Re: [PATCH v2 0/6] Harden userfaultfd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2/11/20 6:27 PM, Daniel Colascione wrote:
On Tue, Feb 11, 2020 at 3:13 PM Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:

On 2/11/2020 2:55 PM, Daniel Colascione wrote:
Userfaultfd in unprivileged contexts could be potentially very
useful. We'd like to harden userfaultfd to make such unprivileged use
less risky. This patch series allows SELinux to manage userfaultfd
file descriptors and allows administrators to limit userfaultfd to
servicing user-mode faults, increasing the difficulty of using
userfaultfd in exploit chains invoking delaying kernel faults.

A new anon_inodes interface allows callers to opt into SELinux
management of anonymous file objects. In this mode, anon_inodes
creates new ephemeral inodes for anonymous file objects instead of
reusing a singleton dummy inode. A new LSM hook gives security modules
an opportunity to configure and veto these ephemeral inodes.

Existing anon_inodes users must opt into the new functionality.

Daniel Colascione (6):
   Add a new flags-accepting interface for anonymous inodes
   Add a concept of a "secure" anonymous file
   Teach SELinux about a new userfaultfd class
   Wire UFFD up to SELinux
   Let userfaultfd opt out of handling kernel-mode faults
   Add a new sysctl for limiting userfaultfd to user mode faults

This must be posted to the linux Security Module list
<linux-security-module@xxxxxxxxxxxxxxx>

Added. I thought selinux@ was sufficient.

scripts/get_maintainer.pl can be helpful in identifying relevant lists and maintainers for each patch. I don't use its output blindly as it tends to over-approximate but since your patches span the VFS, LSM framework, and selinux, you do need to include relevant maintainers/lists for each.



[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux