Age | Commit message (Collapse) | Author | Files | Lines |
|
git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux
Pull module update from Rusty Russell:
"Nothing all that exciting; a new module-from-fd syscall for those who
want to verify the source of the module (ChromeOS) and/or use standard
IMA on it or other security hooks."
* tag 'modules-next-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux:
MODSIGN: Fix kbuild output when using default extra_certificates
MODSIGN: Avoid using .incbin in C source
modules: don't hand 0 to vmalloc.
module: Remove a extra null character at the top of module->strtab.
ASN.1: Use the ASN1_LONG_TAG and ASN1_INDEFINITE_LENGTH constants
ASN.1: Define indefinite length marker constant
moduleparam: use __UNIQUE_ID()
__UNIQUE_ID()
MODSIGN: Add modules_sign make target
powerpc: add finit_module syscall.
ima: support new kernel module syscall
add finit_module syscall to asm-generic
ARM: add finit_module syscall to ARM
security: introduce kernel_module_from_file hook
module: add flags arg to sys_finit_module()
module: add syscall to load module from fd
|
|
Ensure that calls to d_find_alias() have a corresponding dput().
Signed-off-by: Cyril Roelandt <tipecaml@gmail.com>
Cc: Julia Lawall <Julia.Lawall@lip6.fr>
Cc: Gilles Muller <Gilles.Muller@lip6.fr>
Cc: Nicolas Palix <nicolas.palix@imag.fr>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Store the camelcase variables in a hash and only emit a warning on the
first use of each new variable.
Signed-off-by: Joe Perches <joe@perches.com>
Cc: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Even though the kernel doesn't support using floating point constants,
add a regex for them.
Support forms like: 0x123p1, 123e-1, 1.23, 1.5e23f
Signed-off-by: Joe Perches <joe@perches.com>
Cc: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Hexadecimal values are current found in 2 parts. A hex constant like
0x123456abcdef is found as 0 and then x123456abcdef and later coalesced.
Instead, reverse the order of the 2 searches in $Constant to find 0x
first, then 0 so that the entire hex constant is found all at once.
Signed-off-by: Joe Perches <joe@perches.com>
Cc: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
switch default case is sometimes written as "default:;". This can cause
new cases added below the default to be defective.
Suggest adding a break; after empty default cases to avoid fallthrough
defects.
Fixed indentation in the other semicolon test above it.
Suggested-by: Peter Senna Tschudin <peter.senna@gmail.com>
Signed-off-by: Joe Perches <joe@perches.com>
Cc: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
spinlock_t should always be used.
Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: "Luis R. Rodriguez" <mcgrof@do-not-panic.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Blank lines around braces are not unnecessary. Emit a message on the use
of these blank lines only when using --strict.
int foo(int bar)
{
something or other....
}
is generally written in the kernel as:
int foo(int bar)
{
something or other...
}
Signed-off-by: Joe Perches <joe@perches.com>
Cc: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Preprocessor directives and asm statements should be allowed to have a
line continuation.
Signed-off-by: Joe Perches <joe@perches.com>
Tested-by: Jingoo Han <jg1.han@samsung.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Some projects might want a longer line length so allow a command line
--max-line-length=n control over the long line warnings. The default line
length is 80.
Signed-off-by: Joe Perches <joe@perches.com>
Cc: Constantine Shulyupin <const@makelinux.com>
Cc: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Consolidate the if (foo) bar(foo) detectors into a single check. Add
debugfs_remove and family.
Based on a patch by Constantine Shulyupin.
Signed-off-by: Andy Whitcroft <apw@canonical.com>
Cc: Constantine Shulyupin <const@MakeLinux.com>.
Cc: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
In commit 9c0ece069b32 ("Get rid of Documentation/feature-removal.txt"),
Linus removes feature-removal-schedule.txt from Documentation, but there
is still some reference to this file. So remove them.
Signed-off-by: Tao Ma <boyu.mt@taobao.com>
Acked-by: Andy Whitcroft <apw@canonical.com>
Cc: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
This config item has not carried much meaning for a while now and is
almost always enabled by default. As agreed during the Linux kernel
summit, it is being removed. This will discourage future addition of
CONFIG_EXPERIMENTAL while it is being phased out.
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Andy Whitcroft <apw@canonical.com>
Cc: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
When the previous line is not a line continuation and the current line has
a line continuation but is not a #define, emit a warning.
Signed-off-by: Joe Perches <joe@perches.com>
Cc: Peter Hurley <peter@hurleysoftware.com>
Cc: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
If CONFIG_MODULE_SIG is set, and 'make modules_sign' is called then this
patch will cause the modules to get a signature appended. The make target
is intended to be run after 'make modules_install', and will modify the
modules in-place in the installed location. It can be used to produce
signed modules after they have been processed by distribution build
scripts.
Signed-off-by: Josh Boyer <jwboyer@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (minor typo fix)
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
Pull trivial branch from Jiri Kosina:
"Usual stuff -- comment/printk typo fixes, documentation updates, dead
code elimination."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (39 commits)
HOWTO: fix double words typo
x86 mtrr: fix comment typo in mtrr_bp_init
propagate name change to comments in kernel source
doc: Update the name of profiling based on sysfs
treewide: Fix typos in various drivers
treewide: Fix typos in various Kconfig
wireless: mwifiex: Fix typo in wireless/mwifiex driver
messages: i2o: Fix typo in messages/i2o
scripts/kernel-doc: check that non-void fcts describe their return value
Kernel-doc: Convention: Use a "Return" section to describe return values
radeon: Fix typo and copy/paste error in comments
doc: Remove unnecessary declarations from Documentation/accounting/getdelays.c
various: Fix spelling of "asynchronous" in comments.
Fix misspellings of "whether" in comments.
eisa: Fix spelling of "asynchronous".
various: Fix spelling of "registered" in comments.
doc: fix quite a few typos within Documentation
target: iscsi: fix comment typos in target/iscsi drivers
treewide: fix typo of "suport" in various comments and Kconfig
treewide: fix typo of "suppport" in various comments
...
|
|
Pull ARM updates from Russell King:
"Here's the updates for ARM for this merge window, which cover quite a
variety of areas.
There's a bunch of patch series from Will tackling various bugs like
the PROT_NONE handling, ASID allocation, cluster boot protocol and
ASID TLB tagging updates.
We move to a build-time sorted exception table rather than doing the
sorting at run-time, add support for the secure computing filter, and
some updates to the perf code. We also have sorted out the placement
of some headers, fixed some build warnings, fixed some hotplug
problems with the per-cpu TWD code."
* 'for-linus' of git://git.linaro.org/people/rmk/linux-arm: (73 commits)
ARM: 7594/1: Add .smp entry for REALVIEW_EB
ARM: 7599/1: head: Remove boot-time HYP mode check for v5 and below
ARM: 7598/1: net: bpf_jit_32: fix sp-relative load/stores offsets.
ARM: 7595/1: syscall: rework ordering in syscall_trace_exit
ARM: 7596/1: mmci: replace readsl/writesl with ioread32_rep/iowrite32_rep
ARM: 7597/1: net: bpf_jit_32: fix kzalloc gfp/size mismatch.
ARM: 7593/1: nommu: do not enable DCACHE_WORD_ACCESS when !CONFIG_MMU
ARM: 7592/1: nommu: prevent generation of kernel unaligned memory accesses
ARM: 7591/1: nommu: Enable the strict alignment (CR_A) bit only if ARCH < v6
ARM: 7590/1: /proc/interrupts: limit the display of IPIs to online CPUs only
ARM: 7587/1: implement optimized percpu variable access
ARM: 7589/1: integrator: pass the lm resource to amba
ARM: 7588/1: amba: create a resource parent registrator
ARM: 7582/2: rename kvm_seq to vmalloc_seq so to avoid confusion with KVM
ARM: 7585/1: kernel: fix nr_cpu_ids check in DT logical map init
ARM: 7584/1: perf: fix link error when CONFIG_HW_PERF_EVENTS is not selected
ARM: gic: use a private mapping for CPU target interfaces
ARM: kernel: add logical mappings look-up
ARM: kernel: add cpu logical map DT init in setup_arch
ARM: kernel: add device tree init map function
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
Pull driver core updates from Greg Kroah-Hartman:
"Here's the large driver core updates for 3.8-rc1.
The biggest thing here is the various __dev* marking removals. This
is going to be a pain for the merge with different subsystem trees, I
know, but all of the patches included here have been ACKed by their
various subsystem maintainers, as they wanted them to go through here.
