- 04 Sep, 2008 3 commits
-
-
Gerrit Renker authored
This updates the use of the `out_invalid_option' label, which produces a Reset (code 5, "Option Error"), to fill in the Data1...Data3 fields as specified in RFC 4340, 5.6. Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
-
Gerrit Renker authored
This updates the option-parsing code with regard to RFC 4340, 5.8: "[..] options with nonsensical lengths (length byte less than two or more than the remaining space in the options portion of the header) MUST be ignored, and any option space following an option with nonsensical length MUST likewise be ignored." Hence in the following cases erratic options will be ignored: 1. The type byte of a multi-byte option is the last byte of the header options (i.e. effective option length of 1). 2. The value of the length byte is less than the minimum 2. This has been changed from previously 3: although no multi-byte option with a length less than 3 yet exists (cf. table 3 in 5.8), a length of 2 is valid. (The switch-statement in dccp_parse has further per-option length checks.) 3. The option length exceeds the length of the remaining option space. Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
-
Wei Yongjun authored
RFC4340 states that if a packet is received with an option error (such as a Mandatory Option as the last byte of the option list), the endpoint should repond with a Reset. In the LISTEN and RESPOND states, the endpoint correctly reponds with Reset, while in the REQUEST/OPEN states, packets with option errors are just ignored. The packet sequence is as follows: Case 1: Endpoint A Endpoint B (CLOSED) (CLOSED) <---------------- REQUEST RESPONSE -----------------> (*1) (with invalid option) <---------------- RESET (with Reset Code 5, "Option Error") (*1) currently just ignored, no Reset is sent Case 2: Endpoint A Endpoint B (OPEN) (OPEN) DATA-ACK -----------------> (*2) (with invalid option) <---------------- RESET (with Reset Code 5, "Option Error") (*2) currently just ignored, no Reset is sent This patch fixes the problem, by generating a Reset instead of silently ignoring option errors. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com> Acked-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
-
- 03 Sep, 2008 21 commits
-
-
David S. Miller authored
-
Eilon Greenstein authored
The allocated RX buffer size was 64 bytes bigger than the PCI mapped size with no good reason. If the packet was actually using the buffer up to its limit and if the last 64 bytes of the buffer crossed 4KB boundary then an unmapped PCI page was accessed. The fix is to use only one parameter for the buffer size - there is no need to differentiate between the buffer size and the PCI mapping size since the extra 64 bytes can actually be used by the FW to align the Ethernet payload to 64 bytes. Also updating the driver version and date Signed-off-by: Eilon Greenstein <eilong@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jouni Malinen authored
Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Jouni Malinen authored
Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Gregory Greenman authored
This patch sets STATUS_EXIT_PENDING on pci_remove. Otherwise iwl4965_down may fail to uninitialize the driver. Signed-off-by: Gregory Greenman <gregory.greenman@intel.com> Signed-off-by: Mohamed Abbas <mohamed.abbas@intel.com> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Gregory Greenman authored
This patch calls apm stop on exit and suspend. Without this patch hardware consumes power even after driver is removed or suspended. Signed-off-by: Gregory Greenman <gregory.greenman@intel.com> Signed-off-by: Mohamed Abbas <mohamed.abbas@intel.com> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Tomas Winkler authored
This patch "iwlwifi: do not use GFP_DMA in iwl_tx_queue_init" removes GFP_DMA from allocation tx command buffers. GFP_DMA allows allocation only for memory under 16M which causes allocation problems suspend/resume flows. Using kmalloc is temporal solution and some consistent/coherent allocation schema will be more correct. Since iwlwifi hardware supports 64bit address this solution should work on x86 (32 and 64bit) for now. This patch fixes memory freeing problem in the previous patch. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Ian Schram <ischram@telenet.be> Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Tomas Winkler authored
This patch fixes rx_chain computation. The code that adjusts number of rx chains to number supported by HW was missing. Miss configuration causes firmware error. Note: iwlwifi supports HW with up to 3 RX chains (2x2, 2x3, 1x2, and 3x3 MIMO). This patch also simplifies the whole RX chain computation. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Mohamed Abbas <mohamed.abbas@intel.com> Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Ron Rindjunsky authored
