Date: Sat, 19 Sep 2020 10:01:43 +0200 From: John Wood <john.wood@....com> To: Kees Cook <keescook@...omium.org> Cc: John Wood <john.wood@....com>, kernel-hardening@...ts.openwall.com, Jann Horn <jannh@...gle.com>, Matthew Wilcox <willy@...radead.org>, Jonathan Corbet <corbet@....net>, Alexander Viro <viro@...iv.linux.org.uk>, Ingo Molnar <mingo@...hat.com>, Peter Zijlstra <peterz@...radead.org>, Juri Lelli <juri.lelli@...hat.com>, Vincent Guittot <vincent.guittot@...aro.org>, Dietmar Eggemann <dietmar.eggemann@....com>, Steven Rostedt <rostedt@...dmis.org>, Ben Segall <bsegall@...gle.com>, Mel Gorman <mgorman@...e.de>, Luis Chamberlain <mcgrof@...nel.org>, Iurii Zaikin <yzaikin@...gle.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-security-module@...r.kernel.org Subject: Re: [RFC PATCH 6/6] security/fbfam: Mitigate a fork brute force attack On Fri, Sep 18, 2020 at 02:35:12PM -0700, Kees Cook wrote: > On Fri, Sep 18, 2020 at 06:02:16PM +0200, John Wood wrote: > > On Thu, Sep 10, 2020 at 04:56:19PM -0700, Kees Cook wrote: > > > On Thu, Sep 10, 2020 at 01:21:07PM -0700, Kees Cook wrote: > > > > + pr_warn("fbfam: Offending process with PID %d killed\n", > > > > + p->pid); > > > > > > I'd make this ratelimited (along with Jann's suggestions). > > > > Sorry, but I don't understand what you mean with "make this ratelimited". > > A clarification would be greatly appreciated. > > Ah! Yes, sorry for not being more clear. There are ratelimit helpers for > the pr_*() family of functions, e.g.: > > pr_warn_ratelimited("brute: Offending process with PID... Thanks for the clarification. > -- > Kees Cook Regards, John Wood
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.