fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS
authorBen Hutchings <ben@decadent.org.uk>
Wed, 13 Jul 2016 00:37:22 +0000 (01:37 +0100)
committerSalvatore Bonaccorso <carnil@debian.org>
Tue, 28 Sep 2021 04:29:40 +0000 (05:29 +0100)
commit0130d9829a5432e2df5b043cbe5840ab00092e74
treec0893a6edcb549f1d3d514862a8194b38a065d54
parenta1759fe4942ab16d8bac2586c9198faac2f53350
fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS

Forwarded: not-needed

Various free and proprietary AV products use this feature and users
apparently want it.  But punting access checks to userland seems like
an easy way to deadlock the system, and there will be nothing we can
do about that.  So warn and taint the kernel if this feature is
actually used.

Gbp-Pq: Topic debian
Gbp-Pq: Name fanotify-taint-on-use-of-fanotify_access_permissions.patch
fs/notify/fanotify/fanotify_user.c