Re: [PATCH] :Staging :Wlan-ng Fixed coding style issues
On Sun, Sep 16, 2018 at 01:23:26AM -0300, Pablo Pellecchia wrote: > Fixed coding style issues on wlan-ng directory. > > Changes include: > - Parenthesis alignment > - Wrong casting issues > - Adding comments > - Lines ending with '(' > > Signed-off-by: Pablo Pellecchia > --- > drivers/staging/wlan-ng/cfg80211.c | 40 > +--- > drivers/staging/wlan-ng/hfa384x.h| 5 +++-- > drivers/staging/wlan-ng/p80211conv.c | 2 +- > drivers/staging/wlan-ng/prism2mgmt.c | 28 - > 4 files changed, 37 insertions(+), 38 deletions(-) Hi, This is the friendly patch-bot of Greg Kroah-Hartman. You have sent him a patch that has triggered this response. He used to manually respond to these common problems, but in order to save his sanity (he kept writing the same thing over and over, yet to different people), I was created. Hopefully you will not take offence and will fix the problem in your patch and resubmit it so that it can be accepted into the Linux kernel tree. You are receiving this message because of the following common error(s) as indicated below: - Your patch did many different things all at once, making it difficult to review. All Linux kernel patches need to only do one thing at a time. If you need to do multiple things (such as clean up all coding style issues in a file/driver), do it in a sequence of patches, each one doing only one thing. This will make it easier to review the patches to ensure that they are correct, and to help alleviate any merge issues that larger patches can cause. If you wish to discuss this problem further, or you have questions about how to resolve this issue, please feel free to respond to this email and Greg will reply once he has dug out from the pending patches received from other developers. thanks, greg k-h's patch email bot
Re: [PATCH] :Staging :Wlan-ng Fixed coding style issues
On Sun, Sep 16, 2018 at 01:23:26AM -0300, Pablo Pellecchia wrote: > Fixed coding style issues on wlan-ng directory. > > Changes include: > - Parenthesis alignment > - Wrong casting issues > - Adding comments > - Lines ending with '(' > > Signed-off-by: Pablo Pellecchia > --- > drivers/staging/wlan-ng/cfg80211.c | 40 > +--- > drivers/staging/wlan-ng/hfa384x.h| 5 +++-- > drivers/staging/wlan-ng/p80211conv.c | 2 +- > drivers/staging/wlan-ng/prism2mgmt.c | 28 - > 4 files changed, 37 insertions(+), 38 deletions(-) Hi, This is the friendly patch-bot of Greg Kroah-Hartman. You have sent him a patch that has triggered this response. He used to manually respond to these common problems, but in order to save his sanity (he kept writing the same thing over and over, yet to different people), I was created. Hopefully you will not take offence and will fix the problem in your patch and resubmit it so that it can be accepted into the Linux kernel tree. You are receiving this message because of the following common error(s) as indicated below: - Your patch did many different things all at once, making it difficult to review. All Linux kernel patches need to only do one thing at a time. If you need to do multiple things (such as clean up all coding style issues in a file/driver), do it in a sequence of patches, each one doing only one thing. This will make it easier to review the patches to ensure that they are correct, and to help alleviate any merge issues that larger patches can cause. If you wish to discuss this problem further, or you have questions about how to resolve this issue, please feel free to respond to this email and Greg will reply once he has dug out from the pending patches received from other developers. thanks, greg k-h's patch email bot
Re: [PATCH V4 00/27] C-SKY(csky) Linux Kernel Port
Hello Stephen, I'm Guo Ren from C-SKY and I'm working on csky linux port upstream. I've prepared my git-tree based on linux-4.19-rc3: git clone -b linux-next https://github.com/c-sky/csky-linux.git Here is the pre-built cross compiler for fast test from our CI: https://gitlab.com/c-sky/buildroot/-/jobs/97941896/artifacts/file/output/images/csky_toolchain_csky_ck860_platform_defconfig_72371bf75a51f27ea59fc34eeaf236e06b75bf69.tar.xz You can also build newest gcc, binutils and they are upstreamed but not released on gnu.org. Glibc is uptreaming now. Please have a look and any feed back is welcome. Best Regards Guo Ren On Wed, Sep 12, 2018 at 04:30:36PM +0200, Arnd Bergmann wrote: On Wed, Sep 12, 2018 at 3:25 PM Guo Ren wrote: > > This is the 3th version patchset to add the Linux kernel port for C-SKY(csky). > Thanks to everyone who provided feedback on the previous version. > > This patchset adds architecture support to Linux for C-SKY's 32-bit embedded > CPU cores and the patches are based on linux-4.18.4 > > There are two ABI versions with several CPU cores in this patchset: > ABIv1: ck610 (16-bit instruction, 32-bit data path, VIPT Cache ...) > ABIv2: ck807 ck810 ck860 (16/32-bit variable length instruction, PIPT Cache, > SMP ...) > > More information: http://en.c-sky.com This looks good to me overall. I think a good next step would be to get the port included in linux-next, by preparing a git tree with all the patches and asking Stephen Rothwell to include it there. Further comments on the architecture port itself can be done on top of the existing patches. I would suggest you base the git tree on an -rc release (either 4.19-rc1 or 4.19-rc3) and then never rebase again. You have included a couple of drivers in the submission: two timer and two irqchip drivers. Please leave those out for the moment, and either have them merged through the respective subsystem trees, or get an Ack from the maintainers to merge them through your tree. I notice that a lot of the patches have no changeset comments on them. You should fix that and make a habit of describing every single patch with a few sentences, even if it seems obvious to you. Have a look at the changeset descriptions for the nds32 and riscv architectures when they got merged. One big question for me is what to do about time_t. Deepa and I are in the process of finalizing the system call ABI for 32-bit architectures with 64-bit time_t, but we are not done yet and it won't be complete for 4.20. If you target 4.21, that could be a chance to make csky the first architecture to only need the 64-bit time_t interface, with the corresponding user space changes. Arnd
Re: [PATCH V4 00/27] C-SKY(csky) Linux Kernel Port
Hello Stephen, I'm Guo Ren from C-SKY and I'm working on csky linux port upstream. I've prepared my git-tree based on linux-4.19-rc3: git clone -b linux-next https://github.com/c-sky/csky-linux.git Here is the pre-built cross compiler for fast test from our CI: https://gitlab.com/c-sky/buildroot/-/jobs/97941896/artifacts/file/output/images/csky_toolchain_csky_ck860_platform_defconfig_72371bf75a51f27ea59fc34eeaf236e06b75bf69.tar.xz You can also build newest gcc, binutils and they are upstreamed but not released on gnu.org. Glibc is uptreaming now. Please have a look and any feed back is welcome. Best Regards Guo Ren On Wed, Sep 12, 2018 at 04:30:36PM +0200, Arnd Bergmann wrote: On Wed, Sep 12, 2018 at 3:25 PM Guo Ren wrote: > > This is the 3th version patchset to add the Linux kernel port for C-SKY(csky). > Thanks to everyone who provided feedback on the previous version. > > This patchset adds architecture support to Linux for C-SKY's 32-bit embedded > CPU cores and the patches are based on linux-4.18.4 > > There are two ABI versions with several CPU cores in this patchset: > ABIv1: ck610 (16-bit instruction, 32-bit data path, VIPT Cache ...) > ABIv2: ck807 ck810 ck860 (16/32-bit variable length instruction, PIPT Cache, > SMP ...) > > More information: http://en.c-sky.com This looks good to me overall. I think a good next step would be to get the port included in linux-next, by preparing a git tree with all the patches and asking Stephen Rothwell to include it there. Further comments on the architecture port itself can be done on top of the existing patches. I would suggest you base the git tree on an -rc release (either 4.19-rc1 or 4.19-rc3) and then never rebase again. You have included a couple of drivers in the submission: two timer and two irqchip drivers. Please leave those out for the moment, and either have them merged through the respective subsystem trees, or get an Ack from the maintainers to merge them through your tree. I notice that a lot of the patches have no changeset comments on them. You should fix that and make a habit of describing every single patch with a few sentences, even if it seems obvious to you. Have a look at the changeset descriptions for the nds32 and riscv architectures when they got merged. One big question for me is what to do about time_t. Deepa and I are in the process of finalizing the system call ABI for 32-bit architectures with 64-bit time_t, but we are not done yet and it won't be complete for 4.20. If you target 4.21, that could be a chance to make csky the first architecture to only need the 64-bit time_t interface, with the corresponding user space changes. Arnd
[PATCH] :Staging :Wlan-ng Fixed coding style issues
Fixed coding style issues on wlan-ng directory. Changes include: - Parenthesis alignment - Wrong casting issues - Adding comments - Lines ending with '(' Signed-off-by: Pablo Pellecchia --- drivers/staging/wlan-ng/cfg80211.c | 40 +--- drivers/staging/wlan-ng/hfa384x.h| 5 +++-- drivers/staging/wlan-ng/p80211conv.c | 2 +- drivers/staging/wlan-ng/prism2mgmt.c | 28 - 4 files changed, 37 insertions(+), 38 deletions(-) diff --git a/drivers/staging/wlan-ng/cfg80211.c b/drivers/staging/wlan-ng/cfg80211.c index d4cf09b11e33..38bf555a8d3e 100644 --- a/drivers/staging/wlan-ng/cfg80211.c +++ b/drivers/staging/wlan-ng/cfg80211.c @@ -234,8 +234,8 @@ static int prism2_set_default_key(struct wiphy *wiphy, struct net_device *dev, int result = 0; result = prism2_domibset_uint32(wlandev, - DIDmib_dot11smt_dot11PrivacyTable_dot11WEPDefaultKeyID, - key_index); + DIDmib_dot11smt_dot11PrivacyTable_dot11WEPDefaultKeyID, + key_index); if (result) err = -EFAULT; @@ -331,8 +331,8 @@ static int prism2_scan(struct wiphy *wiphy, (i < request->n_channels) && i < ARRAY_SIZE(prism2_channels); i++) msg1.channellist.data.data[i] = - ieee80211_frequency_to_channel( - request->channels[i]->center_freq); + ieee80211_frequency_to_channel + (request->channels[i]->center_freq); msg1.channellist.data.len = request->n_channels; msg1.maxchanneltime.data = 250; @@ -366,17 +366,16 @@ static int prism2_scan(struct wiphy *wiphy, freq = ieee80211_channel_to_frequency(msg2.dschannel.data, NL80211_BAND_2GHZ); bss = cfg80211_inform_bss(wiphy, - ieee80211_get_channel(wiphy, freq), - CFG80211_BSS_FTYPE_UNKNOWN, - (const u8 *), - msg2.timestamp.data, msg2.capinfo.data, - msg2.beaconperiod.data, - ie_buf, - ie_len, - (msg2.signal.data - 65536) * 100, /* Conversion to signed type */ - GFP_KERNEL - ); - + ieee80211_get_channel(wiphy, freq), + CFG80211_BSS_FTYPE_UNKNOWN, + (const u8 *), + msg2.timestamp.data, msg2.capinfo.data, + msg2.beaconperiod.data, + ie_buf, + ie_len, + (msg2.signal.data - 65536) * 100, /* Conversion to signed type */ + GFP_KERNEL + ); if (!bss) { err = -ENOMEM; goto exit; @@ -482,14 +481,13 @@ static int prism2_connect(struct wiphy *wiphy, struct net_device *dev, } result = prism2_domibset_uint32(wlandev, - DIDmib_dot11smt_dot11PrivacyTable_dot11WEPDefaultKeyID, - sme->key_idx); + DIDmib_dot11smt_dot11PrivacyTable_dot11WEPDefaultKeyID, + sme->key_idx); if (result) goto exit; /* send key to driver */ - did = DIDmib_dot11smt_dot11WEPDefaultKeysTable_key( - sme->key_idx + 1); + did = DIDmib_dot11smt_dot11WEPDefaultKeysTable_key(sme->key_idx + 1); result = prism2_domibset_pstr32(wlandev, did, sme->key_len, (u8 *)sme->key); @@ -595,8 +593,8 @@ static int prism2_set_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev, data = MBM_TO_DBM(mbm); result = prism2_domibset_uint32(wlandev, - DIDmib_dot11phy_dot11PhyTxPowerTable_dot11CurrentTxPowerLevel, - data); + DIDmib_dot11phy_dot11PhyTxPowerTable_dot11CurrentTxPowerLevel, + data); if (result) { err = -EFAULT; diff --git a/drivers/staging/wlan-ng/hfa384x.h b/drivers/staging/wlan-ng/hfa384x.h index 992ebaa1071f..f2ea389c870b 100644 --- a/drivers/staging/wlan-ng/hfa384x.h +++
[PATCH] :Staging :Wlan-ng Fixed coding style issues
Fixed coding style issues on wlan-ng directory. Changes include: - Parenthesis alignment - Wrong casting issues - Adding comments - Lines ending with '(' Signed-off-by: Pablo Pellecchia --- drivers/staging/wlan-ng/cfg80211.c | 40 +--- drivers/staging/wlan-ng/hfa384x.h| 5 +++-- drivers/staging/wlan-ng/p80211conv.c | 2 +- drivers/staging/wlan-ng/prism2mgmt.c | 28 - 4 files changed, 37 insertions(+), 38 deletions(-) diff --git a/drivers/staging/wlan-ng/cfg80211.c b/drivers/staging/wlan-ng/cfg80211.c index d4cf09b11e33..38bf555a8d3e 100644 --- a/drivers/staging/wlan-ng/cfg80211.c +++ b/drivers/staging/wlan-ng/cfg80211.c @@ -234,8 +234,8 @@ static int prism2_set_default_key(struct wiphy *wiphy, struct net_device *dev, int result = 0; result = prism2_domibset_uint32(wlandev, - DIDmib_dot11smt_dot11PrivacyTable_dot11WEPDefaultKeyID, - key_index); + DIDmib_dot11smt_dot11PrivacyTable_dot11WEPDefaultKeyID, + key_index); if (result) err = -EFAULT; @@ -331,8 +331,8 @@ static int prism2_scan(struct wiphy *wiphy, (i < request->n_channels) && i < ARRAY_SIZE(prism2_channels); i++) msg1.channellist.data.data[i] = - ieee80211_frequency_to_channel( - request->channels[i]->center_freq); + ieee80211_frequency_to_channel + (request->channels[i]->center_freq); msg1.channellist.data.len = request->n_channels; msg1.maxchanneltime.data = 250; @@ -366,17 +366,16 @@ static int prism2_scan(struct wiphy *wiphy, freq = ieee80211_channel_to_frequency(msg2.dschannel.data, NL80211_BAND_2GHZ); bss = cfg80211_inform_bss(wiphy, - ieee80211_get_channel(wiphy, freq), - CFG80211_BSS_FTYPE_UNKNOWN, - (const u8 *), - msg2.timestamp.data, msg2.capinfo.data, - msg2.beaconperiod.data, - ie_buf, - ie_len, - (msg2.signal.data - 65536) * 100, /* Conversion to signed type */ - GFP_KERNEL - ); - + ieee80211_get_channel(wiphy, freq), + CFG80211_BSS_FTYPE_UNKNOWN, + (const u8 *), + msg2.timestamp.data, msg2.capinfo.data, + msg2.beaconperiod.data, + ie_buf, + ie_len, + (msg2.signal.data - 65536) * 100, /* Conversion to signed type */ + GFP_KERNEL + ); if (!bss) { err = -ENOMEM; goto exit; @@ -482,14 +481,13 @@ static int prism2_connect(struct wiphy *wiphy, struct net_device *dev, } result = prism2_domibset_uint32(wlandev, - DIDmib_dot11smt_dot11PrivacyTable_dot11WEPDefaultKeyID, - sme->key_idx); + DIDmib_dot11smt_dot11PrivacyTable_dot11WEPDefaultKeyID, + sme->key_idx); if (result) goto exit; /* send key to driver */ - did = DIDmib_dot11smt_dot11WEPDefaultKeysTable_key( - sme->key_idx + 1); + did = DIDmib_dot11smt_dot11WEPDefaultKeysTable_key(sme->key_idx + 1); result = prism2_domibset_pstr32(wlandev, did, sme->key_len, (u8 *)sme->key); @@ -595,8 +593,8 @@ static int prism2_set_tx_power(struct wiphy *wiphy, struct wireless_dev *wdev, data = MBM_TO_DBM(mbm); result = prism2_domibset_uint32(wlandev, - DIDmib_dot11phy_dot11PhyTxPowerTable_dot11CurrentTxPowerLevel, - data); + DIDmib_dot11phy_dot11PhyTxPowerTable_dot11CurrentTxPowerLevel, + data); if (result) { err = -EFAULT; diff --git a/drivers/staging/wlan-ng/hfa384x.h b/drivers/staging/wlan-ng/hfa384x.h index 992ebaa1071f..f2ea389c870b 100644 --- a/drivers/staging/wlan-ng/hfa384x.h +++
RE: YOUR PAYMENT HAS BEEN APPROVED($10.M USD)
AFRICAN DEVELOPMENT BANK GROUP HEAD OFFICE: ADB HOUSE TINUBU SQUARE, LAGOS- NIGERIA. Hot Line: +23417905454 +23417374059 FAX:234-424-52117 EMAIL:a...@afdbnigeria.com Office:i...@afdbnigeria.com Private:adbgrouppl...@gmail.com Our Ref: ADBN/FGN/CP/2911/001/DP/18 ATTN: THIS IS TO INFORM YOU AFTER OUR MEETING OF TODAY 12TH SEPTEMBER,2019 WITH THE DIRECTORS OF THIS BANK,WE HAVE GREED TO SECURE WAIVER APPROVAL ON YOUR BEHALF AND TRANSFER YOUR FUND THROUGH THIS BRANCH.ALL WE NEED NOW IS YOUR CONFIRMATION TO GO AHEAD WITH THE TRANSFER OF YOUR FUND. MEANWHILE AS SOON AS YOU CONFIRM YOUR APPROVAL FOR US TO GO AHEAD WITH THE PROCESSING, YOUR INFORMATION WILL BE FORWARDED TO TRANSFER DEPARTMENT FOR IMMEDIATE RELEASE OF YOUR FUND.MAKE SURE YOU CONFIRM THE INFORMATION BELOW TO AVOID TRANSFERING YOUR FUND INTO A WRONG ACCOUNT. 1. BANK NAME: 2. BANK ADDRESS: 3. ACCOUNT NAME: 4. ACCOUNT NUMBER: 5. ROUTING NUMBER: 6. SWIFT CODE: 7: COMPANY NAME: 8: COMPANY ADDRESS: 9: CONTACT PHONE NUMBER: 10:DATE OF BIRTH: I WANT YOU TO KNOW THAT THIS PAYMENT IS VALID AND IS REFLECTED IN OUR SYSTEM, I WILL ENSURE YOU RECEIVE YOUR FUND THROUGH WIRE TRANSFER WITHOUT ANY FURTHER DELAY. I ADVICE YOU TO COOPERATE WITH ME AND LISTEN TO MY ADVICE AS THE AFRICAN DEVELOPMENT BANK GROUP. WILL NOT BE HELD RESPONSIBLE FOR ANY LAPSES OR MIS-DIRECTION OF YOUR FUND DUE TO YOUR INABILITY TO CO-OPERATE WITH ME. THE SUM OF USD$10,000,000.00 WILL BE TRANSFERRED INTO YOUR ACCOUNT THROUGH BANK OF AMERICA TENESSEE,I WILL MAKE SURE YOUR FUND HIT YOUR ACCOUNT WITHING 72 HOURS ONCE YOU MAKE CONTACT WITH THEM. HOWEVER, WE ARE GRATEFUL TO YOU IN PARTICULAR FOR BELIEVING IN US,AS OUR PRIME OBJECTIVE IS TO SATISFY OUR NUMEROUS CLIENTS WORLDWIDE ALSO TO MAINTAIN OUR INTERNATIONAL REPUTATION IN THE FINANCIAL AND FIDUCIARY INDUSTRY. OUR CREATIVE AND INNOVATIVE SERVICES ARE RENDERED BY EXPERTS, WHICH HAVE KEPT US AFLOAT OVER THE YEARS. WE REMAIN ONE OF THE BEST FINANCIAL INSTITUTIONS IN THE WORLD AND OUR SERVICES RENDERED ARE UNQUESTIONABLE, QUALITATIVE AND PROFESSIONAL ORIENTED AS WE INCORPORATE INTO BEING HIGHLY PROFESSIONALS. YOU ARE REQUIRED TO CONFIRM THE RECEIPT OF THIS EMAIL FOR FURTHER DIRECTIVES,THANKS FOR YOUR CO-OPERATION AND INTEREST IN THE AFRICAN DEVELOPMENT BANK. YOUR'S FAITHFULLY MR.OUSMANE DORE RESIDENT REPRESENTATIVE
RE: YOUR PAYMENT HAS BEEN APPROVED($10.M USD)
AFRICAN DEVELOPMENT BANK GROUP HEAD OFFICE: ADB HOUSE TINUBU SQUARE, LAGOS- NIGERIA. Hot Line: +23417905454 +23417374059 FAX:234-424-52117 EMAIL:a...@afdbnigeria.com Office:i...@afdbnigeria.com Private:adbgrouppl...@gmail.com Our Ref: ADBN/FGN/CP/2911/001/DP/18 ATTN: THIS IS TO INFORM YOU AFTER OUR MEETING OF TODAY 12TH SEPTEMBER,2019 WITH THE DIRECTORS OF THIS BANK,WE HAVE GREED TO SECURE WAIVER APPROVAL ON YOUR BEHALF AND TRANSFER YOUR FUND THROUGH THIS BRANCH.ALL WE NEED NOW IS YOUR CONFIRMATION TO GO AHEAD WITH THE TRANSFER OF YOUR FUND. MEANWHILE AS SOON AS YOU CONFIRM YOUR APPROVAL FOR US TO GO AHEAD WITH THE PROCESSING, YOUR INFORMATION WILL BE FORWARDED TO TRANSFER DEPARTMENT FOR IMMEDIATE RELEASE OF YOUR FUND.MAKE SURE YOU CONFIRM THE INFORMATION BELOW TO AVOID TRANSFERING YOUR FUND INTO A WRONG ACCOUNT. 1. BANK NAME: 2. BANK ADDRESS: 3. ACCOUNT NAME: 4. ACCOUNT NUMBER: 5. ROUTING NUMBER: 6. SWIFT CODE: 7: COMPANY NAME: 8: COMPANY ADDRESS: 9: CONTACT PHONE NUMBER: 10:DATE OF BIRTH: I WANT YOU TO KNOW THAT THIS PAYMENT IS VALID AND IS REFLECTED IN OUR SYSTEM, I WILL ENSURE YOU RECEIVE YOUR FUND THROUGH WIRE TRANSFER WITHOUT ANY FURTHER DELAY. I ADVICE YOU TO COOPERATE WITH ME AND LISTEN TO MY ADVICE AS THE AFRICAN DEVELOPMENT BANK GROUP. WILL NOT BE HELD RESPONSIBLE FOR ANY LAPSES OR MIS-DIRECTION OF YOUR FUND DUE TO YOUR INABILITY TO CO-OPERATE WITH ME. THE SUM OF USD$10,000,000.00 WILL BE TRANSFERRED INTO YOUR ACCOUNT THROUGH BANK OF AMERICA TENESSEE,I WILL MAKE SURE YOUR FUND HIT YOUR ACCOUNT WITHING 72 HOURS ONCE YOU MAKE CONTACT WITH THEM. HOWEVER, WE ARE GRATEFUL TO YOU IN PARTICULAR FOR BELIEVING IN US,AS OUR PRIME OBJECTIVE IS TO SATISFY OUR NUMEROUS CLIENTS WORLDWIDE ALSO TO MAINTAIN OUR INTERNATIONAL REPUTATION IN THE FINANCIAL AND FIDUCIARY INDUSTRY. OUR CREATIVE AND INNOVATIVE SERVICES ARE RENDERED BY EXPERTS, WHICH HAVE KEPT US AFLOAT OVER THE YEARS. WE REMAIN ONE OF THE BEST FINANCIAL INSTITUTIONS IN THE WORLD AND OUR SERVICES RENDERED ARE UNQUESTIONABLE, QUALITATIVE AND PROFESSIONAL ORIENTED AS WE INCORPORATE INTO BEING HIGHLY PROFESSIONALS. YOU ARE REQUIRED TO CONFIRM THE RECEIPT OF THIS EMAIL FOR FURTHER DIRECTIVES,THANKS FOR YOUR CO-OPERATION AND INTEREST IN THE AFRICAN DEVELOPMENT BANK. YOUR'S FAITHFULLY MR.OUSMANE DORE RESIDENT REPRESENTATIVE
Re: [PATCH 07/18] LSM: Add minor LSM initialization loop
On Sat, Sep 15, 2018 at 6:27 PM, Jann Horn wrote: > On Sun, Sep 16, 2018 at 3:11 AM Kees Cook wrote: >> Split initialization loop into two phases: "exclusive" LSMs and "minor" >> LSMs. >> >> Signed-off-by: Kees Cook >> --- >> include/linux/lsm_hooks.h | 6 ++ >> security/security.c | 8 +--- >> 2 files changed, 11 insertions(+), 3 deletions(-) >> >> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h >> index f8e618e2bdd2..ec3419b9b16f 100644 >> --- a/include/linux/lsm_hooks.h >> +++ b/include/linux/lsm_hooks.h >> @@ -2039,7 +2039,13 @@ extern char *lsm_names; >> extern void security_add_hooks(struct security_hook_list *hooks, int count, >> char *lsm); >> >> +enum lsm_type { >> + LSM_TYPE_EXCLUSIVE = 0, >> + LSM_TYPE_MINOR, >> +}; > > Is the intent of this explicit zero assignment that LSM_TYPE_EXCLUSIVE > should be the default? If so, perhaps a comment "/* default */", or > something like that, might be helpful. You cut the patch quote off where I do exactly that: >> + enum lsm_type type; /* Optional: default is LSM_TYPE_EXCLUSIVE */ :) -Kees -- Kees Cook Pixel Security
Re: [PATCH 07/18] LSM: Add minor LSM initialization loop
On Sat, Sep 15, 2018 at 6:27 PM, Jann Horn wrote: > On Sun, Sep 16, 2018 at 3:11 AM Kees Cook wrote: >> Split initialization loop into two phases: "exclusive" LSMs and "minor" >> LSMs. >> >> Signed-off-by: Kees Cook >> --- >> include/linux/lsm_hooks.h | 6 ++ >> security/security.c | 8 +--- >> 2 files changed, 11 insertions(+), 3 deletions(-) >> >> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h >> index f8e618e2bdd2..ec3419b9b16f 100644 >> --- a/include/linux/lsm_hooks.h >> +++ b/include/linux/lsm_hooks.h >> @@ -2039,7 +2039,13 @@ extern char *lsm_names; >> extern void security_add_hooks(struct security_hook_list *hooks, int count, >> char *lsm); >> >> +enum lsm_type { >> + LSM_TYPE_EXCLUSIVE = 0, >> + LSM_TYPE_MINOR, >> +}; > > Is the intent of this explicit zero assignment that LSM_TYPE_EXCLUSIVE > should be the default? If so, perhaps a comment "/* default */", or > something like that, might be helpful. You cut the patch quote off where I do exactly that: >> + enum lsm_type type; /* Optional: default is LSM_TYPE_EXCLUSIVE */ :) -Kees -- Kees Cook Pixel Security
Re: [PATCH 11/18] LSM: Lift LSM selection out of individual LSMs
On Sat, Sep 15, 2018 at 6:32 PM, Jann Horn wrote: > On Sun, Sep 16, 2018 at 3:14 AM Kees Cook wrote: >> In order to adjust LSM selection logic in the future, this moves the >> selection logic up out of the individual LSMs, making their init functions >> only run when actually enabled. > [...] >> +/* Is an LSM allowed to be enabled? */ >> +static bool __init lsm_enabled(struct lsm_info *lsm) >> +{ >> + /* Report explicit disabling. */ >> + if (lsm->enabled && !*lsm->enabled) { >> + pr_info("%s disabled with boot parameter\n", lsm->name); >> + return false; >> + } >> + >> + /* If LSM isn't exclusive, ignore exclusive LSM selection rules. */ >> + if (lsm->type != LSM_TYPE_EXCLUSIVE) >> + return true; >> + >> + /* Disabled if another exclusive LSM already selected. */ >> + if (exclusive) >> + return false; > > What is this check for, given that you have the strcmp() just below > here? From a quick look, it (together with everything else that > touches the "exclusive" variable) seems superfluous to me, unless > there are two LSMs with the same name (which really shouldn't happen, > right?). > >> + /* Disabled if this LSM isn't the chosen one. */ >> + if (strcmp(lsm->name, chosen_lsm) != 0) >> + return false; >> + >> + return true; >> +} Mainly it's for composition with later patches where the name check is moved. It seemed easier to explain the logical progression with the hunk here. -Kees -- Kees Cook Pixel Security
Re: [PATCH 11/18] LSM: Lift LSM selection out of individual LSMs
On Sat, Sep 15, 2018 at 6:32 PM, Jann Horn wrote: > On Sun, Sep 16, 2018 at 3:14 AM Kees Cook wrote: >> In order to adjust LSM selection logic in the future, this moves the >> selection logic up out of the individual LSMs, making their init functions >> only run when actually enabled. > [...] >> +/* Is an LSM allowed to be enabled? */ >> +static bool __init lsm_enabled(struct lsm_info *lsm) >> +{ >> + /* Report explicit disabling. */ >> + if (lsm->enabled && !*lsm->enabled) { >> + pr_info("%s disabled with boot parameter\n", lsm->name); >> + return false; >> + } >> + >> + /* If LSM isn't exclusive, ignore exclusive LSM selection rules. */ >> + if (lsm->type != LSM_TYPE_EXCLUSIVE) >> + return true; >> + >> + /* Disabled if another exclusive LSM already selected. */ >> + if (exclusive) >> + return false; > > What is this check for, given that you have the strcmp() just below > here? From a quick look, it (together with everything else that > touches the "exclusive" variable) seems superfluous to me, unless > there are two LSMs with the same name (which really shouldn't happen, > right?). > >> + /* Disabled if this LSM isn't the chosen one. */ >> + if (strcmp(lsm->name, chosen_lsm) != 0) >> + return false; >> + >> + return true; >> +} Mainly it's for composition with later patches where the name check is moved. It seemed easier to explain the logical progression with the hunk here. -Kees -- Kees Cook Pixel Security
Re: [PATCH 11/18] LSM: Lift LSM selection out of individual LSMs
On Sun, Sep 16, 2018 at 3:14 AM Kees Cook wrote: > In order to adjust LSM selection logic in the future, this moves the > selection logic up out of the individual LSMs, making their init functions > only run when actually enabled. [...] > +/* Is an LSM allowed to be enabled? */ > +static bool __init lsm_enabled(struct lsm_info *lsm) > +{ > + /* Report explicit disabling. */ > + if (lsm->enabled && !*lsm->enabled) { > + pr_info("%s disabled with boot parameter\n", lsm->name); > + return false; > + } > + > + /* If LSM isn't exclusive, ignore exclusive LSM selection rules. */ > + if (lsm->type != LSM_TYPE_EXCLUSIVE) > + return true; > + > + /* Disabled if another exclusive LSM already selected. */ > + if (exclusive) > + return false; What is this check for, given that you have the strcmp() just below here? From a quick look, it (together with everything else that touches the "exclusive" variable) seems superfluous to me, unless there are two LSMs with the same name (which really shouldn't happen, right?). > + /* Disabled if this LSM isn't the chosen one. */ > + if (strcmp(lsm->name, chosen_lsm) != 0) > + return false; > + > + return true; > +}
Re: [PATCH 11/18] LSM: Lift LSM selection out of individual LSMs
On Sun, Sep 16, 2018 at 3:14 AM Kees Cook wrote: > In order to adjust LSM selection logic in the future, this moves the > selection logic up out of the individual LSMs, making their init functions > only run when actually enabled. [...] > +/* Is an LSM allowed to be enabled? */ > +static bool __init lsm_enabled(struct lsm_info *lsm) > +{ > + /* Report explicit disabling. */ > + if (lsm->enabled && !*lsm->enabled) { > + pr_info("%s disabled with boot parameter\n", lsm->name); > + return false; > + } > + > + /* If LSM isn't exclusive, ignore exclusive LSM selection rules. */ > + if (lsm->type != LSM_TYPE_EXCLUSIVE) > + return true; > + > + /* Disabled if another exclusive LSM already selected. */ > + if (exclusive) > + return false; What is this check for, given that you have the strcmp() just below here? From a quick look, it (together with everything else that touches the "exclusive" variable) seems superfluous to me, unless there are two LSMs with the same name (which really shouldn't happen, right?). > + /* Disabled if this LSM isn't the chosen one. */ > + if (strcmp(lsm->name, chosen_lsm) != 0) > + return false; > + > + return true; > +}
Re: [PATCH 07/18] LSM: Add minor LSM initialization loop
On Sun, Sep 16, 2018 at 3:11 AM Kees Cook wrote: > Split initialization loop into two phases: "exclusive" LSMs and "minor" > LSMs. > > Signed-off-by: Kees Cook > --- > include/linux/lsm_hooks.h | 6 ++ > security/security.c | 8 +--- > 2 files changed, 11 insertions(+), 3 deletions(-) > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index f8e618e2bdd2..ec3419b9b16f 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -2039,7 +2039,13 @@ extern char *lsm_names; > extern void security_add_hooks(struct security_hook_list *hooks, int count, > char *lsm); > > +enum lsm_type { > + LSM_TYPE_EXCLUSIVE = 0, > + LSM_TYPE_MINOR, > +}; Is the intent of this explicit zero assignment that LSM_TYPE_EXCLUSIVE should be the default? If so, perhaps a comment "/* default */", or something like that, might be helpful.
Re: [PATCH 07/18] LSM: Add minor LSM initialization loop
On Sun, Sep 16, 2018 at 3:11 AM Kees Cook wrote: > Split initialization loop into two phases: "exclusive" LSMs and "minor" > LSMs. > > Signed-off-by: Kees Cook > --- > include/linux/lsm_hooks.h | 6 ++ > security/security.c | 8 +--- > 2 files changed, 11 insertions(+), 3 deletions(-) > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index f8e618e2bdd2..ec3419b9b16f 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -2039,7 +2039,13 @@ extern char *lsm_names; > extern void security_add_hooks(struct security_hook_list *hooks, int count, > char *lsm); > > +enum lsm_type { > + LSM_TYPE_EXCLUSIVE = 0, > + LSM_TYPE_MINOR, > +}; Is the intent of this explicit zero assignment that LSM_TYPE_EXCLUSIVE should be the default? If so, perhaps a comment "/* default */", or something like that, might be helpful.
Re: [PATCH V4 00/27] C-SKY(csky) Linux Kernel Port
On Wed, Sep 12, 2018 at 04:30:36PM +0200, Arnd Bergmann wrote: > On Wed, Sep 12, 2018 at 3:25 PM Guo Ren wrote: > > > > This is the 3th version patchset to add the Linux kernel port for > > C-SKY(csky). > > Thanks to everyone who provided feedback on the previous version. > > > > This patchset adds architecture support to Linux for C-SKY's 32-bit embedded > > CPU cores and the patches are based on linux-4.18.4 > > > > There are two ABI versions with several CPU cores in this patchset: > > ABIv1: ck610 (16-bit instruction, 32-bit data path, VIPT Cache ...) > > ABIv2: ck807 ck810 ck860 (16/32-bit variable length instruction, PIPT > > Cache, > > SMP ...) > > > > More information: http://en.c-sky.com > > This looks good to me overall. I think a good next step would be to get the > port > included in linux-next, by preparing a git tree with all the patches and > asking > Stephen Rothwell to include it there. Further comments on the architecture > port itself can be done on top of the existing patches. I would suggest you > base the git tree on an -rc release (either 4.19-rc1 or 4.19-rc3) and then > never > rebase again. Another question: Could I add "Acked-by: Arnd Bergmann " in all my comments? Best Regards Guo Ren
Re: [PATCH V4 00/27] C-SKY(csky) Linux Kernel Port
On Wed, Sep 12, 2018 at 04:30:36PM +0200, Arnd Bergmann wrote: > On Wed, Sep 12, 2018 at 3:25 PM Guo Ren wrote: > > > > This is the 3th version patchset to add the Linux kernel port for > > C-SKY(csky). > > Thanks to everyone who provided feedback on the previous version. > > > > This patchset adds architecture support to Linux for C-SKY's 32-bit embedded > > CPU cores and the patches are based on linux-4.18.4 > > > > There are two ABI versions with several CPU cores in this patchset: > > ABIv1: ck610 (16-bit instruction, 32-bit data path, VIPT Cache ...) > > ABIv2: ck807 ck810 ck860 (16/32-bit variable length instruction, PIPT > > Cache, > > SMP ...) > > > > More information: http://en.c-sky.com > > This looks good to me overall. I think a good next step would be to get the > port > included in linux-next, by preparing a git tree with all the patches and > asking > Stephen Rothwell to include it there. Further comments on the architecture > port itself can be done on top of the existing patches. I would suggest you > base the git tree on an -rc release (either 4.19-rc1 or 4.19-rc3) and then > never > rebase again. Another question: Could I add "Acked-by: Arnd Bergmann " in all my comments? Best Regards Guo Ren
[PATCH 17/18] LSM: Provide init debugging
Booting with "lsm.debug" will report details on how LSM ordering decisions are being made. Additionally changes tense of "Framework initialized" to "... initializing" since it hadn't finished its work yet. Signed-off-by: Kees Cook --- .../admin-guide/kernel-parameters.txt | 2 ++ security/security.c | 30 ++- 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 6d6bb9481193..c3e44a27c86a 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2274,6 +2274,8 @@ ltpc= [NET] Format: ,, + lsm.debug [SECURITY] Enable LSM initialization debugging output. + machvec=[IA-64] Force the use of a particular machine-vector (machvec) in a generic kernel. Example: machvec=hpzx1_swiotlb diff --git a/security/security.c b/security/security.c index f09a4bb3cb86..3b84b7eeb08c 100644 --- a/security/security.c +++ b/security/security.c @@ -12,6 +12,8 @@ * (at your option) any later version. */ +#define pr_fmt(fmt) "LSM: " fmt + #include #include #include @@ -46,6 +48,13 @@ static const char *bootparam_lsms; static struct lsm_info **possible_lsms __initdata; static struct lsm_info *exclusive __initdata; +static bool debug __initdata; +#define init_debug(...)\ + do {\ + if (debug) \ + pr_info(__VA_ARGS__); \ + } while (0) + /* Mark an LSM's enabled flag, if it exists. */ static void __init set_enabled(struct lsm_info *lsm, bool enabled) { @@ -71,6 +80,7 @@ static void __init append_possible_lsm(struct lsm_info *lsm, const char *from) { /* Ignore duplicate selections. */ if (possible_lsm(lsm)) { + init_debug("duplicate: %s\n", lsm->name); return; } @@ -78,6 +88,7 @@ static void __init append_possible_lsm(struct lsm_info *lsm, const char *from) return; possible_lsms[last_lsm++] = lsm; + init_debug("%s possible: %s\n", from, lsm->name); } /* Default boot: populate possible LSMs list with builtin ordering. */ @@ -117,12 +128,18 @@ static void __init prepare_lsm_order_commandline(void) next = sep; /* Walk commandline list, looking for matching LSMs. */ while ((name = strsep(, ",")) != NULL) { + bool found = false; + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { if (lsm->order == LSM_ORDER_MUTABLE && !strcmp(lsm->name, name)) { append_possible_lsm(lsm, "commandline"); + found = true; } } + + if (!found) + init_debug("ignoring: %s\n", name); } kfree(sep); @@ -133,6 +150,7 @@ static void __init prepare_lsm_order_commandline(void) continue; set_enabled(lsm, false); + init_debug("disabled: %s\n", lsm->name); } } } @@ -187,6 +205,7 @@ static void __init maybe_enable_lsm(struct lsm_info *lsm) if (enabled) { if (lsm->type == LSM_TYPE_EXCLUSIVE) { exclusive = lsm; + init_debug("exclusive: %s\n", exclusive->name); } lsm->init(); } @@ -211,12 +230,13 @@ int __init security_init(void) int i; struct hlist_head *list = (struct hlist_head *) _hook_heads; + pr_info("Security Framework initializing\n"); + for (i = 0; i < sizeof(security_hook_heads) / sizeof(struct hlist_head); i++) INIT_HLIST_HEAD([i]); possible_lsms = kcalloc(LSM_COUNT + 1, sizeof(*possible_lsms), GFP_KERNEL); - pr_info("Security Framework initialized\n"); prepare_lsm_order(); lsm_init(); @@ -233,6 +253,14 @@ static int __init choose_lsm(char *str) } __setup("security=", choose_lsm); +/* Enable LSM order debugging. */ +static int __init enable_debug(char *str) +{ + debug = true; + return 1; +} +__setup("lsm.debug", enable_debug); + static bool match_last_lsm(const char *list, const char *lsm) { const char *last; -- 2.17.1
[PATCH 17/18] LSM: Provide init debugging
Booting with "lsm.debug" will report details on how LSM ordering decisions are being made. Additionally changes tense of "Framework initialized" to "... initializing" since it hadn't finished its work yet. Signed-off-by: Kees Cook --- .../admin-guide/kernel-parameters.txt | 2 ++ security/security.c | 30 ++- 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 6d6bb9481193..c3e44a27c86a 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2274,6 +2274,8 @@ ltpc= [NET] Format: ,, + lsm.debug [SECURITY] Enable LSM initialization debugging output. + machvec=[IA-64] Force the use of a particular machine-vector (machvec) in a generic kernel. Example: machvec=hpzx1_swiotlb diff --git a/security/security.c b/security/security.c index f09a4bb3cb86..3b84b7eeb08c 100644 --- a/security/security.c +++ b/security/security.c @@ -12,6 +12,8 @@ * (at your option) any later version. */ +#define pr_fmt(fmt) "LSM: " fmt + #include #include #include @@ -46,6 +48,13 @@ static const char *bootparam_lsms; static struct lsm_info **possible_lsms __initdata; static struct lsm_info *exclusive __initdata; +static bool debug __initdata; +#define init_debug(...)\ + do {\ + if (debug) \ + pr_info(__VA_ARGS__); \ + } while (0) + /* Mark an LSM's enabled flag, if it exists. */ static void __init set_enabled(struct lsm_info *lsm, bool enabled) { @@ -71,6 +80,7 @@ static void __init append_possible_lsm(struct lsm_info *lsm, const char *from) { /* Ignore duplicate selections. */ if (possible_lsm(lsm)) { + init_debug("duplicate: %s\n", lsm->name); return; } @@ -78,6 +88,7 @@ static void __init append_possible_lsm(struct lsm_info *lsm, const char *from) return; possible_lsms[last_lsm++] = lsm; + init_debug("%s possible: %s\n", from, lsm->name); } /* Default boot: populate possible LSMs list with builtin ordering. */ @@ -117,12 +128,18 @@ static void __init prepare_lsm_order_commandline(void) next = sep; /* Walk commandline list, looking for matching LSMs. */ while ((name = strsep(, ",")) != NULL) { + bool found = false; + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { if (lsm->order == LSM_ORDER_MUTABLE && !strcmp(lsm->name, name)) { append_possible_lsm(lsm, "commandline"); + found = true; } } + + if (!found) + init_debug("ignoring: %s\n", name); } kfree(sep); @@ -133,6 +150,7 @@ static void __init prepare_lsm_order_commandline(void) continue; set_enabled(lsm, false); + init_debug("disabled: %s\n", lsm->name); } } } @@ -187,6 +205,7 @@ static void __init maybe_enable_lsm(struct lsm_info *lsm) if (enabled) { if (lsm->type == LSM_TYPE_EXCLUSIVE) { exclusive = lsm; + init_debug("exclusive: %s\n", exclusive->name); } lsm->init(); } @@ -211,12 +230,13 @@ int __init security_init(void) int i; struct hlist_head *list = (struct hlist_head *) _hook_heads; + pr_info("Security Framework initializing\n"); + for (i = 0; i < sizeof(security_hook_heads) / sizeof(struct hlist_head); i++) INIT_HLIST_HEAD([i]); possible_lsms = kcalloc(LSM_COUNT + 1, sizeof(*possible_lsms), GFP_KERNEL); - pr_info("Security Framework initialized\n"); prepare_lsm_order(); lsm_init(); @@ -233,6 +253,14 @@ static int __init choose_lsm(char *str) } __setup("security=", choose_lsm); +/* Enable LSM order debugging. */ +static int __init enable_debug(char *str) +{ + debug = true; + return 1; +} +__setup("lsm.debug", enable_debug); + static bool match_last_lsm(const char *list, const char *lsm) { const char *last; -- 2.17.1
[PATCH 18/18] LSM: Don't ignore initialization failures
LSM initialization failures have traditionally been ignored. We should at least WARN when something goes wrong. Signed-off-by: Kees Cook --- security/security.c | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/security/security.c b/security/security.c index 3b84b7eeb08c..a7796e522f72 100644 --- a/security/security.c +++ b/security/security.c @@ -203,11 +203,15 @@ static void __init maybe_enable_lsm(struct lsm_info *lsm) /* If selected, initialize the LSM. */ if (enabled) { + int ret; + if (lsm->type == LSM_TYPE_EXCLUSIVE) { exclusive = lsm; init_debug("exclusive: %s\n", exclusive->name); } - lsm->init(); + + ret = lsm->init(); + WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret); } } -- 2.17.1
[PATCH 18/18] LSM: Don't ignore initialization failures
LSM initialization failures have traditionally been ignored. We should at least WARN when something goes wrong. Signed-off-by: Kees Cook --- security/security.c | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/security/security.c b/security/security.c index 3b84b7eeb08c..a7796e522f72 100644 --- a/security/security.c +++ b/security/security.c @@ -203,11 +203,15 @@ static void __init maybe_enable_lsm(struct lsm_info *lsm) /* If selected, initialize the LSM. */ if (enabled) { + int ret; + if (lsm->type == LSM_TYPE_EXCLUSIVE) { exclusive = lsm; init_debug("exclusive: %s\n", exclusive->name); } - lsm->init(); + + ret = lsm->init(); + WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret); } } -- 2.17.1
[PATCH 16/18] LSM: Allow arbitrary LSM ordering
To prepare for having a third type of LSM ("shared blob"), this implements dynamic handling of LSM ordering. The visible change here is that the "security=" boot commandline is now a comma-separated ordered list of all LSMs, not just the single "exclusive" LSM. This means that the "minor" LSMs can now be disabled at boot time by omitting them from the commandline. Additionally LSM ordering becomes entirely mutable for LSMs with LSM_ORDER_MUTABLE ("capability" is not mutable and is always enabled first). Signed-off-by: Kees Cook --- .../admin-guide/kernel-parameters.txt | 13 +- security/security.c | 145 ++ 2 files changed, 126 insertions(+), 32 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 9871e649ffef..6d6bb9481193 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -4027,11 +4027,14 @@ Note: increases power consumption, thus should only be enabled if running jitter sensitive (HPC/RT) workloads. - security= [SECURITY] Choose a security module to enable at boot. - If this boot parameter is not specified, only the first - security module asking for security registration will be - loaded. An invalid security module name will be treated - as if no module has been chosen. + security= [SECURITY] An ordered comma-separated list of + security modules to attempt to enable at boot. If + this boot parameter is not specified, only the + security modules asking for initialization will be + enabled (see CONFIG_DEFAULT_SECURITY). Duplicate + or invalid security modules will be ignored. The + capability module is always loaded first, without + regard to this parameter. selinux=[SELINUX] Disable or enable SELinux at boot time. Format: { "0" | "1" } diff --git a/security/security.c b/security/security.c index 67532326a0ce..f09a4bb3cb86 100644 --- a/security/security.c +++ b/security/security.c @@ -32,17 +32,18 @@ #define MAX_LSM_EVM_XATTR 2 -/* Maximum number of letters for an LSM name string */ -#define SECURITY_NAME_MAX 10 +/* How many LSMs were built into the kernel? */ +#define LSM_COUNT (__end_lsm_info - __start_lsm_info) struct security_hook_heads security_hook_heads __lsm_ro_after_init; static ATOMIC_NOTIFIER_HEAD(lsm_notifier_chain); char *lsm_names; /* Boot-time LSM user choice */ -static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = - CONFIG_DEFAULT_SECURITY; +static const char *bootparam_lsms; +/* Ordered list of possible LSMs to initialize. */ +static struct lsm_info **possible_lsms __initdata; static struct lsm_info *exclusive __initdata; /* Mark an LSM's enabled flag, if it exists. */ @@ -52,6 +53,108 @@ static void __init set_enabled(struct lsm_info *lsm, bool enabled) *lsm->enabled = enabled; } +/* Is an LSM already listed in the possible LSMs list? */ +static bool __init possible_lsm(struct lsm_info *lsm) +{ + struct lsm_info **check; + + for (check = possible_lsms; *check; check++) + if (*check == lsm) + return true; + + return false; +} + +/* Append an LSM to the list of possible LSMs to initialize. */ +static int last_lsm __initdata; +static void __init append_possible_lsm(struct lsm_info *lsm, const char *from) +{ + /* Ignore duplicate selections. */ + if (possible_lsm(lsm)) { + return; + } + + if (WARN(last_lsm == LSM_COUNT, "%s: out of LSM slots!?\n", from)) + return; + + possible_lsms[last_lsm++] = lsm; +} + +/* Default boot: populate possible LSMs list with builtin ordering. */ +static void __init prepare_lsm_order_builtin(void) +{ + struct lsm_info *lsm; + + /* All minor LSMs should go next. */ + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (lsm->type == LSM_TYPE_MINOR && + lsm->order == LSM_ORDER_MUTABLE) + append_possible_lsm(lsm, "builtin minor"); + } + + /* Then the CONFIG_DEFAULT_SECURITY exclusive LSM. */ + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (lsm->type == LSM_TYPE_EXCLUSIVE && + !strcmp(CONFIG_DEFAULT_SECURITY, lsm->name)) + append_possible_lsm(lsm, "builtin default"); + } + + /* Then other exclusive LSMs, in case above is disabled. */ + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (lsm->type == LSM_TYPE_EXCLUSIVE && +
[PATCH 16/18] LSM: Allow arbitrary LSM ordering
To prepare for having a third type of LSM ("shared blob"), this implements dynamic handling of LSM ordering. The visible change here is that the "security=" boot commandline is now a comma-separated ordered list of all LSMs, not just the single "exclusive" LSM. This means that the "minor" LSMs can now be disabled at boot time by omitting them from the commandline. Additionally LSM ordering becomes entirely mutable for LSMs with LSM_ORDER_MUTABLE ("capability" is not mutable and is always enabled first). Signed-off-by: Kees Cook --- .../admin-guide/kernel-parameters.txt | 13 +- security/security.c | 145 ++ 2 files changed, 126 insertions(+), 32 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 9871e649ffef..6d6bb9481193 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -4027,11 +4027,14 @@ Note: increases power consumption, thus should only be enabled if running jitter sensitive (HPC/RT) workloads. - security= [SECURITY] Choose a security module to enable at boot. - If this boot parameter is not specified, only the first - security module asking for security registration will be - loaded. An invalid security module name will be treated - as if no module has been chosen. + security= [SECURITY] An ordered comma-separated list of + security modules to attempt to enable at boot. If + this boot parameter is not specified, only the + security modules asking for initialization will be + enabled (see CONFIG_DEFAULT_SECURITY). Duplicate + or invalid security modules will be ignored. The + capability module is always loaded first, without + regard to this parameter. selinux=[SELINUX] Disable or enable SELinux at boot time. Format: { "0" | "1" } diff --git a/security/security.c b/security/security.c index 67532326a0ce..f09a4bb3cb86 100644 --- a/security/security.c +++ b/security/security.c @@ -32,17 +32,18 @@ #define MAX_LSM_EVM_XATTR 2 -/* Maximum number of letters for an LSM name string */ -#define SECURITY_NAME_MAX 10 +/* How many LSMs were built into the kernel? */ +#define LSM_COUNT (__end_lsm_info - __start_lsm_info) struct security_hook_heads security_hook_heads __lsm_ro_after_init; static ATOMIC_NOTIFIER_HEAD(lsm_notifier_chain); char *lsm_names; /* Boot-time LSM user choice */ -static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = - CONFIG_DEFAULT_SECURITY; +static const char *bootparam_lsms; +/* Ordered list of possible LSMs to initialize. */ +static struct lsm_info **possible_lsms __initdata; static struct lsm_info *exclusive __initdata; /* Mark an LSM's enabled flag, if it exists. */ @@ -52,6 +53,108 @@ static void __init set_enabled(struct lsm_info *lsm, bool enabled) *lsm->enabled = enabled; } +/* Is an LSM already listed in the possible LSMs list? */ +static bool __init possible_lsm(struct lsm_info *lsm) +{ + struct lsm_info **check; + + for (check = possible_lsms; *check; check++) + if (*check == lsm) + return true; + + return false; +} + +/* Append an LSM to the list of possible LSMs to initialize. */ +static int last_lsm __initdata; +static void __init append_possible_lsm(struct lsm_info *lsm, const char *from) +{ + /* Ignore duplicate selections. */ + if (possible_lsm(lsm)) { + return; + } + + if (WARN(last_lsm == LSM_COUNT, "%s: out of LSM slots!?\n", from)) + return; + + possible_lsms[last_lsm++] = lsm; +} + +/* Default boot: populate possible LSMs list with builtin ordering. */ +static void __init prepare_lsm_order_builtin(void) +{ + struct lsm_info *lsm; + + /* All minor LSMs should go next. */ + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (lsm->type == LSM_TYPE_MINOR && + lsm->order == LSM_ORDER_MUTABLE) + append_possible_lsm(lsm, "builtin minor"); + } + + /* Then the CONFIG_DEFAULT_SECURITY exclusive LSM. */ + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (lsm->type == LSM_TYPE_EXCLUSIVE && + !strcmp(CONFIG_DEFAULT_SECURITY, lsm->name)) + append_possible_lsm(lsm, "builtin default"); + } + + /* Then other exclusive LSMs, in case above is disabled. */ + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (lsm->type == LSM_TYPE_EXCLUSIVE && +
[PATCH 00/18] LSM: Prepare for explict LSM ordering
This refactors the LSM registration and initialization infrastructure to more centrally support different LSM types. What was considered a "major" LSM is split into "exclusive" and future "blob sharing" (to be added later). The "minor" LSMs become more well defined as a result. Instead of continuing to (somewhat improperly) overload the kernel's initcall system, this changes the LSM infrastructure to store a registration structure (struct lsm_info) table instead, where metadata about each LSM can be recorded (name, type, order, enable flag, init function). This can be extended in the future to include things like required blob size for the coming "blob sharing" LSMs. The "major" LSMs had to individually negotiate which of them should be enabled. This didn't provide a way to negotiate combinations of other LSMs (as will be needed for "blob sharing" LSMs). This is solved by providing the LSM infrastructure with all the details needed to make the choice (exposing the per-LSM "enabled" flag, if used, the LSM type, and ordering expectations). In better defining the "minor" LSMs, it was possible to remove the open-coded security_add_hooks() calls for "capability", "yama", and "loadpin", and to redefine "integrity" properly as a "minor" LSM (it actually defines _no_ hooks, but needs the early initialization). With all LSMs being proessed centrally, it was possible to implement sensible parsing of the "security=" boot commandline argument to provide explicit ordering, which is helpful for the future "blob sharing" LSMs. To better show LSMs activation some debug reporting was added (enabled with the "lsm.debug" boot commandline option). Finally, I added a WARN() around LSM initialization failures, which appear to have always been silently ignored. (Realistically any LSM init failures would have only been due to catastrophic kernel issues that would render a system unworkable anyway, but it'd be better to expose the problem as early as possible.) -Kees Kees Cook (18): vmlinux.lds.h: Avoid copy/paste of security_init section LSM: Rename .security_initcall section to .lsm_info LSM: Remove initcall tracing LSM: Convert from initcall to struct lsm_info vmlinux.lds.h: Move LSM_TABLE into INIT_DATA LSM: Convert security_initcall() into DEFINE_LSM() LSM: Add minor LSM initialization loop integrity: Initialize as LSM_TYPE_MINOR LSM: Record LSM name in struct lsm_info LSM: Plumb visibility into optional "enabled" state LSM: Lift LSM selection out of individual LSMs LSM: Introduce ordering details in struct lsm_info LoadPin: Initialize as LSM_TYPE_MINOR Yama: Initialize as LSM_TYPE_MINOR capability: Initialize as LSM_TYPE_MINOR LSM: Allow arbitrary LSM ordering LSM: Provide init debugging LSM: Don't ignore initialization failures .../admin-guide/kernel-parameters.txt | 15 +- arch/arc/kernel/vmlinux.lds.S | 1 - arch/arm/kernel/vmlinux-xip.lds.S | 1 - arch/arm64/kernel/vmlinux.lds.S | 1 - arch/h8300/kernel/vmlinux.lds.S | 1 - arch/microblaze/kernel/vmlinux.lds.S | 2 - arch/powerpc/kernel/vmlinux.lds.S | 2 - arch/um/include/asm/common.lds.S | 2 - arch/xtensa/kernel/vmlinux.lds.S | 1 - include/asm-generic/vmlinux.lds.h | 25 +- include/linux/init.h | 2 - include/linux/lsm_hooks.h | 45 +++- include/linux/module.h| 1 - security/apparmor/lsm.c | 15 +- security/commoncap.c | 9 +- security/integrity/iint.c | 6 +- security/loadpin/loadpin.c| 11 +- security/security.c | 252 ++ security/selinux/hooks.c | 15 +- security/smack/smack_lsm.c| 7 +- security/tomoyo/tomoyo.c | 6 +- security/yama/yama_lsm.c | 8 +- 22 files changed, 295 insertions(+), 133 deletions(-) -- 2.17.1
[PATCH 06/18] LSM: Convert security_initcall() into DEFINE_LSM()
Instead of using argument-based initializers, switch to defining the contents of struct lsm_info on a per-LSM basis. This also drops the final use of the now inaccurate "initcall" naming. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 6 -- security/apparmor/lsm.c| 4 +++- security/integrity/iint.c | 4 +++- security/selinux/hooks.c | 4 +++- security/smack/smack_lsm.c | 4 +++- security/tomoyo/tomoyo.c | 4 +++- 6 files changed, 19 insertions(+), 7 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index f3ddf9fdbdce..f8e618e2bdd2 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2045,11 +2045,13 @@ struct lsm_info { extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; -#define security_initcall(lsm) \ +#define DEFINE_LSM(lsm) \ static const struct lsm_info __lsm_##lsm\ __used __section(.lsm_info.init)\ __aligned(sizeof(unsigned long))\ - = { .init = lsm, } + = { \ + +#define END_LSM } #ifdef CONFIG_SECURITY_SELINUX_DISABLE /* diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 8b8b70620bbe..7fa7b4464cf4 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1606,4 +1606,6 @@ static int __init apparmor_init(void) return error; } -security_initcall(apparmor_init); +DEFINE_LSM(apparmor) + .init = apparmor_init, +END_LSM; diff --git a/security/integrity/iint.c b/security/integrity/iint.c index 70d21b566955..20e60df929a3 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -175,7 +175,9 @@ static int __init integrity_iintcache_init(void) 0, SLAB_PANIC, init_once); return 0; } -security_initcall(integrity_iintcache_init); +DEFINE_LSM(integrity) + .init = integrity_iintcache_init, +END_LSM; /* diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ad9a9b8e9979..469a90806bc6 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -7202,7 +7202,9 @@ void selinux_complete_init(void) /* SELinux requires early initialization in order to label all processes and objects when they are created. */ -security_initcall(selinux_init); +DEFINE_LSM(selinux) + .init = selinux_init, +END_LSM; #if defined(CONFIG_NETFILTER) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 340fc30ad85d..1e1ace718e75 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4882,4 +4882,6 @@ static __init int smack_init(void) * Smack requires early initialization in order to label * all processes and objects when they are created. */ -security_initcall(smack_init); +DEFINE_LSM(smack) + .init = smack_init, +END_LSM; diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 9f932e2d6852..a280d4eab456 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -550,4 +550,6 @@ static int __init tomoyo_init(void) return 0; } -security_initcall(tomoyo_init); +DEFINE_LSM(tomoyo) + .init = tomoyo_init, +END_LSM; -- 2.17.1
[PATCH 08/18] integrity: Initialize as LSM_TYPE_MINOR
The integrity LSM isn't really an LSM in that it never calls security_add_hooks(), but it uses the early security init because its hooks need to run before the VFS layer initializes. This is the very definition of a non-exclusive LSM, so mark it as such. Signed-off-by: Kees Cook --- security/integrity/iint.c | 1 + 1 file changed, 1 insertion(+) diff --git a/security/integrity/iint.c b/security/integrity/iint.c index 20e60df929a3..d886183848c4 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -176,6 +176,7 @@ static int __init integrity_iintcache_init(void) return 0; } DEFINE_LSM(integrity) + .type = LSM_TYPE_MINOR, .init = integrity_iintcache_init, END_LSM; -- 2.17.1
[PATCH 01/18] vmlinux.lds.h: Avoid copy/paste of security_init section
Avoid copy/paste by defining SECURITY_INIT in terms of SECURITY_INITCALL. Signed-off-by: Kees Cook --- include/asm-generic/vmlinux.lds.h | 13 ++--- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h index 7b75ff6e2fce..934a45395547 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -473,13 +473,6 @@ #define RODATA RO_DATA_SECTION(4096) #define RO_DATA(align) RO_DATA_SECTION(align) -#define SECURITY_INIT \ - .security_initcall.init : AT(ADDR(.security_initcall.init) - LOAD_OFFSET) { \ - __security_initcall_start = .; \ - KEEP(*(.security_initcall.init))\ - __security_initcall_end = .;\ - } - /* * .text section. Map to function alignment to avoid address changes * during second ld run in second ld pass when generating System.map @@ -798,6 +791,12 @@ KEEP(*(.security_initcall.init))\ __security_initcall_end = .; +/* Older linker script style for security init. */ +#define SECURITY_INIT \ + .security_initcall.init : AT(ADDR(.security_initcall.init) - LOAD_OFFSET) { \ + SECURITY_INITCALL \ + } + #ifdef CONFIG_BLK_DEV_INITRD #define INIT_RAM_FS\ . = ALIGN(4); \ -- 2.17.1
[PATCH 02/18] LSM: Rename .security_initcall section to .lsm_info
In preparation for switching from initcall to just a regular set of pointers in a section, rename the internal section name. Signed-off-by: Kees Cook --- include/asm-generic/vmlinux.lds.h | 10 +- include/linux/init.h | 4 ++-- security/security.c | 4 ++-- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h index 934a45395547..5079a969e612 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -787,14 +787,14 @@ __con_initcall_end = .; #define SECURITY_INITCALL \ - __security_initcall_start = .; \ - KEEP(*(.security_initcall.init))\ - __security_initcall_end = .; + __start_lsm_info = .; \ + KEEP(*(.lsm_info.init)) \ + __end_lsm_info = .; /* Older linker script style for security init. */ #define SECURITY_INIT \ - .security_initcall.init : AT(ADDR(.security_initcall.init) - LOAD_OFFSET) { \ - SECURITY_INITCALL \ + .lsm_info.init : AT(ADDR(.lsm_info.init) - LOAD_OFFSET) { \ + LSM_INFO\ } #ifdef CONFIG_BLK_DEV_INITRD diff --git a/include/linux/init.h b/include/linux/init.h index 2538d176dd1f..77636539e77c 100644 --- a/include/linux/init.h +++ b/include/linux/init.h @@ -133,7 +133,7 @@ static inline initcall_t initcall_from_entry(initcall_entry_t *entry) #endif extern initcall_entry_t __con_initcall_start[], __con_initcall_end[]; -extern initcall_entry_t __security_initcall_start[], __security_initcall_end[]; +extern initcall_entry_t __start_lsm_info[], __end_lsm_info[]; /* Used for contructor calls. */ typedef void (*ctor_fn_t)(void); @@ -236,7 +236,7 @@ extern bool initcall_debug; static exitcall_t __exitcall_##fn __exit_call = fn #define console_initcall(fn) ___define_initcall(fn,, .con_initcall) -#define security_initcall(fn) ___define_initcall(fn,, .security_initcall) +#define security_initcall(fn) ___define_initcall(fn,, .lsm_info) struct obs_kernel_param { const char *str; diff --git a/security/security.c b/security/security.c index 736e78da1ab9..d49d5ff8be4b 100644 --- a/security/security.c +++ b/security/security.c @@ -51,9 +51,9 @@ static void __init do_security_initcalls(void) initcall_t call; initcall_entry_t *ce; - ce = __security_initcall_start; + ce = __start_lsm_info; trace_initcall_level("security"); - while (ce < __security_initcall_end) { + while (ce < __end_lsm_info) { call = initcall_from_entry(ce); trace_initcall_start(call); ret = call(); -- 2.17.1
[PATCH 00/18] LSM: Prepare for explict LSM ordering
This refactors the LSM registration and initialization infrastructure to more centrally support different LSM types. What was considered a "major" LSM is split into "exclusive" and future "blob sharing" (to be added later). The "minor" LSMs become more well defined as a result. Instead of continuing to (somewhat improperly) overload the kernel's initcall system, this changes the LSM infrastructure to store a registration structure (struct lsm_info) table instead, where metadata about each LSM can be recorded (name, type, order, enable flag, init function). This can be extended in the future to include things like required blob size for the coming "blob sharing" LSMs. The "major" LSMs had to individually negotiate which of them should be enabled. This didn't provide a way to negotiate combinations of other LSMs (as will be needed for "blob sharing" LSMs). This is solved by providing the LSM infrastructure with all the details needed to make the choice (exposing the per-LSM "enabled" flag, if used, the LSM type, and ordering expectations). In better defining the "minor" LSMs, it was possible to remove the open-coded security_add_hooks() calls for "capability", "yama", and "loadpin", and to redefine "integrity" properly as a "minor" LSM (it actually defines _no_ hooks, but needs the early initialization). With all LSMs being proessed centrally, it was possible to implement sensible parsing of the "security=" boot commandline argument to provide explicit ordering, which is helpful for the future "blob sharing" LSMs. To better show LSMs activation some debug reporting was added (enabled with the "lsm.debug" boot commandline option). Finally, I added a WARN() around LSM initialization failures, which appear to have always been silently ignored. (Realistically any LSM init failures would have only been due to catastrophic kernel issues that would render a system unworkable anyway, but it'd be better to expose the problem as early as possible.) -Kees Kees Cook (18): vmlinux.lds.h: Avoid copy/paste of security_init section LSM: Rename .security_initcall section to .lsm_info LSM: Remove initcall tracing LSM: Convert from initcall to struct lsm_info vmlinux.lds.h: Move LSM_TABLE into INIT_DATA LSM: Convert security_initcall() into DEFINE_LSM() LSM: Add minor LSM initialization loop integrity: Initialize as LSM_TYPE_MINOR LSM: Record LSM name in struct lsm_info LSM: Plumb visibility into optional "enabled" state LSM: Lift LSM selection out of individual LSMs LSM: Introduce ordering details in struct lsm_info LoadPin: Initialize as LSM_TYPE_MINOR Yama: Initialize as LSM_TYPE_MINOR capability: Initialize as LSM_TYPE_MINOR LSM: Allow arbitrary LSM ordering LSM: Provide init debugging LSM: Don't ignore initialization failures .../admin-guide/kernel-parameters.txt | 15 +- arch/arc/kernel/vmlinux.lds.S | 1 - arch/arm/kernel/vmlinux-xip.lds.S | 1 - arch/arm64/kernel/vmlinux.lds.S | 1 - arch/h8300/kernel/vmlinux.lds.S | 1 - arch/microblaze/kernel/vmlinux.lds.S | 2 - arch/powerpc/kernel/vmlinux.lds.S | 2 - arch/um/include/asm/common.lds.S | 2 - arch/xtensa/kernel/vmlinux.lds.S | 1 - include/asm-generic/vmlinux.lds.h | 25 +- include/linux/init.h | 2 - include/linux/lsm_hooks.h | 45 +++- include/linux/module.h| 1 - security/apparmor/lsm.c | 15 +- security/commoncap.c | 9 +- security/integrity/iint.c | 6 +- security/loadpin/loadpin.c| 11 +- security/security.c | 252 ++ security/selinux/hooks.c | 15 +- security/smack/smack_lsm.c| 7 +- security/tomoyo/tomoyo.c | 6 +- security/yama/yama_lsm.c | 8 +- 22 files changed, 295 insertions(+), 133 deletions(-) -- 2.17.1
[PATCH 06/18] LSM: Convert security_initcall() into DEFINE_LSM()
Instead of using argument-based initializers, switch to defining the contents of struct lsm_info on a per-LSM basis. This also drops the final use of the now inaccurate "initcall" naming. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 6 -- security/apparmor/lsm.c| 4 +++- security/integrity/iint.c | 4 +++- security/selinux/hooks.c | 4 +++- security/smack/smack_lsm.c | 4 +++- security/tomoyo/tomoyo.c | 4 +++- 6 files changed, 19 insertions(+), 7 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index f3ddf9fdbdce..f8e618e2bdd2 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2045,11 +2045,13 @@ struct lsm_info { extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; -#define security_initcall(lsm) \ +#define DEFINE_LSM(lsm) \ static const struct lsm_info __lsm_##lsm\ __used __section(.lsm_info.init)\ __aligned(sizeof(unsigned long))\ - = { .init = lsm, } + = { \ + +#define END_LSM } #ifdef CONFIG_SECURITY_SELINUX_DISABLE /* diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 8b8b70620bbe..7fa7b4464cf4 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1606,4 +1606,6 @@ static int __init apparmor_init(void) return error; } -security_initcall(apparmor_init); +DEFINE_LSM(apparmor) + .init = apparmor_init, +END_LSM; diff --git a/security/integrity/iint.c b/security/integrity/iint.c index 70d21b566955..20e60df929a3 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -175,7 +175,9 @@ static int __init integrity_iintcache_init(void) 0, SLAB_PANIC, init_once); return 0; } -security_initcall(integrity_iintcache_init); +DEFINE_LSM(integrity) + .init = integrity_iintcache_init, +END_LSM; /* diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ad9a9b8e9979..469a90806bc6 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -7202,7 +7202,9 @@ void selinux_complete_init(void) /* SELinux requires early initialization in order to label all processes and objects when they are created. */ -security_initcall(selinux_init); +DEFINE_LSM(selinux) + .init = selinux_init, +END_LSM; #if defined(CONFIG_NETFILTER) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 340fc30ad85d..1e1ace718e75 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -4882,4 +4882,6 @@ static __init int smack_init(void) * Smack requires early initialization in order to label * all processes and objects when they are created. */ -security_initcall(smack_init); +DEFINE_LSM(smack) + .init = smack_init, +END_LSM; diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index 9f932e2d6852..a280d4eab456 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c @@ -550,4 +550,6 @@ static int __init tomoyo_init(void) return 0; } -security_initcall(tomoyo_init); +DEFINE_LSM(tomoyo) + .init = tomoyo_init, +END_LSM; -- 2.17.1
[PATCH 08/18] integrity: Initialize as LSM_TYPE_MINOR
The integrity LSM isn't really an LSM in that it never calls security_add_hooks(), but it uses the early security init because its hooks need to run before the VFS layer initializes. This is the very definition of a non-exclusive LSM, so mark it as such. Signed-off-by: Kees Cook --- security/integrity/iint.c | 1 + 1 file changed, 1 insertion(+) diff --git a/security/integrity/iint.c b/security/integrity/iint.c index 20e60df929a3..d886183848c4 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -176,6 +176,7 @@ static int __init integrity_iintcache_init(void) return 0; } DEFINE_LSM(integrity) + .type = LSM_TYPE_MINOR, .init = integrity_iintcache_init, END_LSM; -- 2.17.1
[PATCH 01/18] vmlinux.lds.h: Avoid copy/paste of security_init section
Avoid copy/paste by defining SECURITY_INIT in terms of SECURITY_INITCALL. Signed-off-by: Kees Cook --- include/asm-generic/vmlinux.lds.h | 13 ++--- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h index 7b75ff6e2fce..934a45395547 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -473,13 +473,6 @@ #define RODATA RO_DATA_SECTION(4096) #define RO_DATA(align) RO_DATA_SECTION(align) -#define SECURITY_INIT \ - .security_initcall.init : AT(ADDR(.security_initcall.init) - LOAD_OFFSET) { \ - __security_initcall_start = .; \ - KEEP(*(.security_initcall.init))\ - __security_initcall_end = .;\ - } - /* * .text section. Map to function alignment to avoid address changes * during second ld run in second ld pass when generating System.map @@ -798,6 +791,12 @@ KEEP(*(.security_initcall.init))\ __security_initcall_end = .; +/* Older linker script style for security init. */ +#define SECURITY_INIT \ + .security_initcall.init : AT(ADDR(.security_initcall.init) - LOAD_OFFSET) { \ + SECURITY_INITCALL \ + } + #ifdef CONFIG_BLK_DEV_INITRD #define INIT_RAM_FS\ . = ALIGN(4); \ -- 2.17.1
[PATCH 02/18] LSM: Rename .security_initcall section to .lsm_info
In preparation for switching from initcall to just a regular set of pointers in a section, rename the internal section name. Signed-off-by: Kees Cook --- include/asm-generic/vmlinux.lds.h | 10 +- include/linux/init.h | 4 ++-- security/security.c | 4 ++-- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h index 934a45395547..5079a969e612 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -787,14 +787,14 @@ __con_initcall_end = .; #define SECURITY_INITCALL \ - __security_initcall_start = .; \ - KEEP(*(.security_initcall.init))\ - __security_initcall_end = .; + __start_lsm_info = .; \ + KEEP(*(.lsm_info.init)) \ + __end_lsm_info = .; /* Older linker script style for security init. */ #define SECURITY_INIT \ - .security_initcall.init : AT(ADDR(.security_initcall.init) - LOAD_OFFSET) { \ - SECURITY_INITCALL \ + .lsm_info.init : AT(ADDR(.lsm_info.init) - LOAD_OFFSET) { \ + LSM_INFO\ } #ifdef CONFIG_BLK_DEV_INITRD diff --git a/include/linux/init.h b/include/linux/init.h index 2538d176dd1f..77636539e77c 100644 --- a/include/linux/init.h +++ b/include/linux/init.h @@ -133,7 +133,7 @@ static inline initcall_t initcall_from_entry(initcall_entry_t *entry) #endif extern initcall_entry_t __con_initcall_start[], __con_initcall_end[]; -extern initcall_entry_t __security_initcall_start[], __security_initcall_end[]; +extern initcall_entry_t __start_lsm_info[], __end_lsm_info[]; /* Used for contructor calls. */ typedef void (*ctor_fn_t)(void); @@ -236,7 +236,7 @@ extern bool initcall_debug; static exitcall_t __exitcall_##fn __exit_call = fn #define console_initcall(fn) ___define_initcall(fn,, .con_initcall) -#define security_initcall(fn) ___define_initcall(fn,, .security_initcall) +#define security_initcall(fn) ___define_initcall(fn,, .lsm_info) struct obs_kernel_param { const char *str; diff --git a/security/security.c b/security/security.c index 736e78da1ab9..d49d5ff8be4b 100644 --- a/security/security.c +++ b/security/security.c @@ -51,9 +51,9 @@ static void __init do_security_initcalls(void) initcall_t call; initcall_entry_t *ce; - ce = __security_initcall_start; + ce = __start_lsm_info; trace_initcall_level("security"); - while (ce < __security_initcall_end) { + while (ce < __end_lsm_info) { call = initcall_from_entry(ce); trace_initcall_start(call); ret = call(); -- 2.17.1
[PATCH 05/18] vmlinux.lds.h: Move LSM_TABLE into INIT_DATA
