- 29 Jun, 2011 3 commits
-
-
Yinglin Luan authored
Function rionet_remove initializes local variable 'ndev' to NULL and do nothing changes before the call to unregister_netdev(ndev), this could cause a NULL pointer dereference. Reported-by:
Jesper Juhl <jj@chaosbits.net> Signed-off-by:
Yinglin Luan <synmyth@gmail.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
David S. Miller authored
They are 64K and result in order-4 allocations, even with SLUB. Therefore, just like we always have for the deflate buffers, use vmalloc. Reported-by:
Martin Jackson <mjackson220.list@gmail.com> Acked-by:
Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by:
-
Julian Anastasov authored
Avoid creating input routes with ip_route_me_harder. It does not work for locally generated packets. Instead, restrict sockets to provide valid saddr for output route (or unicast saddr for transparent proxy). For other traffic allow saddr to be unicast or local but if callers forget to check saddr type use 0 for the output route. The resulting handling should be: - REJECT TCP: - in INPUT we can provide addr_type = RTN_LOCAL but better allow rejecting traffic delivered with local route (no IP address => use RTN_UNSPEC to allow also RTN_UNICAST). - FORWARD: RTN_UNSPEC => allow RTN_LOCAL/RTN_UNICAST saddr, add fix to ignore RTN_BROADCAST and RTN_MULTICAST - OUTPUT: RTN_UNSPEC - NAT, mangle, ip_queue, nf_ip_reroute: RTN_UNSPEC in LOCAL_OUT - IPVS: - use RTN_LOCAL in LOCAL_OUT and FORWARD after SNAT to restrict saddr to be local Signed-off-by:
Julian Anastasov <ja@ssi.bg> Signed-off-by:
-
- 28 Jun, 2011 2 commits
-
-
Steffen Klassert authored
ip_append_data() builds packets based on the mtu from dst_mtu(rt->dst.path). On IPsec the effective mtu is lower because we need to add the protocol headers and trailers later when we do the IPsec transformations. So after the IPsec transformations the packet might be too big, which leads to a slowpath fragmentation then. This patch fixes this by building the packets based on the lower IPsec mtu from dst_mtu(&rt->dst) and adapts the exthdr handling to this. Signed-off-by:
Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by:
-
Steffen Klassert authored
Git commit 59104f06 (ip: take care of last fragment in ip_append_data) added a check to see if we exceed the mtu when we add trailer_len. However, the mtu is already subtracted by the trailer length when the xfrm transfomation bundles are set up. So IPsec packets with mtu size get fragmented, or if the DF bit is set the packets will not be send even though they match the mtu perfectly fine. This patch actually reverts commit 59104f06. Signed-off-by:
-
- 25 Jun, 2011 5 commits
-
-
John (Jay) Hernandez authored
Fixed call to skb_record_rx_queue where we were passing the queue index relative to the adapter when it should have been relative to the net_device. Signed-off-by:
John (Jay) Hernandez <jay@chelsio.com> Signed-off-by:
Divy Le Ray <divy@chelsio.com> Reported-by:
Shawn Bohrer <sbohrer@rgmadvisors.com> Signed-off-by:
-
Herbert Xu authored
The bridge currently floods packets to groups that we have never seen before to all ports. This is not required by RFC4541 and in fact it is not desirable in environment where traffic to unregistered group is always present. This patch changes the behaviour so that we only send traffic to unregistered groups to ports marked as routers. The user can always force flooding behaviour to any given port by marking it as a router. Note that this change does not apply to traffic to 224.0.0.X as traffic to those groups must always be flooded to all ports. Signed-off-by:
-
Ron Mercer authored
Signed-off-by:
Ron Mercer <ron.mercer@qlogic.com> Signed-off-by:
-
Mike Frysinger authored
The socketcan-core lists require subscription, so mark them as such. Signed-off-by:
Mike Frysinger <vapier@gentoo.org> Signed-off-by:
-
Sven Eckelmann authored
I cannot speak on behalf of the batman-adv developers due to conflicts in the opinion about the ongoing development. The batman-adv module is still maintained by Marek Lindner and Simon Wunderlich. Those are the main persons behind the visions of batman-adv. Therefore, the state of module hasn't changed. Signed-off-by:
Sven Eckelmann <sven@narfation.org> Cc: b.a.t.m.a.n@lists.open-mesh.org Signed-off-by:
-
- 24 Jun, 2011 3 commits
-
-
-
John W. Linville authored
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 into for-davem
-
Francois Romieu authored
Signed-off-by:Francois Romieu <romieu@fr.zoreil.com> Cc: Realtek linux nic maintainers <nic_swsd@realtek.com>
-
- 23 Jun, 2011 1 commit
-
-
Dan Carpenter authored
"status" should be an int here for the error handling to work. Signed-off-by:
Dan Carpenter <error27@gmail.com> Signed-off-by:
-
- 22 Jun, 2011 4 commits
-
-
Marius B. Kotsbak authored
-Support for big endian. -Do not use USB buffers at the stack. -Safer/more efficient code for local constants. Signed-off-by:
Marius B. Kotsbak <marius@kotsbak.com> Signed-off-by:
-
Larry Finger authored
In commit 3ac5e26a entitled "rtlwifi: rtl8192c-common: Change common firmware routines for addition of rtl8192se and rtl8192de", the firmware loading code was moved. Unfortunately, some necessary code was dropped for rtl8192cu. The dmesg output shows the following: rtl8192c: Loading firmware file rtlwifi/rtl8192cufw.bin rtl8192c_common:_rtl92c_fw_free_to_go():<0-0> Polling FW ready fail!! REG_MCUFWDL:0x00000006 . rtl8192c_common:rtl92c_download_fw():<0-0> Firmware is not ready to run! In addition, the interface will authenticate and associate, but cannot transfer data. This is reported as Kernel Bug #38012. Signed-off-by:
Larry Finger <Larry.Finger@lwfinger.net> Signed-off-by:
John W. Linville <linville@tuxdriver.com>
-
Xufeng Zhang authored
Consider this scenario: When the size of the first received udp packet is bigger than the receive buffer, MSG_TRUNC bit is set in msg->msg_flags. However, if checksum error happens and this is a blocking socket, it will goto try_again loop to receive the next packet. But if the size of the next udp packet is smaller than receive buffer, MSG_TRUNC flag should not be set, but because MSG_TRUNC bit is not cleared in msg->msg_flags before receive the next packet, MSG_TRUNC is still set, which is wrong. Fix this problem by clearing MSG_TRUNC flag when starting over for a new packet. Signed-off-by:
Xufeng Zhang <xufeng.zhang@windriver.com> Signed-off-by:
Paul Gortmaker <paul.gortmaker@windriver.com> Signed-off-by:
-
Xufeng Zhang authored
udpv6_recvmsg() function is not using the correct variable to determine whether or not the socket is in non-blocking operation, this will lead to unexpected behavior when a UDP checksum error occurs. Consider a non-blocking udp receive scenario: when udpv6_recvmsg() is called by sock_common_recvmsg(), MSG_DONTWAIT bit of flags variable in udpv6_recvmsg() is cleared by "flags & ~MSG_DONTWAIT" in this call: err = sk->sk_prot->recvmsg(iocb, sk, msg, size, flags & MSG_DONTWAIT, flags & ~MSG_DONTWAIT, &addr_len); i.e. with udpv6_recvmsg() getting these values: int noblock = flags & MSG_DONTWAIT int flags = flags & ~MSG_DONTWAIT So, when udp checksum error occurs, the execution will go to csum_copy_err, and then the problem happens: csum_copy_err: ............... if (flags & MSG_DONTWAIT) return -EAGAIN; goto try_again; ............... But it will always go to try_again as MSG_DONTWAIT has been cleared from flags at call time -- only noblock contains the original value of MSG_DONTWAIT, so the test should be: if (noblock) return -EAGAIN; This is also consistent with what the ipv4/udp code does. Signed-off-by:
-
- 21 Jun, 2011 8 commits
-
-
Randy Dunlap authored
When NETCONSOLE_DYNAMIC=y and CONFIGFS_FS=m, there are build errors in netconsole: drivers/built-in.o: In function `drop_netconsole_target': netconsole.c:(.text+0x1a100f): undefined reference to `config_item_put' drivers/built-in.o: In function `make_netconsole_target': netconsole.c:(.text+0x1a10b9): undefined reference to `config_item_init_type_name' drivers/built-in.o: In function `write_msg': netconsole.c:(.text+0x1a11a4): undefined reference to `config_item_get' netconsole.c:(.text+0x1a1211): undefined reference to `config_item_put' drivers/built-in.o: In function `netconsole_netdev_event': netconsole.c:(.text+0x1a12cc): undefined reference to `config_item_put' netconsole.c:(.text+0x1a12ec): undefined reference to `config_item_get' netconsole.c:(.text+0x1a1366): undefined reference to `config_item_put' drivers/built-in.o: In function `init_netconsole': netconsole.c:(.init.text+0x953a): undefined reference to `config_group_init' netconsole.c:(.init.text+0x9560): undefined reference to `configfs_register_subsystem' drivers/built-in.o: In function `dynamic_netconsole_exit': netconsole.c:(.exit.text+0x809): undefined reference to `configfs_unregister_subsystem' so fix the NETCONSOLE_DYNAMIC depends clause to prevent this. Based on email suggestion from Ben Hutchings. Thanks. Fixes https://bugzilla.kernel.org/show_bug.cgi?id=37992Reported-by:
David Hill <hilld@binarystorm.net> Signed-off-by:
Randy Dunlap <randy.dunlap@oracle.com> Cc: Ben Hutchings <bhutchings@solarflare.com> Signed-off-by:
-
Linus Torvalds authored
-
Linus Torvalds authored
Commit 13e12d14 ("vfs: reorganize 'struct inode' layout a bit") moved things around a bit changed i_state to be unsigned int instead of unsigned long. That was to help structure layout for the 64-bit case, and shrink 'struct inode' a bit (admittedly that only happened when spinlock debugging was on and i_flags didn't pack with i_lock). However, Meelis Roos reports that this results in unaligned exceptions on sprc, and it turns out that the bit-locking primitives that we use for the I_NEW bit want to use the bitops. Which want 'unsigned long', not 'unsigned int'. We really should fix the bit locking code to not have that kind of requirement, but that's a much bigger change. So for now, revert that field back to 'unsigned long' (but keep the other re-ordering changes from the commit that caused this). Andi points out that we have played games with this in 'struct page', so it's solvable with other hacks too, but since right now the struct inode size advantage only happens with some rare config options, it's not worth fighting. It _would_ be worth fixing the bitlocking code, though. Especially since there is no type safety in the bitlocking code (this never caused any warnings, and worked fine on x86-64, because the bitlocks take a 'void *' and x86-64 doesn't care that deeply about alignment). So it's currently a very easy problem to trigger by mistake and never notice. Reported-by:
Meelis Roos <mroos@linux.ee> Cc: Andi Kleen <andi@firstfloor.org> Cc: David Miller <davem@davemloft.net> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6Linus Torvalds authored
* 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6: drm/radeon/kms/r6xx+: voltage fixes drm/nouveau: drop leftover debugging drm/radeon: avoid warnings from r600/eg irq handlers on powered off card. drm/radeon/kms: add missing param for dce3.2 DP transmitter setup drm/radeon/kms/atom: fix duallink on some early DCE3.2 cards drm/nouveau: fix assumption that semaphore dmaobj is valid in x-chan sync drm/nv50/disp: fix gamma with page flipping overlay turned on drm/nouveau/pm: Prevent overflow in nouveau_perf_init() drm/nouveau: fix big-endian switch
-
git://codeaurora.org/quic/kernel/davidb/linux-msmLinus Torvalds authored
* 'msm-fix' of git://codeaurora.org/quic/kernel/davidb/linux-msm: msm: timer: Fix DGT rate on 8960 and 8660 msm: timer: compensate for timer shift in msm_read_timer_count msm: timer: Fix SMP build error
-
git://linux-nfs.org/~bfields/linuxLinus Torvalds authored
* 'for-2.6.40' of git://linux-nfs.org/~bfields/linux: nfsd4: fix break_lease flags on nfsd open nfsd: link returns nfserr_delay when breaking lease nfsd: v4 support requires CRYPTO nfsd: fix dependency of nfsd on auth_rpcgss
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (40 commits) pxa168_eth: fix race in transmit path. ipv4, ping: Remove duplicate icmp.h include netxen: fix race in skb->len access sgi-xp: fix a use after free hp100: fix an skb->len race netpoll: copy dev name of slaves to struct netpoll ipv4: fix multicast losses r8169: fix static initializers. inet_diag: fix inet_diag_bc_audit() gigaset: call module_put before restart of if_open() farsync: add module_put to error path in fst_open() net: rfs: enable RFS before first data packet is received fs_enet: fix freescale FCC ethernet dp buffer alignment netdev: bfin_mac: fix memory leak when freeing dma descriptors vlan: don't call ndo_vlan_rx_register on hardware that doesn't have vlan support caif: Bugfix - XOFF removed channel from caif-mux tun: teach the tun/tap driver to support netpoll dp83640: drop PHY status frames in the driver. dp83640: fix phy status frame event parsing phylib: Allow BCM63XX PHY to be selected only on BCM63XX. ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: devcgroup_inode_permission: take "is it a device node" checks to inlined wrapper fix comment in generic_permission() kill obsolete comment for follow_down() proc_sys_permission() is OK in RCU mode reiserfs_permission() doesn't need to bail out in RCU mode proc_fd_permission() is doesn't need to bail out in RCU mode nilfs2_permission() doesn't need to bail out in RCU mode logfs doesn't need ->permission() at all coda_ioctl_permission() is safe in RCU mode cifs_permission() doesn't need to bail out in RCU mode bad_inode_permission() is safe from RCU mode ubifs: dereferencing an ERR_PTR in ubifs_mount()
-
- 20 Jun, 2011 14 commits
-
-
Alex Deucher authored
0xff01 is not an actual voltage value, but a flag for the driver. If the power state as that value, skip setting the voltage. Signed-off-by:
Alex Deucher <alexdeucher@gmail.com> Signed-off-by:
Dave Airlie <airlied@redhat.com>
-
Stephen Boyd authored
The DGT runs at 27 MHz divided by 4 on 8660 and 8960. Signed-off-by:
Stephen Boyd <sboyd@codeaurora.org> Signed-off-by:
David Brown <davidb@codeaurora.org>
-
Richard Cochran authored
Because the socket buffer is freed in the completion interrupt, it is not safe to access it after submitting it to the hardware. Cc: stable@kernel.org Cc: Sachin Sanap <ssanap@marvell.com> Cc: Zhangfei Gao <zgao6@marvell.com> Cc: Philip Rakity <prakity@marvell.com> Signed-off-by:
Richard Cochran <richard.cochran@omicron.at> Acked-by:
Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by:
-
Jesper Juhl authored
Remove the duplicate inclusion of net/icmp.h from net/ipv4/ping.c Signed-off-by:
-
Eric Dumazet authored
As soon as skb is given to hardware, TX completion can free skb under us. Therefore, we should update dev stats before kicking the device. Signed-off-by:
-
Larry Finger authored
There are two devices with PCI ID 0x10ec:0x8192, namely RTL8192E and RTL8192SE. The method of distinguishing them is by the revision ID at offset 0x8 of the PCI configuration space. If the value is 0x10, then the device uses rtl8192se for a driver. Signed-off-by:
-
John W. Linville authored
-
git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xenLinus Torvalds authored
* 'stable/bug.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen: xen/setup: Fix for incorrect xen_extra_mem_start. xen: When calling power_off, don't call the halt function. xen: Fix compile warning when CONFIG_SMP is not defined. xen: support CONFIG_MAXSMP xen: partially revert "xen: set max_pfn_mapped to the last pfn mapped"
-
git://git.kernel.org/pub/scm/linux/kernel/git/dtor/inputLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Input: sh_keysc - 8x8 MODE_6 fix Input: omap-keypad - add missing input_sync() Input: evdev - try to wake up readers only if we have full packet Input: properly assign return value of clamp() macro.
-
git://git.kernel.org/pub/scm/linux/kernel/git/mason/btrfs-unstableLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/btrfs-unstable: Btrfs: avoid delayed metadata items during commits btrfs: fix uninitialized return value btrfs: fix wrong reservation when doing delayed inode operations btrfs: Remove unused sysfs code btrfs: fix dereference of ERR_PTR value Btrfs: fix relocation races Btrfs: set no_trans_join after trying to expand the transaction Btrfs: protect the pending_snapshots list with trans_lock Btrfs: fix path leakage on subvol deletion Btrfs: drop the delalloc_bytes check in shrink_delalloc Btrfs: check the return value from set_anon_super
-
git://git.kernel.org/pub/scm/virt/kvm/kvmLinus Torvalds authored
* 'kvm-updates/3.0' of git://git.kernel.org/pub/scm/virt/kvm/kvm: KVM: Fix register corruption in pvclock_scale_delta KVM: MMU: fix opposite condition in mapping_level_dirty_bitmap KVM: VMX: do not overwrite uptodate vcpu->arch.cr3 on KVM_SET_SREGS KVM: MMU: Fix build warnings in walk_addr_generic()
-
Al Viro authored
inode_permission() calls devcgroup_inode_permission() and almost all such calls are _not_ for device nodes; let's at least keep the common path straight... Signed-off-by:Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
CAP_DAC_OVERRIDE is enough for MAY_EXEC on directory, even if no exec bits are set. Signed-off-by: -
Al Viro authored
Signed-off-by:
-