If this is too much of a pain, I can pull all of them out of this tree
and just send you one with the other fixes/updates and then, after
3.8-rc1 is out, do the rest of the removals to ensure we catch them
all, it's up to you. The merges should all be trivial, and Stephen
has been doing them all in linux-next for a few weeks now quite
easily.
Other than the __dev* marking removals, there's nothing major here,
some firmware loading updates and other minor things in the driver
core.
All of these have (much to Stephen's annoyance), been in linux-next
for a while.
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>"
Fixed up trivial conflicts in drivers/gpio/gpio-{em,stmpe}.c due to gpio
update.
* tag 'driver-core-3.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: (93 commits)
modpost.c: Stop checking __dev* section mismatches
init.h: Remove __dev* sections from the kernel
acpi: remove use of __devinit
PCI: Remove __dev* markings
PCI: Always build setup-bus when PCI is enabled
PCI: Move pci_uevent into pci-driver.c
PCI: Remove CONFIG_HOTPLUG ifdefs
unicore32/PCI: Remove CONFIG_HOTPLUG ifdefs
sh/PCI: Remove CONFIG_HOTPLUG ifdefs
powerpc/PCI: Remove CONFIG_HOTPLUG ifdefs
mips/PCI: Remove CONFIG_HOTPLUG ifdefs
microblaze/PCI: Remove CONFIG_HOTPLUG ifdefs
dma: remove use of __devinit
dma: remove use of __devexit_p
firewire: remove use of __devinitdata
firewire: remove use of __devinit
leds: remove use of __devexit
leds: remove use of __devinit
leds: remove use of __devexit_p
mmc: remove use of __devexit
...
|
|
Pull device tree changes from Grant Likely:
"Here are the DT changes I've got queued up for v3.8. As described
below, there are a lot of bug fixes here and documentation updates but
nothing major:
Bug fixes, little cleanups, and documentation changes. The most
invasive thing here touches a bunch of the arch directories to use a
common build rule for .dtb files. There are no major changes to
functionality here other than a few new helper functions."
* tag 'devicetree-for-linus' of git://git.secretlab.ca/git/linux-2.6: (34 commits)
arm64: Fix the dtbs target building
mtd: nand: davinci: fix the binding documentation
rtc: rtc-mv: Add the device tree binding documentation
devicetree/bindings: Move gpio-leds binding into leds directory
of/vendor-prefixes: add Imagination Technologies
microblaze: use new common dtc rule
c6x: use new common dtc rule
openrisc: use new common dtc rule
arm64: Add dtbs target for building all the enabled dtb files
arm64: use new common dtc rule
ARM: dt: change .dtb build rules to build in dts directory
kbuild: centralize .dts->.dtb rule
Fix build when CONFIG_W1_MASTER_GPIO=m b exporting "allnodes"
of/spi: Honour "status=disabled" property of device
of_mdio: Honour "status=disabled" property of device
of_i2c: Honour "status=disabled" property of device
powerpc: Fix fallout from device_node->name constification
of: add 'const' for of_parse_phandle parameter *np
Documentation: correct of_platform_populate() argument list
script: dtc: clean generated files
...
|
|
'warnings' into for-next
|
|
Now that the __dev* sections are not being generated, we don't need to
check for them in modpost.c.
Acked-by: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
All architectures that use cmd_dtc do so in almost the same way. Create
a central build rule to avoid duplication. The one difference is that
most current uses of dtc build $(obj)/%.dtb from $(src)/dts/%.dts rather
than building the .dtb in the same directory as the .dts file. This
difference will be eliminated arch-by-arch in future patches.
MIPS is the exception here; it already uses the exact same rule as the
new common rule, so the duplicate is removed in this patch to avoid any
conflict. arch/mips changes courtesy of Ralf Baechle.
Update Documentation/kbuild to remove the explicit call to cmd_dtc from
the example, now that the rule exists in a centralized location.
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: linux-arm-kernel@lists.infradead.org
Cc: Olof Johansson <olof@lixom.net>
Cc: Russell King <linux@arm.linux.org.uk>
Acked-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: Jonas Bonn <jonas@southpole.se>
Cc: linux@lists.openrisc.net
Cc: Aurelien Jacquiot <a-jacquiot@ti.com>
Cc: linux-c6x-dev@linux-c6x.org
Cc: Mark Salter <msalter@redhat.com>
Cc: Michal Simek <monstr@monstr.eu>
Cc: microblaze-uclinux@itee.uq.edu.au
Cc: Chris Zankel <chris@zankel.net>
Cc: linux-xtensa@linux-xtensa.org
Cc: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: Rob Herring <rob.herring@calxeda.com>
|
|
If a function has a return value, but its kernel-doc comment doesn't contain a
"Return" section, then emit the following warning:
Warning(file.h:129): No description found for return value of 'fct'
Note: This check emits a lot of warnings at the moment, because many functions
don't have a 'Return' doc section. So until the number of warnings goes
sufficiently down, the check is only performed in verbose mode.
Signed-off-by: Yacine Belkadi <yacine.belkadi.1@gmail.com>
Signed-off-by: Rob Landley <rob@landley.net>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
|
|
Strip the _UAPI prefix from header guards during header installation so
that any userspace dependencies aren't affected. glibc, for example,
checks for linux/types.h, linux/kernel.h, linux/compiler.h and
linux/list.h by their guards - though the last two aren't actually
exported.
libtool: compile: gcc -std=gnu99 -DHAVE_CONFIG_H -I. -Wall -Werror -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -fno-delete-null-pointer-checks -fstack-protector -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -c child.c -fPIC -DPIC -o .libs/child.o
In file included from cli.c:20:0:
common.h:152:8: error: redefinition of 'struct sysinfo'
In file included from /usr/include/linux/kernel.h:4:0,
from /usr/include/linux/sysctl.h:25,
from /usr/include/sys/sysctl.h:43,
from common.h:50,
from cli.c:20:
/usr/include/linux/sysinfo.h:7:8: note: originally defined here
Reported-by: Tomasz Torcz <tomek@pipebreaker.pl>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Josh Boyer <jwboyer@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
There have the following warning message when running modules install
for sign ko files:
# make modules_install
...
INSTALL drivers/input/touchscreen/pcap_ts.ko
Found = in conditional, should be == at scripts/sign-file line 164.
Found = in conditional, should be == at scripts/sign-file line 161.
Found = in conditional, should be == at scripts/sign-file line 159.
This patch change replace '=' by '==' in elsif conditions for avoid the
above warning messages.
Signed-off-by: Chun-Yi Lee <jlee@suse.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Fix "make distclean" to clean up generated dtc files.
Without this patch the following files are left around:
- dtc-lexer.lex.c
- dtc-parser.tab.c
- dtc-parser.tab.h
Signed-off-by: Magnus Damm <damm@opensource.se>
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Grant Likely <grant.likely@secretlab.ca>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild
Pull menuconfig portability fix from Michal Marek:
"Here is a fix for v3.7 that makes menuconfig compile again on systems
whose C library is lacking CIRCLEQ_* macros. I thought I sent it
earlier, but apparently I did not."
* 'rc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
menuconfig: Replace CIRCLEQ by list_head-style lists.
|
|
Merge misc fixes from Andrew Morton:
"Five fixes"
* emailed patches from Andrew Morton <akpm@linux-foundation.org>: (5 patches)
h8300: add missing L1_CACHE_SHIFT
mm: bugfix: set current->reclaim_state to NULL while returning from kswapd()
fanotify: fix missing break
revert "epoll: support for disabling items, and a self-test app"
checkpatch: improve network block comment style checking
|
|
Some comment styles in net and drivers/net are flagged inappropriately.
Avoid proclaiming inline comments like:
int a = b; /* some comment */
and block comments like:
/*********************
* some comment
********************/
are defective.
Tested with
$ cat drivers/net/t.c
/* foo */
/*
* foo
*/
/* foo
*/
/* foo
* bar */
/****************************
* some long block comment
***************************/
struct foo {
int bar; /* another test */
};
$
Signed-off-by: Joe Perches <joe@perches.com>
Reported-by: Larry Finger <Larry.Finger@lwfinger.net>
Cc: David Miller <davem@davemloft.net>
Cc: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
The script still spits out an error ("Can't read private key") but we
don't break modules_install.
