- 20 4月, 2008 30 次提交
-
-
由 Dan Williams 提交于
Requiring userspace to close and re-open sysfs attributes has been the policy since before 2.6.12. It allows userspace to get a consistent snapshot of kernel state and consume it with incremental reads and seeks. Now, if the file position is zero the kernel assumes userspace wants to see the new value. The application for this change is to allow a userspace RAID metadata handler to check the state of an array without causing any memory allocations. Thus not causing writeback to a raid array that might be blocked waiting for userspace to take action. Cc: Neil Brown <neilb@suse.de> Acked-by: NTejun Heo <htejun@gmail.com> Signed-off-by: NDan Williams <dan.j.williams@intel.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Rafael J. Wysocki 提交于
After 2.6.24 there was a plan to make the PM core acquire all device semaphores during a suspend/hibernation to protect itself from concurrent operations involving device objects. That proved to be too heavy-handed and we found a better way to achieve the goal, but before it happened, we had introduced the functions device_pm_schedule_removal() and destroy_suspended_device() to allow drivers to "safely" destroy a suspended device and we had adapted some drivers to use them. Now that these functions are no longer necessary, it seems reasonable to remove them and modify their users to use the normal device unregistration instead. Signed-off-by: NRafael J. Wysocki <rjw@sisk.pl> Acked-by: NPavel Machek <pavel@ucw.cz> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Konrad Rzeszutek 提交于
Add /sysfs/firmware/ibft/[initiator|targetX|ethernetX] directories along with text properties which export the the iSCSI Boot Firmware Table (iBFT) structure. What is iSCSI Boot Firmware Table? It is a mechanism for the iSCSI tools to extract from the machine NICs the iSCSI connection information so that they can automagically mount the iSCSI share/target. Currently the iSCSI information is hard-coded in the initrd. The /sysfs entries are read-only one-name-and-value fields. The usual set of data exposed is: # for a in `find /sys/firmware/ibft/ -type f -print`; do echo -n "$a: "; cat $a; done /sys/firmware/ibft/target0/target-name: iqn.2007.com.intel-sbx44:storage-10gb /sys/firmware/ibft/target0/nic-assoc: 0 /sys/firmware/ibft/target0/chap-type: 0 /sys/firmware/ibft/target0/lun: 00000000 /sys/firmware/ibft/target0/port: 3260 /sys/firmware/ibft/target0/ip-addr: 192.168.79.116 /sys/firmware/ibft/target0/flags: 3 /sys/firmware/ibft/target0/index: 0 /sys/firmware/ibft/ethernet0/mac: 00:11:25:9d:8b:01 /sys/firmware/ibft/ethernet0/vlan: 0 /sys/firmware/ibft/ethernet0/gateway: 192.168.79.254 /sys/firmware/ibft/ethernet0/origin: 0 /sys/firmware/ibft/ethernet0/subnet-mask: 255.255.252.0 /sys/firmware/ibft/ethernet0/ip-addr: 192.168.77.41 /sys/firmware/ibft/ethernet0/flags: 7 /sys/firmware/ibft/ethernet0/index: 0 /sys/firmware/ibft/initiator/initiator-name: iqn.2007-07.com:konrad.initiator /sys/firmware/ibft/initiator/flags: 3 /sys/firmware/ibft/initiator/index: 0 For full details of the IBFT structure please take a look at: ftp://ftp.software.ibm.com/systems/support/system_x_pdf/ibm_iscsi_boot_firmware_table_v1.02.pdf [akpm@linux-foundation.org: fix build] Signed-off-by: NKonrad Rzeszutek <konradr@linux.vnet.ibm.com> Cc: Mike Christie <michaelc@cs.wisc.edu> Cc: Peter Jones <pjones@redhat.com> Cc: James Bottomley <James.Bottomley@HansenPartnership.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Randy Dunlap 提交于
Source file was removed. Need to remove docbook reference also. Signed-off-by: NRandy Dunlap <randy.dunlap@oracle.com> Cc: Pavel Machek <pavel@suse.cz> Cc: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Robert P. J. Day 提交于
Use the more concise list_for_each_entry(), which allows for the deletion of the to_kobj() routine at the same time. Signed-off-by: NRobert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Robert P. J. Day 提交于
After an experimental deletion of the unnecessary inclusion of <linux/slab.h> from the header file <linux/percpu.h>, the following files under fs/sysfs were exposed as needing to explicitly include <linux/slab.h>. Signed-off-by: NRobert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Greg Kroah-Hartman 提交于
device_is_registered() can use the kobject value for this, so it will now work with devices that are associated with only a class, not a bus and a driver. Cc: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Alan Stern 提交于
This patch (as1058) improves the wakeup macros in include/linux/pm.h. All but the trivial ones are converted to inline routines, which requires moving them to a separate header file since they depend on the definition of struct device. Signed-off-by: NAlan Stern <stern@rowland.harvard.edu> Signed-off-by: NRafael J. Wysocki <rjw@sisk.pl> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Alan Stern 提交于
The various wakeup flags and their accessor macros in struct dev_pm_info should be available whenever CONFIG_PM is enabled, not just when CONFIG_PM_SLEEP is on. Otherwise remote wakeup won't always be configurable for runtime power management. This patch (as1056b) fixes the oversight. David Brownell adds: More accurately, fixes the "regression" ... as noted sometime last summer, after 296699de introduced CONFIG_SUSPEND. But that didn't make the regression list for that kernel, ergo the delay in fixing it. [rjw: rebased] Signed-off-by: NAlan Stern <stern@rowland.harvard.edu> Signed-off-by: NRafael J. Wysocki <rjw@sisk.pl> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Alan Stern 提交于
This patch (as1059) fixes a mistake in the way the serial core initializes a device's wakeup settings. It should use the accessor routine instead of relying on a macro producing an lvalue. Signed-off-by: NAlan Stern <stern@rowland.harvard.edu> Signed-off-by: NRafael J. Wysocki <rjw@sisk.pl> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Rafael J. Wysocki 提交于
Include dpm_sysfs_add() into device_pm_add(), in analogy with device_pm_remove(), and modify device_add() to call the latter after bus_add_device(), to avoid situations in which the PM core may attempt to suspend a device the registration of which has not been successful. Signed-off-by: NRafael J. Wysocki <rjw@sisk.pl> Acked-by: NPavel Machek <pavel@ucw.cz> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Rafael J. Wysocki 提交于
Modify the PM core to protect its data structures, specifically the dpm_active list, from being corrupted if a child of the currently suspending device is registered concurrently with its ->suspend() callback. In that case, since the new device (the child) is added to dpm_active after its parent, the PM core will attempt to suspend it after the parent, which is wrong. Introduce a new member of struct dev_pm_info, called 'sleeping', and use it to check if the parent of the device being added to dpm_active has been suspended, in which case the device registration fails. Also, use 'sleeping' for checking if the ordering of devices on dpm_active is correct. Introduce variable 'all_sleeping' that will be set to 'true' once all devices have been suspended and make new device registrations fail until 'all_sleeping' is reset to 'false', in order to avoid having unsuspended devices around while the system is going into a sleep state. Remove pm_sleep_rwsem which is not necessary any more. Special thanks to Alan Stern for discussions and suggestions that lead to the creation of this patch. Signed-off-by: NRafael J. Wysocki <rjw@sisk.pl> Acked-by: NPavel Machek <pavel@ucw.cz> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Kay Sievers 提交于
Userspace likes to get notified that the disk may have changed, when rescan_partitions() is called after partitioning or media change. It will make it possible to update the state of the disk with the "change" event, before the following partition "add" events are handled. Cc: David Zeuthen <david@fubar.dk> Signed-off-by: NKay Sievers <kay.sievers@vrfy.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Ben Dooks 提交于
I've just found how easy it is to accidentally register a sysdev_driver for two different classes. When this happens, bad things happen as the sysdev_driver structure keeps has the list entry for the driver registration. The following patch makes a WARN_ON() if this happens, although I think BUG_ON or returning -EAGAIN could also be valid responses to this. Signed-off-by: NBen Dooks <ben@fluff.org> Cc: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Sam Ravnborg 提交于
Fix following warning: WARNING: vmlinux.o(.text+0x64609c): Section mismatch in reference from the function store_online() to the function .cpuinit.text:cpu_up() store_online() is defined inside a HOTPLUG_CPU block so references are OK. Ignore references by annotating store_online() with __ref. Note: This is needed because cpu_up() most likely should not have been __cpuinit but all the hotplug cpu code misuses the __cpuinit annotation. Signed-off-by: NSam Ravnborg <sam@ravnborg.org> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Pavel Machek 提交于
power_state is scheduled for removal, and it is used only for debug prints by driver core. Remove it. Signed-off-by: NPavel Machek <pavel@suse.cz> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Kay Sievers 提交于
The current PNP combined card + devices module aliase can never ever match anything, because these values are not available all at the same time to request a module. Instead of adding the combined alias, we add the device id's all as individual aliases. Device id's are exported by the PNP bus and can now properly used to request the loading of a matching module. The module snd-sbawe currently exports aliases, which can never match anything: alias: pnp:cCTLXXXXdCTL0045dCTL0022* alias: pnp:cCTLXXXXdCTL0044dCTL0023* alias: pnp:cCTLXXXXdCTL0042dCTL0022* alias: pnp:cCTLXXXXdCTL0041dCTL0021* alias: pnp:cCTLXXXXdCTL0031dCTL0021* alias: pnp:cCTL00eddCTL0041dCTL0070* alias: pnp:cCTL00e9dCTL0045dCTL0022* alias: pnp:cCTL00e4dCTL0045dCTL0022* alias: pnp:cCTL00c7dCTL0045dCTL0022* alias: pnp:cCTL00c5dCTL0045dCTL0022* alias: pnp:cCTL00c3dCTL0045dCTL0022* alias: pnp:cCTL00c1dCTL0042dCTL0022* alias: pnp:cCTL00b2dCTL0044dCTL0023* alias: pnp:cCTL009edCTL0044dCTL0023* alias: pnp:cCTL009ddCTL0042dCTL0022* alias: pnp:cCTL009fdCTL0041dCTL0021* alias: pnp:cCTL009cdCTL0041dCTL0021* alias: pnp:cCTL009adCTL0041dCTL0021* alias: pnp:cCTL0054dCTL0031dCTL0021* alias: pnp:cCTL0048dCTL0031dCTL0021* alias: pnp:cCTL0047dCTL0031dCTL0021* alias: pnp:cCTL0046dCTL0031dCTL0021* alias: pnp:cCTL0045dCTL0031dCTL0021* alias: pnp:cCTL0044dCTL0031dCTL0021* alias: pnp:cCTL0043dCTL0031dCTL0021* alias: pnp:cCTL0042dCTL0031dCTL0021* alias: pnp:cCTL0039dCTL0031dCTL0021* alias: pnp:cCTL0035dCTL0031dCTL0021* With this patch it exports only the device id's, as properly matchable aliases: alias: pnp:dCTL0070* alias: pnp:dCTL0045* alias: pnp:dCTL0023* alias: pnp:dCTL0044* alias: pnp:dCTL0022* alias: pnp:dCTL0042* alias: pnp:dCTL0041* alias: pnp:dCTL0021* alias: pnp:dCTL0031* Now, the exported value of the PNP bus can be used to autoload a matching module: $ modprobe --first-time -n -v pnp:dCTL0045 insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/core/snd-rawmidi.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/drivers/mpu401/snd-mpu401-uart.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/core/snd-hwdep.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/isa/sb/snd-sb-common.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/isa/sb/snd-sb16-csp.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/isa/sb/snd-sb16-dsp.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/drivers/opl3/snd-opl3-lib.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/isa/sb/snd-sbawe.ko $ grep CTL0045 /sys/bus/pnp/devices/*/id /sys/bus/pnp/devices/01:01.00/id:CTL0045 Signed-off-by: NKay Sievers <kay.sievers@vrfy.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Greg Kroah-Hartman 提交于
This fixes up a number of coding style issues in the firmware sample files. Yeah, it still doesn't build properly yet, that's next... Cc: Randy Dunlap <randy.dunlap@oracle.com> Cc: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Randy Dunlap 提交于
Move the firmware_class sample drivers to samples/ so that they are buildable and can be maintained. Signed-off-by: NRandy Dunlap <randy.dunlap@oracle.com> Acked-by: NMarcel Holtmann <marcel@holtmann.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 David Rientjes 提交于
Convert sysfs_remove_bin_file() to have a return type of 'void' for !CONFIG_SYSFS configurations. Also removes unnecessary colons from empty void functions. Signed-off-by: NDavid Rientjes <rientjes@google.com> Reviewed-by: NRandy Dunlap <randy.dunlap@oracle.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Joe Perches 提交于
driver core: Convert debug functions declared inline __attribute__((format (printf,x,y) to statement expression macros When DEBUG is not defined, pr_debug and dev_dbg and some other local debugging functions are specified as: "inline __attribute__((format (printf, x, y)))" This is done to validate printk arguments when not debugging. Converting these functions to macros or statement expressions "do { if (0) printk(fmt, ##arg); } while (0)" or "({ if (0) printk(fmt, ##arg); 0; }) makes at least gcc 4.2.2 produce smaller objects. This has the additional benefit of allowing the optimizer to avoid calling functions like print_mac that might have been arguments to the printk. defconfig x86 current: $ size vmlinux text data bss dec hex filename 4716770 474560 618496 5809826 58a6a2 vmlinux all converted: (More patches follow) $ size vmlinux text data bss dec hex filename 4716642 474560 618496 5809698 58a622 vmlinux Even kernel/sched.o, which doesn't even use these functions, becomes smaller. It appears that merely having an indirect include of <linux/device.h> can cause bigger objects. $ size sched.inline.o sched.if0.o text data bss dec hex filename 31385 2854 328 34567 8707 sched.inline.o 31366 2854 328 34548 86f4 sched.if0.o The current preprocessed only kernel/sched.i file contains: # 612 "include/linux/device.h" static inline __attribute__((always_inline)) int __attribute__ ((format (printf, 2, 3))) dev_dbg(struct device *dev, const char *fmt, ...) { return 0; } # 628 "include/linux/device.h" static inline __attribute__((always_inline)) int __attribute__ ((format (printf, 2, 3))) dev_vdbg(struct device *dev, const char *fmt, ...) { return 0; } Removing these unused inlines from sched.i shrinks sched.o Signed-off-by: NJoe Perches <joe@perches.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Badari Pulavarty 提交于
register_memory()/unregister_memory() never gets called with "root". unregister_memory() is accessing kobject_name of the object just freed up. Since no one uses the code, lets take the code out. And also, make register_memory() static. Another bug fix - before calling unregister_memory() remove_memory_block() gets a ref on kobject. unregister_memory() need to drop that ref before calling sysdev_unregister(). Signed-off-by: NBadari Pulavarty <pbadari@us.ibm.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Daniel Walker 提交于
Signed-off-by: NDaniel Walker <dwalker@mvista.com> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Uwe Kleine-König 提交于
Otherwise the device might just disappear while /dev/uioX is being used which results in an Oops. Signed-off-by: NUwe Kleine-König <Uwe.Kleine-Koenig@digi.com> Signed-off-by: NHans J Koch <hjk@linutronix.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Ben Nizette 提交于
This patch implements a UIO interface for the SMX Cryptengine. The Cryptengine found on the Nias Digital SMX board is best suited for a UIO interface. It is not wired in to the cryptographic API as the engine handles it's own keys, algorithms, everything. All that we know about is that if there's room in the buffer, you can write data to it and when there's data ready, you read it out again. There isn't necessarily even any direct correlation between data going in and data coming out again, the engine may consume or generate data all on its own. This driver is for proprietary hardware but we're always told to submit the drivers anyway; here you are. :-) This is version 4 of this patch and addresses all issues raised by Hans-Jürgen Koch and Paul Mundt in their reviews. Slightly altered is Paul's suggestion to use DRV_NAME and DRV_VERSION as the UIO version and name. While at the moment they are the same, there is no reason for them to stay that way. Nevertheless we now at least provide a MODULE_VERSION macro to keep modinfo happy. Signed-off-by: NBen Nizette <bn@niasdigital.com> Acked-by: NPaul Mundt <lethal@linux-sh.org> Signed-off-by: NHans J Koch <hjk@linutronix.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Hans-Jürgen Koch 提交于
Meanwhile, PCI_DEVICE_ID_PLX_9030 is defined in pci_ids.h, no need to define it again in the driver. Signed-off-by: NHans J. Koch <hjk@linutronix.de> CC: Benedikt Spranger <b.spranger@linutronix.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Hans-Jürgen Koch 提交于
Source drivers/uio/Kconfig to make UIO available in menuconfig if ARCH=arm. Signed-off-by: NHans J Koch <hjk@linutronix.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Denis Cheng 提交于
Signed-off-by: NDenis Cheng <crquan@gmail.com> Signed-off-by: NHans J. Koch <hjk@linutronix.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Denis Cheng 提交于
Signed-off-by: NDenis Cheng <crquan@gmail.com> Signed-off-by: NHans J. Koch <hjk@linutronix.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
由 Greg Kroah-Hartman 提交于
Add warnings to kobject_put() to catch kobjects that are cleaned up but were never initialized to begin with. Cc: Kay Sievers <kay.sievers@vrfy.org> Cc: Hannes Reinecke <hare@suse.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
-
- 19 4月, 2008 10 次提交
-
-
由 Linus Torvalds 提交于
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: security: fix up documentation for security_module_enable Security: Introduce security= boot parameter Audit: Final renamings and cleanup SELinux: use new audit hooks, remove redundant exports Audit: internally use the new LSM audit hooks LSM/Audit: Introduce generic Audit LSM hooks SELinux: remove redundant exports Netlink: Use generic LSM hook Audit: use new LSM hooks instead of SELinux exports SELinux: setup new inode/ipc getsecid hooks LSM: Introduce inode_getsecid and ipc_getsecid hooks
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.26由 Linus Torvalds 提交于
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.26: (1090 commits) [NET]: Fix and allocate less memory for ->priv'less netdevices [IPV6]: Fix dangling references on error in fib6_add(). [NETLABEL]: Fix NULL deref in netlbl_unlabel_staticlist_gen() if ifindex not found [PKT_SCHED]: Fix datalen check in tcf_simp_init(). [INET]: Uninline the __inet_inherit_port call. [INET]: Drop the inet_inherit_port() call. SCTP: Initialize partial_bytes_acked to 0, when all of the data is acked. [netdrvr] forcedeth: internal simplifications; changelog removal phylib: factor out get_phy_id from within get_phy_device PHY: add BCM5464 support to broadcom PHY driver cxgb3: Fix __must_check warning with dev_dbg. tc35815: Statistics cleanup natsemi: fix MMIO for PPC 44x platforms [TIPC]: Cleanup of TIPC reference table code [TIPC]: Optimized initialization of TIPC reference table [TIPC]: Remove inlining of reference table locking routines e1000: convert uint16_t style integers to u16 ixgb: convert uint16_t style integers to u16 sb1000.c: make const arrays static sb1000.c: stop inlining largish static functions ...
