Alexander Potapenko 42eaa27d9e security: kmsan: fix interoperability with auto-initialization ... Heap and stack initialization is great, but not when we are trying uses of uninitialized memory. When the kernel is built with KMSAN, having kernel memory initialization enabled may introduce false negatives. We disable CONFIG_INIT_STACK_ALL_PATTERN and CONFIG_INIT_STACK_ALL_ZERO under CONFIG_KMSAN, making it impossible to auto-initialize stack variables in KMSAN builds. We also disable CONFIG_INIT_ON_ALLOC_DEFAULT_ON and CONFIG_INIT_ON_FREE_DEFAULT_ON to prevent accidental use of heap auto-initialization. We however still let the users enable heap auto-initialization at boot-time (by setting init_on_alloc=1 or init_on_free=1), in which case a warning is printed. Link: https://lkml.kernel.org/r/20220915150417.722975-31-glider@google.com Signed-off-by: Alexander Potapenko <glider@google.com> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Cc: Alexei Starovoitov <ast@kernel.org> Cc: Andrey Konovalov <andreyknvl@gmail.com> Cc: Andrey Konovalov <andreyknvl@google.com> Cc: Andy Lutomirski <luto@kernel.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Borislav Petkov <bp@alien8.de> Cc: Christoph Hellwig <hch@lst.de> Cc: Christoph Lameter <cl@linux.com> Cc: David Rientjes <rientjes@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Eric Biggers <ebiggers@google.com> Cc: Eric Biggers <ebiggers@kernel.org> Cc: Eric Dumazet <edumazet@google.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Ilya Leoshkevich <iii@linux.ibm.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Jens Axboe <axboe@kernel.dk> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Kees Cook <keescook@chromium.org> Cc: Marco Elver <elver@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Petr Mladek <pmladek@suse.com> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Cc: Steven Rostedt <rostedt@goodmis.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Vasily Gorbik <gor@linux.ibm.com> Cc: Vegard Nossum <vegard.nossum@oracle.com> Cc: Vlastimil Babka <vbabka@suse.cz> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>		2022-10-03 14:03:23 -07:00
..
apparmor	apparmor: correct config reference to intended one	2022-07-20 13:22:19 -07:00
bpf	bpf: Implement task local storage	2020-11-06 08:08:37 -08:00
integrity	integrity-v6.0	2022-08-02 15:21:18 -07:00
keys	KEYS: trusted: tpm2: Fix migratable logic	2022-06-08 14:12:13 +03:00
landlock	landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER	2022-05-23 13:27:59 +02:00
loadpin	LoadPin: Return EFAULT on copy_from_user() failures	2022-08-16 12:17:18 -07:00
lockdown	Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security	2020-06-02 17:36:24 -07:00
safesetid	LSM: SafeSetID: Add setgroups() security policy handling	2022-07-15 18:24:42 +00:00
selinux	selinux/stable-6.0 PR 20220801	2022-08-02 14:51:47 -07:00
smack	smack: Remove the redundant lsm_inode_alloc	2022-08-01 11:26:09 -07:00
tomoyo	LSM: Remove double path_rename hook calls for RENAME_EXCHANGE	2022-05-23 13:27:58 +02:00
yama	task_work: cleanup notification modes	2020-10-17 15:05:30 -06:00
commoncap.c	fs: support mapped mounts of mapped filesystems	2021-12-05 10:28:57 +01:00
device_cgroup.c	bpf: Make BPF_PROG_RUN_ARRAY return -err instead of allow boolean	2022-01-19 12:51:30 -08:00
inode.c
Kconfig	x86/retbleed: Add fine grained Kconfig knobs	2022-06-29 17:43:41 +02:00
Kconfig.hardening	security: kmsan: fix interoperability with auto-initialization	2022-10-03 14:03:23 -07:00
lsm_audit.c	selinux: log anon inode class name	2022-05-03 16:09:03 -04:00
Makefile	security: remove unneeded subdir-$(CONFIG_...)	2021-09-03 08:17:20 +09:00
min_addr.c	sysctl: pass kernel pointers to ->proc_handler	2020-04-27 02:07:40 -04:00
security.c	SafeSetID changes for Linux 6.0	2022-08-02 15:12:13 -07:00