[GIT PULL] overflow changes for v4.18-rc1
From: Kees Cook
Date: Wed Jun 06 2018 - 14:41:00 EST
Hi Linus,
Please pull these overflow changes for v4.18-rc1. As the tag notes, this
adds the new overflow checking helpers and adds them to the 2-factor
argument allocators. And this adds the saturating size helpers and does
a treewide replacement for the struct_size() usage. Additionally this
adds the overflow testing modules to make sure everything works.
I'm still working on the treewide replacements for allocators with "simple"
multiplied arguments (*alloc(a * b, ...) -> *alloc_array(a, b, ...) and
*zalloc(a * b, ...) -> *calloc(a, b, ...)) as well as the more complex
cases, but that's separable from this portion of the series. I expect to
have the rest sent before -rc1 closes; there are a lot of messy cases to
clean up.
Thanks!
-Kees
The following changes since commit 75bc37fefc4471e718ba8e651aa74673d4e0a9eb:
Linux 4.17-rc4 (2018-05-06 16:57:38 -1000)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/overflow-v4.18-rc1
for you to fetch changes up to 0ed2dd03b94b7b7f66e23f25073b5385d0416589:
treewide: Use struct_size() for devm_kmalloc() and friends (2018-06-06 11:15:43 -0700)
----------------------------------------------------------------
- Introduce arithmetic overflow test helper functions (Rasmus)
- Use overflow helpers in 2-factor allocators (Kees, Rasmus)
- Introduce overflow test module (Rasmus, Kees)
- Introduce saturating size helper functions (Matthew, Kees)
- Treewide use of struct_size() for allocators (Kees)
----------------------------------------------------------------
Kees Cook (9):
test_overflow: Report test failures
overflow.h: Add allocation size calculation helpers
test_overflow: Add memory allocation overflow tests
mm: Use overflow helpers in kmalloc_array*()
mm: Use overflow helpers in kvmalloc()
device: Use overflow helpers for devm_kmalloc()
treewide: Use struct_size() for kmalloc()-family
treewide: Use struct_size() for vmalloc()-family
treewide: Use struct_size() for devm_kmalloc() and friends
Rasmus Villemoes (3):
compiler.h: enable builtin overflow checkers and add fallback code
lib: add runtime test of check_*_overflow functions
test_overflow: macrofy some more, do more tests for free
crypto/af_alg.c | 4 +-
drivers/base/devres.c | 7 +-
drivers/clk/bcm/clk-bcm2835-aux.c | 6 +-
drivers/clk/bcm/clk-bcm2835.c | 4 +-
drivers/clk/bcm/clk-iproc-asiu.c | 4 +-
drivers/clk/bcm/clk-iproc-pll.c | 3 +-
drivers/clk/berlin/bg2.c | 3 +-
drivers/clk/berlin/bg2q.c | 3 +-
drivers/clk/clk-asm9260.c | 3 +-
drivers/clk/clk-aspeed.c | 6 +-
drivers/clk/clk-clps711x.c | 6 +-
drivers/clk/clk-efm32gg.c | 4 +-
drivers/clk/clk-gemini.c | 6 +-
drivers/clk/clk-s2mps11.c | 4 +-
drivers/clk/clk-scmi.c | 4 +-
drivers/clk/clk-stm32h7.c | 5 +-
drivers/clk/clk-stm32mp1.c | 5 +-
drivers/clk/davinci/da8xx-cfgchip.c | 4 +-
drivers/clk/mvebu/armada-37xx-periph.c | 7 +-
drivers/clk/mvebu/armada-37xx-tbg.c | 4 +-
drivers/clk/qcom/clk-spmi-pmic-div.c | 3 +-
drivers/clk/samsung/clk-exynos-audss.c | 4 +-
drivers/clk/samsung/clk-exynos-clkout.c | 3 +-
drivers/clk/samsung/clk-exynos5433.c | 4 +-
drivers/clk/samsung/clk-s3c2410-dclk.c | 7 +-
drivers/clk/samsung/clk-s5pv210-audss.c | 3 +-
drivers/dax/device.c | 2 +-
drivers/dma/bcm-sba-raid.c | 5 +-
drivers/dma/edma.c | 9 +-
drivers/dma/moxart-dma.c | 2 +-
drivers/dma/nbpfaxi.c | 4 +-
drivers/dma/omap-dma.c | 2 +-
drivers/dma/sa11x0-dma.c | 4 +-
drivers/dma/sh/usb-dmac.c | 2 +-
drivers/dma/sprd-dma.c | 4 +-
drivers/firewire/core-topology.c | 3 +-
drivers/gpio/gpio-uniphier.c | 3 +-
drivers/gpio/gpiolib.c | 3 +-
drivers/gpu/drm/nouveau/nvkm/core/ramht.c | 3 +-
drivers/gpu/drm/nouveau/nvkm/engine/pm/base.c | 4 +-
drivers/hwspinlock/omap_hwspinlock.c | 2 +-
drivers/hwspinlock/sirf_hwspinlock.c | 6 +-
drivers/hwspinlock/u8500_hsem.c | 2 +-
drivers/infiniband/core/cache.c | 5 +-
drivers/infiniband/core/cm.c | 4 +-
drivers/infiniband/core/multicast.c | 2 +-
drivers/infiniband/core/uverbs_cmd.c | 4 +-
drivers/infiniband/core/uverbs_ioctl_merge.c | 21 +-
drivers/infiniband/hw/mthca/mthca_memfree.c | 4 +-
drivers/infiniband/sw/rdmavt/mr.c | 4 +-
drivers/input/input-leds.c | 3 +-
drivers/input/input-mt.c | 2 +-
drivers/input/keyboard/cap11xx.c | 3 +-
drivers/md/dm-raid.c | 2 +-
drivers/md/dm-table.c | 10 +-
drivers/mfd/qcom-pm8xxx.c | 4 +-
drivers/misc/cb710/core.c | 4 +-
drivers/misc/vexpress-syscfg.c | 3 +-
drivers/mtd/spi-nor/aspeed-smc.c | 5 +-
drivers/net/can/peak_canfd/peak_pciefd_main.c | 3 +-
drivers/net/ethernet/mellanox/mlx5/core/debugfs.c | 2 +-
drivers/net/ethernet/mellanox/mlx5/core/fs_core.c | 3 +-
drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 5 +-
drivers/net/wireless/mediatek/mt76/agg-rx.c | 3 +-
drivers/pinctrl/samsung/pinctrl-s3c64xx.c | 4 +-
drivers/pinctrl/uniphier/pinctrl-uniphier-core.c | 3 +-
drivers/regulator/mc13783-regulator.c | 6 +-
drivers/regulator/mc13892-regulator.c | 6 +-
drivers/reset/core.c | 3 +-
drivers/rtc/rtc-ac100.c | 8 +-
drivers/s390/cio/ccwgroup.c | 3 +-
drivers/soc/actions/owl-sps.c | 4 +-
drivers/soc/rockchip/pm_domains.c | 3 +-
drivers/staging/greybus/module.c | 4 +-
drivers/thermal/qcom/tsens.c | 6 +-
drivers/usb/gadget/function/f_midi.c | 5 +-
drivers/zorro/zorro.c | 3 +-
fs/afs/addr_list.c | 3 +-
include/linux/compiler-clang.h | 14 +
include/linux/compiler-gcc.h | 4 +
include/linux/compiler-intel.h | 4 +
include/linux/device.h | 8 +-
include/linux/mm.h | 7 +-
include/linux/overflow.h | 278 +++++++++++++++
include/linux/slab.h | 17 +-
include/linux/vmalloc.h | 1 +
kernel/cgroup/cgroup.c | 4 +-
kernel/module.c | 3 +-
kernel/workqueue.c | 3 +-
lib/Kconfig.debug | 3 +
lib/Makefile | 1 +
lib/test_overflow.c | 417 ++++++++++++++++++++++
net/ceph/mon_client.c | 5 +-
net/ceph/osd_client.c | 3 +-
net/netfilter/xt_recent.c | 3 +-
net/sctp/endpointola.c | 4 +-
sound/core/vmaster.c | 4 +-
sound/soc/qcom/apq8016_sbc.c | 3 +-
sound/soc/soc-dapm.c | 2 +-
99 files changed, 916 insertions(+), 205 deletions(-)
create mode 100644 include/linux/overflow.h
create mode 100644 lib/test_overflow.c
--
Kees Cook
Pixel Security