summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* avr32: introduce asm/swab.hHarvey Harrison2009-01-063-29/+38
| | | | | Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* byteorder: only use linux/swab.hHarvey Harrison2009-01-066-388/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The first step to make swab.h a regular header that will include an asm/swab.h with arch overrides. Avoid the gratuitous differences introduced in the new linux/swab.h by naming the ___constant_swabXX bits and __fswabXX bits exactly as found in the old implementation in byteorder/swab[b].h Use this new swab.h in byteorder/[big|little]_endian.h and remove the two old swab headers. Although the inclusion of asm/byteorder.h looks strange in linux/swab.h, this will allow each arch to move the actual arch overrides for the swab bits in an asm file and then the includes can be cleaned up without requiring a flag day for all arches at once. Keep providing __fswabXX in case some userspace was using them directly, but the revised __swabXX should be used instead in any new code and will always do constant folding not dependent on the optimization level, which means the __constant versions can be phased out in-kernel. Arches that use the old-style arch macros will lose their optimized versions until they move to the new style, but at least they will still compile. Many arches have already moved and the patches to move the remaining arches are trivial. Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* Merge branch 'drm-next' of ↵Linus Torvalds2009-01-0610-39/+397
|\ | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6 * 'drm-next' of git://git.kernel.org/pub/scm/linux/kernel/git/airlied/drm-2.6: drm: fix ordering of driver unload vs agp unload. drm/i915: Respect the other stolen memory sizes we know of. drm/i915: Non-mobile parts don't have integrated TV-out. drm/i915: Add support for integrated HDMI on G4X hardware. drm/i915: Pin cursor bo and unpin old bo when setting cursor. drm/i915: Don't allow objects to get bound while VT switched.
| * drm: fix ordering of driver unload vs agp unload.Dave Airlie2009-01-071-3/+3
| | | | | | | | | | | | | | For KMS drivers, we really need to cleanup the driver before disabling the AGP subsystem. Signed-off-by: Dave Airlie <airlied@redhat.com>
| * drm/i915: Respect the other stolen memory sizes we know of.Eric Anholt2009-01-072-14/+40
| | | | | | | | | | | | | | fd.o bug #19336. Signed-off-by: Eric Anholt <eric@anholt.net> Signed-off-by: Dave Airlie <airlied@linux.ie>
| * drm/i915: Non-mobile parts don't have integrated TV-out.Eric Anholt2009-01-071-1/+1
| | | | | | | | | | Signed-off-by: Eric Anholt <eric@anholt.net> Signed-off-by: Dave Airlie <airlied@linux.ie>
| * drm/i915: Add support for integrated HDMI on G4X hardware.Eric Anholt2009-01-077-7/+322
| | | | | | | | | | | | | | | | This is ported directly from the userland 2D driver code. The HDMI audio bits aren't hooked up yet. Signed-off-by: Eric Anholt <eric@anholt.net> Signed-off-by: Dave Airlie <airlied@linux.ie>
| * drm/i915: Pin cursor bo and unpin old bo when setting cursor.Kristian Høgsberg2009-01-072-8/+22
| | | | | | | | | | | | | | | | | | We also didn't track the cursor bo before and would leak a reference when the cursor image was change. Signed-off-by: Kristian Høgsberg <krh@redhat.com> Signed-off-by: Eric Anholt <eric@anholt.net> Signed-off-by: Dave Airlie <airlied@linux.ie>
| * drm/i915: Don't allow objects to get bound while VT switched.Eric Anholt2009-01-071-6/+9
| | | | | | | | | | | | | | | | | | | | | | | | This avoids a BUG_ON in the enter_vt path due to objects being in the GTT when we shouldn't have ever let them be (as we're not supposed to touch the device during that time). This was triggered by a change in the 2D driver to use the GTT mapping of objects after pinning them to improve software fallback performance. Signed-off-by: Eric Anholt <eric@anholt.net> Signed-off-by: Dave Airlie <airlied@linux.ie>
* | Merge branch 'for-linus' of ↵Linus Torvalds2009-01-0654-522/+3105
|\ \ | |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: (29 commits) Input: i8042 - add Dell Vostro 1510 to nomux list Input: gtco - use USB endpoint API Input: add support for Maple controller as a joystick Input: atkbd - broaden the Dell DMI signatures Input: HIL drivers - add MODULE_ALIAS() Input: map_to_7segment.h - convert to __inline__ for userspace Input: add support for enhanced rotary controller on pxa930 and pxa935 Input: add support for trackball on pxa930 and pxa935 Input: add da9034 touchscreen support Input: ads7846 - strict_strtoul takes unsigned long Input: make some variables and functions static Input: add tsc2007 based touchscreen driver Input: psmouse - add module parameters to control OLPC touchpad delays Input: i8042 - add Gigabyte M912 netbook to noloop exception table Input: atkbd - Samsung NC10 key repeat fix Input: atkbd - add keyboard quirk for HP Pavilion ZV6100 laptop Input: libps2 - handle 0xfc responses from devices Input: add support for Wacom W8001 penabled serial touchscreen Input: synaptics - report multi-taps only if supported by the device Input: add joystick driver for Walkera WK-0701 RC transmitter ...
| * Input: i8042 - add Dell Vostro 1510 to nomux listJiri Kosina2009-01-061-0/+7
| | | | | | | | | | | | | | | | Dell Vostro needs 'nomux' quirk, otherwise the touchpad misbehaves. Reported-by: Robert Kiwanuka <robert.kiwanuka@gmail.com> Signed-off-by: Jiri Kosina <jkosina@suse.cz> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| * Merge branch 'next' into for-linusDmitry Torokhov2008-12-3054-522/+3098
| |\
| | * Input: gtco - use USB endpoint APIJulia Lawall2008-12-301-1/+1
| | | | | | | | | | | | | | | | | | | | | Use usb_endpoint_xfer_int(epd) instead of open-conding the check. Signed-off-by: Julia Lawall <julia@diku.dk> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: add support for Maple controller as a joystickAdrian McMenamin2008-12-303-0/+206
| | | | | | | | | | | | | | | | | | | | | Add support for the SEGA Dreamcast Maple controller as a joystick Signed-off-by: Adrian McMenamin <adrian@mcmen.demon.co.uk> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: atkbd - broaden the Dell DMI signaturesMatthew Garrett2008-12-301-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | Some Dells need the dell input quirk applied but have a different vendor string in their DMI tables. Add an extra entry to cover these machines as well. Signed-off-by: Matthew Garrett <mjg@redhat.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: HIL drivers - add MODULE_ALIAS()Helge Deller2008-12-303-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add MODULE_ALIAS() to the HIL keyboard (hil_kbd.c) and HIL mouse (hil_ptr.c) drivers to make kernel module autoloader functional. Report HIL port number ID in serio id.id field. Signed-off-by: Helge Deller <deller@gmx.de> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: map_to_7segment.h - convert to __inline__ for userspaceMike Frysinger2008-12-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Use __inline__ rather than inline for map_to_seg7() since it is exported to userspace. Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: add support for enhanced rotary controller on pxa930 and pxa935Yong Yao2008-12-294-0/+242
| | | | | | | | | | | | | | | | | | Signed-off-by: Yong Yao <yaoyong@marvell.com> Signed-off-by: Eric Miao <eric.miao@marvell.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: add support for trackball on pxa930 and pxa935Yong Yao2008-12-294-13/+299
| | | | | | | | | | | | | | | | | | Signed-off-by: Yong Yao <yaoyong@marvell.com> Signed-off-by: Eric Miao <eric.miao@marvell.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: add da9034 touchscreen supportEric Miao2008-12-233-0/+398
| | | | | | | | | | | | | | | | | | | | | | | | Add support for the built-in touchscreen controller in DA9034 (aka Micco), usually found on platforms with xscale processors. Signed-off-by: Eric Miao <eric.miao@marvell.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: ads7846 - strict_strtoul takes unsigned longHarvey Harrison2008-12-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Fix sparse warning introduced by: commit 160f1fef7e52e974489b3c70fbd4e094c06965c2 Input: convert drivers to use strict_strtoul() Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: make some variables and functions staticRoel Kluin2008-12-202-2/+2
| | | | | | | | | | | | | | | Signed-off-by: Roel Kluin <roel.kluin@gmail.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: add tsc2007 based touchscreen driverKwangwoo Lee2008-12-204-0/+410
| | | | | | | | | | | | | | | | | | | | | | | | This drive has been tested on ARM9 based SoC - MV86XX. Signed-off-by: Kwangwoo Lee <kwangwoo.lee@gmail.com> Acked-by: Jean Delvare <khali@linux-fr.org> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: psmouse - add module parameters to control OLPC touchpad delaysPaul Fox2008-12-201-4/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The HPGK touchpad that is found on the XO driver has historically exhibitted eratic behaviour in various environments (very dry, very humid, etc) that can be worked around via some delays. This patch turns those delays into module parameters to make testing simpler. Signed-off-by: Paul Fox <pgf@laptop.org> Signed-off-by: Deepak Saxena <dsaxena@laptop.org> Acked-By: Andres Salomon <dilinger@debian.org> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: i8042 - add Gigabyte M912 netbook to noloop exception tableOzan Çağlayan2008-12-201-0/+8
| | | | | | | | | | | | | | | | | | | | | Gigabyte M912's touchpad needs i8042.noloop for working. Signed-off-by: Ozan Çağlayan <ozan@pardus.org.tr> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: atkbd - Samsung NC10 key repeat fixStuart Hopkins2008-12-201-0/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch fixes the key repeat issue with the Fn+F? keys on the new Samsung NC10 Netbook, so that the keys can be defined and used within ACPID correctly, otherwise the keys repeat indefinately. This solves part of http://bugzilla.kernel.org/show_bug.cgi?id=12021 Signed-off-by: Stuart Hopkins <stuart@dodgy-geeza.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Input: atkbd - add keyboard quirk for HP Pavilion ZV6100 laptopRikard Ljungstrand2008-12-201-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | Add quirk for misbehaving volume buttons on HP Pavilion ZV6100 laptop which are not sending keyrelease events, as reported by Aaron Pickett. Signed-off-by: Rikard Ljungstrand <lrikard@student.chalmers.se> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * Merge commit 'v2.6.28-rc9' into nextDmitry Torokhov2008-12-202242-23498/+42136
| | |\
| | * | Input: libps2 - handle 0xfc responses from devicesDmitry Torokhov2008-11-242-4/+18
| | | | | | | | | | | | | | | | Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: add support for Wacom W8001 penabled serial touchscreenJaya Kumar2008-11-244-0/+340
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Wacom W8001 sensor is a sensor device (uses electromagnetic resonance) and it is interfaced via its serial microcontroller to the host. Signed-off-by: Jaya Kumar <jayakumar.lkml@gmail.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: synaptics - report multi-taps only if supported by the devicePeter Hutterer2008-11-201-6/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to Section 2.4.4 of the Synaptics TouchPad Interfacing Guide, bit 2 specifies if multi-finger detection is provided by the touchpad. Thus, only set BTN_TOOL_DOUBLETAP and BTN_TOOL_TRIPLETAP if the device actually supports it. Signed-off-by: Peter Hutterer <peter.hutterer@redhat.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: add joystick driver for Walkera WK-0701 RC transmitterPeter Popovec2008-11-194-0/+414
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Peter Popovec <popovec@fei.tuke.sk> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: pcspkr - fix PIT lockup on some chipsetsZoltan Devai2008-11-191-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There've been reports [1] about the sysem bell causing a hard lockup. My machine was affected as well: any speaker output hung the machine completely, nothing in the logs, no magic sysrq, etc., looked like a hardware problem. Had a closer look on the issue, and it turned out that the pcspkr module is responsible. The cause is the bad setup of Timer 2 in the i8253 controller, which probably hangs the whole PIT controller. Intel datasheets [2] state that the timer registers are in an undefined state after reset and they need to be programmed before enabling the timer. (And enabling without programming the frequency first doesn't make sense anyway). I don't know which chipsets are affected (if not all), it also depends on the BIOS whether it initializes the timer (e.g. to beep when you start the machine). The following patch solved the issue on my ICH6 notebook, couldn't test it with any others, but should be safe to apply. [1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/146151 https://bugs.launchpad.net/ubuntu/+bug/270790 http://ubuntuforums.org/showthread.php?t=227693 http://bugs.gentoo.org/show_bug.cgi?id=222583 https://bugzilla.redhat.com/show_bug.cgi?id=454225 [2] http://www.intel.com/assets/pdf/datasheet/252516.pdf http://www.intel.com/assets/pdf/datasheet/301473.pdf http://www.intel.com/design/chipsets/datashts/29065503.pdf Signed-off-by: Zoltan Devai <zdevai@gmail.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: usbtouchscreen - fix TSC-10 DM USB controllers without EEPROMNuno Lucas2008-11-191-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The usbtouchscreen module implements a driver for the TSC-10 DM USB touchscreen controllers, but assumes a 2-byte response for the CMD_RESET and CMD_RATE commands, when they can be only a single byte when no EEPROM is connected. The driver worked with an earlier controller revision, but new revisions of the controller fail. It seems the problem is that the early controller had the SEL4/EEPROM-CS pin high, but the new controller has it down, making the response different. Without the fix, the controller would answer the single byte 0x06 (ACK), making the init fail with -ENODEV because buf[1] is 0xFF (as initialized before). As the single byte is the only thing we need to check it was ok, there is no need to verify the second byte. The [0x15 0x01] case is the NAK [0x15] response for when there is no data in the EEPROM [bit-0 of second byte set], so I let that be, as I don't have any controller with an EEPROM. With this patch, both the earlier and latest controller work the same. Note: This was previously submited as BUG #11961 [1] on the bugzilla tracker, but rebased to version 2.6.27.4 and with unnecessary comments and printk's removed. [1] http://bugzilla.kernel.org/show_bug.cgi?id=11961 Signed-off-by: Nuno Lucas <ntlucas@gmail.com> Acked-by: Daniel Ritz <daniel.ritz@gmx.ch> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: struct device - replace bus_id with dev_name(), dev_set_name()Kay Sievers2008-10-3010-17/+15
| | | | | | | | | | | | | | | | | | | | | | | | Acked-by: Greg Kroah-Hartman <gregkh@suse.de> Signed-off-by: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: omap-keypad - allow more than 6 rowsPeter Ujfalusi2008-10-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is no reason to limit the GPIO rows to 6 for OMAP2. Signed-off-by: Peter Ujfalusi <peter.ujfalusi@nokia.com> Signed-off-by: Tony Lindgren <tony@atomide.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: omap-keypad - interrupt disable fixPeter Ujfalusi2008-10-291-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The GPIO interrupts are disabled several times after the first key press. No need to disable - again - the interrupts in the omap_kp_scan_keypad function on OMAP2. Signed-off-by: Peter Ujfalusi <peter.ujfalusi@nokia.com> Signed-off-by: Tony Lindgren <tony@atomide.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: appletouch - driver refactoringStelian Pop2008-10-291-138/+136
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The appletouch driver has grown up from supporting only a couple of touchpads into supporting many touchpads, which can have different number of sensors, different aspect ratios etc. This patch cleans up the current driver code and makes it easy to support the features of each different touchpad. As a side effect, this patch also modifies the 'Y' multiplication factor of the 'geyser3' and 'geyser4' touchpads (found on Core Duo and Core2 Duo MacBook and MacBook Pro laptops) in order to make the touchpad output match the aspect ratio of the touchpad (Y factor changed from 43 to 64). [dtor@mail.ru: make atp_info constant] Signed-off-by: Stelian Pop <stelian@popies.net> Acked-by: Johannes Berg <johannes@sipsolutions.net> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: gpio-keys - add flag to allow auto repeatDominic Curran2008-10-272-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds a flag to gpio-key driver to turn on the input subsystems auto repeat feature if needed. Signed-off-by: Dominic Curran <dcurran@ti.com> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: xilinx_ps2 - various cleanupsJohn Linn2008-10-271-107/+113
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Review comments were incorporated to improve the driver. 1. Some data was eliminated that was not needed. 2. Renaming of variables for clarity. 3. Removed unneeded type casting. 4. Changed to use dev_err rather than other I/O. 5. Merged together some functions. 6. Added kerneldoc format to functions. Signed-off-by: Sadanand <sadanan@xilinx.com> Signed-off-by: John Linn <john.linn@xilinx.com> Acked-by: Peter Korsgaard <jacmet@sunsite.dk> Acked-by: Grant Likely <grant.likely@secretlab.ca> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
| | * | Input: refactor evdev 32bit compat to be shareable with uinputPhilip Langdale2008-10-275-217/+383
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, evdev has working 32bit compatibility and uinput does not. uinput needs the input_event code that evdev uses, so let's refactor it so it can be shared. [dtor@mail.ru: add fix for force feedback compat issues] Signed-off-by: Philip Langdale <philipl@overt.org> Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
* | | | Merge branch 'for-linus' of ↵Linus Torvalds2009-01-0626-423/+1229
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3] Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]" SELinux: shrink sizeof av_inhert selinux_class_perm and context CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2] keys: fix sparse warning by adding __user annotation to cast smack: Add support for unlabeled network hosts and networks selinux: Deprecate and schedule the removal of the the compat_net functionality netlabel: Update kernel configuration API
| * \ \ \ Merge branch 'next' into for-linusJames Morris2009-01-0726-423/+1229
| |\ \ \ \
| | * | | | CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3]David Howells2009-01-076-37/+94
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a regression in cap_capable() due to: commit 3b11a1decef07c19443d24ae926982bc8ec9f4c0 Author: David Howells <dhowells@redhat.com> Date: Fri Nov 14 10:39:26 2008 +1100 CRED: Differentiate objective and effective subjective credentials on a task The problem is that the above patch allows a process to have two sets of credentials, and for the most part uses the subjective credentials when accessing current's creds. There is, however, one exception: cap_capable(), and thus capable(), uses the real/objective credentials of the target task, whether or not it is the current task. Ordinarily this doesn't matter, since usually the two cred pointers in current point to the same set of creds. However, sys_faccessat() makes use of this facility to override the credentials of the calling process to make its test, without affecting the creds as seen from other processes. One of the things sys_faccessat() does is to make an adjustment to the effective capabilities mask, which cap_capable(), as it stands, then ignores. The affected capability check is in generic_permission(): if (!(mask & MAY_EXEC) || execute_ok(inode)) if (capable(CAP_DAC_OVERRIDE)) return 0; This change passes the set of credentials to be tested down into the commoncap and SELinux code. The security functions called by capable() and has_capability() select the appropriate set of credentials from the process being checked. This can be tested by compiling the following program from the XFS testsuite: /* * t_access_root.c - trivial test program to show permission bug. * * Written by Michael Kerrisk - copyright ownership not pursued. * Sourced from: http://linux.derkeiler.com/Mailing-Lists/Kernel/2003-10/6030.html */ #include <limits.h> #include <unistd.h> #include <stdio.h> #include <stdlib.h> #include <fcntl.h> #include <sys/stat.h> #define UID 500 #define GID 100 #define PERM 0 #define TESTPATH "/tmp/t_access" static void errExit(char *msg) { perror(msg); exit(EXIT_FAILURE); } /* errExit */ static void accessTest(char *file, int mask, char *mstr) { printf("access(%s, %s) returns %d\n", file, mstr, access(file, mask)); } /* accessTest */ int main(int argc, char *argv[]) { int fd, perm, uid, gid; char *testpath; char cmd[PATH_MAX + 20]; testpath = (argc > 1) ? argv[1] : TESTPATH; perm = (argc > 2) ? strtoul(argv[2], NULL, 8) : PERM; uid = (argc > 3) ? atoi(argv[3]) : UID; gid = (argc > 4) ? atoi(argv[4]) : GID; unlink(testpath); fd = open(testpath, O_RDWR | O_CREAT, 0); if (fd == -1) errExit("open"); if (fchown(fd, uid, gid) == -1) errExit("fchown"); if (fchmod(fd, perm) == -1) errExit("fchmod"); close(fd); snprintf(cmd, sizeof(cmd), "ls -l %s", testpath); system(cmd); if (seteuid(uid) == -1) errExit("seteuid"); accessTest(testpath, 0, "0"); accessTest(testpath, R_OK, "R_OK"); accessTest(testpath, W_OK, "W_OK"); accessTest(testpath, X_OK, "X_OK"); accessTest(testpath, R_OK | W_OK, "R_OK | W_OK"); accessTest(testpath, R_OK | X_OK, "R_OK | X_OK"); accessTest(testpath, W_OK | X_OK, "W_OK | X_OK"); accessTest(testpath, R_OK | W_OK | X_OK, "R_OK | W_OK | X_OK"); exit(EXIT_SUCCESS); } /* main */ This can be run against an Ext3 filesystem as well as against an XFS filesystem. If successful, it will show: [root@andromeda src]# ./t_access_root /tmp/xxx 0 4043 4043 ---------- 1 dhowells dhowells 0 2008-12-31 03:00 /tmp/xxx access(/tmp/xxx, 0) returns 0 access(/tmp/xxx, R_OK) returns 0 access(/tmp/xxx, W_OK) returns 0 access(/tmp/xxx, X_OK) returns -1 access(/tmp/xxx, R_OK | W_OK) returns 0 access(/tmp/xxx, R_OK | X_OK) returns -1 access(/tmp/xxx, W_OK | X_OK) returns -1 access(/tmp/xxx, R_OK | W_OK | X_OK) returns -1 If unsuccessful, it will show: [root@andromeda src]# ./t_access_root /tmp/xxx 0 4043 4043 ---------- 1 dhowells dhowells 0 2008-12-31 02:56 /tmp/xxx access(/tmp/xxx, 0) returns 0 access(/tmp/xxx, R_OK) returns -1 access(/tmp/xxx, W_OK) returns -1 access(/tmp/xxx, X_OK) returns -1 access(/tmp/xxx, R_OK | W_OK) returns -1 access(/tmp/xxx, R_OK | X_OK) returns -1 access(/tmp/xxx, W_OK | X_OK) returns -1 access(/tmp/xxx, R_OK | W_OK | X_OK) returns -1 I've also tested the fix with the SELinux and syscalls LTP testsuites. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: J. Bruce Fields <bfields@citi.umich.edu> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
| | * | | | Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() ↵James Morris2009-01-079-129/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [ver #2]" This reverts commit 14eaddc967b16017d4a1a24d2be6c28ecbe06ed8. David has a better version to come.
| | * | | | SELinux: shrink sizeof av_inhert selinux_class_perm and contextEric Paris2009-01-053-10/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I started playing with pahole today and decided to put it against the selinux structures. Found we could save a little bit of space on x86_64 (and no harm on i686) just reorganizing some structs. Object size changes: av_inherit: 24 -> 16 selinux_class_perm: 48 -> 40 context: 80 -> 72 Admittedly there aren't many of av_inherit or selinux_class_perm's in the kernel (33 and 1 respectively) But the change to the size of struct context reverberate out a bit. I can get some hard number if they are needed, but I don't see why they would be. We do change which cacheline context->len and context->str would be on, but I don't see that as a problem since we are clearly going to have to load both if the context is to be of any value. I've run with the patch and don't seem to be having any problems. An example of what's going on using struct av_inherit would be: form: to: struct av_inherit { struct av_inherit { u16 tclass; const char **common_pts; const char **common_pts; u32 common_base; u32 common_base; u16 tclass; }; (notice all I did was move u16 tclass to the end of the struct instead of the beginning) Memory layout before the change: struct av_inherit { u16 tclass; /* 2 */ /* 6 bytes hole */ const char** common_pts; /* 8 */ u32 common_base; /* 4 */ /* 4 byes padding */ /* size: 24, cachelines: 1 */ /* sum members: 14, holes: 1, sum holes: 6 */ /* padding: 4 */ }; Memory layout after the change: struct av_inherit { const char ** common_pts; /* 8 */ u32 common_base; /* 4 */ u16 tclass; /* 2 */ /* 2 bytes padding */ /* size: 16, cachelines: 1 */ /* sum members: 14, holes: 0, sum holes: 0 */ /* padding: 2 */ }; Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
| | * | | | CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]David Howells2009-01-059-35/+129
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a regression in cap_capable() due to: commit 5ff7711e635b32f0a1e558227d030c7e45b4a465 Author: David Howells <dhowells@redhat.com> Date: Wed Dec 31 02:52:28 2008 +0000 CRED: Differentiate objective and effective subjective credentials on a task The problem is that the above patch allows a process to have two sets of credentials, and for the most part uses the subjective credentials when accessing current's creds. There is, however, one exception: cap_capable(), and thus capable(), uses the real/objective credentials of the target task, whether or not it is the current task. Ordinarily this doesn't matter, since usually the two cred pointers in current point to the same set of creds. However, sys_faccessat() makes use of this facility to override the credentials of the calling process to make its test, without affecting the creds as seen from other processes. One of the things sys_faccessat() does is to make an adjustment to the effective capabilities mask, which cap_capable(), as it stands, then ignores. The affected capability check is in generic_permission(): if (!(mask & MAY_EXEC) || execute_ok(inode)) if (capable(CAP_DAC_OVERRIDE)) return 0; This change splits capable() from has_capability() down into the commoncap and SELinux code. The capable() security op now only deals with the current process, and uses the current process's subjective creds. A new security op - task_capable() - is introduced that can check any task's objective creds. strictly the capable() security op is superfluous with the presence of the task_capable() op, however it should be faster to call the capable() op since two fewer arguments need be passed down through the various layers. This can be tested by compiling the following program from the XFS testsuite: /* * t_access_root.c - trivial test program to show permission bug. * * Written by Michael Kerrisk - copyright ownership not pursued. * Sourced from: http://linux.derkeiler.com/Mailing-Lists/Kernel/2003-10/6030.html */ #include <limits.h> #include <unistd.h> #include <stdio.h> #include <stdlib.h> #include <fcntl.h> #include <sys/stat.h> #define UID 500 #define GID 100 #define PERM 0 #define TESTPATH "/tmp/t_access" static void errExit(char *msg) { perror(msg); exit(EXIT_FAILURE); } /* errExit */ static void accessTest(char *file, int mask, char *mstr) { printf("access(%s, %s) returns %d\n", file, mstr, access(file, mask)); } /* accessTest */ int main(int argc, char *argv[]) { int fd, perm, uid, gid; char *testpath; char cmd[PATH_MAX + 20]; testpath = (argc > 1) ? argv[1] : TESTPATH; perm = (argc > 2) ? strtoul(argv[2], NULL, 8) : PERM; uid = (argc > 3) ? atoi(argv[3]) : UID; gid = (argc > 4) ? atoi(argv[4]) : GID; unlink(testpath); fd = open(testpath, O_RDWR | O_CREAT, 0); if (fd == -1) errExit("open"); if (fchown(fd, uid, gid) == -1) errExit("fchown"); if (fchmod(fd, perm) == -1) errExit("fchmod"); close(fd); snprintf(cmd, sizeof(cmd), "ls -l %s", testpath); system(cmd); if (seteuid(uid) == -1) errExit("seteuid"); accessTest(testpath, 0, "0"); accessTest(testpath, R_OK, "R_OK"); accessTest(testpath, W_OK, "W_OK"); accessTest(testpath, X_OK, "X_OK"); accessTest(testpath, R_OK | W_OK, "R_OK | W_OK"); accessTest(testpath, R_OK | X_OK, "R_OK | X_OK"); accessTest(testpath, W_OK | X_OK, "W_OK | X_OK"); accessTest(testpath, R_OK | W_OK | X_OK, "R_OK | W_OK | X_OK"); exit(EXIT_SUCCESS); } /* main */ This can be run against an Ext3 filesystem as well as against an XFS filesystem. If successful, it will show: [root@andromeda src]# ./t_access_root /tmp/xxx 0 4043 4043 ---------- 1 dhowells dhowells 0 2008-12-31 03:00 /tmp/xxx access(/tmp/xxx, 0) returns 0 access(/tmp/xxx, R_OK) returns 0 access(/tmp/xxx, W_OK) returns 0 access(/tmp/xxx, X_OK) returns -1 access(/tmp/xxx, R_OK | W_OK) returns 0 access(/tmp/xxx, R_OK | X_OK) returns -1 access(/tmp/xxx, W_OK | X_OK) returns -1 access(/tmp/xxx, R_OK | W_OK | X_OK) returns -1 If unsuccessful, it will show: [root@andromeda src]# ./t_access_root /tmp/xxx 0 4043 4043 ---------- 1 dhowells dhowells 0 2008-12-31 02:56 /tmp/xxx access(/tmp/xxx, 0) returns 0 access(/tmp/xxx, R_OK) returns -1 access(/tmp/xxx, W_OK) returns -1 access(/tmp/xxx, X_OK) returns -1 access(/tmp/xxx, R_OK | W_OK) returns -1 access(/tmp/xxx, R_OK | X_OK) returns -1 access(/tmp/xxx, W_OK | X_OK) returns -1 access(/tmp/xxx, R_OK | W_OK | X_OK) returns -1 I've also tested the fix with the SELinux and syscalls LTP testsuites. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
| | * | | | Merge branch 'master' of ↵James Morris2009-01-0517-375/+1122
| | |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | git://git.infradead.org/users/pcmoore/lblnet-2.6_next into next
| | | * | | | smack: Add support for unlabeled network hosts and networksCasey Schaufler2008-12-314-195/+538
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for unlabeled network hosts and networks. Relies heavily on Paul Moore's netlabel support. Creates a new entry in /smack called netlabel. Writes to /smack/netlabel take the form: A.B.C.D LABEL or A.B.C.D/N LABEL where A.B.C.D is a network address, N is an integer between 0-32, and LABEL is the Smack label to be used. If /N is omitted /32 is assumed. N designates the netmask for the address. Entries are matched by the most specific address/mask pair. 0.0.0.0/0 will match everything, while 192.168.1.117/32 will match exactly one host. A new system label "@", pronounced "web", is defined. Processes can not be assigned the web label. An address assigned the web label can be written to by any process, and packets coming from a web address can be written to any socket. Use of the web label is a violation of any strict MAC policy, but the web label has been requested many times. The nltype entry has been removed from /smack. It did not work right and the netlabel interface can be used to specify that all hosts be treated as unlabeled. CIPSO labels on incoming packets will be honored, even from designated single label hosts. Single label hosts can only be written to by processes with labels that can write to the label of the host. Packets sent to single label hosts will always be unlabeled. Once added a single label designation cannot be removed, however the label may be changed. The behavior of the ambient label remains unchanged. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Paul Moore <paul.moore@hp.com>
| | | * | | | selinux: Deprecate and schedule the removal of the the compat_net functionalityPaul Moore2008-12-314-38/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch is the first step towards removing the old "compat_net" code from the kernel. Secmark, the "compat_net" replacement was first introduced in 2.6.18 (September 2006) and the major Linux distributions with SELinux support have transitioned to Secmark so it is time to start deprecating the "compat_net" mechanism. Testing a patched version of 2.6.28-rc6 with the initial release of Fedora Core 5 did not show any problems when running in enforcing mode. This patch adds an entry to the feature-removal-schedule.txt file and removes the SECURITY_SELINUX_ENABLE_SECMARK_DEFAULT configuration option, forcing Secmark on by default although it can still be disabled at runtime. The patch also makes the Secmark permission checks "dynamic" in the sense that they are only executed when Secmark is configured; this should help prevent problems with older distributions that have not yet migrated to Secmark. Signed-off-by: Paul Moore <paul.moore@hp.com> Acked-by: James Morris <jmorris@namei.org>