| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
While not strictly required for normal operation setting the GPIO parent
device allows the GPIO framework to generate more verbose debug output for
the GPIO chip.
Signed-off-by: Lars-Peter Clausen <[email protected]>
Signed-off-by: Alexandru Ardelean <[email protected]>
Signed-off-by: Dmitry Torokhov <[email protected]>
|
|
Those are remnants of the SPDX identifier migration, which haven't been
removed properly.
Signed-off-by: Tim Schumacher <[email protected]>
Signed-off-by: Dmitry Torokhov <[email protected]>
|
|
Sync up with mainline to resolve conflicts in iforce driver.
|
|
Probable cut&paste typo - use the correct field size.
Signed-off-by: Joe Perches <[email protected]>
Signed-off-by: Dmitry Torokhov <[email protected]>
|
|
Move xfs.txt to admin-guide, convert xfs.txt to ReST and broken references
Signed-off-by: Sheriff Esseson <[email protected]>
Reviewed-by: Matthew Wilcox (Oracle) <[email protected]>
Reviewed-by: Darrick J. Wong <[email protected]>
Signed-off-by: Darrick J. Wong <[email protected]>
|
|
Create the build infrastructure we need to start migrating iomap code to
fs/iomap/ from fs/iomap.c.
Signed-off-by: Darrick J. Wong <[email protected]>
Reviewed-by: Christoph Hellwig <[email protected]>
|
|
the test
This reverts commit 48f5e52e916b55fb73754833efbacc7f8081a159.
The ptrace ABI change was a prerequisite to the proposed design for
FSGSBASE. Since FSGSBASE support has been reverted, and since I'm not
convinced that the ABI was ever adequately tested, revert the ABI change as
well.
This also modifies the test case so that it tests the preexisting behavior.
Signed-off-by: Andy Lutomirski <[email protected]>
Signed-off-by: Thomas Gleixner <[email protected]>
Link: https://lkml.kernel.org/r/fca39c478ea7fb15bc76fe8a36bd180810a067f6.1563200250.git.luto@kernel.org
|
|
Add an XFS_ICHGTIME_CREATE case to xfs_trans_ichgtime() to keep in
sync with userspace. (Currently no kernel caller sends this flag.)
Signed-off-by: Eric Sandeen <[email protected]>
Reviewed-by: Brian Foster <[email protected]>
Reviewed-by: Darrick J. Wong <[email protected]>
Signed-off-by: Darrick J. Wong <[email protected]>
|
|
Userspace now has an identical xfs_trans_inode.c which it has already
moved to libxfs/ so do the same move for kernelspace.
Signed-off-by: Eric Sandeen <[email protected]>
Reviewed-by: Brian Foster <[email protected]>
Reviewed-by: Darrick J. Wong <[email protected]>
Signed-off-by: Darrick J. Wong <[email protected]>
|
|
The capable() hook returns an error number. -EPERM is actually the same as
-1, so this doesn't make a difference in behavior.
Signed-off-by: Jann Horn <[email protected]>
Signed-off-by: Micah Morton <[email protected]>
|
|
Someone might write a ruleset like the following, expecting that it
securely constrains UID 1 to UIDs 1, 2 and 3:
1:2
1:3
However, because no constraints are applied to UIDs 2 and 3, an attacker
with UID 1 can simply first switch to UID 2, then switch to any UID from
there. The secure way to write this ruleset would be:
1:2
1:3
2:2
3:3
, which uses "transition to self" as a way to inhibit the default-allow
policy without allowing anything specific.
This is somewhat unintuitive. To make sure that policy authors don't
accidentally write insecure policies because of this, let the kernel verify
that a new ruleset does not contain any entries that are constrained, but
transitively unconstrained.
Signed-off-by: Jann Horn <[email protected]>
Signed-off-by: Micah Morton <[email protected]>
|
|
For debugging a running system, it is very helpful to be able to see what
policy the system is using. Add a read handler that can dump out a copy of
the loaded policy.
Signed-off-by: Jann Horn <[email protected]>
Signed-off-by: Micah Morton <[email protected]>
|
|
The current API of the SafeSetID LSM uses one write() per rule, and applies
each written rule instantly. This has several downsides:
- While a policy is being loaded, once a single parent-child pair has been
loaded, the parent is restricted to that specific child, even if
subsequent rules would allow transitions to other child UIDs. This means
that during policy loading, set*uid() can randomly fail.
- To replace the policy without rebooting, it is necessary to first flush
all old rules. This creates a time window in which no constraints are
placed on the use of CAP_SETUID.
- If we want to perform sanity checks on the final policy, this requires
that the policy isn't constructed in a piecemeal fashion without telling
the kernel when it's done.
Other kernel APIs - including things like the userns code and netfilter -
avoid this problem by performing updates atomically. Luckily, SafeSetID
hasn't landed in a stable (upstream) release yet, so maybe it's not too
late to completely change the API.
The new API for SafeSetID is: If you want to change the policy, open
"safesetid/whitelist_policy" and write the entire policy,
newline-delimited, in there.
Signed-off-by: Jann Horn <[email protected]>
Signed-off-by: Micah Morton <[email protected]>
|
|
Looking at current_cred() in write handlers is bad form, stop doing that.
Also, let's just require that the write is coming from the initial user
namespace. Especially SAFESETID_WHITELIST_FLUSH requires privilege over all
namespaces, and SAFESETID_WHITELIST_ADD should probably require it as well.
Signed-off-by: Jann Horn <[email protected]>
Signed-off-by: Micah Morton <[email protected]>
|
|
In preparation for changing the policy parsing logic, refactor the line
parsing logic to be less verbose and move it into a separate function.
Signed-off-by: Jann Horn <[email protected]>
Signed-off-by: Micah Morton <[email protected]>
|
|
At the moment, safesetid_security_capable() has two nested conditional
blocks, and one big comment for all the logic. Chop it up and reduce the
amount of indentation.
Signed-off-by: Jann Horn <[email protected]>
Signed-off-by: Micah Morton <[email protected]>
|
|
parent_kuid and child_kuid are kuids, there is no reason to make them
uint64_t. (And anyway, in the kernel, the normal name for that would be
u64, not uint64_t.)
check_setuid_policy_hashtable_key() and
check_setuid_policy_hashtable_key_value() are basically the same thing,
merge them.
Also fix the comment that claimed that (1<<8)==128.
Signed-off-by: Jann Horn <[email protected]>
Signed-off-by: Micah Morton <[email protected]>
|
|
With the old code, when a process with the (real,effective,saved) UID set
(1,1,1) calls setresuid(2,3,4), safesetid_task_fix_setuid() only checks
whether the transition 1->2 is permitted; the transitions 1->3 and 1->4 are
not checked. Fix this.
This is also a good opportunity to refactor safesetid_task_fix_setuid() to
be less verbose - having one branch per set*uid() syscall is unnecessary.
Note that this slightly changes semantics: The UID transition check for
UIDs that were not in the old cred struct is now always performed against
the policy of the RUID. I think that's more consistent anyway, since the
RUID is also the one that decides whether any policy is enforced at all.
Signed-off-by: Jann Horn <[email protected]>
Signed-off-by: Micah Morton <[email protected]>
|
|
Fix the pr_warn() calls in the SafeSetID LSM to have newlines at the end.
Without this, denial messages will be buffered as incomplete lines in
log_output(), and will then only show up once something else prints into
dmesg.
Signed-off-by: Jann Horn <[email protected]>
Signed-off-by: Micah Morton <[email protected]>
|
|
If the stateid is the zero or invalid stateid, then it is pointless
to attempt to use it for recovery. In that case, try to fall back
to using the open state stateid, or just doing a general recovery
of all state on a given inode.
Signed-off-by: Trond Myklebust <[email protected]>
|
|
The tag ".. include" should be replaced by ".. literalinclude" at
issues.rst, otherwise it causes TeX to crash due to excessive usage
of stack with Sphinx 2.0.
While here, solve a few minor issues at the kbuild book output by
adding extra blank lines.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
Add an extra blank line and use a markup for the enumberated
list, in order to make it possible to build the block book
on pdf format.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
Add an extra blank line, as otherwise XeLaTex will complain with:
! LaTeX Error: Too deeply nested.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
Nested tables aren't supported for pdf output on Sphinx 1.7.9:
admin-guide/laptops/sonypi:: nested tables are not yet implemented.
admin-guide/laptops/toshiba_haps:: nested tables are not yet implemented.
driver-api/nvdimm/btt:: nested tables are not yet implemented.
s390/debugging390:: nested tables are not yet implemented.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
Acked-by: Andy Shevchenko <[email protected]> # laptops
|
|
While this is stated as obsoleted, the sysfs interface described
there is still valid, and belongs to the admin-guide.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
Acked-by: Linus Walleij <[email protected]>
|
|
The locking directory is part of the Kernel API bookset. Add
it to the index file.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
The contents of those directories were orphaned at the documentation
body.
While those directories could likely be moved to be inside some guide,
I'm opting to just adding their indexes to the main one, removing the
:orphan: and adding the SPDX header.
For the drivers, the rationale is that the documentation contains
a mix of Kernelspace, uAPI and admin-guide. So, better to keep them on
separate directories, as we've be doing with similar subsystem-specific
docs that were not split yet.
For the others, well... I'm too lazy to do the move. Also, it
seems to make sense to keep at least some of those at the main
dir (like kbuild, for example). In any case, a latter patch
could do the move.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
Acked-by: Bartlomiej Zolnierkiewicz <[email protected]>
|
|
All those new files I added are under GPL v2.0 license.
Add the corresponding SPDX headers to them.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
There are two docs describing memory device drivers.
Add both to this new chapter of the driver-api.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
This subsystem-specific documentation belongs to the
driver-api.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
The contents of this directory is mostly driver-api stuff.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
There are a number of driver-specific descriptions that contain a
mix of userspace and kernelspace documentation. Just like we did
with other similar subsystems, add them at the driver-api
groupset, but don't move the directories.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
The current file there (emmi) provides a description of
the driver uAPI and kAPI.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
There are lots of documents under Documentation/*.txt and a few other
orphan documents elsehwere that belong to the driver-API book.
Move them to their right place.
Reviewed-by: Cornelia Huck <[email protected]> # vfio-related parts
Acked-by: Logan Gunthorpe <[email protected]> # switchtec
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
There are lots of documents that belong to the admin-guide but
are on random places (most under Documentation root dir).
Move them to the admin guide.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
Acked-by: Alexandre Belloni <[email protected]>
Acked-by: Bartlomiej Zolnierkiewicz <[email protected]>
|
|
Those files belong to the admin guide, so add them.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
Those files belong to the admin guide, so add them.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
Acked-by: Justin Sanders <[email protected]>
|
|
Those are subsystem docs, with a mix of kABI and user-faced
docs. While they're not split, keep the dirs where they are,
adding just a pointer to the main index.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
The audience for the Kernel driver-model is clearly Kernel hackers.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
Acked-by: Jeff Kirsher <[email protected]> # ice driver changes
|
|
The content of this file is intended for backlight Kernel
developers.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
The content of this file is user-faced.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
Acked-by: Andrew Donnellan <[email protected]>
|
|
Those two docs belong to the x86 architecture:
Documentation/Intel-IOMMU.txt -> Documentation/x86/intel-iommu.rst
Documentation/intel_txt.txt -> Documentation/x86/intel_txt.rst
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
The following files belong to security:
Documentation/security/LSM.rst -> Documentation/security/lsm-development.rst
Documentation/lsm.txt -> Documentation/security/lsm.rst
Documentation/SAK.txt -> Documentation/security/sak.rst
Documentation/siphash.txt -> Documentation/security/siphash.rst
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
The blockdev book basically contains user-faced documentation.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
The Kdump documentation describes procedures with admins use
in order to solve issues on their systems.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
The docs under Documentation/laptops contain users specific
information.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
Acked-by: Andy Shevchenko <[email protected]>
|
|
The stuff under sysctl describes /sys interface from userspace
point of view. So, add it to the admin-guide and remove the
:orphan: from its index file.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
Those documents describe a kAPI. So, add to the driver-api
book.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
The DM support describes lots of aspects related to mapped
disk partitions from the userspace PoV.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|
|
Now that several arch documents were converted to ReST,
add their indexes to Documentation/index.rst and remove the
:orphan: from them.
Signed-off-by: Mauro Carvalho Chehab <[email protected]>
|