21 Jun, 2006
1 commit
-
* 'audit.b21' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (25 commits)
[PATCH] make set_loginuid obey audit_enabled
[PATCH] log more info for directory entry change events
[PATCH] fix AUDIT_FILTER_PREPEND handling
[PATCH] validate rule fields' types
[PATCH] audit: path-based rules
[PATCH] Audit of POSIX Message Queue Syscalls v.2
[PATCH] fix se_sen audit filter
[PATCH] deprecate AUDIT_POSSBILE
[PATCH] inline more audit helpers
[PATCH] proc_loginuid_write() uses simple_strtoul() on non-terminated array
[PATCH] update of IPC audit record cleanup
[PATCH] minor audit updates
[PATCH] fix audit_krule_to_{rule,data} return values
[PATCH] add filtering by ppid
[PATCH] log ppid
[PATCH] collect sid of those who send signals to auditd
[PATCH] execve argument logging
[PATCH] fix deadlocks in AUDIT_LIST/AUDIT_LIST_RULES
[PATCH] audit_panic() is audit-internal
[PATCH] inotify (5/5): update kernel documentation
...Manual fixup of conflict in unclude/linux/inotify.h
20 Jun, 2006
1 commit
-
In this implementation, audit registers inotify watches on the parent
directories of paths specified in audit rules. When audit's inotify
event handler is called, it updates any affected rules based on the
filesystem event. If the parent directory is renamed, removed, or its
filesystem is unmounted, audit removes all rules referencing that
inotify watch.To keep things simple, this implementation limits location-based
auditing to the directory entries in an existing directory. Given
a path-based rule for /foo/bar/passwd, the following table applies:passwd modified -- audit event logged
passwd replaced -- audit event logged, rules list updated
bar renamed -- rule removed
foo renamed -- untracked, meaning that the rule now applies to
the new locationAudit users typically want to have many rules referencing filesystem
objects, which can significantly impact filtering performance. This
patch also adds an inode-number-based rule hash to mitigate this
situation.The patch is relative to the audit git tree:
http://kernel.org/git/?p=linux/kernel/git/viro/audit-current.git;a=summary
and uses the inotify kernel API:
http://lkml.org/lkml/2006/6/1/145Signed-off-by: Amy Griffis
Signed-off-by: Al Viro
30 May, 2006
1 commit
-
With this patch, "root=mtd3" and "root=mtd:foo" work for a JFFS2 rootfs.
Signed-off-by: Joern Engel
16 May, 2006
3 commits
-
Signed-off-by: David Woodhouse
-
When we fail to mount from a valid root device list out the filesystems we
have tried to mount it with. This gives the user vital diagnostics as to
what is missing from their kernel.For example in the fragment below the kernel does not have CRAMFS compiled
into the kernel and yet appears to recognise it at the RAMDISK detect
stage. Later the mount fails as we don't have the filesystem.RAMDISK: cramfs filesystem found at block 0
RAMDISK: Loading 1604KiB [1 disk] into ram disk... done.
XFS: bad magic number
XFS: SB validate failed
No filesystem could mount root, tried: reiserfs ext3 ext2 msdos vfat
iso9660 jfs xfs
Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(8,1)Signed-off-by: Andy Whitcroft
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Copy the filenames of hardlinks when inserting them into the hash, since
the "name" pointer may point to scratch space (name_buf). Not doing so
results in corruption if the scratch space is later overwritten: the wrong
file may be hardlinked, or, if the scratch space contains garbage, the link
will fail and a 0-byte file will be created instead.Signed-off-by: Mark Huang
Acked-by: Al Viro
Cc: "H. Peter Anvin"
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
09 May, 2006
1 commit
-
This was already a bad plan when I argued against adding it in the first
place. Good riddance.Signed-off-by: David Woodhouse
02 May, 2006
1 commit
-
Suppress the initcall-return-value warnings unless initcall_debug was
specified.They do find bugs, but they're extremely small ones and as Andi points out,
people get distressed.Cc: Andi Kleen
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
19 Apr, 2006
1 commit
-
Signed-off-by: Andi Kleen
Signed-off-by: Linus Torvalds
11 Apr, 2006
1 commit
-
Move the DOUBLEFAULT option from the top-level menu to the EMBEDDED menu.
Only applicable to X86_32.Signed-off-by: Randy Dunlap
Signed-off-by: Adrian Bunk
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
29 Mar, 2006
1 commit
-
replaces for_each_cpu with for_each_possible_cpu().
