Commit Graph

40450 Commits

Author SHA1 Message Date
Dmitry Mishin
590bdf7fd2 [NETFILTER]: Missed and reordered checks in {arp,ip,ip6}_tables
There is a number of issues in parsing user-provided table in
translate_table(). Malicious user with CAP_NET_ADMIN may crash system by
passing special-crafted table to the *_tables.

The first issue is that mark_source_chains() function is called before entry
content checks. In case of standard target, mark_source_chains() function
uses t->verdict field in order to determine new position. But the check, that
this field leads no further, than the table end, is in check_entry(), which
is called later, than mark_source_chains().

The second issue, that there is no check that target_offset points inside
entry. If so, *_ITERATE_MATCH macro will follow further, than the entry
ends. As a result, we'll have oops or memory disclosure.

And the third issue, that there is no check that the target is completely
inside entry. Results are the same, as in previous issue.

Signed-off-by: Dmitry Mishin <dim@openvz.org>
Acked-by: Kirill Korotaev <dev@openvz.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-30 15:24:44 -08:00
Patrick McHardy
844dc7c880 [NETFILTER]: remove masq/NAT from ip6tables Kconfig help
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-30 15:24:43 -08:00
James Morris
bcd620757d [IPV6]: fix lockup via /proc/net/ip6_flowlabel
There's a bug in the seqfile handling for /proc/net/ip6_flowlabel, where,
after finding a flowlabel, the code will loop forever not finding any
further flowlabels, first traversing the rest of the hash bucket then just
looping.

This patch fixes the problem by breaking after the hash bucket has been
traversed.

Note that this bug can cause lockups and oopses, and is trivially invoked
by an unpriveleged user.

Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-30 15:24:42 -08:00
Heiko Carstens
a27b58fed9 [NET]: fix uaccess handling
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-30 15:24:41 -08:00
Herbert Xu
28cd775273 [SCTP]: Always linearise packet on input
I was looking at a RHEL5 bug report involving Xen and SCTP
(https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212550).
It turns out that SCTP wasn't written to handle skb fragments at
all.  The absence of any calls to skb_may_pull is testament to
that.

It just so happens that Xen creates fragmented packets more often
than other scenarios (header & data split when going from domU to
dom0).  That's what caused this bug to show up.

Until someone has the time sits down and audits the entire net/sctp
directory, here is a conservative and safe solution that simply
linearises all packets on input.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-30 15:24:39 -08:00
David S. Miller
c20e3945c7 [ETH1394]: Fix unaligned accesses.
Several u64 objects are derefernced in situations where the
pointer is not guarenteed to be aligned correctly.  Use
get_unaligned() as needed.

Thanks to Will Simoneau for lots of testing and debugging
help.

Signed-off-by: David S. Miller <davem@davemloft.net>
Acked-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
2006-10-30 15:24:38 -08:00
Randy Dunlap
234af48401 [DCCP]: fix printk format warnings
Fix printk format warnings:
build2.out:net/dccp/ccids/ccid2.c:355: warning: long long unsigned int format, u64 arg (arg 3)
build2.out:net/dccp/ccids/ccid2.c:360: warning: long long unsigned int format, u64 arg (arg 3)
build2.out:net/dccp/ccids/ccid2.c:482: warning: long long unsigned int format, u64 arg (arg 5)
build2.out:net/dccp/ccids/ccid2.c:639: warning: long long unsigned int format, u64 arg (arg 3)
build2.out:net/dccp/ccids/ccid2.c:639: warning: long long unsigned int format, u64 arg (arg 4)
build2.out:net/dccp/ccids/ccid2.c:674: warning: long long unsigned int format, u64 arg (arg 3)
build2.out:net/dccp/ccids/ccid2.c:720: warning: long long unsigned int format, u64 arg (arg 3)

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-30 15:24:37 -08:00
Herbert Xu
c8884edd07 [NET]: Fix segmentation of linear packets
skb_segment fails to segment linear packets correctly because it
tries to write all linear parts of the original skb into each
segment.  This will always panic as each segment only contains
enough space for one MSS.

This was not detected earlier because linear packets should be
rare for GSO.  In fact it still remains to be seen what exactly
created the linear packets that triggered this bug.  Basically
the only time this should happen is if someone enables GSO
emulation on an interface that does not support SG.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-30 15:24:36 -08:00
David S. Miller
54489c14c0 [XFRM] xfrm_user: Fix unaligned accesses.
Use memcpy() to move xfrm_address_t objects in and out
of netlink messages.  The vast majority of xfrm_user was
doing this properly, except for copy_from_user_state()
and copy_to_user_state().

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-30 15:24:35 -08:00
David S. Miller
201a95afaa [APPLETALK]: Fix potential OOPS in atalk_sendmsg().
atrtr_find() can return NULL, so do not blindly dereference
rt->dev before we check for rt being NULL.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-30 15:24:34 -08:00
Randy Dunlap
d458fd82c9 [NET] sealevel: uses arp_broken_ops
On Wed, 25 Oct 2006 18:03:13 +0200 Toralf Förster wrote:

> WARNING: "arp_broken_ops" [drivers/net/wan/sealevel.ko] undefined!
> make[1]: *** [__modpost] Error 1
> make: *** [modules] Error 2
>
> Here's the config:
...
> # CONFIG_INET is not set
> CONFIG_SEALEVEL_4021=m

Sealevel uses arp_broken_ops so it needs to depend on INET.

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-30 15:24:33 -08:00
Albert Cahalan
a7aacdf9ea [PATCH] fix i386 regparm=3 RT signal handlers on x86_64
The recent change to make x86_64 support i386 binaries compiled
with -mregparm=3 only covered signal handlers without SA_SIGINFO.
(the 3-arg "real-time" ones) This is useful for klibc at least.

Signed-off-by: Albert Cahalan <acahalan@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:12:21 -08:00
Andrew Morton
202dd45024 [PATCH] fix "sunrpc: fix refcounting problems in rpc servers"
- printk should remain dprintk

- fix coding-style.

Cc: Neil Brown <neilb@suse.de>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:12:21 -08:00
Kristian Mueller
3f4b23e983 [PATCH] APM: URL of APM 1.2 specs has changed
APM BIOS Interface Secification can now be found at
http://www.microsoft.com/whdc/archive/amp_12.mspx

Signed-off-by: Kristian Mueller <Kristian-M@Kristian-M.de>
Acked-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:42 -08:00
Neil Brown
d6740df98e [PATCH] sunrpc: fix refcounting problems in rpc servers
A recent patch fixed a problem which would occur when the refcount on an
auth_domain reached zero.  This problem has not been reported in practice
despite existing in two major kernel releases because the refcount can
never reach zero.

This patch fixes the problems that stop the refcount reaching zero.

1/ We were adding to the refcount when inserting in the hash table,
   but only removing from the hashtable when the refcount reached zero.
   Obviously it never would.  So don't count the implied reference of
   being in the hash table.

2/ There are two paths on which a socket can be destroyed.  One called
   svcauth_unix_info_release().  The other didn't.  So when the other was
   taken, we can lose a reference to an ip_map which in-turn holds a
   reference to an auth_domain

   So unify the exit paths into svc_sock_put.  This highlights the fact
   that svc_delete_socket has slightly odd semantics - it does not drop
   a reference but probably should.  Fixing this need a bit more
   thought and testing.

Signed-off-by: Neil Brown <neilb@suse.de>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:42 -08:00
Sergey Vlasov
2b52c9590d [PATCH] drivers/ide/pci/generic.c: add missing newline to the all-generic-ide message
Signed-off-by: Sergey Vlasov <vsu@altlinux.ru>
Acked-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:41 -08:00
Oleg Nesterov
f0ec1aaf54 [PATCH] xacct_add_tsk: fix pure theoretical ->mm use-after-free
Paranoid fix. The task can free its ->mm after the 'if (p->mm)' check.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Shailabh Nagar <nagar@watson.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Jay Lan <jlan@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:41 -08:00
akpm@osdl.org
d45e44d4be [PATCH] uml: fix compilation options for USER_OBJS
From: Jeff Dike <jdike@addtoit.com>, Paolo Giarrusso <blaisorblade@yahoo.it>

Make sure that when compiling USER_OBJS the correct compilation options are
passed; since they are compiled with USER_CFLAGS which is derived from
CFLAGS, make sure it is a recursively evaluated variable, so that changes
to CFLAGS done afterwards the inclusion of arch/$(ARCH)/Makefile are
reflected in USER_CFLAGS.

