Merge tag 'hardening-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull kernel hardening updates from Kees Cook:
- Convert flexible array members, fix -Wstringop-overflow warnings, and
fix KCFI function type mismatches that went ignored by maintainers
(Gustavo A. R. Silva, Nathan Chancellor, Kees Cook)
- Remove the remaining side-effect users of ksize() by converting
dma-buf, btrfs, and coredump to using kmalloc_size_roundup(), add
more __alloc_size attributes, and introduce full testing of all
allocator functions. Finally remove the ksize() side-effect so that
each allocation-aware checker can finally behave without exceptions
- Introduce oops_limit (default 10,000) and warn_limit (default off) to
provide greater granularity of control for panic_on_oops and
panic_on_warn (Jann Horn, Kees Cook)
- Introduce overflows_type() and castable_to_type() helpers for cleaner
overflow checking
- Improve code generation for strscpy() and update str*() kern-doc
- Convert strscpy and sigphash tests to KUnit, and expand memcpy tests
- Always use a non-NULL argument for prepare_kernel_cred()
- Disable structleak plugin in FORTIFY KUnit test (Anders Roxell)
- Adjust orphan linker section checking to respect CONFIG_WERROR (Xin
Li)
- Make sure siginfo is cleared for forced SIGKILL (haifeng.xu)
- Fix um vs FORTIFY warnings for always-NULL arguments
* tag 'hardening-v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: (31 commits)
ksmbd: replace one-element arrays with flexible-array members
hpet: Replace one-element array with flexible-array member
um: virt-pci: Avoid GCC non-NULL warning
signal: Initialize the info in ksignal
lib: fortify_kunit: build without structleak plugin
panic: Expose "warn_count" to sysfs
panic: Introduce warn_limit
panic: Consolidate open-coded panic_on_warn checks
exit: Allow oops_limit to be disabled
exit: Expose "oops_count" to sysfs
exit: Put an upper limit on how often we can oops
panic: Separate sysctl logic from CONFIG_SMP
mm/pgtable: Fix multiple -Wstringop-overflow warnings
mm: Make ksize() a reporting-only function
kunit/fortify: Validate __alloc_size attribute results
drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()
drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid()
driver core: Add __alloc_size hint to devm allocators
overflow: Introduce overflows_type() and castable_to_type()
coredump: Proactively round up to kmalloc bucket size
...
This commit is contained in:
Linus Torvalds
+42
-3
@@ -33,6 +33,7 @@
|
||||
#include <linux/bug.h>
|
||||
#include <linux/ratelimit.h>
|
||||
#include <linux/debugfs.h>
|
||||
#include <linux/sysfs.h>
|
||||
#include <trace/events/error_report.h>
|
||||
#include <asm/sections.h>
|
||||
|
||||
@@ -59,6 +60,7 @@ bool crash_kexec_post_notifiers;
|
||||
int panic_on_warn __read_mostly;
|
||||
unsigned long panic_on_taint;
|
||||
bool panic_on_taint_nousertaint = false;
|
||||
static unsigned int warn_limit __read_mostly;
|
||||
|
||||
int panic_timeout = CONFIG_PANIC_TIMEOUT;
|
||||
EXPORT_SYMBOL_GPL(panic_timeout);
|
||||
@@ -76,8 +78,9 @@ ATOMIC_NOTIFIER_HEAD(panic_notifier_list);
|
||||
|
||||
EXPORT_SYMBOL(panic_notifier_list);
|
||||
|
||||
#if defined(CONFIG_SMP) && defined(CONFIG_SYSCTL)
|
||||
#ifdef CONFIG_SYSCTL
|
||||
static struct ctl_table kern_panic_table[] = {
|
||||
#ifdef CONFIG_SMP
|
||||
{
|
||||
.procname = "oops_all_cpu_backtrace",
|
||||
.data = &sysctl_oops_all_cpu_backtrace,
|
||||
@@ -87,6 +90,14 @@ static struct ctl_table kern_panic_table[] = {
|
||||
.extra1 = SYSCTL_ZERO,
|
||||
.extra2 = SYSCTL_ONE,
|
||||
},
|
||||
#endif
|
||||
{
|
||||
.procname = "warn_limit",
|
||||
.data = &warn_limit,
|
||||
.maxlen = sizeof(warn_limit),
|
||||
.mode = 0644,
|
||||
.proc_handler = proc_douintvec,
|
||||
},
|
||||
{ }
|
||||
};
|
||||
|
||||
@@ -98,6 +109,25 @@ static __init int kernel_panic_sysctls_init(void)
|
||||
late_initcall(kernel_panic_sysctls_init);
|
||||
#endif
|
||||
|
||||
static atomic_t warn_count = ATOMIC_INIT(0);
|
||||
|
||||
#ifdef CONFIG_SYSFS
|
||||
static ssize_t warn_count_show(struct kobject *kobj, struct kobj_attribute *attr,
|
||||
char *page)
|
||||
{
|
||||
return sysfs_emit(page, "%d\n", atomic_read(&warn_count));
|
||||
}
|
||||
|
||||
static struct kobj_attribute warn_count_attr = __ATTR_RO(warn_count);
|
||||
|
||||
static __init int kernel_panic_sysfs_init(void)
|
||||
{
|
||||
sysfs_add_file_to_group(kernel_kobj, &warn_count_attr.attr, NULL);
|
||||
return 0;
|
||||
}
|
||||
late_initcall(kernel_panic_sysfs_init);
|
||||
#endif
|
||||
|
||||
static long no_blink(int state)
|
||||
{
|
||||
return 0;
|
||||
@@ -200,6 +230,16 @@ static void panic_print_sys_info(bool console_flush)
|
||||
ftrace_dump(DUMP_ALL);
|
||||
}
|
||||
|
||||
void check_panic_on_warn(const char *origin)
|
||||
{
|
||||
if (panic_on_warn)
|
||||
panic("%s: panic_on_warn set ...\n", origin);
|
||||
|
||||
if (atomic_inc_return(&warn_count) >= READ_ONCE(warn_limit) && warn_limit)
|
||||
panic("%s: system warned too often (kernel.warn_limit is %d)",
|
||||
origin, warn_limit);
|
||||
}
|
||||
|
||||
/**
|
||||
* panic - halt the system
|
||||
* @fmt: The text string to print
|
||||
@@ -618,8 +658,7 @@ void __warn(const char *file, int line, void *caller, unsigned taint,
|
||||
if (regs)
|
||||
show_regs(regs);
|
||||
|
||||
if (panic_on_warn)
|
||||
panic("panic_on_warn set ...\n");
|
||||
check_panic_on_warn("kernel");
|
||||
|
||||
if (!regs)
|
||||
dump_stack();
|
||||
|
||||
Reference in New Issue
Block a user