26 Apr, 2011
3 commits
-
This patch separates and audit message that only contains a dentry from
one that contains a full path. This allows us to make it harder to
misuse the interfaces or for the interfaces to be implemented wrong.Signed-off-by: Eric Paris
Acked-by: Casey Schaufler -
The lsm common audit code has wacky contortions making sure which pieces
of information are set based on if it was given a path, dentry, or
inode. Split this into path and inode to get rid of some of the code
complexity.Signed-off-by: Eric Paris
Acked-by: Casey Schaufler -
Now that the security modules can decide whether they support the
dcache RCU walk or not it's possible to make selinux a bit more
RCU friendly. The SELinux AVC and security server access decision
code is RCU safe. A specific piece of the LSM audit code may not
be RCU safe.This patch makes the VFS RCU walk retry if it would hit the non RCU
safe chunk of code. It will normally just work under RCU. This is
done simply by passing the VFS RCU state as a flag down into the
avc_audit() code and returning ECHILD there if it would have an issue.Based-on-patch-by: Andi Kleen
Signed-off-by: Eric Paris
25 Apr, 2011
3 commits
-
Right now all RCU walks fall back to reference walk when CONFIG_SECURITY
is enabled, even though just the standard capability module is active.
This is because security_inode_exec_permission unconditionally fails
RCU walks.Move this decision to the low level security module. This requires
passing the RCU flags down the security hook. This way at least
the capability module and a few easy cases in selinux/smack work
with RCU walks with CONFIG_SECURITY=ySigned-off-by: Andi Kleen
Signed-off-by: Eric Paris -
The len should be an size_t but is a ssize_t. Easy enough fix to silence
build warnings. We have no need for signed-ness.Signed-off-by: Eric Paris
Reviewed-by: James Morris -
If one builds a kernel without CONFIG_BUG there are a number of 'may be
used uninitialized' warnings. Silence these by returning after the BUG().Signed-off-by: Eric Paris
Reviewed-by: James Morris
20 Apr, 2011
1 commit
-
The filename_trans rule processing has some printk(KERN_ERR ) messages
which were intended as debug aids in creating the code but weren't removed
before it was submitted. Remove them.Signed-off-by: Eric Paris
08 Apr, 2011
2 commits
-
Initialize policydb.process_class once all symtabs read from policy image,
so that it could be used to setup the role_trans.tclass field when a lower
version policy.X is loaded.Signed-off-by: Harry Ciao
Signed-off-by: Eric Paris -
Commit 6f5317e730505d5cbc851c435a2dfe3d5a21d343 introduced a bug in the
handling of userspace object classes that is causing breakage for Xorg
when XSELinux is enabled. Fix the bug by changing map_class() to return
SECCLASS_NULL when the class cannot be mapped to a kernel object class.Reported-by: "Justin P. Mattock"
Signed-off-by: Stephen Smalley
Signed-off-by: James Morris
02 Apr, 2011
2 commits
-
The attached patch allows /selinux/create takes optional 4th argument
to support TYPE_TRANSITION with name extension for userspace object
managers.
If 4th argument is not supplied, it shall perform as existing kernel.
In fact, the regression test of SE-PostgreSQL works well on the patched
kernel.Thanks,
Signed-off-by: KaiGai Kohei
[manually verify fuzz was not an issue, and it wasn't: eparis]
Signed-off-by: Eric Paris -
update the git tree in MAINTAINERS
Signed-off-by: Eric Paris
29 Mar, 2011
3 commits
-
If kernel policy version is >= 26, then write the class field of the
role_trans structure into the binary reprensentation.Signed-off-by: Harry Ciao
Acked-by: Stephen Smalley
Signed-off-by: Eric Paris -
Apply role_transition rules for all kinds of classes.
