Try to mitigate potential future driver core api changes by adding a
padding to struct module.
Based on a patch from Michal Marek <mmarek@suse.cz> from the SLES kernel
Bug: 151154716
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I2a764e9eac88f20e50d192112235da6d2f0f83bc
(cherry picked from commit b0c456e92b)
The generic kernel image must have module signing disabled so it can
load kernel modules from all vendors. Unfortunately loading a signed
kernel module into a kernel with module signing disabled will fail
because struct module_layout (which appears in kernel modules) contains
struct module, and struct module contains the sig_ok field, which is
conditionally compiled depending on CONFIG_MODULE_SIG (module signing).
Unconditionally compile the sig_ok field to work around this problem.
Bug: 135940219
Test: load a signed kernel module with module signing disabled
Change-Id: I5cc437c806f74f89c0e45ce4135136ca0c70738e
Signed-off-by: Steve Muckle <smuckle@google.com>
* refs/heads/tmp-3f534fa:
Linux 4.19.49
media: uvcvideo: Fix uvc_alloc_entity() allocation alignment
of: overlay: set node fields from properties when add new overlay node
of: overlay: validate overlay properties #address-cells and #size-cells
scsi: lpfc: Fix backport of faf5a744f4f8 ("scsi: lpfc: avoid uninitialized variable warning")
x86/kprobes: Set instruction page as executable
x86/ftrace: Set trampoline pages as executable
x86/ftrace: Do not call function graph from dynamic trampolines
binder: fix race between munmap() and direct reclaim
Revert "binder: fix handling of misaligned binder object"
Revert "x86/build: Move _etext to actual end of .text"
include/linux/module.h: copy __init/__exit attrs to init/cleanup_module
Compiler Attributes: add support for __copy (gcc >= 9)
drm/lease: Make sure implicit planes are leased
drm/rockchip: shutdown drm subsystem on shutdown
drm/sun4i: Fix sun8i HDMI PHY configuration for > 148.5 MHz
drm/sun4i: Fix sun8i HDMI PHY clock initialization
drm/vmwgfx: Don't send drm sysfs hotplug events on initial master set
drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages()
gcc-plugins: Fix build failures under Darwin host
Revert "lockd: Show pid of lockd for remote locks"
CIFS: cifs_read_allocate_pages: don't iterate through whole page array on ENOMEM
cifs: fix memory leak of pneg_inbuf on -EOPNOTSUPP ioctl case
staging: wlan-ng: fix adapter initialization failure
staging: vc04_services: prevent integer overflow in create_pagelist()
serial: sh-sci: disable DMA for uart_console
vt/fbcon: deinitialize resources in visual_init() after failed memory allocation
evm: check hash algorithm passed to init_desc()
ima: show rules with IMA_INMASK correctly
doc: Cope with Sphinx logging deprecations
doc: Cope with the deprecation of AutoReporter
docs: Fix conf.py for Sphinx 2.0
arm64: Fix the arm64_personality() syscall wrapper redirection
kernel/signal.c: trace_signal_deliver when signal_group_exit
memcg: make it work on sparse non-0-node systems
tty: max310x: Fix external crystal register setup
tty: serial: msm_serial: Fix XON/XOFF
i2c: synquacer: fix synquacer_i2c_doxfer() return value
i2c: mlxcpld: Fix wrong initialization order in probe
drm/nouveau/i2c: Disable i2c bus access after ->fini()
KVM: s390: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID
ALSA: hda/realtek - Improve the headset mic for Acer Aspire laptops
ALSA: hda/realtek - Set default power save node to 0
ALSA: line6: Assure canceling delayed work at disconnection
powerpc/perf: Fix MMCRA corruption by bhrb_filter
KVM: PPC: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts
s390/crypto: fix possible sleep during spinlock aquired
s390/crypto: fix gcm-aes-s390 selftest failures
iio: adc: ti-ads8688: fix timestamp is not updated in buffer
iio: dac: ds4422/ds4424 fix chip verification
Btrfs: incremental send, fix file corruption when no-holes feature is enabled
Btrfs: fix fsync not persisting changed attributes of a directory
Btrfs: fix race updating log root item during fsync
Btrfs: fix wrong ctime and mtime of a directory after log replay
tracing: Avoid memory leak in predicate_parse()
scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs)
scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove
brcmfmac: fix NULL pointer derefence during USB disconnect
media: smsusb: better handle optional alignment
media: usb: siano: Fix false-positive "uninitialized variable" warning
media: usb: siano: Fix general protection fault in smsusb
USB: rio500: fix memory leak in close after disconnect
USB: rio500: refuse more than one device at a time
USB: Add LPM quirk for Surface Dock GigE adapter
USB: sisusbvga: fix oops in error path of sisusb_probe
USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor
usbip: usbip_host: fix stub_dev lock context imbalance regression
usbip: usbip_host: fix BUG: sleeping function called from invalid context
usb: xhci: avoid null pointer deref when bos field is NULL
xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic()
xhci: Use %zu for printing size_t type
xhci: update bounce buffer with correct sg num
include/linux/bitops.h: sanitize rotate primitives
sparc64: Fix regression in non-hypervisor TLB flush xcall
ANDROID: uid_sys_stats: report uid_cputime stats in microseconds
Revert "fib_rules: return 0 directly if an exactly same rule exists when NLM_F_EXCL not supplied"
cuttlefish_defconfig: update with recent upstream change
cuttlefish_defconfig: update with recent upstream change
Change-Id: I62be41246e49d33b20377ca090ae4a73bc6b592d
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
* refs/heads/tmp-01f5de3:
Linux 4.19.48
tipc: fix modprobe tipc failed after switch order of device registration
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
jump_label: move 'asm goto' support test to Kconfig
compiler.h: give up __compiletime_assert_fallback()
include/linux/compiler*.h: define asm_volatile_goto
crypto: vmx - ghash: do nosimd fallback manually
net/tls: don't ignore netdev notifications if no TLS features
net/tls: fix state removal with feature flags off
bnxt_en: Fix aggregation buffer leak under OOM condition.
net: stmmac: dma channel control register need to be init first
net/mlx5e: Disable rxhash when CQE compress is enabled
net/mlx5: Allocate root ns memory using kzalloc to match kfree
tipc: Avoid copying bytes beyond the supplied data
net/mlx5: Avoid double free in fs init error unwinding path
usbnet: fix kernel crash after disconnect
net: stmmac: fix reset gpio free missing
net: sched: don't use tc_action->order during action dump
net: phy: marvell10g: report if the PHY fails to boot firmware
net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value
net: mvneta: Fix err code path of probe
net-gro: fix use-after-free read in napi_gro_frags()
net: fec: fix the clk mismatch in failed_reset path
net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT
llc: fix skb leak in llc_build_and_send_ui_pkt()
ipv6: Fix redirect with VRF
ipv6: Consider sk_bound_dev_if when binding a raw socket to an address
ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST
ipv4/igmp: fix another memory leak in igmpv3_del_delrec()
inet: switch IP ID generator to siphash
cxgb4: offload VLAN flows regardless of VLAN ethtype
bonding/802.3ad: fix slave link initialization transition states
Conflicts:
include/linux/compiler.h
Change-Id: I43dd2908aa00a247ac985c36d210e83370361315
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
* refs/heads/tmp-50f9143:
Linux 4.19.45
ext4: don't update s_rev_level if not required
ext4: fix compile error when using BUFFER_TRACE
pstore: Refactor compression initialization
pstore: Allocate compression during late_initcall()
pstore: Centralize init/exit routines
iov_iter: optimize page_copy_sane()
libnvdimm/namespace: Fix label tracking error
xen/pvh: set xen_domain_type to HVM in xen_pvh_init
kbuild: turn auto.conf.cmd into a mandatory include file
KVM: lapic: Busy wait for timer to expire when using hv_timer
KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
jbd2: fix potential double free
ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
ALSA: hda/realtek - Fixup headphone noise via runtime suspend
ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14)
ext4: avoid panic during forced reboot due to aborted journal
ext4: fix use-after-free in dx_release()
ext4: fix data corruption caused by overlapping unaligned and aligned IO
ext4: zero out the unused memory region in the extent tree block
tty: Don't force RISCV SBI console as preferred console
fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount
crypto: ccm - fix incompatibility between "ccm" and "ccm_base"
ipmi:ssif: compare block number correctly for multi-part return messages
bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
bcache: fix a race between cache register and cacheset unregister
Btrfs: do not start a transaction at iterate_extent_inodes()
Btrfs: do not start a transaction during fiemap
Btrfs: send, flush dellaloc in order to avoid data loss
btrfs: Honour FITRIM range constraints during free space trim
btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails
btrfs: Check the first key and level for cached extent buffer
ext4: fix ext4_show_options for file systems w/o journal
ext4: actually request zeroing of inode table after grow
ext4: fix use-after-free race with debug_want_extra_isize
ext4: avoid drop reference to iloc.bh twice
ext4: ignore e_value_offs for xattrs with value-in-ea-inode
ext4: make sanity check in mballoc more strict
jbd2: check superblock mapped prior to committing
tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0
mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write
mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values
mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L
ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle
userfaultfd: use RCU to free the task struct when fork fails
ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
hugetlb: use same fault hash key for shared and private mappings
mm/hugetlb.c: don't put_page in lock of hugetlb_lock
mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses
mm/mincore.c: make mincore() more conservative
crypto: ccree - handle tee fips error during power management resume
crypto: ccree - add function to handle cryptocell tee fips error
crypto: ccree - HOST_POWER_DOWN_EN should be the last CC access during suspend
crypto: ccree - pm resume first enable the source clk
crypto: ccree - don't map AEAD key and IV on stack
crypto: ccree - use correct internal state sizes for export
crypto: ccree - don't map MAC key on stack
crypto: ccree - fix mem leak on error path
crypto: ccree - remove special handling of chained sg
bpf, arm64: remove prefetch insn in xadd mapping
ASoC: codec: hdac_hdmi add device_link to card device
ASoC: fsl_esai: Fix missing break in switch statement
ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
ASoC: max98090: Fix restore of DAPM Muxes
ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14)
ALSA: hda/realtek - EAPD turn on later
ALSA: hda/hdmi - Consider eld_valid when reporting jack event
ALSA: hda/hdmi - Read the pin sense from register when repolling
ALSA: usb-audio: Fix a memory leak bug
ALSA: line6: toneport: Fix broken usage of timer for delayed execution
mmc: core: Fix tag set memory leak
crypto: arm64/aes-neonbs - don't access already-freed walk.iv
crypto: arm/aes-neonbs - don't access already-freed walk.iv
crypto: rockchip - update IV buffer to contain the next IV
crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
crypto: arm64/gcm-aes-ce - fix no-NEON fallback code
crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
crypto: crct10dif-generic - fix use via crypto_shash_digest()
crypto: skcipher - don't WARN on unprocessed data after slow walk step
crypto: vmx - fix copy-paste error in CTR mode
crypto: ccp - Do not free psp_master when PLATFORM_INIT fails
crypto: chacha20poly1305 - set cra_name correctly
crypto: salsa20 - don't access already-freed walk.iv
crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues
crypto: crypto4xx - fix ctr-aes missing output IV
sched/x86: Save [ER]FLAGS on context switch
arm64: Save and restore OSDLR_EL1 across suspend/resume
arm64: Clear OSDLR_EL1 on CPU boot
arm64: compat: Reduce address limit
arm64: arch_timer: Ensure counter register reads occur with seqlock held
arm64: mmap: Ensure file offset is treated as unsigned
power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist
power: supply: axp288_charger: Fix unchecked return value
ARM: exynos: Fix a leaked reference by adding missing of_node_put
mmc: sdhci-of-arasan: Add DTS property to disable DCMDs.
ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3
ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260
arm64: dts: rockchip: Disable DCMDs on RK3399's eMMC controller.
objtool: Fix function fallthrough detection
x86/speculation/mds: Improve CPU buffer clear documentation
x86/speculation/mds: Revert CPU buffer clear on double fault exit
locking/rwsem: Prevent decrement of reader count before increment
fs: sdcardfs: Add missing option to show_options
BACKPORT: drm/amd/display: add -msse2 to prevent Clang from emitting libcalls to undefined SW FP routines
ANDROID: x86: use the correct function type for sys_ni_syscall
ANDROID: x86: use the correct function type for sys32_(rt_)sigreturn
ANDROID: x86: use the correct function type for native_set_fixmap
ANDROID: x86: use the correct function type in SYSCALL_DEFINE0
ANDROID: x86: add support for CONFIG_LTO_CLANG
ANDROID: x86: disable STACK_VALIDATION with LTO_CLANG
ANDROID: x86: disable HAVE_ARCH_PREL32_RELOCATIONS with LTO_CLANG
ANDROID: x86/vdso: disable LTO only for VDSO
ANDROID: x86/cpu/vmware: use the full form of inl in VMWARE_PORT
UPSTREAM: x86/build: Keep local relocations with ld.lld
ANDROID: crypto: arm64/ghash: fix CFI for GHASH CE
ANDROID: crypto: arm64/sha: fix CFI in SHA CE
ANDROID: arm64: kvm: disable CFI
ANDROID: arm64: mark kpti_install_ng_mappings as __nocfi
ANDROID: arm64: disable CFI for cpu_replace_ttbr1
FROMLIST: arm64: use the correct function type for __arm64_sys_ni_syscall
FROMLIST: arm64: use the correct function type in SYSCALL_DEFINE0
FROMLIST: arm64: fix syscall_fn_t type
ANDROID: modpost: add an exception for CFI stubs
ANDROID: ftrace: fix function type mismatches
FROMLIST: 9p: pass the correct prototype to read_cache_page
FROMLIST: jffs2: pass the correct prototype to read_cache_page
UPSTREAM: nfs: pass the correct prototype to read_cache_page
FROMLIST: mm: don't cast ->readpage to filler_t for do_read_cache_page
UPSTREAM: netfilter: xt_IDLETIMER: fix sysfs callback function type
ANDROID: kallsyms: strip the .cfi postfix from symbols with CONFIG_CFI_CLANG
ANDROID: add support for clang Control Flow Integrity (CFI)
FROMLIST: arm64: select ARCH_SUPPORTS_LTO_CLANG
ANDROID: arm64: disable HAVE_ARCH_PREL32_RELOCATIONS with LTO_CLANG
ANDROID: arm64: add atomic_ll_sc.o to obj-y if using lld
ANDROID: arm64: lse: fix LSE atomics with LTO
ANDROID: arm64: vdso: disable LTO
FROMLIST: arm64: kvm: use -fno-jump-tables with clang
BACKPORT: arm64: sysreg: Make mrs_s and msr_s macros work with Clang and LTO
ANDROID: init: ensure initcall ordering with LTO
ANDROID: drivers/misc: disable LTO for lkdtm_rodata.o
FROMLIST: efi/libstub: disable LTO
FROMLIST: scripts/mod: disable LTO for empty.c
ANDROID: kbuild: disable LTO_CLANG with KASAN
FROMLIST: kbuild: fix dynamic ftrace with clang LTO
ANDROID: kbuild: add support for clang LTO
ANDROID: kbuild: add CONFIG_LD_IS_LLD
UPSTREAM: gcov: clang support
UPSTREAM: gcov: docs: add a note on GCC vs Clang differences
UPSTREAM: gcov: clang: move common GCC code into gcc_base.c
UPSTREAM: module: add stubs for within_module functions
UPSTREAM: bpf: relax inode permission check for retrieving bpf program
Conflicts:
Makefile
arch/Kconfig
arch/arm64/kvm/hyp/Makefile
arch/x86/include/asm/syscall_wrapper.h
drivers/mmc/core/queue.c
fs/nfs/dir.c
fs/nfs/symlink.c
include/asm-generic/vmlinux.lds.h
include/linux/compiler-clang.h
include/linux/pagemap.h
kernel/cfi.c
mm/filemap.c
scripts/link-vmlinux.sh
Change-Id: I1e34675a86ecb60d7b8a87e16574ea8920f9cb12
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
Changes in 4.19.49
sparc64: Fix regression in non-hypervisor TLB flush xcall
include/linux/bitops.h: sanitize rotate primitives
xhci: update bounce buffer with correct sg num
xhci: Use %zu for printing size_t type
xhci: Convert xhci_handshake() to use readl_poll_timeout_atomic()
usb: xhci: avoid null pointer deref when bos field is NULL
usbip: usbip_host: fix BUG: sleeping function called from invalid context
usbip: usbip_host: fix stub_dev lock context imbalance regression
USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor
USB: sisusbvga: fix oops in error path of sisusb_probe
USB: Add LPM quirk for Surface Dock GigE adapter
USB: rio500: refuse more than one device at a time
USB: rio500: fix memory leak in close after disconnect
media: usb: siano: Fix general protection fault in smsusb
media: usb: siano: Fix false-positive "uninitialized variable" warning
media: smsusb: better handle optional alignment
brcmfmac: fix NULL pointer derefence during USB disconnect
scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove
scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs)
tracing: Avoid memory leak in predicate_parse()
Btrfs: fix wrong ctime and mtime of a directory after log replay
Btrfs: fix race updating log root item during fsync
Btrfs: fix fsync not persisting changed attributes of a directory
Btrfs: incremental send, fix file corruption when no-holes feature is enabled
iio: dac: ds4422/ds4424 fix chip verification
iio: adc: ti-ads8688: fix timestamp is not updated in buffer
s390/crypto: fix gcm-aes-s390 selftest failures
s390/crypto: fix possible sleep during spinlock aquired
KVM: PPC: Book3S HV: XIVE: Do not clear IRQ data of passthrough interrupts
powerpc/perf: Fix MMCRA corruption by bhrb_filter
ALSA: line6: Assure canceling delayed work at disconnection
ALSA: hda/realtek - Set default power save node to 0
ALSA: hda/realtek - Improve the headset mic for Acer Aspire laptops
KVM: s390: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID
drm/nouveau/i2c: Disable i2c bus access after ->fini()
i2c: mlxcpld: Fix wrong initialization order in probe
i2c: synquacer: fix synquacer_i2c_doxfer() return value
tty: serial: msm_serial: Fix XON/XOFF
tty: max310x: Fix external crystal register setup
memcg: make it work on sparse non-0-node systems
kernel/signal.c: trace_signal_deliver when signal_group_exit
arm64: Fix the arm64_personality() syscall wrapper redirection
docs: Fix conf.py for Sphinx 2.0
doc: Cope with the deprecation of AutoReporter
doc: Cope with Sphinx logging deprecations
ima: show rules with IMA_INMASK correctly
evm: check hash algorithm passed to init_desc()
vt/fbcon: deinitialize resources in visual_init() after failed memory allocation
serial: sh-sci: disable DMA for uart_console
staging: vc04_services: prevent integer overflow in create_pagelist()
staging: wlan-ng: fix adapter initialization failure
cifs: fix memory leak of pneg_inbuf on -EOPNOTSUPP ioctl case
CIFS: cifs_read_allocate_pages: don't iterate through whole page array on ENOMEM
Revert "lockd: Show pid of lockd for remote locks"
gcc-plugins: Fix build failures under Darwin host
drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages()
drm/vmwgfx: Don't send drm sysfs hotplug events on initial master set
drm/sun4i: Fix sun8i HDMI PHY clock initialization
drm/sun4i: Fix sun8i HDMI PHY configuration for > 148.5 MHz
drm/rockchip: shutdown drm subsystem on shutdown
drm/lease: Make sure implicit planes are leased
Compiler Attributes: add support for __copy (gcc >= 9)
include/linux/module.h: copy __init/__exit attrs to init/cleanup_module
Revert "x86/build: Move _etext to actual end of .text"
Revert "binder: fix handling of misaligned binder object"
binder: fix race between munmap() and direct reclaim
x86/ftrace: Do not call function graph from dynamic trampolines
x86/ftrace: Set trampoline pages as executable
x86/kprobes: Set instruction page as executable
scsi: lpfc: Fix backport of faf5a744f4f8 ("scsi: lpfc: avoid uninitialized variable warning")
of: overlay: validate overlay properties #address-cells and #size-cells
of: overlay: set node fields from properties when add new overlay node
media: uvcvideo: Fix uvc_alloc_entity() allocation alignment
Linux 4.19.49
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit a6e60d84989fa0e91db7f236eda40453b0e44afa upstream.
The upcoming GCC 9 release extends the -Wmissing-attributes warnings
(enabled by -Wall) to C and aliases: it warns when particular function
attributes are missing in the aliases but not in their target.
In particular, it triggers for all the init/cleanup_module
aliases in the kernel (defined by the module_init/exit macros),
ending up being very noisy.
These aliases point to the __init/__exit functions of a module,
which are defined as __cold (among other attributes). However,
the aliases themselves do not have the __cold attribute.
Since the compiler behaves differently when compiling a __cold
function as well as when compiling paths leading to calls
to __cold functions, the warning is trying to point out
the possibly-forgotten attribute in the alias.
In order to keep the warning enabled, we decided to silence
this case. Ideally, we would mark the aliases directly
as __init/__exit. However, there are currently around 132 modules
in the kernel which are missing __init/__exit in their init/cleanup
functions (either because they are missing, or for other reasons,
e.g. the functions being called from somewhere else); and
a section mismatch is a hard error.
A conservative alternative was to mark the aliases as __cold only.
However, since we would like to eventually enforce __init/__exit
to be always marked, we chose to use the new __copy function
attribute (introduced by GCC 9 as well to deal with this).
With it, we copy the attributes used by the target functions
into the aliases. This way, functions that were not marked
as __init/__exit won't have their aliases marked either,
and therefore there won't be a section mismatch.
Note that the warning would go away marking either the extern
declaration, the definition, or both. However, we only mark
the definition of the alias, since we do not want callers
(which only see the declaration) to be compiled as if the function
was __cold (and therefore the paths leading to those calls
would be assumed to be unlikely).
Link: https://lore.kernel.org/lkml/20190123173707.GA16603@gmail.com/
Link: https://lore.kernel.org/lkml/20190206175627.GA20399@gmail.com/
Suggested-by: Martin Sebor <msebor@gcc.gnu.org>
Acked-by: Jessica Yu <jeyu@kernel.org>
Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Changes in 4.19.48
bonding/802.3ad: fix slave link initialization transition states
cxgb4: offload VLAN flows regardless of VLAN ethtype
inet: switch IP ID generator to siphash
ipv4/igmp: fix another memory leak in igmpv3_del_delrec()
ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST
ipv6: Consider sk_bound_dev_if when binding a raw socket to an address
ipv6: Fix redirect with VRF
llc: fix skb leak in llc_build_and_send_ui_pkt()
net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT
net: fec: fix the clk mismatch in failed_reset path
net-gro: fix use-after-free read in napi_gro_frags()
net: mvneta: Fix err code path of probe
net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value
net: phy: marvell10g: report if the PHY fails to boot firmware
net: sched: don't use tc_action->order during action dump
net: stmmac: fix reset gpio free missing
usbnet: fix kernel crash after disconnect
net/mlx5: Avoid double free in fs init error unwinding path
tipc: Avoid copying bytes beyond the supplied data
net/mlx5: Allocate root ns memory using kzalloc to match kfree
net/mlx5e: Disable rxhash when CQE compress is enabled
net: stmmac: dma channel control register need to be init first
bnxt_en: Fix aggregation buffer leak under OOM condition.
net/tls: fix state removal with feature flags off
net/tls: don't ignore netdev notifications if no TLS features
crypto: vmx - ghash: do nosimd fallback manually
include/linux/compiler*.h: define asm_volatile_goto
compiler.h: give up __compiletime_assert_fallback()
jump_label: move 'asm goto' support test to Kconfig
xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
Revert "tipc: fix modprobe tipc failed after switch order of device registration"
tipc: fix modprobe tipc failed after switch order of device registration
Linux 4.19.48
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit e9666d10a5677a494260d60d1fa0b73cc7646eb3 upstream.
Currently, CONFIG_JUMP_LABEL just means "I _want_ to use jump label".
The jump label is controlled by HAVE_JUMP_LABEL, which is defined
like this:
#if defined(CC_HAVE_ASM_GOTO) && defined(CONFIG_JUMP_LABEL)
# define HAVE_JUMP_LABEL
#endif
We can improve this by testing 'asm goto' support in Kconfig, then
make JUMP_LABEL depend on CC_HAS_ASM_GOTO.
Ugly #ifdef HAVE_JUMP_LABEL will go away, and CONFIG_JUMP_LABEL will
match to the real kernel capability.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Acked-by: Michael Ellerman <mpe@ellerman.id.au> (powerpc)
Tested-by: Sedat Dilek <sedat.dilek@gmail.com>
[nc: Fix trivial conflicts in 4.19
arch/xtensa/kernel/jump_label.c doesn't exist yet
Ensured CC_HAVE_ASM_GOTO and HAVE_JUMP_LABEL were sufficiently
eliminated]
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This change adds the CONFIG_CFI_CLANG option, CFI error handling,
and a faster look-up table for cross module CFI checks.
Bug: 67506682
Bug: 133186739
Change-Id: Ic009f0a629b552a0eb16e6d89808c7029e91447d
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Provide stubs for within_module_core(), within_module_init(), and
within_module() to prevent build errors when !CONFIG_MODULES.
Suggested-by: Matthew Wilcox <willy@infradead.org>
Reported-by: Randy Dunlap <rdunlap@infradead.org>
Reported-by: kbuild test robot <lkp@intel.com>
Link: https://marc.info/?l=linux-mm&m=155384681109231&w=2
Signed-off-by: Tri Vo <trong@android.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
(cherry picked from commit dadec066d8fa7da227f623f632ea114690fecaf8)
Bug: 132997968
Test: defconfig + CONFIG_GCOV_KERNEL records coverage
Change-Id: I69448d0721a5174d4f39fff0774a86361f37b8ef
* refs/heads/tmp-976f78d:
Linux 4.19.16
Btrfs: use nofs context when initializing security xattrs to avoid deadlock
Btrfs: fix deadlock when enabling quotas due to concurrent snapshot creation
Btrfs: fix access to available allocation bits when starting balance
arm64: compat: Don't pull syscall number from regs in arm_compat_syscall
KVM: arm/arm64: Fix VMID alloc race by reverting to lock-less
sunrpc: use-after-free in svc_process_common()
mm: page_mapped: don't assume compound page is huge or THP
ext4: fix special inode number checks in __ext4_iget()
ext4: track writeback errors using the generic tracking infrastructure
ext4: use ext4_write_inode() when fsyncing w/o a journal
ext4: avoid kernel warning when writing the superblock to a dead device
ext4: fix a potential fiemap/page fault deadlock w/ inline_data
ext4: make sure enough credits are reserved for dioread_nolock writes
rbd: don't return 0 on unmap if RBD_DEV_FLAG_REMOVING is set
drm/amdgpu: Don't fail resume process if resuming atomic state fails
drm/amdgpu: Don't ignore rc from drm_dp_mst_topology_mgr_resume()
drm/i915: Unwind failure on pinning the gen7 ppgtt
drm/fb-helper: Partially bring back workaround for bugs of SDL 1.2
drm/fb_helper: Allow leaking fbdev smem_start
drm/amd/display: Fix MST dp_blank REG_WAIT timeout
PCI: dwc: Move interrupt acking into the proper callback
PCI: dwc: Take lock when ACKing an interrupt
PCI: dwc: Use interrupt masking instead of disabling
drm/amdgpu: Add new VegaM pci id
vfio/type1: Fix unmap overflow off-by-one
mtd: rawnand: qcom: fix memory corruption that causes panic
i2c: dev: prevent adapter retries and timeout being set as minus value
ACPI/IORT: Fix rc_dma_get_range()
ACPI / PMIC: xpower: Fix TS-pin current-source handling
ACPI: power: Skip duplicate power resource references in _PRx
mm, memcg: fix reclaim deadlock with writeback
mm/usercopy.c: no check page span for stack objects
slab: alien caches must not be initialized if the allocation of the alien cache failed
USB: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB
USB: storage: add quirk for SMI SM3350
USB: storage: don't insert sane sense for SPC3+ when bad sense specified
usb: cdc-acm: send ZLP for Telit 3G Intel based modems
cifs: Fix potential OOB access of lock element array
CIFS: Fix credit computation for compounded requests
CIFS: Do not hide EINTR after sending network packets
CIFS: Do not set credits to 1 if the server didn't grant anything
CIFS: Fix adjustment of credits for MTU requests
ALSA: hda/realtek - Disable headset Mic VREF for headset mode of ALC225
ALSA: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225
ALSA: hda/realtek - Support Dell headset mode for New AIO platform
x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE
cpufreq: scmi: Fix frequency invariance in slow path
staging: rtl8188eu: Fix module loading from tasklet for WEP encryption
staging: rtl8188eu: Fix module loading from tasklet for CCMP encryption
Btrfs: fix deadlock when using free space tree due to block group creation
UPSTREAM: selftests/memfd: Add tests for F_SEAL_FUTURE_WRITE seal
UPSTREAM: mm/memfd: Add an F_SEAL_FUTURE_WRITE seal to memfd
Revert "UPSTREAM: mm: Add an F_SEAL_FUTURE_WRITE seal to memfd"
Revert "UPSTREAM: mm/memfd: make F_SEAL_FUTURE_WRITE seal more robust"
ANDROID: cuttlefish: enable CONFIG_NET_CLS_BPF=y
Makefile: Fix 4.19.15 resolution
ANDROID: f2fs: Complement "android_fs" tracepoint of read path
Change-Id: I9c9c1f53796798b4ac1038dcfcf0d70624c1cfca
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
* origin/tmp-84df952:
Linux 4.19
MAINTAINERS: Add an entry for the code of conduct
Code of Conduct: Change the contact email address
Code of Conduct Interpretation: Put in the proper URL for the committee
Code of Conduct: Provide links between the two documents
Code of Conduct Interpretation: Properly reference the TAB correctly
Code of Conduct Interpretation: Add document explaining how the Code of Conduct is to be interpreted
Code of conduct: Fix wording around maintainers enforcing the code of conduct
Revert "neighbour: force neigh_invalidate when NUD_FAILED update is from admin"
net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs
i2c: rcar: cleanup DMA for all kinds of failure
MAINTAINERS: Add entry for Broadcom STB I2C controller
net: fix pskb_trim_rcsum_slow() with odd trim offset
selftests: ftrace: Add synthetic event syntax testcase
tracing: Fix synthetic event to allow semicolon at end
tracing: Fix synthetic event to accept unsigned modifier
Revert "bond: take rcu lock in netpoll_send_skb_on_dev"
drm/sun4i: Fix an ulong overflow in the dotclock driver
x86/swiotlb: Enable swiotlb for > 4GiG RAM on 32-bit kernels
ip6_tunnel: Fix encapsulation layout
tipc: fix info leak from kernel tipc_event
net: socket: fix a missing-check bug
net: sched: Fix for duplicate class dump
r8169: fix NAPI handling under high load
sparc: Revert unintended perf changes.
drm: Get ref on CRTC commit object when waiting for flip_done
block: don't deal with discard limit in blkdev_issue_discard()
fscache: Fix out of bound read in long cookie keys
fscache: Fix incomplete initialisation of inline key space
cachefiles: fix the race between cachefiles_bury_object() and rmdir(2)
mremap: properly flush TLB before releasing the page
LICENSES: Remove CC-BY-SA-4.0 license text
net: ipmr: fix unresolved entry dumps
net: mscc: ocelot: Fix comment in ocelot_vlant_wait_for_completion()
sctp: fix the data size calculation in sctp_data_size
virtio_net: avoid using netif_tx_disable() for serializing tx routine
udp6: fix encap return code for resubmitting
mlxsw: core: Fix use-after-free when flashing firmware during init
sctp: not free the new asoc when sctp_wait_for_connect returns err
sctp: fix race on sctp_id2asoc
r8169: re-enable MSI-X on RTL8168g
net: bpfilter: use get_pid_task instead of pid_task
ptp: fix Spectre v1 vulnerability
sparc: vDSO: Silence an uninitialized variable warning
net: qla3xxx: Remove overflowing shift statement
geneve, vxlan: Don't set exceptions if skb->len < mtu
geneve, vxlan: Don't check skb_dst() twice
sparc: Fix syscall fallback bugs in VDSO.
tracing: Use trace_clock_local() for looping in preemptirq_delay_test.c
tracepoint: Fix tracepoint array element size mismatch
usb: gadget: storage: Fix Spectre v1 vulnerability
perf tools: Stop fallbacking to kallsyms for vdso symbols lookup
x86/fpu: Fix i486 + no387 boot crash by only saving FPU registers on context switch if there is an FPU
x86/fpu: Remove second definition of fpu in __fpu__restore_sig()
x86/entry/64: Further improve paranoid_entry comments
x86/entry/32: Clear the CS high bits
perf tools: Pass build flags to traceevent build
perf report: Don't crash on invalid inline debug information
sctp: get pr_assoc and pr_stream all status with SCTP_PR_SCTP_ALL instead
RDMA/ucma: Fix Spectre v1 vulnerability
IB/ucm: Fix Spectre v1 vulnerability
perf cpu_map: Align cpu map synthesized events properly.
perf tools: Fix tracing_path_mount proper path
perf tools: Fix use of alternatives to find JDIR
drm/edid: VSDB yCBCr420 Deep Color mode bit definitions
perf evsel: Store ids for events with their own cpus perf_event__synthesize_event_update_cpus
USB: fix the usbfs flag sanitization for control transfers
parisc: Fix uninitialized variable usage in unwind.c
sched/fair: Fix the min_vruntime update logic in dequeue_entity()
nfp: flower: use offsets provided by pedit instead of index for ipv6
nfp: flower: fix multiple keys per pedit action
nfp: flower: fix pedit set actions for multiple partial masks
rxrpc: Fix a missing rxrpc_put_peer() in the error_report handler
sctp: use the pmtu from the icmp packet to update transport pathmtu
net: fec: don't dump RX FIFO register when not available
qed: fix spelling mistake "Ireelevant" -> "Irrelevant"
ipv6: mcast: fix a use-after-free in inet6_mc_check
tipc: fix unsafe rcu locking when accessing publication list
rxrpc: Fix incorrect conditional on IPV6
ipv6: rate-limit probes for neighbourless routes
net: bcmgenet: Poll internal PHY for GENETv5
rxrpc: use correct kvec num when sending BUSY response packet
rxrpc: Fix an uninitialised variable
tipc: initialize broadcast link stale counter correctly
llc: set SOCK_RCU_FREE in llc_sap_add_socket()
net/sched: cls_api: add missing validation of netlink attributes
ethtool: fix a privilege escalation bug
ethtool: fix a missing-check bug
r8169: Enable MSI-X on RTL8106e
Revert "sparc: Convert to using %pOFn instead of device_node.name"
idr: Change documentation license
test_ida: Fix lockdep warning
Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM
afs: Fix clearance of reply
sparc64: Set %l4 properly on trap return after handling signals.
sparc64: Make proc_id signed.
x86/boot: Add -Wno-pointer-sign to KBUILD_CFLAGS
x86/time: Correct the attribute on jiffies' definition
x86/entry: Add some paranoid entry/exit CR3 handling comments
x86/percpu: Fix this_cpu_read()
x86/tsc: Force inlining of cyc2ns bits
sparc: Throttle perf events properly.
sparc: Fix single-pcr perf event counter management.
perf vendor events intel: Fix wrong filter_band* values for uncore events
xfrm: policy: use hlist rcu variants on insert
net/xfrm: fix out-of-bounds packet access
sched/fair: Fix throttle_list starvation with low CFS quota
xsk: do not call synchronize_net() under RCU read lock
net/mlx5: WQ, fixes for fragmented WQ buffers API
net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type
net/mlx5: Fix memory leak when setting fpga ipsec caps
MAINTAINERS: update the SELinux mailing list location
sparc: Wire up io_pgetevents system call.
usb: xhci: pci: Enable Intel USB role mux on Apollo Lake platforms
usb: roles: intel_xhci: Fix Unbalanced pm_runtime_enable
cdc-acm: correct counting of UART states in serial state notification
cdc-acm: do not reset notification buffer index upon urb unlinking
cdc-acm: fix race between reset and control messaging
usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control()
selftests: usbip: add wait after attach and before checking port status
Revert "perf tools: Fix PMU term format max value calculation"
sunvdc: Remove VLA usage
tools headers uapi: Sync kvm.h copy
tools arch uapi: Sync the x86 kvm.h copy
nvme: remove ns sibling before clearing path
bpf: do not blindly change rlimit in reuseport net selftest
drm: fix use of freed memory in drm_mode_setcrtc
drm: fb-helper: Reject all pixel format changing requests
MAINTAINERS: Remove net/core/flow.c
drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl
xfrm: fix gro_cells leak when remove virtual xfrm interfaces
clk: sunxi-ng: sun4i: Set VCO and PLL bias current to lowest setting
Change-Id: If7954a79d86a24d2104b417da49be69b3452e70e
Signed-off-by: Rishabh Bhatnagar <rishabhb@codeaurora.org>
commit 46e0c9be20 ("kernel: tracepoints: add support for relative
references") changes the layout of the __tracepoint_ptrs section on
architectures supporting relative references. However, it does so
without turning struct tracepoint * const into const int elsewhere in
the tracepoint code, which has the following side-effect:
Setting mod->num_tracepoints is done in by module.c:
mod->tracepoints_ptrs = section_objs(info, "__tracepoints_ptrs",
sizeof(*mod->tracepoints_ptrs),
&mod->num_tracepoints);
Basically, since sizeof(*mod->tracepoints_ptrs) is a pointer size
(rather than sizeof(int)), num_tracepoints is erroneously set to half the
size it should be on 64-bit arch. So a module with an odd number of
tracepoints misses the last tracepoint due to effect of integer
division.
So in the module going notifier:
for_each_tracepoint_range(mod->tracepoints_ptrs,
mod->tracepoints_ptrs + mod->num_tracepoints,
tp_module_going_check_quiescent, NULL);
the expression (mod->tracepoints_ptrs + mod->num_tracepoints) actually
evaluates to something within the bounds of the array, but miss the
last tracepoint if the number of tracepoints is odd on 64-bit arch.
Fix this by introducing a new typedef: tracepoint_ptr_t, which
is either "const int" on architectures that have PREL32 relocations,
or "struct tracepoint * const" on architectures that does not have
this feature.
Also provide a new tracepoint_ptr_defer() static inline to
encapsulate deferencing this type rather than duplicate code and
ugly idefs within the for_each_tracepoint_range() implementation.
This issue appears in 4.19-rc kernels, and should ideally be fixed
before the end of the rc cycle.
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Jessica Yu <jeyu@kernel.org>
Link: http://lkml.kernel.org/r/20181013191050.22389-1-mathieu.desnoyers@efficios.com
Link: http://lkml.kernel.org/r/20180704083651.24360-7-ard.biesheuvel@linaro.org
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Bjorn Helgaas <bhelgaas@google.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: James Morris <james.morris@microsoft.com>
Cc: James Morris <jmorris@namei.org>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Nicolas Pitre <nico@linaro.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Petr Mladek <pmladek@suse.com>
Cc: Russell King <linux@armlinux.org.uk>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Cc: Thomas Garnier <thgarnie@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
This change adds the CONFIG_CFI_CLANG option, CFI error handling,
and a faster look-up table for cross module CFI checks.
Bug: 67506682
Change-Id: Ic009f0a629b552a0eb16e6d89808c7029e91447d
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
[AmitP: Rebased to newer kernels without clang LTO support]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
With the special case handling for Blackfin and Metag was removed by
commit 94e58e0ac3 ("export.h: remove code for prefixing symbols with
underscore"), VMLINUX_SYMBOL_STR() is now equivalent to __stringify().
Replace the remaining usages to prepare for the entire removal of
VMLINUX_SYMBOL_STR().
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
Pull printk updates from Petr Mladek:
- Add a console_msg_format command line option:
The value "default" keeps the old "[time stamp] text\n" format. The
value "syslog" allows to see the syslog-like "<log
level>[timestamp] text" format.
This feature was requested by people doing regression tests, for
example, 0day robot. They want to have both filtered and full logs
at hands.
- Reduce the risk of softlockup:
Pass the console owner in a busy loop.
This is a new approach to the old problem. It was first proposed by
Steven Rostedt on Kernel Summit 2017. It marks a context in which
the console_lock owner calls console drivers and could not sleep.
On the other side, printk() callers could detect this state and use
a busy wait instead of a simple console_trylock(). Finally, the
console_lock owner checks if there is a busy waiter at the end of
the special context and eventually passes the console_lock to the
waiter.
The hand-off works surprisingly well and helps in many situations.
Well, there is still a possibility of the softlockup, for example,
when the flood of messages stops and the last owner still has too
much to flush.
There is increasing number of people having problems with
printk-related softlockups. We might eventually need to get better
solution. Anyway, this looks like a good start and promising
direction.
- Do not allow to schedule in console_unlock() called from printk():
This reverts an older controversial commit. The reschedule helped
to avoid softlockups. But it also slowed down the console output.
This patch is obsoleted by the new console waiter logic described
above. In fact, the reschedule made the hand-off less effective.
- Deprecate "%pf" and "%pF" format specifier:
It was needed on ia64, ppc64 and parisc64 to dereference function
descriptors and show the real function address. It is done
transparently by "%ps" and "pS" format specifier now.
Sergey Senozhatsky found that all the function descriptors were in
a special elf section and could be easily detected.
- Remove printk_symbol() API:
It has been obsoleted by "%pS" format specifier, and this change
helped to remove few continuous lines and a less intuitive old API.
- Remove redundant memsets:
Sergey removed unnecessary memset when processing printk.devkmsg
command line option.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/pmladek/printk: (27 commits)
printk: drop redundant devkmsg_log_str memsets
printk: Never set console_may_schedule in console_trylock()
printk: Hide console waiter logic into helpers
printk: Add console owner and waiter logic to load balance console writes
kallsyms: remove print_symbol() function
checkpatch: add pF/pf deprecation warning
symbol lookup: introduce dereference_symbol_descriptor()
parisc64: Add .opd based function descriptor dereference
powerpc64: Add .opd based function descriptor dereference
ia64: Add .opd based function descriptor dereference
sections: split dereference_function_descriptor()
openrisc: Fix conflicting types for _exext and _stext
lib: do not use print_symbol()
irq debug: do not use print_symbol()
sysfs: do not use print_symbol()
drivers: do not use print_symbol()
x86: do not use print_symbol()
unicore32: do not use print_symbol()
sh: do not use print_symbol()
mn10300: do not use print_symbol()
...
Pull networking updates from David Miller:
1) Significantly shrink the core networking routing structures. Result
of http://vger.kernel.org/~davem/seoul2017_netdev_keynote.pdf
2) Add netdevsim driver for testing various offloads, from Jakub
Kicinski.
3) Support cross-chip FDB operations in DSA, from Vivien Didelot.
4) Add a 2nd listener hash table for TCP, similar to what was done for
UDP. From Martin KaFai Lau.
5) Add eBPF based queue selection to tun, from Jason Wang.
6) Lockless qdisc support, from John Fastabend.
7) SCTP stream interleave support, from Xin Long.
8) Smoother TCP receive autotuning, from Eric Dumazet.
9) Lots of erspan tunneling enhancements, from William Tu.
10) Add true function call support to BPF, from Alexei Starovoitov.
11) Add explicit support for GRO HW offloading, from Michael Chan.
12) Support extack generation in more netlink subsystems. From Alexander
Aring, Quentin Monnet, and Jakub Kicinski.
13) Add 1000BaseX, flow control, and EEE support to mvneta driver. From
Russell King.
14) Add flow table abstraction to netfilter, from Pablo Neira Ayuso.
15) Many improvements and simplifications to the NFP driver bpf JIT,
from Jakub Kicinski.
16) Support for ipv6 non-equal cost multipath routing, from Ido
Schimmel.
17) Add resource abstration to devlink, from Arkadi Sharshevsky.
18) Packet scheduler classifier shared filter block support, from Jiri
Pirko.
19) Avoid locking in act_csum, from Davide Caratti.
20) devinet_ioctl() simplifications from Al viro.
21) More TCP bpf improvements from Lawrence Brakmo.
22) Add support for onlink ipv6 route flag, similar to ipv4, from David
Ahern.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1925 commits)
tls: Add support for encryption using async offload accelerator
ip6mr: fix stale iterator
net/sched: kconfig: Remove blank help texts
openvswitch: meter: Use 64-bit arithmetic instead of 32-bit
tcp_nv: fix potential integer overflow in tcpnv_acked
r8169: fix RTL8168EP take too long to complete driver initialization.
qmi_wwan: Add support for Quectel EP06
rtnetlink: enable IFLA_IF_NETNSID for RTM_NEWLINK
ipmr: Fix ptrdiff_t print formatting
ibmvnic: Wait for device response when changing MAC
qlcnic: fix deadlock bug
tcp: release sk_frag.page in tcp_disconnect
ipv4: Get the address of interface correctly.
net_sched: gen_estimator: fix lockdep splat
net: macb: Handle HRESP error
net/mlx5e: IPoIB, Fix copy-paste bug in flow steering refactoring
ipv6: addrconf: break critical section in addrconf_verify_rtnl()
ipv6: change route cache aging logic
i40e/i40evf: Update DESC_NEEDED value to reflect larger value
bnxt_en: cleanup DIM work on device shutdown
...
Pull x86/pti updates from Thomas Gleixner:
"Another set of melted spectrum related changes:
- Code simplifications and cleanups for RSB and retpolines.
- Make the indirect calls in KVM speculation safe.
- Whitelist CPUs which are known not to speculate from Meltdown and
prepare for the new CPUID flag which tells the kernel that a CPU is
not affected.
- A less rigorous variant of the module retpoline check which merily
warns when a non-retpoline protected module is loaded and reflects
that fact in the sysfs file.
- Prepare for Indirect Branch Prediction Barrier support.
- Prepare for exposure of the Speculation Control MSRs to guests, so
guest OSes which depend on those "features" can use them. Includes
a blacklist of the broken microcodes. The actual exposure of the
MSRs through KVM is still being worked on"
* 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/speculation: Simplify indirect_branch_prediction_barrier()
x86/retpoline: Simplify vmexit_fill_RSB()
x86/cpufeatures: Clean up Spectre v2 related CPUID flags
x86/cpu/bugs: Make retpoline module warning conditional
x86/bugs: Drop one "mitigation" from dmesg
x86/nospec: Fix header guards names
x86/alternative: Print unadorned pointers
x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
x86/msr: Add definitions for new speculation control MSRs
x86/cpufeatures: Add AMD feature bits for Speculation Control
x86/cpufeatures: Add Intel feature bits for Speculation Control
x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
module/retpoline: Warn about missing retpoline in module
KVM: VMX: Make indirect call speculation safe
KVM: x86: Make indirect calls in emulator speculation safe
There's a risk that a kernel which has full retpoline mitigations becomes
vulnerable when a module gets loaded that hasn't been compiled with the
right compiler or the right option.
To enable detection of that mismatch at module load time, add a module info
string "retpoline" at build time when the module was compiled with
retpoline support. This only covers compiled C source, but assembler source
or prebuilt object files are not checked.
If a retpoline enabled kernel detects a non retpoline protected module at
load time, print a warning and report it in the sysfs vulnerability file.
[ tglx: Massaged changelog ]
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: gregkh@linuxfoundation.org
Cc: torvalds@linux-foundation.org
Cc: jeyu@kernel.org
Cc: arjan@linux.intel.com
Link: https://lkml.kernel.org/r/20180125235028.31211-1-andi@firstfloor.org
Add injectable error types for each error-injectable function.
One motivation of error injection test is to find software flaws,
mistakes or mis-handlings of expectable errors. If we find such
flaws by the test, that is a program bug, so we need to fix it.
But if the tester miss input the error (e.g. just return success
code without processing anything), it causes unexpected behavior
even if the caller is correctly programmed to handle any errors.
That is not what we want to test by error injection.
To clarify what type of errors the caller must expect for each
injectable function, this introduces injectable error types:
- EI_ETYPE_NULL : means the function will return NULL if it
fails. No ERR_PTR, just a NULL.
- EI_ETYPE_ERRNO : means the function will return -ERRNO
if it fails.
- EI_ETYPE_ERRNO_NULL : means the function will return -ERRNO
(ERR_PTR) or NULL.
ALLOW_ERROR_INJECTION() macro is expanded to get one of
NULL, ERRNO, ERRNO_NULL to record the error type for
each function. e.g.
ALLOW_ERROR_INJECTION(open_ctree, ERRNO)
This error types are shown in debugfs as below.
====
/ # cat /sys/kernel/debug/error_injection/list
open_ctree [btrfs] ERRNO
io_ctl_init [btrfs] ERRNO
====
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Reviewed-by: Josef Bacik <jbacik@fb.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Since error-injection framework is not limited to be used
by kprobes, nor bpf. Other kernel subsystems can use it
freely for checking safeness of error-injection, e.g.
livepatch, ftrace etc.
So this separate error-injection framework from kprobes.
Some differences has been made:
- "kprobe" word is removed from any APIs/structures.
- BPF_ALLOW_ERROR_INJECTION() is renamed to
ALLOW_ERROR_INJECTION() since it is not limited for BPF too.
- CONFIG_FUNCTION_ERROR_INJECTION is the config item of this
feature. It is automatically enabled if the arch supports
error injection feature for kprobe or ftrace etc.
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Reviewed-by: Josef Bacik <jbacik@fb.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
There are two format specifiers to print out a pointer in symbolic
format: '%pS/%ps' and '%pF/%pf'. On most architectures, the two
mean exactly the same thing, but some architectures (ia64, ppc64,
parisc64) use an indirect pointer for C function pointers, where
the function pointer points to a function descriptor (which in
turn contains the actual pointer to the code). The '%pF/%pf, when
used appropriately, automatically does the appropriate function
descriptor dereference on such architectures.
The "when used appropriately" part is tricky. Basically this is
a subtle ABI detail, specific to some platforms, that made it to
the API level and people can be unaware of it and miss the whole
"we need to dereference the function" business out. [1] proves
that point (note that it fixes only '%pF' and '%pS', there might
be '%pf' and '%ps' cases as well).
It appears that we can handle everything within the affected
arches and make '%pS/%ps' smart enough to retire '%pF/%pf'.
Function descriptors live in .opd elf section and all affected
arches (ia64, ppc64, parisc64) handle it properly for kernel
and modules. So we, technically, can decide if the dereference
is needed by simply looking at the pointer: if it belongs to
.opd section then we need to dereference it.
The kernel and modules have their own .opd sections, obviously,
that's why we need to split dereference_function_descriptor()
and use separate kernel and module dereference arch callbacks.
This patch does the first step, it
a) adds dereference_kernel_function_descriptor() function.
b) adds a weak alias to dereference_module_function_descriptor()
function.
So, for the time being, we will have:
1) dereference_function_descriptor()
A generic function, that simply dereferences the pointer. There is
bunch of places that call it: kgdbts, init/main.c, extable, etc.
2) dereference_kernel_function_descriptor()
A function to call on kernel symbols that does kernel .opd section
address range test.
3) dereference_module_function_descriptor()
A function to call on modules' symbols that does modules' .opd
section address range test.
[1] https://marc.info/?l=linux-kernel&m=150472969730573
Link: http://lkml.kernel.org/r/20171109234830.5067-2-sergey.senozhatsky@gmail.com
To: Fenghua Yu <fenghua.yu@intel.com>
To: Benjamin Herrenschmidt <benh@kernel.crashing.org>
To: Paul Mackerras <paulus@samba.org>
To: Michael Ellerman <mpe@ellerman.id.au>
To: James Bottomley <jejb@parisc-linux.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Jessica Yu <jeyu@kernel.org>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: linux-ia64@vger.kernel.org
Cc: linux-parisc@vger.kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Tested-by: Tony Luck <tony.luck@intel.com> #ia64
Tested-by: Santosh Sivaraj <santosh@fossix.org> #powerpc
Tested-by: Helge Deller <deller@gmx.de> #parisc64
Signed-off-by: Petr Mladek <pmladek@suse.com>
Using BPF we can override kprob'ed functions and return arbitrary
values. Obviously this can be a bit unsafe, so make this feature opt-in
for functions. Simply tag a function with KPROBE_ERROR_INJECT_SYMBOL in
order to give BPF access to that function for error injection purposes.
Signed-off-by: Josef Bacik <jbacik@fb.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
A static variable sig_enforce is used as status var to indicate the real
value of CONFIG_MODULE_SIG_FORCE, once this one is set the var will hold
true, but if the CONFIG is not set the status var will hold whatever
value is present in the module.sig_enforce kernel cmdline param: true
when =1 and false when =0 or not present.
Considering this cmdline param take place over the CONFIG value when
it's not set, other places in the kernel could misbehave since they
would have only the CONFIG_MODULE_SIG_FORCE value to rely on. Exporting
this status var allows the kernel to rely in the effective value of
module signature enforcement, being it from CONFIG value or cmdline
param.
Signed-off-by: Bruno E. O. Meneguele <brdeoliv@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
MODULE_DEVICE_TABLE(type, name) creates an alias of type 'extern const
typeof(name)'. If 'name' is already constant the 'const' attribute is
specified twice, which is not allowed in C89 (see discussion at
https://lkml.org/lkml/2017/5/23/1440). Since the kernel is built with
-std=gnu89 clang generates warnings like this:
drivers/thermal/x86_pkg_temp_thermal.c:509:1: warning: duplicate 'const'
declaration specifier
[-Wduplicate-decl-specifier]
MODULE_DEVICE_TABLE(x86cpu, pkg_temp_thermal_ids);
^
./include/linux/module.h:212:8: note: expanded from macro 'MODULE_DEVICE_TABLE'
extern const typeof(name) __mod_##type##__##name##_device_table
Remove the const attribute from the alias to avoid the duplicate
specifier. After all it is only an alias and the attribute shouldn't
have any effect.
Signed-off-by: Matthias Kaehlcke <mka@chromium.org>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
Pull structure randomization updates from Kees Cook:
"Now that IPC and other changes have landed, enable manual markings for
randstruct plugin, including the task_struct.
This is the rest of what was staged in -next for the gcc-plugins, and
comes in three patches, largest first:
- mark "easy" structs with __randomize_layout
- mark task_struct with an optional anonymous struct to isolate the
__randomize_layout section
- mark structs to opt _out_ of automated marking (which will come
later)
And, FWIW, this continues to pass allmodconfig (normal and patched to
enable gcc-plugins) builds of x86_64, i386, arm64, arm, powerpc, and
s390 for me"
* tag 'gcc-plugins-v4.13-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
randstruct: opt-out externally exposed function pointer structs
task_struct: Allow randomized layout
randstruct: Mark various structs for randomization
This marks many critical kernel structures for randomization. These are
structures that have been targeted in the past in security exploits, or
contain functions pointers, pointers to function pointer tables, lists,
workqueues, ref-counters, credentials, permissions, or are otherwise
sensitive. This initial list was extracted from Brad Spengler/PaX Team's
code in the last public patch of grsecurity/PaX based on my understanding
of the code. Changes or omissions from the original code are mine and
don't reflect the original grsecurity/PaX code.
Left out of this list is task_struct, which requires special handling
and will be covered in a subsequent patch.
Signed-off-by: Kees Cook <keescook@chromium.org>
Pull modules updates from Jessica Yu:
- Minor code cleanups
- Fix section alignment for .init_array
* tag 'modules-for-v4.12' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux:
kallsyms: Use bounded strnchr() when parsing string
module: Unify the return value type of try_module_get
module: set .init_array alignment to 8
The prototypes of try_module_get are different with different macro.
When enable module and module unload, it returns bool, but others not.
Make the return type for try_module_get consistent across all module
config options.
Signed-off-by: Gao Feng <fgao@ikuai8.com>
[jeyu: slightly amended changelog to make it clearer]
Signed-off-by: Jessica Yu <jeyu@redhat.com>
If a PER_CPU struct which contains a spin_lock is statically initialized
via:
DEFINE_PER_CPU(struct foo, bla) = {
.lock = __SPIN_LOCK_UNLOCKED(bla.lock)
};
then lockdep assigns a seperate key to each lock because the logic for
assigning a key to statically initialized locks is to use the address as
the key. With per CPU locks the address is obvioulsy different on each CPU.
That's wrong, because all locks should have the same key.
To solve this the following modifications are required:
1) Extend the is_kernel/module_percpu_addr() functions to hand back the
canonical address of the per CPU address, i.e. the per CPU address
minus the per CPU offset.
2) Check the lock address with these functions and if the per CPU check
matches use the returned canonical address as the lock key, so all per
CPU locks have the same key.
3) Move the static_obj(key) check into look_up_lock_class() so this check
can be avoided for statically initialized per CPU locks. That's
required because the canonical address fails the static_obj(key) check
for obvious reasons.
Reported-by: Mike Galbraith <efault@gmx.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
[ Merged Dan's fixups for !MODULES and !SMP into this patch. ]
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Dan Murphy <dmurphy@ti.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Link: http://lkml.kernel.org/r/20170227143736.pectaimkjkan5kow@linutronix.de
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Pull modules updates from Jessica Yu:
"Summary of modules changes for the 4.11 merge window:
- A few small code cleanups
- Add modules git tree url to MAINTAINERS"
* tag 'modules-for-v4.11' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux:
MAINTAINERS: add tree for modules
module: fix memory leak on early load_module() failures
module: Optimize search_module_extables()
modules: mark __inittest/__exittest as __maybe_unused
livepatch/module: print notice of TAINT_LIVEPATCH
module: Drop redundant declaration of struct module
Pull rodata updates from Kees Cook:
"This renames the (now inaccurate) DEBUG_RODATA and related
SET_MODULE_RONX configs to the more sensible STRICT_KERNEL_RWX and
STRICT_MODULE_RWX"
* tag 'rodata-v4.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
arch: Rename CONFIG_DEBUG_RODATA and CONFIG_DEBUG_MODULE_RONX
arch: Move CONFIG_DEBUG_RODATA and CONFIG_SET_MODULE_RONX to be common
Pull exception table module split from Paul Gortmaker:
"Final extable.h related changes.
This completes the separation of exception table content from the
module.h header file. This is achieved with the final commit that
removes the one line back compatible change that sourced extable.h
into the module.h file.
The commits are unchanged since January, with the exception of a
couple Acks that came in for the last two commits a bit later. The
changes have been in linux-next for quite some time[1] and have got
widespread arch coverage via toolchains I have and also from
additional ones the kbuild bot has.
Maintaners of the various arch were Cc'd during the postings to
lkml[2] and informed that the intention was to take the remaining arch
specific changes and lump them together with the final two non-arch
specific changes and submit for this merge window.
The ia64 diffstat stands out and probably warrants a mention. In an
earlier review, Al Viro made a valid comment that the original header
separation of content left something to be desired, and that it get
fixed as a part of this change, hence the larger diffstat"
* tag 'extable-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux: (21 commits)
module.h: remove extable.h include now users have migrated
core: migrate exception table users off module.h and onto extable.h
cris: migrate exception table users off module.h and onto extable.h
hexagon: migrate exception table users off module.h and onto extable.h
microblaze: migrate exception table users off module.h and onto extable.h
unicore32: migrate exception table users off module.h and onto extable.h
score: migrate exception table users off module.h and onto extable.h
metag: migrate exception table users off module.h and onto extable.h
arc: migrate exception table users off module.h and onto extable.h
nios2: migrate exception table users off module.h and onto extable.h
sparc: migrate exception table users onto extable.h
openrisc: migrate exception table users off module.h and onto extable.h
frv: migrate exception table users off module.h and onto extable.h
sh: migrate exception table users off module.h and onto extable.h
xtensa: migrate exception table users off module.h and onto extable.h
mn10300: migrate exception table users off module.h and onto extable.h
alpha: migrate exception table users off module.h and onto extable.h
arm: migrate exception table users off module.h and onto extable.h
m32r: migrate exception table users off module.h and onto extable.h
ia64: ensure exception table search users include extable.h
...
Both of these options are poorly named. The features they provide are
necessary for system security and should not be considered debug only.
Change the names to CONFIG_STRICT_KERNEL_RWX and
CONFIG_STRICT_MODULE_RWX to better describe what these options do.
Signed-off-by: Laura Abbott <labbott@redhat.com>
Acked-by: Jessica Yu <jeyu@redhat.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
clang warns about unused inline functions by default:
arch/arm/crypto/aes-cipher-glue.c:68:1: warning: unused function '__inittest' [-Wunused-function]
arch/arm/crypto/aes-cipher-glue.c:69:1: warning: unused function '__exittest' [-Wunused-function]
As these appear in every single module, let's just disable the warnings by marking the
two functions as __maybe_unused.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Miroslav Benes <mbenes@suse.cz>
Acked-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Jessica Yu <jeyu@redhat.com>
The modversion symbol CRCs are emitted as ELF symbols, which allows us
to easily populate the kcrctab sections by relying on the linker to
associate each kcrctab slot with the correct value.
This has a couple of downsides:
- Given that the CRCs are treated as memory addresses, we waste 4 bytes
for each CRC on 64 bit architectures,
- On architectures that support runtime relocation, a R_<arch>_RELATIVE
relocation entry is emitted for each CRC value, which identifies it
as a quantity that requires fixing up based on the actual runtime
load offset of the kernel. This results in corrupted CRCs unless we
explicitly undo the fixup (and this is currently being handled in the
core module code)
- Such runtime relocation entries take up 24 bytes of __init space
each, resulting in a x8 overhead in [uncompressed] kernel size for
CRCs.
Switching to explicit 32 bit values on 64 bit architectures fixes most
of these issues, given that 32 bit values are not treated as quantities
that require fixing up based on the actual runtime load offset. Note
that on some ELF64 architectures [such as PPC64], these 32-bit values
are still emitted as [absolute] runtime relocatable quantities, even if
the value resolves to a build time constant. Since relative relocations
are always resolved at build time, this patch enables MODULE_REL_CRCS on
powerpc when CONFIG_RELOCATABLE=y, which turns the absolute CRC
references into relative references into .rodata where the actual CRC
value is stored.
So redefine all CRC fields and variables as u32, and redefine the
__CRC_SYMBOL() macro for 64 bit builds to emit the CRC reference using
inline assembler (which is necessary since 64-bit C code cannot use
32-bit types to hold memory addresses, even if they are ultimately
resolved using values that do not exceed 0xffffffff). To avoid
potential problems with legacy 32-bit architectures using legacy
toolchains, the equivalent C definition of the kcrctab entry is retained
for 32-bit architectures.
Note that this mostly reverts commit d4703aefdb ("module: handle ppc64
relocating kcrctabs when CONFIG_RELOCATABLE=y")
Acked-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Struct module is already declared at the beginning of the file, no
need to declare it again.
Signed-off-by: Jean Delvare <jdelvare@suse.de>
Fixes: 93c2e105f6 ("module: Optimize __module_address() using a latched RB-tree")
Cc: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Jessica Yu <jeyu@redhat.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Jessica Yu <jeyu@redhat.com>
The commit 66cc69e34e ("Fix: module signature vs tracepoints:
add new TAINT_UNSIGNED_MODULE") updated module_taint_flags() to
potentially print one more character. But it did not increase the
size of the corresponding buffers in m_show() and print_modules().
We have recently done the same mistake when adding a taint flag
for livepatching, see
https://lkml.kernel.org/r/cfba2c823bb984690b73572aaae1db596b54a082.1472137475.git.jpoimboe@redhat.com
Also struct module uses an incompatible type for mod-taints flags.
It survived from the commit 2bc2d61a96 ("[PATCH] list module
taint flags in Oops/panic"). There was used "int" for the global taint
flags at these times. But only the global tain flags was later changed
to "unsigned long" by the commit 25ddbb18aa ("Make the taint
flags reliable").
This patch defines TAINT_FLAGS_COUNT that can be used to create
arrays and buffers of the right size. Note that we could not use
enum because the taint flag indexes are used also in assembly code.
Then it reworks the table that describes the taint flags. The TAINT_*
numbers can be used as the index. Instead, we add information
if the taint flag is also shown per-module.
Finally, it uses "unsigned long", bit operations, and the updated
taint_flags table also for mod->taints.
It is not optimal because only few taint flags can be printed by
module_taint_flags(). But better be on the safe side. IMHO, it is
not worth the optimization and this is a good compromise.
Signed-off-by: Petr Mladek <pmladek@suse.com>
Link: http://lkml.kernel.org/r/1474458442-21581-1-git-send-email-pmladek@suse.com
[jeyu@redhat.com: fix broken lkml link in changelog]
Signed-off-by: Jessica Yu <jeyu@redhat.com>
Add ro_after_init support for modules by adding a new page-aligned section
in the module layout (after rodata) for ro_after_init data and enabling RO
protection for that section after module init runs.
Signed-off-by: Jessica Yu <jeyu@redhat.com>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
For historical reasons (i.e. pre-git) the exception table stuff was
buried in the middle of the module.h file. I noticed this while
doing an audit for needless includes of module.h and found core
kernel files (both arch specific and arch independent) were just
including module.h for this.
The converse is also true, in that conventional drivers, be they
for filesystems or actual hardware peripherals or similar, do not
normally care about the exception tables.
Here we fork the exception table content out of module.h into a
new file called extable.h -- and temporarily include it into the
module.h itself.
Then we will work our way across the arch independent and arch
specific files needing just exception table content, and move
them off module.h and onto extable.h
Once that is done, we can remove the extable.h from module.h
and in doing it like this, we avoid introducing build failures
into the git history.
The gain here is that module.h gets a bit smaller, across all
modular drivers that we build for allmodconfig. Also the core
files that only need exception table stuff don't have an include
of module.h that brings in lots of extra stuff and just looks
generally out of place.
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
__module_put_and_exit() is makred noreturn in module.h declaration, but is
lacking the attribute in the definition, which makes some tools (such as
sparse) unhappy. Amend the definition with the attribute as well (and
reformat the declaration so that it uses more common format).
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
For livepatch modules, copy Elf section, symbol, and string information
from the load_info struct in the module loader. Persist copies of the
original symbol table and string table.
Livepatch manages its own relocation sections in order to reuse module
loader code to write relocations. Livepatch modules must preserve Elf
information such as section indices in order to apply livepatch relocation
sections using the module loader's apply_relocate_add() function.
In order to apply livepatch relocation sections, livepatch modules must
keep a complete copy of their original symbol table in memory. Normally, a
stripped down copy of a module's symbol table (containing only "core"
symbols) is made available through module->core_symtab. But for livepatch
modules, the symbol table copied into memory on module load must be exactly
the same as the symbol table produced when the patch module was compiled.
This is because the relocations in each livepatch relocation section refer
to their respective symbols with their symbol indices, and the original
symbol indices (and thus the symtab ordering) must be preserved in order
for apply_relocate_add() to find the right symbol.
Signed-off-by: Jessica Yu <jeyu@redhat.com>
Reviewed-by: Miroslav Benes <mbenes@suse.cz>
Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>
Acked-by: Rusty Russell <rusty@rustcorp.com.au>
Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
For CONFIG_KALLSYMS, we keep two symbol tables and two string tables.
There's one full copy, marked SHF_ALLOC and laid out at the end of the
module's init section. There's also a cut-down version that only
contains core symbols and strings, and lives in the module's core
section.
After module init (and before we free the module memory), we switch
the mod->symtab, mod->num_symtab and mod->strtab to point to the core
versions. We do this under the module_mutex.
However, kallsyms doesn't take the module_mutex: it uses
preempt_disable() and rcu tricks to walk through the modules, because
it's used in the oops path. It's also used in /proc/kallsyms.
There's nothing atomic about the change of these variables, so we can
get the old (larger!) num_symtab and the new symtab pointer; in fact
this is what I saw when trying to reproduce.
By grouping these variables together, we can use a
carefully-dereferenced pointer to ensure we always get one or the
other (the free of the module init section is already done in an RCU
callback, so that's safe). We allocate the init one at the end of the
module init section, and keep the core one inside the struct module
itself (it could also have been allocated at the end of the module
core, but that's probably overkill).
Reported-by: Weilong Chen <chenweilong@huawei.com>
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=111541
Cc: stable@kernel.org
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
