meters and use them in the usercopy.c.
Yes please! I'd must rather use some exported validation routine than
having it hand-coded in usercopy.c. :)
--
Kees Cook
minimum LLVM version to 15.0.0")
>
> respectively. This series bumps the rest of the kernel to 15.0.0 to
> match, which allows for a decent number of clean ups.
Looks good to me!
Reviewed-by: Kees Cook
> I think it makes sense for either Andrew to carry this via -mm on a
> nonmm branch
config with GCC gcc 14.2.0.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/x86/include/asm/bitops.h | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/arch/x86/include/asm/bitops.h b/arch/x86/include/asm/bitops.h
ind
u 14.2.0.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/s390/include/asm/bitops.h | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/arch/s390/include/asm/bitops.h b/arch/s390/include/asm/bitops.h
index a5ca0a947691..fbcc3e1cc776 10
inux-gnu 14.2.0.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/sparc/include/asm/bitops_64.h | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/arch/sparc/include/asm/bitops_64.h
b/arch/sparc/include/asm/bitops_64.h
index 005a8ae858f
ng/kunit/kunit.py run --arch=sh --make_options
"CROSS_COMPILE=sh4-linux-gnu-" ffs
Closes: https://github.com/KSPP/linux/issues/364
Signed-off-by: Kees Cook
---
lib/tests/ffs_kunit.c | 40
1 file changed, 40 insertions(+)
diff --git a/lib/tests/ffs
0.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/parisc/include/asm/bitops.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/parisc/include/asm/bitops.h b/arch/parisc/include/asm/bitops.h
index 0ec9cfc5131f..bd1280a8a5ec 100644
--
uot;CROSS_COMPILE=sparc64-linux-gnu-" ffs
$ ./tools/testing/kunit/kunit.py run --arch=sparc64 --make_options
"CROSS_COMPILE=sparc64-linux-gnu-" ffs
$ ./tools/testing/kunit/kunit.py run --arch=alpha --make_options
"CROSS_COMPILE=alpha-linux-gnu-" ffs
$ ./tools/testing/kunit/kuni
u 14.2.0.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/mips/include/asm/bitops.h | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/arch/mips/include/asm/bitops.h b/arch/mips/include/asm/bitops.h
index 89f73d1a4ea4..42f88452c920 100644
C riscv64-linux-gnu 14.2.0.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/riscv/include/asm/bitops.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/riscv/include/asm/bitops.h b/arch/riscv/include/asm/bitops.h
index d59310f74c2
x 15.1.0.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/openrisc/include/asm/bitops/__ffs.h | 2 +-
arch/openrisc/include/asm/bitops/__fls.h | 2 +-
arch/openrisc/include/asm/bitops/ffs.h | 2 +-
arch/openrisc/include/asm/bitops/fls.h | 2 +-
4 f
d validate
the implementations when used by ARM, ARM64, LoongArch, Microblaze,
NIOS2, and SPARC32 architectures.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
include/asm-generic/bitops/__ffs.h | 2 +-
include/asm-generic/bitops/__fls.h | 2 +-
i
0.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/csky/include/asm/bitops.h | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/arch/csky/include/asm/bitops.h b/arch/csky/include/asm/bitops.h
index 72e1b2aa29a0..80d67eee6e86 100644
github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/sh/include/asm/bitops.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/sh/include/asm/bitops.h b/arch/sh/include/asm/bitops.h
index 10ceb0d6b5a9..aba3aa96a50e 100644
--- a/arch/sh/include/asm/bitops.
alpha-linux-gnu 14.2.0.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/alpha/include/asm/bitops.h | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/arch/alpha/include/asm/bitops.h b/arch/alpha/include/asm/bitops.h
ind
x 15.1.0.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/xtensa/include/asm/bitops.h | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/arch/xtensa/include/asm/bitops.h b/arch/xtensa/include/asm/bitops.h
index e02ec5833389..f739
.0.0git (LLVM=1).
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/hexagon/include/asm/bitops.h | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/arch/hexagon/include/asm/bitops.h
b/arch/hexagon/include/asm/bitops.h
index 160d8f37fa1
inux-gnu 14.2.0.
Link: https://github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/m68k/include/asm/bitops.h | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/arch/m68k/include/asm/bitops.h b/arch/m68k/include/asm/bitops.h
index 14c64a6f1217..139e
s and then add __attribute_const__
to all architecture implementations and wrappers.
-Kees
[1] https://github.com/KSPP/linux/issues/364
Kees Cook (17):
KUnit: Introduce ffs()-family tests
bitops: Add __attribute_const__ to generic ffs()-family
implementations
csky: Add __attribute_cons
github.com/KSPP/linux/issues/364 [1]
Signed-off-by: Kees Cook
---
arch/powerpc/include/asm/bitops.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/powerpc/include/asm/bitops.h
b/arch/powerpc/include/asm/bitops.h
index 671ecc6711e3..0d0470cd5ac3 100644
--- a/arch/powe
/binfmt_elf_fdpic.c| 17
kernel/fork.c| 2 +-
24 files changed, 196 insertions(+), 175 deletions(-)
--
Kees Cook
ote names
https://git.kernel.org/kees/c/a55128d392e8
Take care,
--
Kees Cook
On Sat, May 24, 2025 at 04:13:02PM +0530, Ritesh Harjani wrote:
> Kees Cook writes:
>
> > When KCOV is enabled all functions get instrumented, unless
> > the __no_sanitize_coverage attribute is used. To prepare for
> > __no_sanitize_coverage being applied to __in
Overall, this patch does not introduce any functional change.
>
> Signed-off-by: Lorenzo Stoakes
> ---
> fs/exec.c | 2 +-
Acked-by: Kees Cook
--
Kees Cook
On May 22, 2025 10:24:30 PM PDT, Andrew Donnellan wrote:
>On Thu, 2025-05-22 at 21:39 -0700, Kees Cook wrote:
>> When KCOV is enabled all functions get instrumented, unless
>> the __no_sanitize_coverage attribute is used. To prepare for
>> __no_sanitize_coverage be
ouple functions to be inline with
__always_inline.
Signed-off-by: Kees Cook
---
Cc: Madhavan Srinivasan
Cc: Michael Ellerman
Cc: Nicholas Piggin
Cc: Christophe Leroy
Cc: Naveen N Rao
Cc: "Ritesh Harjani (IBM)"
Cc: "Aneesh Kumar K.V"
Cc: Andrew Morton
Cc:
---
ype.)
The assigned type is "struct qman_cgrs *", but the returned type,
while technically matching, is const qualified. As there is no general
way to remove const qualifiers, adjust the allocation type to match
the assignment.
Signed-off-by: Kees Cook
---
Cc: Christophe Leroy
Cc: Sean A
tf: implicate test line in failure messages
https://git.kernel.org/kees/c/034bee685fd4
Take care,
--
Kees Cook
oided by disabling
> CONFIG_KUNIT_SUPPRESS_BACKTRACE.
Yeah, as with my prior review, I'm a fan of this. It makes a bunch of my
very noisy tests much easier to deal with.
-Kees
--
Kees Cook
n v6:
> - Use __printf correctly on `__test`. (Petr Mladek)
> - Rebase on linux-next.
Thanks for doing this!
If Petr, Rasmus, Andy, and/or others Ack this I can carry it in my
"lib/ kunit tests move to lib/tests/" tree, as that's where all the
infrastructure in lib/tests/ exists.
-Kees
--
Kees Cook
> > > > Hi Venkat,
> > > >
> > > > CC Kees Cook for advice. This is a result of the tests added in commit
> > > >
> > > > bbeb38b8487a ("string.h: Validate memtostr*()/strtomem*() arguments
> > > > more car
> > > > Hi Venkat,
> > > >
> > > > CC Kees Cook for advice. This is a result of the tests added in commit
> > > >
> > > > bbeb38b8487a ("string.h: Validate memtostr*()/strtomem*() arguments
> > > > more car
/git.kernel.org/kees/c/0de47f28ec84
[5/6] s390/crash: Use note name macros
https://git.kernel.org/kees/c/d4a760fb77fd
[6/6] crash: Remove KEXEC_CORE_NOTE_NAME
https://git.kernel.org/kees/c/7e620b56d958
Take care,
--
Kees Cook
t from __seccomp_filter()
https://git.kernel.org/kees/c/e1cec5107c39
Take care,
--
Kees Cook
ear
> secure_computing_strict() in kernel/seccomp.c ?
Yeah, that should be good.
--
Kees Cook
On Mon, Jan 20, 2025 at 02:45:05PM +0100, Oleg Nesterov wrote:
> After the previous change 'sd' is always NULL.
>
> Signed-off-by: Oleg Nesterov
Reviewed-by: Kees Cook
--
Kees Cook
On Mon, Jan 20, 2025 at 02:44:59PM +0100, Oleg Nesterov wrote:
> After the previous changes 'sd' is always NULL.
>
> Signed-off-by: Oleg Nesterov
Reviewed-by: Kees Cook
--
Kees Cook
gt; +static inline int __secure_computing(const struct seccomp_data *sd) { return
> 0; }
> #endif
>
> extern long prctl_get_seccomp(void);
> --
> 2.25.1.362.g51ebf55
>
--
Kees Cook
trace_sys_enter(regs, regs->regs[2]);
> --
So this check out logically from what I can see. I can build test it,
but I don't have MIPS emulation set up. I'd love an Ack from a MIPS
maintainer...
Reviewed-by: Kees Cook
--
Kees Cook
p printing the virtual memory
> layout") thought x86 was the last one, but in reality powerpc/32 still
> had it.
>
> So remove it now on powerpc/32 as well.
>
> Cc: Arvind Sankar
> Cc: Kees Cook
> Signed-off-by: Christophe Leroy
Reviewed-by: Kees Cook
--
Kees Cook
n of NN_type, NT_type doesn't feel robust if we have a
programmatic mapping: only the "type" is needed to determine both, so
why supply both?
-Kees
[1] https://refspecs.linuxfoundation.org/elf/elf.pdf
[2] https://lore.kernel.org/lkml/z3vubtiqvnrvv...@e133380.arm.com/
--
Kees Cook
> This is reproducible on my machine and always happens when running the test
> via 'modprobe -v overflow_kunit'. Without KASAN enabled (but KFENCE)
> overflow_allocation_test passes.
Hmm, this implies some kind of corruption is sneaking in and the kunit
resource freeing code is exploding. I don't immediately see the problem,
though.
--
Kees Cook
x/elf.h" proper header to add this ?
I'd rather not put arch-specific things in the main UAPI elf.h file
unless there is a good reason.
> I couldn't see any proper header inside "arch/x86/include/uapi/asm/".
Other architectures have arch/*/include/uapi/asm/elf.h, so it may be
time to add one for x86 too. For this to be UAPI, I would want to see
more explicit namespacing, e.g. struct x86_xfeat_component, etc.
-Kees
--
Kees Cook
On July 12, 2024 2:59:30 AM PDT, Jocelyn Falempe wrote:
>Gentle ping, I need reviews from powerpc, usermod linux, mtd, pstore and
>hyperv, to be able to push it in the drm-misc tree.
Oops, I thought I'd Acked already!
Acked-by: Kees Cook
And, yeah, as mpe said, you're
On Wed, Jul 03, 2024 at 10:22:11AM +0200, Petr Mladek wrote:
> On Wed 2024-07-03 09:57:26, Jocelyn Falempe wrote:
> >
> >
> > On 02/07/2024 22:29, Kees Cook wrote:
> > > On Tue, Jul 02, 2024 at 02:26:04PM +0200, Jocelyn Falempe wrote:
> > > > kmsg_dump
son, like "sysrq triggered crash"
> or "VFS: Unable to mount root fs on " on the drm panic screen.
>
> v2:
> * Use a struct kmsg_dump_detail to hold the reason and description
> pointer, for more flexibility if we want to add other parameters.
&g
n't
any "new" information here that should be captured somehow.
Thanks!
--
Kees Cook
c
@@ -8,7 +8,7 @@
#include
static void kmsg_dumper_stdout(struct kmsg_dumper *dumper,
- enum kmsg_dump_reason reason)
+ struct kmsg_dump_detail *detail)
{
static struct kmsg_dump_iter iter;
static DEFINE_SPINLOCK(lock);
--
Kees Cook
roach?
Yeah, based on this and what mpe said, I have no objection to just
allowing it in kmem_cache_create_usercopy(). I was mainly just curious
what the threat model was. :)
Reviewed-by: Kees Cook
--
Kees Cook
atic ssize_t dtl_file_read(struct file *filp, char __user
*buf, size_t len,
}
/* .. and now the head */
- rc = copy_to_user(buf, &dtl->buf[i], n_req * sizeof(struct dtl_entry));
+ rc = bounce_copy(buf, &dtl->buf[i], n_req * sizeof(struct dtl_entry));
if (rc)
return -EFAULT;
--
Kees Cook
On Sun, May 12, 2024 at 09:32:40PM +0200, Joel Granados wrote:
> On Sat, May 11, 2024 at 11:51:18AM +0200, Thomas Weißschuh wrote:
> > Hi Kees,
> >
> > On 2024-05-08 10:11:35+, Kees Cook wrote:
> > > On Wed, Apr 24, 2024 at 08:12:34PM -0700, Jakub Kicinski wrot
patches 1-10 go via their respective subsystems, and once all
of those are in Linus's tree, send patch 11 as a stand-alone PR.
(From patch 11, it looks like the seccomp read/write function changes
could be split out? I'll do that now...)
-Kees
--
Kees Cook
);
> @@ -2064,7 +2064,7 @@ static int elf_core_dump(struct coredump_params *cprm)
> if (!write_note_info(&info, cprm))
> goto end_coredump;
>
> - /* For cell spufs */
> + /* For cell spufs and x86 xstate */
> if (elf_coredump_extra_notes_write(cprm))
> goto end_coredump;
>
> diff --git a/include/uapi/linux/elf.h b/include/uapi/linux/elf.h
> index b54b313bcf07..e30a9b47dc87 100644
> --- a/include/uapi/linux/elf.h
> +++ b/include/uapi/linux/elf.h
> @@ -411,6 +411,7 @@ typedef struct elf64_shdr {
> #define NT_X86_XSTATE0x202 /* x86 extended state using
> xsave */
> /* Old binutils treats 0x203 as a CET state */
> #define NT_X86_SHSTK 0x204 /* x86 SHSTK state */
> +#define NT_X86_XSAVE_LAYOUT 0x205 /* XSAVE layout description */
> #define NT_S390_HIGH_GPRS0x300 /* s390 upper register halves */
> #define NT_S390_TIMER0x301 /* s390 timer register */
> #define NT_S390_TODCMP 0x302 /* s390 TOD clock comparator
> register */
> --
> 2.34.1
>
Otherwise looks good. I'd like to see feedback from Intel folks too.
Thanks for working on this!
-Kees
--
Kees Cook
.cra_ctxsize= sizeof(struct nx842_crypto_ctx),
+ .cra_ctxsize= struct_size_t(struct nx842_crypto_ctx,
header.group,
+ NX842_CRYPTO_GROUP_MAX),
.cra_module = THIS_MODULE,
.cra_init = nx842_pseries_crypto_init,
.cra_exit = nx842_crypto_exit,
--
Kees Cook
acro "ARCH_HAVE_EXTRA_ELF_NOTES" with kconfig
https://git.kernel.org/kees/c/a9c3475dd67b
Take care,
--
Kees Cook
ces
> arm64: Add support for suppressing warning backtraces
> loongarch: Add support for suppressing warning backtraces
> parisc: Add support for suppressing warning backtraces
> s390: Add support for suppressing warning backtraces
> sh: Add support for suppressi
> Cc: Thomas Gleixner
> Cc: Vincenzo Frascino
> Cc: Anna-Maria Behnsen
> See-also: 8b3843ae3634 ("vdso/datapage: Quick fix - use asm/page-def.h for
> ARM64")
> Signed-off-by: Arnd Bergmann
Thanks for tracking this!
Reviewed-by: Kees Cook
--
Kees Cook
uct coredump_params
> *cprm) { return 0; }
> #else
> diff --git a/include/uapi/linux/elf.h b/include/uapi/linux/elf.h
> index 9417309b7230..3325488cb39b 100644
> --- a/include/uapi/linux/elf.h
> +++ b/include/uapi/linux/elf.h
> @@ -411,6 +411,7 @@ typedef struct elf64_shdr {
> #define NT_X86_XSTATE0x202 /* x86 extended state using
> xsave */
> /* Old binutils treats 0x203 as a CET state */
> #define NT_X86_SHSTK 0x204 /* x86 SHSTK state */
> +#define NT_X86_XSAVE_LAYOUT 0x205 /* XSAVE layout description */
> #define NT_S390_HIGH_GPRS0x300 /* s390 upper register halves */
> #define NT_S390_TIMER0x301 /* s390 timer register */
> #define NT_S390_TODCMP 0x302 /* s390 TOD clock comparator
> register */
> --
> 2.43.0
>
Otherwise looks reasonable, though I see Dave has feedback to address
too. :)
Thanks for working on this!
