t
significant memory usage overhead). For example, a 132 byte structure
with an 8 byte alignment could be randomized into 15 locations within
the 256 byte bucket: (256 - 132) / 8.
Signed-off-by: Kees Cook
---
Cc: Christoph Lameter
Cc: Pekka Enberg
Cc: David Rientjes
Cc: Joonsoo Kim
Cc: And
6ed
6e9: R_X86_64_PLT32 __kmalloc_noprof-0x4
Signed-off-by: Kees Cook
---
Cc: Christoph Lameter
Cc: Pekka Enberg
Cc: David Rientjes
Cc: Joonsoo Kim
Cc: Andrew Morton
Cc: Vlastimil Babka
Cc: Roman Gushchin
Cc: Hyeonggon Yoo <42.hye...@gmail.com>
Cc:
ne safely (or cannot be done without
significant memory usage overhead). For example, a 132 byte structure
with an 8 byte alignment could be randomized into 15 locations within
the 256 byte bucket: (256 - 132) / 8.
Thanks!
-Kees
Kees Cook (4):
compiler_types: Add integral/p
up, this reads from regs starting at bx, rather than only bx. I will send to
patch to expand it (like is done for compat mode a few lines later).
-Kees
--
Kees Cook
On Fri, Jul 05, 2024 at 09:10:36AM +0200, Peter Zijlstra wrote:
> On Wed, Jul 03, 2024 at 01:36:19PM -0700, Kees Cook wrote:
>
> > Yes, please use struct_size_t(). This is exactly what it was designed for.
>
> Kees, please, just let up, not going to happen. I'm getting re
On Fri, Jul 05, 2024 at 07:54:16PM +0200, Mickaël Salaün wrote:
> On Thu, Jul 04, 2024 at 05:18:04PM -0700, Kees Cook wrote:
> > On Thu, Jul 04, 2024 at 09:01:34PM +0200, Mickaël Salaün wrote:
> > > Such a secure environment can be achieved with an appropriate access
> &g
able to open the fd _at all_ when O_MAYEXEC
is being checked seems substantially safer to me...
--
Kees Cook
P_FOLLOW;
[...]
> + * To avoid race conditions leading to time-of-check to time-of-use issues,
> + * AT_CHECK should be used with AT_EMPTY_PATH to check against a file
> + * descriptor instead of a path.
I want this enforced by the kernel. Let's not leave trivial ToCToU
foot-guns around. i.e.:
if ((flags & AT_CHECK) == AT_CHECK && (flags & AT_EMPTY_PATH) == 0)
return ERR_PTR(-EBADF);
--
Kees Cook
ithub, etc).
There may still some glitches left from the mediawiki -> markdown
conversion, but I tried to fix them all. If you find anything I missed,
please send a PR! :)
Thanks!
-Kees
--
Kees Cook
nce with __counted_by:
+ int sessions_cnt;
+ struct session_consumer sessions[] __counted_by(sessions_cnt);
--
Kees Cook
or builtin code).
>
> Fixes: b6c1c5745ccc ("dm: Add verity helpers for LoadPin")
> Cc: sta...@vger.kernel.org
> Cc: Matthias Kaehlcke
> Cc: Kees Cook
> Signed-off-by: Eric Biggers
Ah! Nice catch.
Reviewed-by: Kees Cook
--
Kees Cook
On Wed, Jul 03, 2024 at 10:22:11AM +0200, Petr Mladek wrote:
> On Wed 2024-07-03 09:57:26, Jocelyn Falempe wrote:
> >
> >
> > On 02/07/2024 22:29, Kees Cook wrote:
> > > On Tue, Jul 02, 2024 at 02:26:04PM +0200, Jocelyn Falempe wrote:
> > > > kmsg_dump
On Wed, Jul 03, 2024 at 10:22:11AM +0200, Petr Mladek wrote:
> On Wed 2024-07-03 09:57:26, Jocelyn Falempe wrote:
> >
> >
> > On 02/07/2024 22:29, Kees Cook wrote:
> > > On Tue, Jul 02, 2024 at 02:26:04PM +0200, Jocelyn Falempe wrote:
> > > > kmsg_dump
rg/kees/c/3a8ccb6a6829
Take care,
--
Kees Cook
l1
add x0, x0, #:lo12:kstack_offset
ldr w0, [x0, x5]
// offset = KSTACK_OFFSET_MAX(offset)
and x0, x0, #0x3f0
// alloca(offset)
sub sp, x4, x0
Suggested-by: Mark Rutland
Link: https://lore.kernel.org/lkml/ZnVfOnIuFl2kNWkT@J2N7QTR9R3/ [1]
son, like "sysrq triggered crash"
> or "VFS: Unable to mount root fs on " on the drm panic screen.
