Commit Graph

26505 Commits

Author SHA1 Message Date
Darrel Goeddel 3dc7e3153e [PATCH] support for context based audit filtering, part 2
This patch provides the ability to filter audit messages based on the
elements of the process' SELinux context (user, role, type, mls sensitivity,
and mls clearance).  It uses the new interfaces from selinux to opaquely
store information related to the selinux context and to filter based on that
information.  It also uses the callback mechanism provided by selinux to
refresh the information when a new policy is loaded.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01 06:09:36 -04:00
Darrel Goeddel 376bd9cb35 [PATCH] support for context based audit filtering
The following patch provides selinux interfaces that will allow the audit
system to perform filtering based on the process context (user, role, type,
sensitivity, and clearance).  These interfaces will allow the selinux
module to perform efficient matches based on lower level selinux constructs,
rather than relying on context retrievals and string comparisons within
the audit module.  It also allows for dominance checks on the mls portion
of the contexts that are impossible with only string comparisons.

Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01 06:06:24 -04:00
Al Viro 97e94c4530 [PATCH] no need to wank with task_lock() and pinning task down in audit_syscall_exit()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01 06:06:21 -04:00
Al Viro 5411be59db [PATCH] drop task argument of audit_syscall_{entry,exit}
... it's always current, and that's a good thing - allows simpler locking.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01 06:06:18 -04:00
Al Viro e495149b17 [PATCH] drop gfp_mask in audit_log_exit()
now we can do that - all callers are process-synchronous and do not hold
any locks.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01 06:06:16 -04:00
Al Viro fa84cb935d [PATCH] move call of audit_free() into do_exit()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01 06:06:13 -04:00
Steve Grubb d6fe3945b4 [PATCH] sockaddr patch
On Thursday 23 March 2006 09:08, John D. Ramsdell wrote:
>  I noticed that a socketcall(bind) and socketcall(connect) event contain a
>  record of type=SOCKADDR, but I cannot see one for a system call event
>  associated with socketcall(accept).  Recording the sockaddr of an accepted
>  socket is important for cross platform information flow analys

Thanks for pointing this out. The following patch should address this.

Signed-off-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01 06:06:10 -04:00
Al Viro 45d9bb0e37 [PATCH] deal with deadlocks in audit_free()
Don't assume that audit_log_exit() et.al. are called for the context of
current; pass task explictly.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01 06:06:07 -04:00
David S. Miller c9f2946fbe [SPARC64]: Disable preemption during flush_tlb_pending().
A context switch will force a call to flush_tlb_pending() (via
switch_to()), so if we test tlb_nr to be non-zero, then sleep, it
would become zero and later back at the original context we'll pass
zero down into the TLB flushing code which should never see a nr
argument of zero.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-30 22:54:27 -07:00
David S. Miller 1241140f51 [SPARC64]: Kill __flush_tlb_page() prototype.
This function no longer exists.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-30 21:40:13 -07:00
Lennert Buytenhek 7d532dd50d ts72xx NAND driver
The TS-72xx is a series of embedded single board computers from
Technologic Systems based on the Cirrus ep93xx (arm920t based) CPU.

The TS-7200 uses NOR flash, while all the other models in the series
(TS-7250, TS-7260) use NAND flash -- included is a driver for the NAND
flash on those boards.

Signed-off-by: Lennert Buytenhek <buytenh@wantstofly.org>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-04-30 21:19:44 +01:00
Jens Axboe 46e678c96b [PATCH] splice: fix bugs with stealing regular pipe pages
- Check that page has suitable count for stealing in the regular pipes.
- pipe_to_file() assumes that the page is locked on succesful steal, so
  do that in the pipe steal hook
- Missing unlock_page() in add_to_page_cache() failure.

Signed-off-by: Jens Axboe <axboe@suse.de>
2006-04-30 16:36:32 +02:00
Michael Chan b276764091 [TG3]: Update version and reldate
Update version to 3.57.

Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 19:01:06 -07:00
Michael Chan f6d9a2565b [TG3]: Fix bug in nvram write
Fix bug in nvram write function. If the starting nvram address offset
happens to be the last dword of the page, the NVRAM_CMD_LAST bit will
not get set in the existing code. This patch fixes the bug by changing
the "else if" to "if" so that the last dword condition always gets
checked.

Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 19:00:24 -07:00
Gary Zambrano 8e7a22e3eb [TG3]: Add reset_phy parameter to chip reset functions
Add a reset_phy parameter to tg3_reset_hw() and tg3_init_hw(). With
the full chip reset during MAC address change, the automatic PHY reset
during chip reset will cause a link down and bonding will not work
properly as a result. With this reset_phy parameter, we can do a chip
reset without link down when changing MAC address or MTU.

Signed-off-by: Gary Zambrano <zambrano@broadcom.com>
Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:59:13 -07:00
Michael Chan 58712ef9f2 [TG3]: Reset chip when changing MAC address
Do the full chip reset when changing MAC address if ASF is enabled.

ASF sometimes uses a different MAC address than the driver. Without
the reset, the ASF MAC address may be overwritten when the driver's
MAC address is changed.

Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:58:01 -07:00
Michael Chan c424cb249d [TG3]: Add phy workaround
Add some PHY workaround code to reduce jitter on some PHYs.

Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:56:34 -07:00
Michael Chan c8e1e82b6a [TG3]: Call netif_carrier_off() during phy reset
Add netif_carrier_off() call during tg3_phy_reset(). This is needed
to properly track the netif_carrier state in cases where we do a
PHY reset with interrupts disabled. The SerDes code will not run
properly if the netif_carrier state is wrong.

Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:55:17 -07:00
YOSHIFUJI Hideaki c302e6d54e [IPV6]: Fix race in route selection.
We eliminated rt6_dflt_lock (to protect default router pointer)
at 2.6.17-rc1, and introduced rt6_select() for general router selection.
The function is called in the context of rt6_lock read-lock held,
but this means, we have some race conditions when we do round-robin.

Signed-off-by; YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:33:22 -07:00
Ingo Molnar e959d8121f [XFRM]: fix incorrect xfrm_policy_afinfo_lock use
xfrm_policy_afinfo_lock can be taken in bh context, at:

 [<c013fe1a>] lockdep_acquire_read+0x54/0x6d
 [<c0f6e024>] _read_lock+0x15/0x22
 [<c0e8fcdb>] xfrm_policy_get_afinfo+0x1a/0x3d
 [<c0e8fd10>] xfrm_decode_session+0x12/0x32
 [<c0e66094>] ip_route_me_harder+0x1c9/0x25b
 [<c0e770d3>] ip_nat_local_fn+0x94/0xad
 [<c0e2bbc8>] nf_iterate+0x2e/0x7a
 [<c0e2bc50>] nf_hook_slow+0x3c/0x9e
 [<c0e3a342>] ip_push_pending_frames+0x2de/0x3a7
 [<c0e53e19>] icmp_push_reply+0x136/0x141
 [<c0e543fb>] icmp_reply+0x118/0x1a0
 [<c0e54581>] icmp_echo+0x44/0x46
 [<c0e53fad>] icmp_rcv+0x111/0x138
 [<c0e36764>] ip_local_deliver+0x150/0x1f9
 [<c0e36be2>] ip_rcv+0x3d5/0x413
 [<c0df760f>] netif_receive_skb+0x337/0x356
 [<c0df76c3>] process_backlog+0x95/0x110
 [<c0df5fe2>] net_rx_action+0xa5/0x16d
 [<c012d8a7>] __do_softirq+0x6f/0xe6
 [<c0105ec2>] do_softirq+0x52/0xb1

this means that all write-locking of xfrm_policy_afinfo_lock must be
bh-safe. This patch fixes xfrm_policy_register_afinfo() and
xfrm_policy_unregister_afinfo().

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:33:21 -07:00
Ingo Molnar f3111502c0 [XFRM]: fix incorrect xfrm_state_afinfo_lock use
xfrm_state_afinfo_lock can be read-locked from bh context, so take it
in a bh-safe manner in xfrm_state_register_afinfo() and
xfrm_state_unregister_afinfo(). Found by the lock validator.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:33:20 -07:00
Hua Zhong 83de47cd0c [TCP]: Fix unlikely usage in tcp_transmit_skb()
The following unlikely should be replaced by likely because the
condition happens every time unless there is a hard error to transmit
a packet.

Signed-off-by: Hua Zhong <hzhong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:33:19 -07:00
Ingo Molnar 8dff7c2970 [XFRM]: fix softirq-unsafe xfrm typemap->lock use
xfrm typemap->lock may be used in softirq context, so all write_lock()
uses must be softirq-safe.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:33:18 -07:00
Herbert Xu a76e07acd0 [IPSEC]: Fix IP ID selection
I was looking through the xfrm input/output code in order to abstract
out the address family specific encapsulation/decapsulation code.  During
that process I found this bug in the IP ID selection code in xfrm4_output.c.

At that point dst is still the xfrm_dst for the current SA which
represents an internal flow as far as the IPsec tunnel is concerned.
Since the IP ID is going to sit on the outside of the encapsulated
packet, we obviously want the external flow which is just dst->child.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:33:16 -07:00
Akinobu Mita da753beaeb [NET]: use hlist_unhashed()
Use hlist_unhashed() rather than accessing inside data structure.

