1. 22 8月, 2013 8 次提交
  2. 17 7月, 2013 2 次提交
  3. 29 6月, 2013 1 次提交
  4. 08 6月, 2013 1 次提交
  5. 18 5月, 2013 2 次提交
  6. 06 4月, 2013 1 次提交
    • M
      sysfs: check if one entry has been removed before freeing · bb2b0051
      Ming Lei 提交于
      It might be a kernel disaster if one sysfs entry is freed but
      still referenced by sysfs tree.
      
      Recently Dave and Sasha reported one use-after-free problem on
      sysfs entry, and the problem has been troubleshooted with help
      of debug message added in this patch.
      
      Given sysfs_get_dirent/sysfs_put are exported APIs, even inside
      sysfs they are called in many contexts(kobject/attribe add/delete,
      inode init/drop, dentry lookup/release, readdir, ...), it is healthful
      to check the removed flag before freeing one entry and dump message
      if it is freeing without being removed first.
      
      Cc: Dave Jones <davej@redhat.com>
      Cc: Sasha Levin <levinsasha928@gmail.com>
      Signed-off-by: NMing Lei <ming.lei@canonical.com>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      bb2b0051
  7. 04 4月, 2013 1 次提交
  8. 27 3月, 2013 1 次提交
    • E
      userns: Restrict when proc and sysfs can be mounted · 87a8ebd6
      Eric W. Biederman 提交于
      Only allow unprivileged mounts of proc and sysfs if they are already
      mounted when the user namespace is created.
      
      proc and sysfs are interesting because they have content that is
      per namespace, and so fresh mounts are needed when new namespaces
      are created while at the same time proc and sysfs have content that
      is shared between every instance.
      
      Respect the policy of who may see the shared content of proc and sysfs
      by only allowing new mounts if there was an existing mount at the time
      the user namespace was created.
      
      In practice there are only two interesting cases: proc and sysfs are
      mounted at their usual places, proc and sysfs are not mounted at all
      (some form of mount namespace jail).
      
      Cc: stable@vger.kernel.org
      Acked-by: NSerge Hallyn <serge.hallyn@canonical.com>
      Signed-off-by: N"Eric W. Biederman" <ebiederm@xmission.com>
      87a8ebd6
  9. 26 3月, 2013 1 次提交
  10. 21 3月, 2013 2 次提交
  11. 28 2月, 2013 1 次提交
    • S
      hlist: drop the node parameter from iterators · b67bfe0d
      Sasha Levin 提交于
      I'm not sure why, but the hlist for each entry iterators were conceived
      
              list_for_each_entry(pos, head, member)
      
      The hlist ones were greedy and wanted an extra parameter:
      
              hlist_for_each_entry(tpos, pos, head, member)
      
      Why did they need an extra pos parameter? I'm not quite sure. Not only
      they don't really need it, it also prevents the iterator from looking
      exactly like the list iterator, which is unfortunate.
      
      Besides the semantic patch, there was some manual work required:
      
       - Fix up the actual hlist iterators in linux/list.h
       - Fix up the declaration of other iterators based on the hlist ones.
       - A very small amount of places were using the 'node' parameter, this
       was modified to use 'obj->member' instead.
       - Coccinelle didn't handle the hlist_for_each_entry_safe iterator
       properly, so those had to be fixed up manually.
      
      The semantic patch which is mostly the work of Peter Senna Tschudin is here:
      
      @@
      iterator name hlist_for_each_entry, hlist_for_each_entry_continue, hlist_for_each_entry_from, hlist_for_each_entry_rcu, hlist_for_each_entry_rcu_bh, hlist_for_each_entry_continue_rcu_bh, for_each_busy_worker, ax25_uid_for_each, ax25_for_each, inet_bind_bucket_for_each, sctp_for_each_hentry, sk_for_each, sk_for_each_rcu, sk_for_each_from, sk_for_each_safe, sk_for_each_bound, hlist_for_each_entry_safe, hlist_for_each_entry_continue_rcu, nr_neigh_for_each, nr_neigh_for_each_safe, nr_node_for_each, nr_node_for_each_safe, for_each_gfn_indirect_valid_sp, for_each_gfn_sp, for_each_host;
      
      type T;
      expression a,c,d,e;
      identifier b;
      statement S;
      @@
      
      -T b;
          <+... when != b
      (
      hlist_for_each_entry(a,
      - b,
      c, d) S
      |
      hlist_for_each_entry_continue(a,
      - b,
      c) S
      |
      hlist_for_each_entry_from(a,
      - b,
      c) S
      |
      hlist_for_each_entry_rcu(a,
      - b,
      c, d) S
      |
      hlist_for_each_entry_rcu_bh(a,
      - b,
      c, d) S
      |
      hlist_for_each_entry_continue_rcu_bh(a,
      - b,
      c) S
      |
      for_each_busy_worker(a, c,
      - b,
      d) S
      |
      ax25_uid_for_each(a,
      - b,
      c) S
      |
      ax25_for_each(a,
      - b,
      c) S
      |
      inet_bind_bucket_for_each(a,
      - b,
      c) S
      |
      sctp_for_each_hentry(a,
      - b,
      c) S
      |
      sk_for_each(a,
      - b,
      c) S
      |
      sk_for_each_rcu(a,
      - b,
      c) S
      |
      sk_for_each_from
      -(a, b)
      +(a)
      S
      + sk_for_each_from(a) S
      |
      sk_for_each_safe(a,
      - b,
      c, d) S
      |
      sk_for_each_bound(a,
      - b,
      c) S
      |
      hlist_for_each_entry_safe(a,
      - b,
      c, d, e) S
      |
      hlist_for_each_entry_continue_rcu(a,
      - b,
      c) S
      |
      nr_neigh_for_each(a,
      - b,
      c) S
      |
      nr_neigh_for_each_safe(a,
      - b,
      c, d) S
      |
      nr_node_for_each(a,
      - b,
      c) S
      |
      nr_node_for_each_safe(a,
      - b,
      c, d) S
      |
      - for_each_gfn_sp(a, c, d, b) S
      + for_each_gfn_sp(a, c, d) S
      |
      - for_each_gfn_indirect_valid_sp(a, c, d, b) S
      + for_each_gfn_indirect_valid_sp(a, c, d) S
      |
      for_each_host(a,
      - b,
      c) S
      |
      for_each_host_safe(a,
      - b,
      c, d) S
      |
      for_each_mesh_entry(a,
      - b,
      c, d) S
      )
          ...+>
      
      [akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c]
      [akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c]
      [akpm@linux-foundation.org: checkpatch fixes]
      [akpm@linux-foundation.org: fix warnings]
      [akpm@linux-foudnation.org: redo intrusive kvm changes]
      Tested-by: NPeter Senna Tschudin <peter.senna@gmail.com>
      Acked-by: NPaul E. McKenney <paulmck@linux.vnet.ibm.com>
      Signed-off-by: NSasha Levin <sasha.levin@oracle.com>
      Cc: Wu Fengguang <fengguang.wu@intel.com>
      Cc: Marcelo Tosatti <mtosatti@redhat.com>
      Cc: Gleb Natapov <gleb@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      b67bfe0d
  12. 23 2月, 2013 1 次提交
  13. 26 1月, 2013 1 次提交
  14. 18 1月, 2013 3 次提交
  15. 27 11月, 2012 1 次提交
  16. 20 11月, 2012 1 次提交
  17. 25 10月, 2012 1 次提交
  18. 05 9月, 2012 1 次提交
  19. 31 7月, 2012 1 次提交
  20. 18 7月, 2012 2 次提交
  21. 14 7月, 2012 5 次提交
  22. 16 5月, 2012 1 次提交
  23. 15 5月, 2012 1 次提交
    • A
      sysfs: get rid of some lockdep false positives · 356c05d5
      Alan Stern 提交于
      This patch (as1554) fixes a lockdep false-positive report.  The
      problem arises because lockdep is unable to deal with the
      tree-structured locks created by the device core and sysfs.
      
      This particular problem involves a sysfs attribute method that
      unregisters itself, not from the device it was called for, but from a
      descendant device.  Lockdep doesn't understand the distinction and
      reports a possible deadlock, even though the operation is safe.
      
      This is the sort of thing that would normally be handled by using a
      nested lock annotation; unfortunately it's not feasible to do that
      here.  There's no sensible way to tell sysfs when attribute removal
      occurs in the context of a parent attribute method.
      
      As a workaround, the patch adds a new flag to struct attribute
      telling sysfs not to inform lockdep when it acquires a readlock on a
      sysfs_dirent instance for the attribute.  The readlock is still
      acquired, but lockdep doesn't know about it and hence does not
      complain about impossible deadlock scenarios.
      
      Also added are macros for static initialization of attribute
      structures with the ignore_lockdep flag set.  The three offending
      attributes in the USB subsystem are converted to use the new macros.
      Signed-off-by: NAlan Stern <stern@rowland.harvard.edu>
      Acked-by: NTejun Heo <tj@kernel.org>
      CC: Eric W. Biederman <ebiederm@xmission.com>
      CC: Peter Zijlstra <peterz@infradead.org>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      356c05d5