From e37c1877ba5b17d4251e1688449f8d43fc090802 Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Thu, 21 Feb 2019 16:31:47 -0500 Subject: scripts/selinux: modernize mdp Derived in part from a patch by Dominick Grift. The MDP example no longer works on modern systems. Fix it. While we are at it, add MLS support and enable it. NB This still does not work on systems using dbus-daemon instead of dbus-broker because dbus-daemon does not yet gracefully handle unknown classes/permissions. This appears to be a deficiency in libselinux's selinux_set_mapping() interface and underlying implementation, which was never fully updated to deal with unknown classes/permissions unlike the kernel. The same problem also occurs with XSELinux. Programs that instead use selinux_check_access() like dbus-broker should not have this problem. Changes to mdp: Add support for devtmpfs, required by modern Linux distributions. Add MLS support, with sample sensitivities, categories, and constraints. Generate fs_use and genfscon rules based on kernel configuration. Update list of filesystem types for fs_use and genfscon rules. Use object_r for object contexts. Changes to install_policy.sh: Bail immediately on any errors. Provide more helpful error messages when unable to find userspace tools. Refuse to run if SELinux is already enabled. Unconditionally move aside /etc/selinux/config and create a new one. Build policy with -U allow so that userspace object managers do not break. Build policy with MLS enabled by default. Create seusers, failsafe_context, and default_contexts for use by pam_selinux / libselinux. Create x_contexts for the SELinux X extension. Create virtual_domain_context and virtual_image_context for libvirtd. Set to permissive mode rather than enforcing to permit initial autorelabel. Update the list of filesystem types to be relabeled. Write -F to /.autorelabel to cause a forced autorelabel on reboot. Drop broken attempt to relabel the /dev mountpoint directory. Signed-off-by: Stephen Smalley Acked-by: Dominick Grift Signed-off-by: Paul Moore --- scripts/selinux/install_policy.sh | 92 ++++++++++++--------- scripts/selinux/mdp/mdp.c | 165 ++++++++++++++++++++++++++++++++------ 2 files changed, 194 insertions(+), 63 deletions(-) (limited to 'scripts') diff --git a/scripts/selinux/install_policy.sh b/scripts/selinux/install_policy.sh index 0b86c47baf7d..2dccf141241d 100755 --- a/scripts/selinux/install_policy.sh +++ b/scripts/selinux/install_policy.sh @@ -1,30 +1,61 @@ #!/bin/sh # SPDX-License-Identifier: GPL-2.0 +set -e if [ `id -u` -ne 0 ]; then echo "$0: must be root to install the selinux policy" exit 1 fi + SF=`which setfiles` if [ $? -eq 1 ]; then - if [ -f /sbin/setfiles ]; then - SF="/usr/setfiles" - else - echo "no selinux tools installed: setfiles" - exit 1 - fi + echo "Could not find setfiles" + echo "Do you have policycoreutils installed?" + exit 1 fi -cd mdp - CP=`which checkpolicy` +if [ $? -eq 1 ]; then + echo "Could not find checkpolicy" + echo "Do you have checkpolicy installed?" + exit 1 +fi VERS=`$CP -V | awk '{print $1}'` -./mdp policy.conf file_contexts -$CP -o policy.$VERS policy.conf +ENABLED=`which selinuxenabled` +if [ $? -eq 1 ]; then + echo "Could not find selinuxenabled" + echo "Do you have libselinux-utils installed?" + exit 1 +fi + +if selinuxenabled; then + echo "SELinux is already enabled" + echo "This prevents safely relabeling all files." + echo "Boot with selinux=0 on the kernel command-line or" + echo "SELINUX=disabled in /etc/selinux/config." + exit 1 +fi + +cd mdp +./mdp -m policy.conf file_contexts +$CP -U allow -M -o policy.$VERS policy.conf mkdir -p /etc/selinux/dummy/policy mkdir -p /etc/selinux/dummy/contexts/files +echo "__default__:user_u:s0" > /etc/selinux/dummy/seusers +echo "base_r:base_t:s0" > /etc/selinux/dummy/contexts/failsafe_context +echo "base_r:base_t:s0 base_r:base_t:s0" > /etc/selinux/dummy/default_contexts +cat > /etc/selinux/dummy/contexts/x_contexts < /etc/selinux/config << EOF -SELINUX=enforcing +if [ -f /etc/selinux/config ]; then + echo "/etc/selinux/config exists, moving to /etc/selinux/config.bak." + mv /etc/selinux/config /etc/selinux/config.bak +fi +echo "Creating new /etc/selinux/config for dummy policy." +cat > /etc/selinux/config << EOF +SELINUX=permissive SELINUXTYPE=dummy EOF -else - TYPE=`cat /etc/selinux/config | grep "^SELINUXTYPE" | tail -1 | awk -F= '{ print $2 '}` - if [ "eq$TYPE" != "eqdummy" ]; then - selinuxenabled - if [ $? -eq 0 ]; then - echo "SELinux already enabled with a non-dummy policy." - echo "Exiting. Please install policy by hand if that" - echo "is what you REALLY want." - exit 1 - fi - mv /etc/selinux/config /etc/selinux/config.mdpbak - grep -v "^SELINUXTYPE" /etc/selinux/config.mdpbak >> /etc/selinux/config - echo "SELINUXTYPE=dummy" >> /etc/selinux/config - fi -fi cd /etc/selinux/dummy/contexts/files -$SF file_contexts / +$SF -F file_contexts / -mounts=`cat /proc/$$/mounts | egrep "ext2|ext3|xfs|jfs|ext4|ext4dev|gfs2" | awk '{ print $2 '}` -$SF file_contexts $mounts +mounts=`cat /proc/$$/mounts | \ + egrep "ext[234]|jfs|xfs|reiserfs|jffs2|gfs2|btrfs|f2fs|ocfs2" | \ + awk '{ print $2 '}` +$SF -F file_contexts $mounts - -dodev=`cat /proc/$$/mounts | grep "/dev "` -if [ "eq$dodev" != "eq" ]; then - mount --move /dev /mnt - $SF file_contexts /dev - mount --move /mnt /dev -fi +echo "-F" > /.autorelabel diff --git a/scripts/selinux/mdp/mdp.c b/scripts/selinux/mdp/mdp.c index 073fe7537f6c..edaba8e51651 100644 --- a/scripts/selinux/mdp/mdp.c +++ b/scripts/selinux/mdp/mdp.c @@ -33,6 +33,7 @@ #include #include #include +#include static void usage(char *name) { @@ -95,10 +96,31 @@ int main(int argc, char *argv[]) } fprintf(fout, "\n"); - /* NOW PRINT OUT MLS STUFF */ + /* print out mls declarations and constraints */ if (mls) { - printf("MLS not yet implemented\n"); - exit(1); + fprintf(fout, "sensitivity s0;\n"); + fprintf(fout, "sensitivity s1;\n"); + fprintf(fout, "dominance { s0 s1 }\n"); + fprintf(fout, "category c0;\n"); + fprintf(fout, "category c1;\n"); + fprintf(fout, "level s0:c0.c1;\n"); + fprintf(fout, "level s1:c0.c1;\n"); +#define SYSTEMLOW "s0" +#define SYSTEMHIGH "s1:c0.c1" + for (i = 0; secclass_map[i].name; i++) { + struct security_class_mapping *map = &secclass_map[i]; + + fprintf(fout, "mlsconstrain %s {\n", map->name); + for (j = 0; map->perms[j]; j++) + fprintf(fout, "\t%s\n", map->perms[j]); + /* + * This requires all subjects and objects to be + * single-level (l2 eq h2), and that the subject + * level dominate the object level (h1 dom h2) + * in order to have any permissions to it. + */ + fprintf(fout, "} (l2 eq h2 and h1 dom h2);\n\n"); + } } /* types, roles, and allows */ @@ -108,34 +130,127 @@ int main(int argc, char *argv[]) for (i = 0; secclass_map[i].name; i++) fprintf(fout, "allow base_t base_t:%s *;\n", secclass_map[i].name); - fprintf(fout, "user user_u roles { base_r };\n"); - fprintf(fout, "\n"); + fprintf(fout, "user user_u roles { base_r }"); + if (mls) + fprintf(fout, " level %s range %s - %s", SYSTEMLOW, + SYSTEMLOW, SYSTEMHIGH); + fprintf(fout, ";\n"); + +#define SUBJUSERROLETYPE "user_u:base_r:base_t" +#define OBJUSERROLETYPE "user_u:object_r:base_t" /* default sids */ for (i = 1; i < initial_sid_to_string_len; i++) - fprintf(fout, "sid %s user_u:base_r:base_t\n", initial_sid_to_string[i]); + fprintf(fout, "sid %s " SUBJUSERROLETYPE "%s\n", + initial_sid_to_string[i], mls ? ":" SYSTEMLOW : ""); fprintf(fout, "\n"); - fprintf(fout, "fs_use_xattr ext2 user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_xattr ext3 user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_xattr ext4 user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_xattr jfs user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_xattr xfs user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_xattr reiserfs user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_xattr jffs2 user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_xattr gfs2 user_u:base_r:base_t;\n"); +#define FS_USE(behavior, fstype) \ + fprintf(fout, "fs_use_%s %s " OBJUSERROLETYPE "%s;\n", \ + behavior, fstype, mls ? ":" SYSTEMLOW : "") + + /* + * Filesystems whose inode labels can be fetched via getxattr. + */ +#ifdef CONFIG_EXT2_FS_SECURITY + FS_USE("xattr", "ext2"); +#endif +#ifdef CONFIG_EXT4_FS_SECURITY +#ifdef CONFIG_EXT4_USE_FOR_EXT2 + FS_USE("xattr", "ext2"); +#endif + FS_USE("xattr", "ext3"); + FS_USE("xattr", "ext4"); +#endif +#ifdef CONFIG_JFS_SECURITY + FS_USE("xattr", "jfs"); +#endif +#ifdef CONFIG_REISERFS_FS_SECURITY + FS_USE("xattr", "reiserfs"); +#endif +#ifdef CONFIG_JFFS2_FS_SECURITY + FS_USE("xattr", "jffs2"); +#endif +#ifdef CONFIG_XFS_FS + FS_USE("xattr", "xfs"); +#endif +#ifdef CONFIG_GFS2_FS + FS_USE("xattr", "gfs2"); +#endif +#ifdef CONFIG_BTRFS_FS + FS_USE("xattr", "btrfs"); +#endif +#ifdef CONFIG_F2FS_FS_SECURITY + FS_USE("xattr", "f2fs"); +#endif +#ifdef CONFIG_OCFS2_FS + FS_USE("xattr", "ocsfs2"); +#endif +#ifdef CONFIG_OVERLAY_FS + FS_USE("xattr", "overlay"); +#endif +#ifdef CONFIG_SQUASHFS_XATTR + FS_USE("xattr", "squashfs"); +#endif + + /* + * Filesystems whose inodes are labeled from allocating task. + */ + FS_USE("task", "pipefs"); + FS_USE("task", "sockfs"); - fprintf(fout, "fs_use_task eventpollfs user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_task pipefs user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_task sockfs user_u:base_r:base_t;\n"); + /* + * Filesystems whose inode labels are computed from both + * the allocating task and the superblock label. + */ +#ifdef CONFIG_UNIX98_PTYS + FS_USE("trans", "devpts"); +#endif +#ifdef CONFIG_HUGETLBFS + FS_USE("trans", "hugetlbfs"); +#endif +#ifdef CONFIG_TMPFS + FS_USE("trans", "tmpfs"); +#endif +#ifdef CONFIG_DEVTMPFS + FS_USE("trans", "devtmpfs"); +#endif +#ifdef CONFIG_POSIX_MQUEUE + FS_USE("trans", "mqueue"); +#endif - fprintf(fout, "fs_use_trans mqueue user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_trans devpts user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_trans hugetlbfs user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_trans tmpfs user_u:base_r:base_t;\n"); - fprintf(fout, "fs_use_trans shm user_u:base_r:base_t;\n"); +#define GENFSCON(fstype, prefix) \ + fprintf(fout, "genfscon %s %s " OBJUSERROLETYPE "%s\n", \ + fstype, prefix, mls ? ":" SYSTEMLOW : "") - fprintf(fout, "genfscon proc / user_u:base_r:base_t\n"); + /* + * Filesystems whose inodes are labeled from path prefix match + * relative to the filesystem root. Depending on the filesystem, + * only a single label for all inodes may be supported. Here + * we list the filesystem types for which per-file labeling is + * supported using genfscon; any other filesystem type can also + * be added by only with a single entry for all of its inodes. + */ +#ifdef CONFIG_PROC_FS + GENFSCON("proc", "/"); +#endif +#ifdef CONFIG_SECURITY_SELINUX + GENFSCON("selinuxfs", "/"); +#endif +#ifdef CONFIG_SYSFS + GENFSCON("sysfs", "/"); +#endif +#ifdef CONFIG_DEBUG_FS + GENFSCON("debugfs", "/"); +#endif +#ifdef CONFIG_TRACING + GENFSCON("tracefs", "/"); +#endif +#ifdef CONFIG_PSTORE + GENFSCON("pstore", "/"); +#endif + GENFSCON("cgroup", "/"); + GENFSCON("cgroup2", "/"); fclose(fout); @@ -144,8 +259,8 @@ int main(int argc, char *argv[]) printf("Wrote policy, but cannot open %s for writing\n", ctxout); usage(argv[0]); } - fprintf(fout, "/ user_u:base_r:base_t\n"); - fprintf(fout, "/.* user_u:base_r:base_t\n"); + fprintf(fout, "/ " OBJUSERROLETYPE "%s\n", mls ? ":" SYSTEMLOW : ""); + fprintf(fout, "/.* " OBJUSERROLETYPE "%s\n", mls ? ":" SYSTEMLOW : ""); fclose(fout); return 0; -- cgit v1.2.3 From ff1bf4c0714e7936330bb316090a75eaa35061e7 Mon Sep 17 00:00:00 2001 From: Paulo Alcantara Date: Sun, 24 Feb 2019 21:55:28 -0300 Subject: selinux: use kernel linux/socket.h for genheaders and mdp When compiling genheaders and mdp from a newer host kernel, the following error happens: In file included from scripts/selinux/genheaders/genheaders.c:18: ./security/selinux/include/classmap.h:238:2: error: #error New address family defined, please update secclass_map. #error New address family defined, please update secclass_map. ^~~~~ make[3]: *** [scripts/Makefile.host:107: scripts/selinux/genheaders/genheaders] Error 1 make[2]: *** [scripts/Makefile.build:599: scripts/selinux/genheaders] Error 2 make[1]: *** [scripts/Makefile.build:599: scripts/selinux] Error 2 make[1]: *** Waiting for unfinished jobs.... Instead of relying on the host definition, include linux/socket.h in classmap.h to have PF_MAX. Signed-off-by: Paulo Alcantara Acked-by: Stephen Smalley [PM: manually merge in mdp.c, subject line tweaks] Signed-off-by: Paul Moore --- scripts/selinux/genheaders/genheaders.c | 1 - scripts/selinux/mdp/mdp.c | 1 - security/selinux/include/classmap.h | 1 + 3 files changed, 1 insertion(+), 2 deletions(-) (limited to 'scripts') diff --git a/scripts/selinux/genheaders/genheaders.c b/scripts/selinux/genheaders/genheaders.c index 1ceedea847dd..544ca126a8a8 100644 --- a/scripts/selinux/genheaders/genheaders.c +++ b/scripts/selinux/genheaders/genheaders.c @@ -9,7 +9,6 @@ #include #include #include -#include struct security_class_mapping { const char *name; diff --git a/scripts/selinux/mdp/mdp.c b/scripts/selinux/mdp/mdp.c index edaba8e51651..18fd6143888b 100644 --- a/scripts/selinux/mdp/mdp.c +++ b/scripts/selinux/mdp/mdp.c @@ -32,7 +32,6 @@ #include #include #include -#include #include static void usage(char *name) diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h index bd5fe0d3204a..201f7e588a29 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h @@ -1,5 +1,6 @@ /* SPDX-License-Identifier: GPL-2.0 */ #include +#include #define COMMON_FILE_SOCK_PERMS "ioctl", "read", "write", "create", \ "getattr", "setattr", "lock", "relabelfrom", "relabelto", "append", "map" -- cgit v1.2.3 From ccd19d4cafaaf36132c372e77ee9304b707c1e70 Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Tue, 19 Mar 2019 09:21:06 -0400 Subject: scripts/selinux: fix build We need to add the object tree include directory to the include path for building mdp in order to pick up generated/autoconf.h. Otherwise, make O=/path/to/objtree breaks. Fixes: e37c1877ba5b ("scripts/selinux: modernize mdp") Reported-by: Stephen Rothwell Signed-off-by: Stephen Smalley Signed-off-by: Paul Moore --- scripts/selinux/mdp/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/selinux/mdp/Makefile b/scripts/selinux/mdp/Makefile index e9c92db7e2a3..8a1269a9d0ba 100644 --- a/scripts/selinux/mdp/Makefile +++ b/scripts/selinux/mdp/Makefile @@ -2,7 +2,7 @@ hostprogs-y := mdp HOST_EXTRACFLAGS += \ -I$(srctree)/include/uapi -I$(srctree)/include \ - -I$(srctree)/security/selinux/include + -I$(srctree)/security/selinux/include -I$(objtree)/include always := $(hostprogs-y) clean-files := policy.* file_contexts -- cgit v1.2.3 From 6c5d24eef7be7adfcb608f2852ab69b58935133b Mon Sep 17 00:00:00 2001 From: Sean Christopherson Date: Fri, 22 Mar 2019 14:11:37 -0700 Subject: checkpatch: Warn on improper usage of Co-developed-by The purpose of Co-developed-by: is to give attribution to authors who aren't already attributed by the From: tag, i.e. who aren't the nominal patch author. Because Co-developed-by: is essentially a variation of From:, it must be accompanied by a Signed-off-by: of the associated co-author. To ease the burden of determining whether or not co-authors have signed off, Co-developed-by and Signed-off-by: must be explicitly paired, i.e. on consecutive lines for a given co-author. Suggested-by: Joe Perches Signed-off-by: Sean Christopherson Signed-off-by: Jonathan Corbet --- scripts/checkpatch.pl | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'scripts') diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index 5b756278df13..bbe71f017f6d 100755 --- a/scripts/checkpatch.pl +++ b/scripts/checkpatch.pl @@ -2687,6 +2687,24 @@ sub process { } else { $signatures{$sig_nospace} = 1; } + +# Check Co-developed-by: immediately followed by Signed-off-by: with same name and email + if ($sign_off =~ /^co-developed-by:$/i) { + if ($email eq $author) { + WARN("BAD_SIGN_OFF", + "Co-developed-by: should not be used to attribute nominal patch author '$author'\n" . "$here\n" . $rawline); + } + if (!defined $lines[$linenr]) { + WARN("BAD_SIGN_OFF", + "Co-developed-by: must be immediately followed by Signed-off-by:\n" . "$here\n" . $rawline); + } elsif ($rawlines[$linenr] !~ /^\s*signed-off-by:\s*(.*)/i) { + WARN("BAD_SIGN_OFF", + "Co-developed-by: must be immediately followed by Signed-off-by:\n" . "$here\n" . $rawline . "\n" .$rawlines[$linenr]); + } elsif ($1 ne $email) { + WARN("BAD_SIGN_OFF", + "Co-developed-by and Signed-off-by: name/email do not match \n" . "$here\n" . $rawline . "\n" .$rawlines[$linenr]); + } + } } # Check email subject for common tools that don't need to be mentioned -- cgit v1.2.3 From 5f6df00fd4569cf76f4e9636bbfc826ea32e2dde Mon Sep 17 00:00:00 2001 From: Mauro Carvalho Chehab Date: Sat, 30 Mar 2019 10:45:59 -0300 Subject: docs: scripts/sphinx-pre-install: suggest latexmk for building pdf The usage of latexmk improves the PDF output, as it re-run xelatex when it detects the need, in order to properly generate indexes and cross-references. As this is not a mandatory requirement, only suggest its addition. Signed-off-by: Mauro Carvalho Chehab Signed-off-by: Jonathan Corbet --- scripts/sphinx-pre-install | 1 + 1 file changed, 1 insertion(+) (limited to 'scripts') diff --git a/scripts/sphinx-pre-install b/scripts/sphinx-pre-install index 067459760a7b..f6a5c0bae31e 100755 --- a/scripts/sphinx-pre-install +++ b/scripts/sphinx-pre-install @@ -532,6 +532,7 @@ sub check_needs() check_program("dot", 1); check_program("convert", 1); check_program("rsvg-convert", 1) if ($pdf); + check_program("latexmk", 1) if ($pdf); check_distros(); -- cgit v1.2.3 From e07cf4fd7d72546bf46279927b28fe9d74308868 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Sat, 30 Mar 2019 21:04:15 +0900 Subject: kbuild: mkmakefile: do not check the generated Makefile marker This hunk was added to avoid accidental overwrite of the top Makefile in case O= points to the top of the source tree. As commit 4f1127e20437 ("kbuild: fix infinite make recursion"), it caused some troubles in the past because Kbuild assumes O= as out-of-tree build, while it actually works in the source tree. Now this works more properly; if O= points to the source directory, it is handled as in-tree build. So, this sanity check is unneeded. Signed-off-by: Masahiro Yamada --- scripts/mkmakefile | 6 ------ 1 file changed, 6 deletions(-) (limited to 'scripts') diff --git a/scripts/mkmakefile b/scripts/mkmakefile index 412f13fdff52..31de46801321 100755 --- a/scripts/mkmakefile +++ b/scripts/mkmakefile @@ -7,12 +7,6 @@ # Usage # $1 - Kernel src directory -# Only overwrite automatically generated Makefiles -# (so we do not overwrite kernel Makefile) -if test -e Makefile && ! grep -q Automatically Makefile -then - exit 0 -fi if [ "${quiet}" != "silent_" ]; then echo " GEN Makefile" fi -- cgit v1.2.3 From 48b5ffd1268788afb01525e71e864e901e9aa070 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Sat, 30 Mar 2019 21:04:16 +0900 Subject: kbuild: mkmakefile: generate a simple wrapper of top Makefile Now that Kbuild is able to start from any directory, the generated Makefile can simply wrap the top Makefile. Signed-off-by: Masahiro Yamada Reviewed-by: Kieran Bingham --- scripts/mkmakefile | 20 ++------------------ 1 file changed, 2 insertions(+), 18 deletions(-) (limited to 'scripts') diff --git a/scripts/mkmakefile b/scripts/mkmakefile index 31de46801321..4d0faebb1719 100755 --- a/scripts/mkmakefile +++ b/scripts/mkmakefile @@ -12,22 +12,6 @@ if [ "${quiet}" != "silent_" ]; then fi cat << EOF > Makefile -# Automatically generated by $0: don't edit - -ifeq ("\$(origin V)", "command line") -VERBOSE := \$(V) -endif -ifneq (\$(VERBOSE),1) -Q := @ -endif - -MAKEFLAGS += --no-print-directory - -.PHONY: __sub-make \$(MAKECMDGOALS) - -__sub-make: - \$(Q)\$(MAKE) -C $1 O=\$(CURDIR) \$(MAKECMDGOALS) - -\$(filter-out __sub-make, \$(MAKECMDGOALS)): __sub-make - @: +# Automatically generated by $(realpath $0): don't edit +include $(realpath $1/Makefile) EOF -- cgit v1.2.3 From a9a49c2ad9b9b8ee20668c15ca2b806dbed8ea40 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Sat, 30 Mar 2019 21:04:17 +0900 Subject: kbuild: use $(srctree) instead of KBUILD_SRC to check out-of-tree build KBUILD_SRC was conventionally used for some different purposes: [1] To remember the source tree path [2] As a flag to check if sub-make is already done [3] As a flag to check if Kbuild runs out of tree For [1], we do not need to remember it because the top Makefile can compute it by $(realpath $(dir $(lastword $(MAKEFILE_LIST)))) [2] has been replaced with self-commenting 'sub_make_done'. For [3], we can distinguish in-tree/out-of-tree by comparing $(srctree) and '.' This commit converts [3] to prepare for the KBUILD_SRC removal. Signed-off-by: Masahiro Yamada --- Makefile | 6 +++--- scripts/Makefile.build | 2 +- scripts/Makefile.host | 2 +- scripts/Makefile.lib | 2 +- scripts/Makefile.modbuiltin | 2 +- scripts/gdb/linux/Makefile | 2 +- scripts/tags.sh | 2 +- 7 files changed, 9 insertions(+), 9 deletions(-) (limited to 'scripts') diff --git a/Makefile b/Makefile index 4929c1f41cfa..72fad444f3e8 100644 --- a/Makefile +++ b/Makefile @@ -448,7 +448,7 @@ USERINCLUDE := \ LINUXINCLUDE := \ -I$(srctree)/arch/$(SRCARCH)/include \ -I$(objtree)/arch/$(SRCARCH)/include/generated \ - $(if $(KBUILD_SRC), -I$(srctree)/include) \ + $(if $(filter .,$(srctree)),,-I$(srctree)/include) \ -I$(objtree)/include \ $(USERINCLUDE) @@ -509,7 +509,7 @@ PHONY += outputmakefile # At the same time when output Makefile generated, generate .gitignore to # ignore whole output directory outputmakefile: -ifneq ($(KBUILD_SRC),) +ifneq ($(srctree),.) $(Q)ln -fsn $(srctree) source $(Q)$(CONFIG_SHELL) $(srctree)/scripts/mkmakefile $(srctree) $(Q)test -e .gitignore || \ @@ -1089,7 +1089,7 @@ PHONY += prepare archprepare prepare1 prepare3 # and if so do: # 1) Check that make has not been executed in the kernel src $(srctree) prepare3: include/config/kernel.release -ifneq ($(KBUILD_SRC),) +ifneq ($(srctree),.) @$(kecho) ' Using $(srctree) as source for kernel' $(Q)if [ -f $(srctree)/.config -o -d $(srctree)/include/config ]; then \ echo >&2 " $(srctree) is not clean, please run 'make mrproper'"; \ diff --git a/scripts/Makefile.build b/scripts/Makefile.build index 76ca30cc4791..9dddfb6f554e 100644 --- a/scripts/Makefile.build +++ b/scripts/Makefile.build @@ -501,7 +501,7 @@ existing-targets := $(wildcard $(sort $(targets))) -include $(foreach f,$(existing-targets),$(dir $(f)).$(notdir $(f)).cmd) -ifneq ($(KBUILD_SRC),) +ifneq ($(srctree),.) # Create directories for object files if they do not exist obj-dirs := $(sort $(obj) $(patsubst %/,%, $(dir $(targets)))) # If targets exist, their directories apparently exist. Skip mkdir. diff --git a/scripts/Makefile.host b/scripts/Makefile.host index a115259b57e7..73b804197fca 100644 --- a/scripts/Makefile.host +++ b/scripts/Makefile.host @@ -71,7 +71,7 @@ __hostc_flags = $(_hostc_flags) __hostcxx_flags = $(_hostcxx_flags) ifeq ($(KBUILD_EXTMOD),) -ifneq ($(KBUILD_SRC),) +ifneq ($(srctree),.) __hostc_flags = -I$(obj) $(call flags,_hostc_flags) __hostcxx_flags = -I$(obj) $(call flags,_hostcxx_flags) endif diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index 8a1f64f17740..41e98fa66b91 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -144,7 +144,7 @@ __cpp_flags = $(_cpp_flags) # If building the kernel in a separate objtree expand all occurrences # of -Idir to -I$(srctree)/dir except for absolute paths (starting with '/'). ifeq ($(KBUILD_EXTMOD),) -ifneq ($(KBUILD_SRC),) +ifneq ($(srctree),.) # -I$(obj) locates generated .h files # $(call addtree,-I$(obj)) locates .h files in srctree, from generated .c files diff --git a/scripts/Makefile.modbuiltin b/scripts/Makefile.modbuiltin index a072a4267746..ea90a90b41a0 100644 --- a/scripts/Makefile.modbuiltin +++ b/scripts/Makefile.modbuiltin @@ -15,7 +15,7 @@ include include/config/tristate.conf include scripts/Kbuild.include -ifneq ($(KBUILD_SRC),) +ifneq ($(srctree),.) # Create output directory if not already present _dummy := $(shell [ -d $(obj) ] || mkdir -p $(obj)) endif diff --git a/scripts/gdb/linux/Makefile b/scripts/gdb/linux/Makefile index 3df395a9c2ce..9fd3d8ed731a 100644 --- a/scripts/gdb/linux/Makefile +++ b/scripts/gdb/linux/Makefile @@ -1,6 +1,6 @@ # SPDX-License-Identifier: GPL-2.0 -ifneq ($(KBUILD_SRC),) +ifneq ($(srctree),.) symlinks := $(patsubst $(srctree)/$(src)/%,%,$(wildcard $(srctree)/$(src)/*.py)) diff --git a/scripts/tags.sh b/scripts/tags.sh index f470d9919ed7..6a551805db52 100755 --- a/scripts/tags.sh +++ b/scripts/tags.sh @@ -19,7 +19,7 @@ ignore="$ignore ( -name *.mod.c ) -prune -o" # Do not use full path if we do not use O=.. builds # Use make O=. {tags|cscope} # to force full paths for a non-O= build -if [ "${KBUILD_SRC}" = "" ]; then +if [ "${srctree}" = "." ]; then tree= else tree=${srctree}/ -- cgit v1.2.3 From e83b9f55448afce3fe1abcd1d10db9584f8042a6 Mon Sep 17 00:00:00 2001 From: Andrii Nakryiko Date: Tue, 2 Apr 2019 09:49:50 -0700 Subject: kbuild: add ability to generate BTF type info for vmlinux This patch adds new config option to trigger generation of BTF type information from DWARF debuginfo for vmlinux and kernel modules through pahole, which in turn relies on libbpf for btf_dedup() algorithm. The intent is to record compact type information of all types used inside kernel, including all the structs/unions/typedefs/etc. This enables BPF's compile-once-run-everywhere ([0]) approach, in which tracing programs that are inspecting kernel's internal data (e.g., struct task_struct) can be compiled on a system running some kernel version, but would be possible to run on other kernel versions (and configurations) without recompilation, even if the layout of structs changed and/or some of the fields were added, removed, or renamed. This is only possible if BPF loader can get kernel type info to adjust all the offsets correctly. This patch is a first time in this direction, making sure that BTF type info is part of Linux kernel image in non-loadable ELF section. BTF deduplication ([1]) algorithm typically provides 100x savings compared to DWARF data, so resulting .BTF section is not big as is typically about 2MB in size. [0] http://vger.kernel.org/lpc-bpf2018.html#session-2 [1] https://facebookmicrosites.github.io/bpf/blog/2018/11/14/btf-enhancement.html Cc: Masahiro Yamada Cc: Arnaldo Carvalho de Melo Cc: Daniel Borkmann Cc: Alexei Starovoitov Cc: Yonghong Song Cc: Martin KaFai Lau Signed-off-by: Andrii Nakryiko Acked-by: David S. Miller Acked-by: Alexei Starovoitov Acked-by: Daniel Borkmann Signed-off-by: Daniel Borkmann --- Makefile | 3 ++- lib/Kconfig.debug | 8 ++++++++ scripts/link-vmlinux.sh | 20 +++++++++++++++++++- 3 files changed, 29 insertions(+), 2 deletions(-) (limited to 'scripts') diff --git a/Makefile b/Makefile index c0a34064c574..73c013378559 100644 --- a/Makefile +++ b/Makefile @@ -399,6 +399,7 @@ NM = $(CROSS_COMPILE)nm STRIP = $(CROSS_COMPILE)strip OBJCOPY = $(CROSS_COMPILE)objcopy OBJDUMP = $(CROSS_COMPILE)objdump +PAHOLE = pahole LEX = flex YACC = bison AWK = awk @@ -453,7 +454,7 @@ KBUILD_LDFLAGS := GCC_PLUGINS_CFLAGS := export ARCH SRCARCH CONFIG_SHELL HOSTCC KBUILD_HOSTCFLAGS CROSS_COMPILE AS LD CC -export CPP AR NM STRIP OBJCOPY OBJDUMP KBUILD_HOSTLDFLAGS KBUILD_HOSTLDLIBS +export CPP AR NM STRIP OBJCOPY OBJDUMP PAHOLE KBUILD_HOSTLDFLAGS KBUILD_HOSTLDLIBS export MAKE LEX YACC AWK INSTALLKERNEL PERL PYTHON PYTHON2 PYTHON3 UTS_MACHINE export HOSTCXX KBUILD_HOSTCXXFLAGS LDFLAGS_MODULE CHECK CHECKFLAGS diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index 0d9e81779e37..188fc17c2202 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -219,6 +219,14 @@ config DEBUG_INFO_DWARF4 But it significantly improves the success of resolving variables in gdb on optimized code. +config DEBUG_INFO_BTF + bool "Generate BTF typeinfo" + depends on DEBUG_INFO + help + Generate deduplicated BTF type information from DWARF debug info. + Turning this on expects presence of pahole tool, which will convert + DWARF type info into equivalent deduplicated BTF type info. + config GDB_SCRIPTS bool "Provide GDB scripts for kernel debugging" depends on DEBUG_INFO diff --git a/scripts/link-vmlinux.sh b/scripts/link-vmlinux.sh index dc0e8c5a1402..dd2b31ccca6a 100755 --- a/scripts/link-vmlinux.sh +++ b/scripts/link-vmlinux.sh @@ -35,7 +35,7 @@ set -e info() { if [ "${quiet}" != "silent_" ]; then - printf " %-7s %s\n" ${1} ${2} + printf " %-7s %s\n" "${1}" "${2}" fi } @@ -91,6 +91,20 @@ vmlinux_link() fi } +# generate .BTF typeinfo from DWARF debuginfo +gen_btf() +{ + local pahole_ver; + + pahole_ver=$(${PAHOLE} --version | sed -E 's/v([0-9]+)\.([0-9]+)/\1\2/') + if [ "${pahole_ver}" -lt "113" ]; then + info "BTF" "${1}: pahole version $(${PAHOLE} --version) is too old, need at least v1.13" + exit 0 + fi + + info "BTF" ${1} + LLVM_OBJCOPY=${OBJCOPY} ${PAHOLE} -J ${1} +} # Create ${2} .o file with all symbols from the ${1} object file kallsyms() @@ -248,6 +262,10 @@ fi info LD vmlinux vmlinux_link "${kallsymso}" vmlinux +if [ -n "${CONFIG_DEBUG_INFO_BTF}" ]; then + gen_btf vmlinux +fi + if [ -n "${CONFIG_BUILDTIME_EXTABLE_SORT}" ]; then info SORTEX vmlinux sortextable vmlinux -- cgit v1.2.3 From ea24213d8088f9da73e1b6aadf7abd2435b70397 Mon Sep 17 00:00:00 2001 From: Peter Zijlstra Date: Mon, 25 Feb 2019 12:50:09 +0100 Subject: objtool: Add UACCESS validation It is important that UACCESS regions are as small as possible; furthermore the UACCESS state is not scheduled, so doing anything that might directly call into the scheduler will cause random code to be ran with UACCESS enabled. Teach objtool too track UACCESS state and warn about any CALL made while UACCESS is enabled. This very much includes the __fentry__() and __preempt_schedule() calls. Note that exceptions _do_ save/restore the UACCESS state, and therefore they can drive preemption. This also means that all exception handlers must have an otherwise redundant UACCESS disable instruction; therefore ignore this warning for !STT_FUNC code (exception handlers are not normal functions). Signed-off-by: Peter Zijlstra (Intel) Acked-by: Josh Poimboeuf Cc: Borislav Petkov Cc: Linus Torvalds Cc: Peter Zijlstra Cc: Thomas Gleixner Signed-off-by: Ingo Molnar --- scripts/Makefile.build | 3 + tools/objtool/arch.h | 6 +- tools/objtool/arch/x86/decode.c | 13 ++- tools/objtool/builtin-check.c | 3 +- tools/objtool/builtin.h | 2 +- tools/objtool/check.c | 197 +++++++++++++++++++++++++++++++++++++--- tools/objtool/check.h | 3 +- tools/objtool/elf.h | 1 + tools/objtool/special.c | 18 ++++ tools/objtool/special.h | 1 + 10 files changed, 226 insertions(+), 21 deletions(-) (limited to 'scripts') diff --git a/scripts/Makefile.build b/scripts/Makefile.build index 76ca30cc4791..0c5969fa795f 100644 --- a/scripts/Makefile.build +++ b/scripts/Makefile.build @@ -222,6 +222,9 @@ endif ifdef CONFIG_RETPOLINE objtool_args += --retpoline endif +ifdef CONFIG_X86_SMAP + objtool_args += --uaccess +endif # 'OBJECT_FILES_NON_STANDARD := y': skip objtool checking for a directory # 'OBJECT_FILES_NON_STANDARD_foo.o := 'y': skip objtool checking for a file diff --git a/tools/objtool/arch.h b/tools/objtool/arch.h index b0d7dc3d71b5..467c2fe798a9 100644 --- a/tools/objtool/arch.h +++ b/tools/objtool/arch.h @@ -33,7 +33,9 @@ #define INSN_STACK 8 #define INSN_BUG 9 #define INSN_NOP 10 -#define INSN_OTHER 11 +#define INSN_STAC 11 +#define INSN_CLAC 12 +#define INSN_OTHER 13 #define INSN_LAST INSN_OTHER enum op_dest_type { @@ -41,6 +43,7 @@ enum op_dest_type { OP_DEST_REG_INDIRECT, OP_DEST_MEM, OP_DEST_PUSH, + OP_DEST_PUSHF, OP_DEST_LEAVE, }; @@ -55,6 +58,7 @@ enum op_src_type { OP_SRC_REG_INDIRECT, OP_SRC_CONST, OP_SRC_POP, + OP_SRC_POPF, OP_SRC_ADD, OP_SRC_AND, }; diff --git a/tools/objtool/arch/x86/decode.c b/tools/objtool/arch/x86/decode.c index 540a209b78ab..ab20a96fee50 100644 --- a/tools/objtool/arch/x86/decode.c +++ b/tools/objtool/arch/x86/decode.c @@ -357,19 +357,26 @@ int arch_decode_instruction(struct elf *elf, struct section *sec, /* pushf */ *type = INSN_STACK; op->src.type = OP_SRC_CONST; - op->dest.type = OP_DEST_PUSH; + op->dest.type = OP_DEST_PUSHF; break; case 0x9d: /* popf */ *type = INSN_STACK; - op->src.type = OP_SRC_POP; + op->src.type = OP_SRC_POPF; op->dest.type = OP_DEST_MEM; break; case 0x0f: - if (op2 >= 0x80 && op2 <= 0x8f) { + if (op2 == 0x01) { + + if (modrm == 0xca) + *type = INSN_CLAC; + else if (modrm == 0xcb) + *type = INSN_STAC; + + } else if (op2 >= 0x80 && op2 <= 0x8f) { *type = INSN_JUMP_CONDITIONAL; diff --git a/tools/objtool/builtin-check.c b/tools/objtool/builtin-check.c index 99f10c585cbe..f3b378126011 100644 --- a/tools/objtool/builtin-check.c +++ b/tools/objtool/builtin-check.c @@ -29,7 +29,7 @@ #include "builtin.h" #include "check.h" -bool no_fp, no_unreachable, retpoline, module, backtrace; +bool no_fp, no_unreachable, retpoline, module, backtrace, uaccess; static const char * const check_usage[] = { "objtool check [] file.o", @@ -42,6 +42,7 @@ const struct option check_options[] = { OPT_BOOLEAN('r', "retpoline", &retpoline, "Validate retpoline assumptions"), OPT_BOOLEAN('m', "module", &module, "Indicates the object will be part of a kernel module"), OPT_BOOLEAN('b', "backtrace", &backtrace, "unwind on error"), + OPT_BOOLEAN('a', "uaccess", &uaccess, "enable uaccess checking"), OPT_END(), }; diff --git a/tools/objtool/builtin.h b/tools/objtool/builtin.h index 65fd3cc3c98b..69762f9c5602 100644 --- a/tools/objtool/builtin.h +++ b/tools/objtool/builtin.h @@ -20,7 +20,7 @@ #include extern const struct option check_options[]; -extern bool no_fp, no_unreachable, retpoline, module, backtrace; +extern bool no_fp, no_unreachable, retpoline, module, backtrace, uaccess; extern int cmd_check(int argc, const char **argv); extern int cmd_orc(int argc, const char **argv); diff --git a/tools/objtool/check.c b/tools/objtool/check.c index 8118361295dd..965e954e07f4 100644 --- a/tools/objtool/check.c +++ b/tools/objtool/check.c @@ -442,6 +442,82 @@ static void add_ignores(struct objtool_file *file) } } +/* + * This is a whitelist of functions that is allowed to be called with AC set. + * The list is meant to be minimal and only contains compiler instrumentation + * ABI and a few functions used to implement *_{to,from}_user() functions. + * + * These functions must not directly change AC, but may PUSHF/POPF. + */ +static const char *uaccess_safe_builtin[] = { + /* KASAN */ + "kasan_report", + "check_memory_region", + /* KASAN out-of-line */ + "__asan_loadN_noabort", + "__asan_load1_noabort", + "__asan_load2_noabort", + "__asan_load4_noabort", + "__asan_load8_noabort", + "__asan_load16_noabort", + "__asan_storeN_noabort", + "__asan_store1_noabort", + "__asan_store2_noabort", + "__asan_store4_noabort", + "__asan_store8_noabort", + "__asan_store16_noabort", + /* KASAN in-line */ + "__asan_report_load_n_noabort", + "__asan_report_load1_noabort", + "__asan_report_load2_noabort", + "__asan_report_load4_noabort", + "__asan_report_load8_noabort", + "__asan_report_load16_noabort", + "__asan_report_store_n_noabort", + "__asan_report_store1_noabort", + "__asan_report_store2_noabort", + "__asan_report_store4_noabort", + "__asan_report_store8_noabort", + "__asan_report_store16_noabort", + /* KCOV */ + "write_comp_data", + "__sanitizer_cov_trace_pc", + "__sanitizer_cov_trace_const_cmp1", + "__sanitizer_cov_trace_const_cmp2", + "__sanitizer_cov_trace_const_cmp4", + "__sanitizer_cov_trace_const_cmp8", + "__sanitizer_cov_trace_cmp1", + "__sanitizer_cov_trace_cmp2", + "__sanitizer_cov_trace_cmp4", + "__sanitizer_cov_trace_cmp8", + /* UBSAN */ + "ubsan_type_mismatch_common", + "__ubsan_handle_type_mismatch", + "__ubsan_handle_type_mismatch_v1", + /* misc */ + "csum_partial_copy_generic", + "__memcpy_mcsafe", + "ftrace_likely_update", /* CONFIG_TRACE_BRANCH_PROFILING */ + NULL +}; + +static void add_uaccess_safe(struct objtool_file *file) +{ + struct symbol *func; + const char **name; + + if (!uaccess) + return; + + for (name = uaccess_safe_builtin; *name; name++) { + func = find_symbol_by_name(file->elf, *name); + if (!func) + continue; + + func->alias->uaccess_safe = true; + } +} + /* * FIXME: For now, just ignore any alternatives which add retpolines. This is * a temporary hack, as it doesn't allow ORC to unwind from inside a retpoline. @@ -818,6 +894,7 @@ static int add_special_section_alts(struct objtool_file *file) alt->insn = new_insn; alt->skip_orig = special_alt->skip_orig; + orig_insn->ignore_alts |= special_alt->skip_alt; list_add_tail(&alt->list, &orig_insn->alts); list_del(&special_alt->list); @@ -1239,6 +1316,7 @@ static int decode_sections(struct objtool_file *file) return ret; add_ignores(file); + add_uaccess_safe(file); ret = add_ignore_alternatives(file); if (ret) @@ -1320,11 +1398,11 @@ static int update_insn_state_regs(struct instruction *insn, struct insn_state *s return 0; /* push */ - if (op->dest.type == OP_DEST_PUSH) + if (op->dest.type == OP_DEST_PUSH || op->dest.type == OP_DEST_PUSHF) cfa->offset += 8; /* pop */ - if (op->src.type == OP_SRC_POP) + if (op->src.type == OP_SRC_POP || op->src.type == OP_SRC_POPF) cfa->offset -= 8; /* add immediate to sp */ @@ -1581,6 +1659,7 @@ static int update_insn_state(struct instruction *insn, struct insn_state *state) break; case OP_SRC_POP: + case OP_SRC_POPF: if (!state->drap && op->dest.type == OP_DEST_REG && op->dest.reg == cfa->base) { @@ -1645,6 +1724,7 @@ static int update_insn_state(struct instruction *insn, struct insn_state *state) break; case OP_DEST_PUSH: + case OP_DEST_PUSHF: state->stack_size += 8; if (cfa->base == CFI_SP) cfa->offset += 8; @@ -1735,7 +1815,7 @@ static int update_insn_state(struct instruction *insn, struct insn_state *state) break; case OP_DEST_MEM: - if (op->src.type != OP_SRC_POP) { + if (op->src.type != OP_SRC_POP && op->src.type != OP_SRC_POPF) { WARN_FUNC("unknown stack-related memory operation", insn->sec, insn->offset); return -1; @@ -1799,6 +1879,33 @@ static bool insn_state_match(struct instruction *insn, struct insn_state *state) return false; } +static inline bool func_uaccess_safe(struct symbol *func) +{ + if (func) + return func->alias->uaccess_safe; + + return false; +} + +static inline const char *insn_dest_name(struct instruction *insn) +{ + if (insn->call_dest) + return insn->call_dest->name; + + return "{dynamic}"; +} + +static int validate_call(struct instruction *insn, struct insn_state *state) +{ + if (state->uaccess && !func_uaccess_safe(insn->call_dest)) { + WARN_FUNC("call to %s() with UACCESS enabled", + insn->sec, insn->offset, insn_dest_name(insn)); + return 1; + } + + return 0; +} + static int validate_sibling_call(struct instruction *insn, struct insn_state *state) { if (has_modified_stack_frame(state)) { @@ -1807,7 +1914,7 @@ static int validate_sibling_call(struct instruction *insn, struct insn_state *st return 1; } - return 0; + return validate_call(insn, state); } /* @@ -1855,7 +1962,9 @@ static int validate_branch(struct objtool_file *file, struct instruction *first, if (!insn->hint && !insn_state_match(insn, &state)) return 1; - return 0; + /* If we were here with AC=0, but now have AC=1, go again */ + if (insn->state.uaccess || !state.uaccess) + return 0; } if (insn->hint) { @@ -1925,6 +2034,16 @@ static int validate_branch(struct objtool_file *file, struct instruction *first, switch (insn->type) { case INSN_RETURN: + if (state.uaccess && !func_uaccess_safe(func)) { + WARN_FUNC("return with UACCESS enabled", sec, insn->offset); + return 1; + } + + if (!state.uaccess && func_uaccess_safe(func)) { + WARN_FUNC("return with UACCESS disabled from a UACCESS-safe function", sec, insn->offset); + return 1; + } + if (func && has_modified_stack_frame(&state)) { WARN_FUNC("return with modified stack frame", sec, insn->offset); @@ -1940,17 +2059,22 @@ static int validate_branch(struct objtool_file *file, struct instruction *first, return 0; case INSN_CALL: - if (is_fentry_call(insn)) - break; + case INSN_CALL_DYNAMIC: + ret = validate_call(insn, &state); + if (ret) + return ret; - ret = dead_end_function(file, insn->call_dest); - if (ret == 1) - return 0; - if (ret == -1) - return 1; + if (insn->type == INSN_CALL) { + if (is_fentry_call(insn)) + break; + + ret = dead_end_function(file, insn->call_dest); + if (ret == 1) + return 0; + if (ret == -1) + return 1; + } - /* fallthrough */ - case INSN_CALL_DYNAMIC: if (!no_fp && func && !has_valid_stack_frame(&state)) { WARN_FUNC("call without frame pointer save/setup", sec, insn->offset); @@ -2003,6 +2127,49 @@ static int validate_branch(struct objtool_file *file, struct instruction *first, if (update_insn_state(insn, &state)) return 1; + if (insn->stack_op.dest.type == OP_DEST_PUSHF) { + if (!state.uaccess_stack) { + state.uaccess_stack = 1; + } else if (state.uaccess_stack >> 31) { + WARN_FUNC("PUSHF stack exhausted", sec, insn->offset); + return 1; + } + state.uaccess_stack <<= 1; + state.uaccess_stack |= state.uaccess; + } + + if (insn->stack_op.src.type == OP_SRC_POPF) { + if (state.uaccess_stack) { + state.uaccess = state.uaccess_stack & 1; + state.uaccess_stack >>= 1; + if (state.uaccess_stack == 1) + state.uaccess_stack = 0; + } + } + + break; + + case INSN_STAC: + if (state.uaccess) { + WARN_FUNC("recursive UACCESS enable", sec, insn->offset); + return 1; + } + + state.uaccess = true; + break; + + case INSN_CLAC: + if (!state.uaccess && insn->func) { + WARN_FUNC("redundant UACCESS disable", sec, insn->offset); + return 1; + } + + if (func_uaccess_safe(func) && !state.uaccess_stack) { + WARN_FUNC("UACCESS-safe disables UACCESS", sec, insn->offset); + return 1; + } + + state.uaccess = false; break; default: @@ -2168,6 +2335,8 @@ static int validate_functions(struct objtool_file *file) if (!insn || insn->ignore) continue; + state.uaccess = func->alias->uaccess_safe; + ret = validate_branch(file, insn, state); if (ret && backtrace) BT_FUNC("<=== (func)", insn); diff --git a/tools/objtool/check.h b/tools/objtool/check.h index d8896eb43521..78a95d06c165 100644 --- a/tools/objtool/check.h +++ b/tools/objtool/check.h @@ -31,7 +31,8 @@ struct insn_state { int stack_size; unsigned char type; bool bp_scratch; - bool drap, end; + bool drap, end, uaccess; + unsigned int uaccess_stack; int drap_reg, drap_offset; struct cfi_reg vals[CFI_NUM_REGS]; }; diff --git a/tools/objtool/elf.h b/tools/objtool/elf.h index 968265b4b4cd..2cc2ed49322d 100644 --- a/tools/objtool/elf.h +++ b/tools/objtool/elf.h @@ -62,6 +62,7 @@ struct symbol { unsigned long offset; unsigned int len; struct symbol *pfunc, *cfunc, *alias; + bool uaccess_safe; }; struct rela { diff --git a/tools/objtool/special.c b/tools/objtool/special.c index 50af4e1274b3..4e50563d87c6 100644 --- a/tools/objtool/special.c +++ b/tools/objtool/special.c @@ -23,6 +23,7 @@ #include #include +#include "builtin.h" #include "special.h" #include "warn.h" @@ -42,6 +43,7 @@ #define ALT_NEW_LEN_OFFSET 11 #define X86_FEATURE_POPCNT (4*32+23) +#define X86_FEATURE_SMAP (9*32+20) struct special_entry { const char *sec; @@ -110,6 +112,22 @@ static int get_alt_entry(struct elf *elf, struct special_entry *entry, */ if (feature == X86_FEATURE_POPCNT) alt->skip_orig = true; + + /* + * If UACCESS validation is enabled; force that alternative; + * otherwise force it the other way. + * + * What we want to avoid is having both the original and the + * alternative code flow at the same time, in that case we can + * find paths that see the STAC but take the NOP instead of + * CLAC and the other way around. + */ + if (feature == X86_FEATURE_SMAP) { + if (uaccess) + alt->skip_orig = true; + else + alt->skip_alt = true; + } } orig_rela = find_rela_by_dest(sec, offset + entry->orig); diff --git a/tools/objtool/special.h b/tools/objtool/special.h index fad1d092f679..d5c062e718ef 100644 --- a/tools/objtool/special.h +++ b/tools/objtool/special.h @@ -26,6 +26,7 @@ struct special_alt { bool group; bool skip_orig; + bool skip_alt; bool jump_or_nop; struct section *orig_sec; -- cgit v1.2.3 From b63e37bc9ec4b47a1ffc06bdb631594161758f0f Mon Sep 17 00:00:00 2001 From: Petr Vorel Date: Mon, 8 Apr 2019 01:02:39 +0200 Subject: kconfig: Make nconf-cfg.sh executable Although it's not required for the build *conf-cfg.sh scripts to be executable (they're run by CONFIG_SHELL), let's be consistent with other scripts. Signed-off-by: Petr Vorel Signed-off-by: Masahiro Yamada --- scripts/kconfig/nconf-cfg.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 scripts/kconfig/nconf-cfg.sh (limited to 'scripts') diff --git a/scripts/kconfig/nconf-cfg.sh b/scripts/kconfig/nconf-cfg.sh old mode 100644 new mode 100755 -- cgit v1.2.3 From 83da1bed86cdfe3abb2a33c36a2a5aaf5f390ef6 Mon Sep 17 00:00:00 2001 From: "Wiebe, Wladislav (Nokia - DE/Ulm)" Date: Thu, 11 Apr 2019 09:25:08 +0000 Subject: modpost: make KBUILD_MODPOST_WARN also configurable for external modules Commit ea837f1c0503 ("kbuild: make modpost processing configurable") was intended to give KBUILD_MODPOST_WARN flexibility to be configurable. Right now KBUILD_MODPOST_WARN gets just ignored when KBUILD_EXTMOD is set which happens per default when building modules out of the tree. This change gives the opportunity to define module build behaving also in case of out of tree builds and default will become exit on error. Errors which can be detected by the build should be trapped out of the box there, unless somebody wants to notice broken stuff later at runtime. As this patch changes the default behaving from warning to error, users can consider to fix it for external module builds by: - providing module symbol table via KBUILD_EXTRA_SYMBOLS for modules which are dependent - OR getting old behaving back by passing KBUILD_MODPOST_WARN to the build Signed-off-by: Wladislav Wiebe Signed-off-by: Masahiro Yamada --- scripts/Makefile.modpost | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/Makefile.modpost b/scripts/Makefile.modpost index 6b7f354f189a..fec6ec2ffa47 100644 --- a/scripts/Makefile.modpost +++ b/scripts/Makefile.modpost @@ -78,7 +78,7 @@ modpost = scripts/mod/modpost \ $(if $(KBUILD_EXTRA_SYMBOLS), $(patsubst %, -e %,$(KBUILD_EXTRA_SYMBOLS))) \ $(if $(KBUILD_EXTMOD),-o $(modulesymfile)) \ $(if $(CONFIG_SECTION_MISMATCH_WARN_ONLY),,-E) \ - $(if $(KBUILD_EXTMOD)$(KBUILD_MODPOST_WARN),-w) + $(if $(KBUILD_MODPOST_WARN),-w) MODPOST_OPT=$(subst -i,-n,$(filter -i,$(MAKEFLAGS))) -- cgit v1.2.3 From 68e5ab1fc8bd9c17ed94ac172ffe0b9b7e85a59a Mon Sep 17 00:00:00 2001 From: Andrii Nakryiko Date: Mon, 15 Apr 2019 14:58:39 -0700 Subject: kbuild: handle old pahole more gracefully when generating BTF When CONFIG_DEBUG_INFO_BTF is enabled but available version of pahole is too old to support BTF generation, build script is supposed to emit warning and proceed with the build. Due to using exit instead of return from BASH function, existing handling code prematurely exits exit code 0, not completing some of the build steps. This patch fixes issue by correctly returning just from gen_btf() function only. Fixes: e83b9f55448a ("kbuild: add ability to generate BTF type info for vmlinux") Cc: Masahiro Yamada Cc: Arnaldo Carvalho de Melo Cc: Daniel Borkmann Cc: Alexei Starovoitov Cc: Yonghong Song Cc: Martin KaFai Lau Signed-off-by: Andrii Nakryiko Acked-by: Song Liu Signed-off-by: Daniel Borkmann --- scripts/link-vmlinux.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/link-vmlinux.sh b/scripts/link-vmlinux.sh index dd2b31ccca6a..6a148d0d51bf 100755 --- a/scripts/link-vmlinux.sh +++ b/scripts/link-vmlinux.sh @@ -99,7 +99,7 @@ gen_btf() pahole_ver=$(${PAHOLE} --version | sed -E 's/v([0-9]+)\.([0-9]+)/\1\2/') if [ "${pahole_ver}" -lt "113" ]; then info "BTF" "${1}: pahole version $(${PAHOLE} --version) is too old, need at least v1.13" - exit 0 + return 0 fi info "BTF" ${1} -- cgit v1.2.3 From b50776ae011cfd26df3cc2b4af8b2dc3b683e553 Mon Sep 17 00:00:00 2001 From: Andrew Morton Date: Wed, 13 Feb 2019 11:59:48 -0800 Subject: locking/atomics: Don't assume that scripts are executable patch(1) doesn't set the x bit on files. So if someone downloads and applies patch-4.21.xz, their kernel won't build. Fix that by executing /bin/sh. Signed-off-by: Andrew Morton Acked-by: Mark Rutland Cc: Boqun Feng Cc: Linus Torvalds Cc: Peter Zijlstra (Intel) Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Ingo Molnar --- scripts/atomic/gen-atomics.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/atomic/gen-atomics.sh b/scripts/atomic/gen-atomics.sh index 27400b0cd732..000dc6437893 100644 --- a/scripts/atomic/gen-atomics.sh +++ b/scripts/atomic/gen-atomics.sh @@ -13,7 +13,7 @@ gen-atomic-long.sh asm-generic/atomic-long.h gen-atomic-fallback.sh linux/atomic-fallback.h EOF while read script header; do - ${ATOMICDIR}/${script} ${ATOMICTBL} > ${LINUXDIR}/include/${header} + /bin/sh ${ATOMICDIR}/${script} ${ATOMICTBL} > ${LINUXDIR}/include/${header} HASH="$(sha1sum ${LINUXDIR}/include/${header})" HASH="${HASH%% *}" printf "// %s\n" "${HASH}" >> ${LINUXDIR}/include/${header} -- cgit v1.2.3 From 28bb030f93334495ddc64ade0bff18721bf7023d Mon Sep 17 00:00:00 2001 From: Guo Ren Date: Fri, 1 Mar 2019 08:50:36 +0800 Subject: csky/ftrace: Add dynamic function tracer (include graph tracer) Support dynamic ftrace including dynamic graph tracer. Gcc-csky with -pg will produce call site in every function prologue and we can use these call site to hook trace function. gcc with -pg origin call site: push lr jbsr _mcount nop32 nop32 If the (callee - caller)'s offset is in range of bsr instruction, we'll modify code with: push lr bsr _mcount nop32 nop32 Else if the (callee - caller)'s offset is out of bsr instrunction, we'll modify code with: push lr movih r26, ... ori r26, ... jsr r26 (r26 is reserved for jsr link reg in csky abiv2 spec.) Signed-off-by: Guo Ren --- arch/csky/Kconfig | 3 +- arch/csky/abiv2/mcount.S | 39 ++++++++++- arch/csky/include/asm/ftrace.h | 18 ++++- arch/csky/kernel/ftrace.c | 148 ++++++++++++++++++++++++++++++++++++++++- scripts/recordmcount.pl | 3 + 5 files changed, 205 insertions(+), 6 deletions(-) (limited to 'scripts') diff --git a/arch/csky/Kconfig b/arch/csky/Kconfig index 725a115759c9..60ebaa325584 100644 --- a/arch/csky/Kconfig +++ b/arch/csky/Kconfig @@ -29,13 +29,14 @@ config CSKY select GENERIC_SCHED_CLOCK select GENERIC_SMP_IDLE_THREAD select HAVE_ARCH_TRACEHOOK + select HAVE_DYNAMIC_FTRACE select HAVE_FUNCTION_TRACER select HAVE_FUNCTION_GRAPH_TRACER + select HAVE_FTRACE_MCOUNT_RECORD select HAVE_KERNEL_GZIP select HAVE_KERNEL_LZO select HAVE_KERNEL_LZMA select HAVE_PERF_EVENTS - select HAVE_C_RECORDMCOUNT select HAVE_DMA_API_DEBUG select HAVE_DMA_CONTIGUOUS select MAY_HAVE_SPARSE_IRQ diff --git a/arch/csky/abiv2/mcount.S b/arch/csky/abiv2/mcount.S index c633379956f5..326402e65f9e 100644 --- a/arch/csky/abiv2/mcount.S +++ b/arch/csky/abiv2/mcount.S @@ -61,10 +61,17 @@ addi sp, 16 .endm +.macro nop32_stub + nop32 + nop32 + nop32 +.endm + ENTRY(ftrace_stub) jmp lr END(ftrace_stub) +#ifndef CONFIG_DYNAMIC_FTRACE ENTRY(_mcount) mcount_enter @@ -76,7 +83,7 @@ ENTRY(_mcount) bf skip_ftrace mov a0, lr - subi a0, MCOUNT_INSN_SIZE + subi a0, 4 ldw a1, (sp, 24) jsr r26 @@ -101,13 +108,41 @@ skip_ftrace: mcount_exit #endif END(_mcount) +#else /* CONFIG_DYNAMIC_FTRACE */ +ENTRY(_mcount) + mov t1, lr + ldw lr, (sp, 0) + addi sp, 4 + jmp t1 +ENDPROC(_mcount) + +ENTRY(ftrace_caller) + mcount_enter + + ldw a0, (sp, 16) + subi a0, 4 + ldw a1, (sp, 24) + + nop +GLOBAL(ftrace_call) + nop32_stub + +#ifdef CONFIG_FUNCTION_GRAPH_TRACER + nop +GLOBAL(ftrace_graph_call) + nop32_stub +#endif + + mcount_exit +ENDPROC(ftrace_caller) +#endif /* CONFIG_DYNAMIC_FTRACE */ #ifdef CONFIG_FUNCTION_GRAPH_TRACER ENTRY(ftrace_graph_caller) mov a0, sp addi a0, 24 ldw a1, (sp, 16) - subi a1, MCOUNT_INSN_SIZE + subi a1, 4 mov a2, r8 lrw r26, prepare_ftrace_return jsr r26 diff --git a/arch/csky/include/asm/ftrace.h b/arch/csky/include/asm/ftrace.h index 7547c45312a8..ba35d93ecda2 100644 --- a/arch/csky/include/asm/ftrace.h +++ b/arch/csky/include/asm/ftrace.h @@ -4,10 +4,26 @@ #ifndef __ASM_CSKY_FTRACE_H #define __ASM_CSKY_FTRACE_H -#define MCOUNT_INSN_SIZE 4 +#define MCOUNT_INSN_SIZE 14 #define HAVE_FUNCTION_GRAPH_FP_TEST #define HAVE_FUNCTION_GRAPH_RET_ADDR_PTR +#define MCOUNT_ADDR ((unsigned long)_mcount) + +#ifndef __ASSEMBLY__ + +extern void _mcount(unsigned long); + +extern void ftrace_graph_call(void); + +static inline unsigned long ftrace_call_adjust(unsigned long addr) +{ + return addr; +} + +struct dyn_arch_ftrace { +}; +#endif /* !__ASSEMBLY__ */ #endif /* __ASM_CSKY_FTRACE_H */ diff --git a/arch/csky/kernel/ftrace.c b/arch/csky/kernel/ftrace.c index 274c431f1810..44f4880179b7 100644 --- a/arch/csky/kernel/ftrace.c +++ b/arch/csky/kernel/ftrace.c @@ -3,6 +3,137 @@ #include #include +#include + +#ifdef CONFIG_DYNAMIC_FTRACE + +#define NOP 0x4000 +#define NOP32_HI 0xc400 +#define NOP32_LO 0x4820 +#define PUSH_LR 0x14d0 +#define MOVIH_LINK 0xea3a +#define ORI_LINK 0xef5a +#define JSR_LINK 0xe8fa +#define BSR_LINK 0xe000 + +/* + * Gcc-csky with -pg will insert stub in function prologue: + * push lr + * jbsr _mcount + * nop32 + * nop32 + * + * If the (callee - current_pc) is less then 64MB, we'll use bsr: + * push lr + * bsr _mcount + * nop32 + * nop32 + * else we'll use (movih + ori + jsr): + * push lr + * movih r26, ... + * ori r26, ... + * jsr r26 + * + * (r26 is our reserved link-reg) + * + */ +static inline void make_jbsr(unsigned long callee, unsigned long pc, + uint16_t *call, bool nolr) +{ + long offset; + + call[0] = nolr ? NOP : PUSH_LR; + + offset = (long) callee - (long) pc; + + if (unlikely(offset < -67108864 || offset > 67108864)) { + call[1] = MOVIH_LINK; + call[2] = callee >> 16; + call[3] = ORI_LINK; + call[4] = callee & 0xffff; + call[5] = JSR_LINK; + call[6] = 0; + } else { + offset = offset >> 1; + + call[1] = BSR_LINK | + ((uint16_t)((unsigned long) offset >> 16) & 0x3ff); + call[2] = (uint16_t)((unsigned long) offset & 0xffff); + call[3] = call[5] = NOP32_HI; + call[4] = call[6] = NOP32_LO; + } +} + +static uint16_t nops[7] = {NOP, NOP32_HI, NOP32_LO, NOP32_HI, NOP32_LO, + NOP32_HI, NOP32_LO}; +static int ftrace_check_current_nop(unsigned long hook) +{ + uint16_t olds[7]; + unsigned long hook_pos = hook - 2; + + if (probe_kernel_read((void *)olds, (void *)hook_pos, sizeof(nops))) + return -EFAULT; + + if (memcmp((void *)nops, (void *)olds, sizeof(nops))) { + pr_err("%p: nop but get (%04x %04x %04x %04x %04x %04x %04x)\n", + (void *)hook_pos, + olds[0], olds[1], olds[2], olds[3], olds[4], olds[5], + olds[6]); + + return -EINVAL; + } + + return 0; +} + +static int ftrace_modify_code(unsigned long hook, unsigned long target, + bool enable, bool nolr) +{ + uint16_t call[7]; + + unsigned long hook_pos = hook - 2; + int ret = 0; + + make_jbsr(target, hook, call, nolr); + + ret = probe_kernel_write((void *)hook_pos, enable ? call : nops, + sizeof(nops)); + if (ret) + return -EPERM; + + flush_icache_range(hook_pos, hook_pos + MCOUNT_INSN_SIZE); + + return 0; +} + +int ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr) +{ + int ret = ftrace_check_current_nop(rec->ip); + + if (ret) + return ret; + + return ftrace_modify_code(rec->ip, addr, true, false); +} + +int ftrace_make_nop(struct module *mod, struct dyn_ftrace *rec, + unsigned long addr) +{ + return ftrace_modify_code(rec->ip, addr, false, false); +} + +int ftrace_update_ftrace_func(ftrace_func_t func) +{ + int ret = ftrace_modify_code((unsigned long)&ftrace_call, + (unsigned long)func, true, true); + return ret; +} + +int __init ftrace_dyn_arch_init(void) +{ + return 0; +} +#endif /* CONFIG_DYNAMIC_FTRACE */ #ifdef CONFIG_FUNCTION_GRAPH_TRACER void prepare_ftrace_return(unsigned long *parent, unsigned long self_addr, @@ -43,8 +174,21 @@ void prepare_ftrace_return(unsigned long *parent, unsigned long self_addr, *(unsigned long *)frame_pointer = return_hooker; } } -#endif + +#ifdef CONFIG_DYNAMIC_FTRACE +int ftrace_enable_ftrace_graph_caller(void) +{ + return ftrace_modify_code((unsigned long)&ftrace_graph_call, + (unsigned long)&ftrace_graph_caller, true, true); +} + +int ftrace_disable_ftrace_graph_caller(void) +{ + return ftrace_modify_code((unsigned long)&ftrace_graph_call, + (unsigned long)&ftrace_graph_caller, false, true); +} +#endif /* CONFIG_DYNAMIC_FTRACE */ +#endif /* CONFIG_FUNCTION_GRAPH_TRACER */ /* _mcount is defined in abi's mcount.S */ -extern void _mcount(void); EXPORT_SYMBOL(_mcount); diff --git a/scripts/recordmcount.pl b/scripts/recordmcount.pl index 68841d01162c..f71666899245 100755 --- a/scripts/recordmcount.pl +++ b/scripts/recordmcount.pl @@ -397,6 +397,9 @@ if ($arch eq "x86_64") { } elsif ($arch eq "nds32") { $mcount_regex = "^\\s*([0-9a-fA-F]+):\\s*R_NDS32_HI20_RELA\\s+_mcount\$"; $alignment = 2; +} elsif ($arch eq "csky") { + $mcount_regex = "^\\s*([0-9a-fA-F]+):\\s*R_CKCORE_PCREL_JSR_IMM26BY2\\s+_mcount\$"; + $alignment = 2; } else { die "Arch $arch is not supported with CONFIG_FTRACE_MCOUNT_RECORD"; } -- cgit v1.2.3 From 9f671e58159adea641f76c56d1f0bbdcb3c524ff Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Wed, 10 Apr 2019 08:23:44 -0700 Subject: security: Create "kernel hardening" config area Right now kernel hardening options are scattered around various Kconfig files. This can be a central place to collect these kinds of options going forward. This is initially populated with the memory initialization options from the gcc-plugins. Signed-off-by: Kees Cook Acked-by: Masahiro Yamada --- scripts/gcc-plugins/Kconfig | 75 +++--------------------------------- security/Kconfig | 2 + security/Kconfig.hardening | 93 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 101 insertions(+), 69 deletions(-) create mode 100644 security/Kconfig.hardening (limited to 'scripts') diff --git a/scripts/gcc-plugins/Kconfig b/scripts/gcc-plugins/Kconfig index 74271dba4f94..352f03878a1e 100644 --- a/scripts/gcc-plugins/Kconfig +++ b/scripts/gcc-plugins/Kconfig @@ -13,17 +13,19 @@ config HAVE_GCC_PLUGINS An arch should select this symbol if it supports building with GCC plugins. -menuconfig GCC_PLUGINS - bool "GCC plugins" +config GCC_PLUGINS + bool depends on HAVE_GCC_PLUGINS depends on PLUGIN_HOSTCC != "" + default y help GCC plugins are loadable modules that provide extra features to the compiler. They are useful for runtime instrumentation and static analysis. See Documentation/gcc-plugins.txt for details. -if GCC_PLUGINS +menu "GCC plugins" + depends on GCC_PLUGINS config GCC_PLUGIN_CYC_COMPLEXITY bool "Compute the cyclomatic complexity of a function" if EXPERT @@ -66,71 +68,6 @@ config GCC_PLUGIN_LATENT_ENTROPY * https://grsecurity.net/ * https://pax.grsecurity.net/ -config GCC_PLUGIN_STRUCTLEAK - bool "Zero initialize stack variables" - help - While the kernel is built with warnings enabled for any missed - stack variable initializations, this warning is silenced for - anything passed by reference to another function, under the - occasionally misguided assumption that the function will do - the initialization. As this regularly leads to exploitable - flaws, this plugin is available to identify and zero-initialize - such variables, depending on the chosen level of coverage. - - This plugin was originally ported from grsecurity/PaX. More - information at: - * https://grsecurity.net/ - * https://pax.grsecurity.net/ - -choice - prompt "Coverage" - depends on GCC_PLUGIN_STRUCTLEAK - default GCC_PLUGIN_STRUCTLEAK_BYREF_ALL - help - This chooses the level of coverage over classes of potentially - uninitialized variables. The selected class will be - zero-initialized before use. - - config GCC_PLUGIN_STRUCTLEAK_USER - bool "structs marked for userspace" - help - Zero-initialize any structures on the stack containing - a __user attribute. This can prevent some classes of - uninitialized stack variable exploits and information - exposures, like CVE-2013-2141: - https://git.kernel.org/linus/b9e146d8eb3b9eca - - config GCC_PLUGIN_STRUCTLEAK_BYREF - bool "structs passed by reference" - help - Zero-initialize any structures on the stack that may - be passed by reference and had not already been - explicitly initialized. This can prevent most classes - of uninitialized stack variable exploits and information - exposures, like CVE-2017-1000410: - https://git.kernel.org/linus/06e7e776ca4d3654 - - config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL - bool "anything passed by reference" - help - Zero-initialize any stack variables that may be passed - by reference and had not already been explicitly - initialized. This is intended to eliminate all classes - of uninitialized stack variable exploits and information - exposures. - -endchoice - -config GCC_PLUGIN_STRUCTLEAK_VERBOSE - bool "Report forcefully initialized variables" - depends on GCC_PLUGIN_STRUCTLEAK - depends on !COMPILE_TEST # too noisy - help - This option will cause a warning to be printed each time the - structleak plugin finds a variable it thinks needs to be - initialized. Since not all existing initializers are detected - by the plugin, this can produce false positive warnings. - config GCC_PLUGIN_RANDSTRUCT bool "Randomize layout of sensitive kernel structures" select MODVERSIONS if MODULES @@ -226,4 +163,4 @@ config GCC_PLUGIN_ARM_SSP_PER_TASK bool depends on GCC_PLUGINS && ARM -endif +endmenu diff --git a/security/Kconfig b/security/Kconfig index 1d6463fb1450..7aec8d094ce2 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -249,5 +249,7 @@ config LSM If unsure, leave this as the default. +source "security/Kconfig.hardening" + endmenu diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening new file mode 100644 index 000000000000..19881341f1c2 --- /dev/null +++ b/security/Kconfig.hardening @@ -0,0 +1,93 @@ +menu "Kernel hardening options" + +config GCC_PLUGIN_STRUCTLEAK + bool + help + While the kernel is built with warnings enabled for any missed + stack variable initializations, this warning is silenced for + anything passed by reference to another function, under the + occasionally misguided assumption that the function will do + the initialization. As this regularly leads to exploitable + flaws, this plugin is available to identify and zero-initialize + such variables, depending on the chosen level of coverage. + + This plugin was originally ported from grsecurity/PaX. More + information at: + * https://grsecurity.net/ + * https://pax.grsecurity.net/ + +menu "Memory initialization" + +choice + prompt "Initialize kernel stack variables at function entry" + default GCC_PLUGIN_STRUCTLEAK_BYREF_ALL if COMPILE_TEST && GCC_PLUGINS + default INIT_STACK_NONE + help + This option enables initialization of stack variables at + function entry time. This has the possibility to have the + greatest coverage (since all functions can have their + variables initialized), but the performance impact depends + on the function calling complexity of a given workload's + syscalls. + + This chooses the level of coverage over classes of potentially + uninitialized variables. The selected class will be + initialized before use in a function. + + config INIT_STACK_NONE + bool "no automatic initialization (weakest)" + help + Disable automatic stack variable initialization. + This leaves the kernel vulnerable to the standard + classes of uninitialized stack variable exploits + and information exposures. + + config GCC_PLUGIN_STRUCTLEAK_USER + bool "zero-init structs marked for userspace (weak)" + depends on GCC_PLUGINS + select GCC_PLUGIN_STRUCTLEAK + help + Zero-initialize any structures on the stack containing + a __user attribute. This can prevent some classes of + uninitialized stack variable exploits and information + exposures, like CVE-2013-2141: + https://git.kernel.org/linus/b9e146d8eb3b9eca + + config GCC_PLUGIN_STRUCTLEAK_BYREF + bool "zero-init structs passed by reference (strong)" + depends on GCC_PLUGINS + select GCC_PLUGIN_STRUCTLEAK + help + Zero-initialize any structures on the stack that may + be passed by reference and had not already been + explicitly initialized. This can prevent most classes + of uninitialized stack variable exploits and information + exposures, like CVE-2017-1000410: + https://git.kernel.org/linus/06e7e776ca4d3654 + + config GCC_PLUGIN_STRUCTLEAK_BYREF_ALL + bool "zero-init anything passed by reference (very strong)" + depends on GCC_PLUGINS + select GCC_PLUGIN_STRUCTLEAK + help + Zero-initialize any stack variables that may be passed + by reference and had not already been explicitly + initialized. This is intended to eliminate all classes + of uninitialized stack variable exploits and information + exposures. + +endchoice + +config GCC_PLUGIN_STRUCTLEAK_VERBOSE + bool "Report forcefully initialized variables" + depends on GCC_PLUGIN_STRUCTLEAK + depends on !COMPILE_TEST # too noisy + help + This option will cause a warning to be printed each time the + structleak plugin finds a variable it thinks needs to be + initialized. Since not all existing initializers are detected + by the plugin, this can produce false positive warnings. + +endmenu + +endmenu -- cgit v1.2.3 From b6a6a3772d20b8552e703bb2a651760a22167cf6 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Wed, 10 Apr 2019 09:04:40 -0700 Subject: security: Move stackleak config to Kconfig.hardening This moves the stackleak plugin options to Kconfig.hardening's memory initialization menu. Signed-off-by: Kees Cook Reviewed-by: Alexander Popov Acked-by: Masahiro Yamada --- scripts/gcc-plugins/Kconfig | 51 ---------------------------------------- security/Kconfig.hardening | 57 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+), 51 deletions(-) (limited to 'scripts') diff --git a/scripts/gcc-plugins/Kconfig b/scripts/gcc-plugins/Kconfig index 352f03878a1e..80220ed26a35 100644 --- a/scripts/gcc-plugins/Kconfig +++ b/scripts/gcc-plugins/Kconfig @@ -108,57 +108,6 @@ config GCC_PLUGIN_RANDSTRUCT_PERFORMANCE in structures. This reduces the performance hit of RANDSTRUCT at the cost of weakened randomization. -config GCC_PLUGIN_STACKLEAK - bool "Erase the kernel stack before returning from syscalls" - depends on GCC_PLUGINS - depends on HAVE_ARCH_STACKLEAK - help - This option makes the kernel erase the kernel stack before - returning from system calls. That reduces the information which - kernel stack leak bugs can reveal and blocks some uninitialized - stack variable attacks. - - The tradeoff is the performance impact: on a single CPU system kernel - compilation sees a 1% slowdown, other systems and workloads may vary - and you are advised to test this feature on your expected workload - before deploying it. - - This plugin was ported from grsecurity/PaX. More information at: - * https://grsecurity.net/ - * https://pax.grsecurity.net/ - -config STACKLEAK_TRACK_MIN_SIZE - int "Minimum stack frame size of functions tracked by STACKLEAK" - default 100 - range 0 4096 - depends on GCC_PLUGIN_STACKLEAK - help - The STACKLEAK gcc plugin instruments the kernel code for tracking - the lowest border of the kernel stack (and for some other purposes). - It inserts the stackleak_track_stack() call for the functions with - a stack frame size greater than or equal to this parameter. - If unsure, leave the default value 100. - -config STACKLEAK_METRICS - bool "Show STACKLEAK metrics in the /proc file system" - depends on GCC_PLUGIN_STACKLEAK - depends on PROC_FS - help - If this is set, STACKLEAK metrics for every task are available in - the /proc file system. In particular, /proc//stack_depth - shows the maximum kernel stack consumption for the current and - previous syscalls. Although this information is not precise, it - can be useful for estimating the STACKLEAK performance impact for - your workloads. - -config STACKLEAK_RUNTIME_DISABLE - bool "Allow runtime disabling of kernel stack erasing" - depends on GCC_PLUGIN_STACKLEAK - help - This option provides 'stack_erasing' sysctl, which can be used in - runtime to control kernel stack erasing for kernels built with - CONFIG_GCC_PLUGIN_STACKLEAK. - config GCC_PLUGIN_ARM_SSP_PER_TASK bool depends on GCC_PLUGINS && ARM diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening index 19881341f1c2..a96d4a43ca65 100644 --- a/security/Kconfig.hardening +++ b/security/Kconfig.hardening @@ -88,6 +88,63 @@ config GCC_PLUGIN_STRUCTLEAK_VERBOSE initialized. Since not all existing initializers are detected by the plugin, this can produce false positive warnings. +config GCC_PLUGIN_STACKLEAK + bool "Poison kernel stack before returning from syscalls" + depends on GCC_PLUGINS + depends on HAVE_ARCH_STACKLEAK + help + This option makes the kernel erase the kernel stack before + returning from system calls. This has the effect of leaving + the stack initialized to the poison value, which both reduces + the lifetime of any sensitive stack contents and reduces + potential for uninitialized stack variable exploits or information + exposures (it does not cover functions reaching the same stack + depth as prior functions during the same syscall). This blocks + most uninitialized stack variable attacks, with the performance + impact being driven by the depth of the stack usage, rather than + the function calling complexity. + + The performance impact on a single CPU system kernel compilation + sees a 1% slowdown, other systems and workloads may vary and you + are advised to test this feature on your expected workload before + deploying it. + + This plugin was ported from grsecurity/PaX. More information at: + * https://grsecurity.net/ + * https://pax.grsecurity.net/ + +config STACKLEAK_TRACK_MIN_SIZE + int "Minimum stack frame size of functions tracked by STACKLEAK" + default 100 + range 0 4096 + depends on GCC_PLUGIN_STACKLEAK + help + The STACKLEAK gcc plugin instruments the kernel code for tracking + the lowest border of the kernel stack (and for some other purposes). + It inserts the stackleak_track_stack() call for the functions with + a stack frame size greater than or equal to this parameter. + If unsure, leave the default value 100. + +config STACKLEAK_METRICS + bool "Show STACKLEAK metrics in the /proc file system" + depends on GCC_PLUGIN_STACKLEAK + depends on PROC_FS + help + If this is set, STACKLEAK metrics for every task are available in + the /proc file system. In particular, /proc//stack_depth + shows the maximum kernel stack consumption for the current and + previous syscalls. Although this information is not precise, it + can be useful for estimating the STACKLEAK performance impact for + your workloads. + +config STACKLEAK_RUNTIME_DISABLE + bool "Allow runtime disabling of kernel stack erasing" + depends on GCC_PLUGIN_STACKLEAK + help + This option provides 'stack_erasing' sysctl, which can be used in + runtime to control kernel stack erasing for kernels built with + CONFIG_GCC_PLUGIN_STACKLEAK. + endmenu endmenu -- cgit v1.2.3 From dfbd199a7cfe3e3cd8531e1353cdbd7175bfbc5e Mon Sep 17 00:00:00 2001 From: Paulo Alcantara Date: Sun, 24 Feb 2019 21:55:28 -0300 Subject: selinux: use kernel linux/socket.h for genheaders and mdp When compiling genheaders and mdp from a newer host kernel, the following error happens: In file included from scripts/selinux/genheaders/genheaders.c:18: ./security/selinux/include/classmap.h:238:2: error: #error New address family defined, please update secclass_map. #error New address family defined, please update secclass_map. ^~~~~ make[3]: *** [scripts/Makefile.host:107: scripts/selinux/genheaders/genheaders] Error 1 make[2]: *** [scripts/Makefile.build:599: scripts/selinux/genheaders] Error 2 make[1]: *** [scripts/Makefile.build:599: scripts/selinux] Error 2 make[1]: *** Waiting for unfinished jobs.... Instead of relying on the host definition, include linux/socket.h in classmap.h to have PF_MAX. Cc: stable@vger.kernel.org Signed-off-by: Paulo Alcantara Acked-by: Stephen Smalley [PM: manually merge in mdp.c, subject line tweaks] Signed-off-by: Paul Moore --- scripts/selinux/genheaders/genheaders.c | 1 - scripts/selinux/mdp/mdp.c | 1 - security/selinux/include/classmap.h | 1 + 3 files changed, 1 insertion(+), 2 deletions(-) (limited to 'scripts') diff --git a/scripts/selinux/genheaders/genheaders.c b/scripts/selinux/genheaders/genheaders.c index 1ceedea847dd..544ca126a8a8 100644 --- a/scripts/selinux/genheaders/genheaders.c +++ b/scripts/selinux/genheaders/genheaders.c @@ -9,7 +9,6 @@ #include #include #include -#include struct security_class_mapping { const char *name; diff --git a/scripts/selinux/mdp/mdp.c b/scripts/selinux/mdp/mdp.c index 073fe7537f6c..6d51b74bc679 100644 --- a/scripts/selinux/mdp/mdp.c +++ b/scripts/selinux/mdp/mdp.c @@ -32,7 +32,6 @@ #include #include #include -#include static void usage(char *name) { diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h index bd5fe0d3204a..201f7e588a29 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h @@ -1,5 +1,6 @@ /* SPDX-License-Identifier: GPL-2.0 */ #include +#include #define COMMON_FILE_SOCK_PERMS "ioctl", "read", "write", "create", \ "getattr", "setattr", "lock", "relabelfrom", "relabelto", "append", "map" -- cgit v1.2.3 From fe3e4b9c6364d3aa69eb30f44d1a44bc90f99924 Mon Sep 17 00:00:00 2001 From: Mauro Carvalho Chehab Date: Mon, 22 Apr 2019 08:42:02 -0300 Subject: scripts/documentation-file-ref-check: don't parse Next/ dir If one tries to run this script under linux-next, it would hit lots of false-positives, due to the tree merges that are stored under the Next/ directory. So, add a logic to ignore it. Signed-off-by: Mauro Carvalho Chehab Signed-off-by: Jonathan Corbet --- scripts/documentation-file-ref-check | 3 +++ 1 file changed, 3 insertions(+) (limited to 'scripts') diff --git a/scripts/documentation-file-ref-check b/scripts/documentation-file-ref-check index ad9db6821824..bd7d9ab63941 100755 --- a/scripts/documentation-file-ref-check +++ b/scripts/documentation-file-ref-check @@ -38,6 +38,9 @@ while () { my $f = $1; my $ln = $2; + # On linux-next, discard the Next/ directory + next if ($f =~ m,^Next/,); + # Makefiles and scripts contain nasty expressions to parse docs next if ($f =~ m/Makefile/ || $f =~ m/\.sh$/); -- cgit v1.2.3 From 894ee5ff83335659da5fc4a4b1f41fa246f32d1a Mon Sep 17 00:00:00 2001 From: Mauro Carvalho Chehab Date: Wed, 24 Apr 2019 13:25:33 -0300 Subject: scripts/documentation-file-ref-check: detect broken :doc:`foo` As we keep migrating documents to ReST, we're starting to see more of such tags. Right now, all such tags are pointing to a documentation file, but regressions may be introduced. So, add a check for such kind of issues as well. Signed-off-by: Mauro Carvalho Chehab Signed-off-by: Jonathan Corbet --- scripts/documentation-file-ref-check | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'scripts') diff --git a/scripts/documentation-file-ref-check b/scripts/documentation-file-ref-check index bd7d9ab63941..63e9542656f1 100755 --- a/scripts/documentation-file-ref-check +++ b/scripts/documentation-file-ref-check @@ -30,6 +30,34 @@ print "Finding broken references. This may take a while... " if ($fix); my %broken_ref; +my $doc_fix = 0; + +open IN, "git grep ':doc:\`' Documentation/|" + or die "Failed to run git grep"; +while () { + next if (!m,^([^:]+):.*\:doc\:\`([^\`]+)\`,); + + my $d = $1; + my $doc_ref = $2; + + my $f = $doc_ref; + + $d =~ s,(.*/).*,$1,; + $f =~ s,.*\<([^\>]+)\>,$1,; + + $f ="$d$f.rst"; + + next if (grep -e, glob("$f")); + + if ($fix && !$doc_fix) { + print STDERR "\nWARNING: Currently, can't fix broken :doc:`` fields\n"; + } + $doc_fix++; + + print STDERR "$f: :doc:`$doc_ref`\n"; +} +close IN; + open IN, "git grep 'Documentation/'|" or die "Failed to run git grep"; while () { @@ -103,6 +131,7 @@ while () { } } } +close IN; exit 0 if (!$fix); -- cgit v1.2.3 From e46b94d228458aefc2553ee7c34ab18c2e3288e3 Mon Sep 17 00:00:00 2001 From: Daniel Dadap Date: Sat, 27 Apr 2019 11:21:34 -0400 Subject: scripts: override locale from environment when running recordmcount.pl recordmcount.pl uses a set of regular expressions to parse the output of objdump(1). However, if objdump(1) output is localized, it may not match the regular expressions, thereby preventing recordmcount.pl from parsing object files correctly. In order to allow recordmcount.pl to function correctly regardless of the current locale settings, set LANG=C when running objdump(1). LC_ALL is already unset in the top-level Makefile, so it is not necessary to also override that environment variable. Signed-off-by: Daniel Dadap Reviewed-by: Robert Morell Signed-off-by: Masahiro Yamada --- scripts/recordmcount.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/recordmcount.pl b/scripts/recordmcount.pl index 68841d01162c..ffea46287f83 100755 --- a/scripts/recordmcount.pl +++ b/scripts/recordmcount.pl @@ -493,7 +493,7 @@ sub update_funcs # # Step 2: find the sections and mcount call sites # -open(IN, "$objdump -hdr $inputfile|") || die "error running $objdump"; +open(IN, "LANG=C $objdump -hdr $inputfile|") || die "error running $objdump"; my $text; -- cgit v1.2.3 From c69ef1c87b8c35ab9cc6b7d3b9395efd5ca6bc4d Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Mon, 29 Apr 2019 13:06:43 +0900 Subject: scripts/tags.sh: fix direct execution of scripts/tags.sh I thought this script was run via "make tags" etc. but some people run it directly. Prior to commit a9a49c2ad9b9 ("kbuild: use $(srctree) instead of KBUILD_SRC to check out-of-tree build"), in such a usecase, "tree" was set empty since KBUILD_SRC is undefined. Now, "tree" is set to "${srctree}/", which is evaluated to "/". Fix it by taking into account the case where "srctree" is unset. Link: https://lkml.org/lkml/2019/4/19/501 Fixes: a9a49c2ad9b9 ("kbuild: use $(srctree) instead of KBUILD_SRC to check out-of-tree build") Reported-by: Sergey Senozhatsky Signed-off-by: Masahiro Yamada --- scripts/tags.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/tags.sh b/scripts/tags.sh index 6a551805db52..70e14c67bde7 100755 --- a/scripts/tags.sh +++ b/scripts/tags.sh @@ -19,7 +19,7 @@ ignore="$ignore ( -name *.mod.c ) -prune -o" # Do not use full path if we do not use O=.. builds # Use make O=. {tags|cscope} # to force full paths for a non-O= build -if [ "${srctree}" = "." ]; then +if [ "${srctree}" = "." -o -z "${srctree}" ]; then tree= else tree=${srctree}/ -- cgit v1.2.3 From 581b31c36cfc58df603c415ab6f3c795611c0ca1 Mon Sep 17 00:00:00 2001 From: Andrii Nakryiko Date: Sun, 5 May 2019 17:10:33 -0700 Subject: kbuild: tolerate missing pahole when generating BTF When BTF generation is enabled through CONFIG_DEBUG_INFO_BTF, scripts/link-vmlinux.sh detects if pahole version is too old and gracefully continues build process, skipping BTF generation build step. But if pahole is not available, build will still fail. This patch adds check for whether pahole exists at all and bails out gracefully, if not. Cc: Alexei Starovoitov Reported-by: Yonghong Song Fixes: e83b9f55448a ("kbuild: add ability to generate BTF type info for vmlinux") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann --- scripts/link-vmlinux.sh | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'scripts') diff --git a/scripts/link-vmlinux.sh b/scripts/link-vmlinux.sh index 6a148d0d51bf..e3c06b9482a2 100755 --- a/scripts/link-vmlinux.sh +++ b/scripts/link-vmlinux.sh @@ -96,6 +96,11 @@ gen_btf() { local pahole_ver; + if ! [ -x "$(command -v ${PAHOLE})" ]; then + info "BTF" "${1}: pahole (${PAHOLE}) is not available" + return 0 + fi + pahole_ver=$(${PAHOLE} --version | sed -E 's/v([0-9]+)\.([0-9]+)/\1\2/') if [ "${pahole_ver}" -lt "113" ]; then info "BTF" "${1}: pahole version $(${PAHOLE} --version) is too old, need at least v1.13" -- cgit v1.2.3 From 9a91ad929f9a719c0c734abe791a27ab9444cd61 Mon Sep 17 00:00:00 2001 From: Andrey Ryabinin Date: Mon, 6 May 2019 13:45:27 +0300 Subject: ubsan: Remove vla bound checks. The kernel the kernel is built with -Wvla for some time, so is not supposed to have any variable length arrays. Remove vla bounds checking from ubsan since it's useless now. Signed-off-by: Andrey Ryabinin Signed-off-by: Linus Torvalds --- lib/ubsan.c | 18 ------------------ lib/ubsan.h | 5 ----- scripts/Makefile.ubsan | 1 - 3 files changed, 24 deletions(-) (limited to 'scripts') diff --git a/lib/ubsan.c b/lib/ubsan.c index 1e9e2ab25539..c4859c2d2f1b 100644 --- a/lib/ubsan.c +++ b/lib/ubsan.c @@ -349,24 +349,6 @@ void __ubsan_handle_type_mismatch_v1(struct type_mismatch_data_v1 *data, } EXPORT_SYMBOL(__ubsan_handle_type_mismatch_v1); -void __ubsan_handle_vla_bound_not_positive(struct vla_bound_data *data, - void *bound) -{ - unsigned long flags; - char bound_str[VALUE_LENGTH]; - - if (suppress_report(&data->location)) - return; - - ubsan_prologue(&data->location, &flags); - - val_to_string(bound_str, sizeof(bound_str), data->type, bound); - pr_err("variable length array bound value %s <= 0\n", bound_str); - - ubsan_epilogue(&flags); -} -EXPORT_SYMBOL(__ubsan_handle_vla_bound_not_positive); - void __ubsan_handle_out_of_bounds(struct out_of_bounds_data *data, void *index) { unsigned long flags; diff --git a/lib/ubsan.h b/lib/ubsan.h index f4d8d0bd4016..b8fa83864467 100644 --- a/lib/ubsan.h +++ b/lib/ubsan.h @@ -57,11 +57,6 @@ struct nonnull_arg_data { int arg_index; }; -struct vla_bound_data { - struct source_location location; - struct type_descriptor *type; -}; - struct out_of_bounds_data { struct source_location location; struct type_descriptor *array_type; diff --git a/scripts/Makefile.ubsan b/scripts/Makefile.ubsan index 38b2b4818e8e..019771b845c5 100644 --- a/scripts/Makefile.ubsan +++ b/scripts/Makefile.ubsan @@ -3,7 +3,6 @@ ifdef CONFIG_UBSAN CFLAGS_UBSAN += $(call cc-option, -fsanitize=shift) CFLAGS_UBSAN += $(call cc-option, -fsanitize=integer-divide-by-zero) CFLAGS_UBSAN += $(call cc-option, -fsanitize=unreachable) - CFLAGS_UBSAN += $(call cc-option, -fsanitize=vla-bound) CFLAGS_UBSAN += $(call cc-option, -fsanitize=signed-integer-overflow) CFLAGS_UBSAN += $(call cc-option, -fsanitize=bounds) CFLAGS_UBSAN += $(call cc-option, -fsanitize=object-size) -- cgit v1.2.3 From 898490c010b5d2e499e03b7e815fc214209ac583 Mon Sep 17 00:00:00 2001 From: Alexey Gladkov Date: Mon, 29 Apr 2019 18:11:14 +0200 Subject: moduleparam: Save information about built-in modules in separate file Problem: When a kernel module is compiled as a separate module, some important information about the kernel module is available via .modinfo section of the module. In contrast, when the kernel module is compiled into the kernel, that information is not available. Information about built-in modules is necessary in the following cases: 1. When it is necessary to find out what additional parameters can be passed to the kernel at boot time. 2. When you need to know which module names and their aliases are in the kernel. This is very useful for creating an initrd image. Proposal: The proposed patch does not remove .modinfo section with module information from the vmlinux at the build time and saves it into a separate file after kernel linking. So, the kernel does not increase in size and no additional information remains in it. Information is stored in the same format as in the separate modules (null-terminated string array). Because the .modinfo section is already exported with a separate modules, we are not creating a new API. It can be easily read in the userspace: $ tr '\0' '\n' < modules.builtin.modinfo ext4.softdep=pre: crc32c ext4.license=GPL ext4.description=Fourth Extended Filesystem ext4.author=Remy Card, Stephen Tweedie, Andrew Morton, Andreas Dilger, Theodore Ts'o and others ext4.alias=fs-ext4 ext4.alias=ext3 ext4.alias=fs-ext3 ext4.alias=ext2 ext4.alias=fs-ext2 md_mod.alias=block-major-9-* md_mod.alias=md md_mod.description=MD RAID framework md_mod.license=GPL md_mod.parmtype=create_on_open:bool md_mod.parmtype=start_dirty_degraded:int ... Co-Developed-by: Gleb Fotengauer-Malinovskiy Signed-off-by: Gleb Fotengauer-Malinovskiy Signed-off-by: Alexey Gladkov Acked-by: Jessica Yu Signed-off-by: Masahiro Yamada --- .gitignore | 1 + Documentation/dontdiff | 1 + Documentation/kbuild/kbuild.txt | 5 +++++ Makefile | 2 ++ include/asm-generic/vmlinux.lds.h | 1 + include/linux/module.h | 1 + include/linux/moduleparam.h | 12 +++++------- scripts/link-vmlinux.sh | 3 +++ 8 files changed, 19 insertions(+), 7 deletions(-) (limited to 'scripts') diff --git a/.gitignore b/.gitignore index e7bb6c6edbae..2fb1765c33b0 100644 --- a/.gitignore +++ b/.gitignore @@ -58,6 +58,7 @@ modules.builtin /vmlinuz /System.map /Module.markers +/modules.builtin.modinfo # # RPM spec file (make rpm-pkg) diff --git a/Documentation/dontdiff b/Documentation/dontdiff index ef25a066d952..512fa0239ebf 100644 --- a/Documentation/dontdiff +++ b/Documentation/dontdiff @@ -178,6 +178,7 @@ mktables mktree modpost modules.builtin +modules.builtin.modinfo modules.order modversions.h* nconf diff --git a/Documentation/kbuild/kbuild.txt b/Documentation/kbuild/kbuild.txt index 8a3830b39c7d..9c230ea71963 100644 --- a/Documentation/kbuild/kbuild.txt +++ b/Documentation/kbuild/kbuild.txt @@ -11,6 +11,11 @@ modules.builtin This file lists all modules that are built into the kernel. This is used by modprobe to not fail when trying to load something builtin. +modules.builtin.modinfo +-------------------------------------------------- +This file contains modinfo from all modules that are built into the kernel. +Unlike modinfo of a separate module, all fields are prefixed with module name. + Environment variables diff --git a/Makefile b/Makefile index 85dd977f4232..9a8b3f94633d 100644 --- a/Makefile +++ b/Makefile @@ -1308,6 +1308,7 @@ _modinst_: fi @cp -f $(objtree)/modules.order $(MODLIB)/ @cp -f $(objtree)/modules.builtin $(MODLIB)/ + @cp -f $(objtree)/modules.builtin.modinfo $(MODLIB)/ $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modinst # This depmod is only for convenience to give the initial @@ -1348,6 +1349,7 @@ endif # CONFIG_MODULES # Directories & files removed with 'make clean' CLEAN_DIRS += $(MODVERDIR) include/ksym +CLEAN_FILES += modules.builtin.modinfo # Directories & files removed with 'make mrproper' MRPROPER_DIRS += include/config usr/include include/generated \ diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h index f8f6f04c4453..bbb9e332f2fe 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -844,6 +844,7 @@ EXIT_CALL \ *(.discard) \ *(.discard.*) \ + *(.modinfo) \ } /** diff --git a/include/linux/module.h b/include/linux/module.h index 5bf5dcd91009..5f7007430d35 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -253,6 +253,7 @@ extern typeof(name) __mod_##type##__##name##_device_table \ #define MODULE_VERSION(_version) MODULE_INFO(version, _version) #else #define MODULE_VERSION(_version) \ + MODULE_INFO(version, _version); \ static struct module_version_attribute ___modver_attr = { \ .mattr = { \ .attr = { \ diff --git a/include/linux/moduleparam.h b/include/linux/moduleparam.h index ba36506db4fb..5ba250d9172a 100644 --- a/include/linux/moduleparam.h +++ b/include/linux/moduleparam.h @@ -10,23 +10,21 @@ module name. */ #ifdef MODULE #define MODULE_PARAM_PREFIX /* empty */ +#define __MODULE_INFO_PREFIX /* empty */ #else #define MODULE_PARAM_PREFIX KBUILD_MODNAME "." +/* We cannot use MODULE_PARAM_PREFIX because some modules override it. */ +#define __MODULE_INFO_PREFIX KBUILD_MODNAME "." #endif /* Chosen so that structs with an unsigned long line up. */ #define MAX_PARAM_PREFIX_LEN (64 - sizeof(unsigned long)) -#ifdef MODULE #define __MODULE_INFO(tag, name, info) \ static const char __UNIQUE_ID(name)[] \ __used __attribute__((section(".modinfo"), unused, aligned(1))) \ - = __stringify(tag) "=" info -#else /* !MODULE */ -/* This struct is here for syntactic coherency, it is not used */ -#define __MODULE_INFO(tag, name, info) \ - struct __UNIQUE_ID(name) {} -#endif + = __MODULE_INFO_PREFIX __stringify(tag) "=" info + #define __MODULE_PARM_TYPE(name, _type) \ __MODULE_INFO(parmtype, name##type, #name ":" _type) diff --git a/scripts/link-vmlinux.sh b/scripts/link-vmlinux.sh index dc0e8c5a1402..e4383e0f476e 100755 --- a/scripts/link-vmlinux.sh +++ b/scripts/link-vmlinux.sh @@ -193,6 +193,9 @@ modpost_link vmlinux.o # modpost vmlinux.o to check for section mismatches ${MAKE} -f "${srctree}/scripts/Makefile.modpost" vmlinux.o +info MODINFO modules.builtin.modinfo +${OBJCOPY} -j .modinfo -O binary vmlinux.o modules.builtin.modinfo + kallsymso="" kallsyms_vmlinux="" if [ -n "${CONFIG_KALLSYMS}" ]; then -- cgit v1.2.3 From 65be755a54117fc02134c288e41e8d3d5e586c4e Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Thu, 9 May 2019 11:46:31 +0900 Subject: kconfig: remove trailing whitespaces There are still some trailing whitespaces under scripts/kconfig/tests/, but they must be kept. Otherwise, "make testconfig" would break. Signed-off-by: Masahiro Yamada --- scripts/kconfig/gconf.c | 2 +- scripts/kconfig/lxdialog/BIG.FAT.WARNING | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'scripts') diff --git a/scripts/kconfig/gconf.c b/scripts/kconfig/gconf.c index 5d4ecf309ee4..e36b342f1065 100644 --- a/scripts/kconfig/gconf.c +++ b/scripts/kconfig/gconf.c @@ -638,7 +638,7 @@ on_set_option_mode3_activate(GtkMenuItem *menuitem, gpointer user_data) void on_introduction1_activate(GtkMenuItem * menuitem, gpointer user_data) { GtkWidget *dialog; - const gchar *intro_text = + const gchar *intro_text = "Welcome to gkc, the GTK+ graphical configuration tool\n" "For each option, a blank box indicates the feature is disabled, a\n" "check indicates it is enabled, and a dot indicates that it is to\n" diff --git a/scripts/kconfig/lxdialog/BIG.FAT.WARNING b/scripts/kconfig/lxdialog/BIG.FAT.WARNING index a8999d82bdb3..7cb5a7ec93d2 100644 --- a/scripts/kconfig/lxdialog/BIG.FAT.WARNING +++ b/scripts/kconfig/lxdialog/BIG.FAT.WARNING @@ -1,4 +1,4 @@ This is NOT the official version of dialog. This version has been significantly modified from the original. It is for use by the Linux -kernel configuration script. Please do not bother Savio Lam with +kernel configuration script. Please do not bother Savio Lam with questions about this program. -- cgit v1.2.3 From ceb7f3296ea1fa652d68e5ecb0facf5fba19a554 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Fri, 10 May 2019 15:12:04 +0900 Subject: kconfig: do not accept a directory for configuration output Currently, conf_write() can be called with a directory name instead of a file name. As far as I see, this can happen for menuconfig, nconfig, gconfig. If it is given with a directory path, conf_write() kindly appends getenv("KCONFIG_CONFIG"), but this ends up with hacky dir/basename handling, and screwed up in corner-cases like "what if KCONFIG_CONFIG is an absolute path?" as discussed before: https://patchwork.kernel.org/patch/9910037/ Since conf_write() is already messed up, I'd say "do not do it". Please pass a file path all the time. If a directory path is specified for the configuration output, conf_write() will simply error out. Now that the tmp file is created in the same directory as the .config, the previously reported "what if KCONFIG_CONFIG points to a different file system?" has been solved. Signed-off-by: Masahiro Yamada Cc: Nicolas Porcel --- scripts/kconfig/confdata.c | 58 +++++++++++++++++++--------------------------- 1 file changed, 24 insertions(+), 34 deletions(-) (limited to 'scripts') diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c index 08ba146a83c5..9fd6430c93d2 100644 --- a/scripts/kconfig/confdata.c +++ b/scripts/kconfig/confdata.c @@ -817,40 +817,31 @@ int conf_write(const char *name) FILE *out; struct symbol *sym; struct menu *menu; - const char *basename; const char *str; - char dirname[PATH_MAX+1], tmpname[PATH_MAX+22], newname[PATH_MAX+8]; + char tmpname[PATH_MAX + 1], oldname[PATH_MAX + 1]; char *env; - dirname[0] = 0; - if (name && name[0]) { - char *slash; - - if (is_dir(name)) { - strcpy(dirname, name); - strcat(dirname, "/"); - basename = conf_get_configname(); - } else if ((slash = strrchr(name, '/'))) { - int size = slash - name + 1; - memcpy(dirname, name, size); - dirname[size] = 0; - if (slash[1]) - basename = slash + 1; - else - basename = conf_get_configname(); - } else - basename = name; - } else - basename = conf_get_configname(); - - sprintf(newname, "%s%s", dirname, basename); + if (!name) + name = conf_get_configname(); + + if (!*name) { + fprintf(stderr, "config name is empty\n"); + return -1; + } + + if (is_dir(name)) { + fprintf(stderr, "%s: Is a directory\n", name); + return -1; + } + env = getenv("KCONFIG_OVERWRITECONFIG"); - if (!env || !*env) { - sprintf(tmpname, "%s.tmpconfig.%d", dirname, (int)getpid()); - out = fopen(tmpname, "w"); - } else { + if (env && *env) { *tmpname = 0; - out = fopen(newname, "w"); + out = fopen(name, "w"); + } else { + snprintf(tmpname, sizeof(tmpname), "%s.%d.tmp", + name, (int)getpid()); + out = fopen(tmpname, "w"); } if (!out) return 1; @@ -897,14 +888,13 @@ next: fclose(out); if (*tmpname) { - strcat(dirname, basename); - strcat(dirname, ".old"); - rename(newname, dirname); - if (rename(tmpname, newname)) + snprintf(oldname, sizeof(oldname), "%s.old", name); + rename(name, oldname); + if (rename(tmpname, name)) return 1; } - conf_message("configuration written to %s", newname); + conf_message("configuration written to %s", name); sym_set_change_count(0); -- cgit v1.2.3 From 67424f61f8132215514e03ce1760d30356ac56d7 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Fri, 10 May 2019 15:12:05 +0900 Subject: kconfig: do not write .config if the content is the same Kconfig updates the .config when it exits even if its content is exactly the same as before. Since its timestamp becomes newer than that of other build artifacts, additional processing is invoked, which is annoying. - syncconfig is invoked to update include/config/auto.conf, etc. - kernel/configs.o is recompiled if CONFIG_IKCONFIG is enabled, then vmlinux is relinked as well. If the .config is not changed at all, we do not have to even touch it. Just bail out showing "No change to .config". $ make allmodconfig scripts/kconfig/conf --allmodconfig Kconfig # # configuration written to .config # $ make allmodconfig scripts/kconfig/conf --allmodconfig Kconfig # # No change to .config # Reported-by: Linus Torvalds Signed-off-by: Masahiro Yamada Reviewed-by: Greg Kroah-Hartman --- scripts/kconfig/confdata.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) (limited to 'scripts') diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c index 9fd6430c93d2..399973e35533 100644 --- a/scripts/kconfig/confdata.c +++ b/scripts/kconfig/confdata.c @@ -3,6 +3,7 @@ * Copyright (C) 2002 Roman Zippel */ +#include #include #include #include @@ -36,6 +37,52 @@ static bool is_dir(const char *path) return S_ISDIR(st.st_mode); } +/* return true if the given two files are the same, false otherwise */ +static bool is_same(const char *file1, const char *file2) +{ + int fd1, fd2; + struct stat st1, st2; + void *map1, *map2; + bool ret = false; + + fd1 = open(file1, O_RDONLY); + if (fd1 < 0) + return ret; + + fd2 = open(file2, O_RDONLY); + if (fd2 < 0) + goto close1; + + ret = fstat(fd1, &st1); + if (ret) + goto close2; + ret = fstat(fd2, &st2); + if (ret) + goto close2; + + if (st1.st_size != st2.st_size) + goto close2; + + map1 = mmap(NULL, st1.st_size, PROT_READ, MAP_PRIVATE, fd1, 0); + if (map1 == MAP_FAILED) + goto close2; + + map2 = mmap(NULL, st2.st_size, PROT_READ, MAP_PRIVATE, fd2, 0); + if (map2 == MAP_FAILED) + goto close2; + + if (bcmp(map1, map2, st1.st_size)) + goto close2; + + ret = true; +close2: + close(fd2); +close1: + close(fd1); + + return ret; +} + /* * Create the parent directory of the given path. * @@ -888,6 +935,13 @@ next: fclose(out); if (*tmpname) { + if (is_same(name, tmpname)) { + conf_message("No change to %s", name); + unlink(tmpname); + sym_set_change_count(0); + return 0; + } + snprintf(oldname, sizeof(oldname), "%s.old", name); rename(name, oldname); if (rename(tmpname, name)) -- cgit v1.2.3 From 580c5b3e1b8bc49dd5452c8a65a72452c534b4b5 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Sat, 11 May 2019 01:56:01 +0900 Subject: kconfig: make parent directories for the saved .config as needed With menuconfig / nconfig, users can input any file path from the "Save" menu, but it fails if the parent directory does not exist. Why not create the parent directory automatically. I think this is a user-friendly behavior. I changed the error messages in menuconfig / nconfig. "Nonexistent directory" is no longer the most likely reason of the failure. Perhaps, the user specified the existing directory, or attempted to write to the location without write permission. Signed-off-by: Masahiro Yamada --- scripts/kconfig/confdata.c | 3 +++ scripts/kconfig/mconf.c | 2 +- scripts/kconfig/nconf.c | 3 +-- 3 files changed, 5 insertions(+), 3 deletions(-) (limited to 'scripts') diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c index 399973e35533..d7bd353a8e50 100644 --- a/scripts/kconfig/confdata.c +++ b/scripts/kconfig/confdata.c @@ -881,6 +881,9 @@ int conf_write(const char *name) return -1; } + if (make_parent_dir(name)) + return -1; + env = getenv("KCONFIG_OVERWRITECONFIG"); if (env && *env) { *tmpname = 0; diff --git a/scripts/kconfig/mconf.c b/scripts/kconfig/mconf.c index 5f8c82a4cb08..694091f3ef9d 100644 --- a/scripts/kconfig/mconf.c +++ b/scripts/kconfig/mconf.c @@ -936,7 +936,7 @@ static void conf_save(void) set_config_filename(dialog_input_result); return; } - show_textbox(NULL, "Can't create file! Probably a nonexistent directory.", 5, 60); + show_textbox(NULL, "Can't create file!", 5, 60); break; case 1: show_helptext("Save Alternate Configuration", save_config_help); diff --git a/scripts/kconfig/nconf.c b/scripts/kconfig/nconf.c index ac92c0ded6c5..cbafe3bf082e 100644 --- a/scripts/kconfig/nconf.c +++ b/scripts/kconfig/nconf.c @@ -1438,8 +1438,7 @@ static void conf_save(void) set_config_filename(dialog_input_result); return; } - btn_dialog(main_window, "Can't create file! " - "Probably a nonexistent directory.", + btn_dialog(main_window, "Can't create file!", 1, ""); break; case 1: -- cgit v1.2.3 From 259799ea5a9aa099a267f3b99e1f7078bbaf5c5e Mon Sep 17 00:00:00 2001 From: Chris Packham Date: Fri, 10 May 2019 21:00:25 +1200 Subject: gcc-plugins: arm_ssp_per_task_plugin: Fix for older GCC < 6 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Use gen_rtx_set instead of gen_rtx_SET. The former is a wrapper macro that handles the difference between GCC versions implementing the latter. This fixes the following error on my system with g++ 5.4.0 as the host compiler HOSTCXX -fPIC scripts/gcc-plugins/arm_ssp_per_task_plugin.o scripts/gcc-plugins/arm_ssp_per_task_plugin.c:42:14: error: macro "gen_rtx_SET" requires 3 arguments, but only 2 given mask)), ^ scripts/gcc-plugins/arm_ssp_per_task_plugin.c: In function ‘unsigned int arm_pertask_ssp_rtl_execute()’: scripts/gcc-plugins/arm_ssp_per_task_plugin.c:39:20: error: ‘gen_rtx_SET’ was not declared in this scope emit_insn_before(gen_rtx_SET Signed-off-by: Chris Packham Fixes: 189af4657186 ("ARM: smp: add support for per-task stack canaries") Cc: stable@vger.kernel.org Tested-by: Douglas Anderson Signed-off-by: Kees Cook --- scripts/gcc-plugins/arm_ssp_per_task_plugin.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/gcc-plugins/arm_ssp_per_task_plugin.c b/scripts/gcc-plugins/arm_ssp_per_task_plugin.c index 89c47f57d1ce..8c1af9bdcb1b 100644 --- a/scripts/gcc-plugins/arm_ssp_per_task_plugin.c +++ b/scripts/gcc-plugins/arm_ssp_per_task_plugin.c @@ -36,7 +36,7 @@ static unsigned int arm_pertask_ssp_rtl_execute(void) mask = GEN_INT(sext_hwi(sp_mask, GET_MODE_PRECISION(Pmode))); masked_sp = gen_reg_rtx(Pmode); - emit_insn_before(gen_rtx_SET(masked_sp, + emit_insn_before(gen_rtx_set(masked_sp, gen_rtx_AND(Pmode, stack_pointer_rtx, mask)), -- cgit v1.2.3 From 748c7c821aca5e32fab5676193365fc2705af366 Mon Sep 17 00:00:00 2001 From: Quentin Monnet Date: Fri, 10 May 2019 15:51:22 +0100 Subject: bpf: fix script for generating man page on BPF helpers The script broke on parsing function prototype for bpf_strtoul(). This is because the last argument for the function is a pointer to an "unsigned long". The current version of the script only accepts "const" and "struct", but not "unsigned", at the beginning of argument types made of several words. One solution could be to add "unsigned" to the list, but the issue could come up again in the future (what about "long int"?). It turns out we do not need to have such restrictions on the words: so let's simply accept any series of words instead. Reported-by: Yonghong Song Signed-off-by: Quentin Monnet Acked-by: Jakub Kicinski Signed-off-by: Daniel Borkmann --- scripts/bpf_helpers_doc.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'scripts') diff --git a/scripts/bpf_helpers_doc.py b/scripts/bpf_helpers_doc.py index 5010a4d5bfba..894cc58c1a03 100755 --- a/scripts/bpf_helpers_doc.py +++ b/scripts/bpf_helpers_doc.py @@ -1,7 +1,7 @@ #!/usr/bin/python3 # SPDX-License-Identifier: GPL-2.0-only # -# Copyright (C) 2018 Netronome Systems, Inc. +# Copyright (C) 2018-2019 Netronome Systems, Inc. # In case user attempts to run with Python 2. from __future__ import print_function @@ -39,7 +39,7 @@ class Helper(object): Break down helper function protocol into smaller chunks: return type, name, distincts arguments. """ - arg_re = re.compile('((const )?(struct )?(\w+|...))( (\**)(\w+))?$') + arg_re = re.compile('((\w+ )*?(\w+|...))( (\**)(\w+))?$') res = {} proto_re = re.compile('(.+) (\**)(\w+)\(((([^,]+)(, )?){1,5})\)$') @@ -54,8 +54,8 @@ class Helper(object): capture = arg_re.match(a) res['args'].append({ 'type' : capture.group(1), - 'star' : capture.group(6), - 'name' : capture.group(7) + 'star' : capture.group(5), + 'name' : capture.group(6) }) return res -- cgit v1.2.3 From 4cb726121e2cce18d4db5e79347f3ade5fd661a2 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Sat, 11 May 2019 01:56:48 +0900 Subject: kconfig: remove useless NULL pointer check in conf_write_dep() conf_write_dep() has just one caller: conf_write_dep("include/config/auto.conf.cmd"); "name" always points to a valid string. Signed-off-by: Masahiro Yamada --- scripts/kconfig/confdata.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'scripts') diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c index d7bd353a8e50..b7bdd9690319 100644 --- a/scripts/kconfig/confdata.c +++ b/scripts/kconfig/confdata.c @@ -964,8 +964,6 @@ static int conf_write_dep(const char *name) struct file *file; FILE *out; - if (!name) - name = ".kconfig.d"; out = fopen("..config.tmp", "w"); if (!out) return 1; -- cgit v1.2.3 From b9d1a8e9302e68ee03571a286aadeb8041e0b2ca Mon Sep 17 00:00:00 2001 From: Jacob Garber Date: Fri, 10 May 2019 13:28:52 -0600 Subject: kconfig: use snprintf for formatting pathnames Valid pathnames will never exceed PATH_MAX, but these file names are unsanitized and can cause buffer overflow if set incorrectly. Use snprintf to avoid this. This was flagged during a Coverity scan of the coreboot project, which also uses kconfig for its build system. Signed-off-by: Jacob Garber Signed-off-by: Masahiro Yamada --- scripts/kconfig/confdata.c | 2 +- scripts/kconfig/lexer.l | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'scripts') diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c index b7bdd9690319..8bb74d468f45 100644 --- a/scripts/kconfig/confdata.c +++ b/scripts/kconfig/confdata.c @@ -241,7 +241,7 @@ char *conf_get_default_confname(void) name = expand_string(conf_defname); env = getenv(SRCTREE); if (env) { - sprintf(fullname, "%s/%s", env, name); + snprintf(fullname, sizeof(fullname), "%s/%s", env, name); if (is_present(fullname)) return fullname; } diff --git a/scripts/kconfig/lexer.l b/scripts/kconfig/lexer.l index c9df1c8b9824..6354c905b006 100644 --- a/scripts/kconfig/lexer.l +++ b/scripts/kconfig/lexer.l @@ -378,7 +378,8 @@ FILE *zconf_fopen(const char *name) if (!f && name != NULL && name[0] != '/') { env = getenv(SRCTREE); if (env) { - sprintf(fullname, "%s/%s", env, name); + snprintf(fullname, sizeof(fullname), + "%s/%s", env, name); f = fopen(fullname, "r"); } } -- cgit v1.2.3 From 9b9f5948afcdf583cb1b58e0c4cc327aa1820f5a Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Mon, 13 May 2019 01:00:53 +0900 Subject: kconfig: make conf_get_autoconfig_name() static This is only used in confdata.c Signed-off-by: Masahiro Yamada --- scripts/kconfig/confdata.c | 2 +- scripts/kconfig/lkc.h | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) (limited to 'scripts') diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c index 8bb74d468f45..492ac3410147 100644 --- a/scripts/kconfig/confdata.c +++ b/scripts/kconfig/confdata.c @@ -226,7 +226,7 @@ const char *conf_get_configname(void) return name ? name : ".config"; } -const char *conf_get_autoconfig_name(void) +static const char *conf_get_autoconfig_name(void) { char *name = getenv("KCONFIG_AUTOCONFIG"); diff --git a/scripts/kconfig/lkc.h b/scripts/kconfig/lkc.h index d871539e4b45..cbc7658ee27d 100644 --- a/scripts/kconfig/lkc.h +++ b/scripts/kconfig/lkc.h @@ -49,7 +49,6 @@ const char *zconf_curname(void); /* confdata.c */ const char *conf_get_configname(void); -const char *conf_get_autoconfig_name(void); char *conf_get_default_confname(void); void sym_set_change_count(int count); void sym_add_change_count(int count); -- cgit v1.2.3 From dfe4529ee4d39d89f4725fa2599aa9bfa27e5847 Mon Sep 17 00:00:00 2001 From: Stephen Boyd Date: Tue, 14 May 2019 15:45:49 -0700 Subject: scripts/gdb: find vmlinux where it was before Patch series "gdb script for kconfig and timer list". This is a handful of changes to the kernel's gdb scripts to do some more debugging with kgdb. The first patch allows the vmlinux to be reloaded from where it was specified on the command line so that this set of scripts can be used from anywhere. The second patch adds a script to dump the config.gz to a file on the host debugging machine. The third patch adds some rb tree utilities and the last patch uses those rb tree walking utilities to dump out the contents of /proc/timer_list from a system under debug. This patch (of 5): If I run 'gdb ' and there's the vmlinux-gdb.py file there I can properly see symbols and use the lx commands provided by the GDB scripts. But once I run 'lx-symbols' at the command prompt, gdb reloads the vmlinux symbols assuming that this script was run from the directory that has vmlinux at the root. That isn't always true, but we could just look and see what symbols were already loaded and use that instead. Let's do that so this can work by being invoked anywhere. Link: http://lkml.kernel.org/r/20190325184522.260535-2-swboyd@chromium.org Signed-off-by: Stephen Boyd Cc: Douglas Anderson Cc: Nikolay Borisov Cc: Kieran Bingham Cc: Jan Kiszka Cc: Jackie Liu Cc: Jason Wessel Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- scripts/gdb/linux/symbols.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/gdb/linux/symbols.py b/scripts/gdb/linux/symbols.py index 004b0ac7fa72..2f5b95f09fa0 100644 --- a/scripts/gdb/linux/symbols.py +++ b/scripts/gdb/linux/symbols.py @@ -139,8 +139,12 @@ lx-symbols command.""" saved_states.append({'breakpoint': bp, 'enabled': bp.enabled}) # drop all current symbols and reload vmlinux + orig_vmlinux = 'vmlinux' + for obj in gdb.objfiles(): + if obj.filename.endswith('vmlinux'): + orig_vmlinux = obj.filename gdb.execute("symbol-file", to_string=True) - gdb.execute("symbol-file vmlinux") + gdb.execute("symbol-file {0}".format(orig_vmlinux)) self.loaded_modules = [] module_list = modules.module_list() -- cgit v1.2.3 From 90cf83dbd2f08dd0513cd9f19155878c55acb445 Mon Sep 17 00:00:00 2001 From: Stephen Boyd Date: Tue, 14 May 2019 15:45:53 -0700 Subject: scripts/gdb: add kernel config dumping command lx-configdump dumps the contents of the gzipped .config to a text file when the config is included in the kernel with CONFIG_IKCONFIG. By default, the file written is called config.txt, but it can be any user supplied filename as well. If the kernel config is in a module (configs.ko), then it can be loaded along with symbols for the module loaded with 'lx-symbols' and then this command will still work. Obviously if you have the whole vmlinux then this can also be achieved with scripts/extract-ikconfig, but this gdb script can be useful to confirm that the memory contents of the config in memory and the vmlinux contents on disk match what is expected. [swboyd@chromium.org: v2] Link: http://lkml.kernel.org/r/20190329220844.38234-3-swboyd@chromium.org Link: http://lkml.kernel.org/r/20190325184522.260535-3-swboyd@chromium.org Signed-off-by: Stephen Boyd Cc: Douglas Anderson Cc: Nikolay Borisov Cc: Kieran Bingham Cc: Jan Kiszka Cc: Jackie Liu Cc: Jason Wessel Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- scripts/gdb/linux/config.py | 44 ++++++++++++++++++++++++++++++++++++++++++++ scripts/gdb/vmlinux-gdb.py | 1 + 2 files changed, 45 insertions(+) create mode 100644 scripts/gdb/linux/config.py (limited to 'scripts') diff --git a/scripts/gdb/linux/config.py b/scripts/gdb/linux/config.py new file mode 100644 index 000000000000..90e1565b1967 --- /dev/null +++ b/scripts/gdb/linux/config.py @@ -0,0 +1,44 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# Copyright 2019 Google LLC. + +import gdb +import zlib + +from linux import utils + + +class LxConfigDump(gdb.Command): + """Output kernel config to the filename specified as the command + argument. Equivalent to 'zcat /proc/config.gz > config.txt' on + a running target""" + + def __init__(self): + super(LxConfigDump, self).__init__("lx-configdump", gdb.COMMAND_DATA, + gdb.COMPLETE_FILENAME) + + def invoke(self, arg, from_tty): + if len(arg) == 0: + filename = "config.txt" + else: + filename = arg + + try: + py_config_ptr = gdb.parse_and_eval("kernel_config_data + 8") + py_config_size = gdb.parse_and_eval( + "sizeof(kernel_config_data) - 1 - 8 * 2") + except gdb.error as e: + raise gdb.GdbError("Can't find config, enable CONFIG_IKCONFIG?") + + inf = gdb.inferiors()[0] + zconfig_buf = utils.read_memoryview(inf, py_config_ptr, + py_config_size).tobytes() + + config_buf = zlib.decompress(zconfig_buf, 16) + with open(filename, 'wb') as f: + f.write(config_buf) + + gdb.write("Dumped config to " + filename + "\n") + + +LxConfigDump() diff --git a/scripts/gdb/vmlinux-gdb.py b/scripts/gdb/vmlinux-gdb.py index 6e0b0afd888a..be0efb5dda5b 100644 --- a/scripts/gdb/vmlinux-gdb.py +++ b/scripts/gdb/vmlinux-gdb.py @@ -27,6 +27,7 @@ else: import linux.modules import linux.dmesg import linux.tasks + import linux.config import linux.cpus import linux.lists import linux.proc -- cgit v1.2.3 From 449ca0c95ea261f27b7efd4ca3970a5b4e0fd30d Mon Sep 17 00:00:00 2001 From: Stephen Boyd Date: Tue, 14 May 2019 15:45:56 -0700 Subject: scripts/gdb: add rb tree iterating utilities Implement gdb functions for rb_first(), rb_last(), rb_next(), and rb_prev(). These can be useful to iterate through the kernel's red-black trees. [swboyd@chromium.org: v2] Link: http://lkml.kernel.org/r/20190329220844.38234-4-swboyd@chromium.org Link: http://lkml.kernel.org/r/20190325184522.260535-4-swboyd@chromium.org Signed-off-by: Stephen Boyd Cc: Douglas Anderson Cc: Nikolay Borisov Cc: Kieran Bingham Cc: Jan Kiszka Cc: Jackie Liu Cc: Jason Wessel Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- scripts/gdb/linux/rbtree.py | 177 ++++++++++++++++++++++++++++++++++++++++++++ scripts/gdb/vmlinux-gdb.py | 1 + 2 files changed, 178 insertions(+) create mode 100644 scripts/gdb/linux/rbtree.py (limited to 'scripts') diff --git a/scripts/gdb/linux/rbtree.py b/scripts/gdb/linux/rbtree.py new file mode 100644 index 000000000000..39db889b874c --- /dev/null +++ b/scripts/gdb/linux/rbtree.py @@ -0,0 +1,177 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# Copyright 2019 Google LLC. + +import gdb + +from linux import utils + +rb_root_type = utils.CachedType("struct rb_root") +rb_node_type = utils.CachedType("struct rb_node") + + +def rb_first(root): + if root.type == rb_root_type.get_type(): + node = node.address.cast(rb_root_type.get_type().pointer()) + elif root.type != rb_root_type.get_type().pointer(): + raise gdb.GdbError("Must be struct rb_root not {}".format(root.type)) + + node = root['rb_node'] + if node is 0: + return None + + while node['rb_left']: + node = node['rb_left'] + + return node + + +def rb_last(root): + if root.type == rb_root_type.get_type(): + node = node.address.cast(rb_root_type.get_type().pointer()) + elif root.type != rb_root_type.get_type().pointer(): + raise gdb.GdbError("Must be struct rb_root not {}".format(root.type)) + + node = root['rb_node'] + if node is 0: + return None + + while node['rb_right']: + node = node['rb_right'] + + return node + + +def rb_parent(node): + parent = gdb.Value(node['__rb_parent_color'] & ~3) + return parent.cast(rb_node_type.get_type().pointer()) + + +def rb_empty_node(node): + return node['__rb_parent_color'] == node.address + + +def rb_next(node): + if node.type == rb_node_type.get_type(): + node = node.address.cast(rb_node_type.get_type().pointer()) + elif node.type != rb_node_type.get_type().pointer(): + raise gdb.GdbError("Must be struct rb_node not {}".format(node.type)) + + if rb_empty_node(node): + return None + + if node['rb_right']: + node = node['rb_right'] + while node['rb_left']: + node = node['rb_left'] + return node + + parent = rb_parent(node) + while parent and node == parent['rb_right']: + node = parent + parent = rb_parent(node) + + return parent + + +def rb_prev(node): + if node.type == rb_node_type.get_type(): + node = node.address.cast(rb_node_type.get_type().pointer()) + elif node.type != rb_node_type.get_type().pointer(): + raise gdb.GdbError("Must be struct rb_node not {}".format(node.type)) + + if rb_empty_node(node): + return None + + if node['rb_left']: + node = node['rb_left'] + while node['rb_right']: + node = node['rb_right'] + return node.dereference() + + parent = rb_parent(node) + while parent and node == parent['rb_left'].dereference(): + node = parent + parent = rb_parent(node) + + return parent + + +class LxRbFirst(gdb.Function): + """Lookup and return a node from an RBTree + +$lx_rb_first(root): Return the node at the given index. +If index is omitted, the root node is dereferenced and returned.""" + + def __init__(self): + super(LxRbFirst, self).__init__("lx_rb_first") + + def invoke(self, root): + result = rb_first(root) + if result is None: + raise gdb.GdbError("No entry in tree") + + return result + + +LxRbFirst() + + +class LxRbLast(gdb.Function): + """Lookup and return a node from an RBTree. + +$lx_rb_last(root): Return the node at the given index. +If index is omitted, the root node is dereferenced and returned.""" + + def __init__(self): + super(LxRbLast, self).__init__("lx_rb_last") + + def invoke(self, root): + result = rb_last(root) + if result is None: + raise gdb.GdbError("No entry in tree") + + return result + + +LxRbLast() + + +class LxRbNext(gdb.Function): + """Lookup and return a node from an RBTree. + +$lx_rb_next(node): Return the node at the given index. +If index is omitted, the root node is dereferenced and returned.""" + + def __init__(self): + super(LxRbNext, self).__init__("lx_rb_next") + + def invoke(self, node): + result = rb_next(node) + if result is None: + raise gdb.GdbError("No entry in tree") + + return result + + +LxRbNext() + + +class LxRbPrev(gdb.Function): + """Lookup and return a node from an RBTree. + +$lx_rb_prev(node): Return the node at the given index. +If index is omitted, the root node is dereferenced and returned.""" + + def __init__(self): + super(LxRbPrev, self).__init__("lx_rb_prev") + + def invoke(self, node): + result = rb_prev(node) + if result is None: + raise gdb.GdbError("No entry in tree") + + return result + + +LxRbPrev() diff --git a/scripts/gdb/vmlinux-gdb.py b/scripts/gdb/vmlinux-gdb.py index be0efb5dda5b..89e4aa4f8966 100644 --- a/scripts/gdb/vmlinux-gdb.py +++ b/scripts/gdb/vmlinux-gdb.py @@ -30,5 +30,6 @@ else: import linux.config import linux.cpus import linux.lists + import linux.rbtree import linux.proc import linux.constants -- cgit v1.2.3 From 442284a89a65965b044df00345c193fcc3c53ad2 Mon Sep 17 00:00:00 2001 From: Stephen Boyd Date: Tue, 14 May 2019 15:45:59 -0700 Subject: scripts/gdb: add a timer list command Implement a command to print the timer list, much like how /proc/timer_list is implemented. This can be used to look at the pending timers on a crashed system. [swboyd@chromium.org: v2] Link: http://lkml.kernel.org/r/20190329220844.38234-5-swboyd@chromium.org Link: http://lkml.kernel.org/r/20190325184522.260535-5-swboyd@chromium.org Signed-off-by: Stephen Boyd Cc: Douglas Anderson Cc: Nikolay Borisov Cc: Kieran Bingham Cc: Jan Kiszka Cc: Jackie Liu Cc: Jason Wessel Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- scripts/gdb/linux/constants.py.in | 13 +++ scripts/gdb/linux/timerlist.py | 219 ++++++++++++++++++++++++++++++++++++++ scripts/gdb/vmlinux-gdb.py | 1 + 3 files changed, 233 insertions(+) create mode 100644 scripts/gdb/linux/timerlist.py (limited to 'scripts') diff --git a/scripts/gdb/linux/constants.py.in b/scripts/gdb/linux/constants.py.in index d3319a80788a..76f46f427b96 100644 --- a/scripts/gdb/linux/constants.py.in +++ b/scripts/gdb/linux/constants.py.in @@ -13,8 +13,10 @@ */ #include +#include #include #include +#include /* We need to stringify expanded macros so that they can be parsed */ @@ -44,6 +46,9 @@ LX_VALUE(SB_DIRSYNC) LX_VALUE(SB_NOATIME) LX_VALUE(SB_NODIRATIME) +/* linux/htimer.h */ +LX_GDBPARSED(hrtimer_resolution) + /* linux/mount.h */ LX_VALUE(MNT_NOSUID) LX_VALUE(MNT_NODEV) @@ -52,8 +57,16 @@ LX_VALUE(MNT_NOATIME) LX_VALUE(MNT_NODIRATIME) LX_VALUE(MNT_RELATIME) +/* linux/threads.h */ +LX_VALUE(NR_CPUS) + /* linux/of_fdt.h> */ LX_VALUE(OF_DT_HEADER) /* Kernel Configs */ +LX_CONFIG(CONFIG_GENERIC_CLOCKEVENTS) +LX_CONFIG(CONFIG_GENERIC_CLOCKEVENTS_BROADCAST) +LX_CONFIG(CONFIG_HIGH_RES_TIMERS) +LX_CONFIG(CONFIG_NR_CPUS) LX_CONFIG(CONFIG_OF) +LX_CONFIG(CONFIG_TICK_ONESHOT) diff --git a/scripts/gdb/linux/timerlist.py b/scripts/gdb/linux/timerlist.py new file mode 100644 index 000000000000..071d0dd5a634 --- /dev/null +++ b/scripts/gdb/linux/timerlist.py @@ -0,0 +1,219 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# Copyright 2019 Google LLC. + +import binascii +import gdb + +from linux import constants +from linux import cpus +from linux import rbtree +from linux import utils + +timerqueue_node_type = utils.CachedType("struct timerqueue_node").get_type() +hrtimer_type = utils.CachedType("struct hrtimer").get_type() + + +def ktime_get(): + """Returns the current time, but not very accurately + + We can't read the hardware timer itself to add any nanoseconds + that need to be added since we last stored the time in the + timekeeper. But this is probably good enough for debug purposes.""" + tk_core = gdb.parse_and_eval("&tk_core") + + return tk_core['timekeeper']['tkr_mono']['base'] + + +def print_timer(rb_node, idx): + timerqueue = utils.container_of(rb_node, timerqueue_node_type.pointer(), + "node") + timer = utils.container_of(timerqueue, hrtimer_type.pointer(), "node") + + function = str(timer['function']).split(" ")[1].strip("<>") + softexpires = timer['_softexpires'] + expires = timer['node']['expires'] + now = ktime_get() + + text = " #{}: <{}>, {}, ".format(idx, timer, function) + text += "S:{:02x}\n".format(int(timer['state'])) + text += " # expires at {}-{} nsecs [in {} to {} nsecs]\n".format( + softexpires, expires, softexpires - now, expires - now) + return text + + +def print_active_timers(base): + curr = base['active']['next']['node'] + curr = curr.address.cast(rbtree.rb_node_type.get_type().pointer()) + idx = 0 + while curr: + yield print_timer(curr, idx) + curr = rbtree.rb_next(curr) + idx += 1 + + +def print_base(base): + text = " .base: {}\n".format(base.address) + text += " .index: {}\n".format(base['index']) + + text += " .resolution: {} nsecs\n".format(constants.LX_hrtimer_resolution) + + text += " .get_time: {}\n".format(base['get_time']) + if constants.LX_CONFIG_HIGH_RES_TIMERS: + text += " .offset: {} nsecs\n".format(base['offset']) + text += "active timers:\n" + text += "".join([x for x in print_active_timers(base)]) + return text + + +def print_cpu(hrtimer_bases, cpu, max_clock_bases): + cpu_base = cpus.per_cpu(hrtimer_bases, cpu) + jiffies = gdb.parse_and_eval("jiffies_64") + tick_sched_ptr = gdb.parse_and_eval("&tick_cpu_sched") + ts = cpus.per_cpu(tick_sched_ptr, cpu) + + text = "cpu: {}\n".format(cpu) + for i in xrange(max_clock_bases): + text += " clock {}:\n".format(i) + text += print_base(cpu_base['clock_base'][i]) + + if constants.LX_CONFIG_HIGH_RES_TIMERS: + fmts = [(" .{} : {} nsecs", 'expires_next'), + (" .{} : {}", 'hres_active'), + (" .{} : {}", 'nr_events'), + (" .{} : {}", 'nr_retries'), + (" .{} : {}", 'nr_hangs'), + (" .{} : {}", 'max_hang_time')] + text += "\n".join([s.format(f, cpu_base[f]) for s, f in fmts]) + text += "\n" + + if constants.LX_CONFIG_TICK_ONESHOT: + fmts = [(" .{} : {}", 'nohz_mode'), + (" .{} : {} nsecs", 'last_tick'), + (" .{} : {}", 'tick_stopped'), + (" .{} : {}", 'idle_jiffies'), + (" .{} : {}", 'idle_calls'), + (" .{} : {}", 'idle_sleeps'), + (" .{} : {} nsecs", 'idle_entrytime'), + (" .{} : {} nsecs", 'idle_waketime'), + (" .{} : {} nsecs", 'idle_exittime'), + (" .{} : {} nsecs", 'idle_sleeptime'), + (" .{}: {} nsecs", 'iowait_sleeptime'), + (" .{} : {}", 'last_jiffies'), + (" .{} : {}", 'next_timer'), + (" .{} : {} nsecs", 'idle_expires')] + text += "\n".join([s.format(f, ts[f]) for s, f in fmts]) + text += "\njiffies: {}\n".format(jiffies) + + text += "\n" + + return text + + +def print_tickdevice(td, cpu): + dev = td['evtdev'] + text = "Tick Device: mode: {}\n".format(td['mode']) + if cpu < 0: + text += "Broadcast device\n" + else: + text += "Per CPU device: {}\n".format(cpu) + + text += "Clock Event Device: " + if dev == 0: + text += "\n" + return text + + text += "{}\n".format(dev['name']) + text += " max_delta_ns: {}\n".format(dev['max_delta_ns']) + text += " min_delta_ns: {}\n".format(dev['min_delta_ns']) + text += " mult: {}\n".format(dev['mult']) + text += " shift: {}\n".format(dev['shift']) + text += " mode: {}\n".format(dev['state_use_accessors']) + text += " next_event: {} nsecs\n".format(dev['next_event']) + + text += " set_next_event: {}\n".format(dev['set_next_event']) + + members = [('set_state_shutdown', " shutdown: {}\n"), + ('set_state_periodic', " periodic: {}\n"), + ('set_state_oneshot', " oneshot: {}\n"), + ('set_state_oneshot_stopped', " oneshot stopped: {}\n"), + ('tick_resume', " resume: {}\n")] + for member, fmt in members: + if dev[member]: + text += fmt.format(dev[member]) + + text += " event_handler: {}\n".format(dev['event_handler']) + text += " retries: {}\n".format(dev['retries']) + + return text + + +def pr_cpumask(mask): + nr_cpu_ids = 1 + if constants.LX_NR_CPUS > 1: + nr_cpu_ids = gdb.parse_and_eval("nr_cpu_ids") + + inf = gdb.inferiors()[0] + bits = mask['bits'] + num_bytes = (nr_cpu_ids + 7) / 8 + buf = utils.read_memoryview(inf, bits, num_bytes).tobytes() + buf = binascii.b2a_hex(buf) + + chunks = [] + i = num_bytes + while i > 0: + i -= 1 + start = i * 2 + end = start + 2 + chunks.append(buf[start:end]) + if i != 0 and i % 4 == 0: + chunks.append(',') + + extra = nr_cpu_ids % 8 + if 0 < extra <= 4: + chunks[0] = chunks[0][0] # Cut off the first 0 + + return "".join(chunks) + + +class LxTimerList(gdb.Command): + """Print /proc/timer_list""" + + def __init__(self): + super(LxTimerList, self).__init__("lx-timerlist", gdb.COMMAND_DATA) + + def invoke(self, arg, from_tty): + hrtimer_bases = gdb.parse_and_eval("&hrtimer_bases") + max_clock_bases = gdb.parse_and_eval("HRTIMER_MAX_CLOCK_BASES") + + text = "Timer List Version: gdb scripts\n" + text += "HRTIMER_MAX_CLOCK_BASES: {}\n".format(max_clock_bases) + text += "now at {} nsecs\n".format(ktime_get()) + + for cpu in cpus.each_online_cpu(): + text += print_cpu(hrtimer_bases, cpu, max_clock_bases) + + if constants.LX_CONFIG_GENERIC_CLOCKEVENTS: + if constants.LX_CONFIG_GENERIC_CLOCKEVENTS_BROADCAST: + bc_dev = gdb.parse_and_eval("&tick_broadcast_device") + text += print_tickdevice(bc_dev, -1) + text += "\n" + mask = gdb.parse_and_eval("tick_broadcast_mask") + mask = pr_cpumask(mask) + text += "tick_broadcast_mask: {}\n".format(mask) + if constants.LX_CONFIG_TICK_ONESHOT: + mask = gdb.parse_and_eval("tick_broadcast_oneshot_mask") + mask = pr_cpumask(mask) + text += "tick_broadcast_oneshot_mask: {}\n".format(mask) + text += "\n" + + tick_cpu_devices = gdb.parse_and_eval("&tick_cpu_device") + for cpu in cpus.each_online_cpu(): + tick_dev = cpus.per_cpu(tick_cpu_devices, cpu) + text += print_tickdevice(tick_dev, cpu) + text += "\n" + + gdb.write(text) + + +LxTimerList() diff --git a/scripts/gdb/vmlinux-gdb.py b/scripts/gdb/vmlinux-gdb.py index 89e4aa4f8966..033578cc4cd7 100644 --- a/scripts/gdb/vmlinux-gdb.py +++ b/scripts/gdb/vmlinux-gdb.py @@ -33,3 +33,4 @@ else: import linux.rbtree import linux.proc import linux.constants + import linux.timerlist -- cgit v1.2.3 From 494dbe02b6df0bd98f7353c21e0b9849a25d2dce Mon Sep 17 00:00:00 2001 From: Stephen Boyd Date: Tue, 14 May 2019 15:46:02 -0700 Subject: scripts/gdb: silence pep8 checks These scripts have some pep8 style warnings. Fix them up so that this directory is all pep8 clean. Link: http://lkml.kernel.org/r/20190329220844.38234-6-swboyd@chromium.org Signed-off-by: Stephen Boyd Cc: Douglas Anderson Cc: Nikolay Borisov Cc: Kieran Bingham Cc: Jan Kiszka Cc: Jackie Liu Cc: Jason Wessel Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- scripts/gdb/linux/cpus.py | 1 + scripts/gdb/linux/lists.py | 1 + scripts/gdb/linux/proc.py | 10 ++++++++-- scripts/gdb/linux/tasks.py | 2 ++ scripts/gdb/linux/utils.py | 7 ++++--- 5 files changed, 16 insertions(+), 5 deletions(-) (limited to 'scripts') diff --git a/scripts/gdb/linux/cpus.py b/scripts/gdb/linux/cpus.py index ca11e8df31b6..008e62f3190d 100644 --- a/scripts/gdb/linux/cpus.py +++ b/scripts/gdb/linux/cpus.py @@ -135,6 +135,7 @@ and can help identify the state of hotplugged CPUs""" gdb.write("Online CPUs : {}\n".format(list(each_online_cpu()))) gdb.write("Active CPUs : {}\n".format(list(each_active_cpu()))) + LxCpus() diff --git a/scripts/gdb/linux/lists.py b/scripts/gdb/linux/lists.py index 2f335fbd86fd..1987d756b36b 100644 --- a/scripts/gdb/linux/lists.py +++ b/scripts/gdb/linux/lists.py @@ -110,4 +110,5 @@ class LxListChk(gdb.Command): raise gdb.GdbError("lx-list-check takes one argument") list_check(gdb.parse_and_eval(argv[0])) + LxListChk() diff --git a/scripts/gdb/linux/proc.py b/scripts/gdb/linux/proc.py index 2f01a958eb22..6a56bba233a9 100644 --- a/scripts/gdb/linux/proc.py +++ b/scripts/gdb/linux/proc.py @@ -29,6 +29,7 @@ class LxCmdLine(gdb.Command): def invoke(self, arg, from_tty): gdb.write(gdb.parse_and_eval("saved_command_line").string() + "\n") + LxCmdLine() @@ -43,6 +44,7 @@ class LxVersion(gdb.Command): # linux_banner should contain a newline gdb.write(gdb.parse_and_eval("(char *)linux_banner").string()) + LxVersion() @@ -86,6 +88,7 @@ Equivalent to cat /proc/iomem on a running target""" def invoke(self, arg, from_tty): return show_lx_resources("iomem_resource") + LxIOMem() @@ -100,6 +103,7 @@ Equivalent to cat /proc/ioports on a running target""" def invoke(self, arg, from_tty): return show_lx_resources("ioport_resource") + LxIOPorts() @@ -149,7 +153,7 @@ values of that process namespace""" if len(argv) >= 1: try: pid = int(argv[0]) - except: + except gdb.error: raise gdb.GdbError("Provide a PID as integer value") else: pid = 1 @@ -195,6 +199,7 @@ values of that process namespace""" info_opts(FS_INFO, s_flags), info_opts(MNT_INFO, m_flags))) + LxMounts() @@ -259,7 +264,7 @@ class LxFdtDump(gdb.Command): try: f = open(filename, 'wb') - except: + except gdb.error: raise gdb.GdbError("Could not open file to dump fdt") f.write(fdt_buf) @@ -267,4 +272,5 @@ class LxFdtDump(gdb.Command): gdb.write("Dumped fdt blob to " + filename + "\n") + LxFdtDump() diff --git a/scripts/gdb/linux/tasks.py b/scripts/gdb/linux/tasks.py index f6ab3ccf698f..0301dc1e0138 100644 --- a/scripts/gdb/linux/tasks.py +++ b/scripts/gdb/linux/tasks.py @@ -79,6 +79,7 @@ class LxPs(gdb.Command): pid=task["pid"], comm=task["comm"].string())) + LxPs() @@ -134,4 +135,5 @@ variable.""" else: raise gdb.GdbError("No task of PID " + str(pid)) + LxThreadInfoByPidFunc() diff --git a/scripts/gdb/linux/utils.py b/scripts/gdb/linux/utils.py index 50805874cfc3..bc67126118c4 100644 --- a/scripts/gdb/linux/utils.py +++ b/scripts/gdb/linux/utils.py @@ -66,6 +66,7 @@ Note that TYPE and ELEMENT have to be quoted as strings.""" return container_of(ptr, gdb.lookup_type(typename.string()).pointer(), elementname.string()) + ContainerOf() @@ -148,14 +149,14 @@ def get_gdbserver_type(): def probe_qemu(): try: return gdb.execute("monitor info version", to_string=True) != "" - except: + except gdb.error: return False def probe_kgdb(): try: thread_info = gdb.execute("info thread 2", to_string=True) return "shadowCPU0" in thread_info - except: + except gdb.error: return False global gdbserver_type @@ -172,7 +173,7 @@ def get_gdbserver_type(): def gdb_eval_or_none(expresssion): try: return gdb.parse_and_eval(expresssion) - except: + except gdb.error: return None -- cgit v1.2.3 From 47d0d12855c9eee9dac72d2359f2ccfac3f7f501 Mon Sep 17 00:00:00 2001 From: Leonard Crestez Date: Tue, 14 May 2019 15:46:05 -0700 Subject: scripts/gdb: add hlist utilities This allows easily examining kernel hlists in python. Link: http://lkml.kernel.org/r/Message-ID: Signed-off-by: Leonard Crestez Reviewed-by: Stephen Boyd Cc: Jason Wessel Cc: Jan Kiszka Cc: Kieran Bingham Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- scripts/gdb/linux/lists.py | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'scripts') diff --git a/scripts/gdb/linux/lists.py b/scripts/gdb/linux/lists.py index 1987d756b36b..55356b66f8ea 100644 --- a/scripts/gdb/linux/lists.py +++ b/scripts/gdb/linux/lists.py @@ -16,6 +16,8 @@ import gdb from linux import utils list_head = utils.CachedType("struct list_head") +hlist_head = utils.CachedType("struct hlist_head") +hlist_node = utils.CachedType("struct hlist_node") def list_for_each(head): @@ -39,6 +41,27 @@ def list_for_each_entry(head, gdbtype, member): yield utils.container_of(node, gdbtype, member) +def hlist_for_each(head): + if head.type == hlist_head.get_type().pointer(): + head = head.dereference() + elif head.type != hlist_head.get_type(): + raise gdb.GdbError("Must be struct hlist_head not {}" + .format(head.type)) + + node = head['first'].dereference() + while node.address: + yield node.address + node = node['next'].dereference() + + +def hlist_for_each_entry(head, gdbtype, member): + for node in hlist_for_each(head): + if node.type != hlist_node.get_type().pointer(): + raise TypeError("Type {} found. Expected struct hlist_head *." + .format(node.type)) + yield utils.container_of(node, gdbtype, member) + + def list_check(head): nb = 0 if (head.type == list_head.get_type().pointer()): -- cgit v1.2.3 From d1e9710b63d87209e1a14d6e6d8cf1431d8daa31 Mon Sep 17 00:00:00 2001 From: Leonard Crestez Date: Tue, 14 May 2019 15:46:08 -0700 Subject: scripts/gdb: initial clk support: lx-clk-summary Add an lx-clk-summary command which prints a subset of /sys/kernel/debug/clk/clk_summary. This can be used to examine hangs caused by clk not being enabled. Link: http://lkml.kernel.org/r/Message-ID: Signed-off-by: Leonard Crestez Cc: Jan Kiszka Cc: Jason Wessel Cc: Kieran Bingham Cc: Stephen Boyd Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- scripts/gdb/linux/clk.py | 46 ++++++++++++++++++++++++++++++++++++++++++++++ scripts/gdb/vmlinux-gdb.py | 1 + 2 files changed, 47 insertions(+) create mode 100644 scripts/gdb/linux/clk.py (limited to 'scripts') diff --git a/scripts/gdb/linux/clk.py b/scripts/gdb/linux/clk.py new file mode 100644 index 000000000000..a9129d865c5d --- /dev/null +++ b/scripts/gdb/linux/clk.py @@ -0,0 +1,46 @@ +# SPDX-License-Identifier: GPL-2.0 +# +# Copyright (c) NXP 2019 + +import gdb +import sys + +from linux import utils, lists + +clk_core_type = utils.CachedType("struct clk_core") + + +def clk_core_for_each_child(hlist_head): + return lists.hlist_for_each_entry(hlist_head, + clk_core_type.get_type().pointer(), "child_node") + + +class LxClkSummary(gdb.Command): + """Print Linux kernel log buffer.""" + + def __init__(self): + super(LxClkSummary, self).__init__("lx-clk-summary", gdb.COMMAND_DATA) + + def show_subtree(self, clk, level): + gdb.write("%*s%-*s %7d %8d %8d\n" % ( + level * 3 + 1, "", + 30 - level * 3, + clk['name'].string(), + clk['enable_count'], + clk['prepare_count'], + clk['protect_count'])) + + for child in clk_core_for_each_child(clk['children']): + self.show_subtree(child, level + 1) + + def invoke(self, arg, from_tty): + gdb.write(" enable prepare protect\n") + gdb.write(" clock count count count\n") + gdb.write("---------------------------------------------------------\n") + for clk in clk_core_for_each_child(gdb.parse_and_eval("clk_root_list")): + self.show_subtree(clk, 0) + for clk in clk_core_for_each_child(gdb.parse_and_eval("clk_orphan_list")): + self.show_subtree(clk, 0) + + +LxClkSummary() diff --git a/scripts/gdb/vmlinux-gdb.py b/scripts/gdb/vmlinux-gdb.py index 033578cc4cd7..eff5a48ac026 100644 --- a/scripts/gdb/vmlinux-gdb.py +++ b/scripts/gdb/vmlinux-gdb.py @@ -34,3 +34,4 @@ else: import linux.proc import linux.constants import linux.timerlist + import linux.clk -- cgit v1.2.3 From 988b2686159759401a4549d0fc30ff9a8758391a Mon Sep 17 00:00:00 2001 From: Leonard Crestez Date: Tue, 14 May 2019 15:46:11 -0700 Subject: scripts/gdb: add $lx_clk_core_lookup function Finding an individual clk_core requires walking the tree which can be quite complicated so add a helper for easy access. (gdb) print *(struct clk_scu*)$lx_clk_core_lookup("uart0_clk")->hw Link: http://lkml.kernel.org/r/Message-ID: Signed-off-by: Leonard Crestez Cc: Jan Kiszka Cc: Jason Wessel Cc: Kieran Bingham Cc: Stephen Boyd Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- scripts/gdb/linux/clk.py | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'scripts') diff --git a/scripts/gdb/linux/clk.py b/scripts/gdb/linux/clk.py index a9129d865c5d..6bf71976b55d 100644 --- a/scripts/gdb/linux/clk.py +++ b/scripts/gdb/linux/clk.py @@ -44,3 +44,26 @@ class LxClkSummary(gdb.Command): LxClkSummary() + + +class LxClkCoreLookup(gdb.Function): + """Find struct clk_core by name""" + + def __init__(self): + super(LxClkCoreLookup, self).__init__("lx_clk_core_lookup") + + def lookup_hlist(self, hlist_head, name): + for child in clk_core_for_each_child(hlist_head): + if child['name'].string() == name: + return child + result = self.lookup_hlist(child['children'], name) + if result: + return result + + def invoke(self, name): + name = name.string() + return (self.lookup_hlist(gdb.parse_and_eval("clk_root_list"), name) or + self.lookup_hlist(gdb.parse_and_eval("clk_orphan_list"), name)) + + +LxClkCoreLookup() -- cgit v1.2.3 From 66d5c7c60acfeb21d80ff03a349e3b6600caa117 Mon Sep 17 00:00:00 2001 From: Leonard Crestez Date: Tue, 14 May 2019 15:46:14 -0700 Subject: scripts/gdb: clean up error handling in list helpers An incorrect argument to list_for_each is an internal error in gdb scripts so a TypeError should be raised. The gdb.GdbError exception type is intended for user errors such as incorrect invocation. Drop the type assertion in list_for_each_entry because list_for_each isn't going to suddenly yield something else. Applies to both list and hlist Link: http://lkml.kernel.org/r/c1d3fd4db13d999a3ba57f5bbc1924862d824f61.1556881728.git.leonard.crestez@nxp.com Signed-off-by: Leonard Crestez Reviewed-by: Stephen Boyd Cc: Jan Kiszka Cc: Jason Wessel Cc: Kieran Bingham Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- scripts/gdb/linux/lists.py | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) (limited to 'scripts') diff --git a/scripts/gdb/linux/lists.py b/scripts/gdb/linux/lists.py index 55356b66f8ea..c487ddf09d38 100644 --- a/scripts/gdb/linux/lists.py +++ b/scripts/gdb/linux/lists.py @@ -24,7 +24,7 @@ def list_for_each(head): if head.type == list_head.get_type().pointer(): head = head.dereference() elif head.type != list_head.get_type(): - raise gdb.GdbError("Must be struct list_head not {}" + raise TypeError("Must be struct list_head not {}" .format(head.type)) node = head['next'].dereference() @@ -35,9 +35,6 @@ def list_for_each(head): def list_for_each_entry(head, gdbtype, member): for node in list_for_each(head): - if node.type != list_head.get_type().pointer(): - raise TypeError("Type {} found. Expected struct list_head *." - .format(node.type)) yield utils.container_of(node, gdbtype, member) @@ -45,7 +42,7 @@ def hlist_for_each(head): if head.type == hlist_head.get_type().pointer(): head = head.dereference() elif head.type != hlist_head.get_type(): - raise gdb.GdbError("Must be struct hlist_head not {}" + raise TypeError("Must be struct hlist_head not {}" .format(head.type)) node = head['first'].dereference() @@ -56,9 +53,6 @@ def hlist_for_each(head): def hlist_for_each_entry(head, gdbtype, member): for node in hlist_for_each(head): - if node.type != hlist_node.get_type().pointer(): - raise TypeError("Type {} found. Expected struct hlist_head *." - .format(node.type)) yield utils.container_of(node, gdbtype, member) -- cgit v1.2.3 From e7e6f462c1bee842b857b57826e47e4234728727 Mon Sep 17 00:00:00 2001 From: Leonard Crestez Date: Tue, 14 May 2019 15:46:17 -0700 Subject: scripts/gdb: print cached rate in lx-clk-summary The clk rate is always stored in clk_core but might be out of date and require calls to update from hardware. Deal with that case by printing a (c) suffix. Link: http://lkml.kernel.org/r/1a474318982a5f0125f2360c4161029b17f56bd1.1556881728.git.leonard.crestez@nxp.com Signed-off-by: Leonard Crestez Cc: Jan Kiszka Cc: Jason Wessel Cc: Kieran Bingham Cc: Stephen Boyd Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- scripts/gdb/linux/clk.py | 21 ++++++++++++++------- scripts/gdb/linux/constants.py.in | 4 ++++ 2 files changed, 18 insertions(+), 7 deletions(-) (limited to 'scripts') diff --git a/scripts/gdb/linux/clk.py b/scripts/gdb/linux/clk.py index 6bf71976b55d..061aecfa294e 100644 --- a/scripts/gdb/linux/clk.py +++ b/scripts/gdb/linux/clk.py @@ -5,7 +5,7 @@ import gdb import sys -from linux import utils, lists +from linux import utils, lists, constants clk_core_type = utils.CachedType("struct clk_core") @@ -16,27 +16,34 @@ def clk_core_for_each_child(hlist_head): class LxClkSummary(gdb.Command): - """Print Linux kernel log buffer.""" + """Print clk tree summary + +Output is a subset of /sys/kernel/debug/clk/clk_summary + +No calls are made during printing, instead a (c) if printed after values which +are cached and potentially out of date""" def __init__(self): super(LxClkSummary, self).__init__("lx-clk-summary", gdb.COMMAND_DATA) def show_subtree(self, clk, level): - gdb.write("%*s%-*s %7d %8d %8d\n" % ( + gdb.write("%*s%-*s %7d %8d %8d %11lu%s\n" % ( level * 3 + 1, "", 30 - level * 3, clk['name'].string(), clk['enable_count'], clk['prepare_count'], - clk['protect_count'])) + clk['protect_count'], + clk['rate'], + '(c)' if clk['flags'] & constants.LX_CLK_GET_RATE_NOCACHE else ' ')) for child in clk_core_for_each_child(clk['children']): self.show_subtree(child, level + 1) def invoke(self, arg, from_tty): - gdb.write(" enable prepare protect\n") - gdb.write(" clock count count count\n") - gdb.write("---------------------------------------------------------\n") + gdb.write(" enable prepare protect \n") + gdb.write(" clock count count count rate \n") + gdb.write("------------------------------------------------------------------------\n") for clk in clk_core_for_each_child(gdb.parse_and_eval("clk_root_list")): self.show_subtree(clk, 0) for clk in clk_core_for_each_child(gdb.parse_and_eval("clk_orphan_list")): diff --git a/scripts/gdb/linux/constants.py.in b/scripts/gdb/linux/constants.py.in index 76f46f427b96..1d73083da6cb 100644 --- a/scripts/gdb/linux/constants.py.in +++ b/scripts/gdb/linux/constants.py.in @@ -12,6 +12,7 @@ * */ +#include #include #include #include @@ -38,6 +39,9 @@ import gdb +/* linux/clk-provider.h */ +LX_GDBPARSED(CLK_GET_RATE_NOCACHE) + /* linux/fs.h */ LX_VALUE(SB_RDONLY) LX_VALUE(SB_SYNCHRONOUS) -- cgit v1.2.3 From 4c8dd95a723d9cccf8810be54aa62be82885c9d8 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Thu, 9 May 2019 15:46:35 +0900 Subject: kbuild: add some extra warning flags unconditionally These flags are documented in the GCC 4.6 manual, and recognized by Clang as well. Let's rip off the cc-option / cc-disable-warning switches. Signed-off-by: Masahiro Yamada Reviewed-by: Nathan Chancellor Tested-by: Nick Desaulniers --- scripts/Makefile.extrawarn | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'scripts') diff --git a/scripts/Makefile.extrawarn b/scripts/Makefile.extrawarn index 768306add591..7a12de912664 100644 --- a/scripts/Makefile.extrawarn +++ b/scripts/Makefile.extrawarn @@ -23,15 +23,16 @@ warning- := $(empty) warning-1 := -Wextra -Wunused -Wno-unused-parameter warning-1 += -Wmissing-declarations warning-1 += -Wmissing-format-attribute -warning-1 += $(call cc-option, -Wmissing-prototypes) +warning-1 += -Wmissing-prototypes warning-1 += -Wold-style-definition -warning-1 += $(call cc-option, -Wmissing-include-dirs) +warning-1 += -Wmissing-include-dirs warning-1 += $(call cc-option, -Wunused-but-set-variable) warning-1 += $(call cc-option, -Wunused-const-variable) warning-1 += $(call cc-option, -Wpacked-not-aligned) warning-1 += $(call cc-option, -Wstringop-truncation) -warning-1 += $(call cc-disable-warning, missing-field-initializers) -warning-1 += $(call cc-disable-warning, sign-compare) +# The following turn off the warnings enabled by -Wextra +warning-1 += -Wno-missing-field-initializers +warning-1 += -Wno-sign-compare warning-2 := -Waggregate-return warning-2 += -Wcast-align @@ -39,8 +40,8 @@ warning-2 += -Wdisabled-optimization warning-2 += -Wnested-externs warning-2 += -Wshadow warning-2 += $(call cc-option, -Wlogical-op) -warning-2 += $(call cc-option, -Wmissing-field-initializers) -warning-2 += $(call cc-option, -Wsign-compare) +warning-2 += -Wmissing-field-initializers +warning-2 += -Wsign-compare warning-2 += $(call cc-option, -Wmaybe-uninitialized) warning-2 += $(call cc-option, -Wunused-macros) -- cgit v1.2.3 From a1494304346a3c15fb7a42b39e891f112844c1c7 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Fri, 10 May 2019 23:10:09 +0900 Subject: kbuild: add all Clang-specific flags unconditionally We do not support old Clang versions. Upgrade your clang version if any of these flags is unsupported. Let's add all flags inside ifdef CONFIG_CC_IS_CLANG unconditionally. Signed-off-by: Masahiro Yamada Reviewed-by: Sedat Dilek Reviewed-by: Nathan Chancellor Tested-by: Nick Desaulniers --- Makefile | 10 +++++----- scripts/Makefile.extrawarn | 12 ++++++------ 2 files changed, 11 insertions(+), 11 deletions(-) (limited to 'scripts') diff --git a/Makefile b/Makefile index 8519a6c66702..48de3d02ad07 100644 --- a/Makefile +++ b/Makefile @@ -731,15 +731,15 @@ stackp-flags-$(CONFIG_STACKPROTECTOR_STRONG) := -fstack-protector-strong KBUILD_CFLAGS += $(stackp-flags-y) ifdef CONFIG_CC_IS_CLANG -KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,) -KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier) -KBUILD_CFLAGS += $(call cc-disable-warning, gnu) +KBUILD_CPPFLAGS += -Qunused-arguments +KBUILD_CFLAGS += -Wno-format-invalid-specifier +KBUILD_CFLAGS += -Wno-gnu # Quiet clang warning: comparison of unsigned expression < 0 is always false -KBUILD_CFLAGS += $(call cc-disable-warning, tautological-compare) +KBUILD_CFLAGS += -Wno-tautological-compare # CLANG uses a _MergedGlobals as optimization, but this breaks modpost, as the # source of a reference will be _MergedGlobals and not on of the whitelisted names. # See modpost pattern 2 -KBUILD_CFLAGS += $(call cc-option, -mno-global-merge,) +KBUILD_CFLAGS += -mno-global-merge else # These warnings generated too much noise in a regular build. diff --git a/scripts/Makefile.extrawarn b/scripts/Makefile.extrawarn index 7a12de912664..3ab8d1a303cd 100644 --- a/scripts/Makefile.extrawarn +++ b/scripts/Makefile.extrawarn @@ -67,11 +67,11 @@ KBUILD_CFLAGS += $(warning) else ifdef CONFIG_CC_IS_CLANG -KBUILD_CFLAGS += $(call cc-disable-warning, initializer-overrides) -KBUILD_CFLAGS += $(call cc-disable-warning, unused-value) -KBUILD_CFLAGS += $(call cc-disable-warning, format) -KBUILD_CFLAGS += $(call cc-disable-warning, sign-compare) -KBUILD_CFLAGS += $(call cc-disable-warning, format-zero-length) -KBUILD_CFLAGS += $(call cc-disable-warning, uninitialized) +KBUILD_CFLAGS += -Wno-initializer-overrides +KBUILD_CFLAGS += -Wno-unused-value +KBUILD_CFLAGS += -Wno-format +KBUILD_CFLAGS += -Wno-sign-compare +KBUILD_CFLAGS += -Wno-format-zero-length +KBUILD_CFLAGS += -Wno-uninitialized endif endif -- cgit v1.2.3 From 902a6898bfb4878eb186d9223d12c903a5f60fa5 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Thu, 9 May 2019 16:35:55 +0900 Subject: kbuild: terminate Kconfig when $(CC) or $(LD) is missing If the compiler specified by $(CC) is not present, the Kconfig stage sprinkles 'not found' messages, then succeeds. $ make CROSS_COMPILE=foo defconfig /bin/sh: 1: foogcc: not found /bin/sh: 1: foogcc: not found *** Default configuration is based on 'x86_64_defconfig' ./scripts/gcc-version.sh: 17: ./scripts/gcc-version.sh: foogcc: not found ./scripts/gcc-version.sh: 18: ./scripts/gcc-version.sh: foogcc: not found ./scripts/gcc-version.sh: 19: ./scripts/gcc-version.sh: foogcc: not found ./scripts/gcc-version.sh: 17: ./scripts/gcc-version.sh: foogcc: not found ./scripts/gcc-version.sh: 18: ./scripts/gcc-version.sh: foogcc: not found ./scripts/gcc-version.sh: 19: ./scripts/gcc-version.sh: foogcc: not found ./scripts/clang-version.sh: 11: ./scripts/clang-version.sh: foogcc: not found ./scripts/gcc-plugin.sh: 11: ./scripts/gcc-plugin.sh: foogcc: not found init/Kconfig:16:warning: 'GCC_VERSION': number is invalid # # configuration written to .config # Terminate parsing files immediately if $(CC) or $(LD) is not found. "make *config" will fail more nicely. $ make CROSS_COMPILE=foo defconfig *** Default configuration is based on 'x86_64_defconfig' scripts/Kconfig.include:34: compiler 'foogcc' not found make[1]: *** [scripts/kconfig/Makefile;82: defconfig] Error 1 make: *** [Makefile;557: defconfig] Error 2 Signed-off-by: Masahiro Yamada --- Makefile | 2 +- scripts/Kconfig.include | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) (limited to 'scripts') diff --git a/Makefile b/Makefile index ba9f41f62987..95421654a16d 100644 --- a/Makefile +++ b/Makefile @@ -537,7 +537,7 @@ endif # Some architectures define CROSS_COMPILE in arch/$(SRCARCH)/Makefile. # CC_VERSION_TEXT is referenced from Kconfig (so it needs export), # and from include/config/auto.conf.cmd to detect the compiler upgrade. -CC_VERSION_TEXT = $(shell $(CC) --version | head -n 1) +CC_VERSION_TEXT = $(shell $(CC) --version 2>/dev/null | head -n 1) ifeq ($(config-targets),1) # =========================================================================== diff --git a/scripts/Kconfig.include b/scripts/Kconfig.include index 87ff1dcc6bd5..0b267fb27f07 100644 --- a/scripts/Kconfig.include +++ b/scripts/Kconfig.include @@ -18,6 +18,10 @@ if-success = $(shell,{ $(1); } >/dev/null 2>&1 && echo "$(2)" || echo "$(3)") # Return y if exits with 0, n otherwise success = $(if-success,$(1),y,n) +# $(failure,) +# Return n if exits with 0, y otherwise +failure = $(if-success,$(1),n,y) + # $(cc-option,) # Return y if the compiler supports , n otherwise cc-option = $(success,$(CC) -Werror $(1) -E -x c /dev/null -o /dev/null) @@ -26,5 +30,9 @@ cc-option = $(success,$(CC) -Werror $(1) -E -x c /dev/null -o /dev/null) # Return y if the linker supports , n otherwise ld-option = $(success,$(LD) -v $(1)) +# check if $(CC) and $(LD) exist +$(error-if,$(failure,command -v $(CC)),compiler '$(CC)' not found) +$(error-if,$(failure,command -v $(LD)),linker '$(LD)' not found) + # gcc version including patch level gcc-version := $(shell,$(srctree)/scripts/gcc-version.sh $(CC)) -- cgit v1.2.3 From 9cc342f6c4a06ea613ddef1bcaa25409260aec63 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Mon, 13 May 2019 15:22:16 +0900 Subject: treewide: prefix header search paths with $(srctree)/ Currently, the Kbuild core manipulates header search paths in a crazy way [1]. To fix this mess, I want all Makefiles to add explicit $(srctree)/ to the search paths in the srctree. Some Makefiles are already written in that way, but not all. The goal of this work is to make the notation consistent, and finally get rid of the gross hacks. Having whitespaces after -I does not matter since commit 48f6e3cf5bc6 ("kbuild: do not drop -I without parameter"). [1]: https://patchwork.kernel.org/patch/9632347/ Signed-off-by: Masahiro Yamada --- arch/mips/pnx833x/Platform | 2 +- arch/powerpc/Makefile | 2 +- arch/sh/Makefile | 4 ++-- arch/x86/kernel/Makefile | 2 +- arch/x86/mm/Makefile | 2 +- arch/xtensa/boot/lib/Makefile | 2 +- drivers/hid/intel-ish-hid/Makefile | 2 +- drivers/net/ethernet/chelsio/libcxgb/Makefile | 2 +- drivers/target/iscsi/cxgbit/Makefile | 6 +++--- drivers/usb/storage/Makefile | 2 +- fs/ocfs2/dlm/Makefile | 3 +-- fs/ocfs2/dlmfs/Makefile | 2 +- fs/xfs/Makefile | 4 ++-- net/bpfilter/Makefile | 2 +- scripts/dtc/Makefile | 6 +++--- scripts/genksyms/Makefile | 4 ++-- scripts/kconfig/Makefile | 4 ++-- 17 files changed, 25 insertions(+), 26 deletions(-) (limited to 'scripts') diff --git a/arch/mips/pnx833x/Platform b/arch/mips/pnx833x/Platform index 794526caab12..6b1a847d593f 100644 --- a/arch/mips/pnx833x/Platform +++ b/arch/mips/pnx833x/Platform @@ -1,5 +1,5 @@ # NXP STB225 platform-$(CONFIG_SOC_PNX833X) += pnx833x/ -cflags-$(CONFIG_SOC_PNX833X) += -Iarch/mips/include/asm/mach-pnx833x +cflags-$(CONFIG_SOC_PNX833X) += -I $(srctree)/arch/mips/include/asm/mach-pnx833x load-$(CONFIG_NXP_STB220) += 0xffffffff80001000 load-$(CONFIG_NXP_STB225) += 0xffffffff80001000 diff --git a/arch/powerpc/Makefile b/arch/powerpc/Makefile index 258ea6b2f2e7..c345b79414a9 100644 --- a/arch/powerpc/Makefile +++ b/arch/powerpc/Makefile @@ -211,7 +211,7 @@ endif asinstr := $(call as-instr,lis 9$(comma)foo@high,-DHAVE_AS_ATHIGH=1) -KBUILD_CPPFLAGS += -Iarch/$(ARCH) $(asinstr) +KBUILD_CPPFLAGS += -I $(srctree)/arch/$(ARCH) $(asinstr) KBUILD_AFLAGS += $(AFLAGS-y) KBUILD_CFLAGS += $(call cc-option,-msoft-float) KBUILD_CFLAGS += -pipe $(CFLAGS-y) diff --git a/arch/sh/Makefile b/arch/sh/Makefile index 4009bef62fe9..b4a86f27e048 100644 --- a/arch/sh/Makefile +++ b/arch/sh/Makefile @@ -191,8 +191,8 @@ cpuincdir-y += cpu-common # Must be last drivers-y += arch/sh/drivers/ drivers-$(CONFIG_OPROFILE) += arch/sh/oprofile/ -cflags-y += $(foreach d, $(cpuincdir-y), -Iarch/sh/include/$(d)) \ - $(foreach d, $(machdir-y), -Iarch/sh/include/$(d)) +cflags-y += $(foreach d, $(cpuincdir-y), -I $(srctree)/arch/sh/include/$(d)) \ + $(foreach d, $(machdir-y), -I $(srctree)/arch/sh/include/$(d)) KBUILD_CFLAGS += -pipe $(cflags-y) KBUILD_CPPFLAGS += $(cflags-y) diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index 00b7e27bc2b7..ce1b5cc360a2 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -42,7 +42,7 @@ endif # non-deterministic coverage. KCOV_INSTRUMENT := n -CFLAGS_irq.o := -I$(src)/../include/asm/trace +CFLAGS_irq.o := -I $(srctree)/$(src)/../include/asm/trace obj-y := process_$(BITS).o signal.o obj-$(CONFIG_COMPAT) += signal_compat.o diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile index 4b101dd6e52f..84373dc9b341 100644 --- a/arch/x86/mm/Makefile +++ b/arch/x86/mm/Makefile @@ -21,7 +21,7 @@ CFLAGS_physaddr.o := $(nostackp) CFLAGS_setup_nx.o := $(nostackp) CFLAGS_mem_encrypt_identity.o := $(nostackp) -CFLAGS_fault.o := -I$(src)/../include/asm/trace +CFLAGS_fault.o := -I $(srctree)/$(src)/../include/asm/trace obj-$(CONFIG_X86_PAT) += pat_rbtree.o diff --git a/arch/xtensa/boot/lib/Makefile b/arch/xtensa/boot/lib/Makefile index 355127faade1..e3d717c7bfa1 100644 --- a/arch/xtensa/boot/lib/Makefile +++ b/arch/xtensa/boot/lib/Makefile @@ -7,7 +7,7 @@ zlib := inffast.c inflate.c inftrees.c lib-y += $(zlib:.c=.o) zmem.o -ccflags-y := -Ilib/zlib_inflate +ccflags-y := -I $(srctree)/lib/zlib_inflate ifdef CONFIG_FUNCTION_TRACER CFLAGS_REMOVE_inflate.o = -pg CFLAGS_REMOVE_zmem.o = -pg diff --git a/drivers/hid/intel-ish-hid/Makefile b/drivers/hid/intel-ish-hid/Makefile index 2de97e4b7740..f0a82b1c7cb9 100644 --- a/drivers/hid/intel-ish-hid/Makefile +++ b/drivers/hid/intel-ish-hid/Makefile @@ -23,4 +23,4 @@ intel-ishtp-hid-objs += ishtp-hid-client.o obj-$(CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER) += intel-ishtp-loader.o intel-ishtp-loader-objs += ishtp-fw-loader.o -ccflags-y += -Idrivers/hid/intel-ish-hid/ishtp +ccflags-y += -I $(srctree)/$(src)/ishtp diff --git a/drivers/net/ethernet/chelsio/libcxgb/Makefile b/drivers/net/ethernet/chelsio/libcxgb/Makefile index 2534e30a1560..441913b5221e 100644 --- a/drivers/net/ethernet/chelsio/libcxgb/Makefile +++ b/drivers/net/ethernet/chelsio/libcxgb/Makefile @@ -1,4 +1,4 @@ -ccflags-y := -Idrivers/net/ethernet/chelsio/cxgb4 +ccflags-y := -I $(srctree)/$(src)/../cxgb4 obj-$(CONFIG_CHELSIO_LIB) += libcxgb.o diff --git a/drivers/target/iscsi/cxgbit/Makefile b/drivers/target/iscsi/cxgbit/Makefile index d16aaae7ba2a..0dcaf2006f78 100644 --- a/drivers/target/iscsi/cxgbit/Makefile +++ b/drivers/target/iscsi/cxgbit/Makefile @@ -1,7 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 -ccflags-y := -Idrivers/net/ethernet/chelsio/cxgb4 -ccflags-y += -Idrivers/net/ethernet/chelsio/libcxgb -ccflags-y += -Idrivers/target/iscsi +ccflags-y := -I $(srctree)/drivers/net/ethernet/chelsio/cxgb4 +ccflags-y += -I $(srctree)/drivers/net/ethernet/chelsio/libcxgb +ccflags-y += -I $(srctree)/drivers/target/iscsi obj-$(CONFIG_ISCSI_TARGET_CXGB4) += cxgbit.o diff --git a/drivers/usb/storage/Makefile b/drivers/usb/storage/Makefile index c5126a4cd954..a67ddcbb4e24 100644 --- a/drivers/usb/storage/Makefile +++ b/drivers/usb/storage/Makefile @@ -6,7 +6,7 @@ # Rewritten to use lists instead of if-statements. # -ccflags-y := -Idrivers/scsi +ccflags-y := -I $(srctree)/drivers/scsi obj-$(CONFIG_USB_UAS) += uas.o obj-$(CONFIG_USB_STORAGE) += usb-storage.o diff --git a/fs/ocfs2/dlm/Makefile b/fs/ocfs2/dlm/Makefile index ef2854422a6e..3d4041f0431e 100644 --- a/fs/ocfs2/dlm/Makefile +++ b/fs/ocfs2/dlm/Makefile @@ -1,7 +1,6 @@ -ccflags-y := -I$(src)/.. +ccflags-y := -I $(srctree)/$(src)/.. obj-$(CONFIG_OCFS2_FS_O2CB) += ocfs2_dlm.o ocfs2_dlm-objs := dlmdomain.o dlmdebug.o dlmthread.o dlmrecovery.o \ dlmmaster.o dlmast.o dlmconvert.o dlmlock.o dlmunlock.o - diff --git a/fs/ocfs2/dlmfs/Makefile b/fs/ocfs2/dlmfs/Makefile index 33431a0296a3..0a0b93d940fe 100644 --- a/fs/ocfs2/dlmfs/Makefile +++ b/fs/ocfs2/dlmfs/Makefile @@ -1,4 +1,4 @@ -ccflags-y := -I$(src)/.. +ccflags-y := -I $(srctree)/$(src)/.. obj-$(CONFIG_OCFS2_FS) += ocfs2_dlmfs.o diff --git a/fs/xfs/Makefile b/fs/xfs/Makefile index 1dfc6df2e2bd..91831975363b 100644 --- a/fs/xfs/Makefile +++ b/fs/xfs/Makefile @@ -4,8 +4,8 @@ # All Rights Reserved. # -ccflags-y += -I$(src) # needed for trace events -ccflags-y += -I$(src)/libxfs +ccflags-y += -I $(srctree)/$(src) # needed for trace events +ccflags-y += -I $(srctree)/$(src)/libxfs ccflags-$(CONFIG_XFS_DEBUG) += -g diff --git a/net/bpfilter/Makefile b/net/bpfilter/Makefile index 854395fb98cd..aa945ab5b655 100644 --- a/net/bpfilter/Makefile +++ b/net/bpfilter/Makefile @@ -5,7 +5,7 @@ hostprogs-y := bpfilter_umh bpfilter_umh-objs := main.o -KBUILD_HOSTCFLAGS += -Itools/include/ -Itools/include/uapi +KBUILD_HOSTCFLAGS += -I $(srctree)/tools/include/ -I $(srctree)/tools/include/uapi HOSTCC := $(CC) ifeq ($(CONFIG_BPFILTER_UMH), y) diff --git a/scripts/dtc/Makefile b/scripts/dtc/Makefile index 5f227d8d39d8..82160808765c 100644 --- a/scripts/dtc/Makefile +++ b/scripts/dtc/Makefile @@ -9,7 +9,7 @@ dtc-objs := dtc.o flattree.o fstree.o data.o livetree.o treesource.o \ dtc-objs += dtc-lexer.lex.o dtc-parser.tab.o # Source files need to get at the userspace version of libfdt_env.h to compile -HOST_EXTRACFLAGS := -I$(src)/libfdt +HOST_EXTRACFLAGS := -I $(srctree)/$(src)/libfdt ifeq ($(wildcard /usr/include/yaml.h),) ifneq ($(CHECK_DTBS),) @@ -23,8 +23,8 @@ HOSTLDLIBS_dtc := -lyaml endif # Generated files need one more search path to include headers in source tree -HOSTCFLAGS_dtc-lexer.lex.o := -I$(src) -HOSTCFLAGS_dtc-parser.tab.o := -I$(src) +HOSTCFLAGS_dtc-lexer.lex.o := -I $(srctree)/$(src) +HOSTCFLAGS_dtc-parser.tab.o := -I $(srctree)/$(src) # dependencies on generated files need to be listed explicitly $(obj)/dtc-lexer.lex.o: $(obj)/dtc-parser.tab.h diff --git a/scripts/genksyms/Makefile b/scripts/genksyms/Makefile index 03b7ce97de14..66c314bc5933 100644 --- a/scripts/genksyms/Makefile +++ b/scripts/genksyms/Makefile @@ -31,8 +31,8 @@ $(obj)/parse.tab.h: $(src)/parse.y FORCE endif # -I needed for generated C source (shipped source) -HOSTCFLAGS_parse.tab.o := -I$(src) -HOSTCFLAGS_lex.lex.o := -I$(src) +HOSTCFLAGS_parse.tab.o := -I $(srctree)/$(src) +HOSTCFLAGS_lex.lex.o := -I $(srctree)/$(src) # dependencies on generated files need to be listed explicitly $(obj)/lex.lex.o: $(obj)/parse.tab.h diff --git a/scripts/kconfig/Makefile b/scripts/kconfig/Makefile index 7c5dc31c1d95..5e0cd86cb4a7 100644 --- a/scripts/kconfig/Makefile +++ b/scripts/kconfig/Makefile @@ -147,8 +147,8 @@ common-objs := confdata.o expr.o lexer.lex.o parser.tab.o preprocess.o \ symbol.o $(obj)/lexer.lex.o: $(obj)/parser.tab.h -HOSTCFLAGS_lexer.lex.o := -I$(src) -HOSTCFLAGS_parser.tab.o := -I$(src) +HOSTCFLAGS_lexer.lex.o := -I $(srctree)/$(src) +HOSTCFLAGS_parser.tab.o := -I $(srctree)/$(src) # conf: Used for defconfig, oldconfig and related targets hostprogs-y += conf -- cgit v1.2.3 From cdd750bfb1f76fe9be8cfb53cbe77b2e811081ab Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Mon, 13 May 2019 15:22:17 +0900 Subject: kbuild: remove 'addtree' and 'flags' magic for header search paths The 'addtree' and 'flags' in scripts/Kbuild.include are so compilecated and ugly. As I mentioned in [1], Kbuild should stop automatic prefixing of header search path options. I fixed up (almost) all Makefiles in the kernel. Now 'addtree' and 'flags' have been removed. Kbuild still caters to add $(srctree)/$(src) and $(objtree)/$(obj) to the header search path for O= building, but never touches extra compiler options from ccflags-y etc. [1]: https://patchwork.kernel.org/patch/9632347/ Signed-off-by: Masahiro Yamada --- scripts/Kbuild.include | 8 -------- scripts/Makefile.host | 12 +++++------- scripts/Makefile.lib | 26 ++++++++------------------ 3 files changed, 13 insertions(+), 33 deletions(-) (limited to 'scripts') diff --git a/scripts/Kbuild.include b/scripts/Kbuild.include index 7484b9d8272f..a675ce11a573 100644 --- a/scripts/Kbuild.include +++ b/scripts/Kbuild.include @@ -192,14 +192,6 @@ clean := -f $(srctree)/scripts/Makefile.clean obj # $(Q)$(MAKE) $(hdr-inst)=dir hdr-inst := -f $(srctree)/scripts/Makefile.headersinst obj -# Prefix -I with $(srctree) if it is not an absolute path. -# skip if -I has no parameter -addtree = $(if $(patsubst -I%,%,$(1)), \ -$(if $(filter-out -I/% -I./% -I../%,$(1)),$(patsubst -I%,-I$(srctree)/%,$(1)),$(1)),$(1)) - -# Find all -I options and call addtree -flags = $(foreach o,$($(1)),$(if $(filter -I%,$(o)),$(call addtree,$(o)),$(o))) - # echo command. # Short version is used, if $(quiet) equals `quiet_', otherwise full one. echo-cmd = $(if $($(quiet)cmd_$(1)),\ diff --git a/scripts/Makefile.host b/scripts/Makefile.host index 73b804197fca..b6a54bdf0965 100644 --- a/scripts/Makefile.host +++ b/scripts/Makefile.host @@ -67,18 +67,16 @@ _hostc_flags = $(KBUILD_HOSTCFLAGS) $(HOST_EXTRACFLAGS) \ _hostcxx_flags = $(KBUILD_HOSTCXXFLAGS) $(HOST_EXTRACXXFLAGS) \ $(HOSTCXXFLAGS_$(basetarget).o) -__hostc_flags = $(_hostc_flags) -__hostcxx_flags = $(_hostcxx_flags) - +# $(objtree)/$(obj) for including generated headers from checkin source files ifeq ($(KBUILD_EXTMOD),) ifneq ($(srctree),.) -__hostc_flags = -I$(obj) $(call flags,_hostc_flags) -__hostcxx_flags = -I$(obj) $(call flags,_hostcxx_flags) +_hostc_flags += -I $(objtree)/$(obj) +_hostcxx_flags += -I $(objtree)/$(obj) endif endif -hostc_flags = -Wp,-MD,$(depfile) $(__hostc_flags) -hostcxx_flags = -Wp,-MD,$(depfile) $(__hostcxx_flags) +hostc_flags = -Wp,-MD,$(depfile) $(_hostc_flags) +hostcxx_flags = -Wp,-MD,$(depfile) $(_hostcxx_flags) ##### # Compile programs on the host diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib index 41e98fa66b91..1b412d4394ae 100644 --- a/scripts/Makefile.lib +++ b/scripts/Makefile.lib @@ -137,36 +137,26 @@ _c_flags += $(if $(patsubst n%,, \ $(CFLAGS_KCOV)) endif -__c_flags = $(_c_flags) -__a_flags = $(_a_flags) -__cpp_flags = $(_cpp_flags) - -# If building the kernel in a separate objtree expand all occurrences -# of -Idir to -I$(srctree)/dir except for absolute paths (starting with '/'). +# $(srctree)/$(src) for including checkin headers from generated source files +# $(objtree)/$(obj) for including generated headers from checkin source files ifeq ($(KBUILD_EXTMOD),) ifneq ($(srctree),.) - -# -I$(obj) locates generated .h files -# $(call addtree,-I$(obj)) locates .h files in srctree, from generated .c files -# and locates generated .h files -# FIXME: Replace both with specific CFLAGS* statements in the makefiles -__c_flags = $(if $(obj),$(call addtree,-I$(src)) -I$(obj)) \ - $(call flags,_c_flags) -__a_flags = $(call flags,_a_flags) -__cpp_flags = $(call flags,_cpp_flags) +_c_flags += -I $(srctree)/$(src) -I $(objtree)/$(obj) +_a_flags += -I $(srctree)/$(src) -I $(objtree)/$(obj) +_cpp_flags += -I $(srctree)/$(src) -I $(objtree)/$(obj) endif endif c_flags = -Wp,-MD,$(depfile) $(NOSTDINC_FLAGS) $(LINUXINCLUDE) \ -include $(srctree)/include/linux/compiler_types.h \ - $(__c_flags) $(modkern_cflags) \ + $(_c_flags) $(modkern_cflags) \ $(basename_flags) $(modname_flags) a_flags = -Wp,-MD,$(depfile) $(NOSTDINC_FLAGS) $(LINUXINCLUDE) \ - $(__a_flags) $(modkern_aflags) + $(_a_flags) $(modkern_aflags) cpp_flags = -Wp,-MD,$(depfile) $(NOSTDINC_FLAGS) $(LINUXINCLUDE) \ - $(__cpp_flags) + $(_cpp_flags) ld_flags = $(KBUILD_LDFLAGS) $(ldflags-y) $(LDFLAGS_$(@F)) -- cgit v1.2.3 From aff11cd983ec0850651ee9b1c2a88b33358cb2f2 Mon Sep 17 00:00:00 2001 From: Alexander Popov Date: Fri, 17 May 2019 22:42:22 +0300 Subject: kconfig: Terminate menu blocks with a comment in the generated config Currently menu blocks start with a pretty header but end with nothing in the generated config. So next config options stick together with the options from the menu block. Let's terminate menu blocks in the generated config with a comment and a newline if needed. Example: ... CONFIG_BPF_STREAM_PARSER=y CONFIG_NET_FLOW_LIMIT=y # # Network testing # CONFIG_NET_PKTGEN=y CONFIG_NET_DROP_MONITOR=y # end of Network testing # end of Networking options CONFIG_HAMRADIO=y ... Signed-off-by: Alexander Popov Reviewed-by: Kees Cook Signed-off-by: Masahiro Yamada --- scripts/kconfig/confdata.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c index 492ac3410147..6006154d36bd 100644 --- a/scripts/kconfig/confdata.c +++ b/scripts/kconfig/confdata.c @@ -867,6 +867,7 @@ int conf_write(const char *name) const char *str; char tmpname[PATH_MAX + 1], oldname[PATH_MAX + 1]; char *env; + bool need_newline = false; if (!name) name = conf_get_configname(); @@ -912,12 +913,16 @@ int conf_write(const char *name) "#\n" "# %s\n" "#\n", str); + need_newline = false; } else if (!(sym->flags & SYMBOL_CHOICE)) { sym_calc_value(sym); if (!(sym->flags & SYMBOL_WRITE)) goto next; + if (need_newline) { + fprintf(out, "\n"); + need_newline = false; + } sym->flags &= ~SYMBOL_WRITE; - conf_write_symbol(out, sym, &kconfig_printer_cb, NULL); } @@ -929,6 +934,12 @@ next: if (menu->next) menu = menu->next; else while ((menu = menu->parent)) { + if (!menu->sym && menu_is_visible(menu) && + menu != &rootmenu) { + str = menu_get_prompt(menu); + fprintf(out, "# end of %s\n", str); + need_newline = true; + } if (menu->next) { menu = menu->next; break; -- cgit v1.2.3 From 3a48a91901c516a46a3406ea576798538a8d94d2 Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Sat, 18 May 2019 01:07:15 +0900 Subject: kbuild: check uniqueness of module names In the recent build test of linux-next, Stephen saw a build error caused by a broken .tmp_versions/*.mod file: https://lkml.org/lkml/2019/5/13/991 drivers/net/phy/asix.ko and drivers/net/usb/asix.ko have the same basename, and there is a race in generating .tmp_versions/asix.mod Kbuild has not checked this before, and it suddenly shows up with obscure error messages when this kind of race occurs. Non-unique module names cause various sort of problems, but it is not trivial to catch them by eyes. Hence, this script. It checks not only real modules, but also built-in modules (i.e. controlled by tristate CONFIG option, but currently compiled with =y). Non-unique names for built-in modules also cause problems because /sys/modules/ would fall over. For the latest kernel, I tested "make allmodconfig all" (or more quickly "make allyesconfig modules"), and it detected the following: warning: same basename if the following are built as modules: drivers/regulator/88pm800.ko drivers/mfd/88pm800.ko warning: same basename if the following are built as modules: drivers/gpu/drm/bridge/adv7511/adv7511.ko drivers/media/i2c/adv7511.ko warning: same basename if the following are built as modules: drivers/net/phy/asix.ko drivers/net/usb/asix.ko warning: same basename if the following are built as modules: fs/coda/coda.ko drivers/media/platform/coda/coda.ko warning: same basename if the following are built as modules: drivers/net/phy/realtek.ko drivers/net/dsa/realtek.ko Reported-by: Stephen Rothwell Signed-off-by: Masahiro Yamada Reviewed-by: Kees Cook Reviewed-by: Stephen Rothwell Reviewed-by: Lucas De Marchi --- Makefile | 1 + scripts/modules-check.sh | 16 ++++++++++++++++ 2 files changed, 17 insertions(+) create mode 100755 scripts/modules-check.sh (limited to 'scripts') diff --git a/Makefile b/Makefile index e5414f78e123..1232a1454d5c 100644 --- a/Makefile +++ b/Makefile @@ -1288,6 +1288,7 @@ modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin $(Q)$(AWK) '!x[$$0]++' $(vmlinux-dirs:%=$(objtree)/%/modules.order) > $(objtree)/modules.order @$(kecho) ' Building modules, stage 2.'; $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost + $(Q)$(CONFIG_SHELL) $(srctree)/scripts/modules-check.sh modules.builtin: $(vmlinux-dirs:%=%/modules.builtin) $(Q)$(AWK) '!x[$$0]++' $^ > $(objtree)/modules.builtin diff --git a/scripts/modules-check.sh b/scripts/modules-check.sh new file mode 100755 index 000000000000..2f659530e1ec --- /dev/null +++ b/scripts/modules-check.sh @@ -0,0 +1,16 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0 + +set -e + +# Check uniqueness of module names +check_same_name_modules() +{ + for m in $(sed 's:.*/::' modules.order modules.builtin | sort | uniq -d) + do + echo "warning: same basename if the following are built as modules:" >&2 + sed "/\/$m/!d;s:^kernel/: :" modules.order modules.builtin >&2 + done +} + +check_same_name_modules -- cgit v1.2.3 From fc2694ec1ab7c805505bef2752aca56977a22abd Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Sat, 18 May 2019 17:07:48 +0900 Subject: kconfig: use 'else ifneq' for Makefile to improve readability 'ifeq ... else ifneq ... endif' notation is supported by GNU Make 3.81 or later, which is the requirement for building the kernel since commit 37d69ee30808 ("docs: bump minimal GNU Make version to 3.81"). Use it to improve the readability. Signed-off-by: Masahiro Yamada --- scripts/kconfig/Makefile | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'scripts') diff --git a/scripts/kconfig/Makefile b/scripts/kconfig/Makefile index 5e0cd86cb4a7..3f327e21f60e 100644 --- a/scripts/kconfig/Makefile +++ b/scripts/kconfig/Makefile @@ -76,15 +76,13 @@ savedefconfig: $(obj)/conf defconfig: $(obj)/conf ifeq ($(KBUILD_DEFCONFIG),) $< $(silent) --defconfig $(Kconfig) -else -ifneq ($(wildcard $(srctree)/arch/$(SRCARCH)/configs/$(KBUILD_DEFCONFIG)),) +else ifneq ($(wildcard $(srctree)/arch/$(SRCARCH)/configs/$(KBUILD_DEFCONFIG)),) @$(kecho) "*** Default configuration is based on '$(KBUILD_DEFCONFIG)'" $(Q)$< $(silent) --defconfig=arch/$(SRCARCH)/configs/$(KBUILD_DEFCONFIG) $(Kconfig) else @$(kecho) "*** Default configuration is based on target '$(KBUILD_DEFCONFIG)'" $(Q)$(MAKE) -f $(srctree)/Makefile $(KBUILD_DEFCONFIG) endif -endif %_defconfig: $(obj)/conf $(Q)$< $(silent) --defconfig=arch/$(SRCARCH)/configs/$@ $(Kconfig) -- cgit v1.2.3