linux/fs/btrfs
Linus Torvalds 48ea09cdda hardening updates for v6.2-rc1
- Convert flexible array members, fix -Wstringop-overflow warnings,
   and fix KCFI function type mismatches that went ignored by
   maintainers (Gustavo A. R. Silva, Nathan Chancellor, Kees Cook).
 
 - Remove the remaining side-effect users of ksize() by converting
   dma-buf, btrfs, and coredump to using kmalloc_size_roundup(),
   add more __alloc_size attributes, and introduce full testing
   of all allocator functions. Finally remove the ksize() side-effect
   so that each allocation-aware checker can finally behave without
   exceptions.
 
 - Introduce oops_limit (default 10,000) and warn_limit (default off)
   to provide greater granularity of control for panic_on_oops and
   panic_on_warn (Jann Horn, Kees Cook).
 
 - Introduce overflows_type() and castable_to_type() helpers for
   cleaner overflow checking.
 
 - Improve code generation for strscpy() and update str*() kern-doc.
 
 - Convert strscpy and sigphash tests to KUnit, and expand memcpy
   tests.
 
 - Always use a non-NULL argument for prepare_kernel_cred().
 
 - Disable structleak plugin in FORTIFY KUnit test (Anders Roxell).
 
 - Adjust orphan linker section checking to respect CONFIG_WERROR
   (Xin Li).
 
 - Make sure siginfo is cleared for forced SIGKILL (haifeng.xu).
 
 - Fix um vs FORTIFY warnings for always-NULL arguments.
 -----BEGIN PGP SIGNATURE-----
 
 iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmOZSOoWHGtlZXNjb29r
 QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJjAAD/0YkvpU7f03f8hcQMJK6wv//24K
 AW41hEaBikq9RcmkuvkLLrJRibGgZ5O2xUkUkxRs/HxhkhrZ0kEw8sbwZe8MoWls
 F4Y9+TDjsrdHmjhfcBZdLnVxwcKK5wlaEcpjZXtbsfcdhx3TbgcDA23YELl5t0K+
 I11j4kYmf9SLl4CwIrSP5iACml8CBHARDh8oIMF7FT/LrjNbM8XkvBcVVT6hTbOV
 yjgA8WP2e9GXvj9GzKgqvd0uE/kwPkVAeXLNFWopPi4FQ8AWjlxbBZR0gamA6/EB
 d7TIs0ifpVU2JGQaTav4xO6SsFMj3ntoUI0qIrFaTxZAvV4KYGrPT/Kwz1O4SFaG
 rN5lcxseQbPQSBTFNG4zFjpywTkVCgD2tZqDwz5Rrmiraz0RyIokCN+i4CD9S0Ds
 oEd8JSyLBk1sRALczkuEKo0an5AyC9YWRcBXuRdIHpLo08PsbeUUSe//4pe303cw
 0ApQxYOXnrIk26MLElTzSMImlSvlzW6/5XXzL9ME16leSHOIfDeerPnc9FU9Eb3z
 ODv22z6tJZ9H/apSUIHZbMciMbbVTZ8zgpkfydr08o87b342N/ncYHZ5cSvQ6DWb
 jS5YOIuvl46/IhMPT16qWC8p0bP5YhxoPv5l6Xr0zq0ooEj0E7keiD/SzoLvW+Qs
 AHXcibguPRQBPAdiPQ==
 =yaaN
 -----END PGP SIGNATURE-----

Merge tag 'hardening-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull kernel hardening updates from Kees Cook:

 - Convert flexible array members, fix -Wstringop-overflow warnings, and
   fix KCFI function type mismatches that went ignored by maintainers
   (Gustavo A. R. Silva, Nathan Chancellor, Kees Cook)

 - Remove the remaining side-effect users of ksize() by converting
   dma-buf, btrfs, and coredump to using kmalloc_size_roundup(), add
   more __alloc_size attributes, and introduce full testing of all
   allocator functions. Finally remove the ksize() side-effect so that
   each allocation-aware checker can finally behave without exceptions

