Show patches with: Submitter = Kees Cook       |    State = Action Required       |   714 patches
« 1 2 3 47 8 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
hardening: Refresh KCFI options, add some more hardening: Refresh KCFI options, add some more - - - --- 2024-04-26 Kees Cook New
kunit/fortify: Fix mismatched kvalloc()/vfree() usage kunit/fortify: Fix mismatched kvalloc()/vfree() usage - - - --- 2024-04-25 Kees Cook New
mm/slub: Avoid recursive loop with kmemleak mm/slub: Avoid recursive loop with kmemleak 1 - - --- 2024-04-25 Kees Cook New
wifi: nl80211: Avoid address calculations via out of bounds array indexing wifi: nl80211: Avoid address calculations via out of bounds array indexing - - 1 --- 2024-04-24 Kees Cook New
[v3,6/6] mm/util: Use dedicated slab buckets for memdup_user() slab: Introduce dedicated bucket allocator - - - --- 2024-04-24 Kees Cook New
[v3,5/6] ipc, msg: Use dedicated slab buckets for alloc_msg() slab: Introduce dedicated bucket allocator - - - --- 2024-04-24 Kees Cook New
[v3,4/6] mm/slab: Introduce kmem_buckets_create() and family slab: Introduce dedicated bucket allocator - - - --- 2024-04-24 Kees Cook New
[v3,3/6] mm/slab: Introduce __kvmalloc_node() that can take kmem_buckets argument slab: Introduce dedicated bucket allocator - - - --- 2024-04-24 Kees Cook New
[v3,2/6] mm/slab: Plumb kmem_buckets into __do_kmalloc_node() slab: Introduce dedicated bucket allocator - - - --- 2024-04-24 Kees Cook New
[v3,1/6] mm/slab: Introduce kmem_buckets typedef slab: Introduce dedicated bucket allocator - - - --- 2024-04-24 Kees Cook New
[4/4] ipv4: Silence intentional wrapping addition Annotate atomics for signed integer wrap-around - - - --- 2024-04-24 Kees Cook New
[3/4] locking/atomic: Annotate generic atomics with wrapping Annotate atomics for signed integer wrap-around - - - --- 2024-04-24 Kees Cook New
[2/4] arm64: atomics: lse: Silence intentional wrapping addition Annotate atomics for signed integer wrap-around - - - --- 2024-04-24 Kees Cook New
[1/4] locking/atomic/x86: Silence intentional wrapping addition Annotate atomics for signed integer wrap-around - - - --- 2024-04-24 Kees Cook New
[3/5] scsi: mpt3sas: Avoid possible run-time warning with long manufacturer strings scsi: Avoid possible run-time warning with long manufacturer strings - - - --- 2024-04-10 Kees Cook New
[v2] fs: Set file_handle::handle_bytes before referencing file_handle::f_handle [v2] fs: Set file_handle::handle_bytes before referencing file_handle::f_handle - - - --- 2024-04-04 Kees Cook New
[RFC] iio: pressure: dlhl60d: Check mask_width for IRQs [RFC] iio: pressure: dlhl60d: Check mask_width for IRQs - - - --- 2024-02-22 Kees Cook New
[2/2] binfmt_elf: Leave a gap between .bss and brk Adjust brk randomness - - - --- 2024-02-17 Kees Cook New
ntfs: Replace struct ntfs_name 0-sized array with flexible array ntfs: Replace struct ntfs_name 0-sized array with flexible array - - - --- 2024-02-16 Kees Cook New
fortify: Include more details when reporting overflows fortify: Include more details when reporting overflows - - - --- 2024-02-16 Kees Cook New
[v2] creds: Convert cred.usage to refcount_t [v2] creds: Convert cred.usage to refcount_t - 3 - --- 2023-08-18 Kees Cook New
[04/21] dmaengine: fsl-edma: Annotate struct fsl_edma_desc with __counted_by dmaengine: Annotate with __counted_by - 1 - --- 2023-08-17 Kees Cook New
fortify: Improve buffer overflow reporting fortify: Improve buffer overflow reporting - - - --- 2023-03-02 Kees Cook New
ubsan: Tighten UBSAN_BOUNDS on GCC ubsan: Tighten UBSAN_BOUNDS on GCC - - - --- 2023-03-02 Kees Cook New
wifi: iwlwifi: dvm: Add struct_group for struct iwl_keyinfo keys wifi: iwlwifi: dvm: Add struct_group for struct iwl_keyinfo keys - 1 - --- 2023-02-18 Kees Cook New
bpf: Deprecate "data" member of bpf_lpm_trie_key bpf: Deprecate "data" member of bpf_lpm_trie_key - - - --- 2023-02-09 Kees Cook New
drm/nouveau/disp: More DP_RECEIVER_CAP_SIZE array fixes drm/nouveau/disp: More DP_RECEIVER_CAP_SIZE array fixes - 2 - --- 2023-02-04 Kees Cook New
jfs: Use unsigned variable for length calculations jfs: Use unsigned variable for length calculations 2 - - --- 2023-02-04 Kees Cook New
[v2] lm85: Bounds check to_sensor_dev_attr()->index usage [v2] lm85: Bounds check to_sensor_dev_attr()->index usage - - - --- 2023-02-03 Kees Cook New
drm/nouveau/disp: Fix nvif_outp_acquire_dp() argument size drm/nouveau/disp: Fix nvif_outp_acquire_dp() argument size - 1 - --- 2022-11-27 Kees Cook New
ACPICA: Replace fake flexible arrays with flexible array members ACPICA: Replace fake flexible arrays with flexible array members - - - --- 2022-11-18 Kees Cook New
firmware: meson_sm: Fix memcpy vs iomem type warnings firmware: meson_sm: Fix memcpy vs iomem type warnings 1 - - --- 2022-10-12 Kees Cook New
scsi: bfa: Avoid clashing function prototypes scsi: bfa: Avoid clashing function prototypes - - - --- 2022-09-29 Kees Cook New
checkpatch: Don't count URLs for "line too long" checkpatch: Don't count URLs for "line too long" - - - --- 2022-09-27 Kees Cook New
dlm: Split memcpy() of struct dlm_message flexible array dlm: Split memcpy() of struct dlm_message flexible array - 1 - --- 2022-09-24 Kees Cook New
string: Rewrite and add more kern-doc for the str*() functions string: Rewrite and add more kern-doc for the str*() functions - - 1 --- 2022-09-22 Kees Cook New
[4/4] fortify: Use __builtin_dynamic_object_size() when available fortify: Use __builtin_dynamic_object_size() when available - 2 1 --- 2022-09-20 Kees Cook New
x86/Kconfig: Enable kernel IBT by default x86/Kconfig: Enable kernel IBT by default - - - --- 2022-09-02 Kees Cook New
treewide: fix "interruptible" misspellings treewide: fix "interruptible" misspellings - 1 - --- 2022-07-01 Kees Cook New
fs/coda: Do not use partially allocated struct fs/coda: Do not use partially allocated struct - - - --- 2022-05-20 Kees Cook New
sched/psi: Bounds-check state iterator against NR_PSI_STATES sched/psi: Bounds-check state iterator against NR_PSI_STATES - 1 - --- 2022-05-20 Kees Cook New
KVM: x86/emulator: Bounds check reg nr against reg array size KVM: x86/emulator: Bounds check reg nr against reg array size - - - --- 2022-05-20 Kees Cook New
[v2] sign-file: Convert API usage to support OpenSSL v3 [v2] sign-file: Convert API usage to support OpenSSL v3 - - 2 --- 2022-05-18 Kees Cook New
mm: Handle ksize() vs __alloc_size by forgetting size mm: Handle ksize() vs __alloc_size by forgetting size - - - --- 2022-02-25 Kees Cook New
alpha: Implement "current_stack_pointer" alpha: Implement "current_stack_pointer" - - - --- 2022-02-24 Kees Cook New
[v10,6/6] lkdtm: Add REPORT_STACK for checking stack offsets Optionally randomize kernel stack offset each syscall - - - --- 2021-04-01 Kees Cook New
[v10,5/6] arm64: entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall 1 - - --- 2021-04-01 Kees Cook New
[v10,4/6] x86/entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - 1 - --- 2021-04-01 Kees Cook New
[v10,3/6] stack: Optionally randomize kernel stack offset each syscall Optionally randomize kernel stack offset each syscall - 1 - --- 2021-04-01 Kees Cook New
[v10,2/6] init_on_alloc: Optimize static branches Optionally randomize kernel stack offset each syscall 1 1 - --- 2021-04-01 Kees Cook New
[v10,1/6] jump_label: Provide CONFIG-driven build state defaults Optionally randomize kernel stack offset each syscall 1 - - --- 2021-04-01 Kees Cook New
[v9,6/6] lkdtm: Add REPORT_STACK for checking stack offsets Optionally randomize kernel stack offset each syscall - - - --- 2021-03-31 Kees Cook New
[v9,5/6] arm64: entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - - - --- 2021-03-31 Kees Cook New
[v9,4/6] x86/entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - 1 - --- 2021-03-31 Kees Cook New
[v9,3/6] stack: Optionally randomize kernel stack offset each syscall Optionally randomize kernel stack offset each syscall - 1 - --- 2021-03-31 Kees Cook New
[v9,2/6] init_on_alloc: Optimize static branches Optionally randomize kernel stack offset each syscall 1 1 - --- 2021-03-31 Kees Cook New
[v9,1/6] jump_label: Provide CONFIG-driven build state defaults Optionally randomize kernel stack offset each syscall 1 - - --- 2021-03-31 Kees Cook New
[v8,6/6] lkdtm: Add REPORT_STACK for checking stack offsets Optionally randomize kernel stack offset each syscall - - - --- 2021-03-30 Kees Cook New
[v8,5/6] arm64: entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - - - --- 2021-03-30 Kees Cook New
[v8,4/6] x86/entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - 1 - --- 2021-03-30 Kees Cook New
[v8,3/6] stack: Optionally randomize kernel stack offset each syscall Optionally randomize kernel stack offset each syscall - 1 - --- 2021-03-30 Kees Cook New
[v8,2/6] init_on_alloc: Optimize static branches Optionally randomize kernel stack offset each syscall 1 1 - --- 2021-03-30 Kees Cook New
[v8,1/6] jump_label: Provide CONFIG-driven build state defaults Optionally randomize kernel stack offset each syscall 1 - - --- 2021-03-30 Kees Cook New
[v7,6/6] lkdtm: Add REPORT_STACK for checking stack offsets Optionally randomize kernel stack offset each syscall - - - --- 2021-03-19 Kees Cook New
[v7,5/6] arm64: entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - - - --- 2021-03-19 Kees Cook New
[v7,4/6] x86/entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - - - --- 2021-03-19 Kees Cook New
[v7,3/6] stack: Optionally randomize kernel stack offset each syscall Optionally randomize kernel stack offset each syscall - - - --- 2021-03-19 Kees Cook New
[v7,2/6] init_on_alloc: Optimize static branches Optionally randomize kernel stack offset each syscall 1 1 - --- 2021-03-19 Kees Cook New
[v7,1/6] jump_label: Provide CONFIG-driven build state defaults Optionally randomize kernel stack offset each syscall 1 - - --- 2021-03-19 Kees Cook New
[v6,6/6] lkdtm: Add REPORT_STACK for checking stack offsets Optionally randomize kernel stack offset each syscall - - - --- 2021-03-15 Kees Cook New
[v6,5/6] arm64: entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - - - --- 2021-03-15 Kees Cook New
[v6,4/6] x86/entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - - - --- 2021-03-15 Kees Cook New
[v6,3/6] stack: Optionally randomize kernel stack offset each syscall Optionally randomize kernel stack offset each syscall - - - --- 2021-03-15 Kees Cook New
[v6,2/6] init_on_alloc: Optimize static branches Optionally randomize kernel stack offset each syscall 1 1 - --- 2021-03-15 Kees Cook New
[v6,1/6] jump_label: Provide CONFIG-driven build state defaults Optionally randomize kernel stack offset each syscall 1 - - --- 2021-03-15 Kees Cook New
[v5,7/7] lkdtm: Add REPORT_STACK for checking stack offsets Optionally randomize kernel stack offset each syscall - - - --- 2021-03-09 Kees Cook New
[v5,6/7] arm64: entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - - - --- 2021-03-09 Kees Cook New
[v5,5/7] x86/entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - - - --- 2021-03-09 Kees Cook New
[v5,4/7] stack: Optionally randomize kernel stack offset each syscall Optionally randomize kernel stack offset each syscall - - - --- 2021-03-09 Kees Cook New
[v5,3/7] init_on_alloc: Unpessimize default-on builds Optionally randomize kernel stack offset each syscall - 1 - --- 2021-03-09 Kees Cook New
[v5,2/7] jump_label: Provide CONFIG-driven build state defaults Optionally randomize kernel stack offset each syscall 1 - - --- 2021-03-09 Kees Cook New
[v5,1/7] mm: Restore init_on_* static branch defaults Optionally randomize kernel stack offset each syscall - - - --- 2021-03-09 Kees Cook New
[v2] MAINTAINERS: Change hardening mailing list [v2] MAINTAINERS: Change hardening mailing list - - - --- 2020-10-06 Kees Cook New
MAINTAINERS: Change hardening mailing list MAINTAINERS: Change hardening mailing list - - - --- 2020-10-05 Kees Cook New
[RFC,6/6] security/fbfam: Mitigate a fork brute force attack Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,5/6] security/fbfam: Detect a fork brute force attack Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,4/6] security/fbfam: Add a new sysctl to control the crashing rate threshold Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,3/6] security/fbfam: Use the api to manage statistics Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,2/6] security/fbfam: Add the api to manage statistics Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[RFC,1/6] security/fbfam: Add a Kconfig to enable the fbfam feature Fork brute force attack mitigation (fbfam) - - - --- 2020-09-10 Kees Cook New
[v2] overflow: Add __must_check attribute to check_*() helpers [v2] overflow: Add __must_check attribute to check_*() helpers - - - --- 2020-08-15 Kees Cook New
overflow: Add __must_check attribute to check_*() helpers overflow: Add __must_check attribute to check_*() helpers - - - --- 2020-08-12 Kees Cook New
[RFC] saturate check_*_overflow() output? [RFC] saturate check_*_overflow() output? - - - --- 2020-08-03 Kees Cook New
[3/3] tasklet: Introduce new initialization API Modernize tasklet callback API - 1 - --- 2020-07-16 Kees Cook New
[2/3] treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD() Modernize tasklet callback API - 1 - --- 2020-07-16 Kees Cook New
[1/3] usb: gadget: udc: Avoid tasklet passing a global Modernize tasklet callback API 1 1 - --- 2020-07-16 Kees Cook New
[v4,5/5] arm64: entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - - - --- 2020-06-22 Kees Cook New
[v4,4/5] x86/entry: Enable random_kstack_offset support Optionally randomize kernel stack offset each syscall - - - --- 2020-06-22 Kees Cook New
[v4,3/5] stack: Optionally randomize kernel stack offset each syscall Optionally randomize kernel stack offset each syscall - - - --- 2020-06-22 Kees Cook New
[v4,2/5] init_on_alloc: Unpessimize default-on builds Optionally randomize kernel stack offset each syscall - 1 - --- 2020-06-22 Kees Cook New
« 1 2 3 47 8 »