sungmin ha [Fri, 25 Oct 2013 05:24:42 +0000 (14:24 +0900)]
Merge branch 'internal' into tizen_2.2
Change-Id: I2a4a83f294ced3b0c321ff2068bab0d8416cad9f
Signed-off-by: sungmin ha <sungmin82.ha@samsung.com>
Kitae Kim [Fri, 25 Oct 2013 02:03:09 +0000 (11:03 +0900)]
package: version up
Update package version
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
Kitae Kim [Thu, 24 Oct 2013 16:44:40 +0000 (01:44 +0900)]
brillcodec: source clean-up and store each codec information
When a process tried to use codec at first, codec device from qemu
copied codec information such as name, media type and etc.
In addtion to this, codec set is determined at libav compile time.
That's why driver stores codec information as a cache.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
jinhyung.jo [Thu, 24 Oct 2013 11:19:59 +0000 (20:19 +0900)]
Sync up with tizen 2.2
Change-Id: Ic2f4801957564061b6f2891b6f414cb3b7033f86
Signed-off-by: Jinhyung Jo <jinhyung.jo@samsung.com>
Kitae Kim [Thu, 24 Oct 2013 05:30:20 +0000 (14:30 +0900)]
brillcodec: disable debug messages.
Debug messages might affect performance, especially on Windows
even if the messages are not printed into klog file.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
Kitae Kim [Fri, 18 Oct 2013 03:09:26 +0000 (12:09 +0900)]
package: version up
Update package version.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
Kitae Kim [Fri, 18 Oct 2013 02:52:02 +0000 (11:52 +0900)]
brillcodec: handle flush_buffer routine.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
GiWoong Kim [Tue, 24 Sep 2013 07:34:09 +0000 (16:34 +0900)]
package: version up
1.4.27
Signed-off-by: GiWoong Kim <giwoong.kim@samsung.com>
GiWoong Kim [Tue, 24 Sep 2013 07:30:50 +0000 (16:30 +0900)]
touch: increase the MT slot size
Signed-off-by: GiWoong Kim <giwoong.kim@samsung.com>
Kitae Kim [Mon, 16 Sep 2013 06:40:58 +0000 (15:40 +0900)]
package: version up
Update package version.
Change-Id: I00a3041f7adaafa9f7e883e961557365a60c6659
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
Kitae Kim [Wed, 11 Sep 2013 12:48:47 +0000 (21:48 +0900)]
brillcodec: add new codec device module.
Enhance performance of multi decoding and use device memory effectively.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
Kitae Kim [Thu, 22 Aug 2013 02:37:33 +0000 (11:37 +0900)]
Smack: applied 'L'mode patch.
Change-Id: I7a2008c496da8e41d29af17b62ab62f7e02c2d41
Signed-off-by: Jooseong Lee <jooseong.lee@samsung.com>
Kitae Kim [Tue, 27 Aug 2013 07:29:57 +0000 (16:29 +0900)]
package: version up
Update package version to apply smack 'L'mode.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
Kitae Kim [Thu, 22 Aug 2013 02:37:33 +0000 (11:37 +0900)]
Smack: applied 'L'mode patch.
Signed-off-by: Jooseong Lee <jooseong.lee@samsung.com>
sungmin ha [Thu, 25 Jul 2013 06:53:29 +0000 (15:53 +0900)]
virtio-hwkey: modified structure of virtio-hwkey
Change-Id: I57a90ef22ecaf56781a591c5dcdd5aac04f896b6
Signed-off-by: Sungmin Ha <sungmin82.ha@samsung.com>
Kitae Kim [Fri, 28 Jun 2013 01:42:43 +0000 (10:42 +0900)]
Smack: applied network-label-match patch.
This patch solved the problem that Smack recognizes incorrectly subject object pair
when checking IP packet access.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Tested-by: Bumjin Im <bj.im@samsung.com>
Change-Id: I8b702adc78f52f03629a2b951af6040147366a5b
Kitae Kim [Fri, 28 Jun 2013 01:46:30 +0000 (10:46 +0900)]
package: version up
Update package version to apply Smack patch.
Change-Id: I7bbd0082f1dd8a211351f3b2d1e1b76391174175
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
Kitae Kim [Fri, 28 Jun 2013 01:42:43 +0000 (10:42 +0900)]
Smack: applied network-label-match patch.
This patch solved the problem that Smack recognizes incorrectly subject object pair
when checking IP packet access.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Tested-by: Bumjin Im <bj.im@samsung.com>
Change-Id: I8b702adc78f52f03629a2b951af6040147366a5b
Sangjin Kim [Mon, 24 Jun 2013 08:42:14 +0000 (17:42 +0900)]
Update sdk version to tizen_2.2
Change-Id: I4cb4ff2d7b52e143d11cf5f6f76f0a85c8891e4b
Signed-off-by: Sangjin Kim <sangjin3.kim@samsung.com>
SeokYeon Hwang [Tue, 4 Jun 2013 07:43:58 +0000 (16:43 +0900)]
Unset CROSS_COMPILE env because it might be set.
Change-Id: I8f11c621e5ca864002b57195e64dc84e19a10e28
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
Kitae Kim [Tue, 28 May 2013 01:20:11 +0000 (10:20 +0900)]
package: version up
Update package version.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
Casey Schaufler [Tue, 2 Apr 2013 18:41:18 +0000 (11:41 -0700)]
Smack: include magic.h in smackfs.c
commit
958d2c2f4ad905e3ffa1711d19184d21d9b00cc1 upstream
As reported for linux-next: Tree for Apr 2 (smack)
Add the required include for smackfs.c
Change-Id: I0fcf02693b9f5a0627edb3dfd79eeb671982cc5d
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reported-by: Randy Dunlap <rdunlap@infradead.org>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53907
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Rafal Krypa [Thu, 10 Jan 2013 18:42:00 +0000 (19:42 +0100)]
Smack: add support for modification of existing rules
commit
e05b6f982a049113a88a1750e13fdb15298cbed4 upstream
Rule modifications are enabled via /smack/change-rule. Format is as follows:
"Subject Object rwaxt rwaxt"
First two strings are subject and object labels up to 255 characters.
Third string contains permissions to enable.
Fourth string contains permissions to disable.
All unmentioned permissions will be left unchanged.
If no rule previously existed, it will be created.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Change-Id: If70a8b8a88ce2abc6b10bdd7bc7791996e70c8cd
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53906
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Rafal Krypa [Thu, 13 Dec 2012 18:02:09 +0000 (19:02 +0100)]
Revert "Smack: add support for modification of existing rules"
This reverts commit
3cf5b164d32a648a627506a21d2fc6a6c24a2808.
Change-Id: Ia099ccd24faf7556771e0fd08184bc6065db92a8
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53905
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Rafal Krypa [Mon, 17 Sep 2012 13:38:30 +0000 (15:38 +0200)]
Smack: prevent revoke-subject from failing when unseen label is written to it
commit
d15d9fad16f6aa459cf4926a1d3aba36b004e9a2 upstream
Special file /smack/revoke-subject will silently accept labels, that are not
present on the subject label list. Nothing has to be done for such labels,
as there are no rules for them to revoke.
Change-Id: I326e1fad79a99a48839de8c35abfe709391e0f30
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53903
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Casey Schaufler [Fri, 2 Nov 2012 01:14:32 +0000 (18:14 -0700)]
Smack: create a sysfs mount point for smackfs
commit
e93072374112db9dc86635934ee761249be28370 upstream
There are a number of "conventions" for where to put LSM filesystems.
Smack adheres to none of them. Create a mount point at /sys/fs/smackfs
for mounting smackfs so that Smack can be conventional.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Change-Id: Ibdb521f61147545376f3e62b80905c8751ea0fc8
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53902
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Casey Schaufler [Fri, 2 Nov 2012 18:28:11 +0000 (11:28 -0700)]
Smack: use select not depends in Kconfig
commit
111fe8bd65e473d5fc6a0478cf1e2c8c6a77489a upstream
The components NETLABEL and SECURITY_NETWORK are required by
Smack. Using "depends" in Kconfig hides the Smack option
if the user hasn't figured out that they need to be enabled
while using make menuconfig. Using select is a better choice.
Because select is not recursive depends on NET and SECURITY
are added. The reflects similar usage in TOMOYO and AppArmor.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Change-Id: I375867a1c1ec6958ae4b579823f651b6431e5cc6
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-on: http://165.213.202.130:8080/53901
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Yeongkyoon Lee [Tue, 21 May 2013 08:58:19 +0000 (17:58 +0900)]
Merge "virtio-keyboard: added initializing vqidx when the host keyboard is turned on." into tizen_2.1
sungmin ha [Tue, 21 May 2013 09:02:05 +0000 (18:02 +0900)]
virtio-keyboard: added initializing vqidx when the host keyboard is turned on.
Signed-off-by: Sungmin Ha <sungmin82.ha@samsung.com>
Yeongkyoon Lee [Tue, 21 May 2013 08:57:40 +0000 (17:57 +0900)]
Merge "Smack: setprocattr memory leak fix" into tizen_2.1
Yeongkyoon Lee [Tue, 21 May 2013 08:57:32 +0000 (17:57 +0900)]
Merge "Smack: remove task_wait() hook." into tizen_2.1
Yeongkyoon Lee [Tue, 21 May 2013 08:57:21 +0000 (17:57 +0900)]
Merge "smack: off by one error" into tizen_2.1
Yeongkyoon Lee [Tue, 21 May 2013 08:57:12 +0000 (17:57 +0900)]
Merge "Fix common_audit_data type for smack_inode_unlink() and smack_inode_rmdir()" into tizen_2.1
Casey Schaufler [Wed, 22 Aug 2012 18:44:03 +0000 (11:44 -0700)]
Smack: setprocattr memory leak fix
commit
46a2f3b9e99353cc63e15563e8abee71162330f7 upstream
The data structure allocations being done in prepare_creds
are duplicated in smack_setprocattr. This results in the
structure allocated in prepare_creds being orphaned and
never freed. The duplicate code is removed from
smack_setprocattr.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Change-Id: I192cdad82cbdb3a57cb8f4df06d5df9a5ac36c82
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53900
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Casey Schaufler [Fri, 10 Aug 2012 00:46:38 +0000 (17:46 -0700)]
Smack: remove task_wait() hook.
commit
c00bedb368ae02a066aed8a888afc286c1df2e60 upstream
On 12/20/2011 11:20 PM, Jarkko Sakkinen wrote:
> Allow SIGCHLD to be passed to child process without
> explicit policy. This will help to keep the access
> control policy simple and easily maintainable with
> complex applications that require use of multiple
> security contexts. It will also help to keep them
> as isolated as possible.
>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
I have a slightly different version that applies to the
current smack-next tree.
Allow SIGCHLD to be passed to child process without
explicit policy. This will help to keep the access
control policy simple and easily maintainable with
complex applications that require use of multiple
security contexts. It will also help to keep them
as isolated as possible.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
security/smack/smack_lsm.c | 37 ++++++++-----------------------------
1 files changed, 8 insertions(+), 29 deletions(-)
Change-Id: If37564a178a336b0097d314f4915c65a19c29c91
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53899
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Alan Cox [Thu, 26 Jul 2012 21:47:11 +0000 (14:47 -0700)]
smack: off by one error
commit
3b9fc37280c521b086943f9aedda767f5bf3b2d3 upstream
Consider the input case of a rule that consists entirely of non space
symbols followed by a \0. Say 64 + \0
In this case strlen(data) = 64
kzalloc of subject and object are 64 byte objects
sscanfdata, "%s %s %s", subject, ...)
will put 65 bytes into subject.
Change-Id: I23f9eddde5747bb1dde6e3fd5a4fbe08fd152ff2
Signed-off-by: Alan Cox <alan@linux.intel.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Cc: stable@vger.kernel.org
Signed-off-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53898
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Dongsu Kim [Fri, 8 Mar 2013 05:20:39 +0000 (14:20 +0900)]
Fix common_audit_data type for smack_inode_unlink() and smack_inode_rmdir()
Change-Id: I39afcae6eeff869733b820f8f654fae5bf47f7e7
Signed-off-by: Dongsu Kim <dongsu17.kim@samsung.com>
Reviewed-on: http://165.213.202.130:8080/52126
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
SeokYeon Hwang [Tue, 21 May 2013 06:36:07 +0000 (15:36 +0900)]
Package version up.
Change-Id: Idd5b6248badc73bcdb75ee2cbf4d83e2622ecfcd
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
SeokYeon Hwang [Wed, 17 Apr 2013 08:38:20 +0000 (17:38 +0900)]
Add *.builtin files to .gitignore for convenience.
Change-Id: I42bd0704b46463e7627d7a6e68cd50b8169e002b
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
SeokYeon Hwang [Thu, 18 Apr 2013 06:10:02 +0000 (15:10 +0900)]
sdcard: Prepare mmcblk index more than 0
Change-Id: I7907abbe6906f569b4d981d85149e87fd15154e1
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
Alexander Graf [Wed, 2 Jan 2013 05:07:17 +0000 (05:07 +0000)]
virtio-blk: Don't free ida when disk is in use
When a file system is mounted on a virtio-blk disk, we then remove it
and then reattach it, the reattached disk gets the same disk name and
ids as the hot removed one.
This leads to very nasty effects - mostly rendering the newly attached
device completely unusable.
Trying what happens when I do the same thing with a USB device, I saw
that the sd node simply doesn't get free'd when a device gets forcefully
removed.
Imitate the same behavior for vd devices. This way broken vd devices
simply are never free'd and newly attached ones keep working just fine.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Cc: stable@kernel.org
Asias He [Fri, 25 May 2012 02:34:48 +0000 (02:34 +0000)]
virtio-blk: Reset device after blk_cleanup_queue()
blk_cleanup_queue() will call blk_drian_queue() to drain all the
requests before queue DEAD marking. If we reset the device before
blk_cleanup_queue() the drain would fail.
1) if the queue is stopped in do_virtblk_request() because device is
full, the q->request_fn() will not be called.
blk_drain_queue() {
while(true) {
...
if (!list_empty(&q->queue_head))
__blk_run_queue(q) {
if (queue is not stoped)
q->request_fn()
}
...
}
}
Do no reset the device before blk_cleanup_queue() gives the chance to
start the queue in interrupt handler blk_done().
2) In commit
b79d866c8b7014a51f611a64c40546109beaf24a, We abort requests
dispatched to driver before blk_cleanup_queue(). There is a race if
requests are dispatched to driver after the abort and before the queue
DEAD mark. To fix this, instead of aborting the requests explicitly, we
can just reset the device after after blk_cleanup_queue so that the
device can complete all the requests before queue DEAD marking in the
drain process.
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: virtualization@lists.linux-foundation.org
Cc: kvm@vger.kernel.org
Cc: stable@kernel.org
Signed-off-by: Asias He <asias@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Asias He [Fri, 25 May 2012 02:34:47 +0000 (02:34 +0000)]
virtio-blk: Call del_gendisk() before disable guest kick
del_gendisk() might not return due to failing to remove the
/sys/block/vda/serial sysfs entry when another thread (udev) is
trying to read it.
virtblk_remove()
vdev->config->reset() : guest will not kick us through interrupt
del_gendisk()
device_del()
kobject_del(): got stuck, sysfs entry ref count non zero
sysfs_open_file(): user space process read /sys/block/vda/serial
sysfs_get_active() : got sysfs entry ref count
dev_attr_show()
virtblk_serial_show()
blk_execute_rq() : got stuck, interrupt is disabled
request cannot be finished
This patch fixes it by calling del_gendisk() before we disable guest's
interrupt so that the request sent in virtblk_serial_show() will be
finished and del_gendisk() will success.
This fixes another race in hot-unplug process.
It is save to call del_gendisk(vblk->disk) before
flush_work(&vblk->config_work) which might access vblk->disk, because
vblk->disk is not freed until put_disk(vblk->disk).
Cc: virtualization@lists.linux-foundation.org
Cc: kvm@vger.kernel.org
Cc: stable@kernel.org
Signed-off-by: Asias He <asias@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Asias He [Fri, 30 Mar 2012 03:24:10 +0000 (03:24 +0000)]
virtio_blk: Drop unused request tracking list
Benchmark shows small performance improvement on fusion io device.
Before:
seq-read : io=1,024MB, bw=19,982KB/s, iops=39,964, runt= 52475msec
seq-write: io=1,024MB, bw=20,321KB/s, iops=40,641, runt= 51601msec
rnd-read : io=1,024MB, bw=15,404KB/s, iops=30,808, runt= 68070msec
rnd-write: io=1,024MB, bw=14,776KB/s, iops=29,552, runt= 70963msec
After:
seq-read : io=1,024MB, bw=20,343KB/s, iops=40,685, runt= 51546msec
seq-write: io=1,024MB, bw=20,803KB/s, iops=41,606, runt= 50404msec
rnd-read : io=1,024MB, bw=16,221KB/s, iops=32,442, runt= 64642msec
rnd-write: io=1,024MB, bw=15,199KB/s, iops=30,397, runt= 68991msec
Signed-off-by: Asias He <asias@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Asias He [Fri, 4 May 2012 12:22:04 +0000 (12:22 +0000)]
virtio-blk: Fix hot-unplug race in remove method
If we reset the virtio-blk device before the requests already dispatched
to the virtio-blk driver from the block layer are finised, we will stuck
in blk_cleanup_queue() and the remove will fail.
blk_cleanup_queue() calls blk_drain_queue() to drain all requests queued
before DEAD marking. However it will never success if the device is
already stopped. We'll have q->in_flight[] > 0, so the drain will not
finish.
How to reproduce the race:
1. hot-plug a virtio-blk device
2. keep reading/writing the device in guest
3. hot-unplug while the device is busy serving I/O
Test:
~1000 rounds of hot-plug/hot-unplug test passed with this patch.
Changes in v3:
- Drop blk_abort_queue and blk_abort_request
- Use __blk_end_request_all to complete request dispatched to driver
Changes in v2:
- Drop req_in_flight
- Use virtqueue_detach_unused_buf to get request dispatched to driver
Signed-off-by: Asias He <asias@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
SeokYeon Hwang [Mon, 15 Apr 2013 13:58:58 +0000 (22:58 +0900)]
sdcard: Prepare virtio sdcard
For higher performance and mount support by Tizen system framework.
Change-Id: I05878ec01983c7dda65975f3135ebcf05442d788
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
Casey Schaufler [Tue, 2 Apr 2013 18:41:18 +0000 (11:41 -0700)]
Smack: include magic.h in smackfs.c
commit
958d2c2f4ad905e3ffa1711d19184d21d9b00cc1 upstream
As reported for linux-next: Tree for Apr 2 (smack)
Add the required include for smackfs.c
Change-Id: I0fcf02693b9f5a0627edb3dfd79eeb671982cc5d
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reported-by: Randy Dunlap <rdunlap@infradead.org>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53907
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Rafal Krypa [Thu, 10 Jan 2013 18:42:00 +0000 (19:42 +0100)]
Smack: add support for modification of existing rules
commit
e05b6f982a049113a88a1750e13fdb15298cbed4 upstream
Rule modifications are enabled via /smack/change-rule. Format is as follows:
"Subject Object rwaxt rwaxt"
First two strings are subject and object labels up to 255 characters.
Third string contains permissions to enable.
Fourth string contains permissions to disable.
All unmentioned permissions will be left unchanged.
If no rule previously existed, it will be created.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Change-Id: If70a8b8a88ce2abc6b10bdd7bc7791996e70c8cd
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53906
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Rafal Krypa [Thu, 13 Dec 2012 18:02:09 +0000 (19:02 +0100)]
Revert "Smack: add support for modification of existing rules"
This reverts commit
3cf5b164d32a648a627506a21d2fc6a6c24a2808.
Change-Id: Ia099ccd24faf7556771e0fd08184bc6065db92a8
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53905
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Rafal Krypa [Mon, 17 Sep 2012 13:38:30 +0000 (15:38 +0200)]
Smack: prevent revoke-subject from failing when unseen label is written to it
commit
d15d9fad16f6aa459cf4926a1d3aba36b004e9a2 upstream
Special file /smack/revoke-subject will silently accept labels, that are not
present on the subject label list. Nothing has to be done for such labels,
as there are no rules for them to revoke.
Change-Id: I326e1fad79a99a48839de8c35abfe709391e0f30
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53903
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Casey Schaufler [Fri, 2 Nov 2012 01:14:32 +0000 (18:14 -0700)]
Smack: create a sysfs mount point for smackfs
commit
e93072374112db9dc86635934ee761249be28370 upstream
There are a number of "conventions" for where to put LSM filesystems.
Smack adheres to none of them. Create a mount point at /sys/fs/smackfs
for mounting smackfs so that Smack can be conventional.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Change-Id: Ibdb521f61147545376f3e62b80905c8751ea0fc8
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53902
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Casey Schaufler [Fri, 2 Nov 2012 18:28:11 +0000 (11:28 -0700)]
Smack: use select not depends in Kconfig
commit
111fe8bd65e473d5fc6a0478cf1e2c8c6a77489a upstream
The components NETLABEL and SECURITY_NETWORK are required by
Smack. Using "depends" in Kconfig hides the Smack option
if the user hasn't figured out that they need to be enabled
while using make menuconfig. Using select is a better choice.
Because select is not recursive depends on NET and SECURITY
are added. The reflects similar usage in TOMOYO and AppArmor.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Change-Id: I375867a1c1ec6958ae4b579823f651b6431e5cc6
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-on: http://165.213.202.130:8080/53901
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Casey Schaufler [Wed, 22 Aug 2012 18:44:03 +0000 (11:44 -0700)]
Smack: setprocattr memory leak fix
commit
46a2f3b9e99353cc63e15563e8abee71162330f7 upstream
The data structure allocations being done in prepare_creds
are duplicated in smack_setprocattr. This results in the
structure allocated in prepare_creds being orphaned and
never freed. The duplicate code is removed from
smack_setprocattr.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Change-Id: I192cdad82cbdb3a57cb8f4df06d5df9a5ac36c82
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53900
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Casey Schaufler [Fri, 10 Aug 2012 00:46:38 +0000 (17:46 -0700)]
Smack: remove task_wait() hook.
commit
c00bedb368ae02a066aed8a888afc286c1df2e60 upstream
On 12/20/2011 11:20 PM, Jarkko Sakkinen wrote:
> Allow SIGCHLD to be passed to child process without
> explicit policy. This will help to keep the access
> control policy simple and easily maintainable with
> complex applications that require use of multiple
> security contexts. It will also help to keep them
> as isolated as possible.
>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
I have a slightly different version that applies to the
current smack-next tree.
Allow SIGCHLD to be passed to child process without
explicit policy. This will help to keep the access
control policy simple and easily maintainable with
complex applications that require use of multiple
security contexts. It will also help to keep them
as isolated as possible.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
security/smack/smack_lsm.c | 37 ++++++++-----------------------------
1 files changed, 8 insertions(+), 29 deletions(-)
Change-Id: If37564a178a336b0097d314f4915c65a19c29c91
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53899
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Alan Cox [Thu, 26 Jul 2012 21:47:11 +0000 (14:47 -0700)]
smack: off by one error
commit
3b9fc37280c521b086943f9aedda767f5bf3b2d3 upstream
Consider the input case of a rule that consists entirely of non space
symbols followed by a \0. Say 64 + \0
In this case strlen(data) = 64
kzalloc of subject and object are 64 byte objects
sscanfdata, "%s %s %s", subject, ...)
will put 65 bytes into subject.
Change-Id: I23f9eddde5747bb1dde6e3fd5a4fbe08fd152ff2
Signed-off-by: Alan Cox <alan@linux.intel.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Cc: stable@vger.kernel.org
Signed-off-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Reviewed-on: http://165.213.202.130:8080/53898
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
Dongsu Kim [Fri, 8 Mar 2013 05:20:39 +0000 (14:20 +0900)]
Fix common_audit_data type for smack_inode_unlink() and smack_inode_rmdir()
Change-Id: I39afcae6eeff869733b820f8f654fae5bf47f7e7
Signed-off-by: Dongsu Kim <dongsu17.kim@samsung.com>
Reviewed-on: http://165.213.202.130:8080/52126
Reviewed-by: Kyungmin Park <kyungmin.park@samsung.com>
Tested-by: Kyungmin Park <kyungmin.park@samsung.com>
sungmin ha [Tue, 14 May 2013 08:51:26 +0000 (17:51 +0900)]
sync with latest
sungmin ha [Tue, 14 May 2013 07:37:51 +0000 (16:37 +0900)]
virtio-keyboard: modified process of using virtio keyboard queue
Signed-off-by: Sungmin Ha <sungmin82.ha@samsung.com>
Sooyoung Ha [Tue, 16 Apr 2013 12:25:23 +0000 (21:25 +0900)]
sync with latest
sungmin ha [Sat, 6 Apr 2013 09:08:16 +0000 (18:08 +0900)]
virtio-kbd: increased virtio keyboard queue
Signed-off-by: SungMin Ha <sungmin82.ha@samsung.com>
Sooyoung Ha [Wed, 3 Apr 2013 02:26:32 +0000 (11:26 +0900)]
update source for tizen_2.1
sungmin ha [Wed, 20 Mar 2013 03:22:51 +0000 (12:22 +0900)]
hwkey: added virtio hwkey driver
improve hwkey mapping
Signed-off-by: Sungmin Ha <sungmin82.ha@samsung.com>
SeokYeon Hwang [Fri, 15 Mar 2013 07:51:36 +0000 (16:51 +0900)]
[package] version up.
Change-Id: I2bf33cb7cc131d9d01f1a83f8c01f722143d66c8
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
SeokYeon Hwang [Thu, 14 Mar 2013 06:19:27 +0000 (15:19 +0900)]
kernel: Enable ext4 filesystem
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
Jinkun Jang [Thu, 14 Mar 2013 07:27:35 +0000 (16:27 +0900)]
sync
Jinkun Jang [Tue, 12 Mar 2013 17:15:49 +0000 (02:15 +0900)]
Tizen 2.1 base
Kitae Kim [Fri, 8 Mar 2013 05:59:25 +0000 (14:59 +0900)]
package: version up
Update package version.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
SeokYeon Hwang [Wed, 20 Feb 2013 08:12:13 +0000 (17:12 +0900)]
Revert "initframfs: W/A for boot with current platform images"
This reverts commit
be2ebbd086012b814820768d5e2d8aa9cadcdd04.
jinhyung.jo [Thu, 31 Jan 2013 06:40:52 +0000 (15:40 +0900)]
maru_backlight : source clean up
Modified the boilerplates.
Chaneged the MODULE_AUTHOR from Dohyung Hong to Jinhyung Jo.
Modified to suit the QEMU coding conventions.
Removed the pci device id, because it is included in the <linux/pci_ids.h>.
Signed-off-by: Jinhyung Jo <jinhyung.jo@samsung.com>
jinhyung.jo [Thu, 31 Jan 2013 06:51:21 +0000 (15:51 +0900)]
maru_overlay : source clean up
Modified the boilerplates.
removed an unnecessary log.
Signed-off-by: Jinhyung Jo <jinhyung.jo@samsung.com>
Kitae Kim [Fri, 1 Feb 2013 09:24:00 +0000 (18:24 +0900)]
package: version up
Update package version to enable BLK_DEV_CRYPTOLOOP option.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
Kitae Kim [Thu, 24 Jan 2013 06:27:54 +0000 (15:27 +0900)]
config: enable BLK_DEV_CRYPTOLOOP.
It is required to install applications into sdcard.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
SeokYeon Hwang [Thu, 24 Jan 2013 05:33:33 +0000 (14:33 +0900)]
kernel: Fix compilation warning.
Fix warnings at virtio-gl.
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
Kitae Kim [Tue, 22 Jan 2013 11:04:52 +0000 (20:04 +0900)]
kernel: remove compile warnings.
remove warnings at virtio-keyboard, virtio-esm, virtio-gl, maru_codec.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
SeokYeon Hwang [Wed, 23 Jan 2013 10:33:39 +0000 (19:33 +0900)]
initframfs: W/A for boot with current platform images
Until vdpram compatibility symlink - udev rules - is added on platform image, we should populate dpram manually.
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
Karol Lewandowski [Thu, 17 Jan 2013 13:28:51 +0000 (14:28 +0100)]
initramfs: Don't try to populate /dev
Recent udev (>= 182) depend on devtmpfs filesystem mounted in /dev.
Images using sysvinit as /sbin/init mount /dev/ as devtmpfs from
/etc/rc.d/rc.sysinit (which happens before udevd(8) is launched).
Images using systemd as /sbin/init doesn't use rc.sysinit or similar
script run before udevd(8), and thus, require devtmpfs to be mounted
earlier.
Change-Id: Ib3f884573d6f1d4fc11b84f5940daa9c708ae0bd
Karol Lewandowski [Thu, 17 Jan 2013 11:59:23 +0000 (12:59 +0100)]
vdpram: Export device node details to userspace
This will allow udevd(8) or similar program to automatically
create correct device nodes for us.
Change-Id: I9815b5ff9ba3842515ac7020254265188ab90feb
Karol Lewandowski [Thu, 17 Jan 2013 11:58:49 +0000 (12:58 +0100)]
vdpram: Rework error handling in module initialization function
Change-Id: I1d3584220e5b94921a7fcf143cadf2b3a16c9a1f
Karol Lewandowski [Wed, 16 Jan 2013 10:36:08 +0000 (11:36 +0100)]
vdpram: Simplify cdev operations
Change-Id: I0d4a5f211997f69111ed79b1192e17fa38bb555e
sungmin ha [Mon, 21 Jan 2013 11:17:44 +0000 (20:17 +0900)]
modified block device name for sdcard
jinhyung.jo [Mon, 14 Jan 2013 09:03:36 +0000 (18:03 +0900)]
package: version up
package: version up
Signed-off-by: Jinhyung Jo <jinhyung.jo@samsung.com>
jinhyung.jo [Fri, 4 Jan 2013 07:31:57 +0000 (16:31 +0900)]
maru_camera : fixed a bug
fixed a bug does not close when the device has been shut down with no streaming data.
Signed-off-by: Jinhyung Jo <jinhyung.jo@samsung.com>
jinhyung.jo [Wed, 26 Dec 2012 10:39:56 +0000 (19:39 +0900)]
maru_camera : remove the violations of sonar
remove 3 violations (MISRA 5.2)
Signed-off-by: Jinhyung Jo <jinhyung.jo@samsung.com>
giwoong.kim [Wed, 26 Dec 2012 01:24:37 +0000 (10:24 +0900)]
touch: removed sonar violation
it is redundant to check it against null
Signed-off-by: GiWoong Kim <giwoong.kim@samsung.com>
giwoong.kim [Tue, 18 Dec 2012 10:52:39 +0000 (19:52 +0900)]
touch: remove 'goto' statement
Goto statement must not be used.
Signed-off-by: GiWoong Kim <giwoong.kim@samsung.com>
syeon.hwang [Thu, 20 Dec 2012 02:14:50 +0000 (11:14 +0900)]
virtio-esm: Clean-up source code.
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
jinhyung.jo [Thu, 20 Dec 2012 01:47:14 +0000 (10:47 +0900)]
maru_camera : remove sonar viloation
remove sonar violation
Signed-off-by: Jinhyung Jo <jinhyung.jo@samsung.com>
Yeongkyoon Lee [Tue, 18 Dec 2012 04:59:29 +0000 (13:59 +0900)]
Merge "maru_codec : Fixed a bug when audio some codecs are decoded simultaneously." into release
Kitae Kim [Mon, 17 Dec 2012 06:02:25 +0000 (15:02 +0900)]
maru_virtio_keyboard : Modified virtio_keyboard driver.
Goto statement, comment and etc. in this driver break the sonar rules in C.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
sungmin ha [Tue, 18 Dec 2012 01:20:12 +0000 (10:20 +0900)]
[Title]modified for removing sonar violation
[Desc.]
[Issue]Numeric variables being used within a for loop for iteration counting shall not be modified in the body of the loop
Kitae Kim [Mon, 17 Dec 2012 17:10:23 +0000 (02:10 +0900)]
maru_codec : Fixed a bug when audio some codecs are decoded simultaneously.
Source cleanup and codec driver can get and set offset of device memory for audio type.
Signed-off-by: Kitae Kim <kt920.kim@samsung.com>
Conflicts:
package/changelog
syeon.hwang [Mon, 17 Dec 2012 08:58:39 +0000 (17:58 +0900)]
package: version up
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
sungmin ha [Mon, 17 Dec 2012 08:26:34 +0000 (17:26 +0900)]
[Title]modified for removing sonar violation
[Desc.]
[Issue]
syeon.hwang [Thu, 13 Dec 2012 08:30:55 +0000 (17:30 +0900)]
virtio-esm: Add missing source file
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
syeon.hwang [Wed, 12 Dec 2012 08:04:04 +0000 (17:04 +0900)]
virtio-esm: First introduce of virtio-esm
Introduce "Maru VirtIO EmulatorStatusMedium" for represent boot up progress.
Signed-off-by: SeokYeon Hwang <syeon.hwang@samsung.com>
Yeongkyoon Lee [Mon, 17 Dec 2012 04:29:26 +0000 (13:29 +0900)]
Merge "maru_camera : fixed a bug locking up" into release
jinhyung.jo [Mon, 17 Dec 2012 04:11:32 +0000 (13:11 +0900)]
maru_camera : fixed a bug locking up
fixed a bug locking up when the camera starting.
Signed-off-by: Jinhyung Jo <jinhyung.jo@samsung.com>
sungmin ha [Thu, 13 Dec 2012 10:52:12 +0000 (19:52 +0900)]
modified maru_usb_mass_storage for removing remanent sonar violations
sungmin ha [Thu, 13 Dec 2012 10:38:26 +0000 (19:38 +0900)]
modified maru usb, jack and power supply for removing sonar violations
jinhyung.jo [Fri, 14 Dec 2012 09:41:08 +0000 (18:41 +0900)]
maru_brightness : remove Sonar violations
remove Sonar violations
Signed-off-by: Jinhyung Jo <jinhyung.jo@samsung.com>
projects / sdk / emulator / emulator-kernel.git / log