On Wed, Oct 18, 2023 at 05:46:20PM -0700, Kees Cook wrote:
> While most of the gcc-plugins are self-contained in the
> scripts/gcc-plugins directory, stackleak actually has some additional
> files. Add those so changes are directed to the hardening list.
>
> Suggested-by: Mark Ru
On Sun, Jan 14, 2024 at 11:53:40AM +0100, Erick Archer wrote:
> Use 2-factor multiplication argument form kcalloc() instead
> of kzalloc().
>
> Link: https://github.com/KSPP/linux/issues/162
> Signed-off-by: Erick Archer
Could you put something in the commit message explaining *why* this change
On Mon, Jan 22, 2024 at 04:26:38PM -0800, Kees Cook wrote:
> Provide a helper that will perform wrapping addition without tripping
> the arithmetic wrap-around sanitizers.
>
> Cc: "Gustavo A. R. Silva"
> Cc: linux-hardening@vger.kernel.org
> Signed-off-by: Kees Cook
> ---
> include/linux/overfl
On Mon, Jan 22, 2024 at 04:26:45PM -0800, Kees Cook wrote:
> Annotate atomic_add_return() to avoid signed overflow instrumentation.
> It is expected to wrap around.
>
> Cc: Will Deacon
> Cc: Peter Zijlstra
> Cc: Boqun Feng
> Cc: Mark Rutland
> Cc: Thomas Gleixner
On Mon, Jan 22, 2024 at 04:26:35PM -0800, Kees Cook wrote:
> Hi,
Hi Kees,
> In our continuing effort to eliminate root causes of flaws in the kernel,
> this series is the start to providing a way to have sensible coverage
> for catching unexpected arithmetic wrap-around.
>
> A quick word on lang
On Mon, Jan 22, 2024 at 04:26:46PM -0800, Kees Cook wrote:
> Annotate atomic_add_return() and atomic_sub_return() to avoid signed
> overflow instrumentation. They are expected to wrap around.
>
> Cc: Will Deacon
> Cc: Peter Zijlstra
> Cc: Boqun Feng
> Cc: Mark Rutland
The commit title is odd here; '3117/1' is the patch tracker name for the last
patch. The title should probably be:
arm: nwfpe: Refactor intentional wrap-around test
Mark.
On Mon, Jan 22, 2024 at 04:27:13PM -0800, Kees Cook wrote:
> In an effort to separate intentional arithmetic wrap-aro
//github.com/KSPP/linux/issues/344 [4]
> Cc: Catalin Marinas
> Cc: Will Deacon
> Cc: Kalesh Singh
> Cc: Fuad Tabba
> Cc: Mark Brown
> Cc: "Madhavan T. Venkataraman"
> Cc: Marc Zyngier
> Cc: Mark Rutland
> Cc: linux-arm-ker...@lists.infradead.org
> Si
On Tue, Feb 13, 2024 at 02:10:57PM -0800, Kees Cook wrote:
> The check_*_overflow() helpers will return results with potentially
> wrapped-around values. These values have always been checked by the
> selftests, so avoid the confusing language in the kern-doc. The idea of
> "safe for use" was relat
th. In other words, these two calls will get very different results:
>
> wrapping_mul(int, 50, 50) == 2500
> wrapping_mul(u8, 50, 50) == 196
>
> Add to the selftests to validate behavior and lack of side-effects.
>
> Cc: Rasmus Villemoes
> Cc: Marco Elver
&g
safe for use" was relative to the expectation of whether or not the
> caller wants a wrapped value -- the calculation itself will always follow
> arithmetic wrapping rules.
>
> Reviewed-by: Gustavo A. R. Silva
> Signed-off-by: Kees Cook
> ---
> Cc: Mark Rutland
> Cc: l
trumentation.
>
> Add to the selftests to validate behavior and lack of side-effects.
>
> Signed-off-by: Kees Cook
> ---
> Cc: Rasmus Villemoes
> Cc: Marco Elver
> Cc: Eric Biggers
> Cc: Mark Rutland
> Cc: "Gustavo A. R. Silva"
> Cc: linux-hardening
Hi Doug,
On Tue, Feb 27, 2024 at 04:57:31PM -0800, Doug Anderson wrote:
> On Mon, Jan 8, 2024 at 4:54 PM Doug Anderson wrote:
> > On Thu, Dec 7, 2023 at 5:03 PM Douglas Anderson
> > wrote:
> > The sound of crickets is overwhelming. ;-) Does anyone have any
> > comments here? Is this a terrible
On Wed, Apr 24, 2024 at 03:45:07PM -0700, Kees Cook wrote:
> On Thu, Apr 25, 2024 at 12:41:41AM +0200, Peter Zijlstra wrote:
> > On Wed, Apr 24, 2024 at 12:17:34PM -0700, Kees Cook wrote:
> >
> > > @@ -82,7 +83,7 @@ static __always_inline bool
> > > arch_atomic_add_negative(int i, atomic_t *v)
>
On Thu, Apr 25, 2024 at 11:28:12AM +0200, Peter Zijlstra wrote:
> On Wed, Apr 24, 2024 at 04:30:50PM -0700, Kees Cook wrote:
>
> > > That is, anything that actively warns about signed overflow when build
> > > with -fno-strict-overflow is a bug. If you want this warning you have to
> > > explicitl
On Mon, Jun 17, 2024 at 01:37:21PM +, Yuntao Liu wrote:
> Since the offset would be bitwise ANDed with 0x3FF in
> add_random_kstack_offset(), so just remove AND operation here.
>
> Signed-off-by: Yuntao Liu
The comments in arm64 and x86 say that they're deliberately capping the
offset at few
Hi Arnd,
On Mon, Jun 17, 2024 at 10:33:08PM +0200, Arnd Bergmann wrote:
> On Mon, Jun 17, 2024, at 20:22, Kees Cook wrote:
> > On Mon, Jun 17, 2024 at 04:52:15PM +0100, Mark Rutland wrote:
> >> On Mon, Jun 17, 2024 at 01:37:21PM +, Yuntao Liu wrote:
> >> > Sin
On Tue, Jun 18, 2024 at 01:14:58PM +0200, Arnd Bergmann wrote:
> On Tue, Jun 18, 2024, at 12:45, Mark Rutland wrote:
> > On Mon, Jun 17, 2024 at 10:33:08PM +0200, Arnd Bergmann wrote:
> >> On Mon, Jun 17, 2024, at 20:22, Kees Cook wrote:
> >> > On Mon, Jun 17,
o point pretending that 15.75KB is
> somehow safe to use while 15.00KB is not."
>
> Co-developed-by: Yuntao Liu
> Signed-off-by: Yuntao Liu
> Fixes: 9c573cd31343 ("randomize_kstack: Improve entropy diffusion")
> Link: https://lore.kernel.org/r/20240617133721.377540-1-l
On Thu, Jun 20, 2024 at 11:34:22AM -0700, Kees Cook wrote:
> On Thu, Jun 20, 2024 at 11:47:58AM +0800, liuyuntao (F) wrote:
> >
> >
> > On 2024/6/20 5:47, Kees Cook wrote:
> > > An unintended consequence of commit 9c573cd31343 ("randomize_kstack:
> > > Improve entropy diffusion") was that the per
On Tue, Feb 11, 2025 at 02:33:51PM +0100, Valentin Schneider wrote:
> On 10/02/25 23:08, Jann Horn wrote:
> > On Mon, Feb 10, 2025 at 7:36 PM Valentin Schneider
> > wrote:
> >> What if isolated CPUs unconditionally did a TLBi as late as possible in
> >> the stack right before returning to userspa
On Mon, Mar 10, 2025 at 05:37:50PM +, Catalin Marinas wrote:
> On Fri, Mar 07, 2025 at 07:36:31PM -0800, Kees Cook wrote:
> > On Fri, Mar 07, 2025 at 06:33:13PM -0800, Peter Collingbourne wrote:
> > > The optimized strscpy() and dentry_string_cmp() routines will read 8
> > > unaligned bytes at
On Tue, Mar 11, 2025 at 11:45:21AM +, Catalin Marinas wrote:
> On Mon, Mar 10, 2025 at 07:37:32PM +0000, Mark Rutland wrote:
> > I was worried that ex_handler_load_unaligned_zeropad() might not do the
> > right thing in response to a tag check fault (e.g. access the wrong 8
>
23 matches
Mail list logo
