1. 03 7月, 2006 1 次提交
  2. 02 7月, 2006 1 次提交
  3. 30 6月, 2006 3 次提交
    • C
      [AF_UNIX]: Datagram getpeersec · 877ce7c1
      Catherine Zhang 提交于
      This patch implements an API whereby an application can determine the
      label of its peer's Unix datagram sockets via the auxiliary data mechanism of
      recvmsg.
      
      Patch purpose:
      
      This patch enables a security-aware application to retrieve the
      security context of the peer of a Unix datagram socket.  The application
      can then use this security context to determine the security context for
      processing on behalf of the peer who sent the packet.
      
      Patch design and implementation:
      
      The design and implementation is very similar to the UDP case for INET
      sockets.  Basically we build upon the existing Unix domain socket API for
      retrieving user credentials.  Linux offers the API for obtaining user
      credentials via ancillary messages (i.e., out of band/control messages
      that are bundled together with a normal message).  To retrieve the security
      context, the application first indicates to the kernel such desire by
      setting the SO_PASSSEC option via getsockopt.  Then the application
      retrieves the security context using the auxiliary data mechanism.
      
      An example server application for Unix datagram socket should look like this:
      
      toggle = 1;
      toggle_len = sizeof(toggle);
      
      setsockopt(sockfd, SOL_SOCKET, SO_PASSSEC, &toggle, &toggle_len);
      recvmsg(sockfd, &msg_hdr, 0);
      if (msg_hdr.msg_controllen > sizeof(struct cmsghdr)) {
          cmsg_hdr = CMSG_FIRSTHDR(&msg_hdr);
          if (cmsg_hdr->cmsg_len <= CMSG_LEN(sizeof(scontext)) &&
              cmsg_hdr->cmsg_level == SOL_SOCKET &&
              cmsg_hdr->cmsg_type == SCM_SECURITY) {
              memcpy(&scontext, CMSG_DATA(cmsg_hdr), sizeof(scontext));
          }
      }
      
      sock_setsockopt is enhanced with a new socket option SOCK_PASSSEC to allow
      a server socket to receive security context of the peer.
      
      Testing:
      
      We have tested the patch by setting up Unix datagram client and server
      applications.  We verified that the server can retrieve the security context
      using the auxiliary data mechanism of recvmsg.
      Signed-off-by: NCatherine Zhang <cxzhang@watson.ibm.com>
      Acked-by: NAcked-by: James Morris <jmorris@namei.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      877ce7c1
    • I
      [PATCH] genirq: add ->retrigger() irq op to consolidate hw_irq_resend() · c0ad90a3
      Ingo Molnar 提交于
      Add ->retrigger() irq op to consolidate hw_irq_resend() implementations.
      (Most architectures had it defined to NOP anyway.)
      
      NOTE: ia64 needs testing. i386 and x86_64 tested.
      Signed-off-by: NIngo Molnar <mingo@elte.hu>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      c0ad90a3
    • A
      [PATCH] fix sgivwfb compile · 0686cd8f
      Adrian Bunk 提交于
      drivers/built-in.o: In function `sgivwfb_set_par':
      sgivwfb.c:(.text+0x88583): undefined reference to `sgivwfb_mem_phys'
      sgivwfb.c:(.text+0x88596): undefined reference to `sgivwfb_mem_phys'
      sgivwfb.c:(.text+0x885a8): undefined reference to `sgivwfb_mem_phys'
      drivers/built-in.o: In function `sgivwfb_check_var':
      sgivwfb.c:(.text+0x88ad0): undefined reference to `sgivwfb_mem_size'
      drivers/built-in.o: In function `sgivwfb_mmap':
      sgivwfb.c:(.text+0x88c75): undefined reference to `sgivwfb_mem_size'
      sgivwfb.c:(.text+0x88c7f): undefined reference to `sgivwfb_mem_phys'
      drivers/built-in.o: In function `sgivwfb_probe':
      sgivwfb.c:(.init.text+0x4060): undefined reference to `sgivwfb_mem_size'
      sgivwfb.c:(.init.text+0x4065): undefined reference to `sgivwfb_mem_phys'
      sgivwfb.c:(.init.text+0x4076): undefined reference to `sgivwfb_mem_phys'
      sgivwfb.c:(.init.text+0x409c): undefined reference to `sgivwfb_mem_size'
      sgivwfb.c:(.init.text+0x410e): undefined reference to `sgivwfb_mem_size'
      sgivwfb.c:(.init.text+0x4113): undefined reference to `sgivwfb_mem_phys'
      sgivwfb.c:(.init.text+0x4162): undefined reference to `sgivwfb_mem_size'
      sgivwfb.c:(.init.text+0x4168): undefined reference to `sgivwfb_mem_phys'
      make: *** [.tmp_vmlinux1] Error 1
      Signed-off-by: NAdrian Bunk <bunk@stusta.de>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      0686cd8f
  4. 28 6月, 2006 5 次提交
    • S
      [PATCH] sched: mc/smt power savings sched policy · 5c45bf27
      Siddha, Suresh B 提交于
      sysfs entries 'sched_mc_power_savings' and 'sched_smt_power_savings' in
      /sys/devices/system/cpu/ control the MC/SMT power savings policy for the
      scheduler.
      
      Based on the values (1-enable, 0-disable) for these controls, sched groups
      cpu power will be determined for different domains.  When power savings
      policy is enabled and under light load conditions, scheduler will minimize
      the physical packages/cpu cores carrying the load and thus conserving
      power(with a perf impact based on the workload characteristics...  see OLS
      2005 CMP kernel scheduler paper for more details..)
      Signed-off-by: NSuresh Siddha <suresh.b.siddha@intel.com>
      Cc: Ingo Molnar <mingo@elte.hu>
      Cc: Nick Piggin <nickpiggin@yahoo.com.au>
      Cc: Con Kolivas <kernel@kolivas.org>
      Cc: "Chen, Kenneth W" <kenneth.w.chen@intel.com>
      Cc: "David S. Miller" <davem@davemloft.net>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      5c45bf27
    • I
      [PATCH] vdso: randomize the i386 vDSO by moving it into a vma · e6e5494c
      Ingo Molnar 提交于
      Move the i386 VDSO down into a vma and thus randomize it.
      
      Besides the security implications, this feature also helps debuggers, which
      can COW a vma-backed VDSO just like a normal DSO and can thus do
      single-stepping and other debugging features.
      
      It's good for hypervisors (Xen, VMWare) too, which typically live in the same
      high-mapped address space as the VDSO, hence whenever the VDSO is used, they
      get lots of guest pagefaults and have to fix such guest accesses up - which
      slows things down instead of speeding things up (the primary purpose of the
      VDSO).
      
      There's a new CONFIG_COMPAT_VDSO (default=y) option, which provides support
      for older glibcs that still rely on a prelinked high-mapped VDSO.  Newer
      distributions (using glibc 2.3.3 or later) can turn this option off.  Turning
      it off is also recommended for security reasons: attackers cannot use the
      predictable high-mapped VDSO page as syscall trampoline anymore.
      
      There is a new vdso=[0|1] boot option as well, and a runtime
      /proc/sys/vm/vdso_enabled sysctl switch, that allows the VDSO to be turned
      on/off.
      
      (This version of the VDSO-randomization patch also has working ELF
      coredumping, the previous patch crashed in the coredumping code.)
      
      This code is a combined work of the exec-shield VDSO randomization
      code and Gerd Hoffmann's hypervisor-centric VDSO patch. Rusty Russell
      started this patch and i completed it.
      
