Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (42 commits) netpoll: fix incorrect access to skb data in __netpoll_rx cassini: init before use in cas_interruptN. can: ti_hecc: Fix uninitialized spinlock in probe can: ti_hecc: Fix unintialized variable net: sh_eth: fix the compile error net/phy: fix DP83865 phy interrupt handler sendmmsg/sendmsg: fix unsafe user pointer access ibmveth: Fix leak when recycling skb and hypervisor returns error arp: fix rcu lockdep splat in arp_process() bridge: fix a possible use after free bridge: Pseudo-header required for the checksum of ICMPv6 mcast: Fix source address selection for multicast listener report MAINTAINERS: Update GIT trees for network development ath9k: Fix PS wrappers in ath9k_set_coverage_class carl9170: Fix mismatch in carl9170_op_set_key mutex lock-unlock wl12xx: add max_sched_scan_ssids value to the hw description wl12xx: Fix validation of pm_runtime_get_sync return value wl12xx: Remove obsolete testmode NVS push command bcma: add uevent to the bus, to autoload drivers ath9k_hw: Fix STA (AR9485) bringup issue due to incorrect MAC address ...

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (42 commits) netpoll: fix incorrect access to skb data in __netpoll_rx cassini: init before use in cas_interruptN. can: ti_hecc: Fix uninitialized spinlock in probe can: ti_hecc: Fix unintialized variable net: sh_eth: fix the compile error net/phy: fix DP83865 phy interrupt handler sendmmsg/sendmsg: fix unsafe user pointer access ibmveth: Fix leak when recycling skb and hypervisor returns error arp: fix rcu lockdep splat in arp_process() bridge: fix a possible use after free bridge: Pseudo-header required for the checksum of ICMPv6 mcast: Fix source address selection for multicast listener report MAINTAINERS: Update GIT trees for network development ath9k: Fix PS wrappers in ath9k_set_coverage_class carl9170: Fix mismatch in carl9170_op_set_key mutex lock-unlock wl12xx: add max_sched_scan_ssids value to the hw description wl12xx: Fix validation of pm_runtime_get_sync return value wl12xx: Remove obsolete testmode NVS push command bcma: add uevent to the bus, to autoload drivers ath9k_hw: Fix STA (AR9485) bringup issue due to incorrect MAC address ...
Linus Torvalds
2 parents 2cd6c7f7f1 e9278a475f
Showing 39 changed files Side-by-side Diff
MAINTAINERS
drivers/bcma/main.c
drivers/bluetooth/ath3k.c
drivers/bluetooth/btusb.c
drivers/net/can/ti_hecc.c
drivers/net/cassini.c
drivers/net/ibmveth.c
drivers/net/phy/national.c
drivers/net/sh_eth.c
drivers/net/wireless/ath/ath9k/ar9003_eeprom.c
drivers/net/wireless/ath/ath9k/main.c
drivers/net/wireless/ath/carl9170/main.c
drivers/net/wireless/rt2x00/rt2x00usb.c
drivers/net/wireless/wl12xx/main.c
drivers/net/wireless/wl12xx/sdio.c
drivers/net/wireless/wl12xx/testmode.c
include/net/cfg80211.h
net/bluetooth/af_bluetooth.c
net/bluetooth/bnep/bnep.h
net/bluetooth/bnep/core.c
@@ -4450,8 +4450,8 @@
 L:	netdev@vger.kernel.org
 W:	http://www.linuxfoundation.org/en/Net
 W:	http://patchwork.ozlabs.org/project/netdev/list/
-T:	git git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.git
-T:	git git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6.git
+T:	git git://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git
+T:	git git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git
 S:	Maintained
 F:	net/
 F:	include/net/
@@ -15,6 +15,7 @@
 static int bcma_bus_match(struct device *dev, struct device_driver *drv);
 static int bcma_device_probe(struct device *dev);
 static int bcma_device_remove(struct device *dev);
+static int bcma_device_uevent(struct device *dev, struct kobj_uevent_env *env);
  
 static ssize_t manuf_show(struct device *dev, struct device_attribute *attr, char *buf)
 {
@@ -49,6 +50,7 @@
 	.match		= bcma_bus_match,
 	.probe		= bcma_device_probe,
 	.remove		= bcma_device_remove,
+	.uevent		= bcma_device_uevent,
 	.dev_attrs	= bcma_device_attrs,
 };
  
@@ -225,6 +227,16 @@
 		adrv->remove(core);
  
 	return 0;
+}
+
+static int bcma_device_uevent(struct device *dev, struct kobj_uevent_env *env)
+{
+	struct bcma_device *core = container_of(dev, struct bcma_device, dev);
+
+	return add_uevent_var(env,
+			      "MODALIAS=bcma:m%04Xid%04Xrev%02Xcl%02X",
+			      core->id.manuf, core->id.id,
+			      core->id.rev, core->id.class);
 }
  
 static int __init bcma_modinit(void)
@@ -63,6 +63,7 @@
 	/* Atheros AR3011 with sflash firmware*/
 	{ USB_DEVICE(0x0CF3, 0x3002) },
 	{ USB_DEVICE(0x13d3, 0x3304) },
+	{ USB_DEVICE(0x0930, 0x0215) },
  
 	/* Atheros AR9285 Malbec with sflash firmware */
 	{ USB_DEVICE(0x03F0, 0x311D) },
@@ -106,6 +106,7 @@
 	/* Atheros 3011 with sflash firmware */
 	{ USB_DEVICE(0x0cf3, 0x3002), .driver_info = BTUSB_IGNORE },
 	{ USB_DEVICE(0x13d3, 0x3304), .driver_info = BTUSB_IGNORE },
+	{ USB_DEVICE(0x0930, 0x0215), .driver_info = BTUSB_IGNORE },
  
 	/* Atheros AR9285 Malbec with sflash firmware */
 	{ USB_DEVICE(0x03f0, 0x311d), .driver_info = BTUSB_IGNORE },
@@ -256,7 +257,9 @@
  
 	err = usb_submit_urb(urb, GFP_ATOMIC);
 	if (err < 0) {
-		if (err != -EPERM)
+		/* -EPERM: urb is being killed;
+		 * -ENODEV: device got disconnected */
+		if (err != -EPERM && err != -ENODEV)
 			BT_ERR("%s urb %p failed to resubmit (%d)",
 						hdev->name, urb, -err);
 		usb_unanchor_urb(urb);
@@ -341,7 +344,9 @@
  
 	err = usb_submit_urb(urb, GFP_ATOMIC);
 	if (err < 0) {
-		if (err != -EPERM)
+		/* -EPERM: urb is being killed;
+		 * -ENODEV: device got disconnected */
+		if (err != -EPERM && err != -ENODEV)
 			BT_ERR("%s urb %p failed to resubmit (%d)",
 						hdev->name, urb, -err);
 		usb_unanchor_urb(urb);
@@ -431,7 +436,9 @@
  
 	err = usb_submit_urb(urb, GFP_ATOMIC);
 	if (err < 0) {
-		if (err != -EPERM)
+		/* -EPERM: urb is being killed;
+		 * -ENODEV: device got disconnected */
+		if (err != -EPERM && err != -ENODEV)
 			BT_ERR("%s urb %p failed to resubmit (%d)",
 						hdev->name, urb, -err);
 		usb_unanchor_urb(urb);
@@ -503,9 +503,9 @@
 	spin_unlock_irqrestore(&priv->mbx_lock, flags);
  
 	/* Prepare mailbox for transmission */
+	data = cf->can_dlc | (get_tx_head_prio(priv) << 8);
 	if (cf->can_id & CAN_RTR_FLAG) /* Remote transmission request */
 		data |= HECC_CANMCF_RTR;
-	data |= get_tx_head_prio(priv) << 8;
 	hecc_write_mbx(priv, mbxno, HECC_CANMCF, data);
  
 	if (cf->can_id & CAN_EFF_FLAG) /* Extended frame format */
@@ -923,6 +923,7 @@
 	priv->can.do_get_state = ti_hecc_get_state;
 	priv->can.ctrlmode_supported = CAN_CTRLMODE_3_SAMPLES;
  
+	spin_lock_init(&priv->mbx_lock);
 	ndev->irq = irq->start;
 	ndev->flags |= IFF_ECHO;
 	platform_set_drvdata(pdev, ndev);
@@ -2452,14 +2452,13 @@
 	struct net_device *dev = dev_id;
 	struct cas *cp = netdev_priv(dev);
 	unsigned long flags;
-	int ring;
+	int ring = (irq == cp->pci_irq_INTC) ? 2 : 3;
 	u32 status = readl(cp->regs + REG_PLUS_INTRN_STATUS(ring));
  
 	/* check for shared irq */
 	if (status == 0)
 		return IRQ_NONE;
  
-	ring = (irq == cp->pci_irq_INTC) ? 2 : 3;
 	spin_lock_irqsave(&cp->lock, flags);
 	if (status & INTR_RX_DONE_ALT) { /* handle rx separately */
 #ifdef USE_NAPI
@@ -395,7 +395,7 @@
 }
  
 /* recycle the current buffer on the rx queue */
-static void ibmveth_rxq_recycle_buffer(struct ibmveth_adapter *adapter)
+static int ibmveth_rxq_recycle_buffer(struct ibmveth_adapter *adapter)
 {
 	u32 q_index = adapter->rx_queue.index;
 	u64 correlator = adapter->rx_queue.queue_addr[q_index].correlator;
@@ -403,6 +403,7 @@
 	unsigned int index = correlator & 0xffffffffUL;
 	union ibmveth_buf_desc desc;
 	unsigned long lpar_rc;
+	int ret = 1;
  
 	BUG_ON(pool >= IBMVETH_NUM_BUFF_POOLS);
 	BUG_ON(index >= adapter->rx_buff_pool[pool].size);
@@ -410,7 +411,7 @@
 	if (!adapter->rx_buff_pool[pool].active) {
 		ibmveth_rxq_harvest_buffer(adapter);
 		ibmveth_free_buffer_pool(adapter, &adapter->rx_buff_pool[pool]);
-		return;
+		goto out;
 	}
  
 	desc.fields.flags_len = IBMVETH_BUF_VALID |
  
@@ -423,12 +424,16 @@
 		netdev_dbg(adapter->netdev, "h_add_logical_lan_buffer failed "
 			   "during recycle rc=%ld", lpar_rc);
 		ibmveth_remove_buffer_from_pool(adapter, adapter->rx_queue.queue_addr[adapter->rx_queue.index].correlator);
+		ret = 0;
 	}
  
 	if (++adapter->rx_queue.index == adapter->rx_queue.num_slots) {
 		adapter->rx_queue.index = 0;
 		adapter->rx_queue.toggle = !adapter->rx_queue.toggle;
 	}
+
+out:
+	return ret;
 }
  
 static void ibmveth_rxq_harvest_buffer(struct ibmveth_adapter *adapter)
  
@@ -1084,8 +1089,9 @@
 				if (rx_flush)
 					ibmveth_flush_buffer(skb->data,
 						length + offset);
+				if (!ibmveth_rxq_recycle_buffer(adapter))
+					kfree_skb(skb);
 				skb = new_skb;
-				ibmveth_rxq_recycle_buffer(adapter);
 			} else {
 				ibmveth_rxq_harvest_buffer(adapter);
 				skb_reserve(skb, offset);
@@ -25,8 +25,9 @@
 /* DP83865 phy identifier values */
 #define DP83865_PHY_ID	0x20005c7a
  
-#define DP83865_INT_MASK_REG 0x15
-#define DP83865_INT_MASK_STATUS 0x14
+#define DP83865_INT_STATUS	0x14
+#define DP83865_INT_MASK	0x15
+#define DP83865_INT_CLEAR	0x17
  
 #define DP83865_INT_REMOTE_FAULT 0x0008
 #define DP83865_INT_ANE_COMPLETED 0x0010
  
  
  
@@ -68,21 +69,25 @@
 	int err;
  
 	if (phydev->interrupts == PHY_INTERRUPT_ENABLED)
-		err = phy_write(phydev, DP83865_INT_MASK_REG,
+		err = phy_write(phydev, DP83865_INT_MASK,
 				DP83865_INT_MASK_DEFAULT);
 	else
-		err = phy_write(phydev, DP83865_INT_MASK_REG, 0);
+		err = phy_write(phydev, DP83865_INT_MASK, 0);
  
 	return err;
 }
  
 static int ns_ack_interrupt(struct phy_device *phydev)
 {
-	int ret = phy_read(phydev, DP83865_INT_MASK_STATUS);
+	int ret = phy_read(phydev, DP83865_INT_STATUS);
 	if (ret < 0)
 		return ret;
  
-	return 0;
+	/* Clear the interrupt status bit by writing a “1”
+	 * to the corresponding bit in INT_CLEAR (2:0 are reserved) */
+	ret = phy_write(phydev, DP83865_INT_CLEAR, ret & ~0x7);
+
+	return ret;
 }
  
 static void ns_giga_speed_fallback(struct phy_device *phydev, int mode)
@@ -31,6 +31,7 @@
 #include <linux/phy.h>
 #include <linux/cache.h>
 #include <linux/io.h>
+#include <linux/interrupt.h>
 #include <linux/pm_runtime.h>
 #include <linux/slab.h>
 #include <linux/ethtool.h>
@@ -69,7 +69,7 @@
 static const struct ar9300_eeprom ar9300_default = {
 	.eepromVersion = 2,
 	.templateVersion = 2,
-	.macAddr = {1, 2, 3, 4, 5, 6},
+	.macAddr = {0, 2, 3, 4, 5, 6},
 	.custData = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
 		     0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
 	.baseEepHeader = {
@@ -2283,7 +2283,11 @@
  
 	mutex_lock(&sc->mutex);
 	ah->coverage_class = coverage_class;
+
+	ath9k_ps_wakeup(sc);
 	ath9k_hw_init_global_settings(ah);
+	ath9k_ps_restore(sc);
+
 	mutex_unlock(&sc->mutex);
 }
  
@@ -1066,8 +1066,10 @@
 	 * the high througput speed in 802.11n networks.
 	 */
  
-	if (!is_main_vif(ar, vif))
+	if (!is_main_vif(ar, vif)) {
+		mutex_lock(&ar->mutex);
 		goto err_softw;
+	}
  
 	/*
 	 * While the hardware supports *catch-all* key, for offloading
@@ -871,18 +871,8 @@
 {
 	struct ieee80211_hw *hw = usb_get_intfdata(usb_intf);
 	struct rt2x00_dev *rt2x00dev = hw->priv;
-	int retval;
  
-	retval = rt2x00lib_suspend(rt2x00dev, state);
-	if (retval)
-		return retval;
-
-	/*
-	 * Decrease usbdev refcount.
-	 */
-	usb_put_dev(interface_to_usbdev(usb_intf));
-
-	return 0;
+	return rt2x00lib_suspend(rt2x00dev, state);
 }
 EXPORT_SYMBOL_GPL(rt2x00usb_suspend);
  
@@ -890,8 +880,6 @@
 {
 	struct ieee80211_hw *hw = usb_get_intfdata(usb_intf);
 	struct rt2x00_dev *rt2x00dev = hw->priv;
-
-	usb_get_dev(interface_to_usbdev(usb_intf));
  
 	return rt2x00lib_resume(rt2x00dev);
 }
@@ -4283,6 +4283,7 @@
 	wl->hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
 		BIT(NL80211_IFTYPE_ADHOC) | BIT(NL80211_IFTYPE_AP);
 	wl->hw->wiphy->max_scan_ssids = 1;
+	wl->hw->wiphy->max_sched_scan_ssids = 1;
 	/*
 	 * Maximum length of elements in scanning probe request templates
 	 * should be the maximum length possible for a template, without
@@ -164,7 +164,7 @@
 	/* If enabled, tell runtime PM not to power off the card */
 	if (pm_runtime_enabled(&func->dev)) {
 		ret = pm_runtime_get_sync(&func->dev);
-		if (ret)
+		if (ret < 0)
 			goto out;
 	} else {
 		/* Runtime PM is disabled: power up the card manually */
@@ -36,7 +36,6 @@
 	WL1271_TM_CMD_TEST,
 	WL1271_TM_CMD_INTERROGATE,
 	WL1271_TM_CMD_CONFIGURE,
-	WL1271_TM_CMD_NVS_PUSH,
 	WL1271_TM_CMD_SET_PLT_MODE,
 	WL1271_TM_CMD_RECOVER,
  
@@ -190,48 +189,6 @@
 	return 0;
 }
  
-static int wl1271_tm_cmd_nvs_push(struct wl1271 *wl, struct nlattr *tb[])
-{
-	int ret = 0;
-	size_t len;
-	void *buf;
-
-	wl1271_debug(DEBUG_TESTMODE, "testmode cmd nvs push");
-
-	if (!tb[WL1271_TM_ATTR_DATA])
-		return -EINVAL;
-
-	buf = nla_data(tb[WL1271_TM_ATTR_DATA]);
-	len = nla_len(tb[WL1271_TM_ATTR_DATA]);
-
-	mutex_lock(&wl->mutex);
-
-	kfree(wl->nvs);
-
-	if ((wl->chip.id == CHIP_ID_1283_PG20) &&
-	    (len != sizeof(struct wl128x_nvs_file)))
-		return -EINVAL;
-	else if (len != sizeof(struct wl1271_nvs_file))
-		return -EINVAL;
-
-	wl->nvs = kzalloc(len, GFP_KERNEL);
-	if (!wl->nvs) {
-		wl1271_error("could not allocate memory for the nvs file");
-		ret = -ENOMEM;
-		goto out;
-	}
-
-	memcpy(wl->nvs, buf, len);
-	wl->nvs_len = len;
-
-	wl1271_debug(DEBUG_TESTMODE, "testmode pushed nvs");
-
-out:
-	mutex_unlock(&wl->mutex);
-
-	return ret;
-}
-
 static int wl1271_tm_cmd_set_plt_mode(struct wl1271 *wl, struct nlattr *tb[])
 {
 	u32 val;
@@ -288,8 +245,6 @@
 		return wl1271_tm_cmd_interrogate(wl, tb);
 	case WL1271_TM_CMD_CONFIGURE:
 		return wl1271_tm_cmd_configure(wl, tb);
-	case WL1271_TM_CMD_NVS_PUSH:
-		return wl1271_tm_cmd_nvs_push(wl, tb);
 	case WL1271_TM_CMD_SET_PLT_MODE:
 		return wl1271_tm_cmd_set_plt_mode(wl, tb);
 	case WL1271_TM_CMD_RECOVER:
@@ -1865,6 +1865,9 @@
 	 * you need use set_wiphy_dev() (see below) */
 	struct device dev;
  
+	/* protects ->resume, ->suspend sysfs callbacks against unregister hw */
+	bool registered;
+
 	/* dir in debugfs: ieee80211/<wiphyname> */
 	struct dentry *debugfsdir;
  
@@ -494,9 +494,8 @@
 	BT_DBG("sk %p", sk);
  
 	add_wait_queue(sk_sleep(sk), &wait);
+	set_current_state(TASK_INTERRUPTIBLE);
 	while (sk->sk_state != state) {
-		set_current_state(TASK_INTERRUPTIBLE);
-
 		if (!timeo) {
 			err = -EINPROGRESS;
 			break;
  
@@ -510,12 +509,13 @@
 		release_sock(sk);
 		timeo = schedule_timeout(timeo);
 		lock_sock(sk);
+		set_current_state(TASK_INTERRUPTIBLE);
  
 		err = sock_error(sk);
 		if (err)
 			break;
 	}
-	set_current_state(TASK_RUNNING);
+	__set_current_state(TASK_RUNNING);
 	remove_wait_queue(sk_sleep(sk), &wait);
 	return err;
 }
@@ -155,6 +155,7 @@
 	unsigned int  role;
 	unsigned long state;
 	unsigned long flags;
+	atomic_t      terminate;
 	struct task_struct *task;
  
 	struct ethhdr eh;
@@ -484,9 +484,11 @@
  
 	init_waitqueue_entry(&wait, current);
 	add_wait_queue(sk_sleep(sk), &wait);
-	while (!kthread_should_stop()) {
+	while (1) {
 		set_current_state(TASK_INTERRUPTIBLE);
  
+		if (atomic_read(&s->terminate))
+			break;
 		/* RX */
 		while ((skb = skb_dequeue(&sk->sk_receive_queue))) {
 			skb_orphan(skb);
@@ -504,7 +506,7 @@
  
 		schedule();
 	}
-	set_current_state(TASK_RUNNING);
+	__set_current_state(TASK_RUNNING);
 	remove_wait_queue(sk_sleep(sk), &wait);
  
 	/* Cleanup session */
@@ -640,9 +642,10 @@
 	down_read(&bnep_session_sem);
  
 	s = __bnep_get_session(req->dst);
-	if (s)
-		kthread_stop(s->task);
-	else
+	if (s) {
+		atomic_inc(&s->terminate);
+		wake_up_process(s->task);
+	} else
 		err = -ENOENT;
  
 	up_read(&bnep_session_sem);
@@ -386,7 +386,8 @@
  
 	capi_ctr_down(ctrl);
  
-	kthread_stop(session->task);
+	atomic_inc(&session->terminate);
+	wake_up_process(session->task);
 }
  
 static void cmtp_register_appl(struct capi_ctr *ctrl, __u16 appl, capi_register_params *rp)
@@ -81,6 +81,7 @@
  
 	char name[BTNAMSIZ];
  
+	atomic_t terminate;
 	struct task_struct *task;
  
 	wait_queue_head_t wait;
@@ -292,9 +292,11 @@
  
 	init_waitqueue_entry(&wait, current);
 	add_wait_queue(sk_sleep(sk), &wait);
-	while (!kthread_should_stop()) {
+	while (1) {
 		set_current_state(TASK_INTERRUPTIBLE);
  
+		if (atomic_read(&session->terminate))
+			break;
 		if (sk->sk_state != BT_CONNECTED)
 			break;
  
@@ -307,7 +309,7 @@
  
 		schedule();
 	}
-	set_current_state(TASK_RUNNING);
+	__set_current_state(TASK_RUNNING);
 	remove_wait_queue(sk_sleep(sk), &wait);
  
 	down_write(&cmtp_session_sem);
  
@@ -380,16 +382,17 @@
  
 	if (!(session->flags & (1 << CMTP_LOOPBACK))) {
 		err = cmtp_attach_device(session);
-		if (err < 0)
-			goto detach;
+		if (err < 0) {
+			atomic_inc(&session->terminate);
+			wake_up_process(session->task);
+			up_write(&cmtp_session_sem);
+			return err;
+		}
 	}
  
 	up_write(&cmtp_session_sem);
 	return 0;
  
-detach:
-	cmtp_detach_device(session);
-
 unlink:
 	__cmtp_unlink_session(session);
  
@@ -414,7 +417,8 @@
 		skb_queue_purge(&session->transmit);
  
 		/* Stop session thread */
-		kthread_stop(session->task);
+		atomic_inc(&session->terminate);
+		wake_up_process(session->task);
 	} else
 		err = -ENOENT;
  
@@ -1209,7 +1209,6 @@
  
 	BT_ERR("%s command tx timeout", hdev->name);
 	atomic_set(&hdev->cmd_cnt, 1);
-	clear_bit(HCI_RESET, &hdev->flags);
 	tasklet_schedule(&hdev->cmd_task);
 }
  
@@ -1327,7 +1326,7 @@
  
 	entry = kzalloc(sizeof(struct bdaddr_list), GFP_KERNEL);
 	if (!entry) {
-		return -ENOMEM;
+		err = -ENOMEM;
 		goto err;
 	}
  
@@ -2408,7 +2407,10 @@
 		if (hdev->sent_cmd) {
 			atomic_dec(&hdev->cmd_cnt);
 			hci_send_frame(skb);
-			mod_timer(&hdev->cmd_timer,
+			if (test_bit(HCI_RESET, &hdev->flags))
+				del_timer(&hdev->cmd_timer);
+			else
+				mod_timer(&hdev->cmd_timer,
 				  jiffies + msecs_to_jiffies(HCI_CMD_TIMEOUT));
 		} else {
 			skb_queue_head(&hdev->cmd_q, skb);
@@ -764,6 +764,7 @@
  
 	up_write(&hidp_session_sem);
  
+	kfree(session->rd_data);
 	kfree(session);
 	return 0;
 }
@@ -841,7 +842,8 @@
  
 	err = input_register_device(input);
 	if (err < 0) {
-		hci_conn_put_device(session->conn);
+		input_free_device(input);
+		session->input = NULL;
 		return err;
 	}
  
@@ -1044,8 +1046,12 @@
 	}
  
 	err = hid_add_device(session->hid);
-	if (err < 0)
-		goto err_add_device;
+	if (err < 0) {
+		atomic_inc(&session->terminate);
+		wake_up_process(session->task);
+		up_write(&hidp_session_sem);
+		return err;
+	}
  
 	if (session->input) {
 		hidp_send_ctrl_message(session,
@@ -1059,12 +1065,6 @@
 	up_write(&hidp_session_sem);
 	return 0;
  
-err_add_device:
-	hid_destroy_device(session->hid);
-	session->hid = NULL;
-	atomic_inc(&session->terminate);
-	wake_up_process(session->task);
-
 unlink:
 	hidp_del_timer(session);
  
@@ -1090,7 +1090,6 @@
 failed:
 	up_write(&hidp_session_sem);
  
-	input_free_device(session->input);
 	kfree(session);
 	return err;
 }
@@ -1159,9 +1159,8 @@
 	int timeo = HZ/5;
  
 	add_wait_queue(sk_sleep(sk), &wait);
-	while ((chan->unacked_frames > 0 && chan->conn)) {
-		set_current_state(TASK_INTERRUPTIBLE);
-
+	set_current_state(TASK_INTERRUPTIBLE);
+	while (chan->unacked_frames > 0 && chan->conn) {
 		if (!timeo)
 			timeo = HZ/5;
  
@@ -1173,6 +1172,7 @@
 		release_sock(sk);
 		timeo = schedule_timeout(timeo);
 		lock_sock(sk);
+		set_current_state(TASK_INTERRUPTIBLE);
  
 		err = sock_error(sk);
 		if (err)
@@ -235,30 +235,26 @@
  
 	lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
  
-	if (sk->sk_state != BT_LISTEN) {
-		err = -EBADFD;
-		goto done;
-	}
-
 	timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
  
 	BT_DBG("sk %p timeo %ld", sk, timeo);
  
 	/* Wait for an incoming connection. (wake-one). */
 	add_wait_queue_exclusive(sk_sleep(sk), &wait);
-	while (!(nsk = bt_accept_dequeue(sk, newsock))) {
+	while (1) {
 		set_current_state(TASK_INTERRUPTIBLE);
-		if (!timeo) {
-			err = -EAGAIN;
+
+		if (sk->sk_state != BT_LISTEN) {
+			err = -EBADFD;
 			break;
 		}
  
-		release_sock(sk);
-		timeo = schedule_timeout(timeo);
-		lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
+		nsk = bt_accept_dequeue(sk, newsock);
+		if (nsk)
+			break;
  
-		if (sk->sk_state != BT_LISTEN) {
-			err = -EBADFD;
+		if (!timeo) {
+			err = -EAGAIN;
 			break;
 		}
  
  
@@ -266,8 +262,12 @@
 			err = sock_intr_errno(timeo);
 			break;
 		}
+
+		release_sock(sk);
+		timeo = schedule_timeout(timeo);
+		lock_sock_nested(sk, SINGLE_DEPTH_NESTING);
 	}
-	set_current_state(TASK_RUNNING);
+	__set_current_state(TASK_RUNNING);
 	remove_wait_queue(sk_sleep(sk), &wait);
  
 	if (err)
@@ -993,7 +993,7 @@
 	INIT_LIST_HEAD(&bt_sk(sk)->accept_q);
  
 	sk->sk_destruct = l2cap_sock_destruct;
-	sk->sk_sndtimeo = msecs_to_jiffies(L2CAP_CONN_TIMEOUT);
+	sk->sk_sndtimeo = L2CAP_CONN_TIMEOUT;
  
 	sock_reset_flag(sk, SOCK_ZAPPED);
  
@@ -62,7 +62,6 @@
 #define rfcomm_lock()	mutex_lock(&rfcomm_mutex)
 #define rfcomm_unlock()	mutex_unlock(&rfcomm_mutex)
  
-static unsigned long rfcomm_event;
  
 static LIST_HEAD(session_list);
  
@@ -120,7 +119,6 @@
 {
 	if (!rfcomm_thread)
 		return;
-	set_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
 	wake_up_process(rfcomm_thread);
 }
  
  
  
  
  
  
@@ -2038,19 +2036,18 @@
  
 	rfcomm_add_listener(BDADDR_ANY);
  
-	while (!kthread_should_stop()) {
+	while (1) {
 		set_current_state(TASK_INTERRUPTIBLE);
-		if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) {
-			/* No pending events. Let's sleep.
-			 * Incoming connections and data will wake us up. */
-			schedule();
-		}
-		set_current_state(TASK_RUNNING);
  
+		if (kthread_should_stop())
+			break;
+
 		/* Process stuff */
-		clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event);
 		rfcomm_process_sessions();
+
+		schedule();
 	}
+	__set_current_state(TASK_RUNNING);
  
 	rfcomm_kill_listener();
  
@@ -485,11 +485,6 @@
  
 	lock_sock(sk);
  
-	if (sk->sk_state != BT_LISTEN) {
-		err = -EBADFD;
-		goto done;
-	}
-
 	if (sk->sk_type != SOCK_STREAM) {
 		err = -EINVAL;
 		goto done;
  
  
  
@@ -501,19 +496,20 @@
  
 	/* Wait for an incoming connection. (wake-one). */
 	add_wait_queue_exclusive(sk_sleep(sk), &wait);
-	while (!(nsk = bt_accept_dequeue(sk, newsock))) {
+	while (1) {
 		set_current_state(TASK_INTERRUPTIBLE);
-		if (!timeo) {
-			err = -EAGAIN;
+
+		if (sk->sk_state != BT_LISTEN) {
+			err = -EBADFD;
 			break;
 		}
  
-		release_sock(sk);
-		timeo = schedule_timeout(timeo);
-		lock_sock(sk);
+		nsk = bt_accept_dequeue(sk, newsock);
+		if (nsk)
+			break;
  
-		if (sk->sk_state != BT_LISTEN) {
-			err = -EBADFD;
+		if (!timeo) {
+			err = -EAGAIN;
 			break;
 		}
  
  
@@ -521,8 +517,12 @@
 			err = sock_intr_errno(timeo);
 			break;
 		}
+
+		release_sock(sk);
+		timeo = schedule_timeout(timeo);
+		lock_sock(sk);
 	}
-	set_current_state(TASK_RUNNING);
+	__set_current_state(TASK_RUNNING);
 	remove_wait_queue(sk_sleep(sk), &wait);
  
 	if (err)
@@ -564,30 +564,26 @@
  
 	lock_sock(sk);
  
-	if (sk->sk_state != BT_LISTEN) {
-		err = -EBADFD;
-		goto done;
-	}
-
 	timeo = sock_rcvtimeo(sk, flags & O_NONBLOCK);
  
 	BT_DBG("sk %p timeo %ld", sk, timeo);
  
 	/* Wait for an incoming connection. (wake-one). */
 	add_wait_queue_exclusive(sk_sleep(sk), &wait);
-	while (!(ch = bt_accept_dequeue(sk, newsock))) {
+	while (1) {
 		set_current_state(TASK_INTERRUPTIBLE);
-		if (!timeo) {
-			err = -EAGAIN;
+
+		if (sk->sk_state != BT_LISTEN) {
+			err = -EBADFD;
 			break;
 		}
  
-		release_sock(sk);
-		timeo = schedule_timeout(timeo);
-		lock_sock(sk);
+		ch = bt_accept_dequeue(sk, newsock);
+		if (ch)
+			break;
  
-		if (sk->sk_state != BT_LISTEN) {
-			err = -EBADFD;
+		if (!timeo) {
+			err = -EAGAIN;
 			break;
 		}
  
  
@@ -595,8 +591,12 @@
 			err = sock_intr_errno(timeo);
 			break;
 		}
+
+		release_sock(sk);
+		timeo = schedule_timeout(timeo);
+		lock_sock(sk);
 	}
-	set_current_state(TASK_RUNNING);
+	__set_current_state(TASK_RUNNING);
 	remove_wait_queue(sk_sleep(sk), &wait);
  
 	if (err)
@@ -1456,7 +1456,7 @@
 {
 	struct sk_buff *skb2;
 	const struct ipv6hdr *ip6h;
-	struct icmp6hdr *icmp6h;
+	u8 icmp6_type;
 	u8 nexthdr;
 	unsigned len;
 	int offset;
  
@@ -1502,9 +1502,9 @@
 	__skb_pull(skb2, offset);
 	skb_reset_transport_header(skb2);
  
-	icmp6h = icmp6_hdr(skb2);
+	icmp6_type = icmp6_hdr(skb2)->icmp6_type;
  
-	switch (icmp6h->icmp6_type) {
+	switch (icmp6_type) {
 	case ICMPV6_MGM_QUERY:
 	case ICMPV6_MGM_REPORT:
 	case ICMPV6_MGM_REDUCTION:
  
  
  
@@ -1520,16 +1520,23 @@
 		err = pskb_trim_rcsum(skb2, len);
 		if (err)
 			goto out;
+		err = -EINVAL;
 	}
  
+	ip6h = ipv6_hdr(skb2);
+
 	switch (skb2->ip_summed) {
 	case CHECKSUM_COMPLETE:
-		if (!csum_fold(skb2->csum))
+		if (!csum_ipv6_magic(&ip6h->saddr, &ip6h->daddr, skb2->len,
+					IPPROTO_ICMPV6, skb2->csum))
 			break;
 		/*FALLTHROUGH*/
 	case CHECKSUM_NONE:
-		skb2->csum = 0;
-		if (skb_checksum_complete(skb2))
+		skb2->csum = ~csum_unfold(csum_ipv6_magic(&ip6h->saddr,
+							&ip6h->daddr,
+							skb2->len,
+							IPPROTO_ICMPV6, 0));
+		if (__skb_checksum_complete(skb2))
 			goto out;
 	}
  
@@ -1537,7 +1544,7 @@
  
 	BR_INPUT_SKB_CB(skb)->igmp = 1;
  
-	switch (icmp6h->icmp6_type) {
+	switch (icmp6_type) {
 	case ICMPV6_MGM_REPORT:
 	    {
 		struct mld_msg *mld;
@@ -1319,11 +1319,15 @@
  
 		if (tdif <= 0) {
 			struct net_device *dev = skb->dev;
+
 			__skb_unlink(skb, &tbl->proxy_queue);
-			if (tbl->proxy_redo && netif_running(dev))
+			if (tbl->proxy_redo && netif_running(dev)) {
+				rcu_read_lock();
 				tbl->proxy_redo(skb);
-			else
+				rcu_read_unlock();
+			} else {
 				kfree_skb(skb);
+			}
  
 			dev_put(dev);
 		} else if (!sched_next || tdif < sched_next)
@@ -558,13 +558,14 @@
 	if (skb_shared(skb))
 		goto out;
  
-	iph = (struct iphdr *)skb->data;
 	if (!pskb_may_pull(skb, sizeof(struct iphdr)))
 		goto out;
+	iph = (struct iphdr *)skb->data;
 	if (iph->ihl < 5 || iph->version != 4)
 		goto out;
 	if (!pskb_may_pull(skb, iph->ihl*4))
 		goto out;
+	iph = (struct iphdr *)skb->data;
 	if (ip_fast_csum((u8 *)iph, iph->ihl) != 0)
 		goto out;
  
@@ -579,6 +580,7 @@
 	if (pskb_trim_rcsum(skb, len))
 		goto out;
  
+	iph = (struct iphdr *)skb->data;
 	if (iph->protocol != IPPROTO_UDP)
 		goto out;
  
@@ -767,7 +767,7 @@
 			break;
 		for (i=0; i<nsrcs; i++) {
 			/* skip inactive filters */
-			if (pmc->sfcount[MCAST_INCLUDE] ||
+			if (psf->sf_count[MCAST_INCLUDE] ||
 			    pmc->sfcount[MCAST_EXCLUDE] !=
 			    psf->sf_count[MCAST_EXCLUDE])
 				continue;
@@ -1059,7 +1059,7 @@
 			break;
 		for (i=0; i<nsrcs; i++) {
 			/* skip inactive filters */
-			if (pmc->mca_sfcount[MCAST_INCLUDE] ||
+			if (psf->sf_count[MCAST_INCLUDE] ||
 			    pmc->mca_sfcount[MCAST_EXCLUDE] !=
 			    psf->sf_count[MCAST_EXCLUDE])
 				continue;
@@ -1012,7 +1012,6 @@
 	cancel_work_sync(&local->reconfig_filter);
  
 	ieee80211_clear_tx_pending(local);
-	sta_info_stop(local);
 	rate_control_deinitialize(local);
  
 	if (skb_queue_len(&local->skb_queue) ||
@@ -1024,6 +1023,7 @@
  
 	destroy_workqueue(local->workqueue);
 	wiphy_unregister(local->hw.wiphy);
+	sta_info_stop(local);
 	ieee80211_wep_free(local);
 	ieee80211_led_exit(local);
 	kfree(local->int_scan_req);
@@ -1965,8 +1965,9 @@
 	 * used_address->name_len is initialized to UINT_MAX so that the first
 	 * destination address never matches.
 	 */
-	if (used_address && used_address->name_len == msg_sys->msg_namelen &&
-	    !memcmp(&used_address->name, msg->msg_name,
+	if (used_address && msg_sys->msg_name &&
+	    used_address->name_len == msg_sys->msg_namelen &&
+	    !memcmp(&used_address->name, msg_sys->msg_name,
 		    used_address->name_len)) {
 		err = sock_sendmsg_nosec(sock, msg_sys, total_len);
 		goto out_freectl;
@@ -1978,8 +1979,9 @@
 	 */
 	if (used_address && err >= 0) {
 		used_address->name_len = msg_sys->msg_namelen;
-		memcpy(&used_address->name, msg->msg_name,
-		       used_address->name_len);
+		if (msg_sys->msg_name)
+			memcpy(&used_address->name, msg_sys->msg_name,
+			       used_address->name_len);
 	}
  
 out_freectl:
@@ -616,6 +616,9 @@
 	if (res)
 		goto out_rm_dev;
  
+	rtnl_lock();
+	rdev->wiphy.registered = true;
+	rtnl_unlock();
 	return 0;
  
 out_rm_dev:
@@ -646,6 +649,10 @@
 void wiphy_unregister(struct wiphy *wiphy)
 {
 	struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
+
+	rtnl_lock();
+	rdev->wiphy.registered = false;
+	rtnl_unlock();
  
 	rfkill_unregister(rdev->rfkill);
  
@@ -93,7 +93,8 @@
  
 	if (rdev->ops->suspend) {
 		rtnl_lock();
-		ret = rdev->ops->suspend(&rdev->wiphy, rdev->wowlan);
+		if (rdev->wiphy.registered)
+			ret = rdev->ops->suspend(&rdev->wiphy, rdev->wowlan);
 		rtnl_unlock();
 	}
  
@@ -112,7 +113,8 @@
  
 	if (rdev->ops->resume) {
 		rtnl_lock();
-		ret = rdev->ops->resume(&rdev->wiphy);
+		if (rdev->wiphy.registered)
+			ret = rdev->ops->resume(&rdev->wiphy);
 		rtnl_unlock();
 	}
...	...	@@ -4450,8 +4450,8 @@
4450	4450	L: netdev@vger.kernel.org
4451	4451	W: http://www.linuxfoundation.org/en/Net
4452	4452	W: http://patchwork.ozlabs.org/project/netdev/list/
4453		-T: git git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.git
4454		-T: git git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6.git
	4453	+T: git git://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git
	4454	+T: git git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git
4455	4455	S: Maintained
4456	4456	F: net/
4457	4457	F: include/net/
...	...	@@ -15,6 +15,7 @@
15	15	static int bcma_bus_match(struct device dev, struct device_driver drv);
16	16	static int bcma_device_probe(struct device *dev);
17	17	static int bcma_device_remove(struct device *dev);
	18	+static int bcma_device_uevent(struct device dev, struct kobj_uevent_env env);
18	19
19	20	static ssize_t manuf_show(struct device dev, struct device_attribute attr, char *buf)
20	21	{
...	...	@@ -49,6 +50,7 @@
49	50	.match = bcma_bus_match,
50	51	.probe = bcma_device_probe,
51	52	.remove = bcma_device_remove,
	53	+ .uevent = bcma_device_uevent,
52	54	.dev_attrs = bcma_device_attrs,
53	55	};
54	56
...	...	@@ -225,6 +227,16 @@
225	227	adrv->remove(core);
226	228
227	229	return 0;
	230	+}
	231	+
	232	+static int bcma_device_uevent(struct device dev, struct kobj_uevent_env env)
	233	+{
	234	+ struct bcma_device *core = container_of(dev, struct bcma_device, dev);
	235	+
	236	+ return add_uevent_var(env,
	237	+ "MODALIAS=bcma:m%04Xid%04Xrev%02Xcl%02X",
	238	+ core->id.manuf, core->id.id,
	239	+ core->id.rev, core->id.class);
228	240	}
229	241
230	242	static int __init bcma_modinit(void)
...	...	@@ -63,6 +63,7 @@
63	63	/* Atheros AR3011 with sflash firmware*/
64	64	{ USB_DEVICE(0x0CF3, 0x3002) },
65	65	{ USB_DEVICE(0x13d3, 0x3304) },
	66	+ { USB_DEVICE(0x0930, 0x0215) },
66	67
67	68	/* Atheros AR9285 Malbec with sflash firmware */
68	69	{ USB_DEVICE(0x03F0, 0x311D) },
...	...	@@ -106,6 +106,7 @@
106	106	/* Atheros 3011 with sflash firmware */
107	107	{ USB_DEVICE(0x0cf3, 0x3002), .driver_info = BTUSB_IGNORE },
108	108	{ USB_DEVICE(0x13d3, 0x3304), .driver_info = BTUSB_IGNORE },
	109	+ { USB_DEVICE(0x0930, 0x0215), .driver_info = BTUSB_IGNORE },
109	110
110	111	/* Atheros AR9285 Malbec with sflash firmware */
111	112	{ USB_DEVICE(0x03f0, 0x311d), .driver_info = BTUSB_IGNORE },
...	...	@@ -256,7 +257,9 @@
256	257
257	258	err = usb_submit_urb(urb, GFP_ATOMIC);
258	259	if (err < 0) {
259		- if (err != -EPERM)
	260	+ /* -EPERM: urb is being killed;
	261	+ * -ENODEV: device got disconnected */
	262	+ if (err != -EPERM && err != -ENODEV)
260	263	BT_ERR("%s urb %p failed to resubmit (%d)",
261	264	hdev->name, urb, -err);
262	265	usb_unanchor_urb(urb);
...	...	@@ -341,7 +344,9 @@
341	344
342	345	err = usb_submit_urb(urb, GFP_ATOMIC);
343	346	if (err < 0) {
344		- if (err != -EPERM)
	347	+ /* -EPERM: urb is being killed;
	348	+ * -ENODEV: device got disconnected */
	349	+ if (err != -EPERM && err != -ENODEV)
345	350	BT_ERR("%s urb %p failed to resubmit (%d)",
346	351	hdev->name, urb, -err);
347	352	usb_unanchor_urb(urb);
...	...	@@ -431,7 +436,9 @@
431	436
432	437	err = usb_submit_urb(urb, GFP_ATOMIC);
433	438	if (err < 0) {
434		- if (err != -EPERM)
	439	+ /* -EPERM: urb is being killed;
	440	+ * -ENODEV: device got disconnected */
	441	+ if (err != -EPERM && err != -ENODEV)
435	442	BT_ERR("%s urb %p failed to resubmit (%d)",
436	443	hdev->name, urb, -err);
437	444	usb_unanchor_urb(urb);
...	...	@@ -503,9 +503,9 @@
503	503	spin_unlock_irqrestore(&priv->mbx_lock, flags);
504	504
505	505	/* Prepare mailbox for transmission */
	506	+ data = cf->can_dlc \| (get_tx_head_prio(priv) << 8);
506	507	if (cf->can_id & CAN_RTR_FLAG) /* Remote transmission request */
507	508	data \|= HECC_CANMCF_RTR;
508		- data \|= get_tx_head_prio(priv) << 8;
509	509	hecc_write_mbx(priv, mbxno, HECC_CANMCF, data);
510	510
511	511	if (cf->can_id & CAN_EFF_FLAG) /* Extended frame format */
...	...	@@ -923,6 +923,7 @@
923	923	priv->can.do_get_state = ti_hecc_get_state;
924	924	priv->can.ctrlmode_supported = CAN_CTRLMODE_3_SAMPLES;
925	925
	926	+ spin_lock_init(&priv->mbx_lock);
926	927	ndev->irq = irq->start;
927	928	ndev->flags \|= IFF_ECHO;
928	929	platform_set_drvdata(pdev, ndev);
...	...	@@ -2452,14 +2452,13 @@
2452	2452	struct net_device *dev = dev_id;
2453	2453	struct cas *cp = netdev_priv(dev);
2454	2454	unsigned long flags;
2455		- int ring;
	2455	+ int ring = (irq == cp->pci_irq_INTC) ? 2 : 3;
2456	2456	u32 status = readl(cp->regs + REG_PLUS_INTRN_STATUS(ring));
2457	2457
2458	2458	/* check for shared irq */
2459	2459	if (status == 0)
2460	2460	return IRQ_NONE;
2461	2461
2462		- ring = (irq == cp->pci_irq_INTC) ? 2 : 3;
2463	2462	spin_lock_irqsave(&cp->lock, flags);
2464	2463	if (status & INTR_RX_DONE_ALT) { /* handle rx separately */
2465	2464	#ifdef USE_NAPI
...	...	@@ -395,7 +395,7 @@
395	395	}
396	396
397	397	/* recycle the current buffer on the rx queue */
398		-static void ibmveth_rxq_recycle_buffer(struct ibmveth_adapter *adapter)
	398	+static int ibmveth_rxq_recycle_buffer(struct ibmveth_adapter *adapter)
399	399	{
400	400	u32 q_index = adapter->rx_queue.index;
401	401	u64 correlator = adapter->rx_queue.queue_addr[q_index].correlator;
...	...	@@ -403,6 +403,7 @@
403	403	unsigned int index = correlator & 0xffffffffUL;
404	404	union ibmveth_buf_desc desc;
405	405	unsigned long lpar_rc;
	406	+ int ret = 1;
406	407
407	408	BUG_ON(pool >= IBMVETH_NUM_BUFF_POOLS);
408	409	BUG_ON(index >= adapter->rx_buff_pool[pool].size);
...	...	@@ -410,7 +411,7 @@
410	411	if (!adapter->rx_buff_pool[pool].active) {
411	412	ibmveth_rxq_harvest_buffer(adapter);
412	413	ibmveth_free_buffer_pool(adapter, &adapter->rx_buff_pool[pool]);
413		- return;
	414	+ goto out;
414	415	}
415	416
416	417	desc.fields.flags_len = IBMVETH_BUF_VALID \|
417	418
...	...	@@ -423,12 +424,16 @@
423	424	netdev_dbg(adapter->netdev, "h_add_logical_lan_buffer failed "
424	425	"during recycle rc=%ld", lpar_rc);
425	426	ibmveth_remove_buffer_from_pool(adapter, adapter->rx_queue.queue_addr[adapter->rx_queue.index].correlator);
	427	+ ret = 0;
426	428	}
427	429
428	430	if (++adapter->rx_queue.index == adapter->rx_queue.num_slots) {
429	431	adapter->rx_queue.index = 0;
430	432	adapter->rx_queue.toggle = !adapter->rx_queue.toggle;
431	433	}
	434	+
	435	+out:
	436	+ return ret;
432	437	}
433	438
434	439	static void ibmveth_rxq_harvest_buffer(struct ibmveth_adapter *adapter)
435	440
...	...	@@ -1084,8 +1089,9 @@
1084	1089	if (rx_flush)
1085	1090	ibmveth_flush_buffer(skb->data,
1086	1091	length + offset);
	1092	+ if (!ibmveth_rxq_recycle_buffer(adapter))
	1093	+ kfree_skb(skb);
1087	1094	skb = new_skb;
1088		- ibmveth_rxq_recycle_buffer(adapter);
1089	1095	} else {
1090	1096	ibmveth_rxq_harvest_buffer(adapter);
1091	1097	skb_reserve(skb, offset);
...	...	@@ -25,8 +25,9 @@
25	25	/* DP83865 phy identifier values */
26	26	#define DP83865_PHY_ID 0x20005c7a
27	27
28		-#define DP83865_INT_MASK_REG 0x15
29		-#define DP83865_INT_MASK_STATUS 0x14
	28	+#define DP83865_INT_STATUS 0x14
	29	+#define DP83865_INT_MASK 0x15
	30	+#define DP83865_INT_CLEAR 0x17
30	31
31	32	#define DP83865_INT_REMOTE_FAULT 0x0008
32	33	#define DP83865_INT_ANE_COMPLETED 0x0010
33	34
34	35
35	36
...	...	@@ -68,21 +69,25 @@
68	69	int err;
69	70
70	71	if (phydev->interrupts == PHY_INTERRUPT_ENABLED)
71		- err = phy_write(phydev, DP83865_INT_MASK_REG,
	72	+ err = phy_write(phydev, DP83865_INT_MASK,
72	73	DP83865_INT_MASK_DEFAULT);
73	74	else
74		- err = phy_write(phydev, DP83865_INT_MASK_REG, 0);
	75	+ err = phy_write(phydev, DP83865_INT_MASK, 0);
75	76
76	77	return err;
77	78	}
78	79
79	80	static int ns_ack_interrupt(struct phy_device *phydev)
80	81	{
81		- int ret = phy_read(phydev, DP83865_INT_MASK_STATUS);
	82	+ int ret = phy_read(phydev, DP83865_INT_STATUS);
82	83	if (ret < 0)
83	84	return ret;
84	85
85		- return 0;
	86	+ /* Clear the interrupt status bit by writing a “1”
	87	+ * to the corresponding bit in INT_CLEAR (2:0 are reserved) */
	88	+ ret = phy_write(phydev, DP83865_INT_CLEAR, ret & ~0x7);
	89	+
	90	+ return ret;
86	91	}
87	92
88	93	static void ns_giga_speed_fallback(struct phy_device *phydev, int mode)
...	...	@@ -31,6 +31,7 @@
31	31	#include <linux/phy.h>
32	32	#include <linux/cache.h>
33	33	#include <linux/io.h>
	34	+#include <linux/interrupt.h>
34	35	#include <linux/pm_runtime.h>
35	36	#include <linux/slab.h>
36	37	#include <linux/ethtool.h>
...	...	@@ -69,7 +69,7 @@
69	69	static const struct ar9300_eeprom ar9300_default = {
70	70	.eepromVersion = 2,
71	71	.templateVersion = 2,
72		- .macAddr = {1, 2, 3, 4, 5, 6},
	72	+ .macAddr = {0, 2, 3, 4, 5, 6},
73	73	.custData = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
74	74	0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
75	75	.baseEepHeader = {