When an object is created via a symlink into an audited directory, audit misses
the event due to not having collected the inode data for the directory. Modify
__audit_inode_child() to copy the parent inode data if a parent wasn't found in
audit_names[].
Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
When the specified path is an existing file or when it is a symlink, audit
collects the wrong inode number, which causes it to miss the open() event.
Adding a second hook to the open() path fixes this.
Also add audit_copy_inode() to consolidate some code.
Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* master.kernel.org:/pub/scm/linux/kernel/git/gregkh/usb-2.6: (24 commits)
Revert "[PATCH] USB: move usb_device_class class devices to be real devices"
Revert "[PATCH] USB: convert usb class devices to real devices"
USB: UHCI: Don't test the Short Packet Detect bit
USB: unusual_devs entry for Nokia 3250
USB: dummy-hcd: disable interrupts during req->complete
USB: fix the USB_GADGET_DUMMY_HCD dependencies
USB: ati_remote.c: autorepeat fix
USB: doc: fixes devio.c location in proc_usb_info.txt.
USB: doc: usb-help.txt update.
USB: Patch for rtl8150 to fix unplug problems
USB: cypress driver comment updates
USB: unusual_devs device removal
usb-storage: Add US_FL_IGNORE_DEVICE flag; ignore ZyXEL G220F
USB: New USB ID for Belkin Serial Adapter
USB: Additional PID for the ftdi_sio driver
USB: adding support for SHARP WS003SH to ipaq.c
USB: Fix Freescale high-speed USB host dependency
USB: Removed 3-port device handler from Option driver
USB: Drop Sierra Wireless MC8755 from the Option driver
USB: Let option driver handle Anydata CDMA modems. Remove anydata driver.
...
If CONFIG_IOMMU_DEBUG is set force_iommu defaults to 1. In the case
where no HW IOMMU is present in the machine and we end up using nommu,
leaving force_iommu set to 1 causes dma_alloc_coherent to do the wrong
thing. Therefore, if we end up using nommu, make sure force_iommu is
0.
Signed-off-by: Muli Ben-Yehuda <muli@il.ibm.com>
Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Re-add backlink for old style unwinder to stack switching. Add proper
stack frame and CFI annotations to call_softirq
This prevents a oops when backtracing with fallback through the
interrupt stack top.
Suggested by Jan Beulich and Herbert Xu wanted it in 2.6.18.
Cc: jbeulich@novell.com
Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Suresh points out that commit b0423a0d9c
broke the semantics of a synchronous signal like SIGSEGV occurring
recursively inside its own handler handler (or, indeed, any other
context when the signal was blocked).
That was unintentional, and this fixes things up by reinstating the old
semantics, but without reverting the cleanups.
Cc: Paul E. McKenney <paulmck@us.ibm.com>
Acked-by: Suresh Siddha <suresh.b.siddha@intel.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
* git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuild-2.6.18:
gitignore: gitignore quilt's files
kbuild: always use $(CC) for $(call cc-version)
kconfig: correct oldconfig for unset choice options
kbuild: -fno-stack-protector is not good
kbuild: fix typo in modpost
kbuild: improve error from file2alias
kbuild: .gitignore utsrelease.h
kbuild: version.h and new headers_* targets does not require a kernel config
kbuild: hardcode value of YACC&LEX for aic7-triple-x
This reverts c182274ffe commit because it
required a newer version of udev to work properly than what is currently
documented in Documentation/Changes.
Cc: Kay Sievers <kay.sievers@vrfy.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This reverts bd00949647 commit because it
required a newer version of udev to work properly than what is currently
documented in Documentation/Changes.
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Apparently some UHCI controllers change the value of the Short Packet
Detect (SPD) bit in the TD status word -- presumably when they receive a
short packet. This patch (as759) changes uhci-hcd to avoid assuming
that the bit is unchanged; in fact, the driver no longer looks at SPD at
all.
This fixes the second problem reported in Bugzilla #6752.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Here is another unusual_devs entry (as760) for another Nokia device,
this time the 3250.
From: Mario Rettig <mariorettig@web.de>
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Phil Dibowitz <phil@ipom.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as756) fixes a bug in dummy-hcd found by the lockdep
checker. In one of the code paths, the driver did not disable
interrupts before calling a request completion routine.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
If USB=m, USB_GADGET=y, the option USB_GADGET_DUMMY_HCD mustn't be
offered since selecting it results in a compile error.
This patch fixes kernel Bugzilla #6534 reported by Toralf Frster.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
When HZ is set to 250 (new default) or 100, the time span during which
repeated events from the device are ignored could be too small due to
ms->jiffies rounding. This causes the auto repeat to kick in early making
it impossible for the user to generate individual press/release events.
Increate the timeout to compensate.
Signed-off-by: Marko Macek <Marko.Macek@gmx.net>
Cc: Dmitry Torokhov <dtor_core@ameritech.net>
Cc: Vojtech Pavlik <vojtech@suse.cz>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The RTL8150 driver currently crashes the kernel if the USB lead is unplugged
while the device is active. The attached patch adds error handling to
tell the network layer that the device has gone away when the device is
unplugged. With this patch, the device can be plugged and unplugged
to one's hearts' content, without crashing anything.
