This brings in several patches needed to add support for a
memfd_create() syscall into kernel version 3.4 from kernel
version 3.17. This is required for running lxc >= 3.1.0-r1
with security patch that fixes CVE-2019-5736.
In short, security issue was: in a privileged container root
process could overwrite lxc-start executable by opening its
file descriptor and rewriting executable contents. This is
where memfd comes to help: you can create an in-memory file,
copy your executable there, and place a set of SEALS to protect
it from modifying at a deep level. Then you fexecve() that fd
and you're safe.
For example, pulseaudio also can benefit from having
memfd_create() implemented.
This backports the following commits from upstream linux:
- dd37978c50bc8b354e5c4633f69387f16572fdac: cache the value
of file_inode() in struct file
commit from linux-3.10 to have an f_inode member inside
struct file and a helper function file_inode() that is
used in some of the following commits
- 40e041a2c858b3caefc757e26cb85bfceae5062b shm: add sealing API
from 3.17: security measure called SEALS, that you can put
on memfd file to restrict operations on it
- 9183df25fe7b194563db3fec6dc3202a5855839c shm: add memfd_create()
syscall
also from 3.17
- 503e6636b6f96056210062be703356f4253b6db9 asm-generic: add
memfd_create system call to unistd.h
- e57e41931134e09fc6c03c8d4eb19d516cc6e59b ARM: wire up
memfd_create syscall
The last two are needed to make the syscall visible/usable from
userspace, one in generic context, other for ARM arch.
The test program (https://github.com/minlexx/test_memfd/) was
written to verify that this works.
[ci:skip-build]: already built successfully in CI
2fb18b5d30