7 files changed, 29 insertions, 11 deletions

diff --git a/drivers/char/tpm/tpm.c b/drivers/char/tpm/tpm.c
index 36e0fa161c2b..faf5a2c65926 100644
--- a/drivers/char/tpm/tpm.c
+++ b/drivers/char/tpm/tpm.c
@@ -577,9 +577,11 @@ duration:
         if (rc)
                 return;
 
-        if (be32_to_cpu(tpm_cmd.header.out.return_code)
-            != 3 * sizeof(u32))
+        if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 ||
+            be32_to_cpu(tpm_cmd.header.out.length)
+            != sizeof(tpm_cmd.header.out) + sizeof(u32) + 3 * sizeof(u32))
                 return;
+
         duration_cap = &tpm_cmd.params.getcap_out.cap.duration;
         chip->vendor.duration[TPM_SHORT] =
             usecs_to_jiffies(be32_to_cpu(duration_cap->tpm_short));
@@ -939,6 +941,18 @@ ssize_t tpm_show_caps_1_2(struct device * dev,
 }
 EXPORT_SYMBOL_GPL(tpm_show_caps_1_2);
 
+ssize_t tpm_show_timeouts(struct device *dev, struct device_attribute *attr,
+                          char *buf)
+{
+        struct tpm_chip *chip = dev_get_drvdata(dev);
+
+        return sprintf(buf, "%d %d %d\n",
+                       jiffies_to_usecs(chip->vendor.duration[TPM_SHORT]),
+                       jiffies_to_usecs(chip->vendor.duration[TPM_MEDIUM]),
+                       jiffies_to_usecs(chip->vendor.duration[TPM_LONG]));
+}
+EXPORT_SYMBOL_GPL(tpm_show_timeouts);
+
 ssize_t tpm_store_cancel(struct device *dev, struct device_attribute *attr,
                         const char *buf, size_t count)
 {
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 72ddb031b69a..d84ff772c26f 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -56,6 +56,8 @@ extern ssize_t tpm_show_owned(struct device *, struct device_attribute *attr,
                                 char *);
 extern ssize_t tpm_show_temp_deactivated(struct device *,
                                          struct device_attribute *attr, char *);
+extern ssize_t tpm_show_timeouts(struct device *,
+                                 struct device_attribute *attr, char *);
 
 struct tpm_chip;
 
diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
index dd21df55689d..0d1d38e5f266 100644
--- a/drivers/char/tpm/tpm_tis.c
+++ b/drivers/char/tpm/tpm_tis.c
@@ -376,6 +376,7 @@ static DEVICE_ATTR(temp_deactivated, S_IRUGO, tpm_show_temp_deactivated,
                    NULL);
 static DEVICE_ATTR(caps, S_IRUGO, tpm_show_caps_1_2, NULL);
 static DEVICE_ATTR(cancel, S_IWUSR | S_IWGRP, NULL, tpm_store_cancel);
+static DEVICE_ATTR(timeouts, S_IRUGO, tpm_show_timeouts, NULL);
 
 static struct attribute *tis_attrs[] = {
         &dev_attr_pubek.attr,
@@ -385,7 +386,8 @@ static struct attribute *tis_attrs[] = {
         &dev_attr_owned.attr,
         &dev_attr_temp_deactivated.attr,
         &dev_attr_caps.attr,
-        &dev_attr_cancel.attr, NULL,
+        &dev_attr_cancel.attr,
+        &dev_attr_timeouts.attr, NULL,
 };
 
 static struct attribute_group tis_attr_grp = {
diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
index 8ecaac983923..f7771f336b7d 100644
--- a/drivers/pci/pci-sysfs.c
+++ b/drivers/pci/pci-sysfs.c
@@ -23,6 +23,7 @@
 #include <linux/mm.h>
 #include <linux/fs.h>
 #include <linux/capability.h>
+#include <linux/security.h>
 #include <linux/pci-aspm.h>
 #include <linux/slab.h>
 #include "pci.h"
@@ -368,7 +369,7 @@ pci_read_config(struct file *filp, struct kobject *kobj,
         u8 *data = (u8*) buf;
 
         /* Several chips lock up trying to read undefined config space */
-        if (cap_raised(filp->f_cred->cap_effective, CAP_SYS_ADMIN)) {
+        if (security_capable(filp->f_cred, CAP_SYS_ADMIN)) {
                 size = dev->cfg_size;
         } else if (dev->hdr_type == PCI_HEADER_TYPE_CARDBUS) {
                 size = 128;
diff --git a/include/linux/security.h b/include/linux/security.h
index c642bb8b8f5a..b2b7f9749f5e 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1662,7 +1662,7 @@ int security_capset(struct cred *new, const struct cred *old,
                     const kernel_cap_t *effective,
                     const kernel_cap_t *inheritable,
                     const kernel_cap_t *permitted);
-int security_capable(int cap);
+int security_capable(const struct cred *cred, int cap);
 int security_real_capable(struct task_struct *tsk, int cap);
 int security_real_capable_noaudit(struct task_struct *tsk, int cap);
 int security_sysctl(struct ctl_table *table, int op);
@@ -1856,9 +1856,9 @@ static inline int security_capset(struct cred *new,
         return cap_capset(new, old, effective, inheritable, permitted);
 }
 
-static inline int security_capable(int cap)
+static inline int security_capable(const struct cred *cred, int cap)
 {
-        return cap_capable(current, current_cred(), cap, SECURITY_CAP_AUDIT);
+        return cap_capable(current, cred, cap, SECURITY_CAP_AUDIT);
 }
 
 static inline int security_real_capable(struct task_struct *tsk, int cap)
diff --git a/kernel/capability.c b/kernel/capability.c
index 2f05303715a5..9e9385f132c8 100644
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -306,7 +306,7 @@ int capable(int cap)
                 BUG();
         }
 
-        if (security_capable(cap) == 0) {
+        if (security_capable(current_cred(), cap) == 0) {
                 current->flags |= PF_SUPERPRIV;
                 return 1;
         }
diff --git a/security/security.c b/security/security.c
index 739e40362f44..7b7308ace8c5 100644
--- a/security/security.c
+++ b/security/security.c
@@ -154,10 +154,9 @@ int security_capset(struct cred *new, const struct cred *old,
                                     effective, inheritable, permitted);
 }
 
-int security_capable(int cap)
+int security_capable(const struct cred *cred, int cap)
 {
-        return security_ops->capable(current, current_cred(), cap,
-                                     SECURITY_CAP_AUDIT);
+        return security_ops->capable(current, cred, cap, SECURITY_CAP_AUDIT);
 }
 
 int security_real_capable(struct task_struct *tsk, int cap)