aboutsummaryrefslogtreecommitdiff
path: root/drivers/isdn
AgeCommit message (Collapse)Author
2011-01-04Merge branch 'master' of ↵David S. Miller
master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2010-12-31ISDN, Gigaset: Fix memory leak in do_disconnect_req()Jesper Juhl
Hi, In drivers/isdn/gigaset/capi.c::do_disconnect_req() we will leak the memory allocated (with kmalloc) to 'b3cmsg' if the call to alloc_skb() fails. ... b3cmsg = kmalloc(sizeof(*b3cmsg), GFP_KERNEL); allocation here ------^ if (!b3cmsg) { dev_err(cs->dev, "%s: out of memory\n", __func__); send_conf(iif, ap, skb, CAPI_MSGOSRESOURCEERR); return; } capi_cmsg_header(b3cmsg, ap->id, CAPI_DISCONNECT_B3, CAPI_IND, ap->nextMessageNumber++, cmsg->adr.adrPLCI | (1 << 16)); b3cmsg->Reason_B3 = CapiProtocolErrorLayer1; b3skb = alloc_skb(CAPI_DISCONNECT_B3_IND_BASELEN, GFP_KERNEL); if (b3skb == NULL) { dev_err(cs->dev, "%s: out of memory\n", __func__); send_conf(iif, ap, skb, CAPI_MSGOSRESOURCEERR); return; leak here ------^ ... This leak is easily fixed by just kfree()'ing the memory allocated to 'b3cmsg' right before we return. The following patch does that. Signed-off-by: Jesper Juhl <jj@chaosbits.net> Acked-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-12-10isdn: Fix printed out copy_from_user() return value after previous change.David S. Miller
Signed-off-by: David S. Miller <davem@davemloft.net>
2010-12-10isdn: return -EFAULT if copy_from_user() failsDan Carpenter
We should be returning -EFAULT here. Mostly this patch is to silence a smatch warning. The upper levels of this driver turn all non-zero return values from isar_load_firmware() into 1. Signed-off-by: Dan Carpenter <error27@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-12-08Merge branch 'master' of ↵David S. Miller
master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 Conflicts: drivers/net/wireless/ath/ath9k/ar9003_eeprom.c net/llc/af_llc.c
2010-12-08isdn/hisax: fix compiler warning on hisax_pci_tblNamhyung Kim
Annotate hisax_pci_tbl as '__used' to fix following warning: CC drivers/isdn/hisax/config.o drivers/isdn/hisax/config.c:1920: warning: ‘hisax_pci_tbl’ defined but not used Signed-off-by: Namhyung Kim <namhyung@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-11-24isdn: icn: Fix stack corruption bug.Steven Rostedt
Running randconfig with ktest.pl I hit this bug: [ 16.101158] ICN-ISDN-driver Rev 1.65.6.8 mem=0x000d0000 [ 16.106376] icn: (line0) ICN-2B, port 0x320 added [ 16.111064] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: c1642880 [ 16.111066] [ 16.121214] Pid: 1, comm: swapper Not tainted 2.6.37-rc2-test-00124-g6656b3f #8 [ 16.128499] Call Trace: [ 16.130942] [<c0f51662>] ? printk+0x1d/0x23 [ 16.135200] [<c0f5153f>] panic+0x5c/0x162 [ 16.139286] [<c0d62a9a>] ? icn_addcard+0x6d/0xbe [ 16.143975] [<c0445783>] print_tainted+0x0/0x8c [ 16.148582] [<c1642880>] ? icn_init+0xd8/0xdf [ 16.153012] [<c1642880>] icn_init+0xd8/0xdf [ 16.157271] [<c04012e5>] do_one_initcall+0x8c/0x143 [ 16.162222] [<c16427a8>] ? icn_init+0x0/0xdf [ 16.166566] [<c15f1a05>] kernel_init+0x13f/0x1da [ 16.171256] [<c15f18c6>] ? kernel_init+0x0/0x1da [ 16.175945] [<c0403bfe>] kernel_thread_helper+0x6/0x10 [ 16.181181] panic occurred, switching back to text console Looking into it I found that the stack was corrupted by the assignment of the Rev #. The variable rev is given 10 bytes, and in this output the characters that were copied was: " 1.65.6.8 $". Which was 11 characters plus the null ending character for a total of 12 bytes, thus corrupting the stack. This patch ups the variable size to 20 bytes as well as changes the strcpy to strncpy. I also added a check to make sure '$' is found. Signed-off-by: Steven Rostedt <rostedt@goodmis.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-11-19filter: optimize sk_run_filterEric Dumazet
