- 14 Oct, 2014 40 commits
-
-
Guenter Roeck authored
tag_protocol is now an enum, so drivers have to check against it. Cc: Andrew Lunn <andrew@lunn.ch> Signed-off-by: Guenter Roeck <linux@roeck-us.net> Acked-by: Florian Fainelli <f.fainelli@gmail.com> Acked-by: Andrew Lunn <andrew@lunn.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Iyappan Subramanian says: ==================== Adding SGMII based 1GbE basic support to APM X-Gene SoC ethernet driver. v2: Address comments from v1 * Split the patchset into two, the first one being preparatory patch * Added link_state function pointer to the xgene_mac_ops structure * Added xgene_indirect_ctl structure for indirect read/write arguments v1: * Initial version ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Iyappan Subramanian authored
Signed-off-by: Iyappan Subramanian <isubramanian@apm.com> Signed-off-by: Keyur Chudgar <kchudgar@apm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Iyappan Subramanian authored
Signed-off-by: Iyappan Subramanian <isubramanian@apm.com> Signed-off-by: Keyur Chudgar <kchudgar@apm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Iyappan Subramanian authored
- Added link_state function pointer to the xgene__mac_ops structure - Moved ring manager (pdata->rm) assignment to xgene_enet_setup_ops - Removed unused variable (pdata->phy_addr) and macro (FULL_DUPLEX) Signed-off-by: Iyappan Subramanian <isubramanian@apm.com> Signed-off-by: Keyur Chudgar <kchudgar@apm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Iyappan Subramanian authored
Signed-off-by: Iyappan Subramanian <isubramanian@apm.com> Signed-off-by: Keyur Chudgar <kchudgar@apm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Alexei Starovoitov authored
userspace programs that use eBPF instruction macros need to include two files: uapi/linux/filter.h and uapi/linux/bpf.h Move common macro definitions that are shared between classic BPF and eBPF into uapi/linux/bpf_common.h, so that user app can include only one bpf.h file Cc: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: Alexei Starovoitov <ast@plumgrid.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Fabian Frederick authored
parent cfusbl was used instead of first structure member 'layer' Suggested-by: Joe Perches <joe@perches.com> Signed-off-by: Fabian Frederick <fabf@skynet.be> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Fabian Frederick authored
Let MM subsystem display out of memory messages. Signed-off-by: Fabian Frederick <fabf@skynet.be> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Fabian Frederick authored
Also add blank line after declaration Signed-off-by: Fabian Frederick <fabf@skynet.be> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Mugunthan V N authored
remove all the child devices from the system to make sure that re-insert of cpsw module doesn't fail on child device populated by of_platform_populate(). Signed-off-by: Mugunthan V N <mugunthanvnm@ti.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Mugunthan V N authored
remove spinlock in cpdma_desc_pool_destroy() as there is no active cpdma channel and iounmap should be called without auquiring lock. root@dra7xx-evm:~# modprobe -r ti_cpsw [ 50.539743] [ 50.541312] ====================================================== [ 50.547796] [ INFO: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected ] [ 50.554826] 3.14.19-02124-g95c5b7b #308 Not tainted [ 50.559939] ------------------------------------------------------ [ 50.566416] modprobe/1921 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 50.573347] (vmap_area_lock){+.+...}, at: [<c01127fc>] find_vmap_area+0x10/0x6c [ 50.581132] [ 50.581132] and this task is already holding: [ 50.587249] (&(&pool->lock)->rlock#2){..-...}, at: [<bf017c74>] cpdma_ctlr_destroy+0x5c/0x114 [davinci_cpdma] [ 50.597766] which would create a new lock dependency: [ 50.603048] (&(&pool->lock)->rlock#2){..-...} -> (vmap_area_lock){+.+...} [ 50.610296] [ 50.610296] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 50.618601] (&(&pool->lock)->rlock#2){..-...} ... which became SOFTIRQ-irq-safe at: [ 50.626829] [<c06585a4>] _raw_spin_lock_irqsave+0x38/0x4c [ 50.632677] [<bf01773c>] cpdma_desc_free.constprop.7+0x28/0x58 [davinci_cpdma] [ 50.640437] [<bf0177e8>] __cpdma_chan_free+0x7c/0xa8 [davinci_cpdma] [ 50.647289] [<bf017908>] __cpdma_chan_process+0xf4/0x134 [davinci_cpdma] [ 50.654512] [<bf017984>] cpdma_chan_process+0x3c/0x54 [davinci_cpdma] [ 50.661455] [<bf0277e8>] cpsw_poll+0x14/0xa8 [ti_cpsw] [ 50.667038] [<c05844f4>] net_rx_action+0xc0/0x1e8 [ 50.672150] [<c0048234>] __do_softirq+0xcc/0x304 [ 50.677183] [<c004873c>] irq_exit+0xa8/0xfc [ 50.681751] [<c000eeac>] handle_IRQ+0x50/0xb0 [ 50.686513] [<c0008638>] gic_handle_irq+0x28/0x5c [ 50.691628] [<c06590a4>] __irq_svc+0x44/0x5c [ 50.696289] [<c0658ab4>] _raw_spin_unlock_irqrestore+0x34/0x44 [ 50.702591] [<c065a9c4>] do_page_fault.part.9+0x144/0x3c4 [ 50.708433] [<c065acb8>] do_page_fault+0x74/0x84 [ 50.713453] [<c00083dc>] do_DataAbort+0x34/0x98 [ 50.718391] [<c065923c>] __dabt_usr+0x3c/0x40 [ 50.723148] [ 50.723148] to a SOFTIRQ-irq-unsafe lock: [ 50.728893] (vmap_area_lock){+.+...} ... which became SOFTIRQ-irq-unsafe at: [ 50.736476] ... [<c06584e8>] _raw_spin_lock+0x28/0x38 [ 50.741876] [<c011376c>] alloc_vmap_area.isra.28+0xb8/0x300 [ 50.747908] [<c0113a44>] __get_vm_area_node.isra.29+0x90/0x134 [ 50.754210] [<c011486c>] get_vm_area_caller+0x3c/0x48 [ 50.759692] [<c0114be0>] vmap+0x40/0x78 [ 50.763900] [<c09442f0>] check_writebuffer_bugs+0x54/0x1a0 [ 50.769835] [<c093eac0>] start_kernel+0x320/0x388 [ 50.774952] [<80008074>] 0x80008074 [ 50.778793] [ 50.778793] other info that might help us debug this: [ 50.778793] [ 50.787181] Possible interrupt unsafe locking scenario: [ 50.787181] [ 50.794295] CPU0 CPU1 [ 50.799042] ---- ---- [ 50.803785] lock(vmap_area_lock); [ 50.807446] local_irq_disable(); [ 50.813652] lock(&(&pool->lock)->rlock#2); [ 50.820782] lock(vmap_area_lock); [ 50.827086] <Interrupt> [ 50.829823] lock(&(&pool->lock)->rlock#2); [ 50.834490] [ 50.834490] *** DEADLOCK *** [ 50.834490] [ 50.840695] 4 locks held by modprobe/1921: [ 50.844981] #0: (&__lockdep_no_validate__){......}, at: [<c03e53e8>] driver_detach+0x44/0xb8 [ 50.854038] #1: (&__lockdep_no_validate__){......}, at: [<c03e53f4>] driver_detach+0x50/0xb8 [ 50.863102] #2: (&(&ctlr->lock)->rlock){......}, at: [<bf017c34>] cpdma_ctlr_destroy+0x1c/0x114 [davinci_cpdma] [ 50.873890] #3: (&(&pool->lock)->rlock#2){..-...}, at: [<bf017c74>] cpdma_ctlr_destroy+0x5c/0x114 [davinci_cpdma] [ 50.884871] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 50.892827] -> (&(&pool->lock)->rlock#2){..-...} ops: 167 { [ 50.898703] IN-SOFTIRQ-W at: [ 50.901995] [<c06585a4>] _raw_spin_lock_irqsave+0x38/0x4c [ 50.909476] [<bf01773c>] cpdma_desc_free.constprop.7+0x28/0x58 [davinci_cpdma] [ 50.918878] [<bf0177e8>] __cpdma_chan_free+0x7c/0xa8 [davinci_cpdma] [ 50.927366] [<bf017908>] __cpdma_chan_process+0xf4/0x134 [davinci_cpdma] [ 50.936218] [<bf017984>] cpdma_chan_process+0x3c/0x54 [davinci_cpdma] [ 50.944794] [<bf0277e8>] cpsw_poll+0x14/0xa8 [ti_cpsw] [ 50.952009] [<c05844f4>] net_rx_action+0xc0/0x1e8 [ 50.958765] [<c0048234>] __do_softirq+0xcc/0x304 [ 50.965432] [<c004873c>] irq_exit+0xa8/0xfc [ 50.971635] [<c000eeac>] handle_IRQ+0x50/0xb0 [ 50.978035] [<c0008638>] gic_handle_irq+0x28/0x5c [ 50.984788] [<c06590a4>] __irq_svc+0x44/0x5c [ 50.991085] [<c0658ab4>] _raw_spin_unlock_irqrestore+0x34/0x44 [ 50.999023] [<c065a9c4>] do_page_fault.part.9+0x144/0x3c4 [ 51.006510] [<c065acb8>] do_page_fault+0x74/0x84 [ 51.013171] [<c00083dc>] do_DataAbort+0x34/0x98 [ 51.019738] [<c065923c>] __dabt_usr+0x3c/0x40 [ 51.026129] INITIAL USE at: [ 51.029335] [<c06585a4>] _raw_spin_lock_irqsave+0x38/0x4c [ 51.036729] [<bf017d78>] cpdma_chan_submit+0x4c/0x2f0 [davinci_cpdma] [ 51.045225] [<bf02863c>] cpsw_ndo_open+0x378/0x6bc [ti_cpsw] [ 51.052897] [<c058747c>] __dev_open+0x9c/0x104 [ 51.059287] [<c05876ec>] __dev_change_flags+0x88/0x160 [ 51.066420] [<c05877e4>] dev_change_flags+0x18/0x48 [ 51.073270] [<c05ed51c>] devinet_ioctl+0x61c/0x6e0 [ 51.080029] [<c056ee54>] sock_ioctl+0x5c/0x298 [ 51.086418] [<c01350a4>] do_vfs_ioctl+0x78/0x61c [ 51.092993] [<c01356ac>] SyS_ioctl+0x64/0x74 [ 51.099200] [<c000e580>] ret_fast_syscall+0x0/0x48 [ 51.105956] } [ 51.107696] ... key at: [<bf019000>] __key.21312+0x0/0xfffff650 [davinci_cpdma] [ 51.115912] ... acquired at: [ 51.119019] [<c00899ac>] lock_acquire+0x9c/0x104 [ 51.124138] [<c06584e8>] _raw_spin_lock+0x28/0x38 [ 51.129341] [<c01127fc>] find_vmap_area+0x10/0x6c [ 51.134547] [<c0114960>] remove_vm_area+0x8/0x6c [ 51.139659] [<c0114a7c>] __vunmap+0x20/0xf8 [ 51.144318] [<c001c350>] __arm_iounmap+0x10/0x18 [ 51.149440] [<bf017d08>] cpdma_ctlr_destroy+0xf0/0x114 [davinci_cpdma] [ 51.156560] [<bf026294>] cpsw_remove+0x48/0x8c [ti_cpsw] [ 51.162407] [<c03e62c8>] platform_drv_remove+0x18/0x1c [ 51.168063] [<c03e4c44>] __device_release_driver+0x70/0xc8 [ 51.174094] [<c03e5458>] driver_detach+0xb4/0xb8 [ 51.179212] [<c03e4a6c>] bus_remove_driver+0x4c/0x90 [ 51.184693] [<c00b024c>] SyS_delete_module+0x10c/0x198 [ 51.190355] [<c000e580>] ret_fast_syscall+0x0/0x48 [ 51.195661] [ 51.197217] the dependencies between the lock to be acquired and SOFTIRQ-irq-unsafe lock: [ 51.205986] -> (vmap_area_lock){+.+...} ops: 520 { [ 51.211032] HARDIRQ-ON-W at: [ 51.214321] [<c06584e8>] _raw_spin_lock+0x28/0x38 [ 51.221090] [<c011376c>] alloc_vmap_area.isra.28+0xb8/0x300 [ 51.228750] [<c0113a44>] __get_vm_area_node.isra.29+0x90/0x134 [ 51.236690] [<c011486c>] get_vm_area_caller+0x3c/0x48 [ 51.243811] [<c0114be0>] vmap+0x40/0x78 [ 51.249654] [<c09442f0>] check_writebuffer_bugs+0x54/0x1a0 [ 51.257239] [<c093eac0>] start_kernel+0x320/0x388 [ 51.263994] [<80008074>] 0x80008074 [ 51.269474] SOFTIRQ-ON-W at: [ 51.272769] [<c06584e8>] _raw_spin_lock+0x28/0x38 [ 51.279525] [<c011376c>] alloc_vmap_area.isra.28+0xb8/0x300 [ 51.287190] [<c0113a44>] __get_vm_area_node.isra.29+0x90/0x134 [ 51.295126] [<c011486c>] get_vm_area_caller+0x3c/0x48 [ 51.302245] [<c0114be0>] vmap+0x40/0x78 [ 51.308094] [<c09442f0>] check_writebuffer_bugs+0x54/0x1a0 [ 51.315669] [<c093eac0>] start_kernel+0x320/0x388 [ 51.322423] [<80008074>] 0x80008074 [ 51.327906] INITIAL USE at: [ 51.331112] [<c06584e8>] _raw_spin_lock+0x28/0x38 [ 51.337775] [<c011376c>] alloc_vmap_area.isra.28+0xb8/0x300 [ 51.345352] [<c0113a44>] __get_vm_area_node.isra.29+0x90/0x134 [ 51.353197] [<c011486c>] get_vm_area_caller+0x3c/0x48 [ 51.360224] [<c0114be0>] vmap+0x40/0x78 [ 51.365977] [<c09442f0>] check_writebuffer_bugs+0x54/0x1a0 [ 51.373464] [<c093eac0>] start_kernel+0x320/0x388 [ 51.380131] [<80008074>] 0x80008074 [ 51.385517] } [ 51.387260] ... key at: [<c0a66948>] vmap_area_lock+0x10/0x20 [ 51.393841] ... acquired at: [ 51.396945] [<c00899ac>] lock_acquire+0x9c/0x104 [ 51.402060] [<c06584e8>] _raw_spin_lock+0x28/0x38 [ 51.407266] [<c01127fc>] find_vmap_area+0x10/0x6c [ 51.412478] [<c0114960>] remove_vm_area+0x8/0x6c [ 51.417592] [<c0114a7c>] __vunmap+0x20/0xf8 [ 51.422252] [<c001c350>] __arm_iounmap+0x10/0x18 [ 51.427369] [<bf017d08>] cpdma_ctlr_destroy+0xf0/0x114 [davinci_cpdma] [ 51.434487] [<bf026294>] cpsw_remove+0x48/0x8c [ti_cpsw] [ 51.440336] [<c03e62c8>] platform_drv_remove+0x18/0x1c [ 51.446000] [<c03e4c44>] __device_release_driver+0x70/0xc8 [ 51.452031] [<c03e5458>] driver_detach+0xb4/0xb8 [ 51.457147] [<c03e4a6c>] bus_remove_driver+0x4c/0x90 [ 51.462628] [<c00b024c>] SyS_delete_module+0x10c/0x198 [ 51.468289] [<c000e580>] ret_fast_syscall+0x0/0x48 [ 51.473584] [ 51.475140] [ 51.475140] stack backtrace: [ 51.479703] CPU: 0 PID: 1921 Comm: modprobe Not tainted 3.14.19-02124-g95c5b7b #308 [ 51.487744] [<c0016090>] (unwind_backtrace) from [<c0012060>] (show_stack+0x10/0x14) [ 51.495865] [<c0012060>] (show_stack) from [<c0652a20>] (dump_stack+0x78/0x94) [ 51.503444] [<c0652a20>] (dump_stack) from [<c0086f18>] (check_usage+0x408/0x594) [ 51.511293] [<c0086f18>] (check_usage) from [<c00870f8>] (check_irq_usage+0x54/0xb0) [ 51.519416] [<c00870f8>] (check_irq_usage) from [<c0088724>] (__lock_acquire+0xe54/0x1b90) [ 51.528077] [<c0088724>] (__lock_acquire) from [<c00899ac>] (lock_acquire+0x9c/0x104) [ 51.536291] [<c00899ac>] (lock_acquire) from [<c06584e8>] (_raw_spin_lock+0x28/0x38) [ 51.544417] [<c06584e8>] (_raw_spin_lock) from [<c01127fc>] (find_vmap_area+0x10/0x6c) [ 51.552726] [<c01127fc>] (find_vmap_area) from [<c0114960>] (remove_vm_area+0x8/0x6c) [ 51.560935] [<c0114960>] (remove_vm_area) from [<c0114a7c>] (__vunmap+0x20/0xf8) [ 51.568693] [<c0114a7c>] (__vunmap) from [<c001c350>] (__arm_iounmap+0x10/0x18) [ 51.576362] [<c001c350>] (__arm_iounmap) from [<bf017d08>] (cpdma_ctlr_destroy+0xf0/0x114 [davinci_cpdma]) [ 51.586494] [<bf017d08>] (cpdma_ctlr_destroy [davinci_cpdma]) from [<bf026294>] (cpsw_remove+0x48/0x8c [ti_cpsw]) [ 51.597261] [<bf026294>] (cpsw_remove [ti_cpsw]) from [<c03e62c8>] (platform_drv_remove+0x18/0x1c) [ 51.606659] [<c03e62c8>] (platform_drv_remove) from [<c03e4c44>] (__device_release_driver+0x70/0xc8) [ 51.616237] [<c03e4c44>] (__device_release_driver) from [<c03e5458>] (driver_detach+0xb4/0xb8) [ 51.625264] [<c03e5458>] (driver_detach) from [<c03e4a6c>] (bus_remove_driver+0x4c/0x90) [ 51.633749] [<c03e4a6c>] (bus_remove_driver) from [<c00b024c>] (SyS_delete_module+0x10c/0x198) [ 51.642781] [<c00b024c>] (SyS_delete_module) from [<c000e580>] (ret_fast_syscall+0x0/0x48) Signed-off-by: Mugunthan V N <mugunthanvnm@ti.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Mugunthan V N authored
memories allocated with devm_* apis must not be freed with kfree apis, so removing the kfree calls Fixes: e1943128 ('drivers: net: davinci_cpdma: Convert kzalloc() to devm_kzalloc().') Signed-off-by: Mugunthan V N <mugunthanvnm@ti.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Prashant Sreedharan authored
Ring TX doorbell only if xmit_more is not set or the queue is stopped. Suggested-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: Prashant Sreedharan <prashant@broadcom.com> Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jiri Pirko authored
fib_nh_match does not match nexthops correctly. Example: ip route add 172.16.10/24 nexthop via 192.168.122.12 dev eth0 \ nexthop via 192.168.122.13 dev eth0 ip route del 172.16.10/24 nexthop via 192.168.122.14 dev eth0 \ nexthop via 192.168.122.15 dev eth0 Del command is successful and route is removed. After this patch applied, the route is correctly matched and result is: RTNETLINK answers: No such process Please consider this for stable trees as well. Fixes: 4e902c57 ("[IPv4]: FIB configuration using struct fib_config") Signed-off-by: Jiri Pirko <jiri@resnulli.us> Acked-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric Dumazet authored
We worked hard to improve tcp_ack() performance, by not accessing skb_shinfo() in fast path (cd7d8498 tcp: change tcp_skb_pcount() location) We still have one spurious access because of ACK timestamping, added in commit e1c8a607 ("net-timestamp: ACK timestamp for bytestreams") By checking if sk_tsflags has SOF_TIMESTAMPING_TX_ACK set, we can avoid two cache line misses for the common case. While we are at it, add two prefetchw() : One in tcp_ack() to bring skb at the head of write queue. One in tcp_clean_rtx_queue() loop to bring following skb, as we will delete skb from the write queue and dirty skb->next->prev. Add a couple of [un]likely() clauses. After this patch, tcp_ack() is no longer the most consuming function in tcp stack. Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Willem de Bruijn <willemb@google.com> Cc: Neal Cardwell <ncardwell@google.com> Cc: Yuchung Cheng <ycheng@google.com> Cc: Van Jacobson <vanj@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Tilman Schmidt says: ==================== Coverity patches for drivers/isdn Here's a series of patches for the ISDN CAPI subsystem and the Gigaset ISDN driver. Patches 1 to 7 are specific fixes for Coverity warnings. Patches 8 to 11 fix related problems with the handling of invalid CAPI command codes I noticed while working on this. Patch 12 fixes an unrelated problem I noticed during the subsequent regression tests. It would be great if these could still be merged. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
In usb_gigaset function gigaset_write_cmd(), the length field of the command buffer structure could be cleared by the transmit tasklet before it was used for the function's return value. Fix by copying to a local variable before scheduling the tasklet. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
capi_cmd2str() is used in many places to build log messages. None of them is prepared to handle NULL as a result. Change the function to return printable string "INVALID_COMMAND" instead. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
Have callers of capi_cmsg2message and capi_message2cmsg handle non-zero return values indicating failure. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
An invalid CAPI 2.0 command/subcommand combination may retrieve a NULL pointer from the cpars[] array which will later be dereferenced by the parser routines. Fix by adding NULL pointer checks in strategic places. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
Encapsulate accesses to the CAPI 2.0 command/subcommand name and parameter tables in a single place in preparation for redesign. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
The result of the function command_2_index() is used to index two arrays mnames[] and cpars[] with max. index 0x4e but in its current form that function can produce results up to 3*(0x9+0x9)+0x7f = 0xb5. Fix by clamping all result values potentially overrunning the arrays to zero which is already handled as an invalid value. Re-spotted with Coverity. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
Function capi20_manufacturer() is declared with unsigned int cmd argument but called with unsigned long. Fix by correcting the function prototype since the actual argument is part of the user visible API. Spotted with Coverity. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
