- 09 9月, 2008 3 次提交
-
-
由 Marcel Holtmann 提交于
The Security Mode 4 of the Bluetooth 2.1 specification has strict authentication and encryption requirements. It is the initiators job to create a secure ACL link. However in case of malicious devices, the acceptor has to make sure that the ACL is encrypted before allowing any kind of L2CAP connection. The only exception here is the PSM 1 for the service discovery protocol, because that is allowed to run on an insecure ACL link. Previously it was enough to reject a L2CAP connection during the connection setup phase, but with Bluetooth 2.1 it is forbidden to do any L2CAP protocol exchange on an insecure link (except SDP). The new hci_conn_check_link_mode() function can be used to check the integrity of an ACL link. This functions also takes care of the cases where Security Mode 4 is disabled or one of the devices is based on an older specification. Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
-
由 Marcel Holtmann 提交于
With the introduction of Security Mode 4 and Simple Pairing from the Bluetooth 2.1 specification it became mandatory that the initiator requires authentication and encryption before any L2CAP channel can be established. The only exception here is PSM 1 for the service discovery protocol (SDP). It is meant to be used without any encryption since it contains only public information. This is how Bluetooth 2.0 and before handle connections on PSM 1. For Bluetooth 2.1 devices the pairing procedure differentiates between no bonding, general bonding and dedicated bonding. The L2CAP layer wrongly uses always general bonding when creating new connections, but it should not do this for SDP connections. In this case the authentication requirement should be no bonding and the just-works model should be used, but in case of non-SDP connection it is required to use general bonding. If the new connection requires man-in-the-middle (MITM) protection, it also first wrongly creates an unauthenticated link key and then later on requests an upgrade to an authenticated link key to provide full MITM protection. With Simple Pairing the link key generation is an expensive operation (compared to Bluetooth 2.0 and before) and doing this twice during a connection setup causes a noticeable delay when establishing a new connection. This should be avoided to not regress from the expected Bluetooth 2.0 connection times. The authentication requirements are known up-front and so enforce them. To fulfill these requirements the hci_connect() function has been extended with an authentication requirement parameter that will be stored inside the connection information and can be retrieved by userspace at any time. This allows the correct IO capabilities exchange and results in the expected behavior. Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
-
由 Marcel Holtmann 提交于
The ACL config stage keeps holding a reference count on incoming connections when requesting the extended features. This results in keeping an ACL link up without any users. The problem here is that the Bluetooth specification doesn't define an ownership of the ACL link and thus it can happen that the implementation on the initiator side doesn't care about disconnecting unused links. In this case the acceptor needs to take care of this. Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
-
- 29 8月, 2008 9 次提交
-
-
由 Linus Torvalds 提交于
-
由 Linus Torvalds 提交于
* master.kernel.org:/home/rmk/linux-2.6-arm: [ARM] 5226/1: remove unmatched comment end. [ARM] Skip memory holes in FLATMEM when reading /proc/pagetypeinfo [ARM] use bcd2bin/bin2bcd [ARM] use the new byteorder headers [ARM] OMAP: Fix 2430 SMC91x ethernet IRQ [ARM] OMAP: Add and update OMAP default configuration files [ARM] OMAP: Change mailing list for OMAP in MAINTAINERS [ARM] S3C2443: Fix the S3C2443 clock register definitions [ARM] JIVE: Fix the spi bus numbering [ARM] S3C24XX: pwm.c: stop debugging output [ARM] S3C24XX: Fix sparse warnings in pwm.c [ARM] S3C24XX: Fix spare errors in pwm-clock driver [ARM] S3C24XX: Fix sparse warnings in arch/arm/plat-s3c24xx/gpiolib.c [ARM] S3C24XX: Fix nor-simtec driver sparse errors [ARM] 5225/1: zaurus: Register I2C controller for audio codecs [ARM] orion5x: update defconfig to v2.6.27-rc4 [ARM] Orion: register UART1 on QNAP TS-209 and TS-409 [ARM] Orion: activate lm75 driver on DNS-323 [ARM] Orion: fix MAC detection on QNAP TS-209 and TS-409 [ARM] Orion: Fix boot crash on Kurobox Pro
