- 04 Jan, 2011 1 commit
-
-
Joel Sing authored
The preferred source address is currently ignored for local routes, which results in all local connections having a src address that is the same as the local dst address. Fix this by respecting the preferred source address when it is provided for local routes. This bug can be demonstrated as follows: # ifconfig dummy0 192.168.0.1 # ip route show table local | grep local.*dummy0 local 192.168.0.1 dev dummy0 proto kernel scope host src 192.168.0.1 # ip route change table local local 192.168.0.1 dev dummy0 \ proto kernel scope host src 127.0.0.1 # ip route show table local | grep local.*dummy0 local 192.168.0.1 dev dummy0 proto kernel scope host src 127.0.0.1 We now establish a local connection and verify the source IP address selection: # nc -l 192.168.0.1 3128 & # nc 192.168.0.1 3128 & # netstat -ant | grep 192.168.0.1:3128.*EST tcp 0 0 192.168.0.1:3128 192.168.0.1:33228 ESTABLISHED tcp 0 0 192.168.0.1:33228 192.168.0.1:3128 ESTABLISHED Signed-off-by: Joel Sing <jsing@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 03 Jan, 2011 3 commits
-
-
Florian Westphal authored
commit bf9ae538 (llc: use dev_hard_header) removed the skb_reset_mac_header call from llc_mac_hdr_init. This seems fine itself, but br_send_bpdu() invokes ebtables LOCAL_OUT. We oops in ebt_basic_match() because it assumes eth_hdr(skb) returns a meaningful result. Cc: acme@ghostprotocols.net References: https://bugzilla.kernel.org/show_bug.cgi?id=24532Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tomas Winkler authored
use pskb_may_pull to access ipv6 header correctly for paged skbs It was omitted in the bridge code leading to crash in blind __skb_pull since the skb is cloned undonditionally we also simplify the the exit path this fixes bug https://bugzilla.kernel.org/show_bug.cgi?id=25202 Dec 15 14:36:40 User-PC hostapd: wlan0: STA 00:15:00:60:5d:34 IEEE 802.11: authenticated Dec 15 14:36:40 User-PC hostapd: wlan0: STA 00:15:00:60:5d:34 IEEE 802.11: associated (aid 2) Dec 15 14:36:40 User-PC hostapd: wlan0: STA 00:15:00:60:5d:34 RADIUS: starting accounting session 4D0608A3-00000005 Dec 15 14:36:41 User-PC kernel: [175576.120287] ------------[ cut here ]------------ Dec 15 14:36:41 User-PC kernel: [175576.120452] kernel BUG at include/linux/skbuff.h:1178! Dec 15 14:36:41 User-PC kernel: [175576.120609] invalid opcode: 0000 [#1] SMP Dec 15 14:36:41 User-PC kernel: [175576.120749] last sysfs file: /sys/devices/pci0000:00/0000:00:1f.2/host0/target0:0:0/0:0:0:0/block/sda/uevent Dec 15 14:36:41 User-PC kernel: [175576.121035] Modules linked in: approvals binfmt_misc bridge stp llc parport_pc ppdev arc4 iwlagn snd_hda_codec_realtek iwlcore i915 snd_hda_intel mac80211 joydev snd_hda_codec snd_hwdep snd_pcm snd_seq_midi drm_kms_helper snd_rawmidi drm snd_seq_midi_event snd_seq snd_timer snd_seq_device cfg80211 eeepc_wmi usbhid psmouse intel_agp i2c_algo_bit intel_gtt uvcvideo agpgart videodev sparse_keymap snd shpchp v4l1_compat lp hid video serio_raw soundcore output snd_page_alloc ahci libahci atl1c Dec 15 14:36:41 User-PC kernel: [175576.122712] Dec 15 14:36:41 User-PC kernel: [175576.122769] Pid: 0, comm: kworker/0:0 Tainted: G W 2.6.37-rc5-wl+ #3 1015PE/1016P Dec 15 14:36:41 User-PC kernel: [175576.123012] EIP: 0060:[<f83edd65>] EFLAGS: 00010283 CPU: 1 Dec 15 14:36:41 User-PC kernel: [175576.123193] EIP is at br_multicast_rcv+0xc95/0xe1c [bridge] Dec 15 14:36:41 User-PC kernel: [175576.123362] EAX: 0000001c EBX: f5626318 ECX: 00000000 EDX: 00000000 Dec 15 14:36:41 User-PC kernel: [175576.123550] ESI: ec512262 EDI: f5626180 EBP: f60b5ca0 ESP: f60b5bd8 Dec 15 14:36:41 User-PC kernel: [175576.123737] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 Dec 15 14:36:41 User-PC kernel: [175576.123902] Process kworker/0:0 (pid: 0, ti=f60b4000 task=f60a8000 task.ti=f60b0000) Dec 15 14:36:41 User-PC kernel: [175576.124137] Stack: Dec 15 14:36:41 User-PC kernel: [175576.124181] ec556500 f6d06800 f60b5be8 c01087d8 ec512262 00000030 00000024 f5626180 Dec 15 14:36:41 User-PC kernel: [175576.124181] f572c200 ef463440 f5626300 3affffff f6d06dd0 e60766a4 000000c4 f6d06860 Dec 15 14:36:41 User-PC kernel: [175576.124181] ffffffff ec55652c 00000001 f6d06844 f60b5c64 c0138264 c016e451 c013e47d Dec 15 14:36:41 User-PC kernel: [175576.124181] Call Trace: Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c01087d8>] ? sched_clock+0x8/0x10 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c0138264>] ? enqueue_entity+0x174/0x440 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c016e451>] ? sched_clock_cpu+0x131/0x190 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c013e47d>] ? select_task_rq_fair+0x2ad/0x730 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c0524fc1>] ? nf_iterate+0x71/0x90 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f83e4914>] ? br_handle_frame_finish+0x184/0x220 [bridge] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f83e4790>] ? br_handle_frame_finish+0x0/0x220 [bridge] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f83e46e9>] ? br_handle_frame+0x189/0x230 [bridge] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f83e4790>] ? br_handle_frame_finish+0x0/0x220 [bridge] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f83e4560>] ? br_handle_frame+0x0/0x230 [bridge] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c04ff026>] ? __netif_receive_skb+0x1b6/0x5b0 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c04f7a30>] ? skb_copy_bits+0x110/0x210 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c0503a7f>] ? netif_receive_skb+0x6f/0x80 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f82cb74c>] ? ieee80211_deliver_skb+0x8c/0x1a0 [mac80211] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f82cc836>] ? ieee80211_rx_handlers+0xeb6/0x1aa0 [mac80211] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c04ff1f0>] ? __netif_receive_skb+0x380/0x5b0 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c016e242>] ? sched_clock_local+0xb2/0x190 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c012b688>] ? default_spin_lock_flags+0x8/0x10 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c05d83df>] ? _raw_spin_lock_irqsave+0x2f/0x50 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f82cd621>] ? ieee80211_prepare_and_rx_handle+0x201/0xa90 [mac80211] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f82ce154>] ? ieee80211_rx+0x2a4/0x830 [mac80211] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f815a8d6>] ? iwl_update_stats+0xa6/0x2a0 [iwlcore] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f8499212>] ? iwlagn_rx_reply_rx+0x292/0x3b0 [iwlagn] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c05d83df>] ? _raw_spin_lock_irqsave+0x2f/0x50 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f8483697>] ? iwl_rx_handle+0xe7/0x350 [iwlagn] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<f8486ab7>] ? iwl_irq_tasklet+0xf7/0x5c0 [iwlagn] Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c01aece1>] ? __rcu_process_callbacks+0x201/0x2d0 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c0150d05>] ? tasklet_action+0xc5/0x100 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c0150a07>] ? __do_softirq+0x97/0x1d0 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c05d910c>] ? nmi_stack_correct+0x2f/0x34 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c0150970>] ? __do_softirq+0x0/0x1d0 Dec 15 14:36:41 User-PC kernel: [175576.124181] <IRQ> Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c01508f5>] ? irq_exit+0x65/0x70 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c05df062>] ? do_IRQ+0x52/0xc0 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c01036b0>] ? common_interrupt+0x30/0x38 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c03a1fc2>] ? intel_idle+0xc2/0x160 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c04daebb>] ? cpuidle_idle_call+0x6b/0x100 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c0101dea>] ? cpu_idle+0x8a/0xf0 Dec 15 14:36:41 User-PC kernel: [175576.124181] [<c05d2702>] ? start_secondary+0x1e8/0x1ee Cc: David Miller <davem@davemloft.net> Cc: Johannes Berg <johannes@sipsolutions.net> Cc: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
J. K. Cliburn authored
Commit 3f5a2a71 zeroes out the statistics message block (SMB) and coalescing message block (CMB) when adapter ring resources are freed. This is desirable behavior, but, as a side effect, the commit leads to an oops when atl1_set_ringparam() attempts to alter the number of rx or tx elements in the ring buffer (by using ethtool -G, for example). We don't want SMB or CMB to change during this operation. Modify atl1_set_ringparam() to preserve SMB and CMB when changing ring parameters. Cc: stable@kernel.org Signed-off-by: Jay Cliburn <jcliburn@gmail.com> Reported-by: Tõnu Raitviir <jussuf@linux.ee> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 31 Dec, 2010 6 commits
-
-
Julia Lawall authored
The earlier call to atm_dev_lookup increases the reference count of dev, so decrease it on the way out. The semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // <smpl> @@ expression x, E; constant C; @@ x = atm_dev_lookup(...); ... when != false x != NULL when != true x == NULL when != \(E = x\|x = E\) when != atm_dev_put(dev); *return -C; // </smpl> Signed-off-by: Julia Lawall <julia@diku.dk> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ben Hutchings authored
Commit 56543af9 "starfire: use BUILD_BUG_ON for netdrv_addr_t" revealed that the preprocessor condition used to find the size of dma_addr_t yielded the wrong result for some architectures and configurations. This was kluged for 64-bit PowerPC in commit 3e502e63 by adding yet another case to the condition. However, 64-bit MIPS configurations are not detected reliably either. This should be fixed by using CONFIG_ARCH_DMA_ADDR_T_64BIT, but that isn't yet defined everywhere it should be. Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Sterba authored
Besides -ETIMEDOUT and -EINTR, pci_read_vpd may return other error values like -ENODEV or -EINVAL which are ignored due to the buggy check, but the data are not read from VPD anyway and this is checked subsequently with at most 3 needless loop iterations. This does not show up as a runtime bug. CC: Matt Carlson <mcarlson@broadcom.com> CC: Michael Chan <mchan@broadcom.com> Signed-off-by: David Sterba <dsterba@suse.cz> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jesper Juhl authored
We are leaking memory in drivers/net/cnic.c::cnic_alloc_uio_rings() if either of the calls to dma_alloc_coherent() fail. This patch fixes it by freeing both the memory allocated with kzalloc() and memory allocated with previous calls to dma_alloc_coherent() when there's a failure. Thanks to Joe Perches <joe@perches.com> for suggesting a better implementation than my initial version. Signed-off-by: Jesper Juhl <jj@chaosbits.net> Acked-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jesper Juhl authored
Hi, In drivers/isdn/gigaset/capi.c::do_disconnect_req() we will leak the memory allocated (with kmalloc) to 'b3cmsg' if the call to alloc_skb() fails. ... b3cmsg = kmalloc(sizeof(*b3cmsg), GFP_KERNEL); allocation here ------^ if (!b3cmsg) { dev_err(cs->dev, "%s: out of memory\n", __func__); send_conf(iif, ap, skb, CAPI_MSGOSRESOURCEERR); return; } capi_cmsg_header(b3cmsg, ap->id, CAPI_DISCONNECT_B3, CAPI_IND, ap->nextMessageNumber++, cmsg->adr.adrPLCI | (1 << 16)); b3cmsg->Reason_B3 = CapiProtocolErrorLayer1; b3skb = alloc_skb(CAPI_DISCONNECT_B3_IND_BASELEN, GFP_KERNEL); if (b3skb == NULL) { dev_err(cs->dev, "%s: out of memory\n", __func__); send_conf(iif, ap, skb, CAPI_MSGOSRESOURCEERR); return; leak here ------^ ... This leak is easily fixed by just kfree()'ing the memory allocated to 'b3cmsg' right before we return. The following patch does that. Signed-off-by: Jesper Juhl <jj@chaosbits.net> Acked-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Dan Rosenberg authored
Since the socket address is just being used as a unique identifier, its inode number is an alternative that does not leak potentially sensitive information. CC-ing stable because MITRE has assigned CVE-2010-4565 to the issue. Signed-off-by: Dan Rosenberg <drosenberg@vsecurity.com> Acked-by: Oliver Hartkopp <socketcan@hartkopp.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 28 Dec, 2010 4 commits
-
-
Dan Carpenter authored
The intent here was to test if the allocation failed but we tested "SharedMemSize" instead of "SharedMemAddr" by mistake. Signed-off-by: Dan Carpenter <error27@gmail.com> Reviewed-by: Jiri Pirko <jpirko@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
stephen hemminger authored
