aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--arch/um/Makefile25
-rw-r--r--arch/um/include/asm/system.h14
-rw-r--r--arch/x86/Kconfig.cpu2
-rw-r--r--drivers/message/i2o/exec-osm.c2
-rw-r--r--drivers/message/i2o/i2o_config.c2
-rw-r--r--drivers/message/i2o/iop.c2
-rw-r--r--drivers/message/i2o/pci.c2
-rw-r--r--drivers/rtc/Kconfig6
-rw-r--r--drivers/rtc/interface.c54
-rw-r--r--drivers/rtc/rtc-dev.c51
-rw-r--r--drivers/video/via/viafbdev.c248
-rw-r--r--fs/affs/file.c2
-rw-r--r--fs/afs/write.c2
-rw-r--r--fs/buffer.c4
-rw-r--r--fs/cifs/file.c2
-rw-r--r--fs/ecryptfs/mmap.c2
-rw-r--r--fs/ext3/inode.c2
-rw-r--r--fs/ext3/namei.c3
-rw-r--r--fs/ext4/ext4_sb.h6
-rw-r--r--fs/ext4/inode.c4
-rw-r--r--fs/ext4/namei.c3
-rw-r--r--fs/fuse/file.c4
-rw-r--r--fs/gfs2/ops_address.c2
-rw-r--r--fs/hostfs/hostfs_kern.c2
-rw-r--r--fs/jffs2/file.c2
-rw-r--r--fs/libfs.c2
-rw-r--r--fs/namei.c13
-rw-r--r--fs/nfs/file.c2
-rw-r--r--fs/pipe.c7
-rw-r--r--fs/reiserfs/inode.c2
-rw-r--r--fs/smbfs/file.c2
-rw-r--r--fs/ubifs/file.c9
-rw-r--r--include/linux/audit.h98
-rw-r--r--include/linux/blockgroup_lock.h7
-rw-r--r--include/linux/ext2_fs_sb.h6
-rw-r--r--include/linux/ext3_fs_sb.h6
-rw-r--r--include/linux/fs.h5
-rw-r--r--include/linux/pagemap.h3
-rw-r--r--include/linux/radix-tree.h2
-rw-r--r--include/linux/rtc.h8
-rw-r--r--include/linux/spi/spi.h2
-rw-r--r--ipc/mqueue.c97
-rw-r--r--ipc/sem.c2
-rw-r--r--ipc/shm.c4
-rw-r--r--ipc/util.c18
-rw-r--r--kernel/audit.h5
-rw-r--r--kernel/audit_tree.c3
-rw-r--r--kernel/auditfilter.c325
-rw-r--r--kernel/auditsc.c739
-rw-r--r--kernel/capability.c4
-rw-r--r--kernel/cgroup.c6
-rw-r--r--mm/filemap.c13
-rw-r--r--mm/mmap.c2
-rw-r--r--mm/mprotect.c2
-rw-r--r--mm/mremap.c2
-rw-r--r--mm/vmalloc.c5
-rw-r--r--net/socket.c13
-rw-r--r--security/selinux/ss/services.c26
-rw-r--r--security/smack/smack_lsm.c6
59 files changed, 919 insertions, 975 deletions
diff --git a/arch/um/Makefile b/arch/um/Makefile
index d944c343acdb..0728def32234 100644
--- a/arch/um/Makefile
+++ b/arch/um/Makefile
@@ -22,10 +22,11 @@ MODE_INCLUDE += -I$(srctree)/$(ARCH_DIR)/include/shared/skas
22 22
23include $(srctree)/$(ARCH_DIR)/Makefile-skas 23include $(srctree)/$(ARCH_DIR)/Makefile-skas
24 24
25ARCH_INCLUDE := -I$(srctree)/$(ARCH_DIR)/include/shared 25SHARED_HEADERS := $(ARCH_DIR)/include/shared
26ARCH_INCLUDE := -I$(srctree)/$(SHARED_HEADERS)
26ARCH_INCLUDE += -I$(srctree)/$(ARCH_DIR)/sys-$(SUBARCH)/shared 27ARCH_INCLUDE += -I$(srctree)/$(ARCH_DIR)/sys-$(SUBARCH)/shared
27ifneq ($(KBUILD_SRC),) 28ifneq ($(KBUILD_SRC),)
28ARCH_INCLUDE += -I$(ARCH_DIR)/include/shared # for two generated files 29ARCH_INCLUDE += -I$(SHARED_HEADERS)
29endif 30endif
30KBUILD_CPPFLAGS += -I$(srctree)/$(ARCH_DIR)/sys-$(SUBARCH) 31KBUILD_CPPFLAGS += -I$(srctree)/$(ARCH_DIR)/sys-$(SUBARCH)
31 32
@@ -85,8 +86,8 @@ endef
85 86
86KBUILD_KCONFIG := arch/um/Kconfig.$(HEADER_ARCH) 87KBUILD_KCONFIG := arch/um/Kconfig.$(HEADER_ARCH)
87 88
88archprepare: $(ARCH_DIR)/include/shared/user_constants.h 89archprepare: $(SHARED_HEADERS)/user_constants.h
89prepare: $(ARCH_DIR)/include/shared/kern_constants.h 90archprepare: $(SHARED_HEADERS)/kern_constants.h
90 91
91LINK-$(CONFIG_LD_SCRIPT_STATIC) += -static 92LINK-$(CONFIG_LD_SCRIPT_STATIC) += -static
92LINK-$(CONFIG_LD_SCRIPT_DYN) += -Wl,-rpath,/lib 93LINK-$(CONFIG_LD_SCRIPT_DYN) += -Wl,-rpath,/lib
@@ -119,17 +120,13 @@ endef
119# When cleaning we don't include .config, so we don't include 120# When cleaning we don't include .config, so we don't include
120# TT or skas makefiles and don't clean skas_ptregs.h. 121# TT or skas makefiles and don't clean skas_ptregs.h.
121CLEAN_FILES += linux x.i gmon.out \ 122CLEAN_FILES += linux x.i gmon.out \
122 $(ARCH_DIR)/include/shared/user_constants.h \ 123 $(SHARED_HEADERS)/user_constants.h \
123 $(ARCH_DIR)/include/shared/kern_constants.h 124 $(SHARED_HEADERS)/kern_constants.h
124 125
125archclean: 126archclean:
126 @find . \( -name '*.bb' -o -name '*.bbg' -o -name '*.da' \ 127 @find . \( -name '*.bb' -o -name '*.bbg' -o -name '*.da' \
127 -o -name '*.gcov' \) -type f -print | xargs rm -f 128 -o -name '*.gcov' \) -type f -print | xargs rm -f
128 129
129$(objtree)/$(ARCH_DIR)/include/shared:
130 @echo ' MKDIR $@'
131 $(Q)mkdir -p $@
132
133# Generated files 130# Generated files
134 131
135$(ARCH_DIR)/sys-$(SUBARCH)/user-offsets.s: FORCE 132$(ARCH_DIR)/sys-$(SUBARCH)/user-offsets.s: FORCE
@@ -148,11 +145,11 @@ define filechk_gen-asm-offsets
148 echo ""; ) 145 echo ""; )
149endef 146endef
150 147
151$(ARCH_DIR)/include/shared/user_constants.h: $(ARCH_DIR)/sys-$(SUBARCH)/user-offsets.s 148$(SHARED_HEADERS)/user_constants.h: $(ARCH_DIR)/sys-$(SUBARCH)/user-offsets.s
152 $(call filechk,gen-asm-offsets) 149 $(call filechk,gen-asm-offsets)
153 150
154$(ARCH_DIR)/include/shared/kern_constants.h: $(objtree)/$(ARCH_DIR)/include/shared 151$(SHARED_HEADERS)/kern_constants.h:
155 @echo ' SYMLINK $@' 152 $(Q)mkdir -p $(dir $@)
156 $(Q)ln -sf ../../../../include/asm/asm-offsets.h $@ 153 $(Q)echo '#include "../../../../include/asm/asm-offsets.h"' >$@
157 154
158export SUBARCH USER_CFLAGS CFLAGS_NO_HARDENING OS HEADER_ARCH DEV_NULL_PATH 155export SUBARCH USER_CFLAGS CFLAGS_NO_HARDENING OS HEADER_ARCH DEV_NULL_PATH
diff --git a/arch/um/include/asm/system.h b/arch/um/include/asm/system.h
index ae5f94d6317d..753346e2cdfd 100644
--- a/arch/um/include/asm/system.h
+++ b/arch/um/include/asm/system.h
@@ -11,21 +11,21 @@ extern int get_signals(void);
11extern void block_signals(void); 11extern void block_signals(void);
12extern void unblock_signals(void); 12extern void unblock_signals(void);
13 13
14#define raw_local_save_flags(flags) do { typecheck(unsigned long, flags); \ 14#define local_save_flags(flags) do { typecheck(unsigned long, flags); \
15 (flags) = get_signals(); } while(0) 15 (flags) = get_signals(); } while(0)
16#define raw_local_irq_restore(flags) do { typecheck(unsigned long, flags); \ 16#define local_irq_restore(flags) do { typecheck(unsigned long, flags); \
17 set_signals(flags); } while(0) 17 set_signals(flags); } while(0)
18 18
19#define raw_local_irq_save(flags) do { raw_local_save_flags(flags); \ 19#define local_irq_save(flags) do { local_save_flags(flags); \
20 raw_local_irq_disable(); } while(0) 20 local_irq_disable(); } while(0)
21 21
22#define raw_local_irq_enable() unblock_signals() 22#define local_irq_enable() unblock_signals()
23#define raw_local_irq_disable() block_signals() 23#define local_irq_disable() block_signals()
24 24
25#define irqs_disabled() \ 25#define irqs_disabled() \
26({ \ 26({ \
27 unsigned long flags; \ 27 unsigned long flags; \
28 raw_local_save_flags(flags); \ 28 local_save_flags(flags); \
29 (flags == 0); \ 29 (flags == 0); \
30}) 30})
31 31
diff --git a/arch/x86/Kconfig.cpu b/arch/x86/Kconfig.cpu
index 85a78575956c..8078955845ae 100644
--- a/arch/x86/Kconfig.cpu
+++ b/arch/x86/Kconfig.cpu
@@ -408,7 +408,7 @@ config X86_MINIMUM_CPU_FAMILY
408 408
409config X86_DEBUGCTLMSR 409config X86_DEBUGCTLMSR
410 def_bool y 410 def_bool y
411 depends on !(MK6 || MWINCHIPC6 || MWINCHIP3D || MCYRIXIII || M586MMX || M586TSC || M586 || M486 || M386) 411 depends on !(MK6 || MWINCHIPC6 || MWINCHIP3D || MCYRIXIII || M586MMX || M586TSC || M586 || M486 || M386) && !UML
412 412
413menuconfig PROCESSOR_SELECT 413menuconfig PROCESSOR_SELECT
414 bool "Supported processor vendors" if EMBEDDED 414 bool "Supported processor vendors" if EMBEDDED
diff --git a/drivers/message/i2o/exec-osm.c b/drivers/message/i2o/exec-osm.c
index 56faef1a1d55..06c655c55587 100644
--- a/drivers/message/i2o/exec-osm.c
+++ b/drivers/message/i2o/exec-osm.c
@@ -19,7 +19,7 @@
19 * Auvo Häkkinen <Auvo.Hakkinen@cs.Helsinki.FI> 19 * Auvo Häkkinen <Auvo.Hakkinen@cs.Helsinki.FI>
20 * Deepak Saxena <deepak@plexity.net> 20 * Deepak Saxena <deepak@plexity.net>
21 * Boji T Kannanthanam <boji.t.kannanthanam@intel.com> 21 * Boji T Kannanthanam <boji.t.kannanthanam@intel.com>
22 * Alan Cox <alan@redhat.com>: 22 * Alan Cox <alan@lxorguk.ukuu.org.uk>:
23 * Ported to Linux 2.5. 23 * Ported to Linux 2.5.
24 * Markus Lidel <Markus.Lidel@shadowconnect.com>: 24 * Markus Lidel <Markus.Lidel@shadowconnect.com>:
25 * Minor fixes for 2.6. 25 * Minor fixes for 2.6.
diff --git a/drivers/message/i2o/i2o_config.c b/drivers/message/i2o/i2o_config.c
index f3384c32b9a1..efba7021948a 100644
--- a/drivers/message/i2o/i2o_config.c
+++ b/drivers/message/i2o/i2o_config.c
@@ -19,7 +19,7 @@
19 * Changed ioctl_swdl(), implemented ioctl_swul() and ioctl_swdel() 19 * Changed ioctl_swdl(), implemented ioctl_swul() and ioctl_swdel()
20 * Deepak Saxena (11/18/1999): 20 * Deepak Saxena (11/18/1999):
21 * Added event managmenet support 21 * Added event managmenet support
22 * Alan Cox <alan@redhat.com>: 22 * Alan Cox <alan@lxorguk.ukuu.org.uk>:
23 * 2.4 rewrite ported to 2.5 23 * 2.4 rewrite ported to 2.5
24 * Markus Lidel <Markus.Lidel@shadowconnect.com>: 24 * Markus Lidel <Markus.Lidel@shadowconnect.com>:
25 * Added pass-thru support for Adaptec's raidutils 25 * Added pass-thru support for Adaptec's raidutils
diff --git a/drivers/message/i2o/iop.c b/drivers/message/i2o/iop.c
index 6e53a30bfd38..35c67d1f255e 100644
--- a/drivers/message/i2o/iop.c
+++ b/drivers/message/i2o/iop.c
@@ -19,7 +19,7 @@
19 * Auvo Häkkinen <Auvo.Hakkinen@cs.Helsinki.FI> 19 * Auvo Häkkinen <Auvo.Hakkinen@cs.Helsinki.FI>
20 * Deepak Saxena <deepak@plexity.net> 20 * Deepak Saxena <deepak@plexity.net>
21 * Boji T Kannanthanam <boji.t.kannanthanam@intel.com> 21 * Boji T Kannanthanam <boji.t.kannanthanam@intel.com>
22 * Alan Cox <alan@redhat.com>: 22 * Alan Cox <alan@lxorguk.ukuu.org.uk>:
23 * Ported to Linux 2.5. 23 * Ported to Linux 2.5.
24 * Markus Lidel <Markus.Lidel@shadowconnect.com>: 24 * Markus Lidel <Markus.Lidel@shadowconnect.com>:
25 * Minor fixes for 2.6. 25 * Minor fixes for 2.6.
diff --git a/drivers/message/i2o/pci.c b/drivers/message/i2o/pci.c
index 610ef1204e68..25d6f2341983 100644
--- a/drivers/message/i2o/pci.c
+++ b/drivers/message/i2o/pci.c
@@ -19,7 +19,7 @@
19 * Auvo Häkkinen <Auvo.Hakkinen@cs.Helsinki.FI> 19 * Auvo Häkkinen <Auvo.Hakkinen@cs.Helsinki.FI>
20 * Deepak Saxena <deepak@plexity.net> 20 * Deepak Saxena <deepak@plexity.net>
21 * Boji T Kannanthanam <boji.t.kannanthanam@intel.com> 21 * Boji T Kannanthanam <boji.t.kannanthanam@intel.com>
22 * Alan Cox <alan@redhat.com>: 22 * Alan Cox <alan@lxorguk.ukuu.org.uk>:
23 * Ported to Linux 2.5. 23 * Ported to Linux 2.5.
24 * Markus Lidel <Markus.Lidel@shadowconnect.com>: 24 * Markus Lidel <Markus.Lidel@shadowconnect.com>:
25 * Minor fixes for 2.6. 25 * Minor fixes for 2.6.
diff --git a/drivers/rtc/Kconfig b/drivers/rtc/Kconfig
index 123092d8a984..165a81843357 100644
--- a/drivers/rtc/Kconfig
+++ b/drivers/rtc/Kconfig
@@ -102,9 +102,13 @@ config RTC_INTF_DEV_UIE_EMUL
102 depends on RTC_INTF_DEV 102 depends on RTC_INTF_DEV
103 help 103 help
104 Provides an emulation for RTC_UIE if the underlying rtc chip 104 Provides an emulation for RTC_UIE if the underlying rtc chip
105 driver does not expose RTC_UIE ioctls. Those requests generate 105 driver does not expose RTC_UIE ioctls. Those requests generate
106 once-per-second update interrupts, used for synchronization. 106 once-per-second update interrupts, used for synchronization.
107 107
108 The emulation code will read the time from the hardware
109 clock several times per second, please enable this option
110 only if you know that you really need it.
111
108config RTC_DRV_TEST 112config RTC_DRV_TEST
109 tristate "Test driver/device" 113 tristate "Test driver/device"
110 help 114 help
diff --git a/drivers/rtc/interface.c b/drivers/rtc/interface.c
index a04c1b6b1575..fd2c652504ff 100644
--- a/drivers/rtc/interface.c
+++ b/drivers/rtc/interface.c
@@ -307,6 +307,60 @@ int rtc_set_alarm(struct rtc_device *rtc, struct rtc_wkalrm *alarm)
307} 307}
308EXPORT_SYMBOL_GPL(rtc_set_alarm); 308EXPORT_SYMBOL_GPL(rtc_set_alarm);
309 309
310int rtc_alarm_irq_enable(struct rtc_device *rtc, unsigned int enabled)
311{
312 int err = mutex_lock_interruptible(&rtc->ops_lock);
313 if (err)
314 return err;
315
316 if (!rtc->ops)
317 err = -ENODEV;
318 else if (!rtc->ops->alarm_irq_enable)
319 err = -EINVAL;
320 else
321 err = rtc->ops->alarm_irq_enable(rtc->dev.parent, enabled);
322
323 mutex_unlock(&rtc->ops_lock);
324 return err;
325}
326EXPORT_SYMBOL_GPL(rtc_alarm_irq_enable);
327
328int rtc_update_irq_enable(struct rtc_device *rtc, unsigned int enabled)
329{
330 int err = mutex_lock_interruptible(&rtc->ops_lock);
331 if (err)
332 return err;
333
334#ifdef CONFIG_RTC_INTF_DEV_UIE_EMUL
335 if (enabled == 0 && rtc->uie_irq_active) {
336 mutex_unlock(&rtc->ops_lock);
337 return rtc_dev_update_irq_enable_emul(rtc, enabled);
338 }
339#endif
340
341 if (!rtc->ops)
342 err = -ENODEV;
343 else if (!rtc->ops->update_irq_enable)
344 err = -EINVAL;
345 else
346 err = rtc->ops->update_irq_enable(rtc->dev.parent, enabled);
347
348 mutex_unlock(&rtc->ops_lock);
349
350#ifdef CONFIG_RTC_INTF_DEV_UIE_EMUL
351 /*
352 * Enable emulation if the driver did not provide
353 * the update_irq_enable function pointer or if returned
354 * -EINVAL to signal that it has been configured without
355 * interrupts or that are not available at the moment.
356 */
357 if (err == -EINVAL)
358 err = rtc_dev_update_irq_enable_emul(rtc, enabled);
359#endif
360 return err;
361}
362EXPORT_SYMBOL_GPL(rtc_update_irq_enable);
363
310/** 364/**
311 * rtc_update_irq - report RTC periodic, alarm, and/or update irqs 365 * rtc_update_irq - report RTC periodic, alarm, and/or update irqs
312 * @rtc: the rtc device 366 * @rtc: the rtc device
diff --git a/drivers/rtc/rtc-dev.c b/drivers/rtc/rtc-dev.c
index ecdea44ae4e5..45152f4952d6 100644
--- a/drivers/rtc/rtc-dev.c
+++ b/drivers/rtc/rtc-dev.c
@@ -92,10 +92,10 @@ static void rtc_uie_timer(unsigned long data)
92 spin_unlock_irqrestore(&rtc->irq_lock, flags); 92 spin_unlock_irqrestore(&rtc->irq_lock, flags);
93} 93}
94 94
95static void clear_uie(struct rtc_device *rtc) 95static int clear_uie(struct rtc_device *rtc)
96{ 96{
97 spin_lock_irq(&rtc->irq_lock); 97 spin_lock_irq(&rtc->irq_lock);
98 if (rtc->irq_active) { 98 if (rtc->uie_irq_active) {
99 rtc->stop_uie_polling = 1; 99 rtc->stop_uie_polling = 1;
100 if (rtc->uie_timer_active) { 100 if (rtc->uie_timer_active) {
101 spin_unlock_irq(&rtc->irq_lock); 101 spin_unlock_irq(&rtc->irq_lock);
@@ -108,9 +108,10 @@ static void clear_uie(struct rtc_device *rtc)
108 flush_scheduled_work(); 108 flush_scheduled_work();
109 spin_lock_irq(&rtc->irq_lock); 109 spin_lock_irq(&rtc->irq_lock);
110 } 110 }
111 rtc->irq_active = 0; 111 rtc->uie_irq_active = 0;
112 } 112 }
113 spin_unlock_irq(&rtc->irq_lock); 113 spin_unlock_irq(&rtc->irq_lock);
114 return 0;
114} 115}
115 116
116static int set_uie(struct rtc_device *rtc) 117static int set_uie(struct rtc_device *rtc)
@@ -122,8 +123,8 @@ static int set_uie(struct rtc_device *rtc)
122 if (err) 123 if (err)
123 return err; 124 return err;
124 spin_lock_irq(&rtc->irq_lock); 125 spin_lock_irq(&rtc->irq_lock);
125 if (!rtc->irq_active) { 126 if (!rtc->uie_irq_active) {
126 rtc->irq_active = 1; 127 rtc->uie_irq_active = 1;
127 rtc->stop_uie_polling = 0; 128 rtc->stop_uie_polling = 0;
128 rtc->oldsecs = tm.tm_sec; 129 rtc->oldsecs = tm.tm_sec;
129 rtc->uie_task_active = 1; 130 rtc->uie_task_active = 1;
@@ -134,6 +135,16 @@ static int set_uie(struct rtc_device *rtc)
134 spin_unlock_irq(&rtc->irq_lock); 135 spin_unlock_irq(&rtc->irq_lock);
135 return 0; 136 return 0;
136} 137}
138
139int rtc_dev_update_irq_enable_emul(struct rtc_device *rtc, unsigned int enabled)
140{
141 if (enabled)
142 return set_uie(rtc);
143 else
144 return clear_uie(rtc);
145}
146EXPORT_SYMBOL(rtc_dev_update_irq_enable_emul);
147
137#endif /* CONFIG_RTC_INTF_DEV_UIE_EMUL */ 148#endif /* CONFIG_RTC_INTF_DEV_UIE_EMUL */
138 149
139static ssize_t 150static ssize_t
@@ -357,6 +368,22 @@ static long rtc_dev_ioctl(struct file *file,
357 err = rtc_irq_set_state(rtc, NULL, 0); 368 err = rtc_irq_set_state(rtc, NULL, 0);
358 break; 369 break;
359 370
371 case RTC_AIE_ON:
372 mutex_unlock(&rtc->ops_lock);
373 return rtc_alarm_irq_enable(rtc, 1);
374
375 case RTC_AIE_OFF:
376 mutex_unlock(&rtc->ops_lock);
377 return rtc_alarm_irq_enable(rtc, 0);
378
379 case RTC_UIE_ON:
380 mutex_unlock(&rtc->ops_lock);
381 return rtc_update_irq_enable(rtc, 1);
382
383 case RTC_UIE_OFF:
384 mutex_unlock(&rtc->ops_lock);
385 return rtc_update_irq_enable(rtc, 0);
386
360 case RTC_IRQP_SET: 387 case RTC_IRQP_SET:
361 err = rtc_irq_set_freq(rtc, NULL, arg); 388 err = rtc_irq_set_freq(rtc, NULL, arg);
362 break; 389 break;
@@ -401,17 +428,6 @@ static long rtc_dev_ioctl(struct file *file,
401 err = -EFAULT; 428 err = -EFAULT;
402 return err; 429 return err;
403 430
404#ifdef CONFIG_RTC_INTF_DEV_UIE_EMUL
405 case RTC_UIE_OFF:
406 mutex_unlock(&rtc->ops_lock);
407 clear_uie(rtc);
408 return 0;
409
410 case RTC_UIE_ON:
411 mutex_unlock(&rtc->ops_lock);
412 err = set_uie(rtc);
413 return err;
414#endif
415 default: 431 default:
416 err = -ENOTTY; 432 err = -ENOTTY;
417 break; 433 break;
@@ -440,7 +456,10 @@ static int rtc_dev_release(struct inode *inode, struct file *file)
440 * Leave the alarm alone; it may be set to trigger a system wakeup 456 * Leave the alarm alone; it may be set to trigger a system wakeup
441 * later, or be used by kernel code, and is a one-shot event anyway. 457 * later, or be used by kernel code, and is a one-shot event anyway.
442 */ 458 */
459
460 /* Keep ioctl until all drivers are converted */
443 rtc_dev_ioctl(file, RTC_UIE_OFF, 0); 461 rtc_dev_ioctl(file, RTC_UIE_OFF, 0);
462 rtc_update_irq_enable(rtc, 0);
444 rtc_irq_set_state(rtc, NULL, 0); 463 rtc_irq_set_state(rtc, NULL, 0);
445 464
446 if (rtc->ops->release) 465 if (rtc->ops->release)
diff --git a/drivers/video/via/viafbdev.c b/drivers/video/via/viafbdev.c
index 73ac754ad801..e21fe5b6f9ff 100644
--- a/drivers/video/via/viafbdev.c
+++ b/drivers/video/via/viafbdev.c
@@ -546,23 +546,25 @@ static int viafb_blank(int blank_mode, struct fb_info *info)
546 546
547static int viafb_ioctl(struct fb_info *info, u_int cmd, u_long arg) 547static int viafb_ioctl(struct fb_info *info, u_int cmd, u_long arg)
548{ 548{
549 struct viafb_ioctl_mode viamode; 549 union {
550 struct viafb_ioctl_samm viasamm; 550 struct viafb_ioctl_mode viamode;
551 struct viafb_driver_version driver_version; 551 struct viafb_ioctl_samm viasamm;
552 struct fb_var_screeninfo sec_var; 552 struct viafb_driver_version driver_version;
553 struct _panel_size_pos_info panel_pos_size_para; 553 struct fb_var_screeninfo sec_var;
554 struct _panel_size_pos_info panel_pos_size_para;
555 struct viafb_ioctl_setting viafb_setting;
556 struct device_t active_dev;
557 } u;
554 u32 state_info = 0; 558 u32 state_info = 0;
555 u32 viainfo_size = sizeof(struct viafb_ioctl_info);
556 u32 *viafb_gamma_table; 559 u32 *viafb_gamma_table;
557 char driver_name[] = "viafb"; 560 char driver_name[] = "viafb";
558 561
559 u32 __user *argp = (u32 __user *) arg; 562 u32 __user *argp = (u32 __user *) arg;
560 u32 gpu32; 563 u32 gpu32;
561 u32 video_dev_info = 0; 564 u32 video_dev_info = 0;
562 struct viafb_ioctl_setting viafb_setting = {};
563 struct device_t active_dev = {};
564 565
565 DEBUG_MSG(KERN_INFO "viafb_ioctl: 0x%X !!\n", cmd); 566 DEBUG_MSG(KERN_INFO "viafb_ioctl: 0x%X !!\n", cmd);
567 memset(&u, 0, sizeof(u));
566 568
567 switch (cmd) { 569 switch (cmd) {
568 case VIAFB_GET_CHIP_INFO: 570 case VIAFB_GET_CHIP_INFO:
@@ -571,7 +573,7 @@ static int viafb_ioctl(struct fb_info *info, u_int cmd, u_long arg)
571 return -EFAULT; 573 return -EFAULT;
572 break; 574 break;
573 case VIAFB_GET_INFO_SIZE: 575 case VIAFB_GET_INFO_SIZE:
574 return put_user(viainfo_size, argp); 576 return put_user((u32)sizeof(struct viafb_ioctl_info), argp);
575 case VIAFB_GET_INFO: 577 case VIAFB_GET_INFO:
576 return viafb_ioctl_get_viafb_info(arg); 578 return viafb_ioctl_get_viafb_info(arg);
577 case VIAFB_HOTPLUG: 579 case VIAFB_HOTPLUG:
@@ -584,60 +586,60 @@ static int viafb_ioctl(struct fb_info *info, u_int cmd, u_long arg)
584 viafb_hotplug = (gpu32) ? 1 : 0; 586 viafb_hotplug = (gpu32) ? 1 : 0;
585 break; 587 break;
586 case VIAFB_GET_RESOLUTION: 588 case VIAFB_GET_RESOLUTION:
587 viamode.xres = (u32) viafb_hotplug_Xres; 589 u.viamode.xres = (u32) viafb_hotplug_Xres;
588 viamode.yres = (u32) viafb_hotplug_Yres; 590 u.viamode.yres = (u32) viafb_hotplug_Yres;
589 viamode.refresh = (u32) viafb_hotplug_refresh; 591 u.viamode.refresh = (u32) viafb_hotplug_refresh;
590 viamode.bpp = (u32) viafb_hotplug_bpp; 592 u.viamode.bpp = (u32) viafb_hotplug_bpp;
591 if (viafb_SAMM_ON == 1) { 593 if (viafb_SAMM_ON == 1) {
592 viamode.xres_sec = viafb_second_xres; 594 u.viamode.xres_sec = viafb_second_xres;
593 viamode.yres_sec = viafb_second_yres; 595 u.viamode.yres_sec = viafb_second_yres;
594 viamode.virtual_xres_sec = viafb_second_virtual_xres; 596 u.viamode.virtual_xres_sec = viafb_second_virtual_xres;
595 viamode.virtual_yres_sec = viafb_second_virtual_yres; 597 u.viamode.virtual_yres_sec = viafb_second_virtual_yres;
596 viamode.refresh_sec = viafb_refresh1; 598 u.viamode.refresh_sec = viafb_refresh1;
597 viamode.bpp_sec = viafb_bpp1; 599 u.viamode.bpp_sec = viafb_bpp1;
598 } else { 600 } else {
599 viamode.xres_sec = 0; 601 u.viamode.xres_sec = 0;
600 viamode.yres_sec = 0; 602 u.viamode.yres_sec = 0;
601 viamode.virtual_xres_sec = 0; 603 u.viamode.virtual_xres_sec = 0;
602 viamode.virtual_yres_sec = 0; 604 u.viamode.virtual_yres_sec = 0;
603 viamode.refresh_sec = 0; 605 u.viamode.refresh_sec = 0;
604 viamode.bpp_sec = 0; 606 u.viamode.bpp_sec = 0;
605 } 607 }
606 if (copy_to_user(argp, &viamode, sizeof(viamode))) 608 if (copy_to_user(argp, &u.viamode, sizeof(u.viamode)))
607 return -EFAULT; 609 return -EFAULT;
608 break; 610 break;
609 case VIAFB_GET_SAMM_INFO: 611 case VIAFB_GET_SAMM_INFO:
610 viasamm.samm_status = viafb_SAMM_ON; 612 u.viasamm.samm_status = viafb_SAMM_ON;
611 613
612 if (viafb_SAMM_ON == 1) { 614 if (viafb_SAMM_ON == 1) {
613 if (viafb_dual_fb) { 615 if (viafb_dual_fb) {
614 viasamm.size_prim = viaparinfo->fbmem_free; 616 u.viasamm.size_prim = viaparinfo->fbmem_free;
615 viasamm.size_sec = viaparinfo1->fbmem_free; 617 u.viasamm.size_sec = viaparinfo1->fbmem_free;
616 } else { 618 } else {
617 if (viafb_second_size) { 619 if (viafb_second_size) {
618 viasamm.size_prim = 620 u.viasamm.size_prim =
619 viaparinfo->fbmem_free - 621 viaparinfo->fbmem_free -
620 viafb_second_size * 1024 * 1024; 622 viafb_second_size * 1024 * 1024;
621 viasamm.size_sec = 623 u.viasamm.size_sec =
622 viafb_second_size * 1024 * 1024; 624 viafb_second_size * 1024 * 1024;
623 } else { 625 } else {
624 viasamm.size_prim = 626 u.viasamm.size_prim =
625 viaparinfo->fbmem_free >> 1; 627 viaparinfo->fbmem_free >> 1;
626 viasamm.size_sec = 628 u.viasamm.size_sec =
627 (viaparinfo->fbmem_free >> 1); 629 (viaparinfo->fbmem_free >> 1);
628 } 630 }
629 } 631 }
630 viasamm.mem_base = viaparinfo->fbmem; 632 u.viasamm.mem_base = viaparinfo->fbmem;
631 viasamm.offset_sec = viafb_second_offset; 633 u.viasamm.offset_sec = viafb_second_offset;
632 } else { 634 } else {
633 viasamm.size_prim = 635 u.viasamm.size_prim =
634 viaparinfo->memsize - viaparinfo->fbmem_used; 636 viaparinfo->memsize - viaparinfo->fbmem_used;
635 viasamm.size_sec = 0; 637 u.viasamm.size_sec = 0;
636 viasamm.mem_base = viaparinfo->fbmem; 638 u.viasamm.mem_base = viaparinfo->fbmem;
637 viasamm.offset_sec = 0; 639 u.viasamm.offset_sec = 0;
638 } 640 }
639 641
640 if (copy_to_user(argp, &viasamm, sizeof(viasamm))) 642 if (copy_to_user(argp, &u.viasamm, sizeof(u.viasamm)))
641 return -EFAULT; 643 return -EFAULT;
642 644
643 break; 645 break;
@@ -662,74 +664,75 @@ static int viafb_ioctl(struct fb_info *info, u_int cmd, u_long arg)
662 viafb_lcd_disable(); 664 viafb_lcd_disable();
663 break; 665 break;
664 case VIAFB_SET_DEVICE: 666 case VIAFB_SET_DEVICE:
665 if (copy_from_user(&active_dev, (void *)argp, 667 if (copy_from_user(&u.active_dev, (void *)argp,
666 sizeof(active_dev))) 668 sizeof(u.active_dev)))
667 return -EFAULT; 669 return -EFAULT;
668 viafb_set_device(active_dev); 670 viafb_set_device(u.active_dev);
669 viafb_set_par(info); 671 viafb_set_par(info);
670 break; 672 break;
671 case VIAFB_GET_DEVICE: 673 case VIAFB_GET_DEVICE:
672 active_dev.crt = viafb_CRT_ON; 674 u.active_dev.crt = viafb_CRT_ON;
673 active_dev.dvi = viafb_DVI_ON; 675 u.active_dev.dvi = viafb_DVI_ON;
674 active_dev.lcd = viafb_LCD_ON; 676 u.active_dev.lcd = viafb_LCD_ON;
675 active_dev.samm = viafb_SAMM_ON; 677 u.active_dev.samm = viafb_SAMM_ON;
676 active_dev.primary_dev = viafb_primary_dev; 678 u.active_dev.primary_dev = viafb_primary_dev;
677 679
678 active_dev.lcd_dsp_cent = viafb_lcd_dsp_method; 680 u.active_dev.lcd_dsp_cent = viafb_lcd_dsp_method;
679 active_dev.lcd_panel_id = viafb_lcd_panel_id; 681 u.active_dev.lcd_panel_id = viafb_lcd_panel_id;
680 active_dev.lcd_mode = viafb_lcd_mode; 682 u.active_dev.lcd_mode = viafb_lcd_mode;
681 683
682 active_dev.xres = viafb_hotplug_Xres; 684 u.active_dev.xres = viafb_hotplug_Xres;
683 active_dev.yres = viafb_hotplug_Yres; 685 u.active_dev.yres = viafb_hotplug_Yres;
684 686
685 active_dev.xres1 = viafb_second_xres; 687 u.active_dev.xres1 = viafb_second_xres;
686 active_dev.yres1 = viafb_second_yres; 688 u.active_dev.yres1 = viafb_second_yres;
687 689
688 active_dev.bpp = viafb_bpp; 690 u.active_dev.bpp = viafb_bpp;
689 active_dev.bpp1 = viafb_bpp1; 691 u.active_dev.bpp1 = viafb_bpp1;
690 active_dev.refresh = viafb_refresh; 692 u.active_dev.refresh = viafb_refresh;
691 active_dev.refresh1 = viafb_refresh1; 693 u.active_dev.refresh1 = viafb_refresh1;
692 694
693 active_dev.epia_dvi = viafb_platform_epia_dvi; 695 u.active_dev.epia_dvi = viafb_platform_epia_dvi;
694 active_dev.lcd_dual_edge = viafb_device_lcd_dualedge; 696 u.active_dev.lcd_dual_edge = viafb_device_lcd_dualedge;
695 active_dev.bus_width = viafb_bus_width; 697 u.active_dev.bus_width = viafb_bus_width;
696 698
697 if (copy_to_user(argp, &active_dev, sizeof(active_dev))) 699 if (copy_to_user(argp, &u.active_dev, sizeof(u.active_dev)))
698 return -EFAULT; 700 return -EFAULT;
699 break; 701 break;
700 702
701 case VIAFB_GET_DRIVER_VERSION: 703 case VIAFB_GET_DRIVER_VERSION:
702 driver_version.iMajorNum = VERSION_MAJOR; 704 u.driver_version.iMajorNum = VERSION_MAJOR;
703 driver_version.iKernelNum = VERSION_KERNEL; 705 u.driver_version.iKernelNum = VERSION_KERNEL;
704 driver_version.iOSNum = VERSION_OS; 706 u.driver_version.iOSNum = VERSION_OS;
705 driver_version.iMinorNum = VERSION_MINOR; 707 u.driver_version.iMinorNum = VERSION_MINOR;
706 708
707 if (copy_to_user(argp, &driver_version, 709 if (copy_to_user(argp, &u.driver_version,
708 sizeof(driver_version))) 710 sizeof(u.driver_version)))
709 return -EFAULT; 711 return -EFAULT;
710 712
711 break; 713 break;
712 714
713 case VIAFB_SET_DEVICE_INFO: 715 case VIAFB_SET_DEVICE_INFO:
714 if (copy_from_user(&viafb_setting, 716 if (copy_from_user(&u.viafb_setting,
715 argp, sizeof(viafb_setting))) 717 argp, sizeof(u.viafb_setting)))
716 return -EFAULT; 718 return -EFAULT;
717 if (apply_device_setting(viafb_setting, info) < 0) 719 if (apply_device_setting(u.viafb_setting, info) < 0)
718 return -EINVAL; 720 return -EINVAL;
719 721
720 break; 722 break;
721 723
722 case VIAFB_SET_SECOND_MODE: 724 case VIAFB_SET_SECOND_MODE:
723 if (copy_from_user(&sec_var, argp, sizeof(sec_var))) 725 if (copy_from_user(&u.sec_var, argp, sizeof(u.sec_var)))
724 return -EFAULT; 726 return -EFAULT;
725 apply_second_mode_setting(&sec_var); 727 apply_second_mode_setting(&u.sec_var);
726 break; 728 break;
727 729
728 case VIAFB_GET_DEVICE_INFO: 730 case VIAFB_GET_DEVICE_INFO:
729 731
730 retrieve_device_setting(&viafb_setting); 732 retrieve_device_setting(&u.viafb_setting);
731 733
732 if (copy_to_user(argp, &viafb_setting, sizeof(viafb_setting))) 734 if (copy_to_user(argp, &u.viafb_setting,
735 sizeof(u.viafb_setting)))
733 return -EFAULT; 736 return -EFAULT;
734 737
735 break; 738 break;
@@ -806,51 +809,51 @@ static int viafb_ioctl(struct fb_info *info, u_int cmd, u_long arg)
806 break; 809 break;
807 810
808 case VIAFB_GET_PANEL_MAX_SIZE: 811 case VIAFB_GET_PANEL_MAX_SIZE:
809 if (copy_from_user 812 if (copy_from_user(&u.panel_pos_size_para, argp,
810 (&panel_pos_size_para, argp, sizeof(panel_pos_size_para))) 813 sizeof(u.panel_pos_size_para)))
811 return -EFAULT; 814 return -EFAULT;
812 panel_pos_size_para.x = panel_pos_size_para.y = 0; 815 u.panel_pos_size_para.x = u.panel_pos_size_para.y = 0;
813 if (copy_to_user(argp, &panel_pos_size_para, 816 if (copy_to_user(argp, &u.panel_pos_size_para,
814 sizeof(panel_pos_size_para))) 817 sizeof(u.panel_pos_size_para)))
815 return -EFAULT; 818 return -EFAULT;
816 break; 819 break;
817 case VIAFB_GET_PANEL_MAX_POSITION: 820 case VIAFB_GET_PANEL_MAX_POSITION:
818 if (copy_from_user 821 if (copy_from_user(&u.panel_pos_size_para, argp,
819 (&panel_pos_size_para, argp, sizeof(panel_pos_size_para))) 822 sizeof(u.panel_pos_size_para)))
820 return -EFAULT; 823 return -EFAULT;
821 panel_pos_size_para.x = panel_pos_size_para.y = 0; 824 u.panel_pos_size_para.x = u.panel_pos_size_para.y = 0;
822 if (copy_to_user(argp, &panel_pos_size_para, 825 if (copy_to_user(argp, &u.panel_pos_size_para,
823 sizeof(panel_pos_size_para))) 826 sizeof(u.panel_pos_size_para)))
824 return -EFAULT; 827 return -EFAULT;
825 break; 828 break;
826 829
827 case VIAFB_GET_PANEL_POSITION: 830 case VIAFB_GET_PANEL_POSITION:
828 if (copy_from_user 831 if (copy_from_user(&u.panel_pos_size_para, argp,
829 (&panel_pos_size_para, argp, sizeof(panel_pos_size_para))) 832 sizeof(u.panel_pos_size_para)))
830 return -EFAULT; 833 return -EFAULT;
831 panel_pos_size_para.x = panel_pos_size_para.y = 0; 834 u.panel_pos_size_para.x = u.panel_pos_size_para.y = 0;
832 if (copy_to_user(argp, &panel_pos_size_para, 835 if (copy_to_user(argp, &u.panel_pos_size_para,
833 sizeof(panel_pos_size_para))) 836 sizeof(u.panel_pos_size_para)))
834 return -EFAULT; 837 return -EFAULT;
835 break; 838 break;
836 case VIAFB_GET_PANEL_SIZE: 839 case VIAFB_GET_PANEL_SIZE:
837 if (copy_from_user 840 if (copy_from_user(&u.panel_pos_size_para, argp,
838 (&panel_pos_size_para, argp, sizeof(panel_pos_size_para))) 841 sizeof(u.panel_pos_size_para)))
839 return -EFAULT; 842 return -EFAULT;
840 panel_pos_size_para.x = panel_pos_size_para.y = 0; 843 u.panel_pos_size_para.x = u.panel_pos_size_para.y = 0;
841 if (copy_to_user(argp, &panel_pos_size_para, 844 if (copy_to_user(argp, &u.panel_pos_size_para,
842 sizeof(panel_pos_size_para))) 845 sizeof(u.panel_pos_size_para)))
843 return -EFAULT; 846 return -EFAULT;
844 break; 847 break;
845 848
846 case VIAFB_SET_PANEL_POSITION: 849 case VIAFB_SET_PANEL_POSITION:
847 if (copy_from_user 850 if (copy_from_user(&u.panel_pos_size_para, argp,
848 (&panel_pos_size_para, argp, sizeof(panel_pos_size_para))) 851 sizeof(u.panel_pos_size_para)))
849 return -EFAULT; 852 return -EFAULT;
850 break; 853 break;
851 case VIAFB_SET_PANEL_SIZE: 854 case VIAFB_SET_PANEL_SIZE:
852 if (copy_from_user 855 if (copy_from_user(&u.panel_pos_size_para, argp,
853 (&panel_pos_size_para, argp, sizeof(panel_pos_size_para))) 856 sizeof(u.panel_pos_size_para)))
854 return -EFAULT; 857 return -EFAULT;
855 break; 858 break;
856 859
@@ -1052,10 +1055,8 @@ static void viafb_imageblit(struct fb_info *info,
1052 1055
1053static int viafb_cursor(struct fb_info *info, struct fb_cursor *cursor) 1056static int viafb_cursor(struct fb_info *info, struct fb_cursor *cursor)
1054{ 1057{
1055 u8 data[CURSOR_SIZE / 8];
1056 u32 data_bak[CURSOR_SIZE / 32];
1057 u32 temp, xx, yy, bg_col = 0, fg_col = 0; 1058 u32 temp, xx, yy, bg_col = 0, fg_col = 0;
1058 int size, i, j = 0; 1059 int i, j = 0;
1059 static int hw_cursor; 1060 static int hw_cursor;
1060 struct viafb_par *p_viafb_par; 1061 struct viafb_par *p_viafb_par;
1061 1062
@@ -1178,22 +1179,29 @@ static int viafb_cursor(struct fb_info *info, struct fb_cursor *cursor)
1178 } 1179 }
1179 1180
1180 if (cursor->set & FB_CUR_SETSHAPE) { 1181 if (cursor->set & FB_CUR_SETSHAPE) {
1181 size = 1182 struct {
1183 u8 data[CURSOR_SIZE / 8];
1184 u32 bak[CURSOR_SIZE / 32];
1185 } *cr_data = kzalloc(sizeof(*cr_data), GFP_ATOMIC);
1186 int size =
1182 ((viacursor.image.width + 7) >> 3) * 1187 ((viacursor.image.width + 7) >> 3) *
1183 viacursor.image.height; 1188 viacursor.image.height;
1184 1189
1190 if (cr_data == NULL)
1191 goto out;
1192
1185 if (MAX_CURS == 32) { 1193 if (MAX_CURS == 32) {
1186 for (i = 0; i < (CURSOR_SIZE / 32); i++) { 1194 for (i = 0; i < (CURSOR_SIZE / 32); i++) {
1187 data_bak[i] = 0x0; 1195 cr_data->bak[i] = 0x0;
1188 data_bak[i + 1] = 0xFFFFFFFF; 1196 cr_data->bak[i + 1] = 0xFFFFFFFF;
1189 i += 1; 1197 i += 1;
1190 } 1198 }
1191 } else if (MAX_CURS == 64) { 1199 } else if (MAX_CURS == 64) {
1192 for (i = 0; i < (CURSOR_SIZE / 32); i++) { 1200 for (i = 0; i < (CURSOR_SIZE / 32); i++) {
1193 data_bak[i] = 0x0; 1201 cr_data->bak[i] = 0x0;
1194 data_bak[i + 1] = 0x0; 1202 cr_data->bak[i + 1] = 0x0;
1195 data_bak[i + 2] = 0xFFFFFFFF; 1203 cr_data->bak[i + 2] = 0xFFFFFFFF;
1196 data_bak[i + 3] = 0xFFFFFFFF; 1204 cr_data->bak[i + 3] = 0xFFFFFFFF;
1197 i += 3; 1205 i += 3;
1198 } 1206 }
1199 } 1207 }
@@ -1201,12 +1209,12 @@ static int viafb_cursor(struct fb_info *info, struct fb_cursor *cursor)
1201 switch (viacursor.rop) { 1209 switch (viacursor.rop) {
1202 case ROP_XOR: 1210 case ROP_XOR:
1203 for (i = 0; i < size; i++) 1211 for (i = 0; i < size; i++)
1204 data[i] = viacursor.mask[i]; 1212 cr_data->data[i] = viacursor.mask[i];
1205 break; 1213 break;
1206 case ROP_COPY: 1214 case ROP_COPY:
1207 1215
1208 for (i = 0; i < size; i++) 1216 for (i = 0; i < size; i++)
1209 data[i] = viacursor.mask[i]; 1217 cr_data->data[i] = viacursor.mask[i];
1210 break; 1218 break;
1211 default: 1219 default:
1212 break; 1220 break;
@@ -1214,23 +1222,25 @@ static int viafb_cursor(struct fb_info *info, struct fb_cursor *cursor)
1214 1222
1215 if (MAX_CURS == 32) { 1223 if (MAX_CURS == 32) {
1216 for (i = 0; i < size; i++) { 1224 for (i = 0; i < size; i++) {
1217 data_bak[j] = (u32) data[i]; 1225 cr_data->bak[j] = (u32) cr_data->data[i];
1218 data_bak[j + 1] = ~data_bak[j]; 1226 cr_data->bak[j + 1] = ~cr_data->bak[j];
1219 j += 2; 1227 j += 2;
1220 } 1228 }
1221 } else if (MAX_CURS == 64) { 1229 } else if (MAX_CURS == 64) {
1222 for (i = 0; i < size; i++) { 1230 for (i = 0; i < size; i++) {
1223 data_bak[j] = (u32) data[i]; 1231 cr_data->bak[j] = (u32) cr_data->data[i];
1224 data_bak[j + 1] = 0x0; 1232 cr_data->bak[j + 1] = 0x0;
1225 data_bak[j + 2] = ~data_bak[j]; 1233 cr_data->bak[j + 2] = ~cr_data->bak[j];
1226 data_bak[j + 3] = ~data_bak[j + 1]; 1234 cr_data->bak[j + 3] = ~cr_data->bak[j + 1];
1227 j += 4; 1235 j += 4;
1228 } 1236 }
1229 } 1237 }
1230 1238
1231 memcpy(((struct viafb_par *)(info->par))->fbmem_virt + 1239 memcpy(((struct viafb_par *)(info->par))->fbmem_virt +
1232 ((struct viafb_par *)(info->par))->cursor_start, 1240 ((struct viafb_par *)(info->par))->cursor_start,
1233 data_bak, CURSOR_SIZE); 1241 cr_data->bak, CURSOR_SIZE);
1242out:
1243 kfree(cr_data);
1234 } 1244 }
1235 1245
1236 if (viacursor.enable) 1246 if (viacursor.enable)
diff --git a/fs/affs/file.c b/fs/affs/file.c
index 1377b1240b6e..9246cb4aa018 100644
--- a/fs/affs/file.c
+++ b/fs/affs/file.c
@@ -628,7 +628,7 @@ static int affs_write_begin_ofs(struct file *file, struct address_space *mapping
628 } 628 }
629 629
630 index = pos >> PAGE_CACHE_SHIFT; 630 index = pos >> PAGE_CACHE_SHIFT;
631 page = __grab_cache_page(mapping, index); 631 page = grab_cache_page_write_begin(mapping, index, flags);
632 if (!page) 632 if (!page)
633 return -ENOMEM; 633 return -ENOMEM;
634 *pagep = page; 634 *pagep = page;
diff --git a/fs/afs/write.c b/fs/afs/write.c
index d6b85dab35fc..3fb36d433621 100644
--- a/fs/afs/write.c
+++ b/fs/afs/write.c
@@ -144,7 +144,7 @@ int afs_write_begin(struct file *file, struct address_space *mapping,
144 candidate->state = AFS_WBACK_PENDING; 144 candidate->state = AFS_WBACK_PENDING;
145 init_waitqueue_head(&candidate->waitq); 145 init_waitqueue_head(&candidate->waitq);
146 146
147 page = __grab_cache_page(mapping, index); 147 page = grab_cache_page_write_begin(mapping, index, flags);
148 if (!page) { 148 if (!page) {
149 kfree(candidate); 149 kfree(candidate);
150 return -ENOMEM; 150 return -ENOMEM;
diff --git a/fs/buffer.c b/fs/buffer.c
index 776ae091d3b0..a13f09b696f7 100644
--- a/fs/buffer.c
+++ b/fs/buffer.c
@@ -1996,7 +1996,7 @@ int block_write_begin(struct file *file, struct address_space *mapping,
1996 page = *pagep; 1996 page = *pagep;
1997 if (page == NULL) { 1997 if (page == NULL) {
1998 ownpage = 1; 1998 ownpage = 1;
1999 page = __grab_cache_page(mapping, index); 1999 page = grab_cache_page_write_begin(mapping, index, flags);
2000 if (!page) { 2000 if (!page) {
2001 status = -ENOMEM; 2001 status = -ENOMEM;
2002 goto out; 2002 goto out;
@@ -2502,7 +2502,7 @@ int nobh_write_begin(struct file *file, struct address_space *mapping,
2502 from = pos & (PAGE_CACHE_SIZE - 1); 2502 from = pos & (PAGE_CACHE_SIZE - 1);
2503 to = from + len; 2503 to = from + len;
2504 2504
2505 page = __grab_cache_page(mapping, index); 2505 page = grab_cache_page_write_begin(mapping, index, flags);
2506 if (!page) 2506 if (!page)
2507 return -ENOMEM; 2507 return -ENOMEM;
2508 *pagep = page; 2508 *pagep = page;
diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index b1e1fc6a6e6a..12bb656fbe75 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -2074,7 +2074,7 @@ static int cifs_write_begin(struct file *file, struct address_space *mapping,
2074 2074
2075 cFYI(1, ("write_begin from %lld len %d", (long long)pos, len)); 2075 cFYI(1, ("write_begin from %lld len %d", (long long)pos, len));
2076 2076
2077 page = __grab_cache_page(mapping, index); 2077 page = grab_cache_page_write_begin(mapping, index, flags);
2078 if (!page) { 2078 if (!page) {
2079 rc = -ENOMEM; 2079 rc = -ENOMEM;
2080 goto out; 2080 goto out;
diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c
index 04d7b3fa1ac6..46cec2b69796 100644
--- a/fs/ecryptfs/mmap.c
+++ b/fs/ecryptfs/mmap.c
@@ -288,7 +288,7 @@ static int ecryptfs_write_begin(struct file *file,
288 loff_t prev_page_end_size; 288 loff_t prev_page_end_size;
289 int rc = 0; 289 int rc = 0;
290 290
291 page = __grab_cache_page(mapping, index); 291 page = grab_cache_page_write_begin(mapping, index, flags);
292 if (!page) 292 if (!page)
293 return -ENOMEM; 293 return -ENOMEM;
294 *pagep = page; 294 *pagep = page;
diff --git a/fs/ext3/inode.c b/fs/ext3/inode.c
index c4bdccf976b5..5fa453b49a64 100644
--- a/fs/ext3/inode.c
+++ b/fs/ext3/inode.c
@@ -1161,7 +1161,7 @@ static int ext3_write_begin(struct file *file, struct address_space *mapping,
1161 to = from + len; 1161 to = from + len;
1162 1162
1163retry: 1163retry:
1164 page = __grab_cache_page(mapping, index); 1164 page = grab_cache_page_write_begin(mapping, index, flags);
1165 if (!page) 1165 if (!page)
1166 return -ENOMEM; 1166 return -ENOMEM;
1167 *pagep = page; 1167 *pagep = page;
diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c
index 297ea8dfac7c..1dd2abe6313e 100644
--- a/fs/ext3/namei.c
+++ b/fs/ext3/namei.c
@@ -2175,8 +2175,7 @@ retry:
2175 * We have a transaction open. All is sweetness. It also sets 2175 * We have a transaction open. All is sweetness. It also sets
2176 * i_size in generic_commit_write(). 2176 * i_size in generic_commit_write().
2177 */ 2177 */
2178 err = __page_symlink(inode, symname, l, 2178 err = __page_symlink(inode, symname, l, 1);
2179 mapping_gfp_mask(inode->i_mapping) & ~__GFP_FS);
2180 if (err) { 2179 if (err) {
2181 drop_nlink(inode); 2180 drop_nlink(inode);
2182 unlock_new_inode(inode); 2181 unlock_new_inode(inode);
diff --git a/fs/ext4/ext4_sb.h b/fs/ext4/ext4_sb.h
index 445fde603df8..b21f16713db0 100644
--- a/fs/ext4/ext4_sb.h
+++ b/fs/ext4/ext4_sb.h
@@ -146,4 +146,10 @@ struct ext4_sb_info {
146 struct flex_groups *s_flex_groups; 146 struct flex_groups *s_flex_groups;
147}; 147};
148 148
149static inline spinlock_t *
150sb_bgl_lock(struct ext4_sb_info *sbi, unsigned int block_group)
151{
152 return bgl_lock_ptr(&sbi->s_blockgroup_lock, block_group);
153}
154
149#endif /* _EXT4_SB */ 155#endif /* _EXT4_SB */
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 7c3325e0b005..6702a49992a6 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -1346,7 +1346,7 @@ retry:
1346 goto out; 1346 goto out;
1347 } 1347 }
1348 1348
1349 page = __grab_cache_page(mapping, index); 1349 page = grab_cache_page_write_begin(mapping, index, flags);
1350 if (!page) { 1350 if (!page) {
1351 ext4_journal_stop(handle); 1351 ext4_journal_stop(handle);
1352 ret = -ENOMEM; 1352 ret = -ENOMEM;
@@ -2550,7 +2550,7 @@ retry:
2550 goto out; 2550 goto out;
2551 } 2551 }
2552 2552
2553 page = __grab_cache_page(mapping, index); 2553 page = grab_cache_page_write_begin(mapping, index, flags);
2554 if (!page) { 2554 if (!page) {
2555 ext4_journal_stop(handle); 2555 ext4_journal_stop(handle);
2556 ret = -ENOMEM; 2556 ret = -ENOMEM;
diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index da98a9012fa5..9fd2a5e1be4d 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -2212,8 +2212,7 @@ retry:
2212 * We have a transaction open. All is sweetness. It also sets 2212 * We have a transaction open. All is sweetness. It also sets
2213 * i_size in generic_commit_write(). 2213 * i_size in generic_commit_write().
2214 */ 2214 */
2215 err = __page_symlink(inode, symname, l, 2215 err = __page_symlink(inode, symname, l, 1);
2216 mapping_gfp_mask(inode->i_mapping) & ~__GFP_FS);
2217 if (err) { 2216 if (err) {
2218 clear_nlink(inode); 2217 clear_nlink(inode);
2219 unlock_new_inode(inode); 2218 unlock_new_inode(inode);
diff --git a/fs/fuse/file.c b/fs/fuse/file.c
index 34930a964b82..4c9ee7011265 100644
--- a/fs/fuse/file.c
+++ b/fs/fuse/file.c
@@ -646,7 +646,7 @@ static int fuse_write_begin(struct file *file, struct address_space *mapping,
646{ 646{
647 pgoff_t index = pos >> PAGE_CACHE_SHIFT; 647 pgoff_t index = pos >> PAGE_CACHE_SHIFT;
648 648
649 *pagep = __grab_cache_page(mapping, index); 649 *pagep = grab_cache_page_write_begin(mapping, index, flags);
650 if (!*pagep) 650 if (!*pagep)
651 return -ENOMEM; 651 return -ENOMEM;
652 return 0; 652 return 0;
@@ -779,7 +779,7 @@ static ssize_t fuse_fill_write_pages(struct fuse_req *req,
779 break; 779 break;
780 780
781 err = -ENOMEM; 781 err = -ENOMEM;
782 page = __grab_cache_page(mapping, index); 782 page = grab_cache_page_write_begin(mapping, index, 0);
783 if (!page) 783 if (!page)
784 break; 784 break;
785 785
diff --git a/fs/gfs2/ops_address.c b/fs/gfs2/ops_address.c
index 27563816e1c5..15f710f2d4da 100644
--- a/fs/gfs2/ops_address.c
+++ b/fs/gfs2/ops_address.c
@@ -675,7 +675,7 @@ static int gfs2_write_begin(struct file *file, struct address_space *mapping,
675 goto out_trans_fail; 675 goto out_trans_fail;
676 676
677 error = -ENOMEM; 677 error = -ENOMEM;
678 page = __grab_cache_page(mapping, index); 678 page = grab_cache_page_write_begin(mapping, index, flags);
679 *pagep = page; 679 *pagep = page;
680 if (unlikely(!page)) 680 if (unlikely(!page))
681 goto out_endtrans; 681 goto out_endtrans;
diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c
index 3a31451ac170..5c538e0ec14b 100644
--- a/fs/hostfs/hostfs_kern.c
+++ b/fs/hostfs/hostfs_kern.c
@@ -501,7 +501,7 @@ int hostfs_write_begin(struct file *file, struct address_space *mapping,
501{ 501{
502 pgoff_t index = pos >> PAGE_CACHE_SHIFT; 502 pgoff_t index = pos >> PAGE_CACHE_SHIFT;
503 503
504 *pagep = __grab_cache_page(mapping, index); 504 *pagep = grab_cache_page_write_begin(mapping, index, flags);
505 if (!*pagep) 505 if (!*pagep)
506 return -ENOMEM; 506 return -ENOMEM;
507 return 0; 507 return 0;
diff --git a/fs/jffs2/file.c b/fs/jffs2/file.c
index 5a98aa87c853..5edc2bf20581 100644
--- a/fs/jffs2/file.c
+++ b/fs/jffs2/file.c
@@ -132,7 +132,7 @@ static int jffs2_write_begin(struct file *filp, struct address_space *mapping,
132 uint32_t pageofs = index << PAGE_CACHE_SHIFT; 132 uint32_t pageofs = index << PAGE_CACHE_SHIFT;
133 int ret = 0; 133 int ret = 0;
134 134
135 pg = __grab_cache_page(mapping, index); 135 pg = grab_cache_page_write_begin(mapping, index, flags);
136 if (!pg) 136 if (!pg)
137 return -ENOMEM; 137 return -ENOMEM;
138 *pagep = pg; 138 *pagep = pg;
diff --git a/fs/libfs.c b/fs/libfs.c
index 7de05f7ce746..49b44099dabb 100644
--- a/fs/libfs.c
+++ b/fs/libfs.c
@@ -359,7 +359,7 @@ int simple_write_begin(struct file *file, struct address_space *mapping,
359 index = pos >> PAGE_CACHE_SHIFT; 359 index = pos >> PAGE_CACHE_SHIFT;
360 from = pos & (PAGE_CACHE_SIZE - 1); 360 from = pos & (PAGE_CACHE_SIZE - 1);
361 361
362 page = __grab_cache_page(mapping, index); 362 page = grab_cache_page_write_begin(mapping, index, flags);
363 if (!page) 363 if (!page)
364 return -ENOMEM; 364 return -ENOMEM;
365 365
diff --git a/fs/namei.c b/fs/namei.c
index 1f6656c3d1b9..f05bed242422 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -2811,18 +2811,23 @@ void page_put_link(struct dentry *dentry, struct nameidata *nd, void *cookie)
2811 } 2811 }
2812} 2812}
2813 2813
2814int __page_symlink(struct inode *inode, const char *symname, int len, 2814/*
2815 gfp_t gfp_mask) 2815 * The nofs argument instructs pagecache_write_begin to pass AOP_FLAG_NOFS
2816 */
2817int __page_symlink(struct inode *inode, const char *symname, int len, int nofs)
2816{ 2818{
2817 struct address_space *mapping = inode->i_mapping; 2819 struct address_space *mapping = inode->i_mapping;
2818 struct page *page; 2820 struct page *page;
2819 void *fsdata; 2821 void *fsdata;
2820 int err; 2822 int err;
2821 char *kaddr; 2823 char *kaddr;
2824 unsigned int flags = AOP_FLAG_UNINTERRUPTIBLE;
2825 if (nofs)
2826 flags |= AOP_FLAG_NOFS;
2822 2827
2823retry: 2828retry:
2824 err = pagecache_write_begin(NULL, mapping, 0, len-1, 2829 err = pagecache_write_begin(NULL, mapping, 0, len-1,
2825 AOP_FLAG_UNINTERRUPTIBLE, &page, &fsdata); 2830 flags, &page, &fsdata);
2826 if (err) 2831 if (err)
2827 goto fail; 2832 goto fail;
2828 2833
@@ -2846,7 +2851,7 @@ fail:
2846int page_symlink(struct inode *inode, const char *symname, int len) 2851int page_symlink(struct inode *inode, const char *symname, int len)
2847{ 2852{
2848 return __page_symlink(inode, symname, len, 2853 return __page_symlink(inode, symname, len,
2849 mapping_gfp_mask(inode->i_mapping)); 2854 !(mapping_gfp_mask(inode->i_mapping) & __GFP_FS));
2850} 2855}
2851 2856
2852const struct inode_operations page_symlink_inode_operations = { 2857const struct inode_operations page_symlink_inode_operations = {
diff --git a/fs/nfs/file.c b/fs/nfs/file.c
index d319b49f8f06..90f292b520d2 100644
--- a/fs/nfs/file.c
+++ b/fs/nfs/file.c
@@ -354,7 +354,7 @@ static int nfs_write_begin(struct file *file, struct address_space *mapping,
354 file->f_path.dentry->d_name.name, 354 file->f_path.dentry->d_name.name,
355 mapping->host->i_ino, len, (long long) pos); 355 mapping->host->i_ino, len, (long long) pos);
356 356
357 page = __grab_cache_page(mapping, index); 357 page = grab_cache_page_write_begin(mapping, index, flags);
358 if (!page) 358 if (!page)
359 return -ENOMEM; 359 return -ENOMEM;
360 *pagep = page; 360 *pagep = page;
diff --git a/fs/pipe.c b/fs/pipe.c
index aaf797bd57b9..891697112f66 100644
--- a/fs/pipe.c
+++ b/fs/pipe.c
@@ -1016,10 +1016,7 @@ int do_pipe_flags(int *fd, int flags)
1016 goto err_fdr; 1016 goto err_fdr;
1017 fdw = error; 1017 fdw = error;
1018 1018
1019 error = audit_fd_pair(fdr, fdw); 1019 audit_fd_pair(fdr, fdw);
1020 if (error < 0)
1021 goto err_fdw;
1022
1023 fd_install(fdr, fr); 1020 fd_install(fdr, fr);
1024 fd_install(fdw, fw); 1021 fd_install(fdw, fw);
1025 fd[0] = fdr; 1022 fd[0] = fdr;
@@ -1027,8 +1024,6 @@ int do_pipe_flags(int *fd, int flags)
1027 1024
1028 return 0; 1025 return 0;
1029 1026
1030 err_fdw:
1031 put_unused_fd(fdw);
1032 err_fdr: 1027 err_fdr:
1033 put_unused_fd(fdr); 1028 put_unused_fd(fdr);
1034 err_read_pipe: 1029 err_read_pipe:
diff --git a/fs/reiserfs/inode.c b/fs/reiserfs/inode.c
index 1306d4f0f447..55fce92cdf18 100644
--- a/fs/reiserfs/inode.c
+++ b/fs/reiserfs/inode.c
@@ -2560,7 +2560,7 @@ static int reiserfs_write_begin(struct file *file,
2560 } 2560 }
2561 2561
2562 index = pos >> PAGE_CACHE_SHIFT; 2562 index = pos >> PAGE_CACHE_SHIFT;
2563 page = __grab_cache_page(mapping, index); 2563 page = grab_cache_page_write_begin(mapping, index, flags);
2564 if (!page) 2564 if (!page)
2565 return -ENOMEM; 2565 return -ENOMEM;
2566 *pagep = page; 2566 *pagep = page;
diff --git a/fs/smbfs/file.c b/fs/smbfs/file.c
index e4f8d51a5553..92d5e8ffb639 100644
--- a/fs/smbfs/file.c
+++ b/fs/smbfs/file.c
@@ -297,7 +297,7 @@ static int smb_write_begin(struct file *file, struct address_space *mapping,
297 struct page **pagep, void **fsdata) 297 struct page **pagep, void **fsdata)
298{ 298{
299 pgoff_t index = pos >> PAGE_CACHE_SHIFT; 299 pgoff_t index = pos >> PAGE_CACHE_SHIFT;
300 *pagep = __grab_cache_page(mapping, index); 300 *pagep = grab_cache_page_write_begin(mapping, index, flags);
301 if (!*pagep) 301 if (!*pagep)
302 return -ENOMEM; 302 return -ENOMEM;
303 return 0; 303 return 0;
diff --git a/fs/ubifs/file.c b/fs/ubifs/file.c
index fe82d2464d46..bf37374567fa 100644
--- a/fs/ubifs/file.c
+++ b/fs/ubifs/file.c
@@ -219,7 +219,8 @@ static void release_existing_page_budget(struct ubifs_info *c)
219} 219}
220 220
221static int write_begin_slow(struct address_space *mapping, 221static int write_begin_slow(struct address_space *mapping,
222 loff_t pos, unsigned len, struct page **pagep) 222 loff_t pos, unsigned len, struct page **pagep,
223 unsigned flags)
223{ 224{
224 struct inode *inode = mapping->host; 225 struct inode *inode = mapping->host;
225 struct ubifs_info *c = inode->i_sb->s_fs_info; 226 struct ubifs_info *c = inode->i_sb->s_fs_info;
@@ -247,7 +248,7 @@ static int write_begin_slow(struct address_space *mapping,
247 if (unlikely(err)) 248 if (unlikely(err))
248 return err; 249 return err;
249 250
250 page = __grab_cache_page(mapping, index); 251 page = grab_cache_page_write_begin(mapping, index, flags);
251 if (unlikely(!page)) { 252 if (unlikely(!page)) {
252 ubifs_release_budget(c, &req); 253 ubifs_release_budget(c, &req);
253 return -ENOMEM; 254 return -ENOMEM;
@@ -438,7 +439,7 @@ static int ubifs_write_begin(struct file *file, struct address_space *mapping,
438 return -EROFS; 439 return -EROFS;
439 440
440 /* Try out the fast-path part first */ 441 /* Try out the fast-path part first */
441 page = __grab_cache_page(mapping, index); 442 page = grab_cache_page_write_begin(mapping, index, flags);
442 if (unlikely(!page)) 443 if (unlikely(!page))
443 return -ENOMEM; 444 return -ENOMEM;
444 445
@@ -483,7 +484,7 @@ static int ubifs_write_begin(struct file *file, struct address_space *mapping,
483 unlock_page(page); 484 unlock_page(page);
484 page_cache_release(page); 485 page_cache_release(page);
485 486
486 return write_begin_slow(mapping, pos, len, pagep); 487 return write_begin_slow(mapping, pos, len, pagep, flags);
487 } 488 }
488 489
489 /* 490 /*
diff --git a/include/linux/audit.h b/include/linux/audit.h
index 26c4f6f65a46..67e5dbfc2961 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -247,6 +247,18 @@
247#define AUDIT_GREATER_THAN_OR_EQUAL (AUDIT_GREATER_THAN|AUDIT_EQUAL) 247#define AUDIT_GREATER_THAN_OR_EQUAL (AUDIT_GREATER_THAN|AUDIT_EQUAL)
248#define AUDIT_OPERATORS (AUDIT_EQUAL|AUDIT_NOT_EQUAL|AUDIT_BIT_MASK) 248#define AUDIT_OPERATORS (AUDIT_EQUAL|AUDIT_NOT_EQUAL|AUDIT_BIT_MASK)
249 249
250enum {
251 Audit_equal,
252 Audit_not_equal,
253 Audit_bitmask,
254 Audit_bittest,
255 Audit_lt,
256 Audit_gt,
257 Audit_le,
258 Audit_ge,
259 Audit_bad
260};
261
250/* Status symbols */ 262/* Status symbols */
251 /* Mask values */ 263 /* Mask values */
252#define AUDIT_STATUS_ENABLED 0x0001 264#define AUDIT_STATUS_ENABLED 0x0001
@@ -373,6 +385,8 @@ struct audit_krule {
373 struct audit_watch *watch; /* associated watch */ 385 struct audit_watch *watch; /* associated watch */
374 struct audit_tree *tree; /* associated watched tree */ 386 struct audit_tree *tree; /* associated watched tree */
375 struct list_head rlist; /* entry in audit_{watch,tree}.rules list */ 387 struct list_head rlist; /* entry in audit_{watch,tree}.rules list */
388 struct list_head list; /* for AUDIT_LIST* purposes only */
389 u64 prio;
376}; 390};
377 391
378struct audit_field { 392struct audit_field {
@@ -443,70 +457,56 @@ extern int audit_set_loginuid(struct task_struct *task, uid_t loginuid);
443#define audit_get_loginuid(t) ((t)->loginuid) 457#define audit_get_loginuid(t) ((t)->loginuid)
444#define audit_get_sessionid(t) ((t)->sessionid) 458#define audit_get_sessionid(t) ((t)->sessionid)
445extern void audit_log_task_context(struct audit_buffer *ab); 459extern void audit_log_task_context(struct audit_buffer *ab);
446extern int __audit_ipc_obj(struct kern_ipc_perm *ipcp); 460extern void __audit_ipc_obj(struct kern_ipc_perm *ipcp);
447extern int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode); 461extern void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode);
448extern int audit_bprm(struct linux_binprm *bprm); 462extern int audit_bprm(struct linux_binprm *bprm);
449extern int audit_socketcall(int nargs, unsigned long *args); 463extern void audit_socketcall(int nargs, unsigned long *args);
450extern int audit_sockaddr(int len, void *addr); 464extern int audit_sockaddr(int len, void *addr);
451extern int __audit_fd_pair(int fd1, int fd2); 465extern void __audit_fd_pair(int fd1, int fd2);
452extern int audit_set_macxattr(const char *name); 466extern int audit_set_macxattr(const char *name);
453extern int __audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr); 467extern void __audit_mq_open(int oflag, mode_t mode, struct mq_attr *attr);
454extern int __audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec __user *u_abs_timeout); 468extern void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec *abs_timeout);
455extern int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout); 469extern void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification);
456extern int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification); 470extern void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
457extern int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
458extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm, 471extern int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
459 const struct cred *new, 472 const struct cred *new,
460 const struct cred *old); 473 const struct cred *old);
461extern int __audit_log_capset(pid_t pid, const struct cred *new, const struct cred *old); 474extern void __audit_log_capset(pid_t pid, const struct cred *new, const struct cred *old);
462 475
463static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp) 476static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp)
464{ 477{
465 if (unlikely(!audit_dummy_context())) 478 if (unlikely(!audit_dummy_context()))
466 return __audit_ipc_obj(ipcp); 479 __audit_ipc_obj(ipcp);
467 return 0;
468}
469static inline int audit_fd_pair(int fd1, int fd2)
470{
471 if (unlikely(!audit_dummy_context()))
472 return __audit_fd_pair(fd1, fd2);
473 return 0;
474} 480}
475static inline int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode) 481static inline void audit_fd_pair(int fd1, int fd2)
476{ 482{
477 if (unlikely(!audit_dummy_context())) 483 if (unlikely(!audit_dummy_context()))
478 return __audit_ipc_set_perm(qbytes, uid, gid, mode); 484 __audit_fd_pair(fd1, fd2);
479 return 0;
480} 485}
481static inline int audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr) 486static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
482{ 487{
483 if (unlikely(!audit_dummy_context())) 488 if (unlikely(!audit_dummy_context()))
484 return __audit_mq_open(oflag, mode, u_attr); 489 __audit_ipc_set_perm(qbytes, uid, gid, mode);
485 return 0;
486} 490}
487static inline int audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec __user *u_abs_timeout) 491static inline void audit_mq_open(int oflag, mode_t mode, struct mq_attr *attr)
488{ 492{
489 if (unlikely(!audit_dummy_context())) 493 if (unlikely(!audit_dummy_context()))
490 return __audit_mq_timedsend(mqdes, msg_len, msg_prio, u_abs_timeout); 494 __audit_mq_open(oflag, mode, attr);
491 return 0;
492} 495}
493static inline int audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout) 496static inline void audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec *abs_timeout)
494{ 497{
495 if (unlikely(!audit_dummy_context())) 498 if (unlikely(!audit_dummy_context()))
496 return __audit_mq_timedreceive(mqdes, msg_len, u_msg_prio, u_abs_timeout); 499 __audit_mq_sendrecv(mqdes, msg_len, msg_prio, abs_timeout);
497 return 0;
498} 500}
499static inline int audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification) 501static inline void audit_mq_notify(mqd_t mqdes, const struct sigevent *notification)
500{ 502{
501 if (unlikely(!audit_dummy_context())) 503 if (unlikely(!audit_dummy_context()))
502 return __audit_mq_notify(mqdes, u_notification); 504 __audit_mq_notify(mqdes, notification);
503 return 0;
504} 505}
505static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) 506static inline void audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
506{ 507{
507 if (unlikely(!audit_dummy_context())) 508 if (unlikely(!audit_dummy_context()))
508 return __audit_mq_getsetattr(mqdes, mqstat); 509 __audit_mq_getsetattr(mqdes, mqstat);
509 return 0;
510} 510}
511 511
512static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm, 512static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
@@ -518,12 +518,11 @@ static inline int audit_log_bprm_fcaps(struct linux_binprm *bprm,
518 return 0; 518 return 0;
519} 519}
520 520
521static inline int audit_log_capset(pid_t pid, const struct cred *new, 521static inline void audit_log_capset(pid_t pid, const struct cred *new,
522 const struct cred *old) 522 const struct cred *old)
523{ 523{
524 if (unlikely(!audit_dummy_context())) 524 if (unlikely(!audit_dummy_context()))
525 return __audit_log_capset(pid, new, old); 525 __audit_log_capset(pid, new, old);
526 return 0;
527} 526}
528 527
529extern int audit_n_rules; 528extern int audit_n_rules;
@@ -546,20 +545,19 @@ extern int audit_signals;
546#define audit_get_loginuid(t) (-1) 545#define audit_get_loginuid(t) (-1)
547#define audit_get_sessionid(t) (-1) 546#define audit_get_sessionid(t) (-1)
548#define audit_log_task_context(b) do { ; } while (0) 547#define audit_log_task_context(b) do { ; } while (0)
549#define audit_ipc_obj(i) ({ 0; }) 548#define audit_ipc_obj(i) ((void)0)
550#define audit_ipc_set_perm(q,u,g,m) ({ 0; }) 549#define audit_ipc_set_perm(q,u,g,m) ((void)0)
551#define audit_bprm(p) ({ 0; }) 550#define audit_bprm(p) ({ 0; })
552#define audit_socketcall(n,a) ({ 0; }) 551#define audit_socketcall(n,a) ((void)0)
553#define audit_fd_pair(n,a) ({ 0; }) 552#define audit_fd_pair(n,a) ((void)0)
554#define audit_sockaddr(len, addr) ({ 0; }) 553#define audit_sockaddr(len, addr) ({ 0; })
555#define audit_set_macxattr(n) do { ; } while (0) 554#define audit_set_macxattr(n) do { ; } while (0)
556#define audit_mq_open(o,m,a) ({ 0; }) 555#define audit_mq_open(o,m,a) ((void)0)
557#define audit_mq_timedsend(d,l,p,t) ({ 0; }) 556#define audit_mq_sendrecv(d,l,p,t) ((void)0)
558#define audit_mq_timedreceive(d,l,p,t) ({ 0; }) 557#define audit_mq_notify(d,n) ((void)0)
559#define audit_mq_notify(d,n) ({ 0; }) 558#define audit_mq_getsetattr(d,s) ((void)0)
560#define audit_mq_getsetattr(d,s) ({ 0; })
561#define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; }) 559#define audit_log_bprm_fcaps(b, ncr, ocr) ({ 0; })
562#define audit_log_capset(pid, ncr, ocr) ({ 0; }) 560#define audit_log_capset(pid, ncr, ocr) ((void)0)
563#define audit_ptrace(t) ((void)0) 561#define audit_ptrace(t) ((void)0)
564#define audit_n_rules 0 562#define audit_n_rules 0
565#define audit_signals 0 563#define audit_signals 0
diff --git a/include/linux/blockgroup_lock.h b/include/linux/blockgroup_lock.h
index 8607312983bd..e44b88ba552b 100644
--- a/include/linux/blockgroup_lock.h
+++ b/include/linux/blockgroup_lock.h
@@ -53,7 +53,10 @@ static inline void bgl_lock_init(struct blockgroup_lock *bgl)
53 * The accessor is a macro so we can embed a blockgroup_lock into different 53 * The accessor is a macro so we can embed a blockgroup_lock into different
54 * superblock types 54 * superblock types
55 */ 55 */
56#define sb_bgl_lock(sb, block_group) \ 56static inline spinlock_t *
57 (&(sb)->s_blockgroup_lock.locks[(block_group) & (NR_BG_LOCKS-1)].lock) 57bgl_lock_ptr(struct blockgroup_lock *bgl, unsigned int block_group)
58{
59 return &bgl->locks[(block_group) & (NR_BG_LOCKS-1)].lock;
60}
58 61
59#endif 62#endif
diff --git a/include/linux/ext2_fs_sb.h b/include/linux/ext2_fs_sb.h
index f273415ab6f1..dc541f3653d1 100644
--- a/include/linux/ext2_fs_sb.h
+++ b/include/linux/ext2_fs_sb.h
@@ -108,4 +108,10 @@ struct ext2_sb_info {
108 struct ext2_reserve_window_node s_rsv_window_head; 108 struct ext2_reserve_window_node s_rsv_window_head;
109}; 109};
110 110
111static inline spinlock_t *
112sb_bgl_lock(struct ext2_sb_info *sbi, unsigned int block_group)
113{
114 return bgl_lock_ptr(&sbi->s_blockgroup_lock, block_group);
115}
116
111#endif /* _LINUX_EXT2_FS_SB */ 117#endif /* _LINUX_EXT2_FS_SB */
diff --git a/include/linux/ext3_fs_sb.h b/include/linux/ext3_fs_sb.h
index b65f0288b842..e024e38248ff 100644
--- a/include/linux/ext3_fs_sb.h
+++ b/include/linux/ext3_fs_sb.h
@@ -83,4 +83,10 @@ struct ext3_sb_info {
83#endif 83#endif
84}; 84};
85 85
86static inline spinlock_t *
87sb_bgl_lock(struct ext3_sb_info *sbi, unsigned int block_group)
88{
89 return bgl_lock_ptr(&sbi->s_blockgroup_lock, block_group);
90}
91
86#endif /* _LINUX_EXT3_FS_SB */ 92#endif /* _LINUX_EXT3_FS_SB */
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 9ad9eac9eb0c..8b916ce92e73 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -423,6 +423,9 @@ enum positive_aop_returns {
423 423
424#define AOP_FLAG_UNINTERRUPTIBLE 0x0001 /* will not do a short write */ 424#define AOP_FLAG_UNINTERRUPTIBLE 0x0001 /* will not do a short write */
425#define AOP_FLAG_CONT_EXPAND 0x0002 /* called from cont_expand */ 425#define AOP_FLAG_CONT_EXPAND 0x0002 /* called from cont_expand */
426#define AOP_FLAG_NOFS 0x0004 /* used by filesystem to direct
427 * helper code (eg buffer layer)
428 * to clear GFP_FS from alloc */
426 429
427/* 430/*
428 * oh the beauties of C type declarations. 431 * oh the beauties of C type declarations.
@@ -2035,7 +2038,7 @@ extern int page_readlink(struct dentry *, char __user *, int);
2035extern void *page_follow_link_light(struct dentry *, struct nameidata *); 2038extern void *page_follow_link_light(struct dentry *, struct nameidata *);
2036extern void page_put_link(struct dentry *, struct nameidata *, void *); 2039extern void page_put_link(struct dentry *, struct nameidata *, void *);
2037extern int __page_symlink(struct inode *inode, const char *symname, int len, 2040extern int __page_symlink(struct inode *inode, const char *symname, int len,
2038 gfp_t gfp_mask); 2041 int nofs);
2039extern int page_symlink(struct inode *inode, const char *symname, int len); 2042extern int page_symlink(struct inode *inode, const char *symname, int len);
2040extern const struct inode_operations page_symlink_inode_operations; 2043extern const struct inode_operations page_symlink_inode_operations;
2041extern int generic_readlink(struct dentry *, char __user *, int); 2044extern int generic_readlink(struct dentry *, char __user *, int);
diff --git a/include/linux/pagemap.h b/include/linux/pagemap.h
index 709742be02f0..01ca0856caff 100644
--- a/include/linux/pagemap.h
+++ b/include/linux/pagemap.h
@@ -241,7 +241,8 @@ unsigned find_get_pages_contig(struct address_space *mapping, pgoff_t start,
241unsigned find_get_pages_tag(struct address_space *mapping, pgoff_t *index, 241unsigned find_get_pages_tag(struct address_space *mapping, pgoff_t *index,
242 int tag, unsigned int nr_pages, struct page **pages); 242 int tag, unsigned int nr_pages, struct page **pages);
243 243
244struct page *__grab_cache_page(struct address_space *mapping, pgoff_t index); 244struct page *grab_cache_page_write_begin(struct address_space *mapping,
245 pgoff_t index, unsigned flags);
245 246
246/* 247/*
247 * Returns locked page at given index in given cache, creating it if needed. 248 * Returns locked page at given index in given cache, creating it if needed.
diff --git a/include/linux/radix-tree.h b/include/linux/radix-tree.h
index a916c6660dfa..355f6e80db0d 100644
--- a/include/linux/radix-tree.h
+++ b/include/linux/radix-tree.h
@@ -136,7 +136,7 @@ do { \
136 */ 136 */
137static inline void *radix_tree_deref_slot(void **pslot) 137static inline void *radix_tree_deref_slot(void **pslot)
138{ 138{
139 void *ret = *pslot; 139 void *ret = rcu_dereference(*pslot);
140 if (unlikely(radix_tree_is_indirect_ptr(ret))) 140 if (unlikely(radix_tree_is_indirect_ptr(ret)))
141 ret = RADIX_TREE_RETRY; 141 ret = RADIX_TREE_RETRY;
142 return ret; 142 return ret;
diff --git a/include/linux/rtc.h b/include/linux/rtc.h
index 91f597ad6acc..4046b75563c1 100644
--- a/include/linux/rtc.h
+++ b/include/linux/rtc.h
@@ -145,6 +145,8 @@ struct rtc_class_ops {
145 int (*irq_set_state)(struct device *, int enabled); 145 int (*irq_set_state)(struct device *, int enabled);
146 int (*irq_set_freq)(struct device *, int freq); 146 int (*irq_set_freq)(struct device *, int freq);
147 int (*read_callback)(struct device *, int data); 147 int (*read_callback)(struct device *, int data);
148 int (*alarm_irq_enable)(struct device *, unsigned int enabled);
149 int (*update_irq_enable)(struct device *, unsigned int enabled);
148}; 150};
149 151
150#define RTC_DEVICE_NAME_SIZE 20 152#define RTC_DEVICE_NAME_SIZE 20
@@ -181,7 +183,7 @@ struct rtc_device
181 struct timer_list uie_timer; 183 struct timer_list uie_timer;
182 /* Those fields are protected by rtc->irq_lock */ 184 /* Those fields are protected by rtc->irq_lock */
183 unsigned int oldsecs; 185 unsigned int oldsecs;
184 unsigned int irq_active:1; 186 unsigned int uie_irq_active:1;
185 unsigned int stop_uie_polling:1; 187 unsigned int stop_uie_polling:1;
186 unsigned int uie_task_active:1; 188 unsigned int uie_task_active:1;
187 unsigned int uie_timer_active:1; 189 unsigned int uie_timer_active:1;
@@ -216,6 +218,10 @@ extern int rtc_irq_set_state(struct rtc_device *rtc,
216 struct rtc_task *task, int enabled); 218 struct rtc_task *task, int enabled);
217extern int rtc_irq_set_freq(struct rtc_device *rtc, 219extern int rtc_irq_set_freq(struct rtc_device *rtc,
218 struct rtc_task *task, int freq); 220 struct rtc_task *task, int freq);
221extern int rtc_update_irq_enable(struct rtc_device *rtc, unsigned int enabled);
222extern int rtc_alarm_irq_enable(struct rtc_device *rtc, unsigned int enabled);
223extern int rtc_dev_update_irq_enable_emul(struct rtc_device *rtc,
224 unsigned int enabled);
219 225
220typedef struct rtc_task { 226typedef struct rtc_task {
221 void (*func)(void *private_data); 227 void (*func)(void *private_data);
diff --git a/include/linux/spi/spi.h b/include/linux/spi/spi.h
index 4be01bb44377..82229317753d 100644
--- a/include/linux/spi/spi.h
+++ b/include/linux/spi/spi.h
@@ -19,6 +19,8 @@
19#ifndef __LINUX_SPI_H 19#ifndef __LINUX_SPI_H
20#define __LINUX_SPI_H 20#define __LINUX_SPI_H
21 21
22#include <linux/device.h>
23
22/* 24/*
23 * INTERFACES between SPI master-side drivers and SPI infrastructure. 25 * INTERFACES between SPI master-side drivers and SPI infrastructure.
24 * (There's no SPI slave support for Linux yet...) 26 * (There's no SPI slave support for Linux yet...)
diff --git a/ipc/mqueue.c b/ipc/mqueue.c
index 41b72f02fa70..eddb6247a553 100644
--- a/ipc/mqueue.c
+++ b/ipc/mqueue.c
@@ -523,31 +523,27 @@ static void __do_notify(struct mqueue_inode_info *info)
523 wake_up(&info->wait_q); 523 wake_up(&info->wait_q);
524} 524}
525 525
526static long prepare_timeout(const struct timespec __user *u_arg) 526static long prepare_timeout(struct timespec *p)
527{ 527{
528 struct timespec ts, nowts; 528 struct timespec nowts;
529 long timeout; 529 long timeout;
530 530
531 if (u_arg) { 531 if (p) {
532 if (unlikely(copy_from_user(&ts, u_arg, 532 if (unlikely(p->tv_nsec < 0 || p->tv_sec < 0
533 sizeof(struct timespec)))) 533 || p->tv_nsec >= NSEC_PER_SEC))
534 return -EFAULT;
535
536 if (unlikely(ts.tv_nsec < 0 || ts.tv_sec < 0
537 || ts.tv_nsec >= NSEC_PER_SEC))
538 return -EINVAL; 534 return -EINVAL;
539 nowts = CURRENT_TIME; 535 nowts = CURRENT_TIME;
540 /* first subtract as jiffies can't be too big */ 536 /* first subtract as jiffies can't be too big */
541 ts.tv_sec -= nowts.tv_sec; 537 p->tv_sec -= nowts.tv_sec;
542 if (ts.tv_nsec < nowts.tv_nsec) { 538 if (p->tv_nsec < nowts.tv_nsec) {
543 ts.tv_nsec += NSEC_PER_SEC; 539 p->tv_nsec += NSEC_PER_SEC;
544 ts.tv_sec--; 540 p->tv_sec--;
545 } 541 }
546 ts.tv_nsec -= nowts.tv_nsec; 542 p->tv_nsec -= nowts.tv_nsec;
547 if (ts.tv_sec < 0) 543 if (p->tv_sec < 0)
548 return 0; 544 return 0;
549 545
550 timeout = timespec_to_jiffies(&ts) + 1; 546 timeout = timespec_to_jiffies(p) + 1;
551 } else 547 } else
552 return MAX_SCHEDULE_TIMEOUT; 548 return MAX_SCHEDULE_TIMEOUT;
553 549
@@ -591,22 +587,18 @@ static int mq_attr_ok(struct mq_attr *attr)
591 * Invoked when creating a new queue via sys_mq_open 587 * Invoked when creating a new queue via sys_mq_open
592 */ 588 */
593static struct file *do_create(struct dentry *dir, struct dentry *dentry, 589static struct file *do_create(struct dentry *dir, struct dentry *dentry,
594 int oflag, mode_t mode, struct mq_attr __user *u_attr) 590 int oflag, mode_t mode, struct mq_attr *attr)
595{ 591{
596 const struct cred *cred = current_cred(); 592 const struct cred *cred = current_cred();
597 struct mq_attr attr;
598 struct file *result; 593 struct file *result;
599 int ret; 594 int ret;
600 595
601 if (u_attr) { 596 if (attr) {
602 ret = -EFAULT;
603 if (copy_from_user(&attr, u_attr, sizeof(attr)))
604 goto out;
605 ret = -EINVAL; 597 ret = -EINVAL;
606 if (!mq_attr_ok(&attr)) 598 if (!mq_attr_ok(attr))
607 goto out; 599 goto out;
608 /* store for use during create */ 600 /* store for use during create */
609 dentry->d_fsdata = &attr; 601 dentry->d_fsdata = attr;
610 } 602 }
611 603
612 mode &= ~current->fs->umask; 604 mode &= ~current->fs->umask;
@@ -663,11 +655,13 @@ asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode,
663 struct dentry *dentry; 655 struct dentry *dentry;
664 struct file *filp; 656 struct file *filp;
665 char *name; 657 char *name;
658 struct mq_attr attr;
666 int fd, error; 659 int fd, error;
667 660
668 error = audit_mq_open(oflag, mode, u_attr); 661 if (u_attr && copy_from_user(&attr, u_attr, sizeof(struct mq_attr)))
669 if (error != 0) 662 return -EFAULT;
670 return error; 663
664 audit_mq_open(oflag, mode, u_attr ? &attr : NULL);
671 665
672 if (IS_ERR(name = getname(u_name))) 666 if (IS_ERR(name = getname(u_name)))
673 return PTR_ERR(name); 667 return PTR_ERR(name);
@@ -693,7 +687,8 @@ asmlinkage long sys_mq_open(const char __user *u_name, int oflag, mode_t mode,
693 filp = do_open(dentry, oflag); 687 filp = do_open(dentry, oflag);
694 } else { 688 } else {
695 filp = do_create(mqueue_mnt->mnt_root, dentry, 689 filp = do_create(mqueue_mnt->mnt_root, dentry,
696 oflag, mode, u_attr); 690 oflag, mode,
691 u_attr ? &attr : NULL);
697 } 692 }
698 } else { 693 } else {
699 error = -ENOENT; 694 error = -ENOENT;
@@ -828,17 +823,22 @@ asmlinkage long sys_mq_timedsend(mqd_t mqdes, const char __user *u_msg_ptr,
828 struct ext_wait_queue *receiver; 823 struct ext_wait_queue *receiver;
829 struct msg_msg *msg_ptr; 824 struct msg_msg *msg_ptr;
830 struct mqueue_inode_info *info; 825 struct mqueue_inode_info *info;
826 struct timespec ts, *p = NULL;
831 long timeout; 827 long timeout;
832 int ret; 828 int ret;
833 829
834 ret = audit_mq_timedsend(mqdes, msg_len, msg_prio, u_abs_timeout); 830 if (u_abs_timeout) {
835 if (ret != 0) 831 if (copy_from_user(&ts, u_abs_timeout,
836 return ret; 832 sizeof(struct timespec)))
833 return -EFAULT;
834 p = &ts;
835 }
837 836
838 if (unlikely(msg_prio >= (unsigned long) MQ_PRIO_MAX)) 837 if (unlikely(msg_prio >= (unsigned long) MQ_PRIO_MAX))
839 return -EINVAL; 838 return -EINVAL;
840 839
841 timeout = prepare_timeout(u_abs_timeout); 840 audit_mq_sendrecv(mqdes, msg_len, msg_prio, p);
841 timeout = prepare_timeout(p);
842 842
843 ret = -EBADF; 843 ret = -EBADF;
844 filp = fget(mqdes); 844 filp = fget(mqdes);
@@ -917,12 +917,17 @@ asmlinkage ssize_t sys_mq_timedreceive(mqd_t mqdes, char __user *u_msg_ptr,
917 struct inode *inode; 917 struct inode *inode;
918 struct mqueue_inode_info *info; 918 struct mqueue_inode_info *info;
919 struct ext_wait_queue wait; 919 struct ext_wait_queue wait;
920 struct timespec ts, *p = NULL;
920 921
921 ret = audit_mq_timedreceive(mqdes, msg_len, u_msg_prio, u_abs_timeout); 922 if (u_abs_timeout) {
922 if (ret != 0) 923 if (copy_from_user(&ts, u_abs_timeout,
923 return ret; 924 sizeof(struct timespec)))
925 return -EFAULT;
926 p = &ts;
927 }
924 928
925 timeout = prepare_timeout(u_abs_timeout); 929 audit_mq_sendrecv(mqdes, msg_len, 0, p);
930 timeout = prepare_timeout(p);
926 931
927 ret = -EBADF; 932 ret = -EBADF;
928 filp = fget(mqdes); 933 filp = fget(mqdes);
@@ -1002,17 +1007,17 @@ asmlinkage long sys_mq_notify(mqd_t mqdes,
1002 struct mqueue_inode_info *info; 1007 struct mqueue_inode_info *info;
1003 struct sk_buff *nc; 1008 struct sk_buff *nc;
1004 1009
1005 ret = audit_mq_notify(mqdes, u_notification); 1010 if (u_notification) {
1006 if (ret != 0)
1007 return ret;
1008
1009 nc = NULL;
1010 sock = NULL;
1011 if (u_notification != NULL) {
1012 if (copy_from_user(&notification, u_notification, 1011 if (copy_from_user(&notification, u_notification,
1013 sizeof(struct sigevent))) 1012 sizeof(struct sigevent)))
1014 return -EFAULT; 1013 return -EFAULT;
1014 }
1015 1015
1016 audit_mq_notify(mqdes, u_notification ? &notification : NULL);
1017
1018 nc = NULL;
1019 sock = NULL;
1020 if (u_notification != NULL) {
1016 if (unlikely(notification.sigev_notify != SIGEV_NONE && 1021 if (unlikely(notification.sigev_notify != SIGEV_NONE &&
1017 notification.sigev_notify != SIGEV_SIGNAL && 1022 notification.sigev_notify != SIGEV_SIGNAL &&
1018 notification.sigev_notify != SIGEV_THREAD)) 1023 notification.sigev_notify != SIGEV_THREAD))
@@ -1149,11 +1154,7 @@ asmlinkage long sys_mq_getsetattr(mqd_t mqdes,
1149 omqstat = info->attr; 1154 omqstat = info->attr;
1150 omqstat.mq_flags = filp->f_flags & O_NONBLOCK; 1155 omqstat.mq_flags = filp->f_flags & O_NONBLOCK;
1151 if (u_mqstat) { 1156 if (u_mqstat) {
1152 ret = audit_mq_getsetattr(mqdes, &mqstat); 1157 audit_mq_getsetattr(mqdes, &mqstat);
1153 if (ret != 0) {
1154 spin_unlock(&info->lock);
1155 goto out_fput;
1156 }
1157 if (mqstat.mq_flags & O_NONBLOCK) 1158 if (mqstat.mq_flags & O_NONBLOCK)
1158 filp->f_flags |= O_NONBLOCK; 1159 filp->f_flags |= O_NONBLOCK;
1159 else 1160 else
diff --git a/ipc/sem.c b/ipc/sem.c
index 082122469b17..fea0ad3aed7b 100644
--- a/ipc/sem.c
+++ b/ipc/sem.c
@@ -58,7 +58,7 @@
58 * SMP-threaded, sysctl's added 58 * SMP-threaded, sysctl's added
59 * (c) 1999 Manfred Spraul <manfred@colorfullife.com> 59 * (c) 1999 Manfred Spraul <manfred@colorfullife.com>
60 * Enforced range limit on SEM_UNDO 60 * Enforced range limit on SEM_UNDO
61 * (c) 2001 Red Hat Inc <alan@redhat.com> 61 * (c) 2001 Red Hat Inc
62 * Lockless wakeup 62 * Lockless wakeup
63 * (c) 2003 Manfred Spraul <manfred@colorfullife.com> 63 * (c) 2003 Manfred Spraul <manfred@colorfullife.com>
64 * 64 *
diff --git a/ipc/shm.c b/ipc/shm.c
index 38a055758a9b..57dd50046cef 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -747,9 +747,7 @@ asmlinkage long sys_shmctl(int shmid, int cmd, struct shmid_ds __user *buf)
747 goto out; 747 goto out;
748 } 748 }
749 749
750 err = audit_ipc_obj(&(shp->shm_perm)); 750 audit_ipc_obj(&(shp->shm_perm));
751 if (err)
752 goto out_unlock;
753 751
754 if (!capable(CAP_IPC_LOCK)) { 752 if (!capable(CAP_IPC_LOCK)) {
755 uid_t euid = current_euid(); 753 uid_t euid = current_euid();
diff --git a/ipc/util.c b/ipc/util.c
index 5a1808c774a2..7585a72e259b 100644
--- a/ipc/util.c
+++ b/ipc/util.c
@@ -624,10 +624,9 @@ void ipc_rcu_putref(void *ptr)
624int ipcperms (struct kern_ipc_perm *ipcp, short flag) 624int ipcperms (struct kern_ipc_perm *ipcp, short flag)
625{ /* flag will most probably be 0 or S_...UGO from <linux/stat.h> */ 625{ /* flag will most probably be 0 or S_...UGO from <linux/stat.h> */
626 uid_t euid = current_euid(); 626 uid_t euid = current_euid();
627 int requested_mode, granted_mode, err; 627 int requested_mode, granted_mode;
628 628
629 if (unlikely((err = audit_ipc_obj(ipcp)))) 629 audit_ipc_obj(ipcp);
630 return err;
631 requested_mode = (flag >> 6) | (flag >> 3) | flag; 630 requested_mode = (flag >> 6) | (flag >> 3) | flag;
632 granted_mode = ipcp->mode; 631 granted_mode = ipcp->mode;
633 if (euid == ipcp->cuid || 632 if (euid == ipcp->cuid ||
@@ -803,16 +802,10 @@ struct kern_ipc_perm *ipcctl_pre_down(struct ipc_ids *ids, int id, int cmd,
803 goto out_up; 802 goto out_up;
804 } 803 }
805 804
806 err = audit_ipc_obj(ipcp); 805 audit_ipc_obj(ipcp);
807 if (err) 806 if (cmd == IPC_SET)
808 goto out_unlock; 807 audit_ipc_set_perm(extra_perm, perm->uid,
809
810 if (cmd == IPC_SET) {
811 err = audit_ipc_set_perm(extra_perm, perm->uid,
812 perm->gid, perm->mode); 808 perm->gid, perm->mode);
813 if (err)
814 goto out_unlock;
815 }
816 809
817 euid = current_euid(); 810 euid = current_euid();
818 if (euid == ipcp->cuid || 811 if (euid == ipcp->cuid ||
@@ -820,7 +813,6 @@ struct kern_ipc_perm *ipcctl_pre_down(struct ipc_ids *ids, int id, int cmd,
820 return ipcp; 813 return ipcp;
821 814
822 err = -EPERM; 815 err = -EPERM;
823out_unlock:
824 ipc_unlock(ipcp); 816 ipc_unlock(ipcp);
825out_up: 817out_up:
826 up_write(&ids->rw_mutex); 818 up_write(&ids->rw_mutex);
diff --git a/kernel/audit.h b/kernel/audit.h
index 9d6717412fec..16f18cac661b 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -159,11 +159,8 @@ static inline int audit_signal_info(int sig, struct task_struct *t)
159 return __audit_signal_info(sig, t); 159 return __audit_signal_info(sig, t);
160 return 0; 160 return 0;
161} 161}
162extern enum audit_state audit_filter_inodes(struct task_struct *, 162extern void audit_filter_inodes(struct task_struct *, struct audit_context *);
163 struct audit_context *);
164extern void audit_set_auditable(struct audit_context *);
165#else 163#else
166#define audit_signal_info(s,t) AUDIT_DISABLED 164#define audit_signal_info(s,t) AUDIT_DISABLED
167#define audit_filter_inodes(t,c) AUDIT_DISABLED 165#define audit_filter_inodes(t,c) AUDIT_DISABLED
168#define audit_set_auditable(c)
169#endif 166#endif
diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c
index 8b509441f49a..8ad9545b8db9 100644
--- a/kernel/audit_tree.c
+++ b/kernel/audit_tree.c
@@ -450,6 +450,7 @@ static void kill_rules(struct audit_tree *tree)
450 audit_log_end(ab); 450 audit_log_end(ab);
451 rule->tree = NULL; 451 rule->tree = NULL;
452 list_del_rcu(&entry->list); 452 list_del_rcu(&entry->list);
453 list_del(&entry->rule.list);
453 call_rcu(&entry->rcu, audit_free_rule_rcu); 454 call_rcu(&entry->rcu, audit_free_rule_rcu);
454 } 455 }
455 } 456 }
@@ -617,7 +618,7 @@ int audit_make_tree(struct audit_krule *rule, char *pathname, u32 op)
617 618
618 if (pathname[0] != '/' || 619 if (pathname[0] != '/' ||
619 rule->listnr != AUDIT_FILTER_EXIT || 620 rule->listnr != AUDIT_FILTER_EXIT ||
620 op & ~AUDIT_EQUAL || 621 op != Audit_equal ||
621 rule->inode_f || rule->watch || rule->tree) 622 rule->inode_f || rule->watch || rule->tree)
622 return -EINVAL; 623 return -EINVAL;
623 rule->tree = alloc_tree(pathname); 624 rule->tree = alloc_tree(pathname);
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 9fd85a4640a0..fbf24d121d97 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -86,6 +86,14 @@ struct list_head audit_filter_list[AUDIT_NR_FILTERS] = {
86#error Fix audit_filter_list initialiser 86#error Fix audit_filter_list initialiser
87#endif 87#endif
88}; 88};
89static struct list_head audit_rules_list[AUDIT_NR_FILTERS] = {
90 LIST_HEAD_INIT(audit_rules_list[0]),
91 LIST_HEAD_INIT(audit_rules_list[1]),
92 LIST_HEAD_INIT(audit_rules_list[2]),
93 LIST_HEAD_INIT(audit_rules_list[3]),
94 LIST_HEAD_INIT(audit_rules_list[4]),
95 LIST_HEAD_INIT(audit_rules_list[5]),
96};
89 97
90DEFINE_MUTEX(audit_filter_mutex); 98DEFINE_MUTEX(audit_filter_mutex);
91 99
@@ -244,7 +252,8 @@ static inline int audit_to_inode(struct audit_krule *krule,
244 struct audit_field *f) 252 struct audit_field *f)
245{ 253{
246 if (krule->listnr != AUDIT_FILTER_EXIT || 254 if (krule->listnr != AUDIT_FILTER_EXIT ||
247 krule->watch || krule->inode_f || krule->tree) 255 krule->watch || krule->inode_f || krule->tree ||
256 (f->op != Audit_equal && f->op != Audit_not_equal))
248 return -EINVAL; 257 return -EINVAL;
249 258
250 krule->inode_f = f; 259 krule->inode_f = f;
@@ -262,7 +271,7 @@ static int audit_to_watch(struct audit_krule *krule, char *path, int len,
262 271
263 if (path[0] != '/' || path[len-1] == '/' || 272 if (path[0] != '/' || path[len-1] == '/' ||
264 krule->listnr != AUDIT_FILTER_EXIT || 273 krule->listnr != AUDIT_FILTER_EXIT ||
265 op & ~AUDIT_EQUAL || 274 op != Audit_equal ||
266 krule->inode_f || krule->watch || krule->tree) 275 krule->inode_f || krule->watch || krule->tree)
267 return -EINVAL; 276 return -EINVAL;
268 277
@@ -412,12 +421,32 @@ exit_err:
412 return ERR_PTR(err); 421 return ERR_PTR(err);
413} 422}
414 423
424static u32 audit_ops[] =
425{
426 [Audit_equal] = AUDIT_EQUAL,
427 [Audit_not_equal] = AUDIT_NOT_EQUAL,
428 [Audit_bitmask] = AUDIT_BIT_MASK,
429 [Audit_bittest] = AUDIT_BIT_TEST,
430 [Audit_lt] = AUDIT_LESS_THAN,
431 [Audit_gt] = AUDIT_GREATER_THAN,
432 [Audit_le] = AUDIT_LESS_THAN_OR_EQUAL,
433 [Audit_ge] = AUDIT_GREATER_THAN_OR_EQUAL,
434};
435
436static u32 audit_to_op(u32 op)
437{
438 u32 n;
439 for (n = Audit_equal; n < Audit_bad && audit_ops[n] != op; n++)
440 ;
441 return n;
442}
443
444
415/* Translate struct audit_rule to kernel's rule respresentation. 445/* Translate struct audit_rule to kernel's rule respresentation.
416 * Exists for backward compatibility with userspace. */ 446 * Exists for backward compatibility with userspace. */
417static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule) 447static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
418{ 448{
419 struct audit_entry *entry; 449 struct audit_entry *entry;
420 struct audit_field *ino_f;
421 int err = 0; 450 int err = 0;
422 int i; 451 int i;
423 452
@@ -427,12 +456,28 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
427 456
428 for (i = 0; i < rule->field_count; i++) { 457 for (i = 0; i < rule->field_count; i++) {
429 struct audit_field *f = &entry->rule.fields[i]; 458 struct audit_field *f = &entry->rule.fields[i];
459 u32 n;
460
461 n = rule->fields[i] & (AUDIT_NEGATE|AUDIT_OPERATORS);
462
463 /* Support for legacy operators where
464 * AUDIT_NEGATE bit signifies != and otherwise assumes == */
465 if (n & AUDIT_NEGATE)
466 f->op = Audit_not_equal;
467 else if (!n)
468 f->op = Audit_equal;
469 else
470 f->op = audit_to_op(n);
471
472 entry->rule.vers_ops = (n & AUDIT_OPERATORS) ? 2 : 1;
430 473
431 f->op = rule->fields[i] & (AUDIT_NEGATE|AUDIT_OPERATORS);
432 f->type = rule->fields[i] & ~(AUDIT_NEGATE|AUDIT_OPERATORS); 474 f->type = rule->fields[i] & ~(AUDIT_NEGATE|AUDIT_OPERATORS);
433 f->val = rule->values[i]; 475 f->val = rule->values[i];
434 476
435 err = -EINVAL; 477 err = -EINVAL;
478 if (f->op == Audit_bad)
479 goto exit_free;
480
436 switch(f->type) { 481 switch(f->type) {
437 default: 482 default:
438 goto exit_free; 483 goto exit_free;
@@ -454,11 +499,8 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
454 case AUDIT_EXIT: 499 case AUDIT_EXIT:
455 case AUDIT_SUCCESS: 500 case AUDIT_SUCCESS:
456 /* bit ops are only useful on syscall args */ 501 /* bit ops are only useful on syscall args */
457 if (f->op == AUDIT_BIT_MASK || 502 if (f->op == Audit_bitmask || f->op == Audit_bittest)
458 f->op == AUDIT_BIT_TEST) {
459 err = -EINVAL;
460 goto exit_free; 503 goto exit_free;
461 }
462 break; 504 break;
463 case AUDIT_ARG0: 505 case AUDIT_ARG0:
464 case AUDIT_ARG1: 506 case AUDIT_ARG1:
@@ -467,11 +509,8 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
467 break; 509 break;
468 /* arch is only allowed to be = or != */ 510 /* arch is only allowed to be = or != */
469 case AUDIT_ARCH: 511 case AUDIT_ARCH:
470 if ((f->op != AUDIT_NOT_EQUAL) && (f->op != AUDIT_EQUAL) 512 if (f->op != Audit_not_equal && f->op != Audit_equal)
471 && (f->op != AUDIT_NEGATE) && (f->op)) {
472 err = -EINVAL;
473 goto exit_free; 513 goto exit_free;
474 }
475 entry->rule.arch_f = f; 514 entry->rule.arch_f = f;
476 break; 515 break;
477 case AUDIT_PERM: 516 case AUDIT_PERM:
@@ -488,33 +527,10 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
488 goto exit_free; 527 goto exit_free;
489 break; 528 break;
490 } 529 }
491
492 entry->rule.vers_ops = (f->op & AUDIT_OPERATORS) ? 2 : 1;
493
494 /* Support for legacy operators where
495 * AUDIT_NEGATE bit signifies != and otherwise assumes == */
496 if (f->op & AUDIT_NEGATE)
497 f->op = AUDIT_NOT_EQUAL;
498 else if (!f->op)
499 f->op = AUDIT_EQUAL;
500 else if (f->op == AUDIT_OPERATORS) {
501 err = -EINVAL;
502 goto exit_free;
503 }
504 } 530 }
505 531
506 ino_f = entry->rule.inode_f; 532 if (entry->rule.inode_f && entry->rule.inode_f->op == Audit_not_equal)
507 if (ino_f) { 533 entry->rule.inode_f = NULL;
508 switch(ino_f->op) {
509 case AUDIT_NOT_EQUAL:
510 entry->rule.inode_f = NULL;
511 case AUDIT_EQUAL:
512 break;
513 default:
514 err = -EINVAL;
515 goto exit_free;
516 }
517 }
518 534
519exit_nofree: 535exit_nofree:
520 return entry; 536 return entry;
@@ -530,7 +546,6 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
530{ 546{
531 int err = 0; 547 int err = 0;
532 struct audit_entry *entry; 548 struct audit_entry *entry;
533 struct audit_field *ino_f;
534 void *bufp; 549 void *bufp;
535 size_t remain = datasz - sizeof(struct audit_rule_data); 550 size_t remain = datasz - sizeof(struct audit_rule_data);
536 int i; 551 int i;
@@ -546,11 +561,11 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
546 struct audit_field *f = &entry->rule.fields[i]; 561 struct audit_field *f = &entry->rule.fields[i];
547 562
548 err = -EINVAL; 563 err = -EINVAL;
549 if (!(data->fieldflags[i] & AUDIT_OPERATORS) || 564
550 data->fieldflags[i] & ~AUDIT_OPERATORS) 565 f->op = audit_to_op(data->fieldflags[i]);
566 if (f->op == Audit_bad)
551 goto exit_free; 567 goto exit_free;
552 568
553 f->op = data->fieldflags[i] & AUDIT_OPERATORS;
554 f->type = data->fields[i]; 569 f->type = data->fields[i];
555 f->val = data->values[i]; 570 f->val = data->values[i];
556 f->lsm_str = NULL; 571 f->lsm_str = NULL;
@@ -662,18 +677,8 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
662 } 677 }
663 } 678 }
664 679
665 ino_f = entry->rule.inode_f; 680 if (entry->rule.inode_f && entry->rule.inode_f->op == Audit_not_equal)
666 if (ino_f) { 681 entry->rule.inode_f = NULL;
667 switch(ino_f->op) {
668 case AUDIT_NOT_EQUAL:
669 entry->rule.inode_f = NULL;
670 case AUDIT_EQUAL:
671 break;
672 default:
673 err = -EINVAL;
674 goto exit_free;
675 }
676 }
677 682
678exit_nofree: 683exit_nofree:
679 return entry; 684 return entry;
@@ -713,10 +718,10 @@ static struct audit_rule *audit_krule_to_rule(struct audit_krule *krule)
713 rule->fields[i] = krule->fields[i].type; 718 rule->fields[i] = krule->fields[i].type;
714 719
715 if (krule->vers_ops == 1) { 720 if (krule->vers_ops == 1) {
716 if (krule->fields[i].op & AUDIT_NOT_EQUAL) 721 if (krule->fields[i].op == Audit_not_equal)
717 rule->fields[i] |= AUDIT_NEGATE; 722 rule->fields[i] |= AUDIT_NEGATE;
718 } else { 723 } else {
719 rule->fields[i] |= krule->fields[i].op; 724 rule->fields[i] |= audit_ops[krule->fields[i].op];
720 } 725 }
721 } 726 }
722 for (i = 0; i < AUDIT_BITMASK_SIZE; i++) rule->mask[i] = krule->mask[i]; 727 for (i = 0; i < AUDIT_BITMASK_SIZE; i++) rule->mask[i] = krule->mask[i];
@@ -744,7 +749,7 @@ static struct audit_rule_data *audit_krule_to_data(struct audit_krule *krule)
744 struct audit_field *f = &krule->fields[i]; 749 struct audit_field *f = &krule->fields[i];
745 750
746 data->fields[i] = f->type; 751 data->fields[i] = f->type;
747 data->fieldflags[i] = f->op; 752 data->fieldflags[i] = audit_ops[f->op];
748 switch(f->type) { 753 switch(f->type) {
749 case AUDIT_SUBJ_USER: 754 case AUDIT_SUBJ_USER:
750 case AUDIT_SUBJ_ROLE: 755 case AUDIT_SUBJ_ROLE:
@@ -919,6 +924,7 @@ static struct audit_entry *audit_dupe_rule(struct audit_krule *old,
919 new->action = old->action; 924 new->action = old->action;
920 for (i = 0; i < AUDIT_BITMASK_SIZE; i++) 925 for (i = 0; i < AUDIT_BITMASK_SIZE; i++)
921 new->mask[i] = old->mask[i]; 926 new->mask[i] = old->mask[i];
927 new->prio = old->prio;
922 new->buflen = old->buflen; 928 new->buflen = old->buflen;
923 new->inode_f = old->inode_f; 929 new->inode_f = old->inode_f;
924 new->watch = NULL; 930 new->watch = NULL;
@@ -987,9 +993,8 @@ static void audit_update_watch(struct audit_parent *parent,
987 993
988 /* If the update involves invalidating rules, do the inode-based 994 /* If the update involves invalidating rules, do the inode-based
989 * filtering now, so we don't omit records. */ 995 * filtering now, so we don't omit records. */
990 if (invalidating && current->audit_context && 996 if (invalidating && current->audit_context)
991 audit_filter_inodes(current, current->audit_context) == AUDIT_RECORD_CONTEXT) 997 audit_filter_inodes(current, current->audit_context);
992 audit_set_auditable(current->audit_context);
993 998
994 nwatch = audit_dupe_watch(owatch); 999 nwatch = audit_dupe_watch(owatch);
995 if (IS_ERR(nwatch)) { 1000 if (IS_ERR(nwatch)) {
@@ -1007,12 +1012,15 @@ static void audit_update_watch(struct audit_parent *parent,
1007 list_del_rcu(&oentry->list); 1012 list_del_rcu(&oentry->list);
1008 1013
1009 nentry = audit_dupe_rule(&oentry->rule, nwatch); 1014 nentry = audit_dupe_rule(&oentry->rule, nwatch);
1010 if (IS_ERR(nentry)) 1015 if (IS_ERR(nentry)) {
1016 list_del(&oentry->rule.list);
1011 audit_panic("error updating watch, removing"); 1017 audit_panic("error updating watch, removing");
1012 else { 1018 } else {
1013 int h = audit_hash_ino((u32)ino); 1019 int h = audit_hash_ino((u32)ino);
1014 list_add(&nentry->rule.rlist, &nwatch->rules); 1020 list_add(&nentry->rule.rlist, &nwatch->rules);
1015 list_add_rcu(&nentry->list, &audit_inode_hash[h]); 1021 list_add_rcu(&nentry->list, &audit_inode_hash[h]);
1022 list_replace(&oentry->rule.list,
1023 &nentry->rule.list);
1016 } 1024 }
1017 1025
1018 call_rcu(&oentry->rcu, audit_free_rule_rcu); 1026 call_rcu(&oentry->rcu, audit_free_rule_rcu);
@@ -1077,6 +1085,7 @@ static void audit_remove_parent_watches(struct audit_parent *parent)
1077 audit_log_end(ab); 1085 audit_log_end(ab);
1078 } 1086 }
1079 list_del(&r->rlist); 1087 list_del(&r->rlist);
1088 list_del(&r->list);
1080 list_del_rcu(&e->list); 1089 list_del_rcu(&e->list);
1081 call_rcu(&e->rcu, audit_free_rule_rcu); 1090 call_rcu(&e->rcu, audit_free_rule_rcu);
1082 } 1091 }
@@ -1102,12 +1111,16 @@ static void audit_inotify_unregister(struct list_head *in_list)
1102/* Find an existing audit rule. 1111/* Find an existing audit rule.
1103 * Caller must hold audit_filter_mutex to prevent stale rule data. */ 1112 * Caller must hold audit_filter_mutex to prevent stale rule data. */
1104static struct audit_entry *audit_find_rule(struct audit_entry *entry, 1113static struct audit_entry *audit_find_rule(struct audit_entry *entry,
1105 struct list_head *list) 1114 struct list_head **p)
1106{ 1115{
1107 struct audit_entry *e, *found = NULL; 1116 struct audit_entry *e, *found = NULL;
1117 struct list_head *list;
1108 int h; 1118 int h;
1109 1119
1110 if (entry->rule.watch) { 1120 if (entry->rule.inode_f) {
1121 h = audit_hash_ino(entry->rule.inode_f->val);
1122 *p = list = &audit_inode_hash[h];
1123 } else if (entry->rule.watch) {
1111 /* we don't know the inode number, so must walk entire hash */ 1124 /* we don't know the inode number, so must walk entire hash */
1112 for (h = 0; h < AUDIT_INODE_BUCKETS; h++) { 1125 for (h = 0; h < AUDIT_INODE_BUCKETS; h++) {
1113 list = &audit_inode_hash[h]; 1126 list = &audit_inode_hash[h];
@@ -1118,6 +1131,8 @@ static struct audit_entry *audit_find_rule(struct audit_entry *entry,
1118 } 1131 }
1119 } 1132 }
1120 goto out; 1133 goto out;
1134 } else {
1135 *p = list = &audit_filter_list[entry->rule.listnr];
1121 } 1136 }
1122 1137
1123 list_for_each_entry(e, list, list) 1138 list_for_each_entry(e, list, list)
@@ -1258,15 +1273,17 @@ static int audit_add_watch(struct audit_krule *krule, struct nameidata *ndp,
1258 return ret; 1273 return ret;
1259} 1274}
1260 1275
1276static u64 prio_low = ~0ULL/2;
1277static u64 prio_high = ~0ULL/2 - 1;
1278
1261/* Add rule to given filterlist if not a duplicate. */ 1279/* Add rule to given filterlist if not a duplicate. */
1262static inline int audit_add_rule(struct audit_entry *entry, 1280static inline int audit_add_rule(struct audit_entry *entry)
1263 struct list_head *list)
1264{ 1281{
1265 struct audit_entry *e; 1282 struct audit_entry *e;
1266 struct audit_field *inode_f = entry->rule.inode_f;
1267 struct audit_watch *watch = entry->rule.watch; 1283 struct audit_watch *watch = entry->rule.watch;
1268 struct audit_tree *tree = entry->rule.tree; 1284 struct audit_tree *tree = entry->rule.tree;
1269 struct nameidata *ndp = NULL, *ndw = NULL; 1285 struct nameidata *ndp = NULL, *ndw = NULL;
1286 struct list_head *list;
1270 int h, err; 1287 int h, err;
1271#ifdef CONFIG_AUDITSYSCALL 1288#ifdef CONFIG_AUDITSYSCALL
1272 int dont_count = 0; 1289 int dont_count = 0;
@@ -1277,13 +1294,8 @@ static inline int audit_add_rule(struct audit_entry *entry,
1277 dont_count = 1; 1294 dont_count = 1;
1278#endif 1295#endif
1279 1296
1280 if (inode_f) {
1281 h = audit_hash_ino(inode_f->val);
1282 list = &audit_inode_hash[h];
1283 }
1284
1285 mutex_lock(&audit_filter_mutex); 1297 mutex_lock(&audit_filter_mutex);
1286 e = audit_find_rule(entry, list); 1298 e = audit_find_rule(entry, &list);
1287 mutex_unlock(&audit_filter_mutex); 1299 mutex_unlock(&audit_filter_mutex);
1288 if (e) { 1300 if (e) {
1289 err = -EEXIST; 1301 err = -EEXIST;
@@ -1319,10 +1331,22 @@ static inline int audit_add_rule(struct audit_entry *entry,
1319 } 1331 }
1320 } 1332 }
1321 1333
1334 entry->rule.prio = ~0ULL;
1335 if (entry->rule.listnr == AUDIT_FILTER_EXIT) {
1336 if (entry->rule.flags & AUDIT_FILTER_PREPEND)
1337 entry->rule.prio = ++prio_high;
1338 else
1339 entry->rule.prio = --prio_low;
1340 }
1341
1322 if (entry->rule.flags & AUDIT_FILTER_PREPEND) { 1342 if (entry->rule.flags & AUDIT_FILTER_PREPEND) {
1343 list_add(&entry->rule.list,
1344 &audit_rules_list[entry->rule.listnr]);
1323 list_add_rcu(&entry->list, list); 1345 list_add_rcu(&entry->list, list);
1324 entry->rule.flags &= ~AUDIT_FILTER_PREPEND; 1346 entry->rule.flags &= ~AUDIT_FILTER_PREPEND;
1325 } else { 1347 } else {
1348 list_add_tail(&entry->rule.list,
1349 &audit_rules_list[entry->rule.listnr]);
1326 list_add_tail_rcu(&entry->list, list); 1350 list_add_tail_rcu(&entry->list, list);
1327 } 1351 }
1328#ifdef CONFIG_AUDITSYSCALL 1352#ifdef CONFIG_AUDITSYSCALL
@@ -1345,15 +1369,14 @@ error:
1345} 1369}
1346 1370
1347/* Remove an existing rule from filterlist. */ 1371/* Remove an existing rule from filterlist. */
1348static inline int audit_del_rule(struct audit_entry *entry, 1372static inline int audit_del_rule(struct audit_entry *entry)
1349 struct list_head *list)
1350{ 1373{
1351 struct audit_entry *e; 1374 struct audit_entry *e;
1352 struct audit_field *inode_f = entry->rule.inode_f;
1353 struct audit_watch *watch, *tmp_watch = entry->rule.watch; 1375 struct audit_watch *watch, *tmp_watch = entry->rule.watch;
1354 struct audit_tree *tree = entry->rule.tree; 1376 struct audit_tree *tree = entry->rule.tree;
1377 struct list_head *list;
1355 LIST_HEAD(inotify_list); 1378 LIST_HEAD(inotify_list);
1356 int h, ret = 0; 1379 int ret = 0;
1357#ifdef CONFIG_AUDITSYSCALL 1380#ifdef CONFIG_AUDITSYSCALL
1358 int dont_count = 0; 1381 int dont_count = 0;
1359 1382
@@ -1363,13 +1386,8 @@ static inline int audit_del_rule(struct audit_entry *entry,
1363 dont_count = 1; 1386 dont_count = 1;
1364#endif 1387#endif
1365 1388
1366 if (inode_f) {
1367 h = audit_hash_ino(inode_f->val);
1368 list = &audit_inode_hash[h];
1369 }
1370
1371 mutex_lock(&audit_filter_mutex); 1389 mutex_lock(&audit_filter_mutex);
1372 e = audit_find_rule(entry, list); 1390 e = audit_find_rule(entry, &list);
1373 if (!e) { 1391 if (!e) {
1374 mutex_unlock(&audit_filter_mutex); 1392 mutex_unlock(&audit_filter_mutex);
1375 ret = -ENOENT; 1393 ret = -ENOENT;
@@ -1404,6 +1422,7 @@ static inline int audit_del_rule(struct audit_entry *entry,
1404 audit_remove_tree_rule(&e->rule); 1422 audit_remove_tree_rule(&e->rule);
1405 1423
1406 list_del_rcu(&e->list); 1424 list_del_rcu(&e->list);
1425 list_del(&e->rule.list);
1407 call_rcu(&e->rcu, audit_free_rule_rcu); 1426 call_rcu(&e->rcu, audit_free_rule_rcu);
1408 1427
1409#ifdef CONFIG_AUDITSYSCALL 1428#ifdef CONFIG_AUDITSYSCALL
@@ -1432,30 +1451,16 @@ out:
1432static void audit_list(int pid, int seq, struct sk_buff_head *q) 1451static void audit_list(int pid, int seq, struct sk_buff_head *q)
1433{ 1452{
1434 struct sk_buff *skb; 1453 struct sk_buff *skb;
1435 struct audit_entry *entry; 1454 struct audit_krule *r;
1436 int i; 1455 int i;
1437 1456
1438 /* This is a blocking read, so use audit_filter_mutex instead of rcu 1457 /* This is a blocking read, so use audit_filter_mutex instead of rcu
1439 * iterator to sync with list writers. */ 1458 * iterator to sync with list writers. */
1440 for (i=0; i<AUDIT_NR_FILTERS; i++) { 1459 for (i=0; i<AUDIT_NR_FILTERS; i++) {
1441 list_for_each_entry(entry, &audit_filter_list[i], list) { 1460 list_for_each_entry(r, &audit_rules_list[i], list) {
1442 struct audit_rule *rule;
1443
1444 rule = audit_krule_to_rule(&entry->rule);
1445 if (unlikely(!rule))
1446 break;
1447 skb = audit_make_reply(pid, seq, AUDIT_LIST, 0, 1,
1448 rule, sizeof(*rule));
1449 if (skb)
1450 skb_queue_tail(q, skb);
1451 kfree(rule);
1452 }
1453 }
1454 for (i = 0; i < AUDIT_INODE_BUCKETS; i++) {
1455 list_for_each_entry(entry, &audit_inode_hash[i], list) {
1456 struct audit_rule *rule; 1461 struct audit_rule *rule;
1457 1462
1458 rule = audit_krule_to_rule(&entry->rule); 1463 rule = audit_krule_to_rule(r);
1459 if (unlikely(!rule)) 1464 if (unlikely(!rule))
1460 break; 1465 break;
1461 skb = audit_make_reply(pid, seq, AUDIT_LIST, 0, 1, 1466 skb = audit_make_reply(pid, seq, AUDIT_LIST, 0, 1,
@@ -1474,30 +1479,16 @@ static void audit_list(int pid, int seq, struct sk_buff_head *q)
1474static void audit_list_rules(int pid, int seq, struct sk_buff_head *q) 1479static void audit_list_rules(int pid, int seq, struct sk_buff_head *q)
1475{ 1480{
1476 struct sk_buff *skb; 1481 struct sk_buff *skb;
1477 struct audit_entry *e; 1482 struct audit_krule *r;
1478 int i; 1483 int i;
1479 1484
1480 /* This is a blocking read, so use audit_filter_mutex instead of rcu 1485 /* This is a blocking read, so use audit_filter_mutex instead of rcu
1481 * iterator to sync with list writers. */ 1486 * iterator to sync with list writers. */
1482 for (i=0; i<AUDIT_NR_FILTERS; i++) { 1487 for (i=0; i<AUDIT_NR_FILTERS; i++) {
1483 list_for_each_entry(e, &audit_filter_list[i], list) { 1488 list_for_each_entry(r, &audit_rules_list[i], list) {
1484 struct audit_rule_data *data;
1485
1486 data = audit_krule_to_data(&e->rule);
1487 if (unlikely(!data))
1488 break;
1489 skb = audit_make_reply(pid, seq, AUDIT_LIST_RULES, 0, 1,
1490 data, sizeof(*data) + data->buflen);
1491 if (skb)
1492 skb_queue_tail(q, skb);
1493 kfree(data);
1494 }
1495 }
1496 for (i=0; i< AUDIT_INODE_BUCKETS; i++) {
1497 list_for_each_entry(e, &audit_inode_hash[i], list) {
1498 struct audit_rule_data *data; 1489 struct audit_rule_data *data;
1499 1490
1500 data = audit_krule_to_data(&e->rule); 1491 data = audit_krule_to_data(r);
1501 if (unlikely(!data)) 1492 if (unlikely(!data))
1502 break; 1493 break;
1503 skb = audit_make_reply(pid, seq, AUDIT_LIST_RULES, 0, 1, 1494 skb = audit_make_reply(pid, seq, AUDIT_LIST_RULES, 0, 1,
@@ -1603,8 +1594,7 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
1603 if (IS_ERR(entry)) 1594 if (IS_ERR(entry))
1604 return PTR_ERR(entry); 1595 return PTR_ERR(entry);
1605 1596
1606 err = audit_add_rule(entry, 1597 err = audit_add_rule(entry);
1607 &audit_filter_list[entry->rule.listnr]);
1608 audit_log_rule_change(loginuid, sessionid, sid, "add", 1598 audit_log_rule_change(loginuid, sessionid, sid, "add",
1609 &entry->rule, !err); 1599 &entry->rule, !err);
1610 1600
@@ -1620,8 +1610,7 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
1620 if (IS_ERR(entry)) 1610 if (IS_ERR(entry))
1621 return PTR_ERR(entry); 1611 return PTR_ERR(entry);
1622 1612
1623 err = audit_del_rule(entry, 1613 err = audit_del_rule(entry);
1624 &audit_filter_list[entry->rule.listnr]);
1625 audit_log_rule_change(loginuid, sessionid, sid, "remove", 1614 audit_log_rule_change(loginuid, sessionid, sid, "remove",
1626 &entry->rule, !err); 1615 &entry->rule, !err);
1627 1616
@@ -1634,28 +1623,29 @@ int audit_receive_filter(int type, int pid, int uid, int seq, void *data,
1634 return err; 1623 return err;
1635} 1624}
1636 1625
1637int audit_comparator(const u32 left, const u32 op, const u32 right) 1626int audit_comparator(u32 left, u32 op, u32 right)
1638{ 1627{
1639 switch (op) { 1628 switch (op) {
1640 case AUDIT_EQUAL: 1629 case Audit_equal:
1641 return (left == right); 1630 return (left == right);
1642 case AUDIT_NOT_EQUAL: 1631 case Audit_not_equal:
1643 return (left != right); 1632 return (left != right);
1644 case AUDIT_LESS_THAN: 1633 case Audit_lt:
1645 return (left < right); 1634 return (left < right);
1646 case AUDIT_LESS_THAN_OR_EQUAL: 1635 case Audit_le:
1647 return (left <= right); 1636 return (left <= right);
1648 case AUDIT_GREATER_THAN: 1637 case Audit_gt:
1649 return (left > right); 1638 return (left > right);
1650 case AUDIT_GREATER_THAN_OR_EQUAL: 1639 case Audit_ge:
1651 return (left >= right); 1640 return (left >= right);
1652 case AUDIT_BIT_MASK: 1641 case Audit_bitmask:
1653 return (left & right); 1642 return (left & right);
1654 case AUDIT_BIT_TEST: 1643 case Audit_bittest:
1655 return ((left & right) == right); 1644 return ((left & right) == right);
1645 default:
1646 BUG();
1647 return 0;
1656 } 1648 }
1657 BUG();
1658 return 0;
1659} 1649}
1660 1650
1661/* Compare given dentry name with last component in given path, 1651/* Compare given dentry name with last component in given path,
@@ -1778,6 +1768,43 @@ unlock_and_return:
1778 return result; 1768 return result;
1779} 1769}
1780 1770
1771static int update_lsm_rule(struct audit_krule *r)
1772{
1773 struct audit_entry *entry = container_of(r, struct audit_entry, rule);
1774 struct audit_entry *nentry;
1775 struct audit_watch *watch;
1776 struct audit_tree *tree;
1777 int err = 0;
1778
1779 if (!security_audit_rule_known(r))
1780 return 0;
1781
1782 watch = r->watch;
1783 tree = r->tree;
1784 nentry = audit_dupe_rule(r, watch);
1785 if (IS_ERR(nentry)) {
1786 /* save the first error encountered for the
1787 * return value */
1788 err = PTR_ERR(nentry);
1789 audit_panic("error updating LSM filters");
1790 if (watch)
1791 list_del(&r->rlist);
1792 list_del_rcu(&entry->list);
1793 list_del(&r->list);
1794 } else {
1795 if (watch) {
1796 list_add(&nentry->rule.rlist, &watch->rules);
1797 list_del(&r->rlist);
1798 } else if (tree)
1799 list_replace_init(&r->rlist, &nentry->rule.rlist);
1800 list_replace_rcu(&entry->list, &nentry->list);
1801 list_replace(&r->list, &nentry->rule.list);
1802 }
1803 call_rcu(&entry->rcu, audit_free_rule_rcu);
1804
1805 return err;
1806}
1807
1781/* This function will re-initialize the lsm_rule field of all applicable rules. 1808/* This function will re-initialize the lsm_rule field of all applicable rules.
1782 * It will traverse the filter lists serarching for rules that contain LSM 1809 * It will traverse the filter lists serarching for rules that contain LSM
1783 * specific filter fields. When such a rule is found, it is copied, the 1810 * specific filter fields. When such a rule is found, it is copied, the
@@ -1785,45 +1812,19 @@ unlock_and_return:
1785 * updated rule. */ 1812 * updated rule. */
1786int audit_update_lsm_rules(void) 1813int audit_update_lsm_rules(void)
1787{ 1814{
1788 struct audit_entry *entry, *n, *nentry; 1815 struct audit_krule *r, *n;
1789 struct audit_watch *watch;
1790 struct audit_tree *tree;
1791 int i, err = 0; 1816 int i, err = 0;
1792 1817
1793 /* audit_filter_mutex synchronizes the writers */ 1818 /* audit_filter_mutex synchronizes the writers */
1794 mutex_lock(&audit_filter_mutex); 1819 mutex_lock(&audit_filter_mutex);
1795 1820
1796 for (i = 0; i < AUDIT_NR_FILTERS; i++) { 1821 for (i = 0; i < AUDIT_NR_FILTERS; i++) {
1797 list_for_each_entry_safe(entry, n, &audit_filter_list[i], list) { 1822 list_for_each_entry_safe(r, n, &audit_rules_list[i], list) {
1798 if (!security_audit_rule_known(&entry->rule)) 1823 int res = update_lsm_rule(r);
1799 continue; 1824 if (!err)
1800 1825 err = res;
1801 watch = entry->rule.watch;
1802 tree = entry->rule.tree;
1803 nentry = audit_dupe_rule(&entry->rule, watch);
1804 if (IS_ERR(nentry)) {
1805 /* save the first error encountered for the
1806 * return value */
1807 if (!err)
1808 err = PTR_ERR(nentry);
1809 audit_panic("error updating LSM filters");
1810 if (watch)
1811 list_del(&entry->rule.rlist);
1812 list_del_rcu(&entry->list);
1813 } else {
1814 if (watch) {
1815 list_add(&nentry->rule.rlist,
1816 &watch->rules);
1817 list_del(&entry->rule.rlist);
1818 } else if (tree)
1819 list_replace_init(&entry->rule.rlist,
1820 &nentry->rule.rlist);
1821 list_replace_rcu(&entry->list, &nentry->list);
1822 }
1823 call_rcu(&entry->rcu, audit_free_rule_rcu);
1824 } 1826 }
1825 } 1827 }
1826
1827 mutex_unlock(&audit_filter_mutex); 1828 mutex_unlock(&audit_filter_mutex);
1828 1829
1829 return err; 1830 return err;
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 4819f3711973..8cbddff6c283 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -124,43 +124,6 @@ struct audit_aux_data {
124/* Number of target pids per aux struct. */ 124/* Number of target pids per aux struct. */
125#define AUDIT_AUX_PIDS 16 125#define AUDIT_AUX_PIDS 16
126 126
127struct audit_aux_data_mq_open {
128 struct audit_aux_data d;
129 int oflag;
130 mode_t mode;
131 struct mq_attr attr;
132};
133
134struct audit_aux_data_mq_sendrecv {
135 struct audit_aux_data d;
136 mqd_t mqdes;
137 size_t msg_len;
138 unsigned int msg_prio;
139 struct timespec abs_timeout;
140};
141
142struct audit_aux_data_mq_notify {
143 struct audit_aux_data d;
144 mqd_t mqdes;
145 struct sigevent notification;
146};
147
148struct audit_aux_data_mq_getsetattr {
149 struct audit_aux_data d;
150 mqd_t mqdes;
151 struct mq_attr mqstat;
152};
153
154struct audit_aux_data_ipcctl {
155 struct audit_aux_data d;
156 struct ipc_perm p;
157 unsigned long qbytes;
158 uid_t uid;
159 gid_t gid;
160 mode_t mode;
161 u32 osid;
162};
163
164struct audit_aux_data_execve { 127struct audit_aux_data_execve {
165 struct audit_aux_data d; 128 struct audit_aux_data d;
166 int argc; 129 int argc;
@@ -168,23 +131,6 @@ struct audit_aux_data_execve {
168 struct mm_struct *mm; 131 struct mm_struct *mm;
169}; 132};
170 133
171struct audit_aux_data_socketcall {
172 struct audit_aux_data d;
173 int nargs;
174 unsigned long args[0];
175};
176
177struct audit_aux_data_sockaddr {
178 struct audit_aux_data d;
179 int len;
180 char a[0];
181};
182
183struct audit_aux_data_fd_pair {
184 struct audit_aux_data d;
185 int fd[2];
186};
187
188struct audit_aux_data_pids { 134struct audit_aux_data_pids {
189 struct audit_aux_data d; 135 struct audit_aux_data d;
190 pid_t target_pid[AUDIT_AUX_PIDS]; 136 pid_t target_pid[AUDIT_AUX_PIDS];
@@ -219,14 +165,14 @@ struct audit_tree_refs {
219struct audit_context { 165struct audit_context {
220 int dummy; /* must be the first element */ 166 int dummy; /* must be the first element */
221 int in_syscall; /* 1 if task is in a syscall */ 167 int in_syscall; /* 1 if task is in a syscall */
222 enum audit_state state; 168 enum audit_state state, current_state;
223 unsigned int serial; /* serial number for record */ 169 unsigned int serial; /* serial number for record */
224 struct timespec ctime; /* time of syscall entry */ 170 struct timespec ctime; /* time of syscall entry */
225 int major; /* syscall number */ 171 int major; /* syscall number */
226 unsigned long argv[4]; /* syscall arguments */ 172 unsigned long argv[4]; /* syscall arguments */
227 int return_valid; /* return code is valid */ 173 int return_valid; /* return code is valid */
228 long return_code;/* syscall return code */ 174 long return_code;/* syscall return code */
229 int auditable; /* 1 if record should be written */ 175 u64 prio;
230 int name_count; 176 int name_count;
231 struct audit_names names[AUDIT_NAMES]; 177 struct audit_names names[AUDIT_NAMES];
232 char * filterkey; /* key for rule that triggered record */ 178 char * filterkey; /* key for rule that triggered record */
@@ -234,7 +180,8 @@ struct audit_context {
234 struct audit_context *previous; /* For nested syscalls */ 180 struct audit_context *previous; /* For nested syscalls */
235 struct audit_aux_data *aux; 181 struct audit_aux_data *aux;
236 struct audit_aux_data *aux_pids; 182 struct audit_aux_data *aux_pids;
237 183 struct sockaddr_storage *sockaddr;
184 size_t sockaddr_len;
238 /* Save things to print about task_struct */ 185 /* Save things to print about task_struct */
239 pid_t pid, ppid; 186 pid_t pid, ppid;
240 uid_t uid, euid, suid, fsuid; 187 uid_t uid, euid, suid, fsuid;
@@ -252,6 +199,49 @@ struct audit_context {
252 struct audit_tree_refs *trees, *first_trees; 199 struct audit_tree_refs *trees, *first_trees;
253 int tree_count; 200 int tree_count;
254 201
202 int type;
203 union {
204 struct {
205 int nargs;
206 long args[6];
207 } socketcall;
208 struct {
209 uid_t uid;
210 gid_t gid;
211 mode_t mode;
212 u32 osid;
213 int has_perm;
214 uid_t perm_uid;
215 gid_t perm_gid;
216 mode_t perm_mode;
217 unsigned long qbytes;
218 } ipc;
219 struct {
220 mqd_t mqdes;
221 struct mq_attr mqstat;
222 } mq_getsetattr;
223 struct {
224 mqd_t mqdes;
225 int sigev_signo;
226 } mq_notify;
227 struct {
228 mqd_t mqdes;
229 size_t msg_len;
230 unsigned int msg_prio;
231 struct timespec abs_timeout;
232 } mq_sendrecv;
233 struct {
234 int oflag;
235 mode_t mode;
236 struct mq_attr attr;
237 } mq_open;
238 struct {
239 pid_t pid;
240 struct audit_cap_data cap;
241 } capset;
242 };
243 int fds[2];
244
255#if AUDIT_DEBUG 245#if AUDIT_DEBUG
256 int put_count; 246 int put_count;
257 int ino_count; 247 int ino_count;
@@ -608,19 +598,12 @@ static int audit_filter_rules(struct task_struct *tsk,
608 } 598 }
609 } 599 }
610 /* Find ipc objects that match */ 600 /* Find ipc objects that match */
611 if (ctx) { 601 if (!ctx || ctx->type != AUDIT_IPC)
612 struct audit_aux_data *aux; 602 break;
613 for (aux = ctx->aux; aux; 603 if (security_audit_rule_match(ctx->ipc.osid,
614 aux = aux->next) { 604 f->type, f->op,
615 if (aux->type == AUDIT_IPC) { 605 f->lsm_rule, ctx))
616 struct audit_aux_data_ipcctl *axi = (void *)aux; 606 ++result;
617 if (security_audit_rule_match(axi->osid, f->type, f->op, f->lsm_rule, ctx)) {
618 ++result;
619 break;
620 }
621 }
622 }
623 }
624 } 607 }
625 break; 608 break;
626 case AUDIT_ARG0: 609 case AUDIT_ARG0:
@@ -647,8 +630,16 @@ static int audit_filter_rules(struct task_struct *tsk,
647 return 0; 630 return 0;
648 } 631 }
649 } 632 }
650 if (rule->filterkey && ctx) 633
651 ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC); 634 if (ctx) {
635 if (rule->prio <= ctx->prio)
636 return 0;
637 if (rule->filterkey) {
638 kfree(ctx->filterkey);
639 ctx->filterkey = kstrdup(rule->filterkey, GFP_ATOMIC);
640 }
641 ctx->prio = rule->prio;
642 }
652 switch (rule->action) { 643 switch (rule->action) {
653 case AUDIT_NEVER: *state = AUDIT_DISABLED; break; 644 case AUDIT_NEVER: *state = AUDIT_DISABLED; break;
654 case AUDIT_ALWAYS: *state = AUDIT_RECORD_CONTEXT; break; 645 case AUDIT_ALWAYS: *state = AUDIT_RECORD_CONTEXT; break;
@@ -661,7 +652,7 @@ static int audit_filter_rules(struct task_struct *tsk,
661 * completely disabled for this task. Since we only have the task 652 * completely disabled for this task. Since we only have the task
662 * structure at this point, we can only check uid and gid. 653 * structure at this point, we can only check uid and gid.
663 */ 654 */
664static enum audit_state audit_filter_task(struct task_struct *tsk) 655static enum audit_state audit_filter_task(struct task_struct *tsk, char **key)
665{ 656{
666 struct audit_entry *e; 657 struct audit_entry *e;
667 enum audit_state state; 658 enum audit_state state;
@@ -669,6 +660,8 @@ static enum audit_state audit_filter_task(struct task_struct *tsk)
669 rcu_read_lock(); 660 rcu_read_lock();
670 list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_TASK], list) { 661 list_for_each_entry_rcu(e, &audit_filter_list[AUDIT_FILTER_TASK], list) {
671 if (audit_filter_rules(tsk, &e->rule, NULL, NULL, &state)) { 662 if (audit_filter_rules(tsk, &e->rule, NULL, NULL, &state)) {
663 if (state == AUDIT_RECORD_CONTEXT)
664 *key = kstrdup(e->rule.filterkey, GFP_ATOMIC);
672 rcu_read_unlock(); 665 rcu_read_unlock();
673 return state; 666 return state;
674 } 667 }
@@ -702,6 +695,7 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk,
702 audit_filter_rules(tsk, &e->rule, ctx, NULL, 695 audit_filter_rules(tsk, &e->rule, ctx, NULL,
703 &state)) { 696 &state)) {
704 rcu_read_unlock(); 697 rcu_read_unlock();
698 ctx->current_state = state;
705 return state; 699 return state;
706 } 700 }
707 } 701 }
@@ -715,15 +709,14 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk,
715 * buckets applicable to the inode numbers in audit_names[]. 709 * buckets applicable to the inode numbers in audit_names[].
716 * Regarding audit_state, same rules apply as for audit_filter_syscall(). 710 * Regarding audit_state, same rules apply as for audit_filter_syscall().
