On Tue, Dec 10, 2024 at 6:12 PM Jann Horn <jannh@xxxxxxxxxx> wrote: > > On Tue, Dec 10, 2024 at 11:51 PM Joel Fernandes <joel@xxxxxxxxxxxxxxxxx> wrote: > > On Wed, Dec 4, 2024 at 11:27 AM Jann Horn <jannh@xxxxxxxxxx> wrote: > > > The current check_memfd_seals() is racy: Since we first do > > > check_memfd_seals() and then udmabuf_pin_folios() without holding any > > > relevant lock across both, F_SEAL_WRITE can be set in between. > > > This is problematic because we can end up holding pins to pages in a > > > write-sealed memfd. > > > > > > Fix it using the inode lock, that's probably the easiest way. > > > In the future, we might want to consider moving this logic into memfd, > > > especially if anyone else wants to use memfd_pin_folios(). > > > > I am curious, why is it not possible to have a reproducer for this > > issue, is it not reproducible and is theoretical? > > Sorry, I think I must have forgotten about this part when I wrote the > cover letter: The original bug reporter (Julian) linked to a > reproducer that is linked in the bugzilla bug report, at > <https://github.com/mahkoh/udmabuf-seal>. I haven't tried running it > myself though. Thanks, I appreciate the pointer to the reproducer. Acked-by: Joel Fernandes (Google) <joel@xxxxxxxxxxxxxxxxx> thanks, - Joel
