rpms/kernel/FC-4 linux-2.6.14.3pre.patch, NONE, 1.1 kernel-2.6.spec, 1.1511, 1.1512
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Nov 23 05:27:10 UTC 2005
Author: davej
Update of /cvs/dist/rpms/kernel/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv10764
Modified Files:
kernel-2.6.spec
Added Files:
linux-2.6.14.3pre.patch
Log Message:
2.6.14.3pre. sort of.
linux-2.6.14.3pre.patch:
arch/i386/kernel/cpu/mtrr/main.c | 8 +++
arch/ppc64/Kconfig | 12 +---
arch/x86_64/kernel/setup.c | 6 ++
drivers/block/pktcdvd.c | 3 -
drivers/char/rtc.c | 66 +++++++++++++++------------
drivers/hwmon/it87.c | 7 ++
drivers/hwmon/lm78.c | 3 -
drivers/hwmon/w83627hf.c | 9 ++-
drivers/isdn/hardware/eicon/os_4bri.c | 4 -
drivers/net/wan/hdlc_cisco.c | 6 ++
drivers/net/wan/hdlc_fr.c | 4 +
drivers/net/wan/hdlc_generic.c | 7 ++
fs/locks.c | 3 -
include/net/ipv6.h | 2
kernel/signal.c | 3 -
net/ipv4/netfilter/ip_conntrack_ftp.c | 4 -
net/ipv4/netfilter/ip_conntrack_irc.c | 4 -
net/ipv4/netfilter/ip_conntrack_netlink.c | 10 ++--
net/ipv4/netfilter/ip_conntrack_proto_icmp.c | 14 ++---
net/ipv4/netfilter/ip_conntrack_proto_tcp.c | 11 ++--
net/ipv4/netfilter/ip_conntrack_tftp.c | 5 --
net/ipv4/netfilter/ip_nat_core.c | 6 --
net/ipv4/netfilter/ip_nat_helper_pptp.c | 29 ++++++++++-
net/ipv4/netfilter/ip_nat_proto_gre.c | 5 --
net/ipv4/netfilter/ip_nat_proto_unknown.c | 3 -
net/ipv6/datagram.c | 3 -
net/ipv6/exthdrs.c | 23 ++++++++-
net/ipv6/ip6_flowlabel.c | 16 ++----
net/ipv6/raw.c | 4 +
net/ipv6/udp.c | 5 +-
net/netfilter/nf_queue.c | 3 -
31 files changed, 183 insertions(+), 105 deletions(-)
--- NEW FILE linux-2.6.14.3pre.patch ---
-stable review patch. If anyone has any objections, please let us know.
------------------
---
arch/ppc64/Kconfig | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
--- linux-2.6.14.2.orig/arch/ppc64/Kconfig
+++ linux-2.6.14.2/arch/ppc64/Kconfig
@@ -234,6 +234,10 @@ config HMT
This option enables hardware multithreading on RS64 cpus.
pSeries systems p620 and p660 have such a cpu type.
+config NUMA
+ bool "NUMA support"
+ default y if DISCONTIGMEM || SPARSEMEM
+
config ARCH_SELECT_MEMORY_MODEL
def_bool y
@@ -249,9 +253,6 @@ config ARCH_DISCONTIGMEM_DEFAULT
def_bool y
depends on ARCH_DISCONTIGMEM_ENABLE
-config ARCH_FLATMEM_ENABLE
- def_bool y
-
config ARCH_SPARSEMEM_ENABLE
def_bool y
depends on ARCH_DISCONTIGMEM_ENABLE
@@ -274,10 +275,6 @@ config NODES_SPAN_OTHER_NODES
def_bool y
depends on NEED_MULTIPLE_NODES
-config NUMA
- bool "NUMA support"
- default y if DISCONTIGMEM || SPARSEMEM
-
config SCHED_SMT
bool "SMT (Hyperthreading) scheduler support"
depends on SMP
-stable review patch. If anyone has any objections, please let us know.
------------------
If a task is being traced we never auto-reap it even if it might look
like its parent doesn't care. The tracer obviously _does_ care.
Signed-off-by: Linus Torvalds <torvalds at osdl.org>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
kernel/signal.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- linux-2.6.14.2.orig/kernel/signal.c
+++ linux-2.6.14.2/kernel/signal.c
@@ -1524,7 +1524,7 @@ void do_notify_parent(struct task_struct
psig = tsk->parent->sighand;
spin_lock_irqsave(&psig->siglock, flags);
- if (sig == SIGCHLD &&
+ if (!tsk->ptrace && sig == SIGCHLD &&
(psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN ||
(psig->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDWAIT))) {
/*
-stable review patch. If anyone has any objections, please let us know.
------------------
Fixed the soft lockup of ALSA rtc-timer due to the wrong irq
handling in rtc_control(). The call of rtc_control() can be atomic.
Signed-off-by: Takashi Iwai <tiwai at suse.de>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
drivers/char/rtc.c | 65 ++++++++++++++++++++++++++++++-----------------------
1 file changed, 38 insertions(+), 27 deletions(-)
--- linux-2.6.14.2.orig/drivers/char/rtc.c
+++ linux-2.6.14.2/drivers/char/rtc.c
@@ -149,8 +149,22 @@ static void get_rtc_alm_time (struct rtc
#ifdef RTC_IRQ
static void rtc_dropped_irq(unsigned long data);
-static void set_rtc_irq_bit(unsigned char bit);
-static void mask_rtc_irq_bit(unsigned char bit);
+static void set_rtc_irq_bit_locked(unsigned char bit);
+static void mask_rtc_irq_bit_locked(unsigned char bit);
+
+static inline void set_rtc_irq_bit(unsigned char bit)
+{
+ spin_lock_irq(&rtc_lock);
+ set_rtc_irq_bit_locked(bit);
+ spin_unlock_irq(&rtc_lock);
+}
+
+static void mask_rtc_irq_bit(unsigned char bit)
+{
+ spin_lock_irq(&rtc_lock);
+ mask_rtc_irq_bit_locked(bit);
+ spin_unlock_irq(&rtc_lock);
+}
#endif
static int rtc_proc_open(struct inode *inode, struct file *file);
@@ -401,18 +415,19 @@ static int rtc_do_ioctl(unsigned int cmd
}
case RTC_PIE_OFF: /* Mask periodic int. enab. bit */
{
- mask_rtc_irq_bit(RTC_PIE);
+ unsigned long flags; /* can be called from isr via rtc_control() */
+ spin_lock_irqsave (&rtc_lock, flags);
+ mask_rtc_irq_bit_locked(RTC_PIE);
if (rtc_status & RTC_TIMER_ON) {
- spin_lock_irq (&rtc_lock);
rtc_status &= ~RTC_TIMER_ON;
del_timer(&rtc_irq_timer);
- spin_unlock_irq (&rtc_lock);
}
+ spin_unlock_irqrestore (&rtc_lock, flags);
return 0;
}
case RTC_PIE_ON: /* Allow periodic ints */
{
-
+ unsigned long flags; /* can be called from isr via rtc_control() */
/*
* We don't really want Joe User enabling more
* than 64Hz of interrupts on a multi-user machine.
@@ -421,14 +436,14 @@ static int rtc_do_ioctl(unsigned int cmd
(!capable(CAP_SYS_RESOURCE)))
return -EACCES;
+ spin_lock_irqsave (&rtc_lock, flags);
if (!(rtc_status & RTC_TIMER_ON)) {
- spin_lock_irq (&rtc_lock);
rtc_irq_timer.expires = jiffies + HZ/rtc_freq + 2*HZ/100;
add_timer(&rtc_irq_timer);
rtc_status |= RTC_TIMER_ON;
- spin_unlock_irq (&rtc_lock);
}
- set_rtc_irq_bit(RTC_PIE);
+ set_rtc_irq_bit_locked(RTC_PIE);
+ spin_unlock_irqrestore (&rtc_lock, flags);
return 0;
}
case RTC_UIE_OFF: /* Mask ints from RTC updates. */
@@ -609,6 +624,7 @@ static int rtc_do_ioctl(unsigned int cmd
{
int tmp = 0;
unsigned char val;
+ unsigned long flags; /* can be called from isr via rtc_control() */
/*
* The max we can do is 8192Hz.
@@ -631,9 +647,9 @@ static int rtc_do_ioctl(unsigned int cmd
if (arg != (1<<tmp))
return -EINVAL;
- spin_lock_irq(&rtc_lock);
+ spin_lock_irqsave(&rtc_lock, flags);
if (hpet_set_periodic_freq(arg)) {
- spin_unlock_irq(&rtc_lock);
+ spin_unlock_irqrestore(&rtc_lock, flags);
return 0;
}
rtc_freq = arg;
@@ -641,7 +657,7 @@ static int rtc_do_ioctl(unsigned int cmd
val = CMOS_READ(RTC_FREQ_SELECT) & 0xf0;
val |= (16 - tmp);
CMOS_WRITE(val, RTC_FREQ_SELECT);
- spin_unlock_irq(&rtc_lock);
+ spin_unlock_irqrestore(&rtc_lock, flags);
return 0;
}
#endif
@@ -844,12 +860,15 @@ int rtc_control(rtc_task_t *task, unsign
#ifndef RTC_IRQ
return -EIO;
#else
- spin_lock_irq(&rtc_task_lock);
+ unsigned long flags;
+ if (cmd != RTC_PIE_ON && cmd != RTC_PIE_OFF && cmd != RTC_IRQP_SET)
+ return -EINVAL;
+ spin_lock_irqsave(&rtc_task_lock, flags);
if (rtc_callback != task) {
- spin_unlock_irq(&rtc_task_lock);
+ spin_unlock_irqrestore(&rtc_task_lock, flags);
return -ENXIO;
}
- spin_unlock_irq(&rtc_task_lock);
+ spin_unlock_irqrestore(&rtc_task_lock, flags);
return rtc_do_ioctl(cmd, arg, 1);
#endif
}
@@ -1306,40 +1325,32 @@ static void get_rtc_alm_time(struct rtc_
* meddles with the interrupt enable/disable bits.
*/
-static void mask_rtc_irq_bit(unsigned char bit)
+static void mask_rtc_irq_bit_locked(unsigned char bit)
{
unsigned char val;
- spin_lock_irq(&rtc_lock);
- if (hpet_mask_rtc_irq_bit(bit)) {
- spin_unlock_irq(&rtc_lock);
+ if (hpet_mask_rtc_irq_bit(bit))
return;
- }
val = CMOS_READ(RTC_CONTROL);
val &= ~bit;
CMOS_WRITE(val, RTC_CONTROL);
CMOS_READ(RTC_INTR_FLAGS);
rtc_irq_data = 0;
- spin_unlock_irq(&rtc_lock);
}
-static void set_rtc_irq_bit(unsigned char bit)
+static void set_rtc_irq_bit_locked(unsigned char bit)
{
unsigned char val;
- spin_lock_irq(&rtc_lock);
- if (hpet_set_rtc_irq_bit(bit)) {
- spin_unlock_irq(&rtc_lock);
+ if (hpet_set_rtc_irq_bit(bit))
return;
- }
val = CMOS_READ(RTC_CONTROL);
val |= bit;
CMOS_WRITE(val, RTC_CONTROL);
CMOS_READ(RTC_INTR_FLAGS);
rtc_irq_data = 0;
- spin_unlock_irq(&rtc_lock);
}
#endif
-stable review patch. If anyone has any objections, please let us know.
------------------
There is an old bug in the pkt_count_states() function that causes stack
corruption. When compiling with gcc 3.x or 2.x it is harmless, but gcc 4
allocates local variables differently, which makes the bug visible.
Signed-off-by: Peter Osterlund <petero2 at telia.com>
Cc: <stable at kernel.org>
Signed-off-by: Andrew Morton <akpm at osdl.org>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
drivers/block/pktcdvd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- linux-2.6.14.2.orig/drivers/block/pktcdvd.c
+++ linux-2.6.14.2/drivers/block/pktcdvd.c
@@ -1191,7 +1191,7 @@ static void pkt_count_states(struct pktc
struct packet_data *pkt;
int i;
- for (i = 0; i <= PACKET_NUM_STATES; i++)
+ for (i = 0; i < PACKET_NUM_STATES; i++)
states[i] = 0;
spin_lock(&pd->cdrw.active_list_lock);
-stable review patch. If anyone has any objections, please let us know.