717 */ 711 */
718enum audit_state audit_filter_inodes(struct task_struct *tsk, 712void audit_filter_inodes(struct task_struct *tsk, struct audit_context *ctx)
719 struct audit_context *ctx)
720{ 713{
721 int i; 714 int i;
722 struct audit_entry *e; 715 struct audit_entry *e;
723 enum audit_state state; 716 enum audit_state state;
724 717
725 if (audit_pid && tsk->tgid == audit_pid) 718 if (audit_pid && tsk->tgid == audit_pid)
726 return AUDIT_DISABLED; 719 return;
727 720
728 rcu_read_lock(); 721 rcu_read_lock();
729 for (i = 0; i < ctx->name_count; i++) { 722 for (i = 0; i < ctx->name_count; i++) {
@@ -740,17 +733,20 @@ enum audit_state audit_filter_inodes(struct task_struct *tsk,
740 if ((e->rule.mask[word] & bit) == bit && 733 if ((e->rule.mask[word] & bit) == bit &&
741 audit_filter_rules(tsk, &e->rule, ctx, n, &state)) { 734 audit_filter_rules(tsk, &e->rule, ctx, n, &state)) {
742 rcu_read_unlock(); 735 rcu_read_unlock();
743 return state; 736 ctx->current_state = state;
737 return;
744 } 738 }
745 } 739 }
746 } 740 }
747 rcu_read_unlock(); 741 rcu_read_unlock();
748 return AUDIT_BUILD_CONTEXT;
749} 742}
750 743
751void audit_set_auditable(struct audit_context *ctx) 744static void audit_set_auditable(struct audit_context *ctx)
752{ 745{
753 ctx->auditable = 1; 746 if (!ctx->prio) {
747 ctx->prio = 1;
748 ctx->current_state = AUDIT_RECORD_CONTEXT;
749 }
754} 750}
755 751
756static inline struct audit_context *audit_get_context(struct task_struct *tsk, 752static inline struct audit_context *audit_get_context(struct task_struct *tsk,
@@ -781,23 +777,11 @@ static inline struct audit_context *audit_get_context(struct task_struct *tsk,
781 else 777 else
782 context->return_code = return_code; 778 context->return_code = return_code;
783 779
784 if (context->in_syscall && !context->dummy && !context->auditable) { 780 if (context->in_syscall && !context->dummy) {
785 enum audit_state state; 781 audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]);
786 782 audit_filter_inodes(tsk, context);
787 state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_EXIT]);
788 if (state == AUDIT_RECORD_CONTEXT) {
789 context->auditable = 1;
790 goto get_context;
791 }
792
793 state = audit_filter_inodes(tsk, context);
794 if (state == AUDIT_RECORD_CONTEXT)
795 context->auditable = 1;
796
797 } 783 }
798 784
799get_context:
800
801 tsk->audit_context = NULL; 785 tsk->audit_context = NULL;
802 return context; 786 return context;
803} 787}
@@ -807,8 +791,7 @@ static inline void audit_free_names(struct audit_context *context)
807 int i; 791 int i;
808 792
809#if AUDIT_DEBUG == 2 793#if AUDIT_DEBUG == 2
810 if (context->auditable 794 if (context->put_count + context->ino_count != context->name_count) {
811 ||context->put_count + context->ino_count != context->name_count) {
812 printk(KERN_ERR "%s:%d(:%d): major=%d in_syscall=%d" 795 printk(KERN_ERR "%s:%d(:%d): major=%d in_syscall=%d"
813 " name_count=%d put_count=%d" 796 " name_count=%d put_count=%d"
814 " ino_count=%d [NOT freeing]\n", 797 " ino_count=%d [NOT freeing]\n",
@@ -859,6 +842,7 @@ static inline void audit_zero_context(struct audit_context *context,
859{ 842{
860 memset(context, 0, sizeof(*context)); 843 memset(context, 0, sizeof(*context));
861 context->state = state; 844 context->state = state;
845 context->prio = state == AUDIT_RECORD_CONTEXT ? ~0ULL : 0;
862} 846}
863 847
864static inline struct audit_context *audit_alloc_context(enum audit_state state) 848static inline struct audit_context *audit_alloc_context(enum audit_state state)
@@ -884,18 +868,21 @@ int audit_alloc(struct task_struct *tsk)
884{ 868{
885 struct audit_context *context; 869 struct audit_context *context;
886 enum audit_state state; 870 enum audit_state state;
871 char *key = NULL;
887 872
888 if (likely(!audit_ever_enabled)) 873 if (likely(!audit_ever_enabled))
889 return 0; /* Return if not auditing. */ 874 return 0; /* Return if not auditing. */
890 875
891 state = audit_filter_task(tsk); 876 state = audit_filter_task(tsk, &key);
892 if (likely(state == AUDIT_DISABLED)) 877 if (likely(state == AUDIT_DISABLED))
893 return 0; 878 return 0;
894 879
895 if (!(context = audit_alloc_context(state))) { 880 if (!(context = audit_alloc_context(state))) {
881 kfree(key);
896 audit_log_lost("out of memory in audit_alloc"); 882 audit_log_lost("out of memory in audit_alloc");
897 return -ENOMEM; 883 return -ENOMEM;
898 } 884 }
885 context->filterkey = key;
899 886
900 tsk->audit_context = context; 887 tsk->audit_context = context;
901 set_tsk_thread_flag(tsk, TIF_SYSCALL_AUDIT); 888 set_tsk_thread_flag(tsk, TIF_SYSCALL_AUDIT);
@@ -921,6 +908,7 @@ static inline void audit_free_context(struct audit_context *context)
921 free_tree_refs(context); 908 free_tree_refs(context);
922 audit_free_aux(context); 909 audit_free_aux(context);
923 kfree(context->filterkey); 910 kfree(context->filterkey);
911 kfree(context->sockaddr);
924 kfree(context); 912 kfree(context);
925 context = previous; 913 context = previous;
926 } while (context); 914 } while (context);
@@ -1230,6 +1218,97 @@ static void audit_log_fcaps(struct audit_buffer *ab, struct audit_names *name)
1230 audit_log_format(ab, " cap_fe=%d cap_fver=%x", name->fcap.fE, name->fcap_ver); 1218 audit_log_format(ab, " cap_fe=%d cap_fver=%x", name->fcap.fE, name->fcap_ver);
1231} 1219}
1232 1220
1221static void show_special(struct audit_context *context, int *call_panic)
1222{
1223 struct audit_buffer *ab;
1224 int i;
1225
1226 ab = audit_log_start(context, GFP_KERNEL, context->type);
1227 if (!ab)
1228 return;
1229
1230 switch (context->type) {
1231 case AUDIT_SOCKETCALL: {
1232 int nargs = context->socketcall.nargs;
1233 audit_log_format(ab, "nargs=%d", nargs);
1234 for (i = 0; i < nargs; i++)
1235 audit_log_format(ab, " a%d=%lx", i,
1236 context->socketcall.args[i]);
1237 break; }
1238 case AUDIT_IPC: {
1239 u32 osid = context->ipc.osid;
1240
1241 audit_log_format(ab, "ouid=%u ogid=%u mode=%#o",
1242 context->ipc.uid, context->ipc.gid, context->ipc.mode);
1243 if (osid) {
1244 char *ctx = NULL;
1245 u32 len;
1246 if (security_secid_to_secctx(osid, &ctx, &len)) {
1247 audit_log_format(ab, " osid=%u", osid);
1248 *call_panic = 1;
1249 } else {
1250 audit_log_format(ab, " obj=%s", ctx);
1251 security_release_secctx(ctx, len);
1252 }
1253 }
1254 if (context->ipc.has_perm) {
1255 audit_log_end(ab);
1256 ab = audit_log_start(context, GFP_KERNEL,
1257 AUDIT_IPC_SET_PERM);
1258 audit_log_format(ab,
1259 "qbytes=%lx ouid=%u ogid=%u mode=%#o",
1260 context->ipc.qbytes,
1261 context->ipc.perm_uid,
1262 context->ipc.perm_gid,
1263 context->ipc.perm_mode);
1264 if (!ab)
1265 return;
1266 }
1267 break; }
1268 case AUDIT_MQ_OPEN: {
1269 audit_log_format(ab,
1270 "oflag=0x%x mode=%#o mq_flags=0x%lx mq_maxmsg=%ld "
1271 "mq_msgsize=%ld mq_curmsgs=%ld",
1272 context->mq_open.oflag, context->mq_open.mode,
1273 context->mq_open.attr.mq_flags,
1274 context->mq_open.attr.mq_maxmsg,
1275 context->mq_open.attr.mq_msgsize,
1276 context->mq_open.attr.mq_curmsgs);
1277 break; }
1278 case AUDIT_MQ_SENDRECV: {
1279 audit_log_format(ab,
1280 "mqdes=%d msg_len=%zd msg_prio=%u "
1281 "abs_timeout_sec=%ld abs_timeout_nsec=%ld",
1282 context->mq_sendrecv.mqdes,
1283 context->mq_sendrecv.msg_len,
1284 context->mq_sendrecv.msg_prio,
1285 context->mq_sendrecv.abs_timeout.tv_sec,
1286 context->mq_sendrecv.abs_timeout.tv_nsec);
1287 break; }
1288 case AUDIT_MQ_NOTIFY: {
1289 audit_log_format(ab, "mqdes=%d sigev_signo=%d",
1290 context->mq_notify.mqdes,
1291 context->mq_notify.sigev_signo);
1292 break; }
1293 case AUDIT_MQ_GETSETATTR: {
1294 struct mq_attr *attr = &context->mq_getsetattr.mqstat;
1295 audit_log_format(ab,
1296 "mqdes=%d mq_flags=0x%lx mq_maxmsg=%ld mq_msgsize=%ld "
1297 "mq_curmsgs=%ld ",
1298 context->mq_getsetattr.mqdes,
1299 attr->mq_flags, attr->mq_maxmsg,
1300 attr->mq_msgsize, attr->mq_curmsgs);
1301 break; }
1302 case AUDIT_CAPSET: {
1303 audit_log_format(ab, "pid=%d", context->capset.pid);
1304 audit_log_cap(ab, "cap_pi", &context->capset.cap.inheritable);
1305 audit_log_cap(ab, "cap_pp", &context->capset.cap.permitted);
1306 audit_log_cap(ab, "cap_pe", &context->capset.cap.effective);
1307 break; }
1308 }
1309 audit_log_end(ab);
1310}
1311
1233static void audit_log_exit(struct audit_context *context, struct task_struct *tsk) 1312static void audit_log_exit(struct audit_context *context, struct task_struct *tsk)
1234{ 1313{
1235 const struct cred *cred; 1314 const struct cred *cred;
@@ -1307,94 +1386,12 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
1307 continue; /* audit_panic has been called */ 1386 continue; /* audit_panic has been called */
1308 1387
1309 switch (aux->type) { 1388 switch (aux->type) {
1310 case AUDIT_MQ_OPEN: {
1311 struct audit_aux_data_mq_open *axi = (void *)aux;
1312 audit_log_format(ab,
1313 "oflag=0x%x mode=%#o mq_flags=0x%lx mq_maxmsg=%ld "
1314 "mq_msgsize=%ld mq_curmsgs=%ld",
1315 axi->oflag, axi->mode, axi->attr.mq_flags,
1316 axi->attr.mq_maxmsg, axi->attr.mq_msgsize,
1317 axi->attr.mq_curmsgs);
1318 break; }
1319
1320 case AUDIT_MQ_SENDRECV: {
1321 struct audit_aux_data_mq_sendrecv *axi = (void *)aux;
1322 audit_log_format(ab,
1323 "mqdes=%d msg_len=%zd msg_prio=%u "
1324 "abs_timeout_sec=%ld abs_timeout_nsec=%ld",
1325 axi->mqdes, axi->msg_len, axi->msg_prio,
1326 axi->abs_timeout.tv_sec, axi->abs_timeout.tv_nsec);
1327 break; }
1328
1329 case AUDIT_MQ_NOTIFY: {
1330 struct audit_aux_data_mq_notify *axi = (void *)aux;
1331 audit_log_format(ab,
1332 "mqdes=%d sigev_signo=%d",
1333 axi->mqdes,
1334 axi->notification.sigev_signo);
1335 break; }
1336
1337 case AUDIT_MQ_GETSETATTR: {
1338 struct audit_aux_data_mq_getsetattr *axi = (void *)aux;
1339 audit_log_format(ab,
1340 "mqdes=%d mq_flags=0x%lx mq_maxmsg=%ld mq_msgsize=%ld "
1341 "mq_curmsgs=%ld ",
1342 axi->mqdes,
1343 axi->mqstat.mq_flags, axi->mqstat.mq_maxmsg,
1344 axi->mqstat.mq_msgsize, axi->mqstat.mq_curmsgs);
1345 break; }
1346
1347 case AUDIT_IPC: {
1348 struct audit_aux_data_ipcctl *axi = (void *)aux;
1349 audit_log_format(ab,
1350 "ouid=%u ogid=%u mode=%#o",
1351 axi->uid, axi->gid, axi->mode);
1352 if (axi->osid != 0) {
1353 char *ctx = NULL;
1354 u32 len;
1355 if (security_secid_to_secctx(
1356 axi->osid, &ctx, &len)) {
1357 audit_log_format(ab, " osid=%u",
1358 axi->osid);
1359 call_panic = 1;
1360 } else {
1361 audit_log_format(ab, " obj=%s", ctx);
1362 security_release_secctx(ctx, len);
1363 }
1364 }
1365 break; }
1366
1367 case AUDIT_IPC_SET_PERM: {
1368 struct audit_aux_data_ipcctl *axi = (void *)aux;
1369 audit_log_format(ab,
1370 "qbytes=%lx ouid=%u ogid=%u mode=%#o",
1371 axi->qbytes, axi->uid, axi->gid, axi->mode);
1372 break; }
1373 1389
1374 case AUDIT_EXECVE: { 1390 case AUDIT_EXECVE: {
1375 struct audit_aux_data_execve *axi = (void *)aux; 1391 struct audit_aux_data_execve *axi = (void *)aux;
1376 audit_log_execve_info(context, &ab, axi); 1392 audit_log_execve_info(context, &ab, axi);
1377 break; } 1393 break; }
1378 1394
1379 case AUDIT_SOCKETCALL: {
1380 struct audit_aux_data_socketcall *axs = (void *)aux;
1381 audit_log_format(ab, "nargs=%d", axs->nargs);
1382 for (i=0; i<axs->nargs; i++)
1383 audit_log_format(ab, " a%d=%lx", i, axs->args[i]);
1384 break; }
1385
1386 case AUDIT_SOCKADDR: {
1387 struct audit_aux_data_sockaddr *axs = (void *)aux;
1388
1389 audit_log_format(ab, "saddr=");
1390 audit_log_n_hex(ab, axs->a, axs->len);
1391 break; }
1392
1393 case AUDIT_FD_PAIR: {
1394 struct audit_aux_data_fd_pair *axs = (void *)aux;
1395 audit_log_format(ab, "fd0=%d fd1=%d", axs->fd[0], axs->fd[1]);
1396 break; }
1397
1398 case AUDIT_BPRM_FCAPS: { 1395 case AUDIT_BPRM_FCAPS: {
1399 struct audit_aux_data_bprm_fcaps *axs = (void *)aux; 1396 struct audit_aux_data_bprm_fcaps *axs = (void *)aux;
1400 audit_log_format(ab, "fver=%x", axs->fcap_ver); 1397 audit_log_format(ab, "fver=%x", axs->fcap_ver);
@@ -1409,18 +1406,32 @@ static void audit_log_exit(struct audit_context *context, struct task_struct *ts
1409 audit_log_cap(ab, "new_pe", &axs->new_pcap.effective); 1406 audit_log_cap(ab, "new_pe", &axs->new_pcap.effective);
1410 break; } 1407 break; }
1411 1408
1412 case AUDIT_CAPSET: {
1413 struct audit_aux_data_capset *axs = (void *)aux;
1414 audit_log_format(ab, "pid=%d", axs->pid);
1415 audit_log_cap(ab, "cap_pi", &axs->cap.inheritable);
1416 audit_log_cap(ab, "cap_pp", &axs->cap.permitted);
1417 audit_log_cap(ab, "cap_pe", &axs->cap.effective);
1418 break; }
1419
1420 } 1409 }
1421 audit_log_end(ab); 1410 audit_log_end(ab);
1422 } 1411 }
1423 1412
1413 if (context->type)
1414 show_special(context, &call_panic);
1415
1416 if (context->fds[0] >= 0) {
1417 ab = audit_log_start(context, GFP_KERNEL, AUDIT_FD_PAIR);
1418 if (ab) {
1419 audit_log_format(ab, "fd0=%d fd1=%d",
1420 context->fds[0], context->fds[1]);
1421 audit_log_end(ab);
1422 }
1423 }
1424
1425 if (context->sockaddr_len) {
1426 ab = audit_log_start(context, GFP_KERNEL, AUDIT_SOCKADDR);
1427 if (ab) {
1428 audit_log_format(ab, "saddr=");
1429 audit_log_n_hex(ab, (void *)context->sockaddr,
1430 context->sockaddr_len);
1431 audit_log_end(ab);
1432 }
1433 }
1434
1424 for (aux = context->aux_pids; aux; aux = aux->next) { 1435 for (aux = context->aux_pids; aux; aux = aux->next) {
1425 struct audit_aux_data_pids *axs = (void *)aux; 1436 struct audit_aux_data_pids *axs = (void *)aux;
1426 1437
@@ -1536,7 +1547,7 @@ void audit_free(struct task_struct *tsk)
1536 * We use GFP_ATOMIC here because we might be doing this 1547 * We use GFP_ATOMIC here because we might be doing this
1537 * in the context of the idle thread */ 1548 * in the context of the idle thread */
1538 /* that can happen only if we are called from do_exit() */ 1549 /* that can happen only if we are called from do_exit() */
1539 if (context->in_syscall && context->auditable) 1550 if (context->in_syscall && context->current_state == AUDIT_RECORD_CONTEXT)
1540 audit_log_exit(context, tsk); 1551 audit_log_exit(context, tsk);
1541 1552
1542 audit_free_context(context); 1553 audit_free_context(context);
@@ -1620,15 +1631,17 @@ void audit_syscall_entry(int arch, int major,
1620 1631
1621 state = context->state; 1632 state = context->state;
1622 context->dummy = !audit_n_rules; 1633 context->dummy = !audit_n_rules;
1623 if (!context->dummy && (state == AUDIT_SETUP_CONTEXT || state == AUDIT_BUILD_CONTEXT)) 1634 if (!context->dummy && state == AUDIT_BUILD_CONTEXT) {
1635 context->prio = 0;
1624 state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_ENTRY]); 1636 state = audit_filter_syscall(tsk, context, &audit_filter_list[AUDIT_FILTER_ENTRY]);
1637 }
1625 if (likely(state == AUDIT_DISABLED)) 1638 if (likely(state == AUDIT_DISABLED))
1626 return; 1639 return;
1627 1640
1628 context->serial = 0; 1641 context->serial = 0;
1629 context->ctime = CURRENT_TIME; 1642 context->ctime = CURRENT_TIME;
1630 context->in_syscall = 1; 1643 context->in_syscall = 1;
1631 context->auditable = !!(state == AUDIT_RECORD_CONTEXT); 1644 context->current_state = state;
1632 context->ppid = 0; 1645 context->ppid = 0;
1633} 1646}
1634 1647
@@ -1636,17 +1649,20 @@ void audit_finish_fork(struct task_struct *child)
1636{ 1649{
1637 struct audit_context *ctx = current->audit_context; 1650 struct audit_context *ctx = current->audit_context;
1638 struct audit_context *p = child->audit_context; 1651 struct audit_context *p = child->audit_context;
1639 if (!p || !ctx || !ctx->auditable) 1652 if (!p || !ctx)
1653 return;
1654 if (!ctx->in_syscall || ctx->current_state != AUDIT_RECORD_CONTEXT)
1640 return; 1655 return;
1641 p->arch = ctx->arch; 1656 p->arch = ctx->arch;
1642 p->major = ctx->major; 1657 p->major = ctx->major;
1643 memcpy(p->argv, ctx->argv, sizeof(ctx->argv)); 1658 memcpy(p->argv, ctx->argv, sizeof(ctx->argv));
1644 p->ctime = ctx->ctime; 1659 p->ctime = ctx->ctime;
1645 p->dummy = ctx->dummy; 1660 p->dummy = ctx->dummy;
1646 p->auditable = ctx->auditable;
1647 p->in_syscall = ctx->in_syscall; 1661 p->in_syscall = ctx->in_syscall;
1648 p->filterkey = kstrdup(ctx->filterkey, GFP_KERNEL); 1662 p->filterkey = kstrdup(ctx->filterkey, GFP_KERNEL);
1649 p->ppid = current->pid; 1663 p->ppid = current->pid;
1664 p->prio = ctx->prio;
1665 p->current_state = ctx->current_state;
1650} 1666}
1651 1667
1652/** 1668/**
@@ -1670,11 +1686,11 @@ void audit_syscall_exit(int valid, long return_code)
1670 if (likely(!context)) 1686 if (likely(!context))
1671 return; 1687 return;
1672 1688
1673 if (context->in_syscall && context->auditable) 1689 if (context->in_syscall && context->current_state == AUDIT_RECORD_CONTEXT)
1674 audit_log_exit(context, tsk); 1690 audit_log_exit(context, tsk);
1675 1691
1676 context->in_syscall = 0; 1692 context->in_syscall = 0;
1677 context->auditable = 0; 1693 context->prio = context->state == AUDIT_RECORD_CONTEXT ? ~0ULL : 0;
1678 1694
1679 if (context->previous) { 1695 if (context->previous) {
1680 struct audit_context *new_context = context->previous; 1696 struct audit_context *new_context = context->previous;
@@ -1689,8 +1705,13 @@ void audit_syscall_exit(int valid, long return_code)
1689 context->aux_pids = NULL; 1705 context->aux_pids = NULL;
1690 context->target_pid = 0; 1706 context->target_pid = 0;
1691 context->target_sid = 0; 1707 context->target_sid = 0;
1692 kfree(context->filterkey); 1708 context->sockaddr_len = 0;
1693 context->filterkey = NULL; 1709 context->type = 0;
1710 context->fds[0] = -1;
1711 if (context->state != AUDIT_RECORD_CONTEXT) {
1712 kfree(context->filterkey);
1713 context->filterkey = NULL;
1714 }
1694 tsk->audit_context = context; 1715 tsk->audit_context = context;
1695 } 1716 }
1696} 1717}
@@ -2081,7 +2102,10 @@ int auditsc_get_stamp(struct audit_context *ctx,
2081 t->tv_sec = ctx->ctime.tv_sec; 2102 t->tv_sec = ctx->ctime.tv_sec;
2082 t->tv_nsec = ctx->ctime.tv_nsec; 2103 t->tv_nsec = ctx->ctime.tv_nsec;
2083 *serial = ctx->serial; 2104 *serial = ctx->serial;
2084 ctx->auditable = 1; 2105 if (!ctx->prio) {
2106 ctx->prio = 1;
2107 ctx->current_state = AUDIT_RECORD_CONTEXT;
2108 }
2085 return 1; 2109 return 1;
2086} 2110}
2087 2111
@@ -2127,132 +2151,46 @@ int audit_set_loginuid(struct task_struct *task, uid_t loginuid)
2127 * @mode: mode bits 2151 * @mode: mode bits
2128 * @u_attr: queue attributes 2152 * @u_attr: queue attributes
2129 * 2153 *
2130 * Returns 0 for success or NULL context or < 0 on error.
2131 */ 2154 */
2132int __audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr) 2155void __audit_mq_open(int oflag, mode_t mode, struct mq_attr *attr)
2133{ 2156{
2134 struct audit_aux_data_mq_open *ax;
2135 struct audit_context *context = current->audit_context; 2157 struct audit_context *context = current->audit_context;
2136 2158
2137 if (!audit_enabled) 2159 if (attr)
2138 return 0; 2160 memcpy(&context->mq_open.attr, attr, sizeof(struct mq_attr));
2139 2161 else
2140 if (likely(!context)) 2162 memset(&context->mq_open.attr, 0, sizeof(struct mq_attr));
2141 return 0;
2142
2143 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2144 if (!ax)
2145 return -ENOMEM;
2146
2147 if (u_attr != NULL) {
2148 if (copy_from_user(&ax->attr, u_attr, sizeof(ax->attr))) {
2149 kfree(ax);
2150 return -EFAULT;
2151 }
2152 } else
2153 memset(&ax->attr, 0, sizeof(ax->attr));
2154 2163
2155 ax->oflag = oflag; 2164 context->mq_open.oflag = oflag;
2156 ax->mode = mode; 2165 context->mq_open.mode = mode;
2157 2166
2158 ax->d.type = AUDIT_MQ_OPEN; 2167 context->type = AUDIT_MQ_OPEN;
2159 ax->d.next = context->aux;
2160 context->aux = (void *)ax;
2161 return 0;
2162} 2168}
2163 2169
2164/** 2170/**
2165 * __audit_mq_timedsend - record audit data for a POSIX MQ timed send 2171 * __audit_mq_sendrecv - record audit data for a POSIX MQ timed send/receive
2166 * @mqdes: MQ descriptor 2172 * @mqdes: MQ descriptor
2167 * @msg_len: Message length 2173 * @msg_len: Message length
2168 * @msg_prio: Message priority 2174 * @msg_prio: Message priority
2169 * @u_abs_timeout: Message timeout in absolute time 2175 * @abs_timeout: Message timeout in absolute time
2170 * 2176 *
2171 * Returns 0 for success or NULL context or < 0 on error.
2172 */ 2177 */
2173int __audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, 2178void __audit_mq_sendrecv(mqd_t mqdes, size_t msg_len, unsigned int msg_prio,
2174 const struct timespec __user *u_abs_timeout) 2179 const struct timespec *abs_timeout)
2175{ 2180{
2176 struct audit_aux_data_mq_sendrecv *ax;
2177 struct audit_context *context = current->audit_context; 2181 struct audit_context *context = current->audit_context;
2182 struct timespec *p = &context->mq_sendrecv.abs_timeout;
2178 2183
2179 if (!audit_enabled) 2184 if (abs_timeout)
2180 return 0; 2185 memcpy(p, abs_timeout, sizeof(struct timespec));
2181 2186 else
2182 if (likely(!context)) 2187 memset(p, 0, sizeof(struct timespec));
2183 return 0;
2184
2185 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2186 if (!ax)
2187 return -ENOMEM;
2188
2189 if (u_abs_timeout != NULL) {
2190 if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout))) {
2191 kfree(ax);
2192 return -EFAULT;
2193 }
2194 } else
2195 memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout));
2196
2197 ax->mqdes = mqdes;
2198 ax->msg_len = msg_len;
2199 ax->msg_prio = msg_prio;
2200
2201 ax->d.type = AUDIT_MQ_SENDRECV;
2202 ax->d.next = context->aux;
2203 context->aux = (void *)ax;
2204 return 0;
2205}
2206
2207/**
2208 * __audit_mq_timedreceive - record audit data for a POSIX MQ timed receive
2209 * @mqdes: MQ descriptor
2210 * @msg_len: Message length
2211 * @u_msg_prio: Message priority
2212 * @u_abs_timeout: Message timeout in absolute time
2213 *
2214 * Returns 0 for success or NULL context or < 0 on error.
2215 */
2216int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len,
2217 unsigned int __user *u_msg_prio,
2218 const struct timespec __user *u_abs_timeout)
2219{
2220 struct audit_aux_data_mq_sendrecv *ax;
2221 struct audit_context *context = current->audit_context;
2222
2223 if (!audit_enabled)
2224 return 0;
2225
2226 if (likely(!context))
2227 return 0;
2228
2229 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2230 if (!ax)
2231 return -ENOMEM;
2232
2233 if (u_msg_prio != NULL) {
2234 if (get_user(ax->msg_prio, u_msg_prio)) {
2235 kfree(ax);
2236 return -EFAULT;
2237 }
2238 } else
2239 ax->msg_prio = 0;
2240
2241 if (u_abs_timeout != NULL) {
2242 if (copy_from_user(&ax->abs_timeout, u_abs_timeout, sizeof(ax->abs_timeout))) {
2243 kfree(ax);
2244 return -EFAULT;
2245 }
2246 } else
2247 memset(&ax->abs_timeout, 0, sizeof(ax->abs_timeout));
2248 2188
2249 ax->mqdes = mqdes; 2189 context->mq_sendrecv.mqdes = mqdes;
2250 ax->msg_len = msg_len; 2190 context->mq_sendrecv.msg_len = msg_len;
2191 context->mq_sendrecv.msg_prio = msg_prio;
2251 2192
2252 ax->d.type = AUDIT_MQ_SENDRECV; 2193 context->type = AUDIT_MQ_SENDRECV;
2253 ax->d.next = context->aux;
2254 context->aux = (void *)ax;
2255 return 0;
2256} 2194}
2257 2195
2258/** 2196/**
@@ -2260,38 +2198,19 @@ int __audit_mq_timedreceive(mqd_t mqdes, size_t msg_len,
2260 * @mqdes: MQ descriptor 2198 * @mqdes: MQ descriptor
2261 * @u_notification: Notification event 2199 * @u_notification: Notification event
2262 * 2200 *
2263 * Returns 0 for success or NULL context or < 0 on error.
2264 */ 2201 */
2265 2202
2266int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification) 2203void __audit_mq_notify(mqd_t mqdes, const struct sigevent *notification)
2267{ 2204{
2268 struct audit_aux_data_mq_notify *ax;
2269 struct audit_context *context = current->audit_context; 2205 struct audit_context *context = current->audit_context;
2270 2206
2271 if (!audit_enabled) 2207 if (notification)
2272 return 0; 2208 context->mq_notify.sigev_signo = notification->sigev_signo;
2273 2209 else
2274 if (likely(!context)) 2210 context->mq_notify.sigev_signo = 0;
2275 return 0;
2276
2277 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2278 if (!ax)
2279 return -ENOMEM;
2280
2281 if (u_notification != NULL) {
2282 if (copy_from_user(&ax->notification, u_notification, sizeof(ax->notification))) {
2283 kfree(ax);
2284 return -EFAULT;
2285 }
2286 } else
2287 memset(&ax->notification, 0, sizeof(ax->notification));
2288
2289 ax->mqdes = mqdes;
2290 2211
2291 ax->d.type = AUDIT_MQ_NOTIFY; 2212 context->mq_notify.mqdes = mqdes;
2292 ax->d.next = context->aux; 2213 context->type = AUDIT_MQ_NOTIFY;
2293 context->aux = (void *)ax;
2294 return 0;
2295} 2214}
2296 2215
2297/** 2216/**
@@ -2299,55 +2218,29 @@ int __audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification)
2299 * @mqdes: MQ descriptor 2218 * @mqdes: MQ descriptor
2300 * @mqstat: MQ flags 2219 * @mqstat: MQ flags
2301 * 2220 *
2302 * Returns 0 for success or NULL context or < 0 on error.
