21 Mar, 2006
9 commits
-
This patch fixes a couple of bugs revealed in new features recently
added to -mm1:
* fixes warnings due to inconsistent use of const struct inode *inode
* fixes bug that prevent a kernel from booting with audit on, and SELinux off
due to a missing function in security/dummy.c
* fixes a bug that throws spurious audit_panic() messages due to a missing
return just before an error_path label
* some reasonable house cleaning in audit_ipc_context(),
audit_inode_context(), and audit_log_task_context()Signed-off-by: Dustin Kirkland
Signed-off-by: David Woodhouse -
This patch extends existing audit records with subject/object context
information. Audit records associated with filesystem inodes, ipc, and
tasks now contain SELinux label information in the field "subj" if the
item is performing the action, or in "obj" if the item is the receiver
of an action.These labels are collected via hooks in SELinux and appended to the
appropriate record in the audit code.This additional information is required for Common Criteria Labeled
Security Protection Profile (LSPP).[AV: fixed kmalloc flags use]
[folded leak fixes]
[folded cleanup from akpm (kfree(NULL)]
[folded audit_inode_context() leak fix]
[folded akpm's fix for audit_ipc_perm() definition in case of !CONFIG_AUDIT]Signed-off-by: Dustin Kirkland
Signed-off-by: David Woodhouse
Signed-off-by: Andrew Morton
Signed-off-by: Al Viro -
- Add a new, 5th filter called "exclude".
- And add a new field AUDIT_MSGTYPE.
- Define a new function audit_filter_exclude() that takes a message type
as input and examines all rules in the filter. It returns '1' if the
message is to be excluded, and '0' otherwise.
- Call the audit_filter_exclude() function near the top of
audit_log_start() just after asserting audit_initialized. If the
message type is not to be audited, return NULL very early, before
doing a lot of work.
[combined with followup fix for bug in original patch, Nov 4, same author]
[combined with later renaming AUDIT_FILTER_EXCLUDE->AUDIT_FILTER_TYPE
and audit_filter_exclude() -> audit_filter_type()]Signed-off-by: Dustin Kirkland
Signed-off-by: David Woodhouse
Signed-off-by: Al Viro -
This patch augments the collection of inode info during syscall
processing. It represents part of the functionality that was provided
by the auditfs patch included in RHEL4.Specifically, it:
- Collects information for target inodes created or removed during
syscalls. Previous code only collects information for the target
inode's parent.- Adds the audit_inode() hook to syscalls that operate on a file
descriptor (e.g. fchown), enabling audit to do inode filtering for
these calls.- Modifies filtering code to check audit context for either an inode #
or a parent inode # matching a given rule.- Modifies logging to provide inode # for both parent and child.
- Protect debug info from NULL audit_names.name.
[AV: folded a later typo fix from the same author]
Signed-off-by: Amy Griffis
Signed-off-by: David Woodhouse
Signed-off-by: Al Viro -
The audit hooks (to be added shortly) will want to see dentry->d_inode
too, not just the name.Signed-off-by: Amy Griffis
Signed-off-by: David Woodhouse -
The attached patch updates various items for the new user space
messages. Please apply.Signed-off-by: Steve Grubb
Signed-off-by: David Woodhouse -
Currently, audit only supports the "=" and "!=" operators in the -F
filter rules.This patch reworks the support for "=" and "!=", and adds support
for ">", ">=", "
Signed-off-by: David Woodhouse -
- add kerneldoc for non-static functions;
- don't init static data to 0;
- limit lines to < 80 columns;
- fix long-format style;
- delete whitespace at end of some lines;(chrisw: resend and update to current audit-2.6 tree)
Signed-off-by: Randy Dunlap
Signed-off-by: Chris Wright
Signed-off-by: David Woodhouse -
hi,
The motivation behind the patch below was to address messages in
/var/log/messages such as:Jan 31 10:54:15 mets kernel: audit(:0): major=252 name_count=0: freeing
multiple contexts (1)
Jan 31 10:54:15 mets kernel: audit(:0): major=113 name_count=0: freeing
multiple contexts (2)I can reproduce by running 'get-edid' from:
http://john.fremlin.de/programs/linux/read-edid/.These messages come about in the log b/c the vm86 calls do not exit via
the normal system call exit paths and thus do not call
'audit_syscall_exit'. The next system call will then free the context for
itself and for the vm86 context, thus generating the above messages. This
patch addresses the issue by simply adding a call to 'audit_syscall_exit'
from the vm86 code.Besides fixing the above error messages the patch also now allows vm86
system calls to become auditable. This is useful since strace does not
appear to properly record the return values from sys_vm86.I think this patch is also a step in the right direction in terms of
cleaning up some core auditing code. If we can correct any other paths
that do not properly call the audit exit and entries points, then we can
also eliminate the notion of context chaining.I've tested this patch by verifying that the log messages no longer
appear, and that the audit records for sys_vm86 appear to be correct.