Since the struct lsm_info table is not an initcall, we can just move it into INIT_DATA like all the other tables. Cc: linux-a...@vger.kernel.org Signed-off-by: Kees Cook --- arch/arc/kernel/vmlinux.lds.S| 1 - arch/arm/kernel/vmlinux-xip.lds.S| 1 - arch/arm64/kernel/vmlinux.lds.S | 1 - arch/h8300/kernel/vmlinux.lds.S | 1 - arch/microblaze/kernel/vmlinux.lds.S | 2 -- arch/powerpc/kernel/vmlinux.lds.S| 2 -- arch/um/include/asm/common.lds.S | 2 -- arch/xtensa/kernel/vmlinux.lds.S | 1 - include/asm-generic/vmlinux.lds.h| 24 +++- 9 files changed, 11 insertions(+), 24 deletions(-) diff --git a/arch/arc/kernel/vmlinux.lds.S b/arch/arc/kernel/vmlinux.lds.S index f35ed578e007..8fb16bdabdcf 100644 --- a/arch/arc/kernel/vmlinux.lds.S +++ b/arch/arc/kernel/vmlinux.lds.S @@ -71,7 +71,6 @@ SECTIONS INIT_SETUP(L1_CACHE_BYTES) INIT_CALLS CON_INITCALL - SECURITY_INITCALL } .init.arch.info : { diff --git a/arch/arm/kernel/vmlinux-xip.lds.S b/arch/arm/kernel/vmlinux-xip.lds.S index 3593d5c1acd2..8c74037ade22 100644 --- a/arch/arm/kernel/vmlinux-xip.lds.S +++ b/arch/arm/kernel/vmlinux-xip.lds.S @@ -96,7 +96,6 @@ SECTIONS INIT_SETUP(16) INIT_CALLS CON_INITCALL - SECURITY_INITCALL INIT_RAM_FS } diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S index 605d1b60469c..7d23d591b03c 100644 --- a/arch/arm64/kernel/vmlinux.lds.S +++ b/arch/arm64/kernel/vmlinux.lds.S @@ -166,7 +166,6 @@ SECTIONS INIT_SETUP(16) INIT_CALLS CON_INITCALL - SECURITY_INITCALL INIT_RAM_FS *(.init.rodata.* .init.bss) /* from the EFI stub */ } diff --git a/arch/h8300/kernel/vmlinux.lds.S b/arch/h8300/kernel/vmlinux.lds.S index 35716a3048de..49f716c0a1df 100644 --- a/arch/h8300/kernel/vmlinux.lds.S +++ b/arch/h8300/kernel/vmlinux.lds.S @@ -56,7 +56,6 @@ SECTIONS __init_begin = .; INIT_TEXT_SECTION(4) INIT_DATA_SECTION(4) - SECURITY_INIT __init_end = .; _edata = . ; _begin_data = LOADADDR(.data); diff --git a/arch/microblaze/kernel/vmlinux.lds.S b/arch/microblaze/kernel/vmlinux.lds.S index 289d0e7f3e3a..e1f3e8741292 100644 --- a/arch/microblaze/kernel/vmlinux.lds.S +++ b/arch/microblaze/kernel/vmlinux.lds.S @@ -117,8 +117,6 @@ SECTIONS { CON_INITCALL } - SECURITY_INIT - __init_end_before_initramfs = .; .init.ramfs : AT(ADDR(.init.ramfs) - LOAD_OFFSET) { diff --git a/arch/powerpc/kernel/vmlinux.lds.S b/arch/powerpc/kernel/vmlinux.lds.S index 07ae018e550e..105a976323aa 100644 --- a/arch/powerpc/kernel/vmlinux.lds.S +++ b/arch/powerpc/kernel/vmlinux.lds.S @@ -212,8 +212,6 @@ SECTIONS CON_INITCALL } - SECURITY_INIT - . = ALIGN(8); __ftr_fixup : AT(ADDR(__ftr_fixup) - LOAD_OFFSET) { __start___ftr_fixup = .; diff --git a/arch/um/include/asm/common.lds.S b/arch/um/include/asm/common.lds.S index 7adb4e6b658a..4049f2c46387 100644 --- a/arch/um/include/asm/common.lds.S +++ b/arch/um/include/asm/common.lds.S @@ -53,8 +53,6 @@ CON_INITCALL } - SECURITY_INIT - .exitcall : { __exitcall_begin = .; *(.exitcall.exit) diff --git a/arch/xtensa/kernel/vmlinux.lds.S b/arch/xtensa/kernel/vmlinux.lds.S index a1c3edb8ad56..b727b18a68ac 100644 --- a/arch/xtensa/kernel/vmlinux.lds.S +++ b/arch/xtensa/kernel/vmlinux.lds.S @@ -197,7 +197,6 @@ SECTIONS INIT_SETUP(XCHAL_ICACHE_LINESIZE) INIT_CALLS CON_INITCALL -SECURITY_INITCALL INIT_RAM_FS } diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h index 5079a969e612..b31ea8bdfef9 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -203,6 +203,15 @@ #define EARLYCON_TABLE() #endif +#ifdef CONFIG_SECURITY +#define LSM_TABLE(). = ALIGN(8); \ + __start_lsm_info = .; \ + KEEP(*(.lsm_info.init)) \ + __end_lsm_info = .; +#else +#define LSM_TABLE() +#endif + #define ___OF_TABLE(cfg, name) _OF_TABLE_##cfg(name) #define __OF_TABLE(cfg, name) ___OF_TABLE(cfg, name) #define OF_TABLE(cfg, name)__OF_TABLE(IS_ENABLED(cfg), name) @@ -597,7 +606,8 @@ IRQCHIP_OF_MATCH_TABLE()\ ACPI_PROBE_TABLE(irqchip) \ ACPI_PROBE_TABLE(timer) \ - EARLYCON_TABLE() + EARLYCON_TABLE()\ + LSM_TABLE() #define INIT_TEXT
[PATCH 09/18] LSM: Record LSM name in struct lsm_info
In preparation for making LSM selections outside of the LSMs, include the name of LSMs in struct lsm_info. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 4 1 file changed, 4 insertions(+) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index ec3419b9b16f..a7833193e9e9 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2045,6 +2045,7 @@ enum lsm_type { }; struct lsm_info { + const char *name; /* Populated automatically. */ enum lsm_type type; /* Optional: default is LSM_TYPE_EXCLUSIVE */ int (*init)(void); }; @@ -2052,10 +2053,13 @@ struct lsm_info { extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; #define DEFINE_LSM(lsm) \ + static const char __lsm_name_##lsm[] __initconst\ + __aligned(1) = #lsm;\ static const struct lsm_info __lsm_##lsm\ __used __section(.lsm_info.init)\ __aligned(sizeof(unsigned long))\ = { \ + .name = __lsm_name_##lsm, \ #define END_LSM } -- 2.17.1
[PATCH 05/18] vmlinux.lds.h: Move LSM_TABLE into INIT_DATA
Since the struct lsm_info table is not an initcall, we can just move it into INIT_DATA like all the other tables. Cc: linux-a...@vger.kernel.org Signed-off-by: Kees Cook --- arch/arc/kernel/vmlinux.lds.S| 1 - arch/arm/kernel/vmlinux-xip.lds.S| 1 - arch/arm64/kernel/vmlinux.lds.S | 1 - arch/h8300/kernel/vmlinux.lds.S | 1 - arch/microblaze/kernel/vmlinux.lds.S | 2 -- arch/powerpc/kernel/vmlinux.lds.S| 2 -- arch/um/include/asm/common.lds.S | 2 -- arch/xtensa/kernel/vmlinux.lds.S | 1 - include/asm-generic/vmlinux.lds.h| 24 +++- 9 files changed, 11 insertions(+), 24 deletions(-) diff --git a/arch/arc/kernel/vmlinux.lds.S b/arch/arc/kernel/vmlinux.lds.S index f35ed578e007..8fb16bdabdcf 100644 --- a/arch/arc/kernel/vmlinux.lds.S +++ b/arch/arc/kernel/vmlinux.lds.S @@ -71,7 +71,6 @@ SECTIONS INIT_SETUP(L1_CACHE_BYTES) INIT_CALLS CON_INITCALL - SECURITY_INITCALL } .init.arch.info : { diff --git a/arch/arm/kernel/vmlinux-xip.lds.S b/arch/arm/kernel/vmlinux-xip.lds.S index 3593d5c1acd2..8c74037ade22 100644 --- a/arch/arm/kernel/vmlinux-xip.lds.S +++ b/arch/arm/kernel/vmlinux-xip.lds.S @@ -96,7 +96,6 @@ SECTIONS INIT_SETUP(16) INIT_CALLS CON_INITCALL - SECURITY_INITCALL INIT_RAM_FS } diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S index 605d1b60469c..7d23d591b03c 100644 --- a/arch/arm64/kernel/vmlinux.lds.S +++ b/arch/arm64/kernel/vmlinux.lds.S @@ -166,7 +166,6 @@ SECTIONS INIT_SETUP(16) INIT_CALLS CON_INITCALL - SECURITY_INITCALL INIT_RAM_FS *(.init.rodata.* .init.bss) /* from the EFI stub */ } diff --git a/arch/h8300/kernel/vmlinux.lds.S b/arch/h8300/kernel/vmlinux.lds.S index 35716a3048de..49f716c0a1df 100644 --- a/arch/h8300/kernel/vmlinux.lds.S +++ b/arch/h8300/kernel/vmlinux.lds.S @@ -56,7 +56,6 @@ SECTIONS __init_begin = .; INIT_TEXT_SECTION(4) INIT_DATA_SECTION(4) - SECURITY_INIT __init_end = .; _edata = . ; _begin_data = LOADADDR(.data); diff --git a/arch/microblaze/kernel/vmlinux.lds.S b/arch/microblaze/kernel/vmlinux.lds.S index 289d0e7f3e3a..e1f3e8741292 100644 --- a/arch/microblaze/kernel/vmlinux.lds.S +++ b/arch/microblaze/kernel/vmlinux.lds.S @@ -117,8 +117,6 @@ SECTIONS { CON_INITCALL } - SECURITY_INIT - __init_end_before_initramfs = .; .init.ramfs : AT(ADDR(.init.ramfs) - LOAD_OFFSET) { diff --git a/arch/powerpc/kernel/vmlinux.lds.S b/arch/powerpc/kernel/vmlinux.lds.S index 07ae018e550e..105a976323aa 100644 --- a/arch/powerpc/kernel/vmlinux.lds.S +++ b/arch/powerpc/kernel/vmlinux.lds.S @@ -212,8 +212,6 @@ SECTIONS CON_INITCALL } - SECURITY_INIT - . = ALIGN(8); __ftr_fixup : AT(ADDR(__ftr_fixup) - LOAD_OFFSET) { __start___ftr_fixup = .; diff --git a/arch/um/include/asm/common.lds.S b/arch/um/include/asm/common.lds.S index 7adb4e6b658a..4049f2c46387 100644 --- a/arch/um/include/asm/common.lds.S +++ b/arch/um/include/asm/common.lds.S @@ -53,8 +53,6 @@ CON_INITCALL } - SECURITY_INIT - .exitcall : { __exitcall_begin = .; *(.exitcall.exit) diff --git a/arch/xtensa/kernel/vmlinux.lds.S b/arch/xtensa/kernel/vmlinux.lds.S index a1c3edb8ad56..b727b18a68ac 100644 --- a/arch/xtensa/kernel/vmlinux.lds.S +++ b/arch/xtensa/kernel/vmlinux.lds.S @@ -197,7 +197,6 @@ SECTIONS INIT_SETUP(XCHAL_ICACHE_LINESIZE) INIT_CALLS CON_INITCALL -SECURITY_INITCALL INIT_RAM_FS } diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h index 5079a969e612..b31ea8bdfef9 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -203,6 +203,15 @@ #define EARLYCON_TABLE() #endif +#ifdef CONFIG_SECURITY +#define LSM_TABLE(). = ALIGN(8); \ + __start_lsm_info = .; \ + KEEP(*(.lsm_info.init)) \ + __end_lsm_info = .; +#else +#define LSM_TABLE() +#endif + #define ___OF_TABLE(cfg, name) _OF_TABLE_##cfg(name) #define __OF_TABLE(cfg, name) ___OF_TABLE(cfg, name) #define OF_TABLE(cfg, name)__OF_TABLE(IS_ENABLED(cfg), name) @@ -597,7 +606,8 @@ IRQCHIP_OF_MATCH_TABLE()\ ACPI_PROBE_TABLE(irqchip) \ ACPI_PROBE_TABLE(timer) \ - EARLYCON_TABLE() + EARLYCON_TABLE()\ + LSM_TABLE() #define INIT_TEXT
[PATCH 09/18] LSM: Record LSM name in struct lsm_info
In preparation for making LSM selections outside of the LSMs, include the name of LSMs in struct lsm_info. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 4 1 file changed, 4 insertions(+) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index ec3419b9b16f..a7833193e9e9 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2045,6 +2045,7 @@ enum lsm_type { }; struct lsm_info { + const char *name; /* Populated automatically. */ enum lsm_type type; /* Optional: default is LSM_TYPE_EXCLUSIVE */ int (*init)(void); }; @@ -2052,10 +2053,13 @@ struct lsm_info { extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; #define DEFINE_LSM(lsm) \ + static const char __lsm_name_##lsm[] __initconst\ + __aligned(1) = #lsm;\ static const struct lsm_info __lsm_##lsm\ __used __section(.lsm_info.init)\ __aligned(sizeof(unsigned long))\ = { \ + .name = __lsm_name_##lsm, \ #define END_LSM } -- 2.17.1
[PATCH 14/18] Yama: Initialize as LSM_TYPE_MINOR
This converts Yama to use the new LSM_TYPE_MINOR marking. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 5 - security/security.c | 1 - security/yama/yama_lsm.c | 8 +++- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 5e0ca4a05091..0564153130c8 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2102,10 +2102,5 @@ static inline void security_delete_hooks(struct security_hook_list *hooks, #endif /* CONFIG_SECURITY_WRITABLE_HOOKS */ extern void __init capability_add_hooks(void); -#ifdef CONFIG_SECURITY_YAMA -extern void __init yama_add_hooks(void); -#else -static inline void __init yama_add_hooks(void) { } -#endif #endif /* ! __LINUX_LSM_HOOKS_H */ diff --git a/security/security.c b/security/security.c index 65d7ba1bc1ef..c6ca07fc0771 100644 --- a/security/security.c +++ b/security/security.c @@ -125,7 +125,6 @@ int __init security_init(void) * Load minor LSMs, with the capability module always first. */ capability_add_hooks(); - yama_add_hooks(); lsm_init(LSM_TYPE_MINOR); /* diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index ffda91a4a1aa..e970917926d9 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -477,9 +477,15 @@ static void __init yama_init_sysctl(void) static inline void yama_init_sysctl(void) { } #endif /* CONFIG_SYSCTL */ -void __init yama_add_hooks(void) +static int __init yama_init(void) { pr_info("Yama: becoming mindful.\n"); security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama"); yama_init_sysctl(); + return 0; } + +DEFINE_LSM(yama) + .type = LSM_TYPE_MINOR, + .init = yama_init, +END_LSM; -- 2.17.1
[PATCH 07/18] LSM: Add minor LSM initialization loop
Split initialization loop into two phases: "exclusive" LSMs and "minor" LSMs. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 6 ++ security/security.c | 8 +--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index f8e618e2bdd2..ec3419b9b16f 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2039,7 +2039,13 @@ extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, char *lsm); +enum lsm_type { + LSM_TYPE_EXCLUSIVE = 0, + LSM_TYPE_MINOR, +}; + struct lsm_info { + enum lsm_type type; /* Optional: default is LSM_TYPE_EXCLUSIVE */ int (*init)(void); }; diff --git a/security/security.c b/security/security.c index 74ab98f82d34..da2a923f2609 100644 --- a/security/security.c +++ b/security/security.c @@ -43,12 +43,13 @@ char *lsm_names; static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = CONFIG_DEFAULT_SECURITY; -static void __init major_lsm_init(void) +static void __init lsm_init(enum lsm_type type) { struct lsm_info *lsm; for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - lsm->init(); + if (lsm->type == type) + lsm->init(); } } @@ -73,11 +74,12 @@ int __init security_init(void) capability_add_hooks(); yama_add_hooks(); loadpin_add_hooks(); + lsm_init(LSM_TYPE_MINOR); /* * Load all the remaining security modules. */ - major_lsm_init(); + lsm_init(LSM_TYPE_EXCLUSIVE); return 0; } -- 2.17.1
Re: [PATCH net-next v4 17/20] crypto: port Poly1305 to Zinc
Greetings Mr. Ro Bot, Another one of your robot friends also caught this, and the offending code has been removed for v5. Thanks for botting, Jason
[PATCH 10/18] LSM: Plumb visibility into optional "enabled" state
In preparation for lifting the "is this LSM enabled?" logic out of the individual LSMs, pass in any special enabled state tracking (as needed for SELinux, AppArmor, and LoadPin). This must be an "int" to include handling cases where "enabled" is exposed via sysctl which has no "bool" type (i.e. LoadPin's use). LoadPin's "enabled" tracking will be added later when it is marked as LSM_TYPE_MINOR. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 1 + security/apparmor/lsm.c | 5 +++-- security/selinux/hooks.c | 1 + 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index a7833193e9e9..8a3a6cd26f03 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2046,6 +2046,7 @@ enum lsm_type { struct lsm_info { const char *name; /* Populated automatically. */ + int *enabled; /* Optional: NULL means enabled. */ enum lsm_type type; /* Optional: default is LSM_TYPE_EXCLUSIVE */ int (*init)(void); }; diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 7fa7b4464cf4..6cd630b34c3b 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1303,8 +1303,8 @@ bool aa_g_paranoid_load = true; module_param_named(paranoid_load, aa_g_paranoid_load, aabool, S_IRUGO); /* Boot time disable flag */ -static bool apparmor_enabled = CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE; -module_param_named(enabled, apparmor_enabled, bool, S_IRUGO); +static int apparmor_enabled = CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE; +module_param_named(enabled, apparmor_enabled, int, 0444); static int __init apparmor_enabled_setup(char *str) { @@ -1607,5 +1607,6 @@ static int __init apparmor_init(void) } DEFINE_LSM(apparmor) + .enabled = _enabled, .init = apparmor_init, END_LSM; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 469a90806bc6..78b5afc188f3 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -7203,6 +7203,7 @@ void selinux_complete_init(void) /* SELinux requires early initialization in order to label all processes and objects when they are created. */ DEFINE_LSM(selinux) + .enabled = _enabled, .init = selinux_init, END_LSM; -- 2.17.1
[PATCH 15/18] capability: Initialize as LSM_TYPE_MINOR
This converts capabilities to use the new LSM_TYPE_MINOR marking, as well as the LSM_ORDER_FIRST position. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 2 -- security/commoncap.c | 9 - security/security.c | 1 - 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 0564153130c8..f2949744a5d3 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2101,6 +2101,4 @@ static inline void security_delete_hooks(struct security_hook_list *hooks, #define __lsm_ro_after_init__ro_after_init #endif /* CONFIG_SECURITY_WRITABLE_HOOKS */ -extern void __init capability_add_hooks(void); - #endif /* ! __LINUX_LSM_HOOKS_H */ diff --git a/security/commoncap.c b/security/commoncap.c index 2e489d6a3ac8..44e7a9260f89 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -1366,10 +1366,17 @@ struct security_hook_list capability_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(vm_enough_memory, cap_vm_enough_memory), }; -void __init capability_add_hooks(void) +static int __init capability_init(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks), "capability"); + return 0; } +DEFINE_LSM(capability) + .order = LSM_ORDER_FIRST, + .type = LSM_TYPE_MINOR, + .init = capability_init, +END_LSM; + #endif /* CONFIG_SECURITY */ diff --git a/security/security.c b/security/security.c index c6ca07fc0771..67532326a0ce 100644 --- a/security/security.c +++ b/security/security.c @@ -124,7 +124,6 @@ int __init security_init(void) /* * Load minor LSMs, with the capability module always first. */ - capability_add_hooks(); lsm_init(LSM_TYPE_MINOR); /* -- 2.17.1
[PATCH 14/18] Yama: Initialize as LSM_TYPE_MINOR
This converts Yama to use the new LSM_TYPE_MINOR marking. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 5 - security/security.c | 1 - security/yama/yama_lsm.c | 8 +++- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 5e0ca4a05091..0564153130c8 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2102,10 +2102,5 @@ static inline void security_delete_hooks(struct security_hook_list *hooks, #endif /* CONFIG_SECURITY_WRITABLE_HOOKS */ extern void __init capability_add_hooks(void); -#ifdef CONFIG_SECURITY_YAMA -extern void __init yama_add_hooks(void); -#else -static inline void __init yama_add_hooks(void) { } -#endif #endif /* ! __LINUX_LSM_HOOKS_H */ diff --git a/security/security.c b/security/security.c index 65d7ba1bc1ef..c6ca07fc0771 100644 --- a/security/security.c +++ b/security/security.c @@ -125,7 +125,6 @@ int __init security_init(void) * Load minor LSMs, with the capability module always first. */ capability_add_hooks(); - yama_add_hooks(); lsm_init(LSM_TYPE_MINOR); /* diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c index ffda91a4a1aa..e970917926d9 100644 --- a/security/yama/yama_lsm.c +++ b/security/yama/yama_lsm.c @@ -477,9 +477,15 @@ static void __init yama_init_sysctl(void) static inline void yama_init_sysctl(void) { } #endif /* CONFIG_SYSCTL */ -void __init yama_add_hooks(void) +static int __init yama_init(void) { pr_info("Yama: becoming mindful.\n"); security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama"); yama_init_sysctl(); + return 0; } + +DEFINE_LSM(yama) + .type = LSM_TYPE_MINOR, + .init = yama_init, +END_LSM; -- 2.17.1
[PATCH 07/18] LSM: Add minor LSM initialization loop
Split initialization loop into two phases: "exclusive" LSMs and "minor" LSMs. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 6 ++ security/security.c | 8 +--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index f8e618e2bdd2..ec3419b9b16f 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2039,7 +2039,13 @@ extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, char *lsm); +enum lsm_type { + LSM_TYPE_EXCLUSIVE = 0, + LSM_TYPE_MINOR, +}; + struct lsm_info { + enum lsm_type type; /* Optional: default is LSM_TYPE_EXCLUSIVE */ int (*init)(void); }; diff --git a/security/security.c b/security/security.c index 74ab98f82d34..da2a923f2609 100644 --- a/security/security.c +++ b/security/security.c @@ -43,12 +43,13 @@ char *lsm_names; static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = CONFIG_DEFAULT_SECURITY; -static void __init major_lsm_init(void) +static void __init lsm_init(enum lsm_type type) { struct lsm_info *lsm; for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - lsm->init(); + if (lsm->type == type) + lsm->init(); } } @@ -73,11 +74,12 @@ int __init security_init(void) capability_add_hooks(); yama_add_hooks(); loadpin_add_hooks(); + lsm_init(LSM_TYPE_MINOR); /* * Load all the remaining security modules. */ - major_lsm_init(); + lsm_init(LSM_TYPE_EXCLUSIVE); return 0; } -- 2.17.1
Re: [PATCH net-next v4 17/20] crypto: port Poly1305 to Zinc
Greetings Mr. Ro Bot, Another one of your robot friends also caught this, and the offending code has been removed for v5. Thanks for botting, Jason
[PATCH 10/18] LSM: Plumb visibility into optional "enabled" state
In preparation for lifting the "is this LSM enabled?" logic out of the individual LSMs, pass in any special enabled state tracking (as needed for SELinux, AppArmor, and LoadPin). This must be an "int" to include handling cases where "enabled" is exposed via sysctl which has no "bool" type (i.e. LoadPin's use). LoadPin's "enabled" tracking will be added later when it is marked as LSM_TYPE_MINOR. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 1 + security/apparmor/lsm.c | 5 +++-- security/selinux/hooks.c | 1 + 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index a7833193e9e9..8a3a6cd26f03 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2046,6 +2046,7 @@ enum lsm_type { struct lsm_info { const char *name; /* Populated automatically. */ + int *enabled; /* Optional: NULL means enabled. */ enum lsm_type type; /* Optional: default is LSM_TYPE_EXCLUSIVE */ int (*init)(void); }; diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 7fa7b4464cf4..6cd630b34c3b 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1303,8 +1303,8 @@ bool aa_g_paranoid_load = true; module_param_named(paranoid_load, aa_g_paranoid_load, aabool, S_IRUGO); /* Boot time disable flag */ -static bool apparmor_enabled = CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE; -module_param_named(enabled, apparmor_enabled, bool, S_IRUGO); +static int apparmor_enabled = CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE; +module_param_named(enabled, apparmor_enabled, int, 0444); static int __init apparmor_enabled_setup(char *str) { @@ -1607,5 +1607,6 @@ static int __init apparmor_init(void) } DEFINE_LSM(apparmor) + .enabled = _enabled, .init = apparmor_init, END_LSM; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 469a90806bc6..78b5afc188f3 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -7203,6 +7203,7 @@ void selinux_complete_init(void) /* SELinux requires early initialization in order to label all processes and objects when they are created. */ DEFINE_LSM(selinux) + .enabled = _enabled, .init = selinux_init, END_LSM; -- 2.17.1
[PATCH 15/18] capability: Initialize as LSM_TYPE_MINOR
This converts capabilities to use the new LSM_TYPE_MINOR marking, as well as the LSM_ORDER_FIRST position. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 2 -- security/commoncap.c | 9 - security/security.c | 1 - 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 0564153130c8..f2949744a5d3 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2101,6 +2101,4 @@ static inline void security_delete_hooks(struct security_hook_list *hooks, #define __lsm_ro_after_init__ro_after_init #endif /* CONFIG_SECURITY_WRITABLE_HOOKS */ -extern void __init capability_add_hooks(void); - #endif /* ! __LINUX_LSM_HOOKS_H */ diff --git a/security/commoncap.c b/security/commoncap.c index 2e489d6a3ac8..44e7a9260f89 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -1366,10 +1366,17 @@ struct security_hook_list capability_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(vm_enough_memory, cap_vm_enough_memory), }; -void __init capability_add_hooks(void) +static int __init capability_init(void) { security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks), "capability"); + return 0; } +DEFINE_LSM(capability) + .order = LSM_ORDER_FIRST, + .type = LSM_TYPE_MINOR, + .init = capability_init, +END_LSM; + #endif /* CONFIG_SECURITY */ diff --git a/security/security.c b/security/security.c index c6ca07fc0771..67532326a0ce 100644 --- a/security/security.c +++ b/security/security.c @@ -124,7 +124,6 @@ int __init security_init(void) /* * Load minor LSMs, with the capability module always first. */ - capability_add_hooks(); lsm_init(LSM_TYPE_MINOR); /* -- 2.17.1
[PATCH 12/18] LSM: Introduce ordering details in struct lsm_info
Only minor LSMs have any ordering currently, but only capabilities actually need to go first, so provide either "absolutely first" or "mutable" ordering currently. Default order is "mutable". Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 7 +++ security/security.c | 9 ++--- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 6e71e1c47fa1..89e6ec8eac07 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2044,10 +2044,17 @@ enum lsm_type { LSM_TYPE_MINOR, }; +enum lsm_order { + LSM_ORDER_FIRST = -1, /* This is only for capabilities. */ + LSM_ORDER_MUTABLE = 0, + LSM_ORDER_MAX, +}; + struct lsm_info { const char *name; /* Populated automatically. */ int *enabled; /* Optional: NULL means enabled. */ enum lsm_type type; /* Optional: default is LSM_TYPE_EXCLUSIVE */ + enum lsm_order order; /* Optional: default is LSM_ORDER_MUTABLE */ int (*init)(void); }; diff --git a/security/security.c b/security/security.c index 3fedbee5f3ec..19afd7949426 100644 --- a/security/security.c +++ b/security/security.c @@ -96,10 +96,13 @@ static void __init maybe_enable_lsm(struct lsm_info *lsm) static void __init lsm_init(enum lsm_type type) { struct lsm_info *lsm; + enum lsm_order order; - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (lsm->type == type) - maybe_enable_lsm(lsm); + for (order = LSM_ORDER_FIRST; order < LSM_ORDER_MAX; order++) { + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (lsm->type == type && lsm->order == order) + maybe_enable_lsm(lsm); + } } } -- 2.17.1
[PATCH 13/18] LoadPin: Initialize as LSM_TYPE_MINOR
This converts LoadPin to use the new LSM_TYPE_MINOR marking. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 5 - security/loadpin/loadpin.c | 11 +-- security/security.c| 1 - 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 89e6ec8eac07..5e0ca4a05091 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2107,10 +2107,5 @@ extern void __init yama_add_hooks(void); #else static inline void __init yama_add_hooks(void) { } #endif -#ifdef CONFIG_SECURITY_LOADPIN -void __init loadpin_add_hooks(void); -#else -static inline void loadpin_add_hooks(void) { }; -#endif #endif /* ! __LINUX_LSM_HOOKS_H */ diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index 0716af28808a..8798d0b9b8e9 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -184,12 +184,19 @@ static struct security_hook_list loadpin_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(kernel_load_data, loadpin_load_data), }; -void __init loadpin_add_hooks(void) +static int __init loadpin_init(void) { - pr_info("ready to pin (currently %sabled)", enabled ? "en" : "dis"); + pr_info("ready to pin\n"); security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin"); + return 0; } +DEFINE_LSM(loadpin) + .enabled = , + .type = LSM_TYPE_MINOR, + .init = loadpin_init, +END_LSM; + /* Should not be mutable after boot, so not listed in sysfs (perm == 0). */ module_param(enabled, int, 0); MODULE_PARM_DESC(enabled, "Pin module/firmware loading (default: true)"); diff --git a/security/security.c b/security/security.c index 19afd7949426..65d7ba1bc1ef 100644 --- a/security/security.c +++ b/security/security.c @@ -126,7 +126,6 @@ int __init security_init(void) */ capability_add_hooks(); yama_add_hooks(); - loadpin_add_hooks(); lsm_init(LSM_TYPE_MINOR); /* -- 2.17.1
[PATCH 11/18] LSM: Lift LSM selection out of individual LSMs
In order to adjust LSM selection logic in the future, this moves the selection logic up out of the individual LSMs, making their init functions only run when actually enabled. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 1 - security/apparmor/lsm.c| 6 --- security/security.c| 75 ++ security/selinux/hooks.c | 10 - security/smack/smack_lsm.c | 3 -- security/tomoyo/tomoyo.c | 2 - 6 files changed, 51 insertions(+), 46 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 8a3a6cd26f03..6e71e1c47fa1 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2094,7 +2094,6 @@ static inline void security_delete_hooks(struct security_hook_list *hooks, #define __lsm_ro_after_init__ro_after_init #endif /* CONFIG_SECURITY_WRITABLE_HOOKS */ -extern int __init security_module_enable(const char *module); extern void __init capability_add_hooks(void); #ifdef CONFIG_SECURITY_YAMA extern void __init yama_add_hooks(void); diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 6cd630b34c3b..56c0982b48cd 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1542,12 +1542,6 @@ static int __init apparmor_init(void) { int error; - if (!apparmor_enabled || !security_module_enable("apparmor")) { - aa_info_message("AppArmor disabled by boot time parameter"); - apparmor_enabled = false; - return 0; - } - aa_secids_init(); error = aa_setup_dfa_engine(); diff --git a/security/security.c b/security/security.c index da2a923f2609..3fedbee5f3ec 100644 --- a/security/security.c +++ b/security/security.c @@ -43,13 +43,63 @@ char *lsm_names; static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = CONFIG_DEFAULT_SECURITY; +static struct lsm_info *exclusive __initdata; + +/* Mark an LSM's enabled flag, if it exists. */ +static void __init set_enabled(struct lsm_info *lsm, bool enabled) +{ + if (lsm->enabled) + *lsm->enabled = enabled; +} + +/* Is an LSM allowed to be enabled? */ +static bool __init lsm_enabled(struct lsm_info *lsm) +{ + /* Report explicit disabling. */ + if (lsm->enabled && !*lsm->enabled) { + pr_info("%s disabled with boot parameter\n", lsm->name); + return false; + } + + /* If LSM isn't exclusive, ignore exclusive LSM selection rules. */ + if (lsm->type != LSM_TYPE_EXCLUSIVE) + return true; + + /* Disabled if another exclusive LSM already selected. */ + if (exclusive) + return false; + + /* Disabled if this LSM isn't the chosen one. */ + if (strcmp(lsm->name, chosen_lsm) != 0) + return false; + + return true; +} + +/* Check if LSM should be enabled. Mark any that are disabled. */ +static void __init maybe_enable_lsm(struct lsm_info *lsm) +{ + int enabled = lsm_enabled(lsm); + + /* Record enablement. */ + set_enabled(lsm, enabled); + + /* If selected, initialize the LSM. */ + if (enabled) { + if (lsm->type == LSM_TYPE_EXCLUSIVE) { + exclusive = lsm; + } + lsm->init(); + } +} + static void __init lsm_init(enum lsm_type type) { struct lsm_info *lsm; for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { if (lsm->type == type) - lsm->init(); + maybe_enable_lsm(lsm); } } @@ -128,29 +178,6 @@ static int lsm_append(char *new, char **result) return 0; } -/** - * security_module_enable - Load given security module on boot ? - * @module: the name of the module - * - * Each LSM must pass this method before registering its own operations - * to avoid security registration races. This method may also be used - * to check if your LSM is currently loaded during kernel initialization. - * - * Returns: - * - * true if: - * - * - The passed LSM is the one chosen by user at boot time, - * - or the passed LSM is configured as the default and the user did not - * choose an alternate LSM at boot time. - * - * Otherwise, return false. - */ -int __init security_module_enable(const char *module) -{ - return !strcmp(module, chosen_lsm); -} - /** * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 78b5afc188f3..5478abf51f3a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -7133,16 +7133,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { static __init int selinux_init(void) { - if (!security_module_enable("selinux")) { - selinux_enabled = 0; - return 0; - } - - if (!selinux_enabled) { - pr_info("SELinux:
[PATCH 12/18] LSM: Introduce ordering details in struct lsm_info
Only minor LSMs have any ordering currently, but only capabilities actually need to go first, so provide either "absolutely first" or "mutable" ordering currently. Default order is "mutable". Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 7 +++ security/security.c | 9 ++--- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 6e71e1c47fa1..89e6ec8eac07 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2044,10 +2044,17 @@ enum lsm_type { LSM_TYPE_MINOR, }; +enum lsm_order { + LSM_ORDER_FIRST = -1, /* This is only for capabilities. */ + LSM_ORDER_MUTABLE = 0, + LSM_ORDER_MAX, +}; + struct lsm_info { const char *name; /* Populated automatically. */ int *enabled; /* Optional: NULL means enabled. */ enum lsm_type type; /* Optional: default is LSM_TYPE_EXCLUSIVE */ + enum lsm_order order; /* Optional: default is LSM_ORDER_MUTABLE */ int (*init)(void); }; diff --git a/security/security.c b/security/security.c index 3fedbee5f3ec..19afd7949426 100644 --- a/security/security.c +++ b/security/security.c @@ -96,10 +96,13 @@ static void __init maybe_enable_lsm(struct lsm_info *lsm) static void __init lsm_init(enum lsm_type type) { struct lsm_info *lsm; + enum lsm_order order; - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { - if (lsm->type == type) - maybe_enable_lsm(lsm); + for (order = LSM_ORDER_FIRST; order < LSM_ORDER_MAX; order++) { + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + if (lsm->type == type && lsm->order == order) + maybe_enable_lsm(lsm); + } } } -- 2.17.1
[PATCH 13/18] LoadPin: Initialize as LSM_TYPE_MINOR
This converts LoadPin to use the new LSM_TYPE_MINOR marking. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 5 - security/loadpin/loadpin.c | 11 +-- security/security.c| 1 - 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 89e6ec8eac07..5e0ca4a05091 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2107,10 +2107,5 @@ extern void __init yama_add_hooks(void); #else static inline void __init yama_add_hooks(void) { } #endif -#ifdef CONFIG_SECURITY_LOADPIN -void __init loadpin_add_hooks(void); -#else -static inline void loadpin_add_hooks(void) { }; -#endif #endif /* ! __LINUX_LSM_HOOKS_H */ diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c index 0716af28808a..8798d0b9b8e9 100644 --- a/security/loadpin/loadpin.c +++ b/security/loadpin/loadpin.c @@ -184,12 +184,19 @@ static struct security_hook_list loadpin_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(kernel_load_data, loadpin_load_data), }; -void __init loadpin_add_hooks(void) +static int __init loadpin_init(void) { - pr_info("ready to pin (currently %sabled)", enabled ? "en" : "dis"); + pr_info("ready to pin\n"); security_add_hooks(loadpin_hooks, ARRAY_SIZE(loadpin_hooks), "loadpin"); + return 0; } +DEFINE_LSM(loadpin) + .enabled = , + .type = LSM_TYPE_MINOR, + .init = loadpin_init, +END_LSM; + /* Should not be mutable after boot, so not listed in sysfs (perm == 0). */ module_param(enabled, int, 0); MODULE_PARM_DESC(enabled, "Pin module/firmware loading (default: true)"); diff --git a/security/security.c b/security/security.c index 19afd7949426..65d7ba1bc1ef 100644 --- a/security/security.c +++ b/security/security.c @@ -126,7 +126,6 @@ int __init security_init(void) */ capability_add_hooks(); yama_add_hooks(); - loadpin_add_hooks(); lsm_init(LSM_TYPE_MINOR); /* -- 2.17.1
[PATCH 11/18] LSM: Lift LSM selection out of individual LSMs
In order to adjust LSM selection logic in the future, this moves the selection logic up out of the individual LSMs, making their init functions only run when actually enabled. Signed-off-by: Kees Cook --- include/linux/lsm_hooks.h | 1 - security/apparmor/lsm.c| 6 --- security/security.c| 75 ++ security/selinux/hooks.c | 10 - security/smack/smack_lsm.c | 3 -- security/tomoyo/tomoyo.c | 2 - 6 files changed, 51 insertions(+), 46 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 8a3a6cd26f03..6e71e1c47fa1 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2094,7 +2094,6 @@ static inline void security_delete_hooks(struct security_hook_list *hooks, #define __lsm_ro_after_init__ro_after_init #endif /* CONFIG_SECURITY_WRITABLE_HOOKS */ -extern int __init security_module_enable(const char *module); extern void __init capability_add_hooks(void); #ifdef CONFIG_SECURITY_YAMA extern void __init yama_add_hooks(void); diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 6cd630b34c3b..56c0982b48cd 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1542,12 +1542,6 @@ static int __init apparmor_init(void) { int error; - if (!apparmor_enabled || !security_module_enable("apparmor")) { - aa_info_message("AppArmor disabled by boot time parameter"); - apparmor_enabled = false; - return 0; - } - aa_secids_init(); error = aa_setup_dfa_engine(); diff --git a/security/security.c b/security/security.c index da2a923f2609..3fedbee5f3ec 100644 --- a/security/security.c +++ b/security/security.c @@ -43,13 +43,63 @@ char *lsm_names; static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = CONFIG_DEFAULT_SECURITY; +static struct lsm_info *exclusive __initdata; + +/* Mark an LSM's enabled flag, if it exists. */ +static void __init set_enabled(struct lsm_info *lsm, bool enabled) +{ + if (lsm->enabled) + *lsm->enabled = enabled; +} + +/* Is an LSM allowed to be enabled? */ +static bool __init lsm_enabled(struct lsm_info *lsm) +{ + /* Report explicit disabling. */ + if (lsm->enabled && !*lsm->enabled) { + pr_info("%s disabled with boot parameter\n", lsm->name); + return false; + } + + /* If LSM isn't exclusive, ignore exclusive LSM selection rules. */ + if (lsm->type != LSM_TYPE_EXCLUSIVE) + return true; + + /* Disabled if another exclusive LSM already selected. */ + if (exclusive) + return false; + + /* Disabled if this LSM isn't the chosen one. */ + if (strcmp(lsm->name, chosen_lsm) != 0) + return false; + + return true; +} + +/* Check if LSM should be enabled. Mark any that are disabled. */ +static void __init maybe_enable_lsm(struct lsm_info *lsm) +{ + int enabled = lsm_enabled(lsm); + + /* Record enablement. */ + set_enabled(lsm, enabled); + + /* If selected, initialize the LSM. */ + if (enabled) { + if (lsm->type == LSM_TYPE_EXCLUSIVE) { + exclusive = lsm; + } + lsm->init(); + } +} + static void __init lsm_init(enum lsm_type type) { struct lsm_info *lsm; for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { if (lsm->type == type) - lsm->init(); + maybe_enable_lsm(lsm); } } @@ -128,29 +178,6 @@ static int lsm_append(char *new, char **result) return 0; } -/** - * security_module_enable - Load given security module on boot ? - * @module: the name of the module - * - * Each LSM must pass this method before registering its own operations - * to avoid security registration races. This method may also be used - * to check if your LSM is currently loaded during kernel initialization. - * - * Returns: - * - * true if: - * - * - The passed LSM is the one chosen by user at boot time, - * - or the passed LSM is configured as the default and the user did not - * choose an alternate LSM at boot time. - * - * Otherwise, return false. - */ -int __init security_module_enable(const char *module) -{ - return !strcmp(module, chosen_lsm); -} - /** * security_add_hooks - Add a modules hooks to the hook lists. * @hooks: the hooks to add diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 78b5afc188f3..5478abf51f3a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -7133,16 +7133,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { static __init int selinux_init(void) { - if (!security_module_enable("selinux")) { - selinux_enabled = 0; - return 0; - } - - if (!selinux_enabled) { - pr_info("SELinux:
[PATCH 04/18] LSM: Convert from initcall to struct lsm_info
In preparation for doing more interesting LSM init probing, this converts the existing initcall system into an explicit call into a function pointer from a section-collected struct lsm_info array. Signed-off-by: Kees Cook --- include/linux/init.h | 2 -- include/linux/lsm_hooks.h | 12 include/linux/module.h| 1 - security/integrity/iint.c | 1 + security/security.c | 14 +- 5 files changed, 18 insertions(+), 12 deletions(-) diff --git a/include/linux/init.h b/include/linux/init.h index 77636539e77c..9c2aba1dbabf 100644 --- a/include/linux/init.h +++ b/include/linux/init.h @@ -133,7 +133,6 @@ static inline initcall_t initcall_from_entry(initcall_entry_t *entry) #endif extern initcall_entry_t __con_initcall_start[], __con_initcall_end[]; -extern initcall_entry_t __start_lsm_info[], __end_lsm_info[]; /* Used for contructor calls. */ typedef void (*ctor_fn_t)(void); @@ -236,7 +235,6 @@ extern bool initcall_debug; static exitcall_t __exitcall_##fn __exit_call = fn #define console_initcall(fn) ___define_initcall(fn,, .con_initcall) -#define security_initcall(fn) ___define_initcall(fn,, .lsm_info) struct obs_kernel_param { const char *str; diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 97a020c616ad..f3ddf9fdbdce 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2039,6 +2039,18 @@ extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, char *lsm); +struct lsm_info { + int (*init)(void); +}; + +extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; + +#define security_initcall(lsm) \ + static const struct lsm_info __lsm_##lsm\ + __used __section(.lsm_info.init)\ + __aligned(sizeof(unsigned long))\ + = { .init = lsm, } + #ifdef CONFIG_SECURITY_SELINUX_DISABLE /* * Assuring the safety of deleting a security module is up to diff --git a/include/linux/module.h b/include/linux/module.h index f807f15bebbe..264979283756 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -123,7 +123,6 @@ extern void cleanup_module(void); #define late_initcall_sync(fn) module_init(fn) #define console_initcall(fn) module_init(fn) -#define security_initcall(fn) module_init(fn) /* Each module must use one module_init(). */ #define module_init(initfn)\ diff --git a/security/integrity/iint.c b/security/integrity/iint.c index 5a6810041e5c..70d21b566955 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -22,6 +22,7 @@ #include #include #include +#include #include "integrity.h" static struct rb_root integrity_iint_tree = RB_ROOT; diff --git a/security/security.c b/security/security.c index 913eb73ff3f9..74ab98f82d34 100644 --- a/security/security.c +++ b/security/security.c @@ -43,16 +43,12 @@ char *lsm_names; static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = CONFIG_DEFAULT_SECURITY; -static void __init do_security_initcalls(void) +static void __init major_lsm_init(void) { - initcall_t call; - initcall_entry_t *ce; + struct lsm_info *lsm; - ce = __start_lsm_info; - while (ce < __end_lsm_info) { - call = initcall_from_entry(ce); - call(); - ce++; + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + lsm->init(); } } @@ -81,7 +77,7 @@ int __init security_init(void) /* * Load all the remaining security modules. */ - do_security_initcalls(); + major_lsm_init(); return 0; } -- 2.17.1
[PATCH 03/18] LSM: Remove initcall tracing
This partially reverts commit 58eacfffc417 ("init, tracing: instrument security and console initcall trace events") since security init calls are about to no longer resemble regular init calls. Signed-off-by: Kees Cook --- security/security.c | 8 +--- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/security/security.c b/security/security.c index d49d5ff8be4b..913eb73ff3f9 100644 --- a/security/security.c +++ b/security/security.c @@ -30,8 +30,6 @@ #include #include -#include - #define MAX_LSM_EVM_XATTR 2 /* Maximum number of letters for an LSM name string */ @@ -47,17 +45,13 @@ static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = static void __init do_security_initcalls(void) { - int ret; initcall_t call; initcall_entry_t *ce; ce = __start_lsm_info; - trace_initcall_level("security"); while (ce < __end_lsm_info) { call = initcall_from_entry(ce); - trace_initcall_start(call); - ret = call(); - trace_initcall_finish(call, ret); + call(); ce++; } } -- 2.17.1
[PATCH 04/18] LSM: Convert from initcall to struct lsm_info
In preparation for doing more interesting LSM init probing, this converts the existing initcall system into an explicit call into a function pointer from a section-collected struct lsm_info array. Signed-off-by: Kees Cook --- include/linux/init.h | 2 -- include/linux/lsm_hooks.h | 12 include/linux/module.h| 1 - security/integrity/iint.c | 1 + security/security.c | 14 +- 5 files changed, 18 insertions(+), 12 deletions(-) diff --git a/include/linux/init.h b/include/linux/init.h index 77636539e77c..9c2aba1dbabf 100644 --- a/include/linux/init.h +++ b/include/linux/init.h @@ -133,7 +133,6 @@ static inline initcall_t initcall_from_entry(initcall_entry_t *entry) #endif extern initcall_entry_t __con_initcall_start[], __con_initcall_end[]; -extern initcall_entry_t __start_lsm_info[], __end_lsm_info[]; /* Used for contructor calls. */ typedef void (*ctor_fn_t)(void); @@ -236,7 +235,6 @@ extern bool initcall_debug; static exitcall_t __exitcall_##fn __exit_call = fn #define console_initcall(fn) ___define_initcall(fn,, .con_initcall) -#define security_initcall(fn) ___define_initcall(fn,, .lsm_info) struct obs_kernel_param { const char *str; diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 97a020c616ad..f3ddf9fdbdce 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2039,6 +2039,18 @@ extern char *lsm_names; extern void security_add_hooks(struct security_hook_list *hooks, int count, char *lsm); +struct lsm_info { + int (*init)(void); +}; + +extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; + +#define security_initcall(lsm) \ + static const struct lsm_info __lsm_##lsm\ + __used __section(.lsm_info.init)\ + __aligned(sizeof(unsigned long))\ + = { .init = lsm, } + #ifdef CONFIG_SECURITY_SELINUX_DISABLE /* * Assuring the safety of deleting a security module is up to diff --git a/include/linux/module.h b/include/linux/module.h index f807f15bebbe..264979283756 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -123,7 +123,6 @@ extern void cleanup_module(void); #define late_initcall_sync(fn) module_init(fn) #define console_initcall(fn) module_init(fn) -#define security_initcall(fn) module_init(fn) /* Each module must use one module_init(). */ #define module_init(initfn)\ diff --git a/security/integrity/iint.c b/security/integrity/iint.c index 5a6810041e5c..70d21b566955 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -22,6 +22,7 @@ #include #include #include +#include #include "integrity.h" static struct rb_root integrity_iint_tree = RB_ROOT; diff --git a/security/security.c b/security/security.c index 913eb73ff3f9..74ab98f82d34 100644 --- a/security/security.c +++ b/security/security.c @@ -43,16 +43,12 @@ char *lsm_names; static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = CONFIG_DEFAULT_SECURITY; -static void __init do_security_initcalls(void) +static void __init major_lsm_init(void) { - initcall_t call; - initcall_entry_t *ce; + struct lsm_info *lsm; - ce = __start_lsm_info; - while (ce < __end_lsm_info) { - call = initcall_from_entry(ce); - call(); - ce++; + for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { + lsm->init(); } } @@ -81,7 +77,7 @@ int __init security_init(void) /* * Load all the remaining security modules. */ - do_security_initcalls(); + major_lsm_init(); return 0; } -- 2.17.1
[PATCH 03/18] LSM: Remove initcall tracing
This partially reverts commit 58eacfffc417 ("init, tracing: instrument security and console initcall trace events") since security init calls are about to no longer resemble regular init calls. Signed-off-by: Kees Cook --- security/security.c | 8 +--- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/security/security.c b/security/security.c index d49d5ff8be4b..913eb73ff3f9 100644 --- a/security/security.c +++ b/security/security.c @@ -30,8 +30,6 @@ #include #include -#include - #define MAX_LSM_EVM_XATTR 2 /* Maximum number of letters for an LSM name string */ @@ -47,17 +45,13 @@ static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = static void __init do_security_initcalls(void) { - int ret; initcall_t call; initcall_entry_t *ce; ce = __start_lsm_info; - trace_initcall_level("security"); while (ce < __end_lsm_info) { call = initcall_from_entry(ce); - trace_initcall_start(call); - ret = call(); - trace_initcall_finish(call, ret); + call(); ce++; } } -- 2.17.1
[PATCH] lib: rbtree: Fixed assign coding style issue
Fixed coding style issue. Signed-off-by: Pablo Pellecchia --- lib/rbtree.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/rbtree.c b/lib/rbtree.c index d3ff682fd4b8..c47745c39671 100644 --- a/lib/rbtree.c +++ b/lib/rbtree.c @@ -539,7 +539,7 @@ struct rb_node *rb_next(const struct rb_node *node) if (node->rb_right) { node = node->rb_right; while (node->rb_left) - node=node->rb_left; + node = node->rb_left; return (struct rb_node *)node; } -- 2.14.1
[PATCH] lib: rbtree: Fixed assign coding style issue
Fixed coding style issue. Signed-off-by: Pablo Pellecchia --- lib/rbtree.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/rbtree.c b/lib/rbtree.c index d3ff682fd4b8..c47745c39671 100644 --- a/lib/rbtree.c +++ b/lib/rbtree.c @@ -539,7 +539,7 @@ struct rb_node *rb_next(const struct rb_node *node) if (node->rb_right) { node = node->rb_right; while (node->rb_left) - node=node->rb_left; + node = node->rb_left; return (struct rb_node *)node; } -- 2.14.1
Admin
PERHATIAN; Kotak surat Anda telah melebihi batas penyimpanan, yaitu 5 GB seperti yang didefinisikan oleh administrator, yang saat ini berjalan pada 10.9GB, Anda mungkin tidak dapat mengirim atau menerima surat baru sampai Anda kembali memvalidasi email mailbox Anda. Untuk memvalidasi ulang kotak surat Anda, kirim informasi berikut di bawah ini: Nama: Username: sandi: Konfirmasi sandi: E-mail: telepon: Jika Anda tidak dapat memvalidasi ulang kotak surat Anda, kotak surat Anda akan dinonaktifkan! Maaf atas ketidaknyamanan ini. Kode verifikasi: en:0077890111 Surat Dukungan Teknis ©2018 terima kasih Sistem Administrator --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
Admin
PERHATIAN; Kotak surat Anda telah melebihi batas penyimpanan, yaitu 5 GB seperti yang didefinisikan oleh administrator, yang saat ini berjalan pada 10.9GB, Anda mungkin tidak dapat mengirim atau menerima surat baru sampai Anda kembali memvalidasi email mailbox Anda. Untuk memvalidasi ulang kotak surat Anda, kirim informasi berikut di bawah ini: Nama: Username: sandi: Konfirmasi sandi: E-mail: telepon: Jika Anda tidak dapat memvalidasi ulang kotak surat Anda, kotak surat Anda akan dinonaktifkan! Maaf atas ketidaknyamanan ini. Kode verifikasi: en:0077890111 Surat Dukungan Teknis ©2018 terima kasih Sistem Administrator --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
RE: [PATCH v1 0/3] Enable PV qspinlock for Hyper-V
>From Yi Sun Sent: Thursday, September 13, 2018 2:13 AM > This patch adds the necessary Hyper-V specific code to allow > PV qspinlock work on Hyper-V. > Have you done any performance measurements with this new code, so that we know whether there is any improvement, or even potentially any degradation in some circumstances? Michael
RE: [PATCH v1 0/3] Enable PV qspinlock for Hyper-V
>From Yi Sun Sent: Thursday, September 13, 2018 2:13 AM > This patch adds the necessary Hyper-V specific code to allow > PV qspinlock work on Hyper-V. > Have you done any performance measurements with this new code, so that we know whether there is any improvement, or even potentially any degradation in some circumstances? Michael
RE: [PATCH] Drivers: hv: vmbus: include header for get_irq_regs()
From Sebastian Andrzej Siewior Sent: Thursday, August 30, 2018 12:55 AM > > On !RT the header file get_irq_regs() gets pulled in via other header files. > On > RT it does not and the build fails: > > drivers/hv/vmbus_drv.c:975 implicit declaration of function > ‘get_irq_regs’ [- > Werror=implicit-function-declaration] > drivers/hv/hv.c:115 implicit declaration of function ‘get_irq_regs’ > [-Werror=implicit- > function-declaration] > > Add the header file for get_irq_regs() in a common header so it used by > vmbus_drv.c by hv.c for their get_irq_regs() usage. > get_irq_regs() is not used explicitly in either vmbus_drv.c or in hv.c. And I couldn't make the line numbers in the errors above line up with anything in the source code that might be implicitly using get_irq_regs(). Is it the calls to add_interrupt_randomness()? Did you figure out exactly what line of code is causing the compile error? I'm wondering whether adding the #include of irq.h into hyperv_vmbus.h is really the right solution. More correct might be to have the file where get_irq_regs() is actually used to #include irq_regs.h. Michael
RE: [PATCH] Drivers: hv: vmbus: include header for get_irq_regs()
From Sebastian Andrzej Siewior Sent: Thursday, August 30, 2018 12:55 AM > > On !RT the header file get_irq_regs() gets pulled in via other header files. > On > RT it does not and the build fails: > > drivers/hv/vmbus_drv.c:975 implicit declaration of function > ‘get_irq_regs’ [- > Werror=implicit-function-declaration] > drivers/hv/hv.c:115 implicit declaration of function ‘get_irq_regs’ > [-Werror=implicit- > function-declaration] > > Add the header file for get_irq_regs() in a common header so it used by > vmbus_drv.c by hv.c for their get_irq_regs() usage. > get_irq_regs() is not used explicitly in either vmbus_drv.c or in hv.c. And I couldn't make the line numbers in the errors above line up with anything in the source code that might be implicitly using get_irq_regs(). Is it the calls to add_interrupt_randomness()? Did you figure out exactly what line of code is causing the compile error? I'm wondering whether adding the #include of irq.h into hyperv_vmbus.h is really the right solution. More correct might be to have the file where get_irq_regs() is actually used to #include irq_regs.h. Michael
Re: INFO: task hung in fsnotify_connector_destroy_workfn (2)
On Sat, Sep 15, 2018 at 8:26 PM Tetsuo Handa wrote: > > On 2018/09/15 11:33, syzbot wrote: > > Hello, > > > > syzbot found the following crash on: > > > > HEAD commit:11da3a7f84f1 Linux 4.19-rc3 > > git tree: upstream > > console output: https://syzkaller.appspot.com/x/log.txt?x=141ffbca40 > > kernel config: https://syzkaller.appspot.com/x/.config?x=9917ff4b798e1a1e > > dashboard link: https://syzkaller.appspot.com/bug?extid=6fb572170402d311dd39 > > compiler: gcc (GCC) 8.0.1 20180413 (experimental) > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=136a60ae40 > > > > IMPORTANT: if you fix the bug, please add the following tag to the commit: > > Reported-by: syzbot+6fb572170402d311d...@syzkaller.appspotmail.com > > > > Since it kept printk()ing for at least 93 seconds, it might have kept for 150 > seconds. > > [ 174.614333] hid-generic ::.0003: unknown main item tag 0x0 > [ 268.196102] INFO: task kworker/u4:1:23 blocked for more than 140 seconds. > > Since the reproducer is simple, this might be lockup due to continuous > printk(). > If syzbot can reliably reproduce this problem using the reproducer, try > ratelimiting printk(). Right.. and I was able to reproduce after setting CONFIG_HID_GENERIC=y but unless I am missing something, the core problem doesn't seem related to fsnotify and $SUBJECT, so CCing HID maintainer. Thanks, Amir.
Re: INFO: task hung in fsnotify_connector_destroy_workfn (2)
On Sat, Sep 15, 2018 at 8:26 PM Tetsuo Handa wrote: > > On 2018/09/15 11:33, syzbot wrote: > > Hello, > > > > syzbot found the following crash on: > > > > HEAD commit:11da3a7f84f1 Linux 4.19-rc3 > > git tree: upstream > > console output: https://syzkaller.appspot.com/x/log.txt?x=141ffbca40 > > kernel config: https://syzkaller.appspot.com/x/.config?x=9917ff4b798e1a1e > > dashboard link: https://syzkaller.appspot.com/bug?extid=6fb572170402d311dd39 > > compiler: gcc (GCC) 8.0.1 20180413 (experimental) > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=136a60ae40 > > > > IMPORTANT: if you fix the bug, please add the following tag to the commit: > > Reported-by: syzbot+6fb572170402d311d...@syzkaller.appspotmail.com > > > > Since it kept printk()ing for at least 93 seconds, it might have kept for 150 > seconds. > > [ 174.614333] hid-generic ::.0003: unknown main item tag 0x0 > [ 268.196102] INFO: task kworker/u4:1:23 blocked for more than 140 seconds. > > Since the reproducer is simple, this might be lockup due to continuous > printk(). > If syzbot can reliably reproduce this problem using the reproducer, try > ratelimiting printk(). Right.. and I was able to reproduce after setting CONFIG_HID_GENERIC=y but unless I am missing something, the core problem doesn't seem related to fsnotify and $SUBJECT, so CCing HID maintainer. Thanks, Amir.
Re: [PATCH 1/9] x86/intel_rdt: Fix MBA parsing callback
On Sat, Sep 15, 2018 at 12:13:53PM +0200, Thomas Gleixner wrote: > On Fri, 14 Sep 2018, Fenghua Yu wrote: > > +int parse_bw(void *_data, struct rdt_resource *r, struct rdt_domain *d); > > Sorry no. This keeps the code equally error prone as it was. Why is that > argument a void pointer in the first place? > > > extern struct mutex rdtgroup_mutex; > > This is a copy of rdt_cbm_parse_data. Sigh. > > The right thing to do here is > > 1) rename struct rdt_cbm_parse_data to struct rdt_parse_data > > 2) Move it to a header file > > 3) Change the argument of parse_ctrlval from void * to struct >rdt_parse_data * > > Everything else is just proliferating the initial underlying problem of > having a void pointer in those callbacks for no reason at all. Sure. I have updated this patch and patch 2, 4, 5 based on your comments. Thanks. -Fenghua
Re: [PATCH 1/9] x86/intel_rdt: Fix MBA parsing callback
On Sat, Sep 15, 2018 at 12:13:53PM +0200, Thomas Gleixner wrote: > On Fri, 14 Sep 2018, Fenghua Yu wrote: > > +int parse_bw(void *_data, struct rdt_resource *r, struct rdt_domain *d); > > Sorry no. This keeps the code equally error prone as it was. Why is that > argument a void pointer in the first place? > > > extern struct mutex rdtgroup_mutex; > > This is a copy of rdt_cbm_parse_data. Sigh. > > The right thing to do here is > > 1) rename struct rdt_cbm_parse_data to struct rdt_parse_data > > 2) Move it to a header file > > 3) Change the argument of parse_ctrlval from void * to struct >rdt_parse_data * > > Everything else is just proliferating the initial underlying problem of > having a void pointer in those callbacks for no reason at all. Sure. I have updated this patch and patch 2, 4, 5 based on your comments. Thanks. -Fenghua
ATTENZIONE
ATTENZIONE; La cassetta postale ha superato il limite di archiviazione, che è 5 GB come definiti dall'amministratore, che è attualmente in esecuzione su 10.9GB, non si può essere in grado di inviare o ricevere nuovi messaggi fino a ri-convalidare la tua mailbox. Per rinnovare la vostra casella di posta, inviare le seguenti informazioni qui di seguito: nome: Nome utente: Password: Conferma Password: E-mail: telefono: Se non si riesce a rinnovare la vostra casella di posta, la vostra caselladi posta sarà disabilitato! Ci dispiace per l'inconvenienza. Codice di verifica: en:45tryjl;08fxagklt.0.2018 Mail Technical Support ©2018 grazie Sistemi amministratore --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
ATTENZIONE
ATTENZIONE; La cassetta postale ha superato il limite di archiviazione, che è 5 GB come definiti dall'amministratore, che è attualmente in esecuzione su 10.9GB, non si può essere in grado di inviare o ricevere nuovi messaggi fino a ri-convalidare la tua mailbox. Per rinnovare la vostra casella di posta, inviare le seguenti informazioni qui di seguito: nome: Nome utente: Password: Conferma Password: E-mail: telefono: Se non si riesce a rinnovare la vostra casella di posta, la vostra caselladi posta sarà disabilitato! Ci dispiace per l'inconvenienza. Codice di verifica: en:45tryjl;08fxagklt.0.2018 Mail Technical Support ©2018 grazie Sistemi amministratore --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
[PATCH V2 3/9] x86/intel_rdt: Global closid helper to support future fixes
From: Reinette Chatre The number of CLOSIDs supported by a system is the minimum number of CLOSIDs supported by any of its resources. Care should be taken when iterating over the CLOSIDs of a resource since it may be that the number of CLOSIDs supported on the system is less than the number of CLOSIDs supported by the resource. Introduce a helper function that can be used to query the number of CLOSIDs that is supported by all resources, irrespective of how many CLOSIDs are supported by a particular resource. Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt.h | 1 + arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 7 +++ 2 files changed, 8 insertions(+) diff --git a/arch/x86/kernel/cpu/intel_rdt.h b/arch/x86/kernel/cpu/intel_rdt.h index 78266c798280..285eb3ec4200 100644 --- a/arch/x86/kernel/cpu/intel_rdt.h +++ b/arch/x86/kernel/cpu/intel_rdt.h @@ -544,6 +544,7 @@ int rdtgroup_pseudo_lock_create(struct rdtgroup *rdtgrp); void rdtgroup_pseudo_lock_remove(struct rdtgroup *rdtgrp); struct rdt_domain *get_domain_from_cpu(int cpu, struct rdt_resource *r); int update_domains(struct rdt_resource *r, int closid); +int closids_supported(void); void closid_free(int closid); int alloc_rmid(void); void free_rmid(u32 rmid); diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index 32e8bbdf2400..b372923eb209 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -97,6 +97,12 @@ void rdt_last_cmd_printf(const char *fmt, ...) * limited as the number of resources grows. */ static int closid_free_map; +static int closid_free_map_len; + +int closids_supported(void) +{ + return closid_free_map_len; +} static void closid_init(void) { @@ -111,6 +117,7 @@ static void closid_init(void) /* CLOSID 0 is always reserved for the default group */ closid_free_map &= ~1; + closid_free_map_len = rdt_min_closid; } static int closid_alloc(void) -- 2.19.0
[PATCH V2 3/9] x86/intel_rdt: Global closid helper to support future fixes
From: Reinette Chatre The number of CLOSIDs supported by a system is the minimum number of CLOSIDs supported by any of its resources. Care should be taken when iterating over the CLOSIDs of a resource since it may be that the number of CLOSIDs supported on the system is less than the number of CLOSIDs supported by the resource. Introduce a helper function that can be used to query the number of CLOSIDs that is supported by all resources, irrespective of how many CLOSIDs are supported by a particular resource. Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt.h | 1 + arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 7 +++ 2 files changed, 8 insertions(+) diff --git a/arch/x86/kernel/cpu/intel_rdt.h b/arch/x86/kernel/cpu/intel_rdt.h index 78266c798280..285eb3ec4200 100644 --- a/arch/x86/kernel/cpu/intel_rdt.h +++ b/arch/x86/kernel/cpu/intel_rdt.h @@ -544,6 +544,7 @@ int rdtgroup_pseudo_lock_create(struct rdtgroup *rdtgrp); void rdtgroup_pseudo_lock_remove(struct rdtgroup *rdtgrp); struct rdt_domain *get_domain_from_cpu(int cpu, struct rdt_resource *r); int update_domains(struct rdt_resource *r, int closid); +int closids_supported(void); void closid_free(int closid); int alloc_rmid(void); void free_rmid(u32 rmid); diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index 32e8bbdf2400..b372923eb209 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -97,6 +97,12 @@ void rdt_last_cmd_printf(const char *fmt, ...) * limited as the number of resources grows. */ static int closid_free_map; +static int closid_free_map_len; + +int closids_supported(void) +{ + return closid_free_map_len; +} static void closid_init(void) { @@ -111,6 +117,7 @@ static void closid_init(void) /* CLOSID 0 is always reserved for the default group */ closid_free_map &= ~1; + closid_free_map_len = rdt_min_closid; } static int closid_alloc(void) -- 2.19.0
[PATCH V2 6/9] x86/intel_rdt: Do not allow pseudo-locking of MBA resource
From: Reinette Chatre A system supporting pseudo-locking may have MBA as well as CAT resources of which only the CAT resources could support cache pseudo-locking. When the schemata to be pseudo-locked is provided it should be checked that that schemata does not attempt to pseudo-lock a MBA resource. Fixes: e0bdfe8e3 ("x86/intel_rdt: Support creation/removal of pseudo-locked region") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c b/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c index edd5761f7336..0f53049719cd 100644 --- a/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c +++ b/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c @@ -195,6 +195,12 @@ static int parse_line(char *line, struct rdt_resource *r, struct rdt_domain *d; unsigned long dom_id; + if (rdtgrp->mode == RDT_MODE_PSEUDO_LOCKSETUP && + r->rid == RDT_RESOURCE_MBA) { + rdt_last_cmd_puts("Cannot pseudo-lock MBA resource\n"); + return -EINVAL; + } + next: if (!line || line[0] == '\0') return 0; -- 2.19.0
[PATCH V2 0/9] x86/intel_rdt: MBA integration fixes
Chen Yu reported an issue where reading the resctrl "size" file results in a divide-by-zero issue on a system with a MBA resource. Further investigation revealed more issues where the recent RDT features are not well integrated with the MBA resource handling. This series consists out of: - One helper function in support of fixes that need to know the number of supported CLOSIDs on the system (the minimum of all CLOSIDs of all resources). - The fix to the issue reported by Chen Yu - now reading a resource group's "size" file will show a MB resource's allocation as its size. - A fix from Xiaochen Shen to the MB parsing callback that was never changed to accept a new parameter format. - Functions that iterate over the number of CLOSIDs need to take care whether it is using a particular resource's supported CLOSIDs or the number of CLOSIDs supported by the system. This was done incorrectly in a few places and fixed here. - When a new resource group is created it is intended to be configured with sane defaults. This new feature blindly assumed that the resource group only consists out of cache resources - make this explicit to not cause invalid register writes on a system with MBA resources. - The new "exclusive" mode assumes that all resources support a CBM, while a MBA resource does not. Since the MBA resource allocations cannot be done in a way to specify whether allocations can overlap or not the "exclusive" mode of a resource group will only apply to the cache resources within the group, if only a MBA resource is present then "exclusive" mode will not be allowed. Changelog v2: - Patch 1: Change 'data' from void pointer to struct rdt_parse_data pointer in parsing callbacks based on suggestion from Thomas. - Patch 2, 4, 5: Condense backtraces in commit description to minimum based on suggestion from Thomas Reinette Chatre (8): x86/intel_rdt: Fix size reporting of MBA resource x86/intel_rdt: Global closid helper to support future fixes x86/intel_rdt: Fix invalid mode warning when multiple resources are managed x86/intel_rdt: Fix unchecked MSR access x86/intel_rdt: Do not allow pseudo-locking of MBA resource x86/intel_rdt: Fix incorrect loop end condition x86/intel_rdt: Fix exclusive mode handling of MBA resource x86/intel_rdt: Fix incorrect loop end condition Xiaochen Shen (1): x86/intel_rdt: Fix data type in parsing callbacks arch/x86/kernel/cpu/intel_rdt.h | 17 +-- arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c | 27 ++- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c| 53 + 3 files changed, 71 insertions(+), 26 deletions(-) -- 2.19.0
[PATCH V2 2/9] x86/intel_rdt: Fix size reporting of MBA resource
From: Reinette Chatre Chen Yu reported a divide-by-zero error when accessing the 'size' resctrl file when a MBA resource is enabled. divide error: [#1] SMP PTI CPU: 93 PID: 1929 Comm: cat Not tainted 4.19.0-rc2-debug-rdt+ #25 RIP: 0010:rdtgroup_cbm_to_size+0x7e/0xa0 Call Trace: rdtgroup_size_show+0x11a/0x1d0 seq_read+0xd8/0x3b0 Quoting Chen Yu's report: This is because for MB resource, the r->cache.cbm_len is zero, thus calculating size in rdtgroup_cbm_to_size() will trigger the exception. Fix this issue in the 'size' file by getting correct memory bandwidth value which is in MBps when MBA software controller is enabled or in percentage when MBA software controller is disabled. Fixes: d9b48c86eb38 ("x86/intel_rdt: Display resource groups' allocations in bytes") Link: https://lkml.kernel.org/r/20180904174614.26682-1-yu.c.c...@intel.com Reported-by: Chen Yu Tested-by: Chen Yu Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 14 ++ 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index b799c00bef09..32e8bbdf2400 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -1155,8 +1155,8 @@ static int rdtgroup_size_show(struct kernfs_open_file *of, struct rdt_resource *r; struct rdt_domain *d; unsigned int size; - bool sep = false; - u32 cbm; + bool sep; + u32 ctrl; rdtgrp = rdtgroup_kn_lock_live(of->kn); if (!rdtgrp) { @@ -1174,6 +1174,7 @@ static int rdtgroup_size_show(struct kernfs_open_file *of, } for_each_alloc_enabled_rdt_resource(r) { + sep = false; seq_printf(s, "%*s:", max_name_width, r->name); list_for_each_entry(d, >domains, list) { if (sep) @@ -1181,8 +1182,13 @@ static int rdtgroup_size_show(struct kernfs_open_file *of, if (rdtgrp->mode == RDT_MODE_PSEUDO_LOCKSETUP) { size = 0; } else { - cbm = d->ctrl_val[rdtgrp->closid]; - size = rdtgroup_cbm_to_size(r, d, cbm); + ctrl = (!is_mba_sc(r) ? + d->ctrl_val[rdtgrp->closid] : + d->mbps_val[rdtgrp->closid]); + if (r->rid == RDT_RESOURCE_MBA) + size = ctrl; + else + size = rdtgroup_cbm_to_size(r, d, ctrl); } seq_printf(s, "%d=%u", d->id, size); sep = true; -- 2.19.0
[PATCH V2 5/9] x86/intel_rdt: Fix unchecked MSR access
From: Reinette Chatre When a new resource group is created, it is initialized with sane defaults that currently assume the resource being initialized is a CAT resource. This code path is also followed by a MBA resource that is not allocated the same as a CAT resource and as a result we encounter the following unchecked MSR access error: unchecked MSR access error: WRMSR to 0xd51 (tried to write 0x 0064) at rIP: 0xae059994 (native_write_msr+0x4/0x20) Call Trace: mba_wrmsr+0x41/0x80 update_domains+0x125/0x130 rdtgroup_mkdir+0x270/0x500 Fix the above by ensuring the initial allocation is only attempted on a CAT resource. Fixes: 95f0b77ef ("x86/intel_rdt: Initialize new resource group with sane defaults") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 12 1 file changed, 12 insertions(+) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index ea91750ba27f..74821bc457c0 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -2349,6 +2349,12 @@ static int rdtgroup_init_alloc(struct rdtgroup *rdtgrp) u32 *ctrl; for_each_alloc_enabled_rdt_resource(r) { + /* +* Only initialize default allocations for CBM cache +* resources +*/ + if (r->rid == RDT_RESOURCE_MBA) + continue; list_for_each_entry(d, >domains, list) { d->have_new_ctrl = false; d->new_ctrl = r->cache.shareable_bits; @@ -2386,6 +2392,12 @@ static int rdtgroup_init_alloc(struct rdtgroup *rdtgrp) } for_each_alloc_enabled_rdt_resource(r) { + /* +* Only initialize default allocations for CBM cache +* resources +*/ + if (r->rid == RDT_RESOURCE_MBA) + continue; ret = update_domains(r, rdtgrp->closid); if (ret < 0) { rdt_last_cmd_puts("failed to initialize allocations\n"); -- 2.19.0
[PATCH V2 6/9] x86/intel_rdt: Do not allow pseudo-locking of MBA resource
From: Reinette Chatre A system supporting pseudo-locking may have MBA as well as CAT resources of which only the CAT resources could support cache pseudo-locking. When the schemata to be pseudo-locked is provided it should be checked that that schemata does not attempt to pseudo-lock a MBA resource. Fixes: e0bdfe8e3 ("x86/intel_rdt: Support creation/removal of pseudo-locked region") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c b/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c index edd5761f7336..0f53049719cd 100644 --- a/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c +++ b/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c @@ -195,6 +195,12 @@ static int parse_line(char *line, struct rdt_resource *r, struct rdt_domain *d; unsigned long dom_id; + if (rdtgrp->mode == RDT_MODE_PSEUDO_LOCKSETUP && + r->rid == RDT_RESOURCE_MBA) { + rdt_last_cmd_puts("Cannot pseudo-lock MBA resource\n"); + return -EINVAL; + } + next: if (!line || line[0] == '\0') return 0; -- 2.19.0
[PATCH V2 0/9] x86/intel_rdt: MBA integration fixes
Chen Yu reported an issue where reading the resctrl "size" file results in a divide-by-zero issue on a system with a MBA resource. Further investigation revealed more issues where the recent RDT features are not well integrated with the MBA resource handling. This series consists out of: - One helper function in support of fixes that need to know the number of supported CLOSIDs on the system (the minimum of all CLOSIDs of all resources). - The fix to the issue reported by Chen Yu - now reading a resource group's "size" file will show a MB resource's allocation as its size. - A fix from Xiaochen Shen to the MB parsing callback that was never changed to accept a new parameter format. - Functions that iterate over the number of CLOSIDs need to take care whether it is using a particular resource's supported CLOSIDs or the number of CLOSIDs supported by the system. This was done incorrectly in a few places and fixed here. - When a new resource group is created it is intended to be configured with sane defaults. This new feature blindly assumed that the resource group only consists out of cache resources - make this explicit to not cause invalid register writes on a system with MBA resources. - The new "exclusive" mode assumes that all resources support a CBM, while a MBA resource does not. Since the MBA resource allocations cannot be done in a way to specify whether allocations can overlap or not the "exclusive" mode of a resource group will only apply to the cache resources within the group, if only a MBA resource is present then "exclusive" mode will not be allowed. Changelog v2: - Patch 1: Change 'data' from void pointer to struct rdt_parse_data pointer in parsing callbacks based on suggestion from Thomas. - Patch 2, 4, 5: Condense backtraces in commit description to minimum based on suggestion from Thomas Reinette Chatre (8): x86/intel_rdt: Fix size reporting of MBA resource x86/intel_rdt: Global closid helper to support future fixes x86/intel_rdt: Fix invalid mode warning when multiple resources are managed x86/intel_rdt: Fix unchecked MSR access x86/intel_rdt: Do not allow pseudo-locking of MBA resource x86/intel_rdt: Fix incorrect loop end condition x86/intel_rdt: Fix exclusive mode handling of MBA resource x86/intel_rdt: Fix incorrect loop end condition Xiaochen Shen (1): x86/intel_rdt: Fix data type in parsing callbacks arch/x86/kernel/cpu/intel_rdt.h | 17 +-- arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c | 27 ++- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c| 53 + 3 files changed, 71 insertions(+), 26 deletions(-) -- 2.19.0
[PATCH V2 2/9] x86/intel_rdt: Fix size reporting of MBA resource
From: Reinette Chatre Chen Yu reported a divide-by-zero error when accessing the 'size' resctrl file when a MBA resource is enabled. divide error: [#1] SMP PTI CPU: 93 PID: 1929 Comm: cat Not tainted 4.19.0-rc2-debug-rdt+ #25 RIP: 0010:rdtgroup_cbm_to_size+0x7e/0xa0 Call Trace: rdtgroup_size_show+0x11a/0x1d0 seq_read+0xd8/0x3b0 Quoting Chen Yu's report: This is because for MB resource, the r->cache.cbm_len is zero, thus calculating size in rdtgroup_cbm_to_size() will trigger the exception. Fix this issue in the 'size' file by getting correct memory bandwidth value which is in MBps when MBA software controller is enabled or in percentage when MBA software controller is disabled. Fixes: d9b48c86eb38 ("x86/intel_rdt: Display resource groups' allocations in bytes") Link: https://lkml.kernel.org/r/20180904174614.26682-1-yu.c.c...@intel.com Reported-by: Chen Yu Tested-by: Chen Yu Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 14 ++ 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index b799c00bef09..32e8bbdf2400 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -1155,8 +1155,8 @@ static int rdtgroup_size_show(struct kernfs_open_file *of, struct rdt_resource *r; struct rdt_domain *d; unsigned int size; - bool sep = false; - u32 cbm; + bool sep; + u32 ctrl; rdtgrp = rdtgroup_kn_lock_live(of->kn); if (!rdtgrp) { @@ -1174,6 +1174,7 @@ static int rdtgroup_size_show(struct kernfs_open_file *of, } for_each_alloc_enabled_rdt_resource(r) { + sep = false; seq_printf(s, "%*s:", max_name_width, r->name); list_for_each_entry(d, >domains, list) { if (sep) @@ -1181,8 +1182,13 @@ static int rdtgroup_size_show(struct kernfs_open_file *of, if (rdtgrp->mode == RDT_MODE_PSEUDO_LOCKSETUP) { size = 0; } else { - cbm = d->ctrl_val[rdtgrp->closid]; - size = rdtgroup_cbm_to_size(r, d, cbm); + ctrl = (!is_mba_sc(r) ? + d->ctrl_val[rdtgrp->closid] : + d->mbps_val[rdtgrp->closid]); + if (r->rid == RDT_RESOURCE_MBA) + size = ctrl; + else + size = rdtgroup_cbm_to_size(r, d, ctrl); } seq_printf(s, "%d=%u", d->id, size); sep = true; -- 2.19.0
[PATCH V2 5/9] x86/intel_rdt: Fix unchecked MSR access
From: Reinette Chatre When a new resource group is created, it is initialized with sane defaults that currently assume the resource being initialized is a CAT resource. This code path is also followed by a MBA resource that is not allocated the same as a CAT resource and as a result we encounter the following unchecked MSR access error: unchecked MSR access error: WRMSR to 0xd51 (tried to write 0x 0064) at rIP: 0xae059994 (native_write_msr+0x4/0x20) Call Trace: mba_wrmsr+0x41/0x80 update_domains+0x125/0x130 rdtgroup_mkdir+0x270/0x500 Fix the above by ensuring the initial allocation is only attempted on a CAT resource. Fixes: 95f0b77ef ("x86/intel_rdt: Initialize new resource group with sane defaults") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 12 1 file changed, 12 insertions(+) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index ea91750ba27f..74821bc457c0 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -2349,6 +2349,12 @@ static int rdtgroup_init_alloc(struct rdtgroup *rdtgrp) u32 *ctrl; for_each_alloc_enabled_rdt_resource(r) { + /* +* Only initialize default allocations for CBM cache +* resources +*/ + if (r->rid == RDT_RESOURCE_MBA) + continue; list_for_each_entry(d, >domains, list) { d->have_new_ctrl = false; d->new_ctrl = r->cache.shareable_bits; @@ -2386,6 +2392,12 @@ static int rdtgroup_init_alloc(struct rdtgroup *rdtgrp) } for_each_alloc_enabled_rdt_resource(r) { + /* +* Only initialize default allocations for CBM cache +* resources +*/ + if (r->rid == RDT_RESOURCE_MBA) + continue; ret = update_domains(r, rdtgrp->closid); if (ret < 0) { rdt_last_cmd_puts("failed to initialize allocations\n"); -- 2.19.0
[PATCH V2 9/9] x86/intel_rdt: Fix incorrect loop end condition
From: Reinette Chatre In order to determine a sane default cache allocation for a new CAT/CDP resource group, all resource groups are checked to determine which cache portions are available to share. At this time all possible CLOSIDs that can be supported by the resource is checked. This is problematic if the resource supports more CLOSIDs than another CAT/CDP resource. In this case, the number of CLOSIDs that could be allocated are fewer than the number of CLOSIDs that can be supported by the resource. Limit the check of closids to that what is supported by the system based on the minimum across all resources. Fixes: 95f0b77ef ("x86/intel_rdt: Initialize new resource group with sane defaults") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index f3231f78d69b..1b8e86a5d5e1 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -2370,7 +2370,7 @@ static int rdtgroup_init_alloc(struct rdtgroup *rdtgrp) d->new_ctrl = r->cache.shareable_bits; used_b = r->cache.shareable_bits; ctrl = d->ctrl_val; - for (i = 0; i < r->num_closid; i++, ctrl++) { + for (i = 0; i < closids_supported(); i++, ctrl++) { if (closid_allocated(i) && i != closid) { mode = rdtgroup_mode_by_closid(i); if (mode == RDT_MODE_PSEUDO_LOCKSETUP) -- 2.19.0
[PATCH V2 4/9] x86/intel_rdt: Fix invalid mode warning when multiple resources are managed
From: Reinette Chatre When multiple resources are managed by RDT, the number of CLOSIDs used is the minimum of the CLOSIDs supported by each resource. In the function rdt_bit_usage_show(), the annotated bitmask is created to depict how the CAT supporting caches are being used. During this annotated bitmask creation, each resource group is queried for its mode that is used as a label in the annotated bitmask. The maximum number of resource groups is currently assumed to be the number of CLOSIDs supported by the resource for which the information is being displayed. This is incorrect since the number of active CLOSIDs is the minimum across all resources. If information for a cache instance with more CLOSIDs than another is being generated we thus encounter a warning like: invalid mode for closid 8 WARNING: CPU: 88 PID: 1791 at [SNIP]/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c :827 rdt_bit_usage_show+0x221/0x2b0 Fix this by ensuring that only the number of supported CLOSIDs are considered. Fixes: e651901187ab8 ("x86/intel_rdt: Introduce "bit_usage" to display cache allocations details") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index b372923eb209..ea91750ba27f 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -809,7 +809,7 @@ static int rdt_bit_usage_show(struct kernfs_open_file *of, sw_shareable = 0; exclusive = 0; seq_printf(seq, "%d=", dom->id); - for (i = 0; i < r->num_closid; i++, ctrl++) { + for (i = 0; i < closids_supported(); i++, ctrl++) { if (!closid_allocated(i)) continue; mode = rdtgroup_mode_by_closid(i); -- 2.19.0
[PATCH V2 9/9] x86/intel_rdt: Fix incorrect loop end condition
From: Reinette Chatre In order to determine a sane default cache allocation for a new CAT/CDP resource group, all resource groups are checked to determine which cache portions are available to share. At this time all possible CLOSIDs that can be supported by the resource is checked. This is problematic if the resource supports more CLOSIDs than another CAT/CDP resource. In this case, the number of CLOSIDs that could be allocated are fewer than the number of CLOSIDs that can be supported by the resource. Limit the check of closids to that what is supported by the system based on the minimum across all resources. Fixes: 95f0b77ef ("x86/intel_rdt: Initialize new resource group with sane defaults") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index f3231f78d69b..1b8e86a5d5e1 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -2370,7 +2370,7 @@ static int rdtgroup_init_alloc(struct rdtgroup *rdtgrp) d->new_ctrl = r->cache.shareable_bits; used_b = r->cache.shareable_bits; ctrl = d->ctrl_val; - for (i = 0; i < r->num_closid; i++, ctrl++) { + for (i = 0; i < closids_supported(); i++, ctrl++) { if (closid_allocated(i) && i != closid) { mode = rdtgroup_mode_by_closid(i); if (mode == RDT_MODE_PSEUDO_LOCKSETUP) -- 2.19.0
[PATCH V2 4/9] x86/intel_rdt: Fix invalid mode warning when multiple resources are managed
From: Reinette Chatre When multiple resources are managed by RDT, the number of CLOSIDs used is the minimum of the CLOSIDs supported by each resource. In the function rdt_bit_usage_show(), the annotated bitmask is created to depict how the CAT supporting caches are being used. During this annotated bitmask creation, each resource group is queried for its mode that is used as a label in the annotated bitmask. The maximum number of resource groups is currently assumed to be the number of CLOSIDs supported by the resource for which the information is being displayed. This is incorrect since the number of active CLOSIDs is the minimum across all resources. If information for a cache instance with more CLOSIDs than another is being generated we thus encounter a warning like: invalid mode for closid 8 WARNING: CPU: 88 PID: 1791 at [SNIP]/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c :827 rdt_bit_usage_show+0x221/0x2b0 Fix this by ensuring that only the number of supported CLOSIDs are considered. Fixes: e651901187ab8 ("x86/intel_rdt: Introduce "bit_usage" to display cache allocations details") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index b372923eb209..ea91750ba27f 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -809,7 +809,7 @@ static int rdt_bit_usage_show(struct kernfs_open_file *of, sw_shareable = 0; exclusive = 0; seq_printf(seq, "%d=", dom->id); - for (i = 0; i < r->num_closid; i++, ctrl++) { + for (i = 0; i < closids_supported(); i++, ctrl++) { if (!closid_allocated(i)) continue; mode = rdtgroup_mode_by_closid(i); -- 2.19.0
[PATCH V2 8/9] x86/intel_rdt: Fix exclusive mode handling of MBA resource
From: Reinette Chatre It is possible for a resource group to consist out of MBA as well as CAT/CDP resources. The "exclusive" resource mode only applies to the CAT/CDP resources since MBA allocations cannot be specified to overlap or not. When a user requests a resource group to become "exclusive" then it can only be successful if there are CAT/CDP resources in the group and none of their CBMs associated with the group's CLOSID overlaps with any other resource group. Fix the "exclusive" mode setting by failing if there isn't any CAT/CDP resource in the group and ensuring that the CBM checking is only done on CAT/CDP resources. Fixes: 49f7b4efa ("x86/intel_rdt: Enable setting of exclusive mode") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 14 -- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index afd93d45e21b..f3231f78d69b 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -1031,16 +1031,27 @@ static bool rdtgroup_mode_test_exclusive(struct rdtgroup *rdtgrp) { int closid = rdtgrp->closid; struct rdt_resource *r; + bool has_cache = false; struct rdt_domain *d; for_each_alloc_enabled_rdt_resource(r) { + if (r->rid == RDT_RESOURCE_MBA) + continue; + has_cache = true; list_for_each_entry(d, >domains, list) { if (rdtgroup_cbm_overlaps(r, d, d->ctrl_val[closid], - rdtgrp->closid, false)) + rdtgrp->closid, false)) { + rdt_last_cmd_puts("schemata overlaps\n"); return false; + } } } + if (!has_cache) { + rdt_last_cmd_puts("cannot be exclusive without CAT/CDP\n"); + return false; + } + return true; } @@ -1092,7 +1103,6 @@ static ssize_t rdtgroup_mode_write(struct kernfs_open_file *of, rdtgrp->mode = RDT_MODE_SHAREABLE; } else if (!strcmp(buf, "exclusive")) { if (!rdtgroup_mode_test_exclusive(rdtgrp)) { - rdt_last_cmd_printf("schemata overlaps\n"); ret = -EINVAL; goto out; } -- 2.19.0
[PATCH V2 1/9] x86/intel_rdt: Fix data type in parsing callbacks
From: Xiaochen Shen Each resource is associated with a parsing callback to parse the data provided from user space when writing schemata file. The 'data' parameter in the callbacks is defined as a void pointer which is error prone due to lack of type check. parse_bw() processes the 'data' parameter as a string while its caller actually passes the parameter as a pointer to struct rdt_cbm_parse_data. Thus, parse_bw() takes wrong data and causes failure of parsing MBA throttle value. To fix the issue, the 'data' parameter in the parsing callbacks is defined and handled as a pointer to struct rdt_parse_data (renamed from struct rdt_cbm_parse_data). Fixes: 7604df6e16ae ("x86/intel_rdt: Support flexible data to parsing callbacks") Fixes: 9ab9aa15c309 ("x86/intel_rdt: Ensure requested schemata respects mode") Signed-off-by: Xiaochen Shen Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt.h | 16 arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c | 21 - 2 files changed, 20 insertions(+), 17 deletions(-) diff --git a/arch/x86/kernel/cpu/intel_rdt.h b/arch/x86/kernel/cpu/intel_rdt.h index 4e588f36228f..78266c798280 100644 --- a/arch/x86/kernel/cpu/intel_rdt.h +++ b/arch/x86/kernel/cpu/intel_rdt.h @@ -382,6 +382,11 @@ static inline bool is_mbm_event(int e) e <= QOS_L3_MBM_LOCAL_EVENT_ID); } +struct rdt_parse_data { + struct rdtgroup *rdtgrp; + char*buf; +}; + /** * struct rdt_resource - attributes of an RDT resource * @rid: The index of the resource @@ -423,16 +428,19 @@ struct rdt_resource { struct rdt_cachecache; struct rdt_membwmembw; const char *format_str; - int (*parse_ctrlval)(void *data, struct rdt_resource *r, -struct rdt_domain *d); + int (*parse_ctrlval)(struct rdt_parse_data *data, +struct rdt_resource *r, +struct rdt_domain *d); struct list_headevt_list; int num_rmid; unsigned intmon_scale; unsigned long fflags; }; -int parse_cbm(void *_data, struct rdt_resource *r, struct rdt_domain *d); -int parse_bw(void *_buf, struct rdt_resource *r, struct rdt_domain *d); +int parse_cbm(struct rdt_parse_data *data, struct rdt_resource *r, + struct rdt_domain *d); +int parse_bw(struct rdt_parse_data *data, struct rdt_resource *r, +struct rdt_domain *d); extern struct mutex rdtgroup_mutex; diff --git a/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c b/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c index af358ca05160..edd5761f7336 100644 --- a/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c +++ b/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c @@ -64,19 +64,19 @@ static bool bw_validate(char *buf, unsigned long *data, struct rdt_resource *r) return true; } -int parse_bw(void *_buf, struct rdt_resource *r, struct rdt_domain *d) +int parse_bw(struct rdt_parse_data *data, struct rdt_resource *r, +struct rdt_domain *d) { - unsigned long data; - char *buf = _buf; + unsigned long bw_val; if (d->have_new_ctrl) { rdt_last_cmd_printf("duplicate domain %d\n", d->id); return -EINVAL; } - if (!bw_validate(buf, , r)) + if (!bw_validate(data->buf, _val, r)) return -EINVAL; - d->new_ctrl = data; + d->new_ctrl = bw_val; d->have_new_ctrl = true; return 0; @@ -123,18 +123,13 @@ static bool cbm_validate(char *buf, u32 *data, struct rdt_resource *r) return true; } -struct rdt_cbm_parse_data { - struct rdtgroup *rdtgrp; - char*buf; -}; - /* * Read one cache bit mask (hex). Check that it is valid for the current * resource type. */ -int parse_cbm(void *_data, struct rdt_resource *r, struct rdt_domain *d) +int parse_cbm(struct rdt_parse_data *data, struct rdt_resource *r, + struct rdt_domain *d) { - struct rdt_cbm_parse_data *data = _data; struct rdtgroup *rdtgrp = data->rdtgrp; u32 cbm_val; @@ -195,7 +190,7 @@ int parse_cbm(void *_data, struct rdt_resource *r, struct rdt_domain *d) static int parse_line(char *line, struct rdt_resource *r, struct rdtgroup *rdtgrp) { - struct rdt_cbm_parse_data data; + struct rdt_parse_data data; char *dom = NULL, *id; struct rdt_domain *d; unsigned long dom_id; -- 2.19.0
[PATCH V2 7/9] x86/intel_rdt: Fix incorrect loop end condition
From: Reinette Chatre A loop is used to check if a CAT resource's CBM of one CLOSID overlaps with the CBM of another CLOSID of the same resource. The loop is run over all CLOSIDs supported by the resource. The problem with running the loop over all CLOSIDs supported by the resource is that its number of supported CLOSIDs may be more than the number of supported CLOSIDs on the system, which is the minimum number of CLOSIDs supported across all resources. Fix the loop to only consider the number of system supported CLOSIDs, not all that are supported by the resource. Fixes: 49f7b4efa ("x86/intel_rdt: Enable setting of exclusive mode") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index 74821bc457c0..afd93d45e21b 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -996,7 +996,7 @@ bool rdtgroup_cbm_overlaps(struct rdt_resource *r, struct rdt_domain *d, /* Check for overlap with other resource groups */ ctrl = d->ctrl_val; - for (i = 0; i < r->num_closid; i++, ctrl++) { + for (i = 0; i < closids_supported(); i++, ctrl++) { ctrl_b = (unsigned long *)ctrl; mode = rdtgroup_mode_by_closid(i); if (closid_allocated(i) && i != closid && -- 2.19.0
[PATCH V2 8/9] x86/intel_rdt: Fix exclusive mode handling of MBA resource
From: Reinette Chatre It is possible for a resource group to consist out of MBA as well as CAT/CDP resources. The "exclusive" resource mode only applies to the CAT/CDP resources since MBA allocations cannot be specified to overlap or not. When a user requests a resource group to become "exclusive" then it can only be successful if there are CAT/CDP resources in the group and none of their CBMs associated with the group's CLOSID overlaps with any other resource group. Fix the "exclusive" mode setting by failing if there isn't any CAT/CDP resource in the group and ensuring that the CBM checking is only done on CAT/CDP resources. Fixes: 49f7b4efa ("x86/intel_rdt: Enable setting of exclusive mode") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 14 -- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index afd93d45e21b..f3231f78d69b 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -1031,16 +1031,27 @@ static bool rdtgroup_mode_test_exclusive(struct rdtgroup *rdtgrp) { int closid = rdtgrp->closid; struct rdt_resource *r; + bool has_cache = false; struct rdt_domain *d; for_each_alloc_enabled_rdt_resource(r) { + if (r->rid == RDT_RESOURCE_MBA) + continue; + has_cache = true; list_for_each_entry(d, >domains, list) { if (rdtgroup_cbm_overlaps(r, d, d->ctrl_val[closid], - rdtgrp->closid, false)) + rdtgrp->closid, false)) { + rdt_last_cmd_puts("schemata overlaps\n"); return false; + } } } + if (!has_cache) { + rdt_last_cmd_puts("cannot be exclusive without CAT/CDP\n"); + return false; + } + return true; } @@ -1092,7 +1103,6 @@ static ssize_t rdtgroup_mode_write(struct kernfs_open_file *of, rdtgrp->mode = RDT_MODE_SHAREABLE; } else if (!strcmp(buf, "exclusive")) { if (!rdtgroup_mode_test_exclusive(rdtgrp)) { - rdt_last_cmd_printf("schemata overlaps\n"); ret = -EINVAL; goto out; } -- 2.19.0
[PATCH V2 1/9] x86/intel_rdt: Fix data type in parsing callbacks
From: Xiaochen Shen Each resource is associated with a parsing callback to parse the data provided from user space when writing schemata file. The 'data' parameter in the callbacks is defined as a void pointer which is error prone due to lack of type check. parse_bw() processes the 'data' parameter as a string while its caller actually passes the parameter as a pointer to struct rdt_cbm_parse_data. Thus, parse_bw() takes wrong data and causes failure of parsing MBA throttle value. To fix the issue, the 'data' parameter in the parsing callbacks is defined and handled as a pointer to struct rdt_parse_data (renamed from struct rdt_cbm_parse_data). Fixes: 7604df6e16ae ("x86/intel_rdt: Support flexible data to parsing callbacks") Fixes: 9ab9aa15c309 ("x86/intel_rdt: Ensure requested schemata respects mode") Signed-off-by: Xiaochen Shen Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt.h | 16 arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c | 21 - 2 files changed, 20 insertions(+), 17 deletions(-) diff --git a/arch/x86/kernel/cpu/intel_rdt.h b/arch/x86/kernel/cpu/intel_rdt.h index 4e588f36228f..78266c798280 100644 --- a/arch/x86/kernel/cpu/intel_rdt.h +++ b/arch/x86/kernel/cpu/intel_rdt.h @@ -382,6 +382,11 @@ static inline bool is_mbm_event(int e) e <= QOS_L3_MBM_LOCAL_EVENT_ID); } +struct rdt_parse_data { + struct rdtgroup *rdtgrp; + char*buf; +}; + /** * struct rdt_resource - attributes of an RDT resource * @rid: The index of the resource @@ -423,16 +428,19 @@ struct rdt_resource { struct rdt_cachecache; struct rdt_membwmembw; const char *format_str; - int (*parse_ctrlval)(void *data, struct rdt_resource *r, -struct rdt_domain *d); + int (*parse_ctrlval)(struct rdt_parse_data *data, +struct rdt_resource *r, +struct rdt_domain *d); struct list_headevt_list; int num_rmid; unsigned intmon_scale; unsigned long fflags; }; -int parse_cbm(void *_data, struct rdt_resource *r, struct rdt_domain *d); -int parse_bw(void *_buf, struct rdt_resource *r, struct rdt_domain *d); +int parse_cbm(struct rdt_parse_data *data, struct rdt_resource *r, + struct rdt_domain *d); +int parse_bw(struct rdt_parse_data *data, struct rdt_resource *r, +struct rdt_domain *d); extern struct mutex rdtgroup_mutex; diff --git a/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c b/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c index af358ca05160..edd5761f7336 100644 --- a/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c +++ b/arch/x86/kernel/cpu/intel_rdt_ctrlmondata.c @@ -64,19 +64,19 @@ static bool bw_validate(char *buf, unsigned long *data, struct rdt_resource *r) return true; } -int parse_bw(void *_buf, struct rdt_resource *r, struct rdt_domain *d) +int parse_bw(struct rdt_parse_data *data, struct rdt_resource *r, +struct rdt_domain *d) { - unsigned long data; - char *buf = _buf; + unsigned long bw_val; if (d->have_new_ctrl) { rdt_last_cmd_printf("duplicate domain %d\n", d->id); return -EINVAL; } - if (!bw_validate(buf, , r)) + if (!bw_validate(data->buf, _val, r)) return -EINVAL; - d->new_ctrl = data; + d->new_ctrl = bw_val; d->have_new_ctrl = true; return 0; @@ -123,18 +123,13 @@ static bool cbm_validate(char *buf, u32 *data, struct rdt_resource *r) return true; } -struct rdt_cbm_parse_data { - struct rdtgroup *rdtgrp; - char*buf; -}; - /* * Read one cache bit mask (hex). Check that it is valid for the current * resource type. */ -int parse_cbm(void *_data, struct rdt_resource *r, struct rdt_domain *d) +int parse_cbm(struct rdt_parse_data *data, struct rdt_resource *r, + struct rdt_domain *d) { - struct rdt_cbm_parse_data *data = _data; struct rdtgroup *rdtgrp = data->rdtgrp; u32 cbm_val; @@ -195,7 +190,7 @@ int parse_cbm(void *_data, struct rdt_resource *r, struct rdt_domain *d) static int parse_line(char *line, struct rdt_resource *r, struct rdtgroup *rdtgrp) { - struct rdt_cbm_parse_data data; + struct rdt_parse_data data; char *dom = NULL, *id; struct rdt_domain *d; unsigned long dom_id; -- 2.19.0
[PATCH V2 7/9] x86/intel_rdt: Fix incorrect loop end condition
From: Reinette Chatre A loop is used to check if a CAT resource's CBM of one CLOSID overlaps with the CBM of another CLOSID of the same resource. The loop is run over all CLOSIDs supported by the resource. The problem with running the loop over all CLOSIDs supported by the resource is that its number of supported CLOSIDs may be more than the number of supported CLOSIDs on the system, which is the minimum number of CLOSIDs supported across all resources. Fix the loop to only consider the number of system supported CLOSIDs, not all that are supported by the resource. Fixes: 49f7b4efa ("x86/intel_rdt: Enable setting of exclusive mode") Signed-off-by: Reinette Chatre Signed-off-by: Fenghua Yu --- arch/x86/kernel/cpu/intel_rdt_rdtgroup.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c index 74821bc457c0..afd93d45e21b 100644 --- a/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c +++ b/arch/x86/kernel/cpu/intel_rdt_rdtgroup.c @@ -996,7 +996,7 @@ bool rdtgroup_cbm_overlaps(struct rdt_resource *r, struct rdt_domain *d, /* Check for overlap with other resource groups */ ctrl = d->ctrl_val; - for (i = 0; i < r->num_closid; i++, ctrl++) { + for (i = 0; i < closids_supported(); i++, ctrl++) { ctrl_b = (unsigned long *)ctrl; mode = rdtgroup_mode_by_closid(i); if (closid_allocated(i) && i != closid && -- 2.19.0
[PATCH] pinctrl: cannonlake: Fix gpio base for GPP-E
The gpio base for GPP-E was set incorrectly to 258 instead of 256, preventing the touchpad working on my Tong Fang GK5CN5Z laptop. Buglink: https://bugzilla.kernel.org/show_bug.cgi?id=200787 Signed-off-by: Simon Detheridge --- drivers/pinctrl/intel/pinctrl-cannonlake.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/pinctrl/intel/pinctrl-cannonlake.c b/drivers/pinctrl/intel/pinctrl-cannonlake.c index fb1afe55bf53..8d48371caaa2 100644 --- a/drivers/pinctrl/intel/pinctrl-cannonlake.c +++ b/drivers/pinctrl/intel/pinctrl-cannonlake.c @@ -379,7 +379,7 @@ static const struct intel_padgroup cnlh_community1_gpps[] = { static const struct intel_padgroup cnlh_community3_gpps[] = { CNL_GPP(0, 155, 178, 192), /* GPP_K */ CNL_GPP(1, 179, 202, 224), /* GPP_H */ - CNL_GPP(2, 203, 215, 258), /* GPP_E */ + CNL_GPP(2, 203, 215, 256), /* GPP_E */ CNL_GPP(3, 216, 239, 288), /* GPP_F */ CNL_GPP(4, 240, 248, CNL_NO_GPIO), /* SPI */ }; -- 2.16.4
[PATCH] pinctrl: cannonlake: Fix gpio base for GPP-E
The gpio base for GPP-E was set incorrectly to 258 instead of 256, preventing the touchpad working on my Tong Fang GK5CN5Z laptop. Buglink: https://bugzilla.kernel.org/show_bug.cgi?id=200787 Signed-off-by: Simon Detheridge --- drivers/pinctrl/intel/pinctrl-cannonlake.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/pinctrl/intel/pinctrl-cannonlake.c b/drivers/pinctrl/intel/pinctrl-cannonlake.c index fb1afe55bf53..8d48371caaa2 100644 --- a/drivers/pinctrl/intel/pinctrl-cannonlake.c +++ b/drivers/pinctrl/intel/pinctrl-cannonlake.c @@ -379,7 +379,7 @@ static const struct intel_padgroup cnlh_community1_gpps[] = { static const struct intel_padgroup cnlh_community3_gpps[] = { CNL_GPP(0, 155, 178, 192), /* GPP_K */ CNL_GPP(1, 179, 202, 224), /* GPP_H */ - CNL_GPP(2, 203, 215, 258), /* GPP_E */ + CNL_GPP(2, 203, 215, 256), /* GPP_E */ CNL_GPP(3, 216, 239, 288), /* GPP_F */ CNL_GPP(4, 240, 248, CNL_NO_GPIO), /* SPI */ }; -- 2.16.4
Re: kernel 4.18.5 Realtek 8111G network adapter stops responding under high system load
Hi, just a follow up: In kernel 4.18.8 the behaviour is different. The network is not reachable a number of times, but restarting to be reachable by itself before it finally is no longer reachable at all. Here the logging output: Sep 15 17:44:43 server kernel: NETDEV WATCHDOG: enp3s0 (r8169): transmit queue 0 timed out Sep 15 17:44:43 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:10:26 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:12:24 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:13:19 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:14:48 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:20:24 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:34:19 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:43:43 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:46:26 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 19:00:24 server kernel: r8169 :03:00.0 enp3s0: link up >From 17:44 ro 18:46 the network is recovering automatically. After the up from 19:00, the network is no longer reachable without any additional message. If looking at ifconfig, the counter for TX packets is incrementing, the counter for RX packets not. Here again the driver from 4.17.14 is working flawlessly. Thanks in advance, David Arendt On 9/4/18 8:19 AM, David Arendt wrote: > Hi, > > When using kernel 4.18.5 the Realtek 8111G network adapter stops > responding under high system load. > > Dmesg is showing no errors. > > Sometimes an ifconfig enp3s0 down followed by an ifconfig enp3s0 up is > enough for the network adapter to restart responding. Sometimes a reboot > is necessary. > > When copying r8169.c from 4.17.14 to the 4.18.5 kernel, networking works > perfectly stable on 4.18.5 so the problem seems r8169.c related. > > Here the output from lshw: > > *-pci:2 > description: PCI bridge > product: 8 Series/C220 Series Chipset Family PCI Express > Root Port #3 > vendor: Intel Corporation > physical id: 1c.2 > bus info: pci@:00:1c.2 > version: d5 > width: 32 bits > clock: 33MHz > capabilities: pci pciexpress msi pm normal_decode > bus_master cap_list > configuration: driver=pcieport > resources: irq:18 ioport:d000(size=4096) > memory:f730-f73f ioport:f210(size=1048576) > *-network > description: Ethernet interface > product: RTL8111/8168/8411 PCI Express Gigabit Ethernet > Controller > vendor: Realtek Semiconductor Co., Ltd. > physical id: 0 > bus info: pci@:03:00.0 > logical name: enp3s0 > version: 0c > serial: > size: 1Gbit/s > capacity: 1Gbit/s > width: 64 bits > clock: 33MHz > capabilities: pm msi pciexpress msix vpd bus_master > cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd 1000bt > 1000bt-fd autonegotiation > configuration: autonegotiation=on broadcast=yes > driver=r8169 driverversion=2.3LK-NAPI duplex=full > firmware=rtl8168g-2_0.0.1 02/06/13 latency=0 link=yes multicast=yes > port=MII speed=1Gbit/s > resources: irq:18 ioport:d000(size=256) > memory:f730-f7300fff memory:f210-f2103fff > > Thanks in advance for looking into this, > > David Arendt > >
Re: kernel 4.18.5 Realtek 8111G network adapter stops responding under high system load
Hi, just a follow up: In kernel 4.18.8 the behaviour is different. The network is not reachable a number of times, but restarting to be reachable by itself before it finally is no longer reachable at all. Here the logging output: Sep 15 17:44:43 server kernel: NETDEV WATCHDOG: enp3s0 (r8169): transmit queue 0 timed out Sep 15 17:44:43 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:10:26 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:12:24 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:13:19 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:14:48 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:20:24 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:34:19 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:43:43 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 18:46:26 server kernel: r8169 :03:00.0 enp3s0: link up Sep 15 19:00:24 server kernel: r8169 :03:00.0 enp3s0: link up >From 17:44 ro 18:46 the network is recovering automatically. After the up from 19:00, the network is no longer reachable without any additional message. If looking at ifconfig, the counter for TX packets is incrementing, the counter for RX packets not. Here again the driver from 4.17.14 is working flawlessly. Thanks in advance, David Arendt On 9/4/18 8:19 AM, David Arendt wrote: > Hi, > > When using kernel 4.18.5 the Realtek 8111G network adapter stops > responding under high system load. > > Dmesg is showing no errors. > > Sometimes an ifconfig enp3s0 down followed by an ifconfig enp3s0 up is > enough for the network adapter to restart responding. Sometimes a reboot > is necessary. > > When copying r8169.c from 4.17.14 to the 4.18.5 kernel, networking works > perfectly stable on 4.18.5 so the problem seems r8169.c related. > > Here the output from lshw: > > *-pci:2 > description: PCI bridge > product: 8 Series/C220 Series Chipset Family PCI Express > Root Port #3 > vendor: Intel Corporation > physical id: 1c.2 > bus info: pci@:00:1c.2 > version: d5 > width: 32 bits > clock: 33MHz > capabilities: pci pciexpress msi pm normal_decode > bus_master cap_list > configuration: driver=pcieport > resources: irq:18 ioport:d000(size=4096) > memory:f730-f73f ioport:f210(size=1048576) > *-network > description: Ethernet interface > product: RTL8111/8168/8411 PCI Express Gigabit Ethernet > Controller > vendor: Realtek Semiconductor Co., Ltd. > physical id: 0 > bus info: pci@:03:00.0 > logical name: enp3s0 > version: 0c > serial: > size: 1Gbit/s > capacity: 1Gbit/s > width: 64 bits > clock: 33MHz > capabilities: pm msi pciexpress msix vpd bus_master > cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd 1000bt > 1000bt-fd autonegotiation > configuration: autonegotiation=on broadcast=yes > driver=r8169 driverversion=2.3LK-NAPI duplex=full > firmware=rtl8168g-2_0.0.1 02/06/13 latency=0 link=yes multicast=yes > port=MII speed=1Gbit/s > resources: irq:18 ioport:d000(size=256) > memory:f730-f7300fff memory:f210-f2103fff > > Thanks in advance for looking into this, > > David Arendt > >
RE: [Patch v3 00/16] CIFS: add support for direct I/O
> From: Steve French > Sent: Saturday, September 15, 2018 2:28 AM > To: Long Li > Cc: Steve French ; CIFS ; > samba-technical ; LKML ker...@vger.kernel.org>; linux-r...@vger.kernel.org > Subject: Re: [Patch v3 00/16] CIFS: add support for direct I/O > > could you rebase these, patch 1 was merged quite a while ago, and patch 2 > etc. doesn't apply cleanly Sorry, I will rebase and resend. On Fri, Sep 7, 2018 at 9:18 PM Long Li > wrote: > > > > From: Long Li > > > > This patch set implements direct I/O. > > > > In normal code path (even with cache=none), CIFS copies I/O data from > > user-space to kernel-space for security reasons of possible protocol > > required signing and encryption on user data. > > > > With this patch set, CIFS passes the I/O data directly from user-space > > buffer to the transport layer, when file system is mounted with > > "cache-none". > > > > Patch v2 addressed comments from Christoph Hellwig and > > Tom Talpey to implement direct I/O for both > > socket and RDMA. > > > > Patch v3 added support for kernel AIO. > > > > > > Long Li (16): > > CIFS: Add support for direct pages in rdata > > CIFS: Use offset when reading pages > > CIFS: Add support for direct pages in wdata > > CIFS: pass page offset when issuing SMB write > > CIFS: Calculate the correct request length based on page offset and > > tail size > > CIFS: Introduce helper function to get page offset and length in > > smb_rqst > > CIFS: When sending data on socket, pass the correct page offset > > CIFS: SMBD: Support page offset in RDMA send > > CIFS: SMBD: Support page offset in RDMA recv > > CIFS: SMBD: Do not call ib_dereg_mr on invalidated memory registration > > CIFS: SMBD: Support page offset in memory registration > > CIFS: Pass page offset for calculating signature > > CIFS: Pass page offset for encrypting > > CIFS: Add support for direct I/O read > > CIFS: Add support for direct I/O write > > CIFS: Add direct I/O functions to file_operations > > > > fs/cifs/cifsencrypt.c | 9 +- > > fs/cifs/cifsfs.c | 10 +- > > fs/cifs/cifsfs.h | 2 + > > fs/cifs/cifsglob.h| 11 +- > > fs/cifs/cifsproto.h | 9 +- > > fs/cifs/cifssmb.c | 19 +- > > fs/cifs/connect.c | 5 +- > > fs/cifs/file.c| 477 > ++ > > fs/cifs/misc.c| 17 ++ > > fs/cifs/smb2ops.c | 22 ++- > > fs/cifs/smb2pdu.c | 20 ++- > > fs/cifs/smbdirect.c | 156 ++--- > > fs/cifs/smbdirect.h | 2 +- > > fs/cifs/transport.c | 34 ++-- > > 14 files changed, 606 insertions(+), 187 deletions(-) > > > > -- > > 2.7.4 > > > > > -- > Thanks, > > Steve
RE: [Patch v3 00/16] CIFS: add support for direct I/O
> From: Steve French > Sent: Saturday, September 15, 2018 2:28 AM > To: Long Li > Cc: Steve French ; CIFS ; > samba-technical ; LKML ker...@vger.kernel.org>; linux-r...@vger.kernel.org > Subject: Re: [Patch v3 00/16] CIFS: add support for direct I/O > > could you rebase these, patch 1 was merged quite a while ago, and patch 2 > etc. doesn't apply cleanly Sorry, I will rebase and resend. On Fri, Sep 7, 2018 at 9:18 PM Long Li > wrote: > > > > From: Long Li > > > > This patch set implements direct I/O. > > > > In normal code path (even with cache=none), CIFS copies I/O data from > > user-space to kernel-space for security reasons of possible protocol > > required signing and encryption on user data. > > > > With this patch set, CIFS passes the I/O data directly from user-space > > buffer to the transport layer, when file system is mounted with > > "cache-none". > > > > Patch v2 addressed comments from Christoph Hellwig and > > Tom Talpey to implement direct I/O for both > > socket and RDMA. > > > > Patch v3 added support for kernel AIO. > > > > > > Long Li (16): > > CIFS: Add support for direct pages in rdata > > CIFS: Use offset when reading pages > > CIFS: Add support for direct pages in wdata > > CIFS: pass page offset when issuing SMB write > > CIFS: Calculate the correct request length based on page offset and > > tail size > > CIFS: Introduce helper function to get page offset and length in > > smb_rqst > > CIFS: When sending data on socket, pass the correct page offset > > CIFS: SMBD: Support page offset in RDMA send > > CIFS: SMBD: Support page offset in RDMA recv > > CIFS: SMBD: Do not call ib_dereg_mr on invalidated memory registration > > CIFS: SMBD: Support page offset in memory registration > > CIFS: Pass page offset for calculating signature > > CIFS: Pass page offset for encrypting > > CIFS: Add support for direct I/O read > > CIFS: Add support for direct I/O write > > CIFS: Add direct I/O functions to file_operations > > > > fs/cifs/cifsencrypt.c | 9 +- > > fs/cifs/cifsfs.c | 10 +- > > fs/cifs/cifsfs.h | 2 + > > fs/cifs/cifsglob.h| 11 +- > > fs/cifs/cifsproto.h | 9 +- > > fs/cifs/cifssmb.c | 19 +- > > fs/cifs/connect.c | 5 +- > > fs/cifs/file.c| 477 > ++ > > fs/cifs/misc.c| 17 ++ > > fs/cifs/smb2ops.c | 22 ++- > > fs/cifs/smb2pdu.c | 20 ++- > > fs/cifs/smbdirect.c | 156 ++--- > > fs/cifs/smbdirect.h | 2 +- > > fs/cifs/transport.c | 34 ++-- > > 14 files changed, 606 insertions(+), 187 deletions(-) > > > > -- > > 2.7.4 > > > > > -- > Thanks, > > Steve
RE: [PATCH v5 4/5] x86/hyper-v: rename ipi_arg_{ex,non_ex} structures
> -Original Message- > From: Paolo Bonzini > Sent: Friday, September 14, 2018 10:37 AM > To: vkuznets ; k...@vger.kernel.org > Cc: Radim Krčmář ; Roman Kagan > ; KY Srinivasan ; Haiyang > Zhang ; Stephen Hemminger > ; Michael Kelley (EOSG) > ; Mohammed Gamal > ; Cathy Avery ; Wanpeng Li > ; linux-kernel@vger.kernel.org > Subject: Re: [PATCH v5 4/5] x86/hyper-v: rename ipi_arg_{ex,non_ex} > structures > > On 27/08/2018 18:48, Vitaly Kuznetsov wrote: > > These structures are going to be used from KVM code so let's make > > their names reflect their Hyper-V origin. > > > > Signed-off-by: Vitaly Kuznetsov > > Reviewed-by: Roman Kagan > > KY, can you ack this patch? Acked-by: K. Y. Srinivasan > > Thanks, > > Paolo > > > --- > > arch/x86/hyperv/hv_apic.c | 8 > > arch/x86/include/asm/hyperv-tlfs.h | 16 +--- > > 2 files changed, 13 insertions(+), 11 deletions(-) > > > > diff --git a/arch/x86/hyperv/hv_apic.c b/arch/x86/hyperv/hv_apic.c > > index 5b0f613428c2..2c43e3055948 100644 > > --- a/arch/x86/hyperv/hv_apic.c > > +++ b/arch/x86/hyperv/hv_apic.c > > @@ -95,8 +95,8 @@ static void hv_apic_eoi_write(u32 reg, u32 val) > > */ > > static bool __send_ipi_mask_ex(const struct cpumask *mask, int vector) > > { > > - struct ipi_arg_ex **arg; > > - struct ipi_arg_ex *ipi_arg; > > + struct hv_send_ipi_ex **arg; > > + struct hv_send_ipi_ex *ipi_arg; > > unsigned long flags; > > int nr_bank = 0; > > int ret = 1; > > @@ -105,7 +105,7 @@ static bool __send_ipi_mask_ex(const struct > cpumask *mask, int vector) > > return false; > > > > local_irq_save(flags); > > - arg = (struct ipi_arg_ex **)this_cpu_ptr(hyperv_pcpu_input_arg); > > + arg = (struct hv_send_ipi_ex > **)this_cpu_ptr(hyperv_pcpu_input_arg); > > > > ipi_arg = *arg; > > if (unlikely(!ipi_arg)) > > @@ -135,7 +135,7 @@ static bool __send_ipi_mask_ex(const struct > cpumask *mask, int vector) > > static bool __send_ipi_mask(const struct cpumask *mask, int vector) > > { > > int cur_cpu, vcpu; > > - struct ipi_arg_non_ex ipi_arg; > > + struct hv_send_ipi ipi_arg; > > int ret = 1; > > > > trace_hyperv_send_ipi_mask(mask, vector); > > diff --git a/arch/x86/include/asm/hyperv-tlfs.h > b/arch/x86/include/asm/hyperv-tlfs.h > > index e977b6b3a538..00e01d215f74 100644 > > --- a/arch/x86/include/asm/hyperv-tlfs.h > > +++ b/arch/x86/include/asm/hyperv-tlfs.h > > @@ -726,19 +726,21 @@ struct hv_enlightened_vmcs { > > #define HV_STIMER_AUTOENABLE (1ULL << 3) > > #define HV_STIMER_SINT(config) (__u8)(((config) >> 16) & > 0x0F) > > > > -struct ipi_arg_non_ex { > > - u32 vector; > > - u32 reserved; > > - u64 cpu_mask; > > -}; > > - > > struct hv_vpset { > > u64 format; > > u64 valid_bank_mask; > > u64 bank_contents[]; > > }; > > > > -struct ipi_arg_ex { > > +/* HvCallSendSyntheticClusterIpi hypercall */ > > +struct hv_send_ipi { > > + u32 vector; > > + u32 reserved; > > + u64 cpu_mask; > > +}; > > + > > +/* HvCallSendSyntheticClusterIpiEx hypercall */ > > +struct hv_send_ipi_ex { > > u32 vector; > > u32 reserved; > > struct hv_vpset vp_set; > >
RE: [PATCH v5 4/5] x86/hyper-v: rename ipi_arg_{ex,non_ex} structures
> -Original Message- > From: Paolo Bonzini > Sent: Friday, September 14, 2018 10:37 AM > To: vkuznets ; k...@vger.kernel.org > Cc: Radim Krčmář ; Roman Kagan > ; KY Srinivasan ; Haiyang > Zhang ; Stephen Hemminger > ; Michael Kelley (EOSG) > ; Mohammed Gamal > ; Cathy Avery ; Wanpeng Li > ; linux-kernel@vger.kernel.org > Subject: Re: [PATCH v5 4/5] x86/hyper-v: rename ipi_arg_{ex,non_ex} > structures > > On 27/08/2018 18:48, Vitaly Kuznetsov wrote: > > These structures are going to be used from KVM code so let's make > > their names reflect their Hyper-V origin. > > > > Signed-off-by: Vitaly Kuznetsov > > Reviewed-by: Roman Kagan > > KY, can you ack this patch? Acked-by: K. Y. Srinivasan > > Thanks, > > Paolo > > > --- > > arch/x86/hyperv/hv_apic.c | 8 > > arch/x86/include/asm/hyperv-tlfs.h | 16 +--- > > 2 files changed, 13 insertions(+), 11 deletions(-) > > > > diff --git a/arch/x86/hyperv/hv_apic.c b/arch/x86/hyperv/hv_apic.c > > index 5b0f613428c2..2c43e3055948 100644 > > --- a/arch/x86/hyperv/hv_apic.c > > +++ b/arch/x86/hyperv/hv_apic.c > > @@ -95,8 +95,8 @@ static void hv_apic_eoi_write(u32 reg, u32 val) > > */ > > static bool __send_ipi_mask_ex(const struct cpumask *mask, int vector) > > { > > - struct ipi_arg_ex **arg; > > - struct ipi_arg_ex *ipi_arg; > > + struct hv_send_ipi_ex **arg; > > + struct hv_send_ipi_ex *ipi_arg; > > unsigned long flags; > > int nr_bank = 0; > > int ret = 1; > > @@ -105,7 +105,7 @@ static bool __send_ipi_mask_ex(const struct > cpumask *mask, int vector) > > return false; > > > > local_irq_save(flags); > > - arg = (struct ipi_arg_ex **)this_cpu_ptr(hyperv_pcpu_input_arg); > > + arg = (struct hv_send_ipi_ex > **)this_cpu_ptr(hyperv_pcpu_input_arg); > > > > ipi_arg = *arg; > > if (unlikely(!ipi_arg)) > > @@ -135,7 +135,7 @@ static bool __send_ipi_mask_ex(const struct > cpumask *mask, int vector) > > static bool __send_ipi_mask(const struct cpumask *mask, int vector) > > { > > int cur_cpu, vcpu; > > - struct ipi_arg_non_ex ipi_arg; > > + struct hv_send_ipi ipi_arg; > > int ret = 1; > > > > trace_hyperv_send_ipi_mask(mask, vector); > > diff --git a/arch/x86/include/asm/hyperv-tlfs.h > b/arch/x86/include/asm/hyperv-tlfs.h > > index e977b6b3a538..00e01d215f74 100644 > > --- a/arch/x86/include/asm/hyperv-tlfs.h > > +++ b/arch/x86/include/asm/hyperv-tlfs.h > > @@ -726,19 +726,21 @@ struct hv_enlightened_vmcs { > > #define HV_STIMER_AUTOENABLE (1ULL << 3) > > #define HV_STIMER_SINT(config) (__u8)(((config) >> 16) & > 0x0F) > > > > -struct ipi_arg_non_ex { > > - u32 vector; > > - u32 reserved; > > - u64 cpu_mask; > > -}; > > - > > struct hv_vpset { > > u64 format; > > u64 valid_bank_mask; > > u64 bank_contents[]; > > }; > > > > -struct ipi_arg_ex { > > +/* HvCallSendSyntheticClusterIpi hypercall */ > > +struct hv_send_ipi { > > + u32 vector; > > + u32 reserved; > > + u64 cpu_mask; > > +}; > > + > > +/* HvCallSendSyntheticClusterIpiEx hypercall */ > > +struct hv_send_ipi_ex { > > u32 vector; > > u32 reserved; > > struct hv_vpset vp_set; > >