.gitignore: prefix local generated files with a slashThe pattern prefixed with '/' matches files in the same directory,but not ones in sub-directories.Signed-off-by: Masahiro Yamada <masahiroy@k
.gitignore: prefix local generated files with a slashThe pattern prefixed with '/' matches files in the same directory,but not ones in sub-directories.Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>Acked-by: Miguel Ojeda <ojeda@kernel.org>Acked-by: Rob Herring <robh@kernel.org>Acked-by: Andra Paraschiv <andraprs@amazon.com>Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>Acked-by: Gabriel Krisman Bertazi <krisman@collabora.com>
show more ...
kbuild: introduce hostprogs-always-y and userprogs-always-yTo build host programs, you need to add the program names to 'hostprogs'to use the necessary build rule, but it is not enough to build th
kbuild: introduce hostprogs-always-y and userprogs-always-yTo build host programs, you need to add the program names to 'hostprogs'to use the necessary build rule, but it is not enough to build thembecause there is no dependency.There are two types of host programs: built as the prerequisite ofanother (e.g. gen_crc32table in lib/Makefile), or always built whenKbuild visits the Makefile (e.g. genksyms in scripts/genksyms/Makefile).The latter is typical in Makefiles under scripts/, which contains hostprograms globally used during the kernel build. To build them, you needto add them to both 'hostprogs' and 'always-y'.This commit adds hostprogs-always-y as a shorthand.The same applies to user programs. net/bpfilter/Makefile buildsbpfilter_umh on demand, hence always-y is unneeded. In contrast,programs under samples/ are added to both 'userprogs' and 'always-y'so they are always built when Kbuild visits the Makefiles.userprogs-always-y works as a shorthand.Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>Acked-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
samples: pidfd: build sample program for target architectureThis userspace program includes UAPI headers exported to usr/include/.'make headers' always works for the target architecture (i.e. the
samples: pidfd: build sample program for target architectureThis userspace program includes UAPI headers exported to usr/include/.'make headers' always works for the target architecture (i.e. the samearchitecture as the kernel), so the sample program should be built forthe target as well. Kbuild now supports 'userprogs' for that.I also guarded the CONFIG option by 'depends on CC_CAN_LINK' because$(CC) may not provide libc.Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>Acked-by: Sam Ravnborg <sam@ravnborg.org>
.gitignore: add SPDX License IdentifierAdd SPDX License Identifier to all .gitignore files.Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfou
.gitignore: add SPDX License IdentifierAdd SPDX License Identifier to all .gitignore files.Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
kbuild: rename hostprogs-y/always to hostprogs/always-yIn old days, the "host-progs" syntax was used for specifying hostprograms. It was renamed to the current "hostprogs-y" in 2004.It is typica
kbuild: rename hostprogs-y/always to hostprogs/always-yIn old days, the "host-progs" syntax was used for specifying hostprograms. It was renamed to the current "hostprogs-y" in 2004.It is typically useful in scripts/Makefile because it allows Kbuild toselectively compile host programs based on the kernel configuration.This commit renames like follows: always -> always-y hostprogs-y -> hostprogsSo, scripts/Makefile will look like this: always-$(CONFIG_BUILD_BIN2C) += ... always-$(CONFIG_KALLSYMS) += ... ... hostprogs := $(always-y) $(always-m)I think this makes more sense because a host program is always a hostprogram, irrespective of the kernel configuration. We want to specifywhich ones to compile by CONFIG options, so always-y will be handier.The "always", "hostprogs-y", "hostprogs-m" will be kept for backwardcompatibility for a while.Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
samples: make pidfd-metadata fail gracefully on older kernelsInitialize pidfd to an invalid descriptor, to fail gracefully onthose kernels that do not implement CLONE_PIDFD and leave pidfdunchang
samples: make pidfd-metadata fail gracefully on older kernelsInitialize pidfd to an invalid descriptor, to fail gracefully onthose kernels that do not implement CLONE_PIDFD and leave pidfdunchanged.Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>Signed-off-by: Christian Brauner <christian@brauner.io>
samples: fix pidfd-metadata compilationDefine __NR_pidfd_send_signal if it isn't to prevent a compilation error.To make pidfd-metadata compile on all arches, irrespective of whetheror not syscal
samples: fix pidfd-metadata compilationDefine __NR_pidfd_send_signal if it isn't to prevent a compilation error.To make pidfd-metadata compile on all arches, irrespective of whetheror not syscall numbers are assigned, define the syscall number to -1.If it isn't defined this will cause the kernel to return -ENOSYS.Fixes: 43c6afee48d4 ("samples: show race-free pidfd metadata access")Reported-by: Arnd Bergmann <arnd@arndb.de>Reported-by: Guenter Roeck <linux@roeck-us.net>Cc: Christian Brauner <christian@brauner.io>Signed-off-by: Guenter Roeck <linux@roeck-us.net>[christian@brauner.io: tweak commit message]Signed-off-by: Christian Brauner <christian@brauner.io>
samples: add .gitignore for pidfd-metadataIgnore the pidfd-metadata binary so it doesn't show up in unwantedscenarios.Reported-by: Linus Torvalds <torvalds@linux-foundation.org>Signed-off-by: C
samples: add .gitignore for pidfd-metadataIgnore the pidfd-metadata binary so it doesn't show up in unwantedscenarios.Reported-by: Linus Torvalds <torvalds@linux-foundation.org>Signed-off-by: Christian Brauner <christian@brauner.io>
samples: show race-free pidfd metadata accessThis is a sample program showing userspace how to get race-free accessto process metadata from a pidfd. It is rather easy to do and userspacecan actu
samples: show race-free pidfd metadata accessThis is a sample program showing userspace how to get race-free accessto process metadata from a pidfd. It is rather easy to do and userspacecan actually simply reuse code that currently parses a process's statusfile in procfs.The program can easily be extended into a generic helper suitable forinclusion in a libc to make it even easier for userspace to gain metadataaccess.Since this came up in a discussion because this API is going to be usedin various service managers: A lot of programs will have a whitelistseccomp filter that returns <some-errno> for all new syscalls. Thismeans that programs might get confused if CLONE_PIDFD works but thelater pidfd_send_signal() syscall doesn't. Hence, here's a ahead oftime check that pidfd_send_signal() is supported:bool pidfd_send_signal_supported(){ int procfd = open("/proc/self", O_DIRECTORY | O_RDONLY | O_CLOEXEC); if (procfd < 0) return false; /* * A process is always allowed to signal itself so * pidfd_send_signal() should never fail this test. If it does * it must mean it is not available, blocked by an LSM, seccomp, * or other. */ return pidfd_send_signal(procfd, 0, NULL, 0) == 0;}Signed-off-by: Christian Brauner <christian@brauner.io>Co-developed-by: Jann Horn <jannh@google.com>Signed-off-by: Jann Horn <jannh@google.com>Reviewed-by: Oleg Nesterov <oleg@redhat.com>Cc: Arnd Bergmann <arnd@arndb.de>Cc: "Eric W. Biederman" <ebiederm@xmission.com>Cc: Kees Cook <keescook@chromium.org>Cc: Thomas Gleixner <tglx@linutronix.de>Cc: David Howells <dhowells@redhat.com>Cc: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com>Cc: Andy Lutomirsky <luto@kernel.org>Cc: Andrew Morton <akpm@linux-foundation.org>Cc: Aleksa Sarai <cyphar@cyphar.com>Cc: Linus Torvalds <torvalds@linux-foundation.org>Cc: Al Viro <viro@zeniv.linux.org.uk>