aboutsummaryrefslogtreecommitdiff
path: root/Documentation
AgeCommit message (Collapse)Author
2005-06-28Merge head 'upstream-20050628-1' of ↵Linus Torvalds
rsync://rsync.kernel.org/pub/scm/linux/kernel/git/jgarzik/libata-dev
2005-06-27Merge rsync://rsync.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6Greg KH
2005-06-27[PATCH] PCI Allow OutOfRange PIRQ table addressjayalk@intworks.biz
I updated this to remove unnecessary variable initialization, make check_routing be inline only and not __init, switch to strtoul, and formatting fixes as per Randy Dunlap's recommendations. I updated this to change pirq_table_addr to a long, and to add a warning msg if the PIRQ table wasn't found at the specified address, as per thread with Matthew Wilcox. In our hardware situation, the BIOS is unable to store or generate it's PIRQ table in the F0000h-100000h standard range. This patch adds a pci kernel parameter, pirqaddr to allow the bootloader (or BIOS based loader) to inform the kernel where the PIRQ table got stored. A beneficial side-effect is that, if one's BIOS uses a static address each time for it's PIRQ table, then pirqaddr can be used to avoid the $pirq search through that address block each time at boot for normal PIRQ BIOSes. Signed-off-by: Jaya Kumar <jayalk@intworks.biz> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2005-06-27[PATCH] Minor libata documentation patchEdward Falk
I fleshed out libata.tmpl a bit while I was taking notes.
2005-06-27[PATCH] pcmcia: documentation fixJar
Fix example hash generator in Documentation. Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-27[PATCH] pcmcia: add some DocumentationDominik Brodowski
Add some information useful for PCMCIA device driver authors to Documentation/pcmcia/, and reference it in dmesg in case of hash mismatches. Also add a reference to pcmciautils to Documentation/Changes. With recent changes, you don't need to concern yourself with pcmcia-cs even if you have PCMCIA hardware, so the example above the list needed to be adapted as well. Signed-off-by: Dominik Brodowski <linux@dominikbrodowksi.net> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-27[PATCH] cciss: pci id fixMike Miller
This patch fixes a PCI ID I got wrong before. It also adds support for another new SAS controller due out this summer. I didn't have a marketing name prior to my last submission. Also modifies the copyright date range. Signed-off-by: Mike Miller <mike.miller@hp.com> Acked-by: Jeff Garzik <jgarzik@pobox.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-27Merge rsync://rsync.kernel.org/pub/scm/linux/kernel/git/dtor/input.git manuallyLinus Torvalds
Some manual fixups required due to clashes with the PF_FREEZE cleanups.
2005-06-27[PATCH] CFQ io scheduler, add ioprio documentationJens Axboe
Add ioprio documentation Signed-off-by: Jens Axboe <axboe@suse.de> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-26[PATCH] Documentation/networking/dmfe.txt: Make documentation nicerIsmail Donmez
Patch indents dmfe.txt to look like other docs. It adds a tip about CNET cards using Davicom chipsets. Also it removes parts where it refers to how to build driver out-of-kernel which seems to be cruft from times where the driver was out of the kernel. Signed-off-by: Ismail Donmez <ismail@kde.org.tr> Signed-off-by: Domen Puncer <domen@coderock.org> Cc: Jeff Garzik <jgarzik@pobox.com> Signed-off-by: Andrew Morton <akpm@osdl.org>
2005-06-26Automatic merge with /usr/src/ntfs-2.6.git.Anton Altaparmakov
2005-06-26NTFS: Fix a nasty deadlock that appeared in recent kernels.Anton Altaparmakov
The situation: VFS inode X on a mounted ntfs volume is dirty. For same inode X, the ntfs_inode is dirty and thus corresponding on-disk inode, i.e. mft record, which is in a dirty PAGE_CACHE_PAGE belonging to the table of inodes, i.e. $MFT, inode 0. What happens: Process 1: sys_sync()/umount()/whatever... calls __sync_single_inode() for $MFT -> do_writepages() -> write_page for the dirty page containing the on-disk inode X, the page is now locked -> ntfs_write_mst_block() which clears PageUptodate() on the page to prevent anyone else getting hold of it whilst it does the write out. This is necessary as the on-disk inode needs "fixups" applied before the write to disk which are removed again after the write and PageUptodate is then set again. It then analyses the page looking for dirty on-disk inodes and when it finds one it calls ntfs_may_write_mft_record() to see if it is safe to write this on-disk inode. This then calls ilookup5() to check if the corresponding VFS inode is in icache(). This in turn calls ifind() which waits on the inode lock via wait_on_inode whilst holding the global inode_lock. Process 2: pdflush results in a call to __sync_single_inode for the same VFS inode X on the ntfs volume. This locks the inode (I_LOCK) then calls write-inode -> ntfs_write_inode -> map_mft_record() -> read_cache_page() for the page (in page cache of table of inodes $MFT, inode 0) containing the on-disk inode. This page has PageUptodate() clear because of Process 1 (see above) so read_cache_page() blocks when it tries to take the page lock for the page so it can call ntfs_read_page(). Thus Process 1 is holding the page lock on the page containing the on-disk inode X and it is waiting on the inode X to be unlocked in ifind() so it can write the page out and then unlock the page. And Process 2 is holding the inode lock on inode X and is waiting for the page to be unlocked so it can call ntfs_readpage() or discover that Process 1 set PageUptodate() again and use the page. Thus we have a deadlock due to ifind() waiting on the inode lock. The solution: The fix is to use the newly introduced ilookup5_nowait() which does not wait on the inode's lock and hence avoids the deadlock. This is safe as we do not care about the VFS inode and only use the fact that it is in the VFS inode cache and the fact that the vfs and ntfs inodes are one struct in memory to find the ntfs inode in memory if present. Also, the ntfs inode has its own locking so it does not matter if the vfs inode is locked. Signed-off-by: Anton Altaparmakov <aia21@cantab.net>
2005-06-26[PATCH] remove redundant info from SubmittingPatchesAdrian Bunk
Since the Trivial Patch Monkey is mentioned both in steps 4. and 5., I removed it from step4 (Select e-mail destination), since it should go under 'Select your CC list'. Signed-off-by: Cosmin Nicolaescu <cos@camelot.homelinux.com> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-26[SCSI] remove scsi_set_deviceChristoph Hellwig
scsi_add_host is the proper place to set the device, but people copy the scsi_set_device usage from older drivers again and again. note that this leaves some legacy drivers like qlogicisp/qlogicfc without pci association in sysfs, but they're scheduled to go away soon anyway. Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2005-06-25Merge Christoph's freeze cleanup patchLinus Torvalds
2005-06-25[PATCH] Cleanup patch for process freezingChristoph Lameter
1. Establish a simple API for process freezing defined in linux/include/sched.h: frozen(process) Check for frozen process freezing(process) Check if a process is being frozen freeze(process) Tell a process to freeze (go to refrigerator) thaw_process(process) Restart process frozen_process(process) Process is frozen now 2. Remove all references to PF_FREEZE and PF_FROZEN from all kernel sources except sched.h 3. Fix numerous locations where try_to_freeze is manually done by a driver 4. Remove the argument that is no longer necessary from two function calls. 5. Some whitespace cleanup 6. Clear potential race in refrigerator (provides an open window of PF_FREEZE cleared before setting PF_FROZEN, recalc_sigpending does not check PF_FROZEN). This patch does not address the problem of freeze_processes() violating the rule that a task may only modify its own flags by setting PF_FREEZE. This is not clean in an SMP environment. freeze(process) is therefore not SMP safe! Signed-off-by: Christoph Lameter <christoph@lameter.com> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] schedule the obsolete raw driver for removalAdrian Bunk
Since kernel 2.6.3 the Kconfig text explicitely stated this driver was obsolete. (trolling for IBMers) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] DCO: use IANA-reserved second level domain nameAlexey Dobriyan
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Domen Puncer <domen@coderock.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] Remove duplicate file in Documentation/networkingTobias Klauser
The files wanpipe.txt and wan-router.txt in Documentation/networking contain the exact same information (diff between the two shows no document is "Linux WAN Router Utilities Package" and therefor the name wan-router.txt is more appropriate. Signed-off-by: Tobias Klauser <tklauser@nuerscht.ch> Signed-off-by: Domen Puncer <domen@coderock.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] Remove duplicate file in Documentation/networking (00-INDEX)Tobias Klauser
wanpipe.txt and wan-router.txt in Documentation/networking contain the exact same information (diff between the two shows no Documentation/networking/00-INDEX as pointed out by Randy Dunlap. Signed-off-by: Tobias Klauser <tklauser@nuerscht.ch> Signed-off-by: Domen Puncer <domen@coderock.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] cosmetic fixes for example programs in Documentation/cdrom/sbpcdJesper Juhl
This patch makes a few minor changes to the example programs in Documentation/cdrom/sbpcd to kill off some warnings and build failures. Signed-off-by: Jesper Juhl <juhl-lkml@dif.dk> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] cpufreq: governors documentation fixesNico Golde
I corrected a small error and enhanced the govenor.txt file with the ondemand daemon because the kernel configs link to the documentation but ondemand wasn't documentated. Feel free to include the patch in the attachment. Cc: Dominik Brodowski <linux@dominikbrodowski.net> Cc: Dave Jones <davej@codemonkey.org.uk> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] kdump: sysrq trigger mechanism for kexec based crashdumpsHariprasad Nellitheertha
Add a sysrq-trigger mechanism for kexec based crashdumps. Alt-Sysrq-c triggers a kexec based crashdump. Signed-off-by: Hariprasad Nellitheertha <hari@in.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] kdump: Accessing dump file in linear raw format (/dev/oldmem)Vivek Goyal
Hariprasad Nellitheertha <hari@in.ibm.com> This patch contains the code that enables us to access the previous kernel's memory as /dev/oldmem. Signed-off-by: Eric Biederman <ebiederm@xmission.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] Retrieve elfcorehdr address from command lineVivek Goyal
This patch adds support for retrieving the address of elf core header if one is passed in command line. Signed-off-by: Vivek Goyal <vgoyal@in.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] kdump documentation update to introduce use of irqpollVivek Goyal
o Specify "irqpoll" command line option which loading second kernel. This helps in reducing driver initialization failures in second kernel due to shared interrupts. o Enabled LAPIC/IOAPIC support for UP kernels in second kernel. This reduces the chances of devices sharing the irq and hence reduces the chances of driver initialization failures in second kernel. o Build a UP capture kernel and disabled SMP support. Signed-off-by: Vivek Goyal <vgoyal@in.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] kdump: Documentation for KdumpVivek Goyal
This patch contains the documentation for the kexec based crash dump tool. Quick kdump-howto ================================================================ 1) Download and build kexec-tools. 2) Download and build the latest kexec/kdump (-mm) kernel patchset. Two kernels need to be built in order to get this feature working. A) First kernel: a) Enable "kexec system call" feature: CONFIG_KEXEC=y b) Physical load address (use default): CONFIG_PHYSICAL_START=0x100000 c) Enable "sysfs file system support": CONFIG_SYSFS=y d) Boot into first kernel with the command line parameter "crashkernel=Y@X": For example: "crashkernel=64M@16M". B) Second kernel: a) Enable "kernel crash dumps" feature: CONFIG_CRASH_DUMP=y b) Physical load addreess, use same load address as X in "crashkernel" kernel parameter in d) above, e.g., 16 MB or 0x1000000. CONFIG_PHYSICAL_START=0x1000000 c) Enable "/proc/vmcore support" (Optional, in Pseudo filesystems). CONFIG_PROC_VMCORE=y 3) Boot into the first kernel. 4) Load the second kernel to be booted using: kexec -p <second-kernel> --crash-dump --args-linux --append="root=<root-dev> maxcpus=1 init 1" 5) System reboots into the second kernel when a panic occurs. A module can be written to force the panic, for testing purposes. 6) See Documentation/kdump.txt for how to read the first kernel's memory image and how to analyze it. Signed-off-by: Hariprasad Nellitheertha <hari@in.ibm.com> Signed-off-by: Eric Biederman <ebiederm@xmission.com> Signed-off-by: Vivek Goyal <vgoyal@in.ibm.com> Signed-off-by: randy_dunlap <rdunlap@xenotime.net> Signed-off-by: Maneesh Soni <maneesh@in.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] kexec: add kexec syscallsEric W. Biederman
This patch introduces the architecture independent implementation the sys_kexec_load, the compat_sys_kexec_load system calls. Kexec on panic support has been integrated into the core patch and is relatively clean. In addition the hopefully architecture independent option crashkernel=size@location has been docuemented. It's purpose is to reserve space for the panic kernel to live, and where no DMA transfer will ever be setup to access. Signed-off-by: Eric Biederman <ebiederm@xmission.com> Signed-off-by: Alexander Nyberg <alexn@telia.com> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Vivek Goyal <vgoyal@in.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] Dynamic sched domains: cpuset changesDinakar Guniguntala
Adds the core update_cpu_domains code and updated cpusets documentation Signed-off-by: Dinakar Guniguntala <dino@in.ibm.com> Acked-by: Paul Jackson <pj@sgi.com> Acked-by: Nick Piggin <nickpiggin@yahoo.com.au> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] s390: debug feature changesMichael Holzheu