Signed-off-by: KAMEZAWA Hiroyuki
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
27 Mar, 2006
4 commits
-
* git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivial:
drivers/char/ftape/lowlevel/fdc-io.c: Correct a comment
Kconfig help: MTD_JEDECPROBE already supports Intel
Remove ugly debugging stuff
do_mounts.c: Minor ROOT_DEV comment cleanup
BUG_ON() Conversion in drivers/s390/block/dasd_devmap.c
BUG_ON() Conversion in mm/mempool.c
BUG_ON() Conversion in mm/memory.c
BUG_ON() Conversion in kernel/fork.c
BUG_ON() Conversion in ipc/sem.c
BUG_ON() Conversion in fs/ext2/
BUG_ON() Conversion in fs/hfs/
BUG_ON() Conversion in fs/dcache.c
BUG_ON() Conversion in fs/buffer.c
BUG_ON() Conversion in input/serio/hp_sdc_mlc.c
BUG_ON() Conversion in md/dm-table.c
BUG_ON() Conversion in md/dm-path-selector.c
BUG_ON() Conversion in drivers/isdn
BUG_ON() Conversion in drivers/char
BUG_ON() Conversion in drivers/mtd/ -
I noticed that after boot with an initrd in 2.6.16 the rootfs had:
--w-r-xr-T 1 root root 6241141 Jan 1 1970 initrd.image
Which is caused by a small typo:
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Since the addition of boot_cpu_init(), fixup_cpu_present_map() has been a
no-op. That's because fixup_cpu_present_map() won't touch cpu_present_map if
it has any bits set, and boot_cpu_init() sets a bit.So remove fixup_cpu_present_map().
A consequence of this (actually of the boot_cpu_init() change) is that the
architecture _must_ populate cpu_present_map itself (probably in
smp_prepare_cpus()). fixup_cpu_present_map() won't do it any more.If the architecture doesn't do this, it'll only bring up a single CPU.
The other side effect (though less serious) is that smp_prepare_boot_cpu() no
longer needs to mark the boot cpu in the online and present maps -
boot_cpu_init() does that for everyone (to make early printks work).Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The ROOT_DEV comment is no longer accurate, it now seems to be
initialized in init/do_mounts.c.Signed-off-by: Florin Malita
Signed-off-by: Adrian Bunk
26 Mar, 2006
5 commits
-
* master.kernel.org:/pub/scm/linux/kernel/git/sam/kbuild: (46 commits)
kbuild: remove obsoleted scripts/reference_* files
kbuild: fix make help & make *pkg
kconfig: fix time ordering of writes to .kconfig.d and include/linux/autoconf.h
Kconfig: remove the CONFIG_CC_ALIGN_* options
kbuild: add -fverbose-asm to i386 Makefile
kbuild: clean-up genksyms
kbuild: Lindent genksyms.c
kbuild: fix genksyms build error
kbuild: in makefile.txt note that Makefile is preferred name for kbuild files
kbuild: replace PHONY with FORCE
kbuild: Fix bug in crc symbol generating of kernel and modules
kbuild: change kbuild to not rely on incorrect GNU make behavior
kbuild: when warning symbols exported twice now tell user this is the problem
kbuild: fix make dir/file.xx when asm symlink is missing
kbuild: in the section mismatch check try harder to find symbols
kbuild: fix section mismatch check for unwind on IA64
kbuild: kill false positives from section mismatch warnings for powerpc
kbuild: kill trailing whitespace in modpost & friends
kbuild: small update of allnoconfig description
kbuild: make namespace.pl CROSS_COMPILE happy
...Trivial conflict in arch/ppc/boot/Makefile manually fixed up
-
Initramfs initrd images do not need a ramdisk device, so remove this
restriction in Kconfig. BLK_DEV_RAM=n saves about 13k on i386. Also
without ramdisk device there's no need for "dry run", so initramfs unpacks
much faster.People using cramfs, squashfs, or gzipped ext2/minix initrd images are
probably smart enough not to turn off ramdisk support by accident.Cc: Al Viro
Cc: Christoph Hellwig
Cc: "H. Peter Anvin"
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
This patch adds a proper prototype for setup_arch() in init.h.
This patch is based on a patch by Ben Dooks .
