* Ingo Molnar <[EMAIL PROTECTED]> wrote:
> so here's an UP suspend+resume trace i did:
>
>
> http://redhat.com/~mingo/latency-tracing-patches/misc/trace-suspend-long.txt.bz2
>
> tons of detail - which might be interesting to other folks as well.
> Fact is, our suspend-to-RAM+resume cycle is
On Fri, 16 Nov 2007, Nelson, Shannon wrote:
> first->async_tx.phys;
> > - __list_splice(&new_chain, ioat_chan->used_desc.prev);
> > + list_splice_tail(&new_chain, ioat_chan->used_desc.prev);
> >
>
> NAK.
>
> These functions do insertions differently. The 'prev' is pointing to
> the la
Andi Kleen wrote:
On Fri, Nov 16, 2007 at 08:00:56AM -0800, Stephane Eranian wrote:
No, he is talking about something similar to what was in perfctr.
The kernel emulates 64-bit counters in software and that is you
get back when you read the counters. If you read via RDPMC, you
get 40 bits. To re
wait_task_stopped(WNOWAIT) unlocks tasklist_lock and re-checks ->exit_code and
->exit_state. This is not needed: both were valid before we dropped the lock,
and without tasklist_lock both are not stable anyway.
Read the exit_code under tasklist and report the cached value without re-check.
In fact
wait_task_stopped(WNOWAIT) does task_pid_nr_ns() without tasklist/rcu lock,
we can read an already freed memory. Use the cached pid_t value.
Signed-off-by: Oleg Nesterov <[EMAIL PROTECTED]>
--- 24/kernel/exit.c~1_PID 2007-11-16 18:12:44.0 +0300
+++ 24/kernel/exit.c2007-11-16 18:1
(don't know how to test this, hopefully Roland can take a look and ack/nack)
wait_task_stopped() writes to p->exit_code before checking that this is still
safe to do. Suppose for example that the child resumed and entered do_exit()
at the time we re-acquired tasklist lock. We can see ->exit_code !
2007/11/16, David Miller <[EMAIL PROTECTED]>:
> From: "Jonas Danielsson" <[EMAIL PROTECTED]>
> Date: Thu, 15 Nov 2007 22:40:13 +0100
>
> > Is there a reason that the target hardware address isn't the target
> > hardware address?
>
> Because of this, in cases where a choice can be made Linux will
* Avi Kivity <[EMAIL PROTECTED]> wrote:
> You can use preemption notifiers to get a callback when you are
> preempted. Not sure what you'd to with that callback, though.
but that should not be needed in this case. Why doesnt the TSC using
delay loop simply poll the CPU it is on and fix up the
Ben Dooks <[EMAIL PROTECTED]> wrote:
> Often write protect on flash chips is a seperate pin that disables
> the cell writing circuitry, not the nWE pin.
That may be true, but the board documentation in this particular case doesn't
list any way of write-enabling the flash. I have another, differe
* Ingo Molnar <[EMAIL PROTECTED]> wrote:
> but that should not be needed in this case. Why doesnt the TSC using
> delay loop simply poll the CPU it is on and fix up the TSC?
something like the patch below.
Ingo
--->
Subject: x86: make delay_tsc() preemptible again
From: In
ok, i experimented around with the latency tracer, trying to capture the
trace of a full suspend+resume cycle, and it needed the tracer fix below
(GTOD clocksource suspend/resume would otherwise confuse the tracer and
you'd get no trace output as a result).
once that tracer bug was fixed, the
On Thu, 15 Nov 2007, Oliver Neukum wrote:
> On irq 20, there's an UHCI, on irq 19 is an EHCI. For every interrupt on 20
> there's a spurious interrupt on 19. USB devices on bus of the controller on 20
> work. So I know all interrupts are seen. ERR does not increase. Interrupts
> for devices on the
On Fri, 2007-11-16 at 09:47 +0100, Ingo Molnar wrote:
> * Ingo Molnar <[EMAIL PROTECTED]> wrote:
>
> > but that should not be needed in this case. Why doesnt the TSC using
> > delay loop simply poll the CPU it is on and fix up the TSC?
