linux/fs
Linus Torvalds 4a7d37e824 hardening updates for v6.3-rc1
- Replace 0-length and 1-element arrays with flexible arrays in various
   subsystems (Paulo Miguel Almeida, Stephen Rothwell, Kees Cook)
 
 - randstruct: Disable Clang 15 support (Eric Biggers)
 
 - GCC plugins: Drop -std=gnu++11 flag (Sam James)
 
 - strpbrk(): Refactor to use strchr() (Andy Shevchenko)
 
 - LoadPin LSM: Allow root filesystem switching when non-enforcing
 
 - fortify: Use dynamic object size hints when available
 
 - ext4: Fix CFI function prototype mismatch
 
 - Nouveau: Fix DP buffer size arguments
 
 - hisilicon: Wipe entire crypto DMA pool on error
 
 - coda: Fully allocate sig_inputArgs
 
 - UBSAN: Improve arm64 trap code reporting
 
 - copy_struct_from_user(): Add minimum bounds check on kernel buffer size
 -----BEGIN PGP SIGNATURE-----
 
 iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmPv1Y8WHGtlZXNjb29r
 QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJg5UD/9x3Lx0EG3iL4qPtjmohaXd899r
 AzP1ysoxYnmo/cY0//W3DPCJrUaVlTm7M2xXOpzi7YPVD8Jcofzy6Uxm9BiG/OJ9
 bla7uQixlDMA2MBmWzAXhM7337WgEtBcr6kbXk6rHFnzmk8CdAY3wjmLmiefxEWT
 gkdeJlbkBFynssSF2nejgCvr/ZyiWQr2V9hRdEavLQH/MDS785bmNwbLyUNqK+eo
 gOtuyjyV90t+cSIN0bF7gOCFGf1ivKA/+GNFrob0jY0Fy2kGx1I2wQMn9yzjzerC
 o6Majz9r+7Z7xIaz2Pm9nDaWyZDI05RfoRpQZ9dSEJ+zYgbFBFpDpJShcJvSpNa0
 POqeR400n/6VWBcbk7UU0s7VCVU13IsOFhBSVMQM5FfzIcUkj0/VBm0Jm0ODrpM9
 13/nKyAkvHkH0uSJbQjn79rXvEvqQyi5f28emm2CuhiHHUiDEUdsmMD7fE8UXo4r
 U8dgfwTOLLQBKmOQJcgiLo8iLDPhatZKYQAZ7LMY9kbHLsJlRVxfzY9PriNCuI5o
 XuMLJG33TrlUDfqQrKeSJ9srVRiiIBAzoWnIfIVE3Xb46LqFNXVRdJCt4A2678jn
 gYIzkQ2HbVe2chUhUyjsjGTjmmeX9qZG0UOlhRQ0RvWFxi390wwYqhkSaOEGtDGv
 QbVh0Lb86m3H/G+M9g==
 =XnVa
 -----END PGP SIGNATURE-----

Merge tag 'hardening-v6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull hardening updates from Kees Cook:
 "Beyond some specific LoadPin, UBSAN, and fortify features, there are
  other fixes scattered around in various subsystems where maintainers
  were okay with me carrying them in my tree or were non-responsive but
  the patches were reviewed by others:

   - Replace 0-length and 1-element arrays with flexible arrays in
     various subsystems (Paulo Miguel Almeida, Stephen Rothwell, Kees
     Cook)

   - randstruct: Disable Clang 15 support (Eric Biggers)

   - GCC plugins: Drop -std=gnu++11 flag (Sam James)

   - strpbrk(): Refactor to use strchr() (Andy Shevchenko)

   - LoadPin LSM: Allow root filesystem switching when non-enforcing

   - fortify: Use dynamic object size hints when available

   - ext4: Fix CFI function prototype mismatch

   - Nouveau: Fix DP buffer size arguments

   - hisilicon: Wipe entire crypto DMA pool on error

   - coda: Fully allocate sig_inputArgs

   - UBSAN: Improve arm64 trap code reporting

   - copy_struct_from_user(): Add minimum bounds check on kernel buffer
     size"

* tag 'hardening-v6.3-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  randstruct: disable Clang 15 support
  uaccess: Add minimum bounds check on kernel buffer size
  arm64: Support Clang UBSAN trap codes for better reporting
  coda: Avoid partial allocation of sig_inputArgs
  gcc-plugins: drop -std=gnu++11 to fix GCC 13 build
  lib/string: Use strchr() in strpbrk()
  crypto: hisilicon: Wipe entire pool on error
  net/i40e: Replace 0-length array with flexible array
  io_uring: Replace 0-length array with flexible array
  ext4: Fix function prototype mismatch for ext4_feat_ktype
  i915/gvt: Replace one-element array with flexible-array member
  drm/nouveau/disp: Fix nvif_outp_acquire_dp() argument size
  LoadPin: Allow filesystem switch when not enforcing
  LoadPin: Move pin reporting cleanly out of locking
  LoadPin: Refactor sysctl initialization
  LoadPin: Refactor read-only check into a helper
  ARM: ixp4xx: Replace 0-length arrays with flexible arrays
  fortify: Use __builtin_dynamic_object_size() when available
  rxrpc: replace zero-lenth array with DECLARE_FLEX_ARRAY() helper
2023-02-21 11:07:23 -08:00
..
9p fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
adfs fs: port ->setattr() to pass mnt_idmap 2023-01-19 09:24:02 +01:00
affs for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
afs for-6.3/block-2023-02-16 2023-02-20 14:27:21 -08:00
autofs fs: port ->permission() to pass mnt_idmap 2023-01-19 09:24:28 +01:00
befs
bfs fs: port inode_init_owner() to mnt_idmap 2023-01-19 09:24:28 +01:00
btrfs RCU pull request for v6.3 2023-02-21 10:45:51 -08:00
cachefiles fs: port ->permission() to pass mnt_idmap 2023-01-19 09:24:28 +01:00
ceph for-6.3/block-2023-02-16 2023-02-20 14:27:21 -08:00
cifs for-6.3/block-2023-02-16 2023-02-20 14:27:21 -08:00
coda hardening updates for v6.3-rc1 2023-02-21 11:07:23 -08:00
configfs fs: port ->permission() to pass mnt_idmap 2023-01-19 09:24:28 +01:00
cramfs
crypto fsverity updates for 6.3 2023-02-20 12:33:41 -08:00
debugfs fs: port ->rename() to pass mnt_idmap 2023-01-19 09:24:26 +01:00
devpts
dlm dlm for 6.3 2023-02-20 13:05:24 -08:00
ecryptfs fs: port xattr to mnt_idmap 2023-01-19 09:24:28 +01:00
efivarfs fs: port ->fileattr_set() to pass mnt_idmap 2023-01-19 09:24:27 +01:00
efs
erofs Changes since last update: 2023-02-20 12:23:40 -08:00
exfat for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
exportfs fs: port ->permission() to pass mnt_idmap 2023-01-19 09:24:28 +01:00
ext2 for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
ext4 hardening updates for v6.3-rc1 2023-02-21 11:07:23 -08:00
f2fs fsverity updates for 6.3 2023-02-20 12:33:41 -08:00
fat for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
freevxfs freevxfs: Kconfig: fix spelling 2023-01-31 16:44:08 -08:00
fscache fscache: Use clear_and_wake_up_bit() in fscache_create_volume_work() 2023-01-30 12:51:54 +00:00
fuse fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
gfs2 fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
hfs for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
hfsplus for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
hostfs fs: port ->permission() to pass mnt_idmap 2023-01-19 09:24:28 +01:00
hpfs fs: port ->rename() to pass mnt_idmap 2023-01-19 09:24:26 +01:00
hugetlbfs fs: port inode_init_owner() to mnt_idmap 2023-01-19 09:24:28 +01:00
iomap iomap: remove IOMAP_F_ZONE_APPEND 2023-02-15 19:38:53 +01:00
isofs
jbd2 jbd2: switch jbd2_submit_inode_data() to use fs-provided hook for data writeout 2022-12-08 21:49:25 -05:00
jffs2 fs: port acl to mnt_idmap 2023-01-19 09:24:28 +01:00
jfs for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
kernfs fs: port xattr to mnt_idmap 2023-01-19 09:24:28 +01:00
ksmbd fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
lockd fs: remove locks_inode 2023-01-11 06:52:43 -05:00
minix fs: port inode_init_owner() to mnt_idmap 2023-01-19 09:24:28 +01:00
netfs use less confusing names for iov_iter direction initializers 2022-11-25 13:01:55 -05:00
nfs for-6.3/block-2023-02-16 2023-02-20 14:27:21 -08:00
nfs_common filelock: move file locking definitions to separate header file 2023-01-11 06:52:32 -05:00
nfsd fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
nilfs2 for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
nls
notify RCU pull request for v6.3 2023-02-21 10:45:51 -08:00
ntfs fs: port ->setattr() to pass mnt_idmap 2023-01-19 09:24:02 +01:00
ntfs3 for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
ocfs2 for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
omfs fs: port inode_init_owner() to mnt_idmap 2023-01-19 09:24:28 +01:00
openpromfs
orangefs for-6.3/block-2023-02-16 2023-02-20 14:27:21 -08:00
overlayfs fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
proc fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
pstore pstore updates for v6.2-rc1-fixes 2022-12-23 11:55:54 -08:00
qnx4
qnx6
quota RCU pull request for v6.3 2023-02-21 10:45:51 -08:00
ramfs fs: port inode_init_owner() to mnt_idmap 2023-01-19 09:24:28 +01:00
reiserfs for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
romfs
smbfs_common
squashfs revert "squashfs: harden sanity check in squashfs_read_xattr_id_table" 2023-02-03 17:52:25 -08:00
sysfs
sysv fs: port inode_init_owner() to mnt_idmap 2023-01-19 09:24:28 +01:00
tracefs fs: port ->mkdir() to pass mnt_idmap 2023-01-19 09:24:26 +01:00
ubifs fs: port inode_init_owner() to mnt_idmap 2023-01-19 09:24:28 +01:00
udf for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
ufs fs: port inode_init_owner() to mnt_idmap 2023-01-19 09:24:28 +01:00
unicode
vboxsf fs: port ->rename() to pass mnt_idmap 2023-01-19 09:24:26 +01:00
verity fsverity: support verifying data from large folios 2023-01-27 14:46:31 -08:00
xfs fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
zonefs fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
aio.c aio: fix mremap after fork null-deref 2023-02-03 17:52:24 -08:00
anon_inodes.c
attr.c fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
bad_inode.c fs: port ->permission() to pass mnt_idmap 2023-01-19 09:24:28 +01:00
binfmt_elf_fdpic.c elfcore: Add a cprm parameter to elf_core_extra_{phdrs,data_size} 2023-01-05 15:12:12 +00:00
binfmt_elf_test.c
binfmt_elf.c Linux 6.2-rc6 2023-01-31 15:01:20 +01:00
binfmt_flat.c
binfmt_misc.c binfmt_misc: fix shift-out-of-bounds in check_special_flags 2022-12-02 13:57:04 -08:00
binfmt_script.c
buffer.c fscrypt: support decrypting data from large folios 2023-01-28 15:10:12 -08:00
char_dev.c chardev: fix error handling in cdev_device_add() 2022-12-02 17:48:59 +01:00
compat_binfmt_elf.c
coredump.c for-6.3/block-2023-02-16 2023-02-20 14:27:21 -08:00
d_path.c
dax.c fsdax: dax_unshare_iter() should return a valid length 2023-02-03 17:52:24 -08:00
dcache.c
direct-io.c fs: move sb_init_dio_done_wq out of direct-io.c 2023-01-26 10:30:56 -07:00
drop_caches.c
eventfd.c eventfd: provide a eventfd_signal_mask() helper 2022-11-22 06:07:55 -07:00
eventpoll.c eventpoll: add EPOLL_URING_WAKE poll wakeup flag 2022-11-21 07:45:29 -07:00
exec.c Scheduler updates in this cycle are: 2023-02-20 17:41:08 -08:00
fcntl.c fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
fhandle.c
file_table.c filelock: move file locking definitions to separate header file 2023-01-11 06:52:32 -05:00
file.c fs: use acquire ordering in __fget_light() 2022-10-31 15:30:11 -04:00
filesystems.c
fs_context.c
fs_parser.c ext4: journal_path mount options should follow links 2022-12-01 10:46:54 -05:00
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c for-6.2/writeback-2022-12-12 2022-12-15 18:09:48 -08:00
fsopen.c
init.c fs: port ->permission() to pass mnt_idmap 2023-01-19 09:24:28 +01:00
inode.c fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
internal.h for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
ioctl.c fs: port inode_owner_or_capable() to mnt_idmap 2023-01-19 09:24:29 +01:00
Kconfig fs: build the legacy direct I/O code conditionally 2023-01-26 10:30:56 -07:00
Kconfig.binfmt
kernel_read_file.c
libfs.c fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
locks.c RCU pull request for v6.3 2023-02-21 10:45:51 -08:00
Makefile for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
mbcache.c ext4: fix deadlock due to mbcache entry corruption 2022-12-08 21:49:25 -05:00
mnt_idmapping.c fs: move mnt_idmap 2023-01-19 09:24:30 +01:00
mount.h
mpage.c fs: gracefully handle ->get_block not mapping bh in __mpage_writepage 2023-01-26 16:46:35 +01:00
namei.c fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
namespace.c fs: move mnt_idmap 2023-01-19 09:24:30 +01:00
no-block.c
nsfs.c
open.c fs.v6.3 2023-02-20 12:03:55 -08:00
pipe.c
pnode.c pnode: terminate at peers of source 2022-12-21 14:45:25 +01:00
pnode.h
posix_acl.c fs.acl.v6.3 2023-02-20 12:14:33 -08:00
proc_namespace.c
read_write.c iov_iter work; most of that is about getting rid of 2022-12-12 18:29:54 -08:00
readdir.c
remap_range.c fs: port i_{g,u}id_into_vfs{g,u}id() to mnt_idmap 2023-01-19 09:24:29 +01:00
select.c
seq_file.c use less confusing names for iov_iter direction initializers 2022-11-25 13:01:55 -05:00
signalfd.c
splice.c splice: use bvec_set_page to initialize a bvec 2023-02-03 10:17:42 -07:00
stack.c
stat.c fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
statfs.c
super.c for-6.3/dio-2023-02-16 2023-02-20 14:10:36 -08:00
sync.c
sysctls.c
timerfd.c
userfaultfd.c mm/userfaultfd: enable writenotify while userfaultfd-wp is enabled for a VMA 2023-01-11 16:14:20 -08:00
utimes.c fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00
xattr.c fs.idmapped.v6.3 2023-02-20 11:53:11 -08:00