1. 10 9月, 2008 1 次提交
    • N
      ipv6: Fix OOPS in ip6_dst_lookup_tail(). · e550dfb0
      Neil Horman 提交于
      This fixes kernel bugzilla 11469: "TUN with 1024 neighbours:
      ip6_dst_lookup_tail NULL crash"
      
      dst->neighbour is not necessarily hooked up at this point
      in the processing path, so blindly dereferencing it is
      the wrong thing to do.  This NULL check exists in other
      similar paths and this case was just an oversight.
      
      Also fix the completely wrong and confusing indentation
      here while we're at it.
      
      Based upon a patch by Evgeniy Polyakov.
      Signed-off-by: NNeil Horman <nhorman@tuxdriver.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e550dfb0
  2. 09 9月, 2008 25 次提交
    • H
      ipsec: Restore larval states and socket policies in dump · 225f4005
      Herbert Xu 提交于
      The commit commit 4c563f76 ("[XFRM]:
      Speed up xfrm_policy and xfrm_state walking") inadvertently removed
      larval states and socket policies from netlink dumps.  This patch
      restores them.
      Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      225f4005
    • D
    • M
      [Bluetooth] Reject L2CAP connections on an insecure ACL link · e7c29cb1
      Marcel Holtmann 提交于
      The Security Mode 4 of the Bluetooth 2.1 specification has strict
      authentication and encryption requirements. It is the initiators job
      to create a secure ACL link. However in case of malicious devices, the
      acceptor has to make sure that the ACL is encrypted before allowing
      any kind of L2CAP connection. The only exception here is the PSM 1 for
      the service discovery protocol, because that is allowed to run on an
      insecure ACL link.
      
      Previously it was enough to reject a L2CAP connection during the
      connection setup phase, but with Bluetooth 2.1 it is forbidden to
      do any L2CAP protocol exchange on an insecure link (except SDP).
      
      The new hci_conn_check_link_mode() function can be used to check the
      integrity of an ACL link. This functions also takes care of the cases
      where Security Mode 4 is disabled or one of the devices is based on
      an older specification.
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      e7c29cb1
    • M
      [Bluetooth] Enforce correct authentication requirements · 09ab6f4c
      Marcel Holtmann 提交于
      With the introduction of Security Mode 4 and Simple Pairing from the
      Bluetooth 2.1 specification it became mandatory that the initiator
      requires authentication and encryption before any L2CAP channel can
      be established. The only exception here is PSM 1 for the service
      discovery protocol (SDP). It is meant to be used without any encryption
      since it contains only public information. This is how Bluetooth 2.0
      and before handle connections on PSM 1.
      
      For Bluetooth 2.1 devices the pairing procedure differentiates between
      no bonding, general bonding and dedicated bonding. The L2CAP layer
      wrongly uses always general bonding when creating new connections, but it
      should not do this for SDP connections. In this case the authentication
      requirement should be no bonding and the just-works model should be used,
      but in case of non-SDP connection it is required to use general bonding.
      
      If the new connection requires man-in-the-middle (MITM) protection, it
      also first wrongly creates an unauthenticated link key and then later on
      requests an upgrade to an authenticated link key to provide full MITM
      protection. With Simple Pairing the link key generation is an expensive
      operation (compared to Bluetooth 2.0 and before) and doing this twice
      during a connection setup causes a noticeable delay when establishing
      a new connection. This should be avoided to not regress from the expected
      Bluetooth 2.0 connection times. The authentication requirements are known
      up-front and so enforce them.
      
