Hi Jason,
On Mon, Jan 26 2026, Jason Gunthorpe wrote:
> On Sun, Jan 25, 2026 at 02:03:29PM +0200, Mike Rapoport wrote:
>> > @@ -67,11 +72,13 @@ struct memfd_luo_folio_ser {
>> > struct memfd_luo_ser {
>> > u64 pos;
>> > u64 size;
>> > + u64 seals:8;
>>
>> Kernel uABI defines seals as unsigned int, I think we can spare u32 for
>> them and reserve a u32 flags for other memfd flags (MFD_CLOEXEC,
>> MFD_HUGETLB etc).
>
> It is a bit worse than that, the "v2" version is only going to support
> some set of seals (probably the set defined in v6.19) and if there are
> new seals down the road then this needs a version bump.
If we are running say kernel X, then X + 1 will always support a
superset of the seals, since the seals are UAPI. So it should be able to
handle all the seals that are given to it by X. This only becomes a
problem on rollbacks. Is this what you are worried about or am I missing
something?
>
> So I'd check that only supported seals are set here:
>
>> > + seals = memfd_get_seals(args->file);
>> > + if (seals < 0) {
>> > + err = seals;
>> > + goto err_free_ser;
>> > + }
>> > +
>> > ser->pos = args->file->f_pos;
>> > ser->size = i_size_read(inode);
>> > + ser->seals = seals;
>
> ..
>
>> > @@ -444,13 +453,23 @@ static int memfd_luo_retrieve(struct
>> > liveupdate_file_op_args *args)
>> > if (!ser)
>> > return -EINVAL;
>> >
>> > - file = memfd_alloc_file("", 0);
>> > + /*
>> > + * The seals are preserved. Allow sealing here so they can be added
>> > + * later.
>> > + */
>> > + file = memfd_alloc_file("", MFD_ALLOW_SEALING);
>> > if (IS_ERR(file)) {
>> > pr_err("failed to setup file: %pe\n", file);
>> > err = PTR_ERR(file);
>> > goto free_ser;
>> > }
>> >
>> > + err = memfd_add_seals(file, ser->seals);
>
> Because we really don't want this to fail :\
>
> Jason
--
Regards,
Pratyush Yadav
