Am 12.02.2016 um 08:57 schrieb Jiri Slaby: > On 02/11/2016, 06:32 PM, Willy Tarreau wrote: >> On Thu, Feb 11, 2016 at 02:59:08PM +0100, Jiri Slaby wrote: >>> From: willy tarreau <w@xxxxxx> >>> >>> 3.12-stable review patch. If anyone has any objections, please let me know. >>> >>> =============== >>> >>> [ Upstream commit 712f4aad406bb1ed67f3f98d04c044191f0ff593 ] >>> >>> It is possible for a process to allocate and accumulate far more FDs than >>> the process' limit by sending them over a unix socket then closing them >>> to keep the process' fd count low. >>> >>> This change addresses this problem by keeping track of the number of FDs >>> in flight per user and preventing non-privileged processes from having >>> more FDs in flight than their configured FD limit. >>> >>> Reported-by: socketpair@xxxxxxxxx >>> Reported-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> >>> Mitigates: CVE-2013-4312 (Linux 2.0+) >>> Suggested-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> >>> Acked-by: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx> >>> Signed-off-by: Willy Tarreau <w@xxxxxx> >>> Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx> >>> Signed-off-by: Jiri Slaby <jslaby@xxxxxxx> >> >> A possible issue was reported regarding this patch, and Hannes >> implemented a fix that's not yet in mainline. I guess it's >> preferable to postpone this patch for now. > > yes definitely. Thanks for noting. Yes and no: the above mentioned patch looks innocent now after more bisecting, but there is <https://patchwork.ozlabs.org/patch/577653/> as a folow-up to the FD-accounting. > For reference: > http://article.gmane.org/gmane.linux.kernel/2142236 Better read the full thread: <http://thread.gmane.org/gmane.linux.kernel/2142236>; the suspected bad patch is unix: avoid use-after-free in ep_remove_wait_queue Philipp -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html