Skip to content
Commit 04e35f44 authored by Kees Cook's avatar Kees Cook Committed by Linus Torvalds
Browse files

exec: avoid RLIMIT_STACK races with prlimit() 

While the defense-in-depth RLIMIT_STACK limit on setuid processes was
protected against races from other threads calling setrlimit(), I missed
protecting it against races from external processes calling prlimit().
This adds locking around the change and makes sure that rlim_max is set
too.

Link: http://lkml.kernel.org/r/20171127193457.GA11348@beast
Fixes: 64701dee

 ("exec: Use sane stack rlimit under secureexec")
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Reported-by: default avatarBen Hutchings <ben.hutchings@codethink.co.uk>
Reported-by: default avatarBrad Spengler <spender@grsecurity.net>
Acked-by: default avatarSerge Hallyn <serge@hallyn.com>
Cc: James Morris <james.l.morris@oracle.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Jiri Slaby <jslaby@suse.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 5f1d43de
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment