...@microsemi.com
Cc: linux-scsi@vger.kernel.org
Signed-off-by: Kees Cook
---
drivers/scsi/smartpqi/smartpqi_init.c | 9 -
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/drivers/scsi/smartpqi/smartpqi_init.c
b/drivers/scsi/smartpqi/smartpqi_init.c
index 8fe918398336..b2880
tin K. Petersen"
Cc: dc3...@twibble.org
Cc: linux-scsi@vger.kernel.org
Signed-off-by: Kees Cook
---
drivers/scsi/dc395x.c | 13 +
1 file changed, 5 insertions(+), 8 deletions(-)
diff --git a/drivers/scsi/dc395x.c b/drivers/scsi/dc395x.c
index 5ee7f44cf869..60ef8df42b95 10064
c: Michael Ellerman
Cc: "James E.J. Bottomley"
Cc: linux-scsi@vger.kernel.org
Cc: linuxppc-...@lists.ozlabs.org
Signed-off-by: Kees Cook
---
This requires commit 686fef928bba ("timer: Prepare to change timer
callback argument type") in v4.14-rc3, but should be otherwise
"Martin K. Petersen"
Cc: Thomas Gleixner
Signed-off-by: Kees Cook
---
This requires commit 686fef928bba ("timer: Prepare to change timer
callback argument type") in v4.14-rc3, but should be otherwise
stand-alone.
---
drivers/scsi/aic7xxx/aic79xx.h | 5 +
drivers/sc
Cc: Thomas Gleixner
Signed-off-by: Kees Cook
---
This requires commit 686fef928bba ("timer: Prepare to change timer
callback argument type") in v4.14-rc3, but should be otherwise
stand-alone.
---
drivers/scsi/pmcraid.c | 33 +
1 file changed, 13 insert
slow_task.
Cc: John Garry
Cc: "James E.J. Bottomley"
Cc: "Martin K. Petersen"
Cc: Jack Wang
Cc: lindar_...@usish.com
Cc: Jens Axboe
Cc: Hannes Reinecke
Cc: Johannes Thumshirn
Cc: Benjamin Block
Cc: Baoyou Xie
Cc: Wei Yongjun
Cc: linux-scsi@vger.kernel.org
Cc: Thomas Glei
tin K. Petersen"
Cc: linux-scsi@vger.kernel.org
Cc: Thomas Gleixner
Signed-off-by: Kees Cook
---
This requires commit 686fef928bba ("timer: Prepare to change timer
callback argument type") in v4.14-rc3, but should be otherwise
stand-alone.
---
drivers/scsi/isci/host.c| 12 +
i@vger.kernel.org
Cc: Thomas Gleixner
Signed-off-by: Kees Cook
---
This requires commit 686fef928bba ("timer: Prepare to change timer
callback argument type") in v4.14-rc3, but should be otherwise
stand-alone.
---
drivers/scsi/ipr.c | 30 +++---
1 file changed,
i@vger.kernel.org
Cc: Thomas Gleixner
Signed-off-by: Kees Cook
---
This requires commit 686fef928bba ("timer: Prepare to change timer
callback argument type") in v4.14-rc3, but should be otherwise
stand-alone.
---
drivers/scsi/cxgbi/cxgb3i/cxgb3i.c | 8
drivers/scsi/cxgbi/cxgb4i/
uot;
Cc: linux-scsi@vger.kernel.org
Cc: Thomas Gleixner
Signed-off-by: Kees Cook
---
This requires commit 686fef928bba ("timer: Prepare to change timer
callback argument type") in v4.14-rc3, but should be otherwise
stand-alone.
---
drivers/scsi/qla2xxx/qla_gbl.h| 6 +++---
drivers/
uot;
Cc: linux-scsi@vger.kernel.org
Cc: Thomas Gleixner
Signed-off-by: Kees Cook
---
This requires commit 686fef928bba ("timer: Prepare to change timer
callback argument type") in v4.14-rc3, but should be otherwise
stand-alone.
---
drivers/scsi/lpfc/lpfc_crtn.h| 16 ---
"
Cc: Johannes Thumshirn
Cc: linux-scsi@vger.kernel.org
Cc: fcoe-de...@open-fcoe.org
Cc: Thomas Gleixner
Signed-off-by: Kees Cook
---
This requires commit 686fef928bba ("timer: Prepare to change timer
callback argument type") in v4.14-rc3, but should be otherwise
stand-a
Hi,
This is the first of many timer infrastructure cleanups to simplify the
timer API[1]. All of these patches are expected to land via the timer
tree, so Acks (or corrections) appreciated.
These patches refactor various users of timer API that are NOT just using
init_timer() or setup_timer() (wh
"James E.J. Bottomley"
Cc: "Martin K. Petersen"
Cc: Thomas Gleixner
Cc: linux...@vger.kernel.org
Cc: linux1394-de...@lists.sourceforge.net
Cc: linux-s...@vger.kernel.org
Cc: linux-scsi@vger.kernel.org
Signed-off-by: Kees Cook
---
drivers/base/power/main.c | 8 +
This refactors the only users of init_timer_pinned() to use
the new timer_setup() and from_timer(). Drops the definition of
init_timer_pinned().
Cc: Chris Metcalf
Cc: Thomas Gleixner
Cc: net...@vger.kernel.org
Signed-off-by: Kees Cook
---
drivers/net/ethernet/tile/tilepro.c | 9
Mackerras
Cc: Michael Ellerman
Cc: Thomas Gleixner
Cc: linux...@vger.kernel.org
Cc: linuxppc-...@lists.ozlabs.org
Signed-off-by: Kees Cook
---
drivers/cpufreq/powernv-cpufreq.c | 13 +++--
include/linux/timer.h | 2 --
2 files changed, 7 insertions(+), 8 deletions(-)
di
-...@lists.ozlabs.org
Cc: net...@vger.kernel.org
Cc: linux-wirel...@vger.kernel.org
Signed-off-by: Kees Cook
---
arch/powerpc/mm/numa.c | 12 +--
drivers/hsi/clients/ssi_protocol.c | 32
drivers/net/ethernet/qlogic/qlge/qlge_main.c | 11
This removes the now unused TIMER_*INITIALIZER macros:
TIMER_INITIALIZER
TIMER_PINNED_INITIALIZER
TIMER_DEFERRED_INITIALIZER
TIMER_PINNED_DEFERRED_INITIALIZER
Signed-off-by: Kees Cook
---
include/linux/timer.h | 12
1 file changed, 12 deletions(-)
diff --git a/include/linux
Cc: Geert Uytterhoeven
Cc: linux-m...@linux-mips.org
Cc: linux-watch...@vger.kernel.org
Signed-off-by: Kees Cook
---
arch/mips/mti-malta/malta-display.c | 6 +++---
drivers/watchdog/alim7101_wdt.c | 4 ++--
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/arch/mips/mti-malta
In preparation for unconditionally passing the struct timer_list pointer
to all timer callbacks, switch kthread to use from_timer() and pass the
timer pointer explicitly.
Cc: Andrew Morton
Cc: Petr Mladek
Cc: Tejun Heo
Cc: Thomas Gleixner
Cc: Oleg Nesterov
Signed-off-by: Kees Cook
The expires field is normally initialized during the first mod_timer()
call. It was unused by all callers, so remove it from the macro.
Signed-off-by: Kees Cook
---
include/linux/kthread.h | 2 +-
include/linux/timer.h | 5 ++---
include/linux/workqueue.h | 2 +-
3 files changed, 4
Drops the last user of TIMER_INITIALIZER and adapts timer.h to use the
internal version.
Cc: Arnd Bergmann
Cc: Greg Kroah-Hartman
Cc: Mark Gross
Cc: Thomas Gleixner
Signed-off-by: Kees Cook
---
drivers/char/tlclk.c | 12 +---
include/linux/timer.h | 2 +-
2 files changed, 6
In preparation for unconditionally passing the struct timer_list pointer
to all timer callbacks, switch workqueue to use from_timer() and pass the
timer pointer explicitly.
Cc: Tejun Heo
Cc: Lai Jiangshan
Signed-off-by: Kees Cook
---
include/linux/workqueue.h | 15 ---
kernel
...@vger.kernel.org
Signed-off-by: Kees Cook
---
arch/s390/kernel/lgr.c | 6 +++---
arch/s390/kernel/topology.c | 6 +++---
kernel/workqueue.c | 8 +++-
3 files changed, 9 insertions(+), 11 deletions(-)
diff --git a/arch/s390/kernel/lgr.c b/arch/s390/kernel/lgr.c
index ae7dff110054
eliminated.
Cc: John Stultz
Cc: Thomas Gleixner
Cc: Stephen Boyd
Signed-off-by: Kees Cook
---
include/linux/timer.h | 8
kernel/time/timer.c | 26 +++---
2 files changed, 27 insertions(+), 7 deletions(-)
diff --git a/include/linux/timer.h b/include/linux/timer.h
index
Drop the arguments from the macro and adjust all callers with the
following script:
perl -pi -e 's/DEFINE_TIMER\((.*), 0, 0\);/DEFINE_TIMER($1);/g;' \
$(git grep DEFINE_TIMER | cut -d: -f1 | sort -u | grep -v timer.h)
Signed-off-by: Kees Cook
Acked-by: Geert Uytterhoeven # for
There was a seemingly missing call to setup_timer() in one handler,
so add setup_timer() here to remove the open-coded initialization.
Cc: qlogic-storage-upstr...@qlogic.com
Cc: "James E.J. Bottomley"
Cc: "Martin K. Petersen"
Cc: linux-scsi@vger.kernel.org
Signed-off-by: Kee
er.kernel.org
Signed-off-by: Kees Cook
---
drivers/scsi/aic7xxx/aic79xx.h | 5 +
drivers/scsi/aic7xxx/aic79xx_core.c | 29 -
2 files changed, 9 insertions(+), 25 deletions(-)
diff --git a/drivers/scsi/aic7xxx/aic79xx.h b/drivers/scsi/aic7xxx/aic79xx.
: "James E.J. Bottomley"
Cc: "Martin K. Petersen"
Cc: net...@vger.kernel.org
Cc: linux-scsi@vger.kernel.org
Cc: linuxppc-...@lists.ozlabs.org
Signed-off-by: Kees Cook
Acked-by: Tyrel Datwyler # for ibmvscsi
---
drivers/scsi/ibmvscsi/ibmvfc.c | 14 ++
d
aged
memory falls entirely within the slab's usercopy region.
Signed-off-by: David Windsor
[kees: adjust commit log, provide usage trace]
Cc: "James E.J. Bottomley"
Cc: "Martin K. Petersen"
Cc: linux-scsi@vger.kernel.org
Signed-off-by: Kees Cook
---
drivers/scsi/s
red due to the earlier
call to mpt_free_fw_memory()...
-Kees
> ///--->newFwSize can control in userspace
> printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_replace_fw - "
> "Unable to read in mpt_ioctl_replace_fw image "
> "@ %p\n", ioc->name, __FILE__, __LINE__, uarg);
> mpt_free_fw_memory(ioc);
> return -EFAULT;
> }
>
> ..
>
> return 0;
> }
-Kees
--
Kees Cook
Pixel Security
: "James E.J. Bottomley"
Cc: "Martin K. Petersen"
Cc: net...@vger.kernel.org
Cc: linux-scsi@vger.kernel.org
Cc: linuxppc-...@lists.ozlabs.org
Signed-off-by: Kees Cook
---
drivers/net/irda/bfin_sir.c | 5 +++--
drivers/scsi/ibmvscsi/ibmvfc.c | 14 ++
d
There was a seemingly missing call to setup_timer() in one handler,
so add setup_timer() here to remove the open-coded initialization.
Cc: qlogic-storage-upstr...@qlogic.com
Cc: "James E.J. Bottomley"
Cc: "Martin K. Petersen"
Cc: linux-scsi@vger.kernel.org
Signed-off-by: Kee
er.kernel.org
Signed-off-by: Kees Cook
---
drivers/scsi/aic7xxx/aic79xx.h | 5 +
drivers/scsi/aic7xxx/aic79xx_core.c | 29 -
2 files changed, 9 insertions(+), 25 deletions(-)
diff --git a/drivers/scsi/aic7xxx/aic79xx.h b/drivers/scsi/aic7xxx/aic79xx.
On Mon, Aug 28, 2017 at 2:42 PM, Bart Van Assche wrote:
> On Mon, 2017-08-28 at 14:34 -0700, Kees Cook wrote:
>> diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi/scsi_lib.c
>> index f6097b89d5d3..f1c6bd56dd5b 100644
>> --- a/drivers/scsi/scsi_lib.c
>> +++ b/drivers/s
aged
memory falls entirely within the slab's usercopy region.
Signed-off-by: David Windsor
[kees: adjust commit log, provide usage trace]
Cc: "James E.J. Bottomley"
Cc: "Martin K. Petersen"
Cc: linux-scsi@vger.kernel.org
Signed-off-by: Kees Cook
---
drivers/scsi/s
? If the latter, please resend
> this when those changes are in, thanks.
It's in -next currently ("locking/refcount: Create unchecked atomic_t
implementation")
-Kees
--
Kees Cook
Pixel Security
On Mon, May 22, 2017 at 8:05 AM, Varun Prakash wrote:
> On Tue, May 09, 2017 at 03:34:44PM -0700, Kees Cook wrote:
>> When copying attributes, the len argument was padded out and the resulting
>> memcpy() would copy beyond the end of the source buffer. Avoid this,
>> and u
by u16 and that
the DMA buffer was not overflowed. Fixes the size of mfa, which is not
FC_FDMI_PORT_ATTR_MAXFRAMESIZE_LEN (but it will be padded up to 4). This
was noticed by the future CONFIG_FORTIFY_SOURCE checks.
Cc: Daniel Micay
Signed-off-by: Kees Cook
---
drivers/scsi/csiostor
On Fri, May 5, 2017 at 4:01 PM, Bart Van Assche
wrote:
> On Fri, 2017-05-05 at 15:42 -0700, Kees Cook wrote:
>> diff --git a/drivers/scsi/qedf/qedf_main.c b/drivers/scsi/qedf/qedf_main.c
>> index cceddd995a4b..a5c97342fd5d 100644
>> --- a/drivers/scsi/qedf/qedf_main.c
>&
.
Cc: Daniel Micay
Signed-off-by: Kees Cook
---
drivers/scsi/qedf/qedf_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/qedf/qedf_main.c b/drivers/scsi/qedf/qedf_main.c
index cceddd995a4b..a5c97342fd5d 100644
--- a/drivers/scsi/qedf/qedf_main.c
+++ b/drivers
On Fri, Apr 21, 2017 at 2:27 PM, James Bottomley
wrote:
> On Fri, 2017-04-21 at 13:22 -0700, Kees Cook wrote:
>> On Fri, Apr 21, 2017 at 12:55 PM, Eric Biggers
>> wrote:
>> > > > Of course, having extra checks behind a debug option is fine.
>> > >
gging stuff is actually preventing
> the security improvement from being adopted, which is unfortunate.
We've been trying to handle the conflicting desires of those wanting
very precise refcounting implementation and gaining the security
protections. Ultimately, the best way forward seemed to be to first
land the precise refcounting implementation, and start conversion
until we ran into concerns over performance. Now, since we're here, we
can move forward with getting a fast implementation that provides the
desired security protections without too greatly messing with the
refcount API.
-Kees
--
Kees Cook
Pixel Security
that trades
coverage for speed, and checks only the overflow condition. This gets
us the critical coverage without the changes in performance. This is
basically what PaX/grsecurity already did: there is a tiny change to
the atomic inc functions to detect the wrap.
-Kees
--
Kees Cook
Pixel Security
Prepare to mark sensitive kernel structures for randomization by making
sure they're using designated initializers. This also initializes the
array members using the enum used to look up __port_action entries.
Signed-off-by: Kees Cook
---
v3:
- drop bfa_module_s changes, since that has
On Thu, Mar 30, 2017 at 1:18 AM, Christoph Hellwig wrote:
> On Wed, Mar 29, 2017 at 01:55:09PM -0700, Kees Cook wrote:
>> Prepare to mark sensitive kernel structures for randomization by making
>> sure they're using designated initializers. These were identified during
>&
which will be zero-filled,
instead of undesignated NULLs.
Signed-off-by: Kees Cook
---
drivers/scsi/qedf/qedf_debugfs.c | 2 +-
drivers/scsi/qedi/qedi_debugfs.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/scsi/qedf/qedf_debugfs.c b/drivers/scsi/qedf/qedf_debu
Prepare to mark sensitive kernel structures for randomization by making
sure they're using designated initializers. These were identified during
allyesconfig builds of x86, arm, and arm64, with most initializer fixes
extracted from grsecurity.
Signed-off-by: Kees Cook
---
This has been up
tly so the
variables can all be const.
Inspired by similar changes in grsecurity/PaX.
Signed-off-by: Kees Cook
---
Documentation/cdrom/cdrom-standard.tex | 9 +-
drivers/block/paride/pcd.c | 2 +-
drivers/cdrom/cdrom.c | 58 --
dri
fix, new commit messages]
Signed-off-by: Kees Cook
---
v2:
- fix %lu to %zu on sizeof() values, bart
---
drivers/scsi/esas2r/esas2r_init.c | 2 +-
drivers/scsi/esas2r/esas2r_ioctl.c | 2 +-
drivers/scsi/esas2r/esas2r_log.h | 4 ++--
drivers/scsi/esas2r/esas2r_main.c | 4 ++--
4 files changed, 6
On Wed, Dec 21, 2016 at 12:33 AM, Christoph Hellwig wrote:
> On Fri, Dec 16, 2016 at 05:05:15PM -0800, Kees Cook wrote:
>> Prepare to mark sensitive kernel structures for randomization by making
>> sure they're using designated initializers. These were identified during
>&
Prepare to mark sensitive kernel structures for randomization by making
sure they're using designated initializers. These were identified during
allyesconfig builds of x86, arm, and arm64, with most initializer fixes
extracted from grsecurity.
Signed-off-by: Kees Cook
---
drivers/scs
Prepare to mark sensitive kernel structures for randomization by making
sure they're using designated initializers. These were identified during
allyesconfig builds of x86, arm, and arm64, with most initializer fixes
extracted from grsecurity.
Signed-off-by: Kees Cook
---
drivers/block/cc
Prepare to mark sensitive kernel structures for randomization by making
sure they're using designated initializers. These were identified during
allyesconfig builds of x86, arm, and arm64, with most initializer fixes
extracted from grsecurity.
Signed-off-by: Kees Cook
---
drivers/scsi/h
fix, new commit messages]
Signed-off-by: Kees Cook
---
drivers/scsi/esas2r/esas2r_init.c | 2 +-
drivers/scsi/esas2r/esas2r_ioctl.c | 2 +-
drivers/scsi/esas2r/esas2r_log.h | 4 ++--
drivers/scsi/esas2r/esas2r_main.c | 4 ++--
4 files changed, 6 insertions(+), 6 deletions(-)
diff --git a
On Thu, Jan 9, 2014 at 11:53 AM, Saxena, Sumit wrote:
>
>
>>-Original Message-----
>>From: Kees Cook [mailto:keesc...@google.com]
>>Sent: Friday, January 10, 2014 12:05 AM
>>To: Saxena, Sumit
>>Cc: Dan Carpenter; DL-MegaRAID Linux; James E.J. Bottomley;
->dataxferaddr = kioc->buf_paddr;
>> if (kioc->data_dir & UIOC_WR) {
>>+ if (pthru32->dataxferlen > kioc->xferlen)
>>+ return -EINVAL;
>> if (copy_from_user(kioc->buf_vaddr, kioc->user_data,
>>
This makes sure format strings cannot leak into the printk call via the
constructed buffer.
Signed-off-by: Kees Cook
Acked-by: Bradley Grove
---
v2:
- add newline via printk instead.
---
drivers/scsi/esas2r/esas2r_log.c |8 ++--
1 file changed, 2 insertions(+), 6 deletions(-)
diff
On Tue, Dec 17, 2013 at 9:42 PM, Joe Perches wrote:
> On Tue, 2013-12-17 at 10:27 -0800, Kees Cook wrote:
>> This makes sure format strings cannot leak into the printk call via the
>> constructed buffer.
> []
>> diff --git a/drivers/scsi/esas2r/esas2r_log.c
>> b/dr
On Tue, Dec 17, 2013 at 12:00 PM, Greg Kroah-Hartman
wrote:
> On Tue, Dec 17, 2013 at 10:27:33AM -0800, Kees Cook wrote:
>> This makes sure format strings cannot leak into the printk call via the
>> constructed buffer.
>>
>> Signed-off-by: Kees Cook
>> ---
>
This makes sure format strings cannot leak into the printk call via the
constructed buffer.
Signed-off-by: Kees Cook
---
drivers/scsi/esas2r/esas2r_log.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/esas2r/esas2r_log.c b/drivers/scsi/esas2r/esas2r_log.c
if (kioc->data_dir & UIOC_WR) {
> + if (pthru32->dataxferlen > kioc->xferlen)
> + return -EINVAL;
> if (copy_from_user(kioc->buf_vaddr, kioc->user_data,
> pthru32-&
This makes sure format strings cannot leak into the printk call via the
constructed buffer.
Signed-off-by: Kees Cook
---
drivers/scsi/esas2r/esas2r_log.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/esas2r/esas2r_log.c b/drivers/scsi/esas2r/esas2r_log.c
101 - 163 of 163 matches
Mail list logo