Commit Graph

518744 Commits

Author SHA1 Message Date
Stephen Smalley
bd1741f4cf selinux: Augment BUG_ON assertion for secclass_map.
Ensure that we catch any cases where tclass == 0.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-07-13 13:31:59 -04:00
Stephen Smalley
5dee25d08e selinux: initialize sock security class to default value
Initialize the security class of sock security structures
to the generic socket class.  This is similar to what is
already done in inode_alloc_security for files.  Generally
the sclass field will later by set by socket_post_create
or sk_clone or sock_graft, but for protocol implementations
that fail to call any of these for newly accepted sockets,
we want some sane default that will yield a legitimate
avc denied message with non-garbage values for class and
permission.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-07-13 13:31:59 -04:00
Waiman Long
9629d04ae0 selinux: reduce locking overhead in inode_free_security()
The inode_free_security() function just took the superblock's isec_lock
before checking and trying to remove the inode security struct from the
linked list. In many cases, the list was empty and so the lock taking
is wasteful as no useful work is done. On multi-socket systems with
a large number of CPUs, there can also be a fair amount of spinlock
contention on the isec_lock if many tasks are exiting at the same time.

This patch changes the code to check the state of the list first before
taking the lock and attempting to dequeue it. The list_del_init()
can be called more than once on the same list with no harm as long
as they are properly serialized. It should not be possible to have
inode_free_security() called concurrently with list_add(). For better
safety, however, we use list_empty_careful() here even though it is
still not completely safe in case that happens.

Signed-off-by: Waiman Long <Waiman.Long@hp.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-07-13 13:31:59 -04:00
Jeff Vander Stoep
fa1aa143ac selinux: extended permissions for ioctls
Add extended permissions logic to selinux. Extended permissions
provides additional permissions in 256 bit increments. Extend the
generic ioctl permission check to use the extended permissions for
per-command filtering. Source/target/class sets including the ioctl
permission may additionally include a set of commands. Example:

allowxperm <source> <target>:<class> ioctl unpriv_app_socket_cmds
auditallowxperm <source> <target>:<class> ioctl priv_gpu_cmds

Where unpriv_app_socket_cmds and priv_gpu_cmds are macros
representing commonly granted sets of ioctl commands.

When ioctl commands are omitted only the permissions are checked.
This feature is intended to provide finer granularity for the ioctl
permission that may be too imprecise. For example, the same driver
may use ioctls to provide important and benign functionality such as
driver version or socket type as well as dangerous capabilities such
as debugging features, read/write/execute to physical memory or
access to sensitive data. Per-command filtering provides a mechanism
to reduce the attack surface of the kernel, and limit applications
to the subset of commands required.

The format of the policy binary has been modified to include ioctl
commands, and the policy version number has been incremented to
POLICYDB_VERSION_XPERMS_IOCTL=30 to account for the format
change.

The extended permissions logic is deliberately generic to allow
components to be reused e.g. netlink filters

Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by: Nick Kralevich <nnk@google.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-07-13 13:31:58 -04:00
Jeff Vander Stoep
671a2781ff security: add ioctl specific auditing to lsm_audit
Add information about ioctl calls to the LSM audit data. Log the
file path and command number.

Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by: Nick Kralevich <nnk@google.com>
[PM: subject line tweak]
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-07-13 13:31:58 -04:00
Stephen Smalley
892e8cac99 selinux: fix mprotect PROT_EXEC regression caused by mm change
commit 66fc130394 ("mm: shmem_zero_setup
skip security check and lockdep conflict with XFS") caused a regression
for SELinux by disabling any SELinux checking of mprotect PROT_EXEC on
shared anonymous mappings.  However, even before that regression, the
checking on such mprotect PROT_EXEC calls was inconsistent with the
checking on a mmap PROT_EXEC call for a shared anonymous mapping.  On a
mmap, the security hook is passed a NULL file and knows it is dealing
with an anonymous mapping and therefore applies an execmem check and no
file checks.  On a mprotect, the security hook is passed a vma with a
non-NULL vm_file (as this was set from the internally-created shmem
file during mmap) and therefore applies the file-based execute check
and no execmem check.  Since the aforementioned commit now marks the
shmem zero inode with the S_PRIVATE flag, the file checks are disabled
and we have no checking at all on mprotect PROT_EXEC.  Add a test to
the mprotect hook logic for such private inodes, and apply an execmem
check in that case.  This makes the mmap and mprotect checking
consistent for shared anonymous mappings, as well as for /dev/zero and
ashmem.

Cc: <stable@vger.kernel.org> # 4.1.x
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-07-10 16:45:29 -04:00
Paul Moore
3324603524 selinux: don't waste ebitmap space when importing NetLabel categories
At present we don't create efficient ebitmaps when importing NetLabel
category bitmaps.  This can present a problem when comparing ebitmaps
since ebitmap_cmp() is very strict about these things and considers
these wasteful ebitmaps not equal when compared to their more
efficient counterparts, even if their values are the same.  This isn't
likely to cause problems on 64-bit systems due to a bit of luck on
how NetLabel/CIPSO works and the default ebitmap size, but it can be
a problem on 32-bit systems.

This patch fixes this problem by being a bit more intelligent when
importing NetLabel category bitmaps by skipping over empty sections
which should result in a nice, efficient ebitmap.

Cc: stable@vger.kernel.org # 3.17
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-07-09 14:20:36 -04:00
J. Bruce Fields
9fc2b4b436 selinux: fix setting of security labels on NFS
Before calling into the filesystem, vfs_setxattr calls
security_inode_setxattr, which ends up calling selinux_inode_setxattr in
our case.  That returns -EOPNOTSUPP whenever SBLABEL_MNT is not set.
SBLABEL_MNT was supposed to be set by sb_finish_set_opts, which sets it
only if selinux_is_sblabel_mnt returns true.

The selinux_is_sblabel_mnt logic was broken by eadcabc697 "SELinux: do
all flags twiddling in one place", which didn't take into the account
the SECURITY_FS_USE_NATIVE behavior that had been introduced for nfs
with eb9ae68650 "SELinux: Add new labeling type native labels".

This caused setxattr's of security labels over NFSv4.2 to fail.

Cc: stable@kernel.org # 3.13
Cc: Eric Paris <eparis@redhat.com>
Cc: David Quigley <dpquigl@davequigley.com>
Reported-by: Richard Chan <rc556677@outlook.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
[PM: added the stable dependency]
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-06-05 14:21:48 -04:00
Stephen Smalley
42a9699a9f selinux: Remove unused permission definitions
Remove unused permission definitions from SELinux.
Many of these were only ever used in pre-mainline
versions of SELinux, prior to Linux 2.6.0.  Some of them
were used in the legacy network or compat_net=1 checks
that were disabled by default in Linux 2.6.18 and
fully removed in Linux 2.6.30.

Permissions never used in mainline Linux:
file swapon
filesystem transition
tcp_socket { connectto newconn acceptfrom }
node enforce_dest
unix_stream_socket { newconn acceptfrom }

Legacy network checks, removed in 2.6.30:
socket { recv_msg send_msg }
node { tcp_recv tcp_send udp_recv udp_send rawip_recv rawip_send dccp_recv dccp_send }
netif { tcp_recv tcp_send udp_recv udp_send rawip_recv rawip_send dccp_recv dccp_send }

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-06-04 16:22:17 -04:00
Stephen Smalley
8e01472078 selinux: enable genfscon labeling for sysfs and pstore files
Support per-file labeling of sysfs and pstore files based on
genfscon policy entries.  This is safe because the sysfs
and pstore directory tree cannot be manipulated by userspace,
except to unlink pstore entries.
This provides an alternative method of assigning per-file labeling
to sysfs or pstore files without needing to set the labels from
userspace on each boot.  The advantages of this approach are that
the labels are assigned as soon as the dentry is first instantiated
and userspace does not need to walk the sysfs or pstore tree and
set the labels on each boot.  The limitations of this approach are
that the labels can only be assigned based on pathname prefix matching.
You can initially assign labels using this mechanism and then change
them at runtime via setxattr if allowed to do so by policy.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Suggested-by: Dominick Grift <dac.override@gmail.com>
Acked-by: Jeff Vander Stoep <jeffv@google.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-06-04 16:22:17 -04:00
Stephen Smalley
134509d54e selinux: enable per-file labeling for debugfs files.
Add support for per-file labeling of debugfs files so that
we can distinguish them in policy.  This is particularly
important in Android where certain debugfs files have to be writable
by apps and therefore the debugfs directory tree can be read and
searched by all.

Since debugfs is entirely kernel-generated, the directory tree is
immutable by userspace, and the inodes are pinned in memory, we can
simply use the same approach as with proc and label the inodes from
policy based on pathname from the root of the debugfs filesystem.
Generalize the existing labeling support used for proc and reuse it
for debugfs too.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-06-04 16:22:17 -04:00
Stephen Smalley
6c6d2e9bde selinux: update netlink socket classes
Update the set of SELinux netlink socket class definitions to match
the set of netlink protocols implemented by the kernel.  The
ip_queue implementation for the NETLINK_FIREWALL and NETLINK_IP6_FW protocols
was removed in d16cf20e2f, so we can remove
the corresponding class definitions as this is dead code.  Add new
classes for NETLINK_ISCSI, NETLINK_FIB_LOOKUP, NETLINK_CONNECTOR,
NETLINK_NETFILTER, NETLINK_GENERIC, NETLINK_SCSITRANSPORT, NETLINK_RDMA,
and NETLINK_CRYPTO so that we can distinguish among sockets created
for each of these protocols.  This change does not define the finer-grained
nlsmsg_read/write permissions or map specific nlmsg_type values to those
permissions in the SELinux nlmsgtab; if finer-grained control of these
sockets is desired/required, that can be added as a follow-on change.
We do not define a SELinux class for NETLINK_ECRYPTFS as the implementation
was removed in 624ae52845.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-06-04 16:22:16 -04:00
Oleg Nesterov
9e7c8f8c62 signals: don't abuse __flush_signals() in selinux_bprm_committed_creds()
selinux_bprm_committed_creds()->__flush_signals() is not right, we
shouldn't clear TIF_SIGPENDING unconditionally. There can be other
reasons for signal_pending(): freezing(), JOBCTL_PENDING_MASK, and
potentially more.

Also change this code to check fatal_signal_pending() rather than
SIGNAL_GROUP_EXIT, it looks a bit better.

Now we can kill __flush_signals() before it finds another buggy user.

Note: this code looks racy, we can flush a signal which was sent after
the task SID has been updated.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-06-04 16:22:16 -04:00
Marek Milkovic
cded3fffbe selinux: Print 'sclass' as string when unrecognized netlink message occurs
This prints the 'sclass' field as string instead of index in unrecognized netlink message.
The textual representation makes it easier to distinguish the right class.

Signed-off-by: Marek Milkovic <mmilkovi@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
[PM: 80-char width fixes]
Signed-off-by: Paul Moore <pmoore@redhat.com>
2015-06-04 16:22:16 -04:00
James Morris
e6e29a4eae Merge branch 'smack-for-4.2-stacked' of https://github.com/cschaufler/smack-next into next 2015-06-03 19:10:29 +10:00
Rafal Krypa
c0d77c8844 Smack: allow multiple labels in onlycap
Smack onlycap allows limiting of CAP_MAC_ADMIN and CAP_MAC_OVERRIDE to
processes running with the configured label. But having single privileged
label is not enough in some real use cases. On a complex system like Tizen,
there maybe few programs that need to configure Smack policy in run-time
and running them all with a single label is not always practical.
This patch extends onlycap feature for multiple labels. They are configured
in the same smackfs "onlycap" interface, separated by spaces.

Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
2015-06-02 11:53:42 -07:00
Rafal Krypa
01fa8474fb Smack: fix seq operations in smackfs
Use proper RCU functions and read locking in smackfs seq_operations.

Smack gets away with not using proper RCU functions in smackfs, because
it never removes entries from these lists. But now one list will be
needed (with interface in smackfs) that will have both elements added and
removed to it.
This change will also help any future changes implementing removal of
unneeded entries from other Smack lists.

The patch also fixes handling of pos argument in smk_seq_start and
smk_seq_next. This fixes a bug in case when smackfs is read with a small
buffer:

Kernel panic - not syncing: Kernel mode fault at addr 0xfa0000011b
CPU: 0 PID: 1292 Comm: dd Not tainted 4.1.0-rc1-00012-g98179b8 #13
Stack:
 00000003 0000000d 7ff39e48 7f69fd00
 7ff39ce0 601ae4b0 7ff39d50 600e587b
 00000010 6039f690 7f69fd40 00612003
Call Trace:
 [<601ae4b0>] load2_seq_show+0x19/0x1d
 [<600e587b>] seq_read+0x168/0x331
 [<600c5943>] __vfs_read+0x21/0x101
 [<601a595e>] ? security_file_permission+0xf8/0x105
 [<600c5ec6>] ? rw_verify_area+0x86/0xe2
 [<600c5fc3>] vfs_read+0xa1/0x14c
 [<600c68e2>] SyS_read+0x57/0xa0
 [<6001da60>] handle_syscall+0x60/0x80
 [<6003087d>] userspace+0x442/0x548
 [<6001aa77>] ? interrupt_end+0x0/0x80
 [<6001daae>] ? copy_chunk_to_user+0x0/0x2b
 [<6002cb6b>] ? save_registers+0x1f/0x39
 [<60032ef7>] ? arch_prctl+0xf5/0x170
 [<6001a92d>] fork_handler+0x85/0x87

Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
2015-06-02 11:53:23 -07:00
Roberto Sassu
8d94eb9b5c ima: pass iint to ima_add_violation()
This patch adds the iint associated to the current inode as a new
parameter of ima_add_violation(). The passed iint is always not NULL
if a violation is detected. This modification will be used to determine
the inode for which there is a violation.

Since the 'd' and 'd-ng' template field init() functions were detecting
a violation from the value of the iint pointer, they now check the new
field 'violation', added to the 'ima_event_data' structure.

Changelog:
 - v1:
   - modified an old comment (Roberto Sassu)

Signed-off-by: Roberto Sassu <rsassu@suse.de>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-05-21 13:59:29 -04:00
Roberto Sassu
23b5741932 ima: wrap event related data to the new ima_event_data structure
All event related data has been wrapped into the new 'ima_event_data'
structure. The main benefit of this patch is that a new information
can be made available to template fields initialization functions
by simply adding a new field to the new structure instead of modifying
the definition of those functions.

Changelog:
 - v2:
   - f_dentry replaced with f_path.dentry (Roberto Sassu)
   - removed declaration of temporary variables in template field functions
     when possible (suggested by Dmitry Kasatkin)

Signed-off-by: Roberto Sassu <rsassu@suse.de>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-05-21 13:59:28 -04:00
Dmitry Kasatkin
9d03a721a3 integrity: add validity checks for 'path' parameter
This patch adds validity checks for 'path' parameter and
makes it const.

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-05-21 13:59:28 -04:00
Mimi Zohar
f2b3dee484 KEYS: fix "ca_keys=" partial key matching
The call to asymmetric_key_hex_to_key_id() from ca_keys_setup()
silently fails with -ENOMEM.  Instead of dynamically allocating
memory from a __setup function, this patch defines a variable
and calls __asymmetric_key_hex_to_key_id(), a new helper function,
directly.

This bug was introduced by 'commit 46963b774d ("KEYS: Overhaul
key identification when searching for asymmetric keys")'.

Changelog:
- for clarification, rename hexlen to asciihexlen in
  asymmetric_key_hex_to_key_id()
- add size argument to __asymmetric_key_hex_to_key_id() - David Howells
- inline __asymmetric_key_hex_to_key_id() - David Howells
- remove duplicate strlen() calls

Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: stable@vger.kernel.org # 3.18
2015-05-21 13:58:59 -04:00
Dmitry Kasatkin
7c51bb00c4 evm: fix potential race when removing xattrs
EVM needs to be atomically updated when removing xattrs.
Otherwise concurrent EVM verification may fail in between.
This patch fixes by moving i_mutex unlocking after calling
EVM hook. fsnotify_xattr() is also now called while locked
the same way as it is done in __vfs_setxattr_noperm.

Changelog:
- remove unused 'inode' variable.

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-05-21 13:28:47 -04:00
Mimi Zohar
5101a1850b evm: labeling pseudo filesystems exception
To prevent offline stripping of existing file xattrs and relabeling of
them at runtime, EVM allows only newly created files to be labeled.  As
pseudo filesystems are not persistent, stripping of xattrs is not a
concern.

Some LSMs defer file labeling on pseudo filesystems.  This patch
permits the labeling of existing files on pseudo files systems.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-05-21 13:28:47 -04:00
Dmitry Kasatkin
a18d0cbfab ima: remove definition of IMA_X509_PATH
CONFIG_IMA_X509_PATH is always defined.  This patch removes the
IMA_X509_PATH definition and uses CONFIG_IMA_X509_PATH.

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-05-21 13:28:47 -04:00
Dmitry Kasatkin
c68ed80c97 ima: limit file hash setting by user to fix and log modes
File hashes are automatically set and updated and should not be
manually set. This patch limits file hash setting to fix and log
modes.

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-05-21 13:28:46 -04:00
Mimi Zohar
cd025f7f94 ima: do not measure or appraise the NSFS filesystem
Include don't appraise or measure rules for the NSFS filesystem
in the builtin ima_tcb and ima_appraise_tcb policies.

Changelog:
- Update documentation

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: stable@vger.kernel.org # 3.19
2015-05-21 13:28:41 -04:00
Roberto Sassu
6438de9f3f ima: skip measurement of cgroupfs files and update documentation
This patch adds a rule in the default measurement policy to skip inodes
in the cgroupfs filesystem. Measurements for this filesystem can be
avoided, as all the digests collected have the same value of the digest of
an empty file.

Furthermore, this patch updates the documentation of IMA policies in
Documentation/ABI/testing/ima_policy to make it consistent with
the policies set in security/integrity/ima/ima_policy.c.

Signed-off-by: Roberto Sassu <rsassu@suse.de>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-05-21 13:27:19 -04:00
Lukasz Pawelczyk
e774ad683f smack: pass error code through pointers
This patch makes the following functions to use ERR_PTR() and related
macros to pass the appropriate error code through returned pointers:

smk_parse_smack()
smk_import_entry()
smk_fetch()

It also makes all the other functions that use them to handle the
error cases properly. This ways correct error codes from places
where they happened can be propagated to the user space if necessary.

Doing this it fixes a bug in onlycap and unconfined files
handling. Previously their content was cleared on any error from
smk_import_entry/smk_parse_smack, be it EINVAL (as originally intended)
or ENOMEM. Right now it only reacts on EINVAL passing other codes
properly to userspace.

Comments have been updated accordingly.

Signed-off-by: Lukasz Pawelczyk <l.pawelczyk@samsung.com>
2015-05-15 08:36:03 -07:00
Seung-Woo Kim
9777582e8d Smack: ignore private inode for smack_file_receive
The dmabuf fd can be shared between processes via unix domain
socket. The file of dmabuf fd is came from anon_inode. The inode
has no set and get xattr operations, so it can not be shared
between processes with smack. This patch fixes just to ignore
private inode including anon_inode for smack_file_receive.

Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
2015-05-15 08:35:50 -07:00
Roberto Sassu
8265a2f89c ima: added ima-sig template among choices in kernel-parameters.txt
This patch adds the template 'ima-sig' among choices for the kernel
parameter 'ima_template'.

Signed-off-by: Roberto Sassu <rsassu@suse.de>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-05-13 06:07:19 -04:00
Dan Carpenter
5577857f8e ima: cleanup ima_init_policy() a little
It's a bit easier to read this if we split it up into two for loops.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2015-05-13 06:07:19 -04:00
Casey Schaufler
1ddd3b4e07 LSM: Remove unused capability.c
The stub functions in capability.c are no longer required
with the list based stacking mechanism. Remove the file.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2015-05-12 15:00:45 +10:00
Casey Schaufler
b1d9e6b064 LSM: Switch to lists of hooks
Instead of using a vector of security operations
with explicit, special case stacking of the capability
and yama hooks use lists of hooks with capability and
yama hooks included as appropriate.

The security_operations structure is no longer required.
Instead, there is a union of the function pointers that
allows all the hooks lists to use a common mechanism for
list management while retaining typing. Each module
supplies an array describing the hooks it provides instead
of a sparsely populated security_operations structure.
The description includes the element that gets put on
the hook list, avoiding the issues surrounding individual
element allocation.

The method for registering security modules is changed to
reflect the information available. The method for removing
a module, currently only used by SELinux, has also changed.
It should be generic now, however if there are potential
race conditions based on ordering of hook removal that needs
to be addressed by the calling module.

The security hooks are called from the lists and the first
failure is returned.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2015-05-12 15:00:41 +10:00
Casey Schaufler
e20b043a69 LSM: Add security module hook list heads
Add a list header for each security hook. They aren't used until
later in the patch series. They are grouped together in a structure
so that there doesn't need to be an external address for each.

Macro-ize the initialization of the security_operations
for each security module in anticipation of changing out
the security_operations structure.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2015-05-12 15:00:36 +10:00
Casey Schaufler
f25fce3e8f LSM: Introduce security hook calling Macros
Introduce two macros around calling the functions in the
security operations vector. The marco versions here do not
change any behavior.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2015-05-12 15:00:30 +10:00
Casey Schaufler
346033a28f LSM: Remove a comment from security.h
Remove the large comment describing the content of the
security_operations structure from security.h. This
wasn't done in the previous (2/7) patch because it
would have exceeded the mail list size limits.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2015-05-12 15:00:25 +10:00
Casey Schaufler
fe7bb272ee LSM: Add the comment to lsm_hooks.h
Add the large comment describing the content of the
security_operations structure to lsm_hooks.h. This
wasn't done in the previous (1/7) patch because it
would have exceeded the mail list size limits.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2015-05-12 15:00:21 +10:00
Casey Schaufler
3c4ed7bdf5 LSM: Split security.h
The security.h header file serves two purposes,
interfaces for users of the security modules and
interfaces for security modules. Users of the
security modules don't need to know about what's
in the security_operations structure, so pull it
out into it's own header, lsm_hooks.h

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Paul Moore <paul@paul-moore.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2015-05-12 15:00:16 +10:00
Linus Torvalds
b787f68c36 Linux 4.1-rc1 2015-04-26 17:59:10 -07:00
Andy Lutomirski
61f01dd941 x86_64, asm: Work around AMD SYSRET SS descriptor attribute issue
AMD CPUs don't reinitialize the SS descriptor on SYSRET, so SYSRET with
SS == 0 results in an invalid usermode state in which SS is apparently
equal to __USER_DS but causes #SS if used.

Work around the issue by setting SS to __KERNEL_DS __switch_to, thus
ensuring that SYSRET never happens with SS set to NULL.

This was exposed by a recent vDSO cleanup.

Fixes: e7d6eefaaa x86/vdso32/syscall.S: Do not load __USER32_DS to %ss
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Peter Anvin <hpa@zytor.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Denys Vlasenko <vda.linux@googlemail.com>
Cc: Brian Gerst <brgerst@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2015-04-26 17:57:38 -07:00
Linus Torvalds
1190944f4b Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux
Pull intel drm fixes from Dave Airlie.

* 'drm-fixes' of git://people.freedesktop.org/~airlied/linux:
  drm/i915: vlv: fix save/restore of GFX_MAX_REQ_COUNT reg
  drm/i915: Workaround to avoid lite restore with HEAD==TAIL
  drm/i915: cope with large i2c transfers
2015-04-26 17:55:26 -07:00
Linus Torvalds
9f86262dcc Merge git://git.infradead.org/intel-iommu
Pull intel iommu updates from David Woodhouse:
 "This lays a little of the groundwork for upcoming Shared Virtual
  Memory support — fixing some bogus #defines for capability bits and
  adding the new ones, and starting to use the new wider page tables
  where we can, in anticipation of actually filling in the new fields
  therein.

  It also allows graphics devices to be assigned to VM guests again.
  This got broken in 3.17 by disallowing assignment of RMRR-afflicted
  devices.  Like USB, we do understand why there's an RMRR for graphics
  devices — and unlike USB, it's actually sane.  So we can make an
  exception for graphics devices, just as we do USB controllers.

  Finally, tone down the warning about the X2APIC_OPT_OUT bit, due to
  persistent requests.  X2APIC_OPT_OUT was added to the spec as a nasty
  hack to allow broken BIOSes to forbid us from using X2APIC when they
  do stupid and invasive things and would break if we did.

  Someone noticed that since Windows doesn't have full IOMMU support for
  DMA protection, setting the X2APIC_OPT_OUT bit made Windows avoid
  initialising the IOMMU on the graphics unit altogether.

  This means that it would be available for use in "driver mode", where
  the IOMMU registers are made available through a BAR of the graphics
  device and the graphics driver can do SVM all for itself.

  So they started setting the X2APIC_OPT_OUT bit on *all* platforms with
  SVM capabilities.  And even the platforms which *might*, if the
  planets had been aligned correctly, possibly have had SVM capability
  but which in practice actually don't"

* git://git.infradead.org/intel-iommu:
  iommu/vt-d: support extended root and context entries
  iommu/vt-d: Add new extended capabilities from v2.3 VT-d specification
  iommu/vt-d: Allow RMRR on graphics devices too
  iommu/vt-d: Print x2apic opt out info instead of printing a warning
  iommu/vt-d: kill bogus ecap_niotlb_iunits()
2015-04-26 17:47:46 -07:00
Linus Torvalds
85f2901bdf Merge branch 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux
Pull i2c fixes from Wolfram Sang:
 "This has a mixture of merge window cleanups and bugfixes"

* 'i2c/for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
  i2c: st: add include for pinctrl
  i2c: mux: use proper dev when removing "channel-X" symlinks
  i2c: digicolor: remove duplicate include
  i2c: Mark adapter devices with pm_runtime_no_callbacks
  i2c: pca-platform: fix broken email address
  i2c: mxs: fix broken email address
  i2c: rk3x: report number of messages transmitted
2015-04-26 17:44:09 -07:00
Linus Torvalds
f583381f50 Merge branch 'for-linus-4.1' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
Pull btrfs fixes from Chris Mason:
 "Filipe hit two problems in my block group cache patches.  We finalized
  the fixes last week and ran through more tests"

* 'for-linus-4.1' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs:
  Btrfs: prevent list corruption during free space cache processing
  Btrfs: fix inode cache writeout
2015-04-26 17:40:30 -07:00
Dave Airlie
59fd7e4b0b Merge tag 'drm-intel-next-fixes-2015-04-25' of git://anongit.freedesktop.org/drm-intel into drm-fixes
three fixes for i915.

* tag 'drm-intel-next-fixes-2015-04-25' of git://anongit.freedesktop.org/drm-intel:
  drm/i915: vlv: fix save/restore of GFX_MAX_REQ_COUNT reg
  drm/i915: Workaround to avoid lite restore with HEAD==TAIL
  drm/i915: cope with large i2c transfers
2015-04-27 10:35:15 +10:00
Linus Torvalds
59953fba87 NFS client updates for Linux 4.1
Highlights include:
 
 Stable patches:
 - Fix a regression in /proc/self/mountstats
 - Fix the pNFS flexfiles O_DIRECT support
 - Fix high load average due to callback thread sleeping
 
 Bugfixes:
 - Various patches to fix the pNFS layoutcommit support
 - Do not cache pNFS deviceids unless server notifications are enabled
 - Fix a SUNRPC transport reconnection regression
 - make debugfs file creation failure non-fatal in SUNRPC
 - Another fix for circular directory warnings on NFSv4 "junctioned" mountpoints
 - Fix locking around NFSv4.2 fallocate() support
 - Truncating NFSv4 file opens should also sync O_DIRECT writes
 - Prevent infinite loop in rpcrdma_ep_create()
 
 Features:
 - Various improvements to the RDMA transport code's handling of memory
   registration
 - Various code cleanups
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJVOmT6AAoJEGcL54qWCgDyrhYQAMPKXB55jrdOR/7UVSF/xPML
 7OjMGHvBnTn/y0pNIyLyS1PjTZZsD/WZjoW9EFGpTv727qQNVoFxFRLNUcgi3NoL
 1YledCkLf7Q32aqod93SRRFPc9hzBoKhOZpOzBuWaAviyAB3KLi70DWAq9qRReYM
 prXUQQjpW5FLU+B2ifaVc2RCnu/rZ2c02YdR2XdtkBaAJxuhB2vR8IY1evwjCv3R
 5zyLDd9zSDDoArdpUzM97cxZPcYRSqbOwgTKvaaRnDDq/mKbKMZaqmEfjblwzNFt
 b43FbveJzZ3hlPADIpmaiMHjRTbxWjIKc9K1sOF2FPfcuPe2yM3DMAxDegUkEveS
 7fkbv/qRZ30NqfchGanX/pmBlLOcdI76qe/bwhN19wCnw48O1eeHi1HK8rWGhU+E
 qcrRZ3ZS2ufP/MVBuhauy0qU9Q4wcEtm7NGGP1231ZtmfjHKyBa4pLirNfG1AlJt
 dK7tBrknVx+WVm/UddJp/fEsxbP0+fki6TwzioHUSWcz8rDVYF6PFT/QPM54SX2h
 0oqwvu6d/uShpkVRm+fbje8FHmUxKdgqDsCYX2fNjWskh1oXSPsItvjqmTmTlE0i
 EBmBwVwI0uB1ZQ3PrJLadhRcO3ZJmLQ5gNj456dstvWy6UQds1xyIQ/DgvmlzxWO
 E9t0l18xHGRwbndsDa8f
 =j5dP
 -----END PGP SIGNATURE-----

Merge tag 'nfs-for-4.1-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs

Pull NFS client updates from Trond Myklebust:
 "Another set of mainly bugfixes and a couple of cleanups.  No new
  functionality in this round.

  Highlights include:

  Stable patches:
   - Fix a regression in /proc/self/mountstats
   - Fix the pNFS flexfiles O_DIRECT support
   - Fix high load average due to callback thread sleeping

  Bugfixes:
   - Various patches to fix the pNFS layoutcommit support
   - Do not cache pNFS deviceids unless server notifications are enabled
   - Fix a SUNRPC transport reconnection regression
   - make debugfs file creation failure non-fatal in SUNRPC
   - Another fix for circular directory warnings on NFSv4 "junctioned"
     mountpoints
   - Fix locking around NFSv4.2 fallocate() support
   - Truncating NFSv4 file opens should also sync O_DIRECT writes
   - Prevent infinite loop in rpcrdma_ep_create()

  Features:
   - Various improvements to the RDMA transport code's handling of
     memory registration
   - Various code cleanups"

* tag 'nfs-for-4.1-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs: (55 commits)
  fs/nfs: fix new compiler warning about boolean in switch
  nfs: Remove unneeded casts in nfs
  NFS: Don't attempt to decode missing directory entries
  Revert "nfs: replace nfs_add_stats with nfs_inc_stats when add one"
  NFS: Rename idmap.c to nfs4idmap.c
  NFS: Move nfs_idmap.h into fs/nfs/
  NFS: Remove CONFIG_NFS_V4 checks from nfs_idmap.h
  NFS: Add a stub for GETDEVICELIST
  nfs: remove WARN_ON_ONCE from nfs_direct_good_bytes
  nfs: fix DIO good bytes calculation
  nfs: Fetch MOUNTED_ON_FILEID when updating an inode
  sunrpc: make debugfs file creation failure non-fatal
  nfs: fix high load average due to callback thread sleeping
  NFS: Reduce time spent holding the i_mutex during fallocate()
  NFS: Don't zap caches on fallocate()
  xprtrdma: Make rpcrdma_{un}map_one() into inline functions
  xprtrdma: Handle non-SEND completions via a callout
  xprtrdma: Add "open" memreg op
  xprtrdma: Add "destroy MRs" memreg op
  xprtrdma: Add "reset MRs" memreg op
  ...
2015-04-26 17:33:59 -07:00
Linus Torvalds
9ec3a646fe Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull fourth vfs update from Al Viro:
 "d_inode() annotations from David Howells (sat in for-next since before
  the beginning of merge window) + four assorted fixes"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
  RCU pathwalk breakage when running into a symlink overmounting something
  fix I_DIO_WAKEUP definition
  direct-io: only inc/dec inode->i_dio_count for file systems
  fs/9p: fix readdir()
  VFS: assorted d_backing_inode() annotations
  VFS: fs/inode.c helpers: d_inode() annotations
  VFS: fs/cachefiles: d_backing_inode() annotations
  VFS: fs library helpers: d_inode() annotations
  VFS: assorted weird filesystems: d_inode() annotations
  VFS: normal filesystems (and lustre): d_inode() annotations
  VFS: security/: d_inode() annotations
  VFS: security/: d_backing_inode() annotations
  VFS: net/: d_inode() annotations
  VFS: net/unix: d_backing_inode() annotations
  VFS: kernel/: d_inode() annotations
  VFS: audit: d_backing_inode() annotations
  VFS: Fix up some ->d_inode accesses in the chelsio driver
  VFS: Cachefiles should perform fs modifications on the top layer only
  VFS: AF_UNIX sockets should call mknod on the top layer only
2015-04-26 17:22:07 -07:00
Linus Torvalds
c8b3fd0ce3 More power management and ACPI updates for v4.1-rc1
- Fix a build warning in the intel_pstate driver showing up in non-SMP
    builds (Borislav Petkov).
 
  - Change one of the intel_pstate's P-state selection parameters for
    Baytrail and Cherrytrail CPUs to significantly improve performance
    at the cost of a small increase in energy consumption (Kristen
    Carlson Accardi).
 
  - Fix a NULL pointer dereference in the ACPI EC driver due to an unsafe
    list walk in the query handler removal routine (Chris Bainbridge).
 
  - Get rid of a false-positive lockdep warning in the ACPI container
    hot-remove code (Rafael J Wysocki).
 
  - Prevent the ACPI device enumeration code from creating device
    objects of a wrong type in some cases (Rafael J Wysocki).
 
  - Add Skylake processors support to the Intel RAPL power capping
    driver (Brian Bian).
 
  - Drop the stale MAINTAINERS entry for the ACPI dock driver that is
    regarded as part of the ACPI core and maintained along with it now
    (Chao Yu).
 
  - Fix cpupower tool breakage caused by a library API change in libpci
    3.3.0 (Lucas Stach).
 
 /
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABCAAGBQJVOoMNAAoJEILEb/54YlRxx+QP/A/gaX9GgB6rv627Khlaw2AK
 PpE1SrJoU9jAEwPqXtRnYc/6nducDzO5XaHOdWaV02YCpKLL5vIyia6wcy7cf4kr
 6vJUnBz0OiHjp4e4sYrvIGt7RrLnlodayKAzNgtjDjF2JE3gzOOldD0klcfisiUP
 Uc7Y3bpFndS8fwpcJO0tGm73aA9kNC5N8sYxgtuv/OAeMmJgi0fIi2V227XIurJU
 48nMJ1v7M3OChmhdfxEtUSR9TM8J0Ck3yJwPYORNFItRCGqHJb3WY6lo1kbNcv1g
 SLwbw+nCaq+E4k2PtDAsg68Ni0uGGnytcBTzhtPeUOdPRulp4CHCnZEyMUBwFVV8
 gZlgL2S3CxcBlZ52hVB9tAhAyRcxmaWrp1v/hNsTh1xX9v9JFUFdpjYvk1RlHKwD
 aT30G1mV8icU9lrYzhNOnh9gMrZVv6wy4sp4Uk1NLa17WXu+p0LMrCX8HJEb3PT3
 rYZ8jbzo422lTksopiLTLhY4ipgX+kysa7NhTtw/J5Hb9xctho0uTsIhP6sSkh2e
 eHO8WthEpF36228n6qiGGTBMcs4xPD8goxXCeBmgsBeVAQDaVR1IcArVTS+HAaJX
 KOhemws+ThpEpjqB8jbpa42OEmY1Um3UUufHwnJIX54vGkSlXBxXE9r3hCwK7Mgu
 hQhnM9hargHcy9Z8vd91
 =0bKD
 -----END PGP SIGNATURE-----

Merge tag 'pm+acpi-4.1-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm

Pull more power management and ACPI updates from Rafael Wysocki:
 "These are fixes mostly (intel_pstate, ACPI core, ACPI EC driver,
  cpupower tool), a new CPU ID for the Intel RAPL driver and one
  intel_pstate driver improvement that didn't make it to my previous
  pull requests due to timing.

  Specifics:

   - Fix a build warning in the intel_pstate driver showing up in
     non-SMP builds (Borislav Petkov)

   - Change one of the intel_pstate's P-state selection parameters for
     Baytrail and Cherrytrail CPUs to significantly improve performance
     at the cost of a small increase in energy consumption (Kristen
     Carlson Accardi)

   - Fix a NULL pointer dereference in the ACPI EC driver due to an
     unsafe list walk in the query handler removal routine (Chris
     Bainbridge)

   - Get rid of a false-positive lockdep warning in the ACPI container
     hot-remove code (Rafael J Wysocki)

   - Prevent the ACPI device enumeration code from creating device
     objects of a wrong type in some cases (Rafael J Wysocki)

   - Add Skylake processors support to the Intel RAPL power capping
     driver (Brian Bian)

   - Drop the stale MAINTAINERS entry for the ACPI dock driver that is
     regarded as part of the ACPI core and maintained along with it now
     (Chao Yu)

   - Fix cpupower tool breakage caused by a library API change in libpci
     3.3.0 (Lucas Stach)"

* tag 'pm+acpi-4.1-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
  ACPI / scan: Add a scan handler for PRP0001
  ACPI / scan: Annotate physical_node_lock in acpi_scan_is_offline()
  ACPI / EC: fix NULL pointer dereference in acpi_ec_remove_query_handler()
  MAINTAINERS: remove maintainship entry of docking station driver
  powercap / RAPL: Add support for Intel Skylake processors
  cpufreq: intel_pstate: Fix an annoying !CONFIG_SMP warning
  intel_pstate: Change the setpoint for Atom params
  cpupower: fix breakage from libpci API change
2015-04-26 13:56:35 -07:00
Linus Torvalds
d89b3e19ef Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
 "This push fixes a build problem with img-hash under non-standard
  configurations and a serious regression with sha512_ssse3 which can
  lead to boot failures"

* git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: img-hash - CRYPTO_DEV_IMGTEC_HASH should depend on HAS_DMA
  crypto: x86/sha512_ssse3 - fixup for asm function prototype change
2015-04-26 13:51:05 -07:00
Linus Torvalds
78d4256772 platform-drivers-x86 for 4.1
dell-laptop: Add support for keyboard backlight.
 toshiba_acpi: Adaptive keyboard, hotkey, USB sleep and charge,
               and backlight updates. Update sysfs documentation.
 toshiba_bluetooth: Fix enabling/disabling loop on recent devices
 apple-gmux: lock iGP IO to protect from vgaarb changes
 other: Fix typos, clear gcc warnings, clarify pr_* messages,
        correct return types, update MAINTAINERS.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJVOzXzAAoJEKbMaAwKp364yjQH/3RJQAiemygVKTv8npk6am4W
 6NjoQHwFbvbHnea1DsMBI66DgvDFuXBi04/eKoFtZiSQdt3LOWyF04VY7yPdGKT/
 0yIgxMonhLk/lbBiU1PmyAsloOI4mG3zylOO+zJv66LeW0q2vjlLK7xE7AJn0dVU
 hRn+Wl0YCjPzEEB4uZpKY6V0+7ys0Odxd2MeYu7pcs5DQzbvzeo4JRwUL4VtNiX9
 M1I4ucBRA9jjnuNDzr4d9WtttorOOymoBYy3KFE+2QzDr5chhXTbWp6mRzwnYRvy
 siOEPLzeR9jTSB4U514I1CktsCmYxvGnrGcNj1IgiY8VFujoh9j6Ndh339f8064=
 =O+n4
 -----END PGP SIGNATURE-----

Merge tag 'platform-drivers-x86-v4.1-1' of git://git.infradead.org/users/dvhart/linux-platform-drivers-x86

Pull x86 platform driver updates from Darren Hart:
 "This series includes significant updates to the toshiba_acpi driver
  and the reintroduction of the dell-laptop keyboard backlight additions
  I had to revert previously.  Also included are various fixes for
  typos, warnings, correctness, and minor bugs.

  Specifics:

  dell-laptop:
     - add support for keyboard backlight.

  toshiba_acpi:
     - adaptive keyboard, hotkey, USB sleep and charge, and backlight
       updates.  Update sysfs documentation.

  toshiba_bluetooth:
     - fix enabling/disabling loop on recent devices

  apple-gmux:
     - lock iGP IO to protect from vgaarb changes

  other:
     - Fix typos, clear gcc warnings, clarify pr_* messages, correct
       return types, update MAINTAINERS"

* tag 'platform-drivers-x86-v4.1-1' of git://git.infradead.org/users/dvhart/linux-platform-drivers-x86: (25 commits)
  toshiba_acpi: Do not register vendor backlight when acpi_video bl is available
  MAINTAINERS: Add me on list of Dell laptop drivers
  platform: x86: dell-laptop: Add support for keyboard backlight
  Documentation/ABI: Update sysfs-driver-toshiba_acpi entry
  toshiba_acpi: Fix pr_* messages from USB Sleep Functions
  toshiba_acpi: Update and fix USB Sleep and Charge modes
  wmi: Use bool function return values of true/false not 1/0
  toshiba_bluetooth: Fix enabling/disabling loop on recent devices
  toshiba_bluetooth: Clean up *_add function and disable BT device at removal
  toshiba_bluetooth: Add three new functions to the driver
  toshiba_acpi: Fix the enabling of the Special Functions
  toshiba_acpi: Use the Hotkey Event Type function for keymap choosing
  toshiba_acpi: Add Hotkey Event Type function and definitions
  x86/wmi: delete unused wmi_data_lock mutex causing gcc warning
  apple-gmux: lock iGP IO to protect from vgaarb changes
  MAINTAINERS: Add missing Toshiba devices and add myself as maintainer
  toshiba_acpi: Update events in toshiba_acpi_notify
  intel-oaktrail: Fix trivial typo in comment
  thinkpad_acpi: off by one in adaptive_keyboard_hotkey_notify_hotkey()
  thinkpad_acpi: signedness bugs getting current_mode
  ...
2015-04-26 13:44:46 -07:00