This patch changes the memory allocation method for the s390 debug feature. Trace buffers had been allocated using the get_free_pages() function before. Therefore it was not possible to get big memory areas in a running system due to memory fragmentation. Now the trace buffers are subdivided into several subbuffers with pagesize. Therefore it is now possible to allocate more memory for the trace buffers and more trace records can be written. In addition to that, dynamic specification of the size of the trace buffers is implemented. It is now possible to change the size of a trace buffer using a new debugfs file instance. When writing a number into this file, the trace buffer size is changed to 'number * pagesize'. In the past all the traces could be obtained from userspace by accessing files in the "proc" filesystem. Now with debugfs we have a new filesystem which should be used for debugging purposes. This patch moves the debug feature from procfs to debugfs. Since the interface of debug_register() changed, all device drivers, which use the debug feature had to be adjusted. Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] Update video-after-suspend documentationPavel Machek
Update video-after-suspend documentation; few more machines are added. Signed-off-by: Pavel Machek <pavel@suse.cz> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] suspend: PCI power managment reference implementationpavel@ucw.cz
Added reference implementation of suspend and resume routines. From: Shaohua Li <shaohua.li@intel.com> build fix Signed-off-by: Pavel Machek <pavel@suse.cz> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] acpi: fix video docsPavel Machek
This fixes typos/formatting in video_extension.txt. Signed-off-by: Pavel Machek <pavel@suse.cz> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] swsusp: documentation updatesPavel Machek
This updates documentation and fixes pointers in MAINTAINERS file. Signed-off-by: Pavel Machek <pavel@suse.cz> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] I8K: use standard DMI interfaceDmitry Torokhov
I8K: Change to use stock dmi infrastructure instead of homegrown parsing code. The driver now requires box's DMI data to match list of supported models so driver can be safely compiled-in by default without fear of it poking into random SMM BIOS code. DMI checks can be ignored with i8k.ignore_dmi option. Signed-off-by: Dmitry Torokhov <dtor@mail.ru> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25[PATCH] dvb-bt8xx.txt fixesUwe Bugla
Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-25NTFS: Prepare for 2.1.23 release: Update documentation and bump version.Anton Altaparmakov
Signed-off-by: Anton Altaparmakov <aia21@cantab.net>
2005-06-25Automerge with /usr/src/ntfs-2.6.git.Anton Altaparmakov
2005-06-24[PATCH] xip: descriptionCarsten Otte
Signed-off-by: Carsten Otte <cotte@de.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24[PATCH] DocBook: update commentsMartin Waitz
This patch updates some comments to match code changes. Signed-off-by: Martin Waitz <tali@admingilde.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24[PATCH] DocBook: only use tabular style for long synopsisMartin Waitz
There was a complaint that function declarations are shown tabular in the documentation since switching to xmlto. This patch disables tabular mode when the function fits in one line. Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24[PATCH] docbook build fixJiri Slaby
Fix documentation build with `make O=' Cc: Martin Waitz <tali@admingilde.org> Cc: Sam Ravnborg <sam@ravnborg.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24[PATCH] DViCO FusionHDTV3 Gold-T documentation fixMichael Krufky
Even though it says DViCO FusionHDTV3 Gold-Q on the box, Gold-T is printed on the card. This fix corrects the error in all places, and corrects the tuner name Thomson DDT 7611 (ATSC/NTSC) in the documentation. This applies against 2.6.12-rc5-mm2 after applying Manueal Capinha's patch "Add support for PixelView Ultra Pro in v4l" (because of the change from card=27 to card=28) Signed-off-by: Michael Krufky <mkrufky@m1k.net> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24[PATCH] Video for Linux DocumentationMauro Carvalho Chehab
This patch synchronizes documentation from V4L CVS with current kernel release. Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24[PATCH] oprofile: report anonymous region samplesJohn Levon
The below patch passes samples from anonymous regions to userspace instead of just dropping them. This provides the support needed for reporting anonymous-region code samples (today: basic accumulated results; later: Java and other dynamically compiled code). As this changes the format, an upgrade to the just-released 0.9 release of the userspace tools is required. This patch is based upon an earlier one by Will Cohen <wcohen@redhat.com> Signed-off-by: John Levon <levon@movementarian.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24[PATCH] dvb: Add generalized dvb-usb driverJohannes Stezenbach
