Patrick McHardy [Tue, 2 May 2006 21:23:07 +0000 (23:23 +0200)]
[NETFILTER] SCTP conntrack: fix infinite loop
fix infinite loop in the SCTP-netfilter code: check SCTP chunk size to
guarantee progress of for_each_sctp_chunk(). (all other uses of
for_each_sctp_chunk() are preceded by do_basic_checks(), so this fix
should be complete.)
Based on patch from Ingo Molnar <mingo@elte.hu>
CVE-2006-1527
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] via-rhine: zero pad short packets on Rhine I ethernet cards
Fixes Rhine I cards disclosing fragments of previously transmitted frames
in new transmissions.
Before transmission, any socket buffer (skb) shorter than the ethernet
minimum length of 60 bytes was zero-padded. On Rhine I cards the data can
later be copied into an aligned transmission buffer without copying this
padding. This resulted in the transmission of the frame with the extra
bytes beyond the provided content leaking the previous contents of this
buffer on to the network.
Now zero-padding is repeated in the local aligned buffer if one is used.
Following a suggestion from the via-rhine maintainer, no attempt is made
here to avoid the duplicated effort of padding the skb if it is known that
an aligned buffer will definitely be used. This is to make the change
"obviously correct" and allow it to be applied to a stable kernel if
necessary. There is no change to the flow of control and the changes are
only to the Rhine I code path.
The patch has run on an in-service Rhine-I host without incident. Frames
shorter than 60 bytes are now correctly zero-padded when captured on a
separate host. I see no unusual stats reported by ifconfig, and no unusual
log messages.
Signed-off-by: Craig Brind <craigbrind@gmail.com> Signed-off-by: Roger Luethi <rl@hellgate.ch> Cc: Jeff Garzik <jeff@garzik.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
Olaf Hering [Fri, 28 Apr 2006 01:23:49 +0000 (18:23 -0700)]
[PATCH] mv643xx_eth: provide sysfs class device symlink
On Sat, Mar 11, Olaf Hering wrote:
> Why is the /sys/class/net/eth0/device symlink not created for the
> mv643xx_eth driver? Does this work for other platform device drivers?
> Seems to work for the ps2 keyboard at least.
The SET_NETDEV_DEV has to be done before a call to register_netdev. With
the new patch below, the device symlink for the platform device was
created. Unfortunately, after the 4 ls commands, the network connection
died. No idea if the box crashed or if something else broke, lost remote
access.
Provide sysfs 'device' in /class/net/ethN Also, set module owner field,
like pcnet32 driver does.
Signed-off-by: Olaf Hering <olh@suse.de> Acked-by: Dale Farnsworth <dale@farnsworth.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Jeff Garzik <jeff@garzik.org>
Jens Axboe [Tue, 2 May 2006 13:03:27 +0000 (15:03 +0200)]
[PATCH] splice: fix page LRU accounting
Currently we rely on the PIPE_BUF_FLAG_LRU flag being set correctly
to know whether we need to fiddle with page LRU state after stealing it,
however for some origins we just don't know if the page is on the LRU
list or not.
So remove PIPE_BUF_FLAG_LRU and do this check/add manually in pipe_to_file()
instead.
Jens Axboe [Tue, 2 May 2006 10:57:18 +0000 (12:57 +0200)]
[PATCH] vmsplice: fix badly placed end paranthesis
We need to use the minium of {len, PAGE_SIZE-off}, not {len, PAGE_SIZE}-off.
The latter doesn't make any sense, and could cause us to attempt negative
length transfers...
Linus Torvalds [Tue, 2 May 2006 04:43:05 +0000 (21:43 -0700)]
Merge branch 'audit.b10' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b10' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
[PATCH] Audit Filter Performance
[PATCH] Rework of IPC auditing
[PATCH] More user space subject labels
[PATCH] Reworked patch for labels on user space messages
[PATCH] change lspp ipc auditing
[PATCH] audit inode patch
[PATCH] support for context based audit filtering, part 2
[PATCH] support for context based audit filtering
[PATCH] no need to wank with task_lock() and pinning task down in audit_syscall_exit()
[PATCH] drop task argument of audit_syscall_{entry,exit}
[PATCH] drop gfp_mask in audit_log_exit()
[PATCH] move call of audit_free() into do_exit()
[PATCH] sockaddr patch
[PATCH] deal with deadlocks in audit_free()
struct xt_standard_target
{
struct xt_entry_target target;
int verdict;
};
xt_entry_target contains a pointer, so when compiled for 64 bit the
structure gets an extra 4 byte of padding at the end. On 32 bit
architectures where iptables aligns to 8 byte it will also have 4
byte padding at the end because it is only 36 bytes large.
The compat_ipt_standard_fn in the kernel adjusts the offsets by
which will always result in 4, even if the structure from userspace
was already padded to a multiple of 8. On x86 this works out by
accident because userspace only aligns to 4, on all other
architectures this is broken and causes incorrect adjustments to
the size and following offsets.
Thanks to Linus for lots of debugging help and testing.
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Linus Torvalds [Tue, 2 May 2006 01:33:40 +0000 (18:33 -0700)]
Merge branch 'splice' of git://brick.kernel.dk/data/git/linux-2.6-block
* 'splice' of git://brick.kernel.dk/data/git/linux-2.6-block:
[PATCH] vmsplice: allow user to pass in gift pages
[PATCH] pipe: enable atomic copying of pipe data to/from user space
[PATCH] splice: call handle_ra_miss() on failure to lookup page
[PATCH] Add ->splice_read/splice_write to def_blk_fops
[PATCH] pipe: introduce ->pin() buffer operation
[PATCH] splice: fix bugs in pipe_to_file()
[PATCH] splice: fix bugs with stealing regular pipe pages
Linus Torvalds [Tue, 2 May 2006 01:26:31 +0000 (18:26 -0700)]
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband:
IB/ipath: tidy up white space in a few files
IB/ipath: fix label name in interrupt handler
IB/ipath: improve sparse annotation
IB/ipath: simplify IB timer usage
IB/ipath: simplify RC send posting
IB/ipath: prevent hardware from being accessed during reset
IB/ipath: fix verbs registration
IB/ipath: change handling of PIO buffers
IB/ipath: iterate over correct number of ports during reset
IB/ipath: set up 32-bit DMA mask if 64-bit setup fails
IB/ipath: fix race with exposing reset file
IB/mthca: Fix offset in query_gid method
Shaohua Li [Mon, 1 May 2006 19:16:19 +0000 (12:16 -0700)]
[PATCH] timer TSC check suspend notifier change
At suspend time, the TSC CPUFREQ_SUSPENDCHANGE notifier change might
wrongly enable interrupt. cpufreq driver suspend/resume is in interrupt
disabled environment.
Signed-off-by: Shaohua Li <shaohua.li@intel.com> Cc: Pavel Machek <pavel@ucw.cz> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
The PC Speaker driver's ->probe() routine doesn't even get called in the
64-bit kernels. The reason for that is that the arch code apparently has
to explictly add a "pcspkr" platform device in order for the driver core to
call the ->probe() routine. arch/i386/kernel/setup.c unconditionally adds
a "pcspkr" device, but the x86_64 kernel has no code at all related to the
PC Speaker.
The patch below copies the relevant code from i386 to x86_64, which makes
the PC Speaker work for me on x86_64.
Atsushi Nemoto [Mon, 1 May 2006 19:16:17 +0000 (12:16 -0700)]
[PATCH] genrtc: fix read on 64-bit platforms
Fix genrtc's read() routine for 64-bit platforms. Current gen_rtc_read()
stores 64bit integer and returns 8 even if an user tried to read a 32bit
integer.
