From: Jason Gunthorpe <jgg@nvidia.com>
To: Mike Rapoport <rppt@kernel.org>
Cc: Pratyush Yadav <pratyush@kernel.org>,
Alexander Graf <graf@amazon.com>,
Pasha Tatashin <pasha.tatashin@soleen.com>,
Hugh Dickins <hughd@google.com>,
Baolin Wang <baolin.wang@linux.alibaba.com>,
Andrew Morton <akpm@linux-foundation.org>,
Samiullah Khawaja <skhawaja@google.com>,
kexec@lists.infradead.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/2] mm: memfd_luo: preserve file seals
Date: Mon, 26 Jan 2026 14:31:15 -0400 [thread overview]
Message-ID: <20260126183115.GU1134360@nvidia.com> (raw)
In-Reply-To: <aXYGkb-QtYNaWYw4@kernel.org>
On Sun, Jan 25, 2026 at 02:03:29PM +0200, Mike Rapoport wrote:
> > @@ -67,11 +72,13 @@ struct memfd_luo_folio_ser {
> > struct memfd_luo_ser {
> > u64 pos;
> > u64 size;
> > + u64 seals:8;
>
> Kernel uABI defines seals as unsigned int, I think we can spare u32 for
> them and reserve a u32 flags for other memfd flags (MFD_CLOEXEC,
> MFD_HUGETLB etc).
It is a bit worse than that, the "v2" version is only going to support
some set of seals (probably the set defined in v6.19) and if there are
new seals down the road then this needs a version bump.
So I'd check that only supported seals are set here:
> > + seals = memfd_get_seals(args->file);
> > + if (seals < 0) {
> > + err = seals;
> > + goto err_free_ser;
> > + }
> > +
> > ser->pos = args->file->f_pos;
> > ser->size = i_size_read(inode);
> > + ser->seals = seals;
..
> > @@ -444,13 +453,23 @@ static int memfd_luo_retrieve(struct liveupdate_file_op_args *args)
> > if (!ser)
> > return -EINVAL;
> >
> > - file = memfd_alloc_file("", 0);
> > + /*
> > + * The seals are preserved. Allow sealing here so they can be added
> > + * later.
> > + */
> > + file = memfd_alloc_file("", MFD_ALLOW_SEALING);
> > if (IS_ERR(file)) {
> > pr_err("failed to setup file: %pe\n", file);
> > err = PTR_ERR(file);
> > goto free_ser;
> > }
> >
> > + err = memfd_add_seals(file, ser->seals);
Because we really don't want this to fail :\
Jason
next prev parent reply other threads:[~2026-01-26 18:31 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-23 9:58 [PATCH 0/2] " Pratyush Yadav
2026-01-23 9:58 ` [PATCH 1/2] memfd: export memfd_{add,get}_seals() Pratyush Yadav
2026-01-25 11:52 ` Mike Rapoport
2026-01-23 9:58 ` [PATCH 2/2] mm: memfd_luo: preserve file seals Pratyush Yadav
2026-01-25 12:03 ` Mike Rapoport
2026-01-26 12:47 ` Pratyush Yadav
2026-01-26 14:37 ` Mike Rapoport
2026-02-10 13:15 ` Pratyush Yadav
2026-01-26 18:31 ` Jason Gunthorpe [this message]
2026-02-10 13:10 ` Pratyush Yadav
2026-02-10 13:13 ` Jason Gunthorpe
2026-02-10 13:53 ` Pratyush Yadav
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260126183115.GU1134360@nvidia.com \
--to=jgg@nvidia.com \
--cc=akpm@linux-foundation.org \
--cc=baolin.wang@linux.alibaba.com \
--cc=graf@amazon.com \
--cc=hughd@google.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pasha.tatashin@soleen.com \
--cc=pratyush@kernel.org \
--cc=rppt@kernel.org \
--cc=skhawaja@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox