From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 66B73C433F5
	for <linux-mm@archiver.kernel.org>; Mon, 24 Jan 2022 04:18:53 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id CB0C86B0081; Sun, 23 Jan 2022 23:18:52 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id C5F776B0083; Sun, 23 Jan 2022 23:18:52 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id B27766B0085; Sun, 23 Jan 2022 23:18:52 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0139.hostedemail.com [216.40.44.139])
	by kanga.kvack.org (Postfix) with ESMTP id 9C79A6B0081
	for <linux-mm@kvack.org>; Sun, 23 Jan 2022 23:18:52 -0500 (EST)
Received: from smtpin18.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay04.hostedemail.com (Postfix) with ESMTP id 5B4A19367F
	for <linux-mm@kvack.org>; Mon, 24 Jan 2022 04:18:52 +0000 (UTC)
X-FDA: 79063874904.18.A022BBB
Received: from mail-qk1-f172.google.com (mail-qk1-f172.google.com [209.85.222.172])
	by imf30.hostedemail.com (Postfix) with ESMTP id E57E980002
	for <linux-mm@kvack.org>; Mon, 24 Jan 2022 04:18:51 +0000 (UTC)
Received: by mail-qk1-f172.google.com with SMTP id d24so18693844qkk.5
        for <linux-mm@kvack.org>; Sun, 23 Jan 2022 20:18:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=date:from:to:cc:subject:in-reply-to:message-id:references
         :mime-version;
        bh=DNIku5FnVf9Yc0jUk/VdfLTwI1o1TUiRN+Ozpno+CZ4=;
        b=QPp2hsAA/da6vtCaGomUTSUmlGb9etpLRH1DeL/Y2uFreS6ikyFvBfGVbly6lYZLNn
         suFgx/QvRbsUjFownsBQ+lxYsbf2Xi56Y+Utq4qhFfy2A+gqkZBRtN7pJfco/87J/1a6
         UCV+rkiPvOy/IUAKW2fV5BVz8g2m5xEJnP4a32Ooi7wD35zrQMdKkjmbkge9nCipkFGC
         abRxx43+nf/GY9394HAMCgeXz2pFnadXJAFmyP4tcKg43y/Uqs9MghXDH2uOL44XKqoJ
         PZQoQZ7FdqVcdL2sqq9UGR9oc9QfPUOU3U9LQL6LTEipY7pcrDn1PKTZM6vCDgrf3O34
         s9Ww==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:from:to:cc:subject:in-reply-to:message-id
         :references:mime-version;
        bh=DNIku5FnVf9Yc0jUk/VdfLTwI1o1TUiRN+Ozpno+CZ4=;
        b=FY/uZRCCwGGlb3n2VyB1kZ4tMQNyK2JarQobor4cHqi9UZRmvgYNio2yg4ebjlN8E5
         Rty3E1JBoqmMvgrqm4oh4/087AWXm3kdQU2JZiWrrlvyf0YtnY/L/nwZmqibyK0y/NY9
         Xz9s36gVlfvgdmhJeePaafQgHPDzEFqaZ+RwFJ0CJlnAQ4ic4kiej9dhw1hjiv+ecFzb
         FL2mXkdMcSwicNsxNIMcseD63nmcpgoOzfrHGzRcEYrV00OUuG5l4dVIyDp1KxedzBVN
         IiFLSGScLWt2rRL6lYRTR3OxMRNVyfNTsDJNGQnxm6OgbkWFqqwBhWsquIbRd+qU0/kj
         Qoog==
X-Gm-Message-State: AOAM533JhfU8u3NL5NHvebg0lljlTcVnzfv5Tv6QEQEYOtZLO24+Efma
	Kt9UVqkAmxtEVdn20sDwsAAMUQ==
X-Google-Smtp-Source: ABdhPJwr32D9xveqwZ4WpKtvL7HGQHuhthubZEmjwvO01h48jNrzu3+wKhgZazfK+xG36qhv7dTkgQ==
X-Received: by 2002:ae9:ed81:: with SMTP id c123mr5901qkg.447.1642997931019;
        Sun, 23 Jan 2022 20:18:51 -0800 (PST)
Received: from ripple.attlocal.net (172-10-233-147.lightspeed.sntcca.sbcglobal.net. [172.10.233.147])
        by smtp.gmail.com with ESMTPSA id bm3sm6708342qkb.5.2022.01.23.20.18.49
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 23 Jan 2022 20:18:50 -0800 (PST)
Date: Sun, 23 Jan 2022 20:18:36 -0800 (PST)
From: Hugh Dickins <hughd@google.com>
X-X-Sender: hugh@ripple.anvils
To: Aleksa Sarai <cyphar@cyphar.com>
cc: Kir Kolyshkin <kolyshkin@gmail.com>, linux-man@vger.kernel.org, 
    Michael Kerrisk <mtk.manpages@gmail.com>, 
    David Herrmann <dh.herrmann@gmail.com>, 
    Andrew Morton <akpm@linux-foundation.org>, Hugh Dickins <hughd@google.com>, 
    Mike Kravetz <mike.kravetz@oracle.com>, linux-mm@kvack.org, 
    linux-kernel@vger.kernel.org
Subject: Re: [PATCH] fcntl.2: document F_GET_SEALS on tmpfs peculiarity
In-Reply-To: <20220122090441.ktxh43lpgsd2dxj4@senku>
Message-ID: <d7ca2658-b63b-7437-9bd0-82bc59c7c981@google.com>
References: <20220122005251.1441343-1-kolyshkin@gmail.com> <20220122090441.ktxh43lpgsd2dxj4@senku>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Authentication-Results: imf30.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=QPp2hsAA;
	spf=pass (imf30.hostedemail.com: domain of hughd@google.com designates 209.85.222.172 as permitted sender) smtp.mailfrom=hughd@google.com;
	dmarc=pass (policy=reject) header.from=google.com
X-Rspamd-Server: rspam04
X-Rspamd-Queue-Id: E57E980002
X-Stat-Signature: zoo8rmqzhqkjxekj5cbsh7yrtzb5n1jw
X-HE-Tag: 1642997931-918855
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Sat, 22 Jan 2022, Aleksa Sarai wrote:

