From cafbe33b9221436fd67d686c758bbf602cbc7c99 Mon Sep 17 00:00:00 2001 From: Chuck Ebbert Date: Thu, 8 Dec 2011 11:58:24 -0500 Subject: [PATCH] Linux 3.1.5-rc2 Drop obsolete changelog, set rcrev and gitrev to 0 so they're less distracting. --- kernel.spec | 15 +- patch-3.1-rc10-git1.log | 804 ---------------------------------------- sources | 2 +- 3 files changed, 11 insertions(+), 810 deletions(-) delete mode 100644 patch-3.1-rc10-git1.log diff --git a/kernel.spec b/kernel.spec index 4e5f07b45..049b00644 100644 --- a/kernel.spec +++ b/kernel.spec @@ -54,7 +54,7 @@ Summary: The Linux kernel # For non-released -rc kernels, this will be appended after the rcX and # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3" # -%global baserelease 2 +%global baserelease 1 %global fedora_build %{baserelease} # base_sublevel is the kernel version we're starting with and patching @@ -68,7 +68,7 @@ Summary: The Linux kernel # Do we have a -stable update to apply? %define stable_update 5 # Is it a -stable RC? -%define stable_rc 1 +%define stable_rc 2 # Set rpm version accordingly %if 0%{?stable_update} %define stablerev %{stable_update} @@ -85,9 +85,9 @@ Summary: The Linux kernel # The next upstream release sublevel (base_sublevel+1) %define upstream_sublevel %(echo $((%{base_sublevel} + 1))) # The rc snapshot level -%define rcrev 10 +%define rcrev 0 # The git snapshot level -%define gitrev 1 +%define gitrev 0 # Set rpm version accordingly %define rpmversion 3.%{upstream_sublevel}.0 %endif @@ -2200,10 +2200,15 @@ fi # and build. %changelog +* Thu Dec 08 2011 Chuck Ebbert 3.1.5-0.rc2.1 +- Linux 3.1.5-rc2 +- Drop obsolete changelog, set rcrev and gitrev to 0 so they're + less distracting. + * Thu Dec 08 2011 Ben Skeggs 3.1.5-0.rc1.2 - nouveau: fix accel on GF108 and enable on GF108/GF110 -* Wed Dec 07 2011 Chuck Ebbert 3.1.5-0.rc1.1 +* Wed Dec 07 2011 Chuck Ebbert - Linux 3.1.5-rc1 - Comment out merged patches: xfs-Fix-possible-memory-corruption-in-xfs_readlink.patch diff --git a/patch-3.1-rc10-git1.log b/patch-3.1-rc10-git1.log deleted file mode 100644 index ba8dfd171..000000000 --- a/patch-3.1-rc10-git1.log +++ /dev/null @@ -1,804 +0,0 @@ -commit 2efd7c0fdcbe041173e248ccc2d9c91df7f84ce5 -Merge: 62ddc00 7ed47b7 -Author: Linus Torvalds -Date: Fri Oct 21 17:02:18 2011 +0300 - - Merge git://github.com/herbertx/crypto - - * git://github.com/herbertx/crypto: - crypto: ghash - Avoid null pointer dereference if no key is set - -commit 62ddc0046eae6b8e8374f0ac3b27b12a57baa2f6 -Merge: fd11e15 ca201c0 -Author: Linus Torvalds -Date: Fri Oct 21 17:01:21 2011 +0300 - - Merge branch 'fix/hda' of git://github.com/tiwai/sound - - * 'fix/hda' of git://github.com/tiwai/sound: - ALSA: HDA: conexant support for Lenovo T520/W520 - ALSA: hda - Add position_fix quirk for Dell Inspiron 1010 - -commit 7ed47b7d142ec99ad6880bbbec51e9f12b3af74c -Author: Nick Bowler -Date: Thu Oct 20 14:16:55 2011 +0200 - - crypto: ghash - Avoid null pointer dereference if no key is set - - The ghash_update function passes a pointer to gf128mul_4k_lle which will - be NULL if ghash_setkey is not called or if the most recent call to - ghash_setkey failed to allocate memory. This causes an oops. Fix this - up by returning an error code in the null case. - - This is trivially triggered from unprivileged userspace through the - AF_ALG interface by simply writing to the socket without setting a key. - - The ghash_final function has a similar issue, but triggering it requires - a memory allocation failure in ghash_setkey _after_ at least one - successful call to ghash_update. - - BUG: unable to handle kernel NULL pointer dereference at 00000670 - IP: [] gf128mul_4k_lle+0x23/0x60 [gf128mul] - *pde = 00000000 - Oops: 0000 [#1] PREEMPT SMP - Modules linked in: ghash_generic gf128mul algif_hash af_alg nfs lockd nfs_acl sunrpc bridge ipv6 stp llc - - Pid: 1502, comm: hashatron Tainted: G W 3.1.0-rc9-00085-ge9308cf #32 Bochs Bochs - EIP: 0060:[] EFLAGS: 00000202 CPU: 0 - EIP is at gf128mul_4k_lle+0x23/0x60 [gf128mul] - EAX: d69db1f0 EBX: d6b8ddac ECX: 00000004 EDX: 00000000 - ESI: 00000670 EDI: d6b8ddac EBP: d6b8ddc8 ESP: d6b8dda4 - DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 - Process hashatron (pid: 1502, ti=d6b8c000 task=d6810000 task.ti=d6b8c000) - Stack: - 00000000 d69db1f0 00000163 00000000 d6b8ddc8 c101a520 d69db1f0 d52aa000 - 00000ff0 d6b8dde8 d88d310f d6b8a3f8 d52aa000 00001000 d88d502c d6b8ddfc - 00001000 d6b8ddf4 c11676ed d69db1e8 d6b8de24 c11679ad d52aa000 00000000 - Call Trace: - [] ? kmap_atomic_prot+0x37/0xa6 - [] ghash_update+0x85/0xbe [ghash_generic] - [] crypto_shash_update+0x18/0x1b - [] shash_ahash_update+0x22/0x36 - [] shash_async_update+0xb/0xd - [] hash_sendpage+0xba/0xf2 [algif_hash] - [] kernel_sendpage+0x39/0x4e - [] ? 0xd88cdfff - [] sock_sendpage+0x37/0x3e - [] ? kernel_sendpage+0x4e/0x4e - [] pipe_to_sendpage+0x56/0x61 - [] splice_from_pipe_feed+0x58/0xcd - [] ? splice_from_pipe_begin+0x10/0x10 - [] __splice_from_pipe+0x36/0x55 - [] ? splice_from_pipe_begin+0x10/0x10 - [] splice_from_pipe+0x51/0x64 - [] ? default_file_splice_write+0x2c/0x2c - [] generic_splice_sendpage+0x13/0x15 - [] ? splice_from_pipe_begin+0x10/0x10 - [] do_splice_from+0x5d/0x67 - [] sys_splice+0x2bf/0x363 - [] ? sysenter_exit+0xf/0x16 - [] ? trace_hardirqs_on_caller+0x10e/0x13f - [] sysenter_do_call+0x12/0x32 - Code: 83 c4 0c 5b 5e 5f c9 c3 55 b9 04 00 00 00 89 e5 57 8d 7d e4 56 53 8d 5d e4 83 ec 18 89 45 e0 89 55 dc 0f b6 70 0f c1 e6 04 01 d6 a5 be 0f 00 00 00 4e 89 d8 e8 48 ff ff ff 8b 45 e0 89 da 0f - EIP: [] gf128mul_4k_lle+0x23/0x60 [gf128mul] SS:ESP 0068:d6b8dda4 - CR2: 0000000000000670 - ---[ end trace 4eaa2a86a8e2da24 ]--- - note: hashatron[1502] exited with preempt_count 1 - BUG: scheduling while atomic: hashatron/1502/0x10000002 - INFO: lockdep is turned off. - [...] - - Signed-off-by: Nick Bowler - Cc: stable@kernel.org [2.6.37+] - Signed-off-by: Herbert Xu - -commit fd11e153b82ad1c84ccc71ba1cfedc222465198c -Merge: 505f48b aad4564 -Author: Linus Torvalds -Date: Thu Oct 20 22:16:28 2011 +0300 - - Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc - - * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc: - sparc: Add alignment flag to PCI expansion resources - sparc: Avoid calling sigprocmask() - sparc: Use set_current_blocked() - sparc32,leon: SRMMU MMU Table probe fix - -commit 505f48b53478d3816d1f3b001815703cfd7afa09 -Merge: 486cf46 afaef73 -Author: Linus Torvalds -Date: Thu Oct 20 22:15:20 2011 +0300 - - Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net - - * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: - fib_rules: fix unresolved_rules counting - r8169: fix wrong eee setting for rlt8111evl - r8169: fix driver shutdown WoL regression. - ehea: Change maintainer to me - pptp: pptp_rcv_core() misses pskb_may_pull() call - tproxy: copy transparent flag when creating a time wait - pptp: fix skb leak in pptp_xmit() - bonding: use local function pointer of bond->recv_probe in bond_handle_frame - smsc911x: Add support for SMSC LAN89218 - tg3: negate USE_PHYLIB flag check - netconsole: enable netconsole can make net_device refcnt incorrent - bluetooth: Properly clone LSM attributes to newly created child connections - l2tp: fix a potential skb leak in l2tp_xmit_skb() - bridge: fix hang on removal of bridge via netlink - x25: Prevent skb overreads when checking call user data - x25: Handle undersized/fragmented skbs - x25: Validate incoming call user data lengths - udplite: fast-path computation of checksum coverage - IPVS netns shutdown/startup dead-lock - netfilter: nf_conntrack: fix event flooding in GRE protocol tracker - -commit 486cf46f3f9be5f2a966016c1a8fe01e32cde09e -Author: Hugh Dickins -Date: Wed Oct 19 12:50:35 2011 -0700 - - mm: fix race between mremap and removing migration entry - - I don't usually pay much attention to the stale "? " addresses in - stack backtraces, but this lucky report from Pawel Sikora hints that - mremap's move_ptes() has inadequate locking against page migration. - - 3.0 BUG_ON(!PageLocked(p)) in migration_entry_to_page(): - kernel BUG at include/linux/swapops.h:105! - RIP: 0010:[] [] - migration_entry_wait+0x156/0x160 - [] handle_pte_fault+0xae1/0xaf0 - [] ? __pte_alloc+0x42/0x120 - [] ? do_huge_pmd_anonymous_page+0xab/0x310 - [] handle_mm_fault+0x181/0x310 - [] ? vma_adjust+0x537/0x570 - [] do_page_fault+0x11d/0x4e0 - [] ? do_mremap+0x2d5/0x570 - [] page_fault+0x1f/0x30 - - mremap's down_write of mmap_sem, together with i_mmap_mutex or lock, - and pagetable locks, were good enough before page migration (with its - requirement that every migration entry be found) came in, and enough - while migration always held mmap_sem; but not enough nowadays, when - there's memory hotremove and compaction. - - The danger is that move_ptes() lets a migration entry dodge around - behind remove_migration_pte()'s back, so it's in the old location when - looking at the new, then in the new location when looking at the old. - - Either mremap's move_ptes() must additionally take anon_vma lock(), or - migration's remove_migration_pte() must stop peeking for is_swap_entry() - before it takes pagetable lock. - - Consensus chooses the latter: we prefer to add overhead to migration - than to mremapping, which gets used by JVMs and by exec stack setup. - - Reported-and-tested-by: Paweł Sikora - Signed-off-by: Hugh Dickins - Acked-by: Andrea Arcangeli - Acked-by: Mel Gorman - Cc: stable@vger.kernel.org - Signed-off-by: Linus Torvalds - -commit aad4564498dcb0aad769a79e5e2aa9a661dfb51f -Author: Kjetil Oftedal -Date: Wed Oct 19 16:20:50 2011 -0700 - - sparc: Add alignment flag to PCI expansion resources - - Currently no type of alignment is specified for PCI expansion roms while - parsing the openfirmware tree. This causes calls to pci_map_rom() to fail. - IORESOURCE_SIZEALIGN is the default alignment used for rom resouces in - pci/probe.c, and has been verified to work with various cards on a ultra 10. - - Signed-off-By: Kjetil Oftedal - Signed-off-by: David S. Miller - -commit afaef734e5f0004916d07ecf7d86292cdd00d59b -Author: Yan, Zheng -Date: Mon Oct 17 15:20:28 2011 +0000 - - fib_rules: fix unresolved_rules counting - - we should decrease ops->unresolved_rules when deleting a unresolved rule. - - Signed-off-by: Zheng Yan - Acked-by: Eric Dumazet - Signed-off-by: David S. Miller - -commit 1b23a3e3d1b969e285c57a2d38f3739283ecfb80 -Author: hayeswang -Date: Thu Oct 13 20:14:37 2011 +0000 - - r8169: fix wrong eee setting for rlt8111evl - - Correct the wrong parameter for setting EEE for RTL8111E-VL. - - Signed-off-by: Hayes Wang - Signed-off-by: David S. Miller - -commit 649b3b8c4e8681de443b4dc9e387c3036369e02e -Author: françois romieu -Date: Fri Oct 14 00:57:45 2011 +0000 - - r8169: fix driver shutdown WoL regression. - - Due to commit 92fc43b4159b518f5baae57301f26d770b0834c9 ("r8169: modify the - flow of the hw reset."), rtl8169_hw_reset stomps during driver shutdown on - RxConfig bits which are needed for WOL on some versions of the hardware. - - As these bits were formerly set from the r81{0x, 68}_pll_power_down methods, - factor them out for use in the driver shutdown (rtl_shutdown) handler. - - I favored __rtl8169_get_wol() -hardware state indication- over - RTL_FEATURE_WOL as the latter has become a good candidate for removal. - - Signed-off-by: Francois Romieu - Cc: Hayes - Tested-by: Marc Ballarin - Signed-off-by: David S. Miller - -commit 34b1901abdf8793cd679d0e48012d3d7570f88d6 -Author: Thadeu Lima de Souza Cascardo -Date: Thu Oct 13 09:56:19 2011 +0000 - - ehea: Change maintainer to me - - Breno Leitao has passed the maintainership to me. - - Signed-off-by: Thadeu Lima de Souza Cascardo - Cc: Breno Leitao - Acked-by: Breno Leitão - Signed-off-by: David S. Miller - -commit e4fcd69c9e4e273352e0f87cabd9648606da0c3e -Merge: f91f6cf e58fced -Author: Linus Torvalds -Date: Wed Oct 19 06:44:11 2011 -0700 - - Merge branch 'v4l_for_linus' of git://linuxtv.org/mchehab/for_linus - - * 'v4l_for_linus' of git://linuxtv.org/mchehab/for_linus: - [media] videodev: fix a NULL pointer dereference in v4l2_device_release() - -commit f91f6cfd4f9ea794dc3d0bbd54cb1d29d6ef3843 -Merge: bcd5cff 5a6e848 -Author: Linus Torvalds -Date: Wed Oct 19 06:43:24 2011 -0700 - - Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux - - * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: - drm/radeon/kms/atom: fix handling of FB scratch indices - drm/radeon/kms/DCE4.1: fix Select_CrtcSource EncodeMode setting for DP bridges (v2) - drm/radeon/kms/DCE4.1: ss is not supported on the internal pplls - drm/radeon/kms/DCE4.1: fix dig encoder to transmitter mapping - ttm: Fix error-path using an uninitialized value - -commit e58fced201ad6e6cb673f07499919c3b20792d94 -Author: Antonio Ospite -Date: Wed Oct 12 17:59:26 2011 -0300 - - [media] videodev: fix a NULL pointer dereference in v4l2_device_release() - - The change in 8280b66 does not cover the case when v4l2_dev is already - NULL, fix that. - - With a Kinect sensor, seen as an USB camera using GSPCA in this context, - a NULL pointer dereference BUG can be triggered by just unplugging the - device after the camera driver has been loaded. - - Signed-off-by: Antonio Ospite - Signed-off-by: Mauro Carvalho Chehab - -commit 5a6e8482a16e61250a9121fc9ec719ab0529e760 -Author: Alex Deucher -Date: Tue Oct 18 20:10:05 2011 -0400 - - drm/radeon/kms/atom: fix handling of FB scratch indices - - FB scratch indices are dword indices, but we were treating - them as byte indices. As such, we were getting the wrong - FB scratch data for non-0 indices. Fix the indices and - guard the indexing against indices larger than the scratch - allocation. - - Fixes memory corruption on some boards if data was written - past the end of the FB scratch array. - - Signed-off-by: Alex Deucher - Reported-by: Dave Airlie - Tested-by: Dave Airlie - Cc: stable@kernel.org - Signed-off-by: Dave Airlie - -commit 4ea2739ea89883ddf79980a8aa27d5e57093e464 -Author: Eric Dumazet -Date: Mon Oct 17 17:59:53 2011 +0000 - - pptp: pptp_rcv_core() misses pskb_may_pull() call - - e1000e uses paged frags, so any layer incorrectly pulling bytes from skb - can trigger a BUG in skb_pull() - - [951.142737] [] skb_pull+0x15/0x17 - [951.142737] [] pptp_rcv_core+0x126/0x19a [pptp] - [951.152725] [] sk_receive_skb+0x69/0x105 - [951.163558] [] pptp_rcv+0xc8/0xdc [pptp] - [951.165092] [] gre_rcv+0x62/0x75 [gre] - [951.165092] [] ip_local_deliver_finish+0x150/0x1c1 - [951.177599] [] ? ip_local_deliver_finish+0x0/0x1c1 - [951.177599] [] NF_HOOK.clone.7+0x51/0x58 - [951.177599] [] ip_local_deliver+0x51/0x55 - [951.177599] [] ip_rcv_finish+0x31a/0x33e - [951.177599] [] ? ip_rcv_finish+0x0/0x33e - [951.204898] [] NF_HOOK.clone.7+0x51/0x58 - [951.214651] [] ip_rcv+0x21b/0x246 - - pptp_rcv_core() is a nice example of a function assuming everything it - needs is available in skb head. - - Reported-by: Bradley Peterson - Signed-off-by: Eric Dumazet - Signed-off-by: David S. Miller - -commit 58af19e387d8821927e49be3f467da5e6a0aa8fd -Author: KOVACS Krisztian -Date: Tue Oct 18 10:17:35 2011 +0000 - - tproxy: copy transparent flag when creating a time wait - - The transparent socket option setting was not copied to the time wait - socket when an inet socket was being replaced by a time wait socket. This - broke the --transparent option of the socket match and may have caused - that FIN packets belonging to sockets in FIN_WAIT2 or TIME_WAIT state - were being dropped by the packet filter. - - Signed-off-by: KOVACS Krisztian - Signed-off-by: David S. Miller - -commit 8bae8bd6cb24eecad9fda3e125d36ab9c67d3fd7 -Author: Eric Dumazet -Date: Mon Oct 17 17:01:47 2011 +0000 - - pptp: fix skb leak in pptp_xmit() - - In case we cant transmit skb, we must free it - - Signed-off-by: Eric Dumazet - CC: Dmitry Kozlov - Signed-off-by: David S. Miller - -commit 4d97480b1806e883eb1c7889d4e7a87e936e06d9 -Author: Mitsuo Hayasaka -Date: Wed Oct 12 16:04:29 2011 +0000 - - bonding: use local function pointer of bond->recv_probe in bond_handle_frame - - The bond->recv_probe is called in bond_handle_frame() when - a packet is received, but bond_close() sets it to NULL. So, - a panic occurs when both functions work in parallel. - - Why this happen: - After null pointer check of bond->recv_probe, an sk_buff is - duplicated and bond->recv_probe is called in bond_handle_frame. - So, a panic occurs when bond_close() is called between the - check and call of bond->recv_probe. - - Patch: - This patch uses a local function pointer of bond->recv_probe - in bond_handle_frame(). So, it can avoid the null pointer - dereference. - - Signed-off-by: Mitsuo Hayasaka - Cc: Jay Vosburgh - Cc: Andy Gospodarek - Cc: Eric Dumazet - Cc: WANG Cong - Acked-by: Eric Dumazet - Signed-off-by: David S. Miller - -commit 28c213793c994e4aac5f669ce856b5682a549bbb -Author: Phil Edworthy -Date: Wed Oct 12 02:29:39 2011 +0000 - - smsc911x: Add support for SMSC LAN89218 - - LAN89218 is register compatible with LAN911x. - - Signed-off-by: Phil Edworthy - Signed-off-by: David S. Miller - -commit e730c82347b9dc75914da998c44c3f348965db41 -Author: Jiri Pirko -Date: Tue Oct 11 23:00:41 2011 +0000 - - tg3: negate USE_PHYLIB flag check - - USE_PHYLIB flag in tg3_remove_one() is being checked incorrectly. This - results tg3_phy_fini->phy_disconnect is never called and when tg3 module - is removed. - - In my case this resulted in panics in phy_state_machine calling function - phydev->adjust_link. - - So correct this check. - - Signed-off-by: Jiri Pirko - Acked-by: Matt Carlson - Signed-off-by: David S. Miller - -commit d5123480b1d6f7d1a5fe1a13520cef88fb5d4c84 -Author: Gao feng -Date: Tue Oct 11 16:08:11 2011 +0000 - - netconsole: enable netconsole can make net_device refcnt incorrent - - There is no check if netconsole is enabled current. - so when exec echo 1 > enabled; - the reference of net_device will increment always. - - Signed-off-by: Gao feng - Acked-by: Flavio Leitner - Signed-off-by: David S. Miller - -commit 6230c9b4f8957c8938ee4cf2d03166d3c2dc89de -Author: Paul Moore -Date: Fri Oct 7 09:40:59 2011 +0000 - - bluetooth: Properly clone LSM attributes to newly created child connections - - The Bluetooth stack has internal connection handlers for all of the various - Bluetooth protocols, and unfortunately, they are currently lacking the LSM - hooks found in the core network stack's connection handlers. I say - unfortunately, because this can cause problems for users who have have an - LSM enabled and are using certain Bluetooth devices. See one problem - report below: - - * http://bugzilla.redhat.com/show_bug.cgi?id=741703 - - In