linux/drivers/tty/serial
Linus Torvalds aefcf2f4b5 Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull kernel lockdown mode from James Morris:
 "This is the latest iteration of the kernel lockdown patchset, from
  Matthew Garrett, David Howells and others.

  From the original description:

    This patchset introduces an optional kernel lockdown feature,
    intended to strengthen the boundary between UID 0 and the kernel.
    When enabled, various pieces of kernel functionality are restricted.
    Applications that rely on low-level access to either hardware or the
    kernel may cease working as a result - therefore this should not be
    enabled without appropriate evaluation beforehand.

    The majority of mainstream distributions have been carrying variants
    of this patchset for many years now, so there's value in providing a
    doesn't meet every distribution requirement, but gets us much closer
    to not requiring external patches.

  There are two major changes since this was last proposed for mainline:

   - Separating lockdown from EFI secure boot. Background discussion is
     covered here: https://lwn.net/Articles/751061/

   -  Implementation as an LSM, with a default stackable lockdown LSM
      module. This allows the lockdown feature to be policy-driven,
      rather than encoding an implicit policy within the mechanism.

  The new locked_down LSM hook is provided to allow LSMs to make a
  policy decision around whether kernel functionality that would allow
  tampering with or examining the runtime state of the kernel should be
  permitted.

  The included lockdown LSM provides an implementation with a simple
  policy intended for general purpose use. This policy provides a coarse
  level of granularity, controllable via the kernel command line:

    lockdown={integrity|confidentiality}

  Enable the kernel lockdown feature. If set to integrity, kernel features
  that allow userland to modify the running kernel are disabled. If set to
  confidentiality, kernel features that allow userland to extract
  confidential information from the kernel are also disabled.

  This may also be controlled via /sys/kernel/security/lockdown and
  overriden by kernel configuration.

  New or existing LSMs may implement finer-grained controls of the
  lockdown features. Refer to the lockdown_reason documentation in
  include/linux/security.h for details.

  The lockdown feature has had signficant design feedback and review
  across many subsystems. This code has been in linux-next for some
  weeks, with a few fixes applied along the way.

  Stephen Rothwell noted that commit 9d1f8be5cf ("bpf: Restrict bpf
  when kernel lockdown is in confidentiality mode") is missing a
  Signed-off-by from its author. Matthew responded that he is providing
  this under category (c) of the DCO"

* 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (31 commits)
  kexec: Fix file verification on S390
  security: constify some arrays in lockdown LSM
  lockdown: Print current->comm in restriction messages
  efi: Restrict efivar_ssdt_load when the kernel is locked down
  tracefs: Restrict tracefs when the kernel is locked down
  debugfs: Restrict debugfs when the kernel is locked down
  kexec: Allow kexec_file() with appropriate IMA policy when locked down
  lockdown: Lock down perf when in confidentiality mode
  bpf: Restrict bpf when kernel lockdown is in confidentiality mode
  lockdown: Lock down tracing and perf kprobes when in confidentiality mode
  lockdown: Lock down /proc/kcore
  x86/mmiotrace: Lock down the testmmiotrace module
  lockdown: Lock down module params that specify hardware parameters (eg. ioport)
  lockdown: Lock down TIOCSSERIAL
  lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down
  acpi: Disable ACPI table override if the kernel is locked down
  acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down
  ACPI: Limit access to custom_method when the kernel is locked down
  x86/msr: Restrict MSR access when the kernel is locked down
  x86: Lock down IO port access when the kernel is locked down
  ...
2019-09-28 08:14:15 -07:00
..
8250 serial: 8250_pci: Implement MSI(-X) support 2019-09-04 12:43:55 +02:00
cpm_uart tty: cpm_uart: drop unused iflag macro 2019-05-24 10:09:16 +02:00
jsm tty: add SPDX identifiers to Kconfig and Makefiles 2019-04-04 18:48:43 +02:00
21285.c
altera_jtaguart.c
altera_uart.c
amba-pl010.c
amba-pl011.c tty: Remove dev_err() usage after platform_get_irq() 2019-09-04 12:43:49 +02:00
amba-pl011.h
apbuart.c
apbuart.h
ar933x_uart.c serial: ar933x_uart: Fix build failure with disabled console 2019-03-19 15:37:44 +01:00
arc_uart.c
atmel_serial.c tty/serial: atmel: remove unneeded atmel_get_lines_status function 2019-09-04 12:43:55 +02:00
atmel_serial.h tty/serial: atmel: add ISO7816 support 2018-10-02 13:38:55 -07:00
bcm63xx_uart.c
clps711x.c serial: clps711x: Remove board support 2019-01-08 16:55:18 +01:00
digicolor-usart.c tty/serial: digicolor: Fix digicolor-usart already registered warning 2019-06-10 19:08:31 +02:00
dz.c
dz.h
earlycon-arm-semihost.c
earlycon-riscv-sbi.c tty/serial: use uart_console_write in the RISC-V SBL early console 2019-01-23 15:41:50 -08:00
earlycon.c
efm32-uart.c
fsl_linflexuart.c tty: serial: fix platform_no_drv_owner.cocci warnings 2019-09-04 12:44:11 +02:00
fsl_lpuart.c tty: serial: fsl_lpuart: Ignore TX/RX interrupts if DMA is enabled 2019-09-04 12:43:51 +02:00
icom.c tty: serial: Remove call to memset after pci_alloc_consistent 2019-09-04 12:43:44 +02:00
icom.h
ifx6x60.c
ifx6x60.h
imx.c serial: imx: use Tx ready rather than Tx empty irq 2019-09-04 12:43:55 +02:00
ip22zilog.c
ip22zilog.h
Kconfig TTY/Serial driver changes for 5.4-rc1 2019-09-18 10:50:47 -07:00
kgdb_nmi.c
kgdboc.c kgdboc: disable the console lock when in kgdb 2019-07-30 17:39:39 +02:00
lantiq.c serial: lantiq: Add support for Lightning Mountain SoC 2019-09-04 12:43:53 +02:00
lpc32xx_hs.c TTY/Serial driver changes for 5.4-rc1 2019-09-18 10:50:47 -07:00
Makefile TTY/Serial driver changes for 5.4-rc1 2019-09-18 10:50:47 -07:00
max310x.c serial: max310x: turn off transmitter before activating AutoCTS or auto transmitter flow control 2019-09-05 09:57:44 +02:00
max3100.c
mcf.c
men_z135_uart.c drivers: Remove explicit invocations of mmiowb() 2019-04-08 12:01:02 +01:00
meson_uart.c tty: serial: meson: if no alias specified use an available id 2019-01-18 11:22:22 +01:00
milbeaut_usio.c serial: milbeaut_usio: Fix error handling in probe and remove 2019-04-29 16:20:24 +02:00
mpc52xx_uart.c
mps2-uart.c serial: mps2-uart: Add parentheses around conditional in mps2_uart_shutdown 2019-01-31 19:34:10 +01:00
msm_serial.c tty: serial: msm_serial: avoid system lockup condition 2019-06-10 19:42:35 +02:00
mux.c
mvebu-uart.c tty: Remove dev_err() usage after platform_get_irq() 2019-09-04 12:43:49 +02:00
mxs-auart.c serial: mxs-auart: Don't check for mctrl_gpio_to_gpiod() returning error 2019-09-04 12:43:54 +02:00
omap-serial.c
owl-uart.c tty: Remove dev_err() usage after platform_get_irq() 2019-09-04 12:43:49 +02:00
pch_uart.c PCI: Move Rohm Vendor ID to generic list 2019-02-01 17:24:52 -06:00
pic32_uart.c serial: set suppress_bind_attrs flag only if builtin 2018-11-09 09:07:17 -08:00
pic32_uart.h
pmac_zilog.c tty: Use of_node_name_{eq,prefix} for node name comparisons 2018-12-17 16:12:17 +01:00
pmac_zilog.h
pnx8xxx_uart.c
pxa.c
qcom_geni_serial.c tty: serial: qcom_geni_serial: use devm_platform_ioremap_resource() to simplify code 2019-09-04 12:43:50 +02:00
rda-uart.c tty: Remove dev_err() usage after platform_get_irq() 2019-09-04 12:43:49 +02:00
rp2.c
sa1100.c serial: sa1100: add note about modem control signals 2019-06-04 12:56:33 +01:00
samsung.c tty: serial: samsung: Enable baud clock during initialisation 2019-02-19 13:42:08 +01:00
samsung.h
sb1250-duart.c
sc16is7xx.c Merge 5.1-rc6 into tty-next 2019-04-21 23:20:08 +02:00
sccnxp.c tty: Remove dev_err() usage after platform_get_irq() 2019-09-04 12:43:49 +02:00
serial_core.c Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-09-28 08:14:15 -07:00
serial_mctrl_gpio.c serial: mctrl_gpio: Use gpiod flags directly 2019-09-04 12:43:55 +02:00
serial_mctrl_gpio.h serial: mctrl_gpio: Avoid probe failures in case of missing gpiolib 2019-09-04 12:43:50 +02:00
serial_txx9.c drivers: Remove explicit invocations of mmiowb() 2019-04-08 12:01:02 +01:00
serial-tegra.c serial: tegra: Add PIO mode support 2019-09-05 10:00:05 +02:00
sh-sci.c serial: sh-sci: Don't check for mctrl_gpio_to_gpiod() returning error 2019-09-04 12:43:54 +02:00
sh-sci.h
sifive.c tty: Remove dev_err() usage after platform_get_irq() 2019-09-04 12:43:49 +02:00
sirfsoc_uart.c
sirfsoc_uart.h
sprd_serial.c serial: sprd: correct the wrong sequence of arguments 2019-09-05 09:57:44 +02:00
st-asc.c
stm32-usart.c tty: Remove dev_err() usage after platform_get_irq() 2019-09-04 12:43:49 +02:00
stm32-usart.h serial: stm32: add support of RX FIFO threshold 2019-06-21 11:17:36 +02:00
suncore.c tty: Use of_node_name_{eq,prefix} for node name comparisons 2018-12-17 16:12:17 +01:00
sunhv.c sunhv: Fix device naming inconsistency between sunhv_console and sunhv_reg 2019-06-13 14:04:37 -07:00
sunsab.c
sunsab.h
sunsu.c TTY/Serial driver patches for 4.21-rc1 2018-12-28 20:33:54 -08:00
sunzilog.c
sunzilog.h
tegra-tcu.c serial: Add Tegra Combined UART driver 2019-01-30 09:31:31 +01:00
timbuart.c
timbuart.h
uartlite.c serial-uartlite: fix null pointer dereference on pointer port 2018-11-27 09:08:15 +01:00
ucc_uart.c docs: serial: move it to the driver-api 2019-07-15 11:03:03 -03:00
vr41xx_siu.c
vt8500_serial.c
xilinx_uartps.c xilinx_uartps.c: suppress "may be used uninitialised" warning 2019-09-04 12:43:49 +02:00
zs.c
zs.h