-
由 James Morris 提交于
security_module_enable() can only be called during kernel init. Signed-off-by: NJames Morris <jmorris@namei.org>
-
由 Ahmed S. Darwish 提交于
Add the security= boot parameter. This is done to avoid LSM registration clashes in case of more than one bult-in module. User can choose a security module to enable at boot. If no security= boot parameter is specified, only the first LSM asking for registration will be loaded. An invalid security module name will be treated as if no module has been chosen. LSM modules must check now if they are allowed to register by calling security_module_enable(ops) first. Modify SELinux and SMACK to do so. Do not let SMACK register smackfs if it was not chosen on boot. Smackfs assumes that smack hooks are registered and the initial task security setup (swapper->security) is done. Signed-off-by: NAhmed S. Darwish <darwish.07@gmail.com> Acked-by: NJames Morris <jmorris@namei.org>
-
由 Ahmed S. Darwish 提交于
Rename the se_str and se_rule audit fields elements to lsm_str and lsm_rule to avoid confusion. Signed-off-by: NCasey Schaufler <casey@schaufler-ca.com> Signed-off-by: NAhmed S. Darwish <darwish.07@gmail.com> Acked-by: NJames Morris <jmorris@namei.org>
-
由 Ahmed S. Darwish 提交于
Setup the new Audit LSM hooks for SELinux. Remove the now redundant exported SELinux Audit interface. Audit: Export 'audit_krule' and 'audit_field' to the public since their internals are needed by the implementation of the new LSM hook 'audit_rule_known'. Signed-off-by: NCasey Schaufler <casey@schaufler-ca.com> Signed-off-by: NAhmed S. Darwish <darwish.07@gmail.com> Acked-by: NJames Morris <jmorris@namei.org>
-
由 Ahmed S. Darwish 提交于
Convert Audit to use the new LSM Audit hooks instead of the exported SELinux interface. Basically, use: security_audit_rule_init secuirty_audit_rule_free security_audit_rule_known security_audit_rule_match instad of (respectively) : selinux_audit_rule_init selinux_audit_rule_free audit_rule_has_selinux selinux_audit_rule_match Signed-off-by: NCasey Schaufler <casey@schaufler-ca.com> Signed-off-by: NAhmed S. Darwish <darwish.07@gmail.com> Acked-by: NJames Morris <jmorris@namei.org>
-
由 Ahmed S. Darwish 提交于
Introduce a generic Audit interface for security modules by adding the following new LSM hooks: audit_rule_init(field, op, rulestr, lsmrule) audit_rule_known(krule) audit_rule_match(secid, field, op, rule, actx) audit_rule_free(rule) Those hooks are only available if CONFIG_AUDIT is enabled. Signed-off-by: NCasey Schaufler <casey@schaufler-ca.com> Signed-off-by: NAhmed S. Darwish <darwish.07@gmail.com> Acked-by: NJames Morris <jmorris@namei.org> Reviewed-by: NPaul Moore <paul.moore@hp.com>
-
由 Ahmed S. Darwish 提交于
Remove the following exported SELinux interfaces: selinux_get_inode_sid(inode, sid) selinux_get_ipc_sid(ipcp, sid) selinux_get_task_sid(tsk, sid) selinux_sid_to_string(sid, ctx, len) They can be substitued with the following generic equivalents respectively: new LSM hook, inode_getsecid(inode, secid) new LSM hook, ipc_getsecid*(ipcp, secid) LSM hook, task_getsecid(tsk, secid) LSM hook, sid_to_secctx(sid, ctx, len) Signed-off-by: NCasey Schaufler <casey@schaufler-ca.com> Signed-off-by: NAhmed S. Darwish <darwish.07@gmail.com> Acked-by: NJames Morris <jmorris@namei.org> Reviewed-by: NPaul Moore <paul.moore@hp.com>
-
由 Ahmed S. Darwish 提交于
Don't use SELinux exported selinux_get_task_sid symbol. Use the generic LSM equivalent instead. Signed-off-by: NCasey Schaufler <casey@schaufler-ca.com> Signed-off-by: NAhmed S. Darwish <darwish.07@gmail.com> Acked-by: NJames Morris <jmorris@namei.org> Acked-by: NDavid S. Miller <davem@davemloft.net> Reviewed-by: NPaul Moore <paul.moore@hp.com>
-