| Age | Commit message (Collapse) | Author |
|---|
|
commit 97f4289ad08cffe55de06d4ac4f89ac540450aee upstream.
[Split from original patch subject: "staging: comedi: drivers: use
comedi_dio_update_state() for simple cases"]
Use comedi_dio_update_state() to handle the boilerplate code to update
the subdevice s->state for simple cases where the hardware is updated
when any channel is modified.
Also, fix a bug in the amplc_pc263 and amplc_pci263 drivers where the
current state is not returned in data[1].
Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Reviewed-by: Ian Abbott <abbotti@mev.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit ac5b4b6bf0c84c48d7e2e3fce22e35b04282ba76 upstream.
Dynamic static allocation is evil, as Kernel stack is too low, and
ompilation complains about it on some archs:
drivers/staging/media/lirc/lirc_zilog.c:967:1: warning: 'read' uses dynamic stack allocation [enabled by default]
Instead, let's enforce a limit for the buffer to be 64. That should
be more than enough.
Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>
Reviewed-by: Hans Verkuil <hans.verkuil@cisco.com>
Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit 9ecfc0f45033584ec58617cf6ec37f75833d97e8 upstream.
Two code lines were accidentally deleted. Restore them.
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit 9df682927c2e3a92f43803d6b52095992e3b2ab8 upstream.
This fixes resets on heavy TX data traffic.
Vendor driver
VT6656_Linux_src_v1.21.03_x86_11.04.zip
http://www.viaembedded.com/servlet/downloadSvl?id=1890&download_file_id=14704
This is GPL-licensed code.
original code
BBbVT3184Init
...
//2007-0725, RobertChang add, Enable Squelch detect reset option(SQ_RST_Opt), USB (register4, bit1)
CONTROLnsRequestIn(pDevice,
MESSAGE_TYPE_READ,
(WORD)0x600+4, // USB's Reg4's bit1
MESSAGE_REQUEST_MEM,
1,
(PBYTE) &byData);
byData = byData|2 ;
CONTROLnsRequestOut(pDevice,
MESSAGE_TYPE_WRITE,
(WORD)0x600+4, // USB's Reg4's bit1
MESSAGE_REQUEST_MEM,
1,
(PBYTE) &byData);
return TRUE;//ntStatus;
....
A back port patch is needed for kernels less than 3.10.
Signed-off-by: Malcolm Priestley <tvboxspy@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit 1b672224d128ec2570eb37572ff803cfe452b4f7 upstream.
As suggested by Minchan Kim and Jerome Marchand "The code in reset_store
get the block device (bdget_disk()) but it does not put it (bdput()) when
it's done using it. The usage count is therefore incremented but never
decremented."
This patch also puts bdput() for all error cases.
Acked-by: Minchan Kim <minchan@kernel.org>
Acked-by: Jerome Marchand <jmarchan@redhat.com>
Signed-off-by: Rashika Kheria <rashika.kheria@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit 67296874eb1cc80317bf2a8fba22b494e21eb29b upstream.
zsmalloc encodes a handle using the pfn and an object
index. On hardware platforms with physical memory starting
at 0x0 the pfn can be 0. This causes the encoded handle to be
0 and is incorrectly interpreted as an allocation failure.
This issue affects all current and future SoCs with physical
memory starting at 0x0. All MSM8974 SoCs which includes
Google Nexus 5 devices are affected.
To prevent this false error we ensure that the encoded handle
will not be 0 when allocation succeeds.
Signed-off-by: Olav Haugan <ohaugan@codeaurora.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit b39f15c972c462903208531b82f9b34ba8ef3ec0 upstream.
It was introduced due to a patch hunk when porting
commit 20802057 (staging/lustre/ptlrpc: race in pinger).
Cc: Andreas Dilger <andreas.dilger@intel.com>
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit 930ba4a374b96560ef9fde2145cdc454a164ddcc upstream.
There seems to be no active maintainer for the driver, and there is an
unfixed security bug, so disable the driver for now.
Hopefully someone steps up to be the maintainer, and works to get this
out of staging, otherwise it will be deleted soon.
