Bernard Pidoux reported these lockdep warnings:
[ INFO: possible irq lock inversion dependency detected ]
2.6.23.1 #1
---------------------------------------------------------
fpac/4933 just changed the state of lock:
(slock-AF_AX25){--..}, at: [<d8be3312>] ax25_disconnect+0x46/0xaf
[ax25]
but this lock was taken by another, soft-irq-safe lock in the past:
(ax25_list_lock){-+..}
and interrupts could create inverse lock ordering between them.
[...]
[ INFO: inconsistent lock state ]
2.6.23.1 #1
---------------------------------
inconsistent {in-softirq-W} -> {softirq-on-W} usage.
ax25_call/4005 [HC0[0]:SC0[0]:HE1:SE1] takes:
(slock-AF_AX25){-+..}, at: [<d8b79312>] ax25_disconnect+0x46/0xaf [ax25]
[...]
This means slock-AF_AX25 could be taken both from softirq and process
context with softirqs enabled, so it's endangered itself, but also makes
ax25_list_lock vulnerable. It was not 100% verified if the real lockup
can happen, but this fix isn't very costly and looks safe anyway.
(It was tested by Bernard with 2.6.23.9 and 2.6.24-rc5 kernels.)
Reported_by: Bernard Pidoux <pidoux@ccr.jussieu.fr>
Tested_by: Bernard Pidoux <pidoux@ccr.jussieu.fr>
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
tcp_input_metrics() refers to the built-time constant TCP_RTO_MIN
regardless of configured minimum RTO with iproute2.
Signed-off-by: Satoru SATOH <satoru.satoh@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
If CONFIG_NETFILTER if not selected when compile the kernel source code,
ipv6_getsockopt will returen an EINVAL error if optname is not supported by
the kernel. But if CONFIG_NETFILTER is selected, ENOPROTOOPT error will
be return.
This patch fix to always return ENOPROTOOPT error if optname argument of
ipv6_getsockopt is not supported by the kernel.
Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Assigning a valid random address to bridge device solves problems
when bridge device is brought up before adding real device to bridge.
When the first real device is added to the bridge, it's address
will overide the bridges random address.
Note: any device added to a bridge must already have a valid
ethernet address.
br_add_if -> br_fdb_insert -> fdb_insert -> is_valid_ether_addr
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
The difference between ip=off and ip=::::::off has been a cause of much
confusion. Document how each behaves, and do not contradict ourselves by
saying that "off" is the default when in fact "any" is the default and is
descibed as being so lower in the file.
Signed-off-by: Amos Waterland <apw@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
gcc throws these warnings with:
CONFIG_ATM_FORE200E=m
# CONFIG_ATM_FORE200E_PCA is not set
drivers/atm/fore200e.c:2695: warning: 'fore200e_pca_detect' defined but
not used
drivers/atm/fore200e.c:2748: warning: 'fore200e_pca_remove_one' defined
but not used
By moving the #ifdef CONFIG_ATM_FORE200E_PCA around those two functions,
the compiler warnings are silenced.
Signed-off-by: Tom "spot" Callaway <tcallawa@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
As reported by Damien Thebault, the double POSTROUTING hook invocation
fix caused outgoing packets routed between two bridges to appear without
a link-layer header. The reason for this is that we're skipping the
br_nf_post_routing hook for routed packets now and don't save the
original link layer header, but nevertheless tries to restore it on
output, causing corruption.
The root cause for this is that skb->nf_bridge has no clearly defined
lifetime and is used to indicate all kind of things, but that is
quite complicated to fix. For now simply don't touch these packets
and handle them like packets from any other device.
Tested-by: Damien Thebault <damien.thebault@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
* trivial annotations
* long != 32bit, use __be32
* wrong endianness in sending CISCO_ADDR_REPLY
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
As noted by Kevin, tipc's release() does down_interruptible() and
ignores the return value. So if signal_pending() we'll end up doing
up() on a non-downed semaphore. Fix.
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
In order to avoid jiffies wraparound and its effect, special care must
be taken
when doing comparisons ...
Signed-off-by: Eric Dumazet <dada1@cosmosbay.com>
Acked-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Currently the IPsec protocol SPI values are written to the audit log in
network byte order which is different from almost all other values which
are recorded in host byte order. This patch corrects this inconsistency
by writing the SPI values to the audit record in host byte order.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
When copying entries to user, the kernel makes two passes through the
data, first copying all the entries, then fixing up names and counters.
