5.15-stable patches

added patches:
	hardening-avoid-harmless-clang-option-under-config_init_stack_all_zero.patch
	hardening-remove-clang-s-enable-flag-for-ftrivial-auto-var-init-zero.patch

diff --git a/queue-5.15/hardening-avoid-harmless-clang-option-under-config_init_stack_all_zero.patch b/queue-5.15/hardening-avoid-harmless-clang-option-under-config_init_stack_all_zero.patch
new file mode 100644 (file)
index 0000000..1ee06b1
--- /dev/null
+++ b/queue-5.15/hardening-avoid-harmless-clang-option-under-config_init_stack_all_zero.patch
@@ -0,0 +1,77 @@
+From foo@baz Sun Oct 16 03:03:07 PM CEST 2022
+From: Kees Cook <keescook@chromium.org>
+Date: Tue, 14 Sep 2021 12:49:03 -0700
+Subject: hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO
+
+From: Kees Cook <keescook@chromium.org>
+
+commit f02003c860d921171be4a27e2893766eb3bc6871 upstream.
+
+Currently under Clang, CC_HAS_AUTO_VAR_INIT_ZERO requires an extra
+-enable flag compared to CC_HAS_AUTO_VAR_INIT_PATTERN. GCC 12[1] will
+not, and will happily ignore the Clang-specific flag. However, its
+presence on the command-line is both cumbersome and confusing. Due to
+GCC's tolerant behavior, though, we can continue to use a single Kconfig
+cc-option test for the feature on both compilers, but then drop the
+Clang-specific option in the Makefile.
+
+In other words, this patch does not change anything other than making the
+compiler command line shorter once GCC supports -ftrivial-auto-var-init=zero.
+
+[1] https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=a25e0b5e6ac8a77a71c229e0a7b744603365b0e9
+
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Masahiro Yamada <masahiroy@kernel.org>
+Cc: llvm@lists.linux.dev
+Fixes: dcb7c0b9461c ("hardening: Clarify Kconfig text for auto-var-init")
+Suggested-by: Will Deacon <will@kernel.org>
+Link: https://lore.kernel.org/lkml/20210914102837.6172-1-will@kernel.org/
+Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
+Reviewed-by: Nathan Chancellor <nathan@kernel.org>
+Acked-by: Will Deacon <will@kernel.org>
+Signed-off-by: Kees Cook <keescook@chromium.org>
+Signed-off-by: Nathan Chancellor <nathan@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ Makefile                   |    6 +++---
+ security/Kconfig.hardening |    5 ++++-
+ 2 files changed, 7 insertions(+), 4 deletions(-)
+
+--- a/Makefile
++++ b/Makefile
+@@ -844,12 +844,12 @@ endif
+ 
+ # Initialize all stack variables with a zero value.
+ ifdef CONFIG_INIT_STACK_ALL_ZERO
+-# Future support for zero initialization is still being debated, see
+-# https://bugs.llvm.org/show_bug.cgi?id=45497. These flags are subject to being
+-# renamed or dropped.
+ KBUILD_CFLAGS += -ftrivial-auto-var-init=zero
++ifdef CONFIG_CC_IS_CLANG
++# https://bugs.llvm.org/show_bug.cgi?id=45497
+ KBUILD_CFLAGS += -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
+ endif
++endif
+ 
+ # While VLAs have been removed, GCC produces unreachable stack probes
+ # for the randomize_kstack_offset feature. Disable it for all compilers.
+--- a/security/Kconfig.hardening
++++ b/security/Kconfig.hardening
+@@ -23,13 +23,16 @@ config CC_HAS_AUTO_VAR_INIT_PATTERN
+       def_bool $(cc-option,-ftrivial-auto-var-init=pattern)
+ 
+ config CC_HAS_AUTO_VAR_INIT_ZERO
++      # GCC ignores the -enable flag, so we can test for the feature with
++      # a single invocation using the flag, but drop it as appropriate in
++      # the Makefile, depending on the presence of Clang.
+       def_bool $(cc-option,-ftrivial-auto-var-init=zero -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang)
+ 
+ choice
+       prompt "Initialize kernel stack variables at function entry"
+       default GCC_PLUGIN_STRUCTLEAK_BYREF_ALL if COMPILE_TEST && GCC_PLUGINS
+       default INIT_STACK_ALL_PATTERN if COMPILE_TEST && CC_HAS_AUTO_VAR_INIT_PATTERN
+-      default INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_PATTERN
++      default INIT_STACK_ALL_ZERO if CC_HAS_AUTO_VAR_INIT_ZERO
+       default INIT_STACK_NONE
+       help
+         This option enables initialization of stack variables at

