aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2008-11-11This patch add a generic cpu endian caps structure and externally availableEric Paris
functions which retrieve fcaps information from disk. This information is necessary so fcaps information can be collected and recorded by the audit system. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
2008-11-11Document the order of arguments for cap_issubset. It's not instantly clearEric Paris
which order the argument should be in. So give an example. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
2008-11-09SELinux: Use unknown perm handling to handle unknown netlink msg typesEric Paris
Currently when SELinux has not been updated to handle a netlink message type the operation is denied with EINVAL. This patch will leave the audit/warning message so things get fixed but if policy chose to allow unknowns this will allow the netlink operation. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
2008-11-06file capabilities: add no_file_caps switch (v4)Serge E. Hallyn
Add a no_file_caps boot option when file capabilities are compiled into the kernel (CONFIG_SECURITY_FILE_CAPABILITIES=y). This allows distributions to ship a kernel with file capabilities compiled in, without forcing users to use (and understand and trust) them. When no_file_caps is specified at boot, then when a process executes a file, any file capabilities stored with that file will not be used in the calculation of the process' new capability sets. This means that booting with the no_file_caps boot option will not be the same as booting a kernel with file capabilities compiled out - in particular a task with CAP_SETPCAP will not have any chance of passing capabilities to another task (which isn't "really" possible anyway, and which may soon by killed altogether by David Howells in any case), and it will instead be able to put new capabilities in its pI. However since fI will always be empty and pI is masked with fI, it gains the task nothing. We also support the extra prctl options, setting securebits and dropping capabilities from the per-process bounding set. The other remaining difference is that killpriv, task_setscheduler, setioprio, and setnice will continue to be hooked. That will be noticable in the case where a root task changed its uid while keeping some caps, and another task owned by the new uid tries to change settings for the more privileged task. Changelog: Nov 05 2008: (v4) trivial port on top of always-start-\ with-clear-caps patch Sep 23 2008: nixed file_caps_enabled when file caps are not compiled in as it isn't used. Document no_file_caps in kernel-parameters.txt. Signed-off-by: Serge Hallyn <serue@us.ibm.com> Acked-by: Andrew G. Morgan <morgan@kernel.org> Signed-off-by: James Morris <jmorris@namei.org>
2008-11-06Merge branch 'master' into nextJames Morris
2008-11-06selinux: recognize netlink messages for 'ip addrlabel'Michal Schmidt
In enforcing mode '/sbin/ip addrlabel' results in a SELinux error: type=SELINUX_ERR msg=audit(1225698822.073:42): SELinux: unrecognized netlink message type=74 for sclass=43 The problem is missing RTM_*ADDRLABEL entries in SELinux's netlink message types table. Reported in https://bugzilla.redhat.com/show_bug.cgi?id=469423 Signed-off-by: Michal Schmidt <mschmidt@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
2008-11-05SELinux: hold tasklist_lock and siglock while waking wait_chldexitEric Paris
SELinux has long been calling wake_up_interruptible() on current->parent->signal->wait_chldexit without holding any locks. It appears that this operation should hold the tasklist_lock to dereference current->parent and we should hold the siglock when waking up the signal->wait_chldexit. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
2008-11-04Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: xfrm: Fix xfrm_policy_gc_lock handling. niu: Use pci_ioremap_bar(). bnx2x: Version Update bnx2x: Calling netif_carrier_off at the end of the probe bnx2x: PCI configuration bug on big-endian bnx2x: Removing the PMF indication when unloading mv643xx_eth: fix SMI bus access timeouts net: kconfig cleanup fs_enet: fix polling XFRM: copy_to_user_kmaddress() reports local address twice SMC91x: Fix compilation on some platforms. udp: Fix the SNMP counter of UDP_MIB_INERRORS udp: Fix the SNMP counter of UDP_MIB_INDATAGRAMS drivers/net/smc911x.c: Fix lockdep warning on xmit.
2008-11-04Merge branch 'upstream-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev * 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev: libata: mask off DET when restoring SControl for detach libata: implement ATA_HORKAGE_ATAPI_MOD16_DMA and apply it libata: Fix a potential race condition in ata_scsi_park_show() sata_nv: fix generic, nf2/3 detection regression sata_via: restore vt*_prepare_host error handling sata_promise: add ATA engine reset to reset ops
2008-11-04drivers: remove duplicated #includeJianjun Kong
Signed-off-by: Jianjun Kong <jianjun@zeuux.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-11-04libata: mask off DET when restoring SControl for detachTejun Heo
libata restores SControl on detach; however, trying to restore non-zero DET can cause undeterministic behavior including PMP device going offline till power cycling. Mask off DET when restoring SControl. Signed-off-by: Tejun Heo <tj@kernel.org> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2008-11-04libata: implement ATA_HORKAGE_ATAPI_MOD16_DMA and apply itTejun Heo
libata always uses PIO for ATAPI commands when the number of bytes to transfer isn't multiple of 16 but quantum DAT72 chokes on odd bytes PIO transfers. Implement a horkage to skip the mod16 check and apply it to the quantum device. This is reported by John Clark in the following thread. http://thread.gmane.org/gmane.linux.ide/34748 Signed-off-by: Tejun Heo <tj@kernel.org> Cc: John Clark <clarkjc@runbox.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2008-11-04libata: Fix a potential race condition in ata_scsi_park_show()Elias Oltmanns
Peter Moulder has pointed out that there is a slight chance that a negative value might be passed to jiffies_to_msecs() in ata_scsi_park_show(). This is fixed by saving the value of jiffies in a local variable, thus also reducing code since the volatile variable jiffies is accessed only once. Signed-off-by: Elias Oltmanns <eo@nebensachen.de> Signed-off-by: Tejun Heo <tj.kernel.org> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2008-11-04sata_nv: fix generic, nf2/3 detection regressionTejun Heo
All three flavors of sata_nv's are different in how their hardreset behaves. * generic: Hardreset is not reliable. Link often doesn't come online after hardreset. * nf2/3: A little bit better - link comes online with longer debounce timing. However, nf2/3 can't reliable wait for the first D2H Register FIS, so it can't wait for device readiness or classify the device after hardreset. Follow-up SRST required. * ck804: Hardreset finally works. The core layer change to prefer hardreset and follow up changes exposed the above issues and caused various detection regressions for all three flavors. This patch, hopefully, fixes all the known issues and should make sata_nv error handling more reliable. Signed-off-by: Tejun Heo <tj@kernel.org> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2008-11-04sata_via: restore vt*_prepare_host error handlingMarcin Slusarz
commit b9d5b89b487517cbd4cb4702da829e07ef9e4432 (sata_via: fix support for 5287) accidently (?) removed vt*_prepare_host error handling - restore it catched by gcc: drivers/ata/sata_via.c: In function 'svia_init_one': drivers/ata/sata_via.c:567: warning: 'host' may be used uninitialized in this function Signed-off-by: Marcin Slusarz <marcin.slusarz@gmail.com> Cc: Tejun Heo <tj@kernel.org> Cc: Joseph Chan <JosephChan@via.com.tw> Cc: Jeff Garzik <jgarzik@redhat.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2008-11-04sata_promise: add ATA engine reset to reset opsMikael Pettersson
Promise ATA engines need to be reset when errors occur. That's currently done for errors detected by sata_promise itself, but it's not done for errors like timeouts detected outside of the low-level driver. The effect of this omission is that a timeout tends to result in a sequence of failed COMRESETs after which libata EH gives up and disables the port. At that point the port's ATA engine hangs and even reloading the driver will not resume it. To fix this, make sata_promise override ->hardreset on SATA ports with code which calls pdc_reset_port() on the port in question before calling libata's hardreset. PATA ports don't use ->hardreset, so for those we override ->softreset instead. Signed-off-by: Mikael Pettersson <mikpe@it.uu.se> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2008-11-03xfrm: Fix xfrm_policy_gc_lock handling.Alexey Dobriyan
