On Tue, Mar 12, 2024 at 10:02:59AM -0700, Guenter Roeck wrote:
> Document API functions for suppressing warning backtraces.
>
> Signed-off-by: Guenter Roeck
Reviewed-by: Kees Cook
--
Kees Cook
t; the affected architectures / platforms fixed.
>
> Signed-off-by: Guenter Roeck
Reviewed-by: Kees Cook
--
Kees Cook
t; the affected architectures / platforms fixed.
>
> Signed-off-by: Guenter Roeck
Reviewed-by: Kees Cook
--
Kees Cook
t; the affected architectures / platforms fixed.
>
> Signed-off-by: Guenter Roeck
Reviewed-by: Kees Cook
--
Kees Cook
rning, _warnings, node) {
> - if (!strcmp(function, warning->function))
> + if (!strcmp(function, warning->function)) {
> + warning->counter++;
> return true;
> + }
> }
> return false;
> }
> --
> 2.39.2
>
Reviewed-by: Kees Cook
--
Kees Cook
rning, _warnings, node) {
> - if (!strcmp(function, warning->function))
> + if (!strcmp(function, warning->function)) {
> + warning->counter++;
> return true;
> + }
> }
> return false;
> }
> --
> 2.39.2
>
Reviewed-by: Kees Cook
--
Kees Cook
rning, _warnings, node) {
> - if (!strcmp(function, warning->function))
> + if (!strcmp(function, warning->function)) {
> + warning->counter++;
> return true;
> + }
> }
> return false;
> }
> --
> 2.39.2
>
Reviewed-by: Kees Cook
--
Kees Cook
> Solve the problem by providing a means to identify and suppress specific
> warning backtraces while executing test code.
>
> Cc: Dan Carpenter
> Cc: Daniel Diaz
> Cc: Naresh Kamboju
> Cc: Kees Cook
> Signed-off-by: Guenter Roeck
Yup, this looks fine to me.
Reviewed-by: Kees Cook
--
Kees Cook
> Solve the problem by providing a means to identify and suppress specific
> warning backtraces while executing test code.
>
> Cc: Dan Carpenter
> Cc: Daniel Diaz
> Cc: Naresh Kamboju
> Cc: Kees Cook
> Signed-off-by: Guenter Roeck
Yup, this looks fine to me.
Reviewed-by: Kees Cook
--
Kees Cook
> Solve the problem by providing a means to identify and suppress specific
> warning backtraces while executing test code.
>
> Cc: Dan Carpenter
> Cc: Daniel Diaz
> Cc: Naresh Kamboju
> Cc: Kees Cook
> Signed-off-by: Guenter Roeck
Yup, this looks fine to me.
Reviewed-by: Kees Cook
--
Kees Cook
ll,$(CC)
> -print-file-name=plugin)/include/plugin-version.h)
> + depends on $(host-cc-option,-include gmp.h)
Why does the prior depends not fail? That's where plugin detection is
happening.
--
Kees Cook
kees wrote:
> That one ends up not being a problem, but presumably you are wanting to
> change that top-level 'struct' to be a 'union'?
No, I want to collapse the entire macro into just `TYPE NAME[]`. Right now the
Linux kernel uses the `DECLARE_FLEX_ARRAY` macro _in_ over 200 unions and
needless error path code in remove_arg_zero() (Li kunyu, Kees Cook)
- binfmt_elf_efpic: Don't use missing interpreter's properties (Max Filippov)
- Use /bin/bash for execveat selftests
Kees Cook (2):
selftests/exec: Perform
umount
Christophe JAILLET (1):
pstore/zone: Don't clear memory twice
Guilherme G. Piccoli (1):
efi: pstore: Allow dynamic initialization based on module parameter
Kees Cook (1):
pstore: inode: Only d_invalidate
kees wrote:
> There are currently over 200 separate unions using the work-around.
Specifically, this is what Linux uses for getting C99 flexible arrays in unions
and alone in structs:
```
#define DECLARE_FLEX_ARRAY(TYPE, NAME)\
struct { \
struct { } __empty_ ##
kees wrote:
> C99 added flexible array members, and the C99 rationale says the feature was
> added specifically as a replacement for the common idiom known as the "struct
> hack" for creating a structure containing a variable-size array.
This is my reasoning as well -- we (Linux dev hat on)
kees wrote:
> Left my comment on the main list, but I don't see this as a well motivated
> change, and even if GCC supported it, it would still be a very difficult to
> motivate extension without massive historical workloads already using it.
This is needed by the Linux kernel, and is in
We don't need the "out" label any more, so remove "ret" and return
directly on error.
Signed-off-by: Kees Cook
---
Cc: Eric Biederman
Cc: Alexander Viro
Cc: Christian Brauner
Cc: Jan Kara
Cc: linux...@kvack.org
Cc: linux-fsde...@vger.kernel.org
---
fs/exec.c | 10 +++---
On Sat, Mar 09, 2024 at 01:51:16PM -0500, Steven Rostedt wrote:
> On Sat, 9 Mar 2024 10:27:47 -0800
> Kees Cook wrote:
>
> > On Tue, Mar 05, 2024 at 08:59:10PM -0500, Steven Rostedt wrote:
> > > This is a way to map a ring buffer instance across reboots.
> >
&
twice
https://git.kernel.org/kees/c/c8d25d696f52
Take care,
--
Kees Cook
On Fri, Mar 08, 2024 at 08:20:18PM +, Simon Horman wrote:
> On Wed, Mar 06, 2024 at 03:51:36PM -0800, Kees Cook wrote:
> > The norm should be flexible array structures with __counted_by
> > annotations, so DEFINE_FLEX() is updated to expect that. Rename
> > the
On Fri, Mar 08, 2024 at 08:20:18PM +, Simon Horman wrote:
> On Wed, Mar 06, 2024 at 03:51:36PM -0800, Kees Cook wrote:
> > The norm should be flexible array structures with __counted_by
> > annotations, so DEFINE_FLEX() is updated to expect that. Rename
> > the
The kstack_offset variable was really only ever using the low bits for
kernel stack offset entropy. Add a ror32() to increase bit diffusion.
Suggested-by: Arnd Bergmann
Fixes: 39218ff4c625 ("stack: Optionally randomize kernel stack offset each
syscall")
Signed-off-by: Kees Cook
---
.kernel.org/admin-guide/ramoops.html
[2]
https://www.freedesktop.org/software/systemd/man/latest/systemd-pstore.service.html
--
Kees Cook
kees wrote:
For historical reference, the first version of this PR is visible here now:
https://github.com/kees/llvm-project/commit/ce31f1d75f060b32e5dbc5756fe41cc8eaac83a6
https://github.com/llvm/llvm-project/pull/84428
___
cfe-commits mailing list
https://github.com/kees edited https://github.com/llvm/llvm-project/pull/84428
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/kees updated https://github.com/llvm/llvm-project/pull/84428
>From eb5138b45fa450737600050ad8dabdcb27513d42 Mon Sep 17 00:00:00 2001
From: Kees Cook
Date: Thu, 7 Mar 2024 17:03:09 -0800
Subject: [PATCH] [Clang][Sema]: Allow flexible arrays in unions and alone in
structs
kees wrote:
GCC: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=53548
Clang: https://github.com/llvm/llvm-project/issues/84565
https://github.com/llvm/llvm-project/pull/84428
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
kees wrote:
> > I didn't do this because it seemed like this would change a lot of existing
> > test cases
>
> Can you give some examples of tests that would fail? If we have tests
> checking that these fail, then perhaps those tests should add
> `-Werror=pedantic` so that they can continue
kees wrote:
> Rather than have a `-f` flag to opt into this extension, I think instead you
> should just make it always available, then have tests that it can be used,
> but will trigger diagnostics under `-Wpedantic` since it's technically a
> language extension (IIUC).
I didn't do this
@@ -0,0 +1,43 @@
+// RUN: %clang_cc1 %s -verify=c -fsyntax-only -fflex-array-extensions
+
+// The test checks that flexible array members do not emit warnings when
+// -fflex-array-extensions when used in a union or alone in a structure.
+
+struct already_hidden {
+ int a;
kees wrote:
With PR #82432 landed, this PR is redundant. Thanks for changing the option
name! Closing...
https://github.com/llvm/llvm-project/pull/80089
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://github.com/kees closed https://github.com/llvm/llvm-project/pull/80089
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/kees edited https://github.com/llvm/llvm-project/pull/84428
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
transition
for code bases away from 0-sized arrays without losing existing code patterns.
>From ce31f1d75f060b32e5dbc5756fe41cc8eaac83a6 Mon Sep 17 00:00:00 2001
From: Kees Cook
Date: Thu, 7 Mar 2024 17:03:09 -0800
Subject: [PATCH] [Clang][Sema]: Allow flexible arrays in unions and alone in
(I was able
to reproduce one error with /bin/dash, for example, but not the others,
so something must be different in the set up.)
-Kees
--
Kees Cook
On Wed, Mar 06, 2024 at 09:47:36AM +0800, GONG, Ruiqi wrote:
>
>
> On 2024/03/05 18:10, Kees Cook wrote:
> > Hi,
> >
> > Repeating the commit logs for patch 4 here:
> >
> > Dedicated caches are available For fixed size allocations via
> >
e() initializes con->cable
> if successful. Coverity seems to miss this and still thinks that
> con->cable is NULL. Then converity correctly notices that
> ucsi_get_cable_identity() dereferences con->cable and complains.
Ah-ha! Yes, the ucsi_register_cable() check seems to have been missed.
I think it's confused by:
cable = typec_register_cable(con->port, );
if (IS_ERR(cable)) {
This isn't IS_ERR_OR_NULL, so it thinks cable might still be NULL, but
there's no path through typec_register_cable() where that can be true.
Thanks for taking a look!
-Kees
--
Kees Cook
n is that is is already bordering on becoming
> a "bespoke rng" implementation that Jason was objecting to,
> so the current version is intentionally left weak in order
> to not even give the appearance of being a security relevant
> feature.
I don't think it's bad to make a trivial improvement to entropy diffusion.
--
Kees Cook
rn about reseeding
delay? (In which case, why not continue to use the strong rng?)
--
Kees Cook
On Wed, Mar 06, 2024 at 08:06:29AM +0100, Przemek Kitszel wrote:
> On 3/6/24 04:25, Gustavo A. R. Silva wrote:
> >
> >
> > On 05/03/24 19:07, Kees Cook wrote:
> > > The norm should be flexible array structures with __counted_by
> > > annotations
On Wed, Mar 06, 2024 at 08:06:29AM +0100, Przemek Kitszel wrote:
> On 3/6/24 04:25, Gustavo A. R. Silva wrote:
> >
> >
> > On 05/03/24 19:07, Kees Cook wrote:
> > > The norm should be flexible array structures with __counted_by
> > > annotations
The norm should be flexible array structures with __counted_by
annotations, so DEFINE_FLEX() is updated to expect that. Rename
the non-annotated version to DEFINE_RAW_FLEX(), and update the
few existing users.
Signed-off-by: Kees Cook
---
Cc: Przemek Kitszel
Cc: Jesse Brandeburg
Cc: Tony
The norm should be flexible array structures with __counted_by
annotations, so DEFINE_FLEX() is updated to expect that. Rename
the non-annotated version to DEFINE_RAW_FLEX(), and update the
few existing users.
Signed-off-by: Kees Cook
---
Cc: Przemek Kitszel
Cc: Jesse Brandeburg
Cc: Tony
//lore.kernel.org/all/202402281554.C1CEEF744@keescook/
>
> Yes, I think so.
> Kees, did you plan to send a v2? Otherwise I can put the cleanup on our
> "public ToDo" list :)
I found the requested collateral changes that popped out of v1 to be
rather a bit much for me to tackle right now, so I think adding to the
TODO list is probably best. :)
-Kees
--
Kees Cook
-by: Kees Cook
---
Cc: Przemek Kitszel
Cc: Jesse Brandeburg
Cc: Tony Nguyen
Cc: "David S. Miller"
Cc: Eric Dumazet
Cc: Jakub Kicinski
Cc: Paolo Abeni
Cc: "Gustavo A. R. Silva"
Cc: intel-wired-...@lists.osuosl.org
Cc: net...@vger.kernel.org
Cc: linux-harden...@vger.kernel.
-by: Kees Cook
---
Cc: Przemek Kitszel
Cc: Jesse Brandeburg
Cc: Tony Nguyen
Cc: "David S. Miller"
Cc: Eric Dumazet
Cc: Jakub Kicinski
Cc: Paolo Abeni
Cc: "Gustavo A. R. Silva"
Cc: intel-wired-...@lists.osuosl.org
Cc: net...@vger.kernel.org
Cc: linux-hardening@vger.kernel.
se a __counted_by tag...
I need to improve the DEFINE_FLEX macro a bit, though, to take advantage
of __counted_by.
--
Kees Cook
ate(this_cpu_ptr(), rng_seed);
> + return 0;
> +}
> +
> +static int kstack_init(void)
> +{
> + int ret;
> +
> + ret = cpuhp_setup_state(CPUHP_AP_ONLINE_DYN,
> "arm64/cpuinfo:kstackrandomize",
> + kstack_rng_setup, NULL);
This will run initial seeding, but don't we need to reseed this with
some kind of frequency?
Otherwise, seems fine to me.
--
Kees Cook
exit $*\n";
/* Create ephemeral copies of files */
exe_cp("execveat", "execveat.ephemeral");
Can you test this and let me know if this fixes it for you?
Thanks for the report!
-Kees
--
Kees Cook
ng the setup/test/teardown. Even if the test
> configures its own exit handlers, they will not be run by the parent
> because it never calls exit(3), and the test function either ends with a
> call to _exit(2) or a signal.
>
> Cc: David S. Miller
> Cc: Günther Noack
> Cc: J
add counters or something that
KUnit could examine. E.g. I did this manually for some fortify tests:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?h=for-next/hardening=4ce615e798a752d4431fcc52960478906dec2f0e
-Kees
--
Kees Cook
add counters or something that
KUnit could examine. E.g. I did this manually for some fortify tests:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?h=for-next/hardening=4ce615e798a752d4431fcc52960478906dec2f0e
-Kees
--
Kees Cook
criptor));
>
> for (n = 0; n < num_descriptors; n++)
> + if (n >= ARRAY_SIZE(hdesc->desc))
> + break;
> if (hdesc->desc[n].bDescriptorType == HID_DT_REPORT)
> rsize = le16_to_cpu(hdesc->desc[n].wDescriptorLength);
>
> --
> 2.34.1
>
--
Kees Cook
rg/kees/c/3fe1eb4dd2e4
Take care,
--
Kees Cook
/2021/02/09/CVE-2021-26708.html [4]
Link:
https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html
[5]
Link: https://zplin.me/papers/ELOISE.pdf [6]
Link: https://syst3mfailure.io/wall-of-perdition/
Signed-off-by: Kees Cook
---
Cc: "GONG, Ruiqi"
Cc: Xiu Ji
://github.com/a13xp0p0v/kernel-hack-drill/blob/master/drill_exploit_uaf.c
[4]
Signed-off-by: Kees Cook
---
Cc: Andrew Morton
Cc: "GONG, Ruiqi"
Cc: Xiu Jianfeng
Cc: Suren Baghdasaryan
Cc: Kent Overstreet
Cc: Jann Horn
Cc: Matteo Rizzo
Cc: linux...@kvack.org
---
mm/u
For better capturing the caller details for allocation wrappers,
introduce kmem_buckets_alloc_track_caller() by plumbing the
buckets into the existing *_track_caller() interfaces.
Signed-off-by: Kees Cook
---
Cc: Vlastimil Babka
Cc: Christoph Lameter
Cc: Pekka Enberg
Cc: David Rientjes
Cc
To perform allocations with the buckets allocated with
kmem_buckets_create(), introduce kmem_buckets_alloc() which behaves
like kmem_cache_alloc().
Signed-off-by: Kees Cook
---
Cc: Vlastimil Babka
Cc: Christoph Lameter
Cc: Pekka Enberg
Cc: David Rientjes
Cc: Joonsoo Kim
Cc: Andrew Morton
This can also be used in the future once codetag allocation annotations
exist to implement per-caller allocation cache isolation[1] even for
dynamic allocations.
Link: https://lore.kernel.org/lkml/202402211449.401382D2AF@keescook [1]
Signed-off-by: Kees Cook
---
Cc: Vlastimil Babka
Cc: Christo
For allocations that may need to fallback to vmalloc, add
kmem_buckets_valloc().
Signed-off-by: Kees Cook
---
Cc: Vlastimil Babka
Cc: Christoph Lameter
Cc: Pekka Enberg
Cc: David Rientjes
Cc: Joonsoo Kim
Cc: Andrew Morton
Cc: Roman Gushchin
Cc: Hyeonggon Yoo <42.hye...@gmail.com&
To be able to choose which buckets to allocate from, make the buckets
available to the lower level kmalloc interfaces.
Signed-off-by: Kees Cook
---
Cc: Vlastimil Babka
Cc: Christoph Lameter
Cc: Pekka Enberg
Cc: David Rientjes
Cc: Joonsoo Kim
Cc: Andrew Morton
Cc: Roman Gushchin
Cc
Provide an API to perform kvmalloc-style allocations with a particular
set of buckets.
Signed-off-by: Kees Cook
---
Cc: Vlastimil Babka
Cc: Christoph Lameter
Cc: Pekka Enberg
Cc: David Rientjes
Cc: Joonsoo Kim
Cc: Andrew Morton
Cc: Roman Gushchin
Cc: Hyeonggon Yoo <42.hye...@gmail.com&
loc style
v1: https://lore.kernel.org/lkml/20240304184252.work.496-k...@kernel.org/
Kees Cook (9):
slab: Introduce kmem_buckets typedef
slub: Plumb kmem_buckets into __do_kmalloc_node()
util: Introduce __kvmalloc_node() that can take kmem_buckets argument
slab: Introduce kmem_buckets_create
Encapsulate the concept of a single set of kmem_caches that are used
for the kmalloc size buckets. Redefine kmalloc_caches as an array
of these buckets (for the different global cache buckets).
Signed-off-by: Kees Cook
---
Cc: Vlastimil Babka
Cc: Christoph Lameter
Cc: Pekka Enberg
Cc: David
On Mon, Mar 04, 2024 at 03:39:02PM -0800, Jakub Kicinski wrote:
> On Mon, 4 Mar 2024 15:14:04 -0800 Kees Cook wrote:
> > > Ugh, I'm guessing vfork() "eats" the signal, IOW grandchild signals,
> > > child exits? vfork() and signals.. I'd rather leave to Kees || Micka
On Tue, Mar 05, 2024 at 11:31:06AM +0800, Jiangfeng Xiao wrote:
>
>
> On 2024/3/5 1:40, Kees Cook wrote:
> > On Mon, Mar 04, 2024 at 04:15:07PM +0100, Jann Horn wrote:
> >> On Mon, Mar 4, 2024 at 3:02 AM Jiangfeng Xiao
> >> wrote:
> >>> Whe
ted-by: Mark Brown
> Link:
> https://lore.kernel.org/all/05f7bf89-04a5-4b65-bf59-c19456aeb...@sirena.org.uk
> Fixes: a724707976b0 ("selftests: kselftest_harness: use KSFT_* exit codes")
> Signed-off-by: Jakub Kicinski
Reviewed-by: Kees Cook
--
Kees Cook
> ASSERT_GE(self->fd1, 0);
>
> > but there's no more context. I'm also seeing some breakage in the
> > seccomp selftests which also use kselftest-harness:
> >
> > # # RUN TRAP.dfl ...
> > # # dfl: Test exited normally instead of by signal (code: 0)
> > # # FAIL TRAP.dfl
> > # not ok 56 TRAP.dfl
> > # # RUN TRAP.ign ...
> > # # ign: Test exited normally instead of by signal (code: 0)
> > # # FAIL TRAP.ign
> > # not ok 57 TRAP.ign
>
> Ugh, I'm guessing vfork() "eats" the signal, IOW grandchild signals,
> child exits? vfork() and signals.. I'd rather leave to Kees || Mickael.
Oh no, that does seem bad. Since Mickaël is also seeing weird issues,
can we drop the vfork changes for now?
--
Kees Cook
On Mon, Mar 04, 2024 at 04:45:11PM -0600, Alex Elder wrote:
> On 3/4/24 3:19 PM, Kees Cook wrote:
> > FORTIFY_SOURCE has been ignoring 0-sized destinations while the kernel
> > code base has been converted to flexible arrays. In order to enforce
> > the 0-sized destinations (e
On Mon, Mar 04, 2024 at 02:16:48PM -0800, Eric Biggers wrote:
> On Mon, Mar 04, 2024 at 10:49:31AM -0800, Kees Cook wrote:
> > xattr: Use dedicated slab buckets for setxattr()
>
> This patch actually changes listxattr(), not setxattr().
>
> getxattr(), setxattr(), and lis
On Tue, Mar 05, 2024 at 08:16:30AM +1100, Dave Chinner wrote:
> On Mon, Mar 04, 2024 at 10:49:31AM -0800, Kees Cook wrote:
> > The setxattr() API can be used for exploiting[1][2][3] use-after-free
> > type confusion flaws in the kernel. Avoid having a user-controlled size
away from fake flexible arrays).
Avoid the following false positive warning with future changes to
CONFIG_FORTIFY_SOURCE:
memcpy: detected field-spanning write (size 3068) of destination
">__sk_common.skc_dontcopy_end" at net/core/sock.c:2057 (size 0)
Signed-off-by: Kees Cook
a flexible array, just directly use a pointer without any
additional indirection. Remove struct gb_bootrom_get_firmware_response
and struct gb_fw_download_fetch_firmware_response.
Signed-off-by: Kees Cook
---
Cc: Alex Elder
Cc: Viresh Kumar
Cc: Johan Hovold
Cc: Greg Kroah-Hartman
Cc: Gustavo A. R
il out! ");
errno = saved_errno;
vprintf(msg, args);
va_end(args);
"Bail out!" is not very descriptive. I think I'd rather this should be:
"FAILED: "
and then that added prefix doesn't need to be added everywhere in this
patch, nor the "error: " prefix in the next patch.
--
Kees Cook
nks, looks good.
Reviewed-by: Kees Cook
--
Kees Cook
://etenal.me/archives/1336 [2]
Link:
https://github.com/a13xp0p0v/kernel-hack-drill/blob/master/drill_exploit_uaf.c
[3]
Signed-off-by: Kees Cook
---
Cc: Christian Brauner
Cc: Alexander Viro
Cc: Jan Kara
Cc: linux-fsde...@vger.kernel.org
---
fs/xattr.c | 12 +++-
1 file changed, 11
://starlabs.sg/blog/2023/07-prctl-anon_vma_name-an-amusing-heap-spray/ [1]
Signed-off-by: Kees Cook
---
Cc: Andrew Morton
Cc: linux...@kvack.org
---
mm/util.c | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/mm/util.c b/mm/util.c
index 5a6a9802583b..818e74d11fb6 100644
[5]
Link: https://zplin.me/papers/ELOISE.pdf [6]
-Kees
Kees Cook (4):
slab: Introduce dedicated bucket allocator
ipc, msg: Use dedicated slab buckets for alloc_msg()
xattr: Use dedicated slab buckets for setxattr()
mm/util: Use dedicated slab buckets for memdup_user()
fs/xa
://zplin.me/papers/ELOISE.pdf [6]
Signed-off-by: Kees Cook
---
---
ipc/msgutil.c | 11 ++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/ipc/msgutil.c b/ipc/msgutil.c
index d0a0e877cadd..36f1aa9ea1cf 100644
--- a/ipc/msgutil.c
+++ b/ipc/msgutil.c
@@ -42,6 +42,15 @@ struct
allocation annotations
exist to implement per-caller allocation cache isolation[1] even for
dynamic allocations.
Link: https://lore.kernel.org/lkml/202402211449.401382D2AF@keescook [1]
Signed-off-by: Kees Cook
---
Cc: Vlastimil Babka
Cc: Christoph Lameter
Cc: Pekka Enberg
Cc: David Rientjes
C
NAK. usercopy_abort() doesn't return. It ends with BUG().
--
Kees Cook
> the access to the flex array in order to avoid potential compiler
> warnings/errors due to adding the __counted_by() attribute.
>
> Suggested-by: Nuno Sá
> Signed-off-by: David Lechner
Looks good! Thanks for the respin.
Reviewed-by: Kees Cook
--
Kees Cook
On Sat, Mar 02, 2024 at 12:47:08AM +, Edgecombe, Rick P wrote:
> On Wed, 2024-02-28 at 09:21 -0800, Kees Cook wrote:
> > I totally understand. If the "uninitialized" warnings were actually
> > reliable, I would agree. I look at it this way:
> >
> > -
On Sat, Mar 02, 2024 at 12:47:08AM +, Edgecombe, Rick P wrote:
> On Wed, 2024-02-28 at 09:21 -0800, Kees Cook wrote:
> > I totally understand. If the "uninitialized" warnings were actually
> > reliable, I would agree. I look at it this way:
> >
> > -
On Sat, Mar 02, 2024 at 12:47:08AM +, Edgecombe, Rick P wrote:
> On Wed, 2024-02-28 at 09:21 -0800, Kees Cook wrote:
> > I totally understand. If the "uninitialized" warnings were actually
> > reliable, I would agree. I look at it this way:
> >
> > -
truct uverbs_attr_bundle bundle;
> | ^~
>
> Signed-off-by: Gustavo A. R. Silva
This looks complex, but I think it's simpler that other changes that
would have much more collateral impact. Thanks for figuring out a
workable solution!
Reviewed-by: Kees Cook
--
Kees Cook
~~~
>
> Signed-off-by: Gustavo A. R. Silva
I think this is a nice way to deal with these flex-array cases. Using
the struct_group() and container_of() means there is very little
collateral impact. Since this is isolated to a single file, I wonder if
it's easy to check that there are no binary differe
On Fri, Mar 01, 2024 at 02:25:20PM -0600, David Lechner wrote:
> This makes use of the struct_size() macro to calculate the size of the
> struct axi_spi_engine when allocating it.
>
> Suggested-by: Christophe JAILLET
> Signed-off-by: David Lechner
Reviewed-by: Kees Cook
--
Kees Cook
On Fri, Mar 01, 2024 at 02:25:18PM -0600, David Lechner wrote:
> The program pointer p in struct spi_engine_message_state in the AXI SPI
> Engine controller driver was assigned but never read so it can be
> removed.
>
> Signed-off-by: David Lechner
Reviewed-by: Kees Cook
--
Kees Cook
ot;length", as now accesses to "instructions" will be bounds-checked
by the compiler. For example, this change:
static void spi_engine_program_add_cmd(struct spi_engine_program *p,
bool dry, uint16_t cmd)
{
p->length++;
if (!dry)
p->instructions[p->length - 1] = cmd;
}
--
Kees Cook
On Fri, Mar 01, 2024 at 01:20:41PM +0200, Andy Shevchenko wrote:
> On Fri, Mar 1, 2024 at 2:26 AM Kees Cook wrote:
> >
> > Convert test-string_helpers.c to KUnit so it can be easily run with
> > everything else.
>
> ...
>
> > -#include
> > #inc
1s building,
0.066s running
Signed-off-by: Kees Cook
---
Cc: Andy Shevchenko
---
MAINTAINERS | 2 +-
lib/Kconfig.debug | 6 +-
lib/Makefile | 2 +-
...tring_helpers.c => string
:37:40] Testing complete. Ran 6 tests: passed: 6
[09:37:40] Elapsed time: 6.730s total, 0.001s configuring, 6.562s building,
0.131s running
Signed-off-by: Kees Cook
---
Cc: Andy Shevchenko
---
MAINTAINERS | 2 +-
lib/Kconfig.debug | 6 +-
lib
Hi,
I realized the string selftests hadn't been converted to KUnit yet. Do that.
-Kees
v3: retain all text context in failure reporting
v2: https://lore.kernel.org/lkml/20240301002416.it.092-k...@kernel.org/
v1: https://lore.kernel.org/lkml/20240229233432.work.675-k...@kernel.org/
Kees
On Fri, Mar 01, 2024 at 01:09:27PM +0200, Andy Shevchenko wrote:
> On Fri, Mar 1, 2024 at 2:26 AM Kees Cook wrote:
> >
> > Convert test_string.c to KUnit so it can be easily run with everything
> > else.
>
> Have you run it?
Yes:
$ ./tools/testing/kunit/kunit.py run
some replacements right away:
$ git grep '\btype_\(min\|max\)(typeof' | wc -l
11
Signed-off-by: Kees Cook
---
Cc: Rasmus Villemoes
Cc: "Gustavo A. R. Silva"
Cc: linux-hardening@vger.kernel.org
---
include/linux/overflow.h | 12 +++-
1 file changed, 7 insertions(+), 5 deletion
Convert test-string_helpers.c to KUnit so it can be easily run with
everything else.
Signed-off-by: Kees Cook
---
Cc: Andy Shevchenko
Cc: Kent Overstreet
Cc: linux-hardening@vger.kernel.org
---
MAINTAINERS | 2 +-
lib/Kconfig.debug
Convert test_string.c to KUnit so it can be easily run with everything
else.
Signed-off-by: Kees Cook
---
Cc: Andy Shevchenko
Cc: linux-hardening@vger.kernel.org
---
MAINTAINERS | 2 +-
lib/Kconfig.debug | 6 +-
lib/Makefile
Hi,
I realized the string selftests hadn't been converted to KUnit yet. Do that.
-Kees
v2: rebase onto
https://lore.kernel.org/r/20240229205345.93902-1-andriy.shevche...@linux.intel.com
v1:
https://lore.kernel.org/linux-hardening/20240229233432.work.675-k...@kernel.org/
Kees Cook (2
501 - 600 of 37844 matches
Mail list logo