Add a devname parameter to the pcmcia_device structure, fills it with
"pcmcia<bus_id>" in pcmcia_device_add, and passes it to request_irq in
pcmcia_request_irq.
Daniel Ritz [Fri, 9 Sep 2005 20:03:25 +0000 (13:03 -0700)]
[PATCH] fix pcmcia_request_irq() for multifunction card
multifunction cards need to have the same irq assigned to both functions.
the code tries that but fails because ret is still set to CS_IN_USE which
results in the function having the CB irq assigned. yenta_set_socket then
just changes the irq routing to use the PCI interrupt but the first
functions irq handler is registered on an ISA interrupt. boom.
Signed-off-by: Daniel Ritz <daniel.ritz@gmx.ch> Cc: Dominik Brodowski <linux@dominikbrodowski.net> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Daniel Ritz [Fri, 9 Sep 2005 20:03:23 +0000 (13:03 -0700)]
[PATCH] pcmcia/cs: fix possible missed wakeup
- thread_done should only be completed when the wait_queue is installed.
- all wake up conditions should be checked before schedule()
this fixes a hang of rmmod in the sequence modprobe yenta_socket; rmmod
yenta_socket as reported by Andreas Steinmetz. w/o this rmmod yenta_socket
can hang on wait_for_completion() in pcmcia_unregister_socket()
Signed-off-by: Daniel Ritz <daniel.ritz@gmx.ch> Cc: Dominik Brodowski <linux@brodo.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Share code between setup-bus.c and yenta_socket.c: use the write-out code of
resources to the bridge also in yenta_socket.c, as it provides useful debug
output. In addition, it fixes the bug that the CPU-centric resource view
might need to be transferred to the PCI-centric view: setup-bus.c does that,
while yenta-socket.c did not.
Oliver Endriss [Fri, 9 Sep 2005 20:03:12 +0000 (13:03 -0700)]
[PATCH] dvb: ttpci: av7110: RC5+ remote control support
Improved remote control support for av7110-based cards:
o extended rc5 protocol, firmware >= 0x2620 required
o key-up timer slightly adjusted
o completely moved remote control code to av7110_ir.c
o support for multiple ir receivers
o for now, all av7110 cards share the same ir configuration and event device
Signed-off-by: Oliver Endriss <o.endriss@gmx.de> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] dvb: budget-av: enable frontend on KNC1 Plus cards
Enable frontend on KNC plus cards.
Signed-off-by: Andrew de Quincey <adq_dvb@lidskialf.net> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Signed-off-by: Andrew de Quincey <adq_dvb@lidskialf.net> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] dvb: budget-ci: add support for TT DVB-C CI card
Add support for TT DVB-C CI card.
Signed-off-by: Andrew de Quincey <adq_dvb@lidskialf.net> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
IR RC fixes:
- EVIOCSKEYCODE is not supported by this driver, fix potential crash
when it is used by not setting rc_input_dev->keycodesize
- fix key repeat handling (hopefully)
- reduce default poll internal to 50msec (necessary for key repeat handling)
Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Manu Abraham [Fri, 9 Sep 2005 20:03:04 +0000 (13:03 -0700)]
[PATCH] dvb: dst: Updated Documentation
Updated Documentation
Signed-off-by: Manu Abraham <manu@linuxtv.org> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Manu Abraham [Fri, 9 Sep 2005 20:03:03 +0000 (13:03 -0700)]
[PATCH] dvb: dst: ci doc update
Updated documentation
Signed-off-by: Manu Abraham <manu@linuxtv.org> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Manu Abraham [Fri, 9 Sep 2005 20:03:02 +0000 (13:03 -0700)]
[PATCH] dvb: dst: fix DVB-C tuning
Fix BUG in DVB-C frequency setting. Thanks to Peng Cao <caopeng75@gmail.com>
Signed-off-by: Manu Abraham <manu@linuxtv.org> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Manu Abraham [Fri, 9 Sep 2005 20:03:01 +0000 (13:03 -0700)]
[PATCH] dvb: dst: identify boards
Identify board properly: Add functions to retrieve MAC Address, FW details,
Card type and Vendor Information.
Signed-off-by: Manu Abraham <manu@linuxtv.org> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Manu Abraham [Fri, 9 Sep 2005 20:03:00 +0000 (13:03 -0700)]
[PATCH] dvb: dst: dprrintk cleanup
Code Cleanup:
o Remove debug noise
o Remove debug module parameter
debug level is achieved using the verbosity level
o Updated to kernel coding style
(case labels should not be indented)
Signed-off-by: Manu Abraham <manu@linuxtv.org> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Manu Abraham [Fri, 9 Sep 2005 20:02:59 +0000 (13:02 -0700)]
[PATCH] dvb: dst: remove unnecessary code
Code Simplification: CA PMT object is not parsed in the driver anymore.
Signed-off-by: Manu Abraham <manu@linuxtv.org> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Manu Abraham [Fri, 9 Sep 2005 20:02:58 +0000 (13:02 -0700)]
[PATCH] dvb: dst: fix symbol rate setting
Make the Symbolrate setting card specific.
Signed-off-by: Manu Abraham <manu@kromtek.com> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
David Johnson [Fri, 9 Sep 2005 20:02:55 +0000 (13:02 -0700)]
[PATCH] dvb: bt8xx: Nebula DigiTV mt352 support
Add support for Nebula DigiTV PCI cards with the MT352 frontend.
Signed-off-by: David Johnson <dj@david-web.co.uk> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
David Johnson [Fri, 9 Sep 2005 20:02:54 +0000 (13:02 -0700)]
[PATCH] dvb: bt8xx: cleanup
Indentation fixes and remove unnecessary braces.
Signed-off-by: David Johnson <dj@david-web.co.uk> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
comment out noisy dprintk in dst_get_signal() (why are errors only visible
with debug on? this needs to be cleaned up so we can disable debug by
default)
Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
1) a firmware update made by the vendor, which has to be done in Windows
for now, changes the DVB-data-pipe from isochronous to bulk: it fixes the
data distortions (and thus the video-distortions) in DVB-T mode; there is
no backwards compatibility with the old firmware as it didn't work anyway
2) with the help of Steve Toth some reverse-engineered functionality is now
named correctly, thank you
Signed-off-by: Patrick Boettcher <pb@linuxtv.org> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This fix has also been applied to lgdt330x. There is an optimization that
keeps track of the frequency tuned by the digital decoder. The digital driver
does not set the frequency if it has not changed since it was tuned. The
analog tuner driver knows nothing about the frequency saved by the digital
driver. When the frequency is set using the video4linux code with tvtime, the
hardware get changed but the digital driver's state does not get updated.
Switch back to the same digital channel and the driver finds no change in
frequency so the tuner is not reset to the digital frequency. The work around
is to remove the check and always set the tuner to the specified frequency.
Signed-off-by: Mac Michaels <wmichaels1@earthlink.net> Signed-off-by: Michael Krufky <mkrufky@m1k.net> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
while investigating the QAM_128-issue with the stv0297-driver for the
Cablestar (which is not the same as the one in dvb-kernel CVS, yet), I fixed
it, not by increasing the timeout, but by disabling the corner-detection for
QAM_128 and higher.
This patch has been tested on dvb-kernel cvs, and has been reported to work by
multiple users. Some cards still need timeout increase on top of this patch.
This will be addressed later.
Signed-off-by: Patrick Boettcher <pb@linuxtv.org> Signed-off-by: Michael Krufky <mkrufky@m1k.net> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Signed-off-by: Andrew de Quincey <adq_dvb@lidskialf.net> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] dvb: frontend: stv0299: support reading both BER and UCBLOCKS
Allow the stv0299 to read the BER and UCBLOCKS.
Signed-off-by: Andrew de Quincey <adq_dvb@lidskialf.net> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Signed-off-by: Andrew de Quincey <adq_dvb@lidskialf.net> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Barry Scott [Fri, 9 Sep 2005 20:02:29 +0000 (13:02 -0700)]
[PATCH] dvb: frontend: mt352: fix signal strength reading
Fix two problems with the signal strength value in the mt352.c frontend:
1. the 4 most significant bits are zeroed - shift and mask wrong way round
2. need to align the 12 bits from the registers at the top of the 16 bit
returned value - otherwise the range is not 0 to 0xffff its 0xf000 to 0xffff
Signed-off-by: Barry Scott <barry.scott@onelan.co.uk> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Don't return immediately from dvb_dmx_swfilter_section_packet() if CC is not
ok. Otherwise a new feed drops all packets until the first packet with CC=0
arrives.
