iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs
History
Kees Cook 04e35f4495 exec: avoid RLIMIT_STACK races with prlimit() 
While the defense-in-depth RLIMIT_STACK limit on setuid processes was
protected against races from other threads calling setrlimit(), I missed
protecting it against races from external processes calling prlimit().
This adds locking around the change and makes sure that rlim_max is set
too.

Link: http://lkml.kernel.org/r/20171127193457.GA11348@beast
Fixes: 64701dee4178e ("exec: Use sane stack rlimit under secureexec")
Signed-off-by: Kees Cook <keescook@chromium.org>
Reported-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Reported-by: Brad Spengler <spender@grsecurity.net>
Acked-by: Serge Hallyn <serge@hallyn.com>
Cc: James Morris <james.l.morris@oracle.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Jiri Slaby <jslaby@suse.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-11-29 18:40:42 -08:00
..
9p
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
adfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
affs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
afs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
autofs4
autofs: don't fail mount for transient error
2017-11-17 16:10:02 -08:00
befs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
bfs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
btrfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
cachefiles
mm: remove __GFP_COLD
2017-11-15 18:21:06 -08:00
ceph
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
cifs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
coda
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
configfs
configfs: make ci_type field, some pointers and function arguments const
2017-10-19 16:15:16 +02:00
cramfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
crypto
fscrypt: lots of cleanups, mostly courtesy by Eric Biggers
2017-11-14 11:35:15 -08:00
debugfs
debugfs: Remove redundant license text
2017-11-07 20:25:03 +01:00
devpts
pty: Repair TIOCGPTPEER
2017-08-24 13:23:03 -07:00
dlm
A couple of configfs cleanups:
2017-11-14 14:44:04 -08:00
ecryptfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
efivarfs
efs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
exofs
Merge branch 'for-4.14/block' of git://git.kernel.dk/linux-block
2017-09-07 11:59:42 -07:00
exportfs
ext2
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
ext4
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
f2fs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
fat
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
freevxfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
fscache
AFS development
2017-11-16 11:41:22 -08:00
fuse
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
gfs2
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
hfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
hfsplus
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
hostfs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
hpfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
hugetlbfs
mm, pagevec: remove cold parameter for pagevecs
2017-11-15 18:21:06 -08:00
isofs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
jbd2
libnvdimm for 4.15
2017-11-17 09:51:57 -08:00
jffs2
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
jfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
kernfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
lockd
Lots of good bugfixes, including:
2017-11-18 11:22:04 -08:00
minix
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
ncpfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
nfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
nfs_common
nfs_common: convert int to bool
2017-09-26 09:25:38 -04:00
nfsd
Lots of good bugfixes, including:
2017-11-18 11:22:04 -08:00
nilfs2
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
nls
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
notify
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
ntfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
ocfs2
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
omfs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
openpromfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
orangefs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
overlayfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
proc
proc: don't report kernel addresses in /proc/<pid>/stack
2017-11-27 16:45:56 -08:00
pstore
treewide: Switch DEFINE_TIMER callbacks to struct timer_list *
2017-11-21 15:57:05 -08:00
qnx4
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
qnx6
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
quota
Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
2017-11-14 14:13:11 -08:00
ramfs
mm: make pagevec_lookup() update index
2017-09-06 17:27:26 -07:00
reiserfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
romfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
squashfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
sysfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
sysv
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
tracefs
ubifs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
udf
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
ufs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
xfs
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
aio.c
Merge branch 'misc.compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 11:54:55 -08:00
anon_inodes.c
attr.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
bad_inode.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
binfmt_aout.c
fs: fix kernel_read prototype
2017-09-04 19:05:15 -04:00
binfmt_elf_fdpic.c
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 12:54:01 -08:00
binfmt_elf.c
Merge branch 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm
2017-11-16 12:50:35 -08:00
binfmt_em86.c
binfmt_flat.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
binfmt_misc.c
fs/binfmt_misc.c: node could be NULL when evicting inode
2017-10-13 16:18:33 -07:00
binfmt_script.c
exec: load_script: kill the onstack interp[BINPRM_BUF_SIZE] array
2017-10-03 17:54:25 -07:00
block_dev.c
Merge branch 'for-4.15/block' of git://git.kernel.dk/linux-block
2017-11-14 15:32:19 -08:00
buffer.c
mm, pagevec: remove cold parameter for pagevecs
2017-11-15 18:21:06 -08:00
char_dev.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
compat_binfmt_elf.c
compat_ioctl.c
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 12:54:01 -08:00
compat.c
coredump.c
Merge branch 'misc.compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 11:54:55 -08:00
dax.c
mm: replace pmd_write with pmd_access_permitted in fault + gup paths
2017-11-29 18:40:42 -08:00
dcache.c
kmemcheck: remove annotations
2017-11-15 18:21:04 -08:00
dcookies.c
direct-io.c
Merge branch 'for-4.15/block' of git://git.kernel.dk/linux-block
2017-11-14 15:32:19 -08:00
drop_caches.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
eventfd.c
eventpoll.c
Merge branch 'akpm' (patches from Andrew)
2017-11-17 16:56:17 -08:00
exec.c
exec: avoid RLIMIT_STACK races with prlimit()
2017-11-29 18:40:42 -08:00
fcntl.c
fcntl: don't cap l_start and l_end values for F_GETLK64 in compat syscall
2017-11-15 08:08:36 -05:00
fhandle.c
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 12:54:01 -08:00
file_table.c
fs, mm: account filp cache to kmemcg
2017-11-15 18:21:04 -08:00
file.c
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 12:54:01 -08:00
filesystems.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
fs_pin.c
Merge branch 'linus' into locking/core, to resolve conflicts
2017-11-07 10:32:44 +01:00
fs_struct.c
fs-writeback.c
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
inode.c
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
internal.h
fs: expose do_unlinkat for built-in callers
2017-11-10 08:48:46 -05:00
ioctl.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
iomap.c
Merge branch 'work.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 12:08:18 -08:00
Kconfig
Kconfig.binfmt
ARM: enable elf_fdpic on systems with an MMU
2017-09-10 19:31:46 -04:00
libfs.c
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
locks.c
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
Makefile
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
mbcache.c
mount.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
mpage.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
namei.c
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 12:54:01 -08:00
namespace.c
vfs: fix mounting a filesystem with i_version
2017-11-08 15:16:36 -05:00
no-block.c
nsfs.c
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
open.c
ovl: don't allow writing ioctl on lower layer
2017-09-05 12:53:12 +02:00
pipe.c
pipe: add proc_dopipe_max_size() to safely assign pipe_max_size
2017-11-17 16:10:03 -08:00
pnode.c
pnode.h
posix_acl.c
proc_namespace.c
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
read_write.c
Merge branch 'work.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 12:08:18 -08:00
readdir.c
Merge branch 'linus' into locking/core, to resolve conflicts
2017-11-07 10:32:44 +01:00
select.c
Merge branch 'misc.compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 11:54:55 -08:00
seq_file.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
signalfd.c
Merge branch 'misc.compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 11:54:55 -08:00
splice.c
locking/atomics: COCCINELLE/treewide: Convert trivial ACCESS_ONCE() patterns to READ_ONCE()/WRITE_ONCE()
2017-10-25 11:01:08 +02:00
stack.c
stat.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
statfs.c
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
super.c
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2017-11-17 12:54:01 -08:00
sync.c
Merge branch 'for-4.15/block' of git://git.kernel.dk/linux-block
2017-11-14 15:32:19 -08:00
timerfd.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
userfaultfd.c
userfaultfd: use mmgrab instead of open-coded increment of mm_count
2017-11-15 18:21:05 -08:00
utimes.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
xattr.c
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
2017-10-04 18:03:15 +11:00