- 28 Sep, 2009 8 commits
-
-
Arjan van de Ven authored
The wireless extensions have a copy_from_user to a local stack array "essid", but both me and gcc have failed to find where the bounds for this copy are located in the code. This patch adds some basic sanity checks for the copy length to make sure that we don't overflow the stack buffer. Signed-off-by:
Arjan van de Ven <arjan@linux.intel.com> Cc: linux-wireless@vger.kernel.org Signed-off-by:
John W. Linville <linville@tuxdriver.com>
-
Johannes Berg authored
It's useful to know the MAC address when being disassociated; fix a typo (missing colon) and move some messages so we get them only when they are actually taking effect. Signed-off-by:
Johannes Berg <johannes@sipsolutions.net> Signed-off-by:
-
Johannes Berg authored
Multiple problems were reported due to interaction between wpa_supplicant and the wext compat code in cfg80211, which appear to be due to it not getting any bss pointer here when wpa_supplicant sets all parameters -- do that now. We should still get the bss after doing an extra scan, but that appears to increase the time we need for connecting enough to sometimes cause timeouts. Signed-off-by:
-
Reinette Chatre authored
When hardware or uCode problem occurs driver captures significant information from device to enable debugging. The format of this information is different between 3945 and 4965 and later devices, yet currently the 3945 uses the 4965 and later format. Fix this by adding a new library call that is initialized to the correct formatting routine based on device. This moves the iwlagn event and error log handling back to iwl-agn.c to make it part of iwlagn module. Also remove the 3945 sysfs file that triggers dump of event log - there is already a debugfs file that can do it for all drivers. Signed-off-by:
Reinette Chatre <reinette.chatre@intel.com> Signed-off-by:
-
Reinette Chatre authored
Also free the array of command pointers and meta data of each command buffer when command queue is freed. Signed-off-by:
-
Reinette Chatre authored
We keep track of where to write into a buffer by keeping a count of how much has been written so far. When writing to the buffer we thus take the buffer pointer and adding the count of what has been written so far. Keeping track of what has been written so far is done by incrementing this number every time something is written to the buffer with how much has been written at that time. Currently this number is incremented incorrectly when using the "hex_dump_to_buffer" call to add data to the buffer. Fix this by only adding what has been added to the buffer in that call instead of what has been added since beginning of buffer. Issue was discovered and discussed during testing of https://bugzilla.redhat.com/show_bug.cgi?id=464598 . When a user views any of these files they will see something like: [ 179.355202] ------------[ cut here ]------------ [ 179.355209] WARNING: at ../lib/vsprintf.c:989 vsnprintf+0x5ec/0x5f0() [ 179.355212] Hardware name: VGN-Z540N [ 179.355213] Modules linked in: i915 drm i2c_algo_bit i2c_core ipv6 acpi_cpufreq cpufreq_userspace cpufreq_powersave cpufreq_ondemand cpufreq_conservative cpufreq_stats freq_table container sbs sbshc arc4 ecb iwlagn iwlcore joydev led_class mac80211 af_packet pcmcia psmouse sony_laptop cfg80211 iTCO_wdt iTCO_vendor_support pcspkr serio_raw rfkill intel_agp video output tpm_infineon tpm tpm_bios button battery yenta_socket rsrc_nonstatic pcmcia_core processor ac evdev ext3 jbd mbcache sr_mod sg cdrom sd_mod ahci libata scsi_mod ehci_hcd uhci_hcd usbcore thermal fan thermal_sys [ 179.355262] Pid: 5449, comm: cat Not tainted 2.6.31-wl-54419-ge881071 #62 [ 179.355264] Call Trace: [ 179.355267] [<ffffffff811ad14c>] ? vsnprintf+0x5ec/0x5f0 [ 179.355271] [<ffffffff81041348>] warn_slowpath_common+0x78/0xd0 [ 179.355275] [<ffffffff810413af>] warn_slowpath_null+0xf/0x20 [ 179.355277] [<ffffffff811ad14c>] vsnprintf+0x5ec/0x5f0 [ 179.355280] [<ffffffff811ad23d>] ? scnprintf+0x5d/0x80 [ 179.355283] [<ffffffff811ad23d>] scnprintf+0x5d/0x80 [ 179.355286] [<ffffffff811aed29>] ? hex_dump_to_buffer+0x189/0x340 [ 179.355290] [<ffffffff810e91d7>] ? __kmalloc+0x207/0x260 [ 179.355303] [<ffffffffa02a02f8>] iwl_dbgfs_nvm_read+0xe8/0x220 [iwlcore] [ 179.355306] [<ffffffff811a9b62>] ? __up_read+0x92/0xb0 [ 179.355310] [<ffffffff810f0988>] vfs_read+0xc8/0x1a0 [ 179.355313] [<ffffffff810f0b50>] sys_read+0x50/0x90 [ 179.355316] [<ffffffff8100bd6b>] system_call_fastpath+0x16/0x1b [ 179.355319] ---[ end trace 2383d0d5e0752ca0 ]--- Signed-off-by:
-
Johannes Berg authored
When wpa_supplicant is used to connect to open networks, it causes the wdev->wext.keys to point to key memory, but that key memory is all empty. Only use privacy when there is a default key to be used. Signed-off-by:
Luis R. Rodriguez <lrodriguez@atheros.com> Tested-by:
Kalle Valo <kalle.valo@iki.fi> Signed-off-by:
-
Johannes Berg authored
Currently, cfg80211's SIOCGIWAP implementation returns the BSSID that the user set, even if the connection has since been dropped due to other changes. It only should return the current BSSID when actually connected. Also do a small code cleanup. Reported-by:
Thomas H. Guenther <thomas.h.guenther@intel.com> Signed-off-by:
-
- 27 Sep, 2009 17 commits
-
-
Sascha Hlusiak authored
This reverts commit 64506929. While the code does not actually break anything, it does not completely follow RFC5214 yet. After talking back with Fred L. Templin, I agree that completing the ISATAP specific RS/RA code, would pollute the kernel a lot with code that is better implemented in userspace. The kernel should not send RS packages for ISATAP at all. Signed-off-by:
Sascha Hlusiak <contact@saschahlusiak.de> Acked-by:
Fred L. Templin <Fred.L.Templin@boeing.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
John Fastabend authored
netlink_unicast() calls kfree_skb even in the error case. dcbnl calls netlink_unicast() which when it fails free's the skb and returns an error value. dcbnl is free'ing the skb again when this error occurs. This patch removes the double free. Signed-off-by:
John Fastabend <john.r.fastabend@intel.com> Signed-off-by:
Jeff Kirsher <jeffrey.t.kirsher@intel.com> Signed-off-by:
-
John Fastabend authored
Currently, the nlmsg->len field is not set correctly in netlink_ack() for ack messages that include the nlmsg of the error frame. This corrects the length field passed to __nlmsg_put to use the correct payload size. Signed-off-by:
-
John Fastabend authored
Fix vlan_get_size to include vlan->flags. Currently, the size of the vlan flags is not included in the nlmsg size. Signed-off-by:
-
Don Skidmore authored
The function e1000_enable_tx_pkt_filtering() was removed in a previous cleanup patch. this removes the no longer used prototype. Signed-off-by:
Don Skidmore <donald.c.skidmore@intel.com> Signed-off-by:
-
Jesse Brandeburg authored
a couple of functions needed to be removed/declared static Signed-off-by:
Jesse Brandeburg <jesse.brandeburg@intel.com> Signed-off-by:
-
Jesse Brandeburg authored
eerd and eewr don't exist on pre PCIe devices Signed-off-by:
-
Jesse Brandeburg authored
A large whitespace change to e1000_hw.[ch] in order to update it to kernel coding style (by running lindent). Updated function header comments into kdoc style. Signed-off-by:
-
Jesse Brandeburg authored
adapter was being assigned twice, also clarified variable name and unwrapped line. Signed-off-by:
-
Jesse Brandeburg authored
this patch fixes a bug that occurs when routing packets and simultaneously changing the mtu. the rx_buffer_len variable is used during the rx cleanup and if that changes on the fly without stopping traffic bad things happen Signed-off-by:
-
Jesse Brandeburg authored
1) 82544 does not need last_tx_tso workaround, it interferes with the 82544 workaround too 2) 82544 hang workaround was using the address of the page struct instead of the physical address as its "workaround decider" not sure how that ever worked Signed-off-by:
-
Jesse Brandeburg authored
This fix closes a race where the adapter can be shutting down while hard_start_xmit is being called and interrupts are being handled. Signed-off-by:
-
Jesse Brandeburg authored
e1000 was using one particular way to detect link, but with the advent of some of the newer hardware designs using SERDES connections, tests for link must completely cover all cases. Signed-off-by:
-
Jesse Brandeburg authored
there were some hotplug cases that made timers still run after the driver had been removed, make sure to stop all the timers and not allow racy reschedules. Signed-off-by:
-
Jesse Brandeburg authored
we can use netif_tx_disable now because LLTX has been removed. Signed-off-by:
-
Jesse Brandeburg authored
after removal of pcie, need to remove some unnecessary functions Signed-off-by:
-
Jesse Brandeburg authored
this patch is the first in a series of clean up patches for e1000 to drop unused code, and update the driver to kernel spec, and then, to update the driver to have all available bug fixes. Call it the e1000 weight loss plan. Signed-off-by:
-
- 25 Sep, 2009 4 commits
-
-
David S. Miller authored
Signed-off-by: -
Sriram authored
In the emac_poll function when looking for interrupt status masks correct definition must be chosen based on EMAC_VERSION(the bit mask has changed from version 1 to version 2). Signed-off-by:
Sriram <srk@ti.com> Acked-by:
Chaithrika U S <chaithrika@ti.com> Signed-off-by:
-
Jarek Poplawski authored
Use ax25_cb_put after ax25_find_cb in ax25_ctl_ioctl. Reported-by:
Bernard Pidoux F6BVP <f6bvp@free.fr> Signed-off-by:
Jarek Poplawski <jarkao2@gmail.com> Reviewed-by:
Ralf Baechle <ralf@linux-mips.org> Signed-off-by:
-
-
- 24 Sep, 2009 11 commits
-
-
Johannes Berg authored
Similar to commit d136f1bd, there's a bug when unregistering a generic netlink family, which is caught by the might_sleep() added in that commit: BUG: sleeping function called from invalid context at net/netlink/af_netlink.c:183 in_atomic(): 1, irqs_disabled(): 0, pid: 1510, name: rmmod 2 locks held by rmmod/1510: #0: (genl_mutex){+.+.+.}, at: [<ffffffff8138283b>] genl_unregister_family+0x2b/0x130 #1: (rcu_read_lock){.+.+..}, at: [<ffffffff8138270c>] __genl_unregister_mc_group+0x1c/0x120 Pid: 1510, comm: rmmod Not tainted 2.6.31-wl #444 Call Trace: [<ffffffff81044ff9>] __might_sleep+0x119/0x150 [<ffffffff81380501>] netlink_table_grab+0x21/0x100 [<ffffffff813813a3>] netlink_clear_multicast_users+0x23/0x60 [<ffffffff81382761>] __genl_unregister_mc_group+0x71/0x120 [<ffffffff81382866>] genl_unregister_family+0x56/0x130 [<ffffffffa0007d85>] nl80211_exit+0x15/0x20 [cfg80211] [<ffffffffa000005a>] cfg80211_exit+0x1a/0x40 [cfg80211] Fix in the same way by grabbing the netlink table lock before doing rcu_read_lock(). Signed-off-by:
-
Anton Vorontsov authored
Following trace pops up if we try to suspend with 3c59x ethernet NIC brought down: root@b1:~# ifconfig eth16 down root@b1:~# echo mem > /sys/power/state ... 3c59x 0000:00:10.0: suspend 3c59x 0000:00:10.0: PME# disabled Trying to free already-free IRQ 48 ------------[ cut here ]------------ Badness at c00554e4 [verbose debug info unavailable] NIP: c00554e4 LR: c00554e4 CTR: c019a098 REGS: c7975c60 TRAP: 0700 Not tainted (2.6.31-rc4) MSR: 00021032 <ME,CE,IR,DR> CR: 28242422 XER: 20000000 TASK = c79cb0c0[1746] 'bash' THREAD: c7974000 ... NIP [c00554e4] __free_irq+0x108/0x1b0 LR [c00554e4] __free_irq+0x108/0x1b0 Call Trace: [c7975d10] [c00554e4] __free_irq+0x108/0x1b0 (unreliable) [c7975d30] [c005559c] free_irq+0x10/0x24 [c7975d40] [c01e21ec] vortex_suspend+0x70/0xc4 [c7975d60] [c017e584] pci_legacy_suspend+0x58/0x100 This is because the driver manages interrupts without checking for netif_running(). Though, there are few other issues with suspend/resume in this driver. The intention of calling free_irq() in suspend() was to avoid any possible spurious interrupts (see commit 5b039e68 "3c59x PM fixes"). But, - On resume, the driver was requesting IRQ just after pci_set_master(), but before vortex_up() (which actually resets 3c59x chips). - Issuing free_irq() on a shared IRQ doesn't guarantee that a buggy HW won't trigger spurious interrupts in another driver that requested the same interrupt. So, if we want to protect from unexpected interrupts, then on suspend we should issue disable_irq(), not free_irq(). Signed-off-by:
Anton Vorontsov <avorontsov@ru.mvista.com> Signed-off-by:
-
Eric Dumazet authored
It seems recursion field from "struct ip_tunnel" is not anymore needed. recursion prevention is done at the upper level (in dev_queue_xmit()), since we use HARD_TX_LOCK protection for tunnels. This avoids a cache line ping pong on "struct ip_tunnel" : This structure should be now mostly read on xmit and receive paths. Signed-off-by:
Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by:
-
Sebastian Haas authored
The driver mapped only 128 bytes of the CAN controller address space when a CPC-PCI v2 was detected (incl. CPC-104P). This patch will fix it by always mapping the whole address space (4096 bytes on all boards) of the corresponding PCI BAR. Signed-off-by:
Sebastian Haas <haas@ems-wuensche.com> Signed-off-by:
Wolfgang Grandegger <wg@grandegger.com> Signed-off-by:
-
Jaswinder Singh Rajput authored
DOCPROC Documentation/DocBook/networking.xml Warning(net/sunrpc/clnt.c:647): No description found for parameter 'req' Warning(net/sunrpc/clnt.c:647): No description found for parameter 'tk_ops' Warning(net/sunrpc/clnt.c:647): Excess function parameter 'ops' description in 'rpc_run_bc_task' Signed-off-by:
Jaswinder Singh Rajput <jaswinderrajput@gmail.com> Cc: Ricardo Labiaga <Ricardo.Labiaga@netapp.com> Cc: Benny Halevy <bhalevy@panasas.com> Cc: Andy Adamson <andros@netapp.com> Cc: Trond Myklebust <Trond.Myklebust@netapp.com> Cc: Randy Dunlap <randy.dunlap@oracle.com> Cc: David Miller <davem@davemloft.net> Signed-off-by:
-
Rémi Denis-Courmont authored
If we ever implement this, then we can stop returning an error. Signed-off-by:
Rémi Denis-Courmont <remi.denis-courmont@nokia.com> Signed-off-by:
-
Rémi Denis-Courmont authored
Allocating a port number to a socket and hashing that socket shall be an atomic operation with regards to other port allocation. Otherwise, we could allocate a port that is already being allocated to another socket. Signed-off-by:
-
Stephen Hemminger authored
Previous update did not resched in inner loop causing watchdogs. Rewrite inner loop to: * account for delays better with less clock calls * more accurate timing of delay: - only delay if packet was successfully sent - if delay is 100ns and it takes 10ns to build packet then account for that * use wait_event_interruptible_timeout rather than open coding it. Signed-off-by:Stephen Hemminger <shemminger@vyatta.com> Signed-off-by:
-
Stephen Hemminger authored
Get rid of unused flag bit. Signed-off-by:
-
Shan Wei authored
Due to man page of setsockopt, if optlen is not valid, kernel should return -EINVAL. But a simple testcase as following, errno is 0, which means setsockopt is successful. addr.s_addr = inet_addr("192.1.2.3"); setsockopt(s, IPPROTO_IP, IP_MULTICAST_IF, &addr, 1); printf("errno is %d\n", errno); Xiaotian Feng(dfeng@redhat.com) caught the bug. We fix it firstly checking the availability of optlen and then dealing with the logic like other options. Reported-by:Xiaotian Feng <dfeng@redhat.com> Signed-off-by:
Shan Wei <shanwei@cn.fujitsu.com> Acked-by:
Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> Signed-off-by:
-
David S. Miller authored
Conflicts: drivers/staging/Kconfig drivers/staging/Makefile drivers/staging/cpc-usb/TODO drivers/staging/cpc-usb/cpc-usb_drv.c drivers/staging/cpc-usb/cpc.h drivers/staging/cpc-usb/cpc_int.h drivers/staging/cpc-usb/cpcusb.h
-