      To fulfill these requirements the hci_connect() function has been extended
      with an authentication requirement parameter that will be stored inside
      the connection information and can be retrieved by userspace at any
      time. This allows the correct IO capabilities exchange and results in
      the expected behavior.
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      09ab6f4c
    • M
      [Bluetooth] Fix reference counting during ACL config stage · f1c08ca5
      Marcel Holtmann 提交于
      The ACL config stage keeps holding a reference count on incoming
      connections when requesting the extended features. This results in
      keeping an ACL link up without any users. The problem here is that
      the Bluetooth specification doesn't define an ownership of the ACL
      link and thus it can happen that the implementation on the initiator
      side doesn't care about disconnecting unused links. In this case the
      acceptor needs to take care of this.
      Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
      f1c08ca5
    • L
      Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/hskinnemoen/avr32-2.6 · 82a28c79
      Linus Torvalds 提交于
      * 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/hskinnemoen/avr32-2.6:
        avr32: pm_standby low-power ram bug fix
        avr32: Fix lockup after Java stack underflow in user mode
      82a28c79
    • L
      Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc · c1bad360
      Linus Torvalds 提交于
      * 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc:
        powerpc: Fix rare boot build breakage
        powerpc/spufs: Fix possible scheduling of a context to multiple SPEs
        powerpc/spufs: Fix race for a free SPU
        powerpc/spufs: Fix multiple get_spu_context()
      c1bad360
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · 6a23312b
      Linus Torvalds 提交于
      * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
        Revert "crypto: camellia - Use kernel-provided bitops, unaligned access helpers"
      6a23312b
    • L
      Merge master.kernel.org:/home/rmk/linux-2.6-arm · 4ced08b8
      Linus Torvalds 提交于
      * master.kernel.org:/home/rmk/linux-2.6-arm:
        [ARM] 5241/1: provide ioremap_wc()
        [ARM] omap: fix virtual vs physical address space confusions
        [ARM] remove unused #include <version.h>
        [ARM] omap: fix build error in ohci-omap.c
        [ARM] omap: fix gpio.c build error
      4ced08b8
    • L
      Merge branch 'sched-fixes-for-linus' of... · e1d7bf14
      Linus Torvalds 提交于
      Merge branch 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
      
      * 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
        sched: arch_reinit_sched_domains() must destroy domains to force rebuild
        sched, cpuset: rework sched domains and CPU hotplug handling (v4)
      e1d7bf14
    • L
      Merge branch 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev · e228c1b5
      Linus Torvalds 提交于
      * 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev:
        ahci: RAID mode SATA patch for Intel Ibex Peak DeviceIDs
        pata_sil680: remove duplicate pcim_enable_device
        libata-sff: kill spurious WARN_ON() in ata_hsm_move()
        sata_nv: disable hardreset for generic
        ahci: disable PMP for marvell ahcis
        sata_mv: add RocketRaid 1720 PCI ID to driver
        ahci, pata_marvell: play nicely together
      e228c1b5
    • U
      Fix format of MAINTAINERS · a46add72
      Uwe Kleine-König 提交于
      ... one entry lacked a colon which broke one of my scripts.
      Signed-off-by: NUwe Kleine-König <ukleinek@informatik.uni-freiburg.de>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      a46add72
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 · bcbc7134
      Linus Torvalds 提交于
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6:
        bridge: don't allow setting hello time to zero
        netns : fix kernel panic in timewait socket destruction
        pkt_sched: Fix qdisc state in net_tx_action()
        netfilter: nf_conntrack_irc: make sure string is terminated before calling simple_strtoul
        netfilter: nf_conntrack_gre: nf_ct_gre_keymap_flush() fixlet
        netfilter: nf_conntrack_gre: more locking around keymap list
        netfilter: nf_conntrack_sip: de-static helper pointers
      bcbc7134
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6 · b364e2f5
      Linus Torvalds 提交于
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6:
        sparc64: Prevent sparc64 from invoking irq handlers on offline CPUs
        sparc64: Fix IPI call locking.
      b364e2f5
    • J
      usb: fix null deferences in low level usb serial · 06dd881f
      Jason Wessel 提交于
      The hw interface drivers for the usb serial devices deference the tty
      structure to set up the parameters for the initial console.  The tty
      structure should be passed as a parameter to the set_termios() call.
      Signed-off-by: NJason Wessel <jason.wessel@windriver.com>
      Signed-off-by: NAlan Cox <alan@redhat.com>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      06dd881f
    • C
      NFS: Restore missing hunk in NFS mount option parser · af904dea
      Chuck Lever 提交于
      Automounter maps can contain mount options valid for other NFS
      implementations but not for Linux.  The Linux automounter uses the
      mount command's "-s" command line option ("s" for "sloppy") so that
      mount requests containing such options are not rejected.
      
      Commit f45663ce attempted to address a
      known regression with text-based NFS mount option parsing.  Unrecognized
      mount options would cause mount requests to fail, even if the "-s"
      option was used on the mount command line.
      
      Unfortunately, this commit was not complete as submitted.  It adds a
      new mount option, "sloppy".  But it is missing a hunk, so it now allows
      NFS mounts with unrecognized mount options, even if the "sloppy" option
      is not present.  This could be a problem if a required critical mount
      option such as "sync" is misspelled, for example, and is considered a
      regression from 2.6.26.
      
      This patch restores the missing hunk.  Now, the default behavior of
      text-based NFS mount options is as before: any unrecognized mount option
      will cause the mount to fail.
      
      Please include this in 2.6.27-rc.
      
      Thanks to Neil Brown for reporting this.
      Signed-off-by: NChuck Lever <chuck.lever@oracle.com>
      Acked-by: NJ. Bruce Fields <bfields@citi.umich.edu>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      af904dea
    • S
      bridge: don't allow setting hello time to zero · 8d4698f7
      Stephen Hemminger 提交于
      Dushan Tcholich reports that on his system ksoftirqd can consume
      between %6 to %10 of cpu time, and cause ~200 context switches per
      second.
      
      He then correlated this with a report by bdupree@techfinesse.com:
      
      	http://marc.info/?l=linux-kernel&m=119613299024398&w=2
      
      and the culprit cause seems to be starting the bridge interface.
      In particular, when starting the bridge interface, his scripts
      are specifying a hello timer interval of "0".
      
      The bridge hello time can't be safely set to values less than 1
      second, otherwise it is possible to end up with a runaway timer.
      Signed-off-by: NStephen Hemminger <shemminger@vyatta.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8d4698f7
    • D
      netns : fix kernel panic in timewait socket destruction · d315492b
      Daniel Lezcano 提交于
      How to reproduce ?
       - create a network namespace
       - use tcp protocol and get timewait socket
       - exit the network namespace
       - after a moment (when the timewait socket is destroyed), the kernel
         panics.
      
      # BUG: unable to handle kernel NULL pointer dereference at
      0000000000000007
      IP: [<ffffffff821e394d>] inet_twdr_do_twkill_work+0x6e/0xb8
      PGD 119985067 PUD 11c5c0067 PMD 0
      Oops: 0000 [1] SMP
      CPU 1
      Modules linked in: ipv6 button battery ac loop dm_mod tg3 libphy ext3 jbd
      edd fan thermal processor thermal_sys sg sata_svw libata dock serverworks
      sd_mod scsi_mod ide_disk ide_core [last unloaded: freq_table]
      Pid: 0, comm: swapper Not tainted 2.6.27-rc2 #3
      RIP: 0010:[<ffffffff821e394d>] [<ffffffff821e394d>]
      inet_twdr_do_twkill_work+0x6e/0xb8
      RSP: 0018:ffff88011ff7fed0 EFLAGS: 00010246
      RAX: ffffffffffffffff RBX: ffffffff82339420 RCX: ffff88011ff7ff30
      RDX: 0000000000000001 RSI: ffff88011a4d03c0 RDI: ffff88011ac2fc00
      RBP: ffffffff823392e0 R08: 0000000000000000 R09: ffff88002802a200
      R10: ffff8800a5c4b000 R11: ffffffff823e4080 R12: ffff88011ac2fc00
      R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000000
      FS: 0000000041cbd940(0000) GS:ffff8800bff839c0(0000)
      knlGS:0000000000000000
      CS: 0010 DS: 0018 ES: 0018 CR0: 000000008005003b
      CR2: 0000000000000007 CR3: 00000000bd87c000 CR4: 00000000000006e0
      DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
      Process swapper (pid: 0, threadinfo ffff8800bff9e000, task
      ffff88011ff76690)
      Stack: ffffffff823392e0 0000000000000100 ffffffff821e3a3a
      0000000000000008
      0000000000000000 ffffffff821e3a61 ffff8800bff7c000 ffffffff8203c7e7
      ffff88011ff7ff10 ffff88011ff7ff10 0000000000000021 ffffffff82351108
      Call Trace:
      <IRQ> [<ffffffff821e3a3a>] ? inet_twdr_hangman+0x0/0x9e
      [<ffffffff821e3a61>] ? inet_twdr_hangman+0x27/0x9e
      [<ffffffff8203c7e7>] ? run_timer_softirq+0x12c/0x193
      [<ffffffff820390d1>] ? __do_softirq+0x5e/0xcd
      [<ffffffff8200d08c>] ? call_softirq+0x1c/0x28
      [<ffffffff8200e611>] ? do_softirq+0x2c/0x68
      [<ffffffff8201a055>] ? smp_apic_timer_interrupt+0x8e/0xa9
      [<ffffffff8200cad6>] ? apic_timer_interrupt+0x66/0x70
      <EOI> [<ffffffff82011f4c>] ? default_idle+0x27/0x3b
      [<ffffffff8200abbd>] ? cpu_idle+0x5f/0x7d
      
      
      Code: e8 01 00 00 4c 89 e7 41 ff c5 e8 8d fd ff ff 49 8b 44 24 38 4c 89 e7
      65 8b 14 25 24 00 00 00 89 d2 48 8b 80 e8 00 00 00 48 f7 d0 <48> 8b 04 d0
      48 ff 40 58 e8 fc fc ff ff 48 89 df e8 c0 5f 04 00
      RIP [<ffffffff821e394d>] inet_twdr_do_twkill_work+0x6e/0xb8
      RSP <ffff88011ff7fed0>
      CR2: 0000000000000007
      
      This patch provides a function to purge all timewait sockets related
      to a network namespace. The timewait sockets life cycle is not tied with
      the network namespace, that means the timewait sockets stay alive while
      the network namespace dies. The timewait sockets are for avoiding to
      receive a duplicate packet from the network, if the network namespace is
      freed, the network stack is removed, so no chance to receive any packets
      from the outside world. Furthermore, having a pending destruction timer
      on these sockets with a network namespace freed is not safe and will lead
      to an oops if the timer callback which try to access data belonging to 
      the namespace like for example in:
      	inet_twdr_do_twkill_work
      		-> NET_INC_STATS_BH(twsk_net(tw), LINUX_MIB_TIMEWAITED);
      
      Purging the timewait sockets at the network namespace destruction will:
       1) speed up memory freeing for the namespace
       2) fix kernel panic on asynchronous timewait destruction
      Signed-off-by: NDaniel Lezcano <dlezcano@fr.ibm.com>
      Acked-by: NDenis V. Lunev <den@openvz.org>
      Acked-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d315492b
    • S
      ahci: RAID mode SATA patch for Intel Ibex Peak DeviceIDs · 8e48b6b3
      Seth Heasley 提交于
      Add the Intel Ibex Peak (PCH) SATA RAID Controller DeviceIDs.
      Signed-off-by: NSeth Heasley <seth.heasley@intel.com>
      Signed-off-by: NJeff Garzik <jgarzik@redhat.com>
      8e48b6b3
    • D
      pata_sil680: remove duplicate pcim_enable_device · de058cde
      David Milburn 提交于
      Remove duplicate call to pcim_enable_device in sil680_init_one.
      Signed-off-by: NDavid Milburn <dmilburn@redhat.com>
      Signed-off-by: NJeff Garzik <jgarzik@redhat.com>
      de058cde
    • T
      libata-sff: kill spurious WARN_ON() in ata_hsm_move() · 9c2676b6
      Tejun Heo 提交于
      On HSM_ST_ERR, ata_hsm_move() triggers WARN_ON() if AC_ERR_DEV or
      AC_ERR_HSM is not set.  PHY events may trigger HSM_ST_ERR with other
      error codes and, with or without it, there just isn't much reason to
      do WARN_ON() on it.  Even if error code is not set there, core EH
      logic won't have any problem dealing with the error condition.
      