Add generalized dvb-usb driver which supports a wide variety of devices. Signed-off-by: Patrick Boettcher <pb@linuxtv.org> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Randy Dunlap <rdunlap@xenotime.net> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24[PATCH] dvb: drop obsolete dibusb driverJohannes Stezenbach
Remove the dibusb driver which has been obsoleted by the generalized dvb-usb driver. Signed-off-by: Patrick Boettcher <pb@linuxtv.org> Signed-off-by: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24[PATCH] ipmi: add power cycle capabilityCorey Minyard
This patch to adds "power cycle" functionality to the IPMI power off module ipmi_poweroff. It also contains changes to support procfs control of the feature. The power cycle action is considered an optional chassis control in the IPMI specification. However, it is definitely useful when the hardware supports it. A power cycle is usually required in order to reset a firmware in a bad state. This action is critical to allow remote management of servers. The implementation adds power cycle as optional to the ipmi_poweroff module. It can be modified dynamically through the proc entry mentioned above. During a power down and enabled, the power cycle command is sent to the BMC firmware. If it fails either due to non-support or some error, it will retry to send the command as power off. Signed-off-by: Christopher A. Poblete <Chris_Poblete@dell.com> Signed-off-by: Corey Minyard <minyard@acm.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24[PATCH] ipmi: doc updatesCorey Minyard
This cleans up the IPMI documentation to fix some problems and make it more accurate for the current drivers. Signed-off-by: Corey Minyard <minyard@acm.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-06-24[PATCH] Keys: Make request-key create an authorisation keyDavid Howells
The attached patch makes the following changes: (1) There's a new special key type called ".request_key_auth". This is an authorisation key for when one process requests a key and another process is started to construct it. This type of key cannot be created by the user; nor can it be requested by kernel services. Authorisation keys hold two references: (a) Each refers to a key being constructed. When the key being constructed is instantiated the authorisation key is revoked, rendering it of no further use. (b) The "authorising process". This is either: (i) the process that called request_key(), or: (ii) if the process that called request_key() itself had an authorisation key in its session keyring, then the authorising process referred to by that authorisation key will also be referred to by the new authorisation key. This means that the process that initiated a chain of key requests will authorise the lot of them, and will, by default, wind up with the keys obtained from them in its keyrings. (2) request_key() creates an authorisation key which is then passed to /sbin/request-key in as part of a new session keyring. (3) When request_key() is searching for a key to hand back to the caller, if it comes across an authorisation key in the session keyring of the calling process, it will also search the keyrings of the process specified therein and it will use the specified process's credentials (fsuid, fsgid, groups) to do that rather than the calling process's credentials. This allows a process started by /sbin/request-key to find keys belonging to the authorising process. (4) A key can be read, even if the process executing KEYCTL_READ doesn't have direct read or search permission if that key is contained within the keyrings of a process specified by an authorisation key found within the calling process's session keyring, and is searchable using the credentials of the authorising process. This allows a process started by /sbin/request-key to read keys belonging to the authorising process. (5) The magic KEY_SPEC_*_KEYRING key IDs when passed to KEYCTL_INSTANTIATE or KEYCTL_NEGATE will specify a keyring of the authorising process, rather than the process doing the instantiation. (6) One of the process keyrings can be nominated as the default to which request_key() should attach new keys if not otherwise specified. This is done with KEYCTL_SET_REQKEY_KEYRING and one of the KEY_REQKEY_DEFL_* constants. The current setting can also be read using this call. (7) request_key() is partially interruptible. If it is waiting for another process to finish constructing a key, it can be interrupted. This permits a request-key cycle to be broken without recourse to rebooting. Signed-Off-By: David Howells <dhowells@redhat.com> Signed-Off-By: Benoit Boissinot <benoit.boissinot@ens-lyon.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>