- 03 May, 2010 10 commits
-
-
David S. Miller authored
-
David J. Choi authored
This is the first version of phy driver from Micrel Inc. Signed-off-by:
David J. Choi <david.choi@micrel.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
Ilpo Järvinen authored
Worse yet, it seems that its arguments were in reverse order. Also remove one related helper which seems hardly worth keeping. Signed-off-by:
Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by:
-
Peter Korsgaard authored
Use correct bit positions in DM_SHARED_CTRL register for writes. Michael Planes recently encountered a 'KY-RS9600 USB-LAN converter', which came with a driver CD containing a Linux driver. This driver turns out to be a copy of dm9601.c with symbols renamed and my copyright stripped. That aside, it did contain 1 functional change in dm_write_shared_word(), and after checking the datasheet the original value was indeed wrong (read versus write bits). On Michaels HW, this change bumps receive speed from ~30KB/s to ~900KB/s. On other devices the difference is less spectacular, but still significant (~30%). Reported-by:
Michael Planes <michael.planes@free.fr> CC: stable@kernel.org Signed-off-by:
Peter Korsgaard <jacmet@sunsite.dk> Signed-off-by:
-
David S. Miller authored
This reverts commit d5ffd75a. As requested by Jeff Kircher. Signed-off-by:
-
Simon Arlott authored
Frequently when using PPPoE with an interface MTU greater than 1500, the skb is likely to be non-linear. If the skb needs to be passed to pppd then the skb data must be read correctly. The previous commit fixes an issue with accidentally sending skbs to pppd based on an invalid read of the protocol type. When that error occurred pppd was reading invalid skb data too. Signed-off-by:
Simon Arlott <simon@fire.lp0.eu> Signed-off-by:
-
Simon Arlott authored
In ppp_input(), PPP_PROTO(skb) may refer to invalid data in the skb. If this happens and (proto >= 0xc000 || proto == PPP_CCPFRAG) then the packet is passed directly to pppd. This occurs frequently when using PPPoE with an interface MTU greater than 1500 because the skb is more likely to be non-linear. The next 2 bytes need to be pulled in ppp_input(). The pull of 2 bytes in ppp_receive_frame() has been removed as it is no longer required. Signed-off-by:
-
David S. Miller authored
Signed-off-by: -
Changli Gao authored
Per cpu variable softnet_data.total was shared between IRQ and SoftIRQ context without any protection. And enqueue_to_backlog should update the netdev_rx_stat of the target CPU. This patch renames softnet_data.total to softnet_data.processed: the number of packets processed in uppper levels(IP stacks). softnet_stat data is moved into softnet_data. Signed-off-by:
Changli Gao <xiaosuo@gmail.com> ---- include/linux/netdevice.h | 17 +++++++---------- net/core/dev.c | 26 ++++++++++++-------------- net/sched/sch_generic.c | 2 +- 3 files changed, 20 insertions(+), 25 deletions(-) Signed-off-by:
Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by:
-
David S. Miller authored
-
- 02 May, 2010 3 commits
-
-
Jan Engelhardt authored
Fix this one: include/net/sock.h: error: two or more data types in declaration specifiers Signed-off-by:
Jan Engelhardt <jengelh@medozas.de> Signed-off-by:
-
David S. Miller authored
In commit 6be8ac2f ("[NET]: uninline skb_pull, de-bloats a lot") we uninlined skb_pull. But in some critical paths it makes sense to inline this thing and it helps performance significantly. Create an skb_pull_inline() so that we can do this in a way that serves also as annotation. Based upon a patch by Eric Dumazet. Signed-off-by:
-
Elina Pasheva authored
The following patch adds the initiation of the sync sequence to "sierra_net_bind()". If this step is omitted, the modem will never sync up with the host and it will not be possible to establish a data connection. Signed-off-by:
Elina Pasheva <epasheva@sierrawireless.com> Signed-off-by:
Rory Filer <rfiler@sierrawireless.com> Tested-by:
-
- 01 May, 2010 2 commits
-
-
Eric Dumazet authored
sk_callback_lock rwlock actually protects sk->sk_sleep pointer, so we need two atomic operations (and associated dirtying) per incoming packet. RCU conversion is pretty much needed : 1) Add a new structure, called "struct socket_wq" to hold all fields that will need rcu_read_lock() protection (currently: a wait_queue_head_t and a struct fasync_struct pointer). [Future patch will add a list anchor for wakeup coalescing] 2) Attach one of such structure to each "struct socket" created in sock_alloc_inode(). 3) Respect RCU grace period when freeing a "struct socket_wq" 4) Change sk_sleep pointer in "struct sock" by sk_wq, pointer to "struct socket_wq" 5) Change sk_sleep() function to use new sk->sk_wq instead of sk->sk_sleep 6) Change sk_has_sleeper() to wq_has_sleeper() that must be used inside a rcu_read_lock() section. 7) Change all sk_has_sleeper() callers to : - Use rcu_read_lock() instead of read_lock(&sk->sk_callback_lock) - Use wq_has_sleeper() to eventually wakeup tasks. - Use rcu_read_unlock() instead of read_unlock(&sk->sk_callback_lock) 8) sock_wake_async() is modified to use rcu protection as well. 9) Exceptions : macvtap, drivers/net/tun.c, af_unix use integrated "struct socket_wq" instead of dynamically allocated ones. They dont need rcu freeing. Some cleanups or followups are probably needed, (possible sk_callback_lock conversion to a spinlock for example...). Signed-off-by:
-
Elina Pasheva authored
The following patch removes the default from the Kconfig entry for sierra_net driver as recommended. Signed-off-by:
-
- 30 Apr, 2010 8 commits
-
-
Dan Carpenter authored
We dereference "sk" unconditionally elsewhere in the function. This was left over from: b30bd282 "ip6_xmit: remove unnecessary NULL ptr check". According to that commit message, "the sk argument to ip6_xmit is never NULL nowadays since the skb->priority assigment expects a valid socket." Signed-off-by:
Dan Carpenter <error27@gmail.com> Signed-off-by:
-
Changli Gao authored
potential uninitialized variable num_xfrms fix compiler warning: 'num_xfrms' may be used uninitialized in this function. Signed-off-by:
-
Eric Dumazet authored
sock_recv_ts_and_drops() is fat and slow (~ 4% of cpu time on some profiles) We can test all socket flags at once to make fast path fast again. Signed-off-by:
-
Jonas Sjöquist authored
This patch removes vid/pid for Ericsson MBM devices from the whitelist set of devices. The MBM devices are instead identified by GUID. In order for cdc_ether to handle these devices the GUID in the MDLM descriptor is tested. All MBM devices currently handled by cdc_ether as well as future CDC Ethernet MBM devices can be identified by the GUID. This is the same solution used in Carl Nordbeck's mbm driver, http://kerneltrap.org/mailarchive/linux-usb/2008/11/17/4141384/thread I post this as RFC to get feedback on however cdc_ether is the correct place to do the binding, or if it should be done in a separate driver, e.g. zaurus. Signed-off-by:
Jonas Sjöquist <jonas.sjoquist@ericsson.com> Signed-off-by:
-
Eric Dumazet authored
In case a reset is performed, rtl8169_rx_interrupt() is called from process context instead of softirq context. Special care must be taken to call appropriate network core services (netif_rx() instead of netif_receive_skb()). VLAN handling also corrected. Reported-by:
Sergey Senozhatsky <sergey.senozhatsky@gmail.com> Tested-by:
Oleg Nesterov <oleg@redhat.com> Signed-off-by:
-
stephen hemminger authored
The following does the same thing without the extra overhead of testing all the registers. It also handles the out of memory case. Signed-off-by:
Stephen Hemminger <shemminger@vyatta.com> Tested-by:
Tom Herbert <therbert@google.com> Signed-off-by:
-
-
Anton Blanchard authored
Commit 6f461f6c ("e1000e: enable/disable ASPM L0s and L1 and ERT according to hardware errata") oopses on one of my ppc64 boxes with a NULL pointer (0x4a): Unable to handle kernel paging request for data at address 0x0000004a Faulting instruction address: 0xc0000000004d2f1c cpu 0xe: Vector: 300 (Data Access) at [c000000bec1833a0] pc: c0000000004d2f1c: .e1000e_disable_aspm+0xe0/0x150 lr: c0000000004d2f0c: .e1000e_disable_aspm+0xd0/0x150 dar: 4a [c000000bec1836d0] c00000000069b9d8 .e1000_probe+0x84/0xe8c [c000000bec1837b0] c000000000386d90 .local_pci_probe+0x4c/0x68 [c000000bec183840] c0000000003872ac .pci_device_probe+0xfc/0x148 [c000000bec183900] c000000000409e8c .driver_probe_device+0xe4/0x1d0 [c000000bec1839a0] c00000000040a024 .__driver_attach+0xac/0xf4 [c000000bec183a40] c000000000409124 .bus_for_each_dev+0x9c/0x10c [c000000bec183b00] c000000000409c1c .driver_attach+0x40/0x60 [c000000bec183b90] c0000000004085dc .bus_add_driver+0x150/0x328 [c000000bec183c40] c00000000040a58c .driver_register+0x100/0x1c4 [c000000bec183cf0] c00000000038764c .__pci_register_driver+0x78/0x128 Seems like pdev->bus->self == NULL. I haven't touched pci in a long time so I'm trying to remember what this means (no pcie bridge perhaps?) The patch below fixes the oops for me. Signed-off-by:
Anton Blanchard <anton@samba.org> Reviewed-by:
Bruce Allan <bruce.w.allan@intel.com> Signed-off-by:
-
- 28 Apr, 2010 17 commits
-
-
Eric Dumazet authored
When queueing a skb to socket, we can immediately release its dst if target socket do not use IP_CMSG_PKTINFO. tcp_data_queue() can drop dst too. This to benefit from a hot cache line and avoid the receiver, possibly on another cpu, to dirty this cache line himself. Signed-off-by:
-
Eric Dumazet authored
Since commit 95766fff ([UDP]: Add memory accounting.), each received packet needs one extra sock_lock()/sock_release() pair. This added latency because of possible backlog handling. Then later, ticket spinlocks added yet another latency source in case of DDOS. This patch introduces lock_sock_bh() and unlock_sock_bh() synchronization primitives, avoiding one atomic operation and backlog processing. skb_free_datagram_locked() uses them instead of full blown lock_sock()/release_sock(). skb is orphaned inside locked section for proper socket memory reclaim, and finally freed outside of it. UDP receive path now take the socket spinlock only once. Signed-off-by:
-
Sebastian Siewior authored
"ifconfig eth0 up && ifconfig eth0 down" triggers: | kobject (a8000000cfa5a480): tried to init an initialized object, something is seriously wrong. | Call Trace: | [<ffffffff8010aabc>] dump_stack+0x8/0x34 | [<ffffffff80293128>] kobject_init+0xe8/0xf0 | [<ffffffff802d922c>] device_initialize+0x2c/0x98 | [<ffffffff802d9cfc>] device_register+0x14/0x28 | [<ffffffff80312cd4>] mdiobus_register+0xdc/0x1e0 | [<ffffffff80314cf0>] sbmac_open+0x58/0x220 | [<ffffffff803519bc>] __dev_open+0x11c/0x180 | [<ffffffff8034d578>] __dev_change_flags+0x120/0x180 | [<ffffffff80351848>] dev_change_flags+0x20/0x78 | [<ffffffff803a753c>] devinet_ioctl+0x7cc/0x820 | [<ffffffff80339ac8>] sock_do_ioctl+0x38/0x90 | [<ffffffff8033a258>] compat_sock_ioctl_trans+0x408/0x1030 | [<ffffffff8033af30>] compat_sock_ioctl+0xb0/0xd0 | [<ffffffff80208b08>] compat_sys_ioctl+0xa0/0x18b8 | [<ffffffff80102f94>] handle_sys+0x114/0x130 | | sb1250-mac-mdio: probed mdiobus_register() calls device_register() which initializes the kobj of the device. mdiobus_unregister() calls only device_del() so we have one reference left. That one is leaving with mdiobus_free() which is only called on remove. Since I don't see any reason why mdiobus_register()/mdiobus_unregister() should happen in ->open()/->close() I move them to probe & exit. Signed-off-by:
Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Signed-off-by:
-
Emil Tantilov authored
Signed-off-by:
Emil Tantilov <emil.s.tantilov@intel.com> Signed-off-by:
Jeff Kirsher <jeffrey.t.kirsher@intel.com> Signed-off-by:
-
Hauke Mehrtens authored
in your merge in 5c01d566 you added "int i;" into wl1271_main.c which is unused in that function. This patch fixes the merge problem: Signed-off-by:
Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by:
-
Neil Horman authored
Ok, version 4 Change Notes: 1) Minor cleanups, from Vlads notes Summary: Hey- Recently, it was reported to me that the kernel could oops in the following way: <5> kernel BUG at net/core/skbuff.c:91! <5> invalid operand: 0000 [#1] <5> Modules linked in: sctp netconsole nls_utf8 autofs4 sunrpc iptable_filter ip_tables cpufreq_powersave parport_pc lp parport vmblock(U) vsock(U) vmci(U) vmxnet(U) vmmemctl(U) vmhgfs(U) acpiphp dm_mirror dm_mod button battery ac md5 ipv6 uhci_hcd ehci_hcd snd_ens1371 snd_rawmidi snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd_page_alloc snd_ac97_codec snd soundcore pcnet32 mii floppy ext3 jbd ata_piix libata mptscsih mptsas mptspi mptscsi mptbase sd_mod scsi_mod <5> CPU: 0 <5> EIP: 0060:[<c02bff27>] Not tainted VLI <5> EFLAGS: 00010216 (2.6.9-89.0.25.EL) <5> EIP is at skb_over_panic+0x1f/0x2d <5> eax: 0000002c ebx: c033f461 ecx: c0357d96 edx: c040fd44 <5> esi: c033f461 edi: df653280 ebp: 00000000 esp: c040fd40 <5> ds: 007b es: 007b ss: 0068 <5> Process swapper (pid: 0, threadinfo=c040f000 task=c0370be0) <5> Stack: c0357d96 e0c29478 00000084 00000004 c033f461 df653280 d7883180 e0c2947d <5> 00000000 00000080 df653490 00000004 de4f1ac0 de4f1ac0 00000004 df653490 <5> 00000001 e0c2877a 08000800 de4f1ac0 df653490 00000000 e0c29d2e 00000004 <5> Call Trace: <5> [<e0c29478>] sctp_addto_chunk+0xb0/0x128 [sctp] <5> [<e0c2947d>] sctp_addto_chunk+0xb5/0x128 [sctp] <5> [<e0c2877a>] sctp_init_cause+0x3f/0x47 [sctp] <5> [<e0c29d2e>] sctp_process_unk_param+0xac/0xb8 [sctp] <5> [<e0c29e90>] sctp_verify_init+0xcc/0x134 [sctp] <5> [<e0c20322>] sctp_sf_do_5_1B_init+0x83/0x28e [sctp] <5> [<e0c25333>] sctp_do_sm+0x41/0x77 [sctp] <5> [<c01555a4>] cache_grow+0x140/0x233 <5> [<e0c26ba1>] sctp_endpoint_bh_rcv+0xc5/0x108 [sctp] <5> [<e0c2b863>] sctp_inq_push+0xe/0x10 [sctp] <5> [<e0c34600>] sctp_rcv+0x454/0x509 [sctp] <5> [<e084e017>] ipt_hook+0x17/0x1c [iptable_filter] <5> [<c02d005e>] nf_iterate+0x40/0x81 <5> [<c02e0bb9>] ip_local_deliver_finish+0x0/0x151 <5> [<c02e0c7f>] ip_local_deliver_finish+0xc6/0x151 <5> [<c02d0362>] nf_hook_slow+0x83/0xb5 <5> [<c02e0bb2>] ip_local_deliver+0x1a2/0x1a9 <5> [<c02e0bb9>] ip_local_deliver_finish+0x0/0x151 <5> [<c02e103e>] ip_rcv+0x334/0x3b4 <5> [<c02c66fd>] netif_receive_skb+0x320/0x35b <5> [<e0a0928b>] init_stall_timer+0x67/0x6a [uhci_hcd] <5> [<c02c67a4>] process_backlog+0x6c/0xd9 <5> [<c02c690f>] net_rx_action+0xfe/0x1f8 <5> [<c012a7b1>] __do_softirq+0x35/0x79 <5> [<c0107efb>] handle_IRQ_event+0x0/0x4f <5> [<c01094de>] do_softirq+0x46/0x4d Its an skb_over_panic BUG halt that results from processing an init chunk in which too many of its variable length parameters are in some way malformed. The problem is in sctp_process_unk_param: if (NULL == *errp) *errp = sctp_make_op_error_space(asoc, chunk, ntohs(chunk->chunk_hdr->length)); if (*errp) { sctp_init_cause(*errp, SCTP_ERROR_UNKNOWN_PARAM, WORD_ROUND(ntohs(param.p->length))); sctp_addto_chunk(*errp, WORD_ROUND(ntohs(param.p->length)), param.v); When we allocate an error chunk, we assume that the worst case scenario requires that we have chunk_hdr->length