------------------
The patch
http://linux.bkbits.net:8080/linux-2.6/diffs/fs/locks.c@1.70??nav=index.html
introduced a pretty nasty memory leak in the lease code. When freeing
the lease, the code in locks_delete_lock() will correctly clean up
the fasync queue, but when we return to fcntl_setlease(), the freed
fasync entry will be reinstated.
This patch ensures that we skip the call to fasync_helper() when we're
freeing up the lease.
Signed-off-by: J. Bruce Fields <bfields at fieldses.org>
Signed-off-by: Trond Myklebust <Trond.Myklebust at netapp.com>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
fs/locks.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- linux-2.6.14.2.orig/fs/locks.c
+++ linux-2.6.14.2/fs/locks.c
@@ -1418,7 +1418,7 @@ int fcntl_setlease(unsigned int fd, stru
lock_kernel();
error = __setlease(filp, arg, &flp);
- if (error)
+ if (error || arg == F_UNLCK)
goto out_unlock;
error = fasync_helper(fd, filp, 1, &flp->fl_fasync);
-stable review patch. If anyone has any objections, please let us know.
------------------
As we are currently unable to fix the problem with carrier and protocol
state signaling in net core I've to disable netif_carrier_off() calls
used by WAN protocol drivers. The attached patch should make them
working again.
The remaining netif_carrier_*() calls in hdlc_fr.c are fine as they
don't touch the physical device.
Signed-off-by: Krzysztof Halasa <khc at pm.waw.pl>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
drivers/net/wan/hdlc_cisco.c | 6 ++++++
drivers/net/wan/hdlc_fr.c | 4 ++++
drivers/net/wan/hdlc_generic.c | 6 ++++++
3 files changed, 16 insertions(+)
--- linux-2.6.14.2.orig/drivers/net/wan/hdlc_cisco.c
+++ linux-2.6.14.2/drivers/net/wan/hdlc_cisco.c
@@ -192,7 +192,9 @@ static int cisco_rx(struct sk_buff *skb)
"uptime %ud%uh%um%us)\n",
dev->name, days, hrs,
min, sec);
+#if 0
netif_carrier_on(dev);
+#endif
hdlc->state.cisco.up = 1;
}
}
@@ -225,7 +227,9 @@ static void cisco_timer(unsigned long ar
hdlc->state.cisco.settings.timeout * HZ)) {
hdlc->state.cisco.up = 0;
printk(KERN_INFO "%s: Link down\n", dev->name);
+#if 0
netif_carrier_off(dev);
+#endif
}
cisco_keepalive_send(dev, CISCO_KEEPALIVE_REQ,
@@ -261,8 +265,10 @@ static void cisco_stop(struct net_device
{
hdlc_device *hdlc = dev_to_hdlc(dev);
del_timer_sync(&hdlc->state.cisco.timer);
+#if 0
if (netif_carrier_ok(dev))
netif_carrier_off(dev);
+#endif
hdlc->state.cisco.up = 0;
hdlc->state.cisco.request_sent = 0;
}
--- linux-2.6.14.2.orig/drivers/net/wan/hdlc_fr.c
+++ linux-2.6.14.2/drivers/net/wan/hdlc_fr.c
@@ -545,8 +545,10 @@ static void fr_set_link_state(int reliab
hdlc->state.fr.reliable = reliable;
if (reliable) {
+#if 0
if (!netif_carrier_ok(dev))
netif_carrier_on(dev);
+#endif
hdlc->state.fr.n391cnt = 0; /* Request full status */
hdlc->state.fr.dce_changed = 1;
@@ -560,8 +562,10 @@ static void fr_set_link_state(int reliab
}
}
} else {
+#if 0
if (netif_carrier_ok(dev))
netif_carrier_off(dev);
+#endif
while (pvc) { /* Deactivate all PVCs */
pvc_carrier(0, pvc);
--- linux-2.6.14.2.orig/drivers/net/wan/hdlc_generic.c
+++ linux-2.6.14.2/drivers/net/wan/hdlc_generic.c
@@ -79,11 +79,13 @@ static void __hdlc_set_carrier_on(struct
hdlc_device *hdlc = dev_to_hdlc(dev);
if (hdlc->proto.start)
return hdlc->proto.start(dev);
+#if 0
#ifdef DEBUG_LINK
if (netif_carrier_ok(dev))
printk(KERN_ERR "hdlc_set_carrier_on(): already on\n");
#endif
netif_carrier_on(dev);
+#endif
}
@@ -94,11 +96,13 @@ static void __hdlc_set_carrier_off(struc
if (hdlc->proto.stop)
return hdlc->proto.stop(dev);
+#if 0
#ifdef DEBUG_LINK
if (!netif_carrier_ok(dev))
printk(KERN_ERR "hdlc_set_carrier_off(): already off\n");
#endif
netif_carrier_off(dev);
+#endif
}
@@ -294,8 +298,10 @@ int register_hdlc_device(struct net_devi
if (result != 0)
return -EIO;
+#if 0
if (netif_carrier_ok(dev))
netif_carrier_off(dev); /* no carrier until DCD goes up */
+#endif
return 0;
}
-stable review patch. If anyone has any objections, please let us know.
------------------
This endianness bug slipped through while changing the 'gre.key' field in
the conntrack tuple from 32bit to 16bit.
None of my tests caught the problem, since the linux pptp client always has
'0' as call id / gre key. Only windows clients actually trigger the bug.
Signed-off-by: Harald Welte <laforge at netfilter.org>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
net/ipv4/netfilter/ip_nat_proto_gre.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_nat_proto_gre.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_nat_proto_gre.c
@@ -139,8 +139,8 @@ gre_manip_pkt(struct sk_buff **pskb,
break;
case GRE_VERSION_PPTP:
DEBUGP("call_id -> 0x%04x\n",
- ntohl(tuple->dst.u.gre.key));
- pgreh->call_id = htons(ntohl(tuple->dst.u.gre.key));
+ ntohs(tuple->dst.u.gre.key));
+ pgreh->call_id = tuple->dst.u.gre.key;
break;
default:
DEBUGP("can't nat unknown GRE version\n");
-stable review patch. If anyone has any objections, please let us know.
------------------
The unknown protocol is used as a fallback when a protocol isn't known.
Hence we cannot handle it failing, so don't set ".me". It's OK, since we
only grab a reference from within the same module (iptable_nat.ko), so we
never take the module refcount from 0 to 1.
Also, remove the "protocol is NULL" test: it's never NULL.
Signed-off-by: Rusty Rusty <rusty at rustcorp.com.au>
Signed-off-by: Harald Welte <laforge at netfilter.org>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
net/ipv4/netfilter/ip_nat_core.c | 6 ++----
net/ipv4/netfilter/ip_nat_proto_unknown.c | 2 +-
2 files changed, 3 insertions(+), 5 deletions(-)
--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_nat_core.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_nat_core.c
@@ -66,10 +66,8 @@ ip_nat_proto_find_get(u_int8_t protonum)
* removed until we've grabbed the reference */
preempt_disable();
p = __ip_nat_proto_find(protonum);
- if (p) {
- if (!try_module_get(p->me))
- p = &ip_nat_unknown_protocol;
- }
+ if (!try_module_get(p->me))
+ p = &ip_nat_unknown_protocol;
preempt_enable();
return p;
--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_nat_proto_unknown.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_nat_proto_unknown.c
@@ -62,7 +62,7 @@ unknown_print_range(char *buffer, const
struct ip_nat_protocol ip_nat_unknown_protocol = {
.name = "unknown",
- .me = THIS_MODULE,
+ /* .me isn't set: getting a ref to this cannot fail. */
.manip_pkt = unknown_manip_pkt,
.in_range = unknown_in_range,
.unique_tuple = unknown_unique_tuple,
-stable review patch. If anyone has any objections, please let us know.
------------------
With the new nf_queue generalization in 2.6.14, we've introduced a bug
that causes an oops as soon as a packet is queued but no queue handler
registered. This patch fixes it.
Signed-off-by: Harald Welte <laforge at netfilter.org>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
net/netfilter/nf_queue.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- linux-2.6.14.2.orig/net/netfilter/nf_queue.c
+++ linux-2.6.14.2/net/netfilter/nf_queue.c
@@ -117,7 +117,7 @@ int nf_queue(struct sk_buff **skb,
/* QUEUE == DROP if noone is waiting, to be safe. */
read_lock(&queue_handler_lock);
- if (!queue_handler[pf]->outfn) {
+ if (!queue_handler[pf] || !queue_handler[pf]->outfn) {
read_unlock(&queue_handler_lock);
kfree_skb(*skb);
return 1;
-stable review patch. If anyone has any objections, please let us know.
------------------
---
net/ipv4/netfilter/ip_conntrack_netlink.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -58,14 +58,17 @@ ctnetlink_dump_tuples_proto(struct sk_bu
const struct ip_conntrack_tuple *tuple)
{
struct ip_conntrack_protocol *proto;
+ int ret = 0;
NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum);
proto = ip_conntrack_proto_find_get(tuple->dst.protonum);
- if (proto && proto->tuple_to_nfattr)
- return proto->tuple_to_nfattr(skb, tuple);
+ if (likely(proto && proto->tuple_to_nfattr)) {
+ ret = proto->tuple_to_nfattr(skb, tuple);
+ ip_conntrack_proto_put(proto);
+ }
- return 0;
+ return ret;
nfattr_failure:
return -1;
-stable review patch. If anyone has any objections, please let us know.
------------------
This fixes an oops triggered from userspace. If we don't pass information
about the private protocol info, the reference to attr will be NULL. This is
likely to happen in update messages.
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
Signed-off-by: Harald Welte <laforge at netfilter.org>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
net/ipv4/netfilter/ip_conntrack_proto_tcp.c | 5 +++++
1 file changed, 5 insertions(+)
--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
@@ -362,6 +362,11 @@ static int nfattr_to_tcp(struct nfattr *
struct nfattr *attr = cda[CTA_PROTOINFO_TCP-1];
struct nfattr *tb[CTA_PROTOINFO_TCP_MAX];
+ /* updates could not contain anything about the private
+ * protocol info, in that case skip the parsing */
+ if (!attr)
+ return 0;
+
if (nfattr_parse_nested(tb, CTA_PROTOINFO_TCP_MAX, attr) < 0)
goto nfattr_failure;
-stable review patch. If anyone has any objections, please let us know.
------------------
The reply tuple of the PNS->PAC expectation was using the wrong call id.
So we had the following situation:
- PNS behind NAT firewall
- PNS call id requires NATing
- PNS->PAC gre packet arrives first
then the PNS->PAC expectation is matched, and the other expectation
is deleted, but the PAC->PNS gre packets do not match the gre conntrack
because the call id is wrong.
We also cannot use ip_nat_follow_master().
