diff options
| -rw-r--r-- | mm/shmem.c | 50 |
1 files changed, 26 insertions, 24 deletions
diff --git a/mm/shmem.c b/mm/shmem.c index 54bec60380df..ceba031d9985 100644 --- a/mm/shmem.c +++ b/mm/shmem.c | |||
| @@ -2620,12 +2620,13 @@ static loff_t shmem_file_llseek(struct file *file, loff_t offset, int whence) | |||
| 2620 | 2620 | ||
| 2621 | /* | 2621 | /* |
| 2622 | * We need a tag: a new tag would expand every radix_tree_node by 8 bytes, | 2622 | * We need a tag: a new tag would expand every radix_tree_node by 8 bytes, |
| 2623 | * so reuse a tag which we firmly believe is never set or cleared on shmem. | 2623 | * so reuse a tag which we firmly believe is never set or cleared on tmpfs |
| 2624 | * or hugetlbfs because they are memory only filesystems. | ||
| 2624 | */ | 2625 | */ |
| 2625 | #define SHMEM_TAG_PINNED PAGECACHE_TAG_TOWRITE | 2626 | #define MEMFD_TAG_PINNED PAGECACHE_TAG_TOWRITE |
| 2626 | #define LAST_SCAN 4 /* about 150ms max */ | 2627 | #define LAST_SCAN 4 /* about 150ms max */ |
| 2627 | 2628 | ||
| 2628 | static void shmem_tag_pins(struct address_space *mapping) | 2629 | static void memfd_tag_pins(struct address_space *mapping) |
| 2629 | { | 2630 | { |
| 2630 | struct radix_tree_iter iter; | 2631 | struct radix_tree_iter iter; |
| 2631 | void __rcu **slot; | 2632 | void __rcu **slot; |
| @@ -2646,7 +2647,7 @@ static void shmem_tag_pins(struct address_space *mapping) | |||
| 2646 | } else if (page_count(page) - page_mapcount(page) > 1) { | 2647 | } else if (page_count(page) - page_mapcount(page) > 1) { |
| 2647 | xa_lock_irq(&mapping->i_pages); | 2648 | xa_lock_irq(&mapping->i_pages); |
| 2648 | radix_tree_tag_set(&mapping->i_pages, iter.index, | 2649 | radix_tree_tag_set(&mapping->i_pages, iter.index, |
| 2649 | SHMEM_TAG_PINNED); | 2650 | MEMFD_TAG_PINNED); |
| 2650 | xa_unlock_irq(&mapping->i_pages); | 2651 | xa_unlock_irq(&mapping->i_pages); |
| 2651 | } | 2652 | } |
| 2652 | 2653 | ||
| @@ -2667,7 +2668,7 @@ static void shmem_tag_pins(struct address_space *mapping) | |||
| 2667 | * The caller must guarantee that no new user will acquire writable references | 2668 | * The caller must guarantee that no new user will acquire writable references |
| 2668 | * to those pages to avoid races. | 2669 | * to those pages to avoid races. |
| 2669 | */ | 2670 | */ |
| 2670 | static int shmem_wait_for_pins(struct address_space *mapping) | 2671 | static int memfd_wait_for_pins(struct address_space *mapping) |
| 2671 | { | 2672 | { |
| 2672 | struct radix_tree_iter iter; | 2673 | struct radix_tree_iter iter; |
| 2673 | void __rcu **slot; | 2674 | void __rcu **slot; |
| @@ -2675,11 +2676,11 @@ static int shmem_wait_for_pins(struct address_space *mapping) | |||
| 2675 | struct page *page; | 2676 | struct page *page; |
| 2676 | int error, scan; | 2677 | int error, scan; |
| 2677 | 2678 | ||
| 2678 | shmem_tag_pins(mapping); | 2679 | memfd_tag_pins(mapping); |
| 2679 | 2680 | ||
| 2680 | error = 0; | 2681 | error = 0; |
| 2681 | for (scan = 0; scan <= LAST_SCAN; scan++) { | 2682 | for (scan = 0; scan <= LAST_SCAN; scan++) { |
| 2682 | if (!radix_tree_tagged(&mapping->i_pages, SHMEM_TAG_PINNED)) | 2683 | if (!radix_tree_tagged(&mapping->i_pages, MEMFD_TAG_PINNED)) |
| 2683 | break; | 2684 | break; |
| 2684 | 2685 | ||
| 2685 | if (!scan) | 2686 | if (!scan) |
| @@ -2690,7 +2691,7 @@ static int shmem_wait_for_pins(struct address_space *mapping) | |||
| 2690 | start = 0; | 2691 | start = 0; |
| 2691 | rcu_read_lock(); | 2692 | rcu_read_lock(); |
| 2692 | radix_tree_for_each_tagged(slot, &mapping->i_pages, &iter, | 2693 | radix_tree_for_each_tagged(slot, &mapping->i_pages, &iter, |
| 2693 | start, SHMEM_TAG_PINNED) { | 2694 | start, MEMFD_TAG_PINNED) { |
| 2694 | 2695 | ||
| 2695 | page = radix_tree_deref_slot(slot); | 2696 | page = radix_tree_deref_slot(slot); |
| 2696 | if (radix_tree_exception(page)) { | 2697 | if (radix_tree_exception(page)) { |
| @@ -2717,7 +2718,7 @@ static int shmem_wait_for_pins(struct address_space *mapping) | |||
| 2717 | 2718 | ||
| 2718 | xa_lock_irq(&mapping->i_pages); | 2719 | xa_lock_irq(&mapping->i_pages); |
| 2719 | radix_tree_tag_clear(&mapping->i_pages, | 2720 | radix_tree_tag_clear(&mapping->i_pages, |
| 2720 | iter.index, SHMEM_TAG_PINNED); | 2721 | iter.index, MEMFD_TAG_PINNED); |
| 2721 | xa_unlock_irq(&mapping->i_pages); | 2722 | xa_unlock_irq(&mapping->i_pages); |
| 2722 | continue_resched: | 2723 | continue_resched: |
| 2723 | if (need_resched()) { | 2724 | if (need_resched()) { |
| @@ -2733,11 +2734,11 @@ continue_resched: | |||
| 2733 | 2734 | ||
| 2734 | static unsigned int *memfd_file_seals_ptr(struct file *file) | 2735 | static unsigned int *memfd_file_seals_ptr(struct file *file) |
| 2735 | { | 2736 | { |
| 2736 | if (file->f_op == &shmem_file_operations) | 2737 | if (shmem_file(file)) |
| 2737 | return &SHMEM_I(file_inode(file))->seals; | 2738 | return &SHMEM_I(file_inode(file))->seals; |
| 2738 | 2739 | ||
| 2739 | #ifdef CONFIG_HUGETLBFS | 2740 | #ifdef CONFIG_HUGETLBFS |
| 2740 | if (file->f_op == &hugetlbfs_file_operations) | 2741 | if (is_file_hugepages(file)) |
| 2741 | return &HUGETLBFS_I(file_inode(file))->seals; | 2742 | return &HUGETLBFS_I(file_inode(file))->seals; |
| 2742 | #endif | 2743 | #endif |
| 2743 | 2744 | ||
| @@ -2757,16 +2758,17 @@ static int memfd_add_seals(struct file *file, unsigned int seals) | |||
| 2757 | 2758 | ||
| 2758 | /* | 2759 | /* |
| 2759 | * SEALING | 2760 | * SEALING |
| 2760 | * Sealing allows multiple parties to share a shmem-file but restrict | 2761 | * Sealing allows multiple parties to share a tmpfs or hugetlbfs file |
| 2761 | * access to a specific subset of file operations. Seals can only be | 2762 | * but restrict access to a specific subset of file operations. Seals |
| 2762 | * added, but never removed. This way, mutually untrusted parties can | 2763 | * can only be added, but never removed. This way, mutually untrusted |
| 2763 | * share common memory regions with a well-defined policy. A malicious | 2764 | * parties can share common memory regions with a well-defined policy. |
| 2764 | * peer can thus never perform unwanted operations on a shared object. | 2765 | * A malicious peer can thus never perform unwanted operations on a |
| 2766 | * shared object. | ||
| 2765 | * | 2767 | * |
| 2766 | * Seals are only supported on special shmem-files and always affect | 2768 | * Seals are only supported on special tmpfs or hugetlbfs files and |
| 2767 | * the whole underlying inode. Once a seal is set, it may prevent some | 2769 | * always affect the whole underlying inode. Once a seal is set, it |
| 2768 | * kinds of access to the file. Currently, the following seals are | 2770 | * may prevent some kinds of access to the file. Currently, the |
| 2769 | * defined: | 2771 | * following seals are defined: |
| 2770 | * SEAL_SEAL: Prevent further seals from being set on this file | 2772 | * SEAL_SEAL: Prevent further seals from being set on this file |
| 2771 | * SEAL_SHRINK: Prevent the file from shrinking | 2773 | * SEAL_SHRINK: Prevent the file from shrinking |
| 2772 | * SEAL_GROW: Prevent the file from growing | 2774 | * SEAL_GROW: Prevent the file from growing |
| @@ -2780,9 +2782,9 @@ static int memfd_add_seals(struct file *file, unsigned int seals) | |||
| 2780 | * added. | 2782 | * added. |
| 2781 | * | 2783 | * |
| 2782 | * Semantics of sealing are only defined on volatile files. Only | 2784 | * Semantics of sealing are only defined on volatile files. Only |
| 2783 | * anonymous shmem files support sealing. More importantly, seals are | 2785 | * anonymous tmpfs and hugetlbfs files support sealing. More |
| 2784 | * never written to disk. Therefore, there's no plan to support it on | 2786 | * importantly, seals are never written to disk. Therefore, there's |
| 2785 | * other file types. | 2787 | * no plan to support it on other file types. |
| 2786 | */ | 2788 | */ |
| 2787 | 2789 | ||
| 2788 | if (!(file->f_mode & FMODE_WRITE)) | 2790 | if (!(file->f_mode & FMODE_WRITE)) |
| @@ -2808,7 +2810,7 @@ static int memfd_add_seals(struct file *file, unsigned int seals) | |||
| 2808 | if (error) | 2810 | if (error) |
| 2809 | goto unlock; | 2811 | goto unlock; |
| 2810 | 2812 | ||
| 2811 | error = shmem_wait_for_pins(file->f_mapping); | 2813 | error = memfd_wait_for_pins(file->f_mapping); |
| 2812 | if (error) { | 2814 | if (error) { |
| 2813 | mapping_allow_writable(file->f_mapping); | 2815 | mapping_allow_writable(file->f_mapping); |
| 2814 | goto unlock; | 2816 | goto unlock; |