#
ae191417 |
|
15-Dec-2023 |
Jens Axboe <axboe@kernel.dk> |
cred: get rid of CONFIG_DEBUG_CREDENTIALS This code is rarely (never?) enabled by distros, and it hasn't caught anything in decades. Let's kill off this legacy debug code. Suggested-by: Linus Torvalds <torvalds@linuxfoundation.org> Signed-off-by: Jens Axboe <axboe@kernel.dk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
#
cdebfd27 |
|
04-Jul-2023 |
Joel Stanley <joel@jms.id.au> |
powerpc/config: Disable SLAB_DEBUG_ON in skiroot In 5.10 commit 5e84dd547bce ("powerpc/configs/skiroot: Enable some more hardening options") set SLUB_DEBUG_ON. When 5.14 came around, commit 792702911f58 ("slub: force on no_hash_pointers when slub_debug is enabled") print all the pointers when SLUB_DEBUG_ON is set. This was fine, but in 5.12 commit 5ead723a20e0 ("lib/vsprintf: no_hash_pointers prints all addresses as unhashed") added the warning at boot. Disable SLAB_DEBUG_ON as we don't want the nasty warning. We have CONFIG_EXPERT so SLAB_DEBUG is enabled. We do lose the settings in DEBUG_DEFAULT_FLAGS, but it's not clear that these should have been always-on anyway. Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://msgid.link/20230705023056.16273-1-joel@jms.id.au
|
#
e485f3a6 |
|
17-Mar-2023 |
Tony Nguyen <anthony.l.nguyen@intel.com> |
ixgb: Remove ixgb driver There are likely no users of this driver as the hardware has been discontinued since 2010. Remove the driver and all references to it in documentation. Suggested-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com> Acked-by: Jesse Brandeburg <jesse.brandeburg@intel.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
d210ee3f |
|
28-Sep-2022 |
Lukas Bulwahn <lukas.bulwahn@gmail.com> |
powerpc/configs: Update config files for removed/renamed symbols Clean up config files by: - removing configs that were deleted in the past - removing configs not in tree and without recently pending patches - adding new configs that are replacements for old configs in the file For some detailed information, see: https://lore.kernel.org/kernel-janitors/20220929090645.1389-1-lukas.bulwahn@gmail.com/ Renamed: - CONFIG_PPC_PTDUMP -> CONFIG_GENERIC_PTDUMP e084728393a5 ("powerpc/ptdump: Convert powerpc to GENERIC_PTDUMP") Removed: - CONFIG_BLK_DEV_CRYPTOLOOP 47e9624616c8 ("block: remove support for cryptoloop and the xor transfer") - CONFIG_CRYPTO_RMD128 b21b9a5e0aef ("crypto: rmd128 - remove RIPE-MD 128 hash algorithm") - CONFIG_CRYPTO_RMD256 c15d4167f0b0 ("crypto: rmd256 - remove RIPE-MD 256 hash algorithm") - CONFIG_CRYPTO_RMD320 93f64202926f ("crypto: rmd320 - remove RIPE-MD 320 hash algorithm") - CONFIG_CRYPTO_SALSA20 663f63ee6d9c ("crypto: salsa20 - remove Salsa20 stream cipher algorithm") - CONFIG_CRYPTO_TGR192 87cd723f8978 ("crypto: tgr192 - remove Tiger 128/160/192 hash algorithms") - CONFIG_HARDENED_USERCOPY_PAGESPAN 1109a5d90701 ("usercopy: Remove HARDENED_USERCOPY_PAGESPAN") - CONFIG_RAPIDIO_TSI568, CONFIG_RAPIDIO_TSI57X 612d4904191f ("rapidio: remove not used code about RIO_VID_TUNDRA") - CONFIG_RAW_DRIVER 603e4922f1c8 ("remove the raw driver") - CONFIG_ROCKETPORT 3b00b6af7a5b ("tty: rocket, remove the driver") - CONFIG_ENABLE_MUST_CHECK 196793946264 ("Compiler Attributes: remove CONFIG_ENABLE_MUST_CHECK") Signed-off-by: Lukas Bulwahn <lukas.bulwahn@gmail.com> [mpe: Add documentation of relevant commit for each symbol change] Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/20220929101502.32527-1-lukas.bulwahn@gmail.com
|
#
53944f17 |
|
05-Nov-2021 |
Stephen Kitt <steve@sk2.org> |
mm: remove HARDENED_USERCOPY_FALLBACK This has served its purpose and is no longer used. All usercopy violations appear to have been handled by now, any remaining instances (or new bugs) will cause copies to be rejected. This isn't a direct revert of commit 2d891fbc3bb6 ("usercopy: Allow strict enforcement of whitelists"); since usercopy_fallback is effectively 0, the fallback handling is removed too. This also removes the usercopy_fallback module parameter on slab_common. Link: https://github.com/KSPP/linux/issues/153 Link: https://lkml.kernel.org/r/20210921061149.1091163-1-steve@sk2.org Signed-off-by: Stephen Kitt <steve@sk2.org> Suggested-by: Kees Cook <keescook@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> Reviewed-by: Joel Stanley <joel@jms.id.au> [defconfig change] Acked-by: David Rientjes <rientjes@google.com> Cc: Christoph Lameter <cl@linux.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: James Morris <jmorris@namei.org> Cc: "Serge E . Hallyn" <serge@hallyn.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
#
f22969a6 |
|
14-Oct-2021 |
Joel Stanley <joel@jms.id.au> |
powerpc/64s: Default to 64K pages for 64 bit book3s For 64-bit book3s the default should be 64K as that's what modern CPUs are designed for. The following defconfigs already set CONFIG_PPC_64K_PAGES: cell_defconfig pasemi_defconfig powernv_defconfig ppc64_defconfig pseries_defconfig skiroot_defconfig The have the option removed from the defconfig, as it is now the default. The defconfigs that now need to set CONFIG_PPC_4K_PAGES to maintain their existing behaviour are: g5_defconfig maple_defconfig microwatt_defconfig ps3_defconfig Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> BugLink: https://github.com/linuxppc/issues/issues/109 Link: https://lore.kernel.org/r/20211015001649.45591-1-joel@jms.id.au
|
#
0488d325 |
|
11-Jun-2020 |
Chris Packham <chris.packham@alliedtelesis.co.nz> |
powerpc/configs: Remove CMDLINE_BOOL Regenerate defconfigs to remove CONFIG_CMDLINE_BOOL and the default CONFIG_CMDLINE where applicable. Signed-off-by: Chris Packham <chris.packham@alliedtelesis.co.nz> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/20200611224220.25066-3-chris.packham@alliedtelesis.co.nz
|
#
679b2ec8 |
|
23-Feb-2020 |
Diego Elio Pettenò <flameeyes@flameeyes.com> |
scsi: sr: remove references to BLK_DEV_SR_VENDOR, leave it enabled This kernel configuration is basically enabling/disabling sr driver quirks detection. While these quirks are for fairly rare devices (very old CD burners, and a glucometer), the additional detection of these models is a very minimal amount of code. The logic behind the quirks is always built into the sr driver. This also removes the config from all the defconfig files that are enabling this already. Link: https://lore.kernel.org/r/20200223191144.726-1-flameeyes@flameeyes.com Reviewed-by: Jens Axboe <axboe@kernel.dk> Signed-off-by: Diego Elio Pettenò <flameeyes@flameeyes.com> Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
|
#
5e84dd54 |
|
20-Jan-2020 |
Michael Ellerman <mpe@ellerman.id.au> |
powerpc/configs/skiroot: Enable some more hardening options Enable more hardening options. Note BUG_ON_DATA_CORRUPTION selects DEBUG_LIST and is essentially just a synonym for it. DEBUG_SG, DEBUG_NOTIFIERS, DEBUG_LIST, DEBUG_CREDENTIALS and SCHED_STACK_END_CHECK should all be low overhead and just add a few extra checks. SLAB_FREELIST_RANDOM, and SLUB_DEBUG_ON will add some overhead to the SLAB allocator, but nothing that should be meaningful for skiroot. Unselecting SLAB_MERGE_DEFAULT causes the SLAB to use more memory, but the skiroot kernel shouldn't be memory constrained on any of our systems, all it does is run a small bootloader. Disabling merging has some security/robustness benefit as it means a user-after-free or overflow will be limited to the objects in that slab, rather than potentially affecting objects from unrelated slabs that have been merged. Note also that slab merging is disabled anyway by enabling SLUB_DEBUG_ON, because of the SLAB_NEVER_MERGE mask. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Acked-by: Joel Stanley <joel@jms.id.au> Link: https://lore.kernel.org/r/20200121043000.16212-9-mpe@ellerman.id.au
|
#
3554c12d |
|
20-Jan-2020 |
Michael Ellerman <mpe@ellerman.id.au> |
powerpc/configs/skiroot: Disable xmon default & enable reboot on panic If the skiroot kernel crashes we don't want it sitting at an xmon prompt forever. Instead it's more helpful to reboot and bring the boot loader back up, and if the crash was transient we can then boot successfully. Similarly if we panic we should reboot, with a short timeout in case someone is watching the console. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Acked-by: Joel Stanley <joel@jms.id.au> Link: https://lore.kernel.org/r/20200121043000.16212-8-mpe@ellerman.id.au
|
#
579baeec |
|
20-Jan-2020 |
Joel Stanley <joel@jms.id.au> |
powerpc/configs/skiroot: Enable security features This turns on HARDENED_USERCOPY with HARDENED_USERCOPY_PAGESPAN, and FORTIFY_SOURCE. It also enables SECURITY_LOCKDOWN_LSM with _EARLY and LOCK_DOWN_KERNEL_FORCE_INTEGRITY options enabled. This still allows xmon to be used in read-only mode. MODULE_SIG is selected by lockdown, so it is still enabled. Because we're setting LOCK_DOWN_KERNELFORCE_INTEGRITY=y we also need to enable KEXEC_FILE=y so that kexec continues to work. Signed-off-by: Joel Stanley <joel@jms.id.au> [mpe: Switch to lockdown integrity mode per oohal, enable KEXEC_FILE as reported by jms] Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/20200121043000.16212-7-mpe@ellerman.id.au
|
#
cdc7b23f |
|
20-Jan-2020 |
Michael Ellerman <mpe@ellerman.id.au> |
powerpc/configs/skiroot: Update for symbol movement only Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Acked-by: Joel Stanley <joel@jms.id.au> Link: https://lore.kernel.org/r/20200121043000.16212-6-mpe@ellerman.id.au
|
#
81881e09 |
|
20-Jan-2020 |
Michael Ellerman <mpe@ellerman.id.au> |
powerpc/configs/skiroot: Drop default n CONFIG_CRYPTO_ECHAINIV It's default n so we don't need to disable it. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Acked-by: Joel Stanley <joel@jms.id.au> Link: https://lore.kernel.org/r/20200121043000.16212-5-mpe@ellerman.id.au
|
#
028fb6de |
|
20-Jan-2020 |
Michael Ellerman <mpe@ellerman.id.au> |
powerpc/configs/skiroot: Drop HID_LOGITECH Commit bdd08fff4915 ("HID: logitech: Add depends on LEDS_CLASS to Logitech Kconfig entry") made HID_LOGITECH depend on LEDS_CLASS which we do not enable, meaning we are not actually enabling those drivers any more. The Kconfig help text suggests USB HID compliant Logictech devices will continue to work without HID_LOGITECH, so just drop it. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Acked-by: Joel Stanley <joel@jms.id.au> Link: https://lore.kernel.org/r/20200121043000.16212-4-mpe@ellerman.id.au
|
#
7115bf78 |
|
20-Jan-2020 |
Michael Ellerman <mpe@ellerman.id.au> |
powerpc/configs: Drop NET_VENDOR_HP which moved to staging The HP network driver moved to staging in commit 52340b82cf1a ("hp100: Move 100BaseVG AnyLAN driver to staging") meaning we don't need to disable it any more in our defconfigs. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Acked-by: Joel Stanley <joel@jms.id.au> Link: https://lore.kernel.org/r/20200121043000.16212-3-mpe@ellerman.id.au
|
#
f3e96a71 |
|
20-Jan-2020 |
Michael Ellerman <mpe@ellerman.id.au> |
powerpc/configs: NET_CADENCE became NET_VENDOR_CADENCE The NET_CADENCE symbol was renamed to NET_VENDOR_CADENCE, so we don't need to disable the former, see commit 0df5f81c481e ("net: ethernet: Add missing VENDOR to Cadence and Packet Engines symbols"). Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Acked-by: Joel Stanley <joel@jms.id.au> Link: https://lore.kernel.org/r/20200121043000.16212-2-mpe@ellerman.id.au
|
#
76e4bd93 |
|
20-Jan-2020 |
Michael Ellerman <mpe@ellerman.id.au> |
powerpc/configs: Drop CONFIG_QLGE which moved to staging The QLGE driver moved to staging in commit 955315b0dc8c ("qlge: Move drivers/net/ethernet/qlogic/qlge/ to drivers/staging/qlge/"), meaning our defconfigs that enable it have no effect as we don't enable CONFIG_STAGING. It sounds like the device is obsolete, so drop the driver. Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Acked-by: Joel Stanley <joel@jms.id.au> Link: https://lore.kernel.org/r/20200121043000.16212-1-mpe@ellerman.id.au
|
#
93a1544a |
|
12-Nov-2019 |
YueHaibing <yuehaibing@huawei.com> |
powerpc/configs: remove obsolete CONFIG_INET_XFRM_MODE_* and CONFIG_INET6_XFRM_MODE_* These Kconfig options has been removed in commit 4c145dce2601 ("xfrm: make xfrm modes builtin") So there is no point to keep it in defconfigs any longer. Signed-off-by: YueHaibing <yuehaibing@huawei.com> [mpe: Extract from cross arch patch] Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/20190612071901.21736-1-yuehaibing@huawei.com
|
#
aaa35150 |
|
09-Oct-2019 |
Hari Bathini <hbathini@linux.ibm.com> |
powerpc/configs: add FADump awareness to skiroot_defconfig FADump is supported on PowerNV platform. To fulfill this support, the petitboot kernel must be FADump aware. Enable config PRESERVE_FA_DUMP to make the petitboot kernel FADump aware. Signed-off-by: Hari Bathini <hbathini@linux.ibm.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/157062986936.23016.10146169203560084401.stgit@hbathini.in.ibm.com
|
#
7e04a46d |
|
26-Jun-2019 |
Daniel Axtens <dja@axtens.net> |
powerpc/configs: Disable /dev/port in skiroot defconfig While reviewing lockdown patches, I discovered that we still enable /dev/port (CONFIG_DEVPORT) in skiroot. /dev/port is used for old x86 style IO accesses. It's set up in drivers/char/mem.c, and is only created if arch_has_dev_port() returns true. Per arch/powerpc/include/asm/io.h, on PPC64 with PCI, this is only true if there's a legacy ISA bridge. Even if a system has a legacy ISA bridge installed, we have no business accessing it in skiroot. Deselect CONFIG_DEVPORT for skiroot. Signed-off-by: Daniel Axtens <dja@axtens.net> [mpe: Incorporate emailed comments into the change log] Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/20190627053008.29315-1-dja@axtens.net
|
#
14b2f7d9 |
|
04-Jun-2019 |
Krzysztof Kozlowski <krzk@kernel.org> |
powerpc/configs: Remove useless UEVENT_HELPER_PATH Remove the CONFIG_UEVENT_HELPER_PATH because: 1. It is disabled since commit 1be01d4a5714 ("driver: base: Disable CONFIG_UEVENT_HELPER by default") as its dependency (UEVENT_HELPER) was made default to 'n', 2. It is not recommended (help message: "This should not be used today [...] creates a high system load") and was kept only for ancient userland, 3. Certain userland specifically requests it to be disabled (systemd README: "Legacy hotplug slows down the system and confuses udev"). Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org> Acked-by: Geert Uytterhoeven <geert+renesas@glider.be> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
|
#
e1619e89 |
|
02-Apr-2019 |
Joel Stanley <joel@jms.id.au> |
powerpc/configs: Add (back) MLX5 ethernet support to skiroot_defconfig It turns out that some defconfig changes and kernel config option changes meant we accidentally dropped Ethernet support for Mellanox CLX5 cards. Fixes: cbc39809a398 ("powerpc/configs: Update skiroot defconfig") Reported-by: Carol L Soto <clsoto@us.ibm.com> Suggested-by: Carol L Soto <clsoto@us.ibm.com> Signed-off-by: Stewart Smith <stewart@linux.ibm.com> Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
|
#
8adddf34 |
|
16-Apr-2019 |
Michael Ellerman <mpe@ellerman.id.au> |
powerpc/mm/radix: Make Radix require HUGETLB_PAGE Joel reported weird crashes using skiroot_defconfig, in his case we jumped into an NX page: kernel tried to execute exec-protected page (c000000002bff4f0) - exploit attempt? (uid: 0) BUG: Unable to handle kernel instruction fetch Faulting instruction address: 0xc000000002bff4f0 Looking at the disassembly, we had simply branched to that address: c000000000c001bc 49fff335 bl c000000002bff4f0 But that didn't match the original kernel image: c000000000c001bc 4bfff335 bl c000000000bff4f0 <kobject_get+0x8> When STRICT_KERNEL_RWX is enabled, and we're using the radix MMU, we call radix__change_memory_range() late in boot to change page protections. We do that both to mark rodata read only and also to mark init text no-execute. That involves walking the kernel page tables, and clearing _PAGE_WRITE or _PAGE_EXEC respectively. With radix we may use hugepages for the linear mapping, so the code in radix__change_memory_range() uses eg. pmd_huge() to test if it has found a huge mapping, and if so it stops the page table walk and changes the PMD permissions. However if the kernel is built without HUGETLBFS support, pmd_huge() is just a #define that always returns 0. That causes the code in radix__change_memory_range() to incorrectly interpret the PMD value as a pointer to a PTE page rather than as a PTE at the PMD level. We can see this using `dv` in xmon which also uses pmd_huge(): 0:mon> dv c000000000000000 pgd @ 0xc000000001740000 pgdp @ 0xc000000001740000 = 0x80000000ffffb009 pudp @ 0xc0000000ffffb000 = 0x80000000ffffa009 pmdp @ 0xc0000000ffffa000 = 0xc00000000000018f <- this is a PTE ptep @ 0xc000000000000100 = 0xa64bb17da64ab07d <- kernel text The end result is we treat the value at 0xc000000000000100 as a PTE and clear _PAGE_WRITE or _PAGE_EXEC, potentially corrupting the code at that address. In Joel's specific case we cleared the sign bit in the offset of the branch, causing a backward branch to turn into a forward branch which caused us to branch into a non-executable page. However the exact nature of the crash depends on kernel version, compiler version, and other factors. We need to fix radix__change_memory_range() to not use accessors that depend on HUGETLBFS, but we also have radix memory hotplug code that uses pmd_huge() etc that will also need fixing. So for now just disallow the broken combination of Radix with HUGETLBFS disabled. The only defconfig we have that is affected is skiroot_defconfig, so turn on HUGETLBFS there so that it still gets Radix. Fixes: 566ca99af026 ("powerpc/mm/radix: Add dummy radix_enabled()") Cc: stable@vger.kernel.org # v4.7+ Reported-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
|
#
805bf3b7 |
|
04-Mar-2019 |
Joel Stanley <joel@jms.id.au> |
powerpc/configs: Sync skiroot defconfig This updates the skiroot defconfig with the version from the OpenPower firmwre build tree. Important changes are the addition of QED and E1000E ethernet drivers. Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
|
#
cbc39809 |
|
17-Sep-2018 |
Joel Stanley <joel@jms.id.au> |
powerpc/configs: Update skiroot defconfig Disable new features from recent releases, and clean out some other unused options: - Enable EXPERT, so we can disable some things - Disable non-powerpc BPF decoders - Disable TASKSTATS - Disable unused syscalls - Set more things to be modules - Turn off unused network vendors - PPC_OF_BOOT_TRAMPOLINE and FB_OF are unused on powernv - Drop unused Radeon and Matrox GPU drivers - IPV6 support landed in petitboot - Bringup related command line powersave=off dropped, switch to quiet Set CONFIG_I2C_CHARDEV=y as the module is not loaded automatically, and without this i2cget etc. will fail in the skiroot environment. This defconfig gets us build coverage of KERNEL_XZ, which was broken in the 4.19 merge window for powerpc. Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
|
#
c3dda4b0 |
|
03-Oct-2017 |
Joel Stanley <joel@jms.id.au> |
powerpc/configs: Add Skiroot defconfig This configuration is used by the OpenPower firmware for it's Linux-as-bootloader implementation. Also known as the Petitboot kernel, this configuration broke in 4.12 (CPU_HOTPLUG=n), so add it to the upstream tree in order to get better coverage. Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
|