Atsushi Nemoto [Mon, 1 May 2006 19:16:16 +0000 (12:16 -0700)]
[PATCH] RTC: rtc-dev tweak for 64-bit kernel
Make rtc-dev work well on 64-bit platforms with 32-bit userland. On those
platforms, users might try to read 32-bit integer value. This patch make
rtc-dev's read() work well for both "int" and "long" size. This tweak is came
from genrtc driver.
Heiko Carstens [Mon, 1 May 2006 19:16:14 +0000 (12:16 -0700)]
[PATCH] s390: fix ipd handling
As pointed out by Paulo Marques <pmarques@grupopie.com> MAX_IPD_TIME is by
a factor of ten too small. Since this means that we allow ten times more
IPDs in the intended time frame this could result in a cpu check stop of a
physical cpu.
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Jeremy Kerr [Mon, 1 May 2006 19:16:12 +0000 (12:16 -0700)]
[PATCH] powerpc: Allow devices to register with numa topology
Change of_node_to_nid() to traverse the device tree, looking for a numa id.
Cell uses this to assign ids to SPUs, which are children of the CPU node.
Existing users of of_node_to_nid() are altered to use of_node_to_nid_single(),
which doesn't do the traversal.
Export an attach_sysdev_to_node() function, allowing system devices (eg.
SPUs) to link themselves into the numa topology in sysfs.
Signed-off-by: Arnd Bergmann <arnd.bergmann@de.ibm.com> Cc: Paul Mackerras <paulus@samba.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Joel H Schopp [Mon, 1 May 2006 19:16:11 +0000 (12:16 -0700)]
[PATCH] spufs: fix for CONFIG_NUMA
Based on an older patch from Mike Kravetz <kravetz@us.ibm.com>
We need to have a mem_map for high addresses in order to make fops->no_page
work on spufs mem and register files. So far, we have used the
memory_present() function during early bootup, but that did not work when
CONFIG_NUMA was enabled.
We now use the __add_pages() function to add the mem_map when loading the
spufs module, which is a lot nicer.
Signed-off-by: Arnd Bergmann <arnd.bergmann@de.ibm.com> Cc: Paul Mackerras <paulus@samba.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Pat Gefre [Mon, 1 May 2006 19:16:08 +0000 (12:16 -0700)]
[PATCH] Altix: correct ioc3 port order
Currently loading the ioc3 as a module will cause the ports to be numbered
in reverse order. This mod maintains the proper order of cards for port
numbering.
Signed-off-by: Patrick Gefre <pfg@sgi.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] page migration: Fix fallback behavior for dirty pages
Currently we check PageDirty() in order to make the decision to swap out
the page. However, the dirty information may be only be contained in the
ptes pointing to the page. We need to first unmap the ptes before checking
for PageDirty(). If unmap is successful then the page count of the page
will also be decreased so that pageout() works properly.
This is a fix necessary for 2.6.17. Without this fix we may migrate dirty
pages for filesystems without migration functions. Filesystems may keep
pointers to dirty pages. Migration of dirty pages can result in the
filesystem keeping pointers to freed pages.
Unmapping is currently not be separated out from removing all the
references to a page and moving the mapping. Therefore try_to_unmap will
be called again in migrate_page() if the writeout is successful. However,
it wont do anything since the ptes are already removed.
The coming updates to the page migration code will restructure the code
so that this is no longer necessary.
Signed-off-by: Christoph Lameter <clameter@sgi.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Blaisorblade's uml-makefile-nicer makes a V=0 build say SYMLINK where
what's happening is really a LINK.
Signed-off-by: Jeff Dike <jdike@addtoit.com> Acked-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
GCC hardened introduces additional symbol refererences (for the canary and
friends), also in modules - add weak export_symbols for them. We already
tested that the weak declaration creates no problem on both GCC's providing
the function definition and on GCC's which don't provide it.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Acked-by: Jeff Dike <jdike@addtoit.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] uml: cleanup unprofile expression and build infrastructure
*) Rather than duplicate in various buggy ways the application of
CFLAGS_NO_HARDENING and UNPROFILE (which apply to the same files),
centralize it in Makefile.rules. UNPROFILE_OBJS mustn't be listed in
USER_OBJS but are compiled as such.
I've also verified that unprofile didn't work in the current form, because we
set _c_flags directly (using CFLAGS and not USER_CFLAGS, which is wrong),
which is normally used by c_flags, but we also override c_flags for all
USER_OBJS, and there we don't call unprofile.
Instead it only worked for unmap.o, the only one which wasn't a USER_OBJ.
We need to set c_flags (which is not a public Kbuild API) to clear a lot of
compilation flags like -nostdinc which Kbuild forces on everything.
*) Rather than $(CFLAGS_$(notdir $@)), which expands to CFLAGS_anObj.s when
building "anObj.s", use $(CFLAGS_$(*F).o) which always accesses
CFLAGS_anObj.o, like done by Kbuild.
*) Make c_flags apply to all targets having the same basename, rather than
listing .s, .i, .lst and .o, with the use (which I tested) of
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Acked-by: Jeff Dike <jdike@addtoit.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] uml: fix compilation and execution with hardened GCC
To make some half-assembly stubs compile, disable various "hardened" GCC
features:
*) we can't make it build PIC code as we need %ebx to do syscalls and GCC
wants it free for PIC
*) we can't leave stack protection as the stub is moved (not relocated!) in
memory so the RIP-relative access to the canary tries reading from an
unmapped address and causes a segfault, since we move the stub of various
megabytes (the exact amount will be decided at runtime) away from the
link-time address.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Acked-by: Jeff Dike <jdike@addtoit.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] uml: use Kbuild tracking for all files and fix compilation output
Move the build of user-offsets to arch/um/sys-$(SUBARCH), where it's located.
So we can also build it via Kbuild with its dependency tracking rather than by
hand. While hacking here, fix also a lot of little cosmetic things.
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Acked-by: Jeff Dike <jdike@addtoit.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Acked-by: Jeff Dike <jdike@addtoit.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Jeff Dike [Mon, 1 May 2006 19:16:00 +0000 (12:16 -0700)]
[PATCH] uml: error handling fixes
Blairsorblade noticed some confusion between our use of a system
call's return value and errno. This patch fixes a number of related
bugs -
using errno instead of a return value
using a return value instead of errno
forgetting to negate a error return to get a positive error code
Signed-off-by: Jeff Dike <jdike@addtoit.com> Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Jeff Dike [Mon, 1 May 2006 19:15:59 +0000 (12:15 -0700)]
[PATCH] uml: update defconfig
Bring defconfig up to date.
Also disable CONFIG_BLK_DEV_UBD_SYNC by default. By performing synchronous
I/O to the host, it slows things down, only protects against host crashes, and
can make a UML appear to hang while it waits for the host's disk.
Signed-off-by: Jeff Dike <jdike@addtoit.com> Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Jeff Dike [Mon, 1 May 2006 19:15:58 +0000 (12:15 -0700)]
[PATCH] uml: clean up after MADVISE_REMOVE
The MADVISE_REMOVE-checking code didn't clean up after itself.
Signed-off-by: Jeff Dike <jdike@addtoit.com> Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
A quick hack to allow skas0 mode to run on 2G/2G hosts.
Signed-off-by: Jeff Dike <jdike@addtoit.com> Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Signed-off-by: Jeff Dike <jdike@addtoit.com> Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
The patch I submitted earlier to fix disabled LAPIC handling in ACPI was
mismerged for some reason I still don't quite understand. Parts of it was
applied to the wrong function.
NeilBrown [Mon, 1 May 2006 19:15:47 +0000 (12:15 -0700)]
[PATCH] md: Fix 'rdev->nr_pending' count when retrying barrier requests
When retrying a failed BIO_RW_BARRIER request, we need to keep the reference
in ->nr_pending over the whole retry. Currently, we only hold the reference
if the failed request is the *last* one to finish - which is silly, because it
would normally be the first to finish.
So move the rdev_dec_pending call up into the didn't-fail branch. As the rdev
isn't used in the later code, calling rdev_dec_pending earlier doesn't hurt.