Remove pc variable to avoid arithmetic to compute fentry at each filter instruction. Jumps directly manipulate fentry pointer. As the last instruction of filter[] is guaranteed to be a RETURN, and all jumps are before the last instruction, we dont need to check filter bounds (number of instructions in filter array) at each iteration, so we remove it from sk_run_filter() params. On x86_32 remove f_k var introduced in commit 57fe93b374a6b871 (filter: make sure filters dont read uninitialized memory) Note : We could use a CONFIG_ARCH_HAS_{FEW|MANY}_REGISTERS in order to avoid too many ifdefs in this code. This helps compiler to use cpu registers to hold fentry and A accumulator. On x86_32, this saves 401 bytes, and more important, sk_run_filter() runs much faster because less register pressure (One less conditional branch per BPF instruction) # size net/core/filter.o net/core/filter_pre.o text data bss dec hex filename 2948 0 0 2948 b84 net/core/filter.o 3349 0 0 3349 d15 net/core/filter_pre.o on x86_64 : # size net/core/filter.o net/core/filter_pre.o text data bss dec hex filename 5173 0 0 5173 1435 net/core/filter.o 5224 0 0 5224 1468 net/core/filter_pre.o Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Acked-by: Changli Gao <xiaosuo@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-11-17drivers/isdn/hisax: Add printf format/argument verification and fix falloutJoe Perches
Add __attribute__((format... to several functins Make formats and arguments match. Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-11-17drivers/isdn/i4l: Remove unnecessary casts of netdev_privJoe Perches
Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-11-16drivers/isdn/mISDN: Use printf extension %pVJoe Perches
Using %pV reduces the number of printk calls and eliminates any possible message interleaving from other printk calls. Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-11-15drivers/isdn: Remove unnecessary semicolonsJoe Perches
Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-11-05Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (41 commits) inet_diag: Make sure we actually run the same bytecode we audited. netlink: Make nlmsg_find_attr take a const nlmsghdr*. fib: fib_result_assign() should not change fib refcounts netfilter: ip6_tables: fix information leak to userspace cls_cgroup: Fix crash on module unload memory corruption in X.25 facilities parsing net dst: fix percpu_counter list corruption and poison overwritten rds: Remove kfreed tcp conn from list rds: Lost locking in loop connection freeing de2104x: fix panic on load atl1 : fix panic on load netxen: remove unused firmware exports caif: Remove noisy printout when disconnecting caif socket caif: SPI-driver bugfix - incorrect padding. caif: Bugfix for socket priority, bindtodev and dbg channel. smsc911x: Set Ethernet EEPROM size to supported device's size ipv4: netfilter: ip_tables: fix information leak to userland ipv4: netfilter: arp_tables: fix information leak to userland cxgb4vf: remove call to stop TX queues at load time. cxgb4: remove call to stop TX queues at load time. ...