Signed-off-by: Adrian Bunk
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
We presently ignore the return values from initcalls. But that can carry
useful debugging information. So print it out if it's non-zero.It turns out the -ENODEV happens quite a lot, due to built-in drivers which
have no hardware to drive. So suppress that unless initcall_debug was
specified.Also make the warning message more friendly by printing the name of the
initcall function.Also drop the KERN_DEBUG from the initcall_debug message. If we specified
inticall_debug then we obviously want to see the messages.Acked-by: Paul Jackson
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
MODULE_PARM was actually breaking: recent gcc version optimize them out as
unused. It's time to replace the last users, which are generally in the
most unloved drivers anyway.Signed-off-by: Rusty Russell
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
24 Mar, 2006
2 commits
-
The meaning of MS_VERBOSE is backwards; if the bit is set, it really means,
"don't be verbose". This is confusing and counter-intuitive.In addition, there is also no way to set the MS_VERBOSE flag in the
mount(8) program in util-linux, but interesting, it does define options
which would do the right thing if MS_SILENT were defined, which
unfortunately we do not:#ifdef MS_SILENT
{ "quiet", 0, 0, MS_SILENT }, /* be quiet */
{ "loud", 0, 1, MS_SILENT }, /* print out messages. */
#endifSo the obvious fix is to deprecate the use of MS_VERBOSE and replace it
with MS_SILENT.Signed-off-by: "Theodore Ts'o"
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Original patch from Paul Mundt, sysfs parts removed by me since they
were broken.Signed-off-by: Jens Axboe
23 Mar, 2006
4 commits
-
Now CONFIG_DEBUG_INITDATA is in, initial percpu data
[__per_cpu_start,__per_cpu_end] can be declared as a redzone, and invalid
accesses after boot can be detected, at least for i386.We can let non possible cpus percpu data point to this 'redzone' instead of
NULL .NULL was not a good choice because part of [0..32768] memory may be
readable and invalid accesses may happen unnoticed.If CONFIG_DEBUG_INITDATA is not defined, each non possible cpu points to
the initial percpu data (__per_cpu_offset[cpu] == 0), thus invalid accesses
wont be detected/crash.This patch also moves __per_cpu_offset[] to read_mostly area to avoid false
sharing.Signed-off-by: Eric Dumazet
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
percpu_data blindly allocates bootmem memory to store NR_CPUS instances of
cpudata, instead of allocating memory only for possible cpus.This patch saves ram, allocating num_possible_cpus() (instead of NR_CPUS)
instances.Signed-off-by: Eric Dumazet
Acked-by: "David S. Miller"
Cc: James Bottomley
Cc: Jens Axboe
Acked-by: Ingo Molnar
Cc: Jens Axboe
Cc: Anton Blanchard
Acked-by: William Irwin
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
This patch introduces a user space interface for swsusp.
The interface is based on a special character device, called the snapshot
device, that allows user space processes to perform suspend and resume-related
operations with the help of some ioctls and the read()/write() functions.
Additionally it allows these processes to allocate free swap pages from a
selected swap partition, called the resume partition, so that they know which
sectors of the resume partition are available to them.The interface uses the same low-level system memory snapshot-handling
functions that are used by the built-it swap-writing/reading code of swsusp.The interface documentation is included in the patch.
The patch assumes that the major and minor numbers of the snapshot device will
be 10 (ie. misc device) and 231, the registration of which has already been
requested.Signed-off-by: Rafael J. Wysocki
Acked-by: Pavel Machek
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Register the boot-cpu in the cpu maps earlier to allow the early printk to
work, and to fix an obscure deadlock at boot.Signed-off-by: Stas Sergeev
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
13 Mar, 2006
1 commit
-
I don't see any use case for the CONFIG_CC_ALIGN_* options:
- they are only available if EMBEDDED
- people using EMBEDDED will most likely also enable
CC_OPTIMIZE_FOR_SIZE
- the default for -Os is to disable alignmentIn case someone is doing performance comparisons and discovers that the
default settings gcc chooses aren't good, the only sane thing is to discuss
whether it makes sense to change this, not through offering options to change
this locally.Signed-off-by: Adrian Bunk
Signed-off-by: Andrew Morton
Signed-off-by: Sam Ravnborg
11 Feb, 2006
2 commits
-
Remove bogus comment from init function which could lead to the assumption
that cpu_possible_map is setup in smp_prepare_cpus().Signed-off-by: Heiko Carstens
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
It is possible that the reserved crashkernel region can be overlapped with
initrd since the bootloader sets the initrd location. When the initrd
region is freed, the second kernel memory will not be contiguous. The
Kexec_load can cause an oops since there is no contiguous memory to write
the second kernel or this memory could be used in the first kernel itself
and may not be part of the dump. For example, on powerpc, the initrd is
located at 36MB and the crashkernel starts at 32MB. The kexec_load caused
panic since writing into non-allocated memory (after 36MB). We could see
the similar issue even on other archs.One possibility is to move the initrd outside of crashkernel region. But,
the initrd region will be freed anyway before the system is up. This patch
fixes this issue and frees only regions that are not part of crashkernel
memory in case overlaps.Signed-off-by: Haren Myneni
Acked-by: "Eric W. Biederman"
Cc: Vivek Goyal
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
08 Feb, 2006
1 commit
-
Make SELinux depend on AUDIT as it requires the basic audit support to log
permission denials at all. Note that AUDITSYSCALL remains optional for
SELinux, although it can be useful in providing further information upon
denials.Signed-off-by: Stephen Smalley
Acked-by: James Morris
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
04 Feb, 2006
1 commit
-
Do not allow people to create configurations with CONFIG_BROKEN=y.
The sole reason for CONFIG_BROKEN=y would be if you are working on fixing a
broken driver, but in this case editing the Kconfig file is trivial.Never ever should a user enable CONFIG_BROKEN.
Signed-off-by: Adrian Bunk
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
17 Jan, 2006
1 commit
-
Build kernel/intermodule.c only when required.
Signed-off-by: Adrian Bunk
Cc: Sam Ravnborg
Cc: David Woodhouse
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
16 Jan, 2006
1 commit
15 Jan, 2006
2 commits
-
After abandon-gcc-295x.patch, this relocates the error-out-early comment.
Signed-off-by: Coywolf Qi Hunt
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Trivial spelling fix s/socalled/so called/
Signed-off-by: Jesper Juhl
Signed-off-by: Adrian Bunk
12 Jan, 2006
1 commit
-
It has no business being elsewhere and x86-64 doesn't need/want it.
Signed-off-by: Andi Kleen
Signed-off-by: Linus Torvalds
11 Jan, 2006
2 commits
-
hrtimer subsystem core. It is initialized at bootup and expired by the timer
interrupt, but is otherwise not utilized by any other subsystem yet.Signed-off-by: Thomas Gleixner
Signed-off-by: Ingo Molnar
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
It seems the "make UID16 support optional" patch was checked when it
edited the -tiny tree some time ago, but it wasn't checked whether it
still matches the current situation when it was submitted for inclusion
in -mm. This patch fixes the following bugs:
- ARCH_S390X does no longer exist, nowadays this has to be expressed
through (S390 && 64BIT)
- in five architecture specific Kconfig files the UID16 options
weren't removedAdditionally, it changes the fragile negative dependencies of UID16 to
positive dependencies (new architectures are more likely to not require
UID16 support).Signed-off-by: Adrian Bunk
Acked-by: Matt Mackall
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
09 Jan, 2006
2 commits
-
This adds an option to remove vm86 support under CONFIG_EMBEDDED. Saves
about 5k.This version eliminates most of the #ifdefs of the previous version and
instead uses function stubs in vm86.h. Also, release_vm86_irqs is moved
from asm-i386/irq.h to a more appropriate home in vm86.h so that the stubs
can live together.$ size vmlinux-baseline vmlinux-novm86
text data bss dec hex filename
2920821 523232 190652 3634705 377611 vmlinux-baseline
2916268 523100 190492 3629860 376324 vmlinux-novm86Signed-off-by: Matt Mackall
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
configurable support for ELF core dumps
text data bss dec hex filename
3330172 529036 190556 4049764 3dcb64 vmlinux-baseline
3325552 528912 190556 4045020 3db8dc vmlinux-no-elfadd/remove: 0/8 grow/shrink: 0/0 up/down: 0/-4424 (-4424)
function old new delta
fill_note 32 - -32
maydump 58 - -58
dump_seek 67 - -67
writenote 180 - -180
elf_dump_thread_status 274 - -274
fill_psinfo 308 - -308
fill_prstatus 466 - -466
elf_core_dump 3039 - -3039Signed-off-by: Matt Mackall
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
