1. 20 Mar, 2006 8 commits
    • Amy Griffis's avatar
      [PATCH] Pass dentry, not just name, in fsnotify creation hooks. · f38aa942
      Amy Griffis authored
      The audit hooks (to be added shortly) will want to see dentry->d_inode
      too, not just the name.
      Signed-off-by: default avatarAmy Griffis <amy.griffis@hp.com>
      Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
    • Steve Grubb's avatar
      [PATCH] Define new range of userspace messages. · 90d526c0
      Steve Grubb authored
      The attached patch updates various items for the new user space
      messages. Please apply.
      Signed-off-by: default avatarSteve Grubb <sgrubb@redhat.com>
      Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
    • Dustin Kirkland's avatar
      [PATCH] Filter rule comparators · b63862f4
      Dustin Kirkland authored
      Currently, audit only supports the "=" and "!=" operators in the -F
      filter rules.
      This patch reworks the support for "=" and "!=", and adds support
      for ">", ">=", "<", and "<=".
      This turned out to be a pretty clean, and simply process.  I ended up
      using the high order bits of the "field", as suggested by Steve and Amy.
      This allowed for no changes whatsoever to the netlink communications.
      See the documentation within the patch in the include/linux/audit.h
      area, where there is a table that explains the reasoning of the bitmask
      assignments clearly.
      The patch adds a new function, audit_comparator(left, op, right).
      This function will perform the specified comparison (op, which defaults
      to "==" for backward compatibility) between two values (left and right).
      If the negate bit is on, it will negate whatever that result was.  This
      value is returned.
      Signed-off-by: default avatarDustin Kirkland <dustin.kirkland@us.ibm.com>
      Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
    • Randy Dunlap's avatar
      [PATCH] AUDIT: kerneldoc for kernel/audit*.c · b0dd25a8
      Randy Dunlap authored
      - add kerneldoc for non-static functions;
      - don't init static data to 0;
      - limit lines to < 80 columns;
      - fix long-format style;
      - delete whitespace at end of some lines;
      (chrisw: resend and update to current audit-2.6 tree)
      Signed-off-by: default avatarRandy Dunlap <rdunlap@xenotime.net>
      Signed-off-by: default avatarChris Wright <chrisw@osdl.org>
      Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
    • Jason Baron's avatar
      [PATCH] make vm86 call audit_syscall_exit · 7e7f8a03
      Jason Baron authored
      The motivation behind the patch below was to address messages in
      /var/log/messages such as:
      Jan 31 10:54:15 mets kernel: audit(:0): major=252 name_count=0: freeing
      multiple contexts (1)
      Jan 31 10:54:15 mets kernel: audit(:0): major=113 name_count=0: freeing
      multiple contexts (2)
      I can reproduce by running 'get-edid' from:
      These messages come about in the log b/c the vm86 calls do not exit via
      the normal system call exit paths and thus do not call
      'audit_syscall_exit'. The next system call will then free the context for
      itself and for the vm86 context, thus generating the above messages. This
      patch addresses the issue by simply adding a call to 'audit_syscall_exit'
      from the vm86 code.
      Besides fixing the above error messages the patch also now allows vm86
      system calls to become auditable. This is useful since strace does not
      appear to properly record the return values from sys_vm86.
      I think this patch is also a step in the right direction in terms of
      cleaning up some core auditing code. If we can correct any other paths
      that do not properly call the audit exit and entries points, then we can
      also eliminate the notion of context chaining.
      I've tested this patch by verifying that the log messages no longer
      appear, and that the audit records for sys_vm86 appear to be correct.
      Also, 'read_edid' produces itentical output.
      Signed-off-by: default avatarJason Baron <jbaron@redhat.com>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
    • Linus Torvalds's avatar
      Linux 2.6.16 · 7705a879
      Linus Torvalds authored
    • Andrea Arcangeli's avatar
      [PATCH] Remove obsolete CREDITS address · 2be1aaf9
      Andrea Arcangeli authored
      This address is going to be obsolete, so I should update it.
    • Linus Torvalds's avatar
      Merge branch 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus · 46571909
      Linus Torvalds authored
      * 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus:
        [MIPS] SB1: Check for -mno-sched-prolog if building corelis debug kernel.
        [MIPS] Sibyte: Fix race in sb1250_gettimeoffset().
        [MIPS] Sibyte: Fix interrupt timer off by one bug.
        [MIPS] Sibyte: Fix M_SCD_TIMER_INIT and M_SCD_TIMER_CNT wrong field width.
        [MIPS] Protect more of timer_interrupt() by xtime_lock.
        [MIPS] Work around bad code generation for <asm/io.h>.
        [MIPS] Simple patch to power off DBAU1200
        [MIPS] Fix DBAu1550 software power off.
        [MIPS] local_r4k_flush_cache_page fix
        [MIPS] SB1: Fix interrupt disable hazard.
        [MIPS] Get rid of the IP22-specific code in arclib.
        Update MAINTAINERS entry for MIPS.
  2. 19 Mar, 2006 2 commits
    • Michael Chan's avatar
      [TG3]: 40-bit DMA workaround part 2 · 4a29cc2e
      Michael Chan authored
      The 40-bit DMA workaround recently implemented for 5714, 5715, and
      5780 needs to be expanded because there may be other tg3 devices
      behind the EPB Express to PCIX bridge in the 5780 class device.
      For example, some 4-port card or mother board designs have 5704 behind
      the 5714.
      All devices behind the EPB require the 40-bit DMA workaround.
      Thanks to Chris Elmquist again for reporting the problem and testing
      the patch.
      Signed-off-by: default avatarMichael Chan <mchan@broadcom.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    • Ralf Baechle DL5RB's avatar
      [AX.25]: Fix potencial memory hole. · c7c694d1
      Ralf Baechle DL5RB authored
      If the AX.25 dialect chosen by the sysadmin is set to DAMA master / 3
      (or DAMA slave / 2, if CONFIG_AX25_DAMA_SLAVE=n) ax25_kick() will fall
      through the switch statement without calling ax25_send_iframe() or any
      other function that would eventually free skbn thus leaking the packet.
      Fix by restricting the sysctl inferface to allow only actually supported
      AX.25 dialects.
      The system administration mistake needed for this to happen is rather
      unlikely, so this is an uncritical hole.
      Coverity #651.
      Signed-off-by: default avatarRalf Baechle DL5RB <ralf@linux-mips.org>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
  3. 18 Mar, 2006 16 commits
  4. 17 Mar, 2006 14 commits