WebSubject: Re: [PATCH v4 3/3] prctl: Allow ptrace capable processes to change /proc/self/exe; From: "Serge E. Hallyn" ; Date: Thu, 2 Jul 2024 16:16:47 -0500; Cc: Christian Brauner , Eric Biederman , Pavel Emelyanov , Oleg Nesterov … WebFix a mismatch between prototypes and callers for the updated security_task_prctl(). The newly introduced argument, error, is a long, not an int.
Linux Security Module -- Re: [PATCH v4 3/3] prctl: Allow ptrace …
Web30 Mar 2024 · The mitigation is by default disabled, and can be enabled by user programs using the prctl () system call, and is default enabled for applications using " seccomp " filtering, like openssh, vsftpd and chromium. nospec_store_bypass_disable and spec_store_bypass_disable=off The mitigation is disabled. spec_store_bypass_disable=on WebSubject: Re: [PATCH v4 3/3] prctl: Allow ptrace capable processes to change /proc/self/exe; From: Christian Brauner ; Date: Wed, 1 Jul 2024 10:55:37 … dr john meriwether
LKML: Marcelo Tosatti: [patch v11 03/13] add basic task isolation prctl …
Web14 Feb 2024 · * prctl() is called with a first argument describing what to do (with * values PR_* defined above) and with additional arguments depending on * the specific command. Web13 Jan 2024 · Thanks. add prctl interface for task isolation Add a new extensible interface for task isolation, and allow userspace to quiesce the CPU. This means putting the system into a quiet state by completing all workqueue items, idle all subsystems that need it and put the cpu into NOHZ mode. WebYama is a Linux Security Module that collects system-wide DAC security protections that are not handled by the core kernel itself. This is selectable at build-time with CONFIG_SECURITY_YAMA, and can be controlled at run-time through sysctls in /proc/sys/kernel/yama: ptrace_scope ¶ dr john mercer wylie tx