| Age | Commit message (Collapse) | Author |
|---|
|
This change ensures that concurrent device access including ramdisk
storage, protection info, and provisioning map by read, write, and
unmap commands are protected with atomic_rw spinlock.
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Reviewed-by: Douglas Gilbert <dgilbert@interlog.com>
Reviewed-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
|
|
Add power sensor chip ina220 node in dts to support
power monitor
Signed-off-by: Tang Yuantian <Yuantian.Tang@freescale.com>
Signed-off-by: Scott Wood <scottwood@freescale.com>
|
|
cgroup_taskset is used to track and iterate target tasks while
migrating a task or process and should guarantee that the first task
iterated is the task group leader if a process is being migrated.
b3dc094e9390 ("cgroup: use css_set->mg_tasks to track target tasks
during migration") replaced flex array cgroup_taskset->tc_array with
css_set->mg_tasks list to remove process size limit and dynamic
allocation during migration; unfortunately, it incorrectly used list
operations which don't preserve order breaking the guarantee that
cgroup_taskset_first() returns the leader for a process target.
Fix it by using order preserving list operations. Note that as
multiple src_csets may map to a single dst_cset, the iteration order
may change across cgroup_task_migrate(); however, the leader is still
guaranteed to be the first entry.
The switch to list_splice_tail_init() at the end of cgroup_migrate()
isn't strictly necessary. Let's still do it for consistency.
Signed-off-by: Tejun Heo <tj@kernel.org>
|
|
Commit 20d8435a1cff (phy: micrel: add of configuration for LED mode) made the
obvious mistake when masking off the LED mode bits: forgot to do a logical NOT
to the mask with which it ANDs the register value, so that unrelated bits are
cleared instead.
Signed-off-by: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com>
Acked-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Acked-by: Ben Dooks <ben.dooks@codethink.co.uk>
Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
In Secure Connections Only mode, it is required that Secure Connections
is used for pairing and that the link key is encrypted with AES-CCM using
a P-256 authenticated combination key. If this is not the case, then new
connection shall be refused or existing connections shall be dropped.
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
|
|
BLK_MQ_F_* flags are for hctx->flags, and are non-atomic and
set at registration time. BLK_MQ_S_* flags are dynamic and
atomic, and are accessed through hctx->state.
Some of the BLK_MQ_S_STOPPED uses were wrong. Additionally,
the header file should not use a bit shift for the _S_ flags,
as they are done through the set/test_bit functions.
Signed-off-by: Jens Axboe <axboe@fb.com>
|
|
git://anongit.freedesktop.org/drm-intel into drm-fixes
two more fixes, both regressions.
* tag 'drm-intel-fixes-2014-03-19' of git://anongit.freedesktop.org/drm-intel:
drm/i915: Disable stolen memory when DMAR is active
Revert "drm/i915: don't touch the VDD when disabling the panel"
|
|
The MPC7448HPC2 and PPC_HOLLY config options contain TSI108_BRIDGE
duplicates since commit:
commit 3490cba56f7f8a78ef4c94814c3181f09ce1e2ef
Author: Jon Loeliger <jdl@jdl.com>
Date: Wed Jan 23 12:42:50 2008 -0600
[POWERPC] Add initial iomega StorCenter board port.
This patch cleans these duplicates.
Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
Signed-off-by: Scott Wood <scottwood@freescale.com>
|
|
* pci/resource: (26 commits)
Revert "[PATCH] Insert GART region into resource map"
PCI: Log IDE resource quirk in dmesg
PCI: Change pci_bus_alloc_resource() type_mask to unsigned long
PCI: Check all IORESOURCE_TYPE_BITS in pci_bus_alloc_from_region()
resources: Set type in __request_region()
PCI: Don't check resource_size() in pci_bus_alloc_resource()
s390/PCI: Use generic pci_enable_resources()
tile PCI RC: Use default pcibios_enable_device()
sparc/PCI: Use default pcibios_enable_device() (Leon only)
sh/PCI: Use default pcibios_enable_device()
microblaze/PCI: Use default pcibios_enable_device()
alpha/PCI: Use default pcibios_enable_device()
PCI: Add "weak" generic pcibios_enable_device() implementation
PCI: Don't enable decoding if BAR hasn't been assigned an address
PCI: Mark 64-bit resource as IORESOURCE_UNSET if we only support 32-bit
PCI: Don't try to claim IORESOURCE_UNSET resources
PCI: Check IORESOURCE_UNSET before updating BAR
PCI: Don't clear IORESOURCE_UNSET when updating BAR
PCI: Mark resources as IORESOURCE_UNSET if we can't assign them
PCI: Remove pci_find_parent_resource() use for allocation
...
|
|
* pci/misc:
PCI: Enable INTx in pci_reenable_device() only when MSI/MSI-X not enabled
|
|
For PEXCSRBAR, bit 3-0 indicate prefetchable and address type.
So when getting base address, these bits should be masked,
otherwise we may get incorrect base address.
Signed-off-by: Minghuan Lian <Minghuan.Lian@freescale.com>
Signed-off-by: Scott Wood <scottwood@freescale.com>
|
|
The following SoCs will be affected: p2041, p3041, p4080,
p5020, p5040, b4420, b4860, t4240
Signed-off-by: Tang Yuantian <Yuantian.Tang@freescale.com>
Signed-off-by: Li Yang <leoli@freescale.com>
Signed-off-by: Scott Wood <scottwood@freescale.com>
|
|
The USB_QUIRK_RESET flag indicates that a USB device changes its
identity in some way when it is reset. It may lose its firmware, its
descriptors may change, or it may switch back to a default mode of
operation.
If a device does this, the kernel needs to avoid resetting it. Resets
are likely to fail, or worse, succeed while changing the device's
state in a way the system can't detect.
This means we should disable the reset-resume mechanism whenever this
quirk flag is present. An attempted reset-resume will fail, the
device will be logically disconnected, and later on the hub driver
will rediscover and re-enumerate the device. This will cause the
appropriate udev events to be generated, so that userspace will have a
chance to switch the device into its normal operating mode, if
necessary.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
CC: Oliver Neukum <oliver@neukum.org>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This reverts commit 56dd669a138c, which makes the GART visible in
/proc/iomem. This fixes a regression: e501b3d87f00 ("agp: Support 64-bit
APBASE") exposed an existing problem with a conflict between the GART
region and a PCI BAR region.
The GART addresses are bus addresses, not CPU addresses, and therefore
should not be inserted in iomem_resource.
On many machines, the GART region is addressable by the CPU as well as by
an AGP master, but CPU addressability is not required by the spec. On some
of these machines, the GART is mapped by a PCI BAR, and in that case, the
PCI core automatically inserts it into iomem_resource, just as it does for
all BARs.
Inserting it here means we'll have a conflict if the PCI core later tries
to claim the GART region, so let's drop the insertion here.
The conflict indirectly causes X failures, as reported by Jouni in the
bugzilla below. We detected the conflict even before e501b3d87f00, but
after it the AGP code (fix_northbridge()) uses the PCI resource (which is
zeroed because of the conflict) instead of reading the BAR again.
Conflicts:
arch/x86_64/kernel/aperture.c
Fixes: e501b3d87f00 agp: Support 64-bit APBASE
Link: https://bugzilla.kernel.org/show_bug.cgi?id=72201
Reported-and-tested-by: Jouni Mettälä <jtmettala@gmail.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
|
|
Make a note in dmesg when we overwrite legacy IDE BAR info. We previously
logged something like this:
pci 0000:00:1f.1: reg 0x10: [io 0x0000-0x0007]
and then silently overwrote the resource. There's an example in the
bugzilla below. This doesn't fix the bugzilla; it just makes what's going
on more obvious.
No functional change; merely adds some dev_info() calls.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=48451
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
|
|
The pci_bus_alloc_resource() "type_mask" parameter is used to compare with
the "flags" member of a struct resource, so it should be the same type,
namely "unsigned long".
No functional change because all current IORESOURCE_* flags fit in 32 bits.
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
|
|
When allocating space from a bus resource, i.e., from apertures leading to
this bus, make sure the entire resource type matches. The previous code
assumed the IORESOURCE_TYPE_BITS field was a bitmask with only a single bit
set, but this is not true. IORESOURCE_TYPE_BITS is really an enumeration,
and we have to check all the bits.
See 72dcb1197228 ("resources: Add register address resource type").
No functional change. If we used this path for allocating IRQs, DMA
channels, or bus numbers, this would fix a bug because those types are
indistinguishable when masked by IORESOURCE_IO | IORESOURCE_MEM. But we
don't, so this shouldn't make any difference.
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
|
|
We don't set the type (I/O, memory, etc.) of resources added by
__request_region(), which leads to confusing messages like this:
address space collision: [io 0x1000-0x107f] conflicts with ACPI CPU throttle [??? 0x00001010-0x00001015 flags 0x80000000]
Set the type of a new resource added by __request_region() (used by
request_region() and request_mem_region()) to the type of its parent. This
makes the resource tree internally consistent and fixes messages like the
above, where the ACPI CPU throttle resource really is an I/O port region,
but request_region() didn't fill in the type, so %pR didn't know how to
print it.
Sample dmesg showing the issue at the link below.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=71611
Reported-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
|
|
Paul reported that after f75b99d5a77d ("PCI: Enforce bus address limits in
resource allocation") on a 32-bit kernel (CONFIG_PHYS_ADDR_T_64BIT not
set), intel-gtt complained "can't ioremap flush page - no chipset
flushing". In addition, other PCI resource allocations, e.g., for bridge
windows, failed.
This happens because we incorrectly skip bus resources of
[mem 0x00000000-0xffffffff] because we think they are of size zero.
When resource_size_t is 32 bits wide, resource_size() on
[mem 0x00000000-0xffffffff] returns 0 because (r->end - r->start + 1)
overflows.
Therefore, we can't use "resource_size() == 0" to decide that allocation
from this resource will fail. allocate_resource() should fail anyway if it
can't satisfy the address constraints, so we should just depend on that.
A [mem 0x00000000-0xffffffff] bus resource is obviously not really valid,
but we do fall back to it as a default when we don't have information about
host bridge apertures.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=71611
Fixes: f75b99d5a77d PCI: Enforce bus address limits in resource allocation
Reported-and-tested-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
|
|
The generic pci_enable_resources() does essentially the same thing as the
code in the s390 version of pcibios_enable_device().
There are differences, but I don't think any of them are a problem. The
generic code:
- Checks everything up to PCI_NUM_RESOURCES, not PCI_BAR_COUNT (6), so
we'll now check the ROM resource, IOV resources, and bridge windows.
- Checks for res->flags & IORESOURCE_UNSET. The s390 code never sets
IORESOURCE_UNSET, so this isn't a problem.
- Checks res->parent. The s390 pcibios_add_device() calls
pci_claim_resource() on all BARs (except ROM, IOV, and bridge windows)
so this isn't a problem either.
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Acked-by: Sebastian Ott <sebott@linux.vnet.ibm.com>
|
|
We don't need anything arch-specific in pcibios_enable_device(), so drop
the arch implementation and use the default generic one.
Note: pci_enable_resources() checks that r->parent is non-NULL, which
basically checks that pci_claim_resource() or request_resource() has been
called for each BAR. I don't see where that happens for tile, but this
patch doesn't change that behavior, so if it worked before, it should still
work.
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Acked-by: Chris Metcalf <cmetcalf@tilera.com>
|
|
We don't need anything arch-specific in pcibios_enable_device() so drop
the arch implementation and use the default generic one.
Note that sparc has two pcibios_enable_device() implementations other than
the one removed here.
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
CC: Daniel Hellstrom <daniel@gaisler.com
|
|
We don't need anything arch-specific in pcibios_enable_device(), so drop
the arch implementation and use the default generic one.
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
CC: Paul Mundt <lethal@linux-sh.org>
CC: linux-sh@vger.kernel.org
|
|
We don't need anything arch-specific in pcibios_enable_device(), so drop
the arch implementation and use the default generic one.
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
CC: Michal Simek <monstr@monstr.eu>
CC: microblaze-uclinux@itee.uq.edu.au
|
|
We don't need anything arch-specific in pcibios_enable_device(), so drop
the arch implementation and use the default generic one.
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
CC: linux-alpha@vger.kernel.org
|
|
Many architectures implement pcibios_enable_device() the same way, so
provide a default implementation in the core.
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
|
|
Don't enable memory or I/O decoding if we haven't assigned or claimed the
BAR's resource.
If we enable decoding for a BAR that hasn't been assigned an address, we'll
likely cause bus conflicts. This declines to enable decoding for resources
with IORESOURCE_UNSET.
Note that drivers can use pci_enable_device_io() or pci_enable_device_mem()
if they only care about specific types of BARs. In that case, we don't
bother checking whether the corresponding resources are assigned or
claimed.
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
|
|
The RETINT macro included a goto statement which is not allowed in the
kernel.
Signed-off-by: Ken Cox <jkc@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
The FAIL macro ultimately includes a goto statement which is not allowed
in the kernel.
Signed-off-by: Ken Cox <jkc@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
The RETVOID macro contained a goto statement which is not allowed in
the kernel.
Signed-off-by: Ken Cox <jkc@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
The RETPTR macro contained a goto statement which is not allowed in
the kernel.
Signed-off-by: Ken Cox <jkc@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
The RETBOOL macro contained a goto statement which is not allowed in
the kernel.
Signed-off-by: Ken Cox <jkc@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Part of a series to get rid of goto statements embedded in macros. I'm
breaking this up into a series of smaller patches for easier review. The
later patches in the series will actually remove the goto statements.
Signed-off-by: Ken Cox <jkc@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
It is possible that pairing fails after we've already received remote
identity information. One example of such a situation is when
re-encryption using the LTK fails. In this case the hci_conn object has
already been updated with the identity address but user space does not
yet know about it (since we didn't notify it of the new IRK yet).
To ensure user space doesn't get a Pair Device command response with an
unknown address always use the same address in the response as was used
for the original command.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
|
|
Remove the following macros:
TRY
CHKFD
CHKDD
CHKFDX
CHKDDX
ADDPROCLINE
TRY_WPOSTCODE_1
TRY_WPOSTCODE_2
FAIL_WPOSTCODE_2
FAIL_WPOSTCODE_3
Part of a series to get rid of goto statements embedded in macros. I'm
breaking this up into a series of smaller patches for easier review. The later
patches in the series will actually remove the goto statements.
Signed-off-by: Ken Cox <jkc@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
The following macros were never referenced and have been removed:
DEVFROMID
DEVFROMFILE
DEVFROMINODE
DEVFROMIDX
TRY_WPOSTCODE_3
Signed-off-by: Ken Cox <jkc@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
When performing SMP pairing with MITM protection one side needs to
enter the passkey while the other side displays to the user what needs
to be entered. Nowhere in the SMP specification does it say that the
displaying side needs to any kind of confirmation of the passkey, even
though a code comment in smp.c implies this.
This patch removes the misleading comment and converts the code to use
the passkey notification mgmt event instead of the passkey confirmation
mgmt event.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
|
|
In some cases the current 250ms delay is not enough for the remote to
receive the keys, as can be witnessed by the following log:
> ACL Data RX: Handle 64 flags 0x02 dlen 21 [hci1] 231.414217
SMP: Signing Information (0x0a) len 16
Signature key: 555bb66b7ab3abc9d5c287c97fe6eb29
< ACL Data TX: Handle 64 flags 0x00 dlen 21 [hci1] 231.414414
SMP: Encryption Information (0x06) len 16
Long term key: 2a7cdc233c9a4b1f3ed31dd9843fea29
< ACL Data TX: Handle 64 flags 0x00 dlen 15 [hci1] 231.414466
SMP: Master Identification (0x07) len 10
EDIV: 0xeccc
Rand: 0x322e0ef50bd9308a
< ACL Data TX: Handle 64 flags 0x00 dlen 21 [hci1] 231.414505
SMP: Signing Information (0x0a) len 16
Signature key: bbda1b2076e2325aa66fbcdd5388f745
> HCI Event: Number of Completed Packets (0x13) plen 5 [hci1] 231.483130
Num handles: 1
Handle: 64
Count: 2
< HCI Command: LE Start Encryption (0x08|0x0019) plen 28 [hci1] 231.664211
Handle: 64
Random number: 0x5052ad2b75fed54b
Encrypted diversifier: 0xb7c2
Long term key: a336ede66711b49a84bde9b41426692e
> HCI Event: Command Status (0x0f) plen 4 [hci1] 231.666937
LE Start Encryption (0x08|0x0019) ncmd 1
Status: Success (0x00)
> HCI Event: Number of Completed Packets (0x13) plen 5 [hci1] 231.712646
Num handles: 1
Handle: 64
Count: 1
> HCI Event: Disconnect Complete (0x05) plen 4 [hci1] 232.562587
Status: Success (0x00)
Handle: 64
Reason: Remote User Terminated Connection (0x13)
As can be seen, the last key (Signing Information) is sent at 231.414505
but the completed packets event for it comes only at 231.712646,
i.e. roughly 298ms later.
To have a better margin of error this patch increases the delay to
500ms.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
|
|
This is a trivial coding style simplification by instead of having an
extra early return to instead revert the if condition and do the single
needed queue_work() call there.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
|
|
This patch fixes all the simple_strtol and simple_strtoul warnings
as reported by checkpatch. After this patch, checkpatch will report
zero errors or warnings on dgap.c.
Signed-off-by: Mark Hounschell <markh@compro.net>
Tested-by: Mark Hounschell <markh@compro.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This patch fixes checkpatch.pl warning Unnecessary parentheses in bcm
driver.
Signed-off-by: Tugce Sirin <ztugcesirin@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Fix the following checkpatch.pl warnings in wl_netdev.c:
WARNING: braces {} are not necessary for single statement blocks
Signed-off-by: Jelena Bjelja <jelena.bjelja.ing@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Fix the following checkpatch.pl issue in wl_netdev.c:
ERROR: do not use assignment in if condition
Signed-off-by: Jelena Bjelja <jelena.bjelja.ing@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Fix the following checkpatch.pl issues in wl_netdev.c:
ERROR: Macros with multiple statements should be enclosed in a do -
while loop
Signed-off-by: Jelena Bjelja <jelena.bjelja.ing@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
pointer name
Fix checkpatch.pl issues with Unnecessary space after function pointer
name in vpfe_video.h
Signed-off-by: Aybuke Ozdemir <aybuke.147@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Fix checkpatch.pl issues with
missing space after return type in /vpfe_video.h
Signed-off-by: Aybuke Ozdemir <aybuke.147@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Fix checkpatch.pl issues with quoted string split across lines in
nokia_fw-csr.c
Signed-off-by: Gulsah Kose <gulsah.1004@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This netdev op allows the PF driver to control the virtual link state of
the VF devices. This can be used to deny naughty VF drivers access to
the wire, or to allow VFs (regardless of temperament) to communicate
with each other over the device's internal switch even though external
link is down.
Add the actual ndo function, and modify vc_notify_link_state to check
the link status of each VF before sending a message in the case when
physical link changes state.
Change-ID: Ib5a6924da78c540789f21d26b5e8086d71c29384
Signed-off-by: Mitch Williams <mitch.a.williams@intel.com>
Signed-off-by: Catherine Sullivan <catherine.sullivan@intel.com>
Tested-by: Sibai Li <sibai.li@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
|
|
This patch is based on an earlier patch by Eric Paris, he describes
the problem below:
"If an inode is accessed before policy load it will get placed on a
list of inodes to be initialized after policy load. After policy
load we call inode_doinit() which calls inode_doinit_with_dentry()
on all inodes accessed before policy load. In the case of inodes
in procfs that means we'll end up at the bottom where it does:
/* Default to the fs superblock SID. */
isec->sid = sbsec->sid;
if ((sbsec->flags & SE_SBPROC) && !S_ISLNK(inode->i_mode)) {
if (opt_dentry) {
isec->sclass = inode_mode_to_security_class(...)
rc = selinux_proc_get_sid(opt_dentry,
isec->sclass,
&sid);
if (rc)
goto out_unlock;
isec->sid = sid;
}
}
Since opt_dentry is null, we'll never call selinux_proc_get_sid()
and will leave the inode labeled with the label on the superblock.
I believe a fix would be to mimic the behavior of xattrs. Look
for an alias of the inode. If it can't be found, just leave the
inode uninitialized (and pick it up later) if it can be found, we
should be able to call selinux_proc_get_sid() ..."
On a system exhibiting this problem, you will notice a lot of files in
/proc with the generic "proc_t" type (at least the ones that were
accessed early in the boot), for example:
# ls -Z /proc/sys/kernel/shmmax | awk '{ print $4 " " $5 }'
system_u:object_r:proc_t:s0 /proc/sys/kernel/shmmax
However, with this patch in place we see the expected result:
# ls -Z /proc/sys/kernel/shmmax | awk '{ print $4 " " $5 }'
system_u:object_r:sysctl_kernel_t:s0 /proc/sys/kernel/shmmax
Cc: Eric Paris <eparis@redhat.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Acked-by: Eric Paris <eparis@redhat.com>
|
|
It turns out that doing the SELinux MAC checks for mmap() before the
DAC checks was causing users and the SELinux policy folks headaches
as users were seeing a lot of SELinux AVC denials for the
memprotect:mmap_zero permission that would have also been denied by
the normal DAC capability checks (CAP_SYS_RAWIO).
Example:
# cat mmap_test.c
#include <stdlib.h>
#include <stdio.h>
#include <errno.h>
#include <sys/mman.h>
int main(int argc, char *argv[])
{
int rc;
void *mem;
mem = mmap(0x0, 4096,
PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED, -1, 0);
if (mem == MAP_FAILED)
return errno;
printf("mem = %p\n", mem);
munmap(mem, 4096);
return 0;
}
# gcc -g -O0 -o mmap_test mmap_test.c
# ./mmap_test
mem = (nil)
# ausearch -m AVC | grep mmap_zero
type=AVC msg=audit(...): avc: denied { mmap_zero }
for pid=1025 comm="mmap_test"
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tclass=memprotect
This patch corrects things so that when the above example is run by a
user without CAP_SYS_RAWIO the SELinux AVC is no longer generated as
the DAC capability check fails before the SELinux permission check.
Signed-off-by: Paul Moore <pmoore@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
|