-
git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/blackfin-2.6由 Linus Torvalds 提交于
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney/blackfin-2.6: Blackfin arch: Fix PM building on BF52x: No ROTWE on BF52x, add USBWE Blackfin arch: sram: use 'unsigned long' for irqflags Blackfin arch: let PCI depend on BROKEN Blackfin arch: move include/asm-blackfin header files to arch/blackfin Blackfin arch: fix bug - MPU crashes under stress Blackfin arch: Fix bug - when to rmmod the L1_module, it stucks and then reboot the board. Blackfin arch: dont actually need to muck with EMAC_SYSTAT for BF52x for demuxing Blackfin arch: Add MTD Partitions for MTD_DATAFLASH, increase max SPI SCLK
-
由 Linus Torvalds 提交于
Merge branch 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: exit signals: use of uninitialized field notify_count lockdep: fix invalid list_del_rcu in zap_class lockstat: repair erronous contention statistics lockstat: fix numerical output rounding error
-
由 Linus Torvalds 提交于
Merge branch 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: sched: rt-bandwidth accounting fix sched: fix sched_rt_rq_enqueue() resched idle
-
由 Linus Torvalds 提交于
Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: x86: update defconfigs x86: msr: fix bogus return values from rdmsr_safe/wrmsr_safe x86: cpuid: correct return value on partial operations x86: msr: correct return value on partial operations x86: cpuid: propagate error from smp_call_function_single() x86: msr: propagate errors from smp_call_function_single() smp: have smp_call_function_single() detect invalid CPUs
-
git://jdelvare.pck.nerim.net/jdelvare-2.6由 Linus Torvalds 提交于
* 'i2c-for-linus' of git://jdelvare.pck.nerim.net/jdelvare-2.6: i2c: Prevent log spam on some DVB adapters i2c: Add missing kerneldoc descriptions i2c: Fix device_init_wakeup place
-
由 Rafael J. Wysocki 提交于
In accordance with commit f42ac38c ("ftrace: disable tracing for suspend to ram"), disable tracing around the suspend code in hibernation code paths. Signed-off-by: NRafael J. Wysocki <rjw@sisk.pl> Acked-by: NSteven Rostedt <srostedt@redhat.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Jean-Christophe DUBOIS 提交于
remove unmatched comment end. Signed-off-by: NJean-Christophe DUBOIS <jcd@tribudubois.net> Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>
-
- 28 8月, 2008 28 次提交
-
-
由 Peter Zijlstra 提交于
It fixes an accounting bug where we would continue accumulating runtime even though the bandwidth control is disabled. This would lead to very long throttle periods once bandwidth control gets turned on again. Signed-off-by: NPeter Zijlstra <a.p.zijlstra@chello.nl> Signed-off-by: NIngo Molnar <mingo@elte.hu>
-
由 Michael Hennerich 提交于
Signed-off-by: NMichael Hennerich <michael.hennerich@analog.com> Signed-off-by: NBryan Wu <cooloney@kernel.org>
-
由 Vegard Nossum 提交于
Using just 'unsigned' will make flags an unsigned int. While this is arguably not an error on blackfin where sizeof(int) == sizeof(long), the patch is still justified on the grounds of principle. The patch was generated using the Coccinelle semantic patch framework. Cc: Julia Lawall <julia@diku.dk> Cc: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: NVegard Nossum <vegard.nossum@gmail.com> Signed-off-by: NMike Frysinger <vapier.adi@gmail.com> Signed-off-by: NBryan Wu <cooloney@kernel.org>
-
由 John Blackwood 提交于
