OpenCloudOS-Kernel/include/linux/Kbuild

412 lines
8.9 KiB
Plaintext
Raw Normal View History

header-y += byteorder/
header-y += can/
header-y += caif/
header-y += dvb/
header-y += hdlc/
header-y += hsi/
header-y += isdn/
header-y += mmc/
header-y += nfsd/
header-y += raid/
header-y += spi/
header-y += sunrpc/
header-y += tc_act/
header-y += tc_ematch/
header-y += netfilter/
header-y += netfilter_arp/
header-y += netfilter_bridge/
header-y += netfilter_ipv4/
header-y += netfilter_ipv6/
header-y += usb/
header-y += wimax/
objhdr-y += version.h
ifneq ($(wildcard $(srctree)/arch/$(SRCARCH)/include/asm/a.out.h \
$(srctree)/include/asm-$(SRCARCH)/a.out.h \
$(INSTALL_HDR_PATH)/include/asm-*/a.out.h),)
header-y += a.out.h
endif
ifneq ($(wildcard $(srctree)/arch/$(SRCARCH)/include/asm/kvm.h \
$(srctree)/include/asm-$(SRCARCH)/kvm.h \
$(INSTALL_HDR_PATH)/include/asm-*/kvm.h),)
header-y += kvm.h
endif
ifneq ($(wildcard $(srctree)/arch/$(SRCARCH)/include/asm/kvm_para.h \
$(srctree)/include/asm-$(SRCARCH)/kvm_para.h \
$(INSTALL_HDR_PATH)/include/asm-*/kvm_para.h),)
header-y += kvm_para.h
endif
header-y += acct.h
header-y += adb.h
header-y += adfs_fs.h
header-y += affs_hardblocks.h
header-y += agpgart.h
header-y += aio_abi.h
header-y += apm_bios.h
header-y += arcfb.h
header-y += atalk.h
header-y += atm.h
header-y += atm_eni.h
header-y += atm_he.h
header-y += atm_idt77105.h
header-y += atm_nicstar.h
header-y += atm_tcp.h
header-y += atm_zatm.h
header-y += atmapi.h
header-y += atmarp.h
header-y += atmbr2684.h
header-y += atmclip.h
header-y += atmdev.h
header-y += atmioc.h
header-y += atmlec.h
header-y += atmmpc.h
header-y += atmppp.h
header-y += atmsap.h
header-y += atmsvc.h
header-y += audit.h
header-y += auto_fs.h
header-y += auto_fs4.h
header-y += auxvec.h
header-y += ax25.h
header-y += b1lli.h
header-y += baycom.h
header-y += bfs_fs.h
header-y += binfmts.h
header-y += blk_types.h
header-y += blkpg.h
header-y += blktrace_api.h
header-y += bpqether.h
header-y += bsg.h
header-y += can.h
header-y += capability.h
header-y += capi.h
header-y += cciss_defs.h
header-y += cciss_ioctl.h
header-y += cdk.h
header-y += cdrom.h
header-y += cgroupstats.h
header-y += chio.h
header-y += cm4000_cs.h
header-y += cn_proc.h
header-y += coda.h
header-y += coda_psdev.h
header-y += coff.h
header-y += comstats.h
header-y += connector.h
header-y += const.h
header-y += cramfs_fs.h
header-y += cuda.h
header-y += cyclades.h
header-y += cycx_cfm.h
header-y += dcbnl.h
header-y += dccp.h
header-y += dlm.h
header-y += dlm_device.h
header-y += dlm_netlink.h
header-y += dlm_plock.h
header-y += dlmconstants.h
header-y += dm-ioctl.h
header-y += dm-log-userspace.h
header-y += dn.h
header-y += dqblk_xfs.h
header-y += edd.h
header-y += efs_fs_sb.h
header-y += elf-em.h
header-y += elf-fdpic.h
header-y += elf.h
header-y += elfcore.h
header-y += errno.h
header-y += errqueue.h
header-y += ethtool.h
header-y += eventpoll.h
header-y += fadvise.h
header-y += falloc.h
header-y += fanotify.h
header-y += fb.h
header-y += fcntl.h
header-y += fd.h
header-y += fdreg.h
header-y += fib_rules.h
header-y += fiemap.h
header-y += filter.h
header-y += firewire-cdev.h
header-y += firewire-constants.h
header-y += flat.h
header-y += fs.h
header-y += fsl_hypervisor.h
header-y += fuse.h
header-y += futex.h
header-y += gameport.h
header-y += gen_stats.h
header-y += generic_serial.h
header-y += genetlink.h
header-y += gfs2_ondisk.h
header-y += gigaset_dev.h
header-y += hdlc.h
header-y += hdlcdrv.h
header-y += hdreg.h
header-y += hid.h
header-y += hiddev.h
header-y += hidraw.h
header-y += hpet.h
header-y += hysdn_if.h
header-y += i2c-dev.h
header-y += i2c.h
header-y += i2o-dev.h
header-y += i8k.h
header-y += icmp.h
header-y += icmpv6.h
header-y += if.h
header-y += if_addr.h
header-y += if_addrlabel.h
header-y += if_alg.h
header-y += if_arcnet.h
header-y += if_arp.h
header-y += if_bonding.h
header-y += if_bridge.h
header-y += if_cablemodem.h
header-y += if_eql.h
header-y += if_ether.h
header-y += if_fc.h
header-y += if_fddi.h
header-y += if_frad.h
header-y += if_hippi.h
header-y += if_infiniband.h
header-y += if_link.h
header-y += if_ltalk.h
header-y += if_packet.h
header-y += if_phonet.h
header-y += if_plip.h
header-y += if_ppp.h
header-y += if_pppol2tp.h
header-y += if_pppox.h
header-y += if_slip.h
header-y += if_strip.h
net: introduce ethernet teaming device This patch introduces new network device called team. It supposes to be very fast, simple, userspace-driven alternative to existing bonding driver. Userspace library called libteam with couple of demo apps is available here: https://github.com/jpirko/libteam Note it's still in its dipers atm. team<->libteam use generic netlink for communication. That and rtnl suppose to be the only way to configure team device, no sysfs etc. Python binding of libteam was recently introduced. Daemon providing arpmon/miimon active-backup functionality will be introduced shortly. All what's necessary is already implemented in kernel team driver. v7->v8: - check ndo_ndo_vlan_rx_[add/kill]_vid functions before calling them. - use dev_kfree_skb_any() instead of dev_kfree_skb() v6->v7: - transmit and receive functions are not checked in hot paths. That also resolves memory leak on transmit when no port is present v5->v6: - changed couple of _rcu calls to non _rcu ones in non-readers v4->v5: - team_change_mtu() uses team->lock while travesing though port list - mac address changes are moved completely to jurisdiction of userspace daemon. This way the daemon can do FOM1, FOM2 and possibly other weird things with mac addresses. Only round-robin mode sets up all ports to bond's address then enslaved. - Extended Kconfig text v3->v4: - remove redundant synchronize_rcu from __team_change_mode() - revert "set and clear of mode_ops happens per pointer, not per byte" - extend comment of function __team_change_mode() v2->v3: - team_change_mtu() uses rcu version of list traversal to unwind - set and clear of mode_ops happens per pointer, not per byte - port hashlist changed to be embedded into team structure - error branch in team_port_enter() does cleanup now - fixed rtln->rtnl v1->v2: - modes are made as modules. Makes team more modular and extendable. - several commenters' nitpicks found on v1 were fixed - several other bugs were fixed. - note I ignored Eric's comment about roundrobin port selector as Eric's way may be easily implemented as another mode (mode "random") in future. Signed-off-by: Jiri Pirko <jpirko@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2011-11-12 06:16:48 +08:00
header-y += if_team.h
header-y += if_tun.h
header-y += if_tunnel.h
header-y += if_vlan.h
header-y += if_x25.h
header-y += igmp.h
header-y += in.h
header-y += in6.h
header-y += in_route.h
header-y += sock_diag.h
header-y += inet_diag.h
header-y += unix_diag.h
header-y += inotify.h
header-y += input.h
header-y += ioctl.h
header-y += ip.h
header-y += ip6_tunnel.h
header-y += ip_vs.h
header-y += ipc.h
header-y += ipmi.h
header-y += ipmi_msgdefs.h
header-y += ipsec.h
header-y += ipv6.h
header-y += ipv6_route.h
header-y += ipx.h
header-y += irda.h
header-y += irqnr.h
header-y += isdn.h
header-y += isdn_divertif.h
header-y += isdn_ppp.h
header-y += isdnif.h
header-y += iso_fs.h
header-y += ivtv.h
header-y += ivtvfb.h
header-y += ixjuser.h
header-y += jffs2.h
header-y += joystick.h
header-y += kd.h
header-y += kdev_t.h
header-y += kernel.h
header-y += kernelcapi.h
header-y += keyboard.h
header-y += keyctl.h
header-y += l2tp.h
header-y += limits.h
header-y += llc.h
header-y += loop.h
header-y += lp.h
header-y += magic.h
header-y += major.h
header-y += map_to_7segment.h
header-y += matroxfb.h
header-y += mdio.h
header-y += media.h
header-y += mei.h
header-y += mempolicy.h
header-y += meye.h
header-y += mii.h
header-y += minix_fs.h
header-y += mman.h
header-y += mmtimer.h
header-y += mqueue.h
header-y += mroute.h
header-y += mroute6.h
header-y += msdos_fs.h
header-y += msg.h
header-y += mtio.h
header-y += n_r3964.h
header-y += nbd.h
header-y += ncp.h
header-y += ncp_fs.h
header-y += ncp_mount.h
header-y += ncp_no.h
header-y += neighbour.h
header-y += net.h
header-y += net_dropmon.h
header-y += net_tstamp.h
header-y += netdevice.h
header-y += netfilter.h
header-y += netfilter_arp.h
header-y += netfilter_bridge.h
header-y += netfilter_decnet.h
header-y += netfilter_ipv4.h
header-y += netfilter_ipv6.h
header-y += netlink.h
header-y += netrom.h
header-y += nfc.h
header-y += nfs.h
header-y += nfs2.h
header-y += nfs3.h
header-y += nfs4.h
header-y += nfs4_mount.h
header-y += nfs_fs.h
header-y += nfs_idmap.h
header-y += nfs_mount.h
header-y += nfsacl.h
header-y += nl80211.h
header-y += nubus.h
header-y += nvram.h
header-y += omap3isp.h
header-y += omapfb.h
header-y += oom.h
header-y += param.h
header-y += parport.h
header-y += patchkey.h
header-y += pci.h
header-y += pci_regs.h
header-y += perf_event.h
header-y += personality.h
header-y += pfkeyv2.h
header-y += pg.h
header-y += phantom.h
header-y += phonet.h
header-y += pkt_cls.h
header-y += pkt_sched.h
header-y += pktcdvd.h
header-y += pmu.h
header-y += poll.h
header-y += posix_types.h
header-y += ppdev.h
header-y += ppp-comp.h
header-y += ppp-ioctl.h
header-y += ppp_defs.h
header-y += pps.h
header-y += prctl.h
header-y += ptp_clock.h
header-y += ptrace.h
header-y += qnx4_fs.h
header-y += qnxtypes.h
header-y += quota.h
header-y += radeonfb.h
header-y += random.h
header-y += raw.h
header-y += rds.h
header-y += reboot.h
header-y += reiserfs_fs.h
header-y += reiserfs_xattr.h
header-y += resource.h
header-y += rfkill.h
header-y += romfs_fs.h
header-y += rose.h
header-y += route.h
header-y += rtc.h
header-y += rtnetlink.h
header-y += scc.h
header-y += sched.h
header-y += screen_info.h
header-y += sdla.h
seccomp: add system call filtering using BPF [This patch depends on luto@mit.edu's no_new_privs patch: https://lkml.org/lkml/2012/1/30/264 The whole series including Andrew's patches can be found here: https://github.com/redpig/linux/tree/seccomp Complete diff here: https://github.com/redpig/linux/compare/1dc65fed...seccomp ] This patch adds support for seccomp mode 2. Mode 2 introduces the ability for unprivileged processes to install system call filtering policy expressed in terms of a Berkeley Packet Filter (BPF) program. This program will be evaluated in the kernel for each system call the task makes and computes a result based on data in the format of struct seccomp_data. A filter program may be installed by calling: struct sock_fprog fprog = { ... }; ... prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &fprog); The return value of the filter program determines if the system call is allowed to proceed or denied. If the first filter program installed allows prctl(2) calls, then the above call may be made repeatedly by a task to further reduce its access to the kernel. All attached programs must be evaluated before a system call will be allowed to proceed. Filter programs will be inherited across fork/clone and execve. However, if the task attaching the filter is unprivileged (!CAP_SYS_ADMIN) the no_new_privs bit will be set on the task. This ensures that unprivileged tasks cannot attach filters that affect privileged tasks (e.g., setuid binary). There are a number of benefits to this approach. A few of which are as follows: - BPF has been exposed to userland for a long time - BPF optimization (and JIT'ing) are well understood - Userland already knows its ABI: system call numbers and desired arguments - No time-of-check-time-of-use vulnerable data accesses are possible. - system call arguments are loaded on access only to minimize copying required for system call policy decisions. Mode 2 support is restricted to architectures that enable HAVE_ARCH_SECCOMP_FILTER. In this patch, the primary dependency is on syscall_get_arguments(). The full desired scope of this feature will add a few minor additional requirements expressed later in this series. Based on discussion, SECCOMP_RET_ERRNO and SECCOMP_RET_TRACE seem to be the desired additional functionality. No architectures are enabled in this patch. Signed-off-by: Will Drewry <wad@chromium.org> Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Reviewed-by: Indan Zupancic <indan@nul.nu> Acked-by: Eric Paris <eparis@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> v18: - rebase to v3.4-rc2 - s/chk/check/ (akpm@linux-foundation.org,jmorris@namei.org) - allocate with GFP_KERNEL|__GFP_NOWARN (indan@nul.nu) - add a comment for get_u32 regarding endianness (akpm@) - fix other typos, style mistakes (akpm@) - added acked-by v17: - properly guard seccomp filter needed headers (leann@ubuntu.com) - tighten return mask to 0x7fff0000 v16: - no change v15: - add a 4 instr penalty when counting a path to account for seccomp_filter size (indan@nul.nu) - drop the max insns to 256KB (indan@nul.nu) - return ENOMEM if the max insns limit has been hit (indan@nul.nu) - move IP checks after args (indan@nul.nu) - drop !user_filter check (indan@nul.nu) - only allow explicit bpf codes (indan@nul.nu) - exit_code -> exit_sig v14: - put/get_seccomp_filter takes struct task_struct (indan@nul.nu,keescook@chromium.org) - adds seccomp_chk_filter and drops general bpf_run/chk_filter user - add seccomp_bpf_load for use by net/core/filter.c - lower max per-process/per-hierarchy: 1MB - moved nnp/capability check prior to allocation (all of the above: indan@nul.nu) v13: - rebase on to 88ebdda6159ffc15699f204c33feb3e431bf9bdc v12: - added a maximum instruction count per path (indan@nul.nu,oleg@redhat.com) - removed copy_seccomp (keescook@chromium.org,indan@nul.nu) - reworded the prctl_set_seccomp comment (indan@nul.nu) v11: - reorder struct seccomp_data to allow future args expansion (hpa@zytor.com) - style clean up, @compat dropped, compat_sock_fprog32 (indan@nul.nu) - do_exit(SIGSYS) (keescook@chromium.org, luto@mit.edu) - pare down Kconfig doc reference. - extra comment clean up v10: - seccomp_data has changed again to be more aesthetically pleasing (hpa@zytor.com) - calling convention is noted in a new u32 field using syscall_get_arch. This allows for cross-calling convention tasks to use seccomp filters. (hpa@zytor.com) - lots of clean up (thanks, Indan!) v9: - n/a v8: - use bpf_chk_filter, bpf_run_filter. update load_fns - Lots of fixes courtesy of indan@nul.nu: -- fix up load behavior, compat fixups, and merge alloc code, -- renamed pc and dropped __packed, use bool compat. -- Added a hidden CONFIG_SECCOMP_FILTER to synthesize non-arch dependencies v7: (massive overhaul thanks to Indan, others) - added CONFIG_HAVE_ARCH_SECCOMP_FILTER - merged into seccomp.c - minimal seccomp_filter.h - no config option (part of seccomp) - no new prctl - doesn't break seccomp on systems without asm/syscall.h (works but arg access always fails) - dropped seccomp_init_task, extra free functions, ... - dropped the no-asm/syscall.h code paths - merges with network sk_run_filter and sk_chk_filter v6: - fix memory leak on attach compat check failure - require no_new_privs || CAP_SYS_ADMIN prior to filter installation. (luto@mit.edu) - s/seccomp_struct_/seccomp_/ for macros/functions (amwang@redhat.com) - cleaned up Kconfig (amwang@redhat.com) - on block, note if the call was compat (so the # means something) v5: - uses syscall_get_arguments (indan@nul.nu,oleg@redhat.com, mcgrathr@chromium.org) - uses union-based arg storage with hi/lo struct to handle endianness. Compromises between the two alternate proposals to minimize extra arg shuffling and account for endianness assuming userspace uses offsetof(). (mcgrathr@chromium.org, indan@nul.nu) - update Kconfig description - add include/seccomp_filter.h and add its installation - (naive) on-demand syscall argument loading - drop seccomp_t (eparis@redhat.com) v4: - adjusted prctl to make room for PR_[SG]ET_NO_NEW_PRIVS - now uses current->no_new_privs (luto@mit.edu,torvalds@linux-foundation.com) - assign names to seccomp modes (rdunlap@xenotime.net) - fix style issues (rdunlap@xenotime.net) - reworded Kconfig entry (rdunlap@xenotime.net) v3: - macros to inline (oleg@redhat.com) - init_task behavior fixed (oleg@redhat.com) - drop creator entry and extra NULL check (oleg@redhat.com) - alloc returns -EINVAL on bad sizing (serge.hallyn@canonical.com) - adds tentative use of "always_unprivileged" as per torvalds@linux-foundation.org and luto@mit.edu v2: - (patch 2 only) Signed-off-by: James Morris <james.l.morris@oracle.com>
2012-04-13 05:47:57 +08:00
header-y += seccomp.h
header-y += securebits.h
header-y += selinux_netlink.h
header-y += sem.h
header-y += serial.h
header-y += serial_core.h
header-y += serial_reg.h
header-y += serio.h
header-y += shm.h
header-y += signal.h
header-y += signalfd.h
header-y += snmp.h
header-y += socket.h
header-y += sockios.h
header-y += som.h
header-y += sonet.h
header-y += sonypi.h
header-y += sound.h
header-y += soundcard.h
header-y += stat.h
header-y += stddef.h
header-y += string.h
header-y += suspend_ioctls.h
header-y += swab.h
header-y += synclink.h
header-y += sysctl.h
header-y += sysinfo.h
header-y += taskstats.h
header-y += tcp.h
header-y += telephony.h
header-y += termios.h
header-y += time.h
header-y += times.h
header-y += timex.h
header-y += tiocl.h
header-y += tipc.h
header-y += tipc_config.h
header-y += toshiba.h
header-y += tty.h
header-y += types.h
header-y += udf_fs_i.h
header-y += udp.h
header-y += uinput.h
header-y += uio.h
header-y += ultrasound.h
header-y += un.h
header-y += unistd.h
header-y += usbdevice_fs.h
header-y += utime.h
header-y += utsname.h
header-y += uuid.h
header-y += uvcvideo.h
header-y += v4l2-dv-timings.h
header-y += v4l2-mediabus.h
header-y += v4l2-subdev.h
header-y += veth.h
header-y += vhost.h
header-y += videodev2.h
header-y += virtio_9p.h
header-y += virtio_balloon.h
header-y += virtio_blk.h
header-y += virtio_config.h
header-y += virtio_console.h
header-y += virtio_ids.h
header-y += virtio_net.h
header-y += virtio_pci.h
header-y += virtio_ring.h
header-y += virtio_rng.h
header-y += vt.h
header-y += wait.h
header-y += wanrouter.h
header-y += watchdog.h
header-y += wimax.h
header-y += wireless.h
header-y += x25.h
header-y += xattr.h
header-y += xfrm.h