MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-07-05 13:25:20 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
93761c93e9
linux-yocto/scripts
History
Linus Torvalds 48ea09cdda hardening updates for v6.2-rc1 
- Convert flexible array members, fix -Wstringop-overflow warnings,
   and fix KCFI function type mismatches that went ignored by
   maintainers (Gustavo A. R. Silva, Nathan Chancellor, Kees Cook).
 
 - Remove the remaining side-effect users of ksize() by converting
   dma-buf, btrfs, and coredump to using kmalloc_size_roundup(),
   add more __alloc_size attributes, and introduce full testing
   of all allocator functions. Finally remove the ksize() side-effect
   so that each allocation-aware checker can finally behave without
   exceptions.
 
 - Introduce oops_limit (default 10,000) and warn_limit (default off)
   to provide greater granularity of control for panic_on_oops and
   panic_on_warn (Jann Horn, Kees Cook).
 
 - Introduce overflows_type() and castable_to_type() helpers for
   cleaner overflow checking.
 
 - Improve code generation for strscpy() and update str*() kern-doc.
 
 - Convert strscpy and sigphash tests to KUnit, and expand memcpy
   tests.
 
 - Always use a non-NULL argument for prepare_kernel_cred().
 
 - Disable structleak plugin in FORTIFY KUnit test (Anders Roxell).
 
 - Adjust orphan linker section checking to respect CONFIG_WERROR
   (Xin Li).
 
 - Make sure siginfo is cleared for forced SIGKILL (haifeng.xu).
 
 - Fix um vs FORTIFY warnings for always-NULL arguments.
 -----BEGIN PGP SIGNATURE-----
 
 iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmOZSOoWHGtlZXNjb29r
 QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJjAAD/0YkvpU7f03f8hcQMJK6wv//24K
 AW41hEaBikq9RcmkuvkLLrJRibGgZ5O2xUkUkxRs/HxhkhrZ0kEw8sbwZe8MoWls
 F4Y9+TDjsrdHmjhfcBZdLnVxwcKK5wlaEcpjZXtbsfcdhx3TbgcDA23YELl5t0K+
 I11j4kYmf9SLl4CwIrSP5iACml8CBHARDh8oIMF7FT/LrjNbM8XkvBcVVT6hTbOV
 yjgA8WP2e9GXvj9GzKgqvd0uE/kwPkVAeXLNFWopPi4FQ8AWjlxbBZR0gamA6/EB
 d7TIs0ifpVU2JGQaTav4xO6SsFMj3ntoUI0qIrFaTxZAvV4KYGrPT/Kwz1O4SFaG
 rN5lcxseQbPQSBTFNG4zFjpywTkVCgD2tZqDwz5Rrmiraz0RyIokCN+i4CD9S0Ds
 oEd8JSyLBk1sRALczkuEKo0an5AyC9YWRcBXuRdIHpLo08PsbeUUSe//4pe303cw
 0ApQxYOXnrIk26MLElTzSMImlSvlzW6/5XXzL9ME16leSHOIfDeerPnc9FU9Eb3z
 ODv22z6tJZ9H/apSUIHZbMciMbbVTZ8zgpkfydr08o87b342N/ncYHZ5cSvQ6DWb
 jS5YOIuvl46/IhMPT16qWC8p0bP5YhxoPv5l6Xr0zq0ooEj0E7keiD/SzoLvW+Qs
 AHXcibguPRQBPAdiPQ==
 =yaaN
 -----END PGP SIGNATURE-----

Merge tag 'hardening-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull kernel hardening updates from Kees Cook:

 - Convert flexible array members, fix -Wstringop-overflow warnings, and
   fix KCFI function type mismatches that went ignored by maintainers
   (Gustavo A. R. Silva, Nathan Chancellor, Kees Cook)

 - Remove the remaining side-effect users of ksize() by converting
   dma-buf, btrfs, and coredump to using kmalloc_size_roundup(), add
   more __alloc_size attributes, and introduce full testing of all
   allocator functions. Finally remove the ksize() side-effect so that
   each allocation-aware checker can finally behave without exceptions

 - Introduce oops_limit (default 10,000) and warn_limit (default off) to
   provide greater granularity of control for panic_on_oops and
   panic_on_warn (Jann Horn, Kees Cook)

 - Introduce overflows_type() and castable_to_type() helpers for cleaner
   overflow checking

 - Improve code generation for strscpy() and update str*() kern-doc

 - Convert strscpy and sigphash tests to KUnit, and expand memcpy tests

 - Always use a non-NULL argument for prepare_kernel_cred()

 - Disable structleak plugin in FORTIFY KUnit test (Anders Roxell)

 - Adjust orphan linker section checking to respect CONFIG_WERROR (Xin
   Li)

 - Make sure siginfo is cleared for forced SIGKILL (haifeng.xu)

 - Fix um vs FORTIFY warnings for always-NULL arguments

* tag 'hardening-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: (31 commits)
  ksmbd: replace one-element arrays with flexible-array members
  hpet: Replace one-element array with flexible-array member
  um: virt-pci: Avoid GCC non-NULL warning
  signal: Initialize the info in ksignal
  lib: fortify_kunit: build without structleak plugin
  panic: Expose "warn_count" to sysfs
  panic: Introduce warn_limit
  panic: Consolidate open-coded panic_on_warn checks
  exit: Allow oops_limit to be disabled
  exit: Expose "oops_count" to sysfs
  exit: Put an upper limit on how often we can oops
  panic: Separate sysctl logic from CONFIG_SMP
  mm/pgtable: Fix multiple -Wstringop-overflow warnings
  mm: Make ksize() a reporting-only function
  kunit/fortify: Validate __alloc_size attribute results
  drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()
  drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid()
  driver core: Add __alloc_size hint to devm allocators
  overflow: Introduce overflows_type() and castable_to_type()
  coredump: Proactively round up to kmalloc bucket size
  ...
2022-12-14 12:20:00 -08:00
..
atomic kbuild: check sha1sum just once for each atomic header 2022-09-29 04:40:14 +09:00
basic randstruct: Move seed generation into scripts/basic/ 2022-05-08 01:33:07 -07:00
clang-tools scripts/clang-tools: Convert clang-tidy args to list 2022-10-14 22:32:52 +09:00
coccinelle update Coccinelle URL 2022-08-07 21:30:36 +02:00
dtc scripts/dtc: Update to upstream version v1.6.1-63-g55778a03df61 2022-11-10 08:37:19 -06:00
dummy-tools kbuild: dummy-tools: pretend we understand __LONG_DOUBLE_128__ 2022-08-21 02:47:48 +09:00
gcc-plugins treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_385.RULE 2022-06-10 14:51:36 +02:00
gdb Updates to various subsystems which I help look after. lib, ocfs2, 2022-08-07 10:03:24 -07:00
genksyms genksyms: adjust the output format to modpost 2022-05-24 16:33:20 +09:00
kconfig kconfig: fix segmentation fault in menuconfig search 2022-11-02 17:32:05 +09:00
ksymoops
mod modpost: fix module versioning when a symbol lacks valid CRC 2022-08-21 02:47:36 +09:00
package kbuild: Restore .version auto-increment behaviour for Debian packages 2022-11-17 17:51:45 +09:00
selinux selinux: remove runtime disable message in the install_policy.sh script 2022-09-20 14:12:25 -04:00
tracing scripts/tracing: Fix typo 'the the' in comment 2022-08-02 15:17:00 -04:00
.gitignore scripts: add generate_rust_target.rs 2022-09-28 09:02:06 +02:00
adjust_autoksyms.sh kbuild: split the second line of *.mod into *.usyms 2022-05-08 03:16:59 +09:00
as-version.sh kbuild: Switch to 'f' variants of integrated assembler flag 2021-09-03 08:17:20 +09:00
asn1_compiler.c scripts: remove unused argument 'type' 2022-09-29 04:40:16 +09:00
bin2c.c
bloat-o-meter scripts/bloat-o-meter: add -p argument 2022-07-17 17:31:40 -07:00
bootgraph.pl
bpf_doc.py bpf: Rework process_dynptr_func 2022-12-08 18:25:31 -08:00
cc-can-link.sh
cc-version.sh Kbuild: add Rust support 2022-09-28 09:02:20 +02:00
check_extable.sh scripts: check_extable: fix typo in user error message 2021-09-08 11:50:28 -07:00
check-local-export kbuild: rewrite check-local-export in sh/awk 2022-09-29 04:40:15 +09:00
check-sysctl-docs
checkdeclares.pl scripts: make some scripts executable 2021-08-10 09:13:25 +09:00
checkincludes.pl
checkkconfigsymbols.py checkkconfigsymbols.py: Remove skipping of help lines in parse_kconfig_file 2021-09-19 10:13:03 +09:00
checkpatch.pl checkpatch: add check for array allocator family argument order 2022-11-30 16:13:16 -08:00
checkstack.pl checkstack: add riscv support for scripts/checkstack.pl 2022-07-27 21:18:00 +09:00
checksyscalls.sh checksyscalls: ignore -Wunused-macros 2022-05-08 03:16:59 +09:00
checkversion.pl scripts: checkversion: modernize linux/version.h search strings 2021-08-05 20:55:39 +09:00
cleanfile
cleanpatch
coccicheck scripts: coccicheck: fix troubles on non-English builds 2021-05-18 11:09:59 +02:00
config kconfig: config script: add a little user help 2021-01-04 10:38:11 +09:00
const_structs.checkpatch const_structs.checkpatch: add frequently used ops structs 2022-01-20 08:52:54 +02:00
decode_stacktrace.sh scripts: decode_stacktrace: demangle Rust symbols 2022-09-28 09:01:40 +02:00
decodecode scripts/decodecode: improve faulting line determination 2022-09-11 21:55:05 -07:00
depmod.sh depmod: handle the case of /sbin/depmod without /sbin in PATH 2021-01-01 12:26:39 -08:00
dev-needs.sh
diffconfig scripts: switch explicitly to Python 3 2021-01-22 06:34:44 +09:00
documentation-file-ref-check scripts: documentation-file-ref-check: fix bpf selftests path 2021-10-26 09:42:29 -06:00
export_report.pl
extract_xc3028.pl
extract-ikconfig scripts/extract-ikconfig: add zstd compression support 2022-08-29 13:58:47 +09:00
extract-module-sig.pl
extract-sys-certs.pl
extract-vmlinux
faddr2line scripts/faddr2line: Fix regression in name resolution on ppc64le 2022-11-16 10:42:10 +01:00
file-size.sh
find-unused-docs.sh
gcc-x86_32-has-stack-protector.sh x86/stackprotector/32: Make the canary into a regular percpu variable 2021-03-08 13:19:05 +01:00
gcc-x86_64-has-stack-protector.sh
gen_autoksyms.sh kbuild: Ignore __this_module in gen_autoksyms.sh 2022-06-26 06:15:05 +09:00
gen_ksymdeps.sh kbuild: redo fake deps at include/ksym/*.h 2021-09-03 08:17:21 +09:00
gen-randstruct-seed.sh randstruct: Move seed generation into scripts/basic/ 2022-05-08 01:33:07 -07:00
generate_initcall_order.pl init: lto: ensure initcall ordering 2021-01-14 08:21:09 -08:00
generate_rust_analyzer.py rust: add build_error crate 2022-12-04 01:59:16 +01:00
generate_rust_target.rs x86: enable initial Rust support 2022-09-28 09:02:45 +02:00
get_abi.pl scripts/get_abi: Fix wrong script file name in the help message 2022-04-24 10:38:44 +02:00
get_dvb_firmware
get_feat.pl scripts: get_feat.pl: use /usr/bin/env to find perl 2022-06-30 12:22:17 -06:00
get_maintainer.pl get_maintainer: Honor mailmap for in file emails 2022-04-29 14:38:00 -07:00
gfp-translate
head-object-list.txt arm64: remove special treatment for the link order of head.o 2022-11-07 16:06:04 +00:00
