Re: [PATCH] Squashfs: replace deprecated strncpy with strscpy

t; } > > str = &index->name[SQUASHFS_NAME_LEN + 1]; > - strncpy(str, name, len); > - str[len] = '\0'; > + strscpy(str, name, len + 1); Otherwise, yeah, looks right. Reviewed-by: Kees Cook -Kees > > for (i = 0; i < i_count

Re: [PATCH] smb: client: replace deprecated strncpy with strscpy

-strings > [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html > [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt Reviewed-by: Kees Cook -- Kees Cook

[clang] [Clang] Fix __is_array returning true for zero-sized arrays (PR #86652)

kees wrote: I guess I don't have a strong opinion here, since these helpers are specific to C++, and I've been generally trying to remove fixed-size 0-sized arrays in C projects (i.e. the Linux kernel). I do care about C flexible arrays (and their associated extensions), though. I suspect ther

Re: [apparmor] [PATCH 2/2] apparmor: fix typo in kernel doc

On Fri, Mar 15, 2024 at 01:54:09PM +0100, Christian Göttsche wrote: > Fix the typo in the function documentation to please kernel doc > warnings. > > Signed-off-by: Christian Göttsche Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH] reiserfs: replace deprecated strncpy with scnprintf

issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt Yeah, I like the use of %.*s here. This is much more clear now I think. Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH] vmcore: replace strncpy with strtomem

__u32 n_type; /* NT_VMCOREDD */ > - __u8 name[8]; /* LINUX\0\0\0 */ > - __u8 dump_name[VMCOREDD_MAX_NAME_BYTES]; /* Device dump's name */ > + __u8 name[8] __nonstring; /* LINUX\0\0\0 */ > + __u8 dump_name[VMCOREDD_MAX_NAME_BYTES] __nonstring; /* Device dump's > name */ > }; Unfortunately since this is UAPI, we can't sanely use __nonstring here. :( -- Kees Cook

Re: [PATCH] pstore/blk: replace deprecated strncpy with strscpy

ied to for-next/pstore, thanks! [1/1] pstore/blk: replace deprecated strncpy with strscpy https://git.kernel.org/kees/c/80b735d01bbb Take care, -- Kees Cook

Re: [PATCH] gcc-plugins/stackleak: Avoid .head.text section

nit.text and .noinstr.text entirely. > > Applied to for-next/hardening, thanks! [1/1] gcc-plugins/stackleak: Avoid .head.text section https://git.kernel.org/kees/c/4ac9a796ada0 Take care, -- Kees Cook

[clang] [Clang][objectsize] Generate object size calculation for sub-objects (PR #86858)

https://github.com/kees commented: I can't speak to the implementation details, but this passes my PoC tests that examine subobjects. https://github.com/llvm/llvm-project/pull/86858 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists

Re: [PATCH 1/2] [RESEND] wifi: carl9170: re-fix fortified-memset warning

truct_group() to do this either. Using two separate memset() calls > on the two members does address the warning though. > > Fixes: fb5f6a0e8063b ("mac80211: Use memset_after() to clear tx status") > Link: https://lore.kernel.org/lkml/20230623152443.2296825-1-a...@kernel.org/ > Signed-off-by: Arnd Bergmann Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH 2/2] wifi: ath9k: work around memset overflow warning

t; > Using a struct_group seems to reliably avoid the warning and > not make the code much uglier. The combined memset() should even > save a couple of cpu cycles. > > Signed-off-by: Arnd Bergmann Reviewed-by: Kees Cook -- Kees Cook

[clang] [Clang] Fix __is_array returning true for zero-sized arrays (PR #86652)

kees wrote: > My natural inclination is that it is array-like, but... that just makes me > want `__is_array` to return `true` for it all the more. Yes. An array is an array, regardless of its size. The size is just a storage characteristic. It'd almost be like arguing that `NaN` isn't a float.

Re: [PATCH v2][next] Bluetooth: L2CAP: Avoid -Wflex-array-member-not-at-end warnings

ependencies already in net-next or perhaps you >> had it submit while the tree had not been updated. > >This is based off of linux-next. > >I think net-next is missing this commit in v6.9-rc1: > >d8e45f2929b9 "overflow: Change DEFINE_FLEX to take __counted_by member&q

Re: __randomize_layout;

ld kind of cause chaos. So you're all good! :) -- Kees Cook

[clang] [Clang][Sema] Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees closed https://github.com/llvm/llvm-project/pull/84428 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [Clang][Sema] Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees updated https://github.com/llvm/llvm-project/pull/84428 >From 59c81a85cd9652d02b15a79553259351a59e8534 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Thu, 7 Mar 2024 17:03:09 -0800 Subject: [PATCH] [Clang][Sema] Allow flexible arrays in unions and alone in structs

[clang] [Clang][Sema] Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -271,6 +271,9 @@ Improvements to Clang's diagnostics - Clang now correctly diagnoses no arguments to a variadic macro parameter as a C23/C++20 extension. Fixes #GH84495. +- ``-Wmicrosoft`` or ``-Wgnu`` is now required to diagnose C99 flexible + array members in a union

[GIT PULL] execve fixes for v6.9-rc2

Stitt (1): binfmt: replace deprecated strncpy Kees Cook (2): selftests/exec: execveat: Improve debug reporting selftests/exec: Convert remaining /bin/sh to /bin/bash Max Filippov (1): exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack() Muhammad Usama Anjum (3

Re: [PATCH] selftests/exec: execveat: Improve debug reporting

On Tue, Mar 26, 2024 at 02:46:02PM -0600, Shuah Khan wrote: > On 3/14/24 02:54, Muhammad Usama Anjum wrote: > > On 3/13/24 11:56 PM, Kees Cook wrote: > > > Children processes were reporting their status, duplicating the > > > parent's. Remove that, and add some a

Re: [PATCH v2 0/9] slab: Introduce dedicated bucket allocator

On Tue, Mar 26, 2024 at 06:07:07PM +, julien.voi...@dustri.org wrote: > 25 March 2024 at 19:24, "Kees Cook" wrote: > > On Mon, Mar 25, 2024 at 10:03:23AM +0100, Vlastimil Babka wrote: > > > On 3/5/24 11:10 AM, Kees Cook wrote: > > > Hi, > > >

Re: [PATCH v2 4/9] slab: Introduce kmem_buckets_create()

() users, since the proposed GFP_USERCOPY for kmalloc() never landed[1]. -Kees [1] https://lore.kernel.org/lkml/1497915397-93805-23-git-send-email-keesc...@chromium.org/ -- Kees Cook

Re: [PATCH v2 4/9] slab: Introduce kmem_buckets_create()

On Mon, Mar 25, 2024 at 03:40:51PM -0400, Kent Overstreet wrote: > On Tue, Mar 05, 2024 at 02:10:20AM -0800, Kees Cook wrote: > > Dedicated caches are available For fixed size allocations via > > kmem_cache_alloc(), but for dynamically sized allocations there is only > > the

Re: [PATCH v2 0/9] slab: Introduce dedicated bucket allocator

On Mon, Mar 25, 2024 at 03:32:12PM -0400, Kent Overstreet wrote: > On Mon, Mar 25, 2024 at 10:03:23AM +0100, Vlastimil Babka wrote: > > On 3/5/24 11:10 AM, Kees Cook wrote: > > > Hi, > > > > > > Repeating the commit logs for patch 4 here: > > > >

Re: [PATCH] x86, relocs: Ignore relocations in .notes section on walk_relocs

On Sat, Mar 23, 2024 at 11:38:27AM +0100, Borislav Petkov wrote: > On Fri, Mar 22, 2024 at 04:40:11PM -0700, Kees Cook wrote: > > The earlier patch, commit aaa8736370db ("x86, relocs: Ignore relocations > > in .notes section"), landed via my tree. It was sent out on Feb 2

Re: [PATCH v2 0/9] slab: Introduce dedicated bucket allocator

On Mon, Mar 25, 2024 at 10:03:23AM +0100, Vlastimil Babka wrote: > On 3/5/24 11:10 AM, Kees Cook wrote: > > Hi, > > > > Repeating the commit logs for patch 4 here: > > > > Dedicated caches are available For fixed size allocations via > > kmem_c

[clang] [Clang][Sema] Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees updated https://github.com/llvm/llvm-project/pull/84428 >From eb5138b45fa450737600050ad8dabdcb27513d42 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Thu, 7 Mar 2024 17:03:09 -0800 Subject: [PATCH 1/8] [Clang][Sema]: Allow flexible arrays in unions and alone in stru

