- 05 3月, 2011 22 次提交
-
-
由 Marek Lindner 提交于
Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
It might be possible that 2 threads access the same data in the same rcu grace period. The first thread calls call_rcu() to decrement the refcount and free the data while the second thread increases the refcount to use the data. To avoid this race condition all refcount operations have to be atomic. Reported-by: NSven Eckelmann <sven@narfation.org> Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
Note: The function compare_ether_addr() provided by the Linux kernel requires aligned memory. Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Linus Lüssing 提交于
When printing the soft interface table the number of entries in the softif neigh list are first being counted and a fitting buffer allocated. After that the softif neigh list gets locked again and the buffer printed - which has the following two issues: For one thing, the softif neigh list might have grown when reacquiring the rcu lock, which results in writing outside of the allocated buffer. Furthermore 31 Bytes are not enough for printing an entry with a vid of more than 2 digits. The manual buffering is unnecessary, we can safely print to the seq directly during the rcu_read_lock(). Signed-off-by: NLinus Lüssing <linus.luessing@ascom.ch> Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Linus Lüssing 提交于
When unicast_send_skb() is increasing the orig_node's refcount another thread might have been freeing this orig_node already. We need to increase the refcount in the rcu read lock protected area to avoid that. Signed-off-by: NLinus Lüssing <linus.luessing@ascom.ch> Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Linus Lüssing 提交于
The rcu protected macros rcu_dereference() and rcu_assign_pointer() for the bat_priv->curr_gw need to be used, as well as spin/rcu locking. Otherwise we might end up using a curr_gw pointer pointing to already freed memory. Reported-by: NSven Eckelmann <sven@narfation.org> Signed-off-by: NLinus Lüssing <linus.luessing@ascom.ch> Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
Batman-adv could receive several payload broadcasts at the same time that would trigger access to the broadcast seqno sliding window to determine whether this is a new broadcast or not. If these incoming broadcasts are accessing the sliding window simultaneously it could be left in an inconsistent state. Therefore it is necessary to make sure this access is atomic. Reported-by: NLinus Lüssing <linus.luessing@web.de> Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
Reported-by: NLinus Lüssing <linus.luessing@saxnet.de> Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
It might be possible that 2 threads access the same data in the same rcu grace period. The first thread calls call_rcu() to decrement the refcount and free the data while the second thread increases the refcount to use the data. To avoid this race condition all refcount operations have to be atomic. Reported-by: NSven Eckelmann <sven@narfation.org> Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
It might be possible that 2 threads access the same data in the same rcu grace period. The first thread calls call_rcu() to decrement the refcount and free the data while the second thread increases the refcount to use the data. To avoid this race condition all refcount operations have to be atomic. Reported-by: NSven Eckelmann <sven@narfation.org> Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
It might be possible that 2 threads access the same data in the same rcu grace period. The first thread calls call_rcu() to decrement the refcount and free the data while the second thread increases the refcount to use the data. To avoid this race condition all refcount operations have to be atomic. Reported-by: NSven Eckelmann <sven@narfation.org> Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
It might be possible that 2 threads access the same data in the same rcu grace period. The first thread calls call_rcu() to decrement the refcount and free the data while the second thread increases the refcount to use the data. To avoid this race condition all refcount operations have to be atomic. Reported-by: NSven Eckelmann <sven@narfation.org> Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Simon Wunderlich 提交于
bonding / alternating candidates need to be secured by rcu locks as well. This patch therefore converts the bonding list from a plain pointer list to a rcu securable lists and references the bonding candidates. Signed-off-by: NSimon Wunderlich <siwu@hrz.tu-chemnitz.de> Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
hardif_disable_interface() calls purge_orig_ref() to immediately free all neighbors associated with the interface that is going down. purge_orig_neighbors() checked if the interface status is IF_INACTIVE which is set to IF_NOT_IN_USE shortly before calling purge_orig_ref(). Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
由 Marek Lindner 提交于
Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de>
-
- 15 2月, 2011 1 次提交
-
-
由 Jesper Juhl 提交于
Remove duplicate inclusion of "send.h" and "routing.h" from net/batman-adv/soft-interface.c Signed-off-by: NJesper Juhl <jj@chaosbits.net> Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
- 12 2月, 2011 3 次提交
-
-
由 Linus Lüssing 提交于
For a host in the mesh network, the batman layer should be transparent. However, we had one exception, data packets within the mesh network which have the same destination as a originator are being routed to that node, although there is no host that node's bat0 interface and therefore gets dropped anyway. This commit removes this exception. Signed-off-by: NLinus Lüssing <linus.luessing@ascom.ch> Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Linus Lüssing 提交于
types.h is included by main.h, which is included at the beginning of any other c-file anyway. Therefore this commit removes those duplicate inclussions. Signed-off-by: NLinus Lüssing <linus.luessing@ascom.ch> Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Marek Lindner 提交于
