[PATCH v5 2/7] mm, kasan: SLAB support
Add KASAN hooks to SLAB allocator. This patch is based on the "mm: kasan: unified support for SLUB and SLAB allocators" patch originally prepared by
View Article[PATCH v5 3/7] mm, kasan: Added GFP flags to KASAN API
Add GFP flags to KASAN hooks for future patches to use. This patch is based on the "mm: kasan: unified support for SLUB and SLAB allocators" patch or
View Article[PATCH v5 4/7] arch, ftrace: For KASAN put hard/soft IRQ entries into...
KASAN needs to know whether the allocation happens in an IRQ handler. This lets us strip everything below the IRQ entry point to reduce the number of
View Article[PATCH v5 5/7] mm, kasan: Stackdepot implementation. Enable stackdepot for SLAB
Implement the stack depot and provide CONFIG_STACKDEPOT. Stack depot will allow KASAN store allocation/deallocation stack traces for memory chunks. Th
View Article[PATCH v5 6/7] kasan: Test fix: Warn if the UAF could not be detected in...
Signed-off-by: Alexander Potapenko <glider@google.com> Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com> --- lib/test_kasan.c | 2 ++ 1 file change
View Article[PATCH v5 7/7] mm: kasan: Initial memory quarantine implementation
Quarantine isolates freed objects in a separate queue. The objects are returned to the allocator later, which helps to detect use-after-free errors.
View Article[PATCH v5 0/7] SLAB support for KASAN
This patch set implements SLAB support for KASAN Unlike SLUB, SLAB doesn't store allocation/deallocation stacks for heap objects, therefore we reimpl
View Article[RFC PATCH 00/12] KEYS: Restrict additions to 'trusted' keyrings...
Here's a set of patches that changes how certificates/keys are determined to be trusted. That's currently a two-step process: (1) Up until recently
View Article[RFC PATCH 01/12] KEYS: Generalise system_verify_data() to provide access to...
Generalise system_verify_data() to provide access to internal content through a callback. This allows all the PKCS#7 stuff to be hidden inside this f
View Article[RFC PATCH 02/12] PKCS#7: Make trust determination dependent on contents of...
Make the determination of the trustworthiness of a key dependent on whether a key that can verify it is present in the supplied ring of trusted keys r
View Article[RFC PATCH 03/12] KEYS: Add a facility to restrict new links into a keyring...
Add a facility whereby proposed new links to be added to a keyring can be vetted, permitting them to be rejected if necessary. This can be used to bl
View Article[RFC PATCH 04/12] KEYS: Move x509_request_asymmetric_key() to...
Move x509_request_asymmetric_key() to asymmetric_type.c so that it can be generalised. Signed-off-by: David Howells <dhowells@redhat.com> --- crypt
View Article[RFC PATCH 05/12] KEYS: Generalise x509_request_asymmetric_key() [ver #3]
Generalise x509_request_asymmetric_key(). It doesn't really have any dependencies on X.509 features as it uses generalised IDs and the public_key str
View Article[RFC PATCH 06/12] X.509: Use verify_signature() if we have a struct key * to...
We should call verify_signature() rather than directly calling public_key_verify_signature() if we have a struct key to use as we shouldn't be poking
View Article[RFC PATCH 07/12] X.509: Move the trust validation code out to its own file...
Move the X.509 trust validation code out to its own file so that it can be generalised. Signed-off-by: David Howells <dhowells@redhat.com> --- cryp
View Article[RFC PATCH 08/12] KEYS: Make the system trusted keyring depend on the...
Make the system trusted keyring depend on the asymmetric key type as there's not a lot of point having it if you can't then load asymmetric keys onto
View Article[RFC PATCH 09/12] KEYS: Move the point of trust determination to __key_link()...
Move the point at which a key is determined to be trustworthy to __key_link() so that we use the contents of the keyring being linked in to to determi
View Article[RFC PATCH 10/12] KEYS: Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTED [ver #3]
Remove KEY_FLAG_TRUSTED and KEY_ALLOC_TRUSTED as they're no longer meaningful. Also we can drop the trusted flag from the preparse structure. Given
View Article[RFC PATCH 11/12] certs: Add a secondary system keyring that can be added to...
Add a secondary system keyring that can be added to by root whilst the system is running - provided the key being added is vouched for by a key built
View Article[RFC PATCH 12/12] IMA: Use the the system trusted keyrings instead of...
Provide a config option (IMA_PERMIT_ADD_TO_IMA_KEYRINGS) that, when enabled, allows keys to be added to the IMA keyrings by userspace - with the restr
View Article
