linux/fs/nfs
Linus Torvalds 48ea09cdda hardening updates for v6.2-rc1
- Convert flexible array members, fix -Wstringop-overflow warnings,
   and fix KCFI function type mismatches that went ignored by
   maintainers (Gustavo A. R. Silva, Nathan Chancellor, Kees Cook).
 
 - Remove the remaining side-effect users of ksize() by converting
   dma-buf, btrfs, and coredump to using kmalloc_size_roundup(),
   add more __alloc_size attributes, and introduce full testing
   of all allocator functions. Finally remove the ksize() side-effect
   so that each allocation-aware checker can finally behave without
   exceptions.
 
 - Introduce oops_limit (default 10,000) and warn_limit (default off)
   to provide greater granularity of control for panic_on_oops and
   panic_on_warn (Jann Horn, Kees Cook).
 
 - Introduce overflows_type() and castable_to_type() helpers for
   cleaner overflow checking.
 
 - Improve code generation for strscpy() and update str*() kern-doc.
 
 - Convert strscpy and sigphash tests to KUnit, and expand memcpy
   tests.
 
 - Always use a non-NULL argument for prepare_kernel_cred().
 
 - Disable structleak plugin in FORTIFY KUnit test (Anders Roxell).
 
 - Adjust orphan linker section checking to respect CONFIG_WERROR
   (Xin Li).
 
 - Make sure siginfo is cleared for forced SIGKILL (haifeng.xu).
 
 - Fix um vs FORTIFY warnings for always-NULL arguments.
 -----BEGIN PGP SIGNATURE-----
 
 iQJKBAABCgA0FiEEpcP2jyKd1g9yPm4TiXL039xtwCYFAmOZSOoWHGtlZXNjb29r
 QGNocm9taXVtLm9yZwAKCRCJcvTf3G3AJjAAD/0YkvpU7f03f8hcQMJK6wv//24K
 AW41hEaBikq9RcmkuvkLLrJRibGgZ5O2xUkUkxRs/HxhkhrZ0kEw8sbwZe8MoWls
 F4Y9+TDjsrdHmjhfcBZdLnVxwcKK5wlaEcpjZXtbsfcdhx3TbgcDA23YELl5t0K+
 I11j4kYmf9SLl4CwIrSP5iACml8CBHARDh8oIMF7FT/LrjNbM8XkvBcVVT6hTbOV
 yjgA8WP2e9GXvj9GzKgqvd0uE/kwPkVAeXLNFWopPi4FQ8AWjlxbBZR0gamA6/EB
 d7TIs0ifpVU2JGQaTav4xO6SsFMj3ntoUI0qIrFaTxZAvV4KYGrPT/Kwz1O4SFaG
 rN5lcxseQbPQSBTFNG4zFjpywTkVCgD2tZqDwz5Rrmiraz0RyIokCN+i4CD9S0Ds
 oEd8JSyLBk1sRALczkuEKo0an5AyC9YWRcBXuRdIHpLo08PsbeUUSe//4pe303cw
 0ApQxYOXnrIk26MLElTzSMImlSvlzW6/5XXzL9ME16leSHOIfDeerPnc9FU9Eb3z
 ODv22z6tJZ9H/apSUIHZbMciMbbVTZ8zgpkfydr08o87b342N/ncYHZ5cSvQ6DWb
 jS5YOIuvl46/IhMPT16qWC8p0bP5YhxoPv5l6Xr0zq0ooEj0E7keiD/SzoLvW+Qs
 AHXcibguPRQBPAdiPQ==
 =yaaN
 -----END PGP SIGNATURE-----

Merge tag 'hardening-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull kernel hardening updates from Kees Cook:

 - Convert flexible array members, fix -Wstringop-overflow warnings, and
   fix KCFI function type mismatches that went ignored by maintainers
   (Gustavo A. R. Silva, Nathan Chancellor, Kees Cook)

 - Remove the remaining side-effect users of ksize() by converting
   dma-buf, btrfs, and coredump to using kmalloc_size_roundup(), add
   more __alloc_size attributes, and introduce full testing of all
   allocator functions. Finally remove the ksize() side-effect so that
   each allocation-aware checker can finally behave without exceptions

 - Introduce oops_limit (default 10,000) and warn_limit (default off) to
   provide greater granularity of control for panic_on_oops and
   panic_on_warn (Jann Horn, Kees Cook)

 - Introduce overflows_type() and castable_to_type() helpers for cleaner
   overflow checking

 - Improve code generation for strscpy() and update str*() kern-doc

 - Convert strscpy and sigphash tests to KUnit, and expand memcpy tests

 - Always use a non-NULL argument for prepare_kernel_cred()

 - Disable structleak plugin in FORTIFY KUnit test (Anders Roxell)

 - Adjust orphan linker section checking to respect CONFIG_WERROR (Xin
   Li)

 - Make sure siginfo is cleared for forced SIGKILL (haifeng.xu)

 - Fix um vs FORTIFY warnings for always-NULL arguments

* tag 'hardening-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: (31 commits)
  ksmbd: replace one-element arrays with flexible-array members
  hpet: Replace one-element array with flexible-array member
  um: virt-pci: Avoid GCC non-NULL warning
  signal: Initialize the info in ksignal
  lib: fortify_kunit: build without structleak plugin
  panic: Expose "warn_count" to sysfs
  panic: Introduce warn_limit
  panic: Consolidate open-coded panic_on_warn checks
  exit: Allow oops_limit to be disabled
  exit: Expose "oops_count" to sysfs
  exit: Put an upper limit on how often we can oops
  panic: Separate sysctl logic from CONFIG_SMP
  mm/pgtable: Fix multiple -Wstringop-overflow warnings
  mm: Make ksize() a reporting-only function
  kunit/fortify: Validate __alloc_size attribute results
  drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()
  drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid()
  driver core: Add __alloc_size hint to devm allocators
  overflow: Introduce overflows_type() and castable_to_type()
  coredump: Proactively round up to kmalloc bucket size
  ...
2022-12-14 12:20:00 -08:00
..
blocklayout NFS client updates for Linux 5.20 2022-08-10 14:04:32 -07:00
filelayout pNFS/files: Handle RDMA connection errors correctly 2022-07-10 19:00:53 -04:00
flexfilelayout cred: Do not default to init_cred in prepare_kernel_cred() 2022-11-01 10:04:52 -07:00
cache_lib.c
cache_lib.h
callback_proc.c pNFS: Avoid a live lock condition in pnfs_update_layout() 2022-06-06 11:53:55 -04:00
callback_xdr.c SUNRPC: Parametrize how much of argsize should be zeroed 2022-09-26 14:02:42 -04:00
callback.c
callback.h
client.c NFS: Avoid memcpy() run-time warning for struct sockaddr overflows 2022-10-27 15:52:10 -04:00
delegation.c nfs: use locks_inode_context helper 2022-11-30 05:08:10 -05:00
delegation.h
dir.c NFS: Trigger the "ls -l" readdir heuristic sooner 2022-11-27 22:09:59 -05:00
direct.c NFS client updates for Linux 5.20 2022-08-10 14:04:32 -07:00
dns_resolve.c NFS: Avoid memcpy() run-time warning for struct sockaddr overflows 2022-10-27 15:52:10 -04:00
dns_resolve.h NFS: Avoid memcpy() run-time warning for struct sockaddr overflows 2022-10-27 15:52:10 -04:00
export.c
file.c NFS Client Updates for Linux 6.1 2022-10-13 09:58:42 -07:00
fs_context.c nfs: fix possible null-ptr-deref when parsing param 2022-12-06 10:43:24 -05:00
fscache.c use less confusing names for iov_iter direction initializers 2022-11-25 13:01:55 -05:00
fscache.h nfs: Convert to release_folio 2022-05-09 23:12:33 -04:00
getroot.c
inode.c NFS: make sure open context mode have FMODE_EXEC when file open for exec 2022-12-06 10:38:38 -05:00
internal.h NFS: Allow very small rsize & wsize again 2022-12-06 12:30:58 -05:00
io.c
iostat.h
Kconfig NFSv4.2: Change the default KConfig value for READ_PLUS 2022-12-10 13:24:59 -05:00
Makefile
mount_clnt.c NFS: Avoid memcpy() run-time warning for struct sockaddr overflows 2022-10-27 15:52:10 -04:00
namespace.c NFS: use sysfs_emit() to instead of scnprintf() 2022-12-06 12:32:37 -05:00
netns.h
nfs2super.c
nfs2xdr.c
nfs3_fs.h fs: pass dentry to set acl method 2022-10-19 12:55:42 +02:00
nfs3acl.c fs: rename current get acl method 2022-10-20 10:13:27 +02:00
nfs3client.c NFS: Avoid memcpy() run-time warning for struct sockaddr overflows 2022-10-27 15:52:10 -04:00
nfs3proc.c fs: rename current get acl method 2022-10-20 10:13:27 +02:00
nfs3super.c
nfs3xdr.c
nfs4_fs.h NFS: avoid spurious warning of lost lock that is being unlocked. 2022-12-06 10:45:11 -05:00
nfs4client.c nfs4: Fix kmemleak when allocate slot failed 2022-10-27 15:52:11 -04:00
nfs4file.c NFS: make sure open context mode have FMODE_EXEC when file open for exec 2022-12-06 10:38:38 -05:00
nfs4getroot.c
nfs4idmap.c cred: Do not default to init_cred in prepare_kernel_cred() 2022-11-01 10:04:52 -07:00
nfs4idmap.h
nfs4namespace.c NFS: Avoid memcpy() run-time warning for struct sockaddr overflows 2022-10-27 15:52:10 -04:00
nfs4proc.c NFS: avoid spurious warning of lost lock that is being unlocked. 2022-12-06 10:45:11 -05:00
nfs4renewd.c
nfs4session.c
nfs4session.h
nfs4state.c NFS client updates for Linux 6.2 2022-12-13 08:44:41 -08:00
nfs4super.c
nfs4sysctl.c
nfs4trace.c
nfs4trace.h NFS client updates for Linux 6.2 2022-12-13 08:44:41 -08:00
nfs4xdr.c NFSv4.2: Fix a memory stomp in decode_attr_security_label 2022-11-27 22:09:59 -05:00
nfs42.h
nfs42proc.c NFSv4.2: Fixup CLONE dest file size for zero-length count 2022-10-27 15:52:10 -04:00
nfs42xattr.c nfs: remove unnecessary (void*) conversions. 2022-10-03 11:26:36 -04:00
nfs42xdr.c NFSv4.2: Fix up READ_PLUS alignment 2022-12-06 12:29:35 -05:00
nfs.h
nfsroot.c NFS: move from strlcpy with unused retval to strscpy 2022-10-03 11:26:36 -04:00
nfstrace.c
nfstrace.h trace: Relocate event helper files 2022-12-10 11:01:12 -05:00
pagelist.c nfs: use locks_inode_context helper 2022-11-30 05:08:10 -05:00
pnfs_dev.c
pnfs_nfs.c NFS: Avoid memcpy() run-time warning for struct sockaddr overflows 2022-10-27 15:52:10 -04:00
pnfs.c NFS Client Updates for Linux 6.1 2022-10-13 09:58:42 -07:00
pnfs.h NFSv4/flexfiles: Cancel I/O if the layout is recalled or revoked 2022-10-06 09:52:09 -04:00
proc.c
read.c nfs: Leave pages in the pagecache if readpage failed 2022-06-29 08:51:07 -04:00
super.c NFS: Avoid memcpy() run-time warning for struct sockaddr overflows 2022-10-27 15:52:10 -04:00
symlink.c fs: Change the type of filler_t 2022-05-09 16:36:48 -04:00
sysctl.c
sysfs.c fs: nfs: sysfs: use sysfs_emit() to instead of scnprintf() 2022-12-06 12:32:37 -05:00
sysfs.h
unlink.c NFS: Fix a race in nfs_call_unlink() 2022-11-27 22:10:00 -05:00
write.c nfs: use locks_inode_context helper 2022-11-30 05:08:10 -05:00