Pull security subsystem updates from James Morris.
Mostly ima, selinux, smack and key handling updates.
* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (65 commits)
integrity: do zero padding of the key id
KEYS: output last portion of fingerprint in /proc/keys
KEYS: strip 'id:' from ca_keyid
KEYS: use swapped SKID for performing partial matching
KEYS: Restore partial ID matching functionality for asymmetric keys
X.509: If available, use the raw subjKeyId to form the key description
KEYS: handle error code encoded in pointer
selinux: normalize audit log formatting
selinux: cleanup error reporting in selinux_nlmsg_perm()
KEYS: Check hex2bin()'s return when generating an asymmetric key ID
ima: detect violations for mmaped files
ima: fix race condition on ima_rdwr_violation_check and process_measurement
ima: added ima_policy_flag variable
ima: return an error code from ima_add_boot_aggregate()
ima: provide 'ima_appraise=log' kernel option
ima: move keyring initialization to ima_init()
PKCS#7: Handle PKCS#7 messages that contain no X.509 certs
PKCS#7: Better handling of unsupported crypto
KEYS: Overhaul key identification when searching for asymmetric keys
KEYS: Implement binary asymmetric key ID handling
...
trust validation.
format: { id:<keyid> | builtin }
+ cca= [MIPS] Override the kernel pages' cache coherency
+ algorithm. Accepted values range from 0 to 7
+ inclusive. See arch/mips/include/asm/pgtable-bits.h
+ for platform specific values (SB1, Loongson3 and
+ others).
+
ccw_timeout_log [S390]
See Documentation/s390/CommonIO for details.
Sets the size of kernel global memory area for
contiguous memory allocations and optionally the
placement constraint by the physical address range of
- memory allocations. For more information, see
+ memory allocations. A value of 0 disables CMA
+ altogether. For more information, see
include/linux/dma-contiguous.h
cmo_free_hint= [PPC] Format: { yes | no }
earlycon= [KNL] Output early console device and options.
+ cdns,<addr>
+ Start an early, polled-mode console on a cadence serial
+ port at the specified address. The cadence serial port
+ must already be setup and configured. Options are not
+ yet supported.
+
uart[8250],io,<addr>[,options]
uart[8250],mmio,<addr>[,options]
uart[8250],mmio32,<addr>[,options]
must already be setup and configured. Options are not
yet supported.
+ msm_serial,<addr>
+ Start an early, polled-mode console on an msm serial
+ port at the specified address. The serial port
+ must already be setup and configured. Options are not
+ yet supported.
+
+ msm_serial_dm,<addr>
+ Start an early, polled-mode console on an msm serial
+ dm port at the specified address. The serial port
+ must already be setup and configured. Options are not
+ yet supported.
+
smh Use ARM semihosting calls for early console.
earlyprintk= [X86,SH,BLACKFIN,ARM,M68k]
that can be changed at run time by the
set_graph_function file in the debugfs tracing directory.
+ ftrace_graph_notrace=[function-list]
+ [FTRACE] Do not trace from the functions specified in
+ function-list. This list is a comma separated list of
+ functions that can be changed at run time by the
+ set_graph_notrace file in the debugfs tracing directory.
+
gamecon.map[2|3]=
[HW,JOY] Multisystem joystick and NES/SNES/PSX pad
support via parallel port (up to 5 devices per port)
Set number of hash buckets for inode cache.
ima_appraise= [IMA] appraise integrity measurements
- Format: { "off" | "enforce" | "fix" }
+ Format: { "off" | "enforce" | "fix" | "log" }
default: "enforce"
ima_appraise_tcb [IMA]
ip= [IP_PNP]
See Documentation/filesystems/nfs/nfsroot.txt.
- ip2= [HW] Set IO/IRQ pairs for up to 4 IntelliPort boards
- See comment before ip2_setup() in
- drivers/char/ip2/ip2base.c.
-
irqfixup [HW]
When an interrupt is not handled search all handlers
for it. Intended to get systems with badly broken
7 (KERN_DEBUG) debug-level messages
log_buf_len=n[KMG] Sets the size of the printk ring buffer,
- in bytes. n must be a power of two. The default
- size is set in the kernel config file.
+ in bytes. n must be a power of two and greater
+ than the minimal size. The minimal size is defined
+ by LOG_BUF_SHIFT kernel config parameter. There is
+ also CONFIG_LOG_CPU_MAX_BUF_SHIFT config parameter
+ that allows to increase the default size depending on
+ the number of CPUs. See init/Kconfig for more details.
logo.nologo [FB] Disables display of the built-in Linux logo.
This may be used to provide more screen space for
and restore using xsave. The kernel will fallback to
enabling legacy floating-point and sse state.
+ noxsaveopt [X86] Disables xsaveopt used in saving x86 extended
+ register states. The kernel will fall back to use
+ xsave to save the states. By using this parameter,
+ performance of saving the states is degraded because
+ xsave doesn't support modified optimization while
+ xsaveopt supports it on xsaveopt enabled systems.
+
+ noxsaves [X86] Disables xsaves and xrstors used in saving and
+ restoring x86 extended register state in compacted
+ form of xsave area. The kernel will fall back to use
+ xsaveopt and xrstor to save and restore the states
+ in standard form of xsave area. By using this
+ parameter, xsave area per process might occupy more
+ memory on xsaves enabled systems.
+
eagerfpu= [X86]
on enable eager fpu restore
off disable eager fpu restore
quiescent states. Units are jiffies, minimum
value is one, and maximum value is HZ.
+ rcutree.rcu_nocb_leader_stride= [KNL]
+ Set the number of NOCB kthread groups, which
+ defaults to the square root of the number of
+ CPUs. Larger numbers reduces the wakeup overhead
+ on the per-CPU grace-period kthreads, but increases
+ that same overhead on each group's leader.
+
rcutree.qhimark= [KNL]
Set threshold of queued RCU callbacks beyond which
batch limiting is disabled.
S [KNL] Run init in single mode
+ s390_iommu= [HW,S390]
+ Set s390 IOTLB flushing mode
+ strict
+ With strict flushing every unmap operation will result in
+ an IOTLB flush. Default is lazy flushing before reuse,
+ which is faster.
+
sa1100ir [NET]
See drivers/net/irda/sa1100_ir.c.
slram= [HW,MTD]
+ slab_nomerge [MM]
+ Disable merging of slabs with similar size. May be
+ necessary if there is some reason to distinguish
+ allocs to different slabs. Debug options disable
+ merging on their own.
+ For more information see Documentation/vm/slub.txt.
+
slab_max_order= [MM, SLAB]
Determines the maximum allowed order for slabs.
A high setting may cause OOMs due to memory
For more information see Documentation/vm/slub.txt.
slub_nomerge [MM, SLUB]
- Disable merging of slabs with similar size. May be
- necessary if there is some reason to distinguish
- allocs to different slabs. Debug options disable
- merging on their own.
- For more information see Documentation/vm/slub.txt.
+ Same with slab_nomerge. This is supported for legacy.
+ See slab_nomerge for more information.
smart2= [HW]
Format: <io1>[,<io2>[,...,<io8>]]
tdfx= [HW,DRM]
- test_suspend= [SUSPEND]
+ test_suspend= [SUSPEND][,N]
Specify "mem" (for Suspend-to-RAM) or "standby" (for
- standby suspend) as the system sleep state to briefly
- enter during system startup. The system is woken from
- this state using a wakeup-capable RTC alarm.
+ standby suspend) or "freeze" (for suspend type freeze)
+ as the system sleep state during system startup with
+ the optional capability to repeat N number of times.
+ The system is woken from this state using a
+ wakeup-capable RTC alarm.
thash_entries= [KNL,NET]
Set number of hash buckets for TCP connection
READ_DISC_INFO command);
e = NO_READ_CAPACITY_16 (don't use
READ_CAPACITY_16 command);
+ f = NO_REPORT_OPCODES (don't use report opcodes
+ command, uas only);
h = CAPACITY_HEURISTICS (decrease the
reported device capacity by one
sector if the number is odd);
bogus residue values);
s = SINGLE_LUN (the device has only one
Logical Unit);
+ t = NO_ATA_1X (don't allow ATA(12) and ATA(16)
+ commands, uas only);
+ u = IGNORE_UAS (don't bind to the uas driver);
w = NO_WP_DETECT (don't test whether the
medium is write-protected).
Example: quirks=0419:aaf5:rl,0421:0433:rc
Disables the ticketlock slowpath using Xen PV
optimizations.
+ xen_nopv [X86]
+ Disables the PV optimizations forcing the HVM guest to
+ run as generic HVM guest with no PV drivers.
+
xirc2ps_cs= [NET,PCMCIA]
Format:
<irq>,<irq_mask>,<io>,<full_duplex>,<do_sound>,<lockup_hack>[,<irq2>[,<irq3>[,<irq4>]]]
P: Person (obsolete)
M: Mail patches to: FullName <address@domain>
+ R: Designated reviewer: FullName <address@domain>
+ These reviewers should be CCed on patches.
L: Mailing list that is relevant to this area
W: Web-page with status/info
Q: Patchwork web based patch tracking system site
S: Maintained
F: drivers/scsi/53c700*
+6LOWPAN GENERIC (BTLE/IEEE 802.15.4)
+M: Alexander Aring <alex.aring@gmail.com>
+M: Jukka Rissanen <jukka.rissanen@linux.intel.com>
+L: linux-bluetooth@vger.kernel.org
+L: linux-wpan@vger.kernel.org
+S: Maintained
+F: net/6lowpan/
+F: include/net/6lowpan.h
+
6PACK NETWORK DRIVER FOR AX.25
M: Andreas Koensgen <ajk@comnets.uni-bremen.de>
L: linux-hams@vger.kernel.org
F: fs/aio.c
F: include/linux/*aio*.h
+AIRSPY MEDIA DRIVER
+M: Antti Palosaari <crope@iki.fi>
+L: linux-media@vger.kernel.org
+W: http://linuxtv.org/
+W: http://palosaari.fi/linux/
+Q: http://patchwork.linuxtv.org/project/linux-media/list/
+T: git git://linuxtv.org/anttip/media_tree.git
+S: Maintained
+F: drivers/media/usb/airspy/
+
ALCATEL SPEEDTOUCH USB DRIVER
M: Duncan Sands <duncan.sands@free.fr>
L: linux-usb@vger.kernel.org
M: Thomas Dahlmann <dahlmann.thomas@arcor.de>
L: linux-geode@lists.infradead.org (moderated for non-subscribers)
S: Supported
-F: drivers/usb/gadget/amd5536udc.*
+F: drivers/usb/gadget/udc/amd5536udc.*
AMD GEODE PROCESSOR/CHIPSET SUPPORT
P: Andres Salomon <dilinger@queued.net>
S: Supported
F: drivers/char/hw_random/geode-rng.c
F: drivers/crypto/geode*
-F: drivers/video/geode/
+F: drivers/video/fbdev/geode/
F: arch/x86/include/asm/geode.h
AMD IOMMU (AMD-VI)
M: Andreas Herrmann <herrmann.der.user@googlemail.com>
L: amd64-microcode@amd64.org
S: Maintained
-F: arch/x86/kernel/microcode_amd.c
+F: arch/x86/kernel/cpu/microcode/amd*
AMD XGBE DRIVER
M: Tom Lendacky <thomas.lendacky@amd.com>
W: http://blackfin.uclinux.org/
S: Supported
F: sound/soc/blackfin/*
+
+ANALOG DEVICES INC IIO DRIVERS
+M: Lars-Peter Clausen <lars@metafoo.de>
+M: Michael Hennerich <Michael.Hennerich@analog.com>
+W: http://wiki.analog.com/
+W: http://ez.analog.com/community/linux-device-drivers
+S: Supported
+F: drivers/iio/*/ad*
+X: drivers/iio/*/adjd*
+F: drivers/staging/iio/*/ad*
+F: staging/iio/trigger/iio-trig-bfin-timer.c
AOA (Apple Onboard Audio) ALSA DRIVER
M: Johannes Berg <johannes@sipsolutions.net>
F: drivers/net/appletalk/
F: net/appletalk/
+APPLIED MICRO (APM) X-GENE SOC ETHERNET DRIVER
+M: Iyappan Subramanian <isubramanian@apm.com>
+M: Keyur Chudgar <kchudgar@apm.com>
+S: Supported
+F: drivers/net/ethernet/apm/xgene/
+F: Documentation/devicetree/bindings/net/apm-xgene-enet.txt
+
APTINA CAMERA SENSOR PLL
M: Laurent Pinchart <Laurent.pinchart@ideasonboard.com>
L: linux-media@vger.kernel.org
ARC FRAMEBUFFER DRIVER
M: Jaya Kumar <jayalk@intworks.biz>
S: Maintained
-F: drivers/video/arcfb.c
-F: drivers/video/fb_defio.c
+F: drivers/video/fbdev/arcfb.c
+F: drivers/video/fbdev/core/fb_defio.c
ARM MFM AND FLOPPY DRIVERS
M: Ian Molton <spyro@f2s.com>
ARM PRIMECELL CLCD PL110 DRIVER
M: Russell King <linux@arm.linux.org.uk>
S: Maintained
-F: drivers/video/amba-clcd.*
+F: drivers/video/fbdev/amba-clcd.*
ARM PRIMECELL KMI PL050 DRIVER
M: Russell King <linux@arm.linux.org.uk>
S: Maintained
F: drivers/clk/sunxi/
+ARM/Amlogic MesonX SoC support
+M: Carlo Caione <carlo@caione.org>
+L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
+S: Maintained
+N: meson[x68]
+
ARM/ATMEL AT91RM9200 AND AT91SAM ARM ARCHITECTURES
M: Andrew Victor <linux@maxim.org.za>
M: Nicolas Ferre <nicolas.ferre@atmel.com>
F: arch/arm/mach-highbank/
ARM/CAVIUM NETWORKS CNS3XXX MACHINE SUPPORT
-M: Anton Vorontsov <anton@enomsg.org>
+M: Krzysztof Halasa <khalasa@piap.pl>
S: Maintained
F: arch/arm/mach-cns3xxx/
-T: git git://git.infradead.org/users/cbou/linux-cns3xxx.git
ARM/CIRRUS LOGIC CLPS711X ARM ARCHITECTURE
M: Alexander Shiyan <shc_work@mail.ru>
T: git git://git.kernel.org/pub/scm/linux/kernel/git/baohua/linux.git
S: Maintained
F: arch/arm/mach-prima2/
-F: drivers/clk/clk-prima2.c
+F: drivers/clk/sirf/
F: drivers/clocksource/timer-prima2.c
F: drivers/clocksource/timer-marco.c
N: [^a-z]sirf
F: arch/arm/mach-footbridge/
ARM/FREESCALE IMX / MXC ARM ARCHITECTURE
-M: Shawn Guo <shawn.guo@freescale.com>
+M: Shawn Guo <shawn.guo@linaro.org>
M: Sascha Hauer <kernel@pengutronix.de>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
S: Maintained
F: arch/arm/mach-pxa/include/mach/hx4700.h
F: sound/soc/pxa/hx4700.c
+ARM/HISILICON SOC SUPPORT
+M: Wei Xu <xuwei5@hisilicon.com>
+L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
+W: http://www.hisilicon.com
+S: Supported
+T: git git://github.com/hisilicon/linux-hisi.git
+F: arch/arm/mach-hisi/
+
ARM/HP JORNADA 7XX MACHINE SUPPORT
M: Kristoffer Ericson <kristoffer.ericson@gmail.com>
W: www.jlime.com
ARM/INTEL IOP32X ARM ARCHITECTURE
M: Lennert Buytenhek <kernel@wantstofly.org>
-M: Dan Williams <dan.j.williams@intel.com>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
S: Maintained
ARM/INTEL IOP33X ARM ARCHITECTURE
-M: Dan Williams <dan.j.williams@intel.com>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
-S: Maintained
+S: Orphan
ARM/INTEL IOP13XX ARM ARCHITECTURE
M: Lennert Buytenhek <kernel@wantstofly.org>
-M: Dan Williams <dan.j.williams@intel.com>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
S: Maintained
ARM/INTEL IQ81342EX MACHINE SUPPORT
M: Lennert Buytenhek <kernel@wantstofly.org>
-M: Dan Williams <dan.j.williams@intel.com>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
S: Maintained
ARM/INTEL IXP4XX ARM ARCHITECTURE
M: Imre Kaloz <kaloz@openwrt.org>
-M: Krzysztof Halasa <khc@pm.waw.pl>
+M: Krzysztof Halasa <khalasa@piap.pl>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
S: Maintained
F: arch/arm/mach-ixp4xx/
ARM/INTEL XSC3 (MANZANO) ARM CORE
M: Lennert Buytenhek <kernel@wantstofly.org>
-M: Dan Williams <dan.j.williams@intel.com>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
S: Maintained
S: Maintained
F: arch/arm/mach-berlin/
-ARM/Marvell Dove/Kirkwood/MV78xx0/Orion SOC support
+ARM/Marvell Dove/MV78xx0/Orion SOC support
M: Jason Cooper <jason@lakedaemon.net>
M: Andrew Lunn <andrew@lunn.ch>
M: Sebastian Hesselbarth <sebastian.hesselbarth@gmail.com>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
S: Maintained
F: arch/arm/mach-dove/
-F: arch/arm/mach-kirkwood/
F: arch/arm/mach-mv78xx0/
F: arch/arm/mach-orion5x/
F: arch/arm/plat-orion/
S: Maintained
F: arch/arm/mach-orion5x/ts78xx-*
+ARM/Mediatek SoC support
+M: Matthias Brugger <matthias.bgg@gmail.com>
+L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
+S: Maintained
+F: arch/arm/boot/dts/mt6*
+F: arch/arm/boot/dts/mt8*
+F: arch/arm/mach-mediatek/
+N: mtk
+K: mediatek
+
ARM/MICREL KS8695 ARCHITECTURE
M: Greg Ungerer <gerg@uclinux.org>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
S: Maintained
F: arch/arm/mach-nomadik/
+F: drivers/pinctrl/nomadik/
F: drivers/i2c/busses/i2c-nomadik.c
T: git git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-nomadik.git
M: Bryan Huntsman <bryanh@codeaurora.org>
L: linux-arm-msm@vger.kernel.org
F: arch/arm/mach-msm/
-F: drivers/video/msm/
+F: drivers/video/fbdev/msm/
F: drivers/mmc/host/msm_sdcc.c
F: drivers/mmc/host/msm_sdcc.h
F: drivers/tty/serial/msm_serial.h
F: drivers/tty/serial/msm_serial.c
F: drivers/*/pm8???-*
-F: drivers/mfd/ssbi/
-F: include/linux/mfd/pm8xxx/
+F: drivers/mfd/ssbi.c
T: git git://git.kernel.org/pub/scm/linux/kernel/git/davidb/linux-msm.git
S: Maintained
ARM/Rockchip SoC support
M: Heiko Stuebner <heiko@sntech.de>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
+L: linux-rockchip@lists.infradead.org
S: Maintained
+F: arch/arm/boot/dts/rk3*
F: arch/arm/mach-rockchip/
+F: drivers/clk/rockchip/
+F: drivers/i2c/busses/i2c-rk3x.c
F: drivers/*/*rockchip*
+F: drivers/*/*/*rockchip*
+F: sound/soc/rockchip/
ARM/SAMSUNG ARM ARCHITECTURES
M: Ben Dooks <ben-linux@fluff.org>
F: arch/arm/configs/ape6evm_defconfig
F: arch/arm/configs/armadillo800eva_defconfig
F: arch/arm/configs/bockw_defconfig
-F: arch/arm/configs/genmai_defconfig
F: arch/arm/configs/koelsch_defconfig
F: arch/arm/configs/kzm9g_defconfig
F: arch/arm/configs/lager_defconfig
F: drivers/sh/
ARM/SOCFPGA ARCHITECTURE
-M: Dinh Nguyen <dinguyen@altera.com>
+M: Dinh Nguyen <dinguyen@opensource.altera.com>
S: Maintained
F: arch/arm/mach-socfpga/
+W: http://www.rocketboards.org
+T: git://git.rocketboards.org/linux-socfpga.git
+T: git://git.rocketboards.org/linux-socfpga-next.git
ARM/SOCFPGA CLOCK FRAMEWORK SUPPORT
-M: Dinh Nguyen <dinguyen@altera.com>
+M: Dinh Nguyen <dinguyen@opensource.altera.com>
S: Maintained
F: drivers/clk/socfpga/
+ARM/SOCFPGA EDAC SUPPORT
+M: Thor Thayer <tthayer@opensource.altera.com>
+S: Maintained
+F: drivers/edac/altera_edac.
+
ARM/STI ARCHITECTURE
M: Srinivas Kandagatla <srinivas.kandagatla@gmail.com>
M: Maxime Coquelin <maxime.coquelin@st.com>
F: arch/arm/mach-sti/
F: arch/arm/boot/dts/sti*
F: drivers/clocksource/arm_global_timer.c
-F: drivers/reset/sti/
-F: drivers/pinctrl/pinctrl-st.c
-F: drivers/media/rc/st_rc.c
F: drivers/i2c/busses/i2c-st.c
+F: drivers/media/rc/st_rc.c
+F: drivers/mmc/host/sdhci-st.c
+F: drivers/phy/phy-stih407-usb.c
+F: drivers/phy/phy-stih41x-usb.c
+F: drivers/pinctrl/pinctrl-st.c
+F: drivers/reset/sti/
F: drivers/tty/serial/st-asc.c
+F: drivers/usb/dwc3/dwc3-st.c
+F: drivers/usb/host/ehci-st.c
+F: drivers/usb/host/ohci-st.c
ARM/TECHNOLOGIC SYSTEMS TS7250 MACHINE SUPPORT
M: Lennert Buytenhek <kernel@wantstofly.org>
F: drivers/rtc/rtc-nuc900.c
F: drivers/spi/spi-nuc900.c
F: drivers/usb/host/ehci-w90x900.c
-F: drivers/video/nuc900fb.c
+F: drivers/video/fbdev/nuc900fb.c
ARM/U300 MACHINE SUPPORT
M: Linus Walleij <linus.walleij@linaro.org>
F: drivers/mfd/ab8500*
F: drivers/mfd/dbx500*
F: drivers/mfd/db8500*
-F: drivers/pinctrl/pinctrl-nomadik*
+F: drivers/pinctrl/nomadik/pinctrl-ab*
+F: drivers/pinctrl/nomadik/pinctrl-nomadik*
F: drivers/rtc/rtc-ab8500.c
F: drivers/rtc/rtc-pl031.c
T: git git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-stericsson.git
F: drivers/tty/serial/vt8500_serial.c
F: drivers/usb/host/ehci-platform.c
F: drivers/usb/host/uhci-platform.c
-F: drivers/video/vt8500lcdfb.*
-F: drivers/video/wm8505fb*
-F: drivers/video/wmt_ge_rops.*
+F: drivers/video/fbdev/vt8500lcdfb.*
+F: drivers/video/fbdev/wm8505fb*
+F: drivers/video/fbdev/wmt_ge_rops.*
ARM/ZIPIT Z2 SUPPORT
M: Marek Vasut <marek.vasut@gmail.com>
F: drivers/platform/x86/eeepc*.c
ASYNCHRONOUS TRANSFERS/TRANSFORMS (IOAT) API
-M: Dan Williams <dan.j.williams@intel.com>
+R: Dan Williams <dan.j.williams@intel.com>
W: http://sourceforge.net/projects/xscaleiop
-S: Maintained
+S: Odd fixes
F: Documentation/crypto/async-tx-api.txt
F: crypto/async_tx/
F: drivers/dma/
S: Supported
W: http://wireless.kernel.org/en/users/Drivers/wil6210
F: drivers/net/wireless/ath/wil6210/
+F: include/uapi/linux/wil6210_uapi.h
CARL9170 LINUX COMMUNITY WIRELESS DRIVER
M: Christian Lamparter <chunkeey@googlemail.com>
S: Supported
F: drivers/tty/serial/atmel_serial.c
+ATMEL Audio ALSA driver
+M: Bo Shen <voice.shen@atmel.com>
+L: alsa-devel@alsa-project.org (moderated for non-subscribers)
+S: Supported
+F: sound/soc/atmel
+
ATMEL DMA DRIVER
M: Nicolas Ferre <nicolas.ferre@atmel.com>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
M: Nicolas Ferre <nicolas.ferre@atmel.com>
L: linux-fbdev@vger.kernel.org
S: Maintained
-F: drivers/video/atmel_lcdfb.c
+F: drivers/video/fbdev/atmel_lcdfb.c
F: include/video/atmel_lcdc.h
ATMEL MACB ETHERNET DRIVER
M: Nicolas Ferre <nicolas.ferre@atmel.com>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
S: Supported
-F: drivers/usb/gadget/atmel_usba_udc.*
+F: drivers/usb/gadget/udc/atmel_usba_udc.*
ATMEL WIRELESS DRIVER
M: Simon Kelley <simon@thekelleys.org.uk>
S: Maintained:
F: drivers/md/bcache/
+BECEEM BCS200/BCS220-3/BCSM250 WIMAX SUPPORT
+M: Kevin McKinney <klmckinney1@gmail.com>
+M: Matthias Beyer <mail@beyermatthias.de>
+L: devel@driverdev.osuosl.org
+S: Maintained
+F: drivers/staging/bcm*
+
BEFS FILE SYSTEM
S: Orphan
F: Documentation/filesystems/befs.txt
F: fs/befs/
+BECKHOFF CX5020 ETHERCAT MASTER DRIVER
+M: Dariusz Marcinkiewicz <reksio@newterm.pl>
+L: netdev@vger.kernel.org
+S: Maintained
+F: drivers/net/ethernet/ec_bhf.c
+
BFS FILE SYSTEM
M: "Tigran A. Aivazian" <tigran@aivazian.fsnet.co.uk>
S: Maintained
F: drivers/net/bonding/
F: include/uapi/linux/if_bonding.h
+BPF (Safe dynamic programs and tools)
+M: Alexei Starovoitov <ast@kernel.org>
+L: netdev@vger.kernel.org
+L: linux-kernel@vger.kernel.org
+S: Supported
+F: kernel/bpf/
+
BROADCOM B44 10/100 ETHERNET DRIVER
M: Gary Zambrano <zambrano@broadcom.com>
L: netdev@vger.kernel.org
F: drivers/net/ethernet/broadcom/genet/
BROADCOM BNX2 GIGABIT ETHERNET DRIVER
-M: Michael Chan <mchan@broadcom.com>
+M: Sony Chacko <sony.chacko@qlogic.com>
+M: Dept-HSGLinuxNICDev@qlogic.com
L: netdev@vger.kernel.org
S: Supported
F: drivers/net/ethernet/broadcom/bnx2.*
BROADCOM BCM281XX/BCM11XXX/BCM216XX ARM ARCHITECTURE
M: Christian Daudt <bcm@fixthebug.org>
M: Matt Porter <mporter@linaro.org>
+M: Florian Fainelli <f.fainelli@gmail.com>
L: bcm-kernel-feedback-list@broadcom.com
T: git git://github.com/broadcom/mach-bcm
S: Maintained
F: arch/arm/boot/dts/bcm216*
F: arch/arm/boot/dts/bcm281*
F: arch/arm/configs/bcm_defconfig
-F: drivers/mmc/host/sdhci_bcm_kona.c
+F: drivers/mmc/host/sdhci-bcm-kona.c
F: drivers/clocksource/bcm_kona_timer.c
BROADCOM BCM2835 ARM ARCHICTURE
F: arch/arm/boot/dts/bcm5301x.dtsi
F: arch/arm/boot/dts/bcm470*
+BROADCOM BCM63XX ARM ARCHITECTURE
+M: Florian Fainelli <f.fainelli@gmail.com>
+L: linux-arm-kernel@lists.infradead.org
+T: git git://git.github.com/brcm/linux.git
+S: Maintained
+F: arch/arm/mach-bcm/bcm63xx.c
+F: arch/arm/include/debug/bcm63xx.S
+
+BROADCOM BCM7XXX ARM ARCHITECTURE
+M: Marc Carino <marc.ceeeee@gmail.com>
+M: Brian Norris <computersforpeace@gmail.com>
+L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
+S: Maintained
+F: arch/arm/mach-bcm/*brcmstb*
+F: arch/arm/boot/dts/bcm7*.dts*
+
BROADCOM TG3 GIGABIT ETHERNET DRIVER
-M: Nithin Nayak Sujir <nsujir@broadcom.com>
+M: Prashant Sreedharan <prashant@broadcom.com>
M: Michael Chan <mchan@broadcom.com>
L: netdev@vger.kernel.org
S: Supported
F: drivers/net/wireless/brcm80211/
BROADCOM BNX2FC 10 GIGABIT FCOE DRIVER
-M: Eddie Wai <eddie.wai@broadcom.com>
+M: QLogic-Storage-Upstream@qlogic.com
L: linux-scsi@vger.kernel.org
S: Supported
F: drivers/scsi/bnx2fc/
BROADCOM BNX2I 1/10 GIGABIT iSCSI DRIVER
-M: Eddie Wai <eddie.wai@broadcom.com>
+M: QLogic-Storage-Upstream@qlogic.com
L: linux-scsi@vger.kernel.org
S: Supported
F: drivers/scsi/bnx2i/
BROADCOM KONA GPIO DRIVER
-M: Markus Mayer <markus.mayer@linaro.org>
+M: Ray Jui <rjui@broadcom.com>
L: bcm-kernel-feedback-list@broadcom.com
S: Supported
F: drivers/gpio/gpio-bcm-kona.c
F: drivers/scsi/bfa/
BROCADE BNA 10 GIGABIT ETHERNET DRIVER
-M: Rasesh Mody <rmody@brocade.com>
+M: Rasesh Mody <rasesh.mody@qlogic.com>
L: netdev@vger.kernel.org
S: Supported
F: drivers/net/ethernet/brocade/bna/
S: Maintained
F: drivers/net/ethernet/cirrus/ep93xx_eth.c
-CIRRUS LOGIC EP93XX OHCI USB HOST DRIVER
-M: Lennert Buytenhek <kernel@wantstofly.org>
-L: linux-usb@vger.kernel.org
-S: Maintained
-F: drivers/usb/host/ohci-ep93xx.c
-
CIRRUS LOGIC AUDIO CODEC DRIVERS
M: Brian Austin <brian.austin@cirrus.com>
M: Paul Handrigan <Paul.Handrigan@cirrus.com>
Q: http://patchwork.ozlabs.org/project/linux-cifs-client/list/
T: git git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6.git
S: Supported
-F: Documentation/filesystems/cifs.txt
+F: Documentation/filesystems/cifs/
F: fs/cifs/
COMPACTPCI HOTPLUG CORE
F: arch/x86/kernel/msr.c
CPU POWER MONITORING SUBSYSTEM
-M: Dominik Brodowski <linux@dominikbrodowski.net>
M: Thomas Renninger <trenn@suse.de>
+L: linux-pm@vger.kernel.org
S: Maintained
F: tools/power/cpupower/
S: Supported
F: drivers/net/ethernet/chelsio/cxgb4vf/
+CXL (IBM Coherent Accelerator Processor Interface CAPI) DRIVER
+M: Ian Munsie <imunsie@au1.ibm.com>
+M: Michael Neuling <mikey@neuling.org>
+L: linuxppc-dev@lists.ozlabs.org
+S: Supported
+F: drivers/misc/cxl/
+F: include/misc/cxl.h
+F: include/uapi/misc/cxl.h
+F: Documentation/powerpc/cxl.txt
+F: Documentation/powerpc/cxl.txt
+F: Documentation/ABI/testing/sysfs-class-cxl
+
STMMAC ETHERNET DRIVER
M: Giuseppe Cavallaro <peppe.cavallaro@st.com>
L: netdev@vger.kernel.org
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
W: http://www.arm.linux.org.uk/
S: Maintained
-F: drivers/video/cyber2000fb.*
+F: drivers/video/fbdev/cyber2000fb.*
CYCLADES ASYNC MUX DRIVER
W: http://www.cyclades.com/
DESIGNWARE USB2 DRD IP DRIVER
M: Paul Zimmerman <paulz@synopsys.com>
L: linux-usb@vger.kernel.org
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/balbi/usb.git
S: Maintained
F: drivers/usb/dwc2/
S: Maintained
F: drivers/usb/dwc3/
+DEVICE COREDUMP (DEV_COREDUMP)
+M: Johannes Berg <johannes@sipsolutions.net>
+L: linux-kernel@vger.kernel.org
+S: Maintained
+F: drivers/base/devcoredump.c
+F: include/linux/devcoredump.h
+
DEVICE FREQUENCY (DEVFREQ)
M: MyungJoo Ham <myungjoo.ham@samsung.com>
M: Kyungmin Park <kyungmin.park@samsung.com>
DIGI EPCA PCI PRODUCTS
M: Lidza Louina <lidza.louina@gmail.com>
M: Mark Hounschell <markh@compro.net>
+M: Daeseok Youn <daeseok.youn@gmail.com>
L: driverdev-devel@linuxdriverproject.org
S: Maintained
F: drivers/staging/dgap/
L: linux-fbdev@vger.kernel.org
S: Maintained
W: http://plugable.com/category/projects/udlfb/
-F: drivers/video/udlfb.c
+F: drivers/video/fbdev/udlfb.c
F: include/video/udlfb.h
F: Documentation/fb/udlfb.txt
L: linux-media@vger.kernel.org
L: dri-devel@lists.freedesktop.org
L: linaro-mm-sig@lists.linaro.org
-F: drivers/base/dma-buf*
+F: drivers/dma-buf/
F: include/linux/dma-buf*
+F: include/linux/reservation.h
+F: include/linux/*fence.h
F: Documentation/dma-buf-sharing.txt
T: git git://git.linaro.org/people/sumitsemwal/linux-dma-buf.git
DMA GENERIC OFFLOAD ENGINE SUBSYSTEM
M: Vinod Koul <vinod.koul@intel.com>
-M: Dan Williams <dan.j.williams@intel.com>
L: dmaengine@vger.kernel.org
Q: https://patchwork.kernel.org/project/linux-dmaengine/list/
-S: Supported
+S: Maintained
F: drivers/dma/
F: include/linux/dma*
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/djbw/async_tx.git
T: git git://git.infradead.org/users/vkoul/slave-dma.git (slave-dma)
DME1737 HARDWARE MONITOR DRIVER
F: drivers/acpi/dock.c
DOCUMENTATION
-M: Randy Dunlap <rdunlap@infradead.org>
+M: Jiri Kosina <jkosina@suse.cz>
L: linux-doc@vger.kernel.org
-T: quilt http://www.infradead.org/~rdunlap/Doc/patches/
S: Maintained
F: Documentation/
X: Documentation/ABI/
X: Documentation/devicetree/
X: Documentation/[a-z][a-z]_[A-Z][A-Z]/
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/jikos/doc.git
DOUBLETALK DRIVER
M: "James R. Van Zandt" <jrv@vanzandt.mv.com>
T: git git://people.freedesktop.org/~agd5f/linux
S: Supported
F: drivers/gpu/drm/radeon/
-F: include/drm/radeon*
F: include/uapi/drm/radeon*
DRM PANEL DRIVERS
F: include/uapi/drm/tegra_drm.h
F: Documentation/devicetree/bindings/gpu/nvidia,tegra20-host1x.txt
+DRM DRIVERS FOR RENESAS
+M: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
+L: dri-devel@lists.freedesktop.org
+L: linux-sh@vger.kernel.org
+T: git git://people.freedesktop.org/~airlied/linux
+S: Supported
+F: drivers/gpu/drm/rcar-du/
+F: drivers/gpu/drm/shmobile/
+F: include/linux/platform_data/rcar-du.h
+F: include/linux/platform_data/shmob_drm.h
+
DSBR100 USB FM RADIO DRIVER
M: Alexey Klimov <klimov.linux@gmail.com>
L: linux-media@vger.kernel.org
S: Maintained
F: drivers/media/tuners/e4000*
-EATA-DMA SCSI DRIVER
-M: Michael Neuffer <mike@i-Connect.Net>
-L: linux-eata@i-connect.net
-L: linux-scsi@vger.kernel.org
-S: Maintained
-F: drivers/scsi/eata*
-
EATA ISA/EISA/PCI SCSI DRIVER
M: Dario Ballabio <ballabio_dario@emc.com>
L: linux-scsi@vger.kernel.org
S: Maintained
F: drivers/scsi/eata.c
-EATA-PIO SCSI DRIVER
-M: Michael Neuffer <mike@i-Connect.Net>
-L: linux-eata@i-connect.net
-L: linux-scsi@vger.kernel.org
-S: Maintained
-F: drivers/scsi/eata_pio.*
-
EC100 MEDIA DRIVER
M: Antti Palosaari <crope@iki.fi>
L: linux-media@vger.kernel.org
S: Maintained
F: drivers/edac/i82975x_edac.c
+EDAC-IE31200
+M: Jason Baron <jbaron@akamai.com>
+L: linux-edac@vger.kernel.org
+W: bluesmoke.sourceforge.net
+S: Maintained
+F: drivers/edac/ie31200_edac.c
+
EDAC-MPC85XX
M: Johannes Thumshirn <johannes.thumshirn@men.de>
L: linux-edac@vger.kernel.org
L: linux-efi@vger.kernel.org
T: git git://git.kernel.org/pub/scm/linux/kernel/git/mfleming/efi.git
S: Maintained
-F: Documentation/x86/efi-stub.txt
+F: Documentation/efi-stub.txt
F: arch/ia64/kernel/efi.c
F: arch/x86/boot/compressed/eboot.[ch]
F: arch/x86/include/asm/efi.h
L: linux-fbdev@vger.kernel.org
M: Peter Jones <pjones@redhat.com>
S: Maintained
-F: drivers/video/efifb.c
+F: drivers/video/fbdev/efifb.c
EFS FILESYSTEM
W: http://aeschi.ch.eu.org/efs/
M: Kristoffer Ericson <kristoffer.ericson@gmail.com>
S: Maintained
T: git git://git.kernel.org/pub/scm/linux/kernel/git/kristoffer/linux-hpc.git
-F: drivers/video/s1d13xxxfb.c
+F: drivers/video/fbdev/s1d13xxxfb.c
F: include/video/s1d13xxxfb.h
+ET131X NETWORK DRIVER
+M: Mark Einon <mark.einon@gmail.com>
+S: Odd Fixes
+F: drivers/net/ethernet/agere/
+
ETHERNET BRIDGE
M: Stephen Hemminger <stephen@networkplumber.org>
L: bridge@lists.linux-foundation.org
M: Kyungmin Park <kyungmin.park@samsung.com>
L: linux-fbdev@vger.kernel.org
S: Maintained
-F: drivers/video/exynos/exynos_mipi*
+F: drivers/video/fbdev/exynos/exynos_mipi*
F: include/video/exynos_mipi*
F71805F HARDWARE MONITORING DRIVER
M: Timur Tabi <timur@tabi.org>
L: linux-fbdev@vger.kernel.org
S: Maintained
-F: drivers/video/fsl-diu-fb.*
+F: drivers/video/fbdev/fsl-diu-fb.*
FREESCALE DMA DRIVER
M: Li Yang <leoli@freescale.com>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
S: Maintained
F: include/linux/platform_data/video-imxfb.h
-F: drivers/video/imxfb.c
+F: drivers/video/fbdev/imxfb.c
FREESCALE SOC FS_ENET DRIVER
M: Pantelis Antoniou <pantelis.antoniou@gmail.com>
L: linux-usb@vger.kernel.org
L: linuxppc-dev@lists.ozlabs.org
S: Maintained
-F: drivers/usb/gadget/fsl*
+F: drivers/usb/gadget/udc/fsl*
FREESCALE QUICC ENGINE UCC ETHERNET DRIVER
M: Li Yang <leoli@freescale.com>
FREESCALE SOC SOUND DRIVERS
M: Timur Tabi <timur@tabi.org>
+M: Nicolin Chen <nicoleotsuka@gmail.com>
+M: Xiubo Li <Li.Xiubo@freescale.com>
L: alsa-devel@alsa-project.org (moderated for non-subscribers)
L: linuxppc-dev@lists.ozlabs.org
S: Maintained
F: sound/soc/fsl/fsl*
+F: sound/soc/fsl/imx*
F: sound/soc/fsl/mpc8610_hpcd.c
FREEVXFS FILESYSTEM
F: drivers/isdn/gigaset/
F: include/uapi/linux/gigaset_dev.h
+GO7007 MPEG CODEC
+M: Hans Verkuil <hans.verkuil@cisco.com>
+L: linux-media@vger.kernel.org
+S: Maintained
+F: drivers/media/usb/go7007/
+
GPIO SUBSYSTEM
M: Linus Walleij <linus.walleij@linaro.org>
M: Alexandre Courbot <gnurou@gmail.com>
S: Maintained
F: Documentation/gpio/
F: drivers/gpio/
-F: include/linux/gpio*
+F: include/linux/gpio/
+F: include/linux/gpio.h
F: include/asm-generic/gpio.h
GRE DEMULTIPLEXER DRIVER
S: Odd Fixes
F: drivers/tty/hvc/
+HACKRF MEDIA DRIVER
+M: Antti Palosaari <crope@iki.fi>
+L: linux-media@vger.kernel.org
+W: http://linuxtv.org/
+W: http://palosaari.fi/linux/
+Q: http://patchwork.linuxtv.org/project/linux-media/list/
+T: git git://linuxtv.org/anttip/media_tree.git
+S: Maintained
+F: drivers/media/usb/hackrf/
+
HARDWARE MONITORING
M: Jean Delvare <jdelvare@suse.de>
M: Guenter Roeck <linux@roeck-us.net>
L: linux-nvidia@lists.surfsouth.com
W: http://drama.obuda.kando.hu/~fero/cgi-bin/hgafb.shtml
S: Maintained
-F: drivers/video/hgafb.c
+F: drivers/video/fbdev/hgafb.c
HIBERNATION (aka Software Suspend, aka swsusp)
M: "Rafael J. Wysocki" <rjw@rjwysocki.net>
T: git git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git timers/core
S: Maintained
F: Documentation/timers/
-F: kernel/hrtimer.c
+F: kernel/time/hrtimer.c
F: kernel/time/clockevents.c
F: kernel/time/tick*.*
F: kernel/time/timer_*.c
F: drivers/input/serio/hyperv-keyboard.c
F: drivers/net/hyperv/
F: drivers/scsi/storvsc_drv.c
-F: drivers/video/hyperv_fb.c
+F: drivers/video/fbdev/hyperv_fb.c
F: include/linux/hyperv.h
F: tools/hv/
F: include/uapi/linux/i2c.h
F: include/uapi/linux/i2c-*.h
+I2C ACPI SUPPORT
+M: Mika Westerberg <mika.westerberg@linux.intel.com>
+L: linux-i2c@vger.kernel.org
+L: linux-acpi@vger.kernel.org
+S: Maintained
+
I2C-TAOS-EVM DRIVER
M: Jean Delvare <jdelvare@suse.de>
L: linux-i2c@vger.kernel.org
F: drivers/scsi/ibmvscsi/ibmvfc*
IBM ServeRAID RAID DRIVER
-P: Jack Hammer
-M: Dave Jeffery <ipslinux@adaptec.com>
-W: http://www.developer.ibm.com/welcome/netfinity/serveraid.html
-S: Supported
+S: Orphan
F: drivers/scsi/ips.*
ICH LPC AND GPIO DRIVER
IEEE 802.15.4 SUBSYSTEM
M: Alexander Aring <alex.aring@gmail.com>
-L: linux-zigbee-devel@lists.sourceforge.net (moderated for non-subscribers)
-W: http://apps.sourceforge.net/trac/linux-zigbee
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/lowpan/lowpan.git
+L: linux-wpan@vger.kernel.org
+W: https://github.com/linux-wpan
+T: git git://github.com/linux-wpan/linux-wpan-next.git
S: Maintained
F: net/ieee802154/
F: net/mac802154/
F: drivers/net/ieee802154/
+F: Documentation/networking/ieee802154.txt
IGUANAWORKS USB IR TRANSCEIVER
M: Sean Young <sean@mess.org>
IIO SUBSYSTEM AND DRIVERS
M: Jonathan Cameron <jic23@kernel.org>
+R: Hartmut Knaack <knaack.h@gmx.de>
+R: Lars-Peter Clausen <lars@metafoo.de>
+R: Peter Meerwald <pmeerw@pmeerw.net>
L: linux-iio@vger.kernel.org
S: Maintained
F: drivers/iio/
IMS TWINTURBO FRAMEBUFFER DRIVER
L: linux-fbdev@vger.kernel.org
S: Orphan
-F: drivers/video/imsttfb.c
+F: drivers/video/fbdev/imsttfb.c
INFINIBAND SUBSYSTEM
M: Roland Dreier <roland@kernel.org>
L: linux-fbdev@vger.kernel.org
S: Maintained
F: Documentation/fb/intelfb.txt
-F: drivers/video/intelfb/
+F: drivers/video/fbdev/intelfb/
INTEL 810/815 FRAMEBUFFER DRIVER
M: Antonino Daplas <adaplas@gmail.com>
L: linux-fbdev@vger.kernel.org
S: Maintained
-F: drivers/video/i810/
+F: drivers/video/fbdev/i810/
INTEL MENLOW THERMAL DRIVER
M: Sujith Thomas <sujith.thomas@intel.com>
INTEL IA32 MICROCODE UPDATE SUPPORT
M: Tigran Aivazian <tigran@aivazian.fsnet.co.uk>
S: Maintained
-F: arch/x86/kernel/microcode_core.c
-F: arch/x86/kernel/microcode_intel.c
+F: arch/x86/kernel/cpu/microcode/core*
+F: arch/x86/kernel/cpu/microcode/intel*
INTEL I/OAT DMA DRIVER
-M: Dan Williams <dan.j.williams@intel.com>
M: Dave Jiang <dave.jiang@intel.com>
+R: Dan Williams <dan.j.williams@intel.com>
L: dmaengine@vger.kernel.org
Q: https://patchwork.kernel.org/project/linux-dmaengine/list/
S: Supported
F: include/linux/intel-iommu.h
INTEL IOP-ADMA DMA DRIVER
-M: Dan Williams <dan.j.williams@intel.com>
+R: Dan Williams <dan.j.williams@intel.com>
S: Odd fixes
F: drivers/dma/iop-adma.c
INTEL IXP4XX QMGR, NPE, ETHERNET and HSS SUPPORT
-M: Krzysztof Halasa <khc@pm.waw.pl>
+M: Krzysztof Halasa <khalasa@piap.pl>
S: Maintained
F: arch/arm/mach-ixp4xx/include/mach/qmgr.h
F: arch/arm/mach-ixp4xx/include/mach/npe.h
S: Maintained
F: drivers/char/hw_random/ixp4xx-rng.c
-INTEL ETHERNET DRIVERS (e100/e1000/e1000e/igb/igbvf/ixgb/ixgbe/ixgbevf/i40e/i40evf)
+INTEL ETHERNET DRIVERS (e100/e1000/e1000e/fm10k/igb/igbvf/ixgb/ixgbe/ixgbevf/i40e/i40evf)
M: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
M: Jesse Brandeburg <jesse.brandeburg@intel.com>
M: Bruce Allan <bruce.w.allan@intel.com>
M: Carolyn Wyborny <carolyn.wyborny@intel.com>
M: Don Skidmore <donald.c.skidmore@intel.com>
M: Greg Rose <gregory.v.rose@intel.com>
-M: Alex Duyck <alexander.h.duyck@intel.com>
+M: Matthew Vick <matthew.vick@intel.com>
M: John Ronciak <john.ronciak@intel.com>
M: Mitch Williams <mitch.a.williams@intel.com>
M: Linux NICS <linux.nics@intel.com>
S: Maintained
T: git git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git irq/core
T: git git://git.infradead.org/users/jcooper/linux.git irqchip/core
+F: Documentation/devicetree/bindings/interrupt-controller/
F: drivers/irqchip/
IRQ DOMAINS (IRQ NUMBER MAPPING LIBRARY)
Q: http://patchwork.linuxtv.org/project/linux-media/list/
T: git git://linuxtv.org/anttip/media_tree.git
S: Maintained
-F: drivers/media/tuners/tuner_it913x*
+F: drivers/media/tuners/it913x*
IVTV VIDEO4LINUX DRIVER
M: Andy Walls <awalls@md.metrocast.net>
F: Documentation/hwmon/k8temp
F: drivers/hwmon/k8temp.c
-KTAP
-M: Jovi Zhangwei <jovi.zhangwei@gmail.com>
-W: http://www.ktap.org
-L: ktap@freelists.org
-S: Maintained
-F: drivers/staging/ktap/
-
KCONFIG
M: "Yann E. MORIN" <yann.morin.1998@free.fr>
L: linux-kbuild@vger.kernel.org
W: http://nfs.sourceforge.net/
S: Supported
F: fs/nfsd/
-F: include/linux/nfsd/
F: include/uapi/linux/nfsd/
F: fs/lockd/
F: fs/nfs_common/
LINUX FOR POWERPC (32-BIT AND 64-BIT)
M: Benjamin Herrenschmidt <benh@kernel.crashing.org>
M: Paul Mackerras <paulus@samba.org>
+M: Michael Ellerman <mpe@ellerman.id.au>
W: http://www.penguinppc.org/
L: linuxppc-dev@lists.ozlabs.org
Q: http://patchwork.ozlabs.org/project/linuxppc-dev/list/
LINUX FOR POWERPC EMBEDDED MPC5XXX
M: Anatolij Gustschin <agust@denx.de>
L: linuxppc-dev@lists.ozlabs.org
-T: git git://git.denx.de/linux-2.6-agust.git
+T: git git://git.denx.de/linux-denx-agust.git
S: Maintained
F: arch/powerpc/platforms/512x/
F: arch/powerpc/platforms/52xx/
LINUX FOR POWERPC EMBEDDED PPC8XX
M: Vitaly Bordug <vitb@kernel.crashing.org>
-M: Marcelo Tosatti <marcelo@kvack.org>
W: http://www.penguinppc.org/
L: linuxppc-dev@lists.ozlabs.org
S: Maintained
F: arch/powerpc/platforms/8xx/
LINUX FOR POWERPC EMBEDDED PPC83XX AND PPC85XX
+M: Scott Wood <scottwood@freescale.com>
M: Kumar Gala <galak@kernel.crashing.org>
W: http://www.penguinppc.org/
L: linuxppc-dev@lists.ozlabs.org
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/scottwood/linux.git
S: Maintained
F: arch/powerpc/platforms/83xx/
F: arch/powerpc/platforms/85xx/
F: include/net/mac80211.h
F: net/mac80211/
-MAC80211 PID RATE CONTROL
-M: Stefano Brivio <stefano.brivio@polimi.it>
-M: Mattias Nissler <mattias.nissler@gmx.de>
-L: linux-wireless@vger.kernel.org
-W: http://wireless.kernel.org/en/developers/Documentation/mac80211/RateControl/PID
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next.git
-S: Maintained
-F: net/mac80211/rc80211_pid*
-
MACVLAN DRIVER
M: Patrick McHardy <kaber@trash.net>
L: netdev@vger.kernel.org
F: drivers/net/ethernet/marvell/mvneta.*
MARVELL MWIFIEX WIRELESS DRIVER
-M: Bing Zhao <bzhao@marvell.com>
+M: Amitkumar Karwar <akarwar@marvell.com>
+M: Avinash Patil <patila@marvell.com>
L: linux-wireless@vger.kernel.org
S: Maintained
F: drivers/net/wireless/mwifiex/
MATROX FRAMEBUFFER DRIVER
L: linux-fbdev@vger.kernel.org
S: Orphan
-F: drivers/video/matrox/matroxfb_*
+F: drivers/video/fbdev/matrox/matroxfb_*
F: include/uapi/linux/matroxfb.h
MAX16065 HARDWARE MONITOR DRIVER
F: drivers/irqchip/irq-metag.c
F: drivers/irqchip/irq-metag-ext.c
F: drivers/tty/metag_da.c
-F: fs/imgdafs/
MICROBLAZE ARCHITECTURE
M: Michal Simek <monstr@monstr.eu>
S: Maintained
F: drivers/media/radio/radio-mr800.c
+MRF24J40 IEEE 802.15.4 RADIO DRIVER
+M: Alan Ott <alan@signal11.us>
+L: linux-wpan@vger.kernel.org
+S: Maintained
+F: drivers/net/ieee802154/mrf24j40.c
+
MSI LAPTOP SUPPORT
M: "Lee, Chun-Yi" <jlee@suse.com>
L: platform-driver-x86@vger.kernel.org
Q: http://patchwork.linuxtv.org/project/linux-media/list/
T: git git://linuxtv.org/anttip/media_tree.git
S: Maintained
-F: drivers/staging/media/msi3101/msi001*
+F: drivers/media/tuners/msi001*
-MSI3101 MEDIA DRIVER
+MSI2500 MEDIA DRIVER
M: Antti Palosaari <crope@iki.fi>
L: linux-media@vger.kernel.org
W: http://linuxtv.org/
Q: http://patchwork.linuxtv.org/project/linux-media/list/
T: git git://linuxtv.org/anttip/media_tree.git
S: Maintained
-F: drivers/staging/media/msi3101/sdr-msi3101*
+F: drivers/media/usb/msi2500/
MT9M032 APTINA SENSOR DRIVER
M: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
MULTIFUNCTION DEVICES (MFD)
M: Samuel Ortiz <sameo@linux.intel.com>
M: Lee Jones <lee.jones@linaro.org>
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/sameo/mfd-next.git
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/sameo/mfd-fixes.git
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd.git
S: Supported
F: drivers/mfd/
F: include/linux/mfd/
M: Aloisio Almeida Jr <aloisio.almeida@openbossa.org>
M: Samuel Ortiz <sameo@linux.intel.com>
L: linux-wireless@vger.kernel.org
-L: linux-nfc@lists.01.org (moderated for non-subscribers)
+L: linux-nfc@lists.01.org (subscribers-only)
S: Supported
F: net/nfc/
F: include/net/nfc/
F: drivers/scsi/nsp32*
NTB DRIVER
-M: Jon Mason <jon.mason@intel.com>
+M: Jon Mason <jdmason@kudzu.us>
+M: Dave Jiang <dave.jiang@intel.com>
S: Supported
W: https://github.com/jonmason/ntb/wiki
T: git git://github.com/jonmason/ntb.git
M: Antonino Daplas <adaplas@gmail.com>
L: linux-fbdev@vger.kernel.org
S: Maintained
-F: drivers/video/riva/
-F: drivers/video/nvidia/
+F: drivers/video/fbdev/riva/
+F: drivers/video/fbdev/nvidia/
NVM EXPRESS DRIVER
M: Matthew Wilcox <willy@linux.intel.com>
L: linux-fbdev@vger.kernel.org
L: linux-omap@vger.kernel.org
S: Maintained
-F: drivers/video/omap/
+F: drivers/video/fbdev/omap/
OMAP DISPLAY SUBSYSTEM and FRAMEBUFFER SUPPORT (DSS2)
M: Tomi Valkeinen <tomi.valkeinen@ti.com>
L: linux-omap@vger.kernel.org
L: linux-fbdev@vger.kernel.org
S: Maintained
-F: drivers/video/omap2/
+F: drivers/video/fbdev/omap2/
F: Documentation/arm/OMAP/DSS
OMAP HARDWARE SPINLOCK SUPPORT
F: drivers/mmc/host/omap.c
OMAP HS MMC SUPPORT
-M: Balaji T K <balajitk@ti.com>
L: linux-mmc@vger.kernel.org
L: linux-omap@vger.kernel.org
-S: Maintained
+S: Orphan
F: drivers/mmc/host/omap_hsmmc.c
OMAP RANDOM NUMBER GENERATOR SUPPORT
S: Maintained
F: arch/arm/mach-omap2/omap_hwmod_44xx_data.c
-OMAP IMAGE SIGNAL PROCESSOR (ISP)
+OMAP IMAGING SUBSYSTEM (OMAP3 ISP and OMAP4 ISS)
M: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
L: linux-media@vger.kernel.org
S: Maintained
F: drivers/media/platform/omap3isp/
+F: drivers/staging/media/omap4iss/
OMAP USB SUPPORT
M: Felipe Balbi <balbi@ti.com>
F: drivers/input/serio/gscps2.c
F: drivers/parport/parport_gsc.*
F: drivers/tty/serial/8250/8250_gsc.c
-F: drivers/video/sti*
+F: drivers/video/fbdev/sti*
F: drivers/video/console/sti*
F: drivers/video/logo/logo_parisc*
F: arch/x86/pci/
F: arch/x86/kernel/quirks.c
+PCI DRIVER FOR APPLIEDMICRO XGENE
+M: Tanmay Inamdar <tinamdar@apm.com>
+L: linux-pci@vger.kernel.org
+L: linux-arm-kernel@lists.infradead.org
+S: Maintained
+F: Documentation/devicetree/bindings/pci/xgene-pci.txt
+F: drivers/pci/host/pci-xgene.c
+
PCI DRIVER FOR IMX6
M: Richard Zhu <r65037@freescale.com>
-M: Shawn Guo <shawn.guo@freescale.com>
+M: Lucas Stach <l.stach@pengutronix.de>
L: linux-pci@vger.kernel.org
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
S: Maintained
F: drivers/pci/host/*imx6*
+PCI DRIVER FOR TI KEYSTONE
+M: Murali Karicheri <m-karicheri2@ti.com>
+L: linux-pci@vger.kernel.org
+L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
+S: Maintained
+F: drivers/pci/host/*keystone*
+
PCI DRIVER FOR MVEBU (Marvell Armada 370 and Armada XP SOC support)
M: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
M: Jason Cooper <jason@lakedaemon.net>
F: Documentation/devicetree/bindings/pci/nvidia,tegra20-pcie.txt
F: drivers/pci/host/pci-tegra.c
+PCI DRIVER FOR TI DRA7XX
+M: Kishon Vijay Abraham I <kishon@ti.com>
+L: linux-omap@vger.kernel.org
+L: linux-pci@vger.kernel.org
+S: Supported
+F: Documentation/devicetree/bindings/pci/ti-pci.txt
+F: drivers/pci/host/pci-dra7xx.c
+
PCI DRIVER FOR RENESAS R-CAR
M: Simon Horman <horms@verge.net.au>
L: linux-pci@vger.kernel.org
F: Documentation/devicetree/bindings/pci/host-generic-pci.txt
F: drivers/pci/host/pci-host-generic.c
+PCIE DRIVER FOR ST SPEAR13XX
+M: Mohit Kumar <mohit.kumar@st.com>
+L: linux-pci@vger.kernel.org
+S: Maintained
+F: drivers/pci/host/*spear*
+
PCMCIA SUBSYSTEM
P: Linux PCMCIA Team
L: linux-pcmcia@lists.infradead.org
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
T: git git://github.com/jamieiles/linux-2.6-ji.git
S: Supported
+F: arch/arm/boot/dts/picoxcell*
F: arch/arm/mach-picoxcell/
-F: drivers/*/picoxcell*
-F: drivers/*/*/picoxcell*
+F: drivers/crypto/picoxcell*
PIN CONTROL SUBSYSTEM
M: Linus Walleij <linus.walleij@linaro.org>
F: drivers/pinctrl/sh-pfc/
PIN CONTROLLER - SAMSUNG
-M: Tomasz Figa <t.figa@samsung.com>
+M: Tomasz Figa <tomasz.figa@gmail.com>
M: Thomas Abraham <thomas.abraham@linaro.org>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
L: linux-samsung-soc@vger.kernel.org (moderated for non-subscribers)
S: Maintained
-F: drivers/pinctrl/pinctrl-exynos.*
-F: drivers/pinctrl/pinctrl-s3c*
-F: drivers/pinctrl/pinctrl-samsung.*
+F: drivers/pinctrl/samsung/
PIN CONTROLLER - ST SPEAR
M: Viresh Kumar <viresh.linux@gmail.com>
T: git git://github.com/gxt/linux.git
F: drivers/input/serio/i8042-unicore32io.h
F: drivers/i2c/busses/i2c-puv3.c
-F: drivers/video/fb-puv3.c
+F: drivers/video/fbdev/fb-puv3.c
F: drivers/rtc/rtc-puv3.c
PMBUS HARDWARE MONITORING DRIVERS
PMC SIERRA PM8001 DRIVER
M: xjtuwjp@gmail.com
M: lindar_liu@usish.com
+L: pmchba@pmcs.com
L: linux-scsi@vger.kernel.org
S: Supported
F: drivers/scsi/pm8001/
M: Thomas Gleixner <tglx@linutronix.de>
L: linux-kernel@vger.kernel.org
T: git git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git timers/core
-S: Supported
+S: Maintained
F: fs/timerfd.c
F: include/linux/timer*
-F: kernel/*timer*
+F: kernel/time/*timer*
POWER SUPPLY CLASS/SUBSYSTEM and DRIVERS
+M: Sebastian Reichel <sre@kernel.org>
M: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
M: David Woodhouse <dwmw2@infradead.org>
+L: linux-pm@vger.kernel.org
T: git git://git.infradead.org/battery-2.6.git
S: Maintained
F: include/linux/power_supply.h
F: include/linux/ptp_cl*
PTRACE SUPPORT
-M: Roland McGrath <roland@redhat.com>
+M: Roland McGrath <roland@hack.frob.com>
M: Oleg Nesterov <oleg@redhat.com>
S: Maintained
F: include/asm-generic/syscall.h
S: Maintained
F: drivers/media/usb/pwc/*
+PWM FAN DRIVER
+M: Kamil Debski <k.debski@samsung.com>
+L: lm-sensors@lm-sensors.org
+S: Supported
+F: Documentation/devicetree/bindings/hwmon/pwm-fan.txt
+F: Documentation/hwmon/pwm-fan
+F: drivers/hwmon/pwm-fan.c
+
PWM SUBSYSTEM
M: Thierry Reding <thierry.reding@gmail.com>
L: linux-pwm@vger.kernel.org
F: include/linux/pwm_backlight.h
PXA2xx/PXA3xx SUPPORT
-M: Eric Miao <eric.y.miao@gmail.com>
-M: Russell King <linux@arm.linux.org.uk>
+M: Daniel Mack <daniel@zonque.org>
M: Haojian Zhuang <haojian.zhuang@gmail.com>
+M: Robert Jarzmik <robert.jarzmik@free.fr>
L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
T: git git://github.com/hzhuang1/linux.git
-T: git git://git.linaro.org/people/ycmiao/pxa-linux.git
+T: git git://github.com/rjarzmik/linux.git
S: Maintained
F: arch/arm/mach-pxa/
F: drivers/pcmcia/pxa2xx*
F: drivers/spi/spi-pxa2xx*
-F: drivers/usb/gadget/pxa2*
+F: drivers/usb/gadget/udc/pxa2*
F: include/sound/pxa2xx-lib.h
F: sound/arm/pxa*
F: sound/soc/pxa/
M: Ezequiel Garcia <ezequiel.garcia@free-electrons.com>
L: linux-mtd@lists.infradead.org
S: Maintained
-F: drivers/mtd/nand/pxa3xx-nand.c
+F: drivers/mtd/nand/pxa3xx_nand.c
MMP SUPPORT
M: Eric Miao <eric.y.miao@gmail.com>
L: rtc-linux@googlegroups.com
S: Maintained
+QAT DRIVER
+M: Tadeusz Struk <tadeusz.struk@intel.com>
+L: qat-linux@intel.com
+S: Supported
+F: drivers/crypto/qat/
+
QIB DRIVER
M: Mike Marciniszyn <infinipath@intel.com>
L: linux-rdma@vger.kernel.org
QLOGIC QLCNIC (1/10)Gb ETHERNET DRIVER
M: Shahed Shaikh <shahed.shaikh@qlogic.com>
-M: Dept-HSGLinuxNICDev@qlogic.com
+M: Dept-GELinuxNICDev@qlogic.com
L: netdev@vger.kernel.org
S: Supported
F: drivers/net/ethernet/qlogic/qlcnic/
QLOGIC QLGE 10Gb ETHERNET DRIVER
-M: Shahed Shaikh <shahed.shaikh@qlogic.com>
-M: Jitendra Kalsaria <jitendra.kalsaria@qlogic.com>
-M: Ron Mercer <ron.mercer@qlogic.com>
+M: Harish Patil <harish.patil@qlogic.com>
+M: Sudarsana Kalluru <sudarsana.kalluru@qlogic.com>
+M: Dept-GELinuxNICDev@qlogic.com
M: linux-driver@qlogic.com
L: netdev@vger.kernel.org
S: Supported
M: Benjamin Herrenschmidt <benh@kernel.crashing.org>
L: linux-fbdev@vger.kernel.org
S: Maintained
-F: drivers/video/aty/radeon*
+F: drivers/video/fbdev/aty/radeon*
F: include/uapi/linux/radeonfb.h
RADIOSHARK RADIO DRIVER
M: Paul Mackerras <paulus@samba.org>
L: linux-fbdev@vger.kernel.org
S: Maintained
-F: drivers/video/aty/aty128fb.c
+F: drivers/video/fbdev/aty/aty128fb.c
RALINK RT2X00 WIRELESS LAN DRIVER
P: rt2x00 project
-M: Ivo van Doorn <IvDoorn@gmail.com>
+M: Stanislaw Gruszka <sgruszka@redhat.com>
M: Helmut Schaa <helmut.schaa@googlemail.com>
L: linux-wireless@vger.kernel.org
L: users@rt2x00.serialmonkey.com (moderated for non-subscribers)
W: http://rt2x00.serialmonkey.com/
S: Maintained
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/ivd/rt2x00.git
F: drivers/net/wireless/rt2x00/
RAMDISK RAM BLOCK DEVICE DRIVER
S: Supported
T: git git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu.git
F: Documentation/RCU/torture.txt
-F: kernel/rcu/torture.c
+F: kernel/rcu/rcutorture.c
RCUTORTURE TEST FRAMEWORK
M: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
+M: Josh Triplett <josh@joshtriplett.org>
+R: Steven Rostedt <rostedt@goodmis.org>
+R: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
+R: Lai Jiangshan <laijs@cn.fujitsu.com>
L: linux-kernel@vger.kernel.org
S: Supported
T: git git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu.git
F: net/rds/
READ-COPY UPDATE (RCU)
-M: Dipankar Sarma <dipankar@in.ibm.com>
M: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
+M: Josh Triplett <josh@joshtriplett.org>
+R: Steven Rostedt <rostedt@goodmis.org>
+R: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
+R: Lai Jiangshan <laijs@cn.fujitsu.com>
L: linux-kernel@vger.kernel.org
W: http://www.rdrop.com/users/paulmck/RCU/
S: Supported
F: include/linux/rcu*
X: include/linux/srcu.h
F: kernel/rcu/
-X: kernel/rcu/torture.c
+X: kernel/torture.c
REAL TIME CLOCK (RTC) SUBSYSTEM
M: Alessandro Zummo <a.zummo@towertech.it>
F: include/linux/rtc.h
F: include/uapi/linux/rtc.h
+REALTEK AUDIO CODECS
+M: Bard Liao <bardliao@realtek.com>
+M: Oder Chiou <oder_chiou@realtek.com>
+S: Maintained
+F: sound/soc/codecs/rt*
+F: include/sound/rt*.h
+
REISERFS FILE SYSTEM
L: reiserfs-devel@vger.kernel.org
S: Supported
REGISTER MAP ABSTRACTION
M: Mark Brown <broonie@kernel.org>
+L: linux-kernel@vger.kernel.org
T: git git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap.git
S: Supported
F: drivers/base/regmap/
Q: http://patchwork.linuxtv.org/project/linux-media/list/
T: git git://linuxtv.org/anttip/media_tree.git
S: Maintained
-F: drivers/staging/media/rtl2832u_sdr/rtl2832_sdr*
+F: drivers/media/dvb-frontends/rtl2832_sdr*
RTL8180 WIRELESS DRIVER
M: "John W. Linville" <linville@tuxdriver.com>
M: Antonino Daplas <adaplas@gmail.com>
L: linux-fbdev@vger.kernel.org
S: Maintained
-F: drivers/video/savage/
+F: drivers/video/fbdev/savage/
S390
M: Martin Schwidefsky <schwidefsky@de.ibm.com>
M: Jingoo Han <jg1.han@samsung.com>
L: linux-fbdev@vger.kernel.org
S: Maintained
-F: drivers/video/s3c-fb.c
+F: drivers/video/fbdev/s3c-fb.c
SAMSUNG MULTIFUNCTION DEVICE DRIVERS
M: Sangbeom Kim <sbkim73@samsung.com>
F: drivers/media/i2c/s5k5baf.c
SAMSUNG SOC CLOCK DRIVERS
-M: Tomasz Figa <t.figa@samsung.com>
+M: Sylwester Nawrocki <s.nawrocki@samsung.com>
+M: Tomasz Figa <tomasz.figa@gmail.com>
S: Supported
L: linux-samsung-soc@vger.kernel.org (moderated for non-subscribers)
F: drivers/clk/samsung/
L: netdev@vger.kernel.org
F: drivers/net/ethernet/samsung/sxgbe/
+SAMSUNG USB2 PHY DRIVER
+M: Kamil Debski <k.debski@samsung.com>
+L: linux-kernel@vger.kernel.org
+S: Supported
+F: Documentation/devicetree/bindings/phy/samsung-phy.txt
+F: Documentation/phy/samsung-usb2.txt
+F: drivers/phy/phy-exynos4210-usb2.c
+F: drivers/phy/phy-exynos4x12-usb2.c
+F: drivers/phy/phy-exynos5250-usb2.c
+F: drivers/phy/phy-s5pv210-usb2.c
+F: drivers/phy/phy-samsung-usb2.c
+F: drivers/phy/phy-samsung-usb2.h
+
SERIAL DRIVERS
M: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
L: linux-serial@vger.kernel.org
F: include/linux/mmc/dw_mmc.h
F: drivers/mmc/host/dw_mmc*
+THUNDERBOLT DRIVER
+M: Andreas Noever <andreas.noever@gmail.com>
+S: Maintained
+F: drivers/thunderbolt/
+
TIMEKEEPING, CLOCKSOURCE CORE, NTP
M: John Stultz <john.stultz@linaro.org>
M: Thomas Gleixner <tglx@linutronix.de>
SECURE COMPUTING
M: Kees Cook <keescook@chromium.org>
+ R: Andy Lutomirski <luto@amacapital.net>
+ R: Will Drewry <wad@chromium.org>
T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git seccomp
S: Supported
F: kernel/seccomp.c
W: http://www.winischhofer.net/linuxsisvga.shtml
S: Maintained
F: Documentation/fb/sisfb.txt
-F: drivers/video/sis/
+F: drivers/video/fbdev/sis/
F: include/video/sisfb.h
SIS USB2VGA DRIVER
SLEEPABLE READ-COPY UPDATE (SRCU)
M: Lai Jiangshan <laijs@cn.fujitsu.com>
M: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
+M: Josh Triplett <josh@joshtriplett.org>
+R: Steven Rostedt <rostedt@goodmis.org>
+R: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
L: linux-kernel@vger.kernel.org
W: http://www.rdrop.com/users/paulmck/RCU/
S: Supported
F: Documentation/security/Smack.txt
F: security/smack/
-SMARTREFLEX DRIVERS FOR ADAPTIVE VOLTAGE SCALING (AVS)
+DRIVERS FOR ADAPTIVE VOLTAGE SCALING (AVS)
M: Kevin Hilman <khilman@kernel.org>
M: Nishanth Menon <nm@ti.com>
S: Maintained
-F: drivers/power/avs/smartreflex.c
+F: drivers/power/avs/
F: include/linux/power/smartreflex.h
L: linux-pm@vger.kernel.org
M: Steve Glendinning <steve.glendinning@shawell.net>
L: linux-fbdev@vger.kernel.org
S: Maintained
-F: drivers/video/smscufx.c
+F: drivers/video/fbdev/smscufx.c
SOC-CAMERA V4L2 SUBSYSTEM
M: Guennadi Liakhovetski <g.liakhovetski@gmx.de>
S: Maintained
F: drivers/leds/leds-net48xx.c
+SOFTLOGIC 6x10 MPEG CODEC
+M: Ismael Luceno <ismael.luceno@corp.bluecherry.net>
+L: linux-media@vger.kernel.org
+S: Supported
+F: drivers/media/pci/solo6x10/
+
SOFTWARE RAID (Multiple Disks) SUPPORT
M: Neil Brown <neilb@suse.de>
L: linux-raid@vger.kernel.org
F: sound/core/pcm_dmaengine.c
F: sound/soc/soc-generic-dmaengine-pcm.c
+SP2 MEDIA DRIVER
+M: Olli Salonen <olli.salonen@iki.fi>
+L: linux-media@vger.kernel.org
+W: http://linuxtv.org/
+Q: http://patchwork.linuxtv.org/project/linux-media/list/
+S: Maintained
+F: drivers/media/dvb-frontends/sp2*
+
SPARC + UltraSPARC (sparc/sparc64)
M: "David S. Miller" <davem@davemloft.net>
L: sparclinux@vger.kernel.org
S: Supported
F: drivers/staging/
-STAGING - AGERE HERMES II and II.5 WIRELESS DRIVERS
-M: Henk de Groot <pe1dnn@amsat.org>
-S: Odd Fixes
-F: drivers/staging/wlags49_h2/
-F: drivers/staging/wlags49_h25/
-
-STAGING - ASUS OLED
-M: Jakub Schmidtke <sjakub@gmail.com>
-S: Odd Fixes
-F: drivers/staging/asus_oled/
-
STAGING - COMEDI
M: Ian Abbott <abbotti@mev.co.uk>
M: H Hartley Sweeten <hsweeten@visionengravers.com>
S: Odd Fixes
F: drivers/staging/comedi/
-STAGING - CRYSTAL HD VIDEO DECODER
-M: Naren Sankar <nsankar@broadcom.com>
-M: Jarod Wilson <jarod@wilsonet.com>
-M: Scott Davilla <davilla@4pi.com>
-M: Manu Abraham <abraham.manu@gmail.com>
-S: Odd Fixes
-F: drivers/staging/crystalhd/
-
-STAGING - ECHO CANCELLER
-M: Steve Underwood <steveu@coppice.org>
-M: David Rowe <david@rowetel.com>
-S: Odd Fixes
-F: drivers/staging/echo/
-
-STAGING - ET131X NETWORK DRIVER
-M: Mark Einon <mark.einon@gmail.com>
-S: Odd Fixes
-F: drivers/staging/et131x/
-
STAGING - FLARION FT1000 DRIVERS
M: Marek Belisko <marek.belisko@gmail.com>
S: Odd Fixes
F: drivers/staging/ft1000/
-STAGING - FRONTIER TRANZPORT AND ALPHATRACK
-M: David Täht <d@teklibre.com>
-S: Odd Fixes
-F: drivers/staging/frontier/
-
-STAGING - GO7007 MPEG CODEC
-M: Hans Verkuil <hans.verkuil@cisco.com>
-S: Maintained
-F: drivers/staging/media/go7007/
-
STAGING - INDUSTRIAL IO
M: Jonathan Cameron <jic23@kernel.org>
L: linux-iio@vger.kernel.org
S: Odd Fixes
F: drivers/staging/media/lirc/
+STAGING - LUSTRE PARALLEL FILESYSTEM
+M: Oleg Drokin <oleg.drokin@intel.com>
+M: Andreas Dilger <andreas.dilger@intel.com>
+L: HPDD-discuss@lists.01.org (moderated for non-subscribers)
+W: http://lustre.opensfs.org/
+S: Maintained
+F: drivers/staging/lustre
+
STAGING - NVIDIA COMPLIANT EMBEDDED CONTROLLER INTERFACE (nvec)
M: Julian Andres Klode <jak@jak-linux.org>
M: Marc Dietrich <marvin24@gmx.de>
S: Maintained
F: drivers/staging/rtl8723au/
-STAGING - SILICON MOTION SM7XX FRAME BUFFER DRIVER
-M: Teddy Wang <teddy.wang@siliconmotion.com.cn>
-S: Odd Fixes
-F: drivers/staging/sm7xxfb/
-
STAGING - SLICOSS
M: Lior Dotan <liodot@gmail.com>
M: Christopher Harrer <charrer@alacritech.com>
S: Odd Fixes
F: drivers/staging/slicoss/
-STAGING - SOFTLOGIC 6x10 MPEG CODEC
-M: Ismael Luceno <ismael.luceno@corp.bluecherry.net>
-S: Supported
-F: drivers/staging/media/solo6x10/
-
STAGING - SPEAKUP CONSOLE SPEECH DRIVER
M: William Hubbs <w.d.hubbs@gmail.com>
M: Chris Brannon <chris@the-brannons.com>
M: Kirk Reiser <kirk@reisers.ca>
M: Samuel Thibault <samuel.thibault@ens-lyon.org>
-L: speakup@braille.uwo.ca
+L: speakup@linux-speakup.org
W: http://www.linux-speakup.org/
S: Odd Fixes
F: drivers/staging/speakup/
-STAGING - TI DSP BRIDGE DRIVERS
-M: Omar Ramirez Luna <omar.ramirez@copitl.com>
-S: Odd Fixes
-F: drivers/staging/tidspbridge/
-
-STAGING - USB ENE SM/MS CARD READER DRIVER
-M: Al Cho <acho@novell.com>
-S: Odd Fixes
-F: drivers/staging/keucr/
-
STAGING - VIA VT665X DRIVERS
M: Forest Bond <forest@alittletooquiet.net>
S: Odd Fixes
F: drivers/staging/vt665?/
-STAGING - WINBOND IS89C35 WLAN USB DRIVER
-M: Pavel Machek <pavel@ucw.cz>
-S: Odd Fixes
-F: drivers/staging/winbond/
-
STAGING - XGI Z7,Z9,Z11 PCI DISPLAY DRIVER
M: Arnaud Patard <arnaud.patard@rtp-net.org>
S: Odd Fixes
TEGRA ARCHITECTURE SUPPORT
M: Stephen Warren <swarren@wwwdotorg.org>
M: Thierry Reding <thierry.reding@gmail.com>
+M: Alexandre Courbot <gnurou@gmail.com>
L: linux-tegra@vger.kernel.org
Q: http://patchwork.ozlabs.org/project/linux-tegra/list/
T: git git://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux.git
S: Supported
N: [^a-z]tegra
-TEGRA ASOC DRIVER
-M: Stephen Warren <swarren@wwwdotorg.org>
-S: Supported
-F: sound/soc/tegra/
-
TEGRA CLOCK DRIVER
M: Peter De Schrijver <pdeschrijver@nvidia.com>
M: Prashant Gaikwad <pgaikwad@nvidia.com>
S: Supported
F: drivers/dma/tegra20-apb-dma.c
-TEGRA GPIO DRIVER
-M: Stephen Warren <swarren@wwwdotorg.org>
-S: Supported
-F: drivers/gpio/gpio-tegra.c
-
TEGRA I2C DRIVER
M: Laxman Dewangan <ldewangan@nvidia.com>
S: Supported
S: Supported
F: drivers/input/keyboard/tegra-kbc.c
-TEGRA PINCTRL DRIVER
-M: Stephen Warren <swarren@wwwdotorg.org>
-S: Supported
-F: drivers/pinctrl/pinctrl-tegra*
-
TEGRA PWM DRIVER
M: Thierry Reding <thierry.reding@gmail.com>
S: Supported
S: Supported
F: drivers/thermal/ti-soc-thermal/
+TI CLOCK DRIVER
+M: Tero Kristo <t-kristo@ti.com>
+L: linux-omap@vger.kernel.org
+S: Maintained
+F: drivers/clk/ti/
+F: include/linux/clk/ti.h
+
TI FLASH MEDIA INTERFACE DRIVER
M: Alex Dubov <oakad@yahoo.com>
S: Maintained
F: drivers/mmc/host/tifm_sd.c
F: include/linux/tifm.h
+TI KEYSTONE MULTICORE NAVIGATOR DRIVERS
+M: Santosh Shilimkar <santosh.shilimkar@ti.com>
+L: linux-kernel@vger.kernel.org
+L: linux-arm-kernel@lists.infradead.org (moderated for non-subscribers)
+S: Maintained
+F: drivers/soc/ti/*
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/ssantosh/linux-keystone.git
+
+
TI LM49xxx FAMILY ASoC CODEC DRIVERS
M: M R Swami Reddy <mr.swami.reddy@ti.com>
M: Vishwas A Deshpande <vishwas.a.deshpande@ti.com>
S: Odd fixes
F: drivers/media/usb/tm6000/
+TW68 VIDEO4LINUX DRIVER
+M: Hans Verkuil <hverkuil@xs4all.nl>
+L: linux-media@vger.kernel.org
+T: git git://linuxtv.org/media_tree.git
+W: http://linuxtv.org
+S: Odd Fixes
+F: drivers/media/pci/tw68/
+
TPM DEVICE DRIVER
M: Peter Huewe <peterhuewe@gmx.de>
M: Ashley Lai <ashley@ashleylai.com>
F: include/linux/trace*.h
F: include/trace/
F: kernel/trace/
+F: tools/testing/selftests/ftrace/
TRIVIAL PATCHES
M: Jiri Kosina <trivial@kernel.org>
F: Documentation/usb/ohci.txt
F: drivers/usb/host/ohci*
+USB OVER IP DRIVER
+M: Valentina Manea <valentina.manea.m@gmail.com>
+M: Shuah Khan <shuah.kh@samsung.com>
+L: linux-usb@vger.kernel.org
+S: Maintained
+F: drivers/usb/usbip/
+F: tools/usb/usbip/
+
USB PEGASUS DRIVER
M: Petko Manolov <petkan@nucleusys.com>
L: linux-usb@vger.kernel.org
S: Maintained
F: drivers/net/usb/smsc95xx.*
-USB SN9C1xx DRIVER
-M: Luca Risolia <luca.risolia@studio.unibo.it>
-L: linux-usb@vger.kernel.org
-L: linux-media@vger.kernel.org
-T: git git://linuxtv.org/media_tree.git
-W: http://www.linux-projects.org
-S: Maintained
-F: drivers/staging/media/sn9c102/
-
USB SUBSYSTEM
M: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
L: linux-usb@vger.kernel.org
M: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
L: linux-usb@vger.kernel.org
S: Maintained
-F: drivers/usb/gadget/*uvc*.c
-F: drivers/usb/gadget/webcam.c
+F: drivers/usb/gadget/function/*uvc*
+F: drivers/usb/gadget/legacy/webcam.c
USB WIRELESS RNDIS DRIVER (rndis_wlan)
M: Jussi Kivilinna <jussi.kivilinna@iki.fi>
W: http://dev.gentoo.org/~spock/projects/uvesafb/
S: Maintained
F: Documentation/fb/uvesafb.txt
-F: drivers/video/uvesafb.*
+F: drivers/video/fbdev/uvesafb.*
VFAT/FAT/MSDOS FILESYSTEM
M: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
F: include/linux/via-core.h
F: include/linux/via-gpio.h
F: include/linux/via_i2c.h
-F: drivers/video/via/
+F: drivers/video/fbdev/via/
VIA VELOCITY NETWORK DRIVER
M: Francois Romieu <romieu@fr.zoreil.com>
VOLTAGE AND CURRENT REGULATOR FRAMEWORK
M: Liam Girdwood <lgirdwood@gmail.com>
M: Mark Brown <broonie@kernel.org>
+L: linux-kernel@vger.kernel.org
W: http://opensource.wolfsonmicro.com/node/15
W: http://www.slimlogic.co.uk/?p=48
T: git git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator.git
S: Maintained
F: drivers/mmc/host/wbsd.*
+WACOM PROTOCOL 4 SERIAL TABLETS
+M: Julian Squires <julian@cipht.net>
+M: Hans de Goede <hdegoede@redhat.com>
+L: linux-input@vger.kernel.org
+S: Maintained
+F: drivers/input/tablet/wacom_serial4.c
+
WATCHDOG DEVICE DRIVERS
M: Wim Van Sebroeck <wim@iguana.be>
L: linux-watchdog@vger.kernel.org
F: arch/x86/
X86 PLATFORM DRIVERS
-M: Matthew Garrett <matthew.garrett@nebula.com>
+M: Darren Hart <dvhart@infradead.org>
L: platform-driver-x86@vger.kernel.org
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/mjg59/platform-drivers-x86.git
+T: git git://git.infradead.org/users/dvhart/linux-platform-drivers-x86.git
S: Maintained
F: drivers/platform/x86/
F: arch/x86/pci/*xen*
F: drivers/pci/*xen*
+XEN BLOCK SUBSYSTEM
+M: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+L: xen-devel@lists.xenproject.org (moderated for non-subscribers)
+S: Supported
+F: drivers/block/xen-blkback/*
+F: drivers/block/xen*
+
+XEN PVSCSI DRIVERS
+M: Juergen Gross <jgross@suse.com>
+L: xen-devel@lists.xenproject.org (moderated for non-subscribers)
+L: linux-scsi@vger.kernel.org
+S: Supported
+F: drivers/scsi/xen-scsifront.c
+F: drivers/xen/xen-scsiback.c
+F: include/xen/interface/io/vscsiif.h
+
XEN SWIOTLB SUBSYSTEM
M: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
L: xen-devel@lists.xenproject.org (moderated for non-subscribers)
S: Maintained
F: drivers/tty/serial/uartlite.c
+XILLYBUS DRIVER
+M: Eli Billauer <eli.billauer@gmail.com>
+L: linux-kernel@vger.kernel.org
+S: Supported
+F: drivers/char/xillybus/
+
XTENSA XTFPGA PLATFORM SUPPORT
M: Max Filippov <jcmvbkbc@gmail.com>
L: linux-xtensa@linux-xtensa.org
#include <linux/device_cgroup.h>
#include <linux/fs_struct.h>
#include <linux/posix_acl.h>
+#include <linux/hash.h>
#include <asm/uaccess.h>
#include "internal.h"
static __always_inline void set_root(struct nameidata *nd)
{
- if (!nd->root.mnt)
- get_fs_root(current->fs, &nd->root);
+ get_fs_root(current->fs, &nd->root);
}
static int link_path_walk(const char *, struct nameidata *);
-static __always_inline void set_root_rcu(struct nameidata *nd)
+static __always_inline unsigned set_root_rcu(struct nameidata *nd)
{
- if (!nd->root.mnt) {
- struct fs_struct *fs = current->fs;
- unsigned seq;
+ struct fs_struct *fs = current->fs;
+ unsigned seq, res;
- do {
- seq = read_seqcount_begin(&fs->seq);
- nd->root = fs->root;
- nd->seq = __read_seqcount_begin(&nd->root.dentry->d_seq);
- } while (read_seqcount_retry(&fs->seq, seq));
- }
+ do {
+ seq = read_seqcount_begin(&fs->seq);
+ nd->root = fs->root;
+ res = __read_seqcount_begin(&nd->root.dentry->d_seq);
+ } while (read_seqcount_retry(&fs->seq, seq));
+ return res;
}
static void path_put_conditional(struct path *path, struct nameidata *nd)
return PTR_ERR(s);
}
if (*s == '/') {
- set_root(nd);
+ if (!nd->root.mnt)
+ set_root(nd);
path_put(&nd->path);
nd->path = nd->root;
path_get(&nd->root);
}
EXPORT_SYMBOL(follow_down_one);
-static inline bool managed_dentry_might_block(struct dentry *dentry)
+static inline int managed_dentry_rcu(struct dentry *dentry)
{
- return (dentry->d_flags & DCACHE_MANAGE_TRANSIT &&
- dentry->d_op->d_manage(dentry, true) < 0);
+ return (dentry->d_flags & DCACHE_MANAGE_TRANSIT) ?