Linux would not connect to other router running old version Cisco IOS (12.0). This is most likely a bug in that version of IOS, since it is fixed in later versions. As a workaround this patch allows a module parameter to be set to disable compressing the protocol ID. See: https://bugzilla.vyatta.com/show_bug.cgi?id=3979 RFC 1990 allows an implementation to formulate MP fragments as if protocol compression had been negotiated. This allows us to always send compressed protocol IDs. But some implementations don't accept MP fragments with compressed protocol IDs. This parameter allows us to interoperate with them. The default value of the configurable parameter is the same as the current behavior: protocol compression is enabled. If protocol compression is disabled we will not send compressed protocol IDs. This is based on an earlier patch by Bob Gilligan (using a sysctl). Module parameter is writable to allow for enabling even if ppp is already loaded for other uses. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Acked-by: Eric Dumazet <eric.dumazet@gmail.com> Acked-by: Paul Mackerras <paulus@samba.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Breno Leitao authored
This patch avoids disabling the vlan flags using ethtool. Signed-off-by: Breno Leitao <leitao@linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Dan Williams authored
A race exists when initializing ueagle-atm devices where the generic atm device may not yet be created before the driver attempts to initialize it's PHY signal state, which checks whether the atm device has been created or not. This often causes the sysfs 'carrier' attribute to be '1' even though no signal has actually been found. uea_probe usbatm_usb_probe driver->bind (uea_bind) uea_boot kthread_run(uea_kthread) uea_kthread usbatm_atm_init uea_start_reset atm_dev_register UPDATE_ATM_SIGNAL UPDATE_ATM_SIGNAL checks whether the ATM device has been created and if not, will not update the PHY signal state. Because of the race that does not always happen in time, and the PHY signal state remains ATM_PHY_SIG_FOUND even though no signal exists. To fix the race, just create the kthread during initialization, and only after initialization is complete, start the thread that reboots the device and initializes PHY state. [ 3030.490931] uea_probe: calling usbatm_usb_probe [ 3030.490946] ueagle-atm 8-2:1.0: usbatm_usb_probe: trying driver ueagle-atm with vendor=1110, product=9031, ifnum 0 [ 3030.493691] uea_bind: setting usbatm [ 3030.496932] usb 8-2: [ueagle-atm] using iso mode [ 3030.497283] ueagle-atm 8-2:1.0: usbatm_usb_probe: using 3021 byte buffer for rx channel 0xffff880125953508 <kthread already started before usbatm_usb_probe() has returned> [ 3030.497292] usb 8-2: [ueagle-atm] (re)booting started <UPDATE_ATM_SIGNAL checks whether ATM device has been created yet before setting PHY state> [ 3030.497298] uea_start_reset: atm dev (null) <and since it hasn't been created yet PHY state is not set> [ 3030.497306] ueagle-atm 8-2:1.0: usbatm_usb_probe: using 3392 byte buffer for tx channel 0xffff8801259535b8 [ 3030.497374] usbatm_usb_probe: about to init [ 3030.497379] usbatm_usb_probe: calling usbatm_atm_init <atm device finally gets created> [ 3030.497384] usbatm_atm_init: creating atm device! Signed-off-by: Dan Williams <dcbw@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 26 Dec, 2010 4 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (42 commits) ipv4: dont create routes on down devices epic100: hamachi: yellowfin: Fix skb allocation size sundance: Fix oopses with corrupted skb_shared_info Revert "ipv4: Allow configuring subnets as local addresses" USB: mcs7830: return negative if auto negotiate fails irda: prevent integer underflow in IRLMP_ENUMDEVICES tcp: fix listening_get_next() atl1c: Do not use legacy PCI power management mac80211: fix mesh forwarding MAINTAINERS: email address change net: Fix range checks in tcf_valid_offset(). net_sched: sch_sfq: fix allot handling hostap: remove netif_stop_queue from init mac80211/rt2x00: add ieee80211_tx_status_ni() typhoon: memory corruption in typhoon_get_drvinfo() net: Add USB PID for new MOSCHIP USB ethernet controller MCS7832 variant net_sched: always clone skbs ipv6: Fragment locally generated tunnel-mode IPSec6 packets as needed. netlink: fix gcc -Wconversion compilation warning asix: add USB ID for Logitec LAN-GTJ U2A ...
-
Eric Dumazet authored
In ip_route_output_slow(), instead of allowing a route to be created on a not UPed device, report -ENETUNREACH immediately. # ip tunnel add mode ipip remote 10.16.0.164 local 10.16.0.72 dev eth0 # (Note : tunl1 is down) # ping -I tunl1 10.1.2.3 PING 10.1.2.3 (10.1.2.3) from 192.168.18.5 tunl1: 56(84) bytes of data. (nothing) # ./a.out tunl1 # ip tunnel del tunl1 Message from syslogd@shelby at Dec 22 10:12:08 ... kernel: unregister_netdevice: waiting for tunl1 to become free. Usage count = 3 After patch: # ping -I tunl1 10.1.2.3 connect: Network is unreachable Reported-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Reviewed-by: Octavian Purdila <opurdila@ixiacom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jarek Poplawski authored
Joel Soete reported oopses during pppoe over sundance NIC, caused by a bug in skb allocation and dma mapping code, where skb_reserve() bytes weren't taken into account. As a followup to the patch: "sundance: Fix oopses with corrupted skb_shared_info" very similar code is fixed here for three other drivers. Signed-off-by: Jarek Poplawski <jarkao2@gmail.com> Cc: Joel Soete <soete.joel@scarlet.be> Cc: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jarek Poplawski authored
Joel Soete reported oopses at the beginning of pppoe connections since v2.6.35. After debugging the bug was found in sundance skb allocation and dma mapping code, where skb_reserve() bytes aren't taken into account. This is an old bug, only uncovered by some change in 2.6.35. Initial debugging patch by: Eric Dumazet <eric.dumazet@gmail.com> Reported-by: Joel Soete <soete.joel@scarlet.be> Tested-by: Joel Soete <soete.joel@scarlet.be> Signed-off-by: Jarek Poplawski <jarkao2@gmail.com> Cc: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 24 Dec, 2010 16 commits
-
-
git://git.secretlab.ca/git/linux-2.6Linus Torvalds authored
* 'merge' of git://git.secretlab.ca/git/linux-2.6: spi/mpc52xx-spi: fix annotation for remove()-pointer spi/fsl_espi: fix wrong setting of the address in the command buffer spi/fsl_espi: change the read behaviour of the SPIRF of/i2c: Fix request module by alias powerpc/mpc5200: include fs.h in mpc52xx_gpt.c
-
git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-devLinus Torvalds authored
* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev: libata: issue DIPM enable commands with LPM state updated libata: no special completion processing for EH commands pata_mpc52xx: driver needs BMDMA pata_cs5536: Add support for non-X86_32 platforms libata-sff: fix HSM_ST_ERR handling in __ata_sff_port_intr()
-
git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpuLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu: percpu: print out alloc information with KERN_DEBUG instead of KERN_INFO kthread_work: make lockdep happy
-
git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6: [SCSI] fix up documentation for change in ->queuecommand to lockless calling [SCSI] bfa: rename log_level to bfa_log_level
-
Tejun Heo authored
Low level drivers may behave differently depending on the current link->lpm_policy. During ata_eh_set_lpm(), DIPM enable commands are issued after the successful completion of ap->ops->set_lpm(), which means that the controller is already in the target state. This causes DIPM enable commands to be processed with mismatching controller power state and link->lpm_policy value. In ahci, link->lpm_policy is used to ignore certain PHY events if LPM is enabled; however, as DIPM commands are issued with stale link->lpm_policy, they sometimes end up triggering these conditions and get aborted leading to LPM configuration failure. Fix it by updating link->lpm_policy before issuing DIPM enable commands. Signed-off-by: Tejun Heo <tj@kernel.org> Reported-by: Kyle McMartin <kyle@mcmartin.ca> Cc: stable@kernel.org Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
-
