The CRED patch incorrectly converted the SELinux send_sigiotask hook to
use the current task SID rather than the target task SID in its
permission check, yielding the wrong permission check. This fixes the
hook function. Detected by the ltp selinux testsuite and confirmed to
correct the test failure.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
By using the same test as is used for /proc/pid/maps and /proc/pid/smaps,
only allow processes that can ptrace() a given process to see information
that might be used to bypass address space layout randomization (ASLR).
These include eip, esp, wchan, and start_stack in /proc/pid/stat as well
as the non-symbolic output from /proc/pid/wchan.
ASLR can be bypassed by sampling eip as shown by the proof-of-concept
code at http://code.google.com/p/fuzzyaslr/ As part of a presentation
(http://www.cr0.org/paper/to-jt-linux-alsr-leak.pdf) esp and wchan were
also noted as possibly usable information leaks as well. The
start_stack address also leaks potentially useful information.
Cc: Stable Team <stable@kernel.org>
Signed-off-by: Jake Edge <jake@lwn.net>
Acked-by: Arjan van de Ven <arjan@linux.intel.com>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Due to a semantic changes in flush_workqueue() the current approach of
synchronizing the sysfs handling for connections doesn't work anymore. The
whole approach is actually fully broken and based on assumptions that are
no longer valid.
With the introduction of Simple Pairing support, the creation of low-level
ACL links got changed. This change invalidates the reason why in the past
two independent work queues have been used for adding/removing sysfs
devices. The adding of the actual sysfs device is now postponed until the
host controller successfully assigns an unique handle to that link. So
the real synchronization happens inside the controller and not the host.
The only left-over problem is that some internals of the sysfs device
handling are not initialized ahead of time. This leaves potential access
to invalid data and can cause various NULL pointer dereferences. To fix
this a new function makes sure that all sysfs details are initialized
when an connection attempt is made. The actual sysfs device is only
registered when the connection has been successfully established. To
avoid a race condition with the registration, the check if a device is
registered has been moved into the removal work.
As an extra protection two flush_work() calls are left in place to
make sure a previous add/del work has been completed first.
Based on a report by Marc Pignat <marc.pignat@hevs.ch>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Tested-by: Justin P. Mattock <justinmattock@gmail.com>
Tested-by: Roger Quadros <ext-roger.quadros@nokia.com>
Tested-by: Marc Pignat <marc.pignat@hevs.ch>
This introduces a CDC Ethernet Emulation Model (EEM) host side
driver to support USB EEM devices.
EEM is different from the Ethernet Control Model (ECM) currently
supported by the "CDC Ethernet" driver. One key difference is
that it doesn't require of USB interface alternate settings to
manage interface state; some maldesigned hardware can't handle
that part of USB. It also avoids a separate USB interface for
control and status updates.
[ dbrownell@users.sourceforge.net: fix skb leaks, add rx packet
checks, improve fault handling, EEM conformance updates, cleanup ]
Signed-off-by: Omar Laazimani <omar.oberthur@gmail.com>
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Commit 7ad728f981
(cpumask: x86: convert cpu_sibling_map/cpu_core_map to cpumask_var_t)
changed the output of /proc/cpuinfo for siblings:
Example on an AMD Phenom:
physical id : 0
siblings : 1
core id : 3
cpu cores : 4
Before that commit it was:
physical id : 0
siblings : 4
core id : 3
cpu cores : 4
Instead of cpu_core_mask it now uses cpu_sibling_mask to count siblings.
This is due to the following hunk of above commit:
| --- a/arch/x86/kernel/cpu/proc.c
| +++ b/arch/x86/kernel/cpu/proc.c
| @@ -14,7 +14,7 @@ static void show_cpuinfo_core(struct seq_file *m, struct cpuinf
| if (c->x86_max_cores * smp_num_siblings > 1) {
| seq_printf(m, "physical id\t: %d\n", c->phys_proc_id);
| seq_printf(m, "siblings\t: %d\n",
| - cpus_weight(per_cpu(cpu_core_map, cpu)));
| + cpumask_weight(cpu_sibling_mask(cpu)));
| seq_printf(m, "core id\t\t: %d\n", c->cpu_core_id);
| seq_printf(m, "cpu cores\t: %d\n", c->booted_cores);
| seq_printf(m, "apicid\t\t: %d\n", c->apicid);
This was a mistake, because the impact line shows that this side-effect
was not anticipated:
Impact: reduce per-cpu size for CONFIG_CPUMASK_OFFSTACK=y
So revert the respective hunk to restore the old behavior.
[ Impact: fix sibling-info regression in /proc/cpuinfo ]
Signed-off-by: Andreas Herrmann <andreas.herrmann3@amd.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>
LKML-Reference: <20090504182859.GA29045@alberich.amd.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
tcp_prequeue() refers to the constant value (TCP_RTO_MIN) regardless of
the actual value might be tuned. The following patches fix this and make
tcp_prequeue get the actual value returns from tcp_rto_min().
Signed-off-by: Satoru SATOH <satoru.satoh@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch fixes an invalid pointer access in case the receive queue
holds no pointer to the next skb when the queue is empty.
Signed-off-by: Hannes Hering <hering2@de.ibm.com>
Signed-off-by: Jan-Bernd Themann <themann@de.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
* fix/asoc:
ASoC: Remove BROKEN from mpc5200 kconfig
ASoC: TWL4030: Fix gain control for earpiece amplifier
ASoC: Set the MPC5200 i2s driver to BROKEN status.
ASoC: Fix logic in WM8350 master clocking check
The feature bits should be set via bitmasks, not via feature IDs.
[ Impact: fix feature enabling in newer IOMMU versions ]
Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
LKML-Reference: <20090504102028.GA30307@amd.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
mips emit the following debug sections:
.mdebug* and .pdr
They were included in the check for non-allocatable section
and caused modpost to warn.
Manuel Lauss suggested to fix this by adding the relevant
sections to the list of sections we do not check.
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
Reported-by: Manuel Lauss <mano@roarinelk.homelinux.net>
Jean reported that he saw one warning for each module like the one below:
WARNING: arch/x86/kernel/cpu/cpufreq/acpi-cpufreq.o (.comment.SUSE.OPTs): unexpected non-allocatable section.
The warning appeared with the improved version of the
check of the flags in the sections.
That check already ignored sections named ".comment" - but SUSE store
additional info in the comment section and has named it in a SUSE
specific way. Therefore modpost failed to ignore the section.
The fix is to extend the pattern so we ignore all sections
that start with the name ".comment.".
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
Reported-by: Jean Delvare <khali@linux-fr.org>
Tested-by: Jean Delvare <khali@linux-fr.org>
The missing TO_NATIVE(sechdrs[i].sh_flags) was causing many
unexpected non-allocatable section warnings when cross-compiling
for an architecture with a different endianness.
Fix endianness of all the fields in the ELF header and
section headers, not just some of them so we are not
hit by this anohter time.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Reported-by: Sean MacLennan <smaclennan@pikatech.com>
Tested-by: Sean MacLennan <smaclennan@pikatech.com>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
The NTLMSSP code was removed from fs/cifs/connect.c and merged
(75% smaller, cleaner) into fs/cifs/sess.c
As with the old code it requires that cifs be built with
CONFIG_CIFS_EXPERIMENTAL, the /proc/fs/cifs/Experimental flag
must be set to 2, and mount must turn on extended security
(e.g. with sec=krb5).
Although NTLMSSP encapsulated in SPNEGO is not enabled yet,
"raw" ntlmssp is common and useful in some cases since it
offers more complete security negotiation, and is the
default way of negotiating security for many Windows systems.
SPNEGO encapsulated NTLMSSP will be able to reuse the same
code.
Signed-off-by: Steve French <sfrench@us.ibm.com>
Fix usage of obsolete parameters and functions in the driver's PM
callbacks.
Signed-off-by: Rabin Vincent <rabin@rab.in>
Acked-by: Nicolas Pitre <nico@marvell.com>
Signed-off-by: Pierre Ossman <pierre@ossman.eu>
If MMC debugging is enabled, the mmci driver oopses because the DBG
macro uses host->mmc before it is set. Set it earlier.
Signed-off-by: Rabin Vincent <rabin@rab.in>
Signed-off-by: Pierre Ossman <pierre@ossman.eu>
The TI controller on Toshiba Tecra M5 needs more time to power up or
the cards will init incorrectly or not at all.
Signed-off-by: José M. Fernández <josemariafg@gmail.com>
Signed-off-by: Pierre Ossman <pierre@ossman.eu>
The goto unmap is too early, we haven't allocated host or done the
request_region().
Found by smatch (http://repo.or.cz/w/smatch.git).
[ Second error path fix by Pierre Ossman ]
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Pierre Ossman <pierre@ossman.eu>
The block layer does not support very low sector count restrictions
so we need to be prepared to handle bigger requests than we can send
directly to the controller.
Problem found by Manuel Lauss.
Signed-off-by: Pierre Ossman <pierre@ossman.eu>
Follow up to Nick Piggin's patches to ensure that nfs_vm_page_mkwrite
returns with the page lock held, and sets the VM_FAULT_LOCKED flag.
See http://bugzilla.kernel.org/show_bug.cgi?id=12913
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* 'for-linus' of git://oss.sgi.com/xfs/xfs:
xfs: fix getbmap vs mmap deadlock
xfs: a couple getbmap cleanups
xfs: add more checks to superblock validation
xfs_file_last_byte() needs to acquire ilock
The powerpc kernel always requires an Open Firmware like device tree
to supply device information. On systems without OF, this comes from
a flattened device tree blob. This blob is usually generated by dtc,
a tool which compiles a text description of the device tree into the
flattened format used by the kernel. Sometimes, the bootwrapper makes
small changes to the pre-compiled device tree blob (e.g. filling in
the size of RAM). To do this it uses the libfdt library.
Because these are only used on powerpc, the code for both these tools
is included under arch/powerpc/boot (these were imported and are
periodically updated from the upstream dtc tree).
However, the microblaze architecture, currently being prepared for
merging to mainline also uses dtc to produce device tree blobs. A few
other archs have also mentioned some interest in using dtc.
Therefore, this patch moves dtc and libfdt from arch/powerpc into
scripts, where it can be used by any architecture.
The vast bulk of this patch is a literal move, the rest is adjusting
the various Makefiles to use dtc and libfdt correctly from their new
locations.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/bart/ide-2.6:
ide-cd: fix REQ_QUIET tests in cdrom_decode_status
Fix up trivial conflicts in include/linux/blkdev.h
* master.kernel.org:/home/rmk/linux-2.6-arm: (45 commits)
[ARM] 5489/1: ARM errata: Data written to the L2 cache can be overwritten with stale data
[ARM] 5490/1: ARM errata: Processor deadlock when a false hazard is created
[ARM] 5487/1: ARM errata: Stale prediction on replaced interworking branch
[ARM] 5488/1: ARM errata: Invalidation of the Instruction Cache operation can fail
davinci: DM644x: NAND: update partitioning
davinci: update DM644x support in preparation for more SoCs
davinci: DM644x: rename board file
davinci: update pin-multiplexing support
davinci: serial: generalize for more SoCs
davinci: DM355 IRQ Definitions
davinci: DM646x: add interrupt number and priorities
davinci: PSC: Clear bits in MDCTL reg before setting new bits
davinci: gpio bugfixes
davinci: add EDMA driver
davinci: timers: use clk_get_rate()
[ARM] pxa/littleton: add missing da9034 touchscreen support
[ARM] pxa/zylonite: configure GPIO18/19 correctly, used by 2 GPIO expanders
[ARM] pxa/zylonite: fix the issue of unused SDATA_IN_1 pin get AC97 not working
[ARM] pxa: make ads7846 on corgi and spitz to sync on HSYNC
[ARM] pxa: remove unused CPU_FREQ_PXA Kconfig symbol
...
* 'x86-mce-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/x86/linux-2.6-tip:
x86, mce: fix boot logging logic
x86, mce: make polling timer interval per CPU
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
Input: document the multi-touch (MT) protocol
Input: add detailed multi-touch finger data report protocol
Input: allow certain EV_ABS events to bypass all filtering
Input: bcm5974 - add documentation for the driver
Input: bcm5974 - augment debug information
Input: bcm5974 - Add support for the Macbook 5 (Unibody)
Input: bcm5974 - add quad-finger tapping
Input: bcm5974 - prepare for a new trackpad header type
Input: appletouch - fix DMA to/from stack buffer
Input: wacom - fix TabletPC touch bug
Input: lifebook - add DMI entry for Fujitsu B-2130
Input: ALPS - add signature for Toshiba Satellite Pro M10
Input: elantech - make sure touchpad is really in absolute mode
Input: elantech - provide a workaround for jumpy cursor on firmware 2.34
Input: ucb1400 - use disable_irq_nosync() in irq handler
Input: tsc2007 - use disable_irq_nosync() in irq handler
Input: sa1111ps2 - use disable_irq_nosync() in irq handlers
Input: omap-keypad - use disable_irq_nosync() in irq handler
See http://bugzilla.kernel.org/show_bug.cgi?id=13034
If the port gets into a TIME_WAIT state, then we cannot reconnect without
binding to a new port.
Tested-by: Petr Vandrovec <petr@vandrovec.name>
Tested-by: Jean Delvare <khali@linux-fr.org>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuild-fixes:
kbuild, modpost: Check the section flags, to catch missing "ax"/"aw"
kbuild: fix comment in modpost.c
kbuild: fix scripts/setlocalversion with git
kbuild: fix Module.markers permission error under cygwin
docs: also clean index.html
kbuild: remove a tag file before it is regenerated
kbuild: "make prepare" should be "make modules_prepare"
kbuild: clean Module.markers and modules.order for out-of-tree modules
avr32: drop unused CLEAN_FILES
* 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jlbec/ocfs2:
ocfs2: Change repository in MAINTAINERS.
ocfs2: Fix a missing credit when deleting from indexed directories.
ocfs2/trivial: Remove unused variable in ocfs2_rename.
ocfs2: Add missing iput() during error handling in ocfs2_dentry_attach_lock()
ocfs2: Fix some printk() warnings.
ocfs2: Fix 2 warning during ocfs2 make.
ocfs2: Reserve 1 more cluster in expanding_inline_dir for indexed dir.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
HID: fix oops in hid_check_keys_pressed()
HID: fix possible deadlock in usbhid_close()
HID: Fix the support for apple mini aluminium keyboard
HID: Add support for the G25 force feedback wheel in native mode
HID: hidraw -- fix missing unlocks in unlocked_ioctl
Fix the display of a few fields in the iBFT NIC attribute structure in
sysfs.
Ensure that, if the DHCP IP address and the subnet mask for the interface
is present in the iBFT NIC structure, the corresponding entries are
created in sysfs tree for the device. This would hence create the
additional entries in the tree based on the iBFT table and would not
delete any existing entries.
Signed-off-by: Ashutosh Naik <ashutosh.naik@gmail.com>
Cc: Vishnu V <vishnu@chelsio.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Local variable `scan' can overflow on zones which are larger than
(2G * 4k) / 100 = 80GB.
Making it 64-bit on 64-bit will fix that up.
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Wu Fengguang <fengguang.wu@intel.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Rik van Riel <riel@redhat.com>
Cc: Lee Schermerhorn <lee.schermerhorn@hp.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
->real_parent is the parent. ->parent may be the tracer.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: David Howells <dhowells@redhat.com>
Acked-by: Roland McGrath <roland@redhat.com>
Cc: Greg Ungerer <gerg@snapgear.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
scripts/kernel-doc can (incorrectly) delete struct members that are
surrounded by /* ... */ <struct members> /* ... */ if there is a /*
private: */ comment in there somewhere also.
Fix that by making the "/* private:" only allow whitespace between /* and
"private:", not anything/everything in the world.
This fixes some erroneous kernel-doc warnings that popped up while
processing include/linux/usb/composite.h.
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
The Committed_AS field can underflow in certain situations:
> # while true; do cat /proc/meminfo | grep _AS; sleep 1; done | uniq -c
> 1 Committed_AS: 18446744073709323392 kB
> 11 Committed_AS: 18446744073709455488 kB
> 6 Committed_AS: 35136 kB
> 5 Committed_AS: 18446744073709454400 kB
> 7 Committed_AS: 35904 kB
> 3 Committed_AS: 18446744073709453248 kB
> 2 Committed_AS: 34752 kB
> 9 Committed_AS: 18446744073709453248 kB
> 8 Committed_AS: 34752 kB
> 3 Committed_AS: 18446744073709320960 kB
> 7 Committed_AS: 18446744073709454080 kB
> 3 Committed_AS: 18446744073709320960 kB
> 5 Committed_AS: 18446744073709454080 kB
> 6 Committed_AS: 18446744073709320960 kB
Because NR_CPUS can be greater than 1000 and meminfo_proc_show() does
not check for underflow.
But NR_CPUS proportional isn't good calculation. In general,
possibility of lock contention is proportional to the number of online
cpus, not theorical maximum cpus (NR_CPUS).
The current kernel has generic percpu-counter stuff. using it is right
way. it makes code simplify and percpu_counter_read_positive() don't
make underflow issue.
Reported-by: Dave Hansen <dave@linux.vnet.ibm.com>
Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: Eric B Munson <ebmunson@us.ibm.com>
Cc: Mel Gorman <mel@csn.ul.ie>
Cc: Christoph Lameter <cl@linux-foundation.org>
Cc: <stable@kernel.org> [All kernel versions]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Some drivers using of_register_platform_driver() wrapper break on sparc
because the wrapper isn't in the header file. This patch moves it from
Microblaze and PowerPC implementations and makes it common code.
Fixes this sparc64 allmodconfig build error (at least):
drivers/leds/leds-gpio.c: In function `gpio_led_init':
drivers/leds/leds-gpio.c:295: error: implicit declaration of function `of_register_platform_driver'
drivers/leds/leds-gpio.c: In function `gpio_led_exit':
drivers/leds/leds-gpio.c:311: error: implicit declaration of function `of_unregister_platform_driver'
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
Acked-by: David S. Miller <davem@davemloft.net>
Cc: Michal Simek <monstr@monstr.eu>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Richard Purdie <rpurdie@rpsys.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This fixes the problem introduced by commit 3bfacef412 (get rid of
special-casing the /sbin/loader on alpha): osf/1 ecoff binary segfaults
when binfmt_aout built as module. That happens because aout binary
handler gets on the top of the binfmt list due to late registration, and
kernel attempts to execute the binary without preparatory work that must
be done by binfmt_loader.
Fixed by changing the registration order of the default binfmt handlers
using list_add_tail() and introducing insert_binfmt() function which
places new handler on the top of the binfmt list. This might be generally
useful for installing arch-specific frontends for default handlers or just
for overriding them.
Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Al Viro <viro@ZenIV.linux.org.uk>
Cc: Richard Henderson <rth@twiddle.net
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
Cc: Al Viro <viro@ZenIV.linux.org.uk>
Cc: Richard Henderson <rth@twiddle.net
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
