From 886d518ca9a6b433736f74723813d8917e407f40 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Sun, 22 Sep 2024 16:14:12 -0700 Subject: [PATCH 1/3] MAINTAINERS: Add unsafe_memcpy() to the FORTIFY review list Usually it's possible to avoid adding an unsafe_memcpy() uses, so give the FORTIFY reviewers a chance to help avoid lying to the compiler about the destination buffer's type/size/etc. Signed-off-by: Kees Cook --- --- MAINTAINERS | 1 + 1 file changed, 1 insertion(+) diff --git a/MAINTAINERS b/MAINTAINERS index 36c0af94cf08..3a29f123e1be 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -8772,6 +8772,7 @@ F: include/linux/fortify-string.h F: lib/fortify_kunit.c F: lib/memcpy_kunit.c F: lib/test_fortify/* +K: \bunsafe_memcpy\b K: \b__NO_FORTIFY\b FPGA DFL DRIVERS From dd3a7ee91e0ce0b03d22e974a79e8247cc99959b Mon Sep 17 00:00:00 2001 From: Nathan Chancellor Date: Sat, 28 Sep 2024 11:13:13 -0700 Subject: [PATCH 2/3] hardening: Adjust dependencies in selection of MODVERSIONS MODVERSIONS recently grew a dependency on !COMPILE_TEST so that Rust could be more easily tested. However, this introduces a Kconfig warning when building allmodconfig with a clang version that supports RANDSTRUCT natively because RANDSTRUCT_FULL and RANDSTRUCT_PERFORMANCE select MODVERSIONS when MODULES is enabled, bypassing the !COMPILE_TEST dependency: WARNING: unmet direct dependencies detected for MODVERSIONS Depends on [n]: MODULES [=y] && !COMPILE_TEST [=y] Selected by [y]: - RANDSTRUCT_FULL [=y] && (CC_HAS_RANDSTRUCT [=y] || GCC_PLUGINS [=n]) && MODULES [=y] Add the !COMPILE_TEST dependency to the selections to clear up the warning. Fixes: 1f9c4a996756 ("Kbuild: make MODVERSIONS support depend on not being a compile test build") Signed-off-by: Nathan Chancellor Link: https://lore.kernel.org/r/20240928-fix-randstruct-modversions-kconfig-warning-v1-1-27d3edc8571e@kernel.org Signed-off-by: Kees Cook --- security/Kconfig.hardening | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security/Kconfig.hardening b/security/Kconfig.hardening index 2cff851ebfd7..c9d5ca3d8d08 100644 --- a/security/Kconfig.hardening +++ b/security/Kconfig.hardening @@ -340,7 +340,7 @@ choice config RANDSTRUCT_FULL bool "Fully randomize structure layout" depends on CC_HAS_RANDSTRUCT || GCC_PLUGINS - select MODVERSIONS if MODULES + select MODVERSIONS if MODULES && !COMPILE_TEST help Fully randomize the member layout of sensitive structures as much as possible, which may have both a @@ -356,7 +356,7 @@ choice config RANDSTRUCT_PERFORMANCE bool "Limit randomization of structure layout to cache-lines" depends on GCC_PLUGINS - select MODVERSIONS if MODULES + select MODVERSIONS if MODULES && !COMPILE_TEST help Randomization of sensitive kernel structures will make a best effort at restricting randomization to cacheline-sized From 045244dd5d75c61ae37b7b96fe0a95805bd1842d Mon Sep 17 00:00:00 2001 From: Nathan Chancellor Date: Sat, 28 Sep 2024 11:26:09 -0700 Subject: [PATCH 3/3] MAINTAINERS: Add security/Kconfig.hardening to hardening section When running get_maintainer.pl on security/Kconfig.hardening, only the security subsystem folks show up, even though they have never taken patches to this file: $ scripts/get_maintainer.pl security/Kconfig.hardening Paul Moore <...> (supporter:SECURITY SUBSYSTEM) James Morris <...> (supporter:SECURITY SUBSYSTEM) "Serge E. Hallyn" <...> (supporter:SECURITY SUBSYSTEM) linux-security-module@vger.kernel.org (open list:SECURITY SUBSYSTEM) linux-kernel@vger.kernel.org (open list) $ git log --format=%cn --no-merges security/Kconfig.hardening | sort | uniq -c 3 Andrew Morton 1 Greg Kroah-Hartman 18 Kees Cook 2 Linus Torvald Add it to the hardening section so that the KSPP folks are also shown, which matches reality over who should comment on and take said patches if necessary. Signed-off-by: Nathan Chancellor Link: https://lore.kernel.org/r/20240928-maintainers-security-kconfig-hardening-v1-1-c8c64071cc02@kernel.org Signed-off-by: Kees Cook --- MAINTAINERS | 1 + 1 file changed, 1 insertion(+) diff --git a/MAINTAINERS b/MAINTAINERS index 3a29f123e1be..fecc7c696737 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -12152,6 +12152,7 @@ F: include/linux/randomize_kstack.h F: kernel/configs/hardening.config F: lib/usercopy_kunit.c F: mm/usercopy.c +F: security/Kconfig.hardening K: \b(add|choose)_random_kstack_offset\b K: \b__check_(object_size|heap_object)\b K: \b__counted_by\b