]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit
projects / mirror_ubuntu-bionic-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4f38691) | patch
seccomp: Enable speculation flaw mitigations
authorKees Cook <keescook@chromium.org>
Tue, 1 May 2018 22:07:31 +0000 (15:07 -0700)
committerStefan Bader <stefan.bader@canonical.com>
Wed, 16 May 2018 11:52:28 +0000 (13:52 +0200)
commite4400db202d13e87145ee91e036306f95f659484
tree0591e5669d3d095bd3f2cfe1c6ee2f4f4484bb86tree
parent4f386914abf8bc5db0eb1b02c15aae68b181a357commit | diff
seccomp: Enable speculation flaw mitigations

When speculation flaw mitigations are opt-in (via prctl), using seccomp
will automatically opt-in to these protections, since using seccomp
indicates at least some level of sandboxing is desired.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
CVE-2018-3639 (x86)

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
kernel/seccomp.c diff | blob | blame | history
ubuntu-bionic-kernel mirror