Al Viro [Mon, 28 Apr 2008 08:15:49 +0000 (04:15 -0400)]
[PATCH] new predicate - AUDIT_FILETYPE
Argument is S_IF... | <index>, where index is normally 0 or 1.
Triggers if chosen element of ctx->names[] is present and the
mode of object in question matches the upper bits of argument.
I.e. for things like "is the argument of that chmod a directory",
etc.
Pavel Emelyanov [Fri, 18 Apr 2008 20:30:15 +0000 (13:30 -0700)]
[patch 2/2] Use find_task_by_vpid in audit code
The pid to lookup a task by is passed inside audit code via netlink message.
Thanks to Denis Lunev, netlink packets are now (since 2.6.24) _always_
processed in the context of the sending task. So this is correct to lookup
the task with find_task_by_vpid() here.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
[patch 1/2] audit: let userspace fully control TTY input auditing
Remove the code that automatically disables TTY input auditing in processes
that open TTYs when they have no other TTY open; this heuristic was
intended to automatically handle daemons, but it has false positives (e.g.
with sshd) that make it impossible to control TTY input auditing from a PAM
module. With this patch, TTY input auditing is controlled from user-space
only.
On the other hand, not even for daemons does it make sense to audit "input"
from PTY masters; this data was produced by a program writing to the PTY
slave, and does not represent data entered by the user.
Signed-off-by: Miloslav Trmac <mitr@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: David Woodhouse <dwmw2@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Use msglen as the identifier.
kernel/audit.c:724:10: warning: symbol 'len' shadows an earlier one
kernel/audit.c:575:8: originally declared here
Don't use ino_f to check the inode field at the end of the functions.
kernel/auditfilter.c:429:22: warning: symbol 'f' shadows an earlier one
kernel/auditfilter.c:420:21: originally declared here
kernel/auditfilter.c:542:22: warning: symbol 'f' shadows an earlier one
kernel/auditfilter.c:529:21: originally declared here
i always used as a counter for a for loop and initialized to zero before
use. Eliminate the inner i variables.
kernel/auditsc.c:1295:8: warning: symbol 'i' shadows an earlier one
kernel/auditsc.c:1152:6: originally declared here
kernel/auditsc.c:1320:7: warning: symbol 'i' shadows an earlier one
kernel/auditsc.c:1152:6: originally declared here
Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Harvey Harrison [Sun, 27 Apr 2008 09:39:17 +0000 (02:39 -0700)]
[PATCH 1/2] audit: move extern declarations to audit.h
Leave audit_sig_{uid|pid|sid} protected by #ifdef CONFIG_AUDITSYSCALL.
Noticed by sparse:
kernel/audit.c:73:6: warning: symbol 'audit_ever_enabled' was not declared. Should it be static?
kernel/audit.c:100:8: warning: symbol 'audit_sig_uid' was not declared. Should it be static?
kernel/audit.c:101:8: warning: symbol 'audit_sig_pid' was not declared. Should it be static?
kernel/audit.c:102:6: warning: symbol 'audit_sig_sid' was not declared. Should it be static?
kernel/audit.c:117:23: warning: symbol 'audit_ih' was not declared. Should it be static?
kernel/auditfilter.c:78:18: warning: symbol 'audit_filter_list' was not declared. Should it be static?
Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Eric Paris [Fri, 18 Apr 2008 14:36:22 +0000 (10:36 -0400)]
Audit: increase the maximum length of the key field
Key lengths were arbitrarily limited to 32 characters. If userspace is going
to start using the single kernel key field as multiple virtual key fields
(example key=key1,key2,key3,key4) we should give them enough room to work.
Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Eric Paris [Fri, 18 Apr 2008 14:12:59 +0000 (10:12 -0400)]
Audit: standardize string audit interfaces
This patch standardized the string auditing interfaces. No userspace
changes will be visible and this is all just cleanup and consistancy
work. We have the following string audit interfaces to use:
This may be the first step to possibly fixing some of the issues that
people have with the string output from the kernel audit system. But we
still don't have an agreed upon solution to that problem.
Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Eric Paris [Fri, 18 Apr 2008 14:11:04 +0000 (10:11 -0400)]
Audit: stop deadlock from signals under load
A deadlock is possible between kauditd and auditd under load if auditd
receives a signal. When auditd receives a signal it sends a netlink
message to the kernel asking for information about the sender of the
signal. In that same context the audit system will attempt to send a
netlink message back to the userspace auditd. If kauditd has already
filled the socket buffer (see netlink_attachskb()) auditd will now put
itself to sleep waiting for room to send the message. Since auditd is
responsible for draining that socket we have a deadlock. The fix, since
the response from the kernel does not need to be synchronous is to send
the signal information back to auditd in a separate thread. And thus
auditd can continue to drain the audit queue normally.
Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Eric Paris [Fri, 18 Apr 2008 14:02:28 +0000 (10:02 -0400)]
Audit: save audit_backlog_limit audit messages in case auditd comes back
This patch causes the kernel audit subsystem to store up to
audit_backlog_limit messages for use by auditd if it ever appears
sometime in the future in userspace. This is useful to collect audit
messages during bootup and even when auditd is stopped. This is NOT a
reliable mechanism, it does not ever call audit_panic, nor should it.
audit_log_lost()/audit_panic() are called during the normal delivery
mechanism. The messages are still sent to printk/syslog as usual and if
too many messages appear to be queued they will be silently discarded.
I liked doing it by default, but this patch only uses the queue in
question if it was booted with audit=1 or if the kernel was built
enabling audit by default.
Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Eric Paris [Fri, 18 Apr 2008 14:09:25 +0000 (10:09 -0400)]
Audit: collect sessionid in netlink messages
Previously I added sessionid output to all audit messages where it was
available but we still didn't know the sessionid of the sender of
netlink messages. This patch adds that information to netlink messages
so we can audit who sent netlink messages.
Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
the platform modalias is prefixed with "platform:". Add MODULE_ALIAS()
to the hotpluggable SCSI platform drivers, to re-enable auto loading.
[dbrownell@users.sourceforge.net: more drivers, registration fixes]
[akpm@linux-foundation.org: fix sgiwd93.c] Signed-off-by: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: David Brownell <dbrownell@users.sourceforge.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Hannes Reinecke [Fri, 25 Apr 2008 13:01:41 +0000 (15:01 +0200)]
[SCSI] aic7xxx: teach aicasm to not emit unused debug code/data
Add a 'count' variable to each symbol which gets increased every time
the symbol is referenced. And then modify the register definition to
include counts for symbols which are referenced from the source code
only and not from the sequencer code.
This will give us an automatic usage count for the symbols with only
minimal hand-crafting.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Andrew Vasquez [Thu, 24 Apr 2008 22:21:30 +0000 (15:21 -0700)]
[SCSI] qla2xxx: Correct regression in relogin code.
Commit 63a8651f2548c6bb5132c0b4e7dad4f57a9274db ([SCSI] qla2xxx:
Correct infinite-login-retry issue.) introduced a small
regression where a successful relogin would result in an fcport's
loop_id to be incorrectly reset to FC_NO_LOOP_ID. Only clear-out
loopid, if retries have been 'truly' exhausted.
Signed-off-by: Andrew Vasquez <andrew.vasquez@qlogic.com> Cc: Stable Tree <stable@kernel.org> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Adrian Bunk [Thu, 24 Apr 2008 22:21:28 +0000 (15:21 -0700)]
[SCSI] qla2xxx: make qla2x00_issue_iocb_timeout() static
This patch makes the needlessly global qla2x00_issue_iocb_timeout()
static.
Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andrew Vasquez <andrew.vasquez@qlogic.com> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Adrian Bunk [Thu, 24 Apr 2008 22:21:27 +0000 (15:21 -0700)]
[SCSI] qla2xxx: qla_os.c, make 2 functions static
This patch makes the following needlessly global functions static:
- qla2x00_alloc_work()
- qla2x00_post_work()
Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andrew Vasquez <andrew.vasquez@qlogic.com> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
The driver is incorrectly assuming that the 'sp' reference held
in qla2[x00|4xx]_abort_command() is valid after the mailbox
command is issued to abort the exchange. It is *not*, as the
command may be completed during interrupt context before control
is returned to the mailbox caller.
Signed-off-by: Andrew Vasquez <andrew.vasquez@qlogic.com> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Andrew Vasquez [Thu, 24 Apr 2008 22:21:22 +0000 (15:21 -0700)]
[SCSI] qla2xxx: Collapse RISC-RAM retrieval code during a firmware-dump.
Use the more efficient read-DMA'ble-buffer mailbox commands
rather than reading a single word/dword at a time. We also
remove a bulk of the duplicate mailbox command-handling codes in
favor of more generic read-memory() routines (qla2xxx_dump_ram()
and qla24xx_dump_ram()).
Signed-off-by: Andrew Vasquez <andrew.vasquez@qlogic.com> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Finn Thain [Fri, 25 Apr 2008 15:06:05 +0000 (10:06 -0500)]
[SCSI] m68k: new mac_esp scsi driver
Replace the mac_esp driver with a new one based on the esp_scsi core.
For esp_scsi: add support for sync transfers for the PIO mode, add a new
esp_driver_ops method to get the maximum dma transfer size (like the old
NCR53C9x driver), and some cleanups.
Signed-off-by: Finn Thain <fthain@telegraphics.com.au> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
[SCSI] zfcp: Add some statistics provided by the FCP adapter to the sysfs
The new FCP adapter statistics provide a variety of information about
the virtual adapter (subchannel). In order to collect this information
the zfcp driver is extended to query this information.
The information provided by the new FCP adapter statistics can be
fetched by reading from the following files in the sysfs filesystem
These are the statistics on a virtual adapter (subchannel) level.
The information provided is raw and not modified or interpreted by any
means. No interpretation or modification of the values is done by the
zfcp driver.
When statistics are polled from sysfs, the statistics use the same
commands as the adapter initialization. Change the messages printed
here, so they are only printed during initialization and not for each
poll of adapter data.
[SCSI] zfcp: Wait for free SBAL during exchange config
When sending a exchange config data command, wait for a free SBAL.
This does not matter during adapter initialization, but this is
required for pulling adapter statistics during high I/O load.
James Smart [Thu, 24 Apr 2008 16:12:46 +0000 (12:12 -0400)]
[SCSI] scsi_transport_fc: fc_user_scan correction
Way back when, when the fc_user_scan routine was created, it kept some
of its original logic that walked the rport list and kicked off a scan.
Unfortunately, it didn't keep any of the locking around the rport list,
nor did it consider the synchronous nature of the scan invoked. The result,
there are some scan requests where the rport list changes, thus a subsequent
scan is called on a bogus rport structure and the system NMI's.
Signed-off-by: James Smart <james.smart@emulex.com> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Jeff Garzik [Thu, 24 Apr 2008 23:45:32 +0000 (19:45 -0400)]
[SCSI] aha1542: minor irq handler cleanups
- where the 'irq' function argument is known never to be used, rename
it to 'dummy' to make this more obvious
- replace per-irq lookup functions and tables with a direct reference
to data object obtained via 'dev_id' function argument, passed from
request_irq()
Signed-off-by: Jeff Garzik <jgarzik@redhat.com> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Adrian Bunk [Wed, 23 Apr 2008 09:51:10 +0000 (12:51 +0300)]
[SCSI] FlashPoint: fix off-by-one errors
This patch fixes off-by-one errors in error checks (the variables are
used as array indexes for arrays with MAX_SCSI_TAR resp. MAX_LUN
elements) spotted by the Coverity checker.
Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Hannes Reinecke [Wed, 23 Apr 2008 09:39:49 +0000 (11:39 +0200)]
[SCSI] aic7xxx: Update type check in aicasm grammar
The function type_check() in aicasm grammar code was
never used properly due to a bug.
This patch fixes it up and ensures it's only called if appropriate.
In addition the unused 16bit instruction are disabled, but left in
the code for reference.
