- typo fix in Kconfig (Jean Delvare)
- randstruct infrastructure
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Kees Cook <kees@outflux.net>
iQIcBAABCgAGBQJZXG6JAAoJEIly9N/cbcAmoO4P/jgF32XpC/HYGxcLARpcXUFr
Dct/KJa6LdSIkeiMlmJD2DaLVQqeIyqQd8Aq/6jv4OMC3KtlquAygx4DoGh2zYYP
HbSBiHz/czL1FCQpbXma2UUff1EDwuNM+wBJp80MgXy6J5KiKjB7yQAp9g0QS4o9
3WSSitr9VcPEoxF7J9zySobd41IClFYnf1yi/gms2T/uvOHWEqDTUl06Dl3AEXPo
0C/nMC4sNFggfTcsseAP7HGKiFyGErz2iER5wM0KXmU5eo4wgBK+mNN+n+oz1Doq
BvkXraAyeor3YsKdu1oOkyeNK8iRscfeiqWUv86kBtfP3vNKUmWmpo77O3qGz5ra
BwqcPF7nCtejs+QRVgeCrq3M/TUP1USN6shYS1uRVV5EPSy5NAsMO11Nzft7jaax
LHQxJrCUeO2fHs2vTlzmwoxFq/9882LFRmOzuKqXAnhMQyuySdtbK4rs7ap4gjIt
Zg6m0xDZWxPdIIrtoZGRuTcMSwV5QT4oTFQ125dgPO6zX9pwUWwN4Sg2zwn6aMx5
BuHiJmfZsz48TRv1ui7wWjMNrMs8XnUPEOQUJpNHlDbuZbK+WRoIIUjVvtffSclu
InpFCEq7OSov45ASYZ0SLNJO3N5L1zWjjjrJ3BQjCTxBNLUniBp6w2byWq0XObPD
BnkZ3MA9xvkvrDsucAkm
=rtdH
-----END PGP SIGNATURE-----
Merge tag 'gcc-plugins-v4.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull GCC plugin updates from Kees Cook:
"The big part is the randstruct plugin infrastructure.
This is the first of two expected pull requests for randstruct since
there are dependencies in other trees that would be easier to merge
once those have landed. Notably, the IPC allocation refactoring in
-mm, and many trivial merge conflicts across several trees when
applying the __randomize_layout annotation.
As a result, it seemed like I should send this now since it is
relatively self-contained, and once the rest of the trees have landed,
send the annotation patches. I'm expecting the final phase of
randstruct (automatic struct selection) will land for v4.14, but if
its other tree dependencies actually make it for v4.13, I can send
that merge request too.
Summary:
- typo fix in Kconfig (Jean Delvare)
- randstruct infrastructure"
* tag 'gcc-plugins-v4.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
ARM: Prepare for randomized task_struct
randstruct: Whitelist NIU struct page overloading
randstruct: Whitelist big_key path struct overloading
randstruct: Whitelist UNIXCB cast
randstruct: Whitelist struct security_hook_heads cast
gcc-plugins: Add the randstruct plugin
Fix English in description of GCC_PLUGIN_STRUCTLEAK
compiler: Add __designated_init annotation
gcc-plugins: Detail c-common.h location for GCC 4.6
There were a few bits and pieces left over from the now-disused DocBook
toolchain; git rid of them.
Reported-by: Markus Heiser <markus.heiser@darmarit.de>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This randstruct plugin is modified from Brad Spengler/PaX Team's code
in the last public patch of grsecurity/PaX based on my understanding
of the code. Changes or omissions from the original code are mine and
don't reflect the original grsecurity/PaX code.
The randstruct GCC plugin randomizes the layout of selected structures
at compile time, as a probabilistic defense against attacks that need to
know the layout of structures within the kernel. This is most useful for
"in-house" kernel builds where neither the randomization seed nor other
build artifacts are made available to an attacker. While less useful for
distribution kernels (where the randomization seed must be exposed for
third party kernel module builds), it still has some value there since now
all kernel builds would need to be tracked by an attacker.
In more performance sensitive scenarios, GCC_PLUGIN_RANDSTRUCT_PERFORMANCE
can be selected to make a best effort to restrict randomization to
cacheline-sized groups of elements, and will not randomize bitfields. This
comes at the cost of reduced randomization.
Two annotations are defined,__randomize_layout and __no_randomize_layout,
which respectively tell the plugin to either randomize or not to
randomize instances of the struct in question. Follow-on patches enable
the auto-detection logic for selecting structures for randomization
that contain only function pointers. It is disabled here to assist with
bisection.
Since any randomized structs must be initialized using designated
initializers, __randomize_layout includes the __designated_init annotation
even when the plugin is disabled so that all builds will require
the needed initialization. (With the plugin enabled, annotations for
automatically chosen structures are marked as well.)
The main differences between this implemenation and grsecurity are:
- disable automatic struct selection (to be enabled in follow-up patch)
- add designated_init attribute at runtime and for manual marking
- clarify debugging output to differentiate bad cast warnings
- add whitelisting infrastructure
- support gcc 7's DECL_ALIGN and DECL_MODE changes (Laura Abbott)
- raise minimum required GCC version to 4.7
Earlier versions of this patch series were ported by Michael Leibowitz.
Signed-off-by: Kees Cook <keescook@chromium.org>
Add a bunch of entries reflective of programs that the kernel build:
sortextable, dtc. And while at it, expand the lex*.c entries to cover
e.g: dtc-lexer.c. Finally, exclude devicetable-offsets.h
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
The build system stopped generating ikconfig.h in v2.6.8. Remove an entry
for it in dontdiff. There's also a reference to it in a small comment.
Remove that comment too, as it is of little help in any case.
Signed-off-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
This patch allows to build the whole kernel with GCC plugins. It was ported from
grsecurity/PaX. The infrastructure supports building out-of-tree modules and
building in a separate directory. Cross-compilation is supported too.
Currently the x86, arm, arm64 and uml architectures enable plugins.
The directory of the gcc plugins is scripts/gcc-plugins. You can use a file or a directory
there. The plugins compile with these options:
* -fno-rtti: gcc is compiled with this option so the plugins must use it too
* -fno-exceptions: this is inherited from gcc too
* -fasynchronous-unwind-tables: this is inherited from gcc too
* -ggdb: it is useful for debugging a plugin (better backtrace on internal
errors)
* -Wno-narrowing: to suppress warnings from gcc headers (ipa-utils.h)
* -Wno-unused-variable: to suppress warnings from gcc headers (gcc_version
variable, plugin-version.h)
The infrastructure introduces a new Makefile target called gcc-plugins. It
supports all gcc versions from 4.5 to 6.0. The scripts/gcc-plugin.sh script
chooses the proper host compiler (gcc-4.7 can be built by either gcc or g++).
This script also checks the availability of the included headers in
scripts/gcc-plugins/gcc-common.h.
The gcc-common.h header contains frequently included headers for GCC plugins
and it has a compatibility layer for the supported gcc versions.
The gcc-generate-*-pass.h headers automatically generate the registration
structures for GIMPLE, SIMPLE_IPA, IPA and RTL passes.
Note that 'make clean' keeps the *.so files (only the distclean or mrproper
targets clean all) because they are needed for out-of-tree modules.
Based on work created by the PaX Team.
Signed-off-by: Emese Revfy <re.emese@gmail.com>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michal Marek <mmarek@suse.com>
Clang has a few other kinds of derived files which shouldn't be added to a
patch. Add them to the Documentation/dontdiff file to prevent this.
Signed-off-by: Jan-Simon Möller <dl9pf@gmx.de>
Signed-off-by: Behan Webster <behanw@converseincode.com>
Cc: PaX Team <pageexec@freemail.hu>
Commit 77d1a49995 ("x86, boot: make
symbols from the main vmlinux available") removed all traces of
offsets.h from the tree. Remove its entries in dontdiff and x86/boot's
.gitignore file too.
Signed-off-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Pull the trivial tree from Jiri Kosina:
"Tiny usual fixes all over the place"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (34 commits)
doc: fix old config name of kprobetrace
fs/fs-writeback.c: cleanup riteback_sb_inodes kerneldoc
btrfs: fix the commment for the action flags in delayed-ref.h
btrfs: fix trivial typo for the comment of BTRFS_FREE_INO_OBJECTID
vfs: fix kerneldoc for generic_fh_to_parent()
treewide: fix comment/printk/variable typos
ipr: fix small coding style issues
doc: fix broken utf8 encoding
nfs: comment fix
platform/x86: fix asus_laptop.wled_type module parameter
mfd: printk/comment fixes
doc: getdelays.c: remember to close() socket on error in create_nl_socket()
doc: aliasing-test: close fd on write error
mmc: fix comment typos
dma: fix comments
spi: fix comment/printk typos in spi
Coccinelle: fix typo in memdup_user.cocci
tmiofb: missing NULL pointer checks
tools: perf: Fix typo in tools/perf
tools/testing: fix comment / output typos
...
Commit d56b9b9c46 ("The scheduled removal
of some OSS drivers") removed all traces of maui_boot.h from the tree.
Remove its entries in dontdiff and oss's .gitignore file.
Signed-off-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Commit 5a6f8d2bd9 ("kconfig: nuke
LKC_DIRECT_LINK cruft") removed all traces of lkc_defs.h from the tree.
Remove its entries in dontdiff and kconfig's .gitignore file too.
Signed-off-by: Paul Bolle <pebolle@tiscali.nl>
Signed-off-by: Michal Marek <mmarek@suse.cz>
The mach entry in the dontdiff file causes all the
arch/arm/mach-*/include/mach directories to be skipped.
Signed-off-by: H Hartley Sweeten <hsweeten@visionengravers.com>
Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Remove last traces of our kerntypes patch which was always an addon
patch which never got upstream. Somehow a few bits got upstream
anyway.
Since kerntypes aren't used anymore and lcrash isn't maintained (for
s390 at least) remove the last traces of kerntypes that somehow went
upstream. Also remove the documentation that mentions lcrash.
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
v2, updated based on comments from Joe and Paul.
Update to Documentation/dontdiff, based on many updates to
various .gitignore patches over the last 2 years.
Initially begun by Michael Prokop <mika@grml.org>, with lots of
changes by Randy Dunlap.
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Cc: Michael Prokop <mika@grml.org>
Cc: Joe Perches <joe@perches.com>
Cc: Paul Mundt <lethal@linux-sh.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Mainly resulting from (but not limited to) autogenerated files of
lib/raid6 and drivers/gpu/drm/radeon. List generated as result of
a diff of a clean 2.6.36 tree against a built one.
Signed-off-by: Michael Prokop <mika@grml.org>
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
We move more and more stuff to include/generated - so lets ignore the
content for users of plain diff.
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
The SELinux dynamic class work in c6d3aaa4e3
creates a number of dynamic header files and scripts. Add .gitignore files
so git doesn't complain about these.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen D. Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
I've rewritten the extract-ikconfig script to extract the kernel
configuration from a kernel compiled with CONFIG_IKCONFIG. The main
motivation for the rewrite was to remove the dependency on the
external C program binoffset.c, which is compiled on the initial run.
The binoffset executable is invoked with a relative path, which means
that the old script can only be run from the top of the kernel tree,
and only when you have write permission in the scripts directory.
The new script uses tr/grep/tail/zcat only, and can be invoked from
anywhere. The binoffset.c program has been removed. This script
requires GNU grep 2.5 (released 2002-03-13) or higher, because the -o
option was introduced in that version.
Signed-off-by: Dick Streefland <dick@streefland.net>
LKML-Reference: <20091006203540.GA14634@streefland.net>
Tested-by: Steven Rostedt <rostedt@goodmis.org>
Cc: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
Many years ago when this driver was written, it had a use, but these
days it's nothing but trouble and distributions should not enable it
in any situation.
Pretty much every console device a sparc machine could see has a
bonafide real driver, making the PROM console hack unnecessary.
If any new device shows up, we should write a driver instead of
depending upon this crutch to save us. We've been able to take care
of this even when no chip documentation exists (sunxvr500, sunxvr2500)
so there are no excuses.
Signed-off-by: David S. Miller <davem@davemloft.net>
Now that the headers are in arch/foo/include/asm we don't want to exclude
them when preparing diff files.
Closes-bug: 12921
Signed-off-by: Alan Cox <alan@lxorguk.ukuu.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
defkeymap.c_shipped should be diffed if it is changed.
Reported-by: Mike Galbraith <efault@gmx.de>
COPYING, CREDITS, .mailmap should be diffed if they are changed.
keywords.c_shipped & lex.c_shipped should be diffed when changed.
parse.[ch]_shipped should be diffed when changed.
Reported-by: Sam Ravnborg <sam@ravnborg.org>
vsyscall* updates from a .gitignore patch by "Denis V. Lunev" <den@openvz.org>.
*.so.dbg from a .gitignore patch by Thomas Gleixner <tglx@linutronix.de>.
binoffset from a .gitignore patch by Uwe Kleine-Koenig
<Uwe.Kleine-Koenig@digi.com>.
Module.markers from a .gitignore patch by Matthew Wilcox
<willy@linux.intel.com>.
vmlinux*.lds* should be diffed if changed.
Reported-by: Etienne Lorrain <etienne_lorrain@yahoo.fr>
vmlinux.lds from a .gitignore patch by Daniel Guilak
<daniel@danielguilak.com>.
*.scr should be diffed if changed.
Lots of updates from http://lkml.org/lkml/2008/5/20/32 Reported-by: Bart
Van Assche <bart.vanassche@gmail.com>
Use ncscope.* instead of *cscope* since the latter may catch too many files.
Add *.elf, from a .gitignore patch by Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>.
Make firmware entries match .gitignore entries.
Make some entries less greedy by removing trailing '*'.
Remove "make_times_h" (no such file).
Remove "filelist" (no such file).
Remove "dummy_sym.c" (no such file).
Remove "gen-kdb_cmds.c" (no such file).
Remove "gentbl" (no such file).
Remove "kconfig.tk" (no such file).
Remove "tkparse" (no such file).
Remove "sim710_d.h" (no such file).
Remove "53c8xx_d.h" (no such file).
Add "syscalltab.h" (generated file).
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
With the new firmware infrastructure in 2.6.27, some files are generated and shouldn't be
diffed; add these 2 to the "dontdiff" file
Signed-off-by: Arjan van de Ven <arjan@Linux.intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Ignore the autobuilt kernel/timeconst.h when
using diff on an built kernel tree.
Signed-off-by: Ben Dooks <ben-linux@fluff.org>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
Add modules.order to the list of files that
shoud be ignored when using diff on a built
kernel tree.
Signed-off-by: Ben Dooks <ben-linux@fluff.org>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
Remove BitKeeper from dontdiff. Point to the klibc git repository
instead of old BitKeeper ones.
Signed-off-by: Cyril Brulebois <cyril.brulebois@kerlabs.com>
Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
This patch does some additional cleanups after the 53c7xx removal.
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Acked-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Update dontdiff, based on .gitignore patches from Pete Zaitcev and Adrian
Bunk.
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Cc: Pete Zaitcev <zaitcev@redhat.com>
Cc: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Remove the old-fashioned lk201 driver under drivers/tc/ that used to be
used by the old dz.c and zs.c drivers, which is now orphan code referred to
from nowhere and does not build anymore. A modern replacement is available
as drivers/input/keyboard/lkkbd.c.
There are no plans to do anything about this piece of code and it does not
fit anywhere anymore, so it is not just a matter of maintenance or the lack
of. There are still some bits that might be added to the new lkkbd.c
driver based on the old code, and the embedded hardware documentation which
is otherwise quite hard to get hold of might be useful to keep too. Both
of these can be done separately though. RIP.
Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org>
Acked-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Updates based on recent .gitignore updates:
*.o.*: Says Alexey Dobriyan:
These are presumably temporary gcc files, which aren't interesting.
setup.bin, setup.elf: new x86 boot code files (from Matthew Wilcox)
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Update dontdiff file by adding entries from many .gitignore files.
Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
We seem to use both asm-offsets.* and asm_offsets.*
Signed-off-by: Michal K. K. Piotrowski <michal.k.k.piotrowski@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Patch from Michael Burian
This file is maintained by RMK's machine registry, it should not be patched.
Signed-off-by: Michael Burian <dynmail1@gassner-waagen.at>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Patch from Michael Burian
comment in "mach-types.h" tells that it should not be patched
"Image" is a binary, just as zImage, uImage and friends are
Signed-off-by: Michael Burian <dynmail1@gassner-waagen.at>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
include/asm/offset.h is a generated file on x86_64 and mips. Let's add it
to Documentation/dontdiff.
Signed-off-by: Michal Schmidt <xschmi00@stud.feec.vutbr.cz>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Additions to the dontdiff list.
Signed-off-by: Matt Porter <mporter@kernel.crashing.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Documentation/dontdiff is a little messy. Here is a patch to sort the
content of that file in alphabetical
Signed-off-by: Nguyen Anh Quynh <aquynh@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Add a current 'dontdiff' file for use with 'diff -X dontdiff'.
Signed-off-by: Randy Dunlap <rddunlap@osdl.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>