Merge tag 'hardening-v6.5-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Pull hardening fixes from Kees Cook:

- Check for NULL bdev in LoadPin (Matthias Kaehlcke)

- Revert unwanted KUnit FORTIFY build default

- Fix 1-element array causing boot warnings with xhci-hub

* tag 'hardening-v6.5-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
usb: ch9: Replace bmSublinkSpeedAttr 1-element array with flexible array
Revert "fortify: Allow KUnit test to build without FORTIFY"
dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter

Linus Torvalds 2 years ago 8fc3b8f0 c206353d

+9 -16

4 changed files

expand all

drivers

dm-verity-loadpin.c

include

uapi

linux

usb

ch9.h

lib

Kconfig.debug

fortify_kunit.c

drivers/md/dm-verity-loadpin.c

··· 58 58 int srcu_idx; 59 59 bool trusted = false; 60 60 61 + if (bdev == NULL) 62 + return false; 63 + 61 64 if (list_empty(&dm_verity_loadpin_trusted_root_digests)) 62 65 return false; 63 66

+5 -1

include/uapi/linux/usb/ch9.h

··· 984 984 #define USB_SSP_MIN_RX_LANE_COUNT (0xf << 8) 985 985 #define USB_SSP_MIN_TX_LANE_COUNT (0xf << 12) 986 986 __le16 wReserved; 987 - __le32 bmSublinkSpeedAttr[1]; /* list of sublink speed attrib entries */ 987 + union { 988 + __le32 legacy_padding; 989 + /* list of sublink speed attrib entries */ 990 + __DECLARE_FLEX_ARRAY(__le32, bmSublinkSpeedAttr); 991 + }; 988 992 #define USB_SSP_SUBLINK_SPEED_SSID (0xf) /* sublink speed ID */ 989 993 #define USB_SSP_SUBLINK_SPEED_LSE (0x3 << 4) /* Lanespeed exponent */ 990 994 #define USB_SSP_SUBLINK_SPEED_LSE_BPS 0

+1 -1

lib/Kconfig.debug

··· 2739 2739 2740 2740 config FORTIFY_KUNIT_TEST 2741 2741 tristate "Test fortified str*() and mem*() function internals at runtime" if !KUNIT_ALL_TESTS 2742 - depends on KUNIT 2742 + depends on KUNIT && FORTIFY_SOURCE 2743 2743 default KUNIT_ALL_TESTS 2744 2744 help 2745 2745 Builds unit tests for checking internals of FORTIFY_SOURCE as used

-14

lib/fortify_kunit.c

··· 25 25 static const char *ptr_of_11 = "this is 11!"; 26 26 static char array_unknown[] = "compiler thinks I might change"; 27 27 28 - /* Handle being built without CONFIG_FORTIFY_SOURCE */ 29 - #ifndef __compiletime_strlen 30 - # define __compiletime_strlen __builtin_strlen 31 - #endif 32 - 33 28 static void known_sizes_test(struct kunit *test) 34 29 { 35 30 KUNIT_EXPECT_EQ(test, __compiletime_strlen("88888888"), 8); ··· 307 312 } while (0) 308 313 DEFINE_ALLOC_SIZE_TEST_PAIR(devm_kmalloc) 309 314 310 - static int fortify_test_init(struct kunit *test) 311 - { 312 - if (!IS_ENABLED(CONFIG_FORTIFY_SOURCE)) 313 - kunit_skip(test, "Not built with CONFIG_FORTIFY_SOURCE=y"); 314 - 315 - return 0; 316 - } 317 - 318 315 static struct kunit_case fortify_test_cases[] = { 319 316 KUNIT_CASE(known_sizes_test), 320 317 KUNIT_CASE(control_flow_split_test), ··· 323 336 324 337 static struct kunit_suite fortify_test_suite = { 325 338 .name = "fortify", 326 - .init = fortify_test_init, 327 339 .test_cases = fortify_test_cases, 328 340 }; 329 341