author: Mike Rapoport <rppt@linux.ibm.com> 2019-11-30 17:58:01 -0800
committer: Linus Torvalds <torvalds@linux-foundation.org> 2019-12-01 12:59:10 -0800
commit: 3c1c24d91ffd536de0a64688a9df7f49e58fadbc
parent: 9d4678eb170c4c632174d1fec8ecee31c2f314f9
Commit Summary:
Diffstat:
1 file changed, 11 insertions, 7 deletions
diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c
index d90c4c5aa3cc..90acd2812ea7 100644
--- a/fs/userfaultfd.c
+++ b/fs/userfaultfd.c
@@ -1835,13 +1835,12 @@ static int userfaultfd_api(struct userfaultfd_ctx *ctx,
if (copy_from_user(&uffdio_api, buf, sizeof(uffdio_api)))
goto out;
features = uffdio_api.features;
- if (uffdio_api.api != UFFD_API || (features & ~UFFD_API_FEATURES)) {
- memset(&uffdio_api, 0, sizeof(uffdio_api));
- if (copy_to_user(buf, &uffdio_api, sizeof(uffdio_api)))
- goto out;
- ret = -EINVAL;
- goto out;
- }
+ ret = -EINVAL;
+ if (uffdio_api.api != UFFD_API || (features & ~UFFD_API_FEATURES))
+ goto err_out;
+ ret = -EPERM;
+ if ((features & UFFD_FEATURE_EVENT_FORK) && !capable(CAP_SYS_PTRACE))
+ goto err_out;
/* report all available features and ioctls to userland */
uffdio_api.features = UFFD_API_FEATURES;
uffdio_api.ioctls = UFFD_API_IOCTLS;
@@ -1854,6 +1853,11 @@ static int userfaultfd_api(struct userfaultfd_ctx *ctx,
ret = 0;
out:
return ret;
+err_out:
+ memset(&uffdio_api, 0, sizeof(uffdio_api));
+ if (copy_to_user(buf, &uffdio_api, sizeof(uffdio_api)))
+ ret = -EFAULT;
+ goto out;
}
static long userfaultfd_ioctl(struct file *file, unsigned cmd,