diff options
| author | Jeremy Cline <jeremy@jcline.org> | 2017-12-13 13:55:37 -0500 |
|---|---|---|
| committer | Jeremy Cline <jeremy@jcline.org> | 2017-12-13 13:55:51 -0500 |
| commit | 9036f48254be36e433ed3bb01f4cf951ff65d98c (patch) | |
| tree | 4326f0b7bfb2af80f52e8953cf36c500c29eb36b /Revert-exec-avoid-RLIMIT_STACK-races-with-prlimit.patch | |
| parent | 87c50127e504000d71c6587f2645af0767b9e188 (diff) | |
| download | kernel-9036f48254be36e433ed3bb01f4cf951ff65d98c.tar.gz kernel-9036f48254be36e433ed3bb01f4cf951ff65d98c.tar.xz kernel-9036f48254be36e433ed3bb01f4cf951ff65d98c.zip | |
Revert exec: avoid RLIMIT_STACK races with prlimit()
Diffstat (limited to 'Revert-exec-avoid-RLIMIT_STACK-races-with-prlimit.patch')
| -rw-r--r-- | Revert-exec-avoid-RLIMIT_STACK-races-with-prlimit.patch | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/Revert-exec-avoid-RLIMIT_STACK-races-with-prlimit.patch b/Revert-exec-avoid-RLIMIT_STACK-races-with-prlimit.patch new file mode 100644 index 000000000..0685f06aa --- /dev/null +++ b/Revert-exec-avoid-RLIMIT_STACK-races-with-prlimit.patch @@ -0,0 +1,50 @@ +From patchwork Tue Dec 12 19:28:38 2017 +Content-Type: text/plain; charset="utf-8" +MIME-Version: 1.0 +Content-Transfer-Encoding: 8bit +Subject: Revert "exec: avoid RLIMIT_STACK races with prlimit()" +From: Kees Cook <keescook@chromium.org> +X-Patchwork-Id: 10108209 +Message-Id: <20171212192838.GA14592@beast> +To: Linus Torvalds <torvalds@linux-foundation.org> +Cc: Laura Abbott <labbott@redhat.com>, + =?utf-8?B?VG9tw6HFoQ==?= Trnka <trnka@scm.com>, + linux-kernel@vger.kernel.org +Date: Tue, 12 Dec 2017 11:28:38 -0800 + +This reverts commit 04e35f4495dd560db30c25efca4eecae8ec8c375. + +SELinux runs with secureexec for all non-"noatsecure" domain transitions, +which means lots of processes end up hitting the stack hard-limit change +that was introduced in order to fix a race with prlimit(). That race fix +will need to be redesigned. + +Reported-by: Laura Abbott <labbott@redhat.com> +Reported-by: Tomáš Trnka <trnka@scm.com> +Cc: stable@vger.kernel.org +Signed-off-by: Kees Cook <keescook@chromium.org> +--- + fs/exec.c | 7 +------ + 1 file changed, 1 insertion(+), 6 deletions(-) + +diff --git a/fs/exec.c b/fs/exec.c +index 6be2aa0ab26f..1d6243d9f2b6 100644 +--- a/fs/exec.c ++++ b/fs/exec.c +@@ -1340,15 +1340,10 @@ void setup_new_exec(struct linux_binprm * bprm) + * avoid bad behavior from the prior rlimits. This has to + * happen before arch_pick_mmap_layout(), which examines + * RLIMIT_STACK, but after the point of no return to avoid +- * races from other threads changing the limits. This also +- * must be protected from races with prlimit() calls. ++ * needing to clean up the change on failure. + */ +- task_lock(current->group_leader); + if (current->signal->rlim[RLIMIT_STACK].rlim_cur > _STK_LIM) + current->signal->rlim[RLIMIT_STACK].rlim_cur = _STK_LIM; +- if (current->signal->rlim[RLIMIT_STACK].rlim_max > _STK_LIM) +- current->signal->rlim[RLIMIT_STACK].rlim_max = _STK_LIM; +- task_unlock(current->group_leader); + } + + arch_pick_mmap_layout(current->mm); |