- 08 9月, 2012 1 次提交
-
-
由 Mimi Zohar 提交于
This patch takes the i_mutex lock before security_inode_removexattr(), instead of after, in preparation of calling ima_inode_removexattr(). Signed-off-by: NMimi Zohar <zohar@us.ibm.com> Signed-off-by: NDmitry Kasatkin <dmitry.kasatkin@nokia.com>
-
- 07 9月, 2012 1 次提交
-
-
由 Kees Cook 提交于
When running a 64-bit kernel and receiving prctls from a 32-bit userspace, the "-1" used as an unsigned long will end up being misdetected. The kernel is looking for 0xffffffffffffffff instead of 0xffffffff. Since prctl lacks a distinct compat interface, Yama needs to handle this translation itself. As such, support either value as meaning PR_SET_PTRACER_ANY, to avoid breaking the ABI for 64-bit. Signed-off-by: NKees Cook <keescook@chromium.org> Acked-by: NJohn Johansen <john.johansen@canonical.com> Cc: stable@vger.kernel.org Signed-off-by: NJames Morris <james.l.morris@oracle.com>
-
- 06 9月, 2012 1 次提交
-
-
由 Kees Cook 提交于
Unconditionally call Yama when CONFIG_SECURITY_YAMA_STACKED is selected, no matter what LSM module is primary. Ubuntu and Chrome OS already carry patches to do this, and Fedora has voiced interest in doing this as well. Instead of having multiple distributions (or LSM authors) carrying these patches, just allow Yama to be called unconditionally when selected by the new CONFIG. Signed-off-by: NKees Cook <keescook@chromium.org> Acked-by: NSerge E. Hallyn <serge.hallyn@canonical.com> Acked-by: NEric Paris <eparis@redhat.com> Acked-by: NJohn Johansen <john.johansen@canonical.com> Signed-off-by: NJames Morris <james.l.morris@oracle.com>
-
- 05 9月, 2012 1 次提交
-
-
由 Xiaoyan Zhang 提交于
This patch declares the internal struct and functions as static to provide more security. Signed-off-by: NXiaoyan Zhang <xiaoyan.zhang@intel.com> Signed-off-by: NFengguang Wu <fengguang.wu@intel.com> Reviewed-by: NKent Yoder <key@linux.vnet.ibm.com> Signed-off-by: NJames Morris <james.l.morris@oracle.com>
-
- 23 8月, 2012 13 次提交
-
-
由 Xiaoyan Zhang 提交于
The Physical Presence Interface enables the OS and the BIOS to cooperate and provides a simple and straightforward platform user experience for administering the TPM without sacrificing security. V2: separate the patch out in a separate source file, add #ifdef CONFIG_ACPI so it compiles out on ppc, use standard error instead of ACPI error as return code of show/store fns. V3: move #ifdef CONFIG_ACPI from .c file to .h file. V4: move tpm_ppi code from tpm module to tpm_bios module. V5: modify sys_add_ppi() so that ppi_attr_grp doesn't need to be exported Signed-off-by: NXiaoyan Zhang <xiaoyan.zhang@intel.com> Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Xiaoyan Zhang 提交于
Signed-off-by: NXiaoyan Zhang <xiaoyan.zhang@intel.com> Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Jesper Juhl 提交于
In drivers/char/tpm/tpm_acpi.c::read_log() we call acpi_os_map_memory(). That call may fail for a number of reasons (invalid address, out of memory etc). If the call fails it returns NULL and we just pass that to memcpy() unconditionally, which will go bad when it tries to dereference the pointer. Unfortunately we just get NULL back, so we can't really tell the user exactely what went wrong, but we can at least avoid crashing and return an error (-EIO seemed more generic and more suitable here than -ENOMEM or something else, so I picked that). Signed-off-by: NJesper Juhl <jj@chaosbits.net> Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Kent Yoder 提交于
Enable tpm_ibmvtpm driver by default when IMA is enabled on PPC64 Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Ashley Lai 提交于
This patch retrieves the event log data from the device tree during file open. The event log data will then displayed through securityfs. Signed-off-by: NAshley Lai <adlai@us.ibm.com> Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Ashley Lai 提交于
This patch instantiate Stored Measurement Log (SML) and put the log address and size in the device tree. Signed-off-by: NAshley Lai <adlai@us.ibm.com> Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Ashley Lai 提交于