2010-11-01trivial: fix typos concerning "function"Uwe Kleine-König
I'm a bit unsure about this patch. I'm unable to parse both statements. Cc: netdev@vger.kernel.org Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-30Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: isdn: mISDN: socket: fix information leak to userland netdev: can: Change mail address of Hans J. Koch pcnet_cs: add new_id net: Truncate recvfrom and sendto length to INT_MAX. RDS: Let rds_message_alloc_sgs() return NULL RDS: Copy rds_iovecs into kernel memory instead of rereading from userspace RDS: Clean up error handling in rds_cmsg_rdma_args RDS: Return -EINVAL if rds_rdma_pages returns an error net: fix rds_iovec page count overflow can: pch_can: fix section mismatch warning by using a whitelisted name can: pch_can: fix sparse warning netxen_nic: Fix the tx queue manipulation bug in netxen_nic_probe ip_gre: fix fallback tunnel setup vmxnet: trivial annotation of protocol constant vmxnet3: remove unnecessary byteswapping in BAR writing macros ipv6/udp: report SndbufErrors and RcvbufErrors phy/marvell: rename 88ec048 to 88e1318s and fix mscr1 addr
2010-10-30isdn: mISDN: socket: fix information leak to userlandKulikov Vasiliy
Structure mISDN_devinfo is copied to userland with the field "name" that has the last elements unitialized. It leads to leaking of contents of kernel stack memory. Signed-off-by: Vasiliy Kulikov <segooon@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-29convert get_sb_single() usersAl Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2010-10-27drivers/isdn: delete double assignmentJulia Lawall
Delete successive assignments to the same location. In the first case, the hscx array has two elements, so change the assignment to initialize the second one. In the second case, the two assignments are simply identical. Furthermore, neither is necessary, because the effect of the assignment is only visible in the next line, in the assignment in the if test. The patch inlines the right hand side value in the latter assignment and pulls that assignment out of the if test. A simplified version of the semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // <smpl> @@ expression i; @@ *i = ...; i = ...; // </smpl> Signed-off-by: Julia Lawall <julia@diku.dk> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-24Merge branch 'for-next' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial * 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (39 commits) Update broken web addresses in arch directory. Update broken web addresses in the kernel. Revert "drivers/usb: Remove unnecessary return's from void functions" for musb gadget Revert "Fix typo: configuation => configuration" partially ida: document IDA_BITMAP_LONGS calculation ext2: fix a typo on comment in ext2/inode.c drivers/scsi: Remove unnecessary casts of private_data drivers/s390: Remove unnecessary casts of private_data net/sunrpc/rpc_pipe.c: Remove unnecessary casts of private_data drivers/infiniband: Remove unnecessary casts of private_data drivers/gpu/drm: Remove unnecessary casts of private_data kernel/pm_qos_params.c: Remove unnecessary casts of private_data fs/ecryptfs: Remove unnecessary casts of private_data fs/seq_file.c: Remove unnecessary casts of private_data arm: uengine.c: remove C99 comments arm: scoop.c: remove C99 comments Fix typo configue => configure in comments Fix typo: configuation => configuration Fix typo interrest[ing|ed] => interest[ing|ed] Fix various typos of valid in comments ... Fix up trivial conflicts in: drivers/char/ipmi/ipmi_si_intf.c drivers/usb/gadget/rndis.c net/irda/irnet/irnet_ppp.c