> Adding the maintainers of mm/{shmem,memfd}.c and fs/hugetlbfs/ just in
> case this was not intended behaviour.

Kir is correct - thanks - and it is intended behaviour.  Not consciously
intended to make for a difficult manpage, but the implementation was
intended to be simple, so tmpfs and hugetlbfs do not internally
distinguish memfd objects from filesystem files - their filesystem
files simply start off with F_SEAL_SEAL to rule out any sealing.

> 
> On 2022-01-21, Kir Kolyshkin <kolyshkin@gmail.com> wrote:
> > Currently, from the description of file sealing it can be deduced that
> > unless the fd is a memfd, all sealing operations fail with EINVAL.
> > 
> > Apparently, it's not true for tmpfs or hugetlbfs -- F_GET_SEALS returns
> > 1 (F_SEAL_SEAL) for an fd opened on these filesystems (probably because
> > those are used to back memfd files).
> > 
> > Fix the description to mention that peculiarity. Not knowing this can
> > result in incorrect code logic (see [1], where the code mistook a
> > descriptor of a file opened on on tmpfs for a memfd).
> > 
> > While at it, clarify that fcntl does not actually return EINVAL, but
> > sets errno to it (as it is usually said elsewhere).
> > 
> > [1] https://github.com/opencontainers/runc/pull/3342
> > 
> > Cc: Aleksa Sarai <cyphar@cyphar.com>
> > Cc: David Herrmann <dh.herrmann@gmail.com>
> > Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Acked-by: Hugh Dickins <hughd@google.com>

> > ---
> >  man2/fcntl.2 | 17 +++++++++++++++--
> >  1 file changed, 15 insertions(+), 2 deletions(-)
> > 
> > diff --git a/man2/fcntl.2 b/man2/fcntl.2
> > index 7b5604e3a..f951b05ff 100644
> > --- a/man2/fcntl.2
> > +++ b/man2/fcntl.2
> > @@ -1402,10 +1402,23 @@ file seals can be applied only to a file descriptor returned by
> >  (if the
> >  .B MFD_ALLOW_SEALING
> >  was employed).
> > -On other filesystems, all
> > +On all other filesystems, except
> > +.BR tmpfs (5)
> > +and
> > +.BR hugetlbfs ,
> > +all
> >  .BR fcntl ()
> > -operations that operate on seals will return
> > +operations that operate on seals will fail with
> > +.I errno
> > +set to
> >  .BR EINVAL .
> > +For a descriptor from a file on
> > +.BR tmpfs (5)
> > +or
> > +.BR hugetlbfs ,
> > +.B F_GET_SEALS
> > +returns
> > +.BR F_SEAL_SEAL .
> >  .PP
> >  Seals are a property of an inode.
> >  Thus, all open file descriptors referring to the same inode share
> > -- 
> > 2.33.1
> > 
> 
> -- 
> Aleksa Sarai
> Senior Software Engineer (Containers)
> SUSE Linux GmbH
> <https://www.cyphar.com/>