2022-09-07 | Kees Cook | fortify: Add KUnit test for FORTIFY_SOURCE internals Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-09-07 | Kees Cook | fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-09-07 | Kees Cook | string: Introduce strtomem() and strtomem_pad() Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-09-07 | Kees Cook | overflow: Split up kunit tests for smaller stack frames Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-09-07 | Kees Cook | overflow: Allow mixed type arguments Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-08-31 | Bart Van Assche | overflow, tracing: Define the is_signed_type() macro... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-08-31 | Bart Van Assche | testing/selftests: Add tests for the is_signed_type... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-08-16 | Andrew Donnellan | gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-08-16 | Kees Cook | LoadPin: Return EFAULT on copy_from_user() failures Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-08-16 | Fabio M. De Francesco | exec: Replace kmap{,_atomic}() with kmap_local_page() Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-29 | Matthias Kaehlcke | dm: verity-loadpin: Drop use of dm_table_get_num_targets() Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-27 | Fabio M. De Francesco | exec: Call kmap_local_page() in copy_string_kernel() Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-27 | Kees Cook | kasan: test: Silence GCC 12 warnings Signed-off-by: Kees Cook <keescook@chromium.org> ...org/r/20220608214024.1068451-1-keescook@chromium.org |
commit | commitdiff | tree |
2022-07-27 | Justin Stitt | drivers: lkdtm: fix clang -Wformat warning Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-27 | YiFei Zhu | selftests/seccomp: Fix compile warning when CC=clang Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-08 | Lukas Bulwahn | x86: mm: refer to the intended config STRICT_DEVMEM... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-08 | Matthias Kaehlcke | dm: verity-loadpin: Use CONFIG_SECURITY_LOADPIN_VERITY... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-08 | Matthias Kaehlcke | LoadPin: Enable loading from trusted dm-verity devices Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-08 | Matthias Kaehlcke | dm: Add verity helpers for LoadPin Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-02 | GONG, Ruiqi | stack: Declare {randomize_,}kstack_offset to fix Sparse... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-02 | Kees Cook | lib: overflow: Do not define 64-bit tests on 32-bit Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-02 | Kees Cook | MAINTAINERS: Add a general "kernel hardening" section Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-02 | Jason A. Donenfeld | usercopy: use unsigned long instead of uintptr_t Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-07-01 | Zhang Jiaming | exec: Fix a spelling mistake Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-06-23 | Dan Carpenter | pstore/zone: cleanup "rcnt" type Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-06-15 | Andrei Vagin | selftests/timens: add a test for vfork+exit Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-06-15 | Andrei Vagin | fs/exec: allow to unshare a time namespace on vfork... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-06-13 | Matthew Wilcox ... | usercopy: Make usercopy resilient against ridiculously... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-06-13 | Matthew Wilcox ... | usercopy: Cast pointer to an integer once Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-06-13 | Matthew Wilcox ... | usercopy: Handle vm_map_ram() areas Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-06-13 | Sami Tolvanen | cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-24 | Masahiro Yamada | gcc-plugins: use KERNELVERSION for plugin version Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-17 | Kees Cook | lkdtm/heap: Hide allocation size from -Warray-bounds Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-17 | Muhammad Usama Anjum | selftests/lkdtm: Add configs for stackleak and "after... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-17 | Kees Cook | lkdtm/usercopy: Check vmalloc and >0-order folios Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-16 | Christoph Hellwig | loadpin: stop using bdevname Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-16 | Yuanzheng Song | mm: usercopy: move the virt_addr_valid() below the... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-16 | Kees Cook | gcc-plugins: randstruct: Remove cast exception handling Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-16 | Kees Cook | af_unix: Silence randstruct GCC plugin warning Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-16 | Kees Cook | niu: Silence randstruct warnings Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-16 | Kees Cook | big_keys: Use struct for internal payload Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-12 | Ard Biesheuvel | pstore: migrate to crypto acomp interface Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-12 | Kees Cook | lkdtm/usercopy: Rename "heap" to "slab" Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-10 | Kees Cook | gcc-plugins: Change all version strings match kernel Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-10 | Kees Cook | randomize_kstack: Improve docs on requirements/rationale Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | lkdtm/stackleak: fix CONFIG_GCC_PLUGIN_STACKLEAK=n Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | arm64: entry: use stackleak_erase_on_task_stack() Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | stackleak: add on/off stack variants Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | lkdtm/stackleak: check stack boundaries Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | lkdtm/stackleak: prevent unexpected stack usage Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | lkdtm/stackleak: rework boundary management Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | lkdtm/stackleak: avoid spurious failure Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | stackleak: rework poison scanning Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | stackleak: rework stack high bound handling Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | stackleak: clarify variable names Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | stackleak: rework stack low bound handling Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | stackleak: remove redundant check Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | stackleak: move skip_erasing() check earlier Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Mark Rutland | arm64: stackleak: fix current_top_of_stack() Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-08 | Kees Cook | randstruct: Enable Clang support Signed-off-by: Kees Cook <keescook@chromium.org> ...org/r/20220503205503.3054173-7-keescook@chromium.org |
commit | commitdiff | tree |
2022-05-08 | Kees Cook | randstruct: Move seed generation into scripts/basic/ Signed-off-by: Kees Cook <keescook@chromium.org> ...org/r/20220503205503.3054173-6-keescook@chromium.org |
commit | commitdiff | tree |
2022-05-08 | Kees Cook | randstruct: Split randstruct Makefile and CFLAGS Signed-off-by: Kees Cook <keescook@chromium.org> ...org/r/20220503205503.3054173-5-keescook@chromium.org |
commit | commitdiff | tree |
2022-05-08 | Kees Cook | randstruct: Reorganize Kconfigs and attribute macros Signed-off-by: Kees Cook <keescook@chromium.org> ...org/r/20220503205503.3054173-4-keescook@chromium.org |
commit | commitdiff | tree |
2022-05-08 | Kees Cook | sancov: Split plugin build from plugin CFLAGS Signed-off-by: Kees Cook <keescook@chromium.org> ...org/r/20220503205503.3054173-3-keescook@chromium.org |
commit | commitdiff | tree |
2022-05-08 | Kees Cook | netfs: Eliminate Clang randstruct warning Signed-off-by: Kees Cook <keescook@chromium.org> ...org/r/20220503205503.3054173-2-keescook@chromium.org |
commit | commitdiff | tree |
2022-05-04 | Colin Ian King | selftests/seccomp: Fix spelling mistake "Coud" -> ... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-03 | Sargun Dhillon | selftests/seccomp: Add test for wait killable notifier Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-03 | Sargun Dhillon | selftests/seccomp: Refactor get_proc_stat to split... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-05-03 | Sargun Dhillon | seccomp: Add wait_killable semantic to seccomp user... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-29 | Sargun Dhillon | selftests/seccomp: Ensure that notifications come in... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-29 | Sargun Dhillon | seccomp: Use FIFO semantics to order notifications Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-29 | Yang Guang | selftests/seccomp: Add SKIP for failed unshare() Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-29 | Jann Horn | selftests/seccomp: Test PTRACE_O_SUSPEND_SECCOMP without... Co-developed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-29 | Jann Horn | selftests/seccomp: Don't call read() on TTY from background... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-27 | Kees Cook | lkdtm: cfi: Fix type width for masking PAC bits Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-22 | Eric W. Biederman | binfmt_flat: Remove shared library support Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-20 | Eric W. Biederman | binfmt_flat: Drop vestiges of coredump support Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-18 | Niklas Cassel | binfmt_flat: do not stop relocating GOT entries prematurely... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-16 | Kees Cook | lkdtm: Add CFI_BACKWARD to test ROP mitigations Signed-off-by: Kees Cook <keescook@chromium.org> ...lkml/20220416001103.1524653-1-keescook@chromium.org |
commit | commitdiff | tree |
2022-04-13 | Sami Tolvanen | cfi: Use __builtin_function_start Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-13 | Bill Wendling | security: don't treat structure as an array of struct... Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-13 | Matthew Wilcox ... | usercopy: Remove HARDENED_USERCOPY_PAGESPAN Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-13 | Matthew Wilcox ... | mm/usercopy: Detect large folio overruns Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-13 | Matthew Wilcox ... | mm/usercopy: Detect vmalloc overruns Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-13 | Matthew Wilcox ... | mm/usercopy: Check kmap addresses properly Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-12 | Kees Cook | lkdtm: Move crashtype definitions into each category Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-12 | Christophe Leroy | lkdtm/bugs: Don't expect thread termination without... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-12 | Kees Cook | lkdtm/usercopy: Expand size of "out of frame" object Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-12 | Kees Cook | lkdtm/heap: Note conditions for SLAB_LINEAR_OVERFLOW Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-12 | Jiasheng Jiang | lkdtm/bugs: Check for the NULL pointer after calling... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-04-12 | Jason A. Donenfeld | gcc-plugins: latent_entropy: use /dev/urandom Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-03-31 | Tadeusz Struk | uapi/linux/stddef.h: Add include guards Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-03-31 | Kees Cook | ARM/dma-mapping: Remove CMA code when not built with CMA Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-03-24 | Kees Cook | usercopy: Disable CONFIG_HARDENED_USERCOPY_PAGESPAN Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-03-21 | Kees Cook | lib: stackinit: Convert to KUnit Signed-off-by: Kees Cook <keescook@chromium.org> ...lkml/20220224055145.1853657-1-keescook@chromium.org |
commit | commitdiff | tree |
2022-03-21 | Kees Cook | um: Allow builds with Clang Signed-off-by: Kees Cook <keescook@chromium.org> ...lkml/20220217002843.2312603-1-keescook@chromium.org ...lkml/20220224055831.1854786-1-keescook@chromium.org |
commit | commitdiff | tree |
2022-03-18 | Rick Edgecombe | binfmt_elf: Don't write past end of notes for regset gap Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-03-15 | Jann Horn | pstore: Don't use semaphores in always-atomic-context... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-03-10 | Dan Li | arm64: Add gcc Shadow Call Stack support Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
2022-03-10 | Eric W. Biederman | a.out: Stop building a.out/osf1 support on alpha and... Signed-off-by: Kees Cook <keescook@chromium.org> |
commit | commitdiff | tree |
next |