rpms
/
kernel
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Linux v3.13.7

This commit is contained in:
Justin M. Forbes 2014-03-24 10:07:16 -05:00
parent 705e48c868
commit 19f9a58552
10 changed files with 5 additions and 538 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

175
ACPI-EC-Clear-stale-EC-events-on-Samsung-systems.patch
View File

@ -1,175 +0,0 @@
Bugzilla: 1003602
Upstream-status: Queued for 3.15 https://git.kernel.org/cgit/linux/kernel/git/rafael/linux-pm.git/commit/?id=27095111cbafd3212c7e9a4a8cef1099b7520ca8
From 27095111cbafd3212c7e9a4a8cef1099b7520ca8 Mon Sep 17 00:00:00 2001
From: Kieran Clancy <clancy.kieran@gmail.com>
Date: Fri, 28 Feb 2014 14:12:28 +0000
Subject: ACPI / EC: Clear stale EC events on Samsung systems
A number of Samsung notebooks (530Uxx/535Uxx/540Uxx/550Pxx/900Xxx/etc)
continue to log events during sleep (lid open/close, AC plug/unplug,
battery level change), which accumulate in the EC until a buffer fills.
After the buffer is full (tests suggest it holds 8 events), GPEs stop
being triggered for new events. This state persists on wake or even on
power cycle, and prevents new events from being registered until the EC
is manually polled.
This is the root cause of a number of bugs, including AC not being
detected properly, lid close not triggering suspend, and low ambient
light not triggering the keyboard backlight. The bug also seemed to be
responsible for performance issues on at least one user's machine.
Juan Manuel Cabo found the cause of bug and the workaround of polling
the EC manually on wake.
The loop which clears the stale events is based on an earlier patch by
Lan Tianyu (see referenced attachment).
This patch:
- Adds a function acpi_ec_clear() which polls the EC for stale _Q
events at most ACPI_EC_CLEAR_MAX (currently 100) times. A warning is
logged if this limit is reached.
- Adds a flag EC_FLAGS_CLEAR_ON_RESUME which is set to 1 if the DMI
system vendor is Samsung. This check could be replaced by several
more specific DMI vendor/product pairs, but it's likely that the bug
affects more Samsung products than just the five series mentioned
above. Further, it should not be harmful to run acpi_ec_clear() on
systems without the bug; it will return immediately after finding no
data waiting.
- Runs acpi_ec_clear() on initialisation (boot), from acpi_ec_add()
- Runs acpi_ec_clear() on wake, from acpi_ec_unblock_transactions()
References: https://bugzilla.kernel.org/show_bug.cgi?id=44161
References: https://bugzilla.kernel.org/show_bug.cgi?id=45461
References: https://bugzilla.kernel.org/show_bug.cgi?id=57271
References: https://bugzilla.kernel.org/attachment.cgi?id=126801
Suggested-by: Juan Manuel Cabo <juanmanuel.cabo@gmail.com>
Signed-off-by: Kieran Clancy <clancy.kieran@gmail.com>
Reviewed-by: Lan Tianyu <tianyu.lan@intel.com>
Reviewed-by: Dennis Jansen <dennis.jansen@web.de>
Tested-by: Kieran Clancy <clancy.kieran@gmail.com>
Tested-by: Juan Manuel Cabo <juanmanuel.cabo@gmail.com>
Tested-by: Dennis Jansen <dennis.jansen@web.de>
Tested-by: Maurizio D'Addona <mauritiusdadd@gmail.com>
Tested-by: San Zamoyski <san@plusnet.pl>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
---
diff --git a/drivers/acpi/ec.c b/drivers/acpi/ec.c
index 959d41a..d7d32c2 100644
--- a/drivers/acpi/ec.c
+++ b/drivers/acpi/ec.c
@@ -67,6 +67,8 @@ enum ec_command {
#define ACPI_EC_DELAY 500 /* Wait 500ms max. during EC ops */
#define ACPI_EC_UDELAY_GLK 1000 /* Wait 1ms max. to get global lock */
