- 02 6月, 2005 1 次提交
-
-
由 David Woodhouse 提交于
I cunningly put the audit call immediately after the copy_from_user().... but used the _userspace_ copy of the args still. Let's not do that. Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
- 27 5月, 2005 1 次提交
-
-
由 David Woodhouse 提交于
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
- 26 5月, 2005 1 次提交
-
-
由 David Woodhouse 提交于
While they were all just simple blobs it made sense to just free them as we walked through and logged them. Now that there are pointers to other objects which need refcounting, we might as well revert to _only_ logging them in audit_log_exit(), and put the code to free them properly in only one place -- in audit_free_aux(). Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org> ----------------------------------------------------------
-
- 25 5月, 2005 1 次提交
-
-
由 Stephen Smalley 提交于
Per Steve Grubb's observation that there are some remaining cases where avc_audit() directly logs untrusted strings without escaping them, here is a patch that changes avc_audit() to use audit_log_untrustedstring() or audit_log_hex() as appropriate. Note that d_name.name is nul- terminated by d_alloc(), and that sun_path is nul-terminated by unix_mkname(), so it is not necessary for the AVC to create nul- terminated copies or to alter audit_log_untrustedstring to take a length argument. In the case of an abstract name, we use audit_log_hex() with an explicit length. Signed-off-by: NStephen Smalley <sds@tycho.nsa.gov> Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
- 24 5月, 2005 2 次提交
-
-
由 David Woodhouse 提交于
It comes from the user; it needs to be escaped. Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
由 David Woodhouse 提交于
These changes make processing of audit logs easier. Based on a patch from Steve Grubb <sgrubb@redhat.com> Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
- 22 5月, 2005 1 次提交
-
-
由 David Woodhouse 提交于
Move audit_serial() into audit.c and use it to generate serial numbers on messages even when there is no audit context from syscall auditing. This allows us to disambiguate audit records when more than one is generated in the same millisecond. Based on a patch by Steve Grubb after he observed the problem. Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
- 21 5月, 2005 4 次提交
-
-
由 David Woodhouse 提交于
When I added the logging of pid= and comm= back to avc_audit() I screwed it up. Put it back how it should be. Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
由 Steve Grubb 提交于
The attached patch changes all occurrences of loginuid to auid. It also changes everything to %u that is an unsigned type. Signed-off-by: NSteve Grubb <sgrubb@redhat.com> Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
由 Steve Grubb 提交于
The original AVC_USER message wasn't consolidated with the new range of user messages. The attached patch fixes the kernel so the old messages work again. Signed-off-by: NSteve Grubb <sgrubb@redhat.com> Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
由 Stephen Smalley 提交于
This patch changes the SELinux AVC to defer logging of paths to the audit framework upon syscall exit, by saving a reference to the (dentry,vfsmount) pair in an auxiliary audit item on the current audit context for processing by audit_log_exit. Signed-off-by: NStephen Smalley <sds@tycho.nsa.gov> Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
- 19 5月, 2005 9 次提交
-
-
由 David Woodhouse 提交于
The limit on the number of outstanding audit messages was inadvertently removed with the switch to queuing skbs directly for sending by a kernel thread. Put it back again. Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
由 David Woodhouse 提交于
-
由 David Woodhouse 提交于
Nobody does. Really, it gets very silly if auditd is recording its own actions. Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
由 David Woodhouse 提交于
We turned this all off because the 'exe=' was causing deadlocks on dcache_lock. There's no need to leave the pid and comm out though. They'll all be logged correctly if full auditing is enabled, but we should still print them in case auditing _isn't_ enabled. Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
由 David Woodhouse 提交于
netlink_unicast() will attempt to reallocate and will free messages if the socket's rcvbuf limit is reached unless we give it an infinite timeout. So do that, from a kernel thread which is dedicated to spewing stuff up the netlink socket. Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
由 Steve Grubb 提交于
* If vsnprintf returns -1, it will mess up the sk buffer space accounting. This is fixed by not calling skb_put with bogus len values. * audit_log_hex was a loop that called audit_log_vformat with %02X for each character. This is very inefficient since conversion from unsigned character to Ascii representation is essentially masking, shifting, and byte lookups. Also, the length of the converted string is well known - it's twice the original. Fixed by rewriting the function. * audit_log_untrustedstring had no comments. This makes it hard for someone to understand what the string format will be. * audit_log_d_path was never fixed to use untrustedstring. This could mess up user space parsers. This was fixed to make a temp buffer, call d_path, and log temp buffer using untrustedstring. From: Steve Grubb <sgrubb@redhat.com> Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
由 Stephen Tweedie 提交于
Avoid console spam with ext3 aborted journal. ext3 usually reports error conditions that it detects in its environment. But when its journal gets aborted due to such errors, it can sometimes continue to report that condition forever, spamming the console to such an extent that the initial first cause of the journal abort can be lost. When the journal aborts, we put the filesystem into readonly mode. Most subsequent filesystem operations will get rejected immediately by checks for MS_RDONLY either in the filesystem or in the VFS. But some paths do not have such checks --- for example, if we continue to write to a file handle that was opened before the fs went readonly. (We only check for the ROFS condition when the file is first opened.) In these cases, we can continue to generate log errors similar to EXT3-fs error (device $DEV) in start_transaction: Journal has aborted for each subsequent write. There is really no point in generating these errors after the initial error has been fully reported. Specifically, if we're starting a completely new filesystem operation, and the filesystem is *already* readonly (ie. the ext3 layer has already detected and handled the underlying jbd abort), and we see an EROFS error, then there is simply no point in reporting it again. Signed-off-by: NStephen Tweedie <sct@redhat.com> Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
-
由 Stephen Tweedie 提交于
Don't pass meaningless file handles to block device ioctls. The recent raw IO ioctl-passthrough fix started passing the raw file handle into the block device ioctl handler. That's unlikely to be useful, as the file handle is actually open on a character-mode raw device, not a block device, so dereferencing it is not going to yield useful results to a block device ioctl handler. Previously we just passed NULL; also not a value that can usefully be dereferenced, but at least if it does happen, we'll oops instead of silently pretending that the file is a block device, so NULL is the more defensive option here. This patch reverts to that behaviour. Noticed by Al Viro. Signed-off-by: NStephen Tweedie <sct@redhat.com> Acked-by: NAl Viro <viro@parcelfarce.linux.theplanet.co.uk> Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
-
- 18 5月, 2005 12 次提交
-
-
由 David Woodhouse 提交于
It's silly to have to add explicit entries for new userspace messages as we invent them. Just treat all messages in the user range the same. Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
-
由 David Brownell 提交于
The driver model has a "detach_state" mechanism that: - Has never been used by any in-kernel drive; - Is superfluous, since driver remove() methods can do the same thing; - Became buggy when the suspend() parameter changed semantics and type; - Could self-deadlock when called from certain suspend contexts; - Is effectively wasted documentation, object code, and headspace. This removes that "detach_state" mechanism; net code shrink, as well as a per-device saving in the driver model and sysfs. Signed-off-by: NDavid Brownell <dbrownell@users.sourceforge.net> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 David Brownell 提交于
This patch includes various tweaks in the messaging that appears during system pm state transitions: * Warn about certain illegal calls in the device tree, like resuming child before parent or suspending parent before child. This could happen easily enough through sysfs, or in some cases when drivers use device_pm_set_parent(). * Be more consistent about dev_dbg() tracing ... do it for resume() and shutdown() too, and never if the driver doesn't have that method. * Say which type of system sleep state is being entered. Except for the warnings, these only affect debug messaging. Signed-off-by: NDavid Brownell <dbrownell@users.sourceforge.net> Acked-by: NPavel Machek <pavel@ucw.cz> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Greg KH 提交于
Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Greg KH 提交于
Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Scott Murray 提交于
If my CPCI hotplug update patch is applied, then there are no longer any in tree users of the pci_visit_dev API, and it and its related code can be removed. Signed-off-by: NScott Murray <scottm@somanetworks.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Scott Murray 提交于
[PATCH] CPCI: update I have finally done some work to update the CompactPCI hotplug driver to fix some of the outstanding issues in 2.6: - Added adapter and latch status ops so that those files will get created by the current PCI hotplug core. This used to not be required, but seems to be now after some of the sysfs rework in the core. - Replaced slot list spinlock with a r/w semaphore to avoid any potential issues with sleeping. This quiets all of the runtime warnings. - Reworked interrupt driven hot extraction handling to remove need for a polling operator for ENUM# status. There are a lot of boards that only have an interrupt driven by ENUM#, so this lowers the bar to entry. - Replaced pci_visit_dev usage with better use of the PCI core functions. The new code is functionally equivalent to the previous code, but the use of pci_enable_device on insert needs to be investigated further, as I need to do some more testing to see if it is still necessary. Signed-off-by: NScott Murray <scottm@somanetworks.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Dely Sy 提交于
Here is the updated patch to get pciehp driver to work for downstream port of a switch and handle the difference in the offset value of PCI Express capability list item of different ports. Signed-off-by: NDely Sy <dely.l.sy@intel.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Dely Sy 提交于
Here is a patch to fix the problem of echoing 1 to "power" file to enabled slot causing the slot to power down, and echoing 0 to disabled slot causing shpchp_disabled_slot() to be called twice. This problem was reported by kenji Kaneshige. Thanks, Dely Signed-off-by: NDely Sy <dely.l.sy@intel.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Christoph Lameter 提交于
The GET_INDEX() macro should use just the low three bits of the devfn, otherwise we have a memory scribble in pcie_rootport_aspm_quirk that overwrites ptype_all Fix it to be more careful about its arguments while at it. Acked by Dely Sy <dely.l.sy@intel.com> Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
-
由 randy_dunlap 提交于
free agent Signed-off-by: NRandy Dunlap <rdunlap@xenotime.net> Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
-
由 Paul Mackerras 提交于
We need to call parse_early_param() early on to allow usage of early_param() for command line parsing. Signed-off-by: NKumar Gala <kumar.gala@freescale.com> Signed-off-by: NPaul Mackerras <paulus@samba.org> Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
-
- 17 5月, 2005 8 次提交
-
-
由 Johannes Stezenbach 提交于
- remove enable_ci, ci interface is assumed to be present if the saa7113 is not found. - reduce the delay when checking for saa7113 - clean up the cam reset according to specifications - turn off Vcc to the cam slot if cam is removed or fails reset - remove cam reset in ciintf_init - clean up printks (KERN_) - move gpio setting into saa7113_init - clean up unreadable frontend_init (Kenneth Aafloy) Signed-off-by: NJohannes Stezenbach <js@linuxtv.org> Signed-off-by: NAndrew Morton <akpm@osdl.org> Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
-
由 Johannes Stezenbach 提交于
whitespace cleanup Signed-off-by: NJohannes Stezenbach <js@linuxtv.org> Signed-off-by: NAndrew Morton <akpm@osdl.org> Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
-
由 Johannes Stezenbach 提交于
fixed CI debug output (Dominique Dumont) Signed-off-by: NJohannes Stezenbach <js@linuxtv.org> Signed-off-by: NAndrew Morton <akpm@osdl.org> Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
-
由 Johannes Stezenbach 提交于
fix a bug in the module parameter (Dominique Dumont) Signed-off-by: NJohannes Stezenbach <js@linuxtv.org> Signed-off-by: NAndrew Morton <akpm@osdl.org> Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
-
由 Johannes Stezenbach 提交于
updated documentation (Manu Abraham) Signed-off-by: NJohannes Stezenbach <js@linuxtv.org> Signed-off-by: NAndrew Morton <akpm@osdl.org> Signed-off-by: NLinus Torvalds <torvalds@osdl.org>