Age | Commit message (Collapse) | Author |
|
master.kernel.org:/pub/scm/linux/kernel/git/bcollins/ubuntu-2.6
* 'ubuntu-updates' of master.kernel.org:/pub/scm/linux/kernel/git/bcollins/ubuntu-2.6:
[pci_ids] Add Quicknet XJ vendor/device ID's.
[valkyriefb] Ifdef for when CONFIG_NVRAM isn't enabled.
[platinumfb] Ifdef for when CONFIG_NVRAM isn't enabled.
[igafb] Add pci dev table for module auto loading.
[controlfb] Ifdef for when CONFIG_NVRAM isn't enabled.
[hid-core] TurboX Keyboard needs NOGET quirk.
[ixj] Add pci dev table for module auto loading.
[initio] Add pci dev table for module auto loading.
[fdomain] Add pci dev table for module auto loading.
[BusLogic] Add pci dev table for auto module loading.
[mv643xx] Add pci device table for auto module loading.
[alim7101] Add pci dev table for auto module loading.
|
|
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/pci-2.6: (22 commits)
PCI Hotplug: move pci_hotplug.h to include/linux/
change pci hotplug subsystem maintainer to Kristen
PCI: optionally sort device lists breadth-first
cpcihp_generic: prevent loading without "bridge" parameter
pci: Additional search functions
PCI: quirks: switch quirks code offender to use pci_get API
PCI: Update MSI-HOWTO.txt according to pci_msi_supported()
PCI: Improve pci_msi_supported() comments
PCI hotplug: ioremap balanced with iounmap
shpchp: remove unnecessary cmd_busy member from struct controller
shpchp: fix command completion check
pci: Stamp out pci_find_* usage in fakephp
PCI: fix pcie_portdrv_restore_config undefined without CONFIG_PM error
Fix DMA resource allocation in ACPIPnP
PCI: Turn pci_fixup_video into generic for embedded VGA
PCI: add ICH7/8 ACPI/GPIO io resource quirks
PCI: pcie-check-and-return-bus_register-errors fix
PCI: VIA IRQ quirk behaviour change
pciehp: Remove unnecessary check in pciehp_ctrl.c
pciehp - add missing locking
...
|
|
* 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6:
[S390] update default configuration
[S390] cio: update documentation.
[S390] dasd: clean up timer.
[S390] Fix pte type checking.
[S390] monwriter find header logic.
[S390] cio: sch_no -> schid.sch_no conversion.
[S390] Wire up epoll_pwait syscall.
[S390] cio: invalid device operational notification
[S390] fix vmlinux link when CONFIG_SYSIPC=n
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6:
[IA64] Count resched interrupts
[IA64] remove unused acpi_kbd_controller_present, acpi_legacy_devices
[IA64] update sn2_defconfig
[IA64] reformat pal.S to fit in 80 columns, fix typos
[IA64] remove unused PAL_CALL_IC_OFF
[IA64] - Allow IPIs in timer loop
[IA64] move ioremap/ioremap_nocache under __KERNEL__
[IA64] perfmon fix for global IRQ fix
|
|
This makes it possible to build pci hotplug drivers outside of the main
kernel tree, and Sam keeps telling me to move local header files to
their proper places...
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
|
Problem:
New Dell PowerEdge servers have 2 embedded ethernet ports, which are
labeled NIC1 and NIC2 on the chassis, in the BIOS setup screens, and
in the printed documentation. Assuming no other add-in ethernet ports
in the system, Linux 2.4 kernels name these eth0 and eth1
respectively. Many people have come to expect this naming. Linux 2.6
kernels name these eth1 and eth0 respectively (backwards from
expectations). I also have reports that various Sun and HP servers
have similar behavior.
Root cause:
Linux 2.4 kernels walk the pci_devices list, which happens to be
sorted in breadth-first order (or pcbios_find_device order on i386,
which most often is breadth-first also). 2.6 kernels have both the
pci_devices list and the pci_bus_type.klist_devices list, the latter
is what is walked at driver load time to match the pci_id tables; this
klist happens to be in depth-first order.
