Commit Graph

31568 Commits

Author SHA1 Message Date
Darrel Goeddel
c7bdb545d2 [NETLINK]: Encapsulate eff_cap usage within security framework.
This patch encapsulates the usage of eff_cap (in netlink_skb_params) within
the security framework by extending security_netlink_recv to include a required
capability parameter and converting all direct usage of eff_caps outside
of the lsm modules to use the interface.  It also updates the SELinux
implementation of the security_netlink_send and security_netlink_recv
hooks to take advantage of the sid in the netlink_skb_params struct.
This also enables SELinux to perform auditing of netlink capability checks.
Please apply, for 2.6.18 if possible.

Signed-off-by: Darrel Goeddel <dgoeddel@trustedcs.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by:  James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:55 -07:00
Herbert Xu
576a30eb64 [NET]: Added GSO header verification
When GSO packets come from an untrusted source (e.g., a Xen guest domain),
we need to verify the header integrity before passing it to the hardware.

Since the first step in GSO is to verify the header, we can reuse that
code by adding a new bit to gso_type: SKB_GSO_DODGY.  Packets with this
bit set can only be fed directly to devices with the corresponding bit
NETIF_F_GSO_ROBUST.  If the device doesn't have that bit, then the skb
is fed to the GSO engine which will allow the packet to be sent to the
hardware if it passes the header check.

This patch changes the sg flag to a full features flag.  The same method
can be used to implement TSO ECN support.  We simply have to mark packets
with CWR set with SKB_GSO_ECN so that only hardware with a corresponding
NETIF_F_TSO_ECN can accept them.  The GSO engine can either fully segment
the packet, or segment the first MTU and pass the rest to the hardware for
further segmentation.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:53 -07:00
Patrick McHardy
68c1692e3e [NETFILTER]: statistic match: add missing Kconfig help text
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:50 -07:00
Patrick McHardy
ef47c6a7b8 [NETFILTER]: ip_queue/nfnetlink_queue: drop bridge port references when dev disappears
When a device that is acting as a bridge port is unregistered, the
ip_queue/nfnetlink_queue notifier doesn't check if its one of
physindev/physoutdev and doesn't release the references if it is.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:48 -07:00
Len Brown
d120cfb544 merge linus into release branch
Conflicts:

	drivers/acpi/acpi_memhotplug.c
2006-06-29 19:57:46 -04:00
Jorge Matias
1c7e47726a [NETFILTER]: xt_sctp: fix --chunk-types matching
xt_sctp uses an incorrect header offset when --chunk-types is used.

Signed-off-by: Jorge Matias <jorge.matias@motorola.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:46 -07:00
Yuri Gushin
9abdcf6b6c [NETFILTER]: xt_tcpudp: fix double unregistration in error path
"xt_unregister_match(AF_INET, &tcp_matchstruct)" is called twice,
leaving "udp_matchstruct" registered, in case of a failure in the
registration of the udp6 structure.

Signed-off-by: Yuri Gushin <yuri@ecl-labs.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:44 -07:00
Yasuyuki Kozakai
40a839fdbd [NETFILTER]: nf_conntrack: Fix undefined references to local_bh_*
CC      net/netfilter/nf_conntrack_proto_sctp.o
net/netfilter/nf_conntrack_proto_sctp.c: In function `sctp_print_conntrack':
net/netfilter/nf_conntrack_proto_sctp.c:206: warning: implicit declaration of function `local_bh_disable'
net/netfilter/nf_conntrack_proto_sctp.c:208: warning: implicit declaration of function `local_bh_enable'
  CC      net/netfilter/nf_conntrack_netlink.o
net/netfilter/nf_conntrack_netlink.c: In function `ctnetlink_dump_table':
net/netfilter/nf_conntrack_netlink.c:429: warning: implicit declaration of function `local_bh_disable'
net/netfilter/nf_conntrack_netlink.c:452: warning: implicit declaration of function `local_bh_enable'

Spotted by Toralf Förster

Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:42 -07:00
Patrick McHardy
da298d3a4f [NETFILTER]: x_tables: fix xt_register_table error propagation
When xt_register_table fails the error is not properly propagated back.
Based on patch by Lepton Wu <ytht.net@gmail.com>.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:57:40 -07:00
Len Brown
9dce0e950d Pull acpica into release branch 2006-06-29 19:55:27 -04:00
David S. Miller
6002e45045 [SUNHME]: Mark SBUS probing routines as __devinit.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:38:05 -07:00
David S. Miller
675f740e55 [SPARC64]: Print symbol name of regs->tpc on kernel unaligned accesses.
This makes things easier to track down, especially in modules.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:38:03 -07:00
David S. Miller
f57caaefac [SERIO] i8042-sparcio.h: Convert to of_driver framework.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:38:01 -07:00
David S. Miller
ff0d2fc6a6 [SPARC64]: time: Kill unnecessary asm/{fhc,sbus,ebus,isa}.h includes.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:59 -07:00
David S. Miller
abbce6e2fd [SPARC64] power: Convert to of_driver.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:57 -07:00
David S. Miller
f2ad06a201 [SPARC64] auxio: Remove asm/{sbus,ebus}.h includes.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:55 -07:00
David S. Miller
89d1d0ab4d [SERIAL] sunsab: Fix section mis-match errors.
sunsab_init_one() needs to be __devinit, not __init

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:53 -07:00
David S. Miller
c4d37215a8 [SERIAL] sunsab: Convert to of_driver framework.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:50 -07:00
David S. Miller
9efc3715f7 [SERIAL] sun{su,zilog}: Add missing MODULE_*() niceties.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:48 -07:00
David S. Miller
1708d242d2 [SERIAL] sunsu: Convert to of_driver framework.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:46 -07:00
David S. Miller
4fa97dcf9d [SERIAL] sunzilog: Fix bugs in device deregristration.
1) Need to unregister 2 ports per of_device.
2) Need to of_iounmap() 1 mapping per of_device.
3) Need to free up the IRQ only after all devices
   have been unregistered.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:44 -07:00
David S. Miller
3676463178 [SERIAL] sunzilog: Convert to of_driver.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:42 -07:00
David S. Miller
8f96cd1a69 [SPARC]: sparc32 side of of_device layer IRQ resolution.
Happily, life is much simpler on 32-bit sparc systems.
The "intr" property, preferred over the "interrupts"
property is used-as.  Some minor translations of this
value happen on sun4d systems.

The stage is now set to rewrite the sparc serial driver
probing to use the of_driver framework, and then to convert
all SBUS, EBUS, and ISA drivers in-kind so that we can nuke
all those special bus frameworks.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:40 -07:00
David S. Miller
2b1e597871 [SPARC64]: of_device layer IRQ resolution
Do IRQ determination generically by parsing the PROM properties,
and using IRQ controller drivers for final resolution.

One immediate positive effect is that all of the IRQ frobbing
in the EBUS, ISA, and PCI controller layers has been eliminated.
We just look up the of_device and use the properly computed
value.

