linux-toradex.git/drivers/pci, branch imx-android-r12 Linux kernel for Apalis and Colibri modules pci: use security_capable() when checking capablities during config space read 2011-02-15T08:06:31+00:00 Chris Wright chrisw@sous-sol.org 2011-02-15T01:21:49+00:00 a628e7b87e100befac9702aa0c3b9848a7685e49 This reintroduces commit 47970b1b which was subsequently reverted as f00eaeea. The original change was broken and caused X startup failures and generally made privileged processes incapable of reading device dependent config space. The normal capable() interface returns true on success, but the LSM interface returns 0 on success. This thinko is now fixed in this patch, and has been confirmed to work properly. So, once again...Eric Paris noted that commit de139a3 ("pci: check caps from sysfs file open to read device dependent config space") caused the capability check to bypass security modules and potentially auditing. Rectify this by calling security_capable() when checking the open file's capabilities for config space reads. Reported-by: Eric Paris <eparis@redhat.com> Tested-by: Dave Young <hidave.darkstar@gmail.com> Acked-by: James Morris <jmorris@namei.org> Cc: Dave Airlie <airlied@gmail.com> Cc: Alex Riesen <raa.lkml@gmail.com> Cc: Sedat Dilek <sedat.dilek@googlemail.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: James Morris <jmorris@namei.org> 
This reintroduces commit 47970b1b which was subsequently reverted
as f00eaeea.  The original change was broken and caused X startup
failures and generally made privileged processes incapable of reading
device dependent config space.  The normal capable() interface returns
true on success, but the LSM interface returns 0 on success.  This thinko
is now fixed in this patch, and has been confirmed to work properly.

So, once again...Eric Paris noted that commit de139a3 ("pci: check caps
from sysfs file open to read device dependent config space") caused the
capability check to bypass security modules and potentially auditing.
Rectify this by calling security_capable() when checking the open file's
capabilities for config space reads.

Reported-by: Eric Paris <eparis@redhat.com>
Tested-by: Dave Young <hidave.darkstar@gmail.com>
Acked-by: James Morris <jmorris@namei.org>
Cc: Dave Airlie <airlied@gmail.com>
Cc: Alex Riesen <raa.lkml@gmail.com>
Cc: Sedat Dilek <sedat.dilek@googlemail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: James Morris <jmorris@namei.org>
Revert "pci: use security_capable() when checking capablities during config space read" 2011-02-13T15:50:50+00:00 Linus Torvalds torvalds@linux-foundation.org 2011-02-13T15:50:50+00:00 f00eaeea7a42b5ea327e9ce8839cb0b53d3bdb4e This reverts commit 47970b1b2aa64464bc0a9543e86361a622ae7c03. It turns out it breaks several distributions. Looks like the stricter selinux checks fail due to selinux policies not being set to allow the access - breaking X, but also lspci. So while the change was clearly the RightThing(tm) to do in theory, in practice we have backwards compatibility issues making it not work. Reported-by: Dave Young <hidave.darkstar@gmail.com> Acked-by: David Airlie <airlied@linux.ie> Acked-by: Alex Riesen <raa.lkml@gmail.com> Cc: Eric Paris <eparis@redhat.com> Cc: Chris Wright <chrisw@sous-sol.org> Cc: James Morris <jmorris@namei.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
This reverts commit 47970b1b2aa64464bc0a9543e86361a622ae7c03.

It turns out it breaks several distributions.  Looks like the stricter
selinux checks fail due to selinux policies not being set to allow the
access - breaking X, but also lspci.

So while the change was clearly the RightThing(tm) to do in theory, in
practice we have backwards compatibility issues making it not work.

Reported-by: Dave Young <hidave.darkstar@gmail.com>
Acked-by: David Airlie <airlied@linux.ie>
Acked-by: Alex Riesen <raa.lkml@gmail.com>
Cc: Eric Paris <eparis@redhat.com>
Cc: Chris Wright <chrisw@sous-sol.org>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
pci: use security_capable() when checking capablities during config space read 2011-02-11T06:58:11+00:00 Chris Wright chrisw@sous-sol.org 2011-02-10T23:58:56+00:00 47970b1b2aa64464bc0a9543e86361a622ae7c03 Eric Paris noted that commit de139a3 ("pci: check caps from sysfs file open to read device dependent config space") caused the capability check to bypass security modules and potentially auditing. Rectify this by calling security_capable() when checking the open file's capabilities for config space reads. Reported-by: Eric Paris <eparis@redhat.com> Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: James Morris <jmorris@namei.org> 
Eric Paris noted that commit de139a3 ("pci: check caps from sysfs file
open to read device dependent config space") caused the capability check
to bypass security modules and potentially auditing.  Rectify this by
calling security_capable() when checking the open file's capabilities
for config space reads.

Reported-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: James Morris <jmorris@namei.org>
kconfig: rename CONFIG_EMBEDDED to CONFIG_EXPERT 2011-01-21T01:02:05+00:00 David Rientjes rientjes@google.com 2011-01-20T22:44:16+00:00 6a108a14fa356ef607be308b68337939e56ea94e The meaning of CONFIG_EMBEDDED has long since been obsoleted; the option is used to configure any non-standard kernel with a much larger scope than only small devices. This patch renames the option to CONFIG_EXPERT in init/Kconfig and fixes references to the option throughout the kernel. A new CONFIG_EMBEDDED option is added that automatically selects CONFIG_EXPERT when enabled and can be used in the future to isolate options that should only be considered for embedded systems (RISC architectures, SLOB, etc). Calling the option "EXPERT" more accurately represents its intention: only expert users who understand the impact of the configuration changes they are making should enable it. Reviewed-by: Ingo Molnar <mingo@elte.hu> Acked-by: David Woodhouse <david.woodhouse@intel.com> Signed-off-by: David Rientjes <rientjes@google.com> Cc: Greg KH <gregkh@suse.de> Cc: "David S. Miller" <davem@davemloft.net> Cc: Jens Axboe <axboe@kernel.dk> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Robin Holt <holt@sgi.com> Cc: <linux-arch@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
The meaning of CONFIG_EMBEDDED has long since been obsoleted; the option
is used to configure any non-standard kernel with a much larger scope than
only small devices.

This patch renames the option to CONFIG_EXPERT in init/Kconfig and fixes
references to the option throughout the kernel.  A new CONFIG_EMBEDDED
option is added that automatically selects CONFIG_EXPERT when enabled and
can be used in the future to isolate options that should only be
considered for embedded systems (RISC architectures, SLOB, etc).

Calling the option "EXPERT" more accurately represents its intention: only
expert users who understand the impact of the configuration changes they
are making should enable it.

Reviewed-by: Ingo Molnar <mingo@elte.hu>
Acked-by: David Woodhouse <david.woodhouse@intel.com>
Signed-off-by: David Rientjes <rientjes@google.com>
Cc: Greg KH <gregkh@suse.de>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Robin Holt <holt@sgi.com>
Cc: <linux-arch@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Merge branch 'linux-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci-2.6 2011-01-14T17:29:05+00:00 Linus Torvalds torvalds@linux-foundation.org 2011-01-14T17:29:05+00:00 d73b388459b1ee2e80f8ff9c1916d75640d7d920 * 'linux-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci-2.6: PCI/PM: Report wakeup events before resuming devices PCI/PM: Use pm_wakeup_event() directly for reporting wakeup events PCI: sysfs: Update ROM to include default owner write access x86/PCI: make Broadcom CNB20LE driver EMBEDDED and EXPERIMENTAL x86/PCI: don't use native Broadcom CNB20LE driver when ACPI is available PCI/ACPI: Request _OSC control once for each root bridge (v3) PCI: enable pci=bfsort by default on future Dell systems PCI/PCIe: Clear Root PME Status bits early during system resume PCI: pci-stub: ignore zero-length id parameters x86/PCI: irq and pci_ids patch for Intel Patsburg PCI: Skip id checking if no id is passed PCI: fix __pci_device_probe kernel-doc warning PCI: make pci_restore_state return void PCI: Disable ASPM if BIOS asks us to PCI: Add mask bit definition for MSI-X table PCI: MSI: Move MSI-X entry definition to pci_regs.h Fix up trivial conflicts in drivers/net/{skge.c,sky2.c} that had in the meantime been converted to not use legacy PCI power management, and thus no longer use pci_restore_state() at all (and that caused trivial conflicts with the "make pci_restore_state return void" patch) 
* 'linux-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci-2.6:
  PCI/PM: Report wakeup events before resuming devices
  PCI/PM: Use pm_wakeup_event() directly for reporting wakeup events
  PCI: sysfs: Update ROM to include default owner write access
  x86/PCI: make Broadcom CNB20LE driver EMBEDDED and EXPERIMENTAL
  x86/PCI: don't use native Broadcom CNB20LE driver when ACPI is available
  PCI/ACPI: Request _OSC control once for each root bridge (v3)
  PCI: enable pci=bfsort by default on future Dell systems
  PCI/PCIe: Clear Root PME Status bits early during system resume
  PCI: pci-stub: ignore zero-length id parameters
  x86/PCI: irq and pci_ids patch for Intel Patsburg
  PCI: Skip id checking if no id is passed
  PCI: fix __pci_device_probe kernel-doc warning
  PCI: make pci_restore_state return void
  PCI: Disable ASPM if BIOS asks us to
  PCI: Add mask bit definition for MSI-X table
  PCI: MSI: Move MSI-X entry definition to pci_regs.h

Fix up trivial conflicts in drivers/net/{skge.c,sky2.c} that had in the
meantime been converted to not use legacy PCI power management, and thus
no longer use pci_restore_state() at all (and that caused trivial
conflicts with the "make pci_restore_state return void" patch)
PCI/PM: Report wakeup events before resuming devices 2011-01-14T16:55:43+00:00 Rafael J. Wysocki rjw@sisk.pl 2010-12-29T12:22:08+00:00 0f953bf6b4efa0daddb7c418130a9bd3ee97f7ed Make wakeup events be reported by the PCI subsystem before attempting to resume devices or queuing up runtime resume requests for them, because wakeup events should be reported as soon as they have been detected. Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org> 
Make wakeup events be reported by the PCI subsystem before attempting to
resume devices or queuing up runtime resume requests for them, because
wakeup events should be reported as soon as they have been detected.

Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
PCI/PM: Use pm_wakeup_event() directly for reporting wakeup events 2011-01-14T16:55:43+00:00 Rafael J. Wysocki rjw@sisk.pl 2010-12-29T12:21:23+00:00 b6e335aeeb114dccb07eaa09e8b62ff9510cf745 After recent changes related to wakeup events pm_wakeup_event() automatically checks if the given device is configured to signal wakeup, so pci_wakeup_event() may be a static inline function calling pm_wakeup_event() directly. Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org> 
After recent changes related to wakeup events pm_wakeup_event()
automatically checks if the given device is configured to signal wakeup,
so pci_wakeup_event() may be a static inline function calling
pm_wakeup_event() directly.

Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
PCI: sysfs: Update ROM to include default owner write access 2011-01-14T16:55:42+00:00 Alex Williamson alex.williamson@redhat.com 2011-01-05T17:26:41+00:00 ff29530e651a3449aea6b0ef4c7048db9e22ef27 The PCI sysfs ROM interface requires an enabling write to access the ROM image, but the default file mode is 0400. The original proposed patch adding sysfs ROM support was a true read-only interface, with the enabling bit coming in as a feature request. I suspect it was simply an oversight that the file mode didn't get updated to match the API. Acked-by: Chris Wright <chrisw@redhat.com> Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org> 
The PCI sysfs ROM interface requires an enabling write to access the ROM
image, but the default file mode is 0400.  The original proposed patch
adding sysfs ROM support was a true read-only interface, with the
enabling bit coming in as a feature request.  I suspect it was simply an
oversight that the file mode didn't get updated to match the API.

Acked-by: Chris Wright <chrisw@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
PCI/ACPI: Request _OSC control once for each root bridge (v3) 2011-01-14T16:55:41+00:00 Rafael J. Wysocki rjw@sisk.pl 2011-01-06T23:55:09+00:00 415e12b2379239973feab91850b0dce985c6058a Move the evaluation of acpi_pci_osc_control_set() (to request control of PCI Express native features) into acpi_pci_root_add() to avoid calling it many times for the same root complex with the same arguments. Additionally, check if all of the requisite _OSC support bits are set before calling acpi_pci_osc_control_set() for a given root complex. References: https://bugzilla.kernel.org/show_bug.cgi?id=20232 Reported-by: Ozan Caglayan <ozan@pardus.org.tr> Tested-by: Ozan Caglayan <ozan@pardus.org.tr> Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org> 
Move the evaluation of acpi_pci_osc_control_set() (to request control of
PCI Express native features) into acpi_pci_root_add() to avoid calling
it many times for the same root complex with the same arguments.
Additionally, check if all of the requisite _OSC support bits are set
before calling acpi_pci_osc_control_set() for a given root complex.

References: https://bugzilla.kernel.org/show_bug.cgi?id=20232
Reported-by: Ozan Caglayan <ozan@pardus.org.tr>
Tested-by: Ozan Caglayan <ozan@pardus.org.tr>
Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
Merge branch 'stable/xenbus' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen 2011-01-12T16:37:35+00:00 Linus Torvalds torvalds@linux-foundation.org 2011-01-12T16:37:35+00:00 94d4c4cd563aeff4d498168f1c8444074160d0e7 * 'stable/xenbus' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen: xen/xenbus: making backend support modular is too complex xen/pci: Make xen-pcifront be dependent on XEN_XENBUS_FRONTEND xen/xenbus: fixup checkpatch issues in xenbus_probe* xen/netfront: select XEN_XENBUS_FRONTEND xen/xenbus: clean up noise in xenbus_probe_frontend.c xen/xenbus: clean up noise in xenbus_probe_backend.c xen/xenbus: clean up noise in xenbus_probe.c xen/xenbus: cleanup debug noise in xenbus_comms.c xen/xenbus: clean up error handling xen/xenbus: make frontend bus GPL xen/xenbus: make sure backend bus is registered earlier xenbus/frontend: register bus earlier xen: remove xen/evtchn.h xen: add backend driver support xen: separate out frontend xenbus 
* 'stable/xenbus' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
  xen/xenbus: making backend support modular is too complex
  xen/pci: Make xen-pcifront be dependent on XEN_XENBUS_FRONTEND
  xen/xenbus: fixup checkpatch issues in xenbus_probe*
  xen/netfront: select XEN_XENBUS_FRONTEND
  xen/xenbus: clean up noise in xenbus_probe_frontend.c
  xen/xenbus: clean up noise in xenbus_probe_backend.c
  xen/xenbus: clean up noise in xenbus_probe.c
  xen/xenbus: cleanup debug noise in xenbus_comms.c
  xen/xenbus: clean up error handling
  xen/xenbus: make frontend bus GPL
  xen/xenbus: make sure backend bus is registered earlier
  xenbus/frontend: register bus earlier
  xen: remove xen/evtchn.h
  xen: add backend driver support
  xen: separate out frontend xenbus