On Tue, Dec 10, 2024 at 11:51 PM Joel Fernandes <j...@joelfernandes.org> wrote: > On Wed, Dec 4, 2024 at 11:27 AM Jann Horn <ja...@google.com> wrote: > > The current check_memfd_seals() is racy: Since we first do > > check_memfd_seals() and then udmabuf_pin_folios() without holding any > > relevant lock across both, F_SEAL_WRITE can be set in between. > > This is problematic because we can end up holding pins to pages in a > > write-sealed memfd. > > > > Fix it using the inode lock, that's probably the easiest way. > > In the future, we might want to consider moving this logic into memfd, > > especially if anyone else wants to use memfd_pin_folios(). > > I am curious, why is it not possible to have a reproducer for this > issue, is it not reproducible and is theoretical?
Sorry, I think I must have forgotten about this part when I wrote the cover letter: The original bug reporter (Julian) linked to a reproducer that is linked in the bugzilla bug report, at <https://github.com/mahkoh/udmabuf-seal>. I haven't tried running it myself though. > thanks, > > - Joel > > > > > Reported-by: Julian Orth <ju.o...@gmail.com> > > Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219106 > > Closes: > > https://lore.kernel.org/r/CAG48ez0w8HrFEZtJkfmkVKFDhE5aP7nz=obrimetgpd+stk...@mail.gmail.com > > Fixes: fbb0de795078 ("Add udmabuf misc device") > > Cc: sta...@vger.kernel.org > > Signed-off-by: Jann Horn <ja...@google.com>
