Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e05644e1 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 

Pull security subsystem updates from James Morris:
 "Nothing groundbreaking for this kernel, just cleanups and fixes, and a
  couple of Smack enhancements."

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (21 commits)
  Smack: Maintainer Record
  Smack: don't show empty rules when /smack/load or /smack/load2 is read
  Smack: user access check bounds
  Smack: onlycap limits on CAP_MAC_ADMIN
  Smack: fix smack_new_inode bogosities
  ima: audit is compiled only when enabled
  ima: ima_initialized is set only if successful
  ima: add policy for pseudo fs
  ima: remove unused cleanup functions
  ima: free securityfs violations file
  ima: use full pathnames in measurement list
  security: Fix nommu build.
  samples: seccomp: add .gitignore for untracked executables
  tpm: check the chip reference before using it
  TPM: fix memleak when register hardware fails
  TPM: chip disabled state erronously being reported as error
  MAINTAINERS: TPM maintainers' contacts update
  Merge branches 'next-queue' and 'next' into next
  Remove unused code from MPI library
  Revert "crypto: GnuPG based MPI lib - additional sources (part 4)"
  ...
parents 97e7292a 66372841

MAINTAINERS

+13 −3
Original line number Diff line number Diff line
@@ -6230,6 +6230,15 @@ T: git git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu.git 
F:	include/linux/srcu*

F:	kernel/srcu*



SMACK SECURITY MODULE

M:	Casey Schaufler <casey@schaufler-ca.com>

L:	linux-security-module@vger.kernel.org

W:	http://schaufler-ca.com

T:	git git://git.gitorious.org/smack-next/kernel.git

S:	Maintained

F:	Documentation/security/Smack.txt

F:	security/smack/



SMC91x ETHERNET DRIVER

M:	Nicolas Pitre <nico@fluxnic.net>

S:	Odd Fixes
@@ -6862,10 +6871,11 @@ F: include/linux/shmem_fs.h 
F:	mm/shmem.c



TPM DEVICE DRIVER

M:	Debora Velarde <debora@linux.vnet.ibm.com>

M:	Rajiv Andrade <srajiv@linux.vnet.ibm.com>

M:	Kent Yoder <key@linux.vnet.ibm.com>

M:	Rajiv Andrade <mail@srajiv.net>

W:	http://tpmdd.sourceforge.net

M:	Marcel Selhorst <m.selhorst@sirrix.com>

M:	Marcel Selhorst <tpmdd@selhorst.net>

M:	Sirrix AG <tpmdd@sirrix.com>

W:	http://www.sirrix.com

L:	tpmdd-devel@lists.sourceforge.net (moderated for non-subscribers)

S:	Maintained

drivers/char/tpm/tpm.c

+20 −7
Original line number Diff line number Diff line
@@ -827,10 +827,10 @@ EXPORT_SYMBOL_GPL(tpm_pcr_extend); 
int tpm_do_selftest(struct tpm_chip *chip)

{

	int rc;

	u8 digest[TPM_DIGEST_SIZE];

	unsigned int loops;

	unsigned int delay_msec = 1000;

	unsigned long duration;

	struct tpm_cmd_t cmd;



	duration = tpm_calc_ordinal_duration(chip,

	                                     TPM_ORD_CONTINUE_SELFTEST);
@@ -845,7 +845,15 @@ int tpm_do_selftest(struct tpm_chip *chip) 
		return rc;



	do {

		rc = __tpm_pcr_read(chip, 0, digest);

		/* Attempt to read a PCR value */

		cmd.header.in = pcrread_header;

		cmd.params.pcrread_in.pcr_idx = cpu_to_be32(0);

		rc = tpm_transmit(chip, (u8 *) &cmd, READ_PCR_RESULT_SIZE);



		if (rc < TPM_HEADER_SIZE)

			return -EFAULT;



		rc = be32_to_cpu(cmd.header.out.return_code);

		if (rc == TPM_ERR_DISABLED || rc == TPM_ERR_DEACTIVATED) {

			dev_info(chip->dev,

				 "TPM is disabled/deactivated (0x%X)\n", rc);
@@ -1322,6 +1330,9 @@ EXPORT_SYMBOL_GPL(tpm_pm_resume); 


void tpm_dev_vendor_release(struct tpm_chip *chip)

{

	if (!chip)

		return;



	if (chip->vendor.release)

		chip->vendor.release(chip->dev);
@@ -1339,6 +1350,9 @@ void tpm_dev_release(struct device *dev) 
{

	struct tpm_chip *chip = dev_get_drvdata(dev);



	if (!chip)

		return;



	tpm_dev_vendor_release(chip);



	chip->release(dev);
@@ -1405,15 +1419,12 @@ struct tpm_chip *tpm_register_hardware(struct device *dev, 
			"unable to misc_register %s, minor %d\n",

			chip->vendor.miscdev.name,

			chip->vendor.miscdev.minor);

		put_device(chip->dev);

		return NULL;

		goto put_device;

	}



	if (sysfs_create_group(&dev->kobj, chip->vendor.attr_group)) {

		misc_deregister(&chip->vendor.miscdev);

		put_device(chip->dev);



		return NULL;

		goto put_device;

	}



	chip->bios_dir = tpm_bios_log_setup(devname);
@@ -1425,6 +1436,8 @@ struct tpm_chip *tpm_register_hardware(struct device *dev, 


	return chip;



put_device:

	put_device(chip->dev);

out_free:

	kfree(chip);

	kfree(devname);

drivers/char/tpm/tpm_infineon.c

+3 −3
Original line number Diff line number Diff line
@@ -4,8 +4,8 @@ 
 * SLD 9630 TT 1.1 and SLB 9635 TT 1.2 Trusted Platform Module

 * Specifications at www.trustedcomputinggroup.org

 *

 * Copyright (C) 2005, Marcel Selhorst <m.selhorst@sirrix.com>

 * Sirrix AG - security technologies, http://www.sirrix.com and

 * Copyright (C) 2005, Marcel Selhorst <tpmdd@selhorst.net>

 * Sirrix AG - security technologies <tpmdd@sirrix.com> and

 * Applied Data Security Group, Ruhr-University Bochum, Germany

 * Project-Homepage: http://www.trust.rub.de/projects/linux-device-driver-infineon-tpm/ 

 *
@@ -671,7 +671,7 @@ static void __exit cleanup_inf(void) 
module_init(init_inf);

module_exit(cleanup_inf);



MODULE_AUTHOR("Marcel Selhorst <m.selhorst@sirrix.com>");

MODULE_AUTHOR("Marcel Selhorst <tpmdd@sirrix.com>");

MODULE_DESCRIPTION("Driver for Infineon TPM SLD 9630 TT 1.1 / SLB 9635 TT 1.2");

MODULE_VERSION("1.9.2");

MODULE_LICENSE("GPL");

lib/Kconfig

+0 −8
Original line number Diff line number Diff line
@@ -378,14 +378,6 @@ config MPILIB 
	  It is used to implement RSA digital signature verification,

	  which is used by IMA/EVM digital signature extension.



config MPILIB_EXTRA

	bool

	depends on MPILIB

	help

	  Additional sources of multiprecision maths library from GnuPG.

	  This code is unnecessary for RSA digital signature verification,

	  but can be compiled if needed.



config SIGNATURE

	tristate

	depends on KEYS && CRYPTO

lib/mpi/Makefile

+0 −11
Original line number Diff line number Diff line
@@ -19,14 +19,3 @@ mpi-y = \ 
	mpih-mul.o			\

	mpi-pow.o			\

	mpiutil.o
 


mpi-$(CONFIG_MPILIB_EXTRA) += \

	mpi-add.o			\

	mpi-div.o			\

	mpi-cmp.o			\

	mpi-gcd.o			\

	mpi-inline.o			\

	mpi-inv.o			\

	mpi-mpow.o			\

	mpi-mul.o			\

	mpi-scan.o