31 Jan, 2008
1 commit
-
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
security: compile capabilities by default
selinux: make selinux_set_mnt_opts() static
SELinux: Add warning messages on network denial due to error
SELinux: Add network ingress and egress control permission checks
NetLabel: Add auditing to the static labeling mechanism
NetLabel: Introduce static network labels for unlabeled connections
SELinux: Allow NetLabel to directly cache SIDs
SELinux: Enable dynamic enable/disable of the network access checks
SELinux: Better integration between peer labeling subsystems
SELinux: Add a new peer class and permissions to the Flask definitions
SELinux: Add a capabilities bitmap to SELinux policy version 22
SELinux: Add a network node caching mechanism similar to the sel_netif_*() functions
SELinux: Only store the network interface's ifindex
SELinux: Convert the netif code to use ifindex values
NetLabel: Add IP address family information to the netlbl_skbuff_getattr() function
NetLabel: Add secid token support to the NetLabel secattr struct
NetLabel: Consolidate the LSM domain mapping/hashing locks
NetLabel: Cleanup the LSM domain hash functions
NetLabel: Remove unneeded RCU read locks
30 Jan, 2008
39 commits
-
* git://git.kernel.org/pub/scm/linux/kernel/git/x86/linux-2.6-x86: (890 commits)
x86: fix nodemap_size according to nodeid bits
x86: fix overlap between pagetable with bss section
x86: add PCI IDs to k8topology_64.c
x86: fix early_ioremap pagetable ops
x86: use the same pgd_list for PAE and 64-bit
x86: defer cr3 reload when doing pud_clear()
x86: early boot debugging via FireWire (ohci1394_dma=early)
x86: don't special-case pmd allocations as much
x86: shrink some ifdefs in fault.c
x86: ignore spurious faults
x86: remove nx_enabled from fault.c
x86: unify fault_32|64.c
x86: unify fault_32|64.c with ifdefs
x86: unify fault_32|64.c by ifdef'd function bodies
x86: arch/x86/mm/init_32.c printk fixes
x86: arch/x86/mm/init_32.c cleanup
x86: arch/x86/mm/init_64.c printk fixes
x86: unify ioremap
x86: fixes some bugs about EFI memory map handling
x86: use reboot_type on EFI 32
... -
We want IPV6HEADER matching for the non-advanced default netfilter
configuration, since it's part of the standard netfilter setup of at
least some distributions (eg Fedora).Otherwise NETFILTER_ADVANCED loses much of its point, since even
non-advanced users would have to enable all the advanced options just to
get a working IPv6 netfilter setup.Signed-off-by: Linus Torvalds
-
Change the following static arrays sized by NR_CPUS to
per_cpu data variables:char cpu_to_node_map[NR_CPUS];
Signed-off-by: Mike Travis
Reviewed-by: Christoph Lameter
Signed-off-by: Ingo Molnar
Signed-off-by: Thomas Gleixner -
The caller will never sleep in rpc_execute, so don't bother setting the
sigmask.Signed-off-by: Trond Myklebust
-
The variable "sin" is a pointer, so sizeof(sin) is the size of a pointer,
not the size of thing that sin points to.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Clean up: Follow recommendations of Chapter 5 of Documentation/CodingStyle
and use "u32" instead of "__u32" for types in definitions that are not
shared with user space.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
rpc_create() can already fill in the hostname with a string representation
of the server's IP address, so remove redundant logic in in
rpcb_getport_sync() that does that.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Clean up: document the rule (kfree) and the exceptions
(RPC_DISPLAY_PROTO and RPC_DISPLAY_NETID) when freeing the objects in
a transport's address_strings array.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
...and eliminate an unnecessary cast.
Signed-off-by: Trond Myklebust
-
Clean up: have the set up routines explicitly pass the strings to be used
for the transport name and NETID. This removes a number of conditionals
and dependencies on rpc_xprt.prot, which is overloaded.Tighten up type checking on the address_strings array while we're at it.
Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
The gss_pipe_upcall() function expects the copy_to_user() function to
return a negative error value if the call fails, but copy_to_user()
returns an unsigned long number of bytes that couldn't be copied.Can rpc_pipefs actually retry a partially completed upcall read? If
not, then gss_pipe_upcall() should punt any partial read, just like the
upcall logic in net/sunrpc/cache.c.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
In order to be able to support setting the timeo and retrans parameters on
a per-mountpoint basis, we move the rpc_timeout structure into the
rpc_clnt.Signed-off-by: Trond Myklebust
-
Signed-off-by: Trond Myklebust
-
There is no reason why we shouldn't just pass the rpc_create_args.
Signed-off-by: Trond Myklebust
-
Universal addresses are defined in RFC 1833 and clarified in RFC 3530. We
need to use them in several places in the NFS and RPC clients, so move the
relevant definition and block comment to an appropriate global include
file.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Clean up: use correct type for RPC version numbers in rpcbind client.
Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Make sure rpcb_clnt passes the correct address length to rpc_create().
Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
If the ULP doesn't pass a hostname string to rpc_create(), it manufactures
one based on the passed-in address. Be smart enough to handle an AF_INET6
address properly in this case.Move the default servername logic before the xprt_create_transport() call
to simplify error handling in rpc_create().Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
The two arguments of rpc_depopulate() that pass in inode numbers should use
the same type as inode->i_ino: unsigned long.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
The return type of xdr_skb_read_actor functions is size_t. This fixes a
nit I unwittingly overlooked in commit dd456471.Signed-off-by: Chuck Lever
Signed-off-by: Trond Myklebust -
Minor: Replace an empty if statement with a debugging dprintk.
Signed-off-by: Chuck Lever
Cc: Thomas Talpey
Signed-off-by: Trond Myklebust -
Nit: rl_nchunks is an unsigned integer, so pass it into
rpcrdma_count_chunks() via an unsigned integer argument. This eliminates
a harmless mixed sign comparison in rpcrdma_count_chunks()Signed-off-by: Chuck Lever
Cc: Thomas Talpey
Signed-off-by: Trond Myklebust -
Keep the type of the buffer position the same during iovec conversion to
reduce the likelihood of unexpected results from comparisons and length
computations.Signed-off-by: Chuck Lever
Cc: Thomas Talpey
Signed-off-by: Trond Myklebust -
Signed-off-by: Trond Myklebust
-
Signed-off-by: Trond Myklebust
-
Signed-off-by: Trond Myklebust
-
Signed-off-by: Trond Myklebust
-
Replace use of rpc_call_setup() with rpc_init_task(), and in cases where we
need to initialise task->tk_action, with rpc_call_start().Signed-off-by: Trond Myklebust
-
In preparation for the removal of rpc_call_setup().
Signed-off-by: Trond Myklebust
-
Signed-off-by: Trond Myklebust
-
To ensure that the RPCSEC_GSS upcall is performed with the correct sigmask.
Signed-off-by: Trond Myklebust
-
We want the default scheduling priority (priority == 0) to remain
RPC_PRIORITY_NORMAL.Also ensure that the priority wait queue scheduling is per process id
instead of sometimes being per thread, and sometimes being per inode.Signed-off-by: Trond Myklebust
-
Make it use the new task initialiser structure instead of acting as a
wrapper.Signed-off-by: Trond Myklebust
-
Signed-off-by: Trond Myklebust
-
The sunrpc client exports are not meant to be part of any official kernel
API: they can change at the drop of a hat. Mark them as internal functions
using EXPORT_SYMBOL_GPL.Signed-off-by: Trond Myklebust
-
Do this for all RPC client related functions and XDR functions.
Signed-off-by: Trond Myklebust
-
Add kerneldoc comments for the rpc_pipefs.c functions that are exported.
Signed-off-by: J. Bruce Fields
Signed-off-by: Trond Myklebust -
If we've disconnected from the server, rather than the other way round,
then it makes little sense to wait 3 seconds before reconnecting.Signed-off-by: Trond Myklebust