Commit Graph

275804 Commits

Author SHA1 Message Date
Dan Carpenter
5dc5503f5a isdn: avoid copying too long drvid
"cfg->drvid" comes from the user so there is a possibility they
didn't NUL terminate it properly.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-29 18:39:37 -05:00
Dan Carpenter
746ae30f82 isdn: make sure strings are null terminated
These strings come from the user.  We strcpy() them inside
cf_command() so we should check that they are NULL terminated and
return an error if not.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-29 18:39:36 -05:00
Paul Moore
1281bc2565 netlabel: Fix build problems when IPv6 is not enabled
A recent fix to the the NetLabel code caused build problem with
configurations that did not have IPv6 enabled; see below:

 netlabel_kapi.c: In function 'netlbl_cfg_unlbl_map_add':
 netlabel_kapi.c:165:4:
  error: implicit declaration of function 'netlbl_af6list_add'

This patch fixes this problem by making the IPv6 specific code conditional
on the IPv6 configuration flags as we done in the rest of NetLabel and the
network stack as a whole.  We have to move some variable declarations
around as a result so things may not be quite as pretty, but at least it
builds cleanly now.

Some additional IPv6 conditionals were added to the NetLabel code as well
for the sake of consistency.

Reported-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Acked-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-29 16:48:52 -05:00
Xi Wang
c89304b8ea sctp: better integer overflow check in sctp_auth_create_key()
The check from commit 30c2235c is incomplete and cannot prevent
cases like key_len = 0x80000000 (INT_MAX + 1).  In that case, the
left-hand side of the check (INT_MAX - key_len), which is unsigned,
becomes 0xffffffff (UINT_MAX) and bypasses the check.

However this shouldn't be a security issue.  The function is called
from the following two code paths:

 1) setsockopt()

 2) sctp_auth_asoc_set_secret()

In case (1), sca_keylength is never going to exceed 65535 since it's
bounded by a u16 from the user API.  As such, the key length will
never overflow.

In case (2), sca_keylength is computed based on the user key (1 short)
and 2 * key_vector (3 shorts) for a total of 7 * USHRT_MAX, which still
will not overflow.

In other words, this overflow check is not really necessary.  Just
make it more correct.

Signed-off-by: Xi Wang <xi.wang@gmail.com>
Cc: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-29 15:51:03 -05:00
David S. Miller
c1baa88431 Merge branch 'nf' of git://1984.lsi.us.es/net 2011-11-29 01:20:55 -05:00
Xi Wang
a5e5c37434 sctp: integer overflow in sctp_auth_create_key()
The previous commit 30c2235c is incomplete and cannot prevent integer
overflows. For example, when key_len is 0x80000000 (INT_MAX + 1), the
left-hand side of the check, (INT_MAX - key_len), which is unsigned,
becomes 0xffffffff (UINT_MAX) and bypasses the check.

Signed-off-by: Xi Wang <xi.wang@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-29 00:31:45 -05:00
Li Wei
2a38e6d5ae ipv6: Set mcast_hops to IPV6_DEFAULT_MCASTHOPS when -1 was given.
We need to set np->mcast_hops to it's default value at this moment
otherwise when we use it and found it's value is -1, the logic to
get default hop limit doesn't take multicast into account and will
return wrong hop limit(IPV6_DEFAULT_HOPLIMIT) which is for unicast.

Signed-off-by: Li Wei <lw@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-28 18:09:13 -05:00
Anton Blanchard
5cac98dd06 net: Fix corruption in /proc/*/net/dev_mcast
I just hit this during my testing. Isn't there another bug lurking?

BUG kmalloc-8: Redzone overwritten

INFO: 0xc0000000de9dec48-0xc0000000de9dec4b. First byte 0x0 instead of 0xcc
INFO: Allocated in .__seq_open_private+0x30/0xa0 age=0 cpu=5 pid=3896
	.__kmalloc+0x1e0/0x2d0
	.__seq_open_private+0x30/0xa0
	.seq_open_net+0x60/0xe0
	.dev_mc_seq_open+0x4c/0x70
	.proc_reg_open+0xd8/0x260
	.__dentry_open.clone.11+0x2b8/0x400
	.do_last+0xf4/0x950
	.path_openat+0xf8/0x480
	.do_filp_open+0x48/0xc0
	.do_sys_open+0x140/0x250
	syscall_exit+0x0/0x40

dev_mc_seq_ops uses dev_seq_start/next/stop but only allocates
sizeof(struct seq_net_private) of private data, whereas it expects
sizeof(struct dev_iter_state):

struct dev_iter_state {
	struct seq_net_private p;
	unsigned int pos; /* bucket << BUCKET_SPACE + offset */
};

Create dev_seq_open_ops and use it so we don't have to expose
struct dev_iter_state.

[ Problem added by commit f04565ddf5 (dev: use name hash for
  dev_seq_ops) -Eric ]

Signed-off-by: Anton Blanchard <anton@samba.org>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-28 18:07:29 -05:00
Aries Lee
c4860ba2e1 jme: PHY configuration for compatible issue
To perform PHY calibration and set a different EA value by chip ID,
Whenever the NIC chip power on, ie booting or resuming, we need to
force HW to calibrate PHY parameter again, and also set a proper EA
value which gather from experiment.

Those procedures help to reduce compatible issues(NIC is unable to link
up in some special case) in giga speed.

Signed-off-by: AriesLee <AriesLee@jmicron.com>
Signed-off-by: Guo-Fu Tseng <cooldavid@cooldavid.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-27 19:21:09 -05:00
Eric Dumazet
de68dca181 inet: add a redirect generation id in inetpeer
Now inetpeer is the place where we cache redirect information for ipv4
destinations, we must be able to invalidate informations when a route is
added/removed on host.

As inetpeer is not yet namespace aware, this patch adds a shared
redirect_genid, and a per inetpeer redirect_genid. This might be changed
later if inetpeer becomes ns aware.

Cache information for one inerpeer is valid as long as its
redirect_genid has the same value than global redirect_genid.

Reported-by: Arkadiusz Miśkiewicz <a.miskiewicz@gmail.com>
Tested-by: Arkadiusz Miśkiewicz <a.miskiewicz@gmail.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-26 19:16:37 -05:00
Alexey Moiseytsev
0884d7aa24 AF_UNIX: Fix poll blocking problem when reading from a stream socket
poll() call may be blocked by concurrent reading from the same stream
socket.

Signed-off-by: Alexey Moiseytsev <himeraster@gmail.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-26 16:34:22 -05:00
Mark Brown
83b98fb46f dm9000: Fix check for disabled wake on LAN
We're trying to check if any options are defined which isn't wha the
existing code does due to confusing & and &&.

Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-26 15:58:47 -05:00
Florian Westphal
71b1391a41 l2tp: ensure sk->dst is still valid
When using l2tp over ipsec, the tunnel will hang when rekeying
occurs. Reason is that the transformer bundle attached to the dst entry
is now in STATE_DEAD and thus xfrm_output_one() drops all packets
(XfrmOutStateExpired increases).

Fix this by calling __sk_dst_check (which drops the stale dst
if xfrm dst->check callback finds that the bundle is no longer valid).

Cc: James Chapman <jchapman@katalix.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-26 15:57:36 -05:00
Eric Dumazet
8a6e77d520 decnet: proper socket refcounting
Better use sk_reset_timer() / sk_stop_timer() helpers to make sure we
dont access already freed/reused memory later.

Reported-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Tested-by: Sasha Levin <levinsasha928@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-26 15:49:07 -05:00
Ben Hutchings
fc0b927d9a net: Revert ARCNET and PHYLIB to tristate options
commit 88491d8103 ("drivers/net: Kconfig
& Makefile cleanup") changed the type of these options to bool, but
they select code that could (and still can) be built as modules.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-26 14:36:49 -05:00
Steffen Klassert
261663b0ee ipv4: Don't use the cached pmtu informations for input routes
The pmtu informations on the inetpeer are visible for output and
input routes. On packet forwarding, we might propagate a learned
pmtu to the sender. As we update the pmtu informations of the
inetpeer on demand, the original sender of the forwarded packets
might never notice when the pmtu to that inetpeer increases.
So use the mtu of the outgoing device on packet forwarding instead
of the pmtu to the final destination.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-26 14:29:52 -05:00
Steffen Klassert
b8400f3718 route: struct rtable can be const in rt_is_input_route and rt_is_output_route
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-26 14:29:51 -05:00
Steffen Klassert
618f9bc74a net: Move mtu handling down to the protocol depended handlers
We move all mtu handling from dst_mtu() down to the protocol
layer. So each protocol can implement the mtu handling in
a different manner.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-26 14:29:51 -05:00
Steffen Klassert
ebb762f27f net: Rename the dst_opt default_mtu method to mtu
We plan to invoke the dst_opt->default_mtu() method unconditioally
from dst_mtu(). So rename the method to dst_opt->mtu() to match
the name with the new meaning.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-26 14:29:50 -05:00
Steffen Klassert
6b600b26c0 route: Use the device mtu as the default for blackhole routes
As it is, we return null as the default mtu of blackhole routes.
This may lead to a propagation of a bogus pmtu if the default_mtu
method of a blackhole route is invoked. So return dst->dev->mtu
as the default mtu instead.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-26 14:29:50 -05:00
Jorge Boncompte [DTI2]
df07a94cf5 netns: fix proxy ARP entries listing on a netns
Skip entries from foreign network namespaces.

Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-25 13:24:49 -05:00
Dan Carpenter
42ca0203fd net/netlabel: copy and paste bug in netlbl_cfg_unlbl_map_add()
This was copy and pasted from the IPv4 code.  We're calling the
ip4 version of that function and map4 is NULL.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-25 01:41:29 -05:00
Li Wei
ac8a48106b ipv4: Save nexthop address of LSRR/SSRR option to IPCB.
We can not update iph->daddr in ip_options_rcv_srr(), It is too early.
When some exception ocurred later (eg. in ip_forward() when goto
sr_failed) we need the ip header be identical to the original one as
ICMP need it.

Add a field 'nexthop' in struct ip_options to save nexthop of LSRR
or SSRR option.

Signed-off-by: Li Wei <lw@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-23 19:19:32 -05:00
Anton Blanchard
67c170a24f ehea: Use round_jiffies_relative to align workqueue
Use round_jiffies_relative to align the ehea workqueue and avoid
extra wakeups.

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-23 19:14:20 -05:00
Anton Blanchard
aa9084a01a ehea: Reduce memory usage in buffer pools
Now that we enable multiqueue by default the ehea driver is using
quite a lot of memory for its buffer pools. With 4 queues we
consume 64MB in the jumbo packet ring, 16MB in the medium packet
ring and 16MB in the tiny packet ring.

We should only fill the jumbo ring once the MTU is increased but
for now halve it's size so it consumes 32MB. Also reduce the tiny
packet ring, with 4 queues we had 16k entries which is overkill.

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-23 19:14:20 -05:00
Thadeu Lima de Souza Cascardo
782428535e qlge: fix size of external list for TX address descriptors
When transmiting a fragmented skb, qlge fills a descriptor with the
fragment addresses, after DMA-mapping them. If there are more than eight
fragments, it will use the eighth descriptor as a pointer to an external
list. After mapping this external list, called OAL to a structure
containing more descriptors, it fills it with the extra fragments.

However, considering that systems with pages larger than 8KiB would have
less than 8 fragments, which was true before commit a715dea3c8, it
defined a macro for the OAL size as 0 in those cases.

Now, if a skb with more than 8 fragments (counting skb->data as one
fragment), this would start overwriting the list of addresses already
mapped and would make the driver fail to properly unmap the right
addresses on architectures with pages larger than 8KiB.

Besides that, the list of mappings was one size too small, since it must
have a mapping for the maxinum number of skb fragments plus one for
skb->data and another for the OAL. So, even on architectures with page
sizes 4KiB and 8KiB, a skb with the maximum number of fragments would
make the driver overwrite its counter for the number of mappings, which,
again, would make it fail to unmap the mapped DMA addresses.

Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@linux.vnet.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-23 19:10:00 -05:00
Yaniv Rosner
1d125bd52e bnx2x: Fix 5461x LED
Fix port identify test on 5461x PHY by driving LEDs through MDIO.

Signed-off-by: Yaniv Rosner <yanivr@broadcom.com>
Signed-off-by: Eilon Greenstein <eilong@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-23 19:07:55 -05:00
Jun Zhao
685f94e6db ipv4 : igmp : fix error handle in ip_mc_add_src()
When add sources to interface failure, need to roll back the sfcount[MODE]
to before state. We need to match it corresponding.

Acked-by: David L Stevens <dlstevens@us.ibm.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Jun Zhao <mypopydev@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-23 17:31:39 -05:00
Eric Dumazet
4d0fe50c75 ipv6: tcp: fix tcp_v6_conn_request()
Since linux 2.6.26 (commit c6aefafb7e : Add IPv6 support to TCP SYN
cookies), we can drop a SYN packet reusing a TIME_WAIT socket.

