- 28 Apr, 2011 6 commits
-
-
Eric Paris authored
To shorten the list we need to run if filename trans rules exist for the type of the given parent directory I put them in a hashtable. Given the policy we are expecting to use in Fedora this takes the worst case list run from about 5,000 entries to 17. Signed-off-by:
Eric Paris <eparis@redhat.com> Reviewed-by:
James Morris <jmorris@namei.org>
-
Eric Paris authored
Instead of a hashtab entry counter function only useful for range transition rules make a function generic for any hashtable to use. Signed-off-by:
-
Eric Paris authored
We have custom debug functions like rangetr_hash_eval and symtab_hash_eval which do the same thing. Just create a generic function that takes the name of the hash table as an argument instead of having custom functions. Signed-off-by:
-
Eric Paris authored
Right now we walk to filename trans rule list for every inode that is created. First passes at policy using this facility creates around 5000 filename trans rules. Running a list of 5000 entries every time is a bad idea. This patch adds a new ebitmap to policy which has a bit set for each ttype that has at least 1 filename trans rule. Thus when an inode is created we can quickly determine if any rules exist for this parent directory type and can skip the list if we know there is definitely no relevant entry. Signed-off-by:
-
Eric Paris authored
filename_compute_type() takes as arguments the numeric value of the type of the subject and target. It does not take a context. Thus the names are misleading. Fix the argument names. Signed-off-by:
-
Eric Paris authored
filename_compute_type used to take a qstr, but it now takes just a name. Fix the comments to indicate it is an objname, not a qstr. Signed-off-by:
-
- 25 Apr, 2011 7 commits
-
-
Eric Paris authored
smack_file_lock has a struct path, so use that instead of only the dentry. Signed-off-by:
Casey Schaufler <casey@schaufler-ca.com>
-
Eric Paris authored
This patch separates and audit message that only contains a dentry from one that contains a full path. This allows us to make it harder to misuse the interfaces or for the interfaces to be implemented wrong. Signed-off-by:
-
Eric Paris authored
The lsm common audit code has wacky contortions making sure which pieces of information are set based on if it was given a path, dentry, or inode. Split this into path and inode to get rid of some of the code complexity. Signed-off-by:
-
Eric Paris authored
Now that the security modules can decide whether they support the dcache RCU walk or not it's possible to make selinux a bit more RCU friendly. The SELinux AVC and security server access decision code is RCU safe. A specific piece of the LSM audit code may not be RCU safe. This patch makes the VFS RCU walk retry if it would hit the non RCU safe chunk of code. It will normally just work under RCU. This is done simply by passing the VFS RCU state as a flag down into the avc_audit() code and returning ECHILD there if it would have an issue. Based-on-patch-by:
Andi Kleen <ak@linux.intel.com> Signed-off-by:
-
Andi Kleen authored
Right now all RCU walks fall back to reference walk when CONFIG_SECURITY is enabled, even though just the standard capability module is active. This is because security_inode_exec_permission unconditionally fails RCU walks. Move this decision to the low level security module. This requires passing the RCU flags down the security hook. This way at least the capability module and a few easy cases in selinux/smack work with RCU walks with CONFIG_SECURITY=y Signed-off-by:
-
Eric Paris authored
The len should be an size_t but is a ssize_t. Easy enough fix to silence build warnings. We have no need for signed-ness. Signed-off-by:
-
Eric Paris authored
If one builds a kernel without CONFIG_BUG there are a number of 'may be used uninitialized' warnings. Silence these by returning after the BUG(). Signed-off-by:
-
- 20 Apr, 2011 1 commit
-
-
Eric Paris authored
The filename_trans rule processing has some printk(KERN_ERR ) messages which were intended as debug aids in creating the code but weren't removed before it was submitted. Remove them. Signed-off-by:
-
- 07 Apr, 2011 2 commits
-
-
Harry Ciao authored
Initialize policydb.process_class once all symtabs read from policy image, so that it could be used to setup the role_trans.tclass field when a lower version policy.X is loaded. Signed-off-by:
Harry Ciao <qingtao.cao@windriver.com> Signed-off-by:
-
Stephen Smalley authored
Commit 6f5317e7 introduced a bug in the handling of userspace object classes that is causing breakage for Xorg when XSELinux is enabled. Fix the bug by changing map_class() to return SECCLASS_NULL when the class cannot be mapped to a kernel object class. Reported-by:
"Justin P. Mattock" <justinmattock@gmail.com> Signed-off-by:
Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by:
-
- 01 Apr, 2011 2 commits
-
-
Kohei Kaigai authored
The attached patch allows /selinux/create takes optional 4th argument to support TYPE_TRANSITION with name extension for userspace object managers. If 4th argument is not supplied, it shall perform as existing kernel. In fact, the regression test of SE-PostgreSQL works well on the patched kernel. Thanks, Signed-off-by:
KaiGai Kohei <kohei.kaigai@eu.nec.com> [manually verify fuzz was not an issue, and it wasn't: eparis] Signed-off-by:
-
Eric Paris authored
update the git tree in MAINTAINERS Signed-off-by:
-
- 28 Mar, 2011 3 commits
-
-
Harry Ciao authored
If kernel policy version is >= 26, then write the class field of the role_trans structure into the binary reprensentation. Signed-off-by:
-
Harry Ciao authored
Apply role_transition rules for all kinds of classes. Signed-off-by:
-
Harry Ciao authored
If kernel policy version is >= 26, then the binary representation of the role_trans structure supports specifying the class for the current subject or the newly created object. If kernel policy version is < 26, then the class field would be default to the process class. Signed-off-by:
-
- 08 Mar, 2011 5 commits
-
-
-
David Howells authored
Add a keyctl op (KEYCTL_INSTANTIATE_IOV) that is like KEYCTL_INSTANTIATE, but takes an iovec array and concatenates the data in-kernel into one buffer. Since the KEYCTL_INSTANTIATE copies the data anyway, this isn't too much of a problem. Signed-off-by:
David Howells <dhowells@redhat.com> Signed-off-by:
-
David Howells authored
Add a new keyctl op to reject a key with a specified error code. This works much the same as negating a key, and so keyctl_negate_key() is made a special case of keyctl_reject_key(). The difference is that keyctl_negate_key() selects ENOKEY as the error to be reported. Typically the key would be rejected with EKEYEXPIRED, EKEYREVOKED or EKEYREJECTED, but this is not mandatory. Signed-off-by:
-
David Howells authored
Add a key type operation to permit the key type to vet the description of a new key that key_alloc() is about to allocate. The operation may reject the description if it wishes with an error of its choosing. If it does this, the key will not be allocated. Signed-off-by:
Mimi Zohar <zohar@us.ibm.com> Signed-off-by:
-
David Howells authored
Add an RCU payload dereference macro as this seems to be a common piece of code amongst key types that use RCU referenced payloads. Signed-off-by:
-
- 07 Mar, 2011 3 commits
-
-
James Morris authored
-
Linus Torvalds authored
Merge branch 'omap-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap-2.6 * 'omap-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap-2.6: omap: mailbox: resolve hang issue OMAP2+: PM: SmartReflex: fix memory leaks in Smartreflex driver arm: mach-omap2: smartreflex: fix another memory leak
-
git://git390.marist.edu/pub/scm/linux-2.6Linus Torvalds authored
* 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6: [S390] tape: deadlock on system work queue [S390] keyboard: integer underflow bug [S390] xpram: remove __initdata attribute from module parameters
-
- 06 Mar, 2011 3 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6: ALSA: hda - Don't set to D3 in Cirrus errata init verbs ALSA: hda - add new Fermi 5xx codec IDs to snd-hda ASoC: WM8994: Ensure late enable events are processed for the ADCs ASoC: WM8994: Don't disable the AIF[1|2]CLK_ENA unconditionaly ASoC: Fix WM9081 platform data initialisation ALSA: hda - Fix unable to record issue on ASUS N82JV ALSA: HDA: Realtek: Fixup jack detection to input subsystem
-
Amit Shah authored
If a virtio-console device gets unplugged while a port is open, a subsequent close() call on the port accesses vqs to free up buffers. This can lead to a crash. The buffers are already freed up as a result of the call to unplug_ports() from virtcons_remove(). The fix is to simply not access vq information if port->portdev is NULL. Reported-by:
juzhang <juzhang@redhat.com> CC: stable@kernel.org Signed-off-by:
Amit Shah <amit.shah@redhat.com> Signed-off-by:
Rusty Russell <rusty@rustcorp.com.au> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
Takashi Iwai authored
-
- 05 Mar, 2011 8 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-clientLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client: ceph: no .snap inside of snapped namespace libceph: fix msgr standby handling libceph: fix msgr keepalive flag libceph: fix msgr backoff libceph: retry after authorization failure libceph: fix handling of short returns from get_user_pages ceph: do not clear I_COMPLETE from d_release ceph: do not set I_COMPLETE Revert "ceph: keep reference to parent inode on ceph_dentry"
-
Andi Kleen authored
Pass down the correct node for a transparent hugepage allocation. Most callers continue to use the current node, however the hugepaged daemon now uses the previous node of the first to be collapsed page instead. This ensures that khugepaged does not mess up local memory for an existing process which uses local policy. The choice of node is somewhat primitive currently: it just uses the node of the first page in the pmd range. An alternative would be to look at multiple pages and use the most popular node. I used the simplest variant for now which should work well enough for the case of all pages being on the same node. [akpm@linux-foundation.org: coding-style fixes] Acked-by:
Andrea Arcangeli <aarcange@redhat.com> Signed-off-by:
KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
-
Andi Kleen authored
This makes a difference for LOCAL policy, where the node cannot be determined from the policy itself, but has to be gotten from the original page. Acked-by:
-
Andi Kleen authored
Add a alloc_page_vma_node that allows passing the "local" node in. Used in a followon patch. Acked-by:
-
Andi Kleen authored
Currently alloc_pages_vma() always uses the local node as policy node for the LOCAL policy. Pass this node down as an argument instead. No behaviour change from this patch, but will be needed for followons. Acked-by:
-
Alexandre Bounine authored
Signed-off-by:
Alexandre Bounine <alexandre.bounine@idt.com> Cc: Matt Porter <mporter@kernel.crashing.org> Signed-off-by:
-
Axel Lin authored
Signed-off-by:
Axel Lin <axel.lin@gmail.com> Cc: Haavard Skinnemoen <hskinnemoen@atmel.com> Cc: Richard Purdie <rpurdie@rpsys.net> Signed-off-by:
-
Kyungmin Park authored
Add maintainer of Samsung Mobile machine support. Currently, Aquila, Goni, Universal (C210), and Nuri board are supported. Signed-off-by:
Kyungmin Park <kyungmin.park@samsung.com> Cc: Joe Perches <joe@perches.com> Cc: "David S. Miller" <davem@davemloft.net> Cc: Russell King <rmk@arm.linux.org.uk> Signed-off-by:
-
