summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2012-01-18bonding: fix enslaving in alb mode when link downJiri Bohac
bond_alb_init_slave() is called from bond_enslave() and sets the slave's MAC address. This is done differently for TLB and ALB modes. bond->alb_info.rlb_enabled is used to discriminate between the two modes but this flag may be uninitialized if the slave is being enslaved prior to calling bond_open() -> bond_alb_initialize() on the master. It turns out all the callers of alb_set_slave_mac_addr() pass bond->alb_info.rlb_enabled as the hw parameter. This patch cleans up the unnecessary parameter of alb_set_slave_mac_addr() and makes the function decide based on the bonding mode instead, which fixes the above problem. Reported-by: Narendra K <Narendra_K@Dell.com> Signed-off-by: Jiri Bohac <jbohac@suse.cz> Signed-off-by: Jay Vosburgh <fubar@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-18pch_gbe: Do not abort probe on bad MACDarren Hart
If the MAC is invalid or not implemented, do not abort the probe. Issue a warning and prevent bringing the interface up until a MAC is set manually (via ifconfig $IFACE hw ether $MAC). Tested on two platforms, one with a valid MAC, the other without a MAC. The real MAC is used if present, the interface fails to come up until the MAC is set on the other. They successfully get an IP over DHCP and pass a simple ping and login over ssh test. This is meant to allow the Inforce SYS940X development board: http://www.inforcecomputing.com/SYS940X_ECX.html (and others suffering from a missing MAC) to work with the mainline kernel. Without this patch, the probe will fail and the interface will not be created, preventing the user from configuring the MAC manually. This does not make any attempt to address a missing or invalid MAC for the pch_phub driver. Signed-off-by: Darren Hart <dvhart@linux.intel.com> CC: Arjan van de Ven <arjan@linux.intel.com> CC: Alan Cox <alan@linux.intel.com> CC: Tomoya MORINAGA <tomoya.rohm@gmail.com> CC: Jeff Kirsher <jeffrey.t.kirsher@intel.com> CC: "David S. Miller" <davem@davemloft.net> CC: Paul Gortmaker <paul.gortmaker@windriver.com> CC: Jon Mason <jdmason@kudzu.us> CC: netdev@vger.kernel.org CC: Mark Brown <broonie@opensource.wolfsonmicro.com> CC: David Laight <David.Laight@ACULAB.COM> CC: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-18net: race condition in ipv6 forwarding and disable_ipv6 parametersFrancesco Ruggeri
There is a race condition in addrconf_sysctl_forward() and addrconf_sysctl_disable(). These functions change idev->cnf.forwarding (resp. idev->cnf.disable_ipv6) and then try to grab the rtnl lock before performing any actions. If that fails they restore the original value and restart the syscall. This creates race conditions if ipv6 code tries to access these parameters, or if multiple instances try to do the same operation. As an example of the former, if __ipv6_ifa_notify() finds a 0 in idev->cnf.forwarding when invoked by addrconf_ifdown() it may not free anycast addresses, ultimately resulting in the net_device not being freed. This patch reads the user parameters into a temporary location and only writes the actual parameters when the rtnl lock is acquired. Tested in 2.6.38.8. Signed-off-by: Francesco Ruggeri <fruggeri@aristanetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-18enic: fix location of vnic dev unregister in enic_probe cleanup codeRoopa Prabhu
The vnic_dev_unregister is erroneously under CONFIG_PCI_IOV. This patch moves it out of CONFIG_PCI_IOV Signed-off-by: Roopa Prabhu <roprabhu@cisco.com> Signed-off-by: Christian Benvenuti <benve@cisco.com> Signed-off-by: Sujith Sankar <ssujith@cisco.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-18enic: rearrange some of the port profile codeRoopa Prabhu
This patch rearranges some of the port profile code in enic_probe. It moves out some lines of port profile related code currently inside CONFIG_PCI_IOV. This is only done to move all port profile related code together so that it can help isolate the port profile handling code under a separate #ifdef in our internal build scripts. Signed-off-by: Roopa Prabhu <roprabhu@cisco.com> Signed-off-by: Christian Benvenuti <benve@cisco.com> Signed-off-by: Sujith Sankar <ssujith@cisco.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-18enic: Add sriov vf device id checks in port profile codeRoopa Prabhu
This patch adds checks for sriov vf's in enic port profile handling code. sriov vf's are same as dynamic vnics but with a different device id. Signed-off-by: Roopa Prabhu <roprabhu@cisco.com> Signed-off-by: Christian Benvenuti <benve@cisco.com> Signed-off-by: Sujith Sankar <ssujith@cisco.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-18enic: This patch adds pci id 0x71 for SRIOV VF'sRoopa Prabhu
This patch adds pci id 0x71 for sriov VF's. Signed-off-by: Roopa Prabhu <roprabhu@cisco.com> Signed-off-by: Christian Benvenuti <benve@cisco.com> Signed-off-by: Sujith Sankar <ssujith@cisco.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-18mlx4_en: set number of rx rings used by RSS using ethtoolYevgeny Petrilin
Value must be a power of 2 due to HW limitation. Driver supports only 'equal' mode in ethtool and can't be set by using weights. Signed-off-by: Amir Vadai <amirv@mellanox.co.il> Reviewed-by: Yevgeny Petrilin <yevgenyp@mellanox.co.il> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-18net: bpf_jit: fix divide by 0 generationEric Dumazet
Several problems fixed in this patch : 1) Target of the conditional jump in case a divide by 0 is performed by a bpf is wrong. 2) Must 'generate' the full function prologue/epilogue at pass=0, or else we can stop too early in pass=1 if the proglen doesnt change. (if the increase of prologue/epilogue equals decrease of all instructions length because some jumps are converted to near jumps) 3) Change the wrong length detection at the end of code generation to issue a more explicit message, no need for a full stack trace. Reported-by: Phil Oester <kernel@linuxace.com> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-18Merge branch 'master' of ↵David S. Miller
git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless
2012-01-18b43: add option to avoid duplicating device support with brcmsmacJohn W. Linville
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-01-18mac80211: fix work removal on deauth requestJohannes Berg
When deauth is requested while an auth or assoc work item is in progress, we currently delete it without regard for any state it might need to clean up. Fix it by cleaning up for those items. In the case Pontus found, the problem manifested itself as such: authenticate with 00:23:69:aa:dd:7b (try 1) authenticated failed to insert Dummy STA entry for the AP (error -17) deauthenticating from 00:23:69:aa:dd:7b by local choice (reason=2) It could also happen differently if the driver uses the tx_sync callback. We can't just call the ->done() method of the work items because that will lock up due to the locking in cfg80211. This fix isn't very clean, but that seems acceptable since I have patches pending to remove this code completely. Cc: stable@vger.kernel.org Reported-by: Pontus Fuchs <pontus.fuchs@gmail.com> Tested-by: Pontus Fuchs <pontus.fuchs@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-01-18mac80211: Use the right headroom size for mesh mgmt framesJavier Cardona
Use local->tx_headroom instad of local->hw.extra_tx_headroom. local->tx_headroom is the max of hw.extra_tx_headroom required by the driver and the headroom required by mac80211 for status reporting. On drivers where hw.extra_tx_headroom is smaller than what mac80211 requires (e.g. ath5k), we would not reserve sufficient buffer space to report tx status. Also, don't reserve local->tx_headroom + local->hw.extra_tx_headroom. Reported-by: Simon Morgenthaler <s.morgenthaler@students.unibe.ch> Reported-by: Kai Scharwies <kai@scharwies.de> Signed-off-by: Javier Cardona <javier@cozybit.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-01-18brcmsmac: fix tx queue flush infinite loopStanislaw Gruszka
This patch workaround live deadlock problem caused by infinite loop in brcms_c_wait_for_tx_completion(). I do not consider the patch as the proper fix, which should fix the real reason of tx queue flush failure, but patch helps with system lockup. Reference: https://bugzilla.kernel.org/show_bug.cgi?id=42576 Reported-and-tested-by: Patrick <ragamuffin@datacomm.ch> Cc: stable@vger.kernel.org # 3.2+ Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-01-18mac80211: fix debugfs key->station symlinkJohannes Berg
Since stations moved into a virtual interface subdirectory, this link has been broken. Fix it. Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-01-17Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (47 commits) tg3: Fix single-vector MSI-X code openvswitch: Fix multipart datapath dumps. ipv6: fix per device IP snmp counters inetpeer: initialize ->redirect_genid in inet_getpeer() net: fix NULL-deref in WARN() in skb_gso_segment() net: WARN if skb_checksum_help() is called on skb requiring segmentation caif: Remove bad WARN_ON in caif_dev caif: Fix typo in Vendor/Product-ID for CAIF modems bnx2x: Disable AN KR work-around for BCM57810 bnx2x: Remove AutoGrEEEn for BCM84833 bnx2x: Remove 100Mb force speed for BCM84833 bnx2x: Fix PFC setting on BCM57840 bnx2x: Fix Super-Isolate mode for BCM84833 net: fix some sparse errors net: kill duplicate included header net: sh-eth: Fix build error by the value which is not defined net: Use device model to get driver name in skb_gso_segment() bridge: BH already disabled in br_fdb_cleanup() net: move sock_update_memcg outside of CONFIG_INET mwl8k: Fixing Sparse ENDIAN CHECK warning ...
2012-01-17tg3: Fix single-vector MSI-X codeMatt Carlson
Kdump kernels leave MSI-X interrupts (as setup by the crashed kernel) enabled. However, kdump only enables one CPU in the new environment, thus causing tg3 to abort MSI-X setup. When the driver attempts to enable INTA or MSI interrupt modes on a kdump kernel, interrupt delivery fails. This patch attempts to workaround the problem by forcing the driver to enable a single MSI-X interrupt. In such a configuration, the device's multivector interrupt mode must be disabled. Signed-off-by: Matt Carlson <mcarlson@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-17openvswitch: Fix multipart datapath dumps.Ben Pfaff
The logic to split up the list of datapaths into multiple Netlink messages was simply wrong, causing the list to be terminated after the first part. Only about the first 50 datapaths would be dumped. This fixes the problem. Reported-by: Paul Ingram <paul@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-17ipv6: fix per device IP snmp countersEric Dumazet
In commit 4ce3c183fca (snmp: 64bit ipstats_mib for all arches), I forgot to change the /proc/net/dev_snmp6/xxx output for IP counters. percpu array is 64bit per counter but the folding still used the 'long' variant, and output garbage on 32bit arches. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2012-01-17Merge tag 'arm-soc-fixes' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc ARM: fixes for ARM platforms Some fallout from the 3.3. merge window as well as a couple bug fixes for older preexisting bugs that seem valid to include at this time: * sched_clock changes broke picoxcell, fix included * BSYM bugs causing issues with thumb2-built kernels on SMP * Missing module.h include on msm. * A collection of bugfixes for samsung platforms that didn't make it into the first pull requests. * tag 'arm-soc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: ARM: make BSYM macro assembly only ARM: highbank: remove incorrect BSYM usage ARM: imx: remove incorrect BSYM usage ARM: exynos: remove incorrect BSYM usage ARM: ux500: add missing ENDPROC to headsmp.S ARM: msm: Add missing ENDPROC to headsmp.S ARM: versatile: Add missing ENDPROC to headsmp.S ARM: EXYNOS: Invert VCLK polarity for framebuffer on ORIGEN ARM: S3C64XX: Fix interrupt configuration for PCA935x on Cragganmore ARM: S3C64XX: Fix the memory mapped GPIOs on Cragganmore ARM: S3C64XX: Remove hsmmc1 from Cragganmore ARM: S3C64XX: Remove unconditional power domain disables ARM: SAMSUNG: Declare struct platform_device in plat/s3c64xx-spi.h ARM: SAMSUNG: dma-ops.h needs mach/dma.h ARM: SAMSUNG: Guard against multiple inclusion of plat/dma.h ARM: picoxcell: fix sched_clock() cleanup fallout ARM: msm: vreg is a module and so needs module.h
2012-01-17Merge branch 'next' of git://git.infradead.org/users/vkoul/slave-dmaLinus Torvalds
* 'next' of git://git.infradead.org/users/vkoul/slave-dma: (53 commits) ARM: mach-shmobile: specify CHCLR registers on SH7372 dma: shdma: fix runtime PM: clear channel buffers on reset dma/imx-sdma: save irq flags when use spin_lock in sdma_tx_submit dmaengine/ste_dma40: clear LNK on channel startup dmaengine: intel_mid_dma: remove legacy pm interface ASoC: mxs: correct 'direction' of device_prep_dma_cyclic dmaengine: intel_mid_dma: error path fix dmaengine: intel_mid_dma: locking and freeing fixes mtd: gpmi-nand: move to dma_transfer_direction mtd: fix compile error for gpmi-nand mmc: mxs-mmc: fix the dma_transfer_direction migration dmaengine: add DMA_TRANS_NONE to dma_transfer_direction dma: mxs-dma: Don't use CLKGATE bits in CTRL0 to disable DMA channels dma: mxs-dma: make mxs_dma_prep_slave_sg() multi user safe dma: mxs-dma: Always leave mxs_dma_init() with the clock disabled. dma: mxs-dma: fix a typo in comment DMA: PL330: Remove pm_runtime_xxx calls from pl330 probe/remove video i.MX IPU: Fix display connections i.MX IPU DMA: Fix wrong burstsize settings dmaengine/ste_dma40: allow fixed physical channel ... Fix up conflicts in drivers/dma/{Kconfig,mxs-dma.c,pl330.c} The conflicts looked pretty trivial, but I'll ask people to verify them.
2012-01-17Merge branch 'upstream-linus' of git://github.com/jgarzik/libata-devLinus Torvalds
* 'upstream-linus' of git://github.com/jgarzik/libata-dev: [libata] ata_piix: Add Toshiba Satellite Pro A120 to the quirks list due to broken suspend functionality. [libata] add DVRTD08A and DVR-215 to NOSETXFER device quirk list [libata] pata_bf54x: Support sg list in bmdma transfer. [libata] sata_fsl: fix the controller operating mode [libata] enable ata port async suspend
2012-01-17x86-32: Fix build failure with AUDIT=y, AUDITSYSCALL=nAl Viro
JONGMAN HEO reports: With current linus git (commit a25a2b84), I got following build error, arch/x86/kernel/vm86_32.c: In function 'do_sys_vm86': arch/x86/kernel/vm86_32.c:340: error: implicit declaration of function '__audit_syscall_exit' make[3]: *** [arch/x86/kernel/vm86_32.o] Error 1 OK, I can reproduce it (32bit allmodconfig with AUDIT=y, AUDITSYSCALL=n) It's due to commit d7e7528bcd45: "Audit: push audit success and retcode into arch ptrace.h". Reported-by: JONGMAN HEO <jongman.heo@samsung.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-01-17[libata] ata_piix: Add Toshiba Satellite Pro A120 to the quirks listBenjamin Larsson
due to broken suspend functionality. Signed-off-by: Benjamin Larsson <benjamin@southpole.se> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2012-01-17[libata] add DVRTD08A and DVR-215 to NOSETXFER device quirk listVladimir LAVALLADE
Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2012-01-17[libata] pata_bf54x: Support sg list in bmdma transfer.Sonic Zhang
BF54x on-chip ATAPI controller allows maximum 0x1fffe bytes to be transfered in one ATAPI transfer. So, set the max sg_tablesize to 4. Signed-off-by: Sonic Zhang <sonic.zhang@analog.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2012-01-17[libata] sata_fsl: fix the controller operating modeJerry Huang
Configure the FSL SATA controller to the preferred, enterprise mode. Signed-off-by: Yutaka Ando <r46913@freescale.com> Signed-off-by: Jerry Huang <Chang-Ming.Huang@freescale.com> CC: Jeff Garzik <jgarzik@pobox.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2012-01-17[libata] enable ata port async suspendLin Ming
This saves devices suspend/resume time. Tested system suspend/resume with SATA IDE/AHCI mode 3 times. Below is the time took for devices suspend/resume. SATA mode vanilla-kernel patched-kernel --------- --------------------- --------------------- IDE suspend: 0.744 suspend: 0.432 (0.716, 0.768, 0.748) (0.440, 0.428, 0.428) resume: 5.084 resume: 2.209 (5.100, 5.064, 5.088) (2.168, 2.232, 2.228) AHCI: suspend: 0.725 suspend: 0.449 (0.740, 0.708, 0.728) (0.456, 0.448, 0.444) resume: 2.556 resume: 1.896 (2.604, 2.492, 2.572) (1.932, 1.872, 1.884) Signed-off-by: Lin Ming <ming.m.lin@intel.com> Signed-off-by: Jeff Garzik <jgarzik@redhat.com>
2012-01-17Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: integrity: digital signature config option name change lib: Removed MPILIB, MPILIB_EXTRA, and SIGNATURE prompts lib: MPILIB Kconfig description update lib: digital signature dependency fix lib: digital signature config option name change encrypted-keys: fix rcu and sparse messages keys: fix trusted/encrypted keys sparse rcu_assign_pointer messages KEYS: Add missing smp_rmb() primitives to the keyring search code TOMOYO: Accept \000 as a valid character. security: update MAINTAINERS file with new git repo
2012-01-17Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit: (29 commits) audit: no leading space in audit_log_d_path prefix audit: treat s_id as an untrusted string audit: fix signedness bug in audit_log_execve_info() audit: comparison on interprocess fields audit: implement all object interfield comparisons audit: allow interfield comparison between gid and ogid audit: complex interfield comparison helper audit: allow interfield comparison in audit rules Kernel: Audit Support For The ARM Platform audit: do not call audit_getname on error audit: only allow tasks to set their loginuid if it is -1 audit: remove task argument to audit_set_loginuid audit: allow audit matching on inode gid audit: allow matching on obj_uid audit: remove audit_finish_fork as it can't be called audit: reject entry,always rules audit: inline audit_free to simplify the look of generic code audit: drop audit_set_macxattr as it doesn't do anything audit: inline checks for not needing to collect aux records audit: drop some potentially inadvisable likely notations ... Use evil merge to fix up grammar mistakes in Kconfig file. Bad speling and horrible grammar (and copious swearing) is to be expected, but let's keep it to commit messages and comments, rather than expose it to users in config help texts or printouts.
2012-01-17Merge branch 'for-linus' of git://oss.sgi.com/xfs/xfsLinus Torvalds
* 'for-linus' of git://oss.sgi.com/xfs/xfs: xfs: cleanup xfs_file_aio_write xfs: always return with the iolock held from xfs_file_aio_write_checks xfs: remove the i_new_size field in struct xfs_inode xfs: remove the i_size field in struct xfs_inode xfs: replace i_pin_wait with a bit waitqueue xfs: replace i_flock with a sleeping bitlock xfs: make i_flags an unsigned long xfs: remove the if_ext_max field in struct xfs_ifork xfs: remove the unused dm_attrs structure xfs: cleanup xfs_iomap_eof_align_last_fsb xfs: remove xfs_itruncate_data
2012-01-17Merge branch 'btrfs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfsLinus Torvalds
* 'btrfs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: btrfs: take allocation of ->tree_root into open_ctree() btrfs: let ->s_fs_info point to fs_info, not root... btrfs: consolidate failure exits in btrfs_mount() a bit btrfs: make free_fs_info() call ->kill_sb() unconditional btrfs: merge free_fs_info() calls on fill_super failures btrfs: kill pointless reassignment of ->s_fs_info in btrfs_fill_super() btrfs: make open_ctree() return int btrfs: sanitizing ->fs_info, part 5 btrfs: sanitizing ->fs_info, part 4 btrfs: sanitizing ->fs_info, part 3 btrfs: sanitizing ->fs_info, part 2 btrfs: sanitizing ->fs_info, part 1 btrfs: fix a deadlock in btrfs_scan_one_device() btrfs: fix mount/umount race btrfs: get ->kill_sb() of its own btrfs: preparation to fixing mount/umount race
2012-01-17Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: (62 commits) Btrfs: use larger system chunks Btrfs: add a delalloc mutex to inodes for delalloc reservations Btrfs: space leak tracepoints Btrfs: protect orphan block rsv with spin_lock Btrfs: add allocator tracepoints Btrfs: don't call btrfs_throttle in file write Btrfs: release space on error in page_mkwrite Btrfs: fix btrfsck error 400 when truncating a compressed Btrfs: do not use btrfs_end_transaction_throttle everywhere Btrfs: add balance progress reporting Btrfs: allow for resuming restriper after it was paused Btrfs: allow for canceling restriper Btrfs: allow for pausing restriper Btrfs: add skip_balance mount option Btrfs: recover balance on mount Btrfs: save balance parameters to disk Btrfs: soft profile changing mode (aka soft convert) Btrfs: implement online profile changing Btrfs: do not reduce profile in do_chunk_alloc() Btrfs: virtual address space subset filter ... Fix up trivial conflict in fs/btrfs/ioctl.c due to the use of the new mnt_drop_write_file() helper.
2012-01-18integrity: digital signature config option name changeDmitry Kasatkin
Similar to SIGNATURE, rename INTEGRITY_DIGSIG to INTEGRITY_SIGNATURE. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com> Signed-off-by: James Morris <jmorris@namei.org>
2012-01-18lib: Removed MPILIB, MPILIB_EXTRA, and SIGNATURE promptsDmitry Kasatkin
As modules are expected to select MPILIB, MPILIB_EXTRA, and SIGNATURE, removed Kconfig prompts. Requested-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com> Signed-off-by: James Morris <jmorris@namei.org>
2012-01-18lib: MPILIB Kconfig description updateDmitry Kasatkin
It was reported that description of the MPILIB_EXTRA is confusing. Indeed it was copy-paste typo. It is fixed here. Reported-by: Valdis Kletnieks <Valdis.Kletnieks@vt.edu> Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com> Signed-off-by: James Morris <jmorris@namei.org>
2012-01-18lib: digital signature dependency fixDmitry Kasatkin
Randy Dunlap reported build break: ERROR: "crypto_alloc_shash" [lib/digsig.ko] undefined! ERROR: "crypto_shash_final" [lib/digsig.ko] undefined! ERROR: "crypto_shash_update" [lib/digsig.ko] undefined! ERROR: "crypto_destroy_tfm" [lib/digsig.ko] undefined! Added CRYPTO dependency and selected SHA1 algorithm. Reported-by: Randy Dunlap <rdunlap@xenotime.net> Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com> Signed-off-by: James Morris <jmorris@namei.org>
2012-01-18lib: digital signature config option name changeDmitry Kasatkin
It was reported that DIGSIG is confusing name for digital signature module. It was suggested to rename DIGSIG to SIGNATURE. Requested-by: Linus Torvalds <torvalds@linux-foundation.org> Suggested-by: Pavel Machek <pavel@ucw.cz> Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com> Signed-off-by: James Morris <jmorris@namei.org>
2012-01-18encrypted-keys: fix rcu and sparse messagesMimi Zohar
Enabling CONFIG_PROVE_RCU and CONFIG_SPARSE_RCU_POINTER resulted in "suspicious rcu_dereference_check() usage!" and "incompatible types in comparison expression (different address spaces)" messages. Access the masterkey directly when holding the rwsem. Changelog v1: - Use either rcu_read_lock()/rcu_derefence_key()/rcu_read_unlock() or remove the unnecessary rcu_derefence() - David Howells Reported-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
2012-01-18keys: fix trusted/encrypted keys sparse rcu_assign_pointer messagesMimi Zohar
Define rcu_assign_keypointer(), which uses the key payload.rcudata instead of payload.data, to resolve the CONFIG_SPARSE_RCU_POINTER message: "incompatible types in comparison expression (different address spaces)" Replace the rcu_assign_pointer() calls in encrypted/trusted keys with rcu_assign_keypointer(). Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
2012-01-18KEYS: Add missing smp_rmb() primitives to the keyring search codeDavid Howells
Add missing smp_rmb() primitives to the keyring search code. When keyring payloads are appended to without replacement (thus using up spare slots in the key pointer array), an smp_wmb() is issued between the pointer assignment and the increment of the key count (nkeys). There should be corresponding read barriers between the read of nkeys and dereferences of keys[n] when n is dependent on the value of nkeys. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
2012-01-18TOMOYO: Accept \000 as a valid character.Tetsuo Handa
TOMOYO 2.5 in Linux 3.2 and later handles Unix domain socket's address. Thus, tomoyo_correct_word2() needs to accept \000 as a valid character, or TOMOYO 2.5 cannot handle Unix domain's abstract socket address. Reported-by: Steven Allen <steven@stebalien.com> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> CC: stable@vger.kernel.org [3.2+] Signed-off-by: James Morris <jmorris@namei.org>
2012-01-17Fix compile breakage with kref.hJames Bottomley
This set of build failures just started appearing on parisc: In file included from drivers/input/serio/serio_raw.c:12: include/linux/kref.h: In function 'kref_get': include/linux/kref.h:40: error: 'TAINT_WARN' undeclared (first use in this function) include/linux/kref.h:40: error: (Each undeclared identifier is reported only once include/linux/kref.h:40: error: for each function it appears in.) include/linux/kref.h: In function 'kref_sub': include/linux/kref.h:65: error: 'TAINT_WARN' undeclared (first use in this function) It happens because TAINT_WARN is defined in kernel.h and this particular compile doesn't seem to include it (no idea why it's just manifesting .. probably some #include file untangling exposed it). Fix by adding #include <linux/kernel.h> to linux/kref.h Signed-off-by: James Bottomley <JBottomley@Parallels.com> Acked-by: Greg Kroah-Hartman <gregkh@suse.de> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-01-18security: update MAINTAINERS file with new git repoJames Morris
Update MAINTAINERS file with new git repo: git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git Signed-off-by: James Morris <jmorris@namei.org>
2012-01-17proc: clean up and fix /proc/<pid>/mem handlingLinus Torvalds
Jüri Aedla reported that the /proc/<pid>/mem handling really isn't very robust, and it also doesn't match the permission checking of any of the other related files. This changes it to do the permission checks at open time, and instead of tracking the process, it tracks the VM at the time of the open. That simplifies the code a lot, but does mean that if you hold the file descriptor open over an execve(), you'll continue to read from the _old_ VM. That is different from our previous behavior, but much simpler. If somebody actually finds a load where this matters, we'll need to revert this commit. I suspect that nobody will ever notice - because the process mapping addresses will also have changed as part of the execve. So you cannot actually usefully access the fd across a VM change simply because all the offsets for IO would have changed too. Reported-by: Jüri Aedla <asd@ut.ee> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-01-17audit: no leading space in audit_log_d_path prefixKees Cook
audit_log_d_path() injects an additional space before the prefix, which serves no purpose and doesn't mix well with other audit_log*() functions that do not sneak extra characters into the log. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-01-17audit: treat s_id as an untrusted stringKees Cook
The use of s_id should go through the untrusted string path, just to be extra careful. Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-01-17audit: fix signedness bug in audit_log_execve_info()Xi Wang
In the loop, a size_t "len" is used to hold the return value of audit_log_single_execve_arg(), which returns -1 on error. In that case the error handling (len <= 0) will be bypassed since "len" is unsigned, and the loop continues with (p += len) being wrapped. Change the type of "len" to signed int to fix the error handling. size_t len; ... for (...) { len = audit_log_single_execve_arg(...); if (len <= 0) break; p += len; } Signed-off-by: Xi Wang <xi.wang@gmail.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-01-17audit: comparison on interprocess fieldsPeter Moody
This allows audit to specify rules in which we compare two fields of a process. Such as is the running process uid != to the running process euid? Signed-off-by: Peter Moody <pmoody@google.com> Signed-off-by: Eric Paris <eparis@redhat.com>
2012-01-17audit: implement all object interfield comparisonsPeter Moody
This completes the matrix of interfield comparisons between uid/gid information for the current task and the uid/gid information for inodes. aka I can audit based on differences between the euid of the process and the uid of fs objects. Signed-off-by: Peter Moody <pmoody@google.com> Signed-off-by: Eric Paris <eparis@redhat.com>