summaryrefslogtreecommitdiffstats
path: root/include/linux
AgeCommit message (Collapse)Author
2006-05-20Merge git://git.infradead.org/jffs2-xattr-2.6David Woodhouse
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-19[JFFS2] Support new device nodesDavid Woodhouse
Device node major/minor numbers are just stored in the payload of a single data node. Just extend that to 4 bytes and use new_encode_dev() for it. We only use the 4-byte format if we _need_ to, if !old_valid_dev(foo). This preserves backwards compatibility with older code as much as possible. If we do make devices with major or minor numbers above 255, and then mount the file system with the old code, it'll just read the first two bytes and get the numbers wrong. If it comes to garbage-collect it, it'll then write back those wrong numbers. But that's about the best we can expect. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-19Merge git://git.infradead.org/mtd-2.6KaiGai Kohei
2006-05-16[JFFS2] Repack some on-medium structures. ARM is weirder than I thought.David Woodhouse
We have to pack at least the jint16_t structure, because otherwise it'll be four bytes in size. Thankfully, we can do that and _not_ pack the actual node structures, and the compiler still doesn't emit stupid code. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-16Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6David Woodhouse
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-15[PATCH] fix can_share_swap_page() when !CONFIG_SWAPHua Zhong
can_share_swap_page() is used to check if the page has the last reference. This avoids allocating a new page for COW if it's the last page. However, if CONFIG_SWAP is not set, can_share_swap_page() is defined as 0, thus always causes a copy for the last COW page. The below simple patch fixes it. Signed-off-by: Hua Zhong <hzhong@gmail.com> Cc: David Howells <dhowells@redhat.com> Cc: Hugh Dickins <hugh@veritas.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-05-15[PATCH] add slab_is_available() routine for boot codeMike Kravetz
slab_is_available() indicates slab based allocators are available for use. SPARSEMEM code needs to know this as it can be called at various times during the boot process. Signed-off-by: Mike Kravetz <kravetz@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-05-15[PATCH] symbol_put_addr() locks kernelTrent Piepho
Even since a previous patch: Fix race between CONFIG_DEBUG_SLABALLOC and modules Sun, 27 Jun 2004 17:55:19 +0000 (17:55 +0000) http://www.kernel.org/git/?p=linux/kernel/git/torvalds/old-2.6-bkcvs.git;a=commit;h=92b3db26d31cf21b70e3c1eadc56c179506d8fbe The function symbol_put_addr() will deadlock the kernel. symbol_put_addr() would acquire modlist_lock, then while holding the lock call two functions kernel_text_address() and module_text_address() which also try to acquire the same lock. This deadlocks the kernel of course. This patch changes symbol_put_addr() to not acquire the modlist_lock, it doesn't need it since it never looks at the module list directly. Also, it now uses core_kernel_text() instead of kernel_text_address(). The latter has an additional check for addr inside a module, but we don't need to do that since we call module_text_address() (the same function kernel_text_address uses) ourselves. Signed-off-by: Trent Piepho <xyzzy@speakeasy.org> Cc: Zwane Mwaikambo <zwane@fsmlabs.com> Acked-by: Rusty Russell <rusty@rustcorp.com.au> Cc: Johannes Stezenbach <js@linuxtv.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-05-15[PATCH] RCU: introduce rcu_needs_cpu() interfaceHeiko Carstens
With "Paul E. McKenney" <paulmck@us.ibm.com> Introduce rcu_needs_cpu() interface. This can be used to tell if there will be a new rcu batch on a cpu soon by looking at the curlist pointer. This can be used to avoid to enter a tickless idle state where the cpu would miss that a new batch is ready when rcu_start_batch would be called on a different cpu. Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Cc: "Paul E. McKenney" <paulmck@us.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-05-15[JFFS2] Don't pack on-medium structures, because GCC emits crappy codeDavid Woodhouse
If we use __attribute__((packed)), GCC will _also_ assume that the structures aren't sensibly aligned, and it'll emit code to cope with that instead of straight word load/save. This can be _very_ suboptimal on architectures like ARM. Ideally, we want an attribute which just tells GCC not to do any padding, without the alignment side-effects. In the absense of that, we'll just drop the 'packed' attribute and hope that everything stays as it was (which to be fair is fairly much what we expect). And add some paranoia checks in the initialisation code, which should be optimised away completely in the normal case. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-14[MTD] Clean up <linux/mtd/physmap.h> to fix modular buildDavid Woodhouse
... and also fix the multiple inclusion guard so it actually _works_ Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-14[MTD] Fix legacy character sets throughout drivers/mtd, include/linux/mtdDavid Woodhouse
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-13[JFFS2][XATTR] XATTR support on JFFS2 (version. 5)KaiGai Kohei
This attached patches provide xattr support including POSIX-ACL and SELinux support on JFFS2 (version.5). There are some significant differences from previous version posted at last December. The biggest change is addition of EBS(Erase Block Summary) support. Currently, both kernel and usermode utility (sumtool) can recognize xattr nodes which have JFFS2_NODETYPE_XATTR/_XREF nodetype. In addition, some bugs are fixed. - A potential race condition was fixed. - Unexpected fail when updating a xattr by same name/value pair was fixed. - A bug when removing xattr name/value pair was fixed. The fundamental structures (such as using two new nodetypes and exclusion mechanism by rwsem) are unchanged. But most of implementation were reviewed and updated if necessary. Espacially, we had to change several internal implementations related to load_xattr_datum() to avoid a potential race condition. [1/2] xattr_on_jffs2.kernel.version-5.patch [2/2] xattr_on_jffs2.utils.version-5.patch Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-12OneNAND: One-Time Programmable (OTP) supportKyungmin Park
One Block of the NAND Flash Array memory is reserved as a One-Time Programmable Block memory area. Also, 1st Block of NAND Flash Array can be used as OTP. The OTP block can be read, programmed and locked using the same operations as any other NAND Flash Array memory block. OTP block cannot be erased. OTP block is fully-guaranteed to be a valid block. Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
2006-05-12OneNAND: handle byte access on BufferRAMKyungmin Park
Signed-off-by: Kyungmin Park <kyungmin.park@samsung.com>
2006-05-11Merge master.kernel.org:/home/rmk/linux-2.6-serialLinus Torvalds
* master.kernel.org:/home/rmk/linux-2.6-serial: [SERIAL] 8250: add locking to console write function [SERIAL] Remove unconditional enable of TX irq for console [SERIAL] 8250: set divisor register correctly for AMD Alchemy SoC uart [SERIAL] AMD Alchemy UART: claim memory range [SERIAL] Clean up serial locking when obtaining a reference to a port
2006-05-11Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: [NET_SCHED]: HFSC: fix thinko in hfsc_adjust_levels() [IPV6]: skb leakage in inet6_csk_xmit [BRIDGE]: Do sysfs registration inside rtnl. [NET]: Do sysfs registration as part of register_netdevice. [TG3]: Fix possible NULL deref in tg3_run_loopback(). [NET] linkwatch: Handle jiffies wrap-around [IRDA]: Switching to a workqueue for the SIR work [IRDA]: smsc-ircc: Minimal hotplug support. [IRDA]: Removing unused EXPORT_SYMBOLs [IRDA]: New maintainer. [NET]: Make netdev_chain a raw notifier. [IPV4]: ip_options_fragment() has no effect on fragmentation [NET]: Add missing operstates documentation.
2006-05-10Merge branch 'upstream' of ↵Linus Torvalds
master.kernel.org:/pub/scm/linux/kernel/git/shemminger/netdev-2.6 * 'upstream' of master.kernel.org:/pub/scm/linux/kernel/git/shemminger/netdev-2.6: sis900: phy for FoxCon motherboard dl2k: use DMA_48BIT_MASK constant phy: mdiobus_register(): initialize all phy_map entries sky2: ifdown kills irq mask
2006-05-10dl2k: use DMA_48BIT_MASK constantFrancois Romieu
Typo will be harder with this one. Signed-off-by: Francois Romieu <romieu@fr.zoreil.com> Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
2006-05-10[NET]: Do sysfs registration as part of register_netdevice.Stephen Hemminger
The last step of netdevice registration was being done by a delayed call, but because it was delayed, it was impossible to return any error code if the class_device registration failed. Side effects: * one state in registration process is unnecessary. * register_netdevice can sleep inside class_device registration/hotplug * code in netdev_run_todo only does unregistration so it is simpler. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2006-05-08sky2: backout NAPI rescheduleStephen Hemminger
This is a backout of earlier patch. The whole rescheduling hack was a bad idea. It doesn't really solve the problem and it makes the code more complicated for no good reason. Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
2006-05-08Finally remove the obnoxious inter_module_xxx()David Woodhouse
This was already a bad plan when I argued against adding it in the first place. Good riddance. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-07[MTD] Convert physmap to platform driverLennert Buytenhek
After dwmw2 let me know it ought to be done, I rewrote the physmap map driver to be a platform driver. I know zilch about the driver model, so I probably botched it in some way, but I've done some tests on an ixp23xx board which uses physmap, and it all seems to work. In order to not break existing physmap users, I've added some compat code that will instantiate a platform device iff CONFIG_MTD_PHYSMAP_LEN is defined and != 0. Also, I've changed the default value for CONFIG_MTD_PHYSMAP_LEN to zero, so that people who inadvertently compile in physmap (or new, platform-style, users of physmap) don't get burned. This works pretty well -- the new physmap driver is a drop-in replacement for the old one, and works on said ixp23xx board without any code changes needed. (This should hold as long as users don't touch 'physmap_map' directly.) Once all physmap users have been converted to instantiate their own platform devices, the compat code can go. (Or we decide that we can change all the in-tree users at the same time, and never merge the compat code.) Signed-off-by: Lennert Buytenhek <buytenh@wantstofly.org> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-06[NET]: Create netdev attribute_groups with class_device_addStephen Hemminger
Atomically create attributes when class device is added. This avoids the race between registering class_device (which generates hotplug event), and the creation of attribute groups. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2006-05-06[CLASS DEVICE]: add attribute_group creationStephen Hemminger
Extend the support of attribute groups in class_device's to allow groups to be created as part of the registration process. This allows network device's to avoid race between registration and creating groups. Note that unlike attributes that are a property of the class object, the groups are a property of the class_device object. This is done because there are different types of network devices (wireless for example). Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2006-05-04Merge branch 'merge' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc * 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc: [PATCH] powerpc: Use the ibm,pa-features property if available powerpc: Fix incorrect might_sleep in __get_user/__put_user on kernel addresses [PATCH] ppc32 CPM_UART: fixes and improvements [PATCH] ppc32 CPM_UART: Fixed break send on SCC [PATCH] powerpc/kprobes: fix singlestep out-of-line [PATCH] powerpc/pseries: avoid crash in PCI code if mem system not up
2006-05-04Merge master.kernel.org:/home/rmk/linux-2.6-mmcLinus Torvalds
* master.kernel.org:/home/rmk/linux-2.6-mmc: [MMC] Move set_ios debugging into mmc.c [MMC] Correct mmc_request_done comments [MMC] PXA: reduce the number of lines PXAMCI debug uses [MMC] PXA and i.MX: don't avoid sending stop command on error [MMC] extend data timeout for writes [ARM] 3485/1: i.MX: MX1 SD/MMC fix of unintentional double start possibility
2006-05-04Merge branch 'splice' of git://brick.kernel.dk/data/git/linux-2.6-blockLinus Torvalds
* 'splice' of git://brick.kernel.dk/data/git/linux-2.6-block: [PATCH] compat_sys_vmsplice: one-off in UIO_MAXIOV check [PATCH] splice: redo page lookup if add_to_page_cache() returns -EEXIST [PATCH] splice: rename remaining info variables to pipe [PATCH] splice: LRU fixups [PATCH] splice: fix unlocking of page on error ->prepare_write()
2006-05-03[NETFILTER]: H.323 helper: Change author's email addressJing Min Zhao
Signed-off-by: Jing Min Zhao <zhaojingmin@users.sourceforge.net> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
2006-05-04[PATCH] splice: LRU fixupsJens Axboe
Nick says that the current construct isn't safe. This goes back to the original, but sets PIPE_BUF_FLAG_LRU on user pages as well as they all seem to be on the LRU in the first place. Signed-off-by: Jens Axboe <axboe@suse.de>
2006-05-03[PATCH] ppc32 CPM_UART: fixes and improvementsVitaly Bordug
A number of small issues are fixed, and added the header file, missed from the original series. With this, driver should be pretty stable as tested among both platform-device-driven and "old way" boards. Also added missing GPL statement , and updated year field on existing ones to reflect code update. Signed-off-by: Vitaly Bordug <vbordug@ru.mvista.com> Signed-off-by: Paul Mackerras <paulus@samba.org>
2006-05-03Merge branch 'master' of ↵David Woodhouse
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6
2006-05-03Move jffs2_fs_i.h and jffs2_fs_sb.h from include/linux/ to fs/jffs2/David Woodhouse
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2006-05-02[MMC] extend data timeout for writesRussell King
The CSD contains a "read2write factor" which determines the multiplier to be applied to the read timeout to obtain the write timeout. We were ignoring this parameter, resulting in the possibility for writes being timed out too early. Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-05-02[PATCH] vmsplice: restrict stealing a little moreJens Axboe
Apply the same rules as the anon pipe pages, only allow stealing if no one else is using the page. Signed-off-by: Jens Axboe <axboe@suse.de>
2006-05-02[PATCH] splice: fix page LRU accountingJens Axboe
Currently we rely on the PIPE_BUF_FLAG_LRU flag being set correctly to know whether we need to fiddle with page LRU state after stealing it, however for some origins we just don't know if the page is on the LRU list or not. So remove PIPE_BUF_FLAG_LRU and do this check/add manually in pipe_to_file() instead. Signed-off-by: Jens Axboe <axboe@suse.de>
2006-05-01Merge branch 'audit.b10' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current * 'audit.b10' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: [PATCH] Audit Filter Performance [PATCH] Rework of IPC auditing [PATCH] More user space subject labels [PATCH] Reworked patch for labels on user space messages [PATCH] change lspp ipc auditing [PATCH] audit inode patch [PATCH] support for context based audit filtering, part 2 [PATCH] support for context based audit filtering [PATCH] no need to wank with task_lock() and pinning task down in audit_syscall_exit() [PATCH] drop task argument of audit_syscall_{entry,exit} [PATCH] drop gfp_mask in audit_log_exit() [PATCH] move call of audit_free() into do_exit() [PATCH] sockaddr patch [PATCH] deal with deadlocks in audit_free()
2006-05-01[NETFILTER] x_tables: fix compat related crash on non-x86Patrick McHardy
When iptables userspace adds an ipt_standard_target, it calculates the size of the entire entry as: sizeof(struct ipt_entry) + XT_ALIGN(sizeof(struct ipt_standard_target)) ipt_standard_target looks like this: struct xt_standard_target { struct xt_entry_target target; int verdict; }; xt_entry_target contains a pointer, so when compiled for 64 bit the structure gets an extra 4 byte of padding at the end. On 32 bit architectures where iptables aligns to 8 byte it will also have 4 byte padding at the end because it is only 36 bytes large. The compat_ipt_standard_fn in the kernel adjusts the offsets by sizeof(struct ipt_standard_target) - sizeof(struct compat_ipt_standard_target), which will always result in 4, even if the structure from userspace was already padded to a multiple of 8. On x86 this works out by accident because userspace only aligns to 4, on all other architectures this is broken and causes incorrect adjustments to the size and following offsets. Thanks to Linus for lots of debugging help and testing. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-05-01Merge branch 'splice' of git://brick.kernel.dk/data/git/linux-2.6-blockLinus Torvalds
* 'splice' of git://brick.kernel.dk/data/git/linux-2.6-block: [PATCH] vmsplice: allow user to pass in gift pages [PATCH] pipe: enable atomic copying of pipe data to/from user space [PATCH] splice: call handle_ra_miss() on failure to lookup page [PATCH] Add ->splice_read/splice_write to def_blk_fops [PATCH] pipe: introduce ->pin() buffer operation [PATCH] splice: fix bugs in pipe_to_file() [PATCH] splice: fix bugs with stealing regular pipe pages
2006-05-01[PATCH] vmsplice: allow user to pass in gift pagesJens Axboe
If SPLICE_F_GIFT is set, the user is basically giving this pages away to the kernel. That means we can steal them for eg page cache uses instead of copying it. The data must be properly page aligned and also a multiple of the page size in length. Signed-off-by: Jens Axboe <axboe@suse.de>
2006-05-01[PATCH] pipe: enable atomic copying of pipe data to/from user spaceJens Axboe
The pipe ->map() method uses kmap() to virtually map the pages, which is both slow and has known scalability issues on SMP. This patch enables atomic copying of pipe pages, by pre-faulting data and using kmap_atomic() instead. lmbench bw_pipe and lat_pipe measurements agree this is a Good Thing. Here are results from that on a UP machine with highmem (1.5GiB of RAM), running first a UP kernel, SMP kernel, and SMP kernel patched. Vanilla-UP: Pipe bandwidth: 1622.28 MB/sec Pipe bandwidth: 1610.59 MB/sec Pipe bandwidth: 1608.30 MB/sec Pipe latency: 7.3275 microseconds Pipe latency: 7.2995 microseconds Pipe latency: 7.3097 microseconds Vanilla-SMP: Pipe bandwidth: 1382.19 MB/sec Pipe bandwidth: 1317.27 MB/sec Pipe bandwidth: 1355.61 MB/sec Pipe latency: 9.6402 microseconds Pipe latency: 9.6696 microseconds Pipe latency: 9.6153 microseconds Patched-SMP: Pipe bandwidth: 1578.70 MB/sec Pipe bandwidth: 1579.95 MB/sec Pipe bandwidth: 1578.63 MB/sec Pipe latency: 9.1654 microseconds Pipe latency: 9.2266 microseconds Pipe latency: 9.1527 microseconds Signed-off-by: Jens Axboe <axboe@suse.de>
2006-05-01[PATCH] pipe: introduce ->pin() buffer operationJens Axboe
The ->map() function is really expensive on highmem machines right now, since it has to use the slower kmap() instead of kmap_atomic(). Splice rarely needs to access the virtual address of a page, so it's a waste of time doing it. Introduce ->pin() to take over the responsibility of making sure the page data is valid. ->map() is then reduced to just kmap(). That way we can also share a most of the pipe buffer ops between pipe.c and splice.c Signed-off-by: Jens Axboe <axboe@suse.de>
2006-05-01[PATCH] splice: fix bugs in pipe_to_file()Jens Axboe
Found by Oleg Nesterov <oleg@tv-sign.ru>, fixed by me. - Only allow full pages to go to the page cache. - Check page != buf->page instead of using PIPE_BUF_FLAG_STOLEN. - Remember to clear 'stolen' if add_to_page_cache() fails. And as a cleanup on that: - Make the bottom fall-through logic a little less convoluted. Also make the steal path hold an extra reference to the page, so we don't have to differentiate between stolen and non-stolen at the end. Signed-off-by: Jens Axboe <axboe@suse.de>
2006-05-01Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: [TG3]: Update version and reldate [TG3]: Fix bug in nvram write [TG3]: Add reset_phy parameter to chip reset functions [TG3]: Reset chip when changing MAC address [TG3]: Add phy workaround [TG3]: Call netif_carrier_off() during phy reset [IPV6]: Fix race in route selection. [XFRM]: fix incorrect xfrm_policy_afinfo_lock use [XFRM]: fix incorrect xfrm_state_afinfo_lock use [TCP]: Fix unlikely usage in tcp_transmit_skb() [XFRM]: fix softirq-unsafe xfrm typemap->lock use [IPSEC]: Fix IP ID selection [NET]: use hlist_unhashed() [IPV4]: inet_init() -> fs_initcall [NETLINK]: cleanup unused macro in net/netlink/af_netlink.c [PKT_SCHED] netem: fix loss [X25]: fix for spinlock recurse and spinlock lockup with timer handler
2006-05-01[PATCH] Rework of IPC auditingSteve Grubb
1) The audit_ipc_perms() function has been split into two different functions: - audit_ipc_obj() - audit_ipc_set_perm() There's a key shift here... The audit_ipc_obj() collects the uid, gid, mode, and SElinux context label of the current ipc object. This audit_ipc_obj() hook is now found in several places. Most notably, it is hooked in ipcperms(), which is called in various places around the ipc code permforming a MAC check. Additionally there are several places where *checkid() is used to validate that an operation is being performed on a valid object while not necessarily having a nearby ipcperms() call. In these locations, audit_ipc_obj() is called to ensure that the information is captured by the audit system. The audit_set_new_perm() function is called any time the permissions on the ipc object changes. In this case, the NEW permissions are recorded (and note that an audit_ipc_obj() call exists just a few lines before each instance). 2) Support for an AUDIT_IPC_SET_PERM audit message type. This allows for separate auxiliary audit records for normal operations on an IPC object and permissions changes. Note that the same struct audit_aux_data_ipcctl is used and populated, however there are separate audit_log_format statements based on the type of the message. Finally, the AUDIT_IPC block of code in audit_free_aux() was extended to handle aux messages of this new type. No more mem leaks I hope ;-) Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01[PATCH] More user space subject labelsSteve Grubb
Hi, The patch below builds upon the patch sent earlier and adds subject label to all audit events generated via the netlink interface. It also cleans up a few other minor things. Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01[PATCH] Reworked patch for labels on user space messagesSteve Grubb
The below patch should be applied after the inode and ipc sid patches. This patch is a reworking of Tim's patch that has been updated to match the inode and ipc patches since its similar. [updated: > Stephen Smalley also wanted to change a variable from isec to tsec in the > user sid patch. ] Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01[PATCH] change lspp ipc auditingSteve Grubb
Hi, The patch below converts IPC auditing to collect sid's and convert to context string only if it needs to output an audit record. This patch depends on the inode audit change patch already being applied. Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01[PATCH] audit inode patchSteve Grubb
Previously, we were gathering the context instead of the sid. Now in this patch, we gather just the sid and convert to context only if an audit event is being output. This patch brings the performance hit from 146% down to 23% Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-05-01[PATCH] support for context based audit filteringDarrel Goeddel
The following patch provides selinux interfaces that will allow the audit system to perform filtering based on the process context (user, role, type, sensitivity, and clearance). These interfaces will allow the selinux module to perform efficient matches based on lower level selinux constructs, rather than relying on context retrievals and string comparisons within the audit module. It also allows for dominance checks on the mls portion of the contexts that are impossible with only string comparisons. Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>