Re: [PATCH] x86, relocs: Ignore relocations in .notes section on walk_relocs

On Fri, Mar 22, 2024 at 09:45:12AM +0100, Ingo Molnar wrote: > > * Kees Cook wrote: > > > On Sun, 17 Mar 2024 23:05:47 +0800, Guixiong Wei wrote: > > > The commit aaa8736370db ("x86, relocs: Ignore relocations in > > > .notes section") only ig

Re: [PATCH] x86, relocs: Ignore relocations in .notes section on walk_relocs

On Fri, Mar 22, 2024 at 08:46:58PM +0100, Borislav Petkov wrote: > On Tue, Mar 19, 2024 at 09:56:29AM -0700, Kees Cook wrote: > > > Yes, please. Just send a Reviewed-by and it'll get picked up. > > > > Okay, thanks! > > Dammit, how did this commit land up

Re: [PATCH] lkdtm/bugs: Improve warning message for compilers without counted_by support

rect in both aspects. > > Applied to for-next/hardening, thanks! [1/1] lkdtm/bugs: Improve warning message for compilers without counted_by support https://git.kernel.org/kees/c/8b93450af173 Take care, -- Kees Cook

Re: [PATCH v2] binfmt: replace deprecated strncpy

info present in > binfmt_elf.c -- except that one uses get_task_comm over strncpy(). Let's > mirror that in binfmt_elf_fdpic.c > > [...] Applied to for-next/execve, thanks! [1/1] binfmt: replace deprecated strncpy https://git.kernel.org/kees/c/5248f4097308 Take care, -- Kees Cook

[clang] [Clang][Sema] Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -21,10 +27,76 @@ struct __attribute((packed, aligned(4))) { char a; int x; char z[]; } e = { 1, 2 struct { int x; char y[]; } f = { 1, { 13, 15 } }; // CHECK: @f ={{.*}} global <{ i32, [2 x i8] }> <{ i32 1, [2 x i8] c"\0D\0F" }> -union { - struct { -int a; -char b

[clang] [Clang][Sema] Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees edited https://github.com/llvm/llvm-project/pull/84428 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [Clang][Sema] Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees updated https://github.com/llvm/llvm-project/pull/84428 >From eb5138b45fa450737600050ad8dabdcb27513d42 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Thu, 7 Mar 2024 17:03:09 -0800 Subject: [PATCH 1/7] [Clang][Sema]: Allow flexible arrays in unions and alone in stru

[clang] [Clang][Sema] Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees edited https://github.com/llvm/llvm-project/pull/84428 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees updated https://github.com/llvm/llvm-project/pull/84428 >From eb5138b45fa450737600050ad8dabdcb27513d42 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Thu, 7 Mar 2024 17:03:09 -0800 Subject: [PATCH 1/7] [Clang][Sema]: Allow flexible arrays in unions and alone in stru

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

kees wrote: Ah, well, regardless, I think I found where the `StructuredList->setInitializedFieldInUnion` was actually missing, and then I could undo my zero-init-only and everything still appears fixed. Doing a full debug build test run now... https://github.com/llvm/llvm-project/pull/84428 _

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

kees wrote: > > because we don't yet support non-zero initialization (as described in > > commit > > [5955a0f](https://github.com/llvm/llvm-project/commit/5955a0f9375a8c0b134eeb4a8de5155dcce7c94f)) > > I'm confused. We support non-zero init, and there are tests for non-zero init > in that com

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees updated https://github.com/llvm/llvm-project/pull/84428 >From eb5138b45fa450737600050ad8dabdcb27513d42 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Thu, 7 Mar 2024 17:03:09 -0800 Subject: [PATCH 1/6] [Clang][Sema]: Allow flexible arrays in unions and alone in stru

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

kees wrote: > `InitListChecker::CheckStructUnionTypes` never calls > `StructuredList->setInitializedFieldInUnion` Ah-ha, thank you for the pointer. I think I've figured this out: initialization was avoiding flexible arrays because we don't yet support non-zero initialization (as described in

Re: [PATCH] vdso: use CONFIG_PAGE_SHIFT in vdso/datapage.h

> Cc: Thomas Gleixner > Cc: Vincenzo Frascino > Cc: Anna-Maria Behnsen > See-also: 8b3843ae3634 ("vdso/datapage: Quick fix - use asm/page-def.h for > ARM64") > Signed-off-by: Arnd Bergmann Thanks for tracking this! Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH v7 0/5] New attribute "counted_by" to annotate bounds for C99 FAM(PR108896)

l:2 xpass:0 skip:0 error:0 Thanks! -Kees -- Kees Cook

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

kees wrote: > Is this an existing bug? i.e. it's the CodeGen test for `union { char x[]; } > x = {0};` ... :P Confirmed. Adding a CodeGen test for `union { char x[]; } x = {0};` without any of the changes from this PR still hits the assert. I assume this was from making flex array initializat

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

kees wrote: Hmpf. Build failure encountered under an Assert: ``` # | Assertion failed: VarSize == CstSize && "Emitted constant has unexpected size", file C:\ws\src\clang\lib\CodeGen\CodeGenModule.cpp, line 5294 # | PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees updated https://github.com/llvm/llvm-project/pull/84428 >From eb5138b45fa450737600050ad8dabdcb27513d42 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Thu, 7 Mar 2024 17:03:09 -0800 Subject: [PATCH 1/5] [Clang][Sema]: Allow flexible arrays in unions and alone in stru

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,158 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only -// RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -x c++ +// RUN: %clang_cc1 %s -veri

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,158 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only -// RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -x c++ +// RUN: %clang_cc1 %s -veri

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,158 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only -// RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -x c++ +// RUN: %clang_cc1 %s -veri

Re: [PATCH] ARM: unwind: improve unwinders for noreturn case

pr_warn("%s[<%08lx>] (%ps) from [<%08lx>] (%pB)\n", > loglvl, where, (void *)where, from, (void *)from); This should stay printk("%s...", loglvl, ...) or loglvl should be dropped when converting to pr_warn(): pr_warn([<%08lx>] (%ps) from [<%08lx>] (%pB)\n", where, (void *)where, from, (void *)from); Why did you want to force the "warn" log level? > #else > - printk("%s %ps from %pS\n", loglvl, (void *)where, (void *)from); > + pr_warn("%s %ps from %pB\n", loglvl, (void *)where, (void *)from); Ditto. -Kees -- Kees Cook

Re: [PATCH] usb: gadget: mv_u3d: replace deprecated strncpy with strscpy

nel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings > [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html > [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt Thanks! Reviewed-by: Kees Cook -- Kees Cook

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,158 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only -// RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -x c++ +// RUN: %clang_cc1 %s -veri

Re: [PATCH] usb: gadget: u_ether: replace deprecated strncpy with strscpy

org/testing/linux-manual-4.8/strscpy.9.en.html > [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt Looks correct. Thanks! Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH] scsi: target: core: replace deprecated strncpy with strscpy

On Tue, Mar 19, 2024 at 07:23:43PM -0700, Kees Cook wrote: > Hm, this actually fixes potential over-reads and potential memory content > exposures (in the face of malicious/weird hardware) since p_buf_len > appears to always be sizeof(p_buf) in callers, which means the old use > of str

Re: [PATCH] video: fbdev: au1200fb: replace deprecated strncpy with strscpy

ps://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html > [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-harden...@vger.kernel.org > Signed-off-by: Justin Stitt Yup, looks correct. Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH] scsi: target: core: replace deprecated strncpy with strscpy

.. memset(buf, 0, VPD_TMP_BUF_SIZE); transport_dump_vpd_ident_type(vpd, buf, VPD_TMP_BUF_SIZE); if (len + strlen(buf) >= PAGE_SIZE) break; len += sprintf(page+len, "%s", buf);// may expose stack memory following "buf" So, yes,

Re: [PATCH] tty: n_gsm: replace deprecated strncpy with strscpy

ly using the > destination buffers size to bound the operation. We may need for -rc1 (or -rc2), depending on when subsystem tree re-open for landing patches to use the 2-arg versio, but, regardless, it looks right: Reviewed-by: Kees Cook -Kees > > Link: > https://www.kernel.org/

Re: [PATCH RFC kspp-next 3/3] idpf: sprinkle __counted_by{,_le}() in the virtchnl2 header

.../virtchnl2.h:916: warning: Excess struct member 'lut' description in > 'virtchnl2_rss_lut' > .../virtchnl2.h:1108: warning: Excess struct member 'key_flex' description in > 'virtchnl2_rss_key' > .../virtchnl2.h:1199: warning: Excess struct member 'qv_maps' description in > 'virtchnl2_queue_vector_maps' > .../virtchnl2.h:1251: warning: Excess struct member 'mac_addr_list' > description in 'virtchnl2_mac_addr_list' > > ... -- Kees Cook

Re: [PATCH] x86, relocs: Ignore relocations in .notes section on walk_relocs

On Tue, Mar 19, 2024 at 09:16:40AM +0100, Borislav Petkov wrote: > On Mon, Mar 18, 2024 at 04:45:45PM -0700, Kees Cook wrote: > > The commit it refs to landed via -hardening, > > Yap, saw that. It should've gone through tip too as it is clearly a tip > tree patch. > >

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,158 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only -// RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -x c++ +// RUN: %clang_cc1 %s -veri

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees updated https://github.com/llvm/llvm-project/pull/84428 >From eb5138b45fa450737600050ad8dabdcb27513d42 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Thu, 7 Mar 2024 17:03:09 -0800 Subject: [PATCH 1/3] [Clang][Sema]: Allow flexible arrays in unions and alone in stru

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees edited https://github.com/llvm/llvm-project/pull/84428 ___ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,158 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only -// RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -x c++ +// RUN: %clang_cc1 %s -veri

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,158 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only -// RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -x c++ +// RUN: %clang_cc1 %s -veri

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,158 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only -// RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -x c++ +// RUN: %clang_cc1 %s -veri

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,158 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only -// RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility -x c++ +// RUN: %clang_cc1 %s -veri

Re: [PATCH][next] stddef: Introduce struct_group_tagged_attr() helper macro

(TAG, NAME, ATTRS, MEMBERS...) \ > + __struct_group(TAG, NAME, ATTRS, MEMBERS) This is the same as __struct_group() only with a longer name? Why not just use __struct_group() directly? -- Kees Cook

Re: [PATCH v2] soc: qcom: cmd-db: replace deprecated strncpy with strtomem

anual-4.8/strscpy.9.en.html > [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt Nice! A textbook use for strtomem(). :) Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH] soc: qcom: cmd-db: replace deprecated strncpy with memcpy

; a v2. Yeah, it only requires to know the compile-time size of the destination buffer. -- Kees Cook

Re: [PATCH] x86, relocs: Ignore relocations in .notes section on walk_relocs

On Mon, Mar 18, 2024 at 10:56:12PM +0100, Borislav Petkov wrote: > On Mon, Mar 18, 2024 at 02:40:50PM -0700, Kees Cook wrote: > > Applied to for-next/hardening > > Why? > > This is a patch that should go through the tip tree, if at all. The commit it refs to landed via

Re: [PATCH] perf/x86/rapl: Prefer struct_size over open coded arithmetic

unt * size" in > the kzalloc() function. > > This way, the code is more readable and safer. > > Link: > https://www.kernel.org/doc/html/latest/process/deprecated.html#open-coded-arithmetic-in-allocator-arguments > [1] > Link: https://github.com/KSPP/linux/issues/160

Re: [PATCH] ubsan: Remove unused function

> - test_ubsan_divrem_overflow, > -}; But then I'll get warnings about test_ubsan_divrem_overflow() being defined and not used. :) -Kees > - > static int __init test_ubsan_init(void) > { > unsigned int i; > -- > 2.20.1.7.g153144c > -- Kees Cook

Re: [PATCH] soc: qcom: cmd-db: replace deprecated strncpy with memcpy

followed by other bytes in memory. We'd copy beyond the end of "id" into query, and the later memcmp()s would start failing. I think what you want here is: strtomem(query, id); -Kees > > for (i = 0; i < MAX_SLV_ID; i++) { > rsc_hdr = &cmd_db_header->header[i]; > > --- > base-commit: fe46a7dd189e25604716c03576d05ac8a5209743 > change-id: 20240314-strncpy-drivers-soc-qcom-cmd-db-c-284f3abaabb8 > > Best regards, > -- > Justin Stitt > > -- Kees Cook

Re: [PATCH] scsi: target: replace deprecated strncpy with strscpy

ting/linux-manual-4.8/strscpy.9.en.html > [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt Good catch on "read_bytes"! Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH] x86, relocs: Ignore relocations in .notes section on walk_relocs

> Applied to for-next/hardening, thanks! [1/1] x86, relocs: Ignore relocations in .notes section on walk_relocs https://git.kernel.org/kees/c/6ba438a29b5d Take care, -- Kees Cook

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,58 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only +// RUN: %clang_cc1 %s -verify -fsyntax-only // RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility // RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compa

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

https://github.com/kees updated https://github.com/llvm/llvm-project/pull/84428 >From eb5138b45fa450737600050ad8dabdcb27513d42 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Thu, 7 Mar 2024 17:03:09 -0800 Subject: [PATCH 1/2] [Clang][Sema]: Allow flexible arrays in unions and alone in stru

[PATCH] selftests/exec: Convert remaining /bin/sh to /bin/bash

ound" requirement. Fixes: 17107429947b ("selftests/exec: Perform script checks with /bin/bash") Reported-by: Muhammad Usama Anjum Closes: https://lore.kernel.org/lkml/02c8bf8e-1934-44ab-a886-e065b3736...@collabora.com/ Signed-off-by: Kees Cook --- Cc: Muhammad Usama Anjum Cc: Eric Bied

Re: [PATCH RFC kspp-next 0/3] compiler_types: add Endianness-dependent __counted_by_{le,be}

quot;kspp-next" -- normally I'd expect things touch net to go through netdev. I'm fine with this going through either tree. Perhaps better through netdev since that subsystem has the most users and may gain more using the new macros? -Kees -- Kees Cook

Re: [PATCH RFC kspp-next 0/3] compiler_types: add Endianness-dependent __counted_by_{le,be}

le Endian counters. Yeah, okay, that makes good sense. It'll give us as much coverage as we can get until the compilers gain "expression" support for the 'counted_by' attribute. Acked-by: Kees Cook -- Kees Cook

Re: [PATCH] Revert "kunit: memcpy: Split slow memcpy tests into MEMCPY_SLOW_KUNIT_TEST"

_TEST" https://git.kernel.org/kees/c/137ef32afaa9 Take care, -- Kees Cook

Re: [RFC PATCH v2 00/19] PKS write protected page tables

ion solution (patch 17). *thread necromancy* Hi, Where does this series stand? I don't think it ever got merged? -Kees -- Kees Cook

Re: [PATCH 1/1] x86/elf: Add a new .note section containing Xfeatures information to x86 core files

uct coredump_params > *cprm) { return 0; } > #else > diff --git a/include/uapi/linux/elf.h b/include/uapi/linux/elf.h > index 9417309b7230..3325488cb39b 100644 > --- a/include/uapi/linux/elf.h > +++ b/include/uapi/linux/elf.h > @@ -411,6 +411,7 @@ typedef struct elf64_shdr { > #define NT_X86_XSTATE0x202 /* x86 extended state using > xsave */ > /* Old binutils treats 0x203 as a CET state */ > #define NT_X86_SHSTK 0x204 /* x86 SHSTK state */ > +#define NT_X86_XSAVE_LAYOUT 0x205 /* XSAVE layout description */ > #define NT_S390_HIGH_GPRS0x300 /* s390 upper register halves */ > #define NT_S390_TIMER0x301 /* s390 timer register */ > #define NT_S390_TODCMP 0x302 /* s390 TOD clock comparator > register */ > -- > 2.43.0 > Otherwise looks reasonable, though I see Dave has feedback to address too. :) Thanks for working on this! -Kees -- Kees Cook

Re: [Test Failure Report] exec: Test failures in execveat

On Mon, Mar 11, 2024 at 10:08:36PM +0500, Muhammad Usama Anjum wrote: > On 3/8/24 1:39 AM, Kees Cook wrote: > > On Thu, Mar 07, 2024 at 02:22:27PM +0500, Muhammad Usama Anjum wrote: > >> I've tested this patch. Still getting same failures. > > > > Okay

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,58 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only +// RUN: %clang_cc1 %s -verify -fsyntax-only // RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility // RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compa

[clang] [Clang][Sema]: Allow flexible arrays in unions and alone in structs (PR #84428)

@@ -1,13 +1,58 @@ -// RUN: %clang_cc1 %s -verify=c -fsyntax-only +// RUN: %clang_cc1 %s -verify -fsyntax-only // RUN: %clang_cc1 %s -verify -fsyntax-only -x c++ -// RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compatibility // RUN: %clang_cc1 %s -verify -fsyntax-only -fms-compa

Re: [PATCH 1/3] selftests/exec: Add the overall result line accourding to TAP

On Mon, Mar 11, 2024 at 10:10:21PM +0500, Muhammad Usama Anjum wrote: > Soft reminder! Ah yes! Thanks for the reminder on these. I will get them into -next shortly. -- Kees Cook

[PATCH] selftests/exec: execveat: Improve debug reporting

Children processes were reporting their status, duplicating the parent's. Remove that, and add some additional details about the test execution. Signed-off-by: Kees Cook --- Cc: Eric Biederman Cc: Shuah Khan Cc: Mark Brown Cc: Muhammad Usama Anjum Cc: linux...@kvack.org Cc: linux-ksel

[PATCH] ubsan: Disable signed integer overflow sanitizer on GCC < 8

el.org/oe-kbuild-all/202403110643.27jxevci-...@intel.com/ Signed-off-by: Kees Cook --- Cc: Marco Elver Cc: Andrey Konovalov Cc: Andrey Ryabinin Cc: kasan-...@googlegroups.com Cc: linux-hardening@vger.kernel.org --- lib/Kconfig.ubsan | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib

Re: [Test Failure Report] exec: Test failures in execveat

On Mon, Mar 11, 2024 at 10:08:36PM +0500, Muhammad Usama Anjum wrote: > On 3/8/24 1:39 AM, Kees Cook wrote: > > On Thu, Mar 07, 2024 at 02:22:27PM +0500, Muhammad Usama Anjum wrote: > >> I've tested this patch. Still getting same failures. > > > > Okay

Re: [PATCH v3 08/12] treewide: Use initializer for struct vm_unmapped_area_info

; statements that simply set members to zero. > > Signed-off-by: Rick Edgecombe Thanks! This looks to do exactly what it describes. :) Reviewed-by: Kees Cook -- Kees Cook ___ linux-snps-arc mailing list linux-snps-arc@lists.

Re: [PATCH v3 08/12] treewide: Use initializer for struct vm_unmapped_area_info

; statements that simply set members to zero. > > Signed-off-by: Rick Edgecombe Thanks! This looks to do exactly what it describes. :) Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH 04/14] kunit: Add documentation for warning backtrace suppression API

On Tue, Mar 12, 2024 at 10:02:59AM -0700, Guenter Roeck wrote: > Document API functions for suppressing warning backtraces. > > Signed-off-by: Guenter Roeck Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH 04/14] kunit: Add documentation for warning backtrace suppression API

On Tue, Mar 12, 2024 at 10:02:59AM -0700, Guenter Roeck wrote: > Document API functions for suppressing warning backtraces. > > Signed-off-by: Guenter Roeck Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH 04/14] kunit: Add documentation for warning backtrace suppression API

On Tue, Mar 12, 2024 at 10:02:59AM -0700, Guenter Roeck wrote: > Document API functions for suppressing warning backtraces. > > Signed-off-by: Guenter Roeck Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH 03/14] kunit: Add test cases for backtrace warning suppression

t; the affected architectures / platforms fixed. > > Signed-off-by: Guenter Roeck Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH 03/14] kunit: Add test cases for backtrace warning suppression

t; the affected architectures / platforms fixed. > > Signed-off-by: Guenter Roeck Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH 03/14] kunit: Add test cases for backtrace warning suppression

t; the affected architectures / platforms fixed. > > Signed-off-by: Guenter Roeck Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH 02/14] kunit: bug: Count suppressed warning backtraces

;suppressed_warnings, node) { > - if (!strcmp(function, warning->function)) > + if (!strcmp(function, warning->function)) { > + warning->counter++; > return true; > + } > } > return false; > } > -- > 2.39.2 > Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH 02/14] kunit: bug: Count suppressed warning backtraces

;suppressed_warnings, node) { > - if (!strcmp(function, warning->function)) > + if (!strcmp(function, warning->function)) { > + warning->counter++; > return true; > + } > } > return false; > } > -- > 2.39.2 > Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH 02/14] kunit: bug: Count suppressed warning backtraces

;suppressed_warnings, node) { > - if (!strcmp(function, warning->function)) > + if (!strcmp(function, warning->function)) { > + warning->counter++; > return true; > + } > } > return false; > } > -- > 2.39.2 > Reviewed-by: Kees Cook -- Kees Cook

Re: [PATCH 01/14] bug/kunit: Core support for suppressing warning backtraces

> Solve the problem by providing a means to identify and suppress specific > warning backtraces while executing test code. > > Cc: Dan Carpenter > Cc: Daniel Diaz > Cc: Naresh Kamboju > Cc: Kees Cook > Signed-off-by: Guenter Roeck Yup, this looks fine to me. Reviewed-by: Kees Cook -- Kees Cook

<    3   4   5   6   7   8   9   10   11   12   >