On Fri, Oct 26, 2018 at 12:59 PM, Dave Hansen <dave.han...@intel.com> wrote: > On 10/26/18 12:51 PM, Dave Hansen wrote: > ... >> The result is that, after a fork(), the child's pkey state ends up >> looking like it does after an execve(), which is totally wrong. pkeys >> that are already allocated can be allocated again, for instance. > > One thing I omitted. This was very nicely discovered and reported by > danielmi...@gmail.com. Thanks, Daniel!
Thread ping. Is there a v2 of this, or can this go in as-is? Looks good to me: Reviewed-by: Kees Cook <keesc...@chromium.org> -Kees -- Kees Cook
