Commit Graph

28453 Commits

Author SHA1 Message Date
Linus Torvalds be883da759 Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/sparc-2.6:
  [SPARC64]: Update defconfig.
  [SPARC64]: Don't double-export synchronize_irq.
  [SPARC64]: Move over to GENERIC_HARDIRQS.
  [SPARC64]: Virtualize IRQ numbers.
  [SPARC64]: Kill ino_bucket->pil
  [SPARC]: Kill __irq_itoa().
  [SPARC64]: bp->pil can never be zero
  [SPARC64]: Send all device interrupts via one PIL.
  [SPARC]: Fix iommu_flush_iotlb end address
  [SPARC]: Mark smp init functions as cpuinit
  [SPARC]: Add missing rw can_lock macros
  [SPARC]: Setup cpu_possible_map
  [SPARC]: Add topology_init()
2006-06-20 17:39:28 -07:00
Linus Torvalds 077e98945d Merge branch 'rio.b19' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/bird
* 'rio.b19' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/bird:
  [PATCH] missing readb/readw in rio
  [PATCH] copy_to_user() from iomem is a bad thing
  [PATCH] forgotten swap of copyout() arguments
  [PATCH] handling rio MEMDUMP
  [PATCH] fix rio_copy_to_card() for OLDPCI case
  [PATCH] uses of ->Copy() in rioroute are bogus
  [PATCH] bogus order of copy_from_user() arguments
  [PATCH] rio ->Copy() expects the sourse as first argument
  [PATCH] trivial annotations in rio
2006-06-20 15:38:12 -07:00
Linus Torvalds d9eaec9e29 Merge branch 'audit.b21' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b21' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (25 commits)
  [PATCH] make set_loginuid obey audit_enabled
  [PATCH] log more info for directory entry change events
  [PATCH] fix AUDIT_FILTER_PREPEND handling
  [PATCH] validate rule fields' types
  [PATCH] audit: path-based rules
  [PATCH] Audit of POSIX Message Queue Syscalls v.2
  [PATCH] fix se_sen audit filter
  [PATCH] deprecate AUDIT_POSSBILE
  [PATCH] inline more audit helpers
  [PATCH] proc_loginuid_write() uses simple_strtoul() on non-terminated array
  [PATCH] update of IPC audit record cleanup
  [PATCH] minor audit updates
  [PATCH] fix audit_krule_to_{rule,data} return values
  [PATCH] add filtering by ppid
  [PATCH] log ppid
  [PATCH] collect sid of those who send signals to auditd
  [PATCH] execve argument logging
  [PATCH] fix deadlocks in AUDIT_LIST/AUDIT_LIST_RULES
  [PATCH] audit_panic() is audit-internal
  [PATCH] inotify (5/5): update kernel documentation
  ...

Manual fixup of conflict in unclude/linux/inotify.h
2006-06-20 15:37:56 -07:00
Russell King 905f14672e [ARM] Fix tosa build error
tosa.c references mdelay(), but was missing linux/delay.h

Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-06-20 23:27:37 +01:00
Linus Torvalds cee4cca740 Merge git://git.infradead.org/hdrcleanup-2.6
* git://git.infradead.org/hdrcleanup-2.6: (63 commits)
  [S390] __FD_foo definitions.
  Switch to __s32 types in joystick.h instead of C99 types for consistency.
  Add <sys/types.h> to headers included for userspace in <linux/input.h>
  Move inclusion of <linux/compat.h> out of user scope in asm-x86_64/mtrr.h
  Remove struct fddi_statistics from user view in <linux/if_fddi.h>
  Move user-visible parts of drivers/s390/crypto/z90crypt.h to include/asm-s390
  Revert include/media changes: Mauro says those ioctls are only used in-kernel(!)
  Include <linux/types.h> and use __uXX types in <linux/cramfs_fs.h>
  Use __uXX types in <linux/i2o_dev.h>, include <linux/ioctl.h> too
  Remove private struct dx_hash_info from public view in <linux/ext3_fs.h>
  Include <linux/types.h> and use __uXX types in <linux/affs_hardblocks.h>
  Use __uXX types in <linux/divert.h> for struct divert_blk et al.
  Use __u32 for elf_addr_t in <asm-powerpc/elf.h>, not u32. It's user-visible.
  Remove PPP_FCS from user view in <linux/ppp_defs.h>, remove __P mess entirely
  Use __uXX types in user-visible structures in <linux/nbd.h>
  Don't use 'u32' in user-visible struct ip_conntrack_old_tuple.
  Use __uXX types for S390 DASD volume label definitions which are user-visible
  S390 BIODASDREADCMB ioctl should use __u64 not u64 type.
  Remove unneeded inclusion of <linux/time.h> from <linux/ufs_fs.h>
  Fix private integer types used in V4L2 ioctls.
  ...

Manually resolve conflict in include/linux/mtd/physmap.h
2006-06-20 15:10:08 -07:00
Linus Torvalds 2edc322d42 Merge git://git.infradead.org/~dwmw2/rbtree-2.6
* git://git.infradead.org/~dwmw2/rbtree-2.6:
  [RBTREE] Switch rb_colour() et al to en_US spelling of 'color' for consistency
  Update UML kernel/physmem.c to use rb_parent() accessor macro
  [RBTREE] Update hrtimers to use rb_parent() accessor macro.
  [RBTREE] Add explicit alignment to sizeof(long) for struct rb_node.
  [RBTREE] Merge colour and parent fields of struct rb_node.
  [RBTREE] Remove dead code in rb_erase()
  [RBTREE] Update JFFS2 to use rb_parent() accessor macro.
  [RBTREE] Update eventpoll.c to use rb_parent() accessor macro.
  [RBTREE] Update key.c to use rb_parent() accessor macro.
  [RBTREE] Update ext3 to use rb_parent() accessor macro.
  [RBTREE] Change rbtree off-tree marking in I/O schedulers.
  [RBTREE] Add accessor macros for colour and parent fields of rb_node
2006-06-20 14:51:22 -07:00
Linus Torvalds be967b7e2f Merge git://git.infradead.org/mtd-2.6
* git://git.infradead.org/mtd-2.6: (199 commits)
  [MTD] NAND: Fix breakage all over the place
  [PATCH] NAND: fix remaining OOB length calculation
  [MTD] NAND Fixup NDFC merge brokeness
  [MTD NAND] S3C2410 driver cleanup
  [MTD NAND] s3c24x0 board: Fix clock handling, ensure proper initialisation.
  [JFFS2] Check CRC32 on dirent and data nodes each time they're read
  [JFFS2] When retiring nextblock, allocate a node_ref for the wasted space
  [JFFS2] Mark XATTR support as experimental, for now
  [JFFS2] Don't trust node headers before the CRC is checked.
  [MTD] Restore MTD_ROM and MTD_RAM types
  [MTD] assume mtd->writesize is 1 for NOR flashes
  [MTD NAND] Fix s3c2410 NAND driver so it at least _looks_ like it compiles
  [MTD] Prepare physmap for 64-bit-resources
  [JFFS2] Fix more breakage caused by janitorial meddling.
  [JFFS2] Remove stray __exit from jffs2_compressors_exit()
  [MTD] Allow alternate JFFS2 mount variant for root filesystem.
  [MTD] Disconnect struct mtd_info from ABI
  [MTD] replace MTD_RAM with MTD_GENERIC_TYPE
  [MTD] replace MTD_ROM with MTD_GENERIC_TYPE
  [MTD] remove a forgotten MTD_XIP
  ...
2006-06-20 14:50:31 -07:00
Linus Torvalds eef11427ed Merge master.kernel.org:/home/rmk/linux-2.6-serial
* master.kernel.org:/home/rmk/linux-2.6-serial:
  [SERIAL] PARPORT_SERIAL should depend on SERIAL_8250_PCI
2006-06-20 14:49:45 -07:00
Linus Torvalds c9ab09710e Merge master.kernel.org:/home/rmk/linux-2.6-mmc
* master.kernel.org:/home/rmk/linux-2.6-mmc:
  [MMC] Add (MMC) to entry in MAINTAINERS file
  [MMC] sdhci truncated pointer fix
2006-06-20 14:49:29 -07:00
Linus Torvalds ff9144530e Merge master.kernel.org:/home/rmk/linux-2.6-arm
* master.kernel.org:/home/rmk/linux-2.6-arm: (22 commits)
  [ARM] 3559/1: S3C2442: core and serial port
  [ARM] 3557/1: S3C24XX: centralise and cleanup uart registration
  [ARM] 3558/1: SMDK24XX: LED platform devices
  [ARM] 3534/1: add spi support to lubbock platform
  [ARM] 3554/1: ARM: Fix dyntick locking
  [ARM] 3553/1: S3C24XX: earlier print of cpu idcode info
  [ARM] 3552/1: S3C24XX: Move VA of GPIO for low-level debug
  [ARM] 3551/1: S3C24XX: PM code failes to compile with CONFIG_DCACHE_WRITETHROUGH
  [ARM] 3550/1: OSIRIS: fix serial port map for 1:1
  [ARM] 3548/1: Fix the ARMv6 CPU id in compressed/head.S
  [ARM] 3335/1: Old-abi Thumb sys_syscall broken
  [ARM] 3467/1: [3/3] Support for Philips PNX4008 platform: defconfig
  [ARM] 3466/1: [2/3] Support for Philips PNX4008 platform: chip support
  [ARM] 3465/1: [1/3] Support for Philips PNX4008 platform: headers
  [ARM] 3407/1: lpd7x: documetation update
  [ARM] 3406/1: lpd7x: compilation fix for smc91x
  [ARM] 3405/1: lpd7a40x: CPLD ssp driver
  [ARM] 3404/1: lpd7a40x: AMBA CLCD support
  [ARM] 3403/1: lpd7a40x: updated default configurations
  [ARM] 3402/1: lpd7a40x: serial driver bug fix
  ...
2006-06-20 14:49:00 -07:00
Deepak Saxena 4af6fee188 [ARM] 3610/1: Make reboot work on Versatile
Patch from Deepak Saxena

This patch makes soft reboot work on the Versatile board. Thanks to
Catalin Marinas @ ARM for pointing out the proper way to do this.

Signed-off-by: Deepak Saxena <dsaxena@plexity.net>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-06-20 21:30:44 +01:00
Russell King 098a4cb7c0 Merge S3Cxxxx branch 2006-06-20 20:57:34 +01:00
Thomas Gleixner 7bc3312bef [MTD] NAND: Fix breakage all over the place
Following problems are addressed:

- wrong status caused early break out of nand_wait()
- removed the bogus status check in nand_wait() which
  is a relict of the abandoned support for interrupted
  erase.
- status check moved to the correct place in read_oob
- oob support for syndrom based ecc with strange layouts
- use given offset in the AUTOOOB based oob operations

Partially based on a patch from Vitaly Vool <vwool@ru.mvista.com>
Thanks to Savin Zlobec <savin@epico.si> for tracking down the
status problem.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2006-06-20 20:31:24 +01:00
Vitaly Wool 7e4178f90e [PATCH] NAND: fix remaining OOB length calculation
In nand_read_page_syndrome/nand_write_page_syndrome the calculation of
the remaining oob length which is not used by the prepad/ecc/postpad
areas is wrong.

Signed-off-by: Vitaly Wool <vwool@ru.mvista.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2006-06-20 20:31:23 +01:00
Thomas Gleixner b6d5ee00e3 [MTD] NAND Fixup NDFC merge brokeness
Remove the remains of a broken merge.

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2006-06-20 20:31:23 +01:00
Russell King ea75ee9ab8 [ARM] Include asm/hardware.h not asm/arch/hardware.h
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-06-20 19:53:16 +01:00
Russell King 3a8182bd88 Merge Zaurus branch 2006-06-20 19:49:07 +01:00
Russell King 695a9d236a Merge AT91 branch 2006-06-20 19:48:18 +01:00
Andrew Victor 55c20c0af7 [ARM] 3599/1: AT91RM9200 remove global variables
Patch from Andrew Victor

This patch removes some now unnecessary global variables -
at91_master_clock, at91_serial_map, at91_console_port.

Signed-off-by: Andrew Victor <andrew@sanpeople.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-06-20 19:31:39 +01:00
Ben Dooks ec57b709c3 [ARM] 3609/1: S3C24XX: defconfig update for s3c2410_defconfig
Patch from Ben Dooks

Update s3c2410_defconfig to latest kernel with the
latest patches

Signed-off-by: Ben Dooks <ben-linux@fluff.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-06-20 19:31:06 +01:00
Andrew Victor 5c3fddced9 [ARM] 3607/1: AT91RM9200 misc fixes
Patch from Andrew Victor

This final patch includes some general fixes.

1. Link in pm.o if CONFIG_PM is enabled.  [Should have been included in
patch 3605/1].
2. Use __raw_readl()/__raw_writel() when accessing System Peripheral
registers.
3. Removed some unnecessary includes

Signed-off-by: Andrew Victor <andrew@sanpeople.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-06-20 19:30:20 +01:00
Andrew Victor 907d6deb62 [ARM] 3605/1: AT91RM9200 Power Management
Patch from Andrew Victor

This patch adds the core Power Management support for the AT91RM9200
processor.  It will support suspend-to-RAM and standby modes.

The suspend-to-RAM functionality is not 100% complete.  The code that
needs to be execute from the internal SRAM to restore the system is
outstanding.  For now we just fall through to Standby mode.

The AT91-specific at91_suspend_entering_slow_clock() function will
eventually be replaced by clk_must_disable() once that functionality is
added to mainline clock API.

Patch from David Brownell.

Signed-off-by: Andrew Victor <andrew@sanpeople.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-06-20 19:30:19 +01:00
Andrew Victor 6902f523a3 [ARM] 3604/1: AT91RM9200 New boards
Patch from Andrew Victor

This patch adds support for an additional 4 AT91RM9200-based boards:

1. Conitec ARM&EVA  [MACH_CARMEVA]
   (http://www.conitec.net/english/linuxboard.htm)

2. KwikByte KB920x  [MACH_KB9200]
   (http://kwikbyte.com/KB9202_description_new.htm)

3. Embest ATEB9200  [MACH_ATEB9200]
   (http://www.embedinfo.com/english/product/ATEB9200.asp)

4. Sperry-Sun KAFA board  [MACH_KAFA]
   (unknown)

Signed-off-by: Andrew Victor <andrew@sanpeople.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-06-20 19:30:18 +01:00
Andrew Victor d6bdbb8ef3 [ARM] 3603/1: AT91RM9200 remove old files
Patch from Andrew Victor

This patch removes the now unnecessary
include/asm-arm/arch-at91rm9200/pio.h file.  The pin configuration is
now handled in the platform-device setup code
(arch/arm/mach-at91rm9200/devices.c).

Signed-off-by: Andrew Victor <andrew@sanpeople.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-06-20 19:27:34 +01:00
Liam Girdwood c322e24b40 [ARM] 3606/1: PXA27x SSP Register definitions
Patch from Liam Girdwood

This patch adds some new PXA27x SSP port registers and also fixes the
SSP slots per frame macro

Changes:-

 o SSCR0_SlotPerFrm fixed
 o Added SSP port TSA, RSA, TSS and ACD registers

Signed-off-by: Liam Girdwood <liam.girdwood@wolfsonmicro.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-06-20 19:26:42 +01:00
Lennert Buytenhek e6fea6a5e3 [ARM] 3602/1: ixp23xx: fix two typos
Patch from Lennert Buytenhek

Fix two typos in include/asm-arm/arch-ixp23xx.

Signed-off-by: Lennert Buytenhek <buytenh@wantstofly.org>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
2006-06-20 19:26:41 +01:00
Al Viro ff7512e1a2 [ATM]: fix broken uses of NIPQUAD in net/atm
NIPQUAD expects an l-value of type __be32, _NOT_ a pointer to __be32.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-20 03:27:27 -07:00
Al Viro 8ca84481b6 [SCTP]: sctp_unpack_cookie() fix
sizeof(pointer) != sizeof(array)...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-20 03:26:14 -07:00
Steve Grubb 41757106b9 [PATCH] make set_loginuid obey audit_enabled
Hi,

I was doing some testing and noticed that when the audit system was disabled,
I was still getting messages about the loginuid being set. The following patch
makes audit_set_loginuid look at in_syscall to determine if it should create
an audit event. The loginuid will continue to be set as long as there is a context.

Signed-off-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:29 -04:00
Amy Griffis 9c937dcc71 [PATCH] log more info for directory entry change events
When an audit event involves changes to a directory entry, include
a PATH record for the directory itself.  A few other notable changes:

    - fixed audit_inode_child() hooks in fsnotify_move()
    - removed unused flags arg from audit_inode()
    - added audit log routines for logging a portion of a string

Here's some sample output.

before patch:
type=SYSCALL msg=audit(1149821605.320:26): arch=40000003 syscall=39 success=yes exit=0 a0=bf8d3c7c a1=1ff a2=804e1b8 a3=bf8d3c7c items=1 ppid=739 pid=800 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 comm="mkdir" exe="/bin/mkdir" subj=root:system_r:unconfined_t:s0-s0:c0.c255
type=CWD msg=audit(1149821605.320:26):  cwd="/root"
type=PATH msg=audit(1149821605.320:26): item=0 name="foo" parent=164068 inode=164010 dev=03:00 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_t:s0

after patch:
type=SYSCALL msg=audit(1149822032.332:24): arch=40000003 syscall=39 success=yes exit=0 a0=bfdd9c7c a1=1ff a2=804e1b8 a3=bfdd9c7c items=2 ppid=714 pid=777 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 comm="mkdir" exe="/bin/mkdir" subj=root:system_r:unconfined_t:s0-s0:c0.c255
type=CWD msg=audit(1149822032.332:24):  cwd="/root"
type=PATH msg=audit(1149822032.332:24): item=0 name="/root" inode=164068 dev=03:00 mode=040750 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_dir_t:s0
type=PATH msg=audit(1149822032.332:24): item=1 name="foo" inode=164010 dev=03:00 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=root:object_r:user_home_t:s0

Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:28 -04:00
Amy Griffis 6a2bceec0e [PATCH] fix AUDIT_FILTER_PREPEND handling
Clear AUDIT_FILTER_PREPEND flag after adding rule to list.  This
fixes three problems when a rule is added with the -A syntax:

    - auditctl displays filter list as "(null)"
    - the rule cannot be removed using -d
    - a duplicate rule can be added with -a

Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:28 -04:00
Al Viro 0a73dccc4f [PATCH] validate rule fields' types
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:27 -04:00
Amy Griffis f368c07d72 [PATCH] audit: path-based rules
In this implementation, audit registers inotify watches on the parent
directories of paths specified in audit rules.  When audit's inotify
event handler is called, it updates any affected rules based on the
filesystem event.  If the parent directory is renamed, removed, or its
filesystem is unmounted, audit removes all rules referencing that
inotify watch.

To keep things simple, this implementation limits location-based
auditing to the directory entries in an existing directory.  Given
a path-based rule for /foo/bar/passwd, the following table applies:

    passwd modified -- audit event logged
    passwd replaced -- audit event logged, rules list updated
    bar renamed     -- rule removed
    foo renamed     -- untracked, meaning that the rule now applies to
		       the new location

Audit users typically want to have many rules referencing filesystem
objects, which can significantly impact filtering performance.  This
patch also adds an inode-number-based rule hash to mitigate this
situation.

The patch is relative to the audit git tree:
http://kernel.org/git/?p=linux/kernel/git/viro/audit-current.git;a=summary
and uses the inotify kernel API:
http://lkml.org/lkml/2006/6/1/145

Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:27 -04:00
George C. Wilson 20ca73bc79 [PATCH] Audit of POSIX Message Queue Syscalls v.2
This patch adds audit support to POSIX message queues.  It applies cleanly to
the lspp.b15 branch of Al Viro's git tree.  There are new auxiliary data
structures, and collection and emission routines in kernel/auditsc.c.  New hooks
in ipc/mqueue.c collect arguments from the syscalls.

I tested the patch by building the examples from the POSIX MQ library tarball.
Build them -lrt, not against the old MQ library in the tarball.  Here's the URL:
http://www.geocities.com/wronski12/posix_ipc/libmqueue-4.41.tar.gz
Do auditctl -a exit,always -S for mq_open, mq_timedsend, mq_timedreceive,
mq_notify, mq_getsetattr.  mq_unlink has no new hooks.  Please see the
corresponding userspace patch to get correct output from auditd for the new
record types.

[fixes folded]

Signed-off-by: George Wilson <ltcgcw@us.ibm.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:26 -04:00
Darrel Goeddel 8ba8e0fbe6 [PATCH] fix se_sen audit filter
Fix a broken comparison that causes the process clearance to be checked for
both se_clr and se_sen audit filters.

Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:26 -04:00
Al Viro 014149cce1 [PATCH] deprecate AUDIT_POSSBILE
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:25 -04:00
Al Viro d8945bb51a [PATCH] inline more audit helpers
pull checks for ->audit_context into inlined wrappers

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:25 -04:00
Al Viro e018290929 [PATCH] proc_loginuid_write() uses simple_strtoul() on non-terminated array
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:24 -04:00
Linda Knippers ac03221a4f [PATCH] update of IPC audit record cleanup
The following patch addresses most of the issues with the IPC_SET_PERM
records as described in:
https://www.redhat.com/archives/linux-audit/2006-May/msg00010.html
and addresses the comments I received on the record field names.

To summarize, I made the following changes:

1. Changed sys_msgctl() and semctl_down() so that an IPC_SET_PERM
   record is emitted in the failure case as well as the success case.
   This matches the behavior in sys_shmctl().  I could simplify the
   code in sys_msgctl() and semctl_down() slightly but it would mean
   that in some error cases we could get an IPC_SET_PERM record
   without an IPC record and that seemed odd.

2. No change to the IPC record type, given no feedback on the backward
   compatibility question.

3. Removed the qbytes field from the IPC record.  It wasn't being
   set and when audit_ipc_obj() is called from ipcperms(), the
   information isn't available.  If we want the information in the IPC
   record, more extensive changes will be necessary.  Since it only
   applies to message queues and it isn't really permission related, it
   doesn't seem worth it.

4. Removed the obj field from the IPC_SET_PERM record.  This means that
   the kern_ipc_perm argument is no longer needed.

5. Removed the spaces and renamed the IPC_SET_PERM field names.  Replaced iuid and
   igid fields with ouid and ogid in the IPC record.

I tested this with the lspp.22 kernel on an x86_64 box.  I believe it
applies cleanly on the latest kernel.

-- ljk

Signed-off-by: Linda Knippers <linda.knippers@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:24 -04:00
Serge E. Hallyn 5d136a010d [PATCH] minor audit updates
Just a few minor proposed updates.  Only the last one will
actually affect behavior.  The rest are just misleading
code.

Several AUDIT_SET functions return 'old' value, but only
return value <0 is checked for.  So just return 0.

propagate audit_set_rate_limit and audit_set_backlog_limit
error values

In audit_buffer_free, the audit_freelist_count was being
incremented even when we discard the return buffer, so
audit_freelist_count can end up wrong.  This could cause
the actual freelist to shrink over time, eventually
threatening to degrate audit performance.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:23 -04:00
Amy Griffis 0a3b483e83 [PATCH] fix audit_krule_to_{rule,data} return values
Don't return -ENOMEM when callers of these functions are checking for
a NULL return.  Bug noticed by Serge Hallyn.

Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:23 -04:00
Al Viro 3c66251e57 [PATCH] add filtering by ppid
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:22 -04:00
Al Viro f46038ff7d [PATCH] log ppid
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:22 -04:00
Al Viro e1396065e0 [PATCH] collect sid of those who send signals to auditd
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:21 -04:00
Al Viro 473ae30bc7 [PATCH] execve argument logging
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:21 -04:00
Al Viro 9044e6bca5 [PATCH] fix deadlocks in AUDIT_LIST/AUDIT_LIST_RULES
We should not send a pile of replies while holding audit_netlink_mutex
since we hold the same mutex when we receive commands.  As the result,
we can get blocked while sending and sit there holding the mutex while
auditctl is unable to send the next command and get around to receiving
what we'd sent.

Solution: create skb and put them into a queue instead of sending;
once we are done, send what we've got on the list.  The former can
be done synchronously while we are handling AUDIT_LIST or AUDIT_LIST_RULES;
we are holding audit_netlink_mutex at that point.  The latter is done
asynchronously and without messing with audit_netlink_mutex.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:20 -04:00
Al Viro bc0f3b8ebb [PATCH] audit_panic() is audit-internal
... no need to provide a stub; note that extern is already gone from
include/linux/audit.h

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:20 -04:00
Amy Griffis 0edce197db [PATCH] inotify (5/5): update kernel documentation
Update kernel documentation to include a description of the inotify
kernel API.

Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Acked-by: Robert Love <rml@novell.com>
Acked-by: John McCutchan <john@johnmccutchan.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:19 -04:00
Amy Griffis 3ca10067f7 [PATCH] inotify (4/5): allow watch removal from event handler
Allow callers to remove watches from their event handler via
inotify_remove_watch_locked().  This functionality can be used to
achieve IN_ONESHOT-like functionality for a subset of events in the
mask.

Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Acked-by: Robert Love <rml@novell.com>
Acked-by: John McCutchan <john@johnmccutchan.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:19 -04:00
Amy Griffis a9dc971d3f [PATCH] inotify (3/5): add interfaces to kernel API
Add inotify_init_watch() so caller can use inotify_watch refcounts
before calling inotify_add_watch().

Add inotify_find_watch() to find an existing watch for an (ih,inode)
pair.  This is similar to inotify_find_update_watch(), but does not
update the watch's mask if one is found.

Add inotify_rm_watch() to remove a watch via the watch pointer instead
of the watch descriptor.

Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Acked-by: Robert Love <rml@novell.com>
Acked-by: John McCutchan <john@johnmccutchan.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-06-20 05:25:18 -04:00