| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 18 Apr 2020 13:09:49 +0200
From: Christian Brauner <christian.brauner@...ntu.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] thread fixes for v5.7-rc2
Hey Linus,
/* Summary */
This contains a few fixes and minor improvements:
- Correctly validate the cgroup file descriptor when clone3() is used
with CLONE_INTO_CGROUP.
- Check that a new enough version of struct clone_args is passed which
supports the cgroup file descriptor argument when CLONE_INTO_CGROUP is
set in the flags argument.
- Catch nonsensical struct clone_args layouts at build time.
- Catch extensions of struct clone_args without updating the uapi visible
size definitions at build time.
- Check whether the signal is valid early in kill_pid_usb_asyncio()
before doing further work.
- Replace open-coded rcu_read_lock()+kill_pid_info()+rcu_read_unlock()
sequence in kill_something_info() with kill_proc_info() which is a
dedicated helper to do just that.
/* Testing */
All patches have seen exposure in linux-next and are based on v5.7-rc1.
No regressions or build warning have been reported to me and I haven't seen
any new ones in my own build with gcc 7.5.0.
/* Conflicts */
At the time of creating this PR no merge conflicts were reported from
linux-next.
The following changes since commit 8f3d9f354286745c751374f5f1fcafee6b3f3136:
Linux 5.7-rc1 (2020-04-12 12:35:55 -0700)
are available in the Git repository at:
git@...olite.kernel.org:pub/scm/linux/kernel/git/brauner/linux tags/for-linus-2020-04-18
for you to fetch changes up to a966dcfe153ab0a3d8d79cd971a079411a489be7:
clone3: add build-time CLONE_ARGS_SIZE_VER* validity checks (2020-04-15 09:56:32 +0200)
Please consider pulling these changes from the signed for-linus-2020-04-18 tag.
(Btw, about two weeks ago chatting with Konstantin we realized that my gpg
hadn't been up-to-date in
https://git.kernel.org/pub/scm/docs/kernel/pgpkeys.git. Unlikely that this
would've affected you but just in case it did it's now fixed.
And last, after having played with Konstantin's b4 attestation feature for
some patchsets I've sent out I've also used it for this pr here. So if you
wanted to try you could use b4 on this thing to get the new shiny.)
Thanks!
Christian
----------------------------------------------------------------
for-linus-2020-04-18
----------------------------------------------------------------
Eugene Syromiatnikov (3):
clone3: fix cgroup argument sanity check
clone3: add a check for the user struct size if CLONE_INTO_CGROUP is set
clone3: add build-time CLONE_ARGS_SIZE_VER* validity checks
Zhiqiang Liu (2):
signal: check sig before setting info in kill_pid_usb_asyncio
signal: use kill_proc_info instead of kill_pid_info in kill_something_info
kernel/fork.c | 11 ++++++++++-
kernel/signal.c | 14 +++++---------
2 files changed, 15 insertions(+), 10 deletions(-)
Powered by blists - more mailing lists