- 20 Apr, 2008 31 commits
-
-
Harvey Harrison authored
__FUNCTION__ is gcc-specific, use __func__ Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Dan Williams authored
Requiring userspace to close and re-open sysfs attributes has been the policy since before 2.6.12. It allows userspace to get a consistent snapshot of kernel state and consume it with incremental reads and seeks. Now, if the file position is zero the kernel assumes userspace wants to see the new value. The application for this change is to allow a userspace RAID metadata handler to check the state of an array without causing any memory allocations. Thus not causing writeback to a raid array that might be blocked waiting for userspace to take action. Cc: Neil Brown <neilb@suse.de> Acked-by: Tejun Heo <htejun@gmail.com> Signed-off-by: Dan Williams <dan.j.williams@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Rafael J. Wysocki authored
After 2.6.24 there was a plan to make the PM core acquire all device semaphores during a suspend/hibernation to protect itself from concurrent operations involving device objects. That proved to be too heavy-handed and we found a better way to achieve the goal, but before it happened, we had introduced the functions device_pm_schedule_removal() and destroy_suspended_device() to allow drivers to "safely" destroy a suspended device and we had adapted some drivers to use them. Now that these functions are no longer necessary, it seems reasonable to remove them and modify their users to use the normal device unregistration instead. Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Acked-by: Pavel Machek <pavel@ucw.cz> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Konrad Rzeszutek authored
Add /sysfs/firmware/ibft/[initiator|targetX|ethernetX] directories along with text properties which export the the iSCSI Boot Firmware Table (iBFT) structure. What is iSCSI Boot Firmware Table? It is a mechanism for the iSCSI tools to extract from the machine NICs the iSCSI connection information so that they can automagically mount the iSCSI share/target. Currently the iSCSI information is hard-coded in the initrd. The /sysfs entries are read-only one-name-and-value fields. The usual set of data exposed is: # for a in `find /sys/firmware/ibft/ -type f -print`; do echo -n "$a: "; cat $a; done /sys/firmware/ibft/target0/target-name: iqn.2007.com.intel-sbx44:storage-10gb /sys/firmware/ibft/target0/nic-assoc: 0 /sys/firmware/ibft/target0/chap-type: 0 /sys/firmware/ibft/target0/lun: 00000000 /sys/firmware/ibft/target0/port: 3260 /sys/firmware/ibft/target0/ip-addr: 192.168.79.116 /sys/firmware/ibft/target0/flags: 3 /sys/firmware/ibft/target0/index: 0 /sys/firmware/ibft/ethernet0/mac: 00:11:25:9d:8b:01 /sys/firmware/ibft/ethernet0/vlan: 0 /sys/firmware/ibft/ethernet0/gateway: 192.168.79.254 /sys/firmware/ibft/ethernet0/origin: 0 /sys/firmware/ibft/ethernet0/subnet-mask: 255.255.252.0 /sys/firmware/ibft/ethernet0/ip-addr: 192.168.77.41 /sys/firmware/ibft/ethernet0/flags: 7 /sys/firmware/ibft/ethernet0/index: 0 /sys/firmware/ibft/initiator/initiator-name: iqn.2007-07.com:konrad.initiator /sys/firmware/ibft/initiator/flags: 3 /sys/firmware/ibft/initiator/index: 0 For full details of the IBFT structure please take a look at: ftp://ftp.software.ibm.com/systems/support/system_x_pdf/ibm_iscsi_boot_firmware_table_v1.02.pdf [akpm@linux-foundation.org: fix build] Signed-off-by: Konrad Rzeszutek <konradr@linux.vnet.ibm.com> Cc: Mike Christie <michaelc@cs.wisc.edu> Cc: Peter Jones <pjones@redhat.com> Cc: James Bottomley <James.Bottomley@HansenPartnership.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Randy Dunlap authored
Source file was removed. Need to remove docbook reference also. Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Cc: Pavel Machek <pavel@suse.cz> Cc: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Robert P. J. Day authored
Use the more concise list_for_each_entry(), which allows for the deletion of the to_kobj() routine at the same time. Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Robert P. J. Day authored
After an experimental deletion of the unnecessary inclusion of <linux/slab.h> from the header file <linux/percpu.h>, the following files under fs/sysfs were exposed as needing to explicitly include <linux/slab.h>. Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Greg Kroah-Hartman authored
device_is_registered() can use the kobject value for this, so it will now work with devices that are associated with only a class, not a bus and a driver. Cc: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Alan Stern authored
This patch (as1058) improves the wakeup macros in include/linux/pm.h. All but the trivial ones are converted to inline routines, which requires moving them to a separate header file since they depend on the definition of struct device. Signed-off-by: Alan Stern <stern@rowland.harvard.edu> Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Alan Stern authored
The various wakeup flags and their accessor macros in struct dev_pm_info should be available whenever CONFIG_PM is enabled, not just when CONFIG_PM_SLEEP is on. Otherwise remote wakeup won't always be configurable for runtime power management. This patch (as1056b) fixes the oversight. David Brownell adds: More accurately, fixes the "regression" ... as noted sometime last summer, after 296699de introduced CONFIG_SUSPEND. But that didn't make the regression list for that kernel, ergo the delay in fixing it. [rjw: rebased] Signed-off-by: Alan Stern <stern@rowland.harvard.edu> Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Alan Stern authored
This patch (as1059) fixes a mistake in the way the serial core initializes a device's wakeup settings. It should use the accessor routine instead of relying on a macro producing an lvalue. Signed-off-by: Alan Stern <stern@rowland.harvard.edu> Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Rafael J. Wysocki authored
Include dpm_sysfs_add() into device_pm_add(), in analogy with device_pm_remove(), and modify device_add() to call the latter after bus_add_device(), to avoid situations in which the PM core may attempt to suspend a device the registration of which has not been successful. Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Acked-by: Pavel Machek <pavel@ucw.cz> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Rafael J. Wysocki authored
Modify the PM core to protect its data structures, specifically the dpm_active list, from being corrupted if a child of the currently suspending device is registered concurrently with its ->suspend() callback. In that case, since the new device (the child) is added to dpm_active after its parent, the PM core will attempt to suspend it after the parent, which is wrong. Introduce a new member of struct dev_pm_info, called 'sleeping', and use it to check if the parent of the device being added to dpm_active has been suspended, in which case the device registration fails. Also, use 'sleeping' for checking if the ordering of devices on dpm_active is correct. Introduce variable 'all_sleeping' that will be set to 'true' once all devices have been suspended and make new device registrations fail until 'all_sleeping' is reset to 'false', in order to avoid having unsuspended devices around while the system is going into a sleep state. Remove pm_sleep_rwsem which is not necessary any more. Special thanks to Alan Stern for discussions and suggestions that lead to the creation of this patch. Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Acked-by: Pavel Machek <pavel@ucw.cz> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Kay Sievers authored
Userspace likes to get notified that the disk may have changed, when rescan_partitions() is called after partitioning or media change. It will make it possible to update the state of the disk with the "change" event, before the following partition "add" events are handled. Cc: David Zeuthen <david@fubar.dk> Signed-off-by: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Ben Dooks authored
I've just found how easy it is to accidentally register a sysdev_driver for two different classes. When this happens, bad things happen as the sysdev_driver structure keeps has the list entry for the driver registration. The following patch makes a WARN_ON() if this happens, although I think BUG_ON or returning -EAGAIN could also be valid responses to this. Signed-off-by: Ben Dooks <ben@fluff.org> Cc: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Sam Ravnborg authored
Fix following warning: WARNING: vmlinux.o(.text+0x64609c): Section mismatch in reference from the function store_online() to the function .cpuinit.text:cpu_up() store_online() is defined inside a HOTPLUG_CPU block so references are OK. Ignore references by annotating store_online() with __ref. Note: This is needed because cpu_up() most likely should not have been __cpuinit but all the hotplug cpu code misuses the __cpuinit annotation. Signed-off-by: Sam Ravnborg <sam@ravnborg.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Pavel Machek authored
power_state is scheduled for removal, and it is used only for debug prints by driver core. Remove it. Signed-off-by: Pavel Machek <pavel@suse.cz> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Kay Sievers authored
The current PNP combined card + devices module aliase can never ever match anything, because these values are not available all at the same time to request a module. Instead of adding the combined alias, we add the device id's all as individual aliases. Device id's are exported by the PNP bus and can now properly used to request the loading of a matching module. The module snd-sbawe currently exports aliases, which can never match anything: alias: pnp:cCTLXXXXdCTL0045dCTL0022* alias: pnp:cCTLXXXXdCTL0044dCTL0023* alias: pnp:cCTLXXXXdCTL0042dCTL0022* alias: pnp:cCTLXXXXdCTL0041dCTL0021* alias: pnp:cCTLXXXXdCTL0031dCTL0021* alias: pnp:cCTL00eddCTL0041dCTL0070* alias: pnp:cCTL00e9dCTL0045dCTL0022* alias: pnp:cCTL00e4dCTL0045dCTL0022* alias: pnp:cCTL00c7dCTL0045dCTL0022* alias: pnp:cCTL00c5dCTL0045dCTL0022* alias: pnp:cCTL00c3dCTL0045dCTL0022* alias: pnp:cCTL00c1dCTL0042dCTL0022* alias: pnp:cCTL00b2dCTL0044dCTL0023* alias: pnp:cCTL009edCTL0044dCTL0023* alias: pnp:cCTL009ddCTL0042dCTL0022* alias: pnp:cCTL009fdCTL0041dCTL0021* alias: pnp:cCTL009cdCTL0041dCTL0021* alias: pnp:cCTL009adCTL0041dCTL0021* alias: pnp:cCTL0054dCTL0031dCTL0021* alias: pnp:cCTL0048dCTL0031dCTL0021* alias: pnp:cCTL0047dCTL0031dCTL0021* alias: pnp:cCTL0046dCTL0031dCTL0021* alias: pnp:cCTL0045dCTL0031dCTL0021* alias: pnp:cCTL0044dCTL0031dCTL0021* alias: pnp:cCTL0043dCTL0031dCTL0021* alias: pnp:cCTL0042dCTL0031dCTL0021* alias: pnp:cCTL0039dCTL0031dCTL0021* alias: pnp:cCTL0035dCTL0031dCTL0021* With this patch it exports only the device id's, as properly matchable aliases: alias: pnp:dCTL0070* alias: pnp:dCTL0045* alias: pnp:dCTL0023* alias: pnp:dCTL0044* alias: pnp:dCTL0022* alias: pnp:dCTL0042* alias: pnp:dCTL0041* alias: pnp:dCTL0021* alias: pnp:dCTL0031* Now, the exported value of the PNP bus can be used to autoload a matching module: $ modprobe --first-time -n -v pnp:dCTL0045 insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/core/snd-rawmidi.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/drivers/mpu401/snd-mpu401-uart.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/core/snd-hwdep.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/isa/sb/snd-sb-common.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/isa/sb/snd-sb16-csp.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/isa/sb/snd-sb16-dsp.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/drivers/opl3/snd-opl3-lib.ko insmod /lib/modules/2.6.24-rc6-g5b825ed2-dirty/kernel/sound/isa/sb/snd-sbawe.ko $ grep CTL0045 /sys/bus/pnp/devices/*/id /sys/bus/pnp/devices/01:01.00/id:CTL0045 Signed-off-by: Kay Sievers <kay.sievers@vrfy.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Greg Kroah-Hartman authored
This fixes up a number of coding style issues in the firmware sample files. Yeah, it still doesn't build properly yet, that's next... Cc: Randy Dunlap <randy.dunlap@oracle.com> Cc: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Randy Dunlap authored
Move the firmware_class sample drivers to samples/ so that they are buildable and can be maintained. Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
David Rientjes authored
Convert sysfs_remove_bin_file() to have a return type of 'void' for !CONFIG_SYSFS configurations. Also removes unnecessary colons from empty void functions. Signed-off-by: David Rientjes <rientjes@google.com> Reviewed-by: Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Joe Perches authored
driver core: Convert debug functions declared inline __attribute__((format (printf,x,y) to statement expression macros When DEBUG is not defined, pr_debug and dev_dbg and some other local debugging functions are specified as: "inline __attribute__((format (printf, x, y)))" This is done to validate printk arguments when not debugging. Converting these functions to macros or statement expressions "do { if (0) printk(fmt, ##arg); } while (0)" or "({ if (0) printk(fmt, ##arg); 0; }) makes at least gcc 4.2.2 produce smaller objects. This has the additional benefit of allowing the optimizer to avoid calling functions like print_mac that might have been arguments to the printk. defconfig x86 current: $ size vmlinux text data bss dec hex filename 4716770 474560 618496 5809826 58a6a2 vmlinux all converted: (More patches follow) $ size vmlinux text data bss dec hex filename 4716642 474560 618496 5809698 58a622 vmlinux Even kernel/sched.o, which doesn't even use these functions, becomes smaller. It appears that merely having an indirect include of <linux/device.h> can cause bigger objects. $ size sched.inline.o sched.if0.o text data bss dec hex filename 31385 2854 328 34567 8707 sched.inline.o 31366 2854 328 34548 86f4 sched.if0.o The current preprocessed only kernel/sched.i file contains: # 612 "include/linux/device.h" static inline __attribute__((always_inline)) int __attribute__ ((format (printf, 2, 3))) dev_dbg(struct device *dev, const char *fmt, ...) { return 0; } # 628 "include/linux/device.h" static inline __attribute__((always_inline)) int __attribute__ ((format (printf, 2, 3))) dev_vdbg(struct device *dev, const char *fmt, ...) { return 0; } Removing these unused inlines from sched.i shrinks sched.o Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Badari Pulavarty authored
register_memory()/unregister_memory() never gets called with "root". unregister_memory() is accessing kobject_name of the object just freed up. Since no one uses the code, lets take the code out. And also, make register_memory() static. Another bug fix - before calling unregister_memory() remove_memory_block() gets a ref on kobject. unregister_memory() need to drop that ref before calling sysdev_unregister(). Signed-off-by: Badari Pulavarty <pbadari@us.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Daniel Walker authored
Signed-off-by: Daniel Walker <dwalker@mvista.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Uwe Kleine-König authored
Otherwise the device might just disappear while /dev/uioX is being used which results in an Oops. Signed-off-by: Uwe Kleine-König <Uwe.Kleine-Koenig@digi.com> Signed-off-by: Hans J Koch <hjk@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Ben Nizette authored
This patch implements a UIO interface for the SMX Cryptengine. The Cryptengine found on the Nias Digital SMX board is best suited for a UIO interface. It is not wired in to the cryptographic API as the engine handles it's own keys, algorithms, everything. All that we know about is that if there's room in the buffer, you can write data to it and when there's data ready, you read it out again. There isn't necessarily even any direct correlation between data going in and data coming out again, the engine may consume or generate data all on its own. This driver is for proprietary hardware but we're always told to submit the drivers anyway; here you are. :-) This is version 4 of this patch and addresses all issues raised by Hans-Jürgen Koch and Paul Mundt in their reviews. Slightly altered is Paul's suggestion to use DRV_NAME and DRV_VERSION as the UIO version and name. While at the moment they are the same, there is no reason for them to stay that way. Nevertheless we now at least provide a MODULE_VERSION macro to keep modinfo happy. Signed-off-by: Ben Nizette <bn@niasdigital.com> Acked-by: Paul Mundt <lethal@linux-sh.org> Signed-off-by: Hans J Koch <hjk@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Hans-Jürgen Koch authored
Meanwhile, PCI_DEVICE_ID_PLX_9030 is defined in pci_ids.h, no need to define it again in the driver. Signed-off-by: Hans J. Koch <hjk@linutronix.de> CC: Benedikt Spranger <b.spranger@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Hans-Jürgen Koch authored
Source drivers/uio/Kconfig to make UIO available in menuconfig if ARCH=arm. Signed-off-by: Hans J Koch <hjk@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Denis Cheng authored
Signed-off-by: Denis Cheng <crquan@gmail.com> Signed-off-by: Hans J. Koch <hjk@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Denis Cheng authored
Signed-off-by: Denis Cheng <crquan@gmail.com> Signed-off-by: Hans J. Koch <hjk@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
Greg Kroah-Hartman authored
Add warnings to kobject_put() to catch kobjects that are cleaned up but were never initialized to begin with. Cc: Kay Sievers <kay.sievers@vrfy.org> Cc: Hannes Reinecke <hare@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
- 19 Apr, 2008 4 commits
-
-
Linus Torvalds authored
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: security: fix up documentation for security_module_enable Security: Introduce security= boot parameter Audit: Final renamings and cleanup SELinux: use new audit hooks, remove redundant exports Audit: internally use the new LSM audit hooks LSM/Audit: Introduce generic Audit LSM hooks SELinux: remove redundant exports Netlink: Use generic LSM hook Audit: use new LSM hooks instead of SELinux exports SELinux: setup new inode/ipc getsecid hooks LSM: Introduce inode_getsecid and ipc_getsecid hooks
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.26Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6.26: (1090 commits) [NET]: Fix and allocate less memory for ->priv'less netdevices [IPV6]: Fix dangling references on error in fib6_add(). [NETLABEL]: Fix NULL deref in netlbl_unlabel_staticlist_gen() if ifindex not found [PKT_SCHED]: Fix datalen check in tcf_simp_init(). [INET]: Uninline the __inet_inherit_port call. [INET]: Drop the inet_inherit_port() call. SCTP: Initialize partial_bytes_acked to 0, when all of the data is acked. [netdrvr] forcedeth: internal simplifications; changelog removal phylib: factor out get_phy_id from within get_phy_device PHY: add BCM5464 support to broadcom PHY driver cxgb3: Fix __must_check warning with dev_dbg. tc35815: Statistics cleanup natsemi: fix MMIO for PPC 44x platforms [TIPC]: Cleanup of TIPC reference table code [TIPC]: Optimized initialization of TIPC reference table [TIPC]: Remove inlining of reference table locking routines e1000: convert uint16_t style integers to u16 ixgb: convert uint16_t style integers to u16 sb1000.c: make const arrays static sb1000.c: stop inlining largish static functions ...
-
James Morris authored
security_module_enable() can only be called during kernel init. Signed-off-by: James Morris <jmorris@namei.org>
-
Ahmed S. Darwish authored
Add the security= boot parameter. This is done to avoid LSM registration clashes in case of more than one bult-in module. User can choose a security module to enable at boot. If no security= boot parameter is specified, only the first LSM asking for registration will be loaded. An invalid security module name will be treated as if no module has been chosen. LSM modules must check now if they are allowed to register by calling security_module_enable(ops) first. Modify SELinux and SMACK to do so. Do not let SMACK register smackfs if it was not chosen on boot. Smackfs assumes that smack hooks are registered and the initial task security setup (swapper->security) is done. Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org>
-
- 18 Apr, 2008 5 commits
-
-
Ahmed S. Darwish authored
Rename the se_str and se_rule audit fields elements to lsm_str and lsm_rule to avoid confusion. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org>
-
Ahmed S. Darwish authored
Setup the new Audit LSM hooks for SELinux. Remove the now redundant exported SELinux Audit interface. Audit: Export 'audit_krule' and 'audit_field' to the public since their internals are needed by the implementation of the new LSM hook 'audit_rule_known'. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org>
-
Ahmed S. Darwish authored
Convert Audit to use the new LSM Audit hooks instead of the exported SELinux interface. Basically, use: security_audit_rule_init secuirty_audit_rule_free security_audit_rule_known security_audit_rule_match instad of (respectively) : selinux_audit_rule_init selinux_audit_rule_free audit_rule_has_selinux selinux_audit_rule_match Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org>
-
Ahmed S. Darwish authored
Introduce a generic Audit interface for security modules by adding the following new LSM hooks: audit_rule_init(field, op, rulestr, lsmrule) audit_rule_known(krule) audit_rule_match(secid, field, op, rule, actx) audit_rule_free(rule) Those hooks are only available if CONFIG_AUDIT is enabled. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org> Reviewed-by: Paul Moore <paul.moore@hp.com>
-
Ahmed S. Darwish authored
Remove the following exported SELinux interfaces: selinux_get_inode_sid(inode, sid) selinux_get_ipc_sid(ipcp, sid) selinux_get_task_sid(tsk, sid) selinux_sid_to_string(sid, ctx, len) They can be substitued with the following generic equivalents respectively: new LSM hook, inode_getsecid(inode, secid) new LSM hook, ipc_getsecid*(ipcp, secid) LSM hook, task_getsecid(tsk, secid) LSM hook, sid_to_secctx(sid, ctx, len) Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org> Reviewed-by: Paul Moore <paul.moore@hp.com>
-