Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-03 19:55:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
582c161cf3
linux-stable/Documentation
History
Linus Torvalds 582c161cf3 hardening updates for v6.5-rc1 
- Fix KMSAN vs FORTIFY in strlcpy/strlcat (Alexander Potapenko)
 
 - Convert strreplace() to return string start (Andy Shevchenko)
 
 - Flexible array conversions (Arnd Bergmann, Wyes Karny, Kees Cook)
 
 - Add missing function prototypes seen with W=1 (Arnd Bergmann)
 
 - Fix strscpy() kerndoc typo (Arne Welzel)
 
 - Replace strlcpy() with strscpy() across many subsystems which were
   either Acked by respective maintainers or were trivial changes that
   went ignored for multiple weeks (Azeem Shaikh)
 
 - Remove unneeded cc-option test for UBSAN_TRAP (Nick Desaulniers)
 
 - Add KUnit tests for strcat()-family
 
 - Enable KUnit tests of FORTIFY wrappers under UML
 
 - Add more complete FORTIFY protections for strlcat()
 
 - Add missed disabling of FORTIFY for all arch purgatories.
 
 - Enable -fstrict-flex-arrays=3 globally
 
 - Tightening UBSAN_BOUNDS when using GCC
 
 - Improve checkpatch to check for strcpy, strncpy, and fake flex arrays
 
 - Improve use of const variables in FORTIFY
 
 - Add requested struct_size_t() helper for types not pointers
 
 - Add __counted_by macro for annotating flexible array size members
 -----BEGIN PGP SIGNATURE-----
 
 iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmSbftQWHGtlZXNjb29r
 QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJj0MD/9X9jzJzCmsAU+yNldeoAzC84Sk
 GVU3RBxGcTNysL1gZXynkIgigw7DWc4htMGeSABHHwQRVP65JCH1Kw/VqIkyumbx
 9LdX6IklMJb4pRT4PVU3azebV4eNmSjlur2UxMeW54Czm91/6I8RHbJOyAPnOUmo
 2oomGdP/hpEHtKR7hgy8Axc6w5ySwQixh2V5sVZG3VbvCS5WKTmTXbs6puuRT5hz
 iHt7v+7VtEg/Qf1W7J2oxfoghvVBsaRrSLrExWT/oZYh1ZxM7DsCAAoG/IsDgHGA
 9LBXiRECgAFThbHVxLvvKZQMXdVk0i8iXLX43XMKC0wTA+NTyH7wlcQQ4RWNMuo8
 sfA9Qm9gMArXaf64aymr3Uwn20Zan0391HdlbhOJZAE6v3PPJbleUnM58AzD2d3r
 5Lz6AIFBxDImy+3f9iDWgacCT5/PkeiXTHzk9QnKhJyKKtRA58XJxj4q2+rPnGJP
 n4haXqoxD5FJbxdXiGKk31RS0U5HBug7wkOcUrTqDHUbc/QNU2b7dxTKUx+zYtCU
 uV5emPzpF4H4z+91WpO47n9gkMAfwV0lt9S2dwS8pxsgqctbmIan+Jgip7rsqZ2G
 OgLXBsb43eEs+6WgO8tVt/ZHYj9ivGMdrcNcsIfikzNs/xweUJ53k2xSEn2xEa5J
 cwANDmkL6QQK7yfeeg==
 =s0j1
 -----END PGP SIGNATURE-----

Merge tag 'hardening-v6.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull hardening updates from Kees Cook:
 "There are three areas of note:

  A bunch of strlcpy()->strscpy() conversions ended up living in my tree
  since they were either Acked by maintainers for me to carry, or got
  ignored for multiple weeks (and were trivial changes).

  The compiler option '-fstrict-flex-arrays=3' has been enabled
  globally, and has been in -next for the entire devel cycle. This
  changes compiler diagnostics (though mainly just -Warray-bounds which
  is disabled) and potential UBSAN_BOUNDS and FORTIFY _warning_
  coverage. In other words, there are no new restrictions, just
  potentially new warnings. Any new FORTIFY warnings we've seen have
  been fixed (usually in their respective subsystem trees). For more
  details, see commit df8fc4e934.

  The under-development compiler attribute __counted_by has been added
  so that we can start annotating flexible array members with their
  associated structure member that tracks the count of flexible array
  elements at run-time. It is possible (likely?) that the exact syntax
  of the attribute will change before it is finalized, but GCC and Clang
  are working together to sort it out. Any changes can be made to the
  macro while we continue to add annotations.

