fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS
authorBen Hutchings <ben@decadent.org.uk>
Wed, 13 Jul 2016 00:37:22 +0000 (01:37 +0100)
committerBen Hutchings <benh@debian.org>
Sat, 23 Jul 2022 16:29:57 +0000 (17:29 +0100)
commit920c25c1fd7050174386a33f12e9cde456fe62ad
tree48747ab6826b5c98c18749d163e2cdb1572b3d83
parent38a72b5eb23f9c5d1e730a87a023794a59afd5d7
fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS

Forwarded: not-needed

Various free and proprietary AV products use this feature and users
apparently want it.  But punting access checks to userland seems like
an easy way to deadlock the system, and there will be nothing we can
do about that.  So warn and taint the kernel if this feature is
actually used.

Gbp-Pq: Topic debian
Gbp-Pq: Name fanotify-taint-on-use-of-fanotify_access_permissions.patch
fs/notify/fanotify/fanotify_user.c