Linux kernel development work - see feature branches https://git.zx2c4.com/linux-dev/atom/arch/arm/boot/compressed/misc.c?h=linus%2Fmaster 2022-04-04T08:22:37Z 2022-04-04T08:22:37Z Arnd Bergmann arnd@arndb.de 2022-04-01T13:58:09Z urn:sha1:0361c7e504b1fa3c2901643088e2f29c0354ab31 With the clock support and the interrupts out of the way, ep93xx can be compiled into the same kernel image as the other ARMv4/v5 platforms. The last obstacle are the two workarounds for broken boot loaders that require us to re-initialize the ethernet controller and/or the watchdog on certain machines. Move this code into the decompressor sources directly, checking for each possibly affected machine individually. Signed-off-by: Arnd Bergmann <arnd@arndb.de> 2021-12-03T14:11:24Z Ard Biesheuvel ardb@kernel.org 2021-10-26T08:23:31Z urn:sha1:672513bf583157cc088a32e75bd850dd9f81564c Enabling the stack protector in the decompressor is of dubious value, given that it uses a fixed value for the canary, cannot print any output unless CONFIG_DEBUG_LL is enabled (which relies on board specific build time settings), and is already disabled for a good chunk of the code (libfdt). So let's just disable it in the decompressor. This will make it easier in the future to manage the command line options that would need to be removed again in this context for the TLS register based stack protector. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2018-04-09T16:19:30Z Linus Torvalds torvalds@linux-foundation.org 2018-04-09T16:19:30Z urn:sha1:4a1e00524cbdd38567e36f9c54a0444deebd864a Pull ARM updates from Russell King: "A number of core ARM changes: - Refactoring linker script by Nicolas Pitre - Enable source fortification - Add support for Cortex R8" * 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm: ARM: decompressor: fix warning introduced in fortify patch ARM: 8751/1: Add support for Cortex-R8 processor ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE ARM: simplify and fix linker script for TCM ARM: linker script: factor out TCM bits ARM: linker script: factor out vectors and stubs ARM: linker script: factor out unwinding table sections ARM: linker script: factor out stuff for the .text section ARM: linker script: factor out stuff for the DISCARD section ARM: linker script: factor out some common definitions between XIP and non-XIP 2018-04-06T04:36:21Z Huacai Chen chenhc@lemote.com 2018-04-05T23:18:18Z urn:sha1:7bbaf27d9c83037b6e60a818e57bdbedf6bc15be Calling __stack_chk_guard_setup() in decompress_kernel() is too late that stack checking always fails for decompress_kernel() itself. So remove __stack_chk_guard_setup() and initialize __stack_chk_guard before we call decompress_kernel(). Original code comes from ARM but also used for MIPS and SH, so fix them together. If without this fix, compressed booting of these archs will fail because stack checking is enabled by default (>=4.16). Link: http://lkml.kernel.org/r/1522226933-29317-1-git-send-email-chenhc@lemote.com Fixes: 8779657d29c0 ("stackprotector: Introduce CONFIG_CC_STACKPROTECTOR_STRONG") Signed-off-by: Huacai Chen <chenhc@lemote.com> Acked-by: James Hogan <jhogan@kernel.org> Acked-by: Kees Cook <keescook@chromium.org> Acked-by: Rich Felker <dalias@libc.org> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: Russell King <linux@arm.linux.org.uk> Cc: Yoshinori Sato <ysato@users.sourceforge.jp> Cc: Ingo Molnar <mingo@elte.hu> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2018-04-05T22:56:40Z Russell King rmk+kernel@armlinux.org.uk 2018-03-29T10:59:17Z urn:sha1:5f8d561fb019a3ebe073c019bf5f797f5b06c55e Commit ee333554fed5 ("ARM: 8749/1: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE") introduced a new warning: arch/arm/boot/compressed/misc.c: In function 'fortify_panic': arch/arm/boot/compressed/misc.c:167:1: error: 'noreturn' function does return [-Werror] The simple solution would be to make 'error' a noreturn function, but this causes a prototype mismatch as the function is prototyped in several .c files. So, move the function prototype to a new header. There are also a couple of variables that are also declared in several locations. Clean this up while we are here. Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk> 2018-03-28T20:30:58Z Jinbum Park jinb.park7@gmail.com 2018-03-06T00:39:24Z urn:sha1:ee333554fed55555a986a90bb097ac7f9d6f05bf CONFIG_FORTIFY_SOURCE detects various overflows at compile-time. (6974f0c4555e ("include/linux/string.h: add the option of fortified string.h functions) ARCH_HAS_FORTIFY_SOURCE means that the architecture can be built and run with CONFIG_FORTIFY_SOURCE. Since ARM can be built and run with that flag like other architectures, select ARCH_HAS_FORTIFY_SOURCE as default. Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Jinbum Park <jinb.park7@gmail.com> Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk> 2017-11-02T10:10:55Z Greg Kroah-Hartman gregkh@linuxfoundation.org 2017-11-01T14:07:57Z urn:sha1:b24413180f5600bcb3bb70fbed5cf186b60864bd Many source files in the tree are missing licensing information, which makes it harder for compliance tools to determine the correct license. By default all files without license information are under the default license of the kernel, which is GPL version 2. Update the files which contain no license information with the 'GPL-2.0' SPDX license identifier. The SPDX identifier is a legally binding shorthand, which can be used instead of the full boiler plate text. This patch is based on work done by Thomas Gleixner and Kate Stewart and Philippe Ombredanne. How this work was done: Patches were generated and checked against linux-4.14-rc6 for a subset of the use cases: - file had no licensing information it it. - file was a */uapi/* one with no licensing information in it, - file was a */uapi/* one with existing licensing information, Further patches will be generated in subsequent months to fix up cases where non-standard license headers were used, and references to license had to be inferred by heuristics based on keywords. The analysis to determine which SPDX License Identifier to be applied to a file was done in a spreadsheet of side by side results from of the output of two independent scanners (ScanCode & Windriver) producing SPDX tag:value files created by Philippe Ombredanne. Philippe prepared the base worksheet, and did an initial spot review of a few 1000 files. The 4.13 kernel was the starting point of the analysis with 60,537 files assessed. Kate Stewart did a file by file comparison of the scanner results in the spreadsheet to determine which SPDX license identifier(s) to be applied to the file. She confirmed any determination that was not immediately clear with lawyers working with the Linux Foundation. Criteria used to select files for SPDX license identifier tagging was: - Files considered eligible had to be source code files. - Make and config files were included as candidates if they contained >5 lines of source - File already had some variant of a license header in it (even if <5 lines). All documentation files were explicitly excluded. The following heuristics were used to determine which SPDX license identifiers to apply. - when both scanners couldn't find any license traces, file was considered to have no license information in it, and the top level COPYING file license applied. For non */uapi/* files that summary was: SPDX license identifier # files ---------------------------------------------------|------- GPL-2.0 11139 and resulted in the first patch in this series. If that file was a */uapi/* path one, it was "GPL-2.0 WITH Linux-syscall-note" otherwise it was "GPL-2.0". Results of that was: SPDX license identifier # files ---------------------------------------------------|------- GPL-2.0 WITH Linux-syscall-note 930 and resulted in the second patch in this series. - if a file had some form of licensing information in it, and was one of the */uapi/* ones, it was denoted with the Linux-syscall-note if any GPL family license was found in the file or had no licensing in it (per prior point). Results summary: SPDX license identifier # files ---------------------------------------------------|------ GPL-2.0 WITH Linux-syscall-note 270 GPL-2.0+ WITH Linux-syscall-note 169 ((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) 21 ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 17 LGPL-2.1+ WITH Linux-syscall-note 15 GPL-1.0+ WITH Linux-syscall-note 14 ((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause) 5 LGPL-2.0+ WITH Linux-syscall-note 4 LGPL-2.1 WITH Linux-syscall-note 3 ((GPL-2.0 WITH Linux-syscall-note) OR MIT) 3 ((GPL-2.0 WITH Linux-syscall-note) AND MIT) 1 and that resulted in the third patch in this series. - when the two scanners agreed on the detected license(s), that became the concluded license(s). - when there was disagreement between the two scanners (one detected a license but the other didn't, or they both detected different licenses) a manual inspection of the file occurred. - In most cases a manual inspection of the information in the file resulted in a clear resolution of the license that should apply (and which scanner probably needed to revisit its heuristics). - When it was not immediately clear, the license identifier was confirmed with lawyers working with the Linux Foundation. - If there was any question as to the appropriate license identifier, the file was flagged for further research and to be revisited later in time. In total, over 70 hours of logged manual review was done on the spreadsheet to determine the SPDX license identifiers to apply to the source files by Kate, Philippe, Thomas and, in some cases, confirmation by lawyers working with the Linux Foundation. Kate also obtained a third independent scan of the 4.13 code base from FOSSology, and compared selected files where the other two scanners disagreed against that SPDX file, to see if there was new insights. The Windriver scanner is based on an older version of FOSSology in part, so they are related. Thomas did random spot checks in about 500 files from the spreadsheets for the uapi headers and agreed with SPDX license identifier in the files he inspected. For the non-uapi files Thomas did random spot checks in about 15000 files. In initial set of patches against 4.14-rc6, 3 files were found to have copy/paste license identifier errors, and have been fixed to reflect the correct identifier. Additionally Philippe spent 10 hours this week doing a detailed manual inspection and review of the 12,461 patched files from the initial patch version early this week with: - a full scancode scan run, collecting the matched texts, detected license ids and scores - reviewing anything where there was a license detected (about 500+ files) to ensure that the applied SPDX license was correct - reviewing anything where there was no detection but the patch license was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied SPDX license was correct This produced a worksheet with 20 files needing minor correction. This worksheet was then exported into 3 different .csv files for the different types of files to be modified. These .csv files were then reviewed by Greg. Thomas wrote a script to parse the csv files and add the proper SPDX tag to the file, in the format that the file expected. This script was further refined by Greg based on the output to detect more types of files automatically and to distinguish between header and source .c files (which need different comment types.) Finally Greg ran the script using the .csv files to generate the patches. Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org> Reviewed-by: Philippe Ombredanne <pombredanne@nexb.com> Reviewed-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2013-12-20T08:38:40Z Kees Cook keescook@chromium.org 2013-12-19T19:35:59Z urn:sha1:8779657d29c0ebcc0c94ede4df2f497baf1b563f This changes the stack protector config option into a choice of "None", "Regular", and "Strong": CONFIG_CC_STACKPROTECTOR_NONE CONFIG_CC_STACKPROTECTOR_REGULAR CONFIG_CC_STACKPROTECTOR_STRONG "Regular" means the old CONFIG_CC_STACKPROTECTOR=y option. "Strong" is a new mode introduced by this patch. With "Strong" the kernel is built with -fstack-protector-strong (available in gcc 4.9 and later). This option increases the coverage of the stack protector without the heavy performance hit of -fstack-protector-all. For reference, the stack protector options available in gcc are: -fstack-protector-all: Adds the stack-canary saving prefix and stack-canary checking suffix to _all_ function entry and exit. Results in substantial use of stack space for saving the canary for deep stack users (e.g. historically xfs), and measurable (though shockingly still low) performance hit due to all the saving/checking. Really not suitable for sane systems, and was entirely removed as an option from the kernel many years ago. -fstack-protector: Adds the canary save/check to functions that define an 8 (--param=ssp-buffer-size=N, N=8 by default) or more byte local char array. Traditionally, stack overflows happened with string-based manipulations, so this was a way to find those functions. Very few total functions actually get the canary; no measurable performance or size overhead. -fstack-protector-strong Adds the canary for a wider set of functions, since it's not just those with strings that have ultimately been vulnerable to stack-busting. With this superset, more functions end up with a canary, but it still remains small compared to all functions with only a small change in performance. Based on the original design document, a function gets the canary when it contains any of: - local variable's address used as part of the right hand side of an assignment or function argument - local variable is an array (or union containing an array), regardless of array type or length - uses register local variables https://docs.google.com/a/google.com/document/d/1xXBH6rRZue4f296vGt9YQcuLVQHeE516stHwt8M9xyU Find below a comparison of "size" and "objdump" output when built with gcc-4.9 in three configurations: - defconfig 11430641 kernel text size 36110 function bodies - defconfig + CONFIG_CC_STACKPROTECTOR_REGULAR 11468490 kernel text size (+0.33%) 1015 of 36110 functions are stack-protected (2.81%) - defconfig + CONFIG_CC_STACKPROTECTOR_STRONG via this patch 11692790 kernel text size (+2.24%) 7401 of 36110 functions are stack-protected (20.5%) With -strong, ARM's compressed boot code now triggers stack protection, so a static guard was added. Since this is only used during decompression and was never used before, the exposure here is very small. Once it switches to the full kernel, the stack guard is back to normal. Chrome OS has been using -fstack-protector-strong for its kernel builds for the last 8 months with no problems. Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Arjan van de Ven <arjan@linux.intel.com> Cc: Michal Marek <mmarek@suse.cz> Cc: Russell King <linux@arm.linux.org.uk> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: Paul Mundt <lethal@linux-sh.org> Cc: James Hogan <james.hogan@imgtec.com> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Cc: Shawn Guo <shawn.guo@linaro.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: linux-arm-kernel@lists.infradead.org Cc: linux-mips@linux-mips.org Cc: linux-arch@vger.kernel.org Link: http://lkml.kernel.org/r/1387481759-14535-3-git-send-email-keescook@chromium.org [ Improved the changelog and descriptions some more. ] Signed-off-by: Ingo Molnar <mingo@kernel.org> 2013-03-15T17:18:51Z Shawn Guo shawn.guo@linaro.org 2013-03-14T07:47:27Z urn:sha1:615967b00fecc9e636dc59bf1ee322274f7dd041 Following the approach handling DEBUG_LL inclusion, the patch creates a Kconfig symbol CONFIG_UNCOMPRESS_INCLUDE for choosing the correct uncompress header. For traditional build, mach/uncompress.h will be included in arch/arm/boot/compressed/misc.c. For multiplatform build, debug/uncompress.h which contains a suite of empty functions will be used. In this way, a platform with particular uncompress.h implementation could choose its own uncompress.h with this Kconfig option. Signed-off-by: Shawn Guo <shawn.guo@linaro.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk> 2012-09-14T14:22:06Z Rob Herring rob.herring@calxeda.com 2012-09-06T18:41:12Z urn:sha1:387798b37c8dd0ae24c0ac12ba456dd76865bca3 This lets us build a multiplatform kernel for experimental purposes. However, it will not be useful for any real work, because it relies on a number of useful things to be disabled for now: * SMP support must be turned off because of conflicting symbols. Marc Zyngier has proposed a solution by adding a new SOC operations structure to hold indirect function pointers for these, but that work is currently stalled * We turn on SPARSE_IRQ unconditionally, which is not supported on most platforms. Each of them is currently in a different state, but most are being worked on. * A common clock framework is in place since v3.4 but not yet being used. Work on this is on its way. * DEBUG_LL for early debugging is currently disabled. * THUMB2_KERNEL does not work with allyesconfig because the kernel gets too big [Rob Herring]: Rebased to not be dependent on the mass mach header rename. As a result, omap2plus, imx, mxs and ux500 are not converted. Highbank, picoxcell, mvebu, and socfpga are converted. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Rob Herring <rob.herring@calxeda.com> Cc: Russell King <linux@arm.linux.org.uk> Cc: Jason Cooper <jason@lakedaemon.net> Cc: Andrew Lunn <andrew@lunn.ch> Acked-by: Jamie Iles <jamie@jamieiles.com> Cc: Dinh Nguyen <dinguyen@altera.com>