(As a matter of fact we fail to send the SYNACK answer)

As the client resends its SYN packet after a one second timeout, we
accept it, because first packet removed the TIME_WAIT socket before
being dropped.

This probably explains why nobody ever noticed or complained.

Reported-by: Jesse Young <jlyo@jlyo.org>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-23 17:29:23 -05:00
Xander Hover
15ac2b08a2 b44: Use dev_kfree_skb_irq() in b44_tx()
Reported issues when using dev_kfree_skb() on UP systems and
systems with low numbers of cores.  dev_kfree_skb_irq() will
properly save IRQ state before freeing the skb.

Tested on 3.1.1 and 3.2_rc2

Example of reproducible trace of kernel 3.1.1
------------[ cut here ]------------
   WARNING: at kernel/softirq.c:159 local_bh_enable+0x32/0x79()
   ...
   Pid: 0, comm: swapper Not tainted 3.1.1-gentoo #1
   Call Trace:
    [<c1022970>] warn_slowpath_common+0x65/0x7a
    [<c102699e>] ? local_bh_enable+0x32/0x79
    [<c1022994>] warn_slowpath_null+0xf/0x13
    [<c102699e>] local_bh_enable+0x32/0x79
    [<c134bfd8>] destroy_conntrack+0x7c/0x9b
    [<c134890b>] nf_conntrack_destroy+0x1f/0x26
    [<c132e3a6>] skb_release_head_state+0x74/0x83
    [<c132e286>] __kfree_skb+0xb/0x6b
    [<c132e30a>] consume_skb+0x24/0x26
    [<c127c925>] b44_poll+0xaa/0x449
    [<c1333ca1>] net_rx_action+0x3f/0xea
    [<c1026a44>] __do_softirq+0x5f/0xd5
    [<c10269e5>] ? local_bh_enable+0x79/0x79
    <IRQ>  [<c1026c32>] ? irq_exit+0x34/0x8d
    [<c1003628>] ? do_IRQ+0x74/0x87
    [<c13f5329>] ? common_interrupt+0x29/0x30
    [<c1006e18>] ? default_idle+0x29/0x3e
    [<c10015a7>] ? cpu_idle+0x2f/0x5d
    [<c13e91c5>] ? rest_init+0x79/0x7b
    [<c15c66a9>] ? start_kernel+0x297/0x29c
    [<c15c60b0>] ? i386_start_kernel+0xb0/0xb7
   ---[ end trace 583f33bb1aa207a9 ]---

Signed-off-by: Xander Hover <LKML@hover.be>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-23 16:40:31 -05:00
David S. Miller
46a246c4df netfilter: Remove NOTRACK/RAW dependency on NETFILTER_ADVANCED.
Distributions are using this in their default scripts, so don't hide
them behind the advanced setting.

Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-23 16:07:00 -05:00
Eric Dumazet
c16a98ed91 ipv6: tcp: fix panic in SYN processing
commit 72a3effaf6 ([NET]: Size listen hash tables using backlog
hint) added a bug allowing inet6_synq_hash() to return an out of bound
array index, because of u16 overflow.

Bug can happen if system admins set net.core.somaxconn &
net.ipv4.tcp_max_syn_backlog sysctls to values greater than 65536

Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-23 15:49:31 -05:00
Li Wei
4d65a2465f ipv6: fix a bug in ndisc_send_redirect
Release skb when transmit rate limit _not_ allow

Signed-off-by: Li Wei <lw@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-23 03:51:54 -05:00
John W. Linville
02f1ce35be Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless into for-davem 2011-11-22 16:46:55 -05:00
John W. Linville
82e5fc2a34 Revert "rt2800pci: handle spurious interrupts"
This reverts commit 4ba7d99978.

The original patch was a misguided attempt to improve performance on
some hardware that is apparently prone to spurious interrupt generation.

Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-11-22 16:38:19 -05:00
stephen hemminger
5eccdf5e06 tc: comment spelling fixes
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-22 16:37:01 -05:00
John W. Linville
6cccccafe9 Revert "rt2x00: handle spurious pci interrupts"
This reverts commit 23085d5796.

The original patch was a misguided attempt to improve performance on
some hardware that is apparently prone to spurious interrupt generation.

Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-11-22 16:36:35 -05:00
Feng King
20e994a05b net: correct comments of skb_shift
when skb_shift, we want to shift paged data from skb to tgt frag area.
Original comments revert the shift order

Signed-off-by: Feng King <kinwin2008@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-22 16:18:43 -05:00
Maciej Żenczykowski
717b6d8366 net-netlink: fix diag to export IPv4 tos for dual-stack IPv6 sockets
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-22 16:03:10 -05:00
Pablo Neira Ayuso
70e9942f17 netfilter: nf_conntrack: make event callback registration per-netns
This patch fixes an oops that can be triggered following this recipe:

0) make sure nf_conntrack_netlink and nf_conntrack_ipv4 are loaded.
1) container is started.
2) connect to it via lxc-console.
3) generate some traffic with the container to create some conntrack
   entries in its table.
4) stop the container: you hit one oops because the conntrack table
   cleanup tries to report the destroy event to user-space but the
   per-netns nfnetlink socket has already gone (as the nfnetlink
   socket is per-netns but event callback registration is global).

To fix this situation, we make the ctnl_notifier per-netns so the
callback is registered/unregistered if the container is
created/destroyed.

Alex Bligh and Alexey Dobriyan originally proposed one small patch to
check if the nfnetlink socket is gone in nfnetlink_has_listeners,
but this is a very visited path for events, thus, it may reduce
performance and it looks a bit hackish to check for the nfnetlink
socket only to workaround this situation. As a result, I decided
to follow the bigger path choice, which seems to look nicer to me.

Cc: Alexey Dobriyan <adobriyan@gmail.com>
Reported-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2011-11-22 00:34:47 +01:00
Dan Carpenter
f23aa62545 caif: fix endian conversion in cffrml_transmit()
The "tmp" variable here is used to store the result of cpu_to_le16()
so it should be an __le16 instead of an int.  We want the high bits
set and the current code works on little endian systems but not on
big endian systems.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Sjur Brændeland <sjur.brandeland@stericsson.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-21 16:46:24 -05:00
RongQing.Li
525c6465d4 dccp: fix error propagation in dccp_v4_connect
The errcode is not updated when ip_route_newports() fails.

Signed-off-by: RongQing.Li <roy.qing.li@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-21 16:45:26 -05:00
Jesper Juhl
fbe54e3b7a net, sja1000: Don't include version.h in peak_pci.c when not needed
It was pointed out by "make versioncheck" that we do not need to include
version.h in drivers/net/can/sja1000/peak_pci.c
This patch removes the unneeded include.

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Acked-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-21 16:43:53 -05:00
Jan Beulich
5ccb3ea720 xen-netback: use correct index for invalidation in xen_netbk_tx_check_gop()
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Cc: stable@vger.kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-21 15:32:15 -05:00
Giuseppe CAVALLARO
4f795b25ea stmmac: mask mmc interrupts
We need to mask the MMC irq otherwise if we raise the mmc
interrupts that are not handled the driver loops in the
handler.
In fact, by default all mmc counters (only used for stats)
are managed in SW and registers are cleared on each READ.

Signed-off-by: Giuseppe Cavallaro <peppe.cavallaro@st.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-21 15:31:15 -05:00
Thomas Jarosch
ba9bb431d3 iseries_veth: Fix wrong parameter given to sizeof call
"remote_list" is of type

struct dma_chunk remote_list[VETH_MAX_FRAMES_PER_MSG];

Probably a copy'n'paste error.

Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-21 14:56:35 -05:00
Dan Carpenter
40f9cd299a prism54: potential memory corruption in prism54_get_essid()
"dwrq->length" is the capped version of "essid->length".

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-11-21 14:45:21 -05:00
Johannes Berg
de3584bd62 cfg80211: fix regulatory NULL dereference
By the time userspace returns with a response to
the regulatory domain request, the wiphy causing
the request might have gone away. If this is so,
reject the update but mark the request as having
been processed anyway.

Cc: Luis R. Rodriguez <lrodriguez@qca.qualcomm.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Cc: stable@vger.kernel.org
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-11-21 14:45:20 -05:00
Helmut Schaa
9c8f2c42c9 mac80211: Fix endian bug in radiotap header generation
I intoduced this bug in commit a2fe816674
"mac80211: Build TX radiotap header dynamically"

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-11-21 14:45:20 -05:00
Ben Greear
904603f9b7 mac80211: Fix AMSDU rate printout in debugfs.
It was flipped.  See section 7.3.2.56 of the 802.11n
spec for details.

Signed-off-by: Ben Greear <greearb@candelatech.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2011-11-21 14:45:19 -05:00