The last eight bytes of the password field were not cleared when doing lanman plaintext password authentication. This patch fixes that.
I tested it with Samba by setting password
encryption to no in the server's smb.conf. Other servers also can be
configured to force plaintext authentication. Note that plaintexti
authentication requires setting /proc/fs/cifs/SecurityFlags to 0x30030
on the client (enabling both LANMAN and also plaintext password support).
Also note that LANMAN support (and thus plaintext password support) requires
CONFIG_CIFS_WEAK_PW_HASH to be enabled in menuconfig.
CC: Jeff Layton <jlayton@redhat.com>
CC: Stable Kernel <stable@vger.kernel.org>
Signed-off-by: Steve French <sfrench@us.ibm.com>
* 'drm-patches' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6:
drm: don't set the signal blocker on the master process.
drm: don't call the vblank tasklet with irqs disabled.
r300: Fix cliprect emit
drm/radeon: r300_cmdbuf: Always emit INDX_BUFFER immediately after DRAW_INDEX
radeon: fix some hard lockups on r3/4/500s
Otherwise, we're leaking the payload memory.
CC: Stable Kernel <stable@vger.kernel.org>
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Here's the patch. It shrinks the stack from 1152 bytes to 192 bytes (the
first version, that only did the e1000_option part, got it down to 600
bytes). About half comes from not using multiple "e1000_option"
structures, the other half comes from turning the "e1000_opt_list[]"
arrays into "static const" instead, so that gcc doesn't copy them onto the
stack.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Reveiewed-by: Auke Kok <auke-jan.h.kok@intel.com>
Tested-by: Emil Tantilov <emil.s.tantilov@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* 'for-linus' of git://git.kernel.dk/linux-2.6-block:
block: remove blk_queue_tag_depth() and blk_queue_tag_queue()
block: remove unused ->busy part of the block queue tag map
bio: fix __bio_copy_iov() handling of bio->bv_len
bio: fix bio_copy_kern() handling of bio->bv_len
block: submit_bh() inadvertently discards barrier flag on a sync write
block: clean up cmdfilter sysfs interface
block: rename blk_scsi_cmd_filter to blk_cmd_filter
sg: restore command permission for TYPE_SCANNER
block: move cmdfilter from gendisk to request_queue
* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mfasheh/ocfs2:
ocfs2: Increment the reference count of an already-active stack.
[PATCH] configfs: Consolidate locking around configfs_detach_prep() in configfs_rmdir()
ocfs2: correctly set i_blocks after inline dir gets expanded
ocfs2: Jump to correct label in ocfs2_expand_inline_dir()
ocfs2: Fix sleep-with-spinlock recovery regression
[PATCH] ocfs2/cluster/netdebug.c: fix warning
[PATCH] ocfs2/cluster/tcp.c: make some functions static
I've been painstakingly debugging the issue with suspend to ram and
ftraced. The 2.6.28 code does not have this issue, but since the mcount
recording is not going to be in 27, this must be solved for the ftrace
daemon version.
The resume from suspend to ram would reboot because it was triple
faulting. Debugging further, I found that calling the mcount function
itself was not an issue, but it would fault when it incremented
preempt_count. preempt_count is on the tasks info structure that is on the
low memory address of the task's stack. For some reason, it could not
write to it. Resuming out of suspend to ram does quite a lot of funny
tricks to get to work, so it is not surprising at all that simply doing a
preempt_disable() would cause a fault.
Thanks to Rafael for suggesting to add a "while (1);" to find the place in
resuming that is causing the fault. I would place the loop somewhere in
the code, compile and reboot and see if it would either reboot (hit the
fault) or simply hang (hit the loop). Doing this over and over again, I
narrowed it down that it was happening in enable_nonboot_cpus.
At this point, I found that it is easier to simply disable tracing around
the suspend code, instead of searching for the particular function that
can not handle doing a preempt_disable.
This patch disables the tracer as it suspends and reenables it on resume.
I tested this patch on my Laptop, and it can resume fine with the patch.
Signed-off-by: Steven Rostedt <srostedt@redhat.com>
Acked-by: Rafael J. Wysocki <rjw@sisk.pl>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This reverts commit 5b6155ee70, because
the block device ioctl's really aren't ready for it.
In particular, the "struct file *" and the "struct inode *" arguments do
not necessarily match, which means that the unlocked version of the
ioctl (that only gets a "struct file *") isn't actually able to handle
the cases it needs to handle.
This fixes bugzilla
http://bugzilla.kernel.org/show_bug.cgi?id=11401
Reported-and-bisected-by: Laurent Riffard <laurent.riffard@free.fr>
Acked-by: Peter Osterlund <petero2@telia.com>
Cc: Alan Cox <alan@redhat.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Jens Axboe <jens.axboe@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Ordinarily, memory holes in flatmem still have a valid memmap and is safe
to use. However, an architecture (ARM) frees up the memmap backing memory
holes on the assumption it is never used. /proc/pagetypeinfo reads the
whole range of pages in a zone believing that the memmap is valid and that
pfn_valid will return false if it is not. On ARM, freeing the memmap breaks
the page->zone linkages even though pfn_valid() returns true and the kernel
can oops shortly afterwards due to accessing a bogus struct zone *.
This patch lets architectures say when FLATMEM can have holes in the
memmap. Rather than an expensive check for valid memory, /proc/pagetypeinfo
will confirm that the page linkages are still valid by checking page->zone
is still the expected zone. The lookup of page_zone is safe as there is a
limited range of memory that is accessed when calling page_zone. Even if
page_zone happens to return the correct zone, the impact is that the counters
in /proc/pagetypeinfo are slightly off but fragmentation monitoring is
unlikely to be relevant on an embedded system.
Reported-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Signed-off-by: Mel Gorman <mel@csn.ul.ie>
Tested-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
This patch changes arm to use the new bcd2bin/bin2bcd functions instead
of the obsolete BCD_TO_BIN/BIN_TO_BCD macros.
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Taken from omap 97b705ad835f1481270c4b67b402d6e37fa8ad15:
ARM: OMAP: Misc compile fixes after syncing with mainline
Also fix 2430 smc91x to use IRQ_LOWLEVEL.
Signed-off-by: Tony Lindgren <tony@atomide.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
OMAP has now a list at vger.
Signed-off-by: Dirk Behme <dirk.behme@gmail.com>
Signed-off-by: Tony Lindgren <tony@atomide.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
There were 2 omitted readb's used on an iomap space. eliminate them
by using ioread8 instead.
Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Cc: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Cc: Jesse Brandeburg <jesse.brandeburg@intel.com>
Cc: Bruce Allan <bruce.w.allan@intel.com>
Cc: PJ Waskiewicz <peter.p.waskiewicz.jr@intel.com>
Cc: John Ronciak <john.ronciak@intel.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
When a preallocated header qdio buffer is filled we have to account
the offset for the data length.
Signed-off-by: Frank Blaschka <frank.blaschka@de.ibm.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
In case the netdev unicast list contains additional entries we have
to register/deregister them.
Signed-off-by: Frank Blaschka <frank.blaschka@de.ibm.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
return value -ENOTSUPP is not valid in userspace context, use
-EOPNOTSUPP instead.
Signed-off-by: Ursula Braun <ursula.braun@de.ibm.com>
Signed-off-by: Frank Blaschka <frank.blaschka@de.ibm.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
We must not call dev_mc_add() from within our HW configure which happens
before we initialize and register the netdev. Do it in open() instead.
Thanks to Sebastian Siewior for tracking it down.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Fix the checksum feature advertised in device flags. The hardware support
TCP/UDP over IPv4 and TCP/UDP over IPv6 (without IPv6 extension headers).
However, the kernel feature flags do not distinguish IPv6 with/without
extension headers.
Therefore, the driver needs to use NETIF_F_IP_CSUM instead of
NETIF_F_HW_CSUM since the latter includes all IPv6 packets.
A future patch can be created to check for extension headers and perform
software checksum calculation.
Signed-off-by: Ayaz Abdulla <aabdulla@nvidia.com>
Cc: Jeff Garzik <jgarzik@pobox.com>
Cc: Manfred Spraul <manfred@colorfullife.com
Cc: <stable@kernel.org> [2.6.25.x, 2.6.26.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Implement set_mac_address for mcs7830. This enables me to use it with my
cable modem.
Signed-off-by: Oliver Martin <oliver.martin@student.tuwien.ac.at>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
This adds USB device IDs for MosChip 7730 and Sitecom LN030
to the mcs7830 driver. The IDs have been reported to work without
further modifications.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: David Brownell <david-b@pacbell.net>
Cc: Viktor Horvath <ViktorHorvath@gmx.net>
Cc: Robbert Wethmar <robbert@wethmar.nl>
Cc: Bart van der Klip <bklip@xs4all.nl>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
This patch fixes a ibmveth bug where bad UDP checksums are being transmitted
when checksum offloading is enabled.
The hypervisor does checksum offloading only on TCP packets, so ibmveth calls
skb_checksum_help() for any other protocol. The bug happens because
the packet is being modified after the DMA map, so we would need a memory
barrier before making the hypervisor call. Reordering the code so that the
DMA map happens after skb_checksum_help() has the additional advantage of
fixing a DMA map leak if skb_checksum_help() where to fail.
Signed-off-by: Santiago Leon <santil@us.ibm.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Fixes dev_kfree_skb happening too many times when hso_start_net_device
is called from hso_resume.
Signed-off-by: Denis Joseph Barrow <D.Barow@option.com>
Cc: Jeff Garzik <jgarzik@pobox.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
The atl1 driver is causing stalled connections and file corruption
whenever TSO is enabled. Two examples are here:
http://lkml.org/lkml/2008/7/15/325http://lkml.org/lkml/2008/8/18/543
Disable TSO by default until we can determine the source of the
problem.
Signed-off-by: Jay Cliburn <jacliburn@bellsouth.net>
cc: stable@kernel.org
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Doesn't cause problems (yet) because err gets zeroed earlier.
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Disable support for device 8086:10E8. Currently the result of loading the
driver with the device present causes system instability.
Signed-off-by: Alexander Duyck <alexander.h.duyck@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
CC [M] drivers/net/skfp/ess.o
drivers/net/skfp/ess.c: In function 'ess_send_response':
drivers/net/skfp/ess.c:513: warning: cast from pointer to integer of different size
drivers/net/skfp/ess.c: In function 'ess_send_alc_req':
drivers/net/skfp/ess.c:609: warning: cast from pointer to integer of different size
drivers/net/skfp/ess.c:639: warning: cast from pointer to integer of different size
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Cc: Jeff Garzik <jeff@garzik.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
The size of the TCP header is miscalculated when the window scale ends
up being 0. Additionally, this can be induced by sending a SYN to a
passive open port with a window scale option with value 0.
Signed-off-by: Philip Love <love_phil@emc.com>
Signed-off-by: Adam Langley <agl@imperialviolet.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Use new qdisc_root_sleeping_lock() instead of qdisc_root_lock() as
sch_tree_lock() because this lock could be used while dev is
deactivated, but we never need to use this with noop_qdisc as a root.
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
While passing a qdisc root lock to gen_new_estimator() and
gen_replace_estimator() dev could be deactivated or even before
grafting proper root qdisc as qdisc_sleeping (e.g. qdisc_create), so
using qdisc_root_lock() is not enough. This patch adds
qdisc_root_sleeping_lock() for this, plus additional checks, where
necessary.
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
These pointers are RCU protected, so proper primitives should be used.
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
LCS recovery dumps in irq routine when CCW address in
Subchannel Status Word (SCSW) is zero. This occurs
when recovery is driven after cable reconnect.
Signed-off-by: Klaus-D. Wacker <kdwacker@de.ibm.com>
Signed-off-by: Ursula Braun <ursula.braun@de.ibm.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Use netdev->ml_priv instead of netdev->priv
Signed-off-by: Peter Tiedemann <ptiedem@de.ibm.com>
Signed-off-by: Ursula Braun <ursula.braun@de.ibm.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Use netdev->ml_priv instead of netdev->priv
Signed-off-by: Peter Tiedemann <ptiedem@de.ibm.com>
Signed-off-by: Ursula Braun <ursula.braun@de.ibm.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
probe_error() frees memory only, if cgdev->dev.driver_data refers
to the claw_privbk structure. Move forward its setting in claw_probe()
to ensure proper freeing of claw_privbk allocations.
Cc: Daniel <danielm77@spray.se>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Ursula Braun <ursula.braun@de.ibm.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
The real_num_tx_queues was not being set when in MSI-X only mode. This patch
corrects that path so all interrupt types are correctly configured.
Signed-off-by: Alexander Duyck <alexander.h.duyck@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
Ethtool -d is reading the EICR and ICR registers which is currently
clearing these registers and masking off interrupts. To prevent this we
read the EICS and ICS equivilents as they can be read without clearing or
masking.
Signed-off-by: Alexander Duyck <alexander.h.duyck@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>