[ARM] 4474/1: Do not check the PSR_F_BIT in valid_user_regs
When running Linux in non-secure mode (on ARM1176 for example),
depending on the CP15 secure configuration register, the CPSR.F bit
(6) might only be modified from the secure mode. However, the
valid_user_regs() function checks for this bit being cleared. With
commit a6c61e9d, a SIGSEGV is forced in handle_signal() if the user
registers are not considered valid.
The patch also ensures that the CPSR.A bit is cleared and the USR mode
is set if the CPU does not support the 26bit user mode.
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Russell King [Tue, 15 May 2007 09:39:49 +0000 (10:39 +0100)]
[ARM] pxa: move device registration into CPU-specific file
This allows individual CPU support to determine which platform
devices should be registered. Also fix a copy-n-paste bug in
the I2C power platform device entry.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Russell King [Wed, 27 Jun 2007 08:57:32 +0000 (09:57 +0100)]
[ARM] pxa: remove boot time RTC initialisation
The RTC library code contains everything necessary to set the
system time from the RTC; for similar reasons as the previous
commit, it's far better to let the RTC library code sort this
out rather than implement something which might not be
appropriate for everyone.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Russell King [Wed, 27 Jun 2007 08:56:05 +0000 (09:56 +0100)]
[ARM] pxa: stop doing our own rtc management over suspend
Remove the RTC management over a suspend/resume cycle. Firstly,
we may not be using the internal RTC for time keeping; some
platforms have an external RTC for this inspite of the PXA having
an internal RTC. Secondly, the RTC library code handles updating
system time on resume.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Eric Miao [Fri, 22 Jun 2007 04:40:17 +0000 (05:40 +0100)]
[ARM] 4451/1: pxa: make dma.c generic and remove cpu specific dma code
Since the number of dma channels varies between pxa25x and pxa27x, it
introduces some specific code in dma.c. This patch moves the specific
code to pxa25x.c and pxa27x.c and makes dma.c more generic.
1. add pxa_init_dma() for dma initialization, the number of channels
are passed in by the argument
2. add a "prio" field to the "struct pxa_dma_channel" for the channel
priority, and is initialized in pxa_init_dma()
3. use a general priority comparison with the channels "prio" field so
to remove the processor specific pxa_for_each_dma_prio macro, this
is not lightning fast as the original one, but it is acceptable as
it happens when requesting dma, which is usually not so performance
critical
Signed-off-by: eric miao <eric.miao@marvell.com> Acked-by: Nicolas Pitre <nico@cam.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Eric Miao [Wed, 6 Jun 2007 05:49:59 +0000 (06:49 +0100)]
[ARM] 4440/1: PXA: enable the checking of ICIP2 for IRQs
ICIP2 is not examined during IRQ entrance, this patch add the
checking if the processor is PXA27x or later, with CoreG bits
in CPUID (Core Generation) > 1
Signed-off-by: eric miao <eric.miao@marvell.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Eric Miao [Wed, 6 Jun 2007 05:45:18 +0000 (06:45 +0100)]
[ARM] 4438/1: PXA: remove #ifdef .. #endif from pxa_gpio_demux_handler()
1. use GPIO_IRQ_mask[] to select those bits of interest, actually
only those "unmasked" GPIO IRQs with their corresponding bits
in GPIO_IRQ_mask[] set to "1" should be checked
2. remove #ifdef PXA_LAST_GPIO > 96 .. #endif, GPIO_IRQ_mask[]
is used to mask out the irrelevant bits, so that even though
the GEDR3 on PXA25x is reserved, it will be masked, and the
following code will never run. Another point is that GPIO85-
GPIO95 bits within GEDR2 will also be masked out on PXA25x
Signed-off-by: eric miao <eric.miao@marvell.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Eric Miao [Wed, 6 Jun 2007 05:32:38 +0000 (06:32 +0100)]
[ARM] 4435/1: PXA: remove PXA_INTERNAL_IRQS
1. define PXA_GPIO_IRQ_BASE to be right after the internal IRQs,
and define PXA_GPIO_IRQ_NUM to be 128 for all PXA2xx variants
2. make the code specific to the high IRQ numbers (32..64) to be
PXA27x specific
3. add a function pxa_init_irq_high() to initialize the internal
high IRQ chip, the invoke of this function could be moved to
PXA27x specific initialization code
Signed-off-by: eric miao <eric.miao@marvell.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Eric Miao [Wed, 6 Jun 2007 05:22:20 +0000 (06:22 +0100)]
[ARM] 4434/1: PXA: remove PXA_IRQ_SKIP
1. PXA_IRQ_SKIP is defined to be 7 on PXA25x so that the first IRQ
starts from zero. This makes IRQ numbering inconsistent between
PXA25x and PXA27x. Remove this macro so that the same IRQ_XXXXX
definition has the same value on both PXA25x and PXA27x.
2. make IRQ_SSP3..IRQ_PWRI2C valid only if PXA27x is defined, this
avoids unintentional use of these macros on PXA25x
Signed-off-by: eric miao <eric.miao@marvell.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
the checking of the suspend type in the 'prepare' method is the
wrong place to do this; use the 'valid' method instead. This
means that pxa_pm_prepare() can be entirely removed.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Russell King [Tue, 15 May 2007 10:16:10 +0000 (11:16 +0100)]
[ARM] pxa: move pm_ops structure into CPU specific files
Move the pm_ops structure into the PXA25x and PXA27x support
files. Remove the old pxa_pm_prepare() function, and rename
the both pxa_cpu_pm_prepare() functions as pxa_pm_prepare().
We'll fix that later.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Russell King [Tue, 15 May 2007 10:03:24 +0000 (11:03 +0100)]
[ARM] pxa: remove useless pxa_pm_finish() function
pxa_pm_finish() does nothing but return zero. The core code
does nothing with this return value, and will not try to call
the finish method in the pm_ops structure if it is NULL.
Therefore, we can remove this useless function.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Domen Puncer [Thu, 12 Jul 2007 12:12:31 +0000 (14:12 +0200)]
i2c-mpc: work around missing-9th-clock-pulse bug
Work around a problem reported on:
http://ozlabs.org/pipermail/linuxppc-embedded/2005-July/019038.html
Without this patch I2C on mpc5200 becomes unusable after a while.
Tested on mpc5200 boards by Matthias Fechner and me.
Signed-off-by: Domen Puncer <domen.puncer@telargo.com> Signed-off-by: Jean Delvare <khali@linux-fr.org>
Jean Delvare [Thu, 12 Jul 2007 12:12:31 +0000 (14:12 +0200)]
i2c/tsl2550: Speed up initialization
There's some redundancy in the tsl2550 initialization sequence. It is
powering up the device twice, and setting the operating mode twice
too. Setting things just once saves SMBus transactions, which aren't
always cheap, speeding up the device initialization.
Signed-off-by: Jean Delvare <khali@linux-fr.org> Cc: Rodolfo Giometti <giometti@linux.it>
i2c-i801: Use the internal 32-byte buffer on ICH4+
Add an ability to utilize the internal SRAM buffer on ICH4
and newer host controllers to speed up execution of block operations.
I've split the code so that it is more clear which block transaction is
performed.
First of all the host controller's type is identified. isich4 is set when
we think that the controller has the internal buffer. Then, before every
block transaction, if isich4 is set, we attempt to enable the E32B bit in
SMBAUXCTL register.
Signed-off-by: Oleg Ryjkov <olegr@google.com> Signed-off-by: Jean Delvare <khali@linux-fr.org>
* Use defines instead of raw numbers for register bits
* Fix several wrong indentations and trailing whitespace
* Move hwpec timeout checking to a separate function
Signed-off-by: Oleg Ryjkov <olegr@google.com> Signed-off-by: Jean Delvare <khali@linux-fr.org>
Martin Michlmayr [Thu, 12 Jul 2007 12:12:30 +0000 (14:12 +0200)]
i2c-iop3xx: Switch to static adapter numbering
Update the IOP3xx I2C driver to use i2c_add_numbered_adapter(), so that
later patches can convert boards to using new-style drivers.
Signed-off-by: Martin Michlmayr <tbm@cyrius.com> Tested-by: Voipio Riku <Riku.Voipio@movial.fi> Cc: Dan J Williams <dan.j.williams@intel.com> Signed-off-by: Jean Delvare <khali@linux-fr.org>
Jean Delvare [Thu, 12 Jul 2007 12:12:30 +0000 (14:12 +0200)]
i2c-sis5595: Resolve resource conflict with sis5595
Let the i2c-sis5595 driver release its PCI device after registering.
This is to allow the sis5595 hardware monitoring driver to also
access this PCI device. The same trick is already used in the
i2c-viapro and via686a drivers to let them both load.
Grant Likely [Thu, 12 Jul 2007 12:12:29 +0000 (14:12 +0200)]
i2c-mpc: Use i2c_add_numbered_adapter
Move the i2c-mpc driver over to using the new i2c infrastructure.
Specifically, it now uses i2c_add_numbered_adapter so that the bus number
can be determined ahead of time and used to register i2c clients before
the bus is instantiated.
Tested on an MPC5200 based board
Signed-off-by: Grant Likely <grant.likely@secretlab.ca> Signed-off-by: Jean Delvare <khali@linux-fr.org>
Convert the Marvell mv64xxx I2C driver to use the new i2c infrastructure,
by calling i2c_add_numbered_adapter(). This allows clients to be
registered before the bus is instantiated.
Signed-off-by: Dale Farnsworth <dale@farnsworth.org> Acked-by: Mark A. Greer <mgreer@mvista.com> Signed-off-by: Jean Delvare <khali@linux-fr.org>
Jean Delvare [Thu, 12 Jul 2007 12:12:29 +0000 (14:12 +0200)]
i2c: Fix the i2c_smbus_read_i2c_block_data() prototype
Let the drivers specify how many bytes they want to read with
i2c_smbus_read_i2c_block_data(). So far, the block count was
hard-coded to I2C_SMBUS_BLOCK_MAX (32), which did not make much sense.
Many driver authors complained about this before, and I believe it's
about time to fix it. Right now, authors have to do technically stupid
things, such as individual byte reads or full-fledged I2C messaging,
to work around the problem. We do not want to encourage that.
I even found that some bus drivers (e.g. i2c-amd8111) already
implemented I2C block read the "right" way, that is, they didn't
follow the old, broken standard. The fact that it was never noticed
before just shows how little i2c_smbus_read_i2c_block_data() was used,
which isn't that surprising given how broken its prototype was so far.
There are some obvious compatiblity considerations:
* This changes the i2c_smbus_read_i2c_block_data() prototype. Users
outside the kernel tree will notice at compilation time, and will
have to update their code.
* User-space has access to i2c_smbus_xfer() directly using i2c-dev, so
the changed expectations would affect tools such as i2cdump. In order
to preserve binary compatibility, we give I2C_SMBUS_I2C_BLOCK_DATA
a new numeric value, and define I2C_SMBUS_I2C_BLOCK_BROKEN with the
old numeric value. When i2c-dev receives a transaction with the
old value, it can convert it to the new format on the fly.
Jean Delvare [Thu, 12 Jul 2007 12:12:29 +0000 (14:12 +0200)]
i2c: Deprecate legacy RTC drivers
We have a new RTC subsystem with better drivers.
Legacy driver status:
* ds1337: The DS1337 and DS1339 are now supported by the rtc-ds1307
driver, so it looks to me like we could even delete the ds1337
driver right away.
* ds1374: Will soon be replaced with Scott Wood's rtc-ds1374 driver.
* m41t00: The M41T00 is supported by the rtc-ds1307 driver. For the
M41T81 and M41T85, the rtc-m41t80 driver written by Atsushi Nemoto
should work.
Signed-off-by: Jean Delvare <khali@linux-fr.org> Cc: Alessandro Zummo <a.zummo@towertech.it> Acked-by: Mark A. Greer <mgreer@mvista.com> Acked-by: James Chapman <jchapman@katalix.com> Cc: Randy Vinson <rvinson@mvista.com>
George G. Davis [Tue, 26 Jun 2007 00:38:27 +0000 (01:38 +0100)]
[ARM] 4453/1: Fully Decode ARM instruction set state in show_regs() tombstone
The ARM show_regs() tombstone only partially decodes which ARM ISA was
executing at the time a fault occurred displaying either "(T)" for the
Thumb case or nothing at all for other cases. This patch therefore
explicitly identifies which state the processor is in at the time of
a fault: ARM, Thumb, Jazelle or JazelleEE.
Signed-off-by: George G. Davis <gdavis@mvista.com> Acked-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Bill Gatliff [Thu, 31 May 2007 21:02:22 +0000 (22:02 +0100)]
[ARM] 4423/1: add ATAGS support
Examines the ATAGS pointer (r2) at boot, and interprets
a nonzero value as a reference to an ATAGS structure. A
suitable ATAGS structure replaces the kernel's command line.
Signed-off-by: Bill Gatliff <bgat@billgatliff.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Catalin Marinas [Fri, 1 Jun 2007 16:14:53 +0000 (17:14 +0100)]
[ARM] 4393/2: ARMv7: Add uncompressing code for the new CPU Id format
The current arch/arm/boot/compressed/head.S code only supports cores
to ARMv6 with the old CPU Id format. This patch adds support for the
new ARMv6 with the new CPU Id and ARMv7 cores that no longer have the
ARMv4 cache operations.
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Russell King [Sun, 3 Jun 2007 17:54:42 +0000 (18:54 +0100)]
[ARM] riscpc: fix decompressor font file handling
font_acorn_8x8.o was being built in drivers/video/console/ twice
during a build _in the same location_ - once for the kernel proper,
and once for the decompressor. The result is when you came to run an
install target, the kernel was always rebuilt due to this file
apparantly having been built with different compiler arguments.
Solve this by making a local copy at build time in the decompressor's
directory.
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
[ARM] 4407/1: Remove in-kernel mach id setting for gtwx5715 ixp4xx board
If MACH_GTWX5715 is set in Kconfig, this code sets the mach id
automatically. Howeber, this means that any IXP4xx kernel which
is setup to support the gtwx5715 board will not successfully boot
on any other board.
If the bootloader sets the wrong mach id, it should be set correctly
by a kernel shim.
Signed-off-by: Michael-Luke Jones <mlj28@cam.ac.uk> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
[ARM] 4408/2: Fixup support for gtwx5715 ixp4xx board
This patch fixes up compiling of the gtwx5715 board setup code,
which has apparently been broken since 2.6.18 and the generic
IRQ changes. In addition it removes some unecessary extern
declarations in the gtwx5715-pci.c file.
Signed-off-by: Michael-Luke Jones <mlj28@cam.ac.uk> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Imre Kaloz [Sat, 2 Jun 2007 14:47:51 +0000 (15:47 +0100)]
[ARM] 4426/2: Netgear WG302 v2 and WAG302 v2 support
This patch provides support for the Netgear WG302 v2 and WAG302 v2 AccessPoint series.
This patch relies on the patch "Gateway 7001 series support" minimally, as they only have UART2 connected.
Updated to stay below the 80 char limit in uncompress.h
Signed-off-by: Imre Kaloz <kaloz@openwrt.org> Signed-off-by: Deepak Saxena <dsaxena@mvista.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Imre Kaloz [Sat, 2 Jun 2007 14:44:08 +0000 (15:44 +0100)]
[ARM] 4425/2: Gateway 7001 series support
This patch provides support for the Gateway 7001 AccessPoint series.
Updated to stay below the 80 char limit in uncompress.h
Signed-off-by: Imre Kaloz <kaloz@openwrt.org> Signed-off-by: Deepak Saxena <dsaxena@mvista.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Vladimir Barinov [Wed, 16 May 2007 19:39:02 +0000 (20:39 +0100)]
[ARM] 4385/2: ixdp425: NAND support
IXDP425 NAND support (arch specific part).
The generic platform driver that is used by ixdp425 platfrom is already
in upstream kernel in 2.6.22-rc1.
Signed-off-by: Vladimir Barinov <vbarinov@ru.mvista.com> Signed-off-by: Ruslan Sushko <rsushko@ru.mvista.com> Signed-off-by: Deepak Saxena <dsaxena@mvista.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Dan Williams [Wed, 6 Jun 2007 16:51:21 +0000 (17:51 +0100)]
[ARM] 4429/2: iop13xx: expose the 'iop' attribute versions of the tpmi control registers
The tpmi control registers can be accessed on the internal bus via an
address with PCI attributes or IOP attributes (i.e. read-only,
read-write... etc). The sas driver needs access to the iop-attribute
registers for initialization.
Changelog:
* use ARRAY_SIZE for num_resources, Russell King
Signed-off-by: Dan Williams <dan.j.williams@intel.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Pavel Pisa [Sun, 13 May 2007 16:37:33 +0000 (17:37 +0100)]
[ARM] 4374/3: i.MX/MX1 clock event source
Support clock event source based on i.MX general purpose
timer in free running timer mode.
Signed-off-by: Pavel Pisa <pisa@cmp.felk.cvut.cz> Acked-by: Thomas Gleixner <tglx@linutronix.de> Acked-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Pavel Pisa [Sat, 12 May 2007 13:31:17 +0000 (14:31 +0100)]
[ARM] 4373/1: i.MX/MX1 GPIO support implementation
Support for generic input output for MX1 family.
The implementation prevents allocation of one pin
by two users, but does not store pointer to the user
description permanently, because this solution
would have bigger memory overhead.
The simple way to integrate code with per BSP
pins setup and allocation is required else all GPIO
registration checking is useless. The function
imx_gpio_setup_multiple_pins() can be used for this
purpose in future.
Signed-off-by: Pavel Pisa <pisa@cmp.felk.cvut.cz> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Greg Ungerer [Mon, 4 Jun 2007 05:46:26 +0000 (06:46 +0100)]
[ARM] 4428/1: modify at91 includes to handle non-MMU at91x40 family
Modify the common at91 hardware support to deal with the non-MMU
at91x40 family. The base RAM (which is most likely not DRAM) is
set to the configured value. Virtual IO device mapping is set
to be 1 to 1 with the physical addresses.
Signed-off-by: Greg Ungerer <gerg@uclinux.org> Acked-by: Andrew Victor <andrew@sanpeople.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Greg Ungerer [Mon, 4 Jun 2007 05:45:38 +0000 (06:45 +0100)]
[ARM] 4427/1: base Atmel at91x40 architecture defines
Base at91x40 architecture support defines. These parts are somewhat
simpler than the ARM9 Atmel based parts.
Signed-off-by: Greg Ungerer <gerg@uclinux.org> Acked-by: Andrew Victor <andrew@sanpeople.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Greg Ungerer [Fri, 18 May 2007 05:28:01 +0000 (06:28 +0100)]
[ARM] 4391/1: make at91 debug unit support optional
The AT91x40 family doesn't have the debug unit like its bigger brothers.
But it does have the ID and extension registers (with the bit meanings
the same). Reorganize at91_dbgu.h to cater for this.
This also affects the load uncompressor, since it outputs to the
debug port.
Signed-off-by: Greg Ungerer <gerg@uclinux.org> Acked-by: Andrew Victor <andrew@sanpeople.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Andrew Victor [Mon, 14 May 2007 14:08:21 +0000 (15:08 +0100)]
[ARM] 4379/1: AT91: LCD support on SAM9261-EK and SAM9263-EK boards
Add board-specific setup for the LCD on the Atmel AT91SAM9261-EK and
AT91SAM9263-EK boards.
Signed-off-by: Nicolas Ferre <nicolas.ferre@rfo.atmel.com> Signed-off-by: Andrew Victor <andrew@sanpeople.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Ben Dooks [Wed, 11 Jul 2007 10:10:42 +0000 (11:10 +0100)]
[ARM] 4469/1: ANUBIS: large page NAND support
Add support for the partition layour used on the
revision B modules which ship with large page NAND
flash as default.
The differnce between the old and new layouts is that
the large page devices use 128KiB blocks, so the
initial loader partition now ends at 128KiB boundary
pushing the begining of partition 1 up. The rest of
the partitions are in the same place as the small page
NAND devices.
Signed-off-by: Ben Dooks <ben-linux@fluff.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Vladimir Barinov [Tue, 10 Jul 2007 12:10:04 +0000 (13:10 +0100)]
[ARM] 4432/5: davinci: pin mux support
Support pin multiplexing configurations driver for TI DaVinci SoC
Signed-off-by: Vladimir Barinov <vbarinov@ru.mvista.com> Acked-by: Kevin Hilman <khilman@mvista.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Vladimir Barinov [Tue, 10 Jul 2007 12:03:43 +0000 (13:03 +0100)]
[ARM] 4457/2: davinci: GPIO support
Support GPIO driver for TI DaVinci SoC
Signed-off-by: Vladimir Barinov <vbarino@ru.mvista.com> Acked-by: David Brownell <david-b@pacbell.net> Acked-by: Kevin Hilman <khilman@mvista.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Vladimir Barinov <vbarinov@ru.mvista.com> Signed-off-by: Kevin Hilman <khilman@mvista.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Mike Frysinger [Thu, 12 Jul 2007 06:35:15 +0000 (14:35 +0800)]
Blackfin arch: as pointed out by Robert P. J. Day, update the CPU_FREQ name to match current Kconfig
Cc: Robert P. J. Day <rpjday@mindspring.com> Signed-off-by: Mike Frysinger <michael.frysinger@analog.com> Signed-off-by: Bryan Wu <bryan.wu@analog.com>
Paul Moore [Fri, 29 Jun 2007 15:48:16 +0000 (11:48 -0400)]
SELinux: use SECINITSID_NETMSG instead of SECINITSID_UNLABELED for NetLabel
These changes will make NetLabel behave like labeled IPsec where there is an
access check for both labeled and unlabeled packets as well as providing the
ability to restrict domains to receiving only labeled packets when NetLabel
is in use. The changes to the policy are straight forward with the
following necessary to receive labeled traffic (with SECINITSID_NETMSG
defined as "netlabel_peer_t"):
These policy changes, as well as more general NetLabel support, are included
in the SELinux Reference Policy SVN tree, r2352 or later. Users who enable
NetLabel support in the kernel are strongly encouraged to upgrade their
policy to avoid network problems.
Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
Eric Paris [Thu, 28 Jun 2007 19:55:21 +0000 (15:55 -0400)]
security: Protection for exploiting null dereference using mmap
Add a new security check on mmap operations to see if the user is attempting
to mmap to low area of the address space. The amount of space protected is
indicated by the new proc tunable /proc/sys/vm/mmap_min_addr and defaults to
0, preserving existing behavior.
This patch uses a new SELinux security class "memprotect." Policy already
contains a number of allow rules like a_t self:process * (unconfined_t being
one of them) which mean that putting this check in the process class (its
best current fit) would make it useless as all user processes, which we also
want to protect against, would be allowed. By taking the memprotect name of
the new class it will also make it possible for us to move some of the other
memory protect permissions out of 'process' and into the new class next time
we bump the policy version number (which I also think is a good future idea)
Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Stephen Smalley [Thu, 7 Jun 2007 19:34:10 +0000 (15:34 -0400)]
SELinux: allow preemption between transition permission checks
In security_get_user_sids, move the transition permission checks
outside of the section holding the policy rdlock, and use the AVC to
perform the checks, calling cond_resched after each one. These
changes should allow preemption between the individual checks and
enable caching of the results. It may however increase the overall
time spent in the function in some cases, particularly in the cache
miss case.
The long term fix will be to take much of this logic to userspace by
exporting additional state via selinuxfs, and ultimately deprecating
and eliminating this interface from the kernel.
Tested-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
Eric Paris [Mon, 4 Jun 2007 21:41:22 +0000 (17:41 -0400)]
selinux: introduce schedule points in policydb_destroy()
During the LSPP testing we found that it was possible for
policydb_destroy() to take 10+ seconds of kernel time to complete.
Basically all policydb_destroy() does is walk some (possibly long) lists
and free the memory it finds. Turning off slab debugging config options
made the problem go away since the actual functions which took most of
the time were (as seen by oprofile)
were caused by that. So I decided to also add some voluntary schedule
points in that code so config voluntary preempt would be enough to solve
the problem. Something similar was done in places like
shmem_free_pages() when we have to walk a list of memory and free it.
This was tested by the LSPP group on the hardware which could reproduce
the problem just loading a new policy and was found to not trigger the
softlock detector. It takes just as much processing time, but the
kernel doesn't spend all that time stuck doing one thing and never
scheduling.
Someday a better way to handle memory might make the time needed in this
function a lot less, but this fixes the current issue as it stands
today.
Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>