1. 30 10月, 2012 13 次提交
  2. 11 9月, 2012 1 次提交
  3. 04 5月, 2012 1 次提交
  4. 01 5月, 2012 1 次提交
    • M
      efi: Validate UEFI boot variables · fec6c20b
      Matthew Garrett 提交于
      A common flaw in UEFI systems is a refusal to POST triggered by a malformed
      boot variable. Once in this state, machines may only be restored by
      reflashing their firmware with an external hardware device. While this is
      obviously a firmware bug, the serious nature of the outcome suggests that
      operating systems should filter their variable writes in order to prevent
      a malicious user from rendering the machine unusable.
      Signed-off-by: NMatthew Garrett <mjg@redhat.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      fec6c20b
  5. 29 11月, 2011 1 次提交
  6. 18 11月, 2011 2 次提交
    • K
      pstore: pass reason to backend write callback · 3d6d8d20
      Kees Cook 提交于
      This allows a backend to filter on the dmesg reason as well as the pstore
      reason. When ramoops is switched to pstore, this is needed since it has
      no interest in storing non-crash dmesg details.
      
      Drop pstore_write() as it has no users, and handling the "reason" here
      has no obviously correct value.
      Signed-off-by: NKees Cook <keescook@chromium.org>
      Signed-off-by: NTony Luck <tony.luck@intel.com>
      3d6d8d20
    • K
      pstore: pass allocated memory region back to caller · f6f82851
      Kees Cook 提交于
      The buf_lock cannot be held while populating the inodes, so make the backend
      pass forward an allocated and filled buffer instead. This solves the following
      backtrace. The effect is that "buf" is only ever used to notify the backends
      that something was written to it, and shouldn't be used in the read path.
      
      To replace the buf_lock during the read path, isolate the open/read/close
      loop with a separate mutex to maintain serialized access to the backend.
      
      Note that is is up to the pstore backend to cope if the (*write)() path is
      called in the middle of the read path.
      
      [   59.691019] BUG: sleeping function called from invalid context at .../mm/slub.c:847
      [   59.691019] in_atomic(): 0, irqs_disabled(): 1, pid: 1819, name: mount
      [   59.691019] Pid: 1819, comm: mount Not tainted 3.0.8 #1
      [   59.691019] Call Trace:
      [   59.691019]  [<810252d5>] __might_sleep+0xc3/0xca
      [   59.691019]  [<810a26e6>] kmem_cache_alloc+0x32/0xf3
      [   59.691019]  [<810b53ac>] ? __d_lookup_rcu+0x6f/0xf4
      [   59.691019]  [<810b68b1>] alloc_inode+0x2a/0x64
      [   59.691019]  [<810b6903>] new_inode+0x18/0x43
      [   59.691019]  [<81142447>] pstore_get_inode.isra.1+0x11/0x98
      [   59.691019]  [<81142623>] pstore_mkfile+0xae/0x26f
      [   59.691019]  [<810a2a66>] ? kmem_cache_free+0x19/0xb1
      [   59.691019]  [<8116c821>] ? ida_get_new_above+0x140/0x158
      [   59.691019]  [<811708ea>] ? __init_rwsem+0x1e/0x2c
      [   59.691019]  [<810b67e8>] ? inode_init_always+0x111/0x1b0
      [   59.691019]  [<8102127e>] ? should_resched+0xd/0x27
      [   59.691019]  [<8137977f>] ? _cond_resched+0xd/0x21
      [   59.691019]  [<81142abf>] pstore_get_records+0x52/0xa7
      [   59.691019]  [<8114254b>] pstore_fill_super+0x7d/0x91
      [   59.691019]  [<810a7ff5>] mount_single+0x46/0x82
      [   59.691019]  [<8114231a>] pstore_mount+0x15/0x17
      [   59.691019]  [<811424ce>] ? pstore_get_inode.isra.1+0x98/0x98
      [   59.691019]  [<810a8199>] mount_fs+0x5a/0x12d
      [   59.691019]  [<810b9174>] ? alloc_vfsmnt+0xa4/0x14a
      [   59.691019]  [<810b9474>] vfs_kern_mount+0x4f/0x7d
      [   59.691019]  [<810b9d7e>] do_kern_mount+0x34/0xb2
      [   59.691019]  [<810bb15f>] do_mount+0x5fc/0x64a
      [   59.691019]  [<810912fb>] ? strndup_user+0x2e/0x3f
      [   59.691019]  [<810bb3cb>] sys_mount+0x66/0x99
      [   59.691019]  [<8137b537>] sysenter_do_call+0x12/0x26
      Signed-off-by: NKees Cook <keescook@chromium.org>
      Signed-off-by: NTony Luck <tony.luck@intel.com>
      f6f82851
  7. 13 10月, 2011 1 次提交
  8. 17 8月, 2011 1 次提交
    • D
      pstore: change mutex locking to spin_locks · abd4d558
      Don Zickus 提交于
      pstore was using mutex locking to protect read/write access to the
      backend plug-ins.  This causes problems when pstore is executed in
      an NMI context through panic() -> kmsg_dump().
      
      This patch changes the mutex to a spin_lock_irqsave then also checks to
      see if we are in an NMI context.  If we are in an NMI and can't get the
      lock, just print a message stating that and blow by the locking.
      
      All this is probably a hack around the bigger locking problem but it
      solves my current situation of trying to sleep in an NMI context.
      
      Tested by loading the lkdtm module and executing a HARDLOCKUP which
      will cause the machine to panic inside the nmi handler.
      Signed-off-by: NDon Zickus <dzickus@redhat.com>
      Acked-by: NMatthew Garrett <mjg@redhat.com>
      Signed-off-by: NTony Luck <tony.luck@intel.com>
      abd4d558
  9. 03 8月, 2011 1 次提交
  10. 23 7月, 2011 5 次提交
  11. 10 5月, 2011 1 次提交
  12. 07 5月, 2011 1 次提交
    • R
      efivars: prevent oops on unload when efi is not enabled · aabb6e15
      Randy Dunlap 提交于
      efivars_exit() should check for efi_enabled and not undo
      allocations when efi is not enabled.  Otherwise there is an Oops
      during module unload:
      
      calling  efivars_init+0x0/0x1000 [efivars] @ 2810
      EFI Variables Facility v0.08 2004-May-17
      initcall efivars_init+0x0/0x1000 [efivars] returned 0 after 5120 usecs
      Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
      last sysfs file: /sys/module/firmware_class/initstate
      CPU 1
      Modules linked in: efivars(-) af_packet tun nfsd lockd nfs_acl auth_rpcgss sunrpc ipt_REJECT nf_conntrack_ipv4 nf_defrag_ipv4 iptable_filter ip_tables ip6t_REJECT xt_tcpudp nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack ip6table_filter ip6_tables x_tables ipv6 cpufreq_ondemand acpi_cpufreq freq_table mperf binfmt_misc dm_mirror dm_region_hash dm_log dm_multipath scsi_dh dm_mod snd_hda_codec_analog snd_hda_intel snd_hda_codec snd_hwdep mousedev snd_seq joydev snd_seq_device mac_hid evdev snd_pcm usbkbd usbmouse usbhid snd_timer hid tg3 snd sr_mod pcspkr rtc_cmos soundcore cdrom iTCO_wdt processor sg dcdbas i2c_i801 rtc_core iTCO_vendor_support intel_agp snd_page_alloc thermal_sys rtc_lib intel_gtt 8250_pnp button hwmon unix ide_pci_generic ide_core ata_generic pata_acpi ata_piix sd_mod crc_t10dif ext3 jbd mbcache uhci_hcd ohci_hcd ssb mmc_core pcmcia pcmcia_core firmware_class ehci_hcd usbcore [last unloaded: dell_rbu]
      
      Pid: 2812, comm: rmmod Not tainted 2.6.39-rc6 #1 Dell Inc.                 OptiPlex 745                 /0TY565
      RIP: 0010:[<ffffffffa06a17f6>]  [<ffffffffa06a17f6>] unregister_efivars+0x28/0x12c [efivars]
      RSP: 0018:ffff88005eedde98  EFLAGS: 00010283
      RAX: ffffffffa06a23fc RBX: ffffffffa06a44c0 RCX: ffff88007c227a50
      RDX: 0000000000000000 RSI: 00000055ac13db78 RDI: ffffffffa06a44c0
      RBP: ffff88005eeddec8 R08: 0000000000000000 R09: ffff88005eeddd78
      R10: ffffffffa06a4220 R11: ffff88005eeddd78 R12: fffffffffffff7d0
      R13: 00007fff5a3aaec0 R14: 0000000000000000 R15: ffffffffa06a4508
      FS:  00007fa8dcc4a6f0(0000) GS:ffff88007c200000(0000) knlGS:0000000000000000
      CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
      CR2: 0000000000000000 CR3: 000000005d148000 CR4: 00000000000006e0
      DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
      Process rmmod (pid: 2812, threadinfo ffff88005eedc000, task ffff88006754b000)
      Stack:
       ffff88005eeddec8 ffffffffa06a4220 0000000000000000 00007fff5a3aaec0
       0000000000000000 0000000000000001 ffff88005eedded8 ffffffffa06a2418
       ffff88005eeddf78 ffffffff810d3598 ffffffffa06a4220 0000000000000880
      Call Trace:
       [<ffffffffa06a2418>] efivars_exit+0x1c/0xc04 [efivars]
       [<ffffffff810d3598>] sys_delete_module+0x2d6/0x368
       [<ffffffff812d1db9>] ? lockdep_sys_exit_thunk+0x35/0x67
       [<ffffffff810fcba1>] ? audit_syscall_entry+0x172/0x1a5
       [<ffffffff81575082>] system_call_fastpath+0x16/0x1b
      Code: 5c c9 c3 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 08 0f 1f 44 00 00 4c 8b 67 48 48 89 fb 4c 8d 7f 48 49 81 ec 30 08 00 00 <4d> 8b ac 24 30 08 00 00 49 81 ed 30 08 00 00 eb 59 48 89 df 48
      RIP  [<ffffffffa06a17f6>] unregister_efivars+0x28/0x12c [efivars]
       RSP <ffff88005eedde98>
      CR2: 0000000000000000
       ---[ end trace aa99b99090f70baa ]---
      
      Matt apparently removed such a check in 2004 (with no reason given):
       *  17 May 2004 - Matt Domsch <Matt_Domsch@dell.com>
       *   remove check for efi_enabled in exit
      but there have been several changes since then.
      Signed-off-by: NRandy Dunlap <randy.dunlap@oracle.com>
      Signed-off-by: NMike Waychison <mikew@google.com>
      Tested-by: NRandy Dunlap <randy.dunlap@oracle.com>
      Cc: Matt Domsch <Matt_Domsch@dell.com>
      Cc: <matthew.e.tolentino@intel.com>
      Signed-off-by: NGreg Kroah-Hartman <gregkh@suse.de>
      aabb6e15
  13. 20 4月, 2011 2 次提交
  14. 14 3月, 2011 6 次提交
  15. 22 5月, 2010 1 次提交
  16. 30 3月, 2010 1 次提交
    • T
      include cleanup: Update gfp.h and slab.h includes to prepare for breaking... · 5a0e3ad6
      Tejun Heo 提交于
      include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
      
      percpu.h is included by sched.h and module.h and thus ends up being
      included when building most .c files.  percpu.h includes slab.h which
      in turn includes gfp.h making everything defined by the two files
      universally available and complicating inclusion dependencies.
      
      percpu.h -> slab.h dependency is about to be removed.  Prepare for
      this change by updating users of gfp and slab facilities include those
      headers directly instead of assuming availability.  As this conversion
      needs to touch large number of source files, the following script is
      used as the basis of conversion.
      
        http://userweb.kernel.org/~tj/misc/slabh-sweep.py
      
      The script does the followings.
      
      * Scan files for gfp and slab usages and update includes such that
        only the necessary includes are there.  ie. if only gfp is used,
        gfp.h, if slab is used, slab.h.
      
      * When the script inserts a new include, it looks at the include
        blocks and try to put the new include such that its order conforms
        to its surrounding.  It's put in the include block which contains
        core kernel includes, in the same order that the rest are ordered -
        alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
        doesn't seem to be any matching order.
      
      * If the script can't find a place to put a new include (mostly
        because the file doesn't have fitting include block), it prints out
        an error message indicating which .h file needs to be added to the
        file.
      
      The conversion was done in the following steps.
      
      1. The initial automatic conversion of all .c files updated slightly
         over 4000 files, deleting around 700 includes and adding ~480 gfp.h
         and ~3000 slab.h inclusions.  The script emitted errors for ~400
         files.
      
      2. Each error was manually checked.  Some didn't need the inclusion,
         some needed manual addition while adding it to implementation .h or
         embedding .c file was more appropriate for others.  This step added
         inclusions to around 150 files.
      
      3. The script was run again and the output was compared to the edits
         from #2 to make sure no file was left behind.
      
      4. Several build tests were done and a couple of problems were fixed.
         e.g. lib/decompress_*.c used malloc/free() wrappers around slab
         APIs requiring slab.h to be added manually.
      
      5. The script was run on all .h files but without automatically
         editing them as sprinkling gfp.h and slab.h inclusions around .h
         files could easily lead to inclusion dependency hell.  Most gfp.h
         inclusion directives were ignored as stuff from gfp.h was usually
         wildly available and often used in preprocessor macros.  Each
         slab.h inclusion directive was examined and added manually as
         necessary.
      
      6. percpu.h was updated not to include slab.h.
      
      7. Build test were done on the following configurations and failures
         were fixed.  CONFIG_GCOV_KERNEL was turned off for all tests (as my
         distributed build env didn't work with gcov compiles) and a few
         more options had to be turned off depending on archs to make things
         build (like ipr on powerpc/64 which failed due to missing writeq).
      
         * x86 and x86_64 UP and SMP allmodconfig and a custom test config.
         * powerpc and powerpc64 SMP allmodconfig
         * sparc and sparc64 SMP allmodconfig
         * ia64 SMP allmodconfig
         * s390 SMP allmodconfig
         * alpha SMP allmodconfig
         * um on x86_64 SMP allmodconfig
      
      8. percpu.h modifications were reverted so that it could be applied as
         a separate patch and serve as bisection point.
      
      Given the fact that I had only a couple of failures from tests on step
      6, I'm fairly confident about the coverage of this conversion patch.
      If there is a breakage, it's likely to be something in one of the arch
      headers which should be easily discoverable easily on most builds of
      the specific arch.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Guess-its-ok-by: NChristoph Lameter <cl@linux-foundation.org>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
      5a0e3ad6
  17. 08 3月, 2010 1 次提交