user/sven/linux.git, branch v2.6.22.9

Linux 2.6.22.9

2007-09-26T18:03:01Z

bcm43xx: Fix cancellation of work queue crashes

2007-09-26T17:54:44Z

port of 3f7086978fc0193eff24a77d8b57ac4debc088fa from mainline. A crash upon booting that is caused by bcm43xx has been reported [1] and found to be due to a work queue being reinitialized while work on that queue is still pending. This fix modifies the shutdown of work queues and prevents periodic work from being requeued during shutdown. With this patch, no more crashes on reboot were observed by the original reporter. I do not get that particular failure on my system; however, when running a large number of ifdown/ifup sequences, my system would kernel panic with the 'caps lock' light blinking at roughly a 1 Hz rate. In addition, there were infrequent failures in the firmware that resulted in 'IRQ READY TIMEOUT' errors. With this patch, no more of the first type of failure occur, and incidence of the second type is greatly reduced. [1] http://bugzilla.kernel.org/show_bug.cgi?id=8937 Signed-off-by: Larry Finger Acked-by: Michael Buesch Signed-off-by: John W. Linville Signed-off-by: Greg Kroah-Hartman

Fix sparc64 v100 platform booting.

2007-09-26T17:54:44Z

commit 2cc7345ff71b27b5ac99e49ad7de39360042f601 in mainline Subject: [PATCH] [SPARC64]: Fix booting on V100 systems. On the root PCI bus, the OBP device tree lists device 3 twice. Once as 'pm' and once as 'lomp'. Everything goes downhill from there. Ignore the second instance to workaround this. Thanks to Kövedi_Krisztián for the bug report and testing the fix. Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman

Fix pktgen src_mac handling.

2007-09-26T17:54:43Z

commit ce5d0b47f13f83dfb9fbb8ac91adad7120747aaf in mainline Subject: [PATCH] [PKTGEN]: srcmac fix Signed-off-by: Andrew Morton Signed-off-by: David S. Miller

Fix datagram recvmsg NULL iov handling regression.

2007-09-26T17:54:43Z

commit ef8aef55ce61fd0e2af798695f7386ac756ae1e7 in mainline Subject: [PATCH] [NET]: Do not dereference iov if length is zero When msg_iovlen is zero we shouldn't try to dereference msg_iov. Right now the only thing that tries to do so is skb_copy_and_csum_datagram_iovec. Since the total length should also be zero if msg_iovlen is zero, it's sufficient to check the total length there and simply return if it's zero. Signed-off-by: Herbert Xu Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman

Fix TCP DSACK cwnd handling

2007-09-26T17:54:43Z

commit 49ff4bb4cd4c04acf8f9e3d3ec2148305a1db445 in mainline. [TCP]: DSACK signals data receival, be conservative In case a DSACK is received, it's better to lower cwnd as it's a sign of data receival. Signed-off-by: Ilpo Järvinen Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman

Handle snd_una in tcp_cwnd_down()

2007-09-26T17:54:43Z

commit 6ee8009e38006da81d2a53da1aaa27365552553e in mainline Subject: [PATCH 1/1] [TCP]: Also handle snd_una changes in tcp_cwnd_down tcp_cwnd_down must check for it too as it should be conservative in case of collapse stuff and also when receiver is trying to lie (though it wouldn't be successful anyway). Note: - Separated also is_dupack and do_lost in fast_retransalert * Much cleaner look-and-feel now * This time it really fixes cumulative ACK + many new SACK blocks recovery entry (I claimed this fixes with last patch but it wasn't). TCP will now call tcp_update_scoreboard regardless of is_dupack when in recovery as long as there is enough fackets_out. - Introduce FLAG_SND_UNA_ADVANCED * Some prior_snd_una arguments are unnecessary after it - Added helper FLAG_ANY_PROGRESS to avoid long FLAG...|FLAG... constructs This is a reduced version of a mainline patch. Signed-off-by: Ilpo Järvinen Cc: David Miller Signed-off-by: Greg Kroah-Hartman

Fix tc_ematch kbuild

2007-09-26T17:54:43Z

commit 09d74cdd88a59a18f2ad7cfa0b6045ed1817b632 in mainline. Subject: [PATCH] [KBUILD]: Sanitize tc_ematch headers. The headers in tc_ematch are used by iproute2, so these headers should be processed. Signed-off-by: Stephen Hemminger Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman

Fix oops in vlan and bridging code

2007-09-26T17:54:43Z

commit 8c7b43a2e58baa24002fa2b266d9a5007bc52a40 in mainline I tried to preserve bridging code as it was before, but logic is quite strange - I think we should free skb on error, since it is already unshared and thus will just leak. Herbert Xu states: > + if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) > + goto out; If this happens it'll be a double-free on skb since we'll return NF_DROP which makes the caller free it too. We could return NF_STOLEN to prevent that but I'm not sure whether that's correct netfilter semantics. Patrick, could you please make a call on this? Patrick McHardy states: NF_STOLEN should work fine here. Signed-off-by: Evgeniy Polyakov Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman

Fix ipv6 source address handling.

2007-09-26T17:54:43Z

commit 6ae5f983cf8de769214d2d9e8a783c881eccd4cd in mainline The commit 95c385 broke proper source address selection for cases in which there is a address which is makred 'deprecated'. The commit mistakenly changed ifa->flags to ifa_result->flags (probably copy/paste error from a few lines above) in the 'Rule 3' address selection code. The patch restores the previous RFC-compliant behavior. Signed-off-by: Jiri Kosina Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman