This function has been the source of numerous bugs; it's just
too complicated. Simplified to nest spinlocks cleanly within
the second loop body, and kick out early if there are no
rms to drop.
This will be a little slower because conn lock is grabbed for
each entry instead of "caching" the lock across rms, but this
should be entirely irrelevant to fastpath performance.
Signed-off-by: Andy Grover <andy.grover@oracle.com>
On second look at this bug (OFED #2002), it seems that the
collision is not with the retransmission queue (packet acked
by the peer), but with the local send completion. A theoretical
sequence of events (from time t0 to t3) is thought to be as
follows,
Thread #1
t0:
sock_release
rds_release
rds_send_drop_to /* wait on send completion */
t2:
rds_rdma_drop_keys() /* destroy & free all mrs */
Thread #2
t1:
rds_ib_send_cq_comp_handler
rds_ib_send_unmap_rm
rds_message_unmapped /* wake up #1 @ t0 */
t3:
rds_message_put
rds_message_purge
rds_mr_put /* memory corruption detected */
The problem with the rds_rdma_drop_keys() is it could
remove a mr's refcount more than its due (i.e. repeatedly
as long as it still remains in the tree (mr->r_refcount > 0)).
Theoretically it should remove only one reference - reference
by the tree.
/* Release any MRs associated with this socket */
while ((node = rb_first(&rs->rs_rdma_keys))) {
mr = container_of(node, struct rds_mr, r_rb_node);
if (mr->r_trans == rs->rs_transport)
mr->r_invalidate = 0;
rds_mr_put(mr);
}
I think the correct way of doing it is to remove the mr from
the tree and rds_destroy_mr it first, then a rds_mr_put()
to decrement its reference count by one. Whichever thread
holds the last reference will free the mr via rds_mr_put().
Signed-off-by: Tina Yang <tina.yang@oracle.com>
Signed-off-by: Andy Grover <andy.grover@oracle.com>
in_interrupt() is true in softirqs. The BUG_ONs are supposed
to check for if irqs are disabled, so we should use
BUG_ON(irqs_disabled()) instead, duh.
Signed-off-by: Andy Grover <andy.grover@oracle.com>
The VF has no flash and can only do memory mapped I/O.
Signed-off-by: Greg Rose <gregory.v.rose@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Reduce indentation in a couple of places
Add static function ixgbe_psum
Add temporary for adapter->stats
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Did not add #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
because no printk in this module used message prefixing.
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Whitespace cleanups.
Move inline keyword after function type declarations.
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The ordering of operations was messed up in the init and as a result when
VMDQ was enabled we were trying to enable TX rings before setting the VFTE
bits. This resulted in a ring that appeared to fail to enable when in fact
it was blocked because the VFTE bits were cleared after the reset.
Signed-off-by: Alexander Duyck <alexander.h.duyck@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Blackhole routes are used when xfrm_lookup() returns -EREMOTE (error
triggered by IKE for example), hence this kind of route is always
temporary and so we should check if a better route exists for next
packets.
Bug has been introduced by commit d11a4dc18b.
Signed-off-by: Jianzhao Wang <jianzhao.wang@6wind.com>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch adds NAPI support to the qeth layer 2 and layer 3
discipline. It is important to understand that we can not enable/disable
IRQs as usual, we have to use the corresponding new QDIO interface.
Also to not overdraw the budget we have to stop and restart buffer
processing at any point during processing a bulk of QDIO buffers.
Having the driver NAPI enabled it is possible to turn on GRO for the
layer 3 discipline.
Signed-off-by: Frank Blaschka <frank.blaschka@de.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Since the claw code calls ccwgroup_remove_ccwdev(), we need to make sure
CCWGROUP is enabled when CLAW is enabled. Otherwise we hit fun undefined
references at build time:
ERROR: "ccwgroup_remove_ccwdev" [drivers/s390/net/claw.ko] undefined!
ERROR: "ccwgroup_probe_ccwdev" [drivers/s390/net/claw.ko] undefined!
ERROR: "ccwgroup_driver_register" [drivers/s390/net/claw.ko] undefined!
ERROR: "ccwgroup_driver_unregister" [drivers/s390/net/claw.ko] undefined!
ERROR: "ccwgroup_create_from_string" [drivers/s390/net/claw.ko] undefined!
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Frank Blaschka <frank.blaschka@de.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Format an ipv6 address using vsprintf extensions.
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Frank Blaschka <frank.blaschka@de.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Extend the qdio API to allow polling in the upper-layer driver. This
is needed by qeth to use NAPI.
To use the new interface the upper-layer driver must specify the
queue_start_poll(). This callback is used to signal the upper-layer
driver that is has initiative and must process the inbound queue by
calling qdio_get_next_buffers(). If the upper-layer driver wants to
stop polling it calls qdio_start_irq().
Since adapter interrupts are not completely stoppable qdio implements
a software bit QDIO_QUEUE_IRQS_DISABLED to safely disable interrupts for an
input queue.
The old interface is preserved and will be used as is by zfcp.
Signed-off-by: Jan Glauber <jang@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Frank Blaschka <frank.blaschka@de.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Several users report issues with 32-bit adapters when plugged
into PCI slots in machines with >= 4GB ram. In particular AMD
systems with HyperTransport to PCI bridges seem to trigger the
issue, but it isn't limited to only them.
This issue is not easily reproducible here, yet still continues
to occur in the field. For e1000 on PCI devices, just disable DMA
addresses over the 4GB boundary when in PCI (not PCI-X) mode, to
prevent the issue from continuing to pop up. The performance
impact for this is negligible.
The code was refactored to move the init of the hw struct to its
own function. This allows the init to be called very early in
probe, which then allows using hw-> members for this fix.
A slight refactor to the DMA mask code was done for minor
correctness based on the instructions in DMA-API-HOWTO.
Signed-off-by: Jesse Brandeburg <jesse.brandeburg@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
We use rcu_dereference_check(p, rcu_read_lock_held() ||
lockdep_rtnl_is_held()) several times in network stack.
More usages to come too, so its time to create a helper.
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Cc: Karsten Keil <isdn@linux-pingi.de>
Cc: Tilman Schmidt <tilman@imap.cc>
Cc: netdev@vger.kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
niu_get_ethtool_tcam_all() assumes that its output buffer is the right
size, and warns before returning if it is not. However, the output
buffer size is under user control and ETHTOOL_GRXCLSRLALL is an
unprivileged ethtool command. Therefore this is at least a local
denial-of-service vulnerability.
Change it to check before writing each entry and to return an error if
the buffer is already full.
Compile-tested only.
Signed-off-by: Ben Hutchings <bhutchings@solarflare.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Casts __kernel to __user pointer require __force markup, so add it. Also
sock_get/setsockopt() takes @optval and/or @optlen arguments as user pointers
but were taking kernel pointers, use new variables 'uoptval' and/or 'uoptlen'
to fix it. These remove following warnings from sparse:
net/socket.c:1922:46: warning: cast adds address space to expression (<asn:1>)
net/socket.c:3061:61: warning: incorrect type in argument 4 (different address spaces)
net/socket.c:3061:61: expected char [noderef] <asn:1>*optval
net/socket.c:3061:61: got char *optval
net/socket.c:3061:69: warning: incorrect type in argument 5 (different address spaces)
net/socket.c:3061:69: expected int [noderef] <asn:1>*optlen
net/socket.c:3061:69: got int *optlen
net/socket.c:3063:67: warning: incorrect type in argument 4 (different address spaces)
net/socket.c:3063:67: expected char [noderef] <asn:1>*optval
net/socket.c:3063:67: got char *optval
net/socket.c:3064:45: warning: incorrect type in argument 5 (different address spaces)
net/socket.c:3064:45: expected int [noderef] <asn:1>*optlen
net/socket.c:3064:45: got int *optlen
net/socket.c:3078:61: warning: incorrect type in argument 4 (different address spaces)
net/socket.c:3078:61: expected char [noderef] <asn:1>*optval
net/socket.c:3078:61: got char *optval
net/socket.c:3080:67: warning: incorrect type in argument 4 (different address spaces)
net/socket.c:3080:67: expected char [noderef] <asn:1>*optval
net/socket.c:3080:67: got char *optval
Signed-off-by: Namhyung Kim <namhyung@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch introduces cx82310_eth driver - driver for USB ethernet port of
ADSL routers based on Conexant CX82310 chips. Such routers usually have
ethernet port(s) too which are bridged together with the USB ethernet port,
allowing the USB-connected machine to communicate to the network (and also
internet through the ADSL, of course).
This is my first driver, so please check thoroughly. As there's no protocol
documentation, it was done with usbsnoop dumps from Windows driver, some
parts (the commands) inspired by cxacru driver and also other usbnet drivers.
The driver passed my testing - some real work and also pings sized from 0 to
65507 B.
The only problem I found is the ifconfig error counter. When I return 0 (or 1
but empty skb) from rx_fixup(), usbnet increases the error counter although
it's not an error condition (because packets can cross URB boundaries). Maybe
the usbnet should be fixed to allow rx_fixup() to return empty skbs (or some
other value, e.g. 2)?
The USB ID of my device is 0x0572:0xcb01 which conflicts with some ADSL modems
using cxacru driver (they probably use the same chipset but simpler
firmware). The modems seem to use bDeviceClass 0 and iProduct "ADSL USB
MODEM", my router uses bDeviceClass 255 and iProduct "USB NET CARD". The
driver matches only devices with class 255 and checks for the iProduct string
during init. I already posted a patch for the cxacru driver to ignore these
devices.
Signed-off-by: Ondrej Zary <linux@rainbow-software.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
When there is only one rps_cpus, skb_get_rxhash() can be eliminated.
Signed-off-by: Changli Gao <xiaosuo@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This simple patch copies the current approach for SIOCINQ ioctl() from DCCP
into SCTP so that the userland code working with SCTP can use a similar
interface across different protocols to know how much space to allocate for
a buffer.
Signed-off-by: Diego Elio Pettenò <flameeyes@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
- Do not create expectation when forwarding the PORT
command to avoid blocking the connection. The problem is that
nf_conntrack_ftp.c:help() tries to create the same expectation later in
POST_ROUTING and drops the packet with "dropping packet" message after
failure in nf_ct_expect_related.
- Change ip_vs_update_conntrack to alter the conntrack
for related connections from real server. If we do not alter the reply in
this direction the next packet from client sent to vport 20 comes as NEW
connection. We alter it but may be some collision happens for both
conntracks and the second conntrack gets destroyed immediately. The
connection stucks too.
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
The patch: "gro: fix different skb headrooms" in its part:
"2) allocate a minimal skb for head of frag_list" is buggy. The copied
skb has p->data set at the ip header at the moment, and skb_gro_offset
is the length of ip + tcp headers. So, after the change the length of
mac header is skipped. Later skb_set_mac_header() sets it into the
NET_SKB_PAD area (if it's long enough) and ip header is misaligned at
NET_SKB_PAD + NET_IP_ALIGN offset. There is no reason to assume the
original skb was wrongly allocated, so let's copy it as it was.
bugzilla : https://bugzilla.kernel.org/show_bug.cgi?id=16626
fixes commit: 3d3be4333f
Reported-by: Plamen Petrov <pvp-lsts@fs.uni-ruse.bg>
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
CC: Eric Dumazet <eric.dumazet@gmail.com>
Acked-by: Eric Dumazet <eric.dumazet@gmail.com>
Tested-by: Plamen Petrov <pvp-lsts@fs.uni-ruse.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci-2.6:
PCI: bus speed strings should be const
PCI hotplug: Fix build with CONFIG_ACPI unset
PCI: PCIe: Remove the port driver module exit routine
PCI: PCIe: Move PCIe PME code to the pcie directory
PCI: PCIe: Disable PCIe port services during port initialization
PCI: PCIe: Ask BIOS for control of all native services at once
ACPI/PCI: Negotiate _OSC control bits before requesting them
ACPI/PCI: Do not preserve _OSC control bits returned by a query
ACPI/PCI: Make acpi_pci_query_osc() return control bits
ACPI/PCI: Reorder checks in acpi_pci_osc_control_set()
PCI: PCIe: Introduce commad line switch for disabling port services
PCI: PCIe AER: Introduce pci_aer_available()
x86/PCI: only define pci_domain_nr if PCI and PCI_DOMAINS are set
PCI: provide stub pci_domain_nr function for !CONFIG_PCI configs
* 'for-linus' of git://oss.sgi.com/xfs/xfs:
xfs: Make fiemap work with sparse files
xfs: prevent 32bit overflow in space reservation
xfs: Disallow 32bit project quota id
xfs: improve buffer cache hash scalability
* 'for-linus' of git://neil.brown.name/md:
md: resolve confusion of MD_CHANGE_CLEAN
md: don't clear MD_CHANGE_CLEAN in md_update_sb() for external arrays
Move .gitignore from drivers/md to lib/raid6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu:
percpu: fix a mismatch between code and comment
percpu: fix a memory leak in pcpu_extend_area_map()
percpu: add __percpu notations to UP allocator
percpu: handle __percpu notations in UP accessors
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (26 commits)
pkt_sched: Fix lockdep warning on est_tree_lock in gen_estimator
ipvs: avoid oops for passive FTP
Revert "sky2: don't do GRO on second port"
gro: fix different skb headrooms
bridge: Clear INET control block of SKBs passed into ip_fragment().
