Minimal supplement to upstream Kernel Self Protection Project changes. Features already provided by SELinux + Yama and archs other than multiarch arm64 / x86_64 aren't in scope. Only tags have stable history. Shared IRC channel with KSPP: irc.libera.chat #linux-hardening
5105e78e5b
When the ideapad-laptop driver was first written it was written for laptops which had a hardware rfkill switch. So when the first ideapad laptops showed up without a hw rfkill switch and it turned out that in this case the ideapad firmware interface would always report the wifi being hardware- blocked, a DMI id list of models which lack a hw rfkill switch was started (by yours truly). Things were done this way to avoid regressing existing models with a hw rfkill switch. In hindsight this was a mistake. Lenovo releases a lot of ideapad models every year and even the latest models still use the "VPC2004" ACPI interface the ideapad-laptop driver binds to. Having a hw rfkill switch is quite rare on modern hardware, so all these new models need to be added to the no_hw_rfkill_list, leading to a never ending game of whack a mole. Worse the failure mode when not present on the list, is very bad. In this case the ideapad-laptop driver will report the wifi as being hw-blocked, at which points NetworkManager does not even try to use it and the user ends up with non working wifi. This leads to various Linux fora on the internet being filled with wifi not working on ideapad laptops stories, which does not make Linux look good. The failure mode when we flip the default to assuming that a hw rfkill switch is not present OTOH is quite benign. When we properly report the wifi as being hw-blocked on ideapads which do have the hw-switch; and it is in the wifi-off position, then at least when using NetworkManager + GNOME3 the user will get a "wifi disabled in hardware" message when trying to connect to the wifi from the UI. If OTOH we assume there is no hardware rfkill switch, then the user will get an empty list for the list of available networks. Although the empty list vs the "wifi disabled in hardware" message is a regression, it is a very minor regression and it can easily be fixed on a model by model basis by filling the new hw_rfkill_list this commit introduces. Therefor this commit removes the ever growing no_hw_rfkill_list, flipping the default to assuming there is no hw rfkill switch and adding a new hw_rfkill_list. Thereby fixing the wifi not working on all the current ideapad and yoga models which are not on the list yet and also fixing it for all future ideapad and yoga models using the "VPC2004" ACPI interface. Note once this patch has been accepted upstream. I plan to write a blog post asking for users of ideapads and yoga's with a hw rfkill switch to step forward, so that we can populate the new hw_rfkill_list with the few older yoga and ideapad models which actually have a hw rfkill switch. BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1703338 Signed-off-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> |
||
|---|---|---|
| arch | ||
| block | ||
| certs | ||
| crypto | ||
| Documentation | ||
| drivers | ||
| fs | ||
| include | ||
| init | ||
| ipc | ||
| kernel | ||
| lib | ||
| LICENSES | ||
| mm | ||
| net | ||
| samples | ||
| scripts | ||
| security | ||
| sound | ||
| tools | ||
| usr | ||
| virt | ||
| .clang-format | ||
| .cocciconfig | ||
| .get_maintainer.ignore | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| COPYING | ||
| CREDITS | ||
| Kbuild | ||
| Kconfig | ||
| MAINTAINERS | ||
| Makefile | ||
| README | ||
Linux kernel
============
There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.
In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``. The formatted documentation can also be read online at:
https://www.kernel.org/doc/html/latest/
There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.