Unnamed repository; edit this file 'description' to name the repository. https://git.kobert.dev/pm24.git/atom?h=v6.7-rc4 2023-12-01T05:17:54Z 2023-12-01T05:17:54Z Linus Torvalds torvalds@linux-foundation.org 2023-12-01T05:17:54Z urn:sha1:994d5c58e50e91bb02c7be4a91d5186292a895c8 Pull hardening fixes from Kees Cook: - struct_group: propagate attributes to top-level union (Dmitry Antipov) - gcc-plugins: randstruct: Update code comment in relayout_struct (Gustavo A. R. Silva) - MAINTAINERS: refresh LLVM support (Nick Desaulniers) * tag 'hardening-v6.7-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: gcc-plugins: randstruct: Update code comment in relayout_struct() uapi: propagate __struct_group() attributes to the container union MAINTAINERS: refresh LLVM support 2023-11-28T00:30:05Z Gustavo A. R. Silva gustavoars@kernel.org 2023-11-25T21:49:12Z urn:sha1:d71f22365a9caca82d424f3a33445de46567e198 Update code comment to clarify that the only element whose layout is not randomized is a proper C99 flexible-array member. This update is complementary to commit 1ee60356c2dc ("gcc-plugins: randstruct: Only warn about true flexible arrays") Signed-off-by: "Gustavo A. R. Silva" <gustavoars@kernel.org> Link: https://lore.kernel.org/r/ZWJr2MWDjXLHE8ap@work Fixes: 1ee60356c2dc ("gcc-plugins: randstruct: Only warn about true flexible arrays") Signed-off-by: Kees Cook <keescook@chromium.org> 2023-11-22T14:06:23Z Heiko Carstens hca@linux.ibm.com 2023-11-20T12:00:00Z urn:sha1:aab1f809d7540def24498e81347740a7239a74d5 For some unknown reason the regular expression for checkstack only matches three digit numbers starting with the number "3", or any higher number. Which means that it skips any stack sizes smaller than 304 bytes. This makes the checkstack script a bit less useful than it could be. Change the script to match any number. To be filtered out stack sizes can be configured with the min_stack variable, which omits any stack frame sizes smaller than 100 bytes by default. Tested-by: Alexander Gordeev <agordeev@linux.ibm.com> Signed-off-by: Heiko Carstens <hca@linux.ibm.com> Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com> 2023-11-19T21:54:28Z Linus Torvalds torvalds@linux-foundation.org 2023-11-19T21:54:28Z urn:sha1:eb3479bc23fafbc408558cd8450b35f07fad2a63 Pull Kbuild fixes from Masahiro Yamada: - Fix section mismatch warning messages for riscv and loongarch - Remove CONFIG_IA64 left-over from linux/export-internal.h - Fix the location of the quotes for UIMAGE_NAME - Fix a memory leak bug in Kconfig * tag 'kbuild-fixes-v6.7' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild: kconfig: fix memory leak from range properties kbuild: Move the single quotes for image name linux/export: clean up the IA-64 KSYM_FUNC macro modpost: fix section mismatch message for RELA 2023-11-17T04:24:08Z Masahiro Yamada masahiroy@kernel.org 2023-11-15T04:16:53Z urn:sha1:ae1eff0349f2e908fc083630e8441ea6dc434dc0 Currently, sym_validate_range() duplicates the range string using xstrdup(), which is overwritten by a subsequent sym_calc_value() call. It results in a memory leak. Instead, only the pointer should be copied. Below is a test case, with a summary from Valgrind. [Test Kconfig] config FOO int "foo" range 10 20 [Test .config] CONFIG_FOO=0 [Before] LEAK SUMMARY: definitely lost: 3 bytes in 1 blocks indirectly lost: 0 bytes in 0 blocks possibly lost: 0 bytes in 0 blocks still reachable: 17,465 bytes in 21 blocks suppressed: 0 bytes in 0 blocks [After] LEAK SUMMARY: definitely lost: 0 bytes in 0 blocks indirectly lost: 0 bytes in 0 blocks possibly lost: 0 bytes in 0 blocks still reachable: 17,462 bytes in 20 blocks suppressed: 0 bytes in 0 blocks Signed-off-by: Masahiro Yamada <masahiroy@kernel.org> 2023-11-17T04:24:08Z Simon Glass sjg@chromium.org 2023-11-11T00:28:01Z urn:sha1:76020731d4ee897411ce4a73916ed805ea15d946 Add quotes where UIMAGE_NAME is used, rather than where it is defined. This allows the UIMAGE_NAME variable to be set by the user. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Masahiro Yamada <masahiroy@kernel.org> 2023-11-16T11:14:44Z Masahiro Yamada masahiroy@kernel.org 2023-10-31T17:46:27Z urn:sha1:1c4a7587d1bbee0fd53b63af60e4244a62775f57 The section mismatch check prints a bogus symbol name on some architectures. [test code] #include <linux/init.h> int __initdata foo; int get_foo(void) { return foo; } If you compile it with GCC for riscv or loongarch, modpost will show an incorrect symbol name: WARNING: modpost: vmlinux: section mismatch in reference: get_foo+0x8 (section: .text) -> done (section: .init.data) To get the correct symbol address, the st_value must be added. This issue has never been noticed since commit 93684d3b8062 ("kbuild: include symbol names in section mismatch warnings") presumably because st_value becomes zero on most architectures when the referenced symbol is looked up. It is not true for riscv or loongarch, at least. With this fix, modpost will show the correct symbol name: WARNING: modpost: vmlinux: section mismatch in reference: get_foo+0x8 (section: .text) -> foo (section: .init.data) Signed-off-by: Masahiro Yamada <masahiroy@kernel.org> Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> 2023-11-15T04:47:12Z Linus Torvalds torvalds@linux-foundation.org 2023-11-15T04:47:12Z urn:sha1:c42d9eeef8e5ba9292eda36fd8e3c11f35ee065c Pull hardening fixes from Kees Cook: - stackleak: add declarations for global functions (Arnd Bergmann) - gcc-plugins: randstruct: Only warn about true flexible arrays (Kees Cook) - gcc-plugins: latent_entropy: Fix description typo (Konstantin Runov) * tag 'hardening-v6.7-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: gcc-plugins: latent_entropy: Fix typo (args -> argc) in plugin description gcc-plugins: randstruct: Only warn about true flexible arrays stackleak: add declarations for global functions 2023-11-14T17:32:47Z Konstantin Runov runebone1@gmail.com 2023-10-30T09:45:08Z urn:sha1:782ce431613cf08c3a00dca42ad925c3b1108d09 Fix the typo in the plugin description comment. Clearly, "argc" should be used. Signed-off-by: Konstantin Runov <runebone1@gmail.com> Link: https://lore.kernel.org/r/20231030094508.245432-1-runebone1@gmail.com Signed-off-by: Kees Cook <keescook@chromium.org> 2023-11-08T22:18:57Z Kees Cook keescook@chromium.org 2023-11-04T20:43:37Z urn:sha1:1ee60356c2dca938362528404af95b8ef3e49b6a The randstruct GCC plugin tried to discover "fake" flexible arrays to issue warnings about them in randomized structs. In the future LSM overhead reduction series, it would be legal to have a randomized struct with a 1-element array, and this should _not_ be treated as a flexible array, especially since commit df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3"). Disable the 0-sized and 1-element array discovery logic in the plugin, but keep the "true" flexible array check. Cc: KP Singh <kpsingh@kernel.org> Cc: linux-hardening@vger.kernel.org Reported-by: kernel test robot <lkp@intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202311021532.iBwuZUZ0-lkp@intel.com/ Fixes: df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3") Reviewed-by: Bill Wendling <morbo@google.com> Acked-by: "Gustavo A. R. Silva" <gustavoars@kernel.org> Link: https://lore.kernel.org/r/20231104204334.work.160-kees@kernel.org Signed-off-by: Kees Cook <keescook@chromium.org>