ioctl_by_bdev may only be used INSIDE the kernel. If the "arg" argument
refers to memory that is accessed by put_user/get_user in the ioctl
function, the memory needs to be in the kernel address space (that's the
set_fs(KERNEL_DS) doing in the ioctl_by_bdev). This works on i386 because
even with set_fs(KERNEL_DS) the user space memory is still accessible with
put_user/get_user. That is not true for s390. In short the ioctl
implementation of the pktcdvd device driver is horribly broken.
Signed-off-by: Peter Osterlund <petero2@telia.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
[Patch] Fix raw device ioctl pass-through
Raw character devices are supposed to pass ioctls through to the block
devices they are bound to. Unfortunately, they are using the wrong
function for this: ioctl_by_bdev(), instead of blkdev_ioctl().
ioctl_by_bdev() performs a set_fs(KERNEL_DS) before calling the ioctl,
redirecting the user-space buffer access to the kernel address space.
This is, needless to say, a bad thing.
This was noticed first on s390, where raw IO was non-functioning. The
s390 driver config does not actually allow raw IO to be enabled, which
was the first part of the problem. Secondly, the s390 kernel address
space is distinct from user, causing legal raw ioctls to fail. I've
reproduced this on a kernel built with 4G:4G split on x86, which fails
in the same way (-EFAULT if the address does not exist kernel-side;
returns success without actually populating the user buffer if it does.)
The patch below fixes both the config and address-space problems. It's
based closely on a patch by Jan Glauber <jang@de.ibm.com>, which has
been tested on s390 at IBM. I've tested it on x86 4G:4G (split address
space) and x86_64 (common address space).
Kernel-address-space access has been assigned CAN-2005-1264.
Signed-off-by: Stephen Tweedie <sct@redhat.com>
Signed-off-by: Dave Jones <davej@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Version 2 of the 3com OfficeConnect 11g Cardbus Card aka 3CRWE154G72 is not
supported by the prism54 project. To stop confusion, the kernel
documentation should state so as 3com made a good job hiding the version.
Signed-off-by: Andrew Morton <akpm@osdl.org>
diff -puN drivers/net/wireless/Kconfig~wireless-3crwe154g72-kconfig-help-fix drivers/net/wireless/Kconfig
Fix IBM EMAC driver ioctl bug.
I found IBM EMAC driver bug.
So mii-tool command print wrong status.
# mii-tool
eth0: 10 Mbit, half duplex, no link
eth1: 10 Mbit, half duplex, no link
I can get correct status on fixed kernel.
# mii-tool
eth0: negotiated 100baseTx-FD, link okZZ
eth1: negotiated 100baseTx-FD, link ok
Hiroaki Fuse
Signed-off-by: Geoff Levand <geoffrey.levand@am.sony.com> for CELF
NET_WIRELESS is only a subset of the stuff in drivers/net/wireless;
NET_RADIO is what covers all of them.
Signed-off-by: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>
Der... if you use max_t it helps if you give it a type.
Note to self: Always just apply the tested patches, don't try to port
them by hand. You're not clever enough.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
I'm going through the kernel code and have a patch that corrects
several spelling errors in comments.
From: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
This patch adds more messages types to the audit subsystem so that audit
analysis is quicker, intuitive, and more useful.
Signed-off-by: Steve Grubb <sgrubb@redhat.com>
---
I forgot one type in the big patch. I need to add one for user space
originating SE Linux avc messages. This is used by dbus and nscd.
-Steve
---
Updated to 2.6.12-rc4-mm1.
-dwmw2
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Otherwise, we will be repeatedly reallocating, even if we're only
adding a few bytes at a time. Pointed out by Steve Grubb.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Patch from Ben Dooks
Fix the setting of hdiv when set to divide-by-2. Thanks to
Jeonghoon Yoon for pointing this out.
Change name of the NAND device to "s3c2440-nand" as it
is not similar enough to the "s3c2410-nand" device.
Signed-off-by: Ben Dooks
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Patch from Ben Dooks
S3C2440 UPLL is the same as the S3C2410 UPLL, it is only the
MPLL which has an extra multiplication factor of 2 in the
multiplier.
Signed-off-by: Ben Dooks
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Patch from Ben Dooks
Add the register definitions for the s3c2440 NAND controller
to the s3c2410 NAND register definitions
Signed-off-by: Ben Dooks
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Patch from Nicolas Pitre
Not all ARMv6 processors implement the TLS register.
Signed-off-by: Nicolas Pitre
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Add audit_log_type to allow callers to specify type and pid when logging.
Convert audit_log to wrapper around audit_log_type. Could have
converted all audit_log callers directly, but common case is default
of type AUDIT_KERNEL and pid 0. Update audit_log_start to take type
and pid values when creating a new audit_buffer. Move sequences that
did audit_log_start, audit_log_format, audit_set_type, audit_log_end,
to simply call audit_log_type directly. This obsoletes audit_set_type
and audit_set_pid, so remove them.
Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Remove code conditionally dependent on CONFIG_AUDITSYSCALL from audit.c.
Move these dependencies to audit.h with the rest.
Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Audit now actually requires netlink. So make it depend on CONFIG_NET,
and remove the inline dependencies on CONFIG_NET.
Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Patch from Sascha Hauer
This patch adds the defines for the i.MX PWM controller
Signed-off-by: Steven Scholz
Signed-off-by: Sascha Hauer
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Let audit_expand() know how much it's expected to grow the buffer, in
the case that we have that information to hand.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
We were setting nlmsg_len to skb->len, but we should be subtracting
the size of the header.
From: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Move the locking for copy_user_page() and clear_user_page() into
the implementations which require locking. For simple memcpy/
memset based implementations, the locking is extra overhead which
is not necessary, and prevents preemption occuring.
Signed-off-by: Russell King <rmk@arm.linux.org.uk>
Add uart_insert_char(), which handles inserting characters into the
flip buffer. This helper function handles the correct semantics
for handling overrun in addition to inserting normal characters.
Signed-off-by: Russell King <rmk@arm.linux.org.uk>
Add pmd_off() and pmd_off_k() to obtain the pmd pointer for a
virtual address, and use them throughout the mm initialisation.
Signed-off-by: Russell King <rmk@arm.linux.org.uk>
Updates to the wbsd driver.
* Fix to handle DAT3 card detection.
* Fixed bug which could cause large writes to stall in FIFO mode.
* Plug 'n Play support. In most cases you need ACPI PNP for this to work.
* Uses generic DMA API (ISA dependency removed).
This fixes some x86_64 bugs -
- maybe_map returns -1 on error instead of 0, which is interpreted as
physical address 0
- removed an include of ipc.h, which isn't needed
- fixed the calculation of signal frame location
- the signal delivery code is now immune to the stack expansion check
- added a missing include
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
tt-mode closes switch_pipes in exit_thread_tt and kills processes in
switch_to_tt, if the exit_state is EXIT_DEAD or EXIT_ZOMBIE.
In very rare cases the exiting process can be scheduled out after having set
exit_state and closed switch_pipes (from release_task it calls proc_pid_flush,
which might sleep). If this process is to be restarted, UML failes in
switch_to_tt with:
write of switch_pipe failed, err = 9
We fix this by closing switch_pipes not in exit_thread_tt, but later in
release_thread_tt. Additionally, we set switch_pipe[0] = 0 after closing.
switch_to_tt must not kill "from" process depending on its exit_state, but
must kill it after release_thread was processed only, so it examines
switch_pipe[0] for its decision.
Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Only x86 and x86_64 use arch_align_stack(), all other subarches have:
#define arch_align_stack(x) (x)
So, if this definition is found, UML's own arch_align_stack() should be
skipped.
Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
tt/mem.c still uses hardcoded TOP for i386 instead of CONFIG_TOP_ADDR provided
by subarch's Kconfig_XXXX, which would be right.
Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
So, there I was, looking at my own code, wondering what the magic setjmp
return values did. This patch turns the constants that are used to make
requests of the initial thread into meaningful symbols.
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This eliminates some stuff from arch/um/kernel/Makefile which refers to a
file which has long since been deleted.
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Eliminate the non-inline version of switch_mm, which can't be used,
considering the inline version in asm/mmu_context.h
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
s390 tt-mode needs to save not only syscall number, but an further register
also.
Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
s390 needs to change some parts of arch/um/kernel/ptrace.c. Thus, the code
regarding PEEKUSER and POKEUSER are shifted to arch/um/sys-<subarch>/ptrace.c.
Also s390 debug registers need to be updated, when singlestepping is switched
on / off. Thus, setting/resetting of singlestepping is centralized in the new
function set_singlestep(), which also inserts the macro
SUBARCH_SET_SINGLESTEP(mode), if defined.
Finally, s390 has the "ieee_instruction_pointer" in its
registers, which also is allowed to be read via
ptrace( PTRACE_PEEKUSER, getpid(), PT_IEEE_IP, 0);
To implement this feature, sys_ptrace inserts the macro
SUBARCH_PTRACE_SPECIAL, if defined.
Signed-off-by: Bodo Stroesser <bstroesser@fujitsu-siemens.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>