- 10 Mar, 2005 6 commits
-
-
Stephen D. Smalley authored
This patch adds a reqprot parameter to the security_file_mmap and security_file_mprotect hooks that is the original requested protection value prior to any modification for read-implies-exec, and changes the SELinux module to allow a mode of operation (controllable via a checkreqprot setting) where it applies checks based on that protection value rather than the protection that will be applied by the kernel, effectively restoring SELinux's original behavior prior to the introduction of the read-implies-exec logic in the mainline kernel. The patch also disables execmem and execmod checking entirely on PPC32, as the PPC32 ELF ABI presently requires RWE segments per Ulrich Drepper. At present, the read-implies-exec logic causes SELinux to see every mmap/mprotect read request by legacy binaries or binaries marked with PT_GNU_STACK RWE as a read|execute request, which tends to distort policy even if it reflects what is ultimately possible. The checkreqprot setting allows one to set the desired behavior for SELinux, so either the current behavior or the original behavior is possible. The checkreqprot value has a compile-time configurable default value and can also be set via boot parameter or at runtime via /selinux/checkreqprot if allowed by policy. Thanks to Chris Wright, James Morris, and Colin Walters for comments on an earlier version of the patch. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
dgoeddel@trustedcs.com authored
This patch replaces the original experimental Multi-Level Security (MLS) implementation in SELinux with an enhanced MLS implementation contributed by Trusted Computer Solutions (TCS). The enhanced MLS implementation replaces the hardcoded MLS logic with a flexible constraint-based system and replaces the compile-time option for MLS support with a policy load-time enable based on whether MLS support was enabled in the policy when it was built. The latter change allows a single kernel and policy toolchain to support both MLS and non-MLS policies. Compatibility is still provided as usual for existing policies. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
Kenneth W. Chen authored
Kmem_cache_alloc_node is not capable of handling a null cachep pointer as its input argument. If I try to increase a slab limit by echoing a very large number into /proc/slabinfo, kernel will panic from alloc_arraycache() because Kmem_find_general_cachep() can actually return a NULL pointer if the size argument is sufficiently large. Signed-off-by: Ken Chen <kenneth.w.chen@intel.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
Andrew Morton authored
If you do 'echo 0 0 > /proc/sys/vm/lowmem_reserve_ratio' the kernel gets a divide-by-zero. Prevent that, and fiddle with some whitespace too. Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
Neil Brown authored
Instead of setting one value lots of times, let's set lots of values once each, as we should.. This fixes possible inconsistencies that might arise in a version-1 superblock when devices fail and are removed. Usage of version-1 superblocks is not yet widespread and no actual problems have been reported. From: Paul Clements <paul.clements@steeleye.com> Signed-off-by: Neil Brown <neilb@cse.unsw.edu.au> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
Andrew Morton authored
Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
- 09 Mar, 2005 34 commits
-
-
bk://kernel.bkbits.net/davem/sparc-2.6Linus Torvalds authored
into ppc970.osdl.org:/home/torvalds/v2.6/linux
-
bk://kernel.bkbits.net/gregkh/linux/2.6.11/shLinus Torvalds authored
into ppc970.osdl.org:/home/torvalds/v2.6/linux
-
bk://kernel.bkbits.net/gregkh/linux/2.6.11/tpmLinus Torvalds authored
into ppc970.osdl.org:/home/torvalds/v2.6/linux
-
bk://kernel.bkbits.net/gregkh/linux/2.6.11/aoeLinus Torvalds authored
into ppc970.osdl.org:/home/torvalds/v2.6/linux
-
bk://kernel.bkbits.net/gregkh/linux/2.6.11/driverLinus Torvalds authored
into ppc970.osdl.org:/home/torvalds/v2.6/linux
-
bk://kernel.bkbits.net/gregkh/linux/2.6.11/debugfsLinus Torvalds authored
into ppc970.osdl.org:/home/torvalds/v2.6/linux
-
David S. Miller authored
into northbeach.davemloft.net:/home/davem/src/BK/sparc-2.6
-
bk://bk.arm.linux.org.uk/linux-2.6-serialLinus Torvalds authored
into ppc970.osdl.org:/home/torvalds/v2.6/linux
-
Ben Dooks authored
Patch from Ben Dooks Support for s3c2400 uarts in the s3c2410.c driver, to go with the s3c2410 and s3c2440 support already in there. Add PORT_S3C2400 to include/linux/serial_core.h Signed-off-by: Ben Dooks Signed-off-by: Russell King
