Commit Graph

39480 Commits

Author SHA1 Message Date
Patrick McHardy
b974179abe [RTNETLINK]: Fix use of wrong skb in do_getlink()
skb is the netlink query, nskb is the reply message.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-12 01:50:30 -07:00
Patrick McHardy
52c41a3224 [DECNET]: Fix sfuzz hanging on 2.6.18
Dave Jones wrote:
> sfuzz         D 724EF62A  2828 28717  28691                     (NOTLB)
>        cd69fe98 00000082 0000012d 724ef62a 0001971a 00000010 00000007 df6d22b0 
>        dfd81080 725bbc5e 0001971a 000cc634 00000001 df6d23bc c140e260 00000202 
>        de1d5ba0 cd69fea0 de1d5ba0 00000000 00000000 de1d5b60 de1d5b8c de1d5ba0 
> Call Trace:
>  [<c05b1708>] lock_sock+0x75/0xa6
>  [<e0b0b604>] dn_getname+0x18/0x5f [decnet]
>  [<c05b083b>] sys_getsockname+0x5c/0xb0
>  [<c05b0b46>] sys_socketcall+0xef/0x261
>  [<c0403f97>] syscall_call+0x7/0xb
> DWARF2 unwinder stuck at syscall_call+0x7/0xb
> 
> I wonder if the plethora of lockdep related changes inadvertantly broke something?

Looks like unbalanced locking.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-12 01:48:20 -07:00
David S. Miller
8238b218ec [NET]: Do not memcmp() over pad bytes of struct flowi.
They are not necessarily initialized to zero by the compiler,
for example when using run-time initializers of automatic
on-stack variables.

Noticed by Eric Dumazet and Patrick McHardy.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-12 00:49:15 -07:00
YOSHIFUJI Hideaki
42b6785eeb [NET]: Introduce protocol-specific destructor for time-wait sockets.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-12 00:00:00 -07:00
YOSHIFUJI Hideaki
9469c7b4aa [NET]: Use typesafe inet_twsk() inline function instead of cast.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-11 23:59:58 -07:00
YOSHIFUJI Hideaki
496c98dff8 [NET]: Use hton{l,s}() for non-initializers.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-11 23:59:56 -07:00
YOSHIFUJI Hideaki
4244f8a9f8 [TCP]: Use TCPOLEN_TSTAMP_ALIGNED macro instead of magic number.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-11 23:59:54 -07:00
Joerg Roedel
0be669bb37 [IPV6]: Seperate sit driver to extra module (addrconf.c changes)
This patch contains the changes to net/ipv6/addrconf.c to remove sit
specific code if the sit driver is not selected.

Signed-off-by: Joerg Roedel <joro-lkml@zlug.org>
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-11 23:59:52 -07:00
Joerg Roedel
989e5b96e1 [IPV6]: Seperate sit driver to extra module
This patch removes the driver of the IPv6-in-IPv4 tunnel driver (sit)
from the IPv6 module. It adds an option to Kconfig which makes it
possible to compile it as a seperate module.

Signed-off-by: Joerg Roedel <joro-lkml@zlug.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-11 23:59:50 -07:00
Miklos Szeredi
effee6a000 [NET]: File descriptor loss while receiving SCM_RIGHTS
If more than one file descriptor was sent with an SCM_RIGHTS message,
and on the receiving end, after installing a nonzero (but not all)
file descritpors the process runs out of fds, then the already
installed fds will be lost (userspace will have no way of knowing
about them).

The following patch makes sure, that at least the already installed
fds are sent to userspace.  It doesn't solve the issue of losing file
descriptors in case of an EFAULT on the userspace buffer.

Signed-off-by: Miklos Szeredi <miklos@szeredi.hu>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-11 23:59:48 -07:00
Vlad Yasevich
6aa2551cf1 [SCTP]: Fix the RX queue size shown in /proc/net/sctp/assocs output.
Show the true receive buffer usage.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-11 23:59:46 -07:00
Vlad Yasevich
331c4ee7fa [SCTP]: Fix receive buffer accounting.
When doing receiver buffer accounting, we always used skb->truesize.
This is problematic when processing bundled DATA chunks because for
every DATA chunk that could be small part of one large skb, we would
charge the size of the entire skb.  The new approach is to store the
size of the DATA chunk we are accounting for in the sctp_ulpevent
structure and use that stored value for accounting.

Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-10-11 23:59:44 -07:00
Chad Sellers
6e8c751e07 SELinux: Bug fix in polidydb_destroy
This patch fixes two bugs in policydb_destroy. Two list pointers
(policydb.ocontexts[i] and policydb.genfs) were not being reset to NULL when
the lists they pointed to were being freed. This caused a problem when the
initial policy load failed, as the policydb being destroyed was not a
temporary new policydb that was thrown away, but rather was the global
(active) policydb. Consequently, later functions, particularly
sys_bind->selinux_socket_bind->security_node_sid and
do_rw_proc->selinux_sysctl->selinux_proc_get_sid->security_genfs_sid tried
to dereference memory that had previously been freed.

Signed-off-by: Chad Sellers <csellers@tresys.com>
Signed-off-by: James Morris <jmorris@namei.org>
2006-10-11 23:59:41 -07:00
Venkat Yekkirala
3bccfbc7a7 IPsec: fix handling of errors for socket policies
This treats the security errors encountered in the case of
socket policy matching, the same as how these are treated in
the case of main/sub policies, which is to return a full lookup
failure.

Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Signed-off-by: James Morris <jmorris@namei.org>
2006-10-11 23:59:39 -07:00
Venkat Yekkirala
5b368e61c2 IPsec: correct semantics for SELinux policy matching
Currently when an IPSec policy rule doesn't specify a security
context, it is assumed to be "unlabeled" by SELinux, and so
the IPSec policy rule fails to match to a flow that it would
otherwise match to, unless one has explicitly added an SELinux
policy rule allowing the flow to "polmatch" to the "unlabeled"
IPSec policy rules. In the absence of such an explicitly added
SELinux policy rule, the IPSec policy rule fails to match and
so the packet(s) flow in clear text without the otherwise applicable
xfrm(s) applied.

The above SELinux behavior violates the SELinux security notion of
"deny by default" which should actually translate to "encrypt by
default" in the above case.

This was first reported by Evgeniy Polyakov and the way James Morris
was seeing the problem was when connecting via IPsec to a
confined service on an SELinux box (vsftpd), which did not have the
appropriate SELinux policy permissions to send packets via IPsec.

With this patch applied, SELinux "polmatching" of flows Vs. IPSec
policy rules will only come into play when there's a explicit context
specified for the IPSec policy rule (which also means there's corresponding
SELinux policy allowing appropriate domains/flows to polmatch to this context).

Secondly, when a security module is loaded (in this case, SELinux), the
security_xfrm_policy_lookup() hook can return errors other than access denied,
such as -EINVAL.  We were not handling that correctly, and in fact
inverting the return logic and propagating a false "ok" back up to
xfrm_lookup(), which then allowed packets to pass as if they were not
associated with an xfrm policy.

The solution for this is to first ensure that errno values are
correctly propagated all the way back up through the various call chains
from security_xfrm_policy_lookup(), and handled correctly.

Then, flow_cache_lookup() is modified, so that if the policy resolver
fails (typically a permission denied via the security module), the flow
cache entry is killed rather than having a null policy assigned (which
indicates that the packet can pass freely).  This also forces any future
lookups for the same flow to consult the security module (e.g. SELinux)
for current security policy (rather than, say, caching the error on the
flow cache entry).

This patch: Fix the selinux side of things.

This makes sure SELinux polmatching of flow contexts to IPSec policy
rules comes into play only when an explicit context is associated
with the IPSec policy rule.

Also, this no longer defaults the context of a socket policy to
the context of the socket since the "no explicit context" case
is now handled properly.

Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Signed-off-by: James Morris <jmorris@namei.org>
2006-10-11 23:59:37 -07:00
James Morris
134b0fc544 IPsec: propagate security module errors up from flow_cache_lookup
When a security module is loaded (in this case, SELinux), the
security_xfrm_policy_lookup() hook can return an access denied permission
(or other error).  We were not handling that correctly, and in fact
inverting the return logic and propagating a false "ok" back up to
xfrm_lookup(), which then allowed packets to pass as if they were not
associated with an xfrm policy.

The way I was seeing the problem was when connecting via IPsec to a
confined service on an SELinux box (vsftpd), which did not have the
appropriate SELinux policy permissions to send packets via IPsec.

The first SYNACK would be blocked, because of an uncached lookup via
flow_cache_lookup(), which would fail to resolve an xfrm policy because
the SELinux policy is checked at that point via the resolver.

However, retransmitted SYNACKs would then find a cached flow entry when
calling into flow_cache_lookup() with a null xfrm policy, which is
interpreted by xfrm_lookup() as the packet not having any associated
policy and similarly to the first case, allowing it to pass without
transformation.

The solution presented here is to first ensure that errno values are
correctly propagated all the way back up through the various call chains
from security_xfrm_policy_lookup(), and handled correctly.

Then, flow_cache_lookup() is modified, so that if the policy resolver
fails (typically a permission denied via the security module), the flow
cache entry is killed rather than having a null policy assigned (which
indicates that the packet can pass freely).  This also forces any future
lookups for the same flow to consult the security module (e.g. SELinux)
for current security policy (rather than, say, caching the error on the
flow cache entry).

Signed-off-by: James Morris <jmorris@namei.org>
2006-10-11 23:59:34 -07:00
paul.moore@hp.com
388b24057f NetLabel: use SECINITSID_UNLABELED for a base SID
This patch changes NetLabel to use SECINITSID_UNLABLELED as it's source of
SELinux type information when generating a NetLabel context.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
2006-10-11 23:59:32 -07:00
paul.moore@hp.com
ffb733c650 NetLabel: fix a cache race condition
Testing revealed a problem with the NetLabel cache where a cached entry could
be freed while in use by the LSM layer causing an oops and other problems.
This patch fixes that problem by introducing a reference counter to the cache
entry so that it is only freed when it is no longer in use.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
2006-10-11 23:59:29 -07:00
Linus Torvalds
c25d518044 Merge branch 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
  [MIPS] Pass NULL not 0 for pointer value.
  [MIPS] IP27: Make declaration of setup_replication_mask a proper prototype.
  [MIPS] BigSur: More useful defconfig.
  [MIPS] Cleanup definitions of speed_t and tcflag_t.
  [MIPS] Fix compilation warnings in arch/mips/sibyte/bcm1480/smp.c
  [MIPS] Optimize and cleanup get_saved_sp, set_saved_sp
  [MIPS] <asm/irq.h> does not need pt_regs anymore.
  [MIPS] Workaround for bug in gcc -EB / -EL options.
  [MIPS] Fix timer setup for Jazz
2006-10-11 15:30:14 -07:00
Ralf Baechle
9a244b95dd [MIPS] Pass NULL not 0 for pointer value.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2006-10-11 19:31:00 +01:00
Ralf Baechle
c11b3c1bc0 [MIPS] IP27: Make declaration of setup_replication_mask a proper prototype.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2006-10-11 19:31:00 +01:00
Ralf Baechle
67672f5b1f [MIPS] BigSur: More useful defconfig.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2006-10-11 19:30:59 +01:00
Ralf Baechle
04d4d7d5e3 [MIPS] Cleanup definitions of speed_t and tcflag_t.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2006-10-11 19:30:59 +01:00
Mark Mason
472f291df5 [MIPS] Fix compilation warnings in arch/mips/sibyte/bcm1480/smp.c
Signed-off-by: Mark Mason <mason@broadcom.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2006-10-11 19:30:59 +01:00
Atsushi Nemoto
9b95e629ea [MIPS] Optimize and cleanup get_saved_sp, set_saved_sp
If CONFIG_BUILD_ELF64 was not selected and gcc had -msym32 option
(i.e. 4.0 or newer), there is no point to use %highest, %higher for
kernel symbols.

This patch also fixes 64-bit SMTC version of get_saved_sp() which is
broken but harmless since there is no such CPUs for now.

A bonus is set_saved_sp() and SMP version of get_saved_sp() are more
readable now.

Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2006-10-11 19:30:59 +01:00
Atsushi Nemoto
dff9262ed1 [MIPS] <asm/irq.h> does not need pt_regs anymore.
Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2006-10-11 19:30:59 +01:00
Ralf Baechle
f94054121e [MIPS] Workaround for bug in gcc -EB / -EL options.
Certain gcc versions upto gcc 4.1.1 (probably 4.2-subversion as of
2006-10-10 don't properly change the the predefined symbols if -EB / -EL
are used, so we kludge that here.  A bug has been filed at
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29413.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2006-10-11 19:30:59 +01:00
Yoichi Yuasa
ea5742830a [MIPS] Fix timer setup for Jazz
Signed-off-by: Yoichi Yuasa <yoichi_yuasa@tripeaks.co.jp>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2006-10-11 19:30:58 +01:00
Linus Torvalds
0ca9caae2d Merge branch 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6
* 'for-linus' of git://git390.osdl.marist.edu/pub/scm/linux-2.6:
  [S390] stacktrace bug.
  [S390] cio: remove casts from/to (void *).
  [S390] cio: Remove grace period for vary off chpid.
  [S390] cio: Use ccw_dev_id and subchannel_id in ccw_device_private
  [S390] monwriter kzalloc size.
  [S390] cio: add missing KERN_INFO printk header.
  [S390] irq change improvements.
2006-10-11 11:20:11 -07:00
Linus Torvalds
6bf1f75bc6 Merge branch 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/libata-dev
* 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/libata-dev:
  [PATCH] pata-qdi: fix le32 in data_xfer
  [libata] sata_promise: add PCI ID
  [PATCH] libata: return sense data in HDIO_DRIVE_CMD ioctl
  [PATCH] libata: Don't believe bogus claims in the older PIO mode register
2006-10-11 11:19:47 -07:00
Linus Torvalds
60ca97584f Merge branch 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/netdev-2.6
* 'upstream-linus' of master.kernel.org:/pub/scm/linux/kernel/git/jgarzik/netdev-2.6: (42 commits)
  [PATCH] Fix section mismatch in de2104x.c
  [PATCH] sky2: set lower pause threshold to prevent overrun
  [PATCH] sky2: revert pci express extensions
  [PATCH] skge: version 1.9
  [PATCH] skge: better flow control negotiation
  [PATCH] skge: pause mapping for fiber
  [PATCH] skge: fix stuck irq when fiber down
  [PATCH] powerpc/cell spidernet release all descrs
  [PATCH] powerpc/cell spidernet DMA direction fix
  [PATCH] powerpc/cell spidernet variable name change
  [PATCH] powerpc/cell spidernet reduce DMA kicking
  [PATCH] powerpc/cell spidernet
  [PATCH] powerpc/cell spidernet refine locking
  [PATCH] powerpc/cell spidernet NAPI polling info.
  [PATCH] powerpc/cell spidernet low watermark patch.
  [PATCH] powerpc/cell spidernet incorrect offset
  [PATCH] powerpc/cell spidernet stop error printing patch.
  [PATCH] powerpc/cell spidernet fix error interrupt print
  [PATCH] powerpc/cell spidernet bogus rx interrupt bit
  [PATCH] Spidernet stop queue when queue is full.
  ...
2006-10-11 11:19:30 -07:00
Al Viro
f061c5847b [PATCH] i2Output always takes kernel data now
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:07 -07:00
Al Viro
cff52daffa [PATCH] alpha_ksyms.c cleanup
taken exports to actual definitions of symbols being exported.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:07 -07:00
Al Viro
9ab6a45394 [PATCH] remove bogus arch-specific syscall exports
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:07 -07:00
Al Viro
f39d88adc5 [PATCH] z2_init() in non-modular case
... another victim - this time of 2.5.1-pre2

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:07 -07:00
Al Viro
2db5f59ca7 [PATCH] amiga_floppy_init() in non-modular case
It used to be called directly, but that got lost in 2.1.87-pre1.
Similar breakage in ataflop got fixed 3 years ago, this one
had gone unnoticed.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:07 -07:00
Al Viro
2e811488ce [PATCH] clean m68k ksyms
sun3_ksyms gone, m68k_ksyms trimmed down to exports of the assembler ones,
for sun3 added the missing exports of __ioremap() and iounmap().

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:06 -07:00
Al Viro
437111ca38 [PATCH] sun3 __iomem annotations
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:06 -07:00
Al Viro
1e5c374d38 [PATCH] misc m68k __user annotations
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:06 -07:00
Al Viro
b971018bae [PATCH] m68k uaccess __user annotations
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:06 -07:00
Al Viro
4b4fcaa1a9 [PATCH] misuse of strstr
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:06 -07:00
Al Viro
fd2c903b89 [PATCH] m32r: more __user annotations
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:06 -07:00
Al Viro
12ea59e810 [PATCH] m32r: NULL noise removal
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:06 -07:00
Al Viro
870e75a293 [PATCH] m32r: signal __user annotations
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:06 -07:00
Al Viro
7857a7f59d [PATCH] m32r: C99 initializers in setup.c
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:06 -07:00
Al Viro
399ad77b90 [PATCH] arm-versatile iomem annotations
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:06 -07:00
Al Viro
fc048b5b0f [PATCH] arm: use unsigned long instead of unsigned int in get_user()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:05 -07:00
Al Viro
35d59fc5d6 [PATCH] arm __user annotations
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:17:05 -07:00
Alexey Dobriyan
5f6e3c8365 [PATCH] md: use BUILD_BUG_ON
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Acked-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:14:26 -07:00
Jeff Garzik
76fd020937 [PATCH] ISDN: several minor fixes
pcbit: kill 'may be used uninitialized' warning.  although the code does
eventually fill the 32 bits it cares about, the variable truly is
accessed uninitialized in each macro.  Easier to just clean it up now.

sc: fix a ton of obviously incorrect printk's (some with missing
arguments even)

Signed-off-by: Jeff Garzik <jeff@garzik.org>
Acked-by: Karsten Keil <kkeil@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-11 11:14:25 -07:00