summaryrefslogtreecommitdiff
path: root/arch
AgeCommit message (Collapse)Author
2007-04-20[SPARC64]: Fix inline directive in pci_iommu.cTom Callaway
While building a test kernel for the new esp driver (against git-current), I hit this bug. Trivial fix, put the inline declaration in the right place. :) Signed-off-by: Tom Callaway <tcallawa@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-04-20[SPARC64]: Fix arg passing to compat_sys_ipc().David S. Miller
Do not sign extend args using the sys32_ipc stub, that is buggy and unnecessary. Based upon an excellent report by Mikael Pettersson. Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-04-20[SPARC64]: Fix SBUS IOMMU allocation code.David S. Miller
There are several IOMMU allocator bugs. Instead of trying to fix this overly complicated code, just mirror the PCI IOMMU arena allocator which is very stable and well stress tested. I tried to make the code as identical as possible so we can switch sun4u PCI and SBUS over to a common piece of IOMMU code. All that will be need are two callbacks, one to do a full IOMMU flush and one to do a streaming buffer flush. This patch gets rid of a lot of hangs and mysterious crashes on SBUS sparc64 systems, at least for me. Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-04-13i386: fix file_read_actor() and pipe_read() for original i386 systemsThomas Gleixner
The __copy_to_user_inatomic() calls in file_read_actor() and pipe_read() are broken on original i386 machines, where WP-works-ok == false, as __copy_to_user_inatomic() on such systems calls functions which might sleep and/or contain cond_resched() calls inside of a kmap_atomic() region. The original check for WP-works-ok was in access_ok(), but got moved during the 2.5 series to fix a race vs. swap. Return the number of bytes to copy in the case where we are in an atomic region, so the non atomic code pathes in file_read_actor() and pipe_read() are taken. This could be optimized to avoid the kmap_atomicby moving the check for WP-works-ok into fault_in_pages_writeable(), but this is more intrusive and can be done later. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Acked-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-03-21i386 bootioremap / kexec fixKeith Mannthey
With CONFIG_PHYSICAL_START set to a non default values the i386 boot_ioremap code calculated its pte index wrong and users of boot_ioremap have their areas incorrectly mapped (for me SRAT table not mapped during early boot). This patch removes the addr < BOOT_PTE_PTRS constraint. Signed-off-by: Keith Mannthey <kmannth@us.ibm.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-03-20[SPARC64]: Add missing HPAGE_MASK masks on address parameters.David S. Miller
These pte loops all assume the passed in address is HPAGE aligned, make sure that is actually true. [ This also includes other hugepage bug fixes for sparc64 that occurred between 2.6.16 to 2.6.20 ] Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-03-09SPARC64: Fix memory corruption in pci_4u_free_consistent()David S. Miller
The second argument to free_npages() was being incorrectly calculated, which would thus access far past the end of the arena->map[] bitmap. Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-02-14uml: fix signal frame alignmentJeff Dike
Use the same signal frame alignment calculations as the underlying architecture. x86_64 appeared to do this, but the "- 8" was really subtracting 8 * sizeof(struct rt_sigframe) rather than 8 bytes. UML/i386 might have been OK, but I changed the calculation to match i386 just to be sure. Signed-off-by: Jeff Dike <jdike@addtoit.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-01-25sparc32: add offset in pci_map_sg()Jan Andersson
Add sg->offset to sg->dvma_address in pci_map_sg() on sparc32. Without the offset, transfers to buffers that do not begin on a page boundary will not work as expected. Signed-off-by: Jan Andersson <jan.andersson@ieee.org> Acked-By: David Miller <davem@davemloft.net>
2007-01-23i386: fix CPU hotplug with 2GB VMSPLITShaohua Li
In VMSPLIT mode, kernel PGD might have more entries than user space Signed-off-by: Shaohua Li <shaohua.li@intel.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-01-22s390: connector supportMartin Schwidefsky
Include connector config in the s390 arch Kconfig to get support for connectors. This also fixes the following Kconfig warning: fs/Kconfig:1728:warning: 'select' used by config symbol 'CIFS_UPCALL' refer to undefined symbol 'CONNECTOR' Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-01-14UML: fix the MODE_TT compilationPaolo 'Blaisorblade' Giarrusso
Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-01-09uml: fix processor selectionPaolo 'Blaisorblade' Giarrusso
Makes UML compile on any possible processor choice. The two problems were: *) x86 code, when 386 is selected, checks at runtime boot_cpuflags, which we not have. *) 3Dnow support for memcpy() et al. does not compile currently and fixing t is not trivial, so simply disable it; with this change, if one selects MK UML compiles (while it did not). Merged upstream. Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-01-09PCI: irq: irq and pci_ids patch for Intel ICH9Jason Gaston
This updated patch adds the Intel ICH9 LPC and SMBus Controller DID's. Signed-off-by: Jason Gaston <jason.d.gaston@intel.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-01-09fix the UML compilationAdrian Bunk
Based on patches from Linus' tree. Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-01-09x86_64: Don't leak NT bit into next task (CVE-2006-5755)Andi Kleen
SYSENTER can cause a NT to be set which might cause crashes on the IRET in the next task. Following similar i386 patch from Linus. Backport to 2.6.16 by Chuck Ebbert <76306.1226@compuserve.com> [Changed 'set_debugreg' to the older 'set_debug' in setup64.c and added raw_local_save_flags() from 2.6.19 to system.h] Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2007-01-04i386: save/restore eflags in context switch (CVE-2006-5173)Linus Torvalds
(And reset it on new thread creation) It turns out that eflags is important to save and restore not just because of iopl, but due to the magic bits like the NT bit, which we don't want leaking between different threads. Backported to 2.6.16 by Chuck Ebbert <76306.1226@compuserve.com> [Backport consisted of removing the CFI annotations.] Signed-off-by: Linus Torvalds <torvalds@osdl.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-12-17x86-64: Mark rdtsc as sync only for netburst, not for core2Arjan van de Ven
On the Core2 cpus, the rdtsc instruction is not serializing (as defined in the architecture reference since rdtsc exists) and due to the deep speculation of these cores, it's possible that you can observe time go backwards between cores due to this speculation. Since the kernel already deals with this with the SYNC_RDTSC flag, the solution is simple, only assume that the instruction is serializing on family 15... The price one pays for this is a slightly slower gettimeofday (by a dozen or two cycles), but that increase is quite small to pay for a really-going-forward tsc counter. Backport by Chris Wright. Signed-off-by: Arjan van de Ven <arjan@linux.intel.com> Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-12-17IA64: bte_unaligned_copy() transfers one extra cache line.Robin Holt
When called to do a transfer that has a start offset within the cache line which is uneven between source and destination and a length which terminates the source of the copy exactly on a cache line, one extra line gets copied into a temporary buffer. This is normally not an issue since the buffer is a kernel buffer and only the requested information gets copied into the user buffer. The problem arises when the source ends at the very last physical page of memory. That last cache line does not exist and results in the SHUB chip raising an MCA. Signed-off-by: Robin Holt <holt@sgi.com> Signed-off-by: Tony Luck <tony.luck@intel.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-12-04alpha: Fix ALPHA_EV56 dependencies typoFernando J. Pereda
There appears to be a typo in the EV56 config option. NORITAKE and PRIMO are be able to set a variation of either. Signed-off-by: Daniel Drake <dsd@gentoo.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-11-29proper flags type of spin_lock_irqsave()Alexey Dobriyan
Convert various spin_lock_irqsave() callers to correctly use `unsigned long' Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-11-20POWERPC: Make alignment exception always check exception tableBenjamin Herrenschmidt
The alignment exception used to only check the exception table for -EFAULT, not for other errors. That opens an oops window if we can coerce the kernel into getting an alignment exception for other reasons in what would normally be a user-protected accessor, which can be done via some of the futex ops. This fixes it by always checking the exception tables. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-11-15fix via586 irq routing for pirq 5Daniel Ritz
fix interrput routing for via 586 bridges. pirq can be 5 which needs to be mapped to INTD. but currently the access functions can handle only pirq 1-4. this is similar to the other via chipsets where pirq 4 and 5 are both mapped to INTD. fixes bugzilla #7490 Signed-off-by: Daniel Ritz <daniel.ritz@gmx.ch> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-11-11ia64/sparc: fix local DoS with corrupted ELFs (CVE-2006-4538)Kirill Korotaev
