Age | Commit message (Collapse) | Author |
|
The put routine first decrements the users counter and then
(if it is zero) locks the sta_bss_lock and removes one from
the list and the hash.
Thus, any of ieee80211_sta_config_auth, ieee80211_rx_bss_get
or ieee80211_rx_mesh_bss_get can race with it by finding a
bss that is about to get kfree-ed.
Using atomic_dec_and_lock in ieee80211_rx_bss_put takes care
of this race.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
|
*Fix radio chip identification on AR5424/2424 during ath5k_hw_attach
*Try to assign an RF2413 radio on AR2424 for testing
Changes-licensed-under: ISC
Signed-off-by: Nick Kossifidis <mickflemm@gmail.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
|
In the SSB SPROM a field set to all ones means the value
is not defined in the SPROM.
In case of the boardflags, we need to set them to zero
to avoid confusing drivers. Drivers will only check the
flags by ANDing.
Signed-off-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Gabor Stefanik <netrolller.3d@gmail.com>
Signed-off-by: Michael Buesch <mb@bu3sch.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
|
This adds more workarounds for devices with broken BT bits.
Signed-off-by: Michael Buesch <mb@bu3sch.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
|
The HostFlags are a bitmask of 48bit. So we must use an u64 datatype
to hold all bits.
Signed-off-by: Michael Buesch <mb@bu3sch.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
|
This adds a workaround for invalid bluetooth SPROM settings
on ASUS PCI cards.
This will stop the microcode from poking with the BT GPIO line.
This fixes data transmission on this device, as the BT GPIO line
is used for something TX related on this device
(probably the power amplifier or the radio).
This also adds a modparam knob to help debugging this in the future,
as more devices with this bug may show up.
Signed-off-by: Michael Buesch <mb@bu3sch.de>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
|
This updates the mac80211 maintainers entry to
1) remove Jiri
2) put me first
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Cc: Michael Wu <flamingice@sourmilk.net>
Cc: Jiri Benc <jbenc@suse.cz>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
|
There are two structures named wmm_info and wmm_param, they are used while
parsing the beacon frame. (Check the function ieee802_11_parse_elems).
Certain APs like D-link does not set the fifth bit in WMM IE.
While sending the association request to n-only ap it checks for wmm_ie.
If it is set then only ieee80211_ht_cap is sent during association request.
So n-only association fails.
And this patch fixes this problem by copying the wmm_info to wmm_ie,
which enables the "wmm" flag in iee80211_send_assoc.
Signed-off-by: Abhijeet Kolekar <abhijeet.kolekar@intel.com>
Acked-by: Ron Rindjunsky <ron.rindjunsky@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
|
|
This patch fixes problem in Makefile that prevented
built-in compilation of iwlcore
Commit that caused this problem: eadd3c4b ("iwlwifi: make Makefile
more concise")
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Yi Zhu <yi.zhu@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
After the removal of the Solaris binary emulation the exports of
move_addr_to_{kernel,user} are no longer used.
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
The LEDS infrastructure itself does not require anything
that a platform dependant upon HAS_IOMEM.
The individual drivers do, but they are properly guarded
with the necessary platform dependencies.
One can even imagine a hypervisor based LED driver that
a platform without HAS_IOMEM might have.
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
As it stands it's impossible to use any authentication algorithms
with an ID above 31 portably. It just happens to work on x86 but
fails miserably on ppc64.
The reason is that we're using a bit mask to check the algorithm
ID but the mask is only 32 bits wide.
After looking at how this is used in the field, I have concluded
that in the long term we should phase out state matching by IDs
because this is made superfluous by the reqid feature. For current
applications, the best solution IMHO is to allow all algorithms when
the bit masks are all ~0.
The following patch does exactly that.
This bug was identified by IBM when testing on the ppc64 platform
using the NULL authentication algorithm which has an ID of 251.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Sorry I have just realized set_normalized_timespec() (used in
timespec_sub()) is not exported, and link will fail because of it...
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Make use of tcp before macro.
Signed-off-by: Arnd Hannemann <hannemann@nets.rwth-aachen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
These cli()/sti() calls are made in start_timer() and are therefor
redundant since the register_lock is now used to protect register
io from within scc_isr() and write_scc() (where all calls to
start_timer() originate).
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
The netns start-stop engine can happily live with any of
init or exit callbacks set to NULL.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
What do_gettimeofday() does is to call getnstimeofday() and
to convert the result from timespec{} to timeval{}.
We do not always need timeval{} and we can convert timespec{}
when we really need (to print).
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Acked-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
The ip6_route_net_init() performs some unneeded actions.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
The del_timer() function doesn't guarantee, that the timer callback
is not active by the time it exits.
Thus, the fib6_net_exit() may kfree() all the data, that is required
by the fib6_run_gc(). The race window is tiny, but slab poisoning can
trigger this bug.
Using del_timer_sync() will cure this.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
What do_gettimeofday() does is to call getnstimeofday() and
to convert the result from timespec{} to timeval{}.
After that, these callers convert the result again to msec.
Use getnstimeofday() and convert the units at once.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
This patch makes the needlessly global icmp_sk_init() static.
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
This patch makes the needlessly global struct
ip6_prohibit_entry_template static.
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
This is a trivial fix to correct function name in a comment in
net/ipv4/tcp.c.
Signed-off-by: Satoru SATOH <satoru.satoh@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Expose dev_id to userspace, because it helps to disambiguate between
interfaces where the MAC address is unique.
This should allow us to simplify the handling of persistent naming for
S390 network devices in udev -- because it can depend on a simple
attribute of the device like the other match criteria, rather than
having a special case for SUBSYSTEMS=="ccwgroup".
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Add kernel-doc notation for ndisc_nodetype:
Warning(linux-2.6.25-git2//include/linux/skbuff.h:340): No description found for parameter 'ndisc_nodetype'
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
[ INFO: possible recursive locking detected ]
2.6.25 #3
---------------------------------------------
ax25ipd/3811 is trying to acquire lock:
(rose_node_list_lock){-+..}, at: [<f8d31f1a>] rose_get_neigh+0x1a/0xa0
[rose]
but task is already holding lock:
(rose_node_list_lock){-+..}, at: [<f8d31fed>]
rose_route_frame+0x4d/0x620 [rose]
other info that might help us debug this:
6 locks held by ax25ipd/3811:
#0: (&tty->atomic_write_lock){--..}, at: [<c0259a1c>]
tty_write_lock+0x1c/0x50
#1: (rcu_read_lock){..--}, at: [<c02aea36>] net_rx_action+0x96/0x230
#2: (rcu_read_lock){..--}, at: [<c02ac5c0>] netif_receive_skb+0x100/0x2f0
#3: (rose_node_list_lock){-+..}, at: [<f8d31fed>]
rose_route_frame+0x4d/0x620 [rose]
#4: (rose_neigh_list_lock){-+..}, at: [<f8d31ff7>]
rose_route_frame+0x57/0x620 [rose]
#5: (rose_route_list_lock){-+..}, at: [<f8d32001>]
rose_route_frame+0x61/0x620 [rose]
stack backtrace:
Pid: 3811, comm: ax25ipd Not tainted 2.6.25 #3
[<c0147e27>] print_deadlock_bug+0xc7/0xd0
[<c0147eca>] check_deadlock+0x9a/0xb0
[<c0149cd2>] validate_chain+0x1e2/0x310
[<c0149b95>] ? validate_chain+0xa5/0x310
[<c010a7d8>] ? native_sched_clock+0x88/0xc0
[<c0149fa1>] __lock_acquire+0x1a1/0x750
[<c014a5d1>] lock_acquire+0x81/0xa0
[<f8d31f1a>] ? rose_get_neigh+0x1a/0xa0 [rose]
[<c03201a3>] _spin_lock_bh+0x33/0x60
[<f8d31f1a>] ? rose_get_neigh+0x1a/0xa0 [rose]
[<f8d31f1a>] rose_get_neigh+0x1a/0xa0 [rose]
[<f8d32404>] rose_route_frame+0x464/0x620 [rose]
[<c031ffdd>] ? _read_unlock+0x1d/0x20
[<f8d31fa0>] ? rose_route_frame+0x0/0x620 [rose]
[<f8d1c396>] ax25_rx_iframe+0x66/0x3b0 [ax25]
[<f8d1f42f>] ? ax25_start_t3timer+0x1f/0x40 [ax25]
[<f8d1e65b>] ax25_std_frame_in+0x7fb/0x890 [ax25]
[<c0320005>] ? _spin_unlock_bh+0x25/0x30
[<f8d1bdf6>] ax25_kiss_rcv+0x2c6/0x800 [ax25]
[<c02a4769>] ? sock_def_readable+0x59/0x80
[<c014a8a7>] ? __lock_release+0x47/0x70
[<c02a4769>] ? sock_def_readable+0x59/0x80
[<c031ffdd>] ? _read_unlock+0x1d/0x20
[<c02a4769>] ? sock_def_readable+0x59/0x80
[<c02a4d3a>] ? sock_queue_rcv_skb+0x13a/0x1d0
[<c02a4c45>] ? sock_queue_rcv_skb+0x45/0x1d0
[<f8d1bb30>] ? ax25_kiss_rcv+0x0/0x800 [ax25]
[<c02ac715>] netif_receive_skb+0x255/0x2f0
[<c02ac5c0>] ? netif_receive_skb+0x100/0x2f0
[<c02af05c>] process_backlog+0x7c/0xf0
[<c02aeb0c>] net_rx_action+0x16c/0x230
[<c02aea36>] ? net_rx_action+0x96/0x230
[<c012bd53>] __do_softirq+0x93/0x120
[<f8d2a68a>] ? mkiss_receive_buf+0x33a/0x3f0 [mkiss]
[<c012be37>] do_softirq+0x57/0x60
[<c012c265>] local_bh_enable_ip+0xa5/0xe0
[<c0320005>] _spin_unlock_bh+0x25/0x30
[<f8d2a68a>] mkiss_receive_buf+0x33a/0x3f0 [mkiss]
[<c025ea37>] pty_write+0x47/0x60
[<c025c620>] write_chan+0x1b0/0x220
[<c0259a1c>] ? tty_write_lock+0x1c/0x50
[<c011fec0>] ? default_wake_function+0x0/0x10
[<c0259bea>] tty_write+0x12a/0x1c0
[<c025c470>] ? write_chan+0x0/0x220
[<c018bbc6>] vfs_write+0x96/0x130
[<c0259ac0>] ? tty_write+0x0/0x1c0
[<c018c24d>] sys_write+0x3d/0x70
[<c0104d1e>] sysenter_past_esp+0x5f/0xa5
=======================
BUG: soft lockup - CPU#0 stuck for 61s! [ax25ipd:3811]
Pid: 3811, comm: ax25ipd Not tainted (2.6.25 #3)
EIP: 0060:[<c010a9db>] EFLAGS: 00000246 CPU: 0
EIP is at native_read_tsc+0xb/0x20
EAX: b404aa2c EBX: b404a9c9 ECX: 017f1000 EDX: 0000076b
ESI: 00000001 EDI: 00000000 EBP: ecc83afc ESP: ecc83afc
DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
CR0: 8005003b CR2: b7f5f000 CR3: 2cd8e000 CR4: 000006f0
DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
DR6: ffff0ff0 DR7: 00000400
[<c0204937>] delay_tsc+0x17/0x30
[<c02048e9>] __delay+0x9/0x10
[<c02127f6>] __spin_lock_debug+0x76/0xf0
[<c0212618>] ? spin_bug+0x18/0x100
[<c0147923>] ? __lock_contended+0xa3/0x110
[<c0212998>] _raw_spin_lock+0x68/0x90
[<c03201bf>] _spin_lock_bh+0x4f/0x60
[<f8d31f1a>] ? rose_get_neigh+0x1a/0xa0 [rose]
[<f8d31f1a>] rose_get_neigh+0x1a/0xa0 [rose]
