summaryrefslogtreecommitdiffstats
path: root/scripts (follow)
Commit message (Collapse)AuthorAgeFilesLines
* treewide: remove references to the now unnecessary DEFINE_PCI_DEVICE_TABLEJoe Perches2016-09-022-10/+0
| | | | | | | | | | | | | | It's been eliminated from the sources, remove it from everywhere else. Link: http://lkml.kernel.org/r/076eff466fd7edb550c25c8b25d76924ca0eba62.1472660229.git.joe@perches.com Signed-off-by: Joe Perches <joe@perches.com> Cc: "James E.J. Bottomley" <jejb@linux.vnet.ibm.com> Cc: "Martin K. Petersen" <martin.petersen@oracle.com> Cc: Bjorn Helgaas <bhelgaas@google.com> Cc: Andy Whitcroft <apw@canonical.com> Cc: Jonathan Corbet <corbet@lwn.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* get_maintainer: quiet noisy implicit -f vcs_file_exists checkingJoe Perches2016-08-271-1/+3
| | | | | | | | | | | | | | | | Checking command line filenames that are outside the git tree can emit a noisy and confusing message. Quiet that message by redirecting stderr. Verify that the command was executed successfully. Fixes: 4cad35a7ca69 ("get_maintainer.pl: reduce need for command-line option -f") Link: http://lkml.kernel.org/r/1970a1d2fecb258e384e2e4fdaacdc9ccf3e30a4.1470955439.git.joe@perches.com Signed-off-by: Joe Perches <joe@perches.com> Reported-by: Wolfram Sang <wsa@the-dreams.de> Tested-by: Wolfram Sang <wsa@the-dreams.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* get_maintainer: Don't check if STDIN exists in a VCS repositoryJoe Perches2016-08-101-1/+1
| | | | | | | | | | | | | | If get_maintainer is not given any filename arguments on the command line, the standard input is read for a patch. But checking if a VCS has a file named &STDIN is not a good idea and fails. Verify the nominal input file is not &STDIN before checking the VCS. Fixes: 4cad35a7ca69 ("get_maintainer.pl: reduce need for command-line option -f") Reported-by: Christopher Covington <cov@codeaurora.org> Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* gcc-plugins: Add support for plugin subdirectoriesEmese Revfy2016-08-092-4/+8
| | | | | | | | | | This adds support for building more complex gcc plugins that live in a subdirectory instead of just in a single source file. Reported-by: PaX Team <pageexec@freemail.hu> Signed-off-by: Emese Revfy <re.emese@gmail.com> [kees: clarified commit message] Signed-off-by: Kees Cook <keescook@chromium.org>
* gcc-plugins: Automate make rule generationEmese Revfy2016-08-091-2/+1
| | | | | | | | | | There's no reason to repeat the same names in the Makefile when the .so files have already been listed. The .o list can be generated from them. Reported-by: PaX Team <pageexec@freemail.hu> Signed-off-by: Emese Revfy <re.emese@gmail.com> [kees: clarified commit message] Signed-off-by: Kees Cook <keescook@chromium.org>
* gcc-plugins: Add support for passing plugin argumentsEmese Revfy2016-08-091-1/+1
| | | | | | | | The latent_entropy plugin needs to pass arguments, so this adds the support. Signed-off-by: Emese Revfy <re.emese@gmail.com> Signed-off-by: Kees Cook <keescook@chromium.org>
* gcc-plugins: abort builds cleanly when not supportedKees Cook2016-08-092-9/+39
| | | | | | | | | When the compiler doesn't support gcc plugins (either due to missing headers or too old a version), report the problem and abort the build instead of emitting a warning and letting the build founder with arcane compiler errors. Signed-off-by: Kees Cook <keescook@chromium.org>
* kbuild: no gcc-plugins during cc-option testsEmese Revfy2016-08-091-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The gcc-plugins arguments should not be included when performing cc-option tests. Steps to reproduce: 1) make mrproper 2) make defconfig 3) enable GCC_PLUGINS, GCC_PLUGIN_CYC_COMPLEXITY 4) enable FUNCTION_TRACER (it will select other options as well) 5) make && make modules Build errors: MODPOST 18 modules ERROR: "__fentry__" [net/netfilter/xt_nat.ko] undefined! ERROR: "__fentry__" [net/netfilter/xt_mark.ko] undefined! ERROR: "__fentry__" [net/netfilter/xt_addrtype.ko] undefined! ERROR: "__fentry__" [net/netfilter/xt_LOG.ko] undefined! ERROR: "__fentry__" [net/netfilter/nf_nat_sip.ko] undefined! ERROR: "__fentry__" [net/netfilter/nf_nat_irc.ko] undefined! ERROR: "__fentry__" [net/netfilter/nf_nat_ftp.ko] undefined! ERROR: "__fentry__" [net/netfilter/nf_nat.ko] undefined! Reported-by: Laura Abbott <labbott@redhat.com> Signed-off-by: Emese Revfy <re.emese@gmail.com> [kees: renamed variable, clarified commit message] Signed-off-by: Kees Cook <keescook@chromium.org>
* Merge tag 'trace-v4.8-1' of ↵Linus Torvalds2016-08-031-1/+8
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace Pull tracing fixes from Steven Rostedt: "A few updates and fixes: - move the suppressing of the __builtin_return_address >0 warning to the tracing directory only. - metag recordmcount fix for newer glibc's - two tracing histogram fixes that were reported by KASAN" * tag 'trace-v4.8-1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace: tracing: Fix use-after-free in hist_register_trigger() tracing: Fix use-after-free in hist_unreg_all/hist_enable_unreg_all Makefile: Mute warning for __builtin_return_address(>0) for tracing only ftrace/recordmcount: Work around for addition of metag magic but not relocations
| * ftrace/recordmcount: Work around for addition of metag magic but not relocationsLaura Abbott2016-08-021-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | glibc recently did a sync up (94e73c95d9b5 "elf.h: Sync with the gabi webpage") that added a #define for EM_METAG but did not add relocations This triggers build errors: scripts/recordmcount.c: In function 'do_file': scripts/recordmcount.c:466:28: error: 'R_METAG_ADDR32' undeclared (first use in this function) case EM_METAG: reltype = R_METAG_ADDR32; ^~~~~~~~~~~~~~ scripts/recordmcount.c:466:28: note: each undeclared identifier is reported only once for each function it appears in scripts/recordmcount.c:468:20: error: 'R_METAG_NONE' undeclared (first use in this function) rel_type_nop = R_METAG_NONE; ^~~~~~~~~~~~ Work around this change with some more #ifdefery for the relocations. Fedora Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1354034 Link: http://lkml.kernel.org/r/1468005530-14757-1-git-send-email-labbott@redhat.com Cc: stable@vger.kernel.org # v3.9+ Cc: James Hogan <james.hogan@imgtec.com> Fixes: 00512bdd4573 ("metag: ftrace support") Reported-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Laura Abbott <labbott@redhat.com> Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
* | Merge branch 'akpm' (patches from Andrew)Linus Torvalds2016-08-033-10/+41
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Merge yet more updates from Andrew Morton: - the rest of ocfs2 - various hotfixes, mainly MM - quite a bit of misc stuff - drivers, fork, exec, signals, etc. - printk updates - firmware - checkpatch - nilfs2 - more kexec stuff than usual - rapidio updates - w1 things * emailed patches from Andrew Morton <akpm@linux-foundation.org>: (111 commits) ipc: delete "nr_ipc_ns" kcov: allow more fine-grained coverage instrumentation init/Kconfig: add clarification for out-of-tree modules config: add android config fragments init/Kconfig: ban CONFIG_LOCALVERSION_AUTO with allmodconfig relay: add global mode support for buffer-only channels init: allow blacklisting of module_init functions w1:omap_hdq: fix regression w1: add helper macro module_w1_family w1: remove need for ida and use PLATFORM_DEVID_AUTO rapidio/switches: add driver for IDT gen3 switches powerpc/fsl_rio: apply changes for RIO spec rev 3 rapidio: modify for rev.3 specification changes rapidio: change inbound window size type to u64 rapidio/idt_gen2: fix locking warning rapidio: fix error handling in mbox request/release functions rapidio/tsi721_dma: advance queue processing from transfer submit call rapidio/tsi721: add messaging mbox selector parameter rapidio/tsi721: add PCIe MRRS override parameter rapidio/tsi721_dma: add channel mask and queue size parameters ...
| * | kcov: allow more fine-grained coverage instrumentationVegard Nossum2016-08-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For more targeted fuzzing, it's better to disable kernel-wide instrumentation and instead enable it on a per-subsystem basis. This follows the pattern of UBSAN and allows you to compile in the kcov driver without instrumenting the whole kernel. To instrument a part of the kernel, you can use either # for a single file in the current directory KCOV_INSTRUMENT_filename.o := y or # for all the files in the current directory (excluding subdirectories) KCOV_INSTRUMENT := y or # (same as above) ccflags-y += $(CFLAGS_KCOV) or # for all the files in the current directory (including subdirectories) subdir-ccflags-y += $(CFLAGS_KCOV) Link: http://lkml.kernel.org/r/1464008380-11405-1-git-send-email-vegard.nossum@oracle.com Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Quentin Casasnovas <quentin.casasnovas@oracle.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * | checkpatch: if no filenames then read stdinAllen Hubbe2016-08-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If no filenames are given, then read the patch from stdin. Link: http://lkml.kernel.org/r/a8784f291ccb5067361992bf5d41ff6cfb0ce5cb.1469830917.git.allenbh@gmail.com Signed-off-by: Allen Hubbe <allenbh@gmail.com> Acked-by: Joe Perches <joe@perches.com> Cc: Andy Whitcroft <apw@canonical.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * | checkpatch: check signoff when reading stdinAllen Hubbe2016-08-031-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signoff was not checked if the filename is '-', indicating reading the patch from stdin. Commands such as the below would not warn about a missing signoff, because the patch filename is '-'. This change allows checkpatch to warn about a missing signoff, even if the input filename is '-', but only if the patch has a commit message. git show --pretty=email | scripts/checkpatch.pl - A more common use of checkpatch with stdin is for piping git diff through checkpatch. The diff output would not contain a commit message, and therefore it would not contain a signoff line. For this common use case, a warning should not be printed about the missing signoff. With this change we will only warn about a missing signoff if the input contains a commit message. git diff | scripts/checkpatch.pl - Before this patch, a workaround for the first command was to refer to stdin by a name other than '-'. The workaround is not an elegant solution, because elsewhere checkpatch uses the fact that filename equals '-', such as in setting '$vname' to 'Your patch' for stdin. The command below would report "/dev/stdin has style problems" instead of "Your patch has style problems." git show --pretty=email | scripts/checkpatch.pl /dev/stdin Link: http://lkml.kernel.org/r/48be31e414bddc65bccfa6b1322359be9ba032eb.1469670589.git.allenbh@gmail.com Signed-off-by: Allen Hubbe <allenbh@gmail.com> Acked-by: Joe Perches <joe@perches.com> Cc: Andy Whitcroft <apw@canonical.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * | checkpatch: improve 'bare use of' signed/unsigned types warningJoe Perches2016-08-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix false positive warning of identifiers ending in signed with an = assignment of WARNING: Prefer 'signed int' to bare use of 'signed'. Link: http://lkml.kernel.org/r/6a0e24c3e9102337528ecfcbbe91a0eb5b4820ed.1469529497.git.joe@perches.com Signed-off-by: Joe Perches <joe@perches.com> Reported-by: Alan Douglas <alanjhd@gmail.com> Acked-by: Andy Whitcroft <apw@canonical.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * | checkpatch: don't complain about BIT macro in uapiTomas Winkler2016-08-031-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | BIT macro cannot be exported to UAPI, don't complain about it. Link: http://lkml.kernel.org/r/1468707033-16173-1-git-send-email-tomas.winkler@intel.com Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Acked-by: Joe Perches <joe@perches.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * | checkpatch: yet another commit id improvementJoe Perches2016-08-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using \b isn't good enough to isolate what appears to be a commit id in a commit message. Make sure there is a space or a quote like character after a continuous run of hexadecimal characters that could be a commit id. Link: http://lkml.kernel.org/r/fdd22b47463a21c21132edbb8aa35e372950a1e6.1468869915.git.joe@perches.com Signed-off-by: Joe Perches <joe@perches.com> Cc: "Zhuo, Qiuxu" <qiuxu.zhuo@intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * | checkpatch: allow c99 style // commentsJoe Perches2016-08-031-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sanitise the lines that contain c99 comments so that the error doesn't get emitted. Link: http://lkml.kernel.org/r/d4d22c34ad7bcc1bceb52f0742f76b7a6d585235.1468368420.git.joe@perches.com Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * | checkpatch: skip long lines that use an EFI_GUID macroJoe Perches2016-08-031-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These are also possible single line uses that exceed the generic maximum line length (typically 80 columns) Link: http://lkml.kernel.org/r/32a6a85fbd6161f1bb55ce176a464e44591afc5b.1468368420.git.joe@perches.com Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * | get_maintainer.pl: reduce need for command-line option -fJoe Perches2016-08-031-1/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a vcs is used, look to see if the vcs tracks the file specified and so the -f option becomes optional. Link: http://lkml.kernel.org/r/7c86a8df0d48770c45778a43b6b3e4627b2a90ee.1469746395.git.joe@perches.com Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | | Merge branch 'misc' of ↵Linus Torvalds2016-08-028-20/+162
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild Pull misc kbuild updates from Michal Marek: - coccicheck script improvements by Luis Rodriguez and Deepa Dinamani - new coccinelle patches by Yann Droneaud and Vaishali Thakkar - debian packaging fixes by Wilfried Klaebe, Henning Schild and Marcin Mielniczuk * 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild: Fix the Debian packaging script on systems with no codename builddeb: fix file permissions before packaging scripts/coccinelle: require coccinelle >= 1.0.4 on device_node_continue.cocci coccicheck: refer to Documentation/coccinelle.txt and wiki coccicheck: add support for requring a coccinelle version scripts: add Linux .cocciconfig for coccinelle coccicheck: replace --very-quiet with --quiet when debugging coccicheck: add support for DEBUG_FILE coccicheck: enable parmap support coccicheck: make SPFLAGS more useful coccicheck: move spatch binary check up builddeb: really include objtool binary in headers package coccinelle: catch krealloc() on devm_*() allocated memory coccinelle: recognize more devm_* memory allocation functions coccinelle: also catch kzfree() issues coccicheck: Allow for overriding spatch flags Coccinelle: noderef: Add new rules and correct the old rule
| * | | Fix the Debian packaging script on systems with no codenameMarcin Mielniczuk2016-07-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When calling `make deb-pkg` on a system with no codename (for example Arch Linux), lsb_release sometimes outputs `n/a` as the codename. This breaks dpkg-parsechangelog, which can't process the changelog correctly. Signed-off-by: Marcin Mielniczuk <marmistrz.dev@gmail.com> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | builddeb: fix file permissions before packagingHenning Schild2016-07-261-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Builddep is not very explicit about file permissions. Actually the file permissions in the package are largely influenced by the umask of the user cloning the git and building the package. If that umask does not set go+r the resulting linux-headers package will prevent non-root users from building out-of-tree modules. And that is probably just one unexpected effect. Being a packaging/install tool builddep should make sure the file permissions are set correctly and not just derived from a value that is never checked. This patch sets ugo read permissions for all packaged files and derives the executable bit for directories and executables from the file-owner. Signed-off-by: Henning Schild <henning.schild@siemens.com> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | scripts/coccinelle: require coccinelle >= 1.0.4 on device_node_continue.cocciLuis R. Rodriguez2016-07-221-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make use of the new Requires: tag to be able to specify coccinelle binary version requirements. The cocci file device_node_continue.cocci requires at least coccinelle 1.0.4. Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org> Acked-by: Julia Lawall <julia.lawall@lip6.fr> Acked-by: Nicolas Palix <nicolas.palix@imag.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | coccicheck: refer to Documentation/coccinelle.txt and wikiLuis R. Rodriguez2016-07-221-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refer to the Documentation/coccinelle.txt and supplemental documentation on the wiki: https://bottest.wiki.kernel.org/coccicheck This page shall always refer to the linux-next iteration of scripts/coccicheck. v4: only refer to the wiki as supplemental documentation, and also update Documentation/coccinelle.txt. Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org> Acked-by: Nicolas Palix <nicolas.palix@imag.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | coccicheck: add support for requring a coccinelle versionLuis R. Rodriguez2016-07-221-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enable Coccinelle SmPL patches to require a specific version of Coccinelle. In the event that the version does not match we just inform the user, if the user asked to go through all SmPL patches we just inform them of the need for a new version of coccinelle for the SmPL patch and continue on with the rest. This uses the simple kernel scripts/ld-version.sh to create a weight on the version provided by spatch. The -dirty attribute is ignored if supplied, the benefit of scripts/ld-version.sh is it has a long history and well tested. While at it, document the // Options stuff as well. v4: Document // Options and // Requires as well on Documentation/coccinelle.txt. Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org> Acked-by: Nicolas Palix <nicolas.palix@imag.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | coccicheck: replace --very-quiet with --quiet when debuggingLuis R. Rodriguez2016-07-221-0/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When debugging (using --profile or --show-trying) you want to avoid supressing output, use --quiet instead. While at it, extend documentation for SPFLAGS use. For instance one can use: $ export COCCI=scripts/coccinelle/misc/irqf_oneshot.cocci $ make coccicheck DEBUG_FILE="poo.err" MODE=report SPFLAGS="--profile --show-trying" M=./drivers/mfd/arizona-irq.c Expand Documentation/coccinelle.txt as well. v4: expand Documentation/coccinelle.txt v3: rebased, resolve conflicts, expand Documentation/coccinelle.txt v2: use egrep instead of the *"=--option"* check, this doesn't work for disjunctions. Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org> Acked-by: Julia Lawall <julia.lawall@lip6.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | coccicheck: add support for DEBUG_FILELuis R. Rodriguez2016-07-221-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enable to capture stderr via a DEBUG_FILE variable passed to coccicheck. You can now do: $ rm -f cocci.err $ export COCCI=scripts/coccinelle/free/kfree.cocci $ make coccicheck MODE=report DEBUG_FILE=cocci.err ... $ cat cocci.err This will be come more useful once we add support to use more things which would go into stderr, such as profiling. That will be done separately in another commit. Expand Documentation/coccinelle.txt with details. Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org> Acked-by: Nicolas Palix <nicolas.palix@imag.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | coccicheck: enable parmap supportLuis R. Rodriguez2016-07-221-3/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Coccinelle has had parmap support since 1.0.2, this means it supports --jobs, enabling built-in multithreaded functionality, instead of needing one to script it out. Just look for --jobs in the help output to determine if this is supported and use it only if your number of processors detected is > 1. If parmap is enabled also enable the load balancing to be dynamic, so that if a thread finishes early we keep feeding it. stderr is currently sent to /dev/null, addressing a way to capture that will be addressed next. If --jobs is not supported we fallback to the old mechanism. We expect to deprecate the old mechanism as soon as we can get confirmation all users are ready. While at it propagate back into the shell script any coccinelle error code. When used in serialized mode where all cocci files are run this also stops processing if an error has occured. This lets us handle some errors in coccinelle cocci files and if they bail out we should inspect the errors. This will be more useful later to help annotate coccinelle version dependency requirements. This will let you run only SmPL files that your system supports. Extend Documentation/coccinelle.txt as well. As a small example, prior to this change, on an 8-core system: Before: $ export COCCI=scripts/coccinelle/free/kfree.cocci $ time make coccicheck MODE=report ... real 29m14.912s user 103m1.796s sys 0m4.464s After: real 16m22.435s user 128m30.060s sys 0m2.712s v4: o expand Documentation/coccinelle.txt to reflect parmap support info o update commit log to reflect what we actually do now with stderr o split out DEBUG_FILE use into another patch o detect number of CPUs and if its 1 then skip parmap support, note that if you still support parmap, but have 1 CPU you will also go through the new branches, so the old complex multithreaded process is skipped as well. v3: o move USE_JOBS to avoid being overriden v2: o redirect coccinelle stderr to /dev/null by default and only if DEBUG_FILE is used do we pass it to a file o fix typo of paramap/parmap Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org> Acked-by: Nicolas Palix <nicolas.palix@imag.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | coccicheck: make SPFLAGS more usefulLuis R. Rodriguez2016-07-221-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SPFLAGS is set early, it means that any heuristics done on coccicheck cannot be overridden currently. Move SPFLAGS after OPTIONS and set this at the end. This lets you override any heuristics as coccinelle treats conflicts by only listening to the last option that makes sense. v3: this patch was added in the v3 series v4: Update Documentation/coccinelle.txt explaining how SPFLAGS works as well. Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org> Acked-by: Nicolas Palix <nicolas.palix@imag.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | coccicheck: move spatch binary check upLuis R. Rodriguez2016-07-221-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This has no functional changes. This is being done to enable us to later use spatch binary for some flag checking for certain features early on. Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org> Acked-by: Nicolas Palix <nicolas.palix@imag.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | builddeb: really include objtool binary in headers packageWilfried Klaebe2016-07-191-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On May 4th, Bjørn Mork provided patch 697bbc7b8320 ("builddeb: include objtool binary in headers package"). However, that one only works if $srctree=$objtree, because the objtool binaries are not written to the srctree, but to the objtree. Signed-off-by: Wilfried Klaebe <linux-kernel@lebenslange-mailadresse.de> Fixes: 697bbc7b8320 ("builddeb: include objtool binary in headers package") Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | coccinelle: catch krealloc() on devm_*() allocated memoryYann Droneaud2016-06-211-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | krealloc() must not be used against devm_*() allocated memory regions: - if a bigger memory is to be allocated, krealloc() and __krealloc() could return a different pointer than the one given to them, creating a memory region which is not managed, thus it will not be automatically released on device removal. - if a bigger memory is to be allocated, krealloc() could kfree() the managed memory region which is passed to it. The old pointer is left registered as a resource for the device. On device removal, this dangling pointer will be used and an unrelated memory region could be released. - if the requested size is equal to 0, krealloc() can also just behave like kfree(). Here too, the old pointer is kept associated with the device. On device removal, this invalid pointer will be used and an unrelated memory region could be released. For all these reasons, krealloc() must not be used on a pointer returned by devm_*() functions. Cc: Tejun Heo <tj@kernel.org> Cc: Pekka Enberg <penberg@cs.helsinki.fi> Acked-by: Julia Lawall <julia.lawall@lip6.fr> Signed-off-by: Yann Droneaud <ydroneaud@opteya.com> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | coccinelle: recognize more devm_* memory allocation functionsYann Droneaud2016-06-211-0/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updates free/devm_free.cocci to recognize functions added by: - commit 64c862a839a8 ('devres: add kernel standard devm_k.alloc functions') - commit e31108cad3de ('devres: introduce API "devm_kstrdup"') - commit 3046365bb470 ('devres: introduce API "devm_kmemdup') - commit 43339bed7010 ('devres: Add devm_get_free_pages API') - commit 75f2a4ead5d5 ('devres: Add devm_kasprintf and devm_kvasprintf API') See also Documentation/driver-model/devres.txt Cc: Joe Perches <joe@perches.com> Cc: Manish Badarkhe <badarkhe.manish@gmail.com> Cc: Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com> Cc: Eli Billauer <eli.billauer@gmail.com> Cc: Himangi Saraogi <himangi774@gmail.com> Cc: Geert Uytterhoeven <geert+renesas@glider.be> Cc: Wolfram Sang <w.sang@pengutronix.de> Cc: Daniel Thompson <daniel.thompson@linaro.org> Acked-by: Julia Lawall <julia.lawall@lip6.fr> Signed-off-by: Yann Droneaud <ydroneaud@opteya.com> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | coccinelle: also catch kzfree() issuesYann Droneaud2016-06-214-5/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since commit 3ef0e5ba4673 ('slab: introduce kzfree()'), kfree() is no more the only function to be considered: kzfree() should be recognized too. In particular, kzfree() must not be called on memory allocated through devm_*() functions. Cc: Johannes Weiner <hannes@cmpxchg.org> Acked-by: Julia Lawall <julia.lawall@lip6.fr> Signed-off-by: Yann Droneaud <ydroneaud@opteya.com> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | coccicheck: Allow for overriding spatch flagsDeepa Dinamani2016-06-201-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Documentation/coccinelle.txt suggests using the SPFLAGS make variable to pass additional options to spatch. Reorder the way SPFLAGS is added to FLAGS, to allow for options in the SPFLAGS to override the default --very-quiet option. Similarly, rearrage the FLAGS for org or report mode. This allows for overriding of the default --no-show-diff option through SPFLAGS. Signed-off-by: Deepa Dinamani <deepa.kernel@gmail.com> Cc: Gilles Muller <Gilles.Muller@lip6.fr> Acked-by: Nicolas Palix <nicolas.palix@imag.fr> Acked-by: Julia Lawall <Julia.Lawall@lip6.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | Coccinelle: noderef: Add new rules and correct the old ruleVaishali Thakkar2016-06-201-1/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add new rules to detect the cases where sizeof is used in function calls as a argument. Also, for the patch mode third rule should behave same as second rule with arguments reversed. So, change that as well. Signed-off-by: Vaishali Thakkar <vaishali.thakkar@oracle.com> Acked-by: Julia Lawall <julia.lawall@lip6.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
* | | | Merge branch 'kbuild' of ↵Linus Torvalds2016-08-0220-11/+2051
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild Pull kbuild updates from Michal Marek: - GCC plugin support by Emese Revfy from grsecurity, with a fixup from Kees Cook. The plugins are meant to be used for static analysis of the kernel code. Two plugins are provided already. - reduction of the gcc commandline by Arnd Bergmann. - IS_ENABLED / IS_REACHABLE macro enhancements by Masahiro Yamada - bin2c fix by Michael Tautschnig - setlocalversion fix by Wolfram Sang * 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild: gcc-plugins: disable under COMPILE_TEST kbuild: Abort build on bad stack protector flag scripts: Fix size mismatch of kexec_purgatory_size kbuild: make samples depend on headers_install Kbuild: don't add obj tree in additional includes Kbuild: arch: look for generated headers in obtree Kbuild: always prefix objtree in LINUXINCLUDE Kbuild: avoid duplicate include path Kbuild: don't add ../../ to include path vmlinux.lds.h: replace config_enabled() with IS_ENABLED() kconfig.h: allow to use IS_{ENABLE,REACHABLE} in macro expansion kconfig.h: use already defined macros for IS_REACHABLE() define export.h: use __is_defined() to check if __KSYM_* is defined kconfig.h: use __is_defined() to check if MODULE is defined kbuild: setlocalversion: print error to STDERR Add sancov plugin Add Cyclomatic complexity GCC plugin GCC plugin infrastructure Shared library support
| * | | scripts: Fix size mismatch of kexec_purgatory_sizeTautschnig, Michael2016-07-221-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | bin2c is used to create a valid C file out of a binary file where two symbols will be globally defined: <name> and <name>_size. <name> is passed as the first parameter of the host binary. Building using goto-cc reported that the purgatory binary code (the only current user of this utility) declares kexec_purgatory_size as 'size_t' where bin2c generate <name>_size to be 'int' so in a 64-bit host where sizeof(size_t) > sizeof(int) this type mismatch will always yield the wrong value for big-endian architectures while for little-endian it will be wrong if the object laid in memory directly after kexec_purgatory_size contains non-zero value at the time of reading. This commit changes <name>_size to be size_t instead. Note: Another way to fix the problem is to change the type of kexec_purgatory_size to be 'int' as there's this check in code: (kexec_purgatory_size <= 0) Signed-off-by: Michael Tautschnig <tautschn@amazon.com> Cc: Vivek Goyal <vgoyal@redhat.com> Acked-by: Dave Young <dyoung@redhat.com> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | Kbuild: don't add obj tree in additional includesArnd Bergmann2016-07-182-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When building with separate object directories and driver specific Makefiles that add additional header include paths, Kbuild adjusts the gcc flags so that we include both the directory in the source tree and in the object tree. However, due to another bug I fixed earlier, this did not actually include the correct directory in the object tree, so we know that we only really need the source tree here. Also, including the object tree sometimes causes warnings about nonexisting directories when the include path only exists in the source. This changes the logic to only emit the -I argument for the srctree, not for objects. We still need both $(srctree)/$(src) and $(obj) though, so I'm adding them manually. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | Kbuild: don't add ../../ to include pathArnd Bergmann2016-07-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we build with O=objdir and objdir is directly below the source tree, $(srctree) becomes '..'. When a Makefile adds a CFLAGS option like -Ipath/to/headers and we are building with a separate object directory, Kbuild tries to add two -I options, one for the source tree and one for the object tree. An absolute path is treated as a special case, and don't add this one twice. This also normally catches -I$(srctree)/$(src) as $(srctree) usually is an absolute directory like /home/arnd/linux/. The combination of the two behaviors however results in an invalid path name to be included: we get both ../$(src) and ../../$(src), the latter one pointing outside of the source tree, usually to a nonexisting directory. Building with 'make W=1' makes this obvious: cc1: error: ../../arch/arm/mach-s3c24xx/include: No such file or directory [-Werror=missing-include-dirs] This adds another special case, treating path names starting with ../ like those starting with / so we don't try to prefix that with $(srctree). Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | kbuild: setlocalversion: print error to STDERRWolfram Sang2016-06-201-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I tried to use 'make O=...' from an unclean source tree. This triggered the error path of setlocalversion. But by printing to STDOUT, it created a broken localversion which then caused another (unrelated) error: "4.7.0-rc2Error: kernelrelease not valid - run make prepare to update it" exceeds 64 characters After printing to STDERR, the true build error gets displayed later: /home/wsa/Kernel/linux is not clean, please run 'make mrproper' in the '/home/wsa/Kernel/linux' directory. Signed-off-by: Wolfram Sang <wsa@the-dreams.de> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | Add sancov pluginEmese Revfy2016-06-073-1/+170
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The sancov gcc plugin inserts a __sanitizer_cov_trace_pc() call at the start of basic blocks. This plugin is a helper plugin for the kcov feature. It supports all gcc versions with plugin support (from gcc-4.5 on). It is based on the gcc commit "Add fuzzing coverage support" by Dmitry Vyukov (https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=231296). Signed-off-by: Emese Revfy <re.emese@gmail.com> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | Add Cyclomatic complexity GCC pluginEmese Revfy2016-06-073-0/+75
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a very simple plugin to demonstrate the GCC plugin infrastructure. This GCC plugin computes the cyclomatic complexity of each function. The complexity M of a function's control flow graph is defined as: M = E - N + 2P where E = the number of edges N = the number of nodes P = the number of connected components (exit nodes). Signed-off-by: Emese Revfy <re.emese@gmail.com> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | GCC plugin infrastructureEmese Revfy2016-06-0711-2/+1741
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch allows to build the whole kernel with GCC plugins. It was ported from grsecurity/PaX. The infrastructure supports building out-of-tree modules and building in a separate directory. Cross-compilation is supported too. Currently the x86, arm, arm64 and uml architectures enable plugins. The directory of the gcc plugins is scripts/gcc-plugins. You can use a file or a directory there. The plugins compile with these options: * -fno-rtti: gcc is compiled with this option so the plugins must use it too * -fno-exceptions: this is inherited from gcc too * -fasynchronous-unwind-tables: this is inherited from gcc too * -ggdb: it is useful for debugging a plugin (better backtrace on internal errors) * -Wno-narrowing: to suppress warnings from gcc headers (ipa-utils.h) * -Wno-unused-variable: to suppress warnings from gcc headers (gcc_version variable, plugin-version.h) The infrastructure introduces a new Makefile target called gcc-plugins. It supports all gcc versions from 4.5 to 6.0. The scripts/gcc-plugin.sh script chooses the proper host compiler (gcc-4.7 can be built by either gcc or g++). This script also checks the availability of the included headers in scripts/gcc-plugins/gcc-common.h. The gcc-common.h header contains frequently included headers for GCC plugins and it has a compatibility layer for the supported gcc versions. The gcc-generate-*-pass.h headers automatically generate the registration structures for GIMPLE, SIMPLE_IPA, IPA and RTL passes. Note that 'make clean' keeps the *.so files (only the distclean or mrproper targets clean all) because they are needed for out-of-tree modules. Based on work created by the PaX Team. Signed-off-by: Emese Revfy <re.emese@gmail.com> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | | Shared library supportEmese Revfy2016-06-073-3/+58
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | Infrastructure for building independent shared library targets. Based on work created by the PaX Team. Signed-off-by: Emese Revfy <re.emese@gmail.com> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Michal Marek <mmarek@suse.com>
* | | Merge tag 'devicetree-for-4.8' of ↵Linus Torvalds2016-07-302-1/+1214
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux Pull DeviceTree updates from Rob Herring: - remove most of_platform_populate() calls in arch code. Now the DT core code calls it in the default case and platforms only need to call it if they have special needs - use pr_fmt on all the DT core print statements - CoreSight binding doc improvements to block name descriptions - add dt_to_config script which can parse dts files and list corresponding kernel config options - fix memory leak hit with a PowerMac DT - correct a bunch of STMicro compatible strings to use the correct vendor prefix - fix DA9052 PMIC binding doc to match what is actually used in dts files * tag 'devicetree-for-4.8' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux: (35 commits) documentation: da9052: Update regulator bindings names to match DA9052/53 DTS expectations xtensa: Partially Revert "xtensa: Remove unnecessary of_platform_populate with default match table" xtensa: Fix build error due to missing include file MIPS: ath79: Add missing include file Fix spelling errors in Documentation/devicetree ARM: dts: fix STMicroelectronics compatible strings powerpc/dts: fix STMicroelectronics compatible strings Documentation: dt: i2c: use correct STMicroelectronics vendor prefix scripts/dtc: dt_to_config - kernel config options for a devicetree of: fdt: mark unflattened tree as detached of: overlay: add resolver error prints coresight: document binding acronyms Documentation/devicetree: document cavium-pip rx-delay/tx-delay properties of: use pr_fmt prefix for all console printing of/irq: Mark initialised interrupt controllers as populated of: fix memory leak related to safe_name() Revert "of/platform: export of_default_bus_match_table" of: unittest: use of_platform_default_populate() to populate default bus memory: omap-gpmc: use of_platform_default_populate() to populate default bus bus: uniphier-system-bus: use of_platform_default_populate() to populate default bus ...
| * | | scripts/dtc: dt_to_config - kernel config options for a devicetreeGaurav Minocha2016-07-222-1/+1214
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Determining which kernel config options need to be enabled for a given devicetree can be a painful process. Create a new tool to find the drivers that may match a devicetree node compatible, find the kernel config options that enable the driver, and optionally report whether the kernel config option is enabled. Signed-off-by: Gaurav Minocha <gaurav.minocha.os@gmail.com> Signed-off-by: Frank Rowand <frank.rowand@am.sony.com> Signed-off-by: Rob Herring <robh@kernel.org>
* | | | Merge branch 'next' of ↵Linus Torvalds2016-07-301-8/+26
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security Pull security subsystem updates from James Morris: "Highlights: - TPM core and driver updates/fixes - IPv6 security labeling (CALIPSO) - Lots of Apparmor fixes - Seccomp: remove 2-phase API, close hole where ptrace can change syscall #" * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (156 commits) apparmor: fix SECURITY_APPARMOR_HASH_DEFAULT parameter handling tpm: Add TPM 2.0 support to the Nuvoton i2c driver (NPCT6xx family) tpm: Factor out common startup code tpm: use devm_add_action_or_reset tpm2_i2c_nuvoton: add irq validity check tpm: read burstcount from TPM_STS in one 32-bit transaction tpm: fix byte-order for the value read by tpm2_get_tpm_pt tpm_tis_core: convert max timeouts from msec to jiffies apparmor: fix arg_size computation for when setprocattr is null terminated apparmor: fix oops, validate buffer size in apparmor_setprocattr() apparmor: do not expose kernel stack apparmor: fix module parameters can be changed after policy is locked apparmor: fix oops in profile_unpack() when policy_db is not present apparmor: don't check for vmalloc_addr if kvzalloc() failed apparmor: add missing id bounds check on dfa verification apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task apparmor: use list_next_entry instead of list_entry_next apparmor: fix refcount race when finding a child profile apparmor: fix ref count leak when profile sha1 hash is read apparmor: check that xindex is in trans_table bounds ...
| * | | | modsign: Make sign-file determine the format of the X.509 certDavid Howells2016-06-141-8/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sign-file determine the format of the X.509 certificate by reading the first two bytes and seeing if the first byte is 0x30 and the second 0x81-0x84. If this is the case, assume it's DER encoded, otherwise assume it to be PEM encoded. Without this, it gets awkward to deal with the error messages from d2i_X509_bio() when we want to call BIO_reset() and then PEM_read_bio() in case the certificate was PEM encoded rather than X.509 encoded. Reported-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Ben Hutchings <ben@decadent.org.uk> cc: David Woodhouse <dwmw2@infradead.org> cc: Juerg Haefliger <juerg.haefliger@hpe.com> cc: Ben Hutchings <ben@decadent.org.uk>