Signed-off-by: Philip Craig <philipc at snapgear.com>
Signed-off-by: Harald Welte <laforge at netfilter.org>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
net/ipv4/netfilter/ip_nat_helper_pptp.c | 28 ++++++++++++++++++++++++++--
1 file changed, 26 insertions(+), 2 deletions(-)
--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_nat_helper_pptp.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_nat_helper_pptp.c
@@ -73,6 +73,7 @@ static void pptp_nat_expected(struct ip_
struct ip_conntrack_tuple t;
struct ip_ct_pptp_master *ct_pptp_info;
struct ip_nat_pptp *nat_pptp_info;
+ struct ip_nat_range range;
ct_pptp_info = &master->help.ct_pptp_info;
nat_pptp_info = &master->nat.help.nat_pptp_info;
@@ -110,7 +111,30 @@ static void pptp_nat_expected(struct ip_
DEBUGP("not found!\n");
}
- ip_nat_follow_master(ct, exp);
+ /* This must be a fresh one. */
+ BUG_ON(ct->status & IPS_NAT_DONE_MASK);
+
+ /* Change src to where master sends to */
+ range.flags = IP_NAT_RANGE_MAP_IPS;
+ range.min_ip = range.max_ip
+ = ct->master->tuplehash[!exp->dir].tuple.dst.ip;
+ if (exp->dir == IP_CT_DIR_ORIGINAL) {
+ range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
+ range.min = range.max = exp->saved_proto;
+ }
+ /* hook doesn't matter, but it has to do source manip */
+ ip_nat_setup_info(ct, &range, NF_IP_POST_ROUTING);
+
+ /* For DST manip, map port here to where it's expected. */
+ range.flags = IP_NAT_RANGE_MAP_IPS;
+ range.min_ip = range.max_ip
+ = ct->master->tuplehash[!exp->dir].tuple.src.ip;
+ if (exp->dir == IP_CT_DIR_REPLY) {
+ range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
+ range.min = range.max = exp->saved_proto;
+ }
+ /* hook doesn't matter, but it has to do destination manip */
+ ip_nat_setup_info(ct, &range, NF_IP_PRE_ROUTING);
}
/* outbound packets == from PNS to PAC */
@@ -213,7 +237,7 @@ pptp_exp_gre(struct ip_conntrack_expect
/* alter expectation for PNS->PAC direction */
invert_tuplepr(&inv_t, &expect_orig->tuple);
- expect_orig->saved_proto.gre.key = htons(nat_pptp_info->pac_call_id);
+ expect_orig->saved_proto.gre.key = htons(ct_pptp_info->pns_call_id);
expect_orig->tuple.src.u.gre.key = htons(nat_pptp_info->pns_call_id);
expect_orig->tuple.dst.u.gre.key = htons(ct_pptp_info->pac_call_id);
inv_t.src.ip = reply_t->src.ip;
-stable review patch. If anyone has any objections, please let us know.
------------------
This patch fixes an userspace triggered oops. If there is no ICMP_ID
info the reference to attr will be NULL.
Signed-off-by: Krzysztof Piotr Oledzki <ole at ans.pl>
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
Signed-off-by: Harald Welte <laforge at netfilter.org>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
net/ipv4/netfilter/ip_conntrack_proto_icmp.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
@@ -151,13 +151,13 @@ icmp_error_message(struct sk_buff *skb,
/* Not enough header? */
inside = skb_header_pointer(skb, skb->nh.iph->ihl*4, sizeof(_in), &_in);
if (inside == NULL)
- return NF_ACCEPT;
+ return -NF_ACCEPT;
/* Ignore ICMP's containing fragments (shouldn't happen) */
if (inside->ip.frag_off & htons(IP_OFFSET)) {
DEBUGP("icmp_error_track: fragment of proto %u\n",
inside->ip.protocol);
- return NF_ACCEPT;
+ return -NF_ACCEPT;
}
innerproto = ip_conntrack_proto_find_get(inside->ip.protocol);
@@ -166,7 +166,7 @@ icmp_error_message(struct sk_buff *skb,
if (!ip_ct_get_tuple(&inside->ip, skb, dataoff, &origtuple, innerproto)) {
DEBUGP("icmp_error: ! get_tuple p=%u", inside->ip.protocol);
ip_conntrack_proto_put(innerproto);
- return NF_ACCEPT;
+ return -NF_ACCEPT;
}
/* Ordinarily, we'd expect the inverted tupleproto, but it's
@@ -174,7 +174,7 @@ icmp_error_message(struct sk_buff *skb,
if (!ip_ct_invert_tuple(&innertuple, &origtuple, innerproto)) {
DEBUGP("icmp_error_track: Can't invert tuple\n");
ip_conntrack_proto_put(innerproto);
- return NF_ACCEPT;
+ return -NF_ACCEPT;
}
ip_conntrack_proto_put(innerproto);
@@ -190,7 +190,7 @@ icmp_error_message(struct sk_buff *skb,
if (!h) {
DEBUGP("icmp_error_track: no match\n");
- return NF_ACCEPT;
+ return -NF_ACCEPT;
}
/* Reverse direction from that found */
if (DIRECTION(h) != IP_CT_DIR_REPLY)
@@ -296,7 +296,8 @@ static int icmp_nfattr_to_tuple(struct n
struct ip_conntrack_tuple *tuple)
{
if (!tb[CTA_PROTO_ICMP_TYPE-1]
- || !tb[CTA_PROTO_ICMP_CODE-1])
+ || !tb[CTA_PROTO_ICMP_CODE-1]
+ || !tb[CTA_PROTO_ICMP_ID-1])
return -1;
tuple->dst.u.icmp.type =
-stable review patch. If anyone has any objections, please let us know.
------------------
Some devices (e.g. Qlogic iSCSI HBA hardware like QLA4010 up to firmware
3.0.0.4) initiates TCP with SYN and PUSH flags set.
The Linux TCP/IP stack deals fine with that, but the connection tracking
code doesn't.
This patch alters TCP connection tracking to accept SYN+PUSH as a valid
flag combination.
Signed-off-by: Vlad Drukker <vlad at storewiz.com>
Signed-off-by: Harald Welte <laforge at netfilter.org>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
net/ipv4/netfilter/ip_conntrack_proto_tcp.c | 1 +
1 file changed, 1 insertion(+)
--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
@@ -818,6 +818,7 @@ static u8 tcp_valid_flags[(TH_FIN|TH_SYN
{
[TH_SYN] = 1,
[TH_SYN|TH_ACK] = 1,
+ [TH_SYN|TH_PUSH] = 1,
[TH_SYN|TH_ACK|TH_PUSH] = 1,
[TH_RST] = 1,
[TH_RST|TH_ACK] = 1,
-stable review patch. If anyone has any objections, please let us know.
------------------
Since we've converted the ftp/irc/tftp helpers to use the new
module_parm_array() some time ago, we ware accidentially using signed data
types - thus preventing those modules from being used on ports >= 32768.
This patch fixes it by using 'ushort' module parameters.
Thanks to Jan Nijs for reporting this bug.
