mm: enforce the mapping_map_writable() check after call_mmap()
In order for an F_SEAL_WRITE sealed memfd mapping to have an opportunity to clear VM_MAYWRITE in seal_check_write() we must be able to invoke either the shmem_mmap() or hugetlbfs_file_mmap() f_ops->mmap() handler to do so. We would otherwise fail the mapping_map_writable() check before we had the opportunity to clear VM_MAYWRITE. However, the existing logic in mmap_region() performs this check BEFORE calling call_mmap() (which invokes file->f_ops->mmap()). We must enforce this check AFTER the function call. In order to avoid any risk of breaking call_mmap() handlers which assume this will have been done first, we continue to mark the file writable first, simply deferring enforcement of it failing until afterwards. This enables mmap(..., PROT_READ, MAP_SHARED, fd, 0) mappings for memfd's sealed via F_SEAL_WRITE to succeed, whereas previously they were not permitted. Link: https://bugzilla.kernel.org/show_bug.cgi?id=217238 Link: https://lkml.kernel.org/r/d2748bc4077b53c60bcb06fccaf976cb2afee345.1696709413.git.lstoakes@gmail.com Signed-off-by:Lorenzo Stoakes <lstoakes@gmail.com> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Cc: Andy Lutomirski <luto@kernel.org> Cc: Christian Brauner <brauner@kernel.org> Cc: Hugh Dickins <hughd@google.com> Cc: Jan Kara <jack@suse.cz> Cc: Matthew Wilcox (Oracle) <willy@infradead.org> Cc: Mike Kravetz <mike.kravetz@oracle.com> Cc: Muchun Song <muchun.song@linux.dev> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org>
Loading
Please register or sign in to comment