lwn.git/security/selinux/selinuxfs.c, branch v3.9-rc2 Linux kernel documentation tree maintained by Jonathan Corbet http://mirrors.hust.edu.cn/git/lwn.git/atom?h=v3.9-rc2 2013-02-23T04:31:31+00:00 new helper: file_inode(file) 2013-02-23T04:31:31+00:00 Al Viro viro@zeniv.linux.org.uk 2013-01-23T22:07:38+00:00 urn:sha1:496ad9aa8ef448058e36ca7a787c61f2e63f0f54 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> mm: kill vma flag VM_RESERVED and mm->reserved_vm counter 2012-10-09T07:22:19+00:00 Konstantin Khlebnikov khlebnikov@openvz.org 2012-10-08T23:29:02+00:00 urn:sha1:314e51b9851b4f4e8ab302243ff5a6fc6147f379 A long time ago, in v2.4, VM_RESERVED kept swapout process off VMA, currently it lost original meaning but still has some effects: | effect | alternative flags -+------------------------+--------------------------------------------- 1| account as reserved_vm | VM_IO 2| skip in core dump | VM_IO, VM_DONTDUMP 3| do not merge or expand | VM_IO, VM_DONTEXPAND, VM_HUGETLB, VM_PFNMAP 4| do not mlock | VM_IO, VM_DONTEXPAND, VM_HUGETLB, VM_PFNMAP This patch removes reserved_vm counter from mm_struct. Seems like nobody cares about it, it does not exported into userspace directly, it only reduces total_vm showed in proc. Thus VM_RESERVED can be replaced with VM_IO or pair VM_DONTEXPAND | VM_DONTDUMP. remap_pfn_range() and io_remap_pfn_range() set VM_IO|VM_DONTEXPAND|VM_DONTDUMP. remap_vmalloc_range() set VM_DONTEXPAND | VM_DONTDUMP. [akpm@linux-foundation.org: drivers/vfio/pci/vfio_pci.c fixup] Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Cc: Carsten Otte <cotte@de.ibm.com> Cc: Chris Metcalf <cmetcalf@tilera.com> Cc: Cyrill Gorcunov <gorcunov@openvz.org> Cc: Eric Paris <eparis@redhat.com> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Hugh Dickins <hughd@google.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: James Morris <james.l.morris@oracle.com> Cc: Jason Baron <jbaron@redhat.com> Cc: Kentaro Takeda <takedakn@nttdata.co.jp> Cc: Matt Helsley <matthltc@us.ibm.com> Cc: Nick Piggin <npiggin@kernel.dk> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Robert Richter <robert.richter@amd.com> Cc: Suresh Siddha <suresh.b.siddha@intel.com> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Cc: Venkatesh Pallipadi <venki@google.com> Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> userns: Convert selinux to use kuid and kgid where appropriate 2012-09-21T10:13:22+00:00 Eric W. Biederman ebiederm@xmission.com 2012-08-20T07:09:36+00:00 urn:sha1:581abc09c2205e05256d7f75410345d5392d5098 Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: James Morris <james.l.morris@oracle.com> Cc: Eric Paris <eparis@parisplace.org> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> switch dentry_open() to struct path, make it grab references itself 2012-07-22T20:01:29+00:00 Al Viro viro@zeniv.linux.org.uk 2012-06-26T17:58:53+00:00 urn:sha1:765927b2d508712d320c8934db963bbe14c3fcec Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> selinuxfs snprintf() misuses 2012-05-30T03:28:33+00:00 Al Viro viro@zeniv.linux.org.uk 2012-04-02T23:40:47+00:00 urn:sha1:cc1dad7183e4cb7f5d313b6942f2059fc0eabab6 a) %d does _not_ produce a page worth of output b) snprintf() doesn't return negatives - it used to in old glibc, but that's the kernel... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> SELinux: if sel_make_bools errors don't leave inconsistent state 2012-04-09T16:22:58+00:00 Eric Paris eparis@redhat.com 2012-04-04T17:47:11+00:00 urn:sha1:154c50ca4eb9ae472f50b6a481213e21ead4457d We reset the bool names and values array to NULL, but do not reset the number of entries in these arrays to 0. If we error out and then get back into this function we will walk these NULL pointers based on the belief that they are non-zero length. Signed-off-by: Eric Paris <eparis@redhat.com> cc: stable@kernel.org SELinux: remove needless sel_div function 2012-04-09T16:22:57+00:00 Eric Paris eparis@redhat.com 2012-04-04T17:46:46+00:00 urn:sha1:92ae9e82d9a2c4b9b388d6a9e7a4b2ccb0b4452f I'm not really sure what the idea behind the sel_div function is, but it's useless. Since a and b are both unsigned, it's impossible for a % b < 0. That means that part of the function never does anything. Thus it's just a normal /. Just do that instead. I don't even understand what that operation was supposed to mean in the signed case however.... If it was signed: sel_div(-2, 4) == ((-2 / 4) - ((-2 % 4) < 0)) ((0) - ((-2) < 0)) ((0) - (1)) (-1) What actually happens: sel_div(-2, 4) == ((18446744073709551614 / 4) - ((18446744073709551614 % 4) < 0)) ((4611686018427387903) - ((2 < 0)) (4611686018427387903 - 0) ((unsigned int)4611686018427387903) (4294967295) Neither makes a whole ton of sense to me. So I'm getting rid of the function entirely. Signed-off-by: Eric Paris <eparis@redhat.com> SELinux: loosen DAC perms on reading policy 2012-04-09T16:22:36+00:00 Eric Paris eparis@redhat.com 2012-02-16T20:08:39+00:00 urn:sha1:72e8c8593f8fdb983d9cd79d824f6b48ef21f14f There is no reason the DAC perms on reading the policy file need to be root only. There are selinux checks which should control this access. Signed-off-by: Eric Paris <eparis@redhat.com> SELinux: allow seek operations on the file exposing policy 2012-04-09T16:22:30+00:00 Eric Paris eparis@redhat.com 2012-02-16T20:08:39+00:00 urn:sha1:47a93a5bcb131879d4425d4559e90ad82990825d sesearch uses: lseek(3, 0, SEEK_SET) = -1 ESPIPE (Illegal seek) Make that work. Signed-off-by: Eric Paris <eparis@redhat.com> selinuxfs: merge dentry allocation into sel_make_dir() 2012-03-31T20:03:15+00:00 Al Viro viro@zeniv.linux.org.uk 2012-03-19T00:36:59+00:00 urn:sha1:a1c2aa1e86a25e7cace2ded47ec52754206a5733 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>