For instance, without this patch userspace objects are never compiled with
debug info active.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Cc: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:41 -08:00
Paolo 'Blaisorblade' Giarrusso
b428b51ed9 [PATCH] Fix "Remove the use of _syscallX macros in UML"
Fix commit 5f4c6bc1f3: it spits out warnings
about missing syscall prototype (it is in <unistd.h>) and it does not
recognize that two uses of _syscallX are to be resolved against kernel
headers in the source tree, not against _syscallX; they in fact do not
compile and would not work anyway.

If _syscallX macros will be removed from the kernel tree altogether, the
only reasonable solution for that piece of code is switching to open-coded
inline assembly (it's remapping the whole executable from memory, except
the page containing this code).

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Cc: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:41 -08:00
Randy Dunlap
bbb5bbb037 [PATCH] docbook: make a filesystems book
Make a filesystems DocBook book/file by moving all filesystems info from
kernel-api.tmpl.  Will also merge journal-api.tmpl into it soon (with
permission from Roger Gammans).  Localizes filesystem info and reduces size
of the huge (produced) kernel-api output files.

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:41 -08:00
Randy Dunlap
351edd240d [PATCH] MTD: fix last kernel-doc warning
Fix the last current kernel-doc warning:
Warning(/var/linsrc/linux-2619-rc3g5//include/linux/mtd/nand.h:416): No description found for parameter 'write_page'

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:41 -08:00
Alexey Dobriyan
f8da1f7465 [PATCH] cryptocop: double spin_lock_irqsave()
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Mikael Starvik <starvik@axis.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:41 -08:00
Peter Zijlstra
7259f0d05d [PATCH] lockdep: annotate DECLARE_WAIT_QUEUE_HEAD
kernel: INFO: trying to register non-static key.
kernel: the code is fine but needs lockdep annotation.
kernel: turning off the locking correctness validator.
kernel:  [<c04051ed>] show_trace_log_lvl+0x58/0x16a
kernel:  [<c04057fa>] show_trace+0xd/0x10
kernel:  [<c0405913>] dump_stack+0x19/0x1b
kernel:  [<c043b1e2>] __lock_acquire+0xf0/0x90d
kernel:  [<c043bf70>] lock_acquire+0x4b/0x6b
kernel:  [<c061472f>] _spin_lock_irqsave+0x22/0x32
kernel:  [<c04363d3>] prepare_to_wait+0x17/0x4b
kernel:  [<f89a24b6>] lpfc_do_work+0xdd/0xcc2 [lpfc]
kernel:  [<c04361b9>] kthread+0xc3/0xf2
kernel:  [<c0402005>] kernel_thread_helper+0x5/0xb

Another case of non-static lockdep keys; duplicate the paradigm set by
DECLARE_COMPLETION_ONSTACK and introduce DECLARE_WAIT_QUEUE_HEAD_ONSTACK.

Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Greg KH <gregkh@suse.de>
Cc: Markus Lidel <markus.lidel@shadowconnect.com>
Acked-by: Ingo Molnar <mingo@elte.hu>
Cc: Arjan van de Ven <arjan@infradead.org>
Cc: James Bottomley <James.Bottomley@steeleye.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:40 -08:00
Akinobu Mita
70812522b8 [PATCH] isdn/gigaset: avoid cs->dev null pointer dereference
When gigaset_initbcs() is called, cs->dev is not initialized yet.  If
dev_alloc_skb() failed in this function, NULL poinster dereference will
happen at dev_warn().

Cc: Kai Germaschewski <kai.germaschewski@gmx.de>
Cc: Hansjoerg Lipp <hjlipp@web.de>
Cc: Tilman Schmidt <tilman@imap.cc>
Acked-by: Karsten Keil <kkeil@suse.de>
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:40 -08:00
Randy Dunlap
0e2d57fc6e [PATCH] ndiswrapper: don't set the module->taints flags
For ndiswrapper, don't set the module->taints flags, just set the kernel
global tainted flag.  This should allow ndiswrapper to continue to use GPL
symbols.

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Cc: Florin Malita <fmalita@gmail.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:40 -08:00
Andrew Morton
a5a89bae04 [PATCH] ioc4_serial: irq flags fix
Use the correct type for the CPU flags.

Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 12:08:40 -08:00
Christophe Saout
37af6560f7 [PATCH] Fix dmsetup table output change
Fix dm-crypt after the block cipher API changes to correctly return the
backwards compatible cipher-chainmode[-ivmode] format for "dmsetup
table".

Signed-off-by: Christophe Saout <christophe@saout.de>
Cc: Alasdair G Kergon <agk@redhat.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff linux-2.6.19-rc3.orig/drivers/md/dm-crypt.c linux-2.6.19-rc3/drivers/md/dm-crypt.c
2006-10-30 12:02:57 -08:00
Jens Axboe
c1b707d253 [PATCH] CFQ: bad locking in changed_ioprio()
When the ioprio code recently got juggled a bit, a bug was introduced.
changed_ioprio() is no longer called with interrupts disabled, so using
plain spin_lock() on the queue_lock is a bug.

Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 11:01:50 -08:00
Jens Axboe
0261d6886e [PATCH] CFQ: use irq safe locking in cfq_cic_link()
If cfq_set_request() is called for a new process AND a non-fs io
request (so that __GFP_WAIT may not be set), cfq_cic_link() may
use spin_lock_irq() and spin_unlock_irq() with interrupts already
disabled.

Fix is to always use irq safe locking in cfq_cic_link()

Acked-By: Arjan van de Ven <arjan@linux.intel.com>
Acked-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-30 10:21:58 -08:00
Linus Torvalds
209ad53bc1 Revert "r8169: mac address change support"
This reverts commit a2b98a697f.

As per Guennadi Liakhovetski, the mac address change support code breaks
some normal uses (_without_ any address changes), and until it's all
sorted out, we're better off without it.

Says Francois:

  "Go revert it.

   Despite what I claimed, I can not find a third-party confirmation by
   email that it works elsewhere.

   It would probably be enough to remove the call to
   __rtl8169_set_mac_addr() in rtl8169_hw_start() though."

See also

	http://bugzilla.kernel.org/show_bug.cgi?id=6032

Cc: Guennadi Liakhovetski <g.liakhovetski@gmx.de>
Acked-by: Francois Romieu <romieu@fr.zoreil.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-29 17:31:49 -08:00
Linus Torvalds
9ca0e5474d Merge master.kernel.org:/home/rmk/linux-2.6-arm
* master.kernel.org:/home/rmk/linux-2.6-arm:
  [ARM] 3914/1: [Jornada7xx] - Typo Fix in cpu-sa1110.c (b != B)
  [ARM] 3913/1: n2100: fix IRQ routing for second ethernet port
  [ARM] Add KBUILD_IMAGE target support
  [ARM] Fix suspend oops caused by PXA2xx PCMCIA driver
  [ARM] Fix i2c-pxa slave mode support
  [ARM] 3900/1: Fix VFP Division by Zero exception handling.
  [ARM] 3899/1: Fix the normalization of the denormal double precision number.
  [ARM] 3909/1: Disable UWIND_INFO for ARM (again)
  [ARM] Add __must_check to uaccess functions
  [ARM] Add realview SMP default configuration
  [ARM] Fix SMP irqflags support
2006-10-29 17:25:48 -08:00
Linus Torvalds
c0f79c4cb1 Merge git://git.kernel.org/pub/scm/linux/kernel/git/brodo/pcmcia-fixes-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/brodo/pcmcia-fixes-2.6:
  [PATCH] PCMCIA: fix __must_check warnings
  [PATCH] PCMCIA: handle sysfs, PCI errors
  [PATCH] Export soc_common_drv_pcmcia_remove to allow modular PCMCIA.
  [PATCH] ioremap balanced with iounmap for drivers/pcmcia
  [PATCH] pcmcia: au1000_generic fix
  [PATCH] i82092: wire up errors from pci_register_driver()
  [PATCH] CONFIG_PM=n slim: drivers/pcmcia/*
  [PATCH] pcmcia/ds: driver layer error checking
  [PATCH] pcmcia: update alloc_io_space for conflict checking for multifunction PC card
  [PATCH] pcmcia: add more IDs to hostap_cs.c
  [PATCH] pcmcia: at91_cf update
2006-10-29 17:21:42 -08:00
Linus Torvalds
7a20655bc5 Merge git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog
* git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog:
  [WATCHDOG] sc1200wdt.c pnp unregister fix.
2006-10-29 13:53:05 -08:00
Kristoffer Ericson
9f0f9313ce [ARM] 3914/1: [Jornada7xx] - Typo Fix in cpu-sa1110.c (b != B)
"K4S281632b-1H" should read "K4S281632B-1H" (As it does everywhere
else). No more coffe!

