Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c0f4be83 authored by Ondrej Mosnacek's avatar Ondrej Mosnacek Committed by Greg Kroah-Hartman
Browse files

userfaultfd: open userfaultfds with O_RDONLY 

[ Upstream commit abec3d015fdfb7c63105c7e1c956188bf381aa55 ]

Since userfaultfd doesn't implement a write operation, it is more
appropriate to open it read-only.

When userfaultfds are opened read-write like it is now, and such fd is
passed from one process to another, SELinux will check both read and
write permissions for the target process, even though it can't actually
do any write operation on the fd later.

Inspired by the following bug report, which has hit the SELinux scenario
described above:
https://bugzilla.redhat.com/show_bug.cgi?id=1974559



Reported-by: default avatarRobert O'Callahan <roc@ocallahan.org>
Fixes: 86039bd3 ("userfaultfd: add new syscall to provide memory externalization")
Signed-off-by: default avatarOndrej Mosnacek <omosnace@redhat.com>
Acked-by: default avatarPeter Xu <peterx@redhat.com>
Acked-by: default avatarChristian Brauner (Microsoft) <brauner@kernel.org>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent 29d0c45c
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment