Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp292039ybt; Tue, 23 Jun 2020 22:35:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJybKgk0Af/yFEamg7wf5Znwxe8odmPfIcBwWJqhM0lfb95yd5kapfjW3p/ohQHe23iTGfUZ X-Received: by 2002:a17:906:1c4b:: with SMTP id l11mr12855222ejg.307.1592976936928; Tue, 23 Jun 2020 22:35:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592976936; cv=none; d=google.com; s=arc-20160816; b=1D+x8rxLIj/4l82MWPdZ2wLDGEzHpodc4SGT8rXaqnbsdSPXSRQR+agMGowQAA+gbz dq3g93EuceIBNzirb+FZi4yxZLHyYuyEK/FH00rJTGAZr40rKLaxyq3oFzUdzgDkjzhW SBSnzo6uau1v1NuuHm2sd/8h2sa8+H5TDWiVxCVE2m+TRW5/5Yxf5Sp7WhaGw8oODv7O gPHZSw42sdE3maCXvaufMk9SNbQ8wJ2nzv6hCRS+qs45bVPjYu07lULBrNg4jlPFiOe3 qKJhFTd+cwu4rJrRJ98JjtQuS8GN4TpJo8R2BM0WmiM1MhWoGn5YdEil13e/MMieqh5f UJOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=Qats/l4HmcNXNccIynRnA6qPeqv0LzTYy2TqlyVJqJk=; b=gcTy14SylgU+v9yISLpRcXsAk7ywwZGf86L4rMN2RP48ONhlruCu7nM8eXjWg3b5n8 YapJFvIYYRHC6qdiQ+t2qUTdQ0cZnzuuT54rGPua1q9IUup7nBvdtCpRTi+JDUZ2cLbp aCYD2h8VanQA7jjUZ8SIXLsMk6uJSZ6XhpAoNkpxs31MSCU4aMeAjzWY9vmRcvZ6OB9O Y+DiJIMQGDGpcey2fCpDHMw7CEUKW8Uy5APIqQvwlLmV5c57Fho3T9ZwmrsZLs/vWpPp tXoUSfeP2FuiuTPiGaCRZqQtbZR8qdGB9djw7hiIDtkK1Wh5sAqgBLUnQniq91dmNHuz CYbw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id n9si66300eja.529.2020.06.23.22.35.13; Tue, 23 Jun 2020 22:35:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388946AbgFXFe7 (ORCPT + 99 others); Wed, 24 Jun 2020 01:34:59 -0400 Received: from trent.utfs.org ([94.185.90.103]:42712 "EHLO trent.utfs.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388470AbgFXFe7 (ORCPT ); Wed, 24 Jun 2020 01:34:59 -0400 Received: from localhost (localhost [IPv6:::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by trent.utfs.org (Postfix) with ESMTPS id 55F3E5F838; Wed, 24 Jun 2020 07:34:57 +0200 (CEST) Date: Tue, 23 Jun 2020 22:34:57 -0700 (PDT) From: Christian Kujau To: Kees Cook cc: Alexey Dobriyan , Andrew Morton , Willy Tarreau , Dan Carpenter , linux-kernel@vger.kernel.org Subject: Re: process '/usr/bin/rsync' started with executable stack In-Reply-To: <202006231619.38108DE0@keescook> Message-ID: References: <20200623211218.GA40110@localhost.localdomain> <20200623212214.GA41702@localhost.localdomain> <202006231619.38108DE0@keescook> User-Agent: Alpine 2.22.1 (DEB 446 2020-06-13) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 23 Jun 2020, Kees Cook wrote: > > If you run something with exec stack after the message > > you shouldn't get it second time. > > If you want to reset this flag, you can do: > # echo 1 > /sys/kernel/debug/clear_warn_once Thanks. Although, I tend to not mount /sys/kernel/{config,debug,tracing} and other things, I always thought they are not needed and could maybe lower the attack surface if not mounted. Or maybe my tinfoil hat needs some adjustment... Christian. -- BOFH excuse #279: The static electricity routing is acting up...