order to keep things simple at this point in time, this patch fixes the - problem by cloning the parent socket's LSM attributes to the newly created - child socket. If we decide we need a more elaborate LSM marking mechanism - for Bluetooth (I somewhat doubt this) we can always revisit this decision - in the future. - - Reported-by: James M. Cape - Signed-off-by: Paul Moore - Acked-by: James Morris - Signed-off-by: David S. Miller - -commit 835acf5da239b91edb9f7ebe36516999e156e6ee -Author: Eric Dumazet -Date: Fri Oct 7 05:35:46 2011 +0000 - - l2tp: fix a potential skb leak in l2tp_xmit_skb() - - l2tp_xmit_skb() can leak one skb if skb_cow_head() returns an error. - - Signed-off-by: Eric Dumazet - Signed-off-by: David S. Miller - -commit 1ce5cce895309862d2c35d922816adebe094fe4a -Author: stephen hemminger -Date: Thu Oct 6 11:19:41 2011 +0000 - - bridge: fix hang on removal of bridge via netlink - - Need to cleanup bridge device timers and ports when being bridge - device is being removed via netlink. - - This fixes the problem of observed when doing: - ip link add br0 type bridge - ip link set dev eth1 master br0 - ip link set br0 up - ip link del br0 - - which would cause br0 to hang in unregister_netdev because - of leftover reference count. - - Reported-by: Sridhar Samudrala - Signed-off-by: Stephen Hemminger - Acked-by: Sridhar Samudrala - Signed-off-by: David S. Miller - -commit bcd5cff7216f9b2de0a148cc355eac199dc6f1cf -Author: Peter Zijlstra -Date: Mon Oct 17 11:50:30 2011 +0200 - - cputimer: Cure lock inversion - - There's a lock inversion between the cputimer->lock and rq->lock; - notably the two callchains involved are: - - update_rlimit_cpu() - sighand->siglock - set_process_cpu_timer() - cpu_timer_sample_group() - thread_group_cputimer() - cputimer->lock - thread_group_cputime() - task_sched_runtime() - ->pi_lock - rq->lock - - scheduler_tick() - rq->lock - task_tick_fair() - update_curr() - account_group_exec() - cputimer->lock - - Where the first one is enabling a CLOCK_PROCESS_CPUTIME_ID timer, and - the second one is keeping up-to-date. - - This problem was introduced by e8abccb7193 ("posix-cpu-timers: Cure - SMP accounting oddities"). - - Cure the problem by removing the cputimer->lock and rq->lock nesting, - this leaves concurrent enablers doing duplicate work, but the time - wasted should be on the same order otherwise wasted spinning on the - lock and the greater-than assignment filter should ensure we preserve - monotonicity. - - Reported-by: Dave Jones - Reported-by: Simon Kirby - Signed-off-by: Peter Zijlstra - Cc: stable@kernel.org - Cc: Linus Torvalds - Cc: Martin Schwidefsky - Link: http://lkml.kernel.org/r/1318928713.21167.4.camel@twins - Signed-off-by: Thomas Gleixner - -commit a4863ca93ccc52a83e7fbfc068b411b7faa03805 -Author: Alex Deucher -Date: Wed Oct 12 18:49:53 2011 -0400 - - drm/radeon/kms/DCE4.1: fix Select_CrtcSource EncodeMode setting for DP bridges (v2) - - Settings in this table reflect the physical panel/connector rather - than the internal dig encoding. - - v2: fix typo for DRM_MODE_CONNECTOR_VGA case. - - Signed-off-by: Alex Deucher - Signed-off-by: Dave Airlie - -commit 09cc6506f9e234b2ead60398ebb88c4b44421a93 -Author: Alex Deucher -Date: Wed Oct 12 18:44:33 2011 -0400 - - drm/radeon/kms/DCE4.1: ss is not supported on the internal pplls - - It's handled via external clock. It should already be protected - by the external ss flag, but add an explicit check just in case. - - Signed-off-by: Alex Deucher - Signed-off-by: Dave Airlie - -commit 3a6dea31453a101bd5e9e9c89a79f4fcb6b0342e -Author: Alex Deucher -Date: Wed Oct 12 18:44:32 2011 -0400 - - drm/radeon/kms/DCE4.1: fix dig encoder to transmitter mapping - - llano has