1. 06 Apr, 2016 1 commit
  2. 23 Mar, 2016 1 commit
  3. 22 Mar, 2016 5 commits
    • Andrey Ryabinin's avatar
      ubsan: fix tree-wide -Wmaybe-uninitialized false positives · dde5cf39
      Andrey Ryabinin authored
      -fsanitize=* options makes GCC less smart than usual and increase number
      of 'maybe-uninitialized' false-positives. So this patch does two things:
      
       * Add -Wno-maybe-uninitialized to CFLAGS_UBSAN which will disable all
         such warnings for instrumented files.
      
       * Remove CONFIG_UBSAN_SANITIZE_ALL from all[yes|mod]config builds. So
         the all[yes|mod]config build goes without -fsanitize=* and still with
         -Wmaybe-uninitialized.
      Signed-off-by: default avatarAndrey Ryabinin <aryabinin@virtuozzo.com>
      Reported-by: default avatarFengguang Wu <fengguang.wu@intel.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      dde5cf39
    • Jan Kiszka's avatar
      scripts/gdb: account for changes in module data structure · ad4db3b2
      Jan Kiszka authored
      Commit 7523e4dc ("module: use a structure to encapsulate layout.")
      factored out the module_layout structure.  Adjust the symbol loader and
      the lsmod command to this.
      Signed-off-by: default avatarJan Kiszka <jan.kiszka@siemens.com>
      Reviewed-by: default avatarKieran Bingham <kieran.bingham@linaro.org>
      Tested-by: Kieran Bingham <kieran.bingham@linaro.org> (qemu-{ARM,x86})
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Cc: Jiri Kosina <jkosina@suse.cz>
      Cc: Jason Wessel <jason.wessel@windriver.com>
      Cc: <stable@vger.kernel.org>	[4.4+]
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      ad4db3b2
    • Kieran Bingham's avatar
      scripts/gdb: add cmdline reader command · 72bf92ec
      Kieran Bingham authored
      lx-cmdline Report the Linux Commandline used in the current kernel
      
      [jan.kiszka@siemens.com: remove blank line from help output and fix pep8 warning]
      Signed-off-by: default avatarKieran Bingham <kieran.bingham@linaro.org>
      Signed-off-by: default avatarJan Kiszka <jan.kiszka@siemens.com>
      Cc: Jason Wessel <jason.wessel@windriver.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      72bf92ec
    • Kieran Bingham's avatar
      scripts/gdb: add version command · 2d061d99
      Kieran Bingham authored
      lx-version Report the Linux Version of the current kernel.
      
      Add a command to identify the version specified by the banner in the
      debugged kernel.
      
      This lets the user identify the kernel of the running kernel, and will
      let later scripts compare the banner of the attached kernel against the
      banner in the vmlinux symbols files to verify that the files are
      correct.
      
      [jan.kiszka@siemens.com: remove blank line from help output and fix pep8 warning]
      Signed-off-by: default avatarKieran Bingham <kieran.bingham@linaro.org>
      Signed-off-by: default avatarJan Kiszka <jan.kiszka@siemens.com>
      Cc: Jason Wessel <jason.wessel@windriver.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      2d061d99
    • Dmitry Vyukov's avatar
      kernel: add kcov code coverage · 5c9a8750
      Dmitry Vyukov authored
      kcov provides code coverage collection for coverage-guided fuzzing
      (randomized testing).  Coverage-guided fuzzing is a testing technique
      that uses coverage feedback to determine new interesting inputs to a
      system.  A notable user-space example is AFL
      (http://lcamtuf.coredump.cx/afl/).  However, this technique is not
      widely used for kernel testing due to missing compiler and kernel
      support.
      
      kcov does not aim to collect as much coverage as possible.  It aims to
      collect more or less stable coverage that is function of syscall inputs.
      To achieve this goal it does not collect coverage in soft/hard
      interrupts and instrumentation of some inherently non-deterministic or
      non-interesting parts of kernel is disbled (e.g.  scheduler, locking).
      
      Currently there is a single coverage collection mode (tracing), but the
      API anticipates additional collection modes.  Initially I also
      implemented a second mode which exposes coverage in a fixed-size hash
      table of counters (what Quentin used in his original patch).  I've
      dropped the second mode for simplicity.
      
      This patch adds the necessary support on kernel side.  The complimentary
      compiler support was added in gcc revision 231296.
      
      We've used this support to build syzkaller system call fuzzer, which has
      found 90 kernel bugs in just 2 months:
      
        https://github.com/google/syzkaller/wiki/Found-Bugs
      
      We've also found 30+ bugs in our internal systems with syzkaller.
      Another (yet unexplored) direction where kcov coverage would greatly
      help is more traditional "blob mutation".  For example, mounting a
      random blob as a filesystem, or receiving a random blob over wire.
      
      Why not gcov.  Typical fuzzing loop looks as follows: (1) reset
      coverage, (2) execute a bit of code, (3) collect coverage, repeat.  A
      typical coverage can be just a dozen of basic blocks (e.g.  an invalid
      input).  In such context gcov becomes prohibitively expensive as
      reset/collect coverage steps depend on total number of basic
      blocks/edges in program (in case of kernel it is about 2M).  Cost of
      kcov depends only on number of executed basic blocks/edges.  On top of
      that, kernel requires per-thread coverage because there are always
      background threads and unrelated processes that also produce coverage.
      With inlined gcov instrumentation per-thread coverage is not possible.
      
      kcov exposes kernel PCs and control flow to user-space which is
      insecure.  But debugfs should not be mapped as user accessible.
      
      Based on a patch by Quentin Casasnovas.
      
      [akpm@linux-foundation.org: make task_struct.kcov_mode have type `enum kcov_mode']
      [akpm@linux-foundation.org: unbreak allmodconfig]
      [akpm@linux-foundation.org: follow x86 Makefile layout standards]
      Signed-off-by: default avatarDmitry Vyukov <dvyukov@google.com>
      Reviewed-by: default avatarKees Cook <keescook@chromium.org>
      Cc: syzkaller <syzkaller@googlegroups.com>
      Cc: Vegard Nossum <vegard.nossum@oracle.com>
      Cc: Catalin Marinas <catalin.marinas@arm.com>
      Cc: Tavis Ormandy <taviso@google.com>
      Cc: Will Deacon <will.deacon@arm.com>
      Cc: Quentin Casasnovas <quentin.casasnovas@oracle.com>
      Cc: Kostya Serebryany <kcc@google.com>
      Cc: Eric Dumazet <edumazet@google.com>
      Cc: Alexander Potapenko <glider@google.com>
      Cc: Kees Cook <keescook@google.com>
      Cc: Bjorn Helgaas <bhelgaas@google.com>
      Cc: Sasha Levin <sasha.levin@oracle.com>
      Cc: David Drysdale <drysdale@google.com>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com>
      Cc: Kirill A. Shutemov <kirill@shutemov.name>
      Cc: Jiri Slaby <jslaby@suse.cz>
      Cc: Ingo Molnar <mingo@elte.hu>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      5c9a8750
  4. 15 Mar, 2016 7 commits
  5. 13 Mar, 2016 1 commit
  6. 05 Mar, 2016 1 commit
  7. 04 Mar, 2016 2 commits
    • Masahiro Yamada's avatar
      kbuild: suppress annoying "... is up to date." message · 2aedcd09
      Masahiro Yamada authored
      Under certain conditions, Kbuild shows "... is up to date" where
      if_changed or friends are used.
      
      For example, the incremental build of ARM64 Linux shows this message
      when the kernel image has not been updated.
      
        $ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu-
          CHK     include/config/kernel.release
          CHK     include/generated/uapi/linux/version.h
          CHK     include/generated/utsrelease.h
          CHK     include/generated/bounds.h
          CHK     include/generated/timeconst.h
          CHK     include/generated/asm-offsets.h
          CALL    scripts/checksyscalls.sh
          CHK     include/generated/compile.h
          CHK     kernel/config_data.h
        make[1]: `arch/arm64/boot/Image.gz' is up to date.
          Building modules, stage 2.
          MODPOST 0 modules
      
      The following is the build rule in arch/arm64/boot/Makefile:
      
        $(obj)/Image.gz: $(obj)/Image FORCE
                $(call if_changed,gzip)
      
      If the Image.gz is newer than the Image and the command line has not
      changed (i.e., $(any-prereq) and $(arg-check) are both empty), the
      build rule $(call if_changed,gzip) is evaluated to be empty, then
      GNU Make reports the target is up to date.  In order to make GNU Make
      quiet, we need to give it something to do, for example, "@:".  This
      should be fixed in the Kbuild core part rather than in each Makefile.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      Signed-off-by: default avatarMichal Marek <mmarek@suse.com>
      2aedcd09
    • Paolo Abeni's avatar
      kbuild/mkspec: clean boot loader configuration on rpm removal · 6ef41e22
      Paolo Abeni authored
      This patch add a rpm preuninstall scriptlet to cleanup the
      boot loader configuration on kernel package uninstall.
      The initrd for the to-be-removed kernel is deleted, too.
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Signed-off-by: default avatarMichal Marek <mmarek@suse.com>
      6ef41e22
  8. 03 Mar, 2016 1 commit
  9. 29 Feb, 2016 2 commits
    • Josh Poimboeuf's avatar
      objtool: Add CONFIG_STACK_VALIDATION option · b9ab5ebb
      Josh Poimboeuf authored
      Add a CONFIG_STACK_VALIDATION option which will run "objtool check" for
      each .o file to ensure the validity of its stack metadata.
      Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
      Cc: Bernd Petrovitsch <bernd@petrovitsch.priv.at>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Chris J Arges <chris.j.arges@canonical.com>
      Cc: Jiri Slaby <jslaby@suse.cz>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michal Marek <mmarek@suse.cz>
      Cc: Namhyung Kim <namhyung@gmail.com>
      Cc: Pedro Alves <palves@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: live-patching@vger.kernel.org
      Link: http://lkml.kernel.org/r/92baab69a6bf9bc7043af0bfca9fb964a1d45546.1456719558.git.jpoimboe@redhat.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      b9ab5ebb
    • Josh Poimboeuf's avatar
      objtool: Mark non-standard object files and directories · c0dd6716
      Josh Poimboeuf authored
      Code which runs outside the kernel's normal mode of operation often does
      unusual things which can cause a static analysis tool like objtool to
      emit false positive warnings:
      
       - boot image
       - vdso image
       - relocation
       - realmode
       - efi
       - head
       - purgatory
       - modpost
      
      Set OBJECT_FILES_NON_STANDARD for their related files and directories,
      which will tell objtool to skip checking them.  It's ok to skip them
      because they don't affect runtime stack traces.
      
      Also skip the following code which does the right thing with respect to
      frame pointers, but is too "special" to be validated by a tool:
      
       - entry
       - mcount
      
      Also skip the test_nx module because it modifies its exception handling
      table at runtime, which objtool can't understand.  Fortunately it's
      just a test module so it doesn't matter much.
      
      Currently objtool is the only user of OBJECT_FILES_NON_STANDARD, but it
      might eventually be useful for other tools.
      Signed-off-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
      Cc: Bernd Petrovitsch <bernd@petrovitsch.priv.at>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Chris J Arges <chris.j.arges@canonical.com>
      Cc: Jiri Slaby <jslaby@suse.cz>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michal Marek <mmarek@suse.cz>
      Cc: Namhyung Kim <namhyung@gmail.com>
      Cc: Pedro Alves <palves@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: live-patching@vger.kernel.org
      Link: http://lkml.kernel.org/r/366c080e3844e8a5b6a0327dc7e8c2b90ca3baeb.1456719558.git.jpoimboe@redhat.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      c0dd6716
  10. 26 Feb, 2016 3 commits
  11. 24 Feb, 2016 2 commits
  12. 23 Feb, 2016 2 commits
    • Boqun Feng's avatar
      sparse: Add __private to privatize members of structs · ad315455
      Boqun Feng authored
      In C programming language, we don't have a easy way to privatize a
      member of a structure. However in kernel, sometimes there is a need to
      privatize a member in case of potential bugs or misuses.
      
      Fortunately, the noderef attribute of sparse is a way to privatize a
      member, as by defining a member as noderef, the address-of operator on
      the member will produce a noderef pointer to that member, and if anyone
      wants to dereference that kind of pointers to read or modify the member,
      sparse will yell.
      
      Based on this, __private modifier and related operation ACCESS_PRIVATE()
      are introduced, which could help detect undesigned public uses of
      private members of structs. Here is an example of sparse's output if it
      detect an undersigned public use:
      
      | kernel/rcu/tree.c:4453:25: warning: incorrect type in argument 1 (different modifiers)
      | kernel/rcu/tree.c:4453:25:    expected struct raw_spinlock [usertype] *lock
      | kernel/rcu/tree.c:4453:25:    got struct raw_spinlock [noderef] *<noident>
      
      Also, this patch improves compiler.h a little bit by adding comments for
      "#else" and "#endif".
      Signed-off-by: default avatarBoqun Feng <boqun.feng@gmail.com>
      Signed-off-by: default avatarPaul E. McKenney <paulmck@linux.vnet.ibm.com>
      ad315455
    • Rob Herring's avatar
      kbuild: Allow using host dtc instead of kernel's copy · 6b22b3d1
      Rob Herring authored
      Development of dtc happens in its own upstream repository, but testing
      dtc changes against the kernel tree is useful. Change dtc to a variable
      that users can override.
      Signed-off-by: default avatarRob Herring <robh@kernel.org>
      Cc: Michal Marek <mmarek@suse.com>
      Cc: linux-kbuild@vger.kernel.org
      6b22b3d1
  13. 18 Feb, 2016 9 commits
  14. 17 Feb, 2016 1 commit
  15. 11 Feb, 2016 2 commits
    • Rob Herring's avatar
      scripts/dtc: Update to upstream commit b06e55c88b9b · 91feabc2
      Rob Herring authored
      Sync to upstream dtc commit b06e55c88b9b ("Prevent crash on modulo by
      zero"). This adds the following commits from upstream:
      
      b06e55c Prevent crash on modulo by zero
      b433450 Fix some bugs in processing of line directives
      d728ad5 Fix crash on nul character in string escape sequence
      1ab2205 Gracefully handle bad octal literals
      1937095 Prevent crash on division by zero
      d0b3ab0 libfdt: Fix undefined behaviour in fdt_offset_ptr()
      d4c7c25 libfdt: check for potential overrun in _fdt_splice()
      f58799b libfdt: Add some missing symbols to version.lds
      af9f26d Remove duplicated -Werror in dtc Makefile
      604e61e fdt: Add functions to retrieve strings
      8702bd1 fdt: Add a function to get the index of a string
      2218387 fdt: Add a function to count strings
      554fde2 libfdt: fix comment block of fdt_get_property_namelen()
      e5e6df7 fdtdump: Fix bug printing bytestrings with negative values
      067829e Remove redundant fdtdump test code
      897a429 Move fdt_path_offset alias tests to right tests section
      2d1417c Add simple .travis.yml
      f6dbc6c guess output file format
      5e78dff guess input file format based on file content or file name
      8b927bf tests: convert `echo -n` to `printf`
      64c46b0 Fix crash with poorly defined #size-cells
      
      Cc: Grant Likely <grant.likely@linaro.org>
      Tested-by: default avatarFrank Rowand <frank.rowand@sonymobile.com>
      Reviewed-by: default avatarFrank Rowand <frank.rowand@sonymobile.com>
      Signed-off-by: default avatarRob Herring <robh@kernel.org>
      91feabc2
    • Frank Rowand's avatar
      scripts/dtc: dtx_diff - add info to error message · 60c7f4cb
      Frank Rowand authored
      If kernel config options are not properly set, "make scripts" will not
      compile dtc.  Update the unable to find dtc error message to check
      the kernel config and give better advice on how to create dtc.
      
      Reword another error message to increase clarity.
      Signed-off-by: default avatarFrank Rowand <frank.rowand@sonymobile.com>
      Signed-off-by: default avatarRob Herring <robh@kernel.org>
      60c7f4cb