commit 70c1674f62026e455c0c821fb7f4baf24d2d1139 Author: David Howells Date: Tue Oct 16 21:28:05 2012 +0100 UAPI: (Scripted) Disintegrate arch/parisc/include/asm Signed-off-by: David Howells Acked-by: Arnd Bergmann Acked-by: Thomas Gleixner Acked-by: Michael Kerrisk Acked-by: Paul E. McKenney Acked-by: Dave Jones commit dd8e8c4a2c902d8350b702e7bc7c2799e5e7e331 Author: David Rientjes Date: Mon Oct 15 13:40:15 2012 -0700 thermal, cpufreq: Fix build when CPU_FREQ_TABLE isn't configured Commit 023614183768 ("thermal: add generic cpufreq cooling implementation") requires cpufreq_frequency_get_table(), but that function is only defined for CONFIG_CPU_FREQ_TABLE resulting in the following build error: drivers/built-in.o: In function `cpufreq_get_max_state': drivers/thermal/cpu_cooling.c:259: undefined reference to `cpufreq_frequency_get_table' drivers/built-in.o: In function `get_cpu_frequency': drivers/thermal/cpu_cooling.c:129: undefined reference to `cpufreq_frequency_get_table' Fix it by selecting CONFIG_CPU_FREQ_TABLE for such a configuration. It turns out CONFIG_EXYNOS_THERMAL also needs CONFIG_CPU_FREQ_TABLE, so select it there as well. Signed-off-by: David Rientjes Signed-off-by: Linus Torvalds commit 3ce9e53e788881da0d5f3912f80e0dd6b501f304 Author: Michal Marek Date: Mon Oct 15 21:16:56 2012 +0200 kbuild: Fix accidental revert in commit fe04ddf Commit fe04ddf7c291 ("kbuild: Do not package /boot and /lib in make tar-pkg") accidentally reverted two previous kbuild commits. I don't know what I was thinking. This brings back changes made by commits 24cc7fb69a5b ("x86/kbuild: archscripts depends on scripts_basic") and c1c1a59e37da ("firmware: fix directory creation rule matching with make 3.80") Reported-by: Jan Beulich Cc: Signed-off-by: Michal Marek Signed-off-by: Linus Torvalds commit 29bb4cc5e0547a7589556f8629e39016c5d203c0 Author: Randy Dunlap Date: Sun Oct 14 18:50:05 2012 -0700 docbook: networking: fix file paths for uapi headers Update file paths in Documentation/DocBook/networking.tmpl for uapi headers. Signed-off-by: Randy Dunlap Signed-off-by: Linus Torvalds commit 325adeb55e32c50055c654e5b06a49f0bd88420b Author: Ralf Baechle Date: Mon Oct 15 13:44:56 2012 +0200 mm: huge_memory: Fix build error. Certain configurations won't implicitly pull in resulting in the following build error: mm/huge_memory.c: In function 'release_pte_page': mm/huge_memory.c:1697:2: error: implicit declaration of function 'unlock_page' [-Werror=implicit-function-declaration] mm/huge_memory.c: In function '__collapse_huge_page_isolate': mm/huge_memory.c:1757:3: error: implicit declaration of function 'trylock_page' [-Werror=implicit-function-declaration] cc1: some warnings being treated as errors Reported-by: David Daney Signed-off-by: Ralf Baechle Signed-off-by: Linus Torvalds commit 68687c842caefd5386d47a571fb4725df3556891 Author: Russell King Date: Mon Oct 15 00:16:49 2012 +0100 ARM: fix oops on initial entry to userspace with Thumb2 kernels Daniel Mack reports an oops at boot with the latest kernels: Internal error: Oops - undefined instruction: 0 [#1] SMP THUMB2 Modules linked in: CPU: 0 Not tainted (3.6.0-11057-g584df1d #145) PC is at cpsw_probe+0x45a/0x9ac LR is at trace_hardirqs_on_caller+0x8f/0xfc pc : [] lr : [] psr: 60000113 sp : cf055fb0 ip : 00000000 fp : 00000000 r10: 00000000 r9 : 00000000 r8 : 00000000 r7 : 00000000 r6 : 00000000 r5 : c0344555 r4 : 00000000 r3 : cf057a40 r2 : 00000000 r1 : 00000001 r0 : 00000000 Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user Control: 50c5387d Table: 8f3f4019 DAC: 00000015 Process init (pid: 1, stack limit = 0xcf054240) Stack: (0xcf055fb0 to 0xcf056000) 5fa0: 00000001 00000000 00000000 00000000 5fc0: cf055fb0 c000d1a8 00000000 00000000 00000000 00000000 00000000 00000000 5fe0: 00000000 be9b3f10 00000000 b6f6add0 00000010 00000000 aaaabfaf a8babbaa The analysis of this is as follows. In init/main.c, we issue: kernel_thread(kernel_init, NULL, CLONE_FS | CLONE_SIGHAND); This creates a new thread, which falls through to the ret_from_fork assembly, with r4 set NULL and r5 set to kernel_init. You can see this in your oops dump register set - r5 is 0xc0344555, which is the address of kernel_init plus 1 which marks the function as Thumb code. Now, let's look at this code a little closer - this is what the disassembly looks like: c000d180 : c000d180: f03a fe08 bl c0047d94 c000d184: 2d00 cmp r5, #0 c000d186: bf1e ittt ne c000d188: 4620 movne r0, r4 c000d18a: 46fe movne lr, pc <-- XXXXXXX c000d18c: 46af movne pc, r5 c000d18e: 46e9 mov r9, sp c000d190: ea4f 3959 mov.w r9, r9, lsr #13 c000d194: ea4f 3949 mov.w r9, r9, lsl #13 c000d198: e7c8 b.n c000d12c c000d19a: bf00 nop c000d19c: f3af 8000 nop.w This code was introduced in 9fff2fa0db911 (arm: switch to saner kernel_execve() semantics). I have marked one instruction, and it's the significant one - I'll come back to that later. Eventually, having had a successful call to kernel_execve(), kernel_init() returns zero. In returning, it uses the value in 'lr' which was set by the instruction I marked above. Unfortunately, this causes lr to contain 0xc000d18e - an even address. This switches the ISA to ARM on return but with a non word aligned PC value. So, what do we end up executing? Well, not the instructions above - yes the opcodes, but they don't mean the same thing in ARM mode. In ARM mode, it looks like this instead: c000d18c: 46e946af strbtmi r4, [r9], pc, lsr #13 c000d190: 3959ea4f ldmdbcc r9, {r0, r1, r2, r3, r6, r9, fp, sp, lr, pc}^ c000d194: 3949ea4f stmdbcc r9, {r0, r1, r2, r3, r6, r9, fp, sp, lr, pc}^ c000d198: bf00e7c8 svclt 0x0000e7c8 c000d19c: 8000f3af andhi pc, r0, pc, lsr #7 c000d1a0: e88db092 stm sp, {r1, r4, r7, ip, sp, pc} c000d1a4: 46e81fff ; instruction: 0x46e81fff c000d1a8: 8a00f3ef bhi 0xc004a16c c000d1ac: 0a0cf08a beq 0xc03493dc I have included more above, because it's relevant. The PSR flags which we can see in the oops dump are nZCv, so Z and C are set. All the above ARM instructions are not executed, except for two. c000d1a0, which has no writeback, and writes below the current stack pointer (and that data is lost when we take the next exception.) The other instruction which is executed is c000d1ac, which takes us to... 0xc03493dc. However, remember that bit 1 of the PC got set. So that makes the PC value 0xc03493de. And that value is the value we find in the oops dump for PC. What is the instruction here when interpreted in ARM mode? 0: f71e150c ; instruction: 0xf71e150c and there we have our undefined instruction (remember that the 'never' condition code, 0xf, has been deprecated and is now always executed as it is now being used for additional instructions.) This path also nicely explains the state of the stack we see in the oops dump too. The above is a consistent and sane story for how we got to the oops dump, which all stems from the instruction at 0xc000d18a being wrong. Reported-by: Daniel Mack Tested-by: Daniel Mack Signed-off-by: Russell King Signed-off-by: Linus Torvalds commit ddffeb8c4d0331609ef2581d84de4d763607bd37 Author: Linus Torvalds Date: Sun Oct 14 14:41:04 2012 -0700 Linux 3.7-rc1 commit b6eea87fc6850d3531a64a27d2323a4498cd4e43 Author: Matt Fleming Date: Fri Oct 12 11:19:59 2012 +0100 x86, boot: Explicitly include autoconf.h for hostprogs The hostprogs need access to the CONFIG_* symbols found in include/generated/autoconf.h. But commit abbf1590de22 ("UAPI: Partition the header include path sets and add uapi/ header directories") replaced $(LINUXINCLUDE) with $(USERINCLUDE) which doesn't contain the necessary include paths. This has the undesirable effect of breaking the EFI boot stub because the #ifdef CONFIG_EFI_STUB code in arch/x86/boot/tools/build.c is never compiled. It should also be noted that because $(USERINCLUDE) isn't exported by the top-level Makefile it's actually empty in arch/x86/boot/Makefile. Cc: H. Peter Anvin Cc: Ingo Molnar Acked-by: David Howells Signed-off-by: Matt Fleming Signed-off-by: Linus Torvalds commit 7d380c8f1ed2b6768e1fc496ad373f716160fcf0 Author: Ingo Molnar Date: Sun Oct 14 10:40:57 2012 +0200 perf: Fix UAPI fallout The UAPI commits forgot to test tooling builds such as tools/perf/, and this fixes the fallout. Manual conversion. Signed-off-by: Ingo Molnar Signed-off-by: Linus Torvalds commit 7d55a5dd61f794df89a733b1b8223cdbffe8897c Author: James Bottomley Date: Fri Sep 28 11:54:48 2012 +0100 [PARISC] asm: redo generic includes Signed-off-by: James Bottomley commit 49a94e9482e70777ae0e03351a0c2c18bbdfebda Author: Thomas Bogendoerfer Date: Thu Oct 11 11:14:13 2012 +0200 MIPS: SNI: Switch RM400 serial to SCCNXP driver The new SCCNXP driver supports the SC2681 chips used in RM400 machines. We now use the new driver instead of the old SC26xx driver. Signed-off-by: Thomas Bogendoerfer Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/4417/ Signed-off-by: Ralf Baechle commit fd9e8392c3353cf0c84ecc5443db5bbc1eebf861 Author: Ralf Baechle Date: Thu Oct 11 11:14:12 2012 +0200 MIPS: Remove unused empty_bad_pmd_table[] declaration. Signed-off-by: Ralf Baechle commit 2551aebc670073530d15ee249c6e41afda82a98b Author: Ralf Baechle Date: Thu Oct 11 11:14:12 2012 +0200 MIPS: MT: Remove kspd. Signed-off-by: Ralf Baechle commit 2eaaac508a7435dda92f9f16d612a1354ea3d7c4 Author: Ralf Baechle Date: Thu Oct 11 11:14:12 2012 +0200 MIPS: Malta: Fix section mismatch. LD arch/mips/pci/built-in.o WARNING: arch/mips/pci/built-in.o(.devinit.text+0x2a0): Section mismatch in reference from the function malta_piix_func0_fixup() to the variable .init.data:pci_irq The function __devinit malta_piix_func0_fixup() references a variable __initdata pci_irq. If pci_irq is only used by malta_piix_func0_fixup then annotate pci_irq with a matching annotation. Signed-off-by: Ralf Baechle commit 3efd5a0db50157cb55cef9ea77ce1d470df61a80 Author: Ralf Baechle Date: Sat Sep 15 17:00:16 2012 +0200 MIPS: asm-offset.c: Delete unused irq_cpustat_t struct offsets. Originally added in 05b541489c48e7fbeec19a92acf8683230750d0a [Merge with Linux 2.5.5.] over 10 years ago but never been used. Signed-off-by: Ralf Baechle commit 851d4f5d387d1db856f01d9e7167014187a48fb4 Author: Manuel Lauss Date: Fri Sep 14 18:25:00 2012 +0200 MIPS: Alchemy: Merge PB1100/1500 support into DB1000 code. The PB1100/1500 are similar to their DB-cousins but with a few more devices on the bus. This patch adds PB1100/1500 support to the existing DB1100/1500 code. Signed-off-by: Manuel Lauss Cc: lnux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/4338/ Signed-off-by: Ralf Baechle commit 24e8c1a611a706f51d4d9dc39b2c9977e25a54c4 Author: Manuel Lauss Date: Fri Sep 14 14:47:10 2012 +0200 MIPS: Alchemy: merge PB1550 support into DB1550 code The PB1550 is more or less a DB1550 without the PCI IDE controller, a more complicated (read: configurable) Flash setup and some other minor changes. Like the DB1550 it can be automatically detected by reading the CPLD ID register bits. This patch adds PB1550 detection and setup to the DB1550 code. Signed-off-by: Manuel Lauss Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/4337/ Signed-off-by: Ralf Baechle commit bd8510df881f63a9e7768824cf0e33c4702dcde1 Author: Manuel Lauss Date: Thu Sep 13 17:44:39 2012 +0200 MIPS: Alchemy: Single kernel for DB1200/1300/1550 Combine support for the DB1200/PB1200, DB1300 and DB1550 boards into a single kernel image. defconfig-generated image verified on DB1200, DB1300 and DB1550. Signed-off-by: Manuel Lauss Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/4335/ Signed-off-by: Ralf Baechle commit 748e787eb6de610c4427594923ef8ca1f5431b74 Author: David Daney Date: Thu Aug 23 10:02:03 2012 -0700 MIPS: Optimize TLB refill for RI/XI configurations. We don't have to do a separate shift to eliminate the software bits, just rotate them into the fill and they will be ignored. Signed-off-by: David Daney Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/4294/ Signed-off-by: Ralf Baechle commit 981ef0de49869c9a60e9b1ff35a734525dd790e0 Author: Ralf Baechle Date: Mon Aug 20 16:39:11 2012 +0200 MIPS: proc: Cleanup printing of ASEs. The number of %s was just getting ridiculous. Signed-off-by: Ralf Baechle commit 475032564ed96c94c085e3e7a90e07d150a7cec9 Author: Ralf Baechle Date: Mon Aug 20 16:25:14 2012 +0200 MIPS: Hardwire detection of DSP ASE Rev 2 for systems, as required. Most supported systems currently hardwire cpu_has_dsp to 0, so we also can disable support for cpu_has_dsp2 resulting in a slightly smaller kernel. Signed-off-by: Ralf Baechle commit ee80f7c73dc1b1f0ba9f82079c9bd1c0d1aedef8 Author: Steven J. Hill Date: Fri Aug 3 10:26:04 2012 -0500 MIPS: Add detection of DSP ASE Revision 2. [ralf@linux-mips.org: This patch really only detects the ASE and passes its existence on to userland via /proc/cpuinfo. The DSP ASE Rev 2. adds new resources but no resources that would need management by the kernel.] Signed-off-by: Steven J. Hill Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/4165/ Signed-off-by: Ralf Baechle commit f59a2d22a05272034e856b7a2dd7a3ab7864a2ae Author: David Daney Date: Thu Aug 16 11:15:22 2012 -0700 MIPS: Optimize pgd_init and pmd_init On a dual issue processor GCC generates code that saves a couple of clock cycles per loop if we rearrange things slightly. Checking for p != end saves a SLTU per loop, moving the increment to the middle can let it dual issue on multi-issue processors. Signed-off-by: David Daney Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/4249/ Signed-off-by: Ralf Baechle commit a7911a8fd16201a28110c99ecb3deed8aebb4fdc Author: Al Cooper Date: Fri Jul 13 16:44:54 2012 -0400 MIPS: perf: Add perf functionality for BMIPS5000 Add hardware performance counter support to kernel "perf" code for BMIPS5000. The BMIPS5000 performance counters are similar to MIPS MTI cores, so the changes were mostly made in perf_event_mipsxx.c which is typically for MTI cores. Signed-off-by: Al Cooper Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/4109/ Signed-off-by: Ralf Baechle commit 399aaa2568ad90e229d73da8e95ae460d322a4f3 Author: Al Cooper Date: Fri Jul 13 16:44:53 2012 -0400 MIPS: perf: Split the Kconfig option CONFIG_MIPS_MT_SMP Split the Kconfig option CONFIG_MIPS_MT_SMP into CONFIG_MIPS_MT_SMP and CONFIG_MIPS_PERF_SHARED_TC_COUNTERS so some of the code used for performance counters that are shared between threads can be used for MIPS cores that are not MT_SMP. Signed-off-by: Al Cooper Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/4108/ Signed-off-by: Ralf Baechle commit ecb8ee8a8987368491bd0dab34353c724654ec55 Author: Al Cooper Date: Fri Jul 13 16:44:52 2012 -0400 MIPS: perf: Remove unnecessary #ifdef The #ifdef for CONFIG_HW_PERF_EVENTS is not needed because the Makefile will only compile the module if this config option is set. This means that the code under #else would never be compiled. This may have been done to leave the original broken code around for reference, but the FIXME comment above the code already shows the broken code. Signed-off-by: Al Cooper Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/4107/ Signed-off-by: Ralf Baechle commit da4b62cd6762ce327f660c6e45c8d5a739197159 Author: Al Cooper Date: Fri Jul 13 16:44:51 2012 -0400 MIPS: perf: Add cpu feature bit for PCI (performance counter interrupt) The PCI (Program Counter Interrupt) bit in the "cause" register is mandatory for MIPS32R2 cores, but has also been added to some R1 cores (BMIPS5000). This change adds a cpu feature bit to make it easier to check for and use this feature. Signed-off-by: Al Cooper Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/4106/ Signed-off-by: Ralf Baechle commit c5600b2dd9fc7318feddf69f127ca793437c714d Author: Al Cooper Date: Fri Jul 13 16:44:50 2012 -0400 MIPS: perf: Change the "mips_perf_event" table unsupported indicator. Change the indicator from 0xffffffff in the "event_id" member to zero in the "cntr_mask" member. This removes the need to initialize entries that are unsupported. This also solves a problem where the number of entries in the table was increased based on a globel enum used for all platforms, but the new unsupported entries were not added for mips. This was leaving new table entries of all zeros that we not marked UNSUPPORTED. Signed-off-by: Al Cooper Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/4110/ Signed-off-by: Ralf Baechle commit 485172b3dff29f888a88d3dba8caec5d589a4049 Author: David Daney Date: Tue Aug 14 11:08:01 2012 -0700 MIPS: Align swapper_pg_dir to 64K for better TLB Refill code. We can save an instruction in the TLB Refill path for kernel mappings by aligning swapper_pg_dir on a 64K boundary. The address of swapper_pg_dir can be generated with a single LUI instead of LUI/{D}ADDUI. The alignment of __init_end is bumped up to 64K so there are no holes between it and swapper_pg_dir, which is placed at the very beginning of .bss. The alignment of invalid_pmd_table and invalid_pte_table can be relaxed to PAGE_SIZE. We do this by using __page_aligned_bss, which has the added benefit of eliminating alignment holes in .bss. Signed-off-by: David Daney Cc: linux-mips@linux-mips.org Cc: linux-arch@vger.kernel.org, Cc: linux-kernel@vger.kernel.org Acked-by: Arnd Bergmann Patchwork: https://patchwork.linux-mips.org/patch/4220/ Signed-off-by: Ralf Baechle commit c87728ca82a1057eb8f84e139bf416ca5488b6fb Author: David Daney Date: Tue Aug 14 11:08:00 2012 -0700 vmlinux.lds.h: Allow architectures to add sections to the front of .bss Follow-on MIPS patch will put an object here that needs 64K alignment to minimize padding. For those architectures that don't define BSS_FIRST_SECTIONS, there is no change. Signed-off-by: David Daney Cc: linux-mips@linux-mips.org Cc: linux-arch@vger.kernel.org, Cc: linux-kernel@vger.kernel.org Acked-by: Arnd Bergmann Patchwork: https://patchwork.linux-mips.org/patch/4221/ Signed-off-by: Ralf Baechle commit b4f2a17ba96a79f1069a2c0f1c648cf6d497f2f3 Author: Joshua Kinard Date: Sun Jun 24 21:01:34 2012 -0400 Improve atomic.h robustness I've maintained this patch, originally from Thiemo Seufer in 2004, for a really long time, but I think it's time for it to get a look at for possible inclusion. I have had no problems with it across various SGI systems over the years. To quote the post here: http://www.linux-mips.org/archives/linux-mips/2004-12/msg00000.html "the atomic functions use so far memory references for the inline assembler to access the semaphore. This can lead to additional instructions in the ll/sc loop, because newer compilers don't expand the memory reference any more but leave it to the assembler. The appended patch uses registers instead, and makes the ll/sc arguments more explicit. In some cases it will lead also to better register scheduling because the register isn't bound to an output any more." Signed-off-by: Joshua Kinard Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/4029/ Signed-off-by: Ralf Baechle commit dbadc17683e6c673a69b236c0f041b931cc55c42 Author: David Howells Date: Thu Oct 4 14:21:23 2012 +0100 X.509: Fix indefinite length element skip error handling asn1_find_indefinite_length() returns an error indicator of -1, which the caller asn1_ber_decoder() places in a size_t (which is usually unsigned) and then checks to see whether it is less than 0 (which it can't be). This can lead to the following warning: lib/asn1_decoder.c:320 asn1_ber_decoder() warn: unsigned 'len' is never less than zero. Instead, asn1_find_indefinite_length() update the caller's idea of the data cursor and length separately from returning the error code. Reported-by: Dan Carpenter Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 2f1c4fef103ef914e266588af263fb42b502b347 Author: David Howells Date: Thu Oct 4 14:21:23 2012 +0100 X.509: Convert some printk calls to pr_devel Some debugging printk() calls should've been converted to pr_devel() calls. Do that now. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit cf75446e69305307225e12f2eb2e856db268195e Author: Randy Dunlap Date: Wed Oct 3 16:04:46 2012 -0700 asymmetric keys: fix printk format warning Fix printk format warning in x509_cert_parser.c: crypto/asymmetric_keys/x509_cert_parser.c: In function 'x509_note_OID': crypto/asymmetric_keys/x509_cert_parser.c:113:3: warning: format '%zu' expects type 'size_t', but argument 2 has type 'long unsigned int' Builds cleanly on i386 and x86_64. Signed-off-by: Randy Dunlap Cc: David Howells Cc: Herbert Xu Cc: linux-crypto@vger.kernel.org Signed-off-by: Rusty Russell commit a5752d11b3853fcdb48b303573dd39b09d05e500 Author: David Howells Date: Tue Oct 2 14:36:16 2012 +0100 MODSIGN: Fix 32-bit overflow in X.509 certificate validity date checking The current choice of lifetime for the autogenerated X.509 of 100 years, putting the validTo date in 2112, causes problems on 32-bit systems where a 32-bit time_t wraps in 2106. 64-bit x86_64 systems seem to be unaffected. This can result in something like: Loading module verification certificates X.509: Cert 6e03943da0f3b015ba6ed7f5e0cac4fe48680994 has expired MODSIGN: Problem loading in-kernel X.509 certificate (-127) Or: X.509: Cert 6e03943da0f3b015ba6ed7f5e0cac4fe48680994 is not yet valid MODSIGN: Problem loading in-kernel X.509 certificate (-129) Instead of turning the dates into time_t values and comparing, turn the system clock and the ASN.1 dates into tm structs and compare those piecemeal instead. Reported-by: Rusty Russell Signed-off-by: David Howells Acked-by: Josh Boyer Signed-off-by: Rusty Russell commit d5b719365ec13ef825f2548ba54903b9d029238c Author: Rusty Russell Date: Tue Oct 2 14:35:24 2012 +0930 MODSIGN: Make mrproper should remove generated files. It doesn't, because the clean targets don't include kernel/Makefile, and because two files were missing from the list. Signed-off-by: Rusty Russell commit e7d113bcf243a838ba1c32025172ab214349dfad Author: David Howells Date: Fri Sep 28 11:16:57 2012 +0100 MODSIGN: Use utf8 strings in signer's name in autogenerated X.509 certs Place an indication that the certificate should use utf8 strings into the x509.genkey template generated by kernel/Makefile. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 5e8cb1e441dd74723898cd28fe64af5651023af0 Author: David Howells Date: Fri Sep 28 11:16:57 2012 +0100 MODSIGN: Use the same digest for the autogen key sig as for the module sig Use the same digest type for the autogenerated key signature as for the module signature so that the hash algorithm is guaranteed to be present in the kernel. Without this, the X.509 certificate loader may reject the X.509 certificate so generated because it was self-signed and the signature will be checked against itself - but this won't work if the digest algorithm must be loaded as a module. The symptom is that the key fails to load with the following message emitted into the kernel log: MODSIGN: Problem loading in-kernel X.509 certificate (-65) the error in brackets being -ENOPKG. What you should see is something like: MODSIGN: Loaded cert 'Magarathea: Glacier signing key: 9588321144239a119d3406d4c4cf1fbae1836fa0' Note that this doesn't apply to certificates that are not self-signed as we don't check those currently as they require the parent CA certificate to be available. Reported-by: Rusty Russell Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 80d65e58e93ffdabf58202653a0435bd3cf2d82e Author: David Howells Date: Wed Sep 26 10:11:06 2012 +0100 MODSIGN: Sign modules during the build process If CONFIG_MODULE_SIG is set, then this patch will cause all modules files to to have signatures added. The following steps will occur: (1) The module will be linked to foo.ko.unsigned instead of foo.ko (2) The module will be stripped using both "strip -x -g" and "eu-strip" to ensure minimal size for inclusion in an initramfs. (3) The signature will be generated on the stripped module. (4) The signature will be appended to the module, along with some information about the signature and a magic string that indicates the presence of the signature. Step (3) requires private and public keys to be available. By default these are expected to be found in files: signing_key.priv signing_key.x509 in the base directory of the build. The first is the private key in PEM form and the second is the X.509 certificate in DER form as can be generated from openssl: openssl req \ -new -x509 -outform PEM -out signing_key.x509 \ -keyout signing_key.priv -nodes \ -subj "/CN=H2G2/O=Magrathea/CN=Slartibartfast" If the secret key is not found then signing will be skipped and the unsigned module from (1) will just be copied to foo.ko. If signing occurs, lines like the following will be seen: LD [M] fs/foo/foo.ko.unsigned STRIP [M] fs/foo/foo.ko.stripped SIGN [M] fs/foo/foo.ko will appear in the build log. If the signature step will be skipped and the following will be seen: LD [M] fs/foo/foo.ko.unsigned STRIP [M] fs/foo/foo.ko.stripped NO SIGN [M] fs/foo/foo.ko NOTE! After the signature step, the signed module _must_not_ be passed through strip. The unstripped, unsigned module is still available at the name on the LD [M] line. This restriction may affect packaging tools (such as rpmbuild) and initramfs composition tools. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 85ecac79457e30b19802bbfaeba1856ad00945b0 Author: David Howells Date: Wed Sep 26 10:11:06 2012 +0100 MODSIGN: Provide a script for generating a key ID from an X.509 cert Provide a script to parse an X.509 certificate and certain pieces of information from it in order to generate a key identifier to be included within a module signature. The script takes the Subject Name and extracts (if present) the organizationName (O), the commonName (CN) and the emailAddress and fabricates the signer's name from them: (1) If both O and CN exist, then the name will be "O: CN", unless: (a) CN is prefixed by O, in which case only CN is used. (b) CN and O share at least the first 7 characters, in which case only CN is used. (2) Otherwise, CN is used if present. (3) Otherwise, O is used if present. (4) Otherwise the emailAddress is used, if present. (5) Otherwise a blank name is used. The script emits a binary encoded identifier in the following form: - 2 BE bytes indicating the length of the signer's name. - 2 BE bytes indicating the length of the subject key identifier. - The characters of the signer's name. - The bytes of the subject key identifier. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 48ba2462ace6072741fd8d0058207d630ce93bf1 Author: David Howells Date: Wed Sep 26 10:11:03 2012 +0100 MODSIGN: Implement module signature checking Check the signature on the module against the keys compiled into the kernel or available in a hardware key store. Currently, only RSA keys are supported - though that's easy enough to change, and the signature is expected to contain raw components (so not a PGP or PKCS#7 formatted blob). The signature blob is expected to consist of the following pieces in order: (1) The binary identifier for the key. This is expected to match the SubjectKeyIdentifier from an X.509 certificate. Only X.509 type identifiers are currently supported. (2) The signature data, consisting of a series of MPIs in which each is in the format of a 2-byte BE word sizes followed by the content data. (3) A 12 byte information block of the form: struct module_signature { enum pkey_algo algo : 8; enum pkey_hash_algo hash : 8; enum pkey_id_type id_type : 8; u8 __pad; __be32 id_length; __be32 sig_length; }; The three enums are defined in crypto/public_key.h. 'algo' contains the public-key algorithm identifier (0->DSA, 1->RSA). 'hash' contains the digest algorithm identifier (0->MD4, 1->MD5, 2->SHA1, etc.). 'id_type' contains the public-key identifier type (0->PGP, 1->X.509). '__pad' should be 0. 'id_length' should contain in the binary identifier length in BE form. 'sig_length' should contain in the signature data length in BE form. The lengths are in BE order rather than CPU order to make dealing with cross-compilation easier. Signed-off-by: David Howells Signed-off-by: Rusty Russell (minor Kconfig fix) commit 631cc66eb9eaa7296e303197ff1eb0f55e32b61d Author: David Howells Date: Wed Sep 26 10:09:51 2012 +0100 MODSIGN: Provide module signing public keys to the kernel Include a PGP keyring containing the public keys required to perform module verification in the kernel image during build and create a special keyring during boot which is then populated with keys of crypto type holding the public keys found in the PGP keyring. These can be seen by root: [root@andromeda ~]# cat /proc/keys 07ad4ee0 I----- 1 perm 3f010000 0 0 crypto modsign.0: RSA 87b9b3bd [] 15c7f8c3 I----- 1 perm 1f030000 0 0 keyring .module_sign: 1/4 ... It is probably worth permitting root to invalidate these keys, resulting in their removal and preventing further modules from being loaded with that key. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit d441108c6f77541bb66fcd5b3389415b4c232008 Author: David Howells Date: Wed Sep 26 10:09:51 2012 +0100 MODSIGN: Automatically generate module signing keys if missing Automatically generate keys for module signing if they're absent so that allyesconfig doesn't break. The builder should consider generating their own key and certificate, however, so that the keys are appropriately named. The private key for the module signer should be placed in signing_key.priv (unencrypted!) and the public key in an X.509 certificate as signing_key.x509. If a transient key is desired for signing the modules, a config file for 'openssl req' can be placed in x509.genkey, looking something like the following: [ req ] default_bits = 4096 distinguished_name = req_distinguished_name prompt = no x509_extensions = myexts [ req_distinguished_name ] O = Magarathea CN = Glacier signing key emailAddress = slartibartfast@magrathea.h2g2 [ myexts ] basicConstraints=critical,CA:FALSE keyUsage=digitalSignature subjectKeyIdentifier=hash authorityKeyIdentifier=hash The build process will use this to configure: openssl req -new -nodes -utf8 -sha1 -days 36500 -batch \ -x509 -config x509.genkey \ -outform DER -out signing_key.x509 \ -keyout signing_key.priv to generate the key. Note that it is required that the X.509 certificate have a subjectKeyIdentifier and an authorityKeyIdentifier. Without those, the certificate will be rejected. These can be used to check the validity of a certificate. Note that 'make distclean' will remove signing_key.{priv,x509} and x509.genkey, whether or not they were generated automatically. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit ea0b6dcf71d216dc11733ac19b26df0f5d0fd6c2 Author: David Howells Date: Wed Sep 26 10:09:50 2012 +0100 MODSIGN: Provide Kconfig options Provide kernel configuration options for module signing. The following configuration options are added: CONFIG_MODULE_SIG_SHA1 CONFIG_MODULE_SIG_SHA224 CONFIG_MODULE_SIG_SHA256 CONFIG_MODULE_SIG_SHA384 CONFIG_MODULE_SIG_SHA512 These select the cryptographic hash used to digest the data prior to signing. Additionally, the crypto module selected will be built into the kernel as it won't be possible to load it as a module without incurring a circular dependency when the kernel tries to check its signature. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit addbcdbbf549c9127c2bbb39caaa08bb47b996f4 Author: David Howells Date: Wed Sep 26 10:09:50 2012 +0100 MODSIGN: Provide gitignore and make clean rules for extra files Provide gitignore and make clean rules for extra files to hide and clean up the extra files produced by module signing stuff once it is added. Also add a clean up rule for the module content extractor program used to extract the data to be signed. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 1d0059f3a468825b5fc5405c636a2f6e02707ffa Author: David Howells Date: Wed Sep 26 10:09:50 2012 +0100 MODSIGN: Add FIPS policy If we're in FIPS mode, we should panic if we fail to verify the signature on a module or we're asked to load an unsigned module in signature enforcing mode. Possibly FIPS mode should automatically enable enforcing mode. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 106a4ee258d14818467829bf0e12aeae14c16cd7 Author: Rusty Russell Date: Wed Sep 26 10:09:40 2012 +0100 module: signature checking hook We do a very simple search for a particular string appended to the module (which is cache-hot and about to be SHA'd anyway). There's both a config option and a boot parameter which control whether we accept or fail with unsigned modules and modules that are signed with an unknown key. If module signing is enabled, the kernel will be tainted if a module is loaded that is unsigned or has a signature for which we don't have the key. (Useful feedback and tweaks by David Howells ) Signed-off-by: Rusty Russell Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 61730c538f8281efa7ac12596da9f3f9a31b9272 Author: David Howells Date: Tue Oct 9 09:47:14 2012 +0100 UAPI: (Scripted) Disintegrate arch/mips/include/asm Signed-off-by: David Howells Acked-by: Arnd Bergmann Acked-by: Thomas Gleixner Acked-by: Michael Kerrisk Acked-by: Paul E. McKenney Acked-by: Dave Jones commit c26fd69fa00916a31a47f5f096fd7be924106df8 Author: David Howells Date: Mon Sep 24 17:11:48 2012 +0100 X.509: Add a crypto key parser for binary (DER) X.509 certificates Add a crypto key parser for binary (DER) encoded X.509 certificates. The certificate is parsed and, if possible, the signature is verified. An X.509 key can be added like this: # keyctl padd crypto bar @s Signed-off-by: Rusty Russell commit e1045992949160b56309b730b8bdc428f2f8b69e Author: David Howells Date: Mon Sep 24 17:11:27 2012 +0100 MPILIB: Provide a function to read raw data into an MPI Provide a function to read raw data of a predetermined size into an MPI rather than expecting the size to be encoded within the data. The data is assumed to represent an unsigned integer, and the resulting MPI will be positive. The function looks like this: MPI mpi_read_raw_data(const void *, size_t); This is useful for reading ASN.1 integer primitives where the length is encoded in the ASN.1 metadata. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 42d5ec27f873c654a68f7f865dcd7737513e9508 Author: David Howells Date: Mon Sep 24 17:11:16 2012 +0100 X.509: Add an ASN.1 decoder Add an ASN.1 BER/DER/CER decoder. This uses the bytecode from the ASN.1 compiler in the previous patch to inform it as to what to expect to find in the encoded byte stream. The output from the compiler also tells it what functions to call on what tags, thus allowing the caller to retrieve information. The decoder is called as follows: int asn1_decoder(const struct asn1_decoder *decoder, void *context, const unsigned char *data, size_t datalen); The decoder argument points to the bytecode from the ASN.1 compiler. context is the caller's context and is passed to the action functions. data and datalen define the byte stream to be decoded. Note that the decoder is currently limited to datalen being less than 64K. This reduces the amount of stack space used by the decoder because ASN.1 is a nested construct. Similarly, the decoder is limited to a maximum of 10 levels of constructed data outside of a leaf node also in an effort to keep stack usage down. These restrictions can be raised if necessary. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 4520c6a49af833c83de6c74525ce8e07bbe6d783 Author: David Howells Date: Fri Sep 21 23:31:13 2012 +0100 X.509: Add simple ASN.1 grammar compiler Add a simple ASN.1 grammar compiler. This produces a bytecode output that can be fed to a decoder to inform the decoder how to interpret the ASN.1 stream it is trying to parse. Action functions can be specified in the grammar by interpolating: ({ foo }) after a type, for example: SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT STRING ({ do_key_data }) } The decoder is expected to call these after matching this type and parsing the contents if it is a constructed type. The grammar compiler does not currently support the SET type (though it does support SET OF) as I can't see a good way of tracking which members have been encountered yet without using up extra stack space. Currently, the grammar compiler will fail if more than 256 bytes of bytecode would be produced or more than 256 actions have been specified as it uses 8-bit jump values and action indices to keep space usage down. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 4f73175d0375a7c1b3ae625e76acee8b39741f28 Author: David Howells Date: Fri Sep 21 23:30:51 2012 +0100 X.509: Add utility functions to render OIDs as strings Add a pair of utility functions to render OIDs as strings. The first takes an encoded OID and turns it into a "a.b.c.d" form string: int sprint_oid(const void *data, size_t datasize, char *buffer, size_t bufsize); The second takes an OID enum index and calls the first on the data held therein: int sprint_OID(enum OID oid, char *buffer, size_t bufsize); Signed-off-by: David Howells Signed-off-by: Rusty Russell commit a77ad6ea0b0bb1f9d1f52ed494bd72a5fdde208e Author: David Howells Date: Fri Sep 21 23:30:46 2012 +0100 X.509: Implement simple static OID registry Implement a simple static OID registry that allows the mapping of an encoded OID to an enum value for ease of use. The OID registry index enum appears in the: linux/oid_registry.h header file. A script generates the registry from lines in the header file that look like: OID_foo,/*1.2.3.4*/ The actual OID is taken to be represented by the numbers with interpolated dots in the comment. All other lines in the header are ignored. The registry is queries by calling: OID look_up_oid(const void *data, size_t datasize); This returns a number from the registry enum representing the OID if found or OID__NR if not. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 0b1568a4536ff287a87908d7fc35c05bd7736a53 Author: David Howells Date: Fri Sep 21 23:28:05 2012 +0100 RSA: Fix signature verification for shorter signatures gpg can produce a signature file where length of signature is less than the modulus size because the amount of space an MPI takes up is kept as low as possible by discarding leading zeros. This regularly happens for several modules during the build. Fix it by relaxing check in RSA verification code. Thanks to Tomas Mraz and Miloslav Trmac for help. Signed-off-by: Milan Broz Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 612e0fe99965a4028359cd1da5af56b7f6caf7f6 Author: David Howells Date: Fri Sep 21 23:25:40 2012 +0100 RSA: Implement signature verification algorithm [PKCS#1 / RFC3447] Implement RSA public key cryptography [PKCS#1 / RFC3447]. At this time, only the signature verification algorithm is supported. This uses the asymmetric public key subtype to hold its key data. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 12f008b6dc5ff1c822fdb2198d20e3dbdc92f3f5 Author: David Howells Date: Fri Sep 21 23:25:22 2012 +0100 MPILIB: Reinstate mpi_cmp[_ui]() and export for RSA signature verification Reinstate and export mpi_cmp() and mpi_cmp_ui() from the MPI library for use by RSA signature verification as per RFC3447 section 5.2.2 step 1. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 4ae71c1dce1e3d2270a0755988033e236b8e45d6 Author: David Howells Date: Fri Sep 21 23:25:04 2012 +0100 KEYS: Provide signature verification with an asymmetric key Provide signature verification using an asymmetric-type key to indicate the public key to be used. The API is a single function that can be found in crypto/public_key.h: int verify_signature(const struct key *key, const struct public_key_signature *sig) The first argument is the appropriate key to be used and the second argument is the parsed signature data: struct public_key_signature { u8 *digest; u16 digest_size; enum pkey_hash_algo pkey_hash_algo : 8; union { MPI mpi[2]; struct { MPI s; /* m^d mod n */ } rsa; struct { MPI r; MPI s; } dsa; }; }; This should be filled in prior to calling the function. The hash algorithm should already have been called and the hash finalised and the output should be in a buffer pointed to by the 'digest' member. Any extra data to be added to the hash by the hash format (eg. PGP) should have been added by the caller prior to finalising the hash. It is assumed that the signature is made up of a number of MPI values. If an algorithm becomes available for which this is not the case, the above structure will have to change. It is also assumed that it will have been checked that the signature algorithm matches the key algorithm. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit a9681bf3dd7ccd2b32eba27d327ab76607429f7a Author: David Howells Date: Fri Sep 21 23:24:55 2012 +0100 KEYS: Asymmetric public-key algorithm crypto key subtype Add a subtype for supporting asymmetric public-key encryption algorithms such as DSA (FIPS-186) and RSA (PKCS#1 / RFC1337). Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 46c6f1776e2f53eebb1fc361946877bab7533227 Author: David Howells Date: Thu Sep 13 15:17:32 2012 +0100 KEYS: Asymmetric key pluggable data parsers The instantiation data passed to the asymmetric key type are expected to be formatted in some way, and there are several possible standard ways to format the data. The two obvious standards are OpenPGP keys and X.509 certificates. The latter is especially useful when dealing with UEFI, and the former might be useful when dealing with, say, eCryptfs. Further, it might be desirable to provide formatted blobs that indicate hardware is to be accessed to retrieve the keys or that the keys live unretrievably in a hardware store, but that the keys can be used by means of the hardware. From userspace, the keys can be loaded using the keyctl command, for example, an X.509 binary certificate: keyctl padd asymmetric foo @s Signed-off-by: Rusty Russell commit 964f3b3bf49eb84b5831121446a28b76de3fb23a Author: David Howells Date: Thu Sep 13 15:17:21 2012 +0100 KEYS: Implement asymmetric key type Create a key type that can be used to represent an asymmetric key type for use in appropriate cryptographic operations, such as encryption, decryption, signature generation and signature verification. The key type is "asymmetric" and can provide access to a variety of cryptographic algorithms. Possibly, this would be better as "public_key" - but that has the disadvantage that "public key" is an overloaded term. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 9a83b46578df149160b1da057656d2f0cfcbb5b6 Author: David Howells Date: Thu Sep 13 15:17:21 2012 +0100 KEYS: Document asymmetric key type In-source documentation for the asymmetric key type. This will be located in: Documentation/crypto/asymmetric-keys.txt Signed-off-by: David Howells Signed-off-by: Rusty Russell commit aacf29bf1bf133f6219e6f8969d4ebc2ac76458f Author: David Howells Date: Thu Sep 13 13:09:33 2012 +0100 MPILIB: Provide count_leading/trailing_zeros() based on arch functions Provide count_leading/trailing_zeros() macros based on extant arch bit scanning functions rather than reimplementing from scratch in MPILIB. Whilst we're at it, turn count_foo_zeros(n, x) into n = count_foo_zeros(x). Also move the definition to asm-generic as other people may be interested in using it. Signed-off-by: David Howells Cc: David S. Miller Cc: Dmitry Kasatkin Cc: Arnd Bergmann Signed-off-by: Rusty Russell commit cf7f601c067994f371ba77721d1e45fce61a4569 Author: David Howells Date: Thu Sep 13 13:06:29 2012 +0100 KEYS: Add payload preparsing opportunity prior to key instantiate or update Give the key type the opportunity to preparse the payload prior to the instantiation and update routines being called. This is done with the provision of two new key type operations: int (*preparse)(struct key_preparsed_payload *prep); void (*free_preparse)(struct key_preparsed_payload *prep); If the first operation is present, then it is called before key creation (in the add/update case) or before the key semaphore is taken (in the update and instantiate cases). The second operation is called to clean up if the first was called. preparse() is given the opportunity to fill in the following structure: struct key_preparsed_payload { char *description; void *type_data[2]; void *payload; const void *data; size_t datalen; size_t quotalen; }; Before the preparser is called, the first three fields will have been cleared, the payload pointer and size will be stored in data and datalen and the default quota size from the key_type struct will be stored into quotalen. The preparser may parse the payload in any way it likes and may store data in the type_data[] and payload fields for use by the instantiate() and update() ops. The preparser may also propose a description for the key by attaching it as a string to the description field. This can be used by passing a NULL or "" description to the add_key() system call or the key_create_or_update() function. This cannot work with request_key() as that required the description to tell the upcall about the key to be created. This, for example permits keys that store PGP public keys to generate their own name from the user ID and public key fingerprint in the key. The instantiate() and update() operations are then modified to look like this: int (*instantiate)(struct key *key, struct key_preparsed_payload *prep); int (*update)(struct key *key, struct key_preparsed_payload *prep); and the new payload data is passed in *prep, whether or not it was preparsed. Signed-off-by: David Howells Signed-off-by: Rusty Russell commit 9bb9c3be56834653878f766f471fa1c20e562f4c Author: Rusty Russell Date: Fri Sep 28 14:31:03 2012 +0930 module: wait when loading a module which is currently initializing. The original module-init-tools module loader used a fnctl lock on the .ko file to avoid attempts to simultaneously load a module. Unfortunately, you can't get an exclusive fcntl lock on a read-only fd, making this not work for read-only mounted filesystems. module-init-tools has a hacky sleep-and-loop for this now. It's not that hard to wait in the kernel, and only return -EEXIST once the first module has finished loading (or continue loading the module if the first one failed to initialize for some reason). It's also consistent with what we do for dependent modules which are still loading. Suggested-by: Lucas De Marchi Signed-off-by: Rusty Russell commit 6f13909f4fe9652f189b462c6c98767309000321 Author: Rusty Russell Date: Fri Sep 28 14:31:03 2012 +0930 module: fix symbol waiting when module fails before init We use resolve_symbol_wait(), which blocks if the module containing the symbol is still loading. However: 1) The module_wq we use is only woken after calling the modules' init function, but there are other failure paths after the module is placed in the linked list where we need to do the same thing. 2) wake_up() only wakes one waiter, and our waitqueue is shared by all modules, so we need to wake them all. 3) wake_up_all() doesn't imply a memory barrier: I feel happier calling it after we've grabbed and dropped the module_mutex, not just after the state assignment. Signed-off-by: Rusty Russell commit 786d35d45cc40b2a51a18f73e14e135d47fdced7 Author: David Howells Date: Fri Sep 28 14:31:03 2012 +0930 Make most arch asm/module.h files use asm-generic/module.h Use the mapping of Elf_[SPE]hdr, Elf_Addr, Elf_Sym, Elf_Dyn, Elf_Rel/Rela, ELF_R_TYPE() and ELF_R_SYM() to either the 32-bit version or the 64-bit version into asm-generic/module.h for all arches bar MIPS. Also, use the generic definition mod_arch_specific where possible. To this end, I've defined three new config bools: (*) HAVE_MOD_ARCH_SPECIFIC Arches define this if they don't want to use the empty generic mod_arch_specific struct. (*) MODULES_USE_ELF_RELA Arches define this if their modules can contain RELA records. This causes the Elf_Rela mapping to be emitted and allows apply_relocate_add() to be defined by the arch rather than have the core emit an error message. (*) MODULES_USE_ELF_REL Arches define this if their modules can contain REL records. This causes the Elf_Rel mapping to be emitted and allows apply_relocate() to be defined by the arch rather than have the core emit an error message. Note that it is possible to allow both REL and RELA records: m68k and mips are two arches that do this. With this, some arch asm/module.h files can be deleted entirely and replaced with a generic-y marker in the arch Kbuild file. Additionally, I have removed the bits from m32r and score that handle the unsupported type of relocation record as that's now handled centrally. Signed-off-by: David Howells Acked-by: Sam Ravnborg Signed-off-by: Rusty Russell commit 6ede81239e31cfacbb1e2d260530cd80d13cf0db Author: Ralf Baechle Date: Tue Aug 14 17:13:45 2012 +0200 MIPS: Fix module.c build for 32 bit Fixes build failure introduced by "Make most arch asm/module.h files use asm-generic/module.h" by moving all the RELA processing code to a separate file to be used only for RELA processing on 64-bit kernels. CC arch/mips/kernel/module.o arch/mips/kernel/module.c:250:14: error: 'reloc_handlers_rela' defined but not used [-Werror=unused-variable] cc1: all warnings being treated as errors make[6]: *** [arch/mips/kernel/module.o] Error 1 Signed-off-by: Ralf Baechle Signed-off-by: Rusty Russell commit c99af3752bb52ba3aece5315279a57a477edfaf1 Author: Matthew Garrett Date: Fri Jun 22 13:49:31 2012 -0400 module: taint kernel when lve module is loaded Cloudlinux have a product called lve that includes a kernel module. This was previously GPLed but is now under a proprietary license, but the module continues to declare MODULE_LICENSE("GPL") and makes use of some EXPORT_SYMBOL_GPL symbols. Forcibly taint it in order to avoid this. Signed-off-by: Matthew Garrett Cc: Alex Lyashkov Signed-off-by: Rusty Russell Cc: stable@kernel.org