- 16 Oct, 2007 40 commits
-
-
KaiGai Kohei authored
This patch kills ugly warnings when the "Improve SELinux performance when ACV misses" patch. Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: James Morris <jmorris@namei.org>
-
KaiGai Kohei authored
* We add ebitmap_for_each_positive_bit() which enables to walk on any positive bit on the given ebitmap, to improve its performance using common bit-operations defined in linux/bitops.h. In the previous version, this logic was implemented using a combination of ebitmap_for_each_bit() and ebitmap_node_get_bit(), but is was worse in performance aspect. This logic is most frequestly used to compute a new AVC entry, so this patch can improve SELinux performance when AVC misses are happen. * struct ebitmap_node is redefined as an array of "unsigned long", to get suitable for using find_next_bit() which is fasted than iteration of shift and logical operation, and to maximize memory usage allocated from general purpose slab. * Any ebitmap_for_each_bit() are repleced by the new implementation in ss/service.c and ss/mls.c. Some of related implementation are changed, however, there is no incompatibility with the previous version. * The width of any new line are less or equal than 80-chars. The following benchmark shows the effect of this patch, when we access many files which have different security context one after another. The number is more than /selinux/avc/cache_threshold, so any access always causes AVC misses. selinux-2.6 selinux-2.6-ebitmap AVG: 22.763 [s] 8.750 [s] STD: 0.265 0.019 ------------------------------------------ 1st: 22.558 [s] 8.786 [s] 2nd: 22.458 [s] 8.750 [s] 3rd: 22.478 [s] 8.754 [s] 4th: 22.724 [s] 8.745 [s] 5th: 22.918 [s] 8.748 [s] 6th: 22.905 [s] 8.764 [s] 7th: 23.238 [s] 8.726 [s] 8th: 22.822 [s] 8.729 [s] Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
-
Eric Paris authored
Allow policy to select, in much the same way as it selects MLS support, how the kernel should handle access decisions which contain either unknown classes or unknown permissions in known classes. The three choices for the policy flags are 0 - Deny unknown security access. (default) 2 - reject loading policy if it does not contain all definitions 4 - allow unknown security access The policy's choice is exported through 2 booleans in selinuxfs. /selinux/deny_unknown and /selinux/reject_unknown. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
-
Yuichi Nakamura authored
It reduces the selinux overhead on read/write by only revalidating permissions in selinux_file_permission if the task or inode labels have changed or the policy has changed since the open-time check. A new LSM hook, security_dentry_open, is added to capture the necessary state at open time to allow this optimization. (see http://marc.info/?l=selinux&m=118972995207740&w=2) Signed-off-by: Yuichi Nakamura<ynakam@hitachisoft.jp> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
-
Yuichi Nakamura authored
This patch reduces memory usage of SELinux by tuning avtab. Number of hash slots in avtab was 32768. Unused slots used memory when number of rules is fewer. This patch decides number of hash slots dynamically based on number of rules. (chain length)^2 is also printed out in avtab_hash_eval to see standard deviation of avtab hash table. Signed-off-by: Yuichi Nakamura<ynakam@hitachisoft.jp> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuildLinus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuild: (40 commits) kbuild: introduce ccflags-y, asflags-y and ldflags-y kbuild: enable 'make CPPFLAGS=...' to add additional options to CPP kbuild: enable use of AFLAGS and CFLAGS on commandline kbuild: enable 'make AFLAGS=...' to add additional options to AS kbuild: fix AFLAGS use in h8300 and m68knommu kbuild: check for wrong use of CFLAGS kbuild: enable 'make CFLAGS=...' to add additional options to CC kbuild: fix up CFLAGS usage kbuild: make modpost detect unterminated device id lists kbuild: call export_report from the Makefile kbuild: move Kai Germaschewski to CREDITS kconfig/menuconfig: distinguish between selected-by-another options and comments kconfig: tristate choices with mixed tristate and boolean values include/linux/Kbuild: remove duplicate entries kbuild: kill backward compatibility checks kbuild: kill EXTRA_ARFLAGS kbuild: fix documentation in makefiles.txt kbuild: call make once for all targets when O=.. is used kbuild: pass -g to assembler under CONFIG_DEBUG_INFO kbuild: update _shipped files for kconfig syntax cleanup ... Fix up conflicts in arch/um/sys-{x86_64,i386}/Makefile manually.
-
git://ftp.linux-mips.org/pub/scm/upstream-linusLinus Torvalds authored
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus: [MIPS] Increase cp0 compare clockevent min_delta_ns from 0x30 to 0x300. [MIPS] Cache: Provide more information on cache policy on bootup. [MIPS] Fix aliasing bug in copy_user_highpage, take 2. [MIPS] VPE loader: convert from struct class_ device to struct device [MIPS] MIPSsim: Fix booting from NFS root [MIPS] Alchemy: Get rid of au1xxx_irq_map_t. [MIPS] Alchemy: Get rid of au_ffz(). [MIPS] Alchemy: Get rid of au_ffs(). [MIPS] Alchemy: cleanup interrupt code. [MIPS] Lasat: Fix build by conversion to irq_cpu.c. [MIPS] Lasat: Add #ifndef ... #endif include warpper to lasatint.h. [MIPS] IP22: Enable -Werror. [MIPS] IP22: Fix warning. [MIPS] IP22: Complain if requesting the front panel irq failed. [MIPS] vmlinux.lds.S: Handle KPROBES_TEXT. [MIPS] vmlinux.lds.S: Fix handling of .notes in final link. [MIPS] vmlinux.lds.S: Remove duplicate comment. [MIPS] MSP71XX: Add workarounds file. [MIPS] IP32: Fix build by conversion to irq_cpu.c.
-
Ralf Baechle authored
Extremly low values are of dubious usefulness anyway but in this case they actually were killing Qemu which simply wasn't able to complete mips_next_event() within 0x30 100MHz cycles even on fast hosts. Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
This should help making bug reports for the gadzillion of cores with all their configuration and synthesis options more useful. Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Turns out b868868a wasn't quite right. When called for a page that isn't marked dirty it would artificially create an alias instead of doing the obvious thing and access the page via KSEG0. The same issue also exists in copy_to_user_page and copy_from_user_page which was causing the machine to die under rare circumstances for example when running ps if the BUG_ON() assertion added by the earlier fix was getting triggered. Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Kay Sievers authored
Signed-off-by: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Thiemo Seufer authored
MIPSsim probably doesn't have any sort of environment, but writing a zero in it kills even the compiled in command line. This prevents booting via NFS root. Signed-Off-By: Thiemo Seufer <ths@networkno.de> Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
There were no users - and why have a private version anyway. Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
It was plain a bad idea ... Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
CC arch/mips/sgi-ip22/ip22-berr.o arch/mips/sgi-ip22/ip22-berr.c: In function 'ip22_be_interrupt': arch/mips/sgi-ip22/ip22-berr.c:100: warning: passing argument 2 of 'die_if_kernel' discards qualifiers from pointer target type Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
This fixes the warning: CC arch/mips/sgi-ip22/ip22-reset.o arch/mips/sgi-ip22/ip22-reset.c: In function 'reboot_setup': arch/mips/sgi-ip22/ip22-reset.c:239: warning: ignoring return value of 'request_irq', declared with attribute warn_unused_result Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Ralf Baechle authored
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-
Linus Torvalds authored
* 'linus' of master.kernel.org:/pub/scm/linux/kernel/git/perex/alsa: (264 commits) [ALSA] version 1.0.15 [ALSA] Fix thinko in cs4231 mce down check [ALSA] sun-cs4231: improved waiting after MCE down [ALSA] sun-cs4231: use cs4231-regs.h [ALSA] This simplifies and fixes waiting loops of the mce_down() [ALSA] This patch adds support for a wavetable chip on [ALSA] This patch removes open_mutex from the ad1848-lib as [ALSA] fix bootup crash in snd_gus_interrupt() [ALSA] hda-codec - Fix SKU ID function for realtek codecs [ALSA] Support ASUS P701 eeepc [0x1043 0x82a1] support [ALSA] hda-codec - Add array terminator for dmic in STAC codec [ALSA] hdsp - Fix zero division [ALSA] usb-audio - Fix double comment [ALSA] hda-codec - Fix STAC922x volume knob control [ALSA] Changed Jaroslav Kysela's e-mail from perex@suse.cz to perex@perex.cz [ALSA] hda-codec - Fix for Fujitsu Lifebook C1410 [ALSA] mpu-401: remove MPU401_INFO_UART_ONLY flag [ALSA] mpu-401: do not require an ACK byte for the ENTER_UART command [ALSA] via82xx - Add DXS quirk for Shuttle AK31v2 [ALSA] hda-codec - Fix input_mux numbers for vaio stac92xx ...
-
git://git.kernel.dk/data/git/linux-2.6-blockLinus Torvalds authored
* 'for-linus' of git://git.kernel.dk/data/git/linux-2.6-block: (63 commits) Fix memory leak in dm-crypt SPARC64: sg chaining support SPARC: sg chaining support PPC: sg chaining support PS3: sg chaining support IA64: sg chaining support x86-64: enable sg chaining x86-64: update pci-gart iommu to sg helpers x86-64: update nommu to sg helpers x86-64: update calgary iommu to sg helpers swiotlb: sg chaining support i386: enable sg chaining i386 dma_map_sg: convert to using sg helpers mmc: need to zero sglist on init Panic in blk_rq_map_sg() from CCISS driver remove sglist_len remove blk_queue_max_phys_segments in libata revert sg segment size ifdefs Fixup u14-34f ENABLE_SG_CHAINING qla1280: enable use_sg_chaining option ...
-
Ingo Molnar authored
improve performance of sys_time(). sys_time() returns time in seconds, but it does so by calling do_gettimeofday() and then returning the tv_sec portion of the GTOD time. But the data structure "xtime", which is updated by every timer/scheduler tick, already offers HZ granularity time. the patch improves the sysbench oltp macrobenchmark by 4-5% on an AMD dual-core system: v2.6.23: #threads 1: transactions: 4073 (407.23 per sec.) 2: transactions: 8530 (852.81 per sec.) 3: transactions: 8321 (831.88 per sec.) 4: transactions: 8407 (840.58 per sec.) 5: transactions: 8070 (806.74 per sec.) v2.6.23 + sys_time-speedup.patch: 1: transactions: 4281 (428.09 per sec.) 2: transactions: 8910 (890.85 per sec.) 3: transactions: 8659 (865.79 per sec.) 4: transactions: 8676 (867.34 per sec.) 5: transactions: 8532 (852.91 per sec.) and by 4-5% on an Intel dual-core system too: 2.6.23: 1: transactions: 4560 (455.94 per sec.) 2: transactions: 10094 (1009.30 per sec.) 3: transactions: 9755 (975.36 per sec.) 4: transactions: 9859 (985.78 per sec.) 5: transactions: 9701 (969.72 per sec.) 2.6.23 + sys_time-speedup.patch: 1: transactions: 4779 (477.84 per sec.) 2: transactions: 10103 (1010.14 per sec.) 3: transactions: 10141 (1013.93 per sec.) 4: transactions: 10371 (1036.89 per sec.) 5: transactions: 10178 (1017.50 per sec.) (the more CPUs the system has, the more speedup this patch gives for this particular workload.) Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Mikael Pettersson authored
New URL due to local reorganization.
-
Roland McGrath authored
This cleans up the formatting in the vDSO linker script, mostly just the use of whitespace. It's intended to approximate the kernel standard conventions for indenting C, treating elements of the linker script about like initialized variable definitions. Signed-off-by: Roland McGrath <roland@redhat.com> Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Sam Ravnborg <sam@ravnborg.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Roland McGrath authored
This cleans up the formatting in the vDSO linker script, mostly just the use of whitespace. It's intended to approximate the kernel standard conventions for indenting C, treating elements of the linker script about like initialized variable definitions. Signed-off-by: Roland McGrath <roland@redhat.com> Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Sam Ravnborg <sam@ravnborg.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Roland McGrath authored
This cleans up the formatting in the vDSO linker script, mostly just the use of whitespace. It's intended to approximate the kernel standard conventions for indenting C, treating elements of the linker script about like initialized variable definitions. Signed-off-by: Roland McGrath <roland@redhat.com> Cc: Sam Ravnborg <sam@ravnborg.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Roland McGrath authored
This cleans up the formatting in the vDSO linker script, mostly just the use of whitespace. It's intended to approximate the kernel standard conventions for indenting C, treating elements of the linker script about like initialized variable definitions. Signed-off-by: Roland McGrath <roland@redhat.com> Cc: Sam Ravnborg <sam@ravnborg.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Peter Zijlstra authored
A slight oversight tripped lockdep debugging code, each lockdep class should have but a single init site. Rearange the code to make this true. Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Boaz Harrosh authored
- Previese patch to NCR5380 broke scsi_mac because AUTOSENSE was defined after the inclusion of NCR5380.h. Fix it Signed-off-by: Boaz Harrosh <bharrosh@panasas.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Andrew Morton authored
sparc64: net/sunrpc/xprtrdma/verbs.c:1264: warning: long long unsigned int format, u64 arg (arg 3) net/sunrpc/xprtrdma/verbs.c:1264: warning: long long unsigned int format, u64 arg (arg 4) Cc: Trond Myklebust <trond.myklebust@fys.uio.no> Cc: "David S. Miller" <davem@davemloft.net> Cc: "J. Bruce Fields" <bfields@fieldses.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Maciej W. Rozycki authored
There is a test in tgafb_mono_imageblit() for a colour image with a fall-back to cfb_imageblit(). The test is not necessary as the only caller, which is tgafb_imageblit(), checks it too and only invokes this function for monochrome images. It looks like a left-over from before some changes to tgafb_imageblit(). Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org> Cc: Antonino Daplas <adaplas@pol.net> Cc: Jay Estabrook <Jay.Estabrook@hp.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Maciej W. Rozycki authored
The pixel mask calculation in tgafb_mono_imageblit() uses a variable left-shift on a 32-bit data type by up to 32. Shifting by the width of a data type or more produces an unpredictable result according to the C standard. Rather than widening the data type this fix makes sure the count is between 0 and 31. The reason is not to penalise 32-bit platforms with operation on a "long long" type for a marginal case that is meant not to happen (blitting an image of a zero width). The reason it has escaped for so long is the Alpha, being purely 64-bit, :-) does not mask the shift out to 32 bits. This is a valid implementation -- producing the correct result certainly falls within "unpredictable behaviour". It does trigger on MIPS though and it is the recent merge of the TC support which only enabled the driver for use on anything other than the Alpha. For MIPS when the width is 32 the mask ends up being 0 rather than 0xffffffff as it should be and the frame buffer is not updated. Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org> Cc: Antonino Daplas <adaplas@pol.net> Cc: Jay Estabrook <Jay.Estabrook@hp.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Antonino Daplas authored
As reported in Bugzilla Bug 9093, upon switching to X, a small rectangular cursor can still be seen blinking in the upper left part of the screen. It is fbcon's text cursor. This is caused by a strange ioctl(..., KDSETMODE, KD_TEXT) call done by something in userspace, perhaps by X itself, while the tty is still in graphics mode. And when the tty is in KD_TEXT mode, the cursor timer is restarted. Although this is a userspace problem, we can work around it by delaying the restart of the cursor timer until an fbcon_switch() is called. In other words, the cursor timer will not be restarted even if a KD_TEXT mode switch is requested. Regression potential: Present but low Signed-off-by: Antonino Daplas <adaplas@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-