Reported-by: Bruno Wolff III <bruno@wolff.to>
Original-patch-by: Josh Boyer <jwboyer@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Add the ARM machine identifier to sortextable and select the
config option so that we can sort the exception table at compile
time. sortextable relies on a section named __ex_table existing
in the vmlinux, but ARM's linker script places the exception
table in the data section. Give the exception table its own
section so that sortextable can find it.
This allows us to skip the sorting step during boot.
Cc: David Daney <david.daney@cavium.com>
Signed-off-by: Stephen Boyd <sboyd@codeaurora.org>
Tested-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|
sys/queue.h and CIRCLEQ in particular have proven to cause portability
problems (reported on Debian Sarge, Cygwin and FreeBSD)
Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Tested-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Tested-by: Yaakov Selkowitz <yselkowitz@users.sourceforge.net>
Signed-off-by: Benjamin Poirier <bpoirier@suse.de>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
|
Emit the magic string that indicates a module has a signature after the
signature data instead of before it. This allows module_sig_check() to
be made simpler and faster by the elimination of the search for the
magic string. Instead we just need to do a single memcmp().
This works because at the end of the signature data there is the
fixed-length signature information block. This block then falls
immediately prior to the magic number.
From the contents of the information block, it is trivial to calculate
the size of the signature data and thus the size of the actual module
data.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Turn sign-file into perl and merge in x509keyid. The latter doesn't
need to be a separate script as it doesn't actually need to work out the
SHA1 sum of the X.509 certificate itself, since it can get that from the
X.509 certificate.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Rusty had clearly not actually tested his module signing changes that I
(trustingly) applied as commit e2a666d52b48 ("kbuild: sign the modules
at install time"). That commit had multiple bugs:
- using "${#VARIABLE}" to get the number of characters in a shell
variable may look clever, but it's locale-dependent: it returns the
number of *characters*, not bytes. And we do need bytes.
So don't use "${#..}" expansion, do the stupid "wc -c" thing instead
(where "c" stands for "bytes", not "characters", despite the letter.
- Rusty had confused "siglen" and "signerlen", and his conversion
didn't set "signerlen" at all, and incorrectly set "siglen" to the
size of the signer, not the size of the signature.
End result: the modified sign-file script did create something that
superficially *looked* like a signature, but didn't actually work at
all, and would fail the signature check. Oops.
Tssk, tssk, Rusty.
But Rusty was definitely right that this whole thing should be rewritten
in perl by somebody who has the perl-fu to do so. That is not me,
though - I'm just doing an emergency fix for the shell script.
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Linus deleted the old code and put signing on the install command,
I fixed it to extract the keyid and signer-name within sign-file
and cleaned up that script now it always signs in-place.
Some enthusiast should convert sign-key to perl and pull
x509keyid into it.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Pull DeviceTree fixes from Rob Herring:
"A handful of fixes:
- a fix for dtc from upstream
- sparse fixes in DeviceTree code
- stub of_get_child_by_name for !OF builds"
* tag 'dt-fixes-for-3.7' of git://sources.calxeda.com/kernel/linux:
dtc: fix for_each_*() to skip first object if deleted
of/platform: sparse fix
of/irq: sparse fixes
of/address: sparse fixes
of: add stub of_get_child_by_name for non-OF builds
|
|
The previous definition of for_each_*() would always include the very
first object within the list, irrespective of whether it was marked
deleted, since the deleted flag was not checked on the first object,
but only on any "next" object.
Fix for_each_*() to check the deleted flag in the loop body every
iteration to correct this.
(upstream dtc commit 1762ab42ef77db7ab2776d0d6cba3515150f518a)
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: Rob Herring <rob.herring@calxeda.com>
|
|
Several arch/*/include/uapi/asm/* header simply include the
corresponding <asm-generic/*> file. This patch allows such files to be
specified in uapi/asm/Kbuild via "generic-y += ..." to be automatically
generated (similar to asm/Kbuild).
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Cc: Michal Marek <mmarek@suse.cz>
Cc: Arnd Bergmann <arnd@arndb.de>
|
|
Commit fe04ddf7c291 ("kbuild: Do not package /boot and /lib in make
tar-pkg") accidentally reverted two previous kbuild commits. I don't
know what I was thinking.
This brings back changes made by commits 24cc7fb69a5b ("x86/kbuild:
archscripts depends on scripts_basic") and c1c1a59e37da ("firmware: fix
directory creation rule matching with make 3.80")
Reported-by: Jan Beulich <JBeulich@suse.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux
Pull module signing support from Rusty Russell:
"module signing is the highlight, but it's an all-over David Howells frenzy..."
Hmm "Magrathea: Glacier signing key". Somebody has been reading too much HHGTTG.
* 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux: (37 commits)
X.509: Fix indefinite length element skip error handling
X.509: Convert some printk calls to pr_devel
asymmetric keys: fix printk format warning
MODSIGN: Fix 32-bit overflow in X.509 certificate validity date checking
MODSIGN: Make mrproper should remove generated files.
MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs
MODSIGN: Use the same digest for the autogen key sig as for the module sig
MODSIGN: Sign modules during the build process
MODSIGN: Provide a script for generating a key ID from an X.509 cert
MODSIGN: Implement module signature checking
MODSIGN: Provide module signing public keys to the kernel
MODSIGN: Automatically generate module signing keys if missing
MODSIGN: Provide Kconfig options
MODSIGN: Provide gitignore and make clean rules for extra files
MODSIGN: Add FIPS policy
module: signature checking hook
X.509: Add a crypto key parser for binary (DER) X.509 certificates
MPILIB: Provide a function to read raw data into an MPI
X.509: Add an ASN.1 decoder
X.509: Add simple ASN.1 grammar compiler
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild
Pull kbuild misc changes from Michal Marek:
"In the non-critical part of kbuild, I have
- Some make coccicheck improvements and two new tests
- Support for a cleaner html output in scripts/kernel-doc, named
html5 (no, it does not play videos, yet)
BTW, Randy wants to route further kernel-doc patches through the
kbuild tree."
* 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
Update SmPL/Coccinelle section of MAINTAINERS
coccicheck: Add the rep+ctxt mode
scripts/coccinelle/tests/odd_ptr_err.cocci: semantic patch for IS_ERR/PTR_ERR inconsistency
scripts/tags.sh: Add magic for pci access functions
scripts/coccinelle: ptr_ret: Add ternary operator version
scripts/kernel-doc: drop maintainer
scripts/kernel-doc: added support for html5
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild
Pull kconfig changes from Michal Marek:
"kconfig in v3.7 is going to
- initialize ncurses only once in menuconfig
- be able to jump to a search result in menuconfig
- change the misnomer oldnoconfig to a more meaningful name
olddefconfig, keeping the old name as alias"
* 'kconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
kconfig: replace 'oldnoconfig' with 'olddefconfig', and keep the old name as an alias
menuconfig: Assign jump keys per-page instead of globally
menuconfig: Do not open code textbox scroll up/down
menuconfig: Add jump keys to search results
menuconfig: Extend dialog_textbox so that it can return to a scrolled position
menuconfig: Extend dialog_textbox so that it can exit on arbitrary keypresses
menuconfig: Remove superfluous conditionnal
kconfig: document oldnoconfig to what it really does in conf.c
kconfig/mconf.c: revision of curses initialization.
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild
Pull kbuild changes from Michal Marek:
"The main part of kbuild for v3.7 contains:
- Fix for scripts/Makefile.modpost to not choke on a '.ko' substring
in the build directory path
- Two warning fixes (modpost and main Makefile)
- __compiletime_error works also with gcc 4.3
- make tar{gz,bz2,xz}-pkg uses default compression settings instead
of saving as many bytes as possible (this should actually be in the
misc branch, I don't know why I applied it here)."
* 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
compiler-gcc4.h: correct verion check for __compiletime_error
modpost: Permit .GCC.command.line sections
Kbuild: use normal compression settings for tar*-pkg
scripts/Makefile.modpost: error in finding modules from .mod files.
kbuild: Remove useless warning while appending KCFLAGS
|
|
Allow .GCC.command.line sections in modules to prevent modpost warnings:
WARNING: sound/usb/snd-usbmidi-lib.o (.GCC.command.line): unexpected non-allocatable section.
Did you forget to use "ax"/"aw" in a .S file?
Note that for example <linux/init.h> contains
section definitions for use in .S files.
Signed-off-by: Jonathan Kliegman <kliegs@chromium.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
|
This adds a 'rep+ctxt' mode which prints the warning
message followed by the context.
Signed-off-by: Nicolas Palix <nicolas.palix@imag.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
|
IS_ERR/PTR_ERR inconsistency
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
|
If CONFIG_MODULE_SIG is set, then this patch will cause all modules files to
to have signatures added. The following steps will occur:
(1) The module will be linked to foo.ko.unsigned instead of foo.ko
(2) The module will be stripped using both "strip -x -g" and "eu-strip" to
ensure minimal size for inclusion in an initramfs.
(3) The signature will be generated on the stripped module.
(4) The signature will be appended to the module, along with some information
about the signature and a magic string that indicates the presence of the
signature.
Step (3) requires private and public keys to be available. By default these
are expected to be found in files:
signing_key.priv
signing_key.x509
in the base directory of the build. The first is the private key in PEM form
and the second is the X.509 certificate in DER form as can be generated from
openssl:
openssl req \
-new -x509 -outform PEM -out signing_key.x509 \
-keyout signing_key.priv -nodes \
-subj "/CN=H2G2/O=Magrathea/CN=Slartibartfast"
If the secret key is not found then signing will be skipped and the unsigned
module from (1) will just be copied to foo.ko.
If signing occurs, lines like the following will be seen:
LD [M] fs/foo/foo.ko.unsigned
STRIP [M] fs/foo/foo.ko.stripped
SIGN [M] fs/foo/foo.ko
will appear in the build log. If the signature step will be skipped and the
following will be seen:
LD [M] fs/foo/foo.ko.unsigned
STRIP [M] fs/foo/foo.ko.stripped
NO SIGN [M] fs/foo/foo.ko
NOTE! After the signature step, the signed module _must_not_ be passed through
strip. The unstripped, unsigned module is still available at the name on the
LD [M] line. This restriction may affect packaging tools (such as rpmbuild)
and initramfs composition tools.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Provide a script to parse an X.509 certificate and certain pieces of
information from it in order to generate a key identifier to be included within
a module signature.
The script takes the Subject Name and extracts (if present) the
organizationName (O), the commonName (CN) and the emailAddress and fabricates
the signer's name from them:
(1) If both O and CN exist, then the name will be "O: CN", unless:
(a) CN is prefixed by O, in which case only CN is used.
(b) CN and O share at least the first 7 characters, in which case only CN
is used.
(2) Otherwise, CN is used if present.
(3) Otherwise, O is used if present.
(4) Otherwise the emailAddress is used, if present.
(5) Otherwise a blank name is used.
The script emits a binary encoded identifier in the following form:
- 2 BE bytes indicating the length of the signer's name.
- 2 BE bytes indicating the length of the subject key identifier.
- The characters of the signer's name.
- The bytes of the subject key identifier.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
|
|
Pull Xtensa patchset from Chris Zankel:
"The Xtensa tree has been broken for some time now, and this patchset
brings it back to life. It has been part of the linux-next tree for
some time.
Most changes are inside the xtensa subdirectory; the other changes
mostly add another rule to already existing #ifdefs to exclude Xtensa,
where required. The only 'common' change is to add two more sections
('.xt.prop' and '.xt.lit') to the white list in modpost."
* tag 'xtensa-next-20121008' of git://github.com/czankel/xtensa-linux: (27 commits)
xtensa: Setup CROSS_COMPILE at the top
xtensa: drop CONFIG_EMBEDDED_RAMDISK
xtensa: fix TIOCGSERIAL and TIOCSSERIAL definitions
xtensa: provide dummy gcc intrinsics
xtensa: add missing symbol exports
parport: disable for xtensa arch
xtensa: rename MISC SR definition to avoid name clashes
hisax: disable build for big-endian xtensa
xtensa: fix CODA build
xtensa: fix parallel make
xtensa: ISS: drop unused io.c
xtensa: ISS: exit simulator in case of halt or poweroff
xtensa: ISS: change keyboard polling rate
xtensa: ISS: add platform_pcibios_init
xtensa: ISS: add dummy serial.h for ISS platform
xtensa: change default platform clock frequency to 10MHz
xtensa: add ARCH_WANT_OPTIONAL_GPIOLIB to xtensa config
xtensa: set NO_IOPORT to 'n' by default
xtensa: adopt generic io routines
xtensa: fix ioremap
...
|