Reported-by: Nico Golde <nico@ngolde.de>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Omar Ramirez Luna <omar.ramirez@copitl.com>
Cc: Omar Ramirez Luna <omar.ramirez@ti.com>
Cc: Kanigeri, Hari <h-kanigeri2@ti.com>
Cc: Ameya Palande <ameya.palande@nokia.com>
Cc: Guzman Lugo, Fernando <fernando.lugo@ti.com>
Cc: Hebbar, Shivananda <x0hebbar@ti.com>
Cc: Ramos Falcon, Ernesto <ernesto@ti.com>
Cc: Felipe Contreras <felipe.contreras@gmail.com>
Cc: Anna, Suman <s-anna@ti.com>
Cc: Gupta, Ramesh <grgupta@ti.com>
Cc: Gomez Castellanos, Ivan <ivan.gomez@ti.com>
Cc: Andy Shevchenko <ext-andriy.shevchenko@nokia.com>
Cc: Armando Uribe De Leon <x0095078@ti.com>
Cc: Deepak Chitriki <deepak.chitriki@ti.com>
Cc: Menon, Nishanth <nm@ti.com>
Cc: Phil Carmody <ext-phil.2.carmody@nokia.com>
Cc: Ohad Ben-Cohen <ohad@wizery.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit 67aa4acbc97f6a55b328e4e2305ef19cbe949d85 upstream.
`comedi_alloc_spriv()` allocates private storage for a comedi subdevice
and sets the `SRF_FREE_SPRIV` flag in the `runflags` member of the
subdevice to allow the private storage to be automatically freed when
the comedi device is being cleaned up. Unfortunately, the flag gets
clobbered by `do_cmd_ioctl()` which calls
`comedi_set_subdevice_runflags()` with a mask value `~0` and only the
`SRF_USER` and `SRF_RUNNING` flags set, all the other SRF flags being
cleared.
Change the calls to `comedi_set_subdevice_runflags()` that currently use
a mask value of `~0` to use a more relevant mask value. For
`do_cmd_ioctl()`, the relevant SRF flags are `SRF_USER`, `SRF_ERROR` and
`SRF_RUNNING`. (At one time, `SRF_RT` would be included in that set of
flags, but it is no longer used.) For `comedi_alloc_spriv()` replace
the call to `comedi_set_subdevice_runflags()` with a simple
OR-assignment to avoid unnecessary use of a spin-lock.
Signed-off-by: Ian Abbott <abbotti@mev.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit 0d1206be229697f897f00822bc142e66da731417 upstream.
The latest version of NetworkManager does not recognize the device as wireless
without this change.
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit 46a51c80216cb891f271ad021f59009f34677499 upstream.
This patch fixes the bug in reset_store caused by accessing NULL pointer.
The bdev gets its value from bdget_disk() which could fail when memory
pressure is severe and hence can return NULL because allocation of
inode in bdget could fail.
Hence, this patch introduces a check for bdev to prevent reference to a
NULL pointer in the later part of the code. It also removes unnecessary
check of bdev for fsync_bdev().
Acked-by: Jerome Marchand <jmarchan@redhat.com>
Signed-off-by: Rashika Kheria <rashika.kheria@gmail.com>
Acked-by: Minchan Kim <minchan@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
commit 5957324045ba2c127c9401fa3ac61ac52e043ca8 upstream.
Hopefully this isn't too late for 3.12.
In commit 7dc19d5aff (convert shrinkers to new count/scan API)
the return value to PURGE_ALL_CACHES was dropped, causing -EPERM
to always be returned.
This patch re-adds the ret assignment, setting it to the the
ashmem_shrink_count(), which is the lru_count.
(Sorry this was missed in the review!)
Fixes: 7dc19d5affd7 ("convert shrinkers to new count/scan API")
Cc: Colin Cross <ccross@android.com>
Cc: Android Kernel Team <kernel-team@android.com>
Cc: Glauber Costa <glommer@openvz.org>
Reported-by: YongQin Liu <yongqin.liu@linaro.org>
Signed-off-by: John Stultz <john.stultz@linaro.org>
Acked-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
The icount.reserved[] array isn't initialized so it leaks stack
information to userspace.
Reported-by: Nico Golde <nico@ngolde.de>
Reported-by: Fabian Yamaguchi <fabs@goesec.de>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
The DevInfo.u32Reserved[] array isn't initialized so it leaks kernel
information to user space.
Reported-by: Nico Golde <nico@ngolde.de>
Reported-by: Fabian Yamaguchi <fabs@goesec.de>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
We need to check the length parameter before doing the memcpy(). I've
actually changed it to strlcpy() as well so that it's NUL terminated.
