fanotify: Enable FANOTIFY_ACCESS_PERMISSIONS (Closes: #690737)

Various free and proprietary AV products use this feature and users apparently want it. But punting access checks to userland seems like an easy way to deadlock the system, and there will be nothing we can do about that. So warn and taint the kernel if this feature is actually used.
2016-07-13 01:47:58 +01:00 · 2016-07-13 01:47:58 +01:00 · 38ec618a21
parent 5e52b9de5c
commit 38ec618a21
5 changed files with 40 additions and 1 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -15,6 +15,8 @@ linux (4.7~rc6-1~exp1) UNRELEASED; urgency=medium
  * [amd64] power: Fix crash whan the hibernation code passes control to the
    image kernel
  * [x86] KASLR, power: Remove x86 hibernation restrictions
+  * fanotify: Enable FANOTIFY_ACCESS_PERMISSIONS (Closes: #690737)
+    - Warn and taint kernel if this feature is actually used

  [ Bastian Blank ]
  * Mark debug symbols packages to move them into the debug archive.
--- a/debian/config/armel/config.marvell
+++ b/debian/config/armel/config.marvell
@ -663,6 +663,11 @@ CONFIG_ORION_WATCHDOG=m
 ##
 # CONFIG_FS_DAX is not set

+##
+## file: fs/notify/fanotify/Kconfig
+##
+# CONFIG_FANOTIFY_ACCESS_PERMISSIONS is not set
+
 ##
 ## file: init/Kconfig
 ##
--- a/debian/config/config
+++ b/debian/config/config
@ -5319,7 +5319,7 @@ CONFIG_DNOTIFY=y
 ## file: fs/notify/fanotify/Kconfig
 ##
 CONFIG_FANOTIFY=y
-# CONFIG_FANOTIFY_ACCESS_PERMISSIONS is not set
+CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y

 ##
 ## file: fs/notify/inotify/Kconfig
--- a/debian/patches/debian/fanotify-taint-on-use-of-fanotify_access_permissions.patch
+++ b/debian/patches/debian/fanotify-taint-on-use-of-fanotify_access_permissions.patch
@ -0,0 +1,29 @@
+From: Ben Hutchings <ben@decadent.org.uk>
+Subject: fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS
+Date: Wed, 13 Jul 2016 01:37:22 +0100
+Forwarded: not-needed
+
+Various free and proprietary AV products use this feature and users
+apparently want it.  But punting access checks to userland seems like
+an easy way to deadlock the system, and there will be nothing we can
+do about that.  So warn and taint the kernel if this feature is
+actually used.
+
+---
+--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify/fanotify_user.c
+@@ -847,6 +847,14 @@ SYSCALL_DEFINE5(fanotify_mark, int, fano
+ #endif
+ 		return -EINVAL;
+ 
+#ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
+	if (mask & FAN_ALL_PERM_EVENTS) {
+		pr_warn_once("%s (%d): Using fanotify permission checks may lead to deadlock; tainting kernel\n",
+			     current->comm, current->pid);
+		add_taint(TAINT_USER, LOCKDEP_STILL_OK);
+	}
+#endif
+
+ 	f = fdget(fanotify_fd);
+ 	if (unlikely(!f.file))
+ 		return -EBADF;
--- a/debian/patches/series
+++ b/debian/patches/series
@ -43,6 +43,9 @@ debian/cdc_ncm-cdc_mbim-use-ncm-by-default.patch
 debian/snd-pcsp-disable-autoload.patch
 bugfix/x86/viafb-autoload-on-olpc-xo1.5-only.patch

+# Taint if dangerous features are used
+debian/fanotify-taint-on-use-of-fanotify_access_permissions.patch
+
 # Arch bug fixes
 bugfix/x86/x86-power-64-fix-crash-whan-the-hibernation-code-pas.patch