Linux kernel source tree https://git.amat.us/linux/atom/fs/file_table.c?h=v3.4.83 2012-03-21T01:29:32Z 2012-03-21T01:29:32Z Al Viro viro@zeniv.linux.org.uk 2012-02-12T07:38:16Z urn:sha1:b57ce9694ec43dcb6ef6f189d6540e4b3d2c5e7a Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2012-01-07T04:20:13Z Miklos Szeredi mszeredi@suse.cz 2011-11-21T11:11:33Z urn:sha1:8e8b87964bc8dc5c14b6543fc933b7725f07d3ac If there are any inodes on the super block that have been unlinked (i_nlink == 0) but have not yet been deleted then prevent the remounting the super block read-only. Reported-by: Toshiyuki Okajima <toshi.okajima@jp.fujitsu.com> Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> Tested-by: Toshiyuki Okajima <toshi.okajima@jp.fujitsu.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2011-07-26T23:49:47Z Arun Sharma asharma@fb.com 2011-07-26T23:09:06Z urn:sha1:60063497a95e716c9a689af3be2687d261f115b4 This allows us to move duplicated code in <asm/atomic.h> (atomic_inc_not_zero() for now) to <linux/atomic.h> Signed-off-by: Arun Sharma <asharma@fb.com> Reviewed-by: Eric Dumazet <eric.dumazet@gmail.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: David Miller <davem@davemloft.net> Cc: Eric Dumazet <eric.dumazet@gmail.com> Acked-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2011-03-16T20:26:17Z Linus Torvalds torvalds@linux-foundation.org 2011-03-16T20:26:17Z urn:sha1:2e270d84223262a38d4755c61d55f5c73ea89e56 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: fix cdev leak on O_PATH final fput() 2011-03-16T20:18:39Z Miklos Szeredi miklos@szeredi.hu 2011-03-16T17:17:54Z urn:sha1:60ed8cf78f886753e454b671841c0a3a0e55e915 __fput doesn't need a cdev_put() for O_PATH handles. Signed-off-by: mszeredi@suse.cz Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2011-03-16T16:15:43Z Linus Torvalds torvalds@linux-foundation.org 2011-03-16T16:15:43Z urn:sha1:0f6e0e8448a16d8d22119ce91d8dd24b44865b51 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (33 commits) AppArmor: kill unused macros in lsm.c AppArmor: cleanup generated files correctly KEYS: Add an iovec version of KEYCTL_INSTANTIATE KEYS: Add a new keyctl op to reject a key with a specified error code KEYS: Add a key type op to permit the key description to be vetted KEYS: Add an RCU payload dereference macro AppArmor: Cleanup make file to remove cruft and make it easier to read SELinux: implement the new sb_remount LSM hook LSM: Pass -o remount options to the LSM SELinux: Compute SID for the newly created socket SELinux: Socket retains creator role and MLS attribute SELinux: Auto-generate security_is_socket_class TOMOYO: Fix memory leak upon file open. Revert "selinux: simplify ioctl checking" selinux: drop unused packet flow permissions selinux: Fix packet forwarding checks on postrouting selinux: Fix wrong checks for selinux_policycap_netpeer selinux: Fix check for xfrm selinux context algorithm ima: remove unnecessary call to ima_must_measure IMA: remove IMA imbalance checking ... 2011-03-15T06:21:45Z Al Viro viro@zeniv.linux.org.uk 2011-03-13T21:08:22Z urn:sha1:326be7b484843988afe57566b627fb7a70beac56 Just need to make sure that AF_UNIX garbage collector won't confuse O_PATHed socket on filesystem for real AF_UNIX opened socket. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2011-03-15T06:21:45Z Al Viro viro@zeniv.linux.org.uk 2011-03-13T07:51:11Z urn:sha1:1abf0c718f15a56a0a435588d1b104c7a37dc9bd New flag for open(2) - O_PATH. Semantics: * pathname is resolved, but the file itself is _NOT_ opened as far as filesystem is concerned. * almost all operations on the resulting descriptors shall fail with -EBADF. Exceptions are: 1) operations on descriptors themselves (i.e. close(), dup(), dup2(), dup3(), fcntl(fd, F_DUPFD), fcntl(fd, F_DUPFD_CLOEXEC, ...), fcntl(fd, F_GETFD), fcntl(fd, F_SETFD, ...)) 2) fcntl(fd, F_GETFL), for a common non-destructive way to check if descriptor is open 3) "dfd" arguments of ...at(2) syscalls, i.e. the starting points of pathname resolution * closing such descriptor does *NOT* affect dnotify or posix locks. * permissions are checked as usual along the way to file; no permission checks are applied to the file itself. Of course, giving such thing to syscall will result in permission checks (at the moment it means checking that starting point of ....at() is a directory and caller has exec permissions on it). fget() and fget_light() return NULL on such descriptors; use of fget_raw() and fget_raw_light() is needed to get them. That protects existing code from dealing with those things. There are two things still missing (they come in the next commits): one is handling of symlinks (right now we refuse to open them that way; see the next commit for semantics related to those) and another is descriptor passing via SCM_RIGHTS datagrams. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2011-03-07T23:55:06Z James Morris jmorris@namei.org 2011-03-07T23:55:06Z urn:sha1:1cc26bada9f6807814806db2f0d78792eecdac71 2011-02-10T12:51:44Z Mimi Zohar zohar@linux.vnet.ibm.com 2010-11-02T14:13:07Z urn:sha1:890275b5eb79e9933d12290473eab9ac38da0051 ima_counts_get() updated the readcount and invalidated the PCR, as necessary. Only update the i_readcount in the VFS layer. Move the PCR invalidation checks to ima_file_check(), where it belongs. Maintaining the i_readcount in the VFS layer, will allow other subsystems to use i_readcount. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Eric Paris <eparis@redhat.com>