summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* flex_array: flex_array_prealloc takes a number of elements, not an endEric Paris2011-04-284-11/+14
| | | | | | | | | | | | | | | Change flex_array_prealloc to take the number of elements for which space should be allocated instead of the last (inclusive) element. Users and documentation are updated accordingly. flex_arrays got introduced before they had users. When folks started using it, they ended up needing a different API than was coded up originally. This swaps over to the API that folks apparently need. Based-on-patch-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: Eric Paris <eparis@redhat.com> Tested-by: Chris Richards <gizmo@giz-works.com> Acked-by: Dave Hansen <dave@linux.vnet.ibm.com> Cc: stable@kernel.org [2.6.38+]
* SELinux: pass last path component in may_createEric Paris2011-04-281-1/+2
| | | | | | | | | | | | | | | | | New inodes are created in a two stage process. We first will compute the label on a new inode in security_inode_create() and check if the operation is allowed. We will then actually re-compute that same label and apply it in security_inode_init_security(). The change to do new label calculations based in part on the last component of the path name only passed the path component information all the way down the security_inode_init_security hook. Down the security_inode_create hook the path information did not make it past may_create. Thus the two calculations came up differently and the permissions check might not actually be against the label that is created. Pass and use the same information in both places to harmonize the calculations and checks. Reported-by: Dominick Grift <domg472@gmail.com> Signed-off-by: Eric Paris <eparis@redhat.com>
* SELinux: put name based create rules in a hashtableEric Paris2011-04-283-61/+135
| | | | | | | | | | To shorten the list we need to run if filename trans rules exist for the type of the given parent directory I put them in a hashtable. Given the policy we are expecting to use in Fedora this takes the worst case list run from about 5,000 entries to 17. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: James Morris <jmorris@namei.org>
* SELinux: generic hashtab entry counterEric Paris2011-04-281-2/+2
| | | | | | | | Instead of a hashtab entry counter function only useful for range transition rules make a function generic for any hashtable to use. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: James Morris <jmorris@namei.org>
* SELinux: calculate and print hashtab stats with a generic functionEric Paris2011-04-281-19/+13
| | | | | | | | | We have custom debug functions like rangetr_hash_eval and symtab_hash_eval which do the same thing. Just create a generic function that takes the name of the hash table as an argument instead of having custom functions. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: James Morris <jmorris@namei.org>
* SELinux: skip filename trans rules if ttype does not match parent dirEric Paris2011-04-283-0/+17
| | | | | | | | | | | | | | Right now we walk to filename trans rule list for every inode that is created. First passes at policy using this facility creates around 5000 filename trans rules. Running a list of 5000 entries every time is a bad idea. This patch adds a new ebitmap to policy which has a bit set for each ttype that has at least 1 filename trans rule. Thus when an inode is created we can quickly determine if any rules exist for this parent directory type and can skip the list if we know there is definitely no relevant entry. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: James Morris <jmorris@namei.org>
* SELinux: rename filename_compute_type argument to *type instead of *conEric Paris2011-04-281-3/+3
| | | | | | | | | filename_compute_type() takes as arguments the numeric value of the type of the subject and target. It does not take a context. Thus the names are misleading. Fix the argument names. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: James Morris <jmorris@namei.org>
* SELinux: fix comment to state filename_compute_type takes an objname not a qstrEric Paris2011-04-281-1/+1
| | | | | | | filename_compute_type used to take a qstr, but it now takes just a name. Fix the comments to indicate it is an objname, not a qstr. Signed-off-by: Eric Paris <eparis@redhat.com>
* SMACK: smack_file_lock can use the struct pathEric Paris2011-04-251-2/+2
| | | | | | | | smack_file_lock has a struct path, so use that instead of only the dentry. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com>
* LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATHEric Paris2011-04-255-42/+52
| | | | | | | | | This patch separates and audit message that only contains a dentry from one that contains a full path. This allows us to make it harder to misuse the interfaces or for the interfaces to be implemented wrong. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com>
* LSM: split LSM_AUDIT_DATA_FS into _PATH and _INODEEric Paris2011-04-256-73/+78
| | | | | | | | | | The lsm common audit code has wacky contortions making sure which pieces of information are set based on if it was given a path, dentry, or inode. Split this into path and inode to get rid of some of the code complexity. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com>
* SELINUX: Make selinux cache VFS RCU walks safeEric Paris2011-04-253-25/+55
| | | | | | | | | | | | | | | | Now that the security modules can decide whether they support the dcache RCU walk or not it's possible to make selinux a bit more RCU friendly. The SELinux AVC and security server access decision code is RCU safe. A specific piece of the LSM audit code may not be RCU safe. This patch makes the VFS RCU walk retry if it would hit the non RCU safe chunk of code. It will normally just work under RCU. This is done simply by passing the VFS RCU state as a flag down into the avc_audit() code and returning ECHILD there if it would have an issue. Based-on-patch-by: Andi Kleen <ak@linux.intel.com> Signed-off-by: Eric Paris <eparis@redhat.com>
* SECURITY: Move exec_permission RCU checks into security modulesAndi Kleen2011-04-255-8/+14
| | | | | | | | | | | | | | | Right now all RCU walks fall back to reference walk when CONFIG_SECURITY is enabled, even though just the standard capability module is active. This is because security_inode_exec_permission unconditionally fails RCU walks. Move this decision to the low level security module. This requires passing the RCU flags down the security hook. This way at least the capability module and a few easy cases in selinux/smack work with RCU walks with CONFIG_SECURITY=y Signed-off-by: Andi Kleen <ak@linux.intel.com> Signed-off-by: Eric Paris <eparis@redhat.com>
* SELinux: security_read_policy should take a size_t not ssize_tEric Paris2011-04-252-2/+2
| | | | | | | | The len should be an size_t but is a ssize_t. Easy enough fix to silence build warnings. We have no need for signed-ness. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: James Morris <jmorris@namei.org>
* SELinux: silence build warning when !CONFIG_BUGEric Paris2011-04-252-0/+3
| | | | | | | | If one builds a kernel without CONFIG_BUG there are a number of 'may be used uninitialized' warnings. Silence these by returning after the BUG(). Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: James Morris <jmorris@namei.org>
* SELinux: delete debugging printks from filename_trans rule processingEric Paris2011-04-201-4/+0
| | | | | | | | The filename_trans rule processing has some printk(KERN_ERR ) messages which were intended as debug aids in creating the code but weren't removed before it was submitted. Remove them. Signed-off-by: Eric Paris <eparis@redhat.com>
* Initialize policydb.process_class eariler.Harry Ciao2011-04-071-5/+5
| | | | | | | | | Initialize policydb.process_class once all symtabs read from policy image, so that it could be used to setup the role_trans.tclass field when a lower version policy.X is loaded. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Signed-off-by: Eric Paris <eparis@redhat.com>
* selinux: Fix regression for XorgStephen Smalley2011-04-071-1/+1
| | | | | | | | | | | Commit 6f5317e730505d5cbc851c435a2dfe3d5a21d343 introduced a bug in the handling of userspace object classes that is causing breakage for Xorg when XSELinux is enabled. Fix the bug by changing map_class() to return SECCLASS_NULL when the class cannot be mapped to a kernel object class. Reported-by: "Justin P. Mattock" <justinmattock@gmail.com> Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
* selinux: add type_transition with name extension support for selinuxfsKohei Kaigai2011-04-013-12/+25
| | | | | | | | | | | | | | | The attached patch allows /selinux/create takes optional 4th argument to support TYPE_TRANSITION with name extension for userspace object managers. If 4th argument is not supplied, it shall perform as existing kernel. In fact, the regression test of SE-PostgreSQL works well on the patched kernel. Thanks, Signed-off-by: KaiGai Kohei <kohei.kaigai@eu.nec.com> [manually verify fuzz was not an issue, and it wasn't: eparis] Signed-off-by: Eric Paris <eparis@redhat.com>
* SELinux: update git tree in MAINTAINERSEric Paris2011-04-011-1/+2
| | | | | | update the git tree in MAINTAINERS Signed-off-by: Eric Paris <eparis@redhat.com>
* SELinux: Write class field in role_trans_write.Harry Ciao2011-03-281-2/+9
| | | | | | | | | If kernel policy version is >= 26, then write the class field of the role_trans structure into the binary reprensentation. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Eric Paris <eparis@redhat.com>
* SELinux: Compute role in newcontext for all classesHarry Ciao2011-03-281-11/+9
| | | | | | | | Apply role_transition rules for all kinds of classes. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Eric Paris <eparis@redhat.com>
* SELinux: Add class support to the role_trans structureHarry Ciao2011-03-283-2/+18
| | | | | | | | | | | | | If kernel policy version is >= 26, then the binary representation of the role_trans structure supports specifying the class for the current subject or the newly created object. If kernel policy version is < 26, then the class field would be default to the process class. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Eric Paris <eparis@redhat.com>
* Merge branch 'master' of git://git.infradead.org/users/eparis/selinux into nextJames Morris2011-03-0852-323/+594
|\
| * SELinux: implement the new sb_remount LSM hookEric Paris2011-03-031-0/+86
| | | | | | | | | | | | | | | | | | | | For SELinux we do not allow security information to change during a remount operation. Thus this hook simply strips the security module options from the data and verifies that those are the same options as exist on the current superblock. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: James Morris <jmorris@namei.org>
| * LSM: Pass -o remount options to the LSMEric Paris2011-03-034-0/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The VFS mount code passes the mount options to the LSM. The LSM will remove options it understands from the data and the VFS will then pass the remaining options onto the underlying filesystem. This is how options like the SELinux context= work. The problem comes in that -o remount never calls into LSM code. So if you include an LSM specific option it will get passed to the filesystem and will cause the remount to fail. An example of where this is a problem is the 'seclabel' option. The SELinux LSM hook will print this word in /proc/mounts if the filesystem is being labeled using xattrs. If you pass this word on mount it will be silently stripped and ignored. But if you pass this word on remount the LSM never gets called and it will be passed to the FS. The FS doesn't know what seclabel means and thus should fail the mount. For example an ext3 fs mounted over loop # mount -o loop /tmp/fs /mnt/tmp # cat /proc/mounts | grep /mnt/tmp /dev/loop0 /mnt/tmp ext3 rw,seclabel,relatime,errors=continue,barrier=0,data=ordered 0 0 # mount -o remount /mnt/tmp mount: /mnt/tmp not mounted already, or bad option # dmesg EXT3-fs (loop0): error: unrecognized mount option "seclabel" or missing value This patch passes the remount mount options to an new LSM hook. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: James Morris <jmorris@namei.org>
| * SELinux: Compute SID for the newly created socketHarry Ciao2011-03-031-6/+21
| | | | | | | | | | | | | | | | | | | | | | | | The security context for the newly created socket shares the same user, role and MLS attribute as its creator but may have a different type, which could be specified by a type_transition rule in the relevant policy package. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> [fix call to security_transition_sid to include qstr, Eric Paris] Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
| * SELinux: Socket retains creator role and MLS attributeHarry Ciao2011-03-033-7/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The socket SID would be computed on creation and no longer inherit its creator's SID by default. Socket may have a different type but needs to retain the creator's role and MLS attribute in order not to break labeled networking and network access control. The kernel value for a class would be used to determine if the class if one of socket classes. If security_compute_sid is called from userspace the policy value for a class would be mapped to the relevant kernel value first. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
| * SELinux: Auto-generate security_is_socket_classHarry Ciao2011-03-032-0/+24
| | | | | | | | | | | | | | | | | | | | | | The security_is_socket_class() is auto-generated by genheaders based on classmap.h to reduce maintenance effort when a new class is defined in SELinux kernel. The name for any socket class should be suffixed by "socket" and doesn't contain more than one substr of "socket". Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
| * Revert "selinux: simplify ioctl checking"Eric Paris2011-02-251-8/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 242631c49d4cf39642741d6627750151b058233b. Conflicts: security/selinux/hooks.c SELinux used to recognize certain individual ioctls and check permissions based on the knowledge of the individual ioctl. In commit 242631c49d4cf396 the SELinux code stopped trying to understand individual ioctls and to instead looked at the ioctl access bits to determine in we should check read or write for that operation. This same suggestion was made to SMACK (and I believe copied into TOMOYO). But this suggestion is total rubbish. The ioctl access bits are actually the access requirements for the structure being passed into the ioctl, and are completely unrelated to the operation of the ioctl or the object the ioctl is being performed upon. Take FS_IOC_FIEMAP as an example. FS_IOC_FIEMAP is defined as: FS_IOC_FIEMAP _IOWR('f', 11, struct fiemap) So it has access bits R and W. What this really means is that the kernel is going to both read and write to the struct fiemap. It has nothing at all to do with the operations that this ioctl might perform on the file itself! Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
| * selinux: drop unused packet flow permissionsEric Paris2011-02-251-2/+1
| | | | | | | | | | | | | | | | | | These permissions are not used and can be dropped in the kernel definitions. Suggested-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
| * selinux: Fix packet forwarding checks on postroutingSteffen Klassert2011-02-251-18/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The IPSKB_FORWARDED and IP6SKB_FORWARDED flags are used only in the multicast forwarding case to indicate that a packet looped back after forward. So these flags are not a good indicator for packet forwarding. A better indicator is the incoming interface. If we have no socket context, but an incoming interface and we see the packet in the ip postroute hook, the packet is going to be forwarded. With this patch we use the incoming interface as an indicator on packet forwarding. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Acked-by: Paul Moore <paul.moore@hp.com> Signed-off-by: Eric Paris <eparis@redhat.com>
| * selinux: Fix wrong checks for selinux_policycap_netpeerSteffen Klassert2011-02-251-18/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | selinux_sock_rcv_skb_compat and selinux_ip_postroute_compat are just called if selinux_policycap_netpeer is not set. However in these functions we check if selinux_policycap_netpeer is set. This leads to some dead code and to the fact that selinux_xfrm_postroute_last is never executed. This patch removes the dead code and the checks for selinux_policycap_netpeer in the compatibility functions. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Acked-by: Paul Moore <paul.moore@hp.com> Signed-off-by: Eric Paris <eparis@redhat.com>
| * selinux: Fix check for xfrm selinux context algorithmSteffen Klassert2011-02-251-1/+1
| | | | | | | | | | | | | | | | | | | | selinux_xfrm_sec_ctx_alloc accidentally checks the xfrm domain of interpretation against the selinux context algorithm. This patch fixes this by checking ctx_alg against the selinux context algorithm. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Acked-by: Paul Moore <paul.moore@hp.com> Signed-off-by: Eric Paris <eparis@redhat.com>
| * security: remove unused security_sysctl hookLucian Adrian Grijincu2011-02-014-29/+0
| | | | | | | | | | | | | | | | | | The only user for this hook was selinux. sysctl routes every call through /proc/sys/. Selinux and other security modules use the file system checks for sysctl too, so no need for this hook any more. Signed-off-by: Lucian Adrian Grijincu <lucian.grijincu@gmail.com> Signed-off-by: Eric Paris <eparis@redhat.com>
| * security/selinux: fix /proc/sys/ labelingLucian Adrian Grijincu2011-02-012-103/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes an old (2007) selinux regression: filesystem labeling for /proc/sys returned -r--r--r-- unknown /proc/sys/fs/file-nr instead of -r--r--r-- system_u:object_r:sysctl_fs_t:s0 /proc/sys/fs/file-nr Events that lead to breaking of /proc/sys/ selinux labeling: 1) sysctl was reimplemented to route all calls through /proc/sys/ commit 77b14db502cb85a031fe8fde6c85d52f3e0acb63 [PATCH] sysctl: reimplement the sysctl proc support 2) proc_dir_entry was removed from ctl_table: commit 3fbfa98112fc3962c416452a0baf2214381030e6 [PATCH] sysctl: remove the proc_dir_entry member for the sysctl tables 3) selinux still walked the proc_dir_entry tree to apply labeling. Because ctl_tables don't have a proc_dir_entry, we did not label /proc/sys/ inodes any more. To achieve this the /proc/sys/ inodes were marked private and private inodes were ignored by selinux. commit bbaca6c2e7ef0f663bc31be4dad7cf530f6c4962 [PATCH] selinux: enhance selinux to always ignore private inodes commit 86a71dbd3e81e8870d0f0e56b87875f57e58222b [PATCH] sysctl: hide the sysctl proc inodes from selinux Access control checks have been done by means of a special sysctl hook that was called for read/write accesses to any /proc/sys/ entry. We don't have to do this because, instead of walking the proc_dir_entry tree we can walk the dentry tree (as done in this patch). With this patch: * we don't mark /proc/sys/ inodes as private * we don't need the sysclt security hook * we walk the dentry tree to find the path to the inode. We have to strip the PID in /proc/PID/ entries that have a proc_dir_entry because selinux does not know how to label paths like '/1/net/rpc/nfsd.fh' (and defaults to 'proc_t' labeling). Selinux does know of '/net/rpc/nfsd.fh' (and applies the 'sysctl_rpc_t' label). PID stripping from the path was done implicitly in the previous code because the proc_dir_entry tree had the root in '/net' in the example from above. The dentry tree has the root in '/1'. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Lucian Adrian Grijincu <lucian.grijincu@gmail.com> Signed-off-by: Eric Paris <eparis@redhat.com>
| * SELinux: Use dentry name in new object labelingEric Paris2011-02-016-37/+197
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently SELinux has rules which label new objects according to 3 criteria. The label of the process creating the object, the label of the parent directory, and the type of object (reg, dir, char, block, etc.) This patch adds a 4th criteria, the dentry name, thus we can distinguish between creating a file in an etc_t directory called shadow and one called motd. There is no file globbing, regex parsing, or anything mystical. Either the policy exactly (strcmp) matches the dentry name of the object or it doesn't. This patch has no changes from today if policy does not implement the new rules. Signed-off-by: Eric Paris <eparis@redhat.com>
| * fs/vfs/security: pass last path component to LSM on inode creationEric Paris2011-02-0139-94/+136
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SELinux would like to implement a new labeling behavior of newly created inodes. We currently label new inodes based on the parent and the creating process. This new behavior would also take into account the name of the new object when deciding the new label. This is not the (supposed) full path, just the last component of the path. This is very useful because creating /etc/shadow is different than creating /etc/passwd but the kernel hooks are unable to differentiate these operations. We currently require that userspace realize it is doing some difficult operation like that and than userspace jumps through SELinux hoops to get things set up correctly. This patch does not implement new behavior, that is obviously contained in a seperate SELinux patch, but it does pass the needed name down to the correct LSM hook. If no such name exists it is fine to pass NULL. Signed-off-by: Eric Paris <eparis@redhat.com>
* | KEYS: Add an iovec version of KEYCTL_INSTANTIATEDavid Howells2011-03-086-11/+167
| | | | | | | | | | | | | | | | | | | | Add a keyctl op (KEYCTL_INSTANTIATE_IOV) that is like KEYCTL_INSTANTIATE, but takes an iovec array and concatenates the data in-kernel into one buffer. Since the KEYCTL_INSTANTIATE copies the data anyway, this isn't too much of a problem. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
* | KEYS: Add a new keyctl op to reject a key with a specified error codeDavid Howells2011-03-0811-20/+81
| | | | | | | | | | | | | | | | | | | | | | | | | | Add a new keyctl op to reject a key with a specified error code. This works much the same as negating a key, and so keyctl_negate_key() is made a special case of keyctl_reject_key(). The difference is that keyctl_negate_key() selects ENOKEY as the error to be reported. Typically the key would be rejected with EKEYEXPIRED, EKEYREVOKED or EKEYREJECTED, but this is not mandatory. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
* | KEYS: Add a key type op to permit the key description to be vettedDavid Howells2011-03-084-0/+37
| | | | | | | | | | | | | | | | | | | | | | Add a key type operation to permit the key type to vet the description of a new key that key_alloc() is about to allocate. The operation may reject the description if it wishes with an error of its choosing. If it does this, the key will not be allocated. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
* | KEYS: Add an RCU payload dereference macroDavid Howells2011-03-084-6/+7
| | | | | | | | | | | | | | | | | | Add an RCU payload dereference macro as this seems to be a common piece of code amongst key types that use RCU referenced payloads. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
* | Merge branch 'master'; commit 'v2.6.38-rc7' into nextJames Morris2011-03-085835-156967/+310502
|\ \
| * \ Merge branch 'omap-fixes-for-linus' of ↵Linus Torvalds2011-03-072-22/+21
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap-2.6 * 'omap-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap-2.6: omap: mailbox: resolve hang issue OMAP2+: PM: SmartReflex: fix memory leaks in Smartreflex driver arm: mach-omap2: smartreflex: fix another memory leak
| | * \ Merge branch 'for_2.6.38/pm-fixes' of ↵Tony Lindgren2011-03-031-18/+15
| | |\ \ | | | | | | | | | | | | | | | ssh://master.kernel.org/pub/scm/linux/kernel/git/khilman/linux-omap-pm into devel-fixes
| | | * | OMAP2+: PM: SmartReflex: fix memory leaks in Smartreflex driverShweta Gulati2011-03-021-6/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This Patch frees all the dynamically allocated memory which couldn't have been released in some error hitting cases. Signed-off-by: Shweta Gulati <shweta.gulati@ti.com> Signed-off-by: Kevin Hilman <khilman@ti.com>
| | | * | arm: mach-omap2: smartreflex: fix another memory leakAaro Koskinen2011-03-021-12/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Temporary strings with volt_* file names should be released after the debugfs entries are created. While at it, also simplify the string allocation, and use just snprintf() to create the name. The patch eliminates kmemleak reports with the following stack trace (multiple objects depending on HW): unreferenced object 0xcedbc5a0 (size 64): comm "swapper", pid 1, jiffies 4294929375 (age 423.734s) hex dump (first 32 bytes): 76 6f 6c 74 5f 39 37 35 30 30 30 00 00 00 00 00 volt_975000..... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<c012fee0>] create_object+0x104/0x208 [<c012dbc8>] kmem_cache_alloc_trace+0xf0/0x17c [<c0013f64>] omap_sr_probe+0x314/0x420 [<c02a1724>] platform_drv_probe+0x18/0x1c [<c02a088c>] driver_probe_device+0xc8/0x188 [<c02a09b4>] __driver_attach+0x68/0x8c [<c02a00ac>] bus_for_each_dev+0x44/0x74 [<c029f9e0>] bus_add_driver+0xa0/0x228 [<c02a0cac>] driver_register+0xa8/0x130 [<c02a1b2c>] platform_driver_probe+0x18/0x8c [<c0013c1c>] sr_init+0x40/0x74 [<c005a554>] do_one_initcall+0xc8/0x1a0 [<c00084f4>] kernel_init+0x150/0x218 [<c0065d64>] kernel_thread_exit+0x0/0x8 [<ffffffff>] 0xffffffff Signed-off-by: Aaro Koskinen <aaro.koskinen@nokia.com> Signed-off-by: Kevin Hilman <khilman@ti.com>
| | * | | omap: mailbox: resolve hang issueHari Kanigeri2011-03-031-4/+6
| | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | omap4 interrupt disable bits is different. On rx kfifo full, the mbox rx interrupts wasn't getting disabled, and this is causing the rcm stress tests to hang. Signed-off-by: Hari Kanigeri <h-kanigeri2@ti.com> Signed-off-by: Armando Uribe <x0095078@ti.com> Signed-off-by: Fernando Guzman Lugo <fernando.lugo@ti.com> Signed-off-by: Tony Lindgren <tony@atomide.com>
| * | | Merge branch 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6Linus Torvalds2011-03-075-37/+120
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6: [S390] tape: deadlock on system work queue [S390] keyboard: integer underflow bug [S390] xpram: remove __initdata attribute from module parameters
| | * | | [S390] tape: deadlock on system work queueMartin Schwidefsky2011-03-033-34/+116
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The 34xx and 3590 tape driver uses the system work queue to defer work from the interrupt function to process context, e.g. a medium sense after an unsolicited interrupt. The tape commands started by the work handler need to be asynchronous, otherwise a deadlock on the system work queue can occur. Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
OpenPOWER on IntegriCloud