1. 12 Apr, 2004 40 commits
    • Andrew Morton's avatar
      [PATCH] selinux: Audit compute_sid errors · df25ad33
      Andrew Morton authored
      From: Stephen Smalley <sds@epoch.ncsc.mil>
      
      This patch changes an error message printk'd by security_compute_sid to use
      the audit framework instead.  These errors reflect situations where a
      security transition would normally occur due to policy, but the resulting
      security context is not valid.  The patch also changes the code to always
      call the audit framework rather than only doing so when permissive as this
      was causing problems with testing policy, and does some code cleanup.
      df25ad33
    • Andrew Morton's avatar
      [PATCH] selinux: make IPv6 code work with audit framework · 7787c5a4
      Andrew Morton authored
      From: James Morris <jmorris@redhat.com>
      
      This patch makes the IPv6 code work with the audit framework, following the
      merge of both.
      7787c5a4
    • Andrew Morton's avatar
      [PATCH] Light-weight Auditing Framework · f85a96f6
      Andrew Morton authored
      From: Rik Faith <faith@redhat.com>
      
      This patch provides a low-overhead system-call auditing framework for Linux
      that is usable by LSM components (e.g., SELinux).  This is an update of the
      patch discussed in this thread:
      
          http://marc.theaimsgroup.com/?t=107815888100001&r=1&w=2
      
      In brief, it provides for netlink-based logging of audit records that have
      been generated in other parts of the kernel (e.g., SELinux) as well as the
      ability to audit system calls, either independently (using simple
      filtering) or as a compliment to the audit record that another part of the
      kernel generated.
      
      The main goals were to provide system call auditing with 1) as low overhead
      as possible, and 2) without duplicating functionality that is already
      provided by SELinux (and/or other security infrastructures).  This
      framework will work "stand-alone", but is not designed to provide, e.g.,
      CAPP functionality without another security component in place.
      
      This updated patch includes changes from feedback I have received,
      including the ability to compile without CONFIG_NET (and better use of
      tabs, so use -w if you diff against the older patch).
      
      Please see http://people.redhat.com/faith/audit/ for an early example
      user-space client (auditd-0.4.tar.gz) and instructions on how to try it.
      
      My future intentions at the kernel level include improving filtering (e.g.,
      syscall personality/exit codes) and syscall support for more architectures.
       First, though, I'm going to work on documentation, a (real) audit daemon,
      and patches for other user-space tools so that people can play with the
      framework and understand how it can be used with and without SELinux.
      
      
      Update:
      
      Light-weight Auditing Framework receive filter fixes
      From: Rik Faith <faith@redhat.com>
      
      Since audit_receive_filter() is only called with audit_netlink_sem held, it
      cannot race with either audit_del_rule() or audit_add_rule(), so the
      list_for_each_entry_rcu()s may be replaced by list_for_each_entry()s, and
      the rcu_read_{un,}lock()s removed.  A fix for this is part of the attached
      patch.
      
      Other features of the attached patch are:
      
      1) generalized the ability to test for inequality
      
      2) added syscall exit status reporting and testing
      
      3) added ability to report and test first 4 syscall arguments (this adds
         a large amount of flexibility for little cost; not implemented or tested
         on ppc64)
      
      4) added ability to report and test personality
      
      User-space demo program enhanced for new fields and inequality testing:
      http://people.redhat.com/faith/audit/auditd-0.5.tar.gz
      f85a96f6
    • Andrew Morton's avatar
      [PATCH] From: James Morris <jmorris@redhat.com> · 0e8e57e3
      Andrew Morton authored
      This patch removes a harmless duplicate assignment from the IPv6 code.
      0e8e57e3
    • Andrew Morton's avatar
      [PATCH] selinux: add IPv6 support · 5e752b7e
      Andrew Morton authored
      From: James Morris <jmorris@redhat.com>
      
      The patch below adds explicit IPv6 support to SELinux.
      
      Brief description of changes:
      
      o IPv6 networking is now subject to the same controls as IPv4 (in
        addition to the generic socket permissions which cover all protocols),
        namely: bind to local node address; bind to local port; send & receive
        TCP/UDP and raw IP packets based on local network interface and remote
        node address.
      
      o Packet parsing has been extended to IPv6 packets for logging and
        control, and simplified for IPv4.
      
      o Support for logging of IPv6 addresses has also been added.
      
      o The kernel policy database code has been modified to support IPv6, and
        reworked to provide generic security policy version handling so that
        older policy versions will still work, making upgrading simpler.
      