On systems where, for physical routing reasons, NIC1 appears on a
lower bus number than NIC2, but NIC2's bridge is discovered first in
the depth-first ordering, NIC2 will be discovered before NIC1. If the
list were sorted breadth-first, NIC1 would be discovered before NIC2.
A PowerEdge 1955 system has the following topology which easily
exhibits the difference between depth-first and breadth-first device
lists.
-[0000:00]-+-00.0 Intel Corporation 5000P Chipset Memory Controller Hub
+-02.0-[0000:03-08]--+-00.0-[0000:04-07]--+-00.0-[0000:05-06]----00.0-[0000:06]----00.0 Broadcom Corporation NetXtreme II BCM5708S Gigabit Ethernet (labeled NIC2, 2.4 kernel name eth1, 2.6 kernel name eth0)
+-1c.0-[0000:01-02]----00.0-[0000:02]----00.0 Broadcom Corporation NetXtreme II BCM5708S Gigabit Ethernet (labeled NIC1, 2.4 kernel name eth0, 2.6 kernel name eth1)
Other factors, such as device driver load order and the presence of
PCI slots at various points in the bus hierarchy further complicate
this problem; I'm not trying to solve those here, just restore the
device order, and thus basic behavior, that 2.4 kernels had.
Solution:
The solution can come in multiple steps.
Suggested fix #1: kernel
Patch below optionally sorts the two device lists into breadth-first
ordering to maintain compatibility with 2.4 kernels. It adds two new
command line options:
pci=bfsort
pci=nobfsort
to force the sort order, or not, as you wish. It also adds DMI checks
for the specific Dell systems which exhibit "backwards" ordering, to
make them "right".
Suggested fix #2: udev rules from userland
Many people also have the expectation that embedded NICs are always
discovered before add-in NICs (which this patch does not try to do).
Using the PCI IRQ Routing Table provided by system BIOS, it's easy to
determine which PCI devices are embedded, or if add-in, which PCI slot
they're in. I'm working on a tool that would allow udev to name
ethernet devices in ascending embedded, slot 1 .. slot N order,
subsort by PCI bus/dev/fn breadth-first. It'll be possible to use it
independent of udev as well for those distributions that don't use
udev in their installers.
Suggested fix #3: system board routing rules
One can constrain the system board layout to put NIC1 ahead of NIC2
regardless of breadth-first or depth-first discovery order. This adds
a significant level of complexity to board routing, and may not be
possible in all instances (witness the above systems from several
major manufacturers). I don't want to encourage this particular train
of thought too far, at the expense of not doing #1 or #2 above.
Feedback appreciated. Patch tested on a Dell PowerEdge 1955 blade
with 2.6.18.
You'll also note I took some liberty and temporarily break the klist
abstraction to simplify and speed up the sort algorithm. I think
that's both safe and appropriate in this instance.
Signed-off-by: Matt Domsch <Matt_Domsch@dell.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
|
In order to finish converting to pci_get_* interfaces we need to add a couple
of bits of missing functionaility
pci_get_bus_and_slot() provides the equivalent to pci_find_slot()
(pci_get_slot is already taken as a name for something similar but not the
same)
pci_get_device_reverse() is the equivalent of pci_find_device_reverse but
refcounting
Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
|
|
handle_pte_fault uses pte_present, pte_none and pte_file to find out
the type of a pte. That is done without holding the page table lock.
This clashes with the way how ptep_clear_flush removes active page
table entries from the system. First the ipte instruction is used
to invalidate the pte and remove all plt entries for the page. The
ipte sets the hardware invalid bit without changing any other bit.
After the ipte finished the pte is cleared. A concurrent fault can
observe the the previously valid pte with the invalid bit set. With
the current encoding of the different pte types an invalidated
read-only pte can be misinterpreted as a swap-pte.
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
|
|
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
|
|
Signed-off-by: Ben Collins <bcollins@ubuntu.com>
|
|
Linux maps PAL instructions with an ITR, but uses a DTC for PAL data.
Section 11.10.2.1.3, "Making PAL Procedures Calls in Physical or Virtual
Mode," of the SDM (rev 2.2), says we must therefore make all PAL calls
with PSR.ic = 1 so that Linux can handle any TLB faults.
PAL_CALL_IC_OFF is currently unused, and as long as we use the ITR + DTC
strategy, we can't use it. So remove it. I also removed the code in
ia64_pal_call_static() that conditionally cleared PSR.ic.
Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
|
|
I noticed these are declared extern outside of __KERNEL__, but surely
they wouldn't be available to userland since they're defined in
ioremap.c. Am I missing something here?
If I'm right about this, then there's probably a good deal of other
stuff in io.h that could move inside __KERNEL__, but at least this is
a start.
Signed-off-by: Aron Griffis <aron@hp.com>
Signed-off-by: Tony Luck <tony.luck@intel.com>
|
|
* master.kernel.org:/home/rmk/linux-2.6-arm:
[ARM] switch to new pci_get_bus_and_slot API
[ARM] Update mach-types
[ARM] Fix Zaurii keyboard/touchscreen drivers
[ARM] Fix fallout from IRQ regs changes
[ARM] 3890/1: [Jornada7xx] Addition of MCU commands into jornada720.h
[ARM] 3889/1: [Jornada7xx] Addition of correct SDRAM params into cpu-sa1110.c
[ARM] 3888/1: add pxa27x SSP FSRT register bit definition
|
|
* git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
Input: fm801-gp - handle errors from pci_enable_device()
Input: gameport core - handle errors returned by device_bind_driver()
Input: serio core - handle errors returned by device_bind_driver()
Lockdep: fix compile error in drivers/input/serio/serio.c
Input: serio - add lockdep annotations
Lockdep: add lockdep_set_class_and_subclass() and lockdep_set_subclass()
Input: atkbd - supress "too many keys" error message
Input: i8042 - supress ACK/NAKs when blinking during panic
Input: add missing exports to fix modular build
|
|
When IO error happens on metadata buffer, buffer is freed from memory and
later fsync() is called, filesystems like ext2 fail to report EIO. We
solve the problem by introducing a pointer to associated address space into
the buffer_head. When a buffer is removed from a list of metadata buffers
associated with an address space, IO error is transferred from the buffer to
the address space, so that fsync can later report it.
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
It is possible for the ->fopen callback from lockd into nfsd to find that an
answer cannot be given straight away (an upcall is needed) and so the request
has to be 'dropped', to be retried later. That error status is not currently
propagated back.
So:
Change nlm_fopen to return nlm error codes (rather than a private
protocol) and define a new nlm_drop_reply code.
Cause nlm_drop_reply to cause the rpc request to get rpc_drop_reply
when this error comes back.
Cause svc_process to drop a request which returns a status of
rpc_drop_reply.
[akpm@osdl.org: fix warning storm]
Cc: Marc Eshel <eshel@almaden.ibm.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Unless someone reads the documentation for write_seqcount_{begin,end} it is
not obvious, that i_size_write() needs locking. Especially, that lack of such
locking can result in a system hang.
Signed-off-by: Miklos Szeredi <miklos@szeredi.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Introduce desc->name and eliminate the handle_irq_name() hack. Add
set_irq_chip_and_handler_name() to set the flow type and name at once.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Matthew Wilcox <willy@debian.org>
Cc: Kyle McMartin <kyle@mcmartin.ca>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Make net_random() more widely available by calling it random32
akpm: hopefully this will permit the removal of carta_random32. That needs
confirmation from Stephane - this code looks somewhat more computationally
expensive, and has a different (ie: callee-stateful) interface.
[akpm@osdl.org: lots of build fixes, cleanups]
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Cc: Stephane Eranian <eranian@hpl.hp.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (25 commits)
[Bluetooth] Use work queue to trigger URB submission
[Bluetooth] Add locking for bt_proto array manipulation
[Bluetooth] Check if DLC is still attached to the TTY
[Bluetooth] Fix reference count when connection lookup fails
[Bluetooth] Disconnect HID interrupt channel first
[Bluetooth] Support concurrent connect requests
[Bluetooth] Make use of virtual devices tree
[Bluetooth] Handle return values from driver core functions
[Bluetooth] Fix compat ioctl for BNEP, CMTP and HIDP
[IPV6] sit: Add missing MODULE_LICENSE
[IPV6]: Remove bogus WARN_ON in Proxy-NA handling.
[IPv6] rules: Use RT6_LOOKUP_F_HAS_SADDR and fix source based selectors
[XFRM]: Fix xfrm_state_num going negative.
[NET]: reduce sizeof(struct inet_peer), cleanup, change in peer_check_expire()
NetLabel: the CIPSOv4 passthrough mapping does not pass categories correctly
NetLabel: better error handling involving mls_export_cat()
NetLabel: only deref the CIPSOv4 standard map fields when using standard mapping
[BRIDGE]: flush forwarding table when device carrier off
[NETFILTER]: ctnetlink: Remove debugging messages
[NETFILTER]: Update MAINTAINERS entry
...
|
|
Use inc/dec_preempt_count() rather than preempt_enable/disable() and manually
add in the compiler barriers that were provided by the latter. This makes FRV
consistent with other archs.
Furthermore, the compiler barrier effects are now there unconditionally - at
least as far as preemption is concerned - because we don't want the compiler
moving memory accesses out of the section of code in which the mapping is in
force - in effect the kmap_atomic() must imply a LOCK-class barrier and the
kunmap_atomic() must imply an UNLOCK-class barrier to the compiler.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Most Bluetooth chips don't support concurrent connect requests, because
this would involve a multiple baseband page with only one radio. In the
case an upper layer like L2CAP requests a concurrent connect these chips
return the error "Command Disallowed" for the second request. If this
happens it the responsibility of the Bluetooth core to queue the request
and try again after the previous connect attempt has been completed.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
|
|
1) shrink struct inet_peer on 64 bits platforms.
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux-acpi-2.6
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux-acpi-2.6: (28 commits)
ACPI: check battery status on resume for un/plug events during sleep
ACPICA: Fix incorrect handling of PCI Express Root Bridge _HID
ACPI: asus_acpi: don't printk on writing garbage to proc files
ACPI: asus_acpi: fix proc files parsing
ACPI: SCI interrupt source override
ACPI: fix printk format warnings
ACPI: fix section for CPU init functions
ACPI: update comments in motherboard.c
ACPI: acpi_pci_link_set() can allocate with either GFP_ATOMIC or GFP_KERNEL
ACPI: fix potential OOPS in power driver with CONFIG_ACPI_DEBUG
ACPI: ibm_acpi: delete obsolete documentation
ACPI: created a dedicated workqueue for notify() execution
ACPI: Remove deferred execution from global lock acquire wakeup path
MSI S270 Laptop support: backlight, wlan, bluetooth states
ACPI: EC: export ec_transaction() for msi-laptop driver
ACPI: EC: Simplify acpi_hw_low_level*() with inb()/outb().
ACPI: EC: Unify poll and interrupt gpe handlers
ACPI: EC: Unify poll and interrupt mode transaction functions
ACPI: EC: Remove unused variables and duplicated code
ACPI: EC: Remove unnecessary delay added by previous transation patch.
