- 12 Apr, 2004 40 commits
-
-
Andrew Morton authored
From: Manfred Spraul <manfred@colorfullife.com> I found a security bug in the new mqueue code: a process that has only write permissions to a message queue could call mq_notify(SIGEV_THREAD) and use the returned notification file descriptor to read from the message queue.
-
Andrew Morton authored
From: Manfred Spraul <manfred@colorfullife.com> My discussion with Ulrich had one result: - mq_setattr can accept implementation defined flags. Right now we have none, but we might add some later (e.g. switch to CLOCK_MONOTONIC for mq_timed{send,receive} or something similar). When we add flags, we might need the fields for additional information. And they don't hurt. Therefore add four __reserved fields to mq_attr. - fail mq_setattr if we get unknown flags - otherwise glibc can't detect if it's running on a future kernel that supports new features. - use memset to initialize the mq_attr structure - theoretically we could leak kernel memory. - Only set O_NONBLOCK in mq_attr, explicitely clear O_RDWR & friends. openposix uses getattr, attr |=O_NONBLOCK, setattr - a sane approach. Without clearing O_RDWR, this fails. I've retested all openposix conformance tests with the new patch - the two new FAILED tests check undefined behavior. Note that I won't have net access until Sunday - if the message queue patch breaks something important either ask Krzysztof or drop it. Ulrich had another good idea for SIGEV_THREAD, but I must think about it. It would mean less complexitiy in glibc, but more code in the kernel. I'm not yet convinced that it's overall better.
-
Andrew Morton authored
From: Manfred Spraul <manfred@colorfullife.com> Make the posix message queue mountable by the user. This replaces ipcs and ipcrm for posix message queue: The admin can check which queues exist with ls and remove stale queues with rm. I'd like a final confirmation from Ulrich that our SIGEV_THREAD approach is the right thing(tm): He's aware of the design and didn't object, but I think he hasn't seen the final API yet.
-
Andrew Morton authored
From: Manfred Spraul <manfred@colorfullife.com> Linux specific extension: make the message queue identifiers pollable. It's simple and could be useful.
-
Andrew Morton authored
From: Manfred Spraul <manfred@colorfullife.com> Actual implementation of the posix message queues, written by Krzysztof Benedyczak and Michal Wronski. The complete implementation is dependant on CONFIG_POSIX_MQUEUE. It passed the openposix test suite with two exceptions: one mq_unlink test was bad and tested undefined behavior. And Linux succeeds mq_close(open(,,,)). The spec mandates EBADF, but we have decided to ignore that: we would have to add a new syscall just for the right error code. The patch intentionally doesn't use all helpers from fs/libfs for kernel-only filesystems: step 5 allows user space mounts of the file system. Signal changes: The patch redefines SI_MESGQ using __SI_CODE: The generic Linux ABI uses a negative value (i.e. from user) for SI_MESGQ, but the kernel internal value must be posive to pass check_kill_value. Additionally, the patch adds support into copy_siginfo_to_user to copy the "new" signal type to user space. Changes in signal code caused by POSIX message queues patch: General & rationale: mqueues generated signals (only upon notification) must have si_code == SI_MESGQ. In fact such a signal is send from one process which caused notification (== sent message to empty message queue) to another which requested it. Both processes can be of course unrelated in terms of uids/euids. So SI_MESGQ signals must be classified as SI_FROMKERNEL to pass check_kill_permissions (not need to say that this signals ARE from kernel). Signals generated by message queues notification need the same fields in siginfo struct's union _sifields as POSIX.1b signals and we can reuse its union entry. SI_MESGQ was previously defined to -3 in kernel and also in glibc. So in userspace SI_MESGQ must be still visible as -3. Solution: SI_MESGQ is defined in the same style as SI_TIMER using __SI_CODE macro. Details: Fortunately copy_siginfo_to_user copies si_code as short. So we can use remaining part of int value freely. __SI_CODE does the work. SI_MESGQ is in kernel: 6<<16 | (-3 & 0xffff) what is > 0 but to userspace is copied (short) SI_MESGQ == -3 Actual changes: Changes in include/asm-generic/siginfo.h __SI_MESGQ added in signal.h to represent inside-kernel prefix of SI_MESGQ. SI_MESGQ is redefined from -3 to __SI_CODE(__SI_MESGQ, -3) Except mips architecture those changes should be arch independent (asm-generic/siginfo.h is included in arch versions). On mips SI_MESGQ is redefined to -4 in order to be compatible with IRIX. But the same schema can be used. Change in copy_siginfo_to_user: We only add one line to order the same copy semantics as for _SI_RT. This change isn't very portable - some arch have its own copy_siginfo_to_user. All those should have similar change (but possibly not one-line as _SI_RT case was sometimes ignored because i wasn't used yet, e.g. see ia64 signal.c). Update: mq: only fail with invalid timespec if mq_timed{send,receive} needs to block From: Jakub Jelinek <jakub@redhat.com> POSIX requires EINVAL to be set if: "The process or thread would have blocked, and the abs_timeout parameter specified a nanoseconds field value less than zero or greater than or equal to 1000 million." but 2.6.5-mm3 returns -EINVAL even if the process or thread would not block (if the queue is not empty for timedreceive or not full for timedsend).
