1. 12 1月, 2012 23 次提交
  2. 11 1月, 2012 17 次提交
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · 4f58cb90
      Linus Torvalds 提交于
      * git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (54 commits)
        crypto: gf128mul - remove leftover "(EXPERIMENTAL)" in Kconfig
        crypto: serpent-sse2 - remove unneeded LRW/XTS #ifdefs
        crypto: serpent-sse2 - select LRW and XTS
        crypto: twofish-x86_64-3way - remove unneeded LRW/XTS #ifdefs
        crypto: twofish-x86_64-3way - select LRW and XTS
        crypto: xts - remove dependency on EXPERIMENTAL
        crypto: lrw - remove dependency on EXPERIMENTAL
        crypto: picoxcell - fix boolean and / or confusion
        crypto: caam - remove DECO access initialization code
        crypto: caam - fix polarity of "propagate error" logic
        crypto: caam - more desc.h cleanups
        crypto: caam - desc.h - convert spaces to tabs
        crypto: talitos - convert talitos_error to struct device
        crypto: talitos - remove NO_IRQ references
        crypto: talitos - fix bad kfree
        crypto: convert drivers/crypto/* to use module_platform_driver()
        char: hw_random: convert drivers/char/hw_random/* to use module_platform_driver()
        crypto: serpent-sse2 - should select CRYPTO_CRYPTD
        crypto: serpent - rename serpent.c to serpent_generic.c
        crypto: serpent - cleanup checkpatch errors and warnings
        ...
      4f58cb90
    • L
      Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security · e7691a1c
      Linus Torvalds 提交于
      * 'for-linus' of git://selinuxproject.org/~jmorris/linux-security: (32 commits)
        ima: fix invalid memory reference
        ima: free duplicate measurement memory
        security: update security_file_mmap() docs
        selinux: Casting (void *) value returned by kmalloc is useless
        apparmor: fix module parameter handling
        Security: tomoyo: add .gitignore file
        tomoyo: add missing rcu_dereference()
        apparmor: add missing rcu_dereference()
        evm: prevent racing during tfm allocation
        evm: key must be set once during initialization
        mpi/mpi-mpow: NULL dereference on allocation failure
        digsig: build dependency fix
        KEYS: Give key types their own lockdep class for key->sem
        TPM: fix transmit_cmd error logic
        TPM: NSC and TIS drivers X86 dependency fix
        TPM: Export wait_for_stat for other vendor specific drivers
        TPM: Use vendor specific function for status probe
        tpm_tis: add delay after aborting command
        tpm_tis: Check return code from getting timeouts/durations
        tpm: Introduce function to poll for result of self test
        ...
      
      Fix up trivial conflict in lib/Makefile due to addition of CONFIG_MPI
      and SIGSIG next to CONFIG_DQL addition.
      e7691a1c
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 5cd9599b
      Linus Torvalds 提交于
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        autofs4: deal with autofs4_write/autofs4_write races
        autofs4: catatonic_mode vs. notify_daemon race
        autofs4: autofs4_wait() vs. autofs4_catatonic_mode() race
        hfsplus: creation of hidden dir on mount can fail
        block_dev: Suppress bdev_cache_init() kmemleak warninig
        fix shrink_dcache_parent() livelock
        coda: switch coda_cnode_make() to sane API as well, clean coda_lookup()
        coda: deal correctly with allocation failure from coda_cnode_makectl()
        securityfs: fix object creation races
      5cd9599b
    • A
      autofs4: deal with autofs4_write/autofs4_write races · d668dc56
      Al Viro 提交于
      Just serialize the actual writing of packets into pipe on
      a new mutex, independent from everything else in the locking
      hierarchy.  As soon as something has started feeding a piece
      of packet into the pipe to daemon, we *want* everything else
      about to try the same to wait until we are done.
      Acked-by: NIan Kent <raven@themaw.net>
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      d668dc56
    • A
      autofs4: catatonic_mode vs. notify_daemon race · 87533332
      Al Viro 提交于
      we need to hold ->wq_mutex while we are forming the packet to send,
      lest we have autofs4_catatonic_mode() setting wq->name.name to NULL
      just as autofs4_notify_daemon() decides to memcpy() from it...
      
      We do have check for catatonic mode immediately after that (under
      ->wq_mutex, as it ought to be) and packet won't be actually sent,
      but it'll be too late for us if we oops on that memcpy() from NULL...
      
      Fix is obvious - just extend the area covered by ->wq_mutex over
      that switch and check whether it's catatonic *before* doing anything
      else.
      Acked-by: NIan Kent <raven@themaw.net>
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      87533332
    • A
      autofs4: autofs4_wait() vs. autofs4_catatonic_mode() race · 4041bcdc
      Al Viro 提交于
      We need to recheck ->catatonic after autofs4_wait() got ->wq_mutex
      for good, or we might end up with wq inserted into queue after
      autofs4_catatonic_mode() had done its thing.  It will stick there
      forever, since there won't be anything to clear its ->name.name.
      
      A bit of a complication: validate_request() drops and regains ->wq_mutex.
      It actually ends up the most convenient place to stick the check into...
      Acked-by: NIan Kent <raven@themaw.net>
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      4041bcdc
    • L
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost · e343a895
      Linus Torvalds 提交于
      lib: use generic pci_iomap on all architectures
      
      Many architectures don't want to pull in iomap.c,
      so they ended up duplicating pci_iomap from that file.
      That function isn't trivial, and we are going to modify it
      https://lkml.org/lkml/2011/11/14/183
      so the duplication hurts.
      
      This reduces the scope of the problem significantly,
      by moving pci_iomap to a separate file and
      referencing that from all architectures.
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost:
        alpha: drop pci_iomap/pci_iounmap from pci-noop.c
        mn10300: switch to GENERIC_PCI_IOMAP
        mn10300: add missing __iomap markers
        frv: switch to GENERIC_PCI_IOMAP
        tile: switch to GENERIC_PCI_IOMAP
        tile: don't panic on iomap
        sparc: switch to GENERIC_PCI_IOMAP
        sh: switch to GENERIC_PCI_IOMAP
        powerpc: switch to GENERIC_PCI_IOMAP
        parisc: switch to GENERIC_PCI_IOMAP
        mips: switch to GENERIC_PCI_IOMAP
        microblaze: switch to GENERIC_PCI_IOMAP
        arm: switch to GENERIC_PCI_IOMAP
        alpha: switch to GENERIC_PCI_IOMAP
        lib: add GENERIC_PCI_IOMAP
        lib: move GENERIC_IOMAP to lib/Kconfig
      
      Fix up trivial conflicts due to changes nearby in arch/{m68k,score}/Kconfig
      e343a895
    • L
      Merge tag 'for-linux-3.3-merge-window' of git://linux-c6x.org/git/projects/linux-c6x-upstreaming · 06792c4d
      Linus Torvalds 提交于
      * tag 'for-linux-3.3-merge-window' of git://linux-c6x.org/git/projects/linux-c6x-upstreaming: (29 commits)
        C6X: replace tick_nohz_stop/restart_sched_tick calls
        C6X: add register_cpu call
        C6X: deal with memblock API changes
        C6X: fix timer64 initialization
        C6X: fix layout of EMIFA registers
        C6X: MAINTAINERS
        C6X: DSCR - Device State Configuration Registers
        C6X: EMIF - External Memory Interface
        C6X: general SoC support
        C6X: library code
        C6X: headers
        C6X: ptrace support
        C6X: loadable module support
        C6X: cache control
        C6X: clocks
        C6X: build infrastructure
        C6X: syscalls
        C6X: interrupt handling
        C6X: time management
        C6X: signal management
        ...
      06792c4d
    • L
      Merge branch 'next' of git://git.monstr.eu/linux-2.6-microblaze · 4690dfa8
      Linus Torvalds 提交于
      * 'next' of git://git.monstr.eu/linux-2.6-microblaze:
        microblaze: Wire-up new system calls
        microblaze: Remove NO_IRQ from architecture
        input: xilinx_ps2: Don't use NO_IRQ
        block: xsysace: Don't use NO_IRQ
        microblaze: Trivial asm fix
        microblaze: Fix debug message in module
        microblaze: Remove eprintk macro
        microblaze: Send CR before LF for early console
        microblaze: Change NO_IRQ to 0
        microblaze: Use irq_of_parse_and_map for timer
        microblaze: intc: Change variable name
        microblaze: Use of_find_compatible_node for timer and intc
        microblaze: Add __cmpdi2
        microblaze: Synchronize __pa __va macros
      4690dfa8
    • L
      Merge branch 'unicore32' of git://github.com/gxt/linux · c2e08e7c
      Linus Torvalds 提交于
      * 'unicore32' of git://github.com/gxt/linux:
        rtc-puv3: solve section mismatch in rtc-puv3.c
        rtc-puv3: using module_platform_driver()
        i2c-puv3: using module_platform_driver()
        rtc-puv3: irq: remove IRQF_DISABLED
        unicore32: Remove IRQF_DISABLED
        unicore32: Use set_current_blocked()
        unicore32: add ioremap_nocache definition
        unicore32: delete specified xlate_dev_mem_ptr
        of: add include asm/setup.h in drivers/of/fdt.c
        unicore32: standardize /proc/iomem "Kernel code" name
      c2e08e7c
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lliubbo/blackfin · 28190145
      Linus Torvalds 提交于
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lliubbo/blackfin:
        blackfin: bf561: add adv7183 capture support
        blackfin: bf537: add capture support
        blackfin: bf548: add capture support
        blackfin: time-ts: rm unused func broadcast_timer_setup()
        blackfin: i2c-lcd: change default clock rate
        blackfin: mac: dsa: add vlan mask in board file
        blackfin: bf537: change num_chipselect for spi-sport
        blackfin: serial: bfin-uart: remove unused field
        bf54x: get mem size: missing break in switch
        blackfin: smp: fix msg queue overflow issue
        blackfin: config: update macro SPI_BFIN in board file
        blackfin: config: update def config for all boards
        blackfin: smp: cleanup smp code
        blackfin: smp: add suspend and wakeup irq flags
        blackfin: bf533-stamp: add missed patches for new asoc driver
        blackfin: bf533-stamp: fix ad1836 name
      28190145
    • L
      Merge branch 'writeback-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/wfg/linux · 001a541e
      Linus Torvalds 提交于
      * 'writeback-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/wfg/linux:
        writeback: move MIN_WRITEBACK_PAGES to fs-writeback.c
        writeback: balanced_rate cannot exceed write bandwidth
        writeback: do strict bdi dirty_exceeded
        writeback: avoid tiny dirty poll intervals
        writeback: max, min and target dirty pause time
        writeback: dirty ratelimit - think time compensation
        btrfs: fix dirtied pages accounting on sub-page writes
        writeback: fix dirtied pages accounting on redirty
        writeback: fix dirtied pages accounting on sub-page writes
        writeback: charge leaked page dirties to active tasks
        writeback: Include all dirty inodes in background writeback
      001a541e
    • L
      Merge branch 'akpm' (aka "Andrew's patch-bomb") · 40ba5879
      Linus Torvalds 提交于
      Andrew elucidates:
       - First installmeant of MM.  We have a HUGE number of MM patches this
         time.  It's crazy.
       - MAINTAINERS updates
       - backlight updates
       - leds
       - checkpatch updates
       - misc ELF stuff
       - rtc updates
       - reiserfs
       - procfs
       - some misc other bits
      
      * akpm: (124 commits)
        user namespace: make signal.c respect user namespaces
        workqueue: make alloc_workqueue() take printf fmt and args for name
        procfs: add hidepid= and gid= mount options
        procfs: parse mount options
        procfs: introduce the /proc/<pid>/map_files/ directory
        procfs: make proc_get_link to use dentry instead of inode
        signal: add block_sigmask() for adding sigmask to current->blocked
        sparc: make SA_NOMASK a synonym of SA_NODEFER
        reiserfs: don't lock root inode searching
        reiserfs: don't lock journal_init()
        reiserfs: delay reiserfs lock until journal initialization
        reiserfs: delete comments referring to the BKL
        drivers/rtc/interface.c: fix alarm rollover when day or month is out-of-range
        drivers/rtc/rtc-twl.c: add DT support for RTC inside twl4030/twl6030
        drivers/rtc/: remove redundant spi driver bus initialization
        drivers/rtc/rtc-jz4740.c: make jz4740_rtc_driver static
        drivers/rtc/rtc-mc13xxx.c: make mc13xxx_rtc_idtable static
        rtc: convert drivers/rtc/* to use module_platform_driver()
        drivers/rtc/rtc-wm831x.c: convert to devm_kzalloc()
        drivers/rtc/rtc-wm831x.c: remove unused period IRQ handler
        ...
      40ba5879
    • S
      user namespace: make signal.c respect user namespaces · 6b550f94
      Serge E. Hallyn 提交于
      ipc/mqueue.c: for __SI_MESQ, convert the uid being sent to recipient's
      user namespace. (new, thanks Oleg)
      
      __send_signal: convert current's uid to the recipient's user namespace
      for any siginfo which is not SI_FROMKERNEL (patch from Oleg, thanks
      again :)
      
      do_notify_parent and do_notify_parent_cldstop: map task's uid to parent's
      user namespace
      
      ptrace_signal maps parent's uid into current's user namespace before
      including in signal to current.  IIUC Oleg has argued that this shouldn't
      matter as the debugger will play with it, but it seems like not converting
      the value currently being set is misleading.
      
      Changelog:
      Sep 20: Inspired by Oleg's suggestion, define map_cred_ns() helper to
      	simplify callers and help make clear what we are translating
              (which uid into which namespace).  Passing the target task would
      	make callers even easier to read, but we pass in user_ns because
      	current_user_ns() != task_cred_xxx(current, user_ns).
      Sep 20: As recommended by Oleg, also put task_pid_vnr() under rcu_read_lock
      	in ptrace_signal().
      Sep 23: In send_signal(), detect when (user) signal is coming from an
      	ancestor or unrelated user namespace.  Pass that on to __send_signal,
      	which sets si_uid to 0 or overflowuid if needed.
      Oct 12: Base on Oleg's fixup_uid() patch.  On top of that, handle all
      	SI_FROMKERNEL cases at callers, because we can't assume sender is
      	current in those cases.
      Nov 10: (mhelsley) rename fixup_uid to more meaningful usern_fixup_signal_uid
      Nov 10: (akpm) make the !CONFIG_USER_NS case clearer
      Signed-off-by: NSerge Hallyn <serge.hallyn@canonical.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Matt Helsley <matthltc@us.ibm.com>
      Cc: "Eric W. Biederman" <ebiederm@xmission.com>
      From: Serge Hallyn <serge.hallyn@canonical.com>
      Subject: __send_signal: pass q->info, not info, to userns_fixup_signal_uid (v2)
      
      Eric Biederman pointed out that passing info is a bug and could lead to a
      NULL pointer deref to boot.
      
      A collection of signal, securebits, filecaps, cap_bounds, and a few other
      ltp tests passed with this kernel.
      
      Changelog:
          Nov 18: previous patch missed a leading '&'
      Signed-off-by: NSerge Hallyn <serge.hallyn@canonical.com>
      Cc: "Eric W. Biederman" <ebiederm@xmission.com>
      From: Dan Carpenter <dan.carpenter@oracle.com>
      Subject: ipc/mqueue: lock() => unlock() typo
      
      There was a double lock typo introduced in b085f4bd6b21 "user namespace:
      make signal.c respect user namespaces"
      Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Matt Helsley <matthltc@us.ibm.com>
      Cc: "Eric W. Biederman" <ebiederm@xmission.com>
      Acked-by: NSerge Hallyn <serge@hallyn.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      6b550f94
    • T
      workqueue: make alloc_workqueue() take printf fmt and args for name · b196be89
      Tejun Heo 提交于
      alloc_workqueue() currently expects the passed in @name pointer to remain
      accessible.  This is inconvenient and a bit silly given that the whole wq
      is being dynamically allocated.  This patch updates alloc_workqueue() and
      friends to take printf format string instead of opaque string and matching
      varargs at the end.  The name is allocated together with the wq and
      formatted.
      
      alloc_ordered_workqueue() is converted to a macro to unify varargs
      handling with alloc_workqueue(), and, while at it, add comment to
      alloc_workqueue().
      