You need CAP_NET_ADMIN to trigger these so it's not the end of the
world.
Reported-by: Nico Golde <nico@ngolde.de>
Reported-by: Fabian Yamaguchi <fabs@goesec.de>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
We need to check "count" so we don't overflow the ei->data buffer.
Reported-by: Nico Golde <nico@ngolde.de>
Reported-by: Fabian Yamaguchi <fabs@goesec.de>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media
Pull media fixes from Mauro Carvalho Chehab:
- Compilation fixes for GCC < 4.4.6
- one Kbuild dependency select fix (selecting videobuf on msi3101)
- driver fixes on tda10071, e4000, msi3101, soc_camera, s5p-jpeg,
saa7134 and adv7511
- some device quirks needed to make them work properly
- some videobuf2 core regression fixes for some features used only on
embedded drivers
* 'v4l_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media:
[media] saa7134: Fix crash when device is closed before streamoff
[media] adv7511: fix error return code in adv7511_probe()
[media] ths8200: fix compilation with GCC < 4.4.6
[media] ad9389b: fix compilation with GCC < 4.4.6
[media] adv7511: fix compilation with GCC < 4.4.6
[media] adv7842: fix compilation with GCC < 4.4.6
[media] s5p-jpeg: Initialize vfd_decoder->vfl_dir field
[media] videobuf2-dc: Fix support for mappings without struct page in userptr mode
[media] vb2: Allow queuing OUTPUT buffers with zeroed 'bytesused'
[media] mx3-camera: locking cleanup in mx3_videobuf_queue()
[media] sh_vou: almost forever loop in sh_vou_try_fmt_vid_out()
[media] tda10071: change firmware download condition
[media] msi3101: correct max videobuf2 alloc
[media] Add HCL T12Rg-H to STK webcam upside-down table
[media] msi3101: Kconfig select VIDEOBUF2_VMALLOC
[media] msi3101: msi3101_ioctl_ops can be static
[media] e4000: fix PLL calc bug on 32-bit arch
[media] uvcvideo: quirk PROBE_DEF for Microsoft Lifecam NX-3000
[media] uvcvideo: quirk PROBE_DEF for Dell SP2008WFP monitor
|
|
The `insn_bits` handler `ni_65xx_dio_insn_bits()` has a `for` loop that
currently writes (optionally) and reads back up to 5 "ports" consisting
of 8 channels each. It reads up to 32 1-bit channels but can only read
and write a whole port at once - it needs to handle up to 5 ports as the
first channel it reads might not be aligned on a port boundary. It
breaks out of the loop early if the next port it handles is beyond the
final port on the card. It also breaks out early on the 5th port in the
loop if the first channel was aligned. Unfortunately, it doesn't check
that the current port it is dealing with belongs to the comedi subdevice
the `insn_bits` handler is acting on. That's a bug.
Redo the `for` loop to terminate after the final port belonging to the
subdevice, changing the loop variable in the process to simplify things
a bit. The `for` loop could now try and handle more than 5 ports if the
subdevice has more than 40 channels, but the test `if (bitshift >= 32)`
ensures it will break out early after 4 or 5 ports (depending on whether
the first channel is aligned on a port boundary). (`bitshift` will be
between -7 and 7 inclusive on the first iteration, increasing by 8 for
each subsequent operation.)
Signed-off-by: Ian Abbott <abbotti@mev.co.uk>
Cc: <stable@vger.kernel.org> # 3.10.y 3.11.y 3.12.y
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
The DLink DWA-125 Rev D1 also uses this driver.
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Reported-by: Sergey Kostanbaev <sergey.kostanbaev@gmail.com>
Tested-by: Sergey Kostanbaev <sergey.kostanbaev@gmail.com>
Cc: Sergey Kostanbaev <sergey.kostanbaev@gmail.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Since commit b5dc0d10 (drm/imx: kill firstopen callback) the following probe
failure is seen:
[drm] Supports vblank timestamp caching Rev 1 (10.10.2010).
[drm] No driver support for vblank timestamp query.
[drm] Initialized imx-drm 1.0.0 20120507 on minor 0
imx-ldb ldb.10: adding encoder failed with -16
imx-ldb: probe of ldb.10 failed with error -16
imx-ipuv3 2400000.ipu: IPUv3H probed
imx-ipuv3 2800000.ipu: IPUv3H probed
imx-ipuv3-crtc imx-ipuv3-crtc.0: adding crtc failed with -16.
imx-ipuv3-crtc: probe of imx-ipuv3-crtc.0 failed with error -16
imx-ipuv3-crtc imx-ipuv3-crtc.1: adding crtc failed with -16.
imx-ipuv3-crtc: probe of imx-ipuv3-crtc.1 failed with error -16
imx-ipuv3-crtc imx-ipuv3-crtc.2: adding crtc failed with -16.
imx-ipuv3-crtc: probe of imx-ipuv3-crtc.2 failed with error -16
imx-ipuv3-crtc imx-ipuv3-crtc.3: adding crtc failed with -16.
imx-ipuv3-crtc: probe of imx-ipuv3-crtc.3 failed with error -16
The reason for the probe failure is that now 'imxdrm->references' is incremented
early in imx_drm_driver_load(), so the following checks in imx_drm_add_crtc()
and imx_drm_add_encoder():
if (imxdrm->references) {
ret = -EBUSY;
goto err_busy;
}
,will always fail.
Instead of manually keeping the references in the imx-drm driver, let's use
drm->open_count.
After this patch, lvds panel is functional on a mx6qsabrelite board.
Signed-off-by: Fabio Estevam <fabio.estevam@freescale.com>
Acked-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Don't allow entry to iwctl_siwencodeext if device not open.
This fixes a race condition where wpa supplicant/network manager
enters the function when the device is already closed.
Signed-off-by: Malcolm Priestley <tvboxspy@gmail.com>
Cc: stable@vger.kernel.org # 3.8+
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
The vt6656 is prone to resetting on the usb bus.
It seems there is a race condition and wpa supplicant is
trying to open the device via iw_handlers before its actually
closed at a stage that the buffers are being removed.
The device is longer considered open when the
buffers are being removed. So move ~DEVICE_FLAGS_OPENED
flag to before freeing the device buffers.
Signed-off-by: Malcolm Priestley <tvboxspy@gmail.com>
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
There seems to be race condition that the device is ndo_start_xmit
at a point where the device is closing and apTD is NULL resulting
in dead lock.
Add a NULL check to apTD and return NULL to calling functions.
This is more likely on 64 bit systems.
Signed-off-by: Malcolm Priestley <tvboxspy@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Checking the return of dev_alloc_skb as stated in the following bug: https://bugzilla.kernel.org/show_bug.cgi?id=60411
Signed-off-by: Iker Pedrosa <ikerpedrosam@gmail.com>
Reported-by: RUC_Soft_Sec rucsoftsec@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
sizeof when applied to a pointer typed expression gives the size of the
pointer.
Found by coccinelle spatch "misc/noderef.cocci"
Signed-off-by: Thomas Meyer <thomas@m3y3r.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
sizeof when applied to a pointer typed expression gives the size of the
pointer.
Found by coccinelle spatch "misc/noderef.cocci"
Signed-off-by: Thomas Meyer <thomas@m3y3r.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
sizeof when applied to a pointer typed expression gives the size of the
pointer.
Found by coccinelle spatch "misc/noderef.cocci"
Signed-off-by: Thomas Meyer <thomas@m3y3r.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
sizeof when applied to a pointer typed expression gives the size of the
pointer.
Found by coccinelle spatch "misc/noderef.cocci"
Signed-off-by: Thomas Meyer <thomas@m3y3r.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
sizeof when applied to a pointer typed expression gives the size of the
pointer.
Found by coccinelle spatch "misc/noderef.cocci"
Signed-off-by: Thomas Meyer <thomas@m3y3r.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
There was too small buffers requested in worst case.
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>
|
|
[linuxtv-media:master 395/499] sdr-msi3101.c:undefined reference to
`vb2_vmalloc_memops'
Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>
|
|
Signed-off-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>
|
|
ade7854_probe can fail. Return the value obtained from it
instead of 0 (success).
Signed-off-by: Sachin Kamat <sachin.kamat@linaro.org>
Cc: Barry Song <21cnbao@gmail.com>
Signed-off-by: Jonathan Cameron <jic23@kernel.org>
|
|
recently broken, cd6fe06588423ff4cca85c85c4402027b04dccf1
staging:iio:hmc5843: Use i2c_smbus_read_word_swapped()
Signed-off-by: Peter Meerwald <pmeerw@pmeerw.net>
Signed-off-by: Jonathan Cameron <jic23@kernel.org>
|
|
The lux_uscale value is not initialized at probe. The value will be
uninitialized unless a value is written to it through the iio channel interface.
This fixes that.
Signed-off-by: Derek Basehore <dbasehore@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/65998
Signed-off-by: Jonathan Cameron <jic23@kernel.org>
|
|
and buffer enabled for built in dummy driver.
This only occurs in the unlikely event that the example driver is built
in whilst the buffer implementation is not.
Solved by switching from a depends on to a select for this particular case.
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Reported-by: Randy Dunlap <rdunlap@infradead.org>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Jonathan Cameron <jic23@kernel.org>
|
|
"source" comes from the user in snd_ctl_elem_write() so it needs to be
checked.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Stefan Hajnoczi <stefanha@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
The Fastwel UNIOxx-5 is a PC/104 board, so put COMEDI_UNIOXX5 under
COMEDI_ISA_DRIVERS.
The DIL/Net-PC 1486 is a 486 system, so put COMEDI_SSV_DNP under
COMEDI_MISC_DRIVERS and add a dependency on X86_32 || COMPILE_TEST.
Reviewed-by: Ian Abbott <abbotti@mev.co.uk>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
In some circumstances, the performance of this driver is highly degraded,
and ifconfig reports large numbers of dropped packets. By increasing the
maximum RX gain from 0x3e to 0x4e, performance is greatly improved.
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Smatch shows the following warning:
drivers/staging/rtl8188eu/core/rtw_ieee80211.c:161 rtw_set_ie() info: ignoring unreachable code.
The cause is a module exit tracing statement after a return.
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Smatch reports the following warning:
"drivers/staging/rtl8188eu/core/rtw_mlme_ext.c:8328 mlme_evt_hdl()
error: buffer overflow 'wlanevents' 24 <= 24"
8321 /* checking if event code is valid */
8322 if (evt_code >= MAX_C2HEVT) {
^^^^^^^^^^^^^^^^^^^^^^
8323 RT_TRACE(_module_rtl871x_cmd_c_, _drv_err_, ("\nEvent Code(%d) mismatch!\n", evt_code));
8324 goto _abort_event_;
8325 }
8326
8327 /* checking if event size match the event parm size */
8328 if ((wlanevents[evt_code].parmsize != 0) &&
^^^^^^^^^^^^^^^^^^^^
8329 (wlanevents[evt_code].parmsize != evt_sz)) {
8330 RT_TRACE(_module_rtl871x_cmd_c_, _drv_err_,
8331 ("\nEvent(%d) Parm Size mismatch (%d vs %d)!\n",
8332 evt_code, wlanevents[evt_code].parmsize, evt_sz));
8333 goto _abort_event_;
8334 }
This warning results because the number of items in "enum rtw_c2h_event",
which determines the value of MAX_C2HEVT, is one more than in "struct wlanevents".
Adding an extra dummy event to the latter fixes the problem.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Smatch reports the following warning:
"drivers/staging/rtl8188eu/hal/rtl8188e_hal_init.c:2008
Hal_ReadPowerValueFromPROM_8188E()
error: buffer overflow 'pwrInfo24G->IndexBW40_Base[rfPath]' 5 <= 5"
drivers/staging/rtl8188eu/hal/rtl8188e_hal_init.c
2005 /* 2.4G default value */
2006 for (group = 0; group < MAX_CHNL_GROUP_24G; group++) {
2007 pwrInfo24G->IndexCCK_Base[rfPath][group] = EEPROM_DEFAULT_24G_INDEX;
2008 pwrInfo24G->IndexBW40_Base[rfPath][group] = EEPROM_DEFAULT_24G_INDEX;
The reason is that IndexCCK_Base[] has MAX_CHNL_GROUP_24G elements, but
IndexBW40_Base is smaller by 1. Make them both have MAX_CHNL_GROUP_24G
elements.
Reported by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
mips allmodconfig fails with
ERROR: "copy_from_user_page" [drivers/staging/lustre/lustre/libcfs/libcfs.ko]
undefined!
which is due to LUSTRE using copy_from_user_page which is not exported by any
architecture. Unfortunately, LUSTRE can only be built as module, so there is no
easy fix.
MIPS, SH, and optionally XTENSA implement copy_from_user_page as unexported
functions. Disable LUSTRE for those.
