bybrooklyn/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-04-27 11:02:31 -04:00
Code Issues Packages Projects Releases Wiki Activity
1,382,832 Commits 1 Branch 928 Tags
8d4bb46ba7671899a506c555ab71df65ba2e4a60
Commit Graph

22 Commits

Author SHA1 Message Date
Linus Torvalds
8e736a2eea Merge tag 'hardening-v6.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux 
Pull hardening updates from Kees Cook:

 - Introduce and start using TRAILING_OVERLAP() helper for fixing
   embedded flex array instances (Gustavo A. R. Silva)

 - mux: Convert mux_control_ops to a flex array member in mux_chip
   (Thorsten Blum)

 - string: Group str_has_prefix() and strstarts() (Andy Shevchenko)

 - Remove KCOV instrumentation from __init and __head (Ritesh Harjani,
   Kees Cook)

 - Refactor and rename stackleak feature to support Clang

 - Add KUnit test for seq_buf API

 - Fix KUnit fortify test under LTO

* tag 'hardening-v6.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: (22 commits)
  sched/task_stack: Add missing const qualifier to end_of_stack()
  kstack_erase: Support Clang stack depth tracking
  kstack_erase: Add -mgeneral-regs-only to silence Clang warnings
  init.h: Disable sanitizer coverage for __init and __head
  kstack_erase: Disable kstack_erase for all of arm compressed boot code
  x86: Handle KCOV __init vs inline mismatches
  arm64: Handle KCOV __init vs inline mismatches
  s390: Handle KCOV __init vs inline mismatches
  arm: Handle KCOV __init vs inline mismatches
  mips: Handle KCOV __init vs inline mismatch
  powerpc/mm/book3s64: Move kfence and debug_pagealloc related calls to __init section
  configs/hardening: Enable CONFIG_INIT_ON_FREE_DEFAULT_ON
  configs/hardening: Enable CONFIG_KSTACK_ERASE
  stackleak: Split KSTACK_ERASE_CFLAGS from GCC_PLUGINS_CFLAGS
  stackleak: Rename stackleak_track_stack to __sanitizer_cov_stack_depth
  stackleak: Rename STACKLEAK to KSTACK_ERASE
  seq_buf: Introduce KUnit tests
  string: Group str_has_prefix() and strstarts()
  kunit/fortify: Add back "volatile" for sizeof() constants
  acpi: nfit: intel: avoid multiple -Wflex-array-member-not-at-end warnings
  ...
 2025-07-28 17:16:12 -07:00
Kees Cook
57fbad15c2 stackleak: Rename STACKLEAK to KSTACK_ERASE 
In preparation for adding Clang sanitizer coverage stack depth tracking
that can support stack depth callbacks:

- Add the new top-level CONFIG_KSTACK_ERASE option which will be
  implemented either with the stackleak GCC plugin, or with the Clang
  stack depth callback support.
- Rename CONFIG_GCC_PLUGIN_STACKLEAK as needed to CONFIG_KSTACK_ERASE,
  but keep it for anything specific to the GCC plugin itself.
- Rename all exposed "STACKLEAK" names and files to "KSTACK_ERASE" (named
  for what it does rather than what it protects against), but leave as
  many of the internals alone as possible to avoid even more churn.

While here, also split "prev_lowest_stack" into CONFIG_KSTACK_ERASE_METRICS,
since that's the only place it is referenced from.

Suggested-by: Ingo Molnar <mingo@kernel.org>
Link: https://lore.kernel.org/r/20250717232519.2984886-1-kees@kernel.org
Signed-off-by: Kees Cook <kees@kernel.org>
 2025-07-21 21:35:01 -07:00
Christian Brauner
70e3ee3128 coredump: rename do_coredump() to vfs_coredump() 
Align the naming with the rest of our helpers exposed
outside of core vfs.

Link: https://lore.kernel.org/20250612-work-coredump-massage-v1-9-315c0c34ba94@kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
 2025-06-16 17:01:22 +02:00
Yuxian Mao
8d57fd6f09 docs/zh_CN: Add snp-tdx-threat-model index Chinese translation 
Translate .../security/snp-tdx-threat-model.rst into Chinese.

Update the translation through commit "cdae7e8a69c3"
("docs/MAINTAINERS: Update my email address")

Fixed pdfdocs warning by Alex Shi.

Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Yuxian Mao <maoyuxian@cqsoftware.com.cn>
Signed-off-by: Alex Shi <alexs@kernel.org>
Link: https://lore.kernel.org/r/20250304071401.117780-1-maoyuxian@cqsoftware.com.cn
 2025-03-19 10:28:17 +08:00
zhangwei
2b087edf58 docs/zh_CN: Add secrets index Chinese translation 
Translate .../security/secrets/index.rst into Chinese

Update the translation through commit 7419995a33
("docs: security: Add secrets/coco documentation")

Signed-off-by: zhangwei <zhangwei@cqsoftware.com.cn>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/57978b69f643c1aacf78804affde4c819960fd3c.1738923258.git.zhangwei@cqsoftware.com.cn
 2025-02-10 11:14:50 -07:00
zhangwei
f460cd3080 docs/zh_CN: Add keys index Chinese translation 
Translate .../security/keys/index.rst into Chinese

Update the translation through commit 5395d312df
("doc: ReSTify keys-trusted-encrypted.txt")

Signed-off-by: zhangwei <zhangwei@cqsoftware.com.cn>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/6e55a93d889871a872a3449cb186c28fb38fd3df.1738923258.git.zhangwei@cqsoftware.com.cn
 2025-02-10 11:14:50 -07:00
zhangwei
24b3304448 docs/zh_CN: Add self-protection index Chinese translation 
Translate .../security/self-protection.rst into Chinese.

Update the translation through commit b080e52110
("docs: update self-protection __ro_after_init status")

Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Reviewed-by: Yuxian Mao <maoyuxian@cqsoftware.com.cn>
Signed-off-by: zhangwei <zhangwei@cqsoftware.com.cn>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/dd8c6da2e145aadac202e979bea0ff6b56431e0b.1738923258.git.zhangwei@cqsoftware.com.cn
 2025-02-10 11:14:50 -07:00
Shuo Zhao
f5c7cc77ac docs/zh_CN: Add security credentials Chinese translation 
Translate .../security/credentials.rst into Chinese.

Update the translation through commit cf92ec602a
("Documentation: remove current_security() reference")

Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Reviewed-by: Alex Shi <alexs@kernel.org>
Signed-off-by: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/20250114022843.22489-1-zhaoshuo@cqsoftware.com.cn
 2025-02-04 10:01:00 -07:00
Shuo Zhao
03069bf128 docs/zh_CN: Add tpm tpm_ftpm_tee Chinese translation 
Translate .../security/tpm/tpm_ftpm_tee.rst into Chinese.

Update the translation through commit e8bd417aab
("tpm/tpm_ftpm_tee: Document fTPM TEE driver")

Reviewed-by: Alex Shi <alexs@kernel.org>
Signed-off-by: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/5de6312d2b9d23646eb306e74bae3f80ff28941d.1737603330.git.zhaoshuo@cqsoftware.com.cn
 2025-02-04 09:51:16 -07:00
Shuo Zhao
22ab45a821 docs/zh_CN: Add tpm xen-tpmfront Chinese translation 
Translate .../security/tpm/xen-tpmfront.rst into Chinese.

Update the translation through commit 9e255e2b9a
("Documentation: drop optional BOMs")

Reviewed-by: Alex Shi <alexs@kernel.org>
Signed-off-by: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/570a7a7c6f55996c02dd2e474a4e8cbfa8f9ccc3.1737603330.git.zhaoshuo@cqsoftware.com.cn
 2025-02-04 09:51:16 -07:00
Shuo Zhao
f7824b6917 docs/zh_CN: Add tpm tpm_vtpm_proxy Chinese translation 
Translate .../security/tpm/tpm_vtpm_proxy.rst into Chinese.

Update the translation through commit 799a545bb9
("tpm: move documentation under Documentation/security")

Signed-off-by: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/f9798eaec76b27cc02fa47970bf623879377d422.1737603330.git.zhaoshuo@cqsoftware.com.cn
 2025-02-04 09:51:16 -07:00
Shuo Zhao
98526e6969 docs/zh_CN: Add tpm tpm_tis Chinese translation 
Translate .../security/tpm/tpm_tis.rst into Chinese.

Update the translation through commit 8a55256a84
("Documentation: tpm_tis")

Reviewed-by: Alex Shi <alexs@kernel.org>
Signed-off-by: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/ac55092bc3f1b3ec51f3e2dd596616ade1a32076.1737603330.git.zhaoshuo@cqsoftware.com.cn
 2025-02-04 09:51:16 -07:00
Shuo Zhao
ece0788d58 docs/zh_CN: Add tpm tpm-security Chinese translation 
Translate .../security/tpm/tpm-security.rst into Chinese

Update the translation through commit 3d2daf9d59
("Documentation: add tpm-security.rst")

Signed-off-by: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/a7d98aaf8bc1393fb38095a0d2a3bc3e43c1c543.1737603330.git.zhaoshuo@cqsoftware.com.cn
 2025-02-04 09:51:16 -07:00
Shuo Zhao
4ad1ba0358 docs/zh_CN: Add tpm tpm_event_log Chinese translation 
Translate .../security/tpm/tpm_event_log.rst into Chinese.

Update the translation through commit 2ef5a7f148
("tpm: Document UEFI event log quirks")

Reviewed-by: Alex Shi <alexs@kernel.org>
Signed-off-by: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/32c35c0504f262668996080b44dfe059a5266256.1737603330.git.zhaoshuo@cqsoftware.com.cn
 2025-02-04 09:51:16 -07:00
Shuo Zhao
512ca748e8 docs/zh_CN: Add tpm index Chinese translation 
Translate .../security/tpm/index.rst into Chinese

Update the translation through commit 1d479e3cd6
("Documentation: tpm: Add TPM security docs toctree entry")

Reviewed-by: Alex Shi <alexs@kernel.org>
Signed-off-by: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/900d91e8a2c7c35259005de5cff99e7bb4e7adf6.1737603330.git.zhaoshuo@cqsoftware.com.cn
 2025-02-04 09:51:16 -07:00
zhangwei
a2f80991e5 docs/zh_CN: Add sak index Chinese translation 
Translate lwn/Documentation/security/sak.rst into Chinese

Update the translation through commit 4d3beaa06d
("docs: security: move some books to it and update")

Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Reviewed-by: Alex Shi <alexs@kernel.org>
Signed-off-by: zhangwei <zhangwei@cqsoftware.com.cn>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/20250110100405.2225-1-zhangwei@cqsoftware.com.cn
 2025-01-13 10:41:03 -07:00
Yuxian Mao
24ed44aa06 docs/zh_CN: Add landlock index Chinese translation 
Translate lwn/Documentation/security/landlock.rst into Chinese.

Update the translation through commit dad2f20715
("landlock: Fix grammar issues in documentation")

Signed-off-by: Yuxian Mao <maoyuxian@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/20250102104406.17600-1-maoyuxian@cqsoftware.com.cn
 2025-01-09 12:31:33 -07:00
zhangwei
908c1257e5 docs/zh_CN: Add siphash index Chinese translation 
Translate lwn/Documentation/security/siphash.rst into Chinese

Update the translation through commit 12fe434314
("Documentation: siphash: Fix typo in the name of offsetofend macro")

Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: zhangwei <zhangwei@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <siyanteng@linux.dev>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/0af3d9b8be0e5166f74bd36fd6b040767f767fce.1736315479.git.zhangwei@cqsoftware.com.cn
 2025-01-09 11:43:23 -07:00
Shuo Zhao
ef3d720f86 docs/zh_CN: Add security IMA-templates Chinese translation 
Translate .../security/IMA-templates.rst into Chinese.

Update the translation through commit 398c42e2c4
("ima: support fs-verity file digest based version 3 signatures").

Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/20250108075740.19342-1-zhaoshuo@cqsoftware.com.cn
 2025-01-09 11:34:09 -07:00
Shuo Zhao
d996d56d12 docs/zh_CN: Add security digsig Chinese translation 
Translate .../security/digsig.rst into Chinese.

Update the translation through commit d56b699d76
("Documentation: Fix typos")

Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Shuo Zhao <zhaoshuo@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <siyanteng@linux.dev>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/20250108080136.19398-1-zhaoshuo@cqsoftware.com.cn
 2025-01-09 11:31:10 -07:00
Yuehui Zhao
7cc8cd8c54 docs/zh_CN: Add security lsm Chinese translation 
Translate .../security/lsm.rst into Chinese.

Update the translation through commit 6d2ed65318 ("lsm: move hook
 comments docs to security/security.c")

Signed-off-by: Yuehui Zhao <zhaoyuehui@cqsoftware.com.cn>
Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/d7582527ff42abf20b56ca6b145bfb91873c9ded.1734575890.git.zhaoyuehui@cqsoftware.com.cn
 2024-12-30 11:23:12 -07:00
Yuehui Zhao
8c2388d9cf docs/zh_CN: Add security index Chinese translation 
Translate .../security/index.rst into Chinese.

Reviewed-by: Yanteng Si <si.yanteng@linux.dev>
Signed-off-by: Yuehui Zhao <zhaoyuehui@cqsoftware.com.cn>
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Link: https://lore.kernel.org/r/89ad67b4b4e12a52581cfa0f87f194e1aee3e526.1734575890.git.zhaoyuehui@cqsoftware.com.cn
 2024-12-30 11:23:12 -07:00