diff --git a/queue-5.15/hardening-remove-clang-s-enable-flag-for-ftrivial-auto-var-init-zero.patch b/queue-5.15/hardening-remove-clang-s-enable-flag-for-ftrivial-auto-var-init-zero.patch
new file mode 100644 (file)
index 0000000..19fbab8
--- /dev/null
+++ b/queue-5.15/hardening-remove-clang-s-enable-flag-for-ftrivial-auto-var-init-zero.patch
@@ -0,0 +1,67 @@
+From foo@baz Sun Oct 16 03:03:07 PM CEST 2022
+From: Kees Cook <keescook@chromium.org>
+Date: Thu, 29 Sep 2022 22:57:43 -0700
+Subject: hardening: Remove Clang's enable flag for -ftrivial-auto-var-init=zero
+
+From: Kees Cook <keescook@chromium.org>
+
+commit 607e57c6c62c00965ae276902c166834ce73014a upstream.
+
+Now that Clang's -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
+option is no longer required, remove it from the command line. Clang 16
+and later will warn when it is used, which will cause Kconfig to think
+it can't use -ftrivial-auto-var-init=zero at all. Check for whether it
+is required and only use it when so.
+
+Cc: Nathan Chancellor <nathan@kernel.org>
+Cc: Masahiro Yamada <masahiroy@kernel.org>
+Cc: Nick Desaulniers <ndesaulniers@google.com>
+Cc: linux-kbuild@vger.kernel.org
+Cc: llvm@lists.linux.dev
+Cc: stable@vger.kernel.org
+Fixes: f02003c860d9 ("hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO")
+Signed-off-by: Kees Cook <keescook@chromium.org>
+Signed-off-by: Nathan Chancellor <nathan@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ Makefile                   |    4 ++--
+ security/Kconfig.hardening |   14 ++++++++++----
+ 2 files changed, 12 insertions(+), 6 deletions(-)
+
+--- a/Makefile
++++ b/Makefile
+@@ -845,8 +845,8 @@ endif
+ # Initialize all stack variables with a zero value.
+ ifdef CONFIG_INIT_STACK_ALL_ZERO
+ KBUILD_CFLAGS += -ftrivial-auto-var-init=zero
+-ifdef CONFIG_CC_IS_CLANG
+-# https://bugs.llvm.org/show_bug.cgi?id=45497
++ifdef CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO_ENABLER
++# https://github.com/llvm/llvm-project/issues/44842
+ KBUILD_CFLAGS += -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
+ endif
+ endif
+--- a/security/Kconfig.hardening
++++ b/security/Kconfig.hardening
+@@ -22,11 +22,17 @@ menu "Memory initialization"
+ config CC_HAS_AUTO_VAR_INIT_PATTERN
+       def_bool $(cc-option,-ftrivial-auto-var-init=pattern)
+ 
+-config CC_HAS_AUTO_VAR_INIT_ZERO
+-      # GCC ignores the -enable flag, so we can test for the feature with
+-      # a single invocation using the flag, but drop it as appropriate in
+-      # the Makefile, depending on the presence of Clang.
++config CC_HAS_AUTO_VAR_INIT_ZERO_BARE
++      def_bool $(cc-option,-ftrivial-auto-var-init=zero)
++
++config CC_HAS_AUTO_VAR_INIT_ZERO_ENABLER
++      # Clang 16 and later warn about using the -enable flag, but it
++      # is required before then.
+       def_bool $(cc-option,-ftrivial-auto-var-init=zero -enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang)
++      depends on !CC_HAS_AUTO_VAR_INIT_ZERO_BARE
++
++config CC_HAS_AUTO_VAR_INIT_ZERO
++      def_bool CC_HAS_AUTO_VAR_INIT_ZERO_BARE || CC_HAS_AUTO_VAR_INIT_ZERO_ENABLER
+ 
+ choice
+       prompt "Initialize kernel stack variables at function entry"

diff --git a/queue-5.15/series b/queue-5.15/series
index c6307147b75632d822b853248537b7ab458b1267..741dec37996f67e3ba29643c3faaa322c251028b 100644 (file)
--- a/queue-5.15/series
+++ b/queue-5.15/series
@@ -83,3 +83,5 @@ f2fs-flush-pending-checkpoints-when-freezing-super.patch
 f2fs-increase-the-limit-for-reserve_root.patch
 f2fs-fix-to-do-sanity-check-on-destination-blkaddr-during-recovery.patch
 f2fs-fix-to-do-sanity-check-on-summary-info.patch
+hardening-avoid-harmless-clang-option-under-config_init_stack_all_zero.patch
+hardening-remove-clang-s-enable-flag-for-ftrivial-auto-var-init-zero.patch