| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Jul 2016 18:42:33 +0200 From: Oleg Nesterov <oleg@...hat.com> To: Stanislav Kinsburskiy <skinsbursky@...tuozzo.com> Cc: peterz@...radead.org, mingo@...hat.com, mhocko@...e.com, keescook@...omium.org, linux-kernel@...r.kernel.org, mguzik@...hat.com, bsegall@...gle.com, john.stultz@...aro.org, ebiederm@...ssion.com, gorcunov@...nvz.org, matthltc@...ibm.com, akpm@...ux-foundation.org, luto@...capital.net, vbabka@...e.cz, xemul@...tuozzo.com Subject: Re: [PATCH] prctl: remove one-shot limitation for changing exe link On 07/12, Stanislav Kinsburskiy wrote: > > --- a/kernel/sys.c > +++ b/kernel/sys.c > @@ -1696,16 +1696,6 @@ static int prctl_set_mm_exe_file(struct mm_struct *mm, unsigned int fd) > fput(exe_file); > } > > - /* > - * The symlink can be changed only once, just to disallow arbitrary > - * transitions malicious software might bring in. This means one > - * could make a snapshot over all processes running and monitor > - * /proc/pid/exe changes to notice unusual activity if needed. > - */ > - err = -EPERM; > - if (test_and_set_bit(MMF_EXE_FILE_CHANGED, &mm->flags)) > - goto exit; > - I didn't even try to read the changelog so I do not know why do you want this change ;) But I would like to ack it in any case. I never understood why do we want/need this MMF_EXE_FILE_CHANGED check, I suggested to remove it many times. And can't resist, please note the xchg() below. Currently (before this patch) we do not need it. I was specially added to ensure that we can just remove this test_and_set_bit(MMF_EXE_FILE_CHANGED) without adding a race. Acked-by: Oleg Nesterov <oleg@...hat.com>
Powered by blists - more mailing lists