      OSDL bz#11065 reports this problem.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Signed-off-by: NJeff Garzik <jgarzik@redhat.com>
      9c2676b6
    • T
      sata_nv: disable hardreset for generic · 2fd673ec
      Tejun Heo 提交于
      of them being unifying probing, hotplug and EH reset paths uniform.
      Previously, broken hardreset could go unnoticed as it wasn't used
      during probing but when something goes wrong or after hotplug the
      problem will surface and bite hard.
      
      OSDL bug 11195 reports that sata_nv generic flavor falls into this
      category.  Hardreset itself succeeds but PHY stays offline after
      hardreset.  I tried longer debounce timing but the result was the
      same.
      
        http://bugzilla.kernel.org/show_bug.cgi?id=11195
      
      So, it seems we'll have to drop hardreset from the generic flavor.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Cc: Peer Chen <pchen@nvidia.com>
      Signed-off-by: NJeff Garzik <jgarzik@redhat.com>
      2fd673ec
    • T
      ahci: disable PMP for marvell ahcis · 17248461
      Tejun Heo 提交于
      Marvell ahcis don't play nicely with PMPs.  Disable it.
      
      Reported by KueiHuan Chen in the following thread.
      
        http://thread.gmane.org/gmane.linux.ide/33296Signed-off-by: NTejun Heo <tj@kernel.org>
      Cc: KueiHuan Chen <kueihuan.chen@gmail.com>
      Cc: Mark Lord <mlord@pobox.com>
      Signed-off-by: NJeff Garzik <jgarzik@redhat.com>
      17248461
    • M
      sata_mv: add RocketRaid 1720 PCI ID to driver · 46c5784c
      Mark Lord 提交于
      Signed-off-by: NPetr Jelen <petr.jelen@gmail.com>
      Signed-off-by: NMark Lord <mlord@pobox.com>
      Signed-off-by: NJeff Garzik <jgarzik@redhat.com>
      46c5784c
    • A
      ahci, pata_marvell: play nicely together · 5b66c829
      Alan Cox 提交于
      I've been chasing Jeff about this for months.  Jeff added the Marvell
      device identifiers to the ahci driver without making the AHCI driver
      handle the PATA port. This means a lot of users can't use current
      kernels and in most distro cases can't even install.
      
      This has been going on since March 2008 for the 6121 Marvell, and late 2007
      for the 6145!!!
      
      This was all pointed out at the time and repeatedly ignored. Bugs assigned
      to Jeff about this are ignored also.
      
      To quote Jeff in email
      
      > "Just switch the order of 'ahci' and 'pata_marvell' in
      > /etc/modprobe.conf, then use Fedora's tools regenerate the initrd.
      
      > See?  It's not rocket science, and the current configuration can be
      > easily made to work for Fedora users."
      
      (Which isn't trivial, isn't end user, shouldn't be needed, and as it usually
      breaks at install time is in fact impossible)
      
      To quote Jeff in August 2007
      
      > "   mv-ahci-pata
      > Marvell 6121/6141 PATA support.  Needs fixing in the 'PATA controller
      > command' area before it is usable, and can go upstream."
      
      Only he add the ids anyway later and caused regressions, adding a further
      id in March causing more regresions.
      
      The actual fix for the moment is very simple. If the user has included
      the pata_marvell driver let it drive the ports. If they've only selected
      for SATA support give them the AHCI driver which will run the port a fraction
      faster. Allow the user to control this decision via ahci.marvell_enable as
      a module parameter so that distributions can ship 'it works' defaults and
      smarter users (or config tools) can then flip it over it desired.
      Signed-off-by: NAlan Cox <alan@redhat.com>
      Signed-off-by: NJeff Garzik <jgarzik@redhat.com>
      5b66c829
  3. 08 9月, 2008 8 次提交
  4. 07 9月, 2008 6 次提交