- 08 Jun, 2007 10 commits
-
-
Paul Mundt authored
This adds in some more __user annotations. These weren't being handled properly in some of the __get_user and __put_user paths, so tidy those up. Signed-off-by: Paul Mundt <lethal@linux-sh.org>
-
Paul Mundt authored
Split out the CPU topology initialization to a separate file, and switch it to a percpu type, rather than an NR_CPUS array. At the same time, switch to only registering present CPUs, rather than using the possible CPU map. Signed-off-by: Paul Mundt <lethal@linux-sh.org>
-
Bryan Wu authored
This bug was caught by LTP testcase fchmod06 on Blackfin platform. In the manpage of fchmod, "EPERM: The effective UID does not match the owner of the file, and the process is not privileged (Linux: it does not have the CAP_FOWNER capability)." But the ramfs nommu code missed the inode_change_ok POSIX UID/GID verification. This patch fixed this. Signed-off-by: Bryan Wu <bryan.wu@analog.com> Cc: David Howells <dhowells@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.linux-xtensa.org/kernel/xtensa-feedLinus Torvalds authored
* git://git.linux-xtensa.org/kernel/xtensa-feed: Xtensa: use asm-generic/fcntl.h [XTENSA] Remove non-rt signal handling [XTENSA] Move common sections into bss sections [XTENSA] clean-up header files [XTENSA] Use generic 64-bit division [XTENSA] Remove multi-exported symbols from xtensa_ksyms.c [XTENSA] fix sources using deprecated assembler directive [XTENSA] Spelling fixes in arch/xtensa [XTENSA] fix bit operations in bitops.h
-
Linus Torvalds authored
* 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6: [SPARC64]: Fix SBUS IRQ regression caused by PCI-E driver. [SPARC64]: Fix 2 bugs in PCI Sabre bus scanning.
-
Linus Torvalds authored
* 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (24 commits) xfrm: Add security check before flushing SAD/SPD [NET_SCHED]: Fix filter double free [NET]: Avoid duplicate netlink notification when changing link state [UDP]: Revert 2-pass hashing changes. [AF_UNIX]: Fix stream recvmsg() race. [NETFILTER]: nf_conntrack_amanda: fix textsearch_prepare() error check [NETFILTER]: ip_tables: fix compat related crash [NETFILTER]: nf_conntrack: fix helper module unload races [RTNETLINK]: ifindex 0 does not exist [NETLINK]: Mark netlink policies const [TCP] tcp_probe: Attach printf attribute properly to printl(). [TCP]: Use LIMIT_NETDEBUG in tcp_retransmit_timer(). [NET]: Merge dst_discard_in and dst_discard_out. [RFKILL]: Make rfkill->name const [IPV4]: Restore old behaviour of default config values [IPV4]: Add default config support after inetdev_init [IPV4]: Convert IPv4 devconf to an array [IPV4]: Only panic if inetdev_init fails for loopback [TCP]: Honour sk_bound_dev_if in tcp_v4_send_ack [BNX2]: Update version and reldate. ...
-
Steven Rostedt authored
This is a minor fix, but what is currently there is essentially wrong. In do_page_fault, if the faulting address from user code happens to be in kernel address space (int *p = (int*)-1; p = 0xbed;) then the do_page_fault handler will jump over the local_irq_enable with the goto bad_area_nosemaphore; But the first line there sees this is user code and goes through the process of sending a signal to send SIGSEGV to the user task. This whole time interrupts are disabled and the task can not be preempted by a higher priority task. This patch always enables interrupts in the user path of the bad_area_nosemaphore. Signed-off-by: Steven Rostedt <rostedt@goodmis.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Linus Torvalds authored
* master.kernel.org:/home/rmk/linux-2.6-arm: [ARM] pxa: fix pxa27x keyboard driver [ARM] Fix 4417/1: Serial: Fix AMBA drivers locking [ARM] 4421/1: AT91: Value of _KEY fields. [ARM] Solve buggy smp_processor_id() usage [ARM] 4422/1: Fix default value handling in gpio_direction_output (PXA) [ARM] 4419/1: AT91: SAM9 USB clocks check for suspending [ARM] 4418/1: AT91: Number of programmable clocks differs [ARM] 4392/2: Do not corrupt the SP register in compressed/head.S
-
git://ftp.linux-mips.org/pub/scm/upstream-linusLinus Torvalds authored
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus: [MIPS] Fix warning by moving do_default_vi into CONFIG_CPU_MIPSR2_SRS [MIPS] Fix some minor typoes in arch/mips/Kconfig. [MIPS] Remove prototype for deleted function qemu_handle_int [MIPS] Fix some system calls with long long arguments [MIPS] Make dma_map_sg handle sg elements which are longer than one page [MIPS] Drop __ARCH_WANT_SYS_FADVISE64 [MIPS] Fix VGA corruption on RM300C [MIPS] RM300: Fix MMIO problems by marking the PCI INT ACK region busy [MIPS] EMMA2RH: remove dead KGDB code [MIPS] Remove duplicate fpu enable hazard code. [MIPS] Atlas, Malta, SEAD: Remove scroll from interrupt handler.
-
Peter Zijlstra authored
In file included from /usr/src/linux-2.6-2/net/ipv4/ip_input.c:118: include2/asm/system.h:245: error: parse error before "__cmpxchg_32" include2/asm/system.h:245: error: parse error before '*' token include2/asm/system.h:245: warning: type defaults to `int' in declaration of `__cmpxchg_32' include2/asm/system.h:245: warning: function declaration isn't a prototype include2/asm/system.h:245: warning: data definition has no type or storage class Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
- 07 Jun, 2007 30 commits
-
-
David S. Miller authored
We used to access the 64-bit IRQ IMAP and ICLR registers of bus controllers 4-bytes in and as a 32-bit register word, since only the low 32-bits were relevant. This seemed like a good idea at the time. But the PCI-E controller requires full 8-byte 64-bit access to these registers, so we switched over to accessing them fully. SBUS was not adjusted properly, which broke interrupts completely. Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
If we are on hummingbird, bus runs at 66MHZ. pbm->pci_bus should be setup with the result of pci_scan_one_pbm() or else we deref NULL pointers in the error interrupt handlers. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Joy Latten authored
Currently we check for permission before deleting entries from SAD and SPD, (see security_xfrm_policy_delete() security_xfrm_state_delete()) However we are not checking for authorization when flushing the SPD and the SAD completely. It was perhaps missed in the original security hooks patch. This patch adds a security check when flushing entries from the SAD and SPD. It runs the entire database and checks each entry for a denial. If the process attempting the flush is unable to remove all of the entries a denial is logged the the flush function returns an error without removing anything. This is particularly useful when a process may need to create or delete its own xfrm entries used for things like labeled networking but that same process should not be able to delete other entries or flush the entire database. Signed-off-by: Joy Latten<latten@austin.ibm.com> Signed-off-by: Eric Paris <eparis@parisplace.org> Signed-off-by: James Morris <jmorris@namei.org>
-
Patrick McHardy authored
cbq and atm destroy their filters twice when destroying inner classes during qdisc destruction. Reported-and-tested-by: Strobl Anton <a.strobl@aws-it.at> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Thomas Graf authored
When changing the link state from userspace not affecting any other flags. Two duplicate notification are being sent, once as action in the NETDEV_UP/NETDEV_DOWN notification chain and a second time when comparing old and new device flags after the change has been completed. Although harmless, the duplicates should be avoided. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
This reverts changesets: 6aaf47fa b7b5f487 de34ed91 fc038410 There are still some correctness issues recently discovered which do not have a known fix that doesn't involve doing a full hash table scan on port bind. So revert for now. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Miklos Szeredi authored
A recv() on an AF_UNIX, SOCK_STREAM socket can race with a send()+close() on the peer, causing recv() to return zero, even though the sent data should be received. This happens if the send() and the close() is performed between skb_dequeue() and checking sk->sk_shutdown in unix_stream_recvmsg(): process A skb_dequeue() returns NULL, there's no data in the socket queue process B new data is inserted onto the queue by unix_stream_sendmsg() process B sk->sk_shutdown is set to SHUTDOWN_MASK by unix_release_sock() process A sk->sk_shutdown is checked, unix_release_sock() returns zero I'm surprised nobody noticed this, it's not hard to trigger. Maybe it's just (un)luck with the timing. It's possible to work around this bug in userspace, by retrying the recv() once in case of a zero return value. Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Akinobu Mita authored
The return value from textsearch_prepare() needs to be checked by IS_ERR(). Because it returns error code as a pointer. Cc: "Brian J. Murrell" <netfilter@interlinx.bc.ca> Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Dmitry Mishin authored
check_compat_entry_size_and_hooks iterates over the matches and calls compat_check_calc_match, which loads the match and calculates the compat offsets, but unlike the non-compat version, doesn't call ->checkentry yet. On error however it calls cleanup_matches, which in turn calls ->destroy, which can result in crashes if the destroy function (validly) expects to only get called after the checkentry function. Add a compat_release_match function that only drops the module reference on error and rename compat_check_calc_match to compat_find_calc_match to reflect the fact that it doesn't call the checkentry function. Reported by Jan Engelhardt <jengelh@linux01.gwdg.de> Signed-off-by: Dmitry Mishin <dim@openvz.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHarrdy authored
When a helper module is unloaded all conntracks refering to it have their helper pointer NULLed out, leading to lots of races. In most places this can be fixed by proper use of RCU (they do already check for != NULL, but in a racy way), additionally nf_conntrack_expect_related needs to bail out when no helper is present. Also remove two paranoid BUG_ONs in nf_conntrack_proto_gre that are racy and not worth fixing. Signed-off-by: Patrick McHarrdy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
ifindex == 0 does not exist and implies we should do a lookup by name if one was given. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
GCC doesn't like the way Stephen initially did it: net/ipv4/tcp_probe.c:83: warning: empty declaration Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric Dumazet authored
LIMIT_NETDEBUG allows the admin to disable some warning messages (echo 0 >/proc/sys/net/core/warnings). The "TCP: Treason uncloaked!" message can use this facility. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Denis Cheng authored
Signed-off-by: Denis Cheng <crquan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Ivo van Doorn authored
The rfkill name can be made const safely, this makes the compiler happy when drivers make it point to some const string used elsewhere. Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Herbert Xu authored
Previously inet devices were only constructed when addresses are added (or rarely in ipmr). Therefore the default config values they get are the ones at the time of these operations. Now that we're creating inet devices earlier, this changes the behaviour of default config values in an incompatible way (see bug #8519). This patch creates a compromise by setting the default values at the same point as before but only for those that have not been explicitly set by the user since the inet device's creation. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Herbert Xu authored
Previously once inetdev_init has been called on a device any changes made to ipv4_devconf_dflt would have no effect on that device's configuration. This creates a problem since we have moved the point where inetdev_init is called from when an address is added to where the device is registered. This patch is the first half of a set that tries to mimic the old behaviour while still calling inetdev_init. It propagates any changes to ipv4_devconf_dflt to those devices that have not had the corresponding attribute set. The next patch will forcibly set all values at the point where inetdev_init was previously called. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Herbert Xu authored
This patch converts the ipv4_devconf config members (everything except sysctl) to an array. This allows easier manipulation which will be needed later on to provide better management of default config values. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Herbert Xu authored
When I made the inetdev_init call work on all devices I incorrectly left in the panic call as well. It is obviously undesirable to panic on an allocation failure for a normal network device. This patch moves the panic call under the loopback if clause. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Patrick McHardy authored
A time_wait socket inherits sk_bound_dev_if from the original socket, but it is not used when sending ACK packets using ip_send_reply. Fix by passing the oif to ip_send_reply in struct ip_reply_arg and use it for output routing. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Michael Chan authored
Update to version 1.5.11. Signed-off-by: Michael Chan <mchan@broadcom.com> Acked-by: Jeff Garzik <jeff@garzik.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Michael Chan authored
The statistics block DMA on 5708 can be messed up occasionally on the average of about once per hour. If the user is reading the counters within one second after the corruption, the counters will be all messed up. One second later, the counters will be ok again until the next corruption occurs. The workaround is to disable the periodic statistics DMA. Instead, we manually trigger the DMA once a second in bnx2_timer(). This manual trigger of the DMA avoids the problem. As a consequence, we can only allow 0 or 1 second settings for ethtool -C statistics block. Thanks to Jean-Daniel Pauget <jd@disjunkt.com> and CaT <cat@zip.com.au> for reporting this rare problem. Signed-off-by: Michael Chan <mchan@broadcom.com> Acked-by: Jeff Garzik <jeff@garzik.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Michael Chan authored
Add missing code to enable DMA on 5709 A1. The bit is a no-op on A0 and therefore can be set on all 5709 chips. Signed-off-by: Michael Chan <mchan@broadcom.com> Acked-by: Jeff Garzik <jeff@garzik.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Michael Chan authored
For correctness, we need to wait for the MEM_INIT bit to be cleared in the BNX2_CTX_COMMAND register before proceeding. [Added return -EBUSY when the MEM_INIT bit doesn't clear, suggested by Jeff Garzik.] Signed-off-by: Michael Chan <mchan@broadcom.com> Acked-by: Jeff Garzik <jeff@garzik.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Michael Chan authored
There's a bug in the driver that only initializes half of the context memory on the 5708. Surprisingly, this works most of the time except for some occasional netdev watchdogs when sending a lot of 64-byte packets. The fix is to add the missing code to initialize the 2nd halves of all context memory. Signed-off-by: Michael Chan <mchan@broadcom.com> Acked-by: Jeff Garzik <jeff@garzik.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Linus Torvalds authored
* master.kernel.org:/pub/scm/linux/kernel/git/lethal/sh-2.6: sh: Fix se73180 platform device registration. sh: ioremap() through PMB needs asm/mmu.h. sh: voyagergx: Fix build warnings. sh: Fix SH4-202 clock fwk set_rate() mismatch. sh: microdev: Fix compile warnings. sh: Fix in_nmi symbol build error.
-
Linus Torvalds authored
* 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6: [VIDEO] sunxvr500fb: Fix pseudo_palette array size [VIDEO] sunxvr2500fb: Fix pseudo_palette array size [VIDEO] ffb: The pseudo_palette is only 16 elements long [VIDEO]: Fix section mismatch warning in promcon. [ATA]: Back out bogus (SPARC64 && !PCI) Kconfig depends. [SPARC64]: Fill in gaps in non-PCI dma_*() NOP implementation. [SPARC64]: Fix {mc,smt}_capable(). [SPARC64]: Make core and sibling groups equal on UltraSPARC-IV. [SPARC64]: Proper multi-core scheduling support. [SPARC64]: Provide mmu statistics via sysfs. [SPARC64]: Fix service channel hypervisor function names. [SPARC64]: Export basic cpu properties via sysfs. [SPARC64]: Move topology init code into new file, sysfs.c
-
git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpcLinus Torvalds authored
* 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc: [POWERPC] Fix building of COFF zImages [POWERPC] spufs: Fix error handling in spufs_fill_dir() [POWERPC] Add table of contents to booting-without-of.txt [POWERPC] spufs: Don't yield nosched context [POWERPC] Fix typo in booting-without-of-txt section numbering [POWERPC] scc_sio: Fix link failure [POWERPC] cbe_cpufreq: Limit frequency via cpufreq notifier chain [POWERPC] Fix pci_setup_phb_io_dynamic for pci_iomap [POWERPC] spufs scheduler: Fix wakeup races [POWERPC] spufs: Synchronize pte invalidation vs ps close [POWERPC] spufs: Free mm if spufs_fill_dir() failed [POWERPC] spufs: Fix gang destroy leaks [POWERPC] spufs: Hook up spufs_release_mem [POWERPC] spufs: Refuse to load the module when not running on cell [POWERPC] pasemi: Fix iommu + 64K PAGE_SIZE bug
-
Roland McGrath authored
This patch should get a few birds. It prevents sigaction calls from clearing TIF_SIGPENDING in other threads, which could leak -ERESTART*. And It fixes ptrace_stop not to clear it, which done at the syscall exit stop could leak -ERESTART*. It probably removes the harm from signalfd, at least assuming it never calls dequeue_signal on kernel threads that might have used block_all_signals. Signed-off-by: Roland McGrath <roland@redhat.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Paul Mackerras <paulus@samba.org> Cc: Satoru Takeuchi <takeuchi_satoru@jp.fujitsu.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-