diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/audit.h | 28 | ||||
| -rw-r--r-- | include/linux/blkdev.h | 4 | ||||
| -rw-r--r-- | include/linux/capability.h | 12 | ||||
| -rw-r--r-- | include/linux/mlx4/device.h | 3 | ||||
| -rw-r--r-- | include/linux/netlink.h | 1 | ||||
| -rw-r--r-- | include/linux/security.h | 6 | ||||
| -rw-r--r-- | include/linux/tty.h | 9 | ||||
| -rw-r--r-- | include/net/netlabel.h | 1 | ||||
| -rw-r--r-- | include/net/xfrm.h | 23 | ||||
| -rw-r--r-- | include/scsi/libiscsi.h | 1 |
10 files changed, 50 insertions, 38 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 4ccb048cae1..63c3bb98558 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -146,7 +146,7 @@ /* Rule structure sizes -- if these change, different AUDIT_ADD and * AUDIT_LIST commands must be implemented. */ #define AUDIT_MAX_FIELDS 64 -#define AUDIT_MAX_KEY_LEN 32 +#define AUDIT_MAX_KEY_LEN 256 #define AUDIT_BITMASK_SIZE 64 #define AUDIT_WORD(nr) ((__u32)((nr)/32)) #define AUDIT_BIT(nr) (1 << ((nr) - AUDIT_WORD(nr)*32)) @@ -209,6 +209,7 @@ #define AUDIT_WATCH 105 #define AUDIT_PERM 106 #define AUDIT_DIR 107 +#define AUDIT_FILETYPE 108 #define AUDIT_ARG0 200 #define AUDIT_ARG1 (AUDIT_ARG0+1) @@ -549,16 +550,20 @@ extern void audit_log_format(struct audit_buffer *ab, const char *fmt, ...) __attribute__((format(printf,2,3))); extern void audit_log_end(struct audit_buffer *ab); -extern void audit_log_hex(struct audit_buffer *ab, - const unsigned char *buf, - size_t len); extern int audit_string_contains_control(const char *string, size_t len); +extern void audit_log_n_hex(struct audit_buffer *ab, + const unsigned char *buf, + size_t len); +extern void audit_log_n_string(struct audit_buffer *ab, + const char *buf, + size_t n); +#define audit_log_string(a,b) audit_log_n_string(a, b, strlen(b)); +extern void audit_log_n_untrustedstring(struct audit_buffer *ab, + const char *string, + size_t n); extern void audit_log_untrustedstring(struct audit_buffer *ab, const char *string); -extern void audit_log_n_untrustedstring(struct audit_buffer *ab, - size_t n, - const char *string); extern void audit_log_d_path(struct audit_buffer *ab, const char *prefix, struct path *path); @@ -569,7 +574,8 @@ extern int audit_update_lsm_rules(void); extern int audit_filter_user(struct netlink_skb_parms *cb, int type); extern int audit_filter_type(int type); extern int audit_receive_filter(int type, int pid, int uid, int seq, - void *data, size_t datasz, uid_t loginuid, u32 sid); + void *data, size_t datasz, uid_t loginuid, + u32 sessionid, u32 sid); extern int audit_enabled; #else #define audit_log(c,g,t,f,...) do { ; } while (0) @@ -577,9 +583,11 @@ extern int audit_enabled; #define audit_log_vformat(b,f,a) do { ; } while (0) #define audit_log_format(b,f,...) do { ; } while (0) #define audit_log_end(b) do { ; } while (0) -#define audit_log_hex(a,b,l) do { ; } while (0) -#define audit_log_untrustedstring(a,s) do { ; } while (0) +#define audit_log_n_hex(a,b,l) do { ; } while (0) +#define audit_log_n_string(a,c,l) do { ; } while (0) +#define audit_log_string(a,c) do { ; } while (0) #define audit_log_n_untrustedstring(a,n,s) do { ; } while (0) +#define audit_log_untrustedstring(a,s) do { ; } while (0) #define audit_log_d_path(b, p, d) do { ; } while (0) #define audit_enabled 0 #endif diff --git a/include/linux/blkdev.h b/include/linux/blkdev.h index 95864b3ff29..d2a1b71e93c 100644 --- a/include/linux/blkdev.h +++ b/include/linux/blkdev.h @@ -412,8 +412,12 @@ struct request_queue static inline int queue_is_locked(struct request_queue *q) { +#ifdef CONFIG_SMP spinlock_t *lock = q->queue_lock; return lock && spin_is_locked(lock); +#else + return 1; +#endif } static inline void queue_flag_set_unlocked(unsigned int flag, diff --git a/include/linux/capability.h b/include/linux/capability.h index eaab759b146..f4ea0dd9a61 100644 --- a/include/linux/capability.h +++ b/include/linux/capability.h @@ -365,12 +365,12 @@ typedef struct kernel_cap_struct { # error Fix up hand-coded capability macro initializers #else /* HAND-CODED capability initializers */ -# define CAP_EMPTY_SET {{ 0, 0 }} -# define CAP_FULL_SET {{ ~0, ~0 }} -# define CAP_INIT_EFF_SET {{ ~CAP_TO_MASK(CAP_SETPCAP), ~0 }} -# define CAP_FS_SET {{ CAP_FS_MASK_B0, CAP_FS_MASK_B1 } } -# define CAP_NFSD_SET {{ CAP_FS_MASK_B0|CAP_TO_MASK(CAP_SYS_RESOURCE), \ - CAP_FS_MASK_B1 } } +# define CAP_EMPTY_SET ((kernel_cap_t){{ 0, 0 }}) +# define CAP_FULL_SET ((kernel_cap_t){{ ~0, ~0 }}) +# define CAP_INIT_EFF_SET ((kernel_cap_t){{ ~CAP_TO_MASK(CAP_SETPCAP), ~0 }}) +# define CAP_FS_SET ((kernel_cap_t){{ CAP_FS_MASK_B0, CAP_FS_MASK_B1 } }) +# define CAP_NFSD_SET ((kernel_cap_t){{ CAP_FS_MASK_B0|CAP_TO_MASK(CAP_SYS_RESOURCE), \ + CAP_FS_MASK_B1 } }) #endif /* _LINUX_CAPABILITY_U32S != 2 */ diff --git a/include/linux/mlx4/device.h b/include/linux/mlx4/device.h index 9fa1a8002ce..a744383d16e 100644 --- a/include/linux/mlx4/device.h +++ b/include/linux/mlx4/device.h @@ -382,7 +382,8 @@ void mlx4_free_hwq_res(struct mlx4_dev *mdev, struct mlx4_hwq_resources *wqres, int size); int mlx4_cq_alloc(struct mlx4_dev *dev, int nent, struct mlx4_mtt *mtt, - struct mlx4_uar *uar, u64 db_rec, struct mlx4_cq *cq); + struct mlx4_uar *uar, u64 db_rec, struct mlx4_cq *cq, + int collapsed); void mlx4_cq_free(struct mlx4_dev *dev, struct mlx4_cq *cq); int mlx4_qp_alloc(struct mlx4_dev *dev, int sqpn, struct mlx4_qp *qp); diff --git a/include/linux/netlink.h b/include/linux/netlink.h index fb0713b6ffa..bec1062a25a 100644 --- a/include/linux/netlink.h +++ b/include/linux/netlink.h @@ -166,6 +166,7 @@ struct netlink_skb_parms __u32 dst_group; kernel_cap_t eff_cap; __u32 loginuid; /* Login (audit) uid */ + __u32 sessionid; /* Session id (audit) */ __u32 sid; /* SELinux security id */ }; diff --git a/include/linux/security.h b/include/linux/security.h index adb09d893ae..50737c70e78 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1481,7 +1481,7 @@ struct security_operations { int (*getprocattr) (struct task_struct *p, char *name, char **value); int (*setprocattr) (struct task_struct *p, char *name, void *value, size_t size); int (*secid_to_secctx) (u32 secid, char **secdata, u32 *seclen); - int (*secctx_to_secid) (char *secdata, u32 seclen, u32 *secid); + int (*secctx_to_secid) (const char *secdata, u32 seclen, u32 *secid); void (*release_secctx) (char *secdata, u32 seclen); #ifdef CONFIG_SECURITY_NETWORK @@ -1730,7 +1730,7 @@ int security_setprocattr(struct task_struct *p, char *name, void *value, size_t int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_netlink_recv(struct sk_buff *skb, int cap); int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); -int security_secctx_to_secid(char *secdata, u32 seclen, u32 *secid); +int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void security_release_secctx(char *secdata, u32 seclen); #else /* CONFIG_SECURITY */ @@ -2449,7 +2449,7 @@ static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *secle return -EOPNOTSUPP; } -static inline int security_secctx_to_secid(char *secdata, +static inline int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid) { diff --git a/include/linux/tty.h b/include/linux/tty.h index dd8e08fe885..265831ccaa8 100644 --- a/include/linux/tty.h +++ b/include/linux/tty.h @@ -300,7 +300,6 @@ extern void tty_hangup(struct tty_struct * tty); extern void tty_vhangup(struct tty_struct * tty); extern void tty_unhangup(struct file *filp); extern int tty_hung_up_p(struct file * filp); -extern int is_tty(struct file *filp); extern void do_SAK(struct tty_struct *tty); extern void __do_SAK(struct tty_struct *tty); extern void disassociate_ctty(int priv); @@ -351,8 +350,7 @@ extern void tty_audit_add_data(struct tty_struct *tty, unsigned char *data, extern void