summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2008-04-15b43legacy: fix DMA mapping leakageStefano Brivio
This fixes a DMA mapping leakage in the case where we reject a DMA buffer because of its address. The patch by Michael Buesch has been ported to b43legacy. Signed-off-by: Stefano Brivio <stefano.brivio@polimi.it> Cc: Christian Casteyde <casteyde.christian@free.fr> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-15mac80211: remove message on receiving unexpected unencrypted framesJohannes Berg
Some people are getting this message a lot, and we have traced it to broken access points that much too often send completely empty frames (all bytes zeroed, which they shouldn't do at all.) Since we cannot do anything about such frames in any case except the special case where we're debugging an AP, just remove the message. Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-15Update rt2x00 MAINTAINERS entryIvo van Doorn
Add the tree entry for rt2x00 to inform people about the rt2x00.git tree. Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-15Add rfkill to MAINTAINERS fileIvo van Doorn
I have been acting as the maintainer since the rfkill introduction, so lets make it official by adding a rfkill entry in the MAINTAINERS file. Signed-off-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-15rfkill: Fix device type check when toggling statesCarlos Corbacho
rfkill_switch_all() is supposed to only switch all the interfaces of a given type, but does not actually do this; instead, it just switches everything currently in the same state. Add the necessary type check in. (This fixes a bug I've been seeing while developing an rfkill laptop driver, with both bluetooth and wireless simultaneously changing state after only pressing either KEY_WLAN or KEY_BLUETOOTH). Signed-off-by: Carlos Corbacho <carlos@strangeworlds.co.uk> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-15b43legacy: Fix usage of struct device used for DMAingMichael Buesch
This fixes b43legacy for the SSB DMA API change. Signed-off-by: Michael Buesch <mb@bu3sch.de> Cc: Stefano Brivio <stefano.brivio@polimi.it> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-15ssb: Fix usage of struct device used for DMAingMichael Buesch
This fixes DMA on architectures where DMA is nontrivial, like PPC64. We must use the host-device's (PCI) struct device for any DMA operation instead of the SSB device. For this we add a new struct device pointer to the SSB device structure that will always point to the right device for DMAing. Without this patch b43 and b44 drivers won't work on complex-DMA architectures, that for example need dev->archdata for DMA operations. Signed-off-by: Michael Buesch <mb@bu3sch.de> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-15MAINTAINERS: move to generic repository for iwlwifiReinette Chatre
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-15b43legacy: fix initvals loading on bcm4303Stefano Brivio
This allows for the correct initial values to be uploaded to bcm4303 devices. It should be correct, but I can't reliably test this as I suspect there's something going wrong with an hardware rfkill switch on my laptop. Please test. Signed-off-by: Stefano Brivio <stefano.brivio@polimi.it> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-15rtl8187: Add missing priv->vif assignmentsHerton Ronaldo Krzesinski
This adds missing priv->vif assignments after "mac80211: don't use interface indices in drivers" change. As rtl8180, rtl8187 also needs priv->vif to be set, as without this an oops can happen in rtl8187_tx function (priv->vif is passed to ieee80211_rts_duration). Signed-off-by: Herton Ronaldo Krzesinski <herton@mandriva.com.br> Acked-by: Pavel Roskin <proski@gnu.org> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2008-04-15Merge git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6.25Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6.25: sh: export empty_zero_page sh: arch/sh/kernel/traps_32.c needs asm/fpu.h sh: fix compressed kernel build sh64: add missing #include <asm/fpu.h>'s
2008-04-16sh: export empty_zero_pageAndrew Morton
ERROR: "empty_zero_page" [fs/ext4/ext4dev.ko] undefined! Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Paul Mundt <lethal@linux-sh.org>
2008-04-16sh: arch/sh/kernel/traps_32.c needs asm/fpu.hAndrew Morton
