02 Feb, 2008
13 commits
-
kernel/audit.c: In function 'audit_log_start':
kernel/audit.c:1133: warning: 'serial' may be used uninitialized in this functionCc: Al Viro
Signed-off-by: Andrew Morton -
Disabling audit at runtime by auditctl doesn't mean that we can
stop allocating contexts for new processes; we don't want to miss them
when that sucker is reenabled.(based on work from Al Viro in the RHEL kernel series)
Signed-off-by: Eric Paris
-
generally clean up audit_receive_msg() don't free random memory if
selinux_sid_to_string fails for some reason. Move generic auditing
to a helper functionSigned-off-by: Eric Paris
-
Some audit messages (namely configuration changes) are still emitted even if
the audit subsystem has been explicitly disabled. This patch turns those
messages off as well.Signed-off-by: Eric Paris
-
execve arguments can be quite large. There is no limit on the number of
arguments and a 4G limit on the size of an argument.this patch prints those aruguments in bite sized pieces. a userspace size
limitation of 8k was discovered so this keeps messages around 7.5ksingle arguments larger than 7.5k in length are split into multiple records
and can be identified as aX[Y]=Signed-off-by: Eric Paris
-
Currently audit drops the audit type when an audit message goes through
printk instead of the audit deamon. This is a minor annoyance in
that the audit type is no longer part of the message and the information
the audit type conveys needs to be carried in, or derived from the
message data.The attached patch includes the type number as part of the printk.
Admittedly it isn't the type name that the audit deamon provides but I
think this is better than dropping the type completely.Signed-pff-by: John Johansen
Signed-off-by: Eric Paris -
If we fail to get an ab in audit_log_pid_context this may be due to an exclude
rule rather than a memory allocation failure. If it was due to a memory
allocation failue we would have already paniced and no need to do it again.Signed-off-by: Eric Paris
-
This patch adds an end of event record type. It will be sent by the kernel as
the last record when a multi-record event is triggered. This will aid realtime
analysis programs since they will now reliably know they have the last record
to complete an event. The audit daemon filters this and will not write it to
disk.Signed-off-by: Steve Grubb
Signed-off-by: Eric Paris -
In order to correlate audit records to an individual login add a session
id. This is incremented every time a user logs in and is included in
almost all messages which currently output the auid. The field is
labeled ses= or oses=Signed-off-by: Eric Paris
-
Add uid, loginuid, and comm collection to OBJ_PID records. This just
gives users a little more information about the task that received a
signal. pid is rather meaningless after the fact, and even though comm
isn't great we can't collect exe reasonably on this code path for
performance reasons.Signed-off-by: Eric Paris
-
The syscall exit code will change ERESTART* kernel internal return codes
to EINTR if it does not restart the syscall. Since we collect the audit
info before that point we should fix those in the audit log as well.Signed-off-by: Eric Paris
-
Keeping loginuid in audit_context is racy and results in messier
code. Taken to task_struct, out of the way of ->audit_context
changes.Signed-off-by: Al Viro
-
all callers pass something->audit_context
Signed-off-by: Al Viro
01 Feb, 2008
27 commits
-
* 'for-linus' of git://git.kernel.dk/linux-2.6-block:
block: kill swap_io_context()
as-iosched: fix inconsistent ioc->lock context
ide-cd: fix leftover data BUG
block: make elevator lib checkpatch compliant
cfq-iosched: make checkpatch compliant
block: make core bits checkpatch compliant
block: new end request handling interface should take unsigned byte counts
unexport add_disk_randomness
block/sunvdc.c:print_version() must be __devinit
splice: always updated atime in direct splice -
It blindly copies everything in the io_context, including the lock.
That doesn't work so well for either lock ordering or lockdep.There seems zero point in swapping io contexts on a request to request
merge, so the best point of action is to just remove it.Signed-off-by: Jens Axboe
-
Fix docbook fatal error (files were renamed):
docproc: linux-2.6.24-git9/arch/ppc/kernel/rio.c: No such file or directorySigned-off-by: Randy Dunlap
Signed-off-by: Linus Torvalds -
Doing a make randconfig I came across this error in the Makefile.
This patch makes a directory out of arch/x86/mach-default for
CONFIG_X86_RDC321XSigned-off-by: Steven Rostedt
Signed-off-by: Linus Torvalds -
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6:
[SPARC64]: Fix inconsistent .section usage in lib/
[SPARC/SPARC64]: Fix usage of .section .sched.text in assembler code. -
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (173 commits)
[NETNS]: Lookup in FIB semantic hashes taking into account the namespace.
[NETNS]: Add a namespace mark to fib_info.
[IPV4]: fib_sync_down rework.
[NETNS]: Process interface address manipulation routines in the namespace.
[IPV4]: Small style cleanup of the error path in rtm_to_ifaddr.
[IPV4]: Fix memory leak on error path during FIB initialization.
[NETFILTER]: Ipv6-related xt_hashlimit compilation fix.
