Re: [kernel-hardening] Re: [PATCH 0/3] exec: Pin stack limit during exec

From: Kees Cook
Date: Sat Jan 20 2018 - 20:22:25 EST

Next message: Linus Torvalds: "Re: [PATCH] x86: Use __nostackprotect for sme_encrypt_kernel"
Previous message: Laura Abbott: "[PATCH] x86: Use __nostackprotect for sme_encrypt_kernel"
In reply to: David Windsor: "Re: [kernel-hardening] Re: [PATCH 0/3] exec: Pin stack limit during exec"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jan 19, 2018 at 5:12 PM, David Windsor <dave@xxxxxxxxxxxx> wrote:
> I have some spare cycles; is there any more relevant information outside of this thread?

Awesome, thanks! Context is in the other commits, but mainly I want to
double-check that nothing breaks with these changes, and that all the
races for changing stack rlimits during exec are fixed. And then, just
a sanity-check that the design approach to attaching the stack limit
to the bprm isn't crazy. :)

-Kees

>>> [1] 04e35f4495dd ("exec: avoid RLIMIT_STACK races with prlimit()")
>>> [2] 779f4e1c6c7c ("Revert "exec: avoid RLIMIT_STACK races with prlimit()"")
>>> [3] to security@xxxxxxxxxx, "Subject: existing rlimit races?"

--
Kees Cook
Pixel Security

Next message: Linus Torvalds: "Re: [PATCH] x86: Use __nostackprotect for sme_encrypt_kernel"
Previous message: Laura Abbott: "[PATCH] x86: Use __nostackprotect for sme_encrypt_kernel"
In reply to: David Windsor: "Re: [kernel-hardening] Re: [PATCH 0/3] exec: Pin stack limit during exec"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]