[<f8d32404>] rose_route_frame+0x464/0x620 [rose]
[<c031ffdd>] ? _read_unlock+0x1d/0x20
[<f8d31fa0>] ? rose_route_frame+0x0/0x620 [rose]
[<f8d1c396>] ax25_rx_iframe+0x66/0x3b0 [ax25]
[<f8d1f42f>] ? ax25_start_t3timer+0x1f/0x40 [ax25]
[<f8d1e65b>] ax25_std_frame_in+0x7fb/0x890 [ax25]
[<c0320005>] ? _spin_unlock_bh+0x25/0x30
[<f8d1bdf6>] ax25_kiss_rcv+0x2c6/0x800 [ax25]
[<c02a4769>] ? sock_def_readable+0x59/0x80
[<c014a8a7>] ? __lock_release+0x47/0x70
[<c02a4769>] ? sock_def_readable+0x59/0x80
[<c031ffdd>] ? _read_unlock+0x1d/0x20
[<c02a4769>] ? sock_def_readable+0x59/0x80
[<c02a4d3a>] ? sock_queue_rcv_skb+0x13a/0x1d0
[<c02a4c45>] ? sock_queue_rcv_skb+0x45/0x1d0
[<f8d1bb30>] ? ax25_kiss_rcv+0x0/0x800 [ax25]
[<c02ac715>] netif_receive_skb+0x255/0x2f0
[<c02ac5c0>] ? netif_receive_skb+0x100/0x2f0
[<c02af05c>] process_backlog+0x7c/0xf0
[<c02aeb0c>] net_rx_action+0x16c/0x230
[<c02aea36>] ? net_rx_action+0x96/0x230
[<c012bd53>] __do_softirq+0x93/0x120
[<f8d2a68a>] ? mkiss_receive_buf+0x33a/0x3f0 [mkiss]
[<c012be37>] do_softirq+0x57/0x60
[<c012c265>] local_bh_enable_ip+0xa5/0xe0
[<c0320005>] _spin_unlock_bh+0x25/0x30
[<f8d2a68a>] mkiss_receive_buf+0x33a/0x3f0 [mkiss]
[<c025ea37>] pty_write+0x47/0x60
[<c025c620>] write_chan+0x1b0/0x220
[<c0259a1c>] ? tty_write_lock+0x1c/0x50
[<c011fec0>] ? default_wake_function+0x0/0x10
[<c0259bea>] tty_write+0x12a/0x1c0
[<c025c470>] ? write_chan+0x0/0x220
[<c018bbc6>] vfs_write+0x96/0x130
[<c0259ac0>] ? tty_write+0x0/0x1c0
[<c018c24d>] sys_write+0x3d/0x70
[<c0104d1e>] sysenter_past_esp+0x5f/0xa5
=======================
Since rose_route_frame() does not use rose_node_list we can safely
remove rose_node_list_lock spin lock here and let it be free for
rose_get_neigh().
Signed-off-by: Bernard Pidoux <f6bvp@amsat.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
================================================
[ BUG: lock held when returning to user space! ]
------------------------------------------------
xfbbd/3683 is leaving the kernel with locks still held!
1 lock held by xfbbd/3683:
#0: (sk_lock-AF_ROSE){--..}, at: [<c8cd1eb3>] rose_connect+0x73/0x420 [rose]
INFO: task xfbbd:3683 blocked for more than 120 seconds.
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
xfbbd D 00000246 0 3683 3669
c6965ee0 00000092 c02c5c40 00000246 c0f6b5f0 c0f6b5c0 c0f6b5f0 c0f6b5c0
c0f6b614 c6965f18 c024b74b ffffffff c06ba070 00000000 00000000 00000001
c6ab07c0 c012d450 c0f6b634 c0f6b634 c7b5bf10 c0d6004c c7b5bf10 c6965f40
Call Trace:
[<c024b74b>] lock_sock_nested+0x6b/0xd0
[<c012d450>] ? autoremove_wake_function+0x0/0x40
[<c02488f1>] sock_fasync+0x41/0x150
[<c0249e69>] sock_close+0x19/0x40
[<c0175d54>] __fput+0xb4/0x170
[<c0176018>] fput+0x18/0x20
[<c017300e>] filp_close+0x3e/0x70
[<c01744e9>] sys_close+0x69/0xb0
[<c0103bda>] sysenter_past_esp+0x5f/0xa5
=======================
INFO: lockdep is turned off.
Signed-off-by: Bernard Pidoux <f6bvp@amsat.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
_urb_free is an alias for kfree... making code longer & harder to
read. Remove it.
Signed-off-by: Pavel Machek <pavel@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
The functions time_before, time_before_eq, time_after, and time_after_eq
are more robust for comparing jiffies against other values.
A simplified version of the semantic patch making this change is as follows:
(http://www.emn.fr/x-info/coccinelle/)
// <smpl>
@ change_compare_np @
expression E;
@@
(
- jiffies <= E
+ time_before_eq(jiffies,E)
|
- jiffies >= E
+ time_after_eq(jiffies,E)
|
- jiffies < E
+ time_before(jiffies,E)
|
- jiffies > E
+ time_after(jiffies,E)
)
@ include depends on change_compare_np @
@@
#include <linux/jiffies.h>
@ no_include depends on !include && change_compare_np @
@@
#include <linux/...>
+ #include <linux/jiffies.h>
// </smpl>
Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
The functions time_before, time_before_eq, time_after, and time_after_eq
are more robust for comparing jiffies against other values.
A simplified version of the semantic patch making this change is as follows:
(http://www.emn.fr/x-info/coccinelle/)
// <smpl>
@ change_compare_np @
expression E;
@@
(
- jiffies <= E
+ time_before_eq(jiffies,E)
|
- jiffies >= E
+ time_after_eq(jiffies,E)
|
- jiffies < E
+ time_before(jiffies,E)
|
- jiffies > E
+ time_after(jiffies,E)
)
@ include depends on change_compare_np @
@@
#include <linux/jiffies.h>
@ no_include depends on !include && change_compare_np @
@@
#include <linux/...>
+ #include <linux/jiffies.h>
// </smpl>
Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
hci_usb: do not initialize static variables to 0.
Signed-off-by: Pavel Machek <pavel@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Herbert Xu's commit fb93134dfc2a6e6fbedc7c270a31da03fce88db9, entitled
"[TCP]: Fix size calculation in sk_stream_alloc_pskb", has triggered a
bug in the 5701 where the 5701 DMA engine will corrupt outgoing
packets. This problem only happens when the starting address of the
packet matches a certain range of offsets and only when the 5701 is
placed downstream of a particular Intel bridge.
This patch detects the problematic bridge and if present, readjusts the
starting address of the packet data to a dword aligned boundary.
Signed-off-by: Matt Carlson <mcarlson@broadcom.com>
Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Code within NS_DEBUG_SPINLOCKS contained deprecated cli()/sti()
function calls. NS_DEBUG_SPINLOCKS and the associated code seems to
be of little use these days so the strategy of removing this code
rather then updating it to use spinlocks has been taken.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Reviewed-by: Matthew Wilcox <willy@linux.intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Reportred by Ingo Molnar:
drivers/net/wireless/iwlwifi/iwl-debugfs.c: In function 'iwl_dbgfs_stations_read':
drivers/net/wireless/iwlwifi/iwl-debugfs.c:256: error: 'struct iwl4965_tid_data' has no member named 'agg'
Needs CONFIG_IWL4965_HT protection.
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Reported by Ingo Molnar.
The SIP helper is also useful without NAT. This patch adds an ifdef
around the RTP call optimization for NATed clients.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
We need to select LIBCRC32C.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6:
security: fix up documentation for security_module_enable
Security: Introduce security= boot parameter
Audit: Final renamings and cleanup
SELinux: use new audit hooks, remove redundant exports
Audit: internally use the new LSM audit hooks
LSM/Audit: Introduce generic Audit LSM hooks
SELinux: remove redundant exports
Netlink: Use generic LSM hook
Audit: use new LSM hooks instead of SELinux exports
SELinux: setup new inode/ipc getsecid hooks
LSM: Introduce inode_getsecid and ipc_getsecid hooks
|
|
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.26: (1090 commits)
[NET]: Fix and allocate less memory for ->priv'less netdevices
[IPV6]: Fix dangling references on error in fib6_add().
[NETLABEL]: Fix NULL deref in netlbl_unlabel_staticlist_gen() if ifindex not found
[PKT_SCHED]: Fix datalen check in tcf_simp_init().
[INET]: Uninline the __inet_inherit_port call.
[INET]: Drop the inet_inherit_port() call.
SCTP: Initialize partial_bytes_acked to 0, when all of the data is acked.
