tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'hardening-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull hardening fixes from Kees Cook:

- gcc plugins: Avoid Kconfig warnings with randstruct (Nathan
Chancellor)

- MAINTAINERS: Add security/Kconfig.hardening to hardening section
(Nathan Chancellor)

- MAINTAINERS: Add unsafe_memcpy() to the FORTIFY review list

* tag 'hardening-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
MAINTAINERS: Add security/Kconfig.hardening to hardening section
hardening: Adjust dependencies in selection of MODVERSIONS
MAINTAINERS: Add unsafe_memcpy() to the FORTIFY review list

Linus Torvalds 9ec2236a fb9b7674

+4 -2
+2
MAINTAINERS
··· 8914 8914 F: lib/fortify_kunit.c 8915 8915 F: lib/memcpy_kunit.c 8916 8916 F: lib/test_fortify/* 8917 + K: \bunsafe_memcpy\b 8917 8918 K: \b__NO_FORTIFY\b 8918 8919 8919 8920 FPGA DFL DRIVERS ··· 12346 12345 F: kernel/configs/hardening.config 12347 12346 F: lib/usercopy_kunit.c 12348 12347 F: mm/usercopy.c 12348 + F: security/Kconfig.hardening 12349 12349 K: \b(add|choose)_random_kstack_offset\b 12350 12350 K: \b__check_(object_size|heap_object)\b 12351 12351 K: \b__counted_by\b
+2 -2
security/Kconfig.hardening
··· 340 340 config RANDSTRUCT_FULL 341 341 bool "Fully randomize structure layout" 342 342 depends on CC_HAS_RANDSTRUCT || GCC_PLUGINS 343 - select MODVERSIONS if MODULES 343 + select MODVERSIONS if MODULES && !COMPILE_TEST 344 344 help 345 345 Fully randomize the member layout of sensitive 346 346 structures as much as possible, which may have both a ··· 356 356 config RANDSTRUCT_PERFORMANCE 357 357 bool "Limit randomization of structure layout to cache-lines" 358 358 depends on GCC_PLUGINS 359 - select MODVERSIONS if MODULES 359 + select MODVERSIONS if MODULES && !COMPILE_TEST 360 360 help 361 361 Randomization of sensitive kernel structures will make a 362 362 best effort at restricting randomization to cacheline-sized