- 04 Jan, 2005 34 commits
-
-
Stephen Rothwell authored
This patch just moves the interrupt_controller field of the naca into a global variable. Signed-off-by:
Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by:
Andrew Morton <akpm@osdl.org> Signed-off-by:
Linus Torvalds <torvalds@osdl.org>
-
Stephen Rothwell authored
This patch just removes the page table size field from the naca (and makes it ppc64_pft_size instead). Signed-off-by:
-
Stephen Rothwell authored
This patch consolidates the variables that define the PPC64 cache sizes into a single structure (the were in the naca and the systemcfg structures). Those that were in the systemcfg structure are left there just because they are exported to user mode through /proc. Signed-off-by:
-
Paul Mackerras authored
This patch is from Milton Miller <miltonm@bga.com>. When the update_process_times call was moved out of do_timer for the UP case, the replicator didn't track down the hiding and just added ifndef SMP. This removes the ifdefs and the indirection of calling another file for one function in a third file. Signed-off-by:
Milton Miller <miltonm@bga.com> Signed-off-by:
Paul Mackerras <paulus@samba.org> Signed-off-by:
-
Anton Blanchard authored
Remove some stale code in prom.h Signed-off-by:
Anton Blanchard <anton@samba.org> Signed-off-by:
-
Anton Blanchard authored
Fix some compiler warnings: - The first two are spurious gcc warnings, but quieten them up regardless - Add a missing include - Use register_sysrq_key instead of __sysrq_put_key_op Signed-off-by:
-
Anton Blanchard authored
On machines with RTAS but without event-scan support we would incorrectly claim there was no RTAS on the system. Signed-off-by:
-
Anton Blanchard authored
Protect the read/write SPR xmon commands. Signed-off-by:
-
Anton Blanchard authored
A number of people (myself included) have pasted bad input into xmon that it parsed as a request to dump gigabytes of memory. Place a limit of 128kB on the dump commands. Also remove a stale function prototype thats been lying around. Signed-off-by:
-
Serge Hallyn authored
In the current kernel/capability.c:sys_capset() code, permission is denied if CAP_SETPCAP is not held and pid is positive. pid=0 means use the current process, and this is allowed. But using the current process' pid is not allowed. The man page for capsetp simply says that CAP_SETPCAP is required to use this function, and does not mention the exception for pid=0. The current behavior seems inconsistent. The attached patch also allows a process to call capset() on itself. Signed-off-by:
Chris Wright <chrisw@osdl.org> Signed-off-by:
-
Serge Hallyn authored
The attached patch removes checks from kernel/capability.c which are redundant with cap_capset_check() code, and moves the capset_check() calls to immediately before the capset_set() calls. This allows capset_check() to accurately check the setter's permission to set caps on the target. Please apply. Signed-off-by:
Serge Hallyn <serue@us.ibm.com> Signed-off-by:
Stephen Smalley <sds@epoch.ncsc.mil> Signed-off-by:
-
Oleg Nesterov authored
generic_file_aio_write(): generic_file_aio_write_nolock(): if (SYNC) sync_page_range_nolock(); if (SYNC) sync_page_range(); I think that generic_file_aio_write() should use __generic_file_aio_write_nolock() instead. Signed-off-by:
Oleg Nesterov <oleg@tv-sign.ru> Signed-off-by:
-
William Lee Irwin III authored
pud needs to be declared as a pud_t in order to avoid an assignment from incompatible pointer type warning or two; this patch makes it so. Signed-off-by:
William Irwin <wli@holomorphy.com> Signed-off-by:
-
Heiko Carstens authored
the patch below fixes a few compile warnings due to missing parenthesizes. Signed-off-by:
Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by:
-
Rusty Russell authored
Patrick McHardy spotted this, on top of previous fix. I neatened it. Signed-off-by:
Rusty Russell <rusty@rustcorp.com.au> Signed-off-by:
-
Rusty Russell authored
FTP connection tracking assumes it can just dereference tcphdr; not neccessarily true now we don't linearize in ftp conntrack helper or tcp connection tracking. Also found by nfsim. Signed-off-by:
-
Rusty Russell authored
The nat core calls skb_ip_make_writable() with a length too short. Found by nfsim. Signed-off-by:
-
Rusty Russell authored
UDP and TCP refer to potentially stale pointers after calling skb_ip_make_writable(), and UDP calls it with the wrong len argument. All found by nfsim. Signed-off-by:
-
Rusty Russell authored
Here is a patch that just makes it use get_free_pages to test the TLB theory. Another obvious improvement would be to not use list_heads for the hash table buckets - a single pointer would likely suffice and it would cut the hash table in half, saving cache, TLB and memory. Signed-off-by: -
Rusty Russell authored
The multiport match doesn't support ranges of ports, so a new match called "mport" was written. Now we have versioning of matches and targets, we can simply put this extension in multiport revision 1. Also, removes gratuitous checking in match: we basically trust iptables userspace these days. Signed-off-by:
Pablo Neira Ayuso <pablo@eurodev.net> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (modified) Signed-off-by:
-
Rusty Russell authored
Anders Fugmann <afu@fugmann.dhs.org> wrote a patch to add bitops to ipt_MARK. I made a version based on the revision patch. Bart De Schuymer <bdschuym@pandora.be> provided the idea of overriding the target type. Signed-off-by:
-
Rusty Russell authored
This adds a new getsockopt to iptables, which allows userspace to query the revision number of extensions. iptables 1.3.0 (to be released soon) already has support for this. Signed-off-by:
-
Rusty Russell authored
Pablo Neira <pablo@eurodev.net> came up with the idea of stealing the last byte in the (already nul-terminated) name of a target/match to create a version. That patch motivated me to clean up the match and target searching in ip_tables, which makes this patch more trivial. I also renamed "version" to "revision" since the word "version" was used for iptables itself. Signed-off-by:
-
Rusty Russell authored
We now have a convenient kmod macro try_then_request_module(). 1) Split our current "generic" function into separate find_target_lock(), find_table_lock() and find_match_lock() functions explicitly. 2) Have those functions do try_module_get() for us, and fix up the one caller who didn't do that anyway. 3) Have the caller use try_then_request_module(). 4) Remove __ipt_mutex_up() and __ipt_find_target_lock() which weren't used (even in patch-o-matic AFAICT). This cleanup takes us closer to using standard list macros everywhere, and makes the version patch simpler. Signed-off-by:
-
Rusty Russell authored
We currently choose a "random" IP address to NAT to, where we have a range. Martin Josefsson pointed out that he uses the SAME target in iptables because changing IP addresses breaks Internet banking sites (among others) which assume the customer will be coming from a consistent IP address. In fact, we spend a fair bit of effort trying to balance the number of connections we NAT to each IP address. We can come pretty damn close just hashing the source and destination IP addresses, and it has the consistency property which is so desirable, as well as being faster. Signed-off-by:
-
Rusty Russell authored
Now we no longer do extra mangling, warn in that case. Signed-off-by:
-
Rusty Russell authored
On NF_IP_LOCAL_OUT, when destination NAT changes the destination interface, we also change the source address, so the packet is the same as if it were generated to go that way in the first place. This is not strictly necessary, I believe. This patch rips that code out to see what breaks. Signed-off-by:
-
Rusty Russell authored
On NF_IP_LOCAL_OUT or NF_IP_PRE_ROUTING, if destination NAT is not sufficient to create a unique tuple, we try changing the source port as well. However, this is also not strictly necessary: if the tuple is not unique, we will also try to change the source on the NF_IP_POST_ROUTING hook. When we finally confirm the connection, if the tuple is still not unique the packet will be dropped (this is required anyway as we could race: the conntrack is not placed in the hash until the packet is about to leave the box anyway). In fact, we only need best effort *everywhere*. This patch rips that code out to see what breaks. Signed-off-by:
-
Rusty Russell authored
ip_conntrack_alter_reply checks that the reply isn't already taken, but there's little point, since there's *still* a race after it is called (which we handle at confirm time anyway). Signed-off-by: -
Rusty Russell authored
The NAT code has the concept of multiple ranges: you can say "map this connection onto IP 192.168.1.2 - 192.168.1.4, 192.168.1.7 ports 1024-65535, and 192.168.1.10". I implemented this because we could. But it's not actually *used* by many (any?) people, and you can approximate this by a random match (from patch-o-matic) if you really want to. It adds complexity to the code. Signed-off-by:
-
Rusty Russell authored
Writing the nfsim testcase for the ECN target revealed a hole in the rule checking: when checking whether the rule specified TCP, you need to check it isn't inverted. Signed-off-by:
-
Rusty Russell authored
nfsim now generates non-linear packets: when run under valgrind it finds linear assumptions very nicely. This is the second thing I tried, and it found a real bug. In this case, checking the UDP checksum is correct, but overkill, and like the ICMP header handling, does not handle non-linear packets. Remove UDP checksum, fix ICMP error. Signed-off-by: Rusty Russell Signed-off-by: -
Chris Wright authored
OK, somehow I managed to botch this one. It happens to work fine, but I should have been more careful with forward porting this 1+ year old patch. The exec-time calc should go in bprm_apply_creds, not bprm_free_security. Thanks to Stephen for spotting my mistake. Signed-off-by:
-
bk://nfsclient.bkbits.net/linux-2.6Linus Torvalds authored
into ppc970.osdl.org:/home/torvalds/v2.6/linux
-
- 05 Jan, 2005 1 commit
-
-
bk://nfsclient.bkbits.net/linux-2.6Trond Myklebust authored
into fys.uio.no:/home/linux/bitkeeper/nfsclient-2.6
-
- 04 Jan, 2005 5 commits
-
-
Trond Myklebust authored
Don't label all retries as "server seeing garbage". Report correct error for buffer overflows. Fix incorrect buffer overflow test that was masking AUTH_REJECTEDCRED, AUTH_REJECTEDVERF,... errors. Signed-off-by:Trond Myklebust <Trond.Myklebust@netapp.com>
-
Trond Myklebust authored
Description: Fix an NFS client bug introduced in 2.6.9-rc1. The "df" command was reporting the size of NFS file systems incorrectly. Signed-off-by:
Chuck Lever <cel@netapp.com> Signed-off-by:
Trond Myklebust <trond.myklebust@fys.uio.no>
-
Trond Myklebust authored
cache. Signed-off-by: -
Trond Myklebust authored
The behavior enabled by the "noac" mount option should be precisely equivalent to setting acreg{min,max} or acdir{min,max} to zero via mount options. Signed-off-by: -
Trond Myklebust authored
Other parts of the NFS client invoke nfs_wb_all() when they want to flush dirty cache pages. The direct path needs to do that, too. Signed-off-by:
-
