Commit a26321ee authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'hardening-v6.17-rc1-fix1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux 

Pull hardening fixes from Kees Cook:
 "Notably, this contains the fix for for the GCC __init mess I created
  with the kstack_erase annotations.

   - staging: media: atomisp: Fix stack buffer overflow in
     gmin_get_var_int().

     I was asked to carry this fix, so here it is. :)

   - fortify: Fix incorrect reporting of read buffer size

   - kstack_erase: Fix missed export of renamed KSTACK_ERASE_CFLAGS

   - compiler_types: Provide __no_kstack_erase to disable coverage only
     on Clang"

* tag 'hardening-v6.17-rc1-fix1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  compiler_types: Provide __no_kstack_erase to disable coverage only on Clang
  fortify: Fix incorrect reporting of read buffer size
  kstack_erase: Fix missed export of renamed KSTACK_ERASE_CFLAGS
  staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()
parents beb6c832 f627b51a

arch/x86/include/asm/init.h

+1 −1
Original line number Diff line number Diff line
@@ -5,7 +5,7 @@ 
#if defined(CONFIG_CC_IS_CLANG) && CONFIG_CLANG_VERSION < 170000

#define __head	__section(".head.text") __no_sanitize_undefined __no_stack_protector

#else

#define __head	__section(".head.text") __no_sanitize_undefined __no_sanitize_coverage

#define __head	__section(".head.text") __no_sanitize_undefined __no_kstack_erase

#endif



struct x86_mapping_info {

drivers/staging/media/atomisp/pci/atomisp_gmin_platform.c

+5 −4
Original line number Diff line number Diff line
@@ -1272,14 +1272,15 @@ static int gmin_get_config_var(struct device *maindev, 
	if (efi_rt_services_supported(EFI_RT_SUPPORTED_GET_VARIABLE))

		status = efi.get_variable(var16, &GMIN_CFG_VAR_EFI_GUID, NULL,

					  (unsigned long *)out_len, out);

	if (status == EFI_SUCCESS)

	if (status == EFI_SUCCESS) {

		dev_info(maindev, "found EFI entry for '%s'\n", var8);

	else if (is_gmin)

		return 0;

	}

	if (is_gmin)

		dev_info(maindev, "Failed to find EFI gmin variable %s\n", var8);

	else

		dev_info(maindev, "Failed to find EFI variable %s\n", var8);



	return ret;

	return -ENOENT;

}



int gmin_get_var_int(struct device *dev, bool is_gmin, const char *var, int def)

include/linux/compiler-clang.h

+3 −0
Original line number Diff line number Diff line
@@ -89,6 +89,9 @@ 
#define __no_sanitize_coverage

#endif



/* Only Clang needs to disable the coverage sanitizer for kstack_erase. */

#define __no_kstack_erase	__no_sanitize_coverage



#if __has_feature(shadow_call_stack)

# define __noscs	__attribute__((__no_sanitize__("shadow-call-stack")))

#endif

include/linux/compiler_types.h

+4 −0
Original line number Diff line number Diff line
@@ -424,6 +424,10 @@ struct ftrace_likely_data { 
# define randomized_struct_fields_end

#endif



#ifndef __no_kstack_erase

# define __no_kstack_erase

#endif



#ifndef __noscs

# define __noscs

#endif

include/linux/fortify-string.h

+1 −1
Original line number Diff line number Diff line
@@ -596,7 +596,7 @@ __FORTIFY_INLINE bool fortify_memcpy_chk(__kernel_size_t size, 
	if (p_size != SIZE_MAX && p_size < size)

		fortify_panic(func, FORTIFY_WRITE, p_size, size, true);

	else if (q_size != SIZE_MAX && q_size < size)

		fortify_panic(func, FORTIFY_READ, p_size, size, true);

		fortify_panic(func, FORTIFY_READ, q_size, size, true);



	/*

	 * Warn when writing beyond destination field size.