summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2011-04-04capabilites: allow the application of capability limits to usermode helpersEric Paris
There is no way to limit the capabilities of usermodehelpers. This problem reared its head recently when someone complained that any user with cap_net_admin was able to load arbitrary kernel modules, even though the user didn't have cap_sys_module. The reason is because the actual load is done by a usermode helper and those always have the full cap set. This patch addes new sysctls which allow us to bound the permissions of usermode helpers. /proc/sys/kernel/usermodehelper/bset /proc/sys/kernel/usermodehelper/inheritable You must have CAP_SYS_MODULE and CAP_SETPCAP to change these (changes are &= ONLY). When the kernel launches a usermodehelper it will do so with these as the bset and pI. -v2: make globals static create spinlock to protect globals -v3: require both CAP_SETPCAP and CAP_SYS_MODULE -v4: fix the typo s/CAP_SET_PCAP/CAP_SETPCAP/ because I didn't commit Signed-off-by: Eric Paris <eparis@redhat.com> No-objection-from: Serge E. Hallyn <serge.hallyn@canonical.com> Acked-by: David Howells <dhowells@redhat.com> Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com> Acked-by: Andrew G. Morgan <morgan@kernel.org> Signed-off-by: James Morris <jmorris@namei.org>
2011-03-31tomoyo: fix memory leak in tomoyo_commit_ok()Xiaochen Wang
When memory used for policy exceeds the quota, tomoyo_memory_ok() return false. In this case, tomoyo_commit_ok() must call kfree() before returning NULL. This bug exists since 2.6.35. Signed-off-by: Xiaochen Wang <wangxiaochen0@gmail.com> Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
2011-03-30Merge branch 'next-queue' into nextJames Morris
2011-03-30Merge branch 'master'; commit 'v2.6.39-rc1' into nextJames Morris
2011-03-29Linux 2.6.39-rc1v2.6.39-rc1Linus Torvalds
2011-03-29Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc: (26 commits) mmc: SDHI should depend on SUPERH || ARCH_SHMOBILE mmc: tmio_mmc: Move some defines into a shared header mmc: tmio: support aggressive clock gating mmc: tmio: fix power-mode interpretation mmc: tmio: remove work-around for unmasked SDIO interrupts sh: fix SDHI IO address-range ARM: mach-shmobile: fix SDHI IO address-range mmc: tmio: only access registers above 0xff, if available mfd: remove now redundant sh_mobile_sdhi.h header sh: convert boards to use linux/mmc/sh_mobile_sdhi.h ARM: mach-shmobile: convert boards to use linux/mmc/sh_mobile_sdhi.h mmc: tmio: convert the SDHI MMC driver from MFD to a platform driver sh: ecovec: use the CONFIG_MMC_TMIO symbols instead of MFD mmc: tmio: split core functionality, DMA and MFD glue mmc: tmio: use PIO for short transfers mmc: tmio-mmc: Improve DMA stability on sh-mobile mmc: fix mmc_app_send_scr() for dma transfer mmc: sdhci-esdhc: enable esdhc on imx53 mmc: sdhci-esdhc: use writel/readl as general APIs mmc: sdhci: add the abort CMDTYPE bits definition ...
2011-03-29Merge branch 'frv' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-2.6-frv * 'frv' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-2.6-frv: FRV: Use generic show_interrupts() FRV: Convert genirq namespace frv: Select GENERIC_HARDIRQS_NO_DEPRECATED frv: Convert cpu irq_chip to new functions frv: Convert mb93493 irq_chip to new functions frv: Convert mb93093 irq_chip to new function frv: Convert mb93091 irq_chip to new functions frv: Fix typo from __do_IRQ overhaul frv: Remove stale irq_chip.end FRV: Do some cleanups FRV: Missing node arg in alloc_thread_info_node() macro NOMMU: implement access_remote_vm NOMMU: support SMP dynamic percpu_alloc NOMMU: percpu should use is_vmalloc_addr().
2011-03-29Merge branch 'stable/bug-fixes-rc1' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen * 'stable/bug-fixes-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen: xen: Use new irq_move functions xen: Convert genirq namespace xen: fix p2m section mismatches xen/p2m: Allocate p2m tracking pages on override xen-gntdev: unlock on error path in gntdev_mmap() xen-gntdev: return -EFAULT on copy_to_user failure
2011-03-29Merge git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdogLinus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog: watchdog: softdog.c: enhancement to optionally invoke panic instead of reboot on timer expiry watchdog: fix nv_tco section mismatch watchdog: sp5100_tco.c: Check if firmware has set correct value in tcobase. watchdog: Convert release_resource to release_region/release_mem_region watchdog: s3c2410_wdt.c: Convert release_resource to release_region/release_mem_region
2011-03-29Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bpLinus Torvalds
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp: amd64_edac: Fix potential memleak
2011-03-29Merge branch 'irq-final-for-linus-v2' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'irq-final-for-linus-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: (111 commits) gpio: ab8500: Mark broken genirq: Remove move_*irq leftovers genirq: Remove compat code drivers: Final irq namespace conversion mn10300: Use generic show_interrupts() mn10300: Cleanup irq_desc access mn10300: Convert genirq namespace frv: Use generic show_interrupts() frv: Convert genirq namespace frv: Select GENERIC_HARDIRQS_NO_DEPRECATED frv: Convert cpu irq_chip to new functions frv: Convert mb93493 irq_chip to new functions frv: Convert mb93093 irq_chip to new function frv: Convert mb93091 irq_chip to new functions frv: Fix typo from __do_IRQ overhaul frv: Remove stale irq_chip.end m68k: Convert irq function namespace xen: Use new irq_move functions xen: Cleanup genirq namespace unicore32: Use generic show_interrupts() ...
2011-03-29char/tpm: Fix unitialized usage of data bufferPeter Huewe
This patch fixes information leakage to the userspace by initializing the data buffer to zero. Reported-by: Peter Huewe <huewe.external@infineon.com> Signed-off-by: Peter Huewe <huewe.external@infineon.com> Signed-off-by: Marcel Selhorst <m.selhorst@sirrix.com> [ Also removed the silly "* sizeof(u8)". If that isn't 1, we have way deeper problems than a simple multiplication can fix. - Linus ] Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-03-29amd64_edac: Fix potential memleakBorislav Petkov
We check the pointers together but at least one of them could be invalid due to failed allocation. Since we cannot continue if either of the two allocations has failed, exit early by freeing them both. Cc: <stable@kernel.org> # 38.x Reported-by: Mauro Carvalho Chehab <mchehab@redhat.com> Signed-off-by: Borislav Petkov <borislav.petkov@amd.com>
2011-03-29fs: don't use igrab() while holding i_lockDave Chinner
Fix the incorrect use of igrab() inside the i_lock in NFS and Ceph‥ If we are already holding the i_lock, we have a reference to the inode so we can safely use ihold() to gain an extra reference. This avoids hangs due to lock recursion on the i_lock now that the inode_lock is gone and igrab() uses the i_lock itself. Signed-off-by: Dave Chinner <dchinner@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: linux-fsdevel@vger.kernel.org Cc: Ryan Mallon <ryan@bluewatersys.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-03-29Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (30 commits) xfrm: Restrict extended sequence numbers to esp xfrm: Check for esn buffer len in xfrm_new_ae xfrm: Assign esn pointers when cloning a state xfrm: Move the test on replay window size into the replay check functions netdev: bfin_mac: document TE setting in RMII modes drivers net: Fix declaration ordering in inline functions. cxgb3: Apply interrupt coalescing settings to all queues net: Always allocate at least 16 skb frags regardless of page size ipv4: Don't ip_rt_put() an error pointer in RAW sockets. net: fix ethtool->set_flags not intended -EINVAL return value mlx4_en: Fix loss of promiscuity tg3: Fix inline keyword usage tg3: use <linux/io.h> and <linux/uaccess.h> instead <asm/io.h> and <asm/uaccess.h> net: use CHECKSUM_NONE instead of magic number Net / jme: Do not use legacy PCI power management myri10ge: small rx_done refactoring bridge: notify applications if address of bridge device changes ipv4: Fix IP timestamp option (IPOPT_TS_PRESPEC) handling in ip_options_echo() can: c_can: Fix tx_bytes accounting can: c_can_platform: fix irq check in probe ...
2011-03-29xen: Use new irq_move functionsThomas Gleixner
These functions take irq_data as an argument and avoid a redundant lookup in the sparse irq case. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: Ian Campbell <ian.campbell@citrix.com> Cc: Jeremy Fitzhardinge <jeremy@goop.org> Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2011-03-29xen: Convert genirq namespaceThomas Gleixner
Converted with coccinelle. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Acked-by: Ian Campbell <ian.campbell@citrix.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2011-03-29xen: fix p2m section mismatchesRandy Dunlap
Fix section mismatch warnings: set_phys_range_identity() is called by __init xen_set_identity(), so also mark set_phys_range_identity() as __init. then: __early_alloc_p2m() is called set_phys_range_identity(), so also mark __early_alloc_p2m() as __init. WARNING: arch/x86/built-in.o(.text+0x7856): Section mismatch in reference from the function __early_alloc_p2m() to the function .init.text:extend_brk() The function __early_alloc_p2m() references the function __init extend_brk(). This is often because __early_alloc_p2m lacks a __init annotation or the annotation of extend_brk is wrong. WARNING: arch/x86/built-in.o(.text+0x7967): Section mismatch in reference from the function set_phys_range_identity() to the function .init.text:extend_brk() The function set_phys_range_identity() references the function __init extend_brk(). This is often because set_phys_range_identity lacks a __init annotation or the annotation of extend_brk is wrong. [v2: Per Stephen Hemming recommonedation made __early_alloc_p2m static] Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2011-03-29FRV: Use generic show_interrupts()Thomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: David Howells <dhowells@redhat.com>
2011-03-29FRV: Convert genirq namespaceThomas Gleixner
Convert to new function names. Converted with coccinelle. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: David Howells <dhowells@redhat.com>
2011-03-29frv: Select GENERIC_HARDIRQS_NO_DEPRECATEDThomas Gleixner
All chips converted Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: David Howells <dhowells@redhat.com>
2011-03-29frv: Convert cpu irq_chip to new functionsThomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: David Howells <dhowells@redhat.com>
2011-03-29frv: Convert mb93493 irq_chip to new functionsThomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: David Howells <dhowells@redhat.com>
2011-03-29frv: Convert mb93093 irq_chip to new functionThomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: David Howells <dhowells@redhat.com>
2011-03-29frv: Convert mb93091 irq_chip to new functionsThomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: David Howells <dhowells@redhat.com>
2011-03-29frv: Fix typo from __do_IRQ overhaulThomas Gleixner
Compiles way better. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: David Howells <dhowells@redhat.com>
2011-03-29frv: Remove stale irq_chip.endThomas Gleixner
irq_chip.end got obsolete with the removal of __do_IRQ(). irq-mb93093.c even lacks an implementation, but nobody noticed that it's broken since commit 88d6e1 in 2006. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: David Howells <dhowells@redhat.com>
2011-03-29FRV: Do some cleanupsAmerigo Wang
1. frv doesn't support SMP, remove the useless SMP bits. 2. frv has its own alloc_task_struct, so define __HAVE_ARCH_TASK_STRUCT_ALLOCATOR (I am not sure if frv should use generic alloc_task_struct().) Signed-off-by: WANG Cong <amwang@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com>
2011-03-29FRV: Missing node arg in alloc_thread_info_node() macroDavid Howells
There are two alloc_thread_info_node() macros defined (one for debugging and one for normal). The commit that changed them most recently: commit b6a84016bd2598e35ead635147fa53619982648d Author: Eric Dumazet <eric.dumazet@gmail.com> Date: Tue Mar 22 16:30:42 2011 -0700 Subject: mm: NUMA aware alloc_thread_info_node() didn't add the node argument into the macro argument list for the normal macro. This results in the following error: kernel/fork.c:267:39: error: macro "alloc_thread_info_node" passed 2 arguments, but takes just 1 kernel/fork.c: In function 'dup_task_struct': kernel/fork.c:267: error: 'alloc_thread_info_node' undeclared (first use in this function) kernel/fork.c:267: error: (Each undeclared identifier is reported only once kernel/fork.c:267: error: for each function it appears in.) Signed-off-by: David Howells <dhowells@redhat.com>
2011-03-29NOMMU: implement access_remote_vmMike Frysinger
Recent vm changes brought in a new function which the core procfs code utilizes. So implement it for nommu systems too to avoid link failures. Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Simon Horman <horms@verge.net.au> Tested-by: Ithamar Adema <ithamar.adema@team-embedded.nl> Acked-by: Greg Ungerer <gerg@uclinux.org>
2011-03-29gpio: ab8500: Mark brokenThomas Gleixner
This driver is broken in several aspects. 1) old style irq_chip functions. Sigh 2) Abuse of the unlock callback. That's not supposed to be a state machine for evrything and some more. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29genirq: Remove move_*irq leftoversThomas Gleixner
All users converted to new interface. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29genirq: Remove compat codeThomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29drivers: Final irq namespace conversionThomas Gleixner
Scripted with coccinelle. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29mn10300: Use generic show_interrupts()Thomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29mn10300: Cleanup irq_desc accessThomas Gleixner
The migration needs only access to irq_data. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29mn10300: Convert genirq namespaceThomas Gleixner
Convert to new function names. Converted with coccinelle. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29frv: Use generic show_interrupts()Thomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29frv: Convert genirq namespaceThomas Gleixner
Convert to new function names. Converted with coccinelle. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29frv: Select GENERIC_HARDIRQS_NO_DEPRECATEDThomas Gleixner
All chips converted Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: David Howells <dhowells@redhat.com> LKML-Reference: <20110206192106.601290592@linutronix.de> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29frv: Convert cpu irq_chip to new functionsThomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: David Howells <dhowells@redhat.com> LKML-Reference: <20110206192106.501651128@linutronix.de> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29frv: Convert mb93493 irq_chip to new functionsThomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: David Howells <dhowells@redhat.com> LKML-Reference: <20110206192106.401266547@linutronix.de> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29frv: Convert mb93093 irq_chip to new functionThomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: David Howells <dhowells@redhat.com> LKML-Reference: <20110206192106.300303769@linutronix.de> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29frv: Convert mb93091 irq_chip to new functionsThomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: David Howells <dhowells@redhat.com> LKML-Reference: <20110206192106.203431646@linutronix.de> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29frv: Fix typo from __do_IRQ overhaulThomas Gleixner
Compiles way better. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: David Howells <dhowells@redhat.com> LKML-Reference: <20110206192106.109992056@linutronix.de> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29frv: Remove stale irq_chip.endThomas Gleixner
irq_chip.end got obsolete with the removal of __do_IRQ(). irq-mb93093.c even lacks an implementation, but nobody noticed that it's broken since commit 88d6e1 in 2006. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: David Howells <dhowells@redhat.com> LKML-Reference: <20110206192106.011224503@linutronix.de> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29m68k: Convert irq function namespaceThomas Gleixner
Scripted with coccinelle. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29xen: Use new irq_move functionsThomas Gleixner
These functions take irq_data as an argument and avoid a redundant lookup in the sparse irq case. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: Ian Campbell <ian.campbell@citrix.com> Cc: Jeremy Fitzhardinge <jeremy@goop.org> Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
2011-03-29xen: Cleanup genirq namespaceThomas Gleixner
Converted with coccinelle. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2011-03-29unicore32: Use generic show_interrupts()Thomas Gleixner
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>