iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs
History
Ondrej Mosnacek 6e4be747f1 userfaultfd: open userfaultfds with O_RDONLY 
[ Upstream commit abec3d015fdfb7c63105c7e1c956188bf381aa55 ]

Since userfaultfd doesn't implement a write operation, it is more
appropriate to open it read-only.

When userfaultfds are opened read-write like it is now, and such fd is
passed from one process to another, SELinux will check both read and
write permissions for the target process, even though it can't actually
do any write operation on the fd later.

Inspired by the following bug report, which has hit the SELinux scenario
described above:
https://bugzilla.redhat.com/show_bug.cgi?id=1974559

Reported-by: Robert O'Callahan <roc@ocallahan.org>
Fixes: 86039bd3b4e6 ("userfaultfd: add new syscall to provide memory externalization")
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Acked-by: Peter Xu <peterx@redhat.com>
Acked-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-10-26 13:25:17 +02:00
..
9p
9p: missing chunk of "fs/9p: Don't update file type when updating file attributes"
2022-06-22 14:13:12 +02:00
adfs
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2020-10-24 12:26:05 -07:00
affs
fs/affs: release old buffer head on error path
2021-03-04 11:38:37 +01:00
afs
afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked
2022-09-23 14:17:00 +02:00
autofs
autofs: harden ioctl table
2020-10-16 11:11:22 -07:00
befs
[PATCH] reduce boilerplate in fsid handling
2020-09-18 16:45:50 -04:00
bfs
bfs: don't use WARNING: string when it's just info.
2021-01-06 14:56:52 +01:00
btrfs
btrfs: fix race between quota enable and quota rescan ioctl
2022-10-26 13:25:12 +02:00
cachefiles
fs/cachefiles: Remove wait_bit_key layout dependency
2021-03-30 14:32:07 +02:00
ceph
ceph: don't truncate file in atomic_open
2022-10-15 07:55:50 +02:00
cifs
smb3: must initialize two ACL struct fields to zero
2022-10-26 13:25:17 +02:00
coda
configfs
configfs: fix a race in configfs_{,un}register_subsystem()
2022-03-02 11:42:52 +01:00
cramfs
[PATCH] reduce boilerplate in fsid handling
2020-09-18 16:45:50 -04:00
crypto
fscrypt: allow 256-bit master keys with AES-256-XTS
2021-11-18 14:03:54 +01:00
debugfs
debugfs: add debugfs_lookup_and_remove()
2022-09-15 11:32:03 +02:00
devpts
fsnotify: fix fsnotify hooks in pseudo filesystems
2022-02-01 17:25:39 +01:00
dlm
fs: dlm: handle -EBUSY first in lock arg validation
2022-10-26 13:25:08 +02:00
ecryptfs
Revert "ecryptfs: replace BUG_ON with error handling code"
2021-05-26 12:06:55 +02:00
efivarfs
efivarfs: revert "fix memory leak in efivarfs_create()"
2020-11-25 16:55:02 +01:00
efs
[PATCH] reduce boilerplate in fsid handling
2020-09-18 16:45:50 -04:00
erofs
erofs: avoid consecutive detection for Highmem memory
2022-08-21 15:15:35 +02:00
exfat
exfat: check if cluster num is valid
2022-06-06 08:42:42 +02:00
exportfs
ext2
ext2: Add more validity checks for inode counts
2022-08-21 15:15:28 +02:00
ext4
ext4: update 'state->fc_regions_size' after successful memory allocation
2022-10-26 13:25:14 +02:00
f2fs
f2fs: fix to do sanity check on summary info
2022-10-26 13:25:12 +02:00
fat
fat: add ratelimit to fat*_ent_bread()
2022-06-09 10:20:58 +02:00
freevxfs
fscache
fscache: Fix cookie key hashing
2021-09-18 13:40:15 +02:00
fuse
fuse: Remove the control interface for virtio-fs
2022-08-21 15:16:10 +02:00
gfs2
gfs2: use i_lock spin_lock for inode qadata
2022-06-09 10:20:57 +02:00
hfs
hfs: add lock nesting notation to hfs_find_init
2021-07-31 08:16:12 +02:00
hfsplus
hfsplus: prevent corruption in shrinking truncate
2021-05-19 10:13:10 +02:00
hostfs
hostfs: fix memory handling in follow_link()
2021-04-14 08:42:06 +02:00
hpfs
[PATCH] reduce boilerplate in fsid handling
2020-09-18 16:45:50 -04:00
hugetlbfs
mm, hugetlb: allow for "high" userspace addresses
2022-04-27 13:53:54 +02:00
iomap
xfs: use current->journal_info for detecting transaction recursion
2022-07-07 17:52:19 +02:00
isofs
isofs: Fix out of bound access for corrupted isofs image
2021-11-12 14:58:33 +01:00
jbd2
jbd2: add miss release buffer head in fc_do_one_pass()
2022-10-26 13:25:13 +02:00
jffs2
jffs2: fix memory leak in jffs2_do_fill_super
2022-06-14 18:32:35 +02:00
jfs
fs: jfs: fix possible NULL pointer dereference in dbFree()
2022-06-09 10:20:57 +02:00
kernfs
kernfs: Separate kernfs_pr_cont_buf and rename_lock.
2022-06-14 18:32:43 +02:00
lockd
lockd: lockd server-side shouldn't set fl_ops
2021-09-18 13:40:30 +02:00
minix
minix: fix bug when opening a file with O_DIRECT
2022-04-13 21:01:01 +02:00
nfs
NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0
2022-09-23 14:16:57 +02:00
nfs_common
nfs_common: need lock during iterate through the list
2020-12-30 11:53:45 +01:00
nfsd
NFSD: Fix verifier returned in stable WRITEs
2022-09-15 11:32:02 +02:00
nilfs2
nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
2022-10-15 07:55:50 +02:00
nls
notify
fsnotify: fix wrong lockdep annotations
2022-06-09 10:21:03 +02:00
ntfs
ntfs: fix BUG_ON in ntfs_lookup_inode_by_name()
2022-10-05 10:38:39 +02:00
ocfs2
Revert "ocfs2: mount shared volume without ha stack"
2022-08-03 12:00:43 +02:00
omfs
fs: omfs: use kmemdup() rather than kmalloc+memcpy
2020-09-22 23:39:45 -04:00
openpromfs
orangefs
orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
2022-01-20 09:17:50 +01:00
overlayfs
ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh()
2022-08-21 15:15:23 +02:00
proc
mm/smaps: don't access young/dirty bit if pte unpresent
2022-08-31 17:15:16 +02:00
pstore
pstore: Don't use semaphores in always-atomic-context code
2022-04-08 14:39:56 +02:00
qnx4
qnx4: work around gcc false positive warning bug
2021-09-30 10:11:08 +02:00
qnx6
[PATCH] reduce boilerplate in fsid handling
2020-09-18 16:45:50 -04:00
quota
quota: Check next/prev free block number after reading from quota file
2022-10-26 13:25:09 +02:00
ramfs
ramfs: fix nommu mmap with gaps in the page cache
2020-10-16 11:11:22 -07:00
reiserfs
reiserfs: check directory items on read from disk
2021-08-12 13:22:19 +02:00
romfs
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2020-10-24 12:26:05 -07:00
squashfs
squashfs: fix divide error in calculate_skip()
2021-05-19 10:13:10 +02:00
sysfs
sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
2020-10-02 12:02:30 +02:00
sysv
[PATCH] reduce boilerplate in fsid handling
2020-09-18 16:45:50 -04:00
tracefs
tracefs: Only clobber mode/uid/gid on remount if asked
2022-09-20 12:38:31 +02:00
ubifs
ubifs: Rectify space amount budget for mkdir/tmpfile operations
2022-04-13 21:00:53 +02:00
udf
udf: Fix NULL ptr deref when converting from inline format
2022-02-01 17:25:39 +01:00
ufs
Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2020-10-24 12:26:05 -07:00
unicode
vboxsf
vboxfs: fix broken legacy mount signature checking
2021-10-17 10:43:33 +02:00
verity
fs-verity: fix signed integer overflow with i_size near S64_MAX
2021-10-06 15:55:46 +02:00
xfs
xfs: validate inode fork size against fork format
2022-09-28 11:10:29 +02:00
zonefs
zonefs: fix zonefs_iomap_begin() for reads
2022-06-25 15:16:08 +02:00
aio.c
aio: fix use-after-free due to missing POLLFREE handling
2021-12-14 11:32:40 +01:00
anon_inodes.c
attr.c
vfs: Check the truncate maximum size in inode_newsize_ok()
2022-08-21 15:15:22 +02:00
bad_inode.c
binfmt_aout.c
binfmt_elf_fdpic.c
coredump: Snapshot the vmas in do_coredump
2022-04-08 14:40:44 +02:00
binfmt_elf.c
coredump: Use the vma snapshot in fill_files_note
2022-04-08 14:40:45 +02:00
binfmt_em86.c
binfmt_flat.c
binfmt_flat: do not stop relocating GOT entries prematurely on riscv
2022-06-09 10:20:47 +02:00
binfmt_misc.c
binfmt_misc: fix possible deadlock in bm_register_write
2021-03-17 17:06:35 +01:00
binfmt_script.c
block_dev.c
block: fix a race between del_gendisk and BLKRRPART
2021-06-03 09:00:45 +02:00
buffer.c
mm, memcg: rework remote charging API to support nesting
2020-10-18 09:27:09 -07:00
char_dev.c
compat_binfmt_elf.c
coredump.c
coredump: Use the vma snapshot in fill_files_note
2022-04-08 14:40:45 +02:00
d_path.c
fs: fix NULL dereference due to data race in prepend_path()
2020-10-14 14:54:45 -07:00