#define ACPI_EC_MSI_UDELAY 550 /* Wait 550us for MSI EC */
+#define ACPI_EC_CLEAR_MAX 100 /* Maximum number of events to query
+ * when trying to clear the EC */
enum {
EC_FLAGS_QUERY_PENDING, /* Query is pending */
@@ -116,6 +118,7 @@ EXPORT_SYMBOL(first_ec);
static int EC_FLAGS_MSI; /* Out-of-spec MSI controller */
static int EC_FLAGS_VALIDATE_ECDT; /* ASUStec ECDTs need to be validated */
static int EC_FLAGS_SKIP_DSDT_SCAN; /* Not all BIOS survive early DSDT scan */
+static int EC_FLAGS_CLEAR_ON_RESUME; /* Needs acpi_ec_clear() on boot/resume */
/* --------------------------------------------------------------------------
Transaction Management
@@ -440,6 +443,29 @@ acpi_handle ec_get_handle(void)
EXPORT_SYMBOL(ec_get_handle);
+static int acpi_ec_query_unlocked(struct acpi_ec *ec, u8 *data);
+
+/*
+ * Clears stale _Q events that might have accumulated in the EC.
+ * Run with locked ec mutex.
+ */
+static void acpi_ec_clear(struct acpi_ec *ec)
+{
+ int i, status;
+ u8 value = 0;
+
+ for (i = 0; i < ACPI_EC_CLEAR_MAX; i++) {
+ status = acpi_ec_query_unlocked(ec, &value);
+ if (status || !value)
+ break;
+ }
+
+ if (unlikely(i == ACPI_EC_CLEAR_MAX))
+ pr_warn("Warning: Maximum of %d stale EC events cleared\n", i);
+ else
+ pr_info("%d stale EC events cleared\n", i);
+}
+
void acpi_ec_block_transactions(void)
{
struct acpi_ec *ec = first_ec;
@@ -463,6 +489,10 @@ void acpi_ec_unblock_transactions(void)
mutex_lock(&ec->mutex);
/* Allow transactions to be carried out again */
clear_bit(EC_FLAGS_BLOCKED, &ec->flags);
+
+ if (EC_FLAGS_CLEAR_ON_RESUME)
+ acpi_ec_clear(ec);
+
mutex_unlock(&ec->mutex);
}
@@ -821,6 +851,13 @@ static int acpi_ec_add(struct acpi_device *device)
/* EC is fully operational, allow queries */
clear_bit(EC_FLAGS_QUERY_PENDING, &ec->flags);
+
+ /* Clear stale _Q events if hardware might require that */
+ if (EC_FLAGS_CLEAR_ON_RESUME) {
+ mutex_lock(&ec->mutex);
+ acpi_ec_clear(ec);
+ mutex_unlock(&ec->mutex);
+ }
return ret;
}
@@ -922,6 +959,30 @@ static int ec_enlarge_storm_threshold(const struct dmi_system_id *id)
return 0;
}
+/*
+ * On some hardware it is necessary to clear events accumulated by the EC during
+ * sleep. These ECs stop reporting GPEs until they are manually polled, if too
+ * many events are accumulated. (e.g. Samsung Series 5/9 notebooks)
+ *
+ * https://bugzilla.kernel.org/show_bug.cgi?id=44161
+ *
+ * Ideally, the EC should also be instructed NOT to accumulate events during
+ * sleep (which Windows seems to do somehow), but the interface to control this
+ * behaviour is not known at this time.
+ *
+ * Models known to be affected are Samsung 530Uxx/535Uxx/540Uxx/550Pxx/900Xxx,
+ * however it is very likely that other Samsung models are affected.
+ *
+ * On systems which don't accumulate _Q events during sleep, this extra check
+ * should be harmless.
+ */
+static int ec_clear_on_resume(const struct dmi_system_id *id)
+{
+ pr_debug("Detected system needing EC poll on resume.\n");
+ EC_FLAGS_CLEAR_ON_RESUME = 1;
+ return 0;
+}
+
static struct dmi_system_id ec_dmi_table[] __initdata = {
{
ec_skip_dsdt_scan, "Compal JFL92", {
@@ -965,6 +1026,9 @@ static struct dmi_system_id ec_dmi_table[] __initdata = {
ec_validate_ecdt, "ASUS hardware", {
DMI_MATCH(DMI_SYS_VENDOR, "ASUSTek Computer Inc."),
DMI_MATCH(DMI_PRODUCT_NAME, "L4R"),}, NULL},
+ {
+ ec_clear_on_resume, "Samsung hardware", {
+ DMI_MATCH(DMI_SYS_VENDOR, "SAMSUNG ELECTRONICS CO., LTD.")}, NULL},
{},
};
--
cgit v0.9.2