On the second pass it copies the kernel and match data from userspace
to the kernel again to find the corresponding structures, expecting
that kernel pointers contained in the data are still valid.
This is obviously broken, fix by avoiding the second pass completely
and fixing names and counters while dumping the ruleset, using the
kernel-internal data structures.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch is a fix. It sets IPS_EXPECTED for related conntracks.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
We need to mask out the proper bits when testing the dispatch status
register else we can see unrelated NACK bits from previous cross call
sends.
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch against 2.6.23 sparc-2.6.git contains a number of minor
cleanups of the sparc serial drivers. Initially I fixed this build
warning:
WARNING: vmlinux.o(.text+0x107a2c): Section mismatch: reference to .init.text:add_preferred_console (between 'sunserial_console_match' and 'sunserial_console_termios')
which is done by declaring sunserial_console_match() as __init. This
resulted in build warnings on sunserial_current_minor. To resolve
these the variable was changed so it is no longer global, and to hide
operations on it inside 2 new functions. These functions handle the
UART minor handling code that is common to all sparc serial drivers.
These changes allowed to clean up the uart counters in all the sparc
serial drivers, and the administration of minor device numbers.
Lastly, sunserial_console_termios() does not need to be exported since
it is only called from non-modular code.
Sadly, the following build warning still exists:
WARNING: vmlinux.o(__ksymtab+0x2910): Section mismatch: reference to .init.text:sunserial_console_match (between '__ksymtab_sunserial_console_match' and '__ksymtab_sunserial_unregister_minors')
This could be resolved by not exporting sunserial_console_match(), but
this is not possible at the moment because it is being called from
modular code. On the other hand, this is a bogus warning since it
comes from a ksymtab section.
Signed-off-by: Martin Habets <errandir_news@mph.eclipse.co.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
Build fix to the isp1301_omap driver ... this driver gets built
more often in the OMAP tree than in mainline, partly because the
defconfig for H2 (plus probably H3 and H4) needs updating.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Jean Delvare <khali@linux-fr.org>
This is required to let hwmon drivers attach to the adapter.
Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Signed-off-by: Jean Delvare <khali@linux-fr.org>
videobuf_dvb needs videobuf_read_start. The EXPORT_SYMBOL_GPL() were removed by
a previous patch. However, videobuf_dvb needs this.
This patch re-adds videobuf_read_start, doing the proper lock.
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
This reverts commit 70eba18b56, as per
Jeff Garzik:
"That was meant for 2.6.25, and actually (due to patching) applied to
a completely unrelated 2.6.24 net driver."
Noted-by: Roland Dreier <rdreier@cisco.com>
Requested-by: Jeff Garzik <jgarzik@pobox.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
On Tue, 4 Dec 2007, Ingo Molnar wrote:
> drivers/built-in.o: In function `dibusb_dib3000mc_tuner_attach':
> : undefined reference to `dib3000mc_get_tuner_i2c_master'
> drivers/built-in.o: In function `dibusb_dib3000mc_tuner_attach':
> : undefined reference to `dib3000mc_set_config'
Seems like -common part contains also code that is not completely
common to all the modules.
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Tested-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
cxusb needs tuner-xc2028*.h files, but Makefile is not adding its patch
drivers/media/dvb/dvb-usb/cxusb.c:33:26: error: tuner-xc2028.h: File not found
drivers/media/dvb/dvb-usb/cxusb.c:34:32: error: tuner-xc2028-types.h: File not found
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
There are several months my hvr1110 stop working.
This is very simple to fix, for my card revision at least, by setting a
missing field to the hauppauge_hvr_1110_config.
Signed-off-by: Benoit Istin <beistin@gmail.com>
Signed-off-by: Michael Krufky <mkrufky@linuxtv.org>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
This is pretty serious bug. map->count is never initialized after the
call to kmalloc making the count start at some random trash value. The
end result is leaking videobufs.
Also, fix up the debug statements to print unsigned values.
