]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commit
exec: avoid RLIMIT_STACK races with prlimit()
authorKees Cook <keescook@chromium.org>
Thu, 30 Nov 2017 00:10:51 +0000 (16:10 -0800)
committerLinus Torvalds <torvalds@linux-foundation.org>
Thu, 30 Nov 2017 02:40:42 +0000 (18:40 -0800)
commit04e35f4495dd560db30c25efca4eecae8ec8c375
tree62d890cff810621d1143f601df6181384fb87a86
parent5f1d43de54164dcfb9bfa542fcc92c1e1a1b6c1d
exec: avoid RLIMIT_STACK races with prlimit()

While the defense-in-depth RLIMIT_STACK limit on setuid processes was
protected against races from other threads calling setrlimit(), I missed
protecting it against races from external processes calling prlimit().
This adds locking around the change and makes sure that rlim_max is set
too.

Link: http://lkml.kernel.org/r/20171127193457.GA11348@beast
Fixes: 64701dee4178e ("exec: Use sane stack rlimit under secureexec")
Signed-off-by: Kees Cook <keescook@chromium.org>
Reported-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Reported-by: Brad Spengler <spender@grsecurity.net>
Acked-by: Serge Hallyn <serge@hallyn.com>
Cc: James Morris <james.l.morris@oracle.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Jiri Slaby <jslaby@suse.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/exec.c