Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-22 12:11:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
befaa609f4
linux/scripts
History
Linus Torvalds befaa609f4 hardening updates for v6.7-rc1 
- Add LKDTM test for stuck CPUs (Mark Rutland)
 
 - Improve LKDTM selftest behavior under UBSan (Ricardo Cañuelo)
 
 - Refactor more 1-element arrays into flexible arrays (Gustavo A. R. Silva)
 
 - Analyze and replace strlcpy and strncpy uses (Justin Stitt, Azeem Shaikh)
 
 - Convert group_info.usage to refcount_t (Elena Reshetova)
 
 - Add __counted_by annotations (Kees Cook, Gustavo A. R. Silva)
 
 - Add Kconfig fragment for basic hardening options (Kees Cook, Lukas Bulwahn)
 
 - Fix randstruct GCC plugin performance mode to stay in groups (Kees Cook)
 
 - Fix strtomem() compile-time check for small sources (Kees Cook)
 -----BEGIN PGP SIGNATURE-----
 
 iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmU/3cUWHGtlZXNjb29r
 QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJsEoEACBGPSiOmfSWdH3TOnIG270PD24
 jGjg8KFv7RC/JTOdYmpLl0okdlGT9LvjN/ToSSDEw3PIayxoXUdhkbYy0MYtiV3m
 yz2ozDTzJuplQX/W2fPE+nXSzIwHao2zjPPFjHnT7lt8IIjhgjiOtLfZ2gGUkW99
 Mdu2aWh3u0r4tC8OS23++yN5ibRc5l72efsjDWjZ0aPXnxE1bjmLMiIPiizpndIf
 beasPuDBs98sJVYouemCwnsPXuXOPz3Q1Cpo/fTd+TMTJCLSemCQZCTuOBU0acI/
 ZjLCgCaJU1yIYKBMtrIN4G9kITZniXX3/Nm4o6NQMVlcCqMeNaHuflomqWoqWfhE
 UPbRo2eghZOaMNiCKLLvZDIqPrh1IcsiEl6Ef3W4hICc42GTK96IuGisIvDXwQ4N
 /SzTOupJuN42noh3z1M3XuZy5RoXJ99IYDNY5CTKf9IdqvA0bbGkU3nb1gZH/xw9
 BjTqKzR/7K1kTXuSgagDZ1Wceej9pZxhX7E3IHYsP8ZOvKug3EeL4yybVwQ3HRfq
 Qnzcp/qPB9cOkLSQXveRTFTsj2mX28Gixct/iDuc1jIYwGQlY1gI6dcUcqby6ptM
 BrQti7eR2NH2+T3aE2UVCIWsZVhx7NaSF+z8JxfAuu56jicc4xJVsi8zrNveWX5M
 m2VXyBl3121BVtKi4w==
 =0iVF
 -----END PGP SIGNATURE-----

Merge tag 'hardening-v6.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull hardening updates from Kees Cook:
 "One of the more voluminous set of changes is for adding the new
  __counted_by annotation[1] to gain run-time bounds checking of
  dynamically sized arrays with UBSan.

   - Add LKDTM test for stuck CPUs (Mark Rutland)

   - Improve LKDTM selftest behavior under UBSan (Ricardo Cañuelo)

   - Refactor more 1-element arrays into flexible arrays (Gustavo A. R.
     Silva)

   - Analyze and replace strlcpy and strncpy uses (Justin Stitt, Azeem
     Shaikh)

   - Convert group_info.usage to refcount_t (Elena Reshetova)

   - Add __counted_by annotations (Kees Cook, Gustavo A. R. Silva)

   - Add Kconfig fragment for basic hardening options (Kees Cook, Lukas
     Bulwahn)

   - Fix randstruct GCC plugin performance mode to stay in groups (Kees
     Cook)

   - Fix strtomem() compile-time check for small sources (Kees Cook)"

* tag 'hardening-v6.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: (56 commits)
  hwmon: (acpi_power_meter) replace open-coded kmemdup_nul
  reset: Annotate struct reset_control_array with __counted_by
  kexec: Annotate struct crash_mem with __counted_by
  virtio_console: Annotate struct port_buffer with __counted_by
  ima: Add __counted_by for struct modsig and use struct_size()
  MAINTAINERS: Include stackleak paths in hardening entry
  string: Adjust strtomem() logic to allow for smaller sources
  hardening: x86: drop reference to removed config AMD_IOMMU_V2
  randstruct: Fix gcc-plugin performance mode to stay in group
  mailbox: zynqmp: Annotate struct zynqmp_ipi_pdata with __counted_by
  drivers: thermal: tsens: Annotate struct tsens_priv with __counted_by
  irqchip/imx-intmux: Annotate struct intmux_data with __counted_by
  KVM: Annotate struct kvm_irq_routing_table with __counted_by
  virt: acrn: Annotate struct vm_memory_region_batch with __counted_by
  hwmon: Annotate struct gsc_hwmon_platform_data with __counted_by
  sparc: Annotate struct cpuinfo_tree with __counted_by
  isdn: kcapi: replace deprecated strncpy with strscpy_pad
  isdn: replace deprecated strncpy with strscpy
  NFS/flexfiles: Annotate struct nfs4_ff_layout_segment with __counted_by
  nfs41: Annotate struct nfs4_file_layout_dsaddr with __counted_by
  ...
2023-10-30 19:09:55 -10:00
..
atomic locking/atomic: Add generic support for sync_try_cmpxchg() and its fallback 2023-10-09 18:14:15 +02:00
basic kbuild: implement CONFIG_TRIM_UNUSED_KSYMS without recursion 2023-06-22 21:21:06 +09:00
clang-tools gen_compile_commands: add assembly files to compilation database 2023-07-23 22:36:07 +09:00
coccinelle Revert "debugfs, coccinelle: check for obsolete DEFINE_SIMPLE_ATTRIBUTE() usage" 2023-07-29 11:05:31 -04:00
dtc dt: dt-check-compatible: Find struct of_device_id instances with compiler annotations 2023-08-17 13:07:39 -05:00
dummy-tools kbuild: dummy-tools: make MPROFILE_KERNEL checks work on BE 2023-09-01 16:38:04 +09:00
gcc-plugins randstruct: Fix gcc-plugin performance mode to stay in group 2023-10-08 22:46:05 -07:00
gdb revert "scripts/gdb/symbols: add specific ko module load command" 2023-09-19 13:21:33 -07:00
genksyms genksyms: adjust the output format to modpost 2022-05-24 16:33:20 +09:00
kconfig kconfig: fix possible buffer overflow 2023-09-06 02:00:02 +09:00
ksymoops
mod modpost: Don't let "driver"s reference .exit.* 2023-10-01 14:55:30 +09:00
package kbuild: remove stale code for 'source' symlink in packaging scripts 2023-10-01 23:06:06 +09:00
selinux selinux: remove runtime disable message in the install_policy.sh script 2022-09-20 14:12:25 -04:00
tracing tracing: Always use canonical ftrace path 2023-02-18 14:34:09 -05:00
.gitignore rust: support running Rust documentation tests as KUnit ones 2023-07-19 09:32:53 -06:00
as-version.sh kbuild: Update assembler calls to use proper flags and language target 2023-01-26 12:41:38 +09:00
asn1_compiler.c ASN.1: Fix check for strdup() success 2023-04-21 08:58:00 -07:00
bloat-o-meter scripts/bloat-o-meter: count weak symbol sizes 2023-08-21 13:46:25 -07:00
bootgraph.pl
bpf_doc.py bpf, docs: Fix invalid escape sequence warnings in bpf_doc.py 2023-08-31 13:56:31 +02:00
cc-can-link.sh
cc-version.sh scripts: Remove ICC-related dead code 2023-04-24 10:18:32 -07:00
check_extable.sh
check-git kbuild: use git-archive for source package creation 2023-03-16 22:46:12 +09:00
check-sysctl-docs sysctl: Remove register_sysctl_table 2023-05-23 21:43:26 -07:00
checkdeclares.pl
checkincludes.pl
checkkconfigsymbols.py scripts: handle BrokenPipeError for python scripts 2023-01-26 12:43:33 +09:00
checkpatch.pl Revert "checkpatch: Error out if deprecated RCU API used" 2023-09-13 22:27:15 +02:00
checkstack.pl sh: remove sh5/sh64 last fragments 2023-03-23 10:02:02 +01:00
checksyscalls.sh checksyscalls: ignore fstat to silence build warning on LoongArch 2023-03-23 17:18:32 -07:00
checkversion.pl
cleanfile
cleanpatch
coccicheck scripts: coccicheck: Use /usr/bin/env 2023-02-25 20:11:06 +01:00
config
const_structs.checkpatch const_structs.checkpatch: add xattr_handler 2023-10-12 17:14:11 +02:00
decode_stacktrace.sh scripts: decode_stacktrace: demangle Rust symbols 2022-09-28 09:01:40 +02:00
decodecode scripts/decodecode: Add support for RISC-V 2023-02-21 16:53:54 -08:00
depmod.sh kbuild: move depmod rule to scripts/Makefile.modinst 2023-08-29 22:38:23 +09:00
dev-needs.sh
diffconfig scripts: handle BrokenPipeError for python scripts 2023-01-26 12:43:33 +09:00
documentation-file-ref-check
export_report.pl
extract_xc3028.pl
extract-ikconfig scripts/extract-ikconfig: add zstd compression support 2022-08-29 13:58:47 +09:00
extract-module-sig.pl
extract-sys-certs.pl
extract-vmlinux
faddr2line scripts/faddr2line: Skip over mapping symbols in output from readelf 2023-10-23 08:36:46 -07:00
file-size.sh
find-unused-docs.sh
gcc-x86_32-has-stack-protector.sh
gcc-x86_64-has-stack-protector.sh
gen-randstruct-seed.sh randstruct: Move seed generation into scripts/basic/ 2022-05-08 01:33:07 -07:00
generate_initcall_order.pl
generate_rust_analyzer.py scripts: generate_rust_analyzer: provide cfgs for core and alloc 2023-08-20 22:54:32 +02:00
generate_rust_target.rs x86: enable initial Rust support 2022-09-28 09:02:45 +02:00
get_abi.pl scripts/get_abi: Fix wrong script file name in the help message 2022-04-24 10:38:44 +02:00
get_dvb_firmware
get_feat.pl scripts: get_feat.pl: use /usr/bin/env to find perl 2022-06-30 12:22:17 -06:00
get_maintainer.pl get_maintainer: Honor mailmap for in file emails 2022-04-29 14:38:00 -07:00
gfp-translate scripts: fix the gfp flags header path in gfp-translate 2023-06-19 13:19:32 -07:00
head-object-list.txt powerpc/64: Rename entry_64.S to prom_entry_64.S 2023-06-15 14:04:19 +10:00
headerdep.pl
headers_install.sh x86: Remove the arch_calc_vm_prot_bits() macro from the UAPI 2023-09-06 23:50:46 +02:00
insert-sys-cert.c
install.sh kbuild: factor out the common installation code into scripts/install.sh 2022-05-11 21:45:53 +09:00
jobserver-exec scripts: support GNU make 4.4 in jobserver-exec 2023-01-16 20:15:20 +09:00
kallsyms.c scripts/kallsyms: Fix build failure by setting errno before calling getline() 2023-07-29 15:57:32 +09:00
Kbuild.include kbuild: replace $(dot-target).tmp in filechk with $(tmp-target) 2023-01-22 23:43:33 +09:00
Kconfig.include kbuild: Update assembler calls to use proper flags and language target 2023-01-26 12:41:38 +09:00
kernel-doc scripts: kernel-doc: fix macro handling in enums 2023-08-18 11:14:08 -06:00
ld-version.sh
leaking_addresses.pl leaking_addresses: also skip canonical ftrace path 2023-03-29 06:52:08 -04:00
Lindent
link-vmlinux.sh Kbuild updates for v6.4 2023-04-30 11:32:53 -07:00
Makefile rust: support running Rust documentation tests as KUnit ones 2023-07-19 09:32:53 -06:00
Makefile.asm-generic kbuild: add kbuild-file macro 2022-11-22 23:40:02 +09:00
Makefile.build kbuild: rust: avoid creating temporary files 2023-07-24 03:15:31 +09:00
Makefile.clang Kbuild updates for v6.5 2023-07-01 09:24:31 -07:00
Makefile.clean kbuild: make clean rule robust against too long argument error 2023-06-25 23:12:20 +09:00
Makefile.compiler Kbuild updates for v6.5 2023-07-01 09:24:31 -07:00
Makefile.debug Makefile.debug: support for -gz=zstd 2022-11-21 10:18:39 +09:00
Makefile.defconf kbuild: Provide a version of merge_into_defconfig without override warnings 2023-02-13 20:18:28 +01:00
Makefile.dtbinst kbuild: Support flat DTBs install 2023-06-21 07:51:08 -06:00
Makefile.extrawarn extrawarn: move -Wrestrict into W=1 warnings 2023-08-20 14:16:59 +09:00
Makefile.gcc-plugins gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin disabled for a file 2022-08-16 12:25:53 -07:00
Makefile.headersinst
Makefile.host kbuild: rust: avoid creating temporary files 2023-07-24 03:15:31 +09:00
Makefile.kasan kasan: remove hwasan-kernel-mem-intrinsic-prefix=1 for clang-14 2023-04-18 16:29:43 -07:00
Makefile.kcov
Makefile.kcsan kcsan: Ignore GCC 11+ warnings about TSan runtime support 2021-12-09 16:42:27 -08:00
Makefile.kmsan kmsan: add KMSAN runtime core 2022-10-03 14:03:19 -07:00
Makefile.lib kbuild: Disallow DTB overlays to built from .dts named source files 2023-05-22 10:34:37 +09:00
Makefile.modfinal btf, scripts: rust: drop is_rust_module.sh 2023-08-10 22:28:04 +02:00
Makefile.modinst kbuild: Use CRC32 and a 1MiB dictionary for XZ compressed modules 2023-09-25 16:01:05 +09:00
Makefile.modpost linux/export.h: make <linux/export.h> independent of CONFIG_MODULES 2023-07-25 00:59:32 +09:00
Makefile.package kbuild: deb-pkg: support DEB_BUILD_OPTIONS=parallel=N in debian/rules 2023-08-29 22:29:35 +09:00
Makefile.randstruct randstruct: Enable Clang support 2022-05-08 01:33:07 -07:00
Makefile.ubsan ubsan: Tighten UBSAN_BOUNDS on GCC 2023-05-16 13:57:14 -07:00
Makefile.userprogs
Makefile.vmlinux x86/retpoline: Make sure there are no unconverted return thunks due to KCSAN 2023-10-20 13:02:23 +02:00
Makefile.vmlinux_o x86/srso: Fix unret validation dependencies 2023-10-20 11:46:59 +02:00
makelst
markup_oops.pl
min-tool-version.sh rust: bindgen: upgrade to 0.65.1 2023-08-15 00:37:22 +02:00
misc-check kbuild: make W=1 warn files that are tracked but ignored by git 2023-01-22 23:43:33 +09:00
mkcompile_h Revert "kbuild: Make scripts/compile.h when sh != bash" 2022-09-29 04:40:15 +09:00
mksysmap scripts/mksysmap: Ignore prefixed KCFI symbols 2023-06-27 08:35:43 +09:00
mkuboot.sh
module.lds.S arm64: unwind: add asynchronous unwind tables to kernel and modules 2022-11-09 18:06:35 +00:00
modules-check.sh kbuild: change module.order to list *.o instead of *.ko 2022-12-14 15:42:40 +09:00
nsdeps scripts/nsdeps: adjust to the format change of *.mod files 2022-06-08 20:14:13 +09:00
objdiff kbuild: clean .tmp_* pattern by make clean 2022-06-05 06:20:57 +09:00
objdump-func scripts/objdump-func: Support multiple functions 2023-04-14 16:08:28 +02:00
orc_hash.sh x86/unwind/orc: Add ELF section with ORC version identifier 2023-06-16 17:17:42 +02:00
pahole-flags.sh bpf: Add --skip_encoding_btf_inconsistent_proto, --btf_gen_optimized to pahole flags for v1.25 2023-05-12 11:47:05 -07:00
pahole-version.sh kbuild: Add CONFIG_PAHOLE_VERSION 2022-02-02 11:19:33 +01:00
parse-maintainers.pl
patch-kernel
profile2linkerlist.pl
prune-kernel scripts/prune-kernel: Use kernel-install if available 2022-05-11 21:46:38 +09:00
recordmcount.c recordmcount: Fix memory leaks in the uwrite function 2023-04-25 21:10:20 -04:00
recordmcount.h
recordmcount.pl nds32: Remove the architecture 2022-03-07 13:54:59 +01:00
relocs_check.sh powerpc: Move script to check relocations at compile time in scripts/ 2023-04-19 07:46:31 -07:00
remove-stale-files kbuild: rpm-pkg: rename binkernel.spec to kernel.spec 2023-07-25 00:59:33 +09:00
rust_is_available_bindgen_libclang.h scripts: add rust_is_available.sh 2022-09-28 09:02:06 +02:00
rust_is_available_test.py kbuild: rust_is_available: add test suite 2023-08-10 01:18:34 +02:00
rust_is_available.sh kbuild: rust_is_available: check that output looks as expected 2023-08-10 01:18:34 +02:00
rustdoc_test_builder.rs rust: support running Rust documentation tests as KUnit ones 2023-07-19 09:32:53 -06:00
rustdoc_test_gen.rs rust: support running Rust documentation tests as KUnit ones 2023-07-19 09:32:53 -06:00
setlocalversion scripts/setlocalversion: also consider annotated tags of the form vx.y.z-${file_localversion} 2023-08-08 01:08:54 +09:00
show_delta
sign-file.c sign-file: Fix confusing error messages 2022-08-03 23:56:20 +03:00
sorttable.c LoongArch: extable: Add type and data fields 2022-12-14 08:36:11 +08:00
sorttable.h x86,objtool: Split UNWIND_HINT_EMPTY in two 2023-03-23 23:18:58 +01:00
spdxcheck-test.sh docs: move Linux logo into a new images folder 2022-06-01 09:32:45 -06:00
spdxcheck.py scripts/spdxcheck: Put excluded files and directories into a separate file 2022-05-18 15:34:33 +02:00
spdxexclude scripts/spdxcheck: Exclude top-level README 2022-05-18 15:35:42 +02:00
spelling.txt scripts/spelling.txt: remove 'thead' as a typo 2023-07-27 13:07:04 -07:00
sphinx-pre-install docs: sphinx-pre-install: don't require the RTD theme 2022-10-13 11:14:43 -06:00
split-man.pl
stackdelta
stackusage
subarch.include LoongArch: Add build infrastructure 2022-06-03 20:09:27 +08:00
syscallhdr.sh
syscallnr.sh
syscalltbl.sh
tags.sh Char/Misc and other driver subsystem updates for 6.5-rc1 2023-07-03 12:46:47 -07:00
test_fortify.sh fortify: Update compile-time tests for Clang 14 2022-02-13 16:50:06 -08:00
tools-support-relr.sh Makefile: use -z pack-relative-relocs 2023-04-17 11:23:06 +09:00
unifdef.c
ver_linux
xen-hypercalls.sh
xz_wrap.sh