Permalink
Commits on Jul 5, 2010
  1. Linux 2.6.34.1

    gregkh committed Jul 5, 2010
  2. parisc: clear floating point exception flag on SIGFPE signal

    commit 550f0d9 upstream.
    
    Clear the floating point exception flag before returning to
    user space. This is needed, else the libc trampoline handler
    may hit the same SIGFPE again while building up a trampoline
    to a signal handler.
    
    Fixes debian bug #559406.
    
    Signed-off-by: Helge Deller <deller@gmx.de>
    Signed-off-by: Kyle McMartin <kyle@mcmartin.ca>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    Helge Deller committed with gregkh May 3, 2010
  3. drm/i915: Don't touch PORT_HOTPLUG_EN in intel_dp_detect()

    commit 6e0032f upstream.
    
    PORT_HOTPLUG_EN has allready been setup in i915_driver_irq_postinstall(),
    when intel_dp_detect() runs.
    
    Delete the DP[BCD]_HOTPLUG_INT_EN defines, they are not referenced anymore.
    
    I found this while searching for a fix for
            https://bugzilla.redhat.com/show_bug.cgi?id=528312
    
    Signed-off-by: Karsten Wiese <fzu@wemgehoertderstaat.de>
    Signed-off-by: Eric Anholt <eric@anholt.net>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    Karsten Wiese committed with gregkh Mar 27, 2010
  4. KVM: SVM: Don't allow nested guest to VMMCALL into host

    This patch disables the possibility for a l2-guest to do a
    VMMCALL directly into the host. This would happen if the
    l1-hypervisor doesn't intercept VMMCALL and the l2-guest
    executes this instruction.
    
    Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 0d945bd)
    Joerg Roedel committed with gregkh May 5, 2010
  5. KVM: x86: Inject #GP with the right rip on efer writes

    This patch fixes a bug in the KVM efer-msr write path. If a
    guest writes to a reserved efer bit the set_efer function
    injects the #GP directly. The architecture dependent wrmsr
    function does not see this, assumes success and advances the
    rip. This results in a #GP in the guest with the wrong rip.
    This patch fixes this by reporting efer write errors back to
    the architectural wrmsr function.
    
    Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit b69e8ca)
    Joerg Roedel committed with gregkh May 6, 2010
  6. KVM: x86: Add missing locking to arch specific vcpu ioctls

    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 8fbf065)
    Avi Kivity committed with gregkh May 13, 2010
  7. KVM: PPC: Add missing vcpu_load()/vcpu_put() in vcpu ioctls

    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 98001d8)
    Avi Kivity committed with gregkh May 13, 2010
  8. KVM: Fix wallclock version writing race

    Wallclock writing uses an unprotected global variable to hold the version;
    this can cause one guest to interfere with another if both write their
    wallclock at the same time.
    
    Acked-by: Glauber Costa <glommer@redhat.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 9ed3c44)
    Avi Kivity committed with gregkh May 4, 2010
  9. KVM: MMU: Don't read pdptrs with mmu spinlock held in mmu_alloc_roots

    On svm, kvm_read_pdptr() may require reading guest memory, which can sleep.
    
    Push the spinlock into mmu_alloc_roots(), and only take it after we've read
    the pdptr.
    
    Tested-by: Joerg Roedel <joerg.roedel@amd.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 8facbbf)
    Avi Kivity committed with gregkh May 4, 2010
  10. KVM: VMX: enable VMXON check with SMX enabled (Intel TXT)

    Per document, for feature control MSR:
    
      Bit 1 enables VMXON in SMX operation. If the bit is clear, execution
            of VMXON in SMX operation causes a general-protection exception.
      Bit 2 enables VMXON outside SMX operation. If the bit is clear, execution
            of VMXON outside SMX operation causes a general-protection exception.
    
    This patch is to enable this kind of check with SMX for VMXON in KVM.
    
    Signed-off-by: Shane Wang <shane.wang@intel.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit cafd665)
    shane-wang committed with gregkh Apr 29, 2010
  11. KVM: MMU: Segregate shadow pages with different cr0.wp

    When cr0.wp=0, we may shadow a gpte having u/s=1 and r/w=0 with an spte
    having u/s=0 and r/w=1.  This allows excessive access if the guest sets
    cr0.wp=1 and accesses through this spte.
    
    Fix by making cr0.wp part of the base role; we'll have different sptes for
    the two cases and the problem disappears.
    
