diff options
author | Kees Cook <keescook@chromium.org> | 2017-11-30 03:10:51 +0300 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-11-30 05:40:42 +0300 |
commit | 04e35f4495dd560db30c25efca4eecae8ec8c375 (patch) | |
tree | 62d890cff810621d1143f601df6181384fb87a86 /net/ipv4/fib_lookup.h | |
parent | 5f1d43de54164dcfb9bfa542fcc92c1e1a1b6c1d (diff) | |
download | linux-04e35f4495dd560db30c25efca4eecae8ec8c375.tar.xz |
exec: avoid RLIMIT_STACK races with prlimit()
While the defense-in-depth RLIMIT_STACK limit on setuid processes was
protected against races from other threads calling setrlimit(), I missed
protecting it against races from external processes calling prlimit().
This adds locking around the change and makes sure that rlim_max is set
too.
Link: http://lkml.kernel.org/r/20171127193457.GA11348@beast
Fixes: 64701dee4178e ("exec: Use sane stack rlimit under secureexec")
Signed-off-by: Kees Cook <keescook@chromium.org>
Reported-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Reported-by: Brad Spengler <spender@grsecurity.net>
Acked-by: Serge Hallyn <serge@hallyn.com>
Cc: James Morris <james.l.morris@oracle.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Jiri Slaby <jslaby@suse.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'net/ipv4/fib_lookup.h')
0 files changed, 0 insertions, 0 deletions