Signed-off-by: Harald Welte <laforge at netfilter.org>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
net/ipv4/netfilter/ip_conntrack_ftp.c | 4 ++--
net/ipv4/netfilter/ip_conntrack_irc.c | 4 ++--
net/ipv4/netfilter/ip_conntrack_tftp.c | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_conntrack_ftp.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_conntrack_ftp.c
@@ -29,9 +29,9 @@ static char *ftp_buffer;
static DEFINE_SPINLOCK(ip_ftp_lock);
#define MAX_PORTS 8
-static short ports[MAX_PORTS];
+static unsigned short ports[MAX_PORTS];
static int ports_c;
-module_param_array(ports, short, &ports_c, 0400);
+module_param_array(ports, ushort, &ports_c, 0400);
static int loose;
module_param(loose, int, 0600);
--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_conntrack_irc.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_conntrack_irc.c
@@ -34,7 +34,7 @@
#include <linux/moduleparam.h>
#define MAX_PORTS 8
-static short ports[MAX_PORTS];
+static unsigned short ports[MAX_PORTS];
static int ports_c;
static int max_dcc_channels = 8;
static unsigned int dcc_timeout = 300;
@@ -52,7 +52,7 @@ EXPORT_SYMBOL_GPL(ip_nat_irc_hook);
MODULE_AUTHOR("Harald Welte <laforge at netfilter.org>");
MODULE_DESCRIPTION("IRC (DCC) connection tracking helper");
MODULE_LICENSE("GPL");
-module_param_array(ports, short, &ports_c, 0400);
+module_param_array(ports, ushort, &ports_c, 0400);
MODULE_PARM_DESC(ports, "port numbers of IRC servers");
module_param(max_dcc_channels, int, 0400);
MODULE_PARM_DESC(max_dcc_channels, "max number of expected DCC channels per IRC session");
--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_conntrack_tftp.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_conntrack_tftp.c
@@ -26,9 +26,9 @@ MODULE_DESCRIPTION("tftp connection trac
MODULE_LICENSE("GPL");
#define MAX_PORTS 8
-static short ports[MAX_PORTS];
+static unsigned short ports[MAX_PORTS];
static int ports_c;
-module_param_array(ports, short, &ports_c, 0400);
+module_param_array(ports, ushort, &ports_c, 0400);
MODULE_PARM_DESC(ports, "port numbers of tftp servers");
#if 0
-stable review patch. If anyone has any objections, please let us know.
------------------
---
net/ipv6/exthdrs.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- linux-2.6.14.2.orig/net/ipv6/exthdrs.c
+++ linux-2.6.14.2/net/ipv6/exthdrs.c
@@ -628,6 +628,7 @@ ipv6_renew_options(struct sock *sk, stru
if (!tot_len)
return NULL;
+ tot_len += sizeof(*opt2);
opt2 = sock_kmalloc(sk, tot_len, GFP_ATOMIC);
if (!opt2)
return ERR_PTR(-ENOBUFS);
@@ -668,7 +669,7 @@ ipv6_renew_options(struct sock *sk, stru
return opt2;
out:
- sock_kfree_s(sk, p, tot_len);
+ sock_kfree_s(sk, opt2, opt2->tot_len);
return ERR_PTR(err);
}
-stable review patch. If anyone has any objections, please let us know.
------------------
---
net/ipv6/datagram.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- linux-2.6.14.2.orig/net/ipv6/datagram.c
+++ linux-2.6.14.2/net/ipv6/datagram.c
@@ -437,7 +437,7 @@ int datagram_recv_ctl(struct sock *sk, s
break;
case IPPROTO_AH:
nexthdr = ptr[0];
- len = (ptr[1] + 1) << 2;
+ len = (ptr[1] + 2) << 2;
break;
default:
nexthdr = ptr[0];
-stable review patch. If anyone has any objections, please let us know.
------------------
Based on suggestion from Masahide Nakamura <nakam at linux-ipv6.org>.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji at linux-ipv6.org>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
include/net/ipv6.h | 2 ++
net/ipv6/exthdrs.c | 19 +++++++++++++++++++
net/ipv6/ip6_flowlabel.c | 16 ++++++----------
net/ipv6/raw.c | 4 +++-
net/ipv6/udp.c | 4 +++-
5 files changed, 33 insertions(+), 12 deletions(-)
--- linux-2.6.14.2.orig/include/net/ipv6.h
+++ linux-2.6.14.2/include/net/ipv6.h
@@ -237,6 +237,8 @@ extern struct ipv6_txoptions * ipv6_rene
int newtype,
struct ipv6_opt_hdr __user *newopt,
int newoptlen);
+struct ipv6_txoptions *ipv6_fixup_options(struct ipv6_txoptions *opt_space,
+ struct ipv6_txoptions *opt);
extern int ip6_frag_nqueues;
extern atomic_t ip6_frag_mem;
--- linux-2.6.14.2.orig/net/ipv6/exthdrs.c
+++ linux-2.6.14.2/net/ipv6/exthdrs.c
@@ -673,3 +673,22 @@ out:
return ERR_PTR(err);
}
+struct ipv6_txoptions *ipv6_fixup_options(struct ipv6_txoptions *opt_space,
+ struct ipv6_txoptions *opt)
+{
+ /*
+ * ignore the dest before srcrt unless srcrt is being included.
