[RESEND][RFC PATCH 0/6] Fork brute force attack mitigation (fbfam)

John Wood john.wood at gmx.com
Fri Sep 11 14:48:06 UTC 2020


Hi,

On Thu, Sep 10, 2020 at 04:58:29PM -0700, Kees Cook wrote:
> On Thu, Sep 10, 2020 at 01:21:01PM -0700, Kees Cook wrote:
> > From: John Wood <john.wood at gmx.com>
> >
> > The goal of this patch serie is to detect and mitigate a fork brute force
> > attack.
>
> Thanks for this RFC! I'm excited to get this problem finally handled in
> the kernel. Hopefully the feedback is useful. :)

Kees and Jann,

Thank you very much for your comments and advices. I'm a newbie in the
linux kernel development and this is my first attempt. So, I would prefer
to study all your comments before to reply since a big amount of terms
you expose are unknown to me.

In other words, a late reply to this serie comments is not a lack of
interest. Moreover, I think it would be better that I try to understand and
to implement your ideas before anything else.

My original patch serie is composed of 9 patches, so the 3 lasts are lost.
Kees: Have you removed them for some reason? Can you send them for review?

security/fbfam: Add two new prctls to enable and disable the fbfam feature
https://github.com/johwood/linux/commit/8a36399847213e7eb7b45b853568a53666bd0083

Documentation/security: Add documentation for the fbfam feature
https://github.com/johwood/linux/commit/fb46804541f5c0915f3f48acefbe6dc998815609

MAINTAINERS: Add a new entry for the fbfam feature
https://github.com/johwood/linux/commit/4303bc8935334136c6ef47b5e50b87cd2c472c1f

Is there a problem if I ask for some guidance (replying to this thread)
during the process to do my second patch series?

My goal is to learn as much as possible doing something useful for the
linux kernel.

Thanks a lot,
John Wood

> --
> Kees Cook



More information about the Linux-security-module-archive mailing list