Age | Commit message (Collapse) | Author |
|
Currently the x20 build relies on the original source directory being
added to the CLFAGS, however regular (non-android) kernel builds never
do this.
Rather than requiring a wrapper around the build system to force this
it is better to fix the Makefiles for drivers where this is required
(and to replace #include <> with #include "" for other drivers).
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
|
|
Make the kernel work with AOSP 7.1
|
|
/proc/sys/vm is where init expects to find them.
It's also where the files are in newer upstream kernels.
Signed-off-by: Bernhard Rosenkränzer <Bernhard.Rosenkranzer@linaro.org>
|
|
This is a backport of the patches at
https://lkml.org/lkml/2016/2/4/833
https://lkml.org/lkml/2015/12/21/341
https://lkml.org/lkml/2015/12/21/340
They're required to boot up AOSP N without getting
an instant reboot caused by
"Unable to set adequate mmap entropy value!"
Signed-off-by: Bernhard Rosenkränzer <Bernhard.Rosenkranzer@linaro.org>
Signed-off-by: Daniel Cashman <dcashman@android.com>
|
|
Helio x20
|
|
|
|
Helio x20
|
|
Resending patches that got merged before the recovery
|
|
|
|
helio-x20
|
|
|
|
drivers/misc/mediatek/base/power/Makefile has references
to drivers for other Mediatek platforms that aren't included
in this kernel, causing
./scripts/Makefile.clean:17:
drivers/misc/mediatek/base/power/mt2701_dcm/Makefile: No such
file or directory.
when running mrproper.
Signed-off-by: Bernhard Rosenkränzer <bero@linaro.org>
|
|
From: Daniel Cashman <dcashman@android.com>
https://lkml.org/lkml/2016/2/4/831
Signed-off-by: Bernhard Rosenkraenzer <bero@linaro.org>
|
|
From: dcashman <dcashman@google.com>
https://lkml.org/lkml/2015/12/21/337
ASLR only uses as few as 8 bits to generate the random offset for the
mmap base address on 32 bit architectures. This value was chosen to
prevent a poorly chosen value from dividing the address space in such
a way as to prevent large allocations. This may not be an issue on all
platforms. Allow the specification of a minimum number of bits so that
platforms desiring greater ASLR protection may determine where to place
the trade-off.
Signed-off-by: Daniel Cashman <dcashman@android.com>
|
|
(cherry picked from commit a5a6579db33af91f4f5134e14be758dc71c1b694)
A userspace call to mmap(MAP_LOCKED) may result in the successful locking
of memory while also producing a confusing audit log denial. can_do_mlock
checks capable and rlimit. If either of these return positive
can_do_mlock returns true. The capable check leads to an LSM hook used by
apparmour and selinux which produce the audit denial. Reordering so
rlimit is checked first eliminates the denial on success, only recording a
denial when the lock is unsuccessful as a result of the denial.
Change-Id: I83e0b9d44755633fd09d062e8e2be25e5f7526e6
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by: Nick Kralevich <nnk@google.com>
Cc: Jeff Vander Stoep <jeffv@google.com>
Cc: Sasha Levin <sasha.levin@oracle.com>
Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: Rik van Riel <riel@redhat.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Paul Cassella <cassella@cray.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
|
|
NOT intended for new Android devices - this commit is unnecessary
for a target device that does not have a previous M variant.
DO NOT upstream. Android only.
Motivation:
This commit mitigates a mismatch between selinux kernel and
selinux userspace. The selinux ioctl white-listing binary policy
format that was accepted into Android M differs slightly from what
was later accepted into the upstream kernel. This leaves Android
master branch kernels incompatible with Android M releases. This
patch restores backwards compatibility. This is important because:
1. kernels may be updated on a different cycle than the rest of the
OS e.g. security patching.
2. Android M bringup may still be ongoing for some devices. The
same kernel should work for both M and master.
Backwards compatibility is achieved by checking for an Android M
policy characteristic during initial policy read and converting to
upstream policy format. The inverse conversion is done for policy
write as required for CTS testing.
Bug: 22846070
Change-Id: I2f1ee2eee402f37cf3c9df9f9e03c1b9ddec1929
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
|
|
(cherry picked from commit commit f3bef67992e8698897b584616535803887c4a73e)
commit fa1aa143ac4a ("selinux: extended permissions for ioctls")
introduced a bug into the handling of conditional rules, skipping the
processing entirely when the caller does not provide an extended
permissions (xperms) structure. Access checks from userspace using
/sys/fs/selinux/access do not include such a structure since that
interface does not presently expose extended permission information.
As a result, conditional rules were being ignored entirely on userspace
access requests, producing denials when access was allowed by
conditional rules in the policy. Fix the bug by only skipping
computation of extended permissions in this situation, not the entire
conditional rules processing.
Change-Id: I24f39e3907d0b00a4194e15a4472e8d859508fa9
Reported-by: Laurent Bigonville <bigon@debian.org>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
[PM: fixed long lines in patch description]
Cc: stable@vger.kernel.org # 4.3
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
|
(cherry picked from commit fa1aa143ac4a682c7f5fd52a3cf05f5a6fe44a0a)
Add extended permissions logic to selinux. Extended permissions
provides additional permissions in 256 bit increments. Extend the
generic ioctl permission check to use the extended permissions for
per-command filtering. Source/target/class sets including the ioctl
permission may additionally include a set of commands. Example:
allowxperm <source> <target>:<class> ioctl unpriv_app_socket_cmds
auditallowxperm <source> <target>:<class> ioctl priv_gpu_cmds
Where unpriv_app_socket_cmds and priv_gpu_cmds are macros
representing commonly granted sets of ioctl commands.
When ioctl commands are omitted only the permissions are checked.
This feature is intended to provide finer granularity for the ioctl
permission that may be too imprecise. For example, the same driver
may use ioctls to provide important and benign functionality such as
driver version or socket type as well as dangerous capabilities such
as debugging features, read/write/execute to physical memory or
access to sensitive data. Per-command filtering provides a mechanism
to reduce the attack surface of the kernel, and limit applications
to the subset of commands required.
The format of the policy binary has been modified to include ioctl
commands, and the policy version number has been incremented to
POLICYDB_VERSION_XPERMS_IOCTL=30 to account for the format
change.
The extended permissions logic is deliberately generic to allow
components to be reused e.g. netlink filters
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by: Nick Kralevich <nnk@google.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Bug: 22846070
Change-Id: I7c6bdc0362657b47aa1388936c5a1300bc5c0b42
|
|
(cherry pick from commit 671a2781ff01abf4fdc8904881fc3abd3a8279af)
Add information about ioctl calls to the LSM audit data. Log the
file path and command number.
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by: Nick Kralevich <nnk@google.com>
[PM: subject line tweak]
Signed-off-by: Paul Moore <pmoore@redhat.com>
Bug: 22846070
Change-Id: I88a6ecdd59297a315a6fb9c82c0a798bdb6bafaa
|
|
(cherry pick from commit 83d4a806ae46397f606de7376b831524bd3a21e5)
Commit f01e1af445fa ("selinux: don't pass in NULL avd to avc_has_perm_noaudit")
made this pointer reassignment unnecessary. Avd should continue to reference
the stack-based copy.
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
[PM: tweaked subject line]
Signed-off-by: Paul Moore <pmoore@redhat.com>
Bug: 22846070
Change-Id: I8fcba45a5acc4de862bd5b3f07bf4980f67133c4
|
|
This reverts commit b9417e527039f72073a0d368955bd1267f92ba70.
Bug: 22846070
Change-Id: I11d8880135a32b54e8eb8b95091b0226aa16735e
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
|
|
This reverts commit ba733f9857b966459316d0cd33b8da2e22f62d7d.
Bug: 22846070
Change-Id: I4b5d9ce72996b7cf5b972dbcae22fbd6aff05149
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
|
|
This reverts commit e623b152f30f6f1204919315df37244d69e5d55e.
Bug: 22846070
Change-Id: Ief7a906b613adcf316e734270a1da2fbd1ce6cb8
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
|
|
This reverts commit 6bdf36786e225facf5ad2ed383a29ffd488e60ac.
Bug: 22846070
Change-Id: I47ae4ef40c688d96e2e5062506998808b9e4f603
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
|
|
Merge Alps release m0.mp21 linaro
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[Detail]
1.modify .dts&.dtsi file according to amt6797_64 project
2.modify .dws file that reuse ext_disp i2c node from 0x39 to 0x1d
3.add open package related code to ext_disp
which is switch by HDMI_OPEN_PACKAGE_SUPPORT macro
4.add MT8193 multibridge code
5.open HDMI & MT8193 in config file
[Solution]
HDMI_OPEN_PACKAGE_SUPPORT is default DISABLE
when build for open package, we should enable this macro
in src code
MTK-Commit-Id: 7ce45ca43a300ee6f173bfd123d75bb7539f16de
Change-Id: I4f37dba556356c0b48d155aba393b4ff0413e699
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
CR-Id: ALPS02768792
Feature: Driver
|
|
[Detail]
add 20nm specific setting to fix
disconect interrupt missing issue
MTK-Commit-Id: 245c462822d1d9fa46d4a2f6d418e331883d3842
Change-Id: I4c65a7a19fc77102dbd167dfc5bac2ed3786c531
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
CR-Id: ALPS02752192
Feature: UMS (Usb Mass Storage)
|
|
[Detail] add amt/amt6797_64_open project defconfig and codegen.dws files
[Solution] clone from evb6797_64_open
[Other] customer project creation
MTK-Commit-Id: e57365be27ca012f0338ffe023a6f28339f48325
Change-Id: I0f40184bdb89e0f40b9c2ac6fe319c99be9e660d
Feature: Others
CR-Id: ALPS02751983
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
|
|
[Detail] remove amt/amt6797_64_open project defconfig and codegen.dws files
[Solution] N/A
[Other] customer project creation
MTK-Commit-Id: 8d148c44f3fc84dfd0bf97be3961bb48e473e659
Change-Id: I0578197a5acecda94a5341549ac7d204e7174b8b
Feature: Others
CR-Id: ALPS02751983
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
|
|
[Detail]
1. Enable USB host driver on kernel defconfig
2. Add gpio iddig and drrvbus config to dts
[Solution]
Apply these settings
1. CONFIG_USB_XHCI_MTK=y
2. CONFIG_USB_MTK_DUALMODE=y
3. CONFIG_USB_XHCI_HCD=y
MTK-Commit-Id: 3a6e9f5b1148b063e08515b384fa365ebdf37a8a
Change-Id: I26dd5553fc5b500651b04fc07aa78d9060146723
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
CR-Id: ALPS02308504
Feature: [Android Default] USB OTG
|
|
[Detail]
Add correct file header license statement as its part of mtk kernel
driver source.
[Solution]
Add correct file header license statement as its part of mtk kernel
driver source.
MTK-Commit-Id: 1ad3c81aeaf9cef5ab160bbd90fef567e002ff78
Change-Id: I13ad243d4e942b98b65cc7d3f79c5c6a5680f35e
CR-Id: ALPS02710778
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
|
|
[Detail] Add File Header to Declare Copyright.
[Solution] Add File Header.
MTK-Commit-Id: 8995abc0e717dfc6ea419029793ee360771525f1
Change-Id: I9a4e12000eefca5e5365745ee0ccf0adc3f227fc
CR-Id: ALPS02737937
Feature: Camera.
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
|
|
[Detail]
[Solution]
MTK-Commit-Id: d9eced2bf97aa53d09588a6bd1ac0f36fbe8effa
Change-Id: I2cdd9a75c8c134d335dd28f846de86ce69e69575
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
CR-Id: ALPS02736757
Feature: Others
|
|
[Detail]
Modify file copyright information.
[Solution]
Modify file copyright information.
MTK-Commit-Id: c52ada171f41cbfb02b4cae148eefa45fd0e126c
Change-Id: I55a3d3fa3b0b64266d7f690da5a8c449c86c55cf
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
CR-Id: ALPS02736676
Feature: Others
|
|
[Detail] mtk copyright&GPLv2 license statement
[Solution] mtk copyright&GPLv2 license statement
MTK-Commit-Id: aac4f57f0fcc478466b0b366a482a5bd7502c2d5
Change-Id: I7544db16f575bf4d79fe7a3c32d05153a5f73be8
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
CR-Id: ALPS02494638
Feature: Others
|
|
[Detail]
add GPLv2 header and remove history
[Solution]
modify gen2 47 files, last commit lose scan_fsm.c
MTK-Commit-Id: d9cbfaaacfb71e903fcf6721f03a7d974e53b426
Change-Id: I816fb47c96dcc2f3893c358e4233848906107630
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
CR-Id: ALPS02734249
Feature: [Android Default] Wi-Fi Driver for SoC
|
|
[Detail]
add "MTK copyright&GPLv2 license statement"
MTK-Commit-Id: f0e0d23bae7d5dd73826e2b46140800416845b47
Change-Id: I866570d336efc561f3f345ffe494db872604edc8
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
CR-Id: ALPS02731271
Feature: Others
|
|
[Detail]
The files that added by MTK should be mark by MTK copyright and GPL license.
[Solution]
Add MTK copyright and GPL license statement at the head of every file.
MTK-Commit-Id: 83199374f0d2c90bb748e1846a14db28eea997ab
Change-Id: I889f03b2eac72871244d9a13606d200d66cb7288
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
CR-Id: ALPS02730529
Feature: WMT Driver for SoC
|
|
[Detail]
add "MTK copyright&GPLv2 license statement"
MTK-Commit-Id: bbf702b50cfece88d5792698abe197afad0c9b30
Change-Id: I8292b3d4b9761aa8957d52d99a4a2a4cc4a625b0
Signed-off-by: Shangbing Hu <shangbing.hu@mediatek.com>
CR-Id: ALPS02731271
Feature: Others
|