* Andy Lutomirski <[email protected]> wrote:
> On Mon, Jun 20, 2016 at 4:39 PM, Andy Lutomirski <[email protected]> wrote:
> > Setting TS_COMPAT in ptrace is wrong: if we happen to do it during
> > syscall entry, then we'll confuse seccomp and audit. (The former
> > isn't a security problem: seccomp is currently entirely insecure if a
> > malicious ptracer is attached.) As a minimal fix, this patch adds a
> > new flag TS_I386_REGS_POKED that handles the ptrace special case.
>
> Hi Ingo-
>
> Could you apply this one patch for 4.8? While I don't think it's a
> significant security issue in 4.7 or earlier, leaving it unfixed in
> 4.8 will introduce a potentially unpleasant interaction with some
> seccomp changes that are queued up in the
> security tree for 4.8.
>
> It will have a trivially-resolvable conflict with -mm.
>
> The rest of the series this is in can wait.
I don't mind the rest of the series either - could you please repost it (with
the
review feedback addressed)?
Looks like that with minor changes the series has Oleg's Acked-by?
Thanks,
Ingo