fully routeable dig encoders similar to DCE3.2 while - ontario has a hardcoded mapping similar to DCE4.0. - - Signed-off-by: Alex Deucher - Signed-off-by: Dave Airlie - -commit ca201c096269ee2d40037fea96a59fd0695888c4 -Author: Daniel Suchy -Date: Tue Oct 18 11:09:44 2011 +0200 - - ALSA: HDA: conexant support for Lenovo T520/W520 - - This is patch for Conexant codec of Intel HDA driver, adding new quirk - for Lenovo Thinkpad T520 and W520. Conexant autodetection works fine for - T520 (similar subsystem ID is used also in W520 model) and detects more - mixer features compared to generic (fallback) Lenovo quirk with - hardcoded options in Conexant codec. - - Patch was activelly tested with Linux 3.0.4, 3.0.6 and 3.0.7 without any - problems. - - Signed-off-by: Daniel Suchy - Cc: [3.0+] - Signed-off-by: Takashi Iwai - -commit 051a8cb6550d917225ead1cd008b5966350f6d53 -Author: Takashi Iwai -Date: Tue Oct 18 10:44:05 2011 +0200 - - ALSA: hda - Add position_fix quirk for Dell Inspiron 1010 - - The previous fix for the position-buffer check gives yet another - regression on a Dell laptop. The safest fix right now is to add a - static quirk for this device (and better to apply it for stable - kernels too). - - Reported-by: Éric Piel - Cc: - Signed-off-by: Takashi Iwai - -commit e22469ca88a8f1f6fe47adbf5e5ce0906aec07cd -Author: Thomas Hellstrom -Date: Mon Oct 17 13:27:34 2011 +0200 - - ttm: Fix error-path using an uninitialized value - - Pointed out by Michel Daenzer. - - Signed-off-by: Thomas Hellstrom - Signed-off-by: Dave Airlie - -commit ae2a4583154a5b985ed4a81c6259c55bafe6d810 -Merge: 7f81e25 ae1d48b -Author: David S. Miller -Date: Mon Oct 17 19:38:03 2011 -0400 - - Merge branch 'nf' of git://1984.lsi.us.es/net - -commit 7f81e25befdfb3272345a2e775f520e1d515fa20 -Author: Matthew Daley -Date: Fri Oct 14 18:45:05 2011 +0000 - - x25: Prevent skb overreads when checking call user data - - x25_find_listener does not check that the amount of call user data given - in the skb is big enough in per-socket comparisons, hence buffer - overreads may occur. Fix this by adding a check. - - Signed-off-by: Matthew Daley - Cc: Eric Dumazet - Cc: Andrew Hendry - Cc: stable - Acked-by: Andrew Hendry - Signed-off-by: David S. Miller - -commit cb101ed2c3c7c0224d16953fe77bfb9d6c2cb9df -Author: Matthew Daley -Date: Fri Oct 14 18:45:04 2011 +0000 - - x25: Handle undersized/fragmented skbs - - There are multiple locations in the X.25 packet layer where a skb is - assumed to be of at least a certain size and that all its data is - currently available at skb->data. These assumptions are not checked, - hence buffer overreads may occur. Use pskb_may_pull to check these - minimal size assumptions and ensure that data is available at skb->data - when necessary, as well as use skb_copy_bits where needed. - - Signed-off-by: Matthew Daley - Cc: Eric Dumazet - Cc: Andrew Hendry - Cc: stable - Acked-by: Andrew Hendry - Signed-off-by: David S. Miller - -commit c7fd0d48bde943e228e9c28ce971a22d6a1744c4 -Author: Matthew Daley -Date: Fri Oct 14 18:45:03 2011 +0000 - - x25: Validate incoming call user data lengths - - X.25 call user data is being copied in its entirety from incoming messages - without consideration to the size of the destination buffers, leading to - possible buffer overflows. Validate incoming call user data lengths before - these copies are performed. - - It appears this issue was noticed some time ago, however nothing seemed to - come of it: see http://www.spinics.net/lists/linux-x25/msg00043.html and - commit 8db09f26f912f7c90c764806e804b558da520d4f. - - Signed-off-by: Matthew Daley - Acked-by: Eric Dumazet - Tested-by: Andrew Hendry - Cc: stable - Signed-off-by: David S. Miller - -commit f36c23bb9f822904dacf83a329518d0a5fde7968 -Author: Gerrit Renker -Date: Mon Oct 17 19:07:30 2011 -0400 - - udplite: fast-path computation of checksum coverage - - Commit 903ab86d195cca295379699299c5fc10beba31c7 of 1 March this year ("udp: Add - lockless transmit path") introduced a new fast TX path that broke the checksum - coverage computation of UDP-lite, which so far depended on up->len (only set - if the socket is locked and 0 in the fast path). - - Fixed by providing both fast- and slow-path computation of checksum coverage. - The latter can be removed when UDP(-lite)v6 also uses a lockless transmit path. - - Reported-by: Thomas Volkert - Signed-off-by: Gerrit Renker - Signed-off-by: David S. Miller - -commit 27f20dca01b00eac445e5193565dd185548e7e34 -Author: David S. Miller -Date: Wed Oct 12 12:27:35 2011 -0700 - - sparc: Avoid calling sigprocmask() - - Use set_current_blocked() instead. - - Signed-off-by: David S. Miller - -commit faddf598f0ba98ba329bb83acad51aea40313c2a -Author: Matt Fleming -Date: Thu Aug 11 14:57:02 2011 +0100 - - sparc: Use set_current_blocked() - - As described in e6fa16ab ("signal: sigprocmask() should do - retarget_shared_pending()") the modification of current->blocked is - incorrect as we need to check whether the signal we're about to block - is pending in the shared queue. - - Cc: Oleg Nesterov - Cc: "David S. Miller" - Signed-off-by: Matt Fleming - Signed-off-by: David S. Miller - -commit ae1d48b23d5e79efbcf0cef4f0ebb9742361af59 -Author: Hans Schillstrom -Date: Tue Oct 11 10:54:35 2011 +0900 - - IPVS netns shutdown/startup dead-lock - - ip_vs_mutext is used by both netns shutdown code and startup - and both implicit uses sk_lock-AF_INET mutex. - - cleanup CPU-1 startup CPU-2 - ip_vs_dst_event() ip_vs_genl_set_cmd() - sk_lock-AF_INET __ip_vs_mutex - sk_lock-AF_INET - __ip_vs_mutex - * DEAD LOCK * - - A new mutex placed in ip_vs netns struct called sync_mutex is added. - - Comments from Julian and Simon added. - This patch has been running for more than 3 month now and it seems to work. - - Ver. 3 - IP_VS_SO_GET_DAEMON in do_ip_vs_get_ctl protected by sync_mutex - instead of __ip_vs_mutex as sugested by Julian. - - Signed-off-by: Hans Schillstrom - Acked-by: Julian Anastasov - Signed-off-by: Simon Horman - Signed-off-by: Pablo Neira Ayuso - -commit f22ed71cd60210d2f476986c0266004e4db45f34 -Author: Daniel Hellstrom -Date: Thu Sep 8 03:11:15 2011 +0000 - - sparc32,leon: SRMMU MMU Table probe fix - - The LEON MMU Model (SRMMU) does not implement MMu Table probing - in hardware, instead it is implemented in software. However the - software implementation does not return the PTE as it should which - always results in INVALID entires and the PROM mappings are not - inherited as they should during startup. The following patch - removes the masking of the PTE. - - Signed-off-by: Daniel Hellstrom - Signed-off-by: David S. Miller - -commit 98d9ae841ad620045d653fb05764e4a899f42dbd -Author: Florian Westphal -Date: Fri Sep 30 16:38:29 2011 +0200 - - netfilter: nf_conntrack: fix event flooding in GRE protocol tracker - - GRE connections cause ctnetlink event flood because the ASSURED event - is set for every packet received. - - Reported-by: Denys Fedoryshchenko - Tested-by: Denys Fedoryshchenko - Signed-off-by: Florian Westphal - Signed-off-by: Pablo Neira Ayuso diff --git a/sources b/sources index 2a313cf69..eae38904e 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ 8d43453f8159b2332ad410b19d86a931 linux-3.1.tar.bz2 6693d8c42055f83f5701d9b65d47208a compat-wireless-3.2-rc1-1.tar.bz2 b8b14bdfbf76cfef8e042e7d1a385fca patch-3.1.4.bz2 -cb4154af3daf6279680b808b6affc374 patch-3.1.5-rc1.bz2 +c3b84ad19528dd670288e0b0bad8fdac patch-3.1.5-rc2.bz2