diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2015-02-11 23:25:11 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2015-02-11 23:25:11 -0500 |
| commit | 8cc748aa76c921d8834ef00f762f31acd2c93aa8 (patch) | |
| tree | 764b0ba9b9c16658bbb1077458605dc3faac0411 /scripts | |
| parent | 7184487f14eb7c2fcf8337bb16c6a63b6db1252e (diff) | |
| parent | 04f81f0154e4bf002be6f4d85668ce1257efa4d9 (diff) | |
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security layer updates from James Morris:
"Highlights:
- Smack adds secmark support for Netfilter
- /proc/keys is now mandatory if CONFIG_KEYS=y
- TPM gets its own device class
- Added TPM 2.0 support
- Smack file hook rework (all Smack users should review this!)"
* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (64 commits)
cipso: don't use IPCB() to locate the CIPSO IP option
SELinux: fix error code in policydb_init()
selinux: add security in-core xattr support for pstore and debugfs
selinux: quiet the filesystem labeling behavior message
selinux: Remove unused function avc_sidcmp()
ima: /proc/keys is now mandatory
Smack: Repair netfilter dependency
X.509: silence asn1 compiler debug output
X.509: shut up about included cert for silent build
KEYS: Make /proc/keys unconditional if CONFIG_KEYS=y
MAINTAINERS: email update
tpm/tpm_tis: Add missing ifdef CONFIG_ACPI for pnp_acpi_device
smack: fix possible use after frees in task_security() callers
smack: Add missing logging in bidirectional UDS connect check
Smack: secmark support for netfilter
Smack: Rework file hooks
tpm: fix format string error in tpm-chip.c
char/tpm/tpm_crb: fix build error
smack: Fix a bidirectional UDS connect check typo
smack: introduce a special case for tmpfs in smack_d_instantiate()
...
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/asn1_compiler.c | 30 |
1 files changed, 19 insertions, 11 deletions
diff --git a/scripts/asn1_compiler.c b/scripts/asn1_compiler.c index 91c4117637ae..7750e9c31483 100644 --- a/scripts/asn1_compiler.c +++ b/scripts/asn1_compiler.c | |||
| @@ -311,6 +311,9 @@ struct token { | |||
| 311 | 311 | ||
| 312 | static struct token *token_list; | 312 | static struct token *token_list; |
| 313 | static unsigned nr_tokens; | 313 | static unsigned nr_tokens; |
| 314 | static _Bool verbose; | ||
| 315 | |||
| 316 | #define debug(fmt, ...) do { if (verbose) printf(fmt, ## __VA_ARGS__); } while (0) | ||
| 314 | 317 | ||
| 315 | static int directive_compare(const void *_key, const void *_pdir) | 318 | static int directive_compare(const void *_key, const void *_pdir) |
| 316 | { | 319 | { |
| @@ -322,21 +325,21 @@ static int directive_compare(const void *_key, const void *_pdir) | |||
| 322 | dlen = strlen(dir); | 325 | dlen = strlen(dir); |
| 323 | clen = (dlen < token->size) ? dlen : token->size; | 326 | clen = (dlen < token->size) ? dlen : token->size; |
| 324 | 327 | ||
| 325 | //printf("cmp(%*.*s,%s) = ", | 328 | //debug("cmp(%*.*s,%s) = ", |
| 326 | // (int)token->size, (int)token->size, token->value, | 329 | // (int)token->size, (int)token->size, token->value, |
| 327 | // dir); | 330 | // dir); |
| 328 | 331 | ||
| 329 | val = memcmp(token->value, dir, clen); | 332 | val = memcmp(token->value, dir, clen); |
| 330 | if (val != 0) { | 333 | if (val != 0) { |
| 331 | //printf("%d [cmp]\n", val); | 334 | //debug("%d [cmp]\n", val); |
| 332 | return val; | 335 | return val; |
| 333 | } | 336 | } |
| 334 | 337 | ||
| 335 | if (dlen == token->size) { | 338 | if (dlen == token->size) { |
| 336 | //printf("0\n"); | 339 | //debug("0\n"); |
| 337 | return 0; | 340 | return 0; |
| 338 | } | 341 | } |
| 339 | //printf("%d\n", (int)dlen - (int)token->size); | 342 | //debug("%d\n", (int)dlen - (int)token->size); |
| 340 | return dlen - token->size; /* shorter -> negative */ | 343 | return dlen - token->size; /* shorter -> negative */ |
| 341 | } | 344 | } |
| 342 | 345 | ||
| @@ -515,13 +518,13 @@ static void tokenise(char *buffer, char *end) | |||
| 515 | } | 518 | } |
| 516 | 519 | ||
| 517 | nr_tokens = tix; | 520 | nr_tokens = tix; |
| 518 | printf("Extracted %u tokens\n", nr_tokens); | 521 | debug("Extracted %u tokens\n", nr_tokens); |
| 519 | 522 | ||
| 520 | #if 0 | 523 | #if 0 |
| 521 | { | 524 | { |
| 522 | int n; | 525 | int n; |
| 523 | for (n = 0; n < nr_tokens; n++) | 526 | for (n = 0; n < nr_tokens; n++) |
| 524 | printf("Token %3u: '%*.*s'\n", | 527 | debug("Token %3u: '%*.*s'\n", |
| 525 | n, | 528 | n, |
| 526 | (int)token_list[n].size, (int)token_list[n].size, | 529 | (int)token_list[n].size, (int)token_list[n].size, |
| 527 | token_list[n].value); | 530 | token_list[n].value); |
| @@ -542,6 +545,7 @@ int main(int argc, char **argv) | |||
| 542 | ssize_t readlen; | 545 | ssize_t readlen; |
| 543 | FILE *out, *hdr; | 546 | FILE *out, *hdr; |
| 544 | char *buffer, *p; | 547 | char *buffer, *p; |
| 548 | char *kbuild_verbose; | ||
| 545 | int fd; | 549 | int fd; |
| 546 | 550 | ||
| 547 | if (argc != 4) { | 551 | if (argc != 4) { |
| @@ -550,6 +554,10 @@ int main(int argc, char **argv) | |||
| 550 | exit(2); | 554 | exit(2); |
| 551 | } | 555 | } |
| 552 | 556 | ||
| 557 | kbuild_verbose = getenv("KBUILD_VERBOSE"); | ||
| 558 | if (kbuild_verbose) | ||
| 559 | verbose = atoi(kbuild_verbose); | ||
| 560 | |||
| 553 | filename = argv[1]; | 561 | filename = argv[1]; |
| 554 | outputname = argv[2]; | 562 | outputname = argv[2]; |
| 555 | headername = argv[3]; | 563 | headername = argv[3]; |
| @@ -748,11 +756,11 @@ static void build_type_list(void) | |||
| 748 | 756 | ||
| 749 | qsort(type_index, nr, sizeof(type_index[0]), type_index_compare); | 757 | qsort(type_index, nr, sizeof(type_index[0]), type_index_compare); |
| 750 | 758 | ||
| 751 | printf("Extracted %u types\n", nr_types); | 759 | debug("Extracted %u types\n", nr_types); |
| 752 | #if 0 | 760 | #if 0 |
| 753 | for (n = 0; n < nr_types; n++) { | 761 | for (n = 0; n < nr_types; n++) { |
| 754 | struct type *type = type_index[n]; | 762 | struct type *type = type_index[n]; |
| 755 | printf("- %*.*s\n", | 763 | debug("- %*.*s\n", |
| 756 | (int)type->name->size, | 764 | (int)type->name->size, |
| 757 | (int)type->name->size, | 765 | (int)type->name->size, |
| 758 | type->name->value); | 766 | type->name->value); |
| @@ -793,7 +801,7 @@ static void parse(void) | |||
| 793 | 801 | ||
| 794 | } while (type++, !(type->flags & TYPE_STOP_MARKER)); | 802 | } while (type++, !(type->flags & TYPE_STOP_MARKER)); |
| 795 | 803 | ||
| 796 | printf("Extracted %u actions\n", nr_actions); | 804 | debug("Extracted %u actions\n", nr_actions); |
| 797 | } | 805 | } |
| 798 | 806 | ||
| 799 | static struct element *element_list; | 807 | static struct element *element_list; |
| @@ -1284,7 +1292,7 @@ static void render(FILE *out, FILE *hdr) | |||
| 1284 | } | 1292 | } |
| 1285 | 1293 | ||
| 1286 | /* We do two passes - the first one calculates all the offsets */ | 1294 | /* We do two passes - the first one calculates all the offsets */ |
| 1287 | printf("Pass 1\n"); | 1295 | debug("Pass 1\n"); |
| 1288 | nr_entries = 0; | 1296 | nr_entries = 0; |
| 1289 | root = &type_list[0]; | 1297 | root = &type_list[0]; |
| 1290 | render_element(NULL, root->element, NULL); | 1298 | render_element(NULL, root->element, NULL); |
| @@ -1295,7 +1303,7 @@ static void render(FILE *out, FILE *hdr) | |||
| 1295 | e->flags &= ~ELEMENT_RENDERED; | 1303 | e->flags &= ~ELEMENT_RENDERED; |
| 1296 | 1304 | ||
| 1297 | /* And then we actually render */ | 1305 | /* And then we actually render */ |
| 1298 | printf("Pass 2\n"); | 1306 | debug("Pass 2\n"); |
| 1299 | fprintf(out, "\n"); | 1307 | fprintf(out, "\n"); |
| 1300 | fprintf(out, "static const unsigned char %s_machine[] = {\n", | 1308 | fprintf(out, "static const unsigned char %s_machine[] = {\n", |
| 1301 | grammar_name); | 1309 | grammar_name); |