      None of the current in-kernel users pass in string with '%' as constant
      name and this change shouldn't cause any problem.
      
      [akpm@linux-foundation.org: use __printf]
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Suggested-by: NChristoph Hellwig <hch@infradead.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      b196be89
    • V
      procfs: add hidepid= and gid= mount options · 0499680a
      Vasiliy Kulikov 提交于
      Add support for mount options to restrict access to /proc/PID/
      directories.  The default backward-compatible "relaxed" behaviour is left
      untouched.
      
      The first mount option is called "hidepid" and its value defines how much
      info about processes we want to be available for non-owners:
      
      hidepid=0 (default) means the old behavior - anybody may read all
      world-readable /proc/PID/* files.
      
      hidepid=1 means users may not access any /proc/<pid>/ directories, but
      their own.  Sensitive files like cmdline, sched*, status are now protected
      against other users.  As permission checking done in proc_pid_permission()
      and files' permissions are left untouched, programs expecting specific
      files' modes are not confused.
      
      hidepid=2 means hidepid=1 plus all /proc/PID/ will be invisible to other
      users.  It doesn't mean that it hides whether a process exists (it can be
      learned by other means, e.g.  by kill -0 $PID), but it hides process' euid
      and egid.  It compicates intruder's task of gathering info about running
      processes, whether some daemon runs with elevated privileges, whether
      another user runs some sensitive program, whether other users run any
      program at all, etc.
      
      gid=XXX defines a group that will be able to gather all processes' info
      (as in hidepid=0 mode).  This group should be used instead of putting
      nonroot user in sudoers file or something.  However, untrusted users (like
      daemons, etc.) which are not supposed to monitor the tasks in the whole
      system should not be added to the group.
      
      hidepid=1 or higher is designed to restrict access to procfs files, which
      might reveal some sensitive private information like precise keystrokes
      timings:
      
      http://www.openwall.com/lists/oss-security/2011/11/05/3
      
      hidepid=1/2 doesn't break monitoring userspace tools.  ps, top, pgrep, and
      conky gracefully handle EPERM/ENOENT and behave as if the current user is
      the only user running processes.  pstree shows the process subtree which
      contains "pstree" process.
      
      Note: the patch doesn't deal with setuid/setgid issues of keeping
      preopened descriptors of procfs files (like
      https://lkml.org/lkml/2011/2/7/368).  We rely on that the leaked
      information like the scheduling counters of setuid apps doesn't threaten
      anybody's privacy - only the user started the setuid program may read the
      counters.
      Signed-off-by: NVasiliy Kulikov <segoon@openwall.com>
      Cc: Alexey Dobriyan <adobriyan@gmail.com>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Randy Dunlap <rdunlap@xenotime.net>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Greg KH <greg@kroah.com>
      Cc: Theodore Tso <tytso@MIT.EDU>
      Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
      Cc: James Morris <jmorris@namei.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: Hugh Dickins <hughd@google.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      0499680a
    • V
      procfs: parse mount options · 97412950
      Vasiliy Kulikov 提交于
      Add support for procfs mount options.  Actual mount options are coming in
      the next patches.
      Signed-off-by: NVasiliy Kulikov <segoon@openwall.com>
      Cc: Alexey Dobriyan <adobriyan@gmail.com>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Randy Dunlap <rdunlap@xenotime.net>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Greg KH <greg@kroah.com>
      Cc: Theodore Tso <tytso@MIT.EDU>
      Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
      Cc: James Morris <jmorris@namei.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      97412950