Signed-off-by: Harry Ciao
Acked-by: Stephen Smalley
Signed-off-by: Eric Paris -
If kernel policy version is >= 26, then the binary representation of
the role_trans structure supports specifying the class for the current
subject or the newly created object.If kernel policy version is < 26, then the class field would be default
to the process class.Signed-off-by: Harry Ciao
Acked-by: Stephen Smalley
Signed-off-by: Eric Paris
08 Mar, 2011
8 commits
-
Add a keyctl op (KEYCTL_INSTANTIATE_IOV) that is like KEYCTL_INSTANTIATE, but
takes an iovec array and concatenates the data in-kernel into one buffer.
Since the KEYCTL_INSTANTIATE copies the data anyway, this isn't too much of a
problem.Signed-off-by: David Howells
Signed-off-by: James Morris -
Add a new keyctl op to reject a key with a specified error code. This works
much the same as negating a key, and so keyctl_negate_key() is made a special
case of keyctl_reject_key(). The difference is that keyctl_negate_key()
selects ENOKEY as the error to be reported.Typically the key would be rejected with EKEYEXPIRED, EKEYREVOKED or
EKEYREJECTED, but this is not mandatory.Signed-off-by: David Howells
Signed-off-by: James Morris -
Add a key type operation to permit the key type to vet the description of a new
key that key_alloc() is about to allocate. The operation may reject the
description if it wishes with an error of its choosing. If it does this, the
key will not be allocated.Signed-off-by: David Howells
Reviewed-by: Mimi Zohar
Signed-off-by: James Morris -
Add an RCU payload dereference macro as this seems to be a common piece of code
amongst key types that use RCU referenced payloads.Signed-off-by: David Howells
Signed-off-by: Mimi Zohar
Signed-off-by: James Morris -
…/git/tmlind/linux-omap-2.6
* 'omap-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap-2.6:
omap: mailbox: resolve hang issue
OMAP2+: PM: SmartReflex: fix memory leaks in Smartreflex driver
arm: mach-omap2: smartreflex: fix another memory leak -
* 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6:
[S390] tape: deadlock on system work queue
[S390] keyboard: integer underflow bug
[S390] xpram: remove __initdata attribute from module parameters
07 Mar, 2011
2 commits
-
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6:
ALSA: hda - Don't set to D3 in Cirrus errata init verbs
ALSA: hda - add new Fermi 5xx codec IDs to snd-hda
ASoC: WM8994: Ensure late enable events are processed for the ADCs
ASoC: WM8994: Don't disable the AIF[1|2]CLK_ENA unconditionaly
ASoC: Fix WM9081 platform data initialisation
ALSA: hda - Fix unable to record issue on ASUS N82JV
ALSA: HDA: Realtek: Fixup jack detection to input subsystem -
If a virtio-console device gets unplugged while a port is open, a
subsequent close() call on the port accesses vqs to free up buffers.
This can lead to a crash.The buffers are already freed up as a result of the call to
unplug_ports() from virtcons_remove(). The fix is to simply not access
vq information if port->portdev is NULL.Reported-by: juzhang
CC: stable@kernel.org
Signed-off-by: Amit Shah
Signed-off-by: Rusty Russell
Signed-off-by: Linus Torvalds
06 Mar, 2011
2 commits
-
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client:
ceph: no .snap inside of snapped namespace
libceph: fix msgr standby handling
libceph: fix msgr keepalive flag
libceph: fix msgr backoff
libceph: retry after authorization failure
libceph: fix handling of short returns from get_user_pages
ceph: do not clear I_COMPLETE from d_release
ceph: do not set I_COMPLETE
Revert "ceph: keep reference to parent inode on ceph_dentry"
05 Mar, 2011
14 commits
-
Pass down the correct node for a transparent hugepage allocation. Most
callers continue to use the current node, however the hugepaged daemon
now uses the previous node of the first to be collapsed page instead.