Oh, I've also added rudimentary suspend and resume methods.
Signed-off-by: Peter Chubb <peter@gelato.unsw.edu.au>
Acked-by: Petko Manolov <petkan@nucleusys.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This entry has been a mystery for some time. I had sent this patch as an
RFC a while ago, and now we've had two reports of this not being needed,
so I'm removing it.
In the event there are reports of breakage, we should revert this patch,
but add a US_FL_NEED_OVERRIDE flag.
Signed-off-by: Phil Dibowitz <phil@ipom.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch adds a new unusual_devs flag for when usb-storage needs to ignore
a device that it would otherwise claim.
We need to ignore the ZyXEL G220F as it is a virtual CDROM drive which
includes the windows driver for this USB-WLAN adapter. After the windows
driver is installed on a windows system, it converts it into a WLAN adapter
(by ejecting the virtual disc).
The virtual CDROM is of no interest to Linux users. The zd1211rw driver will
automatically perform the eject operation, we just need to ensure that
usb-storage does not claim the device.
Signed-off-by: Daniel Drake <dsd@gentoo.org>
Signed-off-by: Matthew Dharm <mdharm-usb@one-eyed-alien.net>
Signed-off-by: Phil Dibowitz <phil@ipom.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Can you add the USB IDs for the Belkin USB Serial adapter (P/N F5U257)
to the pl2303 driver in the Linux Kernel? Are you the appropriate person
to approach for this?
I recently purchased a Belkin USB Serial adapter (P/N F5U257) and found
that it didn't work. After a bit of experimentation I found that it
works with the pl2303 driver once the ID has been added. See attached
patch to fix this. Also attached is the output from lsusb -v just in
case you require any information from there.
From: Kim Oldfield <luv@oldfield.wattle.id.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Here's a short patch which adds one PID to the set of devices
supported by the ftdi_sio driver. The device in question is a
DLP module used as part of a ham radio USB-to-packet adapter.
From: Dave Platt <dplatt@radagast.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This small patch enables a support of "SHARP WS003SH".
"SHARP WS003SH" (usullary called "W-ZERO3") is most polular All-in-one handheld
CellPhone-plus-WindowsMobile5.0 in Japan.
"SHARP WS003SH" has two modes, "Modem" and "ActiveSync".
But, "ActiveSync" mode uses NDIS connection.
Therefore, ipaq.c can only support "Modem" mode.
http://www.sharp.co.jp/ws/ (Japanese Site)
http://greggman.com/edit/editheadlines/2005-12-24.htm
From: Norihiko Tomiyama <norihiko.tomiyama@ctc-g.co.jp>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The high-speed USB SOC only exists on MPC834x family not MPC83xx family.
Signed-off-by: Li Yang <leoli@freescale.com>
Acked-by: Kumar Gala <galak@kernel.crashing.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The short driver names were not unique,
which prevented the driver from actually loading.
Also, one of the ioctl pointers was missing.
Signed-Off-By: Matthias Urlichs <smurf@smurf.noris.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
OHCI updates for AT91 series processors:
- Get ready for at91sam926x processors (ARMv5tej not ARMv4t)
- Suspend/resume support now behaves properly
- In "standby" mode, OHCI can be a source of system wakeup events
(remote wakeup, device connect/disconnect, etc)
And minor cleanups.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Andrew Victor <andrew@sanpeople.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
UDC updates for AT91 series processors:
- Get ready for at91sam926x processors (ARMv5tej not ARMv4t)
- Suspend/resume support now behaves properly
- In "standby" mode, UDC can be a source of system wakeup events
(host resume, device connect/disconnect, etc)
- Fix IRQ storming issues, seemingly related to clock disabling
changes that went in a while back
And minor cleanups, especially whitespace.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Andrew Victor <andrew@sanpeople.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
include/linux/security.h: In function ‘security_release_secctx’:
include/linux/security.h:2757: warning: ‘return’ with a value, in function returning void
Signed-off-by: David S. Miller <davem@davemloft.net>
Remove the lock_cpu_hotplug()/unlock_cpu_hotplug() calls from
net_dma_rebalance
The lock_cpu_hotplug()/unlock_cpu_hotplug() sequence in
net_dma_rebalance is both incorrect (as pointed out by David Miller)
because lock_cpu_hotplug() may sleep while the net_dma_event_lock
spinlock is held, and unnecessary (as pointed out by Andrew Morton) as
spin_lock() disables preemption which protects from CPU hotplug
events.
Signed-off-by: Chris Leech <christopher.leech@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This patch fixes a bug in the DECnet routing code where we were
selecting a loopback device in preference to an outward facing device
even when the destination was known non-local. This patch should fix
the problem.
Signed-off-by: Patrick Caulfield <patrick@tykepenguin.com>
Signed-off-by: Steven Whitehouse <steve@chygwyn.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
From: Catherine Zhang <cxzhang@watson.ibm.com>
This patch implements a cleaner fix for the memory leak problem of the
original unix datagram getpeersec patch. Instead of creating a
security context each time a unix datagram is sent, we only create the
security context when the receiver requests it.
This new design requires modification of the current
unix_getsecpeer_dgram LSM hook and addition of two new hooks, namely,
secid_to_secctx and release_secctx. The former retrieves the security
context and the latter releases it. A hook is required for releasing
the security context because it is up to the security module to decide
how that's done. In the case of Selinux, it's a simple kfree
operation.
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Acked-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
The skb_queue_head_init() function is used both in drivers for private use
and in the core networking code. The usage models are vastly set of
functions that is only softirq safe; while the driver usage tends to be
more limited to a few hardirq safe accessor functions. Rather than
annotating all 133+ driver usages, for now just split this lock into a per
queue class. This change is obviously safe and probably should make
2.6.18.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
When I tested linux kernel 2.6.71.7 about statistics
"ipv6IfStatsOutFragCreates", and found that it couldn't increase
correctly. The criteria is RFC 2465:
ipv6IfStatsOutFragCreates OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of output datagram fragments that have
been generated as a result of fragmentation at
this output interface."
::= { ipv6IfStatsEntry 15 }
I think there are two issues in Linux kernel.
1st:
RFC2465 specifies the counter is "The number of output datagram
fragments...". I think increasing this counter after output a fragment
successfully is better. And it should not be increased even though a
fragment is created but failed to output.
2nd:
If we send a big ICMP/ICMPv6 echo request to a host, and receive
ICMP/ICMPv6 echo reply consisted of some fragments. As we know that in
Linux kernel first fragmentation occurs in ICMP layer(maybe saying
transport layer is better), but this is not the "real"
fragmentation,just do some "pre-fragment" -- allocate space for date,
and form a frag_list, etc. The "real" fragmentation happens in IP layer
-- set offset and MF flag and so on. So I think in "fast path" for
ip_fragment/ip6_fragment, if we send a fragment which "pre-fragment" by
upper layer we should also increase "ipv6IfStatsOutFragCreates".
Signed-off-by: Wei Dong <weid@nanjing-fnst.com>
Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
When I tested Linux kernel 2.6.17.7 about statistics
"ipv6IfStatsInHdrErrors", found that this counter couldn't increase
correctly. The criteria is RFC2465:
ipv6IfStatsInHdrErrors OBJECT-TYPE
SYNTAX Counter3
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of input datagrams discarded due to
errors in their IPv6 headers, including version
number mismatch, other format errors, hop count
exceeded, errors discovered in processing their
IPv6 options, etc."
::= { ipv6IfStatsEntry 2 }
When I send TTL=0 and TTL=1 a packet to a router which need to be
forwarded, router just sends an ICMPv6 message to tell the sender that
TIME_EXCEED and HOPLIMITS, but no increments for this counter(in the
function ip6_forward).
Signed-off-by: Wei Dong <weid@nanjing-fnst.com>
Acked-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
We have a more complete solution in the works, involving
the seperation of CHECKSUM_HW on input vs. output, and
having netfilter properly do incremental checksums.
But that is a very involved patch and is thus 2.6.19
material.
What we have now is infinitely better than the past,
wherein all TSO packets were dropped due to corrupt
checksums as soon at the NAT module was loaded. At
least now, the checksums do get fixed up, it just
isn't the cleanest nor most optimal solution.
Signed-off-by: David S. Miller <davem@davemloft.net>
The hashlimit table name and the textsearch algorithm need to be
terminated, the textsearch pattern length must not exceed the
maximum size.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Since we don't know in which direction the first packet will arrive, we
need to create one expectation for each direction, which is currently
prevented by max_expected beeing set to 1.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Add a dev_alloc_skb variant that takes a struct net_device * paramater.
For now that paramater is unused, but I'll use it to allocate the skb
from node-local memory in a follow-up patch. Also there have been some
other plans mentioned on the list that can use it.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Based upon guidance from Alexey Kuznetsov.
When linger2 is active, we check to see if the fin_wait2
timeout is longer than the timewait. If it is, we schedule
the keepalive timer for the difference between the timewait
timeout and the fin_wait2 timeout.
When this orphan socket is seen by tcp_keepalive_timer()
it will try to transform this fin_wait2 socket into a
fin_wait2 mini-socket, again if linger2 is active.
Not all paths were setting this initial keepalive timer correctly.
The tcp input path was doing it correctly, but tcp_close() wasn't,
potentially making the socket linger longer than it really needs to.
Signed-off-by: David S. Miller <davem@davemloft.net>
The patch below fixes a problem in the iptables SECMARK target, where
the user-supplied 'selctx' string may not be nul-terminated.
From initial analysis, it seems that the strlen() called from
selinux_string_to_sid() could run until it arbitrarily finds a zero,
and possibly cause a kernel oops before then.
The impact of this appears limited because the operation requires
CAP_NET_ADMIN, which is essentially always root. Also, the module is
not yet in wide use.
Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: David S. Miller <davem@davemloft.net>