aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* [POWERPC] Fix incorrectly tagged __devinitdata structuresGrant Likely2008-02-06
| | | | | | | | Fix compile errors in the xilinxfb, xsysace and uartlite drivers used by the Xilinx Virtex platform Signed-off-by: Grant Likely <grant.likely@secretlab.ca> Acked-by: Peter Korsgaard <jacmet@sunsite.dk>
* [POWERPC] Cell IOMMU fixed mapping supportMichael Ellerman2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds support for setting up a fixed IOMMU mapping on certain cell machines. For 64-bit devices this avoids the performance overhead of mapping and unmapping pages at runtime. 32-bit devices are unable to use the fixed mapping. The fixed mapping is established at boot, and maps all of physical memory 1:1 into device space at some offset. On machines with < 30 GB of memory we setup the fixed mapping immediately above the normal IOMMU window. For example a machine with 4GB of memory would end up with the normal IOMMU window from 0-2GB and the fixed mapping window from 2GB to 6GB. In this case a 64-bit device wishing to DMA to 1GB would be told to DMA to 3GB, plus any offset required by firmware. The firmware offset is encoded in the "dma-ranges" property. On machines with 30GB or more of memory, we are unable to place the fixed mapping above the normal IOMMU window as we would run out of address space. Instead we move the normal IOMMU window to coincide with the hash page table, this region does not need to be part of the fixed mapping as no device should ever be DMA'ing to it. We then setup the fixed mapping from 0 to 32GB. Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Paul Mackerras <paulus@samba.org>
* [POWERPC] Split out the ioid fetching/checking logicMichael Ellerman2008-01-30
| | | | | | | | | Split out the ioid fetching and checking logic so we can use it elsewhere in a subsequent patch. Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Paul Mackerras <paulus@samba.org>
* [POWERPC] Add support to cell_iommu_setup_page_tables() for multiple windowsMichael Ellerman2008-01-30
| | | | | | | | | | | | | Add support to cell_iommu_setup_page_tables() for handling two windows, the dynamic window and the fixed window. A fixed window size of 0 indicates that there is no fixed window at all. Currently there are no callers who pass a non-zero fixed window, but the upcoming fixed IOMMU mapping patch will change that. Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Paul Mackerras <paulus@samba.org>
* [POWERPC] Split out the IOMMU logic from cell_dma_dev_setup()Michael Ellerman2008-01-30
| | | | | | | | | | Split the IOMMU logic out from cell_dma_dev_setup() into a separate function. If we're not using dma_direct_ops or dma_iommu_ops we don't know what the hell's going on, so BUG. Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Paul Mackerras <paulus@samba.org>
* [POWERPC] Split cell_iommu_setup_hardware() into two partsMichael Ellerman2008-01-30
| | | | | | | | | | Split cell_iommu_setup_hardware() into two parts. Split the page table setup into cell_iommu_setup_page_tables() and the bits that kick the hardware into cell_iommu_enable_hardware(). Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Paul Mackerras <paulus@samba.org>
* [POWERPC] Split out the logic that allocates struct iommusMichael Ellerman2008-01-30
| | | | | | | | | | Split out the logic that allocates a struct iommu into a separate function. This can fail however the calling code has never cared - so just return if we can't allocate an iommu. Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Paul Mackerras <paulus@samba.org>
* [POWERPC] Allocate the hash table under 1G on cellMichael Ellerman2008-01-30
| | | | | | | | | | | | In order to support the fixed IOMMU mapping (in a subsequent patch), we need the hash table to be inside the IOMMUs DMA window. This is usually 2G, but let's make sure the hash table is under 1G as that will satisfy the IOMMU requirements and also means the hash table will be on node 0. Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Paul Mackerras <paulus@samba.org>
* [POWERPC] Add set_dma_ops() to match get_dma_ops()Michael Ellerman2008-01-30
| | | | | | Signed-off-by: Michael Ellerman <michael@ellerman.id.au> Acked-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Paul Mackerras <paulus@samba.org>
* Merge branch 'linux-2.6'Paul Mackerras2008-01-30
|\
| * Merge git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdogLinus Torvalds2008-01-30
| |\ | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/wim/linux-2.6-watchdog: [WATCHDOG] use SGI_HAS_INDYDOG for INDYDOG depends
| | * [WATCHDOG] use SGI_HAS_INDYDOG for INDYDOG dependsThomas Bogendoerfer2008-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use SGI_HAS_INDYDOG for INDYDOG depends. Signed-off-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de> Signed-off-by: Wim Van Sebroeck <wim@iguana.be> Cc: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * | Merge git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linusLinus Torvalds2008-01-30
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux-2.6-for-linus: (27 commits) lguest: use __PAGE_KERNEL instead of _PAGE_KERNEL lguest: Use explicit includes rateher than indirect lguest: get rid of lg variable assignments lguest: change gpte_addr header lguest: move changed bitmap to lg_cpu lguest: move last_pages to lg_cpu lguest: change last_guest to last_cpu lguest: change spte_addr header lguest: per-vcpu lguest pgdir management lguest: make pending notifications per-vcpu lguest: makes special fields be per-vcpu lguest: per-vcpu lguest task management lguest: replace lguest_arch with lg_cpu_arch. lguest: make registers per-vcpu lguest: make emulate_insn receive a vcpu struct. lguest: map_switcher_in_guest() per-vcpu lguest: per-vcpu interrupt processing. lguest: per-vcpu lguest timers lguest: make hypercalls use the vcpu struct lguest: make write() operation smp aware ... Manual conflict resolved (maybe even correctly, who knows) in drivers/lguest/x86/core.c
| | * | lguest: use __PAGE_KERNEL instead of _PAGE_KERNELGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | x86_64 don't expose the intermediate representation with one underline, _PAGE_KERNEL, just the double-underlined one. Use it, to get a common ground between 32 and 64-bit Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: Use explicit includes rateher than indirectGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | explicitly use ktime.h include explicitly use hrtimer.h include explicitly use sched.h include This patch adds headers explicitly to lguest sources file, to avoid depending on them being included somewhere else. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: get rid of lg variable assignmentsGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We can save some lines of code by getting rid of *lg = cpu... lines of code spread everywhere by now. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: change gpte_addr headerGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | gpte_addr() does not depend on any guest information. So we wipe out the lg parameter from it completely. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: move changed bitmap to lg_cpuGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | events represented in the 'changed' bitmap are per-cpu, not per-guest. move it to the lg_cpu structure Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: move last_pages to lg_cpuGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | in our new model, pages are assigned to a virtual cpu, not to a guest. We move it to the lg_cpu structure. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: change last_guest to last_cpuGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | in our model, a guest does not run in a cpu anymore: a virtual cpu does. So we change last_guest to last_cpu Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: change spte_addr headerGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | spte_addr does not depend on any guest information, so we wipe out the lg parameter completely. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: per-vcpu lguest pgdir managementGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this patch makes the pgdir management per-vcpu. The pgdirs pool is still guest-wide (although it'll probably need to grow when we are really executing more vcpus), but the pgdidx index is gone, since it makes no sense anymore. Instead, we use a per-vcpu index. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: make pending notifications per-vcpuGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this patch makes the pending_notify field, used to control pending notifications, per-vcpu, instead of per-guest Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: makes special fields be per-vcpuGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | lguest struct have room for some fields, namely, cr2, ts, esp1 and ss1, that are not really guest-wide, but rather, vcpu-wide. This patch puts it in the vcpu struct Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: per-vcpu lguest task managementGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | lguest uses tasks to control its running behaviour (like sending breaks, controlling halted state, etc). In a per-vcpu environment, each vcpu will have its own underlying task. So this patch makes the infrastructure for that possible Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: replace lguest_arch with lg_cpu_arch.Glauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The fields found in lguest_arch are not really per-guest, but per-cpu (gdt, idt, etc). So this patch turns lguest_arch into lg_cpu_arch. It makes sense to have a per-guest per-arch struct, but this can be addressed later, when the need arrives. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: make registers per-vcpuGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is the most obvious per-vcpu field: registers. So this patch moves it from struct lguest to struct vcpu, and patch the places in which they are used, accordingly Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: make emulate_insn receive a vcpu struct.Glauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | emulate_insn() needs to know about current eip, which will be, in the future, a per-vcpu thing. So in this patch, the function prototype is modified to receive a vcpu struct Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: map_switcher_in_guest() per-vcpuGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The switcher needs to be mapped per-vcpu, because different vcpus will potentially have different page tables (they don't have to, because threads will share the same). So our first step is the make the function receive a vcpu struct Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: per-vcpu interrupt processing.Glauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adapts interrupt processing for using the vcpu struct. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: per-vcpu lguest timersGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Here, I introduce per-vcpu timers. With this, we can have local expiries, needed for accounting time in smp guests Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: make hypercalls use the vcpu structGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this patch changes do_hcall() and do_async_hcall() interfaces (and obviously their callers) to get a vcpu struct. Again, a vcpu services the hypercall, not the whole guest Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: make write() operation smp awareGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes the write() file operation smp aware. Which means, receiving the vcpu_id value through the offset parameter, and being well aware to which vcpu we're talking to. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: per-cpu run guestGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes the run_guest() routine use the lg_cpu struct. This is required since in a smp guest environment, there's no more the notion of "running the guest", but rather, it is "running the vcpu" Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: initialize vcpuGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this patch initializes the first vcpu in the initialize() routing, which is responsible for starting the process of putting the guest up. right now, as much of the fields are still not per-vcpu, it does not do much. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: adapt launcher to per-cpunessGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes uses of pread() and pwrite() in lguest launcher to communicate the vcpu id to the lguest driver. The id is kept in a thread variable, which means we'll span in the future, vcpus as threads. But right now, only the infrastructure is out there. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: introduce vcpu structGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this patch introduces a vcpu struct for lguest. In upcoming patches, more and more fields will be moved from the lguest struct to the vcpu Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: Reboot supportBalaji Rao2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reboot Implemented (Prevent fd leak, fix style and fix documentation --RR) Signed-off-by: Balaji Rao <balajirrao@gmail.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: remove pv_info dependencyGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, lguest module can't be compiled without the PARAVIRT flag being on. This is a fake dependency, since the module itself shouldn't need any paravirt override. Reason for that is the reference to pv_info structure in initial loading tests. This patch removes it in favour of a more generic error message. Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| | * | lguest: fix drivers/lguest Makefile entryGlauber de Oliveira Costa2008-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Parts depend on CONFIG_LGUEST, not just CONFIG_LGUEST_GUEST Signed-off-by: Glauber de Oliveira Costa <gcosta@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| * | | Merge branch 'for-linus' of ↵Linus Torvalds2008-01-30
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6: security: compile capabilities by default selinux: make selinux_set_mnt_opts() static SELinux: Add warning messages on network denial due to error SELinux: Add network ingress and egress control permission checks NetLabel: Add auditing to the static labeling mechanism NetLabel: Introduce static network labels for unlabeled connections SELinux: Allow NetLabel to directly cache SIDs SELinux: Enable dynamic enable/disable of the network access checks SELinux: Better integration between peer labeling subsystems SELinux: Add a new peer class and permissions to the Flask definitions SELinux: Add a capabilities bitmap to SELinux policy version 22 SELinux: Add a network node caching mechanism similar to the sel_netif_*() functions SELinux: Only store the network interface's ifindex SELinux: Convert the netif code to use ifindex values NetLabel: Add IP address family information to the netlbl_skbuff_getattr() function NetLabel: Add secid token support to the NetLabel secattr struct NetLabel: Consolidate the LSM domain mapping/hashing locks NetLabel: Cleanup the LSM domain hash functions NetLabel: Remove unneeded RCU read locks
| | * | | security: compile capabilities by defaultsergeh@us.ibm.com2008-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Capabilities have long been the default when CONFIG_SECURITY=n, and its help text suggests turning it on when CONFIG_SECURITY=y. But it is set to default n. Default it to y instead. Signed-off-by: Serge Hallyn <serue@us.ibm.com> Acked-by: Matt LaPlante <kernel1@cyberdogtech.com> Signed-off-by: James Morris <jmorris@namei.org>
| | * | | selinux: make selinux_set_mnt_opts() staticAdrian Bunk2008-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | selinux_set_mnt_opts() can become static. Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: James Morris <jmorris@namei.org>
| | * | | SELinux: Add warning messages on network denial due to errorPaul Moore2008-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently network traffic can be sliently dropped due to non-avc errors which can lead to much confusion when trying to debug the problem. This patch adds warning messages so that when these events occur there is a user visible notification. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
| | * | | SELinux: Add network ingress and egress control permission checksPaul Moore2008-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch implements packet ingress/egress controls for SELinux which allow SELinux security policy to control the flow of all IPv4 and IPv6 packets into and out of the system. Currently SELinux does not have proper control over forwarded packets and this patch corrects this problem. Special thanks to Venkat Yekkirala <vyekkirala@trustedcs.com> whose earlier work on this topic eventually led to this patch. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
| | * | | NetLabel: Add auditing to the static labeling mechanismPaul Moore2008-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds auditing support to the NetLabel static labeling mechanism. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
| | * | | NetLabel: Introduce static network labels for unlabeled connectionsPaul Moore2008-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Most trusted OSs, with the exception of Linux, have the ability to specify static security labels for unlabeled networks. This patch adds this ability to the NetLabel packet labeling framework. If the NetLabel subsystem is called to determine the security attributes of an incoming packet it first checks to see if any recognized NetLabel packet labeling protocols are in-use on the packet. If none can be found then the unlabled connection table is queried and based on the packets incoming interface and address it is matched with a security label as configured by the administrator using the netlabel_tools package. The matching security label is returned to the caller just as if the packet was explicitly labeled using a labeling protocol. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
| | * | | SELinux: Allow NetLabel to directly cache SIDsPaul Moore2008-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now that the SELinux NetLabel "base SID" is always the netmsg initial SID we can do a big optimization - caching the SID and not just the MLS attributes. This not only saves a lot of per-packet memory allocations and copies but it has a nice side effect of removing a chunk of code. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
| | * | | SELinux: Enable dynamic enable/disable of the network access checksPaul Moore2008-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch introduces a mechanism for checking when labeled IPsec or SECMARK are in use by keeping introducing a configuration reference counter for each subsystem. In the case of labeled IPsec, whenever a labeled SA or SPD entry is created the labeled IPsec/XFRM reference count is increased and when the entry is removed it is decreased. In the case of SECMARK, when a SECMARK target is created the reference count is increased and later decreased when the target is removed. These reference counters allow SELinux to quickly determine if either of these subsystems are enabled. NetLabel already has a similar mechanism which provides the netlbl_enabled() function. This patch also renames the selinux_relabel_packet_permission() function to selinux_secmark_relabel_packet_permission() as the original name and description were misleading in that they referenced a single packet label which is not the case. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
| | * | | SELinux: Better integration between peer labeling subsystemsPaul Moore2008-01-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rework the handling of network peer labels so that the different peer labeling subsystems work better together. This includes moving both subsystems to a single "peer" object class which involves not only changes to the permission checks but an improved method of consolidating multiple packet peer labels. As part of this work the inbound packet permission check code has been heavily modified to handle both the old and new behavior in as sane a fashion as possible. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>