]> err.no Git - linux-2.6/log
linux-2.6
17 years ago[BNX2]: Fix occasional NETDEV WATCHDOG on 5709.
Michael Chan [Tue, 24 Apr 2007 22:35:53 +0000 (15:35 -0700)]
[BNX2]: Fix occasional NETDEV WATCHDOG on 5709.

Tweak a register setting to prevent the tx mailbox from halting.

Update version to 1.5.8.

Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[IPV6]: Disallow RH0 by default.
YOSHIFUJI Hideaki [Tue, 24 Apr 2007 21:58:30 +0000 (14:58 -0700)]
[IPV6]: Disallow RH0 by default.

A security issue is emerging.  Disallow Routing Header Type 0 by default
as we have been doing for IPv4.
Note: We allow RH2 by default because it is harmless.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[XFRM]: beet: fix pseudo header length value
Patrick McHardy [Tue, 24 Apr 2007 05:39:02 +0000 (22:39 -0700)]
[XFRM]: beet: fix pseudo header length value

draft-nikander-esp-beet-mode-07.txt is not entirely clear on how the length
value of the pseudo header should be calculated, it states "The Header Length
field contains the length of the pseudo header, IPv4 options, and padding in
8 octets units.", but also states "Length in octets (Header Len + 1) * 8".
draft-nikander-esp-beet-mode-08-pre1.txt [1] clarifies this, the header length
should not include the first 8 byte.

This change affects backwards compatibility, but option encapsulation didn't
work until very recently anyway.

[1] http://users.piuha.net/jmelen/BEET/draft-nikander-esp-beet-mode-08-pre1.txt

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[TCP]: Congestion control initialization.
Stephen Hemminger [Tue, 24 Apr 2007 05:32:11 +0000 (22:32 -0700)]
[TCP]: Congestion control initialization.

Change to defer congestion control initialization.

If setsockopt() was used to change TCP_CONGESTION before
connection is established, then protocols that use sequence numbers
to keep track of one RTT interval (vegas, illinois, ...) get confused.

Change the init hook to be called after handshake.

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years agoAdd missing USRobotics Wireless Adapter (Model 5423) id into zd1211rw
S.Çağlar Onur [Sat, 21 Apr 2007 21:52:48 +0000 (00:52 +0300)]
Add missing USRobotics Wireless Adapter (Model 5423) id into zd1211rw

USRobotics Wireless Adapter (Model 5423) works well with current
zd1211rw driver also (i have tested 2.6.18, 2.6.20 and 2.6.21-rc7).

It just needs its ID added to the list of devices.

Signed-off-by: S.Çağlar Onur <caglar@pardus.org.tr>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoMerge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6
Linus Torvalds [Mon, 23 Apr 2007 18:13:19 +0000 (11:13 -0700)]
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6

* master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6:
  [SUNHME]: Fix module unload.
  [SUNLANCE]: Fix module unload.
  [SUNQE]: Fix MAC address assignment.
  [SBUS] vfc_dev.c: kzalloc

17 years agoMerge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
Linus Torvalds [Mon, 23 Apr 2007 18:13:00 +0000 (11:13 -0700)]
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
  [PPP]: Fix skbuff.c:BUG due incorrect logic in process_input_packet()

17 years ago[SUNHME]: Fix module unload.
Marcel van Nies [Sat, 21 Apr 2007 22:34:55 +0000 (15:34 -0700)]
[SUNHME]: Fix module unload.

Signed-off-by: Marcel van Nies <morcles@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[SUNLANCE]: Fix module unload.
Marcel van Nies [Sat, 21 Apr 2007 22:34:10 +0000 (15:34 -0700)]
[SUNLANCE]: Fix module unload.

Signed-off-by: Marcel van Nies <morcles@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[SUNQE]: Fix MAC address assignment.
Marcel van Nies [Sat, 21 Apr 2007 22:31:58 +0000 (15:31 -0700)]
[SUNQE]: Fix MAC address assignment.

The MAC address assignment at module loading is simply forgotten.
The bug at module unloading is caused by an incorrect call.

The bug at module unloading does not only happen for sunqe,
sunlance and sunhme (sbus) suffer from it too.

I've tested this on my SS20.

Signed-off-by: Marcel van Nies <morcles@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[SBUS] vfc_dev.c: kzalloc
vignesh babu [Tue, 17 Apr 2007 19:42:09 +0000 (12:42 -0700)]
[SBUS] vfc_dev.c: kzalloc

Replacing kmalloc/memset combination with kzalloc.

Signed-off-by: vignesh babu <vignesh.babu@wipro.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years agoMerge master.kernel.org:/pub/scm/linux/kernel/git/bart/ide-2.6
Linus Torvalds [Sat, 21 Apr 2007 05:58:16 +0000 (22:58 -0700)]
Merge master.kernel.org:/pub/scm/linux/kernel/git/bart/ide-2.6

* master.kernel.org:/pub/scm/linux/kernel/git/bart/ide-2.6:
  ide/Kconfig: add missing range check for IDE_MAX_HWIFS
  hpt366: fix kernel oops with HPT302N
  ide/pci/delkin_cb.c: add new PCI ID

17 years agoMerge branch 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus
Linus Torvalds [Sat, 21 Apr 2007 05:57:51 +0000 (22:57 -0700)]
Merge branch 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus

* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
  [MIPS] Fix wrong checksum for split TCP packets on 64-bit MIPS
  [MIPS] Fix BUG(), BUG_ON() handling
  [MIPS] Retry {save,restore}_fp_context if failed in atomic context.
  [MIPS] Disallow CpU exception in kernel again.
  [MIPS] Add missing silicon revisions for BCM112x

17 years agoRPC: Fix the TCP resend semantics for NFSv4
Trond Myklebust [Fri, 20 Apr 2007 20:12:55 +0000 (16:12 -0400)]
RPC: Fix the TCP resend semantics for NFSv4

Fix a regression due to the patch "NFS: disconnect before retrying NFSv4
requests over TCP"

The assumption made in xprt_transmit() that the condition
"req->rq_bytes_sent == 0 and request is on the receive list"
should imply that we're dealing with a retransmission is false.
Firstly, it may simply happen that the socket send queue was full
at the time the request was initially sent through xprt_transmit().
Secondly, doing this for each request that was retransmitted implies
that we disconnect and reconnect for _every_ request that happened to
be retransmitted irrespective of whether or not a disconnection has
already occurred.

Fix is to move this logic into the call_status request timeout handler.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoNFS: Fix race in nfs_set_page_dirty
Trond Myklebust [Fri, 20 Apr 2007 20:12:50 +0000 (16:12 -0400)]
NFS: Fix race in nfs_set_page_dirty

Protect nfs_set_page_dirty() against races with nfs_inode_add_request.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoNFS: Fix the 'desynchronized value of nfs_i.ncommit' error
Trond Myklebust [Fri, 20 Apr 2007 20:12:45 +0000 (16:12 -0400)]
NFS: Fix the 'desynchronized value of nfs_i.ncommit' error

Redirtying a request that is already marked for commit will screw up the
accounting for NR_UNSTABLE_NFS as well as nfs_i.ncommit.
Ensure that all requests on the commit queue are labelled with the
PG_NEED_COMMIT flag, and avoid moving them onto the dirty list inside
nfs_page_mark_flush().

Also inline nfs_mark_request_dirty() into nfs_page_mark_flush() for
atomicity reasons. Avoid dropping the spinlock until we're done marking the
request in the radix tree and have added it to the ->dirty list.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoNFS: Don't clear PG_writeback until after we've processed unstable writes
Trond Myklebust [Fri, 20 Apr 2007 20:12:40 +0000 (16:12 -0400)]
NFS: Don't clear PG_writeback until after we've processed unstable writes

Ensure that we don't release the PG_writeback lock until after the page has
either been redirtied, or queued on the nfs_inode 'commit' list.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoNFS: clean up the unstable write code
Trond Myklebust [Fri, 20 Apr 2007 20:12:34 +0000 (16:12 -0400)]
NFS: clean up the unstable write code

Get rid of the inlined #ifdefs.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoLonghaul - Revert ACPI C3 on Longhaul ver. 2
Dave Jones [Fri, 20 Apr 2007 19:58:00 +0000 (15:58 -0400)]
Longhaul - Revert ACPI C3 on Longhaul ver. 2

Support for Longhaul ver.  2 broke driver for VIA C3 Eden 600MHz with
Samuel 2 core.  Processor is not able to switch frequency anymore.  I
don't know much about this issue at the moment, but until (if ever) I
will know why, this part should be reversed.

Signed-off-by: Rafal Bilski <rafalbilski@interia.pl>
Signed-off-by: Dave Jones <davej@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agocfq-iosched: fix sequential write regression
Jens Axboe [Fri, 20 Apr 2007 06:55:52 +0000 (08:55 +0200)]
cfq-iosched: fix sequential write regression

We have a 10-15% performance regression for sequential writes on TCQ/NCQ
enabled drives in 2.6.21-rcX after the CFQ update went in.  It has been
reported by Valerie Clement <valerie.clement@bull.net> and the Intel
testing folks.  The regression is because of CFQ's now more aggressive
queue control, limiting the depth available to the device.

This patches fixes that regression by allowing a greater depth when only
one queue is busy.  It has been tested to not impact sync-vs-async
workloads too much - we still do a lot better than 2.6.20.

Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoide/Kconfig: add missing range check for IDE_MAX_HWIFS
Bartlomiej Zolnierkiewicz [Fri, 20 Apr 2007 20:16:58 +0000 (22:16 +0200)]
ide/Kconfig: add missing range check for IDE_MAX_HWIFS

ide_hwif_to_major[] has only 10 entries as there are 10 major numbers
reserved for IDE (if somebody needs more it shouldn't be hard to fix).

Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
17 years agohpt366: fix kernel oops with HPT302N
Sergei Shtylyov [Fri, 20 Apr 2007 20:16:58 +0000 (22:16 +0200)]
hpt366: fix kernel oops with HPT302N

The driver crashes the kernel on HPT302N chips due to the missing initializer
for 'hpt302n.settings' having been unfortunately overlooked so far. :-<

Much thanks to Mike Mattie for pin-pointing the reason of crash.

Signed-off-by: Sergei Shtylyov <sshtylyov@ru.mvista.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
17 years agoide/pci/delkin_cb.c: add new PCI ID
Mark Lord [Fri, 20 Apr 2007 20:16:58 +0000 (22:16 +0200)]
ide/pci/delkin_cb.c: add new PCI ID

Add PCI ID for a newer variant of cardbus CF/IDE adapter card.

Signed-off-by: Mark Lord <mlord@pobox.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
17 years ago[MIPS] Fix wrong checksum for split TCP packets on 64-bit MIPS
Dave Johnson [Wed, 18 Apr 2007 14:39:41 +0000 (10:39 -0400)]
[MIPS] Fix wrong checksum for split TCP packets on 64-bit MIPS

I've traced down an off-by-one TCP checksum calculation error under
the following conditions:

1) The TCP code needs to split a full-sized packet due to a reduced
   MSS (typically due to the addition of TCP options mid-stream like
   SACK).
   _AND_
2) The checksum of the 2nd fragment is larger than the checksum of the
   original packet.  After subtraction this results in a checksum for
   the 1st fragment with bits 16..31 set to 1. (this is ok)
   _AND_
3) The checksum of the 1st fragment's TCP header plus the previously
   32bit checksum of the 1st fragment DOES NOT cause a 32bit overflow
   when added together.  This results in a checksum of the TCP header
   plus TCP data that still has the upper 16 bits as 1's.
   _THEN_
4) The TCP+data checksum is added to the checksum of the pseudo IP
   header with csum_tcpudp_nofold() incorrectly (the bug).

The problem is the checksum of the TCP+data is passed to
csum_tcpudp_nofold() as an 32bit unsigned value, however the assembly
code acts on it as if it is a 64bit unsigned value.

This causes an incorrect 32->64bit extension if the sum has bit 31
set.  The resulting checksum is off by one.

This problems is data and TCP header dependent due to #2 and #3
above so it doesn't occur on every TCP packet split.

Signed-off-by: Dave Johnson <djohnson+linux-mips@sw.starentnetworks.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
17 years ago[MIPS] Fix BUG(), BUG_ON() handling
Atsushi Nemoto [Thu, 12 Apr 2007 11:02:54 +0000 (20:02 +0900)]
[MIPS] Fix BUG(), BUG_ON() handling

With commit 63dc68a8cf60cb110b147dab1704d990808b39e2, kernel can not
handle BUG() and BUG_ON() properly since get_user() returns false for
kernel code.  Use __get_user() to skip unnecessary access_ok().  This
patch also make BRK_BUG code encoded in the TNE instruction.

Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
17 years ago[MIPS] Retry {save,restore}_fp_context if failed in atomic context.
Atsushi Nemoto [Mon, 16 Apr 2007 14:19:44 +0000 (23:19 +0900)]
[MIPS] Retry {save,restore}_fp_context if failed in atomic context.

The save_fp_context()/restore_fp_context() might sleep on accessing
user stack and therefore might lose FPU ownership in middle of them.

If these function failed due to "in_atomic" test in do_page_fault,
touch the sigcontext area in non-atomic context and retry these
save/restore operation.

This is a replacement of a (broken) fix which was titled "Allow CpU
exception in kernel partially".

Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
17 years ago[MIPS] Disallow CpU exception in kernel again.
Atsushi Nemoto [Fri, 13 Apr 2007 17:37:26 +0000 (02:37 +0900)]
[MIPS] Disallow CpU exception in kernel again.

The commit 4d40bff7110e9e1a97ff8c01bdd6350e9867cc10 ("Allow CpU
exception in kernel partially") was broken.  The commit was to fix
theoretical problem but broke usual case.  Revert it for now.

Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
17 years ago[MIPS] Add missing silicon revisions for BCM112x
Mark Mason [Fri, 13 Apr 2007 17:32:25 +0000 (10:32 -0700)]
[MIPS] Add missing silicon revisions for BCM112x

Recent versions of the BCM112X processors aren't recognized by Linux
(preventing Linux from booting on those processors).  This patch adds
support for those that are missing.

Signed-off-by: Mark Mason <mason@broadcom.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
17 years agoRevert "e1000: fix NAPI performance on 4-port adapters"
Linus Torvalds [Fri, 20 Apr 2007 01:21:01 +0000 (18:21 -0700)]
Revert "e1000: fix NAPI performance on 4-port adapters"

This reverts commit 60cba200f11b6f90f35634c5cd608773ae3721b7.  It's been
linked to lockups of the e1000 hardware, see for example

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229603

but it's likely that the commit itself is not really introducing the
bug, but just allowing an unrelated problem to rear its ugly head (ie
one current working theory is that the code exposes us to a hardware
race condition by decreasing the amount of time we spend in each NAPI
poll cycle).

We'll revert it until root cause is known.  Intel has a repeatable
reproduction on two different machines and bus traces of the hardware
doing something bad.

Acked-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
Cc: Jeff Garzik <jeff@garzik.org>
Cc: David S. Miller <davem@davemloft.net>
Cc: Greg KH <gregkh@suse.de>
Cc: Dave Jones <davej@redhat.com>
Cc: Auke Kok <auke-jan.h.kok@intel.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoMerge branch 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik...
Linus Torvalds [Fri, 20 Apr 2007 00:25:28 +0000 (17:25 -0700)]
Merge branch 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/libata-dev

* 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/libata-dev:
  pata_sis: Fix oops on boot

17 years agopata_sis: Fix oops on boot
Alan Cox [Thu, 19 Apr 2007 10:09:52 +0000 (11:09 +0100)]
pata_sis: Fix oops on boot

A small number of SiS setups require special handling (not many judging
by how long this dumb bug survived). A couple of Fedora 7 devel testers
hit an Oops on pata_sis loading which is caused by terminal confusion
between chipset as 'the chipset we have found' and chipset as 'array
iterator'

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
17 years ago[PPP]: Fix skbuff.c:BUG due incorrect logic in process_input_packet()
Paul Mackerras [Thu, 19 Apr 2007 20:05:52 +0000 (13:05 -0700)]
[PPP]: Fix skbuff.c:BUG due incorrect logic in process_input_packet()

From: Paul Mackerras <paulus@samba.org>

This fixes:

Subject: kernel BUG at net/core/skbuff.c in linux-2.6.21-rc6

process_input_packet() treats the case where the first byte is 0xff
(PPP_ALLSTATIONS) but the second byte is 0x03 (PPP_UI) as indicating a
packet with a PPP protocol number of 0xff.  Arguably that's wrong
since PPP protocol 0xff is reserved, and the RFC does envision the
possibility of receiving frames where the control field has values
other than 0x03.

Signed-off-by: David S. Miller <davem@davemloft.net>
17 years agosky2: version 1.14
Stephen Hemminger [Wed, 11 Apr 2007 21:48:03 +0000 (14:48 -0700)]
sky2: version 1.14

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
17 years agosky2: no jumbo on Yukon FE
Stephen Hemminger [Wed, 11 Apr 2007 21:48:02 +0000 (14:48 -0700)]
sky2: no jumbo on Yukon FE

The Yukon FE (100mbit only) chips do not support large packets.

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
17 years agosky2: EC-U performance and jumbo support
Stephen Hemminger [Wed, 11 Apr 2007 21:48:01 +0000 (14:48 -0700)]
sky2: EC-U performance and jumbo support

The Yukon EC Ultra chips have transmit settings for store and
forward and PCI buffering. By setting these appropriately, normal
performance goes from 750Mbytes/sec to 940Mbytes/sec (non-jumbo).

It is also possible to do Jumbo mode, but it means turning off
TSO and checksum offload so the performance gets worse. There isn't
enough buffering for checksum offload to work.

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
17 years agosky2: disable ASF on all chip types
Stephen Hemminger [Wed, 11 Apr 2007 21:48:00 +0000 (14:48 -0700)]
sky2: disable ASF on all chip types

Need to make sure and disable ASF on all chip types. Otherwise, there may be
random reboots.

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
17 years agosky2: handle descriptor errors
Stephen Hemminger [Wed, 11 Apr 2007 21:47:59 +0000 (14:47 -0700)]
sky2: handle descriptor errors

There should never be descriptor error unless hardware or driver is buggy.
But if an error occurs, print useful information, clear irq, and recover.

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
17 years agosky2: disable support for 88E8056
Stephen Hemminger [Wed, 11 Apr 2007 21:47:58 +0000 (14:47 -0700)]
sky2: disable support for 88E8056

This device is having all sorts of problems that lead to data corruption
and system instability.  It gets receive status and data out of order,
it generates descriptor and TSO errors, etc.

Until the problems are resolved, it should not be used by anyone
who cares about there system.

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
17 years agogianfar needs crc32 lib dependency
Dave Jiang [Thu, 12 Apr 2007 17:57:06 +0000 (10:57 -0700)]
gianfar needs crc32 lib dependency

Gianfar needs crc32 to be selected to compile.

Signed-off-by: Dave Jiang <djiang@mvista.com>
--
 drivers/net/Kconfig |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)
--
Signed-off-by: Jeff Garzik <jeff@garzik.org>
17 years agospidernet: Fix problem sending IP fragments
Linas Vepstas [Tue, 17 Apr 2007 05:54:13 +0000 (22:54 -0700)]
spidernet: Fix problem sending IP fragments

The basic structure of "normal" UDP/IP/Ethernet
frames (that actually work):
 - It starts with the Ethernet header (dest MAC, src MAC, etc.)
 - The next part is occupied by the IP header (version info, length of
packet, id=0, fragment offset=0, checksum, from / to address, etc.)
 - Then comes the UDP header (src / dest port, length, checksum)
 - Actual payload
 - Ethernet checksum

Now what's different for IP fragment:
 - The IP header has id set to some value (same for all fragments),
offset is set appropriately (i.e. 0 for first fragment, following
according to size of other fragments), size is the length of the frame.
 - UDP header is unchanged. I.e. length is according to full UDP
datagram, not just the part within the actual frame! But this is only
true within the first frame: all following frames don't have a valid
UDP-header at all.

The spidernet silicon seems to be quite intelligent: It's able to
compute (IP / UDP / Ethernet) checksums on the fly and tests if frames
are conforming to RFC -- at least conforming to RFC on complete frames.

But IP fragments are different as explained above:
I.e. for IP fragments containing part of a UDP datagram it sees
incompatible length in the headers for IP and UDP in the first frame
and, thus, skips this frame. But the content *is* correct for IP
fragments. For all following frames it finds (most probably) no valid
UDP header at all. But this *is* also correct for IP fragments.

The Linux IP-stack seems to be clever in this point. It expects the
spidernet to calculate the checksum (since the module claims to be able
to do so) and marks the skb's for "normal" frames accordingly
(ip_summed set to CHECKSUM_HW).
But for the IP fragments it does not expect the driver to be capable to
handle the frames appropriately. Thus all checksums are allready
computed. This is also flaged within the skb (ip_summed set to
CHECKSUM_NONE).

Unfortunately the spidernet driver ignores that hints. It tries to send
the IP fragments of UDP datagrams as normal UDP/IP frames. Since they
have different structure the silicon detects them the be not
"well-formed" and skips them.

The following one-liner against 2.6.21-rc2 changes this behavior. If the
IP-stack claims to have done the checksumming, the driver should not
try to checksum (and analyze) the frame but send it as is.

Signed-off-by: Norbert Eicker <n.eicker@fz-juelich.de>
Signed-off-by: Linas Vepstas <linas@austin.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
17 years agocxgb3 - PHY interrupts and GPIO pins.
Divy Le Ray [Tue, 17 Apr 2007 18:06:36 +0000 (11:06 -0700)]
cxgb3 - PHY interrupts and GPIO pins.

Remove assumption that PHY interrupts use GPIOs 3 and 5.
Deal with PHY interrupts connected to any GPIO pins.

Signed-off-by: Divy Le Ray <divy@chelsio.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
17 years agocxgb3 - Fix low memory conditions
Divy Le Ray [Tue, 17 Apr 2007 18:06:30 +0000 (11:06 -0700)]
cxgb3 - Fix low memory conditions

Reuse the incoming skb when a clientless abort req is recieved.

The release of RDMA connections HW resources might be deferred in
low memory situations.
Ensure that no further activity is passed up to the RDMA driver
for these connections.

Signed-off-by: Divy Le Ray <divy@chelsio.com>
Signed-off-by: Jeff Garzik <jeff@garzik.org>
17 years agoMerge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/avi/kvm
Linus Torvalds [Thu, 19 Apr 2007 16:49:59 +0000 (09:49 -0700)]
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/avi/kvm

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/avi/kvm:
  KVM: Fix off-by-one when writing to a nonpae guest pde

17 years agoKVM: Fix off-by-one when writing to a nonpae guest pde
Avi Kivity [Wed, 18 Apr 2007 08:18:18 +0000 (11:18 +0300)]
KVM: Fix off-by-one when writing to a nonpae guest pde

Nonpae guest pdes are shadowed by two pae ptes, so we double the offset
twice: once to account for the pte size difference, and once because we
need to shadow pdes for a single guest pde.

But when writing to the upper guest pde we also need to truncate the
lower bits, otherwise the multiply shifts these bits into the pde index
and causes an access to the wrong shadow pde.  If we're at the end of the
page (accessing the very last guest pde) we can even overflow into the
next host page and oops.

Signed-off-by: Avi Kivity <avi@qumranet.com>
17 years ago[NETLINK]: Don't attach callback to a going-away netlink socket
Denis Lunev [Thu, 19 Apr 2007 00:05:58 +0000 (17:05 -0700)]
[NETLINK]: Don't attach callback to a going-away netlink socket

There is a race between netlink_dump_start() and netlink_release()
that can lead to the situation when a netlink socket with non-zero
callback is freed.

Here it is:

CPU1:                           CPU2
netlink_release():              netlink_dump_start():

                                sk = netlink_lookup(); /* OK */

netlink_remove();

spin_lock(&nlk->cb_lock);
if (nlk->cb) { /* false */
  ...
}
spin_unlock(&nlk->cb_lock);

                                spin_lock(&nlk->cb_lock);
                                if (nlk->cb) { /* false */
                                         ...
                                }
                                nlk->cb = cb;
                                spin_unlock(&nlk->cb_lock);
                                ...
sock_orphan(sk);
/*
 * proceed with releasing
 * the socket
 */

The proposal it to make sock_orphan before detaching the callback
in netlink_release() and to check for the sock to be SOCK_DEAD in
netlink_dump_start() before setting a new callback.

Signed-off-by: Denis Lunev <den@openvz.org>
Signed-off-by: Kirill Korotaev <dev@openvz.org>
Signed-off-by: Pavel Emelianov <xemul@openvz.org>
Acked-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[IrDA]: Correctly handling socket error
Olaf Kirch [Wed, 18 Apr 2007 22:07:22 +0000 (15:07 -0700)]
[IrDA]: Correctly handling socket error

This patch fixes an oops first reported in mid 2006 - see
http://lkml.org/lkml/2006/8/29/358 The cause of this bug report is that
when an error is signalled on the socket, irda_recvmsg_stream returns
without removing a local wait_queue variable from the socket's sk_sleep
queue. This causes havoc further down the road.

In response to this problem, a patch was made that invoked sock_orphan on
the socket when receiving a disconnect indication. This is not a good fix,
as this sets sk_sleep to NULL, causing applications sleeping in recvmsg
(and other places) to oops.

This is against the latest net-2.6 and should be considered for -stable
inclusion.

Signed-off-by: Olaf Kirch <olaf.kirch@oracle.com>
Signed-off-by: Samuel Ortiz <samuel@sortiz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[SCTP]: Do not interleave non-fragments when in partial delivery
Vlad Yasevich [Wed, 18 Apr 2007 21:11:06 +0000 (14:11 -0700)]
[SCTP]: Do not interleave non-fragments when in partial delivery

The way partial delivery is currently implemnted, it is possible to
intereleave a message (either from another steram, or unordered) that
is not part of partial delivery process.  The only way to this is for
a message to not be a fragment and be 'in order' or unorderd for a
given stream.  This will result in bypassing the reassembly/ordering
queues where things live duing partial delivery, and the
message will be delivered to the socket in the middle of partial delivery.

This is a two-fold problem, in that:
1.  the app now must check the stream-id and flags which it may not
be doing.
2.  this clearing partial delivery state from the association and results
in ulp hanging.

This patch is a band-aid over a much bigger problem in that we
don't do stream interleave.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[IPSEC] af_key: Fix thinko in pfkey_xfrm_policy2msg()
David S. Miller [Wed, 18 Apr 2007 04:48:10 +0000 (21:48 -0700)]
[IPSEC] af_key: Fix thinko in pfkey_xfrm_policy2msg()

Make sure to actually assign the determined mode to
rq->sadb_x_ipsecrequest_mode.

Noticed by Joe Perches.

Signed-off-by: David S. Miller <davem@davemloft.net>
17 years agoMerge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
Linus Torvalds [Tue, 17 Apr 2007 23:51:32 +0000 (16:51 -0700)]
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
  [BRIDGE]: Unaligned access when comparing ethernet addresses
  [SCTP]: Unmap v4mapped addresses during SCTP_BINDX_REM_ADDR operation.
  [SCTP]: Fix assertion (!atomic_read(&sk->sk_rmem_alloc)) failed message
  [NET]: Set a separate lockdep class for neighbour table's proxy_queue
  [NET]: Fix UDP checksum issue in net poll mode.
  [KEY]: Fix conversion between IPSEC_MODE_xxx and XFRM_MODE_xxx.
  [NET]: Get rid of alloc_skb_from_cache

17 years agoMerge branch 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/roland/infiniband
Linus Torvalds [Tue, 17 Apr 2007 23:50:59 +0000 (16:50 -0700)]
Merge branch 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/roland/infiniband

* 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/roland/infiniband:
  IB/mthca: Fix data corruption after FMR unmap on Sinai

17 years agoMerge branch 'for-linus' of git://one.firstfloor.org/home/andi/git/linux-2.6
Linus Torvalds [Tue, 17 Apr 2007 23:44:05 +0000 (16:44 -0700)]
Merge branch 'for-linus' of git://one.firstfloor.org/home/andi/git/linux-2.6

* 'for-linus' of git://one.firstfloor.org/home/andi/git/linux-2.6:
  [PATCH] x86: Fix potential overflow in perfctr reservation
  [PATCH] x86: Fix gcc 4.2 _proxy_pda workaround

17 years agoMinor bug fixes to i2c-pasemi
Olof Johansson [Tue, 17 Apr 2007 07:32:29 +0000 (00:32 -0700)]
Minor bug fixes to i2c-pasemi

* Last write during i2c_xfer is of the wrong byte (off-by-1).
* Read length is wrong for some of the reads (mistakenly used the PEC
  version)

Signed-off-by: Olof Johansson <olof@lixom.net>
Signed-off-by: Jean Delvare <khali@linux-fr.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoi2c-pasemi: Depend on PPC_PASEMI again
Jean Delvare [Tue, 17 Apr 2007 07:32:28 +0000 (00:32 -0700)]
i2c-pasemi: Depend on PPC_PASEMI again

Looks like a local change I made to be able to test-compile the i2c-pasemi
driver leaked upstream.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Acked-by: Olof Johansson <olof@lixom.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agohwmon/w83627ehf: Fix the fan5 clock divider write
Jean Delvare [Tue, 17 Apr 2007 07:32:27 +0000 (00:32 -0700)]
hwmon/w83627ehf: Fix the fan5 clock divider write

Users have been complaining about the w83627ehf driver flooding their logs
with debug messages like:

w83627ehf 9191-0a10: Increasing fan 4 clock divider from 64 to 128

or:

w83627ehf 9191-0290: Increasing fan 4 clock divider from 4 to 8

The reason is that we failed to actually write the LSB of the encoded clock
divider value for that fan, causing the next read to report the same old value
again and again.

