On Thu, Jan 19, 2023 at 04:26:55PM -0800, Kees Cook wrote: > Hi, > > I'd like to ask that the oops_limit series get included in -stable > releases. It's a recommended defense developed while writing this > report: > https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html > > I've had a few people ask about having it in -stable, for example: > https://lore.kernel.org/lkml/20230119201023.4003-1-sj@xxxxxxxxxx > > This is the series: > > 9360d035a579 panic: Separate sysctl logic from CONFIG_SMP > d4ccd54d28d3 exit: Put an upper limit on how often we can oops > 9db89b411170 exit: Expose "oops_count" to sysfs > de92f65719cd exit: Allow oops_limit to be disabled > 79cc1ba7badf panic: Consolidate open-coded panic_on_warn checks > 9fc9e278a5c0 panic: Introduce warn_limit > 8b05aa263361 panic: Expose "warn_count" to sysfs > 00dd027f721e docs: Fix path paste-o for /sys/kernel/warn_count > 7535b832c639 exit: Use READ_ONCE() for all oops/warn limit reads > > For v6.1.x they apply cleanly and behave as expected. All now queued up. > I'm hoping someone can step up and do backports for v5.15.x and earlier, > as there appear to be a number of conflicts and I'm swamped with other > stuff to do. :P If any distro/release cares about 5.15.y and earlier, I will be glad to take backports. thanks, greg k-h