Signed-off-by: Neil Brown <neilb@suse.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
NeilBrown [Mon, 1 May 2006 19:15:47 +0000 (12:15 -0700)]
[PATCH] md: Improve detection of lack of barrier support in raid1
Move the test for 'do barrier work' down a bit so that if the first write to a
raid1 is a BIO_RW_BARRIER write, the checking done by superblock writes will
cause the right thing to happen.
Signed-off-by: Neil Brown <neilb@suse.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
NeilBrown [Mon, 1 May 2006 19:15:45 +0000 (12:15 -0700)]
[PATCH] md: Fixed refcounting/locking when attempting read error correction in raid10
We need to hold a reference to rdevs while reading and writing to attempt to
correct read errors. This reference must be taken under an rcu lock.
Signed-off-by: Neil Brown <neilb@suse.de> Cc: "Paul E. McKenney" <paulmck@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
NeilBrown [Mon, 1 May 2006 19:15:44 +0000 (12:15 -0700)]
[PATCH] md: Avoid oops when attempting to fix read errors on raid10
We should add to the counter for the rdev *after* checking if the rdev is
NULL!!!
Signed-off-by: Neil Brown <neilb@suse.de> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Different ipath hardware types have different numbers of buffers
available, so we decide on the counts ourselves unless we are specifically
overridden with a module parameter.
Signed-off-by: Bryan O'Sullivan <bos@pathscale.com> Signed-off-by: Roland Dreier <rolandd@cisco.com>
Jens Axboe [Mon, 1 May 2006 18:02:33 +0000 (20:02 +0200)]
[PATCH] vmsplice: allow user to pass in gift pages
If SPLICE_F_GIFT is set, the user is basically giving this pages away to
the kernel. That means we can steal them for eg page cache uses instead
of copying it.
The data must be properly page aligned and also a multiple of the page size
in length.
Jens Axboe [Mon, 1 May 2006 18:02:05 +0000 (20:02 +0200)]
[PATCH] pipe: enable atomic copying of pipe data to/from user space
The pipe ->map() method uses kmap() to virtually map the pages, which
is both slow and has known scalability issues on SMP. This patch enables
atomic copying of pipe pages, by pre-faulting data and using kmap_atomic()
instead.
lmbench bw_pipe and lat_pipe measurements agree this is a Good Thing. Here
are results from that on a UP machine with highmem (1.5GiB of RAM), running
first a UP kernel, SMP kernel, and SMP kernel patched.
Jens Axboe [Mon, 1 May 2006 17:59:03 +0000 (19:59 +0200)]
[PATCH] pipe: introduce ->pin() buffer operation
The ->map() function is really expensive on highmem machines right now,
since it has to use the slower kmap() instead of kmap_atomic(). Splice
rarely needs to access the virtual address of a page, so it's a waste
of time doing it.
Introduce ->pin() to take over the responsibility of making sure the
page data is valid. ->map() is then reduced to just kmap(). That way we
can also share a most of the pipe buffer ops between pipe.c and splice.c
Jens Axboe [Mon, 1 May 2006 17:50:48 +0000 (19:50 +0200)]
[PATCH] splice: fix bugs in pipe_to_file()
Found by Oleg Nesterov <oleg@tv-sign.ru>, fixed by me.
- Only allow full pages to go to the page cache.
- Check page != buf->page instead of using PIPE_BUF_FLAG_STOLEN.
- Remember to clear 'stolen' if add_to_page_cache() fails.
And as a cleanup on that:
- Make the bottom fall-through logic a little less convoluted. Also make
the steal path hold an extra reference to the page, so we don't have
to differentiate between stolen and non-stolen at the end.
Roland Dreier [Mon, 1 May 2006 17:40:23 +0000 (10:40 -0700)]
IB/mthca: Fix offset in query_gid method
GuidInfo records have 8 byte GUIDs in them, so an index should be
multiplied by 8 to get an offset. mthca_query_gid() was incorrectly
multiplying by 16.
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6:
[TG3]: Update version and reldate
[TG3]: Fix bug in nvram write
[TG3]: Add reset_phy parameter to chip reset functions
[TG3]: Reset chip when changing MAC address
[TG3]: Add phy workaround
[TG3]: Call netif_carrier_off() during phy reset
[IPV6]: Fix race in route selection.
[XFRM]: fix incorrect xfrm_policy_afinfo_lock use
[XFRM]: fix incorrect xfrm_state_afinfo_lock use
[TCP]: Fix unlikely usage in tcp_transmit_skb()
[XFRM]: fix softirq-unsafe xfrm typemap->lock use
[IPSEC]: Fix IP ID selection
[NET]: use hlist_unhashed()
[IPV4]: inet_init() -> fs_initcall
[NETLINK]: cleanup unused macro in net/netlink/af_netlink.c
[PKT_SCHED] netem: fix loss
[X25]: fix for spinlock recurse and spinlock lockup with timer handler
* git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
Input: make EVIOCGSND return meaningful data
Input: ressurect EVIOCGREP and EVIOCSREP
Input: psmouse - fix new device detection logic
Input: move input_device_id to mod_devicetable.h
Input: allow using several chords for braille
Input: allow passing NULL to input_free_device()
Input: spitzkbd - fix the reversed Address and Calender keys
Input: ads7846 - improve filtering for thumb press accuracy
Input: ads7846 - report 0 pressure value along with pen up event
Input: ads7846 - handle IRQs that were latched during disabled IRQs
Input: ads7846 - miscellaneous fixes
Input: ads7846 - use msleep() instead of udelay() in suspend
Input: ads7846 - debouncing and rudimentary sample filtering
Input: ads7846 - power down ADC a bit later
Input: ads7846 - add pen_down sysfs attribute
Input: wistron - add support for Fujitsu N3510
Input: wistron - add signature for Amilo M7400
* git://git.kernel.org/pub/scm/linux/kernel/git/perex/alsa: (22 commits)
[ALSA] via82xx - Use DXS_SRC as default for VIA8235/8237/8251 chips
[ALSA] hda-codec - Add model entry for ASUS Z62F
[ALSA] PCMCIA sound devices shouldn't depend on ISA
[ALSA] hda-codec - Fix capture from line-in on VAIO SZ/FE laptops
[ALSA] Fix Oops at rmmod with CONFIG_SND_VERBOSE_PROCFS=n
[ALSA] PCM core - introduce CONFIG_SND_PCM_XRUN_DEBUG
[ALSA] adding __devinitdata to pci_device_id
[ALSA] add __devinitdata to all pci_device_id
[ALSA] hda-codec - Add codec id for AD1988B codec chip
[ALSA] hda-codec - Add model entry for ASUS M9 laptop
[ALSA] pcxhr - Fix a compiler warning on 64bit architectures
[ALSA] via82xx: tweak VT8251 workaround
[ALSA] intel8x0 - Disable ALI5455 SPDIF-input
[ALSA] via82xx: add support for VIA VT8251 (AC'97)
[ALSA] Fix typos and add information about Jack support to Audiophile-Usb.txt
[ALSA] Fix double free in error path of miro driver
[ALSA] hda-codec - Add entry for Epox EP-5LDA+ GLi
[ALSA] sound/pci/: remove duplicate #include's
[ALSA] hda-codec - Use model 'hp' for all HP laptops with AD1981HD
[ALSA] continue on IS_ERR from platform device registration
...
Steve Grubb [Tue, 11 Apr 2006 12:50:56 +0000 (08:50 -0400)]
[PATCH] Audit Filter Performance
While testing the watch performance, I noticed that selinux_task_ctxid()
was creeping into the results more than it should. Investigation showed
that the function call was being called whether it was needed or not. The
below patch fixes this.
Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Steve Grubb [Sun, 2 Apr 2006 21:07:33 +0000 (17:07 -0400)]
[PATCH] Rework of IPC auditing
1) The audit_ipc_perms() function has been split into two different
functions:
- audit_ipc_obj()
- audit_ipc_set_perm()
There's a key shift here... The audit_ipc_obj() collects the uid, gid,
mode, and SElinux context label of the current ipc object. This
audit_ipc_obj() hook is now found in several places. Most notably, it
is hooked in ipcperms(), which is called in various places around the
ipc code permforming a MAC check. Additionally there are several places
where *checkid() is used to validate that an operation is being
performed on a valid object while not necessarily having a nearby
ipcperms() call. In these locations, audit_ipc_obj() is called to
ensure that the information is captured by the audit system.
The audit_set_new_perm() function is called any time the permissions on
the ipc object changes. In this case, the NEW permissions are recorded
(and note that an audit_ipc_obj() call exists just a few lines before
each instance).
2) Support for an AUDIT_IPC_SET_PERM audit message type. This allows
for separate auxiliary audit records for normal operations on an IPC
object and permissions changes. Note that the same struct
audit_aux_data_ipcctl is used and populated, however there are separate
audit_log_format statements based on the type of the message. Finally,
the AUDIT_IPC block of code in audit_free_aux() was extended to handle
aux messages of this new type. No more mem leaks I hope ;-)
Steve Grubb [Sat, 1 Apr 2006 23:29:34 +0000 (18:29 -0500)]
[PATCH] More user space subject labels
Hi,
The patch below builds upon the patch sent earlier and adds subject label to
all audit events generated via the netlink interface. It also cleans up a few
other minor things.
Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Steve Grubb [Mon, 3 Apr 2006 13:08:13 +0000 (09:08 -0400)]
[PATCH] Reworked patch for labels on user space messages
The below patch should be applied after the inode and ipc sid patches.
This patch is a reworking of Tim's patch that has been updated to match
the inode and ipc patches since its similar.
[updated:
> Stephen Smalley also wanted to change a variable from isec to tsec in the
> user sid patch. ]
Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Steve Grubb [Fri, 31 Mar 2006 20:22:49 +0000 (15:22 -0500)]
[PATCH] change lspp ipc auditing
Hi,
The patch below converts IPC auditing to collect sid's and convert to context
string only if it needs to output an audit record. This patch depends on the
inode audit change patch already being applied.
Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Steve Grubb [Mon, 3 Apr 2006 18:06:13 +0000 (14:06 -0400)]
[PATCH] audit inode patch
Previously, we were gathering the context instead of the sid. Now in this patch,
we gather just the sid and convert to context only if an audit event is being
output.
This patch brings the performance hit from 146% down to 23%
Darrel Goeddel [Sat, 11 Mar 2006 00:14:06 +0000 (18:14 -0600)]
[PATCH] support for context based audit filtering, part 2
This patch provides the ability to filter audit messages based on the
elements of the process' SELinux context (user, role, type, mls sensitivity,
and mls clearance). It uses the new interfaces from selinux to opaquely
store information related to the selinux context and to filter based on that
information. It also uses the callback mechanism provided by selinux to
refresh the information when a new policy is loaded.
Darrel Goeddel [Fri, 24 Feb 2006 21:44:05 +0000 (15:44 -0600)]
[PATCH] support for context based audit filtering
The following patch provides selinux interfaces that will allow the audit
system to perform filtering based on the process context (user, role, type,
sensitivity, and clearance). These interfaces will allow the selinux
module to perform efficient matches based on lower level selinux constructs,
rather than relying on context retrievals and string comparisons within
the audit module. It also allows for dominance checks on the mls portion
of the contexts that are impossible with only string comparisons.
Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Steve Grubb [Thu, 30 Mar 2006 17:20:22 +0000 (12:20 -0500)]
[PATCH] sockaddr patch
On Thursday 23 March 2006 09:08, John D. Ramsdell wrote:
> I noticed that a socketcall(bind) and socketcall(connect) event contain a
> record of type=SOCKADDR, but I cannot see one for a system call event
> associated with socketcall(accept). Recording the sockaddr of an accepted
> socket is important for cross platform information flow analys
Thanks for pointing this out. The following patch should address this.
Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
David S. Miller [Mon, 1 May 2006 05:54:27 +0000 (22:54 -0700)]
[SPARC64]: Disable preemption during flush_tlb_pending().
A context switch will force a call to flush_tlb_pending() (via
switch_to()), so if we test tlb_nr to be non-zero, then sleep, it
would become zero and later back at the original context we'll pass
zero down into the TLB flushing code which should never see a nr
argument of zero.
Signed-off-by: David S. Miller <davem@davemloft.net>
[PATCH] splice: fix bugs with stealing regular pipe pages
- Check that page has suitable count for stealing in the regular pipes.
- pipe_to_file() assumes that the page is locked on succesful steal, so
do that in the pipe steal hook
- Missing unlock_page() in add_to_page_cache() failure.
Michael Chan [Sun, 30 Apr 2006 02:00:24 +0000 (19:00 -0700)]
[TG3]: Fix bug in nvram write
Fix bug in nvram write function. If the starting nvram address offset
happens to be the last dword of the page, the NVRAM_CMD_LAST bit will
not get set in the existing code. This patch fixes the bug by changing
the "else if" to "if" so that the last dword condition always gets
checked.
Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Gary Zambrano [Sun, 30 Apr 2006 01:59:13 +0000 (18:59 -0700)]
[TG3]: Add reset_phy parameter to chip reset functions
Add a reset_phy parameter to tg3_reset_hw() and tg3_init_hw(). With
the full chip reset during MAC address change, the automatic PHY reset
during chip reset will cause a link down and bonding will not work
properly as a result. With this reset_phy parameter, we can do a chip
reset without link down when changing MAC address or MTU.
Signed-off-by: Gary Zambrano <zambrano@broadcom.com> Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Michael Chan [Sun, 30 Apr 2006 01:58:01 +0000 (18:58 -0700)]
[TG3]: Reset chip when changing MAC address
Do the full chip reset when changing MAC address if ASF is enabled.
ASF sometimes uses a different MAC address than the driver. Without
the reset, the ASF MAC address may be overwritten when the driver's
MAC address is changed.
Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Michael Chan [Sun, 30 Apr 2006 01:55:17 +0000 (18:55 -0700)]
[TG3]: Call netif_carrier_off() during phy reset
Add netif_carrier_off() call during tg3_phy_reset(). This is needed
to properly track the netif_carrier state in cases where we do a
PHY reset with interrupts disabled. The SerDes code will not run
properly if the netif_carrier state is wrong.
Signed-off-by: Michael Chan <mchan@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
We eliminated rt6_dflt_lock (to protect default router pointer)
at 2.6.17-rc1, and introduced rt6_select() for general router selection.
The function is called in the context of rt6_lock read-lock held,
but this means, we have some race conditions when we do round-robin.
Signed-off-by; YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
this means that all write-locking of xfrm_policy_afinfo_lock must be
bh-safe. This patch fixes xfrm_policy_register_afinfo() and
xfrm_policy_unregister_afinfo().
Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: David S. Miller <davem@davemloft.net>
xfrm_state_afinfo_lock can be read-locked from bh context, so take it
in a bh-safe manner in xfrm_state_register_afinfo() and
xfrm_state_unregister_afinfo(). Found by the lock validator.
Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: David S. Miller <davem@davemloft.net>
Herbert Xu [Fri, 28 Apr 2006 22:22:13 +0000 (15:22 -0700)]
[IPSEC]: Fix IP ID selection
I was looking through the xfrm input/output code in order to abstract
out the address family specific encapsulation/decapsulation code. During
that process I found this bug in the IP ID selection code in xfrm4_output.c.
At that point dst is still the xfrm_dst for the current SA which
represents an internal flow as far as the IPsec tunnel is concerned.
Since the IP ID is going to sit on the outside of the encapsulated
packet, we obviously want the external flow which is just dst->child.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>