      [akpm@osdl.org: cleanups]
      [akpm@osdl.org: compile fix]
      [akpm@osdl.org: compile fix 2]
      [akpm@osdl.org: compile fix 3]
      [akpm@osdl.org: revernt MAXMEM change]
      Signed-off-by: NIngo Molnar <mingo@elte.hu>
      Signed-off-by: NArjan van de Ven <arjan@infradead.org>
      Cc: Gerd Hoffmann <kraxel@suse.de>
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Cc: Zachary Amsden <zach@vmware.com>
      Cc: Andi Kleen <ak@muc.de>
      Cc: Jan Beulich <jbeulich@novell.com>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      e6e5494c
    • C
      [PATCH] i386: use C code for current_thread_info() · c723e084
      Chuck Ebbert 提交于
      Using C code for current_thread_info() lets the compiler optimize it.
      With gcc 4.0.2, kernel is smaller:
      
          text           data     bss     dec     hex filename
       3645212         555556  312024 4512792  44dc18 2.6.17-rc6-nb-post/vmlinux
       3647276         555556  312024 4514856  44e428 2.6.17-rc6-nb/vmlinux
       -------
         -2064
      Signed-off-by: NChuck Ebbert <76306.1226@compuserve.com>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      c723e084
    • R
      [PATCH] i386: move phys_proc_id and cpu_core_id to cpuinfo_x86 · 4b89aff9
      Rohit Seth 提交于
      Move the phys_core_id and cpu_core_id to cpuinfo_x86 structure.  Similar
      patch for x86_64 is already accepted by Andi earlier this week.
      
      [akpm@osdl.org: fix warning]
      Signed-off-by: NRohit Seth <rohitseth@google.com>
      Cc: Andi Kleen <ak@muc.de>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      4b89aff9
    • Y
      [PATCH] Register sysfs file for hotplugged new node · 0fc44159
      Yasunori Goto 提交于
      When new node becomes enable by hot-add, new sysfs file must be created for
      new node.  So, if new node is enabled by add_memory(), register_one_node() is
      called to create it.  In addition, I386's arch_register_node() and a part of
      register_nodes() of powerpc are consolidated to register_one_node() as a
      generic_code().
      
      This is tested by Tiger4(IPF) with node hot-plug emulation.
      Signed-off-by: NKeiichiro Tokunaga <tokuanga.keiich@jp.fujitsu.com>
      Signed-off-by: NYasunori Goto <y-goto@jp.fujitsu.com>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      0fc44159
  5. 27 6月, 2006 17 次提交
  6. 26 6月, 2006 4 次提交
    • N
      [PATCH] Make copy_from_user_inatomic NOT zero the tail on i386 · 7c12d811
      NeilBrown 提交于
      As described in a previous patch and documented in mm/filemap.h,
      copy_from_user_inatomic* shouldn't zero out the tail of the buffer after an
      incomplete copy.
      
      This patch implements that change for i386.
      
      For the _nocache version, a new __copy_user_intel_nocache is defined similar
      to copy_user_zeroio_intel_nocache, and this is ultimately used for the copy.
      
      For the regular version, __copy_from_user_ll_nozero is defined which uses
      __copy_user and __copy_user_intel - the later needs casts to reposition the
      __user annotations.
      
      If copy_from_user_atomic is given a constant length of 1, 2, or 4, then we do
      still zero the destintion on failure.  This didn't seem worth the effort of
      fixing as the places where it is used really don't care.
      Signed-off-by: NNeil Brown <neilb@suse.de>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Cc: Paul Mackerras <paulus@samba.org>
      Cc: Ralf Baechle <ralf@linux-mips.org>
      Cc: William Lee Irwin III <wli@holomorphy.com>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      7c12d811
    • N
      [PATCH] Prepare for __copy_from_user_inatomic to not zero missed bytes · 01408c49
      NeilBrown 提交于
      The problem is that when we write to a file, the copy from userspace to
      pagecache is first done with preemption disabled, so if the source address is
      not immediately available the copy fails *and* *zeros* *the* *destination*.
      
      This is a problem because a concurrent read (which admittedly is an odd thing
      to do) might see zeros rather that was there before the write, or what was
      there after, or some mixture of the two (any of these being a reasonable thing
      to see).
      
      If the copy did fail, it will immediately be retried with preemption
      re-enabled so any transient problem with accessing the source won't cause an
      error.
      
      The first copying does not need to zero any uncopied bytes, and doing so
      causes the problem.  It uses copy_from_user_atomic rather than copy_from_user
      so the simple expedient is to change copy_from_user_atomic to *not* zero out
      bytes on failure.
      
      The first of these two patches prepares for the change by fixing two places
      which assume copy_from_user_atomic does zero the tail.  The two usages are
      very similar pieces of code which copy from a userspace iovec into one or more
      page-cache pages.  These are changed to remove the assumption.
      
      The second patch changes __copy_from_user_inatomic* to not zero the tail.
      Once these are accepted, I will look at similar patches of other architectures
      where this is important (ppc, mips and sparc being the ones I can find).
      
      This patch:
      
      There is a problem with __copy_from_user_inatomic zeroing the tail of the
      buffer in the case of an error.  As it is called in atomic context, the error
      may be transient, so it results in zeros being written where maybe they
      shouldn't be.
      
      In the usage in filemap, this opens a window for a well timed read to see data
      (zeros) which is not consistent with any ordering of reads and writes.
      
      Most cases where __copy_from_user_inatomic is called, a failure results in
      __copy_from_user being called immediately.  As long as the latter zeros the
      tail, the former doesn't need to.  However in *copy_from_user_iovec
      implementations (in both filemap and ntfs/file), it is assumed that
      copy_from_user_inatomic will zero the tail.
      
      This patch removes that assumption, so that after this patch it will
      be safe for copy_from_user_inatomic to not zero the tail.
      
      This patch also adds some commentary to filemap.h and asm-i386/uaccess.h.
      
      After this patch, all architectures that might disable preempt when
      kmap_atomic is called need to have their __copy_from_user_inatomic* "fixed".
      This includes
       - powerpc
       - i386
       - mips
       - sparc
      Signed-off-by: NNeil Brown <neilb@suse.de>
      Cc: David Howells <dhowells@redhat.com>
      Cc: Anton Altaparmakov <aia21@cantab.net>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Cc: Paul Mackerras <paulus@samba.org>
      Cc: Ralf Baechle <ralf@linux-mips.org>
      Cc: William Lee Irwin III <wli@holomorphy.com>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      01408c49
    • M
      [PATCH] random: remove SA_SAMPLE_RANDOM from floppy driver · afedfd01
      Matt Mackall 提交于
      The floppy driver is already calling add_disk_randomness as it should, so this
      was redundant.
      Signed-off-by: NMatt Mackall <mpm@selenic.com>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      afedfd01
    • J
      [PATCH] Clean up and refactor i386 sub-architecture setup · e75eac33
      Jeremy Fitzhardinge 提交于
      Clean up and refactor i386 sub-architecture setup.
      
      This change moves all the code from the
      asm-i386/mach-*/setup_arch_pre/post.h headers, into
      arch/i386/mach-*/setup.c.  mach-*/setup_arch_pre.h is renamed to
      setup_arch.h, and contains only things which should be in header files.  It
      is purely code-motion; there should be no functional changes at all.
      
      Several functions in arch/i386/kernel/setup.c needed to be made non-static
      so that they're visible to the code in mach-*/setup.c.  asm-i386/setup.h is
      used to hold the prototypes for these functions.
      Signed-off-by: NJeremy Fitzhardinge <jeremy@xensource.com>
      Signed-off-by: NChris Wright <chrisw@sous-sol.org>
      Cc: Zachary Amsden <zach@vmware.com>
      Cc: Chris Wright <chrisw@sous-sol.org>
      Cc: Christian Limpach <Christian.Limpach@cl.cam.ac.uk>
      Cc: Martin Bligh <mbligh@google.com>
      Cc: James Bottomley <James.Bottomley@steeleye.com>
      Cc: Andrey Panin <pazke@donpac.ru>
      Cc: Dave Hansen <haveblue@us.ibm.com>
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      e75eac33
  7. 23 6月, 2006 9 次提交