This patch prevents cross-region mappings on IA64 and SPARC which could lead to system crash. Adrian Bunk: Adapted to 2.6.16. Signed-Off-By: Kirill Korotaev <dev@openvz.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-11-11[POWERPC] Fix return value from memcpyPaul Mackerras
As pointed out by Herbert Xu <herbert@gondor.apana.org.au>, our memcpy implementation didn't return the destination pointer as its return value, and there is code in the kernel that expects that. This fixes it. Signed-off-by: Paul Mackerras <paulus@samba.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-11-07[CPUFREQ] Fix powernow-k8 SMP kernel on UP hardware bug.Randy Dunlap
Fix powernow-k8 doesn't load bug. Reference: https://launchpad.net/distros/ubuntu/+source/linux-source-2.6.15/+bug/35145 Signed-off-by: Ben Collins <bcollins@ubuntu.com> Signed-off-by: Dave Jones <davej@redhat.com>
2006-11-07[CPUFREQ] Make powernow-k7 work on SMP kernels.Dave Jones
Even though powernow-k7 doesn't work in SMP environments, it can work on an SMP configured kernel if there's only one CPU present, however recalibrate_cpu_khz was returning -EINVAL on such kernels, so we failed to init the cpufreq driver. Signed-off-by: Dave Jones <davej@redhat.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-11-05ACPI: enable SMP C-states on x86_64Shaohua Li
http://bugzilla.kernel.org/show_bug.cgi?id=5653 Signed-off-by: Shaohua Li <shaohua.li@intel.com> Signed-off-by: Len Brown <len.brown@intel.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-11-05[S390] fix user readable uninitialised kernel memory, take 2.Martin Schwidefsky
The previous patch to correct the copy_from_user padding is quite broken. The execute instruction needs to be done via the register %r4, not via %r2 and 31 bit doesn't know the instructions lgr and ahji. Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-11-05[S390] fix user readable uninitialised kernel memory (CVE-2006-5174)Martin Schwidefsky
A user space program can read uninitialised kernel memory by appending to a file from a bad address and then reading the result back. The cause is the copy_from_user function that does not clear the remaining bytes of the kernel buffer after it got a fault on the user space address. Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-10-17[IA64] correct file descriptor reference counting in perfmon (CVE-2006-3741)Stephane Eranian
Fix a bug in sys_perfmonctl() whereby it was not correctly decrementing the file descriptor reference count. Signed-off-by: Stephane Eranian <eranian@hpl.hp.com> Signed-off-by: Tony Luck <tony.luck@intel.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-10-14[SPARC64]: Kill bogus check from bootmem_init().David S. Miller
There is an ancient and totally incorrect sanity check being done on the ramdisk location. The check assumes that the kernel is always loaded to physical address zero, which is wrong. It was trying to validate the ramdisk value by saying that if it fell within the kernel image address range it must be wrong. Anyways, kill this because it actually creates problems. The 'ramdisk_image' should always be adjusted down by KERNBASE. SILO can easily put the ramdisk in a location which causes this test to trigger, breaking things. [ Based almost entirely upon a patch from Ben Collins. ] Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-10-14[SPARC64]: Fix sched_clock() wrapping every ~17 seconds.David S. Miller
Unfortunately, sparc64 doesn't have an easy way to do a "64 X 64 --> 128" bit multiply like PowerPC and IA64 do. We were doing a "64 X 64 --> 64" bit multiple which causes overflow very quickly with a 30-bit quotient shift. So use a quotientshift count of 10 instead of 30, just like x86 and ARM do. This also fixes the wrapping of printk timestamp values every ~17 seconds. Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-09-06ia64 SGI-SN2: fix silent data corruption caused by XPCDean Nelson
Jack Steiner identified a problem where XPC can cause a silent data corruption. On module load, the placement may cause the xpc_remote_copy_buffer to span two physical pages. DMA transfers are done to the start virtual address translated to physical. This patch changes the buffer from a statically allocated buffer to a kmalloc'd buffer. Dean Nelson reviewed this before posting. I have tested it in the configuration that was showing the memory corruption and verified it works. I also added a BUG_ON statement to help catch this if a similar situation is encountered. Signed-off-by: Robin Holt <holt@sgi.com> Signed-off-by: Dean Nelson <dcn@sgi.com> Signed-off-by: Jack Steiner <steiner@sgi.com> Signed-off-by: Tony Luck <tony.luck@intel.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-08-18powerpc: Clear HID0 attention enable on PPC970 at boot time (CVE-2006-4093)Olof Johansson
Clear HID0[en_attn] at CPU init time on PPC970. Closes CVE-2006-4093. Signed-off-by: Olof Johansson <olof@lixom.net> Signed-off-by: Paul Mackerras <paulus@samba.org> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-08-18SPARC32: Fix iommu_flush_iotlb end addressBob Breuer
Fix the calculation of the end address when flushing iotlb entries to ram. This bug has been a cause of esp dma errors, and it affects HyperSPARC systems much worse than SuperSPARC systems. Signed-off-by: Bob Breuer <breuerr@mc.net> Signed-off-by: David S. Miller <davem@davemloft.net> Acked-by: William Lee Irwin III <wli@holomorphy.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-08-12update the i386 defconfigAdrian Bunk
The i386 defconfig wasn't updated for ages. Instead of running "make oldconfig" on the old defconfig and trying to give reasonable answers at all new options, this patch replaces it with the one I'm using in 2.6.16-rc1. This way, it's a .config that is confirmed to work on at least one computer in the world. ;-) Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-08-08memory hotplug: solve config broken: undefined reference to `online_page'Yasunori Goto
Memory hotplug code of i386 adds memory to only highmem. So, if CONFIG_HIGHMEM is not set, CONFIG_MEMORY_HOTPLUG shouldn't be set. Otherwise, it causes compile error. In addition, many architecture can't use memory hotplug feature yet. So, I introduce CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG. Signed-off-by: Yasunori Goto <y-goto@jp.fujitsu.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-06-22[PATCH] SPARC64: Fix missing fold at end of checksums.David Miller
Both csum_partial() and the csum_partial_copy*() family of routines forget to do a final fold on the computed checksum value on sparc64. So do the standard Sparc "add + set condition codes, add carry" sequence, then make sure the high 32-bits of the return value are clear. Based upon some excellent detective work and debugging done by Richard Braun and Samuel Thibault. Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-06-22[PATCH] SPARC64: Respect gfp_t argument to dma_alloc_coherent().David Miller
Using asm-generic/dma-mapping.h does not work because pushing the call down to pci_alloc_coherent() causes the gfp_t argument of dma_alloc_coherent() to be ignored. Fix this by implementing things directly, and adding a gfp_t argument we can use in the internal call down to the PCI DMA implementation of pci_alloc_coherent(). This fixes massive memory corruption when using the sound driver layer, which passes things like __GFP_COMP down into these routines and (correctly) expects that to work. This is a disk eater when sound is used, so it's pretty critical. Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-06-20[PATCH] powerpc: Fix machine check problem on 32-bit kernels (CVE-2006-2448)Paul Mackerras
This fixes a bug found by Dave Jones that means that it is possible for userspace to provoke a machine check on 32-bit kernels. This also fixes a couple of other places where I found similar problems by inspection. Signed-off-by: Paul Mackerras <paulus@samba.org> Signed-off-by: Chris Wright <chrisw@sous-sol.org>
2006-06-05[PATCH] x86_64: Don't do syscall exit tracing twiceAndi Kleen
This fixes a regression from the earlier DOS fix for non canonical IRET addresses. It broke UML. int_ret_from_syscall already does syscall exit tracing, so no need to do it again in the caller. This caused problems for UML and some other special programs doing syscall interception. Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-06-05[PATCH] x86_64: x86_64 add crashdump trigger pointsVivek Goyal
o Start booting into the capture kernel after an Oops if system is in a unrecoverable state. System will boot into the capture kernel, if one is pre-loaded by the user, and capture the kernel core dump. o One of the following conditions should be true to trigger the booting of capture kernel. - panic_on_oops is set. - pid of current thread is 0 - pid of current thread is 1 - Oops happened inside interrupt context. Signed-off-by: Vivek Goyal <vgoyal@in.ibm.com> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Linus Torvalds <torvalds@osdl.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> Signed-off-by: Chris Wright <chrisw@sous-sol.org>
2006-06-05[PATCH] PowerMac: force only suspend-to-disk to be validJohannes Berg
For a very long time, echoing 'standby' or 'mem' into /sys/power/state has killed the machine on powerpc. This patch fixes that. This patch adds the .valid callback to pm_ops on PowerMac so that only the suspend to disk state can be entered. Note that just returning 0 would suffice since the upper layers don't pass PM_SUSPEND_DISK down, but we handle it there regardless just in case that changes. Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Johannes Berg <johannes@sipsolutions.net> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-05-01[PATCH] MIPS: Fix branch emulation for floating-point exceptions.Win Treese
In the branch emulation for floating-point exceptions, __compute_return_epc must determine for bc1f et al which condition code bit to test. This is based on bits <4:2> of the rt field. The switch statement to distinguish bc1f et al needs to use only the two low bits of rt, but the old code tests on the whole rt field. This patch masks off the proper bits. Signed-off-by: Win Treese <treese@acm.org> Signed-off-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-05-01[PATCH] MIPS: Fix tx49_blast_icache32_page_indexed.Atsushi Nemoto
Fix the cache index value in tx49_blast_icache32_page_indexed(). This is damage by de62893bc0725f8b5f0445250577cd7a10b2d8f8 commit. Signed-off-by: Atsushi Nemoto <anemo@mba.ocn.ne.jp> Signed-off-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-05-01[PATCH] Alpha: strncpy() fixIvan Kokshaysky
As it turned out after recent SCSI changes, strncpy() was broken - it mixed up the return values from __stxncpy() in registers $24 and $27. Thanks to Mathieu Chouquet-Stringer for tracking down the problem and providing an excellent test case. Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru> Signed-off-by: Linus Torvalds <torvalds@osdl.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-05-01[PATCH] x86_64: Fix a race in the free_iommu path.Mike Waychison
We do this by removing a micro-optimization that tries to avoid grabbing the iommu_bitmap_lock spinlock and using a bus-locked operation. This still races with other simultaneous alloc_iommu or free_iommu(size > 1) which both use bus-unlocked operations. The end result of this race is eventually ending up with an iommu_gart_bitmap that has bits errornously set all over, making large contiguous iommu space allocations fail with 'PCI-DMA: Out of IOMMU space'. Signed-off-by: Mike Waychison <mikew@google.com> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-05-01[PATCH] x86_64: Pass -32 to the assembler when compiling the 32bit vsyscall ↵Andi Kleen
pages This quietens warnings and actually fixes a bug. The unwind tables would come out wrong without -32, causing pthread cancellation during them to crash in the gcc runtime. The problem seems to only happen with newer binutils (it doesn't happen with 2.16.91.0.2 but happens wit 2.16.91.0.5) Thanks to Brian Baker @ HP for test case and initial analysis. Cc: brian.b@hp.com Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-05-01[PATCH] make vm86 call audit_syscall_exitJason Baron
hi, The motivation behind the patch below was to address messages in /var/log/messages such as: Jan 31 10:54:15 mets kernel: audit(:0): major=252 name_count=0: freeing multiple contexts (1) Jan 31 10:54:15 mets kernel: audit(:0): major=113 name_count=0: freeing multiple contexts (2) I can reproduce by running 'get-edid' from: http://john.fremlin.de/programs/linux/read-edid/. These messages come about in the log b/c the vm86 calls do not exit via the normal system call exit paths and thus do not call 'audit_syscall_exit'. The next system call will then free the context for itself and for the vm86 context, thus generating the above messages. This patch addresses the issue by simply adding a call to 'audit_syscall_exit' from the vm86 code. Besides fixing the above error messages the patch also now allows vm86 system calls to become auditable. This is useful since strace does not appear to properly record the return values from sys_vm86. I think this patch is also a step in the right direction in terms of cleaning up some core auditing code. If we can correct any other paths that do not properly call the audit exit and entries points, then we can also eliminate the notion of context chaining. I've tested this patch by verifying that the log messages no longer appear, and that the audit records for sys_vm86 appear to be correct. Also, 'read_edid' produces itentical output. thanks, -Jason Signed-off-by: Jason Baron <jbaron@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>