Could you give attached patch a try instead of previous one. It adds gfp mask into cn_netlink_send() call also. If you need updated CBUS sources, feel free to ask, I will send updated sources with Andrew's comments resolved too.
I do not know exactly your connector version, so patch will probably be applied with fuzz. feel free to contact if it does not apply, I will send the whole sources. Thank you. * looking for [EMAIL PROTECTED]/connector--main--0--patch-38 to compare with * comparing to [EMAIL PROTECTED]/connector--main--0--patch-38 M connector.c M connector.h M cbus.c * modified files --- orig/drivers/connector/connector.c +++ mod/drivers/connector/connector.c @@ -70,7 +70,7 @@ * then it is new message. * */ -void cn_netlink_send(struct cn_msg *msg, u32 __groups) +void cn_netlink_send(struct cn_msg *msg, u32 __groups, int gfp_mask) { struct cn_callback_entry *n, *__cbq; unsigned int size; @@ -102,7 +102,7 @@ size = NLMSG_SPACE(sizeof(*msg) + msg->len); - skb = alloc_skb(size, GFP_ATOMIC); + skb = alloc_skb(size, gfp_mask); if (!skb) { printk(KERN_ERR "Failed to allocate new skb with size=%u.\n", size); return; @@ -119,11 +119,11 @@ #endif NETLINK_CB(skb).dst_groups = groups; - - uskb = skb_clone(skb, GFP_ATOMIC); - if (uskb) +#if 0 + uskb = skb_clone(skb, gfp_mask); + if (uskb && 0) netlink_unicast(dev->nls, uskb, 0, 0); - +#endif netlink_broadcast(dev->nls, skb, 0, groups, GFP_ATOMIC); return; @@ -158,7 +158,7 @@ } spin_unlock_bh(&dev->cbdev->queue_lock); - return found; + return (found)?0:-ENODEV; } /* @@ -181,7 +181,6 @@ "requested msg->len=%u[%u], nlh->nlmsg_len=%u, skb->len=%u.\n", msg->len, NLMSG_SPACE(msg->len + sizeof(*msg)), nlh->nlmsg_len, skb->len); - kfree_skb(skb); return -EINVAL; } #if 0 @@ -215,17 +214,18 @@ skb->len, skb->data_len, skb->truesize, skb->protocol, skb_cloned(skb), skb_shared(skb)); #endif - while (skb->len >= NLMSG_SPACE(0)) { + if (skb->len >= NLMSG_SPACE(0)) { nlh = (struct nlmsghdr *)skb->data; + if (nlh->nlmsg_len < sizeof(struct cn_msg) || skb->len < nlh->nlmsg_len || nlh->nlmsg_len > CONNECTOR_MAX_MSG_SIZE) { -#if 0 +#if 1 printk(KERN_INFO "nlmsg_len=%u, sizeof(*nlh)=%u\n", nlh->nlmsg_len, sizeof(*nlh)); #endif kfree_skb(skb); - break; + goto out; } len = NLMSG_ALIGN(nlh->nlmsg_len); @@ -233,22 +233,11 @@ len = skb->len; err = __cn_rx_skb(skb, nlh); - if (err) { -#if 0 - if (err < 0 && (nlh->nlmsg_flags & NLM_F_ACK)) - netlink_ack(skb, nlh, -err); -#endif - break; - } else { -#if 0 - if (nlh->nlmsg_flags & NLM_F_ACK) - netlink_ack(skb, nlh, 0); -#endif - break; - } - skb_pull(skb, len); + if (err < 0) + kfree_skb(skb); } - + +out: kfree_skb(__skb); } @@ -310,7 +299,7 @@ m.ack = notify_event; memcpy(&m.id, id, sizeof(m.id)); - cn_netlink_send(&m, ctl->group); + cn_netlink_send(&m, ctl->group, GFP_ATOMIC); } } spin_unlock_bh(¬ify_lock); --- orig/include/linux/connector.h +++ mod/include/linux/connector.h @@ -148,7 +148,7 @@ int cn_add_callback(struct cb_id *, char *, void (* callback)(void *)); void cn_del_callback(struct cb_id *); -void cn_netlink_send(struct cn_msg *, u32); +void cn_netlink_send(struct cn_msg *, u32, int); int cn_queue_add_callback(struct cn_queue_dev *dev, struct cn_callback *cb); void cn_queue_del_callback(struct cn_queue_dev *dev, struct cb_id *id); -- Evgeniy Polyakov Crash is better than data corruption -- Arthur Grabowski
signature.asc
Description: This is a digitally signed message part