Andreas Herrmann [Mon, 13 Jun 2005 11:22:25 +0000 (13:22 +0200)]
[SCSI] zfcp: fix module parameter parsing
From: Heiko Carstens <heiko.carstens@de.ibm.com>
Fixes module parameter parsing for "device" parameter. The original
module parameter was changed while parsing it. This corrupted the
output in sysfs (/sys/module/zfcp/parameters/device).
Signed-off-by: Andreas Herrmann <aherrman@de.ibm.com> Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
Andreas Herrmann [Mon, 13 Jun 2005 11:20:35 +0000 (13:20 +0200)]
[SCSI] zfcp: fix bug during adapter shutdown
Fixes a race between zfcp_fsf_req_dismiss_all and
zfcp_qdio_reqid_check. During adapter shutdown it occurred that a
request was cleaned up twice. First during its normal
completion. Second when dismiss_all was called. The fix is to
serialize access to fsf request list between zfcp_fsf_req_dismiss_all
and zfcp_qdio_reqid_check and delete a fsf request from the list if
its completion is triggered. (Additionally a rwlock was replaced by a
spinlock and fsf_req_cleanup was eliminated.)
Signed-off-by: Andreas Herrmann <aherrman@de.ibm.com> Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
Andreas Herrmann [Mon, 13 Jun 2005 11:18:56 +0000 (13:18 +0200)]
[SCSI] zfcp: fix: problem in send_els_handler when D_ID assignment changes
From: Maxim Shchetynin <maxim@de.ibm.com>
Fixes a bug in zfcp_send_els_handler. If D_ID assignments for ports
are changing between initiation of one ELS request and its completion
the wrong port might be accessed in the completion for that ELS
request. Thus a pointer to the port has to be passed for ELS requests
to identify the port structure if required.
Signed-off-by: Andreas Herrmann <aherrman@de.ibm.com> Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
Andreas Herrmann [Mon, 13 Jun 2005 11:15:15 +0000 (13:15 +0200)]
[SCSI] zfcp: fix: allow more time for adapter initialization
From: Maxim Shchetynin <maxim@de.ibm.com>
Extend the time for adapter initialization: In case of protocol
status HOST_CONNECTION_INITIALIZING for the exchange config data
command do a first retry in 1 second, then double the sleep time for
each following retry until recovery exceeds 2 minutes. The old
behaviour of allowing 6 retries with .5 seconds delay between retries
was insufficient and qdio queues were shut down too erarly.
Signed-off-by: Andreas Herrmann <aherrman@de.ibm.com> Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
Andreas Herrmann [Mon, 13 Jun 2005 11:13:45 +0000 (13:13 +0200)]
[SCSI] zfcp: fix wrong handling of failed requests for GID_PN command
Fixes the handling of failed requests for GID_PN nameserver command:
Set ZFCP_STATUS_PORT_INVALID_WWPN only if indicated by response
payload for GID_PN nameserver command and not if fsf request fails.
Signed-off-by: Andreas Herrmann <aherrman@de.ibm.com> Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
- the eisa layer only probes when it's actually safe, no need for
a driver option
- store the id table directly in linux format instead of convering
at runtime
Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
Patch removes our homegrown DMA masks and uses the ones defined in the kernel.
This patch replaces the broken one I sent in earlier. It has been tested and works. Please discard the first submission.
Signed-off-by: Mike Miller <mike.miller@hp.com> Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
A problem exists todayin the sg driver that if an SG_IO request is
outstanding to a device when it is removed from the system. The
system may oops if that command completes later in time.
1. sg_remove gets called
2. sg_remove calls sg_finish_req_req on all pending requests
This removes the Sg_request's from the headrp list in the Sg_fd
3. The sleeping SG_IO ioctl is woken. It does nothing and returns.
4. The caller closes the fd, which invokes sg_release
5. sg_release calls sg_remove_sfp. It finds no outstanding commands
since the headrp list is empty, so it calls __sg_remove_sfp,
which frees the sfp.
6. Now when sg_cmd_done gets called, sg uses upper_private_data in
the Scsi_Request, which should point to the srp, which has been
freed, so it points to freed memory.
7. sg then dereferences the srp pointer to get the sfp, and we oops.
The fix is to NULL out the upper_private_data field in this path,
which sg_cmd_done already checks for, which will prevent the oops
from occurring.
James Bottomley [Tue, 24 May 2005 22:15:43 +0000 (17:15 -0500)]
[SCSI] aic7xxx: remove separate target and device allocations
Since the aic driver is now taught to speak in terms of the generic
linux devices, we can now also dispense with the transport class get
routines (since we update the parameters when the driver sees they
change) and also plumb it into the spi transport transfer agreement
reporting infrastructure.
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
James Bottomley [Tue, 24 May 2005 21:57:31 +0000 (16:57 -0500)]
[SCSI] allow the HBA to reserve target and device private areas
This patch basically allows any HBA attached to the SPI transport class
to declare an extra area which the mid-layer will allocate as part of
its device and target allocations.
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
[PATCH] timeout at boottime with NEC3500A (and possibly others) when inserted a CD in it
From: Marcello Maggioni <hayarms@gmail.com>
Problem: Some drives (NEC 3500, TDK 1616N, Mad-dog MD-16XDVD9, RICOH
MP5163DA, Memorex DVD9 drive and IO-DATA's too for sure), if a
CD/DVD is inserted into the tray when the system is booted and if
before the OS bootup the BIOS checked for the presence of a bootable
CD/DVD into the drive, during the IDE probe phase the drive may
result busy and remain so for the next 25/30 seconds . This cause the
drive to be skipped during the booting phase and not begin usable
until the next reboot (if the reboot goes well and the drive doesn't
timeout again).
Solution: Rising the timeout time from 10 seconds to 35 seconds
(during these 35 seconds every drive should wake up for sure
according to the tests I've done).
Al Viro [Mon, 16 May 2005 00:59:55 +0000 (01:59 +0100)]
[SCSI] TYPE_RBC cache fixes (sbp2.c affected)
a) TYPE_SDAD renamed to TYPE_RBC and taken to scsi.h
b) in sbp2.c remapping of TYPE_RPB to TYPE_DISK turned off
c) relevant places in midlayer and sd.c taught to accept TYPE_RBC
d) sd.c::sd_read_cache_type() looks into page 6 when dealing with
TYPE_RBC - these guys have writeback cache flag there and are not guaranteed
to have page 8 at all.
e) sd_read_cache_type() got an extra sanity check - it checks that
it got the page it asked for before using its contents. And screams if
mismatch had happened. Rationale: there are broken devices out there that
are "helpful" enough to go for "I don't have a page you've asked for, here,
have another one". For example, PL3507 had been caught doing just that...
f) sbp2 sets sdev->use_10_for_rw and sdev->use_10_for_ms instead
of bothering to remap READ6/WRITE6/MOD_SENSE, so most of the conversions
in there are gone now.
Incidentally, I wonder if USB storage devices that have no
mode page 8 are simply RBC ones. I haven't touched that, but it might
be interesting to check...
Signed-off-by: Al Viro <viro@parcelfarce.linux.theplanet.co.uk> Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
Matthew Wilcox [Fri, 20 May 2005 18:15:43 +0000 (19:15 +0100)]
[SCSI] sym2 version 2.2.1
sym2 version 2.2.1:
- Fix MMIO BAR detection (Thanks to Bob Picco)
- Fix odd-sized transfers with a wide bus (Thanks to Larry Stephens)
- Write posting fixes (Thanks to Thibaut Varene)
- Change one of the GFP_KERNEL allocations back into a GFP_ATOMIC
- Make CCB_BA() return a script-endian address
- Move range checks and disabling of devices from the queuecommand path
to slave_alloc()
- Remove a warning in sym_setup_cdb()
- Keep a pointer to the scsi_target instead of the scsi_dev in the tcb
- Remove a check for the upper layers passing an oversized cmd
- Replace CAM_REQ_ constants with the Linux DID_ constants
- Replace CAM_DIR_ constants with the Linux DMA_ constants
- Inline sym_read_parisc_pdc() on non-parisc systems
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
Stuart Hayes [Thu, 26 May 2005 13:38:45 +0000 (15:38 +0200)]
[PATCH] ide-scsi: kmap scatter/gather before doing PIO
From: Stuart Hayes <Stuart_Hayes@dell.com>
The system can panic with a null pointer dereference using ide-scsi if
PIO is being done on scatter gather pages that are in high memory,
because page_address() returns 0. We are actually seeing this using a
tape drive. This patch will kmap_atomic() the pages before performing
PIO.