-
bk://bk.arm.linux.org.uk/linux-2.6-rmkLinus Torvalds authored
into ppc970.osdl.org:/home/torvalds/v2.6/linux
-
Ben Dooks authored
Patch from Ben Dooks Update info on supported CPUs, add Lucas to the list of contributors. Add section on adding new machines Signed-off-by: Ben Dooks Signed-off-by: Russell King
-
Olof Johansson authored
I'm oopsing on shutdown on a machine that has a Via Rhine adapter in it: Unable to handle kernel paging request at virtual address e0803003 [...] EIP is at ioread8+0x2c/0x40 Call Trace: [<c0103d5f>] show_stack+0x7f/0xa0 [<c0103efa>] show_registers+0x15a/0x1c0 [<c01040ce>] die+0xce/0x150 [<c0113406>] do_page_fault+0x356/0x692 [<c01039ff>] error_code+0x2b/0x30 [<c026b490>] rhine_shutdown+0x60/0x140 [<c0253ad9>] device_shutdown+0x89/0x8b [<c012461c>] sys_reboot+0xac/0x200 [<c0102f71>] sysenter_past_esp+0x52/0x75 Seems like it is the ioread8 in: /* Hit power state D3 (sleep) */ iowrite8(ioread8(ioaddr + StickyHW) | 0x03, ioaddr + StickyHW); that fails. StickyHW is 0x83. lspci says: 0000:00:07.0 Ethernet controller: VIA Technologies, Inc. VT86C100A [Rhine] (rev 06) Flags: bus master, medium devsel, latency 32, IRQ 18 I/O ports at ec00 [size=128] Memory at dfffff80 (32-bit, non-prefetchable) [size=128] In other words, it's trying to read outside of the I/O range (0x80), which matches the fauling address. I'm guessing my chip revision doesn't support WOL, it's a crappy noname card. It does seem as if rhine_power_init checks quirks for rqWOL before touching any registers. Should rhine_shutdown do the same? Proposed patch below, which resolves the problem on my system. Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
-
Andrew Morton authored
From: Herbert Xu <herbert@gondor.apana.org.au> Fix bug #4223. OK, this happened because we got preempted before sis900_mii_probe finished setting the sis_priv->mii. Theoretically this can happen with SMP as well but I suppose the number of SMP machines with sis900 is fairly small. Anyway, the fix is to make sure that sis900_mii_probe is done before the device can be opened. This patch does it by moving the setup before register_netdevice. Since the netdev name is not available before register_netdev, I've changed the relevant printk's to use pci_name instead. Note that one of those printk's may be called after register_netdev as well. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
-
Greg Kroah-Hartman authored
This moves us away from using the rwsem, although recursive adds and removes of class devices is not yet possible (nor is it really known if it even is needed.) So this simple change is done instead. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Greg Kroah-Hartman authored
If further finer grained locking is needed, we can add a lock to the sysdev_class to lock the class drivers list. But if you do that, remember the global list also is still there and needs to be protected. That's why I went with a simple lock for everything. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Greg Kroah-Hartman authored
Heh, "global_drivers" as a static... Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Greg Kroah-Hartman authored
Thanks to Alessandro Rubini <rubini@gnudd.com> for pointing this out. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Greg Kroah-Hartman authored
Thanks to Alessandro Rubini <rubini@gnudd.com> for pointing this out. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Greg Kroah-Hartman authored
This forces the caller to provide the lock, but as they all already had one, it's not a big change. It also removes the now-unneeded cdev_subsys. Thanks to Jon Corbet for reminding me about that. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Greg Kroah-Hartman authored
into suse.de:/home/greg/linux/BK/do/sh-2.6
-
Greg Kroah-Hartman authored
This is needed if the class code is going to be made easier to use, and it makes the code smaller and easier to understand. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Paul Mundt authored
Signed-off-by: Paul Mundt <paul.mundt@nokia.com> Signed-off-by: Greg Kroah-Hartman <greg@kroah.com>
-
David Howells authored
The attached patch makes read/write semaphores use interrupt disabling spinlocks in the slow path, thus rendering the up functions and trylock functions available for use in interrupt context. This matches the regular semaphore behaviour. I've assumed that the normal down functions must be called with interrupts enabled (since they might schedule), and used the irq-disabling spinlock variants that don't save the flags. Signed-Off-By: David Howells <dhowells@redhat.com> Tested-by: Badari Pulavarty <pbadari@us.ibm.com> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-
