- 02 Dec, 2010 1 commit
-
-
Casey Schaufler authored
SMACK64EXEC. It defines label that is used while task is running. Exception: in smack_task_wait() child task is checked for write access to parent task using label inherited from the task that forked it. Fixed issues from previous submit: - SMACK64EXEC was not read when SMACK64 was not set. - inode security blob was not updated after setting SMACK64EXEC - inode security blob was not updated when removing SMACK64EXEC
-
- 29 Nov, 2010 1 commit
-
-
Mimi Zohar authored
This patch fixes the linux-next powerpc build errors as reported by Stephen Rothwell. Reported-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Tested-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
-
- 28 Nov, 2010 8 commits
-
-
Casey Schaufler authored
This patch addresses a number of long standing issues with the way Smack treats UNIX domain sockets. All access control was being done based on the label of the file system object. This is inconsistant with the internet domain, in which access is done based on the IPIN and IPOUT attributes of the socket. As a result of the inode label policy it was not possible to use a UDS socket for label cognizant services, including dbus and the X11 server. Support for SCM_PEERSEC on UDS sockets is also provided. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: James Morris <jmorris@namei.org>
-
Mimi Zohar authored
Define a new kernel key-type called 'encrypted'. Encrypted keys are kernel generated random numbers, which are encrypted/decrypted with a 'trusted' symmetric key. Encrypted keys are created/encrypted/decrypted in the kernel. Userspace only ever sees/stores encrypted blobs. Changelog: - bug fix: replaced master-key rcu based locking with semaphore (reported by David Howells) - Removed memset of crypto_shash_digest() digest output - Replaced verification of 'key-type:key-desc' using strcspn(), with one based on string constants. - Moved documentation to Documentation/keys-trusted-encrypted.txt - Replace hash with shash (based on comments by David Howells) - Make lengths/counts size_t where possible (based on comments by David Howells) Could not convert most lengths, as crypto expects 'unsigned int' (size_t: on 32 bit is defined as unsigned int, but on 64 bit is unsigned long) - Add 'const' where possible (based on comments by David Howells) - allocate derived_buf dynamically to support arbitrary length master key (fixed by Roberto Sassu) - wait until late_initcall for crypto libraries to be registered - cleanup security/Kconfig - Add missing 'update' keyword (reported/fixed by Roberto Sassu) - Free epayload on failure to create key (reported/fixed by Roberto Sassu) - Increase the data size limit (requested by Roberto Sassu) - Crypto return codes are always 0 on success and negative on failure, remove unnecessary tests. - Replaced kzalloc() with kmalloc() Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: David Safford <safford@watson.ibm.com> Reviewed-by: Roberto Sassu <roberto.sassu@polito.it> Signed-off-by: James Morris <jmorris@namei.org>
-
Mimi Zohar authored
Define a new kernel key-type called 'trusted'. Trusted keys are random number symmetric keys, generated and RSA-sealed by the TPM. The TPM only unseals the keys, if the boot PCRs and other criteria match. Userspace can only ever see encrypted blobs. Based on suggestions by Jason Gunthorpe, several new options have been added to support additional usages. The new options are: migratable= designates that the key may/may not ever be updated (resealed under a new key, new pcrinfo or new auth.) pcrlock=n extends the designated PCR 'n' with a random value, so that a key sealed to that PCR may not be unsealed again until after a reboot. keyhandle= specifies the sealing/unsealing key handle. keyauth= specifies the sealing/unsealing key auth. blobauth= specifies the sealed data auth. Implementation of a kernel reserved locality for trusted keys will be investigated for a possible future extension. Changelog: - Updated and added examples to Documentation/keys-trusted-encrypted.txt - Moved generic TPM constants to include/linux/tpm_command.h (David Howell's suggestion.) - trusted_defined.c: replaced kzalloc with kmalloc, added pcrlock failure error handling, added const qualifiers where appropriate. - moved to late_initcall - updated from hash to shash (suggestion by David Howells) - reduced worst stack usage (tpm_seal) from 530 to 312 bytes - moved documentation to Documentation directory (suggestion by David Howells) - all the other code cleanups suggested by David Howells - Add pcrlock CAP_SYS_ADMIN dependency (based on comment by Jason Gunthorpe) - New options: migratable, pcrlock, keyhandle, keyauth, blobauth (based on discussions with Jason Gunthorpe) - Free payload on failure to create key(reported/fixed by Roberto Sassu) - Updated Kconfig and other descriptions (based on Serge Hallyn's suggestion) - Replaced kzalloc() with kmalloc() (reported by Serge Hallyn) Signed-off-by: David Safford <safford@watson.ibm.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
-
Mimi Zohar authored
Add internal kernel tpm_send() command used to seal/unseal keys. Changelog: - replaced module_put in tpm_send() with new tpm_chip_put() wrapper (suggested by David Howells) - Make tpm_send() cmd argument a 'void *' (suggested by David Howells) Signed-off-by: David Safford <safford@watson.ibm.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: David Howells <dhowells@redhat.com> Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com> Signed-off-by: James Morris <jmorris@namei.org>
-
Mimi Zohar authored
For readability, define a tpm_chip_put() wrapper to call module_put(). Replace existing module_put() calls with the wrapper. (Change based on trusted/encrypted patchset review by David Howells.) Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: David Safford <safford@watson.ibm.com> Acked-by: David Howells <dhowells@redhat.com> Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com> Signed-off-by: James Morris <jmorris@namei.org>
-
Mimi Zohar authored
Similar to the kgdb_hex2mem() code, hex2bin converts a string to binary using the hex_to_bin() library call. Changelog: - Replace parameter names with src/dst (based on David Howell's comment) - Add 'const' where needed (based on David Howell's comment) - Replace int with size_t (based on David Howell's comment) Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Serge E. Hallyn <serge@hallyn.com> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
-
Serge E. Hallyn authored
Privileged syslog operations currently require CAP_SYS_ADMIN. Split this off into a new CAP_SYSLOG privilege which we can sanely take away from a container through the capability bounding set. With this patch, an lxc container can be prevented from messing with the host's syslog (i.e. dmesg -c). Changelog: mar 12 2010: add selinux capability2:cap_syslog perm Changelog: nov 22 2010: . port to new kernel . add a WARN_ONCE if userspace isn't using CAP_SYSLOG Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Andrew G. Morgan <morgan@kernel.org> Acked-By: Kees Cook <kees.cook@canonical.com> Cc: James Morris <jmorris@namei.org> Cc: Michael Kerrisk <mtk.manpages@gmail.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: "Christopher J. PeBenito" <cpebenito@tresys.com> Cc: Eric Paris <eparis@parisplace.org> Signed-off-by: James Morris <jmorris@namei.org>
-
James Morris authored
-
- 27 Nov, 2010 1 commit
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound-2.6: (30 commits) ALSA: hda - Use ALC_INIT_DEFAULT for really default initialization ASoC: Fix resource reclaim for osk5912 ASoC: tlv320aic3x - fix variable may be used uninitialized warning ASoC: davinci-vcif - fix a memory leak ASoC: phycore-ac97: fix resource leak ASoC: imx-ssi: fix resource leak ASoC: simone: fix resource leak in simone_init error path ASoC: sam9g20_wm8731: fix resource leak in at91sam9g20ek_init error path ASoC: snd-soc-afeb9260: remove unneeded platform_device_del in error path ASoC: pcm030-audio-fabric: fix resource leak in pcm030_fabric_init error path ASoC: efika-audio-fabric: fix resource leak in efika_fabric_init error path ASoC: Call snd_soc_unregister_dais instead of snd_soc_unregister_dai in sh4_soc_dai_remove ASoC: fix SND_PXA2XX_LIB Kconfig warning ALSA: hda - Fix ALC660-VD/ALC861-VD capture/playback mixers ALSA: HDA: Add an extra DAC for Realtek ALC887-VD ASoC: nuc900-ac97: fix a memory leak ASoC: Return proper error for omap3pandora_soc_init ASoC: wm8961 - clear WM8961_MCLKDIV bit for freq <= 16500000 ASoC: wm8961 - clear WM8961_DACSLOPE bit for normal mode ALSA: hda - Fix Acer 7730G support ...
-
- 26 Nov, 2010 15 commits
-
-
git://git.linux-nfs.org/projects/trondmy/nfs-2.6Linus Torvalds authored
* 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6: NFS: Ensure we return the dirent->d_type when it is known NFS: Correct the array bound calculation in nfs_readdir_add_to_array NFS: Don't ignore errors from nfs_do_filldir() NFS: Fix the error handling in "uncached_readdir()" NFS: Fix a page leak in uncached_readdir() NFS: Fix a page leak in nfs_do_filldir() NFS: Assume eof if the server returns no readdir records NFS: Buffer overflow in ->decode_dirent() should not be fatal Pure nfs client performance using odirect. SUNRPC: Fix an infinite loop in call_refresh/call_refreshresult
-
git://git.infradead.org/ubi-2.6Linus Torvalds authored
* 'linux-next' of git://git.infradead.org/ubi-2.6: UBI: release locks in check_corruption
-
Linus Torvalds authored
Merge branch 'timers-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'timers-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: posix-cpu-timers: Rcu_read_lock/unlock protect find_task_by_vpid call
-
Linus Torvalds authored
Merge branch 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: dmar, x86: Use function stubs when CONFIG_INTR_REMAP is disabled x86-64: Fix and clean up AMD Fam10 MMCONF enabling x86: UV: Address interrupt/IO port operation conflict x86: Use online node real index in calulate_tbl_offset() x86, asm: Fix binutils 2.15 build failure
-
Linus Torvalds authored
Merge branch 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'perf-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: perf symbols: Remove incorrect open-coded container_of() perf record: Handle restrictive permissions in /proc/{kallsyms,modules} x86/kprobes: Prevent kprobes to probe on save_args() irq_work: Drop cmpxchg() result perf: Fix owner-list vs exit x86, hw_nmi: Move backtrace_mask declaration under ARCH_HAS_NMI_WATCHDOG tracing: Fix recursive user stack trace perf,hw_breakpoint: Initialize hardware api earlier x86: Ignore trap bits on single step exceptions tracing: Force arch_local_irq_* notrace for paravirt tracing: Fix module use of trace_bprintk()
-
Linus Torvalds authored
Merge branch 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: sched: Fix idle balancing sched: Fix volanomark performance regression
-
git://git390.marist.edu/pub/scm/linux-2.6Linus Torvalds authored
* 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6: [S390] qdio: free indicator after reset is finished [S390] nmi: fix clock comparator revalidation
-
git://git.kernel.dk/linux-2.6-blockLinus Torvalds authored
* 'for-linus' of git://git.kernel.dk/linux-2.6-block: cciss: fix build for PROC_FS disabled block: fix amiga and atari floppy driver compile warning blk-throttle: Fix calculation of max number of WRITES to be dispatched ioprio: grab rcu_read_lock in sys_ioprio_{set,get}() xen/blkfront: cope with backend that fail empty BLKIF_OP_WRITE_BARRIER requests xen/blkfront: Implement FUA with BLKIF_OP_WRITE_BARRIER xen/blkfront: change blk_shadow.request to proper pointer xen/blkfront: map REQ_FLUSH into a full barrier
-
Linus Torvalds authored
Merge branch 'rmobile-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6 * 'rmobile-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6: ARM: mach-shmobile: clock-sh7372: remove bogus pllc2 clock toggling. ARM: mach-shmobile: clock-sh7372: remove unnecessary fsi clocks ARM: mach-shmobile: clock-sh7372: modify error code ARM: mach-shmobile: ap4evb: FSI clock use proper process for ak4642 ARM: mach-shmobile: ap4evb: FSI clock use proper process for HDMI ARM: mach-shmobile: clock-sh7372: remove fsidiv bogus disable ARM: mach-shmobile: sh7372 USB0/IIC1 MSTP fix
-
git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmcLinus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/cjb/mmc: mmc: sdhci: 8-bit bus width changes mmc: sdio: fix runtime PM anomalies by introducing MMC_CAP_POWER_OFF_CARD mmc: sdio: fix nasty oops in mmc_sdio_detect mmc: omap4: hsmmc: Fix improper card detection while booting mmc: fix rmmod race for hosts using card-detection polling mmc: sdhci: Fix crash on boot with C0 stepping Moorestown platforms mmc: sdhci-esdhc-imx: enable QUIRK_NO_MULTIBLOCK only for i.MX25 and i.MX35 mmc: sdhci-esdhc-imx: fix timeout on i.MX's sdhci mmc: sdhci: Properly enable SDIO IRQ wakeups mmc: ushc: Return proper error code for ushc_probe() mmc: Fix printing of card DDR type
-
Linus Torvalds authored
Merge branch 's5p-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung * 's5p-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/kgene/linux-samsung: ARM: S5PV210: Fix sysdev related warning messages ARM: S3C24XX: Fix UART3 submask on S3C2416 and S3C2443 ARM: S3C24XX: Fix Demux error in UART3 irqs on S3C2443 and S3C2416 ARM: S3C64XX: fix uart clock setup for mini6410/real6410 ARM: S3C24XX: Fix wrong s3c_gpio_cfgpull ARM: S3C2410: Adapt h1940-bluetooth to gpiolib changes
-
git://git.kernel.org/pub/scm/linux/kernel/git/ryusuke/nilfs2Linus Torvalds authored
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ryusuke/nilfs2: nilfs2: fix typo in comment of nilfs_dat_move function nilfs2: nilfs_iget_for_gc() returns ERR_PTR
-
Takashi Iwai authored
-
Takashi Iwai authored
When SKU assid gives no valid bits for 0x38, the driver didn't take any action, so far. This resulted in the missing initialization for external amps, etc, thus the silent output in the end. Especially users hit this problem on ALC888 newly since 2.6.35, where the driver doesn't force to use ALC_INIT_DEFAULT any more. This patch sets the default initialization scheme to use ALC_INIT_DEFAULT when no valid bits are set for SKU assid. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=657388Reported-and-tested-by: Kyle McMartin <kyle@redhat.com> Cc: <stable@kernel.org> Signed-off-by: Takashi Iwai <tiwai@suse.de>
-
Randy Dunlap authored
The stubs for CONFIG_INTR_REMAP disabled need to be functions instead of values to eliminate build warnings. arch/x86/kernel/apic/apic.c: In function 'lapic_suspend': arch/x86/kernel/apic/apic.c:2060:3: warning: statement with no effect arch/x86/kernel/apic/apic.c: In function 'lapic_resume': arch/x86/kernel/apic/apic.c:2137:3: warning: statement with no effect Reported-and-Tested-by: Fabio Comolli <fabio.comolli@gmail.com> Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Cc: Suresh Siddha <suresh.b.siddha@intel.com> Cc: Yinghai Lu <yinghai@kernel.org> Cc: David Woodhouse <dwmw2@infradead.org> Cc: Jesse Barnes <jbarnes@virtuousgeek.org> LKML-Reference: <20101122124834.74429004.randy.dunlap@oracle.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
-
- 25 Nov, 2010 14 commits
-
-
Axel Lin authored
In current implementation, there are resources leak in the error path. This patch properly reclaims the allocated resources in the error path. Also adds a missing clk_put in osk_soc_exit. Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Jarkko Nikula <jhnikula@gmail.com> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Axel Lin authored
If aic3x_read failed , val is used uninitialized. Fix it by initializing val to 0. This patch fixes below compile warning: sound/soc/codecs/tlv320aic3x.c: In function 'aic3x_get_gpio': sound/soc/codecs/tlv320aic3x.c:1183: warning: 'val' may be used uninitialized in this function sound/soc/codecs/tlv320aic3x.c: In function 'aic3x_headset_detected': sound/soc/codecs/tlv320aic3x.c:1211: warning: 'val' may be used uninitialized in this function sound/soc/codecs/tlv320aic3x.c: In function 'aic3x_button_pressed': sound/soc/codecs/tlv320aic3x.c:1219: warning: 'val' may be used uninitialized in this function Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Axel Lin authored
Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Axel Lin authored
Fix imx_phycore_init() error path and imx_phycore_exit() to properly free allocated resources. Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Sascha Hauer <s.hauer@pengutronix.de> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Axel Lin authored
Fix imx_ssi_probe() error path and imx_ssi_remove() to properly free allocated resources. Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Sascha Hauer <s.hauer@pengutronix.de> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Axel Lin authored
Fix the error path to properly free allocated resources. Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Mika Westerberg <mika.westerberg@iki.fi> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Axel Lin authored
Fix the error path to properly free allocated resources. Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Axel Lin authored
Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Axel Lin authored
Add missing platform_device_put() if platform_device_add() failed. Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Axel Lin authored
Add missing platform_device_put() if platform_device_add() failed. Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Axel Lin authored
We call snd_soc_register_dais() in sh4_soc_dai_probe(), thus we should call snd_soc_unregister_dais() in sh4_soc_dai_remove(). Otherwise, we got "too many arguments to function 'snd_soc_unregister_dai'" error message. Signed-off-by: Axel Lin <axel.lin@gmail.com> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Dmitry Artamonow authored
Fix following warning observed when SND_PXA2XX_SOC is set and SND_ARM isn't: warning: (SND_PXA2XX_AC97 && SOUND && !M68K && SND && SND_ARM && ARCH_PXA || SND_PXA2XX_SOC && SOUND && !M68K && SND && SND_SOC && ARCH_PXA) selects SND_PXA2XX_LIB which has unmet direct dependencies (SOUND && !M68K && SND && SND_ARM) Signed-off-by: Dmitry Artamonow <mad_soft@inbox.ru> Acked-by: Liam Girdwood <lrg@slimlogic.co.uk> Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
-
Jan Glauber authored
The qdio device indicator is freed before the device is notified that the indicator is reset. This sequence contains a race when the freed indicator is used by a new device while the reset of the indicator is still pending. Do the reset operation before freeing the indicator to avoid that potential race. Signed-off-by: Jan Glauber <jang@linux.vnet.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
-
Heiko Carstens authored
On each machine check all registers are revalidated. The save area for the clock comparator however only contains the upper most seven bytes of the former contents, if valid. Therefore the machine check handler uses a store clock instruction to get the current time and writes that to the clock comparator register which in turn will generate an immediate timer interrupt. However within the lowcore the expected time of the next timer interrupt is stored. If the interrupt happens before that time the handler won't be called. In turn the clock comparator won't be reprogrammed and therefore the interrupt condition stays pending which causes an interrupt loop until the expected time is reached. On NOHZ machines this can result in unresponsive machines since the time of the next expected interrupted can be a couple of days in the future. To fix this just revalidate the clock comparator register with the expected value. In addition the special handling for udelay must be changed as well. Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
-