This patch series does not do kernel signature verification yet. I plan
to post another patch series for that. Now distributions are already
signing PE/COFF bzImage with PKCS7 signature I plan to parse and verify
those signatures.
Primary goal of this patchset is to prepare groundwork so that kernel
image can be signed and signatures be verified during kexec load. This
should help with two things.
- It should allow kexec/kdump on secureboot enabled machines.
- In general it can help even without secureboot. By being able to verify
kernel image signature in kexec, it should help with avoiding module
signing restrictions. Matthew Garret showed how to boot into a custom
kernel, modify first kernel's memory and then jump back to old kernel and
bypass any policy one wants to.
This patch (of 15):
Kexec wants to use bin2c and it wants to use it really early in the build
process. See arch/x86/purgatory/ code in later patches.
So move bin2c in scripts/basic so that it can be built very early and
be usable by arch/x86/purgatory/
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Yinghai Lu <yinghai@kernel.org>
Cc: Eric Biederman <ebiederm@xmission.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Matthew Garrett <mjg59@srcf.ucam.org>
Cc: Greg Kroah-Hartman <greg@kroah.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: WANG Chao <chaowang@redhat.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This patch adds support for ARCH=x86 into checkstack.
Commit ffee0de411 ("x86: Default to ARCH=x86 to avoid overriding
CONFIG_64BIT") had merged ARCH=i386 and ARCH=x86_64 into one ARCH=x86.
checkstack.pl searches patterns of machine instructions which are
usually used for allocating stack frames. checkstalk.pl needs either
i386 or x86_64, x86 isn't enough:
$ make checkstack
objdump -d vmlinux $(find . -name '*.ko') | \
perl linux/scripts/checkstack.pl x86
wrong or unknown architecture "x86"
Signed-off-by: Konstantin Khlebnikov <koct9i@gmail.com>
Cc: David Woodhouse <dwmw2@infradead.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Richard Weinberger <richard@nod.at>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Merge incoming from Andrew Morton:
- Various misc things.
- arch/sh updates.
- Part of ocfs2. Review is slow.
- Slab updates.
- Most of -mm.
- printk updates.
- lib/ updates.
- checkpatch updates.
* emailed patches from Andrew Morton <akpm@linux-foundation.org>: (226 commits)
checkpatch: update $declaration_macros, add uninitialized_var
checkpatch: warn on missing spaces in broken up quoted
checkpatch: fix false positives for --strict "space after cast" test
checkpatch: fix false positive MISSING_BREAK warnings with --file
checkpatch: add test for native c90 types in unusual order
checkpatch: add signed generic types
checkpatch: add short int to c variable types
checkpatch: add for_each tests to indentation and brace tests
checkpatch: fix brace style misuses of else and while
checkpatch: add --fix option for a couple OPEN_BRACE misuses
checkpatch: use the correct indentation for which()
checkpatch: add fix_insert_line and fix_delete_line helpers
checkpatch: add ability to insert and delete lines to patch/file
checkpatch: add an index variable for fixed lines
checkpatch: warn on break after goto or return with same tab indentation
checkpatch: emit a warning on file add/move/delete
checkpatch: add test for commit id formatting style in commit log
checkpatch: emit fewer kmalloc_array/kcalloc conversion warnings
checkpatch: improve "no space after cast" test
checkpatch: allow multiple const * types
...
Pull trivial tree changes from Jiri Kosina:
"Summer edition of trivial tree updates"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (23 commits)
doc: fix two typos in watchdog-api.txt
irq-gic: remove file name from heading comment
MAINTAINERS: Add miscdevice.h to file list for char/misc drivers.
scsi: mvsas: mv_sas.c: Fix for possible null pointer dereference
doc: replace "practise" with "practice" in Documentation
befs: remove check for CONFIG_BEFS_RW
scsi: doc: fix 'SCSI_NCR_SETUP_MASTER_PARITY'
drivers/usb/phy/phy.c: remove a leading space
mfd: fix comment
cpuidle: fix comment
doc: hpfall.c: fix missing null-terminate after strncpy call
usb: doc: hotplug.txt code typos
kbuild: fix comment in Makefile.modinst
SH: add proper prompt to SH_MAGIC_PANEL_R2_VERSION
ARM: msm: Remove MSM_SCM
crypto: Remove MPILIB_EXTRA
doc: CN: remove dead link, kerneltrap.org no longer works
media: update reference, kerneltrap.org no longer works
hexagon: update reference, kerneltrap.org no longer works
doc: LSM: update reference, kerneltrap.org no longer works
...
Using uninitialized_var reports a false positive for "Missing blank line
after declarations".
Fix it by adding uninitialized_var to the $declaration_macros exceptions
list.
Move the macro list after $Type is declared.
Add optional prefixes to DECLARE_<FOO> and DEFINE_<BAR>
macro declarations to allow forms like:
MLX4_DECLARE_DOORBELL_LOCK
Signed-off-by: Joe Perches <joe@perches.com>
Reported-by: Dotan Barak <dotanb@mellanox.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Checkpatch already complains when people break up quoted strings but
it's still pretty common. One mistake that people often make is they
leave out the space character between the two strings.
This check adds around 450 new warnings and has a low rate of false
positives.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Andy Whitcroft <apw@canonical.com>
Acked-by: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commit 89da401f6cff ("checkpatch: improve "no space after cast" test")
in -next improved the cast test for non pointer types, but also
introduced false positives for some types of static inlines.
Add a test for an open brace to the exclusions to avoid these false
positives.
Signed-off-by: Joe Perches <joe@perches.com>
Reported-by: Hartley Sweeten <HartleyS@visionengravers.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Using --file mode can give false positives with MISSING_BREAK
fall-through warnings on simple but long multiple consecutive case
statements.
Look for all lines before a case statement for a switch or a statement
when using --file mode.
Fix a misspelling of preceded while there.
Signed-off-by: Joe Perches <joe@perches.com>
Reported-by: Lee Jones <lee.jones@linaro.org>
Acked-by: Lee Jones <lee.jones@linaro.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
c90 section "6.7.2 Type Specifiers" says:
"type specifiers may occur in any order"
That means that:
short int is the same as int short
unsigned short int is the same as int unsigned short
etc...
checkpatch currently parses only a subset of these allowed types.
For instance: "unsigned short" and "signed short" are found by
checkpatch as a specific type, but none of the or "int short" or "int
signed short" variants are found.
Add another table for the "kernel style misordered" variants.
Add this misordered table to the findable types.
Warn when the misordered style is used.
This improves the "Missing a blank line after declarations" test as it
depends on the correct parsing of the $Declare variable which looks for
"$Type $Ident;" (ie: declarations like "int foo;").
Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
short int is one of the 6.7.2 c90 types.
Find it appropriately.
This fixes a defect in checkpatch where it suggests that a line break
after declaration is required using an input like:
int foo;
short int bar;
Without this change, it warns on the short int line.
Signed-off-by: Joe Perches <joe@perches.com>
Reported-by: Hartley Sweeten <HartleyS@visionengravers.com>
Acked-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Add --fix corrections for ELSE_AFTER_BRACE and WHILE_AFTER_BRACE
misuses.
if (x) {
...
}
else {
...
}
is corrected to
if (x) {
...
} else {
...
}
and
do {
...
}
while (x);
is corrected to
do {
...
} while (x);
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Style misuses of these types are corrected:
typedef struct foo
{
int bar;
};
int foo(int bar) { return bar+1;
}
int foo(int bar) {
return bar+1;
}
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
I copied the which subroutine from get_maintainer.pl.
Unfortunately, get_maintainer uses a 4 space indentation so use the
proper tab indentation instead.
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Using break; after a goto or return is unnecessary so emit a warning
when the break is at the same indent level.
So this emits a warning on:
switch (foo) {
case 1:
goto err;
break;
}
but not on:
switch (foo) {
case 1:
if (bar())
goto err;
break;
}
Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Whenever files are added, moved, or deleted, the MAINTAINERS file
patterns can be out of sync or outdated.
To try to keep MAINTAINERS more up-to-date, add a one-time warning
whenever a patch does any of those.
Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Andy Whitcroft <apw@canonical.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
