From: gerg@snapgear.com

Add module support for m68knommu architecture.

From: gerg@snapgear.com

Allow for building of module support for m68knommu architecture.

From: Trond Myklebust <trond.myklebust@fys.uio.no>

Enabling rpc_debug can currently result in an Oops due to an incorrect
pointer check.

From: Trond Myklebust <trond.myklebust@fys.uio.no>

Fix a bug in the NFS write code whereby writepage() may end up deadlocking
on clear_inode().

From: Trond Myklebust <trond.myklebust@fys.uio.no>

The nfs_permission() code needs to check for "local" mount flags such as
"ro" *before* it decides to optimize away any permissions tests.

From: Trond Myklebust <trond.myklebust@fys.uio.no>

The following patch fixes a bug when initializing the intent structure
in sys_uselib(): intents use the FMODE_READ convention rather than
O_RDONLY.

It also adds a missing open intent to open_exec(). This ensures that NFS
clients will do the necessary close-to-open data cache consistency
checking.

Currently, when calling nfs_commit_file(), we check the range argument,
and only commit NFS write requests that fall within the given range.
This is silly, since all servers use fsync(), to honour a COMMIT call,
and so will sync all pending writes to stable storage.

The following patch ensures that if at least one NFS write falls within
the range specified by the call to nfs_commit_file(), then we commit all
outstanding writes on that file.

This fixes a sometimes severe inefficiency when combining reads and
writes: nfs_wb_page() is used to clear out writes prior to scheduling a
read(), and can end up calling COMMIT for each page to be read.

From: Trond Myklebust <trond.myklebust@fys.uio.no>

If users set the execute bit on a file, and then write to it,
remove_suid() causes a flood of SETATTR calls (one per write() syscall)
with no arguments to be sent down the wire.

The server will in any case clear the suid bit itself without any
prompting from us, so the following patch simply filters away all
SETATTR requests with empty or unsupported ia_valid fields.

From: James Morris <jmorris@redhat.com>

This patch implements two new access controls for SELinux: SEND_MSG and
RECV_MSG, providing mediation of network packets based on destination port
(IPv4 only at this stage).

From: James Morris <jmorris@redhat.com>

This patch is a rework of the skb audit logging code in SELinux.  Rather
than relying on skb header pointers, it parses the skb for specific
protocols (TCP and UDP for IPv4 at this stage).  This is safer for the case
of locally generated raw packets, which can be malformed.  It also now
takes fragmented skbs into account.  The new code allows the caller to
parse the skb so that parsed information can be more readily re-used.

From: Stephen Smalley <sds@epoch.ncsc.mil>

Use obj-$(CONFIG_FOO) instead of `ifeq'.

From: James Morris <jmorris@redhat.com>

This patch adds dname to audit output when a path cannot be generated.
This makes analysis of SELinux audit logs easier.

Patch by Stephen Smalley <sds@epoch.ncsc.mil>.

From: James Morris <jmorris@redhat.com>

This patch adds a new option for Unix sockets, SO_PEERSEC, and an
associated LSM hook, getpeersec.  The SELinux handler is also included.

The purpose of this is to allow applications to obtain each others security
credentials, analagously to the existing SO_PEERCRED option.

Examples of use are Security Enhanced D-BUS and Security Enhanced X.

This patch was previously approved in principle by David, and has been
updated with feedback from Chris Wright and extended to cover all
architectures.

From: James Morris <jmorris@redhat.com>

This is a cleanup for the SELinux code, which converts all
remaining appropriate socket hooks over to using socket_has_perm().

From: James Morris <jmorris@redhat.com>

This patch adds a new SELinux access control, node_bind, which can be used
to restrict the local IP address to which an application may bind.

From: James Morris <jmorris@redhat.com>

This patch adds 'node' access controls for SELinux, which allows network
traffic to be controlled on the basis of remote address.

Like the previous patch, similar functionality was present in earlier
SELinux implementations; this is a rework within the constraints of the LSM
hooks present in the mainline kernel.

From: James Morris <jmorris@redhat.com>

This patch adds netif access controls for SELinux, which allows network
traffic to be controlled on the basis of associated network interface.

Similar functionality was present in earlier SELinux implementations; this
is a rework within the constraints of the LSM hooks present in the mainline
kernel.

From: James Morris <jmorris@redhat.com>

This patch adds controls to the SELinux module over the setting and
inheritance of resource limits.  With these controls, the ability to set
hard limits can be limited to specific processes such as login, and when an
untrusted process invokes a more trusted program, soft limits can be reset,
thereby avoiding failures in the trusted program due to malicious setting
of the soft limit by the untrusted process.  Roland McGrath provided input
and feedback on the patch, which was implemented by Stephen Smalley
<sds@epoch.ncsc.mil>.

From: Muli Ben-Yehuda <mulix@mulix.org>

Yet another sound/oss/trident cleanup patch.  This one replace the TRDBG
debugging macro with the standard pr_debug.  Patch is from Eugene Teo
<eugene.teo@eugeneteo.net>, slightly modified by me to apply against
2.6.0-rc1-mm1 with the other cleanup patches applied.

From: Muli Ben-Yehuda <mulix@mulix.org>

- switch lock_set_fmt() and unlock_set_fmt() from macros to inline
  functions.  Macros that call return() are EVIL.

- simplify lock_set_fmt() and implement it via test_and_set_bit() rather
  than a spinlock protecting an int.

- fix a bug wherein we would do an up() on a semaphore that hasn't been
  down()ed if a signal happened after timeout in trident_write().

- fix a bug where we would not release the open_sem on OOM.

- make the arguments for prog_dmabuf clearer (int -> enum), and add two
  wrapper functions around it, one for record and one for playback.  

- fix a bug where we would call VALIDATE_STATE after lock_kernel().  Since
  VALIDATE_STATE does 'return' if validation fails, bad things can happen. 
  Thanks to Dawson Engler <engler@stanford.edu> and the Stanford checker for
  spotting.

- remove the calls to lock_kernel() from trident_release() and
  trident_mmap().  trident_release() appears to be covered by the open_sem,
  and trident_mmap() is covered by state->sem.

- s/TRUE/1/, s/FALSE/0/

From: Muli Ben-Yehuda <mulix@mulix.org>

Reindent the trident OSS sound driver

From: Christoph Hellwig <hch@lst.de>

Now that modutils don't have built-in aliases anymore this is needed to
make mount -t vxfs autload the module.

From: Anton Blanchard <anton@samba.org>

From: Anton Blanchard <anton@samba.org>

Generate a global printk rate-limiting function, printk_ratelimit().

Also, use it in the page allocator warning code.  Also add a dump_stack to
that code.

Later, we need to switch net_ratelimit() over to use printk_ratelimit().

From: Geert Uytterhoeven <geert@linux-m68k.org>

Buddha/CatWeasel IDE: Make sure the core IDE driver doesn't try to request the
MMIO ports a second time, since this will fail.

From: Geert Uytterhoeven <geert@linux-m68k.org>

M68k Documentation: framebuffer.txt no longer exists in the m68k directory
(from Nikita Melnikov)

From: Geert Uytterhoeven <geert@linux-m68k.org>

Genrtc: Move code to kill warning if CONFIG_PROC_FS is disabled

From: Geert Uytterhoeven <geert@linux-m68k.org>

Cirrusfb: Replace `extern inline' by `static inline'

From: Geert Uytterhoeven <geert@linux-m68k.org>

M68k core: Replace (variants of) `extern inline' by `static inline'

From: Geert Uytterhoeven <geert@linux-m68k.org>

M68k: Fix (unused) definition of init_thread_info (from Roman Zippel)

From: Geert Uytterhoeven <geert@linux-m68k.org>

M68k: Don't forget to initialize the thread_info member in INIT_THREAD() (from
Roman Zippel)

From: Geert Uytterhoeven <geert@linux-m68k.org>

M68k has no VGA or MDA consoles

From: Geert Uytterhoeven <geert@linux-m68k.org>

Amiga core: Use C99 struct initializers

From: Geert Uytterhoeven <geert@linux-m68k.org>

M68k: Add missing #ifdef __KERNEL / #endif (from Christian T. Steigies)

From: Geert Uytterhoeven <geert@linux-m68k.org>

Mac II VIA: Don't include <asm/init.h> directly

From: Geert Uytterhoeven <geert@linux-m68k.org>

Amiga: Fix `debug=mem' (record all kernel messages in ChipRAM):
virt_to_phys() no longer works for Zorro II memory space, we must use
ZTWO_PADDR()

From: Geert Uytterhoeven <geert@linux-m68k.org>

Zorro bus: Add support for sysfs and the new driver model

From: Geert Uytterhoeven <geert@linux-m68k.org>

Amiga Gayle IDE: Add support for the IDE interface on the M-Tech E-Matrix 530
expansion card

From: Geert Uytterhoeven <geert@linux-m68k.org>

Amiga Gayle IDE: Kill old test code for the IDE doubler

From: Geert Uytterhoeven <geert@linux-m68k.org>

ADB: Disable the ADB clock code when CONFIG_ADB is not selected (from Matthias
Urlichs).