Randomizes the virtual address space of kernel memory regions for
x86_64. This first patch adds the infrastructure and does not randomize
any region. The following patches will randomize the physical memory
mapping, vmalloc and vmemmap regions.
This security feature mitigates exploits relying on predictable kernel
addresses. These addresses can be used to disclose the kernel modules
base addresses or corrupt specific structures to elevate privileges
bypassing the current implementation of KASLR. This feature can be
enabled with the CONFIG_RANDOMIZE_MEMORY option.
The order of each memory region is not changed. The feature looks at the
available space for the regions based on different configuration options
and randomizes the base and space between each. The size of the physical
memory mapping is the available physical memory. No performance impact
was detected while testing the feature.
Entropy is generated using the KASLR early boot functions now shared in
the lib directory (originally written by Kees Cook). Randomization is
done on PGD & PUD page table levels to increase possible addresses. The
physical memory mapping code was adapted to support PUD level virtual
addresses. This implementation on the best configuration provides 30,000
possible virtual addresses in average for each memory region. An
additional low memory page is used to ensure each CPU can start with a
PGD aligned virtual address (for realmode).
x86/dump_pagetable was updated to correctly display each region.
Updated documentation on x86_64 memory layout accordingly.
Performance data, after all patches in the series:
Kernbench shows almost no difference (-+ less than 1%):
Before:
Average Optimal load -j 12 Run (std deviation): Elapsed Time 102.63 (1.2695)
User Time 1034.89 (1.18115) System Time 87.056 (0.456416) Percent CPU 1092.9
(13.892) Context Switches 199805 (3455.33) Sleeps 97907.8 (900.636)
After:
Average Optimal load -j 12 Run (std deviation): Elapsed Time 102.489 (1.10636)
User Time 1034.86 (1.36053) System Time 87.764 (0.49345) Percent CPU 1095
(12.7715) Context Switches 199036 (4298.1) Sleeps 97681.6 (1031.11)
Hackbench shows 0% difference on average (hackbench 90 repeated 10 times):
attemp,before,after 1,0.076,0.069 2,0.072,0.069 3,0.066,0.066 4,0.066,0.068
5,0.066,0.067 6,0.066,0.069 7,0.067,0.066 8,0.063,0.067 9,0.067,0.065
10,0.068,0.071 average,0.0677,0.0677
Signed-off-by: Thomas Garnier <thgarnie@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Alexander Kuleshov <kuleshovmail@gmail.com>
Cc: Alexander Popov <alpopov@ptsecurity.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Borislav Petkov <bp@suse.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Jan Beulich <JBeulich@suse.com>
Cc: Joerg Roedel <jroedel@suse.de>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Lv Zheng <lv.zheng@intel.com>
Cc: Mark Salter <msalter@redhat.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: Xiao Guangrong <guangrong.xiao@linux.intel.com>
Cc: Yinghai Lu <yinghai@kernel.org>
Cc: kernel-hardening@lists.openwall.com
Cc: linux-doc@vger.kernel.org
Link: http://lkml.kernel.org/r/1466556426-32664-6-git-send-email-keescook@chromium.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
The name of the subsystem is "media", and not "linux_tv". Also,
as we plan to add other stuff there in the future, let's
rename also the media uAPI book to media_uapi, to make it
clearer.
No functional changes.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
The kernel-include directive is needed to include the auto generated rst
content from a build (pre-) process. E.g. the linux_tv Makefile
generates intermediate reST-files from header files. Since there is a O=
option:
make O=dir [targets] Locate all output files in "dir"
We need to include intermediate reST files from arbitrary (O=/tmp/foo)
locations:
The 'kernel-include' reST-directive is a replacement for the 'include'
directive. The 'kernel-include' directive expand environment variables
in the path name and allows to include files from arbitrary locations.
.. hint::
Including files from arbitrary locations (e.g. from '/etc') is a
security risk for builders. This is why the 'include' directive from
docutils *prohibit* pathnames pointing to locations *above* the
filesystem tree where the reST document with the include directive is
placed.
Substrings of the form $name or ${name} are replaced by the value of
environment variable name. Malformed variable names and references to
non-existing variables are left unchanged.
