Re: Fwd: Started to get "memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL"

From: Bagas Sanjaya
Date: Thu Jun 01 2023 - 22:15:39 EST

Next message: Joe Perches: "Re: [PATCH v5] checkpatch: Check for 0-length and 1-element arrays"
Previous message: Jiasheng Jiang: "Re: [PATCH] mlxbf_gige: Add missing check for platform_get_irq"
In reply to: Kees Cook: "Re: Fwd: Started to get "memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL""
Next in thread: Stuart Foster: "Re: Fwd: Started to get "memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 6/1/23 21:12, Kees Cook wrote:
>> Hm indeed it seems to have introduced 2 new flags and immediately warn if
>> any process doesn't use them. Maybe it would make sense for some of the
>> non-default values of vm.memfd_noexec, but it's too early to warn
>> unconditionally everywhere, no?
>
> This is pretty standard for getting new options like this noticed by
> userspace -- there is no regression in _behavior_. It's just a reminder
> to fix userspace code.
>

Telling regzbot:

#regzbot invalid: not a kernel regression, but userspace fix is needed

Thanks.

--
An old man doll... just what I always wanted! - Clara

Next message: Joe Perches: "Re: [PATCH v5] checkpatch: Check for 0-length and 1-element arrays"
Previous message: Jiasheng Jiang: "Re: [PATCH] mlxbf_gige: Add missing check for platform_get_irq"
In reply to: Kees Cook: "Re: Fwd: Started to get "memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL""
Next in thread: Stuart Foster: "Re: Fwd: Started to get "memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]