On Fri, Jan 8, 2021 at 5:22 PM Lokesh Gidra <lokeshgidra@xxxxxxxxxx> wrote: > > Userfaultfd in unprivileged contexts could be potentially very > useful. We'd like to harden userfaultfd to make such unprivileged use > less risky. This patch series allows SELinux to manage userfaultfd > file descriptors and in the future, other kinds of > anonymous-inode-based file descriptor. ... > Daniel Colascione (3): > fs: add LSM-supporting anon-inode interface > selinux: teach SELinux about anonymous inodes > userfaultfd: use secure anon inodes for userfaultfd > > Lokesh Gidra (1): > security: add inode_init_security_anon() LSM hook > > fs/anon_inodes.c | 150 ++++++++++++++++++++-------- > fs/libfs.c | 5 - > fs/userfaultfd.c | 19 ++-- > include/linux/anon_inodes.h | 5 + > include/linux/lsm_hook_defs.h | 2 + > include/linux/lsm_hooks.h | 9 ++ > include/linux/security.h | 10 ++ > security/security.c | 8 ++ > security/selinux/hooks.c | 57 +++++++++++ > security/selinux/include/classmap.h | 2 + > 10 files changed, 213 insertions(+), 54 deletions(-) With several rounds of reviews done and the corresponding SELinux test suite looking close to being ready I think it makes sense to merge this via the SELinux tree. VFS folks, if you have any comments or objections please let me know soon. If I don't hear anything within the next day or two I'll go ahead and merge this for linux-next. Thanks. -- paul moore www.paul-moore.com