dax.c
dax: fix cache flush on PMD-mapped pages
2022-06-09 10:21:16 +02:00
dcache.c
dcookies.c
direct-io.c
fs: direct-io: fix missing sdio->boundary
2021-04-14 08:41:58 +02:00
drop_caches.c
eventfd.c
eventpoll.c
epoll: autoremove wakers even more aggressively
2022-08-21 15:15:28 +02:00
exec.c
posix-cpu-timers: Cleanup CPU timers before freeing them during exec
2022-08-21 15:16:14 +02:00
fcntl.c
fcntl: fix potential deadlock for &fasync_struct.fa_lock
2021-09-15 09:50:27 +02:00
fhandle.c
file_table.c
SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
2022-05-18 10:23:48 +02:00
file.c
fs: fix fd table size alignment properly
2022-04-08 14:40:30 +02:00
filesystems.c
fs_context.c
memcg: charge fs_context and legacy_fs_context
2022-02-08 18:30:36 +01:00
fs_parser.c
fs_parse: mark fs_param_bad_value() as static
2020-10-13 18:38:27 -07:00
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c
fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages
2022-06-09 10:21:22 +02:00
fsopen.c
init.c
inode.c
fs: fix UAF/GPF bug in nilfs_mdt_destroy
2022-10-15 07:55:51 +02:00
internal.h
cgroup1: fix leaked context root causing sporadic NULL deref in LTP
2021-07-31 08:16:11 +02:00
io_uring.c
io_uring: disable polling pollfree files
2022-09-05 10:28:58 +02:00
io-wq.c
io-wq: fix wakeup race when adding new work
2021-09-18 13:40:06 +02:00
io-wq.h
io_uring: always batch cancel in *cancel_files()
2021-02-13 13:54:56 +01:00
ioctl.c
fs: fix an infinite loop in iomap_fiemap
2022-05-25 09:17:54 +02:00
Kconfig
tmpfs: disallow CONFIG_TMPFS_INODE64 on alpha
2021-02-17 11:02:21 +01:00
Kconfig.binfmt
kernel_read_file.c
vfs: check fd has read access in kernel_read_file_from_fd()
2021-10-27 09:56:51 +02:00
libfs.c
libfs: fix error cast of negative value in simple_attr_write()
2020-11-22 10:48:22 -08:00
locks.c
Revert "nfsd4: a client's own opens needn't prevent delegations"
2021-03-20 10:43:44 +01:00
Makefile
Refactored code for 5.10:
2020-10-23 11:33:41 -07:00
mbcache.c
mount.h
mpage.c
namei.c
__follow_mount_rcu(): verify that mount_lock remains unchanged
2022-08-21 15:16:15 +02:00
namespace.c
fs: warn about impending deprecation of mandatory locks
2021-08-26 08:35:57 -04:00
no-block.c
nsfs.c
open.c
open: don't silently ignore unknown O-flags in openat2()
2021-07-14 16:55:59 +02:00
pipe.c
pipe: Fix missing lock in pipe_resize_ring()
2022-06-06 08:42:41 +02:00
pnode.c
pnode.h
mount: fix mounting of detached mounts onto targets that reside on shared mounts
2021-03-17 17:06:13 +01:00
posix_acl.c
proc_namespace.c
proc mountinfo: make splice available again
2020-12-30 11:54:02 +01:00
read_write.c
Refactored code for 5.10:
2020-10-23 11:33:41 -07:00
readdir.c
readdir: make sure to verify directory entry for legacy interfaces too
2021-04-21 13:00:54 +02:00
remap_range.c
fs/remap: constrain dedupe of EOF blocks
2022-07-21 21:20:01 +02:00
select.c
select: Fix indefinitely sleeping task in poll_schedule_timeout()
2022-01-29 10:26:11 +01:00
seq_file.c
seq_file: disallow extremely large seq buffer allocations
2021-07-20 16:05:59 +02:00
signalfd.c
io_uring: disable polling pollfree files
2022-09-05 10:28:58 +02:00
splice.c
Revert "fs: check FMODE_LSEEK to control internal pipe splicing"
2022-10-17 17:26:07 +02:00
stack.c
stat.c
stat: fix inconsistency between struct stat and struct compat_stat
2022-04-27 13:53:54 +02:00
statfs.c
super.c
vfs: make freeze_super abort when sync_filesystem returns error
2022-02-23 12:00:59 +01:00
sync.c
vfs: make sync_filesystem return errors from ->sync_fs
2022-08-31 17:15:14 +02:00
timerfd.c
userfaultfd.c
userfaultfd: open userfaultfds with O_RDONLY
2022-10-26 13:25:17 +02:00
utimes.c
xattr.c
fs/xattr.c: fix kernel-doc warnings for setxattr & removexattr
2020-10-13 18:38:27 -07:00