Multiple variable declarations in a single statements over multiple lines can be split into multiple variable declarations without changing the actual behavior. Signed-off-by: NMarek Lindner <lindner_marek@yahoo.de> Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
- 11 2月, 2011 1 次提交
-
-
由 Sven Eckelmann 提交于
The two fragments of an unicast packet must have successive sequence numbers to allow the receiver side to detect matching fragments and merge them again. The current implementation doesn't provide that property because a sequence of two atomic_inc_return may be interleaved with another sequence which also changes the variable. The access to the fragment sequence number pool has either to be protected by correct locking or it has to reserve two sequence numbers in a single fetch. The latter one can easily be done by increasing the value of the last used sequence number by 2 in a single step. The generated window of two currently unused sequence numbers can now be scattered across the two fragments. Reported-by: NLinus Lüssing <linus.luessing@web.de> Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
- 31 1月, 2011 9 次提交
-
-
由 Sven Eckelmann 提交于
Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Sven Eckelmann 提交于
Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Sven Eckelmann 提交于
Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Sven Eckelmann 提交于
batman_skb_recv can be defined in hard-interface.c as static because it is never used outside of that file. Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Sven Eckelmann 提交于
Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Sven Eckelmann 提交于
Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Simon Wunderlich 提交于
Some function parameters are obsolete now and can be removed. Reported-by: NSven Eckelmann <sven@narfation.org> Signed-off-by: NSimon Wunderlich <siwu@hrz.tu-chemnitz.de> Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Sven Eckelmann 提交于
The routing algorithm must be able to decide if a fragment can be merged with the missing part and still be passed to a forwarding interface. The fragments can only differ by one byte in case that the original payload had an uneven length. In that situation the sender has to inform all possible receivers that the tail is one byte longer using the flag UNI_FRAG_LARGETAIL. The combination of UNI_FRAG_LARGETAIL and UNI_FRAG_HEAD flag makes it possible to calculate the correct length for even and uneven sized payloads. The original formula missed to add the unicast header at all and forgot to remove the fragment header of the second fragment. This made the results highly unreliable and only useful for machines with large differences between the configured MTUs. Reported-by: NRussell Senior <russell@personaltelco.net> Reported-by: NMarek Lindner <lindner_marek@yahoo.de> Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
由 Sven Eckelmann 提交于
The routing algorithm must know how large two fragments are to be able to decide that it is safe to merge them or if it should resubmit without waiting for the second part. When these two fragments have a too different size, it is not possible to guess right in every situation. The user could easily configure the MTU of the attached cards so that one fragment is forwarded and the other one is added to the fragments table to wait for the missing part. For even sized packets, it is possible to split it so that the resulting packages are equal sized by ignoring the old non-fragment header at the beginning of the original packet. This still creates different sized fragments for uneven sized packets. Reported-by: NRussell Senior <russell@personaltelco.net> Reported-by: NMarek Lindner <lindner_marek@yahoo.de> Signed-off-by: NSven Eckelmann <sven@narfation.org>
-
- 22 1月, 2011 4 次提交
-
-
由 Linus Torvalds 提交于
-
git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6由 Linus Torvalds 提交于
* 'media_fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6: (101 commits) [media] staging/lirc: fix mem leaks and ptr err usage [media] hdpvr: reduce latency of i2c read/write w/recycled buffer [media] hdpvr: enable IR part [media] rc/mceusb: timeout should be in ns, not us [media] v4l2-device: fix 'use-after-freed' oops [media] v4l2-dev: don't memset video_device.dev [media] zoran: use video_device_alloc instead of kmalloc [media] w9966: zero device state after a detach [media] v4l: Fix a use-before-set in the control framework [media] v4l: Include linux/videodev2.h in media/v4l2-ctrls.h [media] DocBook/v4l: update V4L2 revision and update copyright years [media] DocBook/v4l: fix validation error in dev-rds.xml [media] v4l2-ctrls: queryctrl shouldn't attempt to replace V4L2_CID_PRIVATE_BASE IDs [media] v4l2-ctrls: fix missing 'read-only' check [media] pvrusb2: Provide more information about IR units to lirc_zilog and ir-kbd-i2c [media] ir-kbd-i2c: Add back defaults setting for Zilog Z8's at addr 0x71 [media] lirc_zilog: Update TODO.lirc_zilog [media] lirc_zilog: Add Andy Walls to copyright notice and authors list [media] lirc_zilog: Remove useless struct i2c_driver.command function [media] lirc_zilog: Remove unneeded tests for existence of the IR Tx function ...
-
由 David Howells 提交于
Fix up comments in the key management code. No functional changes. Signed-off-by: NDavid Howells <dhowells@redhat.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 David Howells 提交于
Do a bit of a style clean up in the key management code. No functional changes. Done using: perl -p -i -e 's!^/[*]*/\n!!' security/keys/*.c perl -p -i -e 's!} /[*] end [a-z0-9_]*[(][)] [*]/\n!}\n!' security/keys/*.c sed -i -s -e ": next" -e N -e 's/^\n[}]$/}/' -e t -e P -e 's/^.*\n//' -e "b next" security/keys/*.c To remove /*****/ lines, remove comments on the closing brace of a function to name the function and remove blank lines before the closing brace of a function. Signed-off-by: NDavid Howells <dhowells@redhat.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-