Merge branch 'for-linus/hardening' into for-next/hardening

This commit is contained in:
Kees Cook 2023-02-02 18:43:28 +00:00
commit 5c0f220e1b
9 changed files with 27 additions and 6 deletions

View File

@ -93,14 +93,19 @@ static int coreboot_table_populate(struct device *dev, void *ptr)
for (i = 0; i < header->table_entries; i++) {
entry = ptr_entry;
device = kzalloc(sizeof(struct device) + entry->size, GFP_KERNEL);
if (entry->size < sizeof(*entry)) {
dev_warn(dev, "coreboot table entry too small!\n");
return -EINVAL;
}
device = kzalloc(sizeof(device->dev) + entry->size, GFP_KERNEL);
if (!device)
return -ENOMEM;
device->dev.parent = dev;
device->dev.bus = &coreboot_bus_type;
device->dev.release = coreboot_device_release;
memcpy(&device->entry, ptr_entry, entry->size);
memcpy(device->raw, ptr_entry, entry->size);
switch (device->entry.tag) {
case LB_TAG_CBMEM_ENTRY:

View File

@ -79,6 +79,7 @@ struct coreboot_device {
struct lb_cbmem_ref cbmem_ref;
struct lb_cbmem_entry cbmem_entry;
struct lb_framebuffer framebuffer;
DECLARE_FLEX_ARRAY(u8, raw);
};
};

View File

@ -106,7 +106,8 @@ static inline unsigned long bkey_bytes(const struct bkey *k)
return bkey_u64s(k) * sizeof(__u64);
}
#define bkey_copy(_dest, _src) memcpy(_dest, _src, bkey_bytes(_src))
#define bkey_copy(_dest, _src) unsafe_memcpy(_dest, _src, bkey_bytes(_src), \
/* bkey is always padded */)
static inline void bkey_copy_key(struct bkey *dest, const struct bkey *src)
{

View File

@ -149,7 +149,8 @@ reread: left = ca->sb.bucket_size - offset;
bytes, GFP_KERNEL);
if (!i)
return -ENOMEM;
memcpy(&i->j, j, bytes);
unsafe_memcpy(&i->j, j, bytes,
/* "bytes" was calculated by set_bytes() above */);
/* Add to the location after 'where' points to */
list_add(&i->list, where);
ret = 1;

View File

@ -59,3 +59,4 @@ include/generated/utsversion.h: FORCE
$(obj)/version-timestamp.o: include/generated/utsversion.h
CFLAGS_version-timestamp.o := -include include/generated/utsversion.h
KASAN_SANITIZE_version-timestamp.o := n

View File

@ -2566,6 +2566,15 @@ config MEMCPY_KUNIT_TEST
If unsure, say N.
config MEMCPY_SLOW_KUNIT_TEST
bool "Include exhaustive memcpy tests"
depends on MEMCPY_KUNIT_TEST
default y
help
Some memcpy tests are quite exhaustive in checking for overlaps
and bit ranges. These can be very slow, so they are split out
as a separate config, in case they need to be disabled.
config IS_SIGNED_TYPE_KUNIT_TEST
tristate "Test is_signed_type() macro" if !KUNIT_ALL_TESTS
depends on KUNIT

View File

@ -309,6 +309,8 @@ static void set_random_nonzero(struct kunit *test, u8 *byte)
static void init_large(struct kunit *test)
{
if (!IS_ENABLED(CONFIG_MEMCPY_SLOW_KUNIT_TEST))
kunit_skip(test, "Slow test skipped. Enable with CONFIG_MEMCPY_SLOW_KUNIT_TEST=y");
/* Get many bit patterns. */
get_random_bytes(large_src, ARRAY_SIZE(large_src));

View File

@ -18,6 +18,7 @@ quiet_cmd_cc_o_c = CC $@
$(call if_changed_dep,cc_o_c)
ifdef CONFIG_MODULES
KASAN_SANITIZE_.vmlinux.export.o := n
targets += .vmlinux.export.o
vmlinux: .vmlinux.export.o
endif

View File

@ -71,7 +71,9 @@
#include "varasm.h"
#include "stor-layout.h"
#include "internal-fn.h"
#include "gimple.h"
#include "gimple-expr.h"
#include "gimple-iterator.h"
#include "gimple-fold.h"
#include "context.h"
#include "tree-ssa-alias.h"
@ -85,10 +87,8 @@
#include "tree-eh.h"
#include "stmt.h"
#include "gimplify.h"
#include "gimple.h"
#include "tree-phinodes.h"
#include "tree-cfg.h"
#include "gimple-iterator.h"
#include "gimple-ssa.h"
#include "ssa-iterators.h"