1. 09 Jun, 2011 1 commit
    • John Johansen's avatar
      AppArmor: Fix sleep in invalid context from task_setrlimit · 1780f2d3
      John Johansen authored
      Affected kernels 2.6.36 - 3.0
      
      AppArmor may do a GFP_KERNEL memory allocation with task_lock(tsk->group_leader);
      held when called from security_task_setrlimit.  This will only occur when the
      task's current policy has been replaced, and the task's creds have not been
      updated before entering the LSM security_task_setrlimit() hook.
      
      BUG: sleeping function called from invalid context at mm/slub.c:847
       in_atomic(): 1, irqs_disabled(): 0, pid: 1583, name: cupsd
       2 locks held by cupsd/1583:
        #0:  (tasklist_lock){.+.+.+}, at: [<ffffffff8104dafa>] do_prlimit+0x61/0x189
        #1:  (&(&p->alloc_lock)->rlock){+.+.+.}, at: [<ffffffff8104db2d>]
      do_prlimit+0x94/0x189
       Pid: 1583, comm: cupsd Not tainted 3.0.0-rc2-git1 #7
       Call Trace:
        [<ffffffff8102ebf2>] __might_sleep+0x10d/0x112
        [<ffffffff810e6f46>] slab_pre_alloc_hook.isra.49+0x2d/0x33
        [<ffffffff810e7bc4>] kmem_cache_alloc+0x22/0x132
        [<ffffffff8105b6e6>] prepare_creds+0x35/0xe4
        [<ffffffff811c0675>] aa_replace_current_profile+0x35/0xb2
        [<ffffffff811c4d2d>] aa_current_profile+0x45/0x4c
        [<ffffffff811c4d4d>] apparmor_task_setrlimit+0x19/0x3a
        [<ffffffff811beaa5>] security_task_setrlimit+0x11/0x13
        [<ffffffff8104db6b>] do_prlimit+0xd2/0x189
        [<ffffffff8104dea9>] sys_setrlimit+0x3b/0x48
        [<ffffffff814062bb>] system_call_fastpath+0x16/0x1b
      Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
      Reported-by: default avatarMiles Lane <miles.lane@gmail.com>
      Cc: stable@kernel.org
      Signed-off-by: default avatarJames Morris <jmorris@namei.org>
      1780f2d3
  2. 08 Jun, 2011 38 commits
  3. 07 Jun, 2011 1 commit
    • Greg Kroah-Hartman's avatar
      Revert "USB: option: add ID for ZTE MF 330" · 3095ec89
      Greg Kroah-Hartman authored
      This reverts commit a559d2c8.
      
      Turns out that device id 0x1d6b:0x0002 is a USB hub, which causes havoc
      when the option driver tries to bind to it.
      
      So revert this as it doesn't seem to be needed at all.
      
      Thanks to Michael Tokarev and Paweł Drobek for working on resolving this
      issue.
      
      Cc: Paweł Drobek <pawel.drobek@gmail.com>
      Cc: Michael Tokarev <mjt@tls.msk.ru>
      Cc: Dominik Brodowski <linux@dominikbrodowski.net>
      Cc: stable <stable@kernel.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
      3095ec89