3c59x: Remove incorrect locking; correct documented lock hierarchy
sky2: don't do GRO on second port
ipv4: minor fix about RPF in help of Kconfig
xfrm_user: avoid a warning with some compiler
net/sched/sch_hfsc.c: initialize parent's cl_cfmin properly in init_vf()
pxa168_eth: fix a mdiobus leak
net sched: fix kernel leak in act_police
vhost: stop worker only if created
MAINTAINERS: Add ehea driver as Supported
ath9k_hw: fix parsing of HT40 5 GHz CTLs
ath9k_hw: Fix EEPROM uncompress block reading on AR9003
wireless: register wiphy rfkill w/o holding cfg80211_mutex
netlink: Make NETLINK_USERSOCK work again.
irda: Correctly clean up self->ias_obj on irda_bind() failure.
wireless extensions: fix kernel heap content leak
...
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-2.6:
Staging: wlan-ng: Explicitly set some fields in cfg80211 interface
Staging: octeon: depends on NETDEVICES
Staging: spectra: depend on X86_MRST
Staging: zram: free device memory when init fails
Staging: rt2870sta: Add more device IDs from vendor drivers
staging: comedi das08_cs.c: Fix io_req_t conversion
staging: spectra needs <linux/slab.h>
staging: hv: Fixed lockup problem with bounce_buffer scatter list
staging: hv: Increased storvsc ringbuffer and max_io_requests
staging: hv: Fixed the value of the 64bit-hole inside ring buffer
staging: hv: Fixed bounce kmap problem by using correct index
staging: hv: Fix missing functions for net_device_ops
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6:
USB: ftdi_sio: Added custom PIDs for ChamSys products
USB: cdc-acm: Fixing crash when ACM probing interfaces with no endpoint descriptors.
USB: cdc-acm: Add pseudo modem without AT command capabilities
USB: cxacru: Use a bulk/int URB to access the command endpoint
usb: serial: mos7840: Add USB IDs to support more B&B USB/RS485 converters.
USB: cdc-acm: Adding second ACM channel support for various Nokia and one Samsung phones
usb: serial: mos7840: Add USB ID to support the B&B Electronics USOPTL4-2P.
USB: ssu100: turn off debug flag
usb: allow drivers to use allocated bandwidth until unbound
USB: cp210x usb driver: add USB_DEVICE for Pirelli DP-L10 mobile.
USB: cp210x: Add B&G H3000 link cable ID
USB: CP210x Add new device ID
USB: option: fix incorrect novatel entries
USB: Fix kernel oops with g_ether and Windows
USB: rndis: section mismatch fix
USB: ehci-ppc-of: problems in unwind
USB: s3c-hsotg: Remove DEBUG define
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty-2.6:
tty: fix tty_line must not be equal to number of allocated tty pointers in tty driver
serial: bfin_sport_uart: restore transmit frame sync fix
serial: fix port type conflict between NS16550A & U6_16550A
MAINTAINERS: orphan isicom
vt: Fix console corruption on driver hand-over.
* 'linux-next' of git://git.infradead.org/ubi-2.6:
UBI: do not oops when erroneous PEB is scheduled for scrubbing
UBI: fix kconfig unmet dependency
UBI: fix forward compatibility
UBI: eliminate update of list_for_each_entry loop cursor
* 'drm-intel-fixes' of git://anongit.freedesktop.org/~ickle/drm-intel: (25 commits)
intel_agp,i915: Add more sandybridge graphics device ids
drm/i915: Enable MI_FLUSH on Sandybridge
agp/intel: Fix cache control for Sandybridge
agp/intel: use #ifdef idiom for intel-agp.h
agp/intel: fix physical address mask bits for sandybridge
drm/i915: Prevent double dpms on
drm/i915: Avoid use of uninitialised values when disabling panel-fitter
drm/i915: Avoid pageflipping freeze when we miss the flip prepare interrupt
drm/i915: Tightly scope intel_encoder to prevent invalid use
drm/i915: Allocate the PCI resource for the MCHBAR
drm/i915/dp: Really try 5 times before giving up.
drm/i915/sdvo: Restore guess of the DDC bus in absence of VBIOS
drm/i915/dp: Boost timeout for enabling transcoder to 100ms
drm/i915: Re-use set_base_atomic to share setting of the display registers
drm/i915: Fix offset page-flips on i965+
drm/i915: Include a generation number in the device info
i915: return -EFAULT if copy_to_user fails
i915: return -EFAULT if copy_to_user fails
agp/intel: Promote warning about failure to setup flush to error.
drm/i915: overlay on gen2 can't address above 1G
...
* 'drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6:
drm: Do not force 1024x768 modes on unknown connectors
drm/kms: Add a module parameter to disable polling
drm/radeon/kms: fix tv-out on avivo asics
drm/radeon/kms/evergreen: fix gpu hangs in userspace accel code
drm/nv50: initialize ramht_refs list for faked 0 channel
drm/nouveau: Don't take struct_mutex around the pushbuf IOCTL.
drm/nouveau: Take fence spinlock before reading the last sequence.
drm/radeon/kms/evergreen: work around bad data in some i2c tables
drm/radeon/kms: properly set crtc high base on r7xx
drm/radeon/kms: fix tv module parameter
drm/radeon/kms: force legacy pll algo for RV515 LVDS
drm/radeon/kms: remove useless clock code
drm/radeon/kms: fix a regression on r7xx AGP due to the HDP flush fix
drm/radeon/kms: use tracked values for sclk and mclk
It causes all kinds of DMA API debugging assertions and
all straight-forward attempts to fix it have failed.
So turn off SG, and we'll tackle making this work
properly in net-next-2.6
Reported-by: Dave Jones <davej@redhat.com>
Tested-by: Dave Jones <davej@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Actually iterate over the next-hops to make sure we have
a device match. Otherwise RP filtering is always elided
when the route matched has multiple next-hops.
Reported-by: Igor M Podlesny <for.poige@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
We assumed that unix_autobind() never fails if kzalloc() succeeded.
But unix_autobind() allows only 1048576 names. If /proc/sys/fs/file-max is
larger than 1048576 (e.g. systems with more than 10GB of RAM), a local user can
consume all names using fork()/socket()/bind().
If all names are in use, those who call bind() with addr_len == sizeof(short)
or connect()/sendmsg() with setsockopt(SO_PASSCRED) will continue
while (1)
yield();
loop at unix_autobind() till a name becomes available.
This patch adds a loop counter in order to give up after 1048576 attempts.
Calling yield() for once per 256 attempts may not be sufficient when many names
are already in use, for __unix_find_socket_byname() can take long time under
such circumstance. Therefore, this patch also adds cond_resched() call.
Note that currently a local user can consume 2GB of kernel memory if the user
is allowed to create and autobind 1048576 UNIX domain sockets. We should
consider adding some restriction for autobind operation.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch is a simplified version of the original patch from James Courtier-Dutton.
>From: James Courtier-Dutton
>Subject: [PATCH] Fix b44 RX FIFO overflow recovery.
>Date: Wednesday, June 30, 2010 - 1:11 pm
>
>This patch improves the recovery after a RX FIFO overflow on the b44
>Ethernet NIC.
>Before it would do a complete chip reset, resulting is loss of link
>for a few seconds.
>This patch improves this to do recovery in about 20ms without loss of link.
>
>Signed off by: James@superbug.co.uk
Signed-off-by: Mark Lord <mlord@pobox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This is an off by one. We would go past the end when we NUL terminate
the "value" string at end of the function. The "value" buffer is
allocated in irlan_client_parse_response() or
irlan_provider_parse_command().
CC: stable@kernel.org
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This fixes a bug introduced in commit
de84727214
"3c59x: Use fine-grained locks for MII and windowed register access".
vortex_interrupt() holds vp->window_lock over multiple register
accesses to reduce locking overhead. However it also needs to call
vortex_error() sometimes, and that uses the regular functions for
access to windowed registers, which will try to acquire window_lock
again.
Therefore, drop window_lock around the call to vortex_error() and set
the window afterward reacquiring the lock. Since vortex_error() may
call vortex_rx(), which *does* require its caller to hold window_lock,
lift that call up into vortex_interrupt(). This also removes the
potential for calling vortex_rx() on a later-generation NIC.
Reported-and-tested-by: Jens Schüßler <jgs@trash.net> [in Debian's 2.6.32]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>