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/v4l-dvb
* 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/v4l-dvb:
V4L/DVB (4750): AGC command1/2 is board specific
V4L/DVB (4748): Fixed oops for Nova-T USB2
V4L/DVB (4746): HM12 is YUV 4:2:0, not YUV 4:1:1
V4L/DVB (4744): The Samsung TCPN2121P30A does not have a tda9887
V4L/DVB (4743): Fix oops in VIDIOC_G_PARM
V4L/DVB (4742): Drivers/media/video: handle sysfs errors
V4L/DVB (4741): {ov511,stv680}: handle sysfs errors
V4L/DVB (4740): Fixed an if-block to avoid floating with debug-messages
V4L/DVB (4739): SECAM support for saa7113 into saa7115
V4L/DVB (4738): Bt8xx/dvb-bt8xx.c: check kmalloc() return value.
V4L/DVB (4734): Tda826x: fix frontend selection for dvb_attach
V4L/DVB (4733): Tda10086: fix frontend selection for dvb_attach
V4L/DVB (4732): Fix spelling error in Kconfig help text for DVB_CORE_ATTACH
V4L/DVB (4731a): Kconfig: restore pvrusb2 menu items
V4L/DVB (4729): Fix VIDIOC_G_FMT for NTSC in cx25840.
V4L/DVB (4727): Support status readout for saa713x based FM radio
V4L/DVB (4725): Fix vivi compile on parisc
V4L/DVB (4692): Add WinTV-HVR3000 DVB-T support
|
|
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
This adds relevant MCU commands for the j7xx chipset.
Signed-off-by: Kristoffer Ericson <Kristoffer_e1@hotmail.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
This patch adds a register bit definition for the pxa27x SSP port Frame
Sync Relative Timing (FSRT) bit.
Signed-off-by: Liam Girdwood <liam.girdwood@wolfsonmicro.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
|
|
Unify the following functions:
acpi_ec_poll_read()
acpi_ec_poll_write()
acpi_ec_poll_query()
acpi_ec_intr_read()
acpi_ec_intr_write()
acpi_ec_intr_query()
into:
acpi_ec_poll_transaction()
acpi_ec_intr_transaction()
These new functions take as arguments an ACPI EC command, a few bytes
to write to the EC data register and a buffer for a few bytes to read
from the EC data register. The old _read(), _write(), _query() are
just special cases of these functions.
Then unified the code in acpi_ec_poll_transaction() and
acpi_ec_intr_transaction() a little more. Both functions are now just
wrappers around the new acpi_ec_transaction_unlocked() function. The
latter contains the EC access logic, the two original
function now just do their special way of locking and call the the
new function for the actual work.
This saves a lot of very similar code. The primary reason for doing
this, however, is that my driver for MSI 270 laptops needs to issue
some non-standard EC commands in a safe way. Due to this I added a new
exported function similar to ec_write()/ec_write() which is called
ec_transaction() and is essentially just a wrapper around
acpi_ec_{poll,intr}_transaction().
Signed-off-by: Lennart Poettering <mzxreary@0pointer.de>
Acked-by: Luming Yu <luming.yu@intel.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Len Brown <len.brown@intel.com>
|
|
Intel processors starting with the Core Duo support
support processor native C-state using the MWAIT instruction.
Refer: Intel Architecture Software Developer's Manual
http://www.intel.com/design/Pentium4/manuals/253668.htm
Platform firmware exports the support for Native C-state to OS using
ACPI _PDC and _CST methods.
Refer: Intel Processor Vendor-Specific ACPI: Interface Specification
http://www.intel.com/technology/iapc/acpi/downloads/302223.htm
With Processor Native C-state, we use 'MWAIT' instruction on the processor
to enter different C-states (C1, C2, C3). We won't use the special IO
ports to enter C-state and no SMM mode etc required to enter C-state.
Overall this will mean better C-state support.
One major advantage of using MWAIT for all C-states is, with this and
"treat interrupt as break event" feature of MWAIT, we can now get accurate
timing for the time spent in C1, C2, .. states.
Signed-off-by: Venkatesh Pallipadi <venkatesh.pallipadi@intel.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Len Brown <len.brown@intel.com>
|
|
Fix comment in videodev2.h
Signed-off-by: Hans Verkuil <hverkuil@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab@infradead.org>
|
|
m68knommu: sync syscalls with m68k
Signed-Off-By: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-Off-By: Greg Ungerer <gerg@uclinux.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
Apparently whoever converted voyager never actually checked that the
patch would compile ...
Remove as much of the pt_regs references as possible and move the
remaining ones into line with what's in x86 generic.
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
|
|
The old style (attribute on each structure entry) never really worked.
Move it to an attribute per structure
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
|
|
* master.kernel.org:/pub/scm/linux/kernel/git/lethal/sh-2.6:
sh: SH-4A UBC support
sh: interrupt exception handling rework
sh: Default enable R7780RP IRQs.
sh: Zero-out coherent buffer in consistent_alloc().
sh: Convert IPR-IRQ to IRQ chip.
sh: Convert INTC2 IRQ handler to irq_chip.
sh: Fix pr_debug statements for sh4
sh: Convert r7780rp IRQ handler to IRQ chip.
sh: Updates for IRQ handler changes.
sh: Kill off timer_ops get_frequency().
sh: First step at generic timeofday support.
|
|
* 'for-linus' of git://brick.kernel.dk/data/git/linux-2.6-block:
[PATCH] block layer: ioprio_best function fix
[PATCH] ide-cd: fix breakage with internally queued commands
[PATCH] block layer: elv_iosched_show should get elv_list_lock
[PATCH] splice: fix pipe_to_file() ->prepare_write() error path
[PATCH] block layer: elevator_find function cleanup
[PATCH] elevator: elevator_type member not used
|
|
We still need to maintain a private PC style command, since it
isn't completely unified with REQ_TYPE_BLOCK_PC yet.
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
|
|
elevator_type field in elevator_type structure is useless:
it isn't used anywhere in kernel sources.
Signed-off-by: Vasily Tarasov <vtaras@openvz.org>
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
|
|
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
When doing receiver buffer accounting, we always used skb->truesize.
This is problematic when processing bundled DATA chunks because for
every DATA chunk that could be small part of one large skb, we would
charge the size of the entire skb. The new approach is to store the
size of the DATA chunk we are accounting for in the sctp_ulpevent
structure and use that stored value for accounting.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Currently when an IPSec policy rule doesn't specify a security
context, it is assumed to be "unlabeled" by SELinux, and so
the IPSec policy rule fails to match to a flow that it would
otherwise match to, unless one has explicitly added an SELinux
policy rule allowing the flow to "polmatch" to the "unlabeled"
IPSec policy rules. In the absence of such an explicitly added
SELinux policy rule, the IPSec policy rule fails to match and
so the packet(s) flow in clear text without the otherwise applicable
xfrm(s) applied.
The above SELinux behavior violates the SELinux security notion of
"deny by default" which should actually translate to "encrypt by
default" in the above case.
This was first reported by Evgeniy Polyakov and the way James Morris
was seeing the problem was when connecting via IPsec to a
confined service on an SELinux box (vsftpd), which did not have the
appropriate SELinux policy permissions to send packets via IPsec.
With this patch applied, SELinux "polmatching" of flows Vs. IPSec
policy rules will only come into play when there's a explicit context
specified for the IPSec policy rule (which also means there's corresponding
SELinux policy allowing appropriate domains/flows to polmatch to this context).
Secondly, when a security module is loaded (in this case, SELinux), the
security_xfrm_policy_lookup() hook can return errors other than access denied,
such as -EINVAL. We were not handling that correctly, and in fact
inverting the return logic and propagating a false "ok" back up to
xfrm_lookup(), which then allowed packets to pass as if they were not
associated with an xfrm policy.
The solution for this is to first ensure that errno values are
correctly propagated all the way back up through the various call chains
from security_xfrm_policy_lookup(), and handled correctly.
Then, flow_cache_lookup() is modified, so that if the policy resolver
fails (typically a permission denied via the security module), the flow
cache entry is killed rather than having a null policy assigned (which
indicates that the packet can pass freely). This also forces any future
lookups for the same flow to consult the security module (e.g. SELinux)
for current security policy (rather than, say, caching the error on the
flow cache entry).
This patch: Fix the selinux side of things.
This makes sure SELinux polmatching of flow contexts to IPSec policy
rules comes into play only when an explicit context is associated
with the IPSec policy rule.
Also, this no longer defaults the context of a socket policy to
the context of the socket since the "no explicit context" case
is now handled properly.
Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Signed-off-by: James Morris <jmorris@namei.org>
|
|
When a security module is loaded (in this case, SELinux), the
security_xfrm_policy_lookup() hook can return an access denied permission
(or other error). We were not handling that correctly, and in fact
inverting the return logic and propagating a false "ok" back up to
xfrm_lookup(), which then allowed packets to pass as if they were not
associated with an xfrm policy.
The way I was seeing the problem was when connecting via IPsec to a
confined service on an SELinux box (vsftpd), which did not have the
appropriate SELinux policy permissions to send packets via IPsec.
The first SYNACK would be blocked, because of an uncached lookup via
flow_cache_lookup(), which would fail to resolve an xfrm policy because
the SELinux policy is checked at that point via the resolver.
However, retransmitted SYNACKs would then find a cached flow entry when
calling into flow_cache_lookup() with a null xfrm policy, which is
interpreted by xfrm_lookup() as the packet not having any associated
policy and similarly to the first case, allowing it to pass without
transformation.
The solution presented here is to first ensure that errno values are
correctly propagated all the way back up through the various call chains
from security_xfrm_policy_lookup(), and handled correctly.
Then, flow_cache_lookup() is modified, so that if the policy resolver
fails (typically a permission denied via the security module), the flow
cache entry is killed rather than having a null policy assigned (which
indicates that the packet can pass freely). This also forces any future
lookups for the same flow to consult the security module (e.g. SELinux)
for current security policy (rather than, say, caching the error on the
flow cache entry).
Signed-off-by: James Morris <jmorris@namei.org>
|
|
Testing revealed a problem with the NetLabel cache where a cached entry could
be freed while in use by the LSM layer causing an oops and other problems.
This patch fixes that problem by introducing a reference counter to the cache
entry so that it is only freed when it is no longer in use.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
|
|
lockdep_set_subclass() was missing in !LOCKDEP case
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
|
|
A simple patch to enable the UBC on SH-4A.
Signed-off-by: Ryusuke Sakato <sakato@hsdv.com>
Signed-off-by: Paul Mundt <lethal@linux-sh.org>
|
|
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
[MIPS] Pass NULL not 0 for pointer value.
[MIPS] IP27: Make declaration of setup_replication_mask a proper prototype.
[MIPS] BigSur: More useful defconfig.
[MIPS] Cleanup definitions of speed_t and tcflag_t.
[MIPS] Fix compilation warnings in arch/mips/sibyte/bcm1480/smp.c
[MIPS] Optimize and cleanup get_saved_sp, set_saved_sp
[MIPS] <asm/irq.h> does not need pt_regs anymore.
[MIPS] Workaround for bug in gcc -EB / -EL options.
[MIPS] Fix timer setup for Jazz
|
|
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
|
|
If CONFIG_BUILD_ELF64 was not selected and gcc had -msym32 option
(i.e. 4.0 or newer), there is no point to use %highest, %higher for
kernel symbols.
This patch also fixes 64-bit SMTC version of get_saved_sp() which is
broken but harmless since there is no such CPUs for now.
A bonus is set_saved_sp() and SMP version of get_saved_sp() are more
readable now.
Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
|