aboutsummaryrefslogtreecommitdiff
path: root/include
AgeCommit message (Collapse)Author
2007-10-17x86: unify include/asm/agp_32/64.hThomas Gleixner
The 32bit D(n) debug addon can be made exclusive for 32 bit compiles. Otherwise all the same. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/kdebug_32/64.hThomas Gleixner
The 64 bit variant has additional function prototypes which do no harm for 32 bit. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/ioctls_32/64.hThomas Gleixner
Same file, except for whitespace and comment formatting. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/floppy_32/64.hThomas Gleixner
Same file, except for whitespace, comment formatting and: 32-bit: if((unsigned int) addr >= (unsigned int) high_memory) 64-bit: if((unsigned long) addr >= (unsigned long) high_memory) where the latter can be used safely for both. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Conflicts: include/asm-x86/floppy_32.h include/asm-x86/floppy_64.h
2007-10-17x86: apply missing DMA/OOM prevention to floppy_32.hThomas Gleixner
commit 554d284ba90bc2306c31e5363789f05c320969c3 added _GPF_NORETRY to floppy_64.h to prevent OOM killer on floppy DMA allocations. Apply the same to the 32 bit variant. Found during the attempt to unify the _32/_64 variants. Seperate commit to document the resulting code change. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/cache_32/64.hThomas Gleixner
Same file, except for whitespace, comment formatting and the two variants of fb_is_primary_device() Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/cache_32/64.hThomas Gleixner
Same file, except for whitespace, comment formatting and: 32-bit: unsigned long *virt_addr = va; 64-bit: unsigned int *virt_addr = va; Both can be safely replaced by: u32 i, *virt_addr = va; Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/dmi_32/64.hThomas Gleixner
Unification, so we have these things in one file. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/delay_32/64.hThomas Gleixner
Same file, except for whitespace, comment formatting and the extra function prototype usc_tsc_delay() in _32. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/cache_32/64.hThomas Gleixner
Same file, except for whitespace, comment formatting and the extra defines in _64, which are conditional on VSMP anyway. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/cacheflush_32/64.hThomas Gleixner
Same file, except for whitespace, comment formatting and the extra DEBUG_PAGE_ALLOC function in _32. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/auxvec_32/64.hThomas Gleixner
Same file, except for whitespace, comment formatting and the AT_SYSINFO define for 32bit Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/agp_32/64.hThomas Gleixner
Same file, except for whitespace, comment formatting and the usage of wbinvd() instead of asm volatile("wbinvd":::"memory"), which is the same. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify some more trivial include/asm-x86/ 32/64 variantsThomas Gleixner
Scripted unification. Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: merge some trivially mergeable headersRoland Dreier
Merge errno.h, resource.h, rtc.h, sections.h, serial.h and sockios.h, where i386 and x86_64 have no or only trivial comment/include guard differences. Build tested on both 32-bit and 64-bit, and booted on 64-bit. [tglx: fixup Kbuild as well] Signed-off-by: Roland Dreier <roland@digitalvampire.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: trivial header mergesBrian Gerst
Merge 32/64-bit headers that simply redirect to asm-generic [tglx: fixup Kbuild as well] Signed-off-by: Brian Gerst <bgerst@didntduck.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: convert mm_context_t semaphore to a mutexLuiz Fernando N. Capitulino
convert mm_context_t semaphore to a mutex. Signed-off-by: Luiz Fernando N. Capitulino <lcapitulino@mandriva.com.br> Cc: Andi Kleen <ak@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: multi-byte single instruction NOPsJan Beulich
Add support for and use the multi-byte NOPs recently documented to be available on all PentiumPro and later processors. This patch only applies cleanly on top of the "x86: misc. constifications" patch sent earlier. [ tglx: arch/x86 adaptation ] Signed-off-by: Jan Beulich <jbeulich@novell.com> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> arch/x86/kernel/alternative.c | 23 ++++++++++++++++++++++- include/asm-x86/processor_32.h | 22 ++++++++++++++++++++++ include/asm-x86/processor_64.h | 22 ++++++++++++++++++++++ 3 files changed, 66 insertions(+), 1 deletion(-)
2007-10-17x86: convert mm_context_t semaphore to a mutexLuiz Fernando N. Capitulino
[ tglx: arch/x86 adaptation ] Signed-off-by: Luiz Fernando N. Capitulino <lcapitulino@mandriva.com.br> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: expand /proc/interrupts to include missing vectors, v2Joe Korty
Add missing IRQs and IRQ descriptions to /proc/interrupts. /proc/interrupts is most useful when it displays every IRQ vector in use by the system, not just those somebody thought would be interesting. This patch inserts the following vector displays to the i386 and x86_64 platforms, as appropriate: rescheduling interrupts TLB flush interrupts function call interrupts thermal event interrupts threshold interrupts spurious interrupts A threshold interrupt occurs when ECC memory correction is occuring at too high a frequency. Thresholds are used by the ECC hardware as occasional ECC failures are part of normal operation, but long sequences of ECC failures usually indicate a memory chip that is about to fail. Thermal event interrupts occur when a temperature threshold has been exceeded for some CPU chip. IIRC, a thermal interrupt is also generated when the temperature drops back to a normal level. A spurious interrupt is an interrupt that was raised then lowered by the device before it could be fully processed by the APIC. Hence the apic sees the interrupt but does not know what device it came from. For this case the APIC hardware will assume a vector of 0xff. Rescheduling, call, and TLB flush interrupts are sent from one CPU to another per the needs of the OS. Typically, their statistics would be used to discover if an interrupt flood of the given type has been occuring. AK: merged v2 and v4 which had some more tweaks AK: replace Local interrupts with Local timer interrupts AK: Fixed description of interrupt types. [ tglx: arch/x86 adaptation ] [ mingo: small cleanup ] Signed-off-by: Joe Korty <joe.korty@ccur.com> Signed-off-by: Andi Kleen <ak@suse.de> Cc: Tim Hockin <thockin@hockin.org> Cc: Andi Kleen <ak@suse.de> Cc: Ingo Molnar <mingo@elte.hu> Cc: "H. Peter Anvin" <hpa@zytor.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: unify include/asm/ldt_32/64.hThomas Gleixner
The additional struct member of user_desc can be made conditional for 64 bit compiles. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2007-10-17x86: unify include/asm/ptrace-abi_32/64.hThomas Gleixner
Aside of the register defines the content can be shared. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2007-10-17x86: unify include/asm/mce_32/64.hThomas Gleixner
Merge the files together. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2007-10-17x86: asm-i386/io.h fix constnessAndrew Morton
- Fix this: include/asm/io.h: In function `memcpy_fromio': include/asm/io.h:208: warning: passing argument 2 of `__memcpy' discards qualifiers from pointer target type - Clean up code a bit Reported-by: Uwe Bugla <uwe.bugla@gmx.de> Cc: Andi Kleen <ak@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: visws extern inline to static inlineAdrian Bunk
"extern inline" will have different semantics with gcc 4.3. Signed-off-by: Adrian Bunk <bunk@kernel.org> Acked-by: Andrey Panin <pazke@donpac.ru> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: cleanup 64bit unistd.hThomas Gleixner
sys_iopl is long gone and there is no reason to declare sys_rt_sigaction here. Remove it all together and fix the whitespace mess as well. It's worth the trouble: 25897 -> 21337 bytes, the win is larger than the memory of my first computer :) Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2007-10-17i386: fix argument signedness warningsSatyam Sharma
These build warnings: In file included from include/asm/thread_info.h:16, from include/linux/thread_info.h:21, from include/linux/preempt.h:9, from include/linux/spinlock.h:49, from include/linux/vmalloc.h:4, from arch/i386/boot/compressed/misc.c:14: include/asm/processor.h: In function cpuid_count include/asm/processor.h:615: warning: pointer targets in passing argument 1 of native_cpuid differ in signedness include/asm/processor.h:615: warning: pointer targets in passing argument 2 of native_cpuid differ in signedness include/asm/processor.h:615: warning: pointer targets in passing argument 3 of native_cpuid differ in signedness include/asm/processor.h:615: warning: pointer targets in passing argument 4 of native_cpuid differ in signedness come because the arguments have been specified as pointers to (signed) int types, not unsigned. So let's specify those as unsigned. Do some codingstyle here and there while at it. [ tglx: arch/x86 adaptation ] Signed-off-by: Satyam Sharma <satyam@infradead.org> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: rename .i assembler includes to .hAdrian Bunk
.i is an ending used for preprocessed stuff. This patch therefore renames assembler include files to .h and guards the contents with an #ifdef __ASSEMBLY__. [ tglx: arch/x86 adaptation ] Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: Add parenthesis to IRQ vector macrosSteven Rostedt
It is not good taste to have macros with additions that do not have parenthesises around them. This patch parethesizes the IRQ vector macros for x86_64 arch. Note, this caused me a bit of heart-ache debugging lguest64. [ tglx: arch/x86 adaptation ] Signed-off-by: Steven Rostedt <rostedt@goodmis.org> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: Eliminate result signage problem in asm-x86_64/bitops.hChuck Lever
The return type of __scanbit() doesn't match the return type of find_{first,next}_bit(). Thus when you construct something like this: boolean ? __scanbit() : find_first_bit() you get an unsigned long result if "boolean" is true, and a signed long result if "boolean" is false. In file included from /home/cel/src/linux/include/linux/mmzone.h:15, from /home/cel/src/linux/include/linux/gfp.h:4, from /home/cel/src/linux/include/linux/slab.h:14, from /home/cel/src/linux/include/linux/percpu.h:5, from /home/cel/src/linux/include/linux/rcupdate.h:41, from /home/cel/src/linux/include/linux/dcache.h:10, from /home/cel/src/linux/include/linux/fs.h:275, from /home/cel/src/linux/fs/nfs/sysctl.c:9: /home/cel/src/linux/include/linux/nodemask.h: In function ‘__first_node’: /home/cel/src/linux/include/linux/nodemask.h:229: warning: signed and unsigned type in conditional expression /home/cel/src/linux/include/linux/nodemask.h: In function ‘__next_node’: /home/cel/src/linux/include/linux/nodemask.h:235: warning: signed and unsigned type in conditional expression /home/cel/src/linux/include/linux/nodemask.h: In function ‘__first_unset_node’: /home/cel/src/linux/include/linux/nodemask.h:253: warning: signed and unsigned type in conditional expression [ tglx: arch/x86 adaptation ] Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: remove STR() macrosGlauber de Oliveira Costa
This patch removes the __STR() and STR() macros from x86_64 header files. They seem to be legacy, and has no more users. Even if there were users, they should use __stringify() instead. In fact, there were one third place in which this macro was defined (ia32_binfmt.c), and used just below. In this file, usage was properly converted to __stringify() [ tglx: arch/x86 adaptation ] Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: remove x86_cpu_to_log_apicidMike Travis
Remove the x86_cpu_to_log_apicid array. It is set in arch/x86_64/kernel/genapic_flat.c:flat_init_apic_ldr() and arch/x86_64/kernel/smpboot.c:do_boot_cpu() but it is never referenced. [ tglx: arch/x86 adaptation ] Signed-off-by: Mike Travis <travis@sgi.com> Signed-off-by: Christoph Lameter <clameter@sgi.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17i386: Remove strrchr assembler implementationAndi Kleen
The constraints in the inline assembler implementation of i386 strrchr() were incorrect and break the build with recent gcc 4.3. Since there are only very few callers of strrchr() and none of them are performance relevant just remove the assembler implementation and use the C fallback instead. [ tglx: arch/x86 adaptation ] Cc: rguenther@suse.de Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: make atomic64_t work like atomic_tChris Snook
The volatile keyword has already been removed from the declaration of atomic_t on x86_64. For consistency, remove it from atomic64_t as well. [ tglx: arch/x86 adaptation ] Signed-off-by: Chris Snook <csnook@redhat.com> Signed-off-by: Andi Kleen <ak@suse.de> CC: Andi Kleen <andi@firstfloor.org> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17i386: no need to make enable_cpu_hotplug a variableAdrian Bunk
As long as there's no write access to this variable there's no reason to let gcc check it at runtime. [ tglx: arch/x86 adaptation ] Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: Create clflush() inline, remove hardcoded wbinvdH. Peter Anvin
Create an inline function for clflush(), with the proper arguments, and use it instead of hard-coding the instruction. This also removes one instance of hard-coded wbinvd, based on a patch by Bauder de Oliveira Costa. [ tglx: arch/x86 adaptation ] Cc: Andi Kleen <andi@firstfloor.org> Cc: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: H. Peter Anvin <hpa@zytor.com> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: constify stacktrace_opsJan Beulich
.. as they're never written to. [ tglx: arch/x86 adaptation ] Signed-off-by: Jan Beulich <jbeulich@novell.com> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: remove reminder of i386 irqstat per cpu conversionThomas Gleixner
The i386 irqstat per cpu conversion left an bogus export of the old irqstat array in the header file. Remove it. [ tglx: arch/x86 adaptation ] Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Ingo Molnar <mingo@elte.hu>
2007-10-17x86_64: Remove serialize_cpu() inlineAndi Kleen
- It was redundant with sync_core() - It was unused - It was broken: no input arguments to cpuid; could fault randomly depending on eax contents. Now it's gone. [ tglx: arch/x86 adaptation ] Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: hide cond_syscall behind __KERNEL__Mike Frysinger
This brings x86_64 into line with all other architectures by only defining cond_syscall() when __KERNEL__ is defined. [ tglx: arch/x86 adaptation ] Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: mark read_crX() asm code as volatileKirill Korotaev
Some gcc versions (I checked at least 4.1.1 from RHEL5 & 4.1.2 from gentoo) can generate incorrect code with read_crX()/write_crX() functions mix up, due to cached results of read_crX(). The small app for x8664 below compiled with -O2 demonstrates this (i686 does the same thing):
2007-10-17i386: fix 4 bit apicid assumption of mach-defaultSiddha, Suresh B
Fix get_apic_id() in mach-default, so that it uses 8 bits incase of xAPIC case and 4 bits for legacy APIC case. This fixes the i386 kernel assumption that apic id is less than 16 for xAPIC platforms with 8 cpus or less and makes the kernel boot on such platforms. [ tglx: arch/x86 adaptation ] Signed-off-by: Suresh Siddha <suresh.b.siddha@intel.com> Signed-off-by: Andi Kleen <ak@suse.de> Cc: Andi Kleen <ak@suse.de> Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17i386: export i386 smp_call_function_mask() to modulesLaurent Vivier
This patch export i386 smp_call_function_mask() with EXPORT_SYMBOL(). This function is needed by KVM to call a function on a set of CPUs. [ tglx: arch/x86 adaptation ] Signed-off-by: Laurent Vivier <Laurent.Vivier@bull.net> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17x86: clean up apicid_to_node declarationAndrew Morton
Use the correct #define in the declaration of apicid_to_node[], to match the definition. [ tglx: arch/x86 adaptation ] Cc: Andi Kleen <ak@suse.de> Cc: David Rientjes <rientjes@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2007-10-17Merge git://git.kernel.org/pub/scm/linux/kernel/git/mingo/linux-2.6-schedLinus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/mingo/linux-2.6-sched: sched: fix new task startup crash sched: fix !SYSFS build breakage sched: fix improper load balance across sched domain sched: more robust sd-sysctl entry freeing
2007-10-17Merge branch 'merge' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc * 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc: (24 commits) [POWERPC] Fix vmemmap warning in init_64.c [POWERPC] Fix 64 bits vDSO DWARF info for CR register [POWERPC] Add 1TB workaround for PA6T [POWERPC] Enable NO_HZ and high res timers for pseries and ppc64 configs [POWERPC] Quieten cache information at boot [POWERPC] Quieten clockevent printk [POWERPC] Enable SLUB in *_defconfig [POWERPC] Fix 1TB segment detection [POWERPC] Fix iSeries_hpte_insert prototype [POWERPC] Fix copyright symbol [POWERPC] ibmebus: Move to of_device and of_platform_driver, match eHCA and eHEA drivers [POWERPC] ibmebus: Add device creation and bus probing based on of_device [POWERPC] ibmebus: Remove bus match/probe/remove functions [POWERPC] Move of_device allocation into of_device.[ch] [POWERPC] mpc52xx: device tree changes for FEC and MDIO [POWERPC] bestcomm: GenBD task support [POWERPC] bestcomm: FEC task support [POWERPC] bestcomm: ATA task support [POWERPC] bestcomm: core bestcomm support for Freescale MPC5200 [POWERPC] mpc52xx: Update mpc52xx_psc structure with B revision changes ...
2007-10-17Merge branch 'master' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/hpa/linux-2.6-x86setup * 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/hpa/linux-2.6-x86setup: Remove magic macros for screen_info structure members [x86] remove uses of magic macros for boot_params access
2007-10-17security/ cleanupsAdrian Bunk
This patch contains the following cleanups that are now possible: - remove the unused security_operations->inode_xattr_getsuffix - remove the no longer used security_operations->unregister_security - remove some no longer required exit code - remove a bunch of no longer used exports Signed-off-by: Adrian Bunk <bunk@kernel.org> Acked-by: James Morris <jmorris@namei.org> Cc: Chris Wright <chrisw@sous-sol.org> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: Serge Hallyn <serue@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-17Implement file posix capabilitiesSerge E. Hallyn
Implement file posix capabilities. This allows programs to be given a subset of root's powers regardless of who runs them, without having to use setuid and giving the binary all of root's powers. This version works with Kaigai Kohei's userspace tools, found at http://www.kaigai.gr.jp/index.php. For more information on how to use this patch, Chris Friedhoff has posted a nice page at http://www.friedhoff.org/fscaps.html. Changelog: Nov 27: Incorporate fixes from Andrew Morton (security-introduce-file-caps-tweaks and security-introduce-file-caps-warning-fix) Fix Kconfig dependency. Fix change signaling behavior when file caps are not compiled in. Nov 13: Integrate comments from Alexey: Remove CONFIG_ ifdef from capability.h, and use %zd for printing a size_t. Nov 13: Fix endianness warnings by sparse as suggested by Alexey Dobriyan. Nov 09: Address warnings of unused variables at cap_bprm_set_security when file capabilities are disabled, and simultaneously clean up the code a little, by pulling the new code into a helper function. Nov 08: For pointers to required userspace tools and how to use them, see http://www.friedhoff.org/fscaps.html. Nov 07: Fix the calculation of the highest bit checked in check_cap_sanity(). Nov 07: Allow file caps to be enabled without CONFIG_SECURITY, since capabilities are the default. Hook cap_task_setscheduler when !CONFIG_SECURITY. Move capable(TASK_KILL) to end of cap_task_kill to reduce audit messages. Nov 05: Add secondary calls in selinux/hooks.c to task_setioprio and task_setscheduler so that selinux and capabilities with file cap support can be stacked. Sep 05: As Seth Arnold points out, uid checks are out of place for capability code. Sep 01: Define task_setscheduler, task_setioprio, cap_task_kill, and task_setnice to make sure a user cannot affect a process in which they called a program with some fscaps. One remaining question is the note under task_setscheduler: are we ok with CAP_SYS_NICE being sufficient to confine a process to a cpuset? It is a semantic change, as without fsccaps, attach_task doesn't allow CAP_SYS_NICE to override the uid equivalence check. But since it uses security_task_setscheduler, which elsewhere is used where CAP_SYS_NICE can be used to override the uid equivalence check, fixing it might be tough. task_setscheduler note: this also controls cpuset:attach_task. Are we ok with CAP_SYS_NICE being used to confine to a cpuset? task_setioprio task_setnice sys_setpriority uses this (through set_one_prio) for another process. Need same checks as setrlimit Aug 21: Updated secureexec implementation to reflect the fact that euid and uid might be the same and nonzero, but the process might still have elevated caps. Aug 15: Handle endianness of xattrs. Enforce capability version match between kernel and disk. Enforce that no bits beyond the known max capability are set, else return -EPERM. With this extra processing, it may be worth reconsidering doing all the work at bprm_set_security rather than d_instantiate. Aug 10: Always call getxattr at bprm_set_security, rather than caching it at d_instantiate. [morgan@kernel.org: file-caps clean up for linux/capability.h] [bunk@kernel.org: unexport cap_inode_killpriv] Signed-off-by: Serge E. Hallyn <serue@us.ibm.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: James Morris <jmorris@namei.org> Cc: Chris Wright <chrisw@sous-sol.org> Cc: Andrew Morgan <morgan@kernel.org> Signed-off-by: Andrew Morgan <morgan@kernel.org> Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-10-17ifdef struct task_struct::securityAlexey Dobriyan
For those who don't care about CONFIG_SECURITY. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Casey Schaufler <casey@schaufler-ca.com> Cc: James Morris <jmorris@namei.org> Cc: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>