lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200418110945.1518581-1-christian.brauner@ubuntu.com>
Date:   Sat, 18 Apr 2020 13:09:49 +0200
From:   Christian Brauner <christian.brauner@...ntu.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: [GIT PULL] thread fixes for v5.7-rc2

Hey Linus,

/* Summary */
This contains a few fixes and minor improvements:
- Correctly validate the cgroup file descriptor when clone3() is used
  with CLONE_INTO_CGROUP.

- Check that a new enough version of struct clone_args is passed which
  supports the cgroup file descriptor argument when CLONE_INTO_CGROUP is
  set in the flags argument.

- Catch nonsensical struct clone_args layouts at build time.

- Catch extensions of struct clone_args without updating the uapi visible
  size definitions at build time.

- Check whether the signal is valid early in kill_pid_usb_asyncio()
  before doing further work.

- Replace open-coded rcu_read_lock()+kill_pid_info()+rcu_read_unlock()
  sequence in kill_something_info() with kill_proc_info() which is a
  dedicated helper to do just that.

/* Testing */
All patches have seen exposure in linux-next and are based on v5.7-rc1.
No regressions or build warning have been reported to me and I haven't seen
any new ones in my own build with gcc 7.5.0.

/* Conflicts */
At the time of creating this PR no merge conflicts were reported from
linux-next.

The following changes since commit 8f3d9f354286745c751374f5f1fcafee6b3f3136:

  Linux 5.7-rc1 (2020-04-12 12:35:55 -0700)

are available in the Git repository at:

  git@...olite.kernel.org:pub/scm/linux/kernel/git/brauner/linux tags/for-linus-2020-04-18

for you to fetch changes up to a966dcfe153ab0a3d8d79cd971a079411a489be7:

  clone3: add build-time CLONE_ARGS_SIZE_VER* validity checks (2020-04-15 09:56:32 +0200)

Please consider pulling these changes from the signed for-linus-2020-04-18 tag.

(Btw, about two weeks ago chatting with Konstantin we realized that my gpg
 hadn't been up-to-date in
 https://git.kernel.org/pub/scm/docs/kernel/pgpkeys.git. Unlikely that this
 would've affected you but just in case it did it's now fixed.

 And last, after having played with Konstantin's b4 attestation feature for
 some patchsets I've sent out I've also used it for this pr here. So if you
 wanted to try you could use b4 on this thing to get the new shiny.)

Thanks!
Christian

----------------------------------------------------------------
for-linus-2020-04-18

----------------------------------------------------------------
Eugene Syromiatnikov (3):
      clone3: fix cgroup argument sanity check
      clone3: add a check for the user struct size if CLONE_INTO_CGROUP is set
      clone3: add build-time CLONE_ARGS_SIZE_VER* validity checks

Zhiqiang Liu (2):
      signal: check sig before setting info in kill_pid_usb_asyncio
      signal: use kill_proc_info instead of kill_pid_info in kill_something_info

 kernel/fork.c   | 11 ++++++++++-
 kernel/signal.c | 14 +++++---------
 2 files changed, 15 insertions(+), 10 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