linux-stable/lib
Linus Torvalds 216532e147 hardening updates for v6.9-rc1
- string.h and related header cleanups (Tanzir Hasan, Andy Shevchenko)
 
 - VMCI memcpy() usage and struct_size() cleanups (Vasiliy Kovalev, Harshit
   Mogalapalli)
 
 - selftests/powerpc: Fix load_unaligned_zeropad build failure (Michael
   Ellerman)
 
 - hardened Kconfig fragment updates (Marco Elver, Lukas Bulwahn)
 
 - Handle tail call optimization better in LKDTM (Douglas Anderson)
 
 - Use long form types in overflow.h (Andy Shevchenko)
 
 - Add flags param to string_get_size() (Andy Shevchenko)
 
 - Add Coccinelle script for potential struct_size() use (Jacob Keller)
 
 - Fix objtool corner case under KCFI (Josh Poimboeuf)
 
 - Drop 13 year old backward compat CAP_SYS_ADMIN check (Jingzi Meng)
 
 - Add str_plural() helper (Michal Wajdeczko, Kees Cook)
 
 - Ignore relocations in .notes section
 
 - Add comments to explain how __is_constexpr() works
 
 - Fix m68k stack alignment expectations in stackinit Kunit test
 
 - Convert string selftests to KUnit
 
 - Add KUnit tests for fortified string functions
 
 - Improve reporting during fortified string warnings
 
 - Allow non-type arg to type_max() and type_min()
 
 - Allow strscpy() to be called with only 2 arguments
 
 - Add binary mode to leaking_addresses scanner
 
 - Various small cleanups to leaking_addresses scanner
 
 - Adding wrapping_*() arithmetic helper
 
 - Annotate initial signed integer wrap-around in refcount_t
 
 - Add explicit UBSAN section to MAINTAINERS
 
 - Fix UBSAN self-test warnings
 
 - Simplify UBSAN build via removal of CONFIG_UBSAN_SANITIZE_ALL
 
 - Reintroduce UBSAN's signed overflow sanitizer
 -----BEGIN PGP SIGNATURE-----
 
 iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmXvm5kWHGtlZXNjb29r
 QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJiQqD/4mM6SWZpYHKlR1nEiqIyz7Hqr9
 g4oguuw6HIVNJXLyeBI5Hd43CTeHPA0e++EETqhUAt7HhErxfYJY+JB221nRYmu+
 zhhQ7N/xbTMV/Je7AR03kQjhiMm8LyEcM2X4BNrsAcoCieQzmO3g0zSp8ISzLUE0
 PEEmf1lOzMe3gK2KOFCPt5Hiz9sGWyN6at+BQubY18tQGtjEXYAQNXkpD5qhGn4a
 EF693r/17wmc8hvSsjf4AGaWy1k8crG0WfpMCZsaqftjj0BbvOC60IDyx4eFjpcy
 tGyAJKETq161AkCdNweIh2Q107fG3tm0fcvw2dv8Wt1eQCko6M8dUGCBinQs/thh
 TexjJFS/XbSz+IvxLqgU+C5qkOP23E0M9m1dbIbOFxJAya/5n16WOBlGr3ae2Wdq
 /+t8wVSJw3vZiku5emWdFYP1VsdIHUjVa5QizFaaRhzLGRwhxVV49SP4IQC/5oM5
 3MAgNOFTP6yRQn9Y9wP+SZs+SsfaIE7yfKa9zOi4S+Ve+LI2v4YFhh8NCRiLkeWZ
 R1dhp8Pgtuq76f/v0qUaWcuuVeGfJ37M31KOGIhi1sI/3sr7UMrngL8D1+F8UZMi
 zcLu+x4GtfUZCHl6znx1rNUBqE5S/5ndVhLpOqfCXKaQ+RAm7lkOJ3jXE2VhNkhp
 yVEmeSOLnlCaQjZvXQ==
 =OP+o
 -----END PGP SIGNATURE-----

Merge tag 'hardening-v6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull hardening updates from Kees Cook:
 "As is pretty normal for this tree, there are changes all over the
  place, especially for small fixes, selftest improvements, and improved
  macro usability.

  Some header changes ended up landing via this tree as they depended on
  the string header cleanups. Also, a notable set of changes is the work
  for the reintroduction of the UBSAN signed integer overflow sanitizer
  so that we can continue to make improvements on the compiler side to
  make this sanitizer a more viable future security hardening option.

  Summary:

   - string.h and related header cleanups (Tanzir Hasan, Andy
     Shevchenko)

   - VMCI memcpy() usage and struct_size() cleanups (Vasiliy Kovalev,
     Harshit Mogalapalli)

   - selftests/powerpc: Fix load_unaligned_zeropad build failure
     (Michael Ellerman)

   - hardened Kconfig fragment updates (Marco Elver, Lukas Bulwahn)

   - Handle tail call optimization better in LKDTM (Douglas Anderson)

   - Use long form types in overflow.h (Andy Shevchenko)

   - Add flags param to string_get_size() (Andy Shevchenko)

   - Add Coccinelle script for potential struct_size() use (Jacob
     Keller)

   - Fix objtool corner case under KCFI (Josh Poimboeuf)

   - Drop 13 year old backward compat CAP_SYS_ADMIN check (Jingzi Meng)

   - Add str_plural() helper (Michal Wajdeczko, Kees Cook)

   - Ignore relocations in .notes section

   - Add comments to explain how __is_constexpr() works

   - Fix m68k stack alignment expectations in stackinit Kunit test

   - Convert string selftests to KUnit

   - Add KUnit tests for fortified string functions

   - Improve reporting during fortified string warnings

   - Allow non-type arg to type_max() and type_min()

   - Allow strscpy() to be called with only 2 arguments

   - Add binary mode to leaking_addresses scanner

   - Various small cleanups to leaking_addresses scanner

   - Adding wrapping_*() arithmetic helper

   - Annotate initial signed integer wrap-around in refcount_t

   - Add explicit UBSAN section to MAINTAINERS

   - Fix UBSAN self-test warnings

   - Simplify UBSAN build via removal of CONFIG_UBSAN_SANITIZE_ALL

   - Reintroduce UBSAN's signed overflow sanitizer"

* tag 'hardening-v6.9-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: (51 commits)
  selftests/powerpc: Fix load_unaligned_zeropad build failure
  string: Convert helpers selftest to KUnit
  string: Convert selftest to KUnit
  sh: Fix build with CONFIG_UBSAN=y
  compiler.h: Explain how __is_constexpr() works
  overflow: Allow non-type arg to type_max() and type_min()
  VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler()
  lib/string_helpers: Add flags param to string_get_size()
  x86, relocs: Ignore relocations in .notes section
  objtool: Fix UNWIND_HINT_{SAVE,RESTORE} across basic blocks
  overflow: Use POD in check_shl_overflow()
  lib: stackinit: Adjust target string to 8 bytes for m68k
  sparc: vdso: Disable UBSAN instrumentation
  kernel.h: Move lib/cmdline.c prototypes to string.h
  leaking_addresses: Provide mechanism to scan binary files
  leaking_addresses: Ignore input device status lines
  leaking_addresses: Use File::Temp for /tmp files
  MAINTAINERS: Update LEAKING_ADDRESSES details
  fortify: Improve buffer overflow reporting
  fortify: Add KUnit tests for runtime overflows
  ...
2024-03-12 14:49:30 -07:00
..
842
crypto crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init 2023-12-22 12:30:19 +08:00
dim
fonts
kunit kunit: test: Log the correct filter string in executor_test 2024-02-27 15:25:50 -07:00
lz4
lzo
math
pldmfw
raid6 s390/raid6: convert to use standard fpu_*() inline assemblies 2024-02-16 14:30:17 +01:00
reed_solomon
test_fortify string: Remove strlcpy() 2024-01-19 11:59:11 -08:00
vdso
xz
zlib_deflate
zlib_dfltcc
zlib_inflate
zstd zstd: Fix array-index-out-of-bounds UBSAN warning 2023-11-14 17:12:52 -08:00
.gitignore
Kconfig lib/stackdepot: use fixed-sized slots for stack records 2023-12-10 16:51:44 -08:00
Kconfig.debug hardening updates for v6.9-rc1 2024-03-12 14:49:30 -07:00
Kconfig.kasan Many singleton patches against the MM code. The patch series which 2024-01-09 11:18:47 -08:00
Kconfig.kcsan
Kconfig.kfence mm/slab: remove CONFIG_SLAB from all Kconfig and Makefile 2023-12-05 11:14:40 +01:00
Kconfig.kgdb
Kconfig.kmsan mm/slab: remove CONFIG_SLAB from all Kconfig and Makefile 2023-12-05 11:14:40 +01:00
Kconfig.ubsan ubsan: Reintroduce signed overflow sanitizer 2024-02-20 20:44:49 -08:00
Makefile hardening updates for v6.9-rc1 2024-03-12 14:49:30 -07:00
argv_split.c
ashldi3.c
ashrdi3.c
asn1_decoder.c
asn1_encoder.c
assoc_array.c
atomic64.c
atomic64_test.c
audit.c
base64.c
bcd.c
bch.c
bitfield_kunit.c
bitmap-str.c
bitmap.c
bitrev.c
bootconfig-data.S
bootconfig.c
bsearch.c
btree.c
bucket_locks.c
bug.c
build_OID_registry
buildid.c
bust_spinlocks.c
check_signature.c
checksum.c
checksum_kunit.c kunit: Fix again checksum tests on big endian CPUs 2024-02-29 09:16:02 -08:00
closure.c closures: CLOSURE_CALLBACK() to fix type punning 2023-11-24 00:29:58 -05:00
clz_ctz.c
clz_tab.c
cmdline.c
cmdline_kunit.c lib/cmdline: Fix an invalid format specifier in an assertion msg 2024-02-27 15:25:56 -07:00
cmpdi2.c
compat_audit.c
cpu_rmap.c
cpumask.c
cpumask_kunit.c
crc-ccitt.c lib: crc_ccitt_false() is identical to crc_itu_t() 2023-12-29 12:22:26 -08:00
crc-itu-t.c
crc-t10dif.c
crc4.c
crc7.c
crc8.c
crc16.c
crc32.c
crc32defs.h
crc32test.c
crc64-rocksoft.c
crc64.c
ctype.c
debug_info.c
debug_locks.c
debugobjects.c debugobjects: Stop accessing objects after releasing hash bucket lock 2023-11-22 10:41:46 +01:00
dec_and_lock.c
decompress.c
decompress_bunzip2.c
decompress_inflate.c
decompress_unlz4.c
decompress_unlzma.c
decompress_unlzo.c
decompress_unxz.c
decompress_unzstd.c
devmem_is_allowed.c
devres.c
dhry.h
dhry_1.c
dhry_2.c
dhry_run.c
digsig.c
dump_stack.c
dynamic_debug.c
dynamic_queue_limits.c
earlycpio.c
errname.c parisc: Drop the HP-UX ENOSYM and EREMOTERELEASE error codes 2023-11-25 09:43:18 +01:00
error-inject.c
errseq.c
extable.c
fault-inject-usercopy.c
fault-inject.c
fdt.c
fdt_addresses.c
fdt_empty_tree.c
fdt_ro.c
fdt_rw.c
fdt_strerror.c
fdt_sw.c
fdt_wip.c
find_bit.c
find_bit_benchmark.c
flex_proportions.c
fortify_kunit.c fortify: Improve buffer overflow reporting 2024-02-29 13:38:02 -08:00
fw_table.c cxl for v6.8 2024-01-18 16:22:43 -08:00
gen_crc32table.c
gen_crc64table.c
genalloc.c
generic-radix-tree.c
glob.c
globtest.c
group_cpus.c lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly 2023-12-06 16:12:46 -08:00
hashtable_test.c
hexdump.c
hweight.c
idr.c ida: Fix crash in ida_free when the bitmap is empty 2023-12-21 10:02:28 -08:00
inflate.c
interval_tree.c
interval_tree_test.c
iomap.c
iomap_copy.c
iommu-helper.c
iov_iter.c vfs-6.9.misc 2024-03-11 09:38:17 -07:00
irq_poll.c
irq_regs.c
is_signed_type_kunit.c
is_single_threaded.c
kasprintf.c
kfifo.c
klist.c
kobject.c Revert "kobject: Remove redundant checks for whether ktype is NULL" 2024-02-08 16:39:25 +00:00
kobject_uevent.c
kstrtox.c
kstrtox.h
kunit_iov_iter.c
libcrc32c.c
linear_ranges.c
list-test.c
list_debug.c
list_sort.c
llist.c
locking-selftest-hardirq.h
locking-selftest-mutex.h
locking-selftest-rlock-hardirq.h
locking-selftest-rlock-softirq.h
locking-selftest-rlock.h
locking-selftest-rsem.h
locking-selftest-rtmutex.h
locking-selftest-softirq.h
locking-selftest-spin-hardirq.h
locking-selftest-spin-softirq.h
locking-selftest-spin.h
locking-selftest-wlock-hardirq.h
locking-selftest-wlock-softirq.h
locking-selftest-wlock.h
locking-selftest-wsem.h
locking-selftest.c
lockref.c
logic_iomem.c
logic_pio.c
lru_cache.c
lshrdi3.c
lwq.c
maple_tree.c maple_tree: Add mtree_alloc_cyclic() 2024-02-21 09:34:26 +01:00
memcat_p.c
memcpy_kunit.c lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg 2024-02-27 15:26:02 -07:00
memory-notifier-error-inject.c
memregion.c
memweight.c
muldi3.c
net_utils.c
netdev-notifier-error-inject.c
nlattr.c netlink: add nla be16/32 types to minlen array 2024-02-22 19:01:55 -08:00
nmi_backtrace.c
notifier-error-inject.c
notifier-error-inject.h
objagg.c
objpool.c lib: objpool: fix head overrun on RK3588 SBC 2023-12-01 14:53:55 +09:00
of-reconfig-notifier-error-inject.c
oid_registry.c
once.c
overflow_kunit.c overflow: Introduce wrapping_assign_add() and wrapping_assign_sub() 2024-02-29 13:38:01 -08:00
packing.c
parman.c
parser.c
pci_iomap.c
percpu-refcount.c
percpu_counter.c
percpu_test.c
plist.c
pm-notifier-error-inject.c
polynomial.c
radix-tree.c
radix-tree.h
random32.c
ratelimit.c
rbtree.c
rbtree_test.c
rcuref.c
ref_tracker.c
refcount.c
rhashtable.c
sbitmap.c sbitmap: remove stale comment in sbq_calc_wake_batch 2024-01-15 07:23:50 -07:00
scatterlist.c
seq_buf.c seq_buf: Fix kernel documentation 2024-02-15 12:17:28 -05:00
sg_pool.c
sg_split.c
siphash.c
siphash_kunit.c
slub_kunit.c
smp_processor_id.c
sort.c
stackdepot.c stackdepot: use variable size records for non-evictable entries 2024-02-23 17:27:12 -08:00
stackinit_kunit.c lib: stackinit: Adjust target string to 8 bytes for m68k 2024-02-29 13:38:03 -08:00
stmp_device.c
strcat_kunit.c
string.c string: Allow 2-argument strscpy() 2024-02-20 20:47:32 -08:00
string_helpers.c lib/string_helpers: Add flags param to string_get_size() 2024-02-29 22:34:42 -08:00
string_helpers_kunit.c string: Convert helpers selftest to KUnit 2024-03-05 01:55:28 -08:00
string_kunit.c string: Convert selftest to KUnit 2024-03-05 01:55:28 -08:00
strncpy_from_user.c
strnlen_user.c
strscpy_kunit.c
syscall.c
test-kstrtox.c
test_bitmap.c
test_bitops.c
test_bits.c
test_blackhole_dev.c
test_bpf.c test_bpf: Rename second ALU64_SMOD_X to ALU64_SMOD_K 2023-12-09 21:27:54 -08:00
test_debug_virtual.c
test_dynamic_debug.c
test_firmware.c firmware_loader: Expand Firmware upload error codes with firmware invalid error 2023-11-24 18:09:19 -08:00
test_fprobe.c
test_fpu.c
test_free_pages.c
test_hash.c
test_hexdump.c
test_hmm.c
test_hmm_uapi.h
test_ida.c Quite a lot of kexec work this time around. Many singleton patches in 2024-01-09 11:46:20 -08:00
test_kmod.c
test_kprobes.c
test_linear_ranges.c
test_list_sort.c
test_lockup.c
test_maple_tree.c test_maple_tree: testing the cyclic allocation 2024-02-21 09:34:26 +01:00
test_memcat_p.c
test_meminit.c mm, treewide: introduce NR_PAGE_ORDERS 2024-01-08 15:27:15 -08:00
test_min_heap.c
test_module.c
test_objagg.c
test_objpool.c
test_parman.c
test_printf.c
test_ref_tracker.c
test_rhashtable.c Kill sched.h dependency on rcupdate.h 2023-12-27 11:50:20 -05:00
test_scanf.c
test_sort.c
test_static_key_base.c
test_static_keys.c
test_sysctl.c sysctl: Remove the now superfluous sentinel elements from ctl_table array 2023-12-28 04:57:57 -08:00
test_ubsan.c ubsan: Reintroduce signed overflow sanitizer 2024-02-20 20:44:49 -08:00
test_user_copy.c
test_uuid.c
test_vmalloc.c
test_xarray.c
textsearch.c
timerqueue.c
trace_readwrite.c lib/trace_readwrite.c:: replace asm-generic/io with linux/io 2023-12-29 12:22:29 -08:00
ts_bm.c
ts_fsm.c
ts_kmp.c
ubsan.c ubsan: Reintroduce signed overflow sanitizer 2024-02-20 20:44:49 -08:00
ubsan.h ubsan: Reintroduce signed overflow sanitizer 2024-02-20 20:44:49 -08:00
ucmpdi2.c
ucs2_string.c
usercopy.c
uuid.c
vsprintf.c lib/vsprintf: Fix %pfwf when current node refcount == 0 2023-12-06 11:06:59 +01:00
win_minmax.c
xarray.c
xxhash.c