>
> something like the patch below.
>
> Ingo
>
> --
Resubmit of IDE-probing-patch. It now checks hwif->drives[unit].present instead
of
forced_geom and there is also an if-statement so it doesn't change back to the
master
unless it have to. I choose to put it inside the if-statement that checks the
return
code from ide_wait_not_busy, since it shou
Jonas Stare wrote:
diff -u linux-2.6.23.1-orig/drivers/ide/ide-probe.c linux-2.6.23.1/drivers/ide/ide-probe.c
--- linux-2.6.23.1-orig/drivers/ide/ide-probe.c 2007-10-12 18:43:44.0 +0200
+++ linux-2.6.23.1/drivers/ide/ide-probe.c 2007-11-16 10:26:23.0
+0100
@@ -643,6 +643,7
On Nov 16, 2007 3:29 PM, Martin Schwidefsky <[EMAIL PROTECTED]> wrote:
> From: Michael Holzheu <[EMAIL PROTECTED]>
> -static struct subsys_attribute dump_type_attr =
> - __ATTR(dump_type, 0644, dump_type_show, dump_type_store);
> -
> -static decl_subsys(dump, NULL, NULL);
I guess th
We can take proc_subdir_lock for duration of list searching and removing
from lists only. It can't hurt -- we can gather any amount of looked up
PDEs right after proc_subdir_lock droppage in proc_lookup() anyway.
Current code should already deal with this correctly.
Also this should make code more
On Fri, Nov 02, 2007 at 04:59:16PM -0700, Greg Kroah-Hartman wrote:
> WTF? Passing binary structures into a sysfs file, expecting it to be in
> the correct format/endianness? That's just wrong on so many levels.
>
> So, these files are deleted. If you want to add them back, please do so
> in co
> How about moving this bit:
>
> +#ifndef ARCH_HAS_EARLY_ALLOC
> +#define LARGEVAR(x,y) { static typeof(*x) __ ## x[y]; x = __ ## x; }
> +#else
> +#define LARGEVAR(x,y) x = arch_early_alloc(sizeof(*x) * y)
> +#endif
>
> out of the lockdep code and into the generic early alloc code?
Will do.
-A
Compile fix for new code in -rc2.
I'm not positive about the insertion point...
Subject: compile error fix (needs review)
RT changes __list_splice to require prev and next pointers.
This changes the use in the new code to list_splice_tail,
but the optimal insertion point needs to be analyzed.
From: Christoph Lameter <[EMAIL PROTECTED]>
The iucv is the only user of the various functions that are used to bring
parts of cpus up and down. Its the only allocpercpu user that will do
I/O on per cpu objects (which is difficult to do with virtually mapped memory).
And its the only use of allocp
From: Heiko Carstens <[EMAIL PROTECTED]>
Before we're getting short on memory detection fixes here is the next
one: if neither sclp nor diag260 report the storage size the detection
loop will return immediately without detecting anything. Fix this by
breaking the detection loop only if the memory
Hi,
On Thu, 15 Nov 2007, Randy Dunlap wrote:
> This all began (AFAIK) because some of us want to continue to be
> able to specify ARCH={i386,x86_64} on the (make) command line --
> not by using a .config file. Taking away ARCH= on the command line
> is a regression (in some minds, at least), so
On Thu, 15 Nov 2007, Greg KH wrote:
> > The offending -mm patch is
> > gregkh-driver-pm-acquire-device-locks-prior-to-suspending.patch
> >
> > 2.6.24-rc2-mm1 minus it works just fine; PROVE_LOCKING shows nothing new
> > when
> > the patch is applied.
>
> Thanks for tracking this down. Alan, an
Creating PDEs with refcount 0 and ->deleted flag has problems (see below).
Switch to usual scheme:
* PDE is created with refcount 1
* every de_get does +1
* every de_put() and remove_proc_entry() do -1
* once refcnt reaches 0, PDE is freed.
This elegantly fixes at least two followint races (both o
The current set of patches queue for the next merge window with more
to come. The shortlog:
Heiko Carstens (3):
[S390] sclp: call sclp_init() from start_kernel().
[S390] Standby cpu activation/deactivation.
[S390] sclp: convert channel path configure code to use sync interface.
This patch allows VFS wrapper functions associate "struct vfsmount"
with "struct task_struct" so that LSM hooks can calculate
pathname of given "struct dentry".
Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]>
---
include/linux/init_task.h |1 +
include/linux/sched.h |2 ++
2 files cha
This patch replaces VFS helper function calls caused by
userland process's request with VFS wrapper functions call.
This patch doesn't modify individual filesystems in fs/*/ directory.
Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]>
---
fs/namei.c | 34 +++---
"TOMOYO Linux" is our work in the field of security enhancement for Linux.
You can try TOMOYO Linux 1.5.1 on Ubuntu 7.10's Live CD
http://tomoyo.sourceforge.jp/wiki-e/?TomoyoLive
Changes from previous posting.
* Made patches against latest -mm tree.
This time, we made patches for -mm tree.
Jeff, Dave,
I'm submitting a patch series for inclusion in 2.6.25.
The patches are built against netdev#upstream.
Here is a brief description:
- Fix error path when requesting MSI-X resources
- Use wild card for PCI Vendor ID
- Fix sysfs resource release
- Add PCI error recovery support
- FW upg
From: Divy Le Ray <[EMAIL PROTECTED]>
Return error code when msi-x settings fail.
Signed-off-by: Divy Le Ray <[EMAIL PROTECTED]>
---
drivers/net/cxgb3/cxgb3_main.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/drivers/net/cxgb3/cxgb3_main.c b/drivers/net/cxgb3/cxgb3
From: Divy Le Ray <[EMAIL PROTECTED]>
Vendor ID is not necessarily set to 1.
Use Vendor Id wild card for PCI device matching
Signed-off-by: Divy Le Ray <[EMAIL PROTECTED]>
---
drivers/net/cxgb3/cxgb3_main.c | 24
1 files changed, 12 insertions(+), 12 deletions(-)
di
From: Divy Le Ray <[EMAIL PROTECTED]>
Remove sysfs entries before unregistering the net devices.
Signed-off-by: Divy Le Ray <[EMAIL PROTECTED]>
---
drivers/net/cxgb3/cxgb3_main.c |8
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/net/cxgb3/cxgb3_main.c b/dri
From: Divy Le Ray <[EMAIL PROTECTED]>
Add PCI recovery support
Signed-off-by: Divy Le Ray <[EMAIL PROTECTED]>
---
drivers/net/cxgb3/cxgb3_main.c | 107
1 files changed, 107 insertions(+), 0 deletions(-)
diff --git a/drivers/net/cxgb3/cxgb3_main.c b/dri
From: Divy Le Ray <[EMAIL PROTECTED]>
Do not use skb->cb to stash unmap info,
save the info to the descriptor state.
Signed-off-by: Divy Le Ray <[EMAIL PROTECTED]>
---
drivers/net/cxgb3/sge.c | 82 +++
1 files changed, 40 insertions(+), 42 deletions
From: Divy Le Ray <[EMAIL PROTECTED]>
Remove unused argument in sysfs methods
Signed-off-by: Divy Le Ray <[EMAIL PROTECTED]>
---
drivers/net/cxgb3/cxgb3_main.c | 19 +--
1 files changed, 9 insertions(+), 10 deletions(-)
diff --git a/drivers/net/cxgb3/cxgb3_main.c b/drivers/ne
From: Divy Le Ray <[EMAIL PROTECTED]>
Disable PEX errors. The HW generates false positives.
Update RSS hash function to a symmetric algorithm.
Update T3C HW support
Signed-off-by: Divy Le Ray <[EMAIL PROTECTED]>
---
drivers/net/cxgb3/cxgb3_main.c |2 +-
drivers/net/cxgb3/regs.h | 22
From: Divy Le Ray <[EMAIL PROTECTED]>
Synchronize memory access before ringing
the Tx door bell.
Signed-off-by: Divy Le Ray <[EMAIL PROTECTED]>
---
drivers/net/cxgb3/sge.c |7 +--
1 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/drivers/net/cxgb3/sge.c b/drivers/net/cxgb3
On Fri, 16 Nov 2007, Jeremy Fitzhardinge wrote:
>
> If you happened to do a 1G munmap, it may end up freeing and
> reallocating them, but that's going to be very rare.
I don't think we ever free the pmd's now, do we?
(Except for the *final* free, of course, when we release the whole VM).
From: Divy Le Ray <[EMAIL PROTECTED]>
Bump up FW version to 5.0.
Do not downgrade FW within the same major version range.
Signed-off-by: Divy Le Ray <[EMAIL PROTECTED]>
---
drivers/net/cxgb3/t3_hw.c | 10 +++---
drivers/net/cxgb3/version.h |4 ++--
2 files changed, 9 insertions(+),
On Friday 16 November 2007 12:34:57 pm [EMAIL PROTECTED]
wrote:
> LSM hooks for network accept and recv:
>* socket_post_accept is modified to return int.
>* post_recv_datagram is added in skb_recv_datagram.
>
> You can try TOMOYO Linux without this patch, but in that case, you
> can't use
At Fri, 16 Nov 2007 13:58:24 +0100,
Ingo Molnar wrote:
>
>
> snd hda suspend latency goes down a second via the patch below.
>
> Ingo
>
> ->
> Subject: snd hda suspend latency: shorten codec read
> From: Ingo Molnar <[EMAIL PROTECTED]>
>
> not sleeping for every codec read/wr
Andrew, please drop procfs-detect-duplicate-names.patch and apply this
instead.
[PATCH] proc: detect duplicate names on registration
From: Zhang Rui <[EMAIL PROTECTED]>
Print a warning if PDE is registered with a name which already exists in
target directory.
Bug report and a simple
On Fri, Nov 16, 2007 at 09:39:58PM +0200, Matti Aarnio wrote:
> On Fri, Nov 16, 2007 at 02:35:29PM -0500, Mark Lord wrote:
> > Greg Kroah-Hartman wrote:
> >> We (the -stable team) are announcing the release of the 2.6.23.2 kernel.
> >> It contains a number of bugfixes for the core kernel code.
> >>
Looks good to me.
Thanks,
Roland
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Hi !
does somebody know if there is a website or a project for giving comfortable
and deeper insight into what`s specific to distro`s kernels and what`s their
difference to vanilla kernel ?
i mean some way to have some transparancy to what different distro vendors add
to vanilla kernel sources
Linus Torvalds wrote:
> On Fri, 16 Nov 2007, Jeremy Fitzhardinge wrote:
>
>> If you happened to do a 1G munmap, it may end up freeing and
>> reallocating them, but that's going to be very rare.
>>
>
> I don't think we ever free the pmd's now, do we?
>
> (Except for the *final* free, of cou
Yes it is for everybody. I've been rather questioning if the slow
ways (complicated syscalls) to get the counter information are really
needed.
I suppose by complicated here, your referring to the gather semantics
of the
pfm_read/write_pmds/pmcs calls. Many processors may have 100's of
reg
Add a __discard sectionto the linker script. Code produced in this section will
not be put in the vmlinux file. This is useful when we have to calculate the
size of an instruction before actually declaring it (for alignment purposes for
instance). This is used by the immediate values.
Signed-off-b
Immediate values are used as read mostly variables that are rarely updated. They
use code patching to modify the values inscribed in the instruction stream. It
provides a way to save precious cache lines that would otherwise have to be used
by these variables.
There is a generic _immediate_read()
Use the mutual exclusion provided by the text edit lock in the kprobes code. It
allows coherent manipulation of the kernel code by other subsystems.
Signed-off-by: Mathieu Desnoyers <[EMAIL PROTECTED]>
Acked-by: Ananth N Mavinakayanahalli <[EMAIL PROTECTED]>
CC: [EMAIL PROTECTED]
CC: [EMAIL PROTEC
Here is the text edit lock patchset updated for 2.6.24-rc2-git5. It is posted as
an RFC. Comments are welcome. Will post as a patch once everybody comes to an
agreement.
Mathieu
--
Mathieu Desnoyers
Computer Engineering Ph.D. Student, Ecole Polytechnique de Montreal
OpenPGP key fingerprint: 8CD5
Add initialization of an array, which needs brackets that would pollute kernel
code, to kernel.h. It is used to declare arguments passed as function parameters
such as:
text_poke(addr, INIT_ARRAY(unsigned char, 0xf0, len), len);
Signed-off-by: Mathieu Desnoyers <[EMAIL PROTECTED]>
---
include/lin
Fix a memcpy that should be a text_poke (in apply_alternatives).
Use kernel_wp_save/kernel_wp_restore in text_poke to support DEBUG_RODATA
correctly and so the CPU HOTPLUG special case can be removed.
Add text_poke_early, for alternatives and paravirt boot-time and module load
time patching.
Not
Protect the instruction pages list by a specific insn pages mutex, called in
get_insn_slot() and free_insn_slot(). It makes sure that architectures that does
not need to call arch_remove_kprobe() does not take an unneeded kprobes mutex.
Signed-off-by: Mathieu Desnoyers <[EMAIL PROTECTED]>
Acked-b
Changelog:
- Remove immediate_set_early (removed from API).
Signed-off-by: Mathieu Desnoyers <[EMAIL PROTECTED]>
---
Documentation/immediate.txt | 221
1 file changed, 221 insertions(+)
Index: linux-2.6-lttng/Documentation/immediate.txt
=
On Fri, Nov 16, 2007 at 09:39:58PM +0200, Matti Aarnio wrote:
> On Fri, Nov 16, 2007 at 02:35:29PM -0500, Mark Lord wrote:
> > Greg Kroah-Hartman wrote:
> >> We (the -stable team) are announcing the release of the 2.6.23.2 kernel.
> >> It contains a number of bugfixes for the core kernel code.
> >>
On Fri, Nov 16, 2007 at 11:57:28AM -0500, Alan Stern wrote:
> This patch (as1013) was suggested by David Woodhouse; it fixes a race
> in the driver core. If a device is unregistered at the same time as
> its driver is unloaded, the driver's code pages may be unmapped while
> the remove method is s
On Fri, Nov 16, 2007 at 11:33:26AM +0900, Ken'ichi Ohmichi wrote:
>
> This patch adds the array length of "free_area.free_list" to the vmcoreinfo
> data so that makedumpfile (dump filtering command) can exclude all free pages
> in linux-2.6.24.
>
> makedumpfile creates a small dumpfile by excludi
On Fri, 2007-11-16 at 12:37 -0800, Greg KH wrote:
> Is this something that you all feel is worth getting in for 2.6.24?
> Does it fix a regression that just showed up, or is just a bugfix for
> something that people finally realized has always been there?
The latter. We just happen to kick the wir
Linus Torvalds wrote:
> So don't do it. Just preallocate for the magic 4-entry PGD. You can make
> the special case just be something like
>
Yes, OK, it makes sense. Conceptually they would be dynamically
allocated and freed, but they'd just happen to start allocated, to avoid
the tlb flush o
Ingo Molnar wrote:
* Ingo Molnar <[EMAIL PROTECTED]> wrote:
Is there a version of these that works with 2.6.23.1 ?
yes, i've backported it and have uploaded the v2.6.23 version to:
http://redhat.com/~mingo/latency-tracing-patches/latency-tracer-v2.6.23.1-combo.patch
..
ok, i experimented
On Fri, Nov 16, 2007 at 11:33:14AM +0900, Ken'ichi Ohmichi wrote:
>
> For readability, all the calls to vmcoreinfo_append_str() are changed to
> macros
> having a prefix "VMCOREINFO_".
