- 08 Aug, 2010 1 commit
-
-
Dmitry Popov authored
tcp_parse_md5sig_option doesn't check md5sig option (TCPOPT_MD5SIG) length, but tcp_v[46]_inbound_md5_hash assume that it's at least 16 bytes long. Signed-off-by: Dmitry Popov <dp@highloadlab.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 06 Aug, 2010 3 commits
-
-
Johannes Berg authored
spin_is_locked() can return zero on some (UP?) configurations because locks don't exist, and that causes an endless amount of warnings. Use lockdep_assert_held() instead, which has two advantages: 1) it verifies the current task is holding the lock or mutex 2) it compiles away completely when lockdep is not enabled Cc: stable@kernel.org [2.6.34+, maybe only parts of patch] Reported-by: Thomas Meyer <thomas@m3y3r.de> Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Johannes Berg authored
The TX tracing code copies with the wrong length, which will typically copy too little data. Fix this by using the correct length variable. Cc: stable@kernel.org [2.6.32+] Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
- 05 Aug, 2010 17 commits
-
-
Dan Carpenter authored
The main motivation of this patch changing strcpy() to strlcpy(). We strcpy() to copy a 48 byte buffers into a 49 byte buffers. So at best the last byte has leaked information, or maybe there is an overflow? Anyway, this patch closes the information leaks by zeroing the memory and the calls to strlcpy() prevent overflows. Signed-off-by: Dan Carpenter <error27@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jarek Poplawski authored
The netpoll_rx_on() check in __napi_gro_receive() skips part of the "common" GRO_NORMAL path, especially "pull:" in dev_gro_receive(), where at least eth header should be copied for entirely paged skbs. Signed-off-by: Jarek Poplawski <jarkao2@gmail.com> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Christian Samsel authored
With turned on hspa modem (Dell 5530 internal card) and activated usb auto suspend, my system gets up 100 "usbnet_resume has delayed data" per minute. I didnt noticed any pathological behaviour, so just drop this message. if any objections, please at least change it to _DEBUG. Signed-off-by: Christian Samsel <christian.samsel@rwth-aachen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
John W. Linville authored
ieee80211_beacon_get can return NULL... Signed-off-by: John W. Linville <linville@tuxdriver.com> Cc: stable@kernel.org
-
Sujith authored
So long. Signed-off-by: Sujith <Sujith.Manoharan@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Dan Williams authored
Fix this leftover TODO from the cfg80211 conversion by doing a scan if cfg80211 didn't pass in the BSSID for us. Since the scan code uses so much of the cfg80211_scan_request structure to build up the firmware command, we just fake one when the scan request is triggered internally. But we need to make sure that internal 'fake' cfg82011 scan request does not get back to cfg82011 via cfg80211_scan_done(). Signed-off-by: Dan Williams <dcbw@redhat.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Dan Williams authored
Some APs get pissy if you don't send the firmware the extended rates in the association request's rates TLV. Found this on a Linksys WRT54G v2; it denies association with status code 18 unless you add the extended rates too. The old driver did this, but it got lost in the cfg80211 conversion. Signed-off-by: Dan Williams <dcbw@redhat.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Dan Williams authored
Let's actually check the right field in the command response; and if there aren't any reported BSSes, exit early with success. Signed-off-by: Dan Williams <dcbw@redhat.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Rusty Russell authored
I often use "ethtool -i" command to check what driver controls the ehternet device. But because current virtio_net driver doesn't support "ethtool -i", it becomes the following: # ethtool -i eth3 Cannot get driver information: Operation not supported This patch simply adds the "ethtool -i" support. The following is the result when using the virtio_net driver with my patch applied to. # ethtool -i eth3 driver: virtio_net version: N/A firmware-version: N/A bus-info: virtio0 Personally, "-i" is one of the most frequently-used option, and most network drivers support "ethtool -i", so I think virtio_net also should do. Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (use ARRAY_SIZE) Signed-off-by: David S. Miller <davem@davemloft.net>
-
stephen hemminger authored
The PPP channel ops structure should be const. Cleanup the declarations to use standard C99 format. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David Howells authored
RxRPC can potentially deadlock as rxrpc_resend_time_expired() wants to get call->state_lock so that it can alter the state of an RxRPC call. However, its caller (call_timer_fn()) has an apparent lock on the timer struct. The problem is that rxrpc_resend_time_expired() isn't permitted to lock call->state_lock as this could cause a deadlock against rxrpc_send_abort() as that takes state_lock and then attempts to delete the resend timer by calling del_timer_sync(). The deadlock can occur because del_timer_sync() will sit there forever waiting for rxrpc_resend_time_expired() to return, but the latter may then wait for call->state_lock, which rxrpc_send_abort() holds around del_timer_sync()... This leads to a warning appearing in the kernel log that looks something like the attached. It should be sufficient to simply dispense with the locks. It doesn't matter if we set the resend timer expired event bit and queue the event processor whilst we're changing state to one where the resend timer is irrelevant as the event can just be ignored by the processor thereafter. ======================================================= [ INFO: possible circular locking dependency detected ] 2.6.35-rc3-cachefs+ #115 ------------------------------------------------------- swapper/0 is trying to acquire lock: (&call->state_lock){++--..}, at: [<ffffffffa00200d4>] rxrpc_resend_time_expired+0x56/0x96 [af_rxrpc] but task is already holding lock: (&call->resend_timer){+.-...}, at: [<ffffffff8103b675>] run_timer_softirq+0x182/0x2a5 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&call->resend_timer){+.-...}: [<ffffffff810560bc>] __lock_acquire+0x889/0x8fa [<ffffffff81056184>] lock_acquire+0x57/0x6d [<ffffffff8103bb9c>] del_timer_sync+0x3c/0x86 [<ffffffffa002bb7a>] rxrpc_send_abort+0x50/0x97 [af_rxrpc] [<ffffffffa002bdd9>] rxrpc_kernel_abort_call+0xa1/0xdd [af_rxrpc] [<ffffffffa0061588>] afs_deliver_to_call+0x129/0x368 [kafs] [<ffffffffa006181b>] afs_process_async_call+0x54/0xff [kafs] [<ffffffff8104261d>] worker_thread+0x1ef/0x2e2 [<ffffffff81045f47>] kthread+0x7a/0x82 [<ffffffff81002cd4>] kernel_thread_helper+0x4/0x10 -> #0 (&call->state_lock){++--..}: [<ffffffff81055237>] validate_chain+0x727/0xd23 [<ffffffff810560bc>] __lock_acquire+0x889/0x8fa [<ffffffff81056184>] lock_acquire+0x57/0x6d [<ffffffff813e6b69>] _raw_read_lock_bh+0x34/0x43 [<ffffffffa00200d4>] rxrpc_resend_time_expired+0x56/0x96 [af_rxrpc] [<ffffffff8103b6e6>] run_timer_softirq+0x1f3/0x2a5 [<ffffffff81036828>] __do_softirq+0xa2/0x13e [<ffffffff81002dcc>] call_softirq+0x1c/0x28 [<ffffffff810049f0>] do_softirq+0x38/0x80 [<ffffffff810361a2>] irq_exit+0x45/0x47 [<ffffffff81018fb3>] smp_apic_timer_interrupt+0x88/0x96 [<ffffffff81002893>] apic_timer_interrupt+0x13/0x20 [<ffffffff810011ac>] cpu_idle+0x4d/0x83 [<ffffffff813e06f3>] start_secondary+0x1bd/0x1c1 other info that might help us debug this: 1 lock held by swapper/0: #0: (&call->resend_timer){+.-...}, at: [<ffffffff8103b675>] run_timer_softirq+0x182/0x2a5 stack backtrace: Pid: 0, comm: swapper Not tainted 2.6.35-rc3-cachefs+ #115 Call Trace: <IRQ> [<ffffffff81054414>] print_circular_bug+0xae/0xbd [<ffffffff81055237>] validate_chain+0x727/0xd23 [<ffffffff810560bc>] __lock_acquire+0x889/0x8fa [<ffffffff810539a7>] ? mark_lock+0x42f/0x51f [<ffffffff81056184>] lock_acquire+0x57/0x6d [<ffffffffa00200d4>] ? rxrpc_resend_time_expired+0x56/0x96 [af_rxrpc] [<ffffffff813e6b69>] _raw_read_lock_bh+0x34/0x43 [<ffffffffa00200d4>] ? rxrpc_resend_time_expired+0x56/0x96 [af_rxrpc] [<ffffffffa00200d4>] rxrpc_resend_time_expired+0x56/0x96 [af_rxrpc] [<ffffffff8103b6e6>] run_timer_softirq+0x1f3/0x2a5 [<ffffffff8103b675>] ? run_timer_softirq+0x182/0x2a5 [<ffffffffa002007e>] ? rxrpc_resend_time_expired+0x0/0x96 [af_rxrpc] [<ffffffff810367ef>] ? __do_softirq+0x69/0x13e [<ffffffff81036828>] __do_softirq+0xa2/0x13e [<ffffffff81002dcc>] call_softirq+0x1c/0x28 [<ffffffff810049f0>] do_softirq+0x38/0x80 [<ffffffff810361a2>] irq_exit+0x45/0x47 [<ffffffff81018fb3>] smp_apic_timer_interrupt+0x88/0x96 [<ffffffff81002893>] apic_timer_interrupt+0x13/0x20 <EOI> [<ffffffff81049de1>] ? __atomic_notifier_call_chain+0x0/0x86 [<ffffffff8100955b>] ? mwait_idle+0x6e/0x78 [<ffffffff81009552>] ? mwait_idle+0x65/0x78 [<ffffffff810011ac>] cpu_idle+0x4d/0x83 [<ffffffff813e06f3>] start_secondary+0x1bd/0x1c1 Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Changli Gao authored
The packet length should be checked before the packet data is dereferenced. Signed-off-by: Changli Gao <xiaosuo@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Changli Gao authored
The packet length should be checked before the packet data is dereferenced. Signed-off-by: Changli Gao <xiaosuo@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Changli Gao authored
The packet length should be checked before the packet data is dereferenced. Signed-off-by: Changli Gao <xiaosuo@gmail.com> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Changli Gao authored
Signed-off-by: Changli Gao <xiaosuo@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Changli Gao authored
On the TX path, skb->data points to the ethernet header, not the network header. So when validating the packet length for accessing we should take the ethernet header into account. Signed-off-by: Changli Gao <xiaosuo@gmail.com> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 04 Aug, 2010 19 commits
-
-
Joe Perches authored
Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Stefan Weil authored
free_netdev finally calls kfree which makes the contents of ndev and priv (private data contained in ndev) invalid. So iounmap should be called before free_netdev. Cc: David S. Miller <davem@davemloft.net> Cc: Chaithrika U S <chaithrika@ti.com> Cc: Sriramakrishnan <srk@ti.com> Cc: Kevin Hilman <khilman@deeprootsystems.com> Cc: netdev@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Kulikov Vasiliy authored
IRQ and resource[] may not have correct values until after PCI hotplug setup occurs at pci_enable_device() time. The semantic match that finds this problem is as follows: // <smpl> @@ identifier x; identifier request ~= "pci_request.*|pci_resource.*"; @@ ( * x->irq | * x->resource | * request(x, ...) ) ... *pci_enable_device(x) // </smpl> Signed-off-by: Kulikov Vasiliy <segooon@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Kulikov Vasiliy authored
IRQ and resource[] may not have correct values until after PCI hotplug setup occurs at pci_enable_device() time. The semantic match that finds this problem is as follows: // <smpl> @@ identifier x; identifier request ~= "pci_request.*|pci_resource.*"; @@ ( * x->irq | * x->resource | * request(x, ...) ) ... *pci_enable_device(x) // </smpl> Signed-off-by: Kulikov Vasiliy <segooon@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Kulikov Vasiliy authored
IRQ and resource[] may not have correct values until after PCI hotplug setup occurs at pci_enable_device() time. The semantic match that finds this problem is as follows: // <smpl> @@ identifier x; identifier request ~= "pci_request.*|pci_resource.*"; @@ ( * x->irq | * x->resource | * request(x, ...) ) ... *pci_enable_device(x) // </smpl> Signed-off-by: Kulikov Vasiliy <segooon@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivialLinus Torvalds authored