Tejun Heo authored
ata_qc_complete() contains special handling for certain commands. For example, it schedules EH for device revalidation after certain configurations are changed. These shouldn't be applied to EH commands but they were. In most cases, it doesn't cause an actual problem because EH doesn't issue any command which would trigger special handling; however, ACPI can issue such commands via _GTF which can cause weird interactions. Restructure ata_qc_complete() such that EH commands are always passed on to __ata_qc_complete(). stable: Please apply to -stable only after 2.6.38 is released. Signed-off-by: Tejun Heo <tj@kernel.org> Reported-by: Kyle McMartin <kyle@mcmartin.ca> Cc: stable@kernel.org Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
-
Wolfram Sang authored
Found by this build-error if BMDMA is disabled: drivers/ata/pata_mpc52xx.c: In function 'mpc52xx_ata_init_one': drivers/ata/pata_mpc52xx.c:662: error: 'ata_bmdma_interrupt' undeclared (first use in this function) ... Move the Kconfig entry to the proper location as needed since 9a7780c9 (libata-sff: make BMDMA optional) Signed-off-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
-
Wu Zhangjin authored
pata_cs5536 does work on the other platforms(e.g. Loongson, a MIPS variant), so, remove the dependency of X86_32 and fix the building errors under the other platforms via only reserving the X86_32 specific parts for X86_32. pata_amd also supports cs5536 IDE controller, but this one saves about 33k for the compressed kernel image(vmlinuz for MIPS). Signed-off-by: Zhang Le <r0bertz@gentoo.org> Signed-off-by: Chen Jie <chenj@lemote.com> Signed-off-by: Wu Zhangjin <wuzhangjin@gmail.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
-
Tejun Heo authored
While separating out BMDMA irq handler from SFF, commit c3b28894 (libata-sff: separate out BMDMA irq handler) incorrectly made __ata_sff_port_intr() consider an IRQ to be an idle one if the host state was transitioned to HSM_ST_ERR by ata_bmdma_port_intr(). This makes BMDMA drivers ignore IRQs reporting host bus error which leads to timeouts instead of triggering EH immediately. Fix it by making __ata_sff_port_intr() consider the IRQ to be an idle one iff the state is HSM_ST_IDLE. This is equivalent to adding HSM_ST_ERR to the "break"ing case but less error-prone. Signed-off-by: Tejun Heo <tj@kernel.org> Reported-by: Antonio Toma <antonio.toma@gmail.com> Cc: stable@kernel.org Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
-
Wolfram Sang authored
Signed-off-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
-
Mingkai Hu authored
Or else we can't operate on the right address when the trans length is greater than 65535. Signed-off-by: Mingkai Hu <Mingkai.hu@freescale.com> Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
-
Mingkai Hu authored
The user must read N bytes of SPIRF (1 <= N <= 4) that do not exceed the amount of data in the receive FIFO, so read the SPIRF byte by byte when the data in receive FIFO is less than 4 bytes. On Simics, when read N bytes that exceed the amount of data in receive FIFO, we can't read the data out, that is we can't clear the rx FIFO, then the CPU will loop on the espi rx interrupt. Signed-off-by: Mingkai Hu <Mingkai.hu@freescale.com> Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
-
David Daney authored
If we are registering an i2c device that has a device tree node like this real-world example: rtc@68 { compatible = "dallas,ds1337"; reg = <0x68>; }; of_i2c_register_devices() will try to load a module called ds1337.ko. There is no such module, so it will fail. If we look in modules.alias we will find entries like these: . . . alias i2c:ds1339 rtc_ds1307 alias i2c:ds1338 rtc_ds1307 alias i2c:ds1337 rtc_ds1307 alias i2c:ds1307 rtc_ds1307 alias i2c:ds1374 rtc_ds1374 . . . The module we want is really called rtc_ds1307.ko. If we request a module called "i2c:ds1337", the userspace module loader will do the right thing (unless it is busybox) and load rtc_ds1307.ko. So we add the I2C_MODULE_PREFIX to the request_module() string. Signed-off-by: David Daney <ddaney@caviumnetworks.com> Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