This ensures that khugepaged does not mess up local memory for an
existing process which uses local policy.The choice of node is somewhat primitive currently: it just uses the
node of the first page in the pmd range. An alternative would be to
look at multiple pages and use the most popular node. I used the
simplest variant for now which should work well enough for the case of
all pages being on the same node.[akpm@linux-foundation.org: coding-style fixes]
Acked-by: Andrea Arcangeli
Signed-off-by: Andi Kleen
Reviewed-by: KAMEZAWA Hiroyuki
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
This makes a difference for LOCAL policy, where the node cannot be
determined from the policy itself, but has to be gotten from the original
page.Acked-by: Andrea Arcangeli
Signed-off-by: Andi Kleen
Reviewed-by: KAMEZAWA Hiroyuki
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Add a alloc_page_vma_node that allows passing the "local" node in. Used
in a followon patch.Acked-by: Andrea Arcangeli
Signed-off-by: Andi Kleen
Reviewed-by: KAMEZAWA Hiroyuki
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Currently alloc_pages_vma() always uses the local node as policy node for
the LOCAL policy. Pass this node down as an argument instead.No behaviour change from this patch, but will be needed for followons.
Acked-by: Andrea Arcangeli
Signed-off-by: Andi Kleen
Reviewed-by: KAMEZAWA Hiroyuki
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Signed-off-by: Alexandre Bounine
Cc: Matt Porter
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Signed-off-by: Axel Lin
Cc: Haavard Skinnemoen
Cc: Richard Purdie
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Add maintainer of Samsung Mobile machine support. Currently, Aquila,
Goni, Universal (C210), and Nuri board are supported.Signed-off-by: Kyungmin Park
Cc: Joe Perches
Cc: "David S. Miller"
Cc: Russell King
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
This driver causes hard lockups, when the active clock soure is jiffies.
The reason is that it loops with interrupts disabled waiting for a
timestamp to be reached by polling getnstimeofday(). Though with a
jiffies clocksource, when that code runs on the same CPU which is
responsible for updating jiffies, then we loop in circles for ever
simply because the timer interrupt cannot update jiffies. So both UP
and SMP can be affected.There is no easy fix for that problem so make it depend on BROKEN for
now.Signed-off-by: Thomas Gleixner
Cc: Alexander Gordeev
Cc: Rodolfo Giometti
Cc: john stultz
Cc: Ingo Molnar
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The device table is required to load modules based on modaliases.
Signed-off-by: Axel Lin
Cc: Shubhrajyoti D
Cc: Christoph Mair
Cc: Jonathan Cameron
Cc:
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Don't forget to release cgroup_mutex if alloc_trial_cpuset() fails.
[akpm@linux-foundation.org: avoid multiple return points]
Signed-off-by: Li Zefan
Cc: Paul Menage
Acked-by: David Rientjes
Cc: Miao Xie
Cc:
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Fix s3c_rtc_setaie() prototype to eliminate the following compile
warning:drivers/rtc/rtc-s3c.c:383: warning: initialization from incompatible pointer type
(akpm: the rtc_class_ops.alarm_irq_enable() handler is being passed two
arguments where it expects just one, presumably with undesired effects)Signed-off-by: Axel Lin
Cc: Alessandro Zummo
Cc: Ben Dooks
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vapier/blackfin:
Blackfin: iflush: update anomaly 05000491 workaround
Blackfin: outs[lwb]: make sure count is greater than 0 -
…nel/git/lethal/sh-2.6
* 'rmobile-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6:
ARM: mach-shmobile: mackerel: modify LCDC clock divider value
ARM: mach-shmobile: ap4evb: modify LCDC clock divider value
ARM: mach-shmobile: mackerel: fixup memory initialize for zboot
ARM: mach-shmobile: ap4evb: fixup memory initialize for zboot
ARM: mach-shmobile: Add sh73a0 MIPI-CSI and CEU clocks
ARM: mach-shmobile: AG5EVM MIPI-DSI LCD reset delay fix -
* 'sh-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6:
sh: Change __nosave_XXX symbols to long
sh: Flush executable pages in copy_user_highpage
sh: Ensure ST40-300 BogoMIPS value is consistent
sh: sh7750: Fix incompatible pointer type
sh: sh7750: move machtypes.h to include/generated