* 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (48 commits) Documentation: update broken web addresses. fix comment typo "choosed" -> "chosen" hostap:hostap_hw.c Fix typo in comment Fix spelling contorller -> controller in comments Kconfig.debug: FAIL_IO_TIMEOUT: typo Faul -> Fault fs/Kconfig: Fix typo Userpace -> Userspace Removing dead MACH_U300_BS26 drivers/infiniband: Remove unnecessary casts of private_data fs/ocfs2: Remove unnecessary casts of private_data libfc: use ARRAY_SIZE scsi: bfa: use ARRAY_SIZE drm: i915: use ARRAY_SIZE drm: drm_edid: use ARRAY_SIZE synclink: use ARRAY_SIZE block: cciss: use ARRAY_SIZE comment typo fixes: charater => character fix comment typos concerning "challenge" arm: plat-spear: fix typo in kerneldoc reiserfs: typo comment fix update email address ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hidLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid: (30 commits) Revert "HID: add support for the Wacom Intuos 4 wireless" HID: fix up Kconfig entry for ACRUX driver HID: add ACRUX game controller force feedback support HID: Force input registration for "VEC footpedal" HID: add HID_QUIRK_HIDINPUT_FORCE HID: hid-input.c: indentation fixes HID: hiddev: use usb_find_interface, get rid of BKL HID: ignore digitizer usage Undefined (0x00) HID: Add support for Conceptronic CLLRCMCE HID: hid-ids.h: Whitespace fixup, align using TABs HID: picolcd: implement refcounting of framebuffer HID: picolcd: do not reallocate memory on depth change HID: picolcd: Add minimal palette required by fbcon on 8bpp HID: magicmouse: Correct parsing of large X and Y motions. HID: magicmouse: report last touch up HID: picolcd: fix deferred_io init/cleanup to fb ordering HID: hid-ids.h: keep vendor ids in alphabetical order HID: add proper support for Elecom BM084 bluetooth mouse HID: magicmouse: enable horizontal scrolling HID: magicmouse: add param for scroll speed ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (39 commits) random: Reorder struct entropy_store to remove padding on 64bits padata: update API documentation padata: Remove padata_get_cpumask crypto: pcrypt - Update pcrypt cpumask according to the padata cpumask notifier crypto: pcrypt - Rename pcrypt_instance padata: Pass the padata cpumasks to the cpumask_change_notifier chain padata: Rearrange set_cpumask functions padata: Rename padata_alloc functions crypto: pcrypt - Dont calulate a callback cpu on empty callback cpumask padata: Check for valid cpumasks padata: Allocate cpumask dependend recources in any case padata: Fix cpu index counting crypto: geode_aes - Convert pci_table entries to PCI_VDEVICE (if PCI_ANY_ID is used) pcrypt: Added sysfs interface to pcrypt padata: Added sysfs primitives to padata subsystem padata: Make two separate cpumasks padata: update documentation padata: simplify serialization mechanism padata: make padata_do_parallel to return zero on success padata: Handle empty padata cpumasks ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpuLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu: percpu: allow limited allocation before slab is online percpu: make @dyn_size always mean min dyn_size in first chunk init functions
-
git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6: (276 commits) [SCSI] zfcp: Trigger logging in the FCP channel on qdio error conditions [SCSI] zfcp: Introduce experimental support for DIF/DIX [SCSI] zfcp: Enable data division support for FCP devices [SCSI] zfcp: Prevent access on uninitialized memory. [SCSI] zfcp: Post events through FC transport class [SCSI] zfcp: Cleanup QDIO attachment and improve processing. [SCSI] zfcp: Cleanup function parameters for sbal value. [SCSI] zfcp: Use correct width for timer_interval field [SCSI] zfcp: Remove SCSI device when removing unit [SCSI] zfcp: Use memdup_user and kstrdup [SCSI] zfcp: Fix retry after failed "open port" erp action [SCSI] zfcp: Fail erp after timeout [SCSI] zfcp: Use forced_reopen in terminate_rport_io callback [SCSI] zfcp: Register SCSI devices after successful fc_remote_port_add [SCSI] zfcp: Do not try "forced close" when port is already closed [SCSI] zfcp: Do not unblock rport from REOPEN_PORT_FORCED [SCSI] sd: add support for runtime PM [SCSI] implement runtime Power Management [SCSI] convert to the new PM framework [SCSI] Unify SAM_ and SAM_STAT_ macros ...
-
Andy Lutomirski authored
82ca9341 added scary looking but harmless error messages. Make them clearer and make the actual failure message show up with the same severity as the harmless one. Signed-off-by: Andy Lutomirski <luto@mit.edu> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Kulikov Vasiliy authored
IRQ and resource[] may not have correct values until after PCI hotplug setup occurs at pci_enable_device() time. The semantic match that finds this problem is as follows: // <smpl> @@ identifier x; identifier request ~= "pci_request.*|pci_resource.*"; @@ ( * x->irq | * x->resource | * request(x, ...) ) ... *pci_enable_device(x) // </smpl> Signed-off-by: Kulikov Vasiliy <segooon@gmail.com> Acked-by: Gertjan van Wingerde <gwingerde@gmail.com> Acked-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Juuso Oikarinen authored
The warning is: net/mac80211/main.c:688: warning: label ‘fail_ifa’ defined but not used Signed-off-by: Juuso Oikarinen <juuso.oikarinen@nokia.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Christoph Fritz authored
If kzalloc() fails return with -ENOMEM from ipw2100_net_init() which is called by register_netdev. CC: Dan Carpenter <error27@gmail.com> Signed-off-by: Christoph Fritz <chf.fritz@googlemail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Jan Friedrich authored
ath9k_rx_skb_preprocess nulls rxs and the mactime is never set again - mactime is always 0. This causes problems in IBSS mode. ieee80211_rx_bss_info uses mactime to decide if an IBSS merge is needed. Without this patch the merge is triggered by each beacon received. This can be recognized by the "beacon TSF higher than local TSF - IBSS merge with BSSID" log message accompanying each beacon. This problem was not completely fixed in commit a6d2055b and is not a stable kernel fix. It is solely intended for wireless-testing. Signed-off-by: Jan Friedrich <jft@dev2day.de> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Larry Finger authored
The SMC2802W appears to work with p54pci. Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net> Tested-by: David Cozatt <olbrannon@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Lorenzo Bianconi authored
I noticed a possible issue in the paused flag management of the ath_atx_tid data structure. In particular, in a noisy environment and under heavy load, I observed that the AGGR session establishment could fail several times consecutively causing values of the paused flag greater than one for this TID (ath_tx_pause_tid is called more than once from ath_tx_aggr_start). Considering that the session for this TID can not be established also after the mac80211 stack calls the ieee80211_agg_tx_operational() since the ath_tx_aggr_resume() lowers the paused flag only by one. This patch also replaces some BUG_ON calls with WARN_ON, as even if these unlikely conditions happen, it's not fatal enough to justify a BUG_ON. Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi83@gmail.com> Signed-off-by: Felix Fietkau <nbd@openwrt.org> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Luis R. Rodriguez authored
AR9003 was not relying on the CTL indexes from the EEPROM for capping the max output power. The CTL indexes from the EEPROM provide calibrated limits for output power for each tested and supported frequency. Without this the device operates at a power level which only conforms to the transmit spectrum mask as specified by IEEE Annex I.2.3. The regulatory limit by CRDA is always used but does not provide calibrated values for optimal performance, specially on band edges. Using the calibrated data from the EEPROM ensures the device operates at optimal output power while still ensuring proper regulatory compliance. The device uses the minimum of these tree values, the value from CRDA, the calibrated value from CTL indexex, and the value to conform to the IEEE transmit spectrum mask. Signed-off-by: Luis R. Rodriguez <lrodriguez@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Kulikov Vasiliy authored
wl1271_dump() uses cmd after kfree(cmd). Move kfree() just after wl1271_dump(). Signed-off-by: Kulikov Vasiliy <segooon@gmail.com> Acked-by: Juuso Oikarinen <juuso.oikarinen@nokia.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-