data allocated, which would be correct nominally, given that we call sctp_addto_chunk for the violating parameter. Unfortunately, we also, in sctp_init_cause insert a sctp_errhdr_t structure into the error chunk, so the worst case situation in which all parameters are in violation requires chunk_hdr->length+(sizeof(sctp_errhdr_t)*param_count) bytes of data. The result of this error is that a deliberately malformed packet sent to a listening host can cause a remote DOS, described in CVE-2010-1173: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-1173 I've tested the below fix and confirmed that it fixes the issue. We move to a strategy whereby we allocate a fixed size error chunk and ignore errors we don't have space to report. Tested by me successfully Signed-off-by:Neil Horman <nhorman@tuxdriver.com> Acked-by:
Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by:
-
Sjur Braendeland authored
Signed-off-by:
Sjur Braendeland <sjur.brandeland@stericsson.com> Signed-off-by:
-
Sjur Braendeland authored
Changes: o Bugfix: Flow control was causing the device to be destroyed. o Bugfix: Handle CAIF channel connect failures. o If the underlying link layer is gone the net-device is no longer removed, but closed. Signed-off-by:
-
Sjur Braendeland authored
Changes: This is a complete re-write of the socket layer. Making the socket implementation more aligned with the other socket layers and using more of the support functions available in sock.c. Lots of code is copied from af_unix (and some from af_irda). Non-blocking mode should be working as well. Signed-off-by:
-
Sjur Braendeland authored
Changes: o Function cfcnfg_disconn_adapt_layer is changed to do asynchronous disconnect, not waiting for any response from the modem. Due to this the function cfcnfg_linkdestroy_rsp does nothing anymore. o Because disconnect may take down a connection before a connect response is received the function cfcnfg_linkup_rsp is checking if the client is still waiting for the response, if not a disconnect request is sent to the modem. o cfctrl is no longer keeping track of pending disconnect requests. o Added function cfctrl_cancel_req, which is used for deleting a pending connect request if disconnect is done before connect response is received. o Removed unused function cfctrl_insert_req2 o Added better handling of connect reject from modem. Signed-off-by:
-
Sjur Braendeland authored
Changes: o Added functions cfsrvl_get and cfsrvl_put. o Added support release_client to use by socket and net device. o Increase reference counting for in-flight packets from cfmuxl Signed-off-by:
-
Sjur Braendeland authored
Changes: o Renamed cfcnfg_del_adapt_layer to cfcnfg_disconn_adapt_layer o Fixed typo cfcfg to cfcnfg o Renamed linkid to channel_id o Updated documentation in caif_dev.h o Minor formatting changes Signed-off-by:
-
Sjur Braendeland authored
Changes: o Added permission checks for installing. CAP_SYS_ADMIN and CAP_SYS_TTY_CONFIG can install the ldisc. o Check if allocation of skb was successful. Signed-off-by: -
Ben Hutchings authored
Create a core TX queue and 2 hardware TX queues for each channel. If separate_tx_channels is set, create equal numbers of RX and TX channels instead. Rewrite the channel and queue iteration macros accordingly. Eliminate efx_channel::used_flags as redundant. Signed-off-by:
Ben Hutchings <bhutchings@solarflare.com> Signed-off-by:
-
Ben Hutchings authored
This makes no immediate difference, but we definitely do not want to test all TX queues once we allocate a pair of TX queues to each channel. Signed-off-by:
-
Steve Hodgson authored
Signed-off-by:
-
Ben Hutchings authored
There is no need for this to be unsigned long; make it unsigned int. It does need a line in kernel-doc, so add that. Signed-off-by:
-
