On Wed, Dec 4, 2024 at 11:27 AM Jann Horn <jannh@xxxxxxxxxx> wrote:
>
> When F_SEAL_FUTURE_WRITE was introduced, it was overlooked that udmabuf
> must reject memfds with this flag, just like ones with F_SEAL_WRITE.
> Fix it by adding F_SEAL_FUTURE_WRITE to SEALS_DENIED.
>
> Fixes: ab3948f58ff8 ("mm/memfd: add an F_SEAL_FUTURE_WRITE seal to memfd")
> Cc: stable@xxxxxxxxxxxxxxx
> Acked-by: Vivek Kasireddy <vivek.kasireddy@xxxxxxxxx>
Thanks!
Reviewed-by: Joel Fernandes (Google) <joel@xxxxxxxxxxxxxxxxx>
- Joel
> Signed-off-by: Jann Horn <jannh@xxxxxxxxxx>
> ---
> drivers/dma-buf/udmabuf.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/dma-buf/udmabuf.c b/drivers/dma-buf/udmabuf.c
> index c1d8c2766d6d36fc5fe1b3d73057f6e01ec6678f..b330b99fcc7619a05bb7dc2aeeb9c82faf9a387b 100644
> --- a/drivers/dma-buf/udmabuf.c
> +++ b/drivers/dma-buf/udmabuf.c
> @@ -297,7 +297,7 @@ static const struct dma_buf_ops udmabuf_ops = {
> };
>
> #define SEALS_WANTED (F_SEAL_SHRINK)
> -#define SEALS_DENIED (F_SEAL_WRITE)
> +#define SEALS_DENIED (F_SEAL_WRITE|F_SEAL_FUTURE_WRITE)
>
> static int check_memfd_seals(struct file *memfd)
> {
>
> --
> 2.47.0.338.g60cca15819-goog
>
