Re: [PATCH 1/2] x86/pkeys: copy pkey state at fork()

From: Kees Cook
Date: Tue Jan 08 2019 - 19:56:32 EST

Next message: Ben Greear: "Re: [PATCH] x86/speculation: Add document to describe Spectre and its mitigations"
Previous message: JoÃo Paulo Rechi Vita: "Re: [PATCH AUTOSEL 4.20 008/117] platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Nov 20, 2018 at 1:14 PM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> On Fri, Oct 26, 2018 at 12:59 PM, Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
> > On 10/26/18 12:51 PM, Dave Hansen wrote:
> > ...
> >> The result is that, after a fork(), the child's pkey state ends up
> >> looking like it does after an execve(), which is totally wrong. pkeys
> >> that are already allocated can be allocated again, for instance.
> >
> > One thing I omitted. This was very nicely discovered and reported by
> > danielmicay@xxxxxxxxxx Thanks, Daniel!
>
> Thread ping. Is there a v2 of this, or can this go in as-is? Looks good to me:
>
> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

Ingo, can you take these two patches? Use of pkeys is still buggy
without it. (And probably should have a Cc: stable tag too.)

-Kees

--
Kees Cook

Next message: Ben Greear: "Re: [PATCH] x86/speculation: Add document to describe Spectre and its mitigations"
Previous message: JoÃo Paulo Rechi Vita: "Re: [PATCH AUTOSEL 4.20 008/117] platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]