1
Commit Graph

109392 Commits

Author SHA1 Message Date
Linus Torvalds
b9b50363e6 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6:
  ALSA: ASoC: Fix double free and memory leak in many codec drivers
  ALSA: CA0106 on MSI K8N Diamond PLUS Motherboard
2008-08-25 11:24:51 -07:00
James Bottomley
8a549f8b58 [IA64] Fix __{in,out}s{w,l} to handle unaligned data
Some ia64 systems produce several repeats of kernel messages like this:

 kernel unaligned access to 0xe000000644220466, ip=0xa000000100516fa1

This was tracked to ide code using the __cmd[] field in "struct request"
via the __outsw() function.  __cmd[] is a char array, so is not guaranteed
to be properly aligned when accessed as words.

Tested-by: Nishanth Aravamudan <nacc@us.ibm.com>
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-08-25 11:23:13 -07:00
Linus Torvalds
087713f454 Merge branch 'kvm-updates-2.6.27' of git://git.kernel.org/pub/scm/linux/kernel/git/avi/kvm
* 'kvm-updates-2.6.27' of git://git.kernel.org/pub/scm/linux/kernel/git/avi/kvm:
  KVM: fix userspace ABI breakage
  KVM: MMU: Fix torn shadow pte
  KVM: Use .fixup instead of .text.fixup on __kvm_handle_fault_on_reboot
2008-08-25 11:19:53 -07:00
Linus Torvalds
7cf0bed9c3 Merge git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus
* git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus:
  lguest: update commentry
  stop_machine: Remove deprecated stop_machine_run
  stop_machine: wean Xen off stop_machine_run
  virtio_balloon: fix towards_target when deflating balloon
2008-08-25 11:18:49 -07:00
Linus Torvalds
ffb4ba76a2 [module] Don't let gcc inline load_module()
'load_module()' is a complex function that contains all the ELF section
logic, and inlining it is utterly insane.  But gcc will do it, simply
because there is only one call-site.  As a result, all the stack space
that is allocated for all the work to load the module will still be
active when we actually call the module init sequence, and the deep call
chain makes stack overflows happen.

And stack overflows are really hard to debug, because they not only
corrupt random pages below the stack, but also corrupt the thread_info
structure that is allocated under the stack.

In this case, Alan Brunelle reported some crazy oopses at bootup, after
loading the processor module that ends up doing complex ACPI stuff and
has quite a deep callchain.  This should fix it, and is the sane thing
to do regardless.

Cc: Alan D. Brunelle <Alan.Brunelle@hp.com>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-08-25 11:10:26 -07:00
Robin Holt
42aca483dd [IA64] Fix ia64 build failure when CONFIG_SFC=m
CONFIG_SFC=m uses topology_core_siblings() which, for ia64, expects
cpu_core_map to be exported.  It is not.  This patch exports the needed
symbol.

Maintainers note: This really looks like the wrong thing to do ... it
would be much better for the kernel to export an API to provide
drivers like this with data they need (which in the case of this
driver seems to be an estimate of the effective parallelism available
on the platform).  But x86 has exported this forever ... so go with
the flow until such an API is defined.

Signed-off-by: Ben Hutchings <bhutchings@solarflare.com>
Signed-off-by: Matthew Wilcox <willy@linux.intel.com>
Signed-off-by: Robin Holt <holt@sgi.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-08-25 11:10:11 -07:00
Heiko Carstens
dbe13d9981 [S390] dcss: fix build bug.
Fix this compile bug:

  CC      drivers/s390/block/dcssblk.o
drivers/s390/block/dcssblk.c: In function 'dcssblk_add_store':
drivers/s390/block/dcssblk.c:387: error: implicit declaration of function 'dcssblk_get_segment_by_name'
drivers/s390/block/dcssblk.c:389: error: label 'release_gd' used but not defined
make[1]: *** [drivers/s390/block/dcssblk.o] Error 1
make: *** [drivers/s390/block/] Error 2

