From patchwork Thu Apr 20 08:57:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christian Brauner X-Patchwork-Id: 13218160 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 083EFC77B72 for ; Thu, 20 Apr 2023 08:58:04 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6F568900004; Thu, 20 Apr 2023 04:58:04 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 6A55E900002; Thu, 20 Apr 2023 04:58:04 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 56CFF900004; Thu, 20 Apr 2023 04:58:04 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 47133900002 for ; Thu, 20 Apr 2023 04:58:04 -0400 (EDT) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 159F24020D for ; Thu, 20 Apr 2023 08:58:04 +0000 (UTC) X-FDA: 80701167288.09.1252325 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf23.hostedemail.com (Postfix) with ESMTP id 57EE3140003 for ; Thu, 20 Apr 2023 08:58:02 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=b2myTk6B; spf=pass (imf23.hostedemail.com: domain of brauner@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=brauner@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1681981082; a=rsa-sha256; cv=none; b=QLY4JbHW/UUtevGCA/6EZwhaObD6EQsFOZEEl1nt+3wdo0cIVU9++toc/kiAfV4g0kAsJm /YuPQE/f9rmkDsynECJCoubIh8pgnEKwVhsQ4E3Rm9d1uLmtvpJhfvpqn8bpJ+A6l8Riej x5aRcuVXrvz5suZ56X9mZJowb+10g9I= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=b2myTk6B; spf=pass (imf23.hostedemail.com: domain of brauner@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=brauner@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1681981082; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=58wuWoHREGLSkS27xEX4CJklEJs4T1RLOFqkan956qI=; b=M+/xfSfBKgSOjiR+PdPYmJfSPu4Bx6FWrr0xmdPBj9J5EzYof5UD4zRJpiK6FpBFN9MZ3+ s6Z2H6CSMzmv67R0Eh6se9Li5BjEdXlP7o5K3NhHv1fAEt3jufSTaVUoH9VFq6kzoA1CXg ufFcCKDMDSNgdol9A8m+zf6+lHteJME= Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 632596462D; Thu, 20 Apr 2023 08:58:01 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 83BA0C433EF; Thu, 20 Apr 2023 08:57:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1681981080; bh=KW/cOzzz0VeUWtRrIVVV/Jvq1YUVpWtNqR0e3LlJHpU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=b2myTk6B5eriGxsU6/qGzfQumjVeH2e3afVEFIWlU8rfbkviTzxfnFOTr+a1fbLh8 zWtjEyNyqdlnbur6mK5cefIAqwk90StKTjTec61TpMor9Xap1uHWxS5W/22bMVHn0E My3fk/2N/ilyUoS/47lxI5LJL1h7Eta0vkO6AfnQ4lkq2Q9eTOrCYGHKLzLSFZNVyu 1xuwf6mcGZ9ndyzuAsgC19Sx5DCwNqszhddBEK3f1ncrVhlmhT46kWXt+KaEpWmrXJ bP7Ht/9+Q95uQ9N8JkGbnU8WreQSsdGYAEM2bxB6u7NFj6zniS8LX9vFSh/FnHBWD8 lgMm12YTBcYCw== From: Christian Brauner To: Luis Chamberlain , Hugh Dickins Cc: Christian Brauner , akpm@linux-foundation.org, willy@infradead.org, linux-mm@kvack.org, p.raghav@samsung.com, da.gomez@samsung.com, a.manzanares@samsung.com, dave@stgolabs.net, yosryahmed@google.com, keescook@chromium.org, patches@lists.linux.dev, linux-kernel@vger.kernel.org Subject: [PATCH] shmem: restrict noswap option to initial user namespace Date: Thu, 20 Apr 2023 10:57:43 +0200 Message-Id: <20230420-faxen-advokat-40abb4c1a152@brauner> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=973; i=brauner@kernel.org; h=from:subject:message-id; bh=KW/cOzzz0VeUWtRrIVVV/Jvq1YUVpWtNqR0e3LlJHpU=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMaQ4/CtY+P1BygbWTxsmz2v3mbW68tTFF9vkznTv/rC0+Fq8 kMSC6R2lLAxiXAyyYoosDu0m4XLLeSo2G2VqwMxhZQIZwsDFKQATOdTB8D8nUVBgesz9L2museLMgc rL8zcymz6qnLdhWmCKaJrYpHcMv5h3cMz02syXubEt6dTWisvnC8/H9OUImU3acTB4f4qbJB8A X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 X-Rspam-User: X-Rspamd-Queue-Id: 57EE3140003 X-Rspamd-Server: rspam01 X-Stat-Signature: zjufs8f5snbh6i9o571e77n7618seii6 X-HE-Tag: 1681981082-928551 X-HE-Meta: U2FsdGVkX19jp19EvYwTs6s+gnDi1YWFwEIgzKarehnwf6AE+PqzMADfC9x7YsFxUKHS615z8xex+5JAUId15rAm+rqY+Qt2D/RKUINVDQjsL55s+ol7A0vWecraYICbJsanbX5JE15KPF2cZss8n3K69C6spNX3Gcg/6z15X8MResKP/qoX3Gt3LO2n04BKmxFqOHFOWAWRNeO62/qMEfS1afOqwISdHDoe5XEIC2WF96sm2pJwajqx3zRbHncOZxVlmd41V5gsF+IXDUYOSMd7vr+C9TmoEVfdi8CJP/GTkIYFkZhxzF+qalOsjiGIz1Sqgpo/NCf2XkXiRtD7+/P3IAzgP7jiR84VUVgpF49kB3WjnGpmu0Ak3Qzohcs+WUpXIaFEv+UqyabV7l5j8/eCvVqtHVuT4H6I+KC0LL8HLl1J9YhIW6GCmaoDwHmaZ5muiMFSsdxEc7HjoqV5OipkIDk9Soi/Nt9GHQ/upR/5m6yFvZyFQJbvz2vftD2IEklV3uHcUZUveDUkPELI8YbQJTgLdapQ8adAOAinKYW/y6MO8imC+Rkx3PXwv8lCCsymaNvnB88etQI2TJ4eHDwPfcPdZpjNKV4IurbTR6ooWA8emxb6uSRSSMRwp/Oqt5/zod14XERQ04L5TgUvCkJjIK1ioKCwUAsxWvsagTdy/Sa4iJTCVENQ3JhU9/m0rRMmhYXfx3Vmd+C93PSvZBH3PAWasomPXb6GiK3xKP9By6S6Ws5Qkzhp42NA+h+Tl47//UR2oFp14QZge7trw0eLYvCZU6/lN6pc5/hfpxX1Gz+VcnrfSewvKMCtkhn2cq8Mhszu3q112CXR0TXMt8wsXZXkQqFB5N3AQ7ioGyYs4cJElpVgH0H5rW81pauI7xwAA3iXpXTraYnXhxW2qcsKosCIJD1yjo7IrxMVJbQEKmd9awI7GxVoz+tWHzfXwTLq38QZH4tWn8v2XrY PSSMRGcZ Ajl7trSlFEhP6Pwt95uMMI8Gsja9M/lNtda9aQBIw2N5Fev0j11ok2yFaQnFJdWMGuEeKEBxuYKXXNAa7kmL7K9uRTNQdOX/dgDBhaumBikNEmDHWDbncyq0Kkeu/ELjJiiKfiTUbSKaBQaLrUVdwIxZgto270RpPyO7RQm681IoucF6KQUsORxzJuaGoE77NmXwRuBa38QRLSJ15MlBAnV4RnJbq2lK49jBoPc+t0DzdLOKEKt4QnzaiwipG8w6eTXbr/+jj906ZhYAJmEmIW9MIiR/+AMMEtjXD+8Lp0UjHH2xxzGhx5ceyMU8UBHZjJshwZang0Ld8V03o+HBOb48eh0dTrn6GjQvxGxs4LdpNx7VLG5zjDWaiGvuUJaWnx9rnlexQbdHiN+F3ldF3ILALhZjHlUq0fgY+5guOuJVV8T4= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Prevent tmpfs instances mounted in an unprivileged namespaces from evading accounting of locked memory by using the "noswap" mount option. Cc: Luis Chamberlain Reported-by: Hugh Dickins Link: https://lore.kernel.org/lkml/79eae9fe-7818-a65c-89c6-138b55d609a@google.com Signed-off-by: Christian Brauner Reviewed-by: Luis Chamberlain --- mm/shmem.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/mm/shmem.c b/mm/shmem.c index 787e83791eb5..21ce9b26bb4d 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -3571,6 +3571,10 @@ static int shmem_parse_one(struct fs_context *fc, struct fs_parameter *param) ctx->seen |= SHMEM_SEEN_INUMS; break; case Opt_noswap: + if ((fc->user_ns != &init_user_ns) || !capable(CAP_SYS_ADMIN)) { + return invalfc(fc, + "Turning off swap in unprivileged tmpfs mounts unsupported"); + } ctx->noswap = true; ctx->seen |= SHMEM_SEEN_NOSWAP; break;