50
Revert-USBNET-ax88179_178a-enable-tso-if-usb-host-supports-sg-dma.patch
View File

@ -1,50 +0,0 @@
From 1b4b61e873240faea96995cd87cfbe7bc51a2b39 Mon Sep 17 00:00:00 2001
From: Sarah Sharp <sarah.a.sharp@linux.intel.com>
Date: Tue, 04 Mar 2014 22:23:47 +0000
Subject: Revert "USBNET: ax88179_178a: enable tso if usb host supports sg dma"
This reverts commit 3804fad45411b48233b48003e33a78f290d227c8.
The xHCI driver does not implement TD fragment rules yet, so we can't
properly support arbitrary-length scatter gather. USB storage seems
immune to these issues, and only the ASIX host seems to hit them, so
disable scatter gather.
Note that we can't simply work around this by clearing the
no_sg_constraint flag for 1.0 xHCI hosts that need TD fragments (and
thus would cause the ASIX chipsets to drop packets). We tried that with
commit 247bf557273d "xhci 1.0: Limit arbitrarily-aligned scatter
gather." We found that commit breaks USB 3.0 mass storage devices. It
needs to get reverted, and this commit needs to get reverted before it
to avoid dropped packets with the ASIX ethernet adapters.
Signed-off-by: Sarah Sharp <sarah.a.sharp@linux.intel.com>
Cc: stable@vger.kernel.org # 3.12
---
diff --git a/drivers/net/usb/ax88179_178a.c b/drivers/net/usb/ax88179_178a.c
index 955df81..42085e6 100644
--- a/drivers/net/usb/ax88179_178a.c
+++ b/drivers/net/usb/ax88179_178a.c
@@ -1029,20 +1029,12 @@ static int ax88179_bind(struct usbnet *dev, struct usb_interface *intf)
dev->mii.phy_id = 0x03;
dev->mii.supports_gmii = 1;
- if (usb_device_no_sg_constraint(dev->udev))
- dev->can_dma_sg = 1;
-
dev->net->features |= NETIF_F_IP_CSUM | NETIF_F_IPV6_CSUM |
NETIF_F_RXCSUM;
dev->net->hw_features |= NETIF_F_IP_CSUM | NETIF_F_IPV6_CSUM |
NETIF_F_RXCSUM;
- if (dev->can_dma_sg) {
- dev->net->features |= NETIF_F_SG | NETIF_F_TSO;
- dev->net->hw_features |= NETIF_F_SG | NETIF_F_TSO;
- }
-
/* Enable checksum offload */
*tmp = AX_RXCOE_IP | AX_RXCOE_TCP | AX_RXCOE_UDP |
AX_RXCOE_TCPV6 | AX_RXCOE_UDPV6;
--
cgit v0.9.2

