samsung-klte: backport memfd_create() syscall and related stuff
This merge request brings in several patches needed to add support for a
memfd_create() syscall into kernel version 3.4 from kernel version 3.17 (!). This is required for running lxc >= 3.1.0-r1 with security patch that fixes CVE-2019-5736.
In short, security issue was that in a privileged container root process could overwrite
lxc-start executable by opening its file descriptor and rewriting executable contents. This is where memfd comes to help: you can create an in-memory file, copy your executable there, and place a set of SEALS to protect it from modifying at a deep level. Then you
fexecve() that fd and you're safe.
This elminates the need for me to keep a forked lxc package that is built without mentioned CVE-2019-5736 fix, thus not requiring
This backports the following commits:
0009-Backport-cache-the-value-of-file_inode-in-struct-file- commit from 3.10 to have an
struct fileand a helper function
file_inode()that is used in some of the following commits
0010-Backport-shm-add-sealing-API- that miraculous SEALS you can put on memfd file
0011-Backport-shm-add-memfd_create-syscall- the syscall itself
0013-Backport-ARM-wire-up-memfd_create-syscallare needed to make the syscall visible/usable from userspace, one in generic context, other for ARM arch.
I wrote a small test program to test this syscall, taking parts of code from lxc, it is there: https://github.com/minlexx/test_memfd/blob/master/main.c . Running it on my phone without these backports results in:
klte:~/dev/test_memfd/build$ ./test_memfd_exec Hello, World! Function not implemented - Failed to rexec as memfd Failed to re-execute liblxc via memory file descriptor
Later I've confirmed that original upstream unmodified lxc runs my android in container without issues.
Oh, and also this MR moves kernel base commit to a newer one in lineageOS 14.1 branch. It got ~10 commits with various backports/fixes, too (see the commits on Jun 19, 2019).