Pushed to http://ifup.org/hg/v4l-dvb too
Signed-off-by: Brandon Philips <bphilips@suse.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
The saa7134 video driver starts dropping frames when used together with the
saa7134-alsa driver. Frames are dropped because when an audio event is waiting
the driver simply ignores the interrupt and passes it on to the saa7134-alsa
interrupt handler. The alsa interrupt handler in turn acknowledges all types
of events thus clearing the pending video events as well. Fix by only masking
out the audio event in the video interrupt handler and by only acknowledging
the audio event in the alsa driver.
Signed-off-by: Heikki Lindholm <holindho@cs.helsinki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
The vmux for composite over s-video input was wrong.
Signed-off-by: Hermann Pitton <hermann-pitton@arcor.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
Complement va_start() with va_end() + minor style fixes in the same function.
Signed-off-by: Richard Knutsson <ricknu-0@student.ltu.se>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
The period handling in saa7134-alsa is broken in two ways. First, the
minimum number of periods of two does not work, because the dma is setup
two periods ahead in the irq handler. Fix the minimum to four periods.
Second, the code assumes that the number of periods is divisible by two,
which isn't always the case on ALSA. Fix by adding a constraint.
Signed-off-by: Heikki Lindholm <holindho@cs.helsinki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
The default adc_clock for the zl10353 is different from what was originally
thought to be the case and the TRL nominal rate formula was incorrect as a
result. Use a better (and hopefully now correct) formula.
Signed-off-by: Chris Pascoe <c.pascoe@itee.uq.edu.au>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
Drivers were using cookie cutter code for stopping the read/stream. Use the
new videobuf_stop function which is lock safe.
Signed-off-by: Brandon Philips <bphilips@suse.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
- Add comments to functions that require that caller hold q->lock
- Add __videobuf_mmap_free that doesn't hold q->lock for use within videobuf
- Add locking to videobuf_mmap_free
- Fix linux/drivers/media/common/saa7146_video.c which was holding lock around
videobuf_read_stop
- Add locking to functions that operate on a queue
- Add videobuf_stop to take care of stopping in both the read and stream case
TODO: bttv still has an unsafe call to videobuf_queue_is_busy
Signed-off-by: Brandon Philips <bphilips@suse.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
This is a modified version of a patch previously posted by Thomas
Unverzagt.
Signed-off-by: Hartmut Hackmann <hartmut.hackmann@t-online.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
The attached patch is required so that the autodetecion code also works after
a reboot.
Setting the I2C speed does not seem to be supported for em2800.
Signed-off-by: Sascha Sommer <saschasommer@freenet.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
If we get an error during the actual policy lookup we don't free the
original dst while the caller expects us to always free the original
dst in case of error.
This patch fixes that.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
The vlan module cleanup function starts with
vlan_netlink_fini();
vlan_ioctl_set(NULL);
The first call removes all the vlan devices and
the second one closes the vlan ioctl.
AFAIS there's a tiny race window between these two
calls - after rtnl unregistered all the vlans, but
the ioctl handler isn't set to NULL yet, user can
manage to call this ioctl and create one vlan device,
and that this function will later BUG_ON seeing
non-emply hashes.
I think, that we must first close the vlan ioctl
and only after this remove all the vlans with the
vlan_netlink_fini() call.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Acked-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
There are some return value comments for void functions.
Fixed it.
Signed-off-by: Wang Chen <wangchen@cn.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Packets can be left in the RX ring if the NAPI budget is reached.
This is caused by storing the latest rx index at the beginning of
bnx2_rx_int(). We may not process all the work up to this index
if the budget is reached and so some packets in the RX ring may rot
when we later check for more work using this stored rx index.
The fix is to not store this latest hw index and only store the
processed rx index. We use a new function bnx2_get_hw_rx_cons()
to fetch the latest hw rx index.
Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Recently, Wang Chen submitted a patch
(d30f53aeb3) to move a call to netif_rx(skb)
after a subsequent reference to skb, because netif_rx may call kfree_skb on
its argument. netif_rx_ni calls netif_rx, so the same problem occurs in
the files below.
I have left the updating of dev->last_rx after the calls to netif_rx_ni
because it seems time dependent, but moved the other field updates before.
This was found using the following semantic match.
(http://www.emn.fr/x-info/coccinelle/)
// <smpl>
@@
expression skb, e,e1;
@@
(
netif_rx(skb);
|
netif_rx_ni(skb);
)
... when != skb = e
(
skb = e1
|
* skb
)
// </smpl>
Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: David S. Miller <davem@davemloft.net>