While many large subsystems related to kernel hardening have their own
distinct MAINTAINERS entries, there are some smaller collections that
don't, but are maintained/reviewed by [email protected].
Add a section to capture these, add (or replace defunct) trees that are
now all carried in the hardening tree.
Signed-off-by: Kees Cook <[email protected]>
---
MAINTAINERS | 21 +++++++++++++++++----
1 file changed, 17 insertions(+), 4 deletions(-)
diff --git a/MAINTAINERS b/MAINTAINERS
index 3cf9842d9233..2702b29e922f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -4873,7 +4873,7 @@ R: Nick Desaulniers <[email protected]>
L: [email protected]
S: Supported
B: https://github.com/ClangBuiltLinux/linux/issues
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/clang/features
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
F: include/linux/cfi.h
F: kernel/cfi.c
@@ -7783,6 +7783,7 @@ FORTIFY_SOURCE
M: Kees Cook <[email protected]>
L: [email protected]
S: Supported
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
F: include/linux/fortify-string.h
F: lib/test_fortify/*
F: scripts/test_fortify.sh
@@ -8225,6 +8226,7 @@ GCC PLUGINS
M: Kees Cook <[email protected]>
L: [email protected]
S: Maintained
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
F: Documentation/kbuild/gcc-plugins.rst
F: scripts/Makefile.gcc-plugins
F: scripts/gcc-plugins/
@@ -10742,6 +10744,17 @@ F: scripts/mk*
F: scripts/mod/
F: scripts/package/
+KERNEL HARDENING (not covered by other areas)
+M: Kees Cook <[email protected]>
+L: [email protected]
+S: Supported
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
+F: include/linux/overflow.h
+F: include/linux/randomize_kstack.h
+F: mm/usercopy.c
+K: \b(add|choose)_random_kstack_offset\b
+K: \b__check_(object_size|heap_object)\b
+
KERNEL JANITORS
L: [email protected]
S: Odd Fixes
@@ -11542,7 +11555,7 @@ F: drivers/media/usb/dvb-usb-v2/lmedm04*
LOADPIN SECURITY MODULE
M: Kees Cook <[email protected]>
S: Supported
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git lsm/loadpin
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
F: Documentation/admin-guide/LSM/LoadPin.rst
F: security/loadpin/
@@ -17857,7 +17870,7 @@ M: Kees Cook <[email protected]>
R: Andy Lutomirski <[email protected]>
R: Will Drewry <[email protected]>
S: Supported
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git seccomp
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/seccomp
F: Documentation/userspace-api/seccomp_filter.rst
F: include/linux/seccomp.h
F: include/uapi/linux/seccomp.h
@@ -21993,7 +22006,7 @@ F: include/linux/yam.h
YAMA SECURITY MODULE
M: Kees Cook <[email protected]>
S: Supported
-T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git yama/tip
+T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
F: Documentation/admin-guide/LSM/Yama.rst
F: security/yama/
--
2.32.0
On Fri, Jul 01, 2022 at 05:46:38PM -0700, Kees Cook wrote:
> While many large subsystems related to kernel hardening have their own
> distinct MAINTAINERS entries, there are some smaller collections that
> don't, but are maintained/reviewed by [email protected].
> Add a section to capture these, add (or replace defunct) trees that are
> now all carried in the hardening tree.
>
> Signed-off-by: Kees Cook <[email protected]>
Acked-by: Nathan Chancellor <[email protected]>
> ---
> MAINTAINERS | 21 +++++++++++++++++----
> 1 file changed, 17 insertions(+), 4 deletions(-)
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 3cf9842d9233..2702b29e922f 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -4873,7 +4873,7 @@ R: Nick Desaulniers <[email protected]>
> L: [email protected]
> S: Supported
> B: https://github.com/ClangBuiltLinux/linux/issues
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/clang/features
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: include/linux/cfi.h
> F: kernel/cfi.c
>
> @@ -7783,6 +7783,7 @@ FORTIFY_SOURCE
> M: Kees Cook <[email protected]>
> L: [email protected]
> S: Supported
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: include/linux/fortify-string.h
> F: lib/test_fortify/*
> F: scripts/test_fortify.sh
> @@ -8225,6 +8226,7 @@ GCC PLUGINS
> M: Kees Cook <[email protected]>
> L: [email protected]
> S: Maintained
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/kbuild/gcc-plugins.rst
> F: scripts/Makefile.gcc-plugins
> F: scripts/gcc-plugins/
> @@ -10742,6 +10744,17 @@ F: scripts/mk*
> F: scripts/mod/
> F: scripts/package/
>
> +KERNEL HARDENING (not covered by other areas)
> +M: Kees Cook <[email protected]>
> +L: [email protected]
> +S: Supported
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> +F: include/linux/overflow.h
> +F: include/linux/randomize_kstack.h
> +F: mm/usercopy.c
> +K: \b(add|choose)_random_kstack_offset\b
> +K: \b__check_(object_size|heap_object)\b
> +
> KERNEL JANITORS
> L: [email protected]
> S: Odd Fixes
> @@ -11542,7 +11555,7 @@ F: drivers/media/usb/dvb-usb-v2/lmedm04*
> LOADPIN SECURITY MODULE
> M: Kees Cook <[email protected]>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git lsm/loadpin
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/admin-guide/LSM/LoadPin.rst
> F: security/loadpin/
>
> @@ -17857,7 +17870,7 @@ M: Kees Cook <[email protected]>
> R: Andy Lutomirski <[email protected]>
> R: Will Drewry <[email protected]>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git seccomp
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/seccomp
> F: Documentation/userspace-api/seccomp_filter.rst
> F: include/linux/seccomp.h
> F: include/uapi/linux/seccomp.h
> @@ -21993,7 +22006,7 @@ F: include/linux/yam.h
> YAMA SECURITY MODULE
> M: Kees Cook <[email protected]>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git yama/tip
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/admin-guide/LSM/Yama.rst
> F: security/yama/
>
> --
> 2.32.0
>
On Fri, Jul 01, 2022 at 05:46:38PM -0700, Kees Cook wrote:
> While many large subsystems related to kernel hardening have their own
> distinct MAINTAINERS entries, there are some smaller collections that
> don't, but are maintained/reviewed by [email protected].
> Add a section to capture these, add (or replace defunct) trees that are
> now all carried in the hardening tree.
>
> Signed-off-by: Kees Cook <[email protected]>
Acked-by: Gustavo A. R. Silva <[email protected]>
Thanks
--
Gustavo
> ---
> MAINTAINERS | 21 +++++++++++++++++----
> 1 file changed, 17 insertions(+), 4 deletions(-)
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 3cf9842d9233..2702b29e922f 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -4873,7 +4873,7 @@ R: Nick Desaulniers <[email protected]>
> L: [email protected]
> S: Supported
> B: https://github.com/ClangBuiltLinux/linux/issues
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/clang/features
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: include/linux/cfi.h
> F: kernel/cfi.c
>
> @@ -7783,6 +7783,7 @@ FORTIFY_SOURCE
> M: Kees Cook <[email protected]>
> L: [email protected]
> S: Supported
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: include/linux/fortify-string.h
> F: lib/test_fortify/*
> F: scripts/test_fortify.sh
> @@ -8225,6 +8226,7 @@ GCC PLUGINS
> M: Kees Cook <[email protected]>
> L: [email protected]
> S: Maintained
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/kbuild/gcc-plugins.rst
> F: scripts/Makefile.gcc-plugins
> F: scripts/gcc-plugins/
> @@ -10742,6 +10744,17 @@ F: scripts/mk*
> F: scripts/mod/
> F: scripts/package/
>
> +KERNEL HARDENING (not covered by other areas)
> +M: Kees Cook <[email protected]>
> +L: [email protected]
> +S: Supported
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> +F: include/linux/overflow.h
> +F: include/linux/randomize_kstack.h
> +F: mm/usercopy.c
> +K: \b(add|choose)_random_kstack_offset\b
> +K: \b__check_(object_size|heap_object)\b
> +
> KERNEL JANITORS
> L: [email protected]
> S: Odd Fixes
> @@ -11542,7 +11555,7 @@ F: drivers/media/usb/dvb-usb-v2/lmedm04*
> LOADPIN SECURITY MODULE
> M: Kees Cook <[email protected]>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git lsm/loadpin
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/admin-guide/LSM/LoadPin.rst
> F: security/loadpin/
>
> @@ -17857,7 +17870,7 @@ M: Kees Cook <[email protected]>
> R: Andy Lutomirski <[email protected]>
> R: Will Drewry <[email protected]>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git seccomp
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/seccomp
> F: Documentation/userspace-api/seccomp_filter.rst
> F: include/linux/seccomp.h
> F: include/uapi/linux/seccomp.h
> @@ -21993,7 +22006,7 @@ F: include/linux/yam.h
> YAMA SECURITY MODULE
> M: Kees Cook <[email protected]>
> S: Supported
> -T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git yama/tip
> +T: git git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> F: Documentation/admin-guide/LSM/Yama.rst
> F: security/yama/
>
> --
> 2.32.0
>