headerdep.pl
headers_install.sh scripts: headers_install.sh: Update config leak ignore entries 2022-07-27 21:18:00 +09:00
insert-sys-cert.c
install.sh kbuild: factor out the common installation code into scripts/install.sh 2022-05-11 21:45:53 +09:00
is_rust_module.sh scripts: add is_rust_module.sh 2022-09-28 09:02:06 +02:00
jobserver-exec scripts/jobserver-exec: Fix a typo ("envirnoment") 2021-05-17 12:10:03 +09:00
kallsyms.c kallsyms: Reduce the memory occupied by kallsyms_seqs_of_names[] 2022-11-12 18:47:36 -08:00
Kbuild.include kbuild: remove the target in signal traps when interrupted 2022-09-29 02:00:29 +09:00
Kconfig.include Kbuild: add Rust support 2022-09-28 09:02:20 +02:00
kernel-doc hardening updates for v6.2-rc1 2022-12-14 12:20:00 -08:00
ld-version.sh kbuild: collect minimum tool versions into scripts/min-tool-version.sh 2021-04-25 05:14:26 +09:00
leaking_addresses.pl leaking_addresses: Always print a trailing newline 2021-10-15 11:25:13 +02:00
Lindent
link-vmlinux.sh kallsyms: Correctly sequence symbols when CONFIG_LTO_CLANG=y 2022-11-12 18:47:36 -08:00
Makefile Kbuild: add Rust support 2022-09-28 09:02:20 +02:00
Makefile.asm-generic kbuild: prefix $(srctree)/ to some included Makefiles 2021-03-15 19:20:48 +09:00
Makefile.build kbuild: Cleanup DT Overlay intermediate files as appropriate 2022-11-18 14:45:30 -06:00
Makefile.clang um: Allow builds with Clang 2022-03-21 08:13:03 -07:00
Makefile.clean kbuild: drop $(objtree)/ prefix support for clean-files 2022-05-08 03:17:00 +09:00
Makefile.compiler Makefile.compiler: replace cc-ifversion with compiler-specific macros 2022-09-29 04:40:16 +09:00
Makefile.debug Kbuild: add Rust support 2022-09-28 09:02:20 +02:00
Makefile.dtbinst kbuild: prefix $(srctree)/ to some included Makefiles 2021-03-15 19:20:48 +09:00
Makefile.extrawarn Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Makefile.gcc-plugins gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin disabled for a file 2022-08-16 12:25:53 -07:00
Makefile.headersinst kbuild: prefix $(srctree)/ to some included Makefiles 2021-03-15 19:20:48 +09:00
Makefile.host Kbuild: add Rust support 2022-09-28 09:02:20 +02:00
Makefile.kasan kasan: always respect CONFIG_KASAN_STACK 2021-09-24 16:13:35 -07:00
Makefile.kcov
Makefile.kcsan kcsan: Ignore GCC 11+ warnings about TSan runtime support 2021-12-09 16:42:27 -08:00
Makefile.kmsan kmsan: add KMSAN runtime core 2022-10-03 14:03:19 -07:00
Makefile.lib Merge branch 'dt/dtbo-rename' into dt/next 2022-10-26 09:11:54 -05:00
Makefile.modfinal Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Makefile.modinst kbuild: error out if $(INSTALL_MOD_PATH) contains % or : 2022-07-27 21:18:00 +09:00
Makefile.modpost kbuild: fix typo in modpost 2022-10-28 00:19:40 +09:00
Makefile.package scripts: add rust in scripts/Makefile.package 2022-11-24 09:27:57 +09:00
Makefile.randstruct randstruct: Enable Clang support 2022-05-08 01:33:07 -07:00
Makefile.ubsan ubsan: remove CONFIG_UBSAN_OBJECT_SIZE 2022-01-20 08:52:55 +02:00
Makefile.userprogs
Makefile.vmlinux kbuild: rebuild .vmlinux.export.o when its prerequisite is updated 2022-10-03 03:52:58 +09:00
Makefile.vmlinux_o kbuild: move modules.builtin(.modinfo) rules to Makefile.vmlinux_o 2022-10-03 03:52:58 +09:00
makelst
markup_oops.pl
min-tool-version.sh scripts/min-tool-version.sh: raise minimum clang version to 15.0.0 for s390 2022-11-09 18:41:16 +01:00