When sysctl_sched_rt_runtime is set to something other than -1 and the CONFIG_RT_GROUP_SCHED kernel parameter is NOT enabled, we get into a state where we see one or more CPUs idling forvever even though there are real-time tasks in their rt runqueue that are able to run (no longer throttled). The sequence is: - A real-time task is running when the timer sets the rt runqueue to throttled, and the rt task is resched_task()ed and switched out, and idle is switched in since there are no non-rt tasks to run on that cpu. - Eventually the do_sched_rt_period_timer() runs and un-throttles the rt runqueue, but we just exit the timer interrupt and go back to executing the idle task in the idle loop forever. If we change the sched_rt_rq_enqueue() routine to use some of the code from the CONFIG_RT_GROUP_SCHED enabled version of this same routine and resched_task() the currently executing task (idle in our case) if it is a lower priority task than the higher rt task in the now un-throttled runqueue, the problem is no longer observed. Signed-off-by: NJohn Blackwood <john.blackwood@ccur.com> Signed-off-by: NPeter Zijlstra <a.p.zijlstra@chello.nl> Signed-off-by: NIngo Molnar <mingo@elte.hu>
-
由 Jean Delvare 提交于
Some DVB adapters do not support the special I2C transaction that we use for probing purposes. There's no point in logging this event, as there's nothing the user can do and in general there is no actual problem. So, degrade one of these messages to a debug message, and move the other one around so that it is only printed on bogus drivers. Signed-off-by: NJean Delvare <khali@linux-fr.org> Acked-by: NUwe Bugla <uwe.bugla@gmx.de>
-
由 Jean Delvare 提交于
Add missing kernel descriptions of struct i2c_driver members. Signed-off-by: NJean Delvare <khali@linux-fr.org> Acked-by: NRandy Dunlap <rdunlap@xenotime.net> Cc: David Brownell <david-b@pacbell.net>
-
由 Marc Pignat 提交于
device_init_wakeup must be called after device_register. Signed-off-by: NMarc Pignat <marc.pignat@hevs.ch> Acked-by: NDavid Brownell <david-b@pacbell.net> Signed-off-by: NJean Delvare <khali@linux-fr.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6由 Linus Torvalds 提交于
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (55 commits) sctp: fix random memory dereference with SCTP_HMAC_IDENT option. sctp: correct bounds check in sctp_setsockopt_auth_key wan: Missing capability checks in sbni_ioctl() e100, fix iomap read qeth: preallocated header account offset qeth: l2 write unicast list to hardware qeth: use -EOPNOTSUPP instead of -ENOTSUPP. ibm_newemac: Don't call dev_mc_add() before device is registered net: don't grab a mutex within a timer context in gianfar forcedeth: fix checksum flag net/usb/mcs7830: add set_mac_address net/usb/mcs7830: new device IDs [netdrvr] smc91x: fix resource removal (null ptr deref) ibmveth: fix bad UDP checksums [netdrvr] hso: dev_kfree_skb crash fix [netdrvr] hso: icon 322 detection fix atl1: disable TSO by default atl1e: multistatement if missing braces igb: remove 82576 quad adapter drivers/net/skfp/ess.c: fix compile warnings ...
-
由 Vlad Yasevich 提交于
The number of identifiers needs to be checked against the option length. Also, the identifier index provided needs to be verified to make sure that it doesn't exceed the bounds of the array. Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Vlad Yasevich 提交于
The bonds check to prevent buffer overlflow was not exactly right. It still allowed overflow of up to 8 bytes which is sizeof(struct sctp_authkey). Since optlen is already checked against the size of that struct, we are guaranteed not to cause interger overflow either. Signed-off-by: NVlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Russell King 提交于
-
由 Vladimir Sokolovsky 提交于
Initialize the L_Key and R_Key for memory regions returned from mlx4_ib_alloc_fast_reg_mr(). Otherwise callers just get garbage for the memory keys and can't do anything useful with these MRs. Signed-off-by: NVladimir Sokolovsky <vlad@mellanox.co.il> Signed-off-by: NRoland Dreier <rolandd@cisco.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog由 Linus Torvalds 提交于
* git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog: [WATCHDOG] removed unused #include <version.h> [WATCHDOG] at91rm9200_wdt.c: fix misleading indentation [WATCHDOG] mpc8xxx_wdt: fix modular build [WATCHDOG] hpwdt.c kdebug support [WATCHDOG] Add support for the IDT RC32434 watchdog [WATCHDOG] Add support for the built-int RDC R-321x SoC watchdog [WATHDOG] delete unused driver mpc8xx_wdt.c [WATCHDOG] Fix s3c2410_wdt driver coding style issues [WATCHDOG] Clean out header of s3c2410_wdt driver. [WATCHDOG] Fix NULL usage in s3c2410_wdt driver.
-
由 Alan Cox 提交于
Kanru Chen posted a patch versus the old code which deals with the case where you resize the pty side of a pty/tty pair. In that situation the termios data is updated for both pty and tty but the locks are not held for the right side. This implements the fix differently against the updated tty code. Patch by self but the hard bit (noticing and fixing the bug) is thanks to Kanru Chen. Signed-off-by: NAlan Cox <alan@redhat.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Alan Cox 提交于
The termios settings ioctls on a pty should affect the bound tty side not the pty. The SOFTCAR ioctls use the wrong device file. Signed-off-by: NAlan Cox <alan@redhat.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6由 Linus Torvalds 提交于
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: [CIFS] Add destroy routine for dns_resolver [CIFS] Reorder cifs config item for better clarity [CIFS] Correct keys dependency for cifs kerberos support
-
git://git.kernel.org/pub/scm/linux/kernel/git/penberg/slab-2.6由 Linus Torvalds 提交于
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg/slab-2.6: slub: Disable NUMA remote node defragmentation by default
-
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6由 Linus Torvalds 提交于
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: [PATCH] deal with the first call of ->show() generating no output [PATCH] fix ->llseek() for a bunch of directories [PATCH] fix regular readdir() and friends [PATCH] fix hpux_getdents() [PATCH] fix osf_getdirents() [PATCH] ntfs: use d_add_ci [PATCH] change d_add_ci argument ordering [PATCH] fix efs_lookup() [PATCH] proc: inode number fixlet
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6由 Linus Torvalds 提交于
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6: sparc: Add target for a stripped kernel sparc64: Make NUMA depend upon SMP.
-
git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6由 Linus Torvalds 提交于
* 'drm-patches' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6: drm: don't set the signal blocker on the master process. drm: don't call the vblank tasklet with irqs disabled. r300: Fix cliprect emit drm/radeon: r300_cmdbuf: Always emit INDX_BUFFER immediately after DRAW_INDEX radeon: fix some hard lockups on r3/4/500s
-
由 Jeff Layton 提交于
Otherwise, we're leaking the payload memory. CC: Stable Kernel <stable@vger.kernel.org> Acked-by: NDavid Howells <dhowells@redhat.com> Signed-off-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NSteve French <sfrench@us.ibm.com>
-
由 Linus Torvalds 提交于
Here's the patch. It shrinks the stack from 1152 bytes to 192 bytes (the first version, that only did the e1000_option part, got it down to 600 bytes). About half comes from not using multiple "e1000_option" structures, the other half comes from turning the "e1000_opt_list[]" arrays into "static const" instead, so that gcc doesn't copy them onto the stack. Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org> Reveiewed-by: NAuke Kok <auke-jan.h.kok@intel.com> Tested-by: NEmil Tantilov <emil.s.tantilov@intel.com> Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.dk/linux-2.6-block由 Linus Torvalds 提交于
* 'for-linus' of git://git.kernel.dk/linux-2.6-block: block: remove blk_queue_tag_depth() and blk_queue_tag_queue() block: remove unused ->busy part of the block queue tag map bio: fix __bio_copy_iov() handling of bio->bv_len bio: fix bio_copy_kern() handling of bio->bv_len block: submit_bh() inadvertently discards barrier flag on a sync write block: clean up cmdfilter sysfs interface block: rename blk_scsi_cmd_filter to blk_cmd_filter sg: restore command permission for TYPE_SCANNER block: move cmdfilter from gendisk to request_queue
-
git://git.kernel.org/pub/scm/linux/kernel/git/mfasheh/ocfs2由 Linus Torvalds 提交于
* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mfasheh/ocfs2: ocfs2: Increment the reference count of an already-active stack. [PATCH] configfs: Consolidate locking around configfs_detach_prep() in configfs_rmdir() ocfs2: correctly set i_blocks after inline dir gets expanded ocfs2: Jump to correct label in ocfs2_expand_inline_dir() ocfs2: Fix sleep-with-spinlock recovery regression [PATCH] ocfs2/cluster/netdebug.c: fix warning [PATCH] ocfs2/cluster/tcp.c: make some functions static
-
git://git390.osdl.marist.edu/pub/scm/linux-2.6由 Linus Torvalds 提交于
* 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6: [S390] dcss: fix build bug. [S390] Fix linker script.
