summaryrefslogtreecommitdiffstats
path: root/scripts (follow)
Commit message (Collapse)AuthorAgeFilesLines
* kbuild: add fine grained build dependencies for exported symbolsNicolas Pitre2016-03-292-0/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Like with kconfig options, we now have the ability to compile in and out individual EXPORT_SYMBOL() declarations based on the content of include/generated/autoksyms.h. However we don't want the entire world to be rebuilt whenever that file is touched. Let's apply the same build dependency trick used for CONFIG_* symbols where the time stamp of empty files whose paths matching those symbols is used to trigger fine grained rebuilds. In our case the key is the symbol name passed to EXPORT_SYMBOL(). However, unlike config options, we cannot just use fixdep to parse the source code for EXPORT_SYMBOL(ksym) because several variants exist and parsing them all in a separate tool, and keeping it in synch, is not trivially maintainable. Furthermore, there are variants such as EXPORT_SYMBOL_GPL(pci_user_read_config_##size); that are instanciated via a macro for which we can't easily determine the actual exported symbol name(s) short of actually running the preprocessor on them. Storing the symbol name string in a special ELF section doesn't work for targets that output assembly or preprocessed source. So the best way is really to leverage the preprocessor by having it output actual symbol names anchored by a special sequence that can be easily filtered out. Then the list of symbols is simply fed to fixdep to be merged with the other dependencies. That implies the preprocessor is executed twice for each source file. A previous attempt relied on a warning pragma for each EXPORT_SYMBOL() instance that was filtered apart from stderr by the build system with a sed script during the actual compilation pass. Unfortunately the preprocessor/compiler diagnostic output isn't stable between versions and this solution, although more efficient, was deemed too fragile. Because of the lowercasing performed by fixdep, there might be name collisions triggering spurious rebuilds for similar symbols. But this shouldn't be a big issue in practice. (This is the case for CONFIG_* symbols and I didn't want to be different here, whatever the original reason for doing so.) To avoid needless build overhead, the exported symbol name gathering is performed only when CONFIG_TRIM_UNUSED_KSYMS is selected. Signed-off-by: Nicolas Pitre <nico@linaro.org> Acked-by: Rusty Russell <rusty@rustcorp.com.au>
* kbuild: de-duplicate fixdep usageNicolas Pitre2016-03-292-15/+9
| | | | | | | | | | | | | | | The generation and postprocessing of automatic dependency rules is duplicated in rule_cc_o_c, rule_as_o_S and if_changed_dep. Since this is not a trivial one-liner action, it is now abstracted under cmd_and_fixdep to simplify things and make future changes in this area easier. In the rule_cc_o_c and rule_as_o_S cases that means the order of some commands has been altered, namely fixdep and related file manipulations are executed earlier, but they didn't depend on those commands that now execute later. Signed-off-by: Nicolas Pitre <nico@linaro.org>
* fixdep: accept extra dependencies on stdinNicolas Pitre2016-03-291-15/+45
| | | | | | ... and merge them in the list of parsed dependencies. Signed-off-by: Nicolas Pitre <nico@linaro.org>
* kbuild: record needed exported symbols for modulesNicolas Pitre2016-03-291-2/+11
| | | | | | | | | | | | | | | | | | | | | | | | | Kernel modules are partially linked object files with some undefined symbols that are expected to be matched with EXPORT_SYMBOL() entries from elsewhere. Each .tmp_versions/*.mod file currently contains two line of text separated by a newline character. The first line has the actual module file name while the second line has a list of object files constituting that module. Those files are parsed by modpost (scripts/mod/sumversion.c), scripts/Makefile.modpost, scripts/Makefile.modsign, etc. Only the modpost utility cares about the second line while the others retrieve only the first line. Therefore we can add a third line to record the list of undefined symbols aka required EXPORT_SYMBOL() entries for each module into that file without breaking anything. Like for the second line, symbols are separated by a blank and the list is terminated with a newline character. To avoid needless build overhead, the undefined symbols extraction is performed only when CONFIG_TRIM_UNUSED_KSYMS is selected. Signed-off-by: Nicolas Pitre <nico@linaro.org> Acked-by: Rusty Russell <rusty@rustcorp.com.au>
* Merge branch 'misc' of ↵Linus Torvalds2016-03-258-9/+215
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild Pull kbuild misc updates from Michal Marek: "The non-critical part of kbuild for v4.6-rc1: - coccinelle cleanup and a new patch - make tags rule for kprobe helpers - make rpm fix to avoid spurious grub2 entries - make rpm support for %postun script (Fedora only at the moment)" * 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild: kbuild/mkspec: clean boot loader configuration on rpm removal kbuild/mkspec: fix grub2 installkernel issue Coccinelle: Add api/setup_timer.cocci coccinelle: bugon: reduce rule applicability Coccinelle: pm_runtime: reduce rule applicability Coccinelle: array_size: reduce rule applicability Coccinelle: reduce rule applicability scripts/tags.sh: add regex to map kprobe helpers scripts/coccinelle: modernize &
| * kbuild/mkspec: clean boot loader configuration on rpm removalPaolo Abeni2016-03-041-0/+5
| | | | | | | | | | | | | | | | | | This patch add a rpm preuninstall scriptlet to cleanup the boot loader configuration on kernel package uninstall. The initrd for the to-be-removed kernel is deleted, too. Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Michal Marek <mmarek@suse.com>
| * kbuild/mkspec: fix grub2 installkernel issueJiri Kosina2016-02-261-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mkspec is copying built kernel to temporrary location /boot/vmlinuz-$KERNELRELEASE-rpm and runs installkernel on it. This however directly leads to grub2 menuentry for this suffixed binary being generated as well during the run of installkernel script. Later in the process the temporary -rpm suffixed files are removed, and therefore we end up with spurious (and non-functional) grub2 menu entries for each installed kernel RPM. Fix that by using a different temporary name (prefixed by '.'), so that the binary is not recognized as an actual kernel binary and no menuentry is created for it. Signed-off-by: Jiri Kosina <jkosina@suse.cz> Fixes: 3c9c7a14b627 ("rpm-pkg: add %post section to create initramfs and grub hooks") Signed-off-by: Michal Marek <mmarek@suse.com>
| * Coccinelle: Add api/setup_timer.cocciVaishali Thakkar2016-02-181-0/+199
| | | | | | | | | | | | | | | | | | Use the timer API function setup_timer instead of structure field assignments to initialize a timer. Signed-off-by: Vaishali Thakkar <vaishali.thakkar@oracle.com> Acked-by: Julia Lawall <julia.lawall@lip6.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * coccinelle: bugon: reduce rule applicabilityJulia Lawall2016-02-181-1/+1
| | | | | | | | | | | | | | | | Rule r is only use in org or report mode, so only execute it in those cases. Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * Coccinelle: pm_runtime: reduce rule applicabilityJulia Lawall2016-02-181-1/+1
| | | | | | | | | | | | | | | | Rule r is only used in org or report mode, so only execute it in those cases. Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * Coccinelle: array_size: reduce rule applicabilityJulia Lawall2016-02-181-1/+1
| | | | | | | | | | | | | | | | Rule r is only use in org or report mode, so only execute it in those cases. Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * Coccinelle: reduce rule applicabilityJulia Lawall2016-02-181-1/+1
| | | | | | | | | | | | | | | | Rule r is only use in org or report mode, so only execute it in those cases. Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr> Signed-off-by: Michal Marek <mmarek@suse.com>
| * scripts/tags.sh: add regex to map kprobe helpersNaveen N. Rao2016-02-181-0/+2
| | | | | | | | | | | | | | Add regex for [get|free]_[insn|optinsn|dmainsn]_slot() functions. Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com> Signed-off-by: Michal Marek <mmarek@suse.com>
| * scripts/coccinelle: modernize &Julia Lawall2016-02-181-1/+1
| | | | | | | | | | | | | | | | | | & is no longer allowed in column 0, since Coccinelle 1.0.4. Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr> Tested-by: Nishanth Menon <nm@ti.com> Cc: stable@vger.kernel.org Signed-off-by: Michal Marek <mmarek@suse.com>
* | Merge branch 'kconfig' of ↵Linus Torvalds2016-03-252-6/+10
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild Pull kconfig updates from Michal Marek: "Just two kconfig commits this time: - kconfig Makefile fix for make 3.80 - Fix calculating symbols so that KCONFIG_ALLCONFIG=... does not disable CONFIG_MODULES silently" * 'kconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild: unbreak allmodconfig KCONFIG_ALLCONFIG=... scripts/kconfig: allow building with make 3.80 again
| * | unbreak allmodconfig KCONFIG_ALLCONFIG=...Al Viro2016-02-011-5/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prior to 3.13 make allmodconfig KCONFIG_ALLCONFIG=/dev/null used to be equivalent to make allmodconfig; these days it hardwires MODULES to n. In fact, any KCONFIG_ALLCONFIG that doesn't set MODULES explicitly is treated as if it set it to n. Regression had been introduced by commit cfa98f ("kconfig: do not override symbols already set"); what happens is that conf_read_simple() does sym_calc_value(modules_sym) on exit, which leaves SYMBOL_VALID set and has conf_set_all_new_symbols() skip modules_sym. It's pretty easy to fix - simply move that call of sym_calc_value() into the callers, except for the ones in KCONFIG_ALLCONFIG handling. Objections? Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Fixes: cfa98f2e0ae9 ("kconfig: do not override symbols already set") Signed-off-by: Michal Marek <mmarek@suse.com>
| * | scripts/kconfig: allow building with make 3.80 againJan Beulich2016-02-011-1/+3
| |/ | | | | | | | | | | | | | | | | | | Documentation/Changes still lists this as the minimal required version, so it ought to remain usable for the time being. Fixes: d2036f30cf ("scripts/kconfig/Makefile: Allow KBUILD_DEFCONFIG to be a target") Signed-off-by: Jan Beulich <jbeulich@suse.com> Cc: Michael Ellerman <mpe@ellerman.id.au> Signed-off-by: Michal Marek <mmarek@suse.com>
* | Merge branch 'kbuild' of ↵Linus Torvalds2016-03-254-9/+12
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild Pull kbuild updates from Michal Marek: - make dtbs_install fix - Error handling fix fixdep and link-vmlinux.sh - __UNIQUE_ID fix for clang - Fix for if_changed_* to suppress the "is up to date." message - The kernel is built with -Werror=incompatible-pointer-types * 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild: kbuild: Add option to turn incompatible pointer check into error kbuild: suppress annoying "... is up to date." message kbuild: fixdep: Check fstat(2) return value scripts/link-vmlinux.sh: force error on kallsyms failure Kbuild: provide a __UNIQUE_ID for clang dtbsinstall: don't move target directory out of the way
| * | kbuild: suppress annoying "... is up to date." messageMasahiro Yamada2016-03-041-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Under certain conditions, Kbuild shows "... is up to date" where if_changed or friends are used. For example, the incremental build of ARM64 Linux shows this message when the kernel image has not been updated. $ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- CHK include/config/kernel.release CHK include/generated/uapi/linux/version.h CHK include/generated/utsrelease.h CHK include/generated/bounds.h CHK include/generated/timeconst.h CHK include/generated/asm-offsets.h CALL scripts/checksyscalls.sh CHK include/generated/compile.h CHK kernel/config_data.h make[1]: `arch/arm64/boot/Image.gz' is up to date. Building modules, stage 2. MODPOST 0 modules The following is the build rule in arch/arm64/boot/Makefile: $(obj)/Image.gz: $(obj)/Image FORCE $(call if_changed,gzip) If the Image.gz is newer than the Image and the command line has not changed (i.e., $(any-prereq) and $(arg-check) are both empty), the build rule $(call if_changed,gzip) is evaluated to be empty, then GNU Make reports the target is up to date. In order to make GNU Make quiet, we need to give it something to do, for example, "@:". This should be fixed in the Kbuild core part rather than in each Makefile. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | kbuild: fixdep: Check fstat(2) return valueTom Rini2016-02-171-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | Coverity has recently added a check that will find when we don't check the return code from fstat(2). Copy/paste the checking logic that print_deps() has with an appropriate re-wording of the perror() message. Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | scripts/link-vmlinux.sh: force error on kallsyms failureArd Biesheuvel2016-02-081-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since the output of the invocation of scripts/kallsyms is piped directly into the assembler, error messages it emits are visible on stderr, but a non-zero return code is ignored, and the build simply proceeds in that case. However, the resulting kernel is most likely broken, and will crash at boot. So instead, capture the output of kallsyms in a separate .S file, and pass that to the assembler in a separate step. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Michal Marek <mmarek@suse.com>
| * | dtbsinstall: don't move target directory out of the wayRussell King2016-01-281-2/+0
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | No other kernel installation target moves the target directory out of the way, even deleting an old version of it. These are destructive operations, ones which the kernel build system should not be making. This behaviour prevents being able to do: make install INSTALL_PATH=/some/path/boot make dtbs_install INSTALL_DTBS_PATH=/some/path/boot As it causes the boot directory containing the kernel installed in step 1 to be moved to /some/path/boot.old. Things get even more fun if you do: make install dtbs_install INSTALL_PATH=/some/path/boot INSTALL_DTBS_PATH=/some/path/boot The kernel gets installed into /some/path/boot, then the directory gets renamed to /some/path/boot.old, and a new directory created to hold the dtbs. Even more fun if you supply -j2 when we end up with races in make. Remove this behaviour. If this behaviour is required at installation time, this should be done by the installation external to the kernel makefiles, just like it would be done for 'make modules_install'. Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk> Acked-by: Jason Cooper <jason@lakedaemon.net> Acked-by: Rob Herring <robh@kernel.org> Signed-off-by: Michal Marek <mmarek@suse.com>
* | parisc: Use generic extable search and sort routinesHelge Deller2016-03-231-0/+1
| | | | | | | | | | | | | | | | Switch to the generic extable search and sort routines which were introduced with commit a272858 from Ard Biesheuvel. This saves quite some memory in the vmlinux binary with the 64bit kernel. Signed-off-by: Helge Deller <deller@gmx.de>
* | ubsan: fix tree-wide -Wmaybe-uninitialized false positivesAndrey Ryabinin2016-03-221-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | -fsanitize=* options makes GCC less smart than usual and increase number of 'maybe-uninitialized' false-positives. So this patch does two things: * Add -Wno-maybe-uninitialized to CFLAGS_UBSAN which will disable all such warnings for instrumented files. * Remove CONFIG_UBSAN_SANITIZE_ALL from all[yes|mod]config builds. So the all[yes|mod]config build goes without -fsanitize=* and still with -Wmaybe-uninitialized. Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Reported-by: Fengguang Wu <fengguang.wu@intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | scripts/gdb: account for changes in module data structureJan Kiszka2016-03-222-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 7523e4dc5057 ("module: use a structure to encapsulate layout.") factored out the module_layout structure. Adjust the symbol loader and the lsmod command to this. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Kieran Bingham <kieran.bingham@linaro.org> Tested-by: Kieran Bingham <kieran.bingham@linaro.org> (qemu-{ARM,x86}) Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Jiri Kosina <jkosina@suse.cz> Cc: Jason Wessel <jason.wessel@windriver.com> Cc: <stable@vger.kernel.org> [4.4+] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | scripts/gdb: add cmdline reader commandKieran Bingham2016-03-221-0/+13
| | | | | | | | | | | | | | | | | | | | | | lx-cmdline Report the Linux Commandline used in the current kernel [jan.kiszka@siemens.com: remove blank line from help output and fix pep8 warning] Signed-off-by: Kieran Bingham <kieran.bingham@linaro.org> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Cc: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | scripts/gdb: add version commandKieran Bingham2016-03-222-0/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | lx-version Report the Linux Version of the current kernel. Add a command to identify the version specified by the banner in the debugged kernel. This lets the user identify the kernel of the running kernel, and will let later scripts compare the banner of the attached kernel against the banner in the vmlinux symbols files to verify that the files are correct. [jan.kiszka@siemens.com: remove blank line from help output and fix pep8 warning] Signed-off-by: Kieran Bingham <kieran.bingham@linaro.org> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Cc: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | kernel: add kcov code coverageDmitry Vyukov2016-03-221-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | kcov provides code coverage collection for coverage-guided fuzzing (randomized testing). Coverage-guided fuzzing is a testing technique that uses coverage feedback to determine new interesting inputs to a system. A notable user-space example is AFL (http://lcamtuf.coredump.cx/afl/). However, this technique is not widely used for kernel testing due to missing compiler and kernel support. kcov does not aim to collect as much coverage as possible. It aims to collect more or less stable coverage that is function of syscall inputs. To achieve this goal it does not collect coverage in soft/hard interrupts and instrumentation of some inherently non-deterministic or non-interesting parts of kernel is disbled (e.g. scheduler, locking). Currently there is a single coverage collection mode (tracing), but the API anticipates additional collection modes. Initially I also implemented a second mode which exposes coverage in a fixed-size hash table of counters (what Quentin used in his original patch). I've dropped the second mode for simplicity. This patch adds the necessary support on kernel side. The complimentary compiler support was added in gcc revision 231296. We've used this support to build syzkaller system call fuzzer, which has found 90 kernel bugs in just 2 months: https://github.com/google/syzkaller/wiki/Found-Bugs We've also found 30+ bugs in our internal systems with syzkaller. Another (yet unexplored) direction where kcov coverage would greatly help is more traditional "blob mutation". For example, mounting a random blob as a filesystem, or receiving a random blob over wire. Why not gcov. Typical fuzzing loop looks as follows: (1) reset coverage, (2) execute a bit of code, (3) collect coverage, repeat. A typical coverage can be just a dozen of basic blocks (e.g. an invalid input). In such context gcov becomes prohibitively expensive as reset/collect coverage steps depend on total number of basic blocks/edges in program (in case of kernel it is about 2M). Cost of kcov depends only on number of executed basic blocks/edges. On top of that, kernel requires per-thread coverage because there are always background threads and unrelated processes that also produce coverage. With inlined gcov instrumentation per-thread coverage is not possible. kcov exposes kernel PCs and control flow to user-space which is insecure. But debugfs should not be mapped as user accessible. Based on a patch by Quentin Casasnovas. [akpm@linux-foundation.org: make task_struct.kcov_mode have type `enum kcov_mode'] [akpm@linux-foundation.org: unbreak allmodconfig] [akpm@linux-foundation.org: follow x86 Makefile layout standards] Signed-off-by: Dmitry Vyukov <dvyukov@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: syzkaller <syzkaller@googlegroups.com> Cc: Vegard Nossum <vegard.nossum@oracle.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Tavis Ormandy <taviso@google.com> Cc: Will Deacon <will.deacon@arm.com> Cc: Quentin Casasnovas <quentin.casasnovas@oracle.com> Cc: Kostya Serebryany <kcc@google.com> Cc: Eric Dumazet <edumazet@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Kees Cook <keescook@google.com> Cc: Bjorn Helgaas <bhelgaas@google.com> Cc: Sasha Levin <sasha.levin@oracle.com> Cc: David Drysdale <drysdale@google.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Kirill A. Shutemov <kirill@shutemov.name> Cc: Jiri Slaby <jslaby@suse.cz> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | Merge branch 'core-objtool-for-linus' of ↵Linus Torvalds2016-03-212-4/+39
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull 'objtool' stack frame validation from Ingo Molnar: "This tree adds a new kernel build-time object file validation feature (ONFIG_STACK_VALIDATION=y): kernel stack frame correctness validation. It was written by and is maintained by Josh Poimboeuf. The motivation: there's a category of hard to find kernel bugs, most of them in assembly code (but also occasionally in C code), that degrades the quality of kernel stack dumps/backtraces. These bugs are hard to detect at the source code level. Such bugs result in incorrect/incomplete backtraces most of time - but can also in some rare cases result in crashes or other undefined behavior. The build time correctness checking is done via the new 'objtool' user-space utility that was written for this purpose and which is hosted in the kernel repository in tools/objtool/. The tool's (very simple) UI and source code design is shaped after Git and perf and shares quite a bit of infrastructure with tools/perf (which tooling infrastructure sharing effort got merged via perf and is already upstream). Objtool follows the well-known kernel coding style. Objtool does not try to check .c or .S files, it instead analyzes the resulting .o generated machine code from first principles: it decodes the instruction stream and interprets it. (Right now objtool supports the x86-64 architecture.) From tools/objtool/Documentation/stack-validation.txt: "The kernel CONFIG_STACK_VALIDATION option enables a host tool named objtool which runs at compile time. It has a "check" subcommand which analyzes every .o file and ensures the validity of its stack metadata. It enforces a set of rules on asm code and C inline assembly code so that stack traces can be reliable. Currently it only checks frame pointer usage, but there are plans to add CFI validation for C files and CFI generation for asm files. For each function, it recursively follows all possible code paths and validates the correct frame pointer state at each instruction. It also follows code paths involving special sections, like .altinstructions, __jump_table, and __ex_table, which can add alternative execution paths to a given instruction (or set of instructions). Similarly, it knows how to follow switch statements, for which gcc sometimes uses jump tables." When this new kernel option is enabled (it's disabled by default), the tool, if it finds any suspicious assembly code pattern, outputs warnings in compiler warning format: warning: objtool: rtlwifi_rate_mapping()+0x2e7: frame pointer state mismatch warning: objtool: cik_tiling_mode_table_init()+0x6ce: call without frame pointer save/setup warning: objtool:__schedule()+0x3c0: duplicate frame pointer save warning: objtool:__schedule()+0x3fd: sibling call from callable instruction with changed frame pointer ... so that scripts that pick up compiler warnings will notice them. All known warnings triggered by the tool are fixed by the tree, most of the commits in fact prepare the kernel to be warning-free. Most of them are bugfixes or cleanups that stand on their own, but there are also some annotations of 'special' stack frames for justified cases such entries to JIT-ed code (BPF) or really special boot time code. There are two other long-term motivations behind this tool as well: - To improve the quality and reliability of kernel stack frames, so that they can be used for optimized live patching. - To create independent infrastructure to check the correctness of CFI stack frames at build time. CFI debuginfo is notoriously unreliable and we cannot use it in the kernel as-is without extra checking done both on the kernel side and on the build side. The quality of kernel stack frames matters to debuggability as well, so IMO we can merge this without having to consider the live patching or CFI debuginfo angle" * 'core-objtool-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (52 commits) objtool: Only print one warning per function objtool: Add several performance improvements tools: Copy hashtable.h into tools directory objtool: Fix false positive warnings for functions with multiple switch statements objtool: Rename some variables and functions objtool: Remove superflous INIT_LIST_HEAD objtool: Add helper macros for traversing instructions objtool: Fix false positive warnings related to sibling calls objtool: Compile with debugging symbols objtool: Detect infinite recursion objtool: Prevent infinite recursion in noreturn detection objtool: Detect and warn if libelf is missing and don't break the build tools: Support relative directory path for 'O=' objtool: Support CROSS_COMPILE x86/asm/decoder: Use explicitly signed chars objtool: Enable stack metadata validation on 64-bit x86 objtool: Add CONFIG_STACK_VALIDATION option objtool: Add tool to perform compile-time stack metadata validation x86/kprobes: Mark kretprobe_trampoline() stack frame as non-standard sched: Always inline context_switch() ...
| * | objtool: Detect and warn if libelf is missing and don't break the buildJosh Poimboeuf2016-03-051-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With CONFIG_STACK_VALIDATION enabled, if the host system doesn't have a development version of libelf installed, the build fails with errors like: elf.h:22:18: fatal error: gelf.h: No such file or directory compilation terminated. Instead of failing to build, instead just print a warning and disable stack validation. Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Cc: Sudip Mukherjee <sudipm.mukherjee@gmail.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-next@vger.kernel.org Cc: linux@roeck-us.net Cc: live-patching@vger.kernel.org Link: http://lkml.kernel.org/r/8c27fe00face60f42e888ddb3142c97e45223165.1457026550.git.jpoimboe@redhat.com Signed-off-by: Ingo Molnar <mingo@kernel.org>
| * | objtool: Add CONFIG_STACK_VALIDATION optionJosh Poimboeuf2016-02-291-4/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a CONFIG_STACK_VALIDATION option which will run "objtool check" for each .o file to ensure the validity of its stack metadata. Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Andy Lutomirski <luto@kernel.org> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: Bernd Petrovitsch <bernd@petrovitsch.priv.at> Cc: Borislav Petkov <bp@alien8.de> Cc: Chris J Arges <chris.j.arges@canonical.com> Cc: Jiri Slaby <jslaby@suse.cz> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Michal Marek <mmarek@suse.cz> Cc: Namhyung Kim <namhyung@gmail.com> Cc: Pedro Alves <palves@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: live-patching@vger.kernel.org Link: http://lkml.kernel.org/r/92baab69a6bf9bc7043af0bfca9fb964a1d45546.1456719558.git.jpoimboe@redhat.com Signed-off-by: Ingo Molnar <mingo@kernel.org>
| * | objtool: Mark non-standard object files and directoriesJosh Poimboeuf2016-02-291-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Code which runs outside the kernel's normal mode of operation often does unusual things which can cause a static analysis tool like objtool to emit false positive warnings: - boot image - vdso image - relocation - realmode - efi - head - purgatory - modpost Set OBJECT_FILES_NON_STANDARD for their related files and directories, which will tell objtool to skip checking them. It's ok to skip them because they don't affect runtime stack traces. Also skip the following code which does the right thing with respect to frame pointers, but is too "special" to be validated by a tool: - entry - mcount Also skip the test_nx module because it modifies its exception handling table at runtime, which objtool can't understand. Fortunately it's just a test module so it doesn't matter much. Currently objtool is the only user of OBJECT_FILES_NON_STANDARD, but it might eventually be useful for other tools. Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Andy Lutomirski <luto@kernel.org> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: Bernd Petrovitsch <bernd@petrovitsch.priv.at> Cc: Borislav Petkov <bp@alien8.de> Cc: Chris J Arges <chris.j.arges@canonical.com> Cc: Jiri Slaby <jslaby@suse.cz> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Michal Marek <mmarek@suse.cz> Cc: Namhyung Kim <namhyung@gmail.com> Cc: Pedro Alves <palves@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: live-patching@vger.kernel.org Link: http://lkml.kernel.org/r/366c080e3844e8a5b6a0327dc7e8c2b90ca3baeb.1456719558.git.jpoimboe@redhat.com Signed-off-by: Ingo Molnar <mingo@kernel.org>
* | | Merge tag 'devicetree-for-4.6' of ↵Linus Torvalds2016-03-1914-112/+741
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux Pull DeviceTree updates from Rob Herring: - new tool 'dtx_diff' to diff DT files - sync kernel's dtc/libfdt to current dtc repo master - fix for reserved memory regions located in highmem - document standard unit suffixes for DT properties - various DT binding doc updates * tag 'devicetree-for-4.6' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux: of: Add vendor prefix for eGalax_eMPIA Technology Inc Input: ads7846: Add description how to use internal reference (ADS7846) ARM: realview: add EB syscon variants to bindings devicetree: bindings: ARM: Use "uV" for micro-volt serial: fsl-imx-uart: Fix typo in fsl,dte-mode description of: add 'const' for of_property_*_string*() parameter '*np' of/unittest: fix infinite loop in of_unittest_destroy_tracked_overlays() of: alloc anywhere from memblock if range not specified kbuild: Allow using host dtc instead of kernel's copy of: resolver: Add missing of_node_get and of_node_put of: Add United Radiant Technology Corporation vendor prefix dt/bindings: add documentation on standard property unit suffixes scripts/dtc: Update to upstream commit b06e55c88b9b ARM: boot: Add an implementation of strnlen for libfdt scripts/dtc: dtx_diff - add info to error message dtc: create tool to diff device trees
| * | | kbuild: Allow using host dtc instead of kernel's copyRob Herring2016-02-231-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Development of dtc happens in its own upstream repository, but testing dtc changes against the kernel tree is useful. Change dtc to a variable that users can override. Signed-off-by: Rob Herring <robh@kernel.org> Cc: Michal Marek <mmarek@suse.com> Cc: linux-kbuild@vger.kernel.org
| * | | scripts/dtc: Update to upstream commit b06e55c88b9bRob Herring2016-02-1212-111/+390
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sync to upstream dtc commit b06e55c88b9b ("Prevent crash on modulo by zero"). This adds the following commits from upstream: b06e55c Prevent crash on modulo by zero b433450 Fix some bugs in processing of line directives d728ad5 Fix crash on nul character in string escape sequence 1ab2205 Gracefully handle bad octal literals 1937095 Prevent crash on division by zero d0b3ab0 libfdt: Fix undefined behaviour in fdt_offset_ptr() d4c7c25 libfdt: check for potential overrun in _fdt_splice() f58799b libfdt: Add some missing symbols to version.lds af9f26d Remove duplicated -Werror in dtc Makefile 604e61e fdt: Add functions to retrieve strings 8702bd1 fdt: Add a function to get the index of a string 2218387 fdt: Add a function to count strings 554fde2 libfdt: fix comment block of fdt_get_property_namelen() e5e6df7 fdtdump: Fix bug printing bytestrings with negative values 067829e Remove redundant fdtdump test code 897a429 Move fdt_path_offset alias tests to right tests section 2d1417c Add simple .travis.yml f6dbc6c guess output file format 5e78dff guess input file format based on file content or file name 8b927bf tests: convert `echo -n` to `printf` 64c46b0 Fix crash with poorly defined #size-cells Cc: Grant Likely <grant.likely@linaro.org> Tested-by: Frank Rowand <frank.rowand@sonymobile.com> Reviewed-by: Frank Rowand <frank.rowand@sonymobile.com> Signed-off-by: Rob Herring <robh@kernel.org>
| * | | scripts/dtc: dtx_diff - add info to error messageFrank Rowand2016-02-121-4/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If kernel config options are not properly set, "make scripts" will not compile dtc. Update the unable to find dtc error message to check the kernel config and give better advice on how to create dtc. Reword another error message to increase clarity. Signed-off-by: Frank Rowand <frank.rowand@sonymobile.com> Signed-off-by: Rob Herring <robh@kernel.org>
| * | | dtc: create tool to diff device treesFrank Rowand2016-01-251-0/+343
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Create script to diff device trees. The device tree can be in any of the forms recognized by the dtc compiler: - source - binary blob - file system tree (from /proc/devicetree) If the device tree is a source file, then it is pre-processed in the same way as it would be when built in the linux kernel source tree before diffing. Signed-off-by: Frank Rowand <frank.rowand@sonymobile.com> Signed-off-by: Rob Herring <robh@kernel.org>
* | | Merge tag 'arm64-upstream' of ↵Linus Torvalds2016-03-181-5/+5
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 updates from Catalin Marinas: "Here are the main arm64 updates for 4.6. There are some relatively intrusive changes to support KASLR, the reworking of the kernel virtual memory layout and initial page table creation. Summary: - Initial page table creation reworked to avoid breaking large block mappings (huge pages) into smaller ones. The ARM architecture requires break-before-make in such cases to avoid TLB conflicts but that's not always possible on live page tables - Kernel virtual memory layout: the kernel image is no longer linked to the bottom of the linear mapping (PAGE_OFFSET) but at the bottom of the vmalloc space, allowing the kernel to be loaded (nearly) anywhere in physical RAM - Kernel ASLR: position independent kernel Image and modules being randomly mapped in the vmalloc space with the randomness is provided by UEFI (efi_get_random_bytes() patches merged via the arm64 tree, acked by Matt Fleming) - Implement relative exception tables for arm64, required by KASLR (initial code for ARCH_HAS_RELATIVE_EXTABLE added to lib/extable.c but actual x86 conversion to deferred to 4.7 because of the merge dependencies) - Support for the User Access Override feature of ARMv8.2: this allows uaccess functions (get_user etc.) to be implemented using LDTR/STTR instructions. Such instructions, when run by the kernel, perform unprivileged accesses adding an extra level of protection. The set_fs() macro is used to "upgrade" such instruction to privileged accesses via the UAO bit - Half-precision floating point support (part of ARMv8.2) - Optimisations for CPUs with or without a hardware prefetcher (using run-time code patching) - copy_page performance improvement to deal with 128 bytes at a time - Sanity checks on the CPU capabilities (via CPUID) to prevent incompatible secondary CPUs from being brought up (e.g. weird big.LITTLE configurations) - valid_user_regs() reworked for better sanity check of the sigcontext information (restored pstate information) - ACPI parking protocol implementation - CONFIG_DEBUG_RODATA enabled by default - VDSO code marked as read-only - DEBUG_PAGEALLOC support - ARCH_HAS_UBSAN_SANITIZE_ALL enabled - Erratum workaround Cavium ThunderX SoC - set_pte_at() fix for PROT_NONE mappings - Code clean-ups" * tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: (99 commits) arm64: kasan: Fix zero shadow mapping overriding kernel image shadow arm64: kasan: Use actual memory node when populating the kernel image shadow arm64: Update PTE_RDONLY in set_pte_at() for PROT_NONE permission arm64: Fix misspellings in comments. arm64: efi: add missing frame pointer assignment arm64: make mrs_s prefixing implicit in read_cpuid arm64: enable CONFIG_DEBUG_RODATA by default arm64: Rework valid_user_regs arm64: mm: check at build time that PAGE_OFFSET divides the VA space evenly arm64: KVM: Move kvm_call_hyp back to its original localtion arm64: mm: treat memstart_addr as a signed quantity arm64: mm: list kernel sections in order arm64: lse: deal with clobbered IP registers after branch via PLT arm64: mm: dump: Use VA_START directly instead of private LOWEST_ADDR arm64: kconfig: add submenu for 8.2 architectural features arm64: kernel: acpi: fix ioremap in ACPI parking protocol cpu_postboot arm64: Add support for Half precision floating point arm64: Remove fixmap include fragility arm64: Add workaround for Cavium erratum 27456 arm64: mm: Mark .rodata as RO ...
| * | | arm64: switch to relative exception tablesArd Biesheuvel2016-02-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of using absolute addresses for both the exception location and the fixup, use offsets relative to the exception table entry values. Not only does this cut the size of the exception table in half, it is also a prerequisite for KASLR, since absolute exception table entries are subject to dynamic relocation, which is incompatible with the sorting of the exception table that occurs at build time. This patch also introduces the _ASM_EXTABLE preprocessor macro (which exists on x86 as well) and its _asm_extable assembly counterpart, as shorthands to emit exception table entries. Acked-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
| * | | scripts/sortextable: add support for ET_DYN binariesArd Biesheuvel2016-02-241-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support to scripts/sortextable for handling relocatable (PIE) executables, whose ELF type is ET_DYN, not ET_EXEC. Other than adding support for the new type, no changes are needed. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
* | | | Merge tag 'char-misc-4.6-rc1' of ↵Linus Torvalds2016-03-171-1/+1
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc Pull char/misc updates from Greg KH: "Here is the big char/misc driver update for 4.6-rc1. The majority of the patches here is hwtracing and some new mic drivers, but there's a lot of other driver updates as well. Full details in the shortlog. All have been in linux-next for a while with no reported issues" * tag 'char-misc-4.6-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (238 commits) goldfish: Fix build error of missing ioremap on UM nvmem: mediatek: Fix later provider initialization nvmem: imx-ocotp: Fix return value of imx_ocotp_read nvmem: Fix dependencies for !HAS_IOMEM archs char: genrtc: replace blacklist with whitelist drivers/hwtracing: make coresight-etm-perf.c explicitly non-modular drivers: char: mem: fix IS_ERROR_VALUE usage char: xillybus: Fix internal data structure initialization pch_phub: return -ENODATA if ROM can't be mapped Drivers: hv: vmbus: Support kexec on ws2012 r2 and above Drivers: hv: vmbus: Support handling messages on multiple CPUs Drivers: hv: utils: Remove util transport handler from list if registration fails Drivers: hv: util: Pass the channel information during the init call Drivers: hv: vmbus: avoid unneeded compiler optimizations in vmbus_wait_for_unload() Drivers: hv: vmbus: remove code duplication in message handling Drivers: hv: vmbus: avoid wait_for_completion() on crash Drivers: hv: vmbus: don't loose HVMSG_TIMER_EXPIRED messages misc: at24: replace memory_accessor with nvmem_device_read eeprom: 93xx46: extend driver to plug into the NVMEM framework eeprom: at25: extend driver to plug into the NVMEM framework ...
| * | | | Merge 4.5-rc4 into char-misc-nextGreg Kroah-Hartman2016-02-142-1/+22
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | We want those fixes in here as well. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| * | | | scripts: fix typo in ver_linuxMatthias Lange2016-02-081-1/+1
| | |/ / | |/| | | | | | | | | | | | | | Signed-off-by: Matthias Lange <matthias.lange@kernkonzept.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* | | | Merge branch 'next' of ↵Linus Torvalds2016-03-175-99/+580
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security Pull security layer updates from James Morris: "There are a bunch of fixes to the TPM, IMA, and Keys code, with minor fixes scattered across the subsystem. IMA now requires signed policy, and that policy is also now measured and appraised" * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (67 commits) X.509: Make algo identifiers text instead of enum akcipher: Move the RSA DER encoding check to the crypto layer crypto: Add hash param to pkcs1pad sign-file: fix build with CMS support disabled MAINTAINERS: update tpmdd urls MODSIGN: linux/string.h should be #included to get memcpy() certs: Fix misaligned data in extra certificate list X.509: Handle midnight alternative notation in GeneralizedTime X.509: Support leap seconds Handle ISO 8601 leap seconds and encodings of midnight in mktime64() X.509: Fix leap year handling again PKCS#7: fix unitialized boolean 'want' firmware: change kernel read fail to dev_dbg() KEYS: Use the symbol value for list size, updated by scripts/insert-sys-cert KEYS: Reserve an extra certificate symbol for inserting without recompiling modsign: hide openssl output in silent builds tpm_tis: fix build warning with tpm_tis_resume ima: require signed IMA policy ima: measure and appraise the IMA policy itself ima: load policy using path ...
| * | | | sign-file: fix build with CMS support disabledMarc-Antoine Perennou2016-03-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some versions of openssl might have the CMS feature disabled LibreSSL disables this feature too If the feature is disabled, fallback to PKCS7 In file included from scripts/sign-file.c:46:0: /usr/x86_64-pc-linux-gnu/include/openssl/cms.h:62:2: error: #error CMS is disabled. #error CMS is disabled. Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com> Signed-off-by: David Howells <dhowells@redhat.com>
| * | | | KEYS: Use the symbol value for list size, updated by scripts/insert-sys-certMehmet Kayaalp2016-02-261-8/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a certificate is inserted to the image using scripts/writekey, the value of __cert_list_end does not change. The updated size can be found out by reading the value pointed by the system_certificate_list_size symbol. Signed-off-by: Mehmet Kayaalp <mkayaalp@linux.vnet.ibm.com> Signed-off-by: David Howells <dhowells@redhat.com>
| * | | | KEYS: Reserve an extra certificate symbol for inserting without recompilingMehmet Kayaalp2016-02-263-0/+412
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Place a system_extra_cert buffer of configurable size, right after the system_certificate_list, so that inserted keys can be readily processed by the existing mechanism. Added script takes a key file and a kernel image and inserts its contents to the reserved area. The system_certificate_list_size is also adjusted accordingly. Call the script as: scripts/insert-sys-cert -b <vmlinux> -c <certfile> If vmlinux has no symbol table, supply System.map file with -s flag. Subsequent runs replace the previously inserted key, instead of appending the new one. Signed-off-by: Mehmet Kayaalp <mkayaalp@linux.vnet.ibm.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
| * | | | scripts/sign-file.c: Add support for signing with a raw signatureJuerg Haefliger2016-02-181-90/+146
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds support for signing a kernel module with a raw detached PKCS#7 signature/message. The signature is not converted and is simply appended to the module so it needs to be in the right format. Using openssl, a valid signature can be generated like this: $ openssl smime -sign -nocerts -noattr -binary -in <module> -inkey \ <key> -signer <x509> -outform der -out <raw sig> The resulting raw signature from the above command is (more or less) identical to the raw signature that sign-file itself can produce like this: $ scripts/sign-file -d <hash algo> <key> <x509> <module> Signed-off-by: Juerg Haefliger <juerg.haefliger@hpe.com> Signed-off-by: David Howells <dhowells@redhat.com>
| * | | | v2 linux-next scripts/sign-file.c Fix LibreSSL supportCodarren Velvindron2016-02-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In file included from scripts/sign-file.c:47:0: /usr/include/openssl/cms.h:62:2: error: #error CMS is disabled. #error CMS is disabled. ^ scripts/Makefile.host:91: recipe for target 'scripts/sign-file' failed make[1]: *** [scripts/sign-file] Error 1 Makefile:567: recipe for target 'scripts' failed make: *** [scripts] Error 2 Fix SSL headers so that the kernel can build with LibreSSL Signed-off-by: Codarren Velvindron <codarren@hackers.mu> Acked-by: David Woodhouse <David.Woodhouse@intel.com> Signed-off-by: David Howells <dhowells@redhat.com>
* | | | | Merge branch 'akpm' (patches from Andrew)Linus Torvalds2016-03-164-14/+116
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Merge first patch-bomb from Andrew Morton: - some misc things - ofs2 updates - about half of MM - checkpatch updates - autofs4 update * emailed patches from Andrew Morton <akpm@linux-foundation.org>: (120 commits) autofs4: fix string.h include in auto_dev-ioctl.h autofs4: use pr_xxx() macros directly for logging autofs4: change log print macros to not insert newline autofs4: make autofs log prints consistent autofs4: fix some white space errors autofs4: fix invalid ioctl return in autofs4_root_ioctl_unlocked() autofs4: fix coding style line length in autofs4_wait() autofs4: fix coding style problem in autofs4_get_set_timeout() autofs4: coding style fixes autofs: show pipe inode in mount options kallsyms: add support for relative offsets in kallsyms address table kallsyms: don't overload absolute symbol type for percpu symbols x86: kallsyms: disable absolute percpu symbols on !SMP checkpatch: fix another left brace warning checkpatch: improve UNSPECIFIED_INT test for bare signed/unsigned uses checkpatch: warn on bare unsigned or signed declarations without int checkpatch: exclude asm volatile from complex macro check mm: memcontrol: drop unnecessary lru locking from mem_cgroup_migrate() mm: migrate: consolidate mem_cgroup_migrate() calls mm/compaction: speed up pageblock_pfn_to_page() when zone is contiguous ...