Commit ff62a342 authored by Marc-André Lureau's avatar Marc-André Lureau Committed by Linus Torvalds
Browse files

hugetlb: implement memfd sealing 

Implements memfd sealing, similar to shmem:
 - WRITE: deny fallocate(PUNCH_HOLE). mmap() write is denied in
   memfd_add_seals(). write() doesn't exist for hugetlbfs.
 - SHRINK: added similar check as shmem_setattr()
 - GROW: added similar check as shmem_setattr() & shmem_fallocate()

Except write() operation that doesn't exist with hugetlbfs, that should
make sealing as close as it can be to shmem support.

Link: http://lkml.kernel.org/r/20171107122800.25517-5-marcandre.lureau@redhat.com


Signed-off-by: default avatarMarc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: default avatarMike Kravetz <mike.kravetz@oracle.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Michal Hocko <mhocko@kernel.org>
Cc: David Herrmann <dh.herrmann@gmail.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent da14c1e5

fs/hugetlbfs/inode.c

+27 −2
Original line number Original line Diff line number Diff line
@@ -510,8 +510,16 @@ static long hugetlbfs_punch_hole(struct inode *inode, loff_t offset, loff_t len) 




	if (hole_end > hole_start) {

	if (hole_end > hole_start) {

		struct address_space *mapping = inode->i_mapping;

		struct address_space *mapping = inode->i_mapping;

		struct hugetlbfs_inode_info *info = HUGETLBFS_I(inode);





		inode_lock(inode);

		inode_lock(inode);



		/* protected by i_mutex */

		if (info->seals & F_SEAL_WRITE) {

			inode_unlock(inode);

			return -EPERM;

		}



		i_mmap_lock_write(mapping);

		i_mmap_lock_write(mapping);

		if (!RB_EMPTY_ROOT(&mapping->i_mmap.rb_root))

		if (!RB_EMPTY_ROOT(&mapping->i_mmap.rb_root))

			hugetlb_vmdelete_list(&mapping->i_mmap,

			hugetlb_vmdelete_list(&mapping->i_mmap,
@@ -529,6 +537,7 @@ static long hugetlbfs_fallocate(struct file *file, int mode, loff_t offset, 
				loff_t len)

				loff_t len)

{

{

	struct inode *inode = file_inode(file);

	struct inode *inode = file_inode(file);

	struct hugetlbfs_inode_info *info = HUGETLBFS_I(inode);

	struct address_space *mapping = inode->i_mapping;

	struct address_space *mapping = inode->i_mapping;

	struct hstate *h = hstate_inode(inode);

	struct hstate *h = hstate_inode(inode);

	struct vm_area_struct pseudo_vma;

	struct vm_area_struct pseudo_vma;
@@ -560,6 +569,11 @@ static long hugetlbfs_fallocate(struct file *file, int mode, loff_t offset, 
	if (error)

	if (error)

		goto out;

		goto out;





	if ((info->seals & F_SEAL_GROW) && offset + len > inode->i_size) {

		error = -EPERM;

		goto out;

	}



	/*

	/*

	 * Initialize a pseudo vma as this is required by the huge page

	 * Initialize a pseudo vma as this is required by the huge page

	 * allocation routines.  If NUMA is configured, use page index

	 * allocation routines.  If NUMA is configured, use page index
@@ -650,6 +664,7 @@ static int hugetlbfs_setattr(struct dentry *dentry, struct iattr *attr) 
	struct hstate *h = hstate_inode(inode);

	struct hstate *h = hstate_inode(inode);

	int error;

	int error;

	unsigned int ia_valid = attr->ia_valid;

	unsigned int ia_valid = attr->ia_valid;

	struct hugetlbfs_inode_info *info = HUGETLBFS_I(inode);





	BUG_ON(!inode);

	BUG_ON(!inode);
@@ -658,9 +673,16 @@ static int hugetlbfs_setattr(struct dentry *dentry, struct iattr *attr) 
		return error;

		return error;





	if (ia_valid & ATTR_SIZE) {

	if (ia_valid & ATTR_SIZE) {

		if (attr->ia_size & ~huge_page_mask(h))

		loff_t oldsize = inode->i_size;

		loff_t newsize = attr->ia_size;



		if (newsize & ~huge_page_mask(h))

			return -EINVAL;

			return -EINVAL;

		error = hugetlb_vmtruncate(inode, attr->ia_size);

		/* protected by i_mutex */

		if ((newsize < oldsize && (info->seals & F_SEAL_SHRINK)) ||

		    (newsize > oldsize && (info->seals & F_SEAL_GROW)))

			return -EPERM;

		error = hugetlb_vmtruncate(inode, newsize);

		if (error)

		if (error)

			return error;

			return error;

	}

	}
@@ -712,6 +734,8 @@ static struct inode *hugetlbfs_get_inode(struct super_block *sb, 




	inode = new_inode(sb);

	inode = new_inode(sb);

	if (inode) {

	if (inode) {

		struct hugetlbfs_inode_info *info = HUGETLBFS_I(inode);



		inode->i_ino = get_next_ino();

		inode->i_ino = get_next_ino();

		inode_init_owner(inode, dir, mode);

		inode_init_owner(inode, dir, mode);

		lockdep_set_class(&inode->i_mapping->i_mmap_rwsem,

		lockdep_set_class(&inode->i_mapping->i_mmap_rwsem,
@@ -719,6 +743,7 @@ static struct inode *hugetlbfs_get_inode(struct super_block *sb, 
		inode->i_mapping->a_ops = &hugetlbfs_aops;

		inode->i_mapping->a_ops = &hugetlbfs_aops;

		inode->i_atime = inode->i_mtime = inode->i_ctime = current_time(inode);

		inode->i_atime = inode->i_mtime = inode->i_ctime = current_time(inode);

		inode->i_mapping->private_data = resv_map;

		inode->i_mapping->private_data = resv_map;

		info->seals = F_SEAL_SEAL;

		switch (mode & S_IFMT) {

		switch (mode & S_IFMT) {

		default:

		default:

			init_special_inode(inode, mode, dev);

			init_special_inode(inode, mode, dev);

include/linux/hugetlb.h

+1 −0
Original line number Original line Diff line number Diff line
@@ -273,6 +273,7 @@ static inline struct hugetlbfs_sb_info *HUGETLBFS_SB(struct super_block *sb) 
struct hugetlbfs_inode_info {

struct hugetlbfs_inode_info {

	struct shared_policy policy;

	struct shared_policy policy;

	struct inode vfs_inode;

	struct inode vfs_inode;

	unsigned int seals;

};

};





static inline struct hugetlbfs_inode_info *HUGETLBFS_I(struct inode *inode)

static inline struct hugetlbfs_inode_info *HUGETLBFS_I(struct inode *inode)

CRA Git | Maintained and supported by SUSTech CRA and CCSE