Re: [PATCH v4 00/15] exec: Use sane stack rlimit under secureexec
From: Kees Cook
Date: Tue Aug 01 2017 - 11:05:02 EST
On Mon, Jul 31, 2017 at 10:11 PM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> On Mon, Jul 31, 2017 at 8:03 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>>
>> Yeah, I'm open to whatever. It's not clear where it should go, but if
>> you want to take it and Linus doesn't want it "early", that works for
>> me. Linus, Andrew, thoughts?
>
> I'd actually like this to go in separately from all the other security stuff.
>
> And I just checked this on a separate branch, just because I wanted to
> see what the overall diff was. There's a conflict with apparmor
> already - the resolution looks fairly straightforward, but considering
> the area this touches, it would probably be good that Kees keeps this
> branch and verifies things like that.
Do you want me to carry this for -next and send it as a distinct pull
request for v4.14?
-Kees
--
Kees Cook
Pixel Security