Loading Documentation/filesystems/overlayfs.txt +23 −0 Original line number Diff line number Diff line Loading @@ -82,6 +82,29 @@ Only the lists of names from directories are merged. Other content such as metadata and extended attributes are reported for the upper directory only. These attributes of the lower directory are hidden. credentials ----------- By default, all access to the upper, lower and work directories is the recorded mounter's MAC and DAC credentials. The incoming accesses are checked against the caller's credentials. In the case where caller MAC or DAC credentials do not overlap, a use case available in older versions of the driver, the override_creds mount flag can be turned off and help when the use pattern has caller with legitimate credentials where the mounter does not. Several unintended side effects will occur though. The caller without certain key capabilities or lower privilege will not always be able to delete files or directories, create nodes, or search some restricted directories. The ability to search and read a directory entry is spotty as a result of the cache mechanism not retesting the credentials because of the assumption, a privileged caller can fill cache, then a lower privilege can read the directory cache. The uneven security model where cache, upperdir and workdir are opened at privilege, but accessed without creating a form of privilege escalation, should only be used with strict understanding of the side effects and of the security policies. whiteouts and opaque directories -------------------------------- Loading Makefile 100644 → 100755 +29 −14 Original line number Diff line number Diff line VERSION = 4 PATCHLEVEL = 9 SUBLEVEL = 160 SUBLEVEL = 163 EXTRAVERSION = NAME = Roaring Lionus Loading Loading @@ -306,11 +306,6 @@ HOSTCXX = g++ HOSTCFLAGS := -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -std=gnu89 HOSTCXXFLAGS = -O2 ifeq ($(shell $(HOSTCC) -v 2>&1 | grep -c "clang version"), 1) HOSTCFLAGS += -Wno-unused-value -Wno-unused-parameter \ -Wno-missing-field-initializers -fno-delete-null-pointer-checks endif # Decide whether to build built-in, modular, or both. # Normally, just do built-in. Loading Loading @@ -517,19 +512,17 @@ endif ifeq ($(cc-name),clang) ifneq ($(CROSS_COMPILE),) CLANG_TRIPLE ?= $(CROSS_COMPILE) CLANG_TARGET := --target=$(notdir $(CLANG_TRIPLE:%-=%)) ifeq ($(shell $(srctree)/scripts/clang-android.sh $(CC) $(CLANG_TARGET)), y) CLANG_FLAGS := --target=$(notdir $(CLANG_TRIPLE:%-=%)) ifeq ($(shell $(srctree)/scripts/clang-android.sh $(CC) $(CLANG_FLAGS)), y) $(error "Clang with Android --target detected. Did you specify CLANG_TRIPLE?") endif GCC_TOOLCHAIN_DIR := $(dir $(shell which $(LD))) CLANG_PREFIX := --prefix=$(GCC_TOOLCHAIN_DIR) CLANG_FLAGS += --prefix=$(GCC_TOOLCHAIN_DIR) GCC_TOOLCHAIN := $(realpath $(GCC_TOOLCHAIN_DIR)/..) endif ifneq ($(GCC_TOOLCHAIN),) CLANG_GCC_TC := --gcc-toolchain=$(GCC_TOOLCHAIN) CLANG_FLAGS += --gcc-toolchain=$(GCC_TOOLCHAIN) endif KBUILD_CFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC) $(CLANG_PREFIX) KBUILD_AFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC) $(CLANG_PREFIX) KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,) KBUILD_CFLAGS += $(call cc-disable-warning, unused-variable) KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier) Loading @@ -546,8 +539,9 @@ KBUILD_CFLAGS += $(call cc-disable-warning, tautological-compare) # See modpost pattern 2 KBUILD_CFLAGS += $(call cc-option, -mno-global-merge,) KBUILD_CFLAGS += $(call cc-option, -fcatch-undefined-behavior) KBUILD_CFLAGS += $(call cc-option, -no-integrated-as) KBUILD_AFLAGS += $(call cc-option, -no-integrated-as) CLANG_FLAGS += -no-integrated-as KBUILD_CFLAGS += $(CLANG_FLAGS) KBUILD_AFLAGS += $(CLANG_FLAGS) else # These warnings generated too much noise in a regular build. Loading Loading @@ -813,6 +807,27 @@ ifdef CONFIG_CC_STACKPROTECTOR endif KBUILD_CFLAGS += $(stackp-flag) ifeq ($(cc-name),clang) KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,) KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier) KBUILD_CFLAGS += $(call cc-disable-warning, gnu) KBUILD_CFLAGS += $(call cc-disable-warning, address-of-packed-member) KBUILD_CFLAGS += $(call cc-disable-warning, duplicate-decl-specifier) # Quiet clang warning: comparison of unsigned expression < 0 is always false KBUILD_CFLAGS += $(call cc-disable-warning, tautological-compare) # CLANG uses a _MergedGlobals as optimization, but this breaks modpost, as the # source of a reference will be _MergedGlobals and not on of the whitelisted names. # See modpost pattern 2 KBUILD_CFLAGS += $(call cc-option, -mno-global-merge,) KBUILD_CFLAGS += $(call cc-option, -fcatch-undefined-behavior) else # These warnings generated too much noise in a regular build. # Use make W=1 to enable them (see scripts/Makefile.extrawarn) KBUILD_CFLAGS += $(call cc-disable-warning, unused-but-set-variable) endif KBUILD_CFLAGS += $(call cc-disable-warning, unused-const-variable) ifdef CONFIG_FRAME_POINTER KBUILD_CFLAGS += -fno-omit-frame-pointer -fno-optimize-sibling-calls else Loading arch/arc/include/asm/bitops.h +3 −3 Original line number Diff line number Diff line Loading @@ -340,7 +340,7 @@ static inline __attribute__ ((const)) int __fls(unsigned long x) /* * __ffs: Similar to ffs, but zero based (0-31) */ static inline __attribute__ ((const)) int __ffs(unsigned long word) static inline __attribute__ ((const)) unsigned long __ffs(unsigned long word) { if (!word) return word; Loading Loading @@ -400,9 +400,9 @@ static inline __attribute__ ((const)) int ffs(unsigned long x) /* * __ffs: Similar to ffs, but zero based (0-31) */ static inline __attribute__ ((const)) int __ffs(unsigned long x) static inline __attribute__ ((const)) unsigned long __ffs(unsigned long x) { int n; unsigned long n; asm volatile( " ffs.f %0, %1 \n" /* 0:31; 31(Z) if src 0 */ Loading arch/arc/include/asm/cache.h +11 −0 Original line number Diff line number Diff line Loading @@ -49,6 +49,17 @@ #define ARCH_DMA_MINALIGN L1_CACHE_BYTES /* * Make sure slab-allocated buffers are 64-bit aligned when atomic64_t uses * ARCv2 64-bit atomics (LLOCKD/SCONDD). This guarantess runtime 64-bit * alignment for any atomic64_t embedded in buffer. * Default ARCH_SLAB_MINALIGN is __alignof__(long long) which has a relaxed * value of 4 (and not 8) in ARC ABI. */ #if defined(CONFIG_ARC_HAS_LL64) && defined(CONFIG_ARC_HAS_LLSC) #define ARCH_SLAB_MINALIGN 8 #endif extern void arc_cache_init(void); extern char *arc_cache_mumbojumbo(int cpu_id, char *buf, int len); extern void read_decode_cache_bcr(void); Loading arch/arc/kernel/head.S +12 −2 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ #include <asm/entry.h> #include <asm/arcregs.h> #include <asm/cache.h> #include <asm/irqflags.h> .macro CPU_EARLY_SETUP Loading Loading @@ -47,6 +48,15 @@ sr r5, [ARC_REG_DC_CTRL] 1: #ifdef CONFIG_ISA_ARCV2 ; Unaligned access is disabled at reset, so re-enable early as ; gcc 7.3.1 (ARC GNU 2018.03) onwards generates unaligned access ; by default lr r5, [status32] bset r5, r5, STATUS_AD_BIT kflag r5 #endif .endm .section .init.text, "ax",@progbits Loading Loading @@ -93,9 +103,9 @@ ENTRY(stext) #ifdef CONFIG_ARC_UBOOT_SUPPORT ; Uboot - kernel ABI ; r0 = [0] No uboot interaction, [1] cmdline in r2, [2] DTB in r2 ; r1 = magic number (board identity, unused as of now ; r1 = magic number (always zero as of now) ; r2 = pointer to uboot provided cmdline or external DTB in mem ; These are handled later in setup_arch() ; These are handled later in handle_uboot_args() st r0, [@uboot_tag] st r2, [@uboot_arg] #endif Loading Loading
Documentation/filesystems/overlayfs.txt +23 −0 Original line number Diff line number Diff line Loading @@ -82,6 +82,29 @@ Only the lists of names from directories are merged. Other content such as metadata and extended attributes are reported for the upper directory only. These attributes of the lower directory are hidden. credentials ----------- By default, all access to the upper, lower and work directories is the recorded mounter's MAC and DAC credentials. The incoming accesses are checked against the caller's credentials. In the case where caller MAC or DAC credentials do not overlap, a use case available in older versions of the driver, the override_creds mount flag can be turned off and help when the use pattern has caller with legitimate credentials where the mounter does not. Several unintended side effects will occur though. The caller without certain key capabilities or lower privilege will not always be able to delete files or directories, create nodes, or search some restricted directories. The ability to search and read a directory entry is spotty as a result of the cache mechanism not retesting the credentials because of the assumption, a privileged caller can fill cache, then a lower privilege can read the directory cache. The uneven security model where cache, upperdir and workdir are opened at privilege, but accessed without creating a form of privilege escalation, should only be used with strict understanding of the side effects and of the security policies. whiteouts and opaque directories -------------------------------- Loading
Makefile 100644 → 100755 +29 −14 Original line number Diff line number Diff line VERSION = 4 PATCHLEVEL = 9 SUBLEVEL = 160 SUBLEVEL = 163 EXTRAVERSION = NAME = Roaring Lionus Loading Loading @@ -306,11 +306,6 @@ HOSTCXX = g++ HOSTCFLAGS := -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -std=gnu89 HOSTCXXFLAGS = -O2 ifeq ($(shell $(HOSTCC) -v 2>&1 | grep -c "clang version"), 1) HOSTCFLAGS += -Wno-unused-value -Wno-unused-parameter \ -Wno-missing-field-initializers -fno-delete-null-pointer-checks endif # Decide whether to build built-in, modular, or both. # Normally, just do built-in. Loading Loading @@ -517,19 +512,17 @@ endif ifeq ($(cc-name),clang) ifneq ($(CROSS_COMPILE),) CLANG_TRIPLE ?= $(CROSS_COMPILE) CLANG_TARGET := --target=$(notdir $(CLANG_TRIPLE:%-=%)) ifeq ($(shell $(srctree)/scripts/clang-android.sh $(CC) $(CLANG_TARGET)), y) CLANG_FLAGS := --target=$(notdir $(CLANG_TRIPLE:%-=%)) ifeq ($(shell $(srctree)/scripts/clang-android.sh $(CC) $(CLANG_FLAGS)), y) $(error "Clang with Android --target detected. Did you specify CLANG_TRIPLE?") endif GCC_TOOLCHAIN_DIR := $(dir $(shell which $(LD))) CLANG_PREFIX := --prefix=$(GCC_TOOLCHAIN_DIR) CLANG_FLAGS += --prefix=$(GCC_TOOLCHAIN_DIR) GCC_TOOLCHAIN := $(realpath $(GCC_TOOLCHAIN_DIR)/..) endif ifneq ($(GCC_TOOLCHAIN),) CLANG_GCC_TC := --gcc-toolchain=$(GCC_TOOLCHAIN) CLANG_FLAGS += --gcc-toolchain=$(GCC_TOOLCHAIN) endif KBUILD_CFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC) $(CLANG_PREFIX) KBUILD_AFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC) $(CLANG_PREFIX) KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,) KBUILD_CFLAGS += $(call cc-disable-warning, unused-variable) KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier) Loading @@ -546,8 +539,9 @@ KBUILD_CFLAGS += $(call cc-disable-warning, tautological-compare) # See modpost pattern 2 KBUILD_CFLAGS += $(call cc-option, -mno-global-merge,) KBUILD_CFLAGS += $(call cc-option, -fcatch-undefined-behavior) KBUILD_CFLAGS += $(call cc-option, -no-integrated-as) KBUILD_AFLAGS += $(call cc-option, -no-integrated-as) CLANG_FLAGS += -no-integrated-as KBUILD_CFLAGS += $(CLANG_FLAGS) KBUILD_AFLAGS += $(CLANG_FLAGS) else # These warnings generated too much noise in a regular build. Loading Loading @@ -813,6 +807,27 @@ ifdef CONFIG_CC_STACKPROTECTOR endif KBUILD_CFLAGS += $(stackp-flag) ifeq ($(cc-name),clang) KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,) KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier) KBUILD_CFLAGS += $(call cc-disable-warning, gnu) KBUILD_CFLAGS += $(call cc-disable-warning, address-of-packed-member) KBUILD_CFLAGS += $(call cc-disable-warning, duplicate-decl-specifier) # Quiet clang warning: comparison of unsigned expression < 0 is always false KBUILD_CFLAGS += $(call cc-disable-warning, tautological-compare) # CLANG uses a _MergedGlobals as optimization, but this breaks modpost, as the # source of a reference will be _MergedGlobals and not on of the whitelisted names. # See modpost pattern 2 KBUILD_CFLAGS += $(call cc-option, -mno-global-merge,) KBUILD_CFLAGS += $(call cc-option, -fcatch-undefined-behavior) else # These warnings generated too much noise in a regular build. # Use make W=1 to enable them (see scripts/Makefile.extrawarn) KBUILD_CFLAGS += $(call cc-disable-warning, unused-but-set-variable) endif KBUILD_CFLAGS += $(call cc-disable-warning, unused-const-variable) ifdef CONFIG_FRAME_POINTER KBUILD_CFLAGS += -fno-omit-frame-pointer -fno-optimize-sibling-calls else Loading
arch/arc/include/asm/bitops.h +3 −3 Original line number Diff line number Diff line Loading @@ -340,7 +340,7 @@ static inline __attribute__ ((const)) int __fls(unsigned long x) /* * __ffs: Similar to ffs, but zero based (0-31) */ static inline __attribute__ ((const)) int __ffs(unsigned long word) static inline __attribute__ ((const)) unsigned long __ffs(unsigned long word) { if (!word) return word; Loading Loading @@ -400,9 +400,9 @@ static inline __attribute__ ((const)) int ffs(unsigned long x) /* * __ffs: Similar to ffs, but zero based (0-31) */ static inline __attribute__ ((const)) int __ffs(unsigned long x) static inline __attribute__ ((const)) unsigned long __ffs(unsigned long x) { int n; unsigned long n; asm volatile( " ffs.f %0, %1 \n" /* 0:31; 31(Z) if src 0 */ Loading
arch/arc/include/asm/cache.h +11 −0 Original line number Diff line number Diff line Loading @@ -49,6 +49,17 @@ #define ARCH_DMA_MINALIGN L1_CACHE_BYTES /* * Make sure slab-allocated buffers are 64-bit aligned when atomic64_t uses * ARCv2 64-bit atomics (LLOCKD/SCONDD). This guarantess runtime 64-bit * alignment for any atomic64_t embedded in buffer. * Default ARCH_SLAB_MINALIGN is __alignof__(long long) which has a relaxed * value of 4 (and not 8) in ARC ABI. */ #if defined(CONFIG_ARC_HAS_LL64) && defined(CONFIG_ARC_HAS_LLSC) #define ARCH_SLAB_MINALIGN 8 #endif extern void arc_cache_init(void); extern char *arc_cache_mumbojumbo(int cpu_id, char *buf, int len); extern void read_decode_cache_bcr(void); Loading
arch/arc/kernel/head.S +12 −2 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ #include <asm/entry.h> #include <asm/arcregs.h> #include <asm/cache.h> #include <asm/irqflags.h> .macro CPU_EARLY_SETUP Loading Loading @@ -47,6 +48,15 @@ sr r5, [ARC_REG_DC_CTRL] 1: #ifdef CONFIG_ISA_ARCV2 ; Unaligned access is disabled at reset, so re-enable early as ; gcc 7.3.1 (ARC GNU 2018.03) onwards generates unaligned access ; by default lr r5, [status32] bset r5, r5, STATUS_AD_BIT kflag r5 #endif .endm .section .init.text, "ax",@progbits Loading Loading @@ -93,9 +103,9 @@ ENTRY(stext) #ifdef CONFIG_ARC_UBOOT_SUPPORT ; Uboot - kernel ABI ; r0 = [0] No uboot interaction, [1] cmdline in r2, [2] DTB in r2 ; r1 = magic number (board identity, unused as of now ; r1 = magic number (always zero as of now) ; r2 = pointer to uboot provided cmdline or external DTB in mem ; These are handled later in setup_arch() ; These are handled later in handle_uboot_args() st r0, [@uboot_tag] st r2, [@uboot_arg] #endif Loading