86
Revert-xhci-1.0-Limit-arbitrarily-aligned-scatter-gather.patch
View File

@ -1,86 +0,0 @@
From 7efb6dbd0d825899955fd4035504823bb5c1124c Mon Sep 17 00:00:00 2001
From: Sarah Sharp <sarah.a.sharp@linux.intel.com>
Date: Tue, 04 Mar 2014 22:28:16 +0000
Subject: Revert "xhci 1.0: Limit arbitrarily-aligned scatter gather."
This reverts commit 247bf557273dd775505fb9240d2d152f4f20d304, since it
causes USB 3.0 mass storage devices to fail on xHCI 1.0 hosts.
The block layer may submit scatter-gather lists with entries that
are multiples of 512-byte blocks. That's fine for USB 2.0 devices,
where the bulk endpoint max packet size is 512 bytes. But USB 3.0
devices have bulk endpoints with a 1024 byte max packet size.
That means when the block layer submits a scatter-gather list with one
entry that includes, say, three 512-byte blocks, this code will reject
the URB if it's submitted to a USB 3.0 bulk endpoint:
int usb_submit_urb(struct urb *urb, gfp_t mem_flags)
{
...
max = usb_endpoint_maxp(&ep->desc);
...
} else if (urb->num_sgs && !urb->dev->bus->no_sg_constraint &&
dev->speed != USB_SPEED_WIRELESS) {
struct scatterlist *sg;
int i;
for_each_sg(urb->sg, sg, urb->num_sgs - 1, i)
if (sg->length % max)
return -EINVAL;
}
This results in failures with USB 3.0 drives. For me, a failure to
auto-mount the device. For others, a read or write SCSI command
failure.
This commit was put in place so that we could get scatter-gather support
for the ASIX USB ethernet adapter on non-1.0 hosts. It was a quick fix
until we implemented TD fragments properly in the driver. Since it
breaks USB 3.0 mass storage, we need to revert it, and revert
scatter-gather support for the ASIX devices.
Signed-off-by: Sarah Sharp <sarah.a.sharp@linux.intel.com>
Cc: stable@vger.kernel.org # 3.12
---
diff --git a/drivers/usb/host/xhci.c b/drivers/usb/host/xhci.c
index 652be21..8fe4e12 100644
--- a/drivers/usb/host/xhci.c
+++ b/drivers/usb/host/xhci.c
@@ -4762,6 +4762,9 @@ int xhci_gen_setup(struct usb_hcd *hcd, xhci_get_quirks_t get_quirks)
/* Accept arbitrarily long scatter-gather lists */
hcd->self.sg_tablesize = ~0;
+ /* support to build packet from discontinuous buffers */
+ hcd->self.no_sg_constraint = 1;
+
/* XHCI controllers don't stop the ep queue on short packets :| */
hcd->self.no_stop_on_short = 1;
@@ -4786,14 +4789,6 @@ int xhci_gen_setup(struct usb_hcd *hcd, xhci_get_quirks_t get_quirks)
/* xHCI private pointer was set in xhci_pci_probe for the second
* registered roothub.
*/
- xhci = hcd_to_xhci(hcd);
- /*
- * Support arbitrarily aligned sg-list entries on hosts without
- * TD fragment rules (which are currently unsupported).
- */
- if (xhci->hci_version < 0x100)
- hcd->self.no_sg_constraint = 1;
-
return 0;
}
@@ -4822,9 +4817,6 @@ int xhci_gen_setup(struct usb_hcd *hcd, xhci_get_quirks_t get_quirks)
if (xhci->hci_version > 0x96)
xhci->quirks |= XHCI_SPURIOUS_SUCCESS;
- if (xhci->hci_version < 0x100)
- hcd->self.no_sg_constraint = 1;
-
/* Make sure the HC is halted. */
retval = xhci_halt(xhci);
if (retval)
--
cgit v0.9.2

36
audit-don-t-generate-loginuid-log-when-audit-disable.patch
View File

@ -1,36 +0,0 @@
Bugzilla: 1066064
Upstream-status: 3.14-rc1
From c2412d91c68426e22add16550f97ae5cd988a159 Mon Sep 17 00:00:00 2001
From: Gao feng <gaofeng@cn.fujitsu.com>
Date: Fri, 1 Nov 2013 19:34:45 +0800
Subject: [PATCH] audit: don't generate loginuid log when audit disabled
If audit is disabled, we shouldn't generate loginuid audit
log.
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
---
kernel/auditsc.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index df1e685..9ab02fa 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1971,6 +1971,9 @@ static void audit_log_set_loginuid(kuid_t koldloginuid, kuid_t kloginuid,
struct audit_buffer *ab;
uid_t uid, ologinuid, nloginuid;
+ if (!audit_enabled)
+ return;
+
uid = from_kuid(&init_user_ns, task_uid(current));
ologinuid = from_kuid(&init_user_ns, koldloginuid);
nloginuid = from_kuid(&init_user_ns, kloginuid),
--
1.8.5.3