-
Andrew Morton authored
From: Manfred Spraul <manfred@colorfullife.com> Add -ENOSYS stubs for the posix message queue syscalls. The API is a direct mapping of the api from the unix spec, with two exceptions: - mq_close() doesn't exist. Message queue file descriptors can be closed with close(). - mq_notify(SIGEV_THREAD) cannot be implemented in the kernel. The kernel returns a pollable file descriptor . User space must poll (or read) this descriptor and call the notifier function if the file descriptor is signaled.
-
Andrew Morton authored
From: Manfred Spraul <manfred@colorfullife.com> cleanup of sysv ipc as a preparation for posix message queues: - replace !CONFIG_SYSVIPC wrappers for copy_semundo and exit_sem with static inline wrappers. Now the whole ipc/util.c file is only used if CONFIG_SYSVIPC is set, use makefile magic instead of #ifdef. - remove the prototypes for copy_semundo and exit_sem from kernel/fork.c - they belong into a header file. - create a new msgutil.c with the helper functions for message queues. - cleanup the helper functions: run Lindent, add __user tags.
-
Andrew Morton authored
From: Neil Brown <neilb@cse.unsw.edu.au> Addresses http://bugme.osdl.org/show_bug.cgi?id=2355 It seems that a merge_bvec_fn needs to be aware of partitioning... who would have thought it :-( The following patch should fix the merge_bvec_fn for both linear and raid0. We teach linear and raid0 about partitions in the merge_bvec_fn. ->merge_bvec_fn needs to make decisions based on the physical geometry of the device. For raid0, it needs to decide if adding the bvec to the bio will make the bio span two drives. To do this, it needs to know where the request is (what the sector number is) in the whole device. However when called from bio_add_page, bi_sector is the sector number relative to the current partition, as generic_make_request hasn't been called yet. So raid_mergeable_bvec needs to map bio->bi_sector (which is partition relative) to a bi_sector which is device relative, so it can perform proper calculations about when chunk boundaries are.
-
Andrew Morton authored
From: NeilBrown <neilb@cse.unsw.edu.au> From: "J. Bruce Fields" <bfields@fieldses.org> rpcsec_gss supports three security levels: 1. authentication only: sign the header of each rpc request and response. 2. integrity: sign the header and body of each rpc request and response. 3. privacy: sign the header and encrypt the body of each rpc request and response. The first 2 are already supported on the client; this adds integrity support on the server.
-
Andrew Morton authored
From: NeilBrown <neilb@cse.unsw.edu.au> From: "J. Bruce Fields" <bfields@fieldses.org> Without this compiling auth_gss as module fails.
-
Andrew Morton authored
From: NeilBrown <neilb@cse.unsw.edu.au> From: Fred. We don't do all the utf8 checking we could in the kernel, but we do some simple checks. Implement slightly stricter, and probably more efficient, checking.
