1. 10 Nov, 2009 35 commits
  2. 22 Oct, 2009 5 commits
    • Greg Kroah-Hartman's avatar
      Linux 2.6.31.5 · e2984cbf
      Greg Kroah-Hartman authored
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
      e2984cbf
    • Linus Torvalds's avatar
      tty: Make flush_to_ldisc() locking more robust · 86d23a05
      Linus Torvalds authored
      commit c8e33141 upstream.
      
      The locking logic in this function is extremely subtle, and it broke
      when we started doing potentially concurrent 'flush_to_ldisc()' calls in
      commit e043e42b ("pty: avoid forcing
      'low_latency' tty flag").
      
      The code in flush_to_ldisc() used to set 'tty->buf.head' to NULL, with
      the intention that this would then cause any other concurrent calls to
      not do anything (locking note: we have to drop the buf.lock over the
      call to ->receive_buf that can block, which is why we can have
      concurrency here at all in the first place).
      
      It also used to set the TTY_FLUSHING bit, which would then cause any
      concurrent 'tty_buffer_flush()' to not free all the tty buffers and
      clear 'tty->buf.tail'.  And with 'buf.head' being NULL, and 'buf.tail'
      being non-NULL, new data would never touch 'buf.head'.
      
      Does that sound a bit too subtle? It was.  If another concurrent call to
      'flush_to_ldisc()' were to come in, the NULL buf.head would indeed cause
      it to not process the buffer list, but it would still clear TTY_FLUSHING
      afterwards, making the buffer protection against 'tty_buffer_flush()' no
      longer work.
      
      So this clears it all up.  We depend purely on TTY_FLUSHING for handling
      re-entrancy, and stop playing games with the buffer list entirely.  In
      fact, the buffer list handling is now robust enough that we could
      probably stop doing the whole "protect against 'tty_buffer_flush()'"
      thing entirely.
      
      However, Alan also points out that we would probably be better off
      simplifying the locking even further, and just take the tty ldisc_mutex
      around all the buffer flushing calls.  That seems like a good idea, but
      in the meantime this is a conceptually minimal fix (with the patch
      itself being bigger than required just to clean the code up and make it
      readable).
      
      This fixes keyboard trouble under X:
      
      	http://bugzilla.kernel.org/show_bug.cgi?id=14388Reported-and-tested-by: default avatarFrédéric Meunier <fredlwm@gmail.com>
      Reported-and-tested-by: default avatarBoyan <btanastasov@yahoo.co.uk>
      Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
      Cc: Paul Fulghum <paulkf@microgate.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
      86d23a05
    • Johannes Berg's avatar
      mac80211: fix vlan and optimise RX · c90aa19d
      Johannes Berg authored
      commit fbc44bf7 upstream.
      
      When receiving data frames, we can send them only to
      the interface they belong to based on transmitting
      station (this doesn't work for probe requests). Also,
      don't try to handle other frames for AP_VLAN at all
      since those interface should only receive data.
      
      Additionally, the transmit side must check that the
      station we're sending a frame to is actually on the
      interface we're transmitting on, and not transmit
      packets to functions that live on other interfaces,
      so validate that as well.
      
      Another bug fix is needed in sta_info.c where in the
      VLAN case when adding/removing stations we overwrite
      the sdata variable we still need.
      Signed-off-by: default avatarJohannes Berg <johannes@sipsolutions.net>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
      c90aa19d
    • Jay Sternberg's avatar
      iwlwifi: incorrect method used for finding valid OTP blocks · eef5edb4
      Jay Sternberg authored
      commit 2facba76 upstream.
      
      The address stored in the next link address is a word address but when
      reading the OTP blocks, a byte address is used. Also if the blocks are
      full and the last link pointer is not zero, then none of the blocks are
      valid so return an error.
      
      The algorithm is simply valid blocks have a next address and that
      address's contents is zero.
      
      Using the wrong address for the next link address gets arbitrary data,
      obviously. In cases seen, the first block is considered valid when it is not.
      
      If the block has in fact been invalidated there may be old data or
      there may be no data, bad data, or partial data, there is no way of
      telling. Without this patch it is possible that a device with valid OTP data
      is unable to work.
      Signed-off-by: default avatarJay Sternberg <jay.e.sternberg@intel.com>
      Signed-off-by: default avatarReinette Chatre <reinette.chatre@intel.com>
      Signed-off-by: default avatarJohn W. Linville <linville@tuxdriver.com>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
      eef5edb4
    • Benjamin Herrenschmidt's avatar
      usb-storage: Workaround devices with bogus sense size · 670add0a
      Benjamin Herrenschmidt authored
      commit b8430e1b upstream.
      
      usb-storage: Workaround devices with bogus sense size
      
      Some devices, such as Huawei E169, advertise more than the standard
      amount of sense data, causing us to set US_FL_SANE_SENSE, assuming
      they support it. However, they subsequently fail the request sense
      with that size.
      
      This works around it generically. When a sense request fails due to
      a device returning an error, US_FL_SANE_SENSE was set, and that sense
      request used a larger sense size, we retry with a smaller size before
      giving up.
      
      Based on an original patch by Ben Efros <ben@pc-doctor.com>
      Signed-off-by: default avatarBenjamin Herrenschmidt <benh@kernel.crashing.org>
      Acked-by: default avatarAlan Stern <stern@rowland.harvard.edu>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
      670add0a