mkcompile_h Revert "kbuild: Make scripts/compile.h when sh != bash" 2022-09-29 04:40:15 +09:00
mksysmap kallsyms: ignore __kstrtab_* and __kstrtabns_* symbols 2022-10-03 03:51:58 +09:00
mkuboot.sh
module.lds.S arm64: unwind: add asynchronous unwind tables to kernel and modules 2022-11-09 18:06:35 +00:00
modules-check.sh kbuild: check module name conflict for external modules as well 2021-04-25 05:22:42 +09:00
nsdeps scripts/nsdeps: adjust to the format change of *.mod files 2022-06-08 20:14:13 +09:00
objdiff kbuild: clean .tmp_* pattern by make clean 2022-06-05 06:20:57 +09:00
objdump-func scripts: Create objdump-func helper script 2022-05-12 10:08:43 -07:00
pahole-flags.sh scripts/pahole-flags.sh: Parse DWARF and generate BTF with multithreading. 2022-02-22 14:32:44 -08:00
pahole-version.sh kbuild: Add CONFIG_PAHOLE_VERSION 2022-02-02 11:19:33 +01:00
parse-maintainers.pl
patch-kernel
profile2linkerlist.pl
prune-kernel scripts/prune-kernel: Use kernel-install if available 2022-05-11 21:46:38 +09:00
recordmcount.c ftrace: Have recordmcount use w8 to read relp->r_info in arm64_is_fake_mcount 2021-03-02 17:27:18 -05:00
recordmcount.h recordmcount: Correct st_shndx handling 2021-06-18 09:09:17 -04:00
recordmcount.pl nds32: Remove the architecture 2022-03-07 13:54:59 +01:00
remove-stale-files RISC-V Patches for the 5.20 Merge Window, Part 2 2022-08-12 18:39:43 -07:00
rust_is_available_bindgen_libclang.h scripts: add rust_is_available.sh 2022-09-28 09:02:06 +02:00
rust_is_available.sh scripts: add rust_is_available.sh 2022-09-28 09:02:06 +02:00
setlocalversion kbuild: do not quote string values in include/config/auto.conf 2022-01-08 18:03:57 +09:00
show_delta tweewide: Fix most Shebang lines 2020-12-08 23:30:04 +09:00
sign-file.c sign-file: Fix confusing error messages 2022-08-03 23:56:20 +03:00
sorttable.c LoongArch: Add ELF-related definitions 2022-06-03 20:09:27 +08:00
sorttable.h script/sorttable: Fix some initialization problems 2022-01-18 10:17:18 -05:00
spdxcheck-test.sh docs: move Linux logo into a new images folder 2022-06-01 09:32:45 -06:00
spdxcheck.py scripts/spdxcheck: Put excluded files and directories into a separate file 2022-05-18 15:34:33 +02:00
spdxexclude scripts/spdxcheck: Exclude top-level README 2022-05-18 15:35:42 +02:00
spelling.txt scripts/spelling.txt: add more spellings to spelling.txt 2022-11-18 13:55:09 -08:00
sphinx-pre-install docs: sphinx-pre-install: don't require the RTD theme 2022-10-13 11:14:43 -06:00
split-man.pl tweewide: Fix most Shebang lines 2020-12-08 23:30:04 +09:00
stackdelta
stackusage
subarch.include LoongArch: Add build infrastructure 2022-06-03 20:09:27 +08:00
syscallhdr.sh scripts: check duplicated syscall number in syscall table 2021-07-09 04:00:39 +09:00
syscallnr.sh scripts: make some scripts executable 2021-08-10 09:13:25 +09:00
syscalltbl.sh scripts: check duplicated syscall number in syscall table 2021-07-09 04:00:39 +09:00
tags.sh scripts/tags.sh: Include tools directory in tags generation 2022-07-01 10:32:30 +02:00
test_fortify.sh fortify: Update compile-time tests for Clang 14 2022-02-13 16:50:06 -08:00
tools-support-relr.sh Makefile: fix GDB warning with CONFIG_RELR 2021-06-08 13:09:34 +01:00
unifdef.c
ver_linux Removed the oprofiled version option 2021-05-03 17:23:06 -06:00
xen-hypercalls.sh scripts: make some scripts executable 2021-08-10 09:13:25 +09:00
xz_wrap.sh