user/sven/linux.git/net/decnet, branch v3.3-rc6 Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v3.3-rc6 2012-01-15T02:36:33Z Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security 2012-01-15T02:36:33Z Linus Torvalds torvalds@linux-foundation.org 2012-01-15T02:36:33Z urn:sha1:c49c41a4134679cecb77362e7f6b59acb6320aa7 * 'for-linus' of git://selinuxproject.org/~jmorris/linux-security: capabilities: remove __cap_full_set definition security: remove the security_netlink_recv hook as it is equivalent to capable() ptrace: do not audit capability check when outputing /proc/pid/stat capabilities: remove task_ns_* functions capabitlies: ns_capable can use the cap helpers rather than lsm call capabilities: style only - move capable below ns_capable capabilites: introduce new has_ns_capabilities_noaudit capabilities: call has_ns_capability from has_capability capabilities: remove all _real_ interfaces capabilities: introduce security_capable_noaudit capabilities: reverse arguments to security_capable capabilities: remove the task from capable LSM hook entirely selinux: sparse fix: fix several warnings in the security server cod selinux: sparse fix: fix warnings in netlink code selinux: sparse fix: eliminate warnings for selinuxfs selinux: sparse fix: declare selinux_disable() in security.h selinux: sparse fix: move selinux_complete_init selinux: sparse fix: make selinux_secmark_refcount static SELinux: Fix RCU deref check warning in sel_netport_insert() Manually fix up a semantic mis-merge wrt security_netlink_recv(): - the interface was removed in commit fd7784615248 ("security: remove the security_netlink_recv hook as it is equivalent to capable()") - a new user of it appeared in commit a38f7907b926 ("crypto: Add userspace configuration API") causing no automatic merge conflict, but Eric Paris pointed out the issue. net: reintroduce missing rcu_assign_pointer() calls 2012-01-12T20:26:56Z Eric Dumazet eric.dumazet@gmail.com 2012-01-12T04:41:32Z urn:sha1:cf778b00e96df6d64f8e21b8395d1f8a859ecdc7 commit a9b3cd7f32 (rcu: convert uses of rcu_assign_pointer(x, NULL) to RCU_INIT_POINTER) did a lot of incorrect changes, since it did a complete conversion of rcu_assign_pointer(x, y) to RCU_INIT_POINTER(x, y). We miss needed barriers, even on x86, when y is not NULL. Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> CC: Stephen Hemminger <shemminger@vyatta.com> CC: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net> security: remove the security_netlink_recv hook as it is equivalent to capable() 2012-01-05T23:53:01Z Eric Paris eparis@redhat.com 2012-01-03T17:25:16Z urn:sha1:fd778461524849afd035679030ae8e8873c72b81 Once upon a time netlink was not sync and we had to get the effective capabilities from the skb that was being received. Today we instead get the capabilities from the current task. This has rendered the entire purpose of the hook moot as it is now functionally equivalent to the capable() call. Signed-off-by: Eric Paris <eparis@redhat.com> ipv6: Use universal hash for NDISC. 2011-12-28T20:06:58Z David S. Miller davem@davemloft.net 2011-12-28T20:06:58Z urn:sha1:2c2aba6c561ac425602f4a0be61422224cb87151 In order to perform a proper universal hash on a vector of integers, we have to use different universal hashes on each vector element. Which means we need 4 different hash randoms for ipv6. Signed-off-by: David S. Miller <davem@davemloft.net> net: Rename dst_get_neighbour{, _raw} to dst_get_neighbour_noref{, _raw}. 2011-12-05T20:20:19Z David Miller davem@davemloft.net 2011-12-02T16:52:08Z urn:sha1:2721745501a26d0dc3b88c0d2f3aa11471891388 To reflect the fact that a refrence is not obtained to the resulting neighbour entry. Signed-off-by: David S. Miller <davem@davemloft.net> Acked-by: Roland Dreier <roland@purestorage.com> Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2011-12-02T18:49:21Z David S. Miller davem@davemloft.net 2011-12-02T18:49:21Z urn:sha1:b3613118eb30a589d971e4eccbbb2a1314f5dfd4 decnet: proper socket refcounting 2011-11-26T20:49:07Z Eric Dumazet eric.dumazet@gmail.com 2011-11-21T00:21:55Z urn:sha1:8a6e77d5209e459a9ec5c268c39800c06cd1dc86 Better use sk_reset_timer() / sk_stop_timer() helpers to make sure we dont access already freed/reused memory later. Reported-by: Sasha Levin <levinsasha928@gmail.com> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Tested-by: Sasha Levin <levinsasha928@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2011-11-26T19:47:03Z David S. Miller davem@davemloft.net 2011-11-26T19:47:03Z urn:sha1:6dec4ac4ee1ad894dc0e9647cd3e180f93fc353c Conflicts: net/ipv4/inet_diag.c net: Move mtu handling down to the protocol depended handlers 2011-11-26T19:29:51Z Steffen Klassert steffen.klassert@secunet.com 2011-11-23T02:13:31Z urn:sha1:618f9bc74a039da76fa027ac2600c5b785b964c5 We move all mtu handling from dst_mtu() down to the protocol layer. So each protocol can implement the mtu handling in a different manner. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: David S. Miller <davem@davemloft.net> net: Rename the dst_opt default_mtu method to mtu 2011-11-26T19:29:50Z Steffen Klassert steffen.klassert@secunet.com 2011-11-23T02:12:51Z urn:sha1:ebb762f27fed083cb993a0816393aba4615f6544 We plan to invoke the dst_opt->default_mtu() method unconditioally from dst_mtu(). So rename the method to dst_opt->mtu() to match the name with the new meaning. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Signed-off-by: David S. Miller <davem@davemloft.net>