From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-fsdevel-owner@vger.kernel.org>
Received: from thejh.net ([37.221.195.125]:46526 "EHLO thejh.net"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1755272AbcIRTPm (ORCPT <rfc822;linux-fsdevel@vger.kernel.org>);
        Sun, 18 Sep 2016 15:15:42 -0400
Date: Sun, 18 Sep 2016 21:15:38 +0200
From: Jann Horn <jann@thejh.net>
To: Alexander Viro <viro@zeniv.linux.org.uk>,
        Roland McGrath <roland@hack.frob.com>,
        Oleg Nesterov <oleg@redhat.com>,
        John Johansen <john.johansen@canonical.com>,
        James Morris <james.l.morris@oracle.com>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Paul Moore <aul@paul-moore.com>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        Eric Paris <eparis@parisplace.org>,
        Casey Schaufler <casey@schaufler-ca.com>,
        Kees Cook <keescook@chromium.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Janis Danisevskis <jdanis@google.com>,
        Seth Forshee <seth.forshee@canonical.com>,
        "Eric . Biederman" <ebiederm@xmission.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Benjamin LaHaise <bcrl@kvack.org>
Cc: linux-fsdevel@vger.kernel.org,
        linux-security-module@vger.kernel.org, security@kernel.org
Subject: Re: [PATCH 5/9] proc: lock properly in ptrace_may_access callers
Message-ID: <20160918191538.GE17170@pc.thejh.net>
References: <1474211117-16674-1-git-send-email-jann@thejh.net>
 <1474211117-16674-6-git-send-email-jann@thejh.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
        protocol="application/pgp-signature"; boundary="uCPdOCrL+PnN2Vxy"
Content-Disposition: inline
In-Reply-To: <1474211117-16674-6-git-send-email-jann@thejh.net>
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>


--uCPdOCrL+PnN2Vxy
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Sun, Sep 18, 2016 at 05:05:13PM +0200, Jann Horn wrote:
> Use the new cred_guard_light to prevent information leaks
> through races in procfs.

The 0day test robot pointed out that I didn't take the mutex in
proc_map_files_readdir(). I'll add that in v2.

--uCPdOCrL+PnN2Vxy
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJX3ufaAAoJED4KNFJOeCOosE8QAM0SESJ/fPvdBBcubtjuwwhh
tX8/ymjD47dIIjXJeZ4hrs7rvuhJQ/jrHOb+sG+vgZr4YU6HJuJ2xBsdTH/Mb+lC
1LBsXGBX2DhosBUe17UcS7t83WvZ9GaLpv5QLL1vxdqP2zkRP14wR1FjHSQK+PLc
VFnWKl2ygs0d/Vt5sqFiiJ9J6DoHANgV2qDtS5P6+wmrg8jzCy7X98V07GvS4N8f
/1bc71MJDIDBwIosSXaWcl9h0UoJHtGDLe2c7tdndlYk8ywMOnyboOXtdLjGYKwT
HHKNfIlv8X/+/7QS4Yol+/5UEYDjdVmAh2s0jSglmDfT0V6XdDP/iSYc210oUg1v
CPlnHe27FMMCRv+jDDUu0cSJymJiSByaS6EKdybrJpHhCxR8VWp0c70PPpdhGZ1Y
OF4MhhJeGPAYa2JKUQC2oNq0APbIVvFCIPJc4CgcN/9BOPx4Dhg7bCrtDjBbT94I
27EsnFmcPisX6VY2Lw2CSttbLH9auuG0G/31flvtbCkDKKL6Phpnnj/VTRhX3pqH
seTcmHym3b2yL8iFKg82OXyJls+p83hVq6K01/TTIb7mXM7C2Lb8X+GYU6NBurwx
RVTV7Tf6kg8NVuwbfVfLrg2Ov8lijgc9pxNx2lgMCjyEQKBQMvf87Rl8tWUCWo0f
4D7sJ6ui1sbclRF+KhNw
=suar
-----END PGP SIGNATURE-----

--uCPdOCrL+PnN2Vxy--