UBUNTU: SAUCE: LSM stacking: adjust prctl values

Since LSM Stacking is provided as an early preview in the Ubuntu
kernels, we should use unusually high values for the LSM Stacking prctls
to reduce the chances of colliding with an upstream feature.

CVE-2018-3639
BugLink: https://launchpad.net/bugs/1769263
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h
index b17797d5844c4ee66a1aa8bffe635aa39d388bf7..df90aa6ffd421f48c543f11c83e4ec442f9451c8 100644 (file)
--- a/include/uapi/linux/prctl.h
+++ b/include/uapi/linux/prctl.h
@@ -207,8 +207,14 @@ struct prctl_mm_map {
 # define PR_SVE_VL_LEN_MASK            0xffff
 # define PR_SVE_VL_INHERIT             (1 << 17) /* inherit across exec */
 
-/* Control the LSM specific peer information */
-#define        PR_GET_DISPLAY_LSM      52
-#define        PR_SET_DISPLAY_LSM      53
+/*
+ * Control the LSM specific peer information
+ *
+ * The Ubuntu kernel provides an early preview of LSM Stacking. Use these
+ * PRCTLs at your own risk. Their values are not guaranteed to be stable in the
+ * case of colliding with an upstream PRCTL.
+ */
+#define        PR_GET_DISPLAY_LSM      1000000
+#define        PR_SET_DISPLAY_LSM      1000001
 
 #endif /* _LINUX_PRCTL_H */