lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190506172139.GA2121@beast>
Date:   Mon, 6 May 2019 10:21:39 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     linux-kernel@...r.kernel.org,
        Alexander Popov <alex.popov@...ux.com>,
        Alexander Potapenko <glider@...gle.com>,
        Masahiro Yamada <yamada.masahiro@...ionext.com>
Subject: [GIT PULL] compiler-based variable-init updates for v5.2-rc1

Hi Linus,

Please pull these changes for v5.2-rc1. This is effectively part of my
gcc-plugins tree, but as this adds some Clang support, it felt weird
to still call it "gcc-plugins". :) This consolidates Kconfig for the
existing stack variable initialization (via structleak and stackleak
gcc plugins) and adds Alexander Potapenko's support for Clang's new
similar functionality.

Thanks!

-Kees

The following changes since commit 8c2ffd9174779014c3fe1f96d9dc3641d9175f00:

  Linux 5.1-rc2 (2019-03-24 14:02:26 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/meminit-v5.2-rc1

for you to fetch changes up to 709a972efb01efaeb97cad1adc87fe400119c8ab:

  security: Implement Clang's stack initialization (2019-04-24 14:00:56 -0700)

----------------------------------------------------------------
compiler-based memory initialization

- Consolidate memory initialization Kconfigs (Kees)
- Implement support for Clang's stack variable auto-init (Alexander)

----------------------------------------------------------------
Kees Cook (3):
      security: Create "kernel hardening" config area
      security: Move stackleak config to Kconfig.hardening
      security: Implement Clang's stack initialization

 Makefile                    |   5 ++
 scripts/gcc-plugins/Kconfig | 126 ++--------------------------------
 security/Kconfig            |   2 +
 security/Kconfig.hardening  | 164 ++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 177 insertions(+), 120 deletions(-)
 create mode 100644 security/Kconfig.hardening

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