Signed-off-by: Kristoffer Ericson <Kristoffer_e1@hotmail.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-10-29 21:52:29 +00:00
Linus Torvalds
e6c9f716ba Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6:
  ieee1394: ohci1394: revert fail on error in suspend
2006-10-29 13:34:15 -08:00
Akinobu Mita
150ed8ed63 [WATCHDOG] sc1200wdt.c pnp unregister fix.
If no devices found or invalid parameter is specified,
scl200wdt_pnp_driver is left unregistered.
It breaks global list of pnp drivers.

Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
Signed-off-by: Andrew Morton <akpm@osdl.org>
2006-10-29 22:09:32 +01:00
Geert Uytterhoeven
5fdb51a10f [PATCH] m68k: consolidate initcall sections
Commit 61ce1efe6e missed the m68k initcall
sections.

Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-29 12:07:41 -08:00
Oleg Nesterov
3d8334def5 [PATCH] taskstats: fix sk_buff size calculation
prepare_reply() adds GENL_HDRLEN to the payload (genlmsg_total_size()),
but then it does genlmsg_put()->nlmsg_put().  This means we forget to
reserve a room for 'struct nlmsghdr'.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Thomas Graf <tgraf@suug.ch>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Shailabh Nagar <nagar@watson.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Jay Lan <jlan@sgi.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-29 12:07:37 -08:00
Oleg Nesterov
d46a3d0d07 [PATCH] taskstats: fix sk_buff leak
'return genlmsg_cancel()' in taskstats_user_cmd/taskstats_exit_send
potentially leaks a skb.  Unless we pass 'rep_skb' to the netlink layer
we own sk_buff.  This means we should always do kfree_skb() on failure.

[ Thomas acked and pointed out missing return value in original version ]

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Acked-by: Thomas Graf <tgraf@suug.ch>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Shailabh Nagar <nagar@watson.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Jay Lan <jlan@sgi.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-29 12:07:37 -08:00
Stefan Richter
346f5c7ee7 ieee1394: ohci1394: revert fail on error in suspend
Some errors during preparation for suspended state can be skipped with a
warning instead of a failure of the whole suspend transition, notably an
error in pci_set_power_state.

Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
2006-10-29 20:02:23 +01:00
Lennert Buytenhek
811c9a4b61 [ARM] 3913/1: n2100: fix IRQ routing for second ethernet port
The second ethernet port on the Thecus n2100 was incorrectly assigned
to XINT1 instead of the correct XINT3 (PCI INTB instead of INTD), which
caused that port to be non-functional.

Signed-off-by: Lennert Buytenhek <buytenh@wantstofly.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-10-29 16:52:17 +00:00
Giridhar Pemmasani
5211e6e6c6 [PATCH] Fix GFP_HIGHMEM slab panic
As reported by Martin J. Bligh <mbligh@google.com>, we let through some
non-slab bits to slab allocation through __get_vm_area_node when doing a
vmalloc.

I haven't been able to reproduce this, although I understand why it
happens: vmalloc allocates memory with

GFP_KERNEL | __GFP_HIGHMEM

and commit 52fd24ca1d resulted in the same
flags are passed down to cache_alloc_refill, causing the BUG.  The
following patch fixes it.

Note that when calling kmalloc_node, I am masking off __GFP_HIGHMEM with
GFP_LEVEL_MASK, whereas __vmalloc_area_node does the same with

~(__GFP_HIGHMEM | __GFP_ZERO).

IMHO, using GFP_LEVEL_MASK is preferable, but either should fix this
problem.

Signed-off-by: Giridhar Pemmasani (pgiri@yahoo.com)
Cc: Martin J. Bligh <mbligh@google.com>
Cc: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-29 08:01:58 -08:00
Russell King
51342d7126 [ARM] Add KBUILD_IMAGE target support
Add support for KBUILD_IMAGE on ARM.  This takes the usual target
specifiers (zImage/Image/etc) in the same way that powerpc does
(iow, without the arch/arm/boot prefix).

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-10-29 12:51:05 +00:00
Russell King
9468613b2b [ARM] Fix suspend oops caused by PXA2xx PCMCIA driver
The PXA2xx PCMCIA driver was registering a device_driver with the
platform_bus_type.  Unfortunately, this causes data outside the
device_driver structure to be dereferenced as if it were a
platform_driver structure, causing an oops.  Convert the PXA2xx
core driver to use the proper platform_driver structure.

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-10-28 22:42:56 +01:00
Russell King
84b5abe69f [ARM] Fix i2c-pxa slave mode support
i2c-pxa times out when trying to enable slave mode due to an
incorrect test.  Also, check that i2c->slave is non-NULL
before dereferencing it.

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-10-28 22:30:17 +01:00
Linus Torvalds
2da6dc2886 Merge branch 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6
* 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6:
  [S390] cio: Make ccw_device_register() static.
  [S390] Improve AP bus device removal.
  [S390] uaccess error handling.
  [S390] cio: css_probe_device() must be called enabled.
  [S390] Initialize interval value to 0.
  [S390] sys_getcpu compat wrapper.
2006-10-28 11:38:39 -07:00
Mel Gorman
0c6cb97463 [PATCH] Calculation fix for memory holes beyong the end of physical memory
absent_pages_in_range() made the assumption that users of the
arch-independent zone-sizing API would not care about holes beyound the end
of physical memory.  This was not the case and was "fixed" in a patch
called "Account for holes that are outside the range of physical memory".
However, when given a range that started before a hole in "real" memory and
ended beyond the end of memory, it would get the result wrong.  The bug is
in mainline but a patch is below.

It has been tested successfully on a number of machines and architectures.
Additional credit to Keith Mannthey for discovering the problem, helping
identify the correct fix and confirming it Worked For Him.

Signed-off-by: Mel Gorman <mel@csn.ul.ie>
Cc: keith mannthey <kmannth@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-28 11:30:55 -07:00
Alan Stern
057647fc47 [PATCH] workqueue: update kerneldoc
This patch (as812) changes the kerneldoc comments explaining the return
values from queue_work(), queue_delayed_work(), and
queue_delayed_work_on().  The updated comments explain more accurately the
meaning of the return code and avoid suggesting that a 0 value means the
routine was unsuccessful.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-28 11:30:55 -07:00
Alan Cox
c333526f48 [PATCH] JMB 368 PATA detection
The Jmicron JMB368 is PATA only so has the PATA on function zero.  Don't
therefore skip function zero on this device when probing

Signed-off-by: Alan Cox <alan@redhat.com>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-28 11:30:55 -07:00
Satoru Takeuchi
8fa1d7d3b2 [PATCH] cpu-hotplug: release `workqueue_mutex' properly on CPU hot-remove
_cpu_down() acquires `workqueue_mutex' on its process, but doen't release it
if __cpu_disable() fails.

Signed-off-by: Satoru Takeuchi <takeuchi_satoru@jp.fujitsu.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-28 11:30:55 -07:00