[PATCH] Fix corruption error in rh_alloc_fixed()

[Kumar Gala]

>
> The problem obviously only affect people that make use of
> rh_alloc_fixed(), which is the case when you program an MCC or a QMC
> controller of the CPM. Without the patch cpm_muram_alloc_fixed()
> succeed when it should not, for example when trying to allocate out of
> range areas or already allocated areas, so it is possible that buffer
> descriptors or other control structures used by other controllers get
> corrupted.
>
> Digging into ooooold Linux (like 2.6.9, I haven't checked before),
> the problem seems to always have been present.
>
> Without this patch I experienced oops (sometimes panic, sometimes not)
> in various unrelated part (probably an indirect result of either
> corruption of rheap management structures or corruption caused by the
> CPM using crazy overwritten data) and also initialization of
> multi-channel control structures putting other communication
> controllers out-of-order.
>
> The only risk I can think off is that it could break some out of tree
> kernel space code which worked because of luck and a double error -  
> for
> example when doing a single DPRam allocation from offset 0 while
> leaving an area reserved at the base of the DPRam. So I think it  
> should
> be put in 2.6.28.

Paul are you planning on picking this up for .28 if not I'll pick it  
up for .29

- k