From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.9 required=3.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_SANE_1,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BE361C43215 for ; Wed, 27 Nov 2019 04:24:46 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 7F2ED2071E for ; Wed, 27 Nov 2019 04:24:46 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Uov/dvVa" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7F2ED2071E Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 156A86B034A; Tue, 26 Nov 2019 23:24:46 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 0E17C6B034B; Tue, 26 Nov 2019 23:24:46 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EC3916B034C; Tue, 26 Nov 2019 23:24:45 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0079.hostedemail.com [216.40.44.79]) by kanga.kvack.org (Postfix) with ESMTP id D3BC56B034A for ; Tue, 26 Nov 2019 23:24:45 -0500 (EST) Received: from smtpin06.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with SMTP id 72AC74DD6 for ; Wed, 27 Nov 2019 04:24:45 +0000 (UTC) X-FDA: 76200766530.06.crow19_63aee91517729 X-HE-Tag: crow19_63aee91517729 X-Filterd-Recvd-Size: 4648 Received: from mail-pf1-f193.google.com (mail-pf1-f193.google.com [209.85.210.193]) by imf15.hostedemail.com (Postfix) with ESMTP for ; Wed, 27 Nov 2019 04:24:44 +0000 (UTC) Received: by mail-pf1-f193.google.com with SMTP id z4so10299426pfn.12 for ; Tue, 26 Nov 2019 20:24:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:from:to:cc:subject:in-reply-to:message-id:references :user-agent:mime-version; bh=cruZnOIQhNKwaUdTnpxXaRkPPQIJLlnQzi55bfc1FDk=; b=Uov/dvVa+NFZre/Pxa63oFagioekbzhykEY9uC1NgQlWTmDe3MrzWWvy9Zt7KnD6nx JcVzMDenZzT9Jy1ubkKHf4lG9QRkvegs3efFfrUdj94O6iXMUYwg7qGxuxwubrPMXHLh rOgkOXAbP2OWyoEm0pSD8uHT3ho5NZhpHXOX8Hwqi5J+clekJ8dcIy/v6pAwSwpQeoeo 9O8DofPw1gzKIJN0IpXwOxovlThNUTHxlGD/qdUnnlsoGJhuzCVHEhzFgFdVt3ljBxfV Fi4xdxIGx/VCFqVhmJLESMIFOZfA2bfnQmzo0CSx2RT5O7+HSjNXziEKEuP8qo4noLzf 45/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:in-reply-to:message-id :references:user-agent:mime-version; bh=cruZnOIQhNKwaUdTnpxXaRkPPQIJLlnQzi55bfc1FDk=; b=mPOqrHhEc3sK7Onre3zDGiLtZPbZoKC7vfeujkowkV77V8P64tVnHNU4uEq3iEbAi3 kRmVO6W1YJOs/F47LG8WCawbrOxW5QhxUu04+ZCGVrYe3eraL4JoX1LrGA/yS1VcIUK1 AUyLx2eGsHjMjurAZp25R25kBHMs3VQ6NiDhKOd2dy9graZ6f4X1P5i93bKyXeEWgVrh qQpjdisG1EHQM6NgTq+Ccd/PH0QPNsBStka7mOp3bfsVmS+HZnrPGJfRDyHPxJodrpZH IRzGOWfWMgGarjy6V8xZIWcS2FrzTBXCqkt1Z8K/6MOt1ZygflJv20HHl0NU7ys1zxUm UGgg== X-Gm-Message-State: APjAAAW/YmpGxZUZZVhLeHn6tzoJMmlHc9UGDj+OS9T2CdlcRJYD52Ms ogx273/wVrrfZk3EiWm7PH3AlA== X-Google-Smtp-Source: APXvYqwHkLMzMxaDg4TQbnWaBd49ud789eb+LiQCmUKOjrQ+rDCkpU7IIi+KTGXAv9gUQiuoZeUrtw== X-Received: by 2002:a63:391:: with SMTP id 139mr2597363pgd.40.1574828682962; Tue, 26 Nov 2019 20:24:42 -0800 (PST) Received: from [100.112.92.218] ([104.133.9.106]) by smtp.gmail.com with ESMTPSA id e10sm4536872pfm.3.2019.11.26.20.24.42 (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 26 Nov 2019 20:24:42 -0800 (PST) Date: Tue, 26 Nov 2019 20:24:32 -0800 (PST) From: Hugh Dickins X-X-Sender: hugh@eggly.anvils To: yu kuai cc: hughd@google.com, akpm@linux-foundation.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, yi.zhang@huawei.com, zhengbin13@huawei.com Subject: Re: [PATCH] mm/shmem.c: don't set 'seals' to 'F_SEAL_SEAL' in shmem_get_inode In-Reply-To: <20191127040051.39169-1-yukuai3@huawei.com> Message-ID: References: <20191127040051.39169-1-yukuai3@huawei.com> User-Agent: Alpine 2.11 (LSU 23 2013-08-11) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Bogosity: Ham, tests=bogofilter, spamicity=0.000003, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, 27 Nov 2019, yu kuai wrote: > 'seals' is set to 'F_SEAL_SEAL' in shmem_get_inode, which means "prevent > further seals from being set", thus sealing API will be useless and many > code in shmem.c will never be reached. For example: The sealing API is not useless, and that code can be reached. > > shmem_setattr > if ((newsize < oldsize && (info->seals & F_SEAL_SHRINK)) || > (newsize > oldsize && (info->seals & F_SEAL_GROW))) > return -EPERM; > > So, initialize 'seals' to zero is more reasonable. > > Signed-off-by: yu kuai NAK. See memfd_create in mm/memfd.c (code which originated in mm/shmem.c, then was extended to support hugetlbfs also): sealing is for memfds, not for tmpfs or hugetlbfs files or SHM. Without thinking about it too hard, I believe that to allow sealing on tmpfs files would introduce surprising new behaviors on them, which might well raise security issues; and also be incompatible with the guarantees intended by sealing. > --- > mm/shmem.c | 1 - > 1 file changed, 1 deletion(-) > > diff --git a/mm/shmem.c b/mm/shmem.c > index 165fa6332993..7b032b347bda 100644 > --- a/mm/shmem.c > +++ b/mm/shmem.c > @@ -2256,7 +2256,6 @@ static struct inode *shmem_get_inode(struct super_block *sb, const struct inode > memset(info, 0, (char *)inode - (char *)info); > spin_lock_init(&info->lock); > atomic_set(&info->stop_eviction, 0); > - info->seals = F_SEAL_SEAL; > info->flags = flags & VM_NORESERVE; > INIT_LIST_HEAD(&info->shrinklist); > INIT_LIST_HEAD(&info->swaplist); > -- > 2.17.2