Signed-off-by: Akinobu Mita <mita@miraclelinux.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:33:15 -07:00
Heiko Carstens a536e07787 [IPV4]: inet_init() -> fs_initcall
Convert inet_init to an fs_initcall to make sure its called before any
device driver's initcall.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:33:14 -07:00
Soyoung Park 09493abfdb [NETLINK]: cleanup unused macro in net/netlink/af_netlink.c
1 line removal, of unused macro.
ran 'egrep -r' from linux-2.6.16/ for Nprintk and
didn't see it anywhere else but here, in #define...

Signed-off-by: Soyoung Park <speattle@yahoo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:33:13 -07:00
Stephen Hemminger 89bbb0a361 [PKT_SCHED] netem: fix loss
The following one line fix is needed to make loss function of
netem work right when doing loss on the local host.
Otherwise, higher layers just recover.

Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:33:12 -07:00
Shaun Pereira 43dff98b02 [X25]: fix for spinlock recurse and spinlock lockup with timer handler
When the sk_timer function x25_heartbeat_expiry() is called by the
kernel in a running/terminating process, spinlock-recursion and
spinlock-lockup locks up the kernel.  This has happened with testing
on some distro's and the patch below fixed it.

Signed-off-by: Shaun Pereira <spereira@tusc.com.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-04-29 18:33:11 -07:00
Linus Torvalds e0a515bc6a Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc:
  [PATCH] powerpc: update cell_defconfig
  [PATCH] spufs: Disable local interrupts for SPE hash_page calls.
  [PATCH] powerpc: Add cputable entry for POWER6
  [PATCH] ppc32 CPM_UART: Fixed odd address translations
  [PATCH] ppc32: Update board-specific code of the CPM UART users
  [PATCH] ppc32 CPM_UART: Convert to use platform devices
  [PATCH] ppc32: odd fixes and improvements in ppc_sys
  [PATCH] powerpc: Wire up *at syscalls
  [PATCH] ppc32: add 440GX erratum 440_43 workaround
  [PATCH] powerpc: Use check_legacy_ioport() on ppc32 too.
  [PATCH] powerpc64: Fix loading of modules without a .toc section
  [PATCH] sound/ppc: snd_pmac_toonie_init should be __init
  powerpc/pseries: Tell firmware our capabilities on new machines
  [PATCH] powerpc: Fix pagetable bloat for hugepages
2006-04-29 17:07:03 -07:00
Ralf Baechle 991cef7be2 [PATCH] au1200fb: Remove accidentally duplicated content of au1200fb.c
Content of file au1200fb.c was duplicated. Remove.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: Antonino Daplas <adaplas@pol.net>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-29 17:05:11 -07:00
Linus Torvalds 4661e3eace [SCSI] advansys driver: limp along on x86
Let people enable the advansys driver on x86-32, even though it's broken
on other architectures due to missing DMA mapping infrastructure.

It's used by Jeffrey Phillips Freeman <jeffreyfreeman@syncleus.com> and
possibly others.

Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-29 14:27:13 -07:00
Chuck Ebbert 543f2a3382 [PATCH] i386: fix broken FP exception handling
The FXSAVE information leak patch introduced a bug in FP exception
handling: it clears FP exceptions only when there are already
none outstanding.  Mikael Pettersson reported that causes problems
with the Erlang runtime and has tested this fix.

Signed-off-by: Chuck Ebbert <76306.1226@compuserve.com>
Acked-by: Mikael Pettersson <mikpe@it.uu.se>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-29 14:13:16 -07:00
Daniel Drake fbbc21c6a4 mtd: SC520CDP should depend on MTD_CONCAT
Toralf Förster found a compile error when CONFIG_MTD_SC520CDP=y and
CONFIG_MTD_CONCAT=n:

drivers/built-in.o: In function `init_sc520cdp':
sc520cdp.c:(.init.text+0xb4de): undefined reference to `mtd_concat_create'
drivers/built-in.o: In function `cleanup_sc520cdp':
sc520cdp.c:(.exit.text+0x14bc): undefined reference to `mtd_concat_destroy'

This patch fixes it.

Signed-off-by: Daniel Drake <dsd@gentoo.org>
Signed-off-by: Josh Boyer <jwboyer@gmail.com>
2006-04-29 08:48:55 -05:00
Dmitry Torokhov 8fdc19486f Input: make EVIOCGSND return meaningful data
Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
2006-04-29 01:13:48 -04:00
Dmitry Torokhov 08791e5cf6 Input: ressurect EVIOCGREP and EVIOCSREP
While writing to an event device allows to set repeat rate for an
individual input device there is no way to retrieve current settings
so we need to ressurect EVIOCGREP. Also ressurect EVIOCSREP so we
have a symmetrical interface.

Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
2006-04-29 01:13:21 -04:00
Dmitry Torokhov 89c9b4805a Input: psmouse - fix new device detection logic
Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
2006-04-29 01:12:44 -04:00
Arnd Bergmann 6fb8f3acbe [PATCH] powerpc: update cell_defconfig
reflect the changes to Kconfig since the last update.

Signed-off-by: Arnd Bergmann <arnd.bergmann@de.ibm.com>
Signed-off-by: Paul Mackerras <paulus@samba.org>
2006-04-29 15:11:30 +10:00
Arnd Bergmann f807221ded [PATCH] spufs: Disable local interrupts for SPE hash_page calls.
This patch disables and saves local interrupts during
hash_page processing for SPE contexts.

We have to do it explicitly in the spu_irq_class_1_bottom
function. For the interrupt handlers, we get the behaviour
implicitly by using SA_INTERRUPT to disable interrupts while
in the handler.

Signed-off-by: Arnd Bergmann <arnd.bergmann@de.ibm.com>
Signed-off-by: Paul Mackerras <paulus@samba.org>
2006-04-29 15:11:25 +10:00
Dmitry Torokhov 7b7e394185 Merge rsync://rsync.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6 2006-04-29 01:11:23 -04:00
Anton Blanchard 03054d51a7 [PATCH] powerpc: Add cputable entry for POWER6
Add a cputable entry for the POWER6 processor.

The SIHV and SIPR bits in the mmcra have moved in POWER6, so disable
support for that until oprofile is fixed.

Also tell firmware that we know about POWER6.

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Paul Mackerras <paulus@samba.org>
2006-04-29 10:56:58 +10:00
shin, jacob 693f7d3620 [PATCH] slab: fix crash on __drain_alien_cahce() during CPU Hotplug
transfer_objects should only be called when all of the cpus in the
node are online.  CPU_DEAD notifier callback marks l3->shared to NULL.

Signed-off-by: Jacob Shin <jacob.shin@amd.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-28 09:00:35 -07:00
Antonino A. Daplas 4de0b1ee1b [PATCH] asiliantfb: Add help text in Kconfig
Add help text in Kconfig

Signed-off-by: Antonino Daplas <adaplas@pol.net>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-28 08:33:49 -07:00
Antonino A. Daplas 9587c4bf72 [PATCH] suspend: Documentation update for IBM Thinkpad X30
As reported in Bugzilla Bug 6406, resume from S3 results in a blank screen.

For the IBM Thinkpad X30 using vesafb as the console driver, successful resume
from S3 requires option acpi_sleep=s3_bios,s3_mode.  Update documentation.

I would presume that, in any hardware, using vesafb as the console driver will
require as a minimum s3_mode.

Signed-off-by: Antonino Daplas <adaplas@pol.net>
Cc: <igor47@uchicago.edu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-28 08:33:49 -07:00
Martin Schwidefsky a3266a9304 [PATCH] s390: new system calls
Add sys_set_robust_list, sys_get_robust_list, sys_splice, sys_sync_file and
sys_tee system calls.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-28 08:33:48 -07:00
Horst Hummel 3d05259542 [PATCH] s390: dasd device identifiers
Generate new sysfs-attribute 'uid' that contains an device specific unique
identifier.  This can be used to identity multiple ALIASES of the same
physical device (PAV).  In addition the sysfs-attributes 'vendor' (containing
the manufacturer of the device) and 'alias' (identify alias or base device) is
added.  This is first part of PAV support in LPAR (also valid on zVM).

Signed-off-by: Horst Hummel <horst.hummel@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-28 08:33:48 -07:00
Christian Borntraeger 58268b97f6 [PATCH] s390: add read_mostly optimization
Add a read_mostly section and define __read_mostly to prevent cache line
pollution due to writes for mostly read variables.  In addition fix the
incorrect alignment of the cache_line_aligned data section.  s390 has a
cacheline size of 256 bytes.

Signed-off-by: Christian Borntraeger <cborntra@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-28 08:33:48 -07:00
Heiko Carstens b73d40c617 [PATCH] s390: instruction processing damage handling
In case of an instruction processing damage (IPD) machine check in kernel mode
the resulting action is always to stop the kernel.  This is not necessarily
the best solution since a retry of the failing instruction might succeed.  Add
logic to retry the instruction if no more than 30 instruction processing
damage checks occured in the last 5 minutes.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-28 08:33:48 -07:00
Gerald Schaefer 9b5dec1aa0 [PATCH] s390: segment operation error codes
Print a warning with the z/VM error code if segment_load, segment_type or
segment_save fail to ease the problem determination.

Signed-off-by: Gerald Schaefer <geraldsc@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-28 08:33:48 -07:00
Stefan Bader 2cc924b8ba [PATCH] s390: tape 3590 changes
Added some changes that where proposed by Andrew Morton.  Added 3592 device
type.

Signed-off-by: Stefan Bader <shbader@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-04-28 08:33:48 -07:00