-
Andrew Morton authored
From: NeilBrown <neilb@cse.unsw.edu.au>
-
Andrew Morton authored
From: NeilBrown <neilb@cse.unsw.edu.au>
-
Andrew Morton authored
From: NeilBrown <neilb@cse.unsw.edu.au> From: Fred Isaman
-
Andrew Morton authored
From: NeilBrown <neilb@cse.unsw.edu.au>
-
Andrew Morton authored
From: NeilBrown <neilb@cse.unsw.edu.au> It's better than oopsing.
-
Andrew Morton authored
From: Olaf Hering <olh@suse.de> initramfs can not be used in current 2.6 kernels, the files will never be executed because prepare_namespace doesn't care about them. The only way to workaround that limitation is a root=0:0 cmdline option to force rootfs as root filesystem. This will break further booting because rootfs is not the final root filesystem. This patch checks for the presence of /init which comes from the cpio archive (and thats the only way to store files into the rootfs). This binary/script has to do all the work of prepare_namespace().
-
Andrew Morton authored
Teach inode.c about list_move().
-
Andrew Morton authored
From: Jan Kara <jack@ucw.cz> Change locking rules in quota code to fix lock ordering especially wrt journal lock. Also some unnecessary spinlocking is removed. The locking changes are mainly: dqptr_sem, dqio_sem are acquired only when transaction is already started, dqonoff_sem before a transaction is started. This change requires some callbacks to ext3 (also implemented in this patch) to start transaction before the locks are acquired.
-
Andrew Morton authored
From: Matt Porter <mporter@kernel.crashing.org> This fixes a memory leak when freeing pgds on PPC44x.
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> UP compile fixes
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> Quieten NVRAM driver
-
Andrew Morton authored
From: Joel Schopp <jschopp@austin.ibm.com> I was looking at rtas serialization for reasons I won't go into here. While wandering through the code I found that two functions were not properly serialized. phys_call_rtas and phys_call_rtas_display_status are the functions. After looking further they are redundant and not used anywhere at all.
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> DMA API updates, in particular adding the new cache flush interfaces.
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> Add smt_snooze_delay cpu sysfs attribute
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> Oops cleanup: - Move prototypes into system.h - Move the debugger hooks into die, all the calls sites were calling them. - Handle bad values passed to prregs
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org>
-
Andrew Morton authored
From: Stephen Rothwell <sfr@canb.auug.org.au> James Bottomley is right, this was a mistake. This patch replaces vio_dma_mapping_error with dma_mapping_error everywhere.
-
Andrew Morton authored
[PATCH] ppc64: change the iSeries virtual device drivers to use the vio infrastructure for DMA mapping From: Stephen Rothwell <sfr@canb.auug.org.au> This patch changes the iSeries virtual device drivers to use the vio infrastructure for DMA mapping instead of the PCI infrastructure. This is a step along the way to integrating them correctly into the driver model.
-
Andrew Morton authored
From: Stephen Rothwell <sfr@canb.auug.org.au> This patch consolidates some of the iommu DMA mapping routines.
-
Andrew Morton authored
From: Stephen Rothwell <sfr@canb.auug.org.au> This is just a cleanup to use enum dma_data_direction for all APIs except the pci_dma_ ones (since they are defined generically). Also make most of the functions in arch/ppc64/kernel/pci_iommu.c static.
-
Andrew Morton authored
From: Stephen Rothwell <sfr@canb.auug.org.au> This patch uses enum dma_data_direction for the vio DMA api routines. This allows us to remove some include of linux/pci.h. Also missed some pci_dma_mapping_error uses.
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> Register secondary threads in NUMA init code
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> Add HW PMC support to oprofile
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> Add PMCs to sysfs.
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> Add some POWER5 specific optimisations: - icache is coherent, no need to explicitly flush - tlbie lock no longer required
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> Move sysfs specific stuff into sysfs.c
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> Update CPU features. Remove DABR feature, all cpus have it. Add MMCRA, PMC8, SMT, COHERENT_ICACHE, LOCKLESS_TLBIE features
-
Andrew Morton authored
From: David Engebretsen <engebret@us.ibm.com> Put SMT threads into global interrupt queue
-
Andrew Morton authored
From: Anton Blanchard <anton@samba.org> Create xics get_irq_server and use it in enable/disable code.
-