30 Sep, 2006
10 commits
-
Allows commas to be embedded into context mount options (i.e. "-o
context=some_selinux_context_t"), to better support multiple categories,
which are separated by commas and confuse mount.For example, with the current code:
mount -t iso9660 /dev/cdrom /media/cdrom -o \
ro,context=system_u:object_r:iso9660_t:s0:c1,c3,c4,execThe context option that will be interpreted by SELinux is
context=system_u:object_r:iso9660_t:s0:c1instead of
context=system_u:object_r:iso9660_t:s0:c1,c3,c4The options that will be passed on to the file system will be
ro,c3,c4,exec.The proposed solution is to allow/require the SELinux context option
specified to mount to use quotes when the context contains a comma.This patch modifies the option parsing in parse_opts(), contained in
mount.c, to take options after finding a comma only if it hasn't seen a
quote or if the quotes are matched. It also introduces a new function that
will strip the quotes from the context option prior to translation. The
quotes are replaced after the translation is completed to insure that in
the event the raw context contains commas the kernel will be able to
interpret the correct context.Signed-off-by: Cory Olmo
Signed-off-by: James Morris
Acked-by: Stephen Smalley
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Don't open-code NOPAGE_SIGBUS.
Signed-off-by: Adam Litke
Acked-by: Hugh Dickins
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Failing context is a multi threaded process context and the failing
sequence is as follows.One thread T0 doing self modifying code on page X on processor P0 and
another thread T1 doing COW (breaking the COW setup as part of just
happened fork() in another thread T2) on the same page X on processor P1.
T0 doing SMC can endup modifying the new page Y (allocated by the T1 doing
COW on P1) but because of different I/D TLB's, P0 ITLB will not see the new
mapping till the flush TLB IPI from P1 is received. During this interval,
if T0 executes the code created by SMC it can result in an app error (as
ITLB still points to old page X and endup executing the content in page X
rather than using the content in page Y).Fix this issue by first clearing the PTE and flushing it, before updating
it with new entry.Hugh sayeth:
I was a bit sceptical, in the habit of thinking that Self Modifying Code
must look such issues itself: but I guess there's nothing it can do to avoid
this one.Fair enough, what you're changing it to is pretty much what powerpc and
s390 were already doing, and is a more robust way of proceeding, consistent
with how ptes are set everywhere else.The ptep_clear_flush is a bit heavy-handed (it's anxious to return the pte
that was atomically cleared), but we'd have to wander through lots of arches
to get the right minimal behaviour. It'd also be nice to eliminate
ptep_establish completely, now only used to define other macros/inlines: it
always seemed obfuscation to me, what you've got there now is clearer.
Let's put those cleanups on a TODO list.Signed-off-by: Suresh Siddha
Acked-by: "David S. Miller"
Acked-by: Hugh Dickins
Cc: Nick Piggin
Cc: Peter Zijlstra
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Convert s390 page handling macros to functions. In particular this fixes a
problem with s390's SetPageUptodate macro which uses its input parameter
twice which again can cause subtle bugs.[akpm@osdl.org: build fix]
Cc: Martin Schwidefsky
Signed-off-by: Heiko Carstens
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
We leak a bh ref in "journal_init_dev()" in case of failure.
Signed-off-by: Zoltan Menyhart
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
It's always good to make symbols static when we can, and this also eliminates
the need to rename the function in jbd2Suggested by Eric Sandeen.
Signed-off-by: Dave Kleikamp
Cc: Eric Sandeen
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The uninitialised pmu_backlight_lock causes the current Fedora test kernel
(which has spinlock debugging enabled) to panic on suspend.This is suboptimal, so I fixed it.
