wireguard-linux/lib, branch stable

maple_tree: fix tracepoint string pointers

2025-11-10T05:19:45Z

maple_tree tracepoints contain pointers to function names. Such a pointer is saved when a tracepoint logs an event. There's no guarantee that it's still valid when the event is parsed later and the pointer is dereferenced. The kernel warns about these unsafe pointers. event 'ma_read' has unsafe pointer field 'fn' WARNING: kernel/trace/trace.c:3779 at ignore_event+0x1da/0x1e4 Mark the function names as tracepoint_string() to fix the events. One case that doesn't work without my patch would be trace-cmd record to save the binary ringbuffer and trace-cmd report to parse it in userspace. The address of __func__ can't be dereferenced from userspace but tracepoint_string will add an entry to /sys/kernel/tracing/printk_formats Link: https://lkml.kernel.org/r/20251030155537.87972-1-martin@kaiser.cx Fixes: 54a611b60590 ("Maple Tree: add new data structure") Signed-off-by: Martin Kaiser Acked-by: Liam R. Howlett Cc: Signed-off-by: Andrew Morton

Merge tag 'libcrypto-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux

2025-11-06T20:48:18Z

Pull crypto library fixes from Eric Biggers: "Two Curve25519 related fixes: - Re-enable KASAN support on curve25519-hacl64.c with gcc. - Disable the arm optimized Curve25519 code on CPU_BIG_ENDIAN kernels. It has always been broken in that configuration" * tag 'libcrypto-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux: lib/crypto: arm/curve25519: Disable on CPU_BIG_ENDIAN lib/crypto: curve25519-hacl64: Fix older clang KASAN workaround for GCC

lib/crypto: arm/curve25519: Disable on CPU_BIG_ENDIAN

2025-11-04T17:36:22Z

On big endian arm kernels, the arm optimized Curve25519 code produces incorrect outputs and fails the Curve25519 test. This has been true ever since this code was added. It seems that hardly anyone (or even no one?) actually uses big endian arm kernels. But as long as they're ostensibly supported, we should disable this code on them so that it's not accidentally used. Note: for future-proofing, use !CPU_BIG_ENDIAN instead of CPU_LITTLE_ENDIAN. Both of these are arch-specific options that could get removed in the future if big endian support gets dropped. Fixes: d8f1308a025f ("crypto: arm/curve25519 - wire up NEON implementation") Cc: stable@vger.kernel.org Acked-by: Ard Biesheuvel Link: https://lore.kernel.org/r/20251104054906.716914-1-ebiggers@kernel.org Signed-off-by: Eric Biggers

lib/crypto: curve25519-hacl64: Fix older clang KASAN workaround for GCC

2025-11-04T17:35:58Z

Commit 2f13daee2a72 ("lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older") inadvertently disabled KASAN in curve25519-hacl64.o for GCC unconditionally because clang-min-version will always evaluate to nothing for GCC. Add a check for CONFIG_CC_IS_CLANG to avoid applying the workaround for GCC, which is only needed for clang-17 and older. Cc: stable@vger.kernel.org Fixes: 2f13daee2a72 ("lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older") Signed-off-by: Nathan Chancellor Acked-by: Ard Biesheuvel Link: https://lore.kernel.org/r/20251103-curve25519-hacl64-fix-kasan-workaround-v2-1-ab581cbd8035@kernel.org Signed-off-by: Eric Biggers

Merge tag 'kbuild-fixes-6.18-2' of git://git.kernel.org/pub/scm/linux/kernel/git/kbuild/linux

2025-11-01T17:00:53Z

Pull Kbuild fixes from Nathan Chancellor: - Formally adopt Kconfig in MAINTAINERS - Fix install-extmod-build for more O= paths - Align end of .modinfo to fix Authenticode calculation in EDK2 - Restore dynamic check for '-fsanitize=kernel-memory' in CONFIG_HAVE_KMSAN_COMPILER to ensure backend target has support for it - Initialize locale in menuconfig and nconfig to fix UTF-8 terminals that may not support VT100 ACS by default like PuTTY * tag 'kbuild-fixes-6.18-2' of git://git.kernel.org/pub/scm/linux/kernel/git/kbuild/linux: kconfig/nconf: Initialize the default locale at startup kconfig/mconf: Initialize the default locale at startup KMSAN: Restore dynamic check for '-fsanitize=kernel-memory' kbuild: align modinfo section for Secureboot Authenticode EDK2 compat kbuild: install-extmod-build: Fix when given dir outside the build dir MAINTAINERS: Update Kconfig section

Merge tag 'linux_kselftest-kunit-fixes-6.18-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest

2025-10-31T02:11:27Z

Pull kunit fixes from Shuah Khan: "Fix log overwrite in param_tests and fixes incorrect cast of priv pointer in test_dev_action(). Update email address for Rae Moar in MAINTAINERS KUnit entry" * tag 'linux_kselftest-kunit-fixes-6.18-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: MAINTAINERS: Update KUnit email address for Rae Moar kunit: prevent log overwrite in param_tests kunit: test_dev_action: Correctly cast 'priv' pointer to long*

KMSAN: Restore dynamic check for '-fsanitize=kernel-memory'

2025-10-27T23:22:02Z

Commit 5ff8c11775c7 ("KMSAN: Remove tautological checks") changed CONFIG_HAVE_KMSAN_COMPILER from a dynamic check for '-fsanitize=kernel-memory' to just being true for CONFIG_CC_IS_CLANG. This missed the fact that not all architectures supported '-fsanitize=kernel-memory' at the same time. For example, SystemZ / s390 gained support for KMSAN in clang-18 [1], so builds with clang-15 through clang-17 can select KMSAN but they error with: clang-16: error: unsupported option '-fsanitize=kernel-memory' for target 's390x-unknown-linux-gnu' Restore the cc-option check for '-fsanitize=kernel-memory' to make sure the compiler target properly supports '-fsanitize=kernel-memory'. The check for '-msan-disable-checks=1' does not need to be restored because all supported clang versions for building the kernel support it. Fixes: 5ff8c11775c7 ("KMSAN: Remove tautological checks") Link: https://github.com/llvm/llvm-project/commit/a3e56a8792ffaf3a3d3538736e1042b8db45ab89 [1] Reported-by: kernel test robot Closes: https://lore.kernel.org/r/202510220236.AVuXXCYy-lkp@intel.com/ Acked-by: Nicolas Schier Link: https://patch.msgid.link/20251023-fix-kmsan-check-s390-clang-v1-1-4e6df477a4cc@kernel.org Signed-off-by: Nathan Chancellor

kunit: prevent log overwrite in param_tests

2025-10-27T17:13:31Z

When running parameterized tests, each test case is initialized with kunit_init_test(). This function takes the test_case->log as a parameter but it clears it via string_stream_clear() on each iteration. This results in only the log from the last parameter being preserved in the test_case->log and the results from the previous parameters are lost from the debugfs entry. Fix this by manually setting the param_test.log to the test_case->log after it has been initialized. This prevents kunit_init_test() from clearing the log on each iteration. Link: https://lore.kernel.org/r/20251024190101.2091549-1-cmllamas@google.com Fixes: 4b59300ba4d2 ("kunit: Add parent kunit for parameterized test context") Signed-off-by: Carlos Llamas Reviewed-by: David Gow Signed-off-by: Shuah Khan

lib/crypto: poly1305: Restore dependency of arch code on !KMSAN

2025-10-22T17:52:10Z

Restore the dependency of the architecture-optimized Poly1305 code on !KMSAN. It was dropped by commit b646b782e522 ("lib/crypto: poly1305: Consolidate into single module"). Unlike the other hash algorithms in lib/crypto/ (e.g., SHA-512), the way the architecture-optimized Poly1305 code is integrated results in assembly code initializing memory, for several different architectures. Thus, it generates false positive KMSAN warnings. These could be suppressed with kmsan_unpoison_memory(), but it would be needed in quite a few places. For now let's just restore the dependency on !KMSAN. Note: this should have been caught by running poly1305_kunit with CONFIG_KMSAN=y, which I did. However, due to an unrelated KMSAN bug (https://lore.kernel.org/r/20251022030213.GA35717@sol/), KMSAN currently isn't working reliably. Thus, the warning wasn't noticed until later. Fixes: b646b782e522 ("lib/crypto: poly1305: Consolidate into single module") Reported-by: syzbot+01fcd39a0d90cdb0e3df@syzkaller.appspotmail.com Closes: https://lore.kernel.org/r/68f6a48f.050a0220.91a22.0452.GAE@google.com/ Reported-by: Pei Xiao Closes: https://lore.kernel.org/r/751b3d80293a6f599bb07770afcef24f623c7da0.1761026343.git.xiaopei01@kylinos.cn/ Reviewed-by: Ard Biesheuvel Link: https://lore.kernel.org/r/20251022033405.64761-1-ebiggers@kernel.org Signed-off-by: Eric Biggers

kunit: test_dev_action: Correctly cast 'priv' pointer to long*

2025-10-20T19:08:05Z

The previous implementation incorrectly assumed the original type of 'priv' was void**, leading to an unnecessary and misleading cast. Correct the cast of the 'priv' pointer in test_dev_action() to its actual type, long*, removing an unnecessary cast. As an additional benefit, this fixes an out-of-bounds CHERI fault on hardware with architectural capabilities. The original implementation tried to store a capability-sized pointer using the priv pointer. However, the priv pointer's capability only granted access to the memory region of its original long type, leading to a bounds violation since the size of a long is smaller than the size of a capability. This change ensures that the pointer usage respects the capabilities' bounds. Link: https://lore.kernel.org/r/20251017092814.80022-1-florian.schmaus@codasip.com Fixes: d03c720e03bd ("kunit: Add APIs for managing devices") Reviewed-by: David Gow Signed-off-by: Florian Schmaus Signed-off-by: Shuah Khan