2303 */ 2221 */
2304int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat) 2222void __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
2305{ 2223{
2306 struct audit_aux_data_mq_getsetattr *ax;
2307 struct audit_context *context = current->audit_context; 2224 struct audit_context *context = current->audit_context;
2308 2225 context->mq_getsetattr.mqdes = mqdes;
2309 if (!audit_enabled) 2226 context->mq_getsetattr.mqstat = *mqstat;
2310 return 0; 2227 context->type = AUDIT_MQ_GETSETATTR;
2311
2312 if (likely(!context))
2313 return 0;
2314
2315 ax = kmalloc(sizeof(*ax), GFP_ATOMIC);
2316 if (!ax)
2317 return -ENOMEM;
2318
2319 ax->mqdes = mqdes;
2320 ax->mqstat = *mqstat;
2321
2322 ax->d.type = AUDIT_MQ_GETSETATTR;
2323 ax->d.next = context->aux;
2324 context->aux = (void *)ax;
2325 return 0;
2326} 2228}
2327 2229
2328/** 2230/**
2329 * audit_ipc_obj - record audit data for ipc object 2231 * audit_ipc_obj - record audit data for ipc object
2330 * @ipcp: ipc permissions 2232 * @ipcp: ipc permissions
2331 * 2233 *
2332 * Returns 0 for success or NULL context or < 0 on error.
2333 */ 2234 */
2334int __audit_ipc_obj(struct kern_ipc_perm *ipcp) 2235void __audit_ipc_obj(struct kern_ipc_perm *ipcp)
2335{ 2236{
2336 struct audit_aux_data_ipcctl *ax;
2337 struct audit_context *context = current->audit_context; 2237 struct audit_context *context = current->audit_context;
2338 2238 context->ipc.uid = ipcp->uid;
2339 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 2239 context->ipc.gid = ipcp->gid;
2340 if (!ax) 2240 context->ipc.mode = ipcp->mode;
2341 return -ENOMEM; 2241 context->ipc.has_perm = 0;
2342 2242 security_ipc_getsecid(ipcp, &context->ipc.osid);
2343 ax->uid = ipcp->uid; 2243 context->type = AUDIT_IPC;
2344 ax->gid = ipcp->gid;
2345 ax->mode = ipcp->mode;
2346 security_ipc_getsecid(ipcp, &ax->osid);
2347 ax->d.type = AUDIT_IPC;
2348 ax->d.next = context->aux;
2349 context->aux = (void *)ax;
2350 return 0;
2351} 2244}
2352 2245
2353/** 2246/**
@@ -2357,26 +2250,17 @@ int __audit_ipc_obj(struct kern_ipc_perm *ipcp)
2357 * @gid: msgq group id 2250 * @gid: msgq group id
2358 * @mode: msgq mode (permissions) 2251 * @mode: msgq mode (permissions)
2359 * 2252 *
2360 * Returns 0 for success or NULL context or < 0 on error. 2253 * Called only after audit_ipc_obj().
2361 */ 2254 */
2362int __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode) 2255void __audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
2363{ 2256{
2364 struct audit_aux_data_ipcctl *ax;
2365 struct audit_context *context = current->audit_context; 2257 struct audit_context *context = current->audit_context;
2366 2258
2367 ax = kmalloc(sizeof(*ax), GFP_ATOMIC); 2259 context->ipc.qbytes = qbytes;
2368 if (!ax) 2260 context->ipc.perm_uid = uid;
2369 return -ENOMEM; 2261 context->ipc.perm_gid = gid;
2370 2262 context->ipc.perm_mode = mode;
2371 ax->qbytes = qbytes; 2263 context->ipc.has_perm = 1;
2372 ax->uid = uid;
2373 ax->gid = gid;
2374 ax->mode = mode;
2375
2376 ax->d.type = AUDIT_IPC_SET_PERM;
2377 ax->d.next = context->aux;
2378 context->aux = (void *)ax;
2379 return 0;
2380} 2264}
2381 2265
2382int audit_bprm(struct linux_binprm *bprm) 2266int audit_bprm(struct linux_binprm *bprm)
@@ -2406,27 +2290,17 @@ int audit_bprm(struct linux_binprm *bprm)
2406 * @nargs: number of args 2290 * @nargs: number of args
2407 * @args: args array 2291 * @args: args array
2408 * 2292 *
2409 * Returns 0 for success or NULL context or < 0 on error.
2410 */ 2293 */
2411int audit_socketcall(int nargs, unsigned long *args) 2294void audit_socketcall(int nargs, unsigned long *args)
2412{ 2295{
2413 struct audit_aux_data_socketcall *ax;
2414 struct audit_context *context = current->audit_context; 2296 struct audit_context *context = current->audit_context;
2415 2297
2416 if (likely(!context || context->dummy)) 2298 if (likely(!context || context->dummy))
2417 return 0; 2299 return;
2418
2419 ax = kmalloc(sizeof(*ax) + nargs * sizeof(unsigned long), GFP_KERNEL);
2420 if (!ax)
2421 return -ENOMEM;
2422
2423 ax->nargs = nargs;
2424 memcpy(ax->args, args, nargs * sizeof(unsigned long));
2425 2300
2426 ax->d.type = AUDIT_SOCKETCALL; 2301 context->type = AUDIT_SOCKETCALL;
2427 ax->d.next = context->aux; 2302 context->socketcall.nargs = nargs;
2428 context->aux = (void *)ax; 2303 memcpy(context->socketcall.args, args, nargs * sizeof(unsigned long));
2429 return 0;
2430} 2304}
2431 2305
2432/** 2306/**
@@ -2434,29 +2308,12 @@ int audit_socketcall(int nargs, unsigned long *args)
2434 * @fd1: the first file descriptor 2308 * @fd1: the first file descriptor
2435 * @fd2: the second file descriptor 2309 * @fd2: the second file descriptor
2436 * 2310 *
2437 * Returns 0 for success or NULL context or < 0 on error.
2438 */ 2311 */
2439int __audit_fd_pair(int fd1, int fd2) 2312void __audit_fd_pair(int fd1, int fd2)
2440{ 2313{
2441 struct audit_context *context = current->audit_context; 2314 struct audit_context *context = current->audit_context;
2442 struct audit_aux_data_fd_pair *ax; 2315 context->fds[0] = fd1;
2443 2316 context->fds[1] = fd2;
2444 if (likely(!context)) {
2445 return 0;
2446 }
2447
2448 ax = kmalloc(sizeof(*ax), GFP_KERNEL);
2449 if (!ax) {
2450 return -ENOMEM;
2451 }
2452
2453 ax->fd[0] = fd1;
2454 ax->fd[1] = fd2;
2455
2456 ax->d.type = AUDIT_FD_PAIR;
2457 ax->d.next = context->aux;
2458 context->aux = (void *)ax;
2459 return 0;
2460} 2317}
2461 2318
2462/** 2319/**
@@ -2468,22 +2325,20 @@ int __audit_fd_pair(int fd1, int fd2)
2468 */ 2325 */
2469int audit_sockaddr(int len, void *a) 2326int audit_sockaddr(int len, void *a)
2470{ 2327{
2471 struct audit_aux_data_sockaddr *ax;
2472 struct audit_context *context = current->audit_context; 2328 struct audit_context *context = current->audit_context;
2473 2329
2474 if (likely(!context || context->dummy)) 2330 if (likely(!context || context->dummy))
2475 return 0; 2331 return 0;
2476 2332
2477 ax = kmalloc(sizeof(*ax) + len, GFP_KERNEL); 2333 if (!context->sockaddr) {
2478 if (!ax) 2334 void *p = kmalloc(sizeof(struct sockaddr_storage), GFP_KERNEL);
2479 return -ENOMEM; 2335 if (!p)
2480 2336 return -ENOMEM;
2481 ax->len = len; 2337 context->sockaddr = p;
2482 memcpy(ax->a, a, len); 2338 }
2483 2339
2484 ax->d.type = AUDIT_SOCKADDR; 2340 context->sockaddr_len = len;
2485 ax->d.next = context->aux; 2341 memcpy(context->sockaddr, a, len);
2486 context->aux = (void *)ax;
2487 return 0; 2342 return 0;
2488} 2343}
2489 2344
@@ -2617,29 +2472,15 @@ int __audit_log_bprm_fcaps(struct linux_binprm *bprm,
2617 * Record the aguments userspace sent to sys_capset for later printing by the 2472 * Record the aguments userspace sent to sys_capset for later printing by the
2618 * audit system if applicable 2473 * audit system if applicable
2619 */ 2474 */
2620int __audit_log_capset(pid_t pid, 2475void __audit_log_capset(pid_t pid,
2621 const struct cred *new, const struct cred *old) 2476 const struct cred *new, const struct cred *old)
2622{ 2477{
2623 struct audit_aux_data_capset *ax;
2624 struct audit_context *context = current->audit_context; 2478 struct audit_context *context = current->audit_context;
2625 2479 context->capset.pid = pid;
2626 if (likely(!audit_enabled || !context || context->dummy)) 2480 context->capset.cap.effective = new->cap_effective;
2627 return 0; 2481 context->capset.cap.inheritable = new->cap_effective;
2628 2482 context->capset.cap.permitted = new->cap_permitted;
2629 ax = kmalloc(sizeof(*ax), GFP_KERNEL); 2483 context->type = AUDIT_CAPSET;
2630 if (!ax)
2631 return -ENOMEM;
2632
2633 ax->d.type = AUDIT_CAPSET;
2634 ax->d.next = context->aux;
2635 context->aux = (void *)ax;
2636
2637 ax->pid = pid;
2638 ax->cap.effective = new->cap_effective;
2639 ax->cap.inheritable = new->cap_effective;
2640 ax->cap.permitted = new->cap_permitted;
2641
2642 return 0;
2643} 2484}
2644 2485
2645/** 2486/**
diff --git a/kernel/capability.c b/kernel/capability.c
index 36b4b4daebec..c598d9d5be4f 100644
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -280,9 +280,7 @@ asmlinkage long sys_capset(cap_user_header_t header, const cap_user_data_t data)
280 if (ret < 0) 280 if (ret < 0)
281 goto error; 281 goto error;
282 282
283 ret = audit_log_capset(pid, new, current_cred()); 283 audit_log_capset(pid, new, current_cred());
284 if (ret < 0)
285 return ret;
286 284
287 return commit_creds(new); 285 return commit_creds(new);
288 286
diff --git a/kernel/cgroup.c b/kernel/cgroup.c
index f7c5099a0572..87bb0258fd27 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
@@ -2944,7 +2944,11 @@ int cgroup_clone(struct task_struct *tsk, struct cgroup_subsys *subsys,
2944 parent = task_cgroup(tsk, subsys->subsys_id); 2944 parent = task_cgroup(tsk, subsys->subsys_id);
2945 2945
2946 /* Pin the hierarchy */ 2946 /* Pin the hierarchy */
2947 atomic_inc(&parent->root->sb->s_active); 2947 if (!atomic_inc_not_zero(&parent->root->sb->s_active)) {
2948 /* We race with the final deactivate_super() */
2949 mutex_unlock(&cgroup_mutex);
2950 return 0;
2951 }
2948 2952
2949 /* Keep the cgroup alive */ 2953 /* Keep the cgroup alive */
2950 get_css_set(cg); 2954 get_css_set(cg);
diff --git a/mm/filemap.c b/mm/filemap.c
index ed53ce876259..f5769b4dc075 100644
--- a/mm/filemap.c
+++ b/mm/filemap.c
@@ -2140,19 +2140,24 @@ EXPORT_SYMBOL(generic_file_direct_write);
2140 * Find or create a page at the given pagecache position. Return the locked 2140 * Find or create a page at the given pagecache position. Return the locked
2141 * page. This function is specifically for buffered writes. 2141 * page. This function is specifically for buffered writes.
2142 */ 2142 */
2143struct page *__grab_cache_page(struct address_space *mapping, pgoff_t index) 2143struct page *grab_cache_page_write_begin(struct address_space *mapping,
2144 pgoff_t index, unsigned flags)
2144{ 2145{
2145 int status; 2146 int status;
2146 struct page *page; 2147 struct page *page;
2148 gfp_t gfp_notmask = 0;
2149 if (flags & AOP_FLAG_NOFS)
2150 gfp_notmask = __GFP_FS;
2147repeat: 2151repeat:
2148 page = find_lock_page(mapping, index); 2152 page = find_lock_page(mapping, index);
2149 if (likely(page)) 2153 if (likely(page))
2150 return page; 2154 return page;
2151 2155
2152 page = page_cache_alloc(mapping); 2156 page = __page_cache_alloc(mapping_gfp_mask(mapping) & ~gfp_notmask);
2153 if (!page) 2157 if (!page)
2154 return NULL; 2158 return NULL;
2155 status = add_to_page_cache_lru(page, mapping, index, GFP_KERNEL); 2159 status = add_to_page_cache_lru(page, mapping, index,
2160 GFP_KERNEL & ~gfp_notmask);
2156 if (unlikely(status)) { 2161 if (unlikely(status)) {
2157 page_cache_release(page); 2162 page_cache_release(page);
2158 if (status == -EEXIST) 2163 if (status == -EEXIST)
@@ -2161,7 +2166,7 @@ repeat:
2161 } 2166 }
2162 return page; 2167 return page;
2163} 2168}
2164EXPORT_SYMBOL(__grab_cache_page); 2169EXPORT_SYMBOL(grab_cache_page_write_begin);
2165 2170
2166static ssize_t generic_perform_write(struct file *file, 2171static ssize_t generic_perform_write(struct file *file,
2167 struct iov_iter *i, loff_t pos) 2172 struct iov_iter *i, loff_t pos)
diff --git a/mm/mmap.c b/mm/mmap.c
index d4855a682ab6..2c778fcfd9bd 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -3,7 +3,7 @@
3 * 3 *
4 * Written by obz. 4 * Written by obz.
5 * 5 *
6 * Address space accounting code <alan@redhat.com> 6 * Address space accounting code <alan@lxorguk.ukuu.org.uk>
7 */ 7 */
8 8
9#include <linux/slab.h> 9#include <linux/slab.h>
diff --git a/mm/mprotect.c b/mm/mprotect.c
index fded06f923f4..cfb4c4852062 100644
--- a/mm/mprotect.c
+++ b/mm/mprotect.c
@@ -4,7 +4,7 @@
4 * (C) Copyright 1994 Linus Torvalds 4 * (C) Copyright 1994 Linus Torvalds
5 * (C) Copyright 2002 Christoph Hellwig 5 * (C) Copyright 2002 Christoph Hellwig
6 * 6 *
7 * Address space accounting code <alan@redhat.com> 7 * Address space accounting code <alan@lxorguk.ukuu.org.uk>
8 * (C) Copyright 2002 Red Hat Inc, All Rights Reserved 8 * (C) Copyright 2002 Red Hat Inc, All Rights Reserved
9 */ 9 */
10 10
diff --git a/mm/mremap.c b/mm/mremap.c
index 58a2908f42f5..646de959aa58 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -3,7 +3,7 @@
3 * 3 *
4 * (C) Copyright 1996 Linus Torvalds 4 * (C) Copyright 1996 Linus Torvalds
5 * 5 *
6 * Address space accounting code <alan@redhat.com> 6 * Address space accounting code <alan@lxorguk.ukuu.org.uk>
7 * (C) Copyright 2002 Red Hat Inc, All Rights Reserved 7 * (C) Copyright 2002 Red Hat Inc, All Rights Reserved
8 */ 8 */
9 9
diff --git a/mm/vmalloc.c b/mm/vmalloc.c
index 1ddb77ba3995..7465f22fec0c 100644
--- a/mm/vmalloc.c
+++ b/mm/vmalloc.c
@@ -151,11 +151,12 @@ static int vmap_pud_range(pgd_t *pgd, unsigned long addr,
151 * 151 *
152 * Ie. pte at addr+N*PAGE_SIZE shall point to pfn corresponding to pages[N] 152 * Ie. pte at addr+N*PAGE_SIZE shall point to pfn corresponding to pages[N]
153 */ 153 */
154static int vmap_page_range(unsigned long addr, unsigned long end, 154static int vmap_page_range(unsigned long start, unsigned long end,
155 pgprot_t prot, struct page **pages) 155 pgprot_t prot, struct page **pages)
156{ 156{
157 pgd_t *pgd; 157 pgd_t *pgd;
158 unsigned long next; 158 unsigned long next;
159 unsigned long addr = start;
159 int err = 0; 160 int err = 0;
160 int nr = 0; 161 int nr = 0;
161 162
@@ -167,7 +168,7 @@ static int vmap_page_range(unsigned long addr, unsigned long end,
167 if (err) 168 if (err)
168 break; 169 break;
169 } while (pgd++, addr = next, addr != end); 170 } while (pgd++, addr = next, addr != end);
170 flush_cache_vmap(addr, end); 171 flush_cache_vmap(start, end);
171 172
172 if (unlikely(err)) 173 if (unlikely(err))
173 return err; 174 return err;
diff --git a/net/socket.c b/net/socket.c
index 2c730fc718ab..06603d73c411 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -1313,13 +1313,7 @@ asmlinkage long sys_socketpair(int family, int type, int protocol,
1313 goto out_fd1; 1313 goto out_fd1;
1314 } 1314 }
1315 1315
1316 err = audit_fd_pair(fd1, fd2); 1316 audit_fd_pair(fd1, fd2);
1317 if (err < 0) {
1318 fput(newfile1);
1319 fput(newfile2);
1320 goto out_fd;
1321 }
1322
1323 fd_install(fd1, newfile1); 1317 fd_install(fd1, newfile1);
1324 fd_install(fd2, newfile2); 1318 fd_install(fd2, newfile2);
1325 /* fd1 and fd2 may be already another descriptors. 1319 /* fd1 and fd2 may be already another descriptors.
@@ -1349,7 +1343,6 @@ out_fd2:
1349out_fd1: 1343out_fd1:
1350 put_filp(newfile2); 1344 put_filp(newfile2);
1351 sock_release(sock2); 1345 sock_release(sock2);
1352out_fd:
1353 put_unused_fd(fd1); 1346 put_unused_fd(fd1);
1354 put_unused_fd(fd2); 1347 put_unused_fd(fd2);
1355 goto out; 1348 goto out;
@@ -2065,9 +2058,7 @@ asmlinkage long sys_socketcall(int call, unsigned long __user *args)
2065 if (copy_from_user(a, args, nargs[call])) 2058 if (copy_from_user(a, args, nargs[call]))
2066 return -EFAULT; 2059 return -EFAULT;
2067 2060
2068 err = audit_socketcall(nargs[call] / sizeof(unsigned long), a); 2061 audit_socketcall(nargs[call] / sizeof(unsigned long), a);
2069 if (err)
2070 return err;
2071 2062
2072 a0 = a[0]; 2063 a0 = a[0];
2073 a1 = a[1]; 2064 a1 = a[1];
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 343c8ab14af0..c65e4fe4a0f1 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -2602,7 +2602,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
2602 case AUDIT_OBJ_ROLE: 2602 case AUDIT_OBJ_ROLE:
2603 case AUDIT_OBJ_TYPE: 2603 case AUDIT_OBJ_TYPE:
2604 /* only 'equals' and 'not equals' fit user, role, and type */ 2604 /* only 'equals' and 'not equals' fit user, role, and type */
2605 if (op != AUDIT_EQUAL && op != AUDIT_NOT_EQUAL) 2605 if (op != Audit_equal && op != Audit_not_equal)
2606 return -EINVAL; 2606 return -EINVAL;
2607 break; 2607 break;
2608 case AUDIT_SUBJ_SEN: 2608 case AUDIT_SUBJ_SEN:
@@ -2736,10 +2736,10 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule,
2736 case AUDIT_SUBJ_USER: 2736 case AUDIT_SUBJ_USER:
2737 case AUDIT_OBJ_USER: 2737 case AUDIT_OBJ_USER:
2738 switch (op) { 2738 switch (op) {
2739 case AUDIT_EQUAL: 2739 case Audit_equal:
2740 match = (ctxt->user == rule->au_ctxt.user); 2740 match = (ctxt->user == rule->au_ctxt.user);
2741 break; 2741 break;
2742 case AUDIT_NOT_EQUAL: 2742 case Audit_not_equal:
2743 match = (ctxt->user != rule->au_ctxt.user); 2743 match = (ctxt->user != rule->au_ctxt.user);
2744 break; 2744 break;
2745 } 2745 }
@@ -2747,10 +2747,10 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule,
2747 case AUDIT_SUBJ_ROLE: 2747 case AUDIT_SUBJ_ROLE:
2748 case AUDIT_OBJ_ROLE: 2748 case AUDIT_OBJ_ROLE:
2749 switch (op) { 2749 switch (op) {
2750 case AUDIT_EQUAL: 2750 case Audit_equal:
2751 match = (ctxt->role == rule->au_ctxt.role); 2751 match = (ctxt->role == rule->au_ctxt.role);
2752 break; 2752 break;
2753 case AUDIT_NOT_EQUAL: 2753 case Audit_not_equal:
2754 match = (ctxt->role != rule->au_ctxt.role); 2754 match = (ctxt->role != rule->au_ctxt.role);
2755 break; 2755 break;
2756 } 2756 }
@@ -2758,10 +2758,10 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule,
2758 case AUDIT_SUBJ_TYPE: 2758 case AUDIT_SUBJ_TYPE:
2759 case AUDIT_OBJ_TYPE: 2759 case AUDIT_OBJ_TYPE:
2760 switch (op) { 2760 switch (op) {
2761 case AUDIT_EQUAL: 2761 case Audit_equal:
2762 match = (ctxt->type == rule->au_ctxt.type); 2762 match = (ctxt->type == rule->au_ctxt.type);
2763 break; 2763 break;
2764 case AUDIT_NOT_EQUAL: 2764 case Audit_not_equal:
2765 match = (ctxt->type != rule->au_ctxt.type); 2765 match = (ctxt->type != rule->au_ctxt.type);
2766 break; 2766 break;
2767 } 2767 }
@@ -2774,31 +2774,31 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule,
2774 field == AUDIT_OBJ_LEV_LOW) ? 2774 field == AUDIT_OBJ_LEV_LOW) ?
2775 &ctxt->range.level[0] : &ctxt->range.level[1]); 2775 &ctxt->range.level[0] : &ctxt->range.level[1]);
2776 switch (op) { 2776 switch (op) {
2777 case AUDIT_EQUAL: 2777 case Audit_equal:
2778 match = mls_level_eq(&rule->au_ctxt.range.level[0], 2778 match = mls_level_eq(&rule->au_ctxt.range.level[0],
2779 level); 2779 level);
2780 break; 2780 break;
2781 case AUDIT_NOT_EQUAL: 2781 case Audit_not_equal:
2782 match = !mls_level_eq(&rule->au_ctxt.range.level[0], 2782 match = !mls_level_eq(&rule->au_ctxt.range.level[0],
2783 level); 2783 level);
2784 break; 2784 break;
2785 case AUDIT_LESS_THAN: 2785 case Audit_lt:
2786 match = (mls_level_dom(&rule->au_ctxt.range.level[0], 2786 match = (mls_level_dom(&rule->au_ctxt.range.level[0],
2787 level) && 2787 level) &&
2788 !mls_level_eq(&rule->au_ctxt.range.level[0], 2788 !mls_level_eq(&rule->au_ctxt.range.level[0],
2789 level)); 2789 level));
2790 break; 2790 break;
2791 case AUDIT_LESS_THAN_OR_EQUAL: 2791 case Audit_le:
2792 match = mls_level_dom(&rule->au_ctxt.range.level[0], 2792 match = mls_level_dom(&rule->au_ctxt.range.level[0],
2793 level); 2793 level);
2794 break; 2794 break;
2795 case AUDIT_GREATER_THAN: 2795 case Audit_gt:
2796 match = (mls_level_dom(level, 2796 match = (mls_level_dom(level,
2797 &rule->au_ctxt.range.level[0]) && 2797 &rule->au_ctxt.range.level[0]) &&
2798 !mls_level_eq(level, 2798 !mls_level_eq(level,
2799 &rule->au_ctxt.range.level[0])); 2799 &rule->au_ctxt.range.level[0]));
2800 break; 2800 break;
2801 case AUDIT_GREATER_THAN_OR_EQUAL: 2801 case Audit_ge:
2802 match = mls_level_dom(level, 2802 match = mls_level_dom(level,
2803 &rule->au_ctxt.range.level[0]); 2803 &rule->au_ctxt.range.level[0]);
2804 break; 2804 break;
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 1b5551dfc1f7..848212fd4845 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -2492,7 +2492,7 @@ static int smack_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
2492 if (field != AUDIT_SUBJ_USER && field != AUDIT_OBJ_USER) 2492 if (field != AUDIT_SUBJ_USER && field != AUDIT_OBJ_USER)
2493 return -EINVAL; 2493 return -EINVAL;
2494 2494
2495 if (op != AUDIT_EQUAL && op != AUDIT_NOT_EQUAL) 2495 if (op != Audit_equal && op != Audit_not_equal)
2496 return -EINVAL; 2496 return -EINVAL;
2497 2497
2498 *rule = smk_import(rulestr, 0); 2498 *rule = smk_import(rulestr, 0);
@@ -2556,9 +2556,9 @@ static int smack_audit_rule_match(u32 secid, u32 field, u32 op, void *vrule,
2556 * both pointers will point to the same smack_known 2556 * both pointers will point to the same smack_known
2557 * label. 2557 * label.
2558 */ 2558 */
2559 if (op == AUDIT_EQUAL) 2559 if (op == Audit_equal)
2560 return (rule == smack); 2560 return (rule == smack);
2561 if (op == AUDIT_NOT_EQUAL) 2561 if (op == Audit_not_equal)
2562 return (rule != smack); 2562 return (rule != smack);
2563 2563
2564 return 0; 2564 return 0;
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-01 21:20:39 -0500