The PCI controller irq_build() routines are gone and no longer
used.  Unfortunately sbus_build_irq() has to remain as there is
a direct reference to this in the sunzilog driver.  That can be
killed off once the sparc32 side of this is written and the
sunzilog driver is transformed into an "of" bus driver.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:38 -07:00
David S. Miller
c3a8b85f5a [SPARC64]: Fix typo in clock_probe().
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:35 -07:00
David S. Miller
915214853d [SPARC64] clock: Only probe central fhc clock on Enterprise boxes.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:33 -07:00
David S. Miller
00cde67482 [SPARC64] power: Do not pass SA_SHIRQ to request_irq().
This needs to be a unique interrupt source because we do
not have a register or similar to poll to make sure the
IRQ is really for us.  We do not have any dev_id to pass
in anyways, and the generic IRQ layer is now enforcing
that when SA_SHIRQ is specified, dev_id must be non-NULL.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:31 -07:00
David S. Miller
d44b3be88e [SPARC64]: Fix typo in isa_dev_get_irq_using_imap().
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:29 -07:00
David S. Miller
24ac26d425 [SPARC64]: Let irq_install_pre_handler() get called multiple times.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:27 -07:00
David S. Miller
946ea09962 [SPARC]: Kill interrupt stuff and linux_phandle from device_node.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:25 -07:00
David S. Miller
ee5caf0ee1 [SPARC]: Convert clock drivers to of_driver framework.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:23 -07:00
David S. Miller
36a59bd89c [SPARC64] auxio: Convert to pure of_device driver.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:21 -07:00
David S. Miller
50312ce9dd [SPARC]: Convert all FB SBUS drivers to of_driver framework.
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:18 -07:00
David S. Miller
3ca9fab410 [SPARC]: Add of_io{remap,unmap}().
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:16 -07:00
David S. Miller
95714e12df [SPARC]: Encode I/O space into resource flags on sparc32.
On sparc64 we don't need to do this because the resource
values are large enough to encode the full physical address.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:14 -07:00
David S. Miller
cf44bbc26c [SPARC]: Beginnings of generic of_device framework.
The idea is to fully construct the device register and
interrupt values into these of_device objects, and convert
all of SBUS, EBUS, ISA drivers to use this new stuff.

Much ideas and code taken from Ben H.'s powerpc work.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:12 -07:00
David S. Miller
3ae9a3489a [SPARC]: Add of_n_{addr,size}_cells().
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:10 -07:00
David S. Miller
286bbe87c1 [SPARC64]: Kill starfire_cookie from SBUS/PCI.
Totally unused.

We need to traverse the list of global IRQ translaters,
so storing it in the per-bus structures was useless.

Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:37:08 -07:00
Florin Malita
184d7d20d3 ocfs2: remove redundant NULL checks in ocfs2_direct_IO_get_blocks()
Signed-off-by: Florin Malita <fmalita@gmail.com>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 16:13:35 -07:00
Mark Fasheh
784270435b ocfs2: clean up some osb fields
Get rid of osb->uuid, osb->proc_sub_dir, and osb->osb_id. Those fields were
unused, or could easily be removed. As a result, we also no longer need
MAX_OSB_ID or ocfs2_globals_lock.

Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 16:10:13 -07:00
Mark Fasheh
a75a6e4c3a ocfs2: fix init of uuid_net_key
ocfs2_initialize_super() should be copying from the beginning of the uuid.

Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 16:06:43 -07:00
Mark Fasheh
e7607ab3da ocfs2: silence a debug print
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 16:03:17 -07:00
Sunil Mushran
d426721cf1 ocfs2: silence ENOENT during lookup of broken links
Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 15:59:52 -07:00
Sunil Mushran
781ee3e2b1 ocfs2: Cleanup message prints
Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 15:56:26 -07:00
Joel Becker
a43db30c7c ocfs2: silence -EEXIST from ocfs2_extent_map_insert/lookup
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 15:52:56 -07:00
Adrian Bunk
8169cae5a1 [PATCH] fs/ocfs2/dlm/dlmrecovery.c: make dlm_lockres_master_requery() static
dlm_lockres_master_requery() became global without any external usage.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 15:49:29 -07:00
Mark Fasheh
0db638f44e ocfs2: warn the user on a dead timeout mismatch
Print a warning to the user when a node with a different dead count joins
the region.

Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 15:45:35 -07:00
Adrian Bunk
4ba63adce0 ocfs2: OCFS2_FS must depend on SYSFS
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 14:56:12 -07:00
Joel Becker
2b388c6790 ocfs2: Compile-time disabling of ocfs2 debugging output.
Give gcc the chance to compile out the debug logging code in ocfs2.
This saves some size at the expense of being able to debug the code.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 14:48:30 -07:00
Joel Becker
e7515d065d configfs: Clear up a few extra spaces where there should be TABs.
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mark.fasheh@oracle.com>
2006-06-29 14:43:01 -07:00