Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v5.8.2 2020-08-19T06:26:29+00:00 2020-08-19T06:26:29+00:00 Kees Cook keescook@chromium.org 2020-06-25T20:37:04+00:00 urn:sha1:33333c08d28a2ae7a988ddd88f2b545a3b7c4d1d [ Upstream commit ae56942c14740c2963222efdc36c667ab19555ef ] I'd like arch-specific tests to XFAIL when on a mismatched architecture so that we can more easily compare test coverage across all systems. Lacking kernel configs or CPU features count as a FAIL, not an XFAIL. Additionally fixes a build failure under 32-bit UML. Fixes: b09511c253e5 ("lkdtm: Add a DOUBLE_FAULT crash type on x86") Fixes: cea23efb4de2 ("lkdtm/bugs: Make double-fault test always available") Fixes: 6cb6982f42cb ("lkdtm: arm64: test kernel pointer authentication") Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20200625203704.317097-5-keescook@chromium.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> 2020-08-19T06:26:29+00:00 Kees Cook keescook@chromium.org 2020-06-25T20:37:01+00:00 urn:sha1:5397915bf77b63222899dc55e7e76a2c63678a4b [ Upstream commit 464e86b4abadfc490f426954b431e2ec6a9d7bd2 ] It seems at least Clang is able to throw away writes it knows are destined for read-only memory, which makes things like the WRITE_RO test fail, as the write gets elided. Instead, force the variable to be volatile, and make similar changes through-out other tests in an effort to avoid needing to repeat fixing these kinds of problems. Also includes pr_err() calls in failure paths so that kernel logs are more clear in the failure case. Reported-by: Prasad Sodagudi <psodagud@codeaurora.org> Suggested-by: Sami Tolvanen <samitolvanen@google.com> Fixes: 9ae113ce5faf ("lkdtm: add tests for additional page permissions") Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20200625203704.317097-2-keescook@chromium.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> 2020-08-11T13:48:09+00:00 Kees Cook keescook@chromium.org 2020-06-25T20:37:02+00:00 urn:sha1:b8eb3d95c2d4c2c2889b674c47c0e5493884558e commit e12145cf1c3a8077e6d9f575711e38dd7d8a3ebc upstream. Har har, after I moved the slab freelist pointer into the middle of the slab, now it looks like the contents are getting poisoned. Adjust the test to avoid the freelist pointer again. Fixes: 3202fa62fb43 ("slub: relocate freelist pointer to middle of object") Cc: stable@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20200625203704.317097-3-keescook@chromium.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2020-04-23T14:30:09+00:00 Gustavo A. R. Silva gustavo@embeddedor.com 2020-04-01T18:28:55+00:00 urn:sha1:c56851576b1809f6523e48c1e5da6e3becfd57cb Fix spelling mistake s/Intentially/Intentionally Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Acked-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20200401182855.GA16253@embeddedor Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2020-04-07T17:43:44+00:00 Kees Cook keescook@chromium.org 2020-04-07T03:12:34+00:00 urn:sha1:ae2e1aad3e48e495878d9f149e437a308bfdaefa Adds LKDTM tests for arithmetic overflow (both signed and unsigned), as well as array bounds checking. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: Dmitry Vyukov <dvyukov@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Konovalov <andreyknvl@google.com> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Dan Carpenter <dan.carpenter@oracle.com> Cc: Elena Petrova <lenaptr@google.com> Cc: "Gustavo A. R. Silva" <gustavo@embeddedor.com> Link: http://lkml.kernel.org/r/20200227193516.32566-4-keescook@chromium.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2020-04-03T20:22:40+00:00 Linus Torvalds torvalds@linux-foundation.org 2020-04-03T20:22:40+00:00 urn:sha1:0ad5b053d438990fabaa324499abb6131b9d2202 Pull char/misc driver updates from Greg KH: "Here is the big set of char/misc/other driver patches for 5.7-rc1. Lots of things in here, and it's later than expected due to some reverts to resolve some reported issues. All is now clean with no reported problems in linux-next. Included in here is: - interconnect updates - mei driver updates - uio updates - nvmem driver updates - soundwire updates - binderfs updates - coresight updates - habanalabs updates - mhi new bus type and core - extcon driver updates - some Kconfig cleanups - other small misc driver cleanups and updates As mentioned, all have been in linux-next for a while, and with the last two reverts, all is calm and good" * tag 'char-misc-5.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (174 commits) Revert "driver core: platform: Initialize dma_parms for platform devices" Revert "amba: Initialize dma_parms for amba devices" amba: Initialize dma_parms for amba devices driver core: platform: Initialize dma_parms for platform devices bus: mhi: core: Drop the references to mhi_dev in mhi_destroy_device() bus: mhi: core: Initialize bhie field in mhi_cntrl for RDDM capture bus: mhi: core: Add support for reading MHI info from device misc: rtsx: set correct pcr_ops for rts522A speakup: misc: Use dynamic minor numbers for speakup devices mei: me: add cedar fork device ids coresight: do not use the BIT() macro in the UAPI header Documentation: provide IBM contacts for embargoed hardware nvmem: core: remove nvmem_sysfs_get_groups() nvmem: core: use is_bin_visible for permissions nvmem: core: use device_register and device_unregister nvmem: core: add root_only member to nvmem device struct extcon: axp288: Add wakeup support extcon: Mark extcon_get_edev_name() function as exported symbol extcon: palmas: Hide error messages if gpio returns -EPROBE_DEFER dt-bindings: extcon: usbc-cros-ec: convert extcon-usbc-cros-ec.txt to yaml format ... 2020-03-18T09:50:21+00:00 Amit Daniel Kachhap amit.kachhap@arm.com 2020-03-13T09:05:04+00:00 urn:sha1:6cb6982f42cbfaf5e50af1069451a8828231ffb9 This test is specific for arm64. When in-kernel Pointer Authentication config is enabled, the return address stored in the stack is signed. This feature helps in ROP kind of attack. If any parameters used to generate the pac (<key, sp, lr>) is modified then this will fail in the authentication stage and will lead to abort. This test changes the input parameter APIA kernel keys to cause abort. The pac computed from the new key can be same as last due to hash collision so this is retried for few times as there is no reliable way to compare the pacs. Even though this test may fail even after retries but this may cause authentication failure at a later stage in earlier function returns. This test can be invoked as, echo CORRUPT_PAC > /sys/kernel/debug/provoke-crash/DIRECT or as below if inserted as a module, insmod lkdtm.ko cpoint_name=DIRECT cpoint_type=CORRUPT_PAC cpoint_count=1 [ 13.118166] lkdtm: Performing direct entry CORRUPT_PAC [ 13.118298] lkdtm: Clearing PAC from the return address [ 13.118466] Unable to handle kernel paging request at virtual address bfff8000108648ec [ 13.118626] Mem abort info: [ 13.118666] ESR = 0x86000004 [ 13.118866] EC = 0x21: IABT (current EL), IL = 32 bits [ 13.118966] SET = 0, FnV = 0 [ 13.119117] EA = 0, S1PTW = 0 Signed-off-by: Amit Daniel Kachhap <amit.kachhap@arm.com> Acked-by: Catalin Marinas <catalin.marinas@arm.com> Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> 2020-02-10T21:43:38+00:00 Alexander Popov alex.popov@linux.com 2020-01-02T23:49:07+00:00 urn:sha1:01c0514ec8226386ce8367dcd8814f86224caaeb Make the stack erasing test more verbose about the errors that it can detect. Signed-off-by: Alexander Popov <alex.popov@linux.com> Cc: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20200102234907.585508-1-alex.popov@linux.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2020-01-14T14:41:04+00:00 Brendan Higgins brendanhiggins@google.com 2019-12-13T00:35:22+00:00 urn:sha1:0e31e3573f0cd94d7b821117db854187ffc85765 When building ARCH=um with CONFIG_UML_X86=y and CONFIG_64BIT=y we get the build errors: drivers/misc/lkdtm/bugs.c: In function ‘lkdtm_UNSET_SMEP’: drivers/misc/lkdtm/bugs.c:288:8: error: implicit declaration of function ‘native_read_cr4’ [-Werror=implicit-function-declaration] cr4 = native_read_cr4(); ^~~~~~~~~~~~~~~ drivers/misc/lkdtm/bugs.c:290:13: error: ‘X86_CR4_SMEP’ undeclared (first use in this function); did you mean ‘X86_FEATURE_SMEP’? if ((cr4 & X86_CR4_SMEP) != X86_CR4_SMEP) { ^~~~~~~~~~~~ X86_FEATURE_SMEP drivers/misc/lkdtm/bugs.c:290:13: note: each undeclared identifier is reported only once for each function it appears in drivers/misc/lkdtm/bugs.c:297:2: error: implicit declaration of function ‘native_write_cr4’; did you mean ‘direct_write_cr4’? [-Werror=implicit-function-declaration] native_write_cr4(cr4); ^~~~~~~~~~~~~~~~ direct_write_cr4 So specify that this block of code should only build when CONFIG_X86_64=y *AND* CONFIG_UML is unset. Signed-off-by: Brendan Higgins <brendanhiggins@google.com> Acked-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20191213003522.66450-1-brendanhiggins@google.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2020-01-14T14:38:28+00:00 Kees Cook keescook@chromium.org 2020-01-02T20:29:17+00:00 urn:sha1:cea23efb4de2d31e72a576026b213e15d6792976 Adjust the DOUBLE_FAULT test to always be available (so test harnesses don't have to make exceptions more missing tests), and for the arch-specific tests to "XFAIL" so that test harnesses can reason about expected vs unexpected failures. Fixes: b09511c253e5 ("lkdtm: Add a DOUBLE_FAULT crash type on x86") Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/202001021226.751D3F869D@keescook Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>