Unnamed repository; edit this file 'description' to name the repository. https://git.kobert.dev/pm24.git/atom?h=v3.17-rc7 2014-09-03T00:27:12Z 2014-09-03T00:27:12Z Steve Dickson stevedredhatcom 2014-09-02T12:52:05Z urn:sha1:738c5d190f6540539a04baf36ce21d46b5da04bd Now that NFS client uses the kernel key ring facility to store the NFSv4 id/gid mappings, the defaults for root_maxkeys and root_maxbytes need to be substantially increased. These values have been soak tested: https://bugzilla.redhat.com/show_bug.cgi?id=1033708#c73 Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <james.l.morris@oracle.com> 2014-08-27T02:52:09Z Tetsuo Handa penguin-kernel@I-love.SAKURA.ne.jp 2014-08-20T05:14:04Z urn:sha1:8fe7a268b18ebc89203c766b020b9e32f1cfeebf Commit 7177a9c4b509 ("fs: call rename2 if exists") changed "struct inode_operations"->rename == NULL if "struct inode_operations"->rename2 != NULL . TOMOYO needs to check for both ->rename and ->rename2 , or a system on (e.g.) ext4 filesystem won't boot. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Serge E. Hallyn <serge.hallyn@ubuntu.com> 2014-08-09T22:09:52Z Linus Torvalds torvalds@linux-foundation.org 2014-08-09T22:09:52Z urn:sha1:96784de59fb35077c2bb33c39328992b836d87d3 Pull SElinux fixes from Paul Moore: "Two small patches to fix a couple of build warnings in SELinux and NetLabel. The patches are obvious enough that I don't think any additional explanation is necessary, but it basically boils down to the usual: I was stupid, and these patches fix some of the stupid. Both patches were posted earlier this week to the SELinux list, and that is where they sat as I didn't think there were noteworthy enough to go upstream at this point in time, but DaveM would rather see them upstream now so who am I to argue. As the patches are both very small" * 'stable-3.17' of git://git.infradead.org/users/pcmoore/selinux: selinux: remove unused variabled in the netport, netnode, and netif caches netlabel: fix the netlbl_catmap_setlong() dummy function 2014-08-08T00:55:30Z Paul Moore pmoore@redhat.com 2014-08-08T00:55:30Z urn:sha1:942ba3646543aeb3e5729c35d10ac43424bf0b68 This patch removes the unused return code variable in the netport, netnode, and netif initialization functions. Reported-by: fengguang.wu@intel.com Signed-off-by: Paul Moore <pmoore@redhat.com> 2014-08-06T15:06:39Z Linus Torvalds torvalds@linux-foundation.org 2014-08-06T15:06:39Z urn:sha1:bb2cbf5e9367d8598fecd0c48dead69560750223 Pull security subsystem updates from James Morris: "In this release: - PKCS#7 parser for the key management subsystem from David Howells - appoint Kees Cook as seccomp maintainer - bugfixes and general maintenance across the subsystem" * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (94 commits) X.509: Need to export x509_request_asymmetric_key() netlabel: shorter names for the NetLabel catmap funcs/structs netlabel: fix the catmap walking functions netlabel: fix the horribly broken catmap functions netlabel: fix a problem when setting bits below the previously lowest bit PKCS#7: X.509 certificate issuer and subject are mandatory fields in the ASN.1 tpm: simplify code by using %*phN specifier tpm: Provide a generic means to override the chip returned timeouts tpm: missing tpm_chip_put in tpm_get_random() tpm: Properly clean sysfs entries in error path tpm: Add missing tpm_do_selftest to ST33 I2C driver PKCS#7: Use x509_request_asymmetric_key() Revert "selinux: fix the default socket labeling in sock_graft()" X.509: x509_request_asymmetric_keys() doesn't need string length arguments PKCS#7: fix sparse non static symbol warning KEYS: revert encrypted key change ima: add support for measuring and appraising firmware firmware_class: perform new LSM checks security: introduce kernel_fw_from_file hook PKCS#7: Missing inclusion of linux/err.h ... 2014-08-06T00:46:42Z Linus Torvalds torvalds@linux-foundation.org 2014-08-06T00:46:42Z urn:sha1:e7fda6c4c3c1a7d6996dd75fd84670fa0b5d448f Pull timer and time updates from Thomas Gleixner: "A rather large update of timers, timekeeping & co - Core timekeeping code is year-2038 safe now for 32bit machines. Now we just need to fix all in kernel users and the gazillion of user space interfaces which rely on timespec/timeval :) - Better cache layout for the timekeeping internal data structures. - Proper nanosecond based interfaces for in kernel users. - Tree wide cleanup of code which wants nanoseconds but does hoops and loops to convert back and forth from timespecs. Some of it definitely belongs into the ugly code museum. - Consolidation of the timekeeping interface zoo. - A fast NMI safe accessor to clock monotonic for tracing. This is a long standing request to support correlated user/kernel space traces. With proper NTP frequency correction it's also suitable for correlation of traces accross separate machines. - Checkpoint/restart support for timerfd. - A few NOHZ[_FULL] improvements in the [hr]timer code. - Code move from kernel to kernel/time of all time* related code. - New clocksource/event drivers from the ARM universe. I'm really impressed that despite an architected timer in the newer chips SoC manufacturers insist on inventing new and differently broken SoC specific timers. [ Ed. "Impressed"? I don't think that word means what you think it means ] - Another round of code move from arch to drivers. Looks like most of the legacy mess in ARM regarding timers is sorted out except for a few obnoxious strongholds. - The usual updates and fixlets all over the place" * 'timers-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (114 commits) timekeeping: Fixup typo in update_vsyscall_old definition clocksource: document some basic timekeeping concepts timekeeping: Use cached ntp_tick_length when accumulating error timekeeping: Rework frequency adjustments to work better w/ nohz timekeeping: Minor fixup for timespec64->timespec assignment ftrace: Provide trace clocks monotonic timekeeping: Provide fast and NMI safe access to CLOCK_MONOTONIC seqcount: Add raw_write_seqcount_latch() seqcount: Provide raw_read_seqcount() timekeeping: Use tk_read_base as argument for timekeeping_get_ns() timekeeping: Create struct tk_read_base and use it in struct timekeeper timekeeping: Restructure the timekeeper some more clocksource: Get rid of cycle_last clocksource: Move cycle_last validation to core code clocksource: Make delta calculation a function wireless: ath9k: Get rid of timespec conversions drm: vmwgfx: Use nsec based interfaces drm: i915: Use nsec based interfaces timekeeping: Provide ktime_get_raw() hangcheck-timer: Use ktime_get_ns() ... 2014-08-04T23:23:30Z Linus Torvalds torvalds@linux-foundation.org 2014-08-04T23:23:30Z urn:sha1:98959948a7ba33cf8c708626e0d2a1456397e1c6 Pull scheduler updates from Ingo Molnar: - Move the nohz kick code out of the scheduler tick to a dedicated IPI, from Frederic Weisbecker. This necessiated quite some background infrastructure rework, including: * Clean up some irq-work internals * Implement remote irq-work * Implement nohz kick on top of remote irq-work * Move full dynticks timer enqueue notification to new kick * Move multi-task notification to new kick * Remove unecessary barriers on multi-task notification - Remove proliferation of wait_on_bit() action functions and allow wait_on_bit_action() functions to support a timeout. (Neil Brown) - Another round of sched/numa improvements, cleanups and fixes. (Rik van Riel) - Implement fast idling of CPUs when the system is partially loaded, for better scalability. (Tim Chen) - Restructure and fix the CPU hotplug handling code that may leave cfs_rq and rt_rq's throttled when tasks are migrated away from a dead cpu. (Kirill Tkhai) - Robustify the sched topology setup code. (Peterz Zijlstra) - Improve sched_feat() handling wrt. static_keys (Jason Baron) - Misc fixes. * 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (37 commits) sched/fair: Fix 'make xmldocs' warning caused by missing description sched: Use macro for magic number of -1 for setparam sched: Robustify topology setup sched: Fix sched_setparam() policy == -1 logic sched: Allow wait_on_bit_action() functions to support a timeout sched: Remove proliferation of wait_on_bit() action functions sched/numa: Revert "Use effective_load() to balance NUMA loads" sched: Fix static_key race with sched_feat() sched: Remove extra static_key*() function indirection sched/rt: Fix replenish_dl_entity() comments to match the current upstream code sched: Transform resched_task() into resched_curr() sched/deadline: Kill task_struct->pi_top_task sched: Rework check_for_tasks() sched/rt: Enqueue just unthrottled rt_rq back on the stack in __disable_runtime() sched/fair: Disable runtime_enabled on dying rq sched/numa: Change scan period code to match intent sched/numa: Rework best node setting in task_numa_migrate() sched/numa: Examine a task move when examining a task swap sched/numa: Simplify task_numa_compare() sched/numa: Use effective_load() to balance NUMA loads ... 2014-08-02T12:58:02Z James Morris james.l.morris@oracle.com 2014-08-02T12:58:02Z urn:sha1:103ae675b12dee75ec099abf3d22857d1384b3bc 2014-08-01T15:17:37Z Paul Moore pmoore@redhat.com 2014-08-01T15:17:37Z urn:sha1:4fbe63d1c773cceef3fe1f6ed0c9c268f4f24760 Historically the NetLabel LSM secattr catmap functions and data structures have had very long names which makes a mess of the NetLabel code and anyone who uses NetLabel. This patch renames the catmap functions and structures from "*_secattr_catmap_*" to just "*_catmap_*" which improves things greatly. There are no substantial code or logic changes in this patch. Signed-off-by: Paul Moore <pmoore@redhat.com> Tested-by: Casey Schaufler <casey@schaufler-ca.com> 2014-08-01T15:17:17Z Paul Moore pmoore@redhat.com 2014-08-01T15:17:17Z urn:sha1:4b8feff251da3d7058b5779e21b33a85c686b974 The NetLabel secattr catmap functions, and the SELinux import/export glue routines, were broken in many horrible ways and the SELinux glue code fiddled with the NetLabel catmap structures in ways that we probably shouldn't allow. At some point this "worked", but that was likely due to a bit of dumb luck and sub-par testing (both inflicted by yours truly). This patch corrects these problems by basically gutting the code in favor of something less obtuse and restoring the NetLabel abstractions in the SELinux catmap glue code. Everything is working now, and if it decides to break itself in the future this code will be much easier to debug than the code it replaces. One noteworthy side effect of the changes is that it is no longer necessary to allocate a NetLabel catmap before calling one of the NetLabel APIs to set a bit in the catmap. NetLabel will automatically allocate the catmap nodes when needed, resulting in less allocations when the lowest bit is greater than 255 and less code in the LSMs. Cc: stable@vger.kernel.org Reported-by: Christian Evans <frodox@zoho.com> Signed-off-by: Paul Moore <pmoore@redhat.com> Tested-by: Casey Schaufler <casey@schaufler-ca.com>