* [PATCH] MAINTAINERS: Add a general "kernel hardening" section
@ 2022-07-02 0:46 Kees Cook
2022-07-05 15:26 ` Nathan Chancellor
2022-07-05 17:54 ` Gustavo A. R. Silva
0 siblings, 2 replies; 3+ messages in thread
From: Kees Cook @ 2022-07-02 0:46 UTC (permalink / raw)
To: keescook
Cc: Nathan Chancellor, Nick Desaulniers, Tom Rix, linux-kernel, llvm,
linux-hardening
While many large subsystems related to kernel hardening have their own
distinct MAINTAINERS entries, there are some smaller collections that
don't, but are maintained/reviewed by linux-hardening@vger.kernel.org.
Add a section to capture these, add (or replace defunct) trees that are
now all carried in the hardening tree.
Signed-off-by: Kees Cook <keescook@chromium.org>
---
MAINTAINERS | 21 +++++++++++++++++----
1 file changed, 17 insertions(+), 4 deletions(-)
diff --git a/MAINTAINERS b/MAINTAINERS
index 3cf9842d9233..2702b29e922f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -4873,7 +4873,7 @@ R: Nick Desaulniers <ndesaulniers@google.com>
L: llvm@lists.linux.dev
S: Supported
B: https://github.com/ClangBuiltLinux/linux/issues
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/clang/features
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
F: include/linux/cfi.h
F: kernel/cfi.c
@@ -7783,6 +7783,7 @@ FORTIFY_SOURCE
M: Kees Cook <keescook@chromium.org>
L: linux-hardening@vger.kernel.org
S: Supported
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
F: include/linux/fortify-string.h
F: lib/test_fortify/*
F: scripts/test_fortify.sh
@@ -8225,6 +8226,7 @@ GCC PLUGINS
M: Kees Cook <keescook@chromium.org>
L: linux-hardening@vger.kernel.org
S: Maintained
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
F: Documentation/kbuild/gcc-plugins.rst
F: scripts/Makefile.gcc-plugins
F: scripts/gcc-plugins/
@@ -10742,6 +10744,17 @@ F: scripts/mk*
F: scripts/mod/
F: scripts/package/
+KERNEL HARDENING (not covered by other areas)
+M: Kees Cook <keescook@chromium.org>
+L: linux-hardening@vger.kernel.org
+S: Supported
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
+F: include/linux/overflow.h
+F: include/linux/randomize_kstack.h
+F: mm/usercopy.c
+K: \b(add|choose)_random_kstack_offset\b
+K: \b__check_(object_size|heap_object)\b
+
KERNEL JANITORS
L: kernel-janitors@vger.kernel.org
S: Odd Fixes
@@ -11542,7 +11555,7 @@ F: drivers/media/usb/dvb-usb-v2/lmedm04*
LOADPIN SECURITY MODULE
M: Kees Cook <keescook@chromium.org>
S: Supported
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git lsm/loadpin
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
F: Documentation/admin-guide/LSM/LoadPin.rst
F: security/loadpin/
@@ -17857,7 +17870,7 @@ M: Kees Cook <keescook@chromium.org>
R: Andy Lutomirski <luto@amacapital.net>
R: Will Drewry <wad@chromium.org>
S: Supported
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git seccomp
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/seccomp
F: Documentation/userspace-api/seccomp_filter.rst
F: include/linux/seccomp.h
F: include/uapi/linux/seccomp.h
@@ -21993,7 +22006,7 @@ F: include/linux/yam.h
YAMA SECURITY MODULE
M: Kees Cook <keescook@chromium.org>
S: Supported
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git yama/tip
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
F: Documentation/admin-guide/LSM/Yama.rst
F: security/yama/
--
2.32.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] MAINTAINERS: Add a general "kernel hardening" section
2022-07-02 0:46 [PATCH] MAINTAINERS: Add a general "kernel hardening" section Kees Cook
@ 2022-07-05 15:26 ` Nathan Chancellor
2022-07-05 17:54 ` Gustavo A. R. Silva
1 sibling, 0 replies; 3+ messages in thread
From: Nathan Chancellor @ 2022-07-05 15:26 UTC (permalink / raw)
To: Kees Cook; +Cc: Nick Desaulniers, Tom Rix, linux-kernel, llvm, linux-hardening
On Fri, Jul 01, 2022 at 05:46:38PM -0700, Kees Cook wrote:
> While many large subsystems related to kernel hardening have their own
> distinct MAINTAINERS entries, there are some smaller collections that
> don't, but are maintained/reviewed by linux-hardening@vger.kernel.org.
> Add a section to capture these, add (or replace defunct) trees that are
> now all carried in the hardening tree.
>
> Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Nathan Chancellor <nathan@kernel.org>
> ---
> MAINTAINERS | 21 +++++++++++++++++----
> 1 file changed, 17 insertions(+), 4 deletions(-)
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 3cf9842d9233..2702b29e922f 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -4873,7 +4873,7 @@ R: Nick Desaulniers <ndesaulniers@google.com>
> L: llvm@lists.linux.dev
> S: Supported
> B: https://github.com/ClangBuiltLinux/linux/issues
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/clang/features
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: include/linux/cfi.h
> F: kernel/cfi.c
>
> @@ -7783,6 +7783,7 @@ FORTIFY_SOURCE
> M: Kees Cook <keescook@chromium.org>
> L: linux-hardening@vger.kernel.org
> S: Supported
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: include/linux/fortify-string.h
> F: lib/test_fortify/*
> F: scripts/test_fortify.sh
> @@ -8225,6 +8226,7 @@ GCC PLUGINS
> M: Kees Cook <keescook@chromium.org>
> L: linux-hardening@vger.kernel.org
> S: Maintained
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/kbuild/gcc-plugins.rst
> F: scripts/Makefile.gcc-plugins
> F: scripts/gcc-plugins/
> @@ -10742,6 +10744,17 @@ F: scripts/mk*
> F: scripts/mod/
> F: scripts/package/
>
> +KERNEL HARDENING (not covered by other areas)
> +M: Kees Cook <keescook@chromium.org>
> +L: linux-hardening@vger.kernel.org
> +S: Supported
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> +F: include/linux/overflow.h
> +F: include/linux/randomize_kstack.h
> +F: mm/usercopy.c
> +K: \b(add|choose)_random_kstack_offset\b
> +K: \b__check_(object_size|heap_object)\b
> +
> KERNEL JANITORS
> L: kernel-janitors@vger.kernel.org
> S: Odd Fixes
> @@ -11542,7 +11555,7 @@ F: drivers/media/usb/dvb-usb-v2/lmedm04*
> LOADPIN SECURITY MODULE
> M: Kees Cook <keescook@chromium.org>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git lsm/loadpin
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/admin-guide/LSM/LoadPin.rst
> F: security/loadpin/
>
> @@ -17857,7 +17870,7 @@ M: Kees Cook <keescook@chromium.org>
> R: Andy Lutomirski <luto@amacapital.net>
> R: Will Drewry <wad@chromium.org>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git seccomp
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/seccomp
> F: Documentation/userspace-api/seccomp_filter.rst
> F: include/linux/seccomp.h
> F: include/uapi/linux/seccomp.h
> @@ -21993,7 +22006,7 @@ F: include/linux/yam.h
> YAMA SECURITY MODULE
> M: Kees Cook <keescook@chromium.org>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git yama/tip
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/admin-guide/LSM/Yama.rst
> F: security/yama/
>
> --
> 2.32.0
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] MAINTAINERS: Add a general "kernel hardening" section
2022-07-02 0:46 [PATCH] MAINTAINERS: Add a general "kernel hardening" section Kees Cook
2022-07-05 15:26 ` Nathan Chancellor
@ 2022-07-05 17:54 ` Gustavo A. R. Silva
1 sibling, 0 replies; 3+ messages in thread
From: Gustavo A. R. Silva @ 2022-07-05 17:54 UTC (permalink / raw)
To: Kees Cook
Cc: Nathan Chancellor, Nick Desaulniers, Tom Rix, linux-kernel, llvm,
linux-hardening
On Fri, Jul 01, 2022 at 05:46:38PM -0700, Kees Cook wrote:
> While many large subsystems related to kernel hardening have their own
> distinct MAINTAINERS entries, there are some smaller collections that
> don't, but are maintained/reviewed by linux-hardening@vger.kernel.org.
> Add a section to capture these, add (or replace defunct) trees that are
> now all carried in the hardening tree.
>
> Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Thanks
--
Gustavo
> ---
> MAINTAINERS | 21 +++++++++++++++++----
> 1 file changed, 17 insertions(+), 4 deletions(-)
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 3cf9842d9233..2702b29e922f 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -4873,7 +4873,7 @@ R: Nick Desaulniers <ndesaulniers@google.com>
> L: llvm@lists.linux.dev
> S: Supported
> B: https://github.com/ClangBuiltLinux/linux/issues
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/clang/features
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: include/linux/cfi.h
> F: kernel/cfi.c
>
> @@ -7783,6 +7783,7 @@ FORTIFY_SOURCE
> M: Kees Cook <keescook@chromium.org>
> L: linux-hardening@vger.kernel.org
> S: Supported
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: include/linux/fortify-string.h
> F: lib/test_fortify/*
> F: scripts/test_fortify.sh
> @@ -8225,6 +8226,7 @@ GCC PLUGINS
> M: Kees Cook <keescook@chromium.org>
> L: linux-hardening@vger.kernel.org
> S: Maintained
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/kbuild/gcc-plugins.rst
> F: scripts/Makefile.gcc-plugins
> F: scripts/gcc-plugins/
> @@ -10742,6 +10744,17 @@ F: scripts/mk*
> F: scripts/mod/
> F: scripts/package/
>
> +KERNEL HARDENING (not covered by other areas)
> +M: Kees Cook <keescook@chromium.org>
> +L: linux-hardening@vger.kernel.org
> +S: Supported
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> +F: include/linux/overflow.h
> +F: include/linux/randomize_kstack.h
> +F: mm/usercopy.c
> +K: \b(add|choose)_random_kstack_offset\b
> +K: \b__check_(object_size|heap_object)\b
> +
> KERNEL JANITORS
> L: kernel-janitors@vger.kernel.org
> S: Odd Fixes
> @@ -11542,7 +11555,7 @@ F: drivers/media/usb/dvb-usb-v2/lmedm04*
> LOADPIN SECURITY MODULE
> M: Kees Cook <keescook@chromium.org>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git lsm/loadpin
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/admin-guide/LSM/LoadPin.rst
> F: security/loadpin/
>
> @@ -17857,7 +17870,7 @@ M: Kees Cook <keescook@chromium.org>
> R: Andy Lutomirski <luto@amacapital.net>
> R: Will Drewry <wad@chromium.org>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git seccomp
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/seccomp
> F: Documentation/userspace-api/seccomp_filter.rst
> F: include/linux/seccomp.h
> F: include/uapi/linux/seccomp.h
> @@ -21993,7 +22006,7 @@ F: include/linux/yam.h
> YAMA SECURITY MODULE
> M: Kees Cook <keescook@chromium.org>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git yama/tip
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/admin-guide/LSM/Yama.rst
> F: security/yama/
>
> --
> 2.32.0
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-07-05 17:55 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-07-02 0:46 [PATCH] MAINTAINERS: Add a general "kernel hardening" section Kees Cook
2022-07-05 15:26 ` Nathan Chancellor
2022-07-05 17:54 ` Gustavo A. R. Silva
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.