github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-02 11:33:28 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
34df25517a
linux/security
History
Kees Cook 34df25517a selinux: Annotate struct sidtab_str_cache with __counted_by 
Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by can have
their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
(for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family
functions).

As found with Coccinelle[1], add __counted_by for struct sidtab_str_cache.

[1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci

Cc: Paul Moore <paul@paul-moore.com>
Cc: Stephen Smalley <stephen.smalley.work@gmail.com>
Cc: Eric Paris <eparis@parisplace.org>
Cc: Ondrej Mosnacek <omosnace@redhat.com>
Cc: selinux@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2023-09-12 16:58:40 -04:00
..
apparmor lsm/stable-6.6 PR 20230829 2023-08-30 09:07:09 -07:00
bpf selinux: remove the runtime disable functionality 2023-03-20 12:34:23 -04:00
integrity integrity-v6.6 2023-08-30 09:16:56 -07:00
keys KEYS: Replace all non-returning strlcpy with strscpy 2023-08-17 20:12:35 +00:00
landlock landlock: Annotate struct landlock_rule with __counted_by 2023-08-18 11:44:42 +02:00
loadpin LoadPin: Annotate struct dm_verity_loadpin_trusted_root_digest with __counted_by 2023-08-25 16:07:30 -07:00
lockdown selinux: remove the runtime disable functionality 2023-03-20 12:34:23 -04:00
safesetid SafeSetID: fix UID printed instead of GID 2023-06-20 20:26:00 -04:00
selinux selinux: Annotate struct sidtab_str_cache with __counted_by 2023-09-12 16:58:40 -04:00
smack Smack updates for v6.6. Two minor fixes. 2023-08-30 09:28:07 -07:00
tomoyo tomoyo: remove unused function declaration 2023-08-13 22:07:15 +09:00
yama sysctl-6.4-rc1 2023-04-27 16:52:33 -07:00
commoncap.c lsm: constify the 'target' parameter in security_capget() 2023-08-08 16:48:47 -04:00
device_cgroup.c device_cgroup: Fix kernel-doc warnings in device_cgroup 2023-06-21 09:30:49 -04:00
inode.c security: convert to ctime accessor functions 2023-07-24 10:30:08 +02:00
Kconfig mm/slab: remove HAVE_HARDENED_USERCOPY_ALLOCATOR 2023-05-24 15:38:17 +02:00
Kconfig.hardening hardening: Move BUG_ON_DATA_CORRUPTION to hardening options 2023-08-15 14:57:25 -07:00
lsm_audit.c lsm: fix a number of misspellings 2023-05-25 17:52:15 -04:00
Makefile
min_addr.c
security.c lsm/stable-6.6 PR 20230829 2023-08-30 09:07:09 -07:00