From: Greg Kroah-Hartman Date: Sat, 26 Apr 2008 00:49:35 +0000 (-0700) Subject: some 2.6.24 patches added X-Git-Tag: v2.6.25.1~19 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=fb623f5fd69d3029a1500152baddda896374564d;p=thirdparty%2Fkernel%2Fstable-queue.git some 2.6.24 patches added --- diff --git a/queue-2.6.24/increase-the-max_burst-threshold-from-3-to-tp-reordering.patch b/queue-2.6.24/increase-the-max_burst-threshold-from-3-to-tp-reordering.patch new file mode 100644 index 00000000000..f2d0af40799 --- /dev/null +++ b/queue-2.6.24/increase-the-max_burst-threshold-from-3-to-tp-reordering.patch @@ -0,0 +1,42 @@ +From 3c0390e1a6d8a5d0cdae57959f0be37a236b474d Mon Sep 17 00:00:00 2001 +From: John Heffner +Date: Fri, 25 Apr 2008 01:43:57 -0700 +Subject: [PATCH] [TCP]: Increase the max_burst threshold from 3 to tp->reordering. + +From: John Heffner + +[ Upstream commit: dd9e0dda66ba38a2ddd1405ac279894260dc5c36 ] + +This change is necessary to allow cwnd to grow during persistent +reordering. Cwnd moderation is applied when in the disorder state +and an ack that fills the hole comes in. If the hole was greater +than 3 packets, but less than tp->reordering, cwnd will shrink when +it should not have. + +Signed-off-by: John Heffner +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman + +--- + include/net/tcp.h | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +--- a/include/net/tcp.h ++++ b/include/net/tcp.h +@@ -775,11 +775,14 @@ extern void tcp_enter_cwr(struct sock *s + extern __u32 tcp_init_cwnd(struct tcp_sock *tp, struct dst_entry *dst); + + /* Slow start with delack produces 3 packets of burst, so that +- * it is safe "de facto". ++ * it is safe "de facto". This will be the default - same as ++ * the default reordering threshold - but if reordering increases, ++ * we must be able to allow cwnd to burst at least this much in order ++ * to not pull it back when holes are filled. + */ + static __inline__ __u32 tcp_max_burst(const struct tcp_sock *tp) + { +- return 3; ++ return tp->reordering; + } + + /* RFC2861 Check whether we are limited by application or congestion window diff --git a/queue-2.6.24/jffs2-fix-free-space-leak-with-in-band-cleanmarkers.patch b/queue-2.6.24/jffs2-fix-free-space-leak-with-in-band-cleanmarkers.patch new file mode 100644 index 00000000000..0d177a39d26 --- /dev/null +++ b/queue-2.6.24/jffs2-fix-free-space-leak-with-in-band-cleanmarkers.patch @@ -0,0 +1,75 @@ +From stable-bounces@linux.kernel.org Wed Apr 23 03:16:00 2008 +From: David Woodhouse +Date: Wed, 23 Apr 2008 11:15:35 +0100 +Subject: JFFS2: Fix free space leak with in-band cleanmarkers +To: stable@kernel.org +Cc: Martin Creutziger , Damir Shayhutdinov , linux-mtd +Message-ID: <1208945735.9212.775.camel@pmac.infradead.org> + +From: David Woodhouse + +We were accounting for the cleanmarker by calling jffs2_link_node_ref() +(without locking!), which adjusted both superblock and per-eraseblock +accounting, subtracting the size of the cleanmarker from {jeb,c}->free_size +and adding it to {jeb,c}->used_size. + +But only _then_ were we adding the size of the newly-erased block back +to the superblock counts, and we were adding each of jeb->{free,used}_size +to the corresponding superblock counts. Thus, the size of the cleanmarker +was effectively subtracted from the superblock's free_size _twice_. + +Fix this, by always adding a full eraseblock size to c->free_size when +we've erased a block. And call jffs2_link_node_ref() under the proper +lock, while we're at it. + +Thanks to Alexander Yurchenko and/or Damir Shayhutdinov for (almost) +pinpointing the problem. + +[Backport of commit 014b164e1392a166fe96e003d2f0e7ad2e2a0bb7] + +Signed-off-by: David Woodhouse +Signed-off-by: Greg Kroah-Hartman + +--- + fs/jffs2/erase.c | 18 ++++++++---------- + 1 file changed, 8 insertions(+), 10 deletions(-) + +--- a/fs/jffs2/erase.c ++++ b/fs/jffs2/erase.c +@@ -419,9 +419,6 @@ static void jffs2_mark_erased_block(stru + if (jffs2_write_nand_cleanmarker(c, jeb)) + goto filebad; + } +- +- /* Everything else got zeroed before the erase */ +- jeb->free_size = c->sector_size; + } else { + + struct kvec vecs[1]; +@@ -449,18 +446,19 @@ static void jffs2_mark_erased_block(stru + + goto filebad; + } +- +- /* Everything else got zeroed before the erase */ +- jeb->free_size = c->sector_size; +- /* FIXME Special case for cleanmarker in empty block */ +- jffs2_link_node_ref(c, jeb, jeb->offset | REF_NORMAL, c->cleanmarker_size, NULL); + } ++ /* Everything else got zeroed before the erase */ ++ jeb->free_size = c->sector_size; + + down(&c->erase_free_sem); + spin_lock(&c->erase_completion_lock); ++ + c->erasing_size -= c->sector_size; +- c->free_size += jeb->free_size; +- c->used_size += jeb->used_size; ++ c->free_size += c->sector_size; ++ ++ /* Account for cleanmarker now, if it's in-band */ ++ if (c->cleanmarker_size && !jffs2_cleanmarker_oob(c)) ++ jffs2_link_node_ref(c, jeb, jeb->offset | REF_NORMAL, c->cleanmarker_size, NULL); + + jffs2_dbg_acct_sanity_check_nolock(c,jeb); + jffs2_dbg_acct_paranoia_check_nolock(c, jeb); diff --git a/queue-2.6.24/series b/queue-2.6.24/series new file mode 100644 index 00000000000..a4ff2e17ddb --- /dev/null +++ b/queue-2.6.24/series @@ -0,0 +1,6 @@ +usb-gadget-queue-usb-usb_cdc_get_encapsulated_response-message.patch +jffs2-fix-free-space-leak-with-in-band-cleanmarkers.patch +increase-the-max_burst-threshold-from-3-to-tp-reordering.patch +usb-remove-broken-usb-serial-num_endpoints-check.patch +v4l-fix-vidiocgap-corruption-in-ivtv.patch +v4l-cx88-enable-radio-gpio-correctly.patch diff --git a/queue-2.6.24/usb-gadget-queue-usb-usb_cdc_get_encapsulated_response-message.patch b/queue-2.6.24/usb-gadget-queue-usb-usb_cdc_get_encapsulated_response-message.patch new file mode 100644 index 00000000000..981587a5ba2 --- /dev/null +++ b/queue-2.6.24/usb-gadget-queue-usb-usb_cdc_get_encapsulated_response-message.patch @@ -0,0 +1,35 @@ +From 41566bcf35a8b23ce4715dadb5acfd1098c1d3e4 Mon Sep 17 00:00:00 2001 +From: Jan Altenberg +Date: Tue, 19 Feb 2008 01:44:50 +0100 +Subject: USB: gadget: queue usb USB_CDC_GET_ENCAPSULATED_RESPONSE message +Message-ID: <48114132.3040307@gmail.com> + +From: Jan Altenberg + +backport of 41566bcf35a8b23ce4715dadb5acfd1098c1d3e4 + +commit 0cf4f2de0a0f4100795f38ef894d4910678c74f8 introduced a bug, which +prevents sending an USB_CDC_GET_ENCAPSULATED_RESPONSE message. This +breaks the RNDIS initialization (especially / only Windoze machines +dislike this behavior...). + +Signed-off-by: Benedikt Spranger +Signed-off-by: Jan Altenberg +Acked-by: David Brownell +Cc: Vernon Sauder +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/usb/gadget/ether.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/drivers/usb/gadget/ether.c ++++ b/drivers/usb/gadget/ether.c +@@ -1561,6 +1561,7 @@ done_set_intf: + memcpy(req->buf, buf, n); + req->complete = rndis_response_complete; + rndis_free_response(dev->rndis_config, buf); ++ value = n; + } + /* else stalls ... spec says to avoid that */ + } diff --git a/queue-2.6.24/usb-remove-broken-usb-serial-num_endpoints-check.patch b/queue-2.6.24/usb-remove-broken-usb-serial-num_endpoints-check.patch new file mode 100644 index 00000000000..29c894418be --- /dev/null +++ b/queue-2.6.24/usb-remove-broken-usb-serial-num_endpoints-check.patch @@ -0,0 +1,46 @@ +From stable-bounces@linux.kernel.org Wed Apr 16 20:05:44 2008 +From: Greg Kroah-Hartman +Date: Thu, 17 Apr 2008 03:05:15 GMT +Subject: USB: remove broken usb-serial num_endpoints check +To: jejb@kernel.org, stable@kernel.org +Message-ID: <200804170305.m3H35F2h025133@hera.kernel.org> + +From: Greg Kroah-Hartman + +commit: 07c3b1a1001614442c665570942a3107a722c314 + +The num_interrupt_in, num_bulk_in, and other checks in the usb-serial +code are just wrong, there are too many different devices out there with +different numbers of endpoints. We need to just be sticking with the +device ids instead of trying to catch this kind of thing. It broke too +many different devices. + +This fixes a large number of usb-serial devices to get them working +properly again. + + +Cc: Oliver Neukum +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/usb/serial/usb-serial.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/drivers/usb/serial/usb-serial.c ++++ b/drivers/usb/serial/usb-serial.c +@@ -844,6 +844,7 @@ int usb_serial_probe(struct usb_interfac + serial->num_interrupt_in = num_interrupt_in; + serial->num_interrupt_out = num_interrupt_out; + ++#if 0 + /* check that the device meets the driver's requirements */ + if ((type->num_interrupt_in != NUM_DONT_CARE && + type->num_interrupt_in != num_interrupt_in) +@@ -857,6 +858,7 @@ int usb_serial_probe(struct usb_interfac + kfree(serial); + return -EIO; + } ++#endif + + /* found all that we need */ + dev_info(&interface->dev, "%s converter detected\n", diff --git a/queue-2.6.24/v4l-cx88-enable-radio-gpio-correctly.patch b/queue-2.6.24/v4l-cx88-enable-radio-gpio-correctly.patch new file mode 100644 index 00000000000..1160501896e --- /dev/null +++ b/queue-2.6.24/v4l-cx88-enable-radio-gpio-correctly.patch @@ -0,0 +1,41 @@ +From stable-bounces@linux.kernel.org Thu Apr 24 17:53:24 2008 +From: Steven Toth +Date: Thu, 24 Apr 2008 20:52:42 -0400 +Subject: V4L: cx88: enable radio GPIO correctly +To: stable@kernel.org +Cc: Steven Toth , v4l-dvb maintainer list , Mauro Carvalho Chehab +Message-ID: <48112B5A.9070106@linuxtv.org> + + +From: Steven Toth + +This patch fixes an issue on the HVR1300, where GPIO is blown away due to +the radio input being undefined, breaking the functionality of the DVB +demodulator and MPEG2 encoder used on the cx8802 mpeg TS port. + +This is a minimal patch for 2.6.26 and the -stable series. This must be +fixed a better way for 2.6.27. + +Signed-off-by: Steven Toth +Signed-off-by: Mauro Carvalho Chehab +Signed-off-by: Michael Krufky +(cherry picked from commit 6b92b3bd7ac91b7e255541f4be9bfd55b12dae41) +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/media/video/cx88/cx88-cards.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/drivers/media/video/cx88/cx88-cards.c ++++ b/drivers/media/video/cx88/cx88-cards.c +@@ -1349,6 +1349,10 @@ static const struct cx88_board cx88_boar + }}, + /* fixme: Add radio support */ + .mpeg = CX88_MPEG_DVB | CX88_MPEG_BLACKBIRD, ++ .radio = { ++ .type = CX88_RADIO, ++ .gpio0 = 0xe780, ++ }, + }, + [CX88_BOARD_ADSTECH_PTV_390] = { + .name = "ADS Tech Instant Video PCI", diff --git a/queue-2.6.24/v4l-fix-vidiocgap-corruption-in-ivtv.patch b/queue-2.6.24/v4l-fix-vidiocgap-corruption-in-ivtv.patch new file mode 100644 index 00000000000..b3d6d5f96ce --- /dev/null +++ b/queue-2.6.24/v4l-fix-vidiocgap-corruption-in-ivtv.patch @@ -0,0 +1,43 @@ +From stable-bounces@linux.kernel.org Thu Apr 24 17:53:04 2008 +From: Alan Cox +Date: Thu, 24 Apr 2008 20:52:26 -0400 +Subject: V4L: Fix VIDIOCGAP corruption in ivtv +To: stable@kernel.org +Cc: Alan Cox , Hans Verkuil , v4l-dvb maintainer list , Mauro Carvalho Chehab +Message-ID: <48112B4A.6080801@linuxtv.org> + + +From: Alan Cox + +Frank Bennett reported that ivtv was causing skype to crash. With help +from one of their developers he showed it was a kernel problem. +VIDIOCGCAP copies a name into a fixed length buffer - ivtv uses names +that are too long and does not truncate them so corrupts a few bytes of +the app data area. + +Possibly the names also want trimming but for now this should fix the +corruption case. + +Signed-off-by: Alan Cox +Signed-off-by: Hans Verkuil +Signed-off-by: Mauro Carvalho Chehab +Signed-off-by: Michael Krufky +(cherry picked from commit d2b213f7b76f187c4391079c7581d3a08b940133) +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/media/video/ivtv/ivtv-ioctl.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/drivers/media/video/ivtv/ivtv-ioctl.c ++++ b/drivers/media/video/ivtv/ivtv-ioctl.c +@@ -727,7 +727,8 @@ int ivtv_v4l2_ioctls(struct ivtv *itv, s + + memset(vcap, 0, sizeof(*vcap)); + strcpy(vcap->driver, IVTV_DRIVER_NAME); /* driver name */ +- strcpy(vcap->card, itv->card_name); /* card type */ ++ strncpy(vcap->card, itv->card_name, ++ sizeof(vcap->card)-1); /* card type */ + strcpy(vcap->bus_info, pci_name(itv->dev)); /* bus info... */ + vcap->version = IVTV_DRIVER_VERSION; /* version */ + vcap->capabilities = itv->v4l2_cap; /* capabilities */