Signed-off-by: Markus Heiser <markus.heiser@darmarIT.de>
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Cleanup the Makefile and handle the V=1 flag and make it
to work when specifying an output directory with O=dir
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
After checking that all enum fields are documented at the
corresponding table on the rst file, let's point to the
table, instead of ignore the symbols.
A few symbols are not meant to be documented, as they're
deprecated stuff. keep ignoring them.
One enum field is not documented. Either it is obsolete
or a documentation gap. So, produce warnings for it.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
The content of those macros are all declared at the v4l2-std-id
table. So, point to it.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Now that the reference problems were solved, let's not
ignore anymore the pix formats, as all of them are already
documented.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Several references were not converted right. That's why
so many symbols were lost when parsing videodev2.h header.
Fix them.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Current driver assumes that child node channel name is either
"xlnx,axi-vdma-mm2s-channel" or "xlnx,axi-vdma-s2mm-channel"
which is confusing the users of AXI DMA and CDMA.
This patch fixes this issue by using different channel
names for the AXI DMA and AXI CDMA child nodes.
Signed-off-by: Kedareswara rao Appana <appanad@xilinx.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Vinod Koul <vinod.koul@intel.com>
In the existing vdma driver support for
AXI DMA and CDMA got added so the driver is no
longer VDMA specific.
This patch renames the driver and DT binding doc to xilinx_dma
and updates the Kconfig description for all the DMAS.
Signed-off-by: Kedareswara rao Appana <appanad@xilinx.com>
Signed-off-by: Vinod Koul <vinod.koul@intel.com>
The AXI DMA support is added to the existing AXI VDMA
driver. Device tree binding information also updated
in the VDMA binding doc.
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Kedareswara rao Appana <appanad@xilinx.com>
Signed-off-by: Vinod Koul <vinod.koul@intel.com>
This file comes from the uAPI definitions for V4L2, with is dynamic
and updated on almost every Kernel version. So, this file
needs to be auto-updated, as otherwise the documentation will
become obsolete too early.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Add one extra escape character to avoid those warnings:
Documentation/linux_tv/videodev2.h.rst:6: WARNING: Inline substitution_reference start-string without end-string.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
At videodev2.h, we have hundreds of symbols that don't
currently have a reference yet. Let's ignore for how, while
we don't improve those cross-refs.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
We should not let comments to mangle with the symbols
parsing. Unfortunately, videodev2.h has lots of those
in the middle of enums and structs. So, we need to improve
our parser to discard them.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Merge "Broadcom ARM64 Device Tree changes for 4.8 (part 2)" from Florian Fainelli:
This pull request contains the second part of the Broadcom ARM64-based SoCs
changes for 4.8. Please note that this pull request contains changes from the
ARM 32-bits port and ARM 64-bits port as well:
- Lubomir updates all BCM2835 (Raspberry Pi family) Device Tree source files with
their proper information about the on-board USB Ethernet adapter so there is
appropriate binding between this USB device and a device_node (useful for MAC
address fetching and stuff), this commit is also present for the ARM DT pull
request
- Eric adds support for the Raspberry Pi 3 aka BCM2837 and provides the binding
information and the basic SoC DT include file required to boot to a prompt
- Gerd updates the Raspberry Pi 3 DT with Ethernet information based on the
earlier change from Lubomir
* tag 'arm-soc/for-4.8/devicetree-arm64-part2' of http://github.com/Broadcom/stblinux:
ARM: bcm2837: dt: Add the ethernet to the device trees
ARM: bcm2835: Add devicetree for the Raspberry Pi 3.
dt-bindings: Add root properties for Raspberry Pi 3
ARM: bcm2835: dt: Add the ethernet to the device trees
Pull the clockevents/clocksource tree from Daniel Lezcano:
- Convert the clocksource-probe init functions to return a value in order to
prepare the consolidation of the drivers using the DT. It is a big patchset
but went through 01.org (kbuild bot), linux next and kernel-ci (continuous
integration) (Daniel Lezcano)
- Fix a bad error handling by returning the right value for cadence_ttc
(Christophe Jaillet)
- Fix typo in the Kconfig for the Samsung pwm (Alexandre Belloni)
- Change functions to static for armada-370-xp and digicolor (Ben Dooks)
- Add support for the rk3399 SoC timer by adding bindings and a slight
change in the base address. Take the opportunity to add the DYNIRQ flag
(Huang Tao)
- Fix endian accessors for the Samsung pwm timer (Matthew Leach)
- Add Oxford Semiconductor RPS Dual Timer driver (Neil Armstrong)
- Add a kernel parameter to swich on/off the event stream feature of the arch
arm timer (Will Deacon)
Merge "Amlogic 64-bit DT updates" from Kevin Hilman:
- add RNG and new clock driver support
* tag 'amlogic-dt64-2' of git://git.kernel.org/pub/scm/linux/kernel/git/khilman/linux-amlogic:
ARM64: DTS: meson-gxbb: switch ethernet to real clock
arm64: dts: gxbb clock controller
ARM64: dts: meson-gxbb: Add Hardware Random Generator node
dt-bindings: hwrng: Add Amlogic Meson Hardware Random Generator bindings
Merge "ARM: DT: Hisilicon ARMv7 SoC Hi3519 DT updates for 4.8" from Wei Xu:
- Add device tree bindings for hi3519 sysctrl
- Add dts files for hi3519
- Tidy up DTB makefile entries to keep the list sorted
* tag 'hisi-armv7-soc-dt-for-4.8-v2' of git://github.com/hisilicon/linux-hisi:
ARM: dts: add dts files for Hi3519 and tidy up the makefile entries
ARM: dt-bindings: add device tree bindings for Hi3519 sysctrl
Merge "omap ir-rx51 driver fixes for multiarch for v4.8 merge window"
from Tony Lindgren:
Fix a long time regression for ir-rx51 driver for n900 device tree
booting.
This driver has been unusable with multiarch because of the hardware
timer access. With the recent PWM changes, we can finally fix the
driver for multiarch and device tree support. And naturally there
is no rush for these for the -rc cycle, these can wait for the
merge window.
The PWM changes have been acked by Thierry. For the media changes
I did not get an ack from Mauro but he was Cc'd in the discussion
and these changes do not conflict with other media changes.
After this series we can drop the remaining omap3 legacy booting
board files finally.
* tag 'omap-for-v4.8/ir-rx51-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
ir-rx51: use hrtimer instead of dmtimer
ir-rx51: add DT support to driver
ir-rx51: use PWM framework instead of OMAP dmtimer
pwm: omap-dmtimer: Allow for setting dmtimer clock source
ir-rx51: Fix build after multiarch changes broke it
Merge "Reset controller changes for v4.8, part 3" from Philipp Zabel:
- change request API to be more explicit about the difference between
exclusive and shared resets (the former guarantee the reset line is
asserted immediately when reset_control_assert is called, the latter
are refcounted and do not guarantee this).
- add Hisilicon hi6220 media subsystem reset controller support
- add TI SYSCON based reset controller support
* tag 'reset-for-4.8-3' of git://git.pengutronix.de/git/pza/linux:
reset: add TI SYSCON based reset driver
Documentation: dt: reset: Add TI syscon reset binding
reset: hisilicon: Add hi6220 media subsystem reset support
reset: hisilicon: Change to syscon register access
arm64: dts: hi6220: Add media subsystem reset dts
reset: hisilicon: Add media reset controller binding
reset: TRIVIAL: Add line break at same place for similar APIs
reset: Supply *_shared variant calls when using *_optional APIs
reset: Supply *_shared variant calls when using of_* API
reset: Ensure drivers are explicit when requesting reset lines
reset: Reorder inline reset_control_get*() wrappers
Merge "ARM: mediatek: dts 64 bit updates for v4.8" from Matthias Brugger:
- Add nodes for the DISP function ports
- Add dt-bindings for mt6755
- Add basic support for mt6755 SoC
* tag 'v4.7-next-dts' of https://github.com/mbgg/linux-mediatek:
arm64: dts: mediatek: add mt6755 support
Document: DT: Add bindings for mediatek MT6755 SoC Platform
arm64: dts: mt8173: Add display subsystem related nodes
This file comes from the uAPI definition header, and
should be auto-generated, to be in sync with Kernel changes.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
This file comes from the uAPI definition header, and
should be auto-generated, to be in sync with Kernel changes.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
This file comes from the uAPI definition header, and
should be auto-generated, to be in sync with Kernel changes.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
This is an auto-generated header. Remove the hardcoded one
and do the right thing here.
NOTE: this is a deprecated API. So, we won't make any
effort to try identifying the meaning of this obscure
API that is used only on a legacy driver.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
The typedef handler should do two things to be generic:
1) parse typedef enums;
2) accept both possible syntaxes:
typedef struct foo { .. } foo_t;
typedef struct { .. } foo_t;
Unfortunately, this is needed to parse some legacy DVB
files, like dvb/audio.h.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
When typedef is used on its multiline format, we need to
also parse enum and struct in the same line.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Be more formal about the valid symbols that are expected by
the parser, to match what c language expects.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
The dmx.h header has two things that causes the parser to
break while handling enums:
per-header enums and the '{' starts on a new line
Both makes the parser to get lexical marks to be detected
as if they were symbols.
Fix it.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
This documents the binding used by Alexander Shiyan's DT support for
the clps711x SPI controller.
I've left the file name to match the ARM platform port name "clps711x"
for consistency with the other bindings, even though the compatible
string refers to the later ep7309 chip.
Linux no longer supports the old clps711x and ep72xx product lines,
but we still use the name. The entire family is now discontinued
by the manufacturer.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Mark Brown <broonie@kernel.org>
As we had to escape the symbols for the ReST markup to not do
the wrong thing, the logic to discover start/end of strings
are not trivial. Improve the end delimiter detection, in order
to highlight more occurrences of the strings.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
This file is auto-generated with DocBook, from the uapi header.
Do the same with Sphinx.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
This script parses a header file and converts it into a
parsed-literal block, creating references for ioctls,
defines, typedefs, enums and structs.
It also allow an external file to modify the rules, in
order to fix the expressions.
Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com>
Basic support for the Gen 3 R-Car M3-W SoC.
Based on work for the r8a7795 and r8a7796 SoCs by
Takeshi Kihara, Dirk Behme and Geert Uytterhoeven.
Signed-off-by: Simon Horman <horms+renesas@verge.net.au>
Reviewed-by: Geert Uytterhoeven <geert+renesas@glider.be>
dt-bindings: tegra: Updates for v4.8-rc1
A couple of fixes for the Tegra XUSB controller and Tegra XUSB pad
controller bindings, as well as the addition of some compatible strings
for Tegra-based boards.
* tag 'tegra-for-4.8-dt-bindings' of git://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux:
dt-bindings: tegra: Add Apalis TK1 device tree binding documentation
dt-bindings: tegra: Add Colibri T30 device tree binding documentation
dt-bindings: usb: Fix Tegra XUSB example
dt-bindings: phy: Fix description of Tegra210 PHY nodes
Signed-off-by: Olof Johansson <olof@lixom.net>
bus: NVIDIA Tegra ACONNECT support
Adds support for the Tegra ACONNECT bus that's used to access the APE
(audio processing engine) on Tegra X1.
* tag 'tegra-for-4.8-bus' of git://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux:
bus: Add support for Tegra ACONNECT
dt-bindings: bus: Add documentation for Tegra210 ACONNECT
Signed-off-by: Olof Johansson <olof@lixom.net>
Audio support and spi-flash on rk3288-veyron Chromedevices
as well as i2s and ethernet support on rk3228/rk3229 devices
and a dts file for the rk3229 eval board.
* tag 'v4.8-rockchip-dts32-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip:
ARM: dts: rockchip: add support rk3229 evb board
ARM: dts: rockchip: add GMAC nodes for RK322x SoCs
ARM: dts: rockchip: add i2s nodes for RK322x SoCs
ARM: dts: rockchip: rename rk3228.dtsi to rk322x.dtsi
clk: rockchip: add clock-ids for rk3228 MAC clocks
clk: rockchip: add clock-ids for rk3228 audio clocks
ARM: dts: rockchip: rename i2s model for Veyron devices
ARM: dts: rockchip: move rk3288 io-domain nodes to the grf
ARM: dts: rockchip: Enable analog audio on rk3288-veyron chromebooks
ARM: dts: rockchip: Add shared file for audio on rk3288-veyron boards
ARM: dts: rockchip: add SPI flash node for rk3288-veyron
Signed-off-by: Olof Johansson <olof@lixom.net>
