Select Git revision
Search by author
- Any Author
- authors
-
72162444 72162444 gaochangning
-
Aaron Kim akim
-
Aaron Kloc akloc
-
Aaron Nabil aaronna
-
Abel Fang abel_fang
-
Abhijit Adsule adsule
-
Abhishek Kar abhiskar
-
Abhishek Mishra abhishek_mishra
-
Adam Ford aford
-
Adam Radlinski adam.radlinski.1
-
Adam Snyder adsnyder
-
Adam Xue axue
-
Adam Yeh adam.yeh
-
Adigarla Devi adigarla.devi
-
adithya kalyan adithyakalyan_bh
-
aditya gunda agunda
-
Adriano Munin eldorado.adriano.munin
-
Adrien Martinez adrien.martinez
-
Agasthya Holla agasthya.holla
-
Agathon Jung agathon.jung
- Jun 12, 2005
-
-
Chris Wright authored
-
Stephen Hemminger authored
Netem duplication can cause infinite loop in qdisc_run because the qlen of the parent qdisc is not affected by the duplication. Signed-off-by:
Stephen Hemminger <shemminger@osdl.org> Signed-off-by:
Chris Wright <chrisw@osdl.org> Signed-off-by:
Greg Kroah-Hartman <gregkh@suse.de>
-
Stephen Hemminger authored
Avoid poisoning of the bridge forwarding table by frames that have been dropped by filtering. This prevents spoofed source addresses on hostile side of bridge from causing packet leakage, a small but possible security risk. Signed-off-by:
-
Jan Kara authored
Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. The patch was confirmed to fix observed assertion failures for several users. When we flushed some buffers we need to retry scanning the list. Otherwise we can fail to detect our progress. Signed-off-by:
Jan Kara <jack@suse.cz> Signed-off-by:
Andrew Morton <akpm@osdl.org> Signed-off-by:
-
Pete Jewell authored
Cc: kraxel@bytesex.org This is a tiny patch that fixes bttv-cards.c so that Leadtek WinFast VC100 XP video capture cards work. I've been advised to post it here after having already posted it to the v4l mailing list. Acked-by:
Gerd Knorr <kraxel@bytesex.org> Signed-off-by:
Linus Torvalds <torvalds@osdl.org> Signed-off-by:
-
Andi Kleen authored
Don't allow accesses below register frame in ptrace There was a "off by one quad word" error in there. Found and fixed by John Blackwood Signed-off-by:
Andi Kleen <ak@suse.de> Signed-off-by:
-
Andi Kleen authored
Keep interrupts disabled during smp bootup This avoids a race that breaks SMP bootup on some machines. The race is not fully plugged (that is only done with much more changes in 2.6.12), but should be good enough for most people. Keeping the interrupts disabled here is ok because we don't rely on the timer interrupt for local APIC timer setup, but always read the timer registers directly. (originally from Rusty Russell iirc) Signed-off-by:
-
Colin Leroy authored
This patch fixes the leak of sb->s_fs_info in both the HFS and HFS+ modules. In addition to this, it fixes an oops happening when trying to mount a non-hfsplus filesystem using hfsplus. This patch is from Roman Zippel, based off patches sent by myself. It's been included in 2.6.12- rc4. See http://www.kernel.org/git/gitweb.cgi?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=945b092011c6af71a0107be96e119c8c08776f3f (chrisw: backport to -stable) Signed-off-by:
Roman Zippel <zippel@linux-m68k.org> Signed-off-by:
Colin Leroy <colin@colino.net> Signed-off-by:
-
Harald Welte authored
When we have ip_queue being used from LOCAL_IN, then we end up with a situation where the verdicts coming back from userspace traverse the TCP input path from syscall context. While this seems to work most of the time, there's an ugly deadlock: syscall context is interrupted by the timer interrupt. When the timer interrupt leaves, the timer softirq get's scheduled and calls tcp_delack_timer() and alike. They themselves do bh_lock_sock(sk), which is already held from somewhere else -> boom. I've now tested the suggested solution by Patrick McHardy and Herbert Xu to simply use local_bh_{en,dis}able(). Signed-off-by:Harald Welte <laforge@netfilter.org> Signed-off-by:
David S. Miller <davem@davemloft.net> Signed-off-by:
-
William Lee Irwin III authored
try_to_unmap_cluster() does: for (pte = pte_offset_map(pmd, address); address < end; pte++, address += PAGE_SIZE) { ... } pte_unmap(pte); It may take a little staring to notice, but pte can actually fall off the end of the pte page in this iteration, which makes life difficult for kmap_atomic() and the users not expecting it to BUG(). Of course, we're somewhat lucky in that arithmetic elsewhere in the function guarantees that at least one iteration is made, lest this force larger rearrangements to be made. This issue and patch also apply to non-mm mainline and with trivial adjustments, at least two related kernels. Discovered during internal testing at Oracle. Signed-off-by:William Irwin <wli@holomorphy.com> Signed-off-by:
-
- May 27, 2005
-
-
-
Andi Kleen authored
It could be in a memory hole not mapped in mem_map and that causes the hash lookup to go off to nirvana. Back port to -stable tree by Chris Wright Signed-off-by:
-
Andi Kleen authored
The PTEs can point to ioremap mappings too, and these are often outside mem_map. The NUMA hash page lookup functions cannot handle out of bounds accesses properly. Signed-off-by:
-
Andi Kleen authored
This works around a bug in the AMD K8 CPUs. Signed-off-by:
-
Andi Kleen authored
Allowed user programs to set a non canonical segment base, which would cause oopses in the kernel later. Credit-to: Alexander Nyberg <alexn@dsv.su.se> For identifying and reporting this bug. Signed-off-by:
-
Andi Kleen authored
This works around an AMD Erratum. Signed-off-by:
-
Greg Kroah-Hartman authored
Thanks to Mark Lord <mlord@pobox.com> for reporting this and helping with testing. Signed-off-by:
-
Gregor Jasny authored
Summary: prevent oops & dead keyboard on usb unplugging while the device is being used Without this patch, some usb kobjects, which are parents to the usx2y's kobjects can be freed before the usx2y's. This led to an oops in get_kobj_path_length() and a dead keyboard, when the usx2y's kobjects were freed. The patch ensures the correct sequence. Tested ok on kernel 2.6.12-rc2. Present in ALSA cvs Signed-off-by:
Karsten Wiese <annabellesgarden@yahoo.de> Signed-off-by:
-
Gregor Jasny authored
Summary: prevent oops & dead keyboard on usb unplugging while the device is being used Without this patch, some usb kobjects, which are parents to the usx2y's kobjects can be freed before the usx2y's. This led to an oops in get_kobj_path_length() and a dead keyboard, when the usx2y's kobjects were freed. The patch ensures the correct sequence. Tested ok on kernel 2.6.12-rc2. Present in ALSA cvs Signed-off-by:
-
Ralf Baechle authored
ROSE wasn't verifying the ndigis argument of a new route resulting in a minor security hole. Signed-off-by:
-
Daniel Drake authored
This is from Gentoo's 2.6.11 patchset. A problem was introduced in 2.6.10 where some users could not enable DMA on their disks (particularly ALi15x3 users). This was a small mistake with the no_lba48_dma flag. I can't find the exact commit but this is definately included in 2.6.12-rc4. From: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com> Signed-off-by:
-
vandrove@vc.cvut.cz authored
There was too much/too few byteswapping done by driver and hardware in matroxfb on big endian hardware. Change fixes mirrored/split/corrupted letters seen on screen when using accelerated matroxfb mode. Patch was tested on Mips (by Peter) and x86-64 (by Petr). Signed-off-by:
Peter 'p2' De Schrijver <p2@mind.be> Signed-off-by:
Petr Vandrovec <vandrove@vc.cvut.cz> Signed-off-by:
-
olof@austin.ibm.com authored
Here's a fix to deal with p630 systems in LPAR mode. They're to date the only system that in some cases might lack a dma-window property for the bus, but contain an overriding property in the device node for the specific adapter/slot. This makes the device setup code a bit more complex since it needs to do some of the things that the bus setup code has already done. Signed-off-by:
Olof Johansson <olof@austin.ibm.com> Signed-off-by:
-
cmm@us.ibm.com authored
This patch fixed a race between ext3_discard_reservation() and ext3_try_to_allocate_with_rsv(). There is a window where ext3_discard_reservation will remove an already unlinked reservation window node from the filesystem reservation tree: It thinks the reservation is still linked in the filesystem reservation tree, but it is actually temperately removed from the tree by allocate_new_reservation() when it failed to make a new reservation from the current group and try to make a new reservation from next block group. Here is how it could happen: CPU 1 try to allocate a block in group1 with given reservation window my_rsv ext3_try_to_allocate_with_rsv(group ----copy reservation window my_rsv into local rsv_copy ext3_try_to_allocate(...rsv_copy) ----no free block in existing reservation window, ----need a new reservation window spin_lock(&rsv_lock); CPU 2 ext3_discard_reservation if (!rsv_is_empty() ----this is true spin_lock(&rsv_lock) ----waiting for thread 1 CPU 1: allocate_new_reservation failed to reserve blocks in this group remove the window from the tree rsv_window_remove(my_rsv) ----window node is unlinked from the tree here return -1 spin_unlock(&rsv_lock) ext3_try_to_allocate_with_rsv() failed in this group group++ CPU 2 spin_lock(&rsv_lock) succeed rsv_remove_window () ---------------break, trying to remove a unlinked node from the tree .... CPU 1: ext3_try_to_allocate_with_rsv(group, my_rsv) rsv_is_empty is true, need a new reservation window spin_lock(&rsv_lock); ^--------------- spinning forever We need to re-check whether the reservation window is still linked to the tree after grab the rsv_lock spin lock in ext3_discard_reservation, to prevent panic in rsv_remove_window->rb_erase. Signed-off-by:
-
bdschuym@pandora.be authored
The patch below fixes an smp race that happens on such systems under heavy load. This bug was reported and solved by Steve Herrell <steve_herrell@yahoo.ca> Signed-off-by:
Bart De Schuymer <bdschuym@pandora.be> Signed-off-by:
-
daniel.ritz@gmx.ch authored
During a warm boot the device is in D3 and has troubles coming out of it. Signed-off-by:
Daniel Ritz <daniel.ritz@gmx.ch> Signed-off-by:
-
Linus Torvalds authored
Fix get_unmapped_area sanity tests As noted by Chris Wright, we need to do the full range of tests regardless of whether MAP_FIXED is set or not, so re-organize get_unmapped_area() slightly to do the sanity checks unconditionally. Signed-off-by:
-
- May 16, 2005
-
-
Greg Kroah-Hartman authored
-
Peter Osterlund authored
ioctl_by_bdev may only be used INSIDE the kernel. If the "arg" argument refers to memory that is accessed by put_user/get_user in the ioctl function, the memory needs to be in the kernel address space (that's the set_fs(KERNEL_DS) doing in the ioctl_by_bdev). This works on i386 because even with set_fs(KERNEL_DS) the user space memory is still accessible with put_user/get_user. That is not true for s390. In short the ioctl implementation of the pktcdvd device driver is horribly broken. Signed-off-by:
Peter Osterlund <petero2@telia.com> Signed-off-by:
-
Dave Jones authored
[Patch] Fix raw device ioctl pass-through Raw character devices are supposed to pass ioctls through to the block devices they are bound to. Unfortunately, they are using the wrong function for this: ioctl_by_bdev(), instead of blkdev_ioctl(). ioctl_by_bdev() performs a set_fs(KERNEL_DS) before calling the ioctl, redirecting the user-space buffer access to the kernel address space. This is, needless to say, a bad thing. This was noticed first on s390, where raw IO was non-functioning. The s390 driver config does not actually allow raw IO to be enabled, which was the first part of the problem. Secondly, the s390 kernel address space is distinct from user, causing legal raw ioctls to fail. I've reproduced this on a kernel built with 4G:4G split on x86, which fails in the same way (-EFAULT if the address does not exist kernel-side; returns success without actually populating the user buffer if it does.) The patch below fixes both the config and address-space problems. It's based closely on a patch by Jan Glauber <jang@de.ibm.com>, which has been tested on s390 at IBM. I've tested it on x86 4G:4G (split address space) and x86_64 (common address space). Kernel-address-space access has been assigned CAN-2005-1264. Signed-off-by:
Stephen Tweedie <sct@redhat.com> Signed-off-by:
Dave Jones <davej@redhat.com> Signed-off-by:
-
- May 12, 2005
-
-
Greg Kroah-Hartman authored
-
Greg Kroah-Hartman authored
As reported by Paul Starzetz <ihaquer@isec.pl> Reference: CAN-2005-1263 Signed-off-by: -
akpm@osdl.org authored
Remove bogus BUG() in kernel/exit.c It's old sanity checking that may have been useful for debugging, but is just bogus these days. Noticed by Mattia Belletti. Signed-off-by:
-
chrisw@osdl.org authored
Add security contact info and relevant documentation. Signed-off-by:
-
khali@linux-fr.org authored
The it87 and via686a hardware monitoring drivers each create a sysfs file named "alarms" in R/W mode, while they should really create it in read-only mode. Since we don't provide a store function for these files, write attempts to these files will do something undefined (I guess) and bad (I am sure). My own try resulted in a locked terminal (where I attempted the write) and a 100% CPU load until next reboot. As a side note, wouldn't it make sense to check, when creating sysfs files, that readable files have a non-NULL show method, and writable files have a non-NULL store method? I know drivers are not supposed to do stupid things, but there is already a BUG_ON for several conditions in sysfs_create_file, so maybe we could add two more? Signed-off-by:
Jean Delvare <khali@linux-fr.org> Signed-off-by:
-
Greg Kroah-Hartman authored
Revert the msdos.c patch as it causes more problems than it helps right now. (it got munged together with the i2c patch also, stupid scripts...) Signed-off-by: -
Greg Kroah-Hartman authored
-
davem@davemloft.net authored
A couple message queue system call entries for compat tasks were not using the necessary compat_sys_*() functions, causing some glibc test cases to fail. From: "David S. Miller" <davem@davemloft.net> Signed-off-by:
-
jurij@wooyd.org authored
Because this routine was not filling in the siginfo values for si_band and si_fd, this broke applications trying to actually get at this data. This makes the sparc64 code in line with PowerPC64's implementation, which already gets it right. Signed-off-by:
-
davem@davemloft.net authored
SunOS aparently had this weird PTRACE_CONT semantic which we copied. If the addr argument is something other than 1, it sets the process program counter to whatever that value is. This is different from every other Linux architecture, which don't do anything with the addr and data args. This difference in particular breaks the Linux native GDB support for fork and vfork tracing on sparc and sparc64. There is no interest in running SunOS binaries using this weird PTRACE_CONT behavior, so just delete it so we behave like other platforms do. From: "David S. Miller" <davem@davemloft.net> Signed-off-by:
-
