diff options
author | Greg Kroah-Hartman <gregkh@suse.de> | 2011-02-16 16:17:44 -0800 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@suse.de> | 2011-02-16 16:17:44 -0800 |
commit | 6d5c1c0276291f6ba1f08a53863ca0e614407725 (patch) | |
tree | 7b1ea1062dcc7b451614dfa4cf3d81abafe63ed4 | |
parent | d761012436e0fe3dfc3d2bd1042ccf27d6e330ff (diff) | |
download | longterm-queue-2.6.33-6d5c1c0276291f6ba1f08a53863ca0e614407725.tar.gz |
.33 patches
12 files changed, 560 insertions, 0 deletions
diff --git a/queue-2.6.33/be2net-maintain-tx-and-rx-counters-in-driver.patch b/queue-2.6.33/be2net-maintain-tx-and-rx-counters-in-driver.patch new file mode 100644 index 0000000..cc9932e --- /dev/null +++ b/queue-2.6.33/be2net-maintain-tx-and-rx-counters-in-driver.patch @@ -0,0 +1,95 @@ +From 91992e446cadbbde1a304de6954afd715af5121e Mon Sep 17 00:00:00 2001 +From: Ajit Khaparde <ajitkhaparde@gmail.com> +Date: Fri, 19 Feb 2010 13:57:12 +0000 +Subject: be2net: Maintain tx and rx counters in driver + +From: Ajit Khaparde <ajitkhaparde@gmail.com> + +commit 91992e446cadbbde1a304de6954afd715af5121e upstream. + +For certain skews of the BE adapter, H/W Tx and Rx +counters could be common for more than one interface. +Add Tx and Rx counters in the adapter structure +(to maintain stats on a per interfae basis). + +Signed-off-by: Ajit Khaparde <ajitk@serverengines.com> +Signed-off-by: David S. Miller <davem@davemloft.net> +Cc: maximilian attems <max@stro.at> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + drivers/net/benet/be.h | 2 ++ + drivers/net/benet/be_main.c | 18 +++++++++--------- + 2 files changed, 11 insertions(+), 9 deletions(-) + +--- a/drivers/net/benet/be.h ++++ b/drivers/net/benet/be.h +@@ -165,6 +165,7 @@ struct be_drvr_stats { + ulong be_tx_jiffies; + u64 be_tx_bytes; + u64 be_tx_bytes_prev; ++ u64 be_tx_pkts; + u32 be_tx_rate; + + u32 cache_barrier[16]; +@@ -176,6 +177,7 @@ struct be_drvr_stats { + ulong be_rx_jiffies; + u64 be_rx_bytes; + u64 be_rx_bytes_prev; ++ u64 be_rx_pkts; + u32 be_rx_rate; + /* number of non ether type II frames dropped where + * frame len > length field of Mac Hdr */ +--- a/drivers/net/benet/be_main.c ++++ b/drivers/net/benet/be_main.c +@@ -149,13 +149,10 @@ void netdev_stats_update(struct be_adapt + struct net_device_stats *dev_stats = &adapter->netdev->stats; + struct be_erx_stats *erx_stats = &hw_stats->erx; + +- dev_stats->rx_packets = port_stats->rx_total_frames; +- dev_stats->tx_packets = port_stats->tx_unicastframes + +- port_stats->tx_multicastframes + port_stats->tx_broadcastframes; +- dev_stats->rx_bytes = (u64) port_stats->rx_bytes_msd << 32 | +- (u64) port_stats->rx_bytes_lsd; +- dev_stats->tx_bytes = (u64) port_stats->tx_bytes_msd << 32 | +- (u64) port_stats->tx_bytes_lsd; ++ dev_stats->rx_packets = drvr_stats(adapter)->be_rx_pkts; ++ dev_stats->tx_packets = drvr_stats(adapter)->be_tx_pkts; ++ dev_stats->rx_bytes = drvr_stats(adapter)->be_rx_bytes; ++ dev_stats->tx_bytes = drvr_stats(adapter)->be_tx_bytes; + + /* bad pkts received */ + dev_stats->rx_errors = port_stats->rx_crc_errors + +@@ -312,12 +309,13 @@ static void be_tx_rate_update(struct be_ + } + + static void be_tx_stats_update(struct be_adapter *adapter, +- u32 wrb_cnt, u32 copied, bool stopped) ++ u32 wrb_cnt, u32 copied, u32 gso_segs, bool stopped) + { + struct be_drvr_stats *stats = drvr_stats(adapter); + stats->be_tx_reqs++; + stats->be_tx_wrbs += wrb_cnt; + stats->be_tx_bytes += copied; ++ stats->be_tx_pkts += (gso_segs ? gso_segs : 1); + if (stopped) + stats->be_tx_stops++; + } +@@ -462,7 +460,8 @@ static netdev_tx_t be_xmit(struct sk_buf + + be_txq_notify(adapter, txq->id, wrb_cnt); + +- be_tx_stats_update(adapter, wrb_cnt, copied, stopped); ++ be_tx_stats_update(adapter, wrb_cnt, copied, ++ skb_shinfo(skb)->gso_segs, stopped); + } else { + txq->head = start; + dev_kfree_skb_any(skb); +@@ -607,6 +606,7 @@ static void be_rx_stats_update(struct be + stats->be_rx_compl++; + stats->be_rx_frags += numfrags; + stats->be_rx_bytes += pktsize; ++ stats->be_rx_pkts++; + } + + static inline bool do_pkt_csum(struct be_eth_rx_compl *rxcp, bool cso) diff --git a/queue-2.6.33/cred-fix-bug-upon-security_cred_alloc_blank-failure.patch b/queue-2.6.33/cred-fix-bug-upon-security_cred_alloc_blank-failure.patch new file mode 100644 index 0000000..3b702ee --- /dev/null +++ b/queue-2.6.33/cred-fix-bug-upon-security_cred_alloc_blank-failure.patch @@ -0,0 +1,82 @@ +From 2edeaa34a6e3f2c43b667f6c4f7b27944b811695 Mon Sep 17 00:00:00 2001 +From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> +Date: Mon, 7 Feb 2011 13:36:10 +0000 +Subject: CRED: Fix BUG() upon security_cred_alloc_blank() failure + +From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> + +commit 2edeaa34a6e3f2c43b667f6c4f7b27944b811695 upstream. + +In cred_alloc_blank() since 2.6.32, abort_creds(new) is called with +new->security == NULL and new->magic == 0 when security_cred_alloc_blank() +returns an error. As a result, BUG() will be triggered if SELinux is enabled +or CONFIG_DEBUG_CREDENTIALS=y. + +If CONFIG_DEBUG_CREDENTIALS=y, BUG() is called from __invalid_creds() because +cred->magic == 0. Failing that, BUG() is called from selinux_cred_free() +because selinux_cred_free() is not expecting cred->security == NULL. This does +not affect smack_cred_free(), tomoyo_cred_free() or apparmor_cred_free(). + +Fix these bugs by + +(1) Set new->magic before calling security_cred_alloc_blank(). + +(2) Handle null cred->security in creds_are_invalid() and selinux_cred_free(). + +Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> +Signed-off-by: David Howells <dhowells@redhat.com> +Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + kernel/cred.c | 12 ++++++++---- + security/selinux/hooks.c | 6 +++++- + 2 files changed, 13 insertions(+), 5 deletions(-) + +--- a/kernel/cred.c ++++ b/kernel/cred.c +@@ -256,13 +256,13 @@ struct cred *cred_alloc_blank(void) + #endif + + atomic_set(&new->usage, 1); ++#ifdef CONFIG_DEBUG_CREDENTIALS ++ new->magic = CRED_MAGIC; ++#endif + + if (security_cred_alloc_blank(new, GFP_KERNEL) < 0) + goto error; + +-#ifdef CONFIG_DEBUG_CREDENTIALS +- new->magic = CRED_MAGIC; +-#endif + return new; + + error: +@@ -812,7 +812,11 @@ bool creds_are_invalid(const struct cred + if (cred->magic != CRED_MAGIC) + return true; + #ifdef CONFIG_SECURITY_SELINUX +- if (selinux_is_enabled()) { ++ /* ++ * cred->security == NULL if security_cred_alloc_blank() or ++ * security_prepare_creds() returned an error. ++ */ ++ if (selinux_is_enabled() && cred->security) { + if ((unsigned long) cred->security < PAGE_SIZE) + return true; + if ((*(u32 *)cred->security & 0xffffff00) == +--- a/security/selinux/hooks.c ++++ b/security/selinux/hooks.c +@@ -3261,7 +3261,11 @@ static void selinux_cred_free(struct cre + { + struct task_security_struct *tsec = cred->security; + +- BUG_ON((unsigned long) cred->security < PAGE_SIZE); ++ /* ++ * cred->security == NULL if security_cred_alloc_blank() or ++ * security_prepare_creds() returned an error. ++ */ ++ BUG_ON(cred->security && (unsigned long) cred->security < PAGE_SIZE); + cred->security = (void *) 0x7UL; + kfree(tsec); + } diff --git a/queue-2.6.33/cred-fix-memory-and-refcount-leaks-upon-security_prepare_creds-failure.patch b/queue-2.6.33/cred-fix-memory-and-refcount-leaks-upon-security_prepare_creds-failure.patch new file mode 100644 index 0000000..1554ac0 --- /dev/null +++ b/queue-2.6.33/cred-fix-memory-and-refcount-leaks-upon-security_prepare_creds-failure.patch @@ -0,0 +1,46 @@ +From fb2b2a1d37f80cc818fd4487b510f4e11816e5e1 Mon Sep 17 00:00:00 2001 +From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> +Date: Mon, 7 Feb 2011 13:36:16 +0000 +Subject: CRED: Fix memory and refcount leaks upon security_prepare_creds() failure + +From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> + +commit fb2b2a1d37f80cc818fd4487b510f4e11816e5e1 upstream. + +In prepare_kernel_cred() since 2.6.29, put_cred(new) is called without +assigning new->usage when security_prepare_creds() returned an error. As a +result, memory for new and refcount for new->{user,group_info,tgcred} are +leaked because put_cred(new) won't call __put_cred() unless old->usage == 1. + +Fix these leaks by assigning new->usage (and new->subscribers which was added +in 2.6.32) before calling security_prepare_creds(). + +Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> +Signed-off-by: David Howells <dhowells@redhat.com> +Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + kernel/cred.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/kernel/cred.c ++++ b/kernel/cred.c +@@ -721,6 +721,8 @@ struct cred *prepare_kernel_cred(struct + validate_creds(old); + + *new = *old; ++ atomic_set(&new->usage, 1); ++ set_cred_subscribers(new, 0); + get_uid(new->user); + get_group_info(new->group_info); + +@@ -738,8 +740,6 @@ struct cred *prepare_kernel_cred(struct + if (security_prepare_creds(new, old, GFP_KERNEL) < 0) + goto error; + +- atomic_set(&new->usage, 1); +- set_cred_subscribers(new, 0); + put_cred(old); + validate_creds(new); + return new; diff --git a/queue-2.6.33/isdn-hisax-replace-the-bogus-access-to-irq-stats.patch b/queue-2.6.33/isdn-hisax-replace-the-bogus-access-to-irq-stats.patch new file mode 100644 index 0000000..f1405ca --- /dev/null +++ b/queue-2.6.33/isdn-hisax-replace-the-bogus-access-to-irq-stats.patch @@ -0,0 +1,77 @@ +From 40f08a724fcc21285cf3a75aec957aef908605c6 Mon Sep 17 00:00:00 2001 +From: Thomas Gleixner <tglx@linutronix.de> +Date: Wed, 29 Sep 2010 22:16:36 +0200 +Subject: isdn: hisax: Replace the bogus access to irq stats + +From: Thomas Gleixner <tglx@linutronix.de> + +commit 40f08a724fcc21285cf3a75aec957aef908605c6 upstream. + +Abusing irq stats in a driver for counting interrupts is a horrible +idea and not safe with shared interrupts. Replace it by a local +interrupt counter. + +Noticed by the attempt to remove the irq stats export. + +Signed-off-by: Thomas Gleixner <tglx@linutronix.de> +Reviewed-by: Ingo Molnar <mingo@elte.hu> +Cc: maximilian attems <max@stro.at> + +--- + drivers/isdn/hisax/config.c | 18 ++++++++++++++---- + drivers/isdn/hisax/hisax.h | 1 + + 2 files changed, 15 insertions(+), 4 deletions(-) + +--- a/drivers/isdn/hisax/config.c ++++ b/drivers/isdn/hisax/config.c +@@ -800,6 +800,16 @@ static void closecard(int cardnr) + ll_unload(csta); + } + ++static irqreturn_t card_irq(int intno, void *dev_id) ++{ ++ struct IsdnCardState *cs = dev_id; ++ irqreturn_t ret = cs->irq_func(intno, cs); ++ ++ if (ret == IRQ_HANDLED) ++ cs->irq_cnt++; ++ return ret; ++} ++ + static int init_card(struct IsdnCardState *cs) + { + int irq_cnt, cnt = 3, ret; +@@ -808,10 +818,10 @@ static int init_card(struct IsdnCardStat + ret = cs->cardmsg(cs, CARD_INIT, NULL); + return(ret); + } +- irq_cnt = kstat_irqs(cs->irq); ++ irq_cnt = cs->irq_cnt = 0; + printk(KERN_INFO "%s: IRQ %d count %d\n", CardType[cs->typ], + cs->irq, irq_cnt); +- if (request_irq(cs->irq, cs->irq_func, cs->irq_flags, "HiSax", cs)) { ++ if (request_irq(cs->irq, card_irq, cs->irq_flags, "HiSax", cs)) { + printk(KERN_WARNING "HiSax: couldn't get interrupt %d\n", + cs->irq); + return 1; +@@ -821,8 +831,8 @@ static int init_card(struct IsdnCardStat + /* Timeout 10ms */ + msleep(10); + printk(KERN_INFO "%s: IRQ %d count %d\n", +- CardType[cs->typ], cs->irq, kstat_irqs(cs->irq)); +- if (kstat_irqs(cs->irq) == irq_cnt) { ++ CardType[cs->typ], cs->irq, cs->irq_cnt); ++ if (cs->irq_cnt == irq_cnt) { + printk(KERN_WARNING + "%s: IRQ(%d) getting no interrupts during init %d\n", + CardType[cs->typ], cs->irq, 4 - cnt); +--- a/drivers/isdn/hisax/hisax.h ++++ b/drivers/isdn/hisax/hisax.h +@@ -959,6 +959,7 @@ struct IsdnCardState { + u_long event; + struct work_struct tqueue; + struct timer_list dbusytimer; ++ unsigned int irq_cnt; + #ifdef ERROR_STATISTIC + int err_crc; + int err_tx; diff --git a/queue-2.6.33/ixgbe-prevent-speculative-processing-of-descriptors-before-ready.patch b/queue-2.6.33/ixgbe-prevent-speculative-processing-of-descriptors-before-ready.patch new file mode 100644 index 0000000..016f0a7 --- /dev/null +++ b/queue-2.6.33/ixgbe-prevent-speculative-processing-of-descriptors-before-ready.patch @@ -0,0 +1,46 @@ +From 3c945e5b3719bcc18c6ddd31bbcae8ef94f3d19a Mon Sep 17 00:00:00 2001 +From: Milton Miller <miltonm@bga.com> +Date: Fri, 19 Feb 2010 17:44:42 +0000 +Subject: ixgbe: prevent speculative processing of descriptors before ready + +From: Milton Miller <miltonm@bga.com> + +commit 3c945e5b3719bcc18c6ddd31bbcae8ef94f3d19a upstream. + +The PowerPC architecture does not require loads to independent bytes to be +ordered without adding an explicit barrier. + +In ixgbe_clean_rx_irq we load the status bit then load the packet data. +With packet split disabled if these loads go out of order we get a +stale packet, but we will notice the bad sequence numbers and drop it. + +The problem occurs with packet split enabled where the TCP/IP header and data +are in different descriptors. If the reads go out of order we may have data +that doesn't match the TCP/IP header. Since we use hardware checksumming this +bad data is never verified and it makes it all the way to the application. + +This bug was found during stress testing and adding this barrier has been shown +to fix it. + +Signed-off-by: Milton Miller <miltonm@bga.com> +Signed-off-by: Anton Blanchard <anton@samba.org> +Acked-by: Don Skidmore <donald.c.skidmore@intel.com> +Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com> +Signed-off-by: David S. Miller <davem@davemloft.net> +Cc: maximilian attems <max@stro.at> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + drivers/net/ixgbe/ixgbe_main.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/net/ixgbe/ixgbe_main.c ++++ b/drivers/net/ixgbe/ixgbe_main.c +@@ -806,6 +806,7 @@ static bool ixgbe_clean_rx_irq(struct ix + break; + (*work_done)++; + ++ rmb(); /* read descriptor and rx_buffer_info after status DD */ + if (rx_ring->flags & IXGBE_RING_RX_PS_ENABLED) { + hdr_info = le16_to_cpu(ixgbe_get_hdr_info(rx_desc)); + len = (hdr_info & IXGBE_RXDADV_HDRBUFLEN_MASK) >> diff --git a/queue-2.6.33/nfs-fix-the-return-value-of-nfs_file_fsync.patch b/queue-2.6.33/nfs-fix-the-return-value-of-nfs_file_fsync.patch new file mode 100644 index 0000000..44ad01f --- /dev/null +++ b/queue-2.6.33/nfs-fix-the-return-value-of-nfs_file_fsync.patch @@ -0,0 +1,33 @@ +From 0702099bd86c33c2dcdbd3963433a61f3f503901 Mon Sep 17 00:00:00 2001 +From: J. R. Okajima <hooanon05@yahoo.co.jp> +Date: Wed, 11 Aug 2010 13:10:16 -0400 +Subject: NFS: fix the return value of nfs_file_fsync() + +From: J. R. Okajima <hooanon05@yahoo.co.jp> + +commit 0702099bd86c33c2dcdbd3963433a61f3f503901 upstream. + +By the commit af7fa16 2010-08-03 NFS: Fix up the fsync code +close(2) became returning the non-zero value even if it went well. +nfs_file_fsync() should return 0 when "status" is positive. + +Signed-off-by: J. R. Okajima <hooanon05@yahoo.co.jp> +Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> +Signed-off-by: Tim Gardner <tim.gardner@canonical.com> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + fs/nfs/file.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/fs/nfs/file.c ++++ b/fs/nfs/file.c +@@ -218,7 +218,7 @@ static int nfs_do_fsync(struct nfs_open_ + have_error |= test_bit(NFS_CONTEXT_ERROR_WRITE, &ctx->flags); + if (have_error) + ret = xchg(&ctx->error, 0); +- if (!ret) ++ if (!ret && status < 0) + ret = status; + return ret; + } diff --git a/queue-2.6.33/scsi_dh_alua-add-ibm-power-virtual-scsi-alua-device-to-dev-list.patch b/queue-2.6.33/scsi_dh_alua-add-ibm-power-virtual-scsi-alua-device-to-dev-list.patch new file mode 100644 index 0000000..a9a492d --- /dev/null +++ b/queue-2.6.33/scsi_dh_alua-add-ibm-power-virtual-scsi-alua-device-to-dev-list.patch @@ -0,0 +1,30 @@ +From 22963a37b3437a25812cc856afa5a84ad4a3f541 Mon Sep 17 00:00:00 2001 +From: Brian King <brking@linux.vnet.ibm.com> +Date: Fri, 19 Feb 2010 10:08:31 -0600 +Subject: [SCSI] scsi_dh_alua: Add IBM Power Virtual SCSI ALUA device to dev list + +From: Brian King <brking@linux.vnet.ibm.com> + +commit 22963a37b3437a25812cc856afa5a84ad4a3f541 upstream. + +Adds IBM Power Virtual SCSI ALUA devices to the ALUA device handler. + +Signed-off-by: Brian King <brking@linux.vnet.ibm.com> +Signed-off-by: James Bottomley <James.Bottomley@suse.de> +Cc: maximilian attems <max@stro.at> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + drivers/scsi/device_handler/scsi_dh_alua.