[netdrvr] forcedeth: internal simplifications; changelog removal
phylib: factor out get_phy_id from within get_phy_device
PHY: add BCM5464 support to broadcom PHY driver
cxgb3: Fix __must_check warning with dev_dbg.
tc35815: Statistics cleanup
natsemi: fix MMIO for PPC 44x platforms
[TIPC]: Cleanup of TIPC reference table code
[TIPC]: Optimized initialization of TIPC reference table
[TIPC]: Remove inlining of reference table locking routines
e1000: convert uint16_t style integers to u16
ixgb: convert uint16_t style integers to u16
sb1000.c: make const arrays static
sb1000.c: stop inlining largish static functions
...
|
|
security_module_enable() can only be called during kernel init.
Signed-off-by: James Morris <jmorris@namei.org>
|
|
Add the security= boot parameter. This is done to avoid LSM
registration clashes in case of more than one bult-in module.
User can choose a security module to enable at boot. If no
security= boot parameter is specified, only the first LSM
asking for registration will be loaded. An invalid security
module name will be treated as if no module has been chosen.
LSM modules must check now if they are allowed to register
by calling security_module_enable(ops) first. Modify SELinux
and SMACK to do so.
Do not let SMACK register smackfs if it was not chosen on
boot. Smackfs assumes that smack hooks are registered and
the initial task security setup (swapper->security) is done.
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
|
|
Rename the se_str and se_rule audit fields elements to
lsm_str and lsm_rule to avoid confusion.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
|
|
Setup the new Audit LSM hooks for SELinux.
Remove the now redundant exported SELinux Audit interface.
Audit: Export 'audit_krule' and 'audit_field' to the public
since their internals are needed by the implementation of the
new LSM hook 'audit_rule_known'.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
|
|
Convert Audit to use the new LSM Audit hooks instead of
the exported SELinux interface.
Basically, use:
security_audit_rule_init
secuirty_audit_rule_free
security_audit_rule_known
security_audit_rule_match
instad of (respectively) :
selinux_audit_rule_init
selinux_audit_rule_free
audit_rule_has_selinux
selinux_audit_rule_match
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
|
|
Introduce a generic Audit interface for security modules
by adding the following new LSM hooks:
audit_rule_init(field, op, rulestr, lsmrule)
audit_rule_known(krule)
audit_rule_match(secid, field, op, rule, actx)
audit_rule_free(rule)
Those hooks are only available if CONFIG_AUDIT is enabled.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Reviewed-by: Paul Moore <paul.moore@hp.com>
|
|
Remove the following exported SELinux interfaces:
selinux_get_inode_sid(inode, sid)
selinux_get_ipc_sid(ipcp, sid)
selinux_get_task_sid(tsk, sid)
selinux_sid_to_string(sid, ctx, len)
They can be substitued with the following generic equivalents
respectively:
new LSM hook, inode_getsecid(inode, secid)
new LSM hook, ipc_getsecid*(ipcp, secid)
LSM hook, task_getsecid(tsk, secid)
LSM hook, sid_to_secctx(sid, ctx, len)
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Reviewed-by: Paul Moore <paul.moore@hp.com>
|
|
Don't use SELinux exported selinux_get_task_sid symbol.
Use the generic LSM equivalent instead.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: David S. Miller <davem@davemloft.net>
Reviewed-by: Paul Moore <paul.moore@hp.com>
|
|
Stop using the following exported SELinux interfaces:
selinux_get_inode_sid(inode, sid)
selinux_get_ipc_sid(ipcp, sid)
selinux_get_task_sid(tsk, sid)
selinux_sid_to_string(sid, ctx, len)
kfree(ctx)
and use following generic LSM equivalents respectively:
security_inode_getsecid(inode, secid)
security_ipc_getsecid*(ipcp, secid)
security_task_getsecid(tsk, secid)
security_sid_to_secctx(sid, ctx, len)
security_release_secctx(ctx, len)
Call security_release_secctx only if security_secid_to_secctx
succeeded.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Reviewed-by: Paul Moore <paul.moore@hp.com>
|
|
Setup the new inode_getsecid and ipc_getsecid() LSM hooks
for SELinux.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Reviewed-by: Paul Moore <paul.moore@hp.com>
|