On Mon, 23 Jan 2017, Mike Frysinger wrote: > On Sun, Jan 22, 2017 at 4:10 PM, James Morris wrote: > > On Fri, 20 Jan 2017, Kees Cook wrote: > > > Yup, I think this is fine. The additional kernel code executed before > > > the do_exit() is relatively limited, and is equivalent to leaving > > > kill(self, SIGSEGV) exposed in a seccomp filter. Setting an RLIMIT is > > > also sufficient to block the core generation, so really paranoid > > > environments can still do that. > > > > > > The forwarded ack stands: > > > > > > Acked-by: Kees Cook <keesc...@chromium.org> > > > > > > James, can you add this to your tree? > > > > Mike, please resend the patch, I don't have it. > > looks like patchwork grabbed it: > https://patchwork.kernel.org/patch/9527359/ > > has a mbox link which should get you what you need ?
Thanks. Applied to git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next -- James Morris <jmor...@namei.org>
