Stephen Smalley [Fri, 20 May 2005 23:15:52 +0000 (00:15 +0100)]
AUDIT: Avoid sleeping function in SElinux AVC audit.
This patch changes the SELinux AVC to defer logging of paths to the audit
framework upon syscall exit, by saving a reference to the (dentry,vfsmount)
pair in an auxiliary audit item on the current audit context for processing
by audit_log_exit.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Woodhouse [Thu, 19 May 2005 13:55:56 +0000 (14:55 +0100)]
AUDIT: Honour audit_backlog_limit again.
The limit on the number of outstanding audit messages was inadvertently
removed with the switch to queuing skbs directly for sending by a kernel
thread. Put it back again.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Woodhouse [Thu, 19 May 2005 10:54:00 +0000 (11:54 +0100)]
Merge ... /linux/kernel/git/torvalds/linux-2.6.git
David Woodhouse [Thu, 19 May 2005 10:23:13 +0000 (11:23 +0100)]
AUDIT: Quis Custodiet Ipsos Custodes?
Nobody does. Really, it gets very silly if auditd is recording its
own actions.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Woodhouse [Thu, 19 May 2005 10:18:24 +0000 (11:18 +0100)]
Restore logging of pid= and comm= in AVC audit messages
We turned this all off because the 'exe=' was causing deadlocks on
dcache_lock. There's no need to leave the pid and comm out though.
They'll all be logged correctly if full auditing is enabled, but we
should still print them in case auditing _isn't_ enabled.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Woodhouse [Thu, 19 May 2005 09:56:58 +0000 (10:56 +0100)]
AUDIT: Send netlink messages from a separate kernel thread
netlink_unicast() will attempt to reallocate and will free messages if
the socket's rcvbuf limit is reached unless we give it an infinite
timeout. So do that, from a kernel thread which is dedicated to spewing
stuff up the netlink socket.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Steve Grubb [Thu, 19 May 2005 09:24:22 +0000 (10:24 +0100)]
AUDIT: Clean up logging of untrusted strings
* If vsnprintf returns -1, it will mess up the sk buffer space accounting.
This is fixed by not calling skb_put with bogus len values.
* audit_log_hex was a loop that called audit_log_vformat with %02X for each
character. This is very inefficient since conversion from unsigned character
to Ascii representation is essentially masking, shifting, and byte lookups.
Also, the length of the converted string is well known - it's twice the
original. Fixed by rewriting the function.
* audit_log_untrustedstring had no comments. This makes it hard for
someone to understand what the string format will be.
* audit_log_d_path was never fixed to use untrustedstring. This could mess
up user space parsers. This was fixed to make a temp buffer, call d_path,
and log temp buffer using untrustedstring.
From: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Linus Torvalds [Wed, 18 May 2005 23:37:46 +0000 (16:37 -0700)]
Merge ... /linux/kernel/git/gregkh/driver-2.6.git/
Stephen Tweedie [Wed, 18 May 2005 15:47:17 +0000 (11:47 -0400)]
[PATCH] Avoid console spam with ext3 aborted journal.
Avoid console spam with ext3 aborted journal.
ext3 usually reports error conditions that it detects in its environment.
But when its journal gets aborted due to such errors, it can sometimes
continue to report that condition forever, spamming the console to such
an extent that the initial first cause of the journal abort can be lost.
When the journal aborts, we put the filesystem into readonly mode. Most
subsequent filesystem operations will get rejected immediately by checks
for MS_RDONLY either in the filesystem or in the VFS. But some paths do
not have such checks --- for example, if we continue to write to a file
handle that was opened before the fs went readonly. (We only check for
the ROFS condition when the file is first opened.) In these cases, we
can continue to generate log errors similar to
EXT3-fs error (device $DEV) in start_transaction: Journal has aborted
for each subsequent write.
There is really no point in generating these errors after the initial
error has been fully reported. Specifically, if we're starting a
completely new filesystem operation, and the filesystem is *already*
readonly (ie. the ext3 layer has already detected and handled the
underlying jbd abort), and we see an EROFS error, then there is simply
no point in reporting it again.
Signed-off-by: Stephen Tweedie <sct@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Stephen Tweedie [Wed, 18 May 2005 15:22:31 +0000 (11:22 -0400)]
[PATCH] Fix filp being passed through raw ioctl handler
Don't pass meaningless file handles to block device ioctls.
The recent raw IO ioctl-passthrough fix started passing the raw file
handle into the block device ioctl handler. That's unlikely to be
useful, as the file handle is actually open on a character-mode raw
device, not a block device, so dereferencing it is not going to yield
useful results to a block device ioctl handler.
Previously we just passed NULL; also not a value that can usefully
be dereferenced, but at least if it does happen, we'll oops instead of
silently pretending that the file is a block device, so NULL is the more
defensive option here. This patch reverts to that behaviour.
Noticed by Al Viro.
Signed-off-by: Stephen Tweedie <sct@redhat.com>
Acked-by: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
David Woodhouse [Wed, 18 May 2005 09:21:07 +0000 (10:21 +0100)]
AUDIT: Treat all user messages identically.
It's silly to have to add explicit entries for new userspace messages
as we invent them. Just treat all messages in the user range the same.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Brownell [Thu, 12 May 2005 19:06:27 +0000 (12:06 -0700)]
[PATCH] Driver Core: remove driver model detach_state
The driver model has a "detach_state" mechanism that:
- Has never been used by any in-kernel drive;
- Is superfluous, since driver remove() methods can do the same thing;
- Became buggy when the suspend() parameter changed semantics and type;
- Could self-deadlock when called from certain suspend contexts;
- Is effectively wasted documentation, object code, and headspace.
This removes that "detach_state" mechanism; net code shrink, as well
as a per-device saving in the driver model and sysfs.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
David Brownell [Mon, 9 May 2005 15:07:00 +0000 (08:07 -0700)]
[PATCH] Driver Core: pm diagnostics update, check for errors
This patch includes various tweaks in the messaging that appears during
system pm state transitions:
* Warn about certain illegal calls in the device tree, like resuming
child before parent or suspending parent before child. This could
happen easily enough through sysfs, or in some cases when drivers
use device_pm_set_parent().
* Be more consistent about dev_dbg() tracing ... do it for resume() and
shutdown() too, and never if the driver doesn't have that method.
* Say which type of system sleep state is being entered.
Except for the warnings, these only affect debug messaging.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Acked-by: Pavel Machek <pavel@ucw.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Greg KH [Thu, 5 May 2005 18:57:25 +0000 (11:57 -0700)]
[PATCH] PCI: add MODALIAS to hotplug event for pci devices
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Greg KH [Thu, 5 May 2005 18:57:25 +0000 (11:57 -0700)]
[PATCH] PCI: add modalias sysfs file for pci devices
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Scott Murray [Mon, 9 May 2005 21:36:27 +0000 (17:36 -0400)]
[PATCH] PCI Hotplug: remove pci_visit_dev
If my CPCI hotplug update patch is applied, then there are no longer any
in tree users of the pci_visit_dev API, and it and its related code can be
removed.
Signed-off-by: Scott Murray <scottm@somanetworks.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Scott Murray [Mon, 9 May 2005 21:31:50 +0000 (17:31 -0400)]
[PATCH] PCI Hotplug: CPCI update
[PATCH] CPCI: update
I have finally done some work to update the CompactPCI hotplug driver to
fix some of the outstanding issues in 2.6:
- Added adapter and latch status ops so that those files will get created
by the current PCI hotplug core. This used to not be required, but
seems to be now after some of the sysfs rework in the core.
- Replaced slot list spinlock with a r/w semaphore to avoid any potential
issues with sleeping. This quiets all of the runtime warnings.
- Reworked interrupt driven hot extraction handling to remove need for a
polling operator for ENUM# status. There are a lot of boards that only
have an interrupt driven by ENUM#, so this lowers the bar to entry.
- Replaced pci_visit_dev usage with better use of the PCI core functions.
The new code is functionally equivalent to the previous code, but the
use of pci_enable_device on insert needs to be investigated further, as
I need to do some more testing to see if it is still necessary.
Signed-off-by: Scott Murray <scottm@somanetworks.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Dely Sy [Sat, 7 May 2005 00:19:09 +0000 (17:19 -0700)]
[PATCH] PCI Hotplug: get pciehp to work on the downstream port of a switch
Here is the updated patch to get pciehp driver to work for downstream
port of a switch and handle the difference in the offset value of PCI
Express capability list item of different ports.
Signed-off-by: Dely Sy <dely.l.sy@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Dely Sy [Thu, 5 May 2005 18:57:25 +0000 (11:57 -0700)]
[PATCH] PCI Hotplug: Fix echoing 1 to power file of enabled slot problem with SHPC driver
Here is a patch to fix the problem of echoing 1 to "power" file
to enabled slot causing the slot to power down, and echoing 0
to disabled slot causing shpchp_disabled_slot() to be called
twice. This problem was reported by kenji Kaneshige.
Thanks,
Dely
Signed-off-by: Dely Sy <dely.l.sy@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Christoph Lameter [Tue, 17 May 2005 15:48:16 +0000 (08:48 -0700)]
[PATCH] fix memory scribble in arch/i386/pci/fixup.c
The GET_INDEX() macro should use just the low three bits of the devfn,
otherwise we have a memory scribble in pcie_rootport_aspm_quirk that
overwrites ptype_all
Fix it to be more careful about its arguments while at it.
Acked by Dely Sy <dely.l.sy@intel.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
randy_dunlap [Tue, 17 May 2005 14:12:56 +0000 (07:12 -0700)]
[PATCH] update CREDITS
free agent
Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Paul Mackerras [Tue, 17 May 2005 06:48:39 +0000 (16:48 +1000)]
[PATCH] ppc32: enable use of early_param
We need to call parse_early_param() early on to allow usage of
early_param() for command line parsing.
Signed-off-by: Kumar Gala <kumar.gala@freescale.com>
Signed-off-by: Paul Mackerras <paulus@samba.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Linus Torvalds [Tue, 17 May 2005 15:55:00 +0000 (08:55 -0700)]
Merge ... /linux/kernel/git/jgarzik/libata-2.6.git