linux/arch/x86
Kees Cook 8f2af155b5 exec: pass stack rlimit into mm layout functions
Patch series "exec: Pin stack limit during exec".

Attempts to solve problems with the stack limit changing during exec
continue to be frustrated[1][2].  In addition to the specific issues
around the Stack Clash family of flaws, Andy Lutomirski pointed out[3]
other places during exec where the stack limit is used and is assumed to
be unchanging.  Given the many places it gets used and the fact that it
can be manipulated/raced via setrlimit() and prlimit(), I think the only
way to handle this is to move away from the "current" view of the stack
limit and instead attach it to the bprm, and plumb this down into the
functions that need to know the stack limits.  This series implements
the approach.

[1] 04e35f4495 ("exec: avoid RLIMIT_STACK races with prlimit()")
[2] 779f4e1c6c ("Revert "exec: avoid RLIMIT_STACK races with prlimit()"")
[3] to security@kernel.org, "Subject: existing rlimit races?"

This patch (of 3):

Since it is possible that the stack rlimit can change externally during
exec (either via another thread calling setrlimit() or another process
calling prlimit()), provide a way to pass the rlimit down into the
per-architecture mm layout functions so that the rlimit can stay in the
bprm structure instead of sitting in the signal structure until exec is
finalized.

Link: http://lkml.kernel.org/r/1518638796-20819-2-git-send-email-keescook@chromium.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Michal Hocko <mhocko@kernel.org>
Cc: Ben Hutchings <ben@decadent.org.uk>
Cc: Willy Tarreau <w@1wt.eu>
Cc: Hugh Dickins <hughd@google.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: Rik van Riel <riel@redhat.com>
Cc: Laura Abbott <labbott@redhat.com>
Cc: Greg KH <greg@kroah.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Ben Hutchings <ben.hutchings@codethink.co.uk>
Cc: Brad Spengler <spender@grsecurity.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-04-11 10:28:37 -07:00
..
boot Merge branch 'efi-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-04-02 17:46:37 -07:00
configs x86/unwind: Rename unwinder config options to 'CONFIG_UNWINDER_*' 2017-10-14 10:12:12 +02:00
crypto crypto: x86/des3_ede - des3_ede_skciphers[] can be static 2018-03-09 22:45:53 +08:00
entry Char/Misc patches for 4.17-rc1 2018-04-04 20:07:20 -07:00
events Merge branch 'x86-timers-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-04-02 16:18:31 -07:00
hyperv x86/hyper-v: allocate and use Virtual Processor Assist Pages 2018-03-28 22:47:06 +02:00
ia32 syscalls/x86: auto-create compat_sys_*() prototypes 2018-04-02 20:16:18 +02:00
include ARM: 2018-04-09 11:42:31 -07:00
kernel ARM: 2018-04-09 11:42:31 -07:00
kvm ARM: 2018-04-09 11:42:31 -07:00
lib Merge branch 'x86-cleanups-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-04-02 15:16:43 -07:00
math-emu License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mm exec: pass stack rlimit into mm layout functions 2018-04-11 10:28:37 -07:00
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-03-23 11:31:58 -04:00
oprofile x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() 2018-02-21 09:54:17 +01:00
pci Merge branch 'x86-dma-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-04-02 17:18:45 -07:00
platform Merge branch 'efi-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-04-02 17:46:37 -07:00
power x86/mm: Replace compile-time checks for 5-level paging with runtime-time checks 2018-02-16 10:48:49 +01:00
purgatory x86/purgatory: Avoid creating stray .<pid>.d files, remove -MD from KBUILD_CFLAGS 2018-03-25 11:04:02 +02:00
ras License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
realmode x86-64/realmode: Add instruction suffix 2018-02-20 09:33:41 +01:00
tools x86: Treat R_X86_64_PLT32 as R_X86_64_PC32 2018-02-22 09:01:10 -08:00
um x86/cpu: Remove the CONFIG_X86_PPRO_FENCE=y quirk 2018-03-20 10:01:05 +01:00
video
xen Merge branch 'x86-mm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-04-02 15:45:30 -07:00
.gitignore x86/build: Add arch/x86/tools/insn_decoder_test to .gitignore 2018-02-13 14:10:29 +01:00
Kbuild Merge branch 'x86-platform-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2017-09-07 09:25:15 -07:00
Kconfig Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2018-04-05 11:56:35 -07:00
Kconfig.cpu Merge branch 'x86-pti-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-03-25 07:36:02 -10:00
Kconfig.debug Merge branch 'x86-cleanups-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-01-30 13:01:09 -08:00
Makefile Merge branch 'x86-build-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-04-02 14:37:03 -07:00
Makefile.um License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Makefile_32.cpu License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00