      Corresponding userspace patches are available at
      <http://people.redhat.com/jmorris/selinux/ipv6/>, although current
      userspace tools will continue to function normally (but without explicit
      IPv6 support).
      
      For more details at the security management level, see
      <http://marc.theaimsgroup.com/?l=selinux&m=108068187630948&w=2>
      
      This code has been under testing and review for several weeks.
      5e752b7e
    • Andrew Morton's avatar
      [PATCH] reiserfs writepage race with data=ordered · bcf506bd
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      reiserfs-writepage-ordered-race needs a minor update to include your latest
      __block_write_full_page fixes for the direct_read_under bug Daniel was
      hitting.
      bcf506bd
    • Andrew Morton's avatar
      [PATCH] reiserfs_kfree warning fix · b566678f
      Andrew Morton authored
      fs/reiserfs/journal.c: In function `reiserfs_end_persistent_transaction':
      fs/reiserfs/journal.c:2616: warning: unused variable `s'
      
      Make the functions static inline so that typechecking is enabled if
      !CONFIG_REISERFS_CHECK.
      b566678f
    • Andrew Morton's avatar
      [PATCH] reiserfs: fix dirty-buffer warnings · 77ae13bc
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      block_write_full_page() might see and lock clean metadata buffers, which leads
      to journal-1777 messages.  Change the message to ignore bh locked.
      77ae13bc
    • Andrew Morton's avatar
      [PATCH] reiserfs: scheduling latency improvements · 6f2085c0
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      Some latency improvements for the reiserfs data=ordered code from Takashi.
      6f2085c0
    • Andrew Morton's avatar
      [PATCH] reiserfs: truncate leak fix · e2de7edb
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      reiserfs_unmap_buffer should clean and wait on all buffers.  This fixes a
      leak under fsx workloads.
      e2de7edb
    • Andrew Morton's avatar
      [PATCH] reiserfs: laptop-mode support · 008c597b
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      Add reiserfs support for laptop mode.
      008c597b
    • Andrew Morton's avatar
      [PATCH] reiserfs: sparse file handling fix · 34cd7802
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      reiserfs_file_write makes a hole one block too large if it is the first thing
      in the file.
      34cd7802
    • Andrew Morton's avatar
      [PATCH] reiserfs: fix race with writepage · 7a06b83d
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      Fix reiserfs_writepage so it doesn't race with data=ordered writes.  This
      still has a pending fix to redirty the page when it finds a locked buffer. 
      Waiting for Andrew to finish sorting that out on ext3 first.
      7a06b83d
    • Andrew Morton's avatar
      [PATCH] reiserfs: tail repacking fix · fb1b3b04
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      Repacking a tail might leave a journal handle attached to an unmapped buffer.
       If that buffer gets dirtied again (via mmap for example), the reiserfs
      data=ordered code might try to write the dirty unmapped buffer to disk.
      
      The fix is to make sure we remove the journal handle when we unmap buffers.
      fb1b3b04
    • Andrew Morton's avatar
      [PATCH] reiserfs: preallocation support · d12e3392
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      Enable preallocation for reiserfs_file_write when the write size is smaller
      than the default preallocation size.
      d12e3392
    • Andrew Morton's avatar
      [PATCH] reiserfs: locking fix · ec6f9553
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      Make sure to hold the BKL while ending a transaction in the error path or
      reiserfs_prepare_write.
      ec6f9553
    • Andrew Morton's avatar
      [PATCH] reiserfs: data=ordered support · bb0d9672
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      reiserfs data=ordered support.
      bb0d9672
    • Andrew Morton's avatar
      [PATCH] reiserfs: logging rework · 7c563ced
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      reiserfs logging rework, making things much faster for small transactions. 
      metadata buffers are dirtied when they are safe to write, so normal kernel
      mechanisms can contribute to log cleaning.
      7c563ced
    • Andrew Morton's avatar
      [PATCH] reiserfs: cleanups · 8f576882
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      reiserfs cleanup, get rid of old debugging code.
      8f576882
    • Andrew Morton's avatar
      [PATCH] reiserfs: support for nested transactions · 7a10b433
      Andrew Morton authored
      From: Chris Mason <mason@suse.com>
      
      reiserfs support for nested transactions.  This originally came from Peter
      Braam for 2.4.x and was ported forward by Jeff Mahoney.
      7a10b433
    • Andrew Morton's avatar
      [PATCH] Fix ext3 transaction batching · 545b0840
      Andrew Morton authored
      ext3 transaction batching has been ineffective since the scheduler changes
      forced us to replace the yield() with a schedule().
      
