1. 27 Apr, 2011 19 commits
  2. 26 Apr, 2011 7 commits
  3. 25 Apr, 2011 8 commits
    • David S. Miller's avatar
      bluetooth: Fix use-before-initiailized var. · bf734843
      David S. Miller authored
      net/bluetooth/l2cap_core.c: In function ‘l2cap_recv_frame’:
      net/bluetooth/l2cap_core.c:3612:15: warning: ‘sk’ may be used uninitialized in this function
      net/bluetooth/l2cap_core.c:3612:15: note: ‘sk’ was declared here
      
      Actually the problem is in the inline function l2cap_data_channel(), we
      branch to the label 'done' which tests 'sk' before we set it to anything.
      
      Initialize it to NULL to fix this.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      bf734843
    • David S. Miller's avatar
    • Somnath Kotur's avatar
      be2net: Fixed a bug in be_cmd_get_regs(). · fe2a70ee
      Somnath Kotur authored
      Same WRB entry was being reused over different iterations of a
      loop while issuing non-embedded IOCTL requests.Fixed couple of minor bugs
      in this path as well.
      Re-factored code to alloc/free memory for DMA outside of loop
      Signed-off-by: default avatarSomnath Kotur <somnath.kotur@emulex.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      fe2a70ee
    • Jiri Pirko's avatar
      bonding: move processing of recv handlers into handle_frame() · 3aba891d
      Jiri Pirko authored
      Since now when bonding uses rx_handler, all traffic going into bond
      device goes thru bond_handle_frame. So there's no need to go back into
      bonding code later via ptype handlers. This patch converts
      original ptype handlers into "bonding receive probes". These functions
      are called from bond_handle_frame and they are registered per-mode.
      
      Note that vlan packets are also handled because they are always untagged
      thanks to vlan_untag()
      
      Note that this also allows arpmon for eth-bond-bridge-vlan topology.
      Signed-off-by: default avatarJiri Pirko <jpirko@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      3aba891d
    • Michał Mirosław's avatar
    • Held Bernhard's avatar
      net: provide cow_metrics() methods to blackhole dst_ops · 0972ddb2
      Held Bernhard authored
      Since commit 62fa8a84 (net: Implement read-only protection and COW'ing
      of metrics.) the kernel throws an oops.
      
      [  101.620985] BUG: unable to handle kernel NULL pointer dereference at
                 (null)
      [  101.621050] IP: [<          (null)>]           (null)
      [  101.621084] PGD 6e53c067 PUD 3dd6a067 PMD 0
      [  101.621122] Oops: 0010 [#1] SMP
      [  101.621153] last sysfs file: /sys/devices/virtual/ppp/ppp/uevent
      [  101.621192] CPU 2
      [  101.621206] Modules linked in: l2tp_ppp pppox ppp_generic slhc
      l2tp_netlink l2tp_core deflate zlib_deflate twofish_x86_64
      twofish_common des_generic cbc ecb sha1_generic hmac af_key
      iptable_filter snd_pcm_oss snd_mixer_oss snd_seq snd_seq_device loop
      snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec
      snd_pcm snd_timer snd i2c_i801 iTCO_wdt psmouse soundcore snd_page_alloc
      evdev uhci_hcd ehci_hcd thermal
      [  101.621552]
      [  101.621567] Pid: 5129, comm: openl2tpd Not tainted 2.6.39-rc4-Quad #3
      Gigabyte Technology Co., Ltd. G33-DS3R/G33-DS3R
      [  101.621637] RIP: 0010:[<0000000000000000>]  [<          (null)>]   (null)
      [  101.621684] RSP: 0018:ffff88003ddeba60  EFLAGS: 00010202
      [  101.621716] RAX: ffff88003ddb5600 RBX: ffff88003ddb5600 RCX:
      0000000000000020
      [  101.621758] RDX: ffffffff81a69a00 RSI: ffffffff81b7ee61 RDI:
      ffff88003ddb5600
      [  101.621800] RBP: ffff8800537cd900 R08: 0000000000000000 R09:
      ffff88003ddb5600
      [  101.621840] R10: 0000000000000005 R11: 0000000000014b38 R12:
      ffff88003ddb5600
      [  101.621881] R13: ffffffff81b7e480 R14: ffffffff81b7e8b8 R15:
      ffff88003ddebad8
      [  101.621924] FS:  00007f06e4182700(0000) GS:ffff88007fd00000(0000)
      knlGS:0000000000000000
      [  101.621971] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      [  101.622005] CR2: 0000000000000000 CR3: 0000000045274000 CR4:
      00000000000006e0
      [  101.622046] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
      0000000000000000
      [  101.622087] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7:
      0000000000000400
      [  101.622129] Process openl2tpd (pid: 5129, threadinfo
      ffff88003ddea000, task ffff88003de9a280)
      [  101.622177] Stack:
      [  101.622191]  ffffffff81447efa ffff88007d3ded80 ffff88003de9a280
      ffff88007d3ded80
      [  101.622245]  0000000000000001 ffff88003ddebbb8 ffffffff8148d5a7
      0000000000000212
      [  101.622299]  ffff88003dcea000 ffff88003dcea188 ffffffff00000001
      ffffffff81b7e480
      [  101.622353] Call Trace:
      [  101.622374]  [<ffffffff81447efa>] ? ipv4_blackhole_route+0x1ba/0x210
      [  101.622415]  [<ffffffff8148d5a7>] ? xfrm_lookup+0x417/0x510
      [  101.622450]  [<ffffffff8127672a>] ? extract_buf+0x9a/0x140
      [  101.622485]  [<ffffffff8144c6a0>] ? __ip_flush_pending_frames+0x70/0x70
      [  101.622526]  [<ffffffff8146fbbf>] ? udp_sendmsg+0x62f/0x810
      [  101.622562]  [<ffffffff813f98a6>] ? sock_sendmsg+0x116/0x130
      [  101.622599]  [<ffffffff8109df58>] ? find_get_page+0x18/0x90
      [  101.622633]  [<ffffffff8109fd6a>] ? filemap_fault+0x12a/0x4b0
      [  101.622668]  [<ffffffff813fb5c4>] ? move_addr_to_kernel+0x64/0x90
      [  101.622706]  [<ffffffff81405d5a>] ? verify_iovec+0x7a/0xf0
      [  101.622739]  [<ffffffff813fc772>] ? sys_sendmsg+0x292/0x420
      [  101.622774]  [<ffffffff810b994a>] ? handle_pte_fault+0x8a/0x7c0
      [  101.622810]  [<ffffffff810b76fe>] ? __pte_alloc+0xae/0x130
      [  101.622844]  [<ffffffff810ba2f8>] ? handle_mm_fault+0x138/0x380
      [  101.622880]  [<ffffffff81024af9>] ? do_page_fault+0x189/0x410
      [  101.622915]  [<ffffffff813fbe03>] ? sys_getsockname+0xf3/0x110
      [  101.622952]  [<ffffffff81450c4d>] ? ip_setsockopt+0x4d/0xa0
      [  101.622986]  [<ffffffff813f9932>] ? sockfd_lookup_light+0x22/0x90
      [  101.623024]  [<ffffffff814b61fb>] ? system_call_fastpath+0x16/0x1b
      [  101.623060] Code:  Bad RIP value.
      [  101.623090] RIP  [<          (null)>]           (null)
      [  101.623125]  RSP <ffff88003ddeba60>
      [  101.623146] CR2: 0000000000000000
      [  101.650871] ---[ end trace ca3856a7d8e8dad4 ]---
      [  101.651011] __sk_free: optmem leakage (160 bytes) detected.
      
      The oops happens in dst_metrics_write_ptr()
      include/net/dst.h:124: return dst->ops->cow_metrics(dst, p);
      
      dst->ops->cow_metrics is NULL and causes the oops.
      
      Provide cow_metrics() methods, like we did in commit 214f45c9
      (net: provide default_advmss() methods to blackhole dst_ops)
      Signed-off-by: default avatarHeld Bernhard <berny156@gmx.de>
      Signed-off-by: default avatarEric Dumazet <eric.dumazet@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      0972ddb2
    • John W. Linville's avatar
      Merge branch 'master' of... · cfef6047
      John W. Linville authored
      Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-next-2.6 into for-davem
      
      Conflicts:
      	drivers/net/wireless/iwlwifi/iwl-core.c
      	drivers/net/wireless/rt2x00/rt2x00queue.c
      	drivers/net/wireless/rt2x00/rt2x00queue.h
      cfef6047
    • Hans Petter Selasky's avatar
      cdc_ncm: fix short packet issue on some devices · 8c61d9d6
      Hans Petter Selasky authored
      The default maximum transmit length for NCM USB frames should be so
      that a short packet happens at the end if the device supports a length
      greater than the defined maximum. This is achieved by adding 4 bytes
      to the maximum length so that the existing logic can fit a short
      packet there.
      Signed-off-by: default avatarHans Petter Selasky <hselasky@c2i.net>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      8c61d9d6
  4. 24 Apr, 2011 3 commits
  5. 23 Apr, 2011 1 commit
  6. 22 Apr, 2011 2 commits
    • Neil Horman's avatar
      netconsole: fix deadlock when removing net driver that netconsole is using (v2) · 13f172ff
      Neil Horman authored
      A deadlock was reported to me recently that occured when netconsole was being
      used in a virtual guest.  If the virtio_net driver was removed while netconsole
      was setup to use an interface that was driven by that driver, the guest
      deadlocked.  No backtrace was provided because netconsole was the only console
      configured, but it became clear pretty quickly what the problem was.  In
      netconsole_netdev_event, if we get an unregister event, we call
      __netpoll_cleanup with the target_list_lock held and irqs disabled.
      __netpoll_cleanup can, if pending netpoll packets are waiting call
      cancel_delayed_work_sync, which is a sleeping path.  the might_sleep call in
      that path gets triggered, causing a console warning to be issued.  The
      netconsole write handler of course tries to take the target_list_lock again,
      which we already hold, causing deadlock.
      
      The fix is pretty striaghtforward.  Simply drop the target_list_lock and
      re-enable irqs prior to calling __netpoll_cleanup, the re-acquire the lock, and
      restart the loop.  Confirmed by myself to fix the problem reported.
      Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      CC: "David S. Miller" <davem@davemloft.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      13f172ff
    • David S. Miller's avatar