[GIT PULL] hardening updates for v7.0-rc1

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [GIT PULL] hardening updates for v7.0-rc1
@ 2026-02-09 18:39 Kees Cook
  2026-02-10 18:10 ` pr-tracker-bot
  0 siblings, 1 reply; 2+ messages in thread
From: Kees Cook @ 2026-02-09 18:39 UTC (permalink / raw)
  To: Linus Torvalds
  Cc: linux-kernel, Bill Wendling, Christian Lamparter,
	Danilo Krummrich, David Laight, Gustavo A. R. Silva, Jan Kara,
	Justin Stitt, Kees Cook, Nathan Chancellor, Nicolas Schier,
	Simon Horman, Stefan Wiehler, Thorsten Blum, Tyler Hicks,
	WangYuli

Hi Linus,

Please pull these hardening updates for v7.0-rc1. Mostly small cleanups
and various scattered annotations and flex array warning fixes that we
reviewed by unlanded in other trees. Introduces new annotation for expanding
counted_by to pointer members, now that compiler behavior between GCC
and Clang has been normalized.

Thanks!

-Kees

The following changes since commit 9448598b22c50c8a5bb77a9103e2d49f134c9578:

  Linux 6.19-rc2 (2025-12-21 15:52:04 -0800)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/hardening-v7.0-rc1

for you to fetch changes up to 44dd7cfbd1db5199cf7afe03158a578a64b55800:

  MAINTAINERS: pstore: Remove L: entry (2026-01-17 11:00:37 -0800)

----------------------------------------------------------------
hardening updates for v7.0-rc1

- Various missed __counted_by annotations (Thorsten Blum)

- Various missed -Wflex-array-member-not-at-end fixes (Gustavo A. R. Silva)

- Avoid leftover tempfiles for interrupted compile-time FORTIFY tests
  (Nicolas Schier)

- Remove non-existant CONFIG_UBSAN_REPORT_FULL from docs (Stefan Wiehler)

- fortify: Use C arithmetic not FIELD_xxx() in FORTIFY_REASON defines
  (David Laight)

- Add __counted_by_ptr attribute, tests, and first user (Bill Wendling,
  Kees Cook)

- Update MAINTAINERS file to make hardening section not include pstore

----------------------------------------------------------------
Bill Wendling (1):
      compiler_types.h: Attributes: Add __counted_by_ptr macro

David Laight (1):
      fortify: Use C arithmetic not FIELD_xxx() in FORTIFY_REASON defines

Gustavo A. R. Silva (3):
      drm/nouveau: fifo: Avoid -Wflex-array-member-not-at-end warning
      carl9170: Avoid -Wflex-array-member-not-at-end warning
      nfp: tls: Avoid -Wflex-array-member-not-at-end warnings

Kees Cook (3):
      lkdtm/bugs: Add __counted_by_ptr() test PTR_BOUNDS
      coredump: Use __counted_by_ptr for struct core_name::corename
      MAINTAINERS: pstore: Remove L: entry

Nicolas Schier (2):
      fortify: Rename temporary file to match ignore pattern
      fortify: Cleanup temp file also on non-successful exit

Stefan Wiehler (1):
      Kconfig.ubsan: Remove CONFIG_UBSAN_REPORT_FULL from documentation

Thorsten Blum (3):
      crypto: af_alg - Annotate struct af_alg_iv with __counted_by
      fs/xattr: Annotate struct simple_xattr with __counted_by
      ecryptfs: Annotate struct ecryptfs_message with __counted_by

 init/Kconfig                                    |  7 ++
 lib/Kconfig.ubsan                               |  2 +-
 Makefile                                        |  6 ++
 drivers/net/ethernet/netronome/nfp/crypto/fw.h  | 24 ++++---
 drivers/net/wireless/ath/carl9170/carl9170.h    | 12 ++--
 fs/ecryptfs/ecryptfs_kernel.h                   |  2 +-
 include/linux/compiler_types.h                  | 18 ++++-
 include/linux/fortify-string.h                  |  8 +--
 include/linux/xattr.h                           |  2 +-
 include/uapi/linux/if_alg.h                     |  2 +-
 include/uapi/linux/stddef.h                     |  4 ++
 drivers/gpu/drm/nouveau/nvif/fifo.c             |  5 +-
 drivers/misc/lkdtm/bugs.c                       | 90 ++++++++++++++++++++++---
 drivers/net/ethernet/netronome/nfp/crypto/tls.c |  8 ++-
 fs/coredump.c                                   |  8 +--
 MAINTAINERS                                     |  1 -
 lib/test_fortify/test_fortify.sh                |  4 +-
 tools/testing/selftests/lkdtm/tests.txt         |  2 +
 18 files changed, 161 insertions(+), 44 deletions(-)

-- 
Kees Cook

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [GIT PULL] hardening updates for v7.0-rc1
  2026-02-09 18:39 [GIT PULL] hardening updates for v7.0-rc1 Kees Cook
@ 2026-02-10 18:10 ` pr-tracker-bot
  0 siblings, 0 replies; 2+ messages in thread
From: pr-tracker-bot @ 2026-02-10 18:10 UTC (permalink / raw)
  To: Kees Cook
  Cc: Linus Torvalds, linux-kernel, Bill Wendling, Christian Lamparter,
	Danilo Krummrich, David Laight, Gustavo A. R. Silva, Jan Kara,
	Justin Stitt, Kees Cook, Nathan Chancellor, Nicolas Schier,
	Simon Horman, Stefan Wiehler, Thorsten Blum, Tyler Hicks,
	WangYuli

The pull request you sent on Mon, 9 Feb 2026 10:39:21 -0800:

> https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/hardening-v7.0-rc1

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/85f24b0ace9aa79142f632fc3ccc730a8d2a4a28

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2026-02-10 18:10 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-02-09 18:39 [GIT PULL] hardening updates for v7.0-rc1 Kees Cook
2026-02-10 18:10 ` pr-tracker-bot

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox