[GIT PULL] hardening fixes for v6.10-rc1

From: Kees Cook
Date: Thu May 23 2024 - 19:38:07 EST

Next message: Reinette Chatre: "Re: [PATCH v18 06/17] x86/resctrl: Introduce snc_nodes_per_l3_cache"
Previous message: Huang, Kai: "Re: [PATCH v19 039/130] KVM: TDX: initialize VM with TDX specific parameters"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Linus,

Please pull these hardening fixes for v6.10-rc1-fixes.

Thanks!

-Kees

The following changes since commit 6d305cbef1aa01b9714e01e35f3d5c28544cf04d:

uapi: stddef.h: Provide UAPI macros for __counted_by_{le, be} (2024-05-08 00:42:25 -0700)

are available in the Git repository at:

https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/hardening-v6.10-rc1-fixes

for you to fetch changes up to ae1a863bcdbd6ea2abc93519a82ab5d715d5dcbc:

kunit/fortify: Fix memcmp() test to be amplitude agnostic (2024-05-18 13:46:10 -0700)

----------------------------------------------------------------
hardening fixes for v6.10-rc1

- loadpin: Prevent SECURITY_LOADPIN_ENFORCE=y without module decompression
(Stephen Boyd)

- ubsan: Restore dependency on ARCH_HAS_UBSAN

- kunit/fortify: Fix memcmp() test to be amplitude agnostic

----------------------------------------------------------------
Kees Cook (2):
ubsan: Restore dependency on ARCH_HAS_UBSAN
kunit/fortify: Fix memcmp() test to be amplitude agnostic

Stephen Boyd (1):
loadpin: Prevent SECURITY_LOADPIN_ENFORCE=y without module decompression

lib/Kconfig.ubsan | 1 +
lib/fortify_kunit.c | 2 +-
security/loadpin/Kconfig | 3 +++
3 files changed, 5 insertions(+), 1 deletion(-)

--
Kees Cook

Next message: Reinette Chatre: "Re: [PATCH v18 06/17] x86/resctrl: Introduce snc_nodes_per_l3_cache"
Previous message: Huang, Kai: "Re: [PATCH v19 039/130] KVM: TDX: initialize VM with TDX specific parameters"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]