# git rev-parse -q --verify aefcf2f4b58155d27340ba5f9ddbe9513da8286d^{commit} aefcf2f4b58155d27340ba5f9ddbe9513da8286d already have revision, skipping fetch # git checkout -q -f -B kisskb aefcf2f4b58155d27340ba5f9ddbe9513da8286d # git clean -qxdf # < git log -1 # commit aefcf2f4b58155d27340ba5f9ddbe9513da8286d # Merge: f1f2f614d535 45893a0abee6 # Author: Linus Torvalds # Date: Sat Sep 28 08:14:15 2019 -0700 # # Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security # # Pull kernel lockdown mode from James Morris: # "This is the latest iteration of the kernel lockdown patchset, from # Matthew Garrett, David Howells and others. # # From the original description: # # This patchset introduces an optional kernel lockdown feature, # intended to strengthen the boundary between UID 0 and the kernel. # When enabled, various pieces of kernel functionality are restricted. # Applications that rely on low-level access to either hardware or the # kernel may cease working as a result - therefore this should not be # enabled without appropriate evaluation beforehand. # # The majority of mainstream distributions have been carrying variants # of this patchset for many years now, so there's value in providing a # doesn't meet every distribution requirement, but gets us much closer # to not requiring external patches. # # There are two major changes since this was last proposed for mainline: # # - Separating lockdown from EFI secure boot. Background discussion is # covered here: https://lwn.net/Articles/751061/ # # - Implementation as an LSM, with a default stackable lockdown LSM # module. This allows the lockdown feature to be policy-driven, # rather than encoding an implicit policy within the mechanism. # # The new locked_down LSM hook is provided to allow LSMs to make a # policy decision around whether kernel functionality that would allow # tampering with or examining the runtime state of the kernel should be # permitted. # # The included lockdown LSM provides an implementation with a simple # policy intended for general purpose use. This policy provides a coarse # level of granularity, controllable via the kernel command line: # # lockdown={integrity|confidentiality} # # Enable the kernel lockdown feature. If set to integrity, kernel features # that allow userland to modify the running kernel are disabled. If set to # confidentiality, kernel features that allow userland to extract # confidential information from the kernel are also disabled. # # This may also be controlled via /sys/kernel/security/lockdown and # overriden by kernel configuration. # # New or existing LSMs may implement finer-grained controls of the # lockdown features. Refer to the lockdown_reason documentation in # include/linux/security.h for details. # # The lockdown feature has had signficant design feedback and review # across many subsystems. This code has been in linux-next for some # weeks, with a few fixes applied along the way. # # Stephen Rothwell noted that commit 9d1f8be5cf42 ("bpf: Restrict bpf # when kernel lockdown is in confidentiality mode") is missing a # Signed-off-by from its author. Matthew responded that he is providing # this under category (c) of the DCO" # # * 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (31 commits) # kexec: Fix file verification on S390 # security: constify some arrays in lockdown LSM # lockdown: Print current->comm in restriction messages # efi: Restrict efivar_ssdt_load when the kernel is locked down # tracefs: Restrict tracefs when the kernel is locked down # debugfs: Restrict debugfs when the kernel is locked down # kexec: Allow kexec_file() with appropriate IMA policy when locked down # lockdown: Lock down perf when in confidentiality mode # bpf: Restrict bpf when kernel lockdown is in confidentiality mode # lockdown: Lock down tracing and perf kprobes when in confidentiality mode # lockdown: Lock down /proc/kcore # x86/mmiotrace: Lock down the testmmiotrace module # lockdown: Lock down module params that specify hardware parameters (eg. ioport) # lockdown: Lock down TIOCSSERIAL # lockdown: Prohibit PCMCIA CIS storage when the kernel is locked down # acpi: Disable ACPI table override if the kernel is locked down # acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down # ACPI: Limit access to custom_method when the kernel is locked down # x86/msr: Restrict MSR access when the kernel is locked down # x86: Lock down IO port access when the kernel is locked down # ... # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux-ld --version # < git log --format=%s --max-count=1 aefcf2f4b58155d27340ba5f9ddbe9513da8286d # < make -s -j 32 ARCH=x86_64 O=/kisskb/build/linus-rand_x86_64-randconfig_x86_64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux- randconfig KCONFIG_SEED=0x10F3450D # Added to kconfig CONFIG_STANDALONE=y # Added to kconfig CONFIG_PREVENT_FIRMWARE_BUILD=y # Added to kconfig CONFIG_CC_STACKPROTECTOR_STRONG=n # Added to kconfig CONFIG_GCC_PLUGINS=n # Added to kconfig CONFIG_GCC_PLUGIN_CYC_COMPLEXITY=n # Added to kconfig CONFIG_GCC_PLUGIN_SANCOV=n # Added to kconfig CONFIG_GCC_PLUGIN_LATENT_ENTROPY=n # yes \n | make -s -j 32 ARCH=x86_64 O=/kisskb/build/linus-rand_x86_64-randconfig_x86_64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux- oldconfig yes: standard output: Broken pipe # make -s -j 32 ARCH=x86_64 O=/kisskb/build/linus-rand_x86_64-randconfig_x86_64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux- /kisskb/src/tools/objtool /kisskb/build/tmp/ccKDHKkZ.s: Assembler messages: /kisskb/build/tmp/ccKDHKkZ.s:38811: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL209' {.text section} /kisskb/build/tmp/ccKDHKkZ.s:40307: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL18' {.text section} make[4]: *** [/kisskb/src/scripts/Makefile.build:266: kernel/debug/kdb/kdb_io.o] Error 1 make[3]: *** [/kisskb/src/scripts/Makefile.build:509: kernel/debug/kdb] Error 2 make[2]: *** [/kisskb/src/scripts/Makefile.build:509: kernel/debug] Error 2 make[2]: *** Waiting for unfinished jobs.... /kisskb/build/tmp/cc8JMQhH.s: Assembler messages: /kisskb/build/tmp/cc8JMQhH.s:53294: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL415' {.text section} /kisskb/build/tmp/cc8JMQhH.s:53305: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL416' {.text section} /kisskb/build/tmp/cc8JMQhH.s:53316: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL417' {.text section} /kisskb/build/tmp/cc8JMQhH.s:53327: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL418' {.text section} /kisskb/build/tmp/cc8JMQhH.s:54105: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL336' {.text section} make[4]: *** [/kisskb/src/scripts/Makefile.build:265: security/keys/encrypted-keys/encrypted.o] Error 1 make[3]: *** [/kisskb/src/scripts/Makefile.build:509: security/keys/encrypted-keys] Error 2 make[3]: *** Waiting for unfinished jobs.... /kisskb/build/tmp/ccItjsb3.s: Assembler messages: /kisskb/build/tmp/ccItjsb3.s:82755: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL591' {.text section} make[5]: *** [/kisskb/src/scripts/Makefile.build:266: arch/x86/kernel/cpu/mce/core.o] Error 1 make[4]: *** [/kisskb/src/scripts/Makefile.build:509: arch/x86/kernel/cpu/mce] Error 2 make[3]: *** [/kisskb/src/scripts/Makefile.build:509: arch/x86/kernel/cpu] Error 2 make[3]: *** Waiting for unfinished jobs.... make[2]: *** [/kisskb/src/scripts/Makefile.build:509: security/keys] Error 2 make[1]: *** [/kisskb/src/Makefile:1670: security] Error 2 make[1]: *** Waiting for unfinished jobs.... /kisskb/build/tmp/ccxx13gz.s: Assembler messages: /kisskb/build/tmp/ccxx13gz.s:35809: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL66' {.text section} make[3]: *** [/kisskb/src/scripts/Makefile.build:266: kernel/dma/coherent.o] Error 1 make[3]: *** Waiting for unfinished jobs.... /kisskb/build/tmp/cccig5le.s: Assembler messages: /kisskb/build/tmp/cccig5le.s:49973: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL151' {.text section} /kisskb/build/tmp/cccig5le.s:49984: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL152' {.text section} /kisskb/build/tmp/cccig5le.s:49995: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL153' {.text section} /kisskb/build/tmp/cccig5le.s:50181: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL96' {.text section} /kisskb/build/tmp/cccig5le.s:50192: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL97' {.text section} /kisskb/build/tmp/cccig5le.s:50203: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL98' {.text section} /kisskb/build/tmp/cccig5le.s:50513: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL124' {.text section} /kisskb/build/tmp/cccig5le.s:50524: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL125' {.text section} make[3]: *** [/kisskb/src/scripts/Makefile.build:266: crypto/asymmetric_keys/asym_tpm.o] Error 1 make[3]: *** Waiting for unfinished jobs.... make[2]: *** [/kisskb/src/scripts/Makefile.build:509: crypto/asymmetric_keys] Error 2 make[1]: *** [/kisskb/src/Makefile:1670: crypto] Error 2 make[2]: *** [/kisskb/src/scripts/Makefile.build:509: kernel/dma] Error 2 make[1]: *** [/kisskb/src/Makefile:1670: kernel] Error 2 /kisskb/build/tmp/ccIVabin.s: Assembler messages: /kisskb/build/tmp/ccIVabin.s:73084: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL309' {.text section} /kisskb/build/tmp/ccIVabin.s:73683: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL309' {.text section} /kisskb/build/tmp/ccIVabin.s:73756: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL309' {.text section} make[3]: *** [/kisskb/src/scripts/Makefile.build:265: arch/x86/mm/pageattr.o] Error 1 make[3]: *** Waiting for unfinished jobs.... make[2]: *** [/kisskb/src/scripts/Makefile.build:509: arch/x86/kernel] Error 2 make[2]: *** Waiting for unfinished jobs.... /kisskb/build/tmp/ccwSI58Z.s: Assembler messages: /kisskb/build/tmp/ccwSI58Z.s:88121: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL608' {.text section} /kisskb/build/tmp/ccwSI58Z.s:92470: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL732' {.text section} make[2]: *** [/kisskb/src/scripts/Makefile.build:265: mm/oom_kill.o] Error 1 make[2]: *** Waiting for unfinished jobs.... /kisskb/build/tmp/ccX0DJhn.s: Assembler messages: /kisskb/build/tmp/ccX0DJhn.s:48373: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL227' {.text section} make[4]: *** [/kisskb/src/scripts/Makefile.build:265: drivers/base/regmap/regcache.o] Error 1 make[4]: *** Waiting for unfinished jobs.... make[2]: *** [/kisskb/src/scripts/Makefile.build:509: arch/x86/mm] Error 2 make[1]: *** [/kisskb/src/Makefile:1670: arch/x86] Error 2 /kisskb/build/tmp/ccLqWV7S.s: Assembler messages: /kisskb/build/tmp/ccLqWV7S.s:49929: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL156' {.text section} /kisskb/build/tmp/ccLqWV7S.s:49988: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL157' {.text section} make[3]: *** [/kisskb/src/scripts/Makefile.build:265: fs/ecryptfs/inode.o] Error 1 make[3]: *** Waiting for unfinished jobs.... /kisskb/build/tmp/ccOTFg93.s: Assembler messages: /kisskb/build/tmp/ccOTFg93.s:53336: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL513' {.text section} /kisskb/build/tmp/ccOTFg93.s:53982: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL105' {.text section} /kisskb/build/tmp/ccOTFg93.s:54443: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL354' {.text section} /kisskb/build/tmp/ccOTFg93.s:54464: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL355' {.text section} /kisskb/build/tmp/ccOTFg93.s:54475: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL355' {.text section} /kisskb/build/tmp/ccOTFg93.s:55410: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL281' {.text section} /kisskb/build/tmp/ccOTFg93.s:55652: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL214' {.text section} make[3]: *** [/kisskb/src/scripts/Makefile.build:265: fs/ecryptfs/keystore.o] Error 1 make[2]: *** [/kisskb/src/scripts/Makefile.build:509: fs/ecryptfs] Error 2 make[2]: *** Waiting for unfinished jobs.... make[3]: *** [/kisskb/src/scripts/Makefile.build:509: drivers/base/regmap] Error 2 make[3]: *** Waiting for unfinished jobs.... /kisskb/build/tmp/ccBVgBlp.s: Assembler messages: /kisskb/build/tmp/ccBVgBlp.s:46841: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL43' {.text section} make[3]: *** [/kisskb/src/scripts/Makefile.build:265: fs/orangefs/file.o] Error 1 make[3]: *** Waiting for unfinished jobs.... make[1]: *** [/kisskb/src/Makefile:1670: mm] Error 2 make[2]: *** [/kisskb/src/scripts/Makefile.build:509: drivers/base] Error 2 make[2]: *** Waiting for unfinished jobs.... /kisskb/build/tmp/ccQP8YvX.s: Assembler messages: /kisskb/build/tmp/ccQP8YvX.s:45926: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL70' {.text section} make[3]: *** [/kisskb/src/scripts/Makefile.build:265: fs/orangefs/orangefs-sysfs.o] Error 1 /kisskb/build/tmp/cciBAUgX.s: Assembler messages: /kisskb/build/tmp/cciBAUgX.s:64356: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL30' {.text section} /kisskb/build/tmp/cciBAUgX.s:65403: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL200' {.text section} make[3]: *** [/kisskb/src/scripts/Makefile.build:265: fs/orangefs/inode.o] Error 1 make[2]: *** [/kisskb/src/scripts/Makefile.build:509: fs/orangefs] Error 2 make[1]: *** [/kisskb/src/Makefile:1670: fs] Error 2 /kisskb/build/tmp/ccnRgGtB.s: Assembler messages: /kisskb/build/tmp/ccnRgGtB.s:48922: Error: can't resolve `.text.unlikely' {.text.unlikely section} - `.LVL211' {.text section} make[4]: *** [/kisskb/src/scripts/Makefile.build:265: drivers/char/tpm/tpm_tis_core.o] Error 1 make[4]: *** Waiting for unfinished jobs.... make[3]: *** [/kisskb/src/scripts/Makefile.build:509: drivers/char/tpm] Error 2 make[3]: *** Waiting for unfinished jobs.... make[2]: *** [/kisskb/src/scripts/Makefile.build:509: drivers/char] Error 2 make[1]: *** [/kisskb/src/Makefile:1670: drivers] Error 2 make: *** [Makefile:179: sub-make] Error 2 Command 'make -s -j 32 ARCH=x86_64 O=/kisskb/build/linus-rand_x86_64-randconfig_x86_64-gcc8 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-8.1.0-nolibc/x86_64-linux/bin/x86_64-linux- ' returned non-zero exit status 2 # rm -rf /kisskb/build/linus-rand_x86_64-randconfig_x86_64-gcc8 # Build took: 0:00:28.981124