arch/sh/kernel/traps_32.c: In function `do_reserved_inst': arch/sh/kernel/traps_32.c:667: error: implicit declaration of function `do_fpu_inst' Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Paul Mundt <lethal@linux-sh.org>
2008-04-16sh: fix compressed kernel buildManuel Lauss
commit 54a015104136974262afa4b8ddd943ea70dec8a2 broke zImage build on sh arch: LD vmlinux SYSMAP System.map SYSMAP .tmp_System.map AS arch/sh/boot/compressed/head_32.o In file included from /k/arch/sh/boot/compressed/head_32.S:11: /k/include/linux/linkage.h:34: error: syntax error in macro parameter list Fix it for both sh and sh64. Signed-off-by: Manuel Lauss <mano@roarinelk.homelinux.net> Signed-off-by: Paul Mundt <lethal@linux-sh.org>
2008-04-16sh64: add missing #include <asm/fpu.h>'sAdrian Bunk
This patch fixes some compile errors due to missing save_fpu() prototypes on sh64 caused by commit 9bbafce2eec190ef7e44b0eb1095ba17ce6ad3af (sh: Fix occasional FPU register corruption under preempt). Signed-off-by: Adrian Bunk <adrian.bunk@movial.fi> Signed-off-by: Paul Mundt <lethal@linux-sh.org>
2008-04-15block: update git url for blktraceJens Axboe
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2008-04-15netconsole: only set CON_PRINTBUFFER if the user specifies a netconsoleMichael Ellerman
Since 0bcc1816188e570bde1d56a208996660f2633ae0 (netconsole: Support dynamic reconfiguration using configfs), the netconsole is always registered, regardless of whether the user actually specified a netconsole configuration on the command line. However because netconsole has CON_PRINTBUFFER set, when it is registered it causes the printk buffer to be replayed to all consoles. When there is no netconsole configured this is a) pointless, and b) somewhat annoying for the user of the existing console. So instead we should only set CON_PRINTBUFFER if there is a netconsole configuration found on the command line. This retains the existing behaviour if a netconsole is setup by the user, and avoids spamming other consoles when we're only registering for the dynamic netconsole case. Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-15[CAN]: Update documentation of struct sockaddr_canOliver Hartkopp
The struct sockaddr_can has been simplified in the code review process. This patch updates this simplification also in the associated documentation in can.txt . Signed-off-by: Oliver Hartkopp <oliver@hartkopp.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-15MAINTAINERS: isdn4linux@listserv.isdn4linux.de is subscribers-onlyPaul Bolle
https://www.isdn4linux.de/mailman/listinfo/isdn4linux: "To prevent spamming, you have to subscribe first. Mails from non-members are silently ignored!" Signed-off-by: Paul Bolle <pebolle@tiscali.nl> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-15[TCP]: Fix never pruned tcp out-of-order queue.Vitaliy Gusev
tcp_prune_queue() doesn't prune an out-of-order queue at all. Therefore sk_rmem_schedule() can fail but the out-of-order queue isn't pruned . This can lead to tcp deadlock state if the next two conditions are held: 1. There are a sequence hole between last received in order segment and segments enqueued to the out-of-order queue. 2. Size of all segments in the out-of-order queue is more than tcp_mem[2]. Signed-off-by: Vitaliy Gusev <vgusev@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-15io context: increment task attachment count in ioc_task_link()Jens Axboe
Thanks to Nikanth Karthikesan <knikanth@suse.de> for reporting this. Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2008-04-14JFFS2 Fix of panics caused by wrong condition for hole frag creation in ↵Alexey Korolev
write_begin This fixes a regression introduced in commit 205c109a7a96d9a3d8ffe64c4068b70811fef5e8 when switching to write_begin/write_end operations in JFFS2. The page offset is miscalculated, leading to corruption of the fragment lists and subsequently to memory corruption and panics. [ Side note: the bug is a fairly direct result of the naming. Nick was likely misled by the use of "offs", since we tend to use the notion of "offset" not as an absolute position, but as an offset _within_ a page or allocation. Alternatively, a "pgoff_t" is a page index, but not a byte offset - our VM naming can be a bit confusing. So in this case, a VM person would likely have called this a "pos", not an "offs", or perhaps talked about byte offsets rather than page offsets (since it's counted in bytes, not pages). - Linus ] Signed-off-by: Alexey Korolev <akorolev@infradead.org> Signed-off-by: Vasiliy Leonenko <vasiliy.leonenko@mail.ru> Signed-off-by: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-04-14[NET_SCHED] sch_api: fix qdisc_tree_decrease_qlen() loopJarek Poplawski