-
由 Steven Rostedt 提交于
I've been painstakingly debugging the issue with suspend to ram and ftraced. The 2.6.28 code does not have this issue, but since the mcount recording is not going to be in 27, this must be solved for the ftrace daemon version. The resume from suspend to ram would reboot because it was triple faulting. Debugging further, I found that calling the mcount function itself was not an issue, but it would fault when it incremented preempt_count. preempt_count is on the tasks info structure that is on the low memory address of the task's stack. For some reason, it could not write to it. Resuming out of suspend to ram does quite a lot of funny tricks to get to work, so it is not surprising at all that simply doing a preempt_disable() would cause a fault. Thanks to Rafael for suggesting to add a "while (1);" to find the place in resuming that is causing the fault. I would place the loop somewhere in the code, compile and reboot and see if it would either reboot (hit the fault) or simply hang (hit the loop). Doing this over and over again, I narrowed it down that it was happening in enable_nonboot_cpus. At this point, I found that it is easier to simply disable tracing around the suspend code, instead of searching for the particular function that can not handle doing a preempt_disable. This patch disables the tracer as it suspends and reenables it on resume. I tested this patch on my Laptop, and it can resume fine with the patch. Signed-off-by: NSteven Rostedt <srostedt@redhat.com> Acked-by: NRafael J. Wysocki <rjw@sisk.pl> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Linus Torvalds 提交于
This reverts commit 5b6155ee, because the block device ioctl's really aren't ready for it. In particular, the "struct file *" and the "struct inode *" arguments do not necessarily match, which means that the unlocked version of the ioctl (that only gets a "struct file *") isn't actually able to handle the cases it needs to handle. This fixes bugzilla http://bugzilla.kernel.org/show_bug.cgi?id=11401Reported-and-bisected-by: NLaurent Riffard <laurent.riffard@free.fr> Acked-by: NPeter Osterlund <petero2@telia.com> Cc: Alan Cox <alan@redhat.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Jens Axboe <jens.axboe@oracle.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Mel Gorman 提交于
Ordinarily, memory holes in flatmem still have a valid memmap and is safe to use. However, an architecture (ARM) frees up the memmap backing memory holes on the assumption it is never used. /proc/pagetypeinfo reads the whole range of pages in a zone believing that the memmap is valid and that pfn_valid will return false if it is not. On ARM, freeing the memmap breaks the page->zone linkages even though pfn_valid() returns true and the kernel can oops shortly afterwards due to accessing a bogus struct zone *. This patch lets architectures say when FLATMEM can have holes in the memmap. Rather than an expensive check for valid memory, /proc/pagetypeinfo will confirm that the page linkages are still valid by checking page->zone is still the expected zone. The lookup of page_zone is safe as there is a limited range of memory that is accessed when calling page_zone. Even if page_zone happens to return the correct zone, the impact is that the counters in /proc/pagetypeinfo are slightly off but fragmentation monitoring is unlikely to be relevant on an embedded system. Reported-by: NH Hartley Sweeten <hsweeten@visionengravers.com> Signed-off-by: NMel Gorman <mel@csn.ul.ie> Tested-by: NH Hartley Sweeten <hsweeten@visionengravers.com> Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>
-