Commit ea4fdc3b authored by Daniel Colascione's avatar Daniel Colascione Committed by Alistair Delva
Browse files

UPSTREAM: userfaultfd: use secure anon inodes for userfaultfd 



This change gives userfaultfd file descriptors a real security
context, allowing policy to act on them.

Signed-off-by: default avatarDaniel Colascione <dancol@google.com>
[LG: Remove owner inode from userfaultfd_ctx]
[LG: Use anon_inode_getfd_secure() in userfaultfd syscall]
[LG: Use inode of file in userfaultfd_read() in resolve_userfault_fork()]
Signed-off-by: default avatarLokesh Gidra <lokeshgidra@google.com>
Reviewed-by: default avatarEric Biggers <ebiggers@google.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
(cherry picked from commit b537900f)
Signed-off-by: default avatarLokesh Gidra <lokeshgidra@google.com>
Bug: 160737021
Bug: 169683130
Change-Id: Ifd3faca4058bd9e4c51767aa0246e1c53ad410d4
parent 16fe3625
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment