<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/fs/pstore, branch v6.10</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>pstore/zone: Don't clear memory twice</title>
<updated>2024-03-09T20:33:22+00:00</updated>
<author>
<name>Christophe JAILLET</name>
<email>christophe.jaillet@wanadoo.fr</email>
</author>
<published>2024-03-09T08:24:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=c8d25d696f526a42ad8cf615dc1131c0b00c662e'/>
<id>c8d25d696f526a42ad8cf615dc1131c0b00c662e</id>
<content type='text'>
There is no need to call memset(..., 0, ...) on memory allocated by
kcalloc(). It is already zeroed.

Remove the redundant call.

Signed-off-by: Christophe JAILLET &lt;christophe.jaillet@wanadoo.fr&gt;
Link: https://lore.kernel.org/r/fa2597400051c18c6ca11187b0e4b906729991b2.1709972649.git.christophe.jaillet@wanadoo.fr
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
There is no need to call memset(..., 0, ...) on memory allocated by
kcalloc(). It is already zeroed.

Remove the redundant call.

Signed-off-by: Christophe JAILLET &lt;christophe.jaillet@wanadoo.fr&gt;
Link: https://lore.kernel.org/r/fa2597400051c18c6ca11187b0e4b906729991b2.1709972649.git.christophe.jaillet@wanadoo.fr
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pstore/zone: Add a null pointer check to the psz_kmsg_read</title>
<updated>2024-02-22T18:37:22+00:00</updated>
<author>
<name>Kunwu Chan</name>
<email>chentao@kylinos.cn</email>
</author>
<published>2024-01-18T10:02:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=98bc7e26e14fbb26a6abf97603d59532475e97f8'/>
<id>98bc7e26e14fbb26a6abf97603d59532475e97f8</id>
<content type='text'>
kasprintf() returns a pointer to dynamically allocated memory
which can be NULL upon failure. Ensure the allocation was successful
by checking the pointer validity.

Signed-off-by: Kunwu Chan &lt;chentao@kylinos.cn&gt;
Link: https://lore.kernel.org/r/20240118100206.213928-1-chentao@kylinos.cn
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
kasprintf() returns a pointer to dynamically allocated memory
which can be NULL upon failure. Ensure the allocation was successful
by checking the pointer validity.

Signed-off-by: Kunwu Chan &lt;chentao@kylinos.cn&gt;
Link: https://lore.kernel.org/r/20240118100206.213928-1-chentao@kylinos.cn
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pstore/ram: Register to module device table</title>
<updated>2024-02-22T18:37:21+00:00</updated>
<author>
<name>Nícolas F. R. A. Prado</name>
<email>nfraprado@collabora.com</email>
</author>
<published>2024-01-10T21:05:02+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=12dc54f568d4f589fd49d7c143cca0cc5fa221fd'/>
<id>12dc54f568d4f589fd49d7c143cca0cc5fa221fd</id>
<content type='text'>
Register the compatible for this module on the module device table so
it can be automatically loaded when a matching DT node is present,
allowing logging of panics and oopses without any intervention.

Signed-off-by: Nícolas F. R. A. Prado &lt;nfraprado@collabora.com&gt;
Reviewed-by: Kees Cook &lt;keescook@chromium.org&gt;
Reviewed-by: AngeloGioacchino Del Regno &lt;angelogioacchino.delregno@collabora.com&gt;
Link: https://lore.kernel.org/r/20240110210600.787703-2-nfraprado@collabora.com
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Register the compatible for this module on the module device table so
it can be automatically loaded when a matching DT node is present,
allowing logging of panics and oopses without any intervention.

Signed-off-by: Nícolas F. R. A. Prado &lt;nfraprado@collabora.com&gt;
Reviewed-by: Kees Cook &lt;keescook@chromium.org&gt;
Reviewed-by: AngeloGioacchino Del Regno &lt;angelogioacchino.delregno@collabora.com&gt;
Link: https://lore.kernel.org/r/20240110210600.787703-2-nfraprado@collabora.com
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pstore: inode: Only d_invalidate() is needed</title>
<updated>2024-02-22T18:37:21+00:00</updated>
<author>
<name>Kees Cook</name>
<email>keescook@chromium.org</email>
</author>
<published>2024-02-22T17:48:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=a43e0fc5e9134a46515de2f2f8d4100b74e50de3'/>
<id>a43e0fc5e9134a46515de2f2f8d4100b74e50de3</id>
<content type='text'>
Unloading a modular pstore backend with records in pstorefs would
trigger the dput() double-drop warning:

  WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410

Using the combo of d_drop()/dput() (as mentioned in
Documentation/filesystems/vfs.rst) isn't the right approach here, and
leads to the reference counting problem seen above. Use d_invalidate()
and update the code to not bother checking for error codes that can
never happen.

Suggested-by: Alexander Viro &lt;viro@zeniv.linux.org.uk&gt;
Fixes: 609e28bb139e ("pstore: Remove filesystem records when backend is unregistered")
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
---
Cc: "Guilherme G. Piccoli" &lt;gpiccoli@igalia.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc: linux-hardening@vger.kernel.org
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Unloading a modular pstore backend with records in pstorefs would
trigger the dput() double-drop warning:

  WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410

Using the combo of d_drop()/dput() (as mentioned in
Documentation/filesystems/vfs.rst) isn't the right approach here, and
leads to the reference counting problem seen above. Use d_invalidate()
and update the code to not bother checking for error codes that can
never happen.

Suggested-by: Alexander Viro &lt;viro@zeniv.linux.org.uk&gt;
Fixes: 609e28bb139e ("pstore: Remove filesystem records when backend is unregistered")
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
---
Cc: "Guilherme G. Piccoli" &lt;gpiccoli@igalia.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc: linux-hardening@vger.kernel.org
</pre>
</div>
</content>
</entry>
<entry>
<title>pstore: inode: Use cleanup.h for struct pstore_private</title>
<updated>2023-12-08T22:15:44+00:00</updated>
<author>
<name>Kees Cook</name>
<email>keescook@chromium.org</email>
</author>
<published>2023-12-05T18:26:17+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=24a0b5e196cf70ccff97bc0add6fa7178ad50cc4'/>
<id>24a0b5e196cf70ccff97bc0add6fa7178ad50cc4</id>
<content type='text'>
Simplify error path when "private" needs to be freed.

Cc: Guilherme G. Piccoli &lt;gpiccoli@igalia.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc:  &lt;linux-hardening@vger.kernel.org&gt;
Link: https://lore.kernel.org/r/20231205182622.1329923-4-keescook@chromium.org
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Simplify error path when "private" needs to be freed.

Cc: Guilherme G. Piccoli &lt;gpiccoli@igalia.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc:  &lt;linux-hardening@vger.kernel.org&gt;
Link: https://lore.kernel.org/r/20231205182622.1329923-4-keescook@chromium.org
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pstore: inode: Use __free(pstore_iput) for inode allocations</title>
<updated>2023-12-08T22:15:44+00:00</updated>
<author>
<name>Kees Cook</name>
<email>keescook@chromium.org</email>
</author>
<published>2023-12-05T18:26:16+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=b775a054e9dcd4ca20d56367b3d39b3d69e50a46'/>
<id>b775a054e9dcd4ca20d56367b3d39b3d69e50a46</id>
<content type='text'>
Simplify error path for failures where "inode" needs to be freed.

Cc: Guilherme G. Piccoli &lt;gpiccoli@igalia.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc:  &lt;linux-hardening@vger.kernel.org&gt;
Link: https://lore.kernel.org/r/20231205182622.1329923-3-keescook@chromium.org
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Simplify error path for failures where "inode" needs to be freed.

Cc: Guilherme G. Piccoli &lt;gpiccoli@igalia.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc:  &lt;linux-hardening@vger.kernel.org&gt;
Link: https://lore.kernel.org/r/20231205182622.1329923-3-keescook@chromium.org
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pstore: inode: Convert mutex usage to guard(mutex)</title>
<updated>2023-12-08T22:15:44+00:00</updated>
<author>
<name>Kees Cook</name>
<email>keescook@chromium.org</email>
</author>
<published>2023-12-05T18:26:15+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=e2eeddefb046dbc771a6fa426f7f98fb25adfe68'/>
<id>e2eeddefb046dbc771a6fa426f7f98fb25adfe68</id>
<content type='text'>
Replace open-coded mutex handling with cleanup.h guard(mutex) and
scoped_guard(mutex, ...).

Cc: Guilherme G. Piccoli &lt;gpiccoli@igalia.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc:  &lt;linux-hardening@vger.kernel.org&gt;
Link: https://lore.kernel.org/r/20231205182622.1329923-2-keescook@chromium.org
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Replace open-coded mutex handling with cleanup.h guard(mutex) and
scoped_guard(mutex, ...).

Cc: Guilherme G. Piccoli &lt;gpiccoli@igalia.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc:  &lt;linux-hardening@vger.kernel.org&gt;
Link: https://lore.kernel.org/r/20231205182622.1329923-2-keescook@chromium.org
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pstore: inode: Convert kfree() usage to __free(kfree)</title>
<updated>2023-12-08T22:15:44+00:00</updated>
<author>
<name>Kees Cook</name>
<email>keescook@chromium.org</email>
</author>
<published>2023-12-05T18:26:14+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=6ba6ee8a59a8ac673d9a9415bdf1d0a27990dc45'/>
<id>6ba6ee8a59a8ac673d9a9415bdf1d0a27990dc45</id>
<content type='text'>
Mostly as an example to myself, replace a simple allocation pattern with
the automatic kfree cleanup features now exposed by cleanup.h.

Cc: Guilherme G. Piccoli &lt;gpiccoli@igalia.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc:  &lt;linux-hardening@vger.kernel.org&gt;
Link: https://lore.kernel.org/r/20231205182622.1329923-1-keescook@chromium.org
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Mostly as an example to myself, replace a simple allocation pattern with
the automatic kfree cleanup features now exposed by cleanup.h.

Cc: Guilherme G. Piccoli &lt;gpiccoli@igalia.com&gt;
Cc: Tony Luck &lt;tony.luck@intel.com&gt;
Cc:  &lt;linux-hardening@vger.kernel.org&gt;
Link: https://lore.kernel.org/r/20231205182622.1329923-1-keescook@chromium.org
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pstore: ram_core: fix possible overflow in persistent_ram_init_ecc()</title>
<updated>2023-12-08T22:15:00+00:00</updated>
<author>
<name>Sergey Shtylyov</name>
<email>s.shtylyov@omp.ru</email>
</author>
<published>2023-11-05T20:29:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=86222a8fc16ec517de8da2604d904c9df3a08e5d'/>
<id>86222a8fc16ec517de8da2604d904c9df3a08e5d</id>
<content type='text'>
In persistent_ram_init_ecc(), on 64-bit arches DIV_ROUND_UP() will return
64-bit value since persistent_ram_zone::buffer_size has type size_t which
is derived from the 64-bit *unsigned long*, while the ecc_blocks variable
this value gets assigned to has (always 32-bit) *int* type.  Even if that
value fits into *int* type, an overflow is still possible when calculating
the size_t typed ecc_total variable further below since there's no cast to
any 64-bit type before multiplication.  Declaring the ecc_blocks variable
as *size_t* should fix this mess...

Found by Linux Verification Center (linuxtesting.org) with the SVACE static
analysis tool.

Fixes: 9cc05ad97c57 ("staging: android: persistent_ram: refactor ecc support")
Signed-off-by: Sergey Shtylyov &lt;s.shtylyov@omp.ru&gt;
Link: https://lore.kernel.org/r/20231105202936.25694-1-s.shtylyov@omp.ru
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
In persistent_ram_init_ecc(), on 64-bit arches DIV_ROUND_UP() will return
64-bit value since persistent_ram_zone::buffer_size has type size_t which
is derived from the 64-bit *unsigned long*, while the ecc_blocks variable
this value gets assigned to has (always 32-bit) *int* type.  Even if that
value fits into *int* type, an overflow is still possible when calculating
the size_t typed ecc_total variable further below since there's no cast to
any 64-bit type before multiplication.  Declaring the ecc_blocks variable
as *size_t* should fix this mess...

Found by Linux Verification Center (linuxtesting.org) with the SVACE static
analysis tool.

Fixes: 9cc05ad97c57 ("staging: android: persistent_ram: refactor ecc support")
Signed-off-by: Sergey Shtylyov &lt;s.shtylyov@omp.ru&gt;
Link: https://lore.kernel.org/r/20231105202936.25694-1-s.shtylyov@omp.ru
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pstore/ram: Fix crash when setting number of cpus to an odd number</title>
<updated>2023-12-08T22:15:00+00:00</updated>
<author>
<name>Weichen Chen</name>
<email>weichen.chen@mediatek.com</email>
</author>
<published>2023-02-24T02:36:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=d49270a04623ce3c0afddbf3e984cb245aa48e9c'/>
<id>d49270a04623ce3c0afddbf3e984cb245aa48e9c</id>
<content type='text'>
When the number of cpu cores is adjusted to 7 or other odd numbers,
the zone size will become an odd number.
The address of the zone will become:
    addr of zone0 = BASE
    addr of zone1 = BASE + zone_size
    addr of zone2 = BASE + zone_size*2
    ...
The address of zone1/3/5/7 will be mapped to non-alignment va.
Eventually crashes will occur when accessing these va.

So, use ALIGN_DOWN() to make sure the zone size is even
to avoid this bug.

Signed-off-by: Weichen Chen &lt;weichen.chen@mediatek.com&gt;
Reviewed-by: Matthias Brugger &lt;matthias.bgg@gmail.com&gt;
Tested-by: "Guilherme G. Piccoli" &lt;gpiccoli@igalia.com&gt;
Link: https://lore.kernel.org/r/20230224023632.6840-1-weichen.chen@mediatek.com
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
When the number of cpu cores is adjusted to 7 or other odd numbers,
the zone size will become an odd number.
The address of the zone will become:
    addr of zone0 = BASE
    addr of zone1 = BASE + zone_size
    addr of zone2 = BASE + zone_size*2
    ...
The address of zone1/3/5/7 will be mapped to non-alignment va.
Eventually crashes will occur when accessing these va.

So, use ALIGN_DOWN() to make sure the zone size is even
to avoid this bug.

Signed-off-by: Weichen Chen &lt;weichen.chen@mediatek.com&gt;
Reviewed-by: Matthias Brugger &lt;matthias.bgg@gmail.com&gt;
Tested-by: "Guilherme G. Piccoli" &lt;gpiccoli@igalia.com&gt;
Link: https://lore.kernel.org/r/20230224023632.6840-1-weichen.chen@mediatek.com
Signed-off-by: Kees Cook &lt;keescook@chromium.org&gt;
</pre>
</div>
</content>
</entry>
</feed>