TC_H_MAJ(parentid) for root classes is the same as for ingress, and if ingress qdisc is created qdisc_lookup() returns its pointer (without ingress NULL is returned). After this all qdisc_lookups give the same, and we get endless loop. (I don't know how this could hide for so long - it should trigger with every leaf class deleted if it's qdisc isn't empty.) After this fix qdisc_lookup() is omitted both for ingress and root parents, but looking for root is only wasting a little time here... Many thanks to Enrico Demarin for finding a test for catching this bug, which probably bothered quite a lot of admins. Reported-by: Enrico Demarin <enrico@superclick.com>, Signed-off-by: Jarek Poplawski <jarkao2@gmail.com> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-14locks: fix possible infinite loop in fcntl(F_SETLKW) over nfsJ. Bruce Fields
Miklos Szeredi found the bug: "Basically what happens is that on the server nlm_fopen() calls nfsd_open() which returns -EACCES, to which nlm_fopen() returns NLM_LCK_DENIED. "On the client this will turn into a -EAGAIN (nlm_stat_to_errno()), which in will cause fcntl_setlk() to retry forever." So, for example, opening a file on an nfs filesystem, changing permissions to forbid further access, then trying to lock the file, could result in an infinite loop. And Trond Myklebust identified the culprit, from Marc Eshel and I: 7723ec9777d9832849b76475b1a21a2872a40d20 "locks: factor out generic/filesystem switch from setlock code" That commit claimed to just be reshuffling code, but actually introduced a behavioral change by calling the lock method repeatedly as long as it returned -EAGAIN. We assumed this would be safe, since we assumed a lock of type SETLKW would only return with either success or an error other than -EAGAIN. However, nfs does can in fact return -EAGAIN in this situation, and independently of whether that behavior is correct or not, we don't actually need this change, and it seems far safer not to depend on such assumptions about the filesystem's ->lock method. Therefore, revert the problematic part of the original commit. This leaves vfs_lock_file() and its other callers unchanged, while returning fcntl_setlk and fcntl_setlk64 to their former behavior. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> Tested-by: Miklos Szeredi <mszeredi@suse.cz> Cc: Trond Myklebust <trond.myklebust@fys.uio.no> Cc: Marc Eshel <eshel@almaden.ibm.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-04-14Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/mingo/linux-2.6-sched-devel * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mingo/linux-2.6-sched-devel: revert "sched: fix fair sleepers"
2008-04-14Merge branch 'upstream-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev * 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev: [libata] make ali_atapi_dma static [libata] sata_svw: fix reversed port count
2008-04-14Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (31 commits) [BRIDGE]: Fix crash in __ip_route_output_key with bridge netfilter [NETFILTER]: ipt_CLUSTERIP: fix race between clusterip_config_find_get and _entry_put [IPV6] ADDRCONF: Don't generate temporary address for ip6-ip6 interface. [IPV6] ADDRCONF: Ensure disabling multicast RS even if privacy extensions are disabled. [IPV6]: Use appropriate sock tclass setting for routing lookup. [IPV6]: IPv6 extension header structures need to be packed. [IPV6]: Fix ipv6 address fetching in raw6_icmp_error(). [NET]: Return more appropriate error from eth_validate_addr(). [ISDN]: Do not validate ISDN net device address prior to interface-up [NET]: Fix kernel-doc for skb_segment [SOCK] sk_stamp: should be initialized to ktime_set(-1L, 0) net: check for underlength tap writes net: make struct tun_struct private to tun.c [SCTP]: IPv4 vs IPv6 addresses mess in sctp_inet[6]addr_event. [SCTP]: Fix compiler warning about const qualifiers [SCTP]: Fix protocol violation when receiving an error lenght INIT-ACK [SCTP]: Add check for hmac_algo parameter in sctp_verify_param() [NET_SCHED] cls_u32: refcounting fix for u32_delete() [DCCP]: Fix skb->cb conflicts with IP [AX25]: Potential ax25_uid_assoc-s leaks on module unload. ...
