Here is another post of vfs based union mount implementation.
Union mount provides the filesytem namespace unification feature.
Unlike the traditional mounts which hide the contents of the mount point,
the union mount presents the merged view of the mount point and the
mounted filesytem.
These
From: Bharata B Rao <[EMAIL PROTECTED]>
Subject: Add union mount documentation.
This is an attempt to document some of the implementation details
and issues of union mount.
Signed-off-by: Bharata B Rao <[EMAIL PROTECTED]>
Signed-off-by: Jan Blunck <[EMAIL PROTECTED]>
---
From: Jan Blunck <[EMAIL PROTECTED]>
Subject: Add a new mount flag (MNT_UNION) for union mount.
Introduce MNT_UNION, MS_UNION and FS_WHT flags. There are the necessary flags
for doing
mount /dev/hda3 /mnt -o union
You need additional patches for util-linux for that to work.
Signed-off-by:
From: Jan Blunck <[EMAIL PROTECTED]>
Subject: Add the whiteout file type
A white-out stops the VFS from further lookups of the white-outs name and
returns -ENOENT. This is the same behaviour as if the filename isn't
found. This can be used in combination with union mounts to virtually
delete
From: Jan Blunck <[EMAIL PROTECTED]>
Subject: Add config options for union mount
Introduces two new config options for union mount:
CONFIG_UNION_MOUNT - Enables union mount
CONFIG_UNION_MOUNT_DEBUG - Enables debugging support for union mount.
Also adds debugging routines.
FIXME: this needs
From: Jan Blunck <[EMAIL PROTECTED]>
Subject: Introduce union stack.
Adds union stack infrastructure to the dentry structure and provides
locking routines to walk the union stack.
Signed-off-by: Jan Blunck <[EMAIL PROTECTED]>
Signed-off-by: Bharata B Rao <[EMAIL PROTECTED]>
---
fs/Makefile
From: Jan Blunck <[EMAIL PROTECTED]>
Subject: Union-mount dentry reference counting
dget is modified to walk the union stack taking reference on every
dentry that is part of the union stack. This is necessary to ensure that
parts of union stack don't go away from under us. Since dget() takes a
At Sat, 12 May 2007 20:29:20 +0200 (MEST),
Richard Knutsson wrote:
>
> if (!x) kfree(x); is not needed since kfree(NULL) is valid.
>
> Signed-off-by: Richard Knutsson <[EMAIL PROTECTED]>
> ---
> Compile-tested with all(yes|mod|no)config on x86(|_64) & sparc(|64)
> Diffed against Linus' git-tree.
From: Jan Blunck <[EMAIL PROTECTED]>
Subject: Union-mount mounting
Adds union mount support to mount() and umount() system calls.
Sets up the union stack during mount and destroys it during unmount.
TODO: bind and move mounts aren't yet supported with union mounts.
Signed-off-by: Jan Blunck
From: Jan Blunck <[EMAIL PROTECTED]>
Subject: Union-mount lookup
Modifies the vfs lookup routines to work with union mounted directories.
The existing lookup routines generally lookup for a pathname only in the
topmost or given directory. The changed versions of the lookup routines
search for
Hi,
On 5/13/07, James Bottomley <[EMAIL PROTECTED]> wrote:
On Sun, 2007-05-13 at 11:10 -0500, James Bottomley wrote:
> > - depends on SCSI
> > + depends on SCSI_SCAN_ASYNC
This is incorrect, alright, but not because of any of the reasons James
mentions below.
The only reason why some
From: Bharata B Rao <[EMAIL PROTECTED]>
Subject: Union mount readdir
This modifies the readdir()/getdents() routines to read directory
entries from toplevel and the lower directories of a union and present
a merged view.
The directory entries are read starting from the top layer and they
are
From: Jan Blunck <[EMAIL PROTECTED]>
Subject: In-kernel file copy between union mounted filesystems
This patch introduces in-kernel file copy between union mounted
filesystems. When a file is opened for writing but resides on a lower (thus
read-only) layer of the union stack it is copied to the
From: Jan Blunck <[EMAIL PROTECTED]>
Subject: VFS whiteout handling
Introduce white-out handling in the VFS.
Signed-off-by: Jan Blunck <[EMAIL PROTECTED]>
Signed-off-by: Bharata B Rao <[EMAIL PROTECTED]>
---
fs/inode.c| 17 +
fs/namei.c| 476
From: Jan Blunck <[EMAIL PROTECTED]>
Subject: ext2 whiteout support
Introduce whiteout support to ext2.
Signed-off-by: Jan Blunck <[EMAIL PROTECTED]>
Signed-off-by: Bharata B Rao <[EMAIL PROTECTED]>
---
fs/ext2/dir.c |2 ++
fs/ext2/namei.c | 17 +
From: Bharata B Rao <[EMAIL PROTECTED]>
Subject: ext3 whiteout support
Introduce whiteout support for ext3.
Signed-off-by: Bharata B Rao <[EMAIL PROTECTED]>
Signed-off-by: Jan Blunck <[EMAIL PROTECTED]>
---
fs/ext3/dir.c |2 -
fs/ext3/namei.c | 62
From: Jan Blunck <[EMAIL PROTECTED]>
Subject: tmpfs whiteout support
Introduce whiteout support to tmpfs.
Signed-off-by: Jan Blunck <[EMAIL PROTECTED]>
Signed-off-by: Bharata B Rao <[EMAIL PROTECTED]>
---
mm/shmem.c |9 -
1 files changed, 8 insertions(+), 1 deletion(-)
---
"Remove hardcoding of hard_smp_processor_id on UP systems",
2f4dfe206a2fc07099dfad77a8ea2f4b4ae2140f in Linus' tree, moved
the definition of hard_smp_processor_id linux/smp.h to asm/smp.h
for UP systems. This causes a regression on Alpha.
cc1: warnings being treated as errors
On 5/14/07, Satyam Sharma <[EMAIL PROTECTED]> wrote:
[...]
config SCSI_WAIT_SCAN
tristate
- default m
- depends on SCSI
- depends on MODULES
+ default m if SCSI=m
+ default n
Note that this also means SCSI_WAIT_SCAN=n (will not get compiled
and built even
Russell King wrote:
> On Mon, May 14, 2007 at 11:22:04AM +0300, Mike Rapoport wrote:
>> The PXA MMC controller does not compile for PXA27x after MMC
>> reorganization, because it uses protocol defines to implement HW erratum
>> workaround (lines 232 - 247 of drivers/mmc/host/pxamci.c ).
>> The
On Monday, 14 May 2007 09:26, Gautham R Shenoy wrote:
> On Mon, May 14, 2007 at 11:48:46AM +0530, Srivatsa Vaddagiri wrote:
> >
> > The other complication get/put_hotcpu() had was dealing with
> > write-followed-by-read lock attempt by the *same* thread (whilst doing
> > cpu_down/up). IIRC this
One of the "Section mismatch" warning message in modpost.c
is in wrong format. This patch fix it.
Signed-off-by: Li Yang <[EMAIL PROTECTED]>
---
scripts/mod/modpost.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
index
From: Dave Johnson <[EMAIL PROTECTED]>
Date: Sat, 12 May 2007 12:36:47 -0400
>
> While testing adding/deleting large numbers of interfaces, I found
> rt_run_flush() was the #1 cpu user in a kernel profile by far.
>
> The below patch changes rt_run_flush() to only take each spinlock
> protecting
I'm pleased to announce an updated version of the x86_64 highres/dyntick
support patches against 2.6.22-rc1:
To build a highres / dyntick enabled kernel for x86_64:
http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.21.tar.bz2
I'm testing the robustness of Xorg 1.3 server with intel 2.0 driver
by restarting the X and a set of apps every 30 seconds. After
about an hour this happened.
2.6.21-1.3116.ONELAN is the same as 2.6.21-1.3116 from FC7
but with the spec file change so that we can run the kernel on an FC4
system.
On Mon, May 14, 2007 at 02:03:58PM +0530, Srivatsa Vaddagiri wrote:
> I have been brooding over how fair clock is computed/used in
> CFS and thought I would ask the experts to avoid wrong guesses!
> As I understand, fair_clock is a monotonously increasing clock which
> advances at a pace
This patchset is designed to improve system responsiveness and interactivity.
It is configurable to any workload but the default -ck patch is aimed at the
desktop and -cks is available with more emphasis on serverspace.
Apply to 2.6.21
Philip Langdale wrote:
> @@ -806,11 +819,18 @@ static void sdhci_tasklet_card(unsigned long param)
> host->mrq->cmd->error = MMC_ERR_FAILED;
> tasklet_schedule(>finish_tasklet);
> }
> - }
>
> - spin_unlock_irqrestore(>lock, flags);
* William Lee Irwin III <[EMAIL PROTECTED]> wrote:
> On Mon, May 14, 2007 at 02:03:58PM +0530, Srivatsa Vaddagiri wrote:
> > I have been brooding over how fair clock is computed/used in
> > CFS and thought I would ask the experts to avoid wrong guesses!
> > As I understand, fair_clock is a
Hi!
> I have got a problem with Asus F3T notebook and 2.6.21.1 kernel. When I
> perform powerdown (with user-space app or alt+sysrq+o) I get "Power Down."
> message, but the notebook doesn't turn off. Everything is ok on 2.6.20.
>
> There seem to be no changes in acpi/sleep/poweroff.c so I don't
Hi Barry,
On 14/05/07, Barry Scott <[EMAIL PROTECTED]> wrote:
I'm testing the robustness of Xorg 1.3 server with intel 2.0 driver
by restarting the X and a set of apps every 30 seconds. After
about an hour this happened.
2.6.21-1.3116.ONELAN is the same as 2.6.21-1.3116 from FC7
but with the
from: Morten Banzon <[EMAIL PROTECTED]>
Adds the MCC2 device to the 8260 device_list.
signed-off-by: Morten Banzon <[EMAIL PROTECTED]>
---
diff -uprN linux-2.6.21.1.orig/arch/ppc/syslib/pq2_sys.c
linux-2.6.21.1/arch/ppc/syslib/pq2_sys.c
--- linux-2.6.21.1.orig/arch/ppc/syslib/pq2_sys.c
On 5/14/07, Bharata B Rao <[EMAIL PROTECTED]> wrote:
+/* This is a copy from fs/readdir.c */
+struct getdents_callback {
+ struct linux_dirent __user *current_dir;
+ struct linux_dirent __user *previous;
+ int count;
+ int error;
+};
This should go into a header file.
This patch fixes the following "Section mismatch" warnings when
build powerpc platforms.
-
WARNING: arch/powerpc/mm/built-in.o - Section mismatch: reference to
.init.text:early_get_page from .text between 'pte_alloc_one_kernel' (at offset
0xc68) and 'pte_alloc_one'
WARNING:
This patch fix the following Section mismatch warnings
in powerpc code.
WARNING: arch/powerpc/platforms/built-in.o - Section mismatch: reference to
.init.data:mv643xx_eth_pd_devs from .text between 'mv643xx_eth_add_pds' (at
offset 0x9ed2) and 'gg2_read_config'
WARNING:
Changes include:
- wmb+rmb != mb
- ->state folded into ->waiter
---
Subject: scalable rw_mutex
Scalable reader/writer lock.
Its scalable in that the read count is a percpu counter and the reader fast
path does not write to a shared cache-line.
Its not FIFO fair, but starvation proof by
On Mon, May 14, 2007 at 06:04:28PM +0800, Li Yang wrote:
> One of the "Section mismatch" warning message in modpost.c
> is in wrong format. This patch fix it.
Thanks.
I have another patch from Russell King that
fixes this and on top of that makes the warnings more
readable. So I will apply his
On Mon, May 14, 2007 at 02:03:58PM +0530, Srivatsa Vaddagiri wrote:
>>> I have been brooding over how fair clock is computed/used in
>>> CFS and thought I would ask the experts to avoid wrong guesses!
>>> As I understand, fair_clock is a monotonously increasing clock which
>>> advances at a
On Mon, May 14, 2007 at 06:53:32PM +0800, Li Yang wrote:
> This patch fixes the following "Section mismatch" warnings when
> build powerpc platforms.
>
> -
> WARNING: arch/powerpc/mm/built-in.o - Section mismatch: reference to
> .init.text:early_get_page from .text between
On Mon, May 14, 2007 at 12:43:43PM +0200, Carsten Otte wrote:
> On 5/14/07, Bharata B Rao <[EMAIL PROTECTED]> wrote:
> >+/* This is a copy from fs/readdir.c */
> >+struct getdents_callback {
> >+ struct linux_dirent __user *current_dir;
> >+ struct linux_dirent __user *previous;
> >+
* Srivatsa Vaddagiri <[EMAIL PROTECTED]> wrote:
> I have been brooding over how fair clock is computed/used in
> CFS and thought I would ask the experts to avoid wrong guesses!
hey, thanks for the interest :-)
> As I understand, fair_clock is a monotonously increasing clock which
>
On Mon, May 14, 2007 at 04:05:00AM -0700, William Lee Irwin III wrote:
> The variability in ->fair_clock advancement rate was the mistake, at
> least according to my way of thinking. The queue's virtual time clock
> effectively stops under sufficiently high load, possibly literally in
> the event
On Mon, May 14, 2007 at 04:05:00AM -0700, William Lee Irwin III wrote:
>> The variability in ->fair_clock advancement rate was the mistake, at
>> least according to my way of thinking. The queue's virtual time clock
>> effectively stops under sufficiently high load, possibly literally in
>> the
Philip,
Philip Langdale wrote:
Pierre has asked me to take a look implementing this. My first question is
whether
all card events are getting dropped on the floor, or just insertion ones. That
is
to say, if you have the card inserted when you load the module (which you say
makes the card
We cannot easily switch from file_permission() to vfs_permission()
everywhere, so fix file_permission() to not use a NULL nameidata
for the remaining users.
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
---
fs/namei.c |8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
---
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/xattr.c |2 +-
include/linux/security.h | 13 -
Create nameidata2 struct xattr_permission so that it does not pass NULL
to permission.
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
---
fs/xattr.c | 18 +-
1 file changed, 13 insertions(+), 5 deletions(-)
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -25,8 +25,16 @@
*
AppArmor uses lock subtyping to avoid false positives from lockdep. The
profile lock is often taken nested, but it is guaranteed to be in a lock
safe order and not the same lock when done, so it is safe.
A third lock type (aa_lock_task_release) is given to the profile lock
when it is taken in
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/attr.c|4 ++--
include/linux/security.h |8 ++--
Construct a nameidata object and pass it down to permission(), so
that we can do the proper mount flag checks there.
Note that confining nfsd with AppArmor makes no sense, and so this
patch is not necessary for AppArmor alone.
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
---
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/stat.c|2 +-
include/linux/security.h | 11 +++
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/namei.c |2 +-
include/linux/security.h |8 ++--
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/namei.c |6 --
include/linux/security.h | 18
The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/ecryptfs/inode.c |4 +++-
fs/namei.c
The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/ecryptfs/inode.c |9 +++--
fs/namei.c
The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/ecryptfs/inode.c |4 +++-
fs/namei.c |
Set the LOOKUP_CONTINUE flag when checking parent permissions. This allows
permission functions to tell between parent and leaf checks.
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
---
fs/namei.c |6 ++
1 file changed, 6 insertions(+)
--- a/fs/namei.c
+++ b/fs/namei.c
@@
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/xattr.c |4 ++--
include/linux/security.h | 40
The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/nfsd/vfs.c | 16 +++-
The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/ecryptfs/inode.c |7 ++-
fs/namei.c
lkml-explanatory.txt
--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
If we unhash the dentry before calling the security_inode_rmdir hook,
we cannot compute the file's pathname in the hook anymore. AppArmor
needs to know the filename in order to decide whether a file may be
deleted, though.
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
Signed-off-by: Andreas
The path that __d_path() computes can become slightly inconsistent when it
races with mount operations: it grabs the vfsmount_lock when traversing mount
points but immediately drops it again, only to re-grab it when it reaches the
next mount point. The result is that the filename computed is not
The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/ecryptfs/inode.c |5 -
fs/namei.c
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/namei.c |2 +-
include/linux/security.h | 12
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/namei.c |2 +-
include/linux/security.h |9 ++---
This allows LSMs to also distinguish between file descriptor and path
access for the xattr operations. (The other relevant operations are
covered by the setattr hook.)
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/xattr.c
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
---
security/Kconfig |1 +
security/Makefile |1 +
security/apparmor/Kconfig |3 ++-
3 files changed, 4 insertions(+), 1 deletion(-)
--- a/security/Kconfig
+++
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/namei.c |2 +-
include/linux/security.h |9 ++---
Struct iattr already contains ia_file since commit cc4e69de from
Miklos (which is related to commit befc649c). Use this to pass
struct file down the setattr hooks. This allows LSMs to distinguish
operations on file descriptors from operations on paths.
Signed-off-by: Andreas Gruenbacher <[EMAIL
Pathname matching, transition table loading, profile loading and
manipulation.
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
---
security/apparmor/match.c| 232
security/apparmor/match.h| 83
lkml-explanatory.txt
--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/namei.c |2 +-
include/linux/security.h | 12
The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/nfsd/vfs.c |7 ---
fs/xattr.c
The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/ecryptfs/inode.c |5 -
fs/namei.c |
First, when __d_path() hits a lazily unmounted mount point, it tries to prepend
the name of the lazily unmounted dentry to the path name. It gets this wrong,
and also overwrites the slash that separates the name from the following
pathname component. This patch fixes that; if a process was in
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/xattr.c |2 +-
include/linux/security.h | 12 +++-
Convert the selinux sysctl pathname computation code into a standalone
function.
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
include/linux/sysctl.h |2 ++
kernel/sysctl.c | 27 +++
Create a nameidata2 struct in nfsd and mqueue so that vfs_create does
need to conditionally pass the vfsmnt.
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
---
fs/namei.c|2 +-
fs/nfsd/vfs.c | 42 +-
ipc/mqueue.c |7 ++-
3 files
Required by a later patch that adds a struct vfsmount parameter to
notify_change().
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/ntfs/file.c |2 +-
fs/reiserfs/file.c
The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/nfsd/nfs4xdr.c |2 +-
fs/nfsd/vfs.c
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/xattr.c |2 +-
include/linux/security.h | 15
In AppArmor, we are interested in pathnames relative to the namespace root.
This is the same as d_path() except for the root where the search ends. Add
a function for computing the namespace-relative path.
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Reviewed-by: John Johansen <[EMAIL
The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/xattr.c| 25 ++---
Module parameters, LSM hooks, initialization and teardown.
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Index: b/security/apparmor/lsm.c
===
--- /dev/null
+++
All the things that didn't nicely fit in a category on their own: kbuild
code, declararions and inline functions, /sys/kernel/security/apparmor
filesystem for controlling apparmor from user space, profile list
functions, locking documentation, /proc/$pid/task/$tid/attr/current
access.
The vfsmount parameter must be set appropriately for files visibile
outside the kernel. Files that are only used in a filesystem (e.g.,
reiserfs xattr files) will have a NULL vfsmount.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
The vfsmount will be passed down to the LSM hook so that LSMs can compute
pathnames.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/ecryptfs/inode.c |3 ++-
fs/namei.c
Switch from file_permission() to vfs_permission() in sys_fchdir(): this
avoids calling permission() with a NULL nameidata here.
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
---
fs/open.c | 16 +++-
1 file changed, 7 insertions(+), 9 deletions(-)
--- a/fs/open.c
+++
The underlying functions by which the AppArmor LSM hooks are implemented.
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Index: b/security/apparmor/main.c
===
--- /dev/null
Signed-off-by: Alexey Dobriyan <[EMAIL PROTECTED]>
---
Please, fold into fix-rmmod-read-write-races-in-proc-entries.patch
This should address last review comment.
fs/proc/inode.c | 135 ++--
1 file changed, 54 insertions(+), 81 deletions(-)
Adds necessary export symbols for audit subsystem routines.
Changes audit_log_vformat to be externally visible (analagous to vprintf)
Patch is not in mainline -- pending AppArmor code submission to lkml
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/namei.c |2 +-
include/linux/security.h |7 +--
This is needed for computing pathnames in the AppArmor LSM.
Signed-off-by: Tony Jones <[EMAIL PROTECTED]>
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
Signed-off-by: John Johansen <[EMAIL PROTECTED]>
---
fs/namei.c |3 ++-
include/linux/security.h | 18
Switch from file_permission() to vfs_permission() in do_path_lookup():
this avoids calling permission() with a NULL nameidata here.
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]>
---
fs/namei.c | 13 ++---
1 file changed, 6 insertions(+), 7 deletions(-)
--- a/fs/namei.c
+++
On Mon, May 14, 2007 at 12:59:10PM +0200, Peter Zijlstra wrote:
> Changes include:
>
> - wmb+rmb != mb
> - ->state folded into ->waiter
>
> ---
> Subject: scalable rw_mutex
>
> Scalable reader/writer lock.
>
> Its scalable in that the read count is a percpu counter and the reader fast
> path
On Sun, 13 May 2007 23:01:51 + (UTC)
Bob Johnston <[EMAIL PROTECTED]> wrote:
> Stefan Richter s5r6.in-berlin.de> writes:
> > So why don't we simply say:
> >
> > - "Users of feature A are urged to migrate to alternative B."
> > - "Feature C will be removed in February 2038."
> >
> >
On Sun, May 13, 2007 at 11:59:47AM -0700, Andrew Morton wrote:
> Possibly we're saving the device's state when it is already partway or
> fully through the suspend process, dunno.
>
> What if you were to put code into pci_save_state() to detect when it reads
> an ox? Do a dump_stack()
Add a dependency for CONFIG_AF_RXRPC on CONFIG_INET. This fixes this error:
net/built-in.o: In function `rxrpc_get_peer':
(.text+0x42824): undefined reference to `ip_route_output_key'
Signed-off-by: David Howells <[EMAIL PROTECTED]>
---
net/rxrpc/Kconfig |2 +-
1 files changed, 1
Jan Engelhardt <[EMAIL PROTECTED]> wrote:
> net/built-in.o: In function `rxrpc_destroy_all_calls':
> (.exit.text+0x71d): undefined reference to `rxrpc_call_states'
> make: *** [.tmp_vmlinux1] Error 1
This is the problem:
# CONFIG_PROC_FS is not set
CONFIG_AF_RXRPC=y
David
-
To
601 - 700 of 1078 matches
Mail list logo