Commit Graph

310704 Commits

Author SHA1 Message Date
Michael Büsch
1083a0f9b8 [media] af9035: Add Afatech USB PIDs
Add some generic Afatech USB PIDs used by "Cabstone" sticks and others.

Signed-off-by: Michael Buesch <m@bues.ch>
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:51:08 -03:00
Michael Büsch
ffc501f654 [media] af9035: Add fc0011 tuner support
This adds Fitipower fc0011 tuner support to the af9035 driver.

Signed-off-by: Michael Buesch <m@bues.ch>
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:50:45 -03:00
Aaro Koskinen
9a637e1921 ARM: OMAP1: mux: add missing include
Fix the following build breakage in v3.4-rc2 that happens
with CONFIG_OMAP_MUX=y:

arch/arm/mach-omap1/mux.c:89:1: error: 'FUNC_MUX_CTRL_9' undeclared here (not in a function)
arch/arm/mach-omap1/mux.c:89:1: error: 'PULL_DWN_CTRL_2' undeclared here (not in a function)
arch/arm/mach-omap1/mux.c:93:1: error: 'FUNC_MUX_CTRL_C' undeclared here (not in a function)

Signed-off-by: Aaro Koskinen <aaro.koskinen@iki.fi>
Acked-by: Jarkko Nikula <jarkko.nikula@bitmer.com>
[tony@atomide.com: updated comments]
Signed-off-by: Tony Lindgren <tony@atomide.com>
2012-04-09 10:50:12 -07:00
Michael Büsch
eea977ed63 [media] Add fc0011 tuner driver
This adds support for the Fitipower fc0011 DVB-t tuner.

Signed-off-by: Michael Buesch <m@bues.ch>
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:49:32 -03:00
Gianluca Gennari
6ec12988c0 [media] af9035: fix warning
On a 32 bit system:

af9035.c: In function 'af9035_download_firmware':
af9035.c:446:3: warning: format '%lu' expects argument of type 'long unsigned
int', but argument 3 has type 'unsigned int' [-Wformat]

%zu avoids any warning on both 32 and 64 bit systems.

Signed-off-by: Gianluca Gennari <gennarone@gmail.com>
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:46:15 -03:00
Michael Büsch
b1a9599a0d [media] af9035: Add USB read checksumming
This adds USB message read checksumming to protect against
device and bus errors.
It also adds a read length check to avoid returning garbage from
the buffer, if the device truncated the message.

Signed-off-by: Michael Buesch <m@bues.ch>
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:45:37 -03:00
Hans-Frieder Vogt
812fe6d942 [media] af9035: i2c read fix
Enable i2c read requests.

I2C read fix (necessary e.g. for mxl5007t tuner, because it
sends a 2 bytes for a read request, thus msg[0].len != msg[1].len).

Signed-off-by: Hans-Frieder Vogt <hfvogt@gmx.net>
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:45:16 -03:00
Antti Palosaari
8e8a5ac763 [media] af9035: add log writing if unsupported Xtal freq is given
Supports currently only 12 MHz Xtals. It is better to print log
and not to attach frontend in that case.

Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:44:59 -03:00
Antti Palosaari
e898ef6272 [media] af9033: implement .read_snr()
Returns values as 0.1 dB resolution as preferred nowadays.
Actual resolution is 1 dB.

Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:44:45 -03:00
Antti Palosaari
3a871ca270 [media] af9033: correct debug print
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:44:12 -03:00
Antti Palosaari
41d44a815a [media] af9035: add missing error check
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:43:57 -03:00
Antti Palosaari
77c5ff2d89 [media] af9035: reimplement firmware downloader
Big thanks to Daniel Glöckner <daniel-gl@gmx.net> for
revealing firmware structure on Linux Media mailing
list.

Signed-off-by: Antti Palosaari <crope@iki.fi>
Cc: Daniel Glöckner <daniel-gl@gmx.net>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:43:40 -03:00
Tomoya MORINAGA
867c902e07 pch_uart: Fix MSI setting issue
The following patch (MSI setting) is not enough.

commit e463595fd9
Author: Alexander Stein <alexander.stein@systec-electronic.com>
Date:   Mon Jul 4 08:58:31 2011 +0200

    pch_uart: Add MSI support

    Signed-off-by: Alexander Stein <alexander.stein@systec-electronic.com>
    Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

To enable MSI mode, PCI bus-mastering must be enabled.
This patch enables the setting.

cc: Alexander Stein <alexander.stein@systec-electronic.com>
Signed-off-by: Tomoya MORINAGA <tomoya.rohm@gmail.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-04-09 10:43:26 -07:00
Antti Palosaari
5a9abae497 [media] af9035: enhancement for unknown tuner ID handling
* do not attach frontend when tuner is not supported
* fix unkown tuner ID log write format
* add prefix for dvb-usb log writings

Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:43:01 -03:00
Antti Palosaari
7f882c2e35 [media] Afatech AF9035 DVB USB driver
AF9035 is integrated DVB USB interface and DVB-T demodulator.
Integrated demodulator is AF9033 and its driver is attached
runtime as a own module.

Driver currently supports only one device,
TerraTec Cinergy T Stick [0ccd:0093].

TerraTec Cinergy T Stick is based of Afatech AF9035 +
Infineon TUA 9001 silicon tuner.

Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:42:19 -03:00
Dan Williams
bc02d15a34 serial/8250_pci: add a "force background timer" flag and use it for the "kt" serial port
Workaround dropped notifications in the iir register.  Register reads
coincident with new interrupt notifications sometimes result in this
device clearing the interrupt event without reporting it in the read
data.

The serial core already has a heuristic for determining when a device
has an untrustworthy iir register.  In this case when we apriori know
that the iir is faulty use a flag (UPF_BUG_THRE) to bypass the test and
force usage of the background timer.

[stable: 3.3.x]
Acked-by: Alan Cox <alan@linux.intel.com>
Cc: stable <stable@vger.kernel.org>
Reported-by: Nhan H Mai <nhan.h.mai@intel.com>
Reported-by: Sudhakar Mamillapalli <sudhakar@fb.com>
Tested-by: Nhan H Mai <nhan.h.mai@intel.com>
Tested-by: Sudhakar Mamillapalli <sudhakar@fb.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-04-09 10:38:30 -07:00
Dan Williams
49b532f96f Revert "serial/8250_pci: setup-quirk workaround for the kt serial controller"
This reverts commit 448ac154c9.

The semantic of UPF_IIR_ONCE is only guaranteed to workaround the race
condition in the kt serial's iir register if the only source of
interrupts is THRE (fifo-empty) events.  An modem status event at the
wrong time can again cause an iir read to drop the 'empty' status
leading to a hang.  So, revert this in preparation for using the
existing "I don't trust my iir register" workaround in the 8250 core
(UART_BUG_THRE).

[stable: 3.3.x]
Cc: stable <stable@vger.kernel.org>
Acked-by: Alan Cox <alan@linux.intel.com>
Cc: Sudhakar Mamillapalli <sudhakar@fb.com>
Reported-by: Nhan H Mai <nhan.h.mai@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-04-09 10:34:52 -07:00
Dan Williams
3579812373 Revert "serial/8250_pci: init-quirk msi support for kt serial controller"
This reverts commit e86ff4a63c.

This tried to enforce the semantics of one interrupt per iir read of the
THRE (transmit-hold empty) status, but events from other sources
(particularly modem status) defeat this guarantee.

This change also broke 8250_pci suspend/resume support as
pciserial_resume_ports() re-runs .init() quirks, but does not run
.exit() quirks in pciserial_suspend_ports() leading to reports like:

  sysfs: cannot create duplicate filename '/devices/pci0000:00/0000:00:16.3/msi_irqs'

...and a subsequent crash.  The mismatch of init/exit at suspend/resume
seems like a bug in its own right.