Ed L. Cashin authored
Adrian Bunk <bunk@stusta.de> writes: > This patch contains the following cleanups: > - make the needlessly global struct aoe_fops static > - #if 0 the unused global function aoechr_hdump Thanks for the patch. The original patch leaves the prototype for aoechr_hdump in aoe.h, but since this function is just for debugging, it seems better to just take both prototype and definition out. remove aoechr_hdump make aoe_fops static Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Ed L. Cashin <ecashin@coraid.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Ed L. Cashin authored
Suse 9.1 Pro doesn't put /sys in /etc/mtab. This patch makes the example aoe status.sh script work when sysfs is mounted but `mount` doesn't mention sysfs. aoe status.sh: handle sysfs not in /etc/mtab Signed-off-by: Ed L. Cashin <ecashin@coraid.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Ed L. Cashin authored
This patch makes disk errors fail the IO instead of getting logged and ignored. Fail IO on disk errors Signed-off-by: Ed L. Cashin <ecashin@coraid.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Ed L. Cashin authored
Bodo Eggert <7eggert@gmx.de> writes: > Ed L Cashin <ecashin@coraid.com> wrote: > >> +if=A0test=A0-z=A0"$conf";=A0then >> +=A0=A0=A0=A0=A0=A0=A0=A0conf=3D"`find=A0/etc=A0-type=A0f=A0-name=A0udev= .conf=A02>=A0/dev/null`" >> +fi >> +if=A0test=A0-z=A0"$conf"=A0||=A0test=A0!=A0-r=A0$conf;=A0then >> +=A0=A0=A0=A0=A0=A0=A0=A0echo=A0"$me=A0Error:=A0could=A0not=A0find=A0rea= dable=A0udev.conf=A0in=A0/etc"=A01>&2 >> +=A0=A0=A0=A0=A0=A0=A0=A0exit=A01 >> +fi > > This will fail and print > --- > bash: test: etc/udev.conf: binary operator expected > --- > if there is more than one udev.conf. > > Fix: Always put quotes around variables. Thanks. With the changes below, it still will complain if it finds more than one udev.conf, but only if /etc/udev/udev.conf doesn't exist. Quote all shell variables, and use /etc/udev/udev.conf if available. Signed-off-by: Ed L. Cashin <ecashin@coraid.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Ed L. Cashin authored
add documentation for udev users Signed-off-by: Ed L. Cashin <ecashin@coraid.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Alexander Nyberg authored
I just accidently built AoE on x86-64 and it emits a warning due to conversion of types of different size, trivial fix: Signed-off-by: Alexander Nyberg <alexn@dsv.su.se> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Andrew Morton authored
drivers/char/tpm/tpm.c: In function `show_pcrs': drivers/char/tpm/tpm.c:228: warning: passing arg 1 of `tpm_transmit' from incompatible pointer type drivers/char/tpm/tpm.c:238: warning: passing arg 1 of `tpm_transmit' from incompatible pointer type Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Andrew Morton authored
drivers/char/tpm/tpm_atmel.c:131: unknown field `fops' specified in initializer drivers/char/tpm/tpm_atmel.c:131: warning: missing braces around initializer Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Greg Kroah-Hartman <greg@kroah.com>
-
Andrew Morton authored
With older gcc's: drivers/char/tpm/tpm_nsc.c:238: unknown field `fops' specified in initializer drivers/char/tpm/tpm_nsc.c:238: warning: missing braces around initializer Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Greg Kroah-Hartman <greg@kroah.com>
-
Kylene Hall authored
There were misplaced spinlock acquires and releases in the probe, close and release paths which were causing might_sleep and schedule while atomic error messages accompanied by stack traces when the kernel was compiled with SMP support. Bug reported by Reben Jenster <ruben@hotheads.de> Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Greg Kroah-Hartman <greg@kroah.com>
-
Kylene Hall authored
This patch is a device driver to enable new hardware. The new hardware is the TPM chip as described by specifications at <http://www.trustedcomputinggroup.org>. The TPM chip will enable you to use hardware to securely store and protect your keys and personal data. To use the chip according to the specification, you will need the Trusted Software Stack (TSS) of which an implementation for Linux is available at: <http://sourceforge.net/projects/trousers>. Signed-off-by: Leendert van Doorn <leendert@watson.ibm.com> Signed-off-by: Reiner Sailer <sailer@watson.ibm.com> Signed-off-by: Dave Safford <safford@watson.ibm.com> Signed-off-by: Kylene Hall <kjhall@us.ibm.com> Signed-off-by: Greg Kroah-Hartman <greg@kroah.com>
-