Also, 'read_edid' produces itentical output.thanks,
-Jason
Signed-off-by: Jason Baron
Signed-off-by: Al Viro
20 Mar, 2006
5 commits
-
This address is going to be obsolete, so I should update it.
-
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
[MIPS] SB1: Check for -mno-sched-prolog if building corelis debug kernel.
[MIPS] Sibyte: Fix race in sb1250_gettimeoffset().
[MIPS] Sibyte: Fix interrupt timer off by one bug.
[MIPS] Sibyte: Fix M_SCD_TIMER_INIT and M_SCD_TIMER_CNT wrong field width.
[MIPS] Protect more of timer_interrupt() by xtime_lock.
[MIPS] Work around bad code generation for .
[MIPS] Simple patch to power off DBAU1200
[MIPS] Fix DBAu1550 software power off.
[MIPS] local_r4k_flush_cache_page fix
[MIPS] SB1: Fix interrupt disable hazard.
[MIPS] Get rid of the IP22-specific code in arclib.
Update MAINTAINERS entry for MIPS. -
The 40-bit DMA workaround recently implemented for 5714, 5715, and
5780 needs to be expanded because there may be other tg3 devices
behind the EPB Express to PCIX bridge in the 5780 class device.For example, some 4-port card or mother board designs have 5704 behind
the 5714.All devices behind the EPB require the 40-bit DMA workaround.
Thanks to Chris Elmquist again for reporting the problem and testing
the patch.Signed-off-by: Michael Chan
Signed-off-by: David S. Miller -
If the AX.25 dialect chosen by the sysadmin is set to DAMA master / 3
(or DAMA slave / 2, if CONFIG_AX25_DAMA_SLAVE=n) ax25_kick() will fall
through the switch statement without calling ax25_send_iframe() or any
other function that would eventually free skbn thus leaking the packet.Fix by restricting the sysctl inferface to allow only actually supported
AX.25 dialects.The system administration mistake needed for this to happen is rather
unlikely, so this is an uncritical hole.Coverity #651.
Signed-off-by: Ralf Baechle DL5RB
Signed-off-by: David S. Miller
19 Mar, 2006
15 commits
-
VIDEO_CX88_ALSA should not be between VIDEO_CX88_DVB and
VIDEO_CX88_DVB_ALL_FRONTENDSWhen cx88-alsa was added to cx88/Kconfig, it was added in between
VIDEO_CX88_DVB and VIDEO_CX88_DVB_ALL_FRONTENDS. This caused
undesireable effects to the appearance of the menu options in
menuconfig.This fix reorders cx88-alsa and cx88-dvb in Kconfig, to match saa7134,
and restore the correct menuconfig appearance.Signed-off-by: Michael Krufky
Signed-off-by: Mauro Carvalho Chehab
Signed-off-by: Linus Torvalds -
Fixed em28xx based system lockup, device needs to be initialized before
starting the isoc transfer otherwise the system will completly lock up.Signed-off-by: Markus Rechberger
Signed-off-by: Mauro Carvalho Chehab
Signed-off-by: Linus Torvalds -
sys_unshare() does mmput(new_mm). This is not enough if we have
mm->core_waiters.This patch is a temporary fix for soon to be released 2.6.16.
Signed-off-by: Oleg Nesterov
[ Checked with Uli: "I'm not planning to use unshare(CLONE_VM). It's
not needed for any functionality planned so far. What we (as in Red
Hat) need unshare() for now is the filesystem side." ]
Signed-off-by: Linus Torvalds -
Signed-off-by: Ralf Baechle
-
From Dave Johnson :
sb1250_gettimeoffset() simply reads the current cpu 0 timer remaining
value, however once this counter reaches 0 and the interrupt is raised,
it immediately resets and begins to count down again.If sb1250_gettimeoffset() is called on cpu 1 via do_gettimeofday() after
the timer has reset but prior to cpu 0 processing the interrupt and
taking write_seqlock() in timer_interrupt() it will return a full value
(or close to it) causing time to jump backwards 1ms. Once cpu 0 handles
the interrupt and timer_interrupt() gets far enough along it will jump
forward 1ms.Fix this problem by implementing mips_hpt_*() on sb1250 using a spare
timer unrelated to the existing periodic interrupt timers. It runs at
1Mhz with a full 23bit counter. This eliminated the custom
do_gettimeoffset() for sb1250 and allowed use of the generic
fixed_rate_gettimeoffset() using mips_hpt_*() and timerhi/timerlo.Signed-off-by: Ralf Baechle
-
From Dave Johnson :
The timers need to be loaded with 1 less than the desired interval not
the interval itself.Signed-off-by: Ralf Baechle
-
From Dave Johnson :
Field width should be 23 bits not 20 bits.
Signed-off-by: Ralf Baechle
-
From Dave Johnson :
* do_timer() expects the arch-specific handler to take the lock as it
modifies jiffies[_64] and xtime.
* writing timerhi/lo in timer_interrupt() will mess up
fixed_rate_gettimeoffset() which reads timerhi/lo.Signed-off-by: Ralf Baechle
-
If a call to set_io_port_base() was being followed by usage of
mips_io_port_base in the same function gcc was possibly using the old
value due to some clever abuse of const. Adding a barrier will keep
the optimization and result in correct code with latest gcc.Signed-off-by: Ralf Baechle
-
Signed-off-by: Matej Kupljen
Signed-off-by: Ralf Baechle -
Signed-off-by: Sergei Shtylyov
Signed-off-by: Ralf Baechle -
If dcache_size != icache_size or dcache_size != scache_size, or
set-associative cache, icache/scache does not flushed properly. Make
blast_?cache_page_indexed() masks its index value correctly. Also,
use physical address for physically indexed pcache/scache.Signed-off-by: Atsushi Nemoto
Signed-off-by: Ralf Baechle -
The SB1 core has a three cycle interrupt disable hazard but we were
wrongly treating it as fully interlocked.Signed-off-by: Ralf Baechle
-
This breaks the kernel build if sgiwd93 was configured as a module.
Signed-off-by: Ralf Baechle
-
Signed-off-by: Ralf Baechle
18 Mar, 2006
1 commit
-
It is broken, the condition is checked out of socket lock. It is
wonderful the bug survived for so long time.[ This fixes bugzilla #6233:
race condition in tcp_sendmsg when connection became established ]Signed-off-by: David S. Miller
17 Mar, 2006
10 commits
-
Lee Revell reported 28ms latency when process with lots of swapped memory
exits.2.6.15 introduced a latency regression when unmapping: in accounting the
zap_work latency breaker, pte_none counted 1, pte_present PAGE_SIZE, but a
swap entry counted nothing at all. We think of pages present as the slow
case, but Lee's trace shows that free_swap_and_cache's radix tree lookup
can make a lot of work - and we could have been doing it many thousands of
times without a latency break.Move the zap_work update up to account swap entries like pages present.
This does account non-linear pte_file entries, and unmap_mapping_range
skipping over swap entries, by the same amount even though they're quick:
but neither of those cases deserves complicating the code (and they're
treated no worse than they were in 2.6.14).Signed-off-by: Hugh Dickins
Acked-by: Nick Piggin
Acked-by: Ingo Molnar
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Jiri Benc reported that modpost would stop with SIGABRT if
used with long filepaths.
The error looked like:
> Building modules, stage 2.
> MODPOST
> *** glibc detected *** scripts/mod/modpost: realloc(): invalid next size:
+0x0809f588 ***
> [...]Fix this by allocating at least the required memory + SZ bytes each time.
Before we sometimes ended up allocating too little memory resuting in the
glibc detected bug above. Based on patch originally submitted by: Jiri
BencSigned-off-by: Sam Ravnborg
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
A user can use nfsservctl() to spam the logs.
This can happen because the arguments to the nfsservctl() system call are
versioned. This is a good thing. However, when a bad version is detected,
the kernel prints a message and then returns an error.Signed-off-by: Peter Staubach
Cc: Trond Myklebust
Cc: Neil Brown
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
We can call try_to_release_page() with PagePrivate off and a valid
page->mapping This may cause all sorts of trouble for the filesystem
*_releasepage() handlers. XFS bombs out in that case.Lock the page before checking for page private.
Signed-off-by: Christoph Lameter
Cc: Nick Piggin
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The dm-stripe target currently does not enforce that the size of a stripe
device be a multiple of the chunk-size. Under certain conditions, this can
lead to I/O requests going off the end of an underlying device. This
test-case shows one example.echo "0 100 linear /dev/hdb1 0" | dmsetup create linear0
echo "0 100 linear /dev/hdb1 100" | dmsetup create linear1
echo "0 200 striped 2 32 /dev/mapper/linear0 0 /dev/mapper/linear1 0" | \
dmsetup create stripe0
dd if=/dev/zero of=/dev/mapper/stripe0 bs=1kThis will produce the output:
dd: writing '/dev/mapper/stripe0': Input/output error
97+0 records in
96+0 records outAnd in the kernel log will be:
attempt to access beyond end of device
dm-0: rw=0, want=104, limit=100The patch will check that the table size is a multiple of the stripe
chunk-size when the table is created, which will prevent the above striped
device from being created.This should not affect tools like LVM or EVMS, since in all the cases I can
think of, striped devices are always created with the sizes being a
multiple of the chunk-size.The size of a stripe device must be a multiple of its chunk-size.
(akpm: that typecast is quite gratuitous)
Signed-off-by: Kevin Corry
Signed-off-by: Alasdair G Kergon
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Bryce reported a bug wherein offlining CPU0 (on x86 box) and then
subsequently onlining it resulted in a lockup.On x86, CPU0 is never offlined. The subsequent attempt to online CPU0
doesn't take that into account. It actually tries to bootup the already
booted CPU. Following patch fixes the problem (as acknowledged by Bryce).
Please consider for inclusion in 2.6.16.Check if cpu is already online.
Signed-off-by: Srivatsa Vaddagiri
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
There is a d_drop in dir_release which caused problems as it invalidates
dcache entries too soon. This was likely a part of the wierd cwd behavior
folks were seeing.Signed-off-by: Eric Van Hensbergen
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
When the posix-timer signal is ignored then the timer is rearmed by the
callback function. The requeue pending accounting has to be fixed up else
the state might be wrong.Signed-off-by: Roman Zippel
Signed-off-by: Thomas Gleixner
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The pointer to the current time interpolator and the current list of time
interpolators are typically only changed during bootup. Adding
__read_mostly takes them away from possibly hot cachelines.Signed-off-by: Christoph Lameter
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Currently the migration of anonymous pages will silently fail if no swap is
setup. This patch makes page migration functions check for available swap
and fail with -ENODEV if no swap space is available.Signed-off-by: Christoph Lameter
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