-
git://git.kernel.org/pub/scm/linux/kernel/git/jlbec/ocfs2Linus Torvalds authored
* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jlbec/ocfs2: ocfs2: Fix system inodes cache overflow. ocfs2: Hold ip_lock when set/clear flags for indexed dir. ocfs2: Adjust masklog flag values Ocfs2: Teach 'coherency=full' O_DIRECT writes to correctly up_read i_alloc_sem. ocfs2/dlm: Migrate lockres with no locks if it has a reference
-
git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4Linus Torvalds authored
* 'linus-hot-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: ext4: fix on-line resizing regression
-
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6: ALSA: hda - Fix GPIO2-fixup for Sony laptops ALSA: hda - Try to find an empty control index when it's occupied ALSA: hda - Fix conflict of d-mic capture volume controls ALSA: hda - Don't apply ALC269-specific initialization to ALC275 ALSA: hda - Add fix-up for Sony VAIO with ALC275 codecs ALSA: pcm: remember to always call va_end() on stuff that we va_start() ALSA: HDA: Add auto-mute for Thinkpad SL410/SL510
-
- 23 Dec, 2010 6 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6Linus Torvalds authored
* 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6: (21 commits) [media] mceusb: set a default rx timeout [media] mceusb: fix inverted mask inversion logic [media] mceusb: add another Fintek device ID [media] lirc_dev: fixes in lirc_dev_fop_read() [media] lirc_dev: stray unlock in lirc_dev_fop_poll() [media] rc: fix sysfs entry for mceusb and streamzap [media] streamzap: merge timeout space with trailing space [media] mceusb: fix keybouce issue after parser simplification [media] IR: add tv power scancode to rc6 mce keymap [media] mceusb: buffer parsing fixups for 1st-gen device [media] mceusb: fix up reporting of trailing space [media] nuvoton-cir: improve buffer parsing responsiveness [media] mceusb: add support for Conexant Hybrid TV RDU253S [media] s5p-fimc: Fix output DMA handling in S5PV310 IP revisions [media] s5p-fimc: Use correct fourcc code for 32-bit RGB format [media] s5p-fimc: Convert m2m driver to unlocked_ioctl [media] s5p-fimc: Explicitly add required header file [media] s5p-fimc: Fix vidioc_g_crop/cropcap on camera sensor [media] s5p-fimc: BKL lock removal - compilation fix [media] soc-camera: fix static build of the sh_mobile_csi2.c driver ...
-
Linus Torvalds authored
Merge branches 'perf-fixes-for-linus' and 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: perf probe: Fix to support libdwfl older than 0.148 perf tools: Fix lazy wildcard matching perf buildid-list: Fix error return for success perf buildid-cache: Fix symbolic link handling perf symbols: Stop using vmlinux files with no symbols perf probe: Fix use of kernel image path given by 'k' option * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: x86, kexec: Limit the crashkernel address appropriately
-
David Howells authored
In construct_alloc_key(), up_write() is called in the error path if __key_link_begin() fails, but this is incorrect as __key_link_begin() only returns with the nominated keyring locked if it returns successfully. Without this patch, you might see the following in dmesg: ===================================== [ BUG: bad unlock balance detected! ] ------------------------------------- mount.cifs/5769 is trying to release lock (&key->sem) at: [<ffffffff81201159>] request_key_and_link+0x263/0x3fc but there are no more locks to release! other info that might help us debug this: 3 locks held by mount.cifs/5769: #0: (&type->s_umount_key#41/1){+.+.+.}, at: [<ffffffff81131321>] sget+0x278/0x3e7 #1: (&ret_buf->session_mutex){+.