This implements a seemless mechanism for xfrm policy selection and
state matching based on the flow sid. This also includes the necessary
SELinux enforcement pieces.
Signed-off-by: NVenkat Yekkirala <vyekkirala@TrustedCS.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

This adds security for IP sockets at the sock level. Security at the
sock level is needed to enforce the SELinux security policy for
security associations even when a sock is orphaned (such as in the TCP
LAST_ACK state).

This will also be used to enforce SELinux controls over data arriving
at or leaving a child socket while it's still waiting to be accepted.
Signed-off-by: NVenkat Yekkirala <vyekkirala@TrustedCS.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>

ioremap must be balanced by an iounmap and failing to do so can result
in a memory leak.

Tested (compilation only) with:
- allmodconfig
- Modifying drivers/mtd/maps/Kconfig and drivers/mtd/nand/Kconfig to
make sure that the changed file is compiling without warning
Signed-off-by: NAmol Lad <amol@verismonetworks.com>
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>

This patch marks the crypto_digest_* functions and crypto_alg_available
as deprecated.  They've been replaced by crypto_hash_* and crypto_has_*
respectively.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch converts padlock-sha to use crypto_hash for its fallback.
It also changes the fallback selection to use selection by type instead
of name.  This is done through the new CRYPTO_ALG_NEED_FALLBACK bit,
which is set if and only if an algorithm needs a fallback of the same
type.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch converts all users to use the new crypto_comp type and the
crypto_has_* functions.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds the crypto_comp type to complete the compile-time checking
conversion.  The functions crypto_has_alg and crypto_has_cipher, etc. are
also added to replace crypto_alg_available.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch removes the old HMAC implementation now that nobody uses it
anymore.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

The existing digest user interface is inadequate for support asynchronous
operations.  For one it doesn't return a value to indicate success or
failure, nor does it take a per-operation descriptor which is essential
for the issuing of requests while other requests are still outstanding.

This patch is the first in a series of steps to remodel the interface
for asynchronous operations.

For the ease of transition the new interface will be known as "hash"
while the old one will remain as "digest".

This patch also changes sg_next to allow chaining.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Mark the parts of the cipher interface that have been replaced by
block ciphers as deprecated.  Thanks to Andrew Morton for suggesting
doing this before removing them completely.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds a const modifier to the buf argument of sg_set_buf and
sg_init_one.  This lets people call it with pointers that are const.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch converts SUNRPC/GSS to use the new block cipher type where
applicable.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds the new type of block ciphers.  Unlike current cipher
algorithms which operate on a single block at a time, block ciphers
operate on an arbitrarily long linear area of data.  As it is block-based,
it will skip any data remaining at the end which cannot form a block.

The block cipher has one major difference when compared to the existing
block cipher implementation.  The sg walking is now performed by the
algorithm rather than the cipher mid-layer.  This is needed for drivers
that directly support sg lists.  It also improves performance for all
algorithms as it reduces the total number of indirect calls by one.

In future the existing cipher algorithm will be converted to only have
a single-block interface.  This will be done after all existing users
have switched over to the new block cipher type.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds two new operations for the simple cipher that encrypts or
decrypts a single block at a time.  This will be the main interface after
the existing block operations have moved over to the new block ciphers.

It also adds the crypto_cipher type which is currently only used on the
new operations but will be extended to setkey as well once existing users
have been converted to use block ciphers where applicable.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds the crypto_type structure which will be used for all new
crypto algorithm types, beginning with block ciphers.

The primary purpose of this abstraction is to allow different crypto_type
objects for crypto algorithms of the same type, in particular, there will
be a different crypto_type objects for asynchronous algorithms.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Up until now all crypto transforms have been of the same type, struct
crypto_tfm, regardless of whether they are ciphers, digests, or other
types.  As a result of that, we check the types at run-time before
each crypto operation.

This is rather cumbersome.  We could instead use different C types for
each crypto type to ensure that the correct types are used at compile
time.  That is, we would have crypto_cipher/crypto_digest instead of
just crypto_tfm.  The appropriate type would then be required for the
actual operations such as crypto_digest_digest.

Now that we have the type/mask fields when looking up algorithms, it
is easy to request for an algorithm of the precise type that the user
wants.  However, crypto_alloc_tfm currently does not expose these new
attributes.

This patch introduces the function crypto_alloc_base which will carry
these new parameters.  It will be renamed to crypto_alloc_tfm once
all existing users have been converted.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch adds the asynchronous flag and changes all existing users to
only look up algorithms that are synchronous.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

This patch makes IV operations on ECB fail through nocrypt_iv rather than
calling BUG().  This is needed to generalise CBC/ECB using the template
mechanism.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Now that the tfm is passed directly to setkey instead of the ctx, we no
longer need to pass the &tfm->crt_flags pointer.

This patch also gets rid of a few unnecessary checks on the key length
for ciphers as the cipher layer guarantees that the key length is within
the bounds specified by the algorithm.

Rather than testing dia_setkey every time, this patch does it only once
during crypto_alloc_tfm.  The redundant check from crypto_digest_setkey
is also removed.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Add missing accessors for cra_driver_name and cra_priority.
Signed-off-by: NMichal Ludvig <michal@logix.cz>
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Spawns lock a specific crypto algorithm in place.  They can then be used
with crypto_spawn_tfm to allocate a tfm for that algorithm.  When the base
algorithm of a spawn is deregistered, all its spawns will be automatically
removed.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

The cryptomgr module is a simple manager of crypto algorithm instances.
It ensures that parameterised algorithms of the type tmpl(alg) (e.g.,
cbc(aes)) are always created.

This is meant to satisfy the needs for most users.  For more complex
cases such as deeper combinations or multiple parameters, a netlink
module will be created which allows arbitrary expressions to be parsed
in user-space.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

This patch adds a notifier chain for algorithm/template registration events.
This will be used to register compound algorithms such as cbc(aes).  In
future this will also be passed onto user-space through netlink.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Up until now we've relied on module reference counting to ensure that the
crypto_alg structures don't disappear from under us.  This was good enough
as long as each crypto_alg came from exactly one module.

However, with parameterised crypto algorithms a crypto_alg object may need
two or more modules to operate.  This means that we need to count the
references to the crypto_alg object directly.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

Previously the __aligned__ attribute was added to the crypto_tfm context
member to ensure it is alinged correctly on architectures such as arm.
Unfortunately kmalloc does not use the same minimum alignment rules as
gcc so this is useless.

This patch changes it to use kmalloc's minimum alignment.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>

Add a bus for the adjunct processor interface. Up to 64 devices can
be connect to the ap bus interface, each device with 16 domains. That
makes 1024 message queues. The interface is asynchronous, the answer
to a message sent to a queue needs to be received at some later point
in time. Unfortunately the interface does not provide interrupts when
a message reply is pending. So the ap bus needs to implement some
fancy polling, each active queue is polled once per 1/HZ second or
continuously if an idle cpus exsists and the poll thread is activ
(see poll_thread parameter).

The ap bus uses the sysfs path /sys/bus/ap and has two bus attributes,
ap_domain and config_time. The ap_domain selects one of the 16 domains
to be used for this system. This limits the maximum number of ap devices
to 64. The config_time attribute contains the number of seconds between
two ap bus scans to find new devices.

The ap bus uses the modalias entries of the form "ap:tN" to autoload
the ap driver for hardware type N. Currently known types are:
3 - PCICC, 4 - PCICA, 5 - PCIXCC, 6 - CEX2A and 7 - CEX2C.
Signed-off-by: NCornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: NRalph Wuerthner <rwuerthn@de.ibm.com>
Signed-off-by: NMartin Schwidefsky <schwidefsky@de.ibm.com>

Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>

This patch includes xt_SECMARK.h and xt_CONNSECMARK.h to the kernel
headers which are exported via 'make headers_install'.  This is needed to
allow userland code to be built correctly with these features.

Please apply, and consider for inclusion with 2.6.18 as a bugfix.
Signed-off-by: NJames Morris <jmorris@redhat.com>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>

There's useful stuff in <linux/timex.h> but <asm/timex.h> has nothing for
userspace.  Stop exporting it, and include it only from within the existing
#ifdef __KERNEL__ part of <linux/timex.h>

This fixes a 'make headers_check' failure on i386 because asm-i386/timex.h
includes both asm-i386/tsc.h and asm-i386/processor.h, neither of which are
exported to userspace.  It's not entirely clear _why_ it includes either of
these, but it does.
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

We don't need any of this crap included from the user-visible part of nfs_fs.h
-- remove it all.

In fact, we probably don't need anything but NFS_SUPER_MAGIC to be defined; is
there any need for anything else?  And magic numbers should probably move to
<linux/magic.h> rather than being strewn across various fs-specific include
files which exist in userspace for solely that purpose.

With this patch, 'make header_check' works again at least on PowerPC.
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

add support for AUDIT_PERM predicate
Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>

V4L1 support should be disabled when no CONFIG_VIDEO_V4L1_COMPAT is defined,
to allow checking for broken V4L2 ports. This is very important during the
migration phase for V4L2 API.
However, userspace apps should be capable of using both APIs, since they need
to test at runtime, via VIDIOCGCAP ioctl, if V4L1 is supported. So, when
__KERNEL__ is not defined, those ioctls and corresponding structs should be
visible.
This patch also removes the obsolete defines HAVE_V4L1 and HAVE_V4L2, that
where causing some confusion, and were replaced by CONFIG_VIDEO_V4L1_COMPAT
and CONFIG_VIDEO_V4L2.
Signed-off-by: NMauro Carvalho Chehab <mchehab@infradead.org>

The logic in nfs_direct_read_schedule and nfs_direct_write_schedule can
allow data->npages to be one larger than rpages.  This causes a page
pointer to be written beyond the end of the pagevec in nfs_read_data (or
nfs_write_data).

Fix this by making nfs_(read|write)_alloc() calculate the size of the
pagevec array, and initialise data->npages.

Also get rid of the redundant argument to nfs_commit_alloc().
Signed-off-by: NTrond Myklebust <Trond.Myklebust@netapp.com>
Cc: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

New SiS south bridge device ID is 0x966.

Next coming product will be 0x968. (Will be released in Q4, this year)

We don't make any updates to the IDE controller.
Signed-off-by: NDavid Wang <touch@sis.com>
Cc: Jeff Garzik <jeff@garzik.org>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

Rather than having two places which independently calculate the
timeout for data transfers, make it a library function instead.
Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>
Acked-by: NPierre Ossman <drzeus@drzeus.cx>

Let drivers constify MMC host method operations tables,
moving them from ".data" to ".rodata".
Signed-off-by: NDavid Brownell <dbrownell@users.sourceforge.net>
Acked-by: NPierre Ossman <drzeus@drzeus.cx>
Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>

linux/device.h header is not included in the David Woodhouse's
kernel-headers git tree which is used for userspace kernel headers.  Which
results in compile errors when building iproute2.  Attached patch moves
linux/device.h include under the #ifdef __KERNEL__ section.
Signed-off-by: NIsmail Donmez <ismail@pardus.org.tr>
Signed-off-by: NDavid Woodhouse <dwmw2@infradead.org>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>

Frank v.  Waveren pointed out that on 64bit machines the timespec to
ktime_t conversion might overflow.  This is also true for timeval to
ktime_t conversions.  This breaks a "sleep inf" on 64bit machines.

While a timespec/timeval with tx.sec = MAX_LONG is valid by specification
the internal representation of ktime_t is based on nanoseconds.  The
conversion of seconds to nanoseconds overflows for seconds values >=
(MAX_LONG / NSEC_PER_SEC).

Check the seconds argument to the conversion and limit it to the maximum
time which can be represented by ktime_t.
Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Frank v Waveren <fvw@var.cx>
Signed-off-by: NAndrew Morton <akpm@osdl.org>
Signed-off-by: NLinus Torvalds <torvalds@osdl.org>