1. 20 Jul, 2009 12 commits
  2. 17 Jul, 2009 12 commits
  3. 16 Jul, 2009 2 commits
    • Eric Dumazet's avatar
      netfilter: nf_conntrack: nf_conntrack_alloc() fixes · 941297f4
      Eric Dumazet authored
      When a slab cache uses SLAB_DESTROY_BY_RCU, we must be careful when allocating
      objects, since slab allocator could give a freed object still used by lockless
      readers.
      
      In particular, nf_conntrack RCU lookups rely on ct->tuplehash[xxx].hnnode.next
      being always valid (ie containing a valid 'nulls' value, or a valid pointer to next
      object in hash chain.)
      
      kmem_cache_zalloc() setups object with NULL values, but a NULL value is not valid
      for ct->tuplehash[xxx].hnnode.next.
      
      Fix is to call kmem_cache_alloc() and do the zeroing ourself.
      
      As spotted by Patrick, we also need to make sure lookup keys are committed to
      memory before setting refcount to 1, or a lockless reader could get a reference
      on the old version of the object. Its key re-check could then pass the barrier.
      Signed-off-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
      Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
      941297f4
    • Patrick McHardy's avatar
      netfilter: xt_osf: fix nf_log_packet() arguments · aa6a03eb
      Patrick McHardy authored
      The first argument is the address family, the second one the hook
      number.
      Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
      aa6a03eb
  4. 15 Jul, 2009 2 commits
  5. 14 Jul, 2009 5 commits
  6. 13 Jul, 2009 3 commits
    • Eric Dumazet's avatar
      igb: gcc-3.4.6 fix · c8159b2d
      Eric Dumazet authored
      forward declaration of inline function should be avoided, or
      old gcc cannot compile.
      Reported-by: default avatarTeck Choon Giam <giamteckchoon@gmail.com>
      Signed-off-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c8159b2d
    • roel kluin's avatar
      atlx: duplicate testing of MCAST flag · 41796e91
      roel kluin authored
      Fix duplicate testing of MCAST flag
      Signed-off-by: default avatarRoel Kluin <roel.kluin@gmail.com>
      Acked-by: default avatarJay Cliburn <jcliburn@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      41796e91
    • Ralf Baechle's avatar
      NET: Fix locking issues in PPP, 6pack, mkiss and strip line disciplines. · adeab1af
      Ralf Baechle authored
      Guido Trentalancia reports:
      
      I am trying to use the kiss driver in the Linux kernel that is being
      shipped with Fedora 10 but unfortunately I get the following oops:
      