From: Alexey Dobriyan <adobriyan@gmail.com> Based upon a lockdep trace by Simon Arlott. xfrm_policy_kill() can be called from both BH and non-BH contexts, so we have to grab xfrm_policy_gc_lock with BH disabling. Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-03niu: Use pci_ioremap_bar().David S. Miller
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-03bnx2x: Version UpdateEilon Greenstein
Updating the version Signed-off-by: Eilon Greenstein <eilong@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-03bnx2x: Calling netif_carrier_off at the end of the probeEilon Greenstein
netif_carrier_off was called too early at the probe. In case of failure or simply bad timing, this can cause a fatal error since linkwatch_event might run too soon. Signed-off-by: Eilon Greenstein <eilong@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-03bnx2x: PCI configuration bug on big-endianEilon Greenstein
The current code read nothing but zeros on big-endian (wrong part of the 32bits). This caused poor performance on big-endian machines. Though this issue did not cause the system to crash, the performance is significantly better with the fix so I view it as critical bug fix. Signed-off-by: Eilon Greenstein <eilong@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-03bnx2x: Removing the PMF indication when unloadingEilon Greenstein
When the PMF flag is set, the driver can access the HW freely. When the driver is unloaded, it should not access the HW. The problem caused fatal errors when "ethtool -i" was called after the calling instance was unloaded and another instance was already loaded Signed-off-by: Eilon Greenstein <eilong@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-03mv643xx_eth: fix SMI bus access timeoutsLennert Buytenhek
The mv643xx_eth mii bus implementation uses wait_event_timeout() to wait for SMI completion interrupts. If wait_event_timeout() would return zero, mv643xx_eth would conclude that the SMI access timed out, but this is not necessarily true -- wait_event_timeout() can also return zero in the case where the SMI completion interrupt did happen in time but where it took longer than the requested timeout for the process performing the SMI access to be scheduled again. This would lead to occasional SMI access timeouts when the system would be under heavy load. The fix is to ignore the return value of wait_event_timeout(), and to re-check the SMI done bit after wait_event_timeout() returns to determine whether or not the SMI access timed out. Signed-off-by: Lennert Buytenhek <buytenh@marvell.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2008-11-03net: kconfig cleanupJeff Kirsher
The bool kconfig option added to ixgbe and myri10ge for DCA is ambigous, so this patch adds a description to the kconfig option. Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2008-11-03fs_enet: fix pollingAlexey Dobriyan
1. compile fix for irqreturn_t type change 2. restore ->poll_controller after CONFIG_PPC_CPM_NEW_BINDING transition Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2008-11-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: cifs: fix renaming one hardlink on top of another [CIFS] fix error in smb_send2 [CIFS] Reduce number of socket retries in large write path
2008-11-03cifs: fix renaming one hardlink on top of anotherJeff Layton
cifs: fix renaming one hardlink on top of another POSIX says that renaming one hardlink on top of another to the same inode is a no-op. We had the logic mostly right, but forgot to clear the return code. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-11-03Merge branch 'tracing-fixes-for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'tracing-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: tracing, ring-buffer: add paranoid checks for loops ftrace: use kretprobe trampoline name to test in output tracing, alpha: undefined reference to `save_stack_trace'
2008-11-03Merge branch 'io-mappings-for-linus-2' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'io-mappings-for-linus-2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: io mapping: clean up #ifdefs io mapping: improve documentation i915: use io-mapping interfaces instead of a variety of mapping kludges resources: add io-mapping functions to dynamically map large device apertures x86: add iomap_atomic*()/iounmap_atomic() on 32-bit using fixmaps
