On Sun, Mar 14, 2021 at 11:51:14PM +0300, Alexey Dobriyan wrote: > prctl(PR_SET_MM, PR_SET_MM_AUXV, addr, 1); > > will copy 1 byte from userspace to (quite big) on-stack array > and then stash everything to mm->saved_auxv. > AT_NULL terminator will be inserted at the very end. > > /proc/*/auxv handler will find that AT_NULL terminator > and copy original stack contents to userspace. > > This devious scheme requires CAP_SYS_RESOURCE. > > Signed-off-by: Alexey Dobriyan <adobri...@gmail.com> > ---
Thanks for catching up, Alexey!