2008-04-14FRV: Correctly determine the address of an illegal instructionDavid Howells
Correctly determine the address of an illegal instruction. The EPCR0 register holds this value (masked by EPCR0_PC) if the validity bit is set (masked by EPCR0_V). So the test as to whether the contents of the register are usable should be involve checking the _V bit, not the _PC bits. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-04-14revert "sched: fix fair sleepers"Ingo Molnar
revert "sched: fix fair sleepers" (e22ecef1d2658ba54ed7d3fdb5d60829fb434c23), because it is causing audio skipping, see: http://bugzilla.kernel.org/show_bug.cgi?id=10428 the patch is correct and the real cause of the skipping is not understood (tracing makes it go away), but time has run out so we'll revert it and re-try in 2.6.26. Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-04-14[BRIDGE]: Fix crash in __ip_route_output_key with bridge netfilterPatrick McHardy
The bridge netfilter code attaches a fake dst_entry with a pointer to a fake net_device structure to skbs it passes up to IPv4 netfilter. This leads to crashes when the skb is passed to __ip_route_output_key when dereferencing the namespace pointer. Since bridging can currently only operate in the init_net namespace, the easiest fix for now is to initialize the nd_net pointer of the fake net_device struct to &init_net. Should fix bugzilla 10323: http://bugzilla.kernel.org/show_bug.cgi?id=10323 Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-14[NETFILTER]: ipt_CLUSTERIP: fix race between clusterip_config_find_get and ↵Pavel Emelyanov
_entry_put Consider we are putting a clusterip_config entry with the "entries" count == 1, and on the other CPU there's a clusterip_config_find_get in progress: CPU1: CPU2: clusterip_config_entry_put: clusterip_config_find_get: if (atomic_dec_and_test(&c->entries)) { /* true */ read_lock_bh(&clusterip_lock); c = __clusterip_config_find(clusterip); /* found - it's still in list */ ... atomic_inc(&c->entries); read_unlock_bh(&clusterip_lock); write_lock_bh(&clusterip_lock); list_del(&c->list); write_unlock_bh(&clusterip_lock); ... dev_put(c->dev); Oops! We have an entry returned by the clusterip_config_find_get, which is a) not in list b) has a stale dev pointer. The problems will happen when the CPU2 will release the entry - it will remove it from the list for the 2nd time, thus spoiling it, and will put a stale dev pointer. The fix is to make atomic_dec_and_test under the clusterip_lock. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: Patrick McHardy <kaber@trash.net>
2008-04-13[IPV6] ADDRCONF: Don't generate temporary address for ip6-ip6 interface.YOSHIFUJI Hideaki
As far as I can remember, I was going to disable privacy extensions on all "tunnel" interfaces. Disable it on ip6-ip6 interface as well. Also, just remove ifdefs for SIT for simplicity. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-13[IPV6] ADDRCONF: Ensure disabling multicast RS even if privacy extensions ↵YOSHIFUJI Hideaki
are disabled. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-13[IPV6]: Use appropriate sock tclass setting for routing lookup.YOSHIFUJI Hideaki
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-13[IPV6]: IPv6 extension header structures need to be packed.YOSHIFUJI Hideaki
struct ipv6_opt_hdr is the common structure for IPv6 extension headers, and it is common to increment the pointer to get the real content. On the other hand, since the structure consists only of 1-byte next-header field and 1-byte length field, size of that structure depends on architecture; 2 or 4. Add "packed" attribute to get 2. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-13[IPV6]: Fix ipv6 address fetching in raw6_icmp_error().David S. Miller
Fixes kernel bugzilla 10437 Based almost entirely upon a patch by Dmitry Butskoy. When deciding what raw sockets to deliver the ICMPv6 to, we should use the addresses in the ICMPv6 quoted IPV6 header, not the top-level one. Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-13[NET]: Return more appropriate error from eth_validate_addr().Patrick McHardy
Paul Bolle wrote: > http://bugzilla.kernel.org/show_bug.cgi?id=9923 would have been much easier to > track down if eth_validate_addr() would somehow complain aloud if an address > is invalid. Shouldn't it make at least some noise? I guess it should return -EADDRNOTAVAIL similar to eth_mac_addr() when validation fails. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-13[ISDN]: Do not validate ISDN net device address prior to interface-upPaul Bolle
Commit bada339 (Validate device addr prior to interface-up) caused a regression in the ISDN network code, see: http://bugzilla.kernel.org/show_bug.cgi?id=9923 The trivial fix is to remove the pointer to eth_validate_addr() in the net_device struct in isdn_net_init(). Signed-off-by: Paul Bolle <pebolle@tiscali.nl> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-13[NET]: Fix kernel-doc for skb_segmentBen Hutchings
The kernel-doc comment for skb_segment is clearly wrong. This states what it actually does. Signed-off-by: Ben Hutchings <bhutchings@solarflare.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-13[SOCK] sk_stamp: should be initialized to ktime_set(-1L, 0)Eric Dumazet