Signed-off-by: David Woodhouse
Acked-by: Benjamin Herrenschmidt
Acked-by: Michael Hanselmann
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
If the cpu has the lock held for write, is interrupted, and the interrupt
handler calls read_trylock(), it's an instant deadlock.Now, Dave Miller has subsequently pointed out that we don't have any
situations where this can occur. Nevertheless, we should delete
generic__raw_read_lock (and its associated EXPORT to make Arjan happy) so that
nobody thinks they can use it.Acked-by: "David S. Miller"
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Signed-off-by: Al Viro
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
... or we'll end up with cpu_online_map being evaluated on UP. In
modules. cpumask.h is very careful to avoid that, and for a very good
reason. So should we...PS: yes, it really triggers (on alpha).
Signed-off-by: Al Viro
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
29 Sep, 2006
30 commits
-
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (160 commits)
[ETHTOOL]: Remove some entries from non-root command list.
[Bluetooth]: Fix section mismatch of bt_sysfs_cleanup()
[Bluetooth]: Don't update disconnect timer for incoming connections
[ETHTOOL]: let mortals use ethtool
[NetLabel]: add audit support for configuration changes
[TCP]: Fix and simplify microsecond rtt sampling
[TCP] tcp-lp: prevent chance for oops
[SUNRPC]: Remove unnecessary check in net/sunrpc/svcsock.c
[IPVS] bug: endianness breakage in ip_vs_ftp
[IPVS]: ipvs annotations
[NETFILTER]: h323 annotations
[NETFILTER]: ipt annotations
[NETFILTER]: NAT annotations
[NETFILTER]: conntrack annotations
[NETFILTER]: netfilter misc annotations
[NET]: Annotate dst_ops protocol
[NET]: is it Andy or Andi ??
[IPVS]: Make sure ip_vs_ftp ports are valid: module_param_array approach
[IPVS]: Reverse valid ip_vs_ftp ports fix: port check approach
[IrDA] stir4200: removing undocumented bits handling
... -
* master.kernel.org:/pub/scm/linux/kernel/git/gregkh/usb-2.6:
USB: fix build error in ohci driver -
GWOL might provide passwords
GSET, GLINK, and GSTATS might poke the hardwareBased upon feedback from Jeff Garzik.
Signed-off-by: David S. Miller
-
The bt_sysfs_cleanup() is marked with __exit attribute, but it will
be called from an __init function in the error case. So the __exit
attribute must be removed.Signed-off-by: Arnaud Patard
Signed-off-by: Marcel Holtmann
Signed-off-by: David S. Miller -
In the case of device pairing the only safe method is to establish
a low-level ACL link. In this case, the remote side should not use
the disconnect timer to give the other side the chance to enter the
PIN code. If the disconnect timer is used, the connection will be
dropped to soon, because it is impossible to identify an actual user
of this link.Signed-off-by: Marcel Holtmann
Signed-off-by: David S. Miller -
There is no reason to not allow non-admin users to query network
statistics and settings.[ Removed PHYS_ID and GREGS based upon feedback from Auke Kok
and Michael Chan -DaveM]Acked-by: James Morris
Signed-off-by: David S. Miller -
This patch adds audit support to NetLabel, including six new audit message
types shown below.#define AUDIT_MAC_UNLBL_ACCEPT 1406
#define AUDIT_MAC_UNLBL_DENY 1407
#define AUDIT_MAC_CIPSOV4_ADD 1408
#define AUDIT_MAC_CIPSOV4_DEL 1409
#define AUDIT_MAC_MAP_ADD 1410
#define AUDIT_MAC_MAP_DEL 1411Signed-off-by: Paul Moore
Acked-by: James Morris
Signed-off-by: David S. Miller -
This changes the microsecond RTT sampling so that samples are taken in
the same way that RTT samples are taken for the RTO calculator: on the
last segment acknowledged, and only when the segment hasn't been
retransmitted.Signed-off-by: John Heffner
Acked-by: Stephen Hemminger
Signed-off-by: David S. Miller -
This patch fix the chance for tcp_lp_remote_hz_estimator return 0, if
0 < rhz < 64. It also make sure the flag LP_VALID_RHZ is set
correctly.Signed-off-by: Wong Hoi Sing Edison
Signed-off-by: David S. Miller -
coverity spotted this one as possible dereference in the dprintk(),
but since there is only one caller of svc_create_socket(), which always
passes a valid sin, we dont need this check.Signed-off-by: Eric Sesterhenn
Signed-off-by: David S. Miller -
(p[3]<<<
Signed-off-by: David S. Miller -
Signed-off-by: Al Viro
Signed-off-by: David S. Miller -
Signed-off-by: Al Viro
Signed-off-by: David S. Miller -
Signed-off-by: Al Viro
Signed-off-by: David S. Miller -
Signed-off-by: Al Viro
Signed-off-by: David S. Miller -
Signed-off-by: Al Viro
Signed-off-by: David S. Miller -
Signed-off-by: Al Viro
Signed-off-by: David S. Miller -
Signed-off-by: Al Viro
Signed-off-by: David S. Miller -
I don't know of any Andy Kleen's but I do know a Andi Kleen.
Signed-off-by: Steven Rostedt
Signed-off-by: David S. Miller -
I'm not entirely sure what happens in the case of a valid port,
at best it'll be silently ignored. This patch ensures that
the port values are unsigned short values, and thus always valid.This is a second take at fixing this problem, it is simpler
and arguably more correct than the previous approach
that was committed as 3f5af5b353ca36aca4f8a46e3da2172f669dbbbc.
Prior to this patch a patch that reverses
3f5af5b353ca36aca4f8a46e3da2172f669dbbbc was sent.Signed-off-by: Simon Horman
Signed-off-by: David S. Miller -
This patch reverses 3f5af5b353ca36aca4f8a46e3da2172f669dbbbc as
a better fix was suggested by Patrick McHardy.Signed-off-by: Simon Horman
Signed-off-by: David S. Miller -
FIFOCTL_RXERR and FIFOCTL_TXERR are undocumented bits, according to the
Sigmatel datasheet. We should thus not take any assumption on their values
and semantics.Problem spotted by andrzej zaborowski
Signed-off-by: Samuel Ortiz
Signed-off-by: David S. Miller -
This patch detects the smsc-ircc chipset on the nx1000
(including nx7000 and nx7010) and the nx5000 HP/Compaq laptop series.Patch from "Linus Walleij (LD/EAB)"
Signed-off-by: Samuel Ortiz
Signed-off-by: David S. Miller -
According to NatSemi datasheet, the configuration base address for the PC8738x
family is 0x2e or 0x164. 0x0 doesn't appear in any datasheet.Patch from Lamarque Vieira Souza
Signed-off-by: Samuel Ortiz
Signed-off-by: David S. Miller -
Add the following for userspace export by the 'headers_include'
make target: linux/fib_rules.h, linux/if_addr.h, linux/if_link.h,
linux/neighbour.h.Signed-off-by: YOSHIFUJI Hideaki
Signed-off-by: David S. Miller -
Moving netlink interface bits to linux/if.h is rather troublesome for
applications including both linux/if.h (which was changed to be included
from linux/rtnetlink.h automatically) and net/if.h.Signed-off-by: YOSHIFUJI Hideaki
Signed-off-by: David S. Miller -
SPI=0 is used for acquired IPsec SA and MIPv6 RO state.
Such state should not be added to the SPI hash
because we do not care about it on deleting path.Signed-off-by: Masahide NAKAMURA
Signed-off-by: YOSHIFUJI Hideaki -
The loopback device status structure is a singleton and doesn't
need to be allocated. Add ethtool_ops hooks to show checksum always on,
and make ethtool_ops const.Signed-off-by: Stephen Hemminger
Signed-off-by: David S. Miller -
This patch replaces the bunch of arbitrary 64 and 128 bytes alloc_skb() calls
with more accurate allocation sizes.Signed-off-by: Samuel Ortiz
Signed-off-by: David S. Miller -
With the inclusion of the stir421x code, we now need to select FW_LOADER
whenever we try to build the irda-usb code.Signed-off-by: Samuel Ortiz
Signed-off-by: David S. Miller
