- 09 Nov, 2011 7 commits
-
-
Dmitry Kasatkin authored
This patch adds support for digital signature verification to EVM. With this feature file metadata can be protected using digital signature instead of an HMAC. When building an image, which has to be flashed to different devices, an HMAC cannot be used to sign file metadata, because the HMAC key should be different on every device. Signed-off-by:
Dmitry Kasatkin <dmitry.kasatkin@intel.com> Acked-by:
Mimi Zohar <zohar@us.ibm.com>
-
Dmitry Kasatkin authored
Define separate keyrings for each of the different use cases - evm, ima, and modules. Using different keyrings improves search performance, and also allows "locking" specific keyring to prevent adding new keys. This is useful for evm and module keyrings, when keys are usually only added from initramfs. Signed-off-by: -
Dmitry Kasatkin authored
This patch implements RSA digital signature verification using GnuPG library. The format of the signature and the public key is defined by their respective headers. The signature header contains version information, algorithm, and keyid, which was used to generate the signature. The key header contains version and algorythim type. The payload of the signature and the key are multi-precision integers. The signing and key management utilities evm-utils provide functionality to generate signatures and load keys into the kernel keyring. When the key is added to the kernel keyring, the keyid defines the name of the key. Signed-off-by:
-
Dmitry Kasatkin authored
Adds the multi-precision-integer maths library which was originally taken from GnuPG and ported to the kernel by (among others) David Howells. This version is taken from Fedora kernel 2.6.32-71.14.1.el6. The difference is that checkpatch reported errors and warnings have been fixed. This library is used to implemenet RSA digital signature verification used in IMA/EVM integrity protection subsystem. Due to patch size limitation, the patch is divided into 4 parts. This code is unnecessary for RSA digital signature verification, but for completeness it is included here and can be compiled, if CONFIG_MPILIB_EXTRA is enabled. Signed-off-by: -
Dmitry Kasatkin authored
Adds the multi-precision-integer maths library which was originally taken from GnuPG and ported to the kernel by (among others) David Howells. This version is taken from Fedora kernel 2.6.32-71.14.1.el6. The difference is that checkpatch reported errors and warnings have been fixed. This library is used to implemenet RSA digital signature verification used in IMA/EVM integrity protection subsystem. Due to patch size limitation, the patch is divided into 4 parts. Signed-off-by: -
Dmitry Kasatkin authored
Adds the multi-precision-integer maths library which was originally taken from GnuPG and ported to the kernel by (among others) David Howells. This version is taken from Fedora kernel 2.6.32-71.14.1.el6. The difference is that checkpatch reported errors and warnings have been fixed. This library is used to implemenet RSA digital signature verification used in IMA/EVM integrity protection subsystem. Due to patch size limitation, the patch is divided into 4 parts. Signed-off-by: -
Dmitry Kasatkin authored
Adds the multi-precision-integer maths library which was originally taken from GnuPG and ported to the kernel by (among others) David Howells. This version is taken from Fedora kernel 2.6.32-71.14.1.el6. The difference is that checkpatch reported errors and warnings have been fixed. This library is used to implemenet RSA digital signature verification used in IMA/EVM integrity protection subsystem. Due to patch size limitation, the patch is divided into 4 parts. Signed-off-by:
-
- 08 Nov, 2011 2 commits
-
-
Linus Torvalds authored
.. with new name. Because nothing says "really solid kernel release" like naming it after an extinct animal that just happened to be in the news lately.
-
git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omapLinus Torvalds authored
* 'fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap: (31 commits) ARM: OMAP: Fix export.h or module.h includes ARM: OMAP: omap_device: Include linux/export.h ARM: OMAP2: Fix H4 matrix keyboard warning ARM: OMAP1: Remove unused omap-alsa.h ARM: OMAP1: Fix warnings about enabling 32 KiHz timer ARM: OMAP2+: timer: Remove omap_device_pm_latency ARM: OMAP2+: clock data: Remove redundant timer clkdev ARM: OMAP: Devkit8000: Remove double omap_mux_init_gpio ARM: OMAP: usb: musb: OMAP: Delete unused function MAINTAINERS: Update linux-omap git repository ARM: OMAP: change get_context_loss_count ret value to int ARM: OMAP4: hsmmc: configure SDMMC1_DR0 properly ARM: OMAP4: hsmmc: Fix Pbias configuration on regulator OFF ARM: OMAP3: hwmod: fix variant registration and remove SmartReflex from common list ARM: OMAP: I2C: Fix omap_register_i2c_bus() return value on success ARM: OMAP: dmtimer: Include linux/module.h ARM: OMAP2+: l3-noc: Include linux/module.h ARM: OMAP2+: devices: Fixes for McPDM ARM: OMAP: Fix errors and warnings when building for one board ARM: OMAP3: PM: restrict erratum i443 handling to OMAP3430 only ...
-
- 07 Nov, 2011 31 commits
-
-
Al Viro authored
Mountpoint crossing is similar to following procfs symlinks - we do not get ->d_revalidate() called for dentry we have arrived at, with unpleasant consequences for NFS4. Simple way to reproduce the problem in mainline: cat >/tmp/a.c <<'EOF' #include <unistd.h> #include <fcntl.h> #include <stdio.h> main() { struct flock fl = {.l_type = F_RDLCK, .l_whence = SEEK_SET, .l_len = 1}; if (fcntl(0, F_SETLK, &fl)) perror("setlk"); } EOF cc /tmp/a.c -o /tmp/test then on nfs4: mount --bind file1 file2 /tmp/test < file1 # ok /tmp/test < file2 # spews "setlk: No locks available"... What happens is the missing call of ->d_revalidate() after mountpoint crossing and that's where NFS4 would issue OPEN request to server. The fix is simple - treat mountpoint crossing the same way we deal with following procfs-style symlinks. I.e. set LOOKUP_JUMPED... Cc: stable@kernel.org Signed-off-by:Al Viro <viro@zeniv.linux.org.uk> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: perf top: Fix live annotation in the --stdio interface perf top tui: Don't recalc column widths considering just the first page perf report: Add progress bar when processing time ordered events perf hists browser: Warn about lost events perf tools: Fix a typo of command name as trace-cmd perf hists: Fix recalculation of total_period when sorting entries perf header: Fix build on old systems perf ui browser: Handle K_RESIZE in dialog windows perf ui browser: No need to switch char sets that often perf hists browser: Use K_TIMER perf ui: Rename ui__warning_paranoid to ui__error_paranoid perf ui: Reimplement the popup windows using libslang perf ui: Reimplement ui__popup_menu using ui__browser perf ui: Reimplement ui_helpline using libslang perf ui: Improve handling sigwinch a bit perf ui progress: Reimplement using slang perf evlist: Fix grouping of multiple events
-
Tony Lindgren authored
-
Tony Lindgren authored
Commit 32aaeffb (Merge branch 'modsplit-Oct31_2011'...) caused some build errors. Fix these and make sure we always have export.h or module.h included for MODULE_ and EXPORT_SYMBOL users: $ grep -rl ^MODULE_ arch/arm/*omap*/*.c | xargs \ grep -L linux/module.h arch/arm/mach-omap2/dsp.c arch/arm/mach-omap2/mailbox.c arch/arm/mach-omap2/omap-iommu.c arch/arm/mach-omap2/smartreflex.c Also check we either have export.h or module.h included for the files exporting symbols: $ grep -rl EXPORT_SYMBOL arch/arm/*omap*/*.c | xargs \ grep -L linux/export.h | xargs grep -L linux/module.h Cc: Russell King <rmk+kernel@arm.linux.org.uk> Signed-off-by:
Tony Lindgren <tony@atomide.com>
-
Axel Lin authored
Include linux/export.h to fix below build warning: CC arch/arm/plat-omap/omap_device.o arch/arm/plat-omap/omap_device.c:1055: warning: data definition has no type or storage class arch/arm/plat-omap/omap_device.c:1055: warning: type defaults to 'int' in declaration of 'EXPORT_SYMBOL' arch/arm/plat-omap/omap_device.c:1055: warning: parameter names (without types) in function declaration Signed-off-by:
Axel Lin <axel.lin@gmail.com> Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/davem/netLinus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (47 commits) forcedeth: fix a few sparse warnings (variable shadowing) forcedeth: Improve stats counters forcedeth: remove unneeded stats updates forcedeth: Acknowledge only interrupts that are being processed forcedeth: fix race when unloading module MAINTAINERS/rds: update maintainer wanrouter: Remove kernel_lock annotations usbnet: fix oops in usbnet_start_xmit ixgbe: Fix compile for kernel without CONFIG_PCI_IOV defined etherh: Add MAINTAINERS entry for etherh bonding: comparing a u8 with -1 is always false sky2: fix regression on Yukon Optima netlink: clarify attribute length check documentation netlink: validate NLA_MSECS length i825xx:xscale:8390:freescale: Fix Kconfig dependancies macvlan: receive multicast with local address tg3: Update version to 3.121 tg3: Eliminate timer race with reset_task tg3: Schedule at most one tg3_reset_task run tg3: Obtain PCI function number from device ...
-
Al Viro authored
Signed-off-by:
-
david decotigny authored
This fixes the following sparse warnings: drivers/net/ethernet/nvidia/forcedeth.c:2113:7: warning: symbol 'size' shadows an earlier one drivers/net/ethernet/nvidia/forcedeth.c:2102:6: originally declared here drivers/net/ethernet/nvidia/forcedeth.c:2155:7: warning: symbol 'size' shadows an earlier one drivers/net/ethernet/nvidia/forcedeth.c:2102:6: originally declared here drivers/net/ethernet/nvidia/forcedeth.c:2227:7: warning: symbol 'size' shadows an earlier one drivers/net/ethernet/nvidia/forcedeth.c:2215:6: originally declared here drivers/net/ethernet/nvidia/forcedeth.c:2271:7: warning: symbol 'size' shadows an earlier one drivers/net/ethernet/nvidia/forcedeth.c:2215:6: originally declared here drivers/net/ethernet/nvidia/forcedeth.c:2986:20: warning: symbol 'addr' shadows an earlier one drivers/net/ethernet/nvidia/forcedeth.c:2963:6: originally declared here Signed-off-by:
David Decotigny <david.decotigny@google.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
Mandeep Baines authored
Rx byte count was off; instead use the hardware's count. Tx packet count was counting pre-TSO packets; instead count on-the-wire packets. Report hardware dropped frame count as rx_fifo_errors. - The count of transmitted packets reported by the forcedeth driver reports pre-TSO (TCP Segmentation Offload) packet counts and not the count of the number of packets sent on the wire. This change fixes the forcedeth driver to report the correct count. Fixed the code by copying the count stored in the NIC H/W to the value reported by the driver. - Count rx_drop_frame errors as rx_fifo_errors: We see a lot of rx_drop_frame errors if we disable the rx bottom-halves for too long. Normally, rx_fifo_errors would be counted in this case. The rx_drop_frame error count is private to forcedeth and is not reported by ifconfig or sysfs. The rx_fifo_errors count is currently unused in the forcedeth driver. It is reported by ifconfig as overruns. This change reports rx_drop_frame errors as rx_fifo_errors. Signed-off-by:
-
david decotigny authored
Function ndo_get_stats() updates most of the stats from hardware registers, making the manual updates un-needed. This change removes these manual updates. Main exception is rx_missed_errors which needs manual update. Another exception is rx_packets, still updated manually in this commit to make sure this patch doesn't change behavior of driver. This will be addressed by a future patch. Signed-off-by:
-
Mike Ditto authored
This is to avoid a race, accidentally acknowledging an interrupt that we didn't notice and won't immediately process. This is based solely on code inspection; it is not known if there was an actual bug here. Signed-off-by:
-
david decotigny authored
When forcedeth module is unloaded, there exists a path that can lead to mod_timer() after del_timer_sync(), causing an oops. This patch short-circuits this unneeded path, which originates in nv_get_ethtool_stats(). Tested: x86_64 16-way + 3 ethtool -S infinite loops + 100Mbps incoming traffic + rmmod/modprobe/ifconfig in a loop Initial-Author: Salman Qazi <sqazi@google.com> Discussion: http://patchwork.ozlabs.org/patch/123548/Signed-off-by:
-
Stephen Rothwell authored
Reported-by:
Witold Baryluk <baryluk@smp.if.uj.edu.pl> Signed-off-by:
Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by:
Paul Gortmaker <paul.gortmaker@windriver.com> Signed-off-by:
-
Stephen Rothwell authored
since it uses the module facilities. Reported-by:
-
Paul Gortmaker authored
For the files which are not themselves modular, we can change them to include only the smaller export.h since all they are doing is looking for EXPORT_SYMBOL. Reported-by:
-
Paul Gortmaker authored
These files didn't exist at the time of the module.h split, and so were not fixed by the commits on that baseline. Since they use the EXPORT_SYMBOL and/or THIS_MODULE macros, they will need the new export.h file included that provides them. Signed-off-by:
-
Or Gerlitz authored
update for the actual maintainer Signed-off-by:
Or Gerlitz <ogerlitz@mellanox.com> Signed-off-by:
-
Richard Weinberger authored
The BKL is gone, these annotations are useless. Signed-off-by:
Richard Weinberger <richard@nod.at> Signed-off-by:
-
Konstantin Khlebnikov authored
This patch fixes the bug added in commit v3.1-rc7-1055-gf9b491ec SKB can be NULL at this point, at least for cdc-ncm. Signed-off-by:
Konstantin Khlebnikov <khlebnikov@openvz.org> Acked-by:
Richard Cochran <richardcochran@gmail.com> Signed-off-by:
-
Rose, Gregory V authored
Fix compiler errors and warnings with CONFIG_PCI_IOV defined and not defined. Signed-off-by:
Greg Rose <gregory.v.rose@intel.com> Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linuxLinus Torvalds authored
* 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux: cpuidle: Single/Global registration of idle states cpuidle: Split cpuidle_state structure and move per-cpu statistics fields cpuidle: Remove CPUIDLE_FLAG_IGNORE and dev->prepare() cpuidle: Move dev->last_residency update to driver enter routine; remove dev->last_state ACPI: Fix CONFIG_ACPI_DOCK=n compiler warning ACPI: Export FADT pm_profile integer value to userspace thermal: Prevent polling from happening during system suspend ACPI: Drop ACPI_NO_HARDWARE_INIT ACPI atomicio: Convert width in bits to bytes in __acpi_ioremap_fast() PNPACPI: Simplify disabled resource registration ACPI: Fix possible recursive locking in hwregs.c ACPI: use kstrdup() mrst pmu: update comment tools/power turbostat: less verbose debugging
-
git://people.freedesktop.org/~airlied/linuxLinus Torvalds authored
* 'drm-fixes' of git://people.freedesktop.org/~airlied/linux: (40 commits) vmwgfx: Snoop DMA transfers with non-covering sizes vmwgfx: Move the prefered mode first in the list vmwgfx: Unreference surface on cursor error path vmwgfx: Free prefered mode on error path vmwgfx: Use pointer return error codes vmwgfx: Fix hw cursor position vmwgfx: Infrastructure for explicit placement vmwgfx: Make the preferred autofit mode have a 60Hz vrefresh vmwgfx: Remove screen object active list vmwgfx: Screen object cleanups drm/radeon/kms: consolidate GART code, fix segfault after GPU lockup V2 drm/radeon/kms: don't poll forever if MC GDDR link training fails drm/radeon/kms: fix DP setup on TRAVIS bridges drm/radeon/kms: set HPD polarity in hpd_init() drm/radeon/kms: add MSI module parameter drm/radeon/kms: Add MSI quirk for Dell RS690 drm/radeon/kms: Add MSI quirk for HP RS690 drm/radeon/kms: split MSI check into a separate function vmwgfx: Reinstate the update_layout ioctl drm/radeon/kms: always do extended edid probe ...
-
git://git.kernel.org/pub/scm/linux/kernel/git/wfg/linuxLinus Torvalds authored
* 'urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/wfg/linux: writeback: fix uninitialized task_ratelimit
-
git://git.samba.org/sfrench/cifs-2.6Linus Torvalds authored
* git://git.samba.org/sfrench/cifs-2.6: CIFS: Cleanup byte-range locking code style CIFS: Simplify setlk error handling for mandatory locking
-
git://git.infradead.org/mtd-2.6Linus Torvalds authored
* git://git.infradead.org/mtd-2.6: (226 commits) mtd: tests: annotate as DANGEROUS in Kconfig mtd: tests: don't use mtd0 as a default mtd: clean up usage of MTD_DOCPROBE_ADDRESS jffs2: add compr=lzo and compr=zlib options jffs2: implement mount option parsing and compression overriding mtd: nand: initialize ops.mode mtd: provide an alias for the redboot module name mtd: m25p80: don't probe device which has status of 'disabled' mtd: nand_h1900 never worked mtd: Add DiskOnChip G3 support mtd: m25p80: add EON flash EN25Q32B into spi flash id table mtd: mark block device queue as non-rotational mtd: r852: make r852_pm_ops static mtd: m25p80: add support for at25df321a spi data flash mtd: mxc_nand: preset_v1_v2: unlock all NAND flash blocks mtd: nand: switch `check_pattern()' to standard `memcmp()' mtd: nand: invalidate cache on unaligned reads mtd: nand: do not scan bad blocks with NAND_BBT_NO_OOB set mtd: nand: wait to set BBT version mtd: nand: scrub BBT on ECC errors ... Fix up trivial conflicts: - arch/arm/mach-at91/board-usb-a9260.c Merged into board-usb-a926x.c - drivers/mtd/maps/lantiq-flash.c add_mtd_partitions -> mtd_device_register vs changed to use mtd_device_parse_register.
-
git://git.infradead.org/ubifs-2.6Linus Torvalds authored
* 'linux-next' of git://git.infradead.org/ubifs-2.6: UBIFS: fix the dark space calculation UBIFS: introduce a helper to dump scanning info
-
Jakob Bornecrantz authored
Enough to get cursors working under Wayland. Signed-off-by:
Jakob Bornecrantz <jakob@vmware.com> Signed-off-by:
Thomas Hellstrom <thellstrom@vmware.com> Signed-off-by:
Dave Airlie <airlied@redhat.com>
-
Jakob Bornecrantz authored
Signed-off-by:
-
Jakob Bornecrantz authored
Signed-off-by:
-
Jakob Bornecrantz authored
Signed-off-by:
-
Jakob Bornecrantz authored
Signed-off-by:
-