[PATCH] convert IDE device drivers to driver-model
* add ide_bus_match() and export ide_bus_type
* split ide_remove_driver_from_hwgroup() out of ide_unregister()
* move device cleanup from ide_unregister() to drive_release_dev()
* convert ide_driver_t->name to driver->name
* convert ide_driver_t->{attach,cleanup} to driver->{probe,remove}
* remove ide_driver_t->busy as ide_bus_type->subsys.rwsem
protects against concurrent ->{probe,remove} calls
* make ide_{un}register_driver() void as it cannot fail now
* use driver_{un}register() directly, remove ide_{un}register_driver()
* use device_register() instead of ata_attach(), remove ata_attach()
* add proc_print_driver() and ide_drivers_show(), remove ide_drivers_op
* fix ide_replace_subdriver() and move it to ide-proc.c
* remove ide_driver_t->drives, ide_drives and drives_lock
* remove ide_driver_t->drivers, drivers and drivers_lock
* remove ide_drive_t->driver and DRIVER() macro
Albert Lee [Thu, 26 May 2005 07:49:42 +0000 (03:49 -0400)]
[PATCH] libata: Fix zero sg_dma_len() on 64-bit platform
When testing ATAPI PIO data transfer on the ppc64 platform, __atapi_pio_bytes() got zero when
sg_dma_len() is used. I checked the <asm-ppc64/scatterlish.h>, the struct scatterlist is defined as:
struct scatterlist {
struct page *page;
unsigned int offset;
unsigned int length;
/* For TCE support */
u32 dma_address;
u32 dma_length;
};
So, if the scatterlist is not DMA mapped, sg_dma_len() will return zero on ppc64.
The same problem should occur on the x86-64 platform.
On the i386 platform, sg_dma_len() returns sg->length, that's why the problem does not occur on an i386.
Changes:
- Use sg->length if the scatterlist is not DMA mapped (yet).
Colin Leroy [Wed, 25 May 2005 19:31:35 +0000 (12:31 -0700)]
[PATCH] therm_adt746x: show correct sensor locations
This patch shows the correct locations of the heat sensors present in iBook
and PowerBooks G4, instead of displaying them as being on CPU and GPU
(which is not always the case).
Signed-off-by: Colin Leroy <colin@colino.net> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Roland Dreier [Wed, 25 May 2005 19:31:29 +0000 (12:31 -0700)]
[PATCH] IB: allow NULL sa_query callbacks
Check if a client passes a NULL callback into an SA query, and if so, never
call back. This fixes an oops if someone unloads ib_ipoib and ib_sa in
rapid succession. ib_ipoib does an MCMember delete with a NULL callback
and 0 timeout on unload, which is usually fine since the delete completes
successfully. However, if ib_sa is unloaded immediately afterwards, the
delete will be canceled and ib_sa will try to call the (now already
unloaded) ib_ipoib module back with the cancel completion, which triggers
the oops.