This patch adds a new device driver to support IBM virtual TPM (vTPM) for PPC64. IBM vTPM is supported through the adjunct partition with firmware release 740 or higher. With vTPM support, each lpar is able to have its own vTPM without the physical TPM hardware. This driver provides TPM functionalities by communicating with the vTPM adjunct partition through Hypervisor calls (Hcalls) and Command/Response Queue (CRQ) commands. Signed-off-by: NAshley Lai <adlai@us.ibm.com> Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Kent Yoder 提交于
The tpm_tis driver doesn't use tpm_tis_resume except when PM is configured and doesn't make use of tpm_tis_reenable_interrupts except when PM or PNP is configured. Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Kent Yoder 提交于
Moved the atomic_set of the data_pending variable until after the tpm_read has completed processing. The existing code had a window of time where a second write to the driver could clobber the tpm command buffer. Also fixed an issue where if close was called on the tpm device before a read completed, the tpm command buffer would be returned to the OS, which could contain sensitive information. Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Kent Yoder 提交于
This driver will make use of any available TPM chip on the system as a hwrng source. Acked-by: NDavid Safford <safford@linux.vnet.ibm.com> Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Kent Yoder 提交于
Move the tpm_get_random api from the trusted keys code into the TPM device driver itself so that other callers can make use of it. Also, change the api slightly so that the number of bytes read is returned in the call, since the TPM command can potentially return fewer bytes than requested. Acked-by: NDavid Safford <safford@linux.vnet.ibm.com> Reviewed-by: NH. Peter Anvin <hpa@linux.intel.com> Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Kent Yoder 提交于
Break ACPI-specific pieces of the event log handling into their own file and create tpm_eventlog.[ch] to store common event log handling code. This will be required to integrate future event log sources on platforms without ACPI tables. Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
由 Peter Huewe 提交于
This patch adds a driver to support Infineon's SLB 9635 TT 1.2 Soft I2C TPMs which follow the TGC TIS 1.2 TPM specification[1] and Infineon's I2C Protocol Stack Specification 0.20. The I2C Protocol Stack Specification is a simple adaption of the LPC TIS Protocol to the I2C Bus. The I2C TPMs can be used when LPC Bus is not available (i.e. non x86 architectures like ARM). The driver is based on the tpm_tis.c driver by Leendert van Dorn and Kyleen Hall and has quite similar functionality. Tested on Nvidia ARM Tegra2 Development Platform and Beagleboard (ARM OMAP) Tested with the Trousers[2] TSS API Testsuite v 0.3 [3] Compile-tested on x86 (32/64-bit) Updates since version 2.1.4: - included "Lock the I2C adapter for a sequence of requests", by Bryan Freed - use __i2c_transfer instead of own implementation of unlocked i2c_transfer - use struct dev_pm_ops for power management via SIMPLE_DEV_PM_OPS Updates since version 2.1.3: - use proper probing mechanism * either add the tpm using I2C_BOARD_INFO to your board file or probe it * during runtime e.g on BeagleBoard using : * "echo tpm_i2c_infineon 0x20 > /sys/bus/i2c/devices/i2c-2/new_device" - fix possible endless loop if hardware misbehaves - improved return codes - consistent spelling i2c/tpm -> I2C/TPM - remove hardcoded sleep values and msleep usage - removed debug statements - added check for I2C functionality - renaming to tpm_i2c_infineon Updates since version 2.1.2: - added sysfs entries for duration and timeouts - updated to new tpm_do_selftest Updates since version 2.1.0: - improved error handling - implemented workarounds needed by the tpm - fixed typos References: [1] http://www.trustedcomputinggroup.org/resources/pc_client_work_group_pc_client_ specific_tpm_interface_specification_tis_version_12/ [2] http://trousers.sourceforge.net/ [3] http://sourceforge.net/projects/trousers/files/TSS%20API%20test%20suite/0.3/Reviewed-by: NAndi Shyti <andi.shyti@gmail.com> Acked-by: NMarcel Selhorst <tpmdd@selhorst.net> Signed-off-by: NPeter Huewe <peter.huewe@infineon.com> Signed-off-by: NBryan Freed <bfreed@chromium.org> Signed-off-by: NKent Yoder <key@linux.vnet.ibm.com>
-
- 17 8月, 2012 11 次提交
-
-
由 James Morris 提交于
Linux 3.6-rc2 Resync with Linus.
-
由 Linus Torvalds 提交于
-
由 Ian Kent 提交于
Following a report of a crash during an automount expire I found that the locking in fs/autofs4/expire.c:get_next_positive_subdir() was wrong. Not only is the locking wrong but the function is more complex than it needs to be. The function is meant to calculate (and dget) the next entry in the list of directories contained in the root of an autofs mount point (an autofs indirect mount to be precise). The main problem was that the d_lock of the owner of the list was not being taken when walking the list, which lead to list corruption under load. The only other lock that needs to be taken is against the next dentry candidate so it can be checked for usability. Signed-off-by: NIan Kent <raven@themaw.net> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
git://github.com/awilliam/linux-vfio由 Linus Torvalds 提交于
Pull VFIO fix from Alex Williamson: "Just a trivial patch to include vfio.h in the installed headers so we can complete userspace integration into QEMU." * tag 'vfio-for-v3.6-rc1' of git://github.com/awilliam/linux-vfio: vfio: Include vfio.h in installed headers
-
git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse由 Linus Torvalds 提交于
Pull fuse updates from Miklos Szeredi. * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse: fuse: verify all ioctl retry iov elements fuse: add missing INIT flag descriptions fuse: add missing INIT flags fuse: update attributes on aio_read fuse: invalidate inode mapping if mtime changes fuse: add FUSE_AUTO_INVAL_DATA init flag
-
由 Linus Torvalds 提交于
Merge tag 'stable/for-linus-3.6-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen Pull Xen fix from Konrad Rzeszutek Wilk: "Way back in v3.5 we added a mechanism to populate back pages that were released (they overlapped with MMIO regions), but neglected to reserve the proper amount of virtual space for extend_brk to work properly. Coincidentally some other commit aligned the _brk space to larger area so I didn't trigger this until it was run on a machine with more than 2GB of MMIO space." * On machines with large MMIO/PCI E820 spaces we fail to boot b/c we failed to pre-allocate large enough virtual space for extend_brk. * tag 'stable/for-linus-3.6-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen: xen/p2m: Reserve 8MB of _brk space for P2M leafs when populating back.
-
git://github.com/pmundt/linux-sh由 Linus Torvalds 提交于
Pull SuperH fixes from Paul Mundt. * tag 'sh-for-linus' of git://github.com/pmundt/linux-sh: sh: intc: Handle domain association for sparseirq pre-allocated vectors. sh: sh7269: Fix LCD pinmux sh: dma: fix request_irq usage
-
由 Dan Williams 提交于
Moved to djbw@fb.com Cc: Dave Jiang <dave.jiang@intel.com> Cc: Vinod Koul <vinod.koul@linux.intel.com> Signed-off-by: NDan Williams <djbw@fb.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Borislav Petkov 提交于
When dumping "Code: " sections from an oops, the trapping instruction %rip points to can be a string copy 2b:* f3 a5 rep movsl %ds:(%rsi),%es:(%rdi) and the line contain a bunch of ":". Current "cut" selects only the and the second field output looks funnily overlaid this: 2b:* f3 a5 rep movsl %ds <-- trapping instruction:(%rsi),%es:(%rdi Fix this by selecting the remaining fields too. Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: linux-kbuild@vger.kernel.org Signed-off-by: NBorislav Petkov <borislav.petkov@amd.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
git://git.infradead.org/users/vkoul/slave-dma由 Linus Torvalds 提交于
Pull two slave-dmaengine fixes from Vinod Koul: "One fixes the correct use of clock API in imx driver and the other enables clock for tegra driver, which is used for other tegra driver conversion to dmanegine in -next." * 'fixes' of git://git.infradead.org/users/vkoul/slave-dma: dma: tegra: enable/disable dma clock dma: imx-dma: Fix kernel crash due to missing clock conversion
-
git://people.freedesktop.org/~airlied/linux由 Linus Torvalds 提交于
Pull more drm fixes from Dave Airlie: "Just some intel and nouveau ones this time, intel has more edp panel fixes for macbooks and nouveau has a suspend/resume regression fix in there." * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: drm/i915: Apply post-sync write for pipe control invalidates drm/i915: reorder edp disabling to fix ivb MacBook Air drm/nv86/fifo: suspend fix drm/nouveau: disable copy engine on NVAF nouveau: fixup scanout enable in nvc0_pm drm/nouveau/aux: mask off higher bits of auxch index in i2c table entry drm/nvd0/disp: mask off high 16 bit of negative cursor x-coordinate drm/i915: ensure i2c adapter is all set before adding it drm/i915: ignore eDP bpc settings from vbt drm/i915: Fix blank panel at reopening lid drm/nve0/fifo: add support for the flip completion swmthd
