- 04 Dec, 2006 8 commits
-
-
Al Viro authored
No need to revisit a chain we'd already finished with during the check for current hook. It's either instant loop (which we'd just detected) or a duplicate work. Signed-off-by:
Al Viro <viro@zeniv.linux.org.uk> Signed-off-by:
David S. Miller <davem@davemloft.net> Signed-off-by:
Adrian Bunk <bunk@stusta.de>
-
Al Viro authored
We need that for iterator to work; existing check had been too weak. Signed-off-by:
-
Al Viro authored
We need to verify that a) we are not too close to the end of buffer to dereference b) next entry we'll be checking won't be _before_ our While we are at it, don't subtract unrelated pointers... Signed-off-by: -
Patrick McHardy authored
The tc actions increased the size of struct tc_police, which broke compatibility with old iproute binaries since both the act_police and the old NET_CLS_POLICE code check for an exact size match. Since the new members are not even used, the simple fix is to also accept the size of the old structure. Dumping is not affected since old userspace will receive a bigger structure, which is handled fine. Signed-off-by:
Patrick McHardy <kaber@trash.net> Acked-by:
Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by:
-
Kim Nordlund authored
Not returning -EINVAL, because someone might want to use the value zero in some future gact_prob algorithm? Signed-off-by:
Kim Nordlund <kim.nordlund@nokia.com> Signed-off-by:
-
Dave Kleikamp authored
diRead and diWrite are representing the page number as an unsigned int. This causes file system corruption on volumes larger than 16TB. Signed-off-by:
Dave Kleikamp <shaggy@austin.ibm.com> Signed-off-by:
-
YOSHIFUJI Hideaki authored
TCP and RAW do not have this issue. Closes Bug #7432. Signed-off-by:
YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by:
-
Adrian Bunk authored
Spotted by Thomas Voegtle. Signed-off-by:
-
- 29 Nov, 2006 16 commits
-
-
Josh Triplett authored
Commit 7b2fd697427e73c81d5fa659efd91bd07d303b0e in the historical GIT tree stopped calling the readdir member of a file_operations struct with the big kernel lock held, and fixed up all the readdir functions to do their own locking. However, that change added calls to unlock_kernel() in vxfs_readdir, but no call to lock_kernel(). Fix this by adding a call to lock_kernel(). Signed-off-by:
Josh Triplett <josh@freedesktop.org> Signed-off-by:
-
Kyle McMartin authored
Signed-off-by:
Kyle McMartin <kyle@parisc-linux.org> Signed-off-by:
-
Jeremy Higdon authored
This patch removes a module_exit function that sgiioc4 should not have had. It seems that the IDE layer doesn't support submodule unloading. sgiioc4 was the only driver in drivers/ide/pci that had an exit function. After an unload, the devices would stay around and the next attempt to reference would crash... Signed-off-by:
Jeremy Higdon <jeremy@sgi.com> Signed-off-by:
-
Alexey Dobriyan authored
Convert various spin_lock_irqsave() callers to correctly use `unsigned long' Signed-off-by:
Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by:
-
Adrian Bunk authored
Backported from a patch by Mariusz Kozlowski <m.kozlowski@tuxland.pl> in 2.6.19. Signed-off-by: -
Vasily Tarasov authored
elv_iosched_show function iterates other elv_list, hence elv_list_lock should be got. Also the question is: in elv_iosched_show, elv_iosched_store q->elevator->elevator_type construction is used without locking q->queue_lock. Is it expected?.. Signed-off-by:
Vasily Tarasov <vtaras@openvz.org> Acked-by:
Jens Axboe <jens.axboe@oracle.com> Signed-off-by:
-
Jens Axboe authored
Contrary to what the name misleads you to believe, SG_DXFER_TO_FROM_DEV is really just a normal read seen from the device side. This patch fixes http://lkml.org/lkml/2006/10/13/100Signed-off-by:
-
Oliver Neukum authored
if urb submission fails due to a transient error here eg. ENOMEM, the driver is dead. This fixes it. Signed-off-by:
Oliver Neukum <oliver@neukum.name> Signed-off-by:
-
Nathan Lynch authored
Fix binary/logical operator typo which leads to unreachable code. Noticed while looking at other issues; I don't have the relevant hardware to test this. Signed-off-by:
Nathan Lynch <ntl@pobox.com> Signed-off-by:
-
Wink Saville authored
The following patch resolves the divide by zero error I encountered on my system: http://marc.10east.com/?l=linux-fbdev-devel&m=116058257024413&w=2 I accomplished this by merging what I thought was appropriate from: http://webcvs.freedesktop.org/xorg/driver/xf86-video-nv/src/Signed-off-by: -
Pierre Ossman authored
Both MMC and SD specifications specify (although a bit unclearly in the MMC case) that a sector size of 512 bytes must always be supported by the card. Cards can report larger "native" size than this, and cards >= 2 GB even must do so. Most other readers use 512 bytes even for these cards. We should do the same to be compatible. Signed-off-by:
Pierre Ossman <drzeus@drzeus.cx> Signed-off-by:
-
Herbert Xu authored
I was looking at a RHEL5 bug report involving Xen and SCTP (https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212550). It turns out that SCTP wasn't written to handle skb fragments at all. The absence of any calls to skb_may_pull is testament to that. It just so happens that Xen creates fragmented packets more often than other scenarios (header & data split when going from domU to dom0). That's what caused this bug to show up. Until someone has the time sits down and audits the entire net/sctp directory, here is a conservative and safe solution that simply linearises all packets on input. Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by:
-
Al Viro authored
sbi->s_group_desc is an array of pointers to buffer_head. memcpy() of buffer size from address of buffer_head is a bad idea - it will generate junk in any case, may oops if buffer_head is close to the end of slab page and next page is not mapped and isn't what was intended there. IOW, ->b_data is missing in that call. Fortunately, result doesn't go into the primary on-disk data structures, so only backup ones get crap written to them; that had allowed this bug to remain unnoticed until now. Signed-off-by:
-
Jean Delvare authored
Looks like a broken masking to me, binary not is used where bitwise not was intended. Signed-off-by:
Jean Delvare <khali@linux-fr.org> Signed-off-by:
Ralf Baechle <ralf@linux-mips.org> Signed-off-by:
-
Olaf Kirch authored
Make udp_encap_rcv use pskb_may_pull IPsec with NAT-T breaks on some notebooks using the latest e1000 chipset, when header split is enabled. When receiving sufficiently large packets, the driver puts everything up to and including the UDP header into the header portion of the skb, and the rest goes into the paged part. udp_encap_rcv forgets to use pskb_may_pull, and fails to decapsulate it. Instead, it passes it up it to the IKE daemon. Signed-off-by:
Olaf Kirch <okir@suse.de> Signed-off-by:
Jean Delvare <jdelvare@suse.de> Signed-off-by:
-
Adrian Bunk authored
-
- 25 Nov, 2006 9 commits
-
-
Adrian Bunk authored
-
Takashi Iwai authored
Remove obsoleted kfree_nochec() (for debug). Signed-off-by:
Takashi Iwai <tiwai@suse.de> Signed-off-by:
Jaroslav Kysela <perex@suse.cz> Signed-off-by:
-
Takashi Iwai authored
Fix missing makefile entries for echoaudio drivers Signed-off-by:
-
Takashi Iwai authored
Fixed a typo in echoaudio/midi.c. Signed-off-by:
-
Giuliano Pochini pochini@shiny.it authored
Add echoaudio sound drivers (darla20, darla24, echo3g, gina20, gina24, indigo, indigodj, indigoio, layla20, lala24, mia, mona) Signed-off-by:
-
Steve French authored
Fixes Samba bugzilla bug # 4182 Rename by handle failures (retry after rename by path) were not being returned back. Signed-off-by:
Steve French <sfrench@us.ibm.com> Signed-off-by:
-
Mark M. Hoffman authored
It is possible for i2c_add_adapter() to fail. Several I2C algorithm drivers ignore that fact. This (compile-tested only) patch fixes them. Signed-off-by:
Mark M. Hoffman <mhoffman@lightlink.com> Signed-off-by:
-
David L Stevens authored
The IGMPV3_EXP() macro doesn't correctly shift the normalization bit, so time-out values are longer than they should be. Thanks to Dirk Ooms for finding the problem in IGMPv3 - MLDv2 had a similar problem that was already fixed a year ago. :-( Signed-off-by:
David L Stevens <dlstevens@us.ibm.com> Signed-off-by:
-
Alan Stern authored
This patch (as657) increases the port-reset completion delay in uhci-hcd for HP's embedded controllers. Unlike other UHCI controllers, the HP chips can take as long as 250 us to carry out the processing associated with finishing a port reset. This fixes Novell bug #148761. Signed-off-by:
Alan Stern <stern@rowland.harvard.edu> Signed-off-by:
Greg Kroah-Hartman <gregkh@suse.de> Signed-off-by:
-
- 24 Nov, 2006 7 commits
-
-
Christoph Hellwig authored
The hptiop just got merged with a horrible amount of really bad ioctl code that is against the standards for new scsi drivers. This patch backs it out (and fixes a small bug where scsi_add_host is called to early). We can re-add proper APIs once we agree on them. Signed-off-by:
Christoph Hellwig <hch@lst.de> Signed-off-by:
-
HighPoint Linux Team authored
IOP reset message should be posted to inbound message register instead of outbound message register. Signed-off-by:
HighPoint Linux Team <linux@highpoint-tech.com> Signed-off-by:
-
James Bottomley authored
use cmnd->request_bufflen instead. Signed-off-by:
James Bottomley <James.Bottomley@SteelEye.com> Signed-off-by:
-
HighPoint Linux Team authored
Updates: - don't bypass SYNCHRONIZE_CACHE command - return SCSI_MLQUEUE_HOST_BUSY when no free request slots - move scsi_remove_host() to the begin of hpt_remove(), or it will not work after resources being released. Signed-off-by:
-
HighPoint Linux Team authored
HighPoint RocketRAID 3220/3320 series 8 channel PCI-X SATA RAID Host Adapters. Fixes from original submission: Merge Andrew Morton's patches: - Provide locking for global list - Fix debug printks - uninline function with multiple callsites - coding style fixups - remove unneeded casts of void* - kfree(NULL) is legal - Don't "succeed" if register_chrdev() failed - otherwise we'll later unregister a not-registered chrdev. - Don't return from hptiop_do_ioctl() with the spinlock held. - uninline __hpt_do_ioctl() Update for Arjan van de Ven's comments: - put all asm/ includes after the linux/ ones - replace mdelay with msleep - add pci posting flush - do not set pci command reqister in map_pci_bar - do not try merging sg elements in hptiop_buildsgl() - remove unused outstandingcommands member from hba structure - remove unimplemented hptiop_abort() handler - remove typedef u32 hpt_id_t Other updates: - fix endianess Signed-off-by:
-
Adrian Bunk authored
Signed-off-by: -
Hidetoshi Seto authored
Following function can drops d_count twice against one reference by lookup_one_len. <SOURCE> /** * sysfs_update_file - update the modified timestamp on an object attribute. * @kobj: object we're acting for. * @attr: attribute descriptor. */ int sysfs_update_file(struct kobject * kobj, const struct attribute * attr) { struct dentry * dir = kobj->dentry; struct dentry * victim; int res = -ENOENT; mutex_lock(&dir->d_inode->i_mutex); victim = lookup_one_len(attr->name, dir, strlen(attr->name)); if (!IS_ERR(victim)) { /* make sure dentry is really there */ if (victim->d_inode && (victim->d_parent->d_inode == dir->d_inode)) { victim->d_inode->i_mtime = CURRENT_TIME; fsnotify_modify(victim); /** * Drop reference from initial sysfs_get_dentry(). */ dput(victim); res = 0; } else d_drop(victim); /** * Drop the reference acquired from sysfs_get_dentry() above. */ dput(victim); } mutex_unlock(&dir->d_inode->i_mutex); return res; } </SOURCE> PCI-hotplug (drivers/pci/hotplug/pci_hotplug_core.c) is only user of this function. I confirmed that dentry of /sys/bus/pci/slots/XXX/* have negative d_count value. This patch removes unnecessary dput(). Signed-off-by:Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com> Signed-off-by:
Andrew Morton <akpm@osdl.org> Signed-off-by:
-
