fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS
authorBen Hutchings <ben@decadent.org.uk>
Wed, 13 Jul 2016 00:37:22 +0000 (01:37 +0100)
committerSalvatore Bonaccorso <carnil@debian.org>
Sun, 30 Mar 2025 14:50:14 +0000 (16:50 +0200)
commit5e15c582a999b6fbdddc7f160fa1abeb9e4a521a
treed1cc2f5f1de59a4a66704911d885f65581f1951f
parentae3fdc59cf011e8b8afebc3c9ca6dd1efab5924d
fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS

Forwarded: not-needed

Various free and proprietary AV products use this feature and users
apparently want it.  But punting access checks to userland seems like
an easy way to deadlock the system, and there will be nothing we can
do about that.  So warn and taint the kernel if this feature is
actually used.

Gbp-Pq: Topic debian
Gbp-Pq: Name fanotify-taint-on-use-of-fanotify_access_permissions.patch
fs/notify/fanotify/fanotify_user.c