1. 06 May, 2015 1 commit
  2. 16 Jan, 2015 1 commit
  3. 08 Jan, 2015 2 commits
  4. 05 Oct, 2014 1 commit
  5. 17 Sep, 2014 1 commit
    • Eric W. Biederman's avatar
      mnt: Add tests for unprivileged remount cases that have found to be faulty · bbeed681
      Eric W. Biederman authored
      commit db181ce011e3c033328608299cd6fac06ea50130 upstream.
      Kenton Varda <kenton@sandstorm.io> discovered that by remounting a
      read-only bind mount read-only in a user namespace the
      MNT_LOCK_READONLY bit would be cleared, allowing an unprivileged user
      to the remount a read-only mount read-write.
      Upon review of the code in remount it was discovered that the code allowed
      nosuid, noexec, and nodev to be cleared.  It was also discovered that
      the code was allowing the per mount atime flags to be changed.
      The first naive patch to fix these issues contained the flaw that using
      default atime settings when remounting a filesystem could be disallowed.
      To avoid this problems in the future add tests to ensure unprivileged
      remounts are succeeding and failing at the appropriate times.
      Acked-by: 's avatarSerge E. Hallyn <serge.hallyn@ubuntu.com>
      Signed-off-by: 's avatar"Eric W. Biederman" <ebiederm@xmission.com>
      Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
  6. 08 Aug, 2014 3 commits
  7. 09 Jul, 2014 1 commit
  8. 11 Jun, 2014 1 commit
  9. 07 Jun, 2014 1 commit
  10. 13 Feb, 2014 2 commits
    • Josh Triplett's avatar
      turbostat: Use GCC's CPUID functions to support PIC · 0e2d79de
      Josh Triplett authored
      commit 2b92865e648ce04a39fda4f903784a5d01ecb0dc upstream.
      turbostat uses inline assembly to call cpuid.  On 32-bit x86, on systems
      that have certain security features enabled by default that make -fPIC
      the default, this causes a build error:
      turbostat.c: In function ‘check_cpuid’:
      turbostat.c:1906:2: error: PIC register clobbered by ‘ebx’ in ‘asm’
        asm("cpuid" : "=a" (fms), "=c" (ecx), "=d" (edx) : "a" (1) : "ebx");
      GCC provides a header cpuid.h, containing a __get_cpuid function that
      works with both PIC and non-PIC.  (On PIC, it saves and restores ebx
      around the cpuid instruction.)  Use that instead.
      Signed-off-by: 's avatarJosh Triplett <josh@joshtriplett.org>
      Signed-off-by: 's avatarLen Brown <len.brown@intel.com>
      Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    • Josh Triplett's avatar
      turbostat: Don't put unprocessed uapi headers in the include path · 73cb6cf1
      Josh Triplett authored
      commit b731f3119de57144e16c19fd593b8daeb637843e upstream.
      turbostat's Makefile puts arch/x86/include/uapi/ in the include path, so
      that it can include <asm/msr.h> from it.  It isn't in general safe to
      include even uapi headers directly from the kernel tree without
      processing them through scripts/headers_install.sh, but asm/msr.h
      happens to work.
      However, that include path can break with some versions of system
      headers, by overriding some system headers with the unprocessed versions
      directly from the kernel source.  For instance:
      In file included from /build/x86-generic/usr/include/bits/sigcontext.h:28:0,
                       from /build/x86-generic/usr/include/signal.h:339,
                       from /build/x86-generic/usr/include/sys/wait.h:31,
                       from turbostat.c:27:
      ../../../../arch/x86/include/uapi/asm/sigcontext.h:4:28: fatal error: linux/compiler.h: No such file or directory
      This occurs because the system bits/sigcontext.h on that build system
      includes <asm/sigcontext.h>, and asm/sigcontext.h in the kernel source
      includes <linux/compiler.h>, which scripts/headers_install.sh would have
      filtered out.
      Since turbostat really only wants a single header, just include that one
      header rather than putting an entire directory of kernel headers on the
      include path.
      In the process, switch from msr.h to msr-index.h, since turbostat just
      wants the MSR numbers.
      Signed-off-by: 's avatarJosh Triplett <josh@joshtriplett.org>
      Signed-off-by: 's avatarLen Brown <len.brown@intel.com>
      Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
  11. 06 Feb, 2014 1 commit
    • Dongsheng Yang's avatar
      perf kvm: Fix kvm report without guestmount. · 6157969f
      Dongsheng Yang authored
      commit ad85ace07a05062ef6b59c35a5e80b6eaee1eee6 upstream.
      Currently, if we use perf kvm --guestkallsyms --guestmodules report, we
      can not get the perf information from perf data file. All sample are
      shown as unknown.
      Reproducing steps:
      	# perf kvm --guestkallsyms /tmp/kallsyms --guestmodules /tmp/modules record -a sleep 1
      	[ perf record: Woken up 1 times to write data ]
      	[ perf record: Captured and wrote 0.624 MB perf.data.guest (~27260 samples) ]
      	# perf kvm --guestkallsyms /tmp/kallsyms --guestmodules /tmp/modules report |grep %
      	   100.00%  [guest/6471]  [unknown]         [g] 0xffffffff8164f330
      This bug was introduced by 207b5792 (perf kvm: Fix regression with guest machine creation).
      In original code, it uses perf_session__find_machine(), it means we deliver symbol to machine
      which has the same pid, if no machine found, deliver it to *default* guest. But if we use
      perf_session__findnew_machine() here, if no machine was found, new machine with pid will be built
      and added. Then the default guest which with pid == 0 will never get a symbol.
      And because the new machine initialized here has no kernel map created, the symbol delivered to
      it will be marked as "unknown".
      This patch here is to revert commit 207b5792 and fix the SEGFAULT bug in another way.
      Verification steps:
      	# ./perf kvm --guestkallsyms /home/kallsyms --guestmodules /home/modules record -a sleep 1
      	[ perf record: Woken up 1 times to write data ]
      	[ perf record: Captured and wrote 0.651 MB perf.data.guest (~28437 samples) ]
      	# ./perf kvm --guestkallsyms /home/kallsyms --guestmodules /home/modules report |grep %
      	    22.64%    :6471  [guest.kernel.kallsyms]  [g] update_rq_clock.part.70
      	    19.99%    :6471  [guest.kernel.kallsyms]  [g] d_free
      	    18.46%    :6471  [guest.kernel.kallsyms]  [g] bio_phys_segments
      	    16.25%    :6471  [guest.kernel.kallsyms]  [g] dequeue_task
      	    12.78%    :6471  [guest.kernel.kallsyms]  [g] __switch_to
      	     7.91%    :6471  [guest.kernel.kallsyms]  [g] scheduler_tick
      	     1.75%    :6471  [guest.kernel.kallsyms]  [g] native_apic_mem_write
      	     0.21%    :6471  [guest.kernel.kallsyms]  [g] apic_timer_interrupt
      Signed-off-by: 's avatarDongsheng Yang <yangds.fnst@cn.fujitsu.com>
      Acked-by: 's avatarDavid Ahern <dsahern@gmail.com>
      Cc: David Ahern <dsahern@gmail.com>
      Link: http://lkml.kernel.org/r/1387564907-3045-1-git-send-email-yangds.fnst@cn.fujitsu.comSigned-off-by: 's avatarArnaldo Carvalho de Melo <acme@redhat.com>
      Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
  12. 25 Jan, 2014 1 commit
  13. 09 Jan, 2014 1 commit
  14. 04 Dec, 2013 1 commit
  15. 05 Oct, 2013 1 commit
    • Vinson Lee's avatar
      tools lib lk: Uninclude linux/magic.h in debugfs.c · 655325c7
      Vinson Lee authored
      commit ce7eebe5c3deef8e19c177c24ee75843256e69ca upstream.
      The compilation only looks for linux/magic.h from the default include
      paths, which does not include the source tree. This results in a build
      error if linux/magic.h is not available or not installed.
      For example, this build error occurs on CentOS 5.
      $ make -C tools/lib/lk V=1
      gcc -o debugfs.o -c -ggdb3 -Wall -Wextra -std=gnu99 -Werror -O6
      -D_FORTIFY_SOURCE=2 -Wbad-function-cast -Wdeclaration-after-statement
      -Wformat-security -Wformat-y2k -Winit-self -Wmissing-declarations
      -Wmissing-prototypes -Wnested-externs -Wno-system-headers
      -Wold-style-definition -Wpacked -Wredundant-decls -Wshadow
      -Wstrict-aliasing=3 -Wstrict-prototypes -Wswitch-default -Wswitch-enum
      -Wundef -Wwrite-strings -Wformat  -fPIC  -D_LARGEFILE64_SOURCE
      -D_FILE_OFFSET_BITS=64 debugfs.c
      debugfs.c:8:25: error: linux/magic.h: No such file or directory
      The only symbol from linux/magic.h needed by debugfs.c is DEBUGFS_MAGIC,
      and that is already defined in debugfs.h. linux/magic.h isn't providing
      any extra symbols and can unincluded. This is similar to the approach by
      perf, which has its own magic.h wrapper at
      Signed-off-by: 's avatarVinson Lee <vlee@twitter.com>
      Acked-by: 's avatarBorislav Petkov <bp@suse.de>
      Cc: Borislav Petkov <bp@suse.de>
      Cc: Vinson Lee <vlee@freedesktop.org>
      Link: http://lkml.kernel.org/r/1379546200-17028-1-git-send-email-vlee@freedesktop.orgSigned-off-by: 's avatarArnaldo Carvalho de Melo <acme@redhat.com>
      Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
  16. 01 Oct, 2013 1 commit
  17. 04 Aug, 2013 2 commits
    • Michael Witten's avatar
      perf tools: Revert regression in configuration of Python support · 2652eb44
      Michael Witten authored
      commit a363a9da65d253fa7354ce5fd630f4f94df934cc upstream.
      Among other things, the following:
        commit 31160d7f
        Date:   Tue Jan 8 16:22:36 2013 -0500
        perf tools: Fix GNU make v3.80 compatibility issue
      attempts to aid the user by tapping into an existing error message,
      as described in the commit message:
        ... Also fix an issue where _get_attempt was called with only
        one argument. This prevented the error message from printing
        the name of the variable that can be used to fix the problem.
      or more precisely:
        -$(if $($(1)),$(call _ge_attempt,$($(1)),$(1)),$(call _ge_attempt,$(2)))
        +$(if $($(1)),$(call _ge_attempt,$($(1)),$(1)),$(call _ge_attempt,$(2),$(1)))
      However, The "missing" argument was in fact missing on purpose; it's
      absence is a signal that the error message should be skipped, because
      the failure would be due to the default value, not any user-supplied
      value.  This can be seen in how `_ge_attempt' uses `gea_err' (in the
      config/utilities.mak file):
        _ge_attempt = $(if $(get-executable),$(get-executable),$(_gea_warn)$(call _gea_err,$(2)))
        _gea_warn = $(warning The path '$(1)' is not executable.)
        _gea_err  = $(if $(1),$(error Please set '$(1)' appropriately))
      That is, because the argument is no longer missing, the value `$(1)'
      (associated with `_gea_err') always evaluates to true, thus always
      triggering the error condition that is meant to be reserved for
      only the case when a user explicitly supplies an invalid value.
      Concretely, the result is a regression in the Makefile's configuration
      of python support; rather than gracefully disable support when the
      relevant executables cannot be found according to default values, the
      build process halts in error as though the user explicitly supplied
      the values.
      This new commit simply reverts the offending one-line change.
      Reported-by: 's avatarPekka Enberg <penberg@kernel.org>
      Link: http://lkml.kernel.org/r/CAOJsxLHv17Ys3M7P5q25imkUxQW6LE_vABxh1N3Tt7Mv6Ho4iw@mail.gmail.comSigned-off-by: 's avatarMichael Witten <mfwitten@gmail.com>
      Cc: Mark Brown <broonie@sirena.org.uk>
      Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    • K. Y. Srinivasan's avatar
      Tools: hv: KVP: Fix a bug in IPV6 subnet enumeration · 0ac7e443
      K. Y. Srinivasan authored
      commit ed4bb9744b41d39ba35080c2390e201575121dc7 upstream.
      Each subnet string needs to be separated with a semicolon. Fix this bug.
      Signed-off-by: 's avatarK. Y. Srinivasan <kys@microsoft.com>
      Signed-off-by: 's avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
  18. 13 Jun, 2013 1 commit
  19. 24 May, 2013 1 commit
  20. 22 May, 2013 5 commits
  21. 01 May, 2013 2 commits
  22. 29 Apr, 2013 1 commit
  23. 24 Apr, 2013 8 commits