1. 13 Apr, 2008 1 commit
    • Sergei Shtylyov's avatar
      tg3: fix MMIO for PPC 44x platforms · 2de58e30
      Sergei Shtylyov authored
      The driver stores the PCI resource addresses into 'unsigned long' variable
      before calling ioremap_nocache() on them. This warrants kernel oops when the
      registers are accessed on PPC 44x platforms which (being 32-bit) have PCI
      memory space mapped beyond 4 GB.
      
      The arch/ppc/ kernel has a fixup in ioremap() that creates an illusion that
      the PCI memory resource is mapped below 4 GB, but arch/powerpc/ code got rid
      of this trick, having instead CONFIG_RESOURCES_64BIT enabled.
      
      [ Bump driver version and release date -DaveM ]
      Signed-off-by: default avatarSergei Shtylyov <sshtylyov@ru.mvista.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      2de58e30
  2. 12 Apr, 2008 10 commits
  3. 11 Apr, 2008 1 commit
  4. 10 Apr, 2008 1 commit
    • David S. Miller's avatar
      [IPV4]: Fix byte value boundary check in do_ip_getsockopt(). · 951e07c9
      David S. Miller authored
      This fixes kernel bugzilla 10371.
      
      As reported by M.Piechaczek@osmosys.tv, if we try to grab a
      char sized socket option value, as in:
      
        unsigned char ttl = 255;
        socklen_t     len = sizeof(ttl);
        setsockopt(socket, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, &len);
      
        getsockopt(socket, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, &len);
      
      The ttl returned will be wrong on big-endian, and on both little-
      endian and big-endian the next three bytes in userspace are written
      with garbage.
      
      It's because of this test in do_ip_getsockopt():
      
      	if (len < sizeof(int) && len > 0 && val>=0 && val<255) {
      
      It should allow a 'val' of 255 to pass here, but it doesn't so it
      copies a full 'int' back to userspace.
      
      On little-endian that will write the correct value into the location
      but it spams on the next three bytes in userspace.  On big endian it
      writes the wrong value into the location and spams the next three
      bytes.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      951e07c9
  5. 09 Apr, 2008 9 commits
  6. 08 Apr, 2008 10 commits
  7. 04 Apr, 2008 6 commits
  8. 03 Apr, 2008 2 commits
    • Andi Kleen's avatar
      [NET]: srandom32 fixes for networking v2 · 61407f80
      Andi Kleen authored
      - Let it update the state of all CPUs. The network stack goes
      into pains to feed the current IP addresses in, but it is not very
      effective if that is only done for some random CPU instead of all.
      So change it to feed bits into all CPUs.  I decided to do that lockless 
      because well somewhat random results are ok.
      
      v2: Drop rename so that this patch doesn't depend on x86 maintainers
      Signed-off-by: default avatarAndi Kleen <ak@suse.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      61407f80
    • Denis V. Lunev's avatar
      [IPV6]: Fix refcounting for anycast dst entries. · 84f59370
      Denis V. Lunev authored
      Anycast DST entries allocated inside ipv6_dev_ac_inc are leaked when
      network device is stopped without removing IPv6 addresses from it. The
      bug has been observed in the reality on 2.6.18-rhel5 kernel.
      
      In the above case addrconf_ifdown marks all entries as obsolete and
      ip6_del_rt called from __ipv6_dev_ac_dec returns ENOENT. The
      referrence is not dropped.
      
      The fix is simple. DST entry should not keep referrence when stored in
      the FIB6 tree.
      Signed-off-by: default avatarDenis V. Lunev <den@openvz.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      84f59370