at_state structures may be allocated individually or as part of a cardstate or bc_state structure. The disconnect() function handled both cases, creating a risk that it might try to deallocate an at_state structure that had not been allocated individually. Fix by splitting disconnect() into two variants handling cases with and without an associated B channel separately, and adding an explicit check. Spotted with Coverity. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
In do_action, a NULL pointer might be passed to function start_dial which will dereference it. Fix by adding a check for NULL before the call. Spotted with Coverity. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
In dump_rawmsg, the length field from a received data package was used unscrutinized, allowing an attacker to control the size of the allocated buffer and the number of times the output loop iterates. Fix by limiting to a reasonable value. Spotted with Coverity. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
In gigaset_isdn_regdev, the name field may not have a null terminator if the source string's length is equal to the buffer size. Fix by zero filling the structure and excluding the last byte of the name field from the copy. Spotted with Coverity. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Tilman Schmidt authored
If we take the unsupported supplementary service notification mask path, we end up falling through and overwriting the error code. Insert a break statement to skip the remainder of the switch case and proceed to sending the reply message. Spotted with Coverity. Reported-by: Dave Jones <davej@redhat.com> Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Luwei Zhou says: ==================== Enable FEC pps feather Change from v2 to v3: -Using the default channel 0 to be PPS channel not PTP_PIN_SET/GETFUNC interface. -Using the linux definition of NSEC_PER_SEC. Change from v1 to v2: - Fix the potential 32-bit multiplication overflow issue. - Optimize the hareware adjustment code to improve efficiency as Richard suggested - Use ptp PTP_PIN_SET/GETFUNC interface to set PPS channel not device tree and add PTP_PF_PPS enumeration - Modify comments style ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
-
Luwei Zhou authored
FEC ptp timer has 4 channel compare/trigger function. It can be used to enable pps output. The pulse would be ouput high exactly on N second. The pulse ouput high on compare event mode is used to produce pulse per second. The pulse width would be one cycle based on ptp timer clock source.Since 31-bit ptp hardware timer is used, the timer will wrap more than 2 seconds. We need to reload the compare compare event about every 1 second. Signed-off-by: Luwei Zhou <b45643@freescale.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Luwei Zhou authored
The FEC IP supports hardware adjustment for ptp timer. Refer to the description of ENET_ATCOR and ENET_ATINC registers in the spec about the hardware adjustment. This patch uses hardware support to adjust the ptp offset and frequency on the slave side. Signed-off-by: Luwei Zhou <b45643@freescale.com> Signed-off-by: Frank Li <Frank.Li@freescale.com> Signed-off-by: Fugang Duan <b38611@freescale.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Luwei Zhou authored
When ptp switches from software adjustment to hardware ajustment, linux ptp can't converge. It is caused by the IP limit. Hardware adjustment logcial have issue when ptp counter runs over 0x80000000(31 bit counter). The internal IP reference manual already remove 32bit free-running count support. This patch replace the 32-bit PTP timer with 31-bit. Signed-off-by: Luwei Zhou <b45643@freescale.com> Signed-off-by: Frank Li <Frank.Li@freescale.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Li RongQing authored
no user uses this lock. Signed-off-by: Li RongQing <roy.qing.li@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Alexei Starovoitov authored
1. JIT compiler using multi-pass approach to converge to final image size, since x86 instructions are variable length. It starts with large gaps between instructions (so some jumps may use imm32 instead of imm8) and iterates until total program size is the same as in previous pass. This algorithm works only if program size is strictly decreasing. Programs that use LD_ABS insn need additional code in prologue, but it was not emitted during 1st pass, so there was a chance that 2nd pass would adjust imm32->imm8 jump offsets to the same number of bytes as increase in prologue, which may cause algorithm to erroneously decide that size converged. Fix it by always emitting largest prologue in the first pass which is detected by oldproglen==0 check. Also change error check condition 'proglen != oldproglen' to fail gracefully. 2. while staring at the code realized that 64-byte buffer may not be enough when 1st insn is large, so increase it to 128 to avoid buffer overflow (theoretical maximum size of prologue+div is 109) and add runtime check. Fixes: 62258278 ("net: filter: x86: internal BPF JIT") Reported-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Alexei Starovoitov <ast@plumgrid.com> Tested-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Eric Dumazet authored
TCP Small Queues (tcp_tsq_handler()) can hold one reference on sk->sk_wmem_alloc, preventing skb->ooo_okay being set. We should relax test done to set skb->ooo_okay to take care of this extra reference. Minimal truesize of skb containing one byte of payload is SKB_TRUESIZE(1) Without this fix, we have more chance locking flows into the wrong transmit queue. Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Alexander Aring authored
If the skb is not dropped afterwards we should run consume_skb instead kfree_skb. Inside of function skb_unshare we do always a kfree_skb, doesn't depend if skb_copy failed or was successful. This patch switch this behaviour like skb_share_check, if allocation of sk_buff failed we use kfree_skb otherwise consume_skb. Signed-off-by: Alexander Aring <alex.aring@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Alexander Duyck authored
This change adds support for skb->xmit_more based on the changes that were made to igb to support the feature. The main changes are moving up the check for maybe_stop_tx so that we can check netif_xmit_stopped to determine if we must write the tail because we can add no further buffers. Acked-by: Matthew Vick <matthew.vick@intel.com> Signed-off-by: Alexander Duyck <alexander.h.duyck@redhat.com> Acked-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Nimrod Andy authored
reproduce: make ARCH=arm C=1 2>fec.txt drivers/net/ethernet/freescale/fec_main.o cat fec.txt sparse warnings: drivers/net/ethernet/freescale/fec_main.c:2916:12: warning: context imbalance in 'fec_set_features' - different lock contexts for basic block Christopher Li suggest to change as below: if (need_lock) { lock(); do_something_real(); unlock(); } else { do_something_real(); } Reported-by: Fabio Estevam <festevam@gmail.com> Suggested-by: Christopher Li <sparse@chrisli.org> Signed-off-by: Fugang Duan <B38611@freescale.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Vince Bridgers authored
Signed-off-by: Vince Bridgers <vbridger@opensource.altera.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-