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 3dbe141)
    Avi Kivity committed with gregkh May 12, 2010
  12. KVM: x86: Check LMA bit before set_efer

    kvm_x86_ops->set_efer() would execute vcpu->arch.efer = efer, so the
    checking of LMA bit didn't work.
    
    Signed-off-by: Sheng Yang <sheng@linux.intel.com>
    Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit a3d204e)
    Sheng Yang committed with gregkh May 12, 2010
  13. KVM: Don't allow lmsw to clear cr0.pe

    The current lmsw implementation allows the guest to clear cr0.pe, contrary
    to the manual, which breaks EMM386.EXE.
    
    Fix by ORing the old cr0.pe with lmsw's operand.
    
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit f78e917)
    Avi Kivity committed with gregkh May 11, 2010
  14. x86, paravirt: Add a global synchronization point for pvclock

    In recent stress tests, it was found that pvclock-based systems
    could seriously warp in smp systems. Using ingo's time-warp-test.c,
    I could trigger a scenario as bad as 1.5mi warps a minute in some systems.
    (to be fair, it wasn't that bad in most of them). Investigating further, I
    found out that such warps were caused by the very offset-based calculation
    pvclock is based on.
    
    This happens even on some machines that report constant_tsc in its tsc flags,
    specially on multi-socket ones.
    
    Two reads of the same kernel timestamp at approx the same time, will likely
    have tsc timestamped in different occasions too. This means the delta we
    calculate is unpredictable at best, and can probably be smaller in a cpu
    that is legitimately reading clock in a forward ocasion.
    
    Some adjustments on the host could make this window less likely to happen,
    but still, it pretty much poses as an intrinsic problem of the mechanism.
    
    A while ago, I though about using a shared variable anyway, to hold clock
    last state, but gave up due to the high contention locking was likely
    to introduce, possibly rendering the thing useless on big machines. I argue,
    however, that locking is not necessary.
    
    We do a read-and-return sequence in pvclock, and between read and return,
    the global value can have changed. However, it can only have changed
    by means of an addition of a positive value. So if we detected that our
    clock timestamp is less than the current global, we know that we need to
    return a higher one, even though it is not exactly the one we compared to.
    
    OTOH, if we detect we're greater than the current time source, we atomically
    replace the value with our new readings. This do causes contention on big
    boxes (but big here means *BIG*), but it seems like a good trade off, since
    it provide us with a time source guaranteed to be stable wrt time warps.
    
    After this patch is applied, I don't see a single warp in time during 5 days
    of execution, in any of the machines I saw them before.
    
    Signed-off-by: Glauber Costa <glommer@redhat.com>
    Acked-by: Zachary Amsden <zamsden@redhat.com>
    CC: Jeremy Fitzhardinge <jeremy@goop.org>
    CC: Avi Kivity <avi@redhat.com>
    CC: Marcelo Tosatti <mtosatti@redhat.com>
    CC: Zachary Amsden <zamsden@redhat.com>
    Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 489fb49)
    Glauber Costa committed with gregkh May 11, 2010
  15. KVM: SVM: Report emulated SVM features to userspace

    This patch implements the reporting of the emulated SVM
    features to userspace instead of the real hardware
    capabilities. Every real hardware capability needs emulation
    in nested svm so the old behavior was broken.
    
    Cc: stable@kernel.org
    Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit c2c63a4)
    Joerg Roedel committed with gregkh Apr 22, 2010
  16. KVM: x86: Add callback to let modules decide over some supported cpui…

    …d bits
    
    This patch adds the get_supported_cpuid callback to
    kvm_x86_ops. It will be used in do_cpuid_ent to delegate the
    decission about some supported cpuid bits to the
    architecture modules.
    
    Cc: stable@kernel.org
    Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit d4330ef)
    Joerg Roedel committed with gregkh Apr 22, 2010
  17. KVM: PPC: Do not create debugfs if fail to create vcpu

    If fail to create the vcpu, we should not create the debugfs
    for it.
    
    Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
    Acked-by: Alexander Graf <agraf@suse.de>
    Cc: stable@kernel.org
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 06056bf)
    Wei Yongjun committed with gregkh Mar 9, 2010
  18. KVM: s390: Fix possible memory leak of in kvm_arch_vcpu_create()

    This patch fixed possible memory leak in kvm_arch_vcpu_create()
    under s390, which would happen when kvm_arch_vcpu_create() fails.
    
    Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
    Acked-by: Carsten Otte <cotte@de.ibm.com>
    Cc: stable@kernel.org
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 7b06bf2)
    Wei Yongjun committed with gregkh Mar 9, 2010
  19. KVM: SVM: Fix wrong interrupt injection in enable_irq_windows

    The nested_svm_intr() function does not execute the vmexit
    anymore. Therefore we may still be in the nested state after
    that function ran. This patch changes the nested_svm_intr()
    function to return wether the irq window could be enabled.
    
    Cc: stable@kernel.org
    Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 8fe5465)
    Joerg Roedel committed with gregkh Feb 19, 2010
  20. KVM: SVM: Don't sync nested cr8 to lapic and back

    This patch makes syncing of the guest tpr to the lapic
    conditional on !nested. Otherwise a nested guest using the
    TPR could freeze the guest.
    Another important change this patch introduces is that the
    cr8 intercept bits are no longer ORed at vmrun emulation if
    the guest sets VINTR_MASKING in its VMCB. The reason is that
    nested cr8 accesses need alway be handled by the nested
    hypervisor because they change the shadow version of the
    tpr.
    
    Cc: stable@kernel.org
    Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 88ab24a)
    Joerg Roedel committed with gregkh Feb 19, 2010
  21. KVM: SVM: Fix nested msr intercept handling

    The nested_svm_exit_handled_msr() function maps only one
    page of the guests msr permission bitmap. This patch changes
    the code to use kvm_read_guest to fix the bug.
    
    Cc: stable@kernel.org
    Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 4c7da8c)
    Joerg Roedel committed with gregkh Feb 19, 2010
  22. KVM: SVM: Sync all control registers on nested vmexit

    Currently the vmexit emulation does not sync control
    registers were the access is typically intercepted by the
    nested hypervisor. But we can not count on that intercepts
    to sync these registers too and make the code
    architecturally more correct.
    
    Cc: stable@kernel.org
    Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit cdbbdc1)
    Joerg Roedel committed with gregkh Feb 19, 2010
  23. KVM: SVM: Fix schedule-while-atomic on nested exception handling

    Move the actual vmexit routine out of code that runs with
    irqs and preemption disabled.
    
    Cc: stable@kernel.org
    Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit b8e88bc)
    Joerg Roedel committed with gregkh Feb 19, 2010
  24. KVM: SVM: Don't use kmap_atomic in nested_svm_map

    Use of kmap_atomic disables preemption but if we run in
    shadow-shadow mode the vmrun emulation executes kvm_set_cr3
    which might sleep or fault. So use kmap instead for
    nested_svm_map.
    
    Cc: stable@kernel.org
    Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
    Signed-off-by: Avi Kivity <avi@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    
    (Cherry-picked from commit 7597f12)
    Joerg Roedel committed with gregkh Feb 19, 2010
  25. V4L/DVB: uvcvideo: Prevent division by 0 when control step value is 0

    commit cf7a50e upstream.
    
    The control step values reported by the device are used as a divisor
    unchecked, which can result in a division by zero.
    
    Check the step value and make it 1 when null.
    
    Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
    Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    pinchartl committed with gregkh Apr 25, 2010
  26. NFS: Fix another nfs_wb_page() deadlock

    commit 0522f6a upstream.
    
    J.R. Okajima reports that the call to sync_inode() in nfs_wb_page() can
    deadlock with other writeback flush calls. It boils down to the fact
    that we cannot ever call writeback_single_inode() while holding a page
    lock (even if we do set nr_to_write to zero) since another process may
    already be waiting in the call to do_writepages(), and so will deny us
    the I_SYNC lock.
    
    Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    Trond Myklebust committed with gregkh May 26, 2010
  27. NFS: Ensure that we mark the inode as dirty if we exit early from commit

    commit c5efa5f upstream.
    
    If we exit from nfs_commit_inode() without ensuring that the COMMIT rpc
    call has been completed, we must re-mark the inode as dirty. Otherwise,
    future calls to sync_inode() with the WB_SYNC_ALL flag set will fail to
    ensure that the data is on the disk.
    
    Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    Trond Myklebust committed with gregkh May 26, 2010
  28. Btrfs: should add a permission check for setfacl

    commit 2f26afb upstream.
    
    On btrfs, do the following
    ------------------
    # su user1
    # cd btrfs-part/
    # touch aaa
    # getfacl aaa
      # file: aaa
      # owner: user1
      # group: user1
      user::rw-
      group::rw-
      other::r--
    # su user2
    # cd btrfs-part/
    # setfacl -m u::rwx aaa
    # getfacl aaa
      # file: aaa
      # owner: user1
      # group: user1
      user::rwx           <- successed to setfacl
      group::rw-
      other::r--
    ------------------
    but we should prohibit it that user2 changing user1's acl.
    In fact, on ext3 and other fs, a message occurs:
      setfacl: aaa: Operation not permitted
    
    This patch fixed it.
    
    Signed-off-by: Shi Weihua <shiwh@cn.fujitsu.com>
    Signed-off-by: Chris Mason <chris.mason@oracle.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    shiwh committed with gregkh May 18, 2010
  29. CIFS: Allow null nd (as nfs server uses) on create

    commit fa588e0 upstream.
    
    While creating a file on a server which supports unix extensions
    such as Samba, if a file is being created which does not supply
    nameidata (i.e. nd is null), cifs client can oops when calling
    cifs_posix_open.
    
    Signed-off-by: Shirish Pargaonkar <shirishp@us.ibm.com>
    Signed-off-by: Steve French <sfrench@us.ibm.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    Steve French committed with gregkh Apr 22, 2010
  30. GFS2: Fix permissions checking for setflags ioctl()

    commit 7df0e03 upstream.
    
    We should be checking for the ownership of the file for which
    flags are being set, rather than just for write access.
    
    Reported-by: Dan Rosenberg <dan.j.rosenberg@gmail.com>
    Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    swhiteho committed with gregkh May 24, 2010
  31. ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files

    commit 1f5a81e upstream.
    
    Dan Roseberg has reported a problem with the MOVE_EXT ioctl.  If the
    donor file is an append-only file, we should not allow the operation
    to proceed, lest we end up overwriting the contents of an append-only
    file.
    
    Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
    Cc: Dan Rosenberg <dan.j.rosenberg@gmail.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    tytso committed with gregkh Jun 3, 2010
  32. ext4: check s_log_groups_per_flex in online resize code

    commit 42007ef upstream.
    
    If groups_per_flex < 2, sbi->s_flex_groups[] doesn't get filled out,
    and every other access to this first tests s_log_groups_per_flex;
    same thing needs to happen in resize or we'll wander off into
    a null pointer when doing an online resize of the file system.
    
    Thanks to Christoph Biedl, who came up with the trivial testcase:
    
    # truncate --size 128M fsfile
    # mkfs.ext3 -F fsfile
    # tune2fs -O extents,uninit_bg,dir_index,flex_bg,huge_file,dir_nlink,extra_isize fsfile
    # e2fsck -yDf -C0 fsfile
    # truncate --size 132M fsfile
    # losetup /dev/loop0 fsfile
    # mount /dev/loop0 mnt
    # resize2fs -p /dev/loop0
    
    	https://bugzilla.kernel.org/show_bug.cgi?id=13549
    
    Reported-by: Alessandro Polverini <alex@nibbles.it>
    Test-case-by: Christoph Biedl  <bugzilla.kernel.bpeb@manchmal.in-ulm.de>
    Signed-off-by: Eric Sandeen <sandeen@redhat.com>
    Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    Eric Sandeen committed with gregkh May 16, 2010
  33. perf_events: Fix races and clean up perf_event and perf_mmap_data int…

    …eraction
    
    commit ac9721f upstream.
    
    In order to move toward separate buffer objects, rework the whole
    perf_mmap_data construct to be a more self-sufficient entity, one
    with its own lifetime rules.
    
    This greatly sanitizes the whole output redirection code, which
    was riddled with bugs and races.
    
    Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
    LKML-Reference: <new-submission>
    Signed-off-by: Ingo Molnar <mingo@elte.hu>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    Peter Zijlstra committed with gregkh May 27, 2010
  34. iwlwifi: add missing rcu_read_lock

    commit 6db6340 upstream.
    
    Using ieee80211_find_sta() needs to be under
    RCU read lock, which iwlwifi currently misses,
    so fix it.
    
    Reported-by: Miles Lane <miles.lane@gmail.com>
    Signed-off-by: Johannes Berg <johannes.berg@intel.com>
    Acked-by: Reinette Chatre <reinette.chatre@intel.com>
    Tested-by: Miles Lane <miles.lane@gmail.com>
    Signed-off-by: John W. Linville <linville@tuxdriver.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    jmberg committed with gregkh Jun 7, 2010
  35. wl1251: fix a memory leak in probe

    commit aa679c3 upstream.
    
    wl1251_sdio_probe() error path is missing wl1251_free_hw, add it.
    
    Signed-off-by: Grazvydas Ignotas <notasas@gmail.com>
    Acked-by: Kalle Valo <kvalo@adurom.com>
    Signed-off-by: John W. Linville <linville@tuxdriver.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
    notaz committed with gregkh Jun 4, 2010