2010-10-23Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6: (1699 commits) bnx2/bnx2x: Unsupported Ethtool operations should return -EINVAL. vlan: Calling vlan_hwaccel_do_receive() is always valid. tproxy: use the interface primary IP address as a default value for --on-ip tproxy: added IPv6 support to the socket match cxgb3: function namespace cleanup tproxy: added IPv6 support to the TPROXY target tproxy: added IPv6 socket lookup function to nf_tproxy_core be2net: Changes to use only priority codes allowed by f/w tproxy: allow non-local binds of IPv6 sockets if IP_TRANSPARENT is enabled tproxy: added tproxy sockopt interface in the IPV6 layer tproxy: added udp6_lib_lookup function tproxy: added const specifiers to udp lookup functions tproxy: split off ipv6 defragmentation to a separate module l2tp: small cleanup nf_nat: restrict ICMP translation for embedded header can: mcp251x: fix generation of error frames can: mcp251x: fix endless loop in interrupt handler if CANINTF_MERRF is set can-raw: add msg_flags to distinguish local traffic 9p: client code cleanup rds: make local functions/variables static ... Fix up conflicts in net/core/dev.c, drivers/net/pcmcia/smc91c92_cs.c and drivers/net/wireless/ath/ath9k/debug.c as per David
2010-10-22Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wqLinus Torvalds
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq: workqueue: remove in_workqueue_context() workqueue: Clarify that schedule_on_each_cpu is synchronous memory_hotplug: drop spurious calls to flush_scheduled_work() shpchp: update workqueue usage pciehp: update workqueue usage isdn/eicon: don't call flush_scheduled_work() from diva_os_remove_soft_isr() workqueue: add and use WQ_MEM_RECLAIM flag workqueue: fix HIGHPRI handling in keep_working() workqueue: add queue_work and activate_work trace points workqueue: prepare for more tracepoints workqueue: implement flush[_delayed]_work_sync() workqueue: factor out start_flush_work() workqueue: cleanup flush/cancel functions workqueue: implement alloc_ordered_workqueue() Fix up trivial conflict in fs/gfs2/main.c as per Tejun
2010-10-22Merge branch 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bklLinus Torvalds
* 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bkl: vfs: make no_llseek the default vfs: don't use BKL in default_llseek llseek: automatically add .llseek fop libfs: use generic_file_llseek for simple_attr mac80211: disallow seeks in minstrel debug code lirc: make chardev nonseekable viotape: use noop_llseek raw: use explicit llseek file operations ibmasmfs: use generic_file_llseek spufs: use llseek in all file operations arm/omap: use generic_file_llseek in iommu_debug lkdtm: use generic_file_llseek in debugfs net/wireless: use generic_file_llseek in debugfs drm: use noop_llseek
2010-10-21Merge git://git.kernel.org/pub/scm/linux/kernel/git/brodo/pcmcia-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/brodo/pcmcia-2.6: (22 commits) pcmcia: synclink_cs: fix information leak to userland pcmcia: don't call flush_scheduled_work() spuriously serial_cs: drop spurious flush_scheduled_work() call pcmcia/yenta: guide users in case of problems with O2-bridges pcmcia: fix unused function compile warning pcmcia: vrc4173_cardu: Fix error path for pci_release_regions and pci_disable_device pcmcia: add a few debug statements pcmcia: remove obsolete and wrong comments pcmcia: avoid messages on module (un)loading pcmcia: move driver name to struct pcmcia_driver pcmcia: remove the "Finally, report what we've done" message pcmcia: use autoconfiguration feature for ioports and iomem pcmcia: introduce autoconfiguration feature pcmcia: Documentation update pcmcia: convert pcmcia_request_configuration to pcmcia_enable_device pcmcia: move config_{base,index,regs} to struct pcmcia_device pcmcia: simplify IntType pcmcia: simplify Status, ExtStatus register access pcmcia: remove Pin, Copy configuration register access pcmcia: move Vpp setup to struct pcmcia_device ...
2010-10-21CAPI: Silence lockdep warning on get_capi_appl_by_nr usageJan Kiszka
As long as we hold capi_controller_lock, we can safely access capi_applications without RCU protection as no one can modify the application list underneath us. Introduce an RCU-free __get_capi_appl_by_nr for this purpose. This silences lockdep warnings on suspicious rcu_dereference usage. Signed-off-by: Jan Kiszka <jan.kiszka@web.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-20Merge branch 'linus' into irq/coreIngo Molnar
Merge reason: update to almost-final-.36 Signed-off-by: Ingo Molnar <mingo@elte.hu>
2010-10-18Update broken web addresses in the kernel.Justin P. Mattock
The patch below updates broken web addresses in the kernel Signed-off-by: Justin P. Mattock <justinmattock@gmail.com> Cc: Maciej W. Rozycki <macro@linux-mips.org> Cc: Geert Uytterhoeven <geert@linux-m68k.org> Cc: Finn Thain <fthain@telegraphics.com.au> Cc: Randy Dunlap <rdunlap@xenotime.net> Cc: Matt Turner <mattst88@gmail.com> Cc: Dimitry Torokhov <dmitry.torokhov@gmail.com> Cc: Mike Frysinger <vapier.adi@gmail.com> Acked-by: Ben Pfaff <blp@cs.stanford.edu> Acked-by: Hans J. Koch <hjk@linutronix.de> Reviewed-by: Finn Thain <fthain@telegraphics.com.au> Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2010-10-17isdn/eicon: don't call flush_scheduled_work() from diva_os_remove_soft_isr()Tejun Heo
diva doesn't use workqueue and there is no reason to flush the system workqueue from diva_os_remove_soft_isr(). Remove it. This is to prepare for the deprecation and removal of flush_scheduled_work(). Signed-off-by: Tejun Heo <tj@kernel.org> Acked-by: Armin Schindler <armin@melware.de>
2010-10-15llseek: automatically add .llseek fopArnd Bergmann
All file_operations should get a .llseek operation so we can make nonseekable_open the default for future file operations without a .llseek pointer. The three cases that we can automatically detect are no_llseek, seq_lseek and default_llseek. For cases where we can we can automatically prove that the file offset is always ignored, we use noop_llseek, which maintains the current behavior of not returning an error from a seek. New drivers should normally not use noop_llseek but instead use no_llseek and call nonseekable_open at open time. Existing drivers can be converted to do the same when the maintainer knows for certain that no user code relies on calling seek on the device file. The generated code is often incorrectly indented and right now contains comments that clarify for each added line why a specific variant was chosen. In the version that gets submitted upstream, the comments will be gone and I will manually fix the indentation, because there does not seem to be a way to do that using coccinelle. Some amount of new code is currently sitting in linux-next that should get the same modifications, which I will do at the end of the merge window. Many thanks to Julia Lawall for helping me learn to write a semantic patch that does all this. ===== begin semantic patch ===== // This adds an llseek= method to all file operations, // as a preparation for making no_llseek the default. // // The rules are // - use no_llseek explicitly if we do nonseekable_open // - use seq_lseek for sequential files // - use default_llseek if we know we access f_pos // - use noop_llseek if we know we don't access f_pos, // but we still want to allow users to call lseek // @ open1 exists @ identifier nested_open; @@ nested_open(...) { <+... nonseekable_open(...) ...+> } @ open exists@ identifier open_f; identifier i, f; identifier open1.nested_open; @@ int open_f(struct inode *i, struct file *f) { <+... ( nonseekable_open(...) | nested_open(...) ) ...+> } @ read disable optional_qualifier exists @ identifier read_f; identifier f, p, s, off; type ssize_t, size_t, loff_t; expression E; identifier func; @@ ssize_t read_f(struct file *f, char *p, size_t s, loff_t *off) { <+... ( *off = E | *off += E | func(..., off, ...) | E = *off ) ...+> } @ read_no_fpos disable optional_qualifier exists @ identifier read_f; identifier f, p, s, off; type ssize_t, size_t, loff_t; @@ ssize_t read_f(struct file *f, char *p, size_t s, loff_t *off) { ... when != off } @ write @ identifier write_f; identifier f, p, s, off; type ssize_t, size_t, loff_t; expression E; identifier func; @@ ssize_t write_f(struct file *f, const char *p, size_t s, loff_t *off) { <+... ( *off = E | *off += E | func(..., off, ...) | E = *off ) ...+> } @ write_no_fpos @ identifier write_f; identifier f, p, s, off; type ssize_t, size_t, loff_t; @@ ssize_t write_f(struct file *f, const char *p, size_t s, loff_t *off) { ... when != off } @ fops0 @ identifier fops; @@ struct file_operations fops = { ... }; @ has_llseek depends on fops0 @ identifier fops0.fops; identifier llseek_f; @@ struct file_operations fops = { ... .llseek = llseek_f, ... }; @ has_read depends on fops0 @ identifier fops0.fops; identifier read_f; @@ struct file_operations fops = { ... .read = read_f, ... }; @ has_write depends on fops0 @ identifier fops0.fops; identifier write_f; @@ struct file_operations fops = { ... .write = write_f, ... }; @ has_open depends on fops0 @ identifier fops0.fops; identifier open_f; @@ struct file_operations fops = { ... .open = open_f, ... }; // use no_llseek if we call nonseekable_open //////////////////////////////////////////// @ nonseekable1 depends on !has_llseek && has_open @ identifier fops0.fops; identifier nso ~= "nonseekable_open"; @@ struct file_operations fops = { ... .open = nso, ... +.llseek = no_llseek, /* nonseekable */ }; @ nonseekable2 depends on !has_llseek @ identifier fops0.fops; identifier open.open_f; @@ struct file_operations fops = { ... .open = open_f, ... +.llseek = no_llseek, /* open uses nonseekable */ }; // use seq_lseek for sequential files ///////////////////////////////////// @ seq depends on !has_llseek @ identifier fops0.fops; identifier sr ~= "seq_read"; @@ struct file_operations fops = { ... .read = sr, ... +.llseek = seq_lseek, /* we have seq_read */ }; // use default_llseek if there is a readdir /////////////////////////////////////////// @ fops1 depends on !has_llseek && !nonseekable1 && !nonseekable2 && !seq @ identifier fops0.fops; identifier readdir_e; @@ // any other fop is used that changes pos struct file_operations fops = { ... .readdir = readdir_e, ... +.llseek = default_llseek, /* readdir is present */ }; // use default_llseek if at least one of read/write touches f_pos ///////////////////////////////////////////////////////////////// @ fops2 depends on !fops1 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @ identifier fops0.fops; identifier read.read_f; @@ // read fops use offset struct file_operations fops = { ... .read = read_f, ... +.llseek = default_llseek, /* read accesses f_pos */ }; @ fops3 depends on !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @ identifier fops0.fops; identifier write.write_f; @@ // write fops use offset struct file_operations fops = { ... .write = write_f, ... + .llseek = default_llseek, /* write accesses f_pos */ }; // Use noop_llseek if neither read nor write accesses f_pos /////////////////////////////////////////////////////////// @ fops4 depends on !fops1 && !fops2 && !fops3 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @ identifier fops0.fops; identifier read_no_fpos.read_f; identifier write_no_fpos.write_f; @@ // write fops use offset struct file_operations fops = { ... .write = write_f, .read = read_f, ... +.llseek = noop_llseek, /* read and write both use no f_pos */ }; @ depends on has_write && !has_read && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @ identifier fops0.fops; identifier write_no_fpos.write_f; @@ struct file_operations fops = { ... .write = write_f, ... +.llseek = noop_llseek, /* write uses no f_pos */ }; @ depends on has_read && !has_write && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @ identifier fops0.fops; identifier read_no_fpos.read_f; @@ struct file_operations fops = { ... .read = read_f, ... +.llseek = noop_llseek, /* read uses no f_pos */ }; @ depends on !has_read && !has_write && !fops1 && !fops2 && !has_llseek && !nonseekable1 && !nonseekable2 && !seq @ identifier fops0.fops; @@ struct file_operations fops = { ... +.llseek = noop_llseek, /* no read or write fn */ }; ===== End semantic patch ===== Signed-off-by: Arnd Bergmann <arnd@arndb.de> Cc: Julia Lawall <julia@diku.dk> Cc: Christoph Hellwig <hch@infradead.org>
2010-10-12isdn: hisax: Replace the bogus access to irq statsThomas Gleixner
Abusing irq stats in a driver for counting interrupts is a horrible idea and not safe with shared interrupts. Replace it by a local interrupt counter. Noticed by the attempt to remove the irq stats export. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Ingo Molnar <mingo@elte.hu>
2010-10-11Merge branch 'master' of ↵David S. Miller
master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 Conflicts: net/core/ethtool.c
2010-10-08isdn: strcpy() => strlcpy()Dan Carpenter
setup.phone and setup.eazmsn are 32 character buffers. rcvmsg.msg_data.byte_array is a 48 character buffer. sc_adapter[card]->channel[rcvmsg.phy_link_no - 1].dn is 50 chars. The rcvmsg struct comes from the memcpy_fromio() in receivemessage(). I guess that means it's data off the wire. I'm not very familiar with this code but I don't see any reason to assume these strings are NULL terminated. Also it's weird that "dn" in a 50 character buffer but we only seem to use 32 characters. In drivers/isdn/sc/scioc.h, "dn" is only a 49 character buffer. So potentially there is still an issue there. The important thing for now is to prevent the memory corruption. Signed-off-by: Dan Carpenter <error27@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-06eicon: make buffer largerDan Carpenter
In diva_mnt_add_xdi_adapter() we do this: strcpy (clients[id].drvName, tmp); strcpy (clients[id].Dbg.drvName, tmp); The "clients[id].drvName" is a 128 character buffer and "clients[id].Dbg.drvName" was originally a 16 character buffer but I've changed it to 128 as well. We don't actually use 128 characters but we do use more than 16. I've also changed the size of "tmp" to 128 characters instead of 256. Signed-off-by: Dan Carpenter <error27@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-04isdn: Free irq_data namespaceThomas Gleixner
The irq_data namespace is the preference for the generic irq layer. Rename the union typedef in drivers/isdn/act2000/act2000.h Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Ingo Molnar <mingo@elte.hu>
2010-10-01isdn/gigaset: improve bas_gigaset USB error reportingTilman Schmidt
Rephrase some USB error messages to make them clearer and more consistent. Downgrade some warning messages that may occur during normal operation to debug messages. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-01isdn/gigaset: fix bas_gigaset interrupt read error handlingTilman Schmidt
Rework the handling of USB errors in interrupt input reads to clear halts correctly, delay URB resubmission after errors, limit retries, and improve error recovery. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-01isdn/gigaset: unclog bas_gigaset AT response pipeTilman Schmidt
Recover from a lost HD_RECEIVEATDATA_ACK message by sending a zero-length HD_READ_ATMESSAGE command when ev_layer sends "+++". Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-01isdn/gigaset: try USB reset for bas_gigaset error recoveryTilman Schmidt
In error_reset(), if sending HD_RESET_INTERRUPT_PIPE to the device fails, try performing an USB reset. Also correct an error in the leading comment. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-01isdn/gigaset: bas_gigaset timer cleanupTilman Schmidt
Use setup_timer() and mod_timer() instead of direct assignment to timer structure members, simplify the argument of one timer routine, and make extra sure all timers are stopped during suspend. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-01isdn/gigaset: drop obsolete debug optionTilman Schmidt
Remove the debug flag DEBUG_DRIVER and associated code. It doesn't serve any useful purpose anymore. Signed-off-by: Tilman Schmidt <tilman@imap.cc> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-01isdn/gigaset: correct bas_gigaset rx buffer handlingTilman Schmidt
In transparent data reception, avoid a NULL pointer dereference in case an skbuff cannot be allocated, remove an inappropriate call to the HDLC flush routine, and correct the accounting of received bytes for continued buffers. Signed-off-by: Tilman Schmidt <tilman@imap.cc> CC: stable <stable@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-01isdn/gigaset: fix bas_gigaset AT read error handlingTilman Schmidt
Rework the handling of USB errors in AT response reads to fix a possible infinite retry loop and a memory leak, and silence a few overly verbose kernel messages. Signed-off-by: Tilman Schmidt <tilman@imap.cc> CC: stable <stable@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-10-01isdn/gigaset: bas_gigaset locking fixTilman Schmidt
Unlock cs->lock before calling error_hangup() which is marked "cs->lock must not be held". Signed-off-by: Tilman Schmidt <tilman@imap.cc> CC: stable <stable@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2010-09-29pcmcia: remove obsolete and wrong commentsDominik Brodowski
What's worse than no comment? A wrong comment. Several PCMCIA device drivers contained the same comments, which were based on how the PCMCIA subsystem worked in the old days of 2.4., and which were originally part of a "dummy_cs" driver. These comments no longer matched at all what is happening now, and therefore should be removed. Tested-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
