Feature #17196: Disable unprivileged userfaultfd

Feature #17196

Disable unprivileged userfaultfd

Added by cypherpunks 2019-10-27 22:21:10 . Updated 2019-11-11 15:51:00 .

Status:

Resolved

Priority:

Normal

Assignee:

intrigeri

Category:

Target version:

Tails_4.1

Start date:

Due date:

% Done:

100%

Feature Branch:

feature/17196-disable-unprivileged-userfaultfd+force-all-tests

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

The userfaultfd() syscall has had numerous security issues ever since it was released. It is of no use to Tails, so it should be disabled for security. Linux recently provided the option to restrict this syscall to the root user to mitigate the security issues. This can be done by setting the sysctl vm.unprivileged_userfaultfd to 0. This feature request is similar to related sysctl hardening tickets like ~~Feature #11827~~, ~~Feature #11840~~, ~~Feature #11421~~, and Feature #12025.

Subtasks

History

#1 Updated by intrigeri 2019-10-31 11:38:57

Status changed from New to Confirmed

This proposal makes sense to me. It would be sweet if someone ran our full test suite on an image with this implemented, to check that it does not break anything (at the moment Debian’s codesearch is broken so I can’t check where this syscall is used).

#2 Updated by denkxor 2019-11-03 19:52:06

Added the new option here: https://gitlab.com/denkxor/tails/commit/52fca4d1710fd73126f43360412e0a2e4c177e2e

#3 Updated by denkxor 2019-11-03 21:12:58

Status changed from Confirmed to In Progress

Applied in changeset commit:tails|469f7de47512d081dbcd8034ad6aa14efcf81efb.

#4 Updated by segfault 2019-11-03 22:09:00

Feature Branch set to feature/17196-disable-unprivileged-userfaultfd

denkxor wrote:
> Added the new option here: https://gitlab.com/denkxor/tails/commit/52fca4d1710fd73126f43360412e0a2e4c177e2e

Thanks! I cherry-picked your commit to a new branch on tails.git (based on the stable branch, so that we could release it in 4.1), so that we can run our test suite on it.

#5 Updated by segfault 2019-11-06 13:36:36

Feature Branch changed from feature/17196-disable-unprivileged-userfaultfd to feature/17196-disable-unprivileged-userfaultfd+force-all-tests

Forgot to name the branch correctly, so that actually the full test suite is executed.

#6 Updated by intrigeri 2019-11-11 15:44:43

Status changed from In Progress to Needs Validation
Assignee set to intrigeri

#7 Updated by intrigeri 2019-11-11 15:50:18

Target version set to Tails_4.1

#8 Updated by intrigeri 2019-11-11 15:51:00

Status changed from Needs Validation to Resolved
% Done changed from 0 to 100

Applied in changeset commit:tails|4997d82f378a4e717d337c486f7d6ceeec379d5f.