Tue Mar 25 03:55:20 UTC 2014

author: Nicolás Reynolds <fauno@endefensadelsl.org> 2014-03-25 03:59:45 +0000
committer: Nicolás Reynolds <fauno@endefensadelsl.org> 2014-03-25 03:59:45 +0000
commit: ec963aec4666ff7087ae150cb84398533a78f296 (patch)
tree: 4da354e279473e5bd24dccdc93e816b2ebbe076f /kernels/linux-libre-grsec
parent: f28fb29dd903558bdb2765f573eaf149897e7d1c (diff)
8 files changed, 0 insertions, 797 deletions
diff --git a/kernels/linux-libre-grsec/0001-sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch b/kernels/linux-libre-grsec/0001-sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch
deleted file mode 100644
index 2d398315e..000000000
--- a/kernels/linux-libre-grsec/0001-sunrpc-create-a-new-dummy-pipe-for-gssd-to-hold-open.patch
+++ /dev/null
@@ -1,241 +0,0 @@
-From 4b9a445e3eeb8bd9278b1ae51c1b3a651e370cd6 Mon Sep 17 00:00:00 2001
-From: Jeff Layton <jlayton@redhat.com>
-Date: Thu, 14 Nov 2013 07:25:17 -0500
-Subject: [PATCH 1/6] sunrpc: create a new dummy pipe for gssd to hold open
-
-rpc.gssd will naturally hold open any pipe named */clnt*/gssd that shows
-up under rpc_pipefs. That behavior gives us a reliable mechanism to tell
-whether it's actually running or not.
-
-Create a new toplevel "gssd" directory in rpc_pipefs when it's mounted.
-Under that directory create another directory called "clntXX", and then
-within that a pipe called "gssd".
-
-We'll never send an upcall along that pipe, and any downcall written to
-it will just return -EINVAL.
-
-Signed-off-by: Jeff Layton <jlayton@redhat.com>
-Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
----
- include/linux/sunrpc/rpc_pipe_fs.h |  3 +-
- net/sunrpc/netns.h                 |  1 +
- net/sunrpc/rpc_pipe.c              | 93 ++++++++++++++++++++++++++++++++++++--
- net/sunrpc/sunrpc_syms.c           |  8 +++-
- 4 files changed, 100 insertions(+), 5 deletions(-)
-
-diff --git a/include/linux/sunrpc/rpc_pipe_fs.h b/include/linux/sunrpc/rpc_pipe_fs.h
-index a353e03..85f1342 100644
---- a/include/linux/sunrpc/rpc_pipe_fs.h
-+++ b/include/linux/sunrpc/rpc_pipe_fs.h
-@@ -84,7 +84,8 @@ enum {
- 
- extern struct dentry *rpc_d_lookup_sb(const struct super_block *sb,
- 				      const unsigned char *dir_name);
--extern void rpc_pipefs_init_net(struct net *net);
-+extern int rpc_pipefs_init_net(struct net *net);
-+extern void rpc_pipefs_exit_net(struct net *net);
- extern struct super_block *rpc_get_sb_net(const struct net *net);
- extern void rpc_put_sb_net(const struct net *net);
- 
-diff --git a/net/sunrpc/netns.h b/net/sunrpc/netns.h
-index 779742c..8a8e841 100644
---- a/net/sunrpc/netns.h
-+++ b/net/sunrpc/netns.h
-@@ -14,6 +14,7 @@ struct sunrpc_net {
- 	struct cache_detail *rsi_cache;
- 
- 	struct super_block *pipefs_sb;
-+	struct rpc_pipe *gssd_dummy;
- 	struct mutex pipefs_sb_lock;
- 
- 	struct list_head all_clients;
-diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
-index bf04b30..c23458b 100644
---- a/net/sunrpc/rpc_pipe.c
-+++ b/net/sunrpc/rpc_pipe.c
-@@ -38,7 +38,7 @@
- #define NET_NAME(net)	((net == &init_net) ? " (init_net)" : "")
- 
- static struct file_system_type rpc_pipe_fs_type;
--
-+static const struct rpc_pipe_ops gssd_dummy_pipe_ops;
- 
- static struct kmem_cache *rpc_inode_cachep __read_mostly;
- 
-@@ -1159,6 +1159,7 @@ enum {
- 	RPCAUTH_nfsd4_cb,
- 	RPCAUTH_cache,
- 	RPCAUTH_nfsd,
-+	RPCAUTH_gssd,
- 	RPCAUTH_RootEOF
- };
- 
-@@ -1195,6 +1196,10 @@ static const struct rpc_filelist files[] = {
- 		.name = "nfsd",
- 		.mode = S_IFDIR | S_IRUGO | S_IXUGO,
- 	},
-+	[RPCAUTH_gssd] = {
-+		.name = "gssd",
-+		.mode = S_IFDIR | S_IRUGO | S_IXUGO,
-+	},
- };
- 
- /*
-@@ -1208,13 +1213,25 @@ struct dentry *rpc_d_lookup_sb(const struct super_block *sb,
- }
- EXPORT_SYMBOL_GPL(rpc_d_lookup_sb);
- 
--void rpc_pipefs_init_net(struct net *net)
-+int rpc_pipefs_init_net(struct net *net)
- {
- 	struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
- 
-+	sn->gssd_dummy = rpc_mkpipe_data(&gssd_dummy_pipe_ops, 0);
-+	if (IS_ERR(sn->gssd_dummy))
-+		return PTR_ERR(sn->gssd_dummy);
-+
- 	mutex_init(&sn->pipefs_sb_lock);
- 	sn->gssd_running = 1;
- 	sn->pipe_version = -1;
-+	return 0;
-+}
-+
-+void rpc_pipefs_exit_net(struct net *net)
-+{
-+	struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
-+
-+	rpc_destroy_pipe_data(sn->gssd_dummy);
- }
- 
- /*
-@@ -1244,11 +1261,73 @@ void rpc_put_sb_net(const struct net *net)
- }
- EXPORT_SYMBOL_GPL(rpc_put_sb_net);
- 
-+static const struct rpc_filelist gssd_dummy_clnt_dir[] = {
-+	[0] = {
-+		.name = "clntXX",
-+		.mode = S_IFDIR | S_IRUGO | S_IXUGO,
-+	},
-+};
-+
-+static ssize_t
-+dummy_downcall(struct file *filp, const char __user *src, size_t len)
-+{
-+	return -EINVAL;
-+}
-+
-+static const struct rpc_pipe_ops gssd_dummy_pipe_ops = {
-+	.upcall		= rpc_pipe_generic_upcall,
-+	.downcall	= dummy_downcall,
-+};
-+
-+/**
-+ * rpc_gssd_dummy_populate - create a dummy gssd pipe
-+ * @root:	root of the rpc_pipefs filesystem
-+ * @pipe_data:	pipe data created when netns is initialized
-+ *
-+ * Create a dummy set of directories and a pipe that gssd can hold open to
-+ * indicate that it is up and running.
-+ */
-+static struct dentry *
-+rpc_gssd_dummy_populate(struct dentry *root, struct rpc_pipe *pipe_data)
-+{
-+	int ret = 0;
-+	struct dentry *gssd_dentry;
-+	struct dentry *clnt_dentry = NULL;
-+	struct dentry *pipe_dentry = NULL;
-+	struct qstr q = QSTR_INIT(files[RPCAUTH_gssd].name,
-+				  strlen(files[RPCAUTH_gssd].name));
-+
-+	/* We should never get this far if "gssd" doesn't exist */
-+	gssd_dentry = d_hash_and_lookup(root, &q);
-+	if (!gssd_dentry)
-+		return ERR_PTR(-ENOENT);
-+
-+	ret = rpc_populate(gssd_dentry, gssd_dummy_clnt_dir, 0, 1, NULL);
-+	if (ret) {
-+		pipe_dentry = ERR_PTR(ret);
-+		goto out;
-+	}
-+
-+	q.name = gssd_dummy_clnt_dir[0].name;
-+	q.len = strlen(gssd_dummy_clnt_dir[0].name);
-+	clnt_dentry = d_hash_and_lookup(gssd_dentry, &q);
-+	if (!clnt_dentry) {
-+		pipe_dentry = ERR_PTR(-ENOENT);
-+		goto out;
-+	}
-+
-+	pipe_dentry = rpc_mkpipe_dentry(clnt_dentry, "gssd", NULL, pipe_data);
-+out:
-+	dput(clnt_dentry);
-+	dput(gssd_dentry);
-+	return pipe_dentry;
-+}
-+
- static int
- rpc_fill_super(struct super_block *sb, void *data, int silent)
- {
- 	struct inode *inode;
--	struct dentry *root;
-+	struct dentry *root, *gssd_dentry;
- 	struct net *net = data;
- 	struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
- 	int err;
-@@ -1266,6 +1345,13 @@ rpc_fill_super(struct super_block *sb, void *data, int silent)
- 		return -ENOMEM;
- 	if (rpc_populate(root, files, RPCAUTH_lockd, RPCAUTH_RootEOF, NULL))
- 		return -ENOMEM;
-+
-+	gssd_dentry = rpc_gssd_dummy_populate(root, sn->gssd_dummy);
-+	if (IS_ERR(gssd_dentry)) {
-+		__rpc_depopulate(root, files, RPCAUTH_lockd, RPCAUTH_RootEOF);
-+		return PTR_ERR(gssd_dentry);
-+	}
-+
- 	dprintk("RPC:       sending pipefs MOUNT notification for net %p%s\n",
- 		net, NET_NAME(net));
- 	mutex_lock(&sn->pipefs_sb_lock);
-@@ -1280,6 +1366,7 @@ rpc_fill_super(struct super_block *sb, void *data, int silent)
- 	return 0;
- 
- err_depopulate:
-+	dput(gssd_dentry);
- 	blocking_notifier_call_chain(&rpc_pipefs_notifier_list,
- 					   RPC_PIPEFS_UMOUNT,
- 					   sb);
-diff --git a/net/sunrpc/sunrpc_syms.c b/net/sunrpc/sunrpc_syms.c
-index 3d6498a..cd30120 100644
---- a/net/sunrpc/sunrpc_syms.c
-+++ b/net/sunrpc/sunrpc_syms.c
-@@ -44,12 +44,17 @@ static __net_init int sunrpc_init_net(struct net *net)
- 	if (err)
- 		goto err_unixgid;
- 
--	rpc_pipefs_init_net(net);
-+	err = rpc_pipefs_init_net(net);
-+	if (err)
-+		goto err_pipefs;
-+
- 	INIT_LIST_HEAD(&sn->all_clients);
- 	spin_lock_init(&sn->rpc_client_lock);
- 	spin_lock_init(&sn->rpcb_clnt_lock);
- 	return 0;
- 
-+err_pipefs:
-+	unix_gid_cache_destroy(net);
- err_unixgid:
- 	ip_map_cache_destroy(net);
- err_ipmap:
-@@ -60,6 +65,7 @@ err_proc:
- 
- static __net_exit void sunrpc_exit_net(struct net *net)
- {
-+	rpc_pipefs_exit_net(net);
- 	unix_gid_cache_destroy(net);
- 	ip_map_cache_destroy(net);
- 	rpc_proc_exit(net);
--- 
-1.8.5.3
-
diff --git a/kernels/linux-libre-grsec/0001-syscalls.h-use-gcc-alias-instead-of-assembler-aliase.patch b/kernels/linux-libre-grsec/0001-syscalls.h-use-gcc-alias-instead-of-assembler-aliase.patch
deleted file mode 100644
index c4242e0ae..000000000
--- a/kernels/linux-libre-grsec/0001-syscalls.h-use-gcc-alias-instead-of-assembler-aliase.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From 83460ec8dcac14142e7860a01fa59c267ac4657c Mon Sep 17 00:00:00 2001
-From: Andi Kleen <ak@linux.intel.com>
-Date: Tue, 12 Nov 2013 15:08:36 -0800
-Subject: [PATCH] syscalls.h: use gcc alias instead of assembler aliases for
- syscalls
-
-Use standard gcc __attribute__((alias(foo))) to define the syscall aliases
-instead of custom assembler macros.
-
-This is far cleaner, and also fixes my LTO kernel build.
-
-Signed-off-by: Andi Kleen <ak@linux.intel.com>
-Cc: Al Viro <viro@ZenIV.linux.org.uk>
-Cc: Geert Uytterhoeven <geert@linux-m68k.org>
-Cc: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
-Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
-Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
----
- include/linux/compat.h   | 4 ++--
- include/linux/syscalls.h | 4 ++--
- 2 files changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/include/linux/compat.h b/include/linux/compat.h
-index 345da00..ada34c9 100644
---- a/include/linux/compat.h
-+++ b/include/linux/compat.h
-@@ -41,14 +41,14 @@
- 	COMPAT_SYSCALL_DEFINEx(6, _##name, __VA_ARGS__)
- 
- #define COMPAT_SYSCALL_DEFINEx(x, name, ...)				\
--	asmlinkage long compat_sys##name(__MAP(x,__SC_DECL,__VA_ARGS__));\
-+	asmlinkage long compat_sys##name(__MAP(x,__SC_DECL,__VA_ARGS__))\
-+		__attribute__((alias(__stringify(compat_SyS##name))));  \
- 	static inline long C_SYSC##name(__MAP(x,__SC_DECL,__VA_ARGS__));\
- 	asmlinkage long compat_SyS##name(__MAP(x,__SC_LONG,__VA_ARGS__));\
- 	asmlinkage long compat_SyS##name(__MAP(x,__SC_LONG,__VA_ARGS__))\
- 	{								\
- 		return C_SYSC##name(__MAP(x,__SC_DELOUSE,__VA_ARGS__));	\
- 	}								\
--	SYSCALL_ALIAS(compat_sys##name, compat_SyS##name);		\
- 	static inline long C_SYSC##name(__MAP(x,__SC_DECL,__VA_ARGS__))
- 
- #ifndef compat_user_stack_pointer
-diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h
-index 7fac04e..c27f846 100644
---- a/include/linux/syscalls.h
-+++ b/include/linux/syscalls.h
-@@ -184,7 +184,8 @@ extern struct trace_event_functions exit_syscall_print_funcs;
- 
- #define __PROTECT(...) asmlinkage_protect(__VA_ARGS__)
- #define __SYSCALL_DEFINEx(x, name, ...)					\
--	asmlinkage long sys##name(__MAP(x,__SC_DECL,__VA_ARGS__));	\
-+	asmlinkage long sys##name(__MAP(x,__SC_DECL,__VA_ARGS__))	\
-+		__attribute__((alias(__stringify(SyS##name))));		\
- 	static inline long SYSC##name(__MAP(x,__SC_DECL,__VA_ARGS__));	\
- 	asmlinkage long SyS##name(__MAP(x,__SC_LONG,__VA_ARGS__));	\
- 	asmlinkage long SyS##name(__MAP(x,__SC_LONG,__VA_ARGS__))	\
-@@ -194,7 +195,6 @@ extern struct trace_event_functions exit_syscall_print_funcs;
- 		__PROTECT(x, ret,__MAP(x,__SC_ARGS,__VA_ARGS__));	\
- 		return ret;						\
- 	}								\
--	SYSCALL_ALIAS(sys##name, SyS##name);				\
- 	static inline long SYSC##name(__MAP(x,__SC_DECL,__VA_ARGS__))
- 
- asmlinkage long sys_time(time_t __user *tloc);
--- 
-1.8.5.3
-
diff --git a/kernels/linux-libre-grsec/0002-sunrpc-replace-sunrpc_net-gssd_running-flag-with-a-m.patch b/kernels/linux-libre-grsec/0002-sunrpc-replace-sunrpc_net-gssd_running-flag-with-a-m.patch
deleted file mode 100644
index 19e04da5d..000000000
--- a/kernels/linux-libre-grsec/0002-sunrpc-replace-sunrpc_net-gssd_running-flag-with-a-m.patch
+++ /dev/null
@@ -1,143 +0,0 @@
-From 89f842435c630f8426f414e6030bc2ffea0d6f81 Mon Sep 17 00:00:00 2001
-From: Jeff Layton <jlayton@redhat.com>
-Date: Thu, 14 Nov 2013 07:25:18 -0500
-Subject: [PATCH 2/6] sunrpc: replace sunrpc_net->gssd_running flag with a more
- reliable check
-
-Now that we have a more reliable method to tell if gssd is running, we
-can replace the sn->gssd_running flag with a function that will query to
-see if it's up and running.
-
-There's also no need to attempt an upcall that we know will fail, so
-just return -EACCES if gssd isn't running. Finally, fix the warn_gss()
-message not to claim that that the upcall timed out since we don't
-necesarily perform one now when gssd isn't running, and remove the
-extraneous newline from the message.
-
-Signed-off-by: Jeff Layton <jlayton@redhat.com>
-Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
----
- include/linux/sunrpc/rpc_pipe_fs.h |  2 ++
- net/sunrpc/auth_gss/auth_gss.c     | 17 +++++++----------
- net/sunrpc/netns.h                 |  2 --
- net/sunrpc/rpc_pipe.c              | 14 ++++++++++----
- 4 files changed, 19 insertions(+), 16 deletions(-)
-
-diff --git a/include/linux/sunrpc/rpc_pipe_fs.h b/include/linux/sunrpc/rpc_pipe_fs.h
-index 85f1342..7f490be 100644
---- a/include/linux/sunrpc/rpc_pipe_fs.h
-+++ b/include/linux/sunrpc/rpc_pipe_fs.h
-@@ -131,5 +131,7 @@ extern int rpc_unlink(struct dentry *);
- extern int register_rpc_pipefs(void);
- extern void unregister_rpc_pipefs(void);
- 
-+extern bool gssd_running(struct net *net);
-+
- #endif
- #endif
-diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
-index 42fdfc6..0a2aee0 100644
---- a/net/sunrpc/auth_gss/auth_gss.c
-+++ b/net/sunrpc/auth_gss/auth_gss.c
-@@ -536,8 +536,7 @@ static void warn_gssd(void)
- 	unsigned long now = jiffies;
- 
- 	if (time_after(now, ratelimit)) {
--		printk(KERN_WARNING "RPC: AUTH_GSS upcall timed out.\n"
--				"Please check user daemon is running.\n");
-+		pr_warn("RPC: AUTH_GSS upcall failed. Please check user daemon is running.\n");
- 		ratelimit = now + 15*HZ;
- 	}
- }
-@@ -600,7 +599,6 @@ gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred)
- 	struct rpc_pipe *pipe;
- 	struct rpc_cred *cred = &gss_cred->gc_base;
- 	struct gss_upcall_msg *gss_msg;
--	unsigned long timeout;
- 	DEFINE_WAIT(wait);
- 	int err;
- 
-@@ -608,17 +606,16 @@ gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred)
- 		__func__, from_kuid(&init_user_ns, cred->cr_uid));
- retry:
- 	err = 0;
--	/* Default timeout is 15s unless we know that gssd is not running */
--	timeout = 15 * HZ;
--	if (!sn->gssd_running)
--		timeout = HZ >> 2;
-+	/* if gssd is down, just skip upcalling altogether */
-+	if (!gssd_running(net)) {
-+		warn_gssd();
-+		return -EACCES;
-+	}
- 	gss_msg = gss_setup_upcall(gss_auth, cred);
- 	if (PTR_ERR(gss_msg) == -EAGAIN) {
- 		err = wait_event_interruptible_timeout(pipe_version_waitqueue,
--				sn->pipe_version >= 0, timeout);
-+				sn->pipe_version >= 0, 15 * HZ);
- 		if (sn->pipe_version < 0) {
--			if (err == 0)
--				sn->gssd_running = 0;
- 			warn_gssd();
- 			err = -EACCES;
- 		}
-diff --git a/net/sunrpc/netns.h b/net/sunrpc/netns.h
-index 8a8e841..94e506f 100644
---- a/net/sunrpc/netns.h
-+++ b/net/sunrpc/netns.h
-@@ -33,8 +33,6 @@ struct sunrpc_net {
- 	int pipe_version;
- 	atomic_t pipe_users;
- 	struct proc_dir_entry *use_gssp_proc;
--
--	unsigned int gssd_running;
- };
- 
- extern int sunrpc_net_id;
-diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
-index c23458b..5cd7ad1 100644
---- a/net/sunrpc/rpc_pipe.c
-+++ b/net/sunrpc/rpc_pipe.c
-@@ -216,14 +216,11 @@ rpc_destroy_inode(struct inode *inode)
- static int
- rpc_pipe_open(struct inode *inode, struct file *filp)
- {
--	struct net *net = inode->i_sb->s_fs_info;
--	struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
- 	struct rpc_pipe *pipe;
- 	int first_open;
- 	int res = -ENXIO;
- 
- 	mutex_lock(&inode->i_mutex);
--	sn->gssd_running = 1;
- 	pipe = RPC_I(inode)->pipe;
- 	if (pipe == NULL)
- 		goto out;
-@@ -1222,7 +1219,6 @@ int rpc_pipefs_init_net(struct net *net)
- 		return PTR_ERR(sn->gssd_dummy);
- 
- 	mutex_init(&sn->pipefs_sb_lock);
--	sn->gssd_running = 1;
- 	sn->pipe_version = -1;
- 	return 0;
- }
-@@ -1376,6 +1372,16 @@ err_depopulate:
- 	return err;
- }
- 
-+bool
-+gssd_running(struct net *net)
-+{
-+	struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
-+	struct rpc_pipe *pipe = sn->gssd_dummy;
-+
-+	return pipe->nreaders || pipe->nwriters;
-+}
-+EXPORT_SYMBOL_GPL(gssd_running);
-+
- static struct dentry *
- rpc_mount(struct file_system_type *fs_type,
- 		int flags, const char *dev_name, void *data)
--- 
-1.8.5.3
-
diff --git a/kernels/linux-libre-grsec/0003-nfs-check-if-gssd-is-running-before-attempting-to-us.patch b/kernels/linux-libre-grsec/0003-nfs-check-if-gssd-is-running-before-attempting-to-us.patch
deleted file mode 100644
index 87b54fc3e..000000000
--- a/kernels/linux-libre-grsec/0003-nfs-check-if-gssd-is-running-before-attempting-to-us.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 6aa23d76a7b549521a03b63b6d5b7880ea87eab7 Mon Sep 17 00:00:00 2001
-From: Jeff Layton <jlayton@redhat.com>
-Date: Thu, 14 Nov 2013 07:25:19 -0500
-Subject: [PATCH 3/6] nfs: check if gssd is running before attempting to use
- krb5i auth in SETCLIENTID call
-
-Currently, the client will attempt to use krb5i in the SETCLIENTID call
-even if rpc.gssd isn't running. When that fails, it'll then fall back to
-RPC_AUTH_UNIX. This introduced a delay when mounting if rpc.gssd isn't
-running, and causes warning messages to pop up in the ring buffer.
-
-Check to see if rpc.gssd is running before even attempting to use krb5i
-auth, and just silently skip trying to do so if it isn't. In the event
-that the admin is actually trying to mount with krb5*, it will still
-fail at a later stage of the mount attempt.
-
-Signed-off-by: Jeff Layton <jlayton@redhat.com>
-Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
----
- fs/nfs/nfs4client.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/fs/nfs/nfs4client.c b/fs/nfs/nfs4client.c
-index b4a160a..c1b7a80 100644
---- a/fs/nfs/nfs4client.c
-+++ b/fs/nfs/nfs4client.c
-@@ -10,6 +10,7 @@
- #include <linux/sunrpc/auth.h>
- #include <linux/sunrpc/xprt.h>
- #include <linux/sunrpc/bc_xprt.h>
-+#include <linux/sunrpc/rpc_pipe_fs.h>
- #include "internal.h"
- #include "callback.h"
- #include "delegation.h"
-@@ -370,7 +371,11 @@ struct nfs_client *nfs4_init_client(struct nfs_client *clp,
- 		__set_bit(NFS_CS_INFINITE_SLOTS, &clp->cl_flags);
- 	__set_bit(NFS_CS_DISCRTRY, &clp->cl_flags);
- 	__set_bit(NFS_CS_NO_RETRANS_TIMEOUT, &clp->cl_flags);
--	error = nfs_create_rpc_client(clp, timeparms, RPC_AUTH_GSS_KRB5I);
-+
-+	error = -EINVAL;
-+	if (gssd_running(clp->cl_net))
-+		error = nfs_create_rpc_client(clp, timeparms,
-+					      RPC_AUTH_GSS_KRB5I);
- 	if (error == -EINVAL)
- 		error = nfs_create_rpc_client(clp, timeparms, RPC_AUTH_UNIX);
- 	if (error < 0)
--- 
-1.8.5.3
-
diff --git a/kernels/linux-libre-grsec/0004-rpc_pipe-remove-the-clntXX-dir-if-creating-the-pipe-.patch b/kernels/linux-libre-grsec/0004-rpc_pipe-remove-the-clntXX-dir-if-creating-the-pipe-.patch
deleted file mode 100644
index 5f2c3dae8..000000000
--- a/kernels/linux-libre-grsec/0004-rpc_pipe-remove-the-clntXX-dir-if-creating-the-pipe-.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 3396f92f8be606ea485b0a82d4e7749a448b013b Mon Sep 17 00:00:00 2001
-From: Jeff Layton <jlayton@redhat.com>
-Date: Thu, 5 Dec 2013 07:33:49 -0500
-Subject: [PATCH 4/6] rpc_pipe: remove the clntXX dir if creating the pipe
- fails
-
-In the event that we create the gssd/clntXX dir, but the pipe creation
-subsequently fails, then we should remove the clntXX dir before
-returning.
