- 25 8月, 2006 11 次提交
-
-
由 David Howells 提交于
Check the bounds of length specifiers more thoroughly in the XDR decoding of NFS4 readdir reply data. Currently, if the server returns a bitmap or attr length that causes the current decode point pointer to wrap, this could go undetected (consider a small "negative" length on a 32-bit machine). Also add a check into the main XDR decode handler to make sure that the amount of data is a multiple of four bytes (as specified by RFC-1014). This makes sure that we can do u32* pointer subtraction in the NFS client without risking an undefined result (the result is undefined if the pointers are not correctly aligned with respect to one another). Signed-Off-By: NDavid Howells <dhowells@redhat.com> Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> (cherry picked from 5861fddd64a7eaf7e8b1a9997455a24e7f688092 commit)
-
由 J. Bruce Fields 提交于
Neil Brown observed that the current limit of 32 bytes isn't enough to hold two ip addresses and the rest of the stuff we're putting in it, so it's often truncated to the point where it's unlikely to be unique. This can cause spurious CLID_INUSE's from the server. Signed-off-by: NJ. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> (cherry picked from fc8c17ec251e984ab3df9182ed097aa5b577c915 commit)
-
由 Chuck Lever 提交于
Some hardware uses port 664 for its hardware-based IPMI listener. Teach the RPC client to avoid using that port by raising the default minimum port number to 665. Test plan: Find a mainboard known to use port 664 for IPMI; enable IPMI; mount NFS servers in a tight loop. Signed-off-by: NChuck Lever <chuck.lever@oracle.com> Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> (cherry picked from 58e8cb3a035d22fc386e1c53a5d98c3f219530fb commit)
-
由 Trond Myklebust 提交于
The problem is that we may be caching writes that would extend the file and create a hole in the region that we are reading. In this case, we need to detect the eof from the server, ensure that we zero out the pages that are part of the hole and mark them as up to date. Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> (cherry picked from 856b603b01b99146918c093969b6cb1b1b0f1c01 commit)
-
由 Trond Myklebust 提交于
nlm_traverse_files() is not allowed to hold the nlm_file_mutex while calling nlm_inspect file, since it may end up calling nlm_release_file() when releaseing the blocks. Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> (cherry picked from e558d3cde986e04f68afe8c790ad68ef4b94587a commit)
-
由 Trond Myklebust 提交于
rpc_unlink() and rpc_rmdir() will dput the dentry reference for you. Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> (cherry picked from a05a57effa71a1f67ccbfc52335c10c8b85f3f6a commit)
-
由 Trond Myklebust 提交于
A prior call to rpc_depopulate() by rpc_rmdir() on the parent directory may have already called simple_unlink() on this entry. Add the same check to rpc_rmdir(). Also remove a redundant call to rpc_close_pipes() in rpc_rmdir. Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> (cherry picked from 0bbfb9d20f6437c4031aa3bf9b4d311a053e58e3 commit)
-
由 Trond Myklebust 提交于
Make it take a dentry argument instead of a path Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> (cherry picked from 648d4116eb2509f010f7f34704a650150309b3e7 commit)
-
由 Trond Myklebust 提交于
Signe-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> (cherry picked from 88bf6d811b01a4be7fd507d18bf5f1c527989089 commit)
-
由 ASANO Masahiro 提交于
I'm trying to speeding up mkdir(2) for network file systems. A typical mkdir(2) calls two inode_operations: lookup and mkdir. The lookup operation would fail with ENOENT in common case. I think it is unnecessary because the subsequent mkdir operation can check it. In case of creat(2), lookup operation is called with the LOOKUP_CREATE flag, so individual filesystem can omit real lookup. e.g. nfs_lookup(). Here is a sample patch which uses LOOKUP_CREATE and O_EXCL on mkdir, symlink and mknod. This uses the gadget for creat(2). And here is the result of a benchmark on NFSv3. mkdir(2) 10,000 times: original 50.5 sec patched 29.0 sec Signed-off-by: NASANO Masahiro <masano@tnes.nec.co.jp> Signed-off-by: NAndrew Morton <akpm@osdl.org> Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> (cherry picked from fab7bf44449b29f9d5572a5dd8adcf7c91d5bf0f commit)
-
由 Nikita Danilov 提交于
nfs_wb_page() waits on request completion and, as a result, is not safe to be called from nfs_release_page() invoked by VM scanner as part of GFP_NOFS allocation. Fix possible deadlock by analyzing gfp mask and refusing to release page if __GFP_FS is not set. Signed-off-by: NNikita Danilov <danilov@gmail.com> Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com> (cherry picked from 374d969debfb290bafcb41d28918dc6f7e43ce31 commit)
-
- 19 8月, 2006 2 次提交
-
-
由 Greg Kroah-Hartman 提交于
-
- 18 8月, 2006 22 次提交
-
-
由 Herbert Xu 提交于
When the bridge recomputes features, it does not maintain the constraint that SG/GSO must be off if TX checksum is off. This patch adds that constraint. On a completely unrelated note, I've also added TSO6 and TSO_ECN feature bits if GSO is enabled on the underlying device through the new NETIF_F_GSO_SOFTWARE macro. Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Patrick McHardy 提交于
