Always initialize *scontext and *scontext_len in security_sid_to_context.
(via http://lkml.org/lkml/2007/2/23/135)
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Below is a patch which demotes many printk lines to KERN_DEBUG from
KERN_INFO. It should help stop the spamming of logs with messages in
which users are not interested nor is there any action that users should
take. It also promotes some KERN_INFO to KERN_ERR such as when there
are improper attempts to register/unregister security modules.
A similar patch was discussed a while back on list:
http://marc.theaimsgroup.com/?t=116656343500003&r=1&w=2
This patch addresses almost all of the issues raised. I believe the
only advice not taken was in the demoting of messages related to
undefined permissions and classes.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
security/selinux/hooks.c | 20 ++++++++++----------
security/selinux/ss/avtab.c | 2 +-
security/selinux/ss/policydb.c | 6 +++---
security/selinux/ss/sidtab.c | 2 +-
4 files changed, 15 insertions(+), 15 deletions(-)
Signed-off-by: James Morris <jmorris@namei.org>
Please consider applying, this was found on your latest
net-2.6 tree while playing around with that ip_hdr() + turn
skb->nh/h/mac pointers as offsets on 64 bits idea :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Having a work queue for checking carrier leads to lots of race issues.
Simpler to just get the cost when data structure is created and
update on change.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
The bridge hasn't used miscdevice for a long long time.
Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch allocates inetdev at registration for all devices
in line with IPv6. This allows sysctl configuration on the
devices to occur before they're brought up or addresses are
added.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
It is more natural to manage prefix routes corresponding to address which is
being added manually.
With help from Masafumi Aramoto <aramoto@linux-ipv6.org>.
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Once we reach a point where we exceed the max.path.retrans, strike the
transport before updating the rto. This will force transport switch at
the right time, instead of 1 retransmit too late.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The problem that this patch corrects happens when all of the following
conditions are satisfisfied:
1. PR-SCTP is used and the timeout on the chunks is set below RTO.Max.
2. One of the paths on a multihomed associations is brought down.
In this scenario, data will expire within the rto of the initial
transmission and will never be retransmitted. However this data still
fills the send buffer and is counted against the association as outstanding
data. This causes any new data not to be sent and retransmission to not
happen.
The fix is to discount the abandoned data from the outstanding count and
peers rwnd estimation. This allows new data to be sent and a retransmission
timer restarted. Even though this new data will most likely expire within
the rto, the timer still counts as a strike against the transport and forces
the FORWARD-TSN chunk to be retransmitted as well.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
The locking calls assumed that these code paths were only
invoked in software interrupt context, but that isn't true.
Therefore we need to use spin_{lock,unlock}_bh() throughout.
Signed-off-by: David S. Miller <davem@davemloft.net>
1. Add race condition check after netif_stop_queue(). tg3_tx() runs
without netif_tx_lock and can race with tg3_start_xmit_dma_bug() ->
tg3_tso_bug().
2. Firmware TSO in 5703/5704/5705 also have the same TSO limitation,
i.e. they cannot handle TSO headers bigger than 80 bytes. Rename
TG3_FL2_HW_TSO_1_BUG to TG3_FL2_TSO_BUG and set this flag on
these chips as well.
3. Update version to 3.74.
Signed-off-by: Michael Chan <mchan@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
packet_lookup_frame() always returns tpacket_hdr*, so there's no reason
to return char* and require casting by callers.
Also, remove a cast of void*.
Signed-off-by: Jason Lunz <lunz@falooley.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch for adjust inet6_exit() to inverse sequence to inet6_init().
At ipv6_init, it first create proc_root/net/dev_snmp6 entry by call
ipv6_misc_proc_init(), then call addrconf_init() to create the corresponding
device entry at this directory, but at inet6_exit, ipv6_misc_proc_exit()
called first, then call addrconf_init().
Signed-off-by: Joe Jin <joe.jin@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Fixed to set fl_tunnel.fl6_src correctly in xfrm6_bundle_create().
Signed-off-by: Noriaki TAKAMIYA <takamiya@po.ntts.co.jp>
Acked-by: Masahide NAKAMURA <nakam@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch adds proper prototypes for some functions in
include/net/irda/irda.h
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Some Bluetooth drivers need one or more binary firmware images. Export
these image names via the MODULE_FIRMWARE tag.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
In the case of bound RFCOMM TTY devices the parent is not available
before its usage. So when opening a RFCOMM TTY device, move it to
the corresponding ACL device as a child. When closing the device,
move it back to the virtual device tree.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The open and close callbacks for the HID device are not optional, but
for the Bluetooth HID report mode support it is enough to add empty
dummy callbacks.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
This patch extends the current Bluetooth HID support to use the new
HID subsystem and adds full report mode support.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
The compat ioctl patch copied the parser version field into the
report descriptor size field by mistake.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
* master.kernel.org:/pub/scm/linux/kernel/git/gregkh/driver-2.6:
Revert "Driver core: let request_module() send a /sys/modules/kmod/-uevent"
Driver core: fix error by cleanup up symlinks properly
make kernel/kmod.c:kmod_mk static
power management: fix struct layout and docs
power management: no valid states w/o pm_ops
Driver core: more fallout from class_device changes for pcmcia
sysfs: move struct sysfs_dirent to private header
driver core: refcounting fix
Driver core: remove class_device_rename
* master.kernel.org:/pub/scm/linux/kernel/git/gregkh/usb-2.6:
USB: export autosuspend delay in sysfs
sysfs: allow attributes to be added to groups
USB: make autosuspend delay a module parameter
USB: minor cleanups for sysfs.c
USB: add a blacklist for devices that can't handle some things we throw at them.
USB: refactor usb device matching and create usb_device_match
USB: Wacom driver updates
gadgetfs: Fixed bug in ep_aio_read_retry.
USB: Use USB defines in usbmouse.c and usbkbd.c
USB: add rationale on why usb descriptor structures have to be packed
USB: ftdi_sio: Adding VID and PID for Tellstick
UHCI: Eliminate asynchronous skeleton Queue Headers
UHCI: Add macros for computing DMA values
USB: Davicom DM9601 usbnet driver
USB: asix.c - Add JVC-PRX1 ids
usbmon: Remove erroneous __exit
USB: add driver for iowarrior devices.
USB: option: add a bunch of new device ids
USB: option: remove duplicate device id table
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
[MIPS] Fix port 0 mac address for mips mv6434x platforms
[SERIAL] serial_txx9 driver update
Revert "[PATCH] Generic ioremap_page_range: mips conversion"
[MIPS] Cobalt: Rename "Colo" MTD partition to "firmware".
[MIPS] SMP: Get smp_tune_scheduling to do something useful.
[MIPS] Add basic SMARTMIPS ASE support
The SUN_AURORA driver:
- has been marked as BROKEN for more than two years and
- is still marked as BROKEN.
Drivers that had been marked as BROKEN for such a long time seem to be
unlikely to be revived in the forseeable future.
But if anyone wants to ever revive this driver, the code is still
present in the older kernel releases.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
When clockevents_program_event() is given an expire time in the
past, it does not update dev->next_event, so this looping code
would loop forever once the first in-the-past expiration time
was used.
Keep advancing "next" locally to fix this bug.
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
move_native_irqs tries to do the right thing when migrating irqs
by disabling them. However disabling them is a software logical
thing, not a hardware thing. This has always been a little flaky
and after Ingo's latest round of changes it is guaranteed to not
mask the apic.
So this patch fixes move_native_irq to directly call the mask and
unmask chip methods to guarantee that we mask the irq when we
are migrating it. We must do this as it is required by
all code that call into the path.
Since we don't know the masked status when IRQ_DISABLED is
set so we will not be able to restore it. The patch makes the code
just give up and trying again the next time this routing is called.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Acked-by: Suresh Siddha <suresh.b.siddha@intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
The problem: After moving an interrupt when is it safe to teardown
the data structures for receiving the interrupt at the old location?
With a normal pci device it is possible to issue a read to a device
to flush all posted writes. This does not work for the oldest ioapics
because they are on a 3-wire apic bus which is a completely different
data path. For some more modern ioapics when everything is using
front side bus delivery you can flush interrupts by simply issuing a
read to the ioapic. For other modern ioapics emperical testing has
shown that this does not work.
So it appears the only reliable way to know the last of the irqs from an
ioapic have been received from before the ioapic was reprogrammed is to
received the first irq from the ioapic from after it was reprogrammed.
Once we know the last irq message has been received from an ioapic
into a local apic we then need to know that irq message has been
processed through the local apics.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
For the ISA irqs we reserve 16 vectors. This patch adds constants for
those vectors and modifies the code to use them. Making the code a
little clearer and making it possible to move these vectors in the future.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
The code in io_apic.c and in i8259.c currently hardcode the same
vector for the timer interrupt so there is no reason for a special
assignment for the timer as the setup for the i8259 already takes care
of this.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Currently assign_irq_vector works mostly by side effect and returns
the results of it's changes to the caller. Which makes for a lot of
arguments to pass/return and confusion as to what to do if you need
the status but you aren't calling assign_irq_vector.
This patch stops returning values from assign_irq_vector that can be
retrieved just as easily by examining irq_cfg, and modifies the
callers to retrive those values from irq_cfg when they need them.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Currently the io_apic.c has several parallel arrays for different
kinds of data that can be know about an irq. The parallel arrays
make the code harder to maintain and make it difficult to remove
the static limits on the number of the number of irqs.
This patch pushes irq_data and irq_vector into a irq_cfg array and
updates the code to use it.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
NR_IRQ_VECTORS is currently a compatiblity define set to NR_IRQs.
This patch updates the users of NR_IRQ_VECTORS to use NR_IRQs instead
so that NR_IRQ_VECTORS can be removed.
There is still shared code with arch/i386 that uses NR_IRQ_VECTORS
so we can't remove the #define just yet :(
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
If we have an irq that comes from multiple io_apic pins the FINAL action
(which is io_apic_sync or nothing) needs to be called for every entry or
else if the two pins come from different io_apics we may not wait until
after the action happens on the io_apic.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
For some reason the code has been picking TARGET_CPUS when asked to
set the affinity to an empty set of cpus. That is just silly it's
extra work. Instead if there are no cpus to set the affinity to we
should just give up immediately. That is simpler and a little more
intuitive.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>