linux-stable.git/drivers/video/console, branch linux-2.6.32.y Linux kernel stable tree fbcon: Bugfix soft cursor detection in Tile Blitting 2011-03-27T18:30:39+00:00 Henry Nestler henry.nestler@gmail.com 2011-02-20T20:50:56+00:00 34d39c53e6857e752a1fe1b14449b11fef3e64cf commit d6244bc0ed0c52a795e6f4dcab3886daf3e74fac upstream. Use mask 0x10 for "soft cursor" detection on in function tile_cursor. (Tile Blitting Operation in framebuffer console). The old mask 0x01 for vc_cursor_type detects CUR_NONE, CUR_LOWER_THIRD and every second mode value as "software cursor". This hides the cursor for these modes (cursor.mode = 0). But, only CUR_NONE or "software cursor" should hide the cursor. See also 0x10 in functions add_softcursor, bit_cursor and cw_cursor. Signed-off-by: Henry Nestler <henry.nestler@gmail.com> Signed-off-by: Paul Mundt <lethal@linux-sh.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
commit d6244bc0ed0c52a795e6f4dcab3886daf3e74fac upstream.

Use mask 0x10 for "soft cursor" detection on in function tile_cursor.
(Tile Blitting Operation in framebuffer console).

The old mask 0x01 for vc_cursor_type detects CUR_NONE, CUR_LOWER_THIRD
and every second mode value as "software cursor". This hides the cursor
for these modes (cursor.mode = 0). But, only CUR_NONE or "software cursor"
should hide the cursor.
See also 0x10 in functions add_softcursor, bit_cursor and cw_cursor.

Signed-off-by: Henry Nestler <henry.nestler@gmail.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
fb: remove fb_save_state() and fb_restore_state operations 2009-11-12T15:25:56+00:00 Krzysztof Helt krzysztof.h1@wp.pl 2009-11-11T22:26:22+00:00 f5c15d0b37ab1cd3969b8ce7828ab41c79f36f77 Remove fb_save_state() and fb_restore_state operations from frame buffer layer. They are used only in two drivers: 1. savagefb - and cause bug #11248 2. uvesafb Usage of these operations is misunderstood in both drivers so kill these operations, fix the bug #11248 and avoid confusion in the future. Tested on Savage 3D/MV card and the patch fixes the bug #11248. The frame buffer layer uses these funtions during switch between graphics and text mode of the console, but these drivers saves state before switching of the frame buffer (in the fb_open) and after releasing it (in the fb_release). This defeats the purpose of these operations. Addresses http://bugzilla.kernel.org/show_bug.cgi?id=11248 Signed-off-by: Krzysztof Helt <krzysztof.h1@wp.pl> Reported-by: Jochen Hein <jochen@jochen.org> Tested-by: Jochen Hein <jochen@jochen.org> Cc: Geert Uytterhoeven <geert@linux-m68k.org> Cc: Michal Januszewski <spock@gentoo.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Remove fb_save_state() and fb_restore_state operations from frame buffer layer.
They are used only in two drivers:
1. savagefb  - and cause bug #11248
2. uvesafb

Usage of these operations is misunderstood in both drivers so kill these
operations, fix the bug #11248 and avoid confusion in the future.

Tested on Savage 3D/MV card and the patch fixes the bug #11248.

The frame buffer layer uses these funtions during switch between graphics
and text mode of the console, but these drivers saves state before
switching of the frame buffer (in the fb_open) and after releasing it (in
the fb_release).  This defeats the purpose of these operations.

Addresses http://bugzilla.kernel.org/show_bug.cgi?id=11248

Signed-off-by: Krzysztof Helt <krzysztof.h1@wp.pl>
Reported-by: Jochen Hein <jochen@jochen.org>
Tested-by: Jochen Hein <jochen@jochen.org>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Michal Januszewski <spock@gentoo.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
vgacon: prevent vgacon_deinit from touching the hardware for inactive consoles. 2009-09-23T14:39:57+00:00 Francisco Jerez currojerez@riseup.net 2009-09-22T23:47:53+00:00 f0c7d2b72ad1a694c0c886a14cc708841181e9bd fbcon makes the (reasonable) assumption that it only needs to program the hardware once, when fbcon_init() is called for the foreground console. This doesn't always play well with vgacon because vgacon_deinit() is only doing its job when the last console it owns is closed (when switching from vgacon to fbcon, that's usually *after* fbcon_init() has set the new mode). Depending on the hardware this can cause the wrong framebuffer location to be scanned out (e.g. reproduced on nv05 with the nouveau framebuffer driver). Signed-off-by: Francisco Jerez <currojerez@riseup.net> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Cc: Krzysztof Helt <krzysztof.h1@poczta.fm> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
fbcon makes the (reasonable) assumption that it only needs to program the
hardware once, when fbcon_init() is called for the foreground console.

