13 Jul, 2007
1 commit
-
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
security: unexport mmap_min_addr
SELinux: use SECINITSID_NETMSG instead of SECINITSID_UNLABELED for NetLabel
security: Protection for exploiting null dereference using mmap
SELinux: Use %lu for inode->i_no when printing avc
SELinux: allow preemption between transition permission checks
selinux: introduce schedule points in policydb_destroy()
selinux: add selinuxfs structure for object class discovery
selinux: change sel_make_dir() to specify inode counter.
selinux: rename sel_remove_bools() for more general usage.
selinux: add support for querying object classes and permissions from the running policy
12 Jul, 2007
2 commits
-
Add a new security check on mmap operations to see if the user is attempting
to mmap to low area of the address space. The amount of space protected is
indicated by the new proc tunable /proc/sys/vm/mmap_min_addr and defaults to
0, preserving existing behavior.This patch uses a new SELinux security class "memprotect." Policy already
contains a number of allow rules like a_t self:process * (unconfined_t being
one of them) which mean that putting this check in the process class (its
best current fit) would make it useless as all user processes, which we also
want to protect against, would be allowed. By taking the memprotect name of
the new class it will also make it possible for us to move some of the other
memory protect permissions out of 'process' and into the new class next time
we bump the policy version number (which I also think is a good future idea)Acked-by: Stephen Smalley
Acked-by: Chris Wright
Signed-off-by: Eric Paris
Signed-off-by: James Morris -
sysfs is now completely out of driver/module lifetime game. After
deletion, a sysfs node doesn't access anything outside sysfs proper,
so there's no reason to hold onto the attribute owners. Note that
often the wrong modules were accounted for as owners leading to
accessing removed modules.This patch kills now unnecessary attribute->owner. Note that with
this change, userland holding a sysfs node does not prevent the
backing module from being unloaded.For more info regarding lifetime rule cleanup, please read the
following message.http://article.gmane.org/gmane.linux.kernel/510293
(tweaked by Greg to not delete the field just yet, to make it easier to
merge things properly.)Signed-off-by: Tejun Heo
Cc: Cornelia Huck
Cc: Andrew Morton
Signed-off-by: Greg Kroah-Hartman
10 Jul, 2007
37 commits
-
The name 'pin' was badly chosen, it doesn't pin a pipe buffer
in the most commonly used sense in the kernel. So change the
name to 'confirm', after debating this issue with Hugh
Dickins a bit.A good return from ->confirm() means that the buffer is really
there, and that the contents are good.Signed-off-by: Jens Axboe
-
It cleans up the relay splice implementation a lot, and gets rid of
a lot of internal pipe knowledge that should not be in there.Plus fixes for padding and partial first page (and lots more) from
Tom Zanussi.Signed-off-by: Jens Axboe
-
We need to move even more stuff into the header so that folks can use
the splice_to_pipe() implementation instead of open-coding a lot of
pipe knowledge (see relay implementation), so move to our own header
file finally.Signed-off-by: Jens Axboe
-
Signed-off-by: Jens Axboe
-
add credits for recent major scheduler contributions:
Con Kolivas, for pioneering the fair-scheduling approach
Peter Williams, for smpnice
Mike Galbraith, for interactivity tuning of CFS
Srivatsa Vaddagiri, for group scheduling enhancementsSigned-off-by: Ingo Molnar
-
clean up the sleep_on() APIs:
- do not use fastcall
- replace fragile macro magic with proper inline functionsSigned-off-by: Ingo Molnar
-
4 small style cleanups to sched.c: checkpatch.pl is now happy about
the totality of sched.c [ignoring false positives] - yay! ;-)Signed-off-by: Ingo Molnar
-
do not set softirqs to nice +19. _If_ for whatever reason
we missed to process some high-prio softirq and woke up
ksoftirqd, we should give it a fair chance to actually
get some work done, even if the system is under load.Signed-off-by: Ingo Molnar
-
scheduler debugging core: implement /proc/sched_debug and
/proc//sched files for scheduler debugging.Signed-off-by: Ingo Molnar
-
add CFS debug sysctls: only tweakable if SCHED_DEBUG is enabled.
This allows for faster debugging of scheduler problems.Signed-off-by: Ingo Molnar
-
remove unused rq types from sched.c, now that we switched
over to CFS.Signed-off-by: Ingo Molnar
-
remove now unused interactivity-heuristics related defined and
types of the old scheduler.Signed-off-by: Ingo Molnar
-
clean up include files in sched.c, they were still old-style .
Signed-off-by: Ingo Molnar
-
update delay-accounting to use CFS's precise stats.
Signed-off-by: Ingo Molnar
-
make use of sched-clock-unstable events.
Signed-off-by: Ingo Molnar
-
track TSC-unstable events and propagate it to the scheduler code.
Also allow sched_clock() to be used when the TSC is unstable,
the rq_clock() wrapper creates a reliable clock out of it.Signed-off-by: Ingo Molnar
-
apply the CFS core code.
this change switches over the scheduler core to CFS's modular
design and makes use of kernel/sched_fair/rt/idletask.c to implement
Linux's scheduling policies.thanks to Andrew Morton and Thomas Gleixner for lots of detailed review
feedback and for fixlets.Signed-off-by: Ingo Molnar
Signed-off-by: Mike Galbraith
Signed-off-by: Dmitry Adamushko
Signed-off-by: Srivatsa Vaddagiri -
remove the sleep-bonus interactivity code from the core scheduler.
scheduling policy is implemented in the policy modules, and CFS does
not need such type of heuristics.Signed-off-by: Ingo Molnar
-
remove the expired_starving() heuristics from the core scheduler.
CFS does not need it, and this did not really work well in practice
anyway, due to the rq->nr_running multiplier to STARVATION_LIMIT.Signed-off-by: Ingo Molnar
-
remove the sleep_type heuristics from the core scheduler - scheduling
policy is implemented in the scheduling-policy modules. (and CFS does
not use this type of sleep-type heuristics)Signed-off-by: Ingo Molnar
-
add the new load-calculation methods of CFS.
Signed-off-by: Ingo Molnar
-
clean up: move __normal_prio() in head of normal_prio().
no code changed.
Signed-off-by: Ingo Molnar
-
cleanup: move dequeue/enqueue_task() to a more logical place, to
not split up __normal_prio()/normal_prio().Signed-off-by: Ingo Molnar
-
move resched_task()/resched_cpu() into the 'public interfaces'
section of sched.c, for use by kernel/sched_fair/rt/idletask.cSigned-off-by: Ingo Molnar
-
clean up the rt priority macros, pointed out by Andrew Morton.
Signed-off-by: Ingo Molnar
-
add the set_task_cfs_rq() abstraction needed by CONFIG_FAIR_GROUP_SCHED.
(not activated yet)
Signed-off-by: Ingo Molnar
-
update the posix-cpu-timers code to use CFS's CPU accounting information.
Signed-off-by: Ingo Molnar
-
add rq_clock()/__rq_clock(), a robust wrapper around sched_clock(),
used by CFS. It protects against common type of sched_clock() problems
(caused by hardware): time warps forwards and backwards.Signed-off-by: Ingo Molnar
-
add the CFS rq data types to sched.c.
(the old scheduler fields are still intact, they are removed
by a later patch)Signed-off-by: Ingo Molnar
-
add kernel/sched_idletask.c - which implements the idle thread
scheduling class. This further simplifies sched.c (under CFS),
for example a number of 'if (p == rq->idle)' type of special-cases
can be removed from sched.c, and schedule() gets simpler too.Signed-off-by: Ingo Molnar
-
add kernel/sched_rt.c: SCHED_FIFO/SCHED_RR support. The behavior
and semantics of SCHED_FIFO/SCHED_RR tasks is unchanged.Signed-off-by: Ingo Molnar
-
add kernel/sched_fair.c - which implements the bulk of CFS's
behavioral changes for SCHED_OTHER tasks.see Documentation/sched-design-CFS.txt about details.
Authors:
Ingo Molnar
Dmitry Adamushko
Srivatsa Vaddagiri
Mike GalbraithSigned-off-by: Ingo Molnar
Signed-off-by: Mike Galbraith
Signed-off-by: Dmitry Adamushko
Signed-off-by: Srivatsa Vaddagiri -
create sched_stats.h and move sched.c schedstats code into it.
This cleans up sched.c a bit.no code changes are caused by this patch.
Signed-off-by: Ingo Molnar
-
add the init_idle_bootup_task() callback to the bootup thread,
unused at the moment. (CFS will use it to switch the scheduling
class of the boot thread to the idle class)Signed-off-by: Ingo Molnar
-
remove sched_exit(): the elaborate dance of us trying to recover
timeslices given to child tasks never really worked.CFS does not need it either.
Signed-off-by: Ingo Molnar
-
uninline set_task_cpu(): CFS will add more code to it.
Signed-off-by: Ingo Molnar
-
the SMP load-balancer uses the boot-time migration-cost estimation
code to attempt to improve the quality of balancing. The reason for
this code is that the discrete priority queues do not preserve
the order of scheduling accurately, so the load-balancer skips
tasks that were running on a CPU 'recently'.this code is fundamental fragile: the boot-time migration cost detector
doesnt really work on systems that had large L3 caches, it caused boot
delays on large systems and the whole cache-hot concept made the
balancing code pretty undeterministic as well.(and hey, i wrote most of it, so i can say it out loud that it sucks ;-)
under CFS the same purpose of cache affinity can be achieved without
any special cache-hot special-case: tasks are sorted in the 'timeline'
tree and the SMP balancer picks tasks from the left side of the
tree, thus the most cache-cold task is balanced automatically.Signed-off-by: Ingo Molnar
