Introduce SELinux hooks to support the access key retention subsystem
within the kernel. Incorporate new flask headers from a modified version
of the SELinux reference policy, with support for the new security class
representing retained keys. Extend the "key_alloc" security hook with a
task parameter representing the intended ownership context for the key
being allocated. Attach security information to root's default keyrings
within the SELinux initialization routine.
Has passed David's testsuite.
Signed-off-by: Michael LeMay <mdlemay@epoch.ncsc.mil>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
Acked-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Change the 5th argument of snd_mpu401_uart_new() to bit flags
instead of a boolean. The argument takes bits that consist of
MPU401_INFO_XXX flags.
The callers that used the value 1 there are replaced with
MPU401_INFO_INTEGRATED.
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Enable the support of mpu401 PCI port only when mpu_port=1 module
option is given, i.e. disabled as default.
It turned out that the check of integrated midi port isn't perfect
and caused hang-ups on some boards.
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Fix up the documentation. Apparently, I left unedited copy-paste results
in examples. Also, Alan helped me to improve the most confusing parts.
Signed-off-by: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The swsusp.txt documentation harshes confusingly on USB, and this patch
addresses the issue. It's harsh because it blames USB for some issues
that are generic to all drivers -- especially those supporting removable
media -- and it's confusing since it says that USB has the issue with
"suspend" not just swsusp ... while in reality, USB doesn't have the
issue when real system suspend states are used.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Acked-by: Pavel Machek <pavel@ucw.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Using the class device pointer returned by tty_register_device() with
part 1 of the patch, attach the Gigaset drivers' "cidmode" sysfs entry
to its tty class device, where it can be found more easily by users
who do not know nor care which USB port the device is attached to.
Signed-off-by: Hansjoerg Lipp <hjlipp@web.de>
Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* git://git.kernel.org/pub/scm/linux/kernel/git/bcollins/linux1394-2.6: (28 commits)
eth1394: replace __constant_htons by htons
ieee1394: adjust code formatting in highlevel.c
ieee1394: hl_irqs_lock is taken in hardware interrupt context
ieee1394_core: switch to kthread API
ieee1394: sbp2: Kconfig fix
ieee1394: add preprocessor constant for invalid csr address
sbp2: fix deregistration of status fifo address space
[PATCH] eth1394: endian fixes
Fix broken suspend/resume in ohci1394
sbp2: use __attribute__((packed)) for on-the-wire structures
sbp2: provide helptext for CONFIG_IEEE1394_SBP2_PHYS_DMA and mark it experimental
Update feature removal of obsolete raw1394 ISO requests.
sbp2: fix S800 transfers if phys_dma is off
sbp2: remove ohci1394 specific constant
ohci1394: make phys_dma parameter read-only
ohci1394: set address range properties
ieee1394: extend lowlevel API for address range properties
sbp2: log number of supported concurrent logins
sbp2: remove manipulation of inquiry response
ieee1394: save RAM by using a single tlabel for broadcast transactions
...
* master.kernel.org:/home/rmk/linux-2.6-arm: (22 commits)
[ARM] 3559/1: S3C2442: core and serial port
[ARM] 3557/1: S3C24XX: centralise and cleanup uart registration
[ARM] 3558/1: SMDK24XX: LED platform devices
[ARM] 3534/1: add spi support to lubbock platform
[ARM] 3554/1: ARM: Fix dyntick locking
[ARM] 3553/1: S3C24XX: earlier print of cpu idcode info
[ARM] 3552/1: S3C24XX: Move VA of GPIO for low-level debug
[ARM] 3551/1: S3C24XX: PM code failes to compile with CONFIG_DCACHE_WRITETHROUGH
[ARM] 3550/1: OSIRIS: fix serial port map for 1:1
[ARM] 3548/1: Fix the ARMv6 CPU id in compressed/head.S
[ARM] 3335/1: Old-abi Thumb sys_syscall broken
[ARM] 3467/1: [3/3] Support for Philips PNX4008 platform: defconfig
[ARM] 3466/1: [2/3] Support for Philips PNX4008 platform: chip support
[ARM] 3465/1: [1/3] Support for Philips PNX4008 platform: headers
[ARM] 3407/1: lpd7x: documetation update
[ARM] 3406/1: lpd7x: compilation fix for smc91x
[ARM] 3405/1: lpd7a40x: CPLD ssp driver
[ARM] 3404/1: lpd7a40x: AMBA CLCD support
[ARM] 3403/1: lpd7a40x: updated default configurations
[ARM] 3402/1: lpd7a40x: serial driver bug fix
...
Update kernel documentation to include a description of the inotify
kernel API.
Signed-off-by: Amy Griffis <amy.griffis@hp.com>
Acked-by: Robert Love <rml@novell.com>
Acked-by: John McCutchan <john@johnmccutchan.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus: (51 commits)
[MIPS] Make timer interrupt frequency configurable from kconfig.
[MIPS] Correct HAL2 Kconfig description
[MIPS] Fix R4K cache macro names
[MIPS] Add Missing R4K Cache Macros to IP27 & IP32
[MIPS] Support for the RM9000-based Basler eXcite smart camera platform.
[MIPS] Support for the R5500-based NEC EMMA2RH Mark-eins board
[MIPS] Support SNI RM200C SNI in big endian mode and R5000 processors.
[MIPS] SN: include asm/sn/types.h for nasid_t.
[MIPS] Random fixes for sb1250
[MIPS] Fix bcm1480 compile
[MIPS] Remove support for NEC DDB5476.
[MIPS] Remove support for NEC DDB5074.
[MIPS] Cleanup memory managment initialization.
[MIPS] SN: Declare bridge_pci_ops.
[MIPS] Remove unused function alloc_pci_controller.
[MIPS] IP27: Extract pci_ops into separate file.
[MIPS] IP27: Use symbolic constants instead of magic numbers.
[MIPS] vr41xx: remove unnecessay items from vr41xx/Kconfig.
[MIPS] IP27: Cleanup N/M mode configuration.
[MIPS] IP27: Throw away old unused hacks.
...
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: (109 commits)
[ETHTOOL]: Fix UFO typo
[SCTP]: Fix persistent slowdown in sctp when a gap ack consumes rx buffer.
[SCTP]: Send only 1 window update SACK per message.
[SCTP]: Don't do CRC32C checksum over loopback.
[SCTP] Reset rtt_in_progress for the chunk when processing its sack.
[SCTP]: Reject sctp packets with broadcast addresses.
[SCTP]: Limit association max_retrans setting in setsockopt.
[PFKEYV2]: Fix inconsistent typing in struct sadb_x_kmprivate.
[IPV6]: Sum real space for RTAs.
[IRDA]: Use put_unaligned() in irlmp_do_discovery().
[BRIDGE]: Add support for NETIF_F_HW_CSUM devices
[NET]: Add NETIF_F_GEN_CSUM and NETIF_F_ALL_CSUM
[TG3]: Convert to non-LLTX
[TG3]: Remove unnecessary tx_lock
[TCP]: Add tcp_slow_start_after_idle sysctl.
[BNX2]: Update version and reldate
[BNX2]: Use CPU native page size
[BNX2]: Use compressed firmware
[BNX2]: Add firmware decompression
[BNX2]: Allow WoL settings on new 5708 chips
...
Manual fixup for conflict in drivers/net/tulip/winbond-840.c
Received From Mark Salyzyn
Some of the cards product names changed.
Signed-off-by: Mark Haverkamp <markh@osdl.org>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
Patch from Marc Singer
New documentation for the touchscreen controllers and LCD panels.
Signed-off-by: Marc Singer <elf@buici.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
A lot of people have asked for a way to disable tcp_cwnd_restart(),
and it seems reasonable to add a sysctl to do that.
Signed-off-by: David S. Miller <davem@davemloft.net>
Various drivers use xmit_lock internally to synchronise with their
transmission routines. They do so without setting xmit_lock_owner.
This is fine as long as netpoll is not in use.
With netpoll it is possible for deadlocks to occur if xmit_lock_owner
isn't set. This is because if a printk occurs while xmit_lock is held
and xmit_lock_owner is not set can cause netpoll to attempt to take
xmit_lock recursively.
While it is possible to resolve this by getting netpoll to use
trylock, it is suboptimal because netpoll's sole objective is to
maximise the chance of getting the printk out on the wire. So
delaying or dropping the message is to be avoided as much as possible.
So the only alternative is to always set xmit_lock_owner. The
following patch does this by introducing the netif_tx_lock family of
functions that take care of setting/unsetting xmit_lock_owner.
I renamed xmit_lock to _xmit_lock to indicate that it should not be
used directly. I didn't provide irq versions of the netif_tx_lock
functions since xmit_lock is meant to be a BH-disabling lock.
This is pretty much a straight text substitution except for a small
bug fix in winbond. It currently uses
netif_stop_queue/spin_unlock_wait to stop transmission. This is
unsafe as an IRQ can potentially wake up the queue. So it is safer to
use netif_tx_disable.
The hamradio bits used spin_lock_irq but it is unnecessary as
xmit_lock must never be taken in an IRQ handler.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Add new per-packet access controls to SELinux, replacing the old
packet controls.
Packets are labeled with the iptables SECMARK and CONNSECMARK targets,
then security policy for the packets is enforced with these controls.
To allow for a smooth transition to the new controls, the old code is
still present, but not active by default. To restore previous
behavior, the old controls may be activated at runtime by writing a
'1' to /selinux/compat_net, and also via the kernel boot parameter
selinux_compat_net. Switching between the network control models
requires the security load_policy permission. The old controls will
probably eventually be removed and any continued use is discouraged.
With this patch, the new secmark controls for SElinux are disabled by
default, so existing behavior is entirely preserved, and the user is
not affected at all.
It also provides a config option to enable the secmark controls by
default (which can always be overridden at boot and runtime). It is
also noted in the kconfig help that the user will need updated
userspace if enabling secmark controls for SELinux and that they'll
probably need the SECMARK and CONNMARK targets, and conntrack protocol
helpers, although such decisions are beyond the scope of kernel
configuration.
Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
From: David Howells <dhowells@redhat.com>
Apply some alterations to the memory barrier document that I worked out
with Paul McKenney of IBM, plus some of the alterations suggested by Alan
Stern.
The following changes were made:
(*) One of the examples given for what can happen with overlapping memory
barriers was wrong.
(*) The description of general memory barriers said that a general barrier is
a combination of a read barrier and a write barrier. This isn't entirely
true: it implies both, but is more than a combination of both.
(*) The first example in the "SMP Barrier Pairing" section was wrong: the
loads around the read barrier need to touch the memory locations in the
opposite order to the stores around the write barrier.
(*) Added a note to make explicit that the loads should be in reverse order to
the stores.
(*) Adjusted the diagrams in the "Examples Of Memory Barrier Sequences"
section to make them clearer. Added a couple of diagrams to make it more
clear as to how it could go wrong without the barrier.
(*) Added a section on memory speculation.
(*) Dropped any references to memory allocation routines doing memory
barriers. They may do sometimes, but it can't be relied on. This may be
worthy of further documentation later.
(*) Made the fact that a LOCK followed by an UNLOCK should not be considered a
full memory barrier more explicit and gave an example.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Paul E. McKenney <paulmck@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
cpqfc driver flushed out with: [SCSI] remove broken driver cpqfc (commit
ca61f10ab2) but somehow
Documentation/scsi/cpqfc.txt managed to survive the blast.
Signed-off-by: Arthur Othieno <apgo@patchbomb.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
HighPoint RocketRAID 3220/3320 series 8 channel PCI-X SATA RAID Host
Adapters.
Fixes from original submission:
Merge Andrew Morton's patches:
- Provide locking for global list
- Fix debug printks
- uninline function with multiple callsites
- coding style fixups
- remove unneeded casts of void*
- kfree(NULL) is legal
- Don't "succeed" if register_chrdev() failed - otherwise we'll later
unregister a not-registered chrdev.
- Don't return from hptiop_do_ioctl() with the spinlock held.
- uninline __hpt_do_ioctl()
Update for Arjan van de Ven's comments:
- put all asm/ includes after the linux/ ones
- replace mdelay with msleep
- add pci posting flush
- do not set pci command reqister in map_pci_bar
- do not try merging sg elements in hptiop_buildsgl()
- remove unused outstandingcommands member from hba structure
- remove unimplemented hptiop_abort() handler
- remove typedef u32 hpt_id_t
Other updates:
- fix endianess
Signed-off-by: HighPoint Linux Team <linux@highpoint-tech.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
Bonding documentation needed an update to include sysfs specific
information. This patch adds information on how to change bonding
parameters at runtime using the sysfs interface.
Signed-off-by: Mitch Williams <mitch.a.williams@intel.com>
Signed-off-by: Auke Kok <auke-jan.h.kok@intel.com>
This patch( originally submitted by Christoph Hellwig) removes
instance_lock and changes fw_outstanding variable data type to
atomic_t.
Signed-off-by: Sumant Patro <Sumant.Patro@lsil.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
Update documentation to match reality. INPCK controls whether input
parity checking is enabled.
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
- remove the following global function that is both unused and
unimplemented:
- register_firmware()
- make the following needlessly global function static:
- firmware_class_uevent()
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Grand unification of the three types of workarounds we have so far.
The "skip mode page 8" workaround is now limited to devices which
pretend to be of TYPE_DISK instead of TYPE_RBC. This workaround is no
longer enabled for Initio bridges.
Patch update in anticipation of more workarounds:
- Add module parameter "workarounds".
- Deprecate parameter "force_inquiry_hack".
- Compose the blacklist of a compound type for better readability and
extensibility.
- Remove a now unused #define.
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
We need to be able to have a "SPI bus 0" matching chip numbering; but
that number was wrongly used to flag dynamic allocation of a bus number.
This patch resolves that issue; now negative numbers trigger dynamic alloc.
It also updates the how-to-write-a-controller-driver overview to mention
this stuff.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This driver turns a PXA2xx synchronous serial port (SSP) into a SPI master
controller (see Documentation/spi/spi_summary). The driver has the following
features:
- Support for any PXA2xx SSP
- SSP PIO and SSP DMA data transfers.
- External and Internal (SSPFRM) chip selects.
- Per slave device (chip) configuration.
- Full suspend, freeze, resume support.
Signed-off-by: Stephen Street <stephen@streetfiresound.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Cc: David Brownell <david-b@pacbell.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Fix the simple watchdog daemon program in Doc/watchdog/watchdog-api.txt
to build cleanly.
Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
Signed-off-by: Andrew Morton <akpm@osdl.org>