16 Nov, 2015
1 commit
11 Nov, 2015
1 commit
-
Pull kbuild update from Michal Marek:
"The kbuild branch for v4.4-rc1 only has one commit: A new make
kselftest-clean target cleans tools/testing/selftests"* 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
kselftest: add kselftest-clean rule
06 Nov, 2015
2 commits
-
Pull KVM updates from Paolo Bonzini:
"First batch of KVM changes for 4.4.s390:
A bunch of fixes and optimizations for interrupt and time handling.PPC:
Mostly bug fixes.ARM:
No big features, but many small fixes and prerequisites including:- a number of fixes for the arch-timer
- introducing proper level-triggered semantics for the arch-timers
- a series of patches to synchronously halt a guest (prerequisite
for IRQ forwarding)- some tracepoint improvements
- a tweak for the EL2 panic handlers
- some more VGIC cleanups getting rid of redundant state
x86:
Quite a few changes:- support for VT-d posted interrupts (i.e. PCI devices can inject
interrupts directly into vCPUs). This introduces a new
component (in virt/lib/) that connects VFIO and KVM together.
The same infrastructure will be used for ARM interrupt
forwarding as well.- more Hyper-V features, though the main one Hyper-V synthetic
interrupt controller will have to wait for 4.5. These will let
KVM expose Hyper-V devices.- nested virtualization now supports VPID (same as PCID but for
vCPUs) which makes it quite a bit faster- for future hardware that supports NVDIMM, there is support for
clflushopt, clwb, pcommit- support for "split irqchip", i.e. LAPIC in kernel +
IOAPIC/PIC/PIT in userspace, which reduces the attack surface of
the hypervisor- obligatory smattering of SMM fixes
- on the guest side, stable scheduler clock support was rewritten
to not require help from the hypervisor"* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (123 commits)
KVM: VMX: Fix commit which broke PML
KVM: x86: obey KVM_X86_QUIRK_CD_NW_CLEARED in kvm_set_cr0()
KVM: x86: allow RSM from 64-bit mode
KVM: VMX: fix SMEP and SMAP without EPT
KVM: x86: move kvm_set_irq_inatomic to legacy device assignment
KVM: device assignment: remove pointless #ifdefs
KVM: x86: merge kvm_arch_set_irq with kvm_set_msi_inatomic
KVM: x86: zero apic_arb_prio on reset
drivers/hv: share Hyper-V SynIC constants with userspace
KVM: x86: handle SMBASE as physical address in RSM
KVM: x86: add read_phys to x86_emulate_ops
KVM: x86: removing unused variable
KVM: don't pointlessly leave KVM_COMPAT=y in non-KVM configs
KVM: arm/arm64: Merge vgic_set_lr() and vgic_sync_lr_elrsr()
KVM: arm/arm64: Clean up vgic_retire_lr() and surroundings
KVM: arm/arm64: Optimize away redundant LR tracking
KVM: s390: use simple switch statement as multiplexer
KVM: s390: drop useless newline in debugging data
KVM: s390: SCA must not cross page boundaries
KVM: arm: Do not indent the arguments of DECLARE_BITMAP
... -
Pull documentation update from Jon Corbet:
"There is a nice new document from Neil on how pathname lookups work
and some new CAN driver documentation. Beyond that, we have
kernel-doc fixes, a bit more work to support reproducible builds, and
the usual collection of small fixes"* tag 'docs-for-linus' of git://git.lwn.net/linux: (34 commits)
Documentation: add new description of path-name lookup.
Documentation/vm/slub.txt: document slabinfo-gnuplot.sh
Doc: ABI/stable: Fix typo in ABI/stable
doc: Clarify that nmi_watchdog param is for hardlockups
Typo correction for description in gpio document.
DocBook: Fix kernel-doc to be case-insensitive for private:
kernel-docs.txt: update kernelnewbies reference
Doc:kvm: Fix typo in Doc/virtual/kvm
Documentation/Changes: Add bc in "Current Minimal Requirements" section
Documentation/email-clients.txt: remove trailing whitespace
DocBook: Use a fixed encoding for output
MAINTAINERS: The docs tree has moved
Docs/kernel-parameters: Add earlycon devicetree usage
SubmittingPatches: make Subject examples match the de facto standard
Documentation: gpio: mention that -gpio has been deprecated
Documentation: cgroups: just fix a few typos
Documentation: Update kselftest.txt
Documentation: DMA API: Be more explicit that nents is always the same
Documentation: Update the default value of crashkernel low
zram: update documentation
...
02 Nov, 2015
1 commit
25 Oct, 2015
1 commit
19 Oct, 2015
1 commit
12 Oct, 2015
1 commit
08 Oct, 2015
1 commit
-
We use
$make TARGETS="size timers" kselftest
to build and run selftests. but there is no rule
for us to clean the kselftest generated files.This patch add the rules, for example:
$ make TARGETS="size timers" kselftest-clean
can clean all kselftest generated files.
Signed-off-by: Wang Long
Acked-by: Michael Ellerman
Signed-off-by: Michal Marek
04 Oct, 2015
1 commit
01 Oct, 2015
1 commit
-
We need to build files in virt/lib/, which are now used by
KVM and VFIO, so add virt directory to the top Makefile.Signed-off-by: Feng Wu
Acked-by: Michal Marek
Signed-off-by: Paolo Bonzini
28 Sep, 2015
1 commit
-
Currently the encoding of documents generated by DocBook depends on
the current locale. Make the output reproducible independently of
the locale, by setting the encoding to UTF-8 (LC_CTYPE=C.UTF-8) by
preference, or ASCII (LC_CTYPE=C) as a fallback.LC_CTYPE can normally be overridden by LC_ALL, but the top-level
Makefile unsets that.Signed-off-by: Ben Hutchings
[jc: added check-lc_ctype to .gitignore]
Signed-off-by: Jonathan Corbet
27 Sep, 2015
1 commit
21 Sep, 2015
1 commit
13 Sep, 2015
1 commit
09 Sep, 2015
3 commits
-
Pull misc kbuild updates from Michal Marek:
- deb-pkg:
+ module signing fix
+ dtb files are added to the package
+ do not require `hostname -f` to work during build
+ make deb-pkg generates a source package, bindeb-pkg has been
added to only generate the binary package
- rpm-pkg packages /lib/modules as well
- new coccinelle patch and updates to existing ones
- new stackusage & stackdelta script to collect and compare stack usage
info (using gcc's -fstack-usage)
- make tags understands trace_*_rcuidle() macros
- .gitignore updates, misc cleanups* 'misc' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild: (27 commits)
deb-pkg: add source package
package/Makefile: move source tar creation to a function
scripts: add stackdelta script
kbuild: remove *.su files generated by -fstack-usage
.gitignore: add *.su pattern
scripts: add stackusage script
kbuild: avoid listing /lib/modules in kernel spec file
fallback to hostname in scripts/package/builddeb
coccinelle: api: extend spatch for dropping unnecessary owner
deb-pkg: simplify directory creation
scripts/tags.sh: Include trace_*_rcuidle() in tags
scripts/package/Makefile: rpmbuild is needed for rpm targets
Kbuild: Add ID files to .gitignore
gitignore: Add MIPS vmlinux.32 to the list
coccinelle: simple_return: Add a blank line
coccinelle: irqf_oneshot.cocci: Improve the generated commit log
coccinelle: api: add vma_pages.cocci
scripts/coccinelle/misc/irqf_oneshot.cocci: Fix grammar
scripts/coccinelle/misc/semicolon.cocci: Use imperative mood
coccinelle: simple_open: Use imperative mood
... -
Pull core kbuild updates from Michal Marek:
- modpost portability fix
- linker script fix
- genksyms segfault fix
- fixdep cleanup
- fix for clang detection* 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
kbuild: Fix clang detection
kbuild: fixdep: drop meaningless hash table initialization
kbuild: fixdep: optimize code slightly
genksyms: Regenerate parser
genksyms: Duplicate function pointer type definitions segfault
kbuild: Fix .text.unlikely placement
Avoid conflict with host definitions when cross-compiling -
Pull security subsystem updates from James Morris:
"Highlights:- PKCS#7 support added to support signed kexec, also utilized for
module signing. See comments in 3f1e1bea.** NOTE: this requires linking against the OpenSSL library, which
must be installed, e.g. the openssl-devel on Fedora **- Smack
- add IPv6 host labeling; ignore labels on kernel threads
- support smack labeling mounts which use binary mount data- SELinux:
- add ioctl whitelisting (see
http://kernsec.org/files/lss2015/vanderstoep.pdf)
- fix mprotect PROT_EXEC regression caused by mm change- Seccomp:
- add ptrace options for suspend/resume"* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (57 commits)
PKCS#7: Add OIDs for sha224, sha284 and sha512 hash algos and use them
Documentation/Changes: Now need OpenSSL devel packages for module signing
scripts: add extract-cert and sign-file to .gitignore
modsign: Handle signing key in source tree
modsign: Use if_changed rule for extracting cert from module signing key
Move certificate handling to its own directory
sign-file: Fix warning about BIO_reset() return value
PKCS#7: Add MODULE_LICENSE() to test module
Smack - Fix build error with bringup unconfigured
sign-file: Document dependency on OpenSSL devel libraries
PKCS#7: Appropriately restrict authenticated attributes and content type
KEYS: Add a name for PKEY_ID_PKCS7
PKCS#7: Improve and export the X.509 ASN.1 time object decoder
modsign: Use extract-cert to process CONFIG_SYSTEM_TRUSTED_KEYS
extract-cert: Cope with multiple X.509 certificates in a single file
sign-file: Generate CMS message as signature instead of PKCS#7
PKCS#7: Support CMS messages also [RFC5652]
X.509: Change recorded SKID & AKID to not include Subject or Issuer
PKCS#7: Check content type and versions
MAINTAINERS: The keyrings mailing list has moved
...
04 Sep, 2015
1 commit
-
We cannot detect clang before including the arch Makefile, because that
can set the default cross compiler. We also cannot detect clang after
including the arch Makefile, because powerpc wants to know about clang.
Solve this by using an deferred variable. This costs us a few shell
invocations, but this is only a constant number.Reported-by: Behan Webster
Reported-by: Anton Blanchard
Signed-off-by: Michal Marek
31 Aug, 2015
1 commit
28 Aug, 2015
1 commit
-
Make sure 'make clean' removes *.su files generated by the gcc option
-fstack-usage.Signed-off-by: Rasmus Villemoes
Signed-off-by: Michal Marek
24 Aug, 2015
1 commit
17 Aug, 2015
1 commit
14 Aug, 2015
2 commits
-
Since commit 1329e8cc69 ("modsign: Extract signing cert from
CONFIG_MODULE_SIG_KEY if needed"), the build system has carefully coped
with the signing key being specified as a relative path in either the
source or or the build trees.However, the actual signing of modules has not worked if the filename
is relative to the source tree.Fix that by moving the config_filename helper into scripts/Kbuild.include
so that it can be used from elsewhere, and then using it in the top-level
Makefile to find the signing key file.Kill the intermediate $(MODPUBKEY) and $(MODSECKEY) variables too, while
we're at it. There's no need for them.Signed-off-by: David Woodhouse
Signed-off-by: David Howells -
Move certificate handling out of the kernel/ directory and into a certs/
directory to get all the weird stuff in one place and move the generated
signing keys into this directory.Signed-off-by: David Howells
Reviewed-by: David Woodhouse
10 Aug, 2015
1 commit
07 Aug, 2015
3 commits
-
The current rule for generating signing_key.priv and signing_key.x509 is
a classic example of a bad rule which has a tendency to break parallel
make. When invoked to create *either* target, it generates the other
target as a side-effect that make didn't predict.So let's switch to using a single file signing_key.pem which contains
both key and certificate. That matches what we do in the case of an
external key specified by CONFIG_MODULE_SIG_KEY anyway, so it's also
slightly cleaner.Signed-off-by: David Woodhouse
Signed-off-by: David Howells -
Signed-off-by: David Woodhouse
Signed-off-by: David Howells -
Move to using PKCS#7 messages as module signatures because:
(1) We have to be able to support the use of X.509 certificates that don't
have a subjKeyId set. We're currently relying on this to look up the
X.509 certificate in the trusted keyring list.(2) PKCS#7 message signed information blocks have a field that supplies the
data required to match with the X.509 certificate that signed it.(3) The PKCS#7 certificate carries fields that specify the digest algorithm
used to generate the signature in a standardised way and the X.509
certificates specify the public key algorithm in a standardised way - so
we don't need our own methods of specifying these.(4) We now have PKCS#7 message support in the kernel for signed kexec purposes
and we can make use of this.To make this work, the old sign-file script has been replaced with a program
that needs compiling in a previous patch. The rules to build it are added
here.Signed-off-by: David Howells
Tested-by: Vivek Goyal
04 Aug, 2015
1 commit
-
Pull kbuild fixes from Michal Marek:
"Two fixes for kbuild:- The new ARCH_{CPP,A,C}FLAGS variables are reset before including
the arch Makefile- Fix calling make modules_install twice when module compression is
enabled"* 'rc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
Makefile: Force gzip and xz on module install
kbuild: Do not pick up ARCH_{CPP,A,C}FLAGS from the environment
03 Aug, 2015
1 commit
27 Jul, 2015
1 commit
22 Jul, 2015
2 commits
-
Running `make modules_install` ordinarily will overwrite existing
modules. This is the desired behavior, and is how pretty much every
other `make install` target works.However, if CONFIG_MODULE_COMPRESS is enabled, modules are passed
through gzip and xz which then do the file writing. Both gzip and xz
will error out if the file already exists, unless -f is passed.This patch adds -f so that the behavior is uniform.
Signed-off-by: Jason A. Donenfeld
Signed-off-by: Michal Marek -
Initialize the ARCH_* overrides before including the arch Makefile, to
avoid picking up the values from the environment. The variables can
still be overriden on the make command line, but this won't happen
by accident.Signed-off-by: Michal Marek
20 Jul, 2015
1 commit
16 Jul, 2015
1 commit
-
Pull ARC fixes from Vineet Gupta:
- Makefile changes (top-level+ARC) reinstates -O3 builds (regression
since 3.16)
- IDU intc related fixes, IRQ affinity
- patch to make bitops safer for ARC
- perf fix from Alexey to remove signed PC braino
- Futex backend gets llock/scond support* tag 'arc-v4.2-rc3-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc:
ARCv2: support HS38 releases
ARC: make sure instruction_pointer() returns unsigned value
ARC: slightly refactor macros for boot logging
ARC: Add llock/scond to futex backend
arc:irqchip: prepare for drivers/irqchip/irqchip.h removal
ARC: Make ARC bitops "safer" (add anti-optimization)
ARCv2: [axs103] bump CPU frequency from 75 to 90 MHZ
ARCv2: intc: IDU: Fix potential race in installing a chained IRQ handler
ARCv2: intc: IDU: support irq affinity
ARC: fix unused var wanring
ARC: Don't memzero twice in dma_alloc_coherent for __GFP_ZERO
ARC: Override toplevel default -O2 with -O3
kbuild: Allow arch Makefiles to override {cpp,ld,c}flags
ARCv2: guard SLC DMA ops with spinlock
ARC: Kconfig: better way to disable ARC_HAS_LLSC for ARC_CPU_750D
13 Jul, 2015
1 commit
06 Jul, 2015
2 commits
-
Since commit a1c48bb1 (Makefile: Fix unrecognized cross-compiler command
line options), the arch Makefile is included earlier by the main
Makefile, preventing the arc architecture to set its -O3 compiler
option. Since there might be more use cases for an arch Makefile to
fine-tune the options, add support for ARCH_CPPFLAGS, ARCH_AFLAGS and
ARCH_CFLAGS variables that are appended to the respective kbuild
variables. The user still has the final say via the KCPPFLAGS, KAFLAGS
and KCFLAGS variables.Reported-by: Vineet Gupta
Cc: stable@vger.kernel.org # 3.16+
Signed-off-by: Michal Marek
03 Jul, 2015
1 commit
-
Pull kbuild updates from Michal Marek:
"Just a few kbuild core commits this time:- kallsyms fix for CONFIG_XIP_KERNEL
- bashisms in scripts/link-vmlinux.sh fixed
- workaround to make DEBUG_INFO_REDUCED more useful yet still space
efficient- clang is not wrongly detected when cross-compiling"
* 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
kbuild: include core debug info when DEBUG_INFO_REDUCED
scripts: link-vmlinux: Don't pass page offset to kallsyms if XIP Kernel
scripts: fix link-vmlinux.sh bash-ism
Makefile: Fix detection of clang when cross-compiling