git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Pratyush Yadav (Google) <pratyush@kernel.org>
	Thu, 22 Jan 2026 15:18:40 +0000 (16:18 +0100)
committer	Andrew Morton <akpm@linux-foundation.org>
	Tue, 27 Jan 2026 03:03:47 +0000 (19:03 -0800)
commit	02e117b8ca58928f193e5b4df48d6763232f5e91
tree	e0ee82b5b471e1f8616591ead36950a196a7cb56	tree \| snapshot
parent	71e2b5eadbad43d33f0e2cf6d767395273ba5eaa	commit \| diff

mm: memfd_luo: use memfd_alloc_file() instead of shmem_file_setup()

When restoring a memfd, the file is created using shmem_file_setup().
While memfd creation also calls this function to get the file, it also
does other things:

  1. The O_LARGEFILE flag is set on the file. If this is not done,
  writes on the memfd exceeding 2 GiB fail.

  2. FMODE_LSEEK, FMODE_PREAD, and FMODE_PWRITE are set on the file.
  This makes sure the file is seekable and can be used with pread() and
  pwrite().

  3. Initializes the security field for the inode and makes sure that
  inode creation is permitted by the security module.

Currently, none of those things are done.  This means writes above 2 GiB
fail, pread(), and pwrite() fail, and so on.  lseek() happens to work
because file_init_path() sets it because shmem defines fop->llseek.

Fix this by using memfd_alloc_file() to get the file to make sure the
initialization sequence for normal and preserved memfd is the same.

Link: https://lkml.kernel.org/r/20260122151842.4069702-3-pratyush@kernel.org
Fixes: b3749f174d68 ("mm: memfd_luo: allow preserving memfd")
Signed-off-by: Pratyush Yadav (Google) <pratyush@kernel.org>
Reviewed-by: Mike Rapoport (Microsoft) <rppt@kernel.org>
Reviewed-by: Pasha Tatashin <pasha.tatashin@soleen.com>
Cc: Baolin Wang <baolin.wang@linux.alibaba.com>
Cc: Hugh Dickins <hughd@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>