- 11 9月, 2008 1 次提交
-
-
由 Stephen Smalley 提交于
Update the SELinux entry in MAINTAINERS and drop the obsolete information from the selinux Kconfig help text. Signed-off-by: NStephen Smalley <sds@tycho.nsa.gov> Signed-off-by: NJames Morris <jmorris@namei.org>
-
- 05 9月, 2008 1 次提交
-
-
由 James Morris 提交于
Add gitignore file for scripts/selinux/mdp/mdp. Signed-off-by: NJames Morris <jmorris@namei.org>
-
- 28 8月, 2008 19 次提交
-
-
由 KaiGai Kohei 提交于
The purpose of this patch is to assign per-thread security context under a constraint. It enables multi-threaded server application to kick a request handler with its fair security context, and helps some of userspace object managers to handle user's request. When we assign a per-thread security context, it must not have wider permissions than the original one. Because a multi-threaded process shares a single local memory, an arbitary per-thread security context also means another thread can easily refer violated information. The constraint on a per-thread security context requires a new domain has to be equal or weaker than its original one, when it tries to assign a per-thread security context. Bounds relationship between two types is a way to ensure a domain can never have wider permission than its bounds. We can define it in two explicit or implicit ways. The first way is using new TYPEBOUNDS statement. It enables to define a boundary of types explicitly. The other one expand the concept of existing named based hierarchy. If we defines a type with "." separated name like "httpd_t.php", toolchain implicitly set its bounds on "httpd_t". This feature requires a new policy version. The 24th version (POLICYDB_VERSION_BOUNDARY) enables to ship them into kernel space, and the following patch enables to handle it. Signed-off-by: NKaiGai Kohei <kaigai@ak.jp.nec.com> Acked-by: NStephen Smalley <sds@tycho.nsa.gov> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 Eric Paris 提交于
Add a new Kconfig option SECURITYFS which will build securityfs support but does not require CONFIG_SECURITY. The only current user of securityfs does not depend on CONFIG_SECURITY and there is no reason the full LSM needs to be built to build this fs. Signed-off-by: NEric Paris <eparis@redhat.com> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 James Morris 提交于
-
由 Vladimir Sokolovsky 提交于
Initialize the L_Key and R_Key for memory regions returned from mlx4_ib_alloc_fast_reg_mr(). Otherwise callers just get garbage for the memory keys and can't do anything useful with these MRs. Signed-off-by: NVladimir Sokolovsky <vlad@mellanox.co.il> Signed-off-by: NRoland Dreier <rolandd@cisco.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog由 Linus Torvalds 提交于
* git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog: [WATCHDOG] removed unused #include <version.h> [WATCHDOG] at91rm9200_wdt.c: fix misleading indentation [WATCHDOG] mpc8xxx_wdt: fix modular build [WATCHDOG] hpwdt.c kdebug support [WATCHDOG] Add support for the IDT RC32434 watchdog [WATCHDOG] Add support for the built-int RDC R-321x SoC watchdog [WATHDOG] delete unused driver mpc8xx_wdt.c [WATCHDOG] Fix s3c2410_wdt driver coding style issues [WATCHDOG] Clean out header of s3c2410_wdt driver. [WATCHDOG] Fix NULL usage in s3c2410_wdt driver.
-
由 Alan Cox 提交于
Kanru Chen posted a patch versus the old code which deals with the case where you resize the pty side of a pty/tty pair. In that situation the termios data is updated for both pty and tty but the locks are not held for the right side. This implements the fix differently against the updated tty code. Patch by self but the hard bit (noticing and fixing the bug) is thanks to Kanru Chen. Signed-off-by: NAlan Cox <alan@redhat.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Alan Cox 提交于
The termios settings ioctls on a pty should affect the bound tty side not the pty. The SOFTCAR ioctls use the wrong device file. Signed-off-by: NAlan Cox <alan@redhat.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6由 Linus Torvalds 提交于
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: [CIFS] Add destroy routine for dns_resolver [CIFS] Reorder cifs config item for better clarity [CIFS] Correct keys dependency for cifs kerberos support
-
git://git.kernel.org/pub/scm/linux/kernel/git/penberg/slab-2.6由 Linus Torvalds 提交于
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg/slab-2.6: slub: Disable NUMA remote node defragmentation by default
-
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6由 Linus Torvalds 提交于
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: [PATCH] deal with the first call of ->show() generating no output [PATCH] fix ->llseek() for a bunch of directories [PATCH] fix regular readdir() and friends [PATCH] fix hpux_getdents() [PATCH] fix osf_getdirents() [PATCH] ntfs: use d_add_ci [PATCH] change d_add_ci argument ordering [PATCH] fix efs_lookup() [PATCH] proc: inode number fixlet
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6由 Linus Torvalds 提交于
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc-2.6: sparc: Add target for a stripped kernel sparc64: Make NUMA depend upon SMP.
-
git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6由 Linus Torvalds 提交于
* 'drm-patches' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6: drm: don't set the signal blocker on the master process. drm: don't call the vblank tasklet with irqs disabled. r300: Fix cliprect emit drm/radeon: r300_cmdbuf: Always emit INDX_BUFFER immediately after DRAW_INDEX radeon: fix some hard lockups on r3/4/500s
-
由 Jeff Layton 提交于
Otherwise, we're leaking the payload memory. CC: Stable Kernel <stable@vger.kernel.org> Acked-by: NDavid Howells <dhowells@redhat.com> Signed-off-by: NJeff Layton <jlayton@redhat.com> Signed-off-by: NSteve French <sfrench@us.ibm.com>
-
由 Linus Torvalds 提交于
Here's the patch. It shrinks the stack from 1152 bytes to 192 bytes (the first version, that only did the e1000_option part, got it down to 600 bytes). About half comes from not using multiple "e1000_option" structures, the other half comes from turning the "e1000_opt_list[]" arrays into "static const" instead, so that gcc doesn't copy them onto the stack. Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org> Reveiewed-by: NAuke Kok <auke-jan.h.kok@intel.com> Tested-by: NEmil Tantilov <emil.s.tantilov@intel.com> Signed-off-by: NJeff Kirsher <jeffrey.t.kirsher@intel.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.dk/linux-2.6-block由 Linus Torvalds 提交于
* 'for-linus' of git://git.kernel.dk/linux-2.6-block: block: remove blk_queue_tag_depth() and blk_queue_tag_queue() block: remove unused ->busy part of the block queue tag map bio: fix __bio_copy_iov() handling of bio->bv_len bio: fix bio_copy_kern() handling of bio->bv_len block: submit_bh() inadvertently discards barrier flag on a sync write block: clean up cmdfilter sysfs interface block: rename blk_scsi_cmd_filter to blk_cmd_filter sg: restore command permission for TYPE_SCANNER block: move cmdfilter from gendisk to request_queue
-
git://git.kernel.org/pub/scm/linux/kernel/git/mfasheh/ocfs2由 Linus Torvalds 提交于
* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mfasheh/ocfs2: ocfs2: Increment the reference count of an already-active stack. [PATCH] configfs: Consolidate locking around configfs_detach_prep() in configfs_rmdir() ocfs2: correctly set i_blocks after inline dir gets expanded ocfs2: Jump to correct label in ocfs2_expand_inline_dir() ocfs2: Fix sleep-with-spinlock recovery regression [PATCH] ocfs2/cluster/netdebug.c: fix warning [PATCH] ocfs2/cluster/tcp.c: make some functions static
-
git://git390.osdl.marist.edu/pub/scm/linux-2.6由 Linus Torvalds 提交于
* 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6: [S390] dcss: fix build bug. [S390] Fix linker script.
-
由 Steven Rostedt 提交于
I've been painstakingly debugging the issue with suspend to ram and ftraced. The 2.6.28 code does not have this issue, but since the mcount recording is not going to be in 27, this must be solved for the ftrace daemon version. The resume from suspend to ram would reboot because it was triple faulting. Debugging further, I found that calling the mcount function itself was not an issue, but it would fault when it incremented preempt_count. preempt_count is on the tasks info structure that is on the low memory address of the task's stack. For some reason, it could not write to it. Resuming out of suspend to ram does quite a lot of funny tricks to get to work, so it is not surprising at all that simply doing a preempt_disable() would cause a fault. Thanks to Rafael for suggesting to add a "while (1);" to find the place in resuming that is causing the fault. I would place the loop somewhere in the code, compile and reboot and see if it would either reboot (hit the fault) or simply hang (hit the loop). Doing this over and over again, I narrowed it down that it was happening in enable_nonboot_cpus. At this point, I found that it is easier to simply disable tracing around the suspend code, instead of searching for the particular function that can not handle doing a preempt_disable. This patch disables the tracer as it suspends and reenables it on resume. I tested this patch on my Laptop, and it can resume fine with the patch. Signed-off-by: NSteven Rostedt <srostedt@redhat.com> Acked-by: NRafael J. Wysocki <rjw@sisk.pl> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Linus Torvalds 提交于
This reverts commit 5b6155ee, because the block device ioctl's really aren't ready for it. In particular, the "struct file *" and the "struct inode *" arguments do not necessarily match, which means that the unlocked version of the ioctl (that only gets a "struct file *") isn't actually able to handle the cases it needs to handle. This fixes bugzilla http://bugzilla.kernel.org/show_bug.cgi?id=11401Reported-and-bisected-by: NLaurent Riffard <laurent.riffard@free.fr> Acked-by: NPeter Osterlund <petero2@telia.com> Cc: Alan Cox <alan@redhat.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Jens Axboe <jens.axboe@oracle.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
- 27 8月, 2008 19 次提交
-
-
由 Jens Axboe 提交于
They are unused and ->busy doesn't exist anymore. Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
由 Matthew Wilcox 提交于
It's not used for anything. On top of that, it's racy and can thus trigger a faulty BUG_ON() in __blk_free_tags() on queue exit. Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
由 FUJITA Tomonori 提交于
The commit c5dec1c3 introduced __bio_copy_iov() to add bounce support to blk_rq_map_user_iov. __bio_copy_iov() uses bio->bv_len to copy data for READ commands after the completion but it doesn't work with a request that partially completed. SCSI always completes a PC request as a whole but seems some don't. Signed-off-by: NFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> Cc: stable@kernel.org Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
由 FUJITA Tomonori 提交于
The commit 68154e90 introduced bio_copy_kern() to add bounce support to blk_rq_map_kern. bio_copy_kern() uses bio->bv_len to copy data for READ commands after the completion but it doesn't work with a request that partially completed. SCSI always completes a PC request as a whole but seems some don't. This patch fixes bio_copy_kern to handle the above case. As bio_copy_user does, bio_copy_kern uses struct bio_map_data to store struct bio_vec. Signed-off-by: NFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> Reported-by: NNix <nix@esperi.org.uk> Tested-by: NNix <nix@esperi.org.uk> Cc: stable@kernel.org Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
由 Jens Axboe 提交于
Reported by Milan Broz <mbroz@redhat.com>, commit 18ce3751 inadvertently made submit_bh() discard the barrier bit for a WRITE_SYNC request. Fix that up. Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
由 Adel Gadllah 提交于
This patch changes the interface of the cmd filter to use a +/- notation like: echo -- +0x02 +0x03 -0x08 If neither + or - is given it defaults to + (allow command). Note: The interface was added in 2.6.17-rc1 and is unused and undocumented so far so it's safe to change it. Reviewed-by: NMatthew Wilcox <willy@linux.intel.com> Reviewed-by: NFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> Cc: jens.axboe@oracle.com Cc: James.Bottomley@hansenpartnership.com Cc: dan.j.williams@intel.com Cc: pjones@redhat.com Cc: viro@zeniv.linux.org.uk Cc: dougg@torque.net Signed-off-by: NAdel Gadllah <adel.gadllah@gmail.com> Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
由 FUJITA Tomonori 提交于
Technically, the cmd_filter would be applied to other protocols though it's unlikely to happen. Putting SCSI stuff to request_queue is kinda layer violation. So let's rename it. Signed-off-by: NFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
由 FUJITA Tomonori 提交于
sg allowed any command for TYPE_SCANNER. The cmd_filter patchset doesn't. We can't change sg's permission since it might break the existing software. Signed-off-by: NFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
由 FUJITA Tomonori 提交于
cmd_filter works only for the block layer SG_IO with SCSI block devices. It breaks scsi/sg.c, bsg, and the block layer SG_IO with SCSI character devices (such as st). We hit a kernel crash with them. The problem is that cmd_filter code accesses to gendisk (having struct blk_scsi_cmd_filter) via inode->i_bdev->bd_disk. It works for only SCSI block device files. With character device files, inode->i_bdev leads you to struct cdev. inode->i_bdev->bd_disk->blk_scsi_cmd_filter isn't safe. SCSI ULDs don't expose gendisk; they keep it private. bsg needs to be independent on any protocols. We shouldn't change ULDs to expose their gendisk. This patch moves struct blk_scsi_cmd_filter from gendisk to request_queue, a common object, which eveyone can access to. The user interface doesn't change; users can change the filters via /sys/block/. gendisk has a pointer to request_queue so the cmd_filter code accesses to struct blk_scsi_cmd_filter. Signed-off-by: NFUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> Signed-off-by: NJens Axboe <jens.axboe@oracle.com>
-
由 Serge E. Hallyn 提交于