-
- 16 8月, 2012 1 次提交
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc由 Linus Torvalds 提交于
Pull two sparc fixes from David S. Miller. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc: sparc64: Be less verbose during vmemmap population. sparc64: do not clobber personality flags in sys_sparc64_personality()
-
- 15 8月, 2012 3 次提交
-
-
git://git.freedesktop.org/git/nouveau/linux-2.6由 Dave Airlie 提交于
* 'drm-nouveau-fixes' of git://git.freedesktop.org/git/nouveau/linux-2.6: drm/nv86/fifo: suspend fix drm/nouveau: disable copy engine on NVAF nouveau: fixup scanout enable in nvc0_pm drm/nouveau/aux: mask off higher bits of auxch index in i2c table entry drm/nvd0/disp: mask off high 16 bit of negative cursor x-coordinate drm/nve0/fifo: add support for the flip completion swmthd
-
git://people.freedesktop.org/~danvet/drm-intel由 Dave Airlie 提交于
Daniel Vetter writes: "A few important fixers: - fix various lvds backlight issues, regressed in 3.6 (Takashi Iwai) - make the retina mbp work (ignore bogus edp bpc value in vbt) - fix a gmbus regression introduced in (iirc) 3.4 (Jani Nikula) - fix an edp panel power sequence regression, fixes the new macbook air - apply the tlb invalidate w/a Otherwise we still have another gmbus regression (patches are awaiting tested-bys) and there's something odd going with some rare systems not entering rc6 often enough (and hence blowing through too much power). It seems to be a timing-related issue and can be mitigated by frobbing the magic tuning parameters. We're still working on that one. Also, we still have some fallout from the hw context support, but you can only hit that with mesa master." * 'drm-intel-fixes' of git://people.freedesktop.org/~danvet/drm-intel: drm/i915: Apply post-sync write for pipe control invalidates drm/i915: reorder edp disabling to fix ivb MacBook Air drm/i915: ensure i2c adapter is all set before adding it drm/i915: ignore eDP bpc settings from vbt drm/i915: Fix blank panel at reopening lid
-
由 David S. Miller 提交于
On a 2-node machine with 256GB of ram we get 512 lines of console output, which is just too much. This mimicks Yinghai Lu's x86 commit c2b91e2e (x86_64/mm: check and print vmemmap allocation continuous) except that we aren't ever going to get contiguous block pointers in between calls so just print when the virtual address or node changes. This decreases the output by an order of 16. Also demote this to KERN_DEBUG. Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
- 14 8月, 2012 8 次提交
-
-
由 Chris Wilson 提交于
When invalidating the TLBs it is documentated as requiring a post-sync write. Failure to do so seems to result in a GPU hang. Exposure to this hang on IVB seems to be a result of removing the extra stalls required for SNB pipecontrol workarounds: commit 6c6cf5aa Author: Chris Wilson <chris@chris-wilson.co.uk> Date: Fri Jul 20 18:02:28 2012 +0100 drm/i915: Only apply the SNB pipe control w/a to gen6 Note: Manually switch the pipe_control cmd to 4 dwords to avoid a (silent) functional conflict with -next. This way will get a loud (but conflict with next (since the scratch_addr has been deleted there). Reported-and-tested-by: yex.tian@intel.com Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=53322Acked-by: NBen Widawsky <ben@bwidawsk.net> Signed-off-by: NChris Wilson <chris@chris-wilson.co.uk> [danvet: added note about merge conflict with -next.] Signed-off-by: NDaniel Vetter <daniel.vetter@ffwll.ch>
-
由 Daniel Vetter 提交于
eDP is tons of fun. It turns out that at least the new MacBook Air 5,1 model absolutely doesn't like the new force vdd dance we've introduced in commit 6cb49835 Author: Daniel Vetter <daniel.vetter@ffwll.ch> Date: Sun May 20 17:14:50 2012 +0200 drm/i915: enable vdd when switching off the eDP panel But that patch also tried to fix some neat edp sequence issue with the force_vdd timings. Closer inspection reveals that we've raised force_vdd only to do the aux channel communication dp_sink_dpms. If we move the edp_panel_off below that, we don't need any force_vdd for the disable sequence, which makes the Air happy. Unfortunately the reporter of the original bug that the above commit fixed is travelling, so we can't test whether this regresses things. But my theory is that since we don't check for any power-off -> force_vdd-on delays in edp_panel_vdd_on, this was the actual root-cause of this failure. With that force_vdd dance completely eliminated, I'm hopeful the original bug stays fixed, too. For reference the old bug, which hopefully doesn't get broken by this: https://bugzilla.kernel.org/show_bug.cgi?id=43163 In any case, regression fixers win over plain bugfixes, so this needs to go in asap. v2: The crucial pieces seems to be to clear the force_vdd flag uncoditionally, too, in edp_panel_off. Looks like this is left behind by the firmware somehow. v3: The Apple firmware seems to switch off the panel on it's own, hence we still need to keep force_vdd on, but properly clear it when switching the panel off. Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=45671Tested-by: NRoberto Romer <sildurin@gmail.com> Tested-by: NDaniel Wagner <wagi@monom.org> Tested-by: NKeith Packard <keithp@keithp.com> Cc: stable@vger.kernel.org Cc: Keith Packard <keithp@keithp.com> Signed-off-by: NDaniel Vetter <daniel.vetter@ffwll.ch>
-
git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux由 Linus Torvalds 提交于
Pull s390 patches from Martin Schwidefsky: "Included are bug fixes and a patch to enable system call filtering with BPF." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390/compat: fix mmap compat system calls s390/compat: fix compat wrappers for process_vm system calls s390: do not clobber personality flags in sys_32_personality() s390/seccomp: add support for system call filtering using BPF s390/sclp_sdias: Add missing break and "fall through" s390/mm: remove MAX_PHYSADDR_BITS define
-
git://people.freedesktop.org/~airlied/linux由 Linus Torvalds 提交于
Pull drm fixes from Dave Airlie: "Radeon and intel fixes mostly, one fix to the mgag200 driver to not hang on certain server variants." * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: (32 commits) drm/radeon: fix typo in function header comment drm/radeon/kms: implement timestamp userspace query (v2) drm/radeon/kms: add MSAA texture support for r600-evergreen drm/radeon/kms: reorder code in r600_check_texture_resource drm/radeon: fence virtual address and free it once idle v4 drm/radeon: fix some missing parens in asic macros drm/radeon: add some new SI pci ids drm/radeon: fix ordering in pll picking on dce4+ drm/radeon: do not reenable crtc after moving vram start address drm/radeon: fix bank tiling parameters on cayman drm/radeon: fix bank tiling parameters on evergreen drm/radeon: fix bank tiling parameters on SI drm/radeon: properly handle crtc powergating drm/radeon: properly handle SS overrides on TN (v2) drm/radeon/dce4+: set a more reasonable cursor watermark drm/radeon: fix handling for ddc type 5 on combios drm/mgag200: fix G200ER pll picking algorithm drm/edid: Fix potential memory leak in edid_load() drm/udl: Use ERR_CAST inlined function instead of ERR_PTR(PTR_ERR(.. [1] drm/radeon/kms: allow "invalid" DB formats as a means to disable DB ...
-
由 Arnd Bergmann 提交于
Commit 72121572 ("GPIO: gpio-pxa: fix devicetree functions") added an "xlate" function pointer to the irq_domain_ops, but this function is nor declared or defined anywhere when CONFIG_OF is disabled, causing the build error: drivers/gpio/gpio-pxa.c:532:11: error: 'irq_domain_xlate_twocell' undeclared here (not in a function) Extending the DT-only code section to cover the irq_domain_ops and the pxa_gpio_dt_ids solves this problem and makes it clearer which code is actually used without DT. Signed-off-by: NArnd Bergmann <arnd@arndb.de> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
-
由 Maxim Levitsky 提交于
This fix is a backport from the reworked nouveau driver. It masks off the engines we're not expecting to use before attempting a channel kickoff. Signed-off-by: NMaxim Levitsky <maximlevitsky@gmail.com> Signed-off-by: NBen Skeggs <bskeggs@redhat.com>
-
由 Henrik Rydberg 提交于
The copy engine exhibits random memory corruption in at least one case, the GeForce 320M (nv50, 0xaf) in the MacBookAir3,1. This patch omits creating the engine for the specific chipset, falling back to M2MF, which kills the symptoms. Signed-off-by: NHenrik Rydberg <rydberg@euromail.se> Signed-off-by: NBen Skeggs <bskeggs@redhat.com>
-
由 Maarten Lankhorst 提交于
Fixes screen being black after changing performance level. Signed-off-by: NMaarten Lankhorst <maarten.lankhorst@canonical.com> Cc: stable@vger.kernel.org [3.5+] Signed-off-by: NBen Skeggs <bskeggs@redhat.com>
-