kernel hardening fixes for v6.7-rc2

- stackleak: add declarations for global functions (Arnd Bergmann) - gcc-plugins: randstruct: Only warn about true flexible arrays (Kees Cook) - gcc-plugins: latent_entropy: Fix description typo (Konstantin Runov) -----BEGIN PGP SIGNATURE----- iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmVTsQwWHGtlZXNjb29r QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJk95D/9lrPFxxy4gQUTSLXdq6F/H5Fix 3dH0ePeGSHNzu/7n1uwXO1NVUYyOWoBWxp9E+LlaWm+GKb1QpG6i2kr2icyB6d5W LsGfFscG0R6A0DwpBeb3trDEFmaPACLk4Xm7uS0YP1oTMVVP0ZZXwaE95wDfg7Ji nyAxvw+J56NRC+LVuZqPWgO5lkF4AG/MSpZ0aox6DQoH/YqqW21gKoAgZHhJg+1Q dAKzuTyqjjVYG3ugB7O87O+GlEePpBDLce0c6Rvf9H02tnR+Ju2xkcKbg/s7eut9 2AbBPsUqkTaF2fl1FNF5oX8MiZYmKwAMe0bTTl5pP1VxpbHqQooT/HWl76jpHZ9d OS3HXd1dO5N9lNTgWvWuiDoWN5j7h6Z6EuRPRcjPSFXrC1ceuB/1QDmvGtrFFmhL gohP9SOwC6jUQVPfH3RAf1TTHUFEpTlTsloUVlAvfuDkgLup2D/dH03j9yLBcXUl oLavj7aN0gTHjz99QxzxfIfwKMygrcLCKr7tAWMcky09Xin0VN5PGJ3zfVtzG4eI AbKq3V1el++XJ1vZmXDYjGJEUSEavX+SrjMFWfpITIeIjeOuMZRdgH3sJi11Gbkx gBIBrYKWQ5vIP4rNvC+DlIXlQs3yyFBPcIfwQ5JqLwuYc3F9Qu1Xhgf6bi+K3nFt qI/BXf2kRjnUtLIrdQ== =+BHu -----END PGP SIGNATURE----- Merge tag 'hardening-v6.7-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull hardening fixes from Kees Cook: - stackleak: add declarations for global functions (Arnd Bergmann) - gcc-plugins: randstruct: Only warn about true flexible arrays (Kees Cook) - gcc-plugins: latent_entropy: Fix description typo (Konstantin Runov) * tag 'hardening-v6.7-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: gcc-plugins: latent_entropy: Fix typo (args -> argc) in plugin description gcc-plugins: randstruct: Only warn about true flexible arrays stackleak: add declarations for global functions
Zstd fixes for v6.7
2026-01-11 17:10:13 +00:00 · 2023-11-14 23:47:12 -05:00 · 2023-11-14 23:35:31 -05:00 · 2023-11-14 17:12:52 -08:00 · 2023-11-14 09:32:47 -08:00 · 2023-11-14 09:18:47 -08:00
5 changed files with 9 additions and 14 deletions
--- a/1
+++ b/1
@ -8950,7 +8950,6 @@ S:	Maintained
 F:	scripts/get_maintainer.pl

 GFS2 FILE SYSTEM
-M:	Bob Peterson <rpeterso@redhat.com>
 M:	Andreas Gruenbacher <agruenba@redhat.com>
 L:	gfs2@lists.linux.dev
 S:	Supported
--- a/include/linux/stackleak.h
+++ b/include/linux/stackleak.h
@ -14,6 +14,7 @@

 #ifdef CONFIG_GCC_PLUGIN_STACKLEAK
 #include <asm/stacktrace.h>
+#include <linux/linkage.h>

 /*
 * The lowest address on tsk's stack which we can plausibly erase.
@ -76,6 +77,11 @@ static inline void stackleak_task_init(struct task_struct *t)
 # endif
 }

+asmlinkage void noinstr stackleak_erase(void);
+asmlinkage void noinstr stackleak_erase_on_task_stack(void);
+asmlinkage void noinstr stackleak_erase_off_task_stack(void);
+void __no_caller_saved_registers noinstr stackleak_track_stack(void);
+
 #else /* !CONFIG_GCC_PLUGIN_STACKLEAK */
 static inline void stackleak_task_init(struct task_struct *t) { }
 #endif
--- a/lib/zstd/common/fse_decompress.c
+++ b/lib/zstd/common/fse_decompress.c
@ -312,7 +312,7 @@ size_t FSE_decompress_wksp(void* dst, size_t dstCapacity, const void* cSrc, size

 typedef struct {
    short ncount[FSE_MAX_SYMBOL_VALUE + 1];
-    FSE_DTable dtable[1]; /* Dynamically sized */
+    FSE_DTable dtable[]; /* Dynamically sized */
 } FSE_DecompressWksp;


--- a/scripts/gcc-plugins/latent_entropy_plugin.c
+++ b/scripts/gcc-plugins/latent_entropy_plugin.c
@ -17,7 +17,7 @@
 *	if (argc <= 1)
 *		printf("%s: no command arguments :(\n", *argv);
 *	else
- *		printf("%s: %d command arguments!\n", *argv, args - 1);
+ *		printf("%s: %d command arguments!\n", *argv, argc - 1);
 * }
 *
 * after:
@ -47,7 +47,7 @@
 *		// perturb_local_entropy()
 *	} else {
 *		local_entropy ^= 3896280633962944730;
- *		printf("%s: %d command arguments!\n", *argv, args - 1);
+ *		printf("%s: %d command arguments!\n", *argv, argc - 1);
 *	}
 *
 *	// latent_entropy_execute() 4.
--- a/scripts/gcc-plugins/randomize_layout_plugin.c
+++ b/scripts/gcc-plugins/randomize_layout_plugin.c
@ -278,8 +278,6 @@ static bool is_flexible_array(const_tree field)
 {
 	const_tree fieldtype;
 	const_tree typesize;
-	const_tree elemtype;
-	const_tree elemsize;

 	fieldtype = TREE_TYPE(field);
 	typesize = TYPE_SIZE(fieldtype);
@ -287,20 +285,12 @@ static bool is_flexible_array(const_tree field)
 	if (TREE_CODE(fieldtype) != ARRAY_TYPE)
 		return false;

-	elemtype = TREE_TYPE(fieldtype);
-	elemsize = TYPE_SIZE(elemtype);
-
 	/* size of type is represented in bits */

 	if (typesize == NULL_TREE && TYPE_DOMAIN(fieldtype) != NULL_TREE &&
 	    TYPE_MAX_VALUE(TYPE_DOMAIN(fieldtype)) == NULL_TREE)
 		return true;

-	if (typesize != NULL_TREE &&
-	    (TREE_CONSTANT(typesize) && (!tree_to_uhwi(typesize) ||
-	     tree_to_uhwi(typesize) == tree_to_uhwi(elemsize))))
-		return true;
-
 	return false;
 }
Author	SHA1	Message	Date
Linus Torvalds	c42d9eeef8	kernel hardening fixes for v6.7-rc2 - stackleak: add declarations for global functions (Arnd Bergmann) - gcc-plugins: randstruct: Only warn about true flexible arrays (Kees Cook) - gcc-plugins: latent_entropy: Fix description typo (Konstantin Runov) -----BEGIN PGP SIGNATURE----- iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmVTsQwWHGtlZXNjb29r QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJk95D/9lrPFxxy4gQUTSLXdq6F/H5Fix 3dH0ePeGSHNzu/7n1uwXO1NVUYyOWoBWxp9E+LlaWm+GKb1QpG6i2kr2icyB6d5W LsGfFscG0R6A0DwpBeb3trDEFmaPACLk4Xm7uS0YP1oTMVVP0ZZXwaE95wDfg7Ji nyAxvw+J56NRC+LVuZqPWgO5lkF4AG/MSpZ0aox6DQoH/YqqW21gKoAgZHhJg+1Q dAKzuTyqjjVYG3ugB7O87O+GlEePpBDLce0c6Rvf9H02tnR+Ju2xkcKbg/s7eut9 2AbBPsUqkTaF2fl1FNF5oX8MiZYmKwAMe0bTTl5pP1VxpbHqQooT/HWl76jpHZ9d OS3HXd1dO5N9lNTgWvWuiDoWN5j7h6Z6EuRPRcjPSFXrC1ceuB/1QDmvGtrFFmhL gohP9SOwC6jUQVPfH3RAf1TTHUFEpTlTsloUVlAvfuDkgLup2D/dH03j9yLBcXUl oLavj7aN0gTHjz99QxzxfIfwKMygrcLCKr7tAWMcky09Xin0VN5PGJ3zfVtzG4eI AbKq3V1el++XJ1vZmXDYjGJEUSEavX+SrjMFWfpITIeIjeOuMZRdgH3sJi11Gbkx gBIBrYKWQ5vIP4rNvC+DlIXlQs3yyFBPcIfwQ5JqLwuYc3F9Qu1Xhgf6bi+K3nFt qI/BXf2kRjnUtLIrdQ== =+BHu -----END PGP SIGNATURE----- Merge tag 'hardening-v6.7-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull hardening fixes from Kees Cook: - stackleak: add declarations for global functions (Arnd Bergmann) - gcc-plugins: randstruct: Only warn about true flexible arrays (Kees Cook) - gcc-plugins: latent_entropy: Fix description typo (Konstantin Runov) * tag 'hardening-v6.7-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: gcc-plugins: latent_entropy: Fix typo (args -> argc) in plugin description gcc-plugins: randstruct: Only warn about true flexible arrays stackleak: add declarations for global functions	2023-11-14 23:47:12 -05:00
Linus Torvalds	86d11b0e20	Zstd fixes for v6.7 Only a single line change to fix a benign UBSAN warning that has been baking in linux-next for a month. I just missed the merge window, but I think it is worthwhile to include this fix in the v6.7 kernel. If you would like me to wait for v6.8 please let me know. Signed-off-by: Nick Terrell <terrelln@fb.com> -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEmIwAqlFIzbQodPwyuzRpqaNEqPUFAmVUG20ACgkQuzRpqaNE qPXx2Q/9GSGokNZm3+ZgINijpxsSz/+WT34ZJ4n14ns97PiiiSLQ10Nzpy3xGfHC gQTXYUoRJhuTUsid8QDsbgoLzybOxgZsxQWECrWEioXS+AiGCqGLnC85JdZNpJO3 hWrxO6j0XfLb6Sgl5gm0CBWVuGkdKSUCCd91iHIZ9vKwFWSsQizGsdyYVXB4gZn4 qYYGhka5TunDXgaTeqBGlNe3x6b/RvsPTBsX3SnAI3aBd88I6xrpcURrYru3NerZ 16V2t5+GpiDz8cm7IHwEekh4JNaMwRLO8jhkThdErbLjFs/TU0s2hXkvG0m/yujs 4Yklv+j0wIJv7f0IMSEZi+msnun+ajx8Mg4P1hi6WEiyylHC7aGAT55ShKhO8Qzx FD1kNiNR9svfHL83fJAZ3iEuhOQokRnt2qADutYmp0kq6BCcEnNuMBOpSyw+hzDZ MHDCkTujDTobE8gzZBEwUYPiw9kX6c3vsvb/mmNv8+y2LUxyb0GShinw3od0RlKQ T5xF6yq9neAxbARFJ9e3Zs51e5OXnCbb+K+pMNqR+nw89hUXiscynN93o4jMCzpn VBmhjzaSUTiTABG2TrqWNa5Vr6J3l77sr6T5bvC5aNpQQZ9KZFFPmpup8Z4BtBrG 89BZqDsrUDRlMpS4Z2ECbl5GUELP3EBSV1NHRgVM4BB7t/UzvzU= =w0Q0 -----END PGP SIGNATURE----- Merge tag 'zstd-linus-v6.7-rc2' of https://github.com/terrelln/linux Pull Zstd fix from Nick Terrell: "Only a single line change to fix a benign UBSAN warning" * tag 'zstd-linus-v6.7-rc2' of https://github.com/terrelln/linux: zstd: Fix array-index-out-of-bounds UBSAN warning	2023-11-14 23:35:31 -05:00
Nick Terrell	77618db346	zstd: Fix array-index-out-of-bounds UBSAN warning Zstd used an array of length 1 to mean a flexible array for C89 compatibility. Switch to a C99 flexible array to fix the UBSAN warning. Tested locally by booting the kernel and writing to and reading from a BtrFS filesystem with zstd compression enabled. I was unable to reproduce the issue before the fix, however it is a trivial change. Link: https://lkml.kernel.org/r/20231012213428.1390905-1-nickrterrell@gmail.com Reported-by: syzbot+1f2eb3e8cd123ffce499@syzkaller.appspotmail.com Reported-by: Eric Biggers <ebiggers@kernel.org> Reported-by: Kees Cook <keescook@chromium.org> Signed-off-by: Nick Terrell <terrelln@fb.com> Reviewed-by: Kees Cook <keescook@chromium.org>	2023-11-14 17:12:52 -08:00
Konstantin Runov	782ce43161	gcc-plugins: latent_entropy: Fix typo (args -> argc) in plugin description Fix the typo in the plugin description comment. Clearly, "argc" should be used. Signed-off-by: Konstantin Runov <runebone1@gmail.com> Link: https://lore.kernel.org/r/20231030094508.245432-1-runebone1@gmail.com Signed-off-by: Kees Cook <keescook@chromium.org>	2023-11-14 09:32:47 -08:00
Bob Peterson	2e6ef8aaba	Remove myself as maintainer of GFS2 I am retiring from Red Hat and will no longer be a maintainer of the gfs2 file system. Signed-off-by: Bob Peterson <rpeterso@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2023-11-14 09:18:47 -08:00
Kees Cook	1ee60356c2	gcc-plugins: randstruct: Only warn about true flexible arrays The randstruct GCC plugin tried to discover "fake" flexible arrays to issue warnings about them in randomized structs. In the future LSM overhead reduction series, it would be legal to have a randomized struct with a 1-element array, and this should _not_ be treated as a flexible array, especially since commit df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3"). Disable the 0-sized and 1-element array discovery logic in the plugin, but keep the "true" flexible array check. Cc: KP Singh <kpsingh@kernel.org> Cc: linux-hardening@vger.kernel.org Reported-by: kernel test robot <lkp@intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202311021532.iBwuZUZ0-lkp@intel.com/ Fixes: df8fc4e934c1 ("kbuild: Enable -fstrict-flex-arrays=3") Reviewed-by: Bill Wendling <morbo@google.com> Acked-by: "Gustavo A. R. Silva" <gustavoars@kernel.org> Link: https://lore.kernel.org/r/20231104204334.work.160-kees@kernel.org Signed-off-by: Kees Cook <keescook@chromium.org>	2023-11-08 14:18:57 -08:00
Arnd Bergmann	65120498aa	stackleak: add declarations for global functions With -Wmissing-prototypes enabled, the stackleak code produces a couple of warnings that have no declarations because they are only called from assembler: stackleak.c:127:25: error: no previous prototype for 'stackleak_erase' [-Werror=missing-prototypes] stackleak.c:139:25: error: no previous prototype for 'stackleak_erase_on_task_stack' [-Werror=missing-prototypes] stackleak.c:151:25: error: no previous prototype for 'stackleak_erase_off_task_stack' [-Werror=missing-prototypes] stackleak.c:159:49: error: no previous prototype for 'stackleak_track_stack' [-Werror=missing-prototypes] Add declarations to the stackleak header to shut up the warnings. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Link: https://lore.kernel.org/r/20231108125843.3806765-7-arnd@kernel.org Signed-off-by: Kees Cook <keescook@chromium.org>	2023-11-08 11:06:50 -08:00