On Tue, Nov 20, 2018 at 1:14 PM Kees Cook <keesc...@chromium.org> wrote: > > On Fri, Oct 26, 2018 at 12:59 PM, Dave Hansen <dave.han...@intel.com> wrote: > > On 10/26/18 12:51 PM, Dave Hansen wrote: > > ... > >> The result is that, after a fork(), the child's pkey state ends up > >> looking like it does after an execve(), which is totally wrong. pkeys > >> that are already allocated can be allocated again, for instance. > > > > One thing I omitted. This was very nicely discovered and reported by > > danielmi...@gmail.com. Thanks, Daniel! > > Thread ping. Is there a v2 of this, or can this go in as-is? Looks good to me: > > Reviewed-by: Kees Cook <keesc...@chromium.org>
Ingo, can you take these two patches? Use of pkeys is still buggy without it. (And probably should have a Cc: stable tag too.) -Kees -- Kees Cook