21
bug-1071998.patch
View File

@ -1,21 +0,0 @@
@@ -, +, @@
---
drivers/net/wireless/iwlwifi/mvm/coex.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
--- a/drivers/net/wireless/iwlwifi/mvm/bt-coex.c
+++ a/drivers/net/wireless/iwlwifi/mvm/bt-coex.c
@@ -1119,8 +1119,11 @@ void iwl_mvm_bt_rssi_event(struct iwl_mvm *mvm, struct ieee80211_vif *vif,
lockdep_assert_held(&mvm->mutex);
- /* Rssi update while not associated ?! */
- if (WARN_ON_ONCE(mvmvif->ap_sta_id == IWL_MVM_STATION_COUNT))
+ /*
+ * Rssi update while not associated - can happen since the statistics
+ * are handled asynchronously
+ */
+ if (mvmvif->ap_sta_id == IWL_MVM_STATION_COUNT)
return;
/* No BT - reports should be disabled */
--

25
dm-cache-policy-mq_fix-large-scale-table-allocation-bug.patch
View File

@ -1,25 +0,0 @@
Bugzilla: 993744
Upstream-status: ??
diff --git a/drivers/md/dm-cache-policy-mq.c b/drivers/md/dm-cache-policy-mq.c
index 416b7b7..9105771 100644
--- a/drivers/md/dm-cache-policy-mq.c
+++ b/drivers/md/dm-cache-policy-mq.c
@@ -866,7 +866,7 @@ static void mq_destroy(struct dm_cache_policy *p)
{
struct mq_policy *mq = to_mq_policy(p);
- kfree(mq->table);
+ vfree(mq->table);
epool_exit(&mq->cache_pool);
epool_exit(&mq->pre_cache_pool);
kfree(mq);
@@ -1221,7 +1221,7 @@ static struct dm_cache_policy *mq_create(dm_cblock_t cache_size,
mq->nr_buckets = next_power(from_cblock(cache_size) / 2, 16);
mq->hash_bits = ffs(mq->nr_buckets) - 1;
- mq->table = kzalloc(sizeof(*mq->table) * mq->nr_buckets, GFP_KERNEL);
+ mq->table = vzalloc(sizeof(*mq->table) * mq->nr_buckets);
if (!mq->table)
goto bad_alloc_table;

49
kernel.spec
View File

@ -74,7 +74,7 @@ Summary: The Linux kernel
%if 0%{?released_kernel}
# Do we have a -stable update to apply?
%define stable_update 6
%define stable_update 7
# Is it a -stable RC?
%define stable_rc 0
# Set rpm version accordingly
@ -715,9 +715,6 @@ Patch22000: weird-root-dentry-name-debug.patch
Patch25047: drm-radeon-Disable-writeback-by-default-on-ppc.patch
#rhbz 993744
Patch25128: dm-cache-policy-mq_fix-large-scale-table-allocation-bug.patch
# Fix 15sec NFS mount delay
Patch25152: sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch
Patch25153: sunrpc-replace-gssd_running-with-more-reliable-check.patch
@ -769,12 +766,6 @@ Patch25026: keyring-fix.patch
#rhbz 1065087
Patch25028: tty-Fix-low_latency-BUG.patch
#rhbz 1066064
Patch25029: audit-don-t-generate-loginuid-log-when-audit-disable.patch
#CVE-2014-0101 rhbz 1072029 1070705
Patch25030: net-net-sctp-fix-sctp_sf_do_5_1D_ce-to-verify-if-we-peer-is-AUTH-capable.patch
#CVE-2014-0100 rhbz 1072026 1070618
Patch25031: net-fix-for-a-race-condition-in-the-inet-frag-code.patch
@ -784,19 +775,9 @@ Patch25032: HID-Bluetooth-hidp-make-sure-input-buffers-are-big-e.patch
#rhbz 1013466
Patch25033: selinux-put-the-mmap-DAC-controls-before-the-MAC-controls.patch
#rhbz 1071998
Patch25034: bug-1071998.patch
#rhbz 1051748
Patch25035: Bluetooth-allocate-static-minor-for-vhci.patch
#rhbz 1003602
Patch25037: ACPI-EC-Clear-stale-EC-events-on-Samsung-systems.patch
#rhbz 1073180
Patch25038: Revert-USBNET-ax88179_178a-enable-tso-if-usb-host-supports-sg-dma.patch
Patch25039: Revert-xhci-1.0-Limit-arbitrarily-aligned-scatter-gather.patch
#rhbz 1065663
Patch25040: iwlwifi-dvm-clear-IWL_STA_UCODE_INPROGRESS-when-asso.patch
@ -809,9 +790,6 @@ Patch25044: iwlwifi-dvm-take-mutex-when-sending-SYNC-BT-config-command.patch
#CVE-2014-2523 rhbz 1077343 1077350
Patch25045: netfilter-nf_conntrack_dccp-fix-skb_header_pointer-A.patch
#rhbz 1078894
Patch25046: mm-readahead.c-fix-do_readahead-for-no-readpage-s.patch
#CVE-2014-0131 rhbz 1074589 1079006
Patch25048: skbuff-zero-copy.patch
@ -1476,9 +1454,6 @@ ApplyPatch ath9k_rx_dma_stop_check.patch
ApplyPatch drm-radeon-Disable-writeback-by-default-on-ppc.patch
#rhbz 993744
ApplyPatch dm-cache-policy-mq_fix-large-scale-table-allocation-bug.patch
# Fix 15sec NFS mount delay
ApplyPatch sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch
ApplyPatch sunrpc-replace-gssd_running-with-more-reliable-check.patch
@ -1530,12 +1505,6 @@ ApplyPatch keyring-fix.patch
#rhbz 1065087
ApplyPatch tty-Fix-low_latency-BUG.patch
#rhbz 1066064
ApplyPatch audit-don-t-generate-loginuid-log-when-audit-disable.patch
#CVE-2014-0101 rhbz 1072029 1070705
ApplyPatch net-net-sctp-fix-sctp_sf_do_5_1D_ce-to-verify-if-we-peer-is-AUTH-capable.patch
#CVE-2014-0100 rhbz 1072026 1070618
ApplyPatch net-fix-for-a-race-condition-in-the-inet-frag-code.patch
@ -1545,19 +1514,9 @@ ApplyPatch HID-Bluetooth-hidp-make-sure-input-buffers-are-big-e.patch
#rhbz 1013466
ApplyPatch selinux-put-the-mmap-DAC-controls-before-the-MAC-controls.patch
#rhbz 1071998
ApplyPatch bug-1071998.patch
#rhbz 1051748
ApplyPatch Bluetooth-allocate-static-minor-for-vhci.patch
#rhbz 1003602
ApplyPatch ACPI-EC-Clear-stale-EC-events-on-Samsung-systems.patch
#rhbz 1073180
ApplyPatch Revert-USBNET-ax88179_178a-enable-tso-if-usb-host-supports-sg-dma.patch
ApplyPatch Revert-xhci-1.0-Limit-arbitrarily-aligned-scatter-gather.patch
#rhbz 1065663
ApplyPatch iwlwifi-dvm-clear-IWL_STA_UCODE_INPROGRESS-when-asso.patch
@ -1570,9 +1529,6 @@ ApplyPatch iwlwifi-dvm-take-mutex-when-sending-SYNC-BT-config-command.patch
#CVE-2014-2523 rhbz 1077343 1077350
ApplyPatch netfilter-nf_conntrack_dccp-fix-skb_header_pointer-A.patch
#rhbz 1078894
ApplyPatch mm-readahead.c-fix-do_readahead-for-no-readpage-s.patch
#CVE-2014-0131 rhbz 1074589 1079006
ApplyPatch skbuff-zero-copy.patch
@ -2388,6 +2344,9 @@ fi
# and build.
%changelog
* Mon Mar 24 2014 Justin M. Forbes <jforbes@fedoraproject.org> - 3.13.7-100
- Linux v3.13.7
* Thu Mar 20 2014 Josh Boyer <jwboyer@fedoraproject.org>
- CVE-2014-0131: skbuff: use-after-free during segmentation with zerocopy (rhbz 1074589 1079006)
- Fix readahead semantics on pipes and sockets (rhbz 1078894)