tty_audit_exit(void); extern void tty_audit_fork(struct signal_struct *sig); extern void tty_audit_push(struct tty_struct *tty); -extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid); -extern void tty_audit_opening(void); +extern void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid); #else static inline void tty_audit_add_data(struct tty_struct *tty, unsigned char *data, size_t size) @@ -367,10 +365,7 @@ static inline void tty_audit_fork(struct signal_struct *sig) static inline void tty_audit_push(struct tty_struct *tty) { } -static inline void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid) -{ -} -static inline void tty_audit_opening(void) +static inline void tty_audit_push_task(struct task_struct *tsk, uid_t loginuid, u32 sessionid) { } #endif diff --git a/include/net/netlabel.h b/include/net/netlabel.h index 5e53a85b5ca..e4d2d6baa98 100644 --- a/include/net/netlabel.h +++ b/include/net/netlabel.h @@ -103,6 +103,7 @@ struct cipso_v4_doi; struct netlbl_audit { u32 secid; uid_t loginuid; + u32 sessionid; }; /* diff --git a/include/net/xfrm.h b/include/net/xfrm.h index baa9f372cfd..d1350bcccb0 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -597,8 +597,9 @@ struct xfrm_spi_skb_cb { /* Audit Information */ struct xfrm_audit { - u32 loginuid; u32 secid; + uid_t loginuid; + u32 sessionid; }; #ifdef CONFIG_AUDITSYSCALL @@ -616,13 +617,13 @@ static inline struct audit_buffer *xfrm_audit_start(const char *op) return audit_buf; } -static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid, +static inline void xfrm_audit_helper_usrinfo(uid_t auid, u32 ses, u32 secid, struct audit_buffer *audit_buf) { char *secctx; u32 secctx_len; - audit_log_format(audit_buf, " auid=%u", auid); + audit_log_format(audit_buf, " auid=%u ses=%u", auid, ses); if (secid != 0 && security_secid_to_secctx(secid, &secctx, &secctx_len) == 0) { audit_log_format(audit_buf, " subj=%s", secctx); @@ -632,13 +633,13 @@ static inline void xfrm_audit_helper_usrinfo(u32 auid, u32 secid, } extern void xfrm_audit_policy_add(struct xfrm_policy *xp, int result, - u32 auid, u32 secid); + u32 auid, u32 ses, u32 secid); extern void xfrm_audit_policy_delete(struct xfrm_policy *xp, int result, - u32 auid, u32 secid); + u32 auid, u32 ses, u32 secid); extern void xfrm_audit_state_add(struct xfrm_state *x, int result, - u32 auid, u32 secid); + u32 auid, u32 ses, u32 secid); extern void xfrm_audit_state_delete(struct xfrm_state *x, int result, - u32 auid, u32 secid); + u32 auid, u32 ses, u32 secid); extern void xfrm_audit_state_replay_overflow(struct xfrm_state *x, struct sk_buff *skb); extern void xfrm_audit_state_notfound_simple(struct sk_buff *skb, u16 family); @@ -647,10 +648,10 @@ extern void xfrm_audit_state_notfound(struct sk_buff *skb, u16 family, extern void xfrm_audit_state_icvfail(struct xfrm_state *x, struct sk_buff *skb, u8 proto); #else -#define xfrm_audit_policy_add(x, r, a, s) do { ; } while (0) -#define xfrm_audit_policy_delete(x, r, a, s) do { ; } while (0) -#define xfrm_audit_state_add(x, r, a, s) do { ; } while (0) -#define xfrm_audit_state_delete(x, r, a, s) do { ; } while (0) +#define xfrm_audit_policy_add(x, r, a, se, s) do { ; } while (0) +#define xfrm_audit_policy_delete(x, r, a, se, s) do { ; } while (0) +#define xfrm_audit_state_add(x, r, a, se, s) do { ; } while (0) +#define xfrm_audit_state_delete(x, r, a, se, s) do { ; } while (0) #define xfrm_audit_state_replay_overflow(x, s) do { ; } while (0) #define xfrm_audit_state_notfound_simple(s, f) do { ; } while (0) #define xfrm_audit_state_notfound(s, f, sp, sq) do { ; } while (0) diff --git a/include/scsi/libiscsi.h b/include/scsi/libiscsi.h index 7b90b63fb5c..cd3ca63d4fb 100644 --- a/include/scsi/libiscsi.h +++ b/include/scsi/libiscsi.h @@ -225,6 +225,7 @@ struct iscsi_conn { /* custom statistics */ uint32_t eh_abort_cnt; + uint32_t fmr_unalign_cnt; }; struct iscsi_pool { |