Signed-off-by: Roland Dreier <roland@topspin.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Alexander Nyberg [Wed, 25 May 2005 19:31:28 +0000 (12:31 -0700)]
[PATCH] x86_64: CONFIG_BUG=n fixes
Fixes some !CONFIG_BUG warnings:
include/asm/mmu_context.h: I funktion `switch_mm':
include/asm/mmu_context.h:57: varning: implicit declaration of function `out_of_line_bug'
Signed-off-by: Alexander Nyberg <alexn@telia.com> Cc: Andi Kleen <ak@muc.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Jens Axboe [Wed, 25 May 2005 15:00:15 +0000 (17:00 +0200)]
[PATCH] relax ide-cd dma restrictions
This has been sitting for a while, and is causing lots of grief for
people burning CDs. It relaxes the dma restriction for ide-cd,
requiring only the length to be 32-byte aligned, address should be fine
at normal double word alignment.
David Woodhouse [Wed, 25 May 2005 08:49:13 +0000 (09:49 +0100)]
[PATCH] Speedtouch resync after lost signal.
There's a bigger Speedtouch update coming your way after 2.6.12 but in
the meantime, let's at least make it automatically resync if the DSL
signal is lost.
Signed-off-by: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Stephen Rothwell [Wed, 25 May 2005 06:29:26 +0000 (16:29 +1000)]
[PATCH] ppc64 iSeries: fix boot time setting
For quite a while, there has existed a hypervisor bug on legacy iSeries
which means that we do not get the boot time set in the kernel. This
patch works around that bug. This was most noticable when the root
partition needed to be checked at every boot as the kernel thought it
was some time in 1905 until user mode reset the time correctly.
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Stephen Rothwell [Wed, 25 May 2005 03:41:26 +0000 (13:41 +1000)]
[PATCH] ppc64: fix initialisation of gettimeofday calculations
On PPC64, we keep track of when we need to update jiffies (and the
variables used to calculate the time of day) based on the time base.
If the time base frequence is sufficiently high compared to the
processor clock frequency, then it is possible for the time of day
variables to be corrupted at the time of the first decrementer interrupt
we take. This became obvious on a legacy iSeries where the time base
frequency is the same as the processor clock.
This one line patch fixes the initialisation so that the time of day
variables and the indicator we use to tell when updates are due are
better synchronised.
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
It may take a little staring to notice, but pte can actually fall off the
end of the pte page in this iteration, which makes life difficult for
kmap_atomic() and the users not expecting it to BUG(). Of course, we're
somewhat lucky in that arithmetic elsewhere in the function guarantees that
at least one iteration is made, lest this force larger rearrangements to be
made. This issue and patch also apply to non-mm mainline and with trivial
adjustments, at least two related kernels.
Discovered during internal testing at Oracle.
Signed-off-by: William Irwin <wli@holomorphy.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Kirill Korotaev [Wed, 25 May 2005 02:29:47 +0000 (19:29 -0700)]
[PATCH] sigkill priority fix
If SIGKILL does not have priority, we cannot instantly kill task before it
makes some unexpected job. It can be critical, but we were unable to
reproduce this easily until Heiko Carstens <Heiko.Carstens@de.ibm.com>
reported this problem on LKML.
Dominik Hackl [Wed, 25 May 2005 02:29:46 +0000 (19:29 -0700)]
[PATCH] voyager_smp.c static inline fix
This patch fixes a compile bug by moving a static inline function to the
right place. The body of a static inline function has to be declared
before the use of this function.
Signed-off-by: Dominik Hackl <dominik@hackl.dhs.org> Cc: James Bottomley <James.Bottomley@steeleye.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
John W. Linville [Wed, 18 May 2005 17:41:33 +0000 (13:41 -0400)]
[PATCH] tulip: add return to ULI526X clause in tulip_mdio_write
The 'if' clause for ULI526X in tulip_mdio_write allows for
spin_unlock_irqrestore to be called twice for tp->mii_lock. I believe
this is caused by the unintentional omission of a return at the end
of that clause. This patch adds that return.
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Kay Sievers [Mon, 23 May 2005 22:50:26 +0000 (15:50 -0700)]
[PATCH] driver core: restore event order for device_add()
As a result of the split of the kobject-registration and the
corresponding hotplug event, the order of events for device_add() has
changed. This restores the old order, cause it confused some userspace
applications.
David S. Miller [Mon, 23 May 2005 22:52:08 +0000 (15:52 -0700)]
[SPARC64]: Add boot option to force UltraSPARC-III P-Cache on.
Older UltraSPARC-III chips have a P-Cache bug that makes us disable it
by default at boot time.
However, this does hurt performance substantially, particularly with
memcpy(), and the bug is _incredibly_ obscure. I have never seen it
triggered in practice, ever.
So provide a "-P" boot option that forces the P-Cache on. It taints
the kernel, so if it does trigger and cause some data corruption or
OOPS, we will find out in the logs that this option was on when it
happened.
Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Mon, 23 May 2005 20:11:07 +0000 (13:11 -0700)]
[IPV6]: Fix xfrm tunnel oops with large packets
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Mon, 23 May 2005 19:36:25 +0000 (12:36 -0700)]
[CRYPTO]: Only reschedule if !in_atomic()
The netlink gfp_any() problem made me double-check the uses of in_softirq()
in crypto/*. It seems to me that we should be checking in_atomic() instead
of in_softirq() in crypto_yield. Otherwise people calling the crypto ops
with spin locks held or preemption disabled will get burnt, right?
Signed-off-by: David S. Miller <davem@davemloft.net>
David S. Miller [Mon, 23 May 2005 19:03:06 +0000 (12:03 -0700)]
[TCP]: Fix stretch ACK performance killer when doing ucopy.
When we are doing ucopy, we try to defer the ACK generation to
cleanup_rbuf(). This works most of the time very well, but if the
ucopy prequeue is large, this ACKing behavior kills performance.
With TSO, it is possible to fill the prequeue so large that by the
time the ACK is sent and gets back to the sender, most of the window
has emptied of data and performance suffers significantly.
This behavior does help in some cases, so we should think about
re-enabling this trick in the future, using some kind of limit in
order to avoid the bug case.
Signed-off-by: David S. Miller <davem@davemloft.net>
The hardware sync of the timebase on SMP G5s uses a black magic
incantation to the i2c clock chip that was inspired from what Darwin
does.
However, this was an earlier version of Darwin that was ... buggy !
heh. This causes the latest models to break though when starting SMP,
so it's worth fixing.
Here's a new version of the incantation based on careful transcription
of the said incantations as found in the latest version of apple's
temple.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
The latest speedbumped Apple G5 models have a "bug" in the Open Firmware
device tree that lacks the proper interrupt routing information for the
northbridge i2c controller. Apple's driver silently falls back into a
sub-optimal "polled" mode (heh, maybe they didn't even notice the bug
because of that :), our driver didn't properly check and crashes :(
This patch fixes our driver to not crash, and adds code to the
prom_init() OF trampoline code that detects the "bug" and adds the
missing information back for this chipset revision. This fixes booting
and thermal control on these models.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] fix for __generic_file_aio_read() to return 0 on EOF
I came across the following problem while running ltp-aiodio testcases from
ltp-full-20050405 on linux-2.6.12-rc3-mm3. I tried running the tests with
EXT3 as well as JFS filesystems.
One or two fsx-linux testcases were hung after some time. These testcases
were hanging at wait_for_all_aios().
Debugging shows that there were some iocbs which were not getting completed
eventhough the last retry for those returned -EIOCBQUEUED. Also all such
pending iocbs represented READ operation.
Further debugging revealed that all such iocbs hit EOF in the DIO layer.
To be more precise, the "pos" from which they were trying to read was
greater than the "size" of the file. So the generic_file_direct_IO
returned 0.
This happens rarely as there is already a check in
__generic_file_aio_read(), for whether "pos" < "size" before calling direct
IO routine.
But for READ, we are taking the inode->i_sem only in the DIO layer. So it
is possible that some other process can change the size of the file before
we take the i_sem. In such a case ( when "pos" > "size"), the
__generic_file_aio_read() would return -EIOCBQUEUED even though there were
no I/O requests submitted by the DIO layer. This would cause the AIO layer
to expect aio_complete() for THE iocb, which doesnot happen. And thus the
test hangs forever, waiting for an I/O completion, where there are no
requests submitted at all.
The following patch makes __generic_file_aio_read() return 0 (instead of
returning -EIOCBQUEUED), on getting 0 from generic_file_direct_IO(), so
that the AIO layer does the aio_complete().
Testing:
I have tested the patch on a SMP machine(with 2 Pentium 4 (HT)) running
linux-2.6.12-rc3-mm3. I ran the ltp-aiodio testcases and none of the
fsx-linux tests hung. Also the aio-stress tests ran without any problem.
Signed-off-by: Suzuki K P <suzuki@in.ibm.com> Signed-off-by: Suparna Bhattacharya <suparna@in.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch fixes a bug introduced by Al Viro's patch: [patch 136/174]
reiserfs endianness: clone struct reiserfs_key
The problem is MAX_KEY and MAX_IN_CORE_KEY defined in this patch do not
look equal from reiserfs comp_key's point of view. This caused reiserfs'
sanity check to complain.
Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Samuel Thibault [Sat, 21 May 2005 15:50:15 +0000 (17:50 +0200)]
[PATCH] spin_unlock_bh() and preempt_check_resched()
In _spin_unlock_bh(lock):
do { \
_raw_spin_unlock(lock); \
preempt_enable(); \
local_bh_enable(); \
__release(lock); \
} while (0)
there is no reason for using preempt_enable() instead of a simple
preempt_enable_no_resched()
Since we know bottom halves are disabled, preempt_schedule() will always
return at once (preempt_count!=0), and hence preempt_check_resched() is
useless here...
This fixes it by using "preempt_enable_no_resched()" instead of the
"preempt_enable()", and thus avoids the useless preempt_check_resched()
just before re-enabling bottom halves.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
David Woodhouse [Sat, 21 May 2005 14:52:23 +0000 (15:52 +0100)]
When we detect that a 16550 was in fact part of a NatSemi SuperIO chip
with high-speed mode enabled, we switch it to high-speed mode so that
baud_base becomes 921600. However, we also need to multiply the baud
divisor by 8 at the same time, in case it's already in use as a console.
Signed-off-by: David Woodhouse Acked-by: Tom Rini Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Pierre Ossman [Sat, 21 May 2005 09:27:02 +0000 (10:27 +0100)]
[PATCH] MMC: Proper MMC command classes support
Defines for the different command classes as defined in the MMC and SD
specifications.
Removes the check for high command classes and instead checks that the
command classes needed are present.
Previous solution killed forward compatibility at no apparent gain.
Andi Kleen [Fri, 20 May 2005 21:27:58 +0000 (14:27 -0700)]
[PATCH] x86_64: Fix 32bit system call restart
The test case at
http://cvs.sourceforge.net/viewcvs.py/posixtest/posixtestsuite/conforman
ce/interfaces/clock_nanosleep/1-5.c fails if it runs as a 32bit process on
x86_86 machines.
The root cause is the sub 32bit process fails to restart the syscall after it
is interrupted by a signal.
The syscall number of sys_restart_syscall in table sys_call_table is
__NR_restart_syscall (219) while it's __NR_ia32_restart_syscall
(0) in ia32_sys_call_table. When regs->rax==(unsigned
long)-ERESTART_RESTARTBLOCK, function do_signal doesn't distinguish if
the process is 64bit or 32bit, and always sets restart syscall number
as __NR_restart_syscall (219).
Andi Kleen [Fri, 20 May 2005 21:27:56 +0000 (14:27 -0700)]
[PATCH] x86_64: Don't allow accesses below register frame in ptrace
There was a "off by one quad word" error in there. I don't think it is
exploitable because it will only store into a unused area, but better to plug
it.
Andi Kleen [Fri, 20 May 2005 21:27:55 +0000 (14:27 -0700)]
[PATCH] x86_64: 386/x86-64 Further AMD dual core fixes
- Remove duplicated ifdef
- Make core_id match what Intel uses
- Initialize phys_proc_id correctly for non DC case
- Handle non power of two core numbers.