-
-Signed-off-by: Jeff Layton <jlayton@redhat.com>
-Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
----
- net/sunrpc/rpc_pipe.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
-index 5cd7ad1..0b74c61 100644
---- a/net/sunrpc/rpc_pipe.c
-+++ b/net/sunrpc/rpc_pipe.c
-@@ -1313,6 +1313,8 @@ rpc_gssd_dummy_populate(struct dentry *root, struct rpc_pipe *pipe_data)
- 	}
- 
- 	pipe_dentry = rpc_mkpipe_dentry(clnt_dentry, "gssd", NULL, pipe_data);
-+	if (IS_ERR(pipe_dentry))
-+		__rpc_depopulate(gssd_dentry, gssd_dummy_clnt_dir, 0, 1);
- out:
- 	dput(clnt_dentry);
- 	dput(gssd_dentry);
--- 
-1.8.5.3
-
diff --git a/kernels/linux-libre-grsec/0005-sunrpc-add-an-info-file-for-the-dummy-gssd-pipe.patch b/kernels/linux-libre-grsec/0005-sunrpc-add-an-info-file-for-the-dummy-gssd-pipe.patch
deleted file mode 100644
index 8ef6fe25c..000000000
--- a/kernels/linux-libre-grsec/0005-sunrpc-add-an-info-file-for-the-dummy-gssd-pipe.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-From e2f0c83a9de331d9352185ca3642616c13127539 Mon Sep 17 00:00:00 2001
-From: Jeff Layton <jlayton@redhat.com>
-Date: Thu, 5 Dec 2013 07:34:44 -0500
-Subject: [PATCH 5/6] sunrpc: add an "info" file for the dummy gssd pipe
-
-rpc.gssd expects to see an "info" file in each clntXX dir. Since adding
-the dummy gssd pipe, users that run rpc.gssd see a lot of these messages
-spamming the logs:
-
-    rpc.gssd[508]: ERROR: can't open /var/lib/nfs/rpc_pipefs/gssd/clntXX/info: No such file or directory
-    rpc.gssd[508]: ERROR: failed to read service info
-
-Add a dummy gssd/clntXX/info file to help silence these messages.
-
-Signed-off-by: Jeff Layton <jlayton@redhat.com>
-Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
----
- net/sunrpc/rpc_pipe.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++++-
- 1 file changed, 49 insertions(+), 1 deletion(-)
-
-diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
-index 0b74c61..5d973b2 100644
---- a/net/sunrpc/rpc_pipe.c
-+++ b/net/sunrpc/rpc_pipe.c
-@@ -17,6 +17,7 @@
- #include <linux/fsnotify.h>
- #include <linux/kernel.h>
- #include <linux/rcupdate.h>
-+#include <linux/utsname.h>
- 
- #include <asm/ioctls.h>
- #include <linux/poll.h>
-@@ -1275,6 +1276,44 @@ static const struct rpc_pipe_ops gssd_dummy_pipe_ops = {
- 	.downcall	= dummy_downcall,
- };
- 
-+/*
-+ * Here we present a bogus "info" file to keep rpc.gssd happy. We don't expect
-+ * that it will ever use this info to handle an upcall, but rpc.gssd expects
-+ * that this file will be there and have a certain format.
-+ */
-+static int
-+rpc_show_dummy_info(struct seq_file *m, void *v)
-+{
-+	seq_printf(m, "RPC server: %s\n", utsname()->nodename);
-+	seq_printf(m, "service: foo (1) version 0\n");
-+	seq_printf(m, "address: 127.0.0.1\n");
-+	seq_printf(m, "protocol: tcp\n");
-+	seq_printf(m, "port: 0\n");
-+	return 0;
-+}
-+
-+static int
-+rpc_dummy_info_open(struct inode *inode, struct file *file)
-+{
-+	return single_open(file, rpc_show_dummy_info, NULL);
-+}
-+
-+static const struct file_operations rpc_dummy_info_operations = {
-+	.owner		= THIS_MODULE,
-+	.open		= rpc_dummy_info_open,
-+	.read		= seq_read,
-+	.llseek		= seq_lseek,
-+	.release	= single_release,
-+};
-+
-+static const struct rpc_filelist gssd_dummy_info_file[] = {
-+	[0] = {
-+		.name = "info",
-+		.i_fop = &rpc_dummy_info_operations,
-+		.mode = S_IFREG | S_IRUSR,
-+	},
-+};
-+
- /**
-  * rpc_gssd_dummy_populate - create a dummy gssd pipe
-  * @root:	root of the rpc_pipefs filesystem
-@@ -1312,9 +1351,18 @@ rpc_gssd_dummy_populate(struct dentry *root, struct rpc_pipe *pipe_data)
- 		goto out;
- 	}
- 
-+	ret = rpc_populate(clnt_dentry, gssd_dummy_info_file, 0, 1, NULL);
-+	if (ret) {
-+		__rpc_depopulate(gssd_dentry, gssd_dummy_clnt_dir, 0, 1);
-+		pipe_dentry = ERR_PTR(ret);
-+		goto out;
-+	}
-+
- 	pipe_dentry = rpc_mkpipe_dentry(clnt_dentry, "gssd", NULL, pipe_data);
--	if (IS_ERR(pipe_dentry))
-+	if (IS_ERR(pipe_dentry)) {
-+		__rpc_depopulate(clnt_dentry, gssd_dummy_info_file, 0, 1);
- 		__rpc_depopulate(gssd_dentry, gssd_dummy_clnt_dir, 0, 1);
-+	}
- out:
- 	dput(clnt_dentry);
- 	dput(gssd_dentry);
--- 
-1.8.5.3
-
diff --git a/kernels/linux-libre-grsec/0006-rpc_pipe-fix-cleanup-of-dummy-gssd-directory-when-no.patch b/kernels/linux-libre-grsec/0006-rpc_pipe-fix-cleanup-of-dummy-gssd-directory-when-no.patch
deleted file mode 100644
index 75505c30d..000000000
--- a/kernels/linux-libre-grsec/0006-rpc_pipe-fix-cleanup-of-dummy-gssd-directory-when-no.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 23e66ba97127ff3b064d4c6c5138aa34eafc492f Mon Sep 17 00:00:00 2001
-From: Jeff Layton <jlayton@redhat.com>
-Date: Mon, 9 Dec 2013 09:38:00 -0500
-Subject: [PATCH 6/6] rpc_pipe: fix cleanup of dummy gssd directory when
- notification fails
-
-Currently, it could leak dentry references in some cases. Make sure
-we clean up properly.
-
-Signed-off-by: Jeff Layton <jlayton@redhat.com>
-Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
----
- net/sunrpc/rpc_pipe.c | 14 +++++++++++++-
- 1 file changed, 13 insertions(+), 1 deletion(-)
-
-diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
-index 5d973b2..b185548 100644
---- a/net/sunrpc/rpc_pipe.c
-+++ b/net/sunrpc/rpc_pipe.c
-@@ -1369,6 +1369,18 @@ out:
- 	return pipe_dentry;
- }
- 
-+static void
-+rpc_gssd_dummy_depopulate(struct dentry *pipe_dentry)
-+{
-+	struct dentry *clnt_dir = pipe_dentry->d_parent;
-+	struct dentry *gssd_dir = clnt_dir->d_parent;
-+
-+	__rpc_rmpipe(clnt_dir->d_inode, pipe_dentry);
-+	__rpc_depopulate(clnt_dir, gssd_dummy_info_file, 0, 1);
-+	__rpc_depopulate(gssd_dir, gssd_dummy_clnt_dir, 0, 1);
-+	dput(pipe_dentry);
-+}
-+
- static int
- rpc_fill_super(struct super_block *sb, void *data, int silent)
- {
-@@ -1412,7 +1424,7 @@ rpc_fill_super(struct super_block *sb, void *data, int silent)
- 	return 0;
- 
- err_depopulate:
--	dput(gssd_dentry);
-+	rpc_gssd_dummy_depopulate(gssd_dentry);
- 	blocking_notifier_call_chain(&rpc_pipefs_notifier_list,
- 					   RPC_PIPEFS_UMOUNT,
- 					   sb);
--- 
-1.8.5.3
-
diff --git a/kernels/linux-libre-grsec/i8042-fix-aliases.patch b/kernels/linux-libre-grsec/i8042-fix-aliases.patch
deleted file mode 100644
index 961968c78..000000000
--- a/kernels/linux-libre-grsec/i8042-fix-aliases.patch
+++ /dev/null
@@ -1,113 +0,0 @@
-commit 5a420e61e39862c7c3356080eddb23dfe4ccadb7
-Author: Tom Gundersen <teg@jklm.no>
-Date:   Sun Jan 26 17:00:32 2014 +0100
-
-    Input: i8042 - fix PNP modaliases when both aux and kdb are enabled
-    
-    Commit 78551277e4 exposed the PNP modaliases for the i8042 module. However,
-    when both the aux and the kbd drivers are enabled the aux entries would
-    override the kdb ones.
-    
-    Refactor the device_id lists, and unconditionally attempt to load the driver
-    if either a kdb or aux devices is present.
-    
-    Signed-off-by: Tom Gundersen <teg@jklm.no>
-
-diff --git a/drivers/input/serio/i8042-x86ia64io.h b/drivers/input/serio/i8042-x86ia64io.h
-index 0ec9abb..dbc6958 100644
---- a/drivers/input/serio/i8042-x86ia64io.h
-+++ b/drivers/input/serio/i8042-x86ia64io.h
-@@ -747,25 +747,27 @@ static int i8042_pnp_aux_probe(struct pnp_dev *dev, const struct pnp_device_id *
- 	return 0;
- }
- 
--static struct pnp_device_id pnp_kbd_devids[] = {
--	{ .id = "PNP0300", .driver_data = 0 },
--	{ .id = "PNP0301", .driver_data = 0 },
--	{ .id = "PNP0302", .driver_data = 0 },
--	{ .id = "PNP0303", .driver_data = 0 },
--	{ .id = "PNP0304", .driver_data = 0 },
--	{ .id = "PNP0305", .driver_data = 0 },
--	{ .id = "PNP0306", .driver_data = 0 },
--	{ .id = "PNP0309", .driver_data = 0 },
--	{ .id = "PNP030a", .driver_data = 0 },
--	{ .id = "PNP030b", .driver_data = 0 },
--	{ .id = "PNP0320", .driver_data = 0 },
--	{ .id = "PNP0343", .driver_data = 0 },
--	{ .id = "PNP0344", .driver_data = 0 },
--	{ .id = "PNP0345", .driver_data = 0 },
-+#define KBD_DEVIDS \
-+	{ .id = "PNP0300", .driver_data = 0 }, \
-+	{ .id = "PNP0301", .driver_data = 0 }, \
-+	{ .id = "PNP0302", .driver_data = 0 }, \
-+	{ .id = "PNP0303", .driver_data = 0 }, \
-+	{ .id = "PNP0304", .driver_data = 0 }, \
-+	{ .id = "PNP0305", .driver_data = 0 }, \
-+	{ .id = "PNP0306", .driver_data = 0 }, \
-+	{ .id = "PNP0309", .driver_data = 0 }, \
-+	{ .id = "PNP030a", .driver_data = 0 }, \
-+	{ .id = "PNP030b", .driver_data = 0 }, \
-+	{ .id = "PNP0320", .driver_data = 0 }, \
-+	{ .id = "PNP0343", .driver_data = 0 }, \
-+	{ .id = "PNP0344", .driver_data = 0 }, \
-+	{ .id = "PNP0345", .driver_data = 0 }, \
- 	{ .id = "CPQA0D7", .driver_data = 0 },
-+
-+static struct pnp_device_id pnp_kbd_devids[] = {
-+	KBD_DEVIDS
- 	{ .id = "", },
- };
--MODULE_DEVICE_TABLE(pnp, pnp_kbd_devids);
- 
- static struct pnp_driver i8042_pnp_kbd_driver = {
- 	.name           = "i8042 kbd",
-@@ -773,21 +775,23 @@ static struct pnp_driver i8042_pnp_kbd_driver = {
- 	.probe          = i8042_pnp_kbd_probe,
- };
- 
--static struct pnp_device_id pnp_aux_devids[] = {
--	{ .id = "AUI0200", .driver_data = 0 },
--	{ .id = "FJC6000", .driver_data = 0 },
--	{ .id = "FJC6001", .driver_data = 0 },
--	{ .id = "PNP0f03", .driver_data = 0 },
--	{ .id = "PNP0f0b", .driver_data = 0 },
--	{ .id = "PNP0f0e", .driver_data = 0 },
--	{ .id = "PNP0f12", .driver_data = 0 },
--	{ .id = "PNP0f13", .driver_data = 0 },
--	{ .id = "PNP0f19", .driver_data = 0 },
--	{ .id = "PNP0f1c", .driver_data = 0 },
-+#define AUX_DEVIDS \
-+	{ .id = "AUI0200", .driver_data = 0 }, \
-+	{ .id = "FJC6000", .driver_data = 0 }, \
-+	{ .id = "FJC6001", .driver_data = 0 }, \
-+	{ .id = "PNP0f03", .driver_data = 0 }, \
-+	{ .id = "PNP0f0b", .driver_data = 0 }, \
-+	{ .id = "PNP0f0e", .driver_data = 0 }, \
-+	{ .id = "PNP0f12", .driver_data = 0 }, \
-+	{ .id = "PNP0f13", .driver_data = 0 }, \
-+	{ .id = "PNP0f19", .driver_data = 0 }, \
-+	{ .id = "PNP0f1c", .driver_data = 0 }, \
- 	{ .id = "SYN0801", .driver_data = 0 },
-+
-+static struct pnp_device_id pnp_aux_devids[] = {
-+	AUX_DEVIDS
- 	{ .id = "", },
- };
--MODULE_DEVICE_TABLE(pnp, pnp_aux_devids);
- 
- static struct pnp_driver i8042_pnp_aux_driver = {
- 	.name           = "i8042 aux",
-@@ -795,6 +799,13 @@ static struct pnp_driver i8042_pnp_aux_driver = {
- 	.probe          = i8042_pnp_aux_probe,
- };
- 
-+static struct pnp_device_id pnp_kdb_aux_devids[] = {
-+	KBD_DEVIDS
-+	AUX_DEVIDS
-+	{ .id = "", },
-+};
-+MODULE_DEVICE_TABLE(pnp, pnp_kdb_aux_devids);
-+
- static void i8042_pnp_exit(void)
- {
- 	if (i8042_pnp_kbd_registered) {
author	Nicolás Reynolds <fauno@endefensadelsl.org>	2014-03-25 03:59:45 +0000
committer	Nicolás Reynolds <fauno@endefensadelsl.org>	2014-03-25 03:59:45 +0000
commit	ec963aec4666ff7087ae150cb84398533a78f296 (patch)
tree	4da354e279473e5bd24dccdc93e816b2ebbe076f /kernels/linux-libre-grsec
parent	f28fb29dd903558bdb2765f573eaf149897e7d1c (diff)