aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* [NET] Generalise TCP's struct open_request minisock infrastructureArnaldo Carvalho de Melo2005-06-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Kept this first changeset minimal, without changing existing names to ease peer review. Basicaly tcp_openreq_alloc now receives the or_calltable, that in turn has two new members: ->slab, that replaces tcp_openreq_cachep ->obj_size, to inform the size of the openreq descendant for a specific protocol The protocol specific fields in struct open_request were moved to a class hierarchy, with the things that are common to all connection oriented PF_INET protocols in struct inet_request_sock, the TCP ones in tcp_request_sock, that is an inet_request_sock, that is an open_request. I.e. this uses the same approach used for the struct sock class hierarchy, with sk_prot indicating if the protocol wants to use the open_request infrastructure by filling in sk_prot->rsk_prot with an or_calltable. Results? Performance is improved and TCP v4 now uses only 64 bytes per open request minisock, down from 96 without this patch :-) Next changeset will rename some of the structs, fields and functions mentioned above, struct or_calltable is way unclear, better name it struct request_sock_ops, s/struct open_request/struct request_sock/g, etc. Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SLAB] Introduce kmem_cache_nameArnaldo Carvalho de Melo2005-06-19
| | | | | | | | | This is for use with slab users that pass a dynamically allocated slab name in kmem_cache_create, so that before destroying the slab one can retrieve the name and free its memory. Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC] Use NLMSG_LENGTH in xfrm_exp_state_notifyJamal Hadi Salim2005-06-19
| | | | | | | | Small fixup to use netlink macros instead of hardcoding. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC] Fix xfrm_state leaks in error pathPatrick McHardy2005-06-19
| | | | | | | | | | | | | | | | | | | | Herbert Xu wrote: > @@ -1254,6 +1326,7 @@ static int pfkey_add(struct sock *sk, st > if (IS_ERR(x)) > return PTR_ERR(x); > > + xfrm_state_hold(x); This introduces a leak when xfrm_state_add()/xfrm_state_update() fail. We hold two references (one from xfrm_state_alloc(), one from xfrm_state_hold()), but only drop one. We need to take the reference because the reference from xfrm_state_alloc() can be dropped by __xfrm_state_delete(), so the fix is to drop both references on error. Same problem in xfrm_user.c. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
* [IPSEC] Use XFRM_MSG_* instead of XFRM_SAP_*Herbert Xu2005-06-19
| | | | | | | | | | This patch removes XFRM_SAP_* and converts them over to XFRM_MSG_*. The netlink interface is meant to map directly onto the underlying xfrm subsystem. Therefore rather than using a new independent representation for the events we can simply use the existing ones from xfrm_user. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [IPSEC] Set byid for km_event in xfrm_get_policyHerbert Xu2005-06-19
| | | | | | | | This patch fixes policy deletion in xfrm_user so that it sets km_event.data.byid. This puts xfrm_user on par with what af_key does in this case. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [IPSEC] Turn km_event.data into a unionHerbert Xu2005-06-19
| | | | | | | This patch turns km_event.data into a union. This makes code that uses it clearer. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [IPSEC] Fix xfrm to pfkey SA state conversionHerbert Xu2005-06-19
| | | | | | | | | | | | | This patch adjusts the SA state conversion in af_key such that XFRM_STATE_ERROR/XFRM_STATE_DEAD will be converted to SADB_STATE_DEAD instead of SADB_STATE_DYING. According to RFC 2367, SADB_STATE_DYING SAs can be turned into mature ones through updating their lifetime settings. Since SAs which are in the states XFRM_STATE_ERROR/XFRM_STATE_DEAD cannot be resurrected, this value is unsuitable. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [IPSEC] Kill spurious hard expire messagesHerbert Xu2005-06-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch ensures that the hard state/policy expire notifications are only sent when the state/policy is successfully removed from their respective tables. As it is, it's possible for a state/policy to both expire through reaching a hard limit, as well as being deleted by the user. Note that this behaviour isn't actually forbidden by RFC 2367. However, it is a quality of implementation issue. As an added bonus, the restructuring in this patch will help eventually in moving the expire notifications from softirq context into process context, thus improving their reliability. One important side-effect from this change is that SAs reaching their hard byte/packet limits are now deleted immediately, just like SAs that have reached their hard time limits. Previously they were announced immediately but only deleted after 30 seconds. This is bad because it prevents the system from issuing an ACQUIRE command until the existing state was deleted by the user or expires after the time is up. In the scenario where the expire notification was lost this introduces a 30 second delay into the system for no good reason. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* [IPSEC] Add complete xfrm event notificationJamal Hadi Salim2005-06-19
| | | | | | | | | | | | | Heres the final patch. What this patch provides - netlink xfrm events - ability to have events generated by netlink propagated to pfkey and vice versa. - fixes the acquire lets-be-happy-with-one-success issue Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Merge master.kernel.org:/home/rmk/linux-2.6-armLinus Torvalds2005-06-18
|\
| * Merge with ../linux-2.6-smpRussell King2005-06-18
| |\
| | * [PATCH] ARM SMP: Fix vector entryRussell King2005-05-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current vector entry system does not allow for SMP. In order to work around this, we need to eliminate our reliance on the fixed save areas, which breaks the way we enable alignment traps. This patch changes the way we handle the save areas such that we can have one per CPU. Signed-off-by: Russell King <rmk@arm.linux.org.uk>
| | * [PATCH] ARM SMP: convert alignment enableRussell King2005-05-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The current vector entry system does not allow for SMP. In order to work around this, we need to eliminate our reliance on the fixed save areas, which breaks the way we enable alignment traps. This patch makes the alignment trap enable code independent of the way we handle the save areas. Signed-off-by: Russell King <rmk@arm.linux.org.uk>
| | * [PATCH] ARM SMP: add IPI supportRussell King2005-05-21
| | | | | | | | | | | | | | | | | | | | | Add support for inter-processor interrupts to the main IRQ handling code. Signed-off-by: Russell King <rmk@arm.linux.org.uk>
| | * [PATCH] ARM SMP: reallocate main IRQ handler code registersRussell King2005-05-21
| | | | | | | | | | | | | | | | | | | | | By changing r9 -> r8 and r8 to 'tsk' (r9) we are able to remove one instruction from the preempt path. Signed-off-by: Russell King <rmk@arm.linux.org.uk>
| | * [PATCH] ARM SMP: consolidate main IRQ handler codeRussell King2005-05-21
| | | | | | | | | | | | Signed-off-by: Russell King <rmk@arm.linux.org.uk>
* | | Merge master.kernel.org:/pub/scm/linux/kernel/git/dwmw2/audit-2.6Linus Torvalds2005-06-18
|\ \ \
| * | | Merge with master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6.gitDavid Woodhouse2005-06-18
| |\| |
| * | | Merge with master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6.gitDavid Woodhouse2005-06-02
| |\ \ \
| * | | | AUDIT: Fix user pointer deref thinko in sys_socketcall().David Woodhouse2005-06-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I cunningly put the audit call immediately after the copy_from_user().... but used the _userspace_ copy of the args still. Let's not do that. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | AUDIT: Record working directory when syscall arguments are pathnamesDavid Woodhouse2005-05-27
| | | | | | | | | | | | | | | | | | | | Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | AUDIT: Defer freeing aux items until audit_free_context()David Woodhouse2005-05-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While they were all just simple blobs it made sense to just free them as we walked through and logged them. Now that there are pointers to other objects which need refcounting, we might as well revert to _only_ logging them in audit_log_exit(), and put the code to free them properly in only one place -- in audit_free_aux(). Signed-off-by: David Woodhouse <dwmw2@infradead.org> ----------------------------------------------------------
| * | | | AUDIT: Fix remaining cases of direct logging of untrusted strings by avc_auditStephen Smalley2005-05-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Per Steve Grubb's observation that there are some remaining cases where avc_audit() directly logs untrusted strings without escaping them, here is a patch that changes avc_audit() to use audit_log_untrustedstring() or audit_log_hex() as appropriate. Note that d_name.name is nul- terminated by d_alloc(), and that sun_path is nul-terminated by unix_mkname(), so it is not necessary for the AVC to create nul- terminated copies or to alter audit_log_untrustedstring to take a length argument. In the case of an abstract name, we use audit_log_hex() with an explicit length. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | AUDIT: Escape comm when logging task infoDavid Woodhouse2005-05-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It comes from the user; it needs to be escaped. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | AUDIT: Unify auid reporting, put arch before syscall numberDavid Woodhouse2005-05-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These changes make processing of audit logs easier. Based on a patch from Steve Grubb <sgrubb@redhat.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | AUDIT: Assign serial number to non-syscall messagesDavid Woodhouse2005-05-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Move audit_serial() into audit.c and use it to generate serial numbers on messages even when there is no audit context from syscall auditing. This allows us to disambiguate audit records when more than one is generated in the same millisecond. Based on a patch by Steve Grubb after he observed the problem. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | Fix oops due to thinko in avc_audit()David Woodhouse2005-05-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When I added the logging of pid= and comm= back to avc_audit() I screwed it up. Put it back how it should be. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | AUDIT: Fix inconsistent use of loginuid vs. auid, signed vs. unsigned Steve Grubb2005-05-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The attached patch changes all occurrences of loginuid to auid. It also changes everything to %u that is an unsigned type. Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | AUDIT: Fix AVC_USER message passing.Steve Grubb2005-05-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The original AVC_USER message wasn't consolidated with the new range of user messages. The attached patch fixes the kernel so the old messages work again. Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | AUDIT: Avoid sleeping function in SElinux AVC audit.Stephen Smalley2005-05-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch changes the SELinux AVC to defer logging of paths to the audit framework upon syscall exit, by saving a reference to the (dentry,vfsmount) pair in an auxiliary audit item on the current audit context for processing by audit_log_exit. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | AUDIT: Honour audit_backlog_limit again.David Woodhouse2005-05-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The limit on the number of outstanding audit messages was inadvertently removed with the switch to queuing skbs directly for sending by a kernel thread. Put it back again. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | Merge with master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6.gitDavid Woodhouse2005-05-19
