From cb77f0d623ff33a7899cb945f4f5a4825fbb2ea1 Mon Sep 17 00:00:00 2001 From: Kamil Rytarowski Date: Sun, 7 May 2017 23:25:26 +0200 Subject: scripts: Switch to more portable Perl shebang The default NetBSD package manager is pkgsrc and it installs Perl along other third party programs under custom and configurable prefix. The default prefix for binary prebuilt packages is /usr/pkg, and the Perl executable lands in /usr/pkg/bin/perl. This change switches "/usr/bin/perl" to "/usr/bin/env perl" as it's the most portable solution that should work for almost everybody. Perl's executable is detected automatically. This change switches -w option passed to the executable with more modern "use warnings;" approach. There is no functional change to the default behavior. While there, drop "require 5" from scripts/namespace.pl (Perl from 1994?). Signed-off-by: Kamil Rytarowski Signed-off-by: Masahiro Yamada --- scripts/bootgraph.pl | 2 +- scripts/checkincludes.pl | 2 +- scripts/checkpatch.pl | 3 ++- scripts/checkstack.pl | 2 +- scripts/checkversion.pl | 2 +- scripts/cleanfile | 3 ++- scripts/cleanpatch | 3 ++- scripts/dtc/dt_to_config | 2 +- scripts/export_report.pl | 3 ++- scripts/extract-module-sig.pl | 3 ++- scripts/extract-sys-certs.pl | 3 ++- scripts/extract_xc3028.pl | 2 +- scripts/get_dvb_firmware | 2 +- scripts/get_maintainer.pl | 3 ++- scripts/headerdep.pl | 2 +- scripts/headers_check.pl | 3 ++- scripts/kconfig/streamline_config.pl | 3 ++- scripts/kernel-doc | 3 ++- scripts/kernel-doc-xml-ref | 3 ++- scripts/markup_oops.pl | 2 +- scripts/namespace.pl | 4 ++-- scripts/profile2linkerlist.pl | 2 +- scripts/recordmcount.pl | 3 ++- scripts/stackdelta | 2 +- 24 files changed, 37 insertions(+), 25 deletions(-) (limited to 'scripts') diff --git a/scripts/bootgraph.pl b/scripts/bootgraph.pl index 9ca667bcaee9..594c55541b16 100755 --- a/scripts/bootgraph.pl +++ b/scripts/bootgraph.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/bin/env perl # Copyright 2008, Intel Corporation # diff --git a/scripts/checkincludes.pl b/scripts/checkincludes.pl index 381c018a4612..ce9edefd6e0b 100755 --- a/scripts/checkincludes.pl +++ b/scripts/checkincludes.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/bin/env perl # # checkincludes: find/remove files included more than once # diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index 4b9569fa931b..3465a7c5a154 100755 --- a/scripts/checkpatch.pl +++ b/scripts/checkpatch.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl # (c) 2001, Dave Jones. (the file handling bit) # (c) 2005, Joel Schopp (the ugly bit) # (c) 2007,2008, Andy Whitcroft (new conditions, test suite) @@ -6,6 +6,7 @@ # Licensed under the terms of the GNU GPL License version 2 use strict; +use warnings; use POSIX; use File::Basename; use Cwd 'abs_path'; diff --git a/scripts/checkstack.pl b/scripts/checkstack.pl index 9d37aa4faf5c..7f4c41717e26 100755 --- a/scripts/checkstack.pl +++ b/scripts/checkstack.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/bin/env perl # Check the stack usage of functions # diff --git a/scripts/checkversion.pl b/scripts/checkversion.pl index 5e490a8ceca5..8b4f205234b5 100755 --- a/scripts/checkversion.pl +++ b/scripts/checkversion.pl @@ -1,4 +1,4 @@ -#! /usr/bin/perl +#! /usr/bin/env perl # # checkversion find uses of LINUX_VERSION_CODE or KERNEL_VERSION # without including , or cases of diff --git a/scripts/cleanfile b/scripts/cleanfile index cefd29e52298..72e3755327ae 100755 --- a/scripts/cleanfile +++ b/scripts/cleanfile @@ -1,9 +1,10 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl # # Clean a text file -- or directory of text files -- of stealth whitespace. # WARNING: this can be a highly destructive operation. Use with caution. # +use warnings; use bytes; use File::Basename; diff --git a/scripts/cleanpatch b/scripts/cleanpatch index 9680d03ad2b8..3e5a2303dc0e 100755 --- a/scripts/cleanpatch +++ b/scripts/cleanpatch @@ -1,9 +1,10 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl # # Clean a patch file -- or directory of patch files -- of stealth whitespace. # WARNING: this can be a highly destructive operation. Use with caution. # +use warnings; use bytes; use File::Basename; diff --git a/scripts/dtc/dt_to_config b/scripts/dtc/dt_to_config index 9a248b505c58..5dfd1bff351f 100755 --- a/scripts/dtc/dt_to_config +++ b/scripts/dtc/dt_to_config @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/bin/env perl # Copyright 2016 by Frank Rowand # Copyright 2016 by Gaurav Minocha diff --git a/scripts/export_report.pl b/scripts/export_report.pl index 8f79b701de87..68ff426b347c 100755 --- a/scripts/export_report.pl +++ b/scripts/export_report.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl # # (C) Copyright IBM Corporation 2006. # Released under GPL v2. @@ -7,6 +7,7 @@ # Usage: export_report.pl -k Module.symvers [-o report_file ] -f *.mod.c # +use warnings; use Getopt::Std; use strict; diff --git a/scripts/extract-module-sig.pl b/scripts/extract-module-sig.pl index faac6f2e377f..0f161ea41261 100755 --- a/scripts/extract-module-sig.pl +++ b/scripts/extract-module-sig.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl # # extract-mod-sig # @@ -12,6 +12,7 @@ # -k: Just the key ID # -s: Just the crypto signature or PKCS#7 message # +use warnings; use strict; die "Format: $0 -[0adnks] module-file >out\n" diff --git a/scripts/extract-sys-certs.pl b/scripts/extract-sys-certs.pl index 8227ca10a494..2aa873b944e0 100755 --- a/scripts/extract-sys-certs.pl +++ b/scripts/extract-sys-certs.pl @@ -1,5 +1,6 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl # +use warnings; use strict; use Math::BigInt; use Fcntl "SEEK_SET"; diff --git a/scripts/extract_xc3028.pl b/scripts/extract_xc3028.pl index 47877deae6d7..61d9b256c658 100755 --- a/scripts/extract_xc3028.pl +++ b/scripts/extract_xc3028.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/bin/env perl # Copyright (c) Mauro Carvalho Chehab # Released under GPLv2 diff --git a/scripts/get_dvb_firmware b/scripts/get_dvb_firmware index 1a0a04125f71..f3f230225aba 100755 --- a/scripts/get_dvb_firmware +++ b/scripts/get_dvb_firmware @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/bin/env perl # DVB firmware extractor # # (c) 2004 Andrew de Quincey diff --git a/scripts/get_maintainer.pl b/scripts/get_maintainer.pl index 633f2dd3de27..3bd5f4f30235 100755 --- a/scripts/get_maintainer.pl +++ b/scripts/get_maintainer.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl # (c) 2007, Joe Perches # created from checkpatch.pl # @@ -10,6 +10,7 @@ # # Licensed under the terms of the GNU GPL License version 2 +use warnings; use strict; my $P = $0; diff --git a/scripts/headerdep.pl b/scripts/headerdep.pl index 8dd019bc5a73..86ebb9ee7570 100755 --- a/scripts/headerdep.pl +++ b/scripts/headerdep.pl @@ -1,4 +1,4 @@ -#! /usr/bin/perl +#! /usr/bin/env perl # # Detect cycles in the header file dependency graph # Vegard Nossum diff --git a/scripts/headers_check.pl b/scripts/headers_check.pl index 8b2da054cdc3..3091e4ee6ee1 100755 --- a/scripts/headers_check.pl +++ b/scripts/headers_check.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl # # headers_check.pl execute a number of trivial consistency checks # @@ -18,6 +18,7 @@ # # 3) Check for leaked CONFIG_ symbols +use warnings; use strict; use File::Basename; diff --git a/scripts/kconfig/streamline_config.pl b/scripts/kconfig/streamline_config.pl index b8c7b29affc5..a2e83ab17de3 100755 --- a/scripts/kconfig/streamline_config.pl +++ b/scripts/kconfig/streamline_config.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl # # Copyright 2005-2009 - Steven Rostedt # Licensed under the terms of the GNU GPL License version 2 @@ -42,6 +42,7 @@ # mv config_strip .config # make oldconfig # +use warnings; use strict; use Getopt::Long; diff --git a/scripts/kernel-doc b/scripts/kernel-doc index a26a5f2dce39..7b0a8f01fed5 100755 --- a/scripts/kernel-doc +++ b/scripts/kernel-doc @@ -1,5 +1,6 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl +use warnings; use strict; ## Copyright (c) 1998 Michael Zucchi, All Rights Reserved ## diff --git a/scripts/kernel-doc-xml-ref b/scripts/kernel-doc-xml-ref index 104a5a5ba2c8..e3b24bfc804c 100755 --- a/scripts/kernel-doc-xml-ref +++ b/scripts/kernel-doc-xml-ref @@ -1,5 +1,6 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl +use warnings; use strict; ## Copyright (C) 2015 Intel Corporation ## diff --git a/scripts/markup_oops.pl b/scripts/markup_oops.pl index c21d16328d3f..70dcfb6b3de1 100755 --- a/scripts/markup_oops.pl +++ b/scripts/markup_oops.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/bin/env perl use File::Basename; use Math::BigInt; diff --git a/scripts/namespace.pl b/scripts/namespace.pl index 9f3c9d47a4a5..729c547fc9e1 100755 --- a/scripts/namespace.pl +++ b/scripts/namespace.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl # # namespace.pl. Mon Aug 30 2004 # @@ -62,7 +62,7 @@ # result. # -require 5; # at least perl 5 +use warnings; use strict; use File::Find; diff --git a/scripts/profile2linkerlist.pl b/scripts/profile2linkerlist.pl index 6943fa7cc95b..f23d7be94394 100755 --- a/scripts/profile2linkerlist.pl +++ b/scripts/profile2linkerlist.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/bin/env perl # # Takes a (sorted) output of readprofile and turns it into a list suitable for diff --git a/scripts/recordmcount.pl b/scripts/recordmcount.pl index 1633c3e6c0b9..2033af758173 100755 --- a/scripts/recordmcount.pl +++ b/scripts/recordmcount.pl @@ -1,4 +1,4 @@ -#!/usr/bin/perl -w +#!/usr/bin/env perl # (c) 2008, Steven Rostedt # Licensed under the terms of the GNU GPL License version 2 # @@ -106,6 +106,7 @@ # 9) Move the result back to the original object. # +use warnings; use strict; my $P = $0; diff --git a/scripts/stackdelta b/scripts/stackdelta index 48eabf2f48f8..20a79f19a111 100755 --- a/scripts/stackdelta +++ b/scripts/stackdelta @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!/usr/bin/env perl # Read two files produced by the stackusage script, and show the # delta between them. -- cgit v1.2.3 From cb43fb5775dffb36416067be87327966200ee3b6 Mon Sep 17 00:00:00 2001 From: Mauro Carvalho Chehab Date: Sun, 14 May 2017 11:50:01 -0300 Subject: docs: remove DocBook from the building system Now that we don't have any DocBook anymore, remove it from the building system. Signed-off-by: Mauro Carvalho Chehab --- scripts/Makefile | 9 +++------ scripts/check-lc_ctype.c | 11 ----------- 2 files changed, 3 insertions(+), 17 deletions(-) delete mode 100644 scripts/check-lc_ctype.c (limited to 'scripts') diff --git a/scripts/Makefile b/scripts/Makefile index 1d80897a9644..55550e4141c4 100644 --- a/scripts/Makefile +++ b/scripts/Makefile @@ -6,8 +6,7 @@ # pnmttologo: Convert pnm files to logo files # conmakehash: Create chartable # conmakehash: Create arrays for initializing the kernel console tables -# docproc: Used in Documentation/DocBook -# check-lc_ctype: Used in Documentation/DocBook +# docproc: Used in Documentation/ HOST_EXTRACFLAGS += -I$(srctree)/tools/include @@ -29,16 +28,14 @@ HOSTLOADLIBES_extract-cert = -lcrypto always := $(hostprogs-y) $(hostprogs-m) # The following hostprogs-y programs are only build on demand -hostprogs-y += unifdef docproc check-lc_ctype +hostprogs-y += unifdef docproc # These targets are used internally to avoid "is up to date" messages -PHONY += build_unifdef build_docproc build_check-lc_ctype +PHONY += build_unifdef build_docproc build_unifdef: $(obj)/unifdef @: build_docproc: $(obj)/docproc @: -build_check-lc_ctype: $(obj)/check-lc_ctype - @: subdir-$(CONFIG_MODVERSIONS) += genksyms subdir-y += mod diff --git a/scripts/check-lc_ctype.c b/scripts/check-lc_ctype.c deleted file mode 100644 index 9097ff5449fb..000000000000 --- a/scripts/check-lc_ctype.c +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Check that a specified locale works as LC_CTYPE. Used by the - * DocBook build system to probe for C.UTF-8 support. - */ - -#include - -int main(void) -{ - return !setlocale(LC_CTYPE, ""); -} -- cgit v1.2.3 From 229fd05c565eb931aa7c59c9d740e2047701a4ad Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Sat, 13 May 2017 04:51:44 -0700 Subject: doc: ReSTify SELinux.txt Adjusts for ReST markup and moves under LSM admin guide. Cc: Paul Moore Signed-off-by: Kees Cook Signed-off-by: Jonathan Corbet --- scripts/selinux/README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/selinux/README b/scripts/selinux/README index 4d020ecb7524..5ba679c5be18 100644 --- a/scripts/selinux/README +++ b/scripts/selinux/README @@ -1,2 +1,2 @@ -Please see Documentation/security/SELinux.txt for information on +Please see Documentation/admin-guide/LSM/SELinux.rst for information on installing a dummy SELinux policy. -- cgit v1.2.3 From 3e2e857f9c3a19d55ee0ba7b428b8be5008960bf Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 21 Apr 2017 15:35:27 -0700 Subject: module: Add module name to modinfo Accessing the mod structure (e.g. for mod->name) prior to having completed check_modstruct_version() can result in writing garbage to the error logs if the layout of the mod structure loaded from disk doesn't match the running kernel's mod structure layout. This kind of mismatch will become much more likely if a kernel is built with different randomization seed for the struct layout randomization plugin. Instead, add and use a new modinfo string for logging the module name. Signed-off-by: Kees Cook Signed-off-by: Jessica Yu --- scripts/mod/modpost.c | 1 + 1 file changed, 1 insertion(+) (limited to 'scripts') diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c index 30d752a4a6a6..48397feb08fb 100644 --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c @@ -2126,6 +2126,7 @@ static void add_header(struct buffer *b, struct module *mod) buf_printf(b, "#include \n"); buf_printf(b, "\n"); buf_printf(b, "MODULE_INFO(vermagic, VERMAGIC_STRING);\n"); + buf_printf(b, "MODULE_INFO(name, KBUILD_MODNAME);\n"); buf_printf(b, "\n"); buf_printf(b, "__visible struct module __this_module\n"); buf_printf(b, "__attribute__((section(\".gnu.linkonce.this_module\"))) = {\n"); -- cgit v1.2.3 From 1132e1e448ce51e3b51fc7afdf661633abc4f202 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Sat, 15 Apr 2017 11:45:20 -0700 Subject: gcc-plugins: Detail c-common.h location for GCC 4.6 The c-common.h file moved in stock gcc 4.7, not gcc 4.6. However, most people building plugins with gcc 4.6 are using the Debian or Ubuntu version, which includes a patch to move the headers to the 4.7 location. In case anyone trips over this with a stock gcc 4.6, add a pointer to the patch used by Debian/Ubuntu. Signed-off-by: Kees Cook --- scripts/gcc-plugins/gcc-common.h | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'scripts') diff --git a/scripts/gcc-plugins/gcc-common.h b/scripts/gcc-plugins/gcc-common.h index b232ab15624c..918953ca4527 100644 --- a/scripts/gcc-plugins/gcc-common.h +++ b/scripts/gcc-plugins/gcc-common.h @@ -63,6 +63,13 @@ #endif #if BUILDING_GCC_VERSION >= 4006 +/* + * The c-family headers were moved into a subdirectory in GCC version + * 4.7, but most plugin-building users of GCC 4.6 are using the Debian + * or Ubuntu package, which has an out-of-tree patch to move this to the + * same location as found in 4.7 and later: + * https://sources.debian.net/src/gcc-4.6/4.6.3-14/debian/patches/pr45078.diff/ + */ #include "c-family/c-common.h" #else #include "c-common.h" -- cgit v1.2.3 From d6c9708737c2107c38bd75f133d14d5801b8d6d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20Draszik?= Date: Fri, 2 Jun 2017 14:46:51 -0700 Subject: scripts/gdb: make lx-dmesg command work (reliably) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit lx-dmesg needs access to the log_buf symbol from printk.c. Unfortunately, the symbol log_buf also exists in BPF's verifier.c and hence gdb can pick one or the other. If it happens to pick BPF's log_buf, lx-dmesg doesn't work: (gdb) lx-dmesg Python Exception Cannot access memory at address 0x0: Error occurred in Python command: Cannot access memory at address 0x0 (gdb) p log_buf $15 = 0x0 Luckily, GDB has a way to deal with this, see https://sourceware.org/gdb/onlinedocs/gdb/Symbols.html (gdb) info variables ^log_buf$ All variables matching regular expression "^log_buf$": File /kernel/bpf/verifier.c: static char *log_buf; File /kernel/printk/printk.c: static char *log_buf; (gdb) p 'verifier.c'::log_buf $1 = 0x0 (gdb) p 'printk.c'::log_buf $2 = 0x811a6aa0 <__log_buf> "" (gdb) p &log_buf $3 = (char **) 0x8120fe40 (gdb) p &'verifier.c'::log_buf $4 = (char **) 0x8120fe40 (gdb) p &'printk.c'::log_buf $5 = (char **) 0x8048b7d0 By being explicit about the location of the symbol, we can make lx-dmesg work again. While at it, do the same for the other symbols we need from printk.c Link: http://lkml.kernel.org/r/20170526112222.3414-1-git@andred.net Signed-off-by: André Draszik Tested-by: Kieran Bingham Acked-by: Jan Kiszka Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- scripts/gdb/linux/dmesg.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'scripts') diff --git a/scripts/gdb/linux/dmesg.py b/scripts/gdb/linux/dmesg.py index f9b92ece7834..5afd1098e33a 100644 --- a/scripts/gdb/linux/dmesg.py +++ b/scripts/gdb/linux/dmesg.py @@ -23,10 +23,11 @@ class LxDmesg(gdb.Command): super(LxDmesg, self).__init__("lx-dmesg", gdb.COMMAND_DATA) def invoke(self, arg, from_tty): - log_buf_addr = int(str(gdb.parse_and_eval("log_buf")).split()[0], 16) - log_first_idx = int(gdb.parse_and_eval("log_first_idx")) - log_next_idx = int(gdb.parse_and_eval("log_next_idx")) - log_buf_len = int(gdb.parse_and_eval("log_buf_len")) + log_buf_addr = int(str(gdb.parse_and_eval( + "'printk.c'::log_buf")).split()[0], 16) + log_first_idx = int(gdb.parse_and_eval("'printk.c'::log_first_idx")) + log_next_idx = int(gdb.parse_and_eval("'printk.c'::log_next_idx")) + log_buf_len = int(gdb.parse_and_eval("'printk.c'::log_buf_len")) inf = gdb.inferiors()[0] start = log_buf_addr + log_first_idx -- cgit v1.2.3 From 3def03441e53e29eed3afd9009974a5a42bf124a Mon Sep 17 00:00:00 2001 From: Nicolas Iooss Date: Sat, 20 May 2017 13:27:00 +0200 Subject: genksyms: add printf format attribute to error_with_pos() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When compiling with -Wsuggest-attribute=format in HOSTCFLAGS, gcc complains that error_with_pos() may be declared with a printf format attribute: scripts/genksyms/genksyms.c:726:3: warning: function might be possible candidate for ‘gnu_printf’ format attribute [-Wsuggest-attribute=format] vfprintf(stderr, fmt, args); ^~~~~~~~ This would allow catching printf-format errors at compile time in callers to error_with_pos(). Add this attribute. Signed-off-by: Nicolas Iooss Signed-off-by: Masahiro Yamada --- scripts/genksyms/genksyms.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/genksyms/genksyms.h b/scripts/genksyms/genksyms.h index 3bffdcaaa274..b724a0290c75 100644 --- a/scripts/genksyms/genksyms.h +++ b/scripts/genksyms/genksyms.h @@ -75,7 +75,7 @@ struct string_list *copy_list_range(struct string_list *start, int yylex(void); int yyparse(void); -void error_with_pos(const char *, ...); +void error_with_pos(const char *, ...) __attribute__ ((format(printf, 1, 2))); /*----------------------------------------------------------------------*/ #define xmalloc(size) ({ void *__ptr = malloc(size); \ -- cgit v1.2.3 From cbf52a3e6a8a92beec6e0c70abf4111cd8f8faf7 Mon Sep 17 00:00:00 2001 From: Robert Jarzmik Date: Mon, 5 Jun 2017 13:59:15 +0200 Subject: tags: honor COMPILED_SOURCE with apart output directory When the kernel is compiled with an "O=" argument, the object files are not in the source tree, but in the build tree. This patch fixes O= build by looking for object files in the build tree. Fixes: 923e02ecf3f8 ("scripts/tags.sh: Support compiled source") Signed-off-by: Robert Jarzmik Signed-off-by: Masahiro Yamada --- scripts/tags.sh | 1 + 1 file changed, 1 insertion(+) (limited to 'scripts') diff --git a/scripts/tags.sh b/scripts/tags.sh index d661f2f3ef61..d23dcbf17457 100755 --- a/scripts/tags.sh +++ b/scripts/tags.sh @@ -106,6 +106,7 @@ all_compiled_sources() case "$i" in *.[cS]) j=${i/\.[cS]/\.o} + j="${j#$tree}" if [ -e $j ]; then echo $i fi -- cgit v1.2.3 From 9895313534d44e714785603a2af8db928904787e Mon Sep 17 00:00:00 2001 From: "Paul E. McKenney" Date: Wed, 19 Apr 2017 07:37:45 -0700 Subject: checkpatch: Remove checks for expedited grace periods There was a time when the expedited grace-period primitives (synchronize_rcu_expedited(), synchronize_rcu_bh_expedited(), and synchronize_sched_expedited()) used rather antisocial kernel facilities like try_stop_cpus(). However, they have since been housebroken to use only single-CPU IPIs, and typically cause less disturbance than a scheduling-clock interrupt. Furthermore, this disturbance can be eliminated entirely using NO_HZ_FULL on the one hand or the rcupdate.rcu_normal boot parameter on the other. This commit therefore removes checkpatch's complaints about use of the expedited RCU primitives. Signed-off-by: Paul E. McKenney --- scripts/checkpatch.pl | 17 ----------------- 1 file changed, 17 deletions(-) (limited to 'scripts') diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index 4b9569fa931b..c7e4d73fe1ce 100755 --- a/scripts/checkpatch.pl +++ b/scripts/checkpatch.pl @@ -5533,23 +5533,6 @@ sub process { } } -# Check for expedited grace periods that interrupt non-idle non-nohz -# online CPUs. These expedited can therefore degrade real-time response -# if used carelessly, and should be avoided where not absolutely -# needed. It is always OK to use synchronize_rcu_expedited() and -# synchronize_sched_expedited() at boot time (before real-time applications -# start) and in error situations where real-time response is compromised in -# any case. Note that synchronize_srcu_expedited() does -not- interrupt -# other CPUs, so don't warn on uses of synchronize_srcu_expedited(). -# Of course, nothing comes for free, and srcu_read_lock() and -# srcu_read_unlock() do contain full memory barriers in payment for -# synchronize_srcu_expedited() non-interruption properties. - if ($line =~ /\b(synchronize_rcu_expedited|synchronize_sched_expedited)\(/) { - WARN("EXPEDITED_RCU_GRACE_PERIOD", - "expedited RCU grace periods should be avoided where they can degrade real-time response\n" . $herecurr); - - } - # check of hardware specific defines if ($line =~ m@^.\s*\#\s*if.*\b(__i386__|__powerpc64__|__sun__|__s390x__)\b@ && $realfile !~ m@include/asm-@) { CHK("ARCH_DEFINES", -- cgit v1.2.3 From d21832e212d2613c0a0f3e5f09967cb3402c8a53 Mon Sep 17 00:00:00 2001 From: Arnd Bergmann Date: Thu, 1 Jun 2017 16:57:07 +0200 Subject: kbuild: speed up checksyscalls.sh checksyscalls.sh is run at every "make" run while building the kernel, even if no files have changed. I looked at where we spend time in a trivial empty rebuild and found checksyscalls.sh to be a source of noticeable overhead, as it spawns a lot of child processes just to call 'cat' copying from stdin to stdout, once for each of the over 400 x86 syscalls. Using a shell-builtin (echo) instead of the external command gives us a 13x speedup: Before After real 0m1.018s real 0m0.077s user 0m0.068s user 0m0.048s sys 0m0.156s sys 0m0.024s The time it took to rebuild a single file on my machine dropped from 5.5 seconds to 4.5 seconds. Signed-off-by: Arnd Bergmann Signed-off-by: Masahiro Yamada --- scripts/checksyscalls.sh | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) (limited to 'scripts') diff --git a/scripts/checksyscalls.sh b/scripts/checksyscalls.sh index 116b7735ee9f..5a387a264201 100755 --- a/scripts/checksyscalls.sh +++ b/scripts/checksyscalls.sh @@ -202,15 +202,12 @@ EOF } syscall_list() { - grep '^[0-9]' "$1" | sort -n | ( + grep '^[0-9]' "$1" | sort -n | while read nr abi name entry ; do - cat < Date: Sun, 21 May 2017 11:44:47 +0200 Subject: kconfig: Check for libncurses before menuconfig There is a check and a nice user-friendly message when the curses library is not present on the system and the user wants to do "make menuconfig". It doesn't get issued, though. Instead, we fail the build when mconf.c doesn't find the curses.h header: HOSTCC scripts/kconfig/mconf.o In file included from scripts/kconfig/mconf.c:23:0: scripts/kconfig/lxdialog/dialog.h:38:20: fatal error: curses.h: No such file or directory #include CURSES_LOC ^ compilation terminated. Make that check a prerequisite to mconf so that the user sees the error message instead: $ make menuconfig *** Unable to find the ncurses libraries or the *** required header files. *** 'make menuconfig' requires the ncurses libraries. *** *** Install ncurses (ncurses-devel) and try again. *** scripts/kconfig/Makefile:203: recipe for target 'scripts/kconfig/dochecklxdialog' failed make[1]: *** [scripts/kconfig/dochecklxdialog] Error 1 Makefile:548: recipe for target 'menuconfig' failed make: *** [menuconfig] Error 2 Signed-off-by: Borislav Petkov Signed-off-by: Masahiro Yamada --- scripts/kconfig/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/kconfig/Makefile b/scripts/kconfig/Makefile index 90a091b6ae4d..eb8144643b78 100644 --- a/scripts/kconfig/Makefile +++ b/scripts/kconfig/Makefile @@ -196,7 +196,7 @@ clean-files += config.pot linux.pot # Check that we have the required ncurses stuff installed for lxdialog (menuconfig) PHONY += $(obj)/dochecklxdialog -$(addprefix $(obj)/,$(lxdialog)): $(obj)/dochecklxdialog +$(addprefix $(obj)/, mconf.o $(lxdialog)): $(obj)/dochecklxdialog $(obj)/dochecklxdialog: $(Q)$(CONFIG_SHELL) $(check-lxdialog) -check $(HOSTCC) $(HOST_EXTRACFLAGS) $(HOSTLOADLIBES_mconf) -- cgit v1.2.3 From adcc3f7cee29eb831f79f4ac7ba6a0fbce7ac936 Mon Sep 17 00:00:00 2001 From: Jonathan Liu Date: Mon, 12 Jun 2017 18:23:17 +1000 Subject: scripts/mkcompile_h: Remove trailing spaces from compiler version Improves the output of "cat /proc/version" by getting rid of the trailing space at the end of the compiler version when the kernel is compiled using GCC. Signed-off-by: Jonathan Liu Signed-off-by: Masahiro Yamada --- scripts/mkcompile_h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/mkcompile_h b/scripts/mkcompile_h index 6fdc97ef6023..fd8fdb91581d 100755 --- a/scripts/mkcompile_h +++ b/scripts/mkcompile_h @@ -76,7 +76,7 @@ UTS_TRUNCATE="cut -b -$UTS_LEN" echo \#define LINUX_COMPILE_BY \"`echo $LINUX_COMPILE_BY | $UTS_TRUNCATE`\" echo \#define LINUX_COMPILE_HOST \"`echo $LINUX_COMPILE_HOST | $UTS_TRUNCATE`\" - echo \#define LINUX_COMPILER \"`$CC -v 2>&1 | grep ' version '`\" + echo \#define LINUX_COMPILER \"`$CC -v 2>&1 | grep ' version ' | sed 's/[[:space:]]*$//'`\" ) > .tmpcompile # Only replace the real compile.h if the new one is different, -- cgit v1.2.3 From 2f263d145140ea4b9f5762b15886ae26195a764a Mon Sep 17 00:00:00 2001 From: Richard Genoud Date: Thu, 15 Jun 2017 10:36:22 +0200 Subject: kbuild: fix header installation under fakechroot environment Since commit fcc8487d477a ("uapi: export all headers under uapi directories") fakechroot make bindeb-pkg fails, mismatching files for directories: touch: cannot touch 'usr/include/video/uvesafb.h/.install': Not a directory This due to a bug in fakechroot: when using the function $(wildcard $(srcdir)/*/.) in a makefile, under a fakechroot environment, not only directories but also files are returned. To circumvent that, we are using the functions: $(sort $(dir $(wildcard $(srcdir)/*/)))) Fixes: fcc8487d477a ("uapi: export all headers under uapi directories") Signed-off-by: Richard Genoud Signed-off-by: Masahiro Yamada --- scripts/Makefile.headersinst | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/Makefile.headersinst b/scripts/Makefile.headersinst index ce753a408c56..c583a1e1bd3c 100644 --- a/scripts/Makefile.headersinst +++ b/scripts/Makefile.headersinst @@ -14,7 +14,15 @@ __headers: include scripts/Kbuild.include srcdir := $(srctree)/$(obj) -subdirs := $(patsubst $(srcdir)/%/.,%,$(wildcard $(srcdir)/*/.)) + +# When make is run under a fakechroot environment, the function +# $(wildcard $(srcdir)/*/.) doesn't only return directories, but also regular +# files. So, we are using a combination of sort/dir/wildcard which works +# with fakechroot. +subdirs := $(patsubst $(srcdir)/%/,%,\ + $(filter-out $(srcdir)/,\ + $(sort $(dir $(wildcard $(srcdir)/*/))))) + # caller may set destination dir (when installing to asm/) _dst := $(if $(dst),$(dst),$(obj)) -- cgit v1.2.3 From ae3f4151737d2aad271e5b1f2553c5d56e52850c Mon Sep 17 00:00:00 2001 From: Masahiro Yamada Date: Fri, 9 Jun 2017 17:29:52 +0900 Subject: kbuild: replace genhdr-y with generated-y Originally, generated-y and genhdr-y had different meaning, like follows: - generated-y: generated headers (other than asm-generic wrappers) - header-y : headers to be exported - genhdr-y : generated headers to be exported (generated-y + header-y) Since commit fcc8487d477a ("uapi: export all headers under uapi directories"), headers under UAPI directories are all exported. So, there is no more difference between generated-y and genhdr-y. We see two users of genhdr-y, arch/{arm,x86}/include/uapi/asm/Kbuild. They generate some headers in arch/{arm,x86}/include/generated/uapi/asm directories, which are obviously exported. Replace them with generated-y, and abolish genhdr-y. Signed-off-by: Masahiro Yamada Acked-by: Nicolas Dichtel --- scripts/Makefile.asm-generic | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/Makefile.asm-generic b/scripts/Makefile.asm-generic index e4d017d53819..95f7d8090152 100644 --- a/scripts/Makefile.asm-generic +++ b/scripts/Makefile.asm-generic @@ -15,7 +15,7 @@ _dummy := $(shell [ -d $(obj) ] || mkdir -p $(obj)) # Stale wrappers when the corresponding files are removed from generic-y # need removing. -generated-y := $(generic-y) $(genhdr-y) $(generated-y) +generated-y := $(generic-y) $(generated-y) all-files := $(patsubst %, $(obj)/%, $(generated-y)) old-headers := $(wildcard $(obj)/*.h) unwanted := $(filter-out $(all-files),$(old-headers)) -- cgit v1.2.3 From 7782b1444645768f5f213eaff6994604c6c0e635 Mon Sep 17 00:00:00 2001 From: Geert Uytterhoeven Date: Thu, 22 Jun 2017 15:07:06 +0200 Subject: scripts/dtc: dtx_diff - Show real file names in diff header As the comparison uses process substitution to pass files after conversion to DTS format, the diff header doesn't show the real filenames, but the names of the file descriptors used: --- /dev/fd/63 2017-06-22 11:21:47.531637188 +0200 +++ /dev/fd/62 2017-06-22 11:21:47.531637188 +0200 This is especially annoying when comparing a bunch of DT files in a loop, as the output doesn't show a clue about which files it refers to. Fix this by explicitly passing the original file names to the diff command using the --label option, giving e.g.: --- arch/arm/boot/dts/r8a7791-koelsch.dtb +++ arch/arm/boot/dts/r8a7791-porter.dtb Signed-off-by: Geert Uytterhoeven Reviewed-by: Frank Rowand Signed-off-by: Rob Herring --- scripts/dtc/dtx_diff | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts') diff --git a/scripts/dtc/dtx_diff b/scripts/dtc/dtx_diff index ec47f95991a3..fb86f3899e16 100755 --- a/scripts/dtc/dtx_diff +++ b/scripts/dtc/dtx_diff @@ -338,7 +338,7 @@ DTC="${DTC} ${dtc_flags} -O dts -qq -f ${dtc_sort} -o -" if (( ${cmd_diff} )) ; then - diff ${diff_flags} \ + diff ${diff_flags} --label "${dtx_file_1}" --label "${dtx_file_2}" \ <(compile_to_dts "${dtx_file_1}") \ <(compile_to_dts "${dtx_file_2}") -- cgit v1.2.3 From ad8181060788c80c0ad75b583f24c22fa962a7a6 Mon Sep 17 00:00:00 2001 From: Randy Dunlap Date: Mon, 22 May 2017 18:44:57 -0700 Subject: kconfig: fix sparse warnings in nconfig Fix sparse warnings in scripts/kconfig/nconf* ('make nconfig'): ../scripts/kconfig/nconf.c:1071:32: warning: Using plain integer as NULL pointer ../scripts/kconfig/nconf.c:1238:30: warning: Using plain integer as NULL pointer ../scripts/kconfig/nconf.c:511:51: warning: Using plain integer as NULL pointer ../scripts/kconfig/nconf.c:1460:6: warning: symbol 'setup_windows' was not declared. Should it be static? ../scripts/kconfig/nconf.c:274:12: warning: symbol 'current_instructions' was not declared. Should it be static? ../scripts/kconfig/nconf.c:308:22: warning: symbol 'function_keys' was not declared. Should it be static? ../scripts/kconfig/nconf.gui.c:132:17: warning: non-ANSI function declaration of function 'set_colors' ../scripts/kconfig/nconf.gui.c:195:24: warning: Using plain integer as NULL pointer nconf.gui.o before/after files are the same. nconf.o before/after files are the same until the 'static' function declarations are added. Signed-off-by: Randy Dunlap Signed-off-by: Masahiro Yamada --- scripts/kconfig/nconf.c | 12 ++++++------ scripts/kconfig/nconf.gui.c | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) (limited to 'scripts') diff --git a/scripts/kconfig/nconf.c b/scripts/kconfig/nconf.c index a9bc5334a478..003114779815 100644 --- a/scripts/kconfig/nconf.c +++ b/scripts/kconfig/nconf.c @@ -271,7 +271,7 @@ static struct mitem k_menu_items[MAX_MENU_ITEMS]; static int items_num; static int global_exit; /* the currently selected button */ -const char *current_instructions = menu_instructions; +static const char *current_instructions = menu_instructions; static char *dialog_input_result; static int dialog_input_result_len; @@ -305,7 +305,7 @@ struct function_keys { }; static const int function_keys_num = 9; -struct function_keys function_keys[] = { +static struct function_keys function_keys[] = { { .key_str = "F1", .func = "Help", @@ -508,7 +508,7 @@ static int get_mext_match(const char *match_str, match_f flag) index = (index + items_num) % items_num; while (true) { char *str = k_menu_items[index].str; - if (strcasestr(str, match_str) != 0) + if (strcasestr(str, match_str) != NULL) return index; if (flag == FIND_NEXT_MATCH_UP || flag == MATCH_TINKER_PATTERN_UP) @@ -1067,7 +1067,7 @@ static int do_match(int key, struct match_state *state, int *ans) static void conf(struct menu *menu) { - struct menu *submenu = 0; + struct menu *submenu = NULL; const char *prompt = menu_get_prompt(menu); struct symbol *sym; int res; @@ -1234,7 +1234,7 @@ static void show_help(struct menu *menu) static void conf_choice(struct menu *menu) { const char *prompt = _(menu_get_prompt(menu)); - struct menu *child = 0; + struct menu *child = NULL; struct symbol *active; int selected_index = 0; int last_top_row = 0; @@ -1456,7 +1456,7 @@ static void conf_save(void) } } -void setup_windows(void) +static void setup_windows(void) { int lines, columns; diff --git a/scripts/kconfig/nconf.gui.c b/scripts/kconfig/nconf.gui.c index 4b2f44c20caf..a64b1c31253e 100644 --- a/scripts/kconfig/nconf.gui.c +++ b/scripts/kconfig/nconf.gui.c @@ -129,7 +129,7 @@ static void no_colors_theme(void) mkattrn(FUNCTION_TEXT, A_REVERSE); } -void set_colors() +void set_colors(void) { start_color(); use_default_colors(); @@ -192,7 +192,7 @@ const char *get_line(const char *text, int line_no) int lines = 0; if (!text) - return 0; + return NULL; for (i = 0; text[i] != '\0' && lines < line_no; i++) if (text[i] == '\n') -- cgit v1.2.3 From 313dd1b629219db50cad532dba6a3b3b22ffe622 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Fri, 5 May 2017 23:37:45 -0700 Subject: gcc-plugins: Add the randstruct plugin This randstruct plugin is modified from Brad Spengler/PaX Team's code in the last public patch of grsecurity/PaX based on my understanding of the code. Changes or omissions from the original code are mine and don't reflect the original grsecurity/PaX code. The randstruct GCC plugin randomizes the layout of selected structures at compile time, as a probabilistic defense against attacks that need to know the layout of structures within the kernel. This is most useful for "in-house" kernel builds where neither the randomization seed nor other build artifacts are made available to an attacker. While less useful for distribution kernels (where the randomization seed must be exposed for third party kernel module builds), it still has some value there since now all kernel builds would need to be tracked by an attacker. In more performance sensitive scenarios, GCC_PLUGIN_RANDSTRUCT_PERFORMANCE can be selected to make a best effort to restrict randomization to cacheline-sized groups of elements, and will not randomize bitfields. This comes at the cost of reduced randomization. Two annotations are defined,__randomize_layout and __no_randomize_layout, which respectively tell the plugin to either randomize or not to randomize instances of the struct in question. Follow-on patches enable the auto-detection logic for selecting structures for randomization that contain only function pointers. It is disabled here to assist with bisection. Since any randomized structs must be initialized using designated initializers, __randomize_layout includes the __designated_init annotation even when the plugin is disabled so that all builds will require the needed initialization. (With the plugin enabled, annotations for automatically chosen structures are marked as well.) The main differences between this implemenation and grsecurity are: - disable automatic struct selection (to be enabled in follow-up patch) - add designated_init attribute at runtime and for manual marking - clarify debugging output to differentiate bad cast warnings - add whitelisting infrastructure - support gcc 7's DECL_ALIGN and DECL_MODE changes (Laura Abbott) - raise minimum required GCC version to 4.7 Earlier versions of this patch series were ported by Michael Leibowitz. Signed-off-by: Kees Cook --- scripts/Makefile.gcc-plugins | 4 + scripts/gcc-plugins/.gitignore | 1 + scripts/gcc-plugins/Makefile | 8 + scripts/gcc-plugins/gcc-common.h | 5 + scripts/gcc-plugins/gen-random-seed.sh | 8 + scripts/gcc-plugins/randomize_layout_plugin.c | 1020 +++++++++++++++++++++++++ 6 files changed, 1046 insertions(+) create mode 100644 scripts/gcc-plugins/.gitignore create mode 100644 scripts/gcc-plugins/gen-random-seed.sh create mode 100644 scripts/gcc-plugins/randomize_layout_plugin.c (limited to 'scripts') diff --git a/scripts/Makefile.gcc-plugins b/scripts/Makefile.gcc-plugins index 82335533620e..2e0e2eaa397f 100644 --- a/scripts/Makefile.gcc-plugins +++ b/scripts/Makefile.gcc-plugins @@ -29,6 +29,10 @@ ifdef CONFIG_GCC_PLUGINS gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE) += -fplugin-arg-structleak_plugin-verbose gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_STRUCTLEAK) += -DSTRUCTLEAK_PLUGIN + gcc-plugin-$(CONFIG_GCC_PLUGIN_RANDSTRUCT) += randomize_layout_plugin.so + gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_RANDSTRUCT) += -DRANDSTRUCT_PLUGIN + gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_RANDSTRUCT_PERFORMANCE) += -fplugin-arg-randomize_layout_plugin-performance-mode + GCC_PLUGINS_CFLAGS := $(strip $(addprefix -fplugin=$(objtree)/scripts/gcc-plugins/, $(gcc-plugin-y)) $(gcc-plugin-cflags-y)) export PLUGINCC GCC_PLUGINS_CFLAGS GCC_PLUGIN GCC_PLUGIN_SUBDIR diff --git a/scripts/gcc-plugins/.gitignore b/scripts/gcc-plugins/.gitignore new file mode 100644 index 000000000000..de92ed9e3d83 --- /dev/null +++ b/scripts/gcc-plugins/.gitignore @@ -0,0 +1 @@ +randomize_layout_seed.h diff --git a/scripts/gcc-plugins/Makefile b/scripts/gcc-plugins/Makefile index 8b29dc17c73c..214eb2335c31 100644 --- a/scripts/gcc-plugins/Makefile +++ b/scripts/gcc-plugins/Makefile @@ -18,6 +18,14 @@ endif export HOSTLIBS +$(obj)/randomize_layout_plugin.o: $(objtree)/$(obj)/randomize_layout_seed.h +quiet_cmd_create_randomize_layout_seed = GENSEED $@ +cmd_create_randomize_layout_seed = \ + $(CONFIG_SHELL) $(srctree)/$(src)/gen-random-seed.sh $@ $(objtree)/include/generated/randomize_layout_hash.h +$(objtree)/$(obj)/randomize_layout_seed.h: FORCE + $(call if_changed,create_randomize_layout_seed) +targets = randomize_layout_seed.h randomize_layout_hash.h + $(HOSTLIBS)-y := $(foreach p,$(GCC_PLUGIN),$(if $(findstring /,$(p)),,$(p))) always := $($(HOSTLIBS)-y) diff --git a/scripts/gcc-plugins/gcc-common.h b/scripts/gcc-plugins/gcc-common.h index 918953ca4527..6948898b3cdf 100644 --- a/scripts/gcc-plugins/gcc-common.h +++ b/scripts/gcc-plugins/gcc-common.h @@ -953,4 +953,9 @@ static inline void debug_gimple_stmt(const_gimple s) get_inner_reference(exp, pbitsize, pbitpos, poffset, pmode, punsignedp, preversep, pvolatilep) #endif +#if BUILDING_GCC_VERSION < 7000 +#define SET_DECL_ALIGN(decl, align) DECL_ALIGN(decl) = (align) +#define SET_DECL_MODE(decl, mode) DECL_MODE(decl) = (mode) +#endif + #endif diff --git a/scripts/gcc-plugins/gen-random-seed.sh b/scripts/gcc-plugins/gen-random-seed.sh new file mode 100644 index 000000000000..7514850f4815 --- /dev/null +++ b/scripts/gcc-plugins/gen-random-seed.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +if [ ! -f "$1" ]; then + SEED=`od -A n -t x8 -N 32 /dev/urandom | tr -d ' \n'` + echo "const char *randstruct_seed = \"$SEED\";" > "$1" + HASH=`echo -n "$SEED" | sha256sum | cut -d" " -f1 | tr -d ' \n'` + echo "#define RANDSTRUCT_HASHED_SEED \"$HASH\"" > "$2" +fi diff --git a/scripts/gcc-plugins/randomize_layout_plugin.c b/scripts/gcc-plugins/randomize_layout_plugin.c new file mode 100644 index 000000000000..e1d1ba28739f --- /dev/null +++ b/scripts/gcc-plugins/randomize_layout_plugin.c @@ -0,0 +1,1020 @@ +/* + * Copyright 2014-2016 by Open Source Security, Inc., Brad Spengler + * and PaX Team + * Licensed under the GPL v2 + * + * Note: the choice of the license means that the compilation process is + * NOT 'eligible' as defined by gcc's library exception to the GPL v3, + * but for the kernel it doesn't matter since it doesn't link against + * any of the gcc libraries + * + * Usage: + * $ # for 4.5/4.6/C based 4.7 + * $ gcc -I`gcc -print-file-name=plugin`/include -I`gcc -print-file-name=plugin`/include/c-family -fPIC -shared -O2 -o randomize_layout_plugin.so randomize_layout_plugin.c + * $ # for C++ based 4.7/4.8+ + * $ g++ -I`g++ -print-file-name=plugin`/include -I`g++ -print-file-name=plugin`/include/c-family -fPIC -shared -O2 -o randomize_layout_plugin.so randomize_layout_plugin.c + * $ gcc -fplugin=./randomize_layout_plugin.so test.c -O2 + */ + +#include "gcc-common.h" +#include "randomize_layout_seed.h" + +#if BUILDING_GCC_MAJOR < 4 || (BUILDING_GCC_MAJOR == 4 && BUILDING_GCC_MINOR < 7) +#error "The RANDSTRUCT plugin requires GCC 4.7 or newer." +#endif + +#define ORIG_TYPE_NAME(node) \ + (TYPE_NAME(TYPE_MAIN_VARIANT(node)) != NULL_TREE ? ((const unsigned char *)IDENTIFIER_POINTER(TYPE_NAME(TYPE_MAIN_VARIANT(node)))) : (const unsigned char *)"anonymous") + +#define INFORM(loc, msg, ...) inform(loc, "randstruct: " msg, ##__VA_ARGS__) +#define MISMATCH(loc, how, ...) INFORM(loc, "casting between randomized structure pointer types (" how "): %qT and %qT\n", __VA_ARGS__) + +__visible int plugin_is_GPL_compatible; + +static int performance_mode; + +static struct plugin_info randomize_layout_plugin_info = { + .version = "201402201816vanilla", + .help = "disable\t\t\tdo not activate plugin\n" + "performance-mode\tenable cacheline-aware layout randomization\n" +}; + +struct whitelist_entry { + const char *pathname; + const char *lhs; + const char *rhs; +}; + +static const struct whitelist_entry whitelist[] = { + { } +}; + +/* from old Linux dcache.h */ +static inline unsigned long +partial_name_hash(unsigned long c, unsigned long prevhash) +{ + return (prevhash + (c << 4) + (c >> 4)) * 11; +} +static inline unsigned int +name_hash(const unsigned char *name) +{ + unsigned long hash = 0; + unsigned int len = strlen((const char *)name); + while (len--) + hash = partial_name_hash(*name++, hash); + return (unsigned int)hash; +} + +static tree handle_randomize_layout_attr(tree *node, tree name, tree args, int flags, bool *no_add_attrs) +{ + tree type; + + *no_add_attrs = true; + if (TREE_CODE(*node) == FUNCTION_DECL) { + error("%qE attribute does not apply to functions (%qF)", name, *node); + return NULL_TREE; + } + + if (TREE_CODE(*node) == PARM_DECL) { + error("%qE attribute does not apply to function parameters (%qD)", name, *node); + return NULL_TREE; + } + + if (TREE_CODE(*node) == VAR_DECL) { + error("%qE attribute does not apply to variables (%qD)", name, *node); + return NULL_TREE; + } + + if (TYPE_P(*node)) { + type = *node; + } else { + gcc_assert(TREE_CODE(*node) == TYPE_DECL); + type = TREE_TYPE(*node); + } + + if (TREE_CODE(type) != RECORD_TYPE) { + error("%qE attribute used on %qT applies to struct types only", name, type); + return NULL_TREE; + } + + if (lookup_attribute(IDENTIFIER_POINTER(name), TYPE_ATTRIBUTES(type))) { + error("%qE attribute is already applied to the type %qT", name, type); + return NULL_TREE; + } + + *no_add_attrs = false; + + return NULL_TREE; +} + +/* set on complete types that we don't need to inspect further at all */ +static tree handle_randomize_considered_attr(tree *node, tree name, tree args, int flags, bool *no_add_attrs) +{ + *no_add_attrs = false; + return NULL_TREE; +} + +/* + * set on types that we've performed a shuffle on, to prevent re-shuffling + * this does not preclude us from inspecting its fields for potential shuffles + */ +static tree handle_randomize_performed_attr(tree *node, tree name, tree args, int flags, bool *no_add_attrs) +{ + *no_add_attrs = false; + return NULL_TREE; +} + +/* + * 64bit variant of Bob Jenkins' public domain PRNG + * 256 bits of internal state + */ + +typedef unsigned long long u64; + +typedef struct ranctx { u64 a; u64 b; u64 c; u64 d; } ranctx; + +#define rot(x,k) (((x)<<(k))|((x)>>(64-(k)))) +static u64 ranval(ranctx *x) { + u64 e = x->a - rot(x->b, 7); + x->a = x->b ^ rot(x->c, 13); + x->b = x->c + rot(x->d, 37); + x->c = x->d + e; + x->d = e + x->a; + return x->d; +} + +static void raninit(ranctx *x, u64 *seed) { + int i; + + x->a = seed[0]; + x->b = seed[1]; + x->c = seed[2]; + x->d = seed[3]; + + for (i=0; i < 30; ++i) + (void)ranval(x); +} + +static u64 shuffle_seed[4]; + +struct partition_group { + tree tree_start; + unsigned long start; + unsigned long length; +}; + +static void partition_struct(tree *fields, unsigned long length, struct partition_group *size_groups, unsigned long *num_groups) +{ + unsigned long i; + unsigned long accum_size = 0; + unsigned long accum_length = 0; + unsigned long group_idx = 0; + + gcc_assert(length < INT_MAX); + + memset(size_groups, 0, sizeof(struct partition_group) * length); + + for (i = 0; i < length; i++) { + if (size_groups[group_idx].tree_start == NULL_TREE) { + size_groups[group_idx].tree_start = fields[i]; + size_groups[group_idx].start = i; + accum_length = 0; + accum_size = 0; + } + accum_size += (unsigned long)int_size_in_bytes(TREE_TYPE(fields[i])); + accum_length++; + if (accum_size >= 64) { + size_groups[group_idx].length = accum_length; + accum_length = 0; + group_idx++; + } + } + + if (size_groups[group_idx].tree_start != NULL_TREE && + !size_groups[group_idx].length) { + size_groups[group_idx].length = accum_length; + group_idx++; + } + + *num_groups = group_idx; +} + +static void performance_shuffle(tree *newtree, unsigned long length, ranctx *prng_state) +{ + unsigned long i, x; + struct partition_group size_group[length]; + unsigned long num_groups = 0; + unsigned long randnum; + + partition_struct(newtree, length, (struct partition_group *)&size_group, &num_groups); + for (i = num_groups - 1; i > 0; i--) { + struct partition_group tmp; + randnum = ranval(prng_state) % (i + 1); + tmp = size_group[i]; + size_group[i] = size_group[randnum]; + size_group[randnum] = tmp; + } + + for (x = 0; x < num_groups; x++) { + for (i = size_group[x].start + size_group[x].length - 1; i > size_group[x].start; i--) { + tree tmp; + if (DECL_BIT_FIELD_TYPE(newtree[i])) + continue; + randnum = ranval(prng_state) % (i + 1); + // we could handle this case differently if desired + if (DECL_BIT_FIELD_TYPE(newtree[randnum])) + continue; + tmp = newtree[i]; + newtree[i] = newtree[randnum]; + newtree[randnum] = tmp; + } + } +} + +static void full_shuffle(tree *newtree, unsigned long length, ranctx *prng_state) +{ + unsigned long i, randnum; + + for (i = length - 1; i > 0; i--) { + tree tmp; + randnum = ranval(prng_state) % (i + 1); + tmp = newtree[i]; + newtree[i] = newtree[randnum]; + newtree[randnum] = tmp; + } +} + +/* modern in-place Fisher-Yates shuffle */ +static void shuffle(const_tree type, tree *newtree, unsigned long length) +{ + unsigned long i; + u64 seed[4]; + ranctx prng_state; + const unsigned char *structname; + + if (length == 0) + return; + + gcc_assert(TREE_CODE(type) == RECORD_TYPE); + + structname = ORIG_TYPE_NAME(type); + +#ifdef __DEBUG_PLUGIN + fprintf(stderr, "Shuffling struct %s %p\n", (const char *)structname, type); +#ifdef __DEBUG_VERBOSE + debug_tree((tree)type); +#endif +#endif + + for (i = 0; i < 4; i++) { + seed[i] = shuffle_seed[i]; + seed[i] ^= name_hash(structname); + } + + raninit(&prng_state, (u64 *)&seed); + + if (performance_mode) + performance_shuffle(newtree, length, &prng_state); + else + full_shuffle(newtree, length, &prng_state); +} + +static bool is_flexible_array(const_tree field) +{ + const_tree fieldtype; + const_tree typesize; + const_tree elemtype; + const_tree elemsize; + + fieldtype = TREE_TYPE(field); + typesize = TYPE_SIZE(fieldtype); + + if (TREE_CODE(fieldtype) != ARRAY_TYPE) + return false; + + elemtype = TREE_TYPE(fieldtype); + elemsize = TYPE_SIZE(elemtype); + + /* size of type is represented in bits */ + + if (typesize == NULL_TREE && TYPE_DOMAIN(fieldtype) != NULL_TREE && + TYPE_MAX_VALUE(TYPE_DOMAIN(fieldtype)) == NULL_TREE) + return true; + + if (typesize != NULL_TREE && + (TREE_CONSTANT(typesize) && (!tree_to_uhwi(typesize) || + tree_to_uhwi(typesize) == tree_to_uhwi(elemsize)))) + return true; + + return false; +} + +static int relayout_struct(tree type) +{ + unsigned long num_fields = (unsigned long)list_length(TYPE_FIELDS(type)); + unsigned long shuffle_length = num_fields; + tree field; + tree newtree[num_fields]; + unsigned long i; + tree list; + tree variant; + tree main_variant; + expanded_location xloc; + bool has_flexarray = false; + + if (TYPE_FIELDS(type) == NULL_TREE) + return 0; + + if (num_fields < 2) + return 0; + + gcc_assert(TREE_CODE(type) == RECORD_TYPE); + + gcc_assert(num_fields < INT_MAX); + + if (lookup_attribute("randomize_performed", TYPE_ATTRIBUTES(type)) || + lookup_attribute("no_randomize_layout", TYPE_ATTRIBUTES(TYPE_MAIN_VARIANT(type)))) + return 0; + + /* Workaround for 3rd-party VirtualBox source that we can't modify ourselves */ + if (!strcmp((const char *)ORIG_TYPE_NAME(type), "INTNETTRUNKFACTORY") || + !strcmp((const char *)ORIG_TYPE_NAME(type), "RAWPCIFACTORY")) + return 0; + + /* throw out any structs in uapi */ + xloc = expand_location(DECL_SOURCE_LOCATION(TYPE_FIELDS(type))); + + if (strstr(xloc.file, "/uapi/")) + error(G_("attempted to randomize userland API struct %s"), ORIG_TYPE_NAME(type)); + + for (field = TYPE_FIELDS(type), i = 0; field; field = TREE_CHAIN(field), i++) { + gcc_assert(TREE_CODE(field) == FIELD_DECL); + newtree[i] = field; + } + + /* + * enforce that we don't randomize the layout of the last + * element of a struct if it's a 0 or 1-length array + * or a proper flexible array + */ + if (is_flexible_array(newtree[num_fields - 1])) { + has_flexarray = true; + shuffle_length--; + } + + shuffle(type, (tree *)newtree, shuffle_length); + + /* + * set up a bogus anonymous struct field designed to error out on unnamed struct initializers + * as gcc provides no other way to detect such code + */ + list = make_node(FIELD_DECL); + TREE_CHAIN(list) = newtree[0]; + TREE_TYPE(list) = void_type_node; + DECL_SIZE(list) = bitsize_zero_node; + DECL_NONADDRESSABLE_P(list) = 1; + DECL_FIELD_BIT_OFFSET(list) = bitsize_zero_node; + DECL_SIZE_UNIT(list) = size_zero_node; + DECL_FIELD_OFFSET(list) = size_zero_node; + DECL_CONTEXT(list) = type; + // to satisfy the constify plugin + TREE_READONLY(list) = 1; + + for (i = 0; i < num_fields - 1; i++) + TREE_CHAIN(newtree[i]) = newtree[i+1]; + TREE_CHAIN(newtree[num_fields - 1]) = NULL_TREE; + + main_variant = TYPE_MAIN_VARIANT(type); + for (variant = main_variant; variant; variant = TYPE_NEXT_VARIANT(variant)) { + TYPE_FIELDS(variant) = list; + TYPE_ATTRIBUTES(variant) = copy_list(TYPE_ATTRIBUTES(variant)); + TYPE_ATTRIBUTES(variant) = tree_cons(get_identifier("randomize_performed"), NULL_TREE, TYPE_ATTRIBUTES(variant)); + TYPE_ATTRIBUTES(variant) = tree_cons(get_identifier("designated_init"), NULL_TREE, TYPE_ATTRIBUTES(variant)); + if (has_flexarray) + TYPE_ATTRIBUTES(type) = tree_cons(get_identifier("has_flexarray"), NULL_TREE, TYPE_ATTRIBUTES(type)); + } + + /* + * force a re-layout of the main variant + * the TYPE_SIZE for all variants will be recomputed + * by finalize_type_size() + */ + TYPE_SIZE(main_variant) = NULL_TREE; + layout_type(main_variant); + gcc_assert(TYPE_SIZE(main_variant) != NULL_TREE); + + return 1; +} + +/* from constify plugin */ +static const_tree get_field_type(const_tree field) +{ + return strip_array_types(TREE_TYPE(field)); +} + +/* from constify plugin */ +static bool is_fptr(const_tree fieldtype) +{ + if (TREE_CODE(fieldtype) != POINTER_TYPE) + return false; + + return TREE_CODE(TREE_TYPE(fieldtype)) == FUNCTION_TYPE; +} + +/* derived from constify plugin */ +static int is_pure_ops_struct(const_tree node) +{ + const_tree field; + + gcc_assert(TREE_CODE(node) == RECORD_TYPE || TREE_CODE(node) == UNION_TYPE); + + /* XXX: Do not apply randomization to all-ftpr structs yet. */ + return 0; + + for (field = TYPE_FIELDS(node); field; field = TREE_CHAIN(field)) { + const_tree fieldtype = get_field_type(field); + enum tree_code code = TREE_CODE(fieldtype); + + if (node == fieldtype) + continue; + + if (!is_fptr(fieldtype)) + return 0; + + if (code != RECORD_TYPE && code != UNION_TYPE) + continue; + + if (!is_pure_ops_struct(fieldtype)) + return 0; + } + + return 1; +} + +static void randomize_type(tree type) +{ + tree variant; + + gcc_assert(TREE_CODE(type) == RECORD_TYPE); + + if (lookup_attribute("randomize_considered", TYPE_ATTRIBUTES(type))) + return; + + if (lookup_attribute("randomize_layout", TYPE_ATTRIBUTES(TYPE_MAIN_VARIANT(type))) || is_pure_ops_struct(type)) + relayout_struct(type); + + for (variant = TYPE_MAIN_VARIANT(type); variant; variant = TYPE_NEXT_VARIANT(variant)) { + TYPE_ATTRIBUTES(type) = copy_list(TYPE_ATTRIBUTES(type)); + TYPE_ATTRIBUTES(type) = tree_cons(get_identifier("randomize_considered"), NULL_TREE, TYPE_ATTRIBUTES(type)); + } +#ifdef __DEBUG_PLUGIN + fprintf(stderr, "Marking randomize_considered on struct %s\n", ORIG_TYPE_NAME(type)); +#ifdef __DEBUG_VERBOSE + debug_tree(type); +#endif +#endif +} + +static void update_decl_size(tree decl) +{ + tree lastval, lastidx, field, init, type, flexsize; + unsigned HOST_WIDE_INT len; + + type = TREE_TYPE(decl); + + if (!lookup_attribute("has_flexarray", TYPE_ATTRIBUTES(type))) + return; + + init = DECL_INITIAL(decl); + if (init == NULL_TREE || init == error_mark_node) + return; + + if (TREE_CODE(init) != CONSTRUCTOR) + return; + + len = CONSTRUCTOR_NELTS(init); + if (!len) + return; + + lastval = CONSTRUCTOR_ELT(init, CONSTRUCTOR_NELTS(init) - 1)->value; + lastidx = CONSTRUCTOR_ELT(init, CONSTRUCTOR_NELTS(init) - 1)->index; + + for (field = TYPE_FIELDS(TREE_TYPE(decl)); TREE_CHAIN(field); field = TREE_CHAIN(field)) + ; + + if (lastidx != field) + return; + + if (TREE_CODE(lastval) != STRING_CST) { + error("Only string constants are supported as initializers " + "for randomized structures with flexible arrays"); + return; + } + + flexsize = bitsize_int(TREE_STRING_LENGTH(lastval) * + tree_to_uhwi(TYPE_SIZE(TREE_TYPE(TREE_TYPE(lastval))))); + + DECL_SIZE(decl) = size_binop(PLUS_EXPR, TYPE_SIZE(type), flexsize); + + return; +} + + +static void randomize_layout_finish_decl(void *event_data, void *data) +{ + tree decl = (tree)event_data; + tree type; + + if (decl == NULL_TREE || decl == error_mark_node) + return; + + type = TREE_TYPE(decl); + + if (TREE_CODE(decl) != VAR_DECL) + return; + + if (TREE_CODE(type) != RECORD_TYPE && TREE_CODE(type) != UNION_TYPE) + return; + + if (!lookup_attribute("randomize_performed", TYPE_ATTRIBUTES(type))) + return; + + DECL_SIZE(decl) = 0; + DECL_SIZE_UNIT(decl) = 0; + SET_DECL_ALIGN(decl, 0); + SET_DECL_MODE (decl, VOIDmode); + SET_DECL_RTL(decl, 0); + update_decl_size(decl); + layout_decl(decl, 0); +} + +static void finish_type(void *event_data, void *data) +{ + tree type = (tree)event_data; + + if (type == NULL_TREE || type == error_mark_node) + return; + + if (TREE_CODE(type) != RECORD_TYPE) + return; + + if (TYPE_FIELDS(type) == NULL_TREE) + return; + + if (lookup_attribute("randomize_considered", TYPE_ATTRIBUTES(type))) + return; + +#ifdef __DEBUG_PLUGIN + fprintf(stderr, "Calling randomize_type on %s\n", ORIG_TYPE_NAME(type)); +#endif +#ifdef __DEBUG_VERBOSE + debug_tree(type); +#endif + randomize_type(type); + + return; +} + +static struct attribute_spec randomize_layout_attr = { + .name = "randomize_layout", + // related to args + .min_length = 0, + .max_length = 0, + .decl_required = false, + // need type declaration + .type_required = true, + .function_type_required = false, + .handler = handle_randomize_layout_attr, +#if BUILDING_GCC_VERSION >= 4007 + .affects_type_identity = true +#endif +}; + +static struct attribute_spec no_randomize_layout_attr = { + .name = "no_randomize_layout", + // related to args + .min_length = 0, + .max_length = 0, + .decl_required = false, + // need type declaration + .type_required = true, + .function_type_required = false, + .handler = handle_randomize_layout_attr, +#if BUILDING_GCC_VERSION >= 4007 + .affects_type_identity = true +#endif +}; + +static struct attribute_spec randomize_considered_attr = { + .name = "randomize_considered", + // related to args + .min_length = 0, + .max_length = 0, + .decl_required = false, + // need type declaration + .type_required = true, + .function_type_required = false, + .handler = handle_randomize_considered_attr, +#if BUILDING_GCC_VERSION >= 4007 + .affects_type_identity = false +#endif +}; + +static struct attribute_spec randomize_performed_attr = { + .name = "randomize_performed", + // related to args + .min_length = 0, + .max_length = 0, + .decl_required = false, + // need type declaration + .type_required = true, + .function_type_required = false, + .handler = handle_randomize_performed_attr, +#if BUILDING_GCC_VERSION >= 4007 + .affects_type_identity = false +#endif +}; + +static void register_attributes(void *event_data, void *data) +{ + register_attribute(&randomize_layout_attr); + register_attribute(&no_randomize_layout_attr); + register_attribute(&randomize_considered_attr); + register_attribute(&randomize_performed_attr); +} + +static void check_bad_casts_in_constructor(tree var, tree init) +{ + unsigned HOST_WIDE_INT idx; + tree field, val; + tree field_type, val_type; + + FOR_EACH_CONSTRUCTOR_ELT(CONSTRUCTOR_ELTS(init), idx, field, val) { + if (TREE_CODE(val) == CONSTRUCTOR) { + check_bad_casts_in_constructor(var, val); + continue; + } + + /* pipacs' plugin creates franken-arrays that differ from those produced by + normal code which all have valid 'field' trees. work around this */ + if (field == NULL_TREE) + continue; + field_type = TREE_TYPE(field); + val_type = TREE_TYPE(val); + + if (TREE_CODE(field_type) != POINTER_TYPE || TREE_CODE(val_type) != POINTER_TYPE) + continue; + + if (field_type == val_type) + continue; + + field_type = TYPE_MAIN_VARIANT(strip_array_types(TYPE_MAIN_VARIANT(TREE_TYPE(field_type)))); + val_type = TYPE_MAIN_VARIANT(strip_array_types(TYPE_MAIN_VARIANT(TREE_TYPE(val_type)))); + + if (field_type == void_type_node) + continue; + if (field_type == val_type) + continue; + if (TREE_CODE(val_type) != RECORD_TYPE) + continue; + + if (!lookup_attribute("randomize_performed", TYPE_ATTRIBUTES(val_type))) + continue; + MISMATCH(DECL_SOURCE_LOCATION(var), "constructor\n", TYPE_MAIN_VARIANT(field_type), TYPE_MAIN_VARIANT(val_type)); + } +} + +/* derived from the constify plugin */ +static void check_global_variables(void *event_data, void *data) +{ + struct varpool_node *node; + tree init; + + FOR_EACH_VARIABLE(node) { + tree var = NODE_DECL(node); + init = DECL_INITIAL(var); + if (init == NULL_TREE) + continue; + + if (TREE_CODE(init) != CONSTRUCTOR) + continue; + + check_bad_casts_in_constructor(var, init); + } +} + +static bool dominated_by_is_err(const_tree rhs, basic_block bb) +{ + basic_block dom; + gimple dom_stmt; + gimple call_stmt; + const_tree dom_lhs; + const_tree poss_is_err_cond; + const_tree poss_is_err_func; + const_tree is_err_arg; + + dom = get_immediate_dominator(CDI_DOMINATORS, bb); + if (!dom) + return false; + + dom_stmt = last_stmt(dom); + if (!dom_stmt) + return false; + + if (gimple_code(dom_stmt) != GIMPLE_COND) + return false; + + if (gimple_cond_code(dom_stmt) != NE_EXPR) + return false; + + if (!integer_zerop(gimple_cond_rhs(dom_stmt))) + return false; + + poss_is_err_cond = gimple_cond_lhs(dom_stmt); + + if (TREE_CODE(poss_is_err_cond) != SSA_NAME) + return false; + + call_stmt = SSA_NAME_DEF_STMT(poss_is_err_cond); + + if (gimple_code(c