[Devel] [PATCH RH9 0/6] trusted_exec from part 27
Andrey Zhadchenko
andrey.zhadchenko at virtuozzo.com
Mon Oct 4 17:42:50 MSK 2021
Pavel Tikhomirov (3):
trusted/ve/fs/exec: Don't allow a privileged user to execute untrusted
files
trusted/ve/fs/exec: Send SIGSEGV to a process trying to execute
untrusted files
trusted/ve/exec: Allow trusted exec change both on boot and on running
system
Stanislav Kinsburskiy (1):
ve/fs: add per-VE limit of mount points
Valeriy Vdovin (2):
trusted/block: Added trusted flag to struct genhd
trusted/ve/mmap: Protect from unsecure library load from CT image
block/genhd.c | 39 ++++++++++++++++++++++
fs/exec.c | 17 ++++++++--
fs/mount.h | 3 ++
fs/namespace.c | 50 +++++++++++++++++++++++++++--
include/linux/genhd.h | 4 +++
include/linux/sysctl.h | 2 ++
include/linux/ve.h | 6 ++++
kernel/sysctl.c | 17 ++++++++++
kernel/ve/ve.c | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++
kernel/ve/veowner.c | 19 +++++++++++
mm/util.c | 5 +++
11 files changed, 245 insertions(+), 4 deletions(-)
--
1.8.3.1
More information about the Devel
mailing list