| |\ \ \ \
| * | | | | AUDIT: Quis Custodiet Ipsos Custodes?David Woodhouse2005-05-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Nobody does. Really, it gets very silly if auditd is recording its own actions. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | Restore logging of pid= and comm= in AVC audit messagesDavid Woodhouse2005-05-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We turned this all off because the 'exe=' was causing deadlocks on dcache_lock. There's no need to leave the pid and comm out though. They'll all be logged correctly if full auditing is enabled, but we should still print them in case auditing _isn't_ enabled. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | AUDIT: Send netlink messages from a separate kernel threadDavid Woodhouse2005-05-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | netlink_unicast() will attempt to reallocate and will free messages if the socket's rcvbuf limit is reached unless we give it an infinite timeout. So do that, from a kernel thread which is dedicated to spewing stuff up the netlink socket. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | AUDIT: Clean up logging of untrusted stringsSteve Grubb2005-05-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * If vsnprintf returns -1, it will mess up the sk buffer space accounting. This is fixed by not calling skb_put with bogus len values. * audit_log_hex was a loop that called audit_log_vformat with %02X for each character. This is very inefficient since conversion from unsigned character to Ascii representation is essentially masking, shifting, and byte lookups. Also, the length of the converted string is well known - it's twice the original. Fixed by rewriting the function. * audit_log_untrustedstring had no comments. This makes it hard for someone to understand what the string format will be. * audit_log_d_path was never fixed to use untrustedstring. This could mess up user space parsers. This was fixed to make a temp buffer, call d_path, and log temp buffer using untrustedstring. From: Steve Grubb <sgrubb@redhat.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | AUDIT: Treat all user messages identically.David Woodhouse2005-05-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's silly to have to add explicit entries for new userspace messages as we invent them. Just treat all messages in the user range the same. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | AUDIT: Capture sys_socketcall arguments and sockaddrs David Woodhouse2005-05-17
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | Merge with master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6.gitDavid Woodhouse2005-05-17
| |\ \ \ \ \
| * | | | | | AUDIT: fix max_t thinko.David Woodhouse2005-05-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Der... if you use max_t it helps if you give it a type. Note to self: Always just apply the tested patches, don't try to port them by hand. You're not clever enough. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | | AUDIT: Fix some spelling errorsSteve Grubb2005-05-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I'm going through the kernel code and have a patch that corrects several spelling errors in comments. From: Steve Grubb <sgrubb@redhat.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | | AUDIT: Add message types to audit recordsSteve Grubb2005-05-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds more messages types to the audit subsystem so that audit analysis is quicker, intuitive, and more useful. Signed-off-by: Steve Grubb <sgrubb@redhat.com> --- I forgot one type in the big patch. I need to add one for user space originating SE Linux avc messages. This is used by dbus and nscd. -Steve --- Updated to 2.6.12-rc4-mm1. -dwmw2 Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | | AUDIT: Round up audit skb expansion to AUDIT_BUFSIZ.David Woodhouse2005-05-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Otherwise, we will be repeatedly reallocating, even if we're only adding a few bytes at a time. Pointed out by Steve Grubb. Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | | Add missing asm-ppc/seccomp.h. Must learn to use git properly.David Woodhouse2005-05-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | | Add audit_log_typeChris Wright2005-05-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add audit_log_type to allow callers to specify type and pid when logging. Convert audit_log to wrapper around audit_log_type. Could have converted all audit_log callers directly, but common case is default of type AUDIT_KERNEL and pid 0. Update audit_log_start to take type and pid values when creating a new audit_buffer. Move sequences that did audit_log_start, audit_log_format, audit_set_type, audit_log_end, to simply call audit_log_type directly. This obsoletes audit_set_type and audit_set_pid, so remove them. Signed-off-by: Chris Wright <chrisw@osdl.org> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | | Move ifdef CONFIG_AUDITSYSCALL to headerChris Wright2005-05-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove code conditionally dependent on CONFIG_AUDITSYSCALL from audit.c. Move these dependencies to audit.h with the rest. Signed-off-by: Chris Wright <chrisw@osdl.org> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | | Audit requires CONFIG_NETChris Wright2005-05-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Audit now actually requires netlink. So make it depend on CONFIG_NET, and remove the inline dependencies on CONFIG_NET. Signed-off-by: Chris Wright <chrisw@osdl.org> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | | AUDIT: Properly account for alignment difference in nlmsg_len.Chris Wright2005-05-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Wright <chrisw@osdl.org> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
| * | | | | | AUDIT: Fix abuse of va_args. David Woodhouse2005-05-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We're not allowed to use args twice; we need to use va_copy. Signed-off-by: David Woodhouse <dwmw2@infradead.org>