-Kees
--
Kees Cook
On Tue, Mar 12, 2024 at 10:02:59AM -0700, Guenter Roeck wrote:
> Document API functions for suppressing warning backtraces.
>
> Signed-off-by: Guenter Roeck
Reviewed-by: Kees Cook
--
Kees Cook
t; the affected architectures / platforms fixed.
>
> Signed-off-by: Guenter Roeck
Reviewed-by: Kees Cook
--
Kees Cook
;suppressed_warnings, node) {
> - if (!strcmp(function, warning->function))
> + if (!strcmp(function, warning->function)) {
> + warning->counter++;
> return true;
> + }
> }
> return false;
> }
> --
> 2.39.2
>
Reviewed-by: Kees Cook
--
Kees Cook
> Solve the problem by providing a means to identify and suppress specific
> warning backtraces while executing test code.
>
> Cc: Dan Carpenter
> Cc: Daniel Diaz
> Cc: Naresh Kamboju
> Cc: Kees Cook
> Signed-off-by: Guenter Roeck
Yup, this looks fine to me.
Reviewed-by: Kees Cook
--
Kees Cook
rg/kees/c/3fe1eb4dd2e4
Take care,
--
Kees Cook
On Sat, Mar 02, 2024 at 12:47:08AM +, Edgecombe, Rick P wrote:
> On Wed, 2024-02-28 at 09:21 -0800, Kees Cook wrote:
> > I totally understand. If the "uninitialized" warnings were actually
> > reliable, I would agree. I look at it this way:
> >
> > - in
important for
the safety of the system as a whole. Yes, individual cases maybe bad
("what uid should this be? root?!") but from a general memory safety
perspective the value doesn't become potentially influenced by order of
operations, leftover stack memory, etc.
I'd agree, lifting everything into a static initializer does seem
cleanest of all the choices.
-Kees
--
Kees Cook
fset = 0;
But one cleanup that is possible from explicitly zero-initializing the
whole structure would be dropping all the individual "= 0" assignments.
:)
--
Kees Cook
| 2 +-
> scripts/min-tool-version.sh | 2 +-
> scripts/recordmcount.pl | 2 +-
> security/Kconfig | 2 --
> 14 files changed, 15 insertions(+), 57 deletions(-)
> ---
> base-commit: 979741ebd48f75ed6d101c7290e3325340d361ff
> change-id: 20240124-bump-min-llvm-ver-to-13-0-1-39f84dd36b19
>
> Best regards,
> --
> Nathan Chancellor
>
Yes, please. :) This looks reasonable -- I appreciate the review of
default Clang versions across distros!
Reviewed-by: Kees Cook
--
Kees Cook
"
Cc: Mahesh Salgaonkar
Cc: Vasant Hegde
Cc: dingsenjie
Cc: linuxppc-dev@lists.ozlabs.org
Cc: Aneesh Kumar K.V
Cc: Naveen N. Rao
Signed-off-by: Kees Cook
---
arch/powerpc/platforms/powernv/opal-prd.c | 2 +-
arch/powerpc/xmon/xmon.c | 2 +-
2 files changed, 2 insertions(+),
--
> Nathan Chancellor
>
Excellent! Thanks for doing this. I spot checked a handful I was
familiar with and everything looks good to me.
Reviewed-by: Kees Cook
--
Kees Cook
on.\n");
>> +}
>> }
>> -#elif defined(CONFIG_ARCH_HAS_STRICT_KERNEL_RWX)
>> -static inline void mark_readonly(void)
>> -{
>> -pr_warn("Kernel memory protection not selected by kernel config.\n");
>> -}
>> -#else
>> -static inline void mark_readonly(void)
>> -{
>> -pr_warn("This architecture does not have kernel memory protection.\n");
>> -}
>> -#endif
>>
>> void __weak free_initmem(void)
>> {
>> --
>> 2.41.0
--
Kees Cook
l-terminated-strings
> [1]
> Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html
> [2]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-harden...@vger.kernel.org
> Signed-off-by: Justin Stitt
Agreed; this conversion looks correct to me too.
