[PATCH 0/1] userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK

From: Mike Rapoport
Date: Tue Nov 05 2019 - 10:30:00 EST

Next message: Sven Van Asbroeck: "Re: [PATCH 2/2] Input: ili210x - add ILI2117 support"
Previous message: Linus Walleij: "Re: [PATCH] drm/bridge: ti-tfp410: switch to using fwnode_gpiod_get_index()"
Next in thread: Mike Rapoport: "[PATCH 1/1] userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

A while ago Andy noticed [1] that UFFD_FEATURE_EVENT_FORK used by an
unprivileged user may have security implications.

As the first step of the solution the following patch limits the
availably of UFFD_FEATURE_EVENT_FORK only for those having CAP_SYS_PTRACE.

The usage of CAP_SYS_PTRACE ensures compatibility with CRIU.

Yet, if there are other users of non-cooperative userfaultfd that run
without CAP_SYS_PTRACE, they would be broken :(

[1] https://lore.kernel.org/lkml/CALCETrWY+5ynDct7eU_nDUqx=okQvjm=Y5wJvA4ahBja=CQXGw@xxxxxxxxxxxxxx

Mike Rapoport (1):
userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK

fs/userfaultfd.c | 18 +++++++++++-------
1 file changed, 11 insertions(+), 7 deletions(-)

--
2.7.4

Next message: Sven Van Asbroeck: "Re: [PATCH 2/2] Input: ili210x - add ILI2117 support"
Previous message: Linus Walleij: "Re: [PATCH] drm/bridge: ti-tfp410: switch to using fwnode_gpiod_get_index()"
Next in thread: Mike Rapoport: "[PATCH 1/1] userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]