I am announcing the release of the 2.6.32.41+drm33.17 longterm tree.
This tree is based on 2.6.32 and generally has all of the stable updates
applied. Except those to the DRM subsystem, which was based on 2.6.33 and
took updates from that upstream stable as long as that existed. It will
continue to add patches to the DRM subsystem as long as they are valid
according to the stable update rules (Documentation/stable_kernel_rules.txt).
DRM patches for this tree should be sent to kernel-team@lists.ubuntu.com.
This release contains patches from upstream 2.6.32.41, but dropped any patches
to the DRM subsystem.
The updated 2.6.32.y-drm33.z tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/smb/linux-2.6.32.y-drm33.z.git
and can be browsed through git web via:
http://git.kernel.org/?p=linux/kernel/git/smb/linux-2.6.32.y-drm33.z.git;a=summary
-Stefan
------
* cifs: check for bytes_remaining going to zero in CIFS_SessSetup
* Validate size of EFI GUID partition entries.
* dccp: handle invalid feature options length
* CIFS: Fix memory over bound bug in cifs_parse_mount_options
* Fix time() inconsistencies caused by intermediate xtime_cache values being read
* ehea: fix wrongly reported speed and port
* NET: slip, fix ldisc->open retval
* ne-h8300: Fix regression caused during net_device_ops conversion
* hydra: Fix regression caused during net_device_ops conversion
* libertas: fix cmdpendingq locking
* zorro8390: Fix regression caused during net_device_ops conversion
* cifs: add fallback in is_path_accessible for old servers
* Revert "x86, AMD: Fix APIC timer erratum 400 affecting K8 Rev.A-E processors"
* x86, AMD: Fix ARAT feature setting again
* clocksource: Install completely before selecting
* tick: Clear broadcast active bit when switching to oneshot
* x86, apic: Fix spurious error interrupts triggering on all non-boot APs
* x86, mce, AMD: Fix leaving freed data in a list
* megaraid_sas: Sanity check user supplied length before passing it to dma_alloc_coherent()
* vmxnet3: Fix inconsistent LRO state after initialization
* netxen: Remove references to unified firmware file
* Linux 2.6.32.41
/* As a rule processors have APIC timer running in deep C states */
- if (c->x86 >= 0xf && !cpu_has_amd_erratum(amd_erratum_400))
+ if (c->x86 > 0xf && !cpu_has_amd_erratum(amd_erratum_400))
set_cpu_cap(c, X86_FEATURE_ARAT);
+ h = lvtthmr_init;
/*
* The initial value of thermal LVT entries on all APs always reads
* 0x10000 because APs are woken up by BSP issuing INIT-SIPI-SIPI
* sequence to them and LVT registers are reset to 0s except for
* the mask bits which are set to 1s when APs receive INIT IPI.
- * Always restore the value that BIOS has programmed on AP based on
- * BSP's info we saved since BIOS is always setting the same value
- * for all threads/cores
+ * If BIOS takes over the thermal interrupt and sets its interrupt
+ * delivery mode to SMI (not fixed), it restores the value that the
+ * BIOS has programmed on AP based on BSP's info we saved since BIOS
+ * is always setting the same value for all threads/cores.
*/
- apic_write(APIC_LVTTHMR, lvtthmr_init);
+ if ((h & APIC_DM_FIXED_MASK) != APIC_DM_FIXED)
+ apic_write(APIC_LVTTHMR, lvtthmr_init);
diff --git a/drivers/scsi/megaraid/megaraid_sas.c b/drivers/scsi/megaraid/megaraid_sas.c
index 202fa0f..4709052 100644
--- a/drivers/scsi/megaraid/megaraid_sas.c
+++ b/drivers/scsi/megaraid/megaraid_sas.c
@@ -3072,6 +3072,9 @@ megasas_mgmt_fw_ioctl(struct megasas_instance *instance,
* For each user buffer, create a mirror buffer and copy in
*/
for (i = 0; i < ioc->sge_count; i++) {
+ if (!ioc->sgl[i].iov_len)
+ continue;
+
kbuff_arr[i] = dma_alloc_coherent(&instance->pdev->dev,
ioc->sgl[i].iov_len,
&buf_handle, GFP_KERNEL);
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 7df5937..6234417 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -799,8 +799,7 @@ static int
cifs_parse_mount_options(char *options, const char *devname,
struct smb_vol *vol)
{
- char *value;
- char *data;
+ char *value, *data, *end;
unsigned int temp_len, i, j;
char separator[2];
short int override_uid = -1;
@@ -843,6 +842,7 @@ cifs_parse_mount_options(char *options, const char *devname,
if (!options)
return 1;
+ end = options + strlen(options);
if (strncmp(options, "sep=", 4) == 0) {
if (options[4] != 0) {
separator[0] = options[4];
@@ -907,6 +907,7 @@ cifs_parse_mount_options(char *options, const char *devname,
the only illegal character in a password is null */
/* BB check if Unicode and decode strings */
- if (smb_buf->Flags2 & SMBFLG2_UNICODE) {
+ if (bytes_remaining == 0) {
+ /* no string area to decode, do nothing */
+ } else if (smb_buf->Flags2 & SMBFLG2_UNICODE) {
/* unicode string area must be word-aligned */
if (((unsigned long) bcc_ptr - (unsigned long) smb_buf) % 2) {
++bcc_ptr;
diff --git a/fs/partitions/efi.c b/fs/partitions/efi.c
index 49cfd5f..2aac776 100644
--- a/fs/partitions/efi.c
+++ b/fs/partitions/efi.c
@@ -349,6 +349,12 @@ is_gpt_valid(struct block_device *bdev, u64 lba,
goto fail;
}
+ /* Check that sizeof_partition_entry has the correct value */
+ if (le32_to_cpu((*gpt)->sizeof_partition_entry) != sizeof(gpt_entry)) {
+ pr_debug("GUID Partitition Entry Size check failed.
");
+ goto fail;
+ }
+
if (!(*ptes = alloc_read_gpt_entries(bdev, *gpt)))
goto fail;
diff --git a/kernel/time/clocksource.c b/kernel/time/clocksource.c
index f8b0f96..bf4fe98 100644
--- a/kernel/time/clocksource.c
+++ b/kernel/time/clocksource.c
@@ -561,8 +561,8 @@ int clocksource_register(struct clocksource *cs)
mutex_lock(&clocksource_mutex);
clocksource_enqueue(cs);
- clocksource_select();
clocksource_enqueue_watchdog(cs);
+ clocksource_select();
mutex_unlock(&clocksource_mutex);
return 0;
}
diff --git a/kernel/time/tick-broadcast.c b/kernel/time/tick-broadcast.c
index 49446b1..8917fd3 100644
--- a/kernel/time/tick-broadcast.c
+++ b/kernel/time/tick-broadcast.c
@@ -523,10 +523,11 @@ static void tick_broadcast_init_next_event(struct cpumask *mask,
*/
void tick_broadcast_setup_oneshot(struct clock_event_device *bc)
{
+ int cpu = smp_processor_id();
+
/* Set it up only once ! */
if (bc->event_handler != tick_handle_oneshot_broadcast) {
int was_periodic = bc->mode == CLOCK_EVT_MODE_PERIODIC;
- int cpu = smp_processor_id();
bc->event_handler = tick_handle_oneshot_broadcast;
clockevents_set_mode(bc, CLOCK_EVT_MODE_ONESHOT);
@@ -552,6 +553,15 @@ void tick_broadcast_setup_oneshot(struct clock_event_device *bc)
tick_broadcast_set_event(tick_next_period, 1);
} else
bc->next_event.tv64 = KTIME_MAX;
+ } else {
+ /*
+ * The first cpu which switches to oneshot mode sets
+ * the bit for all other cpus which are in the general
+ * (periodic) broadcast mask. So the bit is set and
+ * would prevent the first broadcast enter after this
+ * to program the bc device.
+ */
+ tick_broadcast_clear_oneshot(cpu);
}
}
diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c
index 26e2f37..f5e362f 100644
--- a/kernel/time/timekeeping.c
+++ b/kernel/time/timekeeping.c
@@ -168,8 +168,15 @@ int __read_mostly timekeeping_suspended;
static struct timespec xtime_cache __attribute__ ((aligned (16)));
void update_xtime_cache(u64 nsec)
{
- xtime_cache = xtime;
- timespec_add_ns(&xtime_cache, nsec);
+ /*
+ * Use temporary variable so get_seconds() cannot catch
+ * an intermediate xtime_cache.tv_sec value.
+ * The ACCESS_ONCE() keeps the compiler from optimizing
+ * out the intermediate value.
+ */
+ struct timespec ts = xtime;
+ timespec_add_ns(&ts, nsec);
+ ACCESS_ONCE(xtime_cache) = ts;
}
/* must hold xtime_lock */
diff --git a/net/dccp/options.c b/net/dccp/options.c
index 1b08cae..b4a853e 100644
--- a/net/dccp/options.c
+++ b/net/dccp/options.c
@@ -131,6 +131,8 @@ int dccp_parse_options(struct sock *sk, struct dccp_request_sock *dreq,
case DCCPO_CHANGE_L ... DCCPO_CONFIRM_R:
if (pkt_type == DCCP_PKT_DATA) /* RFC 4340, 6 */
break;
+ if (len == 0)
+ goto out_invalid_option;
rc = dccp_feat_parse_options(sk, dreq, mandatory, opt,
*value, value + 1, len - 1);
if (rc)
--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Linux 2.6.32.41+drm33.17