Additionally, the fan number was improperly reported, making the bug harder to
find.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoProvide dummy devm_ioport_* if !HAS_IOPORT
Russell King [Tue, 17 Apr 2007 07:32:26 +0000 (00:32 -0700)]
Provide dummy devm_ioport_* if !HAS_IOPORT

Provide an dummy implementation of devm_ioport_map() and
devm_ioport_unmap() to allow drivers (eg, pata_platform) to build for
platforms where CONFIG_NO_IOPORT is selected.

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Jeff Garzik <jeff@garzik.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoknfsd: use a spinlock to protect sk_info_authunix
NeilBrown [Tue, 17 Apr 2007 05:53:25 +0000 (22:53 -0700)]
knfsd: use a spinlock to protect sk_info_authunix

sk_info_authunix is not being protected properly so the object that it
points to can be cache_put twice, leading to corruption.

We borrow svsk->sk_defer_lock to provide the protection.  We should
probably rename that lock to have a more generic name - later.

Thanks to Gabriel for reporting this.

Cc: Greg Banks <gnb@melbourne.sgi.com>
Cc: Gabriel Barazer <gabriel@oxeva.fr>
Signed-off-by: Neil Brown <neilb@suse.de>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agodrivers/macintosh/smu.c: fix locking snafu
Andrew Morton [Tue, 17 Apr 2007 05:53:25 +0000 (22:53 -0700)]
drivers/macintosh/smu.c: fix locking snafu

It got its lock and unlock backwards.

Fixes http://bugzilla.kernel.org/show_bug.cgi?id=8334

(obviously, this code could be using plain old spin_lock_irq(), too)

Cc: <matthias.kaehlcke@gmail.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoufs proper handling of zero link case
Evgeniy Dushistov [Tue, 17 Apr 2007 05:53:24 +0000 (22:53 -0700)]
ufs proper handling of zero link case

This patch should fix or partly fix this bug:
http://bugzilla.kernel.org/show_bug.cgi?id=8276

The problem is:

- if we see "zero link case" during reading inode operation, we call
  ufs_error(which remount fs readonly), but not "mark" inode as bad (1)

- in readonly case we do not fill some data structures, which are used in
  read and write case (2)

- VFS call ufs_delete_inode if link count is zero (3)

so (1)->(3)->(2) cause oops, this patch should fix such scenario

Signed-off-by: Evgeniy Dushistov <dushistov@mail.ru>
Cc: Jim Paris <jim@jtan.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agospi: fix use of set_cs in spi_s3c24xx driver
Ben Dooks [Tue, 17 Apr 2007 05:53:22 +0000 (22:53 -0700)]
spi: fix use of set_cs in spi_s3c24xx driver

It turns out that the last patch to change set_cs to be kept in the
controller's structure instead of the platform data was an incomplete
change, and did not change the references to platfrom data in the setup
xfer code.  (This can prevent an oops.)

Reported-by: <Ling.Alex@iac.com.tw>
Signed-off-by: Ben Dooks <ben-linux@fluff.org>
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoalpha: build fixes - force architecture
Ivan Kokshaysky [Tue, 17 Apr 2007 05:53:21 +0000 (22:53 -0700)]
alpha: build fixes - force architecture

Override compiler .arch directive for generic kernel build.

Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoalpha: more fixes for specific machine types
Ivan Kokshaysky [Tue, 17 Apr 2007 05:53:21 +0000 (22:53 -0700)]
alpha: more fixes for specific machine types

arch/alpha/kernel/sys_sx164.c

Earlier firmware revisions need MVI fix as well.

arch/alpha/kernel/sys_nautilus.c

On UP1500 firmware reports wrong AGP IRQ (10 instead of 5).
This causes interrupt storm if there is a PCI device that
uses IRQ 5.

Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoalpha: fixes for specific machine types
Ivan Kokshaysky [Tue, 17 Apr 2007 05:53:17 +0000 (22:53 -0700)]
alpha: fixes for specific machine types

Files:

arch/alpha/kernel/core_mcpcia.c
arch/alpha/kernel/sys_rawhide.c
include/asm-alpha/core_mcpcia.h

Determine correct hose configuration; RAWHIDE family can have
        2 or 4 hoses, so make sure non-existent hoses are ignored.

arch/alpha/kernel/err_titan.c

Supply a needed #include <asm/irq_regs.h>

arch/alpha/kernel/module.c

Add some useful output to the relocation overflow messages.

arch/alpha/kernel/sys_noritake.c

Supply necessary noritake_end_irq() to correct interrupt handling.
This fixes a problem first noted by hangs during boot probing with
a DE500-BA TULIP NIC present.

arch/alpha/kernel/sys_sio.c

Correct saving of original PIRQ register (PCI IRQ routing);
change default PIRQ setting to leave PCI IRQs 9 and 14 free to
be used for sound (Multia) and IDE (any), respectively.

include/asm-alpha/io.h

Supply the "isa_virt_to_bus" routine.

Signed-off-by: Jay Estabrook <jay.estabrook@hp.com>
Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agofix bogon in /dev/mem mmap'ing on nommu
Benjamin Herrenschmidt [Tue, 17 Apr 2007 05:53:16 +0000 (22:53 -0700)]
fix bogon in /dev/mem mmap'ing on nommu

While digging through my MAP_FIXED changes, I found that rather obvious
bug in /dev/mem mmap implementation for nommu archs. get_unmapped_area()
is expected to return an address, not a pfn.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-By: David Howells <dhowells@redhat.com>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agokernel-doc: fix plist.h comments
Randy Dunlap [Tue, 17 Apr 2007 05:53:15 +0000 (22:53 -0700)]
kernel-doc: fix plist.h comments

Make kernel-doc comments match macro names.
Correct parameter names in a few places.
Remove '#' from beginning of kernel-doc comment macro names.
Remove extra (erroneous) blank lines in kernel-doc.

Warning(plist.h:100): Cannot understand  * #PLIST_HEAD_INIT - static struct plist_head initializer on line 100 - I thought it was a doc line
Warning(plist.h:112): Cannot understand  * #PLIST_NODE_INIT - static struct plist_node initializer on line 112 - I thought it was a doc line
Warning(plist.h:103): No description found for parameter '_lock'
Warning(plist.h:129): No description found for parameter 'lock'
Warning(plist.h:158): No description found for parameter 'pos'
Warning(plist.h:169): No description found for parameter 'pos'
Warning(plist.h:169): No description found for parameter 'n'
Warning(plist.h:179): No description found for parameter 'mem'

This still leaves one warning & one error that need attention:
Error(plist.h:219): cannot understand prototype: '('
Warning(plist.h): no structured comments found

Acked-by: Inaky Perez-Gonzalez <inaky.perez-gonzalez@intel.com>
Cc: Daniel Walker <dwalker@mvista.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoexec.c: fix coredump to pipe problem and obscure "security hole"
Alan Cox [Tue, 17 Apr 2007 05:53:13 +0000 (22:53 -0700)]
exec.c: fix coredump to pipe problem and obscure "security hole"

The patch checks for "|" in the pattern not the output and doesn't nail a
pid on to a piped name (as it is a program name not a file)

Also fixes a very very obscure security corner case.  If you happen to have
decided on a core pattern that starts with the program name then the user
can run a program called "|myevilhack" as it stands.  I doubt anyone does
this.

Signed-off-by: Alan Cox <alan@redhat.com>
Confirmed-by: Christopher S. Aker <caker@theshore.net>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoallow vmsplice to work in 32-bit mode on ppc64
Don Zickus [Tue, 17 Apr 2007 05:53:12 +0000 (22:53 -0700)]
allow vmsplice to work in 32-bit mode on ppc64

Trivial change to pass vmsplice arguments through the compat layer on
pp64.

Signed-off-by: Don Zickus <dzickus@redhat.com>
Acked-by: Stephen Rothwell <sfr@canb.auug.org.au>
Acked-by: Paul Mackerras <paulus@samba.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years ago[BRIDGE]: Unaligned access when comparing ethernet addresses
Evgeny Kravtsunov [Tue, 17 Apr 2007 19:31:24 +0000 (12:31 -0700)]
[BRIDGE]: Unaligned access when comparing ethernet addresses

compare_ether_addr() implicitly requires that the addresses
passed are 2-bytes aligned in memory.

This is not true for br_stp_change_bridge_id() and
br_stp_recalculate_bridge_id() in which one of the addresses
is unsigned char *, and thus may not be 2-bytes aligned.

Signed-off-by: Evgeny Kravtsunov <emkravts@openvz.org>
Signed-off-by: Kirill Korotaev <dev@openvz.org>
Signed-off-by: Pavel Emelianov <xemul@openvz.org>
17 years ago[SCTP]: Unmap v4mapped addresses during SCTP_BINDX_REM_ADDR operation.
Paolo Galtieri [Tue, 17 Apr 2007 19:52:36 +0000 (12:52 -0700)]
[SCTP]: Unmap v4mapped addresses during SCTP_BINDX_REM_ADDR operation.

During the sctp_bindx() call to add additional addresses to the
endpoint, any v4mapped addresses are converted and stored as regular
v4 addresses.  However, when trying to remove these addresses, the
v4mapped addresses are not converted and the operation fails.  This
patch unmaps the addresses on during the remove operation as well.

Signed-off-by: Paolo Galtieri <pgaltieri@mvista.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[SCTP]: Fix assertion (!atomic_read(&sk->sk_rmem_alloc)) failed message
Tsutomu Fujii [Tue, 17 Apr 2007 19:49:53 +0000 (12:49 -0700)]
[SCTP]: Fix assertion (!atomic_read(&sk->sk_rmem_alloc)) failed message

In current implementation, LKSCTP does receive buffer accounting for
data in sctp_receive_queue and pd_lobby. However, LKSCTP don't do
accounting for data in frag_list when data is fragmented. In addition,
LKSCTP doesn't do accounting for data in reasm and lobby queue in
structure sctp_ulpq.
When there are date in these queue, assertion failed message is printed
in inet_sock_destruct because sk_rmem_alloc of oldsk does not become 0
when socket is destroyed.

Signed-off-by: Tsutomu Fujii <t-fujii@nb.jp.nec.com>
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[NET]: Set a separate lockdep class for neighbour table's proxy_queue
Pavel Emelianov [Tue, 17 Apr 2007 19:45:31 +0000 (12:45 -0700)]
[NET]: Set a separate lockdep class for neighbour table's proxy_queue

Otherwise the following calltrace will lead to a wrong
lockdep warning:

  neigh_proxy_process()
    `- lock(neigh_table->proxy_queue.lock);
  arp_redo /* via tbl->proxy_redo */
  arp_process
  neigh_event_ns
  neigh_update
  skb_queue_purge
    `- lock(neighbor->arp_queue.lock);

This is not a deadlock actually, as neighbor table's proxy_queue
and the neighbor's arp_queue are different queues.

Lockdep thinks there is a deadlock as both queues are initialized
with skb_queue_head_init() and thus have a common class.

Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[NET]: Fix UDP checksum issue in net poll mode.
Aubrey.Li [Tue, 17 Apr 2007 19:40:20 +0000 (12:40 -0700)]
[NET]: Fix UDP checksum issue in net poll mode.

In net poll mode, the current checksum function doesn't consider the
kind of packet which is padded to reach a specific minimum length. I
believe that's the problem causing my test case failed. The following
patch fixed this issue.

Signed-off-by: Aubrey.Li <aubreylee@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[KEY]: Fix conversion between IPSEC_MODE_xxx and XFRM_MODE_xxx.
Kazunori MIYAZAWA [Tue, 17 Apr 2007 19:32:20 +0000 (12:32 -0700)]
[KEY]: Fix conversion between IPSEC_MODE_xxx and XFRM_MODE_xxx.

We should not blindly convert between IPSEC_MODE_xxx and XFRM_MODE_xxx just
by incrementing / decrementing because the assumption is not true any longer.

Signed-off-by: Kazunori MIYAZAWA <miyazawa@linux-ipv6.org>
Singed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
17 years ago[NET]: Get rid of alloc_skb_from_cache
Herbert Xu [Tue, 17 Apr 2007 19:28:27 +0000 (12:28 -0700)]
[NET]: Get rid of alloc_skb_from_cache

Since this was added originally for Xen, and Xen has recently (~2.6.18)
stopped using this function, we can safely get rid of it.  Good timing
too since this function has started to bit rot.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years agocache_k8_northbridges() overflows beyond allocation
Badari Pulavarty [Fri, 13 Apr 2007 15:13:42 +0000 (08:13 -0700)]
cache_k8_northbridges() overflows beyond allocation

cache_k8_northbridges() is storing config values to incorrect locations
(in flush_words) and also its overflowing beyond the allocation, causing
slab verification failures.

Signed-off-by: Badari Pulavarty <pbadari@us.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoIB/mthca: Fix data corruption after FMR unmap on Sinai
Michael S. Tsirkin [Mon, 16 Apr 2007 14:04:55 +0000 (17:04 +0300)]
IB/mthca: Fix data corruption after FMR unmap on Sinai

In mthca_arbel_fmr_unmap(), the high bits of the key are masked off.
This gets rid of the effect of adjust_key(), which makes sure that
bits 3 and 23 of the key are equal when the Sinai throughput
optimization is enabled, and so it may happen that an FMR will end up
with bits 3 and 23 in the key being different.  This causes data
corruption, because when enabling the throughput optimization, the
driver promises the HCA firmware that bits 3 and 23 of all memory keys
will always be equal.

Fix by re-applying adjust_key() after masking the key.

Thanks to Or Gerlitz for reproducing the problem, and Ariel Shahar for
help in debug.

Signed-off-by: Michael S. Tsirkin <mst@dev.mellanox.co.il>
Signed-off-by: Roland Dreier <rolandd@cisco.com>
17 years agoMerge master.kernel.org:/home/rmk/linux-2.6-arm
Linus Torvalds [Mon, 16 Apr 2007 20:21:11 +0000 (13:21 -0700)]
Merge master.kernel.org:/home/rmk/linux-2.6-arm

* master.kernel.org:/home/rmk/linux-2.6-arm:
  [ARM] 4313/1: S3C24XX: Update s3c2410 defconfig to 2.6.21-rc6
  [ARM] Update mach-types

17 years ago[ARM] 4313/1: S3C24XX: Update s3c2410 defconfig to 2.6.21-rc6
Ben Dooks [Mon, 9 Apr 2007 09:15:20 +0000 (10:15 +0100)]
[ARM] 4313/1: S3C24XX: Update s3c2410 defconfig to 2.6.21-rc6

Update defconfig to the latest kernel version
and enable the h1940 LED driver

Signed-off-by: Ben Dooks <ben-linux@fluff.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
17 years ago[ARM] Update mach-types
Russell King [Sun, 8 Apr 2007 08:57:26 +0000 (09:57 +0100)]
[ARM] Update mach-types

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
17 years ago[PATCH] x86: Fix potential overflow in perfctr reservation
Andi Kleen [Mon, 16 Apr 2007 08:30:27 +0000 (10:30 +0200)]
[PATCH] x86: Fix potential overflow in perfctr reservation

While reviewing this code again I found a potential overflow of the bitmap.
The p4 oprofile can theoretically set bits beyond the reservation bitmap for
specific configurations. Avoid that by sizing the bitmaps properly.

Signed-off-by: Andi Kleen <ak@suse.de>
17 years ago[PATCH] x86: Fix gcc 4.2 _proxy_pda workaround
Andi Kleen [Mon, 16 Apr 2007 08:30:27 +0000 (10:30 +0200)]
[PATCH] x86: Fix gcc 4.2 _proxy_pda workaround

Due to an over aggressive optimizer gcc 4.2 cannot optimize away _proxy_pda
in all cases (counter intuitive, but true).  This breaks loading of some
modules.

The earlier workaround to just export a dummy symbol didn't work unfortunately
because the module code ignores exports with 0 value.

Make it 1 instead.

Signed-off-by: Andi Kleen <ak@suse.de>
17 years agoLinux 2.6.21-rc7 v2.6.21-rc7
Linus Torvalds [Sun, 15 Apr 2007 23:50:57 +0000 (16:50 -0700)]
Linux 2.6.21-rc7

I tend to prefer to not have to cut an -rc7, but we still have some
network device driver and suspend issues. So here's -rc7.

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoNFS: Fix a list corruption problem
Trond Myklebust [Sun, 15 Apr 2007 20:21:49 +0000 (16:21 -0400)]
NFS: Fix a list corruption problem

We must remove the request from whatever list it is currently on before we
can add it to the dirty list.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoFix VMI relocation processing logic error
Zachary Amsden [Fri, 13 Apr 2007 02:28:46 +0000 (19:28 -0700)]
Fix VMI relocation processing logic error

Fix logic error in VMI relocation processing.  NOPs would always cause
a BUG_ON to fire because the != RELOCATION_NONE in the first if clause
precluding the == VMI_RELOCATION_NOP in the second clause.  Make these
direct equality tests and just warn for unsupported relocation types
(which should never happen), falling back to native in that case.

Thanks to Anthony Liguori for noting this!

Signed-off-by: Zachary Amsden <zach@vmware.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoNFS: Ensure PG_writeback is cleared when writeback fails
Trond Myklebust [Sat, 14 Apr 2007 23:10:12 +0000 (19:10 -0400)]
NFS: Ensure PG_writeback is cleared when writeback fails

If the writebacks are cancelled via nfs_cancel_dirty_list, or due to the
memory allocation failing in nfs_flush_one/nfs_flush_multi, then we must
ensure that the PG_writeback flag is cleared.

Also ensure that we actually own the PG_writeback flag whenever we
schedule a new writeback by making nfs_set_page_writeback() return the
value of test_set_page_writeback().
The PG_writeback page flag ends up replacing the functionality of the
PG_FLUSHING nfs_page flag, so we rip that out too.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoNFS: Fix two bugs in the O_DIRECT write code
Trond Myklebust [Sat, 14 Apr 2007 23:11:52 +0000 (19:11 -0400)]
NFS: Fix two bugs in the O_DIRECT write code

Do not flag an error if the COMMIT call fails and we decide to resend the
writes. Let the resend flag the error if it fails.

If a write has failed, then nfs_direct_write_result should not attempt to
send a commit. It should just exit asap and return the error to the user.

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoNFS: Fix an Oops in nfs_setattr()
Trond Myklebust [Sat, 14 Apr 2007 23:07:28 +0000 (19:07 -0400)]
NFS: Fix an Oops in nfs_setattr()

It looks like nfs_setattr() and nfs_rename() also need to test whether the
target is a regular file before calling nfs_wb_all()...

Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agofailsafe mechanism to HPET clock calibration
Ravikiran G Thirumalai [Fri, 13 Apr 2007 23:28:20 +0000 (16:28 -0700)]
failsafe mechanism to HPET clock calibration

Provide a failsafe mechanism to avoid kernel spinning forever at
read_hpet_tsc during early kernel bootup.

This failsafe mechanism was originally introduced in commit
2f7a2a79c3ebb44f8b1b7d9b4fd3a650eb69e544, but looks like the hpet split
from time.c lost it again.

This reintroduces the failsafe mechanism

Signed-off-by: Ravikiran Thirumalai <kiran@scalex86.org>
Signed-off-by: Shai Fultheim <shai@scalex86.org>
Cc: Jack Steiner <steiner@sgi.com>
Cc: john stultz <johnstul@us.ibm.com>
Cc: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoMerge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6
Linus Torvalds [Sun, 15 Apr 2007 04:41:12 +0000 (21:41 -0700)]
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6

* master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6:
  [SCSI] QLOGICPTI: Do not unmap DMA unless we actually mapped something.

17 years agoMerge master.kernel.org:/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6
Linus Torvalds [Sun, 15 Apr 2007 04:35:52 +0000 (21:35 -0700)]
Merge master.kernel.org:/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6

* master.kernel.org:/pub/scm/linux/kernel/git/jejb/scsi-rc-fixes-2.6:
  [SCSI] 3w-xxxx: fix oops caused by incorrect REQUEST_SENSE handling

17 years ago[SCSI] QLOGICPTI: Do not unmap DMA unless we actually mapped something.
David S. Miller [Sat, 14 Apr 2007 17:29:10 +0000 (10:29 -0700)]
[SCSI] QLOGICPTI: Do not unmap DMA unless we actually mapped something.

We only map DMA when cmd->request_bufflen is non-zero for non-sg
buffers, we thus should make the same check when unmapping.

Based upon a report from Pasi Pirhonen.

Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[SCSI] 3w-xxxx: fix oops caused by incorrect REQUEST_SENSE handling
James Bottomley [Fri, 6 Apr 2007 16:14:56 +0000 (11:14 -0500)]
[SCSI] 3w-xxxx: fix oops caused by incorrect REQUEST_SENSE handling

3w-xxxx emulates a REQUEST_SENSE response by simply returning nothing.
Unfortunately, it's assuming that the REQUEST_SENSE command is
implemented with use_sg == 0, which is no longer the case.  The oops
occurs because it's clearing the scatterlist in request_buffer instead
of the memory region.

