On Sat, Oct 10, 2020 at 11:24:55PM -0700, Lokesh Gidra wrote: > userfaultfd handles page faults from both user and kernel code. > Add a new UFFD_USER_MODE_ONLY flag for userfaultfd(2) that makes > the resulting userfaultfd object refuse to handle faults from kernel > mode, treating these faults as if SIGBUS were always raised, causing > the kernel code to fail with EFAULT. > > A future patch adds a knob allowing administrators to give some > processes the ability to create userfaultfd file objects only if they > pass UFFD_USER_MODE_ONLY, reducing the likelihood that these processes > will exploit userfaultfd's ability to delay kernel page faults to open > timing windows for future exploits. > > Signed-off-by: Daniel Colascione <dancol@xxxxxxxxxx> > Signed-off-by: Lokesh Gidra <lokeshgidra@xxxxxxxxxx> Reviewed-by: Andrea Arcangeli <aarcange@xxxxxxxxxx>
