--- linux-3.2.0.orig/MAINTAINERS +++ linux-3.2.0/MAINTAINERS @@ -4901,6 +4901,13 @@ F: include/scsi/osd_* F: fs/exofs/ +OVERLAYFS FILESYSTEM +M: Miklos Szeredi +L: linux-fsdevel@vger.kernel.org +S: Supported +F: fs/overlayfs/* +F: Documentation/filesystems/overlayfs.txt + P54 WIRELESS DRIVER M: Christian Lamparter L: linux-wireless@vger.kernel.org @@ -6258,7 +6265,7 @@ STABLE BRANCH M: Greg Kroah-Hartman -L: stable@kernel.org +L: stable@vger.kernel.org S: Maintained STAGING SUBSYSTEM --- linux-3.2.0.orig/Makefile +++ linux-3.2.0/Makefile @@ -1,6 +1,6 @@ VERSION = 3 PATCHLEVEL = 2 -SUBLEVEL = 0 +SUBLEVEL = 9 EXTRAVERSION = NAME = Saber-toothed Squirrel @@ -354,14 +354,23 @@ AFLAGS_KERNEL = CFLAGS_GCOV = -fprofile-arcs -ftest-coverage +# Prefer linux-backports-modules +ifneq ($(KBUILD_SRC),) +ifneq ($(shell if test -e $(KBUILD_OUTPUT)/ubuntu-build; then echo yes; fi),yes) +UBUNTUINCLUDE := -I/usr/src/linux-headers-lbm-$(KERNELRELEASE) +endif +endif # Use LINUXINCLUDE when you must reference the include/ directory. # Needed to be compatible with the O= option -LINUXINCLUDE := -I$(srctree)/arch/$(hdr-arch)/include \ +LINUXINCLUDE := $(UBUNTUINCLUDE) -I$(srctree)/arch/$(hdr-arch)/include \ -Iarch/$(hdr-arch)/include/generated -Iinclude \ $(if $(KBUILD_SRC), -I$(srctree)/include) \ -include $(srctree)/include/linux/kconfig.h +# UBUNTU: Include our third party driver stuff too +LINUXINCLUDE += -Iubuntu/include $(if $(KBUILD_SRC),-I$(srctree)/ubuntu/include) + KBUILD_CPPFLAGS := -D__KERNEL__ KBUILD_CFLAGS := -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs \ @@ -507,7 +516,7 @@ # Objects we will link into vmlinux / subdirs we need to visit init-y := init/ -drivers-y := drivers/ sound/ firmware/ +drivers-y := drivers/ sound/ firmware/ ubuntu/ net-y := net/ libs-y := lib/ core-y := usr/ @@ -1060,6 +1069,7 @@ $(error Headers not exportable for the $(SRCARCH) architecture)) $(Q)$(MAKE) $(hdr-inst)=include $(Q)$(MAKE) $(hdr-inst)=arch/$(hdr-arch)/include/asm $(hdr-dst) + $(Q)$(MAKE) $(hdr-inst)=ubuntu/include dst=include oldheaders= PHONY += headers_check_all headers_check_all: headers_install_all @@ -1069,6 +1079,7 @@ headers_check: headers_install $(Q)$(MAKE) $(hdr-inst)=include HDRCHECK=1 $(Q)$(MAKE) $(hdr-inst)=arch/$(hdr-arch)/include/asm $(hdr-dst) HDRCHECK=1 + $(Q)$(MAKE) $(hdr-inst)=ubuntu/include dst=include oldheaders= HDRCHECK=1 # --------------------------------------------------------------------------- # Modules --- linux-3.2.0.orig/dropped.txt +++ linux-3.2.0/dropped.txt @@ -0,0 +1 @@ +UBUNTU: SAUCE: (no-up) Restore VT fonts on switch --- linux-3.2.0.orig/Documentation/HOWTO +++ linux-3.2.0/Documentation/HOWTO @@ -275,8 +275,8 @@ If no 2.6.x.y kernel is available, then the highest numbered 2.6.x kernel is the current stable kernel. -2.6.x.y are maintained by the "stable" team , and are -released as needs dictate. The normal release period is approximately +2.6.x.y are maintained by the "stable" team , and +are released as needs dictate. The normal release period is approximately two weeks, but it can be longer if there are no pressing problems. A security-related problem, instead, can cause a release to happen almost instantly. --- linux-3.2.0.orig/Documentation/kernel-parameters.txt +++ linux-3.2.0/Documentation/kernel-parameters.txt @@ -252,12 +252,15 @@ For broken nForce2 BIOS resulting in XT-PIC timer. acpi_sleep= [HW,ACPI] Sleep options - Format: { s3_bios, s3_mode, s3_beep, s4_nohwsig, + Format: { s3_bios, s3_mode, s3_beep, s3_leds, s4_nohwsig, old_ordering, nonvs, sci_force_enable } See Documentation/power/video.txt for information on s3_bios and s3_mode. s3_beep is for debugging; it makes the PC's speaker beep as soon as the kernel's real-mode entry point is called. + s3_leds is for debugging; it flashes the keyboard LEDs + 3 times as soon as the kernel's real-mode entry point is + called. s4_nohwsig prevents ACPI hardware signature from being used during resume from hibernation. old_ordering causes the ACPI 1.0 ordering of the _PTS --- linux-3.2.0.orig/Documentation/development-process/5.Posting +++ linux-3.2.0/Documentation/development-process/5.Posting @@ -271,10 +271,10 @@ the linux-kernel list. - If you are fixing a bug, think about whether the fix should go into the - next stable update. If so, stable@kernel.org should get a copy of the - patch. Also add a "Cc: stable@kernel.org" to the tags within the patch - itself; that will cause the stable team to get a notification when your - fix goes into the mainline. + next stable update. If so, stable@vger.kernel.org should get a copy of + the patch. Also add a "Cc: stable@vger.kernel.org" to the tags within + the patch itself; that will cause the stable team to get a notification + when your fix goes into the mainline. When selecting recipients for a patch, it is good to have an idea of who you think will eventually accept the patch and get it merged. While it --- linux-3.2.0.orig/Documentation/filesystems/Locking +++ linux-3.2.0/Documentation/filesystems/Locking @@ -62,6 +62,7 @@ int (*removexattr) (struct dentry *, const char *); void (*truncate_range)(struct inode *, loff_t, loff_t); int (*fiemap)(struct inode *, struct fiemap_extent_info *, u64 start, u64 len); + struct file *(*open)(struct dentry *,struct file *,const struct cred *); locking rules: all may block @@ -89,6 +90,7 @@ removexattr: yes truncate_range: yes fiemap: no +open: no Additionally, ->rmdir(), ->unlink() and ->rename() have ->i_mutex on victim. cross-directory ->rename() has (per-superblock) ->s_vfs_rename_sem. --- linux-3.2.0.orig/Documentation/filesystems/overlayfs.txt +++ linux-3.2.0/Documentation/filesystems/overlayfs.txt @@ -0,0 +1,199 @@ +Written by: Neil Brown + +Overlay Filesystem +================== + +This document describes a prototype for a new approach to providing +overlay-filesystem functionality in Linux (sometimes referred to as +union-filesystems). An overlay-filesystem tries to present a +filesystem which is the result over overlaying one filesystem on top +of the other. + +The result will inevitably fail to look exactly like a normal +filesystem for various technical reasons. The expectation is that +many use cases will be able to ignore these differences. + +This approach is 'hybrid' because the objects that appear in the +filesystem do not all appear to belong to that filesystem. In many +cases an object accessed in the union will be indistinguishable +from accessing the corresponding object from the original filesystem. +This is most obvious from the 'st_dev' field returned by stat(2). + +While directories will report an st_dev from the overlay-filesystem, +all non-directory objects will report an st_dev from the lower or +upper filesystem that is providing the object. Similarly st_ino will +only be unique when combined with st_dev, and both of these can change +over the lifetime of a non-directory object. Many applications and +tools ignore these values and will not be affected. + +Upper and Lower +--------------- + +An overlay filesystem combines two filesystems - an 'upper' filesystem +and a 'lower' filesystem. When a name exists in both filesystems, the +object in the 'upper' filesystem is visible while the object in the +'lower' filesystem is either hidden or, in the case of directories, +merged with the 'upper' object. + +It would be more correct to refer to an upper and lower 'directory +tree' rather than 'filesystem' as it is quite possible for both +directory trees to be in the same filesystem and there is no +requirement that the root of a filesystem be given for either upper or +lower. + +The lower filesystem can be any filesystem supported by Linux and does +not need to be writable. The lower filesystem can even be another +overlayfs. The upper filesystem will normally be writable and if it +is it must support the creation of trusted.* extended attributes, and +must provide valid d_type in readdir responses, at least for symbolic +links - so NFS is not suitable. + +A read-only overlay of two read-only filesystems may use any +filesystem type. + +Directories +----------- + +Overlaying mainly involved directories. If a given name appears in both +upper and lower filesystems and refers to a non-directory in either, +then the lower object is hidden - the name refers only to the upper +object. + +Where both upper and lower objects are directories, a merged directory +is formed. + +At mount time, the two directories given as mount options are combined +into a merged directory: + + mount -t overlayfs overlayfs -olowerdir=/lower,upperdir=/upper /overlay + +Then whenever a lookup is requested in such a merged directory, the +lookup is performed in each actual directory and the combined result +is cached in the dentry belonging to the overlay filesystem. If both +actual lookups find directories, both are stored and a merged +directory is created, otherwise only one is stored: the upper if it +exists, else the lower. + +Only the lists of names from directories are merged. Other content +such as metadata and extended attributes are reported for the upper +directory only. These attributes of the lower directory are hidden. + +whiteouts and opaque directories +-------------------------------- + +In order to support rm and rmdir without changing the lower +filesystem, an overlay filesystem needs to record in the upper filesystem +that files have been removed. This is done using whiteouts and opaque +directories (non-directories are always opaque). + +The overlay filesystem uses extended attributes with a +"trusted.overlay." prefix to record these details. + +A whiteout is created as a symbolic link with target +"(overlay-whiteout)" and with xattr "trusted.overlay.whiteout" set to "y". +When a whiteout is found in the upper level of a merged directory, any +matching name in the lower level is ignored, and the whiteout itself +is also hidden. + +A directory is made opaque by setting the xattr "trusted.overlay.opaque" +to "y". Where the upper filesystem contains an opaque directory, any +directory in the lower filesystem with the same name is ignored. + +readdir +------- + +When a 'readdir' request is made on a merged directory, the upper and +lower directories are each read and the name lists merged in the +obvious way (upper is read first, then lower - entries that already +exist are not re-added). This merged name list is cached in the +'struct file' and so remains as long as the file is kept open. If the +directory is opened and read by two processes at the same time, they +will each have separate caches. A seekdir to the start of the +directory (offset 0) followed by a readdir will cause the cache to be +discarded and rebuilt. + +This means that changes to the merged directory do not appear while a +directory is being read. This is unlikely to be noticed by many +programs. + +seek offsets are assigned sequentially when the directories are read. +Thus if + - read part of a directory + - remember an offset, and close the directory + - re-open the directory some time later + - seek to the remembered offset + +there may be little correlation between the old and new locations in +the list of filenames, particularly if anything has changed in the +directory. + +Readdir on directories that are not merged is simply handled by the +underlying directory (upper or lower). + + +Non-directories +--------------- + +Objects that are not directories (files, symlinks, device-special +files etc.) are presented either from the upper or lower filesystem as +appropriate. When a file in the lower filesystem is accessed in a way +the requires write-access, such as opening for write access, changing +some metadata etc., the file is first copied from the lower filesystem +to the upper filesystem (copy_up). Note that creating a hard-link +also requires copy_up, though of course creation of a symlink does +not. + +The copy_up may turn out to be unnecessary, for example if the file is +opened for read-write but the data is not modified. + +The copy_up process first makes sure that the containing directory +exists in the upper filesystem - creating it and any parents as +necessary. It then creates the object with the same metadata (owner, +mode, mtime, symlink-target etc.) and then if the object is a file, the +data is copied from the lower to the upper filesystem. Finally any +extended attributes are copied up. + +Once the copy_up is complete, the overlay filesystem simply +provides direct access to the newly created file in the upper +filesystem - future operations on the file are barely noticed by the +overlay filesystem (though an operation on the name of the file such as +rename or unlink will of course be noticed and handled). + + +Non-standard behavior +--------------------- + +The copy_up operation essentially creates a new, identical file and +moves it over to the old name. The new file may be on a different +filesystem, so both st_dev and st_ino of the file may change. + +Any open files referring to this inode will access the old data and +metadata. Similarly any file locks obtained before copy_up will not +apply to the copied up file. + +On a file is opened with O_RDONLY fchmod(2), fchown(2), futimesat(2) +and fsetxattr(2) will fail with EROFS. + +If a file with multiple hard links is copied up, then this will +"break" the link. Changes will not be propagated to other names +referring to the same inode. + +Symlinks in /proc/PID/ and /proc/PID/fd which point to a non-directory +object in overlayfs will not contain vaid absolute paths, only +relative paths leading up to the filesystem's root. This will be +fixed in the future. + +Some operations are not atomic, for example a crash during copy_up or +rename will leave the filesystem in an inconsitent state. This will +be addressed in the future. + +Changes to underlying filesystems +--------------------------------- + +Offline changes, when the overlay is not mounted, are allowed to either +the upper or the lower trees. + +Changes to the underlying filesystems while part of a mounted overlay +filesystem are not allowed. If the underlying filesystem is changed, +the behavior of the overlay is undefined, though it will not result in +a crash or deadlock. --- linux-3.2.0.orig/Documentation/filesystems/proc.txt +++ linux-3.2.0/Documentation/filesystems/proc.txt @@ -41,6 +41,8 @@ 3.5 /proc//mountinfo - Information about mounts 3.6 /proc//comm & /proc//task//comm + 4 Configuring procfs + 4.1 Mount options ------------------------------------------------------------------------------ Preface @@ -1542,3 +1544,40 @@ is limited in size compared to the cmdline value, so writing anything longer then the kernel's TASK_COMM_LEN (currently 16 chars) will result in a truncated comm value. + + +------------------------------------------------------------------------------ +Configuring procfs +------------------------------------------------------------------------------ + +4.1 Mount options +--------------------- + +The following mount options are supported: + + hidepid= Set /proc// access mode. + gid= Set the group authorized to learn processes information. + +hidepid=0 means classic mode - everybody may access all /proc// directories +(default). + +hidepid=1 means users may not access any /proc// directories but their +own. Sensitive files like cmdline, sched*, status are now protected against +other users. This makes it impossible to learn whether any user runs +specific program (given the program doesn't reveal itself by its behaviour). +As an additional bonus, as /proc//cmdline is unaccessible for other users, +poorly written programs passing sensitive information via program arguments are +now protected against local eavesdroppers. + +hidepid=2 means hidepid=1 plus all /proc// will be fully invisible to other +users. It doesn't mean that it hides a fact whether a process with a specific +pid value exists (it can be learned by other means, e.g. by "kill -0 $PID"), +but it hides process' uid and gid, which may be learned by stat()'ing +/proc// otherwise. It greatly complicates an intruder's task of gathering +information about running processes, whether some daemon runs with elevated +privileges, whether other user runs some sensitive program, whether other users +run any program at all, etc. + +gid= defines a group authorized to learn processes information otherwise +prohibited by hidepid=. If you use some daemon like identd which needs to learn +information about processes information, just add identd to this group. --- linux-3.2.0.orig/Documentation/filesystems/vfs.txt +++ linux-3.2.0/Documentation/filesystems/vfs.txt @@ -364,6 +364,8 @@ ssize_t (*listxattr) (struct dentry *, char *, size_t); int (*removexattr) (struct dentry *, const char *); void (*truncate_range)(struct inode *, loff_t, loff_t); + struct file *(*open) (struct dentry *, struct file *, + const struct cred *); }; Again, all methods are called without any locks being held, unless @@ -475,6 +477,12 @@ truncate_range: a method provided by the underlying filesystem to truncate a range of blocks , i.e. punch a hole somewhere in a file. + open: this is an alternative to f_op->open(), the difference is that this + method may return any open file, not necessarily originating from the + same filesystem as the one i_op->open() was called on. It may be useful + for stacking filesystems which want to allow native I/O directly on + underlying files. + The Address Space Object ======================== --- linux-3.2.0.orig/Documentation/i2c/busses/i2c-i801 +++ linux-3.2.0/Documentation/i2c/busses/i2c-i801 @@ -20,6 +20,7 @@ * Intel Patsburg (PCH) * Intel DH89xxCC (PCH) * Intel Panther Point (PCH) + * Intel Lynx Point (PCH) Datasheets: Publicly available at the Intel website On Intel Patsburg and later chipsets, both the normal host SMBus controller --- linux-3.2.0.orig/Documentation/input/alps.txt +++ linux-3.2.0/Documentation/input/alps.txt @@ -0,0 +1,188 @@ +ALPS Touchpad Protocol +---------------------- + +Introduction +------------ + +Currently the ALPS touchpad driver supports four protocol versions in use by +ALPS touchpads, called versions 1, 2, 3, and 4. Information about the various +protocol versions is contained in the following sections. + +Detection +--------- + +All ALPS touchpads should respond to the "E6 report" command sequence: +E8-E6-E6-E6-E9. An ALPS touchpad should respond with either 00-00-0A or +00-00-64. + +If the E6 report is successful, the touchpad model is identified using the "E7 +report" sequence: E8-E7-E7-E7-E9. The response is the model signature and is +matched against known models in the alps_model_data_array. + +With protocol versions 3 and 4, the E7 report model signature is always +73-02-64. To differentiate between these versions, the response from the +"Enter Command Mode" sequence must be inspected as described below. + +Command Mode +------------ + +Protocol versions 3 and 4 have a command mode that is used to read and write +one-byte device registers in a 16-bit address space. The command sequence +EC-EC-EC-E9 places the device in command mode, and the device will respond +with 88-07 followed by a third byte. This third byte can be used to determine +whether the devices uses the version 3 or 4 protocol. + +To exit command mode, PSMOUSE_CMD_SETSTREAM (EA) is sent to the touchpad. + +While in command mode, register addresses can be set by first sending a +specific command, either EC for v3 devices or F5 for v4 devices. Then the +address is sent one nibble at a time, where each nibble is encoded as a +command with optional data. This enoding differs slightly between the v3 and +v4 protocols. + +Once an address has been set, the addressed register can be read by sending +PSMOUSE_CMD_GETINFO (E9). The first two bytes of the response contains the +address of the register being read, and the third contains the value of the +register. Registers are written by writing the value one nibble at a time +using the same encoding used for addresses. + +Packet Format +------------- + +In the following tables, the following notation is used. + + CAPITALS = stick, miniscules = touchpad + +?'s can have different meanings on different models, such as wheel rotation, +extra buttons, stick buttons on a dualpoint, etc. + +PS/2 packet format +------------------ + + byte 0: 0 0 YSGN XSGN 1 M R L + byte 1: X7 X6 X5 X4 X3 X2 X1 X0 + byte 2: Y7 Y6 Y5 Y4 Y3 Y2 Y1 Y0 + +Note that the device never signals overflow condition. + +ALPS Absolute Mode - Protocol Verion 1 +-------------------------------------- + + byte 0: 1 0 0 0 1 x9 x8 x7 + byte 1: 0 x6 x5 x4 x3 x2 x1 x0 + byte 2: 0 ? ? l r ? fin ges + byte 3: 0 ? ? ? ? y9 y8 y7 + byte 4: 0 y6 y5 y4 y3 y2 y1 y0 + byte 5: 0 z6 z5 z4 z3 z2 z1 z0 + +ALPS Absolute Mode - Protocol Version 2 +--------------------------------------- + + byte 0: 1 ? ? ? 1 ? ? ? + byte 1: 0 x6 x5 x4 x3 x2 x1 x0 + byte 2: 0 x10 x9 x8 x7 ? fin ges + byte 3: 0 y9 y8 y7 1 M R L + byte 4: 0 y6 y5 y4 y3 y2 y1 y0 + byte 5: 0 z6 z5 z4 z3 z2 z1 z0 + +Dualpoint device -- interleaved packet format +--------------------------------------------- + + byte 0: 1 1 0 0 1 1 1 1 + byte 1: 0 x6 x5 x4 x3 x2 x1 x0 + byte 2: 0 x10 x9 x8 x7 0 fin ges + byte 3: 0 0 YSGN XSGN 1 1 1 1 + byte 4: X7 X6 X5 X4 X3 X2 X1 X0 + byte 5: Y7 Y6 Y5 Y4 Y3 Y2 Y1 Y0 + byte 6: 0 y9 y8 y7 1 m r l + byte 7: 0 y6 y5 y4 y3 y2 y1 y0 + byte 8: 0 z6 z5 z4 z3 z2 z1 z0 + +ALPS Absolute Mode - Protocol Version 3 +--------------------------------------- + +ALPS protocol version 3 has three different packet formats. The first two are +associated with touchpad events, and the third is associatd with trackstick +events. + +The first type is the touchpad position packet. + + byte 0: 1 ? x1 x0 1 1 1 1 + byte 1: 0 x10 x9 x8 x7 x6 x5 x4 + byte 2: 0 y10 y9 y8 y7 y6 y5 y4 + byte 3: 0 M R L 1 m r l + byte 4: 0 mt x3 x2 y3 y2 y1 y0 + byte 5: 0 z6 z5 z4 z3 z2 z1 z0 + +Note that for some devices the trackstick buttons are reported in this packet, +and on others it is reported in the trackstick packets. + +The second packet type contains bitmaps representing the x and y axes. In the +bitmaps a given bit is set if there is a finger covering that position on the +given axis. Thus the bitmap packet can be used for low-resolution multi-touch +data, although finger tracking is not possible. This packet also encodes the +number of contacts (f1 and f0 in the table below). + + byte 0: 1 1 x1 x0 1 1 1 1 + byte 1: 0 x8 x7 x6 x5 x4 x3 x2 + byte 2: 0 y7 y6 y5 y4 y3 y2 y1 + byte 3: 0 y10 y9 y8 1 1 1 1 + byte 4: 0 x14 x13 x12 x11 x10 x9 y0 + byte 5: 0 1 ? ? ? ? f1 f0 + +This packet only appears after a position packet with the mt bit set, and +ususally only appears when there are two or more contacts (although +ocassionally it's seen with only a single contact). + +The final v3 packet type is the trackstick packet. + + byte 0: 1 1 x7 y7 1 1 1 1 + byte 1: 0 x6 x5 x4 x3 x2 x1 x0 + byte 2: 0 y6 y5 y4 y3 y2 y1 y0 + byte 3: 0 1 0 0 1 0 0 0 + byte 4: 0 z4 z3 z2 z1 z0 ? ? + byte 5: 0 0 1 1 1 1 1 1 + +ALPS Absolute Mode - Protocol Version 4 +--------------------------------------- + +Protocol version 4 has an 8-byte packet format. + + byte 0: 1 ? x1 x0 1 1 1 1 + byte 1: 0 x10 x9 x8 x7 x6 x5 x4 + byte 2: 0 y10 y9 y8 y7 y6 y5 y4 + byte 3: 0 1 x3 x2 y3 y2 y1 y0 + byte 4: 0 ? ? ? 1 ? r l + byte 5: 0 z6 z5 z4 z3 z2 z1 z0 + byte 6: bitmap data (described below) + byte 7: bitmap data (described below) + +The last two bytes represent a partial bitmap packet, with 3 full packets +required to construct a complete bitmap packet. Once assembled, the 6-byte +bitmap packet has the following format: + + byte 0: 0 1 x7 x6 x5 x4 x3 x2 + byte 1: 0 x1 x0 y4 y3 y2 y1 y0 + byte 2: 0 0 ? x14 x13 x12 x11 x10 + byte 3: 0 x9 x8 y9 y8 y7 y6 y5 + byte 4: 0 0 0 0 0 0 0 0 + byte 5: 0 0 0 0 0 0 0 y10 + +There are several things worth noting here. + + 1) In the bitmap data, bit 6 of byte 0 serves as a sync byte to + identify the first fragment of a bitmap packet. + + 2) The bitmaps represent the same data as in the v3 bitmap packets, although + the packet layout is different. + + 3) There doesn't seem to be a count of the contact points anywhere in the v4 + protocol packets. Deriving a count of contact points must be done by + analyzing the bitmaps. + + 4) There is a 3 to 1 ratio of position packets to bitmap packets. Therefore + MT position can only be updated for every third ST position update, and + the count of contact points can only be updated every third packet as + well. + +So far no v4 devices with tracksticks have been encountered. --- linux-3.2.0.orig/Documentation/security/00-INDEX +++ linux-3.2.0/Documentation/security/00-INDEX @@ -4,6 +4,8 @@ - how to get started with the SELinux security enhancement. Smack.txt - documentation on the Smack Linux Security Module. +Yama.txt + - documentation on the Yama Linux Security Module. apparmor.txt - documentation on the AppArmor security extension. credentials.txt --- linux-3.2.0.orig/Documentation/security/Yama.txt +++ linux-3.2.0/Documentation/security/Yama.txt @@ -0,0 +1,108 @@ +Yama is a Linux Security Module that collects a number of system-wide DAC +security protections that are not handled by the core kernel itself. To +select it at boot time, specify "security=yama" (though this will disable +any other LSM). + +Yama is controlled through sysctl in /proc/sys/kernel/yama: + +- protected_sticky_symlinks +- protected_nonaccess_hardlinks +- ptrace_scope + +============================================================== + +protected_sticky_symlinks: + +A long-standing class of security issues is the symlink-based +time-of-check-time-of-use race, most commonly seen in world-writable +directories like /tmp. The common method of exploitation of this flaw +is to cross privilege boundaries when following a given symlink (i.e. a +root process follows a symlink belonging to another user). For a likely +incomplete list of hundreds of examples across the years, please see: +http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=/tmp + +When set to "0", symlink following behavior is unrestricted. + +When set to "1" symlinks are permitted to be followed only when outside +a sticky world-writable directory, or when the uid of the symlink and +follower match, or when the directory owner matches the symlink's owner. + +This protection is based on the restrictions in Openwall and grsecurity. + +============================================================== + +protected_nonaccess_hardlinks: + +Hardlinks can be abused in a similar fashion to symlinks in sticky +world-writable directories, but their weakness is not limited to +just that scenario. For example, if /etc and /home are on the same +partition, a regular user can create a hardlink to /etc/shadow in their +home directory. While it retains the original owner and permissions, +it is possible for privileged programs that are otherwise symlink-safe +to mistakenly access the file through its hardlink. Additionally, a very +minor untraceable quota-bypassing local denial of service is possible by +an attacker exhausting disk space by filling a world-writable directory +with hardlinks. + +When set to "0", hardlink creation behavior is unrestricted. + +When set to "1", hardlinks cannot be created to files that a given user +would be unable to read and write originally, or are otherwise sensitive. + +This protection is based on the restrictions in Openwall and grsecurity. + +============================================================== + +ptrace_scope: + +As Linux grows in popularity, it will become a larger target for +malware. One particularly troubling weakness of the Linux process +interfaces is that a single user is able to examine the memory and +running state of any of their processes. For example, if one application +(e.g. Pidgin) was compromised, it would be possible for an attacker to +attach to other running processes (e.g. Firefox, SSH sessions, GPG agent, +etc) to extract additional credentials and continue to expand the scope +of their attack without resorting to user-assisted phishing. + +This is not a theoretical problem. SSH session hijacking +(http://www.storm.net.nz/projects/7) and arbitrary code injection +(http://c-skills.blogspot.com/2007/05/injectso.html) attacks already +exist and remain possible if ptrace is allowed to operate as before. +Since ptrace is not commonly used by non-developers and non-admins, system +builders should be allowed the option to disable this debugging system. + +For a solution, some applications use prctl(PR_SET_DUMPABLE, ...) to +specifically disallow such ptrace attachment (e.g. ssh-agent), but many +do not. A more general solution is to only allow ptrace directly from a +parent to a child process (i.e. direct "gdb EXE" and "strace EXE" still +work), or with CAP_SYS_PTRACE (i.e. "gdb --pid=PID", and "strace -p PID" +still work as root). + +For software that has defined application-specific relationships +between a debugging process and its inferior (crash handlers, etc), +prctl(PR_SET_PTRACER, pid, ...) can be used. An inferior can declare which +other process (and its descendents) are allowed to call PTRACE_ATTACH +against it. Only one such declared debugging process can exists for +each inferior at a time. For example, this is used by KDE, Chromium, and +Firefox's crash handlers, and by Wine for allowing only Wine processes +to ptrace each other. If a process wishes to entirely disable ptrace +restrictions, it can call prctl(PR_SET_PTRACER, PR_SET_PTRACER_ANY, ...) +so that any process (even those in external pid namespaces) may attach. + +The sysctl settings are: + +0 - classic ptrace permissions: a process can PTRACE_ATTACH to any other + process running under the same uid, as long as it is dumpable (i.e. + did not transition uids, start privileged, or have called + prctl(PR_SET_DUMPABLE...) already). + +1 - restricted ptrace: a process must have a predefined relationship + with the inferior it wants to call PTRACE_ATTACH on. By default, + this relationship is that of only its descendants when the above + classic criteria is also met. To change the relationship, an + inferior can call prctl(PR_SET_PTRACER, debugger, ...) to declare + an allowed debugger PID to call PTRACE_ATTACH on the inferior. + +The original children-only logic was based on the restrictions in grsecurity. + +============================================================== --- linux-3.2.0.orig/Documentation/usb/usbmon.txt +++ linux-3.2.0/Documentation/usb/usbmon.txt @@ -47,10 +47,11 @@ 2. Find which bus connects to the desired device -Run "cat /proc/bus/usb/devices", and find the T-line which corresponds to -the device. Usually you do it by looking for the vendor string. If you have -many similar devices, unplug one and compare two /proc/bus/usb/devices outputs. -The T-line will have a bus number. Example: +Run "cat /sys/kernel/debug/usb/devices", and find the T-line which corresponds +to the device. Usually you do it by looking for the vendor string. If you have +many similar devices, unplug one and compare the two +/sys/kernel/debug/usb/devices outputs. The T-line will have a bus number. +Example: T: Bus=03 Lev=01 Prnt=01 Port=00 Cnt=01 Dev#= 2 Spd=12 MxCh= 0 D: Ver= 1.10 Cls=00(>ifc ) Sub=00 Prot=00 MxPS= 8 #Cfgs= 1 @@ -58,7 +59,10 @@ S: Manufacturer=ATEN S: Product=UC100KM V2.00 -Bus=03 means it's bus 3. +"Bus=03" means it's bus 3. Alternatively, you can look at the output from +"lsusb" and get the bus number from the appropriate line. Example: + +Bus 003 Device 002: ID 0557:2004 ATEN UC100KM V2.00 3. Start 'cat' --- linux-3.2.0.orig/arch/arm/Kconfig +++ linux-3.2.0/arch/arm/Kconfig @@ -2002,7 +2002,7 @@ config KEXEC bool "Kexec system call (EXPERIMENTAL)" - depends on EXPERIMENTAL + depends on EXPERIMENTAL && (!SMP || HOTPLUG_CPU) help kexec is a system call that implements the ability to shutdown your current kernel, and to start another kernel. It is like a reboot @@ -2238,6 +2238,8 @@ source "drivers/Kconfig" +source "ubuntu/Kconfig" + source "fs/Kconfig" source "arch/arm/Kconfig.debug" --- linux-3.2.0.orig/arch/arm/common/pl330.c +++ linux-3.2.0/arch/arm/common/pl330.c @@ -1496,12 +1496,13 @@ struct pl330_thread *thrd = ch_id; struct pl330_dmac *pl330; unsigned long flags; - int ret = 0, active = thrd->req_running; + int ret = 0, active; if (!thrd || thrd->free || thrd->dmac->state == DYING) return -EINVAL; pl330 = thrd->dmac; + active = thrd->req_running; spin_lock_irqsave(&pl330->lock, flags); --- linux-3.2.0.orig/arch/arm/include/asm/assembler.h +++ linux-3.2.0/arch/arm/include/asm/assembler.h @@ -137,6 +137,11 @@ disable_irq .endm + .macro save_and_disable_irqs_notrace, oldcpsr + mrs \oldcpsr, cpsr + disable_irq_notrace + .endm + /* * Restore interrupt state previously stored in a register. We don't * guarantee that this will preserve the flags. --- linux-3.2.0.orig/arch/arm/include/asm/div64.h +++ linux-3.2.0/arch/arm/include/asm/div64.h @@ -73,6 +73,7 @@ #define do_div(n, base) \ ({ \ unsigned int __r, __b = (base); \ + asm("" : "+r" (__b)); \ if (!__builtin_constant_p(__b) || __b == 0 || \ (__LINUX_ARM_ARCH__ < 4 && (__b & (__b - 1)) != 0)) { \ /* non-constant divisor (or zero): slow path */ \ --- linux-3.2.0.orig/arch/arm/include/asm/system.h +++ linux-3.2.0/arch/arm/include/asm/system.h @@ -101,6 +101,7 @@ extern void cpu_init(void); void arm_machine_restart(char mode, const char *cmd); +void soft_restart(unsigned long); extern void (*arm_pm_restart)(char str, const char *cmd); #define UDBG_UNDEFINED (1 << 0) --- linux-3.2.0.orig/arch/arm/include/asm/pgtable.h +++ linux-3.2.0/arch/arm/include/asm/pgtable.h @@ -336,6 +336,7 @@ * We provide our own arch_get_unmapped_area to cope with VIPT caches. */ #define HAVE_ARCH_UNMAPPED_AREA +#define HAVE_ARCH_UNMAPPED_AREA_TOPDOWN /* * remap a physical page `pfn' of size `size' with page protection `prot' @@ -346,9 +347,6 @@ #define pgtable_cache_init() do { } while (0) -void identity_mapping_add(pgd_t *, unsigned long, unsigned long); -void identity_mapping_del(pgd_t *, unsigned long, unsigned long); - #endif /* !__ASSEMBLY__ */ #endif /* CONFIG_MMU */ --- linux-3.2.0.orig/arch/arm/include/asm/idmap.h +++ linux-3.2.0/arch/arm/include/asm/idmap.h @@ -0,0 +1,14 @@ +#ifndef __ASM_IDMAP_H +#define __ASM_IDMAP_H + +#include +#include + +/* Tag a function as requiring to be executed via an identity mapping. */ +#define __idmap __section(.idmap.text) noinline notrace + +extern pgd_t *idmap_pgd; + +void setup_mm_for_reboot(void); + +#endif /* __ASM_IDMAP_H */ --- linux-3.2.0.orig/arch/arm/include/asm/processor.h +++ linux-3.2.0/arch/arm/include/asm/processor.h @@ -123,6 +123,8 @@ #endif +#define HAVE_ARCH_PICK_MMAP_LAYOUT + #endif #endif /* __ASM_ARM_PROCESSOR_H */ --- linux-3.2.0.orig/arch/arm/include/asm/mach/arch.h +++ linux-3.2.0/arch/arm/include/asm/mach/arch.h @@ -31,10 +31,10 @@ unsigned int video_start; /* start of video RAM */ unsigned int video_end; /* end of video RAM */ - unsigned int reserve_lp0 :1; /* never has lp0 */ - unsigned int reserve_lp1 :1; /* never has lp1 */ - unsigned int reserve_lp2 :1; /* never has lp2 */ - unsigned int soft_reboot :1; /* soft reboot */ + unsigned char reserve_lp0 :1; /* never has lp0 */ + unsigned char reserve_lp1 :1; /* never has lp1 */ + unsigned char reserve_lp2 :1; /* never has lp2 */ + char restart_mode; /* default restart mode */ void (*fixup)(struct tag *, char **, struct meminfo *); void (*reserve)(void);/* reserve mem blocks */ @@ -46,6 +46,7 @@ #ifdef CONFIG_MULTI_IRQ_HANDLER void (*handle_irq)(struct pt_regs *); #endif + void (*restart)(char, const char *); }; /* --- linux-3.2.0.orig/arch/arm/kernel/head.S +++ linux-3.2.0/arch/arm/kernel/head.S @@ -170,11 +170,11 @@ * Create identity mapping to cater for __enable_mmu. * This identity mapping will be removed by paging_init(). */ - adr r0, __enable_mmu_loc + adr r0, __turn_mmu_on_loc ldmia r0, {r3, r5, r6} sub r0, r0, r3 @ virt->phys offset - add r5, r5, r0 @ phys __enable_mmu - add r6, r6, r0 @ phys __enable_mmu_end + add r5, r5, r0 @ phys __turn_mmu_on + add r6, r6, r0 @ phys __turn_mmu_on_end mov r5, r5, lsr #SECTION_SHIFT mov r6, r6, lsr #SECTION_SHIFT @@ -287,10 +287,10 @@ ENDPROC(__create_page_tables) .ltorg .align -__enable_mmu_loc: +__turn_mmu_on_loc: .long . - .long __enable_mmu - .long __enable_mmu_end + .long __turn_mmu_on + .long __turn_mmu_on_end #if defined(CONFIG_SMP) __CPUINIT @@ -398,15 +398,17 @@ * other registers depend on the function called upon completion */ .align 5 -__turn_mmu_on: + .pushsection .idmap.text, "ax" +ENTRY(__turn_mmu_on) mov r0, r0 mcr p15, 0, r0, c1, c0, 0 @ write control reg mrc p15, 0, r3, c0, c0, 0 @ read id reg mov r3, r3 mov r3, r13 mov pc, r3 -__enable_mmu_end: +__turn_mmu_on_end: ENDPROC(__turn_mmu_on) + .popsection #ifdef CONFIG_SMP_ON_UP --- linux-3.2.0.orig/arch/arm/kernel/machine_kexec.c +++ linux-3.2.0/arch/arm/kernel/machine_kexec.c @@ -12,12 +12,11 @@ #include #include #include +#include extern const unsigned char relocate_new_kernel[]; extern const unsigned int relocate_new_kernel_size; -extern void setup_mm_for_reboot(char mode); - extern unsigned long kexec_start_address; extern unsigned long kexec_indirection_page; extern unsigned long kexec_mach_type; @@ -111,14 +110,6 @@ if (kexec_reinit) kexec_reinit(); - local_irq_disable(); - local_fiq_disable(); - setup_mm_for_reboot(0); /* mode is not used, so just pass 0*/ - flush_cache_all(); - outer_flush_all(); - outer_disable(); - cpu_proc_fin(); - outer_inv_all(); - flush_cache_all(); - cpu_reset(reboot_code_buffer_phys); + + soft_restart(reboot_code_buffer_phys); } --- linux-3.2.0.orig/arch/arm/kernel/process.c +++ linux-3.2.0/arch/arm/kernel/process.c @@ -57,7 +57,7 @@ "ARM" , "Thumb" , "Jazelle", "ThumbEE" }; -extern void setup_mm_for_reboot(char mode); +extern void setup_mm_for_reboot(void); static volatile int hlt_counter; @@ -92,18 +92,24 @@ __setup("nohlt", nohlt_setup); __setup("hlt", hlt_setup); -void arm_machine_restart(char mode, const char *cmd) +extern void call_with_stack(void (*fn)(void *), void *arg, void *sp); +typedef void (*phys_reset_t)(unsigned long); + +/* + * A temporary stack to use for CPU reset. This is static so that we + * don't clobber it with the identity mapping. When running with this + * stack, any references to the current task *will not work* so you + * should really do as little as possible before jumping to your reset + * code. + */ +static u64 soft_restart_stack[16]; + +static void __soft_restart(void *addr) { - /* Disable interrupts first */ - local_irq_disable(); - local_fiq_disable(); + phys_reset_t phys_reset; - /* - * Tell the mm system that we are going to reboot - - * we may need it to insert some 1:1 mappings so that - * soft boot works. - */ - setup_mm_for_reboot(mode); + /* Take out a flat memory mapping. */ + setup_mm_for_reboot(); /* Clean and invalidate caches */ flush_cache_all(); @@ -114,18 +120,41 @@ /* Push out any further dirty data, and ensure cache is empty */ flush_cache_all(); - /* - * Now call the architecture specific reboot code. - */ - arch_reset(mode, cmd); + /* Switch to the identity mapping. */ + phys_reset = (phys_reset_t)(unsigned long)virt_to_phys(cpu_reset); + phys_reset((unsigned long)addr); - /* - * Whoops - the architecture was unable to reboot. - * Tell the user! - */ - mdelay(1000); - printk("Reboot failed -- System halted\n"); - while (1); + /* Should never get here. */ + BUG(); +} + +void soft_restart(unsigned long addr) +{ + u64 *stack = soft_restart_stack + ARRAY_SIZE(soft_restart_stack); + + /* Disable interrupts first */ + local_irq_disable(); + local_fiq_disable(); + + /* Disable the L2 if we're the last man standing. */ + if (num_online_cpus() == 1) + outer_disable(); + + /* Change to the new stack and continue with the reset. */ + call_with_stack(__soft_restart, (void *)addr, (void *)stack); + + /* Should never get here. */ + BUG(); +} + +void arm_machine_restart(char mode, const char *cmd) +{ + /* Disable interrupts first */ + local_irq_disable(); + local_fiq_disable(); + + /* Call the architecture specific reboot code. */ + arch_reset(mode, cmd); } /* @@ -253,7 +282,15 @@ void machine_restart(char *cmd) { machine_shutdown(); + arm_pm_restart(reboot_mode, cmd); + + /* Give a grace period for failure to restart of 1s */ + mdelay(1000); + + /* Whoops - the platform was unable to reboot. Tell the user! */ + printk("Reboot failed -- System halted\n"); + while (1); } void __show_regs(struct pt_regs *regs) --- linux-3.2.0.orig/arch/arm/kernel/ptrace.c +++ linux-3.2.0/arch/arm/kernel/ptrace.c @@ -699,10 +699,13 @@ { int ret; struct thread_info *thread = task_thread_info(target); - struct vfp_hard_struct new_vfp = thread->vfpstate.hard; + struct vfp_hard_struct new_vfp; const size_t user_fpregs_offset = offsetof(struct user_vfp, fpregs); const size_t user_fpscr_offset = offsetof(struct user_vfp, fpscr); + vfp_sync_hwstate(thread); + new_vfp = thread->vfpstate.hard; + ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &new_vfp.fpregs, user_fpregs_offset, @@ -723,9 +726,8 @@ if (ret) return ret; - vfp_sync_hwstate(thread); - thread->vfpstate.hard = new_vfp; vfp_flush_hwstate(thread); + thread->vfpstate.hard = new_vfp; return 0; } --- linux-3.2.0.orig/arch/arm/kernel/setup.c +++ linux-3.2.0/arch/arm/kernel/setup.c @@ -908,8 +908,8 @@ arm_dma_zone_size = mdesc->dma_zone_size; } #endif - if (mdesc->soft_reboot) - reboot_setup("s"); + if (mdesc->restart_mode) + reboot_setup(&mdesc->restart_mode); init_mm.start_code = (unsigned long) _text; init_mm.end_code = (unsigned long) _etext; @@ -928,6 +928,9 @@ paging_init(mdesc); request_standard_resources(mdesc); + if (mdesc->restart) + arm_pm_restart = mdesc->restart; + unflatten_device_tree(); #ifdef CONFIG_SMP --- linux-3.2.0.orig/arch/arm/kernel/signal.c +++ linux-3.2.0/arch/arm/kernel/signal.c @@ -227,6 +227,8 @@ if (magic != VFP_MAGIC || size != VFP_STORAGE_SIZE) return -EINVAL; + vfp_flush_hwstate(thread); + /* * Copy the floating point registers. There can be unused * registers see asm/hwcap.h for details. @@ -251,9 +253,6 @@ __get_user_error(h->fpinst, &frame->ufp_exc.fpinst, err); __get_user_error(h->fpinst2, &frame->ufp_exc.fpinst2, err); - if (!err) - vfp_flush_hwstate(thread); - return err ? -EFAULT : 0; } --- linux-3.2.0.orig/arch/arm/kernel/sleep.S +++ linux-3.2.0/arch/arm/kernel/sleep.S @@ -54,6 +54,7 @@ * r0 = control register value */ .align 5 + .pushsection .idmap.text,"ax" ENTRY(cpu_resume_mmu) ldr r3, =cpu_resume_after_mmu mcr p15, 0, r0, c1, c0, 0 @ turn on MMU, I-cache, etc @@ -62,6 +63,7 @@ mov r0, r0 mov pc, r3 @ jump to virtual address ENDPROC(cpu_resume_mmu) + .popsection cpu_resume_after_mmu: bl cpu_init @ restore the und/abt/irq banked regs mov r0, #0 @ return zero on success --- linux-3.2.0.orig/arch/arm/kernel/smp.c +++ linux-3.2.0/arch/arm/kernel/smp.c @@ -31,6 +31,7 @@ #include #include #include +#include #include #include #include @@ -61,7 +62,6 @@ { struct cpuinfo_arm *ci = &per_cpu(cpu_data, cpu); struct task_struct *idle = ci->idle; - pgd_t *pgd; int ret; /* @@ -84,29 +84,11 @@ } /* - * Allocate initial page tables to allow the new CPU to - * enable the MMU safely. This essentially means a set - * of our "standard" page tables, with the addition of - * a 1:1 mapping for the physical address of the kernel. - */ - pgd = pgd_alloc(&init_mm); - if (!pgd) - return -ENOMEM; - - if (PHYS_OFFSET != PAGE_OFFSET) { -#ifndef CONFIG_HOTPLUG_CPU - identity_mapping_add(pgd, __pa(__init_begin), __pa(__init_end)); -#endif - identity_mapping_add(pgd, __pa(_stext), __pa(_etext)); - identity_mapping_add(pgd, __pa(_sdata), __pa(_edata)); - } - - /* * We need to tell the secondary core where to find * its stack and the page tables. */ secondary_data.stack = task_stack_page(idle) + THREAD_START_SP; - secondary_data.pgdir = virt_to_phys(pgd); + secondary_data.pgdir = virt_to_phys(idmap_pgd); secondary_data.swapper_pg_dir = virt_to_phys(swapper_pg_dir); __cpuc_flush_dcache_area(&secondary_data, sizeof(secondary_data)); outer_clean_range(__pa(&secondary_data), __pa(&secondary_data + 1)); @@ -142,16 +124,6 @@ secondary_data.stack = NULL; secondary_data.pgdir = 0; - if (PHYS_OFFSET != PAGE_OFFSET) { -#ifndef CONFIG_HOTPLUG_CPU - identity_mapping_del(pgd, __pa(__init_begin), __pa(__init_end)); -#endif - identity_mapping_del(pgd, __pa(_stext), __pa(_etext)); - identity_mapping_del(pgd, __pa(_sdata), __pa(_edata)); - } - - pgd_free(&init_mm, pgd); - return ret; } @@ -550,6 +522,10 @@ local_fiq_disable(); local_irq_disable(); +#ifdef CONFIG_HOTPLUG_CPU + platform_cpu_kill(cpu); +#endif + while (1) cpu_relax(); } --- linux-3.2.0.orig/arch/arm/kernel/vmlinux.lds.S +++ linux-3.2.0/arch/arm/kernel/vmlinux.lds.S @@ -13,6 +13,12 @@ *(.proc.info.init) \ VMLINUX_SYMBOL(__proc_info_end) = .; +#define IDMAP_TEXT \ + ALIGN_FUNCTION(); \ + VMLINUX_SYMBOL(__idmap_text_start) = .; \ + *(.idmap.text) \ + VMLINUX_SYMBOL(__idmap_text_end) = .; + #ifdef CONFIG_HOTPLUG_CPU #define ARM_CPU_DISCARD(x) #define ARM_CPU_KEEP(x) x @@ -92,6 +98,7 @@ SCHED_TEXT LOCK_TEXT KPROBES_TEXT + IDMAP_TEXT #ifdef CONFIG_MMU *(.fixup) #endif --- linux-3.2.0.orig/arch/arm/kernel/suspend.c +++ linux-3.2.0/arch/arm/kernel/suspend.c @@ -1,13 +1,12 @@ #include +#include #include #include #include #include #include -static pgd_t *suspend_pgd; - extern int __cpu_suspend(unsigned long, int (*)(unsigned long)); extern void cpu_resume_mmu(void); @@ -21,7 +20,7 @@ *save_ptr = virt_to_phys(ptr); /* This must correspond to the LDM in cpu_resume() assembly */ - *ptr++ = virt_to_phys(suspend_pgd); + *ptr++ = virt_to_phys(idmap_pgd); *ptr++ = sp; *ptr++ = virt_to_phys(cpu_do_resume); @@ -42,7 +41,7 @@ struct mm_struct *mm = current->active_mm; int ret; - if (!suspend_pgd) + if (!idmap_pgd) return -EINVAL; /* @@ -59,14 +58,3 @@ return ret; } - -static int __init cpu_suspend_init(void) -{ - suspend_pgd = pgd_alloc(&init_mm); - if (suspend_pgd) { - unsigned long addr = virt_to_phys(cpu_resume_mmu); - identity_mapping_add(suspend_pgd, addr, addr + SECTION_SIZE); - } - return suspend_pgd ? 0 : -ENOMEM; -} -core_initcall(cpu_suspend_init); --- linux-3.2.0.orig/arch/arm/lib/Makefile +++ linux-3.2.0/arch/arm/lib/Makefile @@ -13,7 +13,8 @@ testchangebit.o testclearbit.o testsetbit.o \ ashldi3.o ashrdi3.o lshrdi3.o muldi3.o \ ucmpdi2.o lib1funcs.o div64.o \ - io-readsb.o io-writesb.o io-readsl.o io-writesl.o + io-readsb.o io-writesb.o io-readsl.o io-writesl.o \ + call_with_stack.o mmu-y := clear_user.o copy_page.o getuser.o putuser.o --- linux-3.2.0.orig/arch/arm/lib/call_with_stack.S +++ linux-3.2.0/arch/arm/lib/call_with_stack.S @@ -0,0 +1,44 @@ +/* + * arch/arm/lib/call_with_stack.S + * + * Copyright (C) 2011 ARM Ltd. + * Written by Will Deacon + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#include +#include + +/* + * void call_with_stack(void (*fn)(void *), void *arg, void *sp) + * + * Change the stack to that pointed at by sp, then invoke fn(arg) with + * the new stack. + */ +ENTRY(call_with_stack) + str sp, [r2, #-4]! + str lr, [r2, #-4]! + + mov sp, r2 + mov r2, r0 + mov r0, r1 + + adr lr, BSYM(1f) + mov pc, r2 + +1: ldr lr, [sp] + ldr sp, [sp, #4] + mov pc, lr +ENDPROC(call_with_stack) --- linux-3.2.0.orig/arch/arm/mach-at91/at91rm9200_devices.c +++ linux-3.2.0/arch/arm/mach-at91/at91rm9200_devices.c @@ -83,7 +83,7 @@ * USB Device (Gadget) * -------------------------------------------------------------------- */ -#ifdef CONFIG_USB_AT91 +#if defined(CONFIG_USB_AT91) || defined(CONFIG_USB_AT91_MODULE) static struct at91_udc_data udc_data; static struct resource udc_resources[] = { --- linux-3.2.0.orig/arch/arm/mach-at91/at91sam9260_devices.c +++ linux-3.2.0/arch/arm/mach-at91/at91sam9260_devices.c @@ -84,7 +84,7 @@ * USB Device (Gadget) * -------------------------------------------------------------------- */ -#ifdef CONFIG_USB_AT91 +#if defined(CONFIG_USB_AT91) || defined(CONFIG_USB_AT91_MODULE) static struct at91_udc_data udc_data; static struct resource udc_resources[] = { --- linux-3.2.0.orig/arch/arm/mach-at91/at91sam9261_devices.c +++ linux-3.2.0/arch/arm/mach-at91/at91sam9261_devices.c @@ -87,7 +87,7 @@ * USB Device (Gadget) * -------------------------------------------------------------------- */ -#ifdef CONFIG_USB_AT91 +#if defined(CONFIG_USB_AT91) || defined(CONFIG_USB_AT91_MODULE) static struct at91_udc_data udc_data; static struct resource udc_resources[] = { --- linux-3.2.0.orig/arch/arm/mach-at91/at91sam9263_devices.c +++ linux-3.2.0/arch/arm/mach-at91/at91sam9263_devices.c @@ -92,7 +92,7 @@ * USB Device (Gadget) * -------------------------------------------------------------------- */ -#ifdef CONFIG_USB_AT91 +#if defined(CONFIG_USB_AT91) || defined(CONFIG_USB_AT91_MODULE) static struct at91_udc_data udc_data; static struct resource udc_resources[] = { --- linux-3.2.0.orig/arch/arm/mach-at91/setup.c +++ linux-3.2.0/arch/arm/mach-at91/setup.c @@ -27,9 +27,12 @@ void __init at91rm9200_set_type(int type) { if (type == ARCH_REVISON_9200_PQFP) - at91_soc_initdata.subtype = AT91_SOC_RM9200_BGA; - else at91_soc_initdata.subtype = AT91_SOC_RM9200_PQFP; + else + at91_soc_initdata.subtype = AT91_SOC_RM9200_BGA; + + pr_info("AT91: filled in soc subtype: %s\n", + at91_get_soc_subtype(&at91_soc_initdata)); } void __init at91_init_irq_default(void) --- linux-3.2.0.orig/arch/arm/mach-clps711x/include/mach/system.h +++ linux-3.2.0/arch/arm/mach-clps711x/include/mach/system.h @@ -34,7 +34,7 @@ static inline void arch_reset(char mode, const char *cmd) { - cpu_reset(0); + soft_restart(0); } #endif --- linux-3.2.0.orig/arch/arm/mach-ebsa110/core.c +++ linux-3.2.0/arch/arm/mach-ebsa110/core.c @@ -283,7 +283,7 @@ .atag_offset = 0x400, .reserve_lp0 = 1, .reserve_lp2 = 1, - .soft_reboot = 1, + .restart_mode = 's', .map_io = ebsa110_map_io, .init_irq = ebsa110_init_irq, .timer = &ebsa110_timer, --- linux-3.2.0.orig/arch/arm/mach-ebsa110/include/mach/system.h +++ linux-3.2.0/arch/arm/mach-ebsa110/include/mach/system.h @@ -34,6 +34,6 @@ asm volatile ("mcr p15, 0, ip, c15, c1, 2" : : : "cc"); } -#define arch_reset(mode, cmd) cpu_reset(0x80000000) +#define arch_reset(mode, cmd) soft_restart(0x80000000) #endif --- linux-3.2.0.orig/arch/arm/mach-footbridge/cats-hw.c +++ linux-3.2.0/arch/arm/mach-footbridge/cats-hw.c @@ -86,7 +86,7 @@ MACHINE_START(CATS, "Chalice-CATS") /* Maintainer: Philip Blundell */ .atag_offset = 0x100, - .soft_reboot = 1, + .restart_mode = 's', .fixup = fixup_cats, .map_io = footbridge_map_io, .init_irq = footbridge_init_irq, --- linux-3.2.0.orig/arch/arm/mach-footbridge/include/mach/system.h +++ linux-3.2.0/arch/arm/mach-footbridge/include/mach/system.h @@ -24,7 +24,7 @@ /* * Jump into the ROM */ - cpu_reset(0x41000000); + soft_restart(0x41000000); } else { if (machine_is_netwinder()) { /* open up the SuperIO chip --- linux-3.2.0.orig/arch/arm/mach-iop32x/include/mach/system.h +++ linux-3.2.0/arch/arm/mach-iop32x/include/mach/system.h @@ -30,5 +30,5 @@ *IOP3XX_PCSR = 0x30; /* Jump into ROM at address 0 */ - cpu_reset(0); + soft_restart(0); } --- linux-3.2.0.orig/arch/arm/mach-iop33x/include/mach/system.h +++ linux-3.2.0/arch/arm/mach-iop33x/include/mach/system.h @@ -19,5 +19,5 @@ *IOP3XX_PCSR = 0x30; /* Jump into ROM at address 0 */ - cpu_reset(0); + soft_restart(0); } --- linux-3.2.0.orig/arch/arm/mach-ixp4xx/include/mach/system.h +++ linux-3.2.0/arch/arm/mach-ixp4xx/include/mach/system.h @@ -26,7 +26,7 @@ { if ( 1 && mode == 's') { /* Jump into ROM at address 0 */ - cpu_reset(0); + soft_restart(0); } else { /* Use on-chip reset capability */ --- linux-3.2.0.orig/arch/arm/mach-ks8695/include/mach/system.h +++ linux-3.2.0/arch/arm/mach-ks8695/include/mach/system.h @@ -32,7 +32,7 @@ unsigned int reg; if (mode == 's') - cpu_reset(0); + soft_restart(0); /* disable timer0 */ reg = __raw_readl(KS8695_TMR_VA + KS8695_TMCON); --- linux-3.2.0.orig/arch/arm/mach-mmp/include/mach/system.h +++ linux-3.2.0/arch/arm/mach-mmp/include/mach/system.h @@ -19,8 +19,8 @@ static inline void arch_reset(char mode, const char *cmd) { if (cpu_is_pxa168()) - cpu_reset(0xffff0000); + soft_restart(0xffff0000); else - cpu_reset(0); + soft_restart(0); } #endif /* __ASM_MACH_SYSTEM_H */ --- linux-3.2.0.orig/arch/arm/mach-mxs/system.c +++ linux-3.2.0/arch/arm/mach-mxs/system.c @@ -53,7 +53,7 @@ mdelay(50); /* We'll take a jump through zero as a poor second */ - cpu_reset(0); + soft_restart(0); } static int __init mxs_arch_reset_init(void) --- linux-3.2.0.orig/arch/arm/mach-omap1/board-ams-delta.c +++ linux-3.2.0/arch/arm/mach-omap1/board-ams-delta.c @@ -35,7 +35,7 @@ #include #include #include -#include +#include "common.h" #include #include @@ -386,6 +386,7 @@ .init_irq = omap1_init_irq, .init_machine = ams_delta_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END EXPORT_SYMBOL(ams_delta_latch1_write); --- linux-3.2.0.orig/arch/arm/mach-omap1/board-fsample.c +++ linux-3.2.0/arch/arm/mach-omap1/board-fsample.c @@ -32,7 +32,7 @@ #include #include #include -#include +#include "common.h" #include /* fsample is pretty close to p2-sample */ @@ -390,4 +390,5 @@ .init_irq = omap1_init_irq, .init_machine = omap_fsample_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-generic.c +++ linux-3.2.0/arch/arm/mach-omap1/board-generic.c @@ -25,7 +25,7 @@ #include #include #include -#include +#include "common.h" /* assume no Mini-AB port */ @@ -89,4 +89,5 @@ .init_irq = omap1_init_irq, .init_machine = omap_generic_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-h2.c +++ linux-3.2.0/arch/arm/mach-omap1/board-h2.c @@ -43,7 +43,7 @@ #include #include #include -#include +#include "common.h" #include #include "board-h2.h" @@ -456,4 +456,5 @@ .init_irq = omap1_init_irq, .init_machine = h2_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-h3.c +++ linux-3.2.0/arch/arm/mach-omap1/board-h3.c @@ -45,7 +45,7 @@ #include #include #include -#include +#include "common.h" #include #include "board-h3.h" @@ -444,4 +444,5 @@ .init_irq = omap1_init_irq, .init_machine = h3_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-htcherald.c +++ linux-3.2.0/arch/arm/mach-omap1/board-htcherald.c @@ -41,7 +41,7 @@ #include #include -#include +#include "common.h" #include #include #include @@ -610,4 +610,5 @@ .init_irq = omap1_init_irq, .init_machine = htcherald_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-innovator.c +++ linux-3.2.0/arch/arm/mach-omap1/board-innovator.c @@ -37,7 +37,7 @@ #include #include #include -#include +#include "common.h" #include /* At OMAP1610 Innovator the Ethernet is directly connected to CS1 */ @@ -460,4 +460,5 @@ .init_irq = omap1_init_irq, .init_machine = innovator_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-nokia770.c +++ linux-3.2.0/arch/arm/mach-omap1/board-nokia770.c @@ -30,7 +30,7 @@ #include #include #include -#include +#include "common.h" #include #include #include @@ -259,4 +259,5 @@ .init_irq = omap1_init_irq, .init_machine = omap_nokia770_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-osk.c +++ linux-3.2.0/arch/arm/mach-omap1/board-osk.c @@ -51,7 +51,7 @@ #include #include #include -#include +#include "common.h" /* At OMAP5912 OSK the Ethernet is directly connected to CS1 */ #define OMAP_OSK_ETHR_START 0x04800300 @@ -578,4 +578,5 @@ .init_irq = omap1_init_irq, .init_machine = osk_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-palmte.c +++ linux-3.2.0/arch/arm/mach-omap1/board-palmte.c @@ -41,7 +41,7 @@ #include #include #include -#include +#include "common.h" #define PALMTE_USBDETECT_GPIO 0 #define PALMTE_USB_OR_DC_GPIO 1 @@ -270,4 +270,5 @@ .init_irq = omap1_init_irq, .init_machine = omap_palmte_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-palmtt.c +++ linux-3.2.0/arch/arm/mach-omap1/board-palmtt.c @@ -39,7 +39,7 @@ #include #include #include -#include +#include "common.h" #include #include @@ -317,4 +317,5 @@ .init_irq = omap1_init_irq, .init_machine = omap_palmtt_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-palmz71.c +++ linux-3.2.0/arch/arm/mach-omap1/board-palmz71.c @@ -41,7 +41,7 @@ #include #include #include -#include +#include "common.h" #include #include @@ -334,4 +334,5 @@ .init_irq = omap1_init_irq, .init_machine = omap_palmz71_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-perseus2.c +++ linux-3.2.0/arch/arm/mach-omap1/board-perseus2.c @@ -32,7 +32,7 @@ #include #include #include -#include +#include "common.h" #include static const unsigned int p2_keymap[] = { @@ -352,4 +352,5 @@ .init_irq = omap1_init_irq, .init_machine = omap_perseus2_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-sx1.c +++ linux-3.2.0/arch/arm/mach-omap1/board-sx1.c @@ -40,7 +40,7 @@ #include #include #include -#include +#include "common.h" #include #include @@ -416,4 +416,5 @@ .init_irq = omap1_init_irq, .init_machine = omap_sx1_init, .timer = &omap1_timer, + .restart = omap1_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/board-voiceblue.c +++ linux-3.2.0/arch/arm/mach-omap1/board-voiceblue.c @@ -28,13 +28,12 @@ #include #include -#include #include #include #include #include -#include +#include "common.h" #include #include #include @@ -221,7 +220,7 @@ gpio_set_value(0, wdt_gpio_state); } -static void voiceblue_reset(char mode, const char *cmd) +static void voiceblue_restart(char mode, const char *cmd) { /* * Workaround for 5912/1611b bug mentioned in sprz209d.pdf p. 28 @@ -285,8 +284,6 @@ * (it is connected through invertor) */ omap_writeb(0x00, OMAP_LPG1_LCR); omap_writeb(0x00, OMAP_LPG1_PMR); /* Disable clock */ - - arch_reset = voiceblue_reset; } MACHINE_START(VOICEBLUE, "VoiceBlue OMAP5910") @@ -298,4 +295,5 @@ .init_irq = omap1_init_irq, .init_machine = voiceblue_init, .timer = &omap1_timer, + .restart = voiceblue_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap1/devices.c +++ linux-3.2.0/arch/arm/mach-omap1/devices.c @@ -22,7 +22,7 @@ #include #include -#include +#include "common.h" #include #include #include --- linux-3.2.0.orig/arch/arm/mach-omap1/reset.c +++ linux-3.2.0/arch/arm/mach-omap1/reset.c @@ -5,10 +5,9 @@ #include #include -#include #include -void omap1_arch_reset(char mode, const char *cmd) +void omap1_restart(char mode, const char *cmd) { /* * Workaround for 5912/1611b bug mentioned in sprz209d.pdf p. 28 @@ -21,5 +20,3 @@ omap_writew(1, ARM_RSTCT1); } - -void (*arch_reset)(char, const char *) = omap1_arch_reset; --- linux-3.2.0.orig/arch/arm/mach-omap1/time.c +++ linux-3.2.0/arch/arm/mach-omap1/time.c @@ -54,7 +54,7 @@ #include #include -#include +#include "common.h" #ifdef CONFIG_OMAP_MPU_TIMER --- linux-3.2.0.orig/arch/arm/mach-omap1/timer32k.c +++ linux-3.2.0/arch/arm/mach-omap1/timer32k.c @@ -52,7 +52,7 @@ #include #include #include -#include +#include "common.h" #include /* --- linux-3.2.0.orig/arch/arm/mach-omap1/common.h +++ linux-3.2.0/arch/arm/mach-omap1/common.h @@ -0,0 +1,62 @@ +/* + * + * Header for code common to all OMAP1 machines. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN + * NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF + * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#ifndef __ARCH_ARM_MACH_OMAP1_COMMON_H +#define __ARCH_ARM_MACH_OMAP1_COMMON_H + +#include + +#if defined(CONFIG_ARCH_OMAP730) || defined(CONFIG_ARCH_OMAP850) +void omap7xx_map_io(void); +#else +static inline void omap7xx_map_io(void) +{ +} +#endif + +#ifdef CONFIG_ARCH_OMAP15XX +void omap15xx_map_io(void); +#else +static inline void omap15xx_map_io(void) +{ +} +#endif + +#ifdef CONFIG_ARCH_OMAP16XX +void omap16xx_map_io(void); +#else +static inline void omap16xx_map_io(void) +{ +} +#endif + +void omap1_init_early(void); +void omap1_init_irq(void); +void omap1_restart(char, const char *); + +extern struct sys_timer omap1_timer; +extern bool omap_32k_timer_init(void); + +#endif /* __ARCH_ARM_MACH_OMAP1_COMMON_H */ --- linux-3.2.0.orig/arch/arm/mach-omap2/board-2430sdp.c +++ linux-3.2.0/arch/arm/mach-omap2/board-2430sdp.c @@ -34,7 +34,7 @@ #include #include -#include +#include "common.h" #include #include #include @@ -303,4 +303,5 @@ .init_irq = omap2_init_irq, .init_machine = omap_2430sdp_init, .timer = &omap2_timer, + .restart = omap_prcm_restart, MACHINE_END --- linux-3.2.0.orig/arch/arm/mach-omap2/board-3430sdp.c +++ linux-3.2.0/arch/arm/mach-omap2/board-3430sdp.c @@ -33,7 +33,7 @@ #include #include #include -#include +#include "common.h" #include #include #include