diff options
| author | Kees Cook <[email protected]> | 2018-04-10 16:35:01 -0700 |
|---|---|---|
| committer | Linus Torvalds <[email protected]> | 2018-04-11 10:28:37 -0700 |
| commit | c31dbb146dd44af44bc60780ce8fa7a9f5f746df (patch) | |
| tree | ac3f22913cec3082511ab9143d153ad30975a884 /tools/perf/scripts/python | |
| parent | b83838313386f617d6bd8201be7f5b532059bba1 (diff) | |
exec: pin stack limit during exec
Since the stack rlimit is used in multiple places during exec and it can
be changed via other threads (via setrlimit()) or processes (via
prlimit()), the assumption that the value doesn't change cannot be made.
This leads to races with mm layout selection and argument size
calculations. This changes the exec path to use the rlimit stored in
bprm instead of in current. Before starting the thread, the bprm stack
rlimit is stored back to current.
Link: http://lkml.kernel.org/r/[email protected]
Fixes: 64701dee4178e ("exec: Use sane stack rlimit under secureexec")
Signed-off-by: Kees Cook <[email protected]>
Reported-by: Ben Hutchings <[email protected]>
Reported-by: Andy Lutomirski <[email protected]>
Reported-by: Brad Spengler <[email protected]>
Acked-by: Michal Hocko <[email protected]>
Cc: Ben Hutchings <[email protected]>
Cc: Greg KH <[email protected]>
Cc: Hugh Dickins <[email protected]>
Cc: "Jason A. Donenfeld" <[email protected]>
Cc: Laura Abbott <[email protected]>
Cc: Oleg Nesterov <[email protected]>
Cc: Rik van Riel <[email protected]>
Cc: Willy Tarreau <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Diffstat (limited to 'tools/perf/scripts/python')
0 files changed, 0 insertions, 0 deletions