Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

		then closing the file.  The new policy takes effect after

		the file ima/policy is closed.

		IMA appraisal, if configured, uses these file measurements

		for local measurement appraisal.

		rule format: action [condition ...]

		action: measure | dont_measure

		action: measure | dont_measure | appraise | dont_appraise | audit

		condition:= base | lsm

			base:	[[func=] [mask=] [fsmagic=] [uid=]]

			base:	[[func=] [mask=] [fsmagic=] [uid=] [fowner]]

			lsm:	[[subj_user=] [subj_role=] [subj_type=]

				 [obj_user=] [obj_role=] [obj_type=]]

			mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]

			fsmagic:= hex value

			uid:= decimal value

			fowner:=decimal value

		lsm:  	are LSM specific

		default policy:

			# PROC_SUPER_MAGIC

			dont_measure fsmagic=0x9fa0

			dont_appraise fsmagic=0x9fa0

			# SYSFS_MAGIC

			dont_measure fsmagic=0x62656572

			dont_appraise fsmagic=0x62656572

			# DEBUGFS_MAGIC

			dont_measure fsmagic=0x64626720

			dont_appraise fsmagic=0x64626720

			# TMPFS_MAGIC

			dont_measure fsmagic=0x01021994

			dont_appraise fsmagic=0x01021994

			# RAMFS_MAGIC

			dont_measure fsmagic=0x858458f6

			dont_appraise fsmagic=0x858458f6

			# SECURITYFS_MAGIC

			dont_measure fsmagic=0x73636673

			dont_appraise fsmagic=0x73636673

			measure func=BPRM_CHECK

			measure func=FILE_MMAP mask=MAY_EXEC

			measure func=FILE_CHECK mask=MAY_READ uid=0

			appraise fowner=0

		The default policy measures all executables in bprm_check,

		all files mmapped executable in file_mmap, and all files

		open for read by root in do_filp_open.

		open for read by root in do_filp_open.  The default appraisal

		policy appraises all files owned by root.

		Examples of LSM specific definitions:

		SELinux:

			# SELINUX_MAGIC

			dont_measure fsmagic=0xF97CFF8C

			dont_measure fsmagic=0xf97cff8c

			dont_appraise fsmagic=0xf97cff8c

			dont_measure obj_type=var_log_t

			dont_appraise obj_type=var_log_t

			dont_measure obj_type=auditd_log_t

			dont_appraise obj_type=auditd_log_t

			measure subj_user=system_u func=FILE_CHECK mask=MAY_READ

			measure subj_role=system_r func=FILE_CHECK mask=MAY_READ

What:		/sys/devices/pnp0/<bus-num>/ppi/

Date:		August 2012

Kernel Version:	3.6

Contact:	xiaoyan.zhang@intel.com

Description:

		This folder includes the attributes related with PPI (Physical

		Presence Interface). Only if TPM is supported by BIOS, this

		folder makes sence. The folder path can be got by command

		'find /sys/ -name 'pcrs''. For the detail information of PPI,

		please refer to the PPI specification from

		http://www.trustedcomputinggroup.org/

What:		/sys/devices/pnp0/<bus-num>/ppi/version

Date:		August 2012

Contact:	xiaoyan.zhang@intel.com

Description:

		This attribute shows the version of the PPI supported by the

		platform.

		This file is readonly.

What:		/sys/devices/pnp0/<bus-num>/ppi/request

Date:		August 2012

Contact:	xiaoyan.zhang@intel.com

Description:

		This attribute shows the request for an operation to be

		executed in the pre-OS environment. It is the only input from

		the OS to the pre-OS environment. The request should be an

		integer value range from 1 to 160, and 0 means no request.

		This file can be read and written.

What:		/sys/devices/pnp0/00:<bus-num>/ppi/response

Date:		August 2012

Contact:	xiaoyan.zhang@intel.com

Description:

		This attribute shows the response to the most recent operation

		request it acted upon. The format is "<request> <response num>

		: <response description>".

		This file is readonly.

What:		/sys/devices/pnp0/<bus-num>/ppi/transition_action

Date:		August 2012

Contact:	xiaoyan.zhang@intel.com

Description:

		This attribute shows the platform-specific action that should

		take place in order to transition to the BIOS for execution of

		a requested operation. The format is "<action num>: <action

		description>".

		This file is readonly.

What:		/sys/devices/pnp0/<bus-num>/ppi/tcg_operations

Date:		August 2012

Contact:	xiaoyan.zhang@intel.com

Description:

		This attribute shows whether it is allowed to request an

		operation to be executed in the pre-OS environment by the BIOS

		for the requests defined by TCG, i.e. requests from 1 to 22.

		The format is "<request> <status num>: <status description>".

		This attribute is only supported by PPI version 1.2+.

		This file is readonly.

What:		/sys/devices/pnp0/<bus-num>/ppi/vs_operations

Date:		August 2012

Contact:	xiaoyan.zhang@intel.com

Description:

		This attribute shows whether it is allowed to request an

		operation to be executed in the pre-OS environment by the BIOS

		for the verdor specific requests, i.e. requests from 128 to

		255. The format is same with tcg_operations. This attribute

		is also only supported by PPI version 1.2+.

		This file is readonly.

	ihash_entries=	[KNL]

			Set number of hash buckets for inode cache.

	ima_appraise=	[IMA] appraise integrity measurements

			Format: { "off" | "enforce" | "fix" }

			default: "enforce"

	ima_appraise_tcb [IMA]

			The builtin appraise policy appraises all files

			owned by uid=0.

	ima_audit=	[IMA]

			Format: { "0" | "1" }

			0 -- integrity auditing messages. (Default)

configurations are intolerant of IP options and can impede

access to systems that use them as Smack does.

The current git repositories for Smack user space are:

The current git repository for Smack user space is:

	git@gitorious.org:meego-platform-security/smackutil.git

	git@gitorious.org:meego-platform-security/libsmack.git

	git://github.com/smack-team/smack.git

These should make and install on most modern distributions.

This should make and install on most modern distributions.

There are three commands included in smackutil:

smackload  - properly formats data for writing to /smack/load

	these capabilities are effective at for processes with any

	label. The value is set by writing the desired label to the

	file or cleared by writing "-" to the file.

revoke-subject

	Writing a Smack label here sets the access to '-' for all access

	rules with that subject label.

You can add access rules in /etc/smack/accesses. They take the form:

}

#ifdef CONFIG_PPC64

/*

 * Allocate room for and instantiate Stored Measurement Log (SML)

 */

static void __init prom_instantiate_sml(void)

{

	phandle ibmvtpm_node;

	ihandle ibmvtpm_inst;

	u32 entry = 0, size = 0;

	u64 base;

	prom_debug("prom_instantiate_sml: start...\n");

	ibmvtpm_node = call_prom("finddevice", 1, 1, ADDR("/ibm,vtpm"));

	prom_debug("ibmvtpm_node: %x\n", ibmvtpm_node);

	if (!PHANDLE_VALID(ibmvtpm_node))

		return;

	ibmvtpm_inst = call_prom("open", 1, 1, ADDR("/ibm,vtpm"));

	if (!IHANDLE_VALID(ibmvtpm_inst)) {

		prom_printf("opening vtpm package failed (%x)\n", ibmvtpm_inst);

		return;

	}

	if (call_prom_ret("call-method", 2, 2, &size,

			  ADDR("sml-get-handover-size"),

			  ibmvtpm_inst) != 0 || size == 0) {

		prom_printf("SML get handover size failed\n");

		return;

	}

	base = alloc_down(size, PAGE_SIZE, 0);

	if (base == 0)

		prom_panic("Could not allocate memory for sml\n");

	prom_printf("instantiating sml at 0x%x...", base);

	if (call_prom_ret("call-method", 4, 2, &entry,

			  ADDR("sml-handover"),

			  ibmvtpm_inst, size, base) != 0 || entry == 0) {

		prom_printf("SML handover failed\n");

		return;

	}

	prom_printf(" done\n");

	reserve_mem(base, size);

	prom_setprop(ibmvtpm_node, "/ibm,vtpm", "linux,sml-base",

		     &base, sizeof(base));

	prom_setprop(ibmvtpm_node, "/ibm,vtpm", "linux,sml-size",

		     &size, sizeof(size));

	prom_debug("sml base     = 0x%x\n", base);

	prom_debug("sml size     = 0x%x\n", (long)size);

	prom_debug("prom_instantiate_sml: end...\n");

}

/*

 * Allocate room for and initialize TCE tables

 */

		prom_instantiate_opal();

#endif

#ifdef CONFIG_PPC64

	/* instantiate sml */

	prom_instantiate_sml();

#endif

	/*

	 * On non-powermacs, put all CPUs in spin-loops.

	 *