Eric Lee / smarc-fsl-linux-kernel

02 Nov, 2017

1 commit

  • b24413180   License cleanup: add SPDX GPL-2.0 license identifier to files with no license ... Browse Code »

    Many source files in the tree are missing licensing information, which
    makes it harder for compliance tools to determine the correct license.

    By default all files without license information are under the default
    license of the kernel, which is GPL version 2.

    Update the files which contain no license information with the 'GPL-2.0'
    SPDX license identifier. The SPDX identifier is a legally binding
    shorthand, which can be used instead of the full boiler plate text.

    This patch is based on work done by Thomas Gleixner and Kate Stewart and
    Philippe Ombredanne.

    How this work was done:

    Patches were generated and checked against linux-4.14-rc6 for a subset of
    the use cases:
    - file had no licensing information it it.
    - file was a */uapi/* one with no licensing information in it,
    - file was a */uapi/* one with existing licensing information,

    Further patches will be generated in subsequent months to fix up cases
    where non-standard license headers were used, and references to license
    had to be inferred by heuristics based on keywords.

    The analysis to determine which SPDX License Identifier to be applied to
    a file was done in a spreadsheet of side by side results from of the
    output of two independent scanners (ScanCode & Windriver) producing SPDX
    tag:value files created by Philippe Ombredanne. Philippe prepared the
    base worksheet, and did an initial spot review of a few 1000 files.

    The 4.13 kernel was the starting point of the analysis with 60,537 files
    assessed. Kate Stewart did a file by file comparison of the scanner
    results in the spreadsheet to determine which SPDX license identifier(s)
    to be applied to the file. She confirmed any determination that was not
    immediately clear with lawyers working with the Linux Foundation.

    Criteria used to select files for SPDX license identifier tagging was:
    - Files considered eligible had to be source code files.
    - Make and config files were included as candidates if they contained >5
    lines of source
    - File already had some variant of a license header in it (even if
    Reviewed-by: Philippe Ombredanne
    Reviewed-by: Thomas Gleixner
    Signed-off-by: Greg Kroah-Hartman

    Greg Kroah-Hartman
     

13 Nov, 2013

1 commit

  • c725ee54c   gen_init_cpio: avoid NULL pointer dereference and rework env expanding ... Browse Code »

    getenv() may return NULL if given environment variable does not exist
    which leads to NULL dereference when calling strncat.

    Besides that, the environment variable name was copied to a temporary
    env_var buffer, but this copying can be avoided by simply using the input
    string.

    Lastly, the whole loop can be greatly simplified by using the snprintf
    function instead of the playing with strncat.

    By the way, the current implementation allows a recursive variable
    expansion, as in:

    $ echo 'out ${A} out ' | A='a ${B} a' B=b /tmp/a
    out a b a out

    I'm assuming this is just a side effect and not a conscious decision
    (especially as this may lead to infinite loop), but I didn't want to
    change this behaviour without consulting.

    If the current behaviour is deamed incorrect, I'll be happy to send
    a patch without recursive processing.

    Signed-off-by: Michal Nazarewicz
    Cc: Kees Cook
    Cc: Jiri Kosina
    Cc: Jesper Juhl
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Michal Nazarewicz
     

19 Nov, 2012

1 commit

26 Oct, 2012

1 commit

  • 20f1de659   gen_init_cpio: avoid stack overflow when expanding ... Browse Code »

    Fix possible overflow of the buffer used for expanding environment
    variables when building file list.

    In the extremely unlikely case of an attacker having control over the
    environment variables visible to gen_init_cpio, control over the
    contents of the file gen_init_cpio parses, and gen_init_cpio was built
    without compiler hardening, the attacker can gain arbitrary execution
    control via a stack buffer overflow.

    $ cat usr/crash.list
    file foo ${BIG}${BIG}${BIG}${BIG}${BIG}${BIG} 0755 0 0
    $ BIG=$(perl -e 'print "A" x 4096;') ./usr/gen_init_cpio usr/crash.list
    *** buffer overflow detected ***: ./usr/gen_init_cpio terminated

    This also replaces the space-indenting with tabs.

    Patch based on existing fix extracted from grsecurity.

    Signed-off-by: Kees Cook
    Cc: Michal Marek
    Cc: Brad Spengler
    Cc: PaX Team
    Cc:
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Kees Cook
     

18 Apr, 2011

1 commit

06 Jan, 2011

1 commit

29 Dec, 2010

1 commit

  • 96aebafa6   gen_init_cpio: Avoid race between call to stat() and call to open() ... Browse Code »

    In usr/gen_init_cpio.c::cpio_mkfile() a call to stat() is made based on
    pathname, subsequently the file is open()'ed and then the value of the
    initial stat() call is used to allocate a buffer. This is not safe since
    the file may change between the call to stat() and the call to open().
    Safer to just open() the file and then do fstat() using the filedescriptor
    returned by open.

    Signed-off-by: Jesper Juhl
    Acked-by: Jeff Garzik
    Signed-off-by: Michal Marek

    Jesper Juhl
     

02 Dec, 2010

1 commit

  • 43f901fbc   gen_init_cpio: remove leading `/' from file names ... Browse Code »

    When we extracted the generated cpio archive using "cpio -id" command,
    it complained,

    cpio: Removing leading `/' from member names
    var/run
    cpio: Removing leading `/' from member names
    var/lib
    cpio: Removing leading `/' from member names
    var/lib/misc

    It is worse with the latest "cpio" or "pax", which tries to overwrite
    the host file system with the leading '/'.

    So the leading '/' of file names should be removed. This is consistent
    with the initramfs come with major distributions such as Fedora or
    Debian, etc.

    Signed-off-by: Thomas Chou
    Acked-by: Mike Frysinger
    Signed-off-by: Michal Marek

    Thomas Chou
     

12 Dec, 2009

1 commit

  • 6d87fea4d   gen_init_cpio: fixed fwrite warning ... Browse Code »

    On compilers with security warnings enabled by default, we get:

    usr/gen_init_cpio.c: In function ‘cpio_mkfile’:
    usr/gen_init_cpio.c:357: warning: ignoring return value of ‘fwrite’,
    declared with attribute warn_unused_result

    So check the return value and handle errors accordingly.

    Signed-off-by: Mike Frysinger
    Signed-off-by: Michal Marek

    Mike Frysinger
     

23 Sep, 2009

1 commit

04 Dec, 2008

1 commit

  • 3b1ec9fb8   kbuild: gen_init_cpio expands shell variables in file names ... Browse Code »

    Modify gen_init_cpio so that lines that specify files can contain
    what looks like a shell variable that's expanded during processing.

    For example:

    file /sbin/kinit ${RFS_BASE}/usr/src/klibc/kinit/kinit 0755 0 0

    given RFS_BASE is "/some/directory" in the environment

    would be expanded to

    file /sbin/kinit /some/directory/usr/src/klibc/kinit/kinit 0755 0 0

    If several environment variables appear in a line, they are all expanded
    with processing happening from left to right.
    Undefined variables expand to a null string.
    Syntax errors stop processing, letting the existing error handling
    show the user offending line.

    This patch helps embedded folks who frequently create several
    RFS directories and then switch between them as they're tuning
    an initramfs.

    Signed-off-by: gene.sally@timesys.com
    Signed-off-by: Sam Ravnborg

    Sally, Gene
     

17 Jul, 2007

1 commit

12 Feb, 2007

1 commit

  • 24fa50961   [PATCH] usr/gen_init_cpio.c: support for hard links ... Browse Code »

    Extend usr/gen_init_cpio.c "file" entry, adding support for hard links.

    Previous format:
    file

    New format:
    file []

    The hard links specification is optional, keeping the previous
    behaviour.

    All hard links are defined sequentially in the resulting cpio and the
    file data is present only in the last link. This is the behaviour of
    GNU's cpio and is supported by the kernel initramfs extractor.

    Signed-off-by: Luciano Rocha
    Cc: Al Viro
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Luciano Rocha
     

20 Apr, 2006

1 commit

17 Apr, 2005

1 commit

  • 1da177e4c   Linux-2.6.12-rc2 ... Browse Code »

    Initial git repository build. I'm not bothering with the full history,
    even though we have it. We can create a separate "historical" git
    archive of that later if we want to, and in the meantime it's about
    3.2GB when imported into git - space that would just make the early
    git days unnecessarily complicated, when we don't have a lot of good
    infrastructure for it.

    Let it rip!

    Linus Torvalds