16 Jan, 2009
2 commits
-
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (95 commits)
b44: GFP_DMA skb should not escape from driver
korina: do not use IRQF_SHARED with IRQF_DISABLED
korina: do not stop queue here
korina: fix handling tx_chain_tail
korina: do tx at the right position
korina: do schedule napi after testing for it
korina: rework korina_rx() for use with napi
korina: disable napi on close and restart
korina: reset resource buffer size to 1536
korina: fix usage of driver_data
bnx2x: First slow path interrupt race
bnx2x: MTU Filter
bnx2x: Indirection table initialization index
bnx2x: Missing brackets
bnx2x: Fixing the doorbell size
bnx2x: Endianness issues
bnx2x: VLAN tagged packets without VLAN offload
bnx2x: Protecting the link change indication
bnx2x: Flow control updated before reporting the link
bnx2x: Missing mask when calculating flow control
... -
If INET=y and INFINIBAND=y, but IPV6=m then INFINIBAND_ADDR_TRANS is set
to n and the RDMA CM functions rdma_connect() et al are not built.
However, the current config dependencies allow NET_9P_RDMA to be selected
in this, which leads to a build failure. Fix this by adding a dependency
on INFINIBAND_ADDR_TRANS to disallow NET_9P_RDMA in this case.Reported-by: Randy Dunlap
Signed-off-by: Roland Dreier
Acked-by: Randy Dunlap
Tested-by: Randy Dunlap
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
15 Jan, 2009
6 commits
-
Due to the loopback functionality in can_send() we can not invoke it
from hardirq context which was done inside the
bcm_tx_timeout_handler() hrtimer callback:[ 700.361154] [] warn_slowpath+0x80/0xb6
[ 700.361163] [] valid_state+0x125/0x136
[ 700.361171] [] mark_lock+0x18e/0x332
[ 700.361180] [] __lock_acquire+0x12e/0xb1e
[ 700.361189] [] bcm_tx_timeout_handler+0x0/0xbc [can_bcm]
[ 700.361198] [] dev_queue_xmit+0x191/0x479
[ 700.361206] [] __local_bh_disable+0x2b/0x64
[ 700.361213] [] dev_queue_xmit+0x191/0x479
[ 700.361225] [] can_send+0xd7/0x11a [can]
[ 700.361235] [] bcm_can_tx+0x9d/0xd9 [can_bcm]
[ 700.361245] [] bcm_tx_timeout_handler+0x6a/0xbc [can_bcm]
[ 700.361255] [] bcm_tx_timeout_handler+0x0/0xbc [can_bcm]
[ 700.361263] [] __run_hrtimer+0x5a/0x86
[ 700.361273] [] bcm_tx_timeout_handler+0x0/0xbc [can_bcm]
[ 700.361282] [] hrtimer_interrupt+0xb9/0x110This patch moves the rest of the functionality from the hrtimer
callback to the already existing tasklet to fix this slowpath problem.Signed-off-by: Oliver Hartkopp
Signed-off-by: David S. Miller -
This adds an init_dummy_netdev() function that gets a network device
structure (allocation and lifetime entirely under caller's control) and
initialize the minimum amount of fields so it can be used to schedule
NAPI polls without registering a full blown interface. This is to be
used by drivers that need to tie several hardware interfaces to a single
NAPI poll scheduler due to HW limitations.It also updates the ibm_newemac driver to use that, this fixing the
oops on 2.6.29 due to passing NULL as "dev" to netif_napi_add()Symbol is exported GPL only a I don't think we want binary drivers doing
that sort of acrobatics (if we want them at all).Signed-off-by: Benjamin Herrenschmidt
Tested-by: Geert Uytterhoeven
Signed-off-by: David S. Miller -
When we get a GSO packet from an untrusted source, we need to
ensure that it is sufficiently long so that we don't end up
crashing.Based on discovery and patch by Ian Campbell.
Signed-off-by: Herbert Xu
Tested-by: Ian Campbell
Signed-off-by: David S. Miller -
When an skb with page frags is merged into an existing one, we
cannibalise its reference count. This is OK when the skb is
reused because we set nr_frags to zero in that case. However,
for the case where the skb is freed through kfree_skb, we didn't
clear nr_frags which causes the page to be freed prematurely.This is fixed by moving the skb resetting into skb_gro_receive.
Reported-by: Jeff Kirsher
Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
Reported by Jiri Klimes.
Fix suggested by Patrick McHardy.
Signed-off-by: David S. Miller
-
As GRO cannot be applied to packets with frag_list we need to
make sure that we reject such packets if they are fed to us,
e.g., through a tunnel device.Also there is no point in applying GRO on GSO packets so they
too should be rejected. This allows GRO to be used in virtio-net
which may produce GSO packets directly but may still benefit
from GRO if the other end of it doesn't support GSO.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller
14 Jan, 2009
6 commits
-
Signed-off-by: Heiko Carstens
-
Signed-off-by: Heiko Carstens
-
Signed-off-by: Heiko Carstens
-
When a fib6 table dump is prematurely ended, we won't unlink
its walker from the list. This causes all sorts of grief for
other users of the list later.Reported-by: Chris Caputo
Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller -
As spotted by Willy Tarreau, current splice() from tcp socket to pipe is not
optimal. It processes at most one segment per call.
This results in low performance and very high overhead due to syscall rate
when splicing from interfaces which do not support LRO.Willy provided a patch inside tcp_splice_read(), but a better fix
is to let tcp_read_sock() process as many segments as possible, so
that tcp_rcv_space_adjust() and tcp_cleanup_rbuf() are called less
often.With this change, splice() behaves like tcp_recvmsg(), being able
to consume many skbs in one system call. With typical 1460 bytes
of payload per frame, that means splice(SPLICE_F_NONBLOCK) can return
16*1460 = 23360 bytes.Signed-off-by: Willy Tarreau
Signed-off-by: Eric Dumazet
Signed-off-by: David S. Miller
13 Jan, 2009
14 commits
-
net/mac80211/ht.c: In function ‘ieee80211_start_tx_ba_session’:
net/mac80211/ht.c:472: warning: ‘ret’ may be used uninitialized in this functionSigned-off-by: John W. Linville
-
Currently htb_do_events() breaks events recounting for a level after 2
jiffies, but there is no reason to repeat this for next levels and
increase delays even more (with softirqs disabled). htb_dequeue_tree()
can add to this too, btw. In such a case q->now time is invalid anyway.Thanks to Patrick McHardy for spotting an error around earlier version
of this patch.Signed-off-by: Jarek Poplawski
Signed-off-by: David S. Miller -
Next event time should consider jiffies used for recounting. Otherwise
qdisc_watchdog_schedule() triggers hrtimer immediately with the event
in the past, and may cause very high ksoftirqd cpu usage (if highres
is on).There is also removed checking "event" for zero in htb_dequeue(): it's
always true in this place.Signed-off-by: Jarek Poplawski
Signed-off-by: David S. Miller -
netfilter: xt_time: print timezone for user information
Let users have a way to figure out if their distro set the kernel
timezone at all.Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
nf_conntrack_alloc cannot return NULL, so there is no need to check for
NULL before using the value. I have also removed the initialization of ct
to NULL in nf_conntrack_alloc, since the value is never used, and since
perhaps it might lead one to think that return ct at the end might return
NULL.The semantic patch that finds this problem is as follows:
(http://www.emn.fr/x-info/coccinelle/)//
@match exists@
expression x, E;
position p1,p2;
statement S1, S2;
@@x@p1 = nf_conntrack_alloc(...)
... when != x = E
(
if (x@p2 == NULL || ...) S1 else S2
|
if (x@p2 == NULL && ...) S1 else S2
)@other_match exists@
expression match.x, E1, E2;
position p1!=match.p1,match.p2;
@@x@p1 = E1
... when != x = E2
x@p2@ script:python depends on !other_match@
p1 << match.p1;
p2 << match.p2;
@@print "%s: call to nf_conntrack_alloc %s bad test %s" % (p1[0].file,p1[0].line,p2[0].line)
//Signed-off-by: Julia Lawall
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
An old bug crept back into the ICMP/ICMPv6 conntrack protocols: the timeout
values are defined as unsigned longs, the sysctl's maxsize is set to
sizeof(unsigned int). Use unsigned int for the timeout values as in the
other conntrack protocols.Reported-by: Jean-Mickael Guerin
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Commit 8cc784ee (netfilter: change return types of match functions
for ebtables extensions) broke ebtables matches by inverting the
sense of match/nomatch.Reported-by: Matt Cross
Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Commit 55b69e91 (netfilter: implement NFPROTO_UNSPEC as a wildcard
for extensions) broke revision probing for matches and targets that
are registered with NFPROTO_UNSPEC.Fix by continuing the search on the NFPROTO_UNSPEC list if nothing
is found on the af-specific lists.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
The PPPOE/VLAN processing code in the bridge netfilter is broken
by design. The VLAN tag and the PPPOE session ID are an integral
part of the packet flow information, yet they're completely
ignored by the bridge netfilter. This is potentially a security
hole as it treats all VLANs and PPPOE sessions as the same.What's more, it's actually broken for PPPOE as the bridge netfilter
tries to trim the packets to the IP length without adjusting the
PPPOE header (and adjusting the PPPOE header isn't much better
since the PPPOE peer may require the padding to be present).Therefore we should disable this by default.
It does mean that people relying on this feature may lose networking
depending on how their bridge netfilter rules are configured.
However, IMHO the problems this code causes are serious enough to
warrant this.Signed-off-by: Herbert Xu
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Currently the bridge FORWARD/POST_ROUTING chains treats all
non-IPv4 packets as IPv6. This packet fixes that by returning
NF_ACCEPT on non-IP packets instead, just as is done in PRE_ROUTING.Signed-off-by: Herbert Xu
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Don't spam logs for locally generated short packets. these can only
be generated by root.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
This patch fixes a panic that might occur, if the device is part of a mesh
and tries to send with a higher rate index than "0".kernel BUG at net/mac80211/rate.c:239!
invalid opcode: 0000 [#1] SMP
[...]
Call Trace:
? invoke_tx_handlers+0x474/0xb57 [mac80211]
? __ieee80211_tx_prepare+0x260/0x2a8 [mac80211]
? ieee80211_master_start_xmit+0x300/0x43a [mac80211]
? __qdisc_run+0xde/0x1da
? net_tx_action+0xb4/0x102
Kernel panic - not syncing: Fatal exception in interruptSigned-off-by: Christian Lamparter
Signed-off-by: John W. Linville -
Changing mode on an interface is not allowed if IBSS is disabled for the
current channel. That restriction should only apply when switching to
the ad-hoc mode, as it was prior to "cfg80211: handle SIOCGIWMODE/SIOCSIWMODE".Signed-off-by: Pavel Roskin
Signed-off-by: John W. Linville -
This patch fixes the following WARNING (caused by rix_to_ndx): "
>WARNING: at net/mac80211/rc80211_minstrel.c:69 minstrel_rate_init+0xd2/0x33a [mac80211]()
>[...]
>Call Trace:
> warn_on_slowpath+0x51/0x75
> _format_mac_addr+0x4c/0x88
> minstrel_rate_init+0xd2/0x33a [mac80211]
> print_mac+0x16/0x1b
> schedule_hrtimeout_range+0xdc/0x107
> ieee80211_add_station+0x158/0x1bd [mac80211]
> nl80211_new_station+0x1b3/0x20b [cfg80211]The reason is that I'm experimenting with "g" only mode on a 802.11 b/g card.
Therefore rate_lowest_index returns 4 (= 6Mbit, instead of usual 0 = 1Mbit).
Since mi->r array is initialized with zeros in minstrel_alloc_sta,
rix_to_ndx has a hard time to find the 6Mbit entry and will trigged the WARNING.Signed-off-by: Christian Lamparter
Acked-by: Felix Fietkau
Signed-off-by: John W. Linville
11 Jan, 2009
6 commits
-
The recent dmaengine rework removed the capability to remove dma device
driver modules while net_dma is active. Rather than notify
dmaengine-clients that channels are trying to be removed, we now rely on
clients to notify dmaengine when they no longer have a need for
channels. Teach net_dma to release channels by taking dmaengine
references at netdevice open and dropping references at netdevice close.Acked-by: Maciej Sosnowski
Signed-off-by: Dan Williams
Signed-off-by: David S. Miller -
Thanks to Wei and Arnaldo for pointing out the correct
new reference for CCID-3.Signed-off-by: Gerrit Renker
Signed-off-by: David S. Miller -
Removed the __exit annotation of tfrc_lib_exit(), in order to suppress the following section mismatch messages:
WARNING: net/dccp/dccp.o(.text+0xd9): Section mismatch in reference from the function ccid_cleanup_builtins() to the function .exit.text:tfrc_lib_exit()
The function ccid_cleanup_builtins() references a function in an exit section.
Often the function tfrc_lib_exit() has valid usage outside the exit section
and the fix is to remove the __exit annotation of tfrc_lib_exit.WARNING: net/dccp/dccp.o(.init.text+0x48): Section mismatch in reference from the function ccid_initialize_builtins() to the function .exit.text:tfrc_lib_exit()
The function __init ccid_initialize_builtins() references
a function __exit tfrc_lib_exit().
This is often seen when error handling in the init function
uses functionality in the exit path.
The fix is often to remove the __exit annotation of
tfrc_lib_exit() so it may be used outside an exit section.Signed-off-by: Leonardo Potenza
Acked-by: Arnaldo Carvalho de Melo
Acked-by: Gerrit Renker
Signed-off-by: David S. Miller -
In each case, if the NULL test is necessary, then the dereference should be
moved below the NULL test.The semantic patch that makes this change is as follows:
(http://www.emn.fr/x-info/coccinelle/)//
@@
type T;
expression E;
identifier i,fld;
statement S;
@@- T i = E->fld;
+ T i;
... when != E
when != i
if (E == NULL) S
+ i = E->fld;
//Signed-off-by: Julia Lawall
Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller -
ARRAY_SIZE is more concise to use when the size of an array is divided by
the size of its type or the size of its first element.The semantic patch that makes this change is as follows:
(http://www.emn.fr/x-info/coccinelle/)//
@i@
@@#include
@depends on i using "paren.iso"@
type T;
T[] E;
@@- (sizeof(E)/sizeof(T))
+ ARRAY_SIZE(E)
//Signed-off-by: Julia Lawall
Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller -
When I made ipcomp use frags, I forgot to take out the original
truesize update that was added for pskb_expand_head. As we no
longer expand the head of skb, that update should have been removed.This bug is not related to the truesize warnings since we only
made it bigger than what it should've been.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller
10 Jan, 2009
1 commit
-
* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/djbw/async_tx: (22 commits)
ioat: fix self test for multi-channel case
dmaengine: bump initcall level to arch_initcall
dmaengine: advertise all channels on a device to dma_filter_fn
dmaengine: use idr for registering dma device numbers
dmaengine: add a release for dma class devices and dependent infrastructure
ioat: do not perform removal actions at shutdown
iop-adma: enable module removal
iop-adma: kill debug BUG_ON
iop-adma: let devm do its job, don't duplicate free
dmaengine: kill enum dma_state_client
dmaengine: remove 'bigref' infrastructure
dmaengine: kill struct dma_client and supporting infrastructure
dmaengine: replace dma_async_client_register with dmaengine_get
atmel-mci: convert to dma_request_channel and down-level dma_slave
dmatest: convert to dma_request_channel
dmaengine: introduce dma_request_channel and private channels
net_dma: convert to dma_find_channel
dmaengine: provide a common 'issue_pending_all' implementation
dmaengine: centralize channel allocation, introduce dma_find_channel
dmaengine: up-level reference counting to the module level
...
09 Jan, 2009
5 commits
-
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (84 commits)
wimax: fix kernel-doc for debufs_dentry member of struct wimax_dev
net: convert pegasus driver to net_device_ops
bnx2x: Prevent eeprom set when driver is down
net: switch kaweth driver to netdevops
pcnet32: round off carrier watch timer
i2400m/usb: wrap USB power saving in #ifdef CONFIG_PM
wimax: testing for rfkill support should also test for CONFIG_RFKILL_MODULE
wimax: fix kconfig interactions with rfkill and input layers
wimax: fix '#ifndef CONFIG_BUG' layout to avoid warning
r6040: bump release number to 0.20
r6040: warn about MAC address being unset
r6040: check PHY status when bringing interface up
r6040: make printks consistent with DRV_NAME
gianfar: Fixup use of BUS_ID_SIZE
mlx4_en: Returning real Max in get_ringparam
mlx4_en: Consider inline packets on completion
netdev: bfin_mac: enable bfin_mac net dev driver for BF51x
qeth: convert to net_device_ops
vlan: add neigh_setup
dm9601: warn on invalid mac address
... -
Current WiMAX rfkill code is missing the case where rfkill is compiled
in as modules and works only when rfkill is compiled in. This is not
correct. Fixed to test for CONFIG_RFKILL or CONFIG_RKILL_MODULE.Signed-off-by: Inaky Perez-Gonzalez
Signed-off-by: David S. Miller -
WiMAX can work without RFKILL, but it was missing a check to make sure
RFKILL is not being made a module with wimax compiled into the
kernel. This caused failed builds in s390, where CONFIG_INPUT is
always off.When RFKILL is enabled, the code uses the input layer to report
hardware switch changes; thus, if RFKILL is enabled, INPUT has to be
too. It also needs to display some message when INPUT is disabled that
explains why WiMAX is not selectable.(issues found by Randy Dunlap in the linux-next tree).
Signed-off-by: Inaky Perez-Gonzalez
Signed-off-by: David S. Miller -
Reported by Randy Dunlap:
> Also, this warning needs to be fixed:
>
> linux-next-20090106/net/wimax/id-table.c:133: warning: ISO C90
> forbids mixed declarations and codeMove the return on #defined(CONFIG_BUG) below the variable
declarations so it doesn't violate ISO C90.On wimax_id_table_release() we want to do a debug check if CONFIG_BUG
is enabled. However, we also want the debug code to be always compiled
to ensure there is no bitrot. It will be optimized out by the compiler
when CONFIG_BUG is disabled.Added a note to the function header stating this.
Signed-off-by: Inaky Perez-Gonzalez
Signed-off-by: David S. Miller