Cc: Peng Tao <bergwolf@gmail.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This reverts commit c70bda992c12e593e411c02a52e4bd6985407539.
It's incorrect, Kay writes:
Please just remove it. "devname" is meant to be used for
single-instance devices with a static dev_t, never for things
like zramX.
It will not do anything useful here, it does nothing really
without a statically assigned dev_t, and it should not be used
for devices of this kind anyway.
Reported-by: Tom Gundersen <teg@jklm.no>
Reported-by: Kay Sievers <kay@vrfy.org>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Enable only those interrupts that we can handle & acknowledge in the
interrupt handler.
At least on EdgeRouter Lite, the hardware may occasionally interrupt with
some error condition when the physical link status changes frequently.
Since the interrupt condition is not acked properly, this leads to the
following warning and the IRQ gets disabled completely:
[ 41.324700] eth0: Link down
[ 44.324721] eth0: 1000 Mbps Full duplex, port 0, queue 0
[ 44.885590] irq 117: nobody cared (try booting with the "irqpoll" option)
[ 44.892397] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 3.11.0-rc5-edge-los.git-27d042f-dirty-00950-gaa42f2d-dirty #8
[ 44.902825] Stack : ffffffff815c0000 0000000000000004 0000000000000003 0000000000000000
ffffffff81fd0000 ffffffff815c0000 0000000000000004 ffffffff8118530c
ffffffff815c0000 ffffffff811858d8 0000000000000000 0000000000000000
ffffffff81fd0000 ffffffff81fc0000 ffffffff8152f3a0 ffffffff815b7bf7
ffffffff81fc6688 ffffffff815b8060 0000000000000000 0000000000000000
0000000000000000 ffffffff815346c8 ffffffff815346b0 ffffffff814a6a18
ffffffff8158b848 ffffffff81145614 ffffffff81593800 ffffffff81187174
ffffffff815b7d00 ffffffff8158b760 0000000000000000 ffffffff814a9184
0000000000000000 0000000000000000 0000000000000000 0000000000000000
0000000000000000 ffffffff811203b8 0000000000000000 0000000000000000
...
[ 44.968408] Call Trace:
[ 44.970873] [<ffffffff811203b8>] show_stack+0x68/0x80
[ 44.975937] [<ffffffff814a9184>] dump_stack+0x78/0xb8
[ 44.980999] [<ffffffff811aac54>] __report_bad_irq+0x44/0x108
[ 44.986662] [<ffffffff811ab238>] note_interrupt+0x248/0x2a0
[ 44.992240] [<ffffffff811a85e4>] handle_irq_event_percpu+0x144/0x200
[ 44.998598] [<ffffffff811a86f4>] handle_irq_event+0x54/0x90
[ 45.004176] [<ffffffff811ab908>] handle_level_irq+0xd0/0x148
[ 45.009839] [<ffffffff811a7b04>] generic_handle_irq+0x34/0x50
[ 45.015589] [<ffffffff8111dae8>] do_IRQ+0x18/0x30
[ 45.020301] [<ffffffff8110486c>] plat_irq_dispatch+0x74/0xb8
[ 45.025958]
[ 45.027451] handlers:
[ 45.029731] [<ffffffff813fca10>] cvm_oct_rgmii_rml_interrupt
[ 45.035397] Disabling IRQ #117
[ 45.038742] Port 0 receive error code 13, packet dropped
[ 46.324719] eth0: Link down
[ 48.324733] eth0: 1000 Mbps Full duplex, port 0, queue 0
Reported-by: "Jason A. Donenfeld" <Jason@zx2c4.com>
Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi>
Acked-by: David Daney <david.daney@cavium.com>
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Remove skb allocation failure warnings. They will trigger a page
allocation warning already. Also, one of the warnings was not ratelimited,
causing the box to lock up under heavy traffic & low memory.
Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi>
Acked-by: David Daney <david.daney@cavium.com>
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
We should count also dropped packets, otherwise the NAPI handler may
end up running too long.
Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi>
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
It duplicates the definition in arch/alpha/include/asm/pgtable.h and emits
warnings.
Cc: Andreas Dilger <andreas.dilger@intel.com>
Cc: Peng Tao <tao.peng@emc.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Make sure that format strings cannot leak into printk() calls from the
msgbuf string.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This fixes up the usage of snprintf, strncpy, and format strings in the
call to kthread_run to avoid ever accidentally allowing a format string
into the thread name.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
