32 lines
1.1 KiB
Diff
32 lines
1.1 KiB
Diff
From: Ben Hutchings <ben@decadent.org.uk>
|
|
Subject: fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS
|
|
Date: Wed, 13 Jul 2016 01:37:22 +0100
|
|
Forwarded: not-needed
|
|
|
|
Various free and proprietary AV products use this feature and users
|
|
apparently want it. But punting access checks to userland seems like
|
|
an easy way to deadlock the system, and there will be nothing we can
|
|
do about that. So warn and taint the kernel if this feature is
|
|
actually used.
|
|
|
|
---
|
|
Index: linux/fs/notify/fanotify/fanotify_user.c
|
|
===================================================================
|
|
--- linux.orig/fs/notify/fanotify/fanotify_user.c
|
|
+++ linux/fs/notify/fanotify/fanotify_user.c
|
|
@@ -842,6 +842,14 @@ static int do_fanotify_mark(int fanotify
|
|
if (mask & ~valid_mask)
|
|
return -EINVAL;
|
|
|
|
+#ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
|
|
+ if (mask & FAN_ALL_PERM_EVENTS) {
|
|
+ pr_warn_once("%s (%d): Using fanotify permission checks may lead to deadlock; tainting kernel\n",
|
|
+ current->comm, current->pid);
|
|
+ add_taint(TAINT_USER, LOCKDEP_STILL_OK);
|
|
+ }
|
|
+#endif
|
|
+
|
|
f = fdget(fanotify_fd);
|
|
if (unlikely(!f.file))
|
|
return -EBADF;
|