* Kees Cook <keesc...@chromium.org> wrote:
> > git commit b5a882fcf146c87cb6b67c6df353e1c042b8773d
> > "s390: restore address space when returning to user space".
>
> If I'm understanding this, it won't catch corruption of addr_limit
> during fast-path syscalls, though (i.e. addr_limit changed without a
> call to set_fs()). :(
Nor does it, or the patch you propose, protect against against something
corrupting task->mm pointer, or the task->*uid values, or any of the myriads of
security relevant values stored in the task structure!
Making sure API (set_fs()) usage is bug-free and protecting against the effects
of
general data corruption are two unrelated things that should not mixed.
Thanks,
Ingo