+ * --yoshfuji
+ */
+ if (opt && opt->dst0opt && !opt->srcrt) {
+ if (opt_space != opt) {
+ memcpy(opt_space, opt, sizeof(*opt_space));
+ opt = opt_space;
+ }
+ opt->opt_nflen -= ipv6_optlen(opt->dst0opt);
+ opt->dst0opt = NULL;
+ }
+
+ return opt;
+}
+
--- linux-2.6.14.2.orig/net/ipv6/ip6_flowlabel.c
+++ linux-2.6.14.2/net/ipv6/ip6_flowlabel.c
@@ -225,20 +225,16 @@ struct ipv6_txoptions *fl6_merge_options
struct ip6_flowlabel * fl,
struct ipv6_txoptions * fopt)
{
- struct ipv6_txoptions * fl_opt = fl ? fl->opt : NULL;
-
- if (fopt == NULL || fopt->opt_flen == 0) {
- if (!fl_opt || !fl_opt->dst0opt || fl_opt->srcrt)
- return fl_opt;
- }
-
+ struct ipv6_txoptions * fl_opt = fl->opt;
+
+ if (fopt == NULL || fopt->opt_flen == 0)
+ return fl_opt;
+
if (fl_opt != NULL) {
opt_space->hopopt = fl_opt->hopopt;
- opt_space->dst0opt = fl_opt->srcrt ? fl_opt->dst0opt : NULL;
+ opt_space->dst0opt = fl_opt->dst0opt;
opt_space->srcrt = fl_opt->srcrt;
opt_space->opt_nflen = fl_opt->opt_nflen;
- if (fl_opt->dst0opt && !fl_opt->srcrt)
- opt_space->opt_nflen -= ipv6_optlen(fl_opt->dst0opt);
} else {
if (fopt->opt_nflen == 0)
return fopt;
--- linux-2.6.14.2.orig/net/ipv6/raw.c
+++ linux-2.6.14.2/net/ipv6/raw.c
@@ -756,7 +756,9 @@ static int rawv6_sendmsg(struct kiocb *i
}
if (opt == NULL)
opt = np->opt;
- opt = fl6_merge_options(&opt_space, flowlabel, opt);
+ if (flowlabel)
+ opt = fl6_merge_options(&opt_space, flowlabel, opt);
+ opt = ipv6_fixup_options(&opt_space, opt);
fl.proto = proto;
rawv6_probe_proto_opt(&fl, msg);
--- linux-2.6.14.2.orig/net/ipv6/udp.c
+++ linux-2.6.14.2/net/ipv6/udp.c
@@ -778,7 +778,9 @@ do_udp_sendmsg:
}
if (opt == NULL)
opt = np->opt;
- opt = fl6_merge_options(&opt_space, flowlabel, opt);
+ if (flowlabel)
+ opt = fl6_merge_options(&opt_space, flowlabel, opt);
+ opt = ipv6_fixup_options(&opt_space, opt);
fl->proto = IPPROTO_UDP;
ipv6_addr_copy(&fl->fl6_dst, daddr);
-stable review patch. If anyone has any objections, please let us know.
------------------
Force correct address space size for MTRR on some 64bit Intel Xeons
They report 40bit, but only have 36bits of physical address space.
This caused problems with setting up the correct masks for MTRR,
resulting in incorrect MTRRs.
CPUID workaround for steppings 0F33h(supporting x86) and 0F34h(supporting x86
and EM64T). Detail info can be found at:
http://download.intel.com/design/Xeon/specupdt/30240216.pdf
http://download.intel.com/design/Pentium4/specupdt/30235221.pdf
Signed-off-by: Shaohua Li <shaohua.li at intel.com>
Signed-off-by: Andi Kleen <ak at suse.de>
Signed-off-by: Chris Wright <chrisw at osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
arch/i386/kernel/cpu/mtrr/main.c | 8 ++++++++
arch/x86_64/kernel/setup.c | 5 +++++
2 files changed, 13 insertions(+)
--- linux-2.6.14.2.orig/arch/i386/kernel/cpu/mtrr/main.c
+++ linux-2.6.14.2/arch/i386/kernel/cpu/mtrr/main.c
@@ -626,6 +626,14 @@ void __init mtrr_bp_init(void)
if (cpuid_eax(0x80000000) >= 0x80000008) {
u32 phys_addr;
phys_addr = cpuid_eax(0x80000008) & 0xff;
+ /* CPUID workaround for Intel 0F33/0F34 CPU */
+ if (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL &&
+ boot_cpu_data.x86 == 0xF &&
+ boot_cpu_data.x86_model == 0x3 &&
+ (boot_cpu_data.x86_mask == 0x3 ||
+ boot_cpu_data.x86_mask == 0x4))
+ phys_addr = 36;
+
size_or_mask = ~((1 << (phys_addr - PAGE_SHIFT)) - 1);
size_and_mask = ~size_or_mask & 0xfff00000;
} else if (boot_cpu_data.x86_vendor == X86_VENDOR_CENTAUR &&
--- linux-2.6.14.2.orig/arch/x86_64/kernel/setup.c
+++ linux-2.6.14.2/arch/x86_64/kernel/setup.c
@@ -993,6 +993,11 @@ static void __cpuinit init_intel(struct
unsigned eax = cpuid_eax(0x80000008);
c->x86_virt_bits = (eax >> 8) & 0xff;
c->x86_phys_bits = eax & 0xff;
+ /* CPUID workaround for Intel 0F34 CPU */
+ if (c->x86_vendor == X86_VENDOR_INTEL &&
+ c->x86 == 0xF && c->x86_model == 0x3 &&
+ c->x86_mask == 0x4)
+ c->x86_phys_bits = 36;
}
if (c->x86 == 15)
-stable review patch. If anyone has any objections, please let us know.
------------------
It's not good if caller and callee disagree regarding the type of the
arguments.
In this case, this could cause problems on 64bit architectures.
Signed-off-by: Adrian Bunk <bunk at stusta.de>
Signed-off-by: Armin Schindler <armin at melware.de>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
Signed-off-by: Chris Wright <chrisw at osdl.org>
---
drivers/isdn/hardware/eicon/os_4bri.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- linux-2.6.14.2.orig/drivers/isdn/hardware/eicon/os_4bri.c
+++ linux-2.6.14.2/drivers/isdn/hardware/eicon/os_4bri.c
@@ -16,6 +16,7 @@
#include "diva_pci.h"
#include "mi_pc.h"
#include "dsrv4bri.h"
+#include "helpers.h"
static void *diva_xdiLoadFileFile = NULL;
static dword diva_xdiLoadFileLength = 0;
@@ -815,7 +816,7 @@ diva_4bri_cmd_card_proc(struct _diva_os_
return (ret);
}
-void *xdiLoadFile(char *FileName, unsigned long *FileLength,
+void *xdiLoadFile(char *FileName, dword *FileLength,
unsigned long lim)
{
void *ret = diva_xdiLoadFileFile;
-stable review patch. If anyone has any objections, please let us know.
------------------
Add SENSORS_LIMIT in store VCore limit functions. This fixes a potential
u8 overflow on out-of-range user input.
