usb: require FMODE_WRITE for usbdev_mmap()
usbdev_mmap() creates VMAs which can only be used through
usbdev_do_ioctl(), which requires FMODE_WRITE; so usbdev_mmap() is only
useful with FMODE_WRITE.
On typical Linux systems, files at /dev/bus/usb/*/* are mode 0664, so
UIDs without any special privileges can't use usbdev_do_ioctl(), but
they can still execute the usbdev_mmap() codepath.
Check for FMODE_WRITE in usbdev_mmap() to reduce attack surface a little
bit.
Signed-off-by: Jann Horn <jannh@google.com>
Link: https://lore.kernel.org/r/20241016-usbdev-mmap-require-write-v1-1-6f8256414d5c@google.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
projects / linux-block.git / commit