78
mm-readahead.c-fix-do_readahead-for-no-readpage-s.patch
View File

@ -1,78 +0,0 @@
Bugzilla: 1078894
Upstream: 3.14 and sent to stable for 3.13.7
From 58d5640ebdb273cc817b0d0cda7bcf2efbbc2ff7 Mon Sep 17 00:00:00 2001
From: Mark Rutland <mark.rutland@arm.com>
Date: Wed, 29 Jan 2014 14:05:51 -0800
Subject: [PATCH] mm/readahead.c: fix do_readahead() for no readpage(s)
Commit 63d0f0a3c7e1 ("mm/readahead.c:do_readhead(): don't check for
->readpage") unintentionally made do_readahead return 0 for all valid
files regardless of whether readahead was supported, rather than the
expected -EINVAL. This gets forwarded on to userspace, and results in
sys_readahead appearing to succeed in cases that don't make sense (e.g.
when called on pipes or sockets). This issue is detected by the LTP
readahead01 testcase.
As the exact return value of force_page_cache_readahead is currently
never used, we can simplify it to return only 0 or -EINVAL (when
readpage or readpages is missing). With that in place we can simply
forward on the return value of force_page_cache_readahead in
do_readahead.
This patch performs said change, restoring the expected semantics.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
---
mm/readahead.c | 15 +++++----------
1 file changed, 5 insertions(+), 10 deletions(-)
diff --git a/mm/readahead.c b/mm/readahead.c
index 7cdbb44..0de2360 100644
--- a/mm/readahead.c
+++ b/mm/readahead.c
@@ -211,8 +211,6 @@ out:
int force_page_cache_readahead(struct address_space *mapping, struct file *filp,
pgoff_t offset, unsigned long nr_to_read)
{
- int ret = 0;
-
if (unlikely(!mapping->a_ops->readpage && !mapping->a_ops->readpages))
return -EINVAL;
@@ -226,15 +224,13 @@ int force_page_cache_readahead(struct address_space *mapping, struct file *filp,
this_chunk = nr_to_read;
err = __do_page_cache_readahead(mapping, filp,
offset, this_chunk, 0);
- if (err < 0) {
- ret = err;
- break;
- }
- ret += err;
+ if (err < 0)
+ return err;
+
offset += this_chunk;
nr_to_read -= this_chunk;
}
- return ret;
+ return 0;
}
/*
@@ -576,8 +572,7 @@ do_readahead(struct address_space *mapping, struct file *filp,
if (!mapping || !mapping->a_ops)
return -EINVAL;
- force_page_cache_readahead(mapping, filp, index, nr);
- return 0;
+ return force_page_cache_readahead(mapping, filp, index, nr);
}
SYSCALL_DEFINE3(readahead, int, fd, loff_t, offset, size_t, count)
--
1.8.5.3

21
net-net-sctp-fix-sctp_sf_do_5_1D_ce-to-verify-if-we-peer-is-AUTH-capable.patch
View File

@ -1,21 +0,0 @@
Bugzilla: 1072029
Upstream-status: Submitted http://patchwork.ozlabs.org/patch/325898/
diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index 591b44d..ae65b6b 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -758,6 +758,13 @@ sctp_disposition_t sctp_sf_do_5_1D_ce(struct net *net,
struct sctp_chunk auth;
sctp_ierror_t ret;
+ /* Make sure that we and the peer are AUTH capable */
+ if (!net->sctp.auth_enable || !new_asoc->peer.auth_capable) {
+ kfree_skb(chunk->auth_chunk);
+ sctp_association_free(new_asoc);
+ return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands);
+ }
+
/* set-up our fake chunk so that we can process it */
auth.skb = chunk->auth_chunk;
auth.asoc = chunk->asoc;

2
sources
View File

@ -1,2 +1,2 @@
0ecbaf65c00374eb4a826c2f9f37606f linux-3.13.tar.xz
a9b131a589a176b4c437b8ca4557b85e patch-3.13.6.xz
cb33b329d3417846d310c7f58a2614b6 patch-3.13.7.xz