1. 03 10月, 2012 1 次提交
  2. 06 9月, 2012 1 次提交
  3. 08 8月, 2012 1 次提交
  4. 12 7月, 2012 1 次提交
  5. 18 6月, 2012 1 次提交
    • D
      HID: uhid: add internal message buffer · ace3d861
      David Herrmann 提交于
      When receiving messages from the HID subsystem, we need to process them
      and store them in an internal buffer so user-space can read() on the char
      device to retrieve the messages.
      
      This adds a static buffer for 32 messages to each uhid device. Each
      message is dynamically allocated so the uhid_device structure does not get
      too big.
      
      uhid_queue() adds a message to the buffer. If the buffer is full, the
      message is discarded. uhid_queue_event() is an helper for messages without
      payload.
      
      This also adds a public header: uhid.h. It contains the declarations for
      the user-space API. It is built around "struct uhid_event" which contains
      a type field which specifies the event type and each event can then add a
      variable-length payload. For now, there is only a dummy event but later
      patches will add new event types and payloads.
      Signed-off-by: NDavid Herrmann <dh.herrmann@googlemail.com>
      Signed-off-by: NJiri Kosina <jkosina@suse.cz>
      ace3d861
  6. 12 6月, 2012 3 次提交
  7. 01 6月, 2012 1 次提交
    • M
      kexec: export kexec.h to user space · 29a5c67e
      maximilian attems 提交于
      Add userspace definitions, guard all relevant kernel structures.  While at
      it document stuff and remove now useless userspace hint.
      
      It is easy to add the relevant system call to respective libc's, but it
      seems pointless to have to duplicate the data structures.
      
      This is based on the kexec-tools headers, with the exception of just using
      int on return (succes or failure) and using size_t instead of 'unsigned
      long int' for the number of segments argument of kexec_load().
      Signed-off-by: Nmaximilian attems <max@stro.at>
      Cc: Simon Horman <horms@verge.net.au>
      Cc: Vivek Goyal <vgoyal@redhat.com>
      Cc: Haren Myneni <hbabu@us.ibm.com>
      Cc: "Eric W. Biederman" <ebiederm@xmission.com>
      Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      29a5c67e
  8. 30 5月, 2012 1 次提交
  9. 20 5月, 2012 1 次提交
  10. 18 5月, 2012 1 次提交
  11. 17 5月, 2012 1 次提交
  12. 16 5月, 2012 1 次提交
    • P
      tokenring: delete all remaining driver support · ee446fd5
      Paul Gortmaker 提交于
      This represents the mass deletion of the of the tokenring support.
      
      It gets rid of:
        - the net/tr.c which the drivers depended on
        - the drivers/net component
        - the Kbuild infrastructure around it
        - any tokenring related CONFIG_ settings in any defconfigs
        - the tokenring headers in the include/linux dir
        - the firmware associated with the tokenring drivers.
        - any associated token ring documentation.
      Signed-off-by: NPaul Gortmaker <paul.gortmaker@windriver.com>
      ee446fd5
  13. 10 5月, 2012 2 次提交
  14. 14 4月, 2012 1 次提交
    • W
      seccomp: add system call filtering using BPF · e2cfabdf
      Will Drewry 提交于
      [This patch depends on luto@mit.edu's no_new_privs patch:
         https://lkml.org/lkml/2012/1/30/264
       The whole series including Andrew's patches can be found here:
         https://github.com/redpig/linux/tree/seccomp
       Complete diff here:
         https://github.com/redpig/linux/compare/1dc65fed...seccomp
      ]
      
      This patch adds support for seccomp mode 2.  Mode 2 introduces the
      ability for unprivileged processes to install system call filtering
      policy expressed in terms of a Berkeley Packet Filter (BPF) program.
      This program will be evaluated in the kernel for each system call
      the task makes and computes a result based on data in the format
      of struct seccomp_data.
      
      A filter program may be installed by calling:
        struct sock_fprog fprog = { ... };
        ...
        prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &fprog);
      
      The return value of the filter program determines if the system call is
      allowed to proceed or denied.  If the first filter program installed
      allows prctl(2) calls, then the above call may be made repeatedly
      by a task to further reduce its access to the kernel.  All attached
      programs must be evaluated before a system call will be allowed to
      proceed.
      
      Filter programs will be inherited across fork/clone and execve.
      However, if the task attaching the filter is unprivileged
      (!CAP_SYS_ADMIN) the no_new_privs bit will be set on the task.  This
      ensures that unprivileged tasks cannot attach filters that affect
      privileged tasks (e.g., setuid binary).
      
      There are a number of benefits to this approach. A few of which are
      as follows:
      - BPF has been exposed to userland for a long time
      - BPF optimization (and JIT'ing) are well understood
      - Userland already knows its ABI: system call numbers and desired
        arguments
      - No time-of-check-time-of-use vulnerable data accesses are possible.
      - system call arguments are loaded on access only to minimize copying
        required for system call policy decisions.
      
      Mode 2 support is restricted to architectures that enable
      HAVE_ARCH_SECCOMP_FILTER.  In this patch, the primary dependency is on
      syscall_get_arguments().  The full desired scope of this feature will
      add a few minor additional requirements expressed later in this series.
      Based on discussion, SECCOMP_RET_ERRNO and SECCOMP_RET_TRACE seem to be
      the desired additional functionality.
      
      No architectures are enabled in this patch.
      Signed-off-by: NWill Drewry <wad@chromium.org>
      Acked-by: NSerge Hallyn <serge.hallyn@canonical.com>
      Reviewed-by: NIndan Zupancic <indan@nul.nu>
      Acked-by: NEric Paris <eparis@redhat.com>
      Reviewed-by: NKees Cook <keescook@chromium.org>
      
      v18: - rebase to v3.4-rc2
           - s/chk/check/ (akpm@linux-foundation.org,jmorris@namei.org)
           - allocate with GFP_KERNEL|__GFP_NOWARN (indan@nul.nu)
           - add a comment for get_u32 regarding endianness (akpm@)
           - fix other typos, style mistakes (akpm@)
           - added acked-by
      v17: - properly guard seccomp filter needed headers (leann@ubuntu.com)
           - tighten return mask to 0x7fff0000
      v16: - no change
      v15: - add a 4 instr penalty when counting a path to account for seccomp_filter
             size (indan@nul.nu)
           - drop the max insns to 256KB (indan@nul.nu)
           - return ENOMEM if the max insns limit has been hit (indan@nul.nu)
           - move IP checks after args (indan@nul.nu)
           - drop !user_filter check (indan@nul.nu)
           - only allow explicit bpf codes (indan@nul.nu)
           - exit_code -> exit_sig
      v14: - put/get_seccomp_filter takes struct task_struct
             (indan@nul.nu,keescook@chromium.org)
           - adds seccomp_chk_filter and drops general bpf_run/chk_filter user
           - add seccomp_bpf_load for use by net/core/filter.c
           - lower max per-process/per-hierarchy: 1MB
           - moved nnp/capability check prior to allocation
             (all of the above: indan@nul.nu)
      v13: - rebase on to 88ebdda6
      v12: - added a maximum instruction count per path (indan@nul.nu,oleg@redhat.com)
           - removed copy_seccomp (keescook@chromium.org,indan@nul.nu)
           - reworded the prctl_set_seccomp comment (indan@nul.nu)
      v11: - reorder struct seccomp_data to allow future args expansion (hpa@zytor.com)
           - style clean up, @compat dropped, compat_sock_fprog32 (indan@nul.nu)
           - do_exit(SIGSYS) (keescook@chromium.org, luto@mit.edu)
           - pare down Kconfig doc reference.
           - extra comment clean up
      v10: - seccomp_data has changed again to be more aesthetically pleasing
             (hpa@zytor.com)
           - calling convention is noted in a new u32 field using syscall_get_arch.
             This allows for cross-calling convention tasks to use seccomp filters.
             (hpa@zytor.com)
           - lots of clean up (thanks, Indan!)
       v9: - n/a
       v8: - use bpf_chk_filter, bpf_run_filter. update load_fns
           - Lots of fixes courtesy of indan@nul.nu:
           -- fix up load behavior, compat fixups, and merge alloc code,
           -- renamed pc and dropped __packed, use bool compat.
           -- Added a hidden CONFIG_SECCOMP_FILTER to synthesize non-arch
              dependencies
       v7:  (massive overhaul thanks to Indan, others)
           - added CONFIG_HAVE_ARCH_SECCOMP_FILTER
           - merged into seccomp.c
           - minimal seccomp_filter.h
           - no config option (part of seccomp)
           - no new prctl
           - doesn't break seccomp on systems without asm/syscall.h
             (works but arg access always fails)
           - dropped seccomp_init_task, extra free functions, ...
           - dropped the no-asm/syscall.h code paths
           - merges with network sk_run_filter and sk_chk_filter
       v6: - fix memory leak on attach compat check failure
           - require no_new_privs || CAP_SYS_ADMIN prior to filter
             installation. (luto@mit.edu)
           - s/seccomp_struct_/seccomp_/ for macros/functions (amwang@redhat.com)
           - cleaned up Kconfig (amwang@redhat.com)
           - on block, note if the call was compat (so the # means something)
       v5: - uses syscall_get_arguments
             (indan@nul.nu,oleg@redhat.com, mcgrathr@chromium.org)
            - uses union-based arg storage with hi/lo struct to
              handle endianness.  Compromises between the two alternate
              proposals to minimize extra arg shuffling and account for
              endianness assuming userspace uses offsetof().
              (mcgrathr@chromium.org, indan@nul.nu)
            - update Kconfig description
            - add include/seccomp_filter.h and add its installation
            - (naive) on-demand syscall argument loading
            - drop seccomp_t (eparis@redhat.com)
       v4:  - adjusted prctl to make room for PR_[SG]ET_NO_NEW_PRIVS
            - now uses current->no_new_privs
              (luto@mit.edu,torvalds@linux-foundation.com)
            - assign names to seccomp modes (rdunlap@xenotime.net)
            - fix style issues (rdunlap@xenotime.net)
            - reworded Kconfig entry (rdunlap@xenotime.net)
       v3:  - macros to inline (oleg@redhat.com)
            - init_task behavior fixed (oleg@redhat.com)
            - drop creator entry and extra NULL check (oleg@redhat.com)
            - alloc returns -EINVAL on bad sizing (serge.hallyn@canonical.com)
            - adds tentative use of "always_unprivileged" as per
              torvalds@linux-foundation.org and luto@mit.edu
       v2:  - (patch 2 only)
      Signed-off-by: NJames Morris <james.l.morris@oracle.com>
      e2cfabdf
  15. 01 4月, 2012 1 次提交
  16. 05 3月, 2012 1 次提交
    • P
      ppp: Move ioctl definitions from if_ppp.h to new ppp-ioctl.h · bf7daebb
      Paul Mackerras 提交于
      This moves the definitions of the ioctls, constants and structures
      relating to the ppp_generic interface to userspace out from if_ppp.h
      to a new file, ppp-ioctl.h.  The new file has my copyright since I
      designed and implemented the ppp_generic interface in the late 1990s.
      None of the contents of this file comes from the original if_ppp.h
      published by Carnegie Mellon University.
      
      Of the remainder of if_ppp.h, only the PPP_MTU definition was being
      used, and this replaces the uses of it with PPP_MRU (which is identical).
      Therefore, this replaces the entire file with the single line
      
      #include <linux/ppp-ioctl.h>
      
      which clearly doesn't contain any CMU code.  Thus I have removed the
      CMU copyright notice with its problematic advertising clause, and in
      fact since it's only one trivial line I have not added any other
      copyright notice.
      Signed-off-by: NPaul Mackerras <paulus@samba.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      bf7daebb
  17. 02 3月, 2012 1 次提交
    • B
      mdio: Export mdio.h to userland · 9c717758
      Ben Hutchings 提交于
      The ID packing definitions are needed by userland and the register
      definitions may also be useful there.
      
      Do not export mdio_phy_id_{is_c45,prtad,devad}() as the use of bool is
      problematic and it's not that useful to export only a subset of these.
      
      Do not export MDIO_SUPPORTS_{C22,C45} directly; these flags are only
      exposed to userland through struct ethtool_cmd so they should be
      defined alongside that with appropriate names.
      Signed-off-by: NBen Hutchings <bhutchings@solarflare.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      9c717758
  18. 21 2月, 2012 1 次提交
  19. 05 1月, 2012 1 次提交
  20. 31 12月, 2011 2 次提交
  21. 14 11月, 2011 1 次提交
    • J
      net: introduce ethernet teaming device · 3d249d4c
      Jiri Pirko 提交于
      This patch introduces new network device called team. It supposes to be
      very fast, simple, userspace-driven alternative to existing bonding
      driver.
      
      Userspace library called libteam with couple of demo apps is available
      here:
      https://github.com/jpirko/libteam
      Note it's still in its dipers atm.
      
      team<->libteam use generic netlink for communication. That and rtnl
      suppose to be the only way to configure team device, no sysfs etc.
      
      Python binding of libteam was recently introduced.
      Daemon providing arpmon/miimon active-backup functionality will be
      introduced shortly. All what's necessary is already implemented in
      kernel team driver.
      
      v7->v8:
      	- check ndo_ndo_vlan_rx_[add/kill]_vid functions before calling
      	  them.
      	- use dev_kfree_skb_any() instead of dev_kfree_skb()
      
      v6->v7:
      	- transmit and receive functions are not checked in hot paths.
      	  That also resolves memory leak on transmit when no port is
      	  present
      
      v5->v6:
      	- changed couple of _rcu calls to non _rcu ones in non-readers
      
      v4->v5:
      	- team_change_mtu() uses team->lock while travesing though port
      	  list
      	- mac address changes are moved completely to jurisdiction of
      	  userspace daemon. This way the daemon can do FOM1, FOM2 and
      	  possibly other weird things with mac addresses.
      	  Only round-robin mode sets up all ports to bond's address then
      	  enslaved.
      	- Extended Kconfig text
      
      v3->v4:
      	- remove redundant synchronize_rcu from __team_change_mode()
      	- revert "set and clear of mode_ops happens per pointer, not per
      	  byte"
      	- extend comment of function __team_change_mode()
      
      v2->v3:
      	- team_change_mtu() uses rcu version of list traversal to unwind
      	- set and clear of mode_ops happens per pointer, not per byte
      	- port hashlist changed to be embedded into team structure
      	- error branch in team_port_enter() does cleanup now
      	- fixed rtln->rtnl
      
      v1->v2:
      	- modes are made as modules. Makes team more modular and
      	  extendable.
      	- several commenters' nitpicks found on v1 were fixed
      	- several other bugs were fixed.
      	- note I ignored Eric's comment about roundrobin port selector
      	  as Eric's way may be easily implemented as another mode (mode
      	  "random") in future.
      Signed-off-by: NJiri Pirko <jpirko@redhat.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      3d249d4c
  22. 08 7月, 2011 1 次提交
    • T
      drivers/virt: introduce Freescale hypervisor management driver · 6db71994
      Timur Tabi 提交于
      Add the drivers/virt directory, which houses drivers that support
      virtualization environments, and add the Freescale hypervisor management
      driver.
      
      The Freescale hypervisor management driver provides several services to
      drivers and applications related to the Freescale hypervisor:
      
      1. An ioctl interface for querying and managing partitions
      
      2. A file interface to reading incoming doorbells
      
      3. An interrupt handler for shutting down the partition upon receiving the
         shutdown doorbell from a manager partition
      
      4. A kernel interface for receiving callbacks when a managed partition
         shuts down.
      Signed-off-by: NTimur Tabi <timur@freescale.com>
      Acked-by: NArnd Bergmann <arnd@arndb.de>
      Signed-off-by: NKumar Gala <galak@kernel.crashing.org>
      6db71994
  23. 25 5月, 2011 1 次提交
    • J
      mmc: core: Add mmc CMD+ACMD passthrough ioctl · cb87ea28
      John Calixto 提交于
      Allows appropriately-privileged applications to send CMD (normal) and ACMD
      (application-specific; preceded with CMD55) commands to cards/devices on
      the mmc bus.  This is primarily useful for enabling the security
      functionality built in to every SD card.
      
      It can also be used as a generic passthrough (e.g. to enable virtual
      machines to control mmc bus devices directly).  However, this use case has
      not been tested rigorously.  Generic passthrough testing was only conducted
      for a few non-security opcodes to prove the feasibility of the passthrough.
      
      Since any opcode can be sent using this passthrough, it is very possible to
      render the card/device unusable.  Applications that use this ioctl must
      have CAP_SYS_RAWIO.
      
      Security commands tested on TI PCIxx12 (SDHCI), Sigma Designs SMP8652 SoC,
      TI OMAP3621/OMAP3630 SoC, Samsung S5PC110 SoC, Qualcomm MSM7200A SoC.
      Signed-off-by: NJohn Calixto <john.calixto@modsystems.com>
      Reviewed-by: NAndrei Warkentin <andreiw@motorola.com>
      Reviewed-by: NArnd Bergmann <arnd@arndb.de>
      Signed-off-by: NChris Ball <cjb@laptop.org>
      cb87ea28
  24. 24 5月, 2011 1 次提交
  25. 20 5月, 2011 1 次提交
  26. 22 3月, 2011 4 次提交
  27. 01 2月, 2011 2 次提交
    • G
      Revert "appletalk: move to staging" · 0ffbf8bf
      Greg Kroah-Hartman 提交于
      This reverts commit a6238f21
      
      Appletalk got some patches to fix up the BLK usage in it in the
      network tree, so this removal isn't needed.
      
      Cc: Arnd Bergmann <arnd@arndb.de>
      Cc: <acme@ghostprotocols.net>
      Cc: netdev@vger.kernel.org,
      Cc: David Miller <davem@davemloft.net>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
      0ffbf8bf
    • A
      appletalk: move to staging · a6238f21
      Arnd Bergmann 提交于
      For all I know, Appletalk is dead, the only reasonable
      use right now would be nostalgia, and that can be served
      well enough by old kernels. The code is largely not
      in a bad shape, but it still uses the big kernel lock,
      and nobody seems motivated to change that.
      
      FWIW, the last release of MacOS that supported Appletalk
      was MacOS X 10.5, made in 2007, and it has been abandoned
      by Apple with 10.6. Using TCP/IP instead of Appletalk has
      been supported since MacOS 7.6, which was released in
      1997 and is able to run on most of the legacy hardware.
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Cc: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
      Cc: netdev@vger.kernel.org
      Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
      a6238f21
  28. 30 1月, 2011 1 次提交
  29. 29 12月, 2010 1 次提交
  30. 15 12月, 2010 1 次提交
  31. 03 12月, 2010 1 次提交
  32. 29 10月, 2010 1 次提交