[NET_SCHED]: Add flow classifier
[NET_SCHED]: sch_sfq: make internal queues visible as classes
[NET_SCHED]: sch_sfq: add support for external classifiers
[NET_SCHED]: Constify struct tcf_ext_map
[BLUETOOTH]: Fix bugs in previous conn add/del workqueue changes.
[TCP]: Unexport sysctl_tcp_tso_win_divisor
[IPV4]: Make struct ipv4_devconf static.
[TR] net/802/tr.c: sysctl_tr_rif_timeout static
[XFRM]: Fix statistics.
[XFRM]: Remove unused exports.
[PKT_SCHED] sch_teql.c: Duplicate IFF_BROADCAST in FMASK, remove 2nd.
[BNX2]: Fix ASYM PAUSE advertisement for remote PHY.
[IPV4] route cache: Introduce rt_genid for smooth cache invalidation
... -
[POWERPC] pasemi: Fix thinko in dma_direct_ops setup
The first patch will just fall through and still set dma_data to a bad
value, make it return directly instead.Signed-off-by: Olof Johansson
Acked-by: Michael Ellerman
Signed-off-by: Linus Torvalds -
Remove all the dead timer interrupt checking functions for the ColdFire
CPU "timers" hardware that are not used after switching to GENERIC_TIME.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Switching to GENERIC_TIME means we no longer need the empty timer offset
function for the 68360 CPU.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Remove unused local gettimeofday functions, now that we are using
GENERIC_TIME.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Switch m68knommu arch to using GENERIC_TIME.
Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Switch the ColdFire TIMER timer to use GENERIC_TIME.
Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Switch the ColdFire PIT timer to using GENERIC_TIME.
Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Switch the 68328 CPU timer code to using GENERIC_TIME.
Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Remove unused CONFIG_DISKtel define.
Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Fix problems with the 528x ColdFire CPU cache setup.
Do not cache the flash region (if present), and make the runtime
settings consistent with the init setting.Problems pointed out by Bernd Buttner
Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Use container_of() instead of assuming local uart struct is first member
of uart_port struct.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Remove unused LED heartbeat code from m68knommu timer code.
Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Use IRQF_DISABLED instead of obsolete IRQ_FLG_STD for request_irq() flags
in m68328serial.c driver.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Move the ColdFire DMA address table into its own file, and out
of each of the different CPU config files. No need to have a copy
of it in each of the config setup files.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Modify Makefiles to support separate coldfire platform directory.
Currently the common ColdFire CPU family code sits in the
arch/m68knommu/platform/5307 directory. This is confusing, the files
containing this common code are in no way specific to the 5307 ColdFire.
Create an arch/m68knommu/platform/coldfire directory to contain this
common code. Other m68knommu CPU varients do not need use this code
though, so it doesn't make sense to move it to arch/m68knommu/kernel.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Move common ColdFire CPU vectors.c to common coldfire platform directory.
Currently the common ColdFire CPU family code sits in the
arch/m68knommu/platform/5307 directory. This is confusing, the files
containing this common code are in no way specific to the 5307 ColdFire.
Create an arch/m68knommu/platform/coldfire directory to contain this
common code. Other m68knommu CPU varients do not need use this code
though, so it doesn't make sense to move it to arch/m68knommu/kernel.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Move common ColdFire CPU timers.c to common coldfire platform directory.
Currently the common ColdFire CPU family code sits in the
arch/m68knommu/platform/5307 directory. This is confusing, the files
containing this common code are in no way specific to the 5307 ColdFire.
Create an arch/m68knommu/platform/coldfire directory to contain this
common code. Other m68knommu CPU varients do not need use this code
though, so it doesn't make sense to move it to arch/m68knommu/kernel.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Move common ColdFire CPU pit.c to common coldfire platform directory.
Currently the common ColdFire CPU family code sits in the
arch/m68knommu/platform/5307 directory. This is confusing, the files
containing this common code are in no way specific to the 5307 ColdFire.
Create an arch/m68knommu/platform/coldfire directory to contain this
common code. Other m68knommu CPU varients do not need use this code
though, so it doesn't make sense to move it to arch/m68knommu/kernel.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Move common ColdFire CPU head.S to common coldfire platform directory.
Currently the common ColdFire CPU family code sits in the
arch/m68knommu/platform/5307 directory. This is confusing, the files
containing this common code are in no way specific to the 5307 ColdFire.
Create an arch/m68knommu/platform/coldfire directory to contain this
common code. Other m68knommu CPU varients do not need use this code
though, so it doesn't make sense to move it to arch/m68knommu/kernel.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Move common ColdFire CPU entry.S to common coldfire platform directory.
Currently the common ColdFire CPU family code sits in the
arch/m68knommu/platform/5307 directory. This is confusing, the files
containing this common code are in no way specific to the 5307 ColdFire.
Create an arch/m68knommu/platform/coldfire directory to contain this
common code. Other m68knommu CPU varients do not need use this code
though, so it doesn't make sense to move it to arch/m68knommu/kernel.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds -
Switch to platform style configuration for 5407 ColdFire parts.
Initial support is for the UARTs. DMA support moved to common code
for all ColdFire parts.Signed-off-by: Greg Ungerer
Signed-off-by: Linus Torvalds