In August 2006 I posted a patch generating a minimal SELinux policy. This week, David P. Quigley posted an updated version of that as a patch against the kernel. It also had nice logic for auto-installing the policy. Following is David's original patch intro (preserved especially bc it has stats on the generated policies): se interested in the changes there were only two significant changes. The first is that the iteration through the list of classes used NULL as a sentinel value. The problem with this is that the class_to_string array actually has NULL entries in its table as place holders for the user space object classes. The second change was that it would seem at some point the initial sids table was NULL terminated. This is no longer the case so that iteration has to be done on array length instead of looking for NULL. Some statistics on the policy that it generates: The policy consists of 523 lines which contain no blank lines. Of those 523 lines 453 of them are class, permission, and initial sid definitions. These lines are usually little to no concern to the policy developer since they will not be adding object classes or permissions. Of the remaining 70 lines there is one type, one role, and one user statement. The remaining lines are broken into three portions. The first group are TE allow rules which make up 29 of the remaining lines, the second is assignment of labels to the initial sids which consist of 27 lines, and file system labeling statements which are the remaining 11. In addition to the policy.conf generated there is a single file_contexts file containing two lines which labels the entire system with base_t. This policy generates a policy.23 binary that is 7920 bytes. (then a few versions later...): The new policy is 587 lines (stripped of blank lines) with 476 of those lines being the boilerplate that I mentioned last time. The remaining 111 lines have the 3 lines for type, user, and role, 70 lines for the allow rules (one for each object class including user space object classes), 27 lines to assign types to the initial sids, and 11 lines for file system labeling. The policy binary is 9194 bytes. Changelog: Aug 26: Added Documentation/SELinux.txt Aug 26: Incorporated a set of comments by Stephen Smalley: 1. auto-setup SELINUXTYPE=dummy 2. don't auto-install if selinux is enabled with non-dummy policy 3. don't re-compute policy version 4. /sbin/setfiles not /usr/sbin/setfiles Aug 22: As per JMorris comments, made sure make distclean cleans up the mdp directory. Removed a check for file_contexts which is now created in the same file as the check, making it superfluous. Signed-off-by: NSerge Hallyn <serue@us.ibm.com> Signed-off-by: NDavid Quigley <dpquigl@tycho.nsa.gov> Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 Huang Weiyi 提交于
The drivers below do not use LINUX_VERSION_CODE nor KERNEL_VERSION. drivers/watchdog/pc87413_wdt.c This patch removes the said #include <version.h>. Signed-off-by: NHuang Weiyi <weiyi.huang@gmail.com> Signed-off-by: NWim Van Sebroeck <wim@iguana.be>
-
由 Ilpo Jarvinen 提交于
Signed-off-by: NIlpo Jarvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: NWim Van Sebroeck <wim@iguana.be>
-
由 Anton Vorontsov 提交于
Fix the following build error when mpc8xxx_wdt is selected to build as a module: drivers/watchdog/mpc8xxx_wdt.c:304: error: redefinition of '__inittest' drivers/watchdog/mpc8xxx_wdt.c:298: error: previous definition of '__inittest' was here drivers/watchdog/mpc8xxx_wdt.c:304: error: redefinition of 'init_module' drivers/watchdog/mpc8xxx_wdt.c:298: error: previous definition of 'init_module' was here Reported-by: NDave Jones <davej@redhat.com> Signed-off-by: NAnton Vorontsov <avorontsov@ru.mvista.com> Signed-off-by: NWim Van Sebroeck <wim@iguana.be> Cc: Adrian Bunk <bunk@kernel.org> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
-
由 Thomas Mingarelli 提交于
add kdebug support for the hpwdt.c driver. Signed-off-by: NThomas Mingarelli <Thomas.Mingarelli@hp.com> Signed-off-by: NWim Van Sebroeck <wim@iguana.be>
-
由 Florian Fainelli 提交于
Add driver for the IDT RC32434 SoC built-in watchdog. Signed-off-by: NFlorian Fainelli <florian.fainelli@telecomint.eu> Signed-off-by: NWim Van Sebroeck <wim@iguana.be>
-
由 Florian Fainelli 提交于
This patch adds support for the built-in RDC R-321x SoC watchdog. Signed-off-by: NFlorian Fainelli <florian.fainelli@telecomint.eu> Signed-off-by: NWim Van Sebroeck <wim@iguana.be>
-
由 Jochen Friedrich 提交于
The watchdog driver mpc8xx_wdt.c was a device interface to arch/ppc/syslib/m8xx_wdt.c for MPC8xx hardware. Now that ARCH=ppc is gone, this driver is of no more use. For ARCH=powerpc, MPC8xx hardware is supported by mpc8xxx_wdt.c. Signed-off-by: NJochen Friedrich <jochen@scram.de> Signed-off-by: NWim Van Sebroeck <wim@iguana.be> Acked-by: NVitaly Bordug <vitb@kernel.crashing.org> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
-
由 Ben Dooks 提交于
Fixup coding style issues in the s3c2410_wdt driver. Signed-off-by: NBen Dooks <ben-linux@fluff.org> Signed-off-by: NWim Van Sebroeck <wim@iguana.be>
-
由 Ben Dooks 提交于
Remove the changelog from the top of the driver, which is redundant as this information is more accurately represented from the revision control holding the file. Signed-off-by: NBen Dooks <ben-linux@fluff.org> Signed-off-by: NWim Van Sebroeck <wim@iguana.be>
-