>
> v2:
> * Use a struct kmsg_dump_detail to hold the reason and description
> pointer, for more flexibility if we want to add other parameters.
&g
son, like "sysrq triggered crash"
> or "VFS: Unable to mount root fs on " on the drm panic screen.
>
> v2:
> * Use a struct kmsg_dump_detail to hold the reason and description
> pointer, for more flexibility if we want to add other parameters.
&g
On Tue, Jul 02, 2024 at 11:24:57AM +0200, Vlastimil Babka wrote:
> On 7/1/24 9:12 PM, Kees Cook wrote:
> >
> > Kees Cook (6):
> > mm/slab: Introduce kmem_buckets typedef
> > mm/slab: Plumb kmem_buckets into __do_kmalloc_node()
> > mm/slab: Introduce kvma
On Tue, Jul 02, 2024 at 11:19:28AM +0200, Vlastimil Babka wrote:
> On 7/1/24 9:13 PM, Kees Cook wrote:
> > #ifdef SLAB_SUPPORTS_SYSFS
> > /*
> > * For a given kmem_cache, kmem_cache_destroy() should only be called
> > @@ -931,6 +1023,10 @@ void __init
://github.com/a13xp0p0v/kernel-hack-drill/blob/master/drill_exploit_uaf.c
[4]
Signed-off-by: Kees Cook
---
mm/util.c | 14 --
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/mm/util.c b/mm/util.c
index 28c5356b9f1c..29189f48ee04 100644
--- a/mm/util.c
+++ b/mm/util.c
-writeup.html [3]
Link: https://a13xp0p0v.github.io/2021/02/09/CVE-2021-26708.html [4]
Link:
https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
[5]
Link: https://zplin.me/papers/ELOISE.pdf [6]
Link: https://syst3mfailure.io/wall-of-perdition/ [7]
Signed-off-by: Kees Cook
Plumb kmem_buckets arguments through kvmalloc_node_noprof() so it is
possible to provide an API to perform kvmalloc-style allocations with
a particular set of buckets. Introduce kvmalloc_buckets_node() that takes a
kmem_buckets argument.
Signed-off-by: Kees Cook
---
include/linux/slab.h | 4
Encapsulate the concept of a single set of kmem_caches that are used
for the kmalloc size buckets. Redefine kmalloc_caches as an array
of these buckets (for the different global cache buckets).
Signed-off-by: Kees Cook
---
include/linux/slab.h | 5 +++--
mm/slab_common.c | 3 +--
2 files
ux-kernel-memory.html
[2]
Link:
https://lore.kernel.org/lkml/20230915105933.495735-1-matteori...@google.com/ [3]
Signed-off-by: Kees Cook
---
include/linux/slab.h | 12 ++
mm/slab_common.c | 96
2 files changed, 108 insertions(+)
diff --git
drill_exploit_uaf.c
[4]
Thanks!
-Kees
Kees Cook (6):
mm/slab: Introduce kmem_buckets typedef
mm/slab: Plumb kmem_buckets into __do_kmalloc_node()
mm/slab: Introduce kvmalloc_buckets_node() that can take kmem_buckets
argument
mm/slab: Introduce kmem_buckets_create() and family
the global kmalloc buckets unconditionally.
Co-developed-by: Vlastimil Babka
Signed-off-by: Vlastimil Babka
Signed-off-by: Kees Cook
---
include/linux/slab.h| 27 ++-
kernel/configs/hardening.config | 1 +
mm/Kconfig | 17 +
gt; more appropriate. Fixed in git, thanks.
Thanks! You can even use the 2-argument version. :)
--
Kees Cook
n't
any "new" information here that should be captured somehow.
Thanks!
--
Kees Cook
n't
any "new" information here that should be captured somehow.
Thanks!
--
Kees Cook
d_by from mxser_board.ports[]
https://git.kernel.org/kees/c/1c07c9be87dd
Take care,
--
Kees Cook
" argument. Do we want to hard-code a
per-cache-size alignment for the caches in a kmem_buckets collection?
--
Kees Cook
On Sat, Jun 22, 2024 at 06:47:39AM -0700, Guenter Roeck wrote:
> Hi,
>
> On Wed, Jun 12, 2024 at 12:59:18PM -0700, Kees Cook wrote:
> > For tests that need to allocate using vm_mmap() (e.g. usercopy and
> > execve), provide the interface to have the allocation tracked by K
On Fri, Jun 21, 2024 at 02:44:05PM -0700, Guenter Roeck wrote:
> On 6/21/24 13:50, Kees Cook wrote:
> > Hi,
> >
> > This pair of patches replaces the last patch in this[1] series.
> >
> > Perform bprm argument overflow checking but only do argmin checks for M
* [/home/marvin/linux/kernel/linux_torvalds/Makefile:1555:
> bindeb-pkg] Error 2
> make: *** [Makefile:240: __sub-make] Error 2
Does this patch solve the problem for you?
https://lore.kernel.org/lkml/20240604044228.2910712-1-liujinl...@kylinos.cn/
-Kees
--
Kees Cook
fix (which was already on his radar, so it won't be lost).
If it's easier/helpful, I can land this via the hardening tree? I was
the one who sent the bad patch originally. :)
Thanks!
-Kees
--
Kees Cook
4:25 PM Kees Cook wrote:
> >
> > Since arch_pick_mmap_layout() is an inline for non-MMU systems, disable
> > this test there.
> >
> > Reported-by: kernel test robot
> > Closes:
> > https://lore.kernel.org/oe-kbuild-all/202406160505.ubge6tmy-...@intel.com/
&g
On Fri, Jun 21, 2024 at 12:08:42PM +0100, Mark Rutland wrote:
> On Thu, Jun 20, 2024 at 11:34:22AM -0700, Kees Cook wrote:
> > On Thu, Jun 20, 2024 at 11:47:58AM +0800, liuyuntao (F) wrote:
> > >
> > >
> > > On 2024/6/20 5:47, Kees Cook wrote:
> &g
affect the immediate you want to get at. And if it does this
> prefix, should we worry about other prefixes? Ideally we'd not accept
> any prefixes.
AFAICT it's because it's a small immediate? For an x86_64 build, this is
how Clang is generating the UD1.
-Kees
--
Kees Cook
4 + 4 + 4 * OMAP_TLL_CHANNEL_COUNT (20)
or
4 + 4 + 4 * OMAP_REV2_TLL_CHANNEL_COUNT (16)
the latter would have ended up in the same kmalloc bucket (12 would be
rounded up to 16), but with the ARM alignment issue, the minimum bucket
size would effectively be tied to CONFIG_ARM_L1_CACH
rules in
> :ref:`Documentation/process/stable-kernel-rules.rst `,
> and make sure you include appropriate Fixes tags!
>
> See:
> https://www.kernel.org/doc/html/next/process/maintainer-netdev.html#stable-tree
Ah-ha! Thanks. I will fix my brain. :)
--
Kees Cook
c
@@ -8,7 +8,7 @@
#include
static void kmsg_dumper_stdout(struct kmsg_dumper *dumper,
- enum kmsg_dump_reason reason)
+ struct kmsg_dump_detail *detail)
{
static struct kmsg_dump_iter iter;
static DEFINE_SPINLOCK(lock);
--
Kees Cook
c
@@ -8,7 +8,7 @@
#include
static void kmsg_dumper_stdout(struct kmsg_dumper *dumper,
- enum kmsg_dump_reason reason)
+ struct kmsg_dump_detail *detail)
{
static struct kmsg_dump_iter iter;
static DEFINE_SPINLOCK(lock);
--
Kees Cook
reference links (or as
>standard as markdown gets).
It's a good point. If we're formalizing this, why not literally use markdown
instead? (I guess the answer is that out-of-line links/footnotes isn't
standardized.)
Playing devil's advocate, outside of the kernel, these are the two most common
styles I've seen:
Foo[1]
...
[1]: https://
and
Bar[^1]
...
[^1] https://...
Personally, I only want to have a single official way to do this, and don't
care much what it is. I have a minor preference for what you've described:
Baz[1]
...
[1] https://...
-Kees
--
Kees Cook
rep 'Link: \[' links.txt | wc -l
44
# Link: URL... [#1]
$ grep 'Link: .*\[#' links.txt | wc -l
12
--
Kees Cook
org/r/20240520021615.741800-2-keesc...@chromium.org
Signed-off-by: Kees Cook
---
Cc: Guenter Roeck
Cc: Eric Biederman
Cc: Justin Stitt
Cc: Alexander Viro
Cc: Christian Brauner
Cc: Jan Kara
Cc: linux-fsde...@vger.kernel.org
Cc: linux...@kvack.org
---
fs/exec.c | 10 +-
fs/exec_test.c
l/20181126122307.ga1...@redhat.com [1]
Link: https://lore.kernel.org/all/202406211253.7037F69@keescook/ [2]
Signed-off-by: Kees Cook
---
Cc: Guenter Roeck
Cc: Eric Biederman
Cc: Alexander Viro
Cc: Christian Brauner
Cc: Jan Kara
Cc: Alexey Dobriyan
Cc: Laurent Vivier
Cc: Lukas Bul
)!
-Kees
[1] https://lore.kernel.org/all/20240520021337.work.198-k...@kernel.org/
Kees Cook (2):
execve: Keep bprm->argmin behind CONFIG_MMU
exec: Avoid pathological argc, envc, and bprm->p values
fs/exec.c | 36 +---
fs/exec_test.c
On Fri, Jun 21, 2024 at 06:21:15AM -0700, Guenter Roeck wrote:
> On 6/21/24 00:00, Kees Cook wrote:
> > On Thu, Jun 20, 2024 at 05:19:55PM -0700, Guenter Roeck wrote:
> > > Hi,
> > >
> > > On Sun, May 19, 2024 at 07:16:12PM -0700, Kees Cook wrote:
> >
warn-and-block for these kinds of detected memcpy()s, but for now there
should not be any behavioral changes seen besides the WARN appearing.
-Kees
--
Kees Cook
On Thu, Jun 20, 2024 at 05:19:55PM -0700, Guenter Roeck wrote:
> Hi,
>
> On Sun, May 19, 2024 at 07:16:12PM -0700, Kees Cook wrote:
> > Make sure nothing goes wrong with the string counters or the bprm's
> > belief about the stack pointer. Add checks and matching self-
On Thu, Jun 20, 2024 at 03:48:24PM -0700, Andi Kleen wrote:
> Kees Cook writes:
>
> > Dedicated caches are available for fixed size allocations via
> > kmem_cache_alloc(), but for dynamically sized allocations there is only
> > the global kmalloc API's set of buc
roach?
Yeah, based on this and what mpe said, I have no objection to just
allowing it in kmem_cache_create_usercopy(). I was mainly just curious
what the threat model was. :)
Reviewed-by: Kees Cook
--
Kees Cook
roach?
Yeah, based on this and what mpe said, I have no objection to just
allowing it in kmem_cache_create_usercopy(). I was mainly just curious
what the threat model was. :)
Reviewed-by: Kees Cook
--
Kees Cook
ssing invocation of the MODULE_DESCRIPTION() macro.
>
>
> [...]
Applied to for-next/hardening, thanks!
[1/1] string: kunit: add missing MODULE_DESCRIPTION() macros
https://git.kernel.org/kees/c/e3890eadadad
Take care,
--
Kees Cook
On Thu, Jun 20, 2024 at 03:56:27PM +0200, Vlastimil Babka wrote:
> On 6/19/24 9:33 PM, Kees Cook wrote:
> > Dedicated caches are available for fixed size allocations via
> > kmem_cache_alloc(), but for dynamically sized allocations there is only
> > the global kmalloc
On Thu, Jun 20, 2024 at 03:08:32PM +0200, Vlastimil Babka wrote:
> On 6/19/24 9:33 PM, Kees Cook wrote:
> > Introduce CONFIG_SLAB_BUCKETS which provides the infrastructure to
> > support separated kmalloc buckets (in the following kmem_buckets_create()
> > patches and
On Thu, Jun 20, 2024 at 03:37:31PM +0200, Vlastimil Babka wrote:
> On 6/20/24 3:08 PM, Vlastimil Babka wrote:
> > On 6/19/24 9:33 PM, Kees Cook wrote:
> > I was wondering why I don't see the buckets in slabinfo and turns out it was
> > SLAB_MERGE_DEFAULT. It wou
On Thu, Jun 20, 2024 at 11:47:58AM +0800, liuyuntao (F) wrote:
>
>
> On 2024/6/20 5:47, Kees Cook wrote:
> > An unintended consequence of commit 9c573cd31343 ("randomize_kstack:
> > Improve entropy diffusion") was that the per-architecture entropy size
> >
On Tue, Jun 18, 2024 at 10:22:42AM +0200, Peter Zijlstra wrote:
> On Mon, Jun 17, 2024 at 10:28:20AM -0700, Kees Cook wrote:
>
> > But, using type attributes we have much more flexibility. Hence, the
> > proposed "wraps" attribute:
> > https://github.com/llvm
quot;randomize_kstack: Improve entropy diffusion")
Link: https://lore.kernel.org/r/20240617133721.377540-1-liuyunta...@huawei.com
Signed-off-by: Kees Cook
---
Cc: Arnd Bergmann
Cc: Mark Rutland
---
arch/arm64/kernel/syscall.c | 16 +++-
arch/s390/include/asm/entry-com
On Wed, Jun 19, 2024 at 11:13:22PM +0200, Javier Carrasco wrote:
> This case of the common error message upon failure of
> input_allocate_device() repeats the word "input".
>
> Drop one "input" from the error message.
>
> Signed-off-by: Javier Carrasco
Reviewed-by: Kees Cook
--
Kees Cook
On Wed, Jun 19, 2024 at 11:13:21PM +0200, Javier Carrasco wrote:
> Use the __counted_by compiler attribute for the data[] flexible array
> member to improve the results of array bound sanitizers.
>
> Signed-off-by: Javier Carrasco
Looks good to me. Thanks!
Reviewed-by: Kees Coo
On Wed, Jun 19, 2024 at 11:12:25PM +0200, Arnd Bergmann wrote:
> On Wed, Jun 19, 2024, at 22:50, Kees Cook wrote:
> > On Tue, Jun 18, 2024 at 04:41:01PM -0700, Jeff Johnson wrote:
> >> I see the following in my .config:
> >> CONFIG_HAVE_GCC_PLUGINS=
odpost: missing MODULE_DESCRIPTION() in lib/test_bits.o
>
> Add the missing invocations of the MODULE_DESCRIPTION() macro.
>
> Signed-off-by: Jeff Johnson
Thanks for chasing these down!
Reviewed-by: Kees Cook
--
Kees Cook
~^~
Fixes: aa4ec06c455d ("wifi: cfg80211: use __counted_by where appropriate")
Signed-off-by: Kees Cook
---
Cc: Miri Korenblit
Cc: Kalle Valo
Cc: Johannes Berg
Cc: Gustavo A. R. Silva
Cc: Luca Coelho
Cc: Gregory Greenman
Cc: Yedidya Ben
odconfig should turn them off.
Well, the plugins work with all the other compiler versions all the
various CI systems use. :) For example, I don't see this with distro
cross compilers:
$ mipsel-linux-gnu-gcc --version
mipsel-linux-gnu-gcc (Ubuntu 12.3.0-1ubuntu1) 12.3.0
I suspect this is a problem with the kernel.org crosstool builds? I'm
CCing Arnd, who might know more about this.
-Kees
--
Kees Cook
ight want to do
> > more, while general-purpouse distros might want a more relaxed
> > policy, because for e.g. foll_force=all and write=all both break
> > break GDB, so it might be a bit excessive.
> >
> > Based on an initial patch by Mike Frysinger .
> >
> I
On Wed, Jun 19, 2024 at 11:38:31AM -0700, Jeff Johnson wrote:
> On 6/12/24 12:59, Kees Cook wrote:
> > Convert the runtime tests of hardened usercopy to standard KUnit tests.
> >
> > Additionally disable usercopy_test_invalid() for systems with separate
> > address sp
On Wed, Jun 19, 2024 at 09:42:44PM +0200, Javier Carrasco wrote:
> Use the __counted_by compiler attribute for the data[] flexible array
> member to improve the results of array bound sanitizers.
>
> Reviewed-by: Nathan Chancellor
> Signed-off-by: Javier Carrasco
Reviewe
On Wed, Jun 19, 2024 at 09:42:45PM +0200, Javier Carrasco wrote:
> Use the struct_size macro to calculate the size of the pkt, which
> includes a trailing flexible array.
>
> Suggested-by: Nathan Chancellor
> Signed-off-by: Javier Carrasco
Reviewed-by: Kees Cook
--
Kees Cook
All fake flexible arrays should have been removed now, so remove the
special casing that was avoiding checking them. If a destination claims
to be 0 sized, believe it. This is especially important for cases where
__counted_by is in use and may have a 0 element count.
Signed-off-by: Kees Cook
From: Jeff Johnson
Fix warning seen with:
$ make allmodconfig && make W=1 C=1 lib/usercopy_kunit.ko
WARNING: modpost: missing MODULE_DESCRIPTION() in lib/usercopy_kunit.o
Signed-off-by: Jeff Johnson
Signed-off-by: Kees Cook
---
At Jeff's reminder, I've split
Since arch_pick_mmap_layout() is an inline for non-MMU systems, disable
this test there.
Reported-by: kernel test robot
Closes:
https://lore.kernel.org/oe-kbuild-all/202406160505.ubge6tmy-...@intel.com/
Signed-off-by: Kees Cook
---
Resending as v2 with Shuah in To:
---
Cc: Shuah Khan
Cc
-writeup.html [3]
Link: https://a13xp0p0v.github.io/2021/02/09/CVE-2021-26708.html [4]
Link:
https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
[5]
Link: https://zplin.me/papers/ELOISE.pdf [6]
Link: https://syst3mfailure.io/wall-of-perdition/ [7]
Signed-off-by: Kees Cook
://github.com/a13xp0p0v/kernel-hack-drill/blob/master/drill_exploit_uaf.c
[4]
Signed-off-by: Kees Cook
---
mm/util.c | 14 --
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/mm/util.c b/mm/util.c
index 28c5356b9f1c..6f0fcc5f4243 100644
--- a/mm/util.c
+++ b/mm/util.c
keescook [1]
Link:
https://googleprojectzero.blogspot.com/2021/10/how-simple-linux-kernel-memory.html
[2]
Link:
https://lore.kernel.org/lkml/20230915105933.495735-1-matteori...@google.com/ [3]
Signed-off-by: Kees Cook
---
include/linux/slab.h | 13
mm/slab_common.c | 78
Plumb kmem_buckets arguments through kvmalloc_node_noprof() so it is
possible to provide an API to perform kvmalloc-style allocations with
a particular set of buckets. Introduce kvmalloc_buckets_node() that takes a
kmem_buckets argument.
Signed-off-by: Kees Cook
---
include/linux/slab.h | 4
The actual extern
functions can then been built without the argument, and the internals
fall back to the global kmalloc buckets unconditionally.
Co-developed-by: Vlastimil Babka
Signed-off-by: Vlastimil Babka
Signed-off-by: Kees Cook
---
include/linux/slab.h | 27 ++-
Encapsulate the concept of a single set of kmem_caches that are used
for the kmalloc size buckets. Redefine kmalloc_caches as an array
of these buckets (for the different global cache buckets).
Signed-off-by: Kees Cook
---
include/linux/slab.h | 5 +++--
mm/slab_common.c | 3 +--
2 files
x-kernel-heap-spray [2]
Link: https://etenal.me/archives/1336 [3]
Link:
https://github.com/a13xp0p0v/kernel-hack-drill/blob/master/drill_exploit_uaf.c
[4]
Thanks!
-Kees
Kees Cook (6):
mm/slab: Introduce kmem_buckets typedef
mm/slab: Plumb kmem_buckets into __do_kmalloc_node(
On Mon, Jun 17, 2024 at 10:33:08PM +0200, Arnd Bergmann wrote:
> On Mon, Jun 17, 2024, at 20:22, Kees Cook wrote:
> > On Mon, Jun 17, 2024 at 04:52:15PM +0100, Mark Rutland wrote:
> >> On Mon, Jun 17, 2024 at 01:37:21PM +, Yuntao Liu wrote:
> >> > Since the offs
On Tue, Jun 18, 2024 at 12:13:27AM +0200, Thomas Gleixner wrote:
> On Wed, Jun 12 2024 at 11:42, Kees Cook wrote:
> > On Tue, Jun 11, 2024 at 01:26:09PM -0700, Gatlin Newhouse wrote:
> >> It seems that is_valid_bugaddr() needs to be implemented on all
> >> architec
entries; i++) {
+ if (WARN_ON_ONCE(i >= ARRAY_SIZE(sg->gce)))
+ break;
gce = &sg->gce[i];
ips = sparx5_psfp_ipv_to_ips(gce->ipv);
/* hardware needs TimeInterval to be cumulative */
--
Kees Cook
On Fri, Jun 14, 2024 at 09:50:05AM -0600, Shuah Khan wrote:
> On 6/12/24 13:59, Kees Cook wrote:
> > Convert the runtime tests of hardened usercopy to standard KUnit tests.
> >
> > Additionally disable usercopy_test_invalid() for systems with separate
> > address spaces
to for-next/pstore, thanks!
[1/1] pstore: platform: add missing MODULE_DESCRIPTION() macro
https://git.kernel.org/kees/c/9b3c13c9ea4e
Take care,
--
Kees Cook
Update current email address for Kees Cook in the MAINTAINER file to
match the change from commit 4e173c825b19 ("mailmap: update entry for
Kees Cook").
Signed-off-by: Kees Cook
---
MAINTAINERS | 28 ++--
1 file changed, 14 insertions(+), 14 deletions(-)
di
needs to explain why it's safe add extra bits (2 on arm64, 3 on s39 and
> x86), and those comments need to be updated accordingly.
>
> As-is, I do not think this patch is ok.
Yeah, I agree: the truncation is intentional and tuned to the
architecture.
--
Kees Cook
security hazard". :)
This version looks great! Thanks for all the changes. :)
Reviewed-by: Kees Cook
--
Kees Cook
atic ssize_t dtl_file_read(struct file *filp, char __user
*buf, size_t len,
}
/* .. and now the head */
- rc = copy_to_user(buf, &dtl->buf[i], n_req * sizeof(struct dtl_entry));
+ rc = bounce_copy(buf, &dtl->buf[i], n_req * sizeof(struct dtl_entry));
if (rc)
return -EFAULT;
--
Kees Cook
atic ssize_t dtl_file_read(struct file *filp, char __user
*buf, size_t len,
}
/* .. and now the head */
- rc = copy_to_user(buf, &dtl->buf[i], n_req * sizeof(struct dtl_entry));
+ rc = bounce_copy(buf, &dtl->buf[i], n_req * sizeof(struct dtl_entry));
if (rc)
return -EFAULT;
--
Kees Cook
Since arch_pick_mmap_layout() is an inline for non-MMU systems, disable
this test there.
Reported-by: kernel test robot
Closes:
https://lore.kernel.org/oe-kbuild-all/202406160505.ubge6tmy-...@intel.com/
Signed-off-by: Kees Cook
---
Cc: Brendan Higgins
Cc: David Gow
Cc: Rae Moar
Cc: "Gu
On Sat, Jun 15, 2024 at 06:09:07PM +0200, Martin Uecker wrote:
> Am Freitag, dem 14.06.2024 um 12:17 +0200 schrieb Peter Zijlstra:
> > On Wed, Jun 12, 2024 at 04:23:31PM -0700, Kees Cook wrote:
> > > On Thu, Jun 13, 2024 at 12:08:21AM +0200, Peter Zijlstra wrote:
> > > &
On Fri, Jun 14, 2024 at 12:17:08PM +0200, Peter Zijlstra wrote:
> On Wed, Jun 12, 2024 at 04:23:31PM -0700, Kees Cook wrote:
> > On Thu, Jun 13, 2024 at 12:08:21AM +0200, Peter Zijlstra wrote:
> > > On Wed, Jun 12, 2024 at 12:01:19PM -0700, Kees Cook wrote:
> > > >
;
>Fair enough. As long as it is documented that there is no guarantee
>that this will keep working over a kernel upgrade, then I have no
>objections.
Yeah, I should better document this for pstore as a whole, but I've already
made the call that cross-kernel-versison operation is best effort.
-Kees
--
Kees Cook
On Thu, Jun 13, 2024 at 12:41:43PM +0800, David Gow wrote:
> On Thu, 13 Jun 2024 at 03:59, Kees Cook wrote:
> >
> > Hi,
> >
> > This builds on the proposal[1] from Mark and lets me convert the
> > existing usercopy selftest to KUnit. Besides adding this basic tes
On Thu, Jun 13, 2024 at 12:08:21AM +0200, Peter Zijlstra wrote:
> On Wed, Jun 12, 2024 at 12:01:19PM -0700, Kees Cook wrote:
> > I'm happy to take patches. And for this bikeshed, this would be better
> > named under the size_*() helpers which are trying to keep size_t
&
ticed by 0day
v2: https://lore.kernel.org/lkml/20240610213055.it.075-k...@kernel.org/
v1: https://lore.kernel.org/lkml/20240519190422.work.715-k...@kernel.org/
-Kees
[1] https://lore.kernel.org/lkml/20230321122514.1743889-2-mark.rutl...@arm.com/
Kees Cook (2):
kunit: test: Add vm_mmap() al
) and arch_pick_mmap_layout() aren't exported for
modules, so export these only for KUnit testing.
Link:
https://lore.kernel.org/lkml/20230321122514.1743889-2-mark.rutl...@arm.com/ [1]
Co-developed-by: Mark Rutland
Signed-off-by: Mark Rutland
Reviewed-by: David Gow
Signed-off-by:
ff-by: Vitor Massaru Iha
Link: https://lore.kernel.org/r/20200721174654.72132-1-vi...@massaru.org
Tested-by: Ivan Orlov
Reviewed-by: David Gow
Signed-off-by: Kees Cook
---
MAINTAINERS| 1 +
lib/Kconfig.debug | 21 +-
lib/Mak
On Wed, Jun 12, 2024 at 09:21:52PM +0200, Geert Uytterhoeven wrote:
> Hi Kees,
>
> On Wed, Jun 12, 2024 at 6:51 PM Kees Cook wrote:
> > On Wed, Jun 12, 2024 at 05:13:39PM +0800, David Gow wrote:
> > > On Tue, 11 Jun 2024 at 05:33, Kees Cook wrote:
> > > > C
201 - 300 of 4400 matches
Mail list logo