Reviewed-by: Kees Cook
--
Kees Cook
rings
> [1]
> Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html
> [2]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-harden...@vger.kernel.org
> Signed-off-by: Justin Stitt
Yeah, this conversion looks correct to me too.
Reviewed-by: Kee
he net
> kunit tests via kconfig.
>
> gcc-12.2.0 can compile it after this simple s//g "fix":
>
> diff --git a/net/core/gso_test.c b/net/core/gso_test.c
> --- a/net/core/gso_test.c
> +++ b/net/core/gso_test.c
> @@ -4,7 +4,7 @@
> #include
>
> s
s.debian.org/testing/linux-manual-4.8/strscpy.9.en.html
> [2]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-harden...@vger.kernel.org
> Signed-off-by: Justin Stitt
Thanks, this looks right to me.
Reviewed-by: Kees Cook
--
Kees Cook
gt; zero-initialized:
> | char buf[8] = { 0 };
>
> [...]
Applied to for-next/hardening, thanks! (I've updated the Subject here
and with the older "refactor" subjects...)
Take care,
--
Kees Cook
$ make headers
> $ make -j -C tools/testing/selftests install
> $ grep -c "^powerpc"
> tools/testing/selftests/kselftest_install/kselftest-list.txt
> 182
>
> Fixes: d4e59a536f50 ("selftests: Use runner.sh for emit targets")
> Signed-off-by: Michael Ellerman
Reviewed-by: Kees Cook
--
Kees Cook
[1]
> Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html
> [2]
> Link: https://github.com/KSPP/linux/issues/90
> Cc: linux-harden...@vger.kernel.org
> Signed-off-by: Justin Stitt
Looks like a straight replacement. Thanks!
Reviewed-by: Kees Cook
--
Kees Cook
th `size_add()`.
>
> Fixes: 3f1071ec39f7 ("net: spider_net: Use struct_size() helper")
> Signed-off-by: Gustavo A. R. Silva
Reviewed-by: Kees Cook
--
Kees Cook
id pitfalls like this one, and they expect others to do
> their
> homework for them.
Well I'm not sure that's entirely fair to Justin's efforts (I know he's
been studying these changes and everyone makes mistakes), but that's why
I'm helping review his findings -- some code behaviors are more obvious
than others. :)
--
Kees Cook
. Imagine a name
input of "fan#2-data". "buf" wants to get "2". copy_len is 1, and
strscpy would eat it. :)
-Kees
>
> err = kstrtou32(buf, 10, index);
> if (err)
>
> ---
> base-commit: 3669558bdf354cd352be955ef2764cde6a9bf5ec
> change-id: 20230914-strncpy-drivers-hwmon-ibmpowernv-c-80a03f16d93a
>
> Best regards,
> --
> Justin Stitt
>
--
Kees Cook
On Fri, Sep 01, 2023 at 04:58:37PM +0900, Masahiro Yamada wrote:
> On Fri, Sep 1, 2023 at 4:13 AM Kees Cook wrote:
> >
> > Currently the Kconfig fragments in kernel/configs and arch/*/configs
> > that aren't used internally aren't discoverable through "make hel
kernel.org
Cc: x...@kernel.org
Cc: linux-arm-ker...@lists.infradead.org
Cc: linuxppc-dev@lists.ozlabs.org
Cc: linux-ri...@lists.infradead.org
Cc: linux-s...@vger.kernel.org
Cc: linux-kbu...@vger.kernel.org
Cc: linux-harden...@vger.kernel.org
Signed-off-by: Kees Cook
Co-developed-by: Masahiro Yamada
ou! Do you want to send a
formal patch? Please consider it:
Reviewed-by: Kees Cook
--
Kees Cook
This is
especially useful for powerpc where most of the arch fragments aren't
intended to be consumed individually.
Cc: Masahiro Yamada
Cc: x...@kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Cc: linux-kbu...@vger.kernel.org
Suggested-by: Michael Ellerman
Signed-off-by: Kees Co
x86-specific options for a Xen virtualization guest
Cc: Masahiro Yamada
Cc: x...@kernel.org
Cc: linux-arm-ker...@lists.infradead.org
Cc: linuxppc-dev@lists.ozlabs.org
Cc: linux-ri...@lists.infradead.org
Cc: linux-s...@vger.kernel.org
Signed-off-by: Kees Cook
---
Makefile
24223606.never.762-k...@kernel.org
Thanks!
-Kees
Kees Cook (2):
kbuild: Show Kconfig fragments in "help"
kbuild: Split internal config targets from .config into .fragment
Makefile | 1 -
arch/arm/configs/dram_0x.config | 1 +
ar
On Fri, Aug 25, 2023 at 04:11:58PM +1000, Michael Ellerman wrote:
> Kees Cook writes:
> > Doing a "make help" would show only hard-coded Kconfig targets and
> > depended on the archhelp target to include ".config" targets. There was
> > nothing showing g
On Fri, Aug 25, 2023 at 07:44:06AM +0200, Nicolas Schier wrote:
> On Thu, Aug 24, 2023 at 03:36:10PM -0700, Kees Cook wrote:
> > Doing a "make help" would show only hard-coded Kconfig targets and
> > depended on the archhelp target to include ".config" targets. T
On Fri, Aug 25, 2023 at 04:56:54AM +, Christophe Leroy wrote:
> Le 25/08/2023 à 00:36, Kees Cook a écrit :
> > +# Base hardware support for 86xx
>
> s/86xx/85xx
> [...]
Thanks for the typo fixes! I'll get these all fixed up. :)
--
Kees Cook
On Thu, Aug 24, 2023 at 05:04:02PM -0700, Randy Dunlap wrote:
> Hi Kees,
>
> On 8/24/23 15:36, Kees Cook wrote:
> > Doing a "make help" would show only hard-coded Kconfig targets and
> > depended on the archhelp target to include ".config" targets. Th
arm-ker...@lists.infradead.org
Cc: linuxppc-dev@lists.ozlabs.org
Cc: linux-ri...@lists.infradead.org
Cc: linux-s...@vger.kernel.org
Signed-off-by: Kees Cook
---
Makefile | 1 -
arch/arm/configs/dram_0x.config| 1 +
arch/arm/configs/dram_0xc000.conf
.@vger.kernel.org
> Signed-off-by: Justin Stitt
Reviewed-by: Kees Cook
--
Kees Cook
memory
> to objects allocated from flash_block_cache, so flash_block_cache must
> be created using kmem_cache_create_usercopy() to mark it safe for user
> access.
>
> Fixes: 6d07d1cd300f ("usercopy: Restrict non-usercopy caches to size 0")
> Signed-off-by: Nathan Lynch
Reviewed-by: Kees Cook
--
Kees Cook
careful with order of operations. We then have to add index back.
I think for readability, it's better to avoid the function composition.
The index subtraction undoes the earlier addition -- I say just leave it
separate.
i.e. I like option 1 of 3 the best.
-Kees
--
Kees Cook
ffort to remove strlcpy() completely [2], replace
> strlcpy() here with strscpy().
> No return values were used, so direct replacement is safe.
>
> [...]
Applied, thanks!
[1/1] soc: fsl: qe: Replace all non-returning strlcpy with strscpy
(no commit info)
Best regards,
--
Kees Cook
On Mon, Jul 10, 2023 at 04:46:50PM +, Leo Li wrote:
>
>
> > -Original Message-
> > From: Azeem Shaikh
> > Sent: Sunday, July 9, 2023 9:36 PM
> > To: Kees Cook
> > Cc: Qiang Zhao ; linux-harden...@vger.kernel.org;
> > linuxppc-dev@lists.ozl
ements.
Naming nit: "HAS" and "SUPPORTS" feel very similar, and looking at
existing configs, "ARCH_SUPPORTS_..." is already used for doing this
kind of bare "bool" management. e.g. see ARCH_SUPPORTS_INT128
It looks like you need to split "depends" and "select" so the options
can be chosen separately from the "selectable" configs.
How about naming this ARCH_SELECTS_, since that's what it's
there for?
-Kees
--
Kees Cook
ased too often, rather structs containing them.
But ultimately, yeah, everything could gain __counted_by and friends in
the future.
--
Kees Cook
gned-off-by: Azeem Shaikh
Reviewed-by: Kees Cook
--
Kees Cook
nel.org/kees/c/015f6618194e
--
Kees Cook
1 - 100 of 789 matches
Mail list logo
