1. 19 May, 2022 11 commits
    • Schspa Shi's avatar
      binder: fix atomic sleep when get extended error · aed86f8a
      Schspa Shi authored
      binder_inner_proc_lock(thread->proc) is a spin lock, copy_to_user can't
      be called with in this lock.
      
      Copy it as a local variable to fix it.
      
      Fixes: bd32889e ("binder: add BINDER_GET_EXTENDED_ERROR ioctl")
      Reported-by: syzbot+46fff6434a7f968ecb39@syzkaller.appspotmail.com
      Reviewed-by: default avatarCarlos Llamas <cmllamas@google.com>
      Signed-off-by: default avatarSchspa Shi <schspa@gmail.com>
      Link: https://lore.kernel.org/r/20220518011754.49348-1-schspa@gmail.comSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      aed86f8a
    • Carlos Llamas's avatar
      binder: fix potential UAF of target_{proc,thread} · dafa5e9a
      Carlos Llamas authored
      Commit 9474be34 ("binder: add failed transaction logging info")
      dereferences target_{proc,thread} after they have been potentially
      freed by binder_proc_dec_tmpref() and binder_thread_dec_tmpref().
      
      This patch delays the release of the two references after their last
      usage. Fixes the following two errors reported by smatch:
      
        drivers/android/binder.c:3562 binder_transaction() error: dereferencing freed memory 'target_proc'
        drivers/android/binder.c:3563 binder_transaction() error: dereferencing freed memory 'target_thread'
      
      Fixes: 9474be34 ("binder: add failed transaction logging info")
      Reported-by: default avatarDan Carpenter <dan.carpenter@oracle.com>
      Acked-by: default avatarTodd Kjos <tkjos@google.com>
      Signed-off-by: default avatarCarlos Llamas <cmllamas@google.com>
      Link: https://lore.kernel.org/r/20220517185817.598872-1-cmllamas@google.comSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      dafa5e9a
    • Carlos Llamas's avatar
      binder: fix printk format for commands · da486496
      Carlos Llamas authored
      Make sure we use unsigned format specifier %u for binder commands as
      most of them are encoded above INT_MAX. This prevents negative values
      when logging them as in the following case:
      
      [  211.895781] binder: 8668:8668 BR_REPLY 258949 0:0, cmd -2143260157 size 0-0 ptr 0000006e766a8000-0000006e766a8000
      Acked-by: default avatarTodd Kjos <tkjos@google.com>
      Acked-by: default avatarChristian Brauner (Microsoft) <brauner@kernel.org>
      Signed-off-by: default avatarCarlos Llamas <cmllamas@google.com>
      Link: https://lore.kernel.org/r/20220509231901.3852573-1-cmllamas@google.comSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      da486496
    • Greg Kroah-Hartman's avatar
      Merge tag 'lkdtm-next' of... · dc6a7eff
      Greg Kroah-Hartman authored
      Merge tag 'lkdtm-next' of https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux into char-misc-next
      
      Kees writes:
      
      lkdtm updates for -next
      
      - Test for new usercopy memory regions
      - avoid GCC 12 warnings
      - update expected CONFIGs for selftests
      
      * tag 'lkdtm-next' of https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
        lkdtm/heap: Hide allocation size from -Warray-bounds
        selftests/lkdtm: Add configs for stackleak and "after free" tests
        lkdtm/usercopy: Check vmalloc and >0-order folios
        lkdtm/usercopy: Rename "heap" to "slab"
        lkdtm: cfi: Fix type width for masking PAC bits
      dc6a7eff
    • Greg Kroah-Hartman's avatar
      Merge tag 'fpga-for-5.19-rc1' of... · bab6ffa2
      Greg Kroah-Hartman authored
      Merge tag 'fpga-for-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/fpga/linux-fpga into char-misc-next
      
      Moritz writes:
      
      FPGA Manager changes for 5.19-rc1
      
      FPGA Manager
      
      - My change moves the linux-fpga repository to a shared
        location w/ shared responsibilities between maintainers
      - Nava's changes fix coding style and kernel-docs
      
      DFL
      
      - Matthew's change allows ports to be linked to FMEs.
      - Tianfei's changes clean up some documentation and
        ensure the feature type is checked before parsing IRQs
      
      All patches have been reviewed on the mailing list, and have been in the
      last linux-next releases (as part of our for-next branch).
      Signed-off-by: default avatarMoritz Fischer <mdf@kernel.org>
      
      * tag 'fpga-for-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/fpga/linux-fpga:
        fpga: dfl: Allow Port to be linked to FME's DFL
        Documentation: fpga: dfl: add link address of feature id table
        fpga: dfl: check feature type before parse irq info
        fpga: fpga-region: fix kernel-doc formatting issues
        fpga: Use tab instead of space indentation
        fpga: fpga-mgr: fix kernel-doc warnings
        fpga: fix for coding style issues
        MAINTAINERS: Update linux-fpga repository location
      bab6ffa2
    • Greg Kroah-Hartman's avatar
      Merge tag 'coresight-next-v5.19' of... · 9c518db6
      Greg Kroah-Hartman authored
      Merge tag 'coresight-next-v5.19' of gitolite.kernel.org:pub/scm/linux/kernel/git/coresight/linux into char-misc-next
      
      Mathieu writes:
      
      Coresight changes for v5.19
      
      This pull request includes:
      
      - Work to uniformise access to the ETMv4 registers, making it easier to
      look for and change register accesses.
      
      - A correction to a probing failure when looking for links between devices.
      
      - The replacement of a call to mutex_lock() with a mutex_trylock() in the panic
      notifier of the cpu-debug infrastructure to avoid a possible deadlock.
      Signed-off-by: default avatarMathieu Poirier <mathieu.poirier@linaro.org>
      
      * tag 'coresight-next-v5.19' of gitolite.kernel.org:pub/scm/linux/kernel/git/coresight/linux:
        coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier
        coresight: core: Fix coresight device probe failure issue
        coresight: etm4x: Cleanup TRCRSCTLRn register accesses
        coresight: etm4x: Cleanup TRCBBCTLR register accesses
        coresight: etm4x: Cleanup TRCSSPCICRn register accesses
        coresight: etm4x: Cleanup TRCSSCCRn and TRCSSCSRn register accesses
        coresight: etm4x: Cleanup TRCACATRn register accesses
        coresight: etm3x: Cleanup ETMTECR1 register accesses
        coresight: etm4x: Cleanup TRCVICTLR register accesses
        coresight: etm4x: Cleanup TRCSTALLCTLR register accesses
        coresight: etm4x: Cleanup TRCEVENTCTL1R register accesses
        coresight: etm4x: Cleanup TRCCONFIGR register accesses
        coresight: etm4x: Cleanup TRCIDR5 register accesses
        coresight: etm4x: Cleanup TRCIDR4 register accesses
        coresight: etm4x: Cleanup TRCIDR3 register accesses
        coresight: etm4x: Cleanup TRCIDR2 register accesses
        coresight: etm4x: Cleanup TRCIDR0 register accesses
      9c518db6
    • Greg Kroah-Hartman's avatar
      Merge tag 'extcon-next-for-5.19' of... · e727efee
      Greg Kroah-Hartman authored
      Merge tag 'extcon-next-for-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/chanwoo/extcon into char-misc-next
      
      Chanwoo writes:
      
      Update extcon next for v5.19
      
      Detailed description for this pull request:
      1. update extcon core driver
      - extcon_get_extcon_dev() has been almost used to get the extcon device
      on booting time. If extcon provider driver is probed at late time,
      the extcon consumer driver get the -EPROBE_DEFER return value.
      It requires the inefficient handling code of -EPROBE_DEFER.
      Instead, extcon_get_extcon_dev() will return -EPROBE_DEFER
      if the required extcon device is none. It makes the extcon consumer driver
      to be simplified when getting extcon device.
      - Register device after dev_set_drvdata because of accessing
      the sysfs attributes at timing of between drv_set_data and device_register.
      - Fix some kernel-doc comments of extcon functions.
      
      2. update extcon provider driver
      - Update extcon-intel-int3496.c
      : Add support for controlling vbus power via regulator and support
      to the extcon-intel-int3496.c driver to bind to devices without
      an ACPi companion. And fix the minor clean-up.
      - Use struct_size() helper on extcon-usbc-cros-ec.c
      - Remove the disable irq operation in system sleep for using vbus/id
      gpio as the wakeup source on extcon-usb-gpio.c
      - Add support of SM5703 device by using existing extcon-sm5502.c
      and rename i2c_devic_id from sm5703 to sm5703-muic to reduce confusion
      between SM5703 MFD device and extcon device.
      - Add usb role class support and add queue work sync before driver release
      on extcon-ptn5150.c
      
      * tag 'extcon-next-for-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/chanwoo/extcon:
        extcon: Modify extcon device to be created after driver data is set
        extcon: sm5502: Clarify SM5703's i2c device ID
        extcon: ptn5150: Add usb role class support
        extcon: ptn5150: Add queue work sync before driver release
        extcon: sm5502: Add support for SM5703
        dt-bindings: extcon: bindings for SM5703
        extcon: usb-gpio: Remove disable irq operation in system sleep
        extcon: Fix some kernel-doc comments
        extcon: usbc-cros-ec: Use struct_size() helper in kzalloc()
        extcon: int3496: Add support for controlling Vbus through a regulator
        extcon: int3496: Add support for binding to plain platform devices
        extcon: int3496: Request non-exclusive access to the ID GPIO
        extcon: int3496: Make the driver a bit less verbose
        extcon: Fix extcon_get_extcon_dev() error handling
      e727efee
    • Greg Kroah-Hartman's avatar
      Merge tag 'soundwire-5.19-rc1' of... · fa5602c6
      Greg Kroah-Hartman authored
      Merge tag 'soundwire-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/soundwire into char-misc-next
      
      Vinod writes:
      
      soundwire updates for 5.19-rc1
      
       - Support for v1.6.0 Qualcomm controllers
       - Bunch of pm updates by Intel for peripheral attachment and system pm
         etc
      
      * tag 'soundwire-5.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/soundwire:
        soundwire: qcom: adjust autoenumeration timeout
        soundwire: qcom: use pm_runtime_resume_and_get()
        soundwire: intel: use pm_runtime_resume_and_get()
        soundwire: cadence: use pm_runtime_resume_and_get()
        soundwire: bus: use pm_runtime_resume_and_get()
        soundwire: qcom: return error when pm_runtime_get_sync fails
        soundwire: bus: pm_runtime_request_resume on peripheral attachment
        soundwire: intel: disable WAKEEN in pm_runtime resume
        soundwire: intel: prevent pm_runtime resume prior to system suspend
        soundwire: cadence: recheck device0 attachment after status change
        dt-bindings: soundwire: qcom: Add bindings for audio clock reset control property
        soundwire: qcom: Add compatible name for v1.6.0
        soundwire: stream: Fix error return code in do_bank_switch()
        soundwire: qcom: fix an error message in swrm_wait_for_frame_gen_enabled()
      fa5602c6
    • Greg Kroah-Hartman's avatar
      Merge tag 'phy-for-5.19' of... · 46509e75
      Greg Kroah-Hartman authored
      Merge tag 'phy-for-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy into char-work-next
      
      Vinod writes:
      
      phy-for-5.19
      
        - New support:
              - LVDS configuration support and implementation in fsl driver
      	- Qualcomm UFS phy support for SM6350 and USB PHY for SDX65
      	- Allwinner D-PHY Rx mode support
      	- Yamilfy Mixel mipi-dsi-phy
      
        - Updates:
      	- Documentation for phy ops order
              - Can transceiver mux support
      	- Qualcomm QMP phy updates
      	- Uniphier phy updates
      
      * tag 'phy-for-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy: (40 commits)
        phy: qcom-qmp: rename error labels
        phy: qcom-qmp: fix pipe-clock imbalance on power-on failure
        phy: qcom-qmp: switch to explicit reset helpers
        phy: qcom-qmp: fix reset-controller leak on probe errors
        phy: qcom-qmp: fix struct clk leak on probe errors
        dt-bindings: phy: renesas,usb2-phy: Document RZ/G2UL phy bindings
        dt-bindings: phy: marvell,armada-3700-utmi-host-phy: Fix incorrect compatible in example
        phy: qcom-qmp: fix phy-descriptor kernel-doc typo
        phy: rockchip-inno-usb2: Clean up some inconsistent indenting
        phy: freescale: imx8m-pcie: Handle IMX8_PCIE_REFCLK_PAD_UNUSED
        phy: core: Warn when phy_power_on is called before phy_init
        phy: core: Update documentation syntax
        phy: core: Add documentation of phy operation order
        phy: rockchip-inno-usb2: Handle ID IRQ
        phy: rockchip-inno-usb2: Handle bvalid falling
        phy: rockchip-inno-usb2: Support multi-bit mask properties
        phy: rockchip-inno-usb2: Do not lock in bvalid IRQ handler
        phy: rockchip-inno-usb2: Do not check bvalid twice
        phy: rockchip-inno-usb2: Fix muxed interrupt support
        phy: allwinner: phy-sun6i-mipi-dphy: Support D-PHY Rx mode for MIPI CSI-2
        ...
      46509e75
    • Greg Kroah-Hartman's avatar
      Merge tag 'mhi-for-v5.19' of... · 46ee6bca
      Greg Kroah-Hartman authored
      Merge tag 'mhi-for-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/mani/mhi into char-work-next
      
      Manivannan writes:
      
      MHI changes for v5.19
      
      MHI Host
      --------
      
      Support for new modems:
      
       - Foxconn Cinterion MV32-WA/MV32-WB based on SDX62/SDX65
       - Telit FN980 v1 based on SDX55
       - Telit FN990 based on SDX65
       - Foxconn T99W373/T99W368 based on SDX62/SDX65
      
      Core changes:
      
       - During the recycle of event ring elements, compute the ctxt_wp based on the
         local cached value instead of reading from shared memory. This is to prevent
         the possible corruption of the ctxt_wp as some of the endpoint devices could
         modify the value in shared memory.
      
       - Add sysfs support for resetting the endpoint based on the MHI spec. The MHI
         spec allows the host to hard reset the device in the case of an unrecoverable
         error and all other reset mechanisms have failed.
      
       - During MHI shutdown, wait for the endpoint device to enter the ready state
         post reset before proceeding. This is to avoid a possible race where host
         would remove the interrupt handler and device will send ready state
         interrupt, resulting in IOMMU fault.
      
       - Bail out updating the MHI register if the read has failed during
         read/modify/write.
      
       - Use mhi_write_reg() instead of mhi_write_reg_field() for writing the whole
         register fields in mhi_init_mmio().
      
      MAINTAINERS change:
      
       - Since Qualcomm has moved the email domain for its employess from codeaurora
         domain to quicinc, update the same for Hemant.
      
      * tag 'mhi-for-v5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/mani/mhi: (29 commits)
        bus: mhi: host: Add support for Foxconn T99W373 and T99W368
        bus: mhi: host: pci_generic: add Telit FN990
        bus: mhi: host: pci_generic: add Telit FN980 v1 hardware revision
        bus: mhi: host: Add support for Cinterion MV32-WA/MV32-WB
        bus: mhi: host: Optimize and update MMIO register write method
        bus: mhi: host: Bail on writing register fields if read fails
        bus: mhi: host: Wait for ready state after reset
        bus: mhi: host: Add soc_reset sysfs
        bus: mhi: host: pci_generic: Sort mhi_pci_id_table based on the PID
        bus: mhi: host: Use cached values for calculating the shared write pointer
        MAINTAINERS: Update Hemant's email id
        bus: mhi: ep: Add uevent support for module autoloading
        bus: mhi: ep: Add support for suspending and resuming channels
        bus: mhi: ep: Add support for queueing SKBs to the host
        bus: mhi: ep: Add support for processing channel rings
        bus: mhi: ep: Add support for reading from the host
        bus: mhi: ep: Add support for processing command rings
        bus: mhi: ep: Add support for handling SYS_ERR condition
        bus: mhi: ep: Add support for handling MHI_RESET
        bus: mhi: ep: Add support for powering down the MHI endpoint stack
        ...
      46ee6bca
    • Greg Kroah-Hartman's avatar
      Merge tag 'iio-for-5.19a' of... · bcfa9546
      Greg Kroah-Hartman authored
      Merge tag 'iio-for-5.19a' of https://git.kernel.org/pub/scm/linux/kernel/git/jic23/iio into char-misc-next
      
      Jonathan writes:
      
      First set of IIO new device support, features and cleanup for 5.19
      
      Usual mixed bag. Stand out this time is Andy Shevchenko's continuing
      effort to move drivers over the generic firmware interfaces.
      
      Device support
      * sprd,sc2720
        - upm9620 binding addition.
        - Refactor and support for sc2720, sc2721 and sc2730.
      * ti,ads1015
        - Refactor driver and add support for TLA2024.
      
      Device support (IDs only)
      * invensense,mpu6050
        - Add ID for ICM-20608-D.
      * st,accel:
        -  Add ID for lis302dl.
      * st,lsm6dsx
        - Add support for ASM330LHHX (can fallback to LSM6DSR.)
      
      Features
      * convert drivers to device properties
        - IIO core
        - adi,ad7266
        - adi,adis16480
        - adi,adxl355
        - bosch,bmi160
        - domintech,dmard06
        - fsl,fxas21002c
        - invensense,mpu3050
        - linear,ltc2983
        - linear,ltc2632
        - maxbotix,mb1232
        - maxim,max31856
        - maxim,max31865
        - multiplexer
        - ping
        - rescale
        - taos,tsl2772
      * core
        - Add runtime check on whether realbits fit in storagebits for each
          channel.
      * adi,ad_sigma_delta
        - Add sequencer support and relevant update_scan_mode callbacks for
          adi,ad7192 and adi,ad7124.
      
      Cleanup and minor fixes
      * MAINTAINERS
        - Update Lorenzo Bianconi's email address for IIO drivers.
        - Add entry for ad3552r and update maintainer in dt-binding doc.
      * tree-wide
        - Replace strtobool() with kstrtobool().
        - Drop false OF dependencies.
      * core
        - Tidy up and document IIO modes.
        - Take iio_buffer_enabled() out of header allowing current_mode to be
          moved to the opaque structure.
        - As all kfifo buffers use the same mode value, drop that parameter
          and set it unconditionally.
        - White space fixes and similar.
        - Drop use of list iterator variable for
          list_for_each_entry_continue_reverse and use list_prepare_entry to
          restart.
      * sysfs-trigger
        - Replace use of 'found' variable with dedicate list iterator variable.
      * adi,ad7124
        - Drop misleading shift.
      * adi,ad2s1210
        - Remove redundant local variable assignment.
      * adi,adis16480
        - Use local device pointer to reduce repetition.
        - Improve handling of clocks.
      * domintech,dmard09
        - White space.
      * dummy driver
        - Improve error handling.
      * fsl,mma8452
        - Add missing documentation of name element.
      * invensense,mpu3050
        - Stop remove() returning non 0.
      * kionix,kxsd9
        - White space.
      * linear,ltc2688
        - Use local variable for struct device.
        - Combine of_node_put() error handling paths.
      * linear,ltc2983
        - Avoid use of constants in messages where a define is available.
      * microchip,mcp4131
        - Fix compatible in dt example.
      * pni,rm3100
        - Stop directly accessing iio_dev->current_mode just to find out
          if the buffer is enabled.
      * renesas,rzg2l
        - Relax kconfig constraint to include newer devices.
      * sprd,sc27xx
        - Fix wrong scaling mask.
        - Improve the calibration values.
      * samsung,ssp
        - Replace a 'found' variable in favor of an explicit value that was
          found.
      * sensortek,stk3xx
        - Add proximity-near-level binding and driver support.
      * st,st_sensors:
        - Drop unused accel_type enum.
        - Return early in *_write_raw()
        - Drop unnecessary locking in _avail functions.
        - Add local lock to protect odr against concurrent updates allowing
          mlock to no longer be used outside of the core.
        - Use iio_device_claim_direct_mode() rather than racy checking of
          the current mode.
      * st,stmpe-adc
        - Fix checks on wait_for_completion_timeout().
        - Allow use of of_device_id for matching.
      * st,stm32-dfsdm
        - Stop accessing iio_dev->current_mode to find out if the buffer
          is enabled (so we can hide that variable in the opaque structure)
      * st,vl53l0x
        - Fix checks on wait_for_completion_timeout.
      * ti,ads1015
        - Add missing ID for ti,ads1115 in binding doc.
        - Convert from repeated chip ID look up to selecting static const
          data.
        - Switch to read_avail() callback.
      * ti,ads8688
        - Use of_device_id for driver matching.
      * ti,palmas-adc
        - Drop a warning on minor calibration mismatch leading to slightly
          negative values after applying the calibration.
      
      * tag 'iio-for-5.19a' of https://git.kernel.org/pub/scm/linux/kernel/git/jic23/iio: (95 commits)
        iio: ti-ads8688: use of_device_id for OF matching
        iio: stmpe-adc: use of_device_id for OF matching
        dt-bindings: iio: Fix incorrect compatible strings in examples
        iio: gyro: mpu3050: Make mpu3050_common_remove() return void
        iio: dac: ltc2632: Make use of device properties
        iio: temperature: max31865: Make use of device properties
        iio: proximity: mb1232: Switch to use fwnode_irq_get()
        iio: imu: adis16480: Improve getting the optional clocks
        iio: imu: adis16480: Use temporary variable for struct device
        iio: imu: adis16480: Make use of device properties
        staging: iio: ad2s1210: remove redundant assignment to variable negative
        iio: adc: sc27xx: add support for PMIC sc2730
        iio: adc: sc27xx: add support for PMIC sc2720 and sc2721
        iio: adc: sc27xx: refactor some functions for support more PMiCs
        iio: adc: sc27xx: structure adjustment and optimization
        iio: adc: sc27xx: Fine tune the scale calibration values
        iio: adc: sc27xx: fix read big scale voltage not right
        dt-bindings:iio:adc: add sprd,ump9620-adc dt-binding
        iio: proximity: stk3310: Export near level property for proximity sensor
        dt-bindings: iio: light: stk33xx: Add proximity-near-level
        ...
      bcfa9546
  2. 17 May, 2022 3 commits
    • Kees Cook's avatar
      lkdtm/heap: Hide allocation size from -Warray-bounds · f260fd59
      Kees Cook authored
      With the kmalloc() size annotations, GCC is smart enough to realize that
      LKDTM is intentionally writing past the end of the buffer. This is on
      purpose, of course, so hide the buffer from the optimizer. Silences:
      
      ../drivers/misc/lkdtm/heap.c: In function 'lkdtm_SLAB_LINEAR_OVERFLOW':
      ../drivers/misc/lkdtm/heap.c:59:13: warning: array subscript 256 is outside array bounds of 'void[1020]' [-Warray-bounds]
         59 |         data[1024 / sizeof(u32)] = 0x12345678;
            |         ~~~~^~~~~~~~~~~~~~~~~~~~
      In file included from ../drivers/misc/lkdtm/heap.c:7:
      In function 'kmalloc',
          inlined from 'lkdtm_SLAB_LINEAR_OVERFLOW' at ../drivers/misc/lkdtm/heap.c:54:14:
      ../include/linux/slab.h:581:24: note: at offset 1024 into object of size 1020 allocated by 'kmem_cache_alloc_trace'
        581 |                 return kmem_cache_alloc_trace(
            |                        ^~~~~~~~~~~~~~~~~~~~~~~
        582 |                                 kmalloc_caches[kmalloc_type(flags)][index],
            |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        583 |                                 flags, size);
            |                                 ~~~~~~~~~~~~
      
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      f260fd59
    • Muhammad Usama Anjum's avatar
      selftests/lkdtm: Add configs for stackleak and "after free" tests · 38c84c99
      Muhammad Usama Anjum authored
      Add config options which are needed for LKDTM sub-tests:
      STACKLEAK_ERASING test needs GCC_PLUGIN_STACKLEAK config.
      READ_AFTER_FREE and READ_BUDDY_AFTER_FREE tests need
      INIT_ON_FREE_DEFAULT_ON config.
      Signed-off-by: default avatarMuhammad Usama Anjum <usama.anjum@collabora.com>
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Link: https://lore.kernel.org/r/20220517132932.1484719-1-usama.anjum@collabora.com
      38c84c99
    • Kees Cook's avatar
      lkdtm/usercopy: Check vmalloc and >0-order folios · fc34eec6
      Kees Cook authored
      Add coverage for the recently added usercopy checks for vmalloc and
      folios, via USERCOPY_VMALLOC and USERCOPY_FOLIO respectively.
      
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      fc34eec6
  3. 13 May, 2022 14 commits
  4. 12 May, 2022 1 commit
    • Kees Cook's avatar
      lkdtm/usercopy: Rename "heap" to "slab" · d2b8060f
      Kees Cook authored
      To more clearly distinguish between the various heap types, rename the
      slab tests to "slab".
      
      Cc: Arnd Bergmann <arnd@arndb.de>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Shuah Khan <shuah@kernel.org>
      Cc: linux-kselftest@vger.kernel.org
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      d2b8060f
  5. 10 May, 2022 10 commits
  6. 09 May, 2022 1 commit