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/scsi/device_handler/scsi_dh_alua.c ++++ b/drivers/scsi/device_handler/scsi_dh_alua.c +@@ -718,6 +718,7 @@ static const struct scsi_dh_devlist alua + {"Pillar", "Axiom" }, + {"Intel", "Multi-Flex"}, + {"NETAPP", "LUN"}, ++ {"AIX", "NVDISK"}, + {NULL, NULL} + }; + diff --git a/queue-2.6.33/scsi_dh_alua-add-netapp-to-dev-list.patch b/queue-2.6.33/scsi_dh_alua-add-netapp-to-dev-list.patch new file mode 100644 index 0000000..3d2189e --- /dev/null +++ b/queue-2.6.33/scsi_dh_alua-add-netapp-to-dev-list.patch @@ -0,0 +1,31 @@ +From cd4a8814d44672bd2c8f04a472121bfbe193809c Mon Sep 17 00:00:00 2001 +From: Mike Christie <michaelc@cs.wisc.edu> +Date: Thu, 18 Feb 2010 17:32:03 -0600 +Subject: [SCSI] scsi_dh_alua: add netapp to dev list + +From: Mike Christie <michaelc@cs.wisc.edu> + +commit cd4a8814d44672bd2c8f04a472121bfbe193809c upstream. + +Newer Netapp target software supports ALUA, so +this patch adds them to the scsi_dev_alua dev list. + +Signed-off-by: Mike Christie <michaelc@cs.wisc.edu> +Signed-off-by: James Bottomley <James.Bottomley@suse.de> +Cc: maximilian attems <max@stro.at> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + drivers/scsi/device_handler/scsi_dh_alua.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/scsi/device_handler/scsi_dh_alua.c ++++ b/drivers/scsi/device_handler/scsi_dh_alua.c +@@ -717,6 +717,7 @@ static const struct scsi_dh_devlist alua + {"IBM", "2145" }, + {"Pillar", "Axiom" }, + {"Intel", "Multi-Flex"}, ++ {"NETAPP", "LUN"}, + {NULL, NULL} + }; + diff --git a/queue-2.6.33/series b/queue-2.6.33/series index 12b09d2..fe99aad 100644 --- a/queue-2.6.33/series +++ b/queue-2.6.33/series @@ -344,3 +344,14 @@ x86-pvclock-zero-last_value-on-resume.patch av7110-check-for-negative-array-offset.patch cred-fix-get_task_cred-and-task_state-to-not-resurrect-dead-credentials.patch cred-fix-kernel-panic-upon-security_file_alloc-failure.patch +cred-fix-bug-upon-security_cred_alloc_blank-failure.patch +cred-fix-memory-and-refcount-leaks-upon-security_prepare_creds-failure.patch +nfs-fix-the-return-value-of-nfs_file_fsync.patch +isdn-hisax-replace-the-bogus-access-to-irq-stats.patch +ixgbe-prevent-speculative-processing-of-descriptors-before-ready.patch +scsi_dh_alua-add-netapp-to-dev-list.patch +scsi_dh_alua-add-ibm-power-virtual-scsi-alua-device-to-dev-list.patch +sunrpc-cache-fix-module-refcnt-leak-in-a-failure-path.patch +be2net-maintain-tx-and-rx-counters-in-driver.patch +tcp-increase-tcp_maxseg-socket-option-minimum.patch +tcp-make-tcp_maxseg-minimum-more-correct.patch diff --git a/queue-2.6.33/sunrpc-cache-fix-module-refcnt-leak-in-a-failure-path.patch b/queue-2.6.33/sunrpc-cache-fix-module-refcnt-leak-in-a-failure-path.patch new file mode 100644 index 0000000..fe265fa --- /dev/null +++ b/queue-2.6.33/sunrpc-cache-fix-module-refcnt-leak-in-a-failure-path.patch @@ -0,0 +1,38 @@ +From a5990ea1254cd186b38744507aeec3136a0c1c95 Mon Sep 17 00:00:00 2001 +From: Li Zefan <lizf@cn.fujitsu.com> +Date: Thu, 11 Mar 2010 14:08:10 -0800 +Subject: sunrpc/cache: fix module refcnt leak in a failure path + +From: Li Zefan <lizf@cn.fujitsu.com> + +commit a5990ea1254cd186b38744507aeec3136a0c1c95 upstream. + +Don't forget to release the module refcnt if seq_open() returns failure. + +Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> +Cc: J. Bruce Fields <bfields@fieldses.org> +Cc: Neil Brown <neilb@suse.de> +Cc: Trond Myklebust <Trond.Myklebust@netapp.com> +Signed-off-by: Andrew Morton <akpm@linux-foundation.org> +Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> +Cc: maximilian attems <max@stro.at> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + net/sunrpc/cache.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +--- a/net/sunrpc/cache.c ++++ b/net/sunrpc/cache.c +@@ -1233,8 +1233,10 @@ static int content_open(struct inode *in + if (!cd || !try_module_get(cd->owner)) + return -EACCES; + han = __seq_open_private(file, &cache_content_op, sizeof(*han)); +- if (han == NULL) ++ if (han == NULL) { ++ module_put(cd->owner); + return -ENOMEM; ++ } + + han->cd = cd; + return 0; diff --git a/queue-2.6.33/tcp-increase-tcp_maxseg-socket-option-minimum.patch b/queue-2.6.33/tcp-increase-tcp_maxseg-socket-option-minimum.patch new file mode 100644 index 0000000..5e0c9bb --- /dev/null +++ b/queue-2.6.33/tcp-increase-tcp_maxseg-socket-option-minimum.patch @@ -0,0 +1,40 @@ +From 7a1abd08d52fdeddb3e9a5a33f2f15cc6a5674d2 Mon Sep 17 00:00:00 2001 +From: David S. Miller <davem@davemloft.net> +Date: Wed, 10 Nov 2010 21:35:37 -0800 +Subject: tcp: Increase TCP_MAXSEG socket option minimum. + +From: David S. Miller <davem@davemloft.net> + +commit 7a1abd08d52fdeddb3e9a5a33f2f15cc6a5674d2 upstream. + +As noted by Steve Chen, since commit +f5fff5dc8a7a3f395b0525c02ba92c95d42b7390 ("tcp: advertise MSS +requested by user") we can end up with a situation where +tcp_select_initial_window() does a divide by a zero (or +even negative) mss value. + +The problem is that sometimes we effectively subtract +TCPOLEN_TSTAMP_ALIGNED and/or TCPOLEN_MD5SIG_ALIGNED from the mss. + +Fix this by increasing the minimum from 8 to 64. + +Reported-by: Steve Chen <schen@mvista.com> +Signed-off-by: David S. Miller <davem@davemloft.net> +Cc: Moritz Muehlenhoff <jmm@debian.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + net/ipv4/tcp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/net/ipv4/tcp.c ++++ b/net/ipv4/tcp.c +@@ -2232,7 +2232,7 @@ static int do_tcp_setsockopt(struct sock + /* Values greater than interface MTU won't take effect. However + * at the point when this call is done we typically don't yet + * know which interface is going to be used */ +- if (val < 8 || val > MAX_TCP_WINDOW) { ++ if (val < 64 || val > MAX_TCP_WINDOW) { + err = -EINVAL; + break; + } diff --git a/queue-2.6.33/tcp-make-tcp_maxseg-minimum-more-correct.patch b/queue-2.6.33/tcp-make-tcp_maxseg-minimum-more-correct.patch new file mode 100644 index 0000000..20d4324 --- /dev/null +++ b/queue-2.6.33/tcp-make-tcp_maxseg-minimum-more-correct.patch @@ -0,0 +1,31 @@ +From c39508d6f118308355468314ff414644115a07f3 Mon Sep 17 00:00:00 2001 +From: David S. Miller <davem@davemloft.net> +Date: Wed, 24 Nov 2010 11:47:22 -0800 +Subject: tcp: Make TCP_MAXSEG minimum more correct. + +From: David S. Miller <davem@davemloft.net> + +commit c39508d6f118308355468314ff414644115a07f3 upstream. + +Use TCP_MIN_MSS instead of constant 64. + +Reported-by: Min Zhang <mzhang@mvista.com> +Signed-off-by: David S. Miller <davem@davemloft.net> +Cc: Moritz Muehlenhoff <jmm@debian.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> + +--- + net/ipv4/tcp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/net/ipv4/tcp.c ++++ b/net/ipv4/tcp.c +@@ -2232,7 +2232,7 @@ static int do_tcp_setsockopt(struct sock + /* Values greater than interface MTU won't take effect. However + * at the point when this call is done we typically don't yet + * know which interface is going to be used */ +- if (val < 64 || val > MAX_TCP_WINDOW) { ++ if (val < TCP_MIN_MSS || val > MAX_TCP_WINDOW) { + err = -EINVAL; + break; + } |