- 29 Mar, 2008 1 commit
-
-
Grant Grundler authored
If "location" is > "addr_len" bits, the high bits of location would interfere with the READ_CMD sent to the eeprom controller. A patch was submitted to bug: http://bugzilla.kernel.org/show_bug.cgi?id=4420 which simply truncated the "location", read whatever was in "location modulo addr_len", and returned that value. That avoids confusing the eeprom but seems like the wrong solution to me. Correct would be to not read beyond "1 << addr_len" address of the eeprom. I am submitting two changes to implement this: 1) tulip_read_eeprom will return zero (since we can't return -EINVAL) if this is attempted (defensive programming). 2) In tulip_core.c, fix the tulip_read_eeprom caller so they don't iterate past addr_len bits and make sure the entire tp->eeprom[] array is cleared. I konw we don't strictly need both. I would prefer both in the tree since it documents the issue and provides a second "defense" from the bug from creeping back in. Signed-off-by:Grant Grundler <grundler@parisc-linux.org> Signed-off-by:
Jeff Garzik <jeff@garzik.org>
-
- 28 Mar, 2008 3 commits
-
-
Patrick McHardy authored
LLC currently allows users to inject raw frames, including IP packets encapsulated in SNAP. While Linux doesn't handle IP over SNAP, other systems do. Restrict LLC sockets to root similar to packet sockets. [ Modified Patrick's patch to use CAP_NEW_RAW --DaveM ] Signed-off-by:
Patrick McHardy <kaber@trash.net> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
-
David S. Miller authored
Based upon a lockdep report. Since ->poll() can be invoked from netpoll with interrupts disabled, we must not unconditionally enable interrupts in napi_complete(). Instead we must use local_irq_{save,restore}(). Noticed by Peter Zijlstra: <irqs disabled> netpoll_poll() poll_napi() spin_trylock(&napi->poll_lock) poll_one_napi() napi->poll() := sky2_poll() napi_complete() local_irq_disable() local_irq_enable() <--- *BUG* <irq> irq_exit() do_softirq() net_rx_action() spin_lock(&napi->poll_lock) <--- Deadlock! Because we still hold the lock.... Signed-off-by:
-
- 27 Mar, 2008 5 commits
-
-
Denis V. Lunev authored
This elliminates infamous race during module loading when one could lookup proc entry without proc_fops assigned. Signed-off-by:
Denis V. Lunev <den@openvz.org> Signed-off-by:
-
Thomas Graf authored
ESP does not account for the IV size when calling pskb_may_pull() to ensure everything it accesses directly is within the linear part of a potential fragment. This results in a BUG() being triggered when the both the IPv4 and IPv6 ESP stack is fed with an skb where the first fragment ends between the end of the esp header and the end of the IV. This bug was found by Dirk Nehring <dnehring@gmx.net> . Signed-off-by:
Thomas Graf <tgraf@suug.ch> Signed-off-by:
-
Ivo van Doorn authored
Some hardware never seem to accept the "goto sleep" command, since the legacy drivers don't have suspend and resume handlers the entire code for it was basically a educated guess (based on the "enable radio" code). This patch will only print a warning when the "goto sleep" command fails, and just continues as usual. Perhaps that means the device will not reach a sleep state and consumes more power then it should, but it is equally possible it simply needs some seconds longer to sleep. Anyway, by making the command non-fatal it will not block the rest of the suspend procedure. Signed-off-by:
Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by:
John W. Linville <linville@tuxdriver.com>
-
Julia Lawall authored
In commit e6bafba5, a bug was fixed that involved converting !x & y to !(x & y). The code below shows the same pattern, and thus should perhaps be fixed in the same way. This is not tested and clearly changes the semantics, so it is only something to consider. The semantic patch that makes this change is as follows: (http://www.emn.fr/x-info/coccinelle/) // <smpl> @@ expression E1,E2; @@ ( !E1 & !E2 | - !E1 & E2 + !(E1 & E2) ) // </smpl> Signed-off-by:
Julia Lawall <julia@diku.dk> Cc: Tomas Winkler <tomas.winkler@intel.com> Cc: Guy Cohen <guy.cohen@intel.com> Cc: Reinette Chatre <reinette.chatre@intel.com> Cc: Zhu Yi <yi.zhu@intel.com> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
-
Holger Schurig authored
This fixes a bug detected by CONFIG_DEBUG_SPINLOCK: if_cs_get_int_status() is only called from lbs_thread(), via priv->hw_get_int_status. However, lbs_thread() has already taken the priv->driver_lock. So it's a fault to take the same lock again here. Signed-off-by:
Holger Schurig <hs4233@mail.mn-solutions.de> Acked-by:
Dan Williams <dcbw@redhat.com> Signed-off-by:
-
- 26 Mar, 2008 31 commits
-
-
Herbert Xu authored
The IPv6 BEET output function is incorrectly including the inner header in the payload to be protected. This causes a crash as the packet doesn't actually have that many bytes for a second header. The IPv4 BEET output on the other hand is broken when it comes to handling an inner IPv6 header since it always assumes an inner IPv4 header. This patch fixes both by making sure that neither BEET output function touches the inner header at all. All access is now done through the protocol-independent cb structure. Two new attributes are added to make this work, the IP header length and the IPv4 option length. They're filled in by the inner mode's output function. Thanks to Joakim Koskela for finding this problem. Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by:
-
-
Pavel Emelyanov authored
Commit 8b7817f3 ([IPSEC]: Add ICMP host relookup support) introduced some dst leaks on error paths: the rt pointer can be forgotten to be put. Fix it bu going to a proper label. Found after net namespace's lo refused to unregister :) Many thanks to Den for valuable help during debugging. Herbert pointed out, that xfrm_lookup() will put the rtable in case of error itself, so the first goto fix is redundant. Signed-off-by:
Pavel Emelyanov <xemul@openvz.org> Signed-off-by:
-
Robert P. J. Day authored
Given that there are no apparent calls to lock_kernel() or unlock_kernel() under net/ax25, delete the TODO reference related to that. Signed-off-by:
Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by:
-
Patrick McHardy authored
SIOCADDMULTI/SIOCDELMULTI check whether the driver has a set_multicast_list method to determine whether it supports multicast. Drivers implementing secondary unicast support use set_rx_mode however. Check for both dev->set_multicast_mode and dev->set_rx_mode to determine multicast capabilities. Signed-off-by:
-
David S. Miller authored
It should be a "struct ktermios" not a "struct termios". Based upon a build warning reported by Stephen Rothwell. Signed-off-by: -
Patrick McHardy authored
IFF_ALLMULTI is an indication from the network stack to the driver to disable multicast filters, drivers should never set it directly. Since the UML networking device doesn't have any filtering capabilites, it doesn't the set_multicast_list function at all, it is kept so userspace can still issue SIOCADDMULTI/SIOCDELMULTI ioctls however. Signed-off-by:
-
Patrick McHardy authored
Changing these flags requires to use dev_set_allmulti/dev_set_promiscuity or dev_change_flags. Setting it directly causes two unwanted effects: - the next dev_change_flags call will notice a difference between dev->gflags and the actual flags, enable promisc/allmulti mode and incorrectly update dev->gflags - this keeps the underlying device in promisc/allmulti mode until the VLAN device is deleted Signed-off-by:
-
Jeff Garzik authored
Signed-off-by:Jeff Garzik <jgarzik@redhat.com>
-
Sreenivasa Honnur authored
- Handling TX completions on the same cpu as the sender. Signed-off-by:
Surjit Reang <surjit.reang@neterion.com> Signed-off-by:
-
Michael Buesch authored
Some ROMs on embedded devices store incorrect values for the PHY address of the ethernet device. It looks like the number is sign-extended. Truncate the value by applying the PHY-address mask to it. The patch was tested on a bcm47xx embedded system (where the bug triggers) and a bcm4400 PCI card. Signed-off-by:
Michael Buesch <mb@bu3sch.de> Signed-off-by:
-
Marin Mitov authored
According to: Documentation/networking/netdevices.txt: <cite> napi->poll: .......... Context: softirq will be called with interrupts disabled by netconsole. </cite> napi->poll() could be called either with interrupts enabled (in softirq context) or disabled (by netconsole), so the irq flag should be preserved. Inspired by Ingo's resent forcedeth patch :-) Signed-off-by:
Marin Mitov <mitov@issp.bas.bg> Signed-off-by:
-
Jussi Kivilinna authored
When query for OID_GEN_PHYSICAL_MEDIUM fails, uninitialized pointer 'phym' is being accessed in generic_rndis_bind(), resulting OOPS. Patch fixes phym to be initialized and setup correctly when rndis_query() for physical medium fails. Bug was introduced by following commit: commit 039ee17d Author: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Date: Sun Jan 27 23:34:33 2008 +0200 Reported-by:
Dmitri Monakhov <dmonakhov@openvz.org> Signed-off-by:
Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Acked-by:
David Brownell <dbrownell@users.sourceforge.net> Signed-off-by:
-
Roland Dreier authored
Using iWARP with a Chelsio T3 NIC generates the following lockdep warning: ================================= [ INFO: inconsistent lock state ] 2.6.25-rc6 #50 --------------------------------- inconsistent {softirq-on-W} -> {in-softirq-W} usage. swapper/0 [HC0[0]:SC1[1]:HE0:SE0] takes: (&adap->sge.reg_lock){-+..}, at: [<ffffffff880e5ee2>] cxgb_offload_ctl+0x3af/0x507 [cxgb3] The problem is that reg_lock is used with plain spin_lock() in drivers/net/cxgb3/sge.c but is used with spin_lock_irqsave() in drivers/net/cxgb3/cxgb3_offload.c. This is technically a false positive, since the uses in sge.c are only in the initialization and cleanup paths and cannot overlap with any use in interrupt context. The best fix is probably just to use spin_lock_irq() with reg_lock in sge.c. Even though it's not strictly required for correctness, it avoids triggering lockdep and the extra overhead of disabling interrupts is not important at all in the initialization and cleanup slow paths. Signed-off-by:Roland Dreier <rolandd@cisco.com> Signed-off-by:
-
Thomas Klein authored
Indicate that HEA calculates IPv4 checksums only Signed-off-by:
Thomas Klein <tklein@de.ibm.com> Signed-off-by:
-
Peter Korsgaard authored
Signed-off-by:
Peter Korsgaard <jacmet@sunsite.dk> Signed-off-by:
-
Peter Korsgaard authored
Signed-off-by:
-
Peter Korsgaard authored
The Hirose USB-100 adapter uses a dm9601 chip. Reported by Robert Brockway. Signed-off-by:
-
Alexandr Smirnov authored
Marvell PHY m88e1111 (not sure about other models, but think they too) works in two modes: fiber and copper. In Marvell PHY driver (that we have in current community kernels) code supported only copper mode, and this is not configurable, bits for copper mode are simply written in registers during PHY initialization. This patch adds support for both modes. Signed-off-by:
Alexandr Smirnov <asmirnov@ru.mvista.com> Acked-by:
Andy Fleming <afleming@freescale.com> Signed-off-by:
-
Dhananjay Phadke authored
Don't count rx dropped packets based on return value of netif_receive_skb(), which is misleading. Signed-off-by:
Dhananjay Phadke <dhananjay@netxen.com> Tested-by:
Vernon Mauery <mauery@us.ibm.com> Signed-off-by:
-
Dhananjay Phadke authored
o eliminate tx lock in netxen adapter struct, instead pound on netdev tx lock appropriately. o remove old "concurrent transmit" code that unnecessarily drops and reacquires tx lock in hard_xmit_frame(), this is already serialized the netdev xmit lock. o reduce scope of tx lock in tx cleanup. tx cleanup operates on different section of the ring than transmitting cpus and is guarded by producer and consumer indices. This fixes a race caused by rx softirq preemption on realtime kernels. Signed-off-by:
-
Dhananjay Phadke authored
o separate and simpler irq handler for msi interrupts, avoids few checks than legacy mode. o avoid redudant tx_has_work() and rx_has_work() checks in interrupt and napi, which can uncork irq based on racy (lockless) access to tx and rx ring indices. If we get interrupt, there's sufficient reason to schedule napi. o replenish rx ring more often, remove self-imposed threshold rcv_free that prevents posting rx desc to card. This improves performance in low memory. Signed-off-by:
-
Dhananjay Phadke authored
Recent netxen firmware has new scheme of generating MSI interrupts, it raises interrupt and blocks itself, waiting for driver to unmask. This reduces chance of spurious interrupts. The driver will be able to deal with older firmware as well. Signed-off-by:
-
Bryan Wu authored
Cc: Jeff Garzik <jeff@garzik.org> Cc: Deepak Saxena <dsaxena@plexity.net> Cc: Nicolas Pitre <nico@cam.org> Cc: Russell King <rmk+kernel@arm.linux.org.uk> Cc: Paul Mundt <lethal@linux-sh.org> Signed-off-by:
-
Julia Lawall authored
The variable num_group_tail_writes is initialized but never used otherwise. The semantic patch that makes this change is as follows: (http://www.emn.fr/x-info/coccinelle/) // <smpl> @@ type T; identifier i; constant C; @@ ( extern T i; | - T i; <+... when != i - i = C; ...+> ) // </smpl> Signed-off-by:
Auke Kok <auke-jan.h.kok@intel.com> Signed-off-by:
-
Al Viro authored
Signed-off-by:
Al Viro <viro@zeniv.linux.org.uk> Signed-off-by:
-
Al Viro authored
Signed-off-by:
-
Al Viro authored
le16_to_cpu() should be done before mask and shift... Signed-off-by:
-
Jay Vosburgh authored
Update version to 3.2.5. Signed-off-by:
Jay Vosburgh <fubar@us.ibm.com> Signed-off-by:
-
Libor Pechacek authored
For bonding interfaces any attempt to read the sysfs directory contents after module removal results in an oops. The fix is to release sysfs attributes for the interfaces upon module unload. Signed-off-by:
Libor Pechacek <lpechacek@suse.cz> Acked-by:
-
Jay Vosburgh authored
Fix two compiler warnings that are new with recent versions of gcc (apparently 4.2 and up). One is fixed by refactoring; this change was supplied by Stephen Hemminger. The other was fixed by labelling the variable as uninitialized_var() after confirming via inspection that it cannot actually be used uninitialized. Signed-off-by:
Stephen Hemminger <shemminger@vyatta.com> Signed-off-by:
-