  As an example of that last case, I have a treewide commit waiting with
  such annotations found via Coccinelle:

    https://git.kernel.org/linus/adc5b3cb48a049563dc673f348eab7b6beba8a9b

  Also see commit dd06e72e68 for more details.

  Summary:

   - Fix KMSAN vs FORTIFY in strlcpy/strlcat (Alexander Potapenko)

   - Convert strreplace() to return string start (Andy Shevchenko)

   - Flexible array conversions (Arnd Bergmann, Wyes Karny, Kees Cook)

   - Add missing function prototypes seen with W=1 (Arnd Bergmann)

   - Fix strscpy() kerndoc typo (Arne Welzel)

   - Replace strlcpy() with strscpy() across many subsystems which were
     either Acked by respective maintainers or were trivial changes that
     went ignored for multiple weeks (Azeem Shaikh)

   - Remove unneeded cc-option test for UBSAN_TRAP (Nick Desaulniers)

   - Add KUnit tests for strcat()-family

   - Enable KUnit tests of FORTIFY wrappers under UML

   - Add more complete FORTIFY protections for strlcat()

   - Add missed disabling of FORTIFY for all arch purgatories.

   - Enable -fstrict-flex-arrays=3 globally

   - Tightening UBSAN_BOUNDS when using GCC

   - Improve checkpatch to check for strcpy, strncpy, and fake flex
     arrays

   - Improve use of const variables in FORTIFY

   - Add requested struct_size_t() helper for types not pointers

   - Add __counted_by macro for annotating flexible array size members"

* tag 'hardening-v6.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: (54 commits)
  netfilter: ipset: Replace strlcpy with strscpy
  uml: Replace strlcpy with strscpy
  um: Use HOST_DIR for mrproper
  kallsyms: Replace all non-returning strlcpy with strscpy
  sh: Replace all non-returning strlcpy with strscpy
  of/flattree: Replace all non-returning strlcpy with strscpy
  sparc64: Replace all non-returning strlcpy with strscpy
  Hexagon: Replace all non-returning strlcpy with strscpy
  kobject: Use return value of strreplace()
  lib/string_helpers: Change returned value of the strreplace()
  jbd2: Avoid printing outside the boundary of the buffer
  checkpatch: Check for 0-length and 1-element arrays
  riscv/purgatory: Do not use fortified string functions
  s390/purgatory: Do not use fortified string functions
  x86/purgatory: Do not use fortified string functions
  acpi: Replace struct acpi_table_slit 1-element array with flex-array
  clocksource: Replace all non-returning strlcpy with strscpy
  string: use __builtin_memcpy() in strlcpy/strlcat
  staging: most: Replace all non-returning strlcpy with strscpy
  drm/i2c: tda998x: Replace all non-returning strlcpy with strscpy
  ...
2023-06-27 21:24:18 -07:00
..
ABI dmaengine updates for v6.4 2023-05-03 11:11:56 -07:00
accel accel/qaic: Add documentation for AIC100 accelerator driver 2023-04-06 08:23:03 +02:00
accounting Scheduler changes for v6.4: 2023-04-28 14:53:30 -07:00
admin-guide cgroup: Changes for v6.5 2023-06-27 16:54:21 -07:00
arch Move the Arm architecture documentation under Documentation/arch/. This 2023-06-27 11:58:16 -07:00
arm64 arm64 updates for 6.5: 2023-06-26 17:11:53 -07:00
block Documentation/block: drop the request.rst file 2023-05-12 11:04:58 -06:00
bpf lsm/stable-6.4 PR 20230428 2023-04-29 10:17:05 -07:00
cdrom Documentation: use capitalization for chapters and acronyms 2023-05-16 12:49:31 -06:00
core-api workqueue: Changes for v6.5 2023-06-27 16:32:52 -07:00
cpu-freq
crypto docs: crypto: async-tx-api: fix typo in struct name 2023-06-09 01:59:30 -06:00
dev-tools linux-kselftest-next-6.5-rc1 2023-06-27 11:28:56 -07:00
devicetree Move the Arm architecture documentation under Documentation/arch/. This 2023-06-27 11:58:16 -07:00
doc-guide docs/doc-guide: Clarify how to write tables 2023-06-09 01:57:56 -06:00
driver-api Locking changes for v6.5: 2023-06-27 14:14:30 -07:00
fault-injection block: null_blk: make fault-injection dynamically configurable per device 2023-04-13 07:38:55 -06:00
fb
features s390: enable ARCH_HAS_MEMBARRIER_SYNC_CORE 2023-03-27 17:19:52 +02:00
filesystems hardening updates for v6.5-rc1 2023-06-27 21:24:18 -07:00
firmware_class
firmware-guide ACPI: docs: enumeration: Correct reference to the I²C device data type 2023-03-07 14:09:49 +01:00
fpga Documentation: use capitalization for chapters and acronyms 2023-05-16 12:49:31 -06:00
gpu Merge tag 'amd-drm-next-6.4-2023-03-17' of https://gitlab.freedesktop.org/agd5f/linux into drm-next 2023-03-20 16:44:36 +10:00
hid
hwmon hwmon: (aquacomputer_d5next) Add support for Aquacomputer Aquastream XT 2023-04-21 07:27:23 -07:00
i2c
iio
images
infiniband
input
isdn
kbuild parisc: update kbuild doc. aliases for parisc64 2023-05-03 17:43:10 +02:00
kernel-hacking Documentation: Add document for false sharing 2023-04-10 16:46:11 -06:00
leds - New Drivers 2023-05-02 10:36:02 -07:00
litmus-tests LKMM scripting updates for v6.4 2023-04-24 12:02:25 -07:00
livepatch Objtool changes for v6.4: 2023-04-28 14:02:54 -07:00
locking Documentation: use capitalization for chapters and acronyms 2023-05-16 12:49:31 -06:00
loongarch
maintainer Documentation: update git configuration for Link: tag 2023-06-21 09:15:15 -06:00
mhi
mips
misc-devices
mm It's been a relatively calm cycle in docsland. We do have: 2023-06-27 11:33:47 -07:00
netlabel
netlink netlink: specs: ethtool: fix random typos 2023-06-06 18:42:20 -07:00
networking net/ipv4: ping_group_range: allow GID from 2147483648 to 4294967294 2023-06-02 09:55:22 +01:00
nvdimm
nvme
PCI ixgb: Remove ixgb driver 2023-03-19 10:51:07 +00:00
pcmcia Documentation: use capitalization for chapters and acronyms 2023-05-16 12:49:31 -06:00
peci
power regulator: consumer.rst: fix 'regulator_enable' typo. 2023-04-27 21:55:38 +01:00
powerpc
process It's been a relatively calm cycle in docsland. We do have: 2023-06-27 11:33:47 -07:00
RCU rcu: Remove RCU_NONIDLE() 2023-05-11 13:42:04 -07:00
riscv Documentation: RISC-V: patch-acceptance: mention patchwork's role 2023-06-14 07:44:11 -07:00
rust docs: rust: point directly to the standalone installers 2023-05-31 18:52:35 +02:00
s390 s390/iommu: get rid of S390_CCW_IOMMU and S390_AP_IOMMU 2023-05-17 15:20:18 +02:00
scheduler sched/deadline: Update GRUB description in the documentation 2023-06-16 22:08:12 +02:00
scsi scsi: core: Declare SCSI host template pointer members const 2023-03-24 19:19:19 -04:00
security lsm: move hook comments docs to security/security.c 2023-04-28 11:58:34 -04:00
sound ALSA: docs: Fix code block indentation in ALSA driver example 2023-05-03 08:08:25 +02:00
sphinx
sphinx-static
spi spi: docs: adjust summary to CONFIG_SYSFS_DEPRECATED removal 2023-03-14 13:30:52 +00:00
staging Documentation: use capitalization for chapters and acronyms 2023-05-16 12:49:31 -06:00
target
timers Documentation: use capitalization for chapters and acronyms 2023-05-16 12:49:31 -06:00
tools rtla/timerlat: Add auto-analysis only option 2023-04-25 19:26:17 -04:00
trace tracing/user_events: Document auto-cleanup and remove dyn_event refs 2023-06-14 13:43:27 -04:00
translations Move the Arm architecture documentation under Documentation/arch/. This 2023-06-27 11:58:16 -07:00
usb usb: gadget: uvc: Make bmControls attr read/write 2023-03-29 08:51:26 +02:00
userspace-api cifs: correct references in Documentation to old fs/cifs path 2023-05-24 16:29:21 -05:00
virt It's been a relatively calm cycle in docsland. We do have: 2023-06-27 11:33:47 -07:00
w1
watchdog
.gitignore
atomic_bitops.txt
atomic_t.txt
Changes
CodingStyle
conf.py Documentation: conf.py: Add __force to c_id_attributes 2023-05-19 08:58:10 -06:00
docutils.conf
dontdiff
index.rst docs: create a top-level arch/ directory 2023-03-23 13:27:27 -06:00
Kconfig
Makefile
memory-barriers.txt
SubmittingPatches
subsystem-apis.rst docs: consolidate storage interfaces 2023-06-21 09:18:06 -06:00