- 14 Mar, 2011 17 commits
-
-
Al Viro authored
Signed-off-by:Al Viro <viro@zeniv.linux.org.uk>
-
Al Viro authored
Signed-off-by: -
Al Viro authored
getting LOOKUP_RCU checks out of link_path_walk()... Signed-off-by: -
Al Viro authored
Signed-off-by: -
Al Viro authored
new helper: path_openat(). Does what do_filp_open() does, except that it tries only the walk mode (RCU/normal/force revalidation) it had been told to. Both create and non-create branches are using path_lookupat() now. Fixed the double audit_inode() in non-create branch. Signed-off-by: -
Al Viro authored
take calculation of open_flags by open(2) arguments into new helper in fs/open.c, move filp_open() over there, have it and do_sys_open() use that helper, switch exec.c callers of do_filp_open() to explicit (and constant) struct open_flags. Signed-off-by: -
Al Viro authored
No point messing with passing shitloads of "operation mode" arguments to do_open() one by one, especially since they are not going to change during do_filp_open(). Collect them into a struct, fill it and pass to do_last() by reference. Make sure that lookup intent flags are correctly set and removed - we want them for do_last(), but they make no sense for __do_follow_link(). Signed-off-by: -
Al Viro authored
Signed-off-by: -
Al Viro authored
Signed-off-by: -
Al Viro authored
Signed-off-by: -
Al Viro authored
instead of ad-hackery around need_reval_dot(), do the following: set a flag (LOOKUP_JUMPED) in the beginning of path, on absolute symlink traversal, on ".." and on procfs-style symlinks. Clear on normal components, leave unchanged on ".". Non-nested callers of link_path_walk() call handle_reval_path(), which checks that flag is set and that fs does want the final revalidate thing, then does ->d_revalidate(). In link_path_walk() all the return_reval stuff is gone. Signed-off-by: -
Al Viro authored
no need to do it in three places... Signed-off-by: -
Al Viro authored
Actual dependency on whether we want RCU or not is in 3 small areas (as it ought to be) and everything around those is the same in both versions. Since each function has only one caller and those callers are on two sides of if (flags & LOOKUP_RCU), it's easier and cleaner to merge them and pull the checks inside. Signed-off-by: -
Al Viro authored
New helper: path_lookupat(). Basically, what do_path_lookup() boils to modulo -ECHILD/-ESTALE handler. path_walk* family is gone; vfs_path_lookup() is using link_path_walk() directly, do_path_lookup() and do_filp_open() are using path_lookupat(). Signed-off-by: -
Al Viro authored
Signed-off-by: -
Al Viro authored
all remaining callers pass LOOKUP_PARENT to it, so flags argument can die; renamed to kern_path_parent() Signed-off-by: -
Al Viro authored
don't rely on pathname resolution ending up twice at the same point... Signed-off-by:
-
- 13 Mar, 2011 1 commit
-
-
Al Viro authored
Fix for a dumb preadv()/pwritev() compat bug - unlike the native variants, compat_... ones forget to check FMODE_P{READ,WRITE}, so e.g. on pipe the native preadv() will fail with -ESPIPE and compat one will act as readv() and succeed. Not critical, but it's a clear bug with trivial fix. Signed-off-by:
-
- 10 Mar, 2011 21 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6Linus Torvalds authored
* 'media_fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-2.6: [media] mantis_pci: remove asm/pgtable.h include [media] tda829x: fix regression in probe functions [media] mceusb: don't claim multifunction device non-IR parts [media] nuvoton-cir: fix wake from suspend [media] cx18: Add support for Hauppauge HVR-1600 models with s5h1411 [media] ivtv: Fix corrective action taken upon DMA ERR interrupt to avoid hang [media] cx25840: fix probing of cx2583x chips [media] cx23885: Remove unused 'err:' labels to quiet compiler warning [media] cx23885: Revert "Check for slave nack on all transactions" [media] DiB7000M: add pid filtering [media] Fix sysfs rc protocol lookup for rc-5-sz [media] au0828: fix VBI handling when in V4L2 streaming mode [media] ir-raw: Properly initialize the IR event (BZ#27202) [media] s2255drv: firmware re-loading changes [media] Fix double free of video_device in mem2mem_testdev [media] DM04/QQBOX memcpy to const char fix
-
Doe, YiCheng authored
This patch fixes an issue in OpenIPMI module where sometimes an ABORT command is sent after sending an IPMI request to BMC causing the IPMI request to fail. Signed-off-by:
YiCheng Doe <yicheng.doe@hp.com> Signed-off-by:
Corey Minyard <cminyard@mvista.com> Acked-by:
Tom Mingarelli <thomas.mingarelli@hp.com> Tested-by:
Andy Cress <andy.cress@us.kontron.com> Tested-by:
Mika Lansirine <Mika.Lansirinne@stonesoft.com> Tested-by:
Brian De Wolf <bldewolf@csupomona.edu> Cc: Jean Michel Audet <Jean-Michel.Audet@ca.Kontron.com> Cc: Jozef Sudelsky <jozef.sudolsky@elbiahosting.sk> Acked-by:
Matthew Garrett <mjg@redhat.com> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: fs/dcache: allow d_obtain_alias() to return unhashed dentries Check for immutable/append flag in fallocate path sysctl: the include of rcupdate.h is only needed in the kernel fat: fix d_revalidate oopsen on NFS exports jfs: fix d_revalidate oopsen on NFS exports ocfs2: fix d_revalidate oopsen on NFS exports gfs2: fix d_revalidate oopsen on NFS exports fuse: fix d_revalidate oopsen on NFS exports ceph: fix d_revalidate oopsen on NFS exports reiserfs xattr ->d_revalidate() shouldn't care about RCU /proc/self is never going to be invalidated...
-
Linus Torvalds authored
Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: x86, UV: Initialize the broadcast assist unit base destination node id properly x86, numa: Fix numa_emulation code with memory-less node0 x86, build: Make sure mkpiggy fails on read error
-
Linus Torvalds authored
Merge branch 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: sched: Fix sched rt group scheduling when hierachy is enabled
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tipLinus Torvalds authored
* 'perf/urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: perf symbols: Avoid resolving [kernel.kallsyms] to real path for buildid cache perf symbols: Fix vmlinux path when not using --symfs
-
Takashi Iwai authored
This reverts commit 951f3512 drm/i915: Do not handle backlight combination mode specially since this commit introduced other regressions due to untouched LBPC register, e.g. the backlight dimmed after resume. In addition to the revert, this patch includes a fix for the original issue (weird backlight levels) by removing the wrong bit shift for computing the current backlight level. Also, including typo fixes (lpbc -> lbpc). Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=34524Acked-by:
Indan Zupancic <indan@nul.nu> Reviewed-by:
Keith Packard <keithp@keithp.com> Reviewed-by:
Jesse Barnes <jbarnes@virtuousgeek.org> Cc: <stable@kernel.org> Signed-off-by:
Takashi Iwai <tiwai@suse.de> Signed-off-by:
-
J. Bruce Fields authored
Without this patch, inodes are not promptly freed on last close of an unlinked file by an nfs client: client$ mount -tnfs4 server:/export/ /mnt/ client$ tail -f /mnt/FOO ... server$ df -i /export server$ rm /export/FOO (^C the tail -f) server$ df -i /export server$ echo 2 >/proc/sys/vm/drop_caches server$ df -i /export the df's will show that the inode is not freed on the filesystem until the last step, when it could have been freed after killing the client's tail -f. On-disk data won't be deallocated either, leading to possible spurious ENOSPC. This occurs because when the client does the close, it arrives in a compound with a putfh and a close, processed like: - putfh: look up the filehandle. The only alias found for the inode will be DCACHE_UNHASHED alias referenced by the filp this, so it creates a new DCACHE_DISCONECTED dentry and returns that instead. - close: closes the existing filp, which is destroyed immediately by dput() since it's DCACHE_UNHASHED. - end of the compound: release the reference to the current filehandle, and dput() the new DCACHE_DISCONECTED dentry, which gets put on the unused list instead of being destroyed immediately. Nick Piggin suggested fixing this by allowing d_obtain_alias to return the unhashed dentry that is referenced by the filp, instead of making it create a new dentry. Leave __d_find_alias() alone to avoid changing behavior of other callers. Also nfsd doesn't need all the checks of __d_find_alias(); any dentry, hashed or unhashed, disconnected or not, should work. Signed-off-by:
J. Bruce Fields <bfields@redhat.com> Signed-off-by:
-
Marco Stornelli authored
In the fallocate path the kernel doesn't check for the immutable/append flag. It's possible to have a race condition in this scenario: an application open a file in read/write and it does something, meanwhile root set the immutable flag on the file, the application at that point can call fallocate with success. In addition, we don't allow to do any unreserve operation on an append only file but only the reserve one. Signed-off-by:
Marco Stornelli <marco.stornelli@gmail.com> Signed-off-by:
-
Stephen Rothwell authored
Fixes this built error: include/linux/sysctl.h:28: included file 'linux/rcupdate.h' is not exported Signed-off-by:
Stephen Rothwell <sfr@canb.auug.org.au> Acked-by:
-
Al Viro authored
can't blindly check nd->flags in ->d_revalidate() Signed-off-by: -
Al Viro authored
can't blindly check nd->flags in ->d_revalidate() Signed-off-by: -
Al Viro authored
can't blindly check nd->flags in ->d_revalidate() Signed-off-by: -
Al Viro authored
can't blindly check nd->flags in ->d_revalidate() Signed-off-by: -
Al Viro authored
can't blindly check nd->flags in ->d_revalidate() Signed-off-by: -
Al Viro authored
can't blindly check nd->flags in ->d_revalidate() Signed-off-by: -
Al Viro authored
... it returns an error unconditionally Signed-off-by: -
Al Viro authored
Signed-off-by: -
git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpcLinus Torvalds authored
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc: powerpc/pseries: Disable VPNH feature powerpc/iseries: Fix early init access to lppaca
-
Linus Torvalds authored
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: net: don't allow CAP_NET_ADMIN to load non-netdev kernel modules
-
Stephen Rothwell authored
Fixes this build-check error: include/linux/sysctl.h:28: included file 'linux/rcupdate.h' is not exported Signed-off-by:
-
- 09 Mar, 2011 1 commit
-
-
Vasiliy Kulikov authored
Since a8f80e8f any process with CAP_NET_ADMIN may load any module from /lib/modules/. This doesn't mean that CAP_NET_ADMIN is a superset of CAP_SYS_MODULE as modules are limited to /lib/modules/**. However, CAP_NET_ADMIN capability shouldn't allow anybody load any module not related to networking. This patch restricts an ability of autoloading modules to netdev modules with explicit aliases. This fixes CVE-2011-1019. Arnd Bergmann suggested to leave untouched the old pre-v2.6.32 behavior of loading netdev modules by name (without any prefix) for processes with CAP_SYS_MODULE to maintain the compatibility with network scripts that use autoloading netdev modules by aliases like "eth0", "wlan0". Currently there are only three users of the feature in the upstream kernel: ipip, ip_gre and sit. root@albatros:~# capsh --drop=$(seq -s, 0 11),$(seq -s, 13 34) -- root@albatros:~# grep Cap /proc/$$/status CapInh: 0000000000000000 CapPrm: fffffff800001000 CapEff: fffffff800001000 CapBnd: fffffff800001000 root@albatros:~# modprobe xfs FATAL: Error inserting xfs (/lib/modules/2.6.38-rc6-00001-g2bf4ca3/kernel/fs/xfs/xfs.ko): Operation not permitted root@albatros:~# lsmod | grep xfs root@albatros:~# ifconfig xfs xfs: error fetching interface information: Device not found root@albatros:~# lsmod | grep xfs root@albatros:~# lsmod | grep sit root@albatros:~# ifconfig sit sit: error fetching interface information: Device not found root@albatros:~# lsmod | grep sit root@albatros:~# ifconfig sit0 sit0 Link encap:IPv6-in-IPv4 NOARP MTU:1480 Metric:1 root@albatros:~# lsmod | grep sit sit 10457 0 tunnel4 2957 1 sit For CAP_SYS_MODULE module loading is still relaxed: root@albatros:~# grep Cap /proc/$$/status CapInh: 0000000000000000 CapPrm: ffffffffffffffff CapEff: ffffffffffffffff CapBnd: ffffffffffffffff root@albatros:~# ifconfig xfs xfs: error fetching interface information: Device not found root@albatros:~# lsmod | grep xfs xfs 745319 0 Reference: https://lkml.org/lkml/2011/2/24/203Signed-off-by:
Vasiliy Kulikov <segoon@openwall.com> Signed-off-by:
Michael Tokarev <mjt@tls.msk.ru> Acked-by:
David S. Miller <davem@davemloft.net> Acked-by:
Kees Cook <kees.cook@canonical.com> Signed-off-by:
James Morris <jmorris@namei.org>
-
