[Devel] [PATCH RHEL10 COMMIT] hugetlbfs: enforce F_SEAL_EXEC in setattr

Konstantin Khorenko khorenko at virtuozzo.com
Mon Jun 29 17:45:08 MSK 2026


The commit is pushed to "branch-rh10-6.12.0-211.16.1.12.x.vz10-ovz" and will appear at git at bitbucket.org:openvz/vzkernel.git
after rh10-6.12.0-211.16.1.12.5.vz10
------>
commit 834f930119ec094267119df081275bbb9f7a1e1d
Author: Eva Kurchatova <eva.kurchatova at virtuozzo.com>
Date:   Thu Jun 25 01:38:46 2026 +0300

    hugetlbfs: enforce F_SEAL_EXEC in setattr
    
    Commit 6fd735518263 ('mm/memfd: add F_SEAL_EXEC') added the F_SEAL_EXEC
    seal to memfd, with the corresponding enforcement implemented in
    shmem_setattr(): once F_SEAL_EXEC is set, fchmod() of any of the execute
    bits (S_IXUSR|S_IXGRP|S_IXOTH) is rejected with -EPERM.
    
    The hugetlbfs equivalent in hugetlbfs_setattr() was missed, even though
    hugetlbfs memfd files carry the same 'info->seals' bitmap and the same
    F_SEAL_EXEC bit can be added through memfd_create(... MFD_HUGETLB ...)
    plus fcntl(F_ADD_SEALS, F_SEAL_EXEC). As a result, the seal is silently
    ignored on hugetlbfs memfds and fchmod() may turn execute bits back on
    after the seal has been applied.
    
    Mirror the shmem check in hugetlbfs_setattr() so that ATTR_MODE changes
    that flip any execute bit on a sealed inode return -EPERM. This also
    fixes the memfd_test 'hugetlbfs' SEAL-EXEC subtest, which previously
    aborted on:
    
      tools/testing/selftests/memfd# ./memfd_test hugetlbfs
      memfd-hugetlb: CREATE
      memfd-hugetlb: BASIC
      memfd-hugetlb: SEAL-EXEC
      memfd-hugetlb:        Apply SEAL_EXEC
      fchmod(/memfd:kern_memfd_seal_exec (deleted), 00777) didn't fail as expected
      Aborted                    (core dumped) ./memfd_test hugetlbfs
    
    https://virtuozzo.atlassian.net/browse/VSTOR-133571
    Fixes: 6fd735518263 ("mm/memfd: add F_SEAL_EXEC")
    Reviewed-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
    Signed-off-by: Eva Kurchatova <eva.kurchatova at virtuozzo.com>
    Feature: fix selftests
---
 fs/hugetlbfs/inode.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c
index 2e39a46bd93ba..5000ac4ad9386 100644
--- a/fs/hugetlbfs/inode.c
+++ b/fs/hugetlbfs/inode.c
@@ -861,6 +861,11 @@ static int hugetlbfs_setattr(struct mnt_idmap *idmap,
 	if (error)
 		return error;
 
+	if ((info->seals & F_SEAL_EXEC) && (ia_valid & ATTR_MODE)) {
+		if ((inode->i_mode ^ attr->ia_mode) & 0111)
+			return -EPERM;
+	}
+
 	if (ia_valid & ATTR_SIZE) {
 		loff_t oldsize = inode->i_size;
 		loff_t newsize = attr->ia_size;


More information about the Devel mailing list