summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'master' of ↵David S. Miller2009-04-295-18/+23
|\ | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6
| * mac80211: default to automatic power controlJohannes Berg2009-04-291-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | In "mac80211: correct wext transmit power handler" I fixed the wext handler, but forgot to make the default of the user_power_level -1 (aka "auto"), so that now the transmit power is always set to 0, causing associations to time out and similar problems since we're transmitting with very little power. Correct this by correcting the default user_power_level to -1. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Bisected-by: Niel Lambrechts <niel.lambrechts@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * mac80211: fix modprobe deadlock by not calling wep_init under rtnl_lockAlan Jenkins2009-04-291-10/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - ieee80211_wep_init(), which is called with rtnl_lock held, blocks in request_module() [waiting for modprobe to load a crypto module]. - modprobe blocks in a call to flush_workqueue(), when it closes a TTY [presumably when it exits]. - The workqueue item linkwatch_event() blocks on rtnl_lock. There's no reason for wep_init() to be called with rtnl_lock held, so just move it outside the critical section. Signed-off-by: Alan Jenkins <alan-jenkins@tuffmail.co.uk> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * ath5k: fix buffer overrun in rate debug codeBob Copeland2009-04-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | char bname[5] is too small for the string "X GHz" when the null terminator is taken into account. Thus, turning on rate debugging can crash unless we have lucky stack alignment. Cc: stable@kernel.org Reported-by: Paride Legovini <legovini@spiro.fisica.unipd.it> Signed-off-by: Bob Copeland <me@bobcopeland.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * iwlwifi: notify on scan completion even when shutting downJohannes Berg2009-04-281-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Under certain circumstances iwlwifi can get stuck and will no longer accept scan requests, because the core code (cfg80211) thinks that it's still processing one. This fixes one of the points where it can happen, but I've still seen it (although only with my radio-off-when-idle patch). Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Acked-by: Reinette Chatre <reinette.chatre@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * rndis_wlan: fix initialization order for workqueue&workersJussi Kivilinna2009-04-281-4/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | rndis_wext_link_change() might be called from rndis_command() at initialization stage and priv->workqueue/priv->work have not been initialized yet. This causes invalid opcode at rndis_wext_bind on some brands of bcm4320. Fix by initializing workqueue/workers in rndis_wext_bind() before rndis_command is used. This bug has existed since 2.6.25, reported at: http://bugzilla.kernel.org/show_bug.cgi?id=12794 Signed-off-by: Jussi Kivilinna <jussi.kivilinna@mbnet.fi> Signed-off-by: John W. Linville <linville@tuxdriver.com>
| * wireless: remove unneeded EXPORT_SYMBOL the tickles a powerpc compiler bugStephen Rothwell2009-04-281-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | drivers/net/wireless/iwlwifi/iwl3945-base.c:1415: error: __ksymtab_iwl3945_rx_queue_reset causes a section type conflict I am pretty sure that this is a compiler bug, so not to worry. However, as far as I can see, iwl-3945.o (the only user) and iwl3945-base.o are always linked into the same module, so the EXPORT_SYMBOL (which causes the problem) should not be needed. Correct? Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | e100: do not go D3 in shutdown unless system is powering offThadeu Lima de Souza Cascardo2009-04-281-7/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After experimenting with kexec with the last merges after 2.6.29, I've had some problems when probing e100. It would not read the eeprom. After some bisects, I realized this has been like that since forever (at least 2.6.18). The problem is that shutdown is doing the same thing that suspend does and puts the device in D3 state. I couldn't find a way to get the device back to a sane state in the probe function. So, based on some similar patches from Rafael J. Wysocki for e1000, e1000e, and ixgbe, I wrote this one for e100. Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@holoscopio.com> Acked-by: "Rafael J. Wysocki" <rjw@sisk.pl> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | Merge branch 'master' of ↵David S. Miller2009-04-285-31/+61
|\ \ | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/holtmann/bluetooth-2.6
| * | Bluetooth: Fix connection establishment with low security requirementMarcel Holtmann2009-04-281-6/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Bluetooth 2.1 specification introduced four different security modes that can be mapped using Legacy Pairing and Simple Pairing. With the usage of Simple Pairing it is required that all connections (except the ones for SDP) are encrypted. So even the low security requirement mandates an encrypted connection when using Simple Pairing. When using Legacy Pairing (for Bluetooth 2.0 devices and older) this is not required since it causes interoperability issues. To support this properly the low security requirement translates into different host controller transactions depending if Simple Pairing is supported or not. However in case of Simple Pairing the command to switch on encryption after a successful authentication is not triggered for the low security mode. This patch fixes this and actually makes the logic to differentiate between Simple Pairing and Legacy Pairing a lot simpler. Based on a report by Ville Tervo <ville.tervo@nokia.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
| * | Bluetooth: Add different pairing timeout for Legacy PairingMarcel Holtmann2009-04-284-3/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Bluetooth stack uses a reference counting for all established ACL links and if no user (L2CAP connection) is present, the link will be terminated to save power. The problem part is the dedicated pairing when using Legacy Pairing (Bluetooth 2.0 and before). At that point no user is present and pairing attempts will be disconnected within 10 seconds or less. In previous kernel version this was not a problem since the disconnect timeout wasn't triggered on incoming connections for the first time. However this caused issues with broken host stacks that kept the connections around after dedicated pairing. When the support for Simple Pairing got added, the link establishment procedure needed to be changed and now causes issues when using Legacy Pairing When using Simple Pairing it is possible to do a proper reference counting of ACL link users. With Legacy Pairing this is not possible since the specification is unclear in some areas and too many broken Bluetooth devices have already been deployed. So instead of trying to deal with all the broken devices, a special pairing timeout will be introduced that increases the timeout to 60 seconds when pairing is triggered. If a broken devices now puts the stack into an unforeseen state, the worst that happens is the disconnect timeout triggers after 120 seconds instead of 4 seconds. This allows successful pairings with legacy and broken devices now. Based on a report by Johan Hedberg <johan.hedberg@nokia.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
| * | Bluetooth: Ensure that HCI sysfs add/del is preempt safeRoger Quadros2009-04-282-22/+18
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use a different work_struct variables for add_conn() and del_conn() and use single work queue instead of two for adding and deleting connections. It eliminates the following error on a preemptible kernel: [ 204.358032] Unable to handle kernel NULL pointer dereference at virtual address 0000000c [ 204.370697] pgd = c0004000 [ 204.373443] [0000000c] *pgd=00000000 [ 204.378601] Internal error: Oops: 17 [#1] PREEMPT [ 204.383361] Modules linked in: vfat fat rfcomm sco l2cap sd_mod scsi_mod iphb pvr2d drm omaplfb ps [ 204.438537] CPU: 0 Not tainted (2.6.28-maemo2 #1) [ 204.443664] PC is at klist_put+0x2c/0xb4 [ 204.447601] LR is at klist_put+0x18/0xb4 [ 204.451568] pc : [<c0270f08>] lr : [<c0270ef4>] psr: a0000113 [ 204.451568] sp : cf1b3f10 ip : cf1b3f10 fp : cf1b3f2c [ 204.463104] r10: 00000000 r9 : 00000000 r8 : bf08029c [ 204.468353] r7 : c7869200 r6 : cfbe2690 r5 : c78692c8 r4 : 00000001 [ 204.474945] r3 : 00000001 r2 : cf1b2000 r1 : 00000001 r0 : 00000000 [ 204.481506] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment kernel [ 204.488861] Control: 10c5387d Table: 887fc018 DAC: 00000017 [ 204.494628] Process btdelconn (pid: 515, stack limit = 0xcf1b22e0) Signed-off-by: Roger Quadros <ext-roger.quadros@nokia.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
* | netfilter: revised locking for x_tablesStephen Hemminger2009-04-285-296/+204
|/ | | | | | | | | | | | | | | | | The x_tables are organized with a table structure and a per-cpu copies of the counters and rules. On older kernels there was a reader/writer lock per table which was a performance bottleneck. In 2.6.30-rc, this was converted to use RCU and the counters/rules which solved the performance problems for do_table but made replacing rules much slower because of the necessary RCU grace period. This version uses a per-cpu set of spinlocks and counters to allow to table processing to proceed without the cache thrashing of a global reader lock and keeps the same performance for table updates. Signed-off-by: Stephen Hemminger <shemminger@vyatta.com> Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* net: Avoid extra wakeups of threads blocked in wait_for_packet()Eric Dumazet2009-04-282-3/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In 2.6.25 we added UDP mem accounting. This unfortunatly added a penalty when a frame is