This doesn't always play well with vgacon because vgacon_deinit() is only
doing its job when the last console it owns is closed (when switching from
vgacon to fbcon, that's usually *after* fbcon_init() has set the new
mode).

Depending on the hardware this can cause the wrong framebuffer location to
be scanned out (e.g.  reproduced on nv05 with the nouveau framebuffer
driver).

Signed-off-by: Francisco Jerez <currojerez@riseup.net>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Krzysztof Helt <krzysztof.h1@poczta.fm>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fbcon: only unbind from console if successfully registered 2009-09-23T14:39:57+00:00 Ian Armstrong ian@iarmst.demon.co.uk 2009-09-22T23:47:52+00:00 2ddce3fd0acbdc1be684fb5f919ae3d2e9518aac Attempting to unload a framebuffer module calls unregister_framebuffer() which in turn gets fbcon to release it. If fbcon has no framebuffers linked to a console, it will also unbind itself from the console driver. However, if fbcon never registered itself as a console driver, the unbind will fail causing the framebuffer device entry to persist. In most cases this failure will result in an oops when attempting to access the now non-existent device. This patch ensures that the fbcon unbind request will succeed even if a bind was never done. It tracks if a successful bind ever occurred & will only attempt to unbind if needed. If there never was a bind, it simply returns with no error. Signed-off-by: Ian Armstrong <ian@iarmst.demon.co.uk> Cc: Krzysztof Helt <krzysztof.h1@poczta.fm> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Attempting to unload a framebuffer module calls unregister_framebuffer()
which in turn gets fbcon to release it.  If fbcon has no framebuffers
linked to a console, it will also unbind itself from the console driver.
However, if fbcon never registered itself as a console driver, the unbind
will fail causing the framebuffer device entry to persist.  In most cases
this failure will result in an oops when attempting to access the now
non-existent device.

This patch ensures that the fbcon unbind request will succeed even if a
bind was never done.  It tracks if a successful bind ever occurred & will
only attempt to unbind if needed.  If there never was a bind, it simply
returns with no error.

Signed-off-by: Ian Armstrong <ian@iarmst.demon.co.uk>
Cc: Krzysztof Helt <krzysztof.h1@poczta.fm>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fb: do not ignore fb_set_par errors 2009-09-23T14:39:56+00:00 Florian Tobias Schandinat FlorianSchandinat@gmx.de 2009-09-22T23:47:44+00:00 0fcf6ada2b8eb42d132c0846384f1299889609e3 At the moment about half of the framebuffer drivers can return an error code in fb_set_par. Until now it would be silently ignored by fbmem.c and fbcon.c. This patch fixes fbmem.c to return the error code and restore var on error. But it is not clear in which video mode the device is when fb_set_par fails. It would be good and reasonable if it were in the old state but there is no guarantee that this is true for all existing drivers. Additionally print a message if a failing fb_set_par is detected in fbmem.c or fbcon.c. Although most errors should be caught by the previous fb_check_var some errors can't as they are dynamic (memory allocations, ...) and can only be detected while performing the operations which is forbidden in fb_check_var. This patch shouldn't have a negative impact on normal operation as all drivers return 0 on success. The impact in case of error depends heavily on the driver and caller but it's expected to be better than before. Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de> Cc: Krzysztof Helt <krzysztof.h1@poczta.fm> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
At the moment about half of the framebuffer drivers can return an error
code in fb_set_par. Until now it would be silently ignored by fbmem.c
and fbcon.c. This patch fixes fbmem.c to return the error code and
restore var on error.

But it is not clear in which video mode the device is when fb_set_par
fails.  It would be good and reasonable if it were in the old state but
there is no guarantee that this is true for all existing drivers.
Additionally print a message if a failing fb_set_par is detected in
fbmem.c or fbcon.c.

Although most errors should be caught by the previous fb_check_var some
errors can't as they are dynamic (memory allocations, ...) and can only be
detected while performing the operations which is forbidden in
fb_check_var.

This patch shouldn't have a negative impact on normal operation as all
drivers return 0 on success.  The impact in case of error depends heavily
on the driver and caller but it's expected to be better than before.

Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
Cc: Krzysztof Helt <krzysztof.h1@poczta.fm>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
video: console, use DIV_ROUND_UP 2009-09-23T14:39:56+00:00 Jiri Slaby jirislaby@gmail.com 2009-09-22T23:47:41+00:00 9a4a83d2ed83da0c4b45289ca72f10205aa96589 Use DIV_ROUND_UP explicitly instead of manual shifts and adds. It makes the code more readable and consistent (sometimes there were shifts, sometimes divs). There is no change on the assembly level (compilers should do the right job). Signed-off-by: Jiri Slaby <jirislaby@gmail.com> Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com> Cc: Andi Kleen <andi@firstfloor.org> Cc: Krzysztof Helt <krzysztof.h1@poczta.fm> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Use DIV_ROUND_UP explicitly instead of manual shifts and adds.  It makes
the code more readable and consistent (sometimes there were shifts,
sometimes divs).

There is no change on the assembly level (compilers should do the right
job).

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Cc: Andi Kleen <andi@firstfloor.org>
Cc: Krzysztof Helt <krzysztof.h1@poczta.fm>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
drivers/video/console/newport_con.c: fix read outside array bounds 2009-09-23T14:39:56+00:00 Roel Kluin roel.kluin@gmail.com 2009-09-22T23:47:38+00:00 f7a595e98c3140f1271957aa742a6b84407620d4 It reads linetable[] before checking bounds of index, and ARRAY_SIZE is required because linetable[] are unsigned shorts. Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Cc: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
It reads linetable[] before checking bounds of index, and ARRAY_SIZE is
required because linetable[] are unsigned shorts.

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Cc: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
includecheck fix: drivers/video, vgacon.c 2009-09-20T10:31:58+00:00 Jaswinder Singh Rajput jaswinderrajput@gmail.com 2009-09-20T09:58:01+00:00 6d6c971778c5257fc815e1ebe01779fefda6293c fix the following 'make includecheck' warning: drivers/video/console/vgacon.c: linux/slab.h is included more than once. Signed-off-by: Jaswinder Singh Rajput <jaswinderrajput@gmail.com> Cc: Martin Mares <mj@ucw.cz> Cc: mchehab@infradead.org Cc: Sam Ravnborg <sam@ravnborg.org> LKML-Reference: <1247067624.4382.88.camel@ht.satnam> 
fix the following 'make includecheck' warning:

  drivers/video/console/vgacon.c: linux/slab.h is included more than once.

Signed-off-by: Jaswinder Singh Rajput <jaswinderrajput@gmail.com>
Cc: Martin Mares <mj@ucw.cz>
Cc: mchehab@infradead.org
Cc: Sam Ravnborg <sam@ravnborg.org>
LKML-Reference: <1247067624.4382.88.camel@ht.satnam>
sparc: Kill PROM console driver. 2009-09-16T00:04:38+00:00 David S. Miller davem@davemloft.net 2009-09-16T00:04:38+00:00 09d3f3f0e02c8a900d076c302c5c02227f33572d Many years ago when this driver was written, it had a use, but these days it's nothing but trouble and distributions should not enable it in any situation. Pretty much every console device a sparc machine could see has a bonafide real driver, making the PROM console hack unnecessary. If any new device shows up, we should write a driver instead of depending upon this crutch to save us. We've been able to take care of this even when no chip documentation exists (sunxvr500, sunxvr2500) so there are no excuses. Signed-off-by: David S. Miller <davem@davemloft.net> 
Many years ago when this driver was written, it had a use, but these
days it's nothing but trouble and distributions should not enable it
in any situation.

Pretty much every console device a sparc machine could see has a
bonafide real driver, making the PROM console hack unnecessary.

If any new device shows up, we should write a driver instead of
depending upon this crutch to save us.  We've been able to take care
of this even when no chip documentation exists (sunxvr500, sunxvr2500)
so there are no excuses.

Signed-off-by: David S. Miller <davem@davemloft.net>
fbcon: don't use vc_resize() on initialization 2009-08-07T17:39:56+00:00 Johannes Weiner hannes@cmpxchg.org 2009-08-06T22:07:36+00:00 0035fe00f77d2b0a1a2d001f7442136d1ec5aefa Catalin and kmemleak spotted a leak of a VC screen buffer in vc_allocate() due to the following chain of events: vc_allocate() visual_init(init=1) vc->vc_sw->con_init(init=1) fbcon_init() vc_resize() vc->screen_buf = kmalloc() vc->screen_buf = kmalloc() The common way for the VC drivers is to set the screen dimension parameters manually in the init case and only call vc_resize() for !init - which allocates a screen buffer according to the new dimensions. fbcon instead would do vc_resize() unconditionally and afterwards set the dimensions manually (again) for !init - i.e. completely upside down. The vc_resize() allocated buffer would then get lost by vc_allocate() allocating a fresh one. Use vc_resize() only for actual resizing to close the leak. Set the dimensions manually only in initialization mode to remove the redundant setting in resize mode. The kmemleak trace from Catalin: unreferenced object 0xde158000 (size 12288): comm "Xorg", pid 1439, jiffies 4294961016 hex dump (first 32 bytes): 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . . 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . . backtrace: [<c006f74b>] __save_stack_trace+0x17/0x1c [<c006f81d>] create_object+0xcd/0x188 [<c01f5457>] kmemleak_alloc+0x1b/0x3c [<c006e303>] __kmalloc+0xdb/0xe8 [<c012cc4b>] vc_do_resize+0x73/0x1e0 [<c012cdf1>] vc_resize+0x15/0x18 [<c011afc1>] fbcon_init+0x1f9/0x2b8 [<c0129e87>] visual_init+0x9f/0xdc [<c012aff3>] vc_allocate+0x7f/0xfc [<c012b087>] con_open+0x17/0x80 [<c0120e43>] tty_open+0x1f7/0x2e4 [<c0072fa1>] chrdev_open+0x101/0x118 [<c006ffad>] __dentry_open+0x105/0x1cc [<c00700fd>] nameidata_to_filp+0x2d/0x38 [<c00788cd>] do_filp_open+0x2c1/0x54c [<c006fdff>] do_sys_open+0x3b/0xb4 Reported-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Johannes Weiner <hannes@cmpxchg.org> Tested-by: Catalin Marinas <catalin.marinas@arm.com> Cc: Pekka Enberg <penberg@cs.helsinki.fi> Cc: Krzysztof Helt <krzysztof.h1@poczta.fm> Tested-by: Dave Young <hidave.darkstar@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Catalin and kmemleak spotted a leak of a VC screen buffer in
vc_allocate() due to the following chain of events:

	vc_allocate()
	  visual_init(init=1)
	    vc->vc_sw->con_init(init=1)
              fbcon_init()
	        vc_resize()
	          vc->screen_buf = kmalloc()
	  vc->screen_buf = kmalloc()

The common way for the VC drivers is to set the screen dimension
parameters manually in the init case and only call vc_resize() for
!init - which allocates a screen buffer according to the new
dimensions.

fbcon instead would do vc_resize() unconditionally and afterwards set
the dimensions manually (again) for !init - i.e. completely upside
down.  The vc_resize() allocated buffer would then get lost by
vc_allocate() allocating a fresh one.

Use vc_resize() only for actual resizing to close the leak.

Set the dimensions manually only in initialization mode to remove the
redundant setting in resize mode.

The kmemleak trace from Catalin:

unreferenced object 0xde158000 (size 12288):
  comm "Xorg", pid 1439, jiffies 4294961016
  hex dump (first 32 bytes):
    20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00   . . . . . . . .
    20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00   . . . . . . . .
  backtrace:
    [<c006f74b>] __save_stack_trace+0x17/0x1c
    [<c006f81d>] create_object+0xcd/0x188
    [<c01f5457>] kmemleak_alloc+0x1b/0x3c
    [<c006e303>] __kmalloc+0xdb/0xe8
    [<c012cc4b>] vc_do_resize+0x73/0x1e0
    [<c012cdf1>] vc_resize+0x15/0x18
    [<c011afc1>] fbcon_init+0x1f9/0x2b8
    [<c0129e87>] visual_init+0x9f/0xdc
    [<c012aff3>] vc_allocate+0x7f/0xfc
    [<c012b087>] con_open+0x17/0x80
    [<c0120e43>] tty_open+0x1f7/0x2e4
    [<c0072fa1>] chrdev_open+0x101/0x118
    [<c006ffad>] __dentry_open+0x105/0x1cc
    [<c00700fd>] nameidata_to_filp+0x2d/0x38
    [<c00788cd>] do_filp_open+0x2c1/0x54c
    [<c006fdff>] do_sys_open+0x3b/0xb4

Reported-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Tested-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: Pekka Enberg <penberg@cs.helsinki.fi>
Cc: Krzysztof Helt <krzysztof.h1@poczta.fm>
Tested-by: Dave Young <hidave.darkstar@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>