Skip to content
  1. May 25, 2011
  2. May 19, 2011
  3. May 12, 2011
    • Ingo Molnar's avatar
      vsprintf: Turn kptr_restrict off by default · 411f05f1
      Ingo Molnar authored
      
      
      kptr_restrict has been triggering bugs in apps such as perf, and it also makes
      the system less useful by default, so turn it off by default.
      
      This is how we generally handle security features that remove functionality,
      such as firewall code or SELinux - they have to be configured and activated
      from user-space.
      
      Distributions can turn kptr_restrict on again via this line in
      /etc/sysctrl.conf:
      
      kernel.kptr_restrict = 1
      
      ( Also mark the variable __read_mostly while at it, as it's typically modified
        only once per bootup, or not at all. )
      
      Signed-off-by: default avatarIngo Molnar <mingo@elte.hu>
      Acked-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      411f05f1
  4. May 06, 2011
  5. May 02, 2011
  6. Apr 28, 2011
  7. Apr 25, 2011
  8. Apr 14, 2011
  9. Apr 10, 2011
  10. Apr 07, 2011
  11. Apr 06, 2011
  12. Apr 05, 2011
  13. Mar 31, 2011
  14. Mar 25, 2011
  15. Mar 24, 2011
    • Namhyung Kim's avatar
      vsprintf: Introduce %pB format specifier · 0f77a8d3
      Namhyung Kim authored
      
      
      The %pB format specifier is for stack backtrace. Its handler
      sprint_backtrace() does symbol lookup using (address-1) to
      ensure the address will not point outside of the function.
      
      If there is a tail-call to the function marked "noreturn",
      gcc optimized out the code after the call then causes saved
      return address points outside of the function (i.e. the start
      of the next function), so pollutes call trace somewhat.
      
      This patch adds the %pB printk mechanism that allows architecture
      call-trace printout functions to improve backtrace printouts.
      
      Signed-off-by: default avatarNamhyung Kim <namhyung@gmail.com>
      Acked-by: default avatarSteven Rostedt <rostedt@goodmis.org>
      Acked-by: default avatarFrederic Weisbecker <fweisbec@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: linux-arch@vger.kernel.org
      LKML-Reference: <1300934550-21394-1-git-send-email-namhyung@gmail.com>
      Signed-off-by: default avatarIngo Molnar <mingo@elte.hu>
      0f77a8d3
    • Akinobu Mita's avatar
      bitops: introduce CONFIG_GENERIC_FIND_BIT_LE · 0664996b
      Akinobu Mita authored
      
      
      This introduces CONFIG_GENERIC_FIND_BIT_LE to tell whether to use generic
      implementation of find_*_bit_le() in lib/find_next_bit.c or not.
      
      For now we select CONFIG_GENERIC_FIND_BIT_LE for all architectures which
      enable CONFIG_GENERIC_FIND_NEXT_BIT.
      
      But m68knommu wants to define own faster find_next_zero_bit_le() and
      continues using generic find_next_{,zero_}bit().
      (CONFIG_GENERIC_FIND_NEXT_BIT and !CONFIG_GENERIC_FIND_BIT_LE)
      
      Signed-off-by: default avatarAkinobu Mita <akinobu.mita@gmail.com>
      Cc: Greg Ungerer <gerg@uclinux.org>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      0664996b
    • Akinobu Mita's avatar
      asm-generic: change little-endian bitops to take any pointer types · a56560b3
      Akinobu Mita authored
      
      
      This makes the little-endian bitops take any pointer types by changing the
      prototypes and adding casts in the preprocessor macros.
      
      That would seem to at least make all the filesystem code happier, and they
      can continue to do just something like
      
        #define ext2_set_bit __test_and_set_bit_le
      
      (or whatever the exact sequence ends up being).
      
      Signed-off-by: default avatarAkinobu Mita <akinobu.mita@gmail.com>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Cc: Richard Henderson <rth@twiddle.net>
      Cc: Ivan Kokshaysky <ink@jurassic.park.msu.ru>
      Cc: Mikael Starvik <starvik@axis.com>
      Cc: David Howells <dhowells@redhat.com>
      Cc: Yoshinori Sato <ysato@users.sourceforge.jp>
      Cc: "Luck, Tony" <tony.luck@intel.com>
      Cc: Ralf Baechle <ralf@linux-mips.org>
      Cc: Kyle McMartin <kyle@mcmartin.ca>
      Cc: Matthew Wilcox <willy@debian.org>
      Cc: Grant Grundler <grundler@parisc-linux.org>
      Cc: Paul Mundt <lethal@linux-sh.org>
      Cc: Kazumoto Kojima <kkojima@rr.iij4u.or.jp>
      Cc: Hirokazu Takata <takata@linux-m32r.org>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Chris Zankel <chris@zankel.net>
      Cc: Ingo Molnar <mingo@elte.hu>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Hans-Christian Egtvedt <hans-christian.egtvedt@atmel.com>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Cc: Paul Mackerras <paulus@samba.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      a56560b3
    • Akinobu Mita's avatar
      asm-generic: rename generic little-endian bitops functions · c4945b9e
      Akinobu Mita authored
      
      
      As a preparation for providing little-endian bitops for all architectures,
      This renames generic implementation of little-endian bitops.  (remove
      "generic_" prefix and postfix "_le")
      
      s/generic_find_next_le_bit/find_next_bit_le/
      s/generic_find_next_zero_le_bit/find_next_zero_bit_le/
      s/generic_find_first_zero_le_bit/find_first_zero_bit_le/
      s/generic___test_and_set_le_bit/__test_and_set_bit_le/
      s/generic___test_and_clear_le_bit/__test_and_clear_bit_le/
      s/generic_test_le_bit/test_bit_le/
      s/generic___set_le_bit/__set_bit_le/
      s/generic___clear_le_bit/__clear_bit_le/
      s/generic_test_and_set_le_bit/test_and_set_bit_le/
      s/generic_test_and_clear_le_bit/test_and_clear_bit_le/
      
      Signed-off-by: default avatarAkinobu Mita <akinobu.mita@gmail.com>
      Acked-by: default avatarArnd Bergmann <arnd@arndb.de>
      Acked-by: default avatarHans-Christian Egtvedt <hans-christian.egtvedt@atmel.com>
      Cc: Geert Uytterhoeven <geert@linux-m68k.org>
      Cc: Roman Zippel <zippel@linux-m68k.org>
      Cc: Andreas Schwab <schwab@linux-m68k.org>
      Cc: Greg Ungerer <gerg@uclinux.org>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Cc: Paul Mackerras <paulus@samba.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      c4945b9e
  16. Mar 23, 2011
    • Jim Keniston's avatar
      zlib: slim down zlib_deflate() workspace when possible · 565d76cb
      Jim Keniston authored
      
      
      Instead of always creating a huge (268K) deflate_workspace with the
      maximum compression parameters (windowBits=15, memLevel=8), allow the
      caller to obtain a smaller workspace by specifying smaller parameter
      values.
      
      For example, when capturing oops and panic reports to a medium with
      limited capacity, such as NVRAM, compression may be the only way to
      capture the whole report.  In this case, a small workspace (24K works
      fine) is a win, whether you allocate the workspace when you need it (i.e.,
      during an oops or panic) or at boot time.
      
      I've verified that this patch works with all accepted values of windowBits
      (positive and negative), memLevel, and compression level.
      
      Signed-off-by: default avatarJim Keniston <jkenisto@us.ibm.com>
      Cc: Herbert Xu <herbert@gondor.apana.org.au>
      Cc: David Miller <davem@davemloft.net>
      Cc: Chris Mason <chris.mason@oracle.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      565d76cb
    • Alexey Dobriyan's avatar
      kstrto*: converting strings to integers done (hopefully) right · 33ee3b2e
      Alexey Dobriyan authored
      
      
      1. simple_strto*() do not contain overflow checks and crufty,
         libc way to indicate failure.
      2. strict_strto*() also do not have overflow checks but the name and
         comments pretend they do.
      3. Both families have only "long long" and "long" variants,
         but users want strtou8()
      4. Both "simple" and "strict" prefixes are wrong:
         Simple doesn't exactly say what's so simple, strict should not exist
         because conversion should be strict by default.
      
      The solution is to use "k" prefix and add convertors for more types.
      Enter
      	kstrtoull()
      	kstrtoll()
      	kstrtoul()
      	kstrtol()
      	kstrtouint()
      	kstrtoint()
      
      	kstrtou64()
      	kstrtos64()
      	kstrtou32()
      	kstrtos32()
      	kstrtou16()
      	kstrtos16()
      	kstrtou8()
      	kstrtos8()
      
      Include runtime testsuite (somewhat incomplete) as well.
      
      strict_strto*() become deprecated, stubbed to kstrto*() and
      eventually will be removed altogether.
      
      Use kstrto*() in code today!
      
      Note: on some archs _kstrtoul() and _kstrtol() are left in tree, even if
            they'll be unused at runtime. This is temporarily solution,
            because I don't want to hardcode list of archs where these
            functions aren't needed. Current solution with sizeof() and
            __alignof__ at least always works.
      
      Signed-off-by: default avatarAlexey Dobriyan <adobriyan@gmail.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      33ee3b2e
    • Mandeep Singh Baines's avatar
      printk: allow setting DEFAULT_MESSAGE_LEVEL via Kconfig · 5af5bcb8
      Mandeep Singh Baines authored
      
      
      We've been burned by regressions/bugs which we later realized could have
      been triaged quicker if only we'd paid closer attention to dmesg.  To make
      it easier to audit dmesg, we'd like to make DEFAULT_MESSAGE_LEVEL
      Kconfig-settable.  That way we can set it to KERN_NOTICE and audit any
      messages <= KERN_WARNING.
      
      Signed-off-by: default avatarMandeep Singh Baines <msb@chromium.org>
      Cc: Ingo Molnar <mingo@elte.hu>
      Cc: Joe Perches <joe@perches.com>
      Cc: Olof Johansson <olofj@chromium.org>
      Cc: Randy Dunlap <randy.dunlap@oracle.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      5af5bcb8
    • Kees Cook's avatar
      printk: use %pK for /proc/kallsyms and /proc/modules · 9f36e2c4
      Kees Cook authored
      
      
      In an effort to reduce kernel address leaks that might be used to help
      target kernel privilege escalation exploits, this patch uses %pK when
      displaying addresses in /proc/kallsyms, /proc/modules, and
      /sys/module/*/sections/*.
      
      Note that this changes %x to %p, so some legitimately 0 values in
      /proc/kallsyms would have changed from 00000000 to "(null)".  To avoid
      this, "(null)" is not used when using the "K" format.  Anything that was
      already successfully parsing "(null)" in addition to full hex digits
      should have no problem with this change.  (Thanks to Joe Perches for the
      suggestion.) Due to the %x to %p, "void *" casts are needed since these
      addresses are already "unsigned long" everywhere internally, due to their
      starting life as ELF section offsets.
      
      Signed-off-by: default avatarKees Cook <kees.cook@canonical.com>
      Cc: Eugene Teo <eugene@redhat.com>
      Cc: Dan Rosenberg <drosenberg@vsecurity.com>
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      9f36e2c4
    • Joe Perches's avatar
      vsprintf: neaten %pK kptr_restrict, save a bit of code space · 26297607
      Joe Perches authored
      
      
      If kptr restrictions are on, just set the passed pointer to NULL.
      
      $ size lib/vsprintf.o.*
         text	   data	    bss	    dec	    hex	filename
         8247	      4	      2	   8253	   203d	lib/vsprintf.o.new
         8282	      4	      2	   8288	   2060	lib/vsprintf.o.old
      
      Signed-off-by: default avatarJoe Perches <joe@perches.com>
      Cc: Dan Rosenberg <drosenberg@vsecurity.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      26297607
Loading