1. 22 Aug, 2007 4 commits
    • Herbert Xu's avatar
      [SNAP]: Check packet length before reading · d92a7db7
      Herbert Xu authored
      The snap_rcv code reads 5 bytes so we should make sure that
      we have 5 bytes in the head before proceeding.
      
      Based on diagnosis and fix by Evgeniy Polyakov, reported by
      Alan J. Wylie.
      
      Patch also kills the skb->sk assignment before kfree_skb
      since it's redundant.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      d92a7db7
    • Gerrit Renker's avatar
      [DCCP]: Allocation in atomic context · 39dad26c
      Gerrit Renker authored
      This fixes the following bug reported in syslog:
      
      [ 4039.051658] BUG: sleeping function called from invalid context at /usr/src/davem-2.6/mm/slab.c:3032
      [ 4039.051668] in_atomic():1, irqs_disabled():0
      [ 4039.051670] INFO: lockdep is turned off.
      [ 4039.051674]  [<c0104c0f>] show_trace_log_lvl+0x1a/0x30
      [ 4039.051687]  [<c0104d4d>] show_trace+0x12/0x14
      [ 4039.051691]  [<c0104d65>] dump_stack+0x16/0x18
      [ 4039.051695]  [<c011371e>] __might_sleep+0xaf/0xbe
      [ 4039.051700]  [<c0157b66>] __kmalloc+0xb1/0xd0
      [ 4039.051706]  [<f090416f>] ccid2_hc_tx_alloc_seq+0x35/0xc3 [dccp_ccid2]
      [ 4039.051717]  [<f09048d6>] ccid2_hc_tx_packet_sent+0x27f/0x2d9 [dccp_ccid2]
      [ 4039.051723]  [<f085486b>] dccp_write_xmit+0x1eb/0x338 [dccp]
      [ 4039.051741]  [<f085603d>] dccp_sendmsg+0x113/0x18f [dccp]
      [ 4039.051750]  [<c03907fc>] inet_sendmsg+0x2e/0x4c
      [ 4039.051758]  [<c033a47d>] sock_aio_write+0xd5/0x107
      [ 4039.051766]  [<c015abc1>] do_sync_write+0xcd/0x11c
      [ 4039.051772]  [<c015b296>] vfs_write+0x118/0x11f
      [ 4039.051840]  [<c015b932>] sys_write+0x3d/0x64
      [ 4039.051845]  [<c0103e7c>] syscall_call+0x7/0xb
      [ 4039.051848]  =======================
      
      The problem was that GFP_KERNEL was used; fixed by using gfp_any().
      Signed-off-by: default avatarGerrit Renker <gerrit@erg.abdn.ac.uk>
      Signed-off-by: default avatarArnaldo Carvalho de Melo <acme@ghostprotocols.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      39dad26c
    • Robin Getz's avatar
      fix - ensure we don't use bootconsoles after init has been released · cb00e99c
      Robin Getz authored
      Gerd Hoffmann pointed out that my patch from yesterday can lead
      to a null pointer dereference if the kernel is booted with no
      console, and no earlyprintk defined. This fixes that issue.
      Signed-off-by: default avatarRobin Getz <rgetz@blackfin.uclinux.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      cb00e99c
    • Kumar Gala's avatar
      [POWERPC] Fix PCI Device ID for MPC8544/8533 processors · 15f6ddc7
      Kumar Gala authored
      The initial user manuals for MPC8544/8533 had some issues with properly
      documenting the device IDs for MPC8544/8533.  These processors are almost
      identical and both show up on the reference boards.
      
      Fix up the quirks for PCIe support to handle MPC8533/E.
      Signed-off-by: default avatarKumar Gala <galak@kernel.crashing.org>
      15f6ddc7
  2. 21 Aug, 2007 10 commits
  3. 20 Aug, 2007 21 commits
  4. 19 Aug, 2007 4 commits
  5. 18 Aug, 2007 1 commit
    • Chris Wright's avatar
      x86: properly initialize temp insn buffer for paravirt patching · d34fda4a
      Chris Wright authored
      With commit ab144f5e the patching code
      now collects the complete new instruction stream into a temp buffer
      before finally patching in the new insns.  In some cases the paravirt
      patchers will choose to leave the patch site unpatched (length mismatch,
      clobbers mismatch, etc).
      
      This causes the new patching code to copy an uninitialized temp buffer,
      i.e.  garbage, to the callsite.  Simply make sure to always initialize
      the buffer with the original instruction stream.  A better fix is to
      audit all the patchers and return proper length so that apply_paravirt()
      can skip copies when we leave the patch site untouched.
      Signed-off-by: default avatarChris Wright <chrisw@sous-sol.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      d34fda4a