Signed-off-by: Hannes Reinecke <hare@suse.de> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
James Bottomley [Mon, 21 Apr 2008 15:57:20 +0000 (10:57 -0500)]
[SCSI] fix SLUB WARN_ON
We're getting a WARN_ON from SLUB indicating that we're trying to free
caches with in-use objects. The root cause is a new dependency in the
command/sense free on unchecked_isa_dma. The WARN_ON is caused by
drivers which change this in their setup after the command/sense cache
is allocated.
The fix is to move the allocation of this cache into scsi_add_host()
so things like gdth have an opportunity to modify it between alloc and
add (but *not* after).
The true fix would be to move unchecked_isa_dma into the template and
out of the host, so it because a truly read only variable.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Merge branch 'kvm-updates-2.6.26' of git://git.kernel.org/pub/scm/linux/kernel/git/avi/kvm
* 'kvm-updates-2.6.26' of git://git.kernel.org/pub/scm/linux/kernel/git/avi/kvm: (147 commits)
KVM: kill file->f_count abuse in kvm
KVM: MMU: kvm_pv_mmu_op should not take mmap_sem
KVM: SVM: remove selective CR0 comment
KVM: SVM: remove now obsolete FIXME comment
KVM: SVM: disable CR8 intercept when tpr is not masking interrupts
KVM: SVM: sync V_TPR with LAPIC.TPR if CR8 write intercept is disabled
KVM: export kvm_lapic_set_tpr() to modules
KVM: SVM: sync TPR value to V_TPR field in the VMCB
KVM: ppc: PowerPC 440 KVM implementation
KVM: Add MAINTAINERS entry for PowerPC KVM
KVM: ppc: Add DCR access information to struct kvm_run
ppc: Export tlb_44x_hwater for KVM
KVM: Rename debugfs_dir to kvm_debugfs_dir
KVM: x86 emulator: fix lea to really get the effective address
KVM: x86 emulator: fix smsw and lmsw with a memory operand
KVM: x86 emulator: initialize src.val and dst.val for register operands
KVM: SVM: force a new asid when initializing the vmcb
KVM: fix kvm_vcpu_kick vs __vcpu_run race
KVM: add ioctls to save/store mpstate
KVM: Rename VCPU_MP_STATE_* to KVM_MP_STATE_*
...
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband:
mlx4_core: Add helper to move QP to ready-to-send
mlx4_core: Add HW queues allocation helpers
RDMA/nes: Remove volatile qualifier from struct nes_hw_cq.cq_vbase
mlx4_core: CQ resizing should pass a 0 opcode modifier to MODIFY_CQ
mlx4_core: Move kernel doorbell management into core
IB/ehca: Bump version number to 0026
IB/ehca: Make some module parameters bool, update descriptions
IB/ehca: Remove mr_largepage parameter
IB/ehca: Move high-volume debug output to higher debug levels
IB/ehca: Prevent posting of SQ WQEs if QP not in RTS
IPoIB: Handle 4K IB MTU for UD (datagram) mode
RDMA/nes: Fix adapter reset after PXE boot
RDMA/nes: Print IPv4 addresses in a readable format
RDMA/nes: Use print_mac() to format ethernet addresses for printing
Al Viro [Sun, 27 Apr 2008 05:15:42 +0000 (06:15 +0100)]
e1000e triggers sparc32 gcc bug
... and isn't possible on sparc32 boxen anyway, unless somebody
had done JavaStation with PCIE lately.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Al Viro [Sat, 19 Apr 2008 19:33:56 +0000 (20:33 +0100)]
KVM: kill file->f_count abuse in kvm
Use kvm own refcounting instead of playing with ->filp->f_count.
That will allow to get rid of a lot of crap in anon_inode_getfd() and
kill a race in kvm_dev_ioctl_create_vm() (file might have been closed
immediately by another thread, so ->filp might point to already freed
struct file when we get around to setting it).
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Avi Kivity <avi@qumranet.com>
There is not selective cr0 intercept bug. The code in the comment sets the
CR0.PG bit. But KVM sets the CR4.PG bit for SVM always to implement the paged
real mode. So the 'mov %eax,%cr0' instruction does not change the CR0.PG bit.
