On Mon, Nov 25, 2024 at 08:20:21PM +, jef...@chromium.org wrote:
> +/*
> + * Kernel cmdline override for CONFIG_SEAL_SYSTEM_MAPPINGS
> + */
> +enum seal_system_mappings_type {
> + SEAL_SYSTEM_MAPPINGS_DISABLED,
> + SEAL_SYSTEM_MAPPINGS_ENABLED
> +};
> +
> +static enum seal_system_mappin
From: Jeff Xu
Seal vdso, vvar, sigpage, uprobes and vsyscall.
Those mappings are readonly or executable only, sealing can protect
them from ever changing or unmapped during the life time of the process.
For complete descriptions of memory sealing, please see mseal.rst [1].
System mappings such
From: Jeff Xu
Seal vdso, vvar, sigpage, uprobes and vsyscall.
Those mappings are readonly or executable only, sealing can protect
them from ever changing or unmapped during the life time of the process.
For complete descriptions of memory sealing, please see mseal.rst [1].
System mappings such
On 23/11/24 11:08, Haoyu Li wrote:
With the new __counted_by annocation in cfg80211_rnr_elems, the "cnt"
struct member must be set before accessing the "elem" array. Failing to
do so will trigger a runtime warning when enabling CONFIG_UBSAN_BOUNDS
and CONFIG_FORTIFY_SOURCE.
Nice catch. :)
Hi Naresh,
+ Kees and linux-hardening, since this is a hardening configuration.
On Mon, Nov 25, 2024 at 07:34:22PM +0530, Naresh Kamboju wrote:
> The arm TI x15 board boot has failed with the Linux next, mainline
> and the Linux stable. Please find boot log and build links.
>
> The boot failed w
On 2024-11-22 8:33 pm, Brian Johannesmeyer wrote:
On Fri, Nov 22, 2024 at 12:13 PM Brian Johannesmeyer
wrote:
We identified a security issue in the swiotlb unmapping operation, stemming
from the way some drivers save streaming DMA addresses. This issue can
potentially be exploited by a malicio
available at:
https://download.01.org/0day-ci/archive/20241125/202411251652.ecbb3c7e-...@intel.com
kern :warn : [ 407.439702] [ cut here ]
user :notice: [ 407.448057] fanotify06.c:134: TPASS: group 0 got event: mask
2 pid=5267 fd=13
kern :warn : [ 407.448607] WARNI
