subject:"\[PATCH v8 4\/9\] sched\: move no_new_privs into new atomic flags"

Re: [PATCH v8 4/9] sched: move no_new_privs into new atomic flags

2014-06-25 Thread Kees Cook

On Wed, Jun 25, 2014 at 6:43 AM, Oleg Nesterov wrote: > On 06/24, Kees Cook wrote: >> >> --- a/include/linux/sched.h >> +++ b/include/linux/sched.h >> @@ -1307,8 +1307,7 @@ struct task_struct { >>* execve */ >> unsigned in_iowait:1; >> >> - /* task may not

Re: [PATCH v8 4/9] sched: move no_new_privs into new atomic flags

2014-06-25 Thread Oleg Nesterov

On 06/24, Kees Cook wrote: > > --- a/include/linux/sched.h > +++ b/include/linux/sched.h > @@ -1307,8 +1307,7 @@ struct task_struct { >* execve */ > unsigned in_iowait:1; > > - /* task may not gain privileges */ > - unsigned no_new_privs:1; > + unsi

[PATCH v8 4/9] sched: move no_new_privs into new atomic flags

2014-06-24 Thread Kees Cook

Since seccomp transitions between threads requires updates to the no_new_privs flag to be atomic, the flag must be part of an atomic flag set. This moves the nnp flag into a separate task field, and introduces accessors. Signed-off-by: Kees Cook --- fs/exec.c |4 ++-- includ