2010-09-29pcmcia: avoid messages on module (un)loadingDominik Brodowski
printk() statements on module load or unload are frowned upon. Also, add a few __init or __exit declarations. Tested-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
2010-09-29pcmcia: move driver name to struct pcmcia_driverDominik Brodowski
Tested-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
2010-09-29pcmcia: remove the "Finally, report what we've done" messageDominik Brodowski
Remove this unnecessary message -- this info is either available in sysfs or by enabling dynamic debug from the PCMCIA core. CC: netdev@vger.kernel.org CC: linux-wireless@vger.kernel.org CC: linux-scsi@vger.kernel.org CC: linux-usb@vger.kernel.org Tested-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
2010-09-29pcmcia: use autoconfiguration feature for ioports and iomemDominik Brodowski
When CONF_AUTO_SET_IO or CONF_AUTO_SET_IOMEM are set, the corresponding fields in struct pcmcia_device *p_dev->resource[0,1,2] are set accordinly. Drivers wishing to override certain settings may do so in the callback function, but they no longer need to parse the CIS entries stored in cistpl_cftable_entry_t themselves. CC: netdev@vger.kernel.org CC: linux-wireless@vger.kernel.org CC: linux-ide@vger.kernel.org CC: linux-usb@vger.kernel.org CC: laforge@gnumonks.org CC: linux-mtd@lists.infradead.org CC: linux-bluetooth@vger.kernel.org CC: alsa-devel@alsa-project.org CC: linux-serial@vger.kernel.org CC: Jiri Kosina <jkosina@suse.cz> CC: linux-scsi@vger.kernel.org Tested-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
2010-09-29pcmcia: introduce autoconfiguration featureDominik Brodowski
Introduce an autoconfiguration feature to set certain values in pcmcia_loop_config(), instead of copying the same code over and over in each PCMCIA driver. At first, introduce the following options: CONF_AUTO_CHECK_VCC check or matching Vcc entry CONF_AUTO_SET_VPP set Vpp CONF_AUTO_AUDIO enable the speaker line CC: netdev@vger.kernel.org CC: linux-wireless@vger.kernel.org CC: linux-ide@vger.kernel.org CC: linux-usb@vger.kernel.org CC: laforge@gnumonks.org CC: linux-mtd@lists.infradead.org CC: alsa-devel@alsa-project.org CC: linux-serial@vger.kernel.org CC: Jiri Kosina <jkosina@suse.cz> CC: linux-scsi@vger.kernel.org Acked-by: Gustavo F. Padovan <padovan@profusion.mobi> (for drivers/bluetooth) Tested-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
2010-09-29pcmcia: convert pcmcia_request_configuration to pcmcia_enable_deviceDominik Brodowski
pcmcia_enable_device() now replaces pcmcia_request_configuration(). Instead of config_req_t, all necessary flags are either passed as a parameter to pcmcia_enable_device(), or (in rare circumstances) set in struct pcmcia_device -> flags. With the last remaining user of include/pcmcia/cs.h gone, remove all references. CC: netdev@vger.kernel.org CC: linux-wireless@vger.kernel.org CC: linux-ide@vger.kernel.org CC: linux-usb@vger.kernel.org CC: laforge@gnumonks.org CC: linux-mtd@lists.infradead.org CC: alsa-devel@alsa-project.org CC: linux-serial@vger.kernel.org CC: Jiri Kosina <jkosina@suse.cz> CC: linux-scsi@vger.kernel.org Acked-by: Gustavo F. Padovan <padovan@profusion.mobi> (for drivers/bluetooth) Tested-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>
2010-09-29pcmcia: move config_{base,index,regs} to struct pcmcia_deviceDominik Brodowski
Several drivers prefer to explicitly set config_{base,index,regs}, formerly known as ConfigBase, ConfigIndex and Present. Instead of passing these values inside config_req_t, store it in struct pcmcia_device. CC: netdev@vger.kernel.org CC: linux-wireless@vger.kernel.org CC: linux-ide@vger.kernel.org CC: linux-usb@vger.kernel.org CC: laforge@gnumonks.org CC: linux-mtd@lists.infradead.org CC: alsa-devel@alsa-project.org CC: linux-serial@vger.kernel.org CC: Jiri Kosina <jkosina@suse.cz> CC: linux-scsi@vger.kernel.org Acked-by: Gustavo F. Padovan <padovan@profusion.mobi> (for drivers/bluetooth) Tested-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net>