      Using schedule_timeout(1) fixes it up again.  Benchmarking is positive with
      wither a 1 or 10 millisecond delay in there, so there appears to be no need
      to play around with HZ.
      545b0840
    • Andrew Morton's avatar
      [PATCH] Non-Exec stack support · 01cc53b2
      Andrew Morton authored
      From: Kurt Garloff <garloff@suse.de>
      
      A patch to parse the elf binaries for a PT_GNU_STACK section to set the stack
      non-executable if possible.  Most parts have been shamelessly stolen from
      Ingo Molnar's more ambitious stackshield
      http://people.redhat.com/mingo/exec-shield/exec-shield-2.6.4-C9
      
      The toolchain has meanwhile support for marking the binaries with a
      PT_GNU_STACK section wwithout x bit as needed.
      
      If no such section is found, we leave the stack to whatever the arch defaults
      to.  If there is one, we explicitly disabled the VM_EXEC bit if no x bit is
      found, otherwise explicitly enable.
      01cc53b2
    • Andrew Morton's avatar
      [PATCH] list.h cleanup · 492361a6
      Andrew Morton authored
      - s/__inline__/inline/
      
      - Remove lots of extraneous andi-was-here trailing whitespace
      492361a6
    • Andrew Morton's avatar
      [PATCH] Improve list.h documentation for _rcu() primitives · 0109dc6d
      Andrew Morton authored
      From: "Paul E. McKenney" <paulmck@us.ibm.com>
      
      The attached patch improves the documentation of the _rcu list primitives.
      0109dc6d
    • Andrew Morton's avatar
      [PATCH] ibmlana needs CONFIG_MCA_LEGACY · c9a7032d
      Andrew Morton authored
      From: "Luiz Fernando N. Capitulino" <lcapitulino@prefeitura.sp.gov.br>
      
      IBM LAN Adapter/A driver depends on mca-legacy.
      c9a7032d
    • Andrew Morton's avatar
      [PATCH] cycx_drv.c warning fix. · ed871211
      Andrew Morton authored
      From: "Luiz Fernando N. Capitulino" <lcapitulino@prefeitura.sp.gov.br>
      
      drivers/net/wan/cycx_drv.c: In function `load_cyc2x':
      drivers/net/wan/cycx_drv.c:430: warning: unsigned int format, long unsigned int arg (arg 3)
      ed871211
    • Andrew Morton's avatar
      [PATCH] pmdisk needs asmlinkage · fa736caa
      Andrew Morton authored
      From: Pavel Machek <pavel@ucw.cz>
      
      This function will break with -mregparm, so mark it asmlinkage.
      fa736caa
    • Andrew Morton's avatar
      [PATCH] tda1004x.c var not used. · 4b99e75b
      Andrew Morton authored
      From: "Luiz Fernando N. Capitulino" <lcapitulino@prefeitura.sp.gov.br>
      
      drivers/media/dvb/frontends/tda1004x.c:191: warning: `errno' defined but not used
      4b99e75b
    • Andrew Morton's avatar
      [PATCH] wavefront_synth.c var not used. · e77a6be9
      Andrew Morton authored
      From: "Luiz Fernando N. Capitulino" <lcapitulino@prefeitura.sp.gov.br>
      
      sound/isa/wavefront/wavefront_synth.c:1923: warning: `errno' defined but not used
      e77a6be9
    • Andrew Morton's avatar
      [PATCH] nfs-32bit-statfs-fix warning fix · f6ff7fe5
      Andrew Morton authored
      With CONFIG_LBD=n:
      
      fs/open.c: In function `vfs_statfs_native':
      fs/open.c:67: warning: comparison is always true due to limited range of data type
      fs/open.c:70: warning: comparison is always true due to limited range of data type
      f6ff7fe5
    • Andrew Morton's avatar
      [PATCH] Fix 32bit statfs on NFS · 678736c9
      Andrew Morton authored
      From: Olaf Kirch <okir@suse.de>
      
      The attached patch fixes a problem with the 32bit statfs call on NFS file
      systems.  Some NFS servers return a value of -1 for the f_files and f_ffree.
      The current code would think this is a 64bit value that cannot be converted
      to 32bits.  Consequently, the system call would always fail.
      
      The patch adds two special if() to detect a value of -1 for f_files and
      f_ffree.
      678736c9
    • Andrew Morton's avatar
      [PATCH] Subject: [PATCH] Fix overflow bug in READDIRPLUS... · a11317b1
      Andrew Morton authored
      From: Trond Myklebust <trond.myklebust@fys.uio.no>
      
      Fixes the Oops reported by Paul Blazejowski.  Bug turned out to be in the page
      overflow checking for READDIRPLUS.
      a11317b1
    • Andrew Morton's avatar
      [PATCH] drivers/base/platform.c typo fix · 1908da86
      Andrew Morton authored
      From: Geert Uytterhoeven <Geert.Uytterhoeven@sonycom.com>
      1908da86
    • Andrew Morton's avatar
      [PATCH] cx88 update. · 6cd80eb7
      Andrew Morton authored
      From: Gerd Knorr <kraxel@bytesex.org>
      
      This is a update for the cx88 driver.  There are *lots* of changes:
      
        * vbi support was added.
        * plenty of fixes for audio support (there are still problems
          through).
        * new cards added.
        * serveral minor tweaks.
      6cd80eb7
    • Andrew Morton's avatar
      [PATCH] v4l: documentation update · d4953f47
      Andrew Morton authored
      From: Gerd Knorr <kraxel@bytesex.org>
      
      This patch updates the documentation for the v4l drivers.
      d4953f47
    • Andrew Morton's avatar
      [PATCH] v4l: bttv driver update · 2b12289c
      Andrew Morton authored
      From: Gerd Knorr <kraxel@bytesex.org>
      
      This patch updates the bttv driver.  Changes:
      
        (1) several card-specific tweaks.
        (2) make software vs. hardware i2c configurable per TV card.
        (3) reinitialize image parameters after chip reset.
        (4) make bttv quite by default on frame drops.
        (5) new insmod option: "debug_latency=1" to enable frame drop
            debug messages.
      
      bttv is quite sensitive to irq latencies, especially when capturing both
      video and vbi.  There are several reports about problems due to this, I don't
      see that on my machines through.  (5) dumps a stracktrace if the driver
      thinks the frame drop is is caused by high latencies as experiment, lets see
      whenever that helps ...
      2b12289c
    • Andrew Morton's avatar
      [PATCH] v4l-saa7134-update fix · ba2fab99
      Andrew Morton authored
      drivers/built-in.o(.text+0x32912b): In function `dsp_buffer_init':
      drivers/media/video/saa7134/saa7134-oss.c:77: undefined reference to `videobuf_dma_init'
      ba2fab99
    • Andrew Morton's avatar
      [PATCH] v4l: saa7134 driver update · 5478e1ce
      Andrew Morton authored
      From: Gerd Knorr <kraxel@bytesex.org>
      
      This is a update for the saa7134 driver.  Changes:
      
        * add cropping support.
        * fix Makefile to build the saa6752hs module.
        * fix locking bug in oss dsp driver.
        * infrared remote keytable update.
        * some card-specific fixes.
      5478e1ce
    • Andrew Morton's avatar
      [PATCH] v4l: add support for pv951 remote to ir-kbd-i2c · df5f63d9
      Andrew Morton authored
      From: Gerd Knorr <kraxel@bytesex.org>
      
      Trivial patch, $subject says all, just a new keytable.
      df5f63d9
    • Andrew Morton's avatar
      [PATCH] v4l: msp3400 update · 3cfba984
      Andrew Morton authored
      From: Gerd Knorr <kraxel@bytesex.org>
      
      This patch allows to use switch to the second external input of the msp34xx
      chips.  Also has some minor cleanups and more verbose debug info.
      3cfba984