Cc: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2008-08-25 18:15:01 +02:00
Heiko Carstens
5453c1a575 [S390] Fix linker script.
6360b1fbb4 ("move BUG_TABLE into RODATA")
causes this build bug (binutils 2.18.50.0.8.20080709, gcc 4.3.1):

  AS      .tmp_kallsyms1.o
  LD      .tmp_vmlinux2
  KSYM    .tmp_kallsyms2.S
s390x-4.3.1-nm: .tmp_vmlinux2: File truncated
No valid symbol.
make: *** [.tmp_kallsyms2.S] Error 1

So fix this.

Cc: Jan Beulich <jbeulich@novell.com>
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2008-08-25 18:15:01 +02:00
Peter Zijlstra
354879bb97 sched_clock: fix cpu_clock()
This patch fixes 3 issues:

a) it removes the dependency on jiffies, because jiffies are incremented
   by a single CPU, and the tick is not synchronized between CPUs. Therefore
   relying on it to calculate a window to clip whacky TSC values doesn't work
   as it can drift around.

   So instead use [GTOD, GTOD+TICK_NSEC) as the window.

b) __update_sched_clock() did (roughly speaking):

   delta = sched_clock() - scd->tick_raw;
   clock += delta;

   Which gives exponential growth, instead of linear.

c) allows the sched_clock_cpu() value to warp the u64 without breaking.

the results are more reliable sched_clock() deltas:

           before       after   sched_clock

cpu_clock: 15750        51312   51488
cpu_clock: 59719        51052   50947
cpu_clock: 15879        51249   51061
cpu_clock: 1            50933   51198
cpu_clock: 1            50931   51039
cpu_clock: 1            51093   50981
cpu_clock: 1            51043   51040
cpu_clock: 1            50959   50938
cpu_clock: 1            50981   51011
cpu_clock: 1            51364   51212
cpu_clock: 1            51219   51273
cpu_clock: 1            51389   51048
cpu_clock: 1            51285   51611
cpu_clock: 1            50964   51137
cpu_clock: 1            50973   50968
cpu_clock: 1            50967   50972
cpu_clock: 1            58910   58485
cpu_clock: 1            51082   51025
cpu_clock: 1            50957   50958
cpu_clock: 1            50958   50957
cpu_clock: 1006128      51128   50971
cpu_clock: 1            51107   51155
cpu_clock: 1            51371   51081
cpu_clock: 1            51104   51365
cpu_clock: 1            51363   51309
cpu_clock: 1            51107   51160
cpu_clock: 1            51139   51100
cpu_clock: 1            51216   51136
cpu_clock: 1            51207   51215
cpu_clock: 1            51087   51263
cpu_clock: 1            51249   51177
cpu_clock: 1            51519   51412
cpu_clock: 1            51416   51255
cpu_clock: 1            51591   51594
cpu_clock: 1            50966   51374
cpu_clock: 1            50966   50966
cpu_clock: 1            51291   50948
cpu_clock: 1            50973   50867
cpu_clock: 1            50970   50970
cpu_clock: 998306       50970   50971
cpu_clock: 1            50971   50970
cpu_clock: 1            50970   50970
cpu_clock: 1            50971   50971
cpu_clock: 1            50970   50970
cpu_clock: 1            51351   50970
cpu_clock: 1            50970   51352
cpu_clock: 1            50971   50970
cpu_clock: 1            50970   50970
cpu_clock: 1            51321   50971
cpu_clock: 1            50974   51324

Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-08-25 17:39:57 +02:00
Austin Zhang
2a61812af2 x86: add X86_FEATURE_XMM4_2 definitions
Added Intel processor SSE4.2 feature flag.

No in-tree user at the moment, but makes the tree-merging life easier
for the crypto tree.

Signed-off-by: Austin Zhang <austin.zhang@intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-08-25 17:28:16 +02:00
Joel Becker
d6817cdbd1 ocfs2: Increment the reference count of an already-active stack.
The ocfs2_stack_driver_request() function failed to increment the
refcount of an already-active stack.  It only did the increment on the
first reference.  Whoops.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Tested-by: Marcos Matsunaga <marcos.matsunaga@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-08-25 07:29:47 -07:00
Adrian Bunk
1327138e29 KVM: fix userspace ABI breakage
The following part of commit 9ef621d3be
(KVM: Support mixed endian machines) changed on the size of a struct
that is exported to userspace:

include/linux/kvm.h:

@@ -318,14 +318,14 @@ struct kvm_trace_rec {
 	__u32 vcpu_id;
 	union {
 		struct {
-			__u32 cycle_lo, cycle_hi;
+			__u64 cycle_u64;
 			__u32 extra_u32[KVM_TRC_EXTRA_MAX];
 		} cycle;
 		struct {
 			__u32 extra_u32[KVM_TRC_EXTRA_MAX];
 		} nocycle;
 	} u;
-};
+} __attribute__((packed));

Packing a struct was the correct idea, but it packed the wrong struct.

Signed-off-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-08-25 17:28:25 +03:00
Avi Kivity
cd5998ebfb KVM: MMU: Fix torn shadow pte
The shadow code assigns a pte directly in one place, which is nonatomic on
i386 can can cause random memory references.  Fix by using an atomic setter.

Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-08-25 17:24:27 +03:00
Eduardo Habkost
18b13e5457 KVM: Use .fixup instead of .text.fixup on __kvm_handle_fault_on_reboot
vmlinux.lds expects the fixup code to be on a section named .fixup. The
.text.fixup section is not mentioned on vmlinux.lds, and is included on
the resulting vmlinux (just after .text) only because of ld heuristics on
placing orphan sections.

However, placing .text.fixup outside .text breaks the definition of
_etext, making it exclude the .text.fixup contents. That makes .text.fixup
be ignored by the kernel initialization code that needs to know about
section locations, such as the code setting page protection bits.

Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Avi Kivity <avi@qumranet.com>
2008-08-25 17:22:57 +03:00
Rusty Russell
1dc3e3bcbf lguest: update commentry
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2008-08-26 00:19:28 +10:00
Rusty Russell
bf20029677 stop_machine: Remove deprecated stop_machine_run
Everyone should be using stop_machine() now.  The staged API
transition helped life in linux-next.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2008-08-26 00:19:27 +10:00
Rusty Russell
37a7c0f3e3 stop_machine: wean Xen off stop_machine_run
This is the last use of (the deprecated) stop_machine_run in the tree.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Acked-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
2008-08-26 00:19:27 +10:00
Anthony Liguori
532a6086e3 virtio_balloon: fix towards_target when deflating balloon
Both v and vb->num_pages are u32 and unsigned int respectively.  If v is less
than vb->num_pages (and it is, when deflating the balloon), the result is a
very large 32-bit number.  Since we're returning a s64, instead of getting the
same negative number we desire, we get a very large positive number.

This handles the case where v < vb->num_pages and ensures we get a small,
negative, s64 as the result.

Rusty: please push this for 2.6.27-rc4.  It's probably appropriate for the
stable tree too as it will cause an unexpected OOM when ballooning.

Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (simplified)
2008-08-26 00:19:25 +10:00
Peter Zijlstra
52a8968ce9 x86: fix cpufreq + sched_clock() regression
I noticed that my sched_clock() was slow on a number of machine, so I
started looking at cpufreq.

The below seems to fix the problem for me.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-08-25 14:39:19 +02:00
Ingo Molnar
f58899bb02 Merge branch 'linus' into x86/urgent 2008-08-25 14:39:12 +02:00
Jean Delvare
3051e41ab7 ALSA: ASoC: Fix double free and memory leak in many codec drivers
Many SoC audio codec drivers have improper freeing of memory in error
paths.

