Commit Graph

9653 Commits

Author SHA1 Message Date
David Howells f1a9badcf6 [PATCH] Keys: Add request-key process documentation
The attached patch adds documentation for the process by which request-key
works, including how it permits helper processes to gain access to the
requestor's keyrings.

Signed-Off-By: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-08 14:53:31 -07:00
David Howells 74fd92c511 [PATCH] key: plug request_key_auth memleak
Plug request_key_auth memleak.  This can be triggered by unprivileged
users, so is local DoS.

Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-Off-By: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-08 14:53:31 -07:00
David Vrabel c2059b2e0b [PATCH] yenta: fix build if YENTA && !CARDBUS
(struct pcmcia_socket).tune_bridge only exists if CONFIG_CARDBUS is set
but building yenta_socket without CardBus is valid.

Signed-off-by: David Vrabel <dvrabel@arcom.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-08 14:53:31 -07:00
Oleg Nesterov 788e05a67c [PATCH] fix do_coredump() vs SIGSTOP race
Let's suppose we have 2 threads in thread group:
	A - does coredump
	B - has pending SIGSTOP

thread A						thread B

do_coredump:						get_signal_to_deliver:

  lock(->sighand)
  ->signal->flags = SIGNAL_GROUP_EXIT
  unlock(->sighand)

							lock(->sighand)
							signr = dequeue_signal()
								->signal->flags |= SIGNAL_STOP_DEQUEUED
								return SIGSTOP;

							do_signal_stop:
							    unlock(->sighand)

  coredump_wait:

      zap_threads:
          lock(tasklist_lock)
          send SIGKILL to B
              // signal_wake_up() does nothing
          unlock(tasklist_lock)

							    lock(tasklist_lock)
							    lock(->sighand)
							    re-check sig->flags & SIGNAL_STOP_DEQUEUED, yes
							    set_current_state(TASK_STOPPED);
							    finish_stop:
							        schedule();
							            // ->state == TASK_STOPPED

      wait_for_completion(&startup_done)
         // waits for complete() from B,
         // ->state == TASK_UNINTERRUPTIBLE

We can't wake up 'B' in any way:

	SIGCONT will be ignored because handle_stop_signal() sees
	->signal->flags & SIGNAL_GROUP_EXIT.

	sys_kill(SIGKILL)->__group_complete_signal() will choose
	uninterruptible 'A', so it can't help.

	sys_tkill(B, SIGKILL) will be ignored by specific_send_sig_info()
	because B already has pending SIGKILL.

This scenario is not possbile if 'A' does do_group_exit(), because
it sets sig->flags = SIGNAL_GROUP_EXIT and delivers SIGKILL to
subthreads atomically, holding both tasklist_lock and sighand->lock.
That means that do_signal_stop() will notice !SIGNAL_STOP_DEQUEUED
after re-locking ->sighand. And it is not possible to any other
thread to re-add SIGNAL_STOP_DEQUEUED later, because dequeue_signal()
can only return SIGKILL.

I think it is better to change do_coredump() to do sigaddset(SIGKILL)
and signal_wake_up() under sighand->lock, but this patch is much
simpler.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-08 14:53:31 -07:00
Linus Torvalds 8298411468 Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
The nameidata "last.name" is always allocated with "__getname()", and
should always be free'd with "__putname()".

Using "putname()" without the underscores will leak memory, because the
allocation will have been hidden from the AUDITSYSCALL code.

Arguably the real bug is that the AUDITSYSCALL code is really broken,
but in the meantime this fixes the problem people see.

Reported by Robert Derr, patch by Rick Lindsley.

Acked-by: Al Viro <viro@ftp.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-06 21:54:21 -07:00
Linus Torvalds edb4a3534a Merge branch 'release' of master.kernel.org:/pub/scm/linux/kernel/git/aegl/linux-2.6 2005-10-06 15:37:09 -07:00
Bryan Sutula 76e677e25d [IA64] Avoid kernel hang during CMC interrupt storm
I've noticed a kernel hang during a storm of CMC interrupts, which was
tracked down to the continual execution of the interrupt handler.

There's code in the CMC handler that's supposed to disable CMC
interrupts and switch to polling mode when it sees a bunch of CMCs.
Because disabling CMCs across all CPUs isn't safe in interrupt context,
the disable is done with a schedule_work().  But with continual CMC
interrupts, the schedule_work() never gets executed.

The following patch immediately disables CMC interrupts for the current
CPU.  This then allows (at least) one CPU to ignore CMC interrupts,
execute the schedule_work() code, and disable CMC interrupts on the rest
of the CPUs.

Acked-by: Keith Owens <kaos@sgi.com>
Signed-off-by: Bryan Sutula <Bryan.Sutula@hp.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
2005-10-06 15:04:11 -07:00
Linus Torvalds b954cbcb1a Merge master.kernel.org:/home/rmk/linux-2.6-ucb 2005-10-06 15:01:11 -07:00
Linus Torvalds 5cd9a60cc6 Merge master.kernel.org:/home/rmk/linux-2.6-arm 2005-10-06 15:00:53 -07:00
Linus Torvalds 9aec247d3b Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2005-10-06 14:16:19 -07:00
Linus Torvalds dce32c781b Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6 2005-10-06 14:16:07 -07:00
Russell King a448a28589 [MFD] Fix gcc4 build errors in ucb1x00-core.c
drivers/mfd/ucb1x00-core.c:555: error: static declaration of 'ucb1x00_class' follows non-static declaration
drivers/mfd/ucb1x00.h:109: error: previous declaration of 'ucb1x00_class' was here

Since ucb1x00_class isn't used by anything, remove the extern
declaration and the symbol export.

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-06 13:09:42 +01:00
David S. Miller 9ad98c5b44 [SPARC64]: Fix initrd when net booting.
By allocating early memory for the firmware page tables, we
can write over the beginning of the initrd image.

So what we do now is:

1) Read in firmware translations table while still on the
   firmware's trap table.
2) Switch to Linux trap table.
3) Init bootmem.
4) Build firmware page tables using __alloc_bootmem().

And this keeps the initrd from being clobbered.

Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 15:12:00 -07:00
Catalin Marinas e03eb5272b [ARM] 2954/1: Allow D and I cache and branch prediction disabling for ARMv6
Patch from Catalin Marinas

There is no reason to not allow these config options. They are useful when
the hardware has problems.

Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-05 23:06:36 +01:00
Martin Habets 782c3fd470 [SPARC]: Remove some duplicated sparc32 config items
Remove some duplicated items due to the inclusion of the general
drivers/Kconfig file. These are now taken from drivers/char/Kconfig,
and can be turned off there as well (which is desirable sometimes).

Signed-off-by: Martin Habets <errandir_news@mph.eclipse.co.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:21:36 -07:00
Ralf Baechle 3a867b36c3 [AX.25]: Fix packet socket crash
Since changeset 98a82febb6 AX.25 is passing
received IP and ARP packets to the stack through netif_rx() but we don't
set the skb->mac.raw to right value which may result in a crash with
applications that use a packet socket.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:16:04 -07:00
Herbert Xu 77d8d7a684 [IPSEC]: Document that policy direction is derived from the index.
Here is a patch that adds a helper called xfrm_policy_id2dir to
document the fact that the policy direction can be and is derived
from the index.

This is based on a patch by YOSHIFUJI Hideaki and 210313105@suda.edu.cn.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:15:12 -07:00
YOSHIFUJI Hideaki 140e26fcd5 [IPV6]: Fix NS handing for proxy/anycast address
Timer set up by pneigh_enqueue() ended up calling ndisc_rcv()
via pndisc_redo(), which clears LOCALLY_ENQUEUED flag in
NEIGH_CB(skb) and NS was queued again.
Let's call ndisc_recv_ns() directly to avoid the loop.

Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:11:41 -07:00
Stephen Hemminger 42a39450f8 [TCP]: BIC coding bug in Linux 2.6.13
Missing parenthesis in causes BIC to be slow in increasing congestion
window.

Spotted by Injong Rhee.

Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:09:31 -07:00
Yan Zheng fab10fe37a [MCAST] ipv6: Fix address size in grec_size
Signed-Off-By: Yan Zheng <yanzheng@21cn.com>
Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Acked-by: David L Stevens <dlstevens@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-05 12:08:13 -07:00
Dave Jones c0758146ad [PATCH] Fix drm 'debug' sysfs permissions
Just enables some extra printk's, but still..  Only the sysadmin should
be able to do that.

Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-05 07:38:28 -07:00
Benjamin Herrenschmidt 23cb8c297e [PATCH] ppc: Fix timekeeping with HZ=250 on some Mac models
Older Macs which uses the VIA chip timers to calibrate the timebase used
some code that wouldn't work if HZ wasn't divisible by 100...

This fixes it at least for 250.  Not totally perfect but should be
enough for now (so it at least works with the default value which is now
250).

There is still a potential issue with the core using CLOCK_TICK_RATE to
maintain xtime and CLOCK_TICK_RATE value on ppc32 is pure crap, but that
is a different problem, this patch at least brings us back to our
previous situation.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-05 07:33:42 -07:00
Al Viro 329d4dd72e [PATCH] fix the breakage in sparc headers
If we switch extern inline to static inline, we'd better switch the
pre-declarations we use to say that these puppies have
__attribute_const__ on them.

Otherwise we get extern declaration followed by static inline one.
Which makes gcc unhappy, and for a good reason...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-05 07:33:42 -07:00
Randy Dunlap 83fa3400eb [XFRM]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in xfrm code:
net/xfrm/xfrm_policy.c:232:47: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:45:35 -07:00
Randy Dunlap 3d2aef6689 [TEXTSEARCH]: fix sparse gfp nocast warnings
Fix nocast sparse warnings:
include/linux/textsearch.h:165:57: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:45:14 -07:00
Randy Dunlap dd13a285b7 [RPC]: fix sparse gfp nocast warnings
Fix nocast sparse warnings:
net/rxrpc/call.c:2013:25: warning: implicit cast to nocast type
net/rxrpc/connection.c:538:46: warning: implicit cast to nocast type
net/sunrpc/sched.c:730:36: warning: implicit cast to nocast type
net/sunrpc/sched.c:734:56: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:44:45 -07:00
Randy Dunlap 00fa023345 [AF_KEY]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in net/key code:
net/key/af_key.c:195:27: warning: implicit cast to nocast type
net/key/af_key.c:1439:28: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:43:04 -07:00
Randy Dunlap c6f4fafccf [NETFILTER]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in nfnetlink code:
net/netfilter/nfnetlink.c:204:43: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:42:42 -07:00
Randy Dunlap 8eea00a44d [IPVS]: fix sparse gfp nocast warnings
From: Randy Dunlap <rdunlap@xenotime.net>

Fix implicit nocast warnings in ip_vs code:
net/ipv4/ipvs/ip_vs_app.c:631:54: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:42:15 -07:00
Randy Dunlap f4a19a56e3 [DECNET]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in decnet code:
net/decnet/af_decnet.c:458:40: warning: implicit cast to nocast type
net/decnet/dn_nsp_out.c:125:35: warning: implicit cast to nocast type
net/decnet/dn_nsp_out.c:219:29: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:41:48 -07:00
Randy Dunlap 17b6988563 [CONNECTOR]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in connector code:
drivers/connector/connector.c:102:24: warning: implicit cast to nocast type
drivers/connector/connector.c:114:45: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:41:16 -07:00
Randy Dunlap de54f3907d [BONDING]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in bonding code:
drivers/net/bonding/bond_main.c:1302:49: warning: implicit cast to nocast type

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:39:41 -07:00
Randy Dunlap 7b5b3f3d82 [ATM]: fix sparse gfp nocast warnings
Fix implicit nocast warnings in atm code:
net/atm/atm_misc.c:35:44: warning: implicit cast to nocast type
drivers/atm/fore200e.c:183:33: warning: implicit cast to nocast type

Also use kzalloc() instead of kmalloc().

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 22:38:44 -07:00
Pavel Roskin 9bc39bec87 [PATCH] orinoco: Information leakage due to incorrect padding
The orinoco driver can send uninitialized data exposing random pieces of
the system memory.  This happens because data is not padded with zeroes
when its length needs to be increased.

Reported by Meder Kydyraliev <meder@o0o.nu>

Signed-off-by: Pavel Roskin <proski@gnu.org>
Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
2005-10-04 23:37:21 -04:00
Linus Torvalds bb77c03cf4 Merge branch 'for-linus' of master.kernel.org:/pub/scm/linux/kernel/git/roland/infiniband 2005-10-04 16:55:43 -07:00
Deepak Saxena ce12467d44 [PATCH] Fix broken IXP4xx GPIO macro
Macro ended up backwards during one of cleanups. Found by Alessandro Zummo.

Signed-off-by: Deepak Saxena <dsaxena@plexity.net>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 16:41:48 -07:00
Horst H. von Brand a5181ab06d [NETFILTER]: Fix Kconfig typo
Signed-off-by: Horst H. von Brand <vonbrand@inf.utfsm.cl>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 15:58:56 -07:00
Linus Torvalds 50165d8b1d Merge master.kernel.org:/home/rmk/linux-2.6-arm 2005-10-04 15:57:53 -07:00
Andi Kleen 944d2647dd [PATCH] x86_64: Drop global bit from early low mappings
Drop global bit from early low mappings

Suggested by Linus, originally also proposed by Suresh.

This fixes a race condition with early start of udev, originally
tracked down by Suresh B. Siddha. The problem was that switching
to the user space VM would not clear the global low mappings
for the beginning of memory, which lead to memory corruption.

Drop the global bits.

The kernel mapping stays global because it should stay constant.

Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 15:56:52 -07:00
Eric Dumazet 6d2553612f [INET]: Shrink struct inet_ehash_bucket on 32 bits UP
No need to align struct inet_ehash_bucket on a 8 bytes boundary.

On 32 bits Uniprocessor, that's a waste of 4 bytes per struct (50 %)

On other platforms, the attribute is useless, natual alignement is already 8.

platform     | Size before | Size after patch
-------------+-------------+------------------
32 bits, UP  |         8   |     4
32 bits, SMP |         8   |     8
64 bits, UP  |         8   |     8
64 bits, SMP |        16   |    16

Signed-off-by: Eric Dumazet <dada1@cosmosbay.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 15:55:51 -07:00
David S. Miller 0835ae0f27 [SPARC64]: Replace cheetah+ code patching with variables.
Instead of code patching to handle the page size fields in
the context registers, just use variables from which we get
the proper values.

Signed-off-by: David S. Miller <davem@davemloft.net>
2005-10-04 15:23:20 -07:00
Nicolas Pitre c2f480869f [ARM] 2952/1: fix a register clobber list
Patch from Nicolas Pitre

If gcc decides to assign lr to %0 we're screwed.

Signed-off-by: Nicolas Pitre <nico@cam.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-04 23:17:53 +01:00
Nicolas Pitre 74f8849496 [ARM] 2951/1: fix wrong comment
Patch from Nicolas Pitre

The cmpxchg emulation syscall needs write access.

Signed-off-by: Nicolas Pitre <nico@cam.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-04 23:17:52 +01:00
Sascha Hauer 0a5b0aa8a3 [ARM] 2950/1: i.MX gpio setup function
Patch from Sascha Hauer

Current implementation of imx_gpio_mode does not allow to
configure all alternate routing possibilities of the i.MX. With
this patch every bit in the gpio setup registers has a
corresponding bit in the gpio_mode parameter, so every routing
should be possible now.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-04 23:17:52 +01:00
Sascha Hauer d78795b693 [ARM] 2949/1: Hynix h720x Run mode
Patch from Sascha Hauer

After coming out of idle mode the h720x goes into slow mode. Switch
it back to run mode.

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2005-10-04 23:17:51 +01:00
Linus Torvalds f6e63cfb5c Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2005-10-04 13:55:22 -07:00
Allan Graves fad1c45c93 [PATCH] uml: Fix sysrq-r support for skas mode
The old code had the IP and SP coming from the registers in the thread
struct, which are completely wrong since those are the userspace
registers.  This fixes that by pulling the correct values from the
jmp_buf in which the kernel state of each thread is stored.

Signed-off-by: Allan Graves <allan.graves@oracle.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 13:22:01 -07:00
Jeff Dike 71dc036247 [PATCH] UML - Fix Al's build tidying
Al's build tidying missed one bit from me - without this UML doesn't boot.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Acked-by: Al Viro <viro@ftp.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 13:22:01 -07:00
Al Viro c2b513dfbb [PATCH] bfs iget() abuses
bfs_fill_super() walks the inode table to get the bitmap of free inodes
and collect stats.  It has no business using iget() for that - it's a
lot of extra work, extra icache pollution and more complex code.
Switched to walking the damn thing directly.

Note: that also allows to kill ->i_dsk_ino in there - separate patch if
Tigran can confirm that this field can be zero only for deleted inodes
(i.e.  something that could only be found during that scan and not by
normal lookups).

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 13:22:01 -07:00
Alexey Dobriyan ce0fe7e70a [PATCH] bfs endianness annotations
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-10-04 13:22:01 -07:00