| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202407150933.E1871BE@keescook>
Date: Mon, 15 Jul 2024 09:34:47 -0700
From: Kees Cook <kees@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-kernel@...r.kernel.org, Ard Biesheuvel <ardb@...nel.org>,
Arnd Bergmann <arnd@...db.de>, Heiko Carstens <hca@...ux.ibm.com>,
Kees Cook <kees@...nel.org>, Mark Rutland <mark.rutland@....com>,
Nathan Chancellor <nathan@...nel.org>,
"Paul E. McKenney" <paulmck@...nel.org>,
Sami Tolvanen <samitolvanen@...gle.com>,
Thorsten Blum <thorsten.blum@...lux.com>,
Yanjun Yang <yangyj.ee@...il.com>,
Yuntao Liu <liuyuntao12@...wei.com>
Subject: [GIT PULL] hardening updates for v6.11-rc1
Hi Linus,
Please pull these hardening updates for v6.11-rc1.
Thanks!
-Kees
The following changes since commit c3f38fa61af77b49866b006939479069cd451173:
Linux 6.10-rc2 (2024-06-02 15:44:56 -0700)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/hardening-v6.11-rc1
for you to fetch changes up to 872bb37f6829d4f7f3ed5afe2786add3d4384b4b:
randomize_kstack: Improve stack alignment codegen (2024-07-13 21:36:36 -0700)
----------------------------------------------------------------
hardening updates for v6.11-rc1
- lkdtm/bugs: add test for hung smp_call_function_single() (Mark Rutland)
- gcc-plugins: Remove duplicate included header file stringpool.h
(Thorsten Blum)
- ARM: Remove address checking for MMUless devices (Yanjun Yang)
- randomize_kstack: Clean up per-arch entropy and codegen
- KCFI: Make FineIBT mode Kconfig selectable
- fortify: Do not special-case 0-sized destinations
----------------------------------------------------------------
Kees Cook (4):
x86/alternatives: Make FineIBT mode Kconfig selectable
fortify: Do not special-case 0-sized destinations
randomize_kstack: Remove non-functional per-arch entropy filtering
randomize_kstack: Improve stack alignment codegen
Mark Rutland (1):
lkdtm/bugs: add test for hung smp_call_function_single()
Thorsten Blum (1):
gcc-plugins: Remove duplicate included header file stringpool.h
Yanjun Yang (1):
ARM: Remove address checking for MMUless devices
arch/arm/mm/fault.c | 4 ++--
arch/arm64/kernel/syscall.c | 16 +++++++---------
arch/s390/include/asm/entry-common.h | 2 +-
arch/x86/Kconfig | 9 +++++++++
arch/x86/include/asm/cfi.h | 2 +-
arch/x86/include/asm/entry-common.h | 15 ++++++---------
arch/x86/kernel/alternative.c | 8 ++++----
drivers/misc/lkdtm/bugs.c | 30 ++++++++++++++++++++++++++++++
include/linux/fortify-string.h | 8 ++------
include/linux/randomize_kstack.h | 18 ++++++++++++------
lib/fortify_kunit.c | 3 +--
scripts/gcc-plugins/gcc-common.h | 5 -----
tools/testing/selftests/lkdtm/tests.txt | 1 +
13 files changed, 76 insertions(+), 45 deletions(-)
--
Kees Cook
Powered by blists - more mailing lists