lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aTQnFQIc3ylSci1u@casper.infradead.org>
Date: Sat, 6 Dec 2025 12:52:37 +0000
From: Matthew Wilcox <willy@...radead.org>
To: Ahelenia Ziemiańska <nabijaczleweli@...ijaczleweli.xyz>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
	Hugh Dickins <hughd@...gle.com>,
	Baolin Wang <baolin.wang@...ux.alibaba.com>,
	linux-fsdevel@...r.kernel.org, linux-mm@...ck.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] tmpfs: enforce the immutable flag on open files

On Sat, Dec 06, 2025 at 01:03:35PM +0100, Ahelenia Ziemiańska wrote:
> diff --git a/mm/filemap.c b/mm/filemap.c
> index ebd75684cb0a..0b0d5cfbcd44 100644
> --- a/mm/filemap.c
> +++ b/mm/filemap.c
> @@ -3945,12 +3945,18 @@ EXPORT_SYMBOL(filemap_map_pages);
>  
>  vm_fault_t filemap_page_mkwrite(struct vm_fault *vmf)
>  {
> -	struct address_space *mapping = vmf->vma->vm_file->f_mapping;
> +	struct file *file = vmf->vma->vm_file;
> +	struct address_space *mapping = file->f_mapping;
>  	struct folio *folio = page_folio(vmf->page);
>  	vm_fault_t ret = VM_FAULT_LOCKED;
>  
> +	if (unlikely(IS_IMMUTABLE(file_inode(file)))) {
> +		ret = VM_FAULT_SIGBUS;
> +		goto out;

I don't believe you tested this code path.  It contains a rather obvious
bug.

> +	}
> +
>  	sb_start_pagefault(mapping->host->i_sb);
> -	file_update_time(vmf->vma->vm_file);
> +	file_update_time(file);
>  	folio_lock(folio);
>  	if (folio->mapping != mapping) {
>  		folio_unlock(folio);
> diff --git a/mm/shmem.c b/mm/shmem.c
> index d578d8e765d7..5d3fbf4efb3d 100644
> --- a/mm/shmem.c
> +++ b/mm/shmem.c
> @@ -1294,6 +1294,14 @@ static int shmem_setattr(struct mnt_idmap *idmap,
>  	bool update_mtime = false;
>  	bool update_ctime = true;
>  
> +	if (unlikely(IS_IMMUTABLE(inode)))
> +		return -EPERM;
> +
> +	if (unlikely(IS_APPEND(inode) &&
> +		     (attr->ia_valid & (ATTR_MODE | ATTR_UID |
> +					ATTR_GID | ATTR_TIMES_SET))))
> +		return -EPERM;
> +
>  	error = setattr_prepare(idmap, dentry, attr);
>  	if (error)
>  		return error;
> @@ -3475,6 +3483,10 @@ static ssize_t shmem_file_write_iter(struct kiocb *iocb, struct iov_iter *from)
>  	ret = generic_write_checks(iocb, from);
>  	if (ret <= 0)
>  		goto unlock;
> +	if (unlikely(IS_IMMUTABLE(inode))) {
> +		ret = -EPERM;
> +		goto unlock;
> +	}
>  	ret = file_remove_privs(file);
>  	if (ret)
>  		goto unlock;
> -- 
> 2.39.5

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