+.+.}, at: [<ffffffffa0258e59>] cifs_get_smb_ses+0x35a/0x443 [cifs] #2: (root_key_user.cons_lock){+.+.+.}, at: [<ffffffff81201000>] request_key_and_link+0x10a/0x3fc stack backtrace: Pid: 5769, comm: mount.cifs Not tainted 2.6.37-rc6+ #1 Call Trace: [<ffffffff81201159>] ? request_key_and_link+0x263/0x3fc [<ffffffff81081601>] print_unlock_inbalance_bug+0xca/0xd5 [<ffffffff81083248>] lock_release_non_nested+0xc1/0x263 [<ffffffff81201159>] ? request_key_and_link+0x263/0x3fc [<ffffffff81201159>] ? request_key_and_link+0x263/0x3fc [<ffffffff81083567>] lock_release+0x17d/0x1a4 [<ffffffff81073f45>] up_write+0x23/0x3b [<ffffffff81201159>] request_key_and_link+0x263/0x3fc [<ffffffffa026fe9e>] ? cifs_get_spnego_key+0x61/0x21f [cifs] [<ffffffff812013c5>] request_key+0x41/0x74 [<ffffffffa027003d>] cifs_get_spnego_key+0x200/0x21f [cifs] [<ffffffffa026e296>] CIFS_SessSetup+0x55d/0x1273 [cifs] [<ffffffffa02589e1>] cifs_setup_session+0x90/0x1ae [cifs] [<ffffffffa0258e7e>] cifs_get_smb_ses+0x37f/0x443 [cifs] [<ffffffffa025a9e3>] cifs_mount+0x1aa1/0x23f3 [cifs] [<ffffffff8111fd94>] ? alloc_debug_processing+0xdb/0x120 [<ffffffffa027002c>] ? cifs_get_spnego_key+0x1ef/0x21f [cifs] [<ffffffffa024cc71>] cifs_do_mount+0x165/0x2b3 [cifs] [<ffffffff81130e72>] vfs_kern_mount+0xaf/0x1dc [<ffffffff81131007>] do_kern_mount+0x4d/0xef [<ffffffff811483b9>] do_mount+0x6f4/0x733 [<ffffffff8114861f>] sys_mount+0x88/0xc2 [<ffffffff8100ac42>] system_call_fastpath+0x16/0x1b Reported-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-and-Tested-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Andres Salomon authored
The default for non-READ_BACK GPIO regs is to have the clear bits set; this means that our original errata fix was too simplistic. This changes it to the following behavior: - when setting GPIOs, ignore the higher order bits (they're for clearing, we don't need to care about them). - when clearing GPIOs, keep all the bits, but unset (via XOR) the lower order bit that negates the clear bit that we care about. That is, if we're clearing GPIO 26 (val = 0x04000000), we first XOR what's currently in the register with 0x0400 (GPIO 26's SET bit), and then OR that with the GPIO 26's CLEAR bit. Tested-by: Daniel Drake <dsd@laptop.org> Signed-off-by: Andres Salomon <dilinger@queued.net> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Andres Salomon authored
The edge detect status GPIOs function differently from the other atomic model CS5536 GPIO registers; writing 1 to the high bits clears the GPIO, but writing 1 to the lower bits also clears the bit. This means that read-modify-write doesn't actually work for it, so don't apply the errata here. If a negative edge status gets lost after resume.. well, we tried our best! Tested-by: Daniel Drake <dsd@laptop.org> Signed-off-by: Andres Salomon <dilinger@queued.net> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
David S. Miller authored
This reverts commit 4465b469. Conflicts: net/ipv4/fib_frontend.c As reported by Ben Greear, this causes regressions: > Change 4465b469 caused rules > to stop matching the input device properly because the > FLOWI_FLAG_MATCH_ANY_IIF is always defined in ip_dev_find(). > > This breaks rules such as: > > ip rule add pref 512 lookup local > ip rule del pref 0 lookup local > ip link set eth2 up > ip -4 addr add 172.16.0.102/24 broadcast 172.16.0.255 dev eth2 > ip rule add to 172.16.0.102 iif eth2 lookup local pref 10 > ip rule add iif eth2 lookup 10001 pref 20 > ip route add 172.16.0.0/24 dev eth2 table 10001 > ip route add unreachable 0/0 table 10001 > > If you had a second interface 'eth0' that was on a different > subnet, pinging a system on that interface would fail: > > [root@ct503-60 ~]# ping 192.168.100.1 > connect: Invalid argument Reported-by: Ben Greear <greearb@candelatech.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-