On Tue, Sep 26, 2017 at 10:15 PM, Tycho Andersen <[email protected]> wrote: > Hi, > > On Fri, Sep 22, 2017 at 05:22:29PM +0200, Oleg Nesterov wrote: >> On 09/21, Kees Cook wrote: >> > Can you resend the two patches; I can send the backport to -stable >> > manually... >> >> Not sure I understand... Do you mean this fix + untested "introduce >> get_nth_filter()" ? > > Just want to make sure this doesn't get lost in the shuffle. If I > resend just Oleg's patch with the added __get_secomp_filter() instead > of open coded refcount, will that work for you Kees?
Yeah, this should be fine; thanks! -Kees > > We can worry about the get_nth_filter implementation with the > PTRACE_SECCOMP_GET_METADATA series later. > > Cheers, > > Tycho -- Kees Cook Pixel Security