 - Introduce oops_limit (default 10,000) and warn_limit (default off) to
   provide greater granularity of control for panic_on_oops and
   panic_on_warn (Jann Horn, Kees Cook)

 - Introduce overflows_type() and castable_to_type() helpers for cleaner
   overflow checking

 - Improve code generation for strscpy() and update str*() kern-doc

 - Convert strscpy and sigphash tests to KUnit, and expand memcpy tests

 - Always use a non-NULL argument for prepare_kernel_cred()

 - Disable structleak plugin in FORTIFY KUnit test (Anders Roxell)

 - Adjust orphan linker section checking to respect CONFIG_WERROR (Xin
   Li)

 - Make sure siginfo is cleared for forced SIGKILL (haifeng.xu)

 - Fix um vs FORTIFY warnings for always-NULL arguments

* tag 'hardening-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: (31 commits)
  ksmbd: replace one-element arrays with flexible-array members
  hpet: Replace one-element array with flexible-array member
  um: virt-pci: Avoid GCC non-NULL warning
  signal: Initialize the info in ksignal
  lib: fortify_kunit: build without structleak plugin
  panic: Expose "warn_count" to sysfs
  panic: Introduce warn_limit
  panic: Consolidate open-coded panic_on_warn checks
  exit: Allow oops_limit to be disabled
  exit: Expose "oops_count" to sysfs
  exit: Put an upper limit on how often we can oops
  panic: Separate sysctl logic from CONFIG_SMP
  mm/pgtable: Fix multiple -Wstringop-overflow warnings
  mm: Make ksize() a reporting-only function
  kunit/fortify: Validate __alloc_size attribute results
  drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()
  drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid()
  driver core: Add __alloc_size hint to devm allocators
  overflow: Introduce overflows_type() and castable_to_type()
  coredump: Proactively round up to kmalloc bucket size
  ...
2022-12-14 12:20:00 -08:00
..
tests btrfs: drop private_data parameter from extent_io_tree_init 2022-12-05 18:00:54 +01:00
accessors.c btrfs: add eb to btrfs_node_key_ptr_offset 2022-12-05 18:00:58 +01:00
accessors.h btrfs: add stack helpers for a few btrfs items 2022-12-05 18:00:58 +01:00
acl.c for-6.2-tag 2022-12-12 20:47:51 -08:00
acl.h for-6.2-tag 2022-12-12 20:47:51 -08:00
async-thread.c btrfs: simplify WQ_HIGHPRI handling in struct btrfs_workqueue 2022-05-16 17:03:15 +02:00
async-thread.h btrfs: remove unused typedefs get_extent_t and btrfs_work_func_t 2022-07-25 17:45:36 +02:00
backref.c btrfs: move struct btrfs_tree_parent_check out of disk-io.h 2022-12-05 18:00:57 +01:00
backref.h btrfs: send: skip resolution of our own backref when finding clone source 2022-12-05 18:00:50 +01:00
bio.c btrfs: move repair_io_failure to bio.c 2022-12-05 18:00:57 +01:00
bio.h btrfs: split the bio submission path into a separate file 2022-12-05 18:00:57 +01:00
block-group.c btrfs: convert btrfs_block_group::needs_free_space to runtime flag 2022-12-05 18:00:51 +01:00
block-group.h btrfs: convert btrfs_block_group::seq_zone to runtime flag 2022-12-05 18:00:51 +01:00
block-rsv.c btrfs: simplify percent calculation helpers, rename div_factor 2022-12-05 18:00:48 +01:00
block-rsv.h btrfs: simplify percent calculation helpers, rename div_factor 2022-12-05 18:00:48 +01:00
btrfs_inode.h btrfs: pass btrfs_inode to btrfs_add_delayed_iput 2022-12-05 18:00:55 +01:00
check-integrity.c btrfs: use btrfs_dev_name() helper to handle missing devices better 2022-12-05 18:00:57 +01:00
check-integrity.h btrfs: check-integrity: split submit_bio from btrfsic checking 2022-05-16 17:03:12 +02:00
compression.c btrfs: split the bio submission path into a separate file 2022-12-05 18:00:57 +01:00
compression.h btrfs: constify input buffer parameter in compression code 2022-12-05 18:00:55 +01:00
ctree.c btrfs: add might_sleep() annotations 2022-12-05 18:00:59 +01:00
ctree.h fs.acl.rework.v6.2 2022-12-12 18:46:39 -08:00
defrag.c btrfs: pass btrfs_inode to btrfs_inode_unlock 2022-12-05 18:00:53 +01:00
defrag.h btrfs: move defrag related prototypes to their own header 2022-12-05 18:00:46 +01:00
delalloc-space.c btrfs: update function comments 2022-12-05 18:00:45 +01:00
delalloc-space.h btrfs: move delalloc space related prototypes to delalloc-space.h 2022-12-05 18:00:44 +01:00
delayed-inode.c btrfs: pass btrfs_inode to btrfs_inode_unlock 2022-12-05 18:00:53 +01:00
delayed-inode.h btrfs: extend btrfs_dir_item type to store encryption status 2022-12-05 18:00:43 +01:00
delayed-ref.c btrfs: update function comments 2022-12-05 18:00:45 +01:00
delayed-ref.h btrfs: remove btrfs_delayed_extent_op::is_data 2022-05-16 17:17:31 +02:00
dev-replace.c btrfs: use btrfs_dev_name() helper to handle missing devices better 2022-12-05 18:00:57 +01:00
dev-replace.h btrfs: move dev-replace prototypes into dev-replace.h 2022-12-05 18:00:47 +01:00
dir-item.c btrfs: move dir-item prototypes into dir-item.h 2022-12-05 18:00:46 +01:00
dir-item.h btrfs: move dir-item prototypes into dir-item.h 2022-12-05 18:00:46 +01:00
discard.c btrfs: update function comments 2022-12-05 18:00:45 +01:00
discard.h btrfs: cleanup btrfs_discard_update_discardable usage 2020-12-08 15:54:02 +01:00
disk-io.c btrfs: move repair_io_failure to bio.c 2022-12-05 18:00:57 +01:00
disk-io.h btrfs: move struct btrfs_tree_parent_check out of disk-io.h 2022-12-05 18:00:57 +01:00
export.c btrfs: move super_block specific helpers into super.h 2022-12-05 18:00:47 +01:00
export.h btrfs: simplify generation check in btrfs_get_dentry 2022-12-05 18:00:41 +01:00
extent_io.c btrfs: remove BTRFS_LEAF_DATA_OFFSET 2022-12-05 18:00:58 +01:00
extent_io.h btrfs: move eb offset helpers into extent_io.h 2022-12-05 18:00:58 +01:00
extent_map.c btrfs: remove no longer used btrfs_next_extent_map() 2022-12-05 18:00:56 +01:00
extent_map.h btrfs: remove no longer used btrfs_next_extent_map() 2022-12-05 18:00:56 +01:00
extent-io-tree.c btrfs: fix uninitialized variable in find_first_clear_extent_bit 2022-12-05 18:00:59 +01:00
extent-io-tree.h btrfs: allow passing a cached state record to count_range_bits() 2022-12-05 18:00:56 +01:00
extent-tree.c btrfs: split the bio submission path into a separate file 2022-12-05 18:00:57 +01:00
extent-tree.h btrfs: move the snapshot drop related prototypes to extent-tree.h 2022-12-05 18:00:46 +01:00
file-item.c btrfs: split the bio submission path into a separate file 2022-12-05 18:00:57 +01:00
file-item.h btrfs: move file_extent_item helpers into file-item.h 2022-12-05 18:00:58 +01:00
file.c btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range 2022-12-05 18:00:59 +01:00
file.h btrfs: use cached state when looking for delalloc ranges with fiemap 2022-12-05 18:00:56 +01:00
free-space-cache.c btrfs: pass btrfs_inode to btrfs_add_delayed_iput 2022-12-05 18:00:55 +01:00
free-space-cache.h btrfs: convert discard stat defs to enum 2022-12-05 18:00:45 +01:00
free-space-tree.c btrfs: convert btrfs_block_group::needs_free_space to runtime flag 2022-12-05 18:00:51 +01:00
free-space-tree.h
fs.c btrfs: move accessor helpers into accessors.h 2022-12-05 18:00:42 +01:00
fs.h btrfs: remove the unused endio_raid56_workers and btrfs_raid_bio::end_io_work 2022-12-05 18:00:49 +01:00
inode-item.c btrfs: move file-item prototypes into their own header 2022-12-05 18:00:46 +01:00
inode-item.h btrfs: use struct fscrypt_str instead of struct qstr 2022-12-05 18:00:43 +01:00
inode.c for-6.2-tag 2022-12-12 20:47:51 -08:00
ioctl.c for-6.2-tag 2022-12-12 20:47:51 -08:00
ioctl.h btrfs: move ioctl prototypes into ioctl.h 2022-12-05 18:00:46 +01:00
Kconfig btrfs: use generic Kconfig option for 256kB page size limit 2022-01-20 08:52:55 +02:00
locking.c btrfs: move accessor helpers into accessors.h 2022-12-05 18:00:42 +01:00
locking.h btrfs: move the lockdep helpers into locking.h 2022-12-05 18:00:44 +01:00
lzo.c btrfs: constify input buffer parameter in compression code 2022-12-05 18:00:55 +01:00
Makefile btrfs: split the bio submission path into a separate file 2022-12-05 18:00:57 +01:00
messages.c btrfs: move super_block specific helpers into super.h 2022-12-05 18:00:47 +01:00
messages.h btrfs: print transaction aborted messages with an error level 2022-12-05 18:00:59 +01:00
misc.h btrfs: simplify percent calculation helpers, rename div_factor 2022-12-05 18:00:48 +01:00
ordered-data.c for-6.2-tag 2022-12-12 20:47:51 -08:00
ordered-data.h btrfs: use cached_state for btrfs_check_nocow_lock 2022-12-05 18:00:36 +01:00
orphan.c btrfs: move orphan prototypes into orphan.h 2022-12-05 18:00:47 +01:00
orphan.h btrfs: move orphan prototypes into orphan.h 2022-12-05 18:00:47 +01:00
print-tree.c btrfs: move struct btrfs_tree_parent_check out of disk-io.h 2022-12-05 18:00:57 +01:00
print-tree.h btrfs: print the actual offset in btrfs_root_name 2021-01-07 17:25:05 +01:00
props.c btrfs: move super_block specific helpers into super.h 2022-12-05 18:00:47 +01:00
props.h btrfs: make module init/exit match their sequence 2022-12-05 18:00:40 +01:00
qgroup.c btrfs: move struct btrfs_tree_parent_check out of disk-io.h 2022-12-05 18:00:57 +01:00
qgroup.h btrfs: sink gfp_t parameter to btrfs_qgroup_trace_extent 2022-12-05 18:00:43 +01:00
raid56.c btrfs: raid56: do data csum verification during RMW cycle 2022-12-05 18:00:57 +01:00
raid56.h btrfs: raid56: prepare data checksums for later RMW verification 2022-12-05 18:00:57 +01:00
rcu-string.h btrfs: replace strncpy() with strscpy() 2022-12-05 18:00:59 +01:00
ref-verify.c btrfs: move accessor helpers into accessors.h 2022-12-05 18:00:42 +01:00
ref-verify.h
reflink.c btrfs: pass btrfs_inode to btrfs_inode_unlock 2022-12-05 18:00:53 +01:00
reflink.h
relocation.c btrfs: split the bio submission path into a separate file 2022-12-05 18:00:57 +01:00
relocation.h btrfs: move relocation prototypes into relocation.h 2022-12-05 18:00:47 +01:00
root-tree.c btrfs: move orphan prototypes into orphan.h 2022-12-05 18:00:47 +01:00
root-tree.h btrfs: move root tree prototypes to their own header 2022-12-05 18:00:44 +01:00
scrub.c btrfs: introduce a bitmap based csum range search function 2022-12-05 18:00:57 +01:00
scrub.h btrfs: move scrub prototypes into scrub.h 2022-12-05 18:00:47 +01:00
send.c hardening updates for v6.2-rc1 2022-12-14 12:20:00 -08:00
send.h btrfs: send add define for v2 buffer size 2022-12-05 18:00:41 +01:00
space-info.c btrfs: simplify percent calculation helpers, rename div_factor 2022-12-05 18:00:48 +01:00
space-info.h btrfs: move btrfs_account_ro_block_groups_free_space into space-info.c 2022-12-05 18:00:44 +01:00
subpage.c btrfs: move the printk helpers out of ctree.h 2022-12-05 18:00:41 +01:00
subpage.h btrfs: make nodesize >= PAGE_SIZE case to reuse the non-subpage routine 2022-05-16 17:03:11 +02:00
super.c btrfs: split the bio submission path into a separate file 2022-12-05 18:00:57 +01:00
super.h btrfs: move super_block specific helpers into super.h 2022-12-05 18:00:47 +01:00
sysfs.c btrfs: simplify percent calculation helpers, rename div_factor 2022-12-05 18:00:48 +01:00
sysfs.h
transaction.c btrfs: drop private_data parameter from extent_io_tree_init 2022-12-05 18:00:54 +01:00
transaction.h btrfs: remove fs_info::pending_changes and related code 2022-12-05 18:00:42 +01:00
tree-checker.c btrfs: pass the extent buffer for the btrfs_item_nr helpers 2022-12-05 18:00:58 +01:00
tree-checker.h btrfs: move struct btrfs_tree_parent_check out of disk-io.h 2022-12-05 18:00:57 +01:00
tree-log.c btrfs: remove outdated logic from overwrite_item() and add assertion 2022-12-05 18:00:59 +01:00
tree-log.h btrfs: use struct fscrypt_str instead of struct qstr 2022-12-05 18:00:43 +01:00
tree-mod-log.c btrfs: add eb to btrfs_node_key_ptr_offset 2022-12-05 18:00:58 +01:00
tree-mod-log.h btrfs: fix SPDX comment in tree-mod-log.h 2022-12-05 18:00:48 +01:00
ulist.c btrfs: constify ulist parameter of ulist_next() 2022-12-05 18:00:50 +01:00
ulist.h btrfs: constify ulist parameter of ulist_next() 2022-12-05 18:00:50 +01:00
uuid-tree.c btrfs: move uuid tree prototypes to uuid-tree.h 2022-12-05 18:00:46 +01:00
uuid-tree.h btrfs: move uuid tree prototypes to uuid-tree.h 2022-12-05 18:00:46 +01:00
verity.c btrfs: move orphan prototypes into orphan.h 2022-12-05 18:00:47 +01:00
verity.h btrfs: move verity prototypes into verity.h 2022-12-05 18:00:47 +01:00
volumes.c btrfs: fix extent map use-after-free when handling missing device in read_one_chunk 2022-12-05 18:00:59 +01:00
volumes.h btrfs: split the bio submission path into a separate file 2022-12-05 18:00:57 +01:00
xattr.c btrfs: move dir-item prototypes into dir-item.h 2022-12-05 18:00:46 +01:00
xattr.h
zlib.c btrfs: constify input buffer parameter in compression code 2022-12-05 18:00:55 +01:00
zoned.c btrfs: convert btrfs_block_group::seq_zone to runtime flag 2022-12-05 18:00:51 +01:00
zoned.h btrfs: move the printk helpers out of ctree.h 2022-12-05 18:00:41 +01:00
zstd.c btrfs: constify input buffer parameter in compression code 2022-12-05 18:00:55 +01:00