On Wed 03-06-26 19:53:14, John Hubbard wrote:
> Since commit 1e7ab6f67824 ("anon_inode: rework assertions"),
> path_noexec() warns when an anonymous-inode file is mmap'd from a
> superblock that has not set SB_I_NOEXEC. dma-buf backs its files this
> way and never set the flag, so mmap of any exported buffer trips the
> warning on a CONFIG_DEBUG_VFS=y kernel:
>
> WARNING: CPU: 11 PID: 121813 at fs/exec.c:118 path_noexec+0x47/0x50
> do_mmap+0x2b5/0x680
> vm_mmap_pgoff+0x129/0x210
> ksys_mmap_pgoff+0x177/0x240
> __x64_sys_mmap+0x33/0x70
>
> init_pseudo() sets up internal SB_NOUSER mounts that are never
> path-reachable. Set both flags here so every pseudo filesystem gets
> them by default instead of each caller setting them.
>
> SB_I_NODEV is inert for unreachable mounts. SB_I_NOEXEC has one
> visible effect: an executable mapping of a pseudo-fs fd, such as a
> dma-buf, now fails with -EPERM, which is the invariant the assertion
> enforces. No in-tree caller maps these executable.
>
> Reproduce on CONFIG_DEBUG_VFS=y:
>
> make -C tools/testing/selftests/dmabuf-heaps
> sudo ./tools/testing/selftests/dmabuf-heaps/dmabuf-heap -t system
>
> Fixes: 1e7ab6f67824 ("anon_inode: rework assertions")
> Suggested-by: Christoph Hellwig <[email protected]>
> Cc: [email protected]
> Signed-off-by: John Hubbard <[email protected]>
Looks good. Feel free to add:
Reviewed-by: Jan Kara <[email protected]>
Honza
> ---
> fs/libfs.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/fs/libfs.c b/fs/libfs.c
> index 1bbea5e7bae3..e8226b9e1bc8 100644
> --- a/fs/libfs.c
> +++ b/fs/libfs.c
> @@ -736,6 +736,7 @@ struct pseudo_fs_context *init_pseudo(struct fs_context
> *fc,
> fc->fs_private = ctx;
> fc->ops = &pseudo_fs_context_ops;
> fc->sb_flags |= SB_NOUSER;
> + fc->s_iflags |= SB_I_NOEXEC | SB_I_NODEV;
> fc->global = true;
> }
> return ctx;
> --
> 2.54.0
>
--
Jan Kara <[email protected]>
SUSE Labs, CR
