# git rev-parse -q --verify 7b55851367136b1efd84d98fea81ba57a98304cf^{commit}
7b55851367136b1efd84d98fea81ba57a98304cf
already have revision, skipping fetch
# git checkout -q -f -B kisskb 7b55851367136b1efd84d98fea81ba57a98304cf
# git clean -qxdf
# < git log -1
# commit 7b55851367136b1efd84d98fea81ba57a98304cf
# Author: David Herrmann <dh.herrmann@gmail.com>
# Date:   Tue Jan 8 13:58:52 2019 +0100
# 
#     fork: record start_time late
#     
#     This changes the fork(2) syscall to record the process start_time after
#     initializing the basic task structure but still before making the new
#     process visible to user-space.
#     
#     Technically, we could record the start_time anytime during fork(2).  But
#     this might lead to scenarios where a start_time is recorded long before
#     a process becomes visible to user-space.  For instance, with
#     userfaultfd(2) and TLS, user-space can delay the execution of fork(2)
#     for an indefinite amount of time (and will, if this causes network
#     access, or similar).
#     
#     By recording the start_time late, it much closer reflects the point in
#     time where the process becomes live and can be observed by other
#     processes.
#     
#     Lastly, this makes it much harder for user-space to predict and control
#     the start_time they get assigned.  Previously, user-space could fork a
#     process and stall it in copy_thread_tls() before its pid is allocated,
#     but after its start_time is recorded.  This can be misused to later-on
#     cycle through PIDs and resume the stalled fork(2) yielding a process
#     that has the same pid and start_time as a process that existed before.
#     This can be used to circumvent security systems that identify processes
#     by their pid+start_time combination.
#     
#     Even though user-space was always aware that start_time recording is
#     flaky (but several projects are known to still rely on start_time-based
#     identification), changing the start_time to be recorded late will help
#     mitigate existing attacks and make it much harder for user-space to
#     control the start_time a process gets assigned.
#     
#     Reported-by: Jann Horn <jannh@google.com>
#     Signed-off-by: Tom Gundersen <teg@jklm.no>
#     Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
#     Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
# < /opt/cross/kisskb/arcompact-buildroot-2015.08.1/bin/arc-buildroot-linux-uclibc-gcc --version
# < /opt/cross/kisskb/arcompact-buildroot-2015.08.1/bin/arc-buildroot-linux-uclibc-ld --version
# < git log --format=%s --max-count=1 7b55851367136b1efd84d98fea81ba57a98304cf
# < make -s -j 8 ARCH=arc O=/kisskb/build/linus_axs101_defconfig_arcompact CROSS_COMPILE=/opt/cross/kisskb/arcompact-buildroot-2015.08.1/bin/arc-buildroot-linux-uclibc-  axs101_defconfig
# Added to kconfig CONFIG_INITRAMFS_SOURCE=""
# yes \n | make -s -j 8 ARCH=arc O=/kisskb/build/linus_axs101_defconfig_arcompact CROSS_COMPILE=/opt/cross/kisskb/arcompact-buildroot-2015.08.1/bin/arc-buildroot-linux-uclibc-  oldconfig
yes: standard output: Broken pipe
# make -s -j 8 ARCH=arc O=/kisskb/build/linus_axs101_defconfig_arcompact CROSS_COMPILE=/opt/cross/kisskb/arcompact-buildroot-2015.08.1/bin/arc-buildroot-linux-uclibc-  
/kisskb/src/arch/arc/boot/dts/axs10x_mb.dtsi:221.15-225.6: Warning (i2c_bus_reg): /axs10x_mb/i2c@0x1f000/eeprom@0x54: I2C bus unit address format error, expected "54"
/kisskb/src/arch/arc/boot/dts/axs10x_mb.dtsi:227.15-231.6: Warning (i2c_bus_reg): /axs10x_mb/i2c@0x1f000/eeprom@0x57: I2C bus unit address format error, expected "57"
/kisskb/src/arch/arc/mm/tlb.c: In function 'do_tlb_overlap_fault':
/kisskb/src/arch/arc/mm/tlb.c:914:2: warning: variable length array 'pd0' is used [-Wvla]
  unsigned int pd0[mmu->ways];
  ^
In file included from /kisskb/src/mm/memblock.c:13:0:
/kisskb/src/mm/memblock.c: In function '__free_pages_memory':
/kisskb/src/include/linux/kernel.h:846:29: warning: comparison of distinct pointer types lacks a cast [enabled by default]
   (!!(sizeof((typeof(x) *)1 == (typeof(y) *)1)))
                             ^
/kisskb/src/include/linux/kernel.h:860:4: note: in expansion of macro '__typecheck'
   (__typecheck(x, y) && __no_side_effects(x, y))
    ^
/kisskb/src/include/linux/kernel.h:870:24: note: in expansion of macro '__safe_cmp'
  __builtin_choose_expr(__safe_cmp(x, y), \
                        ^
/kisskb/src/include/linux/kernel.h:879:19: note: in expansion of macro '__careful_cmp'
 #define min(x, y) __careful_cmp(x, y, <)
                   ^
/kisskb/src/mm/memblock.c:1889:11: note: in expansion of macro 'min'
   order = min(MAX_ORDER - 1UL, __ffs(start));
           ^
In file included from /kisskb/src/arch/arc/include/asm/atomic.h:16:0,
                 from /kisskb/src/include/linux/atomic.h:7,
                 from /kisskb/src/include/asm-generic/bitops/lock.h:5,
                 from /kisskb/src/arch/arc/include/asm/bitops.h:429,
                 from /kisskb/src/include/linux/bitops.h:19,
                 from /kisskb/src/include/linux/kernel.h:11,
                 from /kisskb/src/include/linux/list.h:9,
                 from /kisskb/src/include/linux/wait.h:7,
                 from /kisskb/src/include/linux/wait_bit.h:8,
                 from /kisskb/src/include/linux/fs.h:6,
                 from /kisskb/src/fs/nfs/nfs3acl.c:2:
/kisskb/src/fs/nfs/nfs3acl.c: In function 'nfs3_abort_get_acl':
/kisskb/src/arch/arc/include/asm/cmpxchg.h:95:29: warning: value computed is not used [-Wunused-value]
 #define cmpxchg(ptr, o, n) ((typeof(*(ptr)))__cmpxchg((ptr), \
                             ^
/kisskb/src/fs/nfs/nfs3acl.c:44:2: note: in expansion of macro 'cmpxchg'
  cmpxchg(p, sentinel, ACL_NOT_CACHED);
  ^
In file included from /kisskb/src/arch/arc/include/asm/atomic.h:16:0,
                 from /kisskb/src/include/linux/atomic.h:7,
                 from /kisskb/src/include/asm-generic/bitops/lock.h:5,
                 from /kisskb/src/arch/arc/include/asm/bitops.h:429,
                 from /kisskb/src/include/linux/bitops.h:19,
                 from /kisskb/src/include/linux/kernel.h:11,
                 from /kisskb/src/include/linux/list.h:9,
                 from /kisskb/src/include/linux/module.h:9,
                 from /kisskb/src/net/core/filter.c:24:
/kisskb/src/net/core/filter.c: In function 'bpf_clear_redirect_map':
/kisskb/src/arch/arc/include/asm/cmpxchg.h:95:29: warning: value computed is not used [-Wunused-value]
 #define cmpxchg(ptr, o, n) ((typeof(*(ptr)))__cmpxchg((ptr), \
                             ^
/kisskb/src/net/core/filter.c:3469:4: note: in expansion of macro 'cmpxchg'
    cmpxchg(&ri->map, map, NULL);
    ^
/kisskb/src/net/ipv4/tcp_input.c: In function 'tcp_data_queue':
/kisskb/src/net/ipv4/tcp_input.c:4324:49: warning: array subscript is above array bounds [-Warray-bounds]
     tp->selective_acks[i-1] = tp->selective_acks[i];
                                                 ^
In file included from /kisskb/src/arch/arc/include/asm/atomic.h:16:0,
                 from /kisskb/src/include/linux/atomic.h:7,
                 from /kisskb/src/include/asm-generic/bitops/lock.h:5,
                 from /kisskb/src/arch/arc/include/asm/bitops.h:429,
                 from /kisskb/src/include/linux/bitops.h:19,
                 from /kisskb/src/include/linux/kernel.h:11,
                 from /kisskb/src/fs/posix_acl.c:13:
/kisskb/src/fs/posix_acl.c: In function 'get_acl':
/kisskb/src/arch/arc/include/asm/cmpxchg.h:95:29: warning: value computed is not used [-Wunused-value]
 #define cmpxchg(ptr, o, n) ((typeof(*(ptr)))__cmpxchg((ptr), \
                             ^
/kisskb/src/fs/posix_acl.c:147:3: note: in expansion of macro 'cmpxchg'
   cmpxchg(p, sentinel, ACL_NOT_CACHED);
   ^
Completed OK
# rm -rf /kisskb/build/linus_axs101_defconfig_arcompact
# Build took: 0:01:19.640784