diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2010-05-20 11:55:50 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2010-05-20 11:55:50 -0400 |
| commit | 96b5b7f4f2d59b37c1fc2fba1ae25999accd6dcd (patch) | |
| tree | cda421c6cd7533940b35504660a05a366a3ece0c /Documentation | |
| parent | f72caf7e496465182eeda842ac66a5e75404ddf1 (diff) | |
| parent | 539c99fd7fc28f8db257c713c10fb4aceadf8887 (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (61 commits)
KEYS: Return more accurate error codes
LSM: Add __init to fixup function.
TOMOYO: Add pathname grouping support.
ima: remove ACPI dependency
TPM: ACPI/PNP dependency removal
security/selinux/ss: Use kstrdup
TOMOYO: Use stack memory for pending entry.
Revert "ima: remove ACPI dependency"
Revert "TPM: ACPI/PNP dependency removal"
KEYS: Do preallocation for __key_link()
TOMOYO: Use mutex_lock_interruptible.
KEYS: Better handling of errors from construct_alloc_key()
KEYS: keyring_serialise_link_sem is only needed for keyring->keyring links
TOMOYO: Use GFP_NOFS rather than GFP_KERNEL.
ima: remove ACPI dependency
TPM: ACPI/PNP dependency removal
selinux: generalize disabling of execmem for plt-in-heap archs
LSM Audit: rename LSM_AUDIT_NO_AUDIT to LSM_AUDIT_DATA_NONE
CRED: Holding a spinlock does not imply the holding of RCU read lock
SMACK: Don't #include Ext2 headers
...
Diffstat (limited to 'Documentation')
| -rw-r--r-- | Documentation/credentials.txt | 14 | ||||
| -rw-r--r-- | Documentation/kernel-parameters.txt | 10 |
2 files changed, 15 insertions, 9 deletions
diff --git a/Documentation/credentials.txt b/Documentation/credentials.txt index df03169782ea..a2db35287003 100644 --- a/Documentation/credentials.txt +++ b/Documentation/credentials.txt | |||
| @@ -408,9 +408,6 @@ This should be used inside the RCU read lock, as in the following example: | |||
| 408 | ... | 408 | ... |
| 409 | } | 409 | } |
| 410 | 410 | ||
| 411 | A function need not get RCU read lock to use __task_cred() if it is holding a | ||
| 412 | spinlock at the time as this implicitly holds the RCU read lock. | ||
| 413 | |||
| 414 | Should it be necessary to hold another task's credentials for a long period of | 411 | Should it be necessary to hold another task's credentials for a long period of |
| 415 | time, and possibly to sleep whilst doing so, then the caller should get a | 412 | time, and possibly to sleep whilst doing so, then the caller should get a |
| 416 | reference on them using: | 413 | reference on them using: |
| @@ -426,17 +423,16 @@ credentials, hiding the RCU magic from the caller: | |||
| 426 | uid_t task_uid(task) Task's real UID | 423 | uid_t task_uid(task) Task's real UID |
| 427 | uid_t task_euid(task) Task's effective UID | 424 | uid_t task_euid(task) Task's effective UID |
| 428 | 425 | ||
| 429 | If the caller is holding a spinlock or the RCU read lock at the time anyway, | 426 | If the caller is holding the RCU read lock at the time anyway, then: |
| 430 | then: | ||
| 431 | 427 | ||
| 432 | __task_cred(task)->uid | 428 | __task_cred(task)->uid |
| 433 | __task_cred(task)->euid | 429 | __task_cred(task)->euid |
| 434 | 430 | ||
| 435 | should be used instead. Similarly, if multiple aspects of a task's credentials | 431 | should be used instead. Similarly, if multiple aspects of a task's credentials |
| 436 | need to be accessed, RCU read lock or a spinlock should be used, __task_cred() | 432 | need to be accessed, RCU read lock should be used, __task_cred() called, the |
| 437 | called, the result stored in a temporary pointer and then the credential | 433 | result stored in a temporary pointer and then the credential aspects called |
| 438 | aspects called from that before dropping the lock. This prevents the | 434 | from that before dropping the lock. This prevents the potentially expensive |
| 439 | potentially expensive RCU magic from being invoked multiple times. | 435 | RCU magic from being invoked multiple times. |
| 440 | 436 | ||
| 441 | Should some other single aspect of another task's credentials need to be | 437 | Should some other single aspect of another task's credentials need to be |
| 442 | accessed, then this can be used: | 438 | accessed, then this can be used: |
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt index 567b7a8eb878..b9b0d7989f4e 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt | |||
| @@ -99,6 +99,7 @@ parameter is applicable: | |||
| 99 | SWSUSP Software suspend (hibernation) is enabled. | 99 | SWSUSP Software suspend (hibernation) is enabled. |
| 100 | SUSPEND System suspend states are enabled. | 100 | SUSPEND System suspend states are enabled. |
| 101 | FTRACE Function tracing enabled. | 101 | FTRACE Function tracing enabled. |
| 102 | TPM TPM drivers are enabled. | ||
| 102 | TS Appropriate touchscreen support is enabled. | 103 | TS Appropriate touchscreen support is enabled. |
| 103 | UMS USB Mass Storage support is enabled. | 104 | UMS USB Mass Storage support is enabled. |
| 104 | USB USB support is enabled. | 105 | USB USB support is enabled. |
| @@ -2616,6 +2617,15 @@ and is between 256 and 4096 characters. It is defined in the file | |||
| 2616 | 2617 | ||
| 2617 | tp720= [HW,PS2] | 2618 | tp720= [HW,PS2] |
| 2618 | 2619 | ||
| 2620 | tpm_suspend_pcr=[HW,TPM] | ||
| 2621 | Format: integer pcr id | ||
| 2622 | Specify that at suspend time, the tpm driver | ||
| 2623 | should extend the specified pcr with zeros, | ||
| 2624 | as a workaround for some chips which fail to | ||
| 2625 | flush the last written pcr on TPM_SaveState. | ||
| 2626 | This will guarantee that all the other pcrs | ||
| 2627 | are saved. | ||
| 2628 | |||
| 2619 | trace_buf_size=nn[KMG] | 2629 | trace_buf_size=nn[KMG] |
| 2620 | [FTRACE] will set tracing buffer size. | 2630 | [FTRACE] will set tracing buffer size. |
| 2621 | 2631 | ||