On Fri, Jan 22, 2016 at 09:10:07PM -0600, Eric W. Biederman wrote:
> Kees Cook writes:
>
> > Several sysctls expect a state where the highest value (in extra2) is
> > locked once set for that boot. Yama does this, and kptr_restrict should
> > be doing it. This extracts Yama's logic and adds it to
Jann Horn writes:
> On Fri, Jan 22, 2016 at 09:10:07PM -0600, Eric W. Biederman wrote:
>> Kees Cook writes:
>>
>> > Several sysctls expect a state where the highest value (in extra2) is
>> > locked once set for that boot. Yama does this, and kptr_restrict should
>> > be doing it. This extracts
On Sat, Jan 23, 2016 at 07:20:17PM -0600, Eric W. Biederman wrote:
> Yep. That is about the size of it. file * used to be passed to the
> sysctl methods but it was removed several years ago because no one was
> using it.
Generally cred would be better... Alternatively we could eat one more
poi
On Sun, Jan 24, 2016 at 01:43:42AM +, Al Viro wrote:
> On Sat, Jan 23, 2016 at 07:20:17PM -0600, Eric W. Biederman wrote:
>
> > Yep. That is about the size of it. file * used to be passed to the
> > sysctl methods but it was removed several years ago because no one was
> > using it.
>
> Gen
Jann Horn writes:
> On Sun, Jan 24, 2016 at 01:43:42AM +, Al Viro wrote:
>> On Sat, Jan 23, 2016 at 07:20:17PM -0600, Eric W. Biederman wrote:
>>
>> > Yep. That is about the size of it. file * used to be passed to the
>> > sysctl methods but it was removed several years ago because no one
On Sun, Jan 24, 2016 at 12:02:41AM -0600, Eric W. Biederman wrote:
> Jann Horn writes:
>
> > On Sun, Jan 24, 2016 at 01:43:42AM +, Al Viro wrote:
> >> On Sat, Jan 23, 2016 at 07:20:17PM -0600, Eric W. Biederman wrote:
> >>
> >> > Yep. That is about the size of it. file * used to be passed
Jann Horn writes:
> On Sun, Jan 24, 2016 at 12:02:41AM -0600, Eric W. Biederman wrote:
>> Jann Horn writes:
>>
>> > On Sun, Jan 24, 2016 at 01:43:42AM +, Al Viro wrote:
>> >> On Sat, Jan 23, 2016 at 07:20:17PM -0600, Eric W. Biederman wrote:
>> >>
>> >> > Yep. That is about the size of it