Selective CR0 intercepts only occur when a bit is actually changed. So its the
right behavior that there is no intercept on this instruction.
Signed-off-by: Joerg Roedel <joerg.roedel@amd.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
KVM: SVM: disable CR8 intercept when tpr is not masking interrupts
This patch disables the intercept of CR8 writes if the TPR is not masking
interrupts. This reduces the total number CR8 intercepts to below 1 percent of
what we have without this patch using Windows 64 bit guests.
Signed-off-by: Joerg Roedel <joerg.roedel@amd.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
This functionality is definitely experimental, but is capable of running
unmodified PowerPC 440 Linux kernels as guests on a PowerPC 440 host. (Only
tested with 440EP "Bamboo" guests so far, but with appropriate userspace
support other SoC/board combinations should work.)
See Documentation/powerpc/kvm_440.txt for technical details.
[stephen: build fix]
Signed-off-by: Hollis Blanchard <hollisb@us.ibm.com> Acked-by: Paul Mackerras <paulus@samba.org> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Avi Kivity <avi@qumranet.com>
KVM: ppc: Add DCR access information to struct kvm_run
Device Control Registers are essentially another address space found on PowerPC
4xx processors, analogous to PIO on x86. DCRs are always 32 bits, and can be
identified by a 32-bit number. We forward most DCR accesses to userspace for
emulation (with the exception of CPR0 registers, which can be read directly
for simplicity in timebase frequency determination).
Signed-off-by: Hollis Blanchard <hollisb@us.ibm.com> Signed-off-by: Avi Kivity <avi@qumranet.com>
PowerPC 440 KVM needs to know how many TLB entries are used for the host kernel
linear mapping (it does not modify these mappings when switching between guest
and host execution).
Signed-off-by: Hollis Blanchard <hollisb@us.ibm.com> Acked-by: Josh Boyer <jwboyer@linux.vnet.ibm.com> Acked-by: Paul Mackerras <paulus@samba.org> Signed-off-by: Avi Kivity <avi@qumranet.com>
Avi Kivity [Mon, 14 Apr 2008 11:40:50 +0000 (14:40 +0300)]
KVM: x86 emulator: fix smsw and lmsw with a memory operand
lmsw and smsw were implemented only with a register operand. Extend them
to support a memory operand as well. Fixes Windows running some display
compatibility test on AMD hosts.
Get rid of the pipeline merge stage but retain the chrdev req caching
functionality by using a merge buffer tape->merge_bh which is flushed in chunks
of several blocks at a time. Also, remove last references to pipelining, e.g.
typedef idetape_stage_s.
ide-tape: make __idetape_discard_read_pipeline() of type void
It always returns 0 which has no effect on tape positioning calculation so
simplify it by converting its type to void, bringing no functional change to the
driver.
Bart says: "can be done from user-space and is not especially interesting
even when debugging problems (raw PCI config space dump is far more useful)."
Instead of allocating pages for the buffer one by one, take advantage of the
buddy alloc system and request them 2^order at a time. This increases the chance
for bigger buffer parts to be contigious and reduces loop iteration count. While
at it, rename function __idetape_kmalloc_stage() to ide_tape_kmalloc_buffer().
[bart: fold with "ide-tape: fix mem leak" patch to preserve bisectability]
* Don't set IDE_HFLAG_NO_AUTOTUNE host flag in sgiioc4 and icside
host drivers - there is no need for it as they don't implement
->set_pio_mode method.
* Remove no longer needed IDE_HFLAG_NO_AUTOTUNE host flag.
There should be no functional changes caused by this patch.
Acked-by: Sergei Shtylyov <sshtylyov@ru.mvista.com> Signed-off-by: Bartlomiej Zolnierkiewicz <bzolnier@gmail.com>
idetape_queue_pc_tail() is a wrapper for its __idetape_queue_pc_tail() counterpart
and has no other functionality. Remove it and call the "wrapped" function
directly.