Problem spotted by Andrew Brampton Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12net: check for underlength tap writesRusty Russell
If the user gives a packet under 14 bytes, we'll end up reading off the end of the skb (not oopsing, just reading off the end). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Acked-by: Max Krasnyanskiy <maxk@qualcomm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12net: make struct tun_struct private to tun.cRusty Russell
There's no reason for this to be in the header, and it just hurts recompile time. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Acked-by: Max Krasnyanskiy <maxk@qualcomm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12[SCTP]: IPv4 vs IPv6 addresses mess in sctp_inet[6]addr_event.Pavel Emelyanov
All IP addresses that are present in a system are duplicated on struct sctp_sockaddr_entry. They are linked in the global list called sctp_local_addr_list. And this struct unions IPv4 and IPv6 addresses. So, there can be rare case, when a sockaddr_in.sin_addr coincides with the corresponding part of the sockaddr_in6 and the notifier for IPv4 will carry away an IPv6 entry. The fix is to check the family before comparing the addresses. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12[SCTP]: Fix compiler warning about const qualifiersVlad Yasevich
Fix 3 warnings about discarding const qualifiers: net/sctp/ulpevent.c:862: warning: passing argument 1 of 'sctp_event2skb' discards qualifiers from pointer target type net/sctp/sm_statefuns.c:4393: warning: passing argument 1 of 'SCTP_ASOC' discards qualifiers from pointer target type net/sctp/socket.c:5874: warning: passing argument 1 of 'cmsg_nxthdr' discards qualifiers from pointer target type Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12[SCTP]: Fix protocol violation when receiving an error lenght INIT-ACKGui Jianfeng
When receiving an error length INIT-ACK during COOKIE-WAIT, a 0-vtag ABORT will be responsed. This action violates the protocol apparently. This patch achieves the following things. 1 If the INIT-ACK contains all the fixed parameters, use init-tag recorded from INIT-ACK as vtag. 2 If the INIT-ACK doesn't contain all the fixed parameters, just reflect its vtag. Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12[SCTP]: Add check for hmac_algo parameter in sctp_verify_param()Wei Yongjun
RFC 4890 has the following text: The HMAC algorithm based on SHA-1 MUST be supported and included in the HMAC-ALGO parameter. As a result, we need to check in sctp_verify_param() that HMAC_SHA1 is present in the list. If not, we should probably treat this as a protocol violation. It should also be a protocol violation if the HMAC parameter is empty. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12[NET_SCHED] cls_u32: refcounting fix for u32_delete()Jarek Poplawski
Deleting of nonroot hnodes mostly doesn't work in u32_delete(): refcnt == 1 is expected, but such hnodes' refcnts are initialized with 0 and charged only with "link" nodes. Now they'll start with 1 like usual. Thanks to Patrick McHardy for an improving suggestion. Signed-off-by: Jarek Poplawski <jarkao2@gmail.com> Acked-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12[DCCP]: Fix skb->cb conflicts with IPPatrick McHardy
dev_queue_xmit() and the other IP output functions expect to get a skb with clear or properly initialized skb->cb. Unlike TCP and UDP, the dccp_skb_cb doesn't contain a struct inet_skb_parm at the beginning, so the DCCP-specific data is interpreted by the IP output functions. This can cause false negatives for the conditional POST_ROUTING hook invocation, making the packet bypass the hook. Add a inet_skb_parm/inet6_skb_parm union to the beginning of dccp_skb_cb to avoid clashes. Also add a BUILD_BUG_ON to make sure it fits in the cb. [ Combined with patch from Gerrit Renker to remove two now unnecessary memsets of IPCB(skb)->opt ] Signed-off-by: Patrick McHardy <kaber@trash.net> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12[AX25]: Potential ax25_uid_assoc-s leaks on module unload.Pavel Emelyanov
The ax25_uid_free call walks the ax25_uid_list and releases entries from it. The problem is that after the fisrt call to hlist_del_init the hlist_for_each_entry (which hides behind the ax25_uid_for_each) will consider the current position to be the last and will return. Thus, the whole list will be left not freed. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-04-12tg3: fix MMIO for PPC 44x platformsSergei Shtylyov
The driver stores the PCI resource addresses into 'unsigned long' variable before calling ioremap_nocache() on them. This warrants kernel oops when the registers are accessed on PPC 44x platforms which (being 32-bit) have PCI memory space mapped beyond 4 GB. The arch/ppc/ kernel has a fixup in ioremap() that creates an illusion that the PCI memory resource is mapped below 4 GB, but arch/powerpc/ code got rid of this trick, having instead CONFIG_RESOURCES_64BIT enabled. [ Bump driver version and release date -DaveM ] Signed-off-by: Sergei Shtylyov <sshtylyov@ru.mvista.com> Signed-off-by: David S. Miller <davem@davemloft.net>