Re: [PATCH -mm v2] do_notify_parent: sanitize the valid_signal() checks

Next message: Sergey Senozhatsky: "[stable 6.6.y] commit e613904fa419 causes suspend regression"
Previous message: Sarthak Sharma: "Re: [PATCH 2/2] selftests/mm: rewrite gup_test as a standalone harness-based selftest"
In reply to: Andrew Morton: "Re: [PATCH -mm v2] do_notify_parent: sanitize the valid_signal() checks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Oleg Nesterov

Date: Tue May 19 2026 - 00:50:21 EST

On 05/18, Andrew Morton wrote:
>
> On Sun, 17 May 2026 09:05:26 +0200 Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
>
> > On 05/17, Tetsuo Handa wrote:
> > >
> > > On 2026/03/18 4:08, Oleg Nesterov wrote:
> > > > On 03/17, Andrew Morton wrote:
> > > >>
> > > >> On Tue, 17 Mar 2026 14:58:18 +0100 Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
> > > >>
> > > >>> Now that kernel_clone() checks valid_signal(args->exit_signal), the "sig"
> > > >>> argument of do_notify_parent() must always be valid or we have a bug.
> > >
> > > No activity for two months. When is the fix expected to land to upstream?
> > > This bug allows a local unprivileged user to crash panic_on_warn=1 systems
> > > by running below program, and therefore should be fixed before Linux 7.1 is
> > > released.
> >
> > This patch depends on
> >
> > [PATCH v3] kernel/fork: validate exit_signal in kernel_clone()
> > https://lore.kernel.org/all/20260316151956.563558-1-kartikey406@xxxxxxxxx/
> >
> > but it was merged without the patch above.
> >
> > Andrew, that patch is still in mm tree,
> >
> > kernel-fork-validate-exit_signal-in-kernel_clone.patch
> >
> > could you merge it as well?
>
> Thanks, I moved the below out of the 7.2-rc1 queue and into the 7.1-rcX
> queue.

Thank you!

> Should this have cc:stable?

No, without my patch the change from Deepanshu is not strictly needed.

Oleg.