This is fixed by using tw_transfer_internal() to transfer correctly to
the scatterlist.

Acked-by: adam radford <aradford@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
17 years agoDVB: dvb-usb-remote - fix oops when changing keymap
Olaf Kirch [Fri, 13 Apr 2007 05:18:44 +0000 (01:18 -0400)]
DVB: dvb-usb-remote - fix oops when changing keymap

DVB USB remotes do not support changing keycode maps but set
input_dev->keycodesize and input_dev->keycodemax without setting
input_dev->keycode. This causes kernel oops when user tries to
look up (or change) current keymap.

While the proper fix would be to make remotes handle keymap changes
we'll just remove keycodemax and keycodesize initialization so
EVIOCGKEYCODE and EVIOCSKEYCODE will simply return -EINVAL.

http://bugzilla.kernel.org/show_bug.cgi?id=8312

Signed-off-by: olaf.kirch@oracle.com
Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
17 years agoMerge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6
Linus Torvalds [Sat, 14 Apr 2007 01:20:39 +0000 (18:20 -0700)]
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6

* master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6:
  [SPARC64]: Fix inline directive in pci_iommu.c
  [SPARC64]: Fix arg passing to compat_sys_ipc().
  [SPARC]: Fix section mismatch warnings in pci.c and pcic.c
  [SUNRPC]: Make sure on-stack cmsg buffer is properly aligned.
  [SPARC]: avoid CHILD_MAX and OPEN_MAX constants
  [SPARC64]: Fix SBUS IOMMU allocation code.

17 years agoMerge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
Linus Torvalds [Sat, 14 Apr 2007 01:20:16 +0000 (18:20 -0700)]
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
  [NETFILTER] arp_tables: Fix unaligned accesses.
  [IPV6] SNMP: Fix {In,Out}NoRoutes statistics.
  [IPSEC] XFRM_USER: kernel panic when large security contexts in ACQUIRE
  [VLAN]: Allow VLAN interface on top of bridge interface
  [PKTGEN]: Add try_to_freeze()
  [NETFILTER]: ipt_ULOG: use put_unaligned

17 years ago[NETFILTER] arp_tables: Fix unaligned accesses.
David S. Miller [Fri, 13 Apr 2007 23:37:54 +0000 (16:37 -0700)]
[NETFILTER] arp_tables: Fix unaligned accesses.

There are two device string comparison loops in arp_packet_match().
The first one goes byte-by-byte but the second one tries to be
clever and cast the string to a long and compare by longs.

The device name strings in the arp table entries are not guarenteed
to be aligned enough to make this value, so just use byte-by-byte
for both cases.

Based upon a report by <drraid@gmail.com>.

Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[IPV6] SNMP: Fix {In,Out}NoRoutes statistics.
YOSHIFUJI Hideaki [Fri, 13 Apr 2007 23:18:02 +0000 (16:18 -0700)]
[IPV6] SNMP: Fix {In,Out}NoRoutes statistics.

A packet which is being discarded because of no routes in the
forwarding path should not be counted as OutNoRoutes but as
InNoRoutes.
Additionally, on this occasion, a packet whose destinaion is
not valid should be counted as InAddrErrors separately.

Based on patch from Mitsuru Chinen <mitch@linux.vnet.ibm.com>.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[IPSEC] XFRM_USER: kernel panic when large security contexts in ACQUIRE
Joy Latten [Fri, 13 Apr 2007 23:14:35 +0000 (16:14 -0700)]
[IPSEC] XFRM_USER: kernel panic when large security contexts in ACQUIRE

When sending a security context of 50+ characters in an ACQUIRE
message, following kernel panic occurred.

kernel BUG in xfrm_send_acquire at net/xfrm/xfrm_user.c:1781!
cpu 0x3: Vector: 700 (Program Check) at [c0000000421bb2e0]
    pc: c00000000033b074: .xfrm_send_acquire+0x240/0x2c8
    lr: c00000000033b014: .xfrm_send_acquire+0x1e0/0x2c8
    sp: c0000000421bb560
   msr: 8000000000029032
  current = 0xc00000000fce8f00
  paca    = 0xc000000000464b00
    pid   = 2303, comm = ping
kernel BUG in xfrm_send_acquire at net/xfrm/xfrm_user.c:1781!
enter ? for help
3:mon> t
[c0000000421bb650c00000000033538c .km_query+0x6c/0xec
[c0000000421bb6f0c000000000337374 .xfrm_state_find+0x7f4/0xb88
[c0000000421bb7f0c000000000332350 .xfrm_tmpl_resolve+0xc4/0x21c
[c0000000421bb8d0c0000000003326e8 .xfrm_lookup+0x1a0/0x5b0
[c0000000421bba00c0000000002e6ea0 .ip_route_output_flow+0x88/0xb4
[c0000000421bbaa0c0000000003106d8 .ip4_datagram_connect+0x218/0x374
[c0000000421bbbd0c00000000031bc00 .inet_dgram_connect+0xac/0xd4
[c0000000421bbc60c0000000002b11ac .sys_connect+0xd8/0x120
[c0000000421bbd90c0000000002d38d0 .compat_sys_socketcall+0xdc/0x214
[c0000000421bbe30c00000000000869c syscall_exit+0x0/0x40
--- Exception: c00 (System Call) at 0000000007f0ca9c
SP (fc0ef8f0) is in userspace

We are using size of security context from xfrm_policy to determine
how much space to alloc skb and then putting security context from
xfrm_state into skb. Should have been using size of security context
from xfrm_state to alloc skb. Following fix does that

Signed-off-by: Joy Latten <latten@austin.ibm.com>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[VLAN]: Allow VLAN interface on top of bridge interface
Jerome Borsboom [Fri, 13 Apr 2007 23:12:47 +0000 (16:12 -0700)]
[VLAN]: Allow VLAN interface on top of bridge interface

When a VLAN interface is created on top of a bridge interface and
netfilter is enabled to see the bridged packets, the packets can be
corrupted when passing through the netfilter code. This is caused by the
VLAN driver not setting the 'protocol' and 'nh' members of the sk_buff
structure. In general, this is no problem as the VLAN interface is mostly
connected to a physical ethernet interface which does not use the
'protocol' and 'nh' members. For a bridge interface, however, these
members do matter.

Signed-off-by: Jerome Borsboom <j.borsboom@erasmusmc.nl>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[SPARC64]: Fix inline directive in pci_iommu.c
Tom "spot" Callaway [Fri, 13 Apr 2007 20:35:35 +0000 (13:35 -0700)]
[SPARC64]: Fix inline directive in pci_iommu.c

While building a test kernel for the new esp driver (against
git-current), I hit this bug. Trivial fix, put the inline declaration
in the right place. :)

Signed-off-by: Tom "spot" Callaway <tcallawa@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
17 years ago[SPARC64]: Fix arg passing to compat_sys_ipc().
David S. Miller [Fri, 13 Apr 2007 20:27:08 +0000 (13:27 -0700)]
[SPARC64]: Fix arg passing to compat_sys_ipc().

Do not sign extend args using the sys32_ipc stub, that is
buggy and unnecessary.

Based upon an excellent report by Mikael Pettersson.

Signed-off-by: David S. Miller <davem@davemloft.net>