[stable: 3.3.x]
Cc: stable <stable@vger.kernel.org>
Acked-by: Alan Cox <alan@linux.intel.com>
Cc: Sudhakar Mamillapalli <sudhakar@fb.com>
Reported-by: Nhan H Mai <nhan.h.mai@intel.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-04-09 10:34:16 -07:00
Arnd Bergmann
d8c4019b41 tty/serial/omap: console can only be built-in
When the omap serial driver is built as a module, we must
not allow the console driver to be selected, because consoles
can not be loadable modules.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Acked-by: Govindraj.R <govindraj.raja@ti.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-04-09 10:34:16 -07:00
Antti Palosaari
4b64bb268f [media] Afatech AF9033 DVB-T demodulator driver
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:33:42 -03:00
Antti Palosaari
f9263747b1 [media] Infineon TUA 9001 silicon tuner driver
Signed-off-by: Antti Palosaari <crope@iki.fi>
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
2012-04-09 14:31:34 -03:00
Kukjin Kim
7b246a1d0d serial: samsung: fix omission initialize ulcon in reset port fn()
Fix omission initialize ulcon in s3c24xx_serial_resetport(),
reset port function in drivers/tty/serial/samsung.c. It has
been happened from commit 0dfb3b41("serial: samsung: merge
all SoC specific port reset functions")

Signed-off-by: Kukjin Kim <kgene.kim@samsung.com>
Cc: stable <stable@vger.kernel.org> [3.3]
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-04-09 10:30:39 -07:00
Kay Sievers
5da527aafe printk(): add KERN_CONT where needed in hpet and vt code
A prototype for kmsg records instead of a byte-stream buffer revealed
a couple of missing printk(KERN_CONT ...) uses. Subsequent calls produce
one record per printk() call, while all should have ended up in a single
record.

Instead of:
  ACPI: (supports S0 S5)
  ACPI: PCI Interrupt Link [LNKA] (IRQs 5 *10 11)
  hpet0: at MMIO 0xfed00000, IRQs 2 , 8 , 0

It prints:
  ACPI: (supports S0
   S5
  )
  ACPI: PCI Interrupt Link [LNKA] (IRQs
   5
   *10
   11
  )
  hpet0: at MMIO 0xfed00000, IRQs
   2
  , 8
  , 0

Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Len Brown <lenb@kernel.org>
Signed-off-by: Kay Sievers <kay@vrfy.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-04-09 10:30:39 -07:00
Siftar, Gabe
57c3686842 tty/serial: atmel_serial: fix RS485 half-duplex problem
On our custom board, we are using RS485 in half-duplex mode on an AT91SAM9G45.
SER_RS485_RX_DURING_TX is not set as we do not want to receive the data we
transmit (our transceiver will receive transmitted data).
Although the current driver attempts to disable and enable the receiver at the
appropriate points, incoming data is still loaded into the receive register
causing our code to receive the very last byte that was sent once the receiver
is enabled.

I ran this by Atmel support and they wrote: "The issue comes from the fact
that you disable the PDC/DMA Reception and not the USART Reception channel. In
your case, the[n] you will still receive data into the USART_RHR register, and
maybe you [h]ave the overrun flag set. So please disable the USART reception
channel."

The following patch should force the driver to enable/disable the receiver via
RXEN/RXDIS fields of the USART control register. It fixed the issue I was
having.

Signed-off-by: Gabe Siftar <gabe.siftar@getingeusa.com>
[nicolas.ferre@atmel.com: slightly modify commit message]
Signed-off-by: Nicolas Ferre <nicolas.ferre@atmel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-04-09 10:30:39 -07:00
Yuriy Kozlov
acede70d65 tty: serial: altera_uart: Check for NULL platform_data in probe.
Follow altera_jtag_uart.  This fixes a crash if there is a mistake in the DTS.

Signed-off-by: Yuriy Kozlov <ykozlov@ptcusa.com>
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-04-09 10:30:39 -07:00
Tilman Schmidt
ef37ea34ca isdn/gigaset: use gig_dbg() for debugging output
The "TTY buffer in tty_port" patchset introduced an opencoded
debug message in the Gigaset tty device if_close() function.
Change it to use the gig_dbg() macro like everywhere else in
the driver.

Signed-off-by: Tilman Schmidt <tilman@imap.cc>
Cc: Jiri Slaby <jslaby@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-04-09 10:30:38 -07:00
Shubhrajyoti D
388bc26226 omap-serial: Fix the error handling in the omap_serial probe
The patch does the following

- The pm_runtime_disable is called in the remove not in the error
  case of probe.The patch calls the pm_runtime_disable in the error
  case.
- Calls pm_runtime_put in the error case.
- The  up is not freed in the error path. Fix the memory leak by using
  devm_* so that the memory need not be freed in the driver.
- Also the iounmap is not called fix the same by calling using devm_ioremap.
- Make the name of the error tags more meaningful.

Cc: Mark Brown <broonie@opensource.wolfsonmicro.com>
Cc: Govindraj.R <govindraj.raja@ti.com>
Signed-off-by: Shubhrajyoti D <shubhrajyoti@ti.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2012-04-09 10:30:38 -07:00
Stephen Warren
82ef0ae46b ASoC: tegra: add runtime PM support
To the Tegra I2S and SPDIF drivers

Signed-off-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: Mark Brown <broonie@opensource.wolfsonmicro.com>
2012-04-09 17:42:48 +01:00
Eric Paris
c737f8284c SELinux: remove unused common_audit_data in flush_unauthorized_files
We don't need this variable and it just eats stack space.  Remove it.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:57 -04:00
Wanlong Gao
562c99f20d SELinux: avc: remove the useless fields in avc_add_callback
avc_add_callback now just used for registering reset functions
in initcalls, and the callback functions just did reset operations.
So, reducing the arguments to only one event is enough now.

Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:44 -04:00
Wanlong Gao
0b36e44cc6 SELinux: replace weak GFP_ATOMIC to GFP_KERNEL in avc_add_callback
avc_add_callback now only called from initcalls, so replace the
weak GFP_ATOMIC to GFP_KERNEL, and mark this function __init
to make a warning when not been called from initcalls.

Signed-off-by: Wanlong Gao <gaowanlong@cn.fujitsu.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:07 -04:00
Eric Paris
899838b25f SELinux: unify the selinux_audit_data and selinux_late_audit_data
We no longer need the distinction.  We only need data after we decide to do an
audit.  So turn the "late" audit data into just "data" and remove what we
currently have as "data".

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:06 -04:00
Eric Paris
1d34929271 SELinux: remove auditdeny from selinux_audit_data
It's just takin' up space.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:05 -04:00
Eric Paris
50c205f5e5 LSM: do not initialize common_audit_data to 0
It isn't needed.  If you don't set the type of the data associated with
that type it is a pretty obvious programming bug.  So why waste the cycles?

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:04 -04:00
Eric Paris
07f62eb66c LSM: BUILD_BUG_ON if the common_audit_data union ever grows
We did a lot of work to shrink the common_audit_data.  Add a BUILD_BUG_ON
so future programers (let's be honest, probably me) won't do something
foolish like make it large again!

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:03 -04:00
Eric Paris
b466066f9b LSM: remove the task field from common_audit_data
There are no legitimate users.  Always use current and get back some stack
space for the common_audit_data.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:03 -04:00
Eric Paris
0972c74ecb apparmor: move task from common_audit_data to apparmor_audit_data
apparmor is the only LSM that uses the common_audit_data tsk field.
Instead of making all LSMs pay for the stack space move the aa usage into
the apparmor_audit_data.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:02 -04:00
Eric Paris
bd5e50f9c1 LSM: remove the COMMON_AUDIT_DATA_INIT type expansion
Just open code it so grep on the source code works better.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:01 -04:00
Eric Paris
d4cf970d07 SELinux: move common_audit_data to a noinline slow path function
selinux_inode_has_perm is a hot path.  Instead of declaring the
common_audit_data on the stack move it to a noinline function only used in
the rare case we need to send an audit message.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:00 -04:00
Eric Paris
602a8dd6ea SELinux: remove inode_has_perm_noadp
Both callers could better be using file_has_perm() to get better audit
results.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:23:00 -04:00
Eric Paris
2e33405785 SELinux: delay initialization of audit data in selinux_inode_permission
We pay a rather large overhead initializing the common_audit_data.
Since we only need this information if we actually emit an audit
message there is little need to set it up in the hot path.  This patch
splits the functionality of avc_has_perm() into avc_has_perm_noaudit(),
avc_audit_required() and slow_avc_audit().  But we take care of setting
up to audit between required() and the actual audit call.  Thus saving
measurable time in a hot path.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:22:59 -04:00
Eric Paris
154c50ca4e SELinux: if sel_make_bools errors don't leave inconsistent state
We reset the bool names and values array to NULL, but do not reset the
number of entries in these arrays to 0.  If we error out and then get back
into this function we will walk these NULL pointers based on the belief
that they are non-zero length.

Signed-off-by: Eric Paris <eparis@redhat.com>
cc: stable@kernel.org
2012-04-09 12:22:58 -04:00
Eric Paris
92ae9e82d9 SELinux: remove needless sel_div function
I'm not really sure what the idea behind the sel_div function is, but it's
useless.  Since a and b are both unsigned, it's impossible for a % b < 0.
That means that part of the function never does anything.  Thus it's just a
normal /.  Just do that instead.  I don't even understand what that operation
was supposed to mean in the signed case however....

If it was signed:
sel_div(-2, 4) == ((-2 / 4) - ((-2 % 4) < 0))
		  ((0)      - ((-2)     < 0))
		  ((0)      - (1))
		  (-1)

What actually happens:
sel_div(-2, 4) == ((18446744073709551614 / 4) - ((18446744073709551614 % 4) < 0))
		  ((4611686018427387903)      - ((2 < 0))
		  (4611686018427387903        - 0)
		  ((unsigned int)4611686018427387903)
		  (4294967295)

Neither makes a whole ton of sense to me.  So I'm getting rid of the
function entirely.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:22:57 -04:00
Eric Paris
bb7081ab93 SELinux: possible NULL deref in context_struct_to_string
It's possible that the caller passed a NULL for scontext.  However if this
is a defered mapping we might still attempt to call *scontext=kstrdup().
This is bad.  Instead just return the len.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:22:56 -04:00
Eric Paris
d6ea83ec68 SELinux: audit failed attempts to set invalid labels
We know that some yum operation is causing CAP_MAC_ADMIN failures.  This
implies that an RPM is laying down (or attempting to lay down) a file with
an invalid label.  The problem is that we don't have any information to
track down the cause.  This patch will cause such a failure to report the
failed label in an SELINUX_ERR audit message.  This is similar to the
SELINUX_ERR reports on invalid transitions and things like that.  It should
help run down problems on what is trying to set invalid labels in the
future.

Resulting records look something like:
type=AVC msg=audit(1319659241.138:71): avc:  denied  { mac_admin } for pid=2594 comm="chcon" capability=33 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=capability2
type=SELINUX_ERR msg=audit(1319659241.138:71): op=setxattr invalid_context=unconfined_u:object_r:hello:s0
type=SYSCALL msg=audit(1319659241.138:71): arch=c000003e syscall=188 success=no exit=-22 a0=a2c0e0 a1=390341b79b a2=a2d620 a3=1f items=1 ppid=2519 pid=2594 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=1 comm="chcon" exe="/usr/bin/chcon" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
type=CWD msg=audit(1319659241.138:71):  cwd="/root" type=PATH msg=audit(1319659241.138:71): item=0 name="test" inode=785879 dev=fc:03 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=unconfined_u:object_r:admin_home_t:s0

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:22:56 -04:00
Eric Paris
83d498569e SELinux: rename dentry_open to file_open
dentry_open takes a file, rename it to file_open

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:22:50 -04:00
Eric Paris
95dbf73931 SELinux: check OPEN on truncate calls
In RH BZ 578841 we realized that the SELinux sandbox program was allowed to
truncate files outside of the sandbox.  The reason is because sandbox
confinement is determined almost entirely by the 'open' permission.  The idea
was that if the sandbox was unable to open() files it would be unable to do
harm to those files.  This turns out to be false in light of syscalls like
truncate() and chmod() which don't require a previous open() call.  I looked
at the syscalls that did not have an associated 'open' check and found that
truncate(), did not have a seperate permission and even if it did have a
separate permission such a permission owuld be inadequate for use by
sandbox (since it owuld have to be granted so liberally as to be useless).
This patch checks the OPEN permission on truncate.  I think a better solution
for sandbox is a whole new permission, but at least this fixes what we have
today.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:22:49 -04:00
Eric Paris
eed7795d0a SELinux: add default_type statements
Because Fedora shipped userspace based on my development tree we now
have policy version 27 in the wild defining only default user, role, and
range.  Thus to add default_type we need a policy.28.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:22:48 -04:00
Eric Paris
aa893269de SELinux: allow default source/target selectors for user/role/range
When new objects are created we have great and flexible rules to
determine the type of the new object.  We aren't quite as flexible or
mature when it comes to determining the user, role, and range.  This
patch adds a new ability to specify the place a new objects user, role,
and range should come from.  For users and roles it can come from either
the source or the target of the operation.  aka for files the user can
either come from the source (the running process and todays default) or
it can come from the target (aka the parent directory of the new file)

examples always are done with
directory context: system_u:object_r:mnt_t:s0-s0:c0.c512
process context: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

[no rule]
	unconfined_u:object_r:mnt_t:s0   test_none
[default user source]
	unconfined_u:object_r:mnt_t:s0   test_user_source
[default user target]
	system_u:object_r:mnt_t:s0       test_user_target
[default role source]
	unconfined_u:unconfined_r:mnt_t:s0 test_role_source
[default role target]
	unconfined_u:object_r:mnt_t:s0   test_role_target
[default range source low]
	unconfined_u:object_r:mnt_t:s0 test_range_source_low
[default range source high]
	unconfined_u:object_r:mnt_t:s0:c0.c1023 test_range_source_high
[default range source low-high]
	unconfined_u:object_r:mnt_t:s0-s0:c0.c1023 test_range_source_low-high
[default range target low]
	unconfined_u:object_r:mnt_t:s0 test_range_target_low
[default range target high]
	unconfined_u:object_r:mnt_t:s0:c0.c512 test_range_target_high
[default range target low-high]
	unconfined_u:object_r:mnt_t:s0-s0:c0.c512 test_range_target_low-high

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:22:47 -04:00
Eric Paris
6ce74ec75c SELinux: include flow.h where used rather than get it indirectly
We use flow_cache_genid in the selinux xfrm files.  This is declared in
net/flow.h  However we do not include that file directly anywhere.  We have
always just gotten it through a long chain of indirect .h file includes.

on x86_64:

  CC      security/selinux/ss/services.o
In file included from
/next/linux-next-20120216/security/selinux/ss/services.c:69:0:
/next/linux-next-20120216/security/selinux/include/xfrm.h: In function 'selinux_xfrm_notify_policyload':
/next/linux-next-20120216/security/selinux/include/xfrm.h:51:14: error: 'flow_cache_genid' undeclared (first use in this function)
/next/linux-next-20120216/security/selinux/include/xfrm.h:51:14: note: each undeclared identifier is reported only once for each function it appears in
make[3]: *** [security/selinux/ss/services.o] Error 1

Reported-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: Eric Paris <eparis@redhat.com>
2012-04-09 12:22:41 -04:00