02 Aug, 2008
27 commits
-
This follows the changes in commits:
7d6d637dac2050f30a1b57b0a3dc5de4a10616ba
4f72c4279eab1e5f3ed1ac4e55d4527617582392on powerpc. Adding in TIF_NOTIFY_RESUME, and cleaning up the syscall
tracing to be more generic. This is an incremental step to turning
on tracehook, as well as unifying more of the ptrace and signal code
across the 32/64 split.Signed-off-by: Paul Mundt
-
This converts the single stepping done by sh/sh64 ptrace implementations
to use the generic user_enable/disable_single_step(), and subsequently
rips out a lot of ptrace request cases that are now handled generically.Signed-off-by: Paul Mundt
-
This hooks up the seccomp thread flag and associated callback from the
syscall tracer.Signed-off-by: Paul Mundt
-
Signed-off-by: Paul Mundt
-
A quick cut and paste from other architectures to allow SH
to parse the elfcorehdr command line argument which is required
for both is_kdump_kernel() and vmcore to function.
(the former is as yet unused on SH).Tested compilation only
Signed-off-by: Simon Horman
Signed-off-by: Paul Mundt -
* git://git.infradead.org/mtd-2.6:
[MTD] [NAND] drivers/mtd/nand/nandsim.c: fix printk warnings
[MTD] [NAND] Blackfin NFC Driver: Cleanup the error exit path of bf5xx_nand_probe function
[MTD] [NAND] Blackfin NFC Driver: use standard dev_err() rather than printk()
[MTD] [NAND] Blackfin NFC Driver: enable Blackfin nand HWECC support by default
[MTD] [NAND] Blackfin NFC Driver: add proper devinit/devexit markings to probe/remove functions
[MTD] [NAND] Blackfin NFC Driver: add support for the ECC layout the Blackfin bootrom uses
[MTD] [NAND] Blackfin NFC Driver: fix bug - hw ecc calc by making sure we extract 11 bits from each register instead of 10
[MTD] [NAND] Blackfin NFC Driver: fix bug - do not clobber the status from the first 256 bytes if operating on 512 pages
[MTD] [NAND] diskonchip.c fix sparse endian warnings
[MTD] [NAND] drivers/mtd/nand/nandsim.c needs div64.h
[JFFS2] Fix allocation of summary buffer
Fix rename of at91_nand -> atmel_nand
[MTD] [NOR] drivers/mtd/chips/jedec_probe.c: fix Am29DL800BB device ID
[MTD] MTD_DEBUG always does compile-time typechecks
[MTD] DataFlash: bugfix, binary page sizes now handled
[MTD] [NAND] fsl_elbc_nand.c: fix printk warning
[MTD] [NAND] nandsim: support random page read command
[MTD] [NAND] fix subpage read for small page NAND -
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:
[PATCH] pass struct path * to do_add_mount()
[PATCH] switch mtd and dm-table to lookup_bdev()
[patch 3/4] vfs: remove unused nameidata argument of may_create()
[PATCH] devpts: switch to IDA
[PATCH 2/2] proc: switch inode number allocation to IDA
[PATCH 1/2] proc: fix inode number bogorithmetic
[PATCH] fix bdev leak in block_dev.c do_open()
[PATCH] fix races and leaks in vfs_quota_on() users
[PATCH] clean dup2() up a bit
[PATCH] merge locate_fd() and get_unused_fd()
[PATCH] ipv4_static_sysctl_init() should be under CONFIG_SYSCTL
Re: BUG at security/selinux/avc.c:883 (was: Re: linux-next: Tree -
* 'audit.b54' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
[PATCH] Fix the bug of using AUDIT_STATUS_RATE_LIMIT when set fail, no error output.
[PATCH] Fix the kernel panic of audit_filter_task when key field is set
Re: [PATCH] the loginuid field should be output in all AUDIT_CONFIG_CHANGE audit messages
kernel/audit.c control character detection is off-by-one
[PATCH] Audit: Collect signal info when SIGUSR2 is sent to auditd -
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/drzeus/mmc:
au1xmmc: raise segment size limit.
mmc_block: use proper sg iterators
mmc: properly iterate over sg list in debug check
mmc_test: Revert "mmc_test: test oversized sg lists"
sdhci: check correct return value
sdhci: disable DMA for req, not completely
sdhci: handle bug in JMB38x for sizes < 4 bytes -
* 'reg-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lrg/voltage-2.6:
regulator: TI bq24022 Li-Ion Charger driver
regulator: maintainers - add maintainers for regulator framework.
regulator: documentation - ABI
regulator: documentation - machine
regulator: documentation - regulator driver
regulator: documentation - consumer interface
regulator: documentation - overview
regulator: core kbuild files
regulator: regulator test harness
regulator: add support for fixed regulators.
regulator: regulator framework core
regulator: fixed regulator interface
regulator: machine driver interface
regulator: regulator driver interface
regulator: consumer device interface -
…/security-testing-2.6
* 'hotfixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6:
SELinux: /proc/mounts should show what it can -
* git://git.infradead.org/battery-2.6:
power_supply: Sharp SL-6000 (tosa) batteries support
power_supply: fix up CHARGE_COUNTER output to be more precise
power_supply: add CHARGE_COUNTER property and olpc_battery support for it
power_supply: bump EC version check that we refuse to run with in olpc_battery
power_supply: cleanup of the OLPC battery driver
power_supply: add eeprom dump file to olpc_battery's sysfs
power_supply: Support serial number in olpc_battery -
* git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6: (28 commits)
mm/hugetlb.c must #include
video: Fix up hp6xx driver build regressions.
sh: defconfig updates.
sh: Kill off stray mach-rsk7203 reference.
serial: sh-sci: Fix up SH7760/SH7780/SH7785 early printk regression.
sh: Move out individual boards without mach groups.
sh: Make sure AT_SYSINFO_EHDR is exposed to userspace in asm/auxvec.h.
sh: Allow SH-3 and SH-5 to use common headers.
sh: Provide common CPU headers, prune the SH-2 and SH-2A directories.
sh/maple: clean maple bus code
sh: More header path fixups for mach dir refactoring.
sh: Move out the solution engine headers to arch/sh/include/mach-se/
sh: I2C fix for AP325RXA and Migo-R
sh: Shuffle the board directories in to mach groups.
sh: dma-sh: Fix up dreamcast dma.h mach path.
sh: Switch KBUILD_DEFCONFIG to shx3_defconfig.
sh: Add ARCH_DEFCONFIG entries for sh and sh64.
sh: Fix compile error of Solution Engine
sh: Proper __put_user_asm() size mismatch fix.
sh: Stub in a dummy ENTRY_OFFSET for uImage offset calculation.
... -
…git/tip/linux-2.6-tip
* 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:
generic, x86: fix add iommu_num_pages helper function
x86: remove stray <6> in BogoMIPS printk
x86: move dma32_reserve_bootmem() after reserve_crashkernel() -
* 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6:
[S390] qeth: avoid use of include/asm-s390
[S390] dont use kthread for smp_rescan_cpus().
[S390] virtio console: fix section mismatch warning.
[S390] cio: Include linux/string.h in schid.h.
[S390] qdio: fix section mismatch bug.
[S390] stp: fix section mismatch warning.
[S390] Remove diag 0x260 call from memory detection.
[S390] qdio: make sure qdr is aligned to page size
[S390] Add support for memory hot-remove.
[S390] Wire up new syscalls.
[S390] cio: Memory allocation for idset changed.
[S390] qeth: preallocated qeth header for hiper socket
[S390] Optimize storage key operations for anon pages
[S390] nohz/sclp: disable timer on synchronous waits.
[S390] ipl: Reboot from alternate device does not work when booting from file
[S390] dasd: Add support for enhanced VM UID
[S390] Remove last P390 trace. -
Raise the DMA block size limit from 2048 bytes to the maximum supported
by the DMA controllers on the chip (64KB on Au1100, 4MB on Au1200).This gives a very small performance boost and apparently fixes an oops
when MMC-DMA and network traffic are active at the same time.Signed-off-by: Manuel Lauss
Signed-off-by: Pierre Ossman -
Signed-off-by: Pierre Ossman
-
Signed-off-by: Pierre Ossman
-
This reverts commit 48b5352ea1891455eb8e824cf7d92f66931a090f. Oversized
sg lists are not allowed anymore, and the core even checks for them in
debug mode, so this test is entirely incorrect.Signed-off-by: Pierre Ossman
-
Fix a copy-and-paste error.
Signed-off-by: Pierre Ossman
-
The wrong flag was manipulated when an invalid sg list was given, turning
off DMA on the next (and all subsequent) request instead of the current
one.Signed-off-by: Pierre Ossman
-
Signed-off-by: Pierre Ossman
-
When the "status_get->mask" is "AUDIT_STATUS_RATE_LIMIT || AUDIT_STATUS_BACKLOG_LIMIT".
If "audit_set_rate_limit" fails and "audit_set_backlog_limit" succeeds, the "err" value
will be greater than or equal to 0. It will miss the failure of rate set.Signed-off-by: Zhang Xiliang
Acked-by: Eric Paris
Signed-off-by: Al Viro -
When calling audit_filter_task(), it calls audit_filter_rules() with audit_context is NULL.
If the key field is set, the result in audit_filter_rules() will be set to 1 and
ctx->filterkey will be set to key.
But the ctx is NULL in this condition, so kernel will panic.Signed-off-by: Zhang Xiliang
Signed-off-by: Al Viro -
> shouldn't these be using the "audit_get_loginuid(current)" and if we
> are going to output loginuid we also should be outputting sessionidThanks for your detailed explanation.
I have made a new patch for outputing "loginuid" and "sessionid" by audit_get_loginuid(current) and audit_get_sessionid(current).
If there are some deficiencies, please give me your indication.Signed-off-by: Zhang Xiliang
Signed-off-by: Al Viro -
Hello,
According to my understanding there is an off-by-one bug in the
function:audit_string_contains_control()
in:
kernel/audit.c
Patch is included.
I do not know from how many places the function is called from, but for
example, SELinux Access Vector Cache tries to log untrusted filenames via
call path:avc_audit()
audit_log_untrustedstring()
audit_log_n_untrustedstring()
audit_string_contains_control()If audit_string_contains_control() detects control characters, then the
string is hex-encoded. But the hex=0x7f dec=127, DEL-character, is not
detected.I guess this could have at least some minor security implications, since a
user can create a filename with 0x7f in it, causing logged filename to
possibly look different when someone reads it on the terminal.Signed-off-by: Vesa-Matti Kari
Signed-off-by: Al Viro -
Makes the kernel audit subsystem collect information about the sending
process when that process sends SIGUSR2 to the userspace audit daemon.
SIGUSR2 is a new interesting signal to auditd telling auditd that it
should try to start logging to disk again and the error condition which
caused it to stop logging to disk (usually out of space) has been
rectified.Signed-off-by: Eric Paris
Signed-off-by: Al Viro
01 Aug, 2008
13 commits
-
Signed-off-by: Al Viro
-
No need to open-code it...
Signed-off-by: Al Viro
-
Signed-off-by: Miklos Szeredi
Signed-off-by: Al Viro -
Devpts code wants just numbers for tty indexes.
Signed-off-by: Alexey Dobriyan
Signed-off-by: Al Viro -
proc doesn't use "associate pointer with id" feature of IDR, so switch
to IDA.NOTE, NOTE, NOTE:
Do not apply if release_inode_number() still mantions MAX_ID_MASK!Signed-off-by: Alexey Dobriyan
Signed-off-by: Al Viro -
Id which proc gets from IDR for inode number and id which proc removes
from IDR do not match. E.g. 0x11a transforms into 0x8000011a.Which stayed unnoticed for a long time because, surprise, idr_remove()
masks out that high bit before doing anything.All of this due to "| ~MAX_ID_MASK" in release_inode_number().
I still don't understand how it's supposed to work, because "| ~MASK"
is not an inversion for "& MAX" operation.So, use just one nice, working addition. Make start offset unsigned int,
while I'm at it. It's longness is not used anywhere.Signed-off-by: Alexey Dobriyan
Signed-off-by: Al Viro -
Callers expect it to drop reference to bdev on all failure exits.
Signed-off-by: Al Viro
-
* new helper: vfs_quota_on_path(); equivalent of vfs_quota_on() sans the
pathname resolution.
* callers of vfs_quota_on() that do their own pathname resolution and
checks based on it are switched to vfs_quota_on_path(); that way we
avoid the races.
* reiserfs leaked dentry/vfsmount references on several failure exits.Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
New primitive: alloc_fd(start, flags). get_unused_fd() and
get_unused_fd_flags() become wrappers on top of it.Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
for July 17: early crash on x86-64)
SELinux needs MAY_APPEND to be passed down to the security hook.
Otherwise, we get permission denials when only append permission is
granted by policy even if the opening process specified O_APPEND.
Shows up as a regression in the ltp selinux testsuite, fixed by
this patch.Signed-off-by: Stephen Smalley
Signed-off-by: Al Viro -
Signed-off-by: Andrew Morton
Signed-off-by: David Woodhouse