Signed-off-by: Andreas Oberritter <obi@linuxtv.org> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
I have a system (Biostar IDEQ210M mini-pc with a VIA chipset) which will
not reboot unless a keyboard is plugged in to it. I have tried all
combinations of the kernel "reboot=x,y" flags to no avail. Rebooting by
any method will leave the system in a wedged state (at the "Restarting
system" message).
I finally tracked the problem down to the machine's refusal to fully reboot
unless the keyboard controller status register had bit 2 set. This is the
"System flag" which when set, indicates successful completion of the
keyboard controller self-test (Basic Assurance Test, BAT).
I suppose that something is trying to protect against sporadic reboots
unless the keyboard controller is in a good state (a keyboard is present),
but I need this machine to be headless.
I found that setting the system flag (via the command byte) before giving
the "pulse reset line" command will allow the reboot to proceed. The patch
is simple, and I think it should be fine for everybody whether they have
this type of machine or not. This affects the "hard" reboot (as done when
the kernel boot flags "reboot=c,h" are used).
Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] aio: kiocb locking to serialise retry and cancel
Implement a per-kiocb lock to serialise retry operations and cancel. This
is done using wait_on_bit_lock() on the KIF_LOCKED bit of kiocb->ki_flags.
Also, make the cancellation path lock the kiocb and subsequently release
all references to it if the cancel was successful. This version includes a
fix for the deadlock with __aio_run_iocbs.
Signed-off-by: Benjamin LaHaise <bcrl@linux.intel.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] change io_cancel return code for no cancel case
Note that other than few exceptions, most of the current filesystem and/or
drivers do not have aio cancel specifically defined (kiob->ki_cancel field
is mostly NULL). However, sys_io_cancel system call universally sets
return code to -EAGAIN. This gives applications a wrong impression that
this call is implemented but just never works. We have customer inquires
about this issue.
Changed by Benjamin LaHaise to EINVAL instead of ENOSYS
Signed-off-by: S. Wendy Cheng <wcheng@redhat.com> Acked-by: Benjamin LaHaise <bcrl@kvack.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] Prefetch kernel stacks to speed up context switch
For architecture like ia64, the switch stack structure is fairly large
(currently 528 bytes). For context switch intensive application, we found
that significant amount of cache misses occurs in switch_to() function.
The following patch adds a hook in the schedule() function to prefetch
switch stack structure as soon as 'next' task is determined. This allows
maximum overlap in prefetch cache lines for that structure.
Signed-off-by: Ken Chen <kenneth.w.chen@intel.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: "Luck, Tony" <tony.luck@intel.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Jason Baron [Fri, 9 Sep 2005 20:02:01 +0000 (13:02 -0700)]
[PATCH] fix disassociate_ctty vs. fork race
Race is as follows. Process A forks process B, both being part of the same
session. Then, A calls disassociate_ctty while B forks C:
A B
==== ====
fork()
copy_signal()
dissasociate_ctty() ....
attach_pid(p, PIDTYPE_SID, p->signal->session);
Now, C can have current->signal->tty pointing to a freed tty structure, as
it hasn't yet been added to the session group (to have its controlling tty
cleared on the diassociate_ctty() call).
This has shown up as an oops but could be even more serious. I haven't
tried to create a test case, but a customer has verified that the patch
below resolves the issue, which was occuring quite frequently. I'll try
and post the test case if i can.
The patch simply checks for a NULL tty *after* it has been attached to the
proper session group and clears it as necessary. Alternatively, we could
simply do the tty assignment after the the process is added to the proper
session group.
Signed-off-by: Jason Baron <jbaron@redhat.com> Cc: Roland McGrath <roland@redhat.com> Cc: Ingo Molnar <mingo@elte.hu> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch for old autofs (version 3) cleans dentries which are not putted
after killing the automount daemon (it's analogue of recent patch for
autofs4).
Signed-off-by: Alexander Krizhanovsky <klx@yandex.ru> Cc: Ian Kent <raven@themaw.net> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Samuel Thibault [Fri, 9 Sep 2005 20:01:58 +0000 (13:01 -0700)]
[PATCH] vga text console and stty cols/rows
Some people use 66-cells braille devices for reading the console, and hence
would like to reduce the width of the screen by using:
stty cols 66
However, the vga text console doesn't behave correctly: the 14 first
characters of the second line are put on the right of the first line and so
forth.
Here is a patch to correct that. It corrects the disp_end and offset
registers of the vga board on console resize and console switch.
On usual screens, you then correctly get a right and/or bottom blank
margin. On some laptop panels, the output is resized so that text actually
gets magnified, which can be great for some people (see
http://dept-info.labri.fr/~thibault/ls.jpg ).
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Jason Baron [Fri, 9 Sep 2005 20:01:57 +0000 (13:01 -0700)]
[PATCH] pty_chars_in_buffer oops fix
The idea of this patch is to lock both sides of a ptmx/pty pair during line
discipline changing. This is needed to ensure that say a poll on one side of
the pty doesn't occur while the line discipline is actively being changed.
This resulted in an oops reported on lkml, see:
A 'hacky' approach was previously implmemented which served to eliminate the
poll vs. line discipline changing race. However, this patch takes a more
general approach to the issue. The patch only adds locking on a less often
used path, the line-discipline changing path, as opposed to locking the
ptmx/pty pair on read/write/poll paths.
The patch below, takes both ldisc locks in either order b/c the locks are both
taken under the same spinlock(). I thought about locking the ptmx/pty
separately, such as master always first but that introduces a 3 way deadlock.
For example, process 1 does a blocking read on the slave side. Then, process
2 does an ldisc change on the slave side, which acquires the master ldisc lock
but not the slave's. Finally, process 3 does a write which blocks on the
process 2's ldisc reference.
This patch does introduce some changes in semantics. For example, a line
discipline change on side 'a' of a ptmx/pty pair, will now wait for a
read/write to complete on the other side, or side 'b'. The current behavior
is to simply wait for any read/writes on only side 'a', not both sides 'a' and
'b'. I think this behavior makes sense, but I wanted to point it out.
I've tested the patch with a bunch of read/write/poll while changing the line
discipline out from underneath.
This patch obviates the need for the above "hide the problem" patch.
Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] alpha: process_reloc_for_got confuses r_offset and r_addend
arch/alpha/kernel/module.c:process_reloc_for_got(), which figures out how big
the .got section for a module should be, appears to be confusing r_offset (the
file offset that the relocation needs to be applied to) with r_addend (the
offset of the relocation's actual target address from the address of the
relocation's symbol). Because of this, one .got entry is allocated for each
relocation instead of one each unique symbol/addend.
In the module I am working with, this causes the .got section to be almost 10
times larger than it needs to be (75544 bytes instead of 7608 bytes). As the
.got is accessed with global-pointer-relative instructions, it needs to be
within the 64k gp "zone", and a 75544 byte .got clearly does not fit. The
result of this is that relocation overflows are detected during module load
and the load is aborted.
Change struct got_entry/process_reloc_for_got to fix this.
Acked-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
[PATCH] x86_64: Don't call enforce_max_cpus when hotplug is enabled
enforce_max_cpus nukes out cpu_present_map and cpu_possible_map making it
impossible to add new cpus in the system. Since it doesnt provide any
additional value apart this call and reference is removed.
[PATCH] x86_64: Don't do broadcast IPIs when hotplug is enabled in flat mode.
The use of non-shortcut version of routines breaking CPU hotplug. The option
to select this via cmdline also is deleted with the physflat patch, hence
directly placing this code under CONFIG_HOTPLUG_CPU.
We dont want to use broadcast mode IPI's when hotplug is enabled. This causes
bad effects in send IPI to a cpu that is offline which can trip when the cpu
is in the process of being kicked alive.
This is the same issue as ppc64 before, when returning to userland we
shouldn't re-compute the seccomp check or the task could be killed during
sigreturn when orig_eax is overwritten by the sigreturn syscall. This was
found by Roland.
This was harmless from a security standpoint, but some i686 users reported
failures with auditing enabled system wide (some distro surprisingly makes
it the default) and I reproduced it too by keeping the whole workload under
strace -f.
Patch is tested and works for me under strace -f.
nobody@athlon:~/cpushare> strace -o /tmp/o -f python seccomp_test.py
make: Nothing to be done for `seccomp_test'.
Starting computing some malicious bytecode
init
load
start
stop
receive_data failure
kill
exit_code 0 signal 9
The malicious bytecode has been killed successfully by seccomp
Starting computing some safe bytecode
init
load
start
stop
174 counts
kill
exit_code 0 signal 0
The seccomp_test.py completed successfully, thank you for testing.
(akpm: collaterally cleaned up a bit of do_syscall_trace() too)
Signed-off-by: Andrea Arcangeli <andrea@cpushare.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Tom Rini [Fri, 9 Sep 2005 20:01:48 +0000 (13:01 -0700)]
[PATCH] ppc32: Kill PVR_440* defines
The following patch changes the usages of PVR_440* into strcmp's with the
cpu_name field, and removes the defines altogether. The Ebony portion was
briefly tested long ago. One benefit of moving from PVR-tests to string
tests in general is that not all CPUs can be on and be able to do this type
of comparison.
See http://patchwork.ozlabs.org/linuxppc/patch?id=1250 for the original
thread.
Signed-off-by: Tom Rini <trini@kernel.crashing.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Tom Rini [Fri, 9 Sep 2005 20:01:47 +0000 (13:01 -0700)]
[PATCH] ppc32: In the boot code, don't rely on BASE_BAUD directly
Modifies serial_init to get base baud rate from the rs_table entry instead
of BAUD_BASE. This patch eliminates duplication between the
SERIAL_PORT_DFNS macro and BAUD_BASE. Without the patch, if a port set the
baud rate in SERIAL_PORT_DFNS, but did not update BASE_BAUD, the BASE_BAUD
value would still be used.
Signed-off-by: Grant Likely <grant.likely@gdcanada.com> Signed-off-by: Tom Rini <trini@kernel.crashing.org> Cc: Russell King <rmk@arm.linux.org.uk> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch removes the inode_post_create/mkdir/mknod/symlink LSM hooks as
they are obsoleted by the new inode_init_security hook that enables atomic
inode security labeling.
If anyone sees any reason to retain these hooks, please speak now. Also,
is anyone using the post_rename/link hooks; if not, those could also be
removed.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch modifies tmpfs to call the inode_init_security LSM hook to set
up the incore inode security state for new inodes before the inode becomes
accessible via the dcache.
As there is no underlying storage of security xattrs in this case, it is
not necessary for the hook to return the (name, value, len) triple to the
tmpfs code, so this patch also modifies the SELinux hook function to
correctly handle the case where the (name, value, len) pointers are NULL.
The hook call is needed in tmpfs in order to support proper security
labeling of tmpfs inodes (e.g. for udev with tmpfs /dev in Fedora). With
this change in place, we should then be able to remove the
security_inode_post_create/mkdir/... hooks safely.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Cc: Hugh Dickins <hugh@veritas.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch modifies ext3 to call the inode_init_security LSM hook to obtain
the security attribute for a newly created inode and to set the resulting
attribute on the new inode as part of the same transaction. This parallels
the existing processing for setting ACLs on newly created inodes.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch modifies ext2 to call the inode_init_security LSM hook to obtain
the security attribute for a newly created inode and to set the resulting
attribute on the new inode. This parallels the existing processing for
setting ACLs on newly created inodes.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
The following patch set enables atomic security labeling of newly created
inodes by altering the fs code to invoke a new LSM hook to obtain the security
attribute to apply to a newly created inode and to set up the incore inode
security state during the inode creation transaction. This parallels the
existing processing for setting ACLs on newly created inodes. Otherwise, it
is possible for new inodes to be accessed by another thread via the dcache
prior to complete security setup (presently handled by the
post_create/mkdir/... LSM hooks in the VFS) and a newly created inode may be
left unlabeled on the disk in the event of a crash. SELinux presently works
around the issue by ensuring that the incore inode security label is
initialized to a special SID that is inaccessible to unprivileged processes
(in accordance with policy), thereby preventing inappropriate access but
potentially causing false denials on legitimate accesses. A simple test
program demonstrates such false denials on SELinux, and the patch solves the
problem. Similar such false denials have been encountered in real
applications.
This patch defines a new inode_init_security LSM hook to obtain the security
attribute to apply to a newly created inode and to set up the incore inode
security state for it, and adds a corresponding hook function implementation
to SELinux.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>