aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* PCI: pci_bus_size_cardbus() mustn't be __devinitAdrian Bunk2008-04-201-2/+1
| | | | | | | | | WARNING: drivers/pci/built-in.o(.text+0x28e1f): Section mismatch in reference from the function pci_bus_size_bridges() to the function .devinit.text:pci_bus_size_cardbus() Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: pci_scan_device() mustn't be __devinitAdrian Bunk2008-04-201-2/+1
| | | | | | | | | WARNING: drivers/pci/built-in.o(.text+0x150f): Section mismatch in reference from the function pci_scan_single_device() to the function .devinit.text:pci_scan_device() Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: pci_alloc_child_bus() mustn't be __devinitAdrian Bunk2008-04-201-2/+2
| | | | | | | | | WARNING: drivers/pci/built-in.o(.text+0xc4c): Section mismatch in reference from the function pci_add_new_bus() to the function .devinit.text:pci_alloc_child_bus() Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: replace remaining __FUNCTION__ occurrencesHarvey Harrison2008-04-2039-487/+487
| | | | | | | | __FUNCTION__ is gcc-specific, use __func__ Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: Hotplug: fakephp: Return success, not ENODEV, when bus rescan is triggeredTrent Piepho2008-04-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The 'power' attribute of the fakephp driver originally only let one turn a slot off. If one tried to turn a slot on (echo 1 > .../power), it would return ENODEV, as fakephp did not support this function. An old (pre-git) patch changed this: 2004/11/11 16:33:31-08:00 jdittmer [PATCH] fakephp: add pci bus rescan ability http://article.gmane.org/gmane.linux.kernel/251183 Now writing "1" to the power attribute has the effect of triggering a bus rescan, but it still returns ENODEV, probably an oversight in the above patch. Using the BusyBox echo will not produce an error message, but will trigger *two* bus rescans (and return an exit code of 1): ~ # strace echo -n 1 > /sys/bus/pci/slots/0000:00:00.0/power ... write(1, "1", 1) = -1 ENODEV (No such device) write(1, "1", 1) = -1 ENODEV (No such device) exit(1) = ? Using cp gives a write error, even though the write did happen and a rescan was triggered: ~ # echo -n 1 > tmp ; cp tmp /sys/bus/pci/slots/0000:00:00.0/power cp: Write Error: No such device It seems much better to return success instead of failure. The actual status of the bus rescan is hard to return. It happens asynchronously in a work thread, so the sysfs store functions returns before any status is ready (the whole point of the work queue). And even if it didn't do this, the rescan doesn't have any clear status to return. Signed-off-by: Trent Piepho <tpiepho@freescale.com> CC: Jan Dittmer <jdittmer@ppp0.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: Hotplug: Fix leaks in IBM Hot Plug Controller Driver - ibmphp_init_devno()Jesper Juhl2008-04-201-1/+5
| | | | | | | | | | | | | | | | In drivers/pci/hotplug/ibmphp_core.c::ibmphp_init_devno() we allocate space dynamically for a PCI irq routing table by calling pcibios_get_irq_routing_table(), but we never free the allocated space. This patch frees the allocated space at the function exit points. Spotted by the Coverity checker. Compile tested only. Please consider applying. Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: clean up resource alignment managementIvan Kokshaysky2008-04-205-22/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Done per Linus' request and suggestions. Linus has explained that better than I'll be able to explain: On Thu, Mar 27, 2008 at 10:12:10AM -0700, Linus Torvalds wrote: > Actually, before we go any further, there might be a less intrusive > alternative: add just a couple of flags to the resource flags field (we > still have something like 8 unused bits on 32-bit), and use those to > implement a generic "resource_alignment()" routine. > > Two flags would do it: > > - IORESOURCE_SIZEALIGN: size indicates alignment (regular PCI device > resources) > > - IORESOURCE_STARTALIGN: start field is alignment (PCI bus resources > during probing) > > and then the case of both flags zero (or both bits set) would actually be > "invalid", and we would also clear the IORESOURCE_STARTALIGN flag when we > actually allocate the resource (so that we don't use the "start" field as > alignment incorrectly when it no longer indicates alignment). > > That wouldn't be totally generic, but it would have the nice property of > automatically at least add sanity checking for that whole "res->start has > the odd meaning of 'alignment' during probing" and remove the need for a > new field, and it would allow us to have a generic "resource_alignment()" > routine that just gets a resource pointer. Besides, I removed IORESOURCE_BUS_HAS_VGA flag which was unused for ages. Signed-off-by: Ivan Kokshaysky <ink@jurassic.park.msu.ru> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Gary Hade <garyhade@us.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: aerdrv_acpi.c: remove unneeded NULL checkAdrian Bunk2008-04-201-1/+1
| | | | | | | | | There's no reason for checking pdev->bus for being NULL here (and we'd anyway Oops 3 lines below if it was). Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: Update VIA CX700 quirkTim Yamin2008-04-201-1/+12
| | | | | | | | | | | | | | | This follows up 53a9bf4267b8b1f958dbeb7c8c1ef21c82229b71. Some newer CX700 BIOSes from our vendor have PCI Bus Parking disabled but PCI Master read caching enabled. This creates problems such as system freezing when both the network controller and the USB controller are active and one of them is pretty busy (e.g. heavy network traffic). This patch separates the checks and both the bus parking and the read caching are disabled independently if either is enabled by the BIOS. Signed-off-by: Tim Yamin <tim.yamin@zonbu.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: Expose PCI VPD through sysfsBen Hutchings2008-04-206-14/+297
| | | | | | | | | | | | | | | | | | | | | Vital Product Data (VPD) may be exposed by PCI devices in several ways. It is generally unsafe to read this information through the existing interfaces to user-land because of stateful interfaces. This adds: - abstract operations for VPD access (struct pci_vpd_ops) - VPD state information in struct pci_dev (struct pci_vpd) - an implementation of the VPD access method specified in PCI 2.2 (in access.c) - a 'vpd' binary file in sysfs directories for PCI devices with VPD operations defined It adds a probe for PCI 2.2 VPD in pci_scan_device() and release of VPD state in pci_release_dev(). Signed-off-by: Ben Hutchings <bhutchings@solarflare.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: iommu: iotlb flushingmark gross2008-04-203-18/+135
| | | | | | | | | | | | | | | | | | | | | This patch is for batching up the flushing of the IOTLB for the DMAR implementation found in the Intel VT-d hardware. It works by building a list of to be flushed IOTLB entries and a bitmap list of which DMAR engine they are from. After either a high water mark (250 accessible via debugfs) or 10ms the list of iova's will be reclaimed and the DMAR engines associated are IOTLB-flushed. This approach recovers 15 to 20% of the performance lost when using the IOMMU for my netperf udp stream benchmark with small packets. It can be disabled with a kernel boot parameter "intel_iommu=strict". Its use does weaken the IOMMU protections a bit. Signed-off-by: Mark Gross <mgross@linux.intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: simplify quirk debug outputBjorn Helgaas2008-04-201-2/+2
| | | | | | | | | | print_fn_descriptor_symbol() prints the address if we don't have a symbol, so no need to print both. Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: iova RB tree setup tweakmark gross2008-04-201-14/+36
| | | | | | | | | | | | | | | | The following patch merges two functions into one allowing for a 3% reduction in overhead in locating, allocating and inserting pages for use in IOMMU operations. Its a bit of a eye-crosser so I welcome any RB-tree / MM experts to take a look. It works by re-using some of the information gathered in the search for the pages to use in setting up the IOTLB's in the insertion of the iova structure into the RB tree. Signed-off-by: <mgross@linux.intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: parisc: use generic pci_enable_resources()Bjorn Helgaas2008-04-201-17/+13
| | | | | | | | | | | | | | | Use the generic pci_enable_resources() instead of the arch-specific code. Unlike this arch-specific code, the generic version: - checks PCI_NUM_RESOURCES (11), not DEVICE_COUNT_RESOURCE (12), resources - skips resources that have neither IORESOURCE_IO nor IORESOURCE_MEM set - skips ROM resources unless IORESOURCE_ROM_ENABLE is set - checks for resource collisions with "!r->parent" Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com> Acked-by: Kyle McMartin <kyle@mcmartin.ca> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: ppc: use generic pci_enable_resources()Bjorn Helgaas2008-04-201-57/+2
| | | | | | | | | | | | | | Use the generic pci_enable_resources() instead of the arch-specific code. Unlike this arch-specific code, the generic version: - checks PCI_NUM_RESOURCES (11), not 6, resources - skips resources that have neither IORESOURCE_IO nor IORESOURCE_MEM set - skips ROM resources unless IORESOURCE_ROM_ENABLE is set - checks for resource collisions with "!r->parent", not IORESOURCE_UNSET Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: powerpc: use generic pci_enable_resources()Bjorn Helgaas2008-04-201-33/+1
| | | | | | | | | Use the generic pci_enable_resources() instead of the arch-specific code. The generic version is functionally equivalent, but uses dev_printk. Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: ia64: use generic pci_enable_resources()Bjorn Helgaas2008-04-201-43/+1
| | | | | | | | | | | | Use the generic pci_enable_resources() instead of the arch-specific code. Unlike this arch-specific code, the generic version: - does not check for a NULL dev pointer - skips resources that have neither IORESOURCE_IO nor IORESOURCE_MEM set Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: alpha: use generic pci_enable_resources()Bjorn Helgaas2008-04-201-22/+1
| | | | | | | | | | | | | Use the generic pci_enable_resources() instead of the arch-specific code. Unlike this arch-specific code, the generic version: - skips resources unless requested in "mask" - skips ROM resources unless IORESOURCE_ROM_ENABLE is set - checks for resource collisions with "!r->parent" Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: x86: use generic pci_enable_resources()Bjorn Helgaas2008-04-203-40/+1
| | | | | | | | | | | Use the generic pci_enable_resources() instead of the arch-specific code. Unlike this arch-specific code, the generic version: - checks for resource collisions with "!r->parent" Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: add generic pci_enable_resources()Bjorn Helgaas2008-04-202-0/+44
| | | | | | | | | | | | | | | | | Each architecture has its own pcibios_enable_resources() implementation. These differ in many minor ways that have nothing to do with actual architectural differences. Follow-on patches will make most arches use this generic version instead. This version is based on powerpc, which seemed most up-to-date. The only functional difference from the x86 version is that this uses "!r->parent" to check for resource collisions instead of "!r->start && r->end". Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com> Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: add PCI Express ASPM supportShaohua Li2008-04-2010-0/+921
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | PCI Express ASPM defines a protocol for PCI Express components in the D0 state to reduce Link power by placing their Links into a low power state and instructing the other end of the Link to do likewise. This capability allows hardware-autonomous, dynamic Link power reduction beyond what is achievable by software-only controlled power management. However, The device should be configured by software appropriately. Enabling ASPM will save power, but will introduce device latency. This patch adds ASPM support in Linux. It introduces a global policy for ASPM, a sysfs file /sys/module/pcie_aspm/parameters/policy can control it. The interface can be used as a boot option too. Currently we have below setting: -default, BIOS default setting -powersave, highest power saving mode, enable all available ASPM state and clock power management -performance, highest performance, disable ASPM and clock power management By default, the 'default' policy is used currently. In my test, power difference between powersave mode and performance mode is about 1.3w in a system with 3 PCIE links. Note: some devices might not work well with aspm, either because chipset issue or device issue. The patch provide API (pci_disable_link_state), driver can disable ASPM for specific device. Signed-off-by: Shaohua Li <shaohua.li@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: remove "pci=routeirq" noise from dmesgBjorn Helgaas2008-04-201-2/+1
| | | | | | | | | The "pci=routeirq" option was added in 2004, and I don't get any valid reports anymore. The option is still mentioned in kernel-parameters.txt. Signed-off-by: Bjorn Helgaas <bjorn.helgaas@hp.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: Include PCI domain in PCI bus names on x86/x86_64Gary Hade2008-04-202-5/+7
| | | | | | | | | | | | | | | The PCI bus names included in /proc/iomem and /proc/ioports are of the form 'PCI Bus #XX' where XX is the bus number. This patch changes the naming to 'PCI Bus XXXX:YY' where XXXX is the domain number and YY is the bus number. For example, PCI bus 14 in domain 0 will show as 'PCI Bus 0000:14' instead of 'PCI Bus #14'. This change makes the naming consistent with other architectures such as ia64 where multiple PCI domain support has been around longer. Signed-off-by: Gary Hade <garyhade@us.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: #if 0 pci_cleanup_aer_correct_error_status()Adrian Bunk2008-04-202-6/+2
| | | | | | | | | | #if 0 the no longer used pci_cleanup_aer_correct_error_status(). Signed-off-by: Adrian Bunk <bunk@kernel.org> Cc: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: pcie AER: don't check _OSC when acpi is disabledYinghai Lu2008-04-201-0/+3
| | | | | | | | | | | | | | | | | | | [PATCH] pcie AER: don't check _OSC when acpi is disabled when acpi=off or pci=noacpi, get warning AER service couldn't init device 0000:00:0a.0:pcie01 - no _OSC support AER service couldn't init device 0000:00:0e.0:pcie01 - no _OSC support AER service couldn't init device 0000:00:0f.0:pcie01 - no _OSC support AER service couldn't init device 0000:80:0b.0:pcie01 - no _OSC support AER service couldn't init device 0000:80:0e.0:pcie01 - no _OSC support AER service couldn't init device 0000:80:0f.0:pcie01 - no _OSC support so don't check _OSC in aer_osc_setup Signed-off-by: Yinghai Lu <yinghai.lu@sun.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: remove global list of PCI devicesGreg Kroah-Hartman2008-04-204-49/+1
| | | | | | | | | This patch finally removes the global list of PCI devices. We are relying entirely on the list held in the driver core now, and do not need a separate "shadow" list as no one uses it. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: remove parisc consumer of the pci global_listJames Bottomley2008-04-201-1/+0
| | | | | | | | Remove the parisc usage of the global_list, as it's not needed anymore. Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: remove pcibios_fixup_ghosts()Greg Kroah-Hartman2008-04-202-107/+0
| | | | | | | | | | | | | This function was obviously never being used since early 2.5 days as any device that it would try to remove would never really be removed from the system due to the PCI device list being held in the driver core, not the general list of PCI devices. As we have not had a single report of a problem here in 4 years, I think it's safe to remove now. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: add is_added flag to struct pci_devGreg Kroah-Hartman2008-04-205-17/+10
| | | | | | | | | | This lets us check if the device is really added to the driver core or not, which is what we need when walking some of the bus lists. The flag is there in anticipation of getting rid of the other PCI device list, which is what we used to check in this situation. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: make no_pci_devices() use the pci_bus_type listGreg Kroah-Hartman2008-04-201-3/+14
| | | | | | | | no_pci_devices() should use the driver core list of PCI devices, not our "separate" one. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: remove initial bios sort of PCI devices on x86Greg Kroah-Hartman2008-04-208-94/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We currently keep 2 lists of PCI devices in the system, one in the driver core, and one all on its own. This second list is sorted at boot time, in "BIOS" order, to try to remain compatible with older kernels (2.2 and earlier days). There was also a "nosort" option to turn this sorting off, to remain compatible with even older kernel versions, but that just ends up being what we have been doing from 2.5 days... Unfortunately, the second list of devices is not really ever used to determine the probing order of PCI devices or drivers[1]. That is done using the driver core list instead. This change happened back in the early 2.5 days. Relying on BIOS ording for the binding of drivers to specific device names is problematic for many reasons, and userspace tools like udev exist to properly name devices in a persistant manner if that is needed, no reliance on the BIOS is needed. Matt Domsch and others at Dell noticed this back in 2006, and added a boot option to sort the PCI device lists (both of them) in a breadth-first manner to help remain compatible with the 2.4 order, if needed for any reason. This option is not going away, as some systems rely on them. This patch removes the sorting of the internal PCI device list in "BIOS" mode, as it's not needed at all anymore, and hasn't for many years. I've also removed the PCI flags for this from some other arches that for some reason defined them, but never used them. This should not change the ordering of any drivers or device probing. [1] The old-style pci_get_device and pci_find_device() still used this sorting order, but there are very few drivers that use these functions, as they are deprecated for use in this manner. If for some reason, a driver rely on the order and uses these functions, the breadth-first boot option will resolve any problem. Cc: Matt Domsch <Matt_Domsch@dell.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI Hotplug: the ibm driver is not dependant on PCI_LEGACYGreg Kroah-Hartman2008-04-201-1/+1
| | | | | | | | | This was marked incorrectly for some reason. Allow the ibmphp driver to be built even if PCI_LEGACY is not enabled. Cc: Kristen Carlson Accardi <kristen.c.accardi@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI Hotplug: make cpcihp driver use modern apisGreg Kroah-Hartman2008-04-202-2/+8
| | | | | | | | | | | This removes the depandancy of the cpcihp driver from the PCI_LEGACY config option by removing its usage of the pci_find_bus() function. Cc: Kristen Carlson Accardi <kristen.c.accardi@intel.com> Signed-off-by: Scott Murray <scottm@somanetworks.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: clean up search.c a lotGreg Kroah-Hartman2008-04-202-139/+114
| | | | | | | | | | | | | | | | | | This cleans up the search.c file, now using the pci list of devices that are created for the driver core, instead of relying on our separate list of devices. It's better to use the functions already created for this kind of thing, instead of rolling our own all the time. This work is done in anticipation of getting rid of that second list of pci devices all together. And it ends up saving code, always a nice benefit. This also removes one compiler warning for when CONFIG_PCI_LEGACY is enabled as we no longer internally use the deprecated functions anymore. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: remove pci_get_device_reverseGreg Kroah-Hartman2008-04-202-51/+0
| | | | | | | | | This removes the pci_get_device_reverse function as there should not be any need to walk pci devices backwards anymore. All users of this call are now gone from the tree, so it is safe to remove it. Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: remove pci_get_device_reverse from calgary driverGreg Kroah-Hartman2008-04-201-2/+1
| | | | | | | | | | | This isn't needed, we can just walk the devices in bus order with no problems at all, as we really want to remove pci_get_device_reverse from the kernel tree. Acked-by: Muli Ben-Yehuda <muli@il.ibm.com> Cc: Jon Mason <jdmason@kudzu.us> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: remove pci_find_presentGreg Kroah-Hartman2008-04-202-22/+15
| | | | | | | | No one is using this function anymore for quite some time, so remove it. Everyone calls pci_dev_present() instead anyway... Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: #if 0 pci_assign_resource_fixed()Adrian Bunk2008-04-202-2/+1
| | | | | | | | | An unused function that bloated the kernel only when CONFIG_EMBEDDED was enabled... Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* PCI: doc/pci: create Documentation/PCI/ and move files into itRandy Dunlap2008-04-207-20/+22
| | | | | | | | | | | Create Documentation/PCI/ and move PCI-related files to it. Fix a few instances of trailing whitespace. Update references to the new file locations. Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Cc: Jesse Barnes <jbarnes@virtuousgeek.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
* Merge branch 'for-linus' of ↵Linus Torvalds2008-04-1818-335/+503
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: security: fix up documentation for security_module_enable Security: Introduce security= boot parameter Audit: Final renamings and cleanup SELinux: use new audit hooks, remove redundant exports Audit: internally use the new LSM audit hooks LSM/Audit: Introduce generic Audit LSM hooks SELinux: remove redundant exports Netlink: Use generic LSM hook Audit: use new LSM hooks instead of SELinux exports SELinux: setup new inode/ipc getsecid hooks LSM: Introduce inode_getsecid and ipc_getsecid hooks
| * security: fix up documentation for security_module_enableJames Morris2008-04-191-1/+1
| | | | | | | | | | | | security_module_enable() can only be called during kernel init. Signed-off-by: James Morris <jmorris@namei.org>
| * Security: Introduce security= boot parameterAhmed S. Darwish2008-04-198-4/+83
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add the security= boot parameter. This is done to avoid LSM registration clashes in case of more than one bult-in module. User can choose a security module to enable at boot. If no security= boot parameter is specified, only the first LSM asking for registration will be loaded. An invalid security module name will be treated as if no module has been chosen. LSM modules must check now if they are allowed to register by calling security_module_enable(ops) first. Modify SELinux and SMACK to do so. Do not let SMACK register smackfs if it was not chosen on boot. Smackfs assumes that smack hooks are registered and the initial task security setup (swapper->security) is done. Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org>
| * Audit: Final renamings and cleanupAhmed S. Darwish2008-04-194-28/+93
| | | | | | | | | | | | | | | | | | Rename the se_str and se_rule audit fields elements to lsm_str and lsm_rule to avoid confusion. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org>
| * SELinux: use new audit hooks, remove redundant exportsAhmed S. Darwish2008-04-195-108/+71
| | | | | | | | | | | | | | | | | | | | | | | | | | Setup the new Audit LSM hooks for SELinux. Remove the now redundant exported SELinux Audit interface. Audit: Export 'audit_krule' and 'audit_field' to the public since their internals are needed by the implementation of the new LSM hook 'audit_rule_known'. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org>
| * Audit: internally use the new LSM audit hooksAhmed S. Darwish2008-04-193-55/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Convert Audit to use the new LSM Audit hooks instead of the exported SELinux interface. Basically, use: security_audit_rule_init secuirty_audit_rule_free security_audit_rule_known security_audit_rule_match instad of (respectively) : selinux_audit_rule_init selinux_audit_rule_free audit_rule_has_selinux selinux_audit_rule_match Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org>
| * LSM/Audit: Introduce generic Audit LSM hooksAhmed S. Darwish2008-04-193-1/+127
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduce a generic Audit interface for security modules by adding the following new LSM hooks: audit_rule_init(field, op, rulestr, lsmrule) audit_rule_known(krule) audit_rule_match(secid, field, op, rule, actx) audit_rule_free(rule) Those hooks are only available if CONFIG_AUDIT is enabled. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org> Reviewed-by: Paul Moore <paul.moore@hp.com>
| * SELinux: remove redundant exportsAhmed S. Darwish2008-04-192-104/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove the following exported SELinux interfaces: selinux_get_inode_sid(inode, sid) selinux_get_ipc_sid(ipcp, sid) selinux_get_task_sid(tsk, sid) selinux_sid_to_string(sid, ctx, len) They can be substitued with the following generic equivalents respectively: new LSM hook, inode_getsecid(inode, secid) new LSM hook, ipc_getsecid*(ipcp, secid) LSM hook, task_getsecid(tsk, secid) LSM hook, sid_to_secctx(sid, ctx, len) Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org> Reviewed-by: Paul Moore <paul.moore@hp.com>
| * Netlink: Use generic LSM hookAhmed S. Darwish2008-04-191-2/+1
| | | | | | | | | | | | | | | | | | | | | | Don't use SELinux exported selinux_get_task_sid symbol. Use the generic LSM equivalent instead. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: David S. Miller <davem@davemloft.net> Reviewed-by: Paul Moore <paul.moore@hp.com>
| * Audit: use new LSM hooks instead of SELinux exportsAhmed S. Darwish2008-04-193-37/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Stop using the following exported SELinux interfaces: selinux_get_inode_sid(inode, sid) selinux_get_ipc_sid(ipcp, sid) selinux_get_task_sid(tsk, sid) selinux_sid_to_string(sid, ctx, len) kfree(ctx) and use following generic LSM equivalents respectively: security_inode_getsecid(inode, secid) security_ipc_getsecid*(ipcp, secid) security_task_getsecid(tsk, secid) security_sid_to_secctx(sid, ctx, len) security_release_secctx(ctx, len) Call security_release_secctx only if security_secid_to_secctx succeeded. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org> Reviewed-by: Paul Moore <paul.moore@hp.com>
| * SELinux: setup new inode/ipc getsecid hooksAhmed S. Darwish2008-04-191-2/+17
| | | | | | | | | | | | | | | | | | | | Setup the new inode_getsecid and ipc_getsecid() LSM hooks for SELinux. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: James Morris <jmorris@namei.org> Reviewed-by: Paul Moore <paul.moore@hp.com>