From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Wed, 11 Apr 2012 23:01:25 +0000 (-0700)
Subject: 3.0-stable patches
X-Git-Tag: v3.3.2~2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1c23e65fb052a6e31ac7fb67ceb9bdb3afda1dc3;p=thirdparty%2Fkernel%2Fstable-queue.git

3.0-stable patches

added patches:
	bluetooth-fix-l2cap-conn-failures-for-ssp-devices.patch
	iommu-amd-make-sure-iommu-interrupts-are-re-enabled-on-resume.patch
	tomoyo-fix-mount-flags-checking-order.patch
---

diff --git a/queue-3.0/bluetooth-fix-l2cap-conn-failures-for-ssp-devices.patch b/queue-3.0/bluetooth-fix-l2cap-conn-failures-for-ssp-devices.patch
new file mode 100644
index 00000000000..54a8b94e01a
--- /dev/null
+++ b/queue-3.0/bluetooth-fix-l2cap-conn-failures-for-ssp-devices.patch
@@ -0,0 +1,45 @@
+From wagi@monom.org  Wed Apr 11 15:53:26 2012
+From: Daniel Wagner <wagi@monom.org>
+Date: Mon,  2 Apr 2012 13:44:56 +0200
+Subject: Bluetooth: Fix l2cap conn failures for ssp devices
+To: stable@vger.kernel.org
+Cc: gustavo@padovan.org, greg@kroah.com, Peter Hurley <peter@hurleysoftware.com>, Johan Hedberg <johan.hedberg@intel.com>
+Message-ID: <1333367096-12281-1-git-send-email-wagi@monom.org>
+
+
+From: Peter Hurley <peter@hurleysoftware.com>
+
+commit 18daf1644e634bae951a6e3d4d19d89170209762 upstream
+
+Commit 330605423c fixed l2cap conn establishment for non-ssp remote
+devices by not setting HCI_CONN_ENCRYPT_PEND every time conn security
+is tested (which was always returning failure on any subsequent
+security checks).
+
+However, this broke l2cap conn establishment for ssp remote devices
+when an ACL link was already established at SDP-level security. This
+fix ensures that encryption must be pending whenever authentication
+is also pending.
+
+Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
+Tested-by: Daniel Wagner <daniel.wagner@bmw-carit.de>
+Acked-by: Marcel Holtmann <marcel@holtmann.org>
+Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
+
+---
+ net/bluetooth/hci_conn.c |    4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/net/bluetooth/hci_conn.c
++++ b/net/bluetooth/hci_conn.c
+@@ -548,6 +548,10 @@ static int hci_conn_auth(struct hci_conn
+ 
+ 	if (!test_and_set_bit(HCI_CONN_AUTH_PEND, &conn->pend)) {
+ 		struct hci_cp_auth_requested cp;
++
++		/* encrypt must be pending if auth is also pending */
++		set_bit(HCI_CONN_ENCRYPT_PEND, &conn->pend);
++
+ 		cp.handle = cpu_to_le16(conn->handle);
+ 		hci_send_cmd(conn->hdev, HCI_OP_AUTH_REQUESTED,
+ 							sizeof(cp), &cp);
diff --git a/queue-3.0/iommu-amd-make-sure-iommu-interrupts-are-re-enabled-on-resume.patch b/queue-3.0/iommu-amd-make-sure-iommu-interrupts-are-re-enabled-on-resume.patch
new file mode 100644
index 00000000000..599b1fa1110
--- /dev/null
+++ b/queue-3.0/iommu-amd-make-sure-iommu-interrupts-are-re-enabled-on-resume.patch
@@ -0,0 +1,80 @@
+From joerg.roedel@amd.com  Wed Apr 11 15:51:31 2012
+From: Joerg Roedel <joerg.roedel@amd.com>
+Date: Wed, 11 Apr 2012 18:45:52 +0200
+Subject: iommu/amd: Make sure IOMMU interrupts are re-enabled on resume
+To: Greg KH <gregkh@linuxfoundation.org>
+Cc: Joerg Roedel <joerg.roedel@amd.com>, Ben Hutchings <ben@decadent.org.uk>
+Message-ID: <1334162752-18625-1-git-send-email-joerg.roedel@amd.com>
+
+From: Joerg Roedel <joerg.roedel@amd.com>
+
+commit 9ddd592a191b32f2ee6c4b6ed2bd52665c3a49f5 upstream.
+
+Unfortunatly the interrupts for the event log and the
+peripheral page-faults are only enabled at boot but not
+re-enabled at resume. Fix that.
+
+Signed-off-by: Joerg Roedel <joerg.roedel@amd.com>
+[bwh: Backport to 3.0:
+ - Drop change to PPR log which was added in 3.3
+  - Source is under arch/x86/kernel]
+Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ arch/x86/kernel/amd_iommu_init.c |   24 +++++++++++++++++-------
+ 1 file changed, 17 insertions(+), 7 deletions(-)
+
+--- a/arch/x86/kernel/amd_iommu_init.c
++++ b/arch/x86/kernel/amd_iommu_init.c
+@@ -1031,8 +1031,9 @@ static int iommu_setup_msi(struct amd_io
+ {
+ 	int r;
+ 
+-	if (pci_enable_msi(iommu->dev))
+-		return 1;
++	r = pci_enable_msi(iommu->dev);
++	if (r)
++		return r;
+ 
+ 	r = request_threaded_irq(iommu->dev->irq,
+ 				 amd_iommu_int_handler,
+@@ -1042,24 +1043,33 @@ static int iommu_setup_msi(struct amd_io
+ 
+ 	if (r) {
+ 		pci_disable_msi(iommu->dev);
+-		return 1;
++		return r;
+ 	}
+ 
+ 	iommu->int_enabled = true;
+-	iommu_feature_enable(iommu, CONTROL_EVT_INT_EN);
+ 
+ 	return 0;
+ }
+ 
+ static int iommu_init_msi(struct amd_iommu *iommu)
+ {
++	int ret;
++
+ 	if (iommu->int_enabled)
+-		return 0;
++		goto enable_faults;
+ 
+ 	if (pci_find_capability(iommu->dev, PCI_CAP_ID_MSI))
+-		return iommu_setup_msi(iommu);
++		ret = iommu_setup_msi(iommu);
++	else
++		ret = -ENODEV;
++
++	if (ret)
++		return ret;
+ 
+-	return 1;
++enable_faults:
++	iommu_feature_enable(iommu, CONTROL_EVT_INT_EN);
++
++	return 0;
+ }
+ 
+ /****************************************************************************
diff --git a/queue-3.0/series b/queue-3.0/series
index fceb5f6c7c2..02d80da0bac 100644
--- a/queue-3.0/series
+++ b/queue-3.0/series
@@ -37,3 +37,6 @@ mfd-clear-twl6030-irq-status-register-only-once.patch
 usb-add-motorola-rokr-e6-id-to-the-usbnet-driver-zaurus.patch
 asoc-ak4642-fixup-mute-needs-1-step.patch
 cred-copy_process-should-clear-child-replacement_session_keyring.patch
+iommu-amd-make-sure-iommu-interrupts-are-re-enabled-on-resume.patch
+tomoyo-fix-mount-flags-checking-order.patch
+bluetooth-fix-l2cap-conn-failures-for-ssp-devices.patch
diff --git a/queue-3.0/tomoyo-fix-mount-flags-checking-order.patch b/queue-3.0/tomoyo-fix-mount-flags-checking-order.patch
new file mode 100644
index 00000000000..80ae7fb304d
--- /dev/null
+++ b/queue-3.0/tomoyo-fix-mount-flags-checking-order.patch
@@ -0,0 +1,95 @@
+From jrnieder@gmail.com  Wed Apr 11 15:52:01 2012
+From: Jonathan Nieder <jrnieder@gmail.com>
+Date: Tue, 10 Apr 2012 20:54:43 -0500
+Subject: TOMOYO: Fix mount flags checking order.
+To: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Cc: Greg KH <gregkh@linuxfoundation.org>, stable@vger.kernel.org
+Message-ID: <20120411015443.GF11506@burratino>
+Content-Disposition: inline
+
+
+From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+
+commit df91e49477a9be15921cb2854e1d12a3bdb5e425 upstream.
+
+Userspace can pass in arbitrary combinations of MS_* flags to mount().
+
+If both MS_BIND and one of MS_SHARED/MS_PRIVATE/MS_SLAVE/MS_UNBINDABLE are
+passed, device name which should be checked for MS_BIND was not checked because
+MS_SHARED/MS_PRIVATE/MS_SLAVE/MS_UNBINDABLE had higher priority than MS_BIND.
+
+If both one of MS_BIND/MS_MOVE and MS_REMOUNT are passed, device name which
+should not be checked for MS_REMOUNT was checked because MS_BIND/MS_MOVE had
+higher priority than MS_REMOUNT.
+
+Fix these bugs by changing priority to MS_REMOUNT -> MS_BIND ->
+MS_SHARED/MS_PRIVATE/MS_SLAVE/MS_UNBINDABLE -> MS_MOVE as with do_mount() does.
+
+Also, unconditionally return -EINVAL if more than one of
+MS_SHARED/MS_PRIVATE/MS_SLAVE/MS_UNBINDABLE is passed so that TOMOYO will not
+generate inaccurate audit logs, for commit 7a2e8a8f "VFS: Sanity check mount
+flags passed to change_mnt_propagation()" clarified that these flags must be
+exclusively passed.
+
+Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Signed-off-by: James Morris <james.l.morris@oracle.com>
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ security/tomoyo/mount.c |   38 ++++++++++++++++++++------------------
+ 1 file changed, 20 insertions(+), 18 deletions(-)
+
+--- a/security/tomoyo/mount.c
++++ b/security/tomoyo/mount.c
+@@ -205,30 +205,32 @@ int tomoyo_mount_permission(char *dev_na
+ 	if (flags & MS_REMOUNT) {
+ 		type = TOMOYO_MOUNT_REMOUNT_KEYWORD;
+ 		flags &= ~MS_REMOUNT;
+-	}
+-	if (flags & MS_MOVE) {
+-		type = TOMOYO_MOUNT_MOVE_KEYWORD;
+-		flags &= ~MS_MOVE;
+-	}
+-	if (flags & MS_BIND) {
++	} else if (flags & MS_BIND) {
+ 		type = TOMOYO_MOUNT_BIND_KEYWORD;
+ 		flags &= ~MS_BIND;
+-	}
+-	if (flags & MS_UNBINDABLE) {
+-		type = TOMOYO_MOUNT_MAKE_UNBINDABLE_KEYWORD;
+-		flags &= ~MS_UNBINDABLE;
+-	}
+-	if (flags & MS_PRIVATE) {
++	} else if (flags & MS_SHARED) {
++		if (flags & (MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
++			return -EINVAL;
++		type = TOMOYO_MOUNT_MAKE_SHARED_KEYWORD;
++		flags &= ~MS_SHARED;
++	} else if (flags & MS_PRIVATE) {
++		if (flags & (MS_SHARED | MS_SLAVE | MS_UNBINDABLE))
++			return -EINVAL;
+ 		type = TOMOYO_MOUNT_MAKE_PRIVATE_KEYWORD;
+ 		flags &= ~MS_PRIVATE;
+-	}
+-	if (flags & MS_SLAVE) {
++	} else if (flags & MS_SLAVE) {
++		if (flags & (MS_SHARED | MS_PRIVATE | MS_UNBINDABLE))
++			return -EINVAL;
+ 		type = TOMOYO_MOUNT_MAKE_SLAVE_KEYWORD;
+ 		flags &= ~MS_SLAVE;
+-	}
+-	if (flags & MS_SHARED) {
+-		type = TOMOYO_MOUNT_MAKE_SHARED_KEYWORD;
+-		flags &= ~MS_SHARED;
++	} else if (flags & MS_UNBINDABLE) {
++		if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE))
++			return -EINVAL;
++		type = TOMOYO_MOUNT_MAKE_UNBINDABLE_KEYWORD;
++		flags &= ~MS_UNBINDABLE;
++	} else if (flags & MS_MOVE) {
++		type = TOMOYO_MOUNT_MOVE_KEYWORD;
++		flags &= ~MS_MOVE;
+ 	}
+ 	if (!type)
+ 		type = "<NULL>";