1. 11 Mar, 2014 3 commits
  2. 10 Mar, 2014 1 commit
  3. 03 Mar, 2014 1 commit
  4. 25 Feb, 2014 2 commits
  5. 24 Feb, 2014 1 commit
  6. 16 Feb, 2014 1 commit
  7. 10 Feb, 2014 1 commit
  8. 03 Feb, 2014 1 commit
  9. 27 Jan, 2014 2 commits
    • Josh Triplett's avatar
      Makefile: Build with -Werror=date-time if the compiler supports it · fe7c36c7
      Josh Triplett authored
      
      
      GCC 4.9 and newer have a new warning -Wdate-time, which warns on any use
      of __DATE__, __TIME__, or __TIMESTAMP__, which would make the build
      non-deterministic.  Now that the kernel does not use any of those
      macros, turn on -Werror=date-time if available, to keep it that way.
      
      The kernel already (optionally) records this information at build time
      in a single place; other kernel code should not duplicate that.
      
      Signed-off-by: default avatarJosh Triplett <josh@joshtriplett.org>
      Signed-off-by: default avatarMichal Marek <mmarek@suse.cz>
      fe7c36c7
    • Geoff Levand's avatar
      kbuild: Fix debugging info generation for .S files · 7db43632
      Geoff Levand authored
      
      
      Change the debuging info generation flag in KBUILD_AFLAGS from '-gdwarf-2' to
      '-Wa,--gdwarf-2'.  This will properly generate the debugging info for .S files
      when CONFIG_DEBUG_INFO=y.
      
      It seems current gcc does not pass a '--gdwarf-2' option on to the assembler
      when '-gdwarf-2' is on its command line (note the differece in the gcc and as
      flags).  This change provides the correct assembler flag to gcc, and so does
      not rely on gcc to emit a flag for the assembler.
      
      Signed-off-by: Geoff Levand <geoff@infradead.org> for Huawei, Linaro
      Signed-off-by: default avatarMichal Marek <mmarek@suse.cz>
      7db43632
  10. 20 Jan, 2014 1 commit
  11. 12 Jan, 2014 1 commit
  12. 06 Jan, 2014 1 commit
    • Emil Medve's avatar
      kbuild: Fix silent builds with make-4 · e36aaea2
      Emil Medve authored
      
      
      make-4 changed the way/order it presents the command line options
      into MAKEFLAGS
      
      In make-3.8x, '-s' would always be first into a group of options
      with the '-'/hyphen removed
      
      $ make -p -s 2>/dev/null | grep ^MAKEFLAGS
      MAKEFLAGS = sp
      
      In make-4, '-s' seems to always be last into a group of options
      with the '-'/hyphen removed
      
      $ make -s -p 2>/dev/null | grep ^MAKEFLAGS
      MAKEFLAGS = ps
      
      Signed-off-by: default avatarEmil Medve <Emilian.Medve@Freescale.com>
      Signed-off-by: default avatarMichal Marek <mmarek@suse.cz>
      e36aaea2
  13. 04 Jan, 2014 1 commit
  14. 30 Dec, 2013 1 commit
  15. 22 Dec, 2013 1 commit
  16. 21 Dec, 2013 1 commit
    • Linus Torvalds's avatar
      Don't set the INITRD_COMPRESS environment variable automatically · b7000ade
      Linus Torvalds authored
      Commit 1bf49dd4
      
       ("./Makefile: export initial ramdisk compression
      config option") started setting the INITRD_COMPRESS environment variable
      depending on which decompression models the kernel had available.
      
      That is completely broken.
      
      For example, we by default have CONFIG_RD_LZ4 enabled, and are able to
      decompress such an initrd, but the user tools to *create* such an initrd
      may not be availble.  So trying to tell dracut to generate an
      lz4-compressed image just because we can decode such an image is
      completely inappropriate.
      
      Cc: J P <ppandit@redhat.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Jan Beulich <JBeulich@suse.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      b7000ade
  17. 20 Dec, 2013 2 commits
    • Kees Cook's avatar
      stackprotector: Introduce CONFIG_CC_STACKPROTECTOR_STRONG · 8779657d
      Kees Cook authored
      This changes the stack protector config option into a choice of
      "None", "Regular", and "Strong":
      
         CONFIG_CC_STACKPROTECTOR_NONE
         CONFIG_CC_STACKPROTECTOR_REGULAR
         CONFIG_CC_STACKPROTECTOR_STRONG
      
      "Regular" means the old CONFIG_CC_STACKPROTECTOR=y option.
      
      "Strong" is a new mode introduced by this patch. With "Strong" the
      kernel is built with -fstack-protector-strong (available in
      gcc 4.9 and later). This option increases the coverage of the stack
      protector without the heavy performance hit of -fstack-protector-all.
      
      For reference, the stack protector options available in gcc are:
      
      -fstack-protector-all:
        Adds the stack-canary saving prefix and stack-canary checking
        suffix to _all_ function entry and exit. Results in substantial
        use of stack space for saving the canary for deep stack users
        (e.g. historically xfs), and measurable (though shockingly still
        low) performance hit due to all the saving/checking. Really not
        suitable for sane systems, and was entirely removed as an option
        from the kernel many years ago.
      
      -fstack-protector:
        Adds the canary save/check to functions that define an 8
        (--param=ssp-buffer-size=N, N=8 by default) or more byte local
        char array. Traditionally, stack overflows happened with
        string-based manipulations, so this was a way to find those
        functions. Very few total functions actually get the canary; no
        measurable performance or size overhead.
      
      -fstack-protector-strong
        Adds the canary for a wider set of functions, since it's not
        just those with strings that have ultimately been vulnerable to
        stack-busting. With this superset, more functions end up with a
        canary, but it still remains small compared to all functions
        with only a small change in performance. Based on the original
        design document, a function gets the canary when it contains any
        of:
      
          - local variable's address used as part of the right hand side
            of an assignment or function argument
          - local variable is an array (or union containing an array),
            regardless of array type or length
          - uses register local variables
      
        https://docs.google.com/a/google.com/document/d/1xXBH6rRZue4f296vGt9YQcuLVQHeE516stHwt8M9xyU
      
      
      
      Find below a comparison of "size" and "objdump" output when built with
      gcc-4.9 in three configurations:
      
        - defconfig
      	11430641 kernel text size
      	36110 function bodies
      
        - defconfig + CONFIG_CC_STACKPROTECTOR_REGULAR
      	11468490 kernel text size (+0.33%)
      	1015 of 36110 functions are stack-protected (2.81%)
      
        - defconfig + CONFIG_CC_STACKPROTECTOR_STRONG via this patch
      	11692790 kernel text size (+2.24%)
      	7401 of 36110 functions are stack-protected (20.5%)
      
      With -strong, ARM's compressed boot code now triggers stack
      protection, so a static guard was added. Since this is only used
      during decompression and was never used before, the exposure
      here is very small. Once it switches to the full kernel, the
      stack guard is back to normal.
      
      Chrome OS has been using -fstack-protector-strong for its kernel
      builds for the last 8 months with no problems.
      
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Cc: Arjan van de Ven <arjan@linux.intel.com>
      Cc: Michal Marek <mmarek@suse.cz>
      Cc: Russell King <linux@arm.linux.org.uk>
      Cc: Ralf Baechle <ralf@linux-mips.org>
      Cc: Paul Mundt <lethal@linux-sh.org>
      Cc: James Hogan <james.hogan@imgtec.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Cc: Shawn Guo <shawn.guo@linaro.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: linux-arm-kernel@lists.infradead.org
      Cc: linux-mips@linux-mips.org
      Cc: linux-arch@vger.kernel.org
      Link: http://lkml.kernel.org/r/1387481759-14535-3-git-send-email-keescook@chromium.org
      
      
      [ Improved the changelog and descriptions some more. ]
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      8779657d
    • Kees Cook's avatar
      stackprotector: Unify the HAVE_CC_STACKPROTECTOR logic between architectures · 19952a92
      Kees Cook authored
      
      
      Instead of duplicating the CC_STACKPROTECTOR Kconfig and
      Makefile logic in each architecture, switch to using
      HAVE_CC_STACKPROTECTOR and keep everything in one place. This
      retains the x86-specific bug verification scripts.
      
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Cc: Arjan van de Ven <arjan@linux.intel.com>
      Cc: Michal Marek <mmarek@suse.cz>
      Cc: Russell King <linux@arm.linux.org.uk>
      Cc: Ralf Baechle <ralf@linux-mips.org>
      Cc: Paul Mundt <lethal@linux-sh.org>
      Cc: James Hogan <james.hogan@imgtec.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Cc: Shawn Guo <shawn.guo@linaro.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: linux-arm-kernel@lists.infradead.org
      Cc: linux-mips@linux-mips.org
      Cc: linux-arch@vger.kernel.org
      Link: http://lkml.kernel.org/r/1387481759-14535-2-git-send-email-keescook@chromium.org
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      19952a92
  18. 19 Dec, 2013 1 commit
    • Jan Beulich's avatar
      fix build with make 3.80 · 7ac18156
      Jan Beulich authored
      According to Documentation/Changes, make 3.80 is still being supported
      for building the kernel, hence make files must not make (unconditional)
      use of features introduced only in newer versions.
      
      Commit 1bf49dd4
      
       ("./Makefile: export initial ramdisk compression
      config option") however introduced "else ifeq" constructs which make
      3.80 doesn't understand.  Replace the logic there with more conventional
      (in the kernel build infrastructure) list constructs (except that the
      list here is intentionally limited to exactly one element).
      
      Signed-off-by: default avatarJan Beulich <jbeulich@suse.com>
      Cc: P J P <ppandit@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      7ac18156
  19. 15 Dec, 2013 1 commit
  20. 06 Dec, 2013 1 commit
  21. 29 Nov, 2013 1 commit
  22. 22 Nov, 2013 1 commit
  23. 13 Nov, 2013 1 commit
    • P J P's avatar
      ./Makefile: export initial ramdisk compression config option · 1bf49dd4
      P J P authored
      
      
      Make menuconfig allows one to choose compression format of an initial
      ramdisk image.  But this choice does not result in duly compressed ramdisk
      image.  Because - $ make install - does not pass on the selected
      compression choice to the dracut(8) tool, which creates the initramfs
      file.  dracut(8) generates the image with the default compression, ie.
      gzip(1).
      
      This patch exports the selected compression option to a sub-shell
      environment, so that it could be used by dracut(8) tool to generate
      appropriately compressed initramfs images.
      
      There isn't a straightforward way to pass on options to dracut(8) via
      positional parameters.  Because it is indirectly invoked at the end of a $
      make install sequence.
      
       # make install
         -> arch/$arch/boot/Makefile
          -> arch/$arch/boot/install.sh
           -> /sbing/installkernel ...
            -> /sbin/new-kernel-pkg ...
             -> /sbin/dracut ...
      
      Signed-off-by: default avatarP J P <ppandit@redhat.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      1bf49dd4
  24. 11 Nov, 2013 1 commit
    • Borislav Petkov's avatar
      Kbuild: Ignore GREP_OPTIONS env variable · ab7474ea
      Borislav Petkov authored
      
      
      When building the kernel in a shell which defines GREP_OPTIONS so that
      grep behavior is modified, we can break the generation of the syscalls
      table like so:
      
      __SYSCALL_COMMON(^[[01;31m^[[K0^[[m^[[K, sys_read, sys_read)
      __SYSCALL_COMMON(^[[01;31m^[[K1^[[m^[[K, sys_write, sys_write)
      __SYSCALL_COMMON(^[[01;31m^[[K1^[[m^[[K0, sys_mprotect, sys_mprotect) ...
      
      This is just the initial breakage, later we barf when generating
      modules.
      
      In this case, GREP_OPTIONS contains "--color=always" which adds the shell
      colors markup and completely fudges the headers under ...generated/asm/.
      
      Fix that by unexporting the GREP_OPTIONS variable for the whole kernel
      build as we tend to use grep at a bunch of places.
      
      Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
      Signed-off-by: default avatarMichal Marek <mmarek@suse.cz>
      ab7474ea
  25. 03 Nov, 2013 1 commit
  26. 27 Oct, 2013 1 commit
  27. 23 Oct, 2013 1 commit
  28. 19 Oct, 2013 1 commit
  29. 13 Oct, 2013 1 commit
  30. 06 Oct, 2013 1 commit
  31. 29 Sep, 2013 1 commit
  32. 23 Sep, 2013 1 commit
  33. 16 Sep, 2013 1 commit
  34. 12 Sep, 2013 1 commit
    • Linus Torvalds's avatar
      Bye, bye, WfW flag · d5d04bb4
      Linus Torvalds authored
      
      
      This reverts the Linux for Workgroups thing.  And no, before somebody
      asks, we're not doing Linux95.  Not for a few years, at least.
      
      Sure, the flag added some color to the logo, and could have remained as
      a testament to my leet gimp skills.  But no.  And I'll do this early, to
      avoid the chance of forgetting when I'm doing the actual rc1 release on
      the road.
      
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      d5d04bb4
  35. 02 Sep, 2013 1 commit