>
> This discussion is the following:
> http://www.ussg.iu.edu/hypermail/linux/kernel/0709.3/0584.html
>
> Sig
On Fri, Nov 16, 2007 at 11:33:07AM +0900, Ken'ichi Ohmichi wrote:
>
> It is better that the existing offsetof() is used for VMCOREINFO_OFFSET().
>
> This discussion is the following:
> http://www.ussg.iu.edu/hypermail/linux/kernel/0709.3/0584.html
>
> Signed-off-by: Ken'ichi Ohmichi <[EMAIL PROT
We (the -stable team) are announcing the release of the 2.6.23.5 kernel.
It contains a number of bugfixes for networking drivers.
I'll also be replying to this message with a copy of the patch between
2.6.23.4 and 2.6.23.5
The updated 2.6.23.y git tree can be found at:
git://git.kernel.or
diff --git a/Makefile b/Makefile
index b0c2c32..0c34409 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,7 @@
VERSION = 2
PATCHLEVEL = 6
SUBLEVEL = 23
-EXTRAVERSION = .3
+EXTRAVERSION = .4
NAME = Arr Matey! A Hairy Bilge Rat!
# *DOCUMENTATION*
diff --git a/include/linux/netlink.h b/include/li
On Fri, Nov 16, 2007 at 11:33:02AM +0900, Ken'ichi Ohmichi wrote:
>
> VMCOREINFO_SIZE() should be renamed VMCOREINFO_STRUCT_SIZE() since it's always
> returning the size of the struct with a given name. This change would allow
> VMCOREINFO_TYPEDEF_SIZE() to simply become VMCOREINFO_SIZE() since it
On Fri, 16 Nov 2007, Ulrich Drepper wrote:
> dean gaudet wrote:
> > honestly i think there should be a per-task flag which indicates whether
> > fds are by default F_CLOEXEC or not. my reason: third party libraries.
>
> Only somebody who thinks exclusively about applications as opposed to
> ru
Kristoffer Ericson wrote:
> Greetings,
>
> Ive been following your discussion and documentation efforts concerning pm
> in the kernel. This has in the past been a gray area which was hard to
> find information about so kudos.
>
> I maintain 2 handheld platforms that would benefit greatly from
>
Hello.
In article <[EMAIL PROTECTED]> (at Sat, 17 Nov 2007 02:34:50 +0900), [EMAIL
PROTECTED] says:
> + *cp++ = '\0';
> + count = sscanf(cp,
> +NIP6_FMT "-" NIP6_FMT,
> +&min[0], &min[1], &min[2], &min[3],
> +&min[4], &min[5], &
This patch allows administrators use conditional permission.
TOMOYO Linux supports conditional permission based on
process's UID,GID etc. and/or requested pathname's UID/GID.
Signed-off-by: Kentaro Takeda <[EMAIL PROTECTED]>
Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]>
security/tomoyo/conditio
TOMOYO Linux is placed in security/tomoyo .
Signed-off-by: Kentaro Takeda <[EMAIL PROTECTED]>
Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]>
security/Kconfig |1 +
security/Makefile|1 +
security/tomoyo/Kconfig | 26 ++
security/tomoyo/Makefile
Jeremy Fitzhardinge wrote:
Hm, do you recall what processors that might affect? As far as I know,
current processors will ignore non-present top-level entries. Anyway,
we can point them not present to empty_zero_page, so testing the present
bit will still be sufficient to tell if we need to al
TOMOYO Linux checks sending signal by signal number and
the domain of target process. In order to check signal
permission, LSM expansion patch [TOMOYO 18/18] is needed.
Each permission can be automatically accumulated into
the policy of each domain using 'learning mode'.
Signed-off-by: Kentaro Ta
TOMOYO Linux checks permission in
open/creat/unlink/truncate/ftruncate/mknod/mkdir/
rmdir/symlink/link/rename/uselib/sysctl .
Each permission can be automatically accumulated into
the policy of each domain using 'learning mode'.
Signed-off-by: Kentaro Takeda <[EMAIL PROTECTED]>
Signed-off-by: Tet
On Fri, 16 Nov 2007, Greg KH wrote:
> On Fri, Nov 16, 2007 at 11:57:28AM -0500, Alan Stern wrote:
> > This patch (as1013) was suggested by David Woodhouse; it fixes a race
> > in the driver core. If a device is unregistered at the same time as
> > its driver is unloaded, the driver's code pages m
On Friday 16 November 2007 09:52:48 am Rene Herman wrote:
> On 16-11-07 08:39, Zhao Yakui wrote:
>
> > Subject: PNP: Increase the value of PNP constant
> > From: Zhao Yakui <[EMAIL PROTECTED]>
> >
> > On some systems the number of resources(IO,MEM) returnedy by PNP
> > device is greater than the
If mmap_min_addr is set and a process attempts to mmap (not fixed) with
a non-null hint address less than mmap_min_addr the mapping will fail
the security checks. Since this is just a hint address this patch will
round such a hint address above mmap_min_addr.
gcj was found to try to be very fruga
On Fri, 16 Nov 2007, Jeremy Fitzhardinge wrote:
> >
> > IIRC, the present bit is ignored in the magic 4-entry PGD. All entries
> > have to be present.
>
> Hm, do you recall what processors that might affect? As far as I know,
> current processors will ignore non-present top-level entries.
Ar
Andi,
On Fri, Nov 16, 2007 at 05:28:13PM +0100, Andi Kleen wrote:
> On Fri, Nov 16, 2007 at 08:00:56AM -0800, Stephane Eranian wrote:
> > No, he is talking about something similar to what was in perfctr.
> > The kernel emulates 64-bit counters in software and that is you
> > get back when you read
Every process belongs to a domain in TOMOYO Linux.
Domain transition occurs when execve(2) is called
and the domain is expressed as 'process invocation history',
such as ' /sbin/init /etc/init.d/rc'.
Domain information is stored in task_struct->security.
Signed-off-by: Kentaro Takeda <[EMAIL PROTE
TOMOYO Linux uses /sys/kernel/security/tomoyo/ interface
for reporting access logs in domain policy format.
One is 'grant_log', used for auditing accesses which are
granted in the TOMOYO Linux policy.
The other is 'reject_log', used for auditing accesses which
are not granted in the TOMOYO Linux po
This patch allows LSM hooks refer previously associated "struct vfsmount"
parameter
so that they can calculate pathname of given "struct dentry".
Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]>
---
include/linux/fs.h | 138 +
1 file changed, 1
Signed-off-by: Kentaro Takeda <[EMAIL PROTECTED]>
Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]>
security/tomoyo/include/realpath.h | 45 ++
security/tomoyo/include/tomoyo.h | 671 +
2 files changed, 716 insertions(+)
--- /dev/null 1970-01-01 00:00:00.0
If the executed program name and argv[0] is different,
TOMOYO Linux checks permission.
Each permission can be automatically accumulated into
the policy of each domain using 'learning mode'.
Signed-off-by: Kentaro Takeda <[EMAIL PROTECTED]>
Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]>
security
TOMOYO Linux checks permission by the following four parameters.
* protocol type (TCP, UDP, RAW)
* access type (bind, listen, connect, accept)
* IP address (Both IPv4 and IPv6 are available)
* port number
In order to check 'TCP accept' and 'UDP connect',
LSM expansion patch ([TOMOYO 18/18])
TOMOYO Linux checks mount permission based on
device name, mount point, filesystem type and optional flags.
TOMOYO Linux also checks permission in umount and pivot_root.
Each permission can be automatically accumulated into
the policy using 'learning mode'.