+ dentry->d_op->d_manage(dentry, true) : 0;
}
/*
* Don't forget we might have a non-mountpoint managed dentry
* that wants to block transit.
*/
- if (unlikely(managed_dentry_might_block(path->dentry)))
+ switch (managed_dentry_rcu(path->dentry)) {
+ case -ECHILD:
+ default:
return false;
+ case -EISDIR:
+ return true;
+ case 0:
+ break;
+ }
if (!d_mountpoint(path->dentry))
- return true;
+ return !(path->dentry->d_flags & DCACHE_NEED_AUTOMOUNT);
mounted = __lookup_mnt(path->mnt, path->dentry);
if (!mounted)
*/
*inode = path->dentry->d_inode;
}
- return read_seqretry(&mount_lock, nd->m_seq);
+ return !read_seqretry(&mount_lock, nd->m_seq) &&
+ !(path->dentry->d_flags & DCACHE_NEED_AUTOMOUNT);
}
static int follow_dotdot_rcu(struct nameidata *nd)
{
- set_root_rcu(nd);
+ struct inode *inode = nd->inode;
+ if (!nd->root.mnt)
+ set_root_rcu(nd);
while (1) {
if (nd->path.dentry == nd->root.dentry &&
struct dentry *parent = old->d_parent;
unsigned seq;
+ inode = parent->d_inode;
seq = read_seqcount_begin(&parent->d_seq);
if (read_seqcount_retry(&old->d_seq, nd->seq))
goto failed;
}
if (!follow_up_rcu(&nd->path))
break;
+ inode = nd->path.dentry->d_inode;
nd->seq = read_seqcount_begin(&nd->path.dentry->d_seq);
}
while (d_mountpoint(nd->path.dentry)) {
break;
nd->path.mnt = &mounted->mnt;
nd->path.dentry = mounted->mnt.mnt_root;
+ inode = nd->path.dentry->d_inode;
nd->seq = read_seqcount_begin(&nd->path.dentry->d_seq);
- if (!read_seqretry(&mount_lock, nd->m_seq))
+ if (read_seqretry(&mount_lock, nd->m_seq))
goto failed;
}
- nd->inode = nd->path.dentry->d_inode;
+ nd->inode = inode;
return 0;
failed:
static void follow_dotdot(struct nameidata *nd)
{
- set_root(nd);
+ if (!nd->root.mnt)
+ set_root(nd);
while(1) {
struct dentry *old = nd->path.dentry;
}
path->mnt = mnt;
path->dentry = dentry;
- if (unlikely(!__follow_mount_rcu(nd, path, inode)))
- goto unlazy;
- if (unlikely(path->dentry->d_flags & DCACHE_NEED_AUTOMOUNT))
- goto unlazy;
- return 0;
+ if (likely(__follow_mount_rcu(nd, path, inode)))
+ return 0;
unlazy:
if (unlazy_walk(nd, dentry))
return -ECHILD;
static inline unsigned int fold_hash(unsigned long hash)
{
- hash += hash >> (8*sizeof(int));
- return hash;
+ return hash_64(hash, 32);
}
#else /* 32-bit case */
/*
* Calculate the length and hash of the path component, and
- * return the length of the component;
+ * return the "hash_len" as the result.
*/
-static inline unsigned long hash_name(const char *name, unsigned int *hashp)
+static inline u64 hash_name(const char *name)
{
unsigned long a, b, adata, bdata, mask, hash, len;
const struct word_at_a_time constants = WORD_AT_A_TIME_CONSTANTS;
mask = create_zero_mask(adata | bdata);
hash += a & zero_bytemask(mask);
- *hashp = fold_hash(hash);
-
- return len + find_zero(mask);
+ len += find_zero(mask);
+ return hashlen_create(fold_hash(hash), len);
}
#else
* We know there's a real path component here of at least
* one character.
*/
-static inline unsigned long hash_name(const char *name, unsigned int *hashp)
+static inline u64 hash_name(const char *name)
{
unsigned long hash = init_name_hash();
unsigned long len = 0, c;
hash = partial_name_hash(c, hash);
c = (unsigned char)name[len];
} while (c && c != '/');
- *hashp = end_name_hash(hash);
- return len;
+ return hashlen_create(end_name_hash(hash), len);
}
#endif
/* At this point we know we have a real path component. */
for(;;) {
- struct qstr this;
- long len;
+ u64 hash_len;
int type;
err = may_lookup(nd);
if (err)
break;
- len = hash_name(name, &this.hash);
- this.name = name;
- this.len = len;
+ hash_len = hash_name(name);
type = LAST_NORM;
- if (name[0] == '.') switch (len) {
+ if (name[0] == '.') switch (hashlen_len(hash_len)) {
case 2:
if (name[1] == '.') {
type = LAST_DOTDOT;
struct dentry *parent = nd->path.dentry;
nd->flags &= ~LOOKUP_JUMPED;
if (unlikely(parent->d_flags & DCACHE_OP_HASH)) {
+ struct qstr this = { { .hash_len = hash_len }, .name = name };
err = parent->d_op->d_hash(parent, &this);
if (err < 0)
break;
+ hash_len = this.hash_len;
+ name = this.name;
}
}
- nd->last = this;
+ nd->last.hash_len = hash_len;
+ nd->last.name = name;
nd->last_type = type;
- if (!name[len])
+ name += hashlen_len(hash_len);
+ if (!*name)
return 0;
/*
* If it wasn't NUL, we know it was '/'. Skip that
* slash, and continue until no more slashes.
*/
do {
- len++;
- } while (unlikely(name[len] == '/'));
- if (!name[len])
+ name++;
+ } while (unlikely(*name == '/'));
+ if (!*name)
return 0;
- name += len;
-
err = walk_component(nd, &next, LOOKUP_FOLLOW);
if (err < 0)
return err;
if (*name=='/') {
if (flags & LOOKUP_RCU) {
rcu_read_lock();
- set_root_rcu(nd);
+ nd->seq = set_root_rcu(nd);
} else {
set_root(nd);
path_get(&nd->root);
}
nd->inode = nd->path.dentry->d_inode;
- return 0;
+ if (!(flags & LOOKUP_RCU))
+ return 0;
+ if (likely(!read_seqcount_retry(&nd->path.dentry->d_seq, nd->seq)))
+ return 0;
+ if (!(nd->flags & LOOKUP_ROOT))
+ nd->root.mnt = NULL;
+ rcu_read_unlock();
+ return -ECHILD;
}
static inline int lookup_last(struct nameidata *nd, struct path *path)
error = open_check_o_direct(file);
if (error)
goto exit_fput;
- error = ima_file_check(file, op->acc_mode);
+ error = ima_file_check(file, op->acc_mode, *opened);
if (error)
goto exit_fput;
* The worst of all namespace operations - renaming directory. "Perverted"
* doesn't even start to describe it. Somebody in UCB had a heck of a trip...
* Problems:
- * a) we can get into loop creation. Check is done in is_subdir().
+ * a) we can get into loop creation.
* b) race potential - two innocent renames can create a loop together.
* That's where 4.4 screws up. Current fix: serialization on
* sb->s_vfs_rename_mutex. We might be more accurate, but that's another
if (error)
return error;
- if (!old_dir->i_op->rename)
+ if (!old_dir->i_op->rename && !old_dir->i_op->rename2)
return -EPERM;
if (flags && !old_dir->i_op->rename2)
if (error)
goto out;
}
- if (!flags) {
+ if (!old_dir->i_op->rename2) {
error = old_dir->i_op->rename(old_dir, old_dentry,
new_dir, new_dentry);
} else {
+ WARN_ON(old_dir->i_op->rename != NULL);
error = old_dir->i_op->rename2(old_dir, old_dentry,
new_dir, new_dentry, flags);
}
dprintk("nfsd: nfsd_lookup(fh %s, %.*s)\n", SVCFH_fmt(fhp), len,name);
dparent = fhp->fh_dentry;
- exp = fhp->fh_export;
- exp_get(exp);
+ exp = exp_get(fhp->fh_export);
/* Lookup the name, but don't follow links */
if (isdotent(name, len)) {
if (err)
goto out;
size_change = 1;
+
+ /*
+ * RFC5661, Section 18.30.4:
+ * Changing the size of a file with SETATTR indirectly
+ * changes the time_modify and change attributes.
+ *
+ * (and similar for the older RFCs)
+ */
+ if (iap->ia_size != i_size_read(inode))
+ iap->ia_valid |= ATTR_MTIME;
}
iap->ia_valid |= ATTR_CTIME;
if (size_change)
put_write_access(inode);
if (!err)
- commit_metadata(fhp);
+ err = nfserrno(commit_metadata(fhp));
out:
return err;
}
{
struct path path;
struct inode *inode;
+ struct file *file;
int flags = O_RDONLY|O_LARGEFILE;
__be32 err;
int host_err = 0;
else
flags = O_WRONLY|O_LARGEFILE;
}
- *filp = dentry_open(&path, flags, current_cred());
- if (IS_ERR(*filp)) {
- host_err = PTR_ERR(*filp);
- *filp = NULL;
- } else {
- host_err = ima_file_check(*filp, may_flags, 0);
- if (may_flags & NFSD_MAY_64BIT_COOKIE)
- (*filp)->f_mode |= FMODE_64BITHASH;
- else
- (*filp)->f_mode |= FMODE_32BITHASH;
+ file = dentry_open(&path, flags, current_cred());
+ if (IS_ERR(file)) {
+ host_err = PTR_ERR(file);
+ goto out_nfserr;
}
- host_err = ima_file_check(file, may_flags);
++ host_err = ima_file_check(file, may_flags, 0);
+ if (host_err) {
+ nfsd_close(file);
+ goto out_nfserr;
+ }
+
+ if (may_flags & NFSD_MAY_64BIT_COOKIE)
+ file->f_mode |= FMODE_64BITHASH;
+ else
+ file->f_mode |= FMODE_32BITHASH;
+
+ *filp = file;
out_nfserr:
err = nfserrno(host_err);
out:
return __splice_from_pipe(pipe, sd, nfsd_splice_actor);
}
-__be32 nfsd_finish_read(struct file *file, unsigned long *count, int host_err)
+static __be32
+nfsd_finish_read(struct file *file, unsigned long *count, int host_err)
{
if (host_err >= 0) {
nfsdstats.io_read += host_err;
return nfserrno(host_err);
}
-int nfsd_splice_read(struct svc_rqst *rqstp,
+__be32 nfsd_splice_read(struct svc_rqst *rqstp,
struct file *file, loff_t offset, unsigned long *count)
{
struct splice_desc sd = {
return nfsd_finish_read(file, count, host_err);
}
-int nfsd_readv(struct file *file, loff_t offset, struct kvec *vec, int vlen,
+__be32 nfsd_readv(struct file *file, loff_t offset, struct kvec *vec, int vlen,
unsigned long *count)
{
mm_segment_t oldfs;
iap->ia_valid &= ~(ATTR_UID|ATTR_GID);
if (iap->ia_valid)
return nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0);
- return 0;
+ /* Callers expect file metadata to be committed here */
+ return nfserrno(commit_metadata(resfhp));
}
/* HPUX client sometimes creates a file in mode 000, and sets size to 0.
err = nfsd_create_setattr(rqstp, resfhp, iap);
/*
- * nfsd_setattr already committed the child. Transactional filesystems
- * had a chance to commit changes for both parent and child
- * simultaneously making the following commit_metadata a noop.
+ * nfsd_create_setattr already committed the child. Transactional
+ * filesystems had a chance to commit changes for both parent and
+ * child * simultaneously making the following commit_metadata a
+ * noop.
*/
err2 = nfserrno(commit_metadata(fhp));
if (err2)
err = nfsd_create_setattr(rqstp, resfhp, iap);
/*
- * nfsd_setattr already committed the child (and possibly also the parent).
+ * nfsd_create_setattr already committed the child
+ * (and possibly also the parent).
*/
if (!err)
err = nfserrno(commit_metadata(fhp));
__be32
nfsd_symlink(struct svc_rqst *rqstp, struct svc_fh *fhp,
char *fname, int flen,
- char *path, int plen,
- struct svc_fh *resfhp,
- struct iattr *iap)
+ char *path,
+ struct svc_fh *resfhp)
{
struct dentry *dentry, *dnew;
__be32 err, cerr;
int host_err;
err = nfserr_noent;
- if (!flen || !plen)
+ if (!flen || path[0] == '\0')
goto out;
err = nfserr_exist;
if (isdotent(fname, flen))
if (IS_ERR(dnew))
goto out_nfserr;
- if (unlikely(path[plen] != 0)) {
- char *path_alloced = kmalloc(plen+1, GFP_KERNEL);
- if (path_alloced == NULL)
- host_err = -ENOMEM;
- else {
- strncpy(path_alloced, path, plen);
- path_alloced[plen] = 0;
- host_err = vfs_symlink(dentry->d_inode, dnew, path_alloced);
- kfree(path_alloced);
- }
- } else
- host_err = vfs_symlink(dentry->d_inode, dnew, path);
+ host_err = vfs_symlink(dentry->d_inode, dnew, path);
err = nfserrno(host_err);
if (!err)
err = nfserrno(commit_metadata(fhp));
if (raparm_hash[0].pb_head)
return 0;
nperbucket = DIV_ROUND_UP(cache_size, RAPARM_HASH_SIZE);
- if (nperbucket < 2)
- nperbucket = 2;
+ nperbucket = max(2, nperbucket);
cache_size = nperbucket * RAPARM_HASH_SIZE;
dprintk("nfsd: allocating %d readahead buffers.\n", cache_size);
#define TAINT_FIRMWARE_WORKAROUND 11
#define TAINT_OOT_MODULE 12
#define TAINT_UNSIGNED_MODULE 13
+#define TAINT_SOFTLOCKUP 14
extern const char hex_asc[];
#define hex_asc_lo(x) hex_asc[((x) & 0x0f)]
return buf;
}
-static inline char * __deprecated pack_hex_byte(char *buf, u8 byte)
-{
- return hex_byte_pack(buf, byte);
-}
-
extern int hex_to_bin(char ch);
extern int __must_check hex2bin(u8 *dst, const char *src, size_t count);
+ extern char *bin2hex(char *dst, const void *src, size_t count);
-int mac_pton(const char *s, u8 *mac);
+bool mac_pton(const char *s, u8 *mac);
/*
* General tracing related utility functions - trace_printk(),
(void) (&_max1 == &_max2); \
_max1 > _max2 ? _max1 : _max2; })
-#define min3(x, y, z) ({ \
- typeof(x) _min1 = (x); \
- typeof(y) _min2 = (y); \
- typeof(z) _min3 = (z); \
- (void) (&_min1 == &_min2); \
- (void) (&_min1 == &_min3); \
- _min1 < _min2 ? (_min1 < _min3 ? _min1 : _min3) : \
- (_min2 < _min3 ? _min2 : _min3); })
-
-#define max3(x, y, z) ({ \
- typeof(x) _max1 = (x); \
- typeof(y) _max2 = (y); \
- typeof(z) _max3 = (z); \
- (void) (&_max1 == &_max2); \
- (void) (&_max1 == &_max3); \
- _max1 > _max2 ? (_max1 > _max3 ? _max1 : _max3) : \
- (_max2 > _max3 ? _max2 : _max3); })
+#define min3(x, y, z) min((typeof(x))min(x, y), z)
+#define max3(x, y, z) max((typeof(x))max(x, y), z)
/**
* min_not_zero - return the minimum that is _not_ zero, unless both are zero
/**
* clamp - return a value clamped to a given range with strict typechecking
* @val: current value
- * @min: minimum allowable value
- * @max: maximum allowable value
+ * @lo: lowest allowable value
+ * @hi: highest allowable value
*
- * This macro does strict typechecking of min/max to make sure they are of the
+ * This macro does strict typechecking of lo/hi to make sure they are of the
* same type as val. See the unnecessary pointer comparisons.
*/
-#define clamp(val, min, max) ({ \
- typeof(val) __val = (val); \
- typeof(min) __min = (min); \
- typeof(max) __max = (max); \
- (void) (&__val == &__min); \
- (void) (&__val == &__max); \
- __val = __val < __min ? __min: __val; \
- __val > __max ? __max: __val; })
+#define clamp(val, lo, hi) min((typeof(val))max(val, lo), hi)
/*
* ..and if you can't take the strict
* clamp_t - return a value clamped to a given range using a given type
* @type: the type of variable to use
* @val: current value
- * @min: minimum allowable value
- * @max: maximum allowable value
+ * @lo: minimum allowable value
+ * @hi: maximum allowable value
*
* This macro does no typechecking and uses temporary variables of type
* 'type' to make all the comparisons.
