- 26 Jun, 2006 40 commits
-
-
Michael LeMay authored
Add a /proc/<pid>/attr/keycreate entry that stores the appropriate context for newly-created keys. Modify the selinux_key_alloc hook to make use of the new entry. Update the flask headers to include a new "setkeycreate" permission for processes. Update the flask headers to include a new "create" permission for keys. Use the create permission to restrict which SIDs each task can assign to newly-created keys. Add a new parameter to the security hook "security_key_alloc" to indicate whether it is being invoked by the kernel, or from userspace. If it is being invoked by the kernel, the security hook should never fail. Update the documentation to reflect these changes. Signed-off-by:
Michael LeMay <mdlemay@epoch.ncsc.mil> Signed-off-by:
James Morris <jmorris@namei.org> Signed-off-by:
David Howells <dhowells@redhat.com> Signed-off-by:
Andrew Morton <akpm@osdl.org> Signed-off-by:
Linus Torvalds <torvalds@osdl.org>
-
Michael LeMay authored
Restrict /proc/keys such that only those keys to which the current task is granted View permission are presented. The documentation is also updated to reflect these changes. Signed-off-by:
-
Michael LeMay authored
Cause key_alloc_serial() to generate key serial numbers randomly rather than in linear sequence. Using an linear sequence permits a covert communication channel to be established, in which one process can communicate with another by creating or not creating new keys within a certain timeframe. The second process can probe for the expected next key serial number and judge its existence by the error returned. This is a problem as the serial number namespace is globally shared between all tasks, regardless of their context. For more information on this topic, this old TCSEC guide is recommended: http://www.radium.ncsc.mil/tpep/library/rainbow/NCSC-TG-030.htmlSigned-off-by:
-
Fredrik Tolf authored
Let keyctl_chown() change a key's owner, including attempting to transfer the quota burden to the new user. Signed-off-by:
-
David Howells authored
Cause the keys linked to a keyring to be unlinked from it when revoked and it causes the data attached to a user-defined key to be discarded when revoked. This frees up most of the quota a key occupied at that point, rather than waiting for the key to actually be destroyed. Signed-off-by:
-
David Howells authored
Add the ability for key creation to overrun the user's quota in some circumstances - notably when a session keyring is created and assigned to a process that didn't previously have one. This means it's still possible to log in, should PAM require the creation of a new session keyring, and fix an overburdened key quota. Signed-off-by:
-
Akinobu Mita authored
This patch converts the combination of list_del(A) and list_add(A, B) to list_move(A, B) under fs/. Cc: Ian Kent <raven@themaw.net> Acked-by:
Joel Becker <joel.becker@oracle.com> Cc: Neil Brown <neilb@cse.unsw.edu.au> Cc: Hans Reiser <reiserfs-dev@namesys.com> Cc: Urban Widmark <urban@teststation.com> Acked-by:
Mark Fasheh <mark.fasheh@oracle.com> Signed-off-by:
Akinobu Mita <mita@miraclelinux.com> Signed-off-by:
-
Akinobu Mita authored
This patch converts the combination of list_del(A) and list_add(A, B) to list_move(A, B) under drivers/. Acked-by:
Corey Minyard <minyard@mvista.com> Cc: Ben Collins <bcollins@debian.org> Acked-by:
Roland Dreier <rolandd@cisco.com> Cc: Alasdair Kergon <dm-devel@redhat.com> Cc: Gerd Knorr <kraxel@bytesex.org> Cc: Paul Mackerras <paulus@samba.org> Cc: Frank Pavlic <fpavlic@de.ibm.com> Acked-by:
Matthew Wilcox <matthew@wil.cx> Cc: Andrew Vasquez <linux-driver@qlogic.com> Cc: Mikael Starvik <starvik@axis.com> Cc: Greg Kroah-Hartman <greg@kroah.com> Signed-off-by:
-
Akinobu Mita authored
This patch converts the combination of list_del(A) and list_add(A, B) to list_move(A, B) under net/rxrpc. Acked-by:
-
Akinobu Mita authored
This patch converts the combination of list_del(A) and list_add(A, B) to list_move(A, B). Cc: Greg Kroah-Hartman <gregkh@suse.de> Cc: Ram Pai <linuxram@us.ibm.com> Signed-off-by:
-
Akinobu Mita authored
This patch converts the combination of list_del(A) and list_add(A, B) to list_move(A, B) under arch/. Cc: Geert Uytterhoeven <geert@linux-m68k.org> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by:
-
Akinobu Mita authored
This patch converts list_add(A, B.prev) to list_add_tail(A, &B) for readability. Acked-by:
Karsten Keil <kkeil@suse.de> Cc: Jan Harkes <jaharkes@cs.cmu.edu> Acked-by:
Jan Kara <jack@suse.cz> AOLed-by:
David Woodhouse <dwmw2@infradead.org> Cc: Sridhar Samudrala <sri@us.ibm.com> Signed-off-by:
-
Alan Cox authored
This method died some time ago, so kill the doc for it. Signed-off-by:
Alan Cox <alan@redhat.com> Signed-off-by:
-
Fredrik Roubert authored
Magic sysrq fails to work on many keyboards, particulary most of notebook keyboards. This patch fixes it. The idea is quite simple: Discard the SysRq break code if Alt is still being held down. This way the broken keyboard can send the break code (or the user with a normal keyboard can release the SysRq key) and the kernel waits until the next key is pressed or the Alt key is released. Signed-off-by:
Pavel Machek <pavel@suse.cz> Signed-off-by:
-
Markus Armbruster authored
nmi_create_files() in arch/i386/oprofile/nmi_int.c depends on model->num_counters (number of performance counters) being less than 10. While this is currently the case, it's too clever by half. Other archs aren't quite as clever: they assume 100. I suggest to normalize them all to 1000. Cc: Philippe Elie <phil.el@wanadoo.fr> Cc: John Levon <levon@movementarian.org> Signed-off-by:
-
Jesper Juhl authored
There's a problem in drivers/bluetooth/dtl1_cs.c::dtl1_hci_send_frame() If bt_skb_alloc() returns NULL, then skb_reserve(s, NSHL); will cause a NULL pointer deref - ouch. If we can't allocate the resources we require we need to tell the caller by returning -ENOMEM. Found by the coverity checker as bug #409 Signed-off-by:
Jesper Juhl <jesper.juhl@gmail.com> Acked-by:
Marcel Holtmann <marcel@holtmann.org> Signed-off-by:
-
Ingo Molnar authored
Convert kernel/cpu.c from semaphore to mutex. I've reviewed all lock_cpu_hotplug() critical sections, and they all seem to fit mutex semantics. Signed-off-by:
Ingo Molnar <mingo@elte.hu> Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Ashok Raj <ashok.raj@intel.com> Signed-off-by:
-
Ingo Molnar authored
It seems ppc64 wants to lock mutexes in early bootup code, with interrupts disabled, and they expect interrupts to stay disabled, else they crash. Work around this bug by making mutex debugging variants save/restore irq flags. Signed-off-by:
-
Andrew Morton authored
Update this driver for recent header file movement. Cc: David Brownell <david-b@pacbell.net> Cc: Greg KH <greg@kroah.com> Signed-off-by:
-
Malcolm Parsons authored
binfmt_flat.c calls set_personality with PER_LINUX as the personality. On the arm architecture this results in the program running in 26bit usermode. PER_LINUX_32BIT should be used instead. This doesn't affect other architectures that use binfmt_flat. Signed-off-by:
Greg Ungerer <gerg@uclinux.org> Signed-off-by:
-
Greg Ungerer authored
Change enable_irq() macro to be a statement, not expression. Signed-off-by:
-
Greg Ungerer authored
Fix PLL setting for the Coldfire 5249 CPU. This brings it into line with the new style frequency configuration of m68knommu parts. Signed-off-by:
-
Greg Ungerer authored
Fix flush code for the ColdFire 5206/5206e/5272 cases. Add support for the new ColdFire 532x CPU family Signed-off-by:
-
Philippe De Muyter authored
Here is a patch to the system call handling for 5307/5272/etc to: - fix the strace support (one tested the wrong bit) - make all system calls a little bit faster by inlining set_esp0 and supporting ENOSYS out of the critical path. - remove extraneous spaces Signed-off-by:
-
Greg Ungerer authored
This patch solve a bug triggered by execvp (this function use calloc to store the argument list and gcc 3.4.x align the stack to word, not to dword). This situation aren't related to signal handling and all 2.6.x have the bug. On ColdFire targets we must force the stack to be aligned. Original patch from Andrea Tarani <andrea.tarani@gilbarco.com>, Signed-off-by:
-
Greg Ungerer authored
Remove list of fixed clock frequency options used for configuring master clock, and make field an int. Much more flexible this way, no need to add more options for every new used freqency. Signed-off-by:
-
Greg Ungerer authored
Remove list of fixed clock frequency options used for configuring master clock, and make field an int. Much more flexible this way, no need to add more options for every new used freqency. Signed-off-by:
-
Greg Ungerer authored
Add support for the AVNET 5282 board. Patch submitted by Daniel Alomar <dalomar@serrasold.com>. Signed-off-by:
-
Greg Ungerer authored
Add configure support for the new Freescale 532x family of CPUs. Patch submitted by Matt Waddel <Matt.Waddel@freescale.com>. Signed-off-by:
-
Linus Torvalds authored
This reverts commits 3e3318de [PATCH] swsusp: x86_64 mark special saveable/unsaveable pages b6370d96 [PATCH] swsusp: i386 mark special saveable/unsaveable pages ce4ab001 [PATCH] swsusp: add architecture special saveable pages support because not only do they apparently cause page faults on x86, the infrastructure doesn't compile on powerpc. Signed-off-by:
-
Greg Ungerer authored
Add build support for the new Freescale 532x CPU platforms. Signed-off-by:
-
Greg Ungerer authored
Add support for the UART addressing on the new Freescale M532x CPU family. Signed-off-by:
-
Greg Ungerer authored
Add build support for new Freescale M532x CPU family timer. Signed-off-by:
-
Greg Ungerer authored
A cleanup of m68knommu/kernel/setup.c : - No need to initialize global pointers to NULL, they will have that value automatically, and they eat up space in my data segment image in FLASH. - Remove get_cpuinfo. It has been replaced by show_cpuinfo. Signed-off-by:
Philippe De Muyter <phdm@macqel.be> Signed-off-by:
-
Greg Ungerer authored
Don't rely on DEBUG having a value, check for it being defined. Signed-off-by:
-
Greg Ungerer authored
Include the ColdFire 532x support when including ColdFire peripharp support definitions. Signed-off-by:
-
Greg Ungerer authored
Add cache init support for the new ColdFire 532x CPU family. Signed-off-by:
-
Greg Ungerer authored
ColdFire serial driver support for the new 532x CPU family UARTs. Patch submitted by Matt Waddel <Matt.Waddel@freescale.com>. Signed-off-by:
-
Greg Ungerer authored
Register definitions for the new Freescale 532x Coldfire CPU family. Signed-off-by:
-
Greg Ungerer authored
Add kernel startup code for the new Freescale 532x CPU family. Signed-off-by:
-