2008-11-03Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6: ALSA: hda: make a STAC_DELL_EQ option ALSA: emu10k1 - Add more invert_shared_spdif flag to Audigy models ALSA: hda - Add a quirk for another Acer Aspire (1025:0090) ALSA: remove direct access of dev->bus_id in sound/isa/* sound: struct device - replace bus_id with dev_name(), dev_set_name() ALSA: Fix PIT lockup on some chipsets when using the PC-Speaker ALSA: rawmidi - Add open check in rawmidi callbacks ALSA: hda - Add digital-mic for ALC269 auto-probe mode ALSA: hda - Disable broken mic auto-muting in Realtek codes
2008-11-03Merge branch 'proc-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/adobriyan/proc * 'proc-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/adobriyan/proc: proc: revert /proc/uptime to ->read_proc hook
2008-11-03Merge branch 'drm-next' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6 * 'drm-next' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6: i915: Add GEM ioctl to get available aperture size. drm/radeon: fixup further bus mastering confusion. build fix: CONFIG_DRM_I915=y && CONFIG_ACPI=n
2008-11-03io mapping: clean up #ifdefsKeith Packard
Impact: cleanup clean up ifdefs: change #ifdef CONFIG_X86_32/64 to CONFIG_HAVE_ATOMIC_IOMAP. flip around the #ifdef sections to clean up the structure. Signed-off-by: Keith Packard <keithp@keithp.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-11-03io mapping: improve documentationKeith Packard
Impact: add documentation Signed-off-by: Keith Packard <keithp@keithp.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-11-03Merge branches 'topic/fix/misc' and 'topic/fix/hda' into for-linusTakashi Iwai
2008-11-03ALSA: hda: make a STAC_DELL_EQ optionMatthew Ranostay
Add support for explicitly enabling the EQ distortion hack for systems without software biquad support. Signed-off-by: Matthew Ranostay <mranostay@embeddedalley.com> Cc: stable@kernel.org Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-11-03tracing, ring-buffer: add paranoid checks for loopsSteven Rostedt
While writing a new tracer, I had a bug where I caused the ring-buffer to recurse in a bad way. The bug was with the tracer I was writing and not the ring-buffer itself. But it took a long time to find the problem. This patch adds paranoid checks into the ring-buffer infrastructure that will catch bugs of this nature. Note: I put the bug back in the tracer and this patch showed the error nicely and prevented the lockup. Signed-off-by: Steven Rostedt <srostedt@redhat.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-11-03ftrace: use kretprobe trampoline name to test in outputSteven Rostedt
Impact: ia64+tracing build fix When a function is kprobed, the return address is set to the kprobe_trampoline, or something similar. This caused the output of the trace to look confusing when the parent seemed to be this "kprobe_trampoline" function. To fix this, Abhishek Sagar added a test of the instruction pointer of the parent to see if it matched the kprobe_trampoline. If it did, the output would print a "[unknown/kretprobe'd]" instead. Unfortunately, not all archs do this the same way, and the trampoline function may not be exported, which causes failures in builds. This patch will compare the name instead of the pointer to see if it matches. This prevents us from depending on a function from being exported, and should work on all archs. The worst that can happen is that an arch might use a different name and then we go back to the confusing output. At least the arch will still build. Reported-by: Abhishek Sagar <sagar.abhishek@gmail.com> Signed-off-by: Steven Rostedt <srostedt@redhat.com> Signed-off-by: Ingo Molnar <mingo@elte.hu> Tested-by: Abhishek Sagar <sagar.abhishek@gmail.com> Acked-by: Abhishek Sagar <sagar.abhishek@gmail.com>
2008-11-03XFRM: copy_to_user_kmaddress() reports local address twiceArnaud Ebalard
While adding support for MIGRATE/KMADDRESS in strongSwan (as specified in draft-ebalard-mext-pfkey-enhanced-migrate-00), Andreas Steffen noticed that XFRMA_KMADDRESS attribute passed to userland contains the local address twice (remote provides local address instead of remote one). This bug in copy_to_user_kmaddress() affects only key managers that use native XFRM interface (key managers that use PF_KEY are not affected). For the record, the bug was in the initial changeset I posted which added support for KMADDRESS (13c1d18931ebb5cf407cb348ef2cd6284d68902d 'xfrm: MIGRATE enhancements (draft-ebalard-mext-pfkey-enhanced-migrate)'). Signed-off-by: Arnaud Ebalard <arno@natisbad.org> Reported-by: Andreas Steffen <andreas.steffen@strongswan.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-03ALSA: emu10k1 - Add more invert_shared_spdif flag to Audigy modelsTakashi Iwai
Reported in Novell bnc#440862: https://bugzilla.novell.com/show_bug.cgi?id=440862 Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-11-03tracing, alpha: undefined reference to `save_stack_trace'Al Viro
Impact: build fix on !stacktrace architectures only select STACKTRACE on architectures that have STACKTRACE_SUPPORT ... since we also need to ifdef out the guts of ftrace_trace_stack(). We also want to disallow setting TRACE_ITER_STACKTRACE in trace_flags on such configs, but that can wait. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Acked-by: Steven Rostedt <srostedt@redhat.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-11-03ALSA: hda - Add a quirk for another Acer Aspire (1025:0090)Takashi Iwai
Added a quirk for another Acer Aspier laptop (1025:0090) with ALC883 codec. Reported in Novell bnc#426935: https://bugzilla.novell.com/show_bug.cgi?id=426935 Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-11-03SMC91x: Fix compilation on some platforms.David S. Miller
This reverts 51ac3beffd4afaea4350526cf01fe74aaff25eff ('SMC91x: delete unused local variable "lp"') and adds __maybe_unused markers to these (potentially) unused variables. The issue is that in some configurations SMC_IO_SHIFT evaluates to '(lp->io_shift)', but in some others it's plain '0'. Based upon a build failure report from Manuel Lauss. Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-03ALSA: remove direct access of dev->bus_id in sound/isa/*Takashi Iwai
Removed the direct accesses of dev->bus_id in sound/isa/* by replacement with dev_err() or dev_warn() functions. Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-11-03sound: struct device - replace bus_id with dev_name(), dev_set_name()Kay Sievers
[stripped sound/isa/* changes, replaced with the next patch -- tiwai] Signed-off-by: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-11-03ALSA: Fix PIT lockup on some chipsets when using the PC-SpeakerZoltan Devai
Fix PIT lockup on some chipsets when using the PC-Speaker. Signed-off-by: Zoltan Devai <zdevai@gmail.com> Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-11-03ALSA: rawmidi - Add open check in rawmidi callbacksTakashi Iwai
The drivers (e.g. mtpav) may call rawmidi functions in irq handlers even though the streams are not opened. This results in Oops or panic. This patch adds the rawmidi state check before actually operating the rawmidi buffers. Tested-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Takashi Iwai <tiwai@suse.de>
2008-11-02udp: Fix the SNMP counter of UDP_MIB_INERRORSWei Yongjun
UDP packets received in udpv6_recvmsg() are not only IPv6 UDP packets, but also have IPv4 UDP packets, so when do the counter of UDP_MIB_INERRORS in udpv6_recvmsg(), we should check whether the packet is a IPv6 UDP packet or a IPv4 UDP packet. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-02udp: Fix the SNMP counter of UDP_MIB_INDATAGRAMSWei Yongjun
If UDP echo is sent to xinetd/echo-dgram, the UDP reply will be received at the sender. But the SNMP counter of UDP_MIB_INDATAGRAMS will be not increased, UDP6_MIB_INDATAGRAMS will be increased instead. Endpoint A Endpoint B UDP Echo request -----------> (IPv4, Dst port=7) <---------- UDP Echo Reply (IPv4, Src port=7) This bug is come from this patch cb75994ec311b2cd50e5205efdcc0696abd6675d. It do counter UDP[6]_MIB_INDATAGRAMS until udp[v6]_recvmsg. Because xinetd used IPv6 socket to receive UDP messages, thus, when received UDP packet, the UDP6_MIB_INDATAGRAMS will be increased in function udpv6_recvmsg() even if the packet is a IPv4 UDP packet. This patch fixed the problem. Signed-off-by: Wei Yongjun <yjwei@cn.fujitsu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-03i915: Add GEM ioctl to get available aperture size.Eric Anholt
This will let userland know when to submit its batchbuffers, before they get too big to fit in the aperture. Signed-off-by: Eric Anholt <eric@anholt.net> Signed-off-by: Dave Airlie <airlied@redhat.com>