mloft.net>
Cc: Jiri Pirko <j...@mellanox.com>
Cc: Jamal Hadi Salim <j...@mojatatu.com>
Cc: Simon Horman <simon.hor...@netronome.com>
Cc: oss-driv...@netronome.com
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ethernet/netrono
ed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/hippi/rrunner.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/net/hippi/rrunner.c b/drivers/net/hippi/rrunner.c
index 76cc140774a2..8483f03d5a41 100644
--- a/drivers/net/hippi/rrunner.c
+++ b
el.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/hamradio/yam.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/hamradio/yam.c b/drivers/net/hamradio/yam.c
index 7a7c5224a336..b88c5cc00a63 100644
--- a
Cc: "David S. Miller" <da...@davemloft.net>
Cc: Allen Pais <allen.l...@gmail.com>
Cc: linux-...@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/can/grcan.c | 19 ---
driv
el.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ethernet/nuvoton/w90p910_ether.c | 9 -
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/drivers/net/ethernet/nuvoton/w90p910_ether.c
b/drivers/net/ethernet/nuvoton/w90p910_ether.c
index
.@davemloft.net>
Cc: David Howells <dhowe...@redhat.com>
Cc: Jay Vosburgh <jay.vosbu...@canonical.com>
Cc: Allen Pais <allen.l...@gmail.com>
Cc: Eric Dumazet <eduma...@google.com>
Cc: Tobias Klauser <tklau...@distanz.ch>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Co
a <vipul.pan...@samsung.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ethernet/samsung/sxgbe/sxgbe_main.c | 16 +++-
1 file changed, 7 insertions(+), 9 deletions(-)
diff --git a/drivers/net/ethernet/samsung/sxgbe/sxgbe_main.c
Tobias Klauser <tklau...@distanz.ch>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/wan/sdla.c | 12 +---
include/linux/if_frad.h | 1 +
2 files changed, 6 insertions(+), 7 deletions(-)
diff --git a/drivers/net/wan/sdl
In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.
Cc: Michael Grzeschik <m.grzesc...@pengutronix.de>
Cc: netdev@vger.kernel.org
Signed-off-by: Kee
This removes an entirely unused timer, which avoids needing to convert it
to timer_setup().
Cc: Francois Romieu <rom...@fr.zoreil.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/wan/dscc4.c | 20
1 file changed,
oft.net>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/wan/lmc/lmc_main.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/drivers/net/wan/lmc/lmc_main.c b/drivers/net/wan/lmc/lmc_main.c
index ae69d65158e6..37b1e0d03e31 1006
("isdn/gigaset: Convert timers to use timer_setup()")
Cc: Paul Bolle <pebo...@tiscali.nl>
Cc: Karsten Keil <i...@linux-pingi.de>
Cc: "David S. Miller" <da...@davemloft.net>
Cc: Johan Hovold <jo...@kernel.org>
Cc: gigaset307x-com...@lists.sourceforge.net
C
.com>
Cc: "yuval.sh...@oracle.com" <yuval.sh...@oracle.com>
Cc: Eric Dumazet <eduma...@google.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ethernet/tundra/tsi108_eth.c | 10 +-
1 file changed, 5 insertions(+), 5 dele
n.hu...@emc.com>
Cc: linux-...@googlegroups.com
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ntb_netdev.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/net/ntb_netdev.c b/drivers/net/ntb_netdev.c
index 02
id S. Miller" <da...@davemloft.net>
Cc: netdev@vger.kernel.org
Cc: tipc-discuss...@lists.sourceforge.net
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
Rebased on commit 0d5fcebf3c37 ("tipc: refactor tipc_sk_timeout() function").
---
net/tipc/discover.c | 6 +++---
net/
>
Cc: Arnd Bergmann <a...@arndb.de>
Cc: Greg Kroah-Hartman <gre...@linuxfoundation.org>
Cc: "yuval.sh...@oracle.com" <yuval.sh...@oracle.com>
Cc: Paul Gortmaker <paul.gortma...@windriver.com>
Cc: Philippe Reynes <trem...@gmail.com>
Cc: netdev@vger.kernel.org
S
On Mon, Oct 30, 2017 at 2:57 AM, Jon Maloy <jon.ma...@ericsson.com> wrote:
>
>
>> -Original Message-
>> From: keesc...@google.com [mailto:keesc...@google.com] On Behalf Of
>> Kees Cook
>> Sent: Friday, October 27, 2017 06:58
>> To: Jon Maloy <j
with
CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
Reported-by: Alexander Potapenko <gli...@google.com>
Cc: "David S. Miller" <da...@davemloft.net>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
net/socket.c | 1 +
1 file changed, 1 insertion(+)
dif
longer required unless you have a special firmware file that
> - resides in a non-standard path. Moreover, the udev support has
> - been deprecated upstream.
> + Enabling this option forces a sysfs userspace fallback mechanism
> + to be used for all firmware requests which explicitly do not
> disable a
> + a fallback mechanism. Firmware calls which do prohibit a fallback
> + mechanism is request_firmware_direct(). This option is kept for
> + backward compatibility purposes given this precise mechanism can
> also
> + be enabled by setting the proc sysctl value to true:
> +
> + /proc/sys/kernel/firmware_config/force_sysfs_fallback
>
> If you are unsure about this, say N here.
>
> +endif # FW_LOADER
> +endmenu
> +
> config WANT_DEV_COREDUMP
> bool
> help
> --
> 2.17.0
>
-Kees
--
Kees Cook
Pixel Security
ing.
>
> As for the rename that you wanted, perhaps we can do this late in the
> merge window considering we're at rc4 now. I can prep something up for
> that later.
>
> Question, and specially rants are warmly welcomed.
I sent some typo catches, but with those fixed, please c
On Wed, May 9, 2018 at 1:55 PM, Luis R. Rodriguez <mcg...@kernel.org> wrote:
> On Tue, May 08, 2018 at 03:42:33PM -0700, Kees Cook wrote:
>> On Tue, May 8, 2018 at 11:12 AM, Luis R. Rodriguez <mcg...@kernel.org> wrote:
>> > + This used to be the default firmw
th file interfaces,
I'm cautious to add a new blob interface. Maybe just pull all the
blob-finding/loading into the interface, and just make it something
like fork_usermode_kmod(struct module *mod, struct umh_info *info) ?
-Kees
--
Kees Cook
Pixel Security
; You could make the bitmap part of the dsa_switch structure. This is
> allocated by dsa_switch_alloc() and is passed the number of ports.
> Doing the allocation there means you don't need to worry about it
> failing in dsa_switch_mdb_add() or dsa_switch_vlan_add().
Are dsa_switch_mdb_add() and dsa_switch_vlan_add() guaranteed to be
single-threaded?
-Kees
--
Kees Cook
Pixel Security
default 1280 if (!64BIT && PARISC)
default 1024 if (!64BIT && !PARISC)
default 2048 if 64BIT
Just dropping the defconfig there should fix it. (And I think it was
just a mistake to port that value when splitting the um defconfig in
commit e40f04d040c6 ("arch/um: make it work with defconfig and
x86_64").
-Kees
--
Kees Cook
Pixel Security
-2936,7 +2936,7 @@ static int rtnl_newlink(struct sk_buff *skb, struct
>> nlmsghdr *nlh,
>> }
>>
>> if (m_ops) {
>> - if (ops->slave_maxtype > RTNL_SLAVE_MAX_TYPE)
>> + if (m_ops->slave_maxtype > RTNL_SLAVE_MAX_TYPE)
>> return -EINVAL;
>
>
> Oh nice
>
> CC Kees Cook.
Argh. Thank you, yes.
Acked-by: Kees Cook
-Kees
--
Kees Cook
Pixel Security
On Fri, Jun 29, 2018 at 4:47 PM, Daniel Borkmann wrote:
> On 06/29/2018 08:42 PM, Kees Cook wrote:
>> On Thu, Jun 28, 2018 at 2:34 PM, Daniel Borkmann
>> wrote:
>>> Kees suggested that if set_memory_*() can fail, we should annotate it with
>>> __must_ch
pened, the transition from RW -> RO could
> be made more robust that way, while subsequent RO -> RW transition /must/
> continue guaranteeing to always succeed the undo part.
Does this mean we can have BPF filters that aren't read-only then?
What's the situation where set_memory_ro() fai
[1]
http://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qpxydaacu1rq...@mail.gmail.com
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/net/etherne
On Wed, May 2, 2018 at 1:54 AM, Jose Abreu <jose.ab...@synopsys.com> wrote:
> Hi Kees,
>
> On 01-05-2018 22:01, Kees Cook wrote:
>> In the quest to remove all stack VLAs from the kernel[1], this switches
>> the "status" stack buffer to use the existing small
ere the argument needs
to be slightly adjusted to fetch the tsk from the sk again.
Thanks!
-Kees
--
Kees Cook
Pixel Security
In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.
Cc: Denis Kirjanov <k...@linux-powerpc.org>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook
In preparation for unconditionally passing the struct timer_list pointer to
all timer callbacks, switch to using the new timer_setup() and from_timer()
to pass the timer pointer explicitly.
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/etherne
al.sh...@oracle.com>
Cc: Eric Dumazet <eduma...@google.com>
Cc: Philippe Reynes <trem...@gmail.com>
Cc: Allen Pais <allen.l...@gmail.com>
Cc: Tobias Klauser <tklau...@distanz.ch>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
driver
ter-de...@vger.kernel.org
Cc: coret...@netfilter.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
net/netfilter/ipvs/ip_vs_conn.c | 10 +-
net/netfilter/ipvs/ip_vs_ctl.c | 7 +++
net/netfilter/ipvs/ip_vs_est.c | 6 +++---
net/netfilter/ipvs/ip_vs_lblc.
c: yuan linyu <linyu.y...@alcatel-sbell.com.cn>
Cc: Philippe Reynes <trem...@gmail.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ethernet/packetengines/hamachi.c | 14 +++---
drivers/net/ethernet/packetengines/yellowfi
anovsky <leo...@mellanox.com>
Cc: netdev@vger.kernel.org
Cc: linux-r...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ethernet/mellanox/mlx5/core/health.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/net/ethernet/mellan
c: Eric Dumazet <eduma...@google.com>
Cc: Philippe Reynes <trem...@gmail.com>
Cc: Wei Yongjun <weiyongj...@huawei.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ethernet/natsemi/natsemi.c | 10 +-
drivers/net/eth
l.sh...@oracle.com>
Cc: Allen Pais <allen.l...@gmail.com>
Cc: Stephen Hemminger <step...@networkplumber.org>
Cc: Philippe Reynes <trem...@gmail.com>
Cc: Johannes Berg <johannes.b...@intel.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <kee
: David Howells <dhowe...@redhat.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/appletalk/cops.c | 11 ++-
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/drivers/net/appletalk/cops.c b/drivers/net/appletalk/cops.
;
Cc: Florian Fainelli <f.faine...@gmail.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ethernet/korina.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/net/ethernet/korina.c b/drivers/net/et
net>
Cc: Allen Pais <allen.l...@gmail.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ethernet/amd/a2065.c | 13 ++---
drivers/net/ethernet/amd/am79c961a.c | 9 +
drivers/net/ethernet/amd/am79c961a.h
Leedom <lee...@chelsio.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/net/ethernet/chelsio/cxgb3/sge.c | 12 ++--
drivers/net/ethernet/chelsio/cxgb4/cxgb4_tc_flower.c | 7 +++
drivers/net/ethernet/chelsio/cxgb
arately in other trees. Obviously this is up to Dave, but it
seemed like a merge of tip/timers/core into net-next would be
confusing.
> You can add my Tested-by line.
Thanks for checking it!
-Kees
--
Kees Cook
Pixel Security
On Fri, Oct 27, 2017 at 11:18 AM, Kalle Valo <kv...@qca.qualcomm.com> wrote:
> Kees Cook <keesc...@chromium.org> wrote:
>
>> In preparation for unconditionally passing the struct timer_list pointer to
>> all timer callbacks, switch to using the new timer_setup
shf...@linux-ipv6.org>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
net/ipv4/raw.c | 2 ++
net/ipv6/raw.c | 2 ++
2 files changed, 4 insertions(+)
diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
index 33b70bfd1122..1b6fa4195ac9 100644
--- a/net/ipv4/raw.c
+++
n.org>
Cc: Nicholas Piggin <npig...@gmail.com>
Cc: Laura Abbott <labb...@redhat.com>
Cc: "Mickaël Salaün" <m...@digikod.net>
Cc: Ingo Molnar <mi...@kernel.org>
Cc: Thomas Gleixner <t...@linutronix.de>
Cc: Andy Lutomirski <l...@kernel.org>
Signed-o
om>
Cc: Andrew Morton <a...@linux-foundation.org>
Cc: linux...@kvack.org
Cc: linux-...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
mm/slab.c| 3 ++-
mm/slab.h| 3 ++-
mm/slab_common.c | 10 ++
3 files changed, 10 insertions(+), 6
Cc: Alexander Viro <v...@zeniv.linux.org.uk>
Cc: linux-fsde...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
fs/dcache.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/fs/dcache.c b/fs/dcache.c
index 5c7df1df81ff..92ad7a2168e1 100644
--- a/fs/dcac
at build time or a system is booted with
"slab_common.usercopy_fallback=0", usercopy whitelists will BUG() instead
of WARN(). This is useful for admins that want to use usercopy whitelists
immediately.
Suggested-by: Matthew Garrett <mj...@google.com>
Signed-off-by: Kees Cook <ke
ter <c...@linux.com>
Cc: Pekka Enberg <penb...@kernel.org>
Cc: David Rientjes <rient...@google.com>
Cc: Joonsoo Kim <iamjoonsoo@lge.com>
Cc: Andrew Morton <a...@linux-foundation.org>
Cc: linux...@kvack.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
Using %p was already mostly useless in the usercopy overflow reports,
so this removes it entirely to avoid confusion now that %p-hashing
is enabled.
Fixes: ad67b74d2469d9b8 ("printk: hash addresses printed with %p")
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
m
[kees: adjust commit log, provide usage trace]
Cc: Dave Kleikamp <sha...@kernel.org>
Cc: jfs-discuss...@lists.sourceforge.net
Signed-off-by: Kees Cook <keesc...@chromium.org>
Acked-by: Dave Kleikamp <dave.kleik...@oracle.com>
---
fs/jfs/super.c | 8 +---
1 file changed, 5 inse
x.org.uk>
Cc: linux-fsde...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
fs/dcache.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/dcache.c b/fs/dcache.c
index 92ad7a2168e1..9d7ee2de682c 100644
--- a/fs/dcache.c
+++ b/fs/dcache.c
@@ -3640,8 +3640,8 @@
ctures with usercopy hardening
enabled.
For now, allow writing to the entire struct on all architectures.
The KVM tree will not refine this to an architecture-specific
subset of struct kvm_vcpu_arch.
Cc: kernel-harden...@lists.openwall.com
Cc: Kees Cook <keesc...@chromium.org>
Cc: Christian Borntraeg
..@infradead.org>
Cc: linux-arm-ker...@lists.infradead.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
arch/arm/Kconfig | 1 +
arch/arm/include/asm/processor.h | 7 +++
2 files changed, 8 insertions(+)
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 51c8
: Kees Cook <keesc...@chromium.org>
Cc: Radim Krčmář <rkrc...@redhat.com>
Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
arch/x86/kvm/x86.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/arc
c: Ingo Molnar <mi...@kernel.org>
Cc: James Morse <james.mo...@arm.com>
Cc: "Peter Zijlstra (Intel)" <pet...@infradead.org>
Cc: Dave Martin <dave.mar...@arm.com>
Cc: zijun_hu <zijun...@htc.com>
Cc: linux-arm-ker...@lists.infradead.org
Signed-off-by:
s: add logic for by-default full-whitelist]
Cc: "David S. Miller" <da...@davemloft.net>
Cc: Eric Dumazet <eduma...@google.com>
Cc: Paolo Abeni <pab...@redhat.com>
Cc: David Howells <dhowe...@redhat.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chrom
es: adjust commit log, provide usage trace]
Cc: Luis de Bethencourt <lui...@kernel.org>
Cc: Salah Triki <salah.tr...@gmail.com>
Signed-off-by: Kees Cook <keesc...@chromium.org>
Acked-by: Luis de Bethencourt <lui...@kernel.org>
---
fs/befs/linuxvfs.c | 14 +-
1 fil
sen" <martin.peter...@oracle.com>
Cc: linux-s...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/scsi/scsi_lib.c | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi/scsi_lib.c
index 1cbc497e00bd..1
This updates the USERCOPY_HEAP_FLAG_* tests to USERCOPY_HEAP_WHITELIST_*,
since the final form of usercopy whitelisting ended up using an offset/size
window instead of the earlier proposed allocation flags.
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/misc/lkdtm.h
gt;
Cc: David Howells <dhowe...@redhat.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
net/core/sock.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/net/core/sock.c b/net/core/sock.c
index 261e6dbf0259..f39206b41b32 100644
--
l.org
Cc: Borislav Petkov <b...@suse.de>
Cc: Andy Lutomirski <l...@kernel.org>
Cc: Mathias Krause <mini...@googlemail.com>
Signed-off-by: Kees Cook <keesc...@chromium.org>
Acked-by: Rik van Riel <r...@redhat.com>
---
arch/x86/Kconfig | 1 +
arch/x86/include/a
commit log, split patch, provide usage trace]
Cc: Ingo Molnar <mi...@kernel.org>
Cc: Andrew Morton <a...@linux-foundation.org>
Cc: Thomas Gleixner <t...@linutronix.de>
Cc: Andy Lutomirski <l...@kernel.org>
Signed-off-by: Kees Cook <keesc...@chromium.org>
Acked-by: R
t commit log]
Cc: Vlad Yasevich <vyasev...@gmail.com>
Cc: Neil Horman <nhor...@tuxdriver.com>
Cc: "David S. Miller" <da...@davemloft.net>
Cc: linux-s...@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
net/sctp/sock
urity/PaX code.
Signed-off-by: David Windsor <d...@nullcore.net>
[kees: split from network patch, provide usage trace]
Cc: "David S. Miller" <da...@davemloft.net>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
net/caif/caif_socket.c | 2 ++
rg>
Cc: Andrew Morton <a...@linux-foundation.org>
Cc: Thomas Gleixner <t...@linutronix.de>
Cc: Andy Lutomirski <l...@kernel.org>
Signed-off-by: Kees Cook <keesc...@chromium.org>
Acked-by: Rik van Riel <r...@redhat.com>
---
kernel/fork.c | 5 +++--
1 file changed, 3 inser
code.
Signed-off-by: David Windsor <d...@nullcore.net>
[kees: adjust commit log, provide usage trace]
Cc: "Theodore Ts'o" <ty...@mit.edu>
Cc: Andreas Dilger <adilger.ker...@dilger.ca>
Cc: linux-e...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
--
gned-off-by: David Windsor <d...@nullcore.net>
[kees: adjust commit log, provide usage trace]
Cc: Jan Kara <j...@suse.com>
Cc: linux-e...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
Acked-by: Jan Kara <j...@suse.cz>
---
fs/ext2/super.c | 12 ++
t commit log]
Cc: Alexander Viro <v...@zeniv.linux.org.uk>
Cc: linux-fsde...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
fs/fhandle.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/fhandle.c b/fs/fhandle.c
index 0ace128f5d23..0ee7
g>
Cc: Laura Abbott <labb...@redhat.com>
Cc: Ingo Molnar <mi...@kernel.org>
Cc: Mark Rutland <mark.rutl...@arm.com>
Cc: linux...@kvack.org
Cc: linux-...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
mm/slab.c | 30 +++
com>
Cc: "David S. Miller" <da...@davemloft.net>
Cc: linux-s...@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
include/net/sctp/structs.h | 9 +++--
net/sctp/socket.c | 8
2 files changed, 15 inser
indsor <d...@nullcore.net>
[kees: adjust commit log, provide usage trace]
Cc: Steve French <sfre...@samba.org>
Cc: linux-c...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
fs/cifs/cifsfs.c | 10 ++
1 file changed, 6 insertions(+), 4 deletions(
ty/PaX based on my
understanding of the code. Changes or omissions from the original code are
mine and don't reflect the original grsecurity/PaX code.
Signed-off-by: David Windsor <d...@nullcore.net>
[kees: adjust commit log, provide usage trace]
Cc: Christoph Hellwig <h...@infradead.org>
S
anding of the code. Changes or omissions from the original code are
mine and don't reflect the original grsecurity/PaX code.
Signed-off-by: David Windsor <d...@nullcore.net>
[kees: adjust commit log, provide usage trace]
Cc: Boaz Harrosh <o...@electrozaur.com>
Signed-off-by: Kees Cook &
.@nullcore.net>
[kees: adjust commit log, provide usage trace]
Cc: Evgeniy Dushistov <dushis...@mail.ru>
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
fs/ufs/super.c | 13 -
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/fs/ufs/super.c b/fs/ufs/supe
Instead of doubling the size, push the start position up by 16 bytes to
still trigger an overflow. This allows to verify that offset reporting
is working correctly.
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
drivers/misc/lkdtm_usercopy.c | 13 +
1 file changed, 9 inse
v4:
- refactor reporting to include offset and remove %p
- explicitly WARN by default for the whitelisting
- add KVM whitelists and harden ioctl handling
v3:
- added LKDTM update patch
- downgrade BUGs to WARNs and fail closed
- add Acks/Reviews from v2
v2:
- added tracing of allocation and
oo Kim <iamjoonsoo@lge.com>
Cc: Andrew Morton <a...@linux-foundation.org>
Cc: linux...@kvack.org
Cc: linux-...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
include/linux/slab.h | 27 +--
include/linux/slab_def.h | 3 +++
This refactors the hardened usercopy reporting code so that the object
offset can be included in the report. Having the offset can be much more
helpful in understanding usercopy bugs.
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
include/linux/slab.h| 11 +++--
include
..@omnibond.com>
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
fs/orangefs/super.c | 15 ++-
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/fs/orangefs/super.c b/fs/orangefs/super.c
index 36f1390b5ed7..62d49e53061c 100644
--- a/fs/orangefs/super.c
+++ b/fs
n.org>
Cc: Nicholas Piggin <npig...@gmail.com>
Cc: Laura Abbott <labb...@redhat.com>
Cc: "Mickaël Salaün" <m...@digikod.net>
Cc: Ingo Molnar <mi...@kernel.org>
Cc: Thomas Gleixner <t...@linutronix.de>
Cc: Andy Lutomirski <l...@kernel.org>
Signed-o
l.org
Cc: Borislav Petkov <b...@suse.de>
Cc: Andy Lutomirski <l...@kernel.org>
Cc: Mathias Krause <mini...@googlemail.com>
Signed-off-by: Kees Cook <keesc...@chromium.org>
Acked-by: Rik van Riel <r...@redhat.com>
---
arch/x86/Kconfig | 1 +
arch/x86/include/a
gned-off-by: David Windsor <d...@nullcore.net>
[kees: adjust commit log, provide usage trace]
Cc: Jan Kara <j...@suse.com>
Cc: linux-e...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
Acked-by: Jan Kara <j...@suse.cz>
---
fs/ext2/super.c | 12 ++
code.
Signed-off-by: David Windsor <d...@nullcore.net>
[kees: adjust commit log, provide usage trace]
Cc: "Theodore Ts'o" <ty...@mit.edu>
Cc: Andreas Dilger <adilger.ker...@dilger.ca>
Cc: linux-e...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
--
...@arm.com>
Cc: linux...@kvack.org
Cc: linux-...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
mm/slab.c | 22 +++---
mm/slab.h | 2 ++
mm/slub.c | 23 +++
mm/usercopy.c | 21 ++---
4 files changed, 58
[kees: adjust commit log, provide usage trace]
Cc: Dave Kleikamp <sha...@kernel.org>
Cc: jfs-discuss...@lists.sourceforge.net
Signed-off-by: Kees Cook <keesc...@chromium.org>
Acked-by: Dave Kleikamp <dave.kleik...@oracle.com>
---
fs/jfs/super.c | 8 +---
1 file changed, 5 inse
..@infradead.org>
Cc: linux-arm-ker...@lists.infradead.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
arch/arm/Kconfig | 1 +
arch/arm/include/asm/processor.h | 7 +++
2 files changed, 8 insertions(+)
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 51c8
anding of the code. Changes or omissions from the original code are
mine and don't reflect the original grsecurity/PaX code.
Signed-off-by: David Windsor <d...@nullcore.net>
[kees: adjust commit log, provide usage trace]
Cc: Boaz Harrosh <o...@electrozaur.com>
Signed-off-by: Kees Cook &
Using %p was already mostly useless in the usercopy overflow reports,
so this removes it entirely to avoid confusion now that %p-hashing
is enabled.
Fixes: ad67b74d2469d9b8 ("printk: hash addresses printed with %p")
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
m
urity/PaX code.
Signed-off-by: David Windsor <d...@nullcore.net>
[kees: split from network patch, provide usage trace]
Cc: "David S. Miller" <da...@davemloft.net>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
net/caif/caif_socket.c | 2 ++
com>
Cc: "David S. Miller" <da...@davemloft.net>
Cc: linux-s...@vger.kernel.org
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
include/net/sctp/structs.h | 9 +++--
net/sctp/socket.c | 8
2 files changed, 15 inser
ty/PaX based on my
understanding of the code. Changes or omissions from the original code are
mine and don't reflect the original grsecurity/PaX code.
Signed-off-by: David Windsor <d...@nullcore.net>
[kees: adjust commit log, provide usage trace]
Cc: Christoph Hellwig <h...@infradead.org>
S
s: add logic for by-default full-whitelist]
Cc: "David S. Miller" <da...@davemloft.net>
Cc: Eric Dumazet <eduma...@google.com>
Cc: Paolo Abeni <pab...@redhat.com>
Cc: David Howells <dhowe...@redhat.com>
Cc: netdev@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chrom
c: Ingo Molnar <mi...@kernel.org>
Cc: James Morse <james.mo...@arm.com>
Cc: "Peter Zijlstra (Intel)" <pet...@infradead.org>
Cc: Dave Martin <dave.mar...@arm.com>
Cc: zijun_hu <zijun...@htc.com>
Cc: linux-arm-ker...@lists.infradead.org
Signed-off-by:
ctures with usercopy hardening
enabled.
For now, allow writing to the entire struct on all architectures.
The KVM tree will not refine this to an architecture-specific
subset of struct kvm_vcpu_arch.
Cc: kernel-harden...@lists.openwall.com
Cc: Kees Cook <keesc...@chromium.org>
Cc: Christian Borntraeg
Cc: Andrew Morton <a...@linux-foundation.org>
Cc: linux...@kvack.org
Cc: linux-...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
Acked-by: Christoph Lameter <c...@linux.com>
---
include/linux/slab.h | 27 +--
include/linux/slab_def.h | 3 +
Cc: Alexander Viro <v...@zeniv.linux.org.uk>
Cc: linux-fsde...@vger.kernel.org
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
fs/dcache.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/fs/dcache.c b/fs/dcache.c
index 5c7df1df81ff..92ad7a2168e1 100644
--- a/fs/dcac
v5:
- add Acks
- split stddef changes into separate patch
- further refactor reporting code for readability
- adjust enforcement code for greater readability
v4:
- refactor reporting to include offset and remove %p
- explicitly WARN by default for the whitelisting
- add KVM whitelists and harden
available to the slab allocators, and adds new "detail"
and "offset" arguments.
Signed-off-by: Kees Cook <keesc...@chromium.org>
---
mm/slab.h | 6 ++
mm/usercopy.c | 24 +++-
tools/objtool/check.c | 1 +
3 files changed, 26
401 - 500 of 602 matches
Mail list logo