- 20 May, 2006 1 commit
-
-
Linus Torvalds authored
* 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/roland/infiniband: IB/mthca: Fix posting lists of 256 receive requests for Tavor IB/uverbs: Don't leak ref to mm on error path IB/srp: Complete correct SCSI commands on device reset IB/srp: Get rid of extra scsi_host_put()s if reconnection fails IB/srp: Don't wait for disconnection if sending DREQ fails IB/mthca: Make fw_cmd_doorbell default to 0
-
- 19 May, 2006 16 commits
-
-
Linus Torvalds authored
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: [SCTP]: Allow linger to abort 1-N style sockets. [SCTP]: Validate the parameter length in HB-ACK chunk. [SCTP]: Respect the real chunk length when walking parameters. [SCTP]: A better solution to fix the race between sctp_peeloff() and [SCTP]: Set sk_err so that poll wakes up after a non-blocking connect failure.
-
Linus Torvalds authored
* master.kernel.org:/home/rmk/linux-2.6-mmc: [ARM] 3531/1: i.MX/MX1 SD/MMC ensure, that clock are stopped before new command and cleanups
-
Linus Torvalds authored
* master.kernel.org:/home/rmk/linux-2.6-arm: [ARM] 3533/1: Implement the __raw_(read|write)_can_lock functions on ARM [ARM] 3530/1: PXA Mainstone: prevent double enable_irq() in pcmcia [ARM] 3529/1: s3c24xx: fix restoring control register with undefined instruction
-
Linus Torvalds authored
* master.kernel.org:/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog: [WATCHDOG] s3c2410_wdt.c stop watchdog after boot [WATCHDOG] i8xx_tco.c - remove support for ICH6 + ICH7 [WATCHDOG] Documentation/watchdog/watchdog-api.txt - fix watchdog daemon [WATCHDOG] sc1200wdt.c printk fix
-
Vladislav Yasevich authored
Enable SO_LINGER functionality for 1-N style sockets. The socket API draft will be clarfied to allow for this functionality. The linger settings will apply to all associations on a given socket. Signed-off-by: Vladislav Yasevich <vladislav.yasevich@hp.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
-
Vladislav Yasevich authored
If SCTP receives a badly formatted HB-ACK chunk, it is possible that we may access invalid memory and potentially have a buffer overflow. We should really make sure that the chunk format is what we expect, before attempting to touch the data. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
-
Catalin Marinas authored
Patch from Catalin Marinas Recent patches introduced the write_can_lock() call in the kernel/ptrace.c file. Implement the __raw_* variants on ARM (SMP) as well. Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
-
Pavel Pisa authored
Patch from Pavel Pisa There has been problems that for some paths that clock are not stopped during new command programming and initiation. Result is issuing of incorrect command to the card. Some other problems are cleaned too. Noisy report of known ERRATUM #4 has been suppressed. Signed-off-by: Pavel Pisa <pisa@cmp.felk.cvut.cz> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
-
Vladislav Yasevich authored
When performing bound checks during the parameter processing, we want to use the real chunk and paramter lengths for bounds instead of the rounded ones. This prevents us from potentially walking of the end if the chunk length was miscalculated. We still use rounded lengths when advancing the pointer. This was found during a conformance test that changed the chunk length without modifying parameters. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
-
Vladislav Yasevich authored
sctp_rcv(). The goal is to hold the ref on the association/endpoint throughout the state-machine process. We accomplish like this: /* ref on the assoc/ep is taken during lookup */ if owned_by_user(sk) sctp_add_backlog(skb, sk); else inqueue_push(skb, sk); /* drop the ref on the assoc/ep */ However, in sctp_add_backlog() we take the ref on assoc/ep and hold it while the skb is on the backlog queue. This allows us to get rid of the sock_hold/sock_put in the lookup routines. Now sctp_backlog_rcv() needs to account for potential association move. In the unlikely event that association moved, we need to retest if the new socket is locked by user. If we don't this, we may have two packets racing up the stack toward the same socket and we can't deal with it. If the new socket is still locked, we'll just add the skb to its backlog continuing to hold the ref on the association. This get's rid of the need to move packets from one backlog to another and it also safe in case new packets arrive on the same backlog queue. The last step, is to lock the new socket when we are moving the association to it. This is needed in case any new packets arrive on the association when it moved. We want these to go to the backlog since we would like to avoid the race between this new packet and a packet that may be sitting on the backlog queue of the old socket toward the same association. Signed-off-by: Vladislav Yasevich <vladislav.yasevich@hp.com> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
-
Sridhar Samudrala authored
Also fix some other cases where sk_err is not set for 1-1 style sockets. Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
-
Patrick McHardy authored
flags is a u16, so use htons instead of htonl. Also avoid double conversion. Noticed by Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Solar Designer authored
Solar Designer found a race condition in do_add_counters(). The beginning of paddc is supposed to be the same as tmp which was sanity-checked above, but it might not be the same in reality. In case the integer overflow and/or the race condition are triggered, paddc->num_counters might not match the allocation size for paddc. If the check below (t->private->number != paddc->num_counters) nevertheless passes (perhaps this requires the race condition to be triggered), IPT_ENTRY_ITERATE() would read kernel memory beyond the allocation size, potentially causing an oops or leaking sensitive data (e.g., passwords from host system or from another VPS) via counter increments. This requires CAP_NET_ADMIN. Signed-off-by: Solar Designer <solar@openwall.com> Signed-off-by: Kirill Korotaev <dev@openvz.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Alexey Dobriyan authored
GRE keys are 16 bit. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Philip Craig authored
The prefix argument for nf_log_packet is a format specifier, so don't pass the user defined string directly to it. Signed-off-by: Philip Craig <philipc@snapgear.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jesper Juhl authored
The Coverity checker spotted that we may leak 'hold' in net/ipv4/netfilter/ipt_recent.c::checkentry() when the following is true: if (!curr_table->status_proc) { ... if(!curr_table) { ... return 0; <-- here we leak. Simply moving an existing vfree(hold); up a bit avoids the possible leak. Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 18 May, 2006 6 commits
-
-
Michael S. Tsirkin authored
If we post a list of length 256 exactly, nreq in doorbell gets set to 256 which is wrong: it should be encoded by 0. This is because we only zero it out on the next WR, which may not be there. The solution is to ring the doorbell after posting a WQE, not before posting the next one. Signed-off-by: Michael S. Tsirkin <mst@mellanox.co.il> Signed-off-by: Roland Dreier <rolandd@cisco.com>
-
Roland Dreier authored
In ib_umem_release_on_close(), if the kmalloc() fails, then a reference to current->mm will be leaked. Fix this by adding a mmput() instead of just returning on kmalloc() failure. Signed-off-by: Roland Dreier <rolandd@cisco.com>
-
Stefan Richter authored
Re-enable posted writes for status FIFO. Besides bringing back a very minor bandwidth tweak from Linux 2.6.15.x and older, this also fixes an interoperability regression since 2.6.16: http://bugzilla.kernel.org/show_bug.cgi?id=6356 (sbp2: scsi_add_device failed. IEEE1394 HD is not working anymore.) Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Tested-by: Vanei Heidemann <linux@javanei.com.br> Tested-by: Martin Putzlocher <mputzi@gmx.de> (chip type unconfirmed) Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
Stefan Richter authored
In case the blacklist with workarounds for device bugs yields a false positive, the module load parameter can now also be used as an override instead of an addition to the blacklist. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
Stefan Richter authored
Apple decided to copy some USB stupidity over to FireWire. The sector number returned by iPods from read_capacity is one too many. This may cause I/O errors, especially if the kernel is configured for EFI partition support. We use the same workaround as usb-storage but have to check for different model IDs. http://marc.theaimsgroup.com/?t=114233262300001 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187409 Acknowledgements: Diagnosis and therapy by Mathieu Chouquet-Stringer <ml2news@free.fr>, additional data about affected and unaffected Apple hardware from Vladimir Kotal, Sander De Graaf, Bryan Olmstead and Hugh Dixon. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
Stefan Richter authored
Grand unification of the three types of workarounds we have so far. The "skip mode page 8" workaround is now limited to devices which pretend to be of TYPE_DISK instead of TYPE_RBC. This workaround is no longer enabled for Initio bridges. Patch update in anticipation of more workarounds: - Add module parameter "workarounds". - Deprecate parameter "force_inquiry_hack". - Compose the blacklist of a compound type for better readability and extensibility. - Remove a now unused #define. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
- 17 May, 2006 17 commits
-
-
Linus Torvalds authored
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: [TCP]: reno sacked_out count fix [IPV6]: Endian fix in net/ipv6/netfilter/ip6t_eui64.c:match(). [TR]: Remove an unused export. [IPX]: Correct return type of ipx_map_frame_type(). [IPX]: Correct argument type of ipxrtr_delete(). [PKT_SCHED]: Potential jiffy wrap bug in dev_watchdog().
-
git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/netdev-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/netdev-2.6: sky2: prevent dual port receiver problems x86_64: Check for bad dma address in b44 1GB DMA workaround The ixp2000 driver for the enp2611 was developed on a board with
-
git://oss.oracle.com/home/sourcebo/git/ocfs2Linus Torvalds authored
* 'upstream-linus' of git://oss.oracle.com/home/sourcebo/git/ocfs2: configfs: Make sure configfs_init() is called before consumers. configfs: configfs_mkdir() failed to cleanup linkage. configfs: Fix a reference leak in configfs_mkdir(). ocfs2: fix gfp mask in some file system paths ocfs2: Don't populate uptodate cache in ocfs2_force_read_journal() ocfs2: take meta data lock in ocfs2_file_aio_read() ocfs2: take data locks around extend
-
Joel Becker authored
configfs_init() needs to be called first to register configfs before anyconsumers try to access it. Move up configfs in fs/Makefile to make sure it is initialized early. Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
-
Joel Becker authored
If configfs_mkdir() errored in certain ways after the parent<->child linkage was already created, it would not undo the linkage. Also, comment the reference counting for clarity. Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
-
Joel Becker authored
configfs_mkdir() failed to release the working parent reference in most exit paths. Also changed the exit path for readability. Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
-
Sunil Mushran authored
We were using GFP_KERNEL in a handful of places which really wanted GFP_NOFS. Fix this. Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com> Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
-
Mark Fasheh authored
This greatly reduces the amount of memory useded during recovery. Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
-
Mark Fasheh authored
Temporarily take the meta data lock in ocfs2_file_aio_read() to allow us to update our inode fields. Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
-
Mark Fasheh authored
We need to take a data lock around extends to protect the pages that ocfs2_zero_extend is going to be pulling into the page cache. Otherwise an extend on one node might populate the page cache with data pages that have no lock coverage. Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
-
git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6Linus Torvalds authored
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6: [IA64] one-line cleanup on set_irq_affinity_info [IA64] fix broken irq affinity [IA64] sn2 defconfig
-
Thomas Gleixner authored
Patch from Thomas Gleixner The mainstone board pcmcia interrupt have been enabled via setup_irq() and the following socket check calls enable_irq again. Set the NOAUTOEN flag so the interrupt is not automatically enabled in setup_irq() Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Acked-by: Nicolas Pitre <nico@cam.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
-
Ishai Rabinovitz authored
When flushing out queued commands after a successful device reset, make sure that SRP completes the right commands, instead of calling scsi_done on the command passed into the device reset handler over and over. Signed-off-by: Ishai Rabinovitz <ishai@mellanox.co.il> Signed-off-by: Roland Dreier <rolandd@cisco.com>
-
Roland Dreier authored
If a reconnection attempt fails, then SRP does two scsi_host_put()s. This is a historical relic from an earlier version of the driver that took a reference on the scsi_host before trying to reconnect, so get rid of the extra scsi_host_put(). Signed-off-by: Roland Dreier <rolandd@cisco.com>
-
Roland Dreier authored
Sending a DREQ may fail, for example because the remote target has already broken the connection. If so, then SRP should not wait for the disconnection to complete, because it never will. Signed-off-by: Roland Dreier <rolandd@cisco.com>
-
Dimitry Andric authored
Patch from Dimitry Andric In arch/arm/mach-s3c2410/sleep.S, the coprocessor registers are saved at suspend time, and restored at resume time. However, an undefined instruction is used when attempting to restore a non-existent "auxiliary control register". This leads to a crash on S3C2412, which has an ARM926 core instead of an ARM920. At suspend time, the following fragment runs: mrc p15, 0, r7, c2, c0, 0 @ translation table base address mrc p15, 0, r8, c2, c0, 0 @ auxiliary control register mrc p15, 0, r9, c1, c0, 0 @ control register and at resume time, the following fragment runs: mcr p15, 0, r7, c2, c0, 0 @ translation table base mcr p15, 0, r8, c1, c1, 0 @ auxilliary control ... mcr p15, 0, r9, c1, c0, 0 @ turn on MMU, etc There are several problems with these fragments: 1. The ARM920 and ARM926 cores don't have any "auxiliary control register", at least not according to the ARM920 and ARM926 TRM's. 2. The 2nd line of suspend erroneously saves the c2 register again. 3. This saved c2 value is restored using an undefined instruction. For some reason this does not crash on ARM920, but does crash on ARM926. The following patch fixes all these problems. Signed-off-by: Dimitry Andric <dimitry@andric.com> Yes, this looks sensible Signed-off-by: Ben Dooks <ben-linux@fluff.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
-
Roland Dreier authored
Setting fw_cmd_doorbell allows FW command to be queued using posted writes instead of requiring polling on a "go" bit, so it should be a performance boost. However, the option causes problems with at least some device/firmware combinations, so set the default to 0 until we understand what's going on better. Signed-off-by: Roland Dreier <rolandd@cisco.com>
-