Signed-off-by: Jean Delvare <khali at linux-fr.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
Signed-off-by: Chris Wright <chrisw at osdl.org>
---
drivers/hwmon/w83627hf.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
--- linux-2.6.14.2.orig/drivers/hwmon/w83627hf.c
+++ linux-2.6.14.2/drivers/hwmon/w83627hf.c
@@ -454,7 +454,9 @@ static ssize_t store_regs_in_min0(struct
(w83627thf == data->type || w83637hf == data->type))
/* use VRM9 calculation */
- data->in_min[0] = (u8)(((val * 100) - 70000 + 244) / 488);
+ data->in_min[0] =
+ SENSORS_LIMIT(((val * 100) - 70000 + 244) / 488, 0,
+ 255);
else
/* use VRM8 (standard) calculation */
data->in_min[0] = IN_TO_REG(val);
@@ -479,7 +481,9 @@ static ssize_t store_regs_in_max0(struct
(w83627thf == data->type || w83637hf == data->type))
/* use VRM9 calculation */
- data->in_max[0] = (u8)(((val * 100) - 70000 + 244) / 488);
+ data->in_max[0] =
+ SENSORS_LIMIT(((val * 100) - 70000 + 244) / 488, 0,
+ 255);
else
/* use VRM8 (standard) calculation */
data->in_max[0] = IN_TO_REG(val);
-stable review patch. If anyone has any objections, please let us know.
------------------
Fix the lm78 VID reading, which I accidentally broke while making
this driver use the common vid_from_reg function rather than
reimplementing its own in 2.6.14-rc1.
I'm not proud of it, trust me.
Signed-off-by: Jean Delvare <khali at linux-fr.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
Signed-off-by: Chris Wright <chrisw at osdl.org>
---
drivers/hwmon/lm78.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- linux-2.6.14.2.orig/drivers/hwmon/lm78.c
+++ linux-2.6.14.2/drivers/hwmon/lm78.c
@@ -451,7 +451,7 @@ static DEVICE_ATTR(fan3_div, S_IRUGO, sh
static ssize_t show_vid(struct device *dev, struct device_attribute *attr, char *buf)
{
struct lm78_data *data = lm78_update_device(dev);
- return sprintf(buf, "%d\n", vid_from_reg(82, data->vid));
+ return sprintf(buf, "%d\n", vid_from_reg(data->vid, 82));
}
static DEVICE_ATTR(cpu0_vid, S_IRUGO, show_vid, NULL);
-stable review patch. If anyone has any objections, please let us know.
------------------
Fix a bug where setting the low fan speed limits will not work if no
data was ever read through the sysfs interface and the fan clock
dividers have not been explicitely set yet either. The reason is that
data->fan_div[nr] may currently be used before it is initialized from
the chip register values. The fix is to explicitely initialize
data->fan_div[nr] before using it.
Bug reported, and fix tested, by Nicolas Mailhot.
Signed-off-by: Jean Delvare <khali at linux-fr.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
Signed-off-by: Chris Wright <chrisw at osdl.org>
---
drivers/hwmon/it87.c | 7 +++++++
1 file changed, 7 insertions(+)
--- linux-2.6.14.2.orig/drivers/hwmon/it87.c
+++ linux-2.6.14.2/drivers/hwmon/it87.c
@@ -522,8 +522,15 @@ static ssize_t set_fan_min(struct device
struct i2c_client *client = to_i2c_client(dev);
struct it87_data *data = i2c_get_clientdata(client);
int val = simple_strtol(buf, NULL, 10);
+ u8 reg = it87_read_value(client, IT87_REG_FAN_DIV);
down(&data->update_lock);
+ switch (nr) {
+ case 0: data->fan_div[nr] = reg & 0x07; break;
+ case 1: data->fan_div[nr] = (reg >> 3) & 0x07; break;
+ case 2: data->fan_div[nr] = (reg & 0x40) ? 3 : 1; break;
+ }
+
data->fan_min[nr] = FAN_TO_REG(val, DIV_FROM_REG(data->fan_div[nr]));
it87_write_value(client, IT87_REG_FAN_MIN(nr), data->fan_min[nr]);
up(&data->update_lock);
--
Index: kernel-2.6.spec
===================================================================
RCS file: /cvs/dist/rpms/kernel/FC-4/kernel-2.6.spec,v
retrieving revision 1.1511
retrieving revision 1.1512
diff -u -r1.1511 -r1.1512
--- kernel-2.6.spec 22 Nov 2005 19:13:50 -0000 1.1511
+++ kernel-2.6.spec 23 Nov 2005 05:27:07 -0000 1.1512
@@ -203,6 +203,7 @@
# Patches 0 through 100 are meant for core subsystem upgrades
#
Patch1: patch-2.6.14.2.bz2
+Patch2: linux-2.6.14.3pre.patch
# Patches 100 through 500 are meant for architecture patches
Patch100: linux-2.6-bzimage.patch
@@ -342,8 +343,6 @@
Patch1760: linux-2.6-firmware-timeout.patch
Patch1761: linux-2.6-suspend-mxcsr.patch
Patch1762: linux-2.6-i8k-dmi.patch
-Patch1763: linux-2.6-net-nf_queue-oops.patch
-Patch1764: linux-2.6-fs-locks-leak.patch
# ACPI patches.
@@ -537,6 +536,7 @@
cd linux-%{kversion}
%patch1 -p1
+%patch2 -p2
#
# Patches 10 through 100 are meant for core subsystem upgrades
@@ -785,10 +785,6 @@
%patch1761 -p1
# Fix up DMI usage in i8k driver.
%patch1762 -p1
-# nf_queue: Fix Ooops when no queue handler registered
-%patch1763 -p1
-# Fix memory leak with file leases.
-%patch1764 -p1
# ACPI patches.
# Enable EC burst
@@ -1256,7 +1252,10 @@
%endif
%changelog
-* Tue Nov 22 2005 Dave Jones <davej at redhat.com> [2.6.14-1.1641_FC4]
+* Wed Nov 23 2005 Dave Jones <davej at redhat.com> [2.6.14-1.1641_FC4]
+- Merge patches likely to end up in 2.6.14.3
+
+* Tue Nov 22 2005 Dave Jones <davej at redhat.com>
- Fix another NFSD badness warning.
- Fix some thinko's in the signed modules code.
More information about the fedora-cvs-commits
mailing list