projects / pve-kernel.git / blame
| Commit | Line | Data |
|---|---|---|
| 8f06837c TL |
1 | From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 |
| 2 | From: Thomas Lamprecht <t.lamprecht@proxmox.com> | |
| 3 | Date: Mon, 6 Nov 2023 10:17:02 +0100 | |
| 4 | Subject: [PATCH] revert "memfd: improve userspace warnings for missing | |
| 5 | exec-related flags". | |
| 6 | ||
| 7 | This warning is telling userspace developers to pass MFD_EXEC and | |
| 8 | MFD_NOEXEC_SEAL to memfd_create(). Commit 434ed3350f57 ("memfd: improve | |
| 9 | userspace warnings for missing exec-related flags") made the warning more | |
| 10 | frequent and visible in the hope that this would accelerate the fixing of | |
| 11 | errant userspace. | |
| 12 | ||
| 13 | But the overall effect is to generate far too much dmesg noise. | |
| 14 | ||
| 15 | Fixes: 434ed3350f57 ("memfd: improve userspace warnings for missing exec-related flags") | |
| 16 | Reported-by: Damian Tometzki <dtometzki@fedoraproject.org> | |
| 17 | Closes: https://lkml.kernel.org/r/ZPFzCSIgZ4QuHsSC@fedora.fritz.box | |
| 18 | Cc: Aleksa Sarai <cyphar@cyphar.com> | |
| 19 | Cc: Christian Brauner <brauner@kernel.org> | |
| 20 | Cc: Daniel Verkamp <dverkamp@chromium.org> | |
| 21 | Cc: Jeff Xu <jeffxu@google.com> | |
| 22 | Cc: Kees Cook <keescook@chromium.org> | |
| 23 | Cc: Shuah Khan <shuah@kernel.org> | |
| 24 | Cc: <stable@vger.kernel.org> | |
| 25 | Signed-off-by: Andrew Morton <akpm@linux-foundation.org> | |
| 26 | (cherry picked from commit 2562d67b1bdf91c7395b0225d60fdeb26b4bc5a0) | |
| 27 | Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> | |
| 28 | --- | |
| 29 | mm/memfd.c | 2 +- | |
| 30 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
| 31 | ||
| 32 | diff --git a/mm/memfd.c b/mm/memfd.c | |
| 33 | index 2dba2cb6f0d0..1c077e98e116 100644 | |
| 34 | --- a/mm/memfd.c | |
| 35 | +++ b/mm/memfd.c | |
| 36 | @@ -282,7 +282,7 @@ static int check_sysctl_memfd_noexec(unsigned int *flags) | |
| 37 | } | |
| 38 | ||
| 39 | if (!(*flags & MFD_NOEXEC_SEAL) && sysctl >= MEMFD_NOEXEC_SCOPE_NOEXEC_ENFORCED) { | |
| 40 | - pr_err_ratelimited( | |
| 41 | + pr_warn_once( | |
| 42 | "%s[%d]: memfd_create() requires MFD_NOEXEC_SEAL with vm.memfd_noexec=%d\n", | |
| 43 | current->comm, task_pid_nr(current), sysctl); | |
| 44 | return -EACCES; |