From: Kees Cook <kees@kernel.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-kernel@vger.kernel.org, Bill Wendling <morbo@google.com>,
Christian Lamparter <chunkeey@gmail.com>,
Danilo Krummrich <dakr@kernel.org>,
David Laight <david.laight.linux@gmail.com>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
Jan Kara <jack@suse.cz>, Justin Stitt <justinstitt@google.com>,
Kees Cook <kees@kernel.org>,
Nathan Chancellor <nathan@kernel.org>,
Nicolas Schier <nsc@kernel.org>, Simon Horman <horms@kernel.org>,
Stefan Wiehler <stefan.wiehler@nokia.com>,
Thorsten Blum <thorsten.blum@linux.dev>,
Tyler Hicks <code@tyhicks.com>, WangYuli <wangyuli@aosc.io>
Subject: [GIT PULL] hardening updates for v7.0-rc1
Date: Mon, 9 Feb 2026 10:39:21 -0800 [thread overview]
Message-ID: <202602091037.93F180E@keescook> (raw)
Hi Linus,
Please pull these hardening updates for v7.0-rc1. Mostly small cleanups
and various scattered annotations and flex array warning fixes that we
reviewed by unlanded in other trees. Introduces new annotation for expanding
counted_by to pointer members, now that compiler behavior between GCC
and Clang has been normalized.
Thanks!
-Kees
The following changes since commit 9448598b22c50c8a5bb77a9103e2d49f134c9578:
Linux 6.19-rc2 (2025-12-21 15:52:04 -0800)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/hardening-v7.0-rc1
for you to fetch changes up to 44dd7cfbd1db5199cf7afe03158a578a64b55800:
MAINTAINERS: pstore: Remove L: entry (2026-01-17 11:00:37 -0800)
----------------------------------------------------------------
hardening updates for v7.0-rc1
- Various missed __counted_by annotations (Thorsten Blum)
- Various missed -Wflex-array-member-not-at-end fixes (Gustavo A. R. Silva)
- Avoid leftover tempfiles for interrupted compile-time FORTIFY tests
(Nicolas Schier)
- Remove non-existant CONFIG_UBSAN_REPORT_FULL from docs (Stefan Wiehler)
- fortify: Use C arithmetic not FIELD_xxx() in FORTIFY_REASON defines
(David Laight)
- Add __counted_by_ptr attribute, tests, and first user (Bill Wendling,
Kees Cook)
- Update MAINTAINERS file to make hardening section not include pstore
----------------------------------------------------------------
Bill Wendling (1):
compiler_types.h: Attributes: Add __counted_by_ptr macro
David Laight (1):
fortify: Use C arithmetic not FIELD_xxx() in FORTIFY_REASON defines
Gustavo A. R. Silva (3):
drm/nouveau: fifo: Avoid -Wflex-array-member-not-at-end warning
carl9170: Avoid -Wflex-array-member-not-at-end warning
nfp: tls: Avoid -Wflex-array-member-not-at-end warnings
Kees Cook (3):
lkdtm/bugs: Add __counted_by_ptr() test PTR_BOUNDS
coredump: Use __counted_by_ptr for struct core_name::corename
MAINTAINERS: pstore: Remove L: entry
Nicolas Schier (2):
fortify: Rename temporary file to match ignore pattern
fortify: Cleanup temp file also on non-successful exit
Stefan Wiehler (1):
Kconfig.ubsan: Remove CONFIG_UBSAN_REPORT_FULL from documentation
Thorsten Blum (3):
crypto: af_alg - Annotate struct af_alg_iv with __counted_by
fs/xattr: Annotate struct simple_xattr with __counted_by
ecryptfs: Annotate struct ecryptfs_message with __counted_by
init/Kconfig | 7 ++
lib/Kconfig.ubsan | 2 +-
Makefile | 6 ++
drivers/net/ethernet/netronome/nfp/crypto/fw.h | 24 ++++---
drivers/net/wireless/ath/carl9170/carl9170.h | 12 ++--
fs/ecryptfs/ecryptfs_kernel.h | 2 +-
include/linux/compiler_types.h | 18 ++++-
include/linux/fortify-string.h | 8 +--
include/linux/xattr.h | 2 +-
include/uapi/linux/if_alg.h | 2 +-
include/uapi/linux/stddef.h | 4 ++
drivers/gpu/drm/nouveau/nvif/fifo.c | 5 +-
drivers/misc/lkdtm/bugs.c | 90 ++++++++++++++++++++++---
drivers/net/ethernet/netronome/nfp/crypto/tls.c | 8 ++-
fs/coredump.c | 8 +--
MAINTAINERS | 1 -
lib/test_fortify/test_fortify.sh | 4 +-
tools/testing/selftests/lkdtm/tests.txt | 2 +
18 files changed, 161 insertions(+), 44 deletions(-)
--
Kees Cook
next reply other threads:[~2026-02-09 18:39 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-09 18:39 Kees Cook [this message]
2026-02-10 18:10 ` [GIT PULL] hardening updates for v7.0-rc1 pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202602091037.93F180E@keescook \
--to=kees@kernel.org \
--cc=chunkeey@gmail.com \
--cc=code@tyhicks.com \
--cc=dakr@kernel.org \
--cc=david.laight.linux@gmail.com \
--cc=gustavoars@kernel.org \
--cc=horms@kernel.org \
--cc=jack@suse.cz \
--cc=justinstitt@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=morbo@google.com \
--cc=nathan@kernel.org \
--cc=nsc@kernel.org \
--cc=stefan.wiehler@nokia.com \
--cc=thorsten.blum@linux.dev \
--cc=torvalds@linux-foundation.org \
--cc=wangyuli@aosc.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox