<feed xmlns='http://www.w3.org/2005/Atom'>
<title>kernel/git/stable/linux.git/drivers/net, branch linux-2.6.31.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<id>https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/atom?h=linux-2.6.31.y</id>
<link rel='self' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/atom?h=linux-2.6.31.y'/>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/'/>
<updated>2010-04-01T22:55:54+00:00</updated>
<entry>
<title>airo: fix setting zero length WEP key</title>
<updated>2010-04-01T22:55:54+00:00</updated>
<author>
<name>Stanislaw Gruszka</name>
<email>sgruszka@redhat.com</email>
</author>
<published>2010-02-02T14:34:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=e6abd25776543a369117d0903ccedbc7a324d68f'/>
<id>urn:sha1:e6abd25776543a369117d0903ccedbc7a324d68f</id>
<content type='text'>
commit f09c256375c7cf1e112b8ef6306cdd313490d7c0 upstream.

Patch prevents call set_wep_key() with zero key length. That fix long
standing regression since commit c0380693520b1a1e4f756799a0edc379378b462a
"airo: clean up WEP key operations". Additionally print call trace when
someone will try to use improper parameters, and remove key.len = 0
assignment, because it is in not possible code path.

Reported-by: Chris Siebenmann &lt;cks-rhbugzilla@cs.toronto.edu&gt;
Bisected-by: Chris Siebenmann &lt;cks-rhbugzilla@cs.toronto.edu&gt;
Tested-by: Chris Siebenmann &lt;cks@cs.toronto.edu&gt;
Cc: Dan Williams &lt;dcbw@redhat.com&gt;
Signed-off-by: Stanislaw Gruszka &lt;sgruszka@redhat.com&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>b43: Fix throughput regression</title>
<updated>2010-04-01T22:55:52+00:00</updated>
<author>
<name>Larry Finger</name>
<email>Larry.Finger@lwfinger.net</email>
</author>
<published>2010-02-02T16:08:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=a0a4650a9de3ceab90cd3b0588843886513bae77'/>
<id>urn:sha1:a0a4650a9de3ceab90cd3b0588843886513bae77</id>
<content type='text'>
commit b6c3f5be7c6ac3375f44de4545c1ffe216b34022 upstream.

Commit c7ab5ef9bcd281135c21b4732c9be779585181be entitled "b43: implement
short slot and basic rate handling" reduced the transmit throughput for
my BCM4311 device from 18 Mb/s to 0.7 Mb/s. The basic rate handling
portion is OK, the problem is in the short slot handling.

Prior to this change, the short slot enable/disable routines were never
called. Experimentation showed that the critical part was changing the
value at offset 0x0010 in the shared memory. This is supposed to contain
the 802.11 Slot Time in usec, but if it is changed from its initial value
of zero, performance is destroyed. On the other hand, changing the value
in the MMIO register corresponding to the Interframe Slot Time increased
performance from 18 to 22 Mb/s. A BCM4306/3 also shows dramatic
improvement of the transmit rate from 5.3 to 19.0 Mb/s.

Other changes in the patch include removal of the magic number for the
MMIO register, and allowing the slot time to be set for any PHY operating
in the 2.4 GHz band. Previously, the routine was executed only for G PHYs.

Signed-off-by: Larry Finger &lt;Larry.Finger@lwfinger.net&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>sfc: Fix DMA mapping cleanup in case of an error in TSO</title>
<updated>2010-04-01T22:55:41+00:00</updated>
<author>
<name>Neil Turton</name>
<email>nturton@solarflare.com</email>
</author>
<published>2009-12-23T13:47:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=1f3a1f385336c324df07fdf420637f88bd3c137c'/>
<id>urn:sha1:1f3a1f385336c324df07fdf420637f88bd3c137c</id>
<content type='text'>
commit a7ebd27a13757248863cd61e541af7fa9e7727ee upstream.

We need buffer-&gt;len to remain valid to work out the correct address to
be unmapped.  We therefore need to clear buffer-&gt;len after the unmap
operation.

Signed-off-by: Ben Hutchings &lt;bhutchings@solarflare.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>ath5k: Fix eeprom checksum check for custom sized eeproms</title>
<updated>2010-04-01T22:55:29+00:00</updated>
<author>
<name>Luis R. Rodriguez</name>
<email>lrodriguez@atheros.com</email>
</author>
<published>2010-01-04T15:40:39+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=98e4c05d2401863414cb5183e4d844ad061598ef'/>
<id>urn:sha1:98e4c05d2401863414cb5183e4d844ad061598ef</id>
<content type='text'>
commit 359207c687cc8f4f9845c8dadd0d6dabad44e584 upstream.

Commit 8bf3d79bc401ca417ccf9fc076d3295d1a71dbf5 enabled EEPROM
checksum checks to avoid bogus bug reports but failed to address
updating the code to consider devices with custom EEPROM sizes.
Devices with custom sized EEPROMs have the upper limit size stuffed
in the EEPROM. Use this as the upper limit instead of the static
default size. In case of a checksum error also provide back the
max size and whether or not this was the default size or a custom
one. If the EEPROM is busted we add a failsafe check to ensure
we don't loop forever or try to read bogus areas of hardware.

This closes bug 14874

http://bugzilla.kernel.org/show_bug.cgi?id=14874

Cc: stable@kernel.org
Cc: David Quan &lt;david.quan@atheros.com&gt;
Cc: Stephen Beahm &lt;stephenbeahm@comcast.net&gt;
Reported-by: Joshua Covington &lt;joshuacov@googlemail.com&gt;
Signed-off-by: Luis R. Rodriguez &lt;lrodriguez@atheros.com&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;

</content>
</entry>
<entry>
<title>Revert "rt2x00: Disable powersaving for rt61pci and rt2800pci."</title>
<updated>2010-01-07T15:21:10+00:00</updated>
<author>
<name>Greg Kroah-Hartman</name>
<email>gregkh@suse.de</email>
</author>
<published>2010-01-07T15:21:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=8140e5b46ab0b4cc6d3f7f7efa311b348aff7f1d'/>
<id>urn:sha1:8140e5b46ab0b4cc6d3f7f7efa311b348aff7f1d</id>
<content type='text'>
This reverts commit f1850a5783908f6528c305e321119e7aa6641151.

It broke the build :(

Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;
</content>
</entry>
<entry>
<title>rt2x00: Disable powersaving for rt61pci and rt2800pci.</title>
<updated>2010-01-06T22:26:47+00:00</updated>
<author>
<name>Gertjan van Wingerde</name>
<email>gwingerde@gmail.com</email>
</author>
<published>2009-12-14T19:33:55+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f1850a5783908f6528c305e321119e7aa6641151'/>
<id>urn:sha1:f1850a5783908f6528c305e321119e7aa6641151</id>
<content type='text'>
commit 93b6bd26b74efe46b4579592560f9f1cb7b61994 upstream.

We've had many reports of rt61pci failures with powersaving enabled.
Therefore, as a stop-gap measure, disable powersaving of the rt61pci
until we have found a proper solution.
Also disable powersaving on rt2800pci as it most probably will show
the same problem.

Signed-off-by: Gertjan van Wingerde &lt;gwingerde@gmail.com&gt;
Acked-by: Ivo van Doorn &lt;IvDoorn@gmail.com&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>hostap: Revert a toxic part of the conversion to net_device_ops</title>
<updated>2010-01-06T22:26:38+00:00</updated>
<author>
<name>Martin Decky</name>
<email>martin@decky.cz</email>
</author>
<published>2009-09-10T01:44:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=cebb2ee677ef2016331f14e937811976a95003b3'/>
<id>urn:sha1:cebb2ee677ef2016331f14e937811976a95003b3</id>
<content type='text'>
commit e484c16f6212f7f06407382efa4d3ad214b6c589 upstream.

As the hostap driver was converted to use net_device_ops, a mistake was
made in hostap_main.c (commit 5ae4efbcd2611562a8b93596be034e63495706a5).
Originally, the tx_queue_len was set to 0 for every other interface than
HOSTAP_INTERFACE_MASTER, but the new fragment of code sets tx_queue_len to
0 only for HOSTAP_INTERFACE_MASTER. The opposite of the previous
behavior makes the driver to drop all packets in AP mode.

Change the way 0 is assigned to tx_queue_len according to the original
logic.

Signed-off-by: Martin Decky &lt;martin@decky.cz&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>e100: Fix broken cbs accounting due to missing memset.</title>
<updated>2010-01-06T22:26:37+00:00</updated>
<author>
<name>Roger Oksanen</name>
<email>roger.oksanen@cs.helsinki.fi</email>
</author>
<published>2009-12-19T04:18:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=1bfc1db036675e61af0ea34d3ac18206de566b64'/>
<id>urn:sha1:1bfc1db036675e61af0ea34d3ac18206de566b64</id>
<content type='text'>
commit 70abc8cb90e679d8519721e2761d8366a18212a6 upstream.

Alan Stern noticed that e100 caused slab corruption.
commit 98468efddb101f8a29af974101c17ba513b07be1 changed
the allocation of cbs to use dma pools that don't return zeroed memory,
especially the cb-&gt;status field used to track which cb to clean, causing
(the visible) double freeing of skbs and a wrong free cbs count.

Now the cbs are explicitly zeroed at allocation time.

Reported-by: Alan Stern &lt;stern@rowland.harvard.edu&gt;
Tested-by: Alan Stern &lt;stern@rowland.harvard.edu&gt;
Signed-off-by: Roger Oksanen &lt;roger.oksanen@cs.helsinki.fi&gt;
Acked-by: Jesse Brandeburg &lt;jesse.brandeburg@intel.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>e100: Use pci pool to work around GFP_ATOMIC order 5 memory allocation failure</title>
<updated>2010-01-06T22:26:36+00:00</updated>
<author>
<name>Roger Oksanen</name>
<email>roger.oksanen@cs.helsinki.fi</email>
</author>
<published>2009-11-30T01:17:29+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=550b1d3896894543cc13dafe6910119024177482'/>
<id>urn:sha1:550b1d3896894543cc13dafe6910119024177482</id>
<content type='text'>
commit 98468efddb101f8a29af974101c17ba513b07be1 upstream.

pci_alloc_consistent uses GFP_ATOMIC allocation that may fail on some systems
with limited memory (Bug #14265). pci_pool_alloc allows waiting with
GFP_KERNEL.

Tested-by: Karol Lewandowski &lt;karol.k.lewandowski@gmail.com&gt;
Signed-off-by: Roger Oksanen &lt;roger.oksanen@cs.helsinki.fi&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>Libertas: fix buffer overflow in lbs_get_essid()</title>
<updated>2010-01-06T22:26:27+00:00</updated>
<author>
<name>Daniel Mack</name>
<email>daniel@caiaq.de</email>
</author>
<published>2009-12-16T04:12:58+00:00</published>
<link rel='alternate' type='text/html' href='https://git.rulkc.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=2e6f37a113babaf54f2ef776a549a6440d262de9'/>
<id>urn:sha1:2e6f37a113babaf54f2ef776a549a6440d262de9</id>
<content type='text'>
commit 45b241689179a6065384260242637cf21dabfb2d upstream.

The libertas driver copies the SSID buffer back to the wireless core and
appends a trailing NULL character for termination. This is

a) unnecessary because the buffer is allocated with kzalloc and is hence
   already NULLed when this function is called, and

b) for priv-&gt;curbssparams.ssid_len == 32, it writes back one byte too
   much which causes memory corruptions.

Fix this by removing the extra write.

Signed-off-by: Daniel Mack &lt;daniel@caiaq.de&gt;
Cc: Stephen Hemminger &lt;shemminger@vyatta.com&gt;
Cc: Maithili Hinge &lt;maithili@marvell.com&gt;
Cc: Kiran Divekar &lt;dkiran@marvell.com&gt;
Cc: Michael Hirsch &lt;m.hirsch@raumfeld.com&gt;
Cc: netdev@vger.kernel.org
Cc: libertas-dev@lists.infradead.org
Cc: linux-wireless@lists.infradead.org
Acked-by: Holger Schurig &lt;holgerschurig@gmail.com&gt;
Acked-by: Dan Williams &lt;dcbw@redhat.com&gt;
Signed-off-by: John W. Linville &lt;linville@tuxdriver.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
</feed>