Signed-off-by: Kentaro Takeda <[EMAIL P
Sergei Shtylyov wrote:
> Jonas Stare wrote:
>
>> diff -u linux-2.6.23.1-orig/drivers/ide/ide-probe.c
>> linux-2.6.23.1/drivers/ide/ide-probe.c ---
>> linux-2.6.23.1-orig/drivers/ide/ide-probe.c 2007-10-12
>> 18:43:44.0 +0200
>> +++ linux-2.6.23.1/drivers/ide/ide-probe.c 2007-11-16
>>
On Fri, 2007-11-16 at 16:15 +0100, Kay Sievers wrote:
> On Nov 16, 2007 3:29 PM, Martin Schwidefsky <[EMAIL PROTECTED]> wrote:
> > From: Michael Holzheu <[EMAIL PROTECTED]>
>
> > -static struct subsys_attribute dump_type_attr =
> > - __ATTR(dump_type, 0644, dump_type_show, dump_type_
On Sat, 2007-11-17 at 02:34 +0900, [EMAIL PROTECTED]
wrote:
> plain text document attachment
> (add-wrapper-functions-for-vfs-helper-functions.patch)
> This patch allows LSM hooks refer previously associated "struct vfsmount"
> parameter
> so that they can calculate pathname of given "struct dent
On Nov 16, 2007 2:46 AM, Jim Keniston <[EMAIL PROTECTED]> wrote:
> > > Lacking a solution to #1a, I think Abhishek's approach provides a
> > > reasonable solution to problem #1.
> >
> > If you're not convinced that problem #1 isn't appropriately handled,
>
> I don't know where you got that idea. R
On Fri, 16 Nov 2007, Andi Kleen wrote:
> I didn't see a clear list.
- cross platform extensible API for configuring perf counters
- support for multiplexed counters
- support for virtualized 64-bit counters
- support for PC and call graph sampling at specific intervals
- support for reading coun
LSM hooks for sending signal:
* task_kill_unlocked is added in sys_kill
* task_tkill_unlocked is added in sys_tkill
* task_tgkill_unlocked is added in sys_tgkill
LSM hooks for network accept and recv:
* socket_post_accept is modified to return int.
* post_recv_datagram is added in sk
TOMOYO Linux checks permission for non-POSIX capability
so that the number of capabilities won't be limited to 32 or 64.
Each permission can be automatically accumulated into
the policy of each domain using 'learning mode'.
Signed-off-by: Kentaro Takeda <[EMAIL PROTECTED]>
Signed-off-by: Tetsuo H
On Friday 16 November 2007 01:15:27 Greg KH wrote:
> On Thu, Nov 15, 2007 at 11:01:43PM -0600, Rob Landley wrote:
> > On Thursday 15 November 2007 21:08:32 WANG Cong wrote:
> > > On Thu, Nov 15, 2007 at 01:06:08PM -0800, Greg KH wrote:
> > > >Hm, not good. I'll let Jeff handle this :)
> > >
> > >
To avoid namespace_sem deadlock, this patch uses
"current->last_vfsmount" associated by wrapper functions.
Signed-off-by: Kentaro Takeda <[EMAIL PROTECTED]>
Signed-off-by: Tetsuo Handa <[EMAIL PROTECTED]>
security/tomoyo/tomoyo.c | 822 +++
1 file chan
you know... i understand the need for FD_CLOEXEC -- in fact i tried
petitioning for CLOEXEC options to all the fd creating syscalls something
like 7 years ago when i was banging my head against the wall trying to
figure out how to thread apache... but even still i'm not convinced that
extending
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
dean gaudet wrote:
> honestly i think there should be a per-task flag which indicates whether
> fds are by default F_CLOEXEC or not. my reason: third party libraries.
Only somebody who thinks exclusively about applications as opposed to
runtimes/li
On Fri, 16 Nov 2007, Romano Giannetti wrote:
>
> (Cc: trimmed a bit).
>
> On Thu, 2007-11-15 at 11:19 -0500, Daniel Barkalow wrote:
> > On Thu, 15 Nov 2007, Theodore Tso wrote:
> [...]
> > > A full kernel build with everything selected can take good 30 minutes or
> > > more, and that's on a fas
Hello.
Trond Myklebust wrote:
> > This patch allows LSM hooks refer previously associated "struct vfsmount"
> > parameter
> > so that they can calculate pathname of given "struct dentry".
>
> NACK to this. Passing function parameters through the task_struct is
> definitely not an acceptable hack
101 - 200 of 421 matches
Mail list logo
