From: Matthew Wilcox <willy@infradead.org>
To: "Ahelenia Ziemiańska" <nabijaczleweli@nabijaczleweli.xyz>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Hugh Dickins <hughd@google.com>,
Baolin Wang <baolin.wang@linux.alibaba.com>,
linux-fsdevel@vger.kernel.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] tmpfs: enforce the immutable flag on open files
Date: Sat, 6 Dec 2025 12:52:37 +0000 [thread overview]
Message-ID: <aTQnFQIc3ylSci1u@casper.infradead.org> (raw)
In-Reply-To: <znhu3eyffewvvhleewehuvod2wrf4tz6vxrouoakiarjtxt5uy@tarta.nabijaczleweli.xyz>
On Sat, Dec 06, 2025 at 01:03:35PM +0100, Ahelenia Ziemiańska wrote:
> diff --git a/mm/filemap.c b/mm/filemap.c
> index ebd75684cb0a..0b0d5cfbcd44 100644
> --- a/mm/filemap.c
> +++ b/mm/filemap.c
> @@ -3945,12 +3945,18 @@ EXPORT_SYMBOL(filemap_map_pages);
>
> vm_fault_t filemap_page_mkwrite(struct vm_fault *vmf)
> {
> - struct address_space *mapping = vmf->vma->vm_file->f_mapping;
> + struct file *file = vmf->vma->vm_file;
> + struct address_space *mapping = file->f_mapping;
> struct folio *folio = page_folio(vmf->page);
> vm_fault_t ret = VM_FAULT_LOCKED;
>
> + if (unlikely(IS_IMMUTABLE(file_inode(file)))) {
> + ret = VM_FAULT_SIGBUS;
> + goto out;
I don't believe you tested this code path. It contains a rather obvious
bug.
> + }
> +
> sb_start_pagefault(mapping->host->i_sb);
> - file_update_time(vmf->vma->vm_file);
> + file_update_time(file);
> folio_lock(folio);
> if (folio->mapping != mapping) {
> folio_unlock(folio);
> diff --git a/mm/shmem.c b/mm/shmem.c
> index d578d8e765d7..5d3fbf4efb3d 100644
> --- a/mm/shmem.c
> +++ b/mm/shmem.c
> @@ -1294,6 +1294,14 @@ static int shmem_setattr(struct mnt_idmap *idmap,
> bool update_mtime = false;
> bool update_ctime = true;
>
> + if (unlikely(IS_IMMUTABLE(inode)))
> + return -EPERM;
> +
> + if (unlikely(IS_APPEND(inode) &&
> + (attr->ia_valid & (ATTR_MODE | ATTR_UID |
> + ATTR_GID | ATTR_TIMES_SET))))
> + return -EPERM;
> +
> error = setattr_prepare(idmap, dentry, attr);
> if (error)
> return error;
> @@ -3475,6 +3483,10 @@ static ssize_t shmem_file_write_iter(struct kiocb *iocb, struct iov_iter *from)
> ret = generic_write_checks(iocb, from);
> if (ret <= 0)
> goto unlock;
> + if (unlikely(IS_IMMUTABLE(inode))) {
> + ret = -EPERM;
> + goto unlock;
> + }
> ret = file_remove_privs(file);
> if (ret)
> goto unlock;
> --
> 2.39.5
next prev parent reply other threads:[~2025-12-06 12:52 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-06 12:03 Ahelenia Ziemiańska
2025-12-06 12:52 ` Matthew Wilcox [this message]
2025-12-06 15:15 ` Ahelenia Ziemiańska
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aTQnFQIc3ylSci1u@casper.infradead.org \
--to=willy@infradead.org \
--cc=akpm@linux-foundation.org \
--cc=baolin.wang@linux.alibaba.com \
--cc=hughd@google.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=nabijaczleweli@nabijaczleweli.xyz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox