linux/drivers, branch v3.0.10 Linux kernel source tree https://git.amat.us/linux/atom/drivers?h=v3.0.10 2011-11-21T22:31:24Z xen-gntalloc: signedness bug in add_grefs() 2011-11-21T22:31:24Z Dan Carpenter dan.carpenter@oracle.com 2011-11-04T18:24:36Z urn:sha1:015be9f48be43814f14326555e9ea576cf0343d7 commit 99cb2ddcc617f43917e94a4147aa3ccdb2bcd77e upstream. gref->gref_id is unsigned so the error handling didn't work. gnttab_grant_foreign_access() returns an int type, so we can add a cast here, and it doesn't cause any problems. gnttab_grant_foreign_access() can return a variety of errors including -ENOSPC, -ENOSYS and -ENOMEM. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> xen-gntalloc: integer overflow in gntalloc_ioctl_alloc() 2011-11-21T22:31:24Z Dan Carpenter dan.carpenter@oracle.com 2011-11-04T18:24:08Z urn:sha1:2c59105ba0af5df97d9b614c999553f79d6ece67 commit 21643e69a4c06f7ef155fbc70e3fba13fba4a756 upstream. On 32 bit systems a high value of op.count could lead to an integer overflow in the kzalloc() and gref_ids would be smaller than expected. If the you triggered another integer overflow in "if (gref_size + op.count > limit)" then you'd probably get memory corruption inside add_grefs(). Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> mfd: Fix twl4030 dependencies for audio codec 2011-11-21T22:31:23Z Thomas Weber weber@corscience.de 2011-09-05T09:26:33Z urn:sha1:11b8fc6ae54bf18a48c94e181c37ca135b858b42 commit f09ee0451a44a4e913a7c3cec3805508f7de6c54 upstream. The codec for Devkit8000 (TWL4030) was not detected except when build with CONFIG_SND_SOC_ALL_CODECS. twl-core.c still uses the CONFIG_TWL4030_CODEC for twl_has_codec(). In commit 57fe7251f5bfc4332f24479376de48a1e8ca6211 the CONFIG_TWL4030_CODEC was renamed into CONFIG_MFD_TWL4030_AUDIO, thatswhy the codec was not detected. This patch renames the CONFIG_ TWL4030_CODEC into CONFIG_MFD_TWL4030_AUDIO in twl-core.c. Signed-off-by: Thomas Weber <weber@corscience.de> Acked-by: Peter Ujfalusi <peter.ujfalusi@ti.com> Signed-off-by: Samuel Ortiz <sameo@linux.intel.com> Cc: Jarkko Nikula <jarkko.nikula@bitmer.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> md/raid5: abort any pending parity operations when array fails. 2011-11-21T22:31:22Z NeilBrown neilb@suse.de 2011-11-08T05:22:01Z urn:sha1:79d96b2756e325e484f27ed4f61addc83935e196 commit 9a3f530f39f4490eaa18b02719fb74ce5f4d2d86 upstream. When the number of failed devices exceeds the allowed number we must abort any active parity operations (checks or updates) as they are no longer meaningful, and can lead to a BUG_ON in handle_parity_checks6. This bug was introduce by commit 6c0069c0ae9659e3a91b68eaed06a5c6c37f45c8 in 2.6.29. Reported-by: Manish Katiyar <mkatiyar@gmail.com> Tested-by: Manish Katiyar <mkatiyar@gmail.com> Acked-by: Dan Williams <dan.j.williams@intel.com> Signed-off-by: NeilBrown <neilb@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> b43: refuse to load unsupported firmware 2011-11-21T22:31:22Z Rafał Miłecki zajec5@gmail.com 2011-11-08T16:15:03Z urn:sha1:91ed232dabe5c813aa506c218223a484e78092eb [This patch is supposed to be applied in 3.1 (and maybe older) branches only.] New kernels support newer firmware that users may try to incorrectly use with older kernels. Display error and explain the problem in such a case Signed-off-by: Rafał Miłecki <zajec5@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> drm/i915: enable ring freq scaling, RC6 and graphics turbo on Ivy Bridge v3 2011-11-21T22:31:20Z Jesse Barnes jbarnes@virtuousgeek.org 2011-06-29T20:34:36Z urn:sha1:987ccebc15b3f1256dbcdfbb81ad542d1e2ad6a8 commit 1c70c0cebd1295a42fec75045b8a6b4419cedef3 upstream. They use the same register interfaces, so we can simply enable the existing code on IVB. v2: - resolve conflict with ring freq scaling, we can enable it too v3: - resolve conflict again, this time on drm-intel-next Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org> Signed-off-by: Keith Packard <keithp@keithp.com> Signed-off-by: Robert Hooker <robert.hooker@canonical.com> Acked-by: Leann Ogasawara <leann.ogasawara@canonical.com> Acked-by: Herton Krzesinski <herton.krzesinski@canonical.com> Signed-off-by: Tim Gardner <tim.gardner@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> Revert "leds: save the delay values after a successful call to blink_set()" 2011-11-21T22:31:19Z Johan Hovold jhovold@gmail.com 2011-11-15T22:35:52Z urn:sha1:30b205cbe5b6b239e13829ff435c726c2a206e8d commit cb871513f656bdfc48b185b55f37857b5c750c40 upstream. Revert commit 6123b0e274503a0d3588e84fbe07c9aa01bfaf5d. The problem this patch intends to solve has alreadqy been fixed by commit 7a5caabd090b ("drivers/leds/ledtrig-timer.c: fix broken sysfs delay handling"). Signed-off-by: Johan Hovold <jhovold@gmail.com> Cc: Antonio Ospite <ospite@studenti.unina.it> Cc: Johannes Berg <johannes@sipsolutions.net> Cc: Richard Purdie <rpurdie@rpsys.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> drm/radeon/kms: make an aux failure debug only 2011-11-21T22:31:16Z Alex Deucher alexander.deucher@amd.com 2011-11-08T15:09:58Z urn:sha1:f73870d6d33cd24c8fe2a7b39b2f99c433804945 commit 091264f0bc12419560ac64fcef4567809d611658 upstream. Can happen when there is no DP panel attached, confusing users. Make it debug only. Signed-off-by: Alex Deucher <alexander.deucher@amd.com> Signed-off-by: Dave Airlie <airlied@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> drm/nouveau: initialize chan->fence.lock before use 2011-11-21T22:31:16Z Marcin Slusarz marcin.slusarz@gmail.com 2011-09-09T12:16:42Z urn:sha1:53b6b123d40eda9bde41232b2c76d0e1e896b83d commit 5e60ee780e792efe6dce97eceb110b1d30bab850 upstream. Fence lock needs to be initialized before any call to nouveau_channel_put because it calls nouveau_channel_idle->nouveau_fence_update which uses fence lock. BUG: spinlock bad magic on CPU#0, test/24134 lock: ffff88019f90dba8, .magic: 00000000, .owner: <none>/-1, .owner_cpu: 0 Pid: 24134, comm: test Not tainted 3.0.0-nv+ #800 Call Trace: spin_bug+0x9c/0xa3 do_raw_spin_lock+0x29/0x13c _raw_spin_lock+0x1e/0x22 nouveau_fence_update+0x2d/0xf1 nouveau_channel_idle+0x22/0xa0 nouveau_channel_put_unlocked+0x84/0x1bd nouveau_channel_put+0x20/0x24 nouveau_channel_alloc+0x4ec/0x585 nouveau_ioctl_fifo_alloc+0x50/0x130 drm_ioctl+0x289/0x361 do_vfs_ioctl+0x4dd/0x52c sys_ioctl+0x42/0x65 system_call_fastpath+0x16/0x1b It's easily triggerable from userspace. Additionally remove double initialization of chan->fence.pending. Signed-off-by: Marcin Slusarz <marcin.slusarz@gmail.com> Signed-off-by: Ben Skeggs <bskeggs@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> drm/i915: Fix object refcount leak on mmappable size limit error path. 2011-11-21T22:31:15Z Eric Anholt eric@anholt.net 2011-11-01T06:16:21Z urn:sha1:1db61fd3401a6520375293de302b3a9034edca1b commit 14660ccd599dc7bd6ecef17408bd76dc853f9b77 upstream. I've been seeing memory leaks on my system in the form of large (300-400MB) GEM objects created by now-dead processes laying around clogging up memory. I usually notice when it gets to about 1.2GB of them. Hopefully this clears up the issue, but I just found this bug by inspection. Signed-off-by: Eric Anholt <eric@anholt.net> Signed-off-by: Keith Packard <keithp@keithp.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>