* codec is allocated in the platform device probe function, but is not
  freed there in case of error. Instead it is freed in the i2c device
  probe function's error path. However the success or failure of both
  functions is not linked, so this could result in a double free (if
  the platform device is successfully probed, the i2c device probing
  fails and then the platform driver is unregistered.)

* codec->private_data is allocated in many platform device probe
  functions but not freed in their error paths.

This patch hopefully solves all these problems.

Signed-off-by: Jean Delvare <khali@linux-fr.org>
Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-08-25 13:49:52 +02:00
Singh, Vimal
d68156cfad [MTD] [NAND] nand_ecc.c: adding support for 512 byte ecc
Support 512 byte ECC calculation

[FM: updated two comments]

Signed-off-by: Vimal Singh <vimalsingh@ti.com>
Signed-off-by: Frans Meulenbroeks <fransmeulenbroeks@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2008-08-25 12:23:36 +01:00
Huang Weiyi
dffc8d6654 [MTD] [NAND] au1550nd.c: remove unused #include <version.h>
It doesn't use LINUX_VERSION_CODE nor KERNEL_VERSION.

This patch removes the said #include <version.h>.

Signed-off-by: Huang Weiyi <weiyi.huang@gmail.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2008-08-25 12:20:53 +01:00
Bernd Schmidt
3d9b7a5ce5 Blackfin arch: fix bug - MPU crashes under stress
Bug Description:
a customer reported under IRQ stress, running applications may
wrongly trigger an ICPLB miss and be killed. after playing a
bit more, here's a test case that may be triggering the same bug.

Fixing:
After modifying page protections, only modify the active CPLBs if the
protection change was made for the active mm.

Signed-off-by: Bernd Schmidt <bernds_cb1@t-online.de>
Signed-off-by: Bryan Wu <cooloney@kernel.org>
2008-08-25 18:41:15 +08:00
Sonic Zhang
225f7e1eb5 Blackfin arch: Fix bug - when to rmmod the L1_module, it stucks and then reboot the board.
Fix this by correcting the wrong pointer

Signed-off-by: Sonic Zhang <sonic.zhang@analog.com>
Signed-off-by: Bryan Wu <cooloney@kernel.org>
2008-08-25 18:00:45 +08:00
Mike Frysinger
d70536ec3a Blackfin arch: dont actually need to muck with EMAC_SYSTAT for BF52x for demuxing
Signed-off-by: Mike Frysinger <vapier.adi@gmail.com>
Signed-off-by: Bryan Wu <cooloney@kernel.org>
2008-08-25 17:37:35 +08:00
Michael Hennerich
ceac2651e9 Blackfin arch: Add MTD Partitions for MTD_DATAFLASH, increase max SPI SCLK
Signed-off-by: Michael Hennerich <michael.hennerich@analog.com>
Signed-off-by: Bryan Wu <cooloney@kernel.org>
2008-08-25 17:39:11 +08:00
Yinghai Lu
a2bd7274b4 x86: fix HPET regression in 2.6.26 versus 2.6.25, check hpet against BAR, v3
David Witbrodt tracked down (and bisected) a hpet bootup hang on his
system to the following problem: a BIOS bug made the hpet device
visible as a generic PCI device. If e820 reserved entries happen to
be registered first in the resource tree [which v2.6.26 started doing],
then the PCI code will reallocate that device's BAR to some other
address - breaking timer IRQs and hanging the system.

( Normally hpet devices are hidden by the BIOS from the OS's PCI
  discovery via chipset magic. Sometimes the hpet is not a PCI device
  at all. )

Solve this fundamental fragility by making non-PCI platform drivers
insert resources into the resource tree even if it overlaps the e820
reserved entry, to keep the resource manager from updating the BAR.

Also do these checks for the ioapic and mmconfig addresses, and emit
a warning if this happens.

Bisected-by: David Witbrodt <dawitbro@sbcglobal.net>
Signed-off-by: Yinghai Lu <yhlu.kernel@gmail.com>
Tested-by: David Witbrodt <dawitbro@sbcglobal.net>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-08-25 10:02:03 +02:00
Travis Place
c5d44423d5 ALSA: CA0106 on MSI K8N Diamond PLUS Motherboard
Correct a previous patch for the ca0106 onboard the MSI K8N Diamond PLUS
motherboard. Confirmed to have Line/Mic/Aux working for input, and sound
output working as expected.

Signed-off-by: Travis Place <wishie@wishie.net>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-08-25 08:13:46 +02:00
Al Viro
4cdfe84b51 [PATCH] deal with the first call of ->show() generating no output
seq_read() has a subtle bug - we want the first loop there to go
until at least one *non-empty* record had fit entirely into buffer.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-25 01:18:10 -04:00
Al Viro
59af1584bf [PATCH] fix ->llseek() for a bunch of directories
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-25 01:18:09 -04:00
Al Viro
8f3f655da7 [PATCH] fix regular readdir() and friends
Handling of -EOVERFLOW.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-25 01:18:08 -04:00
Al Viro
da574983de [PATCH] fix hpux_getdents()
Missing checks for -EFAULT, broken handling of overflow.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-25 01:18:07 -04:00
Al Viro
645e68ed4d [PATCH] fix osf_getdirents()
Return value of filldir callback is just "should we stop here"; it's
not a usable channel for passing error values (i.e. ->readdir() will
forget anything except "is it non-zero").

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-25 01:18:06 -04:00
Christoph Hellwig
2690421743 [PATCH] ntfs: use d_add_ci
d_add_ci was lifted 1:1 from ntfs.  Change ntfs to use the common
version.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-25 01:18:06 -04:00
Christoph Hellwig
e45b590b97 [PATCH] change d_add_ci argument ordering
As pointed out during review d_add_ci argument order should match d_add,
so switch the dentry and inode arguments.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-25 01:18:05 -04:00
Al Viro
2d8a10cd17 [PATCH] fix efs_lookup()
it needs to use d_splice_alias(), not d_add()

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-25 01:18:04 -04:00
Alexey Dobriyan
cc99609917 [PATCH] proc: inode number fixlet
Ouch, if number taken from IDA is too big, the intent was to signal an
error, not check for overflow and still do overflowing addition.

One still needs 2^28 proc entries to notice this.

Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-25 01:18:03 -04:00
Martin Habets
349101da8e sparc: Add target for a stripped kernel
Add a target for a stripped kernel. This is used for the various
packaging targets (*-pkg).

Signed-off-by: Martin Habets <errandir_news@mph.eclipse.co.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-08-24 20:35:47 -07:00
David S. Miller
a39f2f466f sparc64: Make NUMA depend upon SMP.
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-08-24 19:41:43 -07:00
Linus Torvalds
060700b571 x86: do not enable TSC notifier if we don't need it
Impact: crash on non-TSC-equipped CPUs

Don't enable the TSC notifier if we *either*:

1. don't have a CPU, or
2. have a CPU with constant TSC.

In either of those cases, the notifier is either damaging (1) or useless(2).

From: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2008-08-24 17:16:28 -07:00
Dave Airlie
3e5fc80a40 drm: don't set the signal blocker on the master process.
There is a problem with debugging the X server and gdb crashes in
the xkb startup code.

This avoids the problem by allowing the master process to get signals.
It should be safe as the signal blocker is mainly so that you can
Ctrl-Z a 3D application without locking up the whole box. Ctrl-Z the
X server isn't something many people do.

Signed-off-by: Dave Airlie <airlied@redhat.com>
2008-08-25 06:35:33 +10:00
Thomas Hellstrom
e5b4f19417 drm: don't call the vblank tasklet with irqs disabled.
If a specific tasklet shares data with irq context,
it needs to take a private irq-blocking spinlock within
the tasklet itself.

Signed-off-by: Dave Airlie <airlied@redhat.com>
2008-08-25 06:35:21 +10:00
Nicolai Haehnle
649ffc06a6 r300: Fix cliprect emit
This makes our handling of cliprects sane. drm_clip_rect always has exclusiv
bottom-right corners, but the hardware expects inclusive bottom-right corner
so we adjust this here.

This complements Michel Daenzer's commit 57aea290e1e0a26d1e74df6cff777eb9f03
to Mesa. See also http://bugs.freedesktop.org/show_bug.cgi?id=16123

Signed-off-by: Dave Airlie <airlied@redhat.com>
2008-08-25 06:35:12 +10:00
Nicolai Haehnle
e2898c5fdd drm/radeon: r300_cmdbuf: Always emit INDX_BUFFER immediately after DRAW_INDEX
DRAW_INDEX writes a vertex count to VAP_VF_CNTL. Docs say that behaviour
is undefined (i.e. lockups happen) when this write is not followed by the
right number of vertex indices.

Thus we used to do the wrong thing when drawing across many cliprects was
necessary, because we emitted a sequence
DRAW_INDEX, DRAW_INDEX, INDX_BUFFER, INDX_BUFFER
instead of
DRAW_INDEX, INDX_BUFFER, DRAW_INDEX, INDX_BUFFER
The latter is what we're doing now and which ought to be correct.

Signed-off-by: Dave Airlie <airlied@redhat.com>
2008-08-25 06:35:05 +10:00
Jerome Glisse
54f961a628 radeon: fix some hard lockups on r3/4/500s
This patch should fix hard lockup and convert them in
softlockup (ie you can ssh the box but the gpu is busted
and we are waiting in loop for it to come back to reason).

Signed-off-by: Dave Airlie <airlied@redhat.com>
2008-08-25 06:34:58 +10:00
Lennert Buytenhek
c4560318cf mv643xx_eth: bump version to 1.3
Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
2008-08-24 07:36:39 +02:00
Arjan van de Ven
83097aca85 Fix oops in acer_wmi driver (acer_wmi_init)
The acer_wmi driver does a DMI scan for quirks, and then sets flags into the
"interface" datastructure for some cases. However, the quirks happen real early
before "interface" is per se initialized from NULL.

The patch below 1) adds a NULL pointer check and 2) (re)runs the quirks at the
end, when "interface" has it's final value.

Reported-by: kerneloops.org
Acked-by: Carlos Corbacho <carlos@strangeworlds.co.uk>
CC: stable@vger.kernel.org
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-08-23 21:54:00 -07:00
Lennert Buytenhek
abe787170b mv643xx_eth: enforce multiple-of-8-bytes receive buffer size restriction
The mv643xx_eth hardware ignores the lower three bits of the buffer
size field in receive descriptors, causing the reception of full-sized
packets to fail at some MTUs.  Fix this by rounding the size of
allocated receive buffers up to a multiple of eight bytes.

While we are at it, add a bit of extra space to each receive buffer so
that we can handle multiple vlan tags on ingress.

Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
2008-08-24 03:33:44 +02:00
Lennert Buytenhek
9e1f377242 mv643xx_eth: fix NULL pointer dereference in rxq_process()
When we are low on memory, the assumption that every descriptor in the
receive ring will have an skbuff associated with it does not hold.

rxq_process() was assuming that if the receive descriptor it is working
on is not owned by the hardware, it can safely be processed and handed
to the networking stack.  But a descriptor in the receive ring not being
owned by the hardware can also happen when we are low on memory and did
not manage to refill the receive ring fully.

This patch changes rxq_process()'s bailout condition from "the first
receive descriptor to be processed is owned by the hardware" to "the
first receive descriptor to be processed is owned by the hardware OR
the number of valid receive descriptors in the ring is zero".

Signed-off-by: Lennert Buytenhek <buytenh@marvell.com>
2008-08-24 03:33:40 +02:00