17 Oct, 2007
40 commits
-
Andrew Morton wrote:
From: mhalcrow@us.ibm.com
> > +/**
> > + * decrypt_passphrase_encrypted_session_key - Decrypt the session key
> > + * with the given auth_tok.
> > *
> > * Returns Zero on success; non-zero error otherwise.
> > */
>
> That comment purports to be a kerneldoc-style comment. But
>
> - kerneldoc doesn't support multiple lines on the introductory line
> which identifies the name of the function (alas). So you'll need to
> overflow 80 cols here.
>
> - the function args weren't documented
>
> But the return value is! People regularly forget to do that. And
> they frequently forget to document the locking prerequisites and the
> permissible calling contexts (process/might_sleep/hardirq, etc)
>
> (please check all ecryptfs kerneldoc for this stuff sometime)This patch cleans up some of the existing comments and makes a couple
of line break tweaks. There is more work to do to bring eCryptfs into
full kerneldoc-compliance.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Andrew Morton wrote:
> > +struct ecryptfs_global_auth_tok {
> > +#define ECRYPTFS_AUTH_TOK_INVALID 0x00000001
> > + u32 flags;
> > + struct list_head mount_crypt_stat_list;
> > + struct key *global_auth_tok_key;
> > + struct ecryptfs_auth_tok *global_auth_tok;
> > + unsigned char sig[ECRYPTFS_SIG_SIZE_HEX + 1];
> > +};
> > +
> > +struct ecryptfs_key_tfm {
> > + struct crypto_blkcipher *key_tfm;
> > + size_t key_size;
> > + struct mutex key_tfm_mutex;
> > + struct list_head key_tfm_list;
> > + unsigned char cipher_name[ECRYPTFS_MAX_CIPHER_NAME_SIZE + 1];
> > +};
>
> Please consider commenting your struct fields carefully: it's a
> great way to help other to understand your code.Add some comments to the ecryptfs_global_auth_tok and ecryptfs_key_tfm
structs to make their functions more easily ascertained.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Andrew Morton wrote:
> > +int ecryptfs_destruct_crypto(void)
>
> ecryptfs_destroy_crypto would be more grammatically correct ;)Grammatical fix for some function names.
Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Andrew Morton wrote:
> > + crypt_stat->flags |= ECRYPTFS_ENCRYPTED;
> > + crypt_stat->flags |= ECRYPTFS_KEY_VALID;
>
> Maybe the compiler can optimise those two statements, but we'd
> normally provide it with some manual help.This patch provides the compiler with some manual help for
optimizing the setting of some flags.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Andrew Morton wrote:
> > + mutex_lock(&mount_crypt_stat->global_auth_tok_list_mutex);
> > + BUG_ON(mount_crypt_stat->num_global_auth_toks == 0);
> > + mutex_unlock(&mount_crypt_stat->global_auth_tok_list_mutex);
>
> That's odd-looking. If it was a bug for num_global_auth_toks to be
> zero, and if that mutex protects num_global_auth_toks then as soon
> as the lock gets dropped, another thread can make
> num_global_auth_toks zero, hence the bug is present. Perhaps?That was serving as an internal sanity check that should not have made
it into the final patch set in the first place. This patch removes it.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
fs/ecryptfs/keystore.c: In function 'parse_tag_1_packet':
fs/ecryptfs/keystore.c:557: warning: format '%d' expects type 'int', but argument 2 has type 'size_t'
fs/ecryptfs/keystore.c: In function 'parse_tag_3_packet':
fs/ecryptfs/keystore.c:690: warning: format '%d' expects type 'int', but argument 2 has type 'size_t'
fs/ecryptfs/keystore.c: In function 'parse_tag_11_packet':
fs/ecryptfs/keystore.c:836: warning: format '%d' expects type 'int', but argument 2 has type 'size_t'
fs/ecryptfs/keystore.c: In function 'write_tag_1_packet':
fs/ecryptfs/keystore.c:1413: warning: format '%d' expects type 'int', but argument 2 has type 'size_t'
fs/ecryptfs/keystore.c:1413: warning: format '%d' expects type 'int', but argument 3 has type 'long unsigned int'
fs/ecryptfs/keystore.c: In function 'write_tag_11_packet':
fs/ecryptfs/keystore.c:1472: warning: format '%d' expects type 'int', but argument 2 has type 'size_t'
fs/ecryptfs/keystore.c: In function 'write_tag_3_packet':
fs/ecryptfs/keystore.c:1663: warning: format '%d' expects type 'int', but argument 2 has type 'size_t'
fs/ecryptfs/keystore.c:1663: warning: format '%d' expects type 'int', but argument 3 has type 'long unsigned int'
fs/ecryptfs/keystore.c: In function 'ecryptfs_generate_key_packet_set':
fs/ecryptfs/keystore.c:1778: warning: passing argument 2 of 'write_tag_11_packet' from incompatible pointer type
fs/ecryptfs/main.c: In function 'ecryptfs_parse_options':
fs/ecryptfs/main.c:363: warning: format '%d' expects type 'int', but argument 3 has type 'size_t'Cc: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Trivial updates to comment and debug statement.
Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Fix up the Tag 11 writing code to handle size limits and boundaries more
explicitly. It looks like the packet length was 1 shorter than it should have
been, chopping off the last byte of the key identifier. This is largely
inconsequential, since it is not much more likely that a key identifier
collision will occur with 7 bytes rather than 8. This patch fixes the packet
to use the full number of bytes that were originally intended to be used for
the key identifier.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Fix up the Tag 11 parsing code to handle size limits and boundaries more
explicitly. Pay attention to *8* bytes for the key identifier (literal data),
no more, no less.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Fix up the Tag 3 parsing code to handle size limits and boundaries more
explicitly.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Fix up the Tag 1 parsing code to handle size limits and boundaries more
explicitly. Initialize the new auth_tok's flags.Signed-off-by: Michael Halcrow
Cc: Josef Sipek
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Introduce kmem_cache objects for handling multiple keys per inode. Add calls
in the module init and exit code to call the key list
initialization/destruction functions.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Use list_for_each_entry_safe() when wiping the authentication token list.
Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Add support structures for handling multiple keys. The list in crypt_stat
contains the key identifiers for all of the keys that should be used for
encrypting each file's File Encryption Key (FEK). For now, each inode
inherits this list from the mount-wide crypt_stat struct, via the
ecryptfs_copy_mount_wide_sigs_to_inode_sigs() function.This patch also removes the global key tfm from the mount-wide crypt_stat
struct, instead keeping a list of tfm's meant for dealing with the various
inode FEK's. eCryptfs will now search the user's keyring for FEK's parsed
from the existing file metadata, so the user can make keys available at any
time before or after mounting.Now that multiple FEK packets can be written to the file metadata, we need to
be more meticulous about size limits. The updates to the code for writing out
packets to the file metadata makes sizes and limits more explicit, uniformly
expressed, and (hopefully) easier to follow.Signed-off-by: Michael Halcrow
Cc: "Serge E. Hallyn"
Cc: David Howells
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
This patch makes the following needlessly global functions static:
- exp_get_by_name()
- exp_parent()
- exp_find()Signed-off-by: Adrian Bunk
Cc: Neil Brown
Cc: "J. Bruce Fields"
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
In drivers/isdn/capi/kcapi.c::old_capi_manufacturer(), if the call to
get_capi_ctr_by_nr(ldef.contr); in line 823 returns NULL, then we'll be
dereferencing a NULL pointer in the very next line.(Found by Coverity checker as bug #402)
Signed-off-by: Jesper Juhl
Acked-by: Karsten Keil
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
If we fail to allocate an skb in
drivers/isdn/capi/capidrv.c::send_message(), then we'll end up
dereferencing a NULL pointer.
Since out of memory conditions are not unheard of, I believe it
is better to print a error message and just return rather than
bring down the whole kernel.
Sure, doing this may upset some application, but that's still
better than crashing the whole system.Signed-off-by: Jesper Juhl
Acked-by: Karsten Keil
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The ISDN subsystem common functions use a semaphore as mutex. Use the
mutex API instead of the (binary) semaphore.Signed-off-by: Matthias Kaehlcke
Acked-by: Karsten Keil
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Remove pointless taking of spinlock around reading a single pointer-sized
or smaller variable.Signed-off-by: Tilman Schmidt
Acked-by: Karsten Keil
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Introduce architecture dependent kretprobe blacklists to prohibit users
from inserting return probes on the function in which kprobes can be
inserted but kretprobes can not.This patch also removes "__kprobes" mark from "__switch_to" on x86_64 and
registers "__switch_to" to the blacklist on x86-64, because that mark is to
prohibit user from inserting only kretprobe.Signed-off-by: Masami Hiramatsu
Cc: Prasanna S Panchamukhi
Acked-by: Ananth N Mavinakayanahalli
Cc: Anil S Keshavamurthy
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Make the SPI framework and drivers stop using class_device. Update docs
accordingly ... highlighting just which sysfs paths should be
"safe"/stable.Signed-off-by: Tony Jones
Signed-off-by: David Brownell
Cc: Greg KH
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Constify two char pointers and a struct in Documentation/spi/spidev_test.c.
Acked-by: David Brownell
Cc: Anton Vorontsov
Signed-off-by: WANG Cong
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Currently, all QE SPI controllers are almost the same comparing to
MPC83xx's, thus let's use that driver for them.Tested to work on MPC85xx in loopback mode.
Signed-off-by: Anton Vorontsov
Acked-by: Kumar Gala
Signed-off-by: David Brownell
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Shrink the runtime footprint of various SPI drivers:
- Move the probe() routine into the init section where practical,
using platform_driver_probe() to make that safe. This often saves
around 1KB. Using platform_driver_probe() can also be a correctness
fix, if the probe routine is already marked __init but the driver
struct keeps a dangling pointer to it after init section removal.- Likewise move remove() routines into the exit sections.
These changes would be inappropriate iff the platform devices were
actually hotpluggable (e.g. they're found on optional addon cards,
or in an FPGA that's dynamically reprogrammed). In these cases,
that's not the situation; it's an SOC controller and the only device
is initialized before these drivers.Signed-off-by: David Brownell
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Remove unused variable & write space
Signed-off-by: Kyungmin Park
Signed-off-by: David Brownell
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
This patch cleans up duplicate includes in
drivers/spi/Signed-off-by: Jesper Juhl
Acked-by: David Brownell
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Remove the cpuset hooks that defined sched domains depending on the setting
of the 'cpu_exclusive' flag.The cpu_exclusive flag can only be set on a child if it is set on the
parent.This made that flag painfully unsuitable for use as a flag defining a
partitioning of a system.It was entirely unobvious to a cpuset user what partitioning of sched
domains they would be causing when they set that one cpu_exclusive bit on
one cpuset, because it depended on what CPUs were in the remainder of that
cpusets siblings and child cpusets, after subtracting out other
cpu_exclusive cpusets.Furthermore, there was no way on production systems to query the
result.Using the cpu_exclusive flag for this was simply wrong from the get go.
Fortunately, it was sufficiently borked that so far as I know, almost no
successful use has been made of this. One real time group did use it to
affectively isolate CPUs from any load balancing efforts. They are willing
to adapt to alternative mechanisms for this, such as someway to manipulate
the list of isolated CPUs on a running system. They can do without this
present cpu_exclusive based mechanism while we develop an alternative.There is a real risk, to the best of my understanding, of users
accidentally setting up a partitioned scheduler domains, inhibiting desired
load balancing across all their CPUs, due to the nonobvious (from the
cpuset perspective) side affects of the cpu_exclusive flag.Furthermore, since there was no way on a running system to see what one was
doing with sched domains, this change will be invisible to any using code.
Unless they have real insight to the scheduler load balancing choices, they
will be unable to detect that this change has been made in the kernel's
behaviour.Initial discussion on lkml of this patch has generated much comment. My
(probably controversial) take on that discussion is that it has reached a
rough concensus that the current cpuset cpu_exclusive mechanism for
defining sched domains is borked. There is no concensus on the
replacement. But since we can remove this mechanism, and since its
continued presence risks causing unwanted partitioning of the schedulers
load balancing, we should remove it while we can, as we proceed to work the
replacement scheduler domain mechanisms.Signed-off-by: Paul Jackson
Cc: Ingo Molnar
Cc: Nick Piggin
Cc: Christoph Lameter
Cc: Dinakar Guniguntala
Cc: Thomas Gleixner
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Add code to connect to the DCA driver and provide cpu tags for use by
drivers that would like to use Direct Cache Access hints.[Adrian Bunk] Several Kconfig cleanup items
[Andrew Morten, Chris Leech] Fix for using cpu_physical_id() even when
built for uni-processorSigned-off-by: Shannon Nelson
Acked-by: David S. Miller
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Direct Cache Access (DCA) is a method for warming the CPU cache before data
is used, with the intent of lessening the impact of cache misses. This
patch adds a manager and interface for matching up client requests for DCA
services with devices that offer DCA services.In order to use DCA, a module must do bus writes with the appropriate tag
bits set to trigger a cache read for a specific CPU. However, different
CPUs and chipsets can require different sets of tag bits, and the methods
for determining the correct bits may be simple hardcoding or may be a
hardware specific magic incantation. This interface is a way for DCA
clients to find the correct tag bits for the targeted CPU without needing
to know the specifics.[Dave Miller] use DEFINE_SPINLOCK()
Signed-off-by: Shannon Nelson
Acked-by: David S. Miller
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Add support for MSI and MSI-X interrupt handling, including the ability
to choose the desired interrupt method.Signed-off-by: Shannon Nelson
Acked-by: David S. Miller
[bunk@kernel.org: drivers/dma/ioat_dma.c: make 3 functions static]
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Split the general PCI startup from the DMA handling code in order to
prepare for adding support for DCA services and future versions of the
ioatdma device.[Rusty Russell] Removal of __unsafe() usage.
Signed-off-by: Shannon Nelson
Acked-by: David S. Miller
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Take care of a bunch of little code nits in ioatdma files
Signed-off-by: Shannon Nelson
Acked-by: David S. Miller
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Rename the ioatdma.c file in preparation for splitting into multiple files,
which will allow for easier adding new functionality.Signed-off-by: Shannon Nelson
Acked-by: David S. Miller
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Add device ids for new revs of the Intel I/OAT DMA engine
Signed-off-by: Shannon Nelson
Acked-by: David S. Miller
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Signed-off-by: Thomas Gleixner
Cc: Miles Bader
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
In a stock 2.6.22.6 kernel, poweroff a user mode linux guest (2.6.22.6 running
in skas0 mode) will halt the host linux. I think the reason is the kernel
thread abort because of a bug. Then the sys_reboot in process of user mode
linux guest is not trapped by the user mode linux kernel and is executed by
host. I think it is better to make sure all of our children process to quit
when user mode linux kernel abort.[ jdike - the kernel process needs to ignore SIGTERM, plus the waitpid/kill
loop is needed to make sure that all of our children are dead before the
kernel exits ]Signed-off-by: Lepton Wu
Signed-off-by: Jeff Dike
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Style fixes for the rest of the drivers. arch/um/drivers should be pretty
CodingStyle-compliant now.Except for the ubd driver, which will have to be treated separately.
[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Jeff Dike
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The calculation of CONFIG_STUB_CODE and CONFIG_STUB_DATA didn't take into
account anything but 3G/1G and 2G/2G, leaving the other vmsplits out in the
cold.I'd rather not duplicate the four known host vmsplit cases for each of these
symbols. I'd also like to calculate them based on the highest userspace
address.The Kconfig language seems not to allow calculation of hex constants, so I
moved this to as-layout.h. CONFIG_STUB_CODE, CONFIG_STUB_DATA, and
CONFIG_STUB_START are now gone. In their place are STUB_CODE, STUB_DATA, and
STUB_START in as-layout.h.i386 and x86_64 seem to differ as to whether an unadorned constant is an int
or a long, so I cast them to unsigned long so they can be printed
consistently. However, they are also used in stub.S, where C types don't work
so well. So, there are ASM_ versions of these constants for use in stub.S. I
also ifdef-ed the non-asm-friendly portion of as-layout.h.With this in place, most of the rest of this patch is changing CONFIG_STUB_*
to STUB_*, except in stub.S, where they are changed to ASM_STUB_*.defconfig has the old symbols deleted.
I also print these addresses out in case there is any problem mapping them on
the host.The two stub.S files had some trailing whitespace, so that is cleaned up here.
[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Jeff Dike
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Handle memory allocation failures when reading packets.
We have to read something from the host, even if we can't allocate any
memory. If we don't, the host side of the device may fill up and stop
delivering interrupts because no new packets can be queued.A single sk_buff is allocated whenever an MTU is seen which is larger
than any seen earlier. This is used to read packets if there is a
memory allocation failure.The large MTU check is done from eth_configure, which is called when a
interface is added to the system.Signed-off-by: Jeff Dike
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
A bunch of MTU-related cleanups in the network code.
First, there is the addition of the notion of a maximally-sized packet, which
is the MTU plus headers. This is used to size the skb that will receive a
packet. This allows ether_adjust_skb to go away, as it was used to resize the
skb after it was allocated.Since the skb passed into the low-level read routine is no longer resized, and
possibly reallocated, there, they (and the write routines) don't need to get
an sk_buff **. They just need the sk_buff * now. The callers of
ether_adjust_skb still need to do the skb_put, so that's now inlined.The MAX_PACKET definitions in most of the drivers are gone.
The set_mtu methods were all the same and did nothing, so they can be
removed.The ethertap driver had a typo which doubled the size of the packet rather
than adding two bytes to it. It also wasn't defining its setup_size, causing
a zero-byte kmalloc and crash when the invalid pointer returned from kmalloc
was dereferenced.Signed-off-by: Jeff Dike
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