transmitted, since we have at TX completion time to call sock_wfree() to perform necessary memory accounting. This calls sock_def_write_space() and utimately scheduler if any thread is waiting on the socket. Thread(s) waiting for an incoming frame was scheduled, then had to sleep again as event was meaningless. (All threads waiting on a socket are using same sk_sleep anchor) This adds lot of extra wakeups and increases latencies, as noted by Christoph Lameter, and slows down softirq handler. Reference : http://marc.info/?l=linux-netdev&m=124060437012283&w=2 Fortunatly, Davide Libenzi recently added concept of keyed wakeups into kernel, and particularly for sockets (see commit 37e5540b3c9d838eb20f2ca8ea2eb8072271e403 epoll keyed wakeups: make sockets use keyed wakeups) Davide goal was to optimize epoll, but this new wakeup infrastructure can help non epoll users as well, if they care to setup an appropriate handler. This patch introduces new DEFINE_WAIT_FUNC() helper and uses it in wait_for_packet(), so that only relevant event can wakeup a thread blocked in this function. Trace of function calls from bnx2 TX completion bnx2_poll_work() is : __kfree_skb() skb_release_head_state() sock_wfree() sock_def_write_space() __wake_up_sync_key() __wake_up_common() receiver_wake_function() : Stops here since thread is waiting for an INPUT Reported-by: Christoph Lameter <cl@linux.com> Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* net: Fix typo in net_device_ops description.Mike Rapoport2009-04-271-1/+1
| | | | | Signed-off-by: Mike Rapoport <mike@compulab.co.il> Signed-off-by: David S. Miller <davem@davemloft.net>
* ipv4: Limit size of route cache hash tableAnton Blanchard2009-04-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Right now we have no upper limit on the size of the route cache hash table. On a 128GB POWER6 box it ends up as 32MB: IP route cache hash table entries: 4194304 (order: 9, 33554432 bytes) It would be nice to cap this for memory consumption reasons, but a massive hashtable also causes a significant spike when measuring OS jitter. With a 32MB hashtable and 4 million entries, rt_worker_func is taking 5 ms to complete. On another system with more memory it's taking 14 ms. Even though rt_worker_func does call cond_sched() to limit its impact, in an HPC environment we want to keep all sources of OS jitter to a minimum. With the patch applied we limit the number of entries to 512k which can still be overriden by using the rt_entries boot option: IP route cache hash table entries: 524288 (order: 6, 4194304 bytes) With this patch rt_worker_func now takes 0.460 ms on the same system. Signed-off-by: Anton Blanchard <anton@samba.org> Acked-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* Add reference to CAPI 2.0 standardKarsten Keil2009-04-271-7/+13
| | | | | | | | Move the entry about CAPI 2.0 to the beginning and add a URL. Incorporate changes suggested by Randy Dunlap, thanks for proofreading. Signed-off-by: Karsten Keil <keil@b1-systems.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* Documentation/isdn/INTERFACE.CAPITilman Schmidt2009-04-273-0/+380
| | | | | | | | | | | | | | | isdn: document Kernel CAPI driver interface Create a file Documentation/isdn/INTERFACE.CAPI describing the interface between the kernel CAPI subsystem and ISDN device drivers, analogous to the existing Documentation/isdn/INTERFACE for the old isdn4linux subsystem. Also add kerneldoc comments to the exported functions in drivers/isdn/capi/kcapi.c. Impact: Documentation Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: Karsten Keil <keil@b1-systems.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* update Documentation/isdn/00-INDEXTilman Schmidt2009-04-271-4/+11
| | | | | | | | | After the merging of mISDN, state which files refer only to the old isdn4linux subsystem. Also add a few missing files. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: Karsten Keil <keil@b1-systems.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* ixgbe: Fix WoL functionality for 82599 KX4 devicesWaskiewicz Jr, Peter P2009-04-272-55/+6
| | | | | | | | | | | | | The current code writes the PME enabled bit in PCI config space which is wrong. This was needed for pre-release hardware, and was not removed from the driver. Also, we need to clear the WUS (wake up status) after we resume. Otherwise we can't wake for the same event again since it's still asserted in the hardware. Plus, the multicast lists were being written improperly, causing multicast WoL to fail. Signed-off-by: Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* veth: prevent oops caused by netdev destructorStephen Hemminger2009-04-271-25/+16
| | | | | | | | | | | | | From: Stephen Hemminger <shemminger@vyatta.com> The veth driver will oops if sysfs hooks are open while module is removed. The net device destructor can not point to code in a module; basically there are only two possible safe values: NULL - no destructor, or free_netdev - free on last use Signed-off-by: David S. Miller <davem@davemloft.net>
* xfrm: wrong hash value for temporary SANicolas Dichtel2009-04-271-3/+3
| | | | | | | | | | When kernel inserts a temporary SA for IKE, it uses the wrong hash value for dst list. Two hash values were calcultated before: one with source address and one with a wildcard source address. Bug hinted by Junwei Zhang <junwei.zhang@6wind.com> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* forcedeth: tx timeout fixAyaz Abdulla2009-04-271-10/+21
| | | | | | | | | This patch fixes the tx_timeout() to properly handle the clean up of the tx ring. It also sets the tx put pointer back to the correct position to be in sync with HW. Signed-off-by: Ayaz Abdulla <aabdulla@nvidia.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* net: Fix LL_MAX_HEADER for CONFIG_TR_MODULEAdrian Bunk2009-04-271-1/+1
| | | | | | | Unless I miss anything this should fix a bug. Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* mlx4_en: Handle page allocation failure during receiveYevgeny Petrilin2009-04-271-0/+4
| | | | | | | | If we failed to allocate new fragments for receive buffer, the packet should be dropped and packets should be reused. Signed-off-by: Yevgeny Petrilin <yevgenyp@mellanox.co.il> Signed-off-by: David S. Miller <davem@davemloft.net>
* mlx4_en: Fix cleanup flow on cq activationYevgeny Petrilin2009-04-271-1/+1
| | | | | | | | In case of mlx4_en_activate_cq() failure, the cleanup code would go to rx_err and try to disable unactivated rings. Signed-off-by: Yevgeny Petrilin <yevgenyp@mellanox.co.il> Signed-off-by: David S. Miller <davem@davemloft.net>
* vlan: update vlan carrier state for admin up/downJay Vosburgh2009-04-252-0/+7
| | | | | | | | | | | | | | | | | | | Currently, the VLAN event handler does not adjust the VLAN device's carrier state when the real device or the VLAN device is set administratively up or down. The following patch adds a transfer of operating state from the real device to the VLAN device when the real device is administratively set up or down, and sets the carrier state up or down during init, open and close of the VLAN device. This permits observers above the VLAN device that care about the carrier state (bonding's link monitor, for example) to receive updates for administrative changes by more closely mimicing the behavior of real devices. Signed-off-by: Jay Vosburgh <fubar@us.ibm.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
* Merge branch 'master' of ↵David S. Miller2009-04-256-9/+32
|\ | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6
| * netfilter: xt_recent: fix stack overread in compat codeJan Engelhardt2009-04-241-5/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Related-to: commit 325fb5b4d26038cba665dd0d8ee09555321061f0 The compat path suffers from a similar problem. It only uses a __be32 when all of the recent code uses, and expects, an nf_inet_addr everywhere. As a result, addresses stored by xt_recents were filled with whatever other stuff was on the stack following the be32. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> With a minor compile fix from Roman. Reported-and-tested-by: Roman Hoog Antink <rha@open.ch> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netfilter: nf_ct_dccp: add missing role attributes for DCCPPablo Neira Ayuso2009-04-242-1/+15
| | | | | | | | | | | | | | | | | | | | | | This patch adds missing role attribute to the DCCP type, otherwise the creation of entries is not of any use. The attribute added is CTA_PROTOINFO_DCCP_ROLE which contains the role of the conntrack original tuple. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netfilter: Kconfig: TProxy doesn't depend on NF_CONNTRACKLaszlo Attila Toth2009-04-241-2/+2
| | | | | | | | | | Signed-off-by: Laszlo Attila Toth <panther@balabit.hu> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netfilter: nf_ct_dccp/udplite: fix protocol registration errorPatrick McHardy2009-04-242-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Commit d0dba725 (netfilter: ctnetlink: add callbacks to the per-proto nlattrs) changed the protocol registration function to abort if the to-be registered protocol doesn't provide a new callback function. The DCCP and UDP-Lite IPv6 protocols were missed in this conversion, add the required callback pointer. Reported-and-tested-by: Steven Jan Springl <steven@springl.ukfsn.org> Signed-off-by: Patrick McHardy <kaber@trash.net>
| * netfilter: bridge: allow fragmentation of VLAN packets traversing a bridgehummerbliss@gmail.com2009-04-201-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | br_nf_dev_queue_xmit only checks for ETH_P_IP packets for fragmenting but not VLAN packets. This results in dropping of large VLAN packets. This can be observed when connection tracking is enabled. Connection tracking re-assembles fragmented packets, and these have to re-fragmented when transmitting out. Also, make sure only refragmented packets are defragmented as per suggestion from Patrick McHardy. Signed-off-by: Saikiran Madugula <hummerbliss@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
* | netfilter: ctnetlink: fix gcc warning during compilationPablo Neira Ayuso2009-04-221-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | This patch fixes a (bogus?) gcc warning during compilation: net/netfilter/nf_conntrack_netlink.c:1234: warning: 'helpname' may be used uninitialized in this function net/netfilter/nf_conntrack_netlink.c:991: warning: 'helpname' may be used uninitialized in this function In fact, helpname is initialized by ctnetlink_parse_help() so I cannot see a way to use it without being initialized. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
* | net/netrom: Fix socket lockingJean Delvare2009-04-221-2/+4
| | | | | | | | | | | | | | | | | | | | Patch "af_rose/x25: Sanity check the maximum user frame size" (commit 83e0bbcbe2145f160fbaa109b0439dae7f4a38a9) from Alan Cox got locking wrong. If we bail out due to user frame size being too large, we must unlock the socket beforehand. Signed-off-by: Jean Delvare <jdelvare@suse.de> Signed-off-by: David S. Miller <davem@davemloft.net>
* | netlabel: Always remove the correct address selectorPaul Moore2009-04-221-16/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The NetLabel address selector mechanism has a problem where it can get mistakenly remove the wrong selector when similar addresses are used. The problem is caused when multiple addresses are configured that have different netmasks but the same address, e.g. 127.0.0.0/8 and 127.0.0.0/24. This patch fixes the problem. Reported-by: Etienne Basset <etienne.basset@numericable.fr> Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: James Morris <jmorris@namei.org> Tested-by: Etienne Basset <etienne.basset@numericable.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
* | ucc_geth.c: Fix upsmr setting in RMII modeHeiko Schocher2009-04-221-1/+2
| | | | | | | | | | | | | | | | | | If using the UCC on a MPC8360 in RMII mode, don;t set UCC_GETH_UPSMR_RPM bit in the upsmr register. Signed-off-by: Heiko Schocher <hs@denx.de> Acked-by: Li Yang <leoli@freescale.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | 8139too: fix HW initial flowJianjun kong2009-04-221-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While ifconfig eth0 up kernel calls open() of 8139 driver(8139too.c). In rtl8139_hw_start() of rtl8139_open(), 8139 driver enable RX before setting up the DMA buffer address. In this interval where RX was enabled and DMA buffer address is not yet set up, any incoming broadcast packet would be send to a strange physical address: 0x003e8800 which is the default value of DMA buffer address. Unfortunately, this address is used by Linux kernel. So kernel panics. This patch fix it by setting up DMA buffer address before RX enabled and everything is fine even under broadcast packets attack. Signed-off-by: Jonathan Lin <jon.lin@vatics.com> Signed-off-by: Amos Kong <jianjun@zeuux.org> Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | af_iucv: Fix race when queuing incoming iucv messagesHendrik Brueckner2009-04-211-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | AF_IUCV runs into a race when queuing incoming iucv messages and receiving the resulting backlog. If the Linux system is under pressure (high load or steal time), the message queue grows up, but messages are not received and queued onto the backlog queue. In that case, applications do not receive any data with recvmsg() even if AF_IUCV puts incoming messages onto the message queue. The race can be avoided if the message queue spinlock in the message_pending callback is spreaded across the entire callback function. Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com> Signed-off-by: Ursula Braun <ursula.braun@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | af_iucv: Test additional sk states in iucv_sock_shutdownHendrik Brueckner2009-04-211-0/+3
| | | | | | | | | | | | | | | | Add few more sk states in iucv_sock_shutdown(). Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com> Signed-off-by: Ursula Braun <ursula.braun@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | af_iucv: Reject incoming msgs if RECV_SHUTDOWN is setHendrik Brueckner2009-04-211-1/+3
| | | | | | | | | | | | | | | | | | | | Reject incoming iucv messages if the receive direction has been shut down. It avoids that the queue of outstanding messages increases and exceeds the message limit of the iucv communication path. Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com> Signed-off-by: Ursula Braun <ursula.braun@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | af_iucv: fix oops in iucv_sock_recvmsg() for MSG_PEEK flagHendrik Brueckner2009-04-211-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | If iucv_sock_recvmsg() is called with MSG_PEEK flag set, the skb is enqueued twice. If the socket is then closed, the pointer to the skb is freed twice. Remove the skb_queue_head() call for MSG_PEEK, because the skb_recv_datagram() function already handles MSG_PEEK (does not dequeue the skb). Signed-off-by: Hendrik Brueckner <brueckner@linux.vnet.ibm.com> Signed-off-by: Ursula Braun <ursula.braun@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | af_iucv: consider state IUCV_CLOSING when closing a socketUrsula Braun2009-04-211-0/+3
| | | | | | | | | | | | | | | | Make sure a second invocation of iucv_sock_close() guarantees proper freeing of an iucv path. Signed-off-by: Ursula Braun <ursula.braun@de.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
* | iwlwifi: DMA fixesReinette Chatre2009-04-216-96/+165
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A few issues wrt DMA were uncovered when using the driver with swiotlb. - driver should not use memory after it has been mapped - iwl3945's RX queue management cannot use all of iwlagn because the size of the RX buffer is different. Revert back to using iwl3945 specific routines that map/unmap memory. - no need to "dma_syn_single_range_for_cpu" followed by pci_unmap_single, we can just call pci_unmap_single initially - only map the memory area that will be used by device. this is especially relevant to the mapping of iwl_cmd. we should not map the entire structure because the meta data at the beginning of structure contains the address to be used later for unmapping. If the address to be used for unmapping is stored in mapped data it creates a problem. - ensure that _if_ memory needs to be modified after it is mapped that we call _sync_single_for_cpu first, and then release it back to device with _sync_single_for_device - we mapped the wrong length of data for host commands, with mapped length differing with length provided to device, fix that. Thanks to Jason Andryuk <jandryuk@gmail.com> for significant bisecting help to find these issues. This fixes http://www.intellinuxwireless.org/bugzilla/show_bug.cgi?id=1964 Signed-off-by: Reinette Chatre <reinette.chatre@intel.com> Tested-by: Jason Andryuk <jandryuk@gmail.com> Tested-by: Ben Gamari <bgamari@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | iwlwifi: add debugging for TX pathReinette Chatre2009-04-212-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When debugging TX issues it is helpful to know the seq nr of the frame being transmitted. The seq nr is printed as part of ucode's log informing us which frame is being processed. Having this information printed in driver log makes it easy to match activities between driver and firmware. Also make possible to print TX flags directly. These are already printed as part of entire TX command, but having it printed directly in cpu format makes it easier to look at. Signed-off-by: Reinette Chatre <reinette.chatre@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mwl8: fix build warning.Rami Rosen2009-04-211-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch fixes a build warning in mwl8.c. (Marvell TOPDOG wireless driver) The warning it fixes is: "large integer implicitly truncated to unsigned type." The rx_ctrl member of the mwl8k_rx_desc struct is 8 bit (__u8 ), whereas trying to assign it a 32 bit value (which is returned from cpu_to_le32()) causes the compiler to issue a truncation warning. Signed-off-by: Rami Rosen <ramirose@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: fix alignment calculation bugJohannes Berg2009-04-211-1/+1
| | | | | | | | | | | | | | | | | | | | When checking whether or not a given frame needs to be moved to be properly aligned to a 4-byte boundary, we use & 4 which wasn't intended, this code should check the lowest two bits. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | mac80211: do not print WARN if config interfaceReinette Chatre2009-04-211-2/+13
| | | | | | | | | | | | | | | | | | | | | | It is expected that config interface will always succeed as mac80211 will only request what driver supports. The exception here is when a device has rfkill enabled. At this time the rfkill state is unknown to mac80211 and config interface can fail. When this happens we deal with this error instead of printing a WARN. Signed-off-by: Reinette Chatre <reinette.chatre@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | iwl3945: use cancel_delayed_work_sync to cancel rfkill_pollReinette Chatre2009-04-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Users reported lockup with work still trying to run after module has been unloaded. http://thread.gmane.org/gmane.linux.kernel.wireless.general/30594/focus=30601 Signed-off-by: Reinette Chatre <reinette.chatre@intel.com> Reported-by: TJ <ubuntu@tjworld.net> Reported-by: Huaxu Wan <huaxu.wan@linux.intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* | iwlwifi: fix EEPROM validation mask to include OTP only devicesJay Sternberg2009-04-211-1/+1
| | | | | | | | | | | | | | | | | | | | Fix the bug where some revisions of 6000 series hardware cannot be used. Later versions of 6000 series have the EEPROM replaced by OTP. For these devices to be used we need to expand valid EEPROM mask. Signed-off-by: Jay Sternberg <jay.e.sternberg@linux.intel.com> Signed-off-by: Reinette Chatre <reinette.chatre@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
OpenPOWER on IntegriCloud