There are places in the kernel where we look up files in fd tables and
    access the file structure without holding refereces to the file.  So, we
    need special care to avoid the race between looking up files in the fd
    table and tearing down of the file in another CPU.  Otherwise, one might
    see a NULL f_dentry or such torn down version of the file.  This patch
    fixes those special places where such a race may happen.
    
    Signed-off-by: Dipankar Sarma <dipankar@in.ibm.com>
    Acked-by: "Paul E. McKenney" <paulmck@us.ibm.com>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Something went wrong with that request. Please try again.