*/
-#define clamp_t(type, val, min, max) ({ \
- type __val = (val); \
- type __min = (min); \
- type __max = (max); \
- __val = __val < __min ? __min: __val; \
- __val > __max ? __max: __val; })
+#define clamp_t(type, val, lo, hi) min_t(type, max_t(type, val, lo), hi)
/**
* clamp_val - return a value clamped to a given range using val's type
* @val: current value
- * @min: minimum allowable value
- * @max: maximum allowable value
+ * @lo: minimum allowable value
+ * @hi: maximum allowable value
*
* This macro does no typechecking and uses temporary variables of whatever
* type the input argument 'val' is. This is useful when val is an unsigned
* type and min and max are literals that will otherwise be assigned a signed
* integer type.
*/
-#define clamp_val(val, min, max) ({ \
- typeof(val) __val = (val); \
- typeof(val) __min = (min); \
- typeof(val) __max = (max); \
- __val = __val < __min ? __min: __val; \
- __val > __max ? __max: __val; })
+#define clamp_val(val, lo, hi) clamp_t(typeof(val), val, lo, hi)
/*
/* User perms >= group perms >= other perms */ \
BUILD_BUG_ON_ZERO(((perms) >> 6) < (((perms) >> 3) & 7)) + \
BUILD_BUG_ON_ZERO((((perms) >> 3) & 7) < ((perms) & 7)) + \
+ /* Other writable? Generally considered a bad idea. */ \
+ BUILD_BUG_ON_ZERO((perms) & 2) + \
(perms))
#endif
int (*file_lock) (struct file *file, unsigned int cmd);
int (*file_fcntl) (struct file *file, unsigned int cmd,
unsigned long arg);
- int (*file_set_fowner) (struct file *file);
+ void (*file_set_fowner) (struct file *file);
int (*file_send_sigiotask) (struct task_struct *tsk,
struct fown_struct *fown, int sig);
int (*file_receive) (struct file *file);
unsigned long prot);
int security_file_lock(struct file *file, unsigned int cmd);
int security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg);
-int security_file_set_fowner(struct file *file);
+void security_file_set_fowner(struct file *file);
int security_file_send_sigiotask(struct task_struct *tsk,
struct fown_struct *fown, int sig);
int security_file_receive(struct file *file);
static inline int security_inode_init_security(struct inode *inode,
struct inode *dir,
const struct qstr *qstr,
- const initxattrs initxattrs,
+ const initxattrs xattrs,
void *fs_data)
{
return 0;
return 0;
}
-static inline int security_file_set_fowner(struct file *file)
+static inline void security_file_set_fowner(struct file *file)
{
- return 0;
+ return;
}
static inline int security_file_send_sigiotask(struct task_struct *tsk,
.preparse = rxrpc_preparse,
.free_preparse = rxrpc_free_preparse,
.instantiate = generic_key_instantiate,
- .match = user_match,
.destroy = rxrpc_destroy,
.describe = rxrpc_describe,
.read = rxrpc_read,
.preparse = rxrpc_preparse_s,
.free_preparse = rxrpc_free_preparse_s,
.instantiate = generic_key_instantiate,
- .match = user_match,
.destroy = rxrpc_destroy_s,
.describe = rxrpc_describe,
};
n_elem = ntohl(*xdr++);
toklen -= 4;
- if (n_elem < 0 || n_elem > max_n_elem)
+ if (n_elem > max_n_elem)
return -EINVAL;
*_n_elem = n_elem;
if (n_elem > 0) {
if (copy_to_user(xdr, (s), _l) != 0) \
goto fault; \
if (_l & 3 && \
- copy_to_user((u8 *)xdr + _l, &zero, 4 - (_l & 3)) != 0) \
+ copy_to_user((u8 __user *)xdr + _l, &zero, 4 - (_l & 3)) != 0) \
goto fault; \
xdr += (_l + 3) >> 2; \
} while(0)
struct rb_root key_user_tree; /* tree of quota records indexed by UID */
DEFINE_SPINLOCK(key_user_lock);
-unsigned int key_quota_root_maxkeys = 200; /* root's key count quota */
-unsigned int key_quota_root_maxbytes = 20000; /* root's key space quota */
+unsigned int key_quota_root_maxkeys = 1000000; /* root's key count quota */
+unsigned int key_quota_root_maxbytes = 25000000; /* root's key space quota */
unsigned int key_quota_maxkeys = 200; /* general key count quota */
unsigned int key_quota_maxbytes = 20000; /* general key space quota */
}
key_ref = ERR_PTR(-EINVAL);
- if (!index_key.type->match || !index_key.type->instantiate ||
+ if (!index_key.type->instantiate ||
(!index_key.description && !index_key.type->preparse))
goto error_put_type;
#define key_negative_timeout 60 /* default timeout on a negative key's existence */
-/*
- * wait_on_bit() sleep function for uninterruptible waiting
- */
-static int key_wait_bit(void *flags)
-{
- schedule();
- return 0;
-}
-
-/*
- * wait_on_bit() sleep function for interruptible waiting
- */
-static int key_wait_bit_intr(void *flags)
-{
- schedule();
- return signal_pending(current) ? -ERESTARTSYS : 0;
-}
-
/**
* complete_request_key - Complete the construction of a key.
* @cons: The key construction record.
.index_key.type = type,
.index_key.description = description,
.cred = current_cred(),
- .match = type->match,
- .match_data = description,
- .flags = KEYRING_SEARCH_LOOKUP_DIRECT,
+ .match_data.cmp = key_default_cmp,
+ .match_data.raw_data = description,
+ .match_data.lookup_type = KEYRING_SEARCH_LOOKUP_DIRECT,
};
struct key *key;
key_ref_t key_ref;
ctx.index_key.type->name, ctx.index_key.description,
callout_info, callout_len, aux, dest_keyring, flags);
+ if (type->match_preparse) {
+ ret = type->match_preparse(&ctx.match_data);
+ if (ret < 0) {
+ key = ERR_PTR(ret);
+ goto error;
+ }
+ }
+
/* search all the process keyrings for a key */
key_ref = search_process_keyrings(&ctx);
if (ret < 0) {
key_put(key);
key = ERR_PTR(ret);
- goto error;
+ goto error_free;
}
}
} else if (PTR_ERR(key_ref) != -EAGAIN) {
* should consult userspace if we can */
key = ERR_PTR(-ENOKEY);
if (!callout_info)
- goto error;
+ goto error_free;
key = construct_key_and_link(&ctx, callout_info, callout_len,
aux, dest_keyring, flags);
}
+ error_free:
+ if (type->match_free)
+ type->match_free(&ctx.match_data);
error:
kleave(" = %p", key);
return key;
int ret;
ret = wait_on_bit(&key->flags, KEY_FLAG_USER_CONSTRUCT,
- intr ? key_wait_bit_intr : key_wait_bit,
intr ? TASK_INTERRUPTIBLE : TASK_UNINTERRUPTIBLE);
- if (ret < 0)
- return ret;
+ if (ret)
+ return -ERESTARTSYS;
if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) {
smp_rmb();
return key->type_data.reject_error;
/* binprm security operations */
+ static int check_nnp_nosuid(const struct linux_binprm *bprm,
+ const struct task_security_struct *old_tsec,
+ const struct task_security_struct *new_tsec)
+ {
+ int nnp = (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS);
+ int nosuid = (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID);
+ int rc;
+
+ if (!nnp && !nosuid)
+ return 0; /* neither NNP nor nosuid */
+
+ if (new_tsec->sid == old_tsec->sid)
+ return 0; /* No change in credentials */
+
+ /*
+ * The only transitions we permit under NNP or nosuid
+ * are transitions to bounded SIDs, i.e. SIDs that are
+ * guaranteed to only be allowed a subset of the permissions
+ * of the current SID.
+ */
+ rc = security_bounded_transition(old_tsec->sid, new_tsec->sid);
+ if (rc) {
+ /*
+ * On failure, preserve the errno values for NNP vs nosuid.
+ * NNP: Operation not permitted for caller.
+ * nosuid: Permission denied to file.
+ */
+ if (nnp)
+ return -EPERM;
+ else
+ return -EACCES;
+ }
+ return 0;
+ }
+
static int selinux_bprm_set_creds(struct linux_binprm *bprm)
{
const struct task_security_struct *old_tsec;
/* Reset exec SID on execve. */
new_tsec->exec_sid = 0;
- /*
- * Minimize confusion: if no_new_privs or nosuid and a
- * transition is explicitly requested, then fail the exec.
- */
- if (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS)
- return -EPERM;
- if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)
- return -EACCES;
+ /* Fail on NNP or nosuid if not an allowed transition. */
+ rc = check_nnp_nosuid(bprm, old_tsec, new_tsec);
+ if (rc)
+ return rc;
} else {
/* Check for a default transition on this program. */
rc = security_transition_sid(old_tsec->sid, isec->sid,
&new_tsec->sid);
if (rc)
return rc;
+
+ /*
+ * Fallback to old SID on NNP or nosuid if not an allowed
+ * transition.
+ */
+ rc = check_nnp_nosuid(bprm, old_tsec, new_tsec);
+ if (rc)
+ new_tsec->sid = old_tsec->sid;
}
ad.type = LSM_AUDIT_DATA_PATH;
ad.u.path = bprm->file->f_path;
- if ((bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID) ||
- (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS))
- new_tsec->sid = old_tsec->sid;
-
if (new_tsec->sid == old_tsec->sid) {
rc = avc_has_perm(old_tsec->sid, isec->sid,
SECCLASS_FILE, FILE__EXECUTE_NO_TRANS, &ad);
return err;
}
-static int selinux_file_set_fowner(struct file *file)
+static void selinux_file_set_fowner(struct file *file)
{
struct file_security_struct *fsec;
fsec = file->f_security;
fsec->fown_sid = current_sid();
-
- return 0;
}
static int selinux_file_send_sigiotask(struct task_struct *tsk,
&ad);
}
- static int selinux_inet_sys_rcv_skb(int ifindex, char *addrp, u16 family,
- u32 peer_sid,
+ static int selinux_inet_sys_rcv_skb(struct net *ns, int ifindex,
+ char *addrp, u16 family, u32 peer_sid,
struct common_audit_data *ad)
{
int err;
u32 if_sid;
u32 node_sid;
- err = sel_netif_sid(ifindex, &if_sid);
+ err = sel_netif_sid(ns, ifindex, &if_sid);
if (err)
return err;
err = avc_has_perm(peer_sid, if_sid,
err = selinux_skb_peerlbl_sid(skb, family, &peer_sid);
if (err)
return err;
- err = selinux_inet_sys_rcv_skb(skb->skb_iif, addrp, family,
- peer_sid, &ad);
+ err = selinux_inet_sys_rcv_skb(sock_net(sk), skb->skb_iif,
+ addrp, family, peer_sid, &ad);
if (err) {
selinux_netlbl_err(skb, err, 0);
return err;
err = selinux_nlmsg_lookup(sksec->sclass, nlh->nlmsg_type, &perm);
if (err) {
if (err == -EINVAL) {
- audit_log(current->audit_context, GFP_KERNEL, AUDIT_SELINUX_ERR,
- "SELinux: unrecognized netlink message"
- " type=%hu for sclass=%hu\n",
- nlh->nlmsg_type, sksec->sclass);
+ WARN_ONCE(1, "selinux_nlmsg_perm: unrecognized netlink message:"
+ " protocol=%hu nlmsg_type=%hu sclass=%hu\n",
+ sk->sk_protocol, nlh->nlmsg_type, sksec->sclass);
if (!selinux_enforcing || security_get_allow_unknown())
err = 0;
}
#ifdef CONFIG_NETFILTER
- static unsigned int selinux_ip_forward(struct sk_buff *skb, int ifindex,
+ static unsigned int selinux_ip_forward(struct sk_buff *skb,
+ const struct net_device *indev,
u16 family)
{
int err;
ad.type = LSM_AUDIT_DATA_NET;
ad.u.net = &net;
- ad.u.net->netif = ifindex;
+ ad.u.net->netif = indev->ifindex;
ad.u.net->family = family;
if (selinux_parse_skb(skb, &ad, &addrp, 1, NULL) != 0)
return NF_DROP;
if (peerlbl_active) {
- err = selinux_inet_sys_rcv_skb(ifindex, addrp, family,
- peer_sid, &ad);
+ err = selinux_inet_sys_rcv_skb(dev_net(indev), indev->ifindex,
+ addrp, family, peer_sid, &ad);
if (err) {
selinux_netlbl_err(skb, err, 1);
return NF_DROP;
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
- return selinux_ip_forward(skb, in->ifindex, PF_INET);
+ return selinux_ip_forward(skb, in, PF_INET);
}
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
- return selinux_ip_forward(skb, in->ifindex, PF_INET6);
+ return selinux_ip_forward(skb, in, PF_INET6);
}
#endif /* IPV6 */
return NF_ACCEPT;
}
- static unsigned int selinux_ip_postroute(struct sk_buff *skb, int ifindex,
+ static unsigned int selinux_ip_postroute(struct sk_buff *skb,
+ const struct net_device *outdev,
u16 family)
{
u32 secmark_perm;
u32 peer_sid;
+ int ifindex = outdev->ifindex;
struct sock *sk;
struct common_audit_data ad;
struct lsm_network_audit net = {0,};
case PF_INET6:
if (IP6CB(skb)->flags & IP6SKB_XFRM_TRANSFORMED)
return NF_ACCEPT;
+ break;
default:
return NF_DROP_ERR(-ECONNREFUSED);
}
u32 if_sid;
u32 node_sid;
- if (sel_netif_sid(ifindex, &if_sid))
+ if (sel_netif_sid(dev_net(outdev), ifindex, &if_sid))
return NF_DROP;
if (avc_has_perm(peer_sid, if_sid,
SECCLASS_NETIF, NETIF__EGRESS, &ad))
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
- return selinux_ip_postroute(skb, out->ifindex, PF_INET);
+ return selinux_ip_postroute(skb, out, PF_INET);
}
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
- return selinux_ip_postroute(skb, out->ifindex, PF_INET6);
+ return selinux_ip_postroute(skb, out, PF_INET6);
}
#endif /* IPV6 */
#if defined(CONFIG_NETFILTER)
- static struct nf_hook_ops selinux_ipv4_ops[] = {
+ static struct nf_hook_ops selinux_nf_ops[] = {
{
.hook = selinux_ipv4_postroute,
.owner = THIS_MODULE,
.pf = NFPROTO_IPV4,
.hooknum = NF_INET_LOCAL_OUT,
.priority = NF_IP_PRI_SELINUX_FIRST,
- }
- };
-
+ },
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-
- static struct nf_hook_ops selinux_ipv6_ops[] = {
{
.hook = selinux_ipv6_postroute,
.owner = THIS_MODULE,
.pf = NFPROTO_IPV6,
.hooknum = NF_INET_FORWARD,
.priority = NF_IP6_PRI_SELINUX_FIRST,
- }
- };
-
+ },
#endif /* IPV6 */
+ };
static int __init selinux_nf_ip_init(void)
{
- int err = 0;
+ int err;
if (!selinux_enabled)
- goto out;
+ return 0;
printk(KERN_DEBUG "SELinux: Registering netfilter hooks\n");
- err = nf_register_hooks(selinux_ipv4_ops, ARRAY_SIZE(selinux_ipv4_ops));
+ err = nf_register_hooks(selinux_nf_ops, ARRAY_SIZE(selinux_nf_ops));
if (err)
- panic("SELinux: nf_register_hooks for IPv4: error %d\n", err);
+ panic("SELinux: nf_register_hooks: error %d\n", err);
- #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
- err = nf_register_hooks(selinux_ipv6_ops, ARRAY_SIZE(selinux_ipv6_ops));
- if (err)
- panic("SELinux: nf_register_hooks for IPv6: error %d\n", err);
- #endif /* IPV6 */
-
- out:
- return err;
+ return 0;
}
__initcall(selinux_nf_ip_init);
{
printk(KERN_DEBUG "SELinux: Unregistering netfilter hooks\n");
- nf_unregister_hooks(selinux_ipv4_ops, ARRAY_SIZE(selinux_ipv4_ops));
- #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
- nf_unregister_hooks(selinux_ipv6_ops, ARRAY_SIZE(selinux_ipv6_ops));
- #endif /* IPV6 */
+ nf_unregister_hooks(selinux_nf_ops, ARRAY_SIZE(selinux_nf_ops));
}
#endif
/**
* sel_netif_hashfn - Hashing function for the interface table
+ * @ns: the network namespace
* @ifindex: the network interface
*
* Description:
* bucket number for the given interface.
*
*/
- static inline u32 sel_netif_hashfn(int ifindex)
+ static inline u32 sel_netif_hashfn(const struct net *ns, int ifindex)
{
- return (ifindex & (SEL_NETIF_HASH_SIZE - 1));
+ return (((uintptr_t)ns + ifindex) & (SEL_NETIF_HASH_SIZE - 1));
}
/**
* sel_netif_find - Search for an interface record
+ * @ns: the network namespace
* @ifindex: the network interface
*
* Description:
* If an entry can not be found in the table return NULL.
*
*/
- static inline struct sel_netif *sel_netif_find(int ifindex)
+ static inline struct sel_netif *sel_netif_find(const struct net *ns,
+ int ifindex)
{
- int idx = sel_netif_hashfn(ifindex);
+ int idx = sel_netif_hashfn(ns, ifindex);
struct sel_netif *netif;
list_for_each_entry_rcu(netif, &sel_netif_hash[idx], list)
- /* all of the devices should normally fit in the hash, so we
- * optimize for that case */
- if (likely(netif->nsec.ifindex == ifindex))
+ if (net_eq(netif->nsec.ns, ns) &&
+ netif->nsec.ifindex == ifindex)
return netif;
return NULL;
if (sel_netif_total >= SEL_NETIF_HASH_MAX)
return -ENOSPC;
- idx = sel_netif_hashfn(netif->nsec.ifindex);
+ idx = sel_netif_hashfn(netif->nsec.ns, netif->nsec.ifindex);
list_add_rcu(&netif->list, &sel_netif_hash[idx]);
sel_netif_total++;
/**
* sel_netif_sid_slow - Lookup the SID of a network interface using the policy
+ * @ns: the network namespace
* @ifindex: the network interface
* @sid: interface SID
*
* failure.
*
*/
- static int sel_netif_sid_slow(int ifindex, u32 *sid)
+ static int sel_netif_sid_slow(struct net *ns, int ifindex, u32 *sid)
{
int ret;
struct sel_netif *netif;
/* NOTE: we always use init's network namespace since we don't
* currently support containers */
- dev = dev_get_by_index(&init_net, ifindex);
+ dev = dev_get_by_index(ns, ifindex);
if (unlikely(dev == NULL)) {
printk(KERN_WARNING
"SELinux: failure in sel_netif_sid_slow(),"
}
spin_lock_bh(&sel_netif_lock);
- netif = sel_netif_find(ifindex);
+ netif = sel_netif_find(ns, ifindex);
if (netif != NULL) {
*sid = netif->nsec.sid;
ret = 0;
ret = security_netif_sid(dev->name, &new->nsec.sid);
if (ret != 0)
goto out;
+ new->nsec.ns = ns;
new->nsec.ifindex = ifindex;
ret = sel_netif_insert(new);
if (ret != 0)
/**
* sel_netif_sid - Lookup the SID of a network interface
+ * @ns: the network namespace
* @ifindex: the network interface
* @sid: interface SID
*
* on failure.
*
*/
- int sel_netif_sid(int ifindex, u32 *sid)
+ int sel_netif_sid(struct net *ns, int ifindex, u32 *sid)
{
struct sel_netif *netif;
rcu_read_lock();
- netif = sel_netif_find(ifindex);
+ netif = sel_netif_find(ns, ifindex);
if (likely(netif != NULL)) {
*sid = netif->nsec.sid;
rcu_read_unlock();
}
rcu_read_unlock();
- return sel_netif_sid_slow(ifindex, sid);
+ return sel_netif_sid_slow(ns, ifindex, sid);
}
/**
* sel_netif_kill - Remove an entry from the network interface table
+ * @ns: the network namespace
* @ifindex: the network interface
*
* Description:
* table if it exists.
*
*/
- static void sel_netif_kill(int ifindex)
+ static void sel_netif_kill(const struct net *ns, int ifindex)
{
struct sel_netif *netif;
rcu_read_lock();
spin_lock_bh(&sel_netif_lock);
- netif = sel_netif_find(ifindex);
+ netif = sel_netif_find(ns, ifindex);
if (netif)
sel_netif_destroy(netif);
spin_unlock_bh(&sel_netif_lock);
{
struct net_device *dev = netdev_notifier_info_to_dev(ptr);
- if (dev_net(dev) != &init_net)
- return NOTIFY_DONE;
-
if (event == NETDEV_DOWN)
- sel_netif_kill(dev->ifindex);
+ sel_netif_kill(dev_net(dev), dev->ifindex);
return NOTIFY_DONE;
}
static __init int sel_netif_init(void)
{
- int i, err;
+ int i;
if (!selinux_enabled)
return 0;
register_netdevice_notifier(&sel_netif_netdev_notifier);
- return err;
+ return 0;
}
__initcall(sel_netif_init);
LIST_HEAD(smk_ipv6_port_list);
+ #ifdef CONFIG_SECURITY_SMACK_BRINGUP
+ static void smk_bu_mode(int mode, char *s)
+ {
+ int i = 0;
+
+ if (mode & MAY_READ)
+ s[i++] = 'r';
+ if (mode & MAY_WRITE)
+ s[i++] = 'w';
+ if (mode & MAY_EXEC)
+ s[i++] = 'x';
+ if (mode & MAY_APPEND)
+ s[i++] = 'a';
+ if (mode & MAY_TRANSMUTE)
+ s[i++] = 't';
+ if (mode & MAY_LOCK)
+ s[i++] = 'l';
+ if (i == 0)
+ s[i++] = '-';
+ s[i] = '\0';
+ }
+ #endif
+
+ #ifdef CONFIG_SECURITY_SMACK_BRINGUP
+ static int smk_bu_note(char *note, struct smack_known *sskp,
+ struct smack_known *oskp, int mode, int rc)
+ {
+ char acc[SMK_NUM_ACCESS_TYPE + 1];
+
+ if (rc <= 0)
+ return rc;
+
+ smk_bu_mode(mode, acc);
+ pr_info("Smack Bringup: (%s %s %s) %s\n",
+ sskp->smk_known, oskp->smk_known, acc, note);
+ return 0;
+ }
+ #else
+ #define smk_bu_note(note, sskp, oskp, mode, RC) (RC)
+ #endif
+
+ #ifdef CONFIG_SECURITY_SMACK_BRINGUP
+ static int smk_bu_current(char *note, struct smack_known *oskp,
+ int mode, int rc)
+ {
+ struct task_smack *tsp = current_security();
+ char acc[SMK_NUM_ACCESS_TYPE + 1];
+
+ if (rc <= 0)
+ return rc;
+
+ smk_bu_mode(mode, acc);
+ pr_info("Smack Bringup: (%s %s %s) %s %s\n",
+ tsp->smk_task->smk_known, oskp->smk_known,
+ acc, current->comm, note);
+ return 0;
+ }
+ #else
+ #define smk_bu_current(note, oskp, mode, RC) (RC)
+ #endif
+
+ #ifdef CONFIG_SECURITY_SMACK_BRINGUP
+ static int smk_bu_task(struct task_struct *otp, int mode, int rc)
+ {
+ struct task_smack *tsp = current_security();
+ struct task_smack *otsp = task_security(otp);
+ char acc[SMK_NUM_ACCESS_TYPE + 1];
+
+ if (rc <= 0)
+ return rc;
+
+ smk_bu_mode(mode, acc);
+ pr_info("Smack Bringup: (%s %s %s) %s to %s\n",
+ tsp->smk_task->smk_known, otsp->smk_task->smk_known, acc,
+ current->comm, otp->comm);
+ return 0;
+ }
+ #else
+ #define smk_bu_task(otp, mode, RC) (RC)
+ #endif
+
+ #ifdef CONFIG_SECURITY_SMACK_BRINGUP
+ static int smk_bu_inode(struct inode *inode, int mode, int rc)
+ {
+ struct task_smack *tsp = current_security();
+ char acc[SMK_NUM_ACCESS_TYPE + 1];
+
+ if (rc <= 0)
+ return rc;
+
+ smk_bu_mode(mode, acc);
+ pr_info("Smack Bringup: (%s %s %s) inode=(%s %ld) %s\n",
+ tsp->smk_task->smk_known, smk_of_inode(inode)->smk_known, acc,
+ inode->i_sb->s_id, inode->i_ino, current->comm);
+ return 0;
+ }
+ #else
+ #define smk_bu_inode(inode, mode, RC) (RC)
+ #endif
+
+ #ifdef CONFIG_SECURITY_SMACK_BRINGUP
+ static int smk_bu_file(struct file *file, int mode, int rc)
+ {
+ struct task_smack *tsp = current_security();
+ struct smack_known *sskp = tsp->smk_task;
+ struct inode *inode = file->f_inode;
+ char acc[SMK_NUM_ACCESS_TYPE + 1];
+
+ if (rc <= 0)
+ return rc;
+
+ smk_bu_mode(mode, acc);
+ pr_info("Smack Bringup: (%s %s %s) file=(%s %ld %s) %s\n",
+ sskp->smk_known, (char *)file->f_security, acc,
+ inode->i_sb->s_id, inode->i_ino, file->f_dentry->d_name.name,
+ current->comm);
+ return 0;
+ }
+ #else
+ #define smk_bu_file(file, mode, RC) (RC)
+ #endif
+
+ #ifdef CONFIG_SECURITY_SMACK_BRINGUP
+ static int smk_bu_credfile(const struct cred *cred, struct file *file,
+ int mode, int rc)
+ {
+ struct task_smack *tsp = cred->security;
+ struct smack_known *sskp = tsp->smk_task;
+ struct inode *inode = file->f_inode;
+ char acc[SMK_NUM_ACCESS_TYPE + 1];
+
+ if (rc <= 0)
+ return rc;
+
+ smk_bu_mode(mode, acc);
+ pr_info("Smack Bringup: (%s %s %s) file=(%s %ld %s) %s\n",
+ sskp->smk_known, smk_of_inode(inode)->smk_known, acc,
+ inode->i_sb->s_id, inode->i_ino, file->f_dentry->d_name.name,
+ current->comm);
+ return 0;
+ }
+ #else
+ #define smk_bu_credfile(cred, file, mode, RC) (RC)
+ #endif
+
/**
* smk_fetch - Fetch the smack label from a file.
* @ip: a pointer to the inode
/**
* new_inode_smack - allocate an inode security blob
- * @smack: a pointer to the Smack label to use in the blob
+ * @skp: a pointer to the Smack label entry to use in the blob
*
* Returns the new blob or NULL if there's no memory available
*/
- struct inode_smack *new_inode_smack(char *smack)
+ struct inode_smack *new_inode_smack(struct smack_known *skp)
{
struct inode_smack *isp;
if (isp == NULL)
return NULL;
- isp->smk_inode = smack;
+ isp->smk_inode = skp;
isp->smk_flags = 0;
mutex_init(&isp->smk_lock);
/**
* smk_ptrace_rule_check - helper for ptrace access
* @tracer: tracer process
- * @tracee_label: label of the process that's about to be traced,
- * the pointer must originate from smack structures
+ * @tracee_known: label entry of the process that's about to be traced
* @mode: ptrace attachment mode (PTRACE_MODE_*)
* @func: name of the function that called us, used for audit
*
* Returns 0 on access granted, -error on error
*/
- static int smk_ptrace_rule_check(struct task_struct *tracer, char *tracee_label,
+ static int smk_ptrace_rule_check(struct task_struct *tracer,
+ struct smack_known *tracee_known,
unsigned int mode, const char *func)
{
int rc;
struct smk_audit_info ad, *saip = NULL;
struct task_smack *tsp;
- struct smack_known *skp;
+ struct smack_known *tracer_known;
if ((mode & PTRACE_MODE_NOAUDIT) == 0) {
smk_ad_init(&ad, func, LSM_AUDIT_DATA_TASK);
}
tsp = task_security(tracer);
- skp = smk_of_task(tsp);
+ tracer_known = smk_of_task(tsp);
if ((mode & PTRACE_MODE_ATTACH) &&
(smack_ptrace_rule == SMACK_PTRACE_EXACT ||
smack_ptrace_rule == SMACK_PTRACE_DRACONIAN)) {
- if (skp->smk_known == tracee_label)
+ if (tracer_known->smk_known == tracee_known->smk_known)
rc = 0;
else if (smack_ptrace_rule == SMACK_PTRACE_DRACONIAN)
rc = -EACCES;
rc = -EACCES;
if (saip)
- smack_log(skp->smk_known, tracee_label, 0, rc, saip);
+ smack_log(tracer_known->smk_known,
+ tracee_known->smk_known,
+ 0, rc, saip);
return rc;
}
/* In case of rule==SMACK_PTRACE_DEFAULT or mode==PTRACE_MODE_READ */
- rc = smk_tskacc(tsp, tracee_label, smk_ptrace_mode(mode), saip);
+ rc = smk_tskacc(tsp, tracee_known, smk_ptrace_mode(mode), saip);
return rc;
}
skp = smk_of_task(task_security(ctp));
- rc = smk_ptrace_rule_check(current, skp->smk_known, mode, __func__);
+ rc = smk_ptrace_rule_check(current, skp, mode, __func__);
return rc;
}
skp = smk_of_task(current_security());
- rc = smk_ptrace_rule_check(ptp, skp->smk_known,
- PTRACE_MODE_ATTACH, __func__);
+ rc = smk_ptrace_rule_check(ptp, skp, PTRACE_MODE_ATTACH, __func__);
return rc;
}
if (sbsp == NULL)
return -ENOMEM;
- sbsp->smk_root = smack_known_floor.smk_known;
- sbsp->smk_default = smack_known_floor.smk_known;
- sbsp->smk_floor = smack_known_floor.smk_known;
- sbsp->smk_hat = smack_known_hat.smk_known;
+ sbsp->smk_root = &smack_known_floor;
+ sbsp->smk_default = &smack_known_floor;
+ sbsp->smk_floor = &smack_known_floor;
+ sbsp->smk_hat = &smack_known_hat;
/*
* smk_initialized will be zero from kzalloc.
*/
struct smack_known *skp;
char *op;
char *commap;
- char *nsp;
int transmute = 0;
int specified = 0;
if (strncmp(op, SMK_FSHAT, strlen(SMK_FSHAT)) == 0) {
op += strlen(SMK_FSHAT);
- nsp = smk_import(op, 0);
- if (nsp != NULL) {
- sp->smk_hat = nsp;
+ skp = smk_import_entry(op, 0);
+ if (skp != NULL) {
+ sp->smk_hat = skp;
specified = 1;
}
} else if (strncmp(op, SMK_FSFLOOR, strlen(SMK_FSFLOOR)) == 0) {
op += strlen(SMK_FSFLOOR);
- nsp = smk_import(op, 0);
- if (nsp != NULL) {
- sp->smk_floor = nsp;
+ skp = smk_import_entry(op, 0);
+ if (skp != NULL) {
+ sp->smk_floor = skp;
specified = 1;
}
} else if (strncmp(op, SMK_FSDEFAULT,
strlen(SMK_FSDEFAULT)) == 0) {
op += strlen(SMK_FSDEFAULT);
- nsp = smk_import(op, 0);
- if (nsp != NULL) {
- sp->smk_default = nsp;
+ skp = smk_import_entry(op, 0);
+ if (skp != NULL) {
+ sp->smk_default = skp;
specified = 1;
}
} else if (strncmp(op, SMK_FSROOT, strlen(SMK_FSROOT)) == 0) {
op += strlen(SMK_FSROOT);
- nsp = smk_import(op, 0);
- if (nsp != NULL) {
- sp->smk_root = nsp;
+ skp = smk_import_entry(op, 0);
+ if (skp != NULL) {
+ sp->smk_root = skp;
specified = 1;
}
} else if (strncmp(op, SMK_FSTRANS, strlen(SMK_FSTRANS)) == 0) {
op += strlen(SMK_FSTRANS);
- nsp = smk_import(op, 0);
- if (nsp != NULL) {
- sp->smk_root = nsp;
+ skp = smk_import_entry(op, 0);
+ if (skp != NULL) {
+ sp->smk_root = skp;
transmute = 1;
specified = 1;
}
* Unprivileged mounts get root and default from the caller.
*/
skp = smk_of_current();
- sp->smk_root = skp->smk_known;
- sp->smk_default = skp->smk_known;
+ sp->smk_root = skp;
+ sp->smk_default = skp;
}
/*
* Initialize the root inode.
smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
rc = smk_curacc(sbp->smk_floor, MAY_READ, &ad);
+ rc = smk_bu_current("statfs", sbp->smk_floor, MAY_READ, rc);
return rc;
}
tracer = ptrace_parent(current);
if (likely(tracer != NULL))
rc = smk_ptrace_rule_check(tracer,
- isp->smk_task->smk_known,
+ isp->smk_task,
PTRACE_MODE_ATTACH,
__func__);
rcu_read_unlock();
{
struct smack_known *skp = smk_of_current();
- inode->i_security = new_inode_smack(skp->smk_known);
+ inode->i_security = new_inode_smack(skp);
if (inode->i_security == NULL)
return -ENOMEM;
return 0;
/**
* smack_inode_init_security - copy out the smack from an inode
- * @inode: the inode
- * @dir: unused
+ * @inode: the newly created inode
+ * @dir: containing directory object
* @qstr: unused
* @name: where to put the attribute name
* @value: where to put the attribute value
{
struct inode_smack *issp = inode->i_security;
struct smack_known *skp = smk_of_current();
- char *isp = smk_of_inode(inode);
- char *dsp = smk_of_inode(dir);
+ struct smack_known *isp = smk_of_inode(inode);
+ struct smack_known *dsp = smk_of_inode(dir);
int may;
if (name)
if (value) {
rcu_read_lock();
- may = smk_access_entry(skp->smk_known, dsp, &skp->smk_rules);
+ may = smk_access_entry(skp->smk_known, dsp->smk_known,
+ &skp->smk_rules);
rcu_read_unlock();
/*
issp->smk_flags |= SMK_INODE_CHANGED;
}
- *value = kstrdup(isp, GFP_NOFS);
+ *value = kstrdup(isp->smk_known, GFP_NOFS);
if (*value == NULL)
return -ENOMEM;
}
if (len)
- *len = strlen(isp) + 1;
+ *len = strlen(isp->smk_known);
return 0;
}
static int smack_inode_link(struct dentry *old_dentry, struct inode *dir,
struct dentry *new_dentry)
{
- char *isp;
+ struct smack_known *isp;
struct smk_audit_info ad;
int rc;
isp = smk_of_inode(old_dentry->d_inode);
rc = smk_curacc(isp, MAY_WRITE, &ad);
+ rc = smk_bu_inode(old_dentry->d_inode, MAY_WRITE, rc);
if (rc == 0 && new_dentry->d_inode != NULL) {
isp = smk_of_inode(new_dentry->d_inode);
smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry);
rc = smk_curacc(isp, MAY_WRITE, &ad);
+ rc = smk_bu_inode(new_dentry->d_inode, MAY_WRITE, rc);
}
return rc;
* You need write access to the thing you're unlinking
*/
rc = smk_curacc(smk_of_inode(ip), MAY_WRITE, &ad);
+ rc = smk_bu_inode(ip, MAY_WRITE, rc);
if (rc == 0) {
/*
* You also need write access to the containing directory
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
smk_ad_setfield_u_fs_inode(&ad, dir);
rc = smk_curacc(smk_of_inode(dir), MAY_WRITE, &ad);
+ rc = smk_bu_inode(dir, MAY_WRITE, rc);
}
return rc;
}
* You need write access to the thing you're removing
*/
rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad);
+ rc = smk_bu_inode(dentry->d_inode, MAY_WRITE, rc);
if (rc == 0) {
/*
* You also need write access to the containing directory
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
smk_ad_setfield_u_fs_inode(&ad, dir);
rc = smk_curacc(smk_of_inode(dir), MAY_WRITE, &ad);
+ rc = smk_bu_inode(dir, MAY_WRITE, rc);
}
return rc;
/**
* smack_inode_rename - Smack check on rename
- * @old_inode: the old directory
- * @old_dentry: unused
- * @new_inode: the new directory
- * @new_dentry: unused
+ * @old_inode: unused
+ * @old_dentry: the old object
+ * @new_inode: unused
+ * @new_dentry: the new object
*
* Read and write access is required on both the old and
* new directories.
struct dentry *new_dentry)
{
int rc;
- char *isp;
+ struct smack_known *isp;
struct smk_audit_info ad;
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
isp = smk_of_inode(old_dentry->d_inode);
rc = smk_curacc(isp, MAY_READWRITE, &ad);
+ rc = smk_bu_inode(old_dentry->d_inode, MAY_READWRITE, rc);
if (rc == 0 && new_dentry->d_inode != NULL) {
isp = smk_of_inode(new_dentry->d_inode);
smk_ad_setfield_u_fs_path_dentry(&ad, new_dentry);
rc = smk_curacc(isp, MAY_READWRITE, &ad);
+ rc = smk_bu_inode(new_dentry->d_inode, MAY_READWRITE, rc);
}
return rc;
}
{
struct smk_audit_info ad;
int no_block = mask & MAY_NOT_BLOCK;
+ int rc;
mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND);
/*
return -ECHILD;
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_INODE);
smk_ad_setfield_u_fs_inode(&ad, inode);
- return smk_curacc(smk_of_inode(inode), mask, &ad);
+ rc = smk_curacc(smk_of_inode(inode), mask, &ad);
+ rc = smk_bu_inode(inode, mask, rc);
+ return rc;
}
/**
static int smack_inode_setattr(struct dentry *dentry, struct iattr *iattr)
{
struct smk_audit_info ad;
+ int rc;
+
/*
* Need to allow for clearing the setuid bit.
*/
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
- return smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad);
+ rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad);
+ rc = smk_bu_inode(dentry->d_inode, MAY_WRITE, rc);
+ return rc;
}
/**
* smack_inode_getattr - Smack check for getting attributes
- * @mnt: unused
+ * @mnt: vfsmount of the object
* @dentry: the object
*
* Returns 0 if access is permitted, an error code otherwise
{
struct smk_audit_info ad;
struct path path;
+ int rc;
path.dentry = dentry;
path.mnt = mnt;
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
smk_ad_setfield_u_fs_path(&ad, path);
- return smk_curacc(smk_of_inode(dentry->d_inode), MAY_READ, &ad);
+ rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_READ, &ad);
+ rc = smk_bu_inode(dentry->d_inode, MAY_READ, rc);
+ return rc;
}
/**
* smack_inode_setxattr - Smack check for setting xattrs
* @dentry: the object
* @name: name of the attribute
- * @value: unused
- * @size: unused
+ * @value: value of the attribute
+ * @size: size of the value
* @flags: unused
*
* This protects the Smack attribute explicitly.
rc = -EPERM;
if (rc == 0 && check_import) {
- skp = smk_import_entry(value, size);
+ skp = size ? smk_import_entry(value, size) : NULL;
if (skp == NULL || (check_star &&
(skp == &smack_known_star || skp == &smack_known_web)))
rc = -EINVAL;
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
- if (rc == 0)
+ if (rc == 0) {
rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad);
+ rc = smk_bu_inode(dentry->d_inode, MAY_WRITE, rc);
+ }
return rc;
}
if (strcmp(name, XATTR_NAME_SMACK) == 0) {
skp = smk_import_entry(value, size);
if (skp != NULL)
- isp->smk_inode = skp->smk_known;
+ isp->smk_inode = skp;
else
- isp->smk_inode = smack_known_invalid.smk_known;
+ isp->smk_inode = &smack_known_invalid;
} else if (strcmp(name, XATTR_NAME_SMACKEXEC) == 0) {
skp = smk_import_entry(value, size);
if (skp != NULL)
static int smack_inode_getxattr(struct dentry *dentry, const char *name)
{
struct smk_audit_info ad;
+ int rc;
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_DENTRY);
smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
- return smk_curacc(smk_of_inode(dentry->d_inode), MAY_READ, &ad);
+ rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_READ, &ad);
+ rc = smk_bu_inode(dentry->d_inode, MAY_READ, rc);
+ return rc;
}
/**
smk_ad_setfield_u_fs_path_dentry(&ad, dentry);
rc = smk_curacc(smk_of_inode(dentry->d_inode), MAY_WRITE, &ad);
+ rc = smk_bu_inode(dentry->d_inode, MAY_WRITE, rc);
if (rc != 0)
return rc;
struct socket *sock;
struct super_block *sbp;
struct inode *ip = (struct inode *)inode;
- char *isp;
+ struct smack_known *isp;
int ilen;
int rc = 0;
if (strcmp(name, XATTR_SMACK_SUFFIX) == 0) {
isp = smk_of_inode(inode);
- ilen = strlen(isp) + 1;
- *buffer = isp;
+ ilen = strlen(isp->smk_known);
+ *buffer = isp->smk_known;
return ilen;
}
ssp = sock->sk->sk_security;
if (strcmp(name, XATTR_SMACK_IPIN) == 0)
- isp = ssp->smk_in->smk_known;
+ isp = ssp->smk_in;
else if (strcmp(name, XATTR_SMACK_IPOUT) == 0)
- isp = ssp->smk_out->smk_known;
+ isp = ssp->smk_out;
else
return -EOPNOTSUPP;
- ilen = strlen(isp) + 1;
+ ilen = strlen(isp->smk_known);
if (rc == 0) {
- *buffer = isp;
+ *buffer = isp->smk_known;
rc = ilen;
}
static int smack_inode_listsecurity(struct inode *inode, char *buffer,
size_t buffer_size)
{
- int len = strlen(XATTR_NAME_SMACK);
+ int len = sizeof(XATTR_NAME_SMACK);
- if (buffer != NULL && len <= buffer_size) {
+ if (buffer != NULL && len <= buffer_size)
memcpy(buffer, XATTR_NAME_SMACK, len);
- return len;
- }
- return -EINVAL;
+
+ return len;
}
/**
{
struct inode_smack *isp = inode->i_security;
- *secid = smack_to_secid(isp->smk_inode);
+ *secid = isp->smk_inode->smk_secid;
}
/*
{
struct smack_known *skp = smk_of_current();
- file->f_security = skp->smk_known;
+ file->f_security = skp;
return 0;
}
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
smk_ad_setfield_u_fs_path(&ad, file->f_path);
- if (_IOC_DIR(cmd) & _IOC_WRITE)
+ if (_IOC_DIR(cmd) & _IOC_WRITE) {
rc = smk_curacc(file->f_security, MAY_WRITE, &ad);
+ rc = smk_bu_file(file, MAY_WRITE, rc);
+ }
- if (rc == 0 && (_IOC_DIR(cmd) & _IOC_READ))
+ if (rc == 0 && (_IOC_DIR(cmd) & _IOC_READ)) {
rc = smk_curacc(file->f_security, MAY_READ, &ad);
+ rc = smk_bu_file(file, MAY_READ, rc);
+ }
return rc;
}
static int smack_file_lock(struct file *file, unsigned int cmd)
{
struct smk_audit_info ad;
+ int rc;
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
smk_ad_setfield_u_fs_path(&ad, file->f_path);
- return smk_curacc(file->f_security, MAY_LOCK, &ad);
+ rc = smk_curacc(file->f_security, MAY_LOCK, &ad);
+ rc = smk_bu_file(file, MAY_LOCK, rc);
+ return rc;
}
/**
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
smk_ad_setfield_u_fs_path(&ad, file->f_path);
rc = smk_curacc(file->f_security, MAY_LOCK, &ad);
+ rc = smk_bu_file(file, MAY_LOCK, rc);
break;
case F_SETOWN:
case F_SETSIG:
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
smk_ad_setfield_u_fs_path(&ad, file->f_path);
rc = smk_curacc(file->f_security, MAY_WRITE, &ad);
+ rc = smk_bu_file(file, MAY_WRITE, rc);
break;
default:
break;
struct smack_known *mkp;
struct smack_rule *srp;
struct task_smack *tsp;
- char *osmack;
+ struct smack_known *okp;
struct inode_smack *isp;
int may;
int mmay;
* to that rule's object label.
*/
list_for_each_entry_rcu(srp, &skp->smk_rules, list) {
- osmack = srp->smk_object;
+ okp = srp->smk_object;
/*
* Matching labels always allows access.
*/
- if (mkp->smk_known == osmack)
+ if (mkp->smk_known == okp->smk_known)
continue;
/*
* If there is a matching local rule take
* that into account as well.
*/
- may = smk_access_entry(srp->smk_subject->smk_known, osmack,
- &tsp->smk_rules);
+ may = smk_access_entry(srp->smk_subject->smk_known,
+ okp->smk_known,
+ &tsp->smk_rules);
if (may == -ENOENT)
may = srp->smk_access;
else
* If there isn't one a SMACK64MMAP subject
* can't have as much access as current.
*/
- mmay = smk_access_entry(mkp->smk_known, osmack,
- &mkp->smk_rules);
+ mmay = smk_access_entry(mkp->smk_known, okp->smk_known,
+ &mkp->smk_rules);
if (mmay == -ENOENT) {
rc = -EACCES;
break;
* If there is a local entry it modifies the
* potential access, too.
*/
- tmay = smk_access_entry(mkp->smk_known, osmack,
- &tsp->smk_rules);
+ tmay = smk_access_entry(mkp->smk_known, okp->smk_known,
+ &tsp->smk_rules);
if (tmay != -ENOENT)
mmay &= tmay;
* Returns 0
* Further research may be required on this one.
*/
-static int smack_file_set_fowner(struct file *file)
+static void smack_file_set_fowner(struct file *file)
{
struct smack_known *skp = smk_of_current();
- file->f_security = skp->smk_known;
+ file->f_security = skp;
- return 0;
}
/**
file = container_of(fown, struct file, f_owner);
/* we don't log here as rc can be overriden */
- skp = smk_find_entry(file->f_security);
- rc = smk_access(skp, tkp->smk_known, MAY_WRITE, NULL);
+ skp = file->f_security;
+ rc = smk_access(skp, tkp, MAY_WRITE, NULL);
+ rc = smk_bu_note("sigiotask", skp, tkp, MAY_WRITE, rc);
if (rc != 0 && has_capability(tsk, CAP_MAC_OVERRIDE))
rc = 0;
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
smk_ad_setfield_u_tsk(&ad, tsk);
- smack_log(file->f_security, tkp->smk_known, MAY_WRITE, rc, &ad);
+ smack_log(skp->smk_known, tkp->smk_known, MAY_WRITE, rc, &ad);
return rc;
}
*/
static int smack_file_receive(struct file *file)
{
+ int rc;
int may = 0;
struct smk_audit_info ad;
if (file->f_mode & FMODE_WRITE)
may |= MAY_WRITE;
- return smk_curacc(file->f_security, may, &ad);
+ rc = smk_curacc(file->f_security, may, &ad);
+ rc = smk_bu_file(file, may, rc);
+ return rc;
}
/**
struct smk_audit_info ad;
int rc;
- if (smack_privileged(CAP_MAC_OVERRIDE))
+ if (smack_privileged(CAP_MAC_OVERRIDE)) {
+ file->f_security = isp->smk_inode;
return 0;
+ }
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
smk_ad_setfield_u_fs_path(&ad, file->f_path);
rc = smk_access(tsp->smk_task, isp->smk_inode, MAY_READ, &ad);
+ rc = smk_bu_credfile(cred, file, MAY_READ, rc);
if (rc == 0)
file->f_security = isp->smk_inode;
struct inode_smack *isp = inode->i_security;
struct task_smack *tsp = new->security;
- tsp->smk_forked = smk_find_entry(isp->smk_inode);
+ tsp->smk_forked = isp->smk_inode;
tsp->smk_task = tsp->smk_forked;
return 0;
}
{
struct smk_audit_info ad;
struct smack_known *skp = smk_of_task(task_security(p));
+ int rc;
smk_ad_init(&ad, caller, LSM_AUDIT_DATA_TASK);
smk_ad_setfield_u_tsk(&ad, p);
- return smk_curacc(skp->smk_known, access, &ad);
+ rc = smk_curacc(skp, access, &ad);
+ rc = smk_bu_task(p, access, rc);
+ return rc;
}
/**
struct smk_audit_info ad;
struct smack_known *skp;
struct smack_known *tkp = smk_of_task(task_security(p));
+ int rc;
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_TASK);
smk_ad_setfield_u_tsk(&ad, p);
* Sending a signal requires that the sender
* can write the receiver.
*/
- if (secid == 0)
- return smk_curacc(tkp->smk_known, MAY_WRITE, &ad);
+ if (secid == 0) {
+ rc = smk_curacc(tkp, MAY_WRITE, &ad);
+ rc = smk_bu_task(p, MAY_WRITE, rc);
+ return rc;
+ }
/*
* If the secid isn't 0 we're dealing with some USB IO
* specific behavior. This is not clean. For one thing
* we can't take privilege into account.
*/
skp = smack_from_secid(secid);
- return smk_access(skp, tkp->smk_known, MAY_WRITE, &ad);
+ rc = smk_access(skp, tkp, MAY_WRITE, &ad);
+ rc = smk_bu_note("USB signal", skp, tkp, MAY_WRITE, rc);
+ return rc;
}
/**
struct inode_smack *isp = inode->i_security;
struct smack_known *skp = smk_of_task(task_security(p));
- isp->smk_inode = skp->smk_known;
+ isp->smk_inode = skp;
}
/*
*
* Returns the label of the far end or NULL if it's not special.
*/
- static char *smack_host_label(struct sockaddr_in *sip)
+ static struct smack_known *smack_host_label(struct sockaddr_in *sip)
{
struct smk_netlbladdr *snp;
struct in_addr *siap = &sip->sin_addr;
if ((&snp->smk_host.sin_addr)->s_addr ==
(siap->s_addr & (&snp->smk_mask)->s_addr)) {
/* we have found the special CIPSO option */
- if (snp->smk_label == smack_cipso_option)
+ if (snp->smk_label == &smack_cipso_option)
return NULL;
return snp->smk_label;
}
struct smack_known *skp;
int rc;
int sk_lbl;
- char *hostsp;
+ struct smack_known *hkp;
struct socket_smack *ssp = sk->sk_security;
struct smk_audit_info ad;
rcu_read_lock();
- hostsp = smack_host_label(sap);
- if (hostsp != NULL) {
+ hkp = smack_host_label(sap);
+ if (hkp != NULL) {
#ifdef CONFIG_AUDIT
struct lsm_network_audit net;
#endif
sk_lbl = SMACK_UNLABELED_SOCKET;
skp = ssp->smk_out;
- rc = smk_access(skp, hostsp, MAY_WRITE, &ad);
+ rc = smk_access(skp, hkp, MAY_WRITE, &ad);
+ rc = smk_bu_note("IPv4 host check", skp, hkp, MAY_WRITE, rc);
} else {
sk_lbl = SMACK_CIPSO_SOCKET;
rc = 0;
struct socket_smack *ssp = sk->sk_security;
struct smack_known *skp;
unsigned short port = 0;
- char *object;
+ struct smack_known *object;
struct smk_audit_info ad;
+ int rc;
#ifdef CONFIG_AUDIT
struct lsm_network_audit net;
#endif
if (act == SMK_RECEIVING) {
skp = smack_net_ambient;
- object = ssp->smk_in->smk_known;
+ object = ssp->smk_in;
} else {
skp = ssp->smk_out;
- object = smack_net_ambient->smk_known;
+ object = smack_net_ambient;
}
/*
list_for_each_entry(spp, &smk_ipv6_port_list, list) {
if (spp->smk_port != port)
continue;
- object = spp->smk_in->smk_known;
+ object = spp->smk_in;
if (act == SMK_CONNECTING)
ssp->smk_packet = spp->smk_out;
break;
else
ad.a.u.net->v6info.daddr = address->sin6_addr;
#endif
- return smk_access(skp, object, MAY_WRITE, &ad);
+ rc = smk_access(skp, object, MAY_WRITE, &ad);
+ rc = smk_bu_note("IPv6 port check", skp, object, MAY_WRITE, rc);
+ return rc;
}
/**
return -EINVAL;
if (strcmp(name, XATTR_SMACK_SUFFIX) == 0) {
- nsp->smk_inode = skp->smk_known;
+ nsp->smk_inode = skp;
nsp->smk_flags |= SMK_INODE_INSTANT;
return 0;
}
{
struct smack_known *skp = smk_of_current();
- msg->security = skp->smk_known;
+ msg->security = skp;
return 0;
}
*
* Returns a pointer to the smack value
*/
- static char *smack_of_shm(struct shmid_kernel *shp)
+ static struct smack_known *smack_of_shm(struct shmid_kernel *shp)
{
- return (char *)shp->shm_perm.security;
+ return (struct smack_known *)shp->shm_perm.security;
}
/**
struct kern_ipc_perm *isp = &shp->shm_perm;
struct smack_known *skp = smk_of_current();
- isp->security = skp->smk_known;
+ isp->security = skp;
return 0;
}
*/
static int smk_curacc_shm(struct shmid_kernel *shp, int access)
{
- char *ssp = smack_of_shm(shp);
+ struct smack_known *ssp = smack_of_shm(shp);
struct smk_audit_info ad;
+ int rc;
#ifdef CONFIG_AUDIT
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
ad.a.u.ipc_id = shp->shm_perm.id;
#endif
- return smk_curacc(ssp, access, &ad);
+ rc = smk_curacc(ssp, access, &ad);
+ rc = smk_bu_current("shm", ssp, access, rc);
+ return rc;
}
/**
*
* Returns a pointer to the smack value
*/
- static char *smack_of_sem(struct sem_array *sma)
+ static struct smack_known *smack_of_sem(struct sem_array *sma)
{
- return (char *)sma->sem_perm.security;
+ return (struct smack_known *)sma->sem_perm.security;
}
/**
struct kern_ipc_perm *isp = &sma->sem_perm;
struct smack_known *skp = smk_of_current();
- isp->security = skp->smk_known;
+ isp->security = skp;
return 0;
}
*/
static int smk_curacc_sem(struct sem_array *sma, int access)
{
- char *ssp = smack_of_sem(sma);
+ struct smack_known *ssp = smack_of_sem(sma);
struct smk_audit_info ad;
+ int rc;
#ifdef CONFIG_AUDIT
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
ad.a.u.ipc_id = sma->sem_perm.id;
#endif
- return smk_curacc(ssp, access, &ad);
+ rc = smk_curacc(ssp, access, &ad);
+ rc = smk_bu_current("sem", ssp, access, rc);
+ return rc;
}
/**
struct kern_ipc_perm *kisp = &msq->q_perm;
struct smack_known *skp = smk_of_current();
- kisp->security = skp->smk_known;
+ kisp->security = skp;
return 0;
}
* smack_of_msq - the smack pointer for the msq
* @msq: the object
*
- * Returns a pointer to the smack value
+ * Returns a pointer to the smack label entry
*/
- static char *smack_of_msq(struct msg_queue *msq)
+ static struct smack_known *smack_of_msq(struct msg_queue *msq)
{
- return (char *)msq->q_perm.security;
+ return (struct smack_known *)msq->q_perm.security;
}
/**
*/
static int smk_curacc_msq(struct msg_queue *msq, int access)
{
- char *msp = smack_of_msq(msq);
+ struct smack_known *msp = smack_of_msq(msq);
struct smk_audit_info ad;
+ int rc;
#ifdef CONFIG_AUDIT
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
ad.a.u.ipc_id = msq->q_perm.id;
#endif
- return smk_curacc(msp, access, &ad);
+ rc = smk_curacc(msp, access, &ad);
+ rc = smk_bu_current("msq", msp, access, rc);
+ return rc;
}
/**
*/
static int smack_ipc_permission(struct kern_ipc_perm *ipp, short flag)
{
- char *isp = ipp->security;
+ struct smack_known *iskp = ipp->security;
int may = smack_flags_to_may(flag);
struct smk_audit_info ad;
+ int rc;
#ifdef CONFIG_AUDIT
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_IPC);
ad.a.u.ipc_id = ipp->id;
#endif
- return smk_curacc(isp, may, &ad);
+ rc = smk_curacc(iskp, may, &ad);
+ rc = smk_bu_current("svipc", iskp, may, rc);
+ return rc;
}
/**
*/
static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid)
{
- char *smack = ipp->security;
+ struct smack_known *iskp = ipp->security;
- *secid = smack_to_secid(smack);
+ *secid = iskp->smk_secid;
}
/**
struct inode_smack *isp;
struct smack_known *skp;
struct smack_known *ckp = smk_of_current();
- char *final;
+ struct smack_known *final;
char trattr[TRANS_TRUE_SIZE];
int transflag = 0;
int rc;
* so there's no opportunity to set the mount
* options.
*/
- sbsp->smk_root = smack_known_star.smk_known;
- sbsp->smk_default = smack_known_star.smk_known;
+ sbsp->smk_root = &smack_known_star;
+ sbsp->smk_default = &smack_known_star;
}
isp->smk_inode = sbsp->smk_root;
isp->smk_flags |= SMK_INODE_INSTANT;
*
* Cgroupfs is special
*/
- final = smack_known_star.smk_known;
+ final = &smack_known_star;
break;
case DEVPTS_SUPER_MAGIC:
/*
* Programs that change smack have to treat the
* pty with respect.
*/
- final = ckp->smk_known;
+ final = ckp;
break;
case PROC_SUPER_MAGIC:
/*
* but watch out, because they're volitile,
* getting recreated on every reboot.
*/
- final = smack_known_star.smk_known;
+ final = &smack_known_star;
/*
* No break.
*
* UNIX domain sockets use lower level socket data.
*/
if (S_ISSOCK(inode->i_mode)) {
- final = smack_known_star.smk_known;
+ final = &smack_known_star;
break;
}
/*
dp = dget(opt_dentry);
skp = smk_fetch(XATTR_NAME_SMACK, inode, dp);
if (skp != NULL)
- final = skp->smk_known;
+ final = skp;
/*
* Transmuting directory
}
if (final == NULL)
- isp->smk_inode = ckp->smk_known;
+ isp->smk_inode = ckp;
else
isp->smk_inode = final;
smk_ad_init_net(&ad, __func__, LSM_AUDIT_DATA_NET, &net);
smk_ad_setfield_u_net_sk(&ad, other);
#endif
- rc = smk_access(skp, okp->smk_known, MAY_WRITE, &ad);
- if (rc == 0)
- rc = smk_access(okp, okp->smk_known, MAY_WRITE, NULL);
+ rc = smk_access(skp, okp, MAY_WRITE, &ad);
+ rc = smk_bu_note("UDS connect", skp, okp, MAY_WRITE, rc);
+ if (rc == 0) {
+ rc = smk_access(okp, skp, MAY_WRITE, NULL);
+ rc = smk_bu_note("UDS connect", okp, skp,
+ MAY_WRITE, rc);
+ }
}
/*
{
struct socket_smack *ssp = sock->sk->sk_security;
struct socket_smack *osp = other->sk->sk_security;
- struct smack_known *skp;
struct smk_audit_info ad;
+ int rc;
#ifdef CONFIG_AUDIT
struct lsm_network_audit net;
if (smack_privileged(CAP_MAC_OVERRIDE))
return 0;
- skp = ssp->smk_out;
- return smk_access(skp, osp->smk_in->smk_known, MAY_WRITE, &ad);
+ rc = smk_access(ssp->smk_out, osp->smk_in, MAY_WRITE, &ad);
+ rc = smk_bu_note("UDS send", ssp->smk_out, osp->smk_in, MAY_WRITE, rc);
+ return rc;
}
/**
* This is the simplist possible security model
* for networking.
*/
- rc = smk_access(skp, ssp->smk_in->smk_known, MAY_WRITE, &ad);
+ rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);
+ rc = smk_bu_note("IPv4 delivery", skp, ssp->smk_in,
+ MAY_WRITE, rc);
if (rc != 0)
netlbl_skbuff_err(skb, rc, 0);
break;
struct netlbl_lsm_secattr secattr;
struct sockaddr_in addr;
struct iphdr *hdr;
- char *hsp;
+ struct smack_known *hskp;
int rc;
struct smk_audit_info ad;
#ifdef CONFIG_AUDIT
* Receiving a packet requires that the other end be able to write
* here. Read access is not required.
*/
- rc = smk_access(skp, ssp->smk_in->smk_known, MAY_WRITE, &ad);
+ rc = smk_access(skp, ssp->smk_in, MAY_WRITE, &ad);
+ rc = smk_bu_note("IPv4 connect", skp, ssp->smk_in, MAY_WRITE, rc);
if (rc != 0)
return rc;
hdr = ip_hdr(skb);
addr.sin_addr.s_addr = hdr->saddr;
rcu_read_lock();
- hsp = smack_host_label(&addr);
+ hskp = smack_host_label(&addr);
rcu_read_unlock();
- if (hsp == NULL)
+ if (hskp == NULL)
rc = netlbl_req_setattr(req, &skp->smk_netlabel);
else
netlbl_req_delattr(req);
{
struct smack_known *skp = smk_of_task(cred->security);
- key->security = skp->smk_known;
+ key->security = skp;
return 0;
}
struct smk_audit_info ad;
struct smack_known *tkp = smk_of_task(cred->security);
int request = 0;
+ int rc;
keyp = key_ref_to_ptr(key_ref);
if (keyp == NULL)
request = MAY_READ;
if (perm & (KEY_NEED_WRITE | KEY_NEED_LINK | KEY_NEED_SETATTR))
request = MAY_WRITE;
- return smk_access(tkp, keyp->security, request, &ad);
+ rc = smk_access(tkp, keyp->security, request, &ad);
+ rc = smk_bu_note("key access", tkp, keyp->security, request, rc);
+ return rc;
}
#endif /* CONFIG_KEYS */
*/
static int smack_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
{
+ struct smack_known *skp;
char **rule = (char **)vrule;
*rule = NULL;
if (op != Audit_equal && op != Audit_not_equal)
return -EINVAL;
- *rule = smk_import(rulestr, 0);
+ skp = smk_import_entry(rulestr, 0);
+ if (skp)
+ *rule = skp->smk_known;
return 0;
}
*/
static int smack_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid)
{
- *secid = smack_to_secid(secdata);
+ struct smack_known *skp = smk_find_entry(secdata);
+
+ if (skp)
+ *secid = skp->smk_secid;
+ else
+ *secid = 0;
return 0;
}