[PATCH v3 2/3] mm/shmem: update file sealing comments and file checking
From: Mike Kravetz
Date: Mon Apr 09 2018 - 19:05:53 EST
In preparation for memfd code restucture, update comments dealing
with file sealing to indicate that tmpfs and hugetlbfs are the
supported filesystems. Also, change file pointer checks in
memfd_file_seals_ptr to use defined routines instead of directly
referencing file_operation structs.
Signed-off-by: Mike Kravetz <mike.kravetz@xxxxxxxxxx>
---
mm/shmem.c | 29 +++++++++++++++--------------
1 file changed, 15 insertions(+), 14 deletions(-)
diff --git a/mm/shmem.c b/mm/shmem.c
index c7bad16fe884..be20fc388dcb 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -2734,11 +2734,11 @@ static int shmem_wait_for_pins(struct address_space *mapping)
static unsigned int *memfd_file_seals_ptr(struct file *file)
{
- if (file->f_op == &shmem_file_operations)
+ if (shmem_file(file))
return &SHMEM_I(file_inode(file))->seals;
#ifdef CONFIG_HUGETLBFS
- if (file->f_op == &hugetlbfs_file_operations)
+ if (is_file_hugepages(file))
return &HUGETLBFS_I(file_inode(file))->seals;
#endif
@@ -2758,16 +2758,17 @@ static int memfd_add_seals(struct file *file, unsigned int seals)
/*
* SEALING
- * Sealing allows multiple parties to share a shmem-file but restrict
- * access to a specific subset of file operations. Seals can only be
- * added, but never removed. This way, mutually untrusted parties can
- * share common memory regions with a well-defined policy. A malicious
- * peer can thus never perform unwanted operations on a shared object.
+ * Sealing allows multiple parties to share a tmpfs or hugetlbfs file
+ * but restrict access to a specific subset of file operations. Seals
+ * can only be added, but never removed. This way, mutually untrusted
+ * parties can share common memory regions with a well-defined policy.
+ * A malicious peer can thus never perform unwanted operations on a
+ * shared object.
*
- * Seals are only supported on special shmem-files and always affect
- * the whole underlying inode. Once a seal is set, it may prevent some
- * kinds of access to the file. Currently, the following seals are
- * defined:
+ * Seals are only supported on special tmpfs or hugetlbfs files and
+ * always affect the whole underlying inode. Once a seal is set, it
+ * may prevent some kinds of access to the file. Currently, the
+ * following seals are defined:
* SEAL_SEAL: Prevent further seals from being set on this file
* SEAL_SHRINK: Prevent the file from shrinking
* SEAL_GROW: Prevent the file from growing
@@ -2781,9 +2782,9 @@ static int memfd_add_seals(struct file *file, unsigned int seals)
* added.
*
* Semantics of sealing are only defined on volatile files. Only
- * anonymous shmem files support sealing. More importantly, seals are
- * never written to disk. Therefore, there's no plan to support it on
- * other file types.
+ * anonymous tmpfs and hugetlbfs files support sealing. More
+ * importantly, seals are never written to disk. Therefore, there's
+ * no plan to support it on other file types.
*/
if (!(file->f_mode & FMODE_WRITE))
--
2.13.6