Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp5157225ybc;
        Tue, 26 Nov 2019 22:49:37 -0800 (PST)
X-Google-Smtp-Source: APXvYqy8i2F2UbKbTgAAnBS/f+PRSwstF840JBEDKDbBuRmH9VC5oyNVqY2FaWPt8FOZrkbSP1IK
X-Received: by 2002:a17:906:25c5:: with SMTP id n5mr46268699ejb.126.1574837377444;
        Tue, 26 Nov 2019 22:49:37 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1574837377; cv=none;
        d=google.com; s=arc-20160816;
        b=GCOGZ7hzVZZkxHVOp6Fu4p4K6mO378F5ALnSWFnK4aSvAQu0IggZJ2ZGQP30ATw7hj
         iuDHsi5EIWx0yAn7IlEs2BhJwnNWra/zpVTGt/hNyvRytdd86796LIhPQId0yMAeXWCv
         2QVtawkUnqyISu1gXq/zpPRYyyiC46p67gVdLOdRgMSANCKsAE0ewx0X4oIXiwuuXFiO
         hGDMwBzWmKmpHgDcCzZcgq6IP+l6xEp/y5d5iXefz7ncjrT6WxTWk4hL70YHfttVPzKa
         wk898Idwlt/BPJAQ+rfZG490n+s+V1mlFt6E5ej/aYiPG5S82u/HU6HbPkYUrHRfW47X
         R3HQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:in-reply-to
         :mime-version:user-agent:date:message-id:from:references:cc:to
         :subject;
        bh=3oTfXvR6yYW9WacRCXZ4Jl4si+RU3/+5rTLjPEsZ0do=;
        b=hTo07stQfq/c7oQi0f+1uto+1Z6u5k0z09zKWcbu0ema1cwZ1z/d7dM7d7cQpFS3wh
         2fU30R7UAm8TBUwGZmnq4gajccT6bzb64vbYkxjv/njWqOyE3RCDlrWP4QMP9h8Fyg5O
         7WmvkKuF+UqRJJ1CNniAcuDDB9ncnNhPFCacn7peKwOQxvZR5kMtBEK0TH9umQ0/AUN1
         fkiOhPvFknrYkPnRlDLlBbH08gZOfc/p4CRWBisdMk0AjG9ykwk+bA6RTO3PYpMdz/tF
         fXyjCzYHu0n/tqBQ4h7oehKK0AucV2WWQs/wPzPWVwIpm9TQ9vTrEqoaJB2odY1xu/6h
         pM3w==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q23si9064962ejn.236.2019.11.26.22.49.12;
        Tue, 26 Nov 2019 22:49:37 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726373AbfK0GrJ (ORCPT <rfc822;lunatang2017@gmail.com>
        + 99 others); Wed, 27 Nov 2019 01:47:09 -0500
Received: from szxga07-in.huawei.com ([45.249.212.35]:59208 "EHLO huawei.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1726078AbfK0GrJ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 27 Nov 2019 01:47:09 -0500
Received: from DGGEMS406-HUB.china.huawei.com (unknown [172.30.72.59])
        by Forcepoint Email with ESMTP id 028AC1D2611040F19A2B;
        Wed, 27 Nov 2019 14:47:05 +0800 (CST)
Received: from [127.0.0.1] (10.173.220.96) by DGGEMS406-HUB.china.huawei.com
 (10.3.19.206) with Microsoft SMTP Server id 14.3.439.0; Wed, 27 Nov 2019
 14:46:56 +0800
Subject: Re: [PATCH] mm/shmem.c: don't set 'seals' to 'F_SEAL_SEAL' in
 shmem_get_inode
To:     Hugh Dickins <hughd@google.com>
CC:     <akpm@linux-foundation.org>, <linux-mm@kvack.org>,
        <linux-kernel@vger.kernel.org>, <linux-fsdevel@vger.kernel.org>,
        <yi.zhang@huawei.com>, <zhengbin13@huawei.com>
References: <20191127040051.39169-1-yukuai3@huawei.com>
 <alpine.LSU.2.11.1911262008330.2204@eggly.anvils>
From:   "yukuai (C)" <yukuai3@huawei.com>
Message-ID: <f4ffdbc2-6728-1838-1a82-c0de4c484a54@huawei.com>
Date:   Wed, 27 Nov 2019 14:46:55 +0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101
 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <alpine.LSU.2.11.1911262008330.2204@eggly.anvils>
Content-Type: text/plain; charset="gbk"; format=flowed
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.173.220.96]
X-CFilter-Loop: Reflected
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 2019/11/27 12:24, Hugh Dickins Wrote:
> On Wed, 27 Nov 2019, yu kuai wrote:
> 
>> 'seals' is set to 'F_SEAL_SEAL' in shmem_get_inode, which means "prevent
>> further seals from being set", thus sealing API will be useless and many
>> code in shmem.c will never be reached. For example:
> 
> The sealing API is not useless, and that code can be reached.
> 
>>
>> shmem_setattr
>> 	if ((newsize < oldsize && (info->seals & F_SEAL_SHRINK)) ||
>> 	    (newsize > oldsize && (info->seals & F_SEAL_GROW)))
>> 		return -EPERM;
>>
>> So, initialize 'seals' to zero is more reasonable.
>>
>> Signed-off-by: yu kuai <yukuai3@huawei.com>
> 
> NAK.
> 
> See memfd_create in mm/memfd.c (code which originated in mm/shmem.c,
> then was extended to support hugetlbfs also): sealing is for memfds,
> not for tmpfs or hugetlbfs files or SHM.  Without thinking about it too
> hard, I believe that to allow sealing on tmpfs files would introduce
> surprising new behaviors on them, which might well raise security issues;
> and also be incompatible with the guarantees intended by sealing.

Thank you for your response.
Yu Kuai