- 16 Oct, 2007 40 commits
-
-
Al Viro authored
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6: SELinux: kills warnings in Improve SELinux performance when AVC misses SELinux: improve performance when AVC misses. SELinux: policy selectable handling of unknown classes and perms SELinux: Improve read/write performance SELinux: tune avtab to reduce memory usage
-
git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6: (25 commits) firewire: fw-cdev: reorder wakeup vs. spinlock firewire: in-code doc updates. firewire: a header cleanup firewire: adopt read cycle timer ABI from raw1394 firewire: fw-ohci: check for misconfigured bus (phyID == 63) firewire: fw-ohci: missing dma_unmap_single firewire: fw-ohci: log posted write errors firewire: fw-ohci: reorder includes firewire: fw-ohci: fix includes firewire: fw-ohci: enforce read order for selfID generation firewire: fw-sbp2: use an own workqueue (fix system responsiveness) firewire: fw-sbp2: expose module parameter for workarounds firewire: fw-sbp2: add support for multiple logical units per target firewire: fw-sbp2: always enable IRQs before calling command ORB callback firewire: fw-core: local variable shadows a global one firewire: optimize fw_core_add_address_handler ieee1394: ieee1394_core.c: use DEFINE_SPINLOCK for spinlock definition ieee1394: csr1212: proper refcounting ieee1394: nodemgr: fix leak of struct csr1212_keyval ieee1394: pcilynx: I2C cleanups ...
-
ssh://master.kernel.org/pub/scm/linux/kernel/git/sam/kbuildLinus Torvalds authored
* ssh://master.kernel.org/pub/scm/linux/kernel/git/sam/kbuild: x86: fix boot error introduced by kbuild
-
ssh://master.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6Linus Torvalds authored
* 'release' of ssh://master.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6: [IA64] Fix build for CONFIG_SMP=n
-
KaiGai Kohei authored
This patch kills ugly warnings when the "Improve SELinux performance when ACV misses" patch. Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Signed-off-by: James Morris <jmorris@namei.org>
-
KaiGai Kohei authored
* We add ebitmap_for_each_positive_bit() which enables to walk on any positive bit on the given ebitmap, to improve its performance using common bit-operations defined in linux/bitops.h. In the previous version, this logic was implemented using a combination of ebitmap_for_each_bit() and ebitmap_node_get_bit(), but is was worse in performance aspect. This logic is most frequestly used to compute a new AVC entry, so this patch can improve SELinux performance when AVC misses are happen. * struct ebitmap_node is redefined as an array of "unsigned long", to get suitable for using find_next_bit() which is fasted than iteration of shift and logical operation, and to maximize memory usage allocated from general purpose slab. * Any ebitmap_for_each_bit() are repleced by the new implementation in ss/service.c and ss/mls.c. Some of related implementation are changed, however, there is no incompatibility with the previous version. * The width of any new line are less or equal than 80-chars. The following benchmark shows the effect of this patch, when we access many files which have different security context one after another. The number is more than /selinux/avc/cache_threshold, so any access always causes AVC misses. selinux-2.6 selinux-2.6-ebitmap AVG: 22.763 [s] 8.750 [s] STD: 0.265 0.019 ------------------------------------------ 1st: 22.558 [s] 8.786 [s] 2nd: 22.458 [s] 8.750 [s] 3rd: 22.478 [s] 8.754 [s] 4th: 22.724 [s] 8.745 [s] 5th: 22.918 [s] 8.748 [s] 6th: 22.905 [s] 8.764 [s] 7th: 23.238 [s] 8.726 [s] 8th: 22.822 [s] 8.729 [s] Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
-
Eric Paris authored
Allow policy to select, in much the same way as it selects MLS support, how the kernel should handle access decisions which contain either unknown classes or unknown permissions in known classes. The three choices for the policy flags are 0 - Deny unknown security access. (default) 2 - reject loading policy if it does not contain all definitions 4 - allow unknown security access The policy's choice is exported through 2 booleans in selinuxfs. /selinux/deny_unknown and /selinux/reject_unknown. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
-
Yuichi Nakamura authored
It reduces the selinux overhead on read/write by only revalidating permissions in selinux_file_permission if the task or inode labels have changed or the policy has changed since the open-time check. A new LSM hook, security_dentry_open, is added to capture the necessary state at open time to allow this optimization. (see http://marc.info/?l=selinux&m=118972995207740&w=2) Signed-off-by: Yuichi Nakamura<ynakam@hitachisoft.jp> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
-
Yuichi Nakamura authored
This patch reduces memory usage of SELinux by tuning avtab. Number of hash slots in avtab was 32768. Unused slots used memory when number of rules is fewer. This patch decides number of hash slots dynamically based on number of rules. (chain length)^2 is also printed out in avtab_hash_eval to see standard deviation of avtab hash table. Signed-off-by: Yuichi Nakamura<ynakam@hitachisoft.jp> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
-
Jay Fenlason authored
Signed-off-by: Jay Fenlason <fenlason@redhat.com> Prompted by https://bugzilla.redhat.com/show_bug.cgi?id=323411Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Yann Dirson authored
Signed-off-by: Yann Dirson <ydirson@altern.org> Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> (update)
-
Stefan Richter authored
fw_node() is not used (and not useful) outside fw-topology.c. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
This duplicates the read cycle timer feature of raw1394 (added in Linux 2.6.21) in firewire-core's userspace ABI. The argument to the ioctl is reordered though to ensure 32/64 bit compatibility. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Signed-off-by: Kristian Høgsberg <krh@redhat.com>
-
Stefan Richter authored
Check NodeID.nodeNumber as per OHCI 1.1 clause 7.2.3.2. See also IEEE 1394a table 5B-1. Also, demote the "node ID not valid" message from error to notification as it is not an error condition. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
at_context_queue_packet() didn't clean up in an early exit path. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Signed-off-by: Kristian Høgsberg <krh@redhat.com>
-
Stefan Richter authored
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
Add used includes, remove unused includes. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
It seems unlikely, but access to self_id_cpu[0] could at least in theory be deferred until after the loop over self_id_cpu[1..n] or even after the subsequent reg_read. Enforce the desired order by a read barrier. Also prevent the reg_read from being reordered relative to the for loop. This isn't necessary if the loop's conditional printk counts as an implicit barrier, but better make it explicit. (self_id_cpu[] is a coherent DMA buffer.) Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
Firewire-sbp2 did very uncooperative things in the kernel's shared workqueue: Sleeping until reception of management status from the target for up to 2 seconds, and performing SCSI inquiry and all of the setup of SCSI command set drivers via scsi_add_device. If there were transient or permanent error conditions, this caused long blockage of the kernel's events process, noticeable e.g. by blocked keyboard input. We now allocate a workqueue process exclusive to fw-sbp2. As a side effect, this also increases parallelism of fw-sbp2's login and reconnect work versus fw-core's device discovery and device update work which is performed in the shared workqueue. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Signed-off-by: Kristian Høgsberg <krh@redhat.com>
-
Stefan Richter authored
On rare occasions, the ability to set one of the workaround flags at runtime may save the day. People who experience I/O errors with firewire-sbp2 while the old sbp2 driver worked for them should try workarounds=1 and report to the devel mailinglist whether that improves things. Firewire-sbp2 defaults to the SCSI stack's maximum transfer size per command, while sbp2 limits them to 128 kBytes. Flag 1 accomplishes just that. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
Fixes "New firewire stack only recognizing half of a chain of drives", https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=242254Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
On IOMMU-less noncoherent architectures, orb->callback will memcpy the whole SCSI command buffer for READ-like SCSI commands. It is therefore friendlier to enable IRQs before the call, like before patch "Add ref-counting for sbp2 orbs". Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Acked-by: Kristian Høgsberg <krh@redhat.com>
-
Stefan Richter authored
Sparse warned about it although it was apparently harmless: drivers/firewire/fw-cdev.c:624:23: warning: symbol 'interrupt' shadows an earlier one include/asm/hw_irq.h:29:13: originally declared here Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
Potentially avoids unnecessary loop runs. Guarantee quadlet-aligned starts of address regions. Document the return values. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Matthias Kaehlcke authored
drivers/ieee1394/ieee1394_core.c: Define spinlock using DEFINE_SPINLOCK instead of assignment to SPIN_LOCK_UNLOCKED Signed-off-by: Matthias Kaehlcke <matthias.kaehlcke@gmail.com> Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
At least since nodemgr got rid of coarse global locking, accesses to struct csr1212_keyval's reference counter should be atomic and coupled with proper barriers. Also, calls to csr1212_keep_keyval(kv) should occur before kv is being used. (We probably should convert refcnt to struct kref, but how to keep csr1212_destroy_keyval's implementation non-recursively then?) Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
csr1212_keep_keyval(kv) in nodemgr_process_root_directory was unbalanced if ne->vendor_name_kv already exists. This happens for example if eth1394 or raw1394 modify the local config ROM and it is parsed again. As a bonus, the attempt to add the vendor_name_kv sysfs attribute when it already exists is now fixed for good. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Jean Delvare authored
* Delete optional and empty i2c client_register and client_unregister callbacks. * Use the proper i2c adapter ID. * Don't use a template to initialize the i2c_adapter structure, it's inefficient. * Update a misleading comment on why we use i2c_transfer rather than higher level i2c functions. Signed-off-by: Jean Delvare <khali@linux-fr.org> Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Satyam Sharma authored
The nodemgr host thread can exit on its own even when kthread_should_stop is not true, on receiving a signal (might never happen in practice, as it ignores signals). But considering kthread_stop() must not be mixed with kthreads that can exit on their own, I think changing the code like this is clearer. This change means the thread can cut its sleep short when receive a signal but looking at the code around, that sounds okay (and again, it might never actually recieve a signal in practice). Signed-off-by: Satyam Sharma <satyam@infradead.org> Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
sbp2_host_reset and sbp2_handle_status_write are not serialized against sbp2_alloc_device and sbp2_remove_device. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
bad_proto can be reached from points which did not take priv->lock. Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Stefan Richter authored
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
-
Sam Ravnborg authored
x86 uses target specific assignment of EXTRA_AFLAGS, EXTRA_CFLAGS - this caused troubles with introducing asflags-y, ccflags-y. Fixed the target specific assignments in arch/x86/boot/Makefile and auditted the rest of the kernel for similar usage. Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
-
Tony Luck authored
d5a7430d missed a spot where we use cpu_sibling_map and cpu_core_map. These don't exist on a uni-processor build. Wrap #ifdef CONFIG_SMP ... #endif around it. Signed-off-by: Tony Luck <tony.luck@intel.com>
-
Anton Blanchard authored
htab_bolt_mapping takes another argument now the 1TB code has been merged. Update vmemmap_populate to match. Signed-off-by: Anton Blanchard <anton@samba.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
Anton Blanchard authored
Commit 78bdc310 ("PPC: sg chaining support") looks to have removed some unrelated ppc code. Lets put it back in. Signed-off-by: Anton Blanchard <anton@samba.org> Acked-by: Jens Axboe <jens.axboe@oracle.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuildLinus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuild: (40 commits) kbuild: introduce ccflags-y, asflags-y and ldflags-y kbuild: enable 'make CPPFLAGS=...' to add additional options to CPP kbuild: enable use of AFLAGS and CFLAGS on commandline kbuild: enable 'make AFLAGS=...' to add additional options to AS kbuild: fix AFLAGS use in h8300 and m68knommu kbuild: check for wrong use of CFLAGS kbuild: enable 'make CFLAGS=...' to add additional options to CC kbuild: fix up CFLAGS usage kbuild: make modpost detect unterminated device id lists kbuild: call export_report from the Makefile kbuild: move Kai Germaschewski to CREDITS kconfig/menuconfig: distinguish between selected-by-another options and comments kconfig: tristate choices with mixed tristate and boolean values include/linux/Kbuild: remove duplicate entries kbuild: kill backward compatibility checks kbuild: kill EXTRA_ARFLAGS kbuild: fix documentation in makefiles.txt kbuild: call make once for all targets when O=.. is used kbuild: pass -g to assembler under CONFIG_DEBUG_INFO kbuild: update _shipped files for kconfig syntax cleanup ... Fix up conflicts in arch/um/sys-{x86_64,i386}/Makefile manually.
-