table->private might change because of ruleset changes, don't use it without holding the lock. Signed-off-by: NPatrick McHardy <kaber@trash.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Patrick McHardy 提交于
ip_conntrack_put must not be called while holding ip_conntrack_lock since destroy_conntrack takes it again. Signed-off-by: NPatrick McHardy <kaber@trash.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jon Loeliger 提交于
Add 'linux,phandle' entry to i8259@4d0 node. Signed-off-by: NZhang Wei <wei.zhang@freescale.com> Signed-off-by: NJon Loeliger <jdl@freescale.com> Signed-off-by: NPaul Mackerras <paulus@samba.org>
-
由 Jon Loeliger 提交于
Also fix 80-column run-over. Signed-off-by: NJon Loeliger <jdl@freescale.com> Signed-off-by: NPaul Mackerras <paulus@samba.org>
-
由 Jon Loeliger 提交于
As per list discussion, let's add device tree source files under powerpc/boot/dts. If nothing else, it is a starting point. Signed-off-by: NJon Loeliger <jdl@freescale.com> Signed-off-by: NPaul Mackerras <paulus@samba.org>
-
由 Jon Loeliger 提交于
Also accept "local-mac-address". However the old "address" is now obsolete, but accepted for backwards compatibility. It should be removed after all device trees have been converted to use "mac-address". Signed-off-by: NJon Loeliger <jdl@freescale.com> Signed-off-by: NPaul Mackerras <paulus@samba.org>
-
由 Alexey Kuznetsov 提交于
Found in 2.4 by Yixin Pan <yxpan@hotmail.com>. > When I read fib_semantics.c of Linux-2.4.32, write_lock(&fib_info_lock) = > is used in fib_release_info() instead of write_lock_bh(&fib_info_lock). = > Is the following case possible: a BH interrupts fib_release_info() while = > holding the write lock, and calls ip_check_fib_default() which calls = > read_lock(&fib_info_lock), and spin forever. Signed-off-by: NAlexey Kuznetsov <kuznet@ms2.inr.ac.ru> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David L Stevens 提交于
This fixes source filter leakage when a device is removed and a process leaves the group thereafter. This also includes corresponding fixes for IPv6 multicast source filters on device removal. Signed-off-by: NDavid L Stevens <dlstevens@us.ibm.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David S. Miller 提交于
It causes way too much trouble and confusion in userspace. Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Panagiotis Issaris 提交于
The PPP code contains two kmalloc()s followed by memset()s without handling a possible memory allocation failure. (Suggested by Joe Perches). And furthermore, conversions from kmalloc+memset to kzalloc. [akpm@osdl.org: fix error-path leak] [akpm@osdl.org: cleanups] [paulus@samba.org: don't add useless printk and cardmap_destroy calls] Signed-off-by: NPanagiotis Issaris <takis@issaris.org> Signed-off-by: NAndrew Morton <akpm@osdl.org> Signed-off-by: NPaul Mackerras <paulus@samba.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Ralf Hildebrandt 提交于
Signed-off-by: NRalf Hildebrandt <Ralf.Hildebrandt@charite.de> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Kevin Hilman 提交于
atm_proc_exit() is declared as __exit, and thus in .exit.text. On some architectures (ARM) .exit.text is discarded at compile time, and since atm_proc_exit() is called by some other __init functions, it results in a link error. Signed-off-by: NKevin Hilman <khilman@mvista.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Michael Chan 提交于
Convert dev_alloc_skb() to netdev_alloc_skb() and increase default rx ring size to 255. The old ring size of 100 was too small. Update version to 1.4.44. Signed-off-by: NMichael Chan <mchan@broadcom.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Michael Chan 提交于
Fix a subtle race condition between bnx2_start_xmit() and bnx2_tx_int() similar to the one in tg3 discovered by Herbert Xu: CPU0 CPU1 bnx2_start_xmit() if (tx_ring_full) { tx_lock bnx2_tx() if (!netif_queue_stopped) netif_stop_queue() if (!tx_ring_full) update_tx_ring netif_wake_queue() tx_unlock } Even though tx_ring is updated before the if statement in bnx2_tx_int() in program order, it can be re-ordered by the CPU as shown above. This scenario can cause the tx queue to be stopped forever if bnx2_tx_int() has just freed up the entire tx_ring. The possibility of this happening should be very rare though. The following changes are made, very much identical to the tg3 fix: 1. Add memory barrier to fix the above race condition. 2. Eliminate the private tx_lock altogether and rely solely on netif_tx_lock. This eliminates one spinlock in bnx2_start_xmit() when the ring is full. 3. Because of 2, use netif_tx_lock in bnx2_tx_int() before calling netif_wake_queue(). 4. Add memory barrier to bnx2_tx_avail(). 5. Add bp->tx_wake_thresh which is set to half the tx ring size. 6. Check for the full wake queue condition before getting netif_tx_lock in tg3_tx(). This reduces the number of unnecessary spinlocks when the tx ring is full in a steady-state condition. Signed-off-by: NMichael Chan <mchan@broadcom.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Jan "Yenya" Kasprzak 提交于
this minor patch fixes the description of net.ipv4.tcp_mem sysctl in ip-sysctl.txt - the headline names the values "min, pressure, max", while the description uses the "low, pressure, high" values. Both tcp_rmem and tcp_wmem descriptions use the "min, pressure, max" values, so I have changed the tcp_mem to match this and not vice versa. Signed-off-by: NJan "Yenya" Kasprzak <kas@fi.muni.cz> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Michal Ruzicka 提交于
There is a leak of a socket's multicast source filter list structure on closing a socket with a multicast source filter set on an interface that does not exist any more. Signed-off-by: NMichal Ruzicka <michal.ruzicka@comstar.cz> Acked-by: NDavid L Stevens <dlstevens@us.ibm.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Ingo Molnar 提交于
Split off __icmpv6_socket's sk->sk_dst_lock class, because it gets used from softirqs, which is safe for __icmpv6_sockets (because they never get directly used via userspace syscalls), but unsafe for normal sockets. Has no effect on non-lockdep kernels. Signed-off-by: NIngo Molnar <mingo@elte.hu> Acked-by: NHerbert Xu <herbert@gondor.apana.org.au> Signed-off-by: NAndrew Morton <akpm@osdl.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Andrew Morton 提交于
It needs netfilter_bridge.h for brnf_deferred_hooks Signed-off-by: NAndrew Morton <akpm@osdl.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Suresh Siddha 提交于
On High end systems (1024 or so cpus) this can potentially cause stack overflow. Fix the stack usage. Signed-off-by: NSuresh Siddha <suresh.b.siddha@intel.com> Signed-off-by: NAndrew Morton <akpm@osdl.org> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 David S. Miller 提交于
Since __vlan_hwaccel_rx() is essentially bypassing the netif_receive_skb() call that would have occurred if we did the VLAN decapsulation in software, we are missing the skb_bond() call and the assosciated checks it does. Export those checks via an inline function, skb_bond_should_drop(), and use this in __vlan_hwaccel_rx(). Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Olof Johansson 提交于
Clear HID0[en_attn] at CPU init time on PPC970. Closes CVE-2006-4093. Signed-off-by: NOlof Johansson <olof@lixom.net> Signed-off-by: NPaul Mackerras <paulus@samba.org>
-
- 17 8月, 2006 5 次提交
-
-
由 Benjamin Herrenschmidt 提交于
The code for using the radix tree for reverse mapping of interrupts has a typo that causes it to create incorrect mappings if the software and hardware numbers happen to be different. This would, among others, cause the IDE interrupt to fail on js20's. This fixes it. Signed-off-by: NBenjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: NPaul Mackerras <paulus@samba.org>
-
- On archs that have no-exec support, we vmalloc() a executable scratch area of PAGE_SIZE and divide it up into an array of slots of maximum instruction size for that arch - On a kprobe registration, the original instruction is copied to the first available free slot, so if multiple kprobes are registered, chances are, they get contiguous slots - On POWER4, due to not having coherent icaches, we could hit a situation where a probe that is registered on one processor, is hit immediately on another. This second processor could have fetched the stream of text from the out-of-line single-stepping area *before* the probe registration completed, possibly due to an earlier (and a different) kprobe hit and hence would see stale data at the slot. Executing such an arbitrary instruction lead to a problem as reported in LTC bugzilla 23555. The correct solution is to call flush_icache_range() as soon as the instruction is copied for out-of-line single-stepping, so the correct instruction is seen on all processors. Thanks to Will Schmidt who tracked this down. Signed-off-by: NAnanth N Mavinakayanahalli <ananth@in.ibm.com> Acked-by: NWill Schmidt <will_schmidt@vnet.ibm.com> Signed-off-by: NPaul Mackerras <paulus@samba.org>
-
由 Michael Ellerman 提交于
To compile kexec on 32-bit we need a few more bits and pieces. Rather than add empty definitions, we can make crash.c work on 32-bit, with only a couple of kludges. Signed-off-by: NMichael Ellerman <michael@ellerman.id.au> Signed-off-by: NPaul Mackerras <paulus@samba.org>
-
由 Michael Ellerman 提交于
We're missing a few functions for kexec to compile on 32-bit. There's nothing really 64-bit specific about the 64-bit versions, so make them generic rather than adding empty definitions for 32-bit. Signed-off-by: NMichael Ellerman <michael@ellerman.id.au> Signed-off-by: NPaul Mackerras <paulus@samba.org>
-
由 Will Schmidt 提交于
Updating the defconfigs for iseries, pseries, and G5. Sticking with the defaults, with the following exceptions: I've turned off HW_RANDOM for all three configs. For G5, I've enabled SND_AOA and friends as modules; this includes the FABRIC_LAYOUT, ONYX, TAS, TOONIE and SOUNDBUS* config options. Signed-off-by: NWill Schmidt <will_schmidt@vnet.ibm.com> Signed-off-by: NPaul Mackerras <paulus@samba.org>
-