Merge branch 'master' of...

Rui Saraiva <rmps@joel.ist.utl.pt>

Sachin P Sant <ssant@in.ibm.com>

Sam Ravnborg <sam@mars.ravnborg.org>

Sascha Hauer <s.hauer@pengutronix.de>

S.Çağlar Onur <caglar@pardus.org.tr>

Simon Kelley <simon@thekelleys.org.uk>

Stéphane Witzmann <stephane.witzmann@ubpmes.univ-bpclermont.fr>

Thomas Graf <tgraf@suug.ch>

Tony Luck <tony.luck@intel.com>

Tsuneo Yoshioka <Tsuneo.Yoshioka@f-secure.com>

Uwe Kleine-König <Uwe.Kleine-Koenig@digi.com>

Uwe Kleine-König <ukleinek@informatik.uni-freiburg.de>

Uwe Kleine-König <ukl@pengutronix.de>

Uwe Kleine-König <Uwe.Kleine-Koenig@digi.com>

Valdis Kletnieks <Valdis.Kletnieks@vt.edu>

N: Pavel Machek

E: pavel@ucw.cz

E: pavel@suse.cz

D: Softcursor for vga, hypertech cdrom support, vcsa bugfix, nbd

D: sun4/330 port, capabilities for elf, speedup for rm on ext2, USB,

D: work on suspend-to-ram/disk, killing duplicates from ioctl32

S: Germany

N: Gertjan van Wingerde

E: gwingerde@home.nl

E: gwingerde@gmail.com

D: Ralink rt2x00 WLAN driver

D: Minix V2 file-system

D: Misc fixes

What:		security/ima/policy

Date:		May 2008

Contact:	Mimi Zohar <zohar@us.ibm.com>

Description:

		The Trusted Computing Group(TCG) runtime Integrity

		Measurement Architecture(IMA) maintains a list of hash

		values of executables and other sensitive system files

		loaded into the run-time of this system.  At runtime,

		the policy can be constrained based on LSM specific data.

		Policies are loaded into the securityfs file ima/policy

		by opening the file, writing the rules one at a time and

		then closing the file.  The new policy takes effect after

		the file ima/policy is closed.

		rule format: action [condition ...]

		action: measure | dont_measure

		condition:= base | lsm

			base:	[[func=] [mask=] [fsmagic=] [uid=]]

			lsm:	[[subj_user=] [subj_role=] [subj_type=]

				 [obj_user=] [obj_role=] [obj_type=]]

		base: 	func:= [BPRM_CHECK][FILE_MMAP][INODE_PERMISSION]

			mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]

			fsmagic:= hex value

			uid:= decimal value

		lsm:  	are LSM specific

		default policy:

			# PROC_SUPER_MAGIC

			dont_measure fsmagic=0x9fa0

			# SYSFS_MAGIC

			dont_measure fsmagic=0x62656572

			# DEBUGFS_MAGIC

			dont_measure fsmagic=0x64626720

			# TMPFS_MAGIC

			dont_measure fsmagic=0x01021994

			# SECURITYFS_MAGIC

			dont_measure fsmagic=0x73636673

			measure func=BPRM_CHECK

			measure func=FILE_MMAP mask=MAY_EXEC

			measure func=INODE_PERM mask=MAY_READ uid=0

		The default policy measures all executables in bprm_check,

		all files mmapped executable in file_mmap, and all files

		open for read by root in inode_permission.

		Examples of LSM specific definitions:

		SELinux:

			# SELINUX_MAGIC

			dont_measure fsmagic=0xF97CFF8C

			dont_measure obj_type=var_log_t

			dont_measure obj_type=auditd_log_t

			measure subj_user=system_u func=INODE_PERM mask=MAY_READ

			measure subj_role=system_r func=INODE_PERM mask=MAY_READ

		Smack:

			measure subj_user=_ func=INODE_PERM mask=MAY_READ

What:		/sys/bus/pci/drivers/.../bind

Date:		December 2003

Contact:	linux-pci@vger.kernel.org

Description:

		Writing a device location to this file will cause

		the driver to attempt to bind to the device found at

		this location.	This is useful for overriding default

		bindings.  The format for the location is: DDDD:BB:DD.F.

		That is Domain:Bus:Device.Function and is the same as

		found in /sys/bus/pci/devices/.  For example:

		# echo 0000:00:19.0 > /sys/bus/pci/drivers/foo/bind

		(Note: kernels before 2.6.28 may require echo -n).

What:		/sys/bus/pci/drivers/.../unbind

Date:		December 2003

Contact:	linux-pci@vger.kernel.org

Description:

		Writing a device location to this file will cause the

		driver to attempt to unbind from the device found at

		this location.	This may be useful when overriding default

		bindings.  The format for the location is: DDDD:BB:DD.F.

		That is Domain:Bus:Device.Function and is the same as

		found in /sys/bus/pci/devices/. For example:

		# echo 0000:00:19.0 > /sys/bus/pci/drivers/foo/unbind

		(Note: kernels before 2.6.28 may require echo -n).

What:		/sys/bus/pci/drivers/.../new_id

Date:		December 2003

Contact:	linux-pci@vger.kernel.org

Description:

		Writing a device ID to this file will attempt to

		dynamically add a new device ID to a PCI device driver.

		This may allow the driver to support more hardware than

		was included in the driver's static device ID support

		table at compile time.  The format for the device ID is:

		VVVV DDDD SVVV SDDD CCCC MMMM PPPP.  That is Vendor ID,

		Device ID, Subsystem Vendor ID, Subsystem Device ID,

		Class, Class Mask, and Private Driver Data.  The Vendor ID

		and Device ID fields are required, the rest are optional.

		Upon successfully adding an ID, the driver will probe

		for the device and attempt to bind to it.  For example:

		# echo "8086 10f5" > /sys/bus/pci/drivers/foo/new_id

What:		/sys/bus/pci/devices/.../vpd

Date:		February 2008

Contact:	Ben Hutchings <bhutchings@solarflare.com>

What:		/sys/firmware/memmap/

Date:		June 2008

Contact:	Bernhard Walle <bwalle@suse.de>

Contact:	Bernhard Walle <bernhard.walle@gmx.de>

Description:

		On all platforms, the firmware provides a memory map which the

		kernel reads. The resources from that memory map are registered