This patch fixes the wrong use MIMO power save values. Our TX was configured with our MIMO power save values instead of peer's MIMO power save values, this may affect connectivity. The peer STA/AP may not sense our traffic at all as it doesn't have all RX chains opened. Signed-off-by: Ron Rindjunsky <ron.rindjunsky@intel.com> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Mohamed Abbas authored
Rx chain might change during power save transitions but it doesn't require sending Full-ROXN command to the firmware. Full-RXON requires reconnection to an AP and thus affects user experience. The patch avoids the Full-RXON by removing the rx_chain modification check in iwl_full_rxon_required function. Signed-off-by: Mohamed Abbas <mohamed.abbas@intel.com Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Ron Rindjunsky authored
This enables sending of direct probes on passive channels, as long as traffic was detected on that channel. This enables connectivity to hidden/non broadcasting SSIDs APs on passive channels. Note 5000 HW declares all 5.2 spectrum as passive. Signed-off-by: Cahill Ben <ben.m.cahill@intel.com> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Ron Rindjunsky <ron.rindjunsky@intel.com> Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Assaf Krauss authored
This patch is a W/A for the TSF sync issue in IBSS merging. HW is not capable to sync TSF (it's constantly little behind). This creates constant IBSS merging upon reception of each beacon, adding and removing station which in turn creates above 50% packet loss and thus dramatically degrade the throughput. The W/A simply stops the driver from declaring it has a reliable TSF value and thus eliminates IBSS merging. Signed-off-by: Assaf Krauss <assaf.krauss@intel.com> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Dhananjay Phadke authored
Remove chipset-specific quirk workaround; the workaround caused unrecoverable DMA lockups when the driver was loaded following a PXE boot. Signed-off-by: Dhananjay Phadke <dhananjay@netxen.com> Signed-off-by: Michael Brown <mbrown@fensystems.co.uk> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
-
Komuro authored
pcnet_cs: add new ID: "corega Ether PCC-TD". remove duplicate ID: "IC-CARD". axnet_cs: add new ID: "IO DATA ETXPCM". Signed-off-by: Komuro <komurojun-mbn@nifty.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
-
Andy Gospodarek authored
This commit dropped the setting of the default interrupt throttle rate. commit 021230d4 Author: Ayyappan Veeraiyan <ayyappan.veeraiyan@intel.com> Date: Mon Mar 3 15:03:45 2008 -0800 ixgbe: Introduce MSI-X queue vector code The following patch adds it back. Without this the default value of 0 causes the performance of this card to be awful. Restoring these to the default values yields much better performance. This regression has been around since 2.6.25. Signed-off-by: Andy Gospodarek <andy@greyhouse.net> Acked-by: Jesse Brandeburg <jesse.brandeburg@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com> CC: stable@kernel.org [2.6.25 and later] Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
-
David Brownell authored
Make the "pegasus" driver scream less loudly in the face of problems as it initializes, avoiding hundreds of messages: - ratelimit some key error messages - avoid some spurious diagnostics caused by strange codeflow And fix one instance of goofy indentation. Signed-off-by: David Brownell <dbrownell@users.sourceforge.net> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
-
David S. Miller authored
Andrew Morton reported a build failure on sparc32, because TIPC uses names like "struct node" and there is a like named data structure defined in linux/node.h This just regexp replaces "struct node*" to "struct tipc_node*" to avoid this and any future similar problems. Signed-off-by: David S. Miller <davem@davemloft.net>
-
David S. Miller authored
Ever since commit 4c563f76 ("[XFRM]: Speed up xfrm_policy and xfrm_state walking") it is illegal to call __xfrm_state_destroy (and thus xfrm_state_put()) with xfrm_state_lock held. If we do, we'll deadlock since we have the lock already and __xfrm_state_destroy() tries to take it again. Fix this by pushing the xfrm_state_put() calls after the lock is dropped. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Breno Leitao authored
Re-enable IP when the MTU gets back to a valid size. This patch just checks if the in_dev is NULL on a NETDEV_CHANGEMTU event and if MTU is valid (bigger than 68), then re-enable in_dev. Also a function that checks valid MTU size was created. Signed-off-by: Breno Leitao <leitao@linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Julien Brunel authored
In case of error, the function xfrm_bundle_create returns an ERR pointer, but never returns a NULL pointer. So a NULL test that comes after an IS_ERR test should be deleted. The semantic match that finds this problem is as follows: (http://www.emn.fr/x-info/coccinelle/) // <smpl> @match_bad_null_test@ expression x, E; statement S1,S2; @@ x = xfrm_bundle_create(...) ... when != x = E * if (x != NULL) S1 else S2 // </smpl> Signed-off-by: Julien Brunel <brunel@diku.dk> Signed-off-by: Julia Lawall <julia@diku.dk> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 02 Sep, 2008 11 commits
-
-
Senthil Balasubramanian authored
This patch addresses an issue with the locking order. ath_rx_flush_tid() uses spin_lock/unlock_bh when IRQs are disabled in sta_notify by mac80211. As node clean up is still pending with ath9k and this problematic portion of the code is expected to change anyway, thinking of a proper fix may not be worthwhile. So having this interim fix helps the users to get rid of the kernel warning message. Pasted the kernel warning message for reference. kernel: ath0: No ProbeResp from current AP 00:1b:11:60:7a:3d - assume out of range kernel: ------------[ cut here ]------------ kernel: WARNING: at kernel/softirq.c:136 local_bh_enable+0x3c/0xab() kernel: Pid: 1029, comm: ath9k Not tainted 2.6.27-rc4-wt-w1fi-wl kernel: kernel: Call Trace: kernel: [<ffffffff802278d8>] warn_on_slowpath+0x51/0x77 kernel: [<ffffffff80224c51>] check_preempt_wakeup+0xf3/0x123 kernel: [<ffffffff80239658>] autoremove_wake_function+0x9/0x2e kernel: [<ffffffff8022c281>] local_bh_enable+0x3c/0xab kernel: [<ffffffffa01ab75a>] ath_rx_node_cleanup+0x38/0x6e [ath9k] kernel: [<ffffffffa01b2280>] ath_node_detach+0x3b/0xb6 [ath9k] kernel: [<ffffffffa01ab09f>] ath9k_sta_notify+0x12b/0x165 [ath9k] kernel: [<ffffffff802366cf>] queue_work+0x1d/0x49 kernel: [<ffffffffa018c3fc>] add_todo+0x70/0x99 [mac80211] kernel: [<ffffffffa017de76>] __sta_info_unlink+0x16b/0x19e [mac80211] kernel: [<ffffffffa017e6ed>] sta_info_unlink+0x18/0x43 [mac80211] kernel: [<ffffffffa0182732>] ieee80211_associated+0xaa/0x16d [mac80211] kernel: [<ffffffffa0184a1a>] ieee80211_sta_work+0x4fb/0x6b4 [mac80211] kernel: [<ffffffff80469c58>] thread_return+0x30/0xa9 kernel: [<ffffffffa018451f>] ieee80211_sta_work+0x0/0x6b4 [mac80211] kernel: [<ffffffff802362c2>] run_workqueue+0xb1/0x17a kernel: [<ffffffff80236be9>] worker_thread+0xd0/0xdb kernel: [<ffffffff8023964f>] autoremove_wake_function+0x0/0x2e kernel: [<ffffffff80236b19>] worker_thread+0x0/0xdb kernel: [<ffffffff8023954a>] kthread+0x47/0x75 kernel: [<ffffffff80223121>] schedule_tail+0x18/0x50 kernel: [<ffffffff8020bc49>] child_rip+0xa/0x11 kernel: [<ffffffff80239503>] kthread+0x0/0x75 kernel: [<ffffffff8020bc3f>] child_rip+0x0/0x11 kernel: kernel: ---[ end trace e9bb5da661055827 ]--- Signed-off-by: Senthil Balasubramanian <senthilkumar@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Senthil Balasubramanian authored
Updating sc_keytype multiple times when groupwise and pairwise ciphers are different results in incorrect pairwise key type assumed for TX control and normal ping fails. This works fine for cases where both groupwise and pairwise ciphers are same. Also use mac80211 provided enums for key length calculation. Signed-off-by: Senthil Balasubramanian <senthilkumar@atheros.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Boaz Harrosh authored
A "Set" to a sign-bit in an "&" operation causes a compiler warning. Make calculations unsigned. [ The warning was masked by the old definition of BUILD_BUG_ON() ] Also remove __builtin_constant_p from FIELD_CHECK since BUILD_BUG_ON no longer permits non-const values. Signed-off-by: Boaz Harrosh <bharrosh@panasas.com> CC: Ingo Molnar <mingo@elte.hu> CC: Rusty Russell <rusty@rustcorp.com.au> Acked-by: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Jouni Malinen authored
debugfs union in struct ieee80211_sub_if_data is misused by including a common default_key dentry as a union member. This ends occupying the same memory area with the first dentry in other union members (structures; usually drop_unencrypted). Consequently, debugfs operations on default_key symlinks and drop_unencrypted entry are using the same dentry pointer even though they are supposed to be separate ones. This can lead to removing entries incorrectly or potentially leaving something behind since one of the dentry pointers gets lost. Fix this by moving the default_key dentry to a new struct (common_debugfs) that contains dentries (more to be added in future) that are shared by all vif types. The debugfs union must only be used for vif type-specific entries to avoid this type of pointer corruption. Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Adrian Bunk authored
The leak in if_cs_prog_helper() is obvious. It looks a bit as if not freeing "fw" in if_cs_prog_real() was done intentionally, but I'm not seeing why it shouldn't be freed. Reported-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Adrian Bunk <bunk@kernel.org> Acked-by: Holger Schurig <hs4233@mail.mn-solutions.de> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
David Kilroy authored
When multicasting the driver sets the number of group addresses using the count from the previous set multicast command. In general this means you have to set the multicast addresses twice to get the behaviour you want. If we were multicasting, and reduce the number of addresses we are multicasting to, then the driver would write uninitialised data from the stack into the group addresses to multicast to. Only write the multicast addresses we have specifically set. Signed-off-by: David Kilroy <kilroyd@gmail.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Tomas Winkler authored
This patch fixes loading firmware from memory above 32bit. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com> Signed-off-by: Zhu Yi <yi.zhu@intel.com> Acked-by: Marcel Holtmann <holtmann@linux.intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Mohamed Abbas authored
The patch fixes CSR_GP_CNTRL_REG_FLAG_INIT_DONE was set instead of cleared which disabled moving device to D0U state. Signed-off-by: Mohamed Abbas <mohamed.abbas@intel.com> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Tomas Winkler authored
This patch adds workaround for an interrupt related hardware bug on some platforms. (Apparently these platforms boot-up w/ INTX_DISABLED set. -- JWL) Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
John W. Linville authored
GFP_DMA is not necessary for the iwlwifi hardware and it can cause allocation failures and/or invoke the OOM killer on lots of systems. For reference: https://bugzilla.redhat.com/show_bug.cgi?id=459709Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
Florian Mickler authored
Current setup with hal and NetworkManager will fail to work without newest hal version with this config option disabled. Although this will solve itself by time, at the moment it is dishonest to say that we don't know any software that uses it, if there are many many people relying on old hal versions. Signed-off-by: Florian Mickler <florian@mickler.org> Signed-off-by: John W. Linville <linville@tuxdriver.com>
-
- 29 Aug, 2008 3 commits
-
-
David S. Miller authored
Nothing in linux/pim.h should be exported to userspace. This should fix the XORP build failure reported by Jose Calhariz, the debain package maintainer. Nothing originally in linux/mroute.h was exported to userspace ever, but some of this stuff started to be when it was moved into this new linux/pim.h, and that was wrong. If we didn't provide these definitions for 10 years we can reasonably expect that applications defined this stuff locally or used GLIBC headers providing the protocol definitions. And as such the only result of this can be conflict and userland build breakage. Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jarek Poplawski authored
Use qdisc_root_sleeping_lock() instead of qdisc_root_lock() where appropriate. The only difference is while dev is deactivated, when currently we can use a sleeping qdisc with the lock of noop_qdisc. This shouldn't be dangerous since after deactivation root lock could be used only by gen_estimator code, but looks wrong anyway. Signed-off-by: Jarek Poplawski <jarkao2@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Yang Hongyang authored
Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
- 27 Aug, 2008 2 commits
-
-
Vlad Yasevich authored
The number of identifiers needs to be checked against the option length. Also, the identifier index provided needs to be verified to make sure that it doesn't exceed the bounds of the array. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Vlad Yasevich authored
The bonds check to prevent buffer overlflow was not exactly right. It still allowed overflow of up to 8 bytes which is sizeof(struct sctp_authkey). Since optlen is already checked against the size of that struct, we are guaranteed not to cause interger overflow either. Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-