      mkiss: AX.25 Multikiss, Hans Albas PE1AYX
      mkiss: ax0: crc mode is auto.
      ADDRCONF(NETDEV_CHANGE): ax0: link becomes ready
      ------------[ cut here ]------------
      WARNING: at kernel/softirq.c:77 __local_bh_disable+0x2f/0x83() (Not
      tainted)
      [...]
      unloaded: microcode]
      Pid: 0, comm: swapper Not tainted 2.6.27.25-170.2.72.fc10.i686 #1
       [<c042ddfb>] warn_on_slowpath+0x65/0x8b
       [<c06ab62b>] ? _spin_unlock_irqrestore+0x22/0x38
       [<c04228b4>] ? __enqueue_entity+0xe3/0xeb
       [<c042431e>] ? enqueue_entity+0x203/0x20b
       [<c0424361>] ? enqueue_task_fair+0x3b/0x3f
       [<c041f88c>] ? resched_task+0x3a/0x6e
       [<c06ab62b>] ? _spin_unlock_irqrestore+0x22/0x38
       [<c06ab4e2>] ? _spin_lock_bh+0xb/0x16
       [<c043255b>] __local_bh_disable+0x2f/0x83
       [<c04325ba>] local_bh_disable+0xb/0xd
       [<c06ab4e2>] _spin_lock_bh+0xb/0x16
       [<f8b6f600>] mkiss_receive_buf+0x2fb/0x3a6 [mkiss]
       [<c0572a30>] flush_to_ldisc+0xf7/0x198
       [<c0572b12>] tty_flip_buffer_push+0x41/0x51
       [<f89477f2>] ftdi_process_read+0x375/0x4ad [ftdi_sio]
       [<f8947a5a>] ftdi_read_bulk_callback+0x130/0x138 [ftdi_sio]
       [<c05d4bec>] usb_hcd_giveback_urb+0x63/0x93
       [<c05ea290>] uhci_giveback_urb+0xe5/0x15f
       [<c05eaabf>] uhci_scan_schedule+0x52e/0x767
       [<c05f6288>] ? psmouse_handle_byte+0xc/0xe5
       [<c054df78>] ? acpi_ev_gpe_detect+0xd6/0xe1
       [<c05ec5b0>] uhci_irq+0x110/0x125
       [<c05d4834>] usb_hcd_irq+0x40/0xa3
       [<c0465313>] handle_IRQ_event+0x2f/0x64
       [<c046642b>] handle_level_irq+0x74/0xbe
       [<c04663b7>] ? handle_level_irq+0x0/0xbe
       [<c0406e6e>] do_IRQ+0xc7/0xfe
       [<c0405668>] common_interrupt+0x28/0x30
       [<c056821a>] ? acpi_idle_enter_simple+0x162/0x19d
       [<c0617f52>] cpuidle_idle_call+0x60/0x92
       [<c0403c61>] cpu_idle+0x101/0x134
       [<c069b1ba>] rest_init+0x4e/0x50
       =======================
      ---[ end trace b7cc8076093467ad ]---
      ------------[ cut here ]------------
      WARNING: at kernel/softirq.c:136 _local_bh_enable_ip+0x3d/0xc4()
      [...]
      Pid: 0, comm: swapper Tainted: G        W 2.6.27.25-170.2.72.fc10.i686
       [<c042ddfb>] warn_on_slowpath+0x65/0x8b
       [<c06ab62b>] ? _spin_unlock_irqrestore+0x22/0x38
       [<c04228b4>] ? __enqueue_entity+0xe3/0xeb
       [<c042431e>] ? enqueue_entity+0x203/0x20b
       [<c0424361>] ? enqueue_task_fair+0x3b/0x3f
       [<c041f88c>] ? resched_task+0x3a/0x6e
       [<c06ab62b>] ? _spin_unlock_irqrestore+0x22/0x38
       [<c06ab4e2>] ? _spin_lock_bh+0xb/0x16
       [<f8b6f642>] ? mkiss_receive_buf+0x33d/0x3a6 [mkiss]
       [<c04325f9>] _local_bh_enable_ip+0x3d/0xc4
       [<c0432688>] local_bh_enable_ip+0x8/0xa
       [<c06ab54d>] _spin_unlock_bh+0x11/0x13
       [<f8b6f642>] mkiss_receive_buf+0x33d/0x3a6 [mkiss]
       [<c0572a30>] flush_to_ldisc+0xf7/0x198
       [<c0572b12>] tty_flip_buffer_push+0x41/0x51
       [<f89477f2>] ftdi_process_read+0x375/0x4ad [ftdi_sio]
       [<f8947a5a>] ftdi_read_bulk_callback+0x130/0x138 [ftdi_sio]
       [<c05d4bec>] usb_hcd_giveback_urb+0x63/0x93
       [<c05ea290>] uhci_giveback_urb+0xe5/0x15f
       [<c05eaabf>] uhci_scan_schedule+0x52e/0x767
       [<c05f6288>] ? psmouse_handle_byte+0xc/0xe5
       [<c054df78>] ? acpi_ev_gpe_detect+0xd6/0xe1
       [<c05ec5b0>] uhci_irq+0x110/0x125
       [<c05d4834>] usb_hcd_irq+0x40/0xa3
       [<c0465313>] handle_IRQ_event+0x2f/0x64
       [<c046642b>] handle_level_irq+0x74/0xbe
       [<c04663b7>] ? handle_level_irq+0x0/0xbe
       [<c0406e6e>] do_IRQ+0xc7/0xfe
       [<c0405668>] common_interrupt+0x28/0x30
       [<c056821a>] ? acpi_idle_enter_simple+0x162/0x19d
       [<c0617f52>] cpuidle_idle_call+0x60/0x92
       [<c0403c61>] cpu_idle+0x101/0x134
       [<c069b1ba>] rest_init+0x4e/0x50
       =======================
      ---[ end trace b7cc8076093467ad ]---
      mkiss: ax0: Trying crc-smack
      mkiss: ax0: Trying crc-flexnet
      
      The issue was, that the locking code in mkiss was assuming it was only
      ever being called in process or bh context.  Fixed by converting the
      involved locking code to use irq-safe locks.
      
      Review of other networking line disciplines shows that 6pack, both sync
      and async PPP and STRIP have similar issues.  The ppp_async one is the
      most interesting one as it sorts out half of the issue as far back as
      2004 in commit http://git.kernel.org/?p=linux/kernel/git/tglx/history.git;a=commitdiff;h=2996d8deaeddd01820691a872550dc0cfba0c37